From c95c5aff3f975aff8fe525096264b3ee7b85c2e1 Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:39:57 -0300
Subject: [PATCH 01/19] clean release.yaml

---
 release.yaml | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/release.yaml b/release.yaml
index 39aa552c47..8b13789179 100644
--- a/release.yaml
+++ b/release.yaml
@@ -1,8 +1 @@
-rancher-logging:
-  - 105.2.1+up4.10.0
-rancher-logging-crd:
-  - 105.2.1+up4.10.0
-rancher-monitoring:
-  - 105.1.3+up61.3.2
-rancher-monitoring-crd:
-  - 105.1.3+up61.3.2
+

From 884038f5b7aa9f0d79f948f23c0cc537554061ad Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:41:55 -0300
Subject: [PATCH 02/19] fp: rancher-webhook 104.0.7+up0.5.7

---
 .../rancher-webhook-104.0.7+up0.5.7.tgz       | Bin 0 -> 2794 bytes
 .../104.0.7+up0.5.7/Chart.yaml                |  14 +++
 .../104.0.7+up0.5.7/templates/_helpers.tpl    |  22 +++++
 .../104.0.7+up0.5.7/templates/deployment.yaml |  82 ++++++++++++++++++
 .../104.0.7+up0.5.7/templates/rbac.yaml       |  12 +++
 .../104.0.7+up0.5.7/templates/secret.yaml     |  11 +++
 .../104.0.7+up0.5.7/templates/service.yaml    |  13 +++
 .../templates/serviceaccount.yaml             |  11 +++
 .../104.0.7+up0.5.7/templates/webhook.yaml    |   9 ++
 .../104.0.7+up0.5.7/tests/README.md           |  16 ++++
 .../tests/deployment_test.yaml                |  73 ++++++++++++++++
 .../104.0.7+up0.5.7/tests/service_test.yaml   |  18 ++++
 .../104.0.7+up0.5.7/values.yaml               |  30 +++++++
 index.yaml                                    |  18 ++++
 release.yaml                                  |   3 +-
 15 files changed, 331 insertions(+), 1 deletion(-)
 create mode 100644 assets/rancher-webhook/rancher-webhook-104.0.7+up0.5.7.tgz
 create mode 100644 charts/rancher-webhook/104.0.7+up0.5.7/Chart.yaml
 create mode 100644 charts/rancher-webhook/104.0.7+up0.5.7/templates/_helpers.tpl
 create mode 100644 charts/rancher-webhook/104.0.7+up0.5.7/templates/deployment.yaml
 create mode 100644 charts/rancher-webhook/104.0.7+up0.5.7/templates/rbac.yaml
 create mode 100644 charts/rancher-webhook/104.0.7+up0.5.7/templates/secret.yaml
 create mode 100644 charts/rancher-webhook/104.0.7+up0.5.7/templates/service.yaml
 create mode 100644 charts/rancher-webhook/104.0.7+up0.5.7/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-webhook/104.0.7+up0.5.7/templates/webhook.yaml
 create mode 100644 charts/rancher-webhook/104.0.7+up0.5.7/tests/README.md
 create mode 100644 charts/rancher-webhook/104.0.7+up0.5.7/tests/deployment_test.yaml
 create mode 100644 charts/rancher-webhook/104.0.7+up0.5.7/tests/service_test.yaml
 create mode 100644 charts/rancher-webhook/104.0.7+up0.5.7/values.yaml

diff --git a/assets/rancher-webhook/rancher-webhook-104.0.7+up0.5.7.tgz b/assets/rancher-webhook/rancher-webhook-104.0.7+up0.5.7.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..ed805d0bea1e3c9b791699ee075caeb3f9f0be2d
GIT binary patch
literal 2794
zcmV<G3KjJqiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PH(qZ`(H0{j6VcaNZaF@K&<yIL<0;FW|Y^o&t><BteG<!;sO^
z+2%@-sz^EW(){-aBqdpr<+y7Cr+eW0l88Ls9m%`n9eGX(4;Praw>Vu0@v%EzkW_gq
z60;Xi2EOn6!@<D(^?kqj*FPN&U-Sm2C#SvBo`2kb;r9mp;pq$TpH77BkV!?-7yhGp
zH7EBE0m8XZL{Y(I-~fa~5hmtdNR(peQPB-CRdhx%3Lw{&R<s3;BIE&dRGML@73E_#
zMR$p*q=E<VJ@mZep69!MD>5fB%7la%fNgZ;N-B(7k%bI^QJ($T+M8e+QzhLJ>(wpg
zk+_wu*o8rqg1-F!AE58O){?^a(D!=2{`Y13U}Q)nx?1{jy$aiMNJ2jpRF{2+BuV+{
zdnewh6QK-KnkdusfiM~oMfrRb#Z+p%Uo0V*i4-m^aZsxSrPI!^oI}qac)oY~e_3J~
zt@poa|4YI$luzpbcG!RK<k)Z8|4HxoVE_978k0F{%TF;8k}8p|N<Hc}^$9?cc>qhR
zL;z;+MaI~LU^H9>@OCy4>LNvnTsh91i78>ZTT#rg0kC%b24^H=>JsNvD$TQ_oyI~)
zH9>VN(vJbm2$SeIaTx1?$jOvxFQgre;~aq!3{&g5j6tXcLM|vom@u)5kt+|b5MiNI
zB7?4RK`BRtQd?^zLfH)k4>3`)E5ijw8KZpe;*y4%a90t^l}mW!uDNv$w^*bIl+T1y
zkt2X#e{;Bq@Cq4*N~8hY-8;_F5nQBHq*SfOj7T{lF#?g2&N)V)L{(fTX=0kCagHDn
zsme!5xLwe2VVjhIOd{MakVBerPWgPp5op8!UJnMxn$iVHNsJ0pyKp2^3*?H1#@U#4
zG_IN?RARcs)N?e7-h?9<kJ`r6@gZasxdMH3NDto50OLfhUX|^Fa}4dy-BQMY3k6fG
z62-_f?9MZ3x~4?paNr^jMP&Odt??+=oFf=9CT<y(3d9V?6Favr6pZkdX@q=FrYo}y
z;}ImOSkee1puA*hh1LRxT6L^EM6<_eJh58v+;;t?(DeTb<Af1~vU{^YmS8G9l|1q&
z*ctzw^c((vI6OHy`2T&t-JJ^&&L~IdSkHVDS=W4%=DxWD?)|-^5$O!P4>mxszP$*2
zT77ysEJ-O>GwA%U>~_A205XZ?M`tY$@@V6Kr#hpCc6*FWkx5H{B*|vPR8VRXGI67;
zU3=vu$O*ad5%mF9jYqXhGNDwEkJSx0n_;K|=uE_wJ#0**ED}vm9~PanPZ?pI?enRK
zA@d`~%1}Sp*70zKQv3dIxBtqa^vGy%hy4$R{%OPhPX~VgVE_97tswuS4_*j<C~ebx
ze}>!<Ktw|Y#$wj_3rP~$UG|)hlt%%)DRsq(QIUu!qQiyutVAXl>fS<wZCDr+6)xTx
z`?L)JtriMUsAxW}!cPOMk=RNEpb$et?%d2mc;zvFf1h_R1<PVAiMsj3ETS8dl9|LX
zMYU#Lv`kv@E6%1SM#Du`g5ou5EmAfi@fMnmaP$r+4_Ov%b0!{q22OdT!=&%FN>(Kb
z#sPy8|0XeO$M_8G6l;Rk;^-}M)_iYO)Ztc9t7$^3q*a7c(BT7uhJx$70Mm*>AYZO`
zz0i-V>(Ti|MHh+#;qI>BEftBA`}@wu(6h<t$9HEp=i~DS$H!sp<%v-nmGS8M`rX;h
z#rw<aO)_gLCXHB|yG|3}GknT~!gA7UqLb12+115peAXoSQ!3)B>I2Luvgi_L_13)o
zf~ZAMny*)0_>{Ocqg;pA&?3|5-Mja{oV~djPp&p6`tt4${t%Qy=T)bT+RGZp+E(W&
zuBB1<od*IX5AN^p?n>1%gS~ZT4fprKMz<pKnh@<yvnEe9<?d_{Y@k3@GxS!=O-(iV
zab@L76~8cvV}(VVu2hywAEqixE>bbY>aJ@BKi54YKw>nY(_J88YVlX6-f1{@jAZp5
zov53%_+Qu87gyE38KEpo@p_S>TnH8gF!U?k38qv;R~QN&$pB8uE=HHgQOai$d#hYK
zj-}#YIu{vl+ttnU2_V+E*7Uk6PP!kzlZB4CHc9Tb4NH+k?>Sr5&YD((X}I5zBokCW
zQXXAlx}+i2v<1V=+;s@9@Xy*Zha@3W%BZ3!>&s7~sNUeh<m~$9$G4L=H&<tuAKq3x
z(}sM~3NZ>py$+KHOsz4Gjcb`T&9)nxigRuDuFbI`-Lu7i+vERqO2VhP2i}$c4~~1y
z{J+=t5Apv#pc>Pg9oN1_r1UQn5qTfKGYMrG=#N<@6{eShp|)wt=U));r-ES~1(1aP
zoQf=YfSCiZ!K)-4+BTO&G3AcTrhj0lU7wqexvJUsR*7tT{=Rf~=Uv)&8*fsyZcCT{
z>tMV6+sx%DJispdKklD2?f=9-*#BPO@8thm!;#v<X3r_SK}ftX4<9$j6!xl>ti^{^
zgOIIn!D^LY0Php>DMRO5I8Fa~@R0o*SNa4FV5j{LoA1BF;mP6tZ!b_gHk*dL`)Gf_
zIE(wWGUash<Y+KBHUY3A=^WMH$uN^tC=m)4!1dT(tkl!j`i)}i&EIpc_qPT+?Vs3C
z>M?F$XZ-Is-v9c3zdtzG|308$@vTwxZa3h%Zqs*s9VJ(0k<I`bWobnPiK*JC7D;uk
zMtLnnNH|OpXq;dw1t-duR!mn3k+R7KmU(fN;GO5*f#-$o_Fuf2?&17D8El^ahx)I*
zK<!Phs58tjwA-%$)^&+_IpSFG8J%YqeY=UT%Op44#g{QY&(!1CKKELGi?C_`QpxV+
z+33yrnHNV-!ei(8f7-Nv{c*7WeSmXx1Wbg4L4-@tyHEKXD3>bDY>A%Zyf=p}^aA)P
zV+_ItNfnIWLYi^7rD_4hyr2}9bB^=-@4rupTsU6W9@VmI#>j3+L3frU`vF{|RGN|m
zGAEj^sl2m11ZOK)lRGkU5ylM40$B_R%jT5BjHXh7TWc$Di`vgQRf}xug(B{1G&kc^
z>G{^byg5~l=BC%fEyS;*$c3H6bMM_#K)d~~YkzLcj2{;R?6Cji)4_4G{%7bP>i_lv
zGNTG}E38!UlwqJv+#9uEj$_os_E8mpT!@TCAW>CHux<Ws(s}!<0-KdfiIq2K7w}VN
zi^S{it1`jRE5z{3*ShfHSN}J2PhkG3Jyvf%|GzHo8#J>VSAGRQ<jckjIr7HK@IzG>
z>+%gPP{(OoyDW)J-cqb#QcOs$-=OUsO8>a``gxYK<ovBHrxs{)Ik`|~NvrS3FkKaD
z>9sE&m6MEp&FVE?vRikTH^ng}`<oBsRGLS2uetLZn3c!)jhQ@RXBu<ysxo^didwd9
z^96p}e&nTeAktd#LS<_ny)!wBuODhfYTd)}$QCc<n>QYTNNnjCNl{}oH?8*W5j1|s
z;D%V5SfehfTFp`a5ksZp5AhVcUtg~s*4S1Y(pL8fJ8B;vrJ=QLdW6_tSq!tK9A-c6
zu)Wl+bcc0ad8IYv!Sla8{>$%vpCb7Cg8c8~c%%N?A0F<1_5#)TuXqJ&1b@|sz`aF&
wWjL~aCE60&JrqdU!A~AXeUWg6^mA|T0S<7018jx=1ONd4|5}=`q5wny06pS?t^fc4

literal 0
HcmV?d00001

diff --git a/charts/rancher-webhook/104.0.7+up0.5.7/Chart.yaml b/charts/rancher-webhook/104.0.7+up0.5.7/Chart.yaml
new file mode 100644
index 0000000000..ca632c1454
--- /dev/null
+++ b/charts/rancher-webhook/104.0.7+up0.5.7/Chart.yaml
@@ -0,0 +1,14 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: < 1.31.0-0
+  catalog.cattle.io/namespace: cattle-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
+  catalog.cattle.io/release-name: rancher-webhook
+apiVersion: v2
+appVersion: 0.5.7
+description: ValidatingAdmissionWebhook for Rancher types
+name: rancher-webhook
+version: 104.0.7+up0.5.7
diff --git a/charts/rancher-webhook/104.0.7+up0.5.7/templates/_helpers.tpl b/charts/rancher-webhook/104.0.7+up0.5.7/templates/_helpers.tpl
new file mode 100644
index 0000000000..c37a65c6f3
--- /dev/null
+++ b/charts/rancher-webhook/104.0.7+up0.5.7/templates/_helpers.tpl
@@ -0,0 +1,22 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "rancher-webhook.labels" -}}
+app: rancher-webhook
+{{- end }}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-webhook/104.0.7+up0.5.7/templates/deployment.yaml b/charts/rancher-webhook/104.0.7+up0.5.7/templates/deployment.yaml
new file mode 100644
index 0000000000..b8a7201dac
--- /dev/null
+++ b/charts/rancher-webhook/104.0.7+up0.5.7/templates/deployment.yaml
@@ -0,0 +1,82 @@
+{{- $auth := .Values.auth | default dict }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: rancher-webhook
+spec:
+  selector:
+    matchLabels:
+      app: rancher-webhook
+  template:
+    metadata:
+      labels:
+        app: rancher-webhook
+    spec:
+      {{- if $auth.clientCA }}
+      volumes:
+      - name: client-ca
+        secret:
+          secretName: client-ca
+      {{- end }}
+      {{- if .Values.global.hostNetwork }}
+      hostNetwork: true
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      {{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 6 }}
+      {{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 6 }}
+      {{- end }}
+      containers:
+      - env:
+        - name: STAMP
+          value: "{{.Values.stamp}}"
+        - name: ENABLE_MCM
+          value: "{{.Values.mcm.enabled}}"
+        - name: CATTLE_PORT
+          value: {{.Values.port | default 9443 | quote}}
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        {{- if $auth.allowedCNs }}
+        - name: ALLOWED_CNS
+          value: '{{ join "," $auth.allowedCNs }}'
+        {{- end }}
+        image: '{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}'
+        name: rancher-webhook
+        imagePullPolicy: "{{ .Values.image.imagePullPolicy }}"
+        ports:
+        - name: https
+          containerPort: {{ .Values.port | default 9443 }}
+        startupProbe:
+          httpGet:
+            path: "/healthz"
+            port: "https"
+            scheme: "HTTPS"
+          failureThreshold: 60
+          periodSeconds: 5
+        livenessProbe:
+          httpGet:
+            path: "/healthz"
+            port: "https"
+            scheme: "HTTPS"
+          periodSeconds: 5
+        {{- if $auth.clientCA }}
+        volumeMounts:
+        - name: client-ca
+          mountPath: /tmp/k8s-webhook-server/client-ca
+          readOnly: true
+        {{- end }}
+        {{- if .Values.capNetBindService }}
+        securityContext:
+          capabilities:
+            add:
+            - NET_BIND_SERVICE
+        {{- end }}
+      serviceAccountName: rancher-webhook
+      {{- if .Values.priorityClassName }}
+      priorityClassName: "{{.Values.priorityClassName}}"
+      {{- end }}
diff --git a/charts/rancher-webhook/104.0.7+up0.5.7/templates/rbac.yaml b/charts/rancher-webhook/104.0.7+up0.5.7/templates/rbac.yaml
new file mode 100644
index 0000000000..f4364995c0
--- /dev/null
+++ b/charts/rancher-webhook/104.0.7+up0.5.7/templates/rbac.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: rancher-webhook
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+- kind: ServiceAccount
+  name: rancher-webhook
+  namespace: {{.Release.Namespace}}
\ No newline at end of file
diff --git a/charts/rancher-webhook/104.0.7+up0.5.7/templates/secret.yaml b/charts/rancher-webhook/104.0.7+up0.5.7/templates/secret.yaml
new file mode 100644
index 0000000000..9fd331dc1e
--- /dev/null
+++ b/charts/rancher-webhook/104.0.7+up0.5.7/templates/secret.yaml
@@ -0,0 +1,11 @@
+{{- $auth := .Values.auth | default dict }}
+{{- if $auth.clientCA }}
+apiVersion: v1
+data:
+  ca.crt: {{ $auth.clientCA }}
+kind: Secret
+metadata:
+  name: client-ca
+  namespace: cattle-system
+type: Opaque
+{{- end }}
diff --git a/charts/rancher-webhook/104.0.7+up0.5.7/templates/service.yaml b/charts/rancher-webhook/104.0.7+up0.5.7/templates/service.yaml
new file mode 100644
index 0000000000..220afebeae
--- /dev/null
+++ b/charts/rancher-webhook/104.0.7+up0.5.7/templates/service.yaml
@@ -0,0 +1,13 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: rancher-webhook
+  namespace: cattle-system
+spec:
+  ports:
+  - port: 443
+    targetPort: {{ .Values.port | default 9443 }}
+    protocol: TCP
+    name: https
+  selector:
+    app: rancher-webhook
diff --git a/charts/rancher-webhook/104.0.7+up0.5.7/templates/serviceaccount.yaml b/charts/rancher-webhook/104.0.7+up0.5.7/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..9e7ad7e1fe
--- /dev/null
+++ b/charts/rancher-webhook/104.0.7+up0.5.7/templates/serviceaccount.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: rancher-webhook
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: rancher-webhook-sudo
+  annotations:
+    cattle.io/description: "SA which can be impersonated to bypass rancher-webhook validation"
\ No newline at end of file
diff --git a/charts/rancher-webhook/104.0.7+up0.5.7/templates/webhook.yaml b/charts/rancher-webhook/104.0.7+up0.5.7/templates/webhook.yaml
new file mode 100644
index 0000000000..53a0687b6f
--- /dev/null
+++ b/charts/rancher-webhook/104.0.7+up0.5.7/templates/webhook.yaml
@@ -0,0 +1,9 @@
+apiVersion: admissionregistration.k8s.io/v1
+kind: ValidatingWebhookConfiguration
+metadata:
+  name: rancher.cattle.io
+---
+apiVersion: admissionregistration.k8s.io/v1
+kind: MutatingWebhookConfiguration
+metadata:
+  name: rancher.cattle.io
diff --git a/charts/rancher-webhook/104.0.7+up0.5.7/tests/README.md b/charts/rancher-webhook/104.0.7+up0.5.7/tests/README.md
new file mode 100644
index 0000000000..6d3059a005
--- /dev/null
+++ b/charts/rancher-webhook/104.0.7+up0.5.7/tests/README.md
@@ -0,0 +1,16 @@
+
+## local dev testing instructions
+
+Option 1: Full chart CI run with a live cluster
+
+```bash
+./scripts/charts/ci 
+```
+
+Option 2: Test runs against the chart only 
+
+```bash
+# install the helm plugin first - helm plugin install https://github.com/helm-unittest/helm-unittest.git
+bash dev-scripts/helm-unittest.sh
+```
+
diff --git a/charts/rancher-webhook/104.0.7+up0.5.7/tests/deployment_test.yaml b/charts/rancher-webhook/104.0.7+up0.5.7/tests/deployment_test.yaml
new file mode 100644
index 0000000000..bbd6e30444
--- /dev/null
+++ b/charts/rancher-webhook/104.0.7+up0.5.7/tests/deployment_test.yaml
@@ -0,0 +1,73 @@
+suite: Test Deployment
+templates:
+  - deployment.yaml
+
+tests:
+  - it: should set webhook default port values
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].ports[0].containerPort
+          value: 9443
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: CATTLE_PORT
+            value: "9443"
+
+  - it: should set updated webhook port
+    set:
+      port: 2319
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].ports[0].containerPort
+          value: 2319
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: CATTLE_PORT
+            value: "2319"
+
+  - it: should not set capabilities by default.
+    asserts:
+      - isNull:
+          path: spec.template.spec.containers[0].securityContext
+
+  - it: should set net capabilities when capNetBindService is true.
+    set:
+      capNetBindService: true
+    asserts:
+      - contains:
+          path: spec.template.spec.containers[0].securityContext.capabilities.add
+          content: NET_BIND_SERVICE
+
+  - it: should not set volumes or volumeMounts by default
+    asserts:
+      - isNull:
+          path: spec.template.spec.volumes
+      - isNull:
+          path: spec.template.spec.volumeMounts
+
+  - it: should set CA fields when CA options are set
+    set:
+      auth.clientCA: base64-encoded-cert
+      auth.allowedCNs:
+        - kube-apiserver
+        - joe
+    asserts:
+      - contains:
+          path: spec.template.spec.volumes
+          content:
+            name: client-ca
+            secret:
+              secretName: client-ca
+      - contains:
+          path: spec.template.spec.containers[0].volumeMounts
+          content:
+            name: client-ca
+            mountPath: /tmp/k8s-webhook-server/client-ca
+            readOnly: true
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: ALLOWED_CNS
+            value: kube-apiserver,joe
diff --git a/charts/rancher-webhook/104.0.7+up0.5.7/tests/service_test.yaml b/charts/rancher-webhook/104.0.7+up0.5.7/tests/service_test.yaml
new file mode 100644
index 0000000000..03172ad033
--- /dev/null
+++ b/charts/rancher-webhook/104.0.7+up0.5.7/tests/service_test.yaml
@@ -0,0 +1,18 @@
+suite: Test Service
+templates:
+  - service.yaml
+
+tests:
+  - it: should set webhook default port values
+    asserts:
+      - equal:
+          path: spec.ports[0].targetPort
+          value: 9443
+
+  - it: should set updated target port
+    set:
+      port: 2319
+    asserts:
+      - equal:
+          path: spec.ports[0].targetPort
+          value: 2319
diff --git a/charts/rancher-webhook/104.0.7+up0.5.7/values.yaml b/charts/rancher-webhook/104.0.7+up0.5.7/values.yaml
new file mode 100644
index 0000000000..d1b2854aa8
--- /dev/null
+++ b/charts/rancher-webhook/104.0.7+up0.5.7/values.yaml
@@ -0,0 +1,30 @@
+image:
+  repository: rancher/rancher-webhook
+  tag: v0.5.7
+  imagePullPolicy: IfNotPresent
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+  hostNetwork: false
+
+mcm:
+  enabled: true
+
+# tolerations for the webhook deployment. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ for more info
+tolerations: []
+nodeSelector: {}
+
+## PriorityClassName assigned to deployment.
+priorityClassName: ""
+
+# port assigns which port to use when running rancher-webhook
+port: 9443
+
+# Parameters for authenticating the kube-apiserver.
+auth:
+  # CA for authenticating kube-apiserver client certs. If empty, client connections will not be authenticated.
+  # Must be base64-encoded.
+  clientCA: ""
+  # Allowlist of CNs for kube-apiserver client certs. If empty, any cert signed by the CA provided in clientCA will be accepted.
+  allowedCNs: []
diff --git a/index.yaml b/index.yaml
index 849c8ae724..3342cf391a 100755
--- a/index.yaml
+++ b/index.yaml
@@ -22460,6 +22460,24 @@ entries:
     urls:
     - assets/rancher-webhook/rancher-webhook-105.0.0+up0.6.1.tgz
     version: 105.0.0+up0.6.1
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/kube-version: < 1.31.0-0
+      catalog.cattle.io/namespace: cattle-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
+      catalog.cattle.io/release-name: rancher-webhook
+    apiVersion: v2
+    appVersion: 0.5.7
+    created: "2025-02-25T21:41:15.57879279-03:00"
+    description: ValidatingAdmissionWebhook for Rancher types
+    digest: 6ec06c0a12861569268eb54e2f24fea91587a1e21cf545ceb15ad4e631c639c3
+    name: rancher-webhook
+    urls:
+    - assets/rancher-webhook/rancher-webhook-104.0.7+up0.5.7.tgz
+    version: 104.0.7+up0.5.7
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
diff --git a/release.yaml b/release.yaml
index 8b13789179..8cdd2c58b2 100644
--- a/release.yaml
+++ b/release.yaml
@@ -1 +1,2 @@
-
+rancher-webhook:
+  - 104.0.7+up0.5.7

From a9484c6674202aa45c91dfe4bbefeff29c0f74e3 Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:42:37 -0300
Subject: [PATCH 03/19] fp: rancher-logging 104.2.0+up4.8.0

---
 .../rancher-logging-104.2.0+up4.8.0.tgz       | Bin 0 -> 19950 bytes
 .../104.2.0+up4.8.0/.helmignore               |  26 +
 .../104.2.0+up4.8.0/Chart.yaml                |  30 ++
 .../rancher-logging/104.2.0+up4.8.0/README.md | 134 +++++
 .../104.2.0+up4.8.0/app-readme.md             |  45 ++
 .../104.2.0+up4.8.0/templates/NOTES.txt       |   0
 .../templates/_generic_fluentbitagent.yaml    |  85 +++
 .../templates/_generic_logging.yaml           |  75 +++
 .../104.2.0+up4.8.0/templates/_helpers.tpl    | 231 +++++++++
 .../templates/clusterrole.yaml                | 388 ++++++++++++++
 .../templates/clusterrolebinding.yaml         |  18 +
 .../104.2.0+up4.8.0/templates/crds.yaml       |   6 +
 .../104.2.0+up4.8.0/templates/deployment.yaml |  79 +++
 .../templates/extra-manifests.yaml            |   4 +
 .../templates/logging/clusterflows.yaml       |  14 +
 .../templates/logging/clusteroutputs.yaml     |  14 +
 .../templates/logging/eventtailer.yaml        |  41 ++
 .../templates/logging/fluentbit.yaml          |  17 +
 .../templates/logging/hosttailer.yaml         |  31 ++
 .../templates/logging/logging.yaml            |  60 +++
 .../loggings/aks/fluentbitagent.yaml          |  20 +
 .../templates/loggings/aks/logging.yaml       |  12 +
 .../loggings/eks/fluentbitagent.yaml          |  21 +
 .../templates/loggings/eks/logging.yaml       |  20 +
 .../loggings/gke/fluentbitagent.yaml          |  20 +
 .../templates/loggings/gke/logging.yaml       |  12 +
 .../templates/loggings/k3s/configmap.yaml     |  57 +++
 .../templates/loggings/k3s/daemonset.yaml     | 112 ++++
 .../loggings/k3s/fluentbitagent.yaml          |  21 +
 .../loggings/k3s/logging-k3s-openrc.yaml      |  12 +
 .../loggings/kube-audit/fluentbitagent.yaml   |  24 +
 .../loggings/kube-audit/logging.yaml          |  15 +
 .../templates/loggings/rke/configmap.yaml     |  29 ++
 .../templates/loggings/rke/daemonset.yaml     | 124 +++++
 .../templates/loggings/rke2/configmap.yaml    |  69 +++
 .../templates/loggings/rke2/daemonset.yaml    | 118 +++++
 .../loggings/root/fluentbitagent.yaml         |  29 ++
 .../templates/loggings/root/logging.yaml      |  67 +++
 .../104.2.0+up4.8.0/templates/service.yaml    |  20 +
 .../templates/service_monitor.yaml            |  30 ++
 .../templates/serviceaccount.yaml             |  14 +
 .../templates/test_receiver.yaml              |  53 ++
 .../104.2.0+up4.8.0/templates/userrole.yaml   |  39 ++
 .../104.2.0+up4.8.0/templates/userroles.yaml  |  35 ++
 .../templates/validate-install-crd.yaml       |  29 ++
 .../templates/validate-install.yaml           |   5 +
 .../templates/validate-psp-install.yaml       |   7 +
 .../values-logging-example.yaml               |  24 +
 .../104.2.0+up4.8.0/values.yaml               | 484 ++++++++++++++++++
 index.yaml                                    |  34 ++
 release.yaml                                  |   2 +
 51 files changed, 2856 insertions(+)
 create mode 100644 assets/rancher-logging/rancher-logging-104.2.0+up4.8.0.tgz
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/.helmignore
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/Chart.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/README.md
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/app-readme.md
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/NOTES.txt
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/_generic_fluentbitagent.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/_generic_logging.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/_helpers.tpl
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/clusterrole.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/clusterrolebinding.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/crds.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/deployment.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/extra-manifests.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/logging/clusterflows.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/logging/clusteroutputs.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/logging/eventtailer.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/logging/fluentbit.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/logging/hosttailer.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/logging/logging.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/aks/fluentbitagent.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/aks/logging.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/eks/fluentbitagent.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/eks/logging.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/gke/fluentbitagent.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/gke/logging.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/k3s/configmap.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/k3s/daemonset.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/k3s/fluentbitagent.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/k3s/logging-k3s-openrc.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/kube-audit/fluentbitagent.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/kube-audit/logging.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/rke/configmap.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/rke/daemonset.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/rke2/configmap.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/rke2/daemonset.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/root/fluentbitagent.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/root/logging.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/service.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/service_monitor.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/test_receiver.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/userrole.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/userroles.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/validate-install.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/values-logging-example.yaml
 create mode 100644 charts/rancher-logging/104.2.0+up4.8.0/values.yaml

diff --git a/assets/rancher-logging/rancher-logging-104.2.0+up4.8.0.tgz b/assets/rancher-logging/rancher-logging-104.2.0+up4.8.0.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..0d006aabf692ef2e3b966b0bc2ef81933e251ae5
GIT binary patch
literal 19950
zcmV)qK$^cFiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PMZ#avV3ZD181-KLt+H4wD*n^}<D-z9Uc2lw>PL3xlNWIHB<+
z(N*YfnAL?cfFji+`HTA+_x0|Re1XJLsI50HlE*|iEOr4%B(_9mA~V5p5>5&4#B4I5
z$)tNU#asq+Jd6M9)>5z6>mBUv!N0v;ul(<zzkl#w{k<pq2mO9;_n`k@z5d={@5z6m
z-tD2#oH8LX|F7PS+bVbN50Y?_Fo`8)i5RvJ3bDj7n*<@2GA03KU7ShQp^1<<j)$nU
zTsk3-p3blgr?quM!X+J361j@C#Uhf%Y%V%1=`b-w*EEUPwWu#jMH=IIC&4o^M6Wa!
zwIwgJ5$RkJE+|We=$r4JqJA(q2zs3!`a9|eyM6WNH?>t2aFODW43Ylmx+~^Fl38t~
zl<*mq0(ubBB>V7qQ9n}7u4qI=XL7}d$bb(<IQciGVa&29pezXEOi04VF}v<w^+!bF
zel0LNDTUq+g1?#04uXEKxwD+a1PfwDv^2l9HRL>1BcqY)NXFvYVj1m(Y?iWwB+_-U
zzGNySCwP{3U@!PK=(TW4f3jb$1}&VXKNSl^M1-8C5<Z#5fLKa6mW-n@<LIB+i136+
zBG3p65+RnL7jZ@s86liR=I;@eL2Js?08FJ!#jvZFkDZqZmD6k#P}ZWMYHCblGVFG-
z5JZY@%qC29OCuMEt4ZsU%&!@b#IV(I1JFTZ-M;&4L}g1g_mek$cCCKXs-G9ZG9D5D
zY%w-ShHO?qzH8U69hViVOi4WJgz6*^UC9aQ&M-~7=0gRZUJp1;V;TY_X}Njq_x6H8
z(EDqa>IwVY)b1gbQ~CVA!f{5#?J@w1&;Q-Q;9$Re{_pqu59j}Vq%HJ}jByrAq-P$e
zW_gPTtu1smr2<ibF#4av*RMKb#%EYc5&<z(1)h;G#+;xl%qbqlL?Fq~h@e!F$q3Oz
zGBjryN0Q9a7)v68R*Ms$8b>TsheW^CqBA@piWA`^Wr9k^=Z^YyXOwfsN!0PFRi{Fb
z5R!Oe&j^IlERK&^OvCvQy&S(`@|Y7r64`2z<Z6iC|I)f*aW*5u`}?&*NPlRN50c|U
zJ^==)gE}Np-Rr~zM}&7sOhQHUo=Tn(js9^K$EPIZ#6s9Yoenxgij*UopftuIL2QiV
zlpvt0I!g`x1y0l91&Z;A#3BId|MrS-P9riz?RF8CWJqKqA*sxyuC5@Cvp9x)q1xcY
zoE1S!Wh?{;Ob=ov+X2LBsxg85n%d9Em?i{yykzY%LMe+x(DGSM^znBGLotEq=;WC|
znOZQTxjWL|x^)<Gf+ac1gk-Z5)3YHO<5-YZOC4)!jsV_|XJ^MKrb3bgrA!TRHX9Kh
zs0G2e9HMV~-}YLz^eN$2G$bfeJ)sIW=)rFp;d3}Hk<cYnee<Vk3L$;^9cgap<uQB<
z?XMwv!x94Dw$PzBJd)MGhH~Z6(RE+JdRS0RFBm<Ze1t<c4o5IzNPV*v5Dr7NzJUYc
zELLj+A-$}lA%cYr)kR7|I-XbR&2W<8IG*c5I`dHHy#aP5gb8Z3W-L)#m?o29K5nn|
z$D!$3jw43LoXv=wl1#Wcw^L(kAvXGzgff824rQ|dVEm#8<`2iO@*z<fGa@++PY8?@
zO(uG8svKVWrWfQfi_j?vGfw6Fh$WJIkgz7od}e^&zh+!*>@oXg+vguO;|XF53q?0%
zNk~#Dx+xH&t}wtmp@!bwX>Dy)nw+vY5^CpkVsb@dWNRTTC8wiIv9@X+LpGbS1SwdU
zCWIqFq*PrB6jY$zk*4&pj1rb0&X`ntjiYNSrzoQl>i2p*05_o#8uWU-;4hD^`oS@a
zN_hQ65Bb&>;$&Q8n@io6SX@Hq$8?f$(otP;SXKw2l~&q<DcnMcXUU;>!;%xmq*<o+
z>pMaC5U^LD#^MLgvUCVNFw=SD2IjseRn+$e$1%G;=JbljWI~>c5XV?cGG=Ji!o<<r
zB%Z4dzo0SE;-~4l+B+dm@rcG$QX=$@M=0Vf9isQ`!&k4`b}hTjlyb@dmlzA7_G-|o
ze9}auxUC&IS(VhE7OJc5T2J<mj^A}(lNsZ4cTyove#?kZq6SqWb;})LW-o7{p9#tY
zkRZf~TKOc2P{Jgfh=ypH)t(=Ku&yOTF~L^^Nwp)e;%7pZh>)^O=pmglMe6L?r?y9+
zw-1g5Lo`uGkRU=G+)1ea<x;3+sDw+BTv5)F8A+tj+bX6?&IQ;GmB&bA;Z!yMnkG~&
zs{p+mEA|LQ3|-@-&=ap(mgwF}ebO_vhO}6{g<_hhA~^ar6Ocbs4J0HaLSR0BtjRr@
zG3Y%(VaDS*8gUF`GnRy-Z}Or3CNMzN6xg*DrWx$AnfX0~nH!@1;M>>KbWzXUYBgF3
zi^wUkP>g%4;th)kI%Ba~OlrZjWd65DqM_K~7>?|D3!6U*Oa-jg>nRPVP+CCGk69#;
z;#EaBB~ccGULa7E$2&7xTaGH^OURNjKqY9IWj}O$M74%$CZYlkD#g>7W!b7by#T}s
z852&D5ZF6~t!V`5-5;RmIGkGU(d3<wu|OeC)X9t|>Lhil1r%X2V~HU8xVJeG5)w-?
z&SF7ed*+ZdV`ulfM!nc^6i!KaiAH3sXrz+-=L*4uTs!EcfkJ2;v+E=Hc%&*DxRu`j
zJXPmEhvk1sQ$&+19McHBh}kuCz;Igd+l{hfE-q>MQWrkS=|vH^WnIyPBx*Ski)Y}8
zHymG=dMl*jU^GeKEK{=0lreR<qBP?v6Pkg_dst+VP2(?OJW<^;i@}?rkj>JVNCFI%
z`&=F&2S(+0bUhDCu|##{j;p*%H{_A9n#Hbb_*}8HqU+<LH^jn@M0MSW7Iq@KlO9B6
z{3Ca440=CMloBpLERaY@#?^MA`NmcPE#t0F`G(cx@JGU-I8G4xfK`7VE2=+b*J?zZ
z<V4MZiALFYO!%p8=O+*?EoDUMRp|akK<vGrNHN<)h}Vi}6}~GO^n~E(XHF$~n}o#A
z%;|TrN|`LXWQJgf_If|iTpXH<m`yrwe(<S8akkW!gHmsPD69^vPEfl6hB8awf`CMd
z#0ay~VEdM63X9b_pw8JCiXu715=Ash{@?%kze?zk>c~vyhyjIAAk?Io`B6U$i2M+<
z5su$xGR>qDm&b7?rs(;}$=ee|uHcZCOwnS_8P{dY6i~xKV;W1sfp-Rir=}gSv{W#e
z8x+;@fx>7;6q7*3OyM~JI4?99eTdmZL!Gg?01j<j11LxJOgFS#<;(O)mwe+Y-x=iM
zF>NI`O^s2+W|$^!m`6m*@Yhq4SbdKom+wwq0S<<_gu4+9;TZrJqPF=R#4N;dkWYid
z0~VDjg|5|ZE3Tvb=#A+mDV!JH`JuaQR->4*ERGb`7^R#^5~`yi*NBWc49z5qF$a!N
z1n8vLOis;JBbIzz(>MmskS3bp%wb}Iu1OrLaaN)NXYrf-+R0mfhjDeQu(2C}ytja)
zT7|BS0KLwn=90+=Re@d+&66ILT2x?^bZns?m7%wcykat3=U;F(JB(w0`4x{`#dIA`
z6tO)jQIEvt<ZM0aAbs6&O_L5*d5%_c2A3}0<sf`_K-@)+N8vQ*b4p}^>Qx9WavI4h
zb*z>J{f?C-tMpX$LF+J)cbk_VuET!tw_v|o3z?pe-SM86k#Vt|6607HIk<Xk7(2*Y
zY2>u7q}XcebTfy(B<EyNJ7h&AkB{RDeX+|X%sEA5?@Ce1grFeq&NVYeXM|<4qi^<V
zIMfD?A|h9sm$;r{DLM(c?rs%ebqcUL8kXLu7OMgkd=8yBAzC~6Gvk*rQ<D43*({SP
z>jfoobTq}ugqR*{LBxs6k|{w}tHD6BYhd5=yaEG{wpFGcpV%IdPM!whL(n*r87DjH
zXNU!~W0)C`WhYP&Cx}|C(O99ak6{3LO@*SiS!|Bv5itTsq{#|Kf-0T}Wod*Z$+e2B
z4NZ9wc%&On4Q(fopBa!*IPVI?y|#|Y%4?kxB^AXnN?Bys4u&rA_!4V%fZvo|xOTJQ
zI9|ZO0XI-#-2@z?Imy#$;xQ{qm>Z(^Z9t;^i;srI-c+@C<mlER0=Y#zMx0#&7Xo>m
zDZx=pgb3hgAg;ooa10Lzf9w5iP=KKCf6C-fE5m;kK;ZKX!=jx_meO#D;2%Bu&lL}L
zhG|T=*<EVQ<R6E1dfuE`LdlMVqVU;WA0ew-&hL@b!RCS1Wld4<w#lz7@nlggi6@2P
z`AyTJTHbw>U%7mBv<O7)H51BZ3I|k=ocatDv(<2bxbjva3S%s^W)Dz6dWaPqQ@SLb
z*wtMYOx6c%@86X4oa;R6KrH~`q?-N@bR#TG!CWVrUshZj8upq<Yz2J**|j+}HS25D
z)o_ePu}bwbXrQJ{6t<1N2Xh~rwh|Nr&Yg|R#q~B*fFCxQ+honlpk@TuUK9&pG%OLV
zxPXgzU8xSnmQ`5Ty7}=T;Cn~acX<e<SWbtidxd#7W|MAxp{SzYu{m1vaX!Nz&ISFq
z*Q(13r&)4Y$rP6~J&##3IR|~VpT!A|&Xt&Rt`4kflXcr7&-GTVH&Vq(%?DGHooKW1
zgt{F)Vk-@nX-z8!hDdR%F_D3P!K(|-@Q3G#<Wvb-gWe{6FLq4xL6Qi0LPA2XH0h`i
z2_w;H&a+#PQ5vl)3is?95zOI+wcVlZ$EdA%bM<cr{;vu@Rb}B5Q~wt-Vwp4?P(`y<
zyqT!pG~{;;`#p0xQKtukYJ-|ugMFxFn8X#$1O5Qk0r|DY(TTZYqG9P4-*3lWaujd$
z4oiq^ZK2b7BJl^bwbj}}=<oJMP;H6thAkM|zh9F1cSH1dFg5zFwWVr3*SiR+!JQ{#
z(iA6`BEU2JZ<gR|0al8f#iWCIGDLqrVKF&8d1IiQ5Rt_abr6ms64{%R@@<T3M6<}y
zh}99dEE`|C_srROB5{Nz_C6Koqg4>;7a_0yhp)wu;@NQ6AMEb!A3XW?Z@r-^(VfjZ
z6wf;9@77kUwY5C8w$O>Tkg8bBpr5o=*VamKT3bexMG+Zgpyba4@pKZJ5E#uYD1;FC
zK*AOjcjDWYyEXE3?Z(Cm_KiLOM9UDw<EzkGootzFQ101r<QHJ>5)L%QT3Q3Ommz8%
z{Z`X&zs76=rx{WLZ_9jr#U{sa!nM0ROW=t6m1R7^al6&h;+QdrmvMn~8U^<WnNT4W
zp=h_wHhfpOoE;H0Jo1|9i&-_8go0phm~zJ570S<AtK|&A)hK|zP+NylVOlVD_#{GC
z6hkX^;@`b|jHuKKM?s{n4f{+r+*YI8M%0*`8SNg3{y#f~nkQ!l=w+fOS%f6PoU+HN
z@|<Pp8dRmA^Yre3N*zEfai0uG@z^w>u_FdKGfE7#VezyBQ_AT1@<Xg>o&*evNQd<T
z4bW_(Zc$COBNko~e!`f1MmcD)=WaBtoxn3FgCbi1O|dYFkqGV?sxYjgmR}OnTeYN)
zIT_OrL(~q3|N0l?3-XF4*@s$TR+|iJ=L=Z9=bR{B&oc3=+d=B;9b3I+nP+s>3woe)
z9Q&%iC7{iwFP!xT-fqwf_KXG>G>zvaz)TEL+st6Qv8g)HgJ1wQoB3s=CM`F|w*!E@
zOTjfq*IMo8quLMp2c5m(+s-(P<5tTvJTnJo&ad!G(x}NOjUC*?pM$N}5VdJCX6=?e
zfM(~0bq3yNh}!$Fzi(^sgGTs5a+<zNBEm(;c&?#G=yF#y)^hyhIY}loAw$$QgtNT_
zD!y!jN*Z$}jpL){;4q8q=wS8d3mOy6X&cg8gMaF8#CGFApQ)LIc?QT<<n*jf%%={z
zB=aFGc{rMbqAi%Y!s(<jPKeWo0ErtK>g&Fe@fb9KZ`i3ZKUu8}BEx89(9b`RFq3ei
zx<gR_Xarjpu{5{dGF#Ql7A^03rsdT3RqC~c&Za~VXKiRMN7Z3>rC8CN*L;j<62@7i
zeqE6y@~rNTPJ{)FXoA{JTd5ti3|&{XBs7en%c9a;epUu8Z_C$R$ZJMArdK2(LL758
zvfO)^o+_&ER*aTt277}&Eqj45fa7N*#`9AWvLq5iw5#({!YP<C>aYEMLoo~YsQ!(;
z{#~$if-lxe9Tw~>O&C7@-YP6-nxq*>ryA4mHJLa93Hww@*me_`oY(k6@%w8sJO4f#
zpT9Dc#eB_TNfrBY{vyuA)O|lyLi#Huq`v|oU4LKHmDYxvsBWD%Y@pS*&tjl<>mYND
zpZkyv%~0_PIe*0_-r$)p=l>-0ny+V^&Ptz;F$a@XXG8z|gX9>^a6-pQK+W$iz(_Gc
zm~%YWz6h^vA+s#Dl-%R{%Jq#fdr6aMXf9q~<J6hpSwY4K(porl0<cl7tCl(zA8T9c
zRYRr-d_!#*Q|QdIx9H8=Gj#g=44wV>@)W&$^XmEODf*wc@6bQry!{#d{Nv#n{5m{&
zj-I`J`Q`_;txq)p(RWTlF_6H*YIAR}Z5wfdFYPIvbDA85SV<{aLO!JW=6*z`_=+;c
z#wz9+(L|EO$c5H4L9?^1EtC+Q;VIIxB-G@G$~l;ok`E~}J_)7vZ4*;EnflhKBm!<(
z8_Fp*^8%-7hZ7vlNHB{oT3epKhToj31t=N2k{OHWc&_Q48;?MZvp+t-_m2pgsl{b(
z<1|H#bBd_%;Gh?|a1o%xWNt?tSbim5(a2Z|m<*7z<dn3wJW4-eU{9c1HnvX@NmhfX
z!~lCSNn@fW30*kXAnRo)E}((dmTH1d62+GV4{n6Fm&*Qs`3$^yd-nV^kRRlY+gRfN
z4}TZ^|Ms8k?mqbc-A8Jk|8p>srC~1I0cW^@Yv_{sKiJ>jEzbX7(A$5A|8Otq<HwHH
zY7^A1xP6vpUZ!yyb$<W7;Fw<@yTHXO&@70vF#?IA<#Qlju!WBwQE;Ne5d^tu+V8-e
z8y@B3M<Yelp{onEQGh-nnnX&<*;Cc6L4<b;;>-OXKRN@jMPu+%)jo0cR5QQ-o~r}a
zfpUf?uDY54ItDHy(8}5%SBvIF;OMjk9JHVy&gjyGPeZ6I+5g~K4C9iRfjP)QlO$TN
z9W6H1wC3cg_1Y}_pku|-Sq!uy*2aoRMH*N+u~fpS*jzTivz}MOhK826VrJO$Nz->-
z+GEjEMk;~hdn`zF2!;{Hz_L_q1srPok@v*<kXbVYUHWZW&{f!LCw@uJV>aR7sC+J$
zk9I!aPM!=ZqU0*2t$4YxY(eB)T(T&JE-YITO?6jG;&Ex{SL?Q!i5k&b(XF*WeL|9*
zYNrwdwJ<U3Am~QAh+Zz=uZElha~r4?C)U&}DHxWZRRnP>NR`%*MXRjgScX^$jECAM
z^jpRx*&M~%rCXzHS%P92%!(-19|hYXOF}Hswr$Z<>g?oSb3FX~9Sy9g(z?NU<g3qg
zk&;5~R?fQIr2hA^g6>w}8{=wS&RSZp4%_~z7_rtu_AQe%4nQMN;^Z_J_wi%*5jtZj
zGOo&?v;{?nmC@mr@51tA7hr*WVLEhy9(4^iUrCmt;ZroGTu2mH%({<|Ok+f~sk38_
zoXLT?q|Z&A!FG5?5`CfW!%t&?&)EzHXxs9D+iH|PpaAuE0E->;$=&B|M>LdZ$HV3a
zEznqu#1wN9IfYJ+hal3ZI6&=ju}Bi~hrtwEg6d!uR824z%!yOIATKnJ*QhBud<sx2
zs|^_Lw^xM6c;3{ax&B8VKiV$j6R5_?^JIn9ggBi{rFNwrOEe=m0sT}y*;6{15+PB_
zLlS{6t6Dk+RZ}Kr*Q$u?iCO&Hx(S$b+c}HYj#;;>Zh-n#-&r6+EZ8#JI89Zv!D@n1
z71z%#>eZ$d<bNySZ5$J7iTuAm*c+7O|K8rg-h=#qA8FzKu`|E9;BO-|ekO^(>RGp-
z#e!i#!}%Qr_72YSP~M%~$6O^)V*Uyi(~Y_ZeZhWiy(PG@Fw&|5kLlAEBMu|a_}Vm=
zt0Wq#NbERieeH2#j7DDG1)?RpmUR#=SM?BYoS{Zt#YWnS%3S(JYaYU7rA-6J57QOX
z5Igo>gg7<<lFXn(b`6_fty@CP*LRfE76rw@y6TTr6d)_AKx*Zp+G!-ol`TV(tDi7m
z$|N_#-nM*CjTBR9xFF$J72oP2%o<n}<e4%Wex}1?9eHQ<p)N^0YsfsSw^1;!aKy7<
zb8%~J6(p>cWvrV^Stjp`60hw2@8=b+oC$A}Xyr4RU#LuFQ2etBQ>Dedq7>z7EfSx6
zKC^<>=jM?Av(p0kZ%X2naG_@9W^F8%|N2k*dwZq(|AT|Q{RjE)K9Z)4bT$NooH31w
zoTudJObtsoB|}S6x{q4VKcqGUf%O)30c?YoBR!1-L{-YEhvS9xixWx~%lRTNNG<xL
zSjQwp2fOemot<XmG5vtropv1s>pp6^aH6)2aTdpO^jn5wc#QzzG=(k%t)Gd84&|k4
zLv=@>5z$6vg3X8@L|(_~)yKCY;b4eu9ge6#+hAKo(6cwEsw^CNDG7Ii*2^(6q4qTp
zV_+@(0Khai<N_Nt2v6w3`K~g?HpH(-r9BCx6#v(iX)LhP*vBG=^cD1D_;mH@_3(5<
zqM;Pz^c>g1*R>H$IZfmkwZ9gfuSL5AO}D$wf@}JF;f^uuV3qkaMH{wG0r^|nJjXWL
zip5%MNb*qCc7^7?NHjs2Fc#Tpl+jqyq(;l~xWzcQ5t)E4(PM;NC}FT4yyjF&l6cJm
z&$23Ufhx5tzY@IK6k1xKuzDIaM~!QsK#ja@4(yv&qp2-!qh04i3~H@adJV<fjf>mg
zd-`vqy+fZs&!9Tc{%aex&)b`jSsig$>)=*E)++0?A~7wQXKSnDh1x#73qZ#<CGji}
zQ~f5zl4@p<pkB3ISjI`6Y7lwrNRQs3dx4}LmV5U?fvQyTE?+%CvkJw8)ai`oMVzb?
z@*=LiQ8QPwDT->JTIa@^mDO!;1fW2K+lvWlp-09yMf;^jZEsQ%CeijKO`?|qwN0GR
zCgcp1otss+dNCi&N)=RjP=M8F7#jbq8;0D!FdssHvv%9LmPz{`HXvB%vglI<RZ~Ip
zK6Sg5PvNkQ+DF5h%dR@)b3RH3I;avZZzCuIw(TVSy8Z_{J}L^6BD!tV4pzkMr8S;_
zcOP=R)@c7oBT!E&PmRy3xsLz`7ZVAJ@%&|?y!$9p+lP)a2$ol&tv(#94$RyBYKFnT
zclgvd?rL(XQcGb_F{^7VeYu;jYS*Aya!!{yeCm++ge2h!=5wPaX*c=j=<;pjm9w*~
zxIYAWC38^QEl@#hdH1ZpVNp5z$!b&@r#E*Z1Sv{8oTqwUxd~o8tFG<3UG9;ZMKf8N
z8#fYd7sw??w7t%7<PMd{C+RDqHCTcd9oYx8x~g<n5Pn4fUvV2)nnpSKEu)-7sO?<1
zkw^Xvd+yC-%=C*^hzeKvruZ~U3w5gq_{DXXkM)ney~P6<bz(LNeibZPYXk}&ySKY^
z0CW(u$t@vNStYJi-O8A3yeR51Xj~VER+%1CAtCmwj@6rj3!!j+WLKDSmI=?0DP@sx
zDtPVvwF;wd0PE%R{`m0Z^!bSnk_2pVAzj970$DF0AfTVc$%K4>yc6|Tq1yl6{>R_J
z$NjtaFModi;+LK6fBaq284(iC((nEiecbyU{VV!7_<iX8e<%1?^zq<#^w)o=(o+Zr
zMWgTj75#MwZU5u%V>6=P1%KTcD)=-Z`q3XK@{1}nBSPQ_6amc6=!~5Ilgx9>92R+g
zp=)2yzK+n>XRT!elRtR5_Sh&Cp0*1k68v?ijbOl@x{(Y1x`Sq70wrf+0%gA1v{x_A
zzW#Ce_3Po+r^`C#{AjDaGJzj&h(Pf5s|D22@JDL@Sr>L4$YTx)xjc@0b)lQh`l963
zTOgCQ*6?LN;J~@|u2mRDWaSEHoX%D+t^J9iCj~*HmZWHR9P~Yv2n;?@?$&}<&@nc8
z#MB%&I*^c|tT!}uap6Ep79?c?e)DGP8d!NS&+ugJQ3Q{mWy7~*P>gL%MQPR4N5A~a
zom;nK?dqhg>0&k9%(JRWK{UM)g%C(4Zapa41<25k5eX*2uw{p>5T71BeTv%c$A}Y|
z@kF3@dqKHUBzvz`P!4jxf~L<0e<-xPU%O<Ah?FI4kgFFLZCniKrL`dd`m1dWa1@nZ
zqOoD4nPpV0FL%z!`cok1=_<>LCK0`&QReun6Ee>GugyR_98`w?q>VMs+pL2w<aSCz
z=h=Q&{WFiF6erhWQ1dM?7G#iTt;vvebM%bKO63dIWF-}p9?x3)pn`2sojJ{5(KxR=
z<|EB(-_z1^eyX2sje-9`?JCpx-y4(uTkmnXpSL*YpZkvcAvLFF`wz3EK=pRB=b)F^
zfAkNYl;3}TvcLae|8Xy=#60j34*g4uPN!2a`iFd+$tmOX-}-I0%Ww7Fmo@pfPsFg8
zRLuUDy2(591t6q6i}f4#IHmBSr+I?86m1H=X~A!XQ_(``itv&B4r&khGa@lDe@=*m
ze`6~2A1RjM6#mk0SHPd}0MZ7{caYE_!#@iuB#BZ+6R9!DAAiz6S>*rKO*#88FQQpN
zXq~p<O|8am-vo3XOIC-H4P#7ax+^J*?6AWXsd=Zk@a^-=MHQiYz`;&~*_wAYOE`tq
zUIOkOtkJ`7nN0iJd$s27hr?jlLF9uZiGXm{ixK`3@PV*zvxQT1uL#}il#NW;5)Qwz
z(cQNlGR7mC_~%*`6EMao;quL+Z>rEX*o3R@yuxgCP(tK2<CjXNYif-q6HY`0@jDpA
z5^nlk>>6^;BI~XMMd)p!mWhQZTD~JkwdBRvFkAW!l)E3o8{*eh8#ZfLS`|EQqxJlO
zm@jg0JoIj7Y?iiYgr{+=L#w+FOh4cSpYqJ2`?&ut(tM@x8_(G{uec9bzss6T^1Amj
zBWn#xJ`d%w@pCFgOCwdyvIFMl*m3i}<-_NHtwEtQnD?}POgS|s_dv2Y!s>oULUhM8
z!7=@Jg~Z&n0XM<rEnCW{+hNthd8sdB%IbPoySy9sV4<&d8I?L4t%sR@FjVy^WSlT~
zGo^-YaIcVpazG=Zg)9T%?#F%sOA}GSGq{!>Wzpn5_~k~8Oe6i}EG8qGMCK^@!qF>y
zHzH-Zgw6UAyK?Jzc{eq;p#NJ*|7!+&Q#J6i_`gq{9F*d}^!xqZgZ}qE(w*vmzt`*L
zrfT4u27}2UM!MO68p+~gW;(ROCWw`z*(`QmF%C*vx6NX5LdFUyOJ^1gZ_5Sq_q6L9
z;amtNw{ZXSNZjz^$E0QZe=r!7{eSy|hxpI;lFG&-a6BEsjkA5^-`(eOcu?!B6wB#j
z^wnrCb&P}np6LyKh}j6W)vD<}f^}njb<kI~0Fk<~B`o!BFQ0ov{#>bf|L1Dxn^J*g
z@!$IUW&i&ty9W>VzxR^-!yTuo$j|X-ZvN}f@8+Yfa!PJ`M&42sxZ03f=Hn4OcWR=A
zo486kXpmyIU%97oRJy6tY7>;jE~v;I?n4{R$V~<+Jl}JhSZ;zRs*A~#vdBD7>%m41
zW<=i>0WFI4<h{J=jjjJ2Yu;3C)TeKK(1j>!X4zEYq@|oPh^1y<h4<p4m9q+Kt+C>=
zPF9{PcMVn^Cts_(UYp)ie}$L)-J<cm$O}_w9))giZgE{SvmREmC7yU;mg=0a+a5mf
zx^!WQS(e2@g$Jt+`J}WKRd@a1jkOD~H0<`t>k7`^^Yn$91r0&56+2swGFi*JeD?Z-
zBD9ooS%PGzY$|11$na+PnDJulbyYY}z<ltPW$1<C(+QrWtKY&!Olt<Qw5duj8x-3q
zKYQS}*-(E?ObY$fh9%$wtd<D!F!8fC>Uu+Cemmw%6ZobbT&7Z$ppQ9LD~xAN^~ESO
z5&mkhc2o{vxH8RJ;W!w>%k18!vtKr*jFmS0ppkjt(&}5G8?{tc!W7>jFH+xXUXis~
zT))l%v#j@7*v=Z9U!kj?o7a6v)zmEi6(4}Si7IHB{-@vXmE(W!_685~-+iQyAM1D|
z_rhqds)2}<+m@*9ps$Q}=V5REp;Pnzw_p65<IRY`vi*OsSKj~q-Ghhye=kWL=Q$f-
ztqRHkUX13~TMD4~E!8sFFVsq@yF6Oy#ekz6NWI?4$0A4^UsKdEeO1A&^b&w4SAKOX
zPY`@nt9;7&>jK)~;pNIVI#1mLU0r$q8!L}ZD8SPFzh8d;qyJ?8;9>vYN7`in>!q-O
z0=(60<)$=1gIP=kG%kNYI$#k0+>~JX{`V}4H<SUE?EgXkplbi|;Qx0&$tgK1I|b(b
z4CdVncZidyrl<`b=V=gXHhr_ncK51}<8<l>!1KKA`t9#F{KA)hZe{o9Y9LVX>W|)o
zJ`K8_J+$aiz|?=+R}tWX?gf<MlqKec8fYfH3ax%Azn}m;7reIennm_$NbiHMkE~Td
zbMjlJ<h-IPS>%rgqd@qN3m284ktve@u2-)b5H<HEuC3C=Nuwe){{hbQ>Q6dGcJ#pW
zy|xe_qDI{-qLI61{4!=ZdQBv@(SOar)n?sb)-Ak-W^SVir|K`YQT@JVBP$Gi)35_2
z>F6Uwm;BsR?;+W={QS=Y25qVVTyp;R`%fzRzk@;l;rzdk<Q?lxr~0=4HoeVstKyk{
z_bkc-?SAF*P8D-oBPQgbPO9OHY#A@kiX%l;$bu|D&2i}v#-;N5R!vKdpu9pmWyXAc
z`Q}C8b=GywYYJ}y6zyadSM=><3WVNFL1}m`cjccEr6P3!U}8bMs!hSIKli$SNIEU2
z|GD$z9ohf)_jW7tU+=;G|9(>ClG_q6HSL>Ae+_D%)g{0mUGpmnfL_!x8WUaB@V?%M
z8*tXzvMDM+E`D1ZxE`<*qOGofwqii?ayHAP%6dUb934$@GHDQK*MZO^jr?Z_J~tH3
z|E#Cfa{7Pc=f9WH|J^5*`@i1c;DP?%OIoh~zqL2NH)m^aX8zrH#Fa&ix>$~l^rj*y
zu<IiT5pXmm;iZ*|%mGxNxqd6+lBO^9Q#B{WH+$=HZqf_)4pylH_WMHEbi7DtjB=5&
zpaQKgY!T3Jv)9?nmMhegc_WtiplWenVG_Xa{ml=K1%O|TuM00ewo0&#jQS#G*Se(l
z;dWXeoHKK?<`#bO+xp8!KP{x=s+;v#_;fp%gZr~n&RZ6u`0*}UDjKoY=dIOlA?$L&
za<g=gY63Gm1#abnV~zWb<<}b}SU6Uj-ng4ulJbJH*<l=)XJNIn>o2T?MZ|==)t9^O
z_bqLPwb|#jS@yO18|H_En|1qPjUKPT!7k<hL>FI*ZZYo8n!Mmr`M>w1#QzNrdV3H2
z-+iQyD~0mcvyLylw=%wp+2k0@DH=ZY9+$%Z&NzW5reY#HIwFjIp~uzBV^9C&o>^b|
zcn-ewUM>Jw^;&_FQ(6aK3daXVn(ZjRLN`S4U<N{9`TCRZ=K&&Q$Gq9D1#sJIcRv{s
zAx+4@h7z180uj$$L)5-DryDrKlObxW!G)iyas|@Ih3~B|31D6w@*2JETF_U7>07a^
z^4gP{WlxE;7_H*sY@=;>9;xnm`I=>1R^or|ZTQ*JiuC_RN`Phde@_m|^uIrNi2rau
zX(9c0tYCrgZ%V*7B-^VJr?n_vE(WgAf_s=_5%|4(A%5n=BC6+4Uggfx&HoDfpWHeB
zH|Rg`f1fF>!~c=x{GWMW@5bbUY{>7C4G70(JkyuXPm+cFq|V?%q1)Cfto9~Dc1MgL
zxfe!|EToKoj<h2Ezf1nFzk9G-<^LY&|GlJ@_&;)U{*SE1|7}9XH|PKEf&;8^>o;(V
zp$8B1h&67Es;>9eJi8qGXF<f9I{o6}rVA$5zM`=jjiEMzK}q>|XY_sz-uHpRFH0-X
z|H&n}YyEH8|8KB=@F4%+OInBjpInk<{6D;q4sS}`hSqm-Nj8!KCYR(v3IHiUP1zzT
z;7ein)lA<#!>>l;;W#Ly73u%o>VKb<^*{YV{~`Xvy`+`+|03bvl$75w0spf2|2rpw
zYjDAf$leP3|8iG!-Sd`r5dUF!(BCWX|GoVO`Tt&0jsI8U`n=rDrL=AG+iDe@<LNm`
zCO~G4(R>@s|9tDx{0RYAZLe{<BDuKS6*n~&wT)=9&>2w)#yCUt2?)gd)8{8Yy*zsU
zixYrf#F?1-PSdFG@_yhrB!#?vm-h@_oAmSEj>j(d6`P#DB3C4KxilFwmwm)IJ3o~;
zygWap|5i;5_V%9~xO}bB73VK#Y}!xt7wC)*)%gD9o8xz9c}HLn3&~87D{+P=#R5nV
zxNTDw$H6yDGoW6TxmScvb<VkFm(`c^)Bia=d;a>_`MWnS&z`EaW0W9Gp+gt0J0Uqu
z-z5>@B4oVi3V*8d&i%}{$)Z4^E8yDE9HzxskMxU|ug;#IEE;M(J+8oOEW_epK5}{g
zB=hqkfY;AYPY-{1UYh;FJjHC{vQLP@j+{Tk66-H-lP?8Pa}50<a3wN~RzdXbyR#)5
zZOr&J=Fv)+{>X$Z)~=(3oH5xktW8iZV68p_aTVtMW4r`+us7K2c^#B|e*TKis4eya
z$MC$SPg)e6Tu66K;VR*Mki<S~T9N;AZzSIV|97xkwg1_Fxc|SO^tt)J%_T|&yr>*p
z@RkKE-&0cOYu|3*C_BHhj3+pbI(RbSWTMDeyBJ`sQq@w}wv%3$J}R-0tF6Of>4Olp
zS3=>GgqI?l8A-0-i?y9{nn?6jaAx2J-(x|5VQViE1KT@5&BYWC_76lh%UPz)Mi!w}
zM^~3EzkIRDP!^*pEqV&Utu-%HQtcB6&05Hps<?J;^B*p_WhHFC=ku-=u33BL1cJPx
zN%o-{^c&U0i7!Tn(ly_vr6s15oTp@n_$4`y*@P1u5q>U9*i@cXxT@&K^U<HFuUdWG
z&84$0kzu#gw4NuuMw@{&ODDOrOn#wZR!zHzZ{C{8FXdH~^GzL6y_n%}N)ytdQEdy2
z*|m*Su6~yWtzSR*{$|1cH)*FX0R1LZ#lEai+0>QA5?a+maTzWqXzdEz>av(Jp(nin
zH@&4L*;%w$7ByX7f#tvr?g%Ztn0R03Xg%=?v6L|hQjy;9u}XMH@uq!&mx%T2l7%N@
z3vUJI0r;SUHh=xqT#Dld&kkF94Xsh4l{4<uS$IZPkWI&@`4!JKhiS7HFAGmyuGivP
zFMqBFx;&P8o=cwa$N5_-`bnUBXFtI)^O(~s8j}fmE<zleOXabV;>SYIgkD=&Oor$r
zOAf_hqF=byXUqv>5?*lx^5jk&u1dZWgf~<-tU^<6mZmY8kwoIy-!+wj9{KL%6dHb!
zSt{qxC^rv*huplRY-!$~Hn7KvX+`<}PVIm8_bUFM`@6dj^8bCLb?ko>RbnYgc(~LI
zX!lmUKC2@B>i0np_CJ#$YCGn1ffs<Bp8u1~hY%)9jp_ZF1>L9C$t>KRyR$Cxw#OgG
z$Y@3SZ~LD2ag8%z8U63~%k+P@{}BK6e$q<zKedE^Q;NPO9nTeX|1pL@UnJRE!=7jX
zq5Is+`5~>DR-ymdh;(okQMsWQu!Q~(27_|^zrEi6gZ<~dq_y~ew-9c83}hp6r~qxo
z-a9=0P+Wd~L*%-znD1jw#`Hts@$~}t-}W}3+NMt1ypjaqsg~E74MpqE@WdAqhNz54
zx4u&^j2z*0$+{Z<Dp=yjzuFF25@LzAYi=uc@~=5s_4#Y{%m-m25Uz3^a!?b;t9-wa
zFF_NCEsb&FO0=8ceF+X2`AFTp8-_<m{y2ite`s3o{NKzCWSRUoIH<(`*n9FI|J_Sk
zP5!(6ga3Yx`!!Gb^@-)O5W<^7DjYOlT(F`Ij*E2!%!dQwzS0WxpI?$Y_5bM~JgL0@
zy1(~u|8p;C)eX;!zG=7Ow!<&Uy}RvH9c)%1)7*DNS7hou1{j_N&L*xmRmU1VBsx|7
z1tg|%!SCk$pJbkAdlxu9PCkT)g_oXd#Ix^9?W3-0qZ5tvzqvgm#BwD;G|HV7$n5<4
zZ0xxPtUr=7GCLn-<1yjqF@PxyXxXnwUoX;8*AOkBOfj2uAE_z%Q+Qq6`a!rN{l8QD
z|0n&*`~Uk7@BiLU+K~Q(1dvk)#ruO1`53jo1~YM!(e>WlYrFlcsZhIY)u%t7FeaZ-
z4l0xR4SfW7C4k5+`Uvn#^0{0CicK%|2w1BV=+3P0D_H*tjPF;qY;QW+YE8mb`+T8=
zyT3OZEZ6fA3(zv$KrI0KN_8oFp~ZfQPg~W1A0d&AG{j~IU$~z`qYZj_HW!*}ue44y
zZjOk)<wx*ZMV<9~bqOpnR9~>NR&BO+;aEdX^Da*X(VLp-a~lb14X=WF;t0o)WD>{c
zzH`O!DZ0^ZM%B5Zrjb982gfaY5^Q?fenAcd<u2U1-$31Z{nFh9DuZ%YUIOKYZtfgV
zhIqF=0XJngm%9Q$2@?Hi4gfPUsk@_YqW}3tw1rfxwfN9lyS5co8)`o|G^~?Wlm7=d
zQUEWJ|91~6??3eq1`qQ8y`(kd|G`}-fCmqOo6tQ5ZZaco8@-drO{$F!M8)Bi2u>^2
zErwFcaa&`h-bVDN6$ibblwW(q>(0hO7e=59Hdf{>HBZBR#{rQ1kWqi&h*EzTL?1$5
zEyMInyM*~q3VpRI|96uMpk?<z2ZKud&x42i|NBXs@_#qFlNsFUrOe>7M{a6D;&X*=
zs*&I}irutmaM4{}8#RsQpWp)N3%}Jsf8yv(?Pbh+yS7oo(Qnx3L&&IG3K_MGnB8T}
zDAo3t6Ev#2AQ!c}#;X5Pqf*_RN%*pEl^Qy87xzmGw#*;krm1P5?(oj3p~+jheQJPx
z=l4*z#9==Kr~3TCsaBEy8QawJTc>6I-@AkTa{P~8|H1$3UeY@L-)bRv4q#5)dX<NO
zx;rD#RjHH0vFImOIi_ox&}>nY4PD_9WTk*k^;J<_WT)n$6>h!2?3%u9JK2+y-!jUH
zzFNsW)!QgA#zo^&ju-MIAEVqlsa!mGP56YIzhcfU+<h>Uu^xzatA>H!02^?EC}X5U
zTCIzf0d;GbopCy=qNcuXfSUn!E65quegQT29{4(lIY2dNEqWC8_Pxqs=WBPt&rMYS
zKxx(U|0WLrE;;}A_YSJ>e?7#1yq~m^|95`y-{cg|PpWI0MC@8T*D`W`KqV|9hiWss
zGgY^7O%rVtU=GHVvoVczh63d2j-a|zwdT5o$X+D)>IPqVtW!}vzo;Z?P&ntQV-?H=
z{jwHP&J90w&dG!d$>&<H>``8*tF>g%_4Aw*a{?CBnr#`bR!8Q+T*}E;kav6yxr___
zGAfON<|&`CK*o8%vRnfNl3c?nwW_mG?NaFEu96!phk8~>C-wFG3{TFj1!D1nz%)`0
z1*9i1xWYV$=_oLC6}l3$NsueWN>O@rG79CohRQL5nye`+cM^5%fNMPXUb|f$O|!(<
zBo&rNCA%=~s{#CkBs-OyCX?!wM&%M=b(CM@56uYM%vI5Kz-}AaqI+zib|GsiqD4Tr
zj%F518q<WFYrD82qQ%VRsFr|v$bLe<WlWOWLHhKPrsuC%GC6-m6H@X+DP=B2x(sXs
zq#Hy+opQmjc6-0Hh(OKNw|F^9*zLk@xQ+Upr)c}jIY!I(dOF?jIa()W)de%ncaq`e
zidyEw+~NS(JljO^8qK0#wpVDdSg73ft<|)K;NSaIul;HTU|+yoP1sx`Ce44Sc-buf
znH8|vlkbJJEdEPxzZCzge{it-VE=zFY0<4}y%qlg)lC-1g}{&Ab<o0!uAHlRBbNYs
z%xGhlqc{_i@R!Ga;7LcBrc$QX)I11nQH_NAsY!JWxlI|D-gPH0a&rJ%ef6v;FrN^4
z3?)@|F2P6^vUrHjj*eUYabgM;jnQzLLX0e<iKDE$!t9hna#mr`L`a;3^;TH_QAF<{
zxwMr2pU+sLn4}w=1Iy_DliqGg|JU2=_a5l~eI!LPbVT~?;0UL9L}Mx`5y9c{OLH)Y
z;72S_+pGh{3x$jmCW4U7x>x=7jw5(p5wm(;o5j=MIo1TTcn%pLf7Iis!VNbMlcx~_
zU_N(SV+U9EB3Qw6dEFkEFvTQ^QbrSNuaXuIFk`eeBa+ilv}#3w=1%KsCj?rj$;9=#
zk}>p*{+dHH*UAPf;=-#~@Ri%&t8L${rqk-I6ilwxT9dbBF0z#VV=b)RL=0F$|9kuU
zW&4lbVDJ$C|6Wo_M*v1|3v3rxH@sY8RR5*Y=Azys@YEZ+wSvB*R!dPP%3p$)S95CK
z|B?uK&Phn<6}bubx7`1KaBxuG{}1nf+*8v0pR@cYLY~+uw`8E~p><O=0oRgczWqC@
z*^XUmHy{Shg8yPcz0mDuf!)J!vC!@nyamC1`FO1_&6nwV$?J}!F`Lgw6Jh_HbGy_n
z@6N_}{ZU@#?pOAKyF=7BLB3JH?_Hy@F8KhM4N+V2%*0sBFM28mEL^S}XK{QA_R!wt
zT{)+CpRmXcsB$H@$P-ZY^=OK@EcFx>JpyZK1LT)3fH0pFu6GnN948Y}4?-0$TVixP
z{bIxYMrnw&$^HT&=E@WSlzcSm2DlEKtL8f@4vL^X5?dbf%33VV((y_J`O9Xc{-CLu
z|H}m7oW-|r0klm2H`p!7fBh%Dy$AdMdr51`e=B%q8Mdpzg>4<NutOraMfZ=%W(2G!
z66r|R!O@H+g(GRjimFLh&p6PP+~+#>m6u?IlYe6x#w?4pUs!>>cF;K1)@U8XGMQ#l
z{q3CJIw-W^Q9CFiF)92RvRLss6y8hgpo#Guim8w`LS8t9zp^y4P_E(Q#^{Q<h}k5W
z<Y?P3_lf=knZM7poc@a&9{|hf|L#GrO#cUi2m9}PNw-Se9YF{3+rACb-R#2*Udr{P
zt=1peC&>C&PSpxN$pH9K)s6P{hUbcs>suL}H7cq$Z|gw3^VxvoMUQ2%komY^<|ZzX
zfje&W4}H3P?)~<qrDpnng=4CY<_@R{;<yv?XtSeWss4Aj^8U-9_rU+(OWHC5z(k_$
zm?UUBX6!OcQF{@!YooSD>Ds8R{@d9>J<t_z=?M8_mL(AyK1C4?rI#Uyw3&_|k`Iz3
z+SZ^*JGxhW9H&#<?>@gG3D`0d-Zs{-H-`Bm6YGF%gkuKdMa-^m1<+d{Z#M&V17sjf
zMAv!E9BN0*8-t2;c;FjBvJZN)Op=?8&ns*Cdjo9VSgY-up>m_?)|i}vp!Vj6o3F%L
zc(;k+%@=_Mb!)wB>Yh>KHrYjaCFvMVvG^yM+ordj6G^aR%KfE;U7?8LuRM6xe7)|M
z#_Fr{$LK5afeHy>7Y)n;M%&~!R|L9Nz{G?Lh*0~){&jTnOd!k&no%LtxS?aX6F`Oq
zKype@$T%k=We|HuRYBntbBRV|%(yG6^5m2Xof*Ixv9x>MkI#KB{#nxM{NLtkfMxbS
zdwUi8pS`^Y`_FqxTWf_#v85SD+fyt~v+<aIKy5G9%WCml3YAw50kc&kTMJN~WkRBa
zNuVZh{V1TdA^N8Kjl%vL59M!i;^gTbxBeV@$QAZ~D$<+LfMxstpjVaub|2)wdr5a8
z|E&`o(H2&lb(sZvF^*lg62Y#WQ;9LAF>0Spi80`@iX#*;BA~G;z9PWSRKTFa<Cjid
z<yfGI3WYQ}K0OwQCLVKRIiHlXkPyWc1&hhamqc31`#+eHct$4)<K))bShoN74@&+Y
z{k^^Yy@&mOA8896V<`zw1d<HtiAUE{lAuvWV_@-99A1J$bZZNpsZ}qs6pTHPn36a~
zYJY1(ESgLngT1_@R|LEQyze-PT3aX~6CfsNJB64Q#GKFny%V6fNjyg^ftm^>loF0&
znvkFsJUcx<m5h_t7CK_H8B5SlN2e&FT(p7-m0kG1M!yw|{>{7afBRuN>8k(PpW-U%
z=72^xR1|MaV<K9Q0&$(T9t9(O*?JVnnfjY?I%z%n|5{t<C(J3!1bX@Gxo8C`XTOqA
zwgMUv+||W7`?VEZiI7F4+iHch+d6rE`0VxbU={@vCTD5<*|&TlmG{5H_7>Y%y#ELL
z`+I}Z{@*?5J^26LOWHzZBaBw-zu#*ETAZda4Pm?fvOSeD6~k_q&L)AFQW8hN42*Cz
zAzf9z;}!4FWX$*sYhR{+2sw|*({YStNBovyPIl0LzrV~z1YOz7weOzxgTWx^b$Uyh
zQq{g5^i0K$tJmo*Z}k0tzsFqCF%Bh~W}_u7*`i+$dedxVcSy$#)YA5H_!iVO8!7mf
zqIT6`3q5lCuRI$&t(MVLBKrxA8Ao~eAvD5*M2IEGs9C|A&uMRiR_oEDAK8qgctVDc
z9-+Tmr2KXj_0-6H*J^ETp|e;2>)FZwYPBvdE=E{PTMAL91?qGrBvH7KPJ(9ybvoCW
zO2k4s>~<&9kgGlxdZns&fLRii9;!B4Eym&eF)hH6fWeHEj%nzY$-N+iIvvv<`s%0W
zC#NspzR@^tZK0Qm<SfdxWlQVK;{h3yLUNo6gwcCDWp540d?lE14%xDKN0BqaR&$Hd
z`+UkZI5UOLo_EJFxtY-FH-g^(Na9)Ey6ScyraSgbM>Cw@3E=^B?wAvht_77uv|1g1
zk@bWA-~MWbz$y5SPM(QY>zyFzLK_1eWkRyqiQ%1}g3|Fq&!$2IUG1t_##f9+Nb)&g
z$&4Y9);^9on*rt*A&<lb8nZYe9G0}svhpdy63PiR;gZgX?t_*&TCGp$pJa|cp|g2P
z&?ofFgi%p{iI7ux{Q`Yzed?&B|8M^(`~|;SpAaWN+>Th5NbvPh|G(&8pifAF(U!S>
zNSRMa*dRg|?b<b1p7OQ=1~$oT3|-UK#vV+`P?|Y4tkGYXVrp~(4;6_gMH~P;ykUY=
z9=jr((}(~yQ2=eEnJYDdXj?C9oTf$w+wp;W=Ea3JUXI@|dCZ9*iG=pv>jnX9ExzT8
zv1p7Qu@GVgha{DS;K4c?Pj?Fp#ngD|4?BRk{fKbP36ACn)ZOZXE~U3l!Xl#4C&?B1
z1a<)m-}k?``7=?x7iH?uPW2@q0@NX&i1)o;ibK-T!fq#q$5cARn8iH>gNowv@vY)(
zTT#UAt(~{(<Q_r+C7h-)4&5@+GYMI0$S!c24lj)Di5?YecDWq3WJqKqA*sw{zI0T5
z?bxB(be0~0LmC`8mO|GN;wuXir>TbIJL7#q3<BsY7$1MX&|91)q)<pfs8IKmMFz7v
znuR_oQXVU?hI)N6?l77@W$LUQ%~6@cYlwNo4@V-t?S0!*Kz=+sJBB$W37E>GB%6(h
zU(dK67Q5E=`qLhM{QYs;MI~tu+izGx+K=1DyAiS#E7l&io%2&02FJK+=}@2GVh)4z
zTSoXCTDJk8G(H70;Cw{XnpM#ByZ%th)<ecm7$~(i8w5zpLju$cxPgz+F=sO(rz8_@
zpi4mk%vddJtm0T-T|Y}8RK3(|x9DoF<+WAQToGknZmPlZm_?{uO3h@MNes~Y*ZMkc
z%vK}0M!RNT?C69VdUpqHRa%^~I1&osP7H6}+DZsZ$>}JA^Eru7s3q+DtP(^j>MR0e
zbP49v0qsM=5(I(3GC{cJ8ZsK8ey`U9XcHQtL9f>f{_^Om9~@VP>o5BLb_;Pb*3k(X
z`Yf@y6y`y+jFXP)h{Lfu0x&yb>C_y#Uf%Zv!Rq0ZL7Ooa0=S4OhHej43J0c-jn2=T
z)7zq_xS=ne0f`NE@;^~!7?0m|Uz3^QcWg1Z^dUm=>U2ic>8Q>X|NW?j?d-o~Ro-)N
zSVYj7UqBr(W1x@o8h}v#(B<n5+el5!=v+@}IEAXhDx38Uy9lQw%3=`Q^q81|E0g~?
zX4h8PZb$6}XS2gNcCV_4_7Il7I~<;|8Ky~lXnzMW3vnE@U4a)dyB6)?`(NA_Z3AJy
zF(v2Z4YY^t_T#qMt6+8kXN@M|Cqy5lKQn$AGaS85Ue0EjR9P>SNPRTL$%Hr*4c*Uw
zbIwfbCuFQ!BA&4qv@}+u0Q>c5O2W%$S{a`M$@49jp#eEhMGMCKtN{SBvtKN#6w)^t
zI^M4tscCLP235^0x}M~L9d*9Ar0L59?$+FNI{3oaqv)d7E<%VOJ)|xVaDioKsZ74X
zES1w&IQ~jobOKl5s6}h;K!5?V;(`w_?|co9cS6R5lOzNtQtbu1;B_d^06oXy)bgx3
zB!NPl7&#T;-1QW>7ir;ausIPD5=%19VnJlFyA5lomg6&*J%z#34{_St9-O8z2(Ssc
zc5N>h?7E4sYx?J@Vt7CsqN*UO>mar3pr@XRmrqA)JGy}7c3D<+VzCeO!Au3hh~w+h
z7#J|Xn{$?pVj`xDfy9+&JY~W%emOFwEmzm+7cmA+fW2hPXE|iEG$xY7^LnT?r1yo3
zz*@vzpv9UmciiSxx*?B*yKr=ko+~C>bZan**6(GsxQ|g|52HKjUR2jPOPFeK(Kd9Q
zH$V6rue4}<P~IU@e{AY-w<;S1`~+^0NTdJ=vo@h}X>V$WGl6g%Ls2BBSfYqV$^ZL5
z|5xgJD1?(aVz9jwh!Qm{oI^D`<_Dnux`dO4#}MfH`N_%K69lIgaI!w!!l6;&LNrhl
zj~?m*VL>d>y|C0KnVT*!ZVICr38y%rVpi-&>1e35sN;wyc>&3^Z$wUFOdms#jLY(T
zeLD*{vD<2}z}pn(r^My}8|g0mp}3u|5z!(%TyYv@qJr}7<P{)hSl}W-Ewe*4izCld
ztJW%FuN8qUF4UZ4$MljEsJTbo^?;b=E~YGtBZWGKpd%zy)H>IgfMS%BNfu)cvXcnV
zNwJxnUV<jo(2r{x$B1W%vuDU*Vu7wn92aL`HD<Jq^c}|4Ez8Dkobo||zNppiPzliM
zOlCNa=LkYg2zo`daClUn7EaW(gckZy1-jpvoHJ`+_8}7;HBz!L=Ot<&__--(S5%1r
zDHDQ%fy-PUp>#%ACOi5Hr-s{TAnFmh(&YSlilyiz<hr|6fYm9$>KIs6=5ICLy>3RI
zuTx()rbQqp7)pk?sjjt%4Xj<BS77eYw#w8a8e6jNBt}@#1dTJ9ak8U+hFCy5O6FF)
zO{h_$3Bn1Y7Hc$CXzRlRKweX!ws01kgJfhcO(J(oMb+_b9GPoL7D!taLVV<BDz-qY
z8Efhr*{lhI&8~;x$x@3r{>D0q)+KlZ4{|$FOFawgF1!^<XsjxGxonKQ+U8<oG3@d+
zhXD#V9P2}CxYsa1z1$68FIDkZ3ar&gdbLPnt8-9#6$0H^2nB~B5#lxIEIb_BCj>`7
zb1KQ(BqVJ>SxCkeQeljRR{sDnq}K*Cx2Pq1uTmCJ^2c1;x6q2MUTC8K11-Sb6soUo
zt1OrsAbxEK>T4pg71cyt8w~}QfL#gXa&S&*x)5GnDGy+-LRmzga$mis%2h(8GCeYt
zn7h^Gpl+LPRY2c_Y*m2W9@VOVz5}A=wQ<8mzS2}~xZ+oWJ*F|ye^v*^-7X-%R1qxs
zfEDX7^g?9`_|j2zbW|-JTG>A1U(U7~IrC&Td>iSPt!DVcxqz3jypJKg&Xs=_moz<(
zSu#0~^<zoMJpOa881eHd!3EIOojlCrk`0@NNt5zu`AC%tE*~r?-_e88I35P7mcWNd
zG14)S?z$C07{L$E6UnLS&!D$zS8JnXHnCPUapVfLN^`i~{Q01EebtpsFKVjRUQAcZ
z;aWQe+5i<w_e-Uf)Uv4jpbULs>D^Lk)sd$P|3#Jd%1y9ErT0svg^XC%G?2N1Lf=OP
zVVafLi(YTGYUP=}>?+jX@4aps@4UXf6{|KsSfO=SyRQAgzTZArx4gy)9jgkJ4g6eX
zE2+rj=W+-ZO1Q$DV<nT6tjDV6ilDQ-qSz9VR_n~!uYlvmqelsoj~+S0zYA0FA{YGf
z#x4A9#;ukzne3FCV_HzOnuz>n<1rd#vPC7_Ka8vl3wIyp7F*k?m2Oimi~*Ho;L{s?
zS?1oARJQ-dY1&cre@1T427Iyocfa4;t@wW&>_7N_-Amd+Cwc|gE5CwOD|Obz<FUP(
z%TggZ!87#!d+@5Sm_p^&48Gfa$Yxq)#S+pXb5b#X?Cuy}apY}!*vSGpijZrMKv{b7
zOguJs?4X+zTKx$|rH-r6*DD_!h?J%TxE-s&8Ix<P#Hnha&p=~@IYIK8Aux9V&cr|~
zG>_&i({00LM1B`R6NDX!Vccjrk)X*WCZ4LZ)q24=npwLLV_dFi)RbK-$eA#@GJ<8s
z$z#OHSYH;hjHCBzfb-$EZ_v7-w@*G^4T29{lGrIwzn^q>v;pnAbi#3DEOR{r;H!Qx
z*#B#*bt*B}29`-B`!Ra&+b1F5Qz#Lu*|%83mTt<Tj<a$xRxdl+VQ)l8f;gG6D-z|l
z!X6%n$1j6c>kuw4i2ySG=#jZZ$rg3((IYr0z+QCBiI}=W1}3jE5_URw9-B3%mI(Qf
zYUR9SC?#CYAZQnpj<(3u7#Pb;x65D|UNpK%UO><Y$s9*X$B0Ta#X=89%E=XFnTY4E
zAgFzUR_i<T=+PS{$?(ym)_3S-!E4dPjeZQ;b_>H-e_pH8TL>0XxE<D;C7Gk+(_>Gi
zUY!=2pfSEuV>!;(_{83GkvJMI>TDJ3F>EV4baS=P?N+K=qV~!R&{2~O9-E4*z~}<p
z1`MbRw5=pnHJqw}8BX*qLl_gBpe)ThxuX^lmHNIUCf0KlOxn#b>Qyr0?2;r}OAP}?
zi`<3C!l@qIamGPm4KOrOgF9SkB4H9lQnYOlPRv@ocwFkjV?<;a>;!70+*olv!val+
zL_%iarMut(%pRju;~cU?Z4p4x9s_DmdIZM}2EZ-!SZIkqXtmy@EOAWHqJ=D(mdhS{
zhROO83f4}|^3o@O_HUt5t@tU9$NAQ`H-FA(!8c{MC}~S#7mUQw2iTP0VWCQ>byB8a
zhY^HA@g1PnCt=tE>F#)Ud6^)Q^Db_jiLpHoA|f%33sd7xxO~pt<dm*k)nbATtQttj
zHLCBWHl=|J=t6;0iIWKPNa!=d-MAU^&zxP)&ptT!8qPUOGR@@=g!r>pJ;MElqdQ3)
zK{Y}DkaxdoK54AXZOCdkC5R-Fa<_m=DA@*b)asiA2bd0eZ?76(#O!)g{-<D!;YB|*
z1{pi3gANOb>3giBlV@oA!n;hm*fF*bV1g*nwfdn=BJ!bd8>l!8hWYXvfmj+NlJ7)A
z)4=hjaAE8lbvZLve{}Rk)oqTCo{icO(pfcQq_HTEQogCwic^0&eo^1va)AUGuFXLr
zRAPg)!>Ni{`xH{f;D!UJL9*nEBoxf&*w{FD;hMfep9qDs1s5lhnSTL$l0<Gz$SD)V
z>!u<UER!hF(G0Xm4d$%QA<ynbnjnJ1sc($Hxc;Qtg4w^dJyF>V<xQ~u>d*0pN)*P>
zn<(hOEiT*YdQEB;>Wx+?^wsDr1l%@hb4y!jxsZ_`ERM^8!^M*}T!!%%2Woh#6|F^+
ziPkBb6*%;W3hg5R{7%eZef`QZp5QnNkm6Dqk90G3zVx|Z%(@7=Fe=?wY;ug{^a56@
zFy=jaxS|04Jf*Sj!bO*7AnkNbI~OQ&v4Uvs)Z;WiLgD<1CfSD)x)B5B%rY1-5>$Ye
zK0s<%jg}g{8)b>i3hoUTPK$4`2oO3`drJ~NQ`-y9@k-}-mY|CeOVlMY?3&!J8!<Io
z=o6Z7lA_LY^uPbL^^a3`;~8cWb)xpuHtLKA7YL>qC<ru_ut<rxifz0|2^Zj<BrnvE
za3V9Fkf;HtoQ<jNl>&IhVk~J)ir^N5Do;}YkZ>kh5sJ3NrQ@2`wFjVpcoRla0@b0M
zk_5!(YL&;HrH3w2!K2lBIR@@jEBEvo5Fw`{5+Q3-V$pkC)~V!N{fHpAi1*gEF)l-C
zj1yu{5r%LSaUz6XUsQ;UfOL0Z=Ju&Kya_^u)u8t2h%u?>Zid4tO^6;408yR+Sew-@
ze{R*(L%N4l*8jr#7M(nZE|9aEJpr&J{!hPOj{ntvvcGrmp#Qy(<h%V2?djEOZJ`Oh
zA_=-S6tT7#XrlbvB}D}7HOV!}8BK67HLn9JYGa}o7%;{6%7)+ezU{Sqs6%*v*j(#M
zo{?6|EYE6=d$b>{>g<Dm`nDLyu?YsBKTn428*=``RUPxl+z@@tAGn%$*54;&EQaX4
zzUBNSZ`2s#6`S>*`7gE$qu@1b-&h{5Fh0dcv`C^^%0kGN?ymw~U$IGB02CkS(v|cD
xU@?Qv$R(K%QD4-3KflIQLgwdQzYpmlJ*0>9kTy&Ie*gdg|Nk^%y`TX60RZ8^KfwS1

literal 0
HcmV?d00001

diff --git a/charts/rancher-logging/104.2.0+up4.8.0/.helmignore b/charts/rancher-logging/104.2.0+up4.8.0/.helmignore
new file mode 100644
index 0000000000..b3123b9ea0
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/.helmignore
@@ -0,0 +1,26 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+
+ci/
+README.md.gotmpl
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/Chart.yaml b/charts/rancher-logging/104.2.0+up4.8.0/Chart.yaml
new file mode 100644
index 0000000000..e74538294d
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/Chart.yaml
@@ -0,0 +1,30 @@
+annotations:
+  catalog.cattle.io/auto-install: rancher-logging-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/deploys-on-os: windows
+  catalog.cattle.io/display-name: Logging
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/namespace: cattle-logging-system
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: logging.banzaicloud.io.clusterflow/v1beta1
+  catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
+  catalog.cattle.io/release-name: rancher-logging
+  catalog.cattle.io/type: cluster-tool
+  catalog.cattle.io/ui-component: logging
+  catalog.cattle.io/upstream-version: 4.8.0
+apiVersion: v2
+appVersion: 4.8.0
+description: Logging operator for Kubernetes based on Fluentd and Fluentbit.
+home: https://kube-logging.github.io
+icon: file://assets/logos/rancher-logging.svg
+keywords:
+- logging
+- fluentd
+- fluentbit
+kubeVersion: '>=1.26.0-0'
+name: rancher-logging
+sources:
+- https://github.com/kube-logging/logging-operator
+- https://github.com/kube-logging/helm-charts/tree/main/charts/logging-operator
+type: application
+version: 104.2.0+up4.8.0
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/README.md b/charts/rancher-logging/104.2.0+up4.8.0/README.md
new file mode 100644
index 0000000000..7f66f42ab6
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/README.md
@@ -0,0 +1,134 @@
+# logging-operator
+
+![type: application](https://img.shields.io/badge/type-application-informational?style=flat-square) ![kube version: >=1.22.0-0](https://img.shields.io/badge/kube%20version->=1.22.0--0-informational?style=flat-square) [![artifact hub](https://img.shields.io/badge/artifact%20hub-logging--operator-informational?style=flat-square)](https://artifacthub.io/packages/helm/kube-logging/logging-operator)
+
+Logging operator for Kubernetes based on Fluentd and Fluentbit.
+
+**Homepage:** <https://kube-logging.github.io>
+
+## TL;DR;
+
+```bash
+helm install --generate-name --wait oci://ghcr.io/kube-logging/helm-charts/logging-operator
+```
+
+or to install with a specific version:
+
+```bash
+helm install --generate-name --wait oci://ghcr.io/kube-logging/helm-charts/logging-operator --version $VERSION
+```
+
+## Introduction
+
+This chart bootstraps a [Logging Operator](https://github.com/kube-logging/logging-operator) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
+
+## Prerequisites
+
+- Kubernetes 1.19+
+
+## Installing CRDs
+
+Use `createCustomResource=false` with Helm v3 to avoid trying to create CRDs from the `crds` folder and from templates at the same time.
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| replicaCount | int | `1` |  |
+| image.repository | string | `"ghcr.io/kube-logging/logging-operator"` | Name of the image repository to pull the container image from. |
+| image.tag | string | `""` | Image tag override for the default value (chart appVersion). |
+| image.pullPolicy | string | `"IfNotPresent"` | [Image pull policy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) for updating already existing images on a node. |
+| env | list | `[]` |  |
+| volumes | list | `[]` |  |
+| volumeMounts | list | `[]` |  |
+| extraArgs[0] | string | `"-enable-leader-election=true"` |  |
+| imagePullSecrets | list | `[]` |  |
+| nameOverride | string | `""` | A name in place of the chart name for `app:` labels. |
+| fullnameOverride | string | `""` | A name to substitute for the full names of resources. |
+| namespaceOverride | string | `""` | A namespace override for the app. |
+| annotations | object | `{}` | Define annotations for logging-operator pods. |
+| createCustomResource | bool | `false` | Deploy CRDs used by Logging Operator. |
+| http.port | int | `8080` | HTTP listen port number. |
+| http.service | object | `{"annotations":{},"clusterIP":"None","labels":{},"type":"ClusterIP"}` | Service definition for query http service. |
+| rbac.enabled | bool | `true` | Create rbac service account and roles. |
+| monitoring.serviceMonitor.enabled | bool | `false` | Create a Prometheus Operator ServiceMonitor object. |
+| monitoring.serviceMonitor.additionalLabels | object | `{}` |  |
+| monitoring.serviceMonitor.metricRelabelings | list | `[]` |  |
+| monitoring.serviceMonitor.relabelings | list | `[]` |  |
+| podSecurityContext | object | `{}` | Pod SecurityContext for Logging operator. [More info](https://kubernetes.io/docs/concepts/policy/security-context/) # SecurityContext holds pod-level security attributes and common container settings. # This defaults to non root user with uid 1000 and gid 2000.	*v1.PodSecurityContext	false # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ |
+| securityContext | object | `{}` | Container SecurityContext for Logging operator. [More info](https://kubernetes.io/docs/concepts/policy/security-context/) |
+| priorityClassName | object | `{}` | Operator priorityClassName. |
+| serviceAccount.annotations | object | `{}` | Define annotations for logging-operator ServiceAccount. |
+| resources | object | `{}` | CPU/Memory resource requests/limits |
+| nodeSelector | object | `{}` |  |
+| tolerations | list | `[]` | Node Tolerations |
+| affinity | object | `{}` | Node Affinity |
+| podLabels | object | `{}` | Define which Nodes the Pods are scheduled on. |
+| logging | object | `{"allowClusterResourcesFromAllNamespaces":false,"clusterDomain":"cluster.local.","clusterFlows":[],"clusterOutputs":[],"controlNamespace":"","defaultFlow":{},"enableRecreateWorkloadOnImmutableFieldChange":false,"enabled":false,"errorOutputRef":"","eventTailer":{},"flowConfigCheckDisabled":false,"flowConfigOverride":"","fluentbit":{},"fluentbitDisabled":false,"fluentd":{},"fluentdDisabled":false,"globalFilters":[],"hostTailer":{},"loggingRef":"","nodeAgents":{},"skipInvalidResources":false,"syslogNG":{},"watchNamespaceSelector":{},"watchNamespaces":[]}` | Logging resources configuration. |
+| logging.enabled | bool | `false` | Logging resources are disabled by default |
+| logging.loggingRef | string | `""` | Reference to the logging system. Each of the loggingRefs can manage a fluentbit daemonset and a fluentd statefulset. |
+| logging.flowConfigCheckDisabled | bool | `false` | Disable configuration check before applying new fluentd configuration. |
+| logging.skipInvalidResources | bool | `false` | Whether to skip invalid Flow and ClusterFlow resources |
+| logging.flowConfigOverride | string | `""` | Override generated config. This is a raw configuration string for troubleshooting purposes. |
+| logging.fluentbitDisabled | bool | `false` | Flag to disable fluentbit completely |
+| logging.fluentbit | object | `{}` | Fluent-bit configurations https://kube-logging.github.io/docs/configuration/crds/v1beta1/fluentbit_types/ |
+| logging.fluentdDisabled | bool | `false` | Flag to disable fluentd completely |
+| logging.fluentd | object | `{}` | Fluentd configurations https://kube-logging.github.io/docs/configuration/crds/v1beta1/fluentd_types/ |
+| logging.syslogNG | object | `{}` | Syslog-NG statefulset configuration |
+| logging.defaultFlow | object | `{}` | Default flow for unmatched logs. This Flow configuration collects all logs that didn’t match any other Flow. |
+| logging.errorOutputRef | string | `""` | GlobalOutput name to flush ERROR events to |
+| logging.globalFilters | list | `[]` | Global filters to apply on logs before any match or filter mechanism. |
+| logging.watchNamespaces | list | `[]` | Limit namespaces to watch Flow and Output custom resources. |
+| logging.watchNamespaceSelector | object | `{}` | Limit namespaces to watch Flow and Output custom resources. |
+| logging.clusterDomain | string | `"cluster.local."` | Cluster domain name to be used when templating URLs to services |
+| logging.controlNamespace | string | `""` | Namespace for cluster wide configuration resources like ClusterFlow and ClusterOutput. This should be a protected namespace from regular users. Resources like fluentbit and fluentd will run in this namespace as well. |
+| logging.allowClusterResourcesFromAllNamespaces | bool | `false` | Allow configuration of cluster resources from any namespace. Mutually exclusive with ControlNamespace restriction of Cluster resources |
+| logging.nodeAgents | object | `{}` | NodeAgent Configuration |
+| logging.configCheck | object | `{}` | configCheck provides possibility for timeout-based configuration checks https://kube-logging.dev/docs/whats-new/#timeout-based-configuration-checks |
+| logging.enableRecreateWorkloadOnImmutableFieldChange | bool | `false` | EnableRecreateWorkloadOnImmutableFieldChange enables the operator to recreate the fluentbit daemonset and the fluentd statefulset (and possibly other resource in the future) in case there is a change in an immutable field that otherwise couldn’t be managed with a simple update. |
+| logging.clusterFlows | list | `[]` | ClusterFlows to deploy |
+| logging.clusterOutputs | list | `[]` | ClusterOutputs to deploy |
+| logging.eventTailer.enabled | bool | `false` |  |
+| logging.eventTailer.name | string | `"event-tailer"` |  |
+| logging.eventTailer.image.repository | string | `nil` | repository of eventTailer image |
+| logging.eventTailer.image.tag | string | `nil` | tag of eventTailer image |
+| logging.eventTailer.image.pullPolicy | string | `nil` | pullPolicy of eventTailer image |
+| logging.eventTailer.image.imagePullSecrets | list | `[]` | imagePullSecrets of eventTailer image |
+| logging.eventTailer.pvc.enabled | bool | `true` | enable pvc for  |
+| logging.eventTailer.pvc.accessModes | list | `["ReadWriteOnce"]` | storage class for event tailer pvc |
+| logging.eventTailer.pvc.volumeMode | string | `"Filesystem"` | storage class for event tailer pvc |
+| logging.eventTailer.pvc.storage | string | `"1Gi"` | storage for event tailer pvc |
+| logging.eventTailer.pvc.storageClassName | string | `nil` | storage class for event tailer pvc |
+| logging.eventTailer.workloadMetaOverrides | string | `nil` | workloadMetaOverrides |
+| logging.eventTailer.workloadOverrides | string | `nil` | workloadOverrides |
+| logging.eventTailer.containerOverrides | string | `nil` | containerOverrides |
+| logging.hostTailer.enabled | bool | `false` | HostTailer |
+| logging.hostTailer.name | string | `"hosttailer"` | name of HostTailer |
+| logging.hostTailer.image.repository | string | `nil` | repository of eventTailer image |
+| logging.hostTailer.image.tag | string | `nil` | tag of eventTailer image |
+| logging.hostTailer.image.pullPolicy | string | `nil` | pullPolicy of eventTailer image |
+| logging.hostTailer.image.imagePullSecrets | list | `[]` | imagePullSecrets of eventTailer image |
+| logging.hostTailer.workloadMetaOverrides | string | `nil` | workloadMetaOverrides of HostTailer |
+| logging.hostTailer.workloadOverrides | string | `nil` | workloadOverrides of HostTailer |
+| logging.hostTailer.fileTailers | list | `[]` | configure fileTailers of HostTailer example:   - name: sample-file     path: /var/log/sample-file     disabled: false     buffer_max_size:     buffer_chunk_size:     skip_long_lines:     read_from_head: false     containerOverrides:     image: |
+| logging.hostTailer.systemdTailers | list | `[]` | configure systemdTailers of HostTailer example:   - name: system-sample     disabled: false     systemdFilter: kubelet.service     maxEntries: 20     containerOverrides:     image: |
+| testReceiver.enabled | bool | `false` |  |
+| testReceiver.image | string | `"fluent/fluent-bit"` |  |
+| testReceiver.pullPolicy | string | `"IfNotPresent"` |  |
+| testReceiver.port | int | `8080` |  |
+| testReceiver.args[0] | string | `"-i"` |  |
+| testReceiver.args[1] | string | `"http"` |  |
+| testReceiver.args[2] | string | `"-p"` |  |
+| testReceiver.args[3] | string | `"port=8080"` |  |
+| testReceiver.args[4] | string | `"-o"` |  |
+| testReceiver.args[5] | string | `"stdout"` |  |
+| testReceiver.resources.limits.cpu | string | `"100m"` |  |
+| testReceiver.resources.limits.memory | string | `"50Mi"` |  |
+| testReceiver.resources.requests.cpu | string | `"20m"` |  |
+| testReceiver.resources.requests.memory | string | `"25Mi"` |  |
+| extraManifests | list | `[]` | Extra manifests to deploy as an array |
+
+## Installing Fluentd and Fluent-bit via logging
+
+The chart does **not** install `logging` resource to deploy Fluentd (or Syslog-ng) and Fluent-bit on the cluster by default, but
+it can be enabled by setting the `logging.enabled` value to true.
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/app-readme.md b/charts/rancher-logging/104.2.0+up4.8.0/app-readme.md
new file mode 100644
index 0000000000..994c597ee5
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/app-readme.md
@@ -0,0 +1,45 @@
+# Rancher Logging
+
+This chart is based off of the upstream [Banzai Logging Operator](https://banzaicloud.com/docs/one-eye/logging-operator/) chart. The chart deploys a logging operator and CRDs, which allows users to configure complex logging pipelines with a few simple custom resources. There are two levels of logging, which allow you to collect all logs in a cluster or from a single namespace.
+
+For more information on how to use the feature, refer to our [docs](https://rancher.com/docs/rancher/v2.x/en/logging/v2.7/).
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Namespace-level logging
+
+To collect logs from a single namespace, users create flows and these flows are connected to outputs or cluster outputs.
+
+## Cluster-level logging
+
+To collect logs from an entire cluster, users create cluster flows and cluster outputs.
+
+## CRDs
+
+- [Cluster Flow](https://banzaicloud.com/docs/one-eye/logging-operator/crds/v1beta1/clusterflow_types/) - A cluster flow is a CRD (`ClusterFlow`) that defines what logs to collect from the entire cluster. The cluster flow must be deployed in the same namespace as the logging operator.
+- [Cluster Output](https://banzaicloud.com/docs/one-eye/logging-operator/crds/v1beta1/clusteroutput_types/) - A cluster output is a CRD (`ClusterOutput`) that defines how to connect to logging providers so they can start collecting logs. The cluster output must be deployed in the same namespace as the logging operator. The convenience of using a cluster output is that either a cluster flow or flow can send logs to those providers without needing to define specific outputs in each namespace for each flow.
+- [Flow](https://banzaicloud.com/docs/one-eye/logging-operator/crds/v1beta1/flow_types/) - A flow is a CRD (`Flow`) that defines what logs to collect from the namespace that it is deployed in.
+- [Output](https://banzaicloud.com/docs/one-eye/logging-operator/crds/v1beta1/output_types/) - An output is a CRD (`Output`) that defines how to connect to logging providers so logs can be sent to the provider.
+
+For more information on how to configure the Helm chart, refer to the Helm README.
+
+## Systemd Configuration
+Some Kubernetes distributions log to journald.  In order to collect these logs the `systemdLogPath` needs to be defined. While the `/run/log/journal` directory is used by default, some Linux distributions do not default to this path. For example Ubuntu defaults to `/var/log/journal`.  To determine your `systemdLogPath` run `cat /etc/systemd/journald.conf | grep -E ^\#?Storage | cut -d"=" -f2` on one of your nodes.  If `persistent` is returned your `systemdLogPath` should be `/var/log/journal`.  If `volatile` is returned  `systemdLogPath` should be `/run/log/journal`. If `auto` is returned check if `/var/log/journal` exists, and if it does then use `/var/log/journal`, otherwise use `/run/log/journal`.
+
+If any value not described here is returned, Rancher Logging will not be able to collect control plane logs. To address this issue set `Storage=volatile` in  journald.conf, reboot your machine, and set `systemdLogPath` to `/run/log/journal`.
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/NOTES.txt b/charts/rancher-logging/104.2.0+up4.8.0/templates/NOTES.txt
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/_generic_fluentbitagent.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/_generic_fluentbitagent.yaml
new file mode 100644
index 0000000000..44f2303db3
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/_generic_fluentbitagent.yaml
@@ -0,0 +1,85 @@
+{{- define "logging-operator.fluentbitagent.tpl" -}}
+apiVersion: logging.banzaicloud.io/v1beta1
+kind: FluentbitAgent
+metadata:
+  namespace: {{ .Release.Namespace }}
+  labels:
+{{ include "logging-operator.labels" . | indent 4 }}
+spec:
+  image:
+    repository: {{ template "logging-operator.fluentbitImageRepository" . }}
+    tag: {{ template "logging-operator.fluentbitImageTag" . }}
+  {{- if not .Values.disablePvc }}
+  {{- with .Values.fluentbit.bufferStorage }}
+  bufferStorage: {{- toYaml . | nindent 6 }}
+  {{- end }}
+  {{- with .Values.fluentbit.bufferStorageVolume }}
+  bufferStorageVolume: {{- toYaml . | nindent 6 }}
+  {{- end }}
+  {{- end }}
+  {{- if or .Values.global.cattle.psp.enabled .Values.global.seLinux.enabled }}
+  security:
+  {{- end }}
+  {{- if .Values.global.cattle.psp.enabled }}
+    podSecurityPolicyCreate: true
+    roleBasedAccessControlCreate: true
+  {{- end }}
+  {{- if .Values.global.seLinux.enabled }}
+    securityContext:
+      seLinuxOptions:
+        type: rke_logreader_t
+  {{- end }}
+  {{- if or .Values.fluentbit.inputTail.Buffer_Chunk_Size .Values.fluentbit.inputTail.Buffer_Max_Size .Values.fluentbit.inputTail.Mem_Buf_Limit .Values.fluentbit.inputTail.Multiline_Flush .Values.fluentbit.inputTail.Skip_Long_Lines }}
+  inputTail:
+    {{- if .Values.fluentbit.inputTail.Buffer_Chunk_Size }}
+    Buffer_Chunk_Size: {{ .Values.fluentbit.inputTail.Buffer_Chunk_Size | toString }}
+    {{- end }}
+    {{- if .Values.fluentbit.inputTail.Buffer_Max_Size }}
+    Buffer_Max_Size: {{ .Values.fluentbit.inputTail.Buffer_Max_Size | toString }}
+    {{- end }}
+    {{- if .Values.fluentbit.inputTail.Mem_Buf_Limit }}
+    Mem_Buf_Limit: {{ .Values.fluentbit.inputTail.Mem_Buf_Limit | toString }}
+    {{- end }}
+    {{- if .Values.fluentbit.inputTail.Multiline_Flush }}
+    Multiline_Flush: {{ .Values.fluentbit.inputTail.Multiline_Flush | toString | quote }}
+    {{- end }}
+    {{- if .Values.fluentbit.inputTail.Skip_Long_Lines }}
+    Skip_Long_Lines: {{ .Values.fluentbit.inputTail.Skip_Long_Lines | toString | quote }}
+    {{- end }}
+  {{- end }}
+  {{- with (concat (.Values.tolerations) (.Values.fluentbit.tolerations)) }}
+  tolerations: {{- toYaml . | nindent 6 }}
+  {{- end }}
+  {{- with .Values.nodeSelector }}
+  nodeSelector: {{- toYaml . | nindent 6 }}
+  {{- end }}
+  {{- with .Values.fluentbit.resources }}
+  resources: {{- toYaml . | nindent 6 }}
+  {{- end }}
+  {{- with .Values.fluentbit.metrics }}
+  metrics: {{- toYaml . | nindent 6 }}
+  {{- end }}
+{{- end -}}
+
+{{- define "logging-operator.util.merge.fluentbitagent" -}}
+{{/* Top context to expose fields like `.Release` and `.Values` */}}
+{{- $top := first . -}}
+
+{{/* tpl is the template specific to the fluentbit implementation */}}
+{{- $tpl := fromYaml (include (index . 1) $top) | default (dict ) -}}
+
+{{/* Generic is the shared rancher fluentbit setttings from `_generic_fluentbitagent.yaml` */}}
+{{- $generic := fromYaml (include (index . 2) $top) | default (dict ) -}}
+
+{{/* values are from the values.yaml */}}
+{{- $values := $top.Values.fluentbitAgentOverlay | default (dict ) -}}
+
+####### {{$generic}}
+
+{{/* the sources are merge right to left meaning tpl is the highest prcedence and values is the lowest */}}
+{{- toYaml (merge $tpl $values $generic) -}}
+{{- end -}}
+
+{{- define "logging-operator.fluentbitagent" -}}
+{{- include "logging-operator.util.merge.fluentbitagent" (append . "logging-operator.fluentbitagent.tpl") -}}
+{{- end -}}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/_generic_logging.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/_generic_logging.yaml
new file mode 100644
index 0000000000..ee39ef9682
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/_generic_logging.yaml
@@ -0,0 +1,75 @@
+{{- define "logging-operator.logging.tpl" -}}
+apiVersion: logging.banzaicloud.io/v1beta1
+kind: Logging
+metadata:
+  namespace: {{ .Release.Namespace }}
+  labels:
+{{ include "logging-operator.labels" . | indent 4 }}
+spec:
+  controlNamespace: {{ .Release.Namespace }}
+  fluentd:
+    {{- with .Values.fluentd.logLevel }}
+    logLevel: {{ . }}
+    {{- end }}
+    image:
+      repository: {{ template "system_default_registry" . }}{{ .Values.images.fluentd.repository }}
+      tag: {{ .Values.images.fluentd.tag }}
+    configReloaderImage:
+      repository: {{ template "system_default_registry" . }}{{ .Values.images.config_reloader.repository }}
+      tag: {{ .Values.images.config_reloader.tag }}
+    {{- with .Values.fluentd.bufferStorageVolume }}
+    bufferStorageVolume: {{- toYaml . | nindent 6 }}
+    {{- end }}
+    disablePvc: {{ .Values.disablePvc }}
+    {{- if .Values.fluentd.replicas }}
+    scaling:
+      replicas: {{ .Values.fluentd.replicas }}
+    {{- end }}
+    security:
+      podSecurityContext:
+    {{- if .Values.global.cattle.psp.enabled }}
+      podSecurityPolicyCreate: true
+      roleBasedAccessControlCreate: true
+    {{- end }}
+    {{- with .Values.fluentd.env }}
+    envVars: {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with (default .Values.tolerations .Values.fluentd.tolerations) }}
+    tolerations: {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with (default .Values.nodeSelector .Values.fluentd.nodeSelector) }}
+    nodeSelector: {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.fluentd.resources }}
+    resources: {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.fluentd.livenessProbe }}
+    livenessProbe: {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.fluentd.metrics }}
+    metrics: {{- toYaml . | nindent 6 }}
+    {{- end }}
+{{- end -}}
+
+{{- define "logging-operator.util.merge.logging" -}}
+{{/* Top context to expose fields like `.Release` and `.Values` */}}
+{{- $top := first . -}}
+
+{{/* tpl is the template specific to the logging implementation */}}
+{{- $tpl := fromYaml (include (index . 1) $top) | default (dict ) -}}
+
+{{/* Generic is the shared rancher logging setttings from `_generic_logging.yaml` */}}
+{{- $generic := fromYaml (include (index . 2) $top) | default (dict ) -}}
+
+{{/* values are from the values.yaml */}}
+{{- $values := $top.Values.loggingOverlay | default (dict ) -}}
+
+####### {{$generic}}
+
+{{/* the sources are merge right to left meaning tpl is the highest prcedence and values is the lowest */}}
+{{- toYaml (merge $tpl $values $generic) -}}
+{{- end -}}
+
+{{- define "logging-operator.logging" -}}
+{{- include "logging-operator.util.merge.logging" (append . "logging-operator.logging.tpl") -}}
+{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/_helpers.tpl b/charts/rancher-logging/104.2.0+up4.8.0/templates/_helpers.tpl
new file mode 100644
index 0000000000..98ffa95685
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/_helpers.tpl
@@ -0,0 +1,231 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "logging-operator.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "logging-operator.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Expand the name of the release.
+*/}}
+{{- define "logging-operator.releasename" -}}
+{{- default .Release.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Provides the namespace the chart will be installed in using the builtin .Release.Namespace,
+or, if provided, a manually overwritten namespace value.
+*/}}
+{{- define "logging-operator.namespace" -}}
+{{- if .Values.namespaceOverride -}}
+{{ .Values.namespaceOverride -}}
+{{- else -}}
+{{ .Release.Namespace }}
+{{- end -}}
+{{- end -}}
+
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "logging-operator.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "logging-operator.labels" -}}
+app.kubernetes.io/name: {{ include "logging-operator.name" . }}
+helm.sh/chart: {{ include "logging-operator.chart" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "windowsEnabled" }}
+{{- if not (kindIs "invalid" .Values.global.cattle.windows) }}
+{{- if not (kindIs "invalid" .Values.global.cattle.windows.enabled) }}
+{{- if .Values.global.cattle.windows.enabled }}
+true
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{- define "windowsPathPrefix" -}}
+{{- trimSuffix "/" (default "c:\\" .Values.global.cattle.rkeWindowsPathPrefix | replace "\\" "/" | replace "//" "/" | replace "c:" "C:") -}}
+{{- end -}}
+
+{{- define "windowsKubernetesFilter" -}}
+{{- printf "kubernetes.%s" ((include "windowsPathPrefix" .) | replace ":" "" | replace "/" ".") -}}
+{{- end -}}
+
+{{- define "windowsInputTailMount" -}}
+{{- (include "windowsPathPrefix" .) | replace "C:" "" -}}
+{{- end -}}
+
+{{/*
+Set the controlplane selector based on kubernetes distribution
+*/}}
+{{- define "controlplaneSelector" -}}
+{{- $master := or .Values.additionalLoggingSources.rke2.enabled .Values.additionalLoggingSources.k3s.enabled -}}
+{{- $defaultSelector := $master | ternary (dict "node-role.kubernetes.io/master" "true") (dict "node-role.kubernetes.io/controlplane" "true") -}}
+{{ default $defaultSelector .Values.additionalLoggingSources.kubeAudit.nodeSelector | toYaml }}
+{{- end -}}
+
+{{/*
+Set kube-audit file path prefix based on distribution
+*/}}
+{{- define "kubeAuditPathPrefix" -}}
+{{- if .Values.additionalLoggingSources.rke.enabled -}}
+{{ default "/var/log/kube-audit" .Values.additionalLoggingSources.kubeAudit.pathPrefix }}
+{{- else if .Values.additionalLoggingSources.rke2.enabled -}}
+{{ default "/var/lib/rancher/rke2/server/logs" .Values.additionalLoggingSources.kubeAudit.pathPrefix }}
+{{- else -}}
+{{ required "Directory PathPrefix of the kube-audit location is required" .Values.additionalLoggingSources.kubeAudit.pathPrefix }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Set kube-audit file name based on distribution
+*/}}
+{{- define "kubeAuditFilename" -}}
+{{- if .Values.additionalLoggingSources.rke.enabled -}}
+{{ default "audit-log.json" .Values.additionalLoggingSources.kubeAudit.auditFilename }}
+{{- else if .Values.additionalLoggingSources.rke2.enabled -}}
+{{ default "audit.log" .Values.additionalLoggingSources.kubeAudit.auditFilename }}
+{{- else -}}
+{{ required "Filename of the kube-audit log is required" .Values.additionalLoggingSources.kubeAudit.auditFilename }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+A shared list of custom parsers for the vairous fluentbit pods rancher creates
+*/}}
+{{- define "logging-operator.parsers" -}}
+[PARSER]
+    Name              klog
+    Format            regex
+    Regex             ^(?<level>[IWEF])(?<timestamp>\d{4} \d{2}:\d{2}:\d{2}).\d{6} +?(?<thread_id>\d+) (?<filename>.+):(?<linenumber>\d+)] (?<message>.+)
+    Time_Key          timestamp
+    Time_Format       %m%d %T
+
+[PARSER]
+    Name              rancher
+    Format            regex
+    Regex             ^time="(?<timestamp>.+)" level=(?<level>.+) msg="(?<msg>.+)"$
+    Time_Key          timestamp
+    Time_Format       %FT%H:%M:%S
+[PARSER]
+    Name              etcd
+    Format            json
+    Time_Key          timestamp
+    Time_Format       %FT%H:%M:%S.%L
+{{- end -}}
+
+{{/*
+Set kubernetes log options if they are configured
+*/}}
+{{- define "requireFilterKubernetes" -}}
+{{- if or .Values.fluentbit.filterKubernetes.Merge_Log .Values.fluentbit.filterKubernetes.Merge_Log_Key .Values.fluentbit.filterKubernetes.Merge_Trim .Values.fluentbit.filterKubernetes.Merge_Parser -}}
+true
+{{- end -}}
+{{- end -}}
+
+{{/*Fluent Bit Image Repository */}}
+{{- define "logging-operator.fluentbitImageRepository" -}}
+{{- if .Values.debug -}}
+{{ template "system_default_registry" . }}{{ .Values.images.fluentbit_debug.repository }}
+{{- else -}}
+{{ template "system_default_registry" . }}{{ .Values.images.fluentbit.repository }}
+{{- end -}}
+{{- end -}}
+
+{{/*Fluent Bit Image Tag */}}
+{{- define "logging-operator.fluentbitImageTag" -}}
+{{- if .Values.debug -}}
+{{ .Values.images.fluentbit_debug.tag }}
+{{- else -}}
+{{ .Values.images.fluentbit.tag }}
+{{- end -}}
+{{- end -}}
+
+{{/*Fluent Bit Image */}}
+{{- define "logging-operator.fluentbitImage" -}}
+{{ template "logging-operator.fluentbitImageRepository" . }}:{{ template "logging-operator.fluentbitImageTag" . }}
+{{- end -}}
+
+{{/*
+Formats the cluster domain as a suffix, e.g.:
+.Values.clusterDomain == "", returns ""
+.Values.clusterDomain == "cluster.local.", returns ".cluster.local."
+*/}}
+{{- define "logging-operator.clusterDomainAsSuffix" -}}
+{{- if .Values.clusterDomain -}}
+{{- printf ".%s" .Values.clusterDomain -}}
+{{- end -}}
+{{- end -}}
+
+{{/* Implements logic to add the loggingRef field to custom loggings based on the cluster type */}}
+{{- define "logging-operator.individualLoggingRef" -}}
+{{- with .loggingRef -}}
+loggingRef: {{ . }}
+{{- end -}}
+{{- end -}}
+
+{{/* Implements logic to add fluentd spec fields to custom loggings based on the cluster type */}}
+{{- define "logging-operator.individualFluentd" -}}
+{{- if .fluentd -}}
+{{- if .fluentd.scaling -}}
+scaling: 
+    replicas: {{ .fluentd.scaling.replicas }}
+{{- end }}
+{{- with .fluentd.resources }}
+resources: {{ toYaml . | nindent 2 }}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/* Implements logic to add fluentbit loggingRef field to custom loggings based on the cluster type */}}
+{{- define "logging-operator.individualFluentbitLoggingRef" -}}
+{{- with .loggingRef -}}
+loggingRef: {{ . }}
+{{- end -}}
+{{- end -}}
+
+{{/* Implements logic to add fluentbit spec fields to custom fluentBitAgents based on the cluster type */}}
+{{- define "logging-operator.individualFluentbit" -}}
+{{- with .resources }}
+resources: {{ toYaml . | nindent 2 }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/clusterrole.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/clusterrole.yaml
new file mode 100644
index 0000000000..1e2652a7ec
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/clusterrole.yaml
@@ -0,0 +1,388 @@
+{{- if .Values.rbac.enabled }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "logging-operator.fullname" . }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - secrets
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - endpoints
+  - namespaces
+  - nodes
+  - nodes/proxy
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - create
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - persistentvolumeclaims
+  - pods
+  - serviceaccounts
+  - services
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - serviceaccounts
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  - events.k8s.io
+  resources:
+  - events
+  verbs:
+  - create
+  - get
+  - list
+  - watch
+- apiGroups:
+  - apps
+  resources:
+  - daemonsets
+  - replicasets
+  - statefulsets
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - apps
+  - extensions
+  resources:
+  - daemonsets
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - apps
+  - extensions
+  resources:
+  - deployments
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - apps
+  - extensions
+  resources:
+  - statefulsets
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - batch
+  resources:
+  - jobs
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - coordination.k8s.io
+  resources:
+  - leases
+  verbs:
+  - '*'
+- apiGroups:
+  - events.k8s.io
+  resources:
+  - events
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - extensions
+  - networking.k8s.io
+  resources:
+  - ingresses
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - extensions
+  - policy
+  resources:
+  - podsecuritypolicies
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - use
+  - watch
+- apiGroups:
+  - logging-extensions.banzaicloud.io
+  resources:
+  - eventtailers
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - logging-extensions.banzaicloud.io
+  resources:
+  - eventtailers/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - logging-extensions.banzaicloud.io
+  resources:
+  - hosttailers
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - logging-extensions.banzaicloud.io
+  resources:
+  - hosttailers/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - logging.banzaicloud.io
+  resources:
+  - clusterflows
+  - clusteroutputs
+  - flows
+  - fluentbitagents
+  - fluentdconfigs
+  - loggings
+  - nodeagents
+  - outputs
+  - syslogngconfigs
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - logging.banzaicloud.io
+  resources:
+  - clusterflows/status
+  - clusteroutputs/status
+  - flows/status
+  - fluentbitagents/status
+  - fluentdconfigs/status
+  - loggings/status
+  - nodeagents/status
+  - outputs/status
+  - syslogngconfigs/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - logging.banzaicloud.io
+  resources:
+  - loggingroutes
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - logging.banzaicloud.io
+  resources:
+  - loggingroutes/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - logging.banzaicloud.io
+  resources:
+  - loggings/finalizers
+  verbs:
+  - update
+- apiGroups:
+  - logging.banzaicloud.io
+  resources:
+  - syslogngclusterflows
+  - syslogngclusteroutputs
+  - syslogngflows
+  - syslogngoutputs
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - logging.banzaicloud.io
+  resources:
+  - syslogngclusterflows/status
+  - syslogngclusteroutputs/status
+  - syslogngflows/status
+  - syslogngoutputs/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - prometheusrules
+  - servicemonitors
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - policy
+  resources:
+  - poddisruptionbudgets
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - clusterrolebindings
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - clusterrolebindings
+  - clusterroles
+  - rolebindings
+  - roles
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - clusterroles
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/clusterrolebinding.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000000..89d17d094f
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/clusterrolebinding.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.rbac.enabled }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "logging-operator.fullname" . }}
+  labels:
+{{ include "logging-operator.labels" . | indent 4 }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "logging-operator.fullname" . }}
+    namespace: {{ include "logging-operator.namespace" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "logging-operator.fullname" . }}
+
+  {{- end }}
\ No newline at end of file
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/crds.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/crds.yaml
new file mode 100644
index 0000000000..f573652d04
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/crds.yaml
@@ -0,0 +1,6 @@
+{{- if .Values.createCustomResource -}}
+{{- range $path, $bytes := .Files.Glob "crds/*.yaml" }}
+{{ $.Files.Get $path }}
+---
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/deployment.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/deployment.yaml
new file mode 100644
index 0000000000..0cdf494e97
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/deployment.yaml
@@ -0,0 +1,79 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "logging-operator.fullname" . }}
+  namespace: {{ include "logging-operator.namespace" . }}
+  labels:
+{{ include "logging-operator.labels" . | indent 4 }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "logging-operator.name" . }}
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "logging-operator.name" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+      {{- with .Values.podLabels }}
+          {{ toYaml . | nindent 8 }}
+      {{- end }}
+    {{- with .Values.annotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+    {{-  end }}
+    spec:
+    {{- if .Values.priorityClassName }}
+      priorityClassName: {{ .Values.priorityClassName }}
+    {{- end }}
+    {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+      containers:
+        - name: {{ .Chart.Name }}
+          image: "{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          args:
+          {{- range .Values.extraArgs }}
+            - {{ . }}
+          {{- end }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.http.port }}
+        {{- with .Values.env }}
+          env: {{ toYaml . | nindent 12 }}
+        {{- end }}
+        {{- if .Values.securityContext }}
+          securityContext: {{ toYaml .Values.securityContext | nindent 12 }}
+        {{- end }}
+        {{- with .Values.volumeMounts }} 
+          volumeMounts: {{ toYaml . | nindent 12 }}
+        {{- end }}
+    {{- with .Values.volumes }} 
+      volumes: {{ toYaml . | nindent 8 }}
+    {{- end }}
+    {{- if .Values.podSecurityContext }}
+      securityContext: {{ toYaml .Values.podSecurityContext | nindent 8 }}
+    {{- end }}
+
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+    {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+    {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+    {{- if .Values.rbac.serviceAccountName }}
+      serviceAccountName: {{ .Values.rbac.serviceAccountName }}
+    {{- else if .Values.rbac.enabled }}
+      serviceAccountName: {{ include "logging-operator.fullname" . }}
+    {{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/extra-manifests.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/extra-manifests.yaml
new file mode 100644
index 0000000000..567f7bf329
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/extra-manifests.yaml
@@ -0,0 +1,4 @@
+{{ range .Values.extraManifests }}
+---
+{{ tpl (toYaml .) $ }}
+{{ end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/clusterflows.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/clusterflows.yaml
new file mode 100644
index 0000000000..3a1a46bee5
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/clusterflows.yaml
@@ -0,0 +1,14 @@
+{{ if .Values.logging.enabled -}}
+{{- range $clusterflow := .Values.logging.clusterFlows }}
+---
+apiVersion: logging.banzaicloud.io/v1beta1
+kind: ClusterFlow
+metadata:
+  name: {{ $clusterflow.name }}
+  namespace: {{ $.Values.logging.controlNamespace | default $.Release.Namespace }}
+  labels:
+{{ include "logging-operator.labels" $ | indent 4 }}
+spec:
+{{ toYaml $clusterflow.spec | indent 2 }}
+{{- end -}}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/clusteroutputs.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/clusteroutputs.yaml
new file mode 100644
index 0000000000..60d9f30ae7
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/clusteroutputs.yaml
@@ -0,0 +1,14 @@
+{{ if .Values.logging.enabled -}}
+{{- range $clusteroutput := .Values.logging.clusterOutputs }}
+---
+apiVersion: logging.banzaicloud.io/v1beta1
+kind: ClusterOutput
+metadata:
+  name: {{ $clusteroutput.name }}
+  namespace: {{ $.Values.logging.controlNamespace | default $.Release.Namespace }}
+  labels:
+{{ include "logging-operator.labels" $ | indent 4 }}
+spec:
+{{ toYaml $clusteroutput.spec | indent 2 }}
+{{- end -}}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/eventtailer.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/eventtailer.yaml
new file mode 100644
index 0000000000..830cf9b15d
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/eventtailer.yaml
@@ -0,0 +1,41 @@
+{{- with $.Values.logging.eventTailer }}
+{{- if and $.Values.logging.enabled .enabled }}
+apiVersion: logging-extensions.banzaicloud.io/v1alpha1
+kind: EventTailer
+metadata:
+  name: {{ .name }}
+spec:
+  controlNamespace: {{ $.Values.logging.controlNamespace | default $.Release.Namespace }}
+  {{- with .image }}
+  image:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .pvc }}
+  {{- if .enabled }}
+  positionVolume:
+    pvc:
+      spec:
+        accessModes: {{ .accessModes }}
+        resources:
+          requests:
+            storage: {{ .storage }}
+        volumeMode: {{ .volumeMode }}
+        {{- with .storageClassName }}
+        storageClassName: {{ . }}
+        {{- end }}
+  {{- end }}{{/* end if enabled */}}
+  {{- end }}{{/* end with pvc */}}
+  {{- with .workloadMetaOverrides }}
+  workloadMetaOverrides:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .workloadOverrides }}
+  workloadOverrides:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .containerOverrides }}
+  containerOverrides:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}{{/* end if enabled */}}
+{{- end }}{{/* end with event-tailer */}}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/fluentbit.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/fluentbit.yaml
new file mode 100644
index 0000000000..ad9bdcb319
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/fluentbit.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.logging.enabled (not .Values.logging.fluentbitDisabled) -}}
+{{- $fluentbitSpec := .Values.logging.fluentbit }}
+{{- if .Values.logging.loggingRef }}
+  {{- $fluentbitSpec := set .Values.logging.fluentbit "loggingRef" (default .Values.logging.loggingRef .Values.logging.fluentbit.loggingRef) -}}
+{{- end }}
+
+apiVersion: logging.banzaicloud.io/v1beta1
+kind: FluentbitAgent
+metadata:
+  name: {{ include "logging-operator.releasename" . }}
+  labels: {{ include "logging-operator.labels" . | nindent 4 }}
+{{- if $fluentbitSpec }}
+spec: {{- toYaml $fluentbitSpec | nindent 2 }}
+{{- else }}
+spec: {}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/hosttailer.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/hosttailer.yaml
new file mode 100644
index 0000000000..a14d7c10b7
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/hosttailer.yaml
@@ -0,0 +1,31 @@
+{{- with .Values.logging.hostTailer }}
+{{- if and $.Values.logging.enabled .enabled }}
+---
+apiVersion: logging-extensions.banzaicloud.io/v1alpha1
+kind: HostTailer
+metadata:
+  name: {{ .name }}
+spec:
+  {{- with .fileTailers }}
+  fileTailers:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .systemdTailers }}
+  systemdTailers:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  enableRecreateWorkloadOnImmutableFieldChange: {{ $.Values.logging.enableRecreateWorkloadOnImmutableFieldChange }}
+  {{- with .workloadMetaOverrides }}
+  workloadMetaOverrides:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .workloadOverrides }}
+  workloadOverrides:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .image }}
+  image:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/logging.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/logging.yaml
new file mode 100644
index 0000000000..0adf992bfc
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/logging/logging.yaml
@@ -0,0 +1,60 @@
+{{ if .Values.logging.enabled -}}
+apiVersion: logging.banzaicloud.io/v1beta1
+kind: Logging
+metadata:
+  name: {{ include "logging-operator.releasename" . }}
+  labels:
+{{ include "logging-operator.labels" . | indent 4 }}
+spec:
+  {{- with .Values.logging.loggingRef }}
+  loggingRef: {{ . }}
+  {{- end }}
+  {{- with .Values.logging.flowConfigCheckDisabled }}
+  flowConfigCheckDisabled: {{ . }}
+  {{- end }}
+  {{- with .Values.logging.skipInvalidResources }}
+  skipInvalidResources: {{ . }}
+  {{- end }}
+  {{- with .Values.logging.flowConfigOverride }}
+  flowConfigOverride: {{ . }}
+  {{- end }}
+  {{- if (not .Values.logging.fluentdDisabled) }}
+  {{- if .Values.logging.fluentd }}
+  fluentd: {{- toYaml .Values.logging.fluentd | nindent 4 }}
+  {{- else }}
+  fluentd: {}
+  {{- end }}
+  {{- end }}
+  {{- with .Values.logging.syslogNG }}
+  syslogNG: {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.logging.defaultFlow }}
+  defaultFlow: {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.logging.errorOutputRef }}
+  errorOutputRef: {{ . }}
+  {{- end }}
+  {{- with .Values.logging.globalFilters }}
+  globalFilters: {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.logging.watchNamespaces }}
+  watchNamespaces: {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.logging.watchNamespaceSelector }}
+  watchNamespaceSelector: {{- toYaml . | nindent 4 }}
+  {{- end }}
+  clusterDomain: {{ .Values.logging.clusterDomain }}
+  controlNamespace: {{ .Values.logging.controlNamespace | default .Release.Namespace }}
+  {{- with .Values.logging.allowClusterResourcesFromAllNamespaces }}
+  allowClusterResourcesFromAllNamespaces: {{ . }}
+  {{- end }}
+  {{- with .Values.logging.nodeAgents }}
+  nodeAgents: {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.logging.enableRecreateWorkloadOnImmutableFieldChange }}
+  enableRecreateWorkloadOnImmutableFieldChange: {{ . }}
+  {{- end }}
+  {{- with .Values.logging.configCheck }}
+  configCheck: {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/aks/fluentbitagent.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/aks/fluentbitagent.yaml
new file mode 100644
index 0000000000..8f06a2ed4e
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/aks/fluentbitagent.yaml
@@ -0,0 +1,20 @@
+{{- define "logging-operator.fluentbitagent.aks" -}}
+{{- $logPath := "/var/log/azure/kubelet-status.log" -}}
+{{- $individualValues := .Values.additionalLoggingSources.aks.fluentbit -}}
+metadata:
+  name: {{ .Release.Name }}-aks
+spec:
+  disableKubernetesFilter: true
+  extraVolumeMounts:
+    - source: {{ $logPath }}
+      destination: {{ $logPath }}
+      readOnly: true
+  inputTail:
+    Tag: "aks"
+    Path: {{ $logPath }}
+{{- include "logging-operator.individualFluentbitLoggingRef" $individualValues | nindent 2 }}
+{{- include "logging-operator.individualFluentbit" $individualValues | nindent 2 }}
+{{- end -}}
+{{- if .Values.additionalLoggingSources.aks.enabled }}
+{{- include "logging-operator.fluentbitagent" (list . "logging-operator.fluentbitagent.aks") -}}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/aks/logging.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/aks/logging.yaml
new file mode 100644
index 0000000000..abed474351
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/aks/logging.yaml
@@ -0,0 +1,12 @@
+{{- define "logging-operator.logging.aks" -}}
+{{- $individualValues := .Values.additionalLoggingSources.aks -}}
+metadata:
+  name: {{ .Release.Name }}-aks
+spec:
+  {{- include "logging-operator.individualLoggingRef" $individualValues | nindent 2 }}
+  fluentd:
+  {{- include "logging-operator.individualFluentd" $individualValues | nindent 4 }}
+{{- end -}}
+{{- if .Values.additionalLoggingSources.aks.enabled }}
+{{- include "logging-operator.logging" (list . "logging-operator.logging.aks") -}}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/eks/fluentbitagent.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/eks/fluentbitagent.yaml
new file mode 100644
index 0000000000..cf0ca31336
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/eks/fluentbitagent.yaml
@@ -0,0 +1,21 @@
+{{- define "logging-operator.fluentbitagent.eks" -}}
+{{- $logPath := "/var/log/messages" -}}
+{{- $individualValues := .Values.additionalLoggingSources.eks.fluentbit -}}
+metadata:
+  name: {{ .Release.Name }}-eks
+spec:
+  {{- include "logging-operator.individualFluentbitLoggingRef" $individualValues | nindent 2 }}
+  disableKubernetesFilter: true
+  extraVolumeMounts:
+    - source: {{ $logPath }}
+      destination: {{ $logPath }}
+      readOnly: true
+  inputTail:
+    Tag: "eks"
+    Path: {{ $logPath }}
+    Parser: "syslog"
+  {{- include "logging-operator.individualFluentbit" $individualValues | nindent 2 }}
+{{- end -}}
+{{- if .Values.additionalLoggingSources.eks.enabled }}
+{{- include "logging-operator.fluentbitagent" (list . "logging-operator.fluentbitagent.eks") -}}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/eks/logging.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/eks/logging.yaml
new file mode 100644
index 0000000000..830d8ec390
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/eks/logging.yaml
@@ -0,0 +1,20 @@
+{{- define "logging-operator.logging.eks" -}}
+{{- $individualValues := .Values.additionalLoggingSources.eks -}}
+metadata:
+  name: {{ .Release.Name }}-eks
+spec:
+  {{- include "logging-operator.individualLoggingRef" $individualValues | nindent 2 }}
+  fluentd:
+    {{- include "logging-operator.individualFluentd" $individualValues | nindent 4 }}
+    {{- if .Values.loggingServiceAccountAnnotations.eks -}}
+    serviceAccount:
+      metadata:
+        annotations:
+        {{- with .Values.loggingServiceAccountAnnotations.eks }}
+        {{ toYaml . | indent 8 }}
+        {{- end }}
+    {{- end }}
+{{- end -}}
+{{- if .Values.additionalLoggingSources.eks.enabled }}
+{{- include "logging-operator.logging" (list . "logging-operator.logging.eks") -}}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/gke/fluentbitagent.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/gke/fluentbitagent.yaml
new file mode 100644
index 0000000000..7541332404
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/gke/fluentbitagent.yaml
@@ -0,0 +1,20 @@
+{{- define "logging-operator.fluentbitagent.gke" -}}
+{{- $logPath := "/var/log/kube-proxy.log" -}}
+{{- $individualValues := .Values.additionalLoggingSources.gke.fluentbit -}}
+metadata:
+  name: {{ .Release.Name }}-gke
+spec:
+  {{- include "logging-operator.individualFluentbitLoggingRef" $individualValues | nindent 2 }}
+  disableKubernetesFilter: true
+  extraVolumeMounts:
+    - source: {{ $logPath }}
+      destination: {{ $logPath }}
+      readOnly: true
+  inputTail:
+    Tag: "gke"
+    Path: {{ $logPath }}
+  {{- include "logging-operator.individualFluentbit" $individualValues | nindent 2 }}
+{{- end -}}
+{{- if .Values.additionalLoggingSources.gke.enabled }}
+{{- include "logging-operator.fluentbitagent" (list . "logging-operator.fluentbitagent.gke") -}}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/gke/logging.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/gke/logging.yaml
new file mode 100644
index 0000000000..80ed58e280
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/gke/logging.yaml
@@ -0,0 +1,12 @@
+{{- define "logging-operator.logging.gke" -}}
+{{- $individualValues := .Values.additionalLoggingSources.gke -}}
+metadata:
+  name: {{ .Release.Name }}-gke
+spec:
+  {{- include "logging-operator.individualLoggingRef" $individualValues | nindent 2 }}
+  fluentd:
+    {{- include "logging-operator.individualFluentd" $individualValues | nindent 4 }}
+{{- end -}}
+{{- if .Values.additionalLoggingSources.gke.enabled }}
+{{- include "logging-operator.logging" (list . "logging-operator.logging.gke") -}}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/k3s/configmap.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/k3s/configmap.yaml
new file mode 100644
index 0000000000..aa454c8adf
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/k3s/configmap.yaml
@@ -0,0 +1,57 @@
+{{- if and .Values.additionalLoggingSources.k3s.enabled (eq .Values.additionalLoggingSources.k3s.container_engine "systemd") }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Release.Name }}-k3s
+  labels:
+{{ include "logging-operator.labels" . | indent 4 }}
+data:
+  fluent-bit.conf: |
+    [SERVICE]
+        Flush             1
+        Grace             5
+        Daemon            Off
+        Log_Level         info
+        Coro_Stack_Size   24576
+        Parsers_File      parsers.conf
+
+    [INPUT]
+        Name              systemd
+        Tag               k3s
+        Path              {{ .Values.systemdLogPath }}
+        Systemd_Filter    _SYSTEMD_UNIT=k3s.service
+        {{- if .Values.additionalLoggingSources.k3s.stripUnderscores }}
+        Strip_Underscores On
+        {{- end }}
+        Systemd_Filter    _SYSTEMD_UNIT=k3s-agent.service
+
+    [FILTER]
+        Name              parser
+        Match             *
+        Key_Name          MESSAGE
+        Parser            klog
+        Reserve_Data      On
+
+    [FILTER]
+        Name              parser
+        Match             *
+        Key_Name          MESSAGE
+        Parser            rancher
+        Reserve_Data      On
+
+    [FILTER]
+        Name              parser
+        Match             *
+        Key_Name          MESSAGE
+        Parser            etcd
+        Reserve_Data      On
+
+    [OUTPUT]
+        Name              forward
+        Match             *
+        Host              {{ .Release.Name }}-root-fluentd.{{ .Release.Namespace }}.svc
+        Port              24240
+        Retry_Limit       False
+  parsers.conf: |
+{{ include "logging-operator.parsers" . | indent 4 }}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/k3s/daemonset.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/k3s/daemonset.yaml
new file mode 100644
index 0000000000..4700873fe7
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/k3s/daemonset.yaml
@@ -0,0 +1,112 @@
+{{- if and .Values.additionalLoggingSources.k3s.enabled (eq .Values.additionalLoggingSources.k3s.container_engine "systemd") }}
+{{- $individualValues := .Values.additionalLoggingSources.k3s.fluentbit -}}
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: "{{ .Release.Name }}-k3s-journald-aggregator"
+  namespace: "{{ .Release.Namespace }}"
+spec:
+  selector:
+    matchLabels:
+      name: {{ .Release.Name }}-k3s-journald-aggregator
+  template:
+    metadata:
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/loggings/k3s/configmap.yaml") . | sha256sum }}
+      name: "{{ .Release.Name }}-k3s-journald-aggregator"
+      namespace: "{{ .Release.Namespace }}"
+      labels:
+        name: {{ .Release.Name }}-k3s-journald-aggregator
+    spec:
+      containers:
+        - name: fluentbit
+          image: "{{ template "logging-operator.fluentbitImage" . }}"
+          {{- include "logging-operator.individualFluentbit" $individualValues | nindent 10 }}
+          {{- if .Values.global.seLinux.enabled }}
+          securityContext:
+            seLinuxOptions:
+              type: rke_logreader_t
+          {{- end }}
+          volumeMounts:
+            - mountPath: /fluent-bit/etc/
+              name: config
+            - mountPath: {{ .Values.systemdLogPath | default "/var/log/journal" }}
+              name: journal
+              readOnly: true
+            - mountPath: /etc/machine-id
+              name: machine-id
+              readOnly: true
+      {{- with .Values.tolerations }}
+      tolerations: {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector: {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: "{{ .Release.Name }}-k3s-journald-aggregator"
+      volumes:
+        - name: config
+          configMap:
+            name: "{{ .Release.Name }}-k3s"
+        - name: journal
+          hostPath:
+            path: {{ .Values.systemdLogPath | default "/var/log/journal" }}
+        - name: machine-id
+          hostPath:
+            path: /etc/machine-id
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: "{{ .Release.Name }}-k3s-journald-aggregator"
+  namespace: "{{ .Release.Namespace }}"
+{{- if .Values.global.cattle.psp.enabled }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: "{{ .Release.Name }}-k3s-journald-aggregator"
+rules:
+  - apiGroups:
+    - policy
+    resourceNames:
+    - "{{ .Release.Name }}-k3s-journald-aggregator"
+    resources:
+    - podsecuritypolicies
+    verbs:
+    - use
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: "{{ .Release.Name }}-k3s-journald-aggregator"
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: "{{ .Release.Name }}-k3s-journald-aggregator"
+subjects:
+  - kind: ServiceAccount
+    name: "{{ .Release.Name }}-k3s-journald-aggregator"
+---
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: "{{ .Release.Name }}-k3s-journald-aggregator"
+  namespace: "{{ .Release.Namespace }}"
+spec:
+  allowPrivilegeEscalation: false
+  fsGroup:
+    rule: RunAsAny
+  readOnlyRootFilesystem: true
+  runAsUser:
+    rule: RunAsAny
+  seLinux:
+    rule: RunAsAny
+  supplementalGroups:
+    rule: RunAsAny
+  volumes:
+  - configMap
+  - emptyDir
+  - secret
+  - hostPath
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/k3s/fluentbitagent.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/k3s/fluentbitagent.yaml
new file mode 100644
index 0000000000..9bde882ad0
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/k3s/fluentbitagent.yaml
@@ -0,0 +1,21 @@
+{{- define "logging-operator.fluentbitagent.k3s-openrc" -}}
+{{- $logPath := "/var/log/k3s.log" -}}
+{{- $individualValues := .Values.additionalLoggingSources.k3s.fluentbit -}}
+metadata:
+  name: {{ .Release.Name }}-k3s
+spec:
+  {{- include "logging-operator.individualFluentbitLoggingRef" $individualValues | nindent 2 }}
+  disableKubernetesFilter: true
+  extraVolumeMounts:
+    - source: {{ $logPath }}
+      destination: {{ $logPath }}
+      readOnly: true
+  inputTail:
+    Tag: "k3s"
+    Path: {{ $logPath }}
+    Path_Key: filename
+  {{- include "logging-operator.individualFluentbit" $individualValues | nindent 2 }}
+{{- end -}}
+{{- if and .Values.additionalLoggingSources.k3s.enabled (eq .Values.additionalLoggingSources.k3s.container_engine "openrc")}}
+{{- include "logging-operator.fluentbitagent" (list . "logging-operator.fluentbitagent.k3s-openrc") -}}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/k3s/logging-k3s-openrc.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/k3s/logging-k3s-openrc.yaml
new file mode 100644
index 0000000000..6d91c33471
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/k3s/logging-k3s-openrc.yaml
@@ -0,0 +1,12 @@
+{{- define "logging-operator.logging.k3s-openrc" -}}
+{{- $individualValues := .Values.additionalLoggingSources.k3s -}}
+metadata:
+  name: {{ .Release.Name }}-k3s
+  spec:
+  {{- include "logging-operator.individualLoggingRef" $individualValues | nindent 2 }}
+  fluentd:
+    {{- include "logging-operator.individualFluentd" $individualValues | nindent 4 }}
+{{- end -}}
+{{- if and .Values.additionalLoggingSources.k3s.enabled (eq .Values.additionalLoggingSources.k3s.container_engine "openrc")}}
+{{- include "logging-operator.logging" (list . "logging-operator.logging.k3s-openrc") -}}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/kube-audit/fluentbitagent.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/kube-audit/fluentbitagent.yaml
new file mode 100644
index 0000000000..c0e17a71b5
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/kube-audit/fluentbitagent.yaml
@@ -0,0 +1,24 @@
+{{- define "logging-operator.fluentbitagent.kube-audit" -}}
+{{- $individualValues := .Values.additionalLoggingSources.kubeAudit.fluentbit -}}
+metadata:
+  name: {{ .Release.Name }}-kube-audit
+spec:
+  {{- include "logging-operator.individualFluentbitLoggingRef" $individualValues | nindent 2 }}
+  disableKubernetesFilter: true
+  extraVolumeMounts:
+    - source: {{ template "kubeAuditPathPrefix" . }}
+      destination: "/kube-audit-logs"
+      readOnly: true
+  inputTail:
+    Tag: {{ .Values.additionalLoggingSources.kubeAudit.fluentbit.logTag }}
+    Path: /kube-audit-logs/{{ template "kubeAuditFilename" . }}
+    Parser: json
+  {{- with (concat (.Values.tolerations) (.Values.fluentbit.tolerations) (.Values.additionalLoggingSources.kubeAudit.fluentbit.tolerations)) }}
+  tolerations: {{- toYaml . | nindent 6 }}
+  {{- end }}
+  nodeSelector: {{ include "controlplaneSelector" . | nindent 6 }}
+  {{- include "logging-operator.individualFluentbit" $individualValues | nindent 2 }}
+{{- end -}}
+{{- if .Values.additionalLoggingSources.kubeAudit.enabled }}
+{{- include "logging-operator.fluentbitagent" (list . "logging-operator.fluentbitagent.kube-audit") -}}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/kube-audit/logging.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/kube-audit/logging.yaml
new file mode 100644
index 0000000000..b2e5fc24c2
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/kube-audit/logging.yaml
@@ -0,0 +1,15 @@
+{{- define "logging-operator.logging.kube-audit" -}}
+{{- $individualValues := .Values.additionalLoggingSources.kubeAudit -}}
+metadata:
+  name: {{ .Release.Name }}-kube-audit
+spec:
+  {{- include "logging-operator.individualLoggingRef" $individualValues | nindent 2 }}
+  {{- if .Values.additionalLoggingSources.kubeAudit.loggingRef }}
+  loggingRef: {{ .Values.additionalLoggingSources.kubeAudit.loggingRef }}
+  {{- end }}
+  fluentd:
+  {{- include "logging-operator.individualFluentd" $individualValues | nindent 4 }}
+{{- end -}}
+{{- if .Values.additionalLoggingSources.kubeAudit.enabled }}
+{{- include "logging-operator.logging" (list . "logging-operator.logging.kube-audit") -}}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/rke/configmap.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/rke/configmap.yaml
new file mode 100644
index 0000000000..252572a4ef
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/rke/configmap.yaml
@@ -0,0 +1,29 @@
+{{- if .Values.additionalLoggingSources.rke.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Release.Name }}-rke
+  labels:
+{{ include "logging-operator.labels" . | indent 4 }}
+data:
+  fluent-bit.conf: |
+    [SERVICE]
+        Log_Level         {{ .Values.additionalLoggingSources.rke.fluentbit.log_level }}
+        Parsers_File      parsers.conf
+
+    [INPUT]
+        Tag               rke
+        Name              tail
+        Path_Key          filename
+        Parser            docker
+        DB                /tail-db/tail-containers-state.db
+        Mem_Buf_Limit     {{ .Values.additionalLoggingSources.rke.fluentbit.mem_buffer_limit }}
+        Path              /var/lib/rancher/rke/log/*.log
+
+    [OUTPUT]
+        Name              forward
+        Match             *
+        Host              {{ .Release.Name }}-root-fluentd.{{ .Release.Namespace }}.svc
+        Port              24240
+        Retry_Limit       False
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/rke/daemonset.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/rke/daemonset.yaml
new file mode 100644
index 0000000000..b050e8d17e
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/rke/daemonset.yaml
@@ -0,0 +1,124 @@
+{{- if .Values.additionalLoggingSources.rke.enabled }}
+{{- $containers := printf "%s/containers/" (default "/var/lib/docker" .Values.global.dockerRootDirectory) }}
+{{- $individualValues := .Values.additionalLoggingSources.rke.fluentbit -}}
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: "{{ .Release.Name }}-rke-aggregator"
+  namespace: "{{ .Release.Namespace }}"
+spec:
+  selector:
+    matchLabels:
+      name: {{ .Release.Name }}-rke-aggregator
+  template:
+    metadata:
+      name: "{{ .Release.Name }}-rke-aggregator"
+      namespace: "{{ .Release.Namespace }}"
+      labels:
+        name: {{ .Release.Name }}-rke-aggregator
+    spec:
+      containers:
+        - name: fluentbit
+          image: "{{ template "logging-operator.fluentbitImage" . }}"
+          {{- include "logging-operator.individualFluentbit" $individualValues | nindent 10 }}
+          volumeMounts:
+            - mountPath: /var/lib/rancher/rke/log/
+              name: indir
+            - mountPath: {{ $containers }}
+              name: containers
+            - mountPath: /tail-db
+              name: positiondb
+            - mountPath: /fluent-bit/etc/fluent-bit.conf
+              name: config
+              subPath: fluent-bit.conf
+          {{- if .Values.global.seLinux.enabled }}
+          securityContext:
+            seLinuxOptions:
+              type: rke_logreader_t
+          {{- end }}
+      volumes:
+        - name: indir
+          hostPath:
+            path: /var/lib/rancher/rke/log/
+            type: DirectoryOrCreate
+        - name: containers
+          hostPath:
+            path: {{ $containers }}
+            type: DirectoryOrCreate
+        - name: positiondb
+          emptyDir: {}
+        - name: config
+          configMap:
+            name: "{{ .Release.Name }}-rke"
+      serviceAccountName: "{{ .Release.Name }}-rke-aggregator"
+      {{- $total_tolerations := concat (.Values.tolerations) (.Values.fluentbit.tolerations) }}
+      {{- with $total_tolerations }}
+      tolerations: {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector: {{- toYaml . | nindent 8 }}
+      {{- end }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: "{{ .Release.Name }}-rke-aggregator"
+  namespace: "{{ .Release.Namespace }}"
+{{- if .Values.global.cattle.psp.enabled }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: "{{ .Release.Name }}-rke-aggregator"
+rules:
+  - apiGroups:
+    - policy
+    resourceNames:
+    - "{{ .Release.Name }}-rke-aggregator"
+    resources:
+    - podsecuritypolicies
+    verbs:
+    - use
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: "{{ .Release.Name }}-rke-aggregator"
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: "{{ .Release.Name }}-rke-aggregator"
+subjects:
+  - kind: ServiceAccount
+    name: "{{ .Release.Name }}-rke-aggregator"
+---
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: "{{ .Release.Name }}-rke-aggregator"
+  namespace: "{{ .Release.Namespace }}"
+spec:
+  allowPrivilegeEscalation: false
+  allowedHostPaths:
+  - pathPrefix: {{ $containers }}
+    readOnly: false
+  - pathPrefix: /var/lib/rancher/rke/log/
+    readOnly: false
+  - pathPrefix: /var/lib/rancher/logging/
+    readOnly: false
+  fsGroup:
+    rule: RunAsAny
+  readOnlyRootFilesystem: true
+  runAsUser:
+    rule: RunAsAny
+  seLinux:
+    rule: RunAsAny
+  supplementalGroups:
+    rule: RunAsAny
+  volumes:
+  - configMap
+  - emptyDir
+  - secret
+  - hostPath
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/rke2/configmap.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/rke2/configmap.yaml
new file mode 100644
index 0000000000..3ca20be226
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/rke2/configmap.yaml
@@ -0,0 +1,69 @@
+{{- if .Values.additionalLoggingSources.rke2.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Release.Name }}-rke2
+  labels:
+{{ include "logging-operator.labels" . | indent 4 }}
+data:
+  fluent-bit.conf: |
+    [SERVICE]
+        Flush             1
+        Grace             5
+        Daemon            Off
+        Log_Level         info
+        Coro_Stack_Size   24576
+        Parsers_File      parsers.conf
+
+    [INPUT]
+        Name              systemd
+        Tag               rke2
+        Path              {{ .Values.systemdLogPath }}
+        Systemd_Filter    _SYSTEMD_UNIT=rke2-server.service
+        Systemd_Filter    _SYSTEMD_UNIT=rke2-agent.service
+        {{- if .Values.additionalLoggingSources.rke2.stripUnderscores }}
+        Strip_Underscores On
+        {{- end }}
+
+    [INPUT]
+        Name              tail
+        Tag               rke2
+        Path              /var/lib/rancher/rke2/agent/logs/kubelet.log
+
+    [FILTER]
+        Name              parser
+        Match             *
+        Key_Name          log
+        Parser            klog
+        Reserve_Data      On
+
+    [FILTER]
+        Name              parser
+        Match             *
+        Key_Name          MESSAGE
+        Parser            klog
+        Reserve_Data      On
+
+    [FILTER]
+        Name              parser
+        Match             *
+        Key_Name          MESSAGE
+        Parser            rancher
+        Reserve_Data      On
+
+    [FILTER]
+        Name              parser
+        Match             *
+        Key_Name          MESSAGE
+        Parser            etcd
+        Reserve_Data      On
+
+    [OUTPUT]
+        Name              forward
+        Match             *
+        Host              {{ .Release.Name }}-root-fluentd.{{ .Release.Namespace }}.svc
+        Port              24240
+        Retry_Limit       False
+  parsers.conf: |
+{{ include "logging-operator.parsers" . | indent 4 }}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/rke2/daemonset.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/rke2/daemonset.yaml
new file mode 100644
index 0000000000..37f3b353a1
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/rke2/daemonset.yaml
@@ -0,0 +1,118 @@
+{{- if .Values.additionalLoggingSources.rke2.enabled }}
+{{- $individualValues := .Values.additionalLoggingSources.rke2.fluentbit -}}
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: "{{ .Release.Name }}-rke2-journald-aggregator"
+  namespace: "{{ .Release.Namespace }}"
+spec:
+  selector:
+    matchLabels:
+      name: {{ .Release.Name }}-rke2-journald-aggregator
+  template:
+    metadata:
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/loggings/rke2/configmap.yaml") . | sha256sum }}
+      name: "{{ .Release.Name }}-rke2-journald-aggregator"
+      namespace: "{{ .Release.Namespace }}"
+      labels:
+        name: {{ .Release.Name }}-rke2-journald-aggregator
+    spec:
+      containers:
+        - name: fluentbit
+          image: "{{ template "logging-operator.fluentbitImage" . }}"
+          {{- include "logging-operator.individualFluentbit" $individualValues | nindent 10 }}
+          {{- if .Values.global.seLinux.enabled }}
+          securityContext:
+            seLinuxOptions:
+              type: rke_logreader_t
+          {{- end }}
+          volumeMounts:
+            - mountPath: /fluent-bit/etc/
+              name: config
+            - mountPath: {{ .Values.systemdLogPath | default "/var/log/journal" }}
+              name: journal
+              readOnly: true
+            - mountPath: "/var/lib/rancher/rke2/agent/logs"
+              name: kubelet
+              readOnly: true
+            - mountPath: /etc/machine-id
+              name: machine-id
+              readOnly: true
+      {{- with .Values.tolerations }}
+      tolerations: {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector: {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: "{{ .Release.Name }}-rke2-journald-aggregator"
+      volumes:
+        - name: config
+          configMap:
+            name: "{{ .Release.Name }}-rke2"
+        - name: journal
+          hostPath:
+            path: {{ .Values.systemdLogPath | default "/var/log/journal" }}
+        - name: kubelet
+          hostPath:
+            path: "/var/lib/rancher/rke2/agent/logs"
+        - name: machine-id
+          hostPath:
+            path: /etc/machine-id
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: "{{ .Release.Name }}-rke2-journald-aggregator"
+  namespace: "{{ .Release.Namespace }}"
+{{- if .Values.global.cattle.psp.enabled }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: "{{ .Release.Name }}-rke2-journald-aggregator"
+rules:
+  - apiGroups:
+    - policy
+    resourceNames:
+    - "{{ .Release.Name }}-rke2-journald-aggregator"
+    resources:
+    - podsecuritypolicies
+    verbs:
+    - use
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: "{{ .Release.Name }}-rke2-journald-aggregator"
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: "{{ .Release.Name }}-rke2-journald-aggregator"
+subjects:
+  - kind: ServiceAccount
+    name: "{{ .Release.Name }}-rke2-journald-aggregator"
+---
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: "{{ .Release.Name }}-rke2-journald-aggregator"
+  namespace: "{{ .Release.Namespace }}"
+spec:
+  allowPrivilegeEscalation: false
+  fsGroup:
+    rule: RunAsAny
+  readOnlyRootFilesystem: true
+  runAsUser:
+    rule: RunAsAny
+  seLinux:
+    rule: RunAsAny
+  supplementalGroups:
+    rule: RunAsAny
+  volumes:
+  - configMap
+  - emptyDir
+  - secret
+  - hostPath
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/root/fluentbitagent.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/root/fluentbitagent.yaml
new file mode 100644
index 0000000000..2816b7f911
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/root/fluentbitagent.yaml
@@ -0,0 +1,29 @@
+{{- define "logging-operator.fluentbitagent.root" -}}
+{{- $containerLogPath := printf "%s/containers/" (default "/var/lib/docker" .Values.global.dockerRootDirectory) }}
+metadata:
+  name: "{{ .Release.Name }}-root"
+spec:
+  {{- if .Values.global.dockerRootDirectory }}
+  mountPath: {{ $containerLogPath }}
+  extraVolumeMounts:
+    - source: {{ $containerLogPath }}
+      destination: {{ $containerLogPath }}
+      readOnly: true
+  {{- end }}
+  {{- if (include "requireFilterKubernetes" .) }}
+  filterKubernetes:
+    {{- if .Values.fluentbit.filterKubernetes.Merge_Log }}
+    Merge_Log: "{{ .Values.fluentbit.filterKubernetes.Merge_Log }}"
+    {{- end }}
+    {{- if .Values.fluentbit.filterKubernetes.Merge_Log_Key }}
+    Merge_Log_Key: "{{ .Values.fluentbit.filterKubernetes.Merge_Log_Key }}"
+    {{- end }}
+    {{- if .Values.fluentbit.filterKubernetes.Merge_Log_Trim }}
+    Merge_Log_Trim: "{{ .Values.fluentbit.filterKubernetes.Merge_Log_Trim }}"
+    {{- end }}
+    {{- if .Values.fluentbit.filterKubernetes.Merge_Parser }}
+    Merge_Parser: "{{ .Values.fluentbit.filterKubernetes.Merge_Parser }}"
+    {{- end }}
+  {{- end }}
+{{- end -}}
+{{- include "logging-operator.fluentbitagent" (list . "logging-operator.fluentbitagent.root") -}}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/root/logging.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/root/logging.yaml
new file mode 100644
index 0000000000..e225815e1c
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/loggings/root/logging.yaml
@@ -0,0 +1,67 @@
+{{- define "logging-operator.logging.root" -}}
+metadata:
+  name: "{{ .Release.Name }}-root"
+spec:
+  {{- if (include "windowsEnabled" .) }}
+  nodeAgents:
+    - name: win-agent
+      profile: windows
+      nodeAgentFluentbit:
+        daemonSet:
+          spec:
+            template:
+              spec:
+                containers:
+                  - image: {{ template "system_default_registry" . }}{{ .Values.images.nodeagent_fluentbit.repository }}:{{ .Values.images.nodeagent_fluentbit.tag }}
+                    name: fluent-bit
+        tls:
+          enabled: {{ .Values.nodeAgents.tls.enabled | default false }}
+    {{- if .Values.additionalLoggingSources.rke.enabled }}
+    - name: win-agent-rke
+      profile: windows
+      nodeAgentFluentbit:
+        filterKubernetes:
+          Kube_Tag_Prefix: "{{ template "windowsKubernetesFilter" . }}.var.lib.rancher.rke.log."
+        inputTail:
+          Path: "{{ template "windowsPathPrefix" . }}/var/lib/rancher/rke/log"
+          {{- if .Values.fluentbit.inputTail.Buffer_Chunk_Size }}
+          Buffer_Chunk_Size: {{ .Values.fluentbit.inputTail.Buffer_Chunk_Size | toString }}
+          {{- end }}
+          {{- if .Values.fluentbit.inputTail.Buffer_Max_Size }}
+          Buffer_Max_Size: {{ .Values.fluentbit.inputTail.Buffer_Max_Size | toString }}
+          {{- end }}
+          {{- if .Values.fluentbit.inputTail.Mem_Buf_Limit }}
+          Mem_Buf_Limit: {{ .Values.fluentbit.inputTail.Mem_Buf_Limit | toString }}
+          {{- end }}
+          {{- if .Values.fluentbit.inputTail.Multiline_Flush }}
+          Multiline_Flush: {{ .Values.fluentbit.inputTail.Multiline_Flush | toString | quote }}
+          {{- end }}
+          {{- if .Values.fluentbit.inputTail.Skip_Long_Lines }}
+          Skip_Long_Lines: {{ .Values.fluentbit.inputTail.Skip_Long_Lines | toString | quote }}
+          {{- end }}
+        extraVolumeMounts:
+          - source: "{{ template "windowsInputTailMount" . }}/var/lib/rancher/rke/log"
+            destination: "{{ template "windowsInputTailMount" . }}/var/lib/rancher/rke/log"
+            readOnly: true
+        daemonSet:
+          spec:
+            template:
+              spec:
+                containers:
+                  - image: "{{ template "system_default_registry" . }}{{ .Values.images.nodeagent_fluentbit.repository }}:{{ .Values.images.nodeagent_fluentbit.tag }}"
+                    name: fluent-bit
+        tls:
+          enabled: {{ .Values.nodeAgents.tls.enabled | default false }}
+    {{- end }}
+  {{- end }}
+  fluentd:
+    {{- if .Values.loggingServiceAccountAnnotations.root }}
+    serviceAccount:
+      metadata:
+        annotations:
+        {{- with .Values.loggingServiceAccountAnnotations.root }}
+        {{ toYaml . | indent 8 }}
+        {{- end }}
+    {{- end -}}
+{{- end -}}
+{{- include "logging-operator.logging" (list . "logging-operator.logging.root") -}}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/service.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/service.yaml
new file mode 100644
index 0000000000..f419ae2c48
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/service.yaml
@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "logging-operator.fullname" . }}
+  namespace: {{ include "logging-operator.namespace" . }}
+  labels:
+{{ include "logging-operator.labels" . | indent 4 }}
+spec:
+  type: ClusterIP
+  {{- with  .Values.http.service.clusterIP }}
+  clusterIP: {{ . }}
+  {{- end }}
+  ports:
+    - port: {{ .Values.http.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    app.kubernetes.io/name: {{ include "logging-operator.name" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/service_monitor.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/service_monitor.yaml
new file mode 100644
index 0000000000..fcd86b07a9
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/service_monitor.yaml
@@ -0,0 +1,30 @@
+{{ if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.monitoring.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ include "logging-operator.fullname" . }}
+  namespace: {{ include "logging-operator.namespace" . }}
+  labels:
+{{ include "logging-operator.labels" . | indent 4 }}
+{{- with .Values.monitoring.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+{{- end }}
+spec:
+  selector:
+    matchLabels:
+{{ include "logging-operator.labels" . | indent 6 }}
+  endpoints:
+  - port: http
+    path: /metrics
+    {{- with .Values.monitoring.serviceMonitor.metricRelabelings }}
+    metricRelabelings:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.monitoring.serviceMonitor.relabelings }}
+    relabelings:
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+    - {{ include "logging-operator.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/serviceaccount.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..bb97cf1084
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/serviceaccount.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.rbac.enabled }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "logging-operator.fullname" . }}
+  namespace: {{ include "logging-operator.namespace" . }}
+  labels:
+{{ include "logging-operator.labels" . | indent 4 }}
+{{- with .Values.serviceAccount.annotations }}
+  annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/test_receiver.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/test_receiver.yaml
new file mode 100644
index 0000000000..af0b5f4dcc
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/test_receiver.yaml
@@ -0,0 +1,53 @@
+{{ if .Values.testReceiver.enabled -}}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "logging-operator.releasename" . }}-test-receiver
+  namespace: {{ include "logging-operator.namespace" . }}
+spec:
+  type: ClusterIP
+  ports:
+    - port: {{ .Values.testReceiver.port }}
+      targetPort: receiver
+      protocol: TCP
+      name: receiver
+  selector:
+    app.kubernetes.io/name: {{ include "logging-operator.releasename" . }}-test-receiver
+    app.kubernetes.io/instance: {{ .Release.Name }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "logging-operator.releasename" . }}-test-receiver
+  namespace: {{ include "logging-operator.namespace" . }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "logging-operator.releasename" . }}-test-receiver
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "logging-operator.releasename" . }}-test-receiver
+        app.kubernetes.io/instance: {{ .Release.Name }}
+      annotations:
+        fluentbit.io/exclude: "true"
+    spec:
+    {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+      containers:
+        - name: {{ .Chart.Name }}
+          image: "{{ .Values.testReceiver.image }}"
+          args:
+          {{- range .Values.testReceiver.args }}
+            - {{ . }}
+          {{- end }}
+          imagePullPolicy: {{ .Values.testReceiver.pullPolicy }}
+          resources:
+            {{- toYaml .Values.testReceiver.resources | nindent 12 }}
+          ports:
+            - name: receiver
+              containerPort: {{ .Values.testReceiver.port }}
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/userrole.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/userrole.yaml
new file mode 100644
index 0000000000..82c3200b9c
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/userrole.yaml
@@ -0,0 +1,39 @@
+{{- if .Values.rbac.enabled }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "logging-operator.fullname" . }}-edit
+  labels:
+    rbac.authorization.k8s.io/aggregate-to-admin: "true"
+    rbac.authorization.k8s.io/aggregate-to-edit: "true"
+rules:
+- apiGroups:
+  - logging.banzaicloud.io
+  resources:
+  - flows
+  - outputs
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - logging.banzaicloud.io
+  resources:
+  - syslogngflows
+  - syslogngoutputs
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/userroles.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/userroles.yaml
new file mode 100644
index 0000000000..f4136b09a4
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/userroles.yaml
@@ -0,0 +1,35 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: "logging-admin"
+  labels:
+    rbac.authorization.k8s.io/aggregate-to-admin: "true"
+rules:
+  - apiGroups:
+      - "logging.banzaicloud.io"
+    resources:
+      - flows
+      - outputs
+    verbs:
+      - "*"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: "logging-view"
+  labels:
+    rbac.authorization.k8s.io/aggregate-to-admin: "true"
+    rbac.authorization.k8s.io/aggregate-to-view: "true"
+    rbac.authorization.k8s.io/aggregate-to-edit: "true"
+rules:
+  - apiGroups:
+      - "logging.banzaicloud.io"
+    resources:
+      - flows
+      - outputs
+      - clusterflows
+      - clusteroutputs
+    verbs:
+      - get
+      - list
+      - watch
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/validate-install-crd.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..5184c85c47
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/validate-install-crd.yaml
@@ -0,0 +1,29 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "logging-extensions.banzaicloud.io/v1alpha1/EventTailer" false -}}
+# {{- set $found "logging-extensions.banzaicloud.io/v1alpha1/HostTailer" false -}}
+# {{- set $found "logging.banzaicloud.io/v1alpha1/ClusterFlow" false -}}
+# {{- set $found "logging.banzaicloud.io/v1alpha1/ClusterOutput" false -}}
+# {{- set $found "logging.banzaicloud.io/v1alpha1/Flow" false -}}
+# {{- set $found "logging.banzaicloud.io/v1beta1/FluentbitAgent" false -}}
+# {{- set $found "logging.banzaicloud.io/v1beta1/FluentdConfig" false -}}
+# {{- set $found "logging.banzaicloud.io/v1beta1/LoggingRoute" false -}}
+# {{- set $found "logging.banzaicloud.io/v1alpha1/Logging" false -}}
+# {{- set $found "logging.banzaicloud.io/v1beta1/NodeAgent" false -}}
+# {{- set $found "logging.banzaicloud.io/v1alpha1/Output" false -}}
+# {{- set $found "logging.banzaicloud.io/v1beta1/SyslogNGClusterFlow" false -}}
+# {{- set $found "logging.banzaicloud.io/v1beta1/SyslogNGClusterOutput" false -}}
+# {{- set $found "logging.banzaicloud.io/v1beta1/SyslogNGConfig" false -}}
+# {{- set $found "logging.banzaicloud.io/v1beta1/SyslogNGFlow" false -}}
+# {{- set $found "logging.banzaicloud.io/v1beta1/SyslogNGOutput" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/validate-install.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/validate-install.yaml
new file mode 100644
index 0000000000..bd624cc4b4
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/validate-install.yaml
@@ -0,0 +1,5 @@
+#{{- if .Values.global.dockerRootDirectory }}
+#{{- if or (hasSuffix "/containers" .Values.global.dockerRootDirectory) (hasSuffix "/" .Values.global.dockerRootDirectory) }}
+#{{- required "global.dockerRootDirectory must not end with suffix: '/' or '/containers'" "" -}}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/templates/validate-psp-install.yaml b/charts/rancher-logging/104.2.0+up4.8.0/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/values-logging-example.yaml b/charts/rancher-logging/104.2.0+up4.8.0/values-logging-example.yaml
new file mode 100644
index 0000000000..b7068af4a0
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/values-logging-example.yaml
@@ -0,0 +1,24 @@
+nameOverride: example
+
+# given we use `nameOverride: example` if testReceiver is enabled we can send http metrics to http://example-test-receiver:8080
+testReceiver:
+  enabled: true
+
+logging:
+  enabled: true
+  clusterFlows:
+    - name: all
+      spec:
+        match:
+          - select: {}
+        globalOutputRefs: ["http"]
+  clusterOutputs:
+    - name: http
+      spec:
+        http:
+          endpoint: http://example-test-receiver:8080
+          content_type: application/json
+          buffer:
+            type: memory
+            timekey: 1s
+            timekey_wait: 1s
diff --git a/charts/rancher-logging/104.2.0+up4.8.0/values.yaml b/charts/rancher-logging/104.2.0+up4.8.0/values.yaml
new file mode 100644
index 0000000000..525181c54c
--- /dev/null
+++ b/charts/rancher-logging/104.2.0+up4.8.0/values.yaml
@@ -0,0 +1,484 @@
+# Default values for logging-operator.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: rancher/mirrored-kube-logging-logging-operator
+  tag: 4.8.0
+  pullPolicy: IfNotPresent
+
+env: []
+volumes: []
+volumeMounts: []
+
+extraArgs:
+  - -enable-leader-election=true
+imagePullSecrets: []
+
+# -- A name in place of the chart name for `app:` labels.
+nameOverride: ""
+
+# -- A name to substitute for the full names of resources.
+fullnameOverride: ""
+
+# -- A namespace override for the app.
+namespaceOverride: ""
+
+# -- Define annotations for logging-operator pods.
+annotations: {}
+
+# -- Deploy CRDs used by Logging Operator.
+createCustomResource: false
+
+http:
+  # -- HTTP listen port number.
+  port: 8080
+
+  # -- Service definition for query http service.
+  service:
+    type: ClusterIP
+    clusterIP: None
+    # Annotations to query http service
+    annotations: {}
+    # Labels to query http service
+    labels: {}
+
+rbac:
+  # -- Create rbac service account and roles.
+  enabled: true
+
+  # specify service account manually
+  # serviceAccountName: custom
+
+monitoring:
+  serviceMonitor:
+    # -- Create a Prometheus Operator ServiceMonitor object.
+    enabled: false
+
+    additionalLabels: {}
+    metricRelabelings: []
+    relabelings: []
+
+# -- Pod SecurityContext for Logging operator. [More info](https://kubernetes.io/docs/concepts/policy/security-context/)
+## SecurityContext holds pod-level security attributes and common container settings.
+## This defaults to non root user with uid 1000 and gid 2000.	*v1.PodSecurityContext	false
+## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+podSecurityContext: {}
+#  runAsNonRoot: true
+#  runAsUser: 1000
+#  fsGroup: 2000
+
+# -- Container SecurityContext for Logging operator. [More info](https://kubernetes.io/docs/concepts/policy/security-context/)
+securityContext: {}
+#  allowPrivilegeEscalation: false
+#  readOnlyRootFilesystem: true
+  # capabilities:
+  #   drop: ["ALL"]
+
+# -- Operator priorityClassName.
+priorityClassName: {}
+
+serviceAccount:
+  # -- Define annotations for logging-operator ServiceAccount.
+  annotations: {}
+
+# -- CPU/Memory resource requests/limits
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+nodeSelector: {}
+
+# -- Node Tolerations
+tolerations: []
+
+# -- Node Affinity
+affinity: {}
+
+# -- Define which Nodes the Pods are scheduled on.
+podLabels: {}
+
+# Logging resources configuration.
+logging:
+
+  # -- Logging resources are disabled by default
+  enabled: false
+
+  # -- Reference to the logging system. Each of the loggingRefs can manage a fluentbit daemonset and a fluentd statefulset.
+  loggingRef: ""
+
+  # -- Disable configuration check before applying new fluentd configuration.
+  flowConfigCheckDisabled: false
+
+  # -- Whether to skip invalid Flow and ClusterFlow resources
+  skipInvalidResources: false
+
+  # -- Override generated config. This is a raw configuration string for troubleshooting purposes.
+  flowConfigOverride: ""
+
+  # -- Flag to disable fluentbit completely
+  fluentbitDisabled: false
+  # -- Fluent-bit configurations https://kube-logging.github.io/docs/configuration/crds/v1beta1/fluentbit_types/
+  fluentbit: {}
+
+  # -- Flag to disable fluentd completely
+  fluentdDisabled: false
+  # -- Fluentd configurations https://kube-logging.github.io/docs/configuration/crds/v1beta1/fluentd_types/
+  fluentd: {}
+  # 20Gi persistent storage is configured for fluentd by default.
+  # Here is an example, on how to override it:
+  #  bufferStorageVolume:
+  #    pvc:
+  #      spec:
+  #        accessModes:
+  #          - ReadWriteOnce
+  #        resources:
+  #          requests:
+  #            storage: 40Gi
+
+  # -- Syslog-NG statefulset configuration
+  syslogNG: {}
+
+  # -- Default flow for unmatched logs. This Flow configuration collects all logs that didn’t match any other Flow.
+  defaultFlow: {}
+
+  # -- GlobalOutput name to flush ERROR events to
+  errorOutputRef: ""
+
+  # -- Global filters to apply on logs before any match or filter mechanism.
+  globalFilters: []
+
+  # -- Limit namespaces to watch Flow and Output custom resources.
+  watchNamespaces: []
+
+  # -- Limit namespaces to watch Flow and Output custom resources.
+  watchNamespaceSelector: {}
+
+  # -- Cluster domain name to be used when templating URLs to services
+  clusterDomain: "cluster.local."
+
+  # -- Namespace for cluster wide configuration resources like ClusterFlow and ClusterOutput. This should be a protected namespace from regular users. Resources like fluentbit and fluentd will run in this namespace as well.
+  controlNamespace: ""
+
+  # -- Allow configuration of cluster resources from any namespace. Mutually exclusive with ControlNamespace restriction of Cluster resources
+  allowClusterResourcesFromAllNamespaces: false
+
+  # -- NodeAgent Configuration
+  nodeAgents: {}
+  #  - name: win-agent
+  #    profile: windows
+  #    nodeAgentFluentbit:
+  #      daemonSet:
+  #        spec:
+  #          template:
+  #            spec:
+  #              containers:
+  #              - image: banzaicloud/fluentbit:1.9.5
+  #                name: fluent-bit
+  #      tls:
+  #        enabled: false
+  #  - name: linux-agent
+  #    profile: linux
+  #    nodeAgentFluentbit:
+  #      metrics:
+  #        prometheusAnnotations: true
+  #        serviceMonitor: false
+  #      tls:
+  #        enabled: false
+
+  # -- configCheck provides possibility for timeout-based configuration checks https://kube-logging.dev/docs/whats-new/#timeout-based-configuration-checks
+  configCheck: {}
+
+  # -- EnableRecreateWorkloadOnImmutableFieldChange enables the operator to recreate the fluentbit daemonset and the fluentd statefulset (and possibly other resource in the future) in case there is a change in an immutable field that otherwise couldn’t be managed with a simple update.
+  enableRecreateWorkloadOnImmutableFieldChange: false
+
+  # -- ClusterFlows to deploy
+  clusterFlows: []
+
+  # -- ClusterOutputs to deploy
+  clusterOutputs: []
+
+  # Send all pod logs to kafka
+  # clusterFlows:
+  #    - name: all
+  #      spec:
+  #        match:
+  #          - select: {}
+  #        globalOutputRefs: ["kafka"]
+  # clusterOutputs:
+  #   - name: kafka
+  #     spec:
+  #       kafka:
+  #         brokers: kafka-headless.kafka.svc.cluster.local:29092
+  #         format:
+  #           type: json
+  #         default_topic: topic
+
+  # EventTailer config
+  eventTailer:
+    enabled: false
+    name: event-tailer
+    image:
+      # -- repository of eventTailer image
+      repository:
+      # -- tag of eventTailer image
+      tag:
+      # -- pullPolicy of eventTailer image
+      pullPolicy:
+      # -- imagePullSecrets of eventTailer image
+      imagePullSecrets: []
+    pvc:
+      # -- enable pvc for 
+      enabled: false
+      # -- storage class for event tailer pvc
+      accessModes:
+        - ReadWriteOnce
+      # -- storage class for event tailer pvc
+      volumeMode: Filesystem
+      # -- storage for event tailer pvc
+      storage: 1Gi
+      # -- storage class for event tailer pvc
+      storageClassName:
+    # -- workloadMetaOverrides
+    workloadMetaOverrides:
+    # -- workloadOverrides
+    workloadOverrides:
+    # -- containerOverrides
+    containerOverrides:
+
+  hostTailer:
+    # -- HostTailer
+    enabled: false
+    # -- name of HostTailer
+    name: hosttailer
+    image:
+      # -- repository of eventTailer image
+      repository:
+      # -- tag of eventTailer image
+      tag:
+      # -- pullPolicy of eventTailer image
+      pullPolicy:
+      # -- imagePullSecrets of eventTailer image
+      imagePullSecrets: []
+    # -- workloadMetaOverrides of HostTailer
+    workloadMetaOverrides:
+    # -- workloadOverrides of HostTailer
+    workloadOverrides:
+    # -- configure fileTailers of HostTailer
+    # example:
+    #   - name: sample-file
+    #     path: /var/log/sample-file
+    #     disabled: false
+    #     buffer_max_size:
+    #     buffer_chunk_size:
+    #     skip_long_lines:
+    #     read_from_head: false
+    #     containerOverrides:
+    #     image:
+    fileTailers: []
+    # -- configure systemdTailers of HostTailer
+    # example:
+    #   - name: system-sample
+    #     disabled: false
+    #     systemdFilter: kubelet.service
+    #     maxEntries: 20
+    #     containerOverrides:
+    #     image:
+    systemdTailers: []
+
+testReceiver:
+  enabled: false
+  image: fluent/fluent-bit
+  pullPolicy: IfNotPresent
+  port: 8080
+  #   args: ["-i", "http", "-p", "port=8080", "-o", "stdout"]
+  # resources:
+  #   limits:
+  #     cpu: 100m
+  #     memory: 50Mi
+  #   requests:
+  #     cpu: 20m
+  #     memory: 25Mi
+  
+  # Service definition for query http service
+  service:
+    type: ClusterIP
+    clusterIP: None
+    # Annotations to query http service
+    annotations: {}
+    # Labels to query http service
+    labels: {}
+
+# Logging CR specific serviceAccount annotations
+loggingServiceAccountAnnotations: {}
+## Syntax ##
+#  <logging-name>:
+#    <key>: <value>
+#
+## Example ##
+#
+#  root:
+#    eks.amazonaws.com/role-arn: <RoleARN>
+#
+## Result - added to the Logging resource ##
+#
+#  spec:
+#    fluentd:
+#      serviceAccount:
+#        metadata:
+#          annotations:
+#            eks.amazonaws.com/role-arn: arn:aws:iam::1234567890:role/my-iam-role
+#
+
+###################################
+# Rancher Logging Operator Values #
+###################################
+
+# Enable debug to use fluent-bit images that allow exec
+debug: false
+
+# Disable persistent volumes for buffers
+disablePvc: true
+
+# If your additional logging sources collect logs from systemd configure the systemd log path here
+systemdLogPath: "/run/log/journal"
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+    # Uncomment the below two lines to either enable or disable Windows logging. If this chart is
+    # installed via the Rancher UI, it will set this value to "true" if the cluster is a Windows
+    # cluster. In that scenario, if you would like to disable Windows logging on Windows clusters,
+    # set the value below to "false".
+    # windows:
+    #   enabled: true
+    psp:
+      enabled: false
+
+  # Change the "dockerRootDirectory" if the default Docker directory has changed.
+  dockerRootDirectory: ""
+
+  rkeWindowsPathPrefix: "c:\\"
+
+  seLinux:
+    enabled: false
+
+images:
+  config_reloader:
+    repository: rancher/mirrored-kube-logging-config-reloader
+    tag: v0.0.5
+  fluentbit:
+    repository: rancher/mirrored-fluent-fluent-bit
+    tag: 3.0.4
+  nodeagent_fluentbit:
+    os: "windows"
+    repository: rancher/fluent-bit
+    tag: 2.2.0
+  fluentbit_debug:
+    repository: rancher/mirrored-fluent-fluent-bit
+    tag: 3.0.4-debug
+  fluentd:
+    repository: rancher/mirrored-kube-logging-fluentd
+    tag: v1.16-4.8-full
+
+additionalLoggingSources:
+  rke:
+    enabled: false
+    fluentbit:
+      log_level: "info"
+      mem_buffer_limit: "5MB"
+  rke2:
+    enabled: false
+    stripUnderscores: false
+  k3s:
+    enabled: false
+    container_engine: "systemd"
+    stripUnderscores: false
+  aks:
+    enabled: false
+  eks:
+    enabled: false
+  gke:
+    enabled: false
+  kubeAudit:
+    auditFilename: ""
+    enabled: false
+    pathPrefix: ""
+    fluentbit:
+      logTag: kube-audit
+      tolerations:
+      - key: node-role.kubernetes.io/control-plane
+        value: "true"
+        effect: NoSchedule
+      - key: node-role.kubernetes.io/etcd
+        value: "true"
+        effect: NoExecute
+
+# configures node agent options for windows node agents
+nodeAgents:
+  tls:
+    enabled: false
+
+# These settings apply to every Logging CR, including vendor Logging CRs enabled in "additionalLoggingSources".
+# Changing these affects every Logging CR installed.
+fluentd:
+  bufferStorageVolume: {}
+  livenessProbe:
+    tcpSocket:
+      port: 24240
+    initialDelaySeconds: 30
+    periodSeconds: 15
+  nodeSelector: {}
+  resources: {}
+  tolerations: {}
+  env: []
+  logLevel: {}
+fluentbit:
+  inputTail:
+    Buffer_Chunk_Size: ""
+    Buffer_Max_Size: ""
+    Mem_Buf_Limit: ""
+    Multiline_Flush: ""
+    Skip_Long_Lines: ""
+  resources: {}
+  tolerations:
+    - key: node-role.kubernetes.io/control-plane
+      value: "true"
+      effect: NoSchedule
+    - key: node-role.kubernetes.io/etcd
+      value: "true"
+      effect: NoExecute
+  filterKubernetes:
+    Merge_Log: ""
+    Merge_Log_Key: ""
+    Merge_Log_Trim: ""
+    Merge_Parser: ""
+
+# -- Extra manifests to deploy as an array
+extraManifests: []
+  # - apiVersion: v1
+  #   kind: ConfigMap
+  #   metadata:
+  #   labels:
+  #     name: extra-manifest
+  #   data:
+  #     extra-data: "value"
+
+# DO NOT SET THIS UNLESS YOU KNOW WHAT YOU ARE DOING.
+# Setting fields on this object can break rancher logging or cause unexpected behavior. It is intended to be used if you
+# need to configure functionality not exposed by rancher logging. It is highly recommended you check the `app-readme.md`
+# for the functionality you need before modifying this object.
+
+# this object will be merged with every logging CR created by this chart. Any fields that collide with fields from the
+# settings above will be overridden. Any fields that collide with fields set in the files in `templates/loggings` will
+# be ignored.
diff --git a/index.yaml b/index.yaml
index 3342cf391a..e15b9e4a63 100755
--- a/index.yaml
+++ b/index.yaml
@@ -17207,6 +17207,40 @@ entries:
     urls:
     - assets/rancher-logging/rancher-logging-105.0.0+up4.8.0.tgz
     version: 105.0.0+up4.8.0
+  - annotations:
+      catalog.cattle.io/auto-install: rancher-logging-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/deploys-on-os: windows
+      catalog.cattle.io/display-name: Logging
+      catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+      catalog.cattle.io/namespace: cattle-logging-system
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/provides-gvr: logging.banzaicloud.io.clusterflow/v1beta1
+      catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
+      catalog.cattle.io/release-name: rancher-logging
+      catalog.cattle.io/type: cluster-tool
+      catalog.cattle.io/ui-component: logging
+      catalog.cattle.io/upstream-version: 4.8.0
+    apiVersion: v2
+    appVersion: 4.8.0
+    created: "2025-02-25T21:42:16.290907782-03:00"
+    description: Logging operator for Kubernetes based on Fluentd and Fluentbit.
+    digest: 9b219e92bbc62100799e7e14980de4ed486385b72550a4b7cea8b5f2d4b003ea
+    home: https://kube-logging.github.io
+    icon: file://assets/logos/rancher-logging.svg
+    keywords:
+    - logging
+    - fluentd
+    - fluentbit
+    kubeVersion: '>=1.26.0-0'
+    name: rancher-logging
+    sources:
+    - https://github.com/kube-logging/logging-operator
+    - https://github.com/kube-logging/helm-charts/tree/main/charts/logging-operator
+    type: application
+    urls:
+    - assets/rancher-logging/rancher-logging-104.2.0+up4.8.0.tgz
+    version: 104.2.0+up4.8.0
   - annotations:
       catalog.cattle.io/auto-install: rancher-logging-crd=match
       catalog.cattle.io/certified: rancher
diff --git a/release.yaml b/release.yaml
index 8cdd2c58b2..3e00b835a6 100644
--- a/release.yaml
+++ b/release.yaml
@@ -1,2 +1,4 @@
 rancher-webhook:
   - 104.0.7+up0.5.7
+rancher-logging:
+  - 104.2.0+up4.8.0

From c36a909fa7bb797b063902238751c2ed0d28f115 Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:43:21 -0300
Subject: [PATCH 04/19] fp: rancher-logging-crd 104.2.0+up4.8.0

---
 .../rancher-logging-crd-104.2.0+up4.8.0.tgz   |   Bin 0 -> 170042 bytes
 .../104.2.0+up4.8.0/Chart.yaml                |    10 +
 .../104.2.0+up4.8.0/README.md                 |     2 +
 ...xtensions.banzaicloud.io_eventtailers.yaml |  2467 ++
 ...extensions.banzaicloud.io_hosttailers.yaml |  2651 ++
 .../logging.banzaicloud.io_clusterflows.yaml  |  2166 ++
 ...logging.banzaicloud.io_clusteroutputs.yaml | 14812 +++++++++++
 .../logging.banzaicloud.io_flows.yaml         |  2150 ++
 ...ogging.banzaicloud.io_fluentbitagents.yaml |  2535 ++
 ...logging.banzaicloud.io_fluentdconfigs.yaml |  3240 +++
 .../logging.banzaicloud.io_loggingroutes.yaml |   106 +
 .../logging.banzaicloud.io_loggings.yaml      | 20601 ++++++++++++++++
 .../logging.banzaicloud.io_nodeagents.yaml    |  4788 ++++
 .../logging.banzaicloud.io_outputs.yaml       | 14078 +++++++++++
 ...g.banzaicloud.io_syslogngclusterflows.yaml |   360 +
 ...banzaicloud.io_syslogngclusteroutputs.yaml |  2911 +++
 ...ogging.banzaicloud.io_syslogngconfigs.yaml |  8104 ++++++
 .../logging.banzaicloud.io_syslogngflows.yaml |   364 +
 ...ogging.banzaicloud.io_syslogngoutputs.yaml |  2905 +++
 index.yaml                                    |    14 +
 release.yaml                                  |     2 +
 21 files changed, 84266 insertions(+)
 create mode 100644 assets/rancher-logging-crd/rancher-logging-crd-104.2.0+up4.8.0.tgz
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/Chart.yaml
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/README.md
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging-extensions.banzaicloud.io_eventtailers.yaml
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging-extensions.banzaicloud.io_hosttailers.yaml
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_clusterflows.yaml
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_clusteroutputs.yaml
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_flows.yaml
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_fluentbitagents.yaml
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_fluentdconfigs.yaml
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_loggingroutes.yaml
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_loggings.yaml
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_nodeagents.yaml
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_outputs.yaml
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngclusterflows.yaml
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngclusteroutputs.yaml
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngconfigs.yaml
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngflows.yaml
 create mode 100644 charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngoutputs.yaml

diff --git a/assets/rancher-logging-crd/rancher-logging-crd-104.2.0+up4.8.0.tgz b/assets/rancher-logging-crd/rancher-logging-crd-104.2.0+up4.8.0.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..ff3010dcf35511de61a5171c22b0fdc4b653034e
GIT binary patch
literal 170042
zcmb5VV~{9Ix31f^ZQIst+qT_3+qP}no^9K<ZDY1=-Ck?&bK^UA$2}3JDk>r)D}Q7}
zW!C$SXN<&;gg^oK=lZ4upf(U!WH1t!VUu>}WHn?~WiVD^{jI6Q$tI_&$|j>`Wno}r
z?5?a}%Oh@LWesrArR8|QR?m@h@`_Sfbsxv6mE-2H!E>LG!JK|5eRP~5;ec1~sgAIg
zPzwe~2QdEhasPhxO+=}YKnetlP;b)qPKp_6<;TA>w>2w`<~VC6IAy9mJq@Mf^JF^R
z=xskhbt{3y!N<q<{Wd}0@tu>KyYqSdsz%TEeR!1W`+jzwN<Y){@^(aiLf^y1_q{>B
z=AN;)HH$IvKz>p<(*ABA3zC*J&NPwCQj=q%(MN-9@l>F{4CU6hWCm(J@dsyIZ7o6d
ziI?rf1oBSh3B3aQWnx>5q@s7R(oap}dqk^%nSEHW>6sK3D9yj&>1YGfO7Wao^?pYH
zyZW%g>h?|pvShZid8=nf!YCbqtif?~yYqY5SgH8h(EZj5qphoKPi6Q_^QJ(n*er5M
z{b#OTx37`+J#3Gu^j}~5A8SI_#yA%TzR)VPX`uIOXEk=#0?oPBy3%PMqi%%CO5M9u
zp`hZHnCN*^aiey3-{`sDmq$C@>&M?S-%qbQ-9%qK@EpH>ZR``M-bYV$e{}p#x4XSt
zBTYT3xR5cbEZ+`Ph^E`sN^=<dRbAR!pP;ck9`}ogbOMUBN>$L0H`CwCeob0`-cBLl
zDsG4A`ZY3DuZzPs#e|2?CO#z<DK{M}!lg4^RpyiGzGpVJA<O97+jfJ{_cG+-i>kGb
zZ}am=%*N{3k``-f@JYA>A11Xyl%eZ!p@D`u*kWi5dk$mc)8O@T3uihdx65rzn8%FX
zQ+f!8YFUnPLK*h%aj0Xb=cV@Xgr=gYT#K{oEd!73$@!p0V;P#&h&8n#8o!;im%FuX
z%@toY(O1BL-ACPe0_#c6MT8<sYPN@l-%|IAch93^L|*0M%B<2)tMsY+=w-PBo}p@O
zDrd)i$g~!}1-xMwI!=EwSTzw4=E~Lvu=={%Vf8)T_EL3MdjQpK#o@g#pH*kzQG=SL
z5d`|U(qz2hC{tCX6T{2dkA&S|yw#lLgKI_qSdydLr`&1iq9RJ_edr{Iu&t3nYdlUT
z?bPGJbV*X{nQiwtGTRXv>>&Uhn58{>vf&x)Ys(HcW{LN_+ir4tx~i%Ne1vEZ&7(TX
zEI)p6d-}xJFFB9rBhZj>^U(9}L&S3#K(n<$pKu~pMJ|oUUzOtLe47Xgg(H%pDR6kQ
z^7=|smz<#4j{^U(OudpTvFTYwgHIa6*cR1LDbJDzjqmk}%10cX`9DqWc#$`!7lvfr
zpnW#H{Q1VGy9-Vk#b8q^?y<lbB^14Bo+`P`rF^CPcVWWs5)PZ*wc(&T_G_;ZJC>@w
zA`G8CpGO>;`>3VE+t?#+%f{+To=+V%L9Oxu=<EtLminaR<Uv_+sBy>%@yLR*VbG(H
z?ha&#oP>u#l{tj}yjpM)e7JM7)hF|*rvo{lJLt32(!Yd?lJPH6h+2NO@JhlP`Fo@D
zsZ;lMfn<XNy`R1nCm~<wv5VVBZG#J3Uw;ATo8HQQnX2}&8w{`cusEqX`?EKFbH5I1
zd~<ldj~C>=Ir!dde7_zSd^`Vso$%%Q-ha$2@qN90y#C4kx*d?)`S!Sd%KdoF^&Kr~
zzxaMU`QzKW;Y$?H?fW(5%Rz=p3yb)$G|z~!-YnK+odXVo5`Fx19G!qx4W87gXUasl
zxD<R0O{WiLE7K?Z=ON^|Id?^v5>Oh>pz3_3UGYt@f)X9hJ_`9v5LLR7EgoGj1pR8u
z=-H^DC2aV{w$FlXFQ8)uvL&UGyO={WC0TQc{6PT1qEv13Y*id4aaj|UuS}E+2V}6^
zT>pq(akEox+-C&z;dkbNX$ki0y4Oyz)mC8fR`gRt!X-LM+OsX#gSYfXZ>%=kO3xy;
zg!4N9rJ(^JQMmTfSu2QB3hOkk0I^_giGP8-ii`z)_<F~Fy|Nk^V(<*rz_vMsfadgI
zXg18?C-Ot}3Eg^b7aRo}-Hxp{;Ba9#Lp|k2l3aKR$8v}c#hmi&X`Vm5)0xd=w;Jso
zv>X8TV;v7!l?B_q`lxtNH$P|syyxS&*da0e78gng{Voqyv6)RtI*G<BX->;ZlTuV+
z6l%*Nm)63>E^>??R094Jc5F;)YTF&(&hj`+XXo<<ctYIP<U*Iz9K<ak6fF3GEIxD+
zgGqF4O?}UY$>uO|<5WtYZr!?VO^1&E+!}fl(<T+}bGu1H*fY+=;#3Irt0#Gb&}o^x
z!?+n=9bn+L9JQ3>i$pS9fP`zp!7XMYXa#*ArD+4gOrt}!4E)O?wAUTzu^)&1=qHl)
z^s@##VNEZGxH#V4VMj2Y=po^<;*vLqYn0HrPKkUxq>8m|_Ytt><_t4xQs?b3TGqMY
zi`YxN+UDM=r{TuxC>v9?caXwmX<Borx~3i(ehTtem+J&ZB_u*@FKrqQ5qKTLfa=|X
zPO1mvZti<(5nmY|HvM0?%EZ?@3_jTFvR5PemIi!ezct#0O^`!(q12Ftb!*B5=vY$e
zToclUi@?y?`aCCbRY$o=Pf)<{$d1PjV#Iw#wmAs<@MN<sS2w&{Q{4h)ssWuoyk(YK
zJZ?@EVKj&!;Jz61N-=S(oX&F8-Law6yoP|;sMw9?kJkX6AY)jY9{<UEUdau2SYo6I
zPyR@1>3|t1^9?!Ejd*x01bOu%PQW4Pw1~BW$e}>SE5|m}JerPLi3h*1oGOC2!S-gV
z4EI#)K>!_Ch&v(RWd;W}w@7!`x#oMQS`}7IqQ5OZHcgIUp}@jct3c7388HJs#>fcZ
zD1QY|5;Vz%GFOMGrc7@{8H^G*Pd+&xEG=1cS<og4YdhrV0_JeXAiGavz)$7Pp#RFB
zz;XKvWuu(XQoA_ZH@i+{L+`!ZN}fvPtG^<vqitDQ|C!mD1_pey*!*LfZufWgJrmq;
z>>$;1-B}AKj@`$fR0Xmoo5RlS?T<c`rqHYP0^MS$A)E<uYgSk0&z3o9S&?Vy{wM=Z
z%6M)74u_-&_9WVqRe<+5_5R!F0b!Tu5q5)D50UzNQQzQ73Esbg$HIpZP6fVjs~k@-
zs{*f<Zu#sKK&&E^z}50T+4E5{b@Kxke2=Pg3(U~i@UVkFs`Gxli^*Y^#z+W>M;kDA
zil+<B1Hyi#o*<RBNN#E!?~Zrf7i%1qJH&;xf>qogWdF#?Qo>g~WZf4u8c_~BGBS}>
zQqt->vS@Jmh9e0>qi}H4Q<p?kci=$((6dSO`m_=$Q@+UvhmdA45SNH(cBR~lNMY_V
zwE5iu!l)6t-<O{>e-J()y4ItC0}<~JO9RGGdh{H69hB2y9%BScq)N$JYuhmO5>2+@
zR6&v@TBUvi2WjRI<vNXrJu<DOJku1G;ey37f<)}xu=FhTL1m<srH-$i3&CbcqO{RO
zeFU~<ENrXHHhEVMV9_%!zenza4|vgYtmgGj#M7VZgUa$``G!n<IMpD86uchB+{L+4
zG1ulc+@%}d?;v=NM6slR0UoDT2{WRDV=*(LjvJ0?;eyFVdos;NcYoapPoBS!@V`Lp
zOm{Vd5og8s!=c);Mq9*!)x>8Ka&X!C<{LWrJzM}}rDsBdd1QrWKtecxctNix4hFDB
z_VbAErHYP{j1mC6MLEel{iZW;_|0UTmKOoDS#cjVkdKtD0FKhEfREBHfal-g2)g7v
zdVU&WRnL?o#;g=S-9Sfa@-dJ{X&?aE-qE@E+1{5x+1{|d;o06iYuwP|jQKc;00cb0
ze0++`T>T#|0J73@ig6N)a_@>9rMclzBsGUg{{li`c{jM`mq)Z+V+bKIIJ7WE^4P(8
z?5YRQ^9L}ZYszG;){=p1cT}sx3?%O@dxMe_^3TF>nrO3N`D9x%IFfc!JEcjXnzqZf
zZ#B)s<1tS$0eke>M=!w>^=zn!i;z27o?nMnvuFs7l1(KGSSuo=Hr;>V>mTJo?1TWA
z!at|jrSer1^jn;FrU1tvm_88O_-ga5%kc1zf@PFE8y6eU1&#@-;Zb+SoL=?Kt-Plj
z!g1JedMJ#Mwq%9d3e;x8%Tt`%%6sHhMDRPR@cu=SUf6Q{>^%;qJ%cZA^#VCNhrIh5
zU?}^?Eo_ZGbeV!`3*U{e=#>;I>iSz;0N+ttJbJ0ZMtGcwhC!3M?M2z-$^ZWG3n$3W
z9Gtlw{L?3OTFQrB3HPUf4!k^xM8HlMqpu_<iCHs$M&A#;s&l+>rvHEyVqHpr_A)6F
zVmxE(i&N813Jz$Q34Hjqq{lre`h5nrc)MKYL@b%5h6xKUR)$WNM=VXVgVwY@$`aDC
zf>SaHftu#ER;D-Q{dnMS-p>)eZ*I@8sUKrt@AIVh{c-;1+imW1#+Uc|_%*k}_v7*P
zUXJhcAT+o8`*Hu0@AaPVJ5I)V?fZO2?%S{BTbRiG>m&2~M%KCrM{MEu1fjlprkqEn
zLM$c)*3{(`HYu(4FIfCaD>K2;3g{_x?OvGei~z{v8eq*S*McMfvMu7pM@t<_@BF1C
z=o%=<ay&&)<SL!;!R%nFKUaI9cXgUYWya$FdIqCqR%3AWS0}?k4OI&jzVsQ91=X$u
zJYB_J=xEJ~eexyo8plvwKG@0+k%-J^$+hcN07oMlH!bx&v&w&bLygKoaom8L(AEnd
z^_q{~e$CsIUrW&*1HQ?w7+vPMo<(FCC8Q#5EkL}sp7|q3l6(ql7!Ry)1R4fdgy7HL
z90Zp;O2BT&q^x=pki$|H^GQ?)a^8WAckwIml*S3&CG-UoGYjGu_Bmu3K%nBWTUmy+
z<T9`{Pw`Bhd_h^>!qBt||0=f|Rr&fJoqVVW;KaPqQn@K}QY>;14muum0(4hjfJg)}
z_f~t{k9+VY@L0@}VV3B&l*+QLu?*^mVgR>)#@$gYIN`L7qYoq30pqRLH-`{W<8k~i
zzaYfT({3?30!J#XL3~khLGOE89pd;4@f=Hc;zUDm>=K)*BLXXOyc(|}Q!d>$=~Xn{
z_6wZyehND2^*9~Hqz4Arq+8(_+oYREWc$x#%Ti)2@qP4owV<8Jp%)x5XYRi%(>E?l
zjy~@GG#v#qZ-9TA{GV=Kk!|u5$H&71JKnO3aY$ts5fe2yx4TCUWtT^i=JfGuAo3iA
z6xL)Ng|%el(hCb%Wfy03>SP_#74(0{=8KnIP!-l!fbR)Ybx4L~jaQdmjPo^w(sv}3
zKWz43Ac@^ox0p3I9hXO%Lzqt1l03i!Mnt|8!*eP6BO4nGi;Md&x(WN-J*QzqIOM!-
z5@yZ#-J+!kb)_?N0_!E<8TvC!Yqzf*XtPHpiM3jumP9*G$8GMrj>ggKyY^qDt}sla
zK_Ld5)K;TPFf3ZIIn(9={Z9W|<Zsl}`9#kq7!Vnw59F_~$LDASb>42h^q#NIjBmtP
zc*&`3fv@UEU?o&DbRxGVq!9$ZVP*vY(2|)i%jZCDh~rIS(dZcaSPg{p#xlQs-^-Nw
z=B&_2C*5dmoeVIABh1v^2O#}Np2KLl^zm-9DyHARjUBhey`>^VTu!nAvoitV7LeF`
zlGoIU!oxuAxJrNcZoem(ijGgcIB{`Sda5SuFP$dwlC)L~Br`5qC^9y0KX~k$j`#Cr
zm&Mvrp3x)4`>Od%O6CNKhFfKtBj>wB^66;t;V}|26rAA8#=Gm-4XJ6Y)D=BFH1DR2
z$OXr`wsrb*{?2xflwi+}yB7n^XGtn-$@yMVlFwAuZ}Bk1mOtn4_I%A5o2%Zmc{y^4
ztxCxWn^eA-=uDiXFRhex(P-Im0hG8N4DNM?0QiAmGWBAwc%5tMgnt@VX>7E$8c}hG
zqzFoM)}a{IU?qlzBVI)#f$5~47x70kcu+<V+{NOa3!4X_N&k2~Av+$A89aNn#bQW(
zFxa3;X5tm$jUZpE3+YGv4pyJQ6YKyCs<eb(_1FVm#?cAjTX?F>q?j+_ax+2FjM5Jx
z)s-)B<zMo45uj2D&|c=S*TTpVmi^r=Zkj-%cBPnXHzy6keh*)iY}9m@Ph?Y5wd6Ig
z{w+D8;#aIEX8clg5MCFhQ%>zZ<n;R1k9kHE*bl7)S0HTX19Md=RkPm{$W}TyfeNxt
zw|2&Crx7++7{un$maXJR8+f(LBx?G210vn+jQiyZPIhm&6o;F+x+Mfsoa)sV{a)*U
zJ*&gu0dXB%_o+KOg5wN(10~vWd1@dMAx4s~s>CG<h`L|RBPa&Lid|~qc~2{cgjJb$
z2wVSvi2Uame@{%;-gb>p@*@Z`n?S*_5y&)1y$?~2Clso2<7ik>?mDRxF-omRPzBmF
zG37=@Ut^4B0HT_J(>N~KJRd998Mi|-6wsOoWHHptz64O$s!HGZw-@wfvp0mI)!wqo
ziD=$<B|G6bUY{{V6dp<CiOC{?K?y(l{b9W@UzCj@rU84Dt2J90lJx_!!8WwPQ(#&~
zuzJ5-G^qUL0UKe6lfCyK8zJ3dYcSy?=9DN$kw&Ld25!SvD{Oey0*$Qv!F!T5P&{J%
zT&r4CLy9}P;h@ow)f{SGAY+;fW+sC9`G{;CxRY!znJ_X-wJy<Xo{qoJ&AjlXFg)=w
z)<Jj`p}$;nfIM_5xc1w?6E<}Qga@tU-XNV#fyrf2f2<WywZ)hYM$H}3=`C-OJyhtF
zdhr?zH!WcZ8Fnp=YwXIkrSRn5-6$d43o0Oszpb^2h4^AD!sF^9CZty$iq>3~bXl5-
z2iTME_w$KTm1t}G{#VL<?A?al2l4LPv+Qh^k3&{})9A01O=`&{zJj9Ocj=%^C>8CJ
zGF-}Z6Eb_w9i$W69#U#8{;KiHj`Be}BY}10$DThbl)9-B>~97Z_V2M6GPIlBp_-(7
zgw-9bC=R&t&|1_3$c5T=(t@V*f(4JRQQLHL7|>iYpERTOs+$W(EYJt%#B>@%mrIug
zt?4t_PQmLF)%dYyeYINYPJ7l|3b80AkgAE9!ok!-SxYt8zrIs41!)1OJsDJwpdLec
z%X8rD4Iejm<jhg2^3h`-cgl*c99nk9R8feg=VSQ@6sWD!`O4oYJ}vKNVn+G2M9S&7
z0y@+vXTC4j7aCGtvwCc0y(*i<9r(JXjY4pn<`!L-I!?Bc@H}^|IRDfM%kQ+0_0%wX
zC8i<J79iU(+V&VdNX{gy+`SAS9r3uPnS<kWHA`+#7bA=QiS3RbFT4U%v|ReS!n>M7
zxh7I#g;(s>dgzPOb2hs0Wv?IH@<B<oCRqgudWQ>V0X89atRZsr*}tzLVy+b}!5A_#
zh{oYyL$(yATOP%XofwhKh)2y#L`_Ua%}zzlPDkyT9ZTV0;-eM`S%#pB*1RrF9X7KF
zRt*=Xfoj&6-4du>seSab<%%2f4%urMa0P*=dKF!gG}}82KD%iSv2(^Q<q1fZsRTsG
z|0p~H={6g|>hEyf%r=)E6UK0~jzR0BVZ>rp&IG%WfhQ*MNPChl;2a?FP`_yjC0+vR
z+h9@kCHkdSwdVw4qFzyUdtefO`DdA7{5;HDBH8%R4V<{rU<s?BE12cj9KHzaSx_6e
zGI}gVzk9Sq-4bKSw=cSW89_mJeISi!!5U^RKSoT^Ze6IqegUsP)2eDuz}Q9}x|$Wo
ze>9r8LvA$+F3U2v=XNoQ|1RYj(0w8{bZShio6pw$oohmGiIm{8HB59!W=sIDk;g2h
z&v|N&UDyWrse9Dh5e8WTJSGxfte0zd&#0{D!?lo%{i-`sy*}4KGlfUrB{Bq)oy}k>
z5_GI+WmT|H%57<pD)~eg*<JPg+^aNqMZJ6}kwk;HY~h`nP0Fo`bkm8~lFI9kPera`
z*?cu+-B&5n`SmAMcT8-yTv2<`42pDbhhB_)%2Zk~b&9OovZe-wCh?<|3S&;SVYvEZ
znEDdNt!jPv4fa0Z#vHr7q=(28(us&<wt-Dluv6E~?N(~ScsJ?JuiQ2hglDBKkEoQm
zZNK9}iPI8jJp4UtKBqn-@G@IX?p~g24*Pj%pX8$6o4@DoqY0Sqj1Kdf1FVwDg>Om5
zJq(XHEI8Jb8&y1HZuW_lUl(xOz*b~r$mak<4mnO#AQCU4j@!b!L)VHDf%Mn8^BSo)
zg~_c)nPw1H!%Q2SgnM1FS08m1est_eA}J(|9~0yt@UR(UhH!7vrE5_WYa00zGZ%Mn
z6#tE@T}*uF$)tUZI}yq$_3V;olIv3J0oOZQ4U$*chhKlL6+NG|&*zU1ulF83ugBLF
zdOe@JyNMp}$H$4(6FslbyTtn+n0<FY!#6g4Z3KvAl>T+-^`P#`cNO2ewzk#~4YL`w
z<Ym-A|81jd_qeuy)No~!`CoLK9=V`9`1eYn*qB*nOCTd<vI+JSXDXA}zhrw33o$Vy
z63Hpli}hjuV`!pAH;YdTOJt4gw>#wR+8I{e*Cx$<Pi^N>Nv`3y`*&f~XA^eayOHJM
zx7|r7e%q;t)<0N#nZ^@x<fsx++V<;?W<ok&bIpy~b;3-e`Qy$8%4{N5x6`;Fry-T6
z+7NE(GTO2n?DcJb>srri_3b_`oiRy`Cr`kYo*v81?pwr8sNCqpp~WB*qFsIEeR<pz
z?Mv+kaA;zG>8P+af0jwbc{7_i?6k#A#N;{vem-3?4uTnh@Sa=GOaIBcH{2eb*u04i
zJdRs2)i5kyedOS7S?l}<f?u`1!WpHbm6xZzi&6`Fk&fQDyl-tI3oQP>foFpHwcTY;
zFT)_IaOFD`kOL5Kpn^fVR-r@lEZ*NF`#JL$=jy)6<eTbQ1E5%D9rCR!&ELuqzs+aq
zX%1VY5BjA^{1R@^VH+#rB4m%3mv`RpU4+=mmX5+#N^(!W0jQtLi*+FMpKdnW1JR>g
zc_?Ej%wWCQcQyDP0SF_fyF0}QBjHcMtGHF&@+X}8CmaJN>_ycYolIYUhmCiKmcO8Z
zbO;=G;FUH}m{*U3X9xUl$1cQQ?W`5~6hKXl<@e?h*!IOBYs#ah>j)cv&TvL27ru>P
zr{wXIbO$Z3gCDIaU6PvTZ?XycJHstnINvKNJ57FN@4)NopEYCDQu<Gjxd43V<v}I_
z_Lm{<Ug95HFBktj_NvYE%8@mrvXe%#R<}h84xe}((=rX00v%JIdPO<WVfeU4y6Kh*
z$9hiKP;S_CFVjbT)q_Z1ZNQ{x90E1TZ|^=RQ!hGh&ywAY0~FHyTGWE6)v{!6W4lf9
zdyh*35FJ@iN5{N-7s&Kx8AY05Qm5s`15$OR#<}<*SXJq&=aER55>ka>Zc93R;3ps?
zj~pF=7mi@x`TvOtgDo<Aka8nSsys+}ke10;{sGBk2E=J9gsYy#7p~g;;wFsch_b|b
znb(Y49&iV+&IjL>#_!(YJ!kB~HDLo@N&fh4R@J^`w8u921WSO>{LcE&j;4zT@`9~j
z`2ON^Km+^=rR8LSd4Zvf5Y??TOUax7W>f!xktcmu2ID(we}OdHI<Ky&%ZY<xBr%Oh
zEm<km<LRGKddGBg)c<E3Xovd>oKieet}<mxflm&>Nym*wf^L_5ZV>cG3w{0uv=d%9
zHlyJ;*_f+!`2D4Gw7fdtF@fk=P8H?ceHQyD`d}g*@J?ju;qV&ms2tri6gCXHD+C=D
zA+OUE(v_UuZYx7kBv3}dY&m<gFVOI_R7R01^+1)w^OJCX{p6ZGqW?fgYjyPVzH2e5
zo1V>)6Yo;__(`uQLw4JtGhI^FQNV<O<n!bR=?YkJlB09zm<_*lYa1##R+b<jF`QQb
z06CDNyeZ5;hsM^(p)Qg=bMwigfT>IOiFyeyl2S>{WHFcept>^nyZS+OQiOEbXi~(5
zZ=7O$7k}Akj)Vf&K7%|JQ!$Ye)t%Czx1@;f&uUYQFN0$PQ4^g$`Ckk13w-SL0f;j<
zM<O1O3+A67RATz%XS@TinjA0ON#dD)HotSNGWfY4xgLRpbFG}=4}DO;y<n4HgH{cZ
z$F%}i2KV%f<5=o5RR))GuEkvHBLW3m>azj*x96Q8E6gM6Ouq~cjmNA!@Nx2|?V9^D
z@hqi~+s_;;T&tn#9mxt@lKp2cyy_Ge4X77fbeC0{XZ^MrsMU(2%OXC1lNcf)_MI#3
zq>g)je*TS)K|ClVE1><plf4)Fro-C_p37=#yj|0tu;lWf6<Hh(?oTBK(5n28=HKXN
zLX4sHh}zTJQ$_8c_ZyZJSUve65zU|`LM}fXR!RhB%CRDimdg?>s_#XY8Uli9Sh^xq
ziXS5=6Cpl0^)Z#x(iD{ngwdmx&Xvv_GeFIA@k4N+-4X+HMpr<6+i;mONvc=w@xrBN
zt_H-E(NrNaP5+h4=E~-nOqBOUe{d9!Kr}|XyH{hl-R@s3i{H6TL=bzk{4bBy%(x-R
zK`3bPZ33g5ob@9JrrHCBps1Yh2^bC|Z$u%sOiEg9eT_%j2p-8F9K|9P-M%Mcyu-o+
zC*G-G#k%t*?uPN)ZT@d2+fML5m~0IjJ~gW$i(=(c=1}+zM{)WP#k5sacbG~ZF?h5>
zkwzuc)bJFmZkg#RiX~dHc7s0X50G7>k)1Q0i_A3F_*HgOctBvsH@LKAB}l>}ip?xg
z6V*UhU*-G>sKC$?z<(8^J`id@*P8#h3NS{+z)J1+@C6pP?Fw+}J^zjyx6NnK<x9Pu
z+aA+Ut|~ZX<I^kk*eeGe4`r5lFM%8F;bfM%p#Xb*FZbfd>@G~nu_+Xq=|sk4<KskD
z4;_0TO)@TxZB`(XiS9pzetnup&V6Br<PAe4L`Qyisj!DS-%w;WG8Ox9K^K>U>xaD1
zU|<l7Jjd)$7~>}g`8U=d&JrgwFlLfIK1C@;0_Xwr2eSflSvmk@v(9NKfjccbEt<(B
zDb)cc8P&u7Jn-Vzzx*C}Pe0+ruko9<|KKDp<^6O+Cm9KHk|h}-0XRLe`uI3KH9`M0
z0LWdQ9*ys5C`N)Dq=Eb%E?!>abGAU|8-VQ$JyIN`6MV)Krx|a#<tct+rsjcDj7n%@
zIBS-c8_u^qK>&$fv6<Foui)p6Ab9~IMYYXZ><@;pa_+ACCd-Ds2B<%yW(5HVFdzOS
zjc&VAt7iWo+0}}9c+CG~vP#?Gye-XNUx?ZXJJa_++1x-PFKnPRo=vU(9ip5e4eRU`
zhhD_~D4)aZqtC*vMc^Q-yx$&jsu|}*Nm~*I*P)_N^oQ2Vd(Rr+JLWuZ`+sSehj0>h
zV4oQZ5~OT6k#_?0+41w_=XdfR7&M!H^0%*fN(?dzevI%|x~m0Wc@Yz0dEGe#*L*OE
znzN{>ThY@0CU8k=NIC&l@1T^8@Z<CpDoz?K<QEekuGmx^9C+<x6Ytxg554d@L`41(
zK|F$!1!hVn{!srcIS1acSFeapx#^R$v5`G53x@K!9Ay9+V$=Zp9>9>s`F<LfPG_`1
zc(+W*-}IoXd~O?ND_3Re-Y((dB*If3qm||AmtIOY5gj$xGX+YHaYW3@`d|?g85+=<
z-Q!=^3qPoJrr~7A>+KZ(#O(WVrpM<k7Jcjc<K*5p=ezA~L@$@``(c64=jHTWkAC|r
zk?;E+eoZ;`v*+vM0p9IhjwIn^rsoy@dhvf3+{ZNkg1OD@PKEjYriGinaTl_n_V!t?
zKG4bCD#|qdFRr{LFLFsp{dpciou1|7`5zA7c2gdgcSiUlyz9y0n;NAKXLvpo_!S}<
zk|8LSrpR<0raD3{e#vs=qFE-zs*j1U+AP*f)Teu-pq;a&O;kRL(GOg%e;*fm$MuR@
z-D{FQW1tz>hXY!IQGJHn<7=j#HCc6`IHTAXqrZPrxX+|t<vTELQdn^J3Sd5m^=)6p
z&1o44|L8Bm*kiD2tPrG$M&RlKf04PrK^}#&N}|AQ-v9=Pns&<BIF4U~X|jPWOA-OC
z*}l*vU)r>wtAT4+ZhT*OZ9`p7925hENla?_T8S}F@1oKh4m4>76qnA0HfYdP;GcqW
z+$$hwb(C5f9@U>TuFxxoz^MIR9YNbHHjR1_NB=?<^zRp-ZSVrIsWq0w!;a>`*Qa(-
zib?=S1lOHgT2hakd$894w|SFYV(5?%d8Z|2^k@Y9yjh09g~EyuuM7G9B-Z|)Z+nM+
zZNbrkTvxr<<ds93wAr0sUr}0DdU00Q{`xP5{Q<DPaZEd%{OPtoviLN?ApZ}BRXE=G
zk-2d%tshxr+9|!D`oEIJ@#-vo6E$U*qaRs}6*5u#k;Na%YPXMRqM@{gnyka=KVH53
zGs3k_aZSa+Ti~Cus1Zry)l5_!9tg5U^%X&*Wfu|S)gR2BFZI-Ak~5!?g!UxY9-gLJ
zmeuWHA^O8GQi3xKrLAFlZ+XP190F*jQ9&r;(PD?>zOilo1Se%Pxc#p%7`6tSi<z8>
z%r~T`glG^4lf{`l)6N6p?m-<XHtXsqFk`enp)g}aKI9iZ?yv_|`3Qt=aOaxwAVO89
zN-IEAaVg=lSRASomfwcNB&~lT$Ph44znIxeYO6O?yYM4e?-|jU*K>r5pA0}D`q>^d
zy}puol0@8Uy@$a7>^d;d9*A9uhUdfzM1MW2UsLtw%MoAlz|%C8>7k39_X}?<t3u9B
z3Xl|H!}K~q1v8sQYtqkbol)SVc`n#zx^`HEJrp%&^ie}1;xo*TTo{Rl7NEPBY(tsS
z(0^(DREPwsa7n;UEq+9VT@|n@PBk8-F)SE3aMbM)d)<`oEV=G%SET5`a;e7F$3}<P
zwzWwo1dl{;rZ(g%r^jeZ+R!oP?-B&{bor*j=ovn>9)8``?+$D!55^QuEv2~Qzg>QI
zkUYF+kAM%%+j^|&x8uo5oUTl!hXi5Rd$xZeJR4PvMQ^PDoxQSz|5BkGtGY|ICrnfd
zh|S!eH=l!~Oq<UKPei8%yJ0k+CGkwU?#s-^bl{4d+8=Hb(dr|t2QgePt^!Ehic_|#
zOtWp|*sXVx`}D6|6S9YicLj0hvykfix0Zm>EC<JBCiOk6ZV>*!G{5mw;LM);Hii|X
zBuzD}>4LBkn}4+Z$*&5XSAS}b^o7}arahcUraVxMEPn_>RDB<m)B{|3%M86pk#y7~
z8o4ESPvS7?IMSF*!r_Qc1rmKq*pB&|Uz1an8lP(aX<c)QJo>T5NgGuC%~?1^jw=Ua
zVzszEK}|ZfhCVBwj)|g^;fO#I<YZ)by8VIb>z8?;WT&=3-ep1+FK}uw29Kn9Vd@4a
z=ql4+I65O^Rd~7HL#>rPUsru5dR5r9y6`O?VR?@+^vzay>K4E)(8ACgU5t%uQ13~F
z6@VIjr;Qvu)gm`xBn#GJBNTbUt94?hLHP#%@@Dp(JCgi9D9LRCDSSqIi!Vf<L)7OK
z+=4;5v{^_bRxxUQ(J)k;+eODx{tg`*n#Tv(G3-9KM{4CJeYW3_dY~!ElT1;&Pzgd{
z8sTW=w;C&T70wv5WP<$OZfIs$yF<%RqA9~Ivo;%{1Vd;xI?gsA<&z%B1s90YA^m>^
z`aN_-VUbLsoEYWkq#g$TlBFQJ47jbBCQ{9b@*y5~A(--om1%^Lek`g3Eb-bP8;YZ^
zh*=@;3r1^U^k>ak1qo#g{VHB#+=$+Y8|9qZ2Vw1&TO&ijM8u5t9OAG{cO?|%R-HuC
z0p!96{GD0{>EG;gf#S)30%9e|B5-g<ngG9!$^k+zvncz(U|7wVvx<fEVoVLu<mb^_
z%xBe8R}h}JQh*|Ru}`MCEKBt<O14{`vKf3!MW29oErj*QZZ%3JW2$!n$<VwWaKho)
z?Xz2S5Qi=nXWvf`kstYGS+yiY_!B}QRwg^X7hJLqb!sdrLZie?|NGh3mv_k`sDk>+
zmh+pU2X=%HsM_}$Wa^ZBgi<@Q(`c-#K>3qc5~_1XxV21v$RuMuK0(72DfOP#{_9Dr
zz8-Y3e6qbl5{4bENJiz`Q!{zrIo+uczXYx2J8W*T|I)Km1qpAzJyMEr1+b~MiHVzW
z9CU=ln2eT0(|6?WB~o-<-ooNc0FC7kkB)2uLpSe!g36}u7F|T<>!yTSY1hTuts5Fl
zN3sO^b_w#MxI&6PYny~}tKy`_XM5efZ5!nxP;EW9kxI3^@880+Qv`C=na|H4)qEt6
zTlMd3$um0F_iQT>!hM?07ht5O`IOhf^4R$vvhRzqj|P>ZvjXB)&*Zz0ooXH)%k-Jo
z_v674i%62^g9#SXRRwGrZ?!JZE84v}@aYssEGdx3s?3jft^xLN$T=b|K=k{kU!pY+
z+8U&>d^8H%j-lZ$y>pfoja`ad22O8(vCFv6YzUfEFR!om@MLc3m{jfwjygo}VO~|(
zhre8jr8Y0c7}rDtWcXXJ<HVWe*_fWGm`=!fzp0pjEsY}-ywH|M{f(IGL=O$4vu<0x
zDvK~R>NqtRH8kejHRjSaZlSZS!in!26phWJ^X5w*V?2I)m8hC0iw_p)XM%3wf_TDe
z!M~IMYiycf@c!}=^PA1ERjzVElhrMSv$cd!Yw=$vR$m*$0ze$+)0Exybg3ll^c>j=
zA5M}EVq7^k@0&m>R1j+V4Y2dTAXpIkdxj)~S-Kz;)Yp?kkrts-#^{l}-f;;_R!lym
zDFcg77j4bQ0=BR-CM-o+LNvyep&v`Nif~;^+$iRWzucaFkhOO`?E>OB(kh}UMBxK{
zlfn`f@u-+5ijrw-7y<XpjRf=$4++h$OTx~vWh^}5W3Z-O%>l%)O^$~5psByTZBMV*
za#Ii_w(j_GEgx>HS)E7k_bDwk4Ie5xK=ZMY=E|E%IEMloj;5H}D>&Xlhiv-Sk(=xz
z4Dn98tuOW<mB4tsDQ^?L>=q6OR~=!b@0cYfYrv*0=4tju$jhDTanc^qv@GpGYBE)d
z?pLhwW=-AGp>OWd#hN@42}g-sT|I^kK`Wa5GA9is{jO&%Z<NVYml;Usu~c<m+cmrA
zFRQP@<x+3beIT9hM-V1!Q5vm=r%onS$-zI`)uV!Xa7vXDrV<;b5{+m}nhDWEh*yj2
zjr^xb&6wU^w`dXbcvxM01sZ?Ho3iXe>#plQT?@>fZ>eg;9P$*_oHrxMrhWGoar;RK
zo!ceutz-yz^F9WdylYoY0tzO!J13MTJszEyyoy!3P?)t`PT~n#X+~gRE~S2J-RP%u
za_ns8YL}<i)R3tTPM+pO;*VflkS)uJ42bRrT{6qdT`&AU^fiC@U;0XIO2_WNo3dE@
zLto*6{|9`1BEDa{tNBmtN>6=PBB+y&&R&Uh#W+1PGt={RH*wW-a&ofq{rPcD-}7-7
zDW~i6+EUZ)^LqCYS)=FU@bzyU^;zP@2QOM4W6G)Av{<b3^8p@YR(3YehB(2L`qbWf
zz=b4|p7z&P=k8g<(1h9663trXu)0c@-toN`^g?xTRKg4!eT$(Y)dZV|6q=-FRS<wT
z8}MtvlK=mNuV)Wdk>gKF`wdH5YM%yjY&VN{yeUUkX~F69EnG)dkIR_I-UH!BEl&f!
z<cliLE6akPdsp;)4hxR1|5g|mdD5LYEJKvE_;{q4l*m{4wJ!A>HPC3$iLlo-R9RFl
z-_F`<{-(D5qZ2^Ma!s?Rw)QJ=jnkO+E($e;emAq2;w@F7UI}I`QrE5Pudm+MX3gXI
z6yK$$lPlPJTNzm%GpjY~gD}4d*oY?2jVSB94Xk_J=UH{&5?}Lw6)(RJ(HzTfZReF(
z#MRJme|`;xR`J27!wR|217q1gGZpxQKkHqv74f;ySz<TamuRc6x(YJ=O@6;9790zJ
z4WVaPR-Ks8W-DiG+eLDKWo~uBYbbz;DKnqszAp9Jb2+z*c_HP`cD*D|ALY3P%K~l)
zMs!TYKkHCXy5B9uGH`FfB$!aft`}WD6U&6Ex+op~J$1n5)`T2<+$PUFVcKf_G--=m
zRfnaXjAAXRO^r2~+E=OU*0KIPw+gd3snroXuxJZRFQ92-n^2j5^i$z`tTPZgw~7V)
znq+Bok5*GxDaa5Zx7{f28qQ6-Eo?Y>?w2fIuAuoRs8g9ORi7JH#m=%;I5k2PamO~l
z*0u)Pu0?x<W=Q!I$Ybl*TrVAB{bCDFz?jB>sZCuJ2P6a(VjJ<GPGlgC$PKT^aP|FI
zv`oIErgHeA8tAZFy(7?)Qz__?KxMunw7Dxm4XgC4GZCkcxhim9)KM^CNu)b3@EG_J
zXvoHKrOqN#`24AzhFlg>aQK8Ei%HKf?PD-Sh#{?_&HyKMRuoCs^U&Q4&jw0O($x&)
zc4z%{$db8=iC7b|vHjQII@9SiyP-X?iWHT{?&!RnM7Ml^B?2d^Isub^Hn(n}S#A0{
z-D*Q&lP!uqWvOi)L`E4^ec7IXHwn(wgc84jEfNA6wuCH1`l&?%{vd0TB54vMC2Yo4
zQ9)I5VJbNW;EkU{m<o_9)3WVnup+F$^dB5yEgFGRA6L~eEa_*RG;!z|LhE$vXE5(%
z{~`>7{SK4w;m}?t3%f)M2yAo*<dPu5E4%;2AMhIiuSTE9SyuZ1->;Qyzpj|~4gtNa
z5HGB5^M(Z@auLx!+81CyBWwh!n9z)MhP`1dWY=e)U8h~J069*(n(4$ruWIVkha}a#
zYMeN8F@xn^G?owdg49U&4&)S9wDKP3I7d-COI_XXcp-BWV=y#^J0RVEKX42W!<)fi
zh;)<*-K!wI0~5l6vjg&owooPwbH<E^D}T{M=?~}NIfGA*O~_~ZhB_g-BQuaDB$$LN
zJAS5=?#ZR`5lw0|LU;`Qr&F~7N_s;_TjPe`Dq*KR=*pHr^9~9>I|w(~fX&kT1H%iv
zfmn9can|~AKZ7*<*ToWE7?H~^2_;d!u&8)u(LAh(1fXYB2_B0q&d|$mP%%=-micUT
zVXg?0`C%ssF+>q7xo0=$q})bvkxTzVB?VpK)F}`Lb-%`8y~u#I*@z|9ByU-}^8QR4
zMR!-kiMc_tE^002%fIiT8j_{0Q*GJ|eG@7rwJMzE(GuoQL!Ir1cULGydTStv%PzF*
zGIA;avjvh4guX54l+&7#)mc1xceU)s*a2M7oa3+}St2;HLs9X;dZq|gn8tlm#|P_E
zVzRWIM_w;`Droj50;A5L{@@xK0VPiYLIp7a4YRny_>g9U-h<w9$?vnVDFkjq*8Mp*
zEf|hP{;|U_!*>xHqmiPPan0=E_J0|JfLmIg$TRDE!uWu6^pfdXrB}l=Dki*s&LK3e
z5JQM<Mie}#D<!Uw&4-@lL9vcgY6+F94_XHEkKv&}K@D!vLdGQT-{O~hTStBr-rZY(
z+{HE5t=6j5CftU028?3K&31PN(-?Dhq!7A$SW_tX2|wSS@_sb`;wK_R<#$}Ag}-J-
zVTq>`11ewNKKxubMQah-64O?sP6J<}MHGlnGpL^hkhmbwDC%G{?WDOv8x^N73zcWD
z4&^Yb4n<6iw!dHlhjqO62<zx&d(a)F2(1ZaX;~J9iG}O6ia}_+7U)aE3tI^F<JbZo
zJeAN5gD$j!3*O=O5;sBS%OHaPiyR^<ybs<dDz-1iQDlpU!g@;hclfIH#={P$IFw@z
zg{rl1&_=&p=7FQHE~U<BYeYj_9fr&!@8%xNi%Ai!2DA1#YDee=5g#sm03Y3T6$iR&
zua7aTl^!ZqOxSy>5Wda>8bQo}PaeSa^(7yHSjCj!co;2|;1L)k2RIB%?-3PcWSD3$
zP5?m^rf(mSEE_k3VQv*+FpN|P1@H+n&<GjlR@7Q~m2J`#4rV0;`_R5Gv$a>oZkCJ*
z3<<9?9ClGymVu5R`2-*s+_XP{NdYkZwlA&M0Jy)(-xCYNloW0%OsK`5gXOP*6CVHU
zF}T?<s6j03c?g2CI0w7_nR*X11}U!+9fZ4^6$c6@FBwk6D?$-E1~9LFnUU}&yLMiP
zd5Zp)-D<*k>5I)KMrh?P*ys~5I0RL<w_Va<e`9>Xn>3t`yd&7j2Iv7?1Z_AC5T|Y(
zKXd2;ac;`N;U3@;WW;AUjf*rl*WQa*ekl>N{ULX4#5K2D4dz>SE+ZyqB1dOY(%!-2
z^QehcOwOa1%4|mWUv=rf7~6gk*SjhnT?@++GHB5!AQ3S=iDT*e6#-(2W0ClpNXzO?
znuZ)dipZb&doQ+rbg%mNJA4?5aXMWP5UtQNY|wwn6EYpp>m~$4e~264#=oNTs2V@*
zwBBBw3saCmGdR?y-KW%Q_ab_LX2QGK0xr!~_NFlo8-s}=2pGHQD|2u$3EfbF#{$=b
z#?o`+Ca_|J<5YPC))h8@4`}T1?>!O}z^lj3hVkH0#&84G?L%;Z{JzuJhhPUFj!?ff
zjv$eT`AtWEr^mW8-~#@zbFK@m+G{N&1pIBoj}~_9<1-2N0Mw36G;eUf27_U>ty9)i
z-aDO-=}hS9dUr%JbF)DeR}@vy0abZC^l8#8o3W2%rRhW4mxqZK%+Tcage(Bhh@J`}
zODe9npS2Z={IxpWL+kH`_nU9&Ui??pJK}?`@I*{QGSzER?76YlWcsuKTKPjOb*WAn
z>!P&K70)uifv4sQU{&(_OJsTq*5}vZo4*5ylGOfDJGUQ<CVkwAfN$pAk=Q1>j_y<&
zXkWC9K!*C9DQjYhbI-5@`?C5Hrzj}1EFYYiUw|<(V4DqD*wrbou}&H-VoPFHRAvSk
zq+0luj+TMcqTWu2;c!YhCW!@%Yw7TEw2XcDAK!YJ;-HLM0U=zI3JSu!TFH~K^_d!l
z5=M;_SHPp-gcN(oc6d(mfnO$|=$qRlqQBIJ$wb?_=UHjDHIvI2EvlW~SglFqno0zx
z5bDHHs0y)k_;neenUi;8=6}7++aK!;hSOEIM!KNBQ>ELJ8HW)31dpWEhmjdrYVDAk
zQ&4nfoQaAW%NfLFY(By6wCRbm7!x_X*oMLMkg!#8kFU?+=y$5U<OAvzw`yBfyW_9w
zPPz@l^%`^=+2~$}(SqTFo<mlQGql*)<F~%A+SHaqyT?Y|?j<TpC*I;5*A_w_4af8S
zFf4Fpuo)FhVlR*!jm4_Ybc-<lvm+-w{U|GTk7+CzwQZ(o^WIme3-w3ENFW`UvCC3Q
z(STE?F({%i3dsb$M7Rt)WHO))Xh@rexzc>)!+6^*PG8&?1#-ddZ*@y79Sx3?zsVMZ
z!u7b+9(bgmFD~>i`d^C&ehSQ(XFJNe6R%YoT1cjv>i#|J_(azFi);z<#P9k(zT;$H
zBTK65H!SWHs*lF<I-eLzwh`Zmj^{?KX^B`v$JZ_@1cfLisUh>v-5`X4dxi%astZ@@
z9lcwd8I9pSg9P)TPt)MKkQh>oNKK=6!HA|EB3rd2e4#VAXxV{v8g22k_C4@5wB5A!
zYLv>M+C5%r^A@ONq;hWAIbI^2c9feD9>QDh{BANqI{nr2{Y*14-Q3)k9pzIftW-5_
z_$G}!)dAJ<U&h+W^w#0FN5k+lRpBmR?X}`Ugs(U9>-lIV`%hfg_Q%2%*%s!-NlAv^
z^x}gHDfq~`=2;aXeY4({&cj#T&;+FVQ@viJA>5L+O>VhBcemT~J34;z7q@Uq<#A8o
z_7oOIUcMBa)M6m2dUK`&$Djx+iaK6~gTXUfKveS{G->2sEBtcvZoNYEScfFIZ#1xE
zk(`LpvAftIv}+RuUC}JA>x#72v@q7S7xcjw?M~?O{T8Jl(|J8|oJlz>WQ~bHelqS7
zNf>68OTjERx`pW)jf9)!f7)khXVsSe%wzL){wbD*H0U$$v^VQrQt^pPnFQ9xPN1dL
z?P|Q}D#lq?|MPmrC==8G1+Tjjk#?!W-?wB)M!M+vL5k5Z4addxZ6HQlW45iV>IG6F
zg<;n%@~bT?piWN<r8wVZ^HoBtlE>j-F6p~Y{0y9ys~2urEl%W8v?b?W4n|6Uv(QwC
z9##AqtAyfYWkNOOx3!z-uB(<R${Yx}{y%1!(~Bl@ubI;ly-B*jiAx)De#d48rG0CU
zi9Jq`Vw>m)wP>JyvQ{R6FMYbiJXzmT)?7R#X01TmhlW`KZAR|gVcHmw@54Ju(13NO
z19_Dg=^I%e%gJVmbku7+6#i@O0Btf7T+7$*$_0JijHEGE#cgMOK&2zJkrMJ+1eH5`
zHb;r$OIJw!TveNoQaQ;R*62+%KUB~;Qs^44of^k}iVk6g<JeAGJJ6$2f2flctptnV
zcQ5aMTVvO<$}$A(FT{Kw`_@Vsgbi8{@Za}9jm&>V&N{)7q;1@=0>T$L|Cj$wc^ehd
zE{gFW7<L#~(5F!p8)W?g46`J{qfQFRTH@Aw7?Tx4S-zY{MauTGO7eQIW^dbxJ*=k&
z=dPBhl3=!dcv<MvWjZF6i`zCB<eD*<b_;m>18UCOH5M)4^>>sw4U>X5?ZST!99dO6
zfX1<pJcG0}?wV}TnLmqxIcLVhNw92!OyNBZ?%?Fq^rdlqF73Zv@O1{$AI|QFg|-j{
z<LRs8c^jeqEB$G~raT3qk*mG9kS&9ETm1eQu7Gpsy6n~P|IPW*Iw$r&uoD<&qP%&+
z8<vvnskS3Wii^byucy(SQWS(;p5oQS+$ExwmGam*QH@9btxxCorO&-xDbQzYG<1eF
zDW@y+-jiW3`(g_(443gxYc};To}n#m?dp0kTyj%C%3~$VUqin?OPF}a&WL+<awD$%
z34gnukWc|gETtANMIsuO!z}BCk}PJMR`b`nj`ugxBH@8;r=go+>cc$Y4(J-AGc+eb
zoAX1}GzP7G2+^0o@Qh6$=}KU+ki2P~XW_tfgk&~D@q=2ggIeJ~%^`JWCJnI7v55@}
zZ5a)(lZ1_8I?A!+I9}exW|f9@zR<&}Yb4P(eJk*=?Ehvj8-&%ls)riL$mj~VDiaT|
z8jKU}&u_}tg{?sOC-6|9poIN;xm(5f@R!01!tpJ(L~!Wz83^qPNRHw=L=|3k3wS!B
zH71-`b7hySfxSgnKH&QgXB*qWjLj3j`>Xyo65EHI&0`t9T#G1xh;hI;A24B6pkCb7
zdeTj!^?X?<DRoh(6njM|i+N=rY;2grB{MLj&6OvJ%bh2v)gzM`#^J>S<NQek{{L)h
zJL9Nz8tfvt^W-qF5X137uyMoj_u{(U<rj;<oyw)qaCPBh3Lg;2GX+6ilU8A+o5JzP
zIhL7RD&IMvAtU>Q;Zc0H{p3W)_gR6-WN15bZ-{wukV5(Bu4*~aJO%=d5bX6(@M6Q>
zGQ{u=AJGV6`hD^MuI_Gy2t~^$`6r`sJN?}8b!p1*32t!s7hlS2@;KPg2t!~37z`oM
zVi`^^7=prwLkL7^Fbg1R<uGtEcf;5%3j3Q4*c|m+*)|Dcp|=M?Z2|(>;u+&^^kuB_
z$Q%Of0W&zjDYzMs(UQWUMx)?|LEx|vY+yGRdKswg%|&tAVF&XC;0x~o0@(OCnCT!q
zt<>3r@&x<a0F_4Gvim4*(;Wmx2aE>tM{gPT<R?Q3x_U8g0Htt=_q+FiScMxv&O-)L
zltqVJ4~996w|<**v)lRA_Ah|bGs2O)BLs{bu7c9q>gVWST>0%fj1uMDUjhkhA&Bft
z5VC#YGGvFfx{ex-40ZsU`hsXuaUs)BA4H4}N6ut~&n#djmLaECFjE1NvFVv<4^NL$
zj+k9WjctTaZHA9+Va9hQQu&fQK>4qE#3v!d*NM#o0F%JZ^3M~zQX4tE8L~06)X)bg
z!e0~)A3YDjp`;w3{~FIX0!M7~@n7?~4TXxw^u0}>(cTq<IuD!d`CCWS@I4&usz)x!
zsNokMIF!{AbOaPLOTFsV>j_;NVhTDO#Yo1?5CB2c09@EV7mpbr$LWR>N9*RbcN$mO
zCw^#tgdK&O&4V!w1rAjMj_BR%5hQwXD{g;?7=|h~ODLW=gCy1ph@mhTL9RsNZz%5Q
z9{*kbir4%r?_2j-vlhq(8w=~j6}X<C<@w%-Ef0Nm3n3mZbH=n+|Ncs{N(IyfZmJY|
zts{}1+&yGR)t|%!WlKe$mHz)>>n(ud+M2H6;O_43?(PJ4cXtTx3?AIwg1fuBJHg!{
zSa6p>zPb12-sk<R{-S1TruLcH=Wu%W>b1Ie&m~i%+dO)j(Za1Q4CHhj_1E&@#$0Ic
z@b)%xM_Q3r)Z=r(Z`Y&lA75aG?xfzzb0pWTx8m}iNOj!5RjZAc0`#ahOlDjW8<dJi
z^+hgZs`D*yov-R4VK){!5Ur{=M-8W%7Ehk2R*;g((sfXoR(^n(&3Xs&BfV}UGYReY
zoZQ;XFhJYe!Ojmwa#m)rSHE#6bkvVj%&^d=JH0w_gQ1gWL65nyiMT30k^CI6i)hO}
zG}~Ncmui!7y;_IWE%<od#$anvn<iE^Z4={YvA2tq<$q85LQAn2jf8tft@{}UBt)H8
zaoNu=hBaoqp$m?hDY*&QPQZ7J2WOjxu5I^`l4ZS}m6K)SA*IIpX1PKxM%kr!q1Kwr
ztAYc=CN%tWffCNr3FvK*c6vFuNAh-mS}fZYse-H1uzpkJs^)k!8wne@*Q7j+6NTa8
zV%xm@tc`{v&tyjOM8h(^bn^|}l<oL8*8#1^`!!@bfV7oWNY(dV#jf~PP(hp#otWM;
z3oy-@(So~7j?`)AwaczuG6!@S@@+bcC@=f9Ri)V9lgB#RbdX#`chhXunY>qG174bV
z`?(xxm=<|X+_tlNDLey;efbQ{6)yP}&|d`wuTV<bLMum$`U9pp8sjfrYSU90m{N#W
zr#+htGHu|kI9-aEO~Na{K`>7PUO263)0^XWG2hHyl{p@-dy4Oljj?=b7nkCyOV+Zp
zO%>SkDdm36w-;O)cUW3NnPSZ_5#&&%We0A{KV$=HGrK9QYho~LI1ij#xcawP$`!bw
z0J(9S0$AVo_0HsNPpoRLCmWVOcnVJO-*_(9H~iSy1TwcCplXGMS!8HXvi|xb7&uXS
zvf{pX7QV0r58JW>?u1P>+J!RB=+4Svr;pJxeldxw-(_{Rsiri!A}ul4Sdwy3YyAE}
z^vLvBGd)ApIaGhEZsE2-^bNOC$I$eSX<A&2XtCqH?gy;p@15U1kK;7K77gjag1WdZ
zmLZHnjY>;F+RV8Ozh6xT4kbt6@-uHCG`&c0O+}vYtqeBnWZFjlKP^Zc-k<K$m<)6L
zUzVtV%KC<;VK2bzV|ay0i0AjO%G#OUS8~4II0&m~^Vg)iIn%B8Hc3!ROUv(C)BaFf
z#g1lGM}M{X_|3}1_+Lr0EaRl+T2@V3{~JXk08W*WZ||uJbW)={=O^@KVwMh`6dj3h
z?zC`En;j*ybsM#a$C#!V(~M!)ue0HoM)Ox~_pph_g?%<vF^{HI2u1^QFhz!?eP_XU
zl)maBe%)@jk*_Bo4Zqg?K)b`%-}N0${a4>FB<){!Z0D>fFBQ76SoLOb`|q=fa?LYn
z)aV-h3{Ed@wNn|einDgtQe&+t^8X?L;~S@GMzGVJx7+^^0Q#i^l}G=^WSiftG6u|i
z{wduj5SxE9fcK7GAOWa}ZDZT~F3$myU4B|kOoVSMJMZw1q&{^;r29|d^m`DdOPRe(
zl=}Z^2SU=^CUWcJIuVQb^91B>my*bnT|Kp0$^!wB!0(^h1bF6dru5xM39ad{K}kPJ
z$T@ZJG}h27lmJB$*=)MdNk4@0LnLf`!{RtNVGEFQn;v*}S4by41_97+DowEZnebR_
z@o{NLDj9eDf_5S!HwMqS+#sZ@d`l+EX;)rX_EW0yzv`_4>(B`s?T~DmH9=(H+V{|%
zgFTyBt>HZC>*7|=qfRFIO6qAPe6Z3UdXVM@Wfj@UKQOpa9~`OMPgxb;;<D@Z8=TZw
zOtGya<~lR%=~d^_y=Ls}k75{>QVz=C<7yheU@=AnYSj~}7l+14g3dM-eV+i#TbZgV
zI7GCr65Xvz93KTS0HiI-F!M@9^?y`5?8^L<+;#To6e9+Db_Dtiy?}2obM0xBgPM=$
zW}sig@G2oI9h}>0QoyZw&<IK^PT6yr*<ulW7FCOl_s()7j2j5mhievQ$8q)PP9$LO
z2s11i)G$o=n2Builp4%lDHA|{)|Vik$;xrnoZGTz(j86Y^dEvVYwEy3g4Fg|x9>Y0
z#sqF^hsLb^#%Q>aZ4^Ib3>_s_NsUlznUET|S<Ok3&^yAw9<+#WedNUcc|iO<9b&Q+
zKy4ZwgrqCXnB^i4E9femESHQQvwbH_!Y!4Bl?RnfC4J67%<B;=h1v;LU{-Kwb<Z6k
zf9xZEgvjm3N)?!mLXitjQ3&B~(3meqmAI}e+;oYbP~;9JJ}y2!cjBw!lR?&(G6g~Z
zn8IffZq%08g7Gn^3?K^n5UuB_bH29mMu+`CxmB<6K+jCnPQ|MXRQK8;nGCT=PvpFD
zR30wv+Wf3W*B=FP6eF5a32{O<y#*KgHcxKYzTS(n>dlihXyI+$vzkT_HQHuZJp^v)
zgx+D-HZmL_am~OE+`t5&ZXaNJ(*{=NWrrNuPzI`!j`6)*<I<d$RM+uo%yvJ6B`aXM
z2FjceXa}OfbV9+^LNw+@2|Kpx=5v^Eo<Y(bGKcg1jQ0ubN{i(#fZ7k|D<p!FBqlT&
zVaGVsff>vAS%EoEKE##fH~|pL9D*7`>2#dHM=6t@Vujt?_E4c25(W;zi_;GOH>6Ty
zlz4|)^y87T^$fL$%#x4nLbS^jN+Bans`EL3+XPD?gA5r-#F*2&1`BthhjacA7rYSw
z;#J5)lkO{g-UL@VrBGx95XP?uzCsBPW1kv%q&ku2Gt7NV;$4Rt0szloO7d*%&xC=V
zV_GhwlTMXXD%3-Qz>_%_gZ=kp0zJ#-OmSVkAOn7ac2v7?V%%S>Bs(S0WuzJ9*XhkT
zGgofj0G2SS1M(S$3Tp8-NP4H;6$3hY_vmuj*oaJiFypreW?EY;31@MBk2TgIepTYG
zK@~6RN;7BNlX3K~rQ-st&6JF}gyGa8Npi#ah!F$(=7v=w-;UkG@Vm-Z`SMv?tI_e7
z9=Ct>RF%bW@j*nY4ZaW_qb2C;MmZ8CL?{#9gOR%)(V@@6dPfqEV{0idDhN{;&E(UW
z94*32^?B4=P(sRQyd`llU==w$+0TSjuKgc+sgBt$8AxaN^pukpJr^Rxdl=Z06;joU
z{_<<IksT?sVqPmf=9jbLSQ-ztotN7W#K;w@rG`1V$GGWEnx+V~p-OC~85tgM`zk0O
zr}v(}xRH}^S{bvrCC;`Y^_iw4a8?oS%*h)%DP_?+GI3mr?*o$aAVGA6&6j3S%0-0#
z*uDS~ya(UYxR=3T-OdjmZ3GURb3=UluB|i0+4fgWdtn#K=h1x3gP!VTC2E@dy6RR$
zolduUxHzS%sWsQD>8bExEmEzS5zBoassb}XU@HRN`JQE^^3TUGqwTnOSFJAAXROP~
zt5G!T2^|-37iXcD!^XJPx|ukQTl!RPoKZfyFmt?0-EU~^gB7ReU8^bQH7rpZDrAf5
z+hH*}n#Ou@_GB+j7?2@GBSU-wBjJ}a0W1=(VZoDg+?aVU?DJ^)Jw!r&svg}Yw<;Jf
zDHaJi=M0&TB3Cu=2O^$7f^$tW>;($9vk4-K-lDDWD^Hj>lBmSy9~N)$5)V<$#mA{c
z#&e)Xo=Q80nOPToeJb5H={-3_ofr%y#1*!<ZAuXCKh&G%Hpu3cuB{Fr&7<Law#Jrq
z^#U$=0SrP%C9#|7Bf^YEBawJ&Wp3$$xM-)r>@C;_!u098*-R~Vuu*lq1Y^8O9(Tw&
zYnxgnU(R8EW3=9F+EB_@H$iN5;3lN&Y)|V#41`{#xYRU@E!P37;Fgv?_?WyeCG4vv
z;1ISbt6)?2d+M_!w)Oc4Kg&)&u_RsZ?y6fmYuqUt$i-C{Ue|+GjW%zRI*bV5-0BJ+
z#kq*H9`X^(P|CzgTzMHu0+0;#WgC3p!uPYu63;IKs57W}aDC&?Ij8Os{G`0mrjhz@
z7Wk#FqN!iVsn_oMiZT?!L`D2;XpdsLrb>Y+xtjhflt;}BTk2#+NrU&^2*>-alS)1v
z2@)ESIy~w-QT2-=6}=Zj=Y^2Yw>Y;HJ##5SEt7lu5<J;l!GS+;)tU_nncW#qGgz$^
zSE2HQJLqKY|AN)Z9=xR#<LW?~S*Q(&H|?VOOyr&?AL@#u1sQ68FP@dr_#x=wRNPFr
z9zjooB^4Sm|E89vc}R1jFNXhUxef0$)l_uhAmM|WwH7?g9sIbNKt-f}X?_w%N6k6q
zFsu#b<fUIZ`u{LW_XwWyACO}G3<Rl>(dm(fHSXpW#_^NPX+p_u>@hsu=#4)Jb+7zl
ztGgARY)+a|&6?=QZ*dS_*m1)D_!XyoaO8b$OLe}V>QcPYBgdu6$m1(eK(4nWxh@@l
zr}&Z}Ij%{0Jg-FwH)dO1(#1j4`Z}p4VD<cF<`%W(){gTzuq6Osc^r-oarVz`>1GP`
zH`kF(XSE2Q(N`o8%1#=Z2~SiEN@PLZ!2P}z*Hbl4f%-ef5L&!i_0oESt;^pP9)*>U
zHxzn6bQGE9dY%QGKx~#pTw)ZNY<8Aqh?tc(6x+{e7M3xY9=BSgqmu%$k?k+Qk*f77
zkt9%d2;?oW7i8W<Sz70<ZSIJ*yKJB9XYE0<=tOw=Hm)MR{0SCV<UB)S56HK8k*h43
z(QS3oD)6y%!jgA|dB9a~g6fJfS(IaMS_HO6I1fgTDH9^bf0D=JE)c5V=rjVE&+LNC
zR(vD^SU@{%ndn6DrG;D!H)3Wu4QX<<@O?G#Tb{VPsQ#wlHgYpU&?N<krL=pyM##d=
zsdd-q-S=(&iJTg5?ZF&dFo$4ABjp#N5d6iLp2CIkF7fk|H6L{9bBzg&Zg8_ilX>H}
z3_rYsXA3Y{fX-Jsx+1FgY$E*E9<$Vxw{;v(R(>0WQAbzLJ@2z;B&HK=Mlu;e7@0?Y
z;bRSw#zL1$VtQBm6i}vY-MMy*Y+Z9#dk#>9Y+VFW;Lsiv{;@_k#n4~j0r90oPs7yl
z#Olejz4nm=M+f$cdq4eDa%>buiuo@X;rn-I=^8ZKkXse7&yvF^>YTw>vMC<Ehi{0v
zbMgYdSO9oQ5D_L%@{6Kwy}oe%S2~G@8bf_@teE_iA-o1+!AG7}ck#n}!?~4SH|bo;
zGYuh21Op=Qt(RdE4H0HjFXMpI@CIJk4wbUA`mhS>lgz*48Xv;H<Igqzn{fp6c7zOq
z&-TG}N{5^f29cX8hpD8kIG^n$^YX_oh*={y5ruZSud&ivY06r$Qeq<wF`_T=$<r<p
zI_=N_V}F~PucXKOXB!B30`B;sZO{Uj<8bo&Kkg(hY1Oqy((E$efXW4R6-W72T8UN1
z=$HeK*Oj!q8$$f&42rak$DinosyXS99ZP0i;~7cv#upmbR6XT;U`pNrtE~_EFS0zw
zcOr!^7OB;lFac&s`N+L-e}z&k1-Ya8;?1a=Tii6r>NS{oomtPL{?>`LdKWv;cHQ5`
zTjymZ^?eKn)P#*wW-@l^V?}+OZ8Qb#^Y=Oe6y|wcEC5<1(NTKiUEpvbKb%v8wHf4l
zc<-5vq;8GpR$?yVckC@d7lX9nSb?E|N9m5K(;=iyNrt);LrQ@x&N>!ZB~?{*=LHmw
zhyD2ENtcIUl8l(2Y^akVvr6cfvFiLNnQLqbnI84euxS)}$9hLGu`(5kY8wq}R#lab
z;hz`$<kxQPwpeA&vd#$Qo1m`@|E@_v52^`F9Pi~9`p!{zq63p}F~Z7rg=sbfA=CPQ
zU^}u;U0_jO5Uev_T7tB*QlMaVX)2wr_>`B-c^7i;nSdMiv)LcKDyYS-@<JFy@bYEy
zu~8z>$K{X{IX*LN2bs>;CECi?4r|pB%P;ym&=QMgb+J6m$S+#YYN?91M&=%2#DkX`
zag`mO==Bqk6NuFYkEYR=Pwh8;d}$?&rt%Tp=@R!DdKP&dw>90|a)oZPY^E)plWP_}
z>jWm-8lp{zYF8iPmvuJ0d`unX<}6`SP-I^?Iu92#u+f8X(5~*W$vXCf|9=r$`Ls*z
zvtO}x5tUC=iSKMD-JqvLGoDe$L$tStJ9*+ITY*y*s8e!_LTJ&?@&hjNaf*q*?NI<J
zS_r1|FL>@AK(h=tt?9Y$i4OnP;j}1+ck*6oRoE(7l)pPSf-r%NV=qXq>)-^^!6&Qd
zHziNd&Jq)-*B6b!Ri;$gSgiC7X@1ot8m!)~2;znH9p2cDH{Ol%>d1?_vAteyV|8$u
z&i=T4NiI{z8m_~QgOsJYE2|ZDXoJ(vsG6XmL@0yN-vT2&6XPvB0@x^W9@|8&grk!#
z>`6C2CsffqV`XZ_WkF70lxPrc{A}IDT?Q*h<t>2^y8IownFxnP%ti<`I%Pdh=`F!g
zj%(5HkP*>FC`g1e){)=7YXkMxsPs+7A@GuJ3$XhM>XdtD!YL;_-*wbWex9s7OUBVF
z<4uFCWWgzlZKyYg)_3@kqQL9d);{Zskqrfc5n@!>1&Fhrn1y7lEi$IFp6V{eXbQfj
zvmTqXo@5@$s2eg4Pt70_H~xwsgIn^2woH=k(irQC%>Y^4(Qd~P?k%Qfe`Nbzva=_x
zOUa}Y5gSy=1$g>*(7pqlZISPn43jtHt8~RoZ-qu|uS2(}c@{xTq~8M_42fE&9=_G8
zgr$X4)bq?SP$rY{@Mru8?0kas!wQ{Ao8ltqkix==lyJe@LXV1=$xM>jR;yr{sT^Xy
zJ3S^Z$>E!3{l?DbQqr%S7b(7gJ<DVJ>oNal=O&GW<%Xfa{nW+Nkdz^qb5Rp(9#-%>
zI;7$~n_11e<ICOAIX{m{&mucIsz>q8EsohE0qHOYyfJ1nId&}HASL``fX=LZ9|h7Q
za-t|U4*`I8@90x{(Ey=id5FL>8a&r=fE3#~3F8{GBef#z1tsUuCGotq4{^;J#6IpQ
zer$xTQXGONx;?2=n6P6BGEFlEvQNjJbsZHA$3E`wPeU9iaX6D^JWeW@_HMd6o01Ym
zOWwpEu7eA^it{%ACXzZq1+(JZmjQ6z%b#VS{O)I5+Sz?%${H4FT=bpD*j{d34iu=X
zn7#ZbW<QT1<VsT$a4{KQH#@ZMjKWbmn|7Mko<y!<^y~r9&w}e9)C7Q(^_BQP?%P*A
z)pA#oxtNJ$E@NWuZ%PbhEwYk{ccMN4{V?>?%WmWK^8MlBYf(yg8W9gulEy!aiAARz
zYpeMv%3N~n^0Csp1}dprI@SS1xz|NJ@qhrC0*yklFfQf5ECOu{Y4B!2K>GUcun>o&
zzx~{XtWWteD&hyd&!>(_ocQp4UGW-TNQv(5Utis@ekXhusZoHQgbmI%#K+^Ld%SM0
zMG@WXPOhq_Wnyol^#w}8$X<{?{5>3D7rjW#+<{NfaBc=tfoZ%<O2-gqUGd7tAt+X5
zcLT(%XI;#{`W%l#1PPZ=SMt104o)ayl`)1wLL0D3D1Wc)QdFQLZ-By*aZ45jX#GcI
z0_gAMTLE(`HA*{cx_Lc~SxE4xTlh6;J;4jo_Zj$Uj%<L>*_N^In<LwpO+zYyz@CYA
zLa}ofs{9SO6x7`*BGgbLnmx?)@ZVXnq)CcbmA(v)(N*qm5Zf-zaGz~8F+^9-SD*j1
z$A}sE#1kba5A+nGDS8rH+K0THCtznjep)r}GfXvi;K)AbR9sLhYJz6&=qX48qRKDm
zo;0+I%3hHZmgp%&fuRMr!DH04LcjXz!uVEi=8si8oxSk09h(~}l$>6eG{m=uOhU%r
zt~Wk`YNU3>&FFhh|8T0jbS8UTUdnZ=B-j_3s@^i?_Et%R+?afQhw|@K(Hp{A`wdAX
zi1>3KWqA;6tDlTm^c#fR74*dx3U@+X55aT18|Gpo*h)PZLC=hY+fQM{;1h@7O*k_L
zy!~*(aI(v2KYV;33*V85QG;fgqWs1>7!P{`;xxqgjaAZ<=vLpM{ua3V%-}Q^n<*2~
zP}D*)j7dc6<eCD)fESQIh{X#SKe;vs$K?g!h)aYq4I;HM7B=Y%4DM3rpa`cnM}8q#
z)vs;qiOJ6BN|=lS(XFJoOb>Cka|m>{<05iATy1c!TRMCvn0T<X@Pcr!*>}d<sGjPa
z`p&(q%rTbW5pCl}kcPXH(Ns8c$!>Nmv?Y@)nj+TuLyqGSk7aUfz}FR-OCnk~y#@=d
zP@_yFkhNmoDOT#i;*Uu`@eAwMMHv5*%0(TFKl%PQuAmg;t{XalCA=R{`JnFp9n3h_
zeWKdPg7(9X&E1uDwfq}xq362KAJ2b!U%+<{Jyp1?TUO8LdiXg5mMF3eF0I@4ZIOI=
zE*Fgpmdx!=A{%gkE_f|kM2k9$1;Sv$qR38S!eWX#%LyEJ!UA7hVl8?Q=^2;*u8lt{
zg<v@495oEmeLmRyboR&gFCp@rOzTNW4g!7ShKi$vogw*t*9?zXaf6^;I4cUigW!?$
zxaGYLWO<nP;}@ZsxU#nnPxfREZ@6TRj+ef?x{N@5)*+R1XpE)#oAg`7w}?a4>WbpR
zx9g;R3bp2j-5C}lgDt<fRlDUipCmlIjaPrXxkOb{r~VjoG+vZE?lWY3fBX~$aMpsu
zq&&0lVAXA0#FI{3qju@;b0xn#Esfv?q3LTZY>WC@0#>(qNNMU2!xJMC3+H?Y%Q(^?
zYQvUi8eu9wPiQ;gl)u5Vk!r%twzJGg!#iZsuvgx~M)D+W!q;UT%O<A%V5mHkLP)&E
z4m!XhEP`bFGa(+T56%HQa37><8aKL1)E9jNN!|c%OX%2K7b&QJLLY2`I%RbIDV$Qc
z^oV_^y=R&nGY^Sm0BSNmbtlwm5cv}(ayOqO`S=!yGOMyPyZ6^agXP8Pl={Jq6I~v)
z)Z<-yPRLtz&U3ZXu7ordeQAG-^Xsph9wYIj>!2ov$Kgfcynl!@pwG+4&#<QJIIV}>
z=oo5LDornF?})F)xaJXK&P%5DC$5>MQaq9-`g2Pv&VpLJEd?<Xd$O<7&Zoj>oN_z%
zpYtQH^G#0bnvP#|t7#zV+~PfLC_GtelnQi-N=8#6-KC})T*nx2yH)`n(AAXZuU;;+
zEJwJVtUQ)WZGchCaf(g&OW@WLU18i|9?~_5KZYzR<qL**l}Y}HiJT3*(1?F8G<k@#
zT|G@$8eaS~*zs4g0xRDihQn;!l74(K8dR@O1tLksVHj<WwdNQ`$i#Toj?K&meEJ&V
z%~;YWD}YsgO!}ZVRd&1&&A#a3gpBi`hYw_qIo%hKR#lK1Jh4IoWXe!Ix_O9zEF|uA
z+%nK;>4fb%akoAf;9d!qopNJLj|Abj3J@P#{cCIcOp|9Z-(U4pP-7`mt^D7)!`O_u
zAT>?C3xYJ?r3+;oi#@qJ(juAfDPba-@3{&qtA8IvS1-N;;X<Ym@{=i{$1iYMNh%dR
zCa?d;JSGN6Wc+deyD;DZ69f75-}r>JxoNId{`wLnOa%#TZn9Y=%o$?Vi2<CyPQLgs
zLpSd*V;U+n$#TSy;`1q2vR|VpC+*AklpeH<X0pYqWO{D>(xbWazB3S_?{|b=zepO%
z;)I~#ynfMKCypu-3VHp)@%lwJ8$T)(9?k!;2NimCCV8(+I5hJEJ{lrBtpc~}H+U47
znKs>}Ais;J)O&eGlA-U6q>Q3P`gDPQda-8xaoQ3kq&FuUqoohhFo7z%%_GYq0qF|4
znfqZTxG~8JIfQ|;{1^xD1=)%jIIgoiWI}>1D-Zyk^~q8-)Hlb6Uf+L3T95y*gXe7Z
z3F6LD5leeBk+{miQGg$nCmEy&KS(eaIc+xfWV6fs5?Z(<-&ee05lGXDg4SQUZ6OuW
z2&o5aA1X6A{cE!W!RfROWY80JitU#HG3qqiez-0%Fw64l<Osf>FA>MmC;&Dk=zQG%
za7{Q}UF~83+XsFX%28xvx7AeRM3RZ>Z20Sor=SPQ&8qB?ccrJeNZ-5<@~4?%-|J;+
zx&^CaD$D1aL{)qzY?5IVE@Tz_g#B<b3n`}|qbhXCB5o6I%1E-y-8}C7;87H~<*hp+
zTP_vZ5Q03>d*i%R*u7_<^C=Y@7qpfy$b{Ym8CBdRulVQw=ay*zn>NRU0tCDnSHVMR
zxqa!hY}Ah@8`KrwH<?k}S~7V``zI2gvi$anU+QNhxv~aIbn-V;BLw-E^CO4N@~oa_
zMrJ~Eq7pq_`fj4QR2KjC_zlN_rplo~vSa!J68vC`e-kc5P?Kd5Za)i(=A=LTdiF0t
za~vTazEvqkom0-X#UW*0!zIWpA*DQ6+oR_R{=|5IO1~9?oa7r>V$IJ#TFxEFXdFf(
zrfc!zgQiQ8cK_|39h=H0U17Te`~>uW^;h38V;4#a_?@7$HHdh94ZyweRD-$w;%cRP
zX9%hdF&S1wzcbzbkt0M>yGq(iUZ*&$1Duo`w<LMU${!zh3|8aahoDWkPb1wnPyC#t
z_JXpND*eR{gaw!^QNjBU0hx^<ZzZm1K4yOT2xII5We?bEVtO@@98f0p096QX^#DsX
z5J6A`^#CMN;Lsk_iB4y9P4iD<K#4QRJa<dvzKpK$cAJZMB%Rwo3}28FM3z(ZyxE@M
zs;ndBLk`PFk8Q_ToWZld15df|YAK&tbL^aY3gc_YfF5v-rbi9vp&w09PXV=+kaoxf
z<#gL;kf#uuO5%l!nD9c_9oXgJNNPyYoC9S1-eW12_&<WAa6hmjv)W>QQDy_b2JS?I
zO_TM?4lxZC+h9!8F+R291obz+^9PB1{NFe0ja`JP{`5I<>@Vv%BCq?$dYbxXY&l)i
zKdS&`&}E<uy7)&1?N+p5azScKY!3+O#Cmd!?`F|Zf5F#+Szr6z9~|WWb@Q(tfd{CH
zG8WqQKqvUaS2D6KV2(29gg#xKys{QIu-Y;QkiDM7B%IZ6>bx^YrM7vL*F66M#FzaM
zN1nT;-;S=;hJ`;n9**ihd5nrc)g)*xH5Pm_<<&Jiad8Z1?QraY>M-zuBiwmdcirnk
z3MX^lOXdN+L1rr{Cti^eo@pW@h+&7hnFa=AJMonN24vtisEzlnTW<=qA=p-E3K@Y?
z#s4N{K-DKO<eUwHnl`r&f!kAD%>*oq^uyCG`)KY^t+9xZCC>+FT)_89sO1d)Zf$WV
zDz>JHm8lnOl*)uJfXt@CJfz^Uo4gi*9{u0h#D}h}!v4-_x_ht|DlhaEo@xaqbpS=N
z|4Z*gb9i*&w|bL?h@LmXluij2DgAE@@(N^%dE?NatI=*}S}i=H`i-V-{pID+YoZMZ
z4zhJhT8x(Mtd)BAfTg&qfc!Pnf0UY%87g6h^k(8a9=1CY6y#7cE+w{UyTk6JyY3ZQ
zGQ;S~rgU9hj}0W&n&NrNAa}0hsp3Sm{K&~Rj2}Ph?k+Rna;1xnx2VYNrQ7JmRYhma
zVODt32Gcyfh0G(y8#1o4kfl5!MjB`n<=<*)bZ5#t`MR=0NMnbs=fu;h?`z`@Q1f|F
z?tZ*@)db>r3{PGML36OBW_Yzy)}+4vn{X)yZaI2ri@4{OsBs>yNh5WKbQde?j7Lbr
zs;=KkIZ#fj%y54UzV5M~N|^@(jhjep4T$8)CR5RN{*Sf5KiNP2m43Mv;Oa?RQu5)>
zZLob{I?;Ql<I3Yf`*ol+XttvP)ZUYoR+qufCag_wpob^E$yfVO21nJ4*L{om-t?#-
zKHl~46PG|czB*qe>XH|4Vc!Orc1ipz?NZlvq4M)=`uwl7%Z30^qrSeO<zHzRj_e4`
zPS}!ku_AvX;lI>0xc=yfC$?xMO|PAV9yhEJHw4Z^McvSk-)la-lw9`YhKt`{(J`nl
z2dCDo<ZaD-j-Jg$={EQ}KG<N#573;R&OZl~k;9;YPkf5ps@{6Pq=Hp9OOoGrP;aHC
zy&>(4c*TH~GNWWg%P<`^6E79N^V$<}^b{=l`nI#f$=C^2jzPwiiAhNA!K^=eV)yKX
zia5NjSg+<$n)tykeeA;6&hTvstZe_rE=DC?AJ?s3srGJV_*zYwgu)P<LXtQ7dw-*t
z65cFVW|;bH05mQzySS8Hqs`bB8V0keU}C<#7sFh}8y#u`CI*?WBG3Xg-{)CBW9CMu
z-8vNAK#?xhoe8Z)*Lk-I*+f^w0oc%2ZMzJ!@+E0xafA#HfH3!vF3}c(X)3v%o!42e
zG&aB5QtIE@`!Xhwkw**F_bsRAYP={FTecZkfw}G2nKnu2>cL1Oe#VV(Iz;f0HVixC
z7Qj}aI?hYR0ebM#tn?yaRmKXw6FyOED>W`PK75^k=)>Ph#df$Mb<yMgu^0>J6qV_L
zmWjQ&Sf(9dcRl{5J*go$LXg$=+_;@GWV6jvIB2u2O|3QU1FKhcL;%)jv#mAVc`a6-
z>46KcaTgnV=2CGqo!X~S=(<dp?=ONQTB>yKWS1F33ysPsjgnCjZ%dz_`B@(ghU=ql
zB>BeUi>|isJtkZt!WgGxUQdOZt^TZB-lT)X%XdG`lsXHv=L`sc{jASoYqYbb($lQh
zjeE`{0o(`ug%{Zrn~1FRWmQAqCPWA918jWr^_95sH2Dc1OiCljs<nD@hSQUq(PY^V
z!~J6lNrVp%3y>T-#euV;mQHLic-{Fr9nNBxUv-&LdzX&SW*Klkx?5MXPZpvo(S+<E
z`sNe^vp22G1J_gw5#*CYGmqcQK1<TMZ9vbUf@X?^k~TdS#UWM;Xj5BVWPoB-3s_x<
z*eZrB=b$iKUEBoaH;?Z0`<PT)insjK=0;uY&6pE!u(cvxyV~VSNG_S#n-3tQT}nIN
z?u$mn2Hc)P<r-nDha>|~lJQTKayE=j@Tzh;Wo1n5W!HAi$#>GgDW!tx)^co}@A=W+
zzs4i17#~G%bxpM-H#AJ@y+O1-sz9XCesbH`Il@8wb}*yjXe%O18}x9g3eP0t$f@uU
zqbaKZAx)Qz^Ev9r{3asz{oRL>%&MXRdTB1W1N@%r1!|?2G#v<-gMEJA??ni~iW&@+
z+s{hQa_*by3X<0wMe(LY>_vCGcnPMRp~=z7dhkT20VM1|b3o3dM~BY`{tLvcn7=}b
zS<%Ah<A4N{up2PL=ihjQ>!lYUTnXxp3%+S3#Be>Fse=>y-Ay17>m2BzhGbw4>KN-q
z*q42DL&&yp>q!r&At=AbLN5_E=fhzu%ImUM+mDG>w%{POr=dHd$I70_gN?`BITCv9
zl({XeE2u)XuwHabG0hv=o}xWYi*z>37w{kCz*(Et+|MUs`(X931ZzUkMMwSISlz0d
zRa@T%^d&dxq<D4uq+i;x-8zYCGY49L7ku~Cj!bZiV?}1+zQv_T8&O$v0;}c)%^~&c
zOWBJutdqmuLS*nWW<iPJ`nvpJRT(Q}MTJ6qLZvtmZpTRha;X9oMb9}--ED~Bo10W(
zHCjE2mby-?@0_FEtql^DpH8P`8z5zEZLCl4-Xmk>^}ZND!i9|H7^omTpm!NH)mu)c
zNrbM8yGQN8Nq?y{)>BWC2D^nvUdF9l&YqyclyT|2rzYW18cuN~42XAoSEre^A&9+?
zAhoMpiHC$`1K?G<mU4B7@(x4)XkA8#*QT?b`@%-eFXurFc@N3X(gg{cc-mR=taV+c
zx$6OVIce=%W{<J@aduTYGh)0P>{s(`E<cwJ4&oiC;1=Y<z3ZJESImCr0EK+lGhn`V
zdEtA$cpw=Cg={2bhX;Z0K?&B@7n6~YVGNCPvF(kG*?i3-iGkV)-(2S?GAlYXdB$$N
zlr?^h*&3@y!kzcJjv1@}bG+igs%IzGIRETS?o@)Yrqno=$T&-AwJ;m8M#A#UZ(P`2
z=*8lEPIL?+?J*vxy{IpFZqskYzIesw^`QWGg&hvy;|jUVc2LS`fBACnmfvq{L8H14
z%|5_pSww6P9Y9v0T|+`aMu9arD*m}XU5V21TP**SEy#h5d;6rQ`IY-hbfhFBLY)Q}
z3#I45q@oF3K#7kp^YZ%dXWXizDSZ;^k8qGdma+um(5Yq}v{m8f)QI1~MTrW-RJgbz
zI8`D#^S#YhdIyzz96H*=unzaxx;(r~HX809r$h|Brh9};g1%cqg8Qjq#L--`vlLIb
zqFA3=U|Wu<N<R_3W9|+eJ^hk#O*g`PNP?SHR9dKsPh<*8BqLz%r=NfMJj>&J4omYw
zO3gD5!nA!9jmWfZk-s~<LF0I{&tT9s9My_p&_w_ejOEa6<ax8a(@)gCh(+uY-N0;L
zt{Oam@pJ!!g>oG?yjX-uX6*Z7*xNmgDqIrY!$2vwz(snMVG^&hA6L<m`3JEqmKitw
zX3C8Cn9FQUiV|E-wtDz-ch-bf2cm`VeG+s|oU=sOaUnfAKaqT3)G--9(cVkhz}*})
zHb0S9|25$73YngKcjc?eLa%RTfLR420_xAC-o(sW5!@Ox?fnH13RmT?y4UJ5QaREU
z90EV2a6Gz;Atf0?Xe>Q!3RNnlV(fnFgf6HS3jNB<$6|SwxDWf!uMjVq$l?CJyh%X$
zsjwe|JwRT+X9~+JN3<@F-CU>SEf??pV&1>^Vgh%yefPt7`$8u{uvaW2#N8Hxfv`Wm
zxA$5`ih34MNs|3+?Qj<Bhkz4(6|F>-d=%cS<(h0OJQcAAml1zLG(BR)>Gvtz!jv5^
z4x1!1rcrs$F52P%K+cXwWSqD5e2^7$<zjDAVaDDJ*e}6k$JO}TToVw*`W;*>>8pG$
zFCr0A*AOL+L~S#-7Z3T}3m>;taQIM?*(zft)<$e^y+P|F=r|D)a~f-VUw;~oxqH&c
zNO(SBSL#~mB0Lx&5(<peZ3p3;QYvj9^{$vZbq%MUeksUd6;#dnR67R{t8TPN3dLQZ
zZ+<F^nK%;>Lm>i?(N_MkZ%JN!R);1Q;`+CZ7c{<xi$8W_JYR=fS<cS#E_Cf`OTP&I
z^JTB)?XZ;qHvZoOpm(FR%YU)8fP9&#seoFT%8_BgdrqEy4YhezX4sY*#F|7yrAPhI
z`pH`M>UCk65%@z)WkS584zk@9<XAa|7K@(Cf~@4x>{B=d61W!mMn!w*ZP?b~38C25
zTE<0t(Ad%J_d&)*`MtqH^YOf4g6sCzLqBbg{r5j_$p3?I2g@=uFG1{Tsz}*_*7X`9
z)ezFDi}bP!Cio`EU|X%)>ZxUgU42>22*xrpDuY!FQ>3TD%SLGvVxc5aN-h(>Qkb2O
z!Gd)0${HTit+hMu`l5AO;7@qws99~MV&=6rV0c<vvxSZ&2#Wp*W`<+DVgLy*OmS?>
z$#}#vsI$CPxX&xns-4aBH3*(^h;xB`R}9#)>{<ll;FwT2n%qeY{jL6@-V&un;C`$W
zaJIrOw9inv!>sItS8jo;d}%Ts-i3x2UNZ8l*dpG&HaJc#kWINn1+cEON{+zjiZ=dF
zbk&b&Ekc9&75GDLrLZbtG>Bw8z*UuiuT70T&H}+G;cP?>CE=_Fd;<ze#?xhlJ-&B^
zEG0N!s>o2Y&B3}O^;eh_G-}B&2flHRQ%J+cy^(%u0-C4`S}o!uMH*<P)2Wu}4-Gz7
z3ZiaJS?5|uI~fokrdy1QTG4d}NU>8YV~v4@0F&loRMUnGrCl3SqQJqez&90Bw{slx
zlpp%4QC#~uh^Bggpx(BPjIisS-(6gks-y_QdX(;{(^Z#DX~5RWjryM7_fcqU!JKQ6
zw0$d#FNQ|`;o1BXufXHb_uv_){j@g{g7=ebr0+;0DjS07I6^{&Q@7JFnK08Lg-deZ
zq9<=dZ6Tz;6O}akF8o~Jr29?s`*0J#c2nIPw{7P{QW0ksudKJcijZB|G^GUYxg=B7
zI8>;a4Z$}dY^xN>R_XoNU&!Un;(PYbDdO4`tCbBC3r%%|Q0vR|bFL*k)inxN8NkB2
zvF``xuDi{fu1(sG+V?k2{wseXKX=eV@8;j72X27tj@*q0c-P{i&hf{dpGF*r1}~4-
za|dpxonH*5`sT6To9Zd5PTdF8z;2f|xO#g4{@0d7KjuS!d!JF(hD~YcElU%u7+K3R
z2rRvL7IGkov4C!zj{vC3>c8RSWo9!|OW6P7-1ILKCwdbR`)+m}b7Ja&K!Zcmjx9JJ
z$QgruOP8FsDXQr`b26Kf6B1N&Pvbb35?kZyTC8~@Lj)3B<I05HG5=1`)p1;fQK^p+
zw&fP1oWaTR9h7iQ@P!Nymx#9LFe>j*Dy;j}XRJP9#`ogaDL#+;-wW#7Nc~)Im>Hqf
zvEtEK9o^ptnuT7-K#{IU=sY#wmAW0S{}awd+aj@m>PeFtfthnn1N(Wi1T1ScQ}(|}
zN+bUQLx%e)p`^=+s+qc`h2Sdxdb>k{Ekto~;8@Ry<mCmuNZqf^%%Dt(uKYLMp`yQ#
zrFxmTc#RSM`2rvKeyyTna6Cc+YouW<3Q=l~&a0MmJV1tGg4T^t#H3zLZE6&~Fbgnu
zo)4hy%30y+iguk9?4FeJ6ku9*l*Dh9-9~}QE@QdC4c7pLUh<rKGaK}E*<|$E$s>>8
z*hCq<Nc0ddA!iB3Anm%OR&fNo0DeN4TEzsxW5}uVkRX9Z#okE56Jg%jN3u#M5Prx`
zlUm=ANx&+tD^00m2=_Alz<r#LG#`ywEIl#R877k%!Ofp*9vLA>rw3%-CKmKaZScYs
zI3Hhrz<=|JQXxduzrc9UQ$B6`p-YzH+V=pzB@1a-xoR(#+di#}43!thmhhYNz&;EF
ztbOjg`}hVFgv|d2y=>RiXeQCUKsH$&WwGRFv2|;CegsiV+tl^Zr@?_*;PEN6XwP9k
zr!r&oSXYDXeC|~I#8B2uJf4_o-j?o03&}F8B>$yNs<jtXSrm2%8yu5mos-_AX{X;1
zUL?Z^!JWzZ$!KjFQPV&FfajXI)SL8E?RzqYk1I(EWW#~4xgqnd#oYE6(w(J5*RKgr
z32kNt)q#%MgA9AD8bS=QW~Zbr{4m4-gpql-e6_RQl1uQ<3r<#sn{IZQ1addS6(2Ve
zgWq;AL7;yOou;j<h=XzLZD@V0A=?<!bI5X$kf5LtDa4_TN?}j6d996N(|D}hyDL#)
z8a*whB^V*8r;@gX;<^+zg~=KP1q6q#R0KN=frI>qU(b!%qtE;feg2n`0#$$r+&8HA
zh*rKAn9Q=BaFFTpT_OO@h^cIKAPr66+GP`>PMEn9v?R3-8gJ`ff+v;fCu|8c)tf>v
z<-{o(tnCU<r}XCawj{?jWz(w{d-^Y`X%(nc36V%Don5o}b|=d43pQJGQ|Uk4GZs$^
z&aElLJp#_+ghJ@5bV`p?W{T)cHCl=!%JAm1Vmb;3+VHm|ZoNj~)AL4>iM*pxYRLPr
zDb|f0d2kDBBeYto2Je1cIpC$yg)T-W;K{=&Ht?m_n7XR};)W@8zADwK=uA@f|3(0_
zFIb3eYWqHHc3UPD>Yd$78X;NmFAM|xDhLLoRG%<Q<xsBBx19Sq_`ezPAegeN;hlWf
z9F}oFDhj+Y`9Ud-b0fGlaoN-ca={8fAaYqjXOy!IfYwrSPcyT5Sdg@Z{Z3qMZi<ME
zN8831g&=K=)-+>fek(x5-#nyM@ufWMcjyL1eWuI;^%oHj$r#Zh`>RBS040C@_FX+F
zPlWebn^nveL2qUiy!PfuW(0eb7Od2Xo;ieI=KS>r)zxdj1TiT#Kp#&OPw)(VLF@rd
zFg5T&YY_D_*`;!VkX6|S5bz?q{*x0V&o>M^Fuk5c#3GS;P`q0I3}|<4C@oMui(JOA
zU)dfj-i>wt<EEs-wE1%1<V2ioOeQsI#=0;}3Rs^7j0`9Az*IX3wO{>-99_TMe~C#|
zCgy<lhT<@`*+Q_1O#IEkHM6<pZ+9}Gp3(*dIdozYs{DG5ViTd=(xSmN=ZZ_?xF;*8
zz8?LcWUC%W7EV|~=BtyWT^W<@><MPS%dAIn83fiPEm6jqcPzSvJn`%CQJmi2%#;)u
z2sAO<IfFQ(guyAM4OYHgn6aiyV!QcN*C{vj4qv%fWPTry&UA8J75knN8WWeH8Ie^L
zrn9hNeR4=Rqu-ff0?ComT*<^S9ENKov#howPu>@r-Vc-h8sLi6QIZbtBKFcYr`3T?
z_1Hm!<7?SCN?Z*xufu8o-fDDEYVqkcZ{I_AP<TRxC8Y*f^hs)S0IjL-g#Y#xrQGkw
z$60>b;>JN>^J|%*5o9*pQ>c!+3F&<IxNky>sOD`9i5{*j1=ze5$8q+nXT0HvP3=C>
z!4iRYSsRW{AR=x~cCdpu-M_I33*JY}DZ6oWx(F}Q1Ft`?WUT(*npUZ!oh@lIk*RVL
zm{ixkCa97JbzITKO)XIe2{3rE52r_W6_X2$vWIpR%fl-W<r;#<b`|sNpGDZa+Fc6D
zNUU1IHRIMT@aGGz!W;H=W?<!?3h%H@M{xtjgJc!W2-Zy<404z4Y5fiSNEWT|X42*i
zuved8hs#bzlpg)^G0pPTH{vf>PmWLKl=;8X^oaT*sRKX-zhZNsA`m<X%ZKty4GVV%
zJ8p7a7^C~EmAdys7I74T$Xk>W<f?;qUdFeaGZq<3I$dg8;M{OjyD6OPHMUUg7)&}9
zG}<}v_sI{zksI@c9BXor8WPa*qWUhHLuWZI5Rw3^Jq4P8)t&(hMxAV_iC<+^7WVnS
z#09D3sM}2}8fBw?ISo=;U@~3nSrel{ih}+ea$n?sFDAUbvN->$#v3g4RdR3+A#5fJ
zC=q%X<l)u)6MVV~_o@R?-ytO=$gdKJ`VJv}boaXIC#|?3!G3g1*ss;U2tfTR4bb*w
zP(kphE5|ff%*vw~TCSEkSSpt64i}<zw5athWGj9;BMCeCwo6Y$xXF3N3lD4DeAVUL
zJ}xF@j05EEHFB3*R`rGLz(RWu!dY9c?}JLj@7H3dbo%K^)nMlz4Ec2BZ9cX)xqtm}
z-@1S6z<9ENuKobG-TyNtPqG($l@{8D-V(Bmu}vdPLX%zH_pF4Lz2jfT(_{^9sc=k#
zWG_7V1$ZsaSs_8GKvFvA9F?luw5eg$4&<b%x=h$Q_U{Csi2n8KA$gauDX|TPERh^g
zH)D?xL~FCpN`ITzsGf%}2?wNL7?|^UaHuOGfXvx$B|b4BF=}stoAdQ4ehTd3*El}T
zpU7saPFl=Yf$DG_3c*_7S>ka0Uv}U2NX{}XC%wVq--{sxISW)u%wU=z^)a<K#IBLz
z)$VtQ*5w$sDA7JiTMDB2M<+fywP7cGKOj*m1V^G$nD|O+1GcWdPxQMu3Gl=HT_W!R
z5Q_gbEtb~Da8U14qYN4?H$&lU&bN*XrYx&A^IdLzW(&$t)>1uW3TXt)^dHV5eRidx
zcG(~BfNxCyfH%Vt_-v34Tq1qBcIe=hDoc1^sEv)fwoLJUCHz)!NGny<m(AN?`a9j*
z4(`irrlNUacQdU=2r{o#!kt?TT4_n_@s}1ZmA0zAR7YtYeRMUUxvkW9ans9CF&eoi
z4!2gzEc-_ElJZOANNvyGo`uFU4pE=<Kq<s}x_T&at#0&T@-atL8eP#?3j*d5sbUkD
z)1B@b;#d+P?61VO5+GIuq*+nV^Y5vHY|B`<WK4O;`1`yzUWj&Q(f?Jm(bKT)Ji$J`
zcGZWGc_@Kt<8n-ipgrKR<ndtq660p8^e^XNrl4TnAowQyvyL8d5BjsM=y40P<oPG&
zXv&g(NvHzy)7ao@#>Lt&K=km7;8V`k$ULW8Ijs|_wRp}r2`C4;2f;9N^)kV9w6;A~
zqr74fpPZKt%p5`9>w)4PY~}K)*RV9h8Y(Oj_QJMB8ep3RjIxa7M;M{$*G>SlM1(uG
zUhK$fz|q}6(#bX8<!xg`yI8s!yM3<dn!GdklvhG?IF5~W>(kQKc$v^lEVxsya&$e%
zknt)nZDPK`ajn#TLfM~XiG2mLK@!dG=HN7eev>?pH5Z0PUuyi9Qvd!^p>=u@$j)p~
zwMkAx_HiiIz{g-O%xAcN&Eg@yH_-I2GQVsjli$E5WxJLRHWV)fH-_w&n&$@D_idu{
z3aR)XRlWtN%9CrTTH_WooLrVEhc8~}&%?x9tuucIg0K8lMvZ@oEi;07DX_LvE4Qfr
ztA|SUshA)@2QG#jP+>c-)Ja~FExAeb5m6+Mc9U(=uPP^W`w4j=&geA(g>2}aY^^Na
z4}2l+kZjBNH6aW;-H#l?4u4NP_QqJAIw<x*#slGJ%B6=VxTN>`8tty4T>gDPuZ2q5
z=9Z3QJ8AtI^|<S%@zJ;1W0{><)j+F+J4Rg;gc9X>;mF3-TBO~64og>0$7#|2;GgJi
zo{q!8bcA|z{B5xT{lS%3@JKZuh=IYjM5(+oPgTVvI?WA~I@6x{wutt4HG!^L(GBLa
zvZq87iD%xMqx69`d|<c>pXQx@(P3+M@A2k<`xM?+ctB*$5l&(Vi$Uz5zXp25#bq5?
zjJM_w4t`#mPd`DVIVC<Nn%Z@Y)7V8KX=@~36Pm>!ObBew+}JPDQse%jK<m}2Q4N!d
zDvP5iM9C7j$X+?$mZ7bJ5C~Th!CVa@Z-uvlB({Tr$kM_4%f>Kw>nYh0Sl3D3%9_Wu
z4S+R>^Gm_5JnH@E66%nO)}m);fFTDgIGiM5`=%l9XF_S2L%<xFYL<fp`^sj{zNcdH
zueN?e9vIjw3PZc>C8j8=bFj`2@r{DQzKkOwnW}Rz?+?wWjr=-$Sx8Z(Aj<t^$8iOp
zYm+08<=aAy^x09bavKsVXJApeDD`3sLaSw)FX0AS2<~O(Go0fJx+`1igg0hURnywV
z%n=K#X!$bNX71jj*STV{O`GjLQ=h)->;>er3D0XCX4Wj7CC$SxY=UEE4yqa@b=9z`
z_Q{yV_&t|Nesm4&c^{l_A)D7BUwM_hXdr5RI^G0l%7{mJTQzTDRvB`H2qEr>@!7is
zfZq2=#PMIAYCPI_(V+hwciJ~0vAnC7Ls(d6Hs%P@JAqY{|HeW)vt?Vr-!L1w81?dp
zB7mt-t>SO(Qng6sdk5Y$mzac<=6i*<jYA#R?M-m#B2cTkb^7DkWnZ{$_NAUa+&^67
z@VowAfC{_2dL5l8$ZeNdCX+bMpF(Td$U##|!#6G9>Ak(5zrN9bkTF4ou#&)Y!N>Z+
z(60t%uddXKLz}zNSleP4<MJj5+OEOE`YPR6c8m2*!2vT7Q*heU>0ZXLdQ)8i8CcAB
zq9GYr5`9KT5KPz>2G<_fmIfym$^=ecOM|Pigv=6K#1^<`IT^UOz@4$QxI>7znJ7UH
z;=$?vg|fsMJuVBHdhQT+GncqW*;`k;6dk~vlV#X02}_A{)$WX80VC^(pPgwX1Ol~f
zT~kSF&Ioq4AjLps61Mrhh0;6-rMqwcclg>0WN8X#mYuE81d7Uu1z=rgOxwwtwJNr5
zG2ixaMI<KKr~Huo@=TdQwP|zZ>4Nx;Jg&0bXXEs@LPOCHaAd0c(rZNVN&pafX>&t@
zG+uznOB<)*)ij}Ll>*cbG`xVw`{SM97nPpF$mD7QDe5HJ*w@Mwb-9$`UM*#<h+$YU
z@4GChfMt%WY8QvXv)eXpBmy#p?aE%~#%z}$Egc_Gr|7TbUJH{W-;r)yi>)zthJJCK
z9vyVi6MFIRC$f2(X@yr-ofEXT^RYrDrnQo7ndzJVIF|xWX4g|AVg6GJATR2dHPkFM
z^(C0Ez~MhJsnipf1D&MJ_;G{60UMp9K9q02P5(AF+&wa-bu~wsU&!Hy;y4X%HWN>w
z*s&}oEU#fn-{)gEUc=cJmHaz%aClzBE~68`jR!PFVbi5x@DoD<S3nh>dM58|ie^{s
zhysH34<+on1)YgadTi59Ti|1d1ld&9)}dm&)Mes9kgWl-Q_Z|SW=jPX>qWc8O%2T1
zEJnH7ep2)xTZZp!OF^{bZXvdiS^Z6e4%-G_(*$yIK-KK8qRuSrw5SLZ+C_RXob7p-
z9+a!B_Wu%J+I3EYLn1<@2*Fjo|5&rpd-}&~9m$&it63cUKNdb?v0LUt*8i70%inPM
z5A6$dLt4u*)vgULNxRis%HPn|_5TS>G}h|Oy_|^;q-c4cEOFNk%2leDpTZX6xJZP}
zMFYjcX>Ooc$Y#P$Cc&lwd;<zuh|_I^J$-V8EPFjQxo_9vjjlNlf#{{d8pMi!BE|l}
zgi@Nneyc1k*(#;M(RH2GW~{a{L_jWu5af_|aGvawQjc9d$bj|*;r)16h!OFyrv@Lg
zP{ISDP~wTtGh-U`yp9C2g-lIZX4EB8=mJXgNT)h1_;Qp8z1Db(8g38U<@foctvD83
z>DBb5o%Pvou{`6_RFnSfVzzteJc6Z_nVr~3!oWXFH{bLL(oCSnc`C<7vuYwv2p*p}
zS{Q~xR}92`)^P)vHUgdclQxnHlW-aLJjm)CBekRYe`LL5aAo@!tsOg^j&0kvZL4E<
zY&+?6Y}>Zgu{ySG+sV88oId}1Z@nL~s&=iFjjDw)$9R5ohAA{rC3uHm3C;l$EHVzL
z&pgbc<FpEY+S0wj`gI~brsu|vZ8hAVg2s4&<oY-0fd1e3v}ULl61%vS87-iWgdm2i
z;q}y+0@UvCY32D6Cjt0hAM7XGQaj3cQi2h%X@Q$9x9?B!jen~jvl|<FU4lbCbBW6y
zcA`U<zxPIeM+DcCq*0Aera@CW%F)^Ov`XN*$dF8GS*_N%6R|;Jqjyl4#Rx$`rzyKv
zh|M1X!+(F0eyINa+eh0?nBGe{usA>1M#Byg9Q&ptytMNPlJ4G#^DLk)g!%C)CivZ=
z^soChtMHio%7abX6?>wljLx>8CyVWR3S(nU&Kmq!Bu6Bd4`#MYC)M(t>#?S)2x%Bn
zE^M&yRWyA5>&o9;caGJ=2&(wh{yGYG80MnGDxz&#P&f?9i}*zBuY4xA^9J>wW&Qt2
z@OX|ULbXbuK#Z7~&hs})T=#!vIL<LceiE(ZW37J07|GY+0<`*CoWN)1JCRz3L&L!%
zzy=NGKqmtP-I304LiBg5hQY)DB14MfG;9bbI>6L?IithQsl__t+WLs-fM&ir$1>eo
z1z6oyIT#qsqHcXa_dk4Ix8X?vG^e7PM2_d2-?|05mz>Pl8$Q-5zAz7vVjNBe&)Am?
zWK$z3@P`aT1@ZNr9-hnf+2vdwjNm{;4vgSkEG<>y%;~b9AO3d2QXhAenE7@w6T-ao
z!4t7Y|0a!qBNIN{6}WEx4cPz(Fu*|O+u^Z9^aAqhzptnwdI9;hBF8s|h~8`0tCM;R
zo_Z_5A0TYwVeU#m3E9+t8b|xCa-~P%Rm@;1ULs0s;nE`47v2nN&12Rv?C7>LiHV!_
zRIhN=&ks(Q^>p1IP5uER|3<8T)qe@zhuqyA*sbO(gl9s}l?=;(#!@=JqWwvN3TnJg
zf#;G1E+^5sNYkQc6dFw_&-7uf<`sk~hf40VOlNp7V%oF6Q=rVlAd-uQ?+`8Q#xjD5
zizizLSR>2?PKPIZWgZ|N4--uW_$2ck@V@*oK*`-wg&L@)dXU=Uo3*Au+o}^G2#YU|
z<fS~SzQ(?PUKP#Hz+(-is^#a#rICpGEgg^^ge<E8YV^&SUhDGTF{=Uo1)&>iVK|3f
zg~3~Dk_IiRUd?z-b#`kJiy|Pu%kLT`pjfKy#LoZ@E2J%dG;Zuv>Acb0*)S{`zT1@T
zxn6!@Bm8!wAIff~o>18Wo3$&8DZqp5KePR~<^kI&6g}{$bn6fH+rA?J3Q&HXR?h#f
znxCH?a4>`_&Yg$<_56pYpSidQ_s$Q*JX}U>)bk(a;=jd(xOWgCRuK8yaAOtK54%-t
z`x9Wq;py{Uv5QoOhstB(`0=Hp?5&LFCAR!sKER?X+Wr;&wU(rZUelHYkGA9i6Te&o
znb`sx)!;F!D#b1)p9QxTEU|DPDy=r?Usfr`qj|krrWv^B;m$jdI^BN@CK6%ludgi6
z)aqL*8ruTi_6#1}`R^^qj;>e14w@vvh~y^VkK@U*K=5n)#QLyXQ}ImYZ)%9OV7V*j
zfETxowqO(tKcAMBR%l`C7*G(*uH32UT6+j*&cB^s!EHWF2v8xKhgeEXN)C)(HNsm%
ztc_@QTA8EOXk^S{Vf-s_;J*a>tdYHlVSxV1E2D`T(nO>;RR!X5pc&BtbZ(=NgjUhZ
zjiOZ(DGGTJ8=`=HwS>rR2vg}owSG?>A%EAY7+HXA2QvA;yVR8TFWzrij!JQM`GQx-
zxi`dhwE0UM<}J&BFH^hy_sbOYMPLzB^4UMP|Evby00NxmfQ?WO_LlP24!m6la1{G5
z>J9+R31RE!*>eTa(hZu_SYA`1yE!OM#T-LcqhhYkW$uOr@CDDM{@#d^A@oPoe#Ea>
zZ(+_mtz}!f?3klDim?PRpHStYEzS!vs{>TeZ-94VS_M!&zk^NbSR7T&4*=eYDIGmV
zTI(BbFSv4(Sdp%1zasi3hI129ga6jZ^y0+l-Ve6_B2RzCv7~-WD%t!7QoFHV<7A3)
z9GS!<U~kAHfL48s;dB?-@?M`gBqjgoS);g|!=<Ax5hjF&TXIL^rGFn7OnqeV_nh@H
zRsag-9zelZ{g+nnt_Yt2tH(ht1v%QkMxIsHTFNE~SWWf3As|8l8v6x16PM7!@|2bq
z_WzTqM4*^J<a=lAP^5UroT~$(6Ly4FgmXgdslijS=vF?1aauqZRWirIku>bSeWJJz
z;+Vz{ya|(2(i(re!5*N6VWs;7Mux#-qOM6v(6X8>ug#i{2f^37Q7faKXN^8wdq9LC
zPU4g|*kDDV1x=s=**mQex7D?5o7`cm5cj_vL^&>Hy94)|D+*<c{~v8efI|77HXBBv
zWM?4mfUs!oBvz{wfXK_DPM~W^#%qw?kfzZ6U*0kWokA!hDcuStn-bF2t!w@RLXdV7
z%z;3SLf?-2PwbMZ@aumcmm424u!Q}=YZ32h%l|W98J>L;5Za7~?oj-n>?eX1L5|bl
zItT>3dD5qS?>rEM^#APaa0V(*FoBWZP<1Y2Qtkb9aZ4FA^E|NNF4syR6^BK`Fb0TK
z>LW$TSG|nkyz=FPZM9B+x#r#?3&2{^O4JpY9vcC>WAqCMvo;1hlP8mpQIYd$xXc<_
zSnnp`8v{HVZ$BH>1QMl@RE6)VZ227z_#4DV+pwi9YlqO3=}2^`=2iqc3wF{icj(s<
zKBIns<m5s2Z*sEDb`D5RT;z5w-5}|If{_&mQg$`X@blRuL+xw){u`TM(|<rC{u`T+
z=O(;dZ{KkMBzF%B*1?<0nt(?{Y<)*jGibQ3-@4H;A;af=o@Ya-SBJSB{Ctns*Xg0i
zR>hURt1GP=!M?GK9`>C^<G+_aG45Myx{+5F`&P9hvZu!LOy59|F1hdjT$@081BdT_
zU7Jk5HRly2oLqC+qqPw6oy-VeeGFNd#;7kMk~5j7TDoq8+I?EqI-J<E292`1Ws(^p
zRBALXnwG+?sreX1^KII<jAQ#ZT(hFfvt`ayTE{dPO+mf4{=mS$sbv2ICD{Oqlf7V4
zViOmA&;&qnPPW7Iy2yw*NwH+3<AH@98cDT$zFY6samQ#eI^<hy3pzl~I!8=|;FE7F
zoV}w+JG)XH%f~zM9mcKpYV!I~;Y}`31TPmVqQe6GX<ayZ)PFC<g1#pl9&WHkVDEf)
z4RH7$Il#rgb=Hs5_5-ZkQhuG2s2$*LKn0fdnU}CJ7=NXjH}WKak3c__QEQHKmi|ql
z4d}*M9_H6r$31B+&@QCa*SyXeeCqRK0i6jO)a-Atl6D_2U<HFfTWQjXrS`A^kGh7t
z5waE!UFHDv`}p`ZOU5#+R%KO*{TRO4v-M2S^)ODTAZj*7ZcWiwvjUK-aO86(Rxm3O
zGi2$(CT<3XPzhf}mb|t7S3uMZ)q64tcSX)!0J4zt;pTs{5R6TmN+KCy*NN1|@B2n;
zwPE4>r@E3A2bs)VfK70~d`I!G0m}_Wpo)XY`3_iqlydjt9(~r!qY}Pi%Z=~Q-&v*1
z&JkbG69}DPMDd4;mP-N%w&PG@OJQ0Ek;*jZSYz#W5v*h|eHWV&=f!Pn36}l7gF>E^
zOEoTlkAt<nnI?RmxvD~2vH53fUM)6ivLsZ3@B+XLP(afebdVp+cswf`n!V=)eF39V
zG6WBda>P9K#JKHcz^O=B$Dbf3aE$k(19$TszsEUdH1%*I&RC8W_4ut7@>Q{*Xr0j5
z<7=j|%L=L4_vBi@iLbT2tG=wqZEt#puZQt<ws2kdsR7}<qb!X?s-dOuvaU>tSd_ST
z$*VavC^biJ(Gccv8dC^a$-f*;t;7chEMx&52P=UKcnuFK=H~#xwtxpHf<51GJIEJ2
z#Ejdsf{6v+(=la9+C#|V-oN-DOIn=Z(7_+&DtWtK!2hQ3?;+3jxq=Q+RQ>yS-fzVv
zYw9^^Z7*OsXi9+pCU)a3sUN`75_jH8CO#=VEf2M9hif{qG(PrSnv%NxccY%26}_rm
zDTqSzyLHy~FU|`Z@Mg4z0wRq|zJaSefJ9f>bZgvGiD?i@Rcz3p8$b6G<_Fk<LGOE_
z_AioGgJ0zq>1xxG8;}^T4$xrU<aM|5PqhBE$c=|0kDb7}Wnnl0t@ybBk4w&`|CtgP
zLh;O8aJeHwJzvu(?HK<MmkdEgy<gK188C!)!TY{q`GyV$Q?6WH^d+9vN24ygDOZ0J
z1=?Y+egn#5ogh_Av0$t~9ZWn5IoZ^%F%IubB$1i_T6p<G;am~B&F^}yL3H*cgr>nV
z{W``|5?Fk@C1`^sW{m^kF!nK0i@oxk#aW+vwrcE+=)EzC&tMa$fts3jl=-4HhV4L#
zo;Ix3bsL-6&AFzx1+eOJ9UfM;@O&InMzUNrwYfd?c!G@>pF9B^*<6g^Wi7c7L-UaW
z6fuyvTG7FRCJ~o?s*HGxatBfev+D_bENJ?CY6l$+dD>0bTsOMu<SEbv2{^##h9qLx
zR2gZDjx=p(@>{%3F+{I|H1)o@v!}S$cz6~Y{g8R`0V$?)_C^QEKc-9)-)8mEQvdvc
zNsWTr*)i$7f_x9G7`A7VmxXbOtZ_3&SIk@!)}ShDDht6RkOANczFz8On9I^E9gP$R
zs;VP-2n?mUsFw&*xv(vfP0`!r0dJAR(AQl1hXSH5P>xXWv04X8ZLC9EXAA7@bAmJ!
zuoXb=vmyZaM^-<h!J|FEeTI^wePF-K&i+uV`tUjVj$_JubU2EM`_fvc0N^aa>0Vl=
zCWC#dVBU3z^`|EH!G-ygy8}1B;XBaiGn@+cef_nC&6qO(SFLe0Kb$TNR|3#VHvn2$
z`5%gDf7*pow7C?C^O{4L2`H;^R{tK)5*69(8T<d_DmX?<Ff5>ks21mM)ww`X0=ih1
z!iv|i!5NNUyOtod7CZD-niWU!tcHiS?sWUM?%u!nx3NW_klUQ&(M|3y@><Ws@N7er
znBuaa$n~)2rS1P!h%zcD;m{@^L&w8?9cT<yrpfIzDi1cU<0Wo;GeB0XUyTCTyWU8e
zK+M|~A&n~EqpN!?C)Q8{cA_yDa00QQ4Tp8gS^eRIY*U~3C8&;7yz+7p6MC=;NZ+-?
z2U)wYzU3#XR$Pf~wkGB)SDKm}W`9iIaHCyZ@60Z~?-JX%L-o4VgXua{6FLFwm+O1_
zIKW&@+XBmd_nE8~357OQ<ZlIf2V?yYl><ipO_ZqzmPtJHABB0f1BkZ(8#I`29ho5L
z^cy<^+8u7%+XJhJ3;^B|HU!-kV6(+adjm5KQNZpdaj{b9)Y4tx8v#lh4XnGopf?%s
z7Wr(ZMut{Jdas|evr!{2tfk2NuEJWn2MBdef+2mqy2mm>Jdo#F(2ZNmn!)Dl?WGZg
zr}_)x{9#+q6ac%OZ&aw~b{b%}^Yz{$W<^u+;79uP+{U8AO^Sbf=@A0)k)>dJUoD1~
zC_0%TsO5X6E`7!-*p^Bn<-=7FLKkfT*DDO#OD)ivRgOxqU(~j=n^Q`0a4BY^YWz7j
z{7`Me!OQy6hk)gQ2nd6HTmE-n5uzO|xW2^0$E>{|+4w;ygM`gjl+$;YyB?$n3tKn@
zW|6FihLc6#balb2hj*}Eg?fC;ouFyntTwfS2>1L7TOAYxGTw|e6PEo@baAv8)AKX|
z<t$_or4cSF-U`v50l3Pb!#@5YEFt~O*~IFv0Ttac2R7;-40A$UsQwxeA}x}?Yx#-q
zkgP~bOnHpl#!@if;BSS+fbz!XI@sHGxKXvFpL(uuOxI9!EGs)<#BO;>n^=o1$XS14
zo?zWUR!t6M)nGVFaLoDoQr`U${5>=|&p606y0*=vX<h;0U~Ae4?vyqq)&^wX`omKf
zZAklj>IT^f<u3C+^cB`P`y7`Qn?(uZxRPh|N(lf;L%9Z=-*qSdtAGe^#jrt<+PgFP
zYl&C?J8#I~%K?N1^6V$5eDk1?Y)uxvO}o6$YA#UeU%WR2s4FFLl-~$@s_3lDgJJxv
z6s6u@e!0T7Bm{qcCz8dhmWQy1NYMv2rs=MV-})TT0Wabu-|?+!u3XAt``JV+((IgA
zxL2YtW7?p=01ZYAOU^(14{-^=E>Xp>0D+8zFg=DC)(iI&F?^}xQT{oEd<Vc5BmdU0
z{%--wXj8eDK`$Z9dOvj>k7k8Brxjx?IbO#?J4gtijJ(rTO~SZFVLLQezZMmcu>M}@
zrHT7u4DV9PV~kM;#ajGZ51QDOkD#T|pUNsaHK~vr;dhD2m|qrhBvJn08bxGdW{jif
z>a(NGoZ!Epn#Nkn;xKyZ=M9IEY%6dc32<d!nZIu)OQZJK&WhjA-d9|xw~c^Wk-+&_
z8GZX0`(Wl}B(GQU0y8HmsV#Elx*7<U;sD<(O&a0d>u=~kIvq;^i2KWYR`Fa=Bx1p1
zc@m<TmB8yWVVM9VJh(VOU4i^(&z{AgB^U}qbpg4T5jdypFvJm?Ibn>%1_#9AC~q15
zAujbv#DimTi1iub`d~w1aR4dS9<le!+|G$E@onTEnMCa7HP|OoGoHnm#uQi|nMy}S
z&`LUm)euU8BvI5TUHBX-@YNejA<+~>8nV0&4$8enwTv)#lzUQr1R|JfwnTv;#%Wh5
z(L}!_E)q^PE;o0SkxgX)A{5}6$e63XXpyAMP^}@h1KjYQ)kz~jy=Ew-730!j*d^V}
z3PRd}rXDIZIcxSA$fN5bOdGfA-7=dpqY|wLkuz%~|HgBKL+;axKQkS@@q7gso6vY3
zn0kH7JW8{fk&`-w!=g3bKhi>D+oBe8_hz8A%HGLmU4MgrBR?^IJ*ul(<o_D!bC&?z
z>Hm@rV2Y7h)hycl-n$zByk%tQdNP9aKfL8D$Z8>*EU9)t7m{V|mV^C((>wVeIuQ0i
zzE3ZEvgA#G6S=H1+fnpDXg%f7)rmH4!`|E5`~5yyug$l*x*Fm0{dSSQ`t#-<oxbaB
z4A5xS&Hnx76kSi}^Lbz0_v0q~<Yl`1Bb>g=JhJd5{B-)#<H<f-qP?xnLk#=l)UL22
z4?a|zdydkp>!sX%Vm_OVKC7~&qPz54J66yogxWRj?^Y*5K!NZF$vjViOjOb&*M<Bx
zBdPpnj$0$pbH}WjDJ?pyIb@gj{lUv~cy*Q@Kep3gS#jMg$y0@qJ8oM!#;5H5@w~8g
z==37p%1Ctixw5*-9a8z{@MUnD{U>!xE&tia9Wg#g5caesRmk=IS^StNb;-r&Lq!>!
zGA{B*tEam#=G>%9^TYaB^_Kvn48`Y0q;su{5Vb&qH15Rv^pnWaGbEfRg3}K+hU3kM
zINMTPA7$Rl=lk1_$L&KOBE9p^V+}Gsx8=!m4~RCU+sv(-u2X?J+>V>`?ffC8s>>#K
zLDBjG`WH=OX^q*+Cq?*Sb=%Fimz(#VY;Vh7c<|XVx#CQ#l}=Ja-n~&02W2Zr``)*w
zG>&v<lCzQO?>{mRQ{sM`@yT$*yI?1dsWpZ`(fONe{IdRKmF5N^eXm%=$<vlk#Zr*F
z@*GZdxX|FZ2E21j$`6kHd{K}q%CJybvqlRs>`?~Z3V9xsoe87HRR*nvJ%i@fjwItq
zG}k*LK-(R0ecp#v?q5Y7oQY&59oX{{2;QQ&tA?bt7pL$=sT=MeBO%@R3#2$Pq7wx4
z8d<;s7J*|`sGWg&n=McGu|RZ~m)2U?lE&PdvT&uCWG0qGB~7gU_oaX&Hb~Gl6_&KC
zceIrEizGp#_kqsYBEu?{z;6!|EK{l=^pUcmIS$h^qA9eHwk7A?w3gQQ>4F!lE9>gg
zL{BLM`OU^IX2mg_xN{;qR(3gZ6h)4#B~UdXjVl7pAO+J5ht0^>*FzhY1ph+3v?Cw|
z^qv|kHrg{bN~e-RQGGD0-N^qildtpJaTqB9lotZeSVh9;`HG<G0uMb|GQ~$h`o(hQ
z7`-ONvE_Y3O3WjB0~We;rN&o%dg9P1D|S0FBxd~|W&*6{hVwAS1doz~o`IYyFG(kG
zvJr;Ew^awv){eZ*m|d&ii!Gu)*){{U88Ue2ZL09uhvL&u#>VdsqOK23JE#ap35}eQ
zh;i)}GXPmIh!IDzZv0%NV$)dyU`aDFRI5C%G|sPB_<0_rieyNfFQwysbuJ*Q7vHv3
zQ4X&|A}H7R5C(&Ga9m~Iz+0?f+Td>}gmfsPUP7>`*Z86%gLk0*+rtQ09~Tn;ZqB6V
zsa0PEtDZ6px&u?(KHMr`P@j7n4;au^pm?7Of0D)Wt}f5~ZN*Vc=@z<|JEA4pQ9~(9
zzxhXP@KR@}Q^iq;w%^W%el&_ZL;iR0I<kOCmigVx2pfT_uihNoLTDKZmh)`09M?EI
z*~QofEbFo}YGaZj$*dhz$?c(!wVKx<PJxNAMB0R84tj&fI(-yO#Rx_g2->|ch1BYH
zr#Q>@ss!7Wt(O<8MpQ2Fjc86W(ow&B;doChxerR6s}kU6o89g#H)DvRRz#KhgK#+g
zS7k=mizaMSWOzqXlu0pU^5dYBnQ%0Mm|!?(HtZC|2t{$eJbIa^WHcy<WSX0i=j92M
zyFh@k5mbh4ib`ruv07u5yryiG(rvT|#&SY3zAW*j2GelW!_N<96Em4m0j#@i2VwB)
z=Gb1f;8D^u1X|Nuho1cj*qO;QFti05x;D}56A%GNR7YtN;MT^J-o?>1U1z4V?UE5T
z$hJ}Y{R0qn@QKnmR~2_HLDf7=mDGu{vS9;No(7#ERn@HyfbW$;B^+6LgR40&VW###
z9k0`)dI3Y$9z?z7-SWz}xSqV$2$5{So<Q!2&uEbA`h!HVM_vrV=s8V`0089`oU87z
zJfZaZYbPhtA{l40?mdxyfV6z5d2p=Tl3fXvqoyj;Y2orB?t!{in0w5XjsU#Q(J|z4
z*49*xTuH8k^=6%>6gpHUPR}Gt3glH;$rUxKA>Rs?5?nV9Ob<pkxtnQ~diAE5u=I|)
zVXn*^BYRlY38%IMLSqjL3Y7d_?>8s>uCXr+i1DL2t#hQ4lgtUMU(tzyPX{+*yB?k5
zPjfuO$L2r|@<)?E@+C&B%5*>_kEP3ccUMv#RiDM1yHGRZUXnZ`PPLZ}s%(iNv>j?z
zeJwVwt880CJG%C9?jOWcoVNfg{fzXkPvhYkUTuf99%+nZHtmXEu`cc;`ZD=OKut^&
z-qj1~zqLu4;Pa;v;a|(7SRqpSN|renyunAivrX2e-O+N+6;iQPo2@Fos12q&V7el%
zj>9!l`p7p`nw+&~^`gg_1ycGbc6Af-Vw6%P!%-So&d;Xc&yEwCJejzJzPlDCvyV0k
zCU`4$@#Y;_@wp>g-GS^-+=(-7eObqc<xn&>C4#hy#M>>3dm+ZiV*bJPzM!6j%Z<tq
z3|IG68Hx?pZf3ght0|Kf2xC#40TS>7aG((=&TQfeQN4B6M21Dxxccx|1iMK{`uBX<
zTzHaA4Q0y`N*w)E|DrRX1lyDm=1~+(<3VgACcSh6n{l048D{E>DHzuygFf7}c}~tR
z1XkDe#JhD<(&KHMV2MT(;}{+%t<2a=yh?PiJezD8uvs?96QVwFGh+?F{5z^cAnmq%
z!sD?t%XQoK)hcMqu45b5DUWiF=dG#q!|iS_)72Peao%5giu;#LWNl3|bn#q5>^aSl
z;&#uOG_=t~i{gb!-?@!Az+EmgM(Ao?%_2VF3RLV#zAcB96JS;ISQhcfnaLE$8B|P^
z0Hw^hW!fWh6Nl>HH8PXg6tg%Klen0P+)b!la|a6#M=Vem1O@!y-GiWnZxwV9wqbZC
zHZpvXLStsHs`gXDe~!>X+f;wa>%i!qY36A<&mmZ#XI`mZD^<X_R-YKT!So@lr~C0n
z?W1mRx7qT@n<!pF0#kEkLi&-^q45jRfs_^RY6PyVRnedH5(61iLjWvz+F$hGs28ed
za@j2dk=D)U;5ehCN9f9UJ3TTBhc~4g6>p>?OY{!&HrA?E9#WP#T4s(VU;;SPE5RZt
z-9JU7;@CJ%B8Reo6Xj-;Y*Tvt3r6+n2Gpp2^3)W7H<n0>S)-5oE@1mh^+(DV+9KwH
z98vYcX-jw)=<||*vx!?&lF2tq)UbjK5m&34wEE)k@0pF?!Ch9~wE`tKY9#%X>kl~)
z?<x!IBo7qo_Dog`9(Nf(=YDtN`irzVWn&%Bz@J)Rc%zsPbF{0mX5ZSUeqWBW1c@u<
za?p{~N)!_oW{oM)CWb!0rGj*#UmHR<#Ugo`y}lR!iI|awjBtB{=r;8ZCdxH9n}C3S
zt>WZfzlR3K?gBF-V`2>;+uC*)IWEMs%h!5-C?fL=6;kF99LoSrpVJU}dcgfoT_#&O
zA0{6QDH7}*7ja%}GDqHDjGjoTZM5tZ$*kj6u}WW%Q|xEvTXLxk(z2`0%PJ_RAoSBL
z95FsVyd*4E)C|!Q2%@y0OwRF)zcp@g90d%zurXXJWO6YaevPY|-C--s!U7DsD9)Z$
zyD2?TDG?2zWr7|pQDY_mfU_mgmI-{n(rwK6z_Lp0285R?&&!L*Fk(_cH_nSFYss?b
zN^6U-bLJE5TM1O8Oe~6{WE!uu_dF+fj{TII&16ECc4UQwwQKl3e0IXt7@tPIVzYM5
zjpLzh8*S%VMi#;nwI`x`8H?tIExo2`HIXDmvF`VGdzB_O_O?G!ZgxzSSxeX=kzLqG
zc+Kf(Y52+YeHU<4jSq4Z!unpRDjcLm0yOyGj=&*`S%oJV2rSLg$gqC6p+MW-sS=pu
zx@(ZnGLJRoga~CILs*6dw$u-*@jdnc0GT4I)Mm@@l`ZgnEHgdTfBxV@KRFnZo56{u
zV<-w%V5a)mj>@~#_c1i-Yzp5>ei<4mRGwN_*c^5(<8>#cZK$DhI;ISznKK0B$;Kky
zKr@no5z_+?>IE~_E0{id?_B9={;KnoI%X^xj;=VH_?MHO1@>boQ2O~KU*hgaWA1i`
zMec)y@`{a}spK_J`pG(;`%&C{7?M^(r<p(AMN;?Ek@HANLa{4NclJo+c$)!Lh}t>j
z{ap1&Rz`Y0e_Kn@pX#IO@f5S1OZ6$;QZ5+tV{U@wPAqvn8D3fE&yuh5vhqNa3y6F@
z>glTHX0{grsPT318rw4VqB?0ityP9+Uu*?mW~r`1muK1g4&R<XqS~x@Sgrcu)2TxO
z;oE~_dzOFIoELlihAXbjeGl~}9-jx#v3K)$IHtx+UN%cp&^_Iq3@d?NCqOihJwp0E
z#FAP+Rp&%!uHa#5*=v$J>jV}KA=-E8&H+iU3j<X32v6_;7QS-a^EguJOza;)-6HVj
z2IYe!pB=tH6GnU^`^03l61M1Wgk45kY?#)!`#(KRNdxiNOeC<NOe^uB8cw2dTw)3m
zKj=c5av)L?To^7{LH}AaXqj^=X;9q1GP9*pRX}^elBEm^KR;JACm&6CKlaNiCTX>O
z#B#lS;UP40+Pu=APg1j^#y9b|E!UJ0Q8t<@5gVH7kX6aN1T{fvA}LY?{E%tkcn=Ue
zY9yIgH@IncyUEsFu_ED-V`00p$55&n){!O1ZsQ*XJ;0giT<qZGB=LVMX81uT$bjR1
zrz!|k_(BH*%}kxlQPs<*CnH<duX7p`a0=r|#=tX|tTM~i(krr-ykS%J8ptAM=Q0~M
z&MhPmMfyLv6}m!>6+(fgBzs?rW+}M{mr9Yb$imUi2tuO^P2)zwXWMj?Mga4TqmU>X
zw);7uCV#w7`dLo(m!V299r|=T-FRX~?i7R!k&_#ZNe0HIn^N*up6u!lPK@NmW>Zmm
za<o#$&OAJNkB!l!C0$UANIGr~7O+bBs46kl@6AifX@#^Ov}{*FM{H-f$SSdmE!Qcd
z9bhTtsTi4sfpXO4rnO6qmHNSd#t`_-)>LHvY8nFs!qA|&EFQTWm)J~2cCS1b$Uhy|
zSg+Byswj`xhV!B9b2(11Z7KkJ*wB6w|F>r_0YV5{j?KGf7BkgZx20DEFQyZFr1k_`
z{xw#oZPoISwZwCVq!RBE_l%Rc^cid$S8Q#FlZG;T%VPq9C3_Rm2#L?B0M-=vr)MCq
z(q2zQ9qMoz6yK~<0PLEL0G;4wMB4RhMJTdV<w{sxI!8ahJbUjXwf4`yI(f$dLVmX^
z;-A@Va`=NYcuisP>fqI^CY`L0>)xI+0~hwQ!u%n4&JgqWO31;)qBxD=1wWuU9YC5>
z6WV1ng>7Fzyh}Onc1o|6N{o98;ULj+BZQ(F*mV*VB@jdVc=a$*$!Sp($yb)cN+_nv
zG6nV6Ci*Y)3TTef*x=`sNqf%d0kZgh;LF4y8)oKm$Vn_^uKxIW6<Hq}eHBrTvy_12
z?}Pn-u~!hGFcXrzKXO=yswIpLNG6GOsB!?MYaxJYf>VgK+|seCfv$8+ODUPYzDB#r
zQ~@<%o4UMNi=`p%rL1+Lyewx)M-F#hMqG_maDA>qolISJLaV2OYNX|LMlYcKGQdU8
zVG&D5O1%4v(~p#zDenHcxX_Vdlf;BsX!1@Tv74A#%UP4&`{o(&XmoFBhzZ)(49E;E
zLrw%|%bQWE+zj)o5#%r6th$cNhHWatduN(OIWlKwD@CMFsmfX4S>NngV0m=A3e!95
zf@RkB5=9q|!EnR1OB{;o<-2%0S!AlSGd{N4&w!8_OX1R_b#Ln8CPqL<=(aQXTAxYN
z<Hg?<O{D!53-(x5tNaV@NL9D(t$)9kz2$3f{*;sS9^)OnuRLQ|Y(@;E<y<=NX1R1*
zY<~0jP(4tz^$pU5?COf-eL(HzTL!BC45@IQWE#AKcWtZQmWyUtJC5g3Fcn+&Rejmn
zSHY>gp}awy3~EJ-y-6<65+B{XN-?{oDVN-g6V@#=y!B|pEwnZ1piH($uU-GGkiPS1
zys9<WbxP?)=+2h1gTDWYJrfvP<}eb2RHVim`OLVEqZFcN>bm5seiLA}N-)|*v5BX6
z$C}*{#_9oVkMcr{X%~7C4W2>4#2l-AT8ZEV!=5;Y-*c5AICtFKRd=>j>PKlD6PzMc
zbL<x%MHkEvKaKQ*F%d2vss=Fd274=|Y7Q;c`qt?{#?iV<=$mN=CG(mwwl$13!Si66
zlCbPH&=?$x31p5}pG=lw(J%q?21fkz3Y??WL7HirrhTYdi!cKA#Z<+_h&_;Ics4F(
za_~3Hg>k|X97mhMDdow`<(T7G2hFYLrfr=or*u2I8>5(SMet9E)m&&x-nW>RQN|-l
z@X?-yb;DiS4^cxMu4z`2<6eRr1GCXS103;Zj!=B0gLGCN%)4hdHOvuXobfR@w#hv!
zbrejQC{pK}n0=Hro`*6nVV&GYcV+~IKZ&nL<#fQO-S!ok_wBiih@4@JoW;O@B@CWM
zgagJC@7<JSGTL(&#&VO^auesd7X93$#1S%W_(n*IB63E^E@3eYABXJ_ID(IfJgZ)p
z(rWJwp71hkHdpu5HG{rC@RZoKUuz8sUh9)O?Xxcz-20>3K`v?X3O3bQa8K{L9VY*C
zu=BE%M~GC>FPNVCx_NH^Br1lw^x99}RAD?4hQ@s;W%w5e5k<ro8YXdcF({vj!QBY+
zo?B-5LlJni0CL#P?{|AgJ#Up)5(oD*d6Oy8I^o`2=2-5=c}0j$Uyk<jWr)|{`bi9B
z$!A4CWC_P}V?NoQzgfEca?^bjQ-Ej>3W4yk6|4)|^RYJu^#H9B>UT0{%p?S-ZKH}*
zv#OCc7e_UA&8jAFKTt21AlWBr(+-@^;MFxgtuUdknY~!VlDP?y1<6R`9SX~_B@LEl
z3XLPBpZ(H~AN^cx`f(0LGE?|ECy{KUA>VhDFCaX)+*tOU5j|!+mZX9lBQqbnD>YNb
zf`wJ)FS3p$X`Zdlnd7<5*TpbPFr6J$&94-(HJ9O*k{taj@PeFThB2$i>*+^v-dH+m
zGeJwOa*QdJRXt$UByRVhJ^PB*{ui-`v@K3LSzvHUGmsxPX3)#CM*0)K*`{s8`83&B
z;E`;|%G#Sm(<!=roCYH*RZmGz64rCIRvTP?5@lWYG+B|(1$d&~ljs8GxB++xGHHHa
z1kT7&ra2Ize=wT$^bGR8OyxoFW>@4sIzXZ!ypimbiPo%mKldYzn)f}UDNdfXScn$s
zd#t2_SYsNn!CbG9tU~@B@P-rjE#Z|&Fg0GUjkO*tYmeV=oGTl4*)Z1U0=Y=mb)d?k
zh%xY7B`RrdXXCQqO`=W514+n?HeMsHel%Motd)TK>qlhyy{I1fkfoCALYs#gD12CS
zRVy0ZugjHyF>cf_vi*QXZgr%!P8F2oAN$gk6{s5n^3MmsYSzLY@eKB^!aMnZ`NSYj
zSf-$9<!K}t$TRv@l~_b`M8FJ9lb*jQNA2z<u;4WEN`sI29z!gb&kM1@I<XP33riRL
zioyk;j9?V!34W2`{W1(^L7&q~$@%$ie52U-a6OsSll?A!*Q&tI?-F<5=H$;v8<eJa
zjo^yn4S9=9ecGrC);-5BN0%9J5%MC|rF=d@4Oo%koGUHQX`G7&ONUNQd;%IHhh-c=
z*VIjvXfr!;^?I_nJO@`%Cb!L%zn#&(`}E=FyFnbOT_ga6O==%gK<{6GFHTlQj)KHX
zTCVIqszlDVJx*Tq>o%}<jxQqX`jY&Q)Bcr~kaNwP6`7pe{-kxi>$uTUzO>lq{t?jG
z;C*_4b$(Mtt+`WgQe(cf_tn?J49g>Z?4mCOv+CovJKNj;9N9KastL@S^~ghAX3@8<
z#s;iW|AXc2{yAb4A%Qt}<%Lt-m<|vL3|4Zpr~dKRK`vXmy1G7I#^~3(7Z(>pKf5|U
zPA2K~ysme~y1nl2!_gP%yM3+)?z6jJPRgshORBOBL9~oYKXyFs+VOnW$Y-jms<Ng-
zK4DgZ6;&Fx0sWy|KFzYKKP<Bx?~BL7&8X>4ZOazvvVXPv6MMlr(&2{sHbF=?Zznyf
z&H0-+mHku`^6S#_^XjrRW3Xy15#+u)FK1tz)bqN3ds+SpqQ+ZLH{1X8n`P_GbHd{a
z;H<MAMfLf4aKFjn=~!pC<q5TP-(|nPyMR@<A-3Ryu|I?&^M4G>ZssCZ7VVhd@v`qb
zOv9Anf4uzTuDklsY8l}&;};D?URkEZ{wvvs45c+Ld$m>nuNDp2N2}V`$PT*_a;?h}
z$1U;@h!!fUtHIncu6Ug9t|n)b`nCz*_Mxq~Tv<GNT@cmk3d^<=AD5qQy%ACZ7ZiL~
zU2f-SW!GWo&~4F_&OhGPX=@fBj8gKj94&`c`13RpoWB@0@?QBi!?H^K#2arZOZAmy
zK26e7!?D_IyH>!aYvX?*rDGx3HMKn0U(91H#BIfE3S2$M1s(6+$Z{QFe1G_ux1o)1
zGYeu=Uyf&WNL!<O%L;@VGPcIH`K8eZ-?C^2Dh9+Prj~WS3s~EO*@?yB=1fg@KE_WD
z&wY?8t^HZf`%bh}`593=xRo$Kt2J}p9HqKC^JH3V(S;vj-t8Av8$&`DxT2ktdnK@K
zZ`upm*gT>afNfX34FQOmY41H@x=Ff*)rUsKMB0D;miW*S(Z^QR%b7p_$ZzA!R&saT
zI6n_4I=j%ZP{_kolTZG6Zc*pH4_kpqKZdHK8g_-n*u_MsCQCeAMoz&HPdQiS)uV<g
zy8||R=yDq!7Do7@mWG#S3(lfeKtke*pKNjO^Wh^=rWVu4%zSua5lz14)wJ0K%O%2@
zzM?P@g^xeFyc^=MFiR&haiMW>NMcrDnV=Bfjz804Jy=|Du~+`iC}YCN>6tyheay4;
z$ZW48Yx+FQB%d=&H8o`##dgbFpK4alxlbh*yCj!ZPtN#uh?|M*sydiafII*dFwBPN
zmA9E{{Y9V^&75LUp(<DBRb*f5h4CGE{~lBPra!khQ*t(H8~?T@b!#X&DW4wS`#B8W
z8%|glU$`bW+Q9tCNI;M8<z_lL+5v6<dqZx9D5v%suJ`lN*d_MMjl8Rno)4jUFkiH|
z2lNZi1J(-<Q&iv4Efnvw=2Odb@}&jEA_)9G)+lR&Rd$Jvu%6Gu6hEw<&(=`BNHrus
zpXJSESz6;Q=h36^;7LAt-;BM4)4P}0vQ){yEo+5vp&!v*ji`|{0I~5106`KAkz&%Z
z(g!S6o%b;TtdHmMq(fxaaO6kK&s|WiqC@<(CMi!lAvwIIPP(GJZ`0fVD<R`{K)!)8
zQmNEHPTRm&>4S*0RIC=oQ6uP6&h$!B0X^RRjf;cb+Y_$dK=s+;fpA6SjjzH;w-qq!
zkN|_p){_uY=(Fer|C5-hVN0j12p#SN{hlEAMQz$*bUsLbeW~5H_3#R5li8}IHTquN
z;@0p9@`+I=CTg_ZH=|^*!CE~GdzUJ558IN~98i~ker|uhjrr=nU)%aV^>yp%y;pxe
zCG)>!A71c(9O8dI41KPAOm@FrNB`OVc{SVpe)G`&x#jy-?VEh=G5@*g`@X%o-To;7
z_Ph%?{IfujHTgm6xcr0qp-heEJEEceyxhAN5ups@un|(xiZdl76mt>Km}E*yGY9?9
zX5+Ov<2B_mHThFFr7Q=t;PcC&ghe-8tJtZp1Y+!ieU=U>8R2RqUtOIbp_>k`es`fP
zu?bwn@m<possyJ!S+x+Q==Ooo^)#&)J|T0}B<NVSw@n@INXqE<Arn$Dkinn2rXWR{
zi&bl`B5lK88`U}4vXo#ad1W&y4qG;3Xpn&NMN60!Cu5ePsC+YRj`wzCXrPPwl!(8J
zaCh03dfZ$ik36h1&t+a}$D(y^GRe%~8VDDV7;oAw)0-|MbElCsTX6-BxVDnDLprWk
zVoof4k2b2xXMF{Cms^lQx3c#-jfeO+Xi-zfE!VV}rzy6a0E<jZqj9yQ6rRkBDRozB
z{mJXb`3=_cw{hrg<gG<Vo!YIYRSyq@$C6_#Jp1%f-YM#_zMsX_lG1ePuI<sB`x2jh
z@dV08(zy%F<@r%YatPL)&BjLes}#N5*XOy$=Euz^Q{AsdzuH4LnuI!Bkq?)Xdm=OI
zN{t31QL=U0X!&IN3ik=TST-AkI#dIg5hi~|XbI=THA^M)+8pmN8lrl{y^NqoArewq
z2-<pSbKVFJY-2~x;BjJ^T{0GJm^T81<3a~aFtRGN&I#U$F142@83X{S;t0%6*xNu>
z!yB|h*HbDBT|1p(tmIZ-%@TtyFDs0b8iGhBGI;q~=(=TtW$*rT%y!lI<*Ui|sj~Mf
zqau7{PR~h*E-2<tu%lH~q6O7^y4p>coG_Oc!b0Ur)sER_%1i+1xJdQA=Hlf&Gi_fU
z`W?rj!s2Zp3eQ*S=;&)a-;yAicVnN7R@8QYsE~ZFjR3Rdj?<Nq!(@{MlII6=tJ&l7
zm8Y~Q5~WY_T)lP{%WoTZB?iX{j!N@<wQyd}r~Bl1Tt^m~Etk68m0z|C1o`Z4@r>{+
zEF&nXQAav*7HCBxeY>5qADhSXq3Y_N_|MVX{8iN-=+DugnCzMSLNx7#9>5FUha!&b
z(}c?TZ@g!rH;-NTqk0M5xmgsx!sZmdiXUR3W=lw7%NpgQFvv_?D#!LkPE?a#dvUUu
z=83yzlTO^l;E}2$XbU_3{gsbHTeTGH*3zyH#jP#%UJFJuQo&xHukaSfIfS%{T_Mw#
ztto?&6Ti%4H`$EKTTr7mqrTq@3Ttthn~6%7en)M{jHq?6@N2}{sCK)hHs{OU6N}H^
z92sm0Xn%xGr|}LXwXPbWm)`qc5|LbNTW}|v;8jah=Z?qk_4N+oE){H2vkPKAX|GQL
z&d=?zTL(#Uk$~b+6Bmy+jm+S}=nkzTJHF++&ufpppN6<UwJl8ZFLSS2)8g^&+;(2h
zSm>TH91C=gI6CW$b<xP7mSwyy&%m)8#U#=zBj1eI_PR>}3Xgzbk|3NU2&}>ZYBgo9
zPbH^FCs`vYX6sUv=yX>j#>g-|q;PAQpzA>nGG6?BzMj{7dn)L#my=Rx`x&>JVbpc;
z2y}#UQ0V+IW!SPHtL|3+@afmA<42zOOV_MSowC8TLz$fFr$$|!rh4rrhfd-0$E3P>
z&yQ^|VmNX4P_)R#!7}H|h`VK85b0(9k0eXb7cgt^tP0ACL>B!(#r^2ag1Uo{39z>s
z?TgFS8oORid?vHGnbUFjG4|x5UQAS}sIjma{zD2Z#axfmNlg6n(C}$uMZE0@{8SB4
zmHI+khl!ssLg|uN**iEGq{B9lAN7oCpuC8v7%T1s?A<fU=|kKmj6!gT22N#x{mBn^
zk6P};#L8^b6Pr(<Yoa$$-VxZP`1=B>HcfJ@TJrYf_lnW2j$iV!%-=2ge8H`e^8Df#
z``{<DTNtnzt$AH+-!;nXcx`?8w@(;IY4@21=woXISU2sE5wv8a&f=5j$f<KDHM8)_
zYQwymjBg6kjb3M>8`)omAriDa&za-3psSEJk2=w6gKi%v$1!Xwi~4x&=0}yqk__SN
zA&goJa<y3>zn{xbehv&-<{6`mVPTV}Ghn9~CTxqYr<cWddvdC6*G;Z(f6mJ`jlGgv
zYA%m^k7|hP2YI@fe2+a!OXh#gJ>%5(CHvC~C2%Jh->+ptltJ30BAa(8>)>=HMpmLV
zl14B8IYf(K4S5q2`&W@cFf#_hbymcswN~p~M#^CiH|6I^p2V<)vPthPphYvtb20Eu
zr6Kjyo~&I+2gl~eTUG~Xd1nR3_VcG~D{1!?ga0$)%Kb~!8`y%QEb+|~g0HvleZCe=
ziw@7{MN-&8@&qMlar1mq4-m_qxN4kJVHuYLNwprLZ_YO&zt5!<kf}=WW9YMFJs+B(
z=U}>FZFt9vR-dGxTr~o5If-b-6XlO*oBqC28$RswJVGePTdh}1Cz37bn!QT)R9P?r
zCvv(Q^H!iw=sS>~t^*eqJCz<u5m(^{CW)0EKM*6faRE0SIDw(lPrZ4|O9S%lXMeAs
zS$gLZ?#Y~91g2JFVouS>G`&f|B%{ZxFt;5cn%ZK8>$B+s9WJGhmFg-!O81g`JIH9t
zb&pst!lk|Tloo6u>c-%%{rlRPbfB*d(>r0s_xM{;b1-nRqew0L2j2rX^DjDO`Xitn
zZf}mO>(hHW=RZ0lF;n=)=6x7st-5_`th29KIElDsEA1g>9T$jp^2ei<TU&LUl;&cz
zTD_YJ(ha)W^pxt>d=G9zkkK-0vgd;-ETI7n5cpQIU7e{aTcULKUeAs$8!d@8ua{*<
zHcP9Z``q1^);i38yr%QFr@BL0HFC~Mj=X@y#nhk8KE+_uS&H4K*1hi8_KdsCZDiX%
z1V%Fv=c887xPeWlA*+Sntl~Kq+Lly(Zinw8RG+r<X#^@X5n;*X7f{}{cY~H+O5`MX
z7{6}>R!Cm434I6aMwyQ)Dbstxf@0m1<?lA3|J;<S2Fz|V?1>XbEI(A!r25g`CN7g&
z&MS}v>s{wz$$3oc57X||3Dz`P*iQN?XH__EHUGloI7ntavJr4Vg(3dcV+HZ-F(F({
z_?iJ^_PiA%3j8}B3ynT98S!$%1Nx}E#$6vZZ_ruCw<ZTwycXu1Hxb)0#;*6p-l43|
z1@4%z?h{QMVTz_5rWPunrjPUPxJTC+<vYHI3%;2Vy>YsC_nUW%MnYthAa36us#FN`
z?)5QJpwFQt;lhbh`IHNLdaKV+^Lxc=8gwl*+Joz}#Ax>Yz4y^^m#u6~PuLJK*|7bJ
zDiT4h?u?zz2x#J49iUqAmyKHS-F>AA461QLJd65Ca+Nf6_z!ZLmOa5VNfz_e8!`Ba
zIx+aIG!dyZ3+2ZF9k<$IMDo?ms|W7L1Rp~rotbJr=uyTK$;VwK*+X4e^iL2Z7`N8d
z8}2NRUkz*#H!NAl)NHoVc;Z+HX(P3&OW`nz^4u-r&LA1hq*c`rSn?nyUzLaH$D#}<
zwx36@oj=jqD8B*u^7b~=7DiOJRqr19sygBJx#m@^B_~wO%&Z)2j)r5?t5QHv`*XEF
zy6y~HnU+kj@G9qp(IZ;N8Oy7`$K;*u7$qWnLD!Z`DZO%u)VY!E+(>t;ZN54<JIcd}
z9)N1uOH#h3h4OgBONnbVqnA}EolkASdnPRc$VYdlYa`9uF78Ml9<-N{%b!C;7O)<?
zI%99_vX~v?dED~P#T2}E&r$e^ZNe)xT5nM4%7s5bPRU=m)yZueAn~+~j*r(L4Ua8o
zcy$eqE%f+lyxlhur1cDs#}wpgyfKCPW|B2tn7DXoc;9pIM>k)6{yh6bJo4V)b93KB
zpRsZA0Idkxl3w9YwX)1Lh#SobB%}+gduC>{LbSJAyz{hymo2viVv?lv0t<`f*=cw)
z!G0DNhl^u}f4W7?%v#M$d2;#j15x&DP-J@N$NXu)rYD5Y#OJkrMay3n+&-v*#-<>x
z?8RP^bWj<>dBi?`Ft)SU4VvFybY(aKlam|p%EZzCt=scWmUb&v-TJXA`{<lo-}U#<
z`cSu}tnF+0uWC=Ju;6B}yqgS@3sqe!22yl(5Nzc#tc^e*mzlVyrRJ|*kDMTGk!72f
zRV>Y})!?iLEQ@d;7>}|AS*Q$2Q>oN+ZIIi?o2T;yz;}q$=f+hXl;yQgm#!Pl4VWvw
z_CLq@am+iT*%b9XG%i~lKw+GoS`3a2tQke6Wm3jk)G!ty@@Esu8++PnT{mB5a)us%
zV_D+eD3SjT-^M4f3v2YafjVHOnO8+o!EJxck0ABoi?wsMJTv*SScpS_#d2Z935~ql
zo&EYeAze?|WrALglzcRVoKQ{9r8yWbcOEz(cVv(0?#%ykGi#%oI_SFCAeAL{QZ?Y@
zp)G<c<q$zmEnG@>P6Yj}m1{kzOP)eJ#U?Qi{*%3O1*};l#Myj6_|Y2{X!g4<CNN%D
z5*b}ztlISIPkH^ww&E~}S}~Gv5&`v%-MTPq?Qc$XZ)0@VngQXIj|XEHtqC(tsxI!U
zRL%X?&RK1@-q@-qO{2G5&Oz|gR5++~ucWk|hT^-8iWkjJ5W6=6zOJk03}h<OM_r^L
zJO^#V%o%&j8^>iQVsS_$T5kafX<(1E?q6WV<Et1qn+@09S7+YuO0!<7HeL3SxXd^o
z9Ldb*=2~!*&}4Ncrs^q-Ewfm9w^tA2VK^9I_#Aerw7UPFn!}Zh?o#0jnalYNK9dV!
zmHc8ZwRf{_U2eM*H}iH&BuHm8&=bA0eHiKin+fFZBF}Yk7NN5p)x&kV{Zvrw@`4e=
z!?hE>vwhyA^?G7zJ7i-WMBwfs3kL;o#CYh&dIP!LvaawYorh~Q_Md<9tjl$EeG|`f
z1-vPsyqTIRy-js@Wt~bhnrE!wO5$%yxK`D0hAWRU`1ASzOAWWL%qSH8&+FRX&0vX|
z)q12zr4$s8(91b*vay|vt?2^VjL?_~QDH;g-M_h$T&-4gDz_$Xr~Rj&L=KO+pa`4Q
zqM&JpA!bqpkYG8u@du2+oP*cpT4?Z1G(q^=M6%YhYUF}b)prYmJ?|Rh&}_nkd92ga
zJu2_CD-U}1vMtClb1_iq0_Z~23$q1#f$c{GC>6DE6-4%-@stk8kg(#^dWcOt;j2A5
z3mkxL6Srve_he#?D!uNV@?C9THAh^fL=%74giR2>-x`~C9*0_QiPNpF`m*?gg{r>T
zaO#HKyD3~7wQ*H<s;OGriN^UW1rYf&Hrm7l%J%litg`f~Ugq}N2QnU1&v}Sih<A$D
zf2MHveIITPcj-DoI`d-JSvVP#>F-3h64tXS5!8|!c-1#|N$f%zs)^_9f@~V>2y;fb
z-mw^Rt$UQ|*!1+UuSV=#5U@5VI*=>+pk`I*c7SM?n_iHL5M)6<J`*ZQZ%(sq@dNiV
z!$4)x`Nm|zdreZaI5?&#hRwAb5PC>?Jt~G9HvBSIWoeEYmi1Y{N8yi^c5VYtV?0V`
z-C)RH%BG^lIAXlK>3#A=Z_^R@U_#@^w_O>IknL;4=x8^uw~PV2vL*B?Lj*+OYK+_P
z+%18CgDVD?6mxT{MC#7l51<3|Mv!Pr9Bt69B3QRonCZp37Y(`L1}YWk^6VPl+rD3Y
zqw`oam8JJ6OR^lN5~Vbe4Do9*ucacPKXjm<ICg*9Yz-BdtX$~{rf*rWTniuKh@4OM
z$M~bP>!gD*36==#kgkXrYz!&Ou&&bLbBoGP=nBQ{O+Yoqz~*VKW>D3j7VW$0-{V3T
z6o$!&>%olG%Njxk1EAr8BD7(<D+<gW-XD)Q!lelp(xad6#!ebQ^}c84BPlg@Yl`N*
za%tzp{?~C6LGrM24BO!JU?NEaG^HUgp?Rd&<(KNKwxe2Nqyn!b<?3Jhje&k2{^}6F
zp+JXTn+xN^ZYRJ3Z^@3;|NmHftDwyJ;7uFX!5s#7cXxLf+}+*X-Q9hF!QsK(2bTv1
zcXxNU<^Av0o@{+*-$^R@bt<V!Rg%8DukKFN%@!uIM}+BcAPJF&;o=@*T`M(#y{ak2
z#9UFL)Q0^=MG6rAs21wXtv%J~LqKd(B4eKl>=h*2Q(<ikzx@%UAZh&=j$i@Zed*V<
zUV~P3X*io9)DvFuz5<V+t@tkrE_qWn0AKa>eq~``=o4L9VJiDiLxdhvmjRFo_%b!x
zfU)j>w|YLi!$~8gvJh#0Z~=_!HWArv9MQ5*Uma_Q{y&WQ?d$Y^c=`X!m{(;4yu5xh
z=F}9w+0#!M0g}CEJ0pH17pJGEE1NHMytIG6UG4^TK7)@1zN1sc9IWYeryB2#?=Esz
z;dXEIlN;j5<OLTw=<$=_)lai<|1{ter+MAE{-40NV|5k5uN5n8-xm4a7DxN|@i`l=
z1BAU3vYJ`mAkSvM(`dMz&)I;Brw<VQPSCbqc>8mtk=~C{`RPa8Z>pRCvD?B!mqA<j
zA%w6%EzPKMFJI6hp)hZlOD-C3dm#u|lp^!`zoBx2|Df`_%m3Z+*mjGB48z_Bzp`lZ
z7UA8_uyrG75dX01i2ulM^Go1;opGS*LlD1e7ishJe^W4BD!k@ki^FdKyNIRAw8!l<
z2P8s%%#r^K!{~p*FjGY(xQVr!JueRjZy|zjuEYgFgQRi^@>u!tWe9cxMn0y}Pqg-~
zm+ty4EmUd<wO!N01y??OKbyi|*IM4z?ZeMn=7hKC{;Ynybm|y>Wpsb}#ji=+2HyB|
z2SA>k>M!SfR|MxwJh^ZE>1xP(wxLy$j<2<D<i->;Hg_B#ZX@DqdEbB8Dj?zRB|`{O
z1mCtKE8HS$VMahcHaNC-<vfIlG=$ati1xH%43VhF6J^{Hr4bUP-xH<T7mXZn2-2P$
zu|m}rCUll2EMwmpgX!GXTaHj)g=V}IrMm*B0NEsnw@*LfaMOKOzczk8?1fJPwL`{n
zgeC#kMn+aY)UKwH7I0zC!%+_R#x4#-N;m3mW{e$poo4#cz9n|{(E6Hfm$`0B51dd_
z8cNVz5rZK!D|#>wEaxk_<zhKNscGF#5rbL}8VwvV?2gMFO&}ZHWagk-Of!?zWi^&l
z{7q1}WcQ|Yksraf+3~YSww#O;-)q+rpTgBiMnf4^O^F=9vL<fiB`2Y#8x?bVt67kP
zD*KnJA+&lDHCaUVScblkwq?)?4cwNn0^Jh{0NL;3_?wxM6qMi+(4B(!_T*nDu^><6
zNa0kA=);flkn-^;zvwdGNF~O9*4tBVaV7FShx2;${#;^TfSkYBj2xc3n_#lm;}bnK
zMbUi;dECVLp1CTg)n#v)615HP@P(+I()iyv$czPn-=X9oD`gJ%B}IJ7YWU+hQGCGa
z0?t0o-~4T{9bsfstbXthg$7=tQ+9B%Zp;Vmc^f3v+MT6)Xqq!v4QI!b<vjGx@U0^=
zw8*^-?Lkfd*n<#clOME^%uu9**aL9JvBbl-CUk<sx5fE!-ivTb(-Qn=e0=|{^+sS%
zYza~g-{L1xFds6{k})6FgEJorw;_&XMx10Qk__XUynrJ=WP=vz$9U79HbYk~8PgSX
z-BY4WaK0DUcOr~S4R>?M`7g*(=;}QVH3*Istt`#;Rg=C2*IL;AJ}S`b2WaEvjjjJu
zM7s+o@<)c>gX}y3cL$qXhu_=0XA1A7lBSWp$|GYd&Ph9yZv9P~2Ga5=B!$Fi$Y{18
z8@dzaO;+0Dyl7WcDb!Pb|6s#x*bGKb?8$&@^QN@dGrvpA*>on2xEWPwtnH%qN&m8C
z@%4WAlybBs=<|3sk<$D52y6`KIsQCKnC=bue0xRO;tTjZU#Y#C_J8*LJmkE2e=?Xb
zXTJKne`_>&$=MPjn=T0WBE(jMwnk)5X;z3hfJiJbPi5{?_Yhr2$%IT1-Uq>BUGF?U
zxs+}GX}M#ymE42Ucg<-u&P|)C31Rcpe)%VssPW-dtWwcV-GN)nWkkn>P_2&KYYDBl
zc}+xhEi{h!K7VgBJJ-tHinu9spVv68u4zage5c3a%u-6i^2}aJEV5lqq2sFV2etfs
z{x60nfW{lWysl#iWRh4zAF?){A!<DVas9>#M>C<LGqv^}<~2^c_ZHpa4dyT2mrF*&
zkxi7<DILditX9Zi#s+d*{SlJ@<q<^0>OxOE2E*fe4lV|<xJHyB+x=f??0+Tl12OeT
zhZl3v@Q|`^q@yYdQP`FF;?U)bZ4;Lk6L&2EV0mK1g=Wc}QQg)nUfOjXi0<45?#yu-
z+O$p!mih@n8$a8Lis74h&b+js?)3mBzmA{=e^1eSf(hp#-(dR8JwvRxEMdD49$xHq
z*3P>kB_TP(AZu;59(A(z=+yaj_W=1QR|)et#hq5{)<Fz#aqx_+b6miqR(5(kSrIxP
zL9vToDygGgv?6VV%(c{OJjrbeOPt@@%~c|{g2a4>n^9NtU7C^AD%!OX>l+S2!b?go
zB9sx1l{!6JVIO41AeUG-=WFG>$Y6;|TFM!+jUz2=rK|zzBzqPO=pmeRxbfetM-_fU
zbD^C&=fWzYNhtZ4T)OfKW`t#?_y`(Smya>YxSz5=LjO5&de#>3z7C}*S_6``rP(GZ
zqf{=CKtV{CatxBoe#*-X|DFIRmDY;z9v6qr<iVC0h<N6{o=}~i2fD{ItI6~>h|ix7
z3eFq*588vOu=dhXWTbw)8d?JLmQ@3%>caIJlwd^_gX<Q{)AViS-2j1>NZA)W&Ncyh
zV1)oFIK_FyDth>|d3h#e%Mb57yZAXZ0M=bkXDkPju||>8D3`q!dp~-R*`1hjasYyd
zpjF_-U}bDcgYru%K<8un`+X?w{g}DrAta8{Vr4(*c$*UP!8%T^DEjQ?W;ortXe$pW
z{$!7feO(HrKiw)1sF|p0#Cf`{r-)*(PMIU_zmwA{AMH9wio=@?MYW&|&#V7a5Aj&X
z!#H@^-5ax>UeXE0HyRh#Ce3V9;4M<RyvZP@-2s}Eu3I*?tfLePn{44bn$r_brA|t_
zp2r`(po4660`(JvzR)<07GJI|y5Uf(`1wFrwV(|(g@`em=M|x4n7g+JBJ+m@Q)GLv
zVES(+bR*~7Bu9#1LUqkdi}!nBK)Noz^lk1pjF1CLgOCK`#Qfeis0=7HG#));^5#IO
zd*bkB?U@Emuv-pr<P@$h>3cD}U>L9tcLqLo2FN@3P-VdmkNjK)M?9Vxp5dRz-ZSfb
zxsc~e_u<AI5Hxq5>DD{x_IQg!OgTKO4Jl*I2UZw2GkN+_hwf&8WjFPjW-H>WJbKr-
zjj?JS4nx!tE3*?!nY+YQSes<<t!hcC77aWXqsGnh(9Dc@)2Y9B_QQ`k1B@^ICpRPm
zpwZOkJHPFlabN<c8{hWufJt#60M5UsmMi;YHajC^g~q&MDQ)K@x0C@DqpMu`Pnx*d
z<K_iv`e)T&q<l?@U*PF+HQXvIww5mO(QtC_DvP2}DMo2swpo|e`Ra5z0qF4lE2?i>
zXIY+!854@Ogm?({`Eg|O`<5H7q&UXC{#E;ih+Kaaawemn-dB~GF9bF>NsV~;q@WdJ
zppO4t>qag;85&N}({ZA7je_S1Rt-`Dthc+teF-*h!)2S2nT?O?vmSaB%=EG@?fT}%
zOe?ael3?g|0-fv8oB8?iXpAIi4J2sv++EYpaJyvEYsU6}PuAz(_jndh??h|cK<8&J
zf?Y0%RuSHpgJk^m<6!wJ!r+zbPq(iWXeIlD4_^UEOP&pfxpJ`*)IzZgO=g+RM1%Z$
zT$4Xm<pb8+J+w!jCt6PZPqI2vD*lEZoc=9(MNM-I&im*;uj<8YolYCF`z0Qss(#7e
zppwmolQo*&LNAMp>1IzZiAzb3nDqQ&A^sqIKfEK4>43WGo#4ufeLNvmK@nY1p;R)K
z_Mmg3>+-Ig(0C)&pE&DM=jyV|c75S2{KyXiv%2P3%#SQk&6J7mteuVErNQkFa!9Gb
zh_!$BLR78tY@$x^R5y(EaU2yVLE8TKS8}u9PG$cX$m2(EGVDzE2Rja1>`Bjp7V}9v
zW5RSG-nz`ln!8SjQMG>U8^-)B!y!P%39)na{+&#;s$2&B)UpU$GA)C2Z%@k^AbE=H
zG{~7x@A+hK5=13NP4DR)X?hDW7RvV1W_=D^?axfk^SzL*sHmPgQfP|+KNkvh_fW!;
zX_LDkKeES~jo*CE7-rWR$b(Qlhquu8z!OO{T<`}Wbufk;Y{NGxgb?p*6+uKcj?zE(
z-Gl$K;Vu}E*TF`hM5kDZokS()Nvm=BY%DXoI~0EOYZHeXUKz&|Yet*H;lmGUlV0rp
zP?DMF8Dv1Ek8zTF$wEh9e1PWm1KQBbwDk708eJ0fPs_)MN(0$mUJf_03i_~~+V8>N
zjYy%7E_s@tPaD>a>;<#}M*9F){ImW`cXwv)?VMdkUQ3n=OwkvQ;h>m1^&6XqTL~Q-
z`75>YWKSSII7MXzZaL+gST4Kqc^0-~JbgVNusoPwWTy!b9|@Aj4nOzm0pu6M{*UH3
z;I_@&#Dmd&beTU$pqDduAhOFk8AB?V9_i~#dIOs;>Qk{aYl*EGmec+MNR$3x3c+Th
zY1P?<rf3j3fY5)yw^8$Kq0QW*ulod9z$4o~XoiD;5~pK;kcL*(u9AE|bOLv_Hg8i{
zSn?z~kWj<mQBevGrWbHZEVi8i_DC?vs}m<5=fO`HyCZr}$rD(ACB7h1g12IBcSoZ1
z=pcA(?^noNI3f9VA~K!C;+}a3_*;mkKXAr8VJ?Ypzh?rBlPOY}gk{o*#80X5_M6%N
zq{3(fDHJ9CV;L)k1*6^oeU}<Rhembxq00}wlv)+aRK_&^Wr1z{>xhHz`nN))Cww}U
z;f4zlL$Bap+69Z!TMx4Z%huo+x@i?)sa46d*blbhX1Xuyf6PWNMjSTdUfMCWeDvXa
zyj;oCa%lva&ieXgE>pDXktNK&f^sNfRAss)LREQ2{+kA;NY5ZcHd=IEJSoit?w88~
zg*I*E_kny(@T%(Qw=Ux{TKbHpDrFo?0>h?5gST3+*mAkdLwEC3SD<Y2K(%pPpPwW5
zdM#X&akT`vjV}b8I=?4d$qK%|Vn|s~>J3>jG#CfT7$k}>&UK_M7>be%)Dw4)Ej+%z
zT7Kjr0u!o$K39=LHHV(bmP6y-nF$wisr77o<LVC}MDwv>{e^?cR+|Kp+Vvd(^XLWt
zTu<n#E1H4xjB@jkp$Mg)VcR8_NdGh>Y;}lUjc|5ALh|)X{-kF$;hIR0$?8x~&HP|y
zrZ3sW>e`jNdk@L&p=H;Y@Ea~MLf}uAZP}i}Hn#b3tc{{$g57FW?y|h>SEv2mb;#|b
zgEA}#U_s&4I_wD8$H+o?&M4f66*8F^3eF;FQa6C?e?xocur<npMH4T69?9B$ki!Hw
zu=2281_-FAaTE5{wTIOpXc;t|p3t0Q;TF8pR^;;eu+~%&uIu?+$PdVVwA_7-YS}jx
z1h=0j-a{^1SlA^C^@X=j(XGHxek51#?)Kzbd_ol@=^^F(JHrM6eE-j#C1c59#HgDL
zhivrgY)tm#0;2Ss$V~-q$=v45$l?M1uIhT@Mp&buV#gsz(e+Z=F3p<Vd~d?_u>~o|
zmz@q9$DqgjXR>Y-Hkt}skIU2=eIg2i*W_gzcv!l$Nl89iQT@D?W<7&PZW~M~5Q!Et
z3~l*0r5qd(3Lvc$m<!@6KgND^a`rTGOq)_evFccIh3|^N9&T){gV?Pg&eKIO^<Sw&
zW&G!UwM}~Gw{35jX{NrxZPpTJDor$eIM_J+9abswRAVwRi2maPZo`=23%1K6&CuuM
zGWGOe*2R6y&qAd!D{#!tVmW-eBC>iqoJS_u;O!0-dnRQP@HLhL&g;zw4&{zrh;;c&
z#9(75G`@HMHcy&Z&?T*YRRNlCJ4s$Gh%_KbvZVm{wNM8}GQ|0B^wE<k_u__#i@Kd$
zenzu#=)83LqCM#zb*RjjNPL@vhpMqRg*2vLst|lCTjPfe=n%8JlNeni5`BEbSlDM;
zp0A(VZNh!)!dDmHi_PmA;RW?XsF)BNxbpvX#6|@R|GyovJ9lTwC<ds`pjuGht?5ah
z5J8FHjxwbr3ev@f0ou;Jn$ld%;B@UZ@%ZL17y}@p|7x=5;(b#_&^ht!EJ9?{K9BtH
zW;Ds<-k;bU5d~@VDt<BbHg+HMs#c<JI~R?%$PkSNPo|+BrM<zF_(K#eGpw?7W$~7w
zP43;9Y~Yw9R7hrw&@{G+5_U8b_mmVDT0f*6-6S|`{9U6RApH<?r4t_KWrpSYcYMB`
z?s%>NV)`mJ?^64CZTSf%{Nq7JGJO`+@<JjA(>@IGi?EP=qNx5qk<?m(?S>rZVXZ=o
zr6ZPrMsz*fKJJMvF*p`M4H25cS_HQrKbD^?1~VIt<Z>#xCc^kpw&ZFwfTn-dsw(}h
zF*Vkiy$(3iSvj`B9;QFE<V(1Ee*%o503LCs_qju&C5I!q$|Je6Z$RR8M`vGTG{V7u
zi{aIbQAozSA(_ua6atYaL;{gsw!^Z%$c^AP!js*2jUj0n^xd&=6yd4o$8HE9s|{9C
z#qJP(HUm6YfN!~SYC2U5EwEabO}x-9C^@bAoPFy%NCm}23=$PsTxHBBv4-Vhbm~d>
z<V;6VNL8}A_Is?(#cep+on4GMo0bA9xi~1pq~*zVj9&nE!mFSCYktA1d4=|nDxrRd
zDBARQ>@;p29<lnO1uL#}{vU|d8AmR9Yz2kxP?3qAATu5RvKl_*n={*k;K*aB3FxG2
zkTrf)bxVY&p$`lj>raN;br7+9pFTcl*D7K*4PNzNibSgHeh9W7B>#9{5d*!kNUPJ`
zId#Bib4N=GLFe<r7qi0W(+-ar5NxhbCBSD%7k#M+&O&(94gYntJXO%Ke;GSg2gi}b
zi1-U=7*oRu95}4%90)l)cb+vJjn`LtmtZRA(Q?-x@}hRsjKyN;!D~P`>>7TBibhhv
zx4?*whQ+F#%b@@5NeDHM<W8jf@gzf1B2p~Fd1LpLLJQ01<@t{gR{2+RI#jx-WSCHi
zsXGPU8lKv6<dx2=zSPQr*V0n+VS4M!v5cBZPi0U`!SkA-s<b=n7um#P6`217<HN71
zP0s@5JES7po_AfX_fS~*{j1uDmVl&XauI^o-D6%=2r-z30AQmWLuGjbQfY%=3`<7A
zS>I1qz4>$1o7@cTy4~4j)%U~TLjK;E&CjVouAyjM7JYCUthAUhfbEa2eI||`Ga>Rj
zR`muejmQ34LqB2`b2{r|<ZZ%Bep8B#$_d{(1G_*f4DXXZ&nSxaUt5K0#=?>3$>Ss?
zAklftbR?6ZLX!~-s%5O|3hls~n0-@_N8Pps6ONxGWgu(x>kUdi2>Y0wdEvOP>Tl<D
zUE#|ng?yjo2$<y9O*!&v7<nD0;*<!!%I!1oXzqHr^cn3v09HG=`QhA$edhh@Vh`wZ
zwh9lZYckzSI3nxkc%jFfpJR<D_?>O7kqQ_Vt2bsQRVrUo*7?1s$<sQbI%9vKNzvm$
zc;l1*B9D3v=ky^ypDEEbfeh!_5<`y8DRgCZ4qgghb@2OM{}zB5YXkcW0h0o@1G--+
z`2)Uhsm{|cc4@@Z&v)FKF?%^-eNeyKKOoI)z<RU|xtMo7c1@10dd7L?^ZFJlJHdGh
zTFzt*XHcSlGcFiQw=wr5NMso49Ruie_@sm5DW`3o_H244gXn)Oc1<G4nT`X(3=FGa
zfR7~WYg{6b=GV223be{QBCu}7+vyaC&S0RBCvnbacB7F6inX^Aj1g6=jpkPDEYhX>
z(00X?c2*A1FDU06OKAWnO7^0e&t@-Uq2mPlP!#*`)um<Q^F_l>pWa`Cbyycn>~?gJ
zZQ!qh6j&34<TG#TAa}Jypu$Mq$F=Mio%kp_S|~Q-T^m-kQB0&wVLu#Qz9mgJiXzg#
zsyqTq2M_yCDE)Vo-o2ClGj>HJ8`MsVLmkFFPtV%kMDdUFro{4sjZ$IX{$X1rL(B}>
zpo@oEC$)L3-Y(s2+Y6$M*f>!81N+=YLcJ7_Ojh0YB4u9^x^9Sm{^KDxKKZrL83h-z
zF_XMC%|D|Z2RWL-+-hslWyomxdKLpo;-S|xT4%Dr$+)^-a0Cq5@*`<PVNI<dy-eh5
z7?$JT)tL!aM()h%9-ClhwZI1%hgy_%{_-F9m@pAito~@ph1vh2$b?fI`OW*{{z1_1
zHV|0LE^dI0IrCH9EyF2o>7%#Z9kO)k1meTGa)PZyZTm^KrZsMY8JT&$6!wqzwH`qp
z*D-Lls#E=zN?BC}d#3o6ZA5v!7eR2np-ay-AFfSf;;^&XJdI|$@wUxusaf(|!g2H}
zLCdP0#kquCGueq;Gg-JZGrk_Qr=d18&PEceZr;R_kmi;!Ki-5$J(!Hg1NIn*oC<^x
zk3wbR7mf)Nf@m9dT}=PiZoC1ZVN%%RSMG~<$+!&e9SZYSOgo}cK(qnvfdb|I=&)mP
zJQ-vI+3^x76ww~+7zcur?C#fBizsHL*v1l@ZVRr5_Ky~9$J-G^I6@D0J5L;9+;1uS
zv4N1O@#}aHb6vVVqHY!LxQ1)ENwal`**yIG%SQ<<Ay*J-<QJmfPahavS-9hKPYeBT
zWbQI?47W~M#D@>Sn6ho!A`thsK91P-5OXU!F?}@^vhV0t+jO;q7TnEMnL5vslHOD!
zKeaqE=kleMlsbb4!7}Oll*SuPcV*hxem!_dr!u6)Py|jAg&27p*akiWih_^)e>Th@
z|Fbi;cQkz*D0GOw1zPAy-=n<>3*kgwy|n{X)m7?Qlf}aELS!Tc=<FmkB52WDEp!-C
zclo=@jK%%Sr&YJ_dl;EHBBq`t8fg``w2Vz%R)l@GQ%#lYNsP@^w5&ruoF#2EfW)$r
zl)h!VP=L5Yv}1eNgzwfwjIB)%N&5-=JQqF<!u2?Nt#<lxIrASgmKy#1q7PHOJ2;Zp
z%lu)uPvW4^+g?#8{Qa<BqJl*=>1D_}+jSn&EF_kRbvZbLWxq=2mND%h&sKOhLlM6N
ztbyT~2i_z2wL)uMxkShMt_H~OfeSwvpXx^X$REb$U1fHvl|Dxe-?fkZm>UM(PuiXl
z8$3(9{fu2U^b{+o)+4KqxhD9tD+lrzb0G0Uwoz6f_En0;xI(CNAm3X#aP08CAFRV{
zfqpI{Y=LXV#<+c-Gt3CvR)0X}d9Xqdz2D@k-(IE<>bxu^>s<sax&SMwIW$i?6)s3T
zy&zGG>08+X_S7-v{RVf7!30l35}QCH2XBxDkKfQgr0j>>55k2<w2D?cT&-bx$}*;C
z1sK|0KkkB+WE14aqUCE)dPP&VIrsvJz+c&JtCgBHZ{fkTed<pRX_l?39lKwY!;Y(?
z>#oDI34TJasVkUmPb&k(x&7#&S~nX`N-qf3#r7T%9CT~44pU0Y+x^X~dm|5{u?2y3
z65X|}MOyJU$$A)~Vpb*xJq>SlbIZ<R53$twy@aQ2M(+>TH~H1QQB5ul+t$a+xp-SQ
zW1$uytw>e#O!p-9pDlXWbKg(;{BYG=lCG4)cymqOws>x$K~oa2(2yLKt8buQW6Yao
zR)c}&g8*d#cZ{2_|6P_C-Y7&D2RWxz7Uik8R%9rQCRrHH71{}iW6Dc(p9lA}+sRHR
z8=<*ux_8zo;%;r3;-So81&Pg`VR0#(zAXO?DY2@PMLYxz$z;&uZQ1(RG<3ta!kUGA
zbLKuO0QF-&POm?U38ONYfJ7TeW}4(HnS7}l6H65_@Zk~CRwd+x+&h!jq6P?0!1mpE
z4Nn-1XIm*LirFy48JpKi8C~^W_zrCb^fvx=%nrD~AKkjR`em{hUq9CEk@7Y^yEr1_
znpPc_K7MhOEsyVSv0RGpFn3~0{KOP;Lb0Il_5@WAM77m)N2qS<F5ze`#i0;Ox2j(k
z4J>7(-gl)L=g+ZOUX~fFGG?s$;f(Ak_Xgv@KX>w}tF`OD`7)7RMLz8T#?hQ!iNVMl
zFsHlW#oNM@w*U1K@OABg5|4&X+lZq<N&6}=rutcs%~%<1rT=ww>R_N-e@ly|MV#{<
zmUwbnn`X;aYoOaGZj`%sFp<I7`}VkY*~@6q)Ah0S_4?Q;__bEh^YQhu<Pq>X_g$9s
zR2Ja#a`g3j7w~bgm7Ec=99X(2_pv5>)ovfK4jz<}k|KECw5p&<{)`2jxTN?r{@i+i
zC;oDIDHEI&&-$Y0wzH<k!lIQ30P^lBjou=`1GJ{tY_tkC9?{Gj=4CJ;H7Hf|dn_L=
z)JUUqs}NtjPY))r0$yve7{BTokdkv$TME#>e$}Gtmg&LyvoKXkw(BF#`O+*%Fy~eW
zxc!apnNs<xCw%SgwmiD}?C2)#>b+AW6x)y;tF%O?wXf;Kif66hG1zq<*8j0ol*<9B
z!WnQMK~}-KGQK@mRN+S1pwT%`%+>BhYdh4zW4GYiE?jWOqf#VG^Qm*I(%803lavyd
ztvPn|Rb{p!j-HIwUGDEBnouqA5aHy1SLVS!zWt|Uo@8&p1@QTCnJT#Pyt9GxrZgd_
z=LGzmcd+2tgKtq6Y}h@hy7MUbboSb-ji3uD48H@XX)i`G-Da@SM0ZG@_qc720A?0q
zu0r97u(EI1Eaud>Pl_J-(bqli5sg6YhJ+xmeAow$#O=r649%F{RcHBHt2<;rc$>X3
z-BN0Go1+J0ZQvR8h9JF@`d6(72vLsZPu)}6d?EypYs2o`IM8&?<~u8SA-7hL&2*U>
z4bbVU8S++@8DB<;Z^kbU3{~!_EkgQU2J|h|g3o<itqFF&KQeCld7OPdT@)A$zikO`
zKVJnrc|NQKoZ)p`FTB;dKCZ35k_<#!KSnyRK!^@$q$_GFiT=&?&C;I{DtZp3)wic>
z+VHU(YGeoMUysG{UPP<~_*qmr06kXkrqolACR=yw3+xfjEciFR5?b27%Gg`HdQ8NB
z=<f=)iUxG>0}4I@9zS#JZU;Q+^E;3Vt411=Wo_#9d)1t8DwmTd2;Tmo(~Nn$`u)h+
z&mT4AMwy$#nLbp-5_dxP_^aMhu0FygaTN$nblBEo<km_Kabl{DveFv1p7L%ekQGIB
zzb&fnP@qIH5ew;+y>OX8g|{+qMJ$s~BXD3)?dH2}TPZy=-`F(AC<~QNBfMz><gT5K
zrl!|S0>iPhMEu4J-pKzUdm9RFmw>fl$`^`zSawZ{60T!<X*3eEy*3nc)a^owAfKU4
zq*^jsXUjV^1j1d|%`9m<wO~VjU~?_8<pLUzMD`-|TL(04^qHyh&_|XDGmhcfj=y^-
zbt&svl|_UY*;(f+gjTw(?$)yF1ja^;wqm~Mnd3kQ7~a5=*B$b4E<ua3n@r8=o;K|_
zw`6GcJz0ctu;qpL6nm9!`Hp$Ejmx4{uxzd&YD71B_0dQ`(v~6QtS$_GEF7JXuu@M7
zMedpz%vRapD|5C`fmf}Ge+7F&xC{&#ho0&%?kBfWrm06O4rcVd9wgdM!mHaPE#y|%
zrYm?+$KJvMX8Ts-rbB2(5iK}*&?S`2#Z#UrsmGfRiNo%o+BL7QmocXQoIYah5Bk(+
zXhUvh%T#v%Xn{wx!K>y7S`g;M+WS`I<FUP8S4?TXv`Ov?&!p;#8oAT}W%{Eoxsb)Y
zN$k)B<)A7br+0PfD!LL91rA1?t-CXLd-@-HJd(jZfHkn4$<{zDnln%zO=MH6hEu)x
zdw!w)5zOmZ3;t!onGJm;)eT#O`y+G$mA?o3Qk2U^aqAWlqkf8+Z`*}96XrGbtV&%_
zHfSVI06fb%auqNtTG4{vm<GZspd%G-LSF&uF#4x#dym?VGZ4(8=)p=b5@=+jKc)A3
zM*T)ig70}yiAKvwfXG>FELN&X!iQ2MPvV!n1Q^s9idy8e8}qJc>jkvEvOBOprDZv}
zr>JK|c0L94Q?1DFNDcPWyXGXqVsxLBxq%VzWwT0)LmbeSEu02kgyv%JbnU1qXH9^9
z1Q_(y9B1lSY31_#4&#;F3@`0S+M)1qlnwo#v*OiyhN~<$7*zu|jtMP^&YP-6;1l?V
zf)NHzgkK2cmM39gQ4{jIYzcbm^Dasy7rPTy+8p92T=VfavAe>W6uRK-+00|Tu4A~F
zUf@`8CAGy7qS(!6?pu3Ptfd>C4WHrl=W?l_K79?VK9T6?)T7|s(U_^$#Zs!7U{P$s
zMLekXGVpw%!;Yu8JI5E&zDfz3;Z%^sk>0MzB#^?_|L&<Il9l4zuOsKFLLE1CZ&De(
zDs0Z<@MS>Y)z$c}wva;oEtlz8@?i8KTnZqbf<-zFnAKd0YeMWf4Pf%3oyXvkY7H<g
zvz$x*L8C+}Hu?<Cif_JdARPxeJXMgV{!2*KPL+cBA+emNHOd!UO<S1?*oW9(EmKJP
zHHV=~A@viy4B$fU3Qy_O?2H;AWWD=S?m@d$_7}U;k7^3UQY{g-Y1CFC8&slyr)=zn
zBi#ekDYFF0qeC7<&Nupzy61d+M`4;Ub}f7M#!#@vA>8D;o>HvW+A)xGd_de1&x*Gy
z5CH@kOJ5Z}zGq6qA>E%dj|-A;O5uuzIW*jglyc~C!S+)2XidBJeCH-f2Mo?q8OXX;
zuH*|Ce?=G@bR1EJ*e>>e>y2LWL~wW1{9T!KAc!C(R=ia+e!t>^m4BLDPg96Sa#2fO
z2_8n4LR1vlxCHR2@#GIPm<~tVtNe8sEoG5243hez0T<P_Fh$B(If1tuBV$nZ!T8s~
zpHuwm1y}Y2Kd#5cRjOSfqm8S~mqL~g(AINDVZXFNkn51b-=^#5<Jb%GwB7EwG;w{o
ze^2X##DKL&P`<QB@RM<jKeUa;hdyNgeKjvi4$o9l6G_SV7m-XX6|;n1_&~zCo_eRs
zEMmrC&uU(TSU+?dYo}-4J4LbQ?{{;aP=}E7tka;>(=^X8<y>Di{<aBzEb$$>U3}%K
zu0xkwi?GbQL?`Bsf(aXuR!=l~CB~aM8Ow1CXH6_-;LyH6Lg$sahXSe**Nc<81u4&3
zo-a@59lu>G*FDUdPkK_`RaHSOKd5jV@8rK@TRC+c=13t^xK$f9XWQUlY;rsn^VDst
zNJ%YvnPswSB4(9QY>I6GVop_MW?-a;d*|F09O9*WD|}Sv+~kJQ;Xd8nHD^2bnD0+h
zf*3cC*meWNji1J@7MYEtbg^iYM&3o8>pScC>-$M_5k$@%kR)Z$FQC+dVRB>&S|$5h
zzU%j@V1GJ}q6$RX8+i*$&9agyo$g*b<wWitIwzSZ#(16|k*-76W(uw-1}ku<qy_O0
z$J!dVHvIsiU9BEBbG&k50geG;3CDTM;p0q}{xn{1_|B>)F32G;^FZQ*O4K2$tZb`4
zduUHY3_#{hVg4UWT+lZ*@p3NSX7wFgGWe`oA1s6K&U3zvb9}dRU1;6D&hzh$^I&va
zj4D7*4Irfsklg^tYC>;1l|7>TlSPlee296CT_%l6jSmyKWZbAEdT!eH&PWewjhu2Z
zsR79~!ect_AuBPT@Qih>(3dgZs{t{q!5@??!B$I<`lQs54?V<Wv3e<&Agl57j(~^f
zI9vFPxx%I^E?@GjVvef43EIQE({#RL>L5q$Op1;mt9hyrBH?`X__~)Jg<kTZO%#4U
zRwqGP3My!h?$4wSr#ddTs)#x6u0Xq(k>#k9vvXfOD+I=iWz{fjK_m`^J8l*l%ujN=
zAuQ*WB)x!M64fg4Z$?9{F4h6=a`BsCU}UWurQ;9<E+l*CmHjmlx5Y=Nb@fh5h6h-5
zF{4s=C!LY}QAhPSixfA6&9wh7hp?fj{-TxwY$uQ;*zcl%g}}biJOv}oCD6sI<fe<M
z-g7$YccLPfQTs?Q4>Y>K1Q}R0BhUvGhS5-4#bUuiLn(#x<uIW+Fr#qUj)pEUEb$yd
zS1e4#ie+yRl(WaC*}+u@RHwYnaFQPF#+Trz`?yaxICOgT8CHLco(^1wv<Oaz9)^{>
zN!^x4s@G_0wQ8&}&8D$yyJrAn7Zy8N>{IW)wHKcn5M!AfQh2rf7r1O1RqaUf68YE9
zwyO(Vo9$2DfANbv8F5L%zv5Hk0J!)KE4+`OKoLx5n%E4yWr`H>epY%l+%60trkm!R
z?E*A2@W0G?`{@9B|Ba$11zcgRq=?{m8V%OXC)RC<MF90v=Fr4QU8M5nv5Q*#n4fVU
z{a$f^%4VfJwhZUn=>~sn=?&xL8`;Vya%`+#J6`gi%3WC8w>l-G_lOU2X_6;|w|IuM
z8DddVP*G1;Zd{y%lczevX~8v4MfzRGZ;V!R169(^KKr>bC56|m#MRHN!J>=Ti=SHo
z6NbsM!j@BNCQBa%Gq1#4H?GB$2UG@%v>(*zWl>kS8Ij?-3YN-nsI5kz&0gB!K9U#B
z`;KG8ckarJ@<Co{aJ}k|(a`Usi^Yzn5IBuKmhwvs*#K0A*pPY=3bJT)2!LMwfPun@
z<NAtrV-;C%7MVnD#x@FF`y}u@bU7P)H$CNdrXaUY+k2y{yG3I2rLjMW1%gf4PG8aV
zXStZS(HMdr_JQyMIKN?vr^h<b4j*C~I+tAwt^r+%!0i-WJf%^eH@E?m$EgwceCjE-
zFT#q$Fw<|{-#Jt?b0OG`(KV`QQJs5PXf#LZQ4_&Q$$7ulZ7@GOSwTl>?9H>c^4?s&
zmUdoGDR<|P^xm~E6Xomp0d8aISyB6F#oZYAs<ik@2@sTJ_b5i=$cj`x2E}ZZ9Z^1f
zPeXwYFC!eH)cuy__N)9IljeL5a7qeW^0MtOXPgF}i<UN{(9Q@dMe-k~iGz4Fho*M*
z-78|I+uMRSkRfYlkj~DXD()u9O*SU0o1%Q9rg>N?&yfQ=-H~^%<rQf<Z8vSz$j$CP
zdJ@x5W&EYQE4iHSXwL4H6BJO(J@GlbW|%l$_hTfaIz%iDdygm@Cr{;1tXOk6sTjS^
zn9Wc7z3(`mKlW$i=f=n4`AzXx18`lVAUN>IA&&M8u7qJ&(KF_1$o<CNkk2Fm$TtwO
z^_FoG<cF<2<%5@h2YwmP;Ks#v9YrK1wO%t}zx-aLI(Xyj`9T_<(m9M`NDRh%&>{))
zDs!kfNZax8?@@P{NupCV;$f#)c|e@BUAud1hj#2|%W`B6*hB8TcoGF*ob5)Zs#971
z?{}e8AV12_RNLKBOSB^(LQ_qi>a&pN#7f9?%oM@TlbMxF;*Y`JzzuhUt%0GMvGt3(
zh$k0uG`IBx{AE)jiSAx-r7Jw5(~t5e-bnAS@`q1}CP6p+vj1T+{S#!}cFUCh{2jaW
z7V#-2(6zlQ)fnLUgoWk`@kt%M%*S4jWk%_J7|I;g^TcLGp=1S4i@9(xM$%s(p&u7^
z;=|-huhZg!dZ8wyOdKTncBc4{pRSZ!d@N!;oa;q;yMqv9<(IVc6GY_`cW}WJ1aBQU
zwGP+oevhn5R*uOuK?U(cb&-1%ie<+k8qPMZt_Z=l;W^b*nXFh2$~19CGmak<i1gk9
zQM!`s-V&aFldO3%i68Tx{kCBl$4gH#M{!d?MAkEYJq#@`=|$Gpf_j?P*HY$Kpt#5x
z$HRga<v$o0%r|-vpRRmcyg3dtAwE(m^Gu9!>MkBxghbGXoART~nEy+mEtI53U(o){
z7sBnj4EWrQHoFs1Fra(>yXXb>yM%qwcDT`N13Os*W>g&r6ROOYA`9q9k6)>#K7#V6
z*luk>rrfT~<ZyK%A*!sE6^-foO?EGh3H*fx$xCdehyTo~{$g%+;QKdQq+rZ%Vc!GP
z!?Fk<C&UTiF&=ctB8^2~?XxtH$*@DleAj1J9psj>(ZY9v`7DHvHTz#jr~ui|kFB5*
z?I#`eZW30-Rno?0tDu&dA-Mf-KdKiqT$X4!20kA?C0pj&uWCr+vwyQQDs4&d%4($^
zo)RLQw|}Ml|6e4O%OX;_K+0`40Jw!(lfC0T0pjE)4-dSBk;7>jXS>GkF#3!<2b&=|
z>;v*9_;9ktaGUs9)os?<ovmqR_hNB!H3UZuDGIgH73rJ5Oq+pfvSjv1!HBbP8bJIC
zRZCjJ;B@~}YRf*sqQ6vw51$!SrxR=nqpXXnj~MlhiozmWi@4J^%Dn$JHEC1-zK<Cz
z7Wr{K8HvQ}3^&nmcQxfkE9ig>-VvE<Kz;(JgRG<vUiL<~luUkPp?@plG9gGI&8Cg|
zJ~d|4B+nDhvGJqRJ~(G2{jW<@j{xy#jGreT#_&^|ae74IT-xE=Ze%f1nD!wyTzP>M
z)$7WzQiXOIY+%NyK`Qg><UxH_B;L1yqNjlx_HW&M5Wh=*{6d8qJptP{1w9@1a=_u1
z?~{y5tgxbMKk~@a6rWLmS6}MSBbZ>&f0VHy2jBwFm@Voh2Xg;G>C?Lc`hI6yMB}|5
zF(<Y`8xt`@p`x^7vjAGn)jEF$O$~GMmnm8t-(l-loPf+>bAQi8z~(8~!06KP+&_qX
z966F#(sjqP-43WC5)OmewG=U#Y|@O+WAxQl&+@FWj^5S9Bw-y@*p@}FHKlJ-^|xfp
ziO)NmOF7J<UVtT<Qg&%(i$dNu=~nqeQ}KfXtTY)}T$Q?g+j}_YHI4p*5tRH0^FUlB
z^BGlG-K7~FM=+&?Y190qO`$WF!GPD+2T9nTk)buc4$3-t(v%vbK~q)su_Ejn7!9Hx
zCk8f!Z?_OnoKMU9EW>yXRRwEx>bCaD>Kw`;Q9|T?1EWUgxp#25&jk3Hv{4AYafrF~
z-YtobLXy0XlIqh_ef9X#^w=$t@uky!{rKjdq&)N2_O5L^COZ6N;F4JX1B^1Sz6jxN
zsA3r1Gya*maK8><uMU)cLE!7)m-y-76H8@(>eoPxI||=i+}r!c@tmf7L;Z#N-qDrp
z0Ix5Cfg{!S9p6~ilOI?Q6Ly*=>F4f_dwCyM=;`5kk$hb{4babjXaBfJ(6lrk^x(>_
zpkCT&h2C81!}7<li?HM+GAX{OgZ5~`w~vi)8R&5nTk8jPX~K`+axZVhLE0@)MAe(;
zDElQcA!$*_svQ^+c{z$^Z67VF4V8bLmB@FiAM>|J!h=$n<zq=m7N&nrc(fhArv%&X
z=1ed09$NU1U>6&NfZl)9f~~Riu)I<hyI7Ka;HdJpOp#Q=y+ydBNC0}$R2m|~ytvj~
zwbHvYL#3i_l=Q!heEbh+gS%V<gJ3yX6U|I5NuOhJvtPR+ma)<%GP46rfjCGRGLs9*
zRiyHn3&#Csdn%1liF~d`{#?+ha5R}rUO|Z2Gf?>$BCU&@(V=@BZ?2aV0WI@<oax%l
z)%H{cu3UVEK1Wi({dxi20m7<&r1|(;rPa)|U*}iId-eDm_1_ru(jH++&vuw8I0>8_
z_oMvdz+HL@bMQhrf_UTaVaJU(P14LY!ZAAvU;N}fIU$Qlx9}Sw)alnL!eXYJmE?6w
z;e^{qNUC<nKo5HNIVfHFjX~)?XG8|+iGRF)t8c!uo$tl-g;7_$zKI0&&OdH63Fqry
z*OX-Rt<!;wLrb8AHUVnJyvx-U&ARu(t|<ZI&ink?E~VB0D9hPkVhdm5iENv*s&rAz
z=BfXH(@%d<8VB*h7opu~;6rN0uq|XK!KDnD+jm1D56J%HLj5<;l=`PbekPBJ%J1P)
zwxq9mf#Bue-05VKm!!NfM>xIB9Qi<lvwq9^r>vUI(25X6UEG9M`}<%x_Iz72jL}*o
zE)Om(^Pc7=jn!nPM3x(xO2Bk&khag0Uexv`<6~1D3^^5Q17^SQIucrc3?CD)PR4h)
z63PHKajHfK&>mQiX8yj;LCY0Br}HMd8SfaKMaPatj!Q{OV9JnQH2ghqk;L;J%yWO&
zL(+#-Rs_9UCuOdidC41eq)*2${nvcCQnB(e)Q`2Sp3&nEhz}A`PUuf@+LlT@k{stz
zt3x}hqprmw)0U-h9jDg<#vbM<u1NHx@dxaal_A5?v^7{`3ts3EZ1OV76*-;}VAb@L
z6^VtMg+GR|W_mM34qOPC5Ml;>s9=1pfA7&sfr`>%b{fu;{v?9w22$5QplJ>86r!I5
z(<_g`E(2tHnU*|V?oJi^b|?vwzG~8?jGk`3addI%WSly*Lu@$i%_rj^4Y9LVn6Hd3
z=jJ{myR6oX<A}!3Vndv?XGu`6^jjnqzk=MnBcbtpP@NB256{zKE}h^kg&)~~WIuiR
zdEE*tlojRnc;1oI;;OWZlk^C1Y)8c3(R>j3MJJO>%Wj^WRL$pZ%L<wHj2B0)Hp=>l
zd_3QT2=*k{X6MripoEw8Gcj-<nf*pMbAo&sG++QD(rS9suV7H226lW*%YUp1bwMtj
zwAT~;3><xo#}V3bXv%eBKiJf5?N7$#g-BuYQ~g_;Vv|4<XxOo>@<|R+q%QgKWmX)U
z@e6r6`bYQmBqv?N$y9?eYR!jw+mMBwvD~oc^IaUnDHeCH^?P~GP(xFf;!WJICyBMJ
zNob3k9$1TpbJEL0RaqYZ&ZUWW+SH5N>Ov;c7K%kK7AwRz66K$Fn7m{~?Ka*U`P$D1
z7yNe{F*7P>>0)K?PmFzpNBN!s!fqm8I1)eZX<Ks`d?P|rcv~3lvb~X{FH$Hl-u8?j
z^^_;N`wT!+l-rWstKhP7a~Vso;j{7yzuHc9c>-sDX|+CC*#FP`lZ>!l2@X*#`8BmY
z-1j&~1d(r3AiS6h4p$%z<J!)tQ~jD$#VdP=pY$qgS5rW8y%|III!sp}5rH&79d41z
zFO%>|3*BpY9$ZQE&sB_^+-luKgvxhoY7g4X{*xRmRknvfkI^r;4YA5;xdXwRO}>?r
zogzhmj24F?MlG$@VtzY4mTuMAeTXJZ@AE%$#=H5~B6zJC$y$9A>02c_&+*fHy#P%A
zn3r#@GtB8OmHb$_at2S&PCI+K;;#Kx(x55jSGoLaxImD4nv3@S+;zCIofdz(fm23W
ztzdjuRqf}>x|aJ?TH+!f0bY7M$|j2vTeJ`3gfm}wFhxD+9?+;B)I`v95-PT+8uue9
zD(E;lPe%R3tE{m!_l@$TrY^6Z@v}|;Yvb;S@v~O(uM`kJf>}3g^025W|Bn`V_ot7y
zm!7%5%}FC65Wn2YbGCKhFa^8?gqp3YOZ=;;%VSQNCjV1+f72?a2S+jH{t8GI*zUfF
zu8m%F&-;mx4iZ7Q-RFaTqEl#n@nJ`6D(F?NAvLqYp2Ydl0@Kxa!N4^!*DAv>OZf7O
zx)q|wRSvz@A}{K41MnnbUFww~aN!a1jgx*5O<27Or{=$`Z+c*J$TLpnvw%z(1M?Ya
z;9c;eQ#m;cZQdpjJ$!~!A3R2rnZq=1lb0UOHrY7VGi~J>hg|{tX?H_G0pIC&P&#%>
zEO>S8pSizkxR*0RA#l-_P^td0o6K&(2~KGjlEV)yMVwvmtED{|WxXZtory2y+P=Bw
zl!Z-geyTtIc@rr}$+Ob?Fmzrp#^X<E>5@-eU3+LcT{w1@A&}yh47SM%WVcKjP4SOP
zEXQq5B_pfsi0DXv7k8w*C<3KY6{c1arc&5ZdLh;nZ5M?hRDz?|yvfEoe@(V%m_+c!
zRcKVr>%0#{Ta-_~=@2M?o!4@sZhS$BdXyY<iZDb2E*PsZY(o#R_$!neh*qgZroR$k
zLhoU()%-_x9{jRVoXEoZz+3O9VM;GxY*Qz3K{SX)e)4NX6hp@5X8!$K&AI;}mXm!4
zr)$NjLEOtop++pRM(%-C3(f>upNBz*QeE!ezV=iK&mbdtbda}v0W5b+nZ~q!G@Sy^
zzcZ5l(Im#t)Yi7X7uv(NKETBFd(Q#Cey9ihaM}3lS?9dUl2>dE6bH{Pg1@c!!qLRF
z3IDN%bQKXX^ZV$%MYPURM&oPr5M4&<QQW-TL24xZ{4oz?EH;!cs{7t5g|A=#^^E2s
z=@X2BW|mMcAoPUA902N#M(%2e(>f%XLNyCS)`HWOMn6gVoV=DgP9T|WpY0Fppt8wl
zkNyvb98><hr|>?nJACJP&OUlyo&R*jir)hjocf~*Ma~d9oXJ)?h=Xb(flB(yWVBU+
zVZ)2bK?pilbE=Xv>=Rv|C|?ml$fWfzLpLCO{3XqcVj|h%wfKT`pyYi$_a-FQeR};v
z+2*$4(Z4J!<Dq>Q4X~*;;n1Do(*KQ9^AnzZXSg(p<<jC44{ZN+O~Cv2rEE_64EN|>
zpYyO<6*|r_ENAqP4OuB#Ny%i9^S0g%_Kdp>*%U}RU<&{GMlrv0_aU46qCJx=-4Tu3
z08@WJsH%uT0cJHIg1i$$X~WMU+rSHkYwZJ*RY^TONNb9$m=7C_@2y{S&cv0TZ3%iA
ztS6*1M#x0&5t^h^6I`&Zeoc>Z1B^Z-{-`}}qd|h++Od}z9=9>K(9X5q_N8ccsaC$m
ziAi7gT6ejDtM5O7W=|cRxPAs7Lu%K2_I?fSr9*A=-3JWiIhK9CxYa&WkmPtKMtU+R
z#{%$%{A6!=Rax>hVfDv_jaXfesUGGWv=4Xil0=-3J`*6g;-A!;K_Y!Ru9`taY{!0<
zkK5u-X9)FInw(5DF&S>xHmfO-70A$!dBmnjUNwj$!(q4_drY1Suk!&TIoL*+nrSG0
z%@;kJFAUo)C-^(USyocW<ylH*GqQ8hRWaok#udBGbv}-sk{Xlk>8-Nkoz5GAF??$0
z;D$kxagn5V?{cuDQUpD6aT&d+V>z!b>ey~YBBYU{-Mz*Yn7pQ&U&y9!1$wQG4kM5r
zS^2k~vUKDanL-wx^eo^z==PKib79pCIs55d9qTT-9K57wgwWK5DPu0n>+aXFjWjyO
zG#_`j*$}UCqXFkH6DlWfGR8k08qqUcOwQ%*Vf8P9(QJn9nYJda&6=%t<h%49!9~R9
zPX$qn*buhVIyiG8Hh5H|?hl+LoyJPNcp(du4Kf{?A(}X1b7rw`@gRmS5CU$38Dgb6
zY5W~>7;=O+#tZ>3${gB`r!r^G{66bEBy*?^$ry7$K2qxka||)^Zst(pAYFKOZ`{sl
z1S%k2>qipZJJbjr6x#Rd_Z4hxCyoE-)c#-&b7nH;M9V;IDPP~9LCM^q-&_;o=XH3z
z=Kx~&WqIR>jb)=Hi28xcl(Q!s-gA;86yEbkWZrXoBKKuKA$)iG8-AkVcEi7>e42Lf
z^8g`RxI_t*8i$2v2+nw|h^>V!c=f!=mu4eTx+**t*zh;amB00>oE2*C+kc@k`6Y39
z@mP)K2pHl<++9b^asFYTV0rh+T4ANDl>vFs%Npk2V_IkaR-UG5OSu8|2eku#_L5_=
zn22Yv$85`6KJob6(!vsFo2`&QO!A%`I4FZtYkER+rkZKY<xgpH9~?CxXANn^pRSeq
zx(OQ01K(5V82^O+aOk9M9eAEF6yLZJC^;k)Tk(BqZ$KAOu+$yRkh0;3mK7)9WTccf
z;paycVYAA%$kJ6+iYAbYUi?No^;)IWU1upn@lt0w(R%e0F3+lJ&*aveNs0)crC)>o
z538DO)=|DvvCGZaY&cZ%FeW9!Ti<ycLYY=QXl-tb>4?U-xNBx2`qRpMYzn`q6-@D)
z`E2wNx50YPTi^>=;C5V_h)NcRnRMHJQ&1Y6K9Zpm?=O3o&#Mn!S?er5B6LuJZUtvi
zucuXlc@sd*uQ?EsI1~*4l#*S;9SaALNeM4#<7y(}V}PY4uVmTU+D#gHxPJkfy7zl9
zAZu%FfQ1&X+islt8y^DX`WvFeu^LZhg$;XYrh<Gcv|}`A*J|lm3#D#Gi`OxJ1ibzA
z5)%OY{R0G7!h>8q0LrLW6lBirT`ARTPt6Fb=SXKwa4PsXY^w#M`<`<@`$U%crpH)A
zYBs3I<N=PdCA$X5bm?V4USb^=y2Jm7gcfgTm>j0>`ZQo#Xe4%05j;~vpcPl>E*ykt
z$+QKWA59!gbJ!EjitXxE2g80-ZfV2J!Y>ysUI$&r8i0zd*Z*Sgt%Bp|-flmOSsF1j
zGg~ZK%(9r787*dJ28$Ui28)@QnVFeca>nof%~xL~b&`{+bCXmqx_f52rD<KLpJ%VV
z)^Bs@x4k}ALt=<9=>Jh0W0^=hJUKNy`khbDvM0=<M=Js}=)Vs2SS!GNejXhKa^*j+
z3#|<zh9vlf3X`|d$Z)_+A6R+IL*SY58ATjjb;Qhiv2$zqR-<AM2hb)y=+7I4A?_u@
zOhsLyOO$Eost9q$34sCfFRC;WtsTse4o_=CDEyJWpbm!^dnq;So+#25zsz$*%8cX#
z4(@*<rd1=i>+3P#vNuq@K&94fdap8)Yq2QQ%X}X518P*pV<-ef&7X%PXRZ~mkXua?
zj1$AD`08k-)9%#7@UXId&~ogH+&)_^nvPg9ZrUwcE;s6vGP->3g3Y4&-m!R{3-s_A
zYkSS+PuXoDoQKKvv?EUA#!dmGT3Ythm3zF{9qlnn{`f}^GeSOXfWmRaj%mco`556^
ze4&WxiyZl{%-xU9>+h=9z1CJ2LdN^U!%f62w^=!ON%7(3_tad;WH~LVlXU(c1cP)L
zfk)o97sO}NpL0ZZJIsZ?RZm1g*b!qViwT|D$yV>f=p@<t)EJdBzxv-7F_V{p0<09B
zW<h-X(>oK(Ed~K3Dd9X0pL{EGx|r(_Cn%kWeu<aiXd@Kqf7h7lGNqg2TGq(ILl-id
z!|geW(weCz`^EK|Y2>FQb<iw!%VdB_>{i+ZvP?tS%p@xz)tc~(1le^oo89&n|HfqP
zZyiuMET?>&vjxAIg<r#Soa5J*m!1Yk<v9F@HxNDD1k~6RhCY`4WeJSu-*^BIogn#}
zu^wH4zn)?>uk1wLl$IPcRqNvBtc)5jI-PrS#NuHo+s<GvqCM<uCo*&q&Ymgpw&5=o
zNZLFN?O6v!fPbnHiR+F*zewgdn*i#>O1t0FZLU8->zaReT7O4AavbFiXNxw$NE1(s
zTK?Y%zn!<j)MoH6GpOzO6OHt>z4&A7{K&v->SrASS1Y_R2>fwI>V_~b3Xo|^<{@LG
ze)U8U!wTxbbndX);({3Vfy@Ye;8_mh!_;%&T_XS<eCFTqMLK-vJp>L@D=4G6C|rT(
z`tcG|jfDKL-fs2uqP#bPvEFd}#4+AH>fAAyhsX|70Ys-7e;!2nJTddL@%_Y$&5U9s
zr@y<;a#5s!Eb{aJAB1Mv7fKB_VI9D^2XEqmh|E-KUK^<?d<D)oARIuE5$8!P&xgvd
zHqcY~n^q{91jb^=nSqS2Zi4c+qda4}9zzazxmE~%KxyC)X(65x|2O(_UD!0ri})38
zFrl^M{N8_hj^LgEC|v1lZ8rG=t+URBUD_r#I;qQsP~n04!?Jg++pek4mx(J%APL~{
zeCa2p@5e=k*&nZ&k10Z6=KuZafw0s4^L^#F-d4`X_09W)-R{d(SIUIp=AV-%v#wi?
zE`Nz^fj^%D_LI=-nuZkr^e?Gb7ReUd%s=|xkyjw{MgKN1mn4`^woDst7UuAgHd<T3
zlkXkPJ@M!=bO9WRI!_4V@g!NsGq9l<jG$D#n>j11BR{8?1;*TTnp~`hBj$lEjAPEd
z)%6rx8#pvO@f)}XxnJ>(713r>yibZ;So~%RVweNwisX|`cg^e|7t8|o-d@DY><mPc
zy0|16xo^Mxm@?EklArw2hfcgJ8yO3&<{sfa(yN<+KW;w;m1}rg7YUa~?7dGdL@a|h
zFzi;M_21-P3>j2aTL*nb?OAe2nW!&3!Mr;8U2>>1q+N&(de!~=o+G=(gPzngx{eh;
z@lJ|tGoMo8joSJD?NYkVL^i}5|L@e^PD)RBvcYeLP=5vA%m>Ng=FN1K3rBEn+^zKp
z{;a$yBe$YrFd3tLUZw)WV=ouAYula>?uE4%&3XZTyNKPoHGQx@S`aWaA^>1&)u?#D
z@!V@?&ThD0T15%%Z-o|g0oBX@hY@fqT(B~~_XK{(xu+R!?MLusmyTUcIuRO#f01qh
z8C((D8eE2)IO3P$Kf{*?TCGb}P^n4!(a2(^8}fjPLrZEF9|~!M_K8`CEEg`FPM76J
zf`D~hZCiQ+gn6>Ge}*u>QnY`(yY#djIpyQc%2+|$;?|9Ss@8-?`>D0lq&A2;z_r(#
zOy1iIb-O2M0|qC#s&oCXX8c<cmb;gZyRpm7;4F}S)EoI4Kb*tkt;Np=7(^bMzry3K
z8-#G=3nN^Kh2ruzF3=L$|M(}LhEtG*R5&B6f-Lq&2xr3<>W^9<Y--Y0cfp!bzeCed
z*lzJAWk$Y#yFAb9Tbo^=9yNN-En`ph80|~rHu-&Kc2L_Pdf>(a+qe!E+7lg0=G<E9
zRQ37(S$U#wVOQnn(ZPt`+}3AUu&J1rNM2gHBXE72ZEpmx9km&kutqSJud9fj_Tp<h
zgU9AP=UU?R_;^gfch5GV+!;4SpD$!HqBc&j<n>-ZFt`gK+`^7yc=Ha6ISWm;VRB$b
zNUs{G=q!J@qL9t`BGd-~c=3ZW*LJkTr!cxUgC%?cBCma04|{Va=ap2w6e-5*XvrGF
zXeW?ibP!c!5%&_lrfy{S;>ai3C)+|gN$gWN1B^%cul>oX;NB-IGrrgCQ!fwX!}V+-
z!D-I*p}PMyG9%-I2TQ%NFYVW+Z{eN|(f}fnzCubNrTxz+zKbLE|C5TZF%T87b;kF*
zFC<A;>1pZwujR2SzoSM3^jAMRg$=I-Gt)##_DM@eO2>X0os-pUark;AR4W&>)#wTF
z7{p}-a8eNr5bcKxXc(EXNHhoM9X1LyzJp*S8*7QMi``u##YtD#BG@3CH0Oc;1{B@D
zDGQ001m#~`6U9!j5Mi>n(LBG%*D7Z05iv$<7`RxhCFh^vo%1VZZPVpSiGMqIQb>d<
zPF5WV2Q|P|-~)k@cPg$+v$%^%53uIdT%<6X`77VT`>1}WO_>mgfatO=+j*M%>T`5(
zi;8QgvPVHmW=m>!99Ll+ZRB2FcoPjf+L%FC{Pd3V%hqG7L2ufgjUG!@6O<ev3nLs_
z@hJrTtt~W%G62(EKiwetxnBjL^MWKxt4Z5w#Eo+Nxy44+9=@chitWuMNNN19`C(=p
zd{^+$klONm1zOuBN!Kw++xDKS@{Qf?C$`Ri6LWP<{}prZol=2fE&>?izOXAaP|S4^
zfEaHredDdJJ@-^M5lph7MGRYc30ZV4xA-OIBVhopR(Ec&ZW(orDmSV%RWOz+POJC$
zZR2LcWJapGpn=KNjL7R*{pD6ZdYmAv^dXGH6b?kwNk9?72Vga^Syc@c!TU|~>EYX|
zSxvMa(#@??>KKwt;kUl71zTh)n;`D~@}4K>L^zG+<xPs3(B{27m-S_Bd-kB3m1Z@6
z%PQn_#K&#@rd$MQSITZZ6vcCrdh(r1;L=S)o7pu`ry%i~=#Ss56?XLl=IGkUWVBGE
zNc#x1SJ$SwXCAg|0+XtK5F}3PV)DrDPSZl3&@>UiKct-byYWeaw)0UoiJlXq9D+b6
zu8YmM7ekGM1_7zq&2bDx7lugu2nniKR2`2V_GitmcTM{Ydg4B`>q2n^UVNO;mX;ZV
z1SHs^EVpkko9neum^a6Z$F)$QE<p^^=l;vDwNPdOE>>VCeAFG}#z=^iGl4^zI<|&d
z(6cmkP-PJFU`00jubBOZ@qC=rcuRjL>-UQj_@2vo#XWd~*bp5I3OKUYb?6MVc+=%Q
zCc*~u`HHb_Xrb9akOpY_2WtKx_Sg8rzg6#~_I(-+tlvDQwKWT;0763ycCpkm%{12w
zfj$d?;S(!eD}}n9PO_AS`!F9{O>HU5;;fueq|Q1h)p+a81FUC6V#+JI2p~S-4%_s^
zq3%<nPZA+P#8>g<g{2J--W%j<;6l>9w&<Q9jJ`;G1jOwJebI#j1{*Qr`c)iX1yHwW
zL0(PVVA2&qS?~4+OI-cp%Qo;w=9+`B)YpAH0QOrMju@p&8YDp=pCGJ|F=iMBGn8#M
z*9qO_#`Grk+)#~;u;L(ehu<|DbAqmzQr~qsZt>ZS2$OvLT4L9AB?Y-x4*|Xh4uxCb
zQ)`!!Vyig;wPqvy3~iv<FaUW^gPE+qaP(5b6gD+c$Pw?w?J-<ZJwAyS88xAd05=Z>
zrP$n9OfumX<~E*1bKOxRvrat*Siysd(r88Wxam)*69y8A;Cl6Wy~F=b*QQ8NvoKgl
z^@Ed_$UyxpBr6F&4wpcrme3s`cuK(Di?c?c#Ezef9LA>mt2D4U;>5?I5G&28J5K%1
zL*o(+yWSzN5Zu?Oc}HVe1?n{>(s$wh{d@qhaOSwM;ej{@KHe5cZd@i;6V61zzXJ8u
zXxWU<K!QegNxJNu)J^#FZt}B($q#rC=sFFh$vI800}F!~+Sxd7(=vEJ=A#2=?xS|Y
zV0BF;?Qt}fFvn39*hWpZvDls2w(U@A-7&+FxwMLg6_`*j&82k}^T4RVAU;~y7cP?`
zx@ye2QYA9pAXX=45Pl9~@IEt{8{URf3V@E1Q*s?-B<X4=X850tW#qZ$3D?&ZK9f$9
zqI$!Xbz?|DV-8Feno)9Ek?dP?M(-Qv{ggUhwf3qBs7T`h=VKpjn`_VS);=F92_m$r
zi>599%oc;QQM85Jh!W4(aFNpC<a6zOo%M#!IumH+efID8=Xt95E&`(LtY3w4w`sr`
zoqf0SjOQBh-LR}l37)A+bf`;BD2PcHBCNxcw)w;SX^M-K-viV#EwX*%=3I*oExC-N
zv=--$+Kk~Yqp2HNA}hxw%*AX>Oi%4Shjl9|(N%9-eKryk@~o<55v!TAXx$IS&EF%b
zxnSyL_6>Wi(_rK5B977VCJI1m4uZn-72fw`ZagS}LbFi}-To`rKT@--f>+0Jdg3Kw
zehO%te8_Nh(&(5H?_BF^&z8#i=5;_S&V`51K3&slO3y}@c{*U^4;*_HiQ#}w^|!$(
z$u1EIW&FT9_Dp|kbcCm;?rzff{7F;Zu(K0DuXvIWoND_aL|fz63ZxPZnyR32Bu;~k
zAHca9l^pJJhN6`ZXZ@K^Dy~a_b$*Lxg)YjUT=l`Jk^8reCZGEGP*lW0=0>gH%+3ol
z$Cffo$5(&GmNh=#o(7aOr|;$l_sn1JD2a6yGq9O+GykJ5Ka>MS01eGplB(u^I<ygb
zy8L;KQy{`=knSrtgVH%$52;E<26sZkenKVMSLUJx^djY9Lxm=*DLc$|C-X4JUn|o%
z0eZ0NU$wh-D6HE}fDEVKkNDE9t+49SVW^;!iTeReE|V|vTXz{?TLoZF<hB0QGybfq
zQy3_v$es!B!>23QoQ<TVJDpb?P_As=kcgK|eYi7uA+7~|2!vX|My*ZA=a9yTU5tlN
zq9CJ;B<eGmt#t$OvpNKwiMq>Q9N3@j*~TId$WD-2ML>@74~%!NoqbapLCbLz=AN>t
zzqTroGo_E3aTZ?(lAJP&<@(kKHgBQ~rDkd;v||6yC@0`e3Cai+8yi~{7i+t25xD7r
zy`?MH<L6)aMMXFE5v<R+G&6IrBEBsm+dx5$&$w{<tP!g-kxTwiSj!ZGsYFEheT9Fq
zL$!{+4B_tR*V<e!$6fzeG8vhlWU`S3Zuj<8*F<}kwU6wZtYZbQGgAB~5pZUHj?kbr
zssmkg8L9}oDfoY=p1-~#kN(SY%0(yOc}40x{L6AmOBt+T`i<faYNkjNh=M6(B!i=r
z0NV>PE@3EAjY9HIk0yk@Eo||G2>>R*ifZrYiMNcDUy`j(X9K)nij1WxU|md5I8*TW
z*?f`4H=M@Tw8Cx|NMDkQGaXcqR~}l%x9CJMoo;;&j7dq;a%hQ@r<YRF`BKtCSZB^P
z%o``vG7msKy^Kpf%S~B!%2XNz*du8#)974q*RWZe2l@_xECrQJz4Y=Flum=_^W2t+
zryD%#!?IY8qxb_%J2G)EYfku^+MO(gn_2@eYb-)s9H@bz5U}enIsCxmjGtC)cr3!6
zQQy$Z^7QNh=<%5blK~3>qUIb_p@PVn7CV2BxYgp0>%&uk3Z;{e%`#x@G(;v~CsS8T
z3FY*Tr~J7m7>Uj!rY^8Q)ducDR(SWXrC<fTF3F?DpwvYCEDHSs7GKo8DwT=%_>0~H
ziCtbIsrz)sU4YeRX}NRkvdN=)aYGs>L|WeYCeF1Mmu`sN9UL2VM*6alBu^e?7H5%5
zA2lv9%GWqv$HL4l*^1o0KHbeJkjmP1LTo}evSJoLD^5sirP|`dD-uR=-I#V>aQ!Ax
zL(;v_UMvxo5@W`IXy)*CVRxhh$1d`!Y@aP1u+^x!1`UjLoA^zO_;r&TDn?DK>&q&M
zT)p-cQ{G2$r}OP@XTlUE4a?7gU1Lf%Pe$067wzyOs^_FG3%gVJ@|<rY1tuyFQuKw~
zYL1`>vZy?mV^Qd=8dg}oyXJkt;xdv<w#cDL9N6W{$yDHtQ~kvUT+d<t^Q=kl)`5lq
zGU8R8L#cqNPJ)F{)L&Ja(zt%#sDz3YS$Gl=6l48<q!|D$R}S99CQoujomK2mmfiBI
zRq3}X2#wDr3lX_gH@4^kBXu9M$emX|SChKhLT>o0{}pmUy}Ds^AP|<m0w0j?isXbT
zLT7DR(SE5!hL+hTjtZhqdx+~LEjJoTE$`Z~{r+>J6LRQN?m%o61FaIy^#+pP)WId&
zGA?assVZ5@4GtSB6${r&@))VN&@vBz=~u!FHtkA1tu$Kki9C=hK<{=Qe{6VJZDHnL
zHipt$6{265<fzf-p2WaT-Dx19*$d4~4I?2D2SyS05Sk(OOQSyh@yFmOwKyn<IRUEq
zRLCEa^$<}La`U#3KWGshQrkk~az)y4L~r+>ZrBat!s0PhU(J*91zp-p%kq^zDvk@k
zhaHh8!BP9*<9{HCdh3|2rUU`DmX@daN1xb}Jh6OU8J-w>!&^4npq1h-wd6jlN$H1b
zokEW*yOjpg9=%F8S0Q}O*r)WIk&IUVqcYo5!M9&=26s>2#Ws}&u7S9zM*=8Cdo}Du
zhI%4*)8~Z3cJ=ehp+4fxP06tGg@V6er3+OrAre#1{tq?evfj~hI@WU8v)+mw%r{<_
z0Hf%XNQ|EUrXlYz(jdO(V*4_KC?Zl(uIq{|M~^`)(V4AIukRptvUp)#B@r1oP;Kh}
zGZY~k?)^tGo~k6bgT^}QRc(v%qtkZ}B+#&72$1M+_Q^qgRmMTKgu7CyTdB_hG7{#2
zC=ApCeLe=#H=>HZq!t9CZ6%_M#);VNW5F+{p!{)+I|s9OwDz=kaInZxhD<~v1JA0G
zMAb{RsKcH<-aUCgIcf>Po(q;^{jcfrezS-bep_c+4d_ej8%!9Yn`hmsIN|*6V?*45
zp9Wgjfb371NMS1y7g_YH_ArjGyPCi=x68Zzg=cmM?}cZWpj}V+v4&!R)Nu15AturF
zEz+hQKY)>D6>&%JF^?I{N(`N|;0yw$^j2S|NZJHSm%+w0Di^bQ;s7jxfNkW4EL|X;
zb0Tz%W`Gj(ct&<PL)W=Ku`B$2SkA{-5~{LKa~z2~MK*KvGYY&{EevL=iq$Czk9=Kf
z@l}!4vp@}&G8H$vc}HgY5a=ydLAI|;rYhCobHh|1s?BNW7{K^tW>6jJ<2ezO6}+Zz
z?eDgHKlV-N>oO`wz7$pXM>gvW{7sNzrZpd)`<EJsItX7znJ~89=8kW@KuRElwf{bl
z<g>-eWf$-)8s|cwMO2lbnlQCIu>FYh?X?naGB1Kt*+OMa6MY?A(<GkYSCGis#R62&
zrhP8$Fh-0NsaX7UkM|uNZ@uEX;@TFxNV&%~<xE+~B3`BCyV*=xj4FG`J97E7xk@#$
z=0b`y@H`Yjtwgh3Hu=jdeIIP?eu~@*Uv5xX>IPaqMd}*(S)>Ff+r?$kiUD_bn|1YI
zUq?B$<HEXY8`P*n0ZGU$JB)_XH=Pz&WGDu7uwnRAx$ZN}gE)C|;a!$p=g98!dn=5K
zh=bhVFtzfT#HH;sv;!K^b}@YU;axS#*~x<5vs4c=w>9DChvQ>W^3pyxq&;($nxp4b
z>F&0;*cRC5svlRUXE3*)A55i2zIOy-Wj)X?yj{OT^fN&(vM0*?f0gh_ZDFPs_RoD%
z4|DbF)@y+TcWI{GT=JUhnyAGCna8xxk)u+Q^sF$2infm20@>N2S|I7%K7lpk<KFOG
z`^S#oze0V}4C33<c1Vdlrs@q57oX7yi^(_Y`VbLU_<^QD#2rBw8S!(#0QliCRYXjF
z$?)5ZLOsC?6P{?q(k|`vAoZ_uGaUh9w*#dCtBItBa9nKGQ_JNKrnl(}#j815kTi)i
zBsfJRX4=%6wUb<CfkhtUgyllE;h=F##|VHSNt=7&wo2P`dIAHZ1@XAgVSjBgRfR^W
zNAfR~*k<+ElGf0Z`U3zEWa=|N6s3um8WZwJV0$J^wRASW8mdSaFuxgEysNz`lNi>H
z>!pY3X=BHLAWhc3gLDD3rwYW9G5I(CaVN`>cH0YU0L_O+sKE!Es0!P`h-fgcVwhLZ
za&F><y{kMz3L1H%70Ch=ob@XMeyNfE(wY9CC9bytz);gMQB4Hq3)Y0xK!Oxy0WRRR
zHDQ5Jk%meDJCU>ny-0i+Oh?BwRwgvU*(D>8NMLl{7du85dBV)hM^QYq3^jO<McaRm
zHI{D}=7nYGAtMtTe!~1c{>jK=+yl5uQ*5a-LzF+^dB|GcOAA}Z5LQ{%Z{9uUiQ@Ie
z73lnHKJz~C<9bN@WqyzU5D6Yb9GWpL+&KsrIU|U~Kn41RoDv)LjIf`XG;O}+>?I`3
z&S_#=aN(6Yd*=o!X~wDmkpy|rkKPG4U-5!TAUsomj>*4B0uql312HG`_jy&$Ew55P
zdl7r)+Pr>oV)D3Z2V|6-qV!0|S52%~XimJfS}cy$)`7!`O7=OgSv2;gYHRvoYIlvr
zsm2N|qzBBVF(uu)@?Mesu;b&l?bJX(_sk+|vD@e7JoQAxfD8fU*_HFEiH5xix8oJ$
zq!-Ih+D!<QB%^dS7qobrdhx^sA+wXqZ>#PFhz@Q8HH>mFwC6A1!}I=e?RQpant0QU
zX#)942;_FKG|T9W4DLOwV=H+nivcGUa~17X@l;n-lE?OUBKdZp#ExeB_z(UwUleVu
z>k6_D?;l+}l^oyVZKEhNoIs=7X7oV1*Jd21LQ^QkNB25Q{5q{T8ZUg>o7D4>3j6*9
zc(-KUP36k5w(c@zH3AN-fD_Vm;eC@DqnTalG9uLX&P0@Ik+()A(8BH$su7Fkd;!h;
zQ*JNP8m#oE;pP(qGu3poEI98^S=G3BPG$>x>TFha-#=}e3-WZ@>~OGkUDTk!n6)54
zETxDpG24GqNIplA$zCK>f@+EifoqRwnwP#$n}2<H?l7TsZI3JY9gL^{b<O7SxAI-j
zKA=sReN3qjQwGj`AfhRM+S82C7!>yg=<`|Ljz%%al1b4_inczj2atdNEBy|>{|IBJ
z5LKF*bt##jUDw8#Q*fFruQ!x}Q!Si^SUyDP@OSuUl2zP+Lys*OW5eK@1<9F6t5B!W
zl&aoDoLy`t3jg|*jD>twNRB<jaLAf=r8%&1G2*wVd_A#4r3I7DNS?f#aI<7W;UPNQ
z9<wHX;IZQG2j@6GZPBT@NrBzy%2Ic3<g!JJ$fiYW5T*#(&3cI|6nFJ@|Nhj4vJrRw
z_W<Y_Zm#c6rE>{OtLGBkkNUw3Xwjfs)&E4Ln_q0e>(Kv(rO!5L2UhUniW)Dd)VXYy
z=XqF(wh`Lz;0pmgYiQVS3A#FG0PYe|bO~?zSG;&X%XCXY4FGLtob+b)H%)4OWIfQ4
zn_7)%%!);la-emUF6&kieiSZf&9q`;o;Pgv#NL_In>n0?HoaW{U!j;Ci5QJTVjv*2
zugr}?rOEfp65e>Rd9uEh+^<K_IR>UET^(<_@<8kCti>^GTGr3ct`0QVauIHoy3!bl
zcRh#VW~qkEJC=ry)}X_QRCFXfuteF?EgB2&6WMUf2j;uK5F+8y)_Euj`|)w&ToL!y
zfVTO}pQPpd_CjyE_wnQnCHN?_Bwbn#P5_jW00Q`)k~xD&?cc$}?19(zEs!`VwbqL`
zaHs=TM0e{hKb!p-bXdqMM#|9o8=hf*>B0Y81o3LqAa*OAi^|aJ5^>%XMw2mh!wH}+
zyBlVIgdthtgx5MDg>w*fo)<QzW93B{j5wuojP?!~W=HH}DRmpAiDzi3J3J;_tXwOi
z1&{D6qz_&~A9J&$t#Dk9MKjSHc^}4TAfKpL_?+p{WhriXy6Ye-Ju}QWVlpBwgZMWm
z?T_>T-y_q47C1r>#^3y3IcXV~<ZTxhI4Lc$Hp2#ioQGpr>LXcnim)Yvcc*6bM`jK^
z;-lMjP}Kmk6WhZ*4~DXO9cwPxv0^IFV8)9dRn3@bTBFpEl@Q%sKm4uRsJ{sO=BDVg
z-5@i-dpBBEpgdy_ZEOLAob+UOtO^%~@my0;ljMp(7Rt(>Kq{c@L>Zj=JLD&`Sl0(A
zNOl*nQDTVVqm$20Iu^u4pgB0T43!t07ow}o6L4~)n~1X6Rk@A+Y@cuVpoewL{U;#p
z6d=skeu9xK2hP}DebK{fyqHy)%2LnaU-m*5Bq!Qp96Y>~)~i{pO-+`!a(H)|FxEyT
z(e)dIx8g##K9t}T<Xhw@Mv5Q6*$kOvF`d03CGy8WpXyI~2xlRf14U#?#2)IOTqx-(
zan0(GFfETA(%qx(7W3UIyMT77;e|T~R*F2RI+Q7W40ow!R*)0$oj7}x7DmS{r2~F9
z^T{^;xkn7UYe74v;#_|uqr(OaxMKHocBvc1Cko~e0%E*QYClZtkw@`&#N$`BlVGYo
z@>QAS%#w0``9@q2d<WWyULyoq-8PA<a!``$T<H~zUxp5aa(_hB0LZRQ<XE&VdxYih
z#*y#k^><}pj#3C>^B1D3EG|DW!z&yD8V~5nk}l4rLJD^p43^C5-=6IWJ4+D(5)#Pf
zh<uJ7S;VtKt#~j%n!9uBDGRE#6VH6d5P5w-i`vHSHkv~kMIN_=Hl-w9wH5yz`F*(-
zl3Y_EF!tO`u+HGb=SH`9VA#Y%ec`bL_K>gyc2L&TCNvvd4Yg&Jb9Zml6hg*r<Pnz1
z4<0{958&b(Mp|E|YE#+?4Q*3)x#>gW+RchPMRv#me~4+GVmjQ&+-E=WpNHz1=#YCX
zxZkG8_!Y1wd5)rFlX*n^rs;LWEkYM`80e54Mqt;S7?0vQ;r9s6<@bi{8rr<$ddG7<
z2|>uY0=4rf`olM9Zi&|ov-|-hAM-IDuep53h!|3Z0@(>@B9QO~A7b_Yb)%+7Ch#=^
zKn#W=7NqYGB&Ze&pol^s5=(+720cfGL|Ot_8nKc7ofdwn*(!K>*zVx89+&ksh9A)S
zdvHNvulXAXRP-7|*kx)Smq{ib%jYE4Zaugw?Tt*h?c#8r<o<L9fGdd&YZ8nIpP!30
zCTL@!Qks}5g6C(=kNZtYv2e4|__#UmKIQ%9@2L^)@Ux_^e&SxI$J<XuaLN&;#AhK6
zIm+BGt{aC~cN^3TIntSakJtB`IasJ8*+SP6G58jq;qESM>)=N$CaBw9JOSpU3S@Gy
zRiAdfj(G2zNfRzNuBfWM;F_acs8bh%2XWCy+3b7SC3}gbd#UAn$zS%;tM`7^?zI>{
zRp95e<1dZl|6Iq9J<pPV;fawZGCku`3=kgFO@f3LvG^jK1li-en>csmm^$Ci4<&{F
z5_6ieb;ONKKQ!f>QtJ(c*y7V~E%1~ZU^JN1MpgjlC2nvL_j1Jh)95j0%PTYjy2TiT
zTka6WF7E);;~1Td@LC^H#ZonQ439s}A5mmG75{iY#$_DfH9Bb|)VO`qQbMf}7&B~e
zAU%j^hBT{TK=#BPehl*__^`Yu!F)?(H~^g<!1heT+)J(>6oyWz6!#5zR-64+4|7Yn
z9BlQiRSjb7xj5GV2n@Yu0gHHBVP4XvcV8kV!TXvq;ivyQTdHV3;0)WY9jDGUo{`jj
zwoS#a5PoJOz>2)C&!kb8eI@g(<~{um$5b8K!2HIVGJrrE=O^H&(Cp7;lc&!h0nL{t
za==*JqY}OFstLZ>v=(wD%_M^{14VCjg3Z5a=P_pp?qsQ(2<mLjJ{&+}$pWHz`T7Sg
zYbD$3&i<<eS3n;5jiuhDAfye)Fw3-VvDX7~X#Us~Yo0r?C4K;#!b~wb?b+k&0p*5z
zfr%^gsJc!2kO3qW<BCd;(t<X~!ko=8H-{FHZLH(0jYY)Icc<J=D=TaN(=#pCip3Ud
z$Z(t;#FgW+8RB%eRm?RyW8xCSY57oVbPY7#ImM!$(J4EH5M~Y44!>EMl=Sd~^34N0
z_^Tk3e84L=(`s6UvwqTAN|nKlDhpDy0!(S|m4#A-yr<?c^>$>C{6d`q_IK9e7iGv}
z1rInq&dK&@PWiovHS?v;>db|~AQ{-(lnkL=*v`^ChhVK-RXWrIHWL$ScB_ead8n?z
z_T+Iv%&5AOi4gTYI3ZyxWA9Jz?dWyrXMHT%ldV%zC^Z_d8I1`XAOv|O+l!c&2NnY5
z3a<FKMp;@l?a=1|D|rJ0Bog7vVQGSF@*~4ey(g}rUIP_-j$`mnMKcP^cYjaNkgsZW
zQgB=lfYs-Aajbj<wOGlU^fP7Vi9YX3v*OW|pN>G@u5Z0+x}{~+@_bxx7(itbuBrzv
z^&*Y}VlEx(*pN_0U{oyDw~6iZ?i#%#ZmyK7#B;6_A(F;qQm>(;^GF_Q1LLcdy8VQV
zpm@d9%PJ(-?w3smD6C3h85ske!4Sty3?OZLq2}{j%v)KSOmpjeU9w;?f>6h<bL{B=
z`q&{*a96($))^y5t6ud8`6uG3p5q#aTpd&@A7SP=qH^>(ZYs-#bcCZl1rd~=bxrd9
zVp!tr424b*J!HZTa0GPmnCgIX$R_<`;$bIGNXYH*Sa+m|&tAqIYhow(yfxG3HSMVY
zkrSabu9*A1AUQI*f8I)_;pe#l<~-#3Gx*XIDaot~kx)*$c~B3<*<yv&oQnD*F2OH#
z-6u*pOmj|`G%pt2yn05WM8w@jY~-EHy6r8piXri>p=Obm=pp`~rH1x2sCBC0c~pR?
zQFIo&aY;b<JL~sh8DAljUFTbm|5ZkxU+<Js-XsenG_?XVWz3=5Fe0m5?!vBgVkV4y
zo^*7I%3;DnY4rz34nxrZm!a~a1;b)%7eb$JE+N`w1^R|JbEyZ}Xl6j=k$DxkP8)T>
z#8a;_WIB)YK%N=lJeZ-z;8|;jUep7@LJxR}hD&&t^ODdcTU!t|v4fYz7|l&!0>Zm3
zgTq=6Sz2U*GGVtx0vOw+y}2O$C?0{etm-D{jYk4_sb5XeXgp7uc<+z&ew+pbra3TE
zkO9v%!+BfLEYeivi|z;KVMNIL%_fLfgzHN?eAorNhe~_6?592*d%!$j;thAg3_yeh
zXOEKoO38ExEmntMEMp=A1|=B9#(RnU(f-&c?}8iK;4V;R^+1d#$=HcAoPc-n)Dd+}
z$d6|Q2XUeK-dGs5Fo)~k`CnjI`%7o>MnKo7Q{j-X#2x^%QAPQ!Uf-FoY|m;%v`WvS
zvR|dZ-TN2zjC%bL8mSM2KgD*Qck(3GW2}L%xd!vOFKP_exq#}pH$9uYq&TOVJx`uN
z1{6U9eJ2z>Q{ulFH?=*pg7aWzWj)5v`mw3j`ccbcX~#j#x^^}rq2NsVo|Fj29#mV7
zzO0GXn|nsx^8?PM*fpeY*0D*Lq@!??w`bDXBeU-*-Uxe|fCxrWdgGS@^U6Id&KA>k
z6$LLwWzT_yBgb6Lu25>svqL?H%<+Nh-F+p8$CBn(MNpmRp-cVaZ61ftIYLhM?jE(>
zBT9$KG$PHJYkL78r!TTh-y;d0bl%NzAZI$dbYhAit~$!lx^joun~;wMj6$2diY?iq
zcE6fy3{Jr@ptLarfA6@>ZX`oInxO74^DYq{YDq%=31h;5KZomW>lQ{W;;1?!g^2Mt
z_Ed&Y(i|`#WBd6!ftk&oKHY4DnOVT;qt`e%?UPf9bFo}5!7H5L+GC{D1UT&Tu(!_n
zf!j{v+SJ3h%yrwV4VLdp42^#exQF}b{pCumum8Z%{Fu^;z|c{AxoZzQv<Wfv<pMzR
zClK!fnrGxy^*X>*W<8in86-?78C2nySRQxOv3am%+!g!+oCD_HHJy;xqAmio0B>KL
z%?he|VtM3TF4<$CU!#A#)>1k=$NT69=;ideE$Qib<|c7<X$RZzJ04V}@-}F;Lx2Gg
zzJiJbM#IkN7xXGIFYnR=0i?fXiC`C~l%M*Pkjun9;U2e|ws{VPk11Ulxh9{aj^<$9
z<tC*|jR^|6UDb~8AvSHTq;;OWVJ>Io7{aIYhqUEU-c7TE*ocI15+ykUSzzo|g4pR2
znK7^?yJdQD(nhfKa95XQ2ETG9`iYsL3}4F#;p9k4fU&`Nbr%p+?%f@HZ08I&69zcy
zZ%2xK5iwG~8;SnyZD%249!kW*zRX4Ng3l<4kskx}SIxNiD#_EW_A!ZgF5~C(;engf
zhj!eEcyg}x$qi=*@U=6;<+C?Ji5bz-(`pQ#Jb3Cw5)G%kj9nydFt$!{%8zTwytWTy
zWV?yeF}v3W-XvmPv0I{2$)KQOf`oB>1qW`*e>XQ8uCE}~4o2ELpc$XpNAC47l6iQ?
zo3~8E?!o$L3d`jBzeq0YkwHVq^FLs|)eFD?F22)<yd}cUe3A**3lL-VeZnI%gki+H
z8xRYDZEEeG`92~*@e(}MF5w0%Mn22!T%PXo1Uq0R^|#ZBhq-I`0PgAxbusV_byJ?C
zjC4~_`(0se!(vvxBX3bJ6L%_wJu-pL5IhE&BZ+&aBF+%RJYIhgMO>jBhs7-8L|&mi
z3VM~)_yd2hIjHPSR&O3gLO(Avz%UyN!7y8W9CZze`Fj*R^LO}wXE_jI$DkHN;6(&s
zz@G=+_?P?-Nq=)+u{S3yg?fPvqSYJ#@Y~w}Th#F1yh`jnsrMNjUa_s}wTFx6e`?c<
z4(gd`yp;e+!;-cqKDV^gaFbHcuK(mi)yOVg08p2Z%t}g7GkbKk?aR}lA%Tka6u__+
zcUS;rr(L@?f&Enb+mAX3R~639)8aOZjjMCJ<R3mYXuBcVBaS4+W)&V&)r`;mL*HNz
zn4q`mpiR}@;*M|}`3+?A{-nIWbrFu4jg)nb1g)5r4R*p2UoLk(oqbc=bx<s(2*7-a
zzoz_W(UhUgKpkkYsg1|X-+y8|e9vs~Br!yHx`fysg%{X(x3>Fwd(+&pn=i^PxmBuW
z8+G`)FHcMgN8*y!&=M2Vk}AdiJcGqA4sbA&ut-X|^eeRx9kP?KT<(;3*5z|Pw{I?3
z4OqfWDt`@*^$gmua^AH9UnE56VdYz5SXZr#7--5>lEY!=;ha7{F;|coE4n4HzKPxU
z-TZhP5{TXWbGOm9_33i|wB_sdbk()^=XvbSxATwF!%*ziR+s0~+R^VEMsY%)rK>;h
zmA_0mCiHwe-w^oUWAOGr-h4l+yMqOC8FijXjbhVLU&ME9AO!oWhpoTYa3MNr+nhGs
zib0h^Fe<({5h-#R3X&w-3A$bctw_UJf0UczEn?OmHd9m`(6847Xs5RMj*Na)BH!pA
z{JjQmYO0mt4yv1o#VAR26w}vGV1JIa&J9@-(@nhRG&I|*zJ*|_X%j@*<J|K=3BX-?
zIu=D(4$m%y0n-4BE6;XNK6n}4=QcUU0C76<fIlIbz~(_Tf-iFT?4=!(L5Dw*vWGgE
zuC1~jy8J3}$ms4aXzg_B{lW@f*gV*iRq6m@C9%8la?9%jl8oFZm)*NLU^&E8MV8es
za<x*n3jxWR{1O^CFOC*W+!<W6&9bb41(PV%mkg;2=qW{=D?**go6A${FH(X&aPm}w
zFbWqIhJ|8)q6)=8z$+{s1|{sS6vF%Sp@$qtnv`p(KlIT9A5O$i&nV+Tdb@`cbkPN$
zRr}F*)Zh=6gu&2mP-j`oUm;k5w0{u(K#Y7Q%oFwi0%PcHj%#j*ov%(v(5r<iJn&ir
zQp<1cuTGd9pibB*xcqrp`<Qk?$X^`|IO~1oTymo7Zi#1K>KL-Vj>g!LAzfA{R{5^^
zbD%i1cGlfw$I-G!R(7(z=z4Z5Py2`ASPy{roOtzT-HG%~b(L4|*64PT(=wwp5jsTL
zV=pq33|VA1enIMOz={_gsxJJU4x1!H#ENZo0s)w;^Nwk2nDgPI93C|Lm}qxW%@LD4
zWn@vT=<ERZY@d*<o!w*JV(_EpK}lTsfM{5Qm0Nfdc)6_0c80x5dVmvDwGX)Fk*+^9
zm9{Tfmi>pYNejWb4Cbhn(z~?^Y{4(D$P+{8Vpl#erI*0NPLQY3xj0aBtMGPjRl?}F
zvQ0F79Eh3$tdu<a&SozS{%FXt09`rX=TJ`b;OSW$JH<XZFWn=1z3ixv6=C(Xc&Pqi
zgU7c-e0)VavU9AMMRPO*-1T&F4CUg1@IerV{00W;O!Hk4RLXSD8BQX(dU4=}`7P5t
z7HWmZ0eGz5%A}EFbI1=zwSf!S3gw&$I<o_Qyp|J*df|?hZUwPk4pH*wi|xU1kG58M
zHUx2{C`p*yB<)#CD5eRzfn4~7(LQ1gS3uvRB{-FJxsfrE6Bcn{%dEDvbX>eCVHvl$
z+qUooksw8!gru=opQy}~E{Y4zO}mq1*1^}gOo?bRN2gmN4bB)cJW)jcW>fjBunYhD
z)_wMEaC*Wh5_2v(%@7Mj;#s@y4;~5H@{iqqG=fX4#t5bp(Sw#2d=0)OE}88>X%*eG
ze%=VnN&l^J!Q_M5ENq@S(+V!<=R~SqZCl0UB?Cv|Gl|_W=LbNjm7*Slei$Z=N>S@#
z%i*3NCqb!9Z)EE&rD=**4NH9A03B^^`tgTVugK@Lcws#SAFE1F{TtL;jq+pVFy_(V
zb1XMhlRZId$Gh<NUe$rxx0Un=N$Nh_`ZIhl_JLbADBiv+#8laoPyrz*y&u4gV!5X?
z!Xw%tQ>Y)m0rR-gp$(j)q+)F?=O`#>4my;DrD@SG$k-6Tf*)*C>+pCbZYrsqsa%%&
zaPGC{0j7xr!aa2J{SPkU%VEx)HiWdIZBUVi=_i4e6c9-MguDu)2Ac{Ra?vo@eA7k-
zX~iHiQHj61Ft7xYduTGzV~9AkyrIDJEKVY7p=tqj?SHRm)PMGth={ZQK#+)-emnwR
z%nLu!5FnG5W(wXEtR8<x-Gz>KCo){Gwd@HwSqc-Se(U^2&)pQ}14`XvDm&Ko+9^?u
zl{2`-lzaw0B_w5m_K;W-tmpf*pXf)g<J4EPq1Q|c_2q(~-*GG+AfcFy3&nY>+_vX&
zVJ?l@*STzK72WBIvY;eGNEz<dy`Q}pfZgK8IMu}yu1s+ascwztQxEy5_MAU`IwOd#
zIQPsNbM@`yBG6oIZr?{LYdKm|Gc6%sYms9^9pQf%kibHT*7atk8dgvy$vWuG9|&^R
zIE7Hgy}X7}v0Dd39=9;Jf8jo~2$q!c+9A58hQ1DfoWSdzdID|1qsovw`T0R%5%0XB
zv2%Qgwa6uySLM`f9`K{{csJySAny#;DD`-E*}JhyVHO)TSoAZz)QV&dw;4Fl!s%?e
z+>>VazMh*(80T#yU&K!pKs|X*SZP3kG#E}JZT0ddlbmDVfGAk`VFb~#@nx;PHo%<O
zmKpSNaYEnc*+8#xLE@2y$iU81&|m~pvi`aQcN?l*G@`?^f6S~b3YqgKnGu3}BjtUm
z)Ca9Prar8$Ae&cJEM-3hw!5gqwR=bTQp7^JVi4gIblVbNPOoDRPFToxTDFxLXq_i6
zG`y)Lk*dU8-wX-fEC|Mmrl9ytGeX7xWqHG7!)dN(BD`ID1pVzoI0XVfkZIP0UDxJl
zbO_@n`<NHyf>(tfY&5jJ$js>sj)<MZlY%k$YTFE*r|E{Gjj8PmTI=8)t2^(Pb)1%7
zbBC!utTM$}cI)Mr<gXn|tW%hIs%sFH$2O_wHZUO$cO><0$>VVN-B5W$(lE(b!qC!|
zS@ANlYWA|AW+IoHM3QYCMw&u)cf&oYl|+(GB*tW4k_1~VA+<lbzl<HlU4?m^R5GfS
zR5EFmRFc<fY?HNrT9ZtYR|a-W?)xsMvtjEG67C<|_Ypyh)RKk<-#9U0Byzv+0;9+v
zpb-y4?j70^gKx0CcTZ}7(EloA{-P2IOOyhzYrfdrMsJ~0R$x$6^xAH=dg%Xa${3f0
zya<Ga{Cq2&g*+KTM4@0j8`bVN@JlL$2m)a?NjV%eKJ0HeXcwRs@@T?@Ye%Z+v$+yD
zXp({X^jJQGz}L;6kcEOXk4Lk)$Nzam(|#9*&8;NAB~ToSbOtF__@WhMfDL;TIrj5l
z&b)^1_~1U&H!M&Un!fUeg8dx0yb<El!H9V(Ur;i(`?n}O(=LIP8R7@A-k2RAC=I!>
zr&7aE&_pxS91lRLc~;jSPVt`#5e>F0;t3AiK>EWU-Qqe>p@7HNiPC?|%il*z7^*Dr
z?)t+UKUz3vvP1J)RJ%Jg?O&0$Rb%kR8yZeE0JEB80mu98b=jV73aZG5Nz43VmtQhS
zIjyV3{CXR?2RA(*ivJ&!5At7hbF$%=3QRFjBfSn}J5-L>J?w#}BGyQSOXSrcl;$t`
zXo6z~Gb}Pr(D6QCms^6G8W)(9#n<*jH7Y@pj5Jdd7sID5lLnxK+GV$zl!pq+PKfWO
zh-GxK7vszE>_!u%eK{h?M~;bQ?TA2&yf}(@MR_QvcH*leh;X}nDa}H|Bs(Ee?~Q~B
zitc=}0Q2wlfaGvI22%}?1(7Q~REpbBev%^gleALU;thf2kfJ&}(N0c|LEm|<=HR>T
z^8-Q;lt!AEjj2Ut87b_|T%D`!a_W>4u5D}|*KX@N-gji~=lsaiORbG^tC|v~P%iL$
zm`DQxRy(aY>4b>r0R;@ea|Ne_5-Y7JyBk~3FG%I)1yNJmjcz;#7N^sG;Hn@?G+k7}
zmbv2HMI~b}4&s9_TQ<XV5ST<|p`Cw58sV9)<Ka#4%WaHQsHugN0qnn>H4;e3sD=L7
z;Q@<>IIwUq`V~U+5g1?fgGeHKeDv)8dqq7&-<7ap(BGCpF{n}CCtBW-fq50W@#r`k
zX)}F)g!cEB%I#E2q2h;8x$c|_DdiiPB@h{tNRP>GE_Q!p>CV`;pieN~4zsDDw&#|S
za_r1r?cWJ*kkWx;r|5Tah5p-=_TBjb1}%0Ozm2>n*{shMdbK35yZrhhf1b|C+u%33
zNQm%gF}TU6+o<ZxmQsMkpM_5Fel-X+fP;2O)RLe*yT_X>pd;U=({|>g65E{mvr}ap
zs)g{HT4ABNi9!;TsncGvzqpL6BO}KS_OTo`B+Lcb%7h#oNTRg&?ogFn&=C_gl==sr
zajBWNk3Tqs=(3(87?F*XrqlIynr-(gjgvoGjtX}d274^LGeFO=!G{9ZoBP6yq^y6q
zm!D4w6-&k42c#4t-EoGNa&KhnOz~CVeVUN{cW^Qkyfw8M(+g&(zH=VOVfTk9m<i==
ziozC)OW`T500-3}l(9ATd@lfP65Z@Ec9DsddM{|Xs2J;PB#lO(Zx;`=z4M0T)7H<%
zOhd5VuM2A?lz8ezIINLg>1%`KZl;qug%k>X$_?c6jBh+B@?N+wl0gOW)MF68N-1#J
zZP4>s+OUwRhnpZQ3DRmRME+{m2hCa!m7h0z1O~1+7&_O0d}6oaqt!G&<s(Q?(l(qh
z^sNW`dg#y}e&|E0(+cK}V6-f2sMaxkcxo9QmF+VN#q{x`IbiXl$Z#m7UU03sGu=hO
zT=iRx(&-IvZky&*hrDeQah1imtlzt>>X6t6_UtdH@OU7bVtPtR?T4S&YwMX7UHgJ*
z7kU%7Ten|P!=leT@AE^zW5(wTx3nV~kbM2#ga1=R6wUtkA|gBaw}{LN|1Ba(L{f(H
zCI1wWQzSB-1){LtuYnO|WHa`ZbicobyB;Y-RFKsIxKiRN!;Q5i4N=rk%CDvNRR)-1
z$(SQ*$P{2}$!;p>J*NP|aKFiJn5gMg1j6^`!%t?zkEc(jX;C!m$-{#|cC^WI)4!pF
z9_k<hrdx<6&klrU|EK|U$Mqo`plKjo)(OYspi$K0$=$tg3u-=o=CL;VKDU3h_nYkv
zKKh!5eAb84|N2cgTb&T4mcKqwoiL7QF|^VDF@-qdVTZV#omsg82^VnIhY|L$Lml>D
zfE#piMPQY)^0{-j3SG-k5$nVk3YwW{E2|u5D_c31U@JRYDcQ;{*+c=H9g3N)JYg0|
z+%MFcO9TP#7=YI>-`9Fyt`Tpf7iuN`uv!h+c>=!v`%l}-ZsW_ak^b*<`j)Nm%c>^H
z6>-BBu+{jlQONRqA^{y-E5p0j_5WuFA^(3B`F}$d+34M5wU?9C?@y=(dmd$#J{IVn
z^?dYd56sDEPw$}~XQvG}tzoOL&}BxF#DVq+fTTOcOz~{w;#oYB>FXsR&kRnQf#Ym<
zEB%VFu;^eEDpLRZAONap#S~&O$r1&?<+D6)g!+it=m+3v2(GV_o7&+WRRo>vRapu&
z-2Zqdyp(cjp399LNiRO2Cl(rB8Ss>{jqaEk*jHwqj*WKXO)|=bLsj6UQcR7~M)P;}
z8w+P33Z2KD%?hSuVY$k1hA~BSfsF_v+2Jw98WxH&1PQ4DlkAByFEGkeumCZ2J}1-3
zFx!x|XsAsu9(0mb=Iz(2ye3ndeCVxRbZ+xi%@&J?R|&2zEG!0M6Ub?mTb`D#dpw>V
zG>j=}@0coS+Oq|He_hN{8>`60HXck2PIVn7i0Y>}g^du2y$Z$I_RDHOrzVw0)uNy+
zTh6Ec{DrwIzYC}F6v>xX7GO1Z^xMTnagWIiJ)w8F3AT0)Bb2MKhHQW+W>{7R-Y{_8
zxL<g$<GrvC5KH(IDzpe|v`yyio@vuWE!hN-m8yO8OfA%_O=e48{g;G<AH-HVE;HRS
zz4qx{CnC={!q5{h#49$a(0N}rW20~2NzQi2B$ONbV*qTgVzO`zx15I~AZ0*W5>Zo3
zAICA(jDz!`*_SKgVZ|GA%OO3z?3z!*=bdrzg<OE!h49bQiP~$_yq2?)$qvEK6we<;
z`N0q@C6!gItV;FW;)`iwaA^lp0=z9l8F&>Wcgwo6CrkvwqtMDo`d>Jv?S38JnxoA?
z;PRdvUam0D^o5_wfW&!g^LcQ!Q_I>?L`KdAjLOOEw5z0JWi8PLAD-ek%3%o}_e-Zz
z=PVL`-^S~znAmo{*Pt^4Q%KN%wx+rjvOGnUf<c;;iB0jxCp~K}Xy3aYgyHDkn4iH}
zO9cZj2@2Jfxu-4VTKP%NxDj}J3#Ik@WM*Jo8QYODgXd)&cHH<b&%WT1|9(ELv@H_1
z86klVJI#eS;Xnqnq+t?^0_my!wAa|4m*7n3ZQx6b>DURQ6|r-eNRy}ki_?_m+67v~
zRj`t7TdnF6-jT|cgYFZ!<h$irP`DmHSAq9JtKq<&6B6zDFT?(8j&S|Aa+5NxCt|h9
zv-^_uLJrK$<;_Tz7<|TTR+yi^q)a*vkJ1pbS_#srG14g)^`A=Sz?^WZQZ`D!D?fkH
zWm>w<aX1&zWSts1n${Ue(9K<j=$(A+-QSuLKwx?Dv%U~>Iva;9p+Ovq5#sEHl}yX=
z5%@FD!}u}`dk(ut-q-mRQ4!AA?sD&CrCFy<3o4xtyoqCI@Wrj+g#U&o*pd5^@6yr~
z_5z{F(JIb{H$lffcD(BSGz01#v{D@{mYot=U77ELi%EJoxNW^x3et>8Rps(eJdn-g
z8D$`QE@>?7jxuj<RzqnvAm!=J_9NZ_@l@Xi^R4?NXrY}(mGlvht?-{V%8*SMzVE|x
z{9w%~ghLZ@coaoZ*@|Yp&5lT}JlUStoTx(HH;EMgt7*wT`jM2bNju^n4J7Ybu$$o|
z*`#T}?((L{W1-yBCxIp(p@<-k@-w3hWWg!-lC1}E!t+^T|5H!3=XuA%5_&DkJf!aT
zed9Q*(!=lGb@$`z7)_(5L!=>lN=b=es&a!kw^1J`{aWIROGUF?0nQ-onQ8!Pv+Yke
zp$HgpU4=}3$1@#>GkO2Y?cJ^bgs|4PAL#zgW<6=6#n%q8SYnp2)jyC|G28sjc}eG-
zE_&;l60Qg35c(~z?*Hl7m=<hvgv7I8aMj~ivh|%ZpG+G{mtNL`GC&71pUnR^-rgxX
z@^)SK?sRP1wr$(C(XnmYw(WGs9ox2Tb?ofwcg{7}T4U^keejL%;Hj$duT(}dlDh7v
z?)!IL4`=m9PxU>t+U#2o1;L0jD>j*@@E4H&y$tgkI2aEjBVH=R^k@Jt(QIBUf+J-a
z1MoN_f7q<FF%{QnO0I5S^+d{#F4tY71DKAnWcBxB+P>ch=}k3Q;l$Ea?HLytqe7y$
z5RhMpqJKCfzi>-F=nW&h(GfwqG_X`{f(=pGeW4ItKz&_>#G#>_3`F!5U>G|eCC`bV
zaROIAEr1h9K5Av8*IBU5!4Q95dI@@oHBSbPh(2@ar7$Fs*E1P_BwFw|PNzxf-%vQ<
z*1`|P7<R}MVlyPIh)o>aIM0O5R4_6}ykxUSLuTju%!CI%jtUm|6bIn^ra536@aox1
zj@k&NNDU)7Bg2M>{@My1A;BqIIA9aeH*kj>vk4C+h85Yi;fY!V<NBprLlE0FBOsyi
z-tX{zT+3Ei1d;3t)XlT0*OZ~9fI5Jh3iN6{YcmIO+{1V=cv<<5Qlve2m~h~&mCHBX
zl6-tMX&!Rush<3x+_eDodHby{mfOtz9ggjir><B7kGi6dnj7e=&d(<WikY!EYh8Qt
zv^HTxlCK2^Z+m?AYWejvvACPBl&xdP2DT&Dy1D?fEtwA!2grz8IV@#|eM;7I-mj)e
z#^Vr-rpKNC>*+cOr5v)gPI9w-%Hp`-MtI>{D%84nNx=k|@Uw7D={k;P9ZKm3XL6}q
zY`M*47<7BVw|k11d0;vI<@fuo-pCLexf*qlN$TU?NBu>#$ZD1aK%xW0(WhNKj5UO7
zZCzBqD`&(HAP(J@pJuxD7*g<|D!v$mR40^InB<Mv`5-D>s)r7TWo2t6W^jhrgxhrW
zT0^49pv)6QU?>kR1)XYJAS5?owLAR662wm$UlkgBHy0<@E$69}F%Oa0X#~yh-~_3P
z4bft7%ogvdMVS)tGOx2=1;&476H}PF*7!>KNa^s#z;z^NyOG|=7Dq_AoBG{3y_Pv*
zub$S(cayD>-s`fkz&fkw#w7=PWCDvOD;^^0mG@=;xZ-lI_CADY(6y<<FfMIlaVyA7
zWZ8%k>q^fkX#IMR{I$cbkHJA<;e9jLW3lhw-k5U7uPQopseo=LDm}8udVsF@6LY`x
zb#U4|I<pRqyNc0L&zQWzxxopWThnCYedq);Hs_)(ie?z^7H8j#YiQghI{OlXbDQze
z)XjTR@fY6jaj$5(G{kG3Jq6uE{-FvGfHSTSOORI&L7#R_z<l(D<me9v?`j>^wL_&5
zxQdUQQG%v`{21&25^d24T>?mc>z*TvA}7-_{AE%@fCerz8^Z5zN-(L-oj(C5!pN6K
z6U&3$m4FqFBQqWh!<i0a+=@gS1cK?+m>@ycv?ovpwU^rn<j%8&&o)+9HIXV}XV~Ne
zbIUXynPG=_jjfQSVbn~sA*?FRmGrIqLwLWZi1weQ*DSCh<i&{E)HMgdacCB&T49H)
zjWh*3AL`)8Vz2V}&6Mb3pLFzC0XM8Q*%(~w&p=FWu-O~Ho6DH$E?6HS0lTf6-~ir%
z2m@P^z=(bs1dnnX3SN`pgIf_=Gt@0^T=h;leg72uv?H*<3*ClX0##G2$WDubY!Z8Q
z%c|6H7oZBtR#po3`iJNDCqL0u)94>R;*7xbqJsF`!+FQq;8v#nsGK@?oFie4sgZq^
zJA<a;>ltRJ;8n=SgbScbBhffq4#B99xPO>^1C_^B!>sB>8Y-LgeLEm{Y=6Q@C6un3
zSTIS?urp9x*9=Sd0#u=xlraLv#?HBP!ZCK3k9$eUM0JfslYBSca+J};Am%RZKRtZg
zYH5`?d_G>n*XJT0t*ZSa!zHYEN_DahmS$4$%Dpn_jSQzFGHY$`!hqIt?JgNcMP{@4
zd-7cmbz7bvOY+7c+7xh6zHD%X@LLA#qttdca5VigP4u0Ok8)?%jZDi6AaVyWUj<I@
zJJC!W{$M8l*{`_6inx6WNS8zrjyZ*6iSTXSk&4^34#I+~BMzo}0Xy3f<%Mv`(x<{i
zyJo#qbL~2Xbu5*Gt=z4Y{$v68)`T|dGK1a8luK=^@-{j2poM9##?XM-v^-vRdqhDs
zD4Z+<_jBILRlZZ?BdF6rLI<L`=_)2=Jh~25JhF21yfOLeQ72uQu4QCH`jGxcv$Lzh
zpDf}moKKN?x`R`Bk*Rtt%5K}xtm<6q%Z=Zo>`u~0R4yT}i5;whn+W_OUo}fNkp%hb
z;_iy3K5Wy-<W9oYc0N0uw*uEJ-b$idlIDrQ+was^zb|D}Xsyi>(wMqGrUcxzE3~2&
zXX%W7ZR`74PwSHyVCx+gmAkEY57s`0AcMv>(-$13g*%HNkzSzz53z3IZeI-$(bVQp
z<~5JSofN6c5`3oEru@2rC^F-^a`zj+hMxQSN}<bE7ll$pe=#ta&<@1+w9FpHV7?(f
z(>$s@YIP(wSD~uOrG{5;XMM!%p7F>K>mWsuWFKhvU@@M#a8Sh1zbjb^1M%75SKVh^
zse=9hM`A=U&MkL_Qs2ha$yw^$uHz$|#$$XuU5=`9x<UJso;dWLHurg^WIPJYY{{BM
zTRYWLWiIUd=|>mal|Cwhp49EzDt%YE$v=qYRZK%<4$IFX;PEinICQuNUR}F;cJO>w
zWUH<-5@ZBJ-6)vGVZVqlczBrBYOG&5x;O%uEQ{hTZwSox0<rIl@rPa?CxB<uURO89
zW2fkrJZzc*n(8Xc@j=~KnCn=p{&*<rJXpLsI*5N@E<g$$10KTF^VWkvF^cro9?`T1
z42hYSoYH%AF9g%BAHS@qqU_<4hC0Mw%#F9IM;kRf9Iqf3-`uIUqieY0yV#139W0iQ
zuj(*$)c=&*aPHw$;|&wBW@F^2+mgfg4Xy0J#2XvirA&6E)GSA*tWIMW^`}VL)zY-i
zq0kkAH75t7s{?i&!$nol6hEoweZM!R=vBIxx1!9~CI5b1*f8r5{TyGxHkaS+!v?s&
zL;W6xs@|#ex8_r#$}9^c%#F0YHyk7-&`l5NQ?^C}8y1}Ea&l#=_Q+~uJ^61l+M~Fy
zPUR89UeCX5wsxsyNQg`~0Gr=%5lNoI>`!Nx28ua%D{C0=^b_r=banjoE!4-6gpvj?
zR{mPGR|_Q!X!Y$|n#xpsWr#f850x0=ZtEYaS1z?t?i5XUj7&nJVufa{RdH)v_%2^h
zz<xH^2$*tm_KJr4WQB8+j`ihZN1WvsXGN^Ps`Ld!or$yiR|2z^kP>smRSu@os1O#G
z=G?y@$I#Vvr5iauh@vA-wkwLtv9?t<U78b5sa5aSkw&hB5f?NeM7fF&BI^9p1LC$Z
zGM6unzq&AtA&%RS>FU98O$4z-XTDJ@Q%n}Y&5~hk!+Y*UV3U%ngx2$+s>uk*6FMBJ
zrH4t|fbr8i)EElFeD31e)J%fgUTh_I0k3JErEGA@$_;qt3x4Md+6>_*9bG^f+G7`l
zG}cu7<Xm9m)|F9EMqoNS*^Q+d41uXJ$VoLQm_RKkWJ5tElzs~5`BZe2``iP|CwYHo
zzC6xgP0q`k^W{^u<zmL%jnYrf%1!7hpLH&!7_X!}j=q=Vh5l22W)V)VHZ9z7>xsA5
zd3=OsU5NvV+|AHcF_!o~={CeZP8{^5LPef92ENBGjgmk0O9W_*C%SwmW3;k^NF@Hw
zGRKi9hgR&DI}fPE-IKRFSn^(Iv<FUd<jQL{vox-o<YkJ?l*Kkk;b&>=CkNjvzk2uf
z*S?*&U-#<=eR3{gHG`{|WB5<xn}<<nci?Iilnu6O2~`^cCDrw5(MqHWsbZ>xN)f<=
zvy!;2WR=4?%AKE!l2wmw{g{Nvq3<cpLz7P8a+z>R#=M-$#ZYe>dyvsaYBUpa=?_xR
zs!}WC2TS;cnwIQ66~F?t?4l$)r~?(XLUoDcD>yb8fs<C@0h0$6$|0jF9vnQonabu*
z{<Q*lMYIUFK4^NJFJs1yK)pvlcKz!!J~09wa`?pC?c>$Z=xm)|sHsSgcU6+9y8=YZ
zyxIZ=K_fKnF+dX}>nY;KaNMH<npoh3cNl=Fi1QhMz<?pheZgJfQk72Xey5Y&%Xj7m
zR2YRE7nXLyhjf_t%^Qh`0E9@UDNT+*v}M;ABB>MBy8kfZ>il(<--Wc13_0P7Z(6pJ
z$D5JrP4ci(qSu!dGdg-xck6t2tl^#E?>5mFOO(B>Ry_6+?}skeQaGMQ7tR&WiqN5*
z)AGtwSYz7aPMTWGFqe(gnpmDG6xGu_m!qGkO*&_J46^xFFV|YvUCsGzQRXSmsIxxg
z*p{8=>}<x7_Qo5DdTdV{CbM%-XG>Uj`DV>=WqJoC3S|SmZA*c!Dd*3jtmL`t$O7-#
zMxiMXkmj{-b=0ur-++@iSVr1M*t^x1=;g(9x6F{u1%AsLv6|V^nwgOvQMjaAgoYGh
z{eg)7nG_#&jBzNFBF<hf;6Qm#7rXR~)6>Bi5N+y`W5xbq`OaBx?T~GXmfinHC-e1y
zAPfcbsxi*e7RlPjaVMK?@Q-^n^yR*^QryrrLnQgKf_pZ_ASVB+Mh6`MtEkv5z5{oo
zg9b&^GJ)R}w(5}zece}kUueyIU?;-q_JCl5m&ix;H$SV3DG&!5+mccWf`>E?VN3Rk
zY53)vK^Z;`Y~~aWYMq5WF3nvrv>^ljl)JCU_6a9@vOMwXP)A^eN}XxqB|~la7s_!%
zg$~WS1DVYn;dY62AGb{!lhUh9M@w>8vVG+z#gIkI!xue})A>ckOly;-hH-Ib^{FPz
zV+E(Qp+zPcSKJ7n-NFb8JK6?Z+hH`GYKwej?C+yh6Vf#VD{!7Fd6GH9BiLnBUK;pJ
z1whu*mV}bbJzB};e?W`13kQ%DQ26^A?wY96Q+yrP^v1IK;LYMKbil}ECFlLVReskK
zVg#Or6)>5fCL287?Dl)VJNe+>?tHrhyc54ZhTXnCtv=$qJHC$J_|^U1pFcl-yLJ2U
zy}dZz@49__PH#tAy3W5p9RCIYXV)WwTisveWNs8QL?L2x6%L<J{nV7{p@*HqR<0Uk
zu|{LX#KS1>Nyu?7dxt!h>0r&G7{hQS_tpIpbe?(Emch89bX;o}?9COB$QeltbP^?$
zt!rcfXgv`XWjKB?l0T*QSk9)C)zQs`B+|u{RnPKjDkLb$Y2asK=p+huJ4Lpc$P7hV
z&c16a1}@mU$7`&>sv%|mfi`;dPuI2)2?o*o4jp41ASMELwgihO0Y}mG<jDKI3DZe}
z`^Z0Z!mAe5mOv}W#%yUWaij+ls}m$pOxIfovQ1)z_Qi+m!(M%j?AbrK;DCwwJy}Uj
z$wHvZERkkelKL9iaIS5P`gOM6wlKiI$&sZ2R%B*Wt!LDw<i~HiZjD`#Q)aVFnrnMv
zT&qdca@8^;9uFDsiy&-qNj>W|w)~C-d30%x)W4H9oHw$22pxT9BcE9yWgLw&^4g2Q
z){ho}jnBPD{a(J`AHQ$g>e9u)B|{mDxX%O8X#-|7l;~t#9r!mQD0wzS57YlMAvM{B
zp@JWit-M`Zj>se4ogrD09mU8#n$&{Bdy<t+Y!J@Ms9?3SxOng-Bv)3I$uF9a)J7eC
z`?>8&t1s(d3q$oYWN7MawwoBMk~GI|p%-0O#Vy=+j+($JuvyMb9$nreankTMm82s6
zX&Uf-X~I}oe<^JR<}kc#?^OPrIOp1;s%tZ`W)0GN$fhcMqKat`k>;J!o3Ef-^6+%A
zA=xCZ0ly^TwM_NB@tm%qV{$s@@)jm%E|a4%QE;!hg*I_l?rXa&Q+BZ=`|XFOBoaB%
z&q-mry>z=2usYV<*dunt*O2c$kX>JLf1l(SkGq^;Bdt20$@554D=f?QKj+7eqT@7!
zdkH5K;6&sll`6|z%PUUg-~ndl(`#0+pN(L+FOO7l{=spFk=z9{p+m`1R&&hCyIOBE
z(Tq<Cd&ffyA%UBH9t6ek2{MF6_Z~1t_p6|Q`#;A<_YoY=H+|9Nsqd#EO&dV96+u4P
zfH*RsHiP0U6mDj;6xG8?YtEIypaOb8k{MOtGxjnwYk*?Pu`Ip6TDFi>7mMd0HgZMN
zn<R(io*|*3k;bl`WkdHjyArfFf0lpfk}%tTS)SU4P@aC1=wD*P<mrguLrzpfJ;5SO
zKS!1i3|u^lQm*z!o}$T%Qs);EKL%TK9KW4m*qd536ohm5v=4TMn-VLOpLghv6JTy6
z>^hpmI4PSFzHQ*CN8%tBY2nt$k)cc;jrlSnFAs?zO55esZq!^h%QQGWr=3o1p4=)k
zs<%x|=}!>?_8qpnj?6Ewck^|w#D82^@q#{@B3$gaE_k{hT(!!z@h03v<A|=x)PQSU
zyLrP6U562k!B$4Y>~$degQTp?cFGjmjH4SP4GFUdr>nft&--9p>n?IKgsvxWi{cj5
z;4p^0*@fuIeuohg6>-wse&lBMX-pV3OpDHAoa0!^3Zf^a8Y&X8NKQ&Mz^yk)SrtsE
zMlv=F22^>tieTJPaFV}2g5`Hwzubo9HSkYV_kP@<y!BT&&S&(Z2y#gID%yI6zT3no
zrT@Gf$6w~~34M3qWqKtzE0`@)jEm`N_O!m=Jp5;)1LxKi@2i_ay1TqB*{z2M{$8e(
z{`vt+<tOmv=@IkXkhUC-n^nv|DWi6XDz$&T0t<=Udfro@eOHa?yhG!vK;`VnVRN9B
zKKNrxiHLKV70Xvy+z$u;Bd==v`s+_iQMdlbC%O(LXzC?2di9KX<HHtl9`%}vzjiI^
zs-Ow@gq^6XyP0(YF5bJAN!alc;ZI;=lLXvHeOLQal(mV4m6M<iLr;<2!>Go^92pnX
z!gW1+FnLdkcL8a$!XW|%bkPd#dR|D%sj{Lu_<@enn?ml^S87;@&jNuP_!z)x1xgQy
zsBBWL^(YLo(jg_+-v}uWq=HMJKQBYo1N~4^;g-aIoVAzVN$>87rF91`8iTYe(Vc^#
z%`STbM?sU!&OxBbR_BP`xnQ};kjfZ^qGb{|46JC2<N|XKn-L7ehzq=rv@~Ja=qiqr
zOb-xjl7F`sPFO1%O_(KJfw=X7py?HfgzuIch;w!O65P_s%~J7rHd1*^8dFUO{IF!g
zz+6W&jXmVF(Bp(}uDRs6eO@XWwC_c%tKK9TooWr`hHqAQvD#GUo))Y1VBImDH^o&h
zgy+0PQMoE3SC+6-L#g-D@orPEwkv{zy)<!Ze=j%VvNJUX57m2G*An5W@Qy-WTKrWM
zhZTWr3-7TFBZZoz?%Hem#*M<iQb;4d<erqd!bjTSD~OFUSc`SiO!a(af3u|~*xK2I
z<>tW@=|kVDl7o7oJipTu${GAwHY7G4bHH3wg5?Pug|_9daXE|iq;X;IhM}OTd%Pyw
zjpYYNrH%6=1N3-}14~V2m=zaGk5THoHAJn2t21DDP*~#6>A4y=6n&8~&5F_`YmgrU
zNJU3QkIy73N|P0JWzTP*B+6-7{%IF{qI{WYMo|NlymAvIs*Q`LgZE>dPRn=ZdEe3{
z#Ol-HSFl0^?^IXPA;eg}3Am3D6Gj5XR&4Qe6h;PmZpY(qg^Fb-4$zdtcK;>S{laqw
zkaDdI!q_I75Ct6L!C#egeHhgt7mZq5_o7@O)nhJ<FD#T3uig9`f{_H*!AP%SF8FNJ
zA%*LFvvZBtpz)<XBXK1b+qML6$u0cYKP|S!VL8<jtpqTHE+j(;A%xv;RtaDN8uo6$
z(pvJ#l}*gi>J;%7k3_31+7h-E`0bjbn$d~qg92Fu%YSlZX&A9KH0O=(>}{<%L!ynp
zO6VvRpAQqnSwN2%OTFyH@RSni@`Lvw#N$H?ufT>4BY-8;R=mM(P?GXJM=+pIPv4o4
z7ylBLQ_j4A)vjUB(%;fe>vOrZY8QA(?<bf3Uh)$BWqpJHC-^O%yueO%BnZ#Y@v1*J
znCD9JxxF9nh2%;&uO9y`_+f|qU7UZH|6OvXK%D0)^Y@Oltu=7>=Q|t7j&1ym=qHWN
zt0Z3b)A15VO<2zk!o)9JHQ7bEsdCUI)CW;G3!ntya015>v~ZlC*dlPNulMx_@ejyE
z*XPVhS#t+wKLwnp-P_IP)GBa}%)M-MHDBSjz&~fOf?vgOcH#2@pN+=7$>eT^3Ha*J
z5c1FuquBTEjG{7jiOk|LM7Z_^alCkvU=!Lge@KWoLxc~p8FtRy8Dv!*Z2H06UbXml
zyd~2gY;MB>9)H`6zL(nO2ptV?WzB>QHX~aTF9IXHs<_cI$|HF^r3{~Ls2d$Trr;C5
zE!%VQR^}6rIJW?b@UaAs@aYR2ArwL2G=T>E2Czh7);^vZj^P7*mzg?$Uu$tZ_cSg;
z(I77`=$%jR|16Mz9|iBs9uA-Ut!@LHs)0|Npg|s9&?qk#*yG6!@H5?BEfZXS>UF;%
zy)|a40Imns8s{PKE2XeAE2DmPb)Pw8(tWkFu-Eq^%)xa0o|pSOJOOeA=W8kCR`XYI
zos(jdSR*39`>X}F<zoGnL8XQGCg27>$TK$;p5igPSr-AQ!l&)nFGZ{)-}u@uHXGeI
zl@EVtWCK?UV!Kra6YnvXfWE8N`LEsZ*atL%oxqd#vkB<~>3Wt*PSN~f51qFKU^t#V
zTB>LIy<Ew82H5GXigs4T?~P%r9IXv{+n>hapz2StA1lbE)u04A=wCJlMA85dN6`l3
z#4H;-zva*ykoE(iNOj$d_9gN8|H)SR_=|{^xxVOxty;lVKEki5<D<;yukpb#W`xy>
z1EMXIg|;HSDYGew*6<O*6mdBTqs>yUe^(1}@I)<#qR46xdNSuEJ7S2IBRjB{^aLkx
z3U?$KTdJufq@nA40Az;8IFPhe@)1MYbFcaY0K;WA>hZjuoz04==Elj?&Z}8K@Y>c6
z$J5PqxRjs_(8t`N>uIV;kf#*xz|GNpyh!ZduysUGm@;w7chdWTIcv}#*Om?y49mBc
zb!`mO=l{&HO)HzRvIf_6kR%$=yyqZh7Xczo=6^5V!U{@<rxqw6!4lA9SI64GuK)gX
zH`<QP7<;mCwNQr(6l?J@@w%boS8Xmx8gQ~M9|W9|@{H%DO-T}<!JI%J6zYDz-ny-z
zj=nd4+gHq9x08aVc1Lu93{UXU(P+O58)+Dh=713xW{y}WYAw(hPK!XhS0Z^};fE;_
zwE|lx8jeO-eROGwc#?PI2?xr-{_}{dk{zVVQXwL++^A!W2Lov<I%SF)I!zhc*3xld
zR52=MrrgVDTuvdVZ|Iex?5DTVxemrfA(yPG&@CyFE#iX8nW+*UAJZb!f)Ww&Zbgx^
zYVr#glgi9iprE8Bx$2?G5AVn96A4AeQFdX&WD?Cd^5X`R4vJe`*%%&<N5BWwrZIU!
z^(g2L*X7G|{lG=C^{m5ID%svPUZgk)&qF=lsy=l~jNBXEl?=M%<<jTXN)$05mN2FZ
z1V)|d9u;4C_iwKzjB}V+`>D%#)brUmBwNKvF*65J%c<o6a9=u4EN6g=K5VP3#x<2u
zPitS+GJbdRJpFt;N%4JAK}iCSz=Zp5r9}s6>^5#GO+*iY?rk7&tP$gWi2$tg2%GVQ
z7uaaV3kI+t2lCZ}FzyHP!#<^8JXcu51?kru2lAJHTJKUD%?Q_CrC{IFaD0I8I7V?Z
z4%VD)?Lc!U<k1|bJhaj>ndPT@G_yy&y_lW88KDYA`BY63we#;Il1-)zozj3DmY%P{
znWV}pGeVq!Qg6Ujk=@XS7wg(z21??dv(I1hg^`pKunR)%jC_NEG?<R+6h)AiaPKUp
zvkwHb!-AziLeldU*p3Kl{JBOCU<Gz-Rr~Wh6#f@Y>KJl9C`S8OG<Lf(6^*OOymXmj
zQjV=D^w*DYCH;;Ac|2OfzXDz~>Ugt)L;sH*VJMgTAywtEIY(VGQB$Yg@m4F&KYiP0
zI!D1=*jVac7-{liX!&Wyg?0k{RLmcI7dYEpo_wm2c~^s~y_FAZ*^s_++exekt*%U?
zw&PgW*G-_x3C9*}mm5*^#m$y>K0S6=Nkh1kb}#3YS)8N&bQ09tPt2gC^u(aQAFF~h
zau_-ooT{QGHrnARUH%6``Uh2bg#E#pN-D(5GhQIbo06mPo6!ErD4Y7VJ+-d6XH%|v
z3KE-IKQ#(Bsr3bCe0@WX72sx=z|a_pjm*%P)?Q;57m4kWM`C3qpE|L=f!toh+tj@;
zt-gV-Zzy}(xk?z(j<Y=MO|7vC{F$)j>H{WQ8M(*VS44S~xqsLN!7C02+6m)du7eUV
zHklzCwdokUE=d!0T+(DEqc=8gk@sf??a+dj5!hMFo5sg2*q~CEx5ugaM$Aos*I)(_
z^Gyf}`-$AtzGHPoNK3Qq*nTP<Z2P{d{p!N?dic{`ooG`tr=gG)ty@bjc#|*<aTCj{
zC~CCAwo~eW)Tp-Zfk|O`#urF)SMH21f}S31m^E$O#o)N6Ss0~mC`wEM#dtjzW~eEA
z4f*h)m&q1sT|k>1vZ%04@EHA2VAXlewG}+XC%k_WYPr;!z!f;8eQLMRVcdIma59#-
zkLO51&JaxPki5!>fE&!Z6NzS*f;)ngGLbTW{~fc~>*;S1@<xE{X8x1DBfb|MZBf4Q
zZF9RBkpC&WSyJ(a1y@+%l^D%>pb4*0_17&Brnau$GZ5pc?XJse&IV^&z1;GJ@l#6V
zpTbgApt!e<^{>K$>5O6ne1L{VC`<EwP2<96Zw;!j>2WpxA{Xh)(&J73O*YLh!Ahi7
zvtMw8wb+8PdAGmuiAZgd^+AYn_(V;2k<b=}p2h8~T?I5unV}UVM|h?UIKxr6qWLe-
zx%r%W_Cux~gnbmxSW-S4wUdljImsP$^Zc*)i^GMEK48p=uH`a{3%<{B`0b+7$;q$D
zAoCT6MUc;#c>-4}r?JgX`!{B6eNQE0reKuLIxX<(mdZM1i)WjkGt<(TT(@D?t@=R6
zQ~!``4DUza5s5;eH39~xaez4@y)2RZ+c<&NfGq;8P$PsPtDSn3z!%H1Q~Xw{l>q^^
zE>Z%KsZz1^FbKE`sCZ;@Cx}vUH5jE5ndsPzzGMQ^1y-?yX5*nm!p~GwXnnxfjx2WG
z5}9J0!o)a?Tj7_I&2r^f2a~C{H;a@klj^^+oRKWG)hc$2YhThBcQg)VEfDl)Ei(d+
z>?nG!DkzTU5g2hjYOre~Nj}7{p^xYw(0PmiO|f7+sS$+noMZ=R9@s$s69!-*g$ve!
zF`h&S!hfV-+}B$n1nD&%0<M{^_NfB|QD>8y{X`Q0)|(W3$jLZVwX;9>$sLeK%~<C$
z0uN67>eSqrW|!VZuR_qe(6(W-6y0V~$13}UkepR(#T~E7COb$_j$UogU7gv}LXha%
z+XPMKQoSwH@`jUG`qgDCWg1<c^Y%ySn>d((#5XU!3)(<;p}uocmjGlI_jz-Hg!r3V
z;8!`E;*>>S2O}tWw;C+4!w@A8TU)^Szb<gd&pS#fMcPFy=fh}kil!dcKZd0Io^lwx
z{hm}(&a{rPysj3sl~&hX^++Yn98SkZt$4p1`9ATw2^GM`P^K&uyZojG<cP`ESrj?j
zMt_w%*+U-#sS4&c2eq$$0Z4g@=(DA2#kxZPDerY<Ubc;!KStyBTk&6ZtN!~63;*}z
zUYr@1rxU6o&WT}0NveYnW-xL_(tq4m5X{_$?uJKd=oxJ;xJqXxM+*@lFi>@>zKVO)
zq49QSrz*)%Pxk}?U@uDc=0L$ivq?6!Tf1uQGxwIfbyTF*)uHMXu2L&2P5^1+UIyI6
z3HA+<Sj+ScY3<baag$hIcmRY?P@TlkSbnGedF&>b-q2V#IEFLtR4t5X%TWRTsm5F#
z{zll-lzc~?!UuSk<Y$QTkDctyZ>3cxBR38?(_6&DeK_|U2a7Orh83HzNt0QNPW#wi
zNScP?qm{|6y_0Z={CpFxCMUFx{oPnRHM~Ln`KQ*LE<ZHZqHO^j{E2y-4`E1*RSFZw
z7KsgEP4&DJ#}AnxI|?;jH`m`!#(u5T3AI0`G-k1)^l8cauHwhT|4lNs=#kzcF)lBA
zVwPK(cl(zpxnx@%y8anZdyF)#9$!s;iyWMRRGF8C=(LUb77<D0iM}T$5-(qrl!hK?
zcr`8vfZ&yso&}2J%XWh<d@&JQ8n5o$6rV~if;<`OIJ;;`k&qKEa+i^Q;(j<6uuB=@
zhgDx3G&zzNf4%%m;8+WoF|&3~00MXV3=lZNR@*Zg-Q$w;cYwg1d;c$iTl)C7z=g2?
zx4?}h{}s4ml&WXp|B|<KJKzI6Y(ibO@2}PuK4zOxg%5aZ|1EE|YEL4yh;3%D;DpQZ
zr6m~Y@bl);8m!BDFoQTn+AgXTZHgT;8x`kTSU7UMJ4nuOg2!+sW3VM_e{H-j`}vi5
zjJ-%3Bwo>^ybfv|&?cp1e~8?c)E-9=S=;db_TiOZDZ=%!j_Eu4K#`>It^306IUYq`
z4eb0~&gQ`1Fyr}Fw0q`Ez(~zbgLs{tv`&LI!RElVUk#wEJbwGsTQz<4?T;x({J(EA
z=e(U@VN8moiIhZTE6Xp_cl^ihB~Y8v1S-oH2~-z~Be7noD+)t(gH#lwnsF)$m;P?3
zltf|M+ST<$VTp4J7;QZ+`%&1m%Ko#jTU*FD0Z1DiR>S{~($@6(zoZQ|@Bbog&8V;x
z5J^W;`_5>Aj`J=y;7sGC6&N57fvC1&s>si1B6D=DuD!*v4_T+KdHqN#si&nXL*e1L
zAe8>Zzzih*y!4M~f;@z~4~gx7PJD+2OTL7J`wNf{Io#ZsWj6<7NZ4;R*q~dX3Lf?r
z;;Lh=Fi3Cvim}-b)yxOusE_iWJk89;B|sl?7+pX<l~OJ>PBFZ0XS5X;Hr#cIB)?jn
z4-cB~fEc^qa{truZU2GhYu;G8d~d|{Up65BN&@-yfSO3-r(dk7P(|&mRtr`ymXU|K
z+-s+9;N?u?o3{UIi*KL3y5}&A;vD(c{uWoq1Y~T)N-7av=P`0bP;&lb0!m+n?1yIl
z$4Gh}uk_zt?kFUE#$az{`LaTl)-rHNmXWkTVQ2!D*j#I;2e_8GkW%$?4^>J-W7ZC#
z2Ian?TwqA-^)@g_Y%iF9c5g^*OW(s#w+Ic5r-OoHVB3iR&wLLXR1YQhhQvN6vYvR6
zY2iZolN#jNYA5>J(;wgQd}|tD@&S@L7H3J}VfNMmZ+IGMU<hMm_h1cD*040_H`y?I
z*myq55^-Hr6rv<;w)-VK5C{Lu6vH!W1EB^?-s*aj!JJE5ZWA+=tw>wB5|WF^SYN_$
z|Fak-mL2=w-X6^Poh)C~<($o{j}-u)UCdp@tkyWRr#>E0&wapDsBLWL%*eS|qaM*A
zGV#!)2X=<FMxW21Dc#Czq&zP87tg-7Oq7Am6Uial!<fLiKv{_0FRiUsmF%ZBGdH!S
z2WDH<BHUY(f@Y}tXt$YT*#nWTidp<UV4h7C(zdjyL*C{{m)^XDO5>~Mi>}rjDWI|Y
zqr!V>!9D^4Cw%M=-oys)xiHwB(N#HBYP(l9wA(4lPb#~+bYro;A=G_^Ae7xG^rq7Q
z1`th1^!GqK1afymA>DYP1q|fZu)pe9@@64lTG_M8RB!zaa{|Lp{CP&Sx;79-J-QoJ
z%AP0y$^j?>WUe2S5Ker2#Xz_t1x|cEc}8frP*JXfY8=N*!98VpqwJ7Hafu|7`kS5W
zu;qlcdb@V(!Z9P9zmZJ;T7iTbf^$7shy@`nHH9`L9R#qA{3#AQMQ`Kt`Z351l5I3L
zi*$M*3Waoo3sR8rewRo%{^sy0ZdpYI6uuz-pKgrfv}C6XzR&CVI-8<PK2dg6w5w~=
zHa7K2T{+=}_(c~pGs`q?<OccDEX=1ugDoUG$NI{U$RbP_1D?=E)*hgk4t9iThxQHs
zHH%~txK>Wh;<PSoMxcj#LUz>A%sp8PM`lf(WHc35BdFt=Ic^`fSq296<@grte2XAD
z!%}Z8ZigOD>p;n}CNYG81|YF?_*8>HvWkW@gl{soeq)iNCBwhOBFsxt-P(XQZey3+
zB3?Nezools1PrSv@1~K)xapJ{!{5f@;V#LfJpWqDp8pZNk0Pn6!YsI)QVbxQ_P}f*
zuWhYNa6UJ4PWKv9;VG|u2VS6)djA>wq9+(nqzdaV!Mk4UG<o&zIEl1fxk3#-^-<Ps
zYE+%OI;pGhFY-cNy-zOHx_w@a%C)C0xX+@s(kilv#0{GZ^}WVZEY`fmQy;s$D%;Lw
zLEBj`u*@{{yQ?FgWvNh|v$ADYuiN`b1!K_iRrdzUmjz{fszHZ8998jCL6@y<4h+<*
zlql=UOv#|(PcmKF*1v2V1a#;5Me^B-AGj7dU@i~rblF0H$8A@gi+<d^y_A(Z-yrUG
z6wU~`d5;KM77S9ox?7XLEtF2ei4E=dm^oeY>(a8J;T0>$4J&@gGb@|h*=tUMSOH7x
zUr1UEnT=h6+G!yohdz%+*@p6gt7zdal88&n>bGFL?SdbmZ(@=p5=aXRQ7kS%dTAj#
zv!oV9Rr_#z5$w9j1_+VK6GY4C<uoT|0=(KkDw_xhLB+4GajI&ZtJ(`m{exT|CgOi=
zek)@@c-X+sPkuJA?%?*5j*$E*^|-MdXu7~cCfiP`%(j)aBCkWwm%eaX?mc_v;mlaY
zyj#qG8C`j<^ZPVJ0(n|Eon^L3^<l-Us;(+0LkxRGT%NjjLUmq^rZgdAeNS!m!hONA
z3#Hc_`Xq2xLpYa^6WT4dc*^ZBeSNa=j#^(Rf7KEqF9Dw!qwHtf$yaDCMn#1_hL7!D
zRCrlBxip+BVX}FiqqNxqM3!RWS&K``M_YilXz8!6b-vqjFnMW_`lKALWLh79I(9|5
ztW9gToq?xX;{!TI<!Q=5{qbF~E9gKmP)0r27hgj^<P*5-BtvWwTI3fi7c=p%`c5;Q
zfD5QN^FtIfgLPSS6d5a&Ur9QrtE3ZSIxljsiW2}*!z08r)`agEq6V2`F1!*tl@66O
z5keS_?ne||_P09<!Xs%7y-U!Sf<wuWrnBHH%|=-3Hc0FUWK$+jPRB<R=Y*1G&2u7R
zAAw5Rsbq(}a@X~A86|s=jJz<sgtm-oQd#D+=(=$48QjK}fGEIZWMsXE9h@H{q_&zo
z0Llxgw2}Oc?u#!te9WuQ55~MEtwnG~W~O?58iy&x9lNzUHOZ(07UqK#Qo|OwcqQ2e
zLdX~3@faAbuoz$O=_mpFzC5|e!;T;ct_vhiW%Ug|_U?vSiRzxM9=|1CIL>`zVBypz
z{B8nl$2Jd#Kh^Q9qroz;0_1hBFGBo*!@B4?qagqivGmMPU1X!crO|;@<jN@G^R#vG
zwjI3S(&M3WUab>=^nAT8FSjIzID1t&<V5QY`u@33@87IrRrdPbTL`xO%L{)Wh7|Q!
zb7gyHwcxw(aGRvv-chRQ81=H^*`JS<?QU^-O`*J%V!Diz#yf@Q6&FN3zrz@&a}dVR
zI_Vi}8mv?cKe&<zskF5vSK&U)0{CtgIX9Mj9pj*EZb^lW3);2Cqm(;?{Uro{BI?Pj
zz|^?3$Rk|v<jT12<%fVKWLGZ+qSvc)qsegK5*;6M^n-nVVGuQ}KLbrs+4re(svbHo
zrxmUh8NeaOhNKsZDCjZEq@N(T5ty>)j&?IZPmQx*$Zx2v!?E&%iMYi3d~nm|Dp=>J
zQ+=OQ7dVA)e9&)IZ?)BNMOcd9UM}~3Ygb?9k~1~kt6MVF>M%iAC&H9_k-6Zc1Z+0M
zVAZg}@iwtn%NWoeV@+*)%d(BWDhcMCJJhP@%U)5g*Z^?a!JVwwx`#?|e6%R1yWw+b
z1&#*?TwUdSQPq#CM)R}O=PZcUQ2^rCRpW%<8b$-1&EdPeYQioRvEvWvavK#RnRJnG
zKbY_u=%@gg@W5z<Idn8gOhX{T+4z7z@rY{pc*vN%R7@mviP)H!DA<@NxR|a$igA1d
zVoYkuCIn)?t^+;{v&|*t9x?CoDMSzP<U>&(*#xNX6K`4$?~A+7sIy-&Pq>gF;c;gd
zCD?ns9x>_B&J&;!rP9AkB3u_NY5~xovpKN7x%v~3c3$f9^42=;V^i`uUEqK^h!4`Z
z$H;ko#CC`70AP0?jb)5|UUC(Ijh=JUp?jtfha=hVQs}k>8vRD8%+bw(45pEK7xut{
zT8ccg?LZ#6vpw{=tpN&suoUI30S0TPsG1w!n47u+W<cJ;ia;{L;V4$S0!ApGU~iyU
zYz-9n<mk3r19*-0y%%?3D}bV1*c-%%sv{4-!5eY9Lxqho4LIIRr~_-j;jFaD?Q+P<
zsy<6Q0fTg=Xl`_mv7mG&=g1+oQa7oNM|JowptMGxz*;kQe0|and7f6+l79_;a-xLe
zUl`lI{N<s|>kwrKvml$_4|7FyHPg+Hxkpm&6w1GoG9-px=BFG{-CNi9{943q{H)jf
zL37cvtVlfHF14RgAqjptVyJlj+A!=BwV4zXkwXSRey02Q$R}ae_F9h+Yq}#hAy!MM
z!sNH%{KMpu!?aPqV(4rB#M6a5C^IW_`HB_S2mCO|TlIH(2@}#i<`4~WH<j%bus-2F
zO}`q(bNQ3n7IKHs{RLYyr%&$vlv~&MX)9}e*<C$Ng%u`-Sp(1ZVZ`q#BXwu<4m0QN
z1sk9xuAWn;E>i^D75PJZ(%7VsOblO#FJHo(ULZYqDPyIcm!;i77X5(P?GS|qM@H&W
z>v6)RJv{g8)%+cf9uK>B#qgGn2nI1iEImW}H)g?+r5BqvSjNGT*5S6RYPiktpADH>
z$MpW#V-yFgsVZI4ZTn)j=9|3D<rvf@Ew*5MD2JGbr8?I-TxLyXxHBqO*oB{aU*|G^
zFwx55yHz}k4x6vRF*GsGxtAc?GQ3}xLq7LG%@&#mGupWsMQ1Vc^m@vc7<;sHep;Au
z*5_O&3LujF(vIkXF}Q#OMK6OjMEKQc2IdQu!c7OYuPQBQ8C~9jdD}7O#t1rL@Z^B_
zBPNFZNQ2yEO@~5zouu1n?gwYZ&yydhFW=>44Qb38G#a`JTAa$Q$WM&sm}th#1rfJZ
zB5AogQlDv)+k`>}gaWJ_eEyqZ5c#-aehkZCZN<+u^5gi6X{N^}h>y~b$xg?2*C<++
z+DDZ;yu!Tfdz#z}E(jON7vW+1*gUM9{2rgAT~Xo0x$-9bXs43ytLskk?c{-bmS5DW
zrqe9C1;4KYunYKJ9x*Eo5scq8Q`9MhL0Pk7%!V5o0?><Fjzb5RxAkrT7z4t`e!j|y
z7F}b)`3AVR1$3mOPY(877T4?k^U0UahwoQhH}1#B*;Dt9k_HzHkcFklk{AA%S<wFz
z!k~jcviP#mgc*XA=$%mc_^Zf+Bcdtyk^U?w)n;gv#h4~C*HCPl?wsl>D0>?@vqo$b
z1MOWnU<bb|0@$}*#b+TsvNsr7+AvMs476{~%|9N+k+g3P^vkuMx|bhH8vMM7*+rK_
zf*Kl~z5N}v8jpA;#Zi;JKD_G)TSJE+B2}#3+=z4zBv+yWL`nxDhM_`oStD=&kvIZD
zIK18hG&qVd8avMaIboTZVG&No?k~si1SE_u>kh$gYYwJoI(Dt_l7L8>&XH{*A1HYn
z1mW2W@|qG4w*7x&8J3vP$A4UL7kXofGP>7@NA0>2>uLVROw5t|?uKVwaJ$@I=gJqO
zb7$EjT{UE!!<KNMD3%*I_Hl0lbvhaO-8C+1`nvCx`HW*qj;(Aw&a(7Qjm_2I#HG7N
zbRcQ0g=1H;7AF!qQ7mQvvL&pee3S1li1`zmZhgDp83^qk5VJ7|#JXDU-#9}TAgir9
z(B8{x@$%LL<xP(b){c={a9O`}S&M906^=$y#@xWdIx7=n_2m_ZS*tRaz21BmHhdAU
z#vyJH&MoXSdC{eI^S<iOasJOihg41b+L$84LFceD0*(%&WRMkDo%xy@cOF0%m%~Ab
zxUtyd&@mR&HW|arkPO=+q>`?*Cnqpg7SWu?IlK?CNZ#2Ys-F6#VA4uF0BG2wwaj1A
zZG7(u9CHSm%3-6|sA;u_6<l6)hj}cT+O=Z+y`{<r-7kk1=UVC-{9|w&`gh*acb$u=
z7qSaO)|JDBz^qK~;UqLWV&js#u}ALXL=TIUJfT{&8f!u$I(!YApLpcXf8)S9b7@o8
zhcX*NoH!V<_&*CUVz3d4{t#k{517-488c!<&8Bk}W5j5?l8Ehl0iF>CEGGgn<1NcU
z^Y=Zd0rL(pMy&34D@H70zngkf^yTlxRCZ?LKy(ziJq$c0SGf$8w;d5ETLC6D-*M1d
z82eE9y3zvSE>}j3H815e({CPKb1;zg>>2~?B;xo$oP#{>!`a)-Q!r<P3|oOL7*t*i
z@58HxMjGr&<{Dz{6{eORUjZ=IJ0SfU8Tzb5&C8}v#p$zbtY2ak9UHa@d8N}};pbw`
z@TH;J5xp%4tHgT1VixbZYPK_ZUGGgs>IE*!TGKCAF5|d}>zYG9MLm)1izg%(jyj&`
zs`tGT5Sl;lywG*x*5NxZ)UvLnP^=Z>dm@c_+7wPXm8rr}*W3*Z%j049=$9Q0QS_dr
zUQgRQ))ellKBeCOfRRH({t64TqW<L(3&AXwg*A+lsnorx3P!RF>K-A}803$i<aJ<n
z6&nKf-7ZqiY;5Xp<~~jsNytkbNeJ*1C+3z={Yxu*9k7tA76_{_XhyU(vO=>uPnSZr
zLi@2bOfWtZ!9?@b{04iXeY<!hTz#WF)GOOQ2)-TKY+68w#7cF?_E1#gE<id}oRxY+
zi<Y@0P=}KmK%M?lhD<#kGJQuDU4e`m(5n_rBE?b8P?{;{Mz<D9=?{K>twAV;(|#}m
zZoDS=Rd#8=1HLaeQXNe|O1pdGX$&_9%-FC9RPNp3Fcdc)`%_iAwqs;!yzzi+*#aj#
z_9I5;g&8=!c;u(>c*5P7#^-)z64>*@i~QL=Bov~n2s*E5+XNsnkA}WbeJ9NV7@JN6
z(QwdxCy8{m<o4<XC0O`<v?rq|nyr5bZ(c3z{40rVfYDpxnh!i~%O({O`Hl72&>e~j
z&d;KME9^gCUnnJYwzALa2Ojc(U#N>Tw$UOG9%BL)>EGp^BNS`yWQ8F1!~;=8?9b3{
z!jHMBXW>M6jQq#MeZ=!#rS*roOmtSb6L|EgbW((R>|x3}&IXcvsKSwD**hqeM)hw|
z62zu4lBpyd@e?T{2t7%e7lPDpXda4;APpp`45<T~+B^j`r*aI^g%Cd^>-|#)5a$v(
z0=1AXZ@JpplxB9u5s+*jcti^G%==tt5FAR@4|+R&Y-Jz)Fu%9y26L|o%aTc&t&P6a
z<_F#B{ve3lcm@%%y>L+^VmA^z5Tgm-2nS2Rb`$b$bNINAltE6T_?Pv2`dyv<#$2fN
zWcKm(t@*RNZKWzqP5br<$={_F?ajcc4Mg82V1R@N7%AxnNkXPi`i9FGsj!^VK{eTY
zkN&OpkxGGhV*;zE;`=ob%q}sp7fMo7wkfRQ#5_@%O~8o7wEu_&J>dSI6*yu6Pf(kU
zX2yorR;VeH9>K9g@!TxcrTMG?8$0oQ*k=`Cn2KQ*A?krff(8nN6cq>>A=(=_P?#@h
zr05zrz;KOcw9R4}VYuZ#z_2fPFoa9sNDL-odk{DhGaWDz1JvKa*QRKcjvN8_w?OKr
zVVvORPsTWcm4Nv*FvJ5A5#s?z!UhJ7gq<W|4Pz6&jEGI_(1O&TeX*`71#<@`B6n`h
zNL1Dd^6v#fRL1))!cgu}wl*HatS>AKxnJg8Ky_<EM)f(WwC?ubV2wYE9viYAc2W=(
zf_`!7jTE{;0*eHZdaQr>MeqO|#(R(?4bMhYut!D4q>3QX9J?cv!UQ*8iodN=jn8ae
z&^I%^bJ&mR=UFVVK*99S^nW!9-eIDgFz!Uc?NQkzd}0VBZxyUTF{4#e-uy`T-x&_b
zWL71P3&<n<o^plK!A6!p0~ecD0tf)vX>0_d6-r-FO9>xM>j*&P=f)V6{J8e01srW#
z{pUS0|H>T&Ha^iZ|HK;bCMK`|kTxMJG^!2HLp;O9ir<0zOmbt9&CO|2o(!V=NWSi_
zw)sCj?mzRcw>};LeC5~Y{%^mprq5x0KolteyX5!v{`v$&lJez!cyqqq{Pz7iwi9Lj
zZSnbfw`q5?>vlkJz5R9P*O2z^FXp@(7tL!aw~HUqg4z^w0i{;#*fU|(6tdj=8>bkp
zW2BO(DzX}@1sB(t^8(D#Qp{L<0(FR~oJRgR^yG&8`j(V?N+tz`7;Z6iri$=~jkSTp
zHN({8ab^JybG&w_!x#e{=0Js!W5wS&#e-#{l?ZIF3J*jn+=o)bQq2!bAt4U5%!Oak
zl|1+vI%On~nXLN%FgV$b%yhe{Lod*EG@OHE!OA_j#li!VjDS!`f>j%Ox`@%P(ycUp
zVCqh46!g-eh9g;{jRVK+ZvU|v+o!U6^oA@$C?6zFJx6#oB;shmsoQ+-9ej}jWDl=_
z5aZv(<rvJ8LqEG}2}T6)hk5V^IkqEm)=QLkobm;oD$_V-pPbGe{T;)Hmjo>%qdyj`
zOB}zR{6KZt@(}uL-#)*+cG>5pqLX!c1R<r?Z^&s}75w3OEGr3twi}sHYBZt>S9=E$
zp+>9GXxsxQ&}uLrTqht}gF~oE2Ps62Qi~1?O05q*j8wxpJ16%|J?BK(*%-+@*W+2k
zVdV-g2VVFw>I2`q|KEwCa$N!O-wV8L*&0miPDV{%gj3~pBgI@kxqs{iB?}qc*t2ah
zPYM%C44`TSwyNZFQuw!pW(D-g2p|?`3(QaNjPhGM$%j{vOR45|x~sgD=HzD`^RZcP
z66w@IEKwGoBYWRXR{6a;1KiLrln0g$y}xo{h#yi6nnvL)M{A{&?XP+UteS0(cLs=e
zn|eDQ8PapXx#vS}*HHMiQ~D^7=n1i7fXkHtT+XNeGyZvVxe|XAR%-dOOGsnB$Y?3c
zQ21bOUo{-zyTxcfe~jnkytbT&`S605=&ygWL?tG*k5Tk;qhGZd*_+;hc4yMh36Ij9
zTD%&?!t+JvnHOlwWul1pJrKl0IhYs-VqtCv>Q*v|V_{IjiG^`6MF7_^mPY{B9ZVVn
zIhZ`PnmCx&1l%vN;DSygi1!t6FwwF<flnT4JzZF<&w%eD?ZG230O6sh!^j-W%Z(jA
z3itBt+PoxHEYgP>xG0dQZ4lW<Qu7a<rHlsU?XiN>B>E3#m7Beks5mK{vEqPJ$GJl7
zNGk4l%rcMC<O*5MOr!z}91ZeO+yy3~h@z^jxwIWY>;uhE5LnKMCu3-le_k#9C-6;t
zF1Ibwf6U2=`=@6uz|{zzR@t$1P<}sik)}+e`JdEKi$#Yd0YnP+im`Kh+^r4Catakc
zZ;H@`!(yLKh=1k19qS1*2$>>L^gf-Mr0Qu=C+x55K~<Hm@;;Fj(dAjBEfxPLr5Zuo
z`bHfw)`j}Aw}J7cc)SBJ`L=OW`VId(?#%=Sf2dfq?g=o&K3=?|^l=lg)n%U`<otKs
z8+qY!7+Dx+{VRaU(VJLDa7-*V+A-KEwg$T*ke#eX0cuT?gcttS^-tQ{w``05f$DfH
zN(a^Nog%g3YW9DB$Lf>lZ3tHWq|UVNE(W&ll!unK(XWt#?Dm5yM3a2x1tWRS<@rM$
zE0}!ag(C6X8N7`w*mq4zk_?07OTYV6L$LeATcg!?z5egNtK{=XLGU(ro`sSD>~x@p
z{9R3c#c)SOv;Fm7U<U*7Pzr63pV@{VNNbDvC?D_aUsLSb2*UHuQVWxZ*Yf2}fp1yY
zZ3>9&?8Z)91Ms7fmx8H~M!53P@sFX+XCo;eq&2IK9-Yc+%vG!<ne{{h@DbJQyCNHs
z9=5#D7N$A5{T@5_)x5vY+TE(#^X>o<p%B9-IW~2a@~w}^J2`SNr9M^{F?3{QnZZIZ
z2L*+&r+cI7a=$OC?a2YTACR_x?w2jvRKZ>4Zd>BFWpg#A2%;z+orPhi3G=|!BX@Yp
ztzE}&$ryhaJ52Q=3<Uf<O?LFC%QOm4OGAw<TtSxq4&{>5FN!P$K&seBjLV?>|BKw&
zD<6rFDDN>u8Ix;Y3Jfgw&i4e0j<5Nr#6785UFn9H3@HRp0cxA$nzZ?Zl$LbrkIKKL
z&7c_?7Cx&DD73F55JHjJ(2)DQ@9>|(hLxe(kSO1b-V19jM-=?E@vUy%(*R_enD75E
z_g1lO#?Sg^n3<Uw8m5MsnVH)#rwubY>@YM84Kp(*4Rac1ZkTc1p5HnDJ<?vSw9;O@
zmS6jOk;v9FGoH^p(>9+U9OMMF0Kud%g>?U5(v((5XwXheA((7?h7|@eXP3_KrNH#^
zd|6W1p=oz%a0e0zNc4D4kV6O(V|hhjuGVU8hP|{+v#$!YjMlVh+@(d721=S|Wz*$n
zkJRA#AY5Hd3(W*gb5(3_J_F;m)yq=!@A&;cU<R{n#E;sS49x#VoIE+RFqd%=2mB%W
z{uT?g5>UTI4$<6q$<arg*#@q7N0in5C>7A?0HS`*+jAHHhMNoeT%IL!8C?3xYxq<r
z`Q6u0?c0uMG^O6s?`WUDVrV^(!OKr6?i`Vr9%snDCQXRk4~`=$Q*1%-fHOooCkA@%
z$nvs>5n=*OLWLs5v1C2YJsOfj=nrIdNIWsp<g*8+FCT!iSFU4;cxk;8-U?#Kx6b1?
zs?j$;mRp}Z4`m-a!=^to5_7;8DW^i#0Jg)raAH#>TZ7_}rm;gX#Fp(hNkuksCzY6$
zQ4ISqQdZ%|1Ua*Z-y1-@=W%ksBx7-q)u6ISgV_u~lF<+BZ(Qj>rpW&THUp6T7jis!
zt>EQ#s;ma{y8L#&wq}ciPs*~rm5>eIieKsgjtjby&7Q4zqjxgY6iA`f6h7h;{R`8&
zu;!$DP8lzm25-LyV9lkPJu@52vAyA-8MTM?n|OhasQ`}Ei~Ml7m{cA8PbI45&7*bB
z=*Lgc`f^ePUgv%;33Rrlo(2-DUtmwj*>=bxQ*t@}Q1|d;KXDvfo4<w)5jU?2Pcxrf
zKc68W55iHLQfba*XO4|N6eYsn8R-e&Wgo%pHnWZ8Wmowp=xCtV%?v1mdD#aNW)OBp
zj;t4UMyw#W8*O=!ifLn`#hop5Kmd{y<f@S&a`|&l2gRBwMcB<RujebM$#E`bM^db}
zxd|=QQHBXMJ}uY<d7cJN?To4=ju>$91$QJbnx`@z^*<;|rCUG8odp=+zb~=*P|E%|
zWSisczWvvzzdfJ>6Hf=4{3ODogC<d_4;tBF$ec_e0?*3DhlZMXmT@&73#n*#kJr+A
z8T>nymeBCEiYoVdZ7sGU`;>_0vbTugYomqZ{TO{p#s5&44JR$Kxo}CD8vE`oD30e;
z8dzn*LRjJ_F0)-mA^-5C4A*LMygYXJq^%b>c6pY{<dG|TmQc;Pvuy7~)zqm5`M+aZ
z*cOP60m%}Un*bl@|7Mf|*M1~*n}dei&cE6+u!o_V&sHqGEMSe@oIE9U@sl-I5gx=7
z`OHYVKg6u)cL$QqKpym*$fJMpVsjK9kp%(*g98)m@LT?om{40rG=fOrkN+?wNT=e_
z@ls4gd@Q5#*Ze(A7UVuaiTu_#3uMGgTR2MSVGO0GYOA_8AWF@h5HnMwZxI9a>pOjf
z9@X{(Ui_suC~Wh>sP<i`g2WudPZ<inJ2hT~{h!!32Zd}tG}yp*JO1}ayZsQ3;dkLv
zEE~urfM_N-(HvAva#MW$&%zVnr=pn5<g(fK@Xv`&BFWNRaaCC*?ID`)CobQ=-hP^`
zS(;CEDY<T^(1|+_+GWG70a0WoY8@Z(PPm2TGnqVQZ7i)6p0BvRd&BrUaM7-{V}rgt
zeF21M>Zq24ODtxh(VQ0wXy^aOg3ZZmG2766onLEx>IvlD84_?i*|d~IYw!YpsYDAi
z*Tr=&g`23ZC`Jx*tuhnlcD2V?Vt7B#>ks0VYA%qEWp@R>jA1iRm7IpBj8elW1}_wj
zEEuWin#0$@O1yJ^?q$w;#$$o~K=2z?ZOb&dJ#J|4y#ivO+uquhN^Ac!@2v1x<HOC9
z3p)iifXq9YL)o$~VaLs%U=lrHW0F7=6HK0Os|v`xlR^Mm%5H^_51;P9yS(h7s+m1l
zQta!i6*6BpEhjH6*PxE_q{b6I&SB446afjT8zd65FEn~zaNka%$J93H2SIp{btkx(
zGLW$MheU*H8@Q4FQ;$j!o>{**p6y6IIK5o*vvy6arMZD9R8~b?;8(P$CV)zo!Ns<_
z$wArY`Qbn|&V4UcQZXp1iCY8yez_c5vY#a$6;(S4&j3=5qGW8hX(Ykl6v>cZjLMli
zP&W2$>LdSCWki)Nk8OVj+YF<OYZ=265}-TKAQanFydyA&jPgd+eBnqkhjAHWRl*;l
z4(8QV_@t?aciQe3%wVG`&Wep1R4U%BA;9ybpx72?X5=m84WO9(%XP{zUiDG0{o^_X
z!Kp*koe=m#CeuT(J!JZ>;}dz?q;-sJFob!y;(ggLw-Vu6dM0k=%+@SS#C$Mfqqm1b
zsC4p_chDp;vZ+YzsZ9Z%7%8kdP&5;?Y@Dy17HY3l&r~p9oG=9vRUmzdZhWwIeQ3Wq
z_yzf5_*IiPO#b3m6g!^V2dgOS&Z`dHEsCllqgrr>&I>{Nw)y}&{SaF3dXy-h3aSUb
z^|_$N9M%dmgKVC?BHd;HrDS?nm}sCP0;KVz0ak<g*p9&wR{S8%$B58k(qkh*(E|kr
zMm^`B)j5y4Rfj48uCrWQ^fF5UXaXr!;6ELUY{3Xn3IIRdkVOLBka_p^NRJ7~3?b1j
zpBZ%JmjZ}E&kJou#!_dwa-l<(s<uISJ?L0c6}U!ejwG`D{Oab;{OK$nC5|^j{pXO&
zlHw|hYS1t%+Xy6o@djf?GH7y)K+0z0bIIkk#r!6qwR9g9E_}!Um2EhyeZ7E742n4;
zJI?`R;!K1;^-sYA!JRGQY5fKliJUERMgA&287N^NXpw?(wuqoCzy@jjT-jj43{0Qx
zk`tbSG7*0G&PdJHEopRBYiApQ)?J{dWJ|CF5(uup-G$Fex7FJaqI)jMtRw+yW)!(p
zpa4Pu22e__MaN!(b9k&8hQqmEfz@6d3+G!&2(iD2h6{jB---Kqfb*Ut9EvycETWd_
z4swpM5Ufe`@L|6K1J$;`xfmmus_KsIM$voVGgL*UE8;kLniNLb^kJ<n8;!Hl`ud4w
zy$|Fd{x@Z>Mf&)qJIieJf98=D%VRU403xljnnvNLmj_B>l6lX&;%tSVX#bo_%4n8W
zxmWQ$5Cow!B#OXyDbv>9&gw-HZQiTta7~=I^5DBaDYXA{{TFSzgwc`x->&~7>#|S$
zO`6VUeoe&`=8vp26JDLhinRjO*~-W5kS?cfrYNKT2ADTbgwQ*MIQhl{7g8z4Z_PHs
z;uEQ`Az>kDEjgV23q$ScRPe%sxcoPf46~(>n66HX!%o+s^&~l3ZbT4*t(@BPXM_M}
zYY9yXA(lGp+IYs|g__vp)K^c(=0#3Z?(t0>tx=}$f(<0<dy&S@Ncka~1tOr-{WTj7
zl)97WS%8!ur0dY|-51si7=D}o{n_?ipi;kXJSikX*m~d$cx5<3D+(ScHimltWl(z}
z=(OwT-qWpL;HR&%*<kNf4r!{tI3c(yBI#amDN>d%Nq3&ZKrH)Ag#uby@iXVh{baQ4
zQ0o-XPCd**8h9EsrK`?ZtS3^&PJh&8=vLA%gkXbv$yjv4)9xt!ay`}kFH>g7lCOV$
zYc6$~FT7=ez%40WsS7)AMbEy*9Iy*FGuA)<A-AZo%*ar&?PYM4yIfW*acL+E$1za9
z@;yTD#d`&J1jo-4T~DCLEspmpiIP|IS<q6MBTNPKv1gq5UaMfqqo6bYCAW4f=~k$&
zZvT>7I$S`9mE8Pk8$l4cRmJgMTUGZ|f30&u9=S$j%FiV!{yTMmY{1AU1-5)Ojy5a-
zNqR7`?9vNnouWX#Bwmw`x-RxJByC(=Y~R^9U$zYa4%2wj{xNu8MdT3zBpXp0`DI+`
zF^#~kp!89T@ye(Mw%aOWxGy`<@tGgls0?{HwnwJ=_yVtGlvBY$LOIv8j?8Oz-0$YI
zk_*z5zSyDXng*Wd3`xIGmsQpO;9FTv`WA=+OUV<i@UBd*s$$P;eMLeS*JQ1+NU@4J
z_E(nB4KAcmVeaX6l*O=Rb#}jkx0!i*W5Q$dWbG9cA`?c2vNC>j4Ba_GQ&rqi8lnle
zOtJAPsjFjmiR%Y`4DxpGp$wnzeh9tEr9=D6JCrf4?e@E{RB0@OkzZ^4<+l(BPb37Y
z;kF&zMgtfyJraX8p(YnwYcYq+Wn{tgnDRRU&x31HGPSLwHF_j6^(`c5?iu}ngQP=&
zZgz(E#hk6_OrPWs8Ti>kZ?vr4vXl<7lFDsItd&&WE&f?*24ZdzmB96oaal$pnLq~S
zZ4wou*<WWor;P@Hdq$vNU-r4o=6@{;O@iqHf5wSj^bmjNB*TyQKSGadKlo&vB4D3e
zR}QO|von)7r7_BXGvVn^17pO-D-mJs@{{2Yhx>PD$YurnsHCUf#M&=yyp?wZRYc4E
z1pk9@3GPcUm2^}<H+BJ8&!GpW1dj-s)#<u$l|26p=^4%$Ky?m8t|cNrKj@c)zaNa!
zpM?*hk^GhuMmaYP8SLe@MtsSKFa6(!nnrRwF~nSIjPMB@e+@M)#E=qK#wV<{4mmh=
zo{rtB*FTj@eq*LB`!9&=RusNet^~ByBE3S`Wu&2fdp;jA<1eeVad4X6xn||1*%A<v
z=9dl`r=?9N^?n3;$LQ#Vl1(N=e)H|d1vIJ`lzMuVg_Kocs3tf$(my)UJ1wMdUuD~&
zke3zf9eJ3RF6J#>-89tT1hX0r!(HRdU`LGPZ_I|oAg&OECndPg7e6)^(!$wN^vsS|
z&hYRd<M$YN<^C}=LzPj)VVYumkz84wrh9m%i;Mq<4n=~W1h5PDWG+OU_BzO316@i#
z<mFN<6Jy@O>mB!<Xsn0z3uB7gW3d?Fm*{povId#&Bc0qm%p8OsR&T@TN%Q&Sql^*c
zTLQ7K;R!M5#di7F&ls98F&r{K&i8-RdTnGzY_>b;ry)uGYXFKBD&3Yq%Ks4e?1}Ac
zer^-fZd&filTu@wc;T8l%1HQf(A1*I%}<hGAWh*U{XwU(MPfU`0dp9`_FZjhX&Qud
zRp>=9!o^N^3d0y}cUhIg{aLEr5D)m&<IsVA6Jsr+!9E0rlT~VmKnhE9I*(;^9JHxh
z9SE27<GA(PT2?4kp^iV~HuVc>ET$VCtV;4Zy~M@&Y!3ibEbmq~T@v8=MerRX6NKrM
zhwC2W4q#ND$-s=b4W1ECUFn|+Z$)KWy9ndpc%z!1h*rFs;CV<iO^DySApG5?)$9#i
z<;Ib|IqMEeZbQ9iX#^zk@*VC`7s-6f2d%RxPySJsnK;%56yz8If*}Xgw}0mQcwq+K
zw6+gOL-zl`ckf<aAtxl8wz~ZujKCplR_e>D)=`RAEiAUKF|M#;-T~7u_XY2OBC-vZ
zv(DYUB4qS=Naw;b5?8eVD3%yeTpO7;sxHodG;+is#|l^?@v0Xwq3;`xmoOTVK%>o(
zFkqacN{qnN^v)s0rGB<_W0{3=aqyZOI;R(BJa(I&Ro;O^Sz(O~m=%T19R2FEw*=sN
zHYwuG&@7ph=*anX*BH(=iI+mn8DV)GZT6e~So6h+Y*#1cV23CT&WggE#Xw?cSaxWJ
zjx)b-;ZtFYl9{~WAF;yoEb8Y%@M*S!_V_cfp_I|j(}iZgzWxyl`aw#z-CR^tXtxc<
zoy;{LHxIeh_w|7-SKj517zQ}`!U3_>DutZKA2Ba<nwclQu+=Lx7##aTvzzHp(sATo
z>7-#SBxBL6y>5{um(k^DqV+m7elz^?D(}<QWtS5{0(`VUG2KQDJ*zXt;scZS_XpCS
zD*>cy8`m|@^S=+<w0Pgud)KGl21Q1>YWqj0Q%E7RY^tD&e(`U)D(QVbkjT)bj>@#Q
z(M}p?6?A?oT}Tst<J3)unEy2Xf<v2O3)!cjX&ldBuUDe4B=@sKwcSxCDL4nlK}dv>
zc3alq&JTUBt$@2NAwyYU4``0DM#DT`XP6qCsJ&nVX_MjQMfOYTnWyEq7*vknF3^p4
zWyMYmuO3nUL}bQnvxmj0zow9v-Zbr40&!21yZ78hP&F^stT$t+QnzEjEndE7gBg$6
zP4ISMYaz#BD{@f#Q_J?ajD{G!-@I{gTch^;vyz)OCB^;CEAn29Mp&q~sj&PD<L`c=
zOTN|q#q6B1cM;;oq#l3xyxyqTbZEiucC_#mDKS~>#%VKx#*>QVtUTtsge5JMq#PEl
zO*bnFNA554InDUBi4j}tA{OjEV7RO9e2<eXg$X;a6G!_A+6Lz|9+#adzt-fq@|xez
z5UbU>E{Ls?&azQ6H@>PHprvO#GVMc0^)7#?Hm<xDVOx68CSui(nCXp`WXq)R;?k-r
zNwxW8N#OHEs!PmT?o(y!l#OSFwDLuEv)cPjigLKA?H?76%*v*eBr>Vfu1k^FA!6>I
z5>c4bZkNi{<;cbtPOU{&_9d7k)J`CgC_xm!*?}8NaLd;tWlZIC2ie-iC}@DTWxRXj
ze#WpTHzJBkg2@k!)PS&rFlEQz99$~g5c6?AVJ>78MIW~N_7$^poSv#i=a@0b5h?yM
zEH<$Tg~EDpecE|)34C%dC5|R>{u;Ngei-LyM^D_qHs<zb6r*u<Sxk*lGzf<XHeL5~
zu!uo$EHl;I0ct@PvPeGAn;ZU!L$N=OxzK_;G9$o_oW48K0jVw&YJU$#Mpwgu)SO-Y
zJQ633a4W#_04Bl_<fT*4(VwpuYqt$mRl{jRSDFxOo!4z2!9znGT4CERLQw!Y($*BW
zceG5QyL3<EthLC6Y%_}JVTe_SeNfN=UPw$My1US{N0#0AW|-1z*pGb*w~v58-&byH
zZyJ8}adkT42rz$|I%^hG47VN_la6-`&v;|0?C3&0#S9a?cU6c=#ROz)u^z4{=*;y8
zm{90EiJ&f>z{@W%2Nyh3hV^SP;@|Th6>Ybp_?9i)QK_D)muxQC39Vc4IBl-(6%$ma
z1QC|fHLsx((3i*&7E64C_1TC#!`z4(fx3@%gz2n3kPPoCaqDI9c-Y0?&~*K>m7++C
z$Sp@e_nG>>vI0M+$_%MiiqU7ILiO~7u(zt*Nn8ZV6G@SWwKVBy-zdhDuSg;PqA~E;
zYjwBXQo(Df^3h?MpD+yLUaR{ZwwpYdI66lWfnDy(GX=_`!JlImCF;R)$eYzXX4wPs
z+kE~u@)EB<)$F|QN{UT~`6n%#tjqVl+85FI_(ZJf&o5pyh4hcz&*K?=dprB*@js;=
z)aycv9B^{C?Bt2<Z%Y8U4~Yw;UaaRFXrwfAd-wom=;A0c83DI%xPqB?KD-`6<P<<2
zmnqoQVhfn6Xfv3D*!I~EH%47egK__pgmzrMX#4rIbK2gNXzjC=<|Z|fCI}i*@C4_0
zGA7}gPQ?}=b`u)7n`1{y=R<~9Y{y#4;VYcGI@>M<FUy@^h?gyEg+<uYna+{ruaNjK
z=)0aM#>b!*f*?<GY>mZ($8K5)1Jo?#X#+P%qe{o%$QnA4(}%iS<3|xfe6Lh7J2ZGZ
z)OEIQ1i9!wnW>6xe`I7g@klow11NacpQ0dVP?As2?#6ytE@lYO9`ecH-w-Iqtr32k
z+d<|mq3e{Gd0|q7xiK2u)SO#ifxy4xdA7(oboyCZAkq)kKlr$qh}{jjk<mi|BS&b}
zM?Gd!c=vefBlz2>!~D`JewT1lFkNe)3GijLUq^OlbpGEJ-mPbqO!1n%TgHfW$MKFS
z`k5W_EhTZtW4o`5U84n~`kJosJ4@3R$v+irS>jg|RL7{kwsGZ_5U^1}An^@=cT>zC
z{kdqX%`vBCABOyLmey9S?-aWHETIBgo9ST}YQze?|Gg<{BXZCW-=LzK$0wOtc;nle
z3nn7#Mt*-6p&u~quJ|FLipV8tDe@{IrUR{YpBQy?=qCQf@aIp&dFsGr3*-`w?NOp3
zVW!8#tY-fa!HYHGvr@$NxQD4D%z9#K&QsXv%C|Wz=NWA*jk*<uJ;b=Ug|PJd-uWTr
zXO*V62?#(YYVPU@eL?8O`)|)~OUEyoh<!<p&#eN!EIKKTs@H8^E<Cdiv)>AN>U<gS
zH@?WvJhTCCNZ$dkLy^Z<qn%#2!(D@4TFnu4N6Xv&t*c4X?X{sY-ljhMt{8)`>1Y7Z
zKcnO(4-Ljy5H#NxD<HA`+MiFOY-xnpj5O+)jh)gFbs;i?S)T_5%NdvOSd6=To`$Qt
z&p%$S_s2Rvy1brFgpJ;YN&W9mPCp*|NsT+bo?e8zo)^Y8ec!@2J6|>LT>#Kljix8s
zECs_}kIu9ZxVX5+XISNvI{n*|0Y{eYxI7=F#!gSG`{gWNaoYFA3sQ@uTC}Ik<1I&g
zx47+WG;wBPTFtW1CuS%+lHUo9nmZUo??#ryL4S+K9cZ~+w~l959WjG<21>UMEEbZb
zc3nb=mQvM%L0Vv|MrP)o+1ny?dD!B7f9gA#yvI87#z!Tlbl2*~%Yy-GH<xC)P9y(%
zAfz*!BV+M5zekEOH*)?j_g}1*9wbvLySj2F22c7^tE+lzv>`Lh!0%|>q`AqAjJsZ*
z9<;svN!qQ3%i`lM4~C5<5@2&;=?D@LNhE!v<)O<vJ!Tc{T2+Q9v(C!GIJ~Ss!_Shq
zyI}z<bQ0g2JD1%ia?m8tPJP!WzvNbFHFM2k)wG=%8`SR<18;D-<~=V2W7JQyb)u9g
z7AmQaIl*+{vGGP))l^2Pe=3zsMM*L`FtwS1y%R+5ND>&_TQq=4JR9lccbF-UlED84
zLa&AF&G7x2Lf!kJbwY}KdP;Iv!%r1Qd*|j1jnCyf$1A=Y*}pd41)mO{b8vchb#>!G
ztwz)M_=T;D;QK4kQ7G-u>&4RGd4I)|nQ~|j!rlCQ(<MrE_JV0q#buQ%`KdbdAZN?_
z1v%qs&@*Jf9csXt$a)Rtvr>O>3yxam+GO18(ZIx<7}DHT#2V5}?|}gBRQ7i%Tb`zG
z6SEYZPt2LhwkZCA1wZks-#SV~AL<;7n>KwDJU8!fS6Qxe;SMFwmC7!SPjV#?E=;n?
zL|Lh_sTcrMRGJh_L`+Nwg3}Kdq@E-Z%fc%HaJByPiC+hrzgB!#SyNCLP%v?UOi-iR
z39txtrJN6t2w`PMlog7A&qf4b4G%^X<oCyEbT5kmBQASX`f4m7D59o<m>@{*l@Z~X
z2LoiG;SdCeLq1?(-U}!q*m~c82KGU|qUXJ-iq21AILFGE-J)!uqO79EBB2_#98n{p
zOvSZI1eG4E_^>GbfJ5y>eY}itdf8Ha6*~)_p~<dX>hcoUD>Idk9iR;$irkaA-HxJv
z^Lp1*>%6Dorv5V5W*GOvNQ6mW2-FV4=Fxtg8=-BDT$kLCBz@$8LO0g+_+ef}9jpf^
zuWeo*?>8L#6$kFQRM{6nW$j4X?WHj#tem4ids2RR>+O04uH$*JFv9*OSZXrL-+1HL
zkvM-YxOQ-SxK*P2vN^C#(AeCBTP6!@HPZ{>|MQ+mKqPI^Cxv=MjMKvS53dY|l$ARs
zFJUmJX$4O7Wqon^F<{AS={L=2OZxZLF%e?}tJ1OE#xEhsEdm=CaJ5q23)x785q+1`
z9ne}@1|lk7|6G1r$umObK23BLsGf6*`ksS~#tGw)wauIssHW0o&o9=-fTPlcjeGOm
zm7K@_{Qw29*v)xGpdx8))<%nD9Q+5KbTvV!7&!YW*Y*hsZBs`$>iBa5Od;wH`BphA
zu?hR~i9$PCYda*>GfBnRAsbc2K?CArn4E17m)1&GOxa@tV((-j8x~upTfm>=*7as0
zhRvuaHnf6Oa5Fb$aJJ9JWKyZbX5JLt42E&#C=P*BxT0?YOK7V=bWHpv7$$q;vyq$L
zY7}|wM*^?<+K|j>gC$!ZI4%_bsc#u)Z3HXQDru)+zESbq&5%@k0^n48(ctiW=1$pS
zDAuloWKs{DXa$I1W^TWo+1m<c56l)1;mQt$G0xEmFwJOZ&%n(drBe2i#Xa|%5SL~~
zUFlpq)%`j?J#Z$DVAv$<W-#)_OeYtib<`zYi!y*ST@|Xqndvf^GReQ#ABWVPIR)va
zNbrv3LpLzR#HSRY&(~RGe$TZR|5o4$ceQR!B9?!XsIVL>mY~%(aex1Zzs3JkzgUpq
zXE8;ZF`FuD-zBGjJM446PktgU1<*1Mw_rd*-@rX7W3tv6LK%k!F|Srtot2$O@KH`>
zWjXFT;ElI!lprjir6_VcAGiG`XXW|h_n^@qef!|e60nN7#%1ZuG5SXvSUQ?*_}sJ*
zw!ateR9Xm?jhr4fb^2q}MtK3kd<0LulvCMAX9VTrz(DqZg`(|maf}<zQEPq?mlaIV
zg%_X24MSBD12Jmt9j~Pn#X*>8z@|VmDM3_=<)Kf#!Q@j0BW>|o$C_o9Mjw`LrkV`}
zkh}r|UC{rzU;vV}5QD6%szjMmifrThxp-gvLH`s470)x+Xp9b7>lHm&D;vbb(`XD<
zf0ioJjXCH9z_h7L=D!XDVt&H{VmuM(xQB4*xM>QO(^#<%(Fw(!n?c8kSM}78Zg6Cj
z_?InYln5b#b3*}p4XR{(_Na7WeEi(4L1t-?Mgl+Z4tj8PY%Q4eO{+whJ;AG^@?Vyu
zJt4D)#!P!`=^0J>c4Nd4`dh&EJz;`l8Kp!lY)A%B&|V=ub(|VfBd!s2mlU9gXQwPI
zMVL@K7|_=Xbz+WA346!AJ58U_yEQQqOwdY%an!~iUj=Quf?rTs`y<h=80?asGem#`
z3Cjd>X|+x4{=fX*PC+@}Z=_kzGr8wY?>KTL$N^jb85{i*k$C*@GM^#LL4tP<I^whH
z^-w6z-z@#q98q7hB$*T)y0!)A)B{s08Maox7Ei}azlvksD2fzP8@mvj*IVqoOYeRD
z5{!X|PIH5&T$opDIuwB6|LeV*<>Q6tqwDcx%GmEIE*1CVZfeu#X_Mvo<4M@~?Wx?q
z`r|6Iy6gFR478*By_%Gz`-%4BWb*^f-k0O`bki6#{q|Hs3k03G`3TLv-oW4PGmvp-
ztLV#NFIbu8uCvu4O~wRafy%t78%234CNf&oy2%y`4S$Z%=0tho&E4_%#U@#kMT_*e
zGeyGvFSTQTJKHRV;5m!g!zB{9a1X&?J;d&=c~s$#u~D{K5|u>n0#&mZs8emQ#vj)U
zX<9|+$>i=}^XCt{N>y$SxH4hUi2w@Es-ITN+LEwYf~c(KJ+N~`osBg_jl%?6V&)Hi
zv0`VLVfNE+p#TmeGR1jkz6I8;N|l6I7$cfzbVD$7GN$0*s1*!NsGV6ntouW1d9|;T
z_Nxv!4AI}}?s$w+rpW?W`%I`^KkoeKDbnYkpwYR}W3#M&Sy?>3wT00^`V!puVC=q%
zo~^a%fMr7p+A6tAW2zfBw?SBC@767-$f)L5XZ+AO7xp7={QVe=*1TE{o#xfAIAbun
zbHI^Q6R}ScvY$;bCEmS4*TT-8rVG>}LMX%*hL{D&GSXCfpvwGx#Fde#2eTd&713j}
z9(;G2#lWdGm<5>oz6Dlm`oKdpbZK0BVZ?Du#l-T>qn~i>cMVTpMPHR^UOMNAuvlPs
zK(axLU9H(wWyp?Vj$P-}``FMD+&x{SMGDK)LqVZR&k4>7V2MlU<WU3UB{PC4(ri2M
z=_a9)M1Dnbz6p3=qpqxBnxDw3B_Gm#((JINwK=R!Mb>MMSYpg~2kbpVZTPs}Ym?%x
zIcar<0@jVUD`=-E@3?YXn3QdPwJ{@1KMxGpHrOBT4N&eh&UD;!re%X`y7nTa?o<P?
zozf#xp$KCrm8h#ln+`%ANo|_Niu~rSk7O>Uv1ju!sKaORQt9rozPd+jD-)yof9JE#
zHsaYUWuDu^o*<x(VWOhoa!gczyqef|;}|MVxggGBJ@5kX9V}0EE~81z7xr_^W7hx^
zDR-^Oq+$5jeFBK^dm(dbxx$I?jYMLRTr8j<_}E8UaFF&!$fUzCM-td(Dn=8wA$A%G
zd6A2yW24obE$F6SF+-NxGv*g+s!*dD`-rK{tooDSjk8A*YK!;RLlOMlUrI|XlBG(C
zPD2qWB$>c*v3Iw<1ZVLs4cv(fs$@G(Vl>(d)EQVATnXaj!ro4>x)Lg;Zhm^E8Gn{v
zOhc!KANm!Tptc3i#VEs6l|Q9Bj4pzi9txK58_U|kDjlt{nE;^W?D`>v0Qp^Xg+mL&
zM3dT)1>5)<;ovgnlg@&z3uvY1qme?b#Uf|5Ci6lOkb^{vm?sJ=kU_Vm40WkD=EopF
z>}{;XOy&>Fj}s|6o&GA%LADnHarBBp5%>;eQ0-IH$gbD5UYcu@QQ7jH^>`=!TY<%u
zQ4_^-AE7C=>3&>(+Xq?EQ;K#js3_k$FMMRts`RM*D6=3`*q$<<Jv)2}##;AM?2r?-
zhI24{5Qr+=_WrcePWmE*o@m60%>)i=uua}l2&0nIj_E-mOQ8V1Y!Lv&7Lnn55|O+J
zATF74i#isjdeRRXzc^wgks*Cu&<qAO*d(#zN&-L)Hry>9qG$+CIo`p|{NLw_&qz5!
zMWIE_)eXp@o5C<^QFN~xuyn6N9$Or-qJ@{<EV-B72;Hbq2;C*|(<c9JzC(m=Ds$Q*
zbbklGT0zc&nJc(_QHSqdD&7+f<l;p%6CRJFP!JqKZWQ;v5VhqF9}{WCaNo(n`<4O5
zY>s9g^65lP%O2U$bQDs2kydez?&T@e;Q<WY&TmIda(ONK&k0l)Ud3{@MLOC1bs?NJ
z>7*8Et4oJ;`FSzV(<p(IW}T_42GkKf@u@v8`Ztv<ePz)ZhKbZmau<(zp3{3TmomMW
zrwPMgxZ$)cdq*V_=ReW``aiG~UbM;xKOH!FqQR3#&?eahaSM5j^>eplJ;z{i2t8!_
zJpP&YErV%9x^9Nr%;c>la%KW9&skb|C|!D)6v2&$0=_iUIbyhQVjcQ$L(KGO)WZGl
zs25@j%+y98&R>SDf`a>I*t>uxcPWU=lRZYl047!+K!8=gQ4v+(g@Pr4fG5>E|2nOw
zGEeVc>;)bXU->Wa#cA1Q8-z*>sSLzERswsiS!&rBC0TU4zD|61`T&prBevWB#Q`jj
zwVGUXUcq2_ve@aV+8@+IWE-hKO7^Mahqp6vO(A<dgmGG5q@?s9xtvjoibd!ft^2=4
zz8Ln0N^)?;`>}v}Me5A|4t%bLoX3B|o}x6k9mxO~d_=>Zd=)iAxn00dt<};Dds+}F
zrv@#v=oCP*{d-cC&-9@2J>+J~kN^QX%t8~WDXXREUN$|~`@AEBnxnU+UF=j6s1vq=
zR(#IIgGZ>c_R=b6Hsmrc<A6U*zuRJgRU$W9L;%g<$7Am!&SHaB^bDzb;<~Bv)AJ@{
z0(BF*k#xVVvMdt9i%}?erwgv!C+NRIPt9dVG@eo*h?V32f}{OF79~G5F?&Sfe4L^C
zoHQYGA3BaWg)t4m4bC86o0#CaqbtBRM2J~u6)Gg}N>}%|c4fg4sXkucB5=*bo+==p
zw@pf&*ms!nm7WeV^C4}J;Ak%GFcI$%)$DNS@W<Dy7XsHs)#EhXv!{7%urfS{Gy6Pe
z-6Y$HQ7}XCGtr3EKMN2Fo!dwA*Jtz8OlGaHrmZDIH`CSJ2vrIm`%bd}@xX>1>3;#H
z5c>k$dJyyo5ov`(R>=$ZHwG<}D(Ur6q{!<zS5ymMHUd~g13;UQKiE{*-taybn>`y{
zsImDv^2Y3BXeewV{!DwPr~Oc2^JOT$06)~;N(UV42Y|3RHs9e)(EH#6wmeP*3UPqr
z91uFEQcCJh@OhSh<MT}B|AW?Vj@=EUSYHFa!~msmFcLDFN9kW54_w;t&DF;qP?Ydo
z1qX>-&kl|3;3#ZnxA9L9bVf%Lt~lc<gNg8kL}H`20;iTU#AA_I{>eW?AQ8TW0V0fx
zMLcCc{N6~K)#BcW(|`1UQhKPAmmSOM9e$?go0@iin-FUi-1nr2JY;nmA5RMDp^TL8
zxD2lge@e1}ngk%40@nuUU?n-|(P9+G2_v9wIQ-KVquPsd;ru8GA^KO=Pyx`i`*Wxx
z)#;6Z4aq_3c|bBXshp#clnR|1MszYHWl;~NjaIylfn-j7EM))<J0dtmJ^k$3G&{MC
zBNtZX&cS;O7R-52!`BL`o-(-&BZjU$?D1_v!y1GIpzr@b<zC$T6cvrys|Q2Hmwrcq
z<@yHArLID9+GH=+3Z^QL&SE_tOkgy(gdA+sMfI0H$UM;6$o5`J6u!?%%aE((q)1ic
z$^&6Jw!#_QufLa0q##87l{w?jM&Z=uvAUj)*Nfb$%Hx|kSz|=sg>OLLMKG+;E}jHJ
z_X7k-=r3PH{t7)jGR)r_Z(7hviTdJ8Z(OwM^&V?hL4<DM<V$aRIT9?L;CizA{#Uxb
zdGj@uuu{G>p3{8Nykfa|=gqu_hg`1Ae#=~@Oq*rvpuT9)X!N!OdEG{?j!<e;q{JLf
zuEMiJ+_rT{2?J(KT<N}pU^{Kv%Rv*%XDWHjycAkVyf>$&XRGvGK|Ob#&Qaw>)-oV+
zW<kD^^0AJicv?;HjzJ^>K+C!-1T~?*pi8%TDN%jFX58_dKmu-L&(7QRI>J^MV(p~R
zWTjbc-HFYAELa9kR3Og+v*D^&pQPzGV(G*wfa8z%CX}Id+E_)VYO_#ymsNtnj_#a^
zr^?<5RpGcV>K;_c>-lxe=72cMF3J<C$>&&?7VuA-oq|Lz{<8G(HXiH8GxnN>qIo^q
z0z$mF@X1I#)YkrQr~TQi1K3@|0&V=fY2QPLsXsj~lDRPv{+iEn2pJBDP<&C)f*H8B
z(!3kJ)3T_MIg8k2zz2=w5@xB(u<hPFR6L=a3xn0M*!cKNBa=1Ua#6vd0-}`r48vdI
zw<s+*=3ycXW$mE8r;tq^!#LURQ;H|6MIgVh?y4kDdF1Q#`@<Beau0D)<&OH{JHgai
z)JGJJPVi*GT2_^d`@W20>6vu?e2EW`k?-2m%bz`ji8!IpE-UxQ@7kf&w6;WswF=Ar
zL-c>D5bt{U(K4!XU`57>MqWv<JD49yY)4PE!gfDoEm9-7!n%edD|c?ogX_Y3^nO~x
z8hfnzkn<>=QZi7U3*pNvh(Q4u{hy-4$>AC#`J{s#S3XKuk_K1!SPzmqk+^5Q_J!Qq
zVWG6S15OAErs2zM^(_#nx&|aJDN+v+WAYQThs9ELEEW(xDFHY&=|;MMAJGaCQ#+At
z8)@;9jJLWO;t7MaqqLc_S!UUT)Z<?hWN&m4kU!|sv4kRp<VEq9p{AG?MRJA&at3()
z(fE0UdWE7km(uEEfALS4O_fxEsc8C}J0ix&;~I)9l${cop^B|JRO6VOAWI)ke=YfB
ziasU?HzvrH9q!kt>SWm`Uzqs+rpzd=0*?!9gBh4+b4R}PN^OJj=(pBDFRB7J5;25S
z;(H2jgHc%mL*?z3Tb$?WftcqCXoKP1D69fUAv0<ZoHOy7=i1U}g9(v)`#CqAuyKV`
zvXL~@B2inyTP}{|PjDiqlu@#T8!S+3nbDE2TTqw~Dp7b~?}8xQ)tconv^;;^8H_n(
zpv*Q*^wNq;7!;A=<`LEgq2=OYA%OfZc}I;0WfEH)O$Q)tM;u8Ijg1xoi9Y^P5J>bv
zDi6x@X)?I@*bPKFzCo7s-i{<VGsGf6XZVY`P5k)(BDHUW)JpN8>-5AI&6AO3)k29*
zf>8dcD{AJ9?K}B77A#|g2`XZ|SjJU+EaYeBf=UA*^MywZuLW^7yA}vm&fw`?`Uuo!
z4R-`J(KJXOx4qd0fx2@YT8$d1a+4l9?rThHP-PaqWkLq9Jl}8_5$;%W0OXB?Ze@gd
zCdlmv*u!VGNRl-`2<l6rA8Mhgi@&U%zLf-(SvT!$^cF^aU5Nn>djAHPAUcL5ha?LF
zPTqr)4)l!zyOv;r+7oxWbsBdX-^+patf9hjvh_I^sA_JfTvrTlh2$;n>o-imu!~l!
z3%|1$2?ehijT$HoV*u}5)T=;97LzSHCmtVNMxZSnf-Vmgm@@m3HC#`#LDIFBFyz;a
zrHoEhl_1tEO>N{VFKaAKfozB-N?U_~O(#}_X}WDJ|EMqRJjWb9&q+8b8(p*9SbiUP
zGR*mx-lVygFQ9173zN`y(FxLi`d1+|y4P$mvEabJHyiL+e!?>qpeNA($uIgYl&N2h
zGJ&wri(5<)Z>+)q);m0&d6Yk$u$8}wK0)rw%}4s1En7o0{1f?~|0D9cIh=|G{}K6`
zr$|I>Q&*0ra?D4w8Z&R8Wsu5PB1NGuufFdd$U3aDEpua!))r55Gz>JMn_J>m(Y!6O
zEb8na2rXI8Y1|h+vaPyVv3fdMYQuHF^BtLj$lRr=lh1RYkrdp)T@8fLl{&Pfb?=K(
zg^*>d)WNSjZZV^-+L4b1B>nCgJdQUOg$_-~_C`z0!0d1hlxIxM#pw}f<~xuNil*m<
zMEGUpayu$6%fuIGF+&&77T1h0Lj$SZt!lt<UM>}u$t@;pC78p5J@;(#YOZd1Q$7Be
zolTZNNNI<whD7^fZi2Q$#WS{X7P|`&rRoozm1RV#-mV$=83mnWkBy;=`x$~JjwLH(
zCf${Hf%B6N9{pH2EL;H$f;JvRe;_)<2NUNy)Ypz-IO6isPF+@X2k*feWr^zvxAH*w
z#@=Ogv}3M0W=QUIn9-O%OsjY%Isxm07EfXtKA1yh_(RWS4ZOA)l0LQ#t2X-#1RJz4
zO+g;i<w_GofyLw)S9o(KS6Q*=+s;o4?jxZCpV?WteH#XGv8Mr@XlRT3CWOu&xeULG
zU+vtY6rK82&F$0(fof`0b>!hvwAH3>`snbsb27MrEEO&aM!2DNp?tZOJ+F#3bI##Q
z&#NDYe^AK_9xs5P)*++UQI{moIFAUO$Itt=B(57|cLalKsBMRBpy*Ep6ANenv{O?s
zA-^eiFa;eMmOGu})}^S<`Y?y1w8ntQs-c7gjS{0DOq6g0G+&MT?-4027eD_6I+J}u
z`Ucf#@8M&jS18Rhf-+WGI=>nen=b$%Cy0h2EO3vMjJiN16U2nPO}yfGyUX`m@<edT
zYc$Ng?ZN#*>M6M>dSoBS?Hs4tyv!|aN+9@ERJK#A_xZK&@LYE3*-7MliAT*5m#vd+
zm*K?)1Y|WD5ycSalY!=n?YHmlkj*mqjC41UwB`#29e?f!Du{S{i9(sS@9c)4c^)wL
zCEUdQ&Y&Ahfvj3VJKr%uEFB`6F#H74631j!zX4R@Kx9R1%)<?T`Qh7SfhI3X47pGp
zmk(b}6gn;}e<3qb6wQFc9q5}ChU;Hy;p}Qzm{I69rw}e>W69<s)t|JTrVw!`Yd`db
zbL$2lrp)Kz{^$CqQ&|!{C5s$AXvfyB^c^a!3LQ{>!!mXpD?WOMT#RElA0X`O!SmY#
zvp$uO#0dKn1^E}fg8=?=TMR_M;}X;h8otd<7??<tsfXJR1Mxhvp0PV81t`V)Po?nE
z12cQyO#6)V{nzr2>jJ*8Wm07qfEWdQBYR})?dT>{!TLaCb<<Oe$CnJ#5cUBkfa$Hc
zU%=KiC)+1vyV5R<FBO&JId#S#1XuUBLo-b2MI7QO#yLrq)#<-`e{<kkE~{lle0wz@
z3XkocDxdOs9c8b93<Z_o{!>8&!zR|>B){X0_1vUYs?2VG#a>aNymtv$rdVft`3%-H
zZnu}ONGd%Yf`dFdNfrj?%D2NJ#VI-RB|<ArPQ!DNH(2aO_8fmOH8Jur5wTe;#p$<^
zwgF3(%*n0aU3$^v;dMYKx75|?Vtd^njuICT!FuDub0`nrn%;4cS$+R>jBE)Ver?nk
zfZg(ys0^dmQ$6~}-5uBCR4!*3&JIC7rJMFx0OMM!9Zv1rXYNh3Jj7f=$HESC7_wxf
zK#~9akSw$qiWTM@cu~P45|n6oO}(_770Ohs^8t26{qk@n!8`=7QRIy@+TM;-Bg8;E
zezlb2gn}eIly!?w5T;Te-p2M2NNqHefTVJb^P8V!xA||^(dcH&kBRP{WO%+n=V_Gn
zGQ^Hh`fLKiM#YpymZ=d{3c!QCdnf%f6Ob<J9ld0tGm6x2K&AQ+Ak|bAo6M@aiFew`
zbVXsKp=O0K!^zFY>1ksHON?(Q2`_cEBJPL-$0YfP2OJqogWK6ljIg!Lu)uK6x4F34
z&6ntoK9|f8nN)OKSr)XkqW*!R_bf})D@sU%uJZZFgyShX?p3c=inIbty8dK7J>o&V
zwd<aB2*1BB1g4hhhbj|4b*Bv}iUrZwtU(qeCb*)-S!mSABkw3LL8w$x!%8UDlB`{6
zxnacok9vt5PO#5k+;D-!J<II6u%HU~slrgE<_41LwFxUFiJ7RUxGqd5(hJPs@k|KD
zO}5HVhJvhcr32DlUjn|`P==+C>a*~$6F*5`PkxMs9m&f65t{_dP5<Sfc{(~x+NUe5
zY-el=E1a<b7O$`HzeqnTVt47r(;iBw(UqsjA;xr$&J&Gqe!N3!5?%(c>XT^Ye10)l
zLKyaEXnASv#-nSc`NoUCa%~=<K9QWO;R)+ADJwsmCBso};mo1<2LQw`ru`(`NN`h<
zL&K;ZuoCLIxg+6fFOpVzf~Z!cc<MGL3xCIH^MD-Xayi#C0c*8KB@kJ@!4hQfeO`)3
z?ItqZz(pZwwJ=n#>D0yPx=hbrL{VKCRpPhI2MmvX#8&-R10agDex@Rv`8QKpVmiGu
z!bfNayc8^2Y9x*yR)HPAXqFADXc^{JnRIU2xT2a3a9!Y++o20WtHQeoI-ci{1!^CE
zLGxtcN6OI+#yyW|G~WaCHY3k%BnJGly8}BCe$_a!oPD+Sr}j>R6#DADymI6EoAhTv
z3dSP~Ij6@ATYc`~cif%nSsA+0d>lQ60<9m7K#qnYq3e}jf!8;KCz&XUdlN&^&o|tZ
z-!RZS2qP52P`Aw5Kf!K3g>tH8b>nvmTm#0|p-{V))YA1!X>J#De7D`p4mu%Yfa^D=
zb1!xPL<)7xoT3gBHoO<%GOf(+hJ2(83!oW}u7d5;Jmx6I;SSZWQJK`ZL^?`ZXMjvw
zMb-eOd@^XM9S`jlZt=tvpH-Mr8PN|c-Or=fZa~YE!qt&rd((WMAL15gR05i^_Z;xR
z+jRa~O<oKp_NMgSepwT&K<2HekuTOMqBl=B+D<W*36W*U>4T)G8q)d915xG)vmy<w
z339m#WC}F9?T;Dr`VrMiouO{jbUSGi=XUw2e4$V{jJ}eWG2j>*)6TPtqEwYFgr6s$
zKKG=rUC&qm_1?w4-7iBJ8rVkIRwnof>E?d}`MKIq%S;FDl5xm?MT@YVt_`(Vc{QDH
z2A9!rnW6#rEw+BF4NV%SQN@gBrrPJ3i4kpz&&^r`qmTOa$6VpdFToiIS4g6o@ink3
zMad?or0+T!V+qVzJ=iHy$kbf3Y|OXK$X7#!h4Jq8xH1-QU?BJ{frwb2>U3p;YVucG
zvFN{komf+!PZCc+LqC;O$4Uy(Kz&p97<-Ftiy3jAfhf78hkGUS8S6W!>GGuL%=D4|
z)>LxL8sqT<cl}4D{-Y>)>A}>uuV&aU*80jtY-SGOz#tRe)(a0!0g93IXj@Ovw6x9A
zNyC4@Y1xLl-w(Ev(`PA9xv?#q%EtHP_9bJYgzyi{xp(H8#_oce6D9V3%8MxFzJ_&w
z(#Uzh6n}zmpEr7X&&Jh6F3)1e(ey*oCmrYuKY{*sn@Oa#x?_u8DOpI#l7X&duH8A!
zX!1p?(5Xx=8$(~pWp```xCpYiyki)eWQ@+WayFKdB-z_eZdOA_Z=dF9*^4&pO=PdH
z{VIJMCrck&JQg*<SM{=@QuIPoz<}s`N2wLltFCbm)Grn2gpNJ2dYm2G1cz}F8Ewj|
zYBAr(2jyZgH;j3|3BzHy03r0g8c&6ALVsxI=&Gj~bgU6$EFAgCHPy^dKwxFrmlnjl
zYh3O4)jf-&4*A0D^jl;Ih}RbNxS>NuhEJa7f343(g`J|6khqpQe==E38t+L4*<G$V
zYd_~WP?rOuo|FY$9w@?VV=~qa8-Fcv;l`H)j7o^?5m3R6RR3OA4r0cyUT$>sEafnW
z2uS?WagKYTd`a;8DSkH)c<SKYy~;G(+`(=>Nt(Kh&}n*GB1H&oHxPRmZXRO$*|>`X
z@YZqCzZ%;_TdSwwgC_~U;?!$kpVP!A*zJ2osGl8!tN2Jq=m!YpPo>!(H^ki@Ja>r|
zGFObd5`Z>e+N>yfT56``KQE4W7{|gX9X3x`Mr+G(jq2E{Z><1rbQc=zL>;_v`P5*V
zA8<5!Mqcl#L+XZD8e{n5uD9=0?NDC3uX(tM2f&gZn5CZ&=S$OI2N+5IMwGW5VOI@*
zChN%@!Z|)8v0%RaJ_~||t{LA)Ta&c}9Cc~~UTKk^R=dnC-X~iDT0V~cEx&{VR2NVC
zF{d{1d7h-tX|(u@o2o8u9!zwwGA`b4PIkQca$MQ`uO<vt8@c&?$hzc<E5K=mj=(Zr
zy{#kdZ$xK}#NQ9x-<g}?JHR8(e$}w#J6v1`stEhN3XyC|b5F5gk3Skh7+k|h<U<oW
zQ9ljj2vLcseLvlx`$@%klW+V1lm=RRBV(t%sxd^t&O;`YV->&xJo5GhfAUG>v>~Uw
z@@In9ugpnX+Qx0gFo2ssgSocI2mWj?cz68GP#!gkIR!u}xLmV~jnG-m)D9m=Yr%K8
zs+E}S!!gJ9cTgxYPI6iwQuPhDga=HS$!t(JXjYQ&Z96!&j0tcgo}`psOY2MfGz&bM
zs-U=Pt?ePWQHI7QP4FL|3VmcR3B-0)izKzyZ+1^b3)S(e9ZU3N9lx&E;5sKhwQKO0
zAdWt;ja6nLu|#uL{3>^-bS0(*@XL5sNxkV_6^={JWyD3t)iCp5S2rZ^L}{%JoKi8`
zUHmo_sA~3)^m!ZX4&$e7mfm>WF0*hpR}{I*+iLb7tv;7T=Sda)T`wILx;@%WeAonM
z2Tv82oPkpv+L4J^O7>C9P|(<*171D(F*}Lj^zdMB=`kp|cJEk2wfqW2D3m+Wy)Tz}
z<fu>nVoDUraXCF!@#kJaYR)m7Ot1A3tYW-dvu^SOhH3Wa6ZjW|+x+gC1$MREkLk#f
zY5k}jsBFTGy-j(xsqRCHSs!fX>l)7uTP0PUle;UQ8D5knjlvG}ECHn79;T%`@@Tnt
ztK{z|Ao?&N+xe4O<=(5eP9I$0=L6kf)eezz7=gj<n&Gu)vKl>`*C2qe#EH}>!8n8-
zu?a=9YdZ5URQr9Q>2DV07>pO;oNY-h8@JeR!)(uz4t6hqM>qOjH*(q2mZ`c>EVU<v
z#i`PEAxF~OW@jh1@40us2;tx}O+&}XyTTMreg+kr8EK-5HW;Og;)3(C)S-e;ZGdqa
zq52)Zn3NW720Qwa8nAZ$v^>5$+e|a+c<^bWEzNjR%r7~9$VPog>%`5M{?kby=x||w
z>g;`CNbM+!t?)84`5>y?tcZDet1PPgeGI(2!N|82R_%T0<=BDn&H4N4Q4~Mjd3lPZ
zexs4IU*1AxpV?xPVUTac;?0fLYb8v#7@ueh7w35U4`aLoA;017U>y;yRc@VQ(zBhp
z)2I)gkHZsxBcoUC_o<Iv?QLGx23ES<CdcqifA1Z4WTXXmMeT$$k-FfidMbW_z)Xwq
z&Jx*g9yTOY{A8?&XHKtm!JlxpesSMq{U~i1qf3Gw#SNvtXCu<b*$877ux9(&BS!XS
z*~{0NreHKs*ynoWYj3U(H#T;|61e4?wTPB!O{69rdNhR?@!oOFV$u@ydpGz&)yrN7
zoV$9QAfiY=AU5exA)*NL?f16A5lcu>F#BlwXIxM#xOV~B(eGP`)J4I=Y6W47vd|%6
zOZT-vgDLFdOASmm{D(M!mk1;+#y8e}l%kKoTmEQKShfQ+8x{G@u59aFbO93f4w&CV
zQ0aUyy3k05$lK)0EqMe;jOonlGaUH?v?#RvKobmYqcP|4xn1)00P2QS*TXV7objFq
zV6wj{HYW5>QVaN0wV33P<($0CDJ;!$<e%SDWs!^s?daDW0`(8L#q*=6`hI{@>$q2K
z?jOu$yBblx{#>>jipulQ#u!I5N!GnZ&ppL789p_pSy;-M8FnVw+x56%F8AEGFsGF=
zDxYdoZc$r6q4iN``!fg~Ttl-H(oR?H)jS1DbMUpPH|B*zj?`p^GgXd2_i@1$7309y
z9l%;>bY>GUy)tQ9rQ;3vXi*Qh+!=Fne>Guw;)_oN?Bd`3znDAAs5rKDU55}LK|*kM
z2=4Cg?(XjHu0b0K?(Xg$+}+(Bg1g?1thM(U<BoCe&-<gGDXO8mtNN4oede5+a8#|>
z8a9lL18O$yV!MLUG+HAhNmn<dMl(g}%r<8mFxWM13lrF(SWEog$+yj0ZWsOxI6iTA
z6~l7Ab5wvm@_h5cOq(D=jvsolf(tMVCZl;SoGG@QlIX6RAY(mi_o4nYRK9r7#`Sg5
zAL?3R&LF?^<-Z?qy5gn(IBD(L5IA4PZZgHZ)0G^x7cuaF1c3OEs9q!#GrKY)BZ8Mn
zgQFQ#>|m<?MBqiezfOXbf~^RNm6oUl=~<)$exzCR%;v_1!!vA#mXziJI#C%)O>pdP
zG0{p+o@i6Ryxnf>jFZ_&ZIK?}&^>ozMY4Edl*y1$%OiXN&?-~Yto=s6$5h>_pizAK
zc)&1bs~@7DD|GbgL{&ks;5S@z<~;4fjL7DL)LZuD>pU8#r%V<|y;k#<Zyf13*$ogs
zt-x;Nl+vPf_$q_PK_t`gdUh;+tzpf*o|O@^Q5TN7h<Vhv@}mw3`kFnAF?J>H#}@hA
zmGnkoTFe9KPrM^HpX_#+{@2SN-dAT~6|c{`32!d07us*nqX};>*>4$dSF;&E9`7D;
zemoqNQ2%)DcRqW2ytqv9zN~nCft{RV?*8%mvdg`Z;_ZeHJc4_9yLB=i6n0BZ#L|wP
z`!WZCSvo}t#fDx0BIQbh!`&5Ct);5YJbn_O<c#+~)ADZHackjQ6t?Co?N=}7m)_ej
zxx!bcaTny;nNkv-JGK08s0V3M2u8xUv0~K=OrAvaCqw=+H9GzX=J(oh7M!3#pk=en
z8ZO|7*c9(6KHAERAfcSD$c_hzeD5`~JRB%_!Tt@iB0KF16+#B3%=$ZY4U|&P9+{%|
zy9hF!Ju>@s)%o!;`m?FM=s|r#cLwW^aE5r#5DgX$cB;!wY#wCNWgObe>>Pof8lA3y
zJo6cAT7seShSd+VrZgqan#^;CM_j2+H%$TV=bkJ*)byA7sN6hfmn*3^sY8^M)f*2y
z78nwT&Fq9y?xNQlv@NP=9Wyq>^)QJWRIyGr5B<o3y_-$`@5}Q>AK~A54#=*o(I74n
zNc!34nZyuWe8LsRXNC8?*Ax4(_E`8;Y$`ay;z(Xyxch45TT%4xEMzYRDfEiq74E-;
ziLqMgn`s45fL^2C_GgA-$FRB+`@*Nq?)8o4)oHLg>6Yg5VIJwqP_aaJogy)jzpE5}
zHgtacO7LZXTjYXQ>>KrRg6cJ@cQw-|mXQLJ`}DBeu_a-17?1*+R<pNl(ML`3%f@lL
z_`0!GD87T^c>nAuM}7?lI;!I3{GvznpwgozX-He9+~k}e!7er-qU*<9jkTvcm(RTL
z?QZfjHG@;wRH<RQp~M7|zs<(9d!wZPh|go00TdSf*g4Wx^(s}fUFff^k@FSj142P8
za?8Dd&$J@G)`&C+Xp!rKVBWguL-U>zq6MiWs(Bry2*>RIgTCqYxH4XOl3tqGvE%7P
zcN!%>)#~@@D4gov^F9KR6?5xJO1&0#las000|!Xn8NUCmyEliLKNZiH4D?D3zWiot
zKq`1_q#Y9!?i!`>W;v1g<W{*O$x{?!3N~wi$U+&eHcH^jl7rO9p_gss_E(lUbXDh%
z<+l@_vCKNM1Rl3x^A?{IEEQp91t=9ZVuwA(BO>AYe}ESf@48%m($EQ1Z_Hha5@we^
zTL>c^12+dsL$$)<bZ3HzwuNHu<!ZP>8I@kv23#w+ACr{ty?iq11bPbA;^GU`x{P-%
z0G;2GHNC&P?d;imWS8tDu=n)k$woBOtUw@tXeqaVFD)pVL?hecg>dUcj9p*MPD@oe
z!GGv|bf-0_G&pi+o!^!iU}J^4G?JJ`6J+s|z%asg(ssX`6!tzLH%?%mJTJK)TK!Qw
z9|>=+1Zwnl^+WqPbR&tER+fTCQ^AgFU(ZXn@Uj8?C|?i!+FIG$({{9nxGzkseiw?$
zela<p@%NC2NLnr6h=<EaZSU2$yWQag_qUhT;q{l-WA5io<%;&#Nbcv0*^-1GZ`&o>
zZO^Oo6<RN+%8SFF+TWDRm?U0~46jvSxlaW)wzjsyum(%McWnU2Jk)S&tvnZab?#ax
zRJ0#}Wt>QsM3i!uN?ofTh|k)Rwl5%E;(R*l-N-2B(H!AzJ)qh?j#nls#C~u)*d0cx
zcs<|RMIrAbQI}tw7P#+aV|HItSEvCFdhnYx!yoC;C>|Yks`5JaQ{>O;-K6(E5k7sB
zv9)Ype%J<%c;IIEHR2&@x8rAHVgr)=@ei+P!)D;R=Fhs6X^sg4M`2H*8Ye{{o~wJz
z)n?{ZNqV1}Wm+57o=M#c=xcnC9^3uT;9py}O5UdAuJ0sn^>nJJgVvR~VZ$EX?xZ6t
z4k5Z<Cg$cd=~$1;Q;s3cIN9bNeVNmo+L?EDUrQo)V>YXH$(0zPZp~B%fukve3}az}
z=M&DnUSDR{GWrGLXeIS_j65i&BRTGCzp^`(anXfD3@e@}dCSvUx@7qlZG95$r21YJ
zw4ZaahP{f>O!=fF8kW&r!z4&O<q2^&W?|{gpQDWF?z1>f4fvW1C*HB~3ZwE218BcB
zP~K^F{vsL9W+-?TEOe=|j}0n&N%e&&vfCG!(%zXThoZFk#73TF=~I_4FItRv@5`py
zPKKs<%qb~aAwypCDM?wbi6Mh_wa@UDXGRSvK`->rw}i=DN!wavML8m<y4J9ZAhmp>
zqc&KTBx|RakB`%+IflI4)UQyr)enO?XB8n2kIqk0ojnp9lPE_iBi*&k%`xPeAFdb2
z=s#Df0*T{<9mS9oek>iSP|uSbIxIVPYnneP(1F#CK^r0}R3);uS6TqQ;ILUlxZwEm
zJjDl9!ms6<*fP18P|~mbxnC5529{k3OlWoAW?qE0G3V(!nQ_f?@*xWwrp$Qm`$(~I
zK;i_p;^^tr#2~U}{{eo|gO3EQ?9h@vy9bxT9nyYMv$TURjEX$X4boThiD2erbt7`j
zBj3JC*Oj_?$`D1noBrqq^vgLFd_j*}?+6MnQ>9=oQMd+0A#|m@7)AU~{dn$L4YQJ3
z{&N<eABsOlAAex&qfp_(wiE38#)%s@%7%}I<Ay8tRZJ+ynS+Mm{SXu?6a_Az4MJdl
z4lYFhjwe<kHeBeeziRM@uz{8DHnF|l0-Efls!TO=_gKng{d!N`osY>X8@}yN?BJM?
zn8^c84R<7hj=TZN!wo9^M#Oym*KH*a6hE#mChd3Ryb)h2P#|AFT{_}2LrM-p57)_d
z9C?WNRA!+S<Z5!X7GK~|!@@Df7l)E4G->!XE3UNbcxfl^kk3D%_*!nzvz`Pc?1`%j
zC17k%xZxTj8M8oQ4HT)nuJHMjU<?x2g+5h_wgngs3tpWd9mY>TM;r1sXrQi9<VN##
z<b4NoB!X;u_=0fp1EeNXod)Ws-p*u7$CJ=V_R*UA=WSW2343aeowjhP9`FMJ4%8PG
zsepcdiR1bpjX_Aee2Pv7hwl?ji-GoB%nsiheWZHyS@sd&T)rQ~A$7H%Ipj@%ECGMV
z<B<2C-{q}zIgUN)h3;`NUxEh^8L{Uq2aZjFvh3FgG=xC`|4EQN7aTS$Z`Rds6g>_l
zMXrraS%$VdA*vyC8te*j!qyFX-y`+F&lV&txZh@sxN92^>}uih1E}e~x;3|^urvr(
zJ8=KE$Z`Udi4Ygy!T225Q$pMmb|>=)nj{V$PMfKbu$m-PnFtrCV-Er@95cm<?==A+
z8|6M;$EAW`noo@StwVVO;xsa-RC}xkjwded<)KO)3&@Yz)@suP>jEvrJesunJUdYN
zDEh*z(8A?ex}j*Sa`~fG`dma`G)aO0IMVG$aF<%~O+L$^E#{hwu;<M#3J#K$lh8?}
zk>}Qw%pHPX)u-KQC?lW6hi$()L@NqWQ*xusX`6FetJvzhX6K*}k0*z@f;F`@xl*90
z=%kE0P;b$(Blj_Ij{8<|iGKdjidjH0Ut*7kw1cts?a6OoBs<L_yJ`mB8#?+yL<3P#
zoo`I=lQS#I!$I11*kEOoxjRSHIeM)w<E0XMd;SSkX#VzuzU_Ru;pt>1LP^j(29Wjp
z#wRoQ%J%ZOJFEdReQQyAF<ZE!fsv2$;<r%#@y-F9!wM7odx(01CT8@V)#$0xRuAR~
z;2u8YBx}HrZ=R;iIuCslUIAAJmZWTn4Ik;_fiFoC30lP3MTbkBJxaztO!%>8d4e!I
z&u3}?%G&9vv`o{payhT9(uK4>QJ<!IS!NU;k1m@fR&4cpFB3<cf#H}@AJ_NEUKKo*
z(LSOrc4B-%F8x+BB)N7anPJ0<PumI+X?HD6wUQx7MCm;NO1VsqS(dXCX)F#U3c~cX
z%d5(A#`Y`A)x~UJW-{JU>=esdW8LKj>wVA-dCf5m4?0Xo3W1I2t7_+}{m`MIrV+|+
zwdIfT?`ZiPBK^ZmFvVp&f@TDi&$j!mQ`(gzw1)71C_)zvT1_~>vN;=KMt)P`dL-q~
z*o+Iog%^E8Gr=@JrbhZs%sX{Ea{(2T3vVbeXv{kZfY>^gx1<3IlFXDPwly1$J-u~q
zi`{l+{gX6#x)T)>d}lr)yq%L>5eYPOk51%lmbRaYE6(d46Q97FXv>0H{aDFQ+a$`i
zuP4oNKTjp&3;C*4hu$?W6qA&Gn=$2`3u|qWaxt>AOr%qReWPR!TOs-CKoAEqTZAqm
zvAQ_g0u>N(7gtjboV&MDy6pY083%}O*C#QW80n}HuTv_eRJuI%xg%PwDFNAevrk;#
zZ8kO>i|pslNhpnY7%5yRKrw8}>IcwlrTw0<qwe*wqCY(R4Q^Pl9D3{9W#%EyXCShz
zjsjb&oL`6#h;k+&F04kcWj4M6=jnb%#pE7ExEl+O8TX69g4JlKSxh7ykdy?@TgCiP
zT2?Gzc@CWZkK7(CP{GjP_)RllvTbsnQ!P6xR;J3G<ce=@HCL|onY!t8bhW#GNv@o3
zoW8Q_U`2vG9?v5nNrPHVen{Pz6$Z!QmN0+Bx))rbj$-?x9?x_%7x~q(lIeFlH}Y0w
zLzXKJF!%eI5g97pQ8L$*8oiaZ(-3ox>Pdu7YRcM5wjHG4CX6)CCO3~=n^cE)SC#sj
z1xQSC(5lZbqH#5<UZW0}Sf2}x<vQ)clZ?~9S@0;<v@keS3(gk+2g3073M}3wh+Sl%
zLz0T+pCV}Llq7b3knjvVT#L^?h}et2Xk0{Pifp-UCJGr_#I)G~UQ|ZGmDh^sUg}ZE
zN#esX%Q}LXAjKksIFT;f;0U;KHU~`iuHYHl&DX801c&Poh`A%-aaE;C=gl=bd5)?t
zuWLJ5q8L+g9wqj__1achyFT^{+luyZ*&M$gVam=6mZPHskhKuG?CQdV<T9`Vg93vl
z*Hjp<Wv7I?p^12G4V;e84pNxx1Y%rJVz-+MLhNqb&Dmd-MOLtWaC~tTYs#@0zkiL!
zz&CK(3HsQ@XBCX-G6=(K_0f*sU?(V;hu<n#7We?wTSozsDwjkpk7uET2!Lb!#gO1(
zp=~b_TTx*39dPs1X~i$5m0Tln{YG)xB;N_I4N<ck<k2ahif8|h9LVXXfLc9^ja@ax
zSbldl+h!4V9^1l0cYwS>Mp6S^6NY0%0K>ZBNvb%)&4PpZ+|_8k)am<LD0SjT^fBiO
zT*2$5cANf6XC5n`v86_IL5f2?K7^n>pRo<W?MBsn)H%xTu>`@H347zF$C$M17O~w{
zw)<kXKA&Jr`3X|@6YNida9M_Ce@d{yiV0GhGysv{n4lJ&Lt4GRPNy=GxGH)nLN-jw
zz69)YFgr85%DFCFePNXEHO`Ap)0w!D%7X$csBnOA_aKb$7}T<S|5+<8vxZQt2XgF*
zi_fzXUJbzy#V^R0>UkaFUgVeR(d%Tu9Ussy)g$l;e$3v3BLA4h{bWme2^sHmJfIx^
zz-Q)Pe->|8ZdejJ&;VtmLxnUJuMqD7`>y$iMvRjlmb}&~k4Z_RaQx`O6W^XE)<aeo
zadTloNoRi}(wCVS0#jm3dl1dtgNoo{%^y~T-})wOx3IK)8a%1OLn>2Wp;lkZU>|1+
z%f03>TRT5K9-u&}2Zow<L%~SkO&tv!h~*c{Gb=_<GXB0RoH#m?^S1=4uQvQK2JA5C
z*sE8-b@7HRAzKZah=wUut>~*)gfj7lf0EEuuK>7pZ10tsQ@+ed=1h@1DRvg_;}%&E
zmsdw$;Qje)O{YOZW?<p0n8EsIAd^kNXtD4&T0GfWT%N%tsc+m5rlLCidHY5yuYw|2
z(}K-`$2J3xUHW@$OQTav;vOI5H0_%$c{>y@urs*=tAt0Ss&?Y(<n~pbe!G}3GFoU(
zeD~3b(`d_Cc8UsHOK|4OCAcsesR2a_QXp=asIVQu`#It3!_dvEpbo~pL_3NW`s{6c
zfGUtWBKz+$s#_C;v!JGLq_J`YwZe|{5*`{cD9rV<TN}f}(xG+->i(7BdTqXN`{Kxl
zLUJSMV2{r0E^M!}FoO9Bn%?l9I0e1}ItOa}8sc!%$Da_sSL&DWSa)Old}IU62Ek8$
zBG~oa4Sncw_xiy*9>?K`RAP<8O#|wIkj2um%hl>8rQ<do*@wV<J!UbDg=~;?1Ok&B
z2wTAnq%=PVW>RP7UR7wfk08-FlnW5;FVVCepb%#JPJu^aeCs#ZnlnTZCWO-1=U?5o
zr(tInC9M9|00F7lUE3ZPx`Y<}o*A;gq9d9V|L?W-v7%i#2k(QrY}Rtx$y6(5AWQTe
z+Wlb%6Iv7MU9D_{wQdF$i1;3Inp7$?_Jyi`vxtz~o{4?{y^8!p$zr2`$G$-B0J~$Q
zqR4}rVkDgAnf?BY6_usDo?r+ut>8?OhG6E>R{4K&bH7Cm@etNyD`iQsd?xq}L{oS5
z&s`1&*<n2p5ikNvrk0Hw02(6FG<wCgiRR59#Q!ZRuaTuCR1a7q@taj+Fs%BIX`=Nb
zC|daxNztRvEQ%1m7-!m+!q_6#OZnygEZRmP6eSw^n}&MayO>b%C0ETkSa??oZUV0i
zVTX&bgu7#dcz^IgwSnS;feAw~Yjq8{T;NTbhKb9xQQO|o-oe=EtHHQ}0UaCnB(*Z4
zKpQp@^H5YUJw*|yOU3)7f70=*%%5~@eEfe)$33b{76xUMt$U`?6SAH~6jwn>g5}Fe
z-6*uLilwHQ0Er_mu{s`X+*~zW1t>zjAmA5N^4a%UYPg$;r$xvE{Fn+*JrJsxn=B4y
zErdHAQltFLJfr;1I4nNO%hC<iEO#Cxt6LnRM>s7N<WyF6^JY3jpPgC!V>OGc7UgAi
zKYKPb4k8^0LBepQFWb8MAkIfEMsJ}90Pzk)7g1ZH-Z;ehaK!nK47rT}e1cxbXOOTh
zww_?2!SuX|rkFAkd!h=~DQR$L809GEMo1-!QmXEYB8o(^Z7w4ai6nC!s!ts_<M*H0
zoUG$8h&xuq9O>^39c!P?!83J{wDHrbQ|7nhn^eyoG0(`%5iv4XbT8!y`-y8Vz1WvG
zmuaq>4cbd4@DvS5)Oul>`H)K7Or=C@wTG3|pWGfsj1%P<?HN#qpBs~a3|qW~tTaOz
zcwEgKCC*a&F!q^!)!VH8xJ5few<lw;h*cghrEnOA4d@L?+WiMW#6JGn*ce>pZYaVP
zpPqD!I_EYT<UX7=dJqj%=mJ!K+Jn#;%tl>i%Ld9IGmi)djvd=;m1hg+y}&)p2FgCO
z5Brj}^Ji>YZ_o|=xA))ddTLJft`@K&7v?|?W;npv7~@$nr;9G!EI8V%Q9@QfY!O3F
z=GB9<r90ho0Ejis9L!cgCyIDE@?j8m>*A`Pl^Ui;H4OwBmfksV{XBO~m2RFrm}!K_
zl=pWzLB98ZD=Te6zRqrl1w0?5?wgs$>PcG)Ohq+uO-CJi+%&Pk1{OJRxuCg0HSO7h
z<mJJ{z_y?MJbiNMEY?U_`xz)Dt+|a6DV&x4!JVgQWe%>0g!gY10DxfPSf*HdY?k$)
zkef=lYe2XA0<MtL7_=!C(wOd2(=iuyw!U5unX4W$b{Udk*c?Zfy;GBEkfCm>vl_8A
ztmxX;j-*&4lhe7@(|_kvxXy-uaq+hztnx@Dw9S69W$|hz{+td+lmSNMZev6Bxbm?w
z_vvxLP6_Pc<PbVN`1}Tae)mbnx`InrU5=ZMbU^8oZk+D<0m^XDXc+NWUCEdC<)Vb<
z5hGAwt8red$jm<1yiMy^Y3~)aJ|<xSzjX1%p~!9I4M8cm`jSx_D7fOihf&l*6%>j?
z>BB*-Xr)=mVcSASg4HB;3nU=(Z<LYwJfg7whW^t;47`dHm)_4&fG+svZ$IzyP9W>_
zTi?q9Hi?3>6DV-I^Oen3?^qRct|SYgirxl4?SJZJ-D4S{taluT6o(0l8>uX?6-bb_
zJvXBkIvjz%l+)2TgxVfC$FGTwB}Ty*whTVO38eNfHDK1CX)zT?#VBH1n{T)m(DzBj
z<CjN5XpSO6DFo+ZYUtFF@!tA2yTtw2yC>~)^yy*H>-``Z4lvseLFnR@cmT6)9B~PU
z>MnitkZ>km$ult94n=a)ly3r*S{;fI0V>$yL>j-wgi^isDhx<b<WD{5cwz8%48_3C
zHHjBAVm2HxF>VdEK8AVK@iPPm(n@~>0HSgyFRQIyIyK8@#<z}D-}=@)FqL`<N`t;R
zgGIiBvPD*CBdB!}-Vo?Ia=K3`t;tNr@<L*79i3NIsQWyw%W<^qavErCiNOX33T(4!
z9&J-UMt)l{oH>BZ0<D4C_s}^2uKxSCMSqAYY3o%JMtgAeeAB5lv1<<)0i;s%sti2D
zyr*W>9(dpzO9)S;hBFy>pbG^)*oIw5mQCi$&~-rU{|KB`Oivu*_9s%q>O#_(dX*XU
zf+!^mGgR+_m5-i<GfrjCLbYA(%#MRpQ>StKybdxv%JPDx;hM15764$uBXEnVc=;Ix
zeLbvJR{xIKpn}_yMGSAaYPC8Dy(KU)&QLcLa!XCw7HWE4Pfr1oaX>~$m2D1=biEWJ
z+aTM3!L1)u0W9TnIL6_=gHG^`@$ZffyEJ1+`wTSt<?uTv?RhxK0|g0dqVM+;$q(G0
z`=!r&n(2RkUSQ|iif>Pf-7Fc~Hp~^5t83<7=Y+Xc+mC`qt<p&vx5!{U5%wJ$l`g@}
zo3l;&q84Qt^uHj78cFyjWTTNLM`xqahZ=?R@K1*443H$-K7%Ox8Uw;=REK3XfH19z
z0Wp?}5~Sv7_}f*_G>xH)!sI05R{{*c^Vf2y{GnE5!b^Cv_5eT)Jr`MclL^*oXfdVk
zJ;z;t6WopVH(`F+9E{Au$yErUq*2U~Bc9R)DI!@StVq&VheQ!B`D!iF=5cOPExuI|
z&|B22i&?DO;L-iIR%cJ^%DlHbxH2g+WRw*QCrNCO>Ks7l#j@-mLDcV$J3IElLL0bj
zpCe!q?&n0dM=M?BH@x>@Weez<I_^CEYi#(MI)7_9c5D+w6fo<)xv{EG$AUwuw*IY8
z4AY8K37K|fW#3WP88k_h_8AeOzBXdBS^=m<)8iY4igV1P68nKY<yEFR&EL|cvb#!|
zNy@VVM&%5CIB-UHIe&f<i-*`48t}F=f%WIKo>oBEMJIdxY|T0(5V;}yr7wC~eqW{?
zo;6M}l%A$LpMzhz-Ra*z#>sL=R$zr!hqf*>KjbRt3OF??!P6G*9?Kn4w<Xvqvk~qC
zNDr*h2T^5nW^S8fMN?(}eP$V~O3Oa%;gIw*T`oAsV<+7d3`%BGJ00W#LVstpOPQlO
zf4KpeYgQ&^^`#KWis$<wr7Es9^8wN@@dQ8iX-(%@lh6p_bRnhI;9;AC`ENyynB&+X
zTD#8+<FyDWB@g3nUG*8x1%A;r3uR-hCEM?j*a?|!xSRV4XHGyg!RFvZ3lIM)FaF2o
zm4&@MRlwJ_0(@;Jf6uUurG6};6(p1kR}3d`yTD;<@sEbN?Q3onD!ArJVKSZYt}>R#
zeo+OR0E4=0yGO7W9@I#<7v8^8rm6?grAP%INjz6C1Pw_Xcz^c73rEXV^;|#*?Wz{L
zG=KoNrw$i1-}@taG2~3g(8eI7Vo<gdWda=~u})0o#~<#B{)@p#9`VQZsBbd!pVYzL
z@5t@AlMzczOQ>^aMFOe>G*#9c0xwT=ysk?Ox5-$k1zj=%f^s53&4nB|`rUIczKsAF
zUU4aMFA6%u(YZ~Zb1#f@FM!c8!W$9I^m!XLJmKzEqz%1ytQWHuBrc&En=)x5On<c(
zx(E+Oi$3zyU|PWsgWJdi$tX{e<6_ti0hBR?73GRJZ7ZHs$?la@0SkYY(7-7-`GYRr
zEFqYdoTLaN@BzUr;d_{(uQ>xEjA-6E9F65=N^(eJ^i`hRKMcieXd^p~l%+X5<n2na
z3&#&$=(l}0z2pa;-}k%#h1bnGT^IUwn&pv5CFf4+6(%U?CP9fF?rWy29TxR-sLs*W
zE*ttg(^Uu!7OM^#z`LsvZ)%SBqx5WW7(lI3=X#q3sEpQ;35_^G)4cVRd6|nB@are1
zCLrCTp7mLa03D&93fqdu(%)VzJ-A@uY%Mg4dC34GA5~0Yk$fCYi9<#!(Z0@SPv&Hl
z?)76xIrZ2E7znTMiZ}^W69|n&odkEP3<5-)dTb;NggpZMPlCs-gmZ%|UddR9vekui
zV<7)+z!<B{@NJ+lxqT5z{-`>drD~yQ84Zw^KM!1c%XKOIr|bOkVkFze)E#%mBM5xi
za}piVODP^I4-=%4BNe$G7ZJbCLRz-M`@5D32lnP>9o&xT?DORbhP0_}+%IBi&ir#f
z>Ni1?Q{gtuqS``F{1O<mu|GJd2yfoQl54X6Jq84<PUALt<>R0YsN;!YH?T@7lUuTo
z`U0Jl#D?y;?-rT-5&j#C>t|kP&EK7+g=fcQj*mLntbCaPfmtxz(>f>{15n(5`A6J$
z*+@1WP`?on<KJ5Y9Wn=&8@r4jbhBE65M4+sd@s>SD)4ezgFZ6E&eMd3U!wQnWE#Ps
zF`A>|uDxmbOvIPrw@hJ2F<D_npNRc^%W_sBEfqOQSJl>{CHr5J$kJs-HO7MTx4@2{
zo-<1XzbBC!I2r6gcJUdN14Wh*K_e<Udqac0P#%7xa#;g|J#_C5EpQi0gQe?-V90$6
z6>D;QjE|-OeVgZGf<>M`#aTb7;Ck-dZ{=@r6R2e~+LK;t?Nw^N--c3EzzoP*l5y~o
zdVZde{1Xmato(fSzdywcti11+-s`FSld-IW(wHqqk_0u}VT0$&2;k>W{|1uYI^`+|
zjnG!Vytb~D#^^TS9B2>kRX#yZL%B!zdHb#K0B3aFcrPtxq*5O7UTGh9;U;l+UGQUz
z%Y-aVi^!ZdlCLET#{*L>v9{k-j+I@)F@l+uos3wq$5%xy`?99Q{gor*su{hN>|=A8
z-O3N{STIoK1K{C6MB!Kq8SM#^TL7(27SkuW?`P*BV?+*9=zsM4o?0vOfw)p!<52WV
zu1^kD*xjrd7|o&@Jj7eHsaGK%TSc$M*6YvMHAx+OfZ{*w7fsTCp8P?Jw819r3O-=-
zuOV^7`o9?xkVAMaGW(EZM)y;4ptLzqL4awXeX%Wo68<0if;6$;=pHsV&ARQy0gDsN
z;U0KOI9$zue@^M#MFiu8XShmR+97M=;+KKK<&gD{NwRq{VM5<AVw`dk<~*tEeTmZF
zQ-6bKvHPs?#PMIoMAOW%%C(1PWT{Wp;?o~vB4F&lj0p<de~k&;(W+^vBHOmFEhx50
z$iO*Zyq<VB#K?Z)A2{)cYKYis4sL-rWVd1}uVLA50v!d5<A9C$fUs;c@qs3iO{#r-
zXNSvLk0HqKy7u$TuDF|wCf#N`v{*n@LP}~n`b6bjiM=fw!$ED_=1rr#++cdI$IGQ*
zxsR!P-|)Skf?YYxbeNYUzT0=}^F~`2iF{d_ZD(5qG#i0(JD`U^;q=+)Ti$Y1L;;Fr
z73a=&;UJ@g>M<{ic7fC7S_~eMy_#@t?atr4g#{ZvZ{>91y4K;6fiXX9SIUukTz!11
z{a-!;*!O>Z1eikUg5Iq^D#dM5I8`5Hrx_E~<Ps|!>7`VKIT9V7Ixl5{Cp*UKrdbL+
zxhO}-CrTBI;+Z8gdUo3br6Q|w{rZxM<B`3_2E*krlLf_z-uF?DzCn<X1d3V;66USx
zS>&!Mut<mOj(Fu}mB=1*SO*KNhs6ll570#)%h#MgZEkNjNNTU*Q5yn<zaRxdW|L-!
zv=UlCKR+q<3u3oIK^*iFVajOZ26$7kd*Q^DDn?#mGsB=>eE~olnV{?+W#)^vzp+0r
z74IsU6$&q<@&qL8n8xa0@_m^3jooKw(b5qN4><5y>|f%AA{bsNCOfX2j7{x`fdYA`
zRTz{K1rPh<EK5{f_Vj*y=A)2WiFJ#0)Khz;rHKKuzZAb#XDZU2R{o+bya}V6si`Dw
zux_JmLg`l9WqmQ{As(4})Q#O^Iq~--pcMo?C+RjkDn;oolcwd@Gh>_F+H$(!qE2zF
zrp}V%QLIvsBb?dNj{NC|I}g6UqX4{@`#)Z4Wp@n(9YMR~3>SF6^v|A#Kk)`--Rf6|
zmzHi1?C|u%m+Nd!orRranq7hUz1bB)H_K{`^jwbF8s+`bp5$t4G>+J6>&t`;v-N%{
zSAo@9FL3rrk|f6t8fc&HiBE|9m?>o0=za_8axC#fd+1jOMzX&wxQj}mj0fk+(^72D
zo>BwQ>^hPelq3sD90q;Y9c?whu@{P};q}y|z3xlh+!b(+yLe(`32F*%bE-Y0owkb&
z9b;n<=Mwf2veHJX9=tx%E_#f^g*cdx8508+)KO~t&8>&}k759OdLg#s$<Bc`Ladt`
zQ-Aabg(&*mnnuwsA?qY~&z3B$Zov_Ql_UGAv-sLKE|rsX7o*1V^m|=T5RS(|yBMTc
zj+G`g#}uu4$zG_)0fUs@ZzD{vH3T)1Uy$jRb34S1FzA+}7QX^_d_bpL4#y{`8NCP1
zDK>UZ3#)Ih|K<R|F{*a7@Ug&Zfel|~t7NokoXAw7+`kZHC}j8`7@g{c_^FrwA4BR~
z5FH*veztU+DOA**Zmu-Din<CN^J(ok>uY~>LTZK%ecvq$|6aK_js+>DjjC!(T8)$0
zs~(t7HP)1!5~Oh|6__)4tWI2=ZCm7~Ah1wH@LaWw^o+iDY<1AHN9xs(UbwwFRiHT`
zrogmM{b21lrn;&uf<Z(Hiy7-Di1J#beNWhI^t+cTZ`oFIrt4~y3}v~+{*nfCD*&sY
zvUIX^=xy5|kXfISumUH5+4oB_F#84s@tKeWe9ifi{E-2Xk3KY<&!i8>#(=9T$Qg&K
zS4IfhaQkL7%MRD3Kqi8qP;Iq^Fp3D_r(BkLuvOw?9@zJa3mei)zW9w?>;6189m@sG
zts>J1$-!lha)afboRy+el)!?Dkx>f8(C%~0`;~!aQ%T|?e%qX7^nDbxOZlK7cX}C5
z?*m9}whCBN@<(j3FpU&<_ams?cSeXP%seNiiR52Lbht=zX~ec#S3#4d8bUlcjRWi8
z^Fe!Mdf>wdNbsiMX;G742LqWT99DP+0Y36Qu-7lwD@iffHOo5o#@KFp+md5LbW6qb
z*tOds9Y@4>U7IWxa_?521g^qslq(qI#Zk%XcOzn)?_5h*jx1lEP!HwaxFW^E=YNd<
zo<3K19mk2G{(aqRTitfU@lP;$nfwi~$-Z<(?NI1C+f?MyeZM3nUJdt{To70E%WPmK
zPa9Ak&D%1f#SaL`<ZI}0^&zYn=GK8*ow*gkAr5lHNNxo&D6+E5J=*DOC-{sG%Jrhb
z@3k6QeFQ+mjXV4t0$%qa&RmP{bGFPKj2b123Dr{&HTUDF9fPBM-PWG9^kJXV9KTmN
zP-M&?{|NQaB)37tjq=bmFdhfo@gC-(Nhmrx!~EIT*1c`Cil?*God?ec*n%h4{cXXS
z8?Y0qLezmqKqJrynESU5y_uM{TUn6A1Qsh}z+$EUpJF9aU*3s2x(N)BF%qKtr(>rI
zqU1%2!boZ`y3MG6_gUN@&B#Lb0uYgETiB<Ep`v=JYfhaOi)B7guyG9|WAk_l8V}AW
z2%uV7Y74K}o^P|<fe8=5hytFH1FNbqA#KUuQ=3=xZU35EUpNg&a8>2ixGLjP{mAT;
zVHA+wG$B(932bB0w6_VJKqnl!)%DBzwJSPFw5~}%97L*Y9-t`@!l#YLmfEZMaSj_i
z`v)Ml1!s_(kSX!NbnSE(7P|H})S1UJRPz{JW2tMiE*8Hpc!RFkvZr{QpIn;1y$Pm>
zB%^kzc^5cnUP<(>6zn8A!wuwq(i&N+)cez!fH0VmC>JZ}Ljd8=-wFi~Awo(dV&jHl
zBL<}X?bI`SfH6gO%km4dSgWLO0=zZpMLfJUy;y4m4}VAlP<6O)diK2-$jbsz9Vdyl
z6;DGoI8)ibjYI<S1y+f(VR~2eFq>Tbg9-+=Ih&Wf2?Y^Fk8v|0mtkY-fmaY{OykN!
zU7Sut7U}-=@o}kF8^wI3m@5iPl}l<jwy6Rl+>l9Fhr+xnBHUuW3D*Quks{nfBHX~T
z_i>VhZYr`5r;-UCH6cJ__=guegzNx31|buo_o%p*|AYpl#^y8<GH@6QGtC@nr#n%S
z+zF|$n1-A9C(b%t@iD6&AyR8h&g%ZVDXsM6=S_DWErH|U9oVyfkOUs0eOklkmU#k#
zxhD*2JxEc#ZhdsNT-cvuzg#y(i6|y6Rht{GrLLAMF0PT5GDEHz=MGhqc_o=^Xr-H{
zXi~g-o~ycm>mF%#@w)@%l+JrC<;zc5i@KEMY(uj$qjsbFT{#onNfCn<&+qVleZ!>X
zr^A5IC#s=Mis+_|Uc86<Ooze!W6?$3{<|2__oCe%NlF8Tk-z>#DZ1COyJaSJqw~7O
z7i0F|(!e<e|DvM11;Mnoz?rXb#cQSL5r$Y5gTo&N(22qr5@$;9w{c#txG!(6Jp!Pg
z4kv}`0!@)($?a{fF@M@YDdvjfwvKv{+S<073|}|PzyiiMpf(tRgLw|i7G1k*t&q(W
zX20q>!XAV+07SaX{*{Vvlb9D#gBSWY??ciS{(5sRxTY!*vJxf<&(^Ljv*1Iij}Mbo
z><{|FC?bEoPaUL={c5?0iUs)CzPw`f;SnxHJ*R7VA+L#FlShl9a^scKcszW7Sw_zM
zHAOVts3F5sZ!=*Dr8oYuA?H*IaDn$eOMB_^(Hw3dzEAQtqq*fzs(?|nfcY9bs*<Pd
zZB~H<U6qhRtxjos%l-Bw*kIW*s{0rm4}=1b9RZVqN`6#`XVS+R)y{16Py+_$$#bRg
zZ{y^xKrB$hNlxHa4|S{e{OM>vec7PG`R&>z1snQ~UtQaOXvd-^K1cs2<?UKj!czs8
z)-4bSEHS4!nXR<weQ#E;MYHJR;`wm8zpnlB#WkEpwcFe4$R|Q(5(Xu2-k%XwiLN`{
z?f!z*Ec2X8u;DS~kGYB@9qbFRSq_p<lWDfMl*W2X6Q9!m$0lY3X8gG_94>^QYJ5H;
zVO2O@6%ulMFs-4`%+ilTp##7l-oqFQhU4dy246r>FdmhpNZJ?@Tl+Ibf3Ebqxd=D#
zz>Twn251`+Z1ex~{u5IISePasfI3+kLjRvG{e^|;;VyWD(&pJf3i_|_Z?xbkgkx)&
zeM8IQrAA!-CoZ%!-jWIVh({||e$aTz|JQ2mlp*i}DgA&XZ<PMG<HLn&r|-72M66`P
zDYjdfP-*`Db7NC60@l^_m)S~fgQSun^vi8k@BIn2cb6yHZrA1ww*b!dz1zyg6adS8
zMyn))T4bkW8<aDl7>%M8vGTDz5McSCBlLakDN${el%rQL9XIPJjw-UlaNy>shjk0Z
z$<$!0bsNR`9=}A-8~BKyRp-dl*O6AMZi*eDk%<Pq4w}!b)K}|Ju&&fO2vs0#aIiw$
z0EEqpFVoFsc*@m&sifjGSgV8%R={3x9A=g9-(GNy(9JNg^8c+*{NKSfV4uh=_q$Jo
z?`zRAa_9t-Yw!MlC)c*zlHv`iHtM%d)s$~RTdA;-G!ZNq_<`#NCxiCbfjH2QoC<0f
z^>-!a@3Wp)<~I|+*8<4LAI~;LL0-a~b$jv}7)?qsO{$oMa0d-|5K;jZXT1IFfR@xS
zkL$6EUW0{|I!<g67nr3=bXRg1ZFwgY!D-ursz&p9x;vAJ5XJ7}2tTwR{CI^1-f3Qc
zn@Fa)d$YeyB(H^XfIAx~HuLAm!Je{VD!_nygOM}2t=?xNVUG}jTNwl1Ec3*<2Du2E
zPh?*zA!3y*v7#YAT>oS8=(H|1g^gc<_uWv<55uMH>VlIcybUpujFG*Xmi9E7mmnd^
zeI$`6DD#)QZCMB^h$$Ue99b}?YexMqhub(@`Jns_(yZx(Q8%@?>dK2bp`NrVyXSl2
zMCeRDRc#r1Gr~8kxFeIVMlDZbM-~8gbtT0D9+)FoyKjce!>$W)C(DVO^$e!p)hO>v
z^}z*uYx~GK)s#KOeNge5`#S|009g<OR_gx?br$qLJnpg|3KHobM1cSbwMdLu?BDDj
zTp?Z8`Ni}|YrFH)R$6A*kH%N;+qL?^=w&6uG2^$;@|hQ%40*e`s_oQm>LSh-t$xD_
z&T+uDx}&{aGs|jJk3^WocZ<=HwUxJ51?OYO8A9Ibyh#(EVue-$rh9OocOT!EM8c)Z
zGXs)IVcI;A%C2vN5fM4mns`YG<|;5I)qu9SW>Cef0rt^Agee1X7B`g(AG^Ax!<@-z
zCK3HmL{Pm!vb9CMlHAIVWz(vRsnR%3)SF3zb-F`6Yv=2>^y3kFeDiW>GG#?@Aw|2Z
zt(-iGZRM%<Wmwfgo)(CuVdgj<2SpJps7WZ0&5|nIDxoR*%;Bwt1_;K1W$pdYUH<;m
zVrezW#HzHM#a^BAU@DR3b%JZb?s7YKJ~KGRk+}oTzwQmph_&er9*<@5`IwV6&}<ju
zNWvEOUyUn32#2tRaoW=lCuU9HiiyQLnfMSGBDFsdxudTzOc#wJ?G)tetpzW8EGf*2
z7@oTac#{6+*z^v89NS>s<UFHV%rA}&0?4sZE%8RkUjEo=ws*e!?#S6R6vYAL*j6Q&
z<GFruY~vX6L+sXUFwksw1o_YndYr|96w@EGg{NbH99xQzDgEBLk_%R!P0)@Xr$<gW
zkYkf1cTK42I<*$wsupI#hkKsm0VV%h!87uFurfTmN$&161=7_W;rLQo8K3RlyKY;Y
zDs_dCKYdUs%ozt6&!n4<msBcTr*pUc3%0&HF$zagkcidvETa8doE4RAaHI=dkQ<4f
z#ZN|C*Ug4gULdDQpTm+NXmkqD<|G=kZgI<UDa5~)h;R8eKQNVG6nKzx{ln7n7ssZ5
zNEQ;XEsKFrew4kvARI1IM}GIczae)HIkI&Y;wL8gg68HLtvocvhgYU1>M3N`IFEwA
z9GjBekot`+^^b5_rQUVo67`evEu$T<CD7`$G|m{5LQtS7w_|e6h4Y$b#rT_JbFO3a
zW+M*yb6NBW>nGEfBHIfGk>I_1sXt`Tk=*6}tUANd<PQi3l;inTPB8YMx*VeWmE#?t
z<L8(Me_(Kc(G?V$|8fhiMA;aXZ4&!_b1dG(7|5|vHvQDNf{vuiw(_CNK4q#j7GTUD
zGbcJD`0jpcP#He%zi7qJWt?4#zy40CT1SyRsPUDYb=X*p$#E??!YSkwt5=_4Qo69A
zFq?A26H$~vc0vv|_JIsmjv@QikH%7poh6%iwpg?BgRX;?|B!VMH5YwAqZMsgZ<=`b
z?bc%G2+LLp#<V71MSfkqhdX5fJKMI)Hk=kAmoR)io`;iSH@&&?B-~knW>6(u((OBa
z_=r;-4F4VF1H{C+z8L&{d}>vP^!gl~ka035BeP1S5GIRw`c-Rv%=HtU5ZEvq!NBWW
z?{oj{R_Y|(T^Tk|=>Xx;Lv#QYwMN<4+ofOmCQw)o%QTP%ZEk=>!&+4b)6H@(p*^2!
zLt0gzY*Q4vQ~G3bur?GLep+?{gL$Xa_O&N(fLw)7L$JMiWM3}D<jqQTPmQTq<hfY~
z+(@qXA!dl~6&$y@eT8JVM=h(B%{RMkD_EIn?ksSmh2zpQX#5~Iz5P8f2H+MFMdqg2
z0*P?4$aF!u(?>_VCKKo~!nJ6yi}vv*+E3}z-a-l9$9`On3X0tO7_Doc+|I-JOZj?h
zHv_@*@zZCcr{gpf$5#~vrRIUn4?fA_w9l+#Z<y462&@(ExaGjXfIUV)AV-7#2GKaB
ztJR==O7uPx2#l*$*}#Ckx%Ecld4&}-USSGfp6F|dpX?|v-C}yvpwQU2KYz{HaUMmE
zyu)de2mV*{3A{CXPJMu|Gb=i$l-@LONL&->SjLE`4zT$|;T<&bO`9KaIuwxmrK$su
zo%wrgo3vRZ{IrIMuG*&c-PY3=hNS^PE(j&R(6G{<vgeULWRKRcmPSEk-#_{2Ff*b2
zh>UT%I48r)=+_shD{W-AmBTI8pyG9myPq~@8={zhO7JO5pnuSEF_l|<g3m`n6e><t
zOzo95k(T;7)KAH<f-)h>W;_xOI~;pKmVi&)$)nqtxSKgI{=I_w1*%e%i{i1F7VC1<
z2;kGK2VCW5Ut)Z9^G*e`DJYrL$Us9Z@1Ows=eOtz;_#xDpAc}))`P<bjm}&Ma=h($
z-Hm93LzP%fhU5x<{ZS+jbJTK;B%56O_|^&vGA|<5>P`p|j?|cXleIOZ>gi?bMj;aN
zt2rUan=kuyexyGl`6h^DrXG|lw00p?uGK@t#%gul)+j~zK=NR)xj*;lO#On{vOjA4
z_~tfXtm7mVBVZ6I9ZBNAIQ=L^MrJGko{BWK?n9s~0IYxEVoyxJXzEq&F)konK62f*
z@;VxrD$sz%4SVmQBN`*U9gK~b{R6Y117Wr&3a39X8)G!9p7KYfoQtCSHD8hFhCQ7e
z{F`G%uD%104EFT~ebXa4r8v}{*eGK=B;TXZmfNj~2sz5pTnlHEno;m6EWP%4#aVQj
zwg&_t%yxL)dXO96i-`{tZmV4b#bp`DD@$9p9f4g|a(clV3ctF!fsfV?kC-8(mR)kT
z{bYSKM*fRtJ3|bsHDESb3R=^w+7=aK?ocpCyV<kAkFi3ZWSIl7K&lf9PR$-YBZ<<5
z{QZRb11WBpAOYn&bm>%l0IBEZ3+g7T<91=v)Wov#q?mOi5HHV(!-%ERljb5+GY8`3
zE#exIds%>$L?NL58;%4^qFh3sCzA>@m5AT#qe3+0=Yiw}T!$WOfGy7Xjw|+;_A7B>
zc#Oq-^$RYi1j6OX=+TL4Yop7cJt<5h)pMU!=}Y0=s;T1)wdm=`9qDgY1Q(2ZkCyDC
zMQ4RcQ3ePCVxa=;d<ny&?0i4y=V{=^LJ?w4gYLd}4fnV6)rrc31N7%Rne$<vC~!D{
z0=I@vIIB9_`nYX7SpGx6@ORm>er#kUl!hj2M!l)e4J`iQnnkAzG75?PYm`>@V9oJ-
zpnH3B<*-qk=yYs!8vd10n{41(bQ*&;MBR)8-HaeGXyr-<28~M?EYR~@LJXpJ6oF%L
z76M7+uH6J@gB$I8keA5HouN%vLla!Ftn!9S274W`O(1*I@6KIL*bf%lW|vt&_N0oJ
zU$vBowQ<(o&y;Qr4~Q?0?wby4j6bjeoNvq+n0T6c1Lz2U`m3&bxesr)&^Xi^w3|-|
zCJ)Fkgr*!oE0!MBvf}l2^D!-{&O_0sdr8dB$m>vai_&u%Lt<74Mw_6+kQqm4b32R<
zW1Z12X4I998gbE1Df^4WDxuFzC9n8ksHhx%KwvTQ4r^s+lkSM8mVyrKc{#C~1xJJY
z7R(I8p9m&+61Y89IqA-siR^%46Yaqn&~qjD83JdyVHxCWR|SMdsy6Ja$&Xc9T)kJf
z;IL<?lOcrh<}jEl_TYs%>|pcHzKwmfLH1kd3iMA`?V5yEC?BPeviU7xdeW_2&`w0Z
zq1#6M0NqLsHd>;QU1K4IYG^LAJS8Atn{~r|b?6@6kY<|=Hh;$YGB3c;0?L&_jA7mm
zmgbNyHypWUTOKb&%2W%N6ExyT4U;scJRQ-JMH4snq#iWJU;ZG$b4cPJ&^hn5Iu?mi
zI#hR9-j<zFP=2wvElWb$i9I22WgHnBoB6j6NC(GAvfLZp%2!%JCJl*ui3q|B08u0_
z&*GMY2M}wG>)Q`FuUm_QO%(~WK99I2N#*^H-)Qz^H`y&p9!+B73vt=S`$Om_l6D@j
z!H>Y;jCuAakb9P55=*8YtbN{>z9Z}e+7-Z581P{~+Z_W0u-}fVJq8TKPpqKuvL5Yy
zj*sny70U7p`7_cUh&w|8m2SE==VAKYM!oN}pWyL&kU|V1qJh8%=ahBw7Bc=>=JUGR
zH=ZOEJ|W>G6u(NDy+GP?xjnF<R^UFmq1Gs$AUbN5XxTk5cTo4ez%`s%_yk4HYujr`
z;VGysKHfzr`LwrbwaHjaJ$D|f55|!@UylErbXx&PFdyf2;FG?2rp($R3~*ZoSISQ5
zei?GIK@Z`I+eXGdx!K~-Kk1KGYc>uv1o;KB>0%BZ%5zks6Opu0`^$ibpFQ|#qDs-B
zh~niX{<P%RdnvqU7!a!`06aRaAod9rE8RL0aplnRjN$(SvdMx4Xv~AR@q2CnK{lM{
zt!8N-Gahd{dtBFDej#D42V9DsI2=%F*WE#KX|0Fw*2_;O1LW3%LRzlwpe=#sqb`T^
zq#RWo0EtH6yaoe}_bBp$N_w<$WA1k;U?Ak;Ywr8ytw(lC#VsSjoz6Gkt?KwGf}3bT
zLvx4;2a~ntthw)}<F+{32cDT-?rc?%BP%hn51_F@u(v2k+=Wd}0Uf>pyFWWxfEZgU
zR%1Ap$(>_-Y#Hbx4E_%oJL;$=%U}XGT!72WldH{#>}c)?bS%6cniiWuXnx^f*kFRs
zn=!0i%LB@5dX_mVURoL4v`P$`?ZASPN*h>E?hXSB%F941?So6AoZ$puLHVF3D3m~b
z3tp}lo9{lZ^RssvG`KpxstB~@GIZJOL}EWe1qs}uF22zmIkal^UGKsvlMRq!n@Tpj
zbV#s!NmFfqN1tF@74cJPPjkl@^LPMVKrcd;=xm#Bn>~)H=<GD$<fI@%fYiWrnbNqh
zN;^c=6<I2pSL2w>Qny({B3v#DoOS3R4p1ZPW<3W2^iu2?+@wK={3M~bg&$*3g9N;P
zXUXs{FR`y~IKd|w+>77ejR(h2`^ET!u^g@moIA02`w>t6si_GB?#PyFsE_NWZ{RaZ
zmTuV0J=fjNzw0YCSh%rA+4Lr0KQjHC+Y}mHR+&c<qz?)QWTOEwA%<;Km){H<X)<k&
zN#6$s#8DGLp~>)D@b(Ym98_aQWx}?k%^i5dQf`%{(9J6tZ{K?4=?z`vrhZXu=Gd&n
zzbQ8QKNOo%HNBN$pGWQIJHgr53F&ceR_<(|6Kq0a<^YPw*u309W?`hG1YHHs9v3cl
z=puDd@WOLh6cZMg^>ppOMMPm{+JU8SrM>DExnMDO=*|rLmFeb<D;uexZ_5v&+v-5b
z=eZEr-*J<zel+-9v!#QVHO}J>)eh0J7i-p%WmrL<=!$e~iPZ~1EMR|GW_Qm8E&VqL
z)oo>O)LH)INU7AyO+{*mHqJ0=9@>RhD6g~saw|C<s2An|(wq9JobqHZY4BkDQmNwT
z0F`i4*Z&Fy+W{Krg8_@gbZ~Zf_ucIo*d?DU3R_GO%KD#IY;2&x_7*m;sr<$~e=Zp-
zs1vpzihW<vJ9^nxq_K=GQKvsOCUA)tF%-hz5ZfYw=;`NQgHLlN2?+0wBv&=e^w)*f
zhqAIc%32mp2IeO#<%=$bRv=x8pQEd8L7L3_CU|QhdfLaZ4{?wF29g@z8aJ;u4cCo?
zSJRG8SU|c})4S0d_HrGnZ`hNr>00xQ!Kb{uR^GB3%WC<KH9o*0p_jnO#C=*r6Pgh{
zBveIZQR<x>e|rRZD(P;fG?&08!ckZ15`8O^t&WpFl^*IOa(#3drOx0|^<eg~4C3U`
z)tQ9$2)$*R)i|uyr5|~al0)S#(IJO36QOsJ;7|zb*T6F29AObpn9s+_gulE(c6Y*%
z)xY<5Y|mU%bOR4Bw7{Vfi?<kY(!YH=jr_=!Q+1|ff@nvy=;*#atANq?#CESBD+;KP
zFe?i1RvqgFhTk#4p(YVl6#Aj2M4uo#Dz#|YF+q3G60Vj(@WP1q^)?#bZf@Do9vGR>
z9xX7KrZ5H|YLRejm3)pp?oW!av{wo=VdR7pUd5djwNPB6j`9n{N86E#96VHl?Z&Qs
zXsHB7`Zi#<(4PwZjb3%qk57*`WUxcKvPdvPyAFL?i_`md6!V@yn7<HldyD0hU}oDZ
z4~u8n$NU;yEGR=KxcMdT2lT%$OCIsF;HC`X7(pgUD)8L@{3InL%ks&D1hPLgJlp03
zru2~lY}~@f&)5lL!QXgFTvYZRxM)aeG!fWaQ<wAqVe2i!;#j(9Vcgx_o#4S8f_rdx
zC%C)269^8$-QC@S2Meyj-TmvFlk<M}dG7tuBi++8HPzKsd#|<j-emc%blmii@JNfL
z9v^vYmW_5iy2zshO`J_G0o8GoA3}%8WzwJmmY+D59~fTU1K<~JH*?l39!cyfH5u(2
zK`r}_$+Xri2=;D+C@mzmGffd-efG2dy{n#c$x=jVY+i4HZf2^A@KU!vAoRm*Xwc^3
z^D4`L^rS#&x~NGyFnP)*k$f;oj}G`Ii_R)H@^N(Jqm+<nQ3NJ#8r2=t-DX>nmZho#
zC;H0yHE$6Fc0GoT?KOl0C*_wxAC^wHFDC(8Eu<zbAP#(WA80x_5bQz`>nH3R+TdI4
zS3WTBau|_3Os^o&IyCtM$~r~Emb4t81Ue%DXD+^izenf>{HI(Gae`XV?Qn_C9B2s=
zJa#&<i92WJ=aH=Yg**OqeC7R)3Xq+S`keSW7MGvtL%_5X|NLTicgZI{U>r4mtL4xa
z<ez-22+H;CZd5tHLNz}qC-ZDrTi*8*ugDeo83~0T*&`~txTNoZLB*~Fg`g1^)fG9>
zCW+v7(laXj!u(_0JU(q<ALz8GGq0j_h`l#(p?`cg$!VZcl7l$&zoxcFoB!w9*D0vT
zu<X@~3wNFJS1%zh>DfQ2)u_}>s!yr$pYNYYZm!e(CV&DKNxP@yZ@-me;%q;L;97@p
zG^2HTRfu9nNr}#!WknFe7h+Lf{`SAdwsThecgo0y+IPeO>f)V^v1}janrUrFiLt|k
zYgXF7jY|*9|8=Bt4M@LbQJRzD+8QKyE-@D_P1D6Zr=vqed8b*$v|alY3;%-6nQY@H
zf!#Vum~8ty@9^St`RXtm3o+~}`m%GTVSZ?q$e01Gfga!h<`|HJzjMqvtIcFEh!>{H
z6r=w^-gZ8du^O#Y{*zwu3WEtH18S=zLTCn^ErOdp+qWx@=5!h7%~Q|_So1jNO_#s0
z-LIZoB72FHFb!$2GYl1P5)}c`6;?ugFQM_@Cke4Je_I29b<Bt!`A|fD=5PGD*qfyJ
z`PiGn8V8UMz{(BD)d^CJy@}fiq97#7)KfWf0NK(Bn%wxKq(T?@FkuW5=5&efivAQ-
zb7zuhw0iE}`Q~W}<im{0e6H*9gZM(_jd>Xk^Mv;|R2P8BQT-GHr0ut@il0fy0O;=4
z)}bC5TSiAG;2k-qIvAd#lV(Cf#*g(LU1rl$lVuekllX&L&7}G#0hBs|FZORK<d1(O
zeSeUbpujYvZ2ZCCszO$7z<aMWV-#CIB&ZVY>53N{6vi3LlX<xwe+-ik{EJGU-JoSu
zF-43M+P|5|g8>vz7mTzx{7Hvd(~l2{%U(haXD0~-uF!vCL1zwpK6_z$0f`CdHQJmU
zR<cfFI2;qE0+MqxABp*B9wbH(KO9A-we%z<;-*;V`!ie#kc(yZTVN|VV~jH<-d3R1
z+>R&NiF#d8(tPQpy4UsT3(O$+nn;%;oy^p-pfk>QC`h1r+<eex)5-mzH_Kr<fWB6R
zpB`?y?WdT{&tB58l1*=96+JKHY<-U}bX@1)+u@=uCb2>vjkGx7|Izb}p~i|+!(L7>
z>acE1OKt!C01Thh&Dgr@IWHmYfY2Ws?UO|0UmK0=Lb5d|Bl8;x0w*%C7?2PsP2pxS
z4#>o9CVE83V-urD5cE+xLFA!g@GuoHN5d-uCi#gz_K}Y8Ac8)RBZ--F4+<}Tpo|$c
zkAb%kfdkC9anx{eII~iw7q8jL=H^#t0z^=j4N@J}>lugL|1}uME>P#VI*d+8Gavvo
z=tLCyzXpNLjA%hK_uC|ST~hs0G^HEpX?n!aIehVc<}>|YjsdfOrF>a&6(B1IwFk#T
z&Lf=PugP<(Qdvl@xPLljz`*n;SeK+3QPrL8de>C2UiG(p!*Vh{vV9gFC{$S%n?4K0
zXpINzvJQS(jl7z*?eH4vGZ&#-`VAYQjRtTqw0}65=S+AnRE2XDwN!+R$KSz1eb~8(
z+Mnty1vBdQGTX|xPQ7WiH8Qc}Zt9cYu0JxCnot{cdEU~g_cS~YM)?TSasLcG^k}B4
z`ug;?b>sfRg%VVXDf{TNEaXWLQQl#2PmjtAUQa%&J907=)wD$P<Fcf8UY7e>*j;cD
zKxm?R^36xRgyOif_-E^P|94w1IdMMk@>Tch?GN48HWY?k6S|&0!ULqt_&=n~ObYX_
z=6RsLHv~peqkr3eL#;dA=vby)j2FeipPT?OL&aKN&}3rk%PujI-tm>dRHe&}zqV}!
zz%)rX0~nPWHg$7tj%;2I2jZo!Q_4-{KaR)EfKaj`<ryP&VQi=H2IP+_00ViIXQVZ}
zg4>qp=8==o#g08&2W8z`%ph7EE2UnEHc^}qx_RW4gJyf)UD|$v<Ut$tB3~;h>KIh?
z<v<samnc}tCM(jgtWnz2I#I4z#~%HUnlEp--c?%3)pB+afK&Cc$;$yXA8<R~eUzN)
zt?woImV1WbR-PM6ZV^H~sk?TRehIyJv_o(vami|TLCK}UOTey-r-mDBbh|{95Ev+N
zEGy2QXVKhZ00`QP^<tnk$+f&}Vaw<X8q-%q30u#fm!3q-Xb=7)StgdHa%U36WsD>B
z5TlOW0Gb8Yu6#8KM)g-f#m}E^cC7!hEP6@n4)sYth*Ye<eKNA5lv^iq8`s17(Yk;%
zN)wjo;%No(bZwn*)ec?2%H>6|*Ze<=mzTAjnk{kV(<xvyTT!?EYivF5x*D74(O8^j
zW)!tF!rE^1J$5&qQK()c;SvH5eIoN6!#y(d9X>E6>71(9v6(cg*F)dGTdl7vbrx8y
z4-!PKP-Ha@PrIRneOIM<;^I)Hz=Ux4R&enl`Pd3UX(I1~6R6u=jrjP3wuZWzf*A|-
zFMkUHs9TDpn8QFb0=c)+!nL~$ljIqh;i-`8#gOdziWZlKR5pIMmx|U@)p)nbp!~~8
zf-`j>h*0yAFx)3vxo^T|d$6iP*g%B*l<gle->K1)G?Cjxs=FpJVf3oytW-TQXUU8t
zBzIKDhbjrwd^g#Ms#QhvE%E4qv)i;2eVI1DbADIwFHbvGn_;)0_7_P(Nr0H|#j(+f
zv(x4%5<7gv<lAuAD#yc2!U`3z9(?(;9^gB!#II11H_HL*!HPyg!phKkkCkT%XR8Gk
z=UKcwFI!TzG5GHB(iek!mx13sTOvVP$(eBqdBUZnG?BZH5($cYD*r*9IR%C$=4I)w
z)iIy5`EmEl$yQ`Dk%p`8JWGDeTqU@{F`C<iv6-Aa{V-6lM7^i8ZgyOdpWM)Z%(Zzk
z=cW&0n@9=t0++5C(`+HyaR+GoSrvW1U&bHMbOvRZIP^b{-}>tco+D9;zXXREFH2p>
z?`JZ!Ay}%-iframYdCKT-h=0;{6*Q_Tvrd(Bx;@uB#i*IR%^XP;?iHc{r+PvN_zZ^
z5)7bcg!_&Q&J;4O2!j|hZGs_^<PXUDDn@96fj+ptikR=nYQgZqtEC}kx<gEc4tR%6
zCKR4OIFlx0HO<qezoDODSMFvvxMC+_6w@0)>$o}PR`IG}&k*KeudJo@_%`*`=E(Ug
z@2}Uy3+J@fG;$dSoNV&z7@fHoOLi9;TbKIqcI?BA;+wSlqTIHpX;tr|4#tAY11p*d
zr!PdS3i=0#2I3A5`~{BvvMh$4_rjzhN~~v1?GitiIU;iQE9}ksZgLNjG={ceJW&qA
zab&&!QS&v-3XP`t4~G*U934LDOOuH=_x|?t2p<?a&P+C~Qy(U32>P_yK`pU$!JL5s
zf}CnW)b1|E&*l>ReJG_v>FSNt4kPYK%P%cY_lW7bAnfw#hxb3&%+mQYq1=Q}Ww*21
z%bgDZ5{|K$2-nq{Gkil6{ld4J_bAK!lSYzWfz?VVJG8^1At6d_uiWgj16wl<DQQWb
z%r>7$BGZ`QAX%Gk3%O4R&Vs4M6&{(gi#54wIj1Y8Lmtb3px|Qs#>c!0Esh{b<2JE8
zVFuy7^l$M&G;^YaU$6*n8J@)%iC=yj$my!bw7ee2e>uV8cb>vz<!RdoLKg0Ij5iCt
z7~243tSb7f6>WN&{~IRmn$s`*rPtf4C`dT7HE=jk=R3*XivNa!jCFgg+^i>Z_z-}%
zHT;hZ(Yj}6IGwajT=Eif1`HL7{|prev<$s_v^3t$m(fg!KMEuO;74CVQvq#F@GvfV
z--6q;$4E6C!o)oPH9{LUhP47jKHh74?G>J=NC-d{+xZ9nbi?O@o5S#M-d?!ddEoOs
zT@+srq+Io%tKiS=AN@sMs`+2j2r*}dgXfT(makcu=q2g9=J~NAkK4V>F!&w6f49Kc
z)#BCn{v~ySm22DXHl(#8sPC`TagdGjNx>*2A6+p*(pf;&F`*xAwOaNB9qqF-oo`ic
zl?Et03e~w+44%5DX1kUYdDIBD&%T<vJV#l0z2B3<&W46_j)b=U$`rbuhl)q<F?UI-
z8)6kSh&ANOm2xo%(Dm^HPt6z7&R-2uZj#`q6(oO7{sY$VBhvJKn0XYN=9W77kL4m-
z2LKqNbtuE{VF0;R7}k7qkwUa?c5?x+Tl^i3WcgvufOj=g*af0VO+&tuqQyR<TRZ6|
zsHP$Z+iEzejj_nDOnmmUST;u1c8*wJ=Fn2P&Ns$0;wobjAJdK4Wa)!GE<AEA{Z<>d
z1y&tUa5GaiJo%M9nZssl{K<kEwJr_-HSd&Au<GJ~dF~GNmxKwisR=P<F6r|~Wb_HS
z7q~eoXgk%e_S@|uceqGOt+0{L)ndmkJW9F@>bD2ykilEUVEh_YX`yNg<w!)`f&zX!
z+VA-(BVX(B8-dzs3Nbd%dTl?IfBHNSO*7=xOSB>X1#CNug(=NxEnk3sBwuJpXEKDz
z9|$eRaK;gA;AKh;NK>H|UcQWjRNs*Ba(C;BL%z1fVg-E50S}8sz3BtgimQ7G0aypf
z^lJ8kfE?G9vrYAH{SU(GjzX4q?os6_j_fKwb*|HdD4wXBSz2R=Nh$t30S=z+4&dN%
zP&GSnQ90rhZ;~`${%ntF=H{eTWo^~UZY>YV4E@)SEAB1ZZ1$ao!s@&^i$olHL_%}=
zKJRjFb!2;z=x)c@hzqN_uO>HC7rVH-2Qy+t8RfuSYI%8^^R_ef=;@9_*+0R*TvEgw
z6X>{yBu|vDZTCIenViP%=f+qI*Sf{j4UdvSW@dzfzdC)FNzt|0KKswMZ2Iz2xv?Xn
zY1H$Rgs=1eGrUgV?XFl*YFD;iBC-bl-cpv#R{x0la^B7#+GYSz-_axL3cpuVJ~+i+
z%S8k7;;}>J4pTdD)<I!D%hD|D^EgjYoz5x?q~O@Edy(s3-kT8DpB^WKQkR<FDp;IQ
zLb1n*vW)Kw<ym{_e=u>%YTvE1QAB=3z$FyJ1BR$%KLB17kc#1bE-(~N2nE24+3Cn=
zGQ?BFlZ4QU_G#)3M9mJs!if6j&H2|C*81ZMcbG+L9^4cRYW<UPWAcWNgJDP@R!5YV
zlY9rwWdPfqt!NUS_LE+p9D15qooF2Zr(&@>djubm-eVi>t`VZF;!7kq8W)*bo(ABX
zMYf7gU5Y2LRGt^)Ez4810uFFuhI9PCcN8|Knah>Of}p^p21^y`H!|qL)v^Ge91J$=
zscn&<!M#mFn3n~Aj#jXIzO<ef$yqpaET@{wIGHJnWQ<`29y8;AE!p3-&N0JJIz5Z~
zI%R5h4dwjBbHR;OS8sakv0V6wV~ogBfX0D`E0aGF?yraGX%4QV7#UEu&4wZhS-OTH
zkw5_Wt&*`MA23E)p!6blb0v`?cSmRv$w3jt909g~BCIoj{82JTfW6IA-KZ;}ZX9w|
zb+vojmQ2HZO0r0H-%7bC3RTh;sRF{36c%FiqZuPWg~H?wlaARlG6OKmNB~MGXFm^G
z9kZ8!C@)5xP_f8>(8XlPhmqd+?^y`AV>9s~T=;bsVWL8uMA%vYh!RZCKpwjU;xLfE
zJ{3fc5(7tz0FzXeYB&3Z(!k+-(Byr(zTsC^eBr2BiPF9+@!8kU=|>NyAX@ycoBPR=
zEEhjqC7}hi7W=P)IL1H5sSPnsX&62@`kU!kE7E%?BMzBr_BUo0m?Qtxy1y}7GB@SC
zf?oW+8HYEAHfG0~uNGOv@wpcF<gKt(Y5JS}lB`W*->>&qzZ{?hpb(4FxUd`@cZLH?
z21eOSP=J^&3-}XqdAF}`|9}LLMU!K1U+1?^BOD8TnRv!}a<QPFL6lWX9Kb+#K0TFJ
zx4rw_9?j>!zh9NBSHIn~GXdqlbGqKPqtx|%UkA_iUN4UYyFG8)Pv&W{a%VzIH#()y
zjxTq!VP&b36f`FMbUVLJYD{dcSB#ze_&yUqIWfN1ylf|FGmhESaq3!jBGY4ez$-Jh
zjf5y*{V4!rofZm9D(7ZV;a<W|@wI|ZF$p((YDM&+XiF8gOtkCF^YQ4K>FwsRTtTf&
zkwen7ALB8i>RBkQit&jvtxz@2gTJgxWJ+9GenDSOWB$jU@8sedv+vWHoM5zDa>uc6
zWebPklGe+Jx^SJ#JdGNnLJ>B%&UkucX)jfdNgAUG{jjeUv|c^fm;%T7a(jTnU7rL`
z^D(|AJA7@L+Mf)Y%12$JU5jaHq6=jDSx|nOqpf~cv{k8Ten~#-Q5{pyK#I+KuPY$M
zW?1o1{-m!J7AKHmb1mG}THmYAulh&%s{*n@K-aIUD17D<ARH`;`@@o!{|~%@<MMOA
z*DKHSsU|1KFnlPav>;JH$}iimi*-q$tJzev&#;7iOItmjYuE27@QgsDT?HEaxz(Vk
zMlaU@f#J@b``%C?%&xKTPBG`>w%Q0Ui{|{xD$#)`NkP9UuQYPgNcRknB6E<}FayJS
zQI?wghBxwL%L@a<QreluE5qD4jv~@GZG$Q6c{9FXc^O6&+`jz4q0rg}>f>9N24RiH
zbt-n{W#7hd()q4ggCC4nL#-kjZ4&Md(<^GV_$3`LsAzk*Ea4#fl8`bNo^H(QWe0lt
z=^Z@#sC21U&rX;n!k?|VAiSFeku~q|?gtpM>tw!9vQV@J@(!N1pQhp2;_~7%+66-u
zXJc(QGZh?!oG*O?CHmq5Pfp{bePK}}aWr2!PgJV>K3W@6Q~9Ijr45o|-<I^^x9L53
zH^m0nXBl}sY_;iPm%!<wBpxBlC0PE=^Jdn9w^w)Ok@hP8A&Vp7YAB8tA~vtxPZ$s9
z3WptBmetOB(;mY6A^6!l9;BOR)G8IyJys)S1h~|92wD?EKdsoiSmfzgt!;#c=SYCM
zhXW2XEFq7Z+(gRRa9^Ksl&k}E_GaQrY^kz2&MqE5Y`R<7+LVqi2tm(Dc@=_3BGK^V
zt_ne`gqqWT<c0hKp6xT_#?=I&sBS|OBnBo=pw2hy5chp!)Kh6l5&nQ@5~%<S0jv~K
zf&jY|G8I{p0q1%N_ZTxXBR>=7BxjP&qrWT%UzzhaxU9m3j^(Y6!9_$Vcp;_8vNHIj
zYYnB8+i`Dl@VqNCC8-M`-&@d-Q;j<^8b<viGTeEu|G_ZR1B>M6jhvz)g_}-(7g(cU
zf1DR3*SakqVkrU=B5z=+rM#;O;&tZwV1m<r&bW1gfOr=IAt7b!xhQ?E1)Gg9<o><_
zul5XYu>ZUP<mbLR7W8{Ocs<YQ_P%BBeCLPc%en8irt`YO?&*w~dA0QcUv0kZ1k;l%
z#hz($>v3FLbI=33KR9H#FztX0{Z|eif}f`AQ7}3Y6j6yiLtfG%DH^Y0yDgqFISZxs
z+VX0@?MWE&sK@zp={!olX=uTN>ATFUh1byTbNcZLA4^8F&RmOgSJ&>$IzdC1^TL`6
zpA@q?Erqto(-Xad-<d=_yoU4Zqa$?O#!ji(gEk|+{^yxXPh~|1S7Z8{^zS1h`+7^{
zXfheMTzx($+0IGB6^_GVunybBiS?sj74|5)`1B~vmznve&<hU82_j6fIG50N>&oTx
z_La-9aqNvnDaAASKi6jd&zzX6EG?F^-4L7-pqXyOz@uUmd-yuPo>=zYY6sL$vHsGc
zBW!IaahGibfwz(c*B5Kp`V-<i!N%7acWg%Pe3re3J5YxK09FHVc+3j=VPWbK6qIfN
ztGkBJA`u{o<qDSh4Kof4Ha3lG1i7912PXW^HUK?<8fHIA5Wp?!&JWE#6GN^|ZPjhN
z6);IgkFrk)0DVMRV*j1|DIZU0&u5~(VTrl2+?yLCt`)w^vsFv|2NPj;hBQ<6#cOu=
zRnx`JLw<9JPbSQf?MK<0AdZ^U2CThL_=nZl2g@K+YHotO0u4wUO$g4$6U(s=_I+l|
zH+ayOk69|s3kQt%^99DR!ZjIiV{-2IutZdd$1Z0<-xYfhb}8MM{Ig=EtF8nj1<g)Z
zs`s+OW1Unz5XZ=fy_?4{D36cg@=R!@UF~7+-0{uwA@p@jt#ai>ETYOuY<Rz;BnWbv
z3Bk>h$6Wgq2v2<=k_$mX;SthXXNy85l9{d#G|V+P!A6Ugn}YinHTG1qf2icG$<c$F
zu0&pYve|rGdz$7i`HPVT>OmoZUH$-Z-2N6VkHYj96758&0dW`ycBV#8{vSI@CS~wp
z9Q15Bov~U2xVBLk)5s4@{R;=9yl{m;-!#2DOYZ8e{Q3C|fuNswnFJ@L_H$|7geQzD
zi}ScXOj;cWdl)sAgAx(faf3n2`2&w^lnefEO_3MFu|KN|BcrdUS-T-iG}$$<=|rca
zY>%`8Vq+W)>q~HpDc5v-GJ_aXpINef)-gy$7p9QnZ_!r}AHi4u;<6Z|Y%l{%;3E<G
ztUSUU|J!K{x}6HTJHUdQMXL9A;6%og{@;ItMr3Gqdr)iy$HUqSN#RlF&cDup%d5bf
z@jpj!)M_yJPONCj_@i@IWF*}Ca<W$)uQ1Zv8Ir^tB)kI1c(l?>(dBMVgSml8QR;r_
zBfWB8nkR%pQg>Z^pFgw5;s+?uL6f$p{8ZV<Q38TM)ztn@r4MdYiF~f{`9^N9b`JZn
z`aKe~WZ+PvCnTm5fS@axot5`L$>lLQUE-XV(9J2}2fO?Q?6VLv8NX>0o!DC16qV&L
zYid5UOtgkqup;FRvxFL2L74%by9X$`8pf&N?iS^~Q_CwXNw`PjVamQk`<Kk}-jL9|
zOMP(e1Py(4(*w*~sL>rI(}&GO<^s)&WKXWQ54%?U@ZIy1fmKWO;nsH}!XdiN=Dq4?
zn$wM5p<SL+BGnu91@sR+XDGe2noGW<K`N}<ADB?gNhKV8Gec~`VOFOObnqdz1-1ov
zr(2t#2Q)#mP|PVgZ@NK84m9u~j0B8;1GWD<z#-fDgD(tk4nu1HD30uqCeaocE!kB7
z!^OxcubJr>ygW{>aw1C`pY|2ZKKdwqxkiltrS&yriGm)lPzZq-hT#il&o@OaUp<RO
z+ZDD~@ggh%`N$2RIHBfx@cQLlv8I*m3wlm5r<}|2(=22AGShWNSh{5vljfj|nc!!o
z7Ccf_ST)Uqex;Ezu;JP>#F;o5EjhS|a>37%lBBo<eUS8ErRD%_)EC1FhwFoYVX=Rb
zAR_)(7=CU!jcTdKX3Hk^LIL?llrRcgp4eqa9Um-&J$uKD71CQj?iPtZ0#6I4n8G%1
zy2%lU*{lY?aJv%ts!V4aYB|SEznF1e`5n!q;LQw5mQMl0QS-@)RKv}5tn4Thvl*S-
z+7?#wF84uBAcBd~u_Lz8&V}0}Ul>uf&>dDja4GEiG%QK0_v^;6Uv-A%$vvftcdwiY
zKOO6-?rVajLec9cO2vN5b>|z4HEqnMvW9<}OtJYa4^OF?>_wd3eF?uh=pXH*%=s?n
z5_nx9;CZP3|Eekl4M7EALw@QG0Xtop?}po-)fI42<9CA>#X;*OBa~MMB{H;BhT|MR
zo`dXJ#GZ!MrL_N@A5daSVspU5^#RSyV~9M;f1Jy2i0?eUj3lw#z*LUIBl;h^lFAl*
z^dPo95q=$-fWB|)jOFove9eY^6nyy(_A^1_OhQ7)X&5>OII4Qg5!aLf=2vf!{Yx}L
zWt~}2#gAcxG>o(a`r=<-908s0CRsKahGVS(84pHNajn!~W8phO(lC)&^;x{hxoss?
zy4$;Qy&34j%kwZoRuLyk)!P9gL}vgFLEtN5aDx;PGGvaZUhvnRxv$Z1PLwgVr@T}I
zPKjt!9t74hez-PPn2;7(+VkA3EqDHND&}z}_WyB_=JxD^3<Ftrkmz7znV1f-qd;JQ
zc9>phO`R3w@>$g#P>fU<QpR3BfVI;$-~+O^pNWS?s6n#$&$5|o?;;IQ55&lJeYTZF
z<LKeJ6M^&LG?IKR3ij~CD9!abAQf_fM=f5&?c5#n!`=02QpmiyZeej{#-IR;f|t$W
zp`uA@JkP$B%i9qFF4bSSA>fa9v@149Rv%PodLVtZe{1ez`x`DV?xn>a`5R|-l~$BB
zk{HsD-Wnunbk{D+zJJ^|w+SPZicdN~_UPKQF;9d)`fdDAab$*!U)jFc(U~+R&A*wb
zweNi#eW5_O7q5L8b*#EwdtdNhtKu`eS4K+K=B>%|t)q<U!jBbn&E{YuqHH2JK7Pd4
z-sKqii&}}>E9$Gnwz?}b%zU!0yg5LoZ6@s09w04pi;D9UjB|^+NnHGIb+`D`dP*Sl
z;s|hYOwNH1{{OB*%+xS@O-`T=<ABjHJdOJwH`tR&`gMg7%}zX%Gdh!tDZhRM{;!en
z=W9Z>bu?^w$?d*;^T9BvhsH?RJV^kv;rTbv<J?lnLsENsLPX7RC~9;yHK4fRCUNLC
zv9K%`NXmQ(ne_lI<T#7uydAdlBRo+b35Wpss;GWti0TFM)0$V^?`AnxZv_#lH#_UP
zG~1UlY@t}fRoR|{d%amG_I}CsfNl)&-=+xn{t6O$VfD{^pv*@f_}e~UCl*O8u8=%I
z(hTl4<iAvC?xxLlM?(P0{-CR<c>?~wI<&yRdIknP9s4Hs%{Z{eJO4gyz!b|>``;3w
zI5YMHfL5+8NVZ1#Fg3%<-(i>|LA>f<YN#s`Y?k~lgl;4gv`v!FK{WSj*Wz>j*Q^BX
z|3|YDwErK?8e#Z<G>feH1JJD96!OZV=j<s=X%tK$MU~H@j6gcw(@9RV97ZwJmZy9g
zut+lCPE+NPrRVU9%-dJZ-}ewX>N|kjRlwo+Zt4rKSRcuhrMq${#_3WiBvF<2$8XQr
zI*eM=_{Sb-$E)yp!2l5%dqs+OBwj&GYq$No%EN)+LTrBnmVPGOERz40emIcY|J$sA
z^hen*L=5I)YQpD<`ky%gVq|%F1tx@nzU*dg*?s@>@o0$e#rnACgP=vf?6u^{uR&7!
z@lCNZ>s~8LyRu&EFUMavjY376SC6yT8=jKC#EZH$23b4Nlv1Tt8PZcDb<O6cDEcPh
z&ff%pGNk=QDRNEoBTu)hnn<3z-_MgaVn8D!@>JdF|3fMIpXfB-4R05x>{1^_+?7U)
zUNV1lATy!Wi$v1q98M80<vHG59?h4l>-*iR-oFD-#q#qzfJ|J)`Mo^Fbw6*H3%(y7
zGj+M&?k(!SoXr!z-`tj0`+n=hGYuuOXfQl-t4@6O<ZCqtOB&rpSG(3%FBToLLb`|g
z^vv}7c<OgB)%wzZ6{TR?O4B{M4n!jihG8moh0tPm@V^Oa`WsTRRZuEZ1%Iq~y^gek
zr;Scjg|uP?zx42`SpV2TC+sq^sLQ19^EQ|xV22zo-#SX9{EL~zceYM*WlDCm=#8qr
z;V7XBdH`X(V0ols^r;-SyzGqW)w#MI_2p(Q!xmx<8FTS>SOBr#ZrlEGn-xYmlK2MO
zN9_6{qod2}e_;v|0H)CV15?!5G_tOdP?w8o`Z|Dz-kKLM{;n~w9wo6xsjlvNzx{FC
zDY!y$Gg*Wj-VE-r%m7og#YpKMY?e}aZ>#V@J2pw6<U$=lH{6lMFO4?2?CJL_xzuGc
zs*boVct!b0KScZzdCJ>Kb0ypBB3Ov<MwMtxglBfLxH%q{<&7Sz`fa1+V?pOOmrCvn
zH<yTgp$BJM$%h}BzdyN@OQn|5!D;7f0#xaXUAFTGsY6y$!|D@Hl_5>Gv&X?VoT;6I
zF45A_SqemA)8912G9Y`-^Y&W8sewC+#Oycxs%^i*!Y>=&LiG#Uq+Q#8dF23FHvhAf
zUw(6{xKq(Syr$>MYx3cv*QfT_k67ay4ia(asEEALC9rNZO7&;<c}@BK5z9%^>j8AB
zcRzdM4pQWF$+h1Q*Xpu3UKVQL#3DEHw3=3e`hVFXLs2jHH^iGN^K)<^gJQFEtu*u6
zc0fb2wcNYJWRFR&FV(Y&Z_X*Q4OT##A`Hn_-xE^vyDJ0`S(zcwT*}=E`k5!iRa3uH
zzYiY?>dC#ay$^T4G8HT$?ZrDoH=Z{bTR|0N>`Pi>Z(chgD$G2#Z^TY+eBtHsJA83z
zEC2}Fm`Qyezs~++9V^QKKorPWEE+111JAJl>2_}FJ!RFlR<v?Tv~AbCc!~B&=93IR
z0l#aB!FgtaGp;WiT#d)iMIobPjjb9twDLHA3rpn5$dno*%&)j|HUE$`IvZC{>I&mp
zST(547tG5zc3WF`y(TI@VMA^Lt#~T?YUdQzZ;AKU7qC%Buu0Z%Q$@(1pmwOMp3ASM
znIpGQkXM@-2q0h(IXv^=Z;w7OJ@F$V?N}`MFU6E4Lb6@to9y}3Mn-_mDbxkim&zK+
z3M;WM`#-(Wjef7|O?0G0t3kBApU?I$ZQ;Oy1-}Q<rOZ=~_cD;98tafhiPau{#a6G|
z4&m%si*P`yV7=yaqOo24YCXIkmp&Hnd&HP&GZ%63M5ui+M*Dd(Q&vsc9mkNpj4<M+
z$f&773v~&Na+a~|c+&JeAmSI>dc!iq@o>9+)iFJg2y|D&*DrH2TH-e*G5==pi0ytV
zJ(E|-{*0IS+1Sv{!`{TahV{BWl%ZNyL|9HI(+w5q&-Es8O-Zkg!H_gb_Cvu{k46>*
z98rr|RDX3z3VlaJ*oXy{wh(COcTaK7U(<>;7Ik4C=O*L^Z(pb_1wiPD^}ZE?RqB3*
zx+OrOqsd%sQZV%%_*IS9@cVN|w(Atj?BuFMi+I~;1sBW?kMm_qU8RpVVh9FhA3Poz
zn`psr4P<_~YN4*Z(}h(ak-_j8{Q<N#m?8$)emJ4v-92d*9?{Wfd(Ab{@l=lHiq}Nk
zR89AhAVSd;+wDGvvt$A;@zvv%?m=((ii#GHeVEr7J^?60dEs62Yc<$wc(%-z5=>cP
zTAB@x(<)tTCz_1Ns9*PNq?~?lcSLZ=E2c~F8S%$yzRo0}-u9NM+8Tghw7c`16|Ft%
z%d>y<he$#-<O8o#b_hNA%I}2uRN~fOC)?&QgnyuPEKBY5OIYxS($rs}Twq&S_vlu9
z(XPJ7f0dffT0NsCjpFLNa#?+e6%Cnj_aqUg68A+I7=g~o{F(qRk%p$2XzJEu?(|7g
zsw4u#h+@mqv@RdnBjZk4^f4DDDuy!n;1tLgf@4LaC*PcYb33+j2~QL4E+WG+D}IO~
zgHKFo6n4Rf1iXt#fEJ(-U+=p%*iEv^C%u+Q#pU>YA;c|xe@h%q&?ydc)A&I@T-}*>
z##KM|d$j94;^MkjPlJ3NL?vew`j$hO8J3g18STE<326F~<+yPAAW@O#vc?YbyiG?C
zdlZjO{U$g^6t78rOAtqt-fBWhV-j48`FcAFUWz?T!VOO4ID}7Pk*<l?@lz06iYYNz
zE3Xk^&d{fw^aW$+0iI^6tY==K{Vwo>)ncb^aGv|Ar`3({yKlZjxSBttCy9J}WNv#(
zLnK2+&)kRZ#QEFXCw!_yn_uC(HVM}9F;33D|B!1#m%=Ariy-K`Zb6Uu{Bu^N!QvLI
zGljbI0M?Bc!rp9CD+E=M?DA8q4x`DL(itX?`C+CUK5<rkn9zO&B;!dYqLY`-2siq{
zHcTqqddhG+`{baI#LzdGe%c`uh#TC&R0NPUc5eT(^n<EW@HT6n<94dZ(k0MHmS513
zEVy7i_k=?G0$I<5)2)6B`vQZh6}*KwNus$p=#ebnagsoC+pBLbXVw-;r`Ns#KX-OK
zIHai<4Lg_$0g_dJxRdX6hjNhF*b|afk73Muq@w2>9Z?Kw9j!AWo~o)_w<tFAc8u)-
zk7e8?VKH^5FKLK_o%`YAA%*%l=)~N()ESJg5E`=WIhk8kd=w<Qe4aNI8)&U;rkIec
zm`dXi$kz0s@Q$%}F$Gx<tt|1{oWL6>k$`_Qjf^a|W=R{q!_{{Ak{N2U4LLNX+6;&2
zNUtc&PnyeRlNzm5PZqX4#bk*BA;26EwyYNPz$Uxv$QZ(8yC%OwYunFY$=aW!pVmEX
zbdxCZk3rk2Mrwyg{iJwBxk$>vSw^ye)hBIC=!<Q^wFp4z+ZiW*0<Y(O?~A+j-QG`!
z8~So@*TnB{hkkzRufyFwci*Po8sCPy{qBAh=e)g!-EX`)-ku6Rn7==@TVOT6cE8;o
zZfvdiktBHE{nCHK_6&!`>~uAhi!>kTI3~@aKEG=`lXAoHQ7qtvC?Xeg4wI)D!?JZ1
zy~D94d9;2Y701;psAg;P<`^moT^xE4l8R#<4cI?Yj78f0%`A_!vrQr|vsL%UX^yj+
zy_0}GeG#}~TX`gx;hE!l2%N~ok6cbc`k|_<+7-AU>5Z8qa;c~?nP3RpoU*Kg|GPR9
zzYo?Pd64By6;*ynw`JsDl;kc0U)c}3<f4DNGgT(0FJrL6hWD%+jK0$LUX*Ke%_Frh
zn{wSeC$~7&+ORsYZKESYngl)jz0jU;(*k}SR~GZ09fI3_dzDjZGDGQwtSuEhdnXo;
z{EW7uOAw0U^$0FkAk=<gscnJ(0sf9igoZSv^3Dp(n5l*K$Xat%pdUTqlL)lJMEyZg
zW1uy8=eV3!<1PAZnUXP8CEh!(<$QtaPQ3mFs<hTEo@Du5bWp<)VT(b+#T+00?(zM{
z@&_~s3!lQ>2^u2D=w(8YInbj!v4Ot)LxVB*d71~)DxoRUJ>Bo|(AVy^nWdg{r$dpc
z#scqlaaD{&L~QZ-d}2Z)2p_XZCaUA*`iNMCb+9aKA(_2e(lE`8#4<$!isom67N>u!
zgwtZ)jvakMj;$$Do*pv}!Per0TZ{^H$useRu_MarEZGgjpDb%utPQiyymib}ZiE^%
zeJl{2mQ(UyP^i$${ZdFR*ri8uE{K?frwGrOy7k$+SOZi&p<~;H6+)3#-`{2&{fge|
z)>{iP(sQ{|)+YcL!+lv0vQ?y3JyjK@Prq{f;mvBUWejUiS;6`SJGn7Y919Iqx;5hP
z1y~K;$$LU$&rwq{TBk@u33yjW&A<bpw&J+dd!*%K$#k3?F$lr9BPZ9MNF`9YBl(14
z$)<8gG#bFUBS(}z#pZn*dETYbYW60IC4)@&gLr>#SJLG_et~T%AQqMg=8(mGcLrlI
z)<tYbzvf&+x~1(zqrtS~XHifUAppg|-0|fnEFC94CUlHn8Yo|oY~<nk1d~rT>`^eC
zAA8Aes;e^_*#0`M>AbDDJBsI71(jW9o>@VC*&^}N@&{?IWd@UHMlBxnS+sa%XK0?%
zDqlxJUr(p<%1|~&McM9J^0tg#FGANmWO-`$Zz;(-7`4Ufd66=D%Hq|mN)nSz1{EN5
z-EA$nKP!aDMR%u|^+dbCSgIg!{v=eLpuUQfw`c5|6H9_=;g#Ut4@T2AP&)$k*?t)~
z_wP#dnjPO_E<7>7D)7|aK9q$ae@=Jn0DH|vbg%!lEm47YspVH}vQrqple($<E+{oK
zX}7ESDi_3=yz4+!xFx}u{+!d!C%%LAE08kxiYz2e{K|tsM00`U?js7VmH`mR&{`rz
zda!AU5y;CZ?NJ=pqgfwfW{2^W1i^gXCC00gr~y7q*MRLPRCnYqSjAtQ@V9$u`l<8+
zIf9QYd{MoAdU~Jn%fyrnL;eL0T-^5y96wRGxJ$5*VRtAo^<CH8fA^*Wmk)!e-u98N
z&$xlM^?DoHe9P6s7t8h*C(O#6X#=Pf2h}wuP6J0Q#5)O@#R5anCB<Yq|6!A%0c+?`
zuOM01ucc23)W~EvOk-)O;M9f>F-M{lan9LD<g=&Nv8|T8gq5!4<P2@)aGA-3Sqc70
zF~!cQ3kDYLWMxUN#n<054=CY8>dg7AxIT+&T-}}3sEeriQ4xrge^97#DsjnGDVHCE
zCk$@3s76lSE8992=V<NN%@|K|>Zj%{PTe<0N9sXZJg*9R+!4y;C?;ro8}VJoMCT8+
zpNYtsXHKH8LP=}CbKP3t=LVD-ooRK{7m-YDCyTUWSWb=nAuQA=+x>R87wQnYz)_F5
zKM2(xA!442Kk}7Y++&qka1Pyn5^Im+q@nAO0-k5!F;9!~)&j7ho;Q?cY~dAW&V<$r
z^VTHrFb<Ja8dgrp3-Z?Fb7v>w0wP@np_V=9mI<TcB3;SZ(dn2Z_aMIr?LqS9UInV?
zp}b-yV-LgzjKLFuBxCatutx;LGcZYtwQ~w--ToRunJtql2WBxyZ13PiwN9wnGX5Qs
zN>6A;4GKQ?DX7OMpm`_|X!1*k@}p*V0f`egLZfEhI|U|e<hQ^pK44P=wx+*Z`2AF(
z6z#9*M#6vEZ}>AWZ%w5kBhr=EpFk{JI6nUXt%BGQBO!kTe3#}5Au?KwH$Fd{Kx~)B
zGonKwHqYh9{ua$Y=iq-Q1O7O*;*2fb@~J<Y{DP=hJL;)rh6I8r@YhuuyogIIn(-&^
zjRGTGk-;%fCxJfv_wlm<&|A8>d25;njKJx#%5=-GFnTFk;#({jM50?PZ=o1OJCMK_
zMTo2#ITiZ5mnq?%md|YM$|HC<({RSN$jo5f;P`j$NCsR$&WD=_xPbOh@sOTUl!p<}
z02LU%e38u{p^%=_hkW>e=Fq<5NVYFY3Zte0D@1KpTM>a6QhO4J<$IGEmr70PD=@af
zF>gQ}b^Bof!)4zW^wgB?9aJ5kcaAsXXQ>^{Te*q!<0`e;+LBc_wCynpQW_Z2&;2r(
ztx{p|wk4iis>sM$kgCYTT)ibg&MPP}OrcWG2NuuoM_VfVd>6ls-g(Q2Y(dM2h(_8~
z_+KQ0$kqbN!rBR=RQOk6RYady6mKtvg?JU_`;9M^ZtV-qL|l+cC%+?>Od3L~?8hGw
z<aOuqge|csX7z*T@`Q!uQzh7c2R`EY03}&2fR8Jp#r|i7%ij!)Q=BbZ6w+!mCn!)o
z?}3a8F8=+CL|;%9nK)3W50-b0_IN@-aUp|<<~YVK^Xsiy!Jk*qG{+Ngz=rkjhIsj=
z$x3V5S=*HVPy21ORQNN?!jy0Aq2u#mSYRA6bOUciW62ybJb)pSEu2tm0sUvd0D}a$
zM59U#z!X9t_Rl%wDimczXAosX^7H+K_CuqdKwstYf4L4f4FBi&Ik+maTmPe;EYJal
zxkp>Ls>sFvJW9YJlo55o1HA{o23bZFYbib7Pu%<C^A8%n&^}`tzM+lyKI0BxWMm7^
zV73ze-TRyJN+4voLR%p2B9*OzNItoX@StS28M0)SQ}wAxdPC(fgU*NC{yAhoOyvoy
z&N+C~6KccP8xa#@NKJ)_;_Hw0&)KCw{Z4M?AFQF#1C}<M2nb)599(;ilu}~MwXGm)
z4$gk+EEkwJS`8L%bFk0a;XO3j#JtN5HpKo8n<zg#PvzFyds)ypqItxgDm<o1G_P*n
z2`Bl)oNKp+KeL=@nNb|Y{Z($S&Ev+fXMpsn8HW%zT$!Pt@jam}_`Q!fWTZOYz3Ltn
zZfFkMH`vM6Ao#7UoYRTwrHL(+AGKE*NSc667c$e1x}~&(h>wpDvWw*hf{`fpBCJrn
z$1ZD+KAEwz&uv44F2y`&#o?mc3l?msN{vWRzIQ8WpxerYO*iBi)#f;d+{Uar_Ng`&
zI~p1Mi(x)vNi7(JVWrm>`}aY%F>%3V0b}qp`*vJBld#o@)E*uRD`#fHg$+y;A<o!_
z`;Quf5S@&0zhIJbwKKY<zi3(cRc^fc+4(sd)>bEGvq6^M+79Pgo3+PZ=2_WFw;D8+
zlTLY)Rqebau29#<R0y#^7gORFGiQlxbxez)W)(N^!AbCHn7PP8k}Ox@Z5KJN?#z2-
zl2FB4Wa0ng7*$zAR(O+#a6~#BcS^ECs-8g6H7ldWRfIsYiS0{5SF#ANNq9J&ksdHW
zgpwJA^Wk|&_>63J=YH1cb?`7`u^m;iB~^H|>lG{*HOuLc0}p(^h)S#>AiRHBy4p?1
z{vxRK;%jqxd+PbJ+3GH0|0%rGv!a3s-qp_s-fe_!0@ovm_a~N4$LS5#2{(^Oj!4Rd
zC(mABMp%N8me$v9XXq^rVb=1XyD(JeoObT;ZrBNgMdeA`RmLQxGgu(i!mE$D>jDRK
zzCf%vx^L16v4HD^;r+M|&RFe72G`>5%2bYyhiYl8=0))`rEFHY#&a_|_=IP6<xpcX
z^;mT2s2IuK;ryHSr`MIFwuptSqU?+l<NQsA#b#qg>E1|g?E3pUf;b)NDmxZC=pdB0
z)BgMXE&Mco+t&AFeIftpmVwy(iQ5zp{MSE6rq6k&D8W*Ehrc1>!9gN1{W8uB=Reia
zBR3j2J#-~IGdu1rJhKM9_2wD#=@EgmEqG@qoZUujvWvBuHq^7{PwUWN^N$k_g8G&J
z0<ykOPRdAlqC713D{AANXvWjqm@BHunazYJT4``7{V{P66uZ#tK%roQD9SjzgM8#!
z(|S7uLs`IUDl;Ov#;a>tBAUvVfDPUyU4VY^1*|rOKbXoCMsty<W~vFCn!78f<Bp$a
zWO7;}7B$6PIAR@C^M3uVHa0Q;X###iB0)KlNkUmlTyQny!&X^qX-l^L&r$*}I^rKY
zcgr|~c6in%Z&;IiRPcuahwfy_wK5*mXQ_1h`rNv@1&Z#5W8djeGl_$EkJq6u0H1G8
zdy*Yuqouki001G^WGuR}CQ`wiah=JsFw*Ax;T0d7Oi9)W)5ba3nQPNPyux#D5}8_u
zhNewOM<qRB6r}3jb*D`xFI2ZkDa;j){y1wC-xoxABtS8Zs`y1k5!mrG=6?5Ho8bE>
zgHYPVx7M-vTD_tA?!uo<gaxAs8j4U$&Sh5mOQFznZI|xXfb4O!*3SLJr?jIR!tU<L
zt4hUX-@gV!pieWz>BXc7`^f6za1b%oHegxV>#v3y7$~2w5;WcOb9eeD*7BEjB%Y<d
z#`4K%p}oD05E>r{^zZSjQW{4yCGveL0h9ZqViC5{lazShISVp4+EpUdo+6kPL{fdI
zV~b_;Z*QVCK~y{Kv5h3L)rV}cw{>E?aQdQWKJ=1IY{$%=WZn+>;EZxjY(ubj$*u!h
zF;v__pFC8BGgne^zEFX|l@K9aLDz8pTw^d-()3)>oXeOw%Ml=fM)*<$5!w)*al{ux
zhzuLV?|6#HEf-<0Ow&LSEz+Z&2webEVc(3{Vk{u`NVsu_v*ZiyEs9aG`TZl(4Bw`w
zj;~8kP&F>~$KC*AELRjrdXIVZB73w7E$qC_(G7%vQuvp7opEKB{yBv4_qPo}-6QMZ
zcHXn8m-i3*p*uNnXMU#;6MN9ZQaW;jP7$4Ximz;NaD1jDs||^Rr(AXt(q^edkK7w@
z`x|c@%k_|RW#eras_E9?ebKjX_jP)ai+d&buOICko~0<1;W>$OQ}QoR)U)*AT9HaZ
zDhq#;=j%Ai3jHoYj%d1;T(2sdftuqwHy8fe*gy^A#rF|IKj$(@bye>R*5HKqSuXvY
zo+~URKYZxgm=gASH1$zJo=x!lu4h3Q{b1&NH9ni)4;RvJ{>l6}m5wn_ZTDqyVeY#-
ztxV{a6m+@RaktI21!q>x-Pn~hpH>TVx<&I+#+bX+Z#9<}O>(jle46f5bX_3aKGRP5
zIh`IBm<sHlw}UJ2Gk9yqq_^NmAo5xlmMXyeY_Fmb`54sUDbu0O;j=w1ehEIOq5Bkd
z046&=!I!A+$ryvNf1X04kZG8A%Ixu_kk##T%t4mG^C!9~9(>74ljrvKcJpg@Y}_)B
zulwy{=LnBt?8`6e<kEgrWvO~~@hbbJgr*U->Ip1@mzU}Zs2UNZ;+IMq5ro6yMwA0a
zl(Ae4MAmcR6-%iVsU;N$EfohN6%QdqUn0nN>W9LorE_OXZeyQl_&?L%BuftD86-jS
zpFyY_cp*L%fNQRP{Fp;1NG^1cVK=9J_#v}H5qG@_#dj4do2WNTt^y3j;X&dDtoLLr
zL$LX|JKuCFHM-$=<BIl0-9To^_hL(sjhlFqnSS{xCHYC_2%_IFr(3cL0h?c>`2`cw
z%A4%D16e=Jt9bfpnmm;<P-qgO(w2%Ja<BKm$Y?Z%SXdhpxHLfX;6alzf-X!Npr<mi
z(k@^nJ}_}9Entylf4hsn8gV8TZ7APK<KsFt9565D52pUL+?O=6nv0>M%>|x-U+k)1
zgGb1<AmF=GNE=|nfDEenV=8Q7R7)VMu|q%Z6@bDdc^S!+9F!eVB;=;jOzriZoL$a*
zdKQj|@QhO>dFu3E_y`t2W2W|A_v~UiJnZ*%2NGWqlIl)i^R+R?TR6zOJXlClFX*%_
zoXJztwZg74KgOGPc1?=EwtOyCTZ=~9V{>(X51bJHU=53$HNk_`B~yJwy{BQgh@s)9
z7H~_=)Vp|DTR*5F_T=14_wcsQ_SKZlY%?~-O>IFMk4B5Kk;zA)f(KzLL$$H03-hGt
zihdh(Wro@Tukq6z-2Qy3c_^UtANmmzH`VpA>_q#rvwk8}c(t<aRx%}CFYI?c>|qgD
z+*HjnGN${9!HIN~M9Fn5I(6sfw|qWkzUO<sf>8=AaiZJGEi6hprPoxG?zvk6jLcKz
zrWgUW%WcDkd-J#pB11No1PuxI5BspiBJsi1oaU5ZOumZ=yASSaqxfpCHa`;gizcKe
zf$E|L+<AQMxrp_J$Cvd3D!q1hU;1fSV*_>+-J1$B^lXWXtApOW&aakHxWw-j7zU9q
zF0jhJQ*X!WYWuhs8jPI>bye)1Jiq%)2qM9NFMh;2d5giwb2CDi4!qW8j>PW$xJITd
zld-TzYS}Jw@~lV~)w{R2?Gvm*-wMJOCf<!Dg7;f8{7~7csYKvoatybRBv1qA+{<qr
zhilzgLCr{P^sYDcyjAnyC+i$bFc<gl&ysui1ma?+9^2r~cK)rY+|wR0Mit9_aI%gA
zF~7@z;8@ORq~LCdZHNf#L?5B1cF2;>7~h_cbjdfIo>7(`%{{x~yR0OVPO4?6HprJ<
z3Th4BVtGBi<1Cg8KgqR-Mx?uhp*Io|%Fku1Tp_9SHsm1rermQk!uxe)caU=0u+==2
z#znIdzujDta(cIE4-jU(xb_lS9I89)fuen87rq}L*>I*!LZ`PJy_+0OK*_~vEJ|?c
z1VM<5v5TX<v|?OhY>npMC#i__72Xuy;^zH2(qGKq;{2||z7lU)wNKT~Ph5X>?e=qz
zoZNVIb$+v5nR%4iuP&#|>SnZYew%$fCd_91z3C`JE^bVB>d0eqaNT<GReE>>4RZIC
zD=x$4<v42k8+HIVtd|4o-Llb1`$_K7!&i0uCG{_#WPn(2j1{@wbqD<g(OokPgX^N|
zfC0MNKErbgHDb`2S)xo#2E#!*8n$$UJrU6vnwGA;+v?nhIZ@Z8n3j;RnIU(0<V6^&
zem0!QR<HxyVHHvY%xUiI1QDV~L!6N*K8v9U({zFPE<q~GOfPK(@P2F(eE4J@iA|vn
zIM0@|>S0l1;y=Rn=s^mx)q>}3_&Vy2Pt}uGjvLsYRDueZSd2K!q_M_(;u4eJ2kEHb
z6a`1ostO#FrTQ;k>9im3)urUWBBp$`j`#m!-(HbN*0{Cqk5<tZ%-ym_W)yAxshfr)
z>nbk}M6QnuS}pA{gBzpSdaQA$ztgSfp{O0FMv1!b*v+PwzF3mmiB(f>%P@Gp#FgT+
zdXwKrn+P;Z?0J{{qW7MG6I?s3)0EpCUDn0hWB?N+7dY!b7<D(%yPWC2l-}l7ni|pl
zm5Sfp(TZn1(JVIU-I;&&F?7!aVXQkfz6(W@K#K006x;0JLVUc%M83AW{YAC8a}pvV
zWE7Pbj_BH|iq4c@;&1Spt1TBzy6I&~Q)a8uJGDj+x*hUKvw5HS%*CIy*sBFut#S4-
z&R&`hC_^p>+YYAM88}(W^d}MYdfpHh`Sl5hm?O;{Yv~z7gyA8ruD<sCAlGE}u}hcv
zU}}z_THU7#5%Q$SE{s4*QrZ%?j=-Gs!5D_l@VE(LV~?p1TjYo5RBF1k{?^Yc!n^K^
zlD=v5(@vV2u~9d|3b@sHE-$`Mbz}3|B}+j`x)Sc)V39wrMzRiyfYLkp)%fClg?HPV
zCUUX8;3UH&+)$$|2dUuPP>Vvb!p|5ZEG^LHU6#8zI^^WTx#%M-lCi?aQ@c16!<!`W
z#us8-Q1?H0f;}-cjCb>1FYvSp`-YEov9`*K%AR0^;J<Sv<0HsDVW9kft(|jpB~RDy
zW7~Ezv2EL&cw##f+cqc0iEZ1-Bok+1dt&pRd7j^kd*A!ty}efVs_s6uPIp)J{?@Kt
z{VBb3A~)TQ6bwee^-;)nuj%PU7j>Nx%q4LJ3=L}Z(33Ry(#;Uj-91%yG>21RjFRtx
zZS|U+JLPh&&L_LPGWMSDJG}<Io<#wOsgh1IAAb5<tl(Pmh*UN1Yy+~|j`E`&F;H0F
zIk>-Fj@AqxQ{8Q*^-WFO3i`Q=H+YW^Gw=>V9N{#b$Zs8WhhCrYiD6VBvN79LoE3~h
zx&}L&@A2*;$}&to%GYV9TYrP-Ee-0}g><2x@DQ|xl-nc{_CHvazP}<jyh?tWe&^(#
zCeZs=0I^oXq17u!L>(+NVbpD`)D2Xygx<z`v^WDsvddH>*jofgnTy>Lg8Om-E9sQi
z*zm?^^ICzkbJs=Tn;w{UpQt#K$S7_`7g@m#H@x#j+&)?4ea!cokbOG2R^#*?K<e!}
z@?fgbeSpGVgzvN{4}rp`pTG|PXsoT}@|Pu)Iv_4v&f{-DGytdeOJS4c7y$Ox>jw~X
z>Zm`4_GWPI@%E0*3<=2hS!)V$(w{1@rDZhVnh9BddtURV=J#6}b!^aCdq)_ES}nQH
zfTYtIMClUOmB#f#Mx~r+MJYQ#5Q)%nZxY$o=rfXD=_iuR5GzCDK`2T=*b2|UJJ*G&
z9_e|dROKNI3m{+n@C3qTyAX3yyhaP)%KN(^(Ud9jrG>QvAk=R-DW)hWe=Z2FgXaB2
zl_`B7?eg2k619!ik0@9kkMkqA)9$4Q%@emXM_`E)4LWNkSUZp8d(@G;^g00hfK)FV
zi%YsOeIN3bofyWGZg&Ks!QL@UzHbEm`xkBj5DR#WQo=c*_voEO<kjNbsESCb2f{Yw
zj>GfIymf0jX|88`@AjS242aotPbZAlwcVh6qbL0M<1Z6)@uRMkU*t4g8|tTzSuk=@
zp_40~OiieTetX>FO2JOV6~UN|PbjAqqnMq@s-)H6m=)R1p|(I1wwZ;mBmkY2z%P<2
z#zjKJO5Rfs4@b~P!P<Nj(iKD9+~hVSlURE5I&n>DS?MyxrHQ$2UHu8U=HPSlw!&UN
zFr}5&f}QT0ekMwLNxYHa{X0e)!H0;RMy7eA;5O<*i+n!}93$vW9NYuw`*Hg~|E1lX
zri|)Bt)tNZd_$Wr;G$}<S5Q(}q3efGZj?}z4sP=o3n!<%L)w@WR#+P%r6F=O$A;+p
z&>GzazSO(IHYFJ*9q<zgB$96GH=DU=f;=I^ZtBgS&!RIA5b5Uo3wu8HPWDqr`~1-n
z=$K(@Rb`KSQJ4Un5F~0SBOGcdQV`%;gabjLj4(i?>_a{rWq#C>hC$Z>IX552iSzH<
zLX=i&1Us?v7OpS+-F||JK^FxUh1u*cS6_JaN4w;!N>pTi2251s%4d=>nWiuc>Jcis
z2unN$-6>QQ<_6e_L@{=vfhp)*v^0~~-Sh2YG__`mu>^A16MwdahzX+Q6dpNt1L|Q%
zE#`9v^{W3nnFHufz!@JNqxc67a9raa7)DV1uXC)502U6hMkkUPDHI=WhFD>lP(At#
zVYZdf8nB3iL`{+gvWP~>GZb;S6~$#ieWlA31cbi0)^a$S5}$|MMWMby=!`JpWvfHI
zCYtoJ)X?N<JlTwf64ou#-p_Y61ihth&8!CNw#Flr-ReT_XzKB7+}j3!pu?RPzz6&)
z3=$B0aqmW&xYS`~$in6yw5euk$98cf=LFYes}6dZ8*#%KRoaQv0go10yDwK`;%h6<
z|3*-6uI+#$5hh5mEA1G!`2Ro5s<q(wXqgAkmS{aU^N}@GMpaz3iMK?5H5D@BwKAji
zU`dUEGY9P?{IV@K4_y?7sxcJKaAizktZu@Mx|-UB*!G0@BlV|6{Wp#!BUEF#ydkT4
zmbPGkO_ynGvOP@_gGj}&T$6_t7K8Rk6765wt59TgxzJ|hOV|#i>K1wqLBGiXJf|4C
zDl@F>O6`w|jwDQ`UpkhKLjMlH9%l|Q8!$AtbIL;s;6@xcwuSGeT+0QfvvdmA+N%!z
zT+evngYgSXYFKtD4}P6gb+61hG7L;Dvso7Nm|JP{5aYyWVf+Itm4MfQY3lmNe^o(1
zq)kt9Ta(b!D52@L8G-L?3FQy9qC5H*zDTLZ_ETddr@1|uO`{fXzltIyEs%Q}WI^C)
z6(^2o_gr7Uca1yq5mdJ~`x+{r3PcVGUxw&4?EIezmhxD!Ga`}_zM6DxoUGDyiK)k6
z4QS)CL!jD`rj$@%+L6U@kl=sQNWdc*$m6niAdw@8{Lr|VzRUPmGQ;U4!oblx4sl+S
zxYnv8tY*bD&tzM@lCuXX*A*&PlX`)<leCrqljQYbnY_#jB~fRV-6xv4_hwq@M<`C$
zx-Y(`1k{E_mfQn>P~`|%;6$6$WgK0^;riGgCA)0MRkEZVt@wYNgi>=!R>70=ppT$`
zaf@)$7QeKe0!0Btm!9m%@IIBjxM%C`?#7Waw(V4T!DD*2Aw42xYi3o5IBDm;Gk;gZ
z$iHV(Rw{bKoDoGN^~9k-p3xG<{cj;z^05FCXmbjSYsj&Y?Di_S%|sMCo{R=vXI{<2
z{Nqur_r{0HZ%$|q`lA!cnmvC0-;=mR?6hW#WE9h`OEu@lM4<%1SG%-dfKl0NDcsv)
z*LcvYfy?$ThS<za)5hPk;E3L-6#=Q)1pE6WU!Zw-#smlr5-frU_MwH5Zq)ANk({v;
zg4e;*cTmWnpW((t1V5O^MFe5?Nm~8i7jCY6ATfBx;<=}{303l+rC=suUC^{1cxOyK
zf|icS^?{7r6;+BmoW0F;{S;tNoEo2dt!158j{yd|=P-(?3Ja0>q$Eyn>9h!zuljIi
zHtM0dDvn24d&Wh<jInv<sl!Z1#vSD7mV|i`MncrD8dcXyh@YpK6j?+n@6o$iX_X@A
zxW5C&j&btDPxSk}%YZ-uE@X#dX2<vz3KK<BO^uri*=x$$Z%|vOK^pW`Zoak+3jZ0d
zCCCe8kt_FOg4g`MgSq2tP6I6W9Ui{dRiK++53kvXZ*cv~H+sWPbB>Z5NftBBjmo=R
z4l{Gvf>J+tj770*NfztUj6A3-K9LCYe-GC}Xvjuq6<811yyqk-pbY0Oy)VUHf1z1z
z=9!IpQxH@3%$;Y92qSK{yzsxc@yru{(y9yD?%KI#g!0Us5KrR>bWQ!Go#MEtjNz=3
zjK*Vaaa1Y3>7+8j=PN41s%!ZmDFQp-sHwlalX+X{{#JLE0q1z#uP%^?oga+Z-Ih$h
zCh${{dr{2;iMLloO)Y~Z6OlWgc`x{qdddT3n#(6>AO<;LAVz7HEflvCm=JKpHTsTW
z-USB7M&zG?Va^YOVQ%~RQhu=W3`Y&eCb-K@uE#+s1uY!n-NAb&1mER}vpI|;&<$Pv
z8=(g5uIZaS;qgTqDC-EsE|PW^py~%?SLjlZP;Cs28COX{^*O2PTP}6Kl)UY;8zq=v
z#}wK{zg!~Tz}l@8wwa^BdA()0E9=Fvw_1aF<90;5i^aH|hm^d<&axm}l%!Qp2r}$O
z7`CB<y`m&TWlv9cEqLv`5|t{~`t2^I^|5R*+yY;@eS1dtf#n<wMHGs&u!Hq4w_UCV
zjF(to|L`p`=Xr`{DRA2QS;5zQHafjfM2bJAdDRH8nJ_=Rr>qFQ5+ow~x7WfW41xfw
z<6H*dYQqGbJlGQVpjm2gu^c+!=7>QX>W&+R(4S+&48~SsDb!`aKGoq0t}|2b2&7-S
z1QRRrKjX|$#a#{~w;rLwhV_nV1HR^_nt8A`((Lx|0ZQFvp+eV7hfpzcH2;yj2x_)8
ztN};(K*=3EG;*9>u`iskmj0iwr8pk7m-X8uPaD%FVBC#ESJApKwGls1B(9}5o0p7T
znZ?r-c+?Nj9ic0qYx7;}@U0Oeo0b&#*3(&KFKL=ua3600ZQn%`-Ic^Wv*>47u2%&p
z&<w}Z^(MEqXa&U6rwEEH4`IyM@_veaa>N*bc}{}O$Ujwuzx$ZQhlvJ~`l3J=BlocT
zGF#)YxO1g@BBL``F3{niOrq$%sNXwz1@nFF$mQkGjWU%>u)aoPF!&)MmsVdaTMg{c
zP;#-@AiNa!9lQc7zl>Cj+pfQX%p$B!(g}aBD6b%g=F#+l8x{+kVMZDBXkIv6t*hg{
z`HF<>o0UDMh4m@P6YXD;4mdlxp6O_C%5$TP$ck{!)7~{0<?k9(b*I}Qv`mvUwHk3r
zGaWNO5zhs5BNCcHTuWMEeJZlcdC>g;=(Jc+>g{gEnV0hs-<s3PIboD`MkePB6}{^1
zZKj%Ad1Fu3_A9kDU<l4*3Olk6V_4M;8X8uUJ~Xf3slxF2acQ9oE`~`85dX|A;uI@n
z(PkF}D#^We_4aCrStKRhETk!AQfdVFUkO5hXh4&}goFB<CIE^O3vp8FF(_Irz6TO3
z?Mn^Uc5)PxNWfAGMrIP(UO*D?vqUMGMCcu#<Zcz!eenF^vC?DUnNHvt?`_tk09Dm}
zOl8&m>u?$1uL6_E)_VP{Jw1BBqJTM_vitea3K^i)+~gFGQsrE4tKMn9W)JBu*WVPU
z)@~W*>?<g1p<m$AkB_r{Ec}K2_E`vLamfKaY~BxQliZXG77&9cf%H}Y%Y2qCC!bfo
zQLQRwT~c!JKPJDubP)bVJ|XxGWK6^_DtBDu0?au9cv%FZ`y_^-JY%E8R6JwQfdu;x
zwRt*3xwQd69Y7t$?IMR`|HS$FbU{&b{ylg63Zi;es)JKLvkoAA%res5-brngXIJWW
zVKDpc-lv;ds`^b;Jtq8j1M0|Sxl4isv4#_sMM!%l1{9GsV~O{1V}^Fg%UUBNm2dyG
zdm=+!!@e(VTcvbG^#7yL?+0kUK8I4RnSOuQVJPlUb)LA!#c70CEJ}i`?6``$5^Ti4
zEPlPp&hfRg7)@J&to)5w>v7yOe8EX~f<^!hfRp1(?p^>yO`SC+)rjold{MWdjIOcu
z@X+cf3harwgQoe(XAlVNnGB)@4F6Q-*lqq$9H)vfRyy-L8+l5`__LaADe+N4TE;(P
zg)Kf9ugCr<6uvO}hxDZ^oD$*)G2WeJY*L-7p$fLRGGw|iq%y29A^Jzkm<k`CA>~b6
zwCd&wx@^*K(MB#fS(LEG(+;GWZ0zp6aQ#vBfN12B)5tCm!m8up9Mj(yR&E33xdSf0
zo)LlLbYjMB`#?i+ffdhaB-pWM2OY!Q2L!lA<<d;8Kw_Am2TsCN7BTN(Dra0j4Hh%+
ziR3ezye=y-{B3`zWLyJFc&CDfhZlrweSWdvQ+xa8;1wf+8XL3267rRpo>hNUhgj#O
zhz)0OB}k5A%tai2jEOwSMMA93M1^*r?$?`ugze;zru2;r(UyjAX%+uMQ!*B(^R-l%
zr(@R1VQ3}^>o&(3Vtw&J&-&3q!nyIbqDzJGA3uYNZl`l7TMH;yazYJRXsGc3&uD@a
zuJ{JW-R(TM%~dZi4?Rd-9YUGX8;&#4>173UiL}a>#T^I64{1d*<O$TGW1!vTB5RRb
zV@qHC^_@ys8i;+XLWrpUP_KUHUINALUsSqbk1Ha7iIYtt7?hTx7`v?9e1gVverlHX
z2b*{Pc#5d)@#hm%%|1jGhV+?Tja1Ok7b^fMk|l~=6KkqafE(QU{NT<;^^m_{@$_DT
zyynhDY}?j78dkH%Qfo|SOa<TbVRXe5rk|O3<Il9iath3wo9Ckp-b5*eki<}xe?Awe
z^bZI}Mp5BnV4&K=0%Mrrpa?S^8Vw2|mU>O#cGP}!a97i0pd#ati}}(XdWBXCYeZT;
zdM7CV-%Wq5%|E8!i0!|b{;-t4re9*J`nTYJ7=8;b0r6!J!Xmh1nD4@Q3Wq^J!$1Gu
z4gbYDcro&Bz+HcO39=+2`C-s8E0Z^vd8*e8xG^r!`>5Dfa&Ux}TUI;zA(v<itIA+d
zI4sv_InJ7<{+C$zZpAp#xtCMsfMY;%FEBff>c`RXt#MDn(cXSEjzC8Hng#<IQqW8k
zVQ*12%Vux@Y|n&;|E~VKtfBT>(HZ^6hEZBg>1eOo<cM!&8i_p_QG<D;H{op(h1^DU
zNO-k2ULpW@Mmvc#3xMvK_OS9j1$77?p#3(uOuut&lV<%pH`OuH8zBpD;WI^EM?b8R
zeL<z@h8BO}66;N!1^A;+-wV|%GpYI{uLaWooAlHFp{HitPFH4O<^!{;d*&uH(l=Z8
z)p^q9%TbAQ(w@zi-%^<3qG)c^L7;uON-Yn)TVyn`>|(n`_!NL0SFLtE4zgb)D_h6*
zL((pYOkemwTHgMEu!O{Z{&>aCJq<2AHA+6R1UfG<|8iam!cwFBIqF(k_bEF9y2NkL
z2LH7U6gD8s6#YiRl-M;SNW#QoO5zzwL^AsX0`zwZX1qYfoSi1&YdF4pmN3p33G3(b
z?UhZsFzMMp@}AzTgPz{-Lz<u7oPz<^Ku=c=0OO2zKI6<FQ*sCYBiMJ(mUzKd{w_UG
z3H@9ty)RGE!c}I>X3P7o+K6(*6RSeO!?2s3BNNFj$g30_A`0k@7Il=#-`{9b*;!Nj
zSo6bw0Ja4Ei2PGClIElkP#E8G<?Lt<@3D}H@w=73YE<mfqhpYig783&(Fk9Na2Jh1
zK#uVVgWk|Es|Bn>Vvs!c@q>wCkZgfNj)faiL5_I`g6%)d9;Jn+)8$hO3-0pv8;UzI
ze1L7%aLG`={<1*Z%*U*r1I|#@*FpwHPSxevK~rZms?~W{M!mu>WGl<;X#~UiGc(}1
z0p`g4l*rUlBh-Zl^}<{ok9$EsCjQr#jMkXg)-MW*FNz^~5=(sz@=ev-g5>2$M*71m
zny6`uY*w5C`Oo3ISwAY<saP986K8S6l-;nO@U3$-Wiwvm8<^j8>%K(Jj?vE?Y*<j*
zOH6aULFY6O_~hBV`u#G`s-hPv%Tdou)r-DDijfI9Nt{eMQ1F5zus|~jVh3m9S<xcL
z*EKG!GNns|KXxDVvrC&L^}sQOTXLiFEY}S^KWj{{A#ompT~r-!YR@8wgCjt-ysY>j
z13atj>uuQ#if{pTHkCDoq2G}y=}?9h@%?O;o+{~2yE84N{FVt^1!kJ?3!jA~RD55x
z=4ZUocJgj@kuLD#kXgn&@z7;dK~HGGaAn)9b4#4Hl2Cc58zwo(F2xha`2-3mexI|y
zmU)c8lYjka4so9r^S@@ao<ekdGOb7(Q>*C@BT`JJEM2u7(8?im{xyVHku(=GZU+M{
z%XSe{#J*?Hwtfc-OoIS$l>#&8V)TWrMu;+`bO-^smw|IJz~TkqK7s*o*QD}vi41B2
z3fcEimm^^oP06@H!H7<*OFp$wFNg+IvVYAp>DjdG<bk^3W$1eUip?T1L2$GmJKUJ)
zTD?~4de~;FG?87Zg1w>96^`19#Pj*)JQ>diio-rbx8ARdnl-R?Bb99CsC`~vna+;u
z-n5cJ{~Ics#r=fdQ~t7#B$)V>8d#Rmx*wEa3~x90)*QIa=T7fe)euCbKv#jd?Pyp|
z{aA76U#^09{WC?747fA~iZjedS^f;}2Pu3eWZEn!XF={A-HfNTX&;fvB!sXbWS#F#
zS|x)8XdZIs&2~NrKMIK32UCY5DK8%A(>Y+*XL-Lp#7iw8hcPulHl$63S&LAVD4fG*
zDsw6L_D#&9)t?!C0J5Koc7a>LY}Wa}ApoLAh4QTkGe>CwJlcw6tA{pb<=P2Gu2eTy
z!_zVh&D7j-133mm1(VBB3n7mrvhKT)OyV~PW-+`3Fj)4m<%AS>4-}k=g~!R~HZw^2
zC1^~WKGV<ZErQ%t<on3LlefKIRw_?oQjTx1uP`d0a&x`>+7JpO;Zlo6tgy*mN~`;5
zO_4PdtVetXIB8sS99K30g>4x{(ofe!?4lSsFU6PNt#4R35zz0#MuJsl#U0UzCAq=L
z)ACoy>3NU|O0%<}SR|MoPorpjM3jYX>*2vDEBYW^Mgr-rakYZMi8hZK{iW5kG0h=*
zm){J_6@JbV-^G7k&es++hWkQxn?+srx^%ngHzWYrbWzr+<Am@s_@L)<raCC{;9{<|
zi9A~L$}cfkU-!;9l!DQ>`=(q6N9Dei8>T=KN|K-w^rA5H+2A!InyP{r`W0IO5&=^O
zhaWcO+>?S6qWHt&%1A?&1PP6pGlR%2j?&gEEXkbV%X&7JJAaD1AwlK6Ln7|fsmYOp
zns$i9Nl_Xes2i}L4NF-q0dOsd`-tHT-q*tD`9@=+B<qJrP1UjLPZkWpRQ7}J{ogm0
zINe8OpEije?=6IP;SxIQck0Xe4lh<(Yq{Q#jCvs~(gy#e=THlBJP3}|;5q4sPCbR+
z>tGD5$7cuY7rj)o1dJ#?Y~mXT#aqU2*?C@j7i6M(F|5$?Pw}7fyyxBp=L-A=<R9@l
z_y|t&GTI<NoMvE;9z8af&mG;NtmJ%<TC7Ig2{~tO`f#YmuKJl)lWH@<YNn^l<AVO|
z$Za`CNfwEn%(E{)FIB?EE)=4-rPqyq*P!{3InH9C;Waza#K<x<1<t=~A-W~}N>qUQ
z{&7$`do53aWDik=j>=l@hZh!h`#aE97~JpkX1>hlnS8sBXfS<#T<fRWFmSL(?k?Ee
zR~K~_P%7?NLM~FDu^qFK!p4;JwfnN8Gd^t?awB~|6qOdBrO6Bu`Zdjj&ESG8kA$iN
z`(qqm-H^Ks5uB4E&g%Wn@%u;bJHF$-Yhb%+g0yasr4wIdn*dDitavGP!_{)nHzh}F
zSP|P-*OknbhheYoa{49XTX=Z;fcS!b0S1xoO)D|_Z*n$EQnP&9t=6O^BD4>k%>h<~
zIQ1g)IiG0>WH0-fx$mNw7>YavJuUQW^9S_`L5<mnr8+URkEv~h8w9yiKrGRSkXEJM
z@gJ>*O|S5raj&cw*Zp7?*{X_s*(-AXQh7}AmA0Mx`Vf7p%P78*2IRcpc-%2%3FHVC
z_2r-=TxHggUHKnguGi37c<X#;AS&9CughUv0eBGJ^8PpB-^uMP)Elo0_Wj`ZD?GLx
z72e`4jDM<Qg++q7!z;lju4hK-7O;3O!nTY%!8=vQ5zhqrJ;PrHErg16F10#-3$&oh
zL7w!h8NkJ-@&pw@zKVLTVSfy0@hd~O&W(g~x}?3EQhgi#q;UgVa3G=&yB@%1aLx<O
zCzS3QfNfj9A=KI_U`K##MS2;{j@)qY(K?)xcaA@b!%t%w%oinMDCO8a9mAoE<G^-Z
zh+~<65XX*|$ns->Gzm_NSyWCQ(`q6`vk2v4WPPeRQ;TR3E67X@CL1->#fl|x0OPcf
zEF4n?S8<P*SdAO(cqk<ZcGiou%4L{u8UtUmiD?MJ9%_M>LLa86r%zk10dYP@8KsRk
zAB6T!3Ir1zXBNrZZ+{|>HwxKSLaSZSG3w(;w7TRMFG&|EQ5oc@yPu>PstCwPV=hJ6
zv7iF)l7uhQ>sG@FDK}mnkEz44&B|1Zc<W$5xD%{T3?)Y(FyR)CxnBk2*T25DR6qNn
z7NNN+=2MI+h}^LFlLo;?5up$LXhBa5ny@J`%8rCf(3R9$F0Ujr$D8t3NExU~-cEI5
zQ$#1~*K`8Wd^Oh`9q2rIJx3ZX0~Nk_FAOz&d*JNP{(y=-#`O)@6@_^wW5ewmGT@jl
z%McDs^bn+^1h+E={?a!mT7W=cx_XS0RVetGUJ2LUQi;VBvw(_Rx<JjAKXJD@Zr6NP
z37`vW^=cqyLn@kgP=KB#E98o?)lj1ov`D3y+0cVVDwSB2!^wSUGf2pora1#<u{r>2
zPkv5$rwzI&QQp96aIvks*dsBO^?V?JoWyK9Mu)Bc<iMzC5K`6ShBu?-hg=v4F@%^-
zvX3KM&x>SP5^8VuFLLa)Qe92IvZ;sUU*%l~IJn67T}afuEu}4c<k@5A=%LI(xUh_0
z2aR4`Y#G{1d-9@m7(j1N4zYb00IUdZHxFdHei)5Bf$6|aHkyw;&facQ!xLLd4Oa6u
ztlz^OV07*UWe(iIoTVn3g>JC7+wBI-+Xc*adiaBIgly@C)aP-uKFVG_xmogRU{DL$
zn|W1hLzX=HIn=xn{(MQB$-3#1I<-C7Iw*PRH^-W9{f53A<(b7`I{R9QcEnAI%$hmC
z?$;BShSe>xMq)qj=%}$$-EuEddw^*lZvd$CaCkW+PCnkZzLa|-S}-WRUnm-&;ERw5
zPnv^^P%)Z>%;LVnwxN9_9ALrfun4#PlF#bk3vdYf49qB{;{L72uwm7B5#?#|>&o)U
zr=?>BlJ}^Nh=|Eg%S*;CJvBirz8ih-Ka;qfp|@@vL%7+fMcJfi?nz@>r3dX$a3jy`
zyh7R-OQmp1^az-!6}3>C0ri?nF~h<8uUJrXX&&$vj%QG{4A<c<4E!c`_!3ZJt9%i0
z=TaW+vXEOuzAN7;z?<ZS2EOIGnBw2}Yq7^9$2c_jg@|;m@95`Zjme+XkR?6rX0;F-
zQ3tXJlRuIpP_Y&M=p-g>0I0%?acFw+uaS_BTdbIthbHPUG@~rze86A>9DdpD#XI(&
zQf-EkbDfVnD__nZIwoBcBVnlU4%o_bL{aNUP!~na-NsQ{)!0i+2o;xC!QEzc?L@SR
z?^8N!P<c3|*#sqp_|t_NbCCKRl+%C9v5Ipf%irpa_CW5k6rA_mzU4^}L-J7+2>htp
zKNWntz(iQH&$oMK;+NC7j{RjGwCXbmuNi>gj`2fQ=~vAORtjRQc<>49FTcrc&_CWW
z!?D&J)=*dKX6<|}xWto)y$;55CVRifMRCf@kecBEDJJQps`Y2ET~)@*uy<&MW6f!H
z{Yu29qhDV{OX-h<-ff_GO$HHqP4?E*0ZCz{&9@IS7a2IcMc|RO&>q^ma%XShLDkL~
zMbU3}cI2*>R@m0Mk8OfV1+VwroIY>f_D+OTUuL<y+i~9Bf>B_IXV0%K@!(va*w-2)
z>%^F?RLD=e=*XZV_|~HMW}{%!cEJG0hy$A=NCJ6YsE@6CNOs2bb+C6ZdI+tux^b%!
z=5FsWV}%#QZdB1;tZaWUFrSRqXjYyz({*c}Y;|JzpD@~`FQqO&uOYTVARvEc<khvq
zlKdf*u1Uaz+^Rs(5i5H}Ww+`R)5v5Q?8O^K*y6rZ$C0AVJStpy+mt`u9CF0ks(0wc
zK2M9xt`_ymfH2n=yR8V!oKK_~39teCHZA!i2R&DPExVEL3*YDFZA<!yzm>|v#<+Xk
z0Vu#|+Y2+BV%|y*pk~m-n5)}<^}70r6<~}@QF*hCg_hp_q0EL=7xwL~V}FzGS{Nd=
zMDNVd6sx5^AOrCfKICO4(a+^)nqhD>L%t>@-LMb|tjIU?V@Ztu5oC`W)YqYbsp1!g
z8FQs!URNnN_`B-JF{m7Z{rTzi7~}&j5phV$e!X+?r)nmr*t`JB#Fbqs)66|KYD<DL
zSJd3g(a)+jDpr{Yc_=SEaJ*nq3A~n*FIV*F*uv0xMr7pMZA;nGrWq|+Wv4QC+LSFV
zwsl#``BH#76IJm&xgk_oA9UyyLGi%}?t8Y6{;^`ksSku5lj$ZT0Z|Y;5&X>8Z!u_<
z6OIC$CBG2xh8D=H@X(|Y;ZN3{XLus_q~=F;?C(ePX@YyyYz;pGExhm3Xma0e)rzNQ
z-9);$yVRbhwf%mDWuA`L{B}<UNUlHFhS;FHwEw<aO5xt@R(DQ)tkA2Za=R$b!9mUt
zoT#X!pR%uhys$Wm{|Vsu9ZA`l?pW$yu1Q$x`Kgig`H{C=3j+l)9OXK>XsnbHt#0Pe
z7Eb=7_s{2x`EXQkhO~>enL~))sdvt#LcR9Ujbd-RMdy0t-YIZ-?{xq9simc*^x^+{
z@zU8^TeIc+`S`fJtmUv}*xT`PaS7aiuiUqeLM#JvNftHOYf70O<-gT`?Gm(lPp?zG
zatOnYy}Um>^grVg{rL0n@*O=|UQly&Y$IL3-Ea5o&{<x)OHjb-EIR?vz$|;nqZN(F
zw7Kx`s{+k)M1$=a^#0Fc)>&_FyH|I-0#$r@RUU>Rv7*W9%hu4%f*@JDArhMp`C>4;
zA%P^r*UioMrJnO;sL$HZCzf>gpLsUuPe;>ApBNpOc4h`NX+qlWbhG01<<2EUpAWn;
zuCzAKPYGb^m9_7F?9saX4PiFrm4Ztxiq~~_F=y(LRL@si$$75EE&SzQwrom18`JYX
z0cNxNp%e}}DlaAPzMn3gJH(2g3ya^B65e(GXzEcqzvr`7wGo}9NKp$35v?vV{xNA?
zrn6u9-kEulc1aZHYBnB?oag_t_h(tkzvaYMH(f5e;aqZ?0r?@1eN8@Q8n$qw?`!n>
zRZoX<<>sRVXUJmwJ>Ezxmjyl{nu^f{c&t>9YPp9AJ$=P)NrL-up;dOdfJmJv?->YG
z-*(&tLV)l!;^!g11{|V6wM)zO%XDA?LEZ9xJUc-Uu(1mHO>l)_Pyr_)4ToPF-5lSt
zB_U#Ax31SIuJSQ4iAD<14yOE~O@*xbw?s`gABOBBsL|^73|1O#FuYD|Vs6r{?nSjI
zjDQR5z{}kJB4w@eb@P*3IT$8Iv);kEi0SVitMIKJvWKEMV$#mTmnn7rb~BZsb|!nJ
z43(m<ryPUG$Ew<<fv~N0YC`eNULl|{J>(wrD~WYsxg1DQ3$;9PAVPJByUXMO@$4$2
znOACU!gM^=`UOFPNU&wVU;xS3KwKXPA2d>ZZyqC*x;5IJBlA7PrQ`}@NVo5HH1)-d
zCWS8xjpiJ7F_W}m+YZlZbkJ7lfeMJ5*x~O!m$1|P_cf2))mjG_1qu6DL}`V4u<~-$
zWeICq(>@n<HAE?-iefN#Pe;tfuE?WIbGzWOQfq*W$UQhsnE?qT$8LwTNGJjcWNJvG
z1~XrvpcwZn0<mKiZ2nYmRAj-Zb$a=Q*s;6QN($)|7;ju7cqU}Guz7#P8CfHVDM%)y
zSOuXlqONdSWNZ;w)cQ-9y>q+qb1$u$<{`YHk}_24q^os^0-~rxE#7EKT8eF}M~n3w
z^>^dN6qUwRcB6%2MunqgTOx(SMLm)AKg;q43K#*SwN|23PS!~Qu>3y;_=0ueIw*x&
z&NVq3cG5Y&<Nk|^I;Q_{5zMEBn^r{dvZ24)ml=INDI!@O)rfho8pw!wEGQLG@o8t4
z-wL*({rURvXU$#fGI!~-=ktSb@lz3WCjaA6*zBkh#Qr_tFx(!|@wKQK&ZGB5)6wlT
z;K1n6i8gTUq#VnGsJV|H=q;+dlxz!bRk&ebS9;qV+2si=DJDdd*@Kb0>1kpq&GLm#
zG5eaV2EuE7S0D4xudd&lmvm&bYhKQs#dW~*U7g7ADGKe;uBo_R<=niy2KFp9ED$cZ
zYmbfsxOZ1UiAHxc(sbSq9C4IhPJ8{2`i~fc*01%0nU01>zE_T1;gos}3Z*x&CL5{o
zV_$TVyqWIbJ`kfu9%K&kZj%O5{B};eZ!wkj=_h6i?F<$y9OG7e+jnmK8r`h7(%X1>
zcHmruIKO5Vg5k?Ls(PEm^P(3vjYXR7zHUpYNS!W!##c@s{LcDa3tw1>_N2{|{XC)C
zZtQ`r_wj)TS*Qu#+7*tw9`=kAsoe@8$)CuF%P<1ThV*WGco~}g=^SQRiuK#e%J!Kb
zRN=lFiEPWDbjrDBewDs}UE0It(KAxinJU%~CcQ9biV-49#IIY@PDNGo-bH8A!NfCj
z*2MPZ9)BFj>qof*yAhR=nT5g_au}sEzQX=m-$|w<X@}0@3T&c>J~Ry3A_nUg!e~QT
z`PsSS%mNC?2>Jd71xVfIlY%aUmHq|$h6RcxEJ|<<GK8vBX9y()!JpD_pwl*hT`Uq|
zsAx3(CW`l$$*P~hCKY0dQiE`ULWeTyYBWtC#`~Ygk5N?Y+jWj7W~<qby*IAB=Oi>q
zrq2eldE#9Yfq>EuW{Wr&kFtF|28VVu8)(GP^RlJqn-(VGTMQ2s9&T$DCFj?r>(24}
zKh2kq2dR&+p9EW;d3CjH0UdNdv0n`Edvq6w4n*<G3mYo<^E#e?v;68<k=1US=9*q@
z7WlRuWanY%B;R)h48d3Z*1sr{8O3_Q*S4q0p`AuBG#}{3dzJbbqSK;%oe^6mHQ5Q4
z<64nMsfA^JPk605Q2|d3s8XG<zC=48XPT0P?V%W5smhGtM_;z9y@waszg)^7qLIc#
zPuFD;;Xqb02*rS*Nl4eaWfndFJ9v5oH<Rp5n6jL>R*Fcn5E)O|+af%hZYX8<<qawz
z&w%#ulVWzIJ^@ZD#W<BoPOZ?39bxE2^~Fy{I@lwSyAa;x5Jq;s6~sw?21qxBJ^2f1
z{rhZ1tX_sZo#08Q2MbB{_o4nH_two&wA_5D?JI<Tx~c&Er4h2y4?ji@!wF-Ws5xKF
z(}{&rR|!5rS*>E%;Z4e~!})t*H7v=P%btMN$%v54>L&deLAP8#8cfz1vB?9(Bg#qd
zOL<waV+k#@^0pE4_BzDV*gf8F7tl=YikY3P(;u5Dq+**hunCXB5@OdNT>o4gE^D{&
z+Z-FuwH&Z+08w{;>xObz3}l1}@YdpFq{IK?)+T_AR^Z?PCn7Aw6SDuxo%Y2*FDxdJ
ztHs&l^ymhr3_c8<{NBat@APrF0^LfQbefii=1~GtVoZ<PDp#{Lo5`_ICvO`$ab;>y
z4u27?#u}b4N~?U#tjYH2_3v~hbD68K)APNosi8Ze+MMx5RQcKR*n$(|#o1H9#}LZ%
zX^x@Gi!T$GvtPEN|BA1e7eV+bhcy-=;><Vp)kWa@^9Wu$A*{*`J@xO~faZuOihFXB
z7dK-HnGF!&G^?y$UPs{536rrP;kvY0m8W0i(*T0@F7{-TvBAfKID^d1JLU!L9hfwR
zb?nutiQ(zl2afTEBmo(Z#2cza?k_PeT;c_uI?wTe*~wokE0eYf@2SSal~O~#r1w!N
z^hupwJ)@7!dVvWoDhf-T!|rAfwo|V-d4mZ$D+!NY$Xv~Og9-R46~=7`9)l&Rp{+c^
z$*amlG<FGRW40wt?p5_cgQGp7&)IYfuS>04K+oC42XMm&gmBZni1;H4i&|G>M?6P7
zp9@?6K}E3uO+c}b5XA9L^MrL*R-?*+CpMc?q0+xZtK!dT#B3$Bm-pm30C8tSb~Le=
zg3MH5010o?SHo|idktTs8^V&&p&5?$3ss)ioET=9p%=PrI<r~hdneO{kDuRl{}LTL
zrTL3(Q!{J$a41hZucqQ{gagQEJx!ck^c`<9*lf@<ovKj{KCFN%XSGia?cq_)JX$YU
z>ZW;VD_Jy6XuC=j5rvYuL^HRA89Kd@y)VY6OksV&pq`zMOjMP`|I2igRJ!!cC!I4J
z5BW)Xos99BcBp~1QAca-^A4theyqL<XA*3FWqX^07RIEeU96|=S~1yQ4VSk0Rp9Hg
z1K)$8D(t*c(R8cxq7N}4W<v5y>50=dzxJ5+VJCe5i^dZDj23;jHjXx&oM?kZl+b~;
zG0oUL??X?^!M?1^qC4HN91Pkw_@lGHXjNcqCycnZlEcks#HAh`%99wg{ejVEe>K@=
zs}rJ<$bIQ7-ZOm;ge8=aOZOy3UPtT8Vi@KwlY_^?W@Uht@0V0aJ_$%7&}UV}7z|9y
ze`^0xAlqhMsfYC<`esHeqglc8fLV=VCMpUh5Yp;oo`|NFJzS*E&@meC#hwRpZ#hy}
zP;&r;B_0EfE!j3{$LI{`5EJly>`j2W26Yn0KAb`&#S6K(20}IEfjcb4e;KW_p*$|)
z5l98zZwa?lL!R%+=tq>r(LmbrzfSatxyBoQqO*05BJ0NKSecp|2{`t1cJ*yYawy_f
z?PeZlx^zj7rlc=`P8`;OA5ium$^Dz0Nt7W$BTDPer<t#2q>HD!FRFX>h1B;v_;@iV
z>HJ;i6<eS4bD?C_$>#H&MXj_PY9KV;nxqV>&>i*x55_8)p9roeqz8s2vYdqwvqcuq
z<n@B|BqKV*XWFTY;T`MT8bGt`WyNtcw&Mk1TEfecG`RTB+nG100pKDi{iCLd!LQqZ
zft?}Ws^PR(Hwo5NrRrpdto7P+Zxoch<$Oe^T)Ir2aD*Bc&yPHbRyAjtqvh4PPMvmR
zHlFIJ#kTfn5@BrpVE4O*O;mC*Ii+h%yk1+=j8QwxmFa=5-r5d1m^hqCK>w@nriRa2
z2V%<*f6YoweZd$Dsmt{J!a<hHeg=j3cw@fl4EU<_FsD!EA;ND$`Wi7Ub^hALd$~pp
zg6bP5SmGK>gUn^3<+M^czqPC-5xW7#R)w#$@PqJ;wnT&Sb=XdFDy9T$<yAQ%ld=G(
zXv@+F5A4&-hhvQ~n=iHRwg#ONSrmR~hg&hmla2R!HnX4FPMwB4R4>ij?Q6VsioPuj
zVtI&ri_@NbdnzV;&MmpUjS@z|A=I8&z$V7G0Fe7Cuc;mVW@+r|hq+ns@>aq{hA;*B
z@6ka0m)s!JxOoZqmoh~JgqOAE0HMD?{q`e8{7Yl~D`KMTF!z5Ut^cz=ZMuzlqVINn
zj7Q$0%}D@ho&VIzQ@iEQp((F5Tu&3e^CE~WDPb#E#h8?D^Z%6J4EREL6O{fRQ${W_
zecRX*8UR2RPm5A6_jW<r^%~OZ4JjeJ3Eax($p>hofs?7ufa5Z`c=is`eyeD4*(tK-
zt7tjX59;PSYM1RTR6E;a>!jhy0=tyT@8iQlB$NO$&i^g6(-)At>AB;PhG=ttS)zZh
zE-0yyL6~5kjmJq|l=nZi%$d{4U|lrgw$4%-`@eFx@L%sHHCDs=r<C2pP<IbUCZaXt
z{bQ1RNT_wSx6btJJ6^Y`I43~7UuaW6C2_x5OoH(35sru5!^DHcq_j&IJi{hv#Yu=c
z(f)@VX6pW5#Pl%j|01UAWdBo4Gj;!p>0w$Ckk6VulPVh^OCs%3{;Y~6r;>8vXY#NN
zpa%mgAz40s5KsvLgS-}5E_z<Mz-k|3sUOi3_!eV@uEXfS&7{p}pHueduCTH}U61^6
z>PkP8Eo<*&a$^PAz&VHY(XQ^{UJVQe_wkGHhyWI1`(Hrozn&kOuvg#{zyipf4`GkM
z{&!n19|8p)W%N!Sh`mifx(55V8A<^W&Bks;+2yClo0Isj-1JIaT@Wb4aDVukoAO>y
z4nBqm1XnwlCy`f~)dWzz-JHf$=e-k7SL;;AH8#Dg>;(QGc?|ZbU4WOwH~X6Dnr>;^
zU2eL5l(lyp{O<iCsqv@XUqQllQ0Y^(8e_RZ^~CA&fiL^*@w3bCK1igVtorAbo;_#b
z3cYIT`=3c<V!`*D!7P1Fl(<UZ@_4z)@oA{9FYx|(`qKIMfAns2_&q*s08y)zfmeJ5
zb7AFLTC;7rJ?m_NpQ(4seP_ty=?}Fs9cB|0=9BVdaCTpF&xUM0Z>}f5=uckKYi|hU
e?EZ{Cqy_^63pxV*6aoSH{B!~^J%SYSfc!7;xvM(>

literal 0
HcmV?d00001

diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/Chart.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/Chart.yaml
new file mode 100644
index 0000000000..83ca3412ad
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/Chart.yaml
@@ -0,0 +1,10 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cattle-logging-system
+  catalog.cattle.io/release-name: rancher-logging-crd
+apiVersion: v1
+description: Installs the CRDs for rancher-logging.
+name: rancher-logging-crd
+type: application
+version: 104.2.0+up4.8.0
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/README.md b/charts/rancher-logging-crd/104.2.0+up4.8.0/README.md
new file mode 100644
index 0000000000..d4beb54faf
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/README.md
@@ -0,0 +1,2 @@
+# rancher-logging-crd
+A Rancher chart that installs the CRDs used by rancher-logging.
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging-extensions.banzaicloud.io_eventtailers.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging-extensions.banzaicloud.io_eventtailers.yaml
new file mode 100644
index 0000000000..eb2535fcdc
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging-extensions.banzaicloud.io_eventtailers.yaml
@@ -0,0 +1,2467 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: eventtailers.logging-extensions.banzaicloud.io
+spec:
+  group: logging-extensions.banzaicloud.io
+  names:
+    kind: EventTailer
+    listKind: EventTailerList
+    plural: eventtailers
+    singular: eventtailer
+  scope: Cluster
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              containerOverrides:
+                properties:
+                  command:
+                    items:
+                      type: string
+                    type: array
+                  image:
+                    type: string
+                  livenessProbe:
+                    properties:
+                      exec:
+                        properties:
+                          command:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      failureThreshold:
+                        format: int32
+                        type: integer
+                      grpc:
+                        properties:
+                          port:
+                            format: int32
+                            type: integer
+                          service:
+                            type: string
+                        required:
+                        - port
+                        type: object
+                      httpGet:
+                        properties:
+                          host:
+                            type: string
+                          httpHeaders:
+                            items:
+                              properties:
+                                name:
+                                  type: string
+                                value:
+                                  type: string
+                              required:
+                              - name
+                              - value
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          path:
+                            type: string
+                          port:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                          scheme:
+                            type: string
+                        required:
+                        - port
+                        type: object
+                      initialDelaySeconds:
+                        format: int32
+                        type: integer
+                      periodSeconds:
+                        format: int32
+                        type: integer
+                      successThreshold:
+                        format: int32
+                        type: integer
+                      tcpSocket:
+                        properties:
+                          host:
+                            type: string
+                          port:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                        required:
+                        - port
+                        type: object
+                      terminationGracePeriodSeconds:
+                        format: int64
+                        type: integer
+                      timeoutSeconds:
+                        format: int32
+                        type: integer
+                    type: object
+                  name:
+                    type: string
+                  pullPolicy:
+                    type: string
+                  readinessProbe:
+                    properties:
+                      exec:
+                        properties:
+                          command:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      failureThreshold:
+                        format: int32
+                        type: integer
+                      grpc:
+                        properties:
+                          port:
+                            format: int32
+                            type: integer
+                          service:
+                            type: string
+                        required:
+                        - port
+                        type: object
+                      httpGet:
+                        properties:
+                          host:
+                            type: string
+                          httpHeaders:
+                            items:
+                              properties:
+                                name:
+                                  type: string
+                                value:
+                                  type: string
+                              required:
+                              - name
+                              - value
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          path:
+                            type: string
+                          port:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                          scheme:
+                            type: string
+                        required:
+                        - port
+                        type: object
+                      initialDelaySeconds:
+                        format: int32
+                        type: integer
+                      periodSeconds:
+                        format: int32
+                        type: integer
+                      successThreshold:
+                        format: int32
+                        type: integer
+                      tcpSocket:
+                        properties:
+                          host:
+                            type: string
+                          port:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                        required:
+                        - port
+                        type: object
+                      terminationGracePeriodSeconds:
+                        format: int64
+                        type: integer
+                      timeoutSeconds:
+                        format: int32
+                        type: integer
+                    type: object
+                  resources:
+                    properties:
+                      claims:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                          required:
+                          - name
+                          type: object
+                        type: array
+                        x-kubernetes-list-map-keys:
+                        - name
+                        x-kubernetes-list-type: map
+                      limits:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                      requests:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                    type: object
+                  securityContext:
+                    properties:
+                      allowPrivilegeEscalation:
+                        type: boolean
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      capabilities:
+                        properties:
+                          add:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          drop:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      privileged:
+                        type: boolean
+                      procMount:
+                        type: string
+                      readOnlyRootFilesystem:
+                        type: boolean
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
+                    type: object
+                  volumeMounts:
+                    items:
+                      properties:
+                        mountPath:
+                          type: string
+                        mountPropagation:
+                          type: string
+                        name:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        recursiveReadOnly:
+                          type: string
+                        subPath:
+                          type: string
+                        subPathExpr:
+                          type: string
+                      required:
+                      - mountPath
+                      - name
+                      type: object
+                    type: array
+                type: object
+              controlNamespace:
+                type: string
+              image:
+                properties:
+                  imagePullSecrets:
+                    items:
+                      properties:
+                        name:
+                          default: ""
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                  pullPolicy:
+                    type: string
+                  repository:
+                    type: string
+                  tag:
+                    type: string
+                type: object
+              positionVolume:
+                properties:
+                  configMap:
+                    properties:
+                      defaultMode:
+                        format: int32
+                        type: integer
+                      items:
+                        items:
+                          properties:
+                            key:
+                              type: string
+                            mode:
+                              format: int32
+                              type: integer
+                            path:
+                              type: string
+                          required:
+                          - key
+                          - path
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      name:
+                        default: ""
+                        type: string
+                      optional:
+                        type: boolean
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  emptyDir:
+                    properties:
+                      medium:
+                        type: string
+                      sizeLimit:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                        x-kubernetes-int-or-string: true
+                    type: object
+                  host_path:
+                    properties:
+                      path:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - path
+                    type: object
+                  hostPath:
+                    properties:
+                      path:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - path
+                    type: object
+                  pvc:
+                    properties:
+                      source:
+                        properties:
+                          claimName:
+                            type: string
+                          readOnly:
+                            type: boolean
+                        required:
+                        - claimName
+                        type: object
+                      spec:
+                        properties:
+                          accessModes:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          dataSource:
+                            properties:
+                              apiGroup:
+                                type: string
+                              kind:
+                                type: string
+                              name:
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          dataSourceRef:
+                            properties:
+                              apiGroup:
+                                type: string
+                              kind:
+                                type: string
+                              name:
+                                type: string
+                              namespace:
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                          resources:
+                            properties:
+                              limits:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                type: object
+                              requests:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                type: object
+                            type: object
+                          selector:
+                            properties:
+                              matchExpressions:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    operator:
+                                      type: string
+                                    values:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  required:
+                                  - key
+                                  - operator
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              matchLabels:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          storageClassName:
+                            type: string
+                          volumeAttributesClassName:
+                            type: string
+                          volumeMode:
+                            type: string
+                          volumeName:
+                            type: string
+                        type: object
+                    type: object
+                  secret:
+                    properties:
+                      defaultMode:
+                        format: int32
+                        type: integer
+                      items:
+                        items:
+                          properties:
+                            key:
+                              type: string
+                            mode:
+                              format: int32
+                              type: integer
+                            path:
+                              type: string
+                          required:
+                          - key
+                          - path
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      optional:
+                        type: boolean
+                      secretName:
+                        type: string
+                    type: object
+                type: object
+              workloadMetaOverrides:
+                properties:
+                  annotations:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                type: object
+              workloadOverrides:
+                properties:
+                  affinity:
+                    properties:
+                      nodeAffinity:
+                        properties:
+                          preferredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                preference:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchFields:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                weight:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - preference
+                              - weight
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          requiredDuringSchedulingIgnoredDuringExecution:
+                            properties:
+                              nodeSelectorTerms:
+                                items:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchFields:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            required:
+                            - nodeSelectorTerms
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      podAffinity:
+                        properties:
+                          preferredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                podAffinityTerm:
+                                  properties:
+                                    labelSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    matchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    mismatchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    namespaceSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    namespaces:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    topologyKey:
+                                      type: string
+                                  required:
+                                  - topologyKey
+                                  type: object
+                                weight:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - podAffinityTerm
+                              - weight
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          requiredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                labelSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                matchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                mismatchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                namespaceSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                topologyKey:
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      podAntiAffinity:
+                        properties:
+                          preferredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                podAffinityTerm:
+                                  properties:
+                                    labelSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    matchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    mismatchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    namespaceSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    namespaces:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    topologyKey:
+                                      type: string
+                                  required:
+                                  - topologyKey
+                                  type: object
+                                weight:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - podAffinityTerm
+                              - weight
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          requiredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                labelSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                matchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                mismatchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                namespaceSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                topologyKey:
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                    type: object
+                  containers:
+                    items:
+                      properties:
+                        command:
+                          items:
+                            type: string
+                          type: array
+                        image:
+                          type: string
+                        livenessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        name:
+                          type: string
+                        pullPolicy:
+                          type: string
+                        readinessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        resources:
+                          properties:
+                            claims:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                required:
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            limits:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                            requests:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                          type: object
+                        securityContext:
+                          properties:
+                            allowPrivilegeEscalation:
+                              type: boolean
+                            appArmorProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            capabilities:
+                              properties:
+                                add:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                drop:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            privileged:
+                              type: boolean
+                            procMount:
+                              type: string
+                            readOnlyRootFilesystem:
+                              type: boolean
+                            runAsGroup:
+                              format: int64
+                              type: integer
+                            runAsNonRoot:
+                              type: boolean
+                            runAsUser:
+                              format: int64
+                              type: integer
+                            seLinuxOptions:
+                              properties:
+                                level:
+                                  type: string
+                                role:
+                                  type: string
+                                type:
+                                  type: string
+                                user:
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            windowsOptions:
+                              properties:
+                                gmsaCredentialSpec:
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  type: string
+                                hostProcess:
+                                  type: boolean
+                                runAsUserName:
+                                  type: string
+                              type: object
+                          type: object
+                        volumeMounts:
+                          items:
+                            properties:
+                              mountPath:
+                                type: string
+                              mountPropagation:
+                                type: string
+                              name:
+                                type: string
+                              readOnly:
+                                type: boolean
+                              recursiveReadOnly:
+                                type: string
+                              subPath:
+                                type: string
+                              subPathExpr:
+                                type: string
+                            required:
+                            - mountPath
+                            - name
+                            type: object
+                          type: array
+                      type: object
+                    type: array
+                  imagePullSecrets:
+                    items:
+                      properties:
+                        name:
+                          default: ""
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                  initContainers:
+                    items:
+                      properties:
+                        command:
+                          items:
+                            type: string
+                          type: array
+                        image:
+                          type: string
+                        livenessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        name:
+                          type: string
+                        pullPolicy:
+                          type: string
+                        readinessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        resources:
+                          properties:
+                            claims:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                required:
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            limits:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                            requests:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                          type: object
+                        securityContext:
+                          properties:
+                            allowPrivilegeEscalation:
+                              type: boolean
+                            appArmorProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            capabilities:
+                              properties:
+                                add:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                drop:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            privileged:
+                              type: boolean
+                            procMount:
+                              type: string
+                            readOnlyRootFilesystem:
+                              type: boolean
+                            runAsGroup:
+                              format: int64
+                              type: integer
+                            runAsNonRoot:
+                              type: boolean
+                            runAsUser:
+                              format: int64
+                              type: integer
+                            seLinuxOptions:
+                              properties:
+                                level:
+                                  type: string
+                                role:
+                                  type: string
+                                type:
+                                  type: string
+                                user:
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            windowsOptions:
+                              properties:
+                                gmsaCredentialSpec:
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  type: string
+                                hostProcess:
+                                  type: boolean
+                                runAsUserName:
+                                  type: string
+                              type: object
+                          type: object
+                        volumeMounts:
+                          items:
+                            properties:
+                              mountPath:
+                                type: string
+                              mountPropagation:
+                                type: string
+                              name:
+                                type: string
+                              readOnly:
+                                type: boolean
+                              recursiveReadOnly:
+                                type: string
+                              subPath:
+                                type: string
+                              subPathExpr:
+                                type: string
+                            required:
+                            - mountPath
+                            - name
+                            type: object
+                          type: array
+                      type: object
+                    type: array
+                  nodeSelector:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  priorityClassName:
+                    type: string
+                  securityContext:
+                    properties:
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      fsGroup:
+                        format: int64
+                        type: integer
+                      fsGroupChangePolicy:
+                        type: string
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      supplementalGroups:
+                        items:
+                          format: int64
+                          type: integer
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      sysctls:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
+                    type: object
+                  serviceAccountName:
+                    type: string
+                  tolerations:
+                    items:
+                      properties:
+                        effect:
+                          type: string
+                        key:
+                          type: string
+                        operator:
+                          type: string
+                        tolerationSeconds:
+                          format: int64
+                          type: integer
+                        value:
+                          type: string
+                      type: object
+                    type: array
+                  volumes:
+                    items:
+                      properties:
+                        awsElasticBlockStore:
+                          properties:
+                            fsType:
+                              type: string
+                            partition:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            volumeID:
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        azureDisk:
+                          properties:
+                            cachingMode:
+                              type: string
+                            diskName:
+                              type: string
+                            diskURI:
+                              type: string
+                            fsType:
+                              type: string
+                            kind:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - diskName
+                          - diskURI
+                          type: object
+                        azureFile:
+                          properties:
+                            readOnly:
+                              type: boolean
+                            secretName:
+                              type: string
+                            shareName:
+                              type: string
+                          required:
+                          - secretName
+                          - shareName
+                          type: object
+                        cephfs:
+                          properties:
+                            monitors:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretFile:
+                              type: string
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
+                              type: string
+                          required:
+                          - monitors
+                          type: object
+                        cinder:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeID:
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        configMap:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  key:
+                                    type: string
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                required:
+                                - key
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            name:
+                              default: ""
+                              type: string
+                            optional:
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        csi:
+                          properties:
+                            driver:
+                              type: string
+                            fsType:
+                              type: string
+                            nodePublishSecretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            readOnly:
+                              type: boolean
+                            volumeAttributes:
+                              additionalProperties:
+                                type: string
+                              type: object
+                          required:
+                          - driver
+                          type: object
+                        downwardAPI:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                required:
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        emptyDir:
+                          properties:
+                            medium:
+                              type: string
+                            sizeLimit:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                          type: object
+                        ephemeral:
+                          properties:
+                            volumeClaimTemplate:
+                              properties:
+                                metadata:
+                                  type: object
+                                spec:
+                                  properties:
+                                    accessModes:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    dataSource:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    dataSourceRef:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                        namespace:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                    resources:
+                                      properties:
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    selector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    storageClassName:
+                                      type: string
+                                    volumeAttributesClassName:
+                                      type: string
+                                    volumeMode:
+                                      type: string
+                                    volumeName:
+                                      type: string
+                                  type: object
+                              required:
+                              - spec
+                              type: object
+                          type: object
+                        fc:
+                          properties:
+                            fsType:
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            targetWWNs:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            wwids:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        flexVolume:
+                          properties:
+                            driver:
+                              type: string
+                            fsType:
+                              type: string
+                            options:
+                              additionalProperties:
+                                type: string
+                              type: object
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          required:
+                          - driver
+                          type: object
+                        flocker:
+                          properties:
+                            datasetName:
+                              type: string
+                            datasetUUID:
+                              type: string
+                          type: object
+                        gcePersistentDisk:
+                          properties:
+                            fsType:
+                              type: string
+                            partition:
+                              format: int32
+                              type: integer
+                            pdName:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - pdName
+                          type: object
+                        gitRepo:
+                          properties:
+                            directory:
+                              type: string
+                            repository:
+                              type: string
+                            revision:
+                              type: string
+                          required:
+                          - repository
+                          type: object
+                        glusterfs:
+                          properties:
+                            endpoints:
+                              type: string
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - endpoints
+                          - path
+                          type: object
+                        hostPath:
+                          properties:
+                            path:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - path
+                          type: object
+                        iscsi:
+                          properties:
+                            chapAuthDiscovery:
+                              type: boolean
+                            chapAuthSession:
+                              type: boolean
+                            fsType:
+                              type: string
+                            initiatorName:
+                              type: string
+                            iqn:
+                              type: string
+                            iscsiInterface:
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            portals:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            targetPortal:
+                              type: string
+                          required:
+                          - iqn
+                          - lun
+                          - targetPortal
+                          type: object
+                        name:
+                          type: string
+                        nfs:
+                          properties:
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            server:
+                              type: string
+                          required:
+                          - path
+                          - server
+                          type: object
+                        persistentVolumeClaim:
+                          properties:
+                            claimName:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - claimName
+                          type: object
+                        photonPersistentDisk:
+                          properties:
+                            fsType:
+                              type: string
+                            pdID:
+                              type: string
+                          required:
+                          - pdID
+                          type: object
+                        portworxVolume:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            volumeID:
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        projected:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            sources:
+                              items:
+                                properties:
+                                  clusterTrustBundle:
+                                    properties:
+                                      labelSelector:
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                operator:
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              required:
+                                              - key
+                                              - operator
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          matchLabels:
+                                            additionalProperties:
+                                              type: string
+                                            type: object
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      name:
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                      path:
+                                        type: string
+                                      signerName:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                  configMap:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                          required:
+                                          - key
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  downwardAPI:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            fieldRef:
+                                              properties:
+                                                apiVersion:
+                                                  type: string
+                                                fieldPath:
+                                                  type: string
+                                              required:
+                                              - fieldPath
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                            resourceFieldRef:
+                                              properties:
+                                                containerName:
+                                                  type: string
+                                                divisor:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                  x-kubernetes-int-or-string: true
+                                                resource:
+                                                  type: string
+                                              required:
+                                              - resource
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          required:
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    type: object
+                                  secret:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                          required:
+                                          - key
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serviceAccountToken:
+                                    properties:
+                                      audience:
+                                        type: string
+                                      expirationSeconds:
+                                        format: int64
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        quobyte:
+                          properties:
+                            group:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            registry:
+                              type: string
+                            tenant:
+                              type: string
+                            user:
+                              type: string
+                            volume:
+                              type: string
+                          required:
+                          - registry
+                          - volume
+                          type: object
+                        rbd:
+                          properties:
+                            fsType:
+                              type: string
+                            image:
+                              type: string
+                            keyring:
+                              type: string
+                            monitors:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            pool:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
+                              type: string
+                          required:
+                          - image
+                          - monitors
+                          type: object
+                        scaleIO:
+                          properties:
+                            fsType:
+                              type: string
+                            gateway:
+                              type: string
+                            protectionDomain:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            sslEnabled:
+                              type: boolean
+                            storageMode:
+                              type: string
+                            storagePool:
+                              type: string
+                            system:
+                              type: string
+                            volumeName:
+                              type: string
+                          required:
+                          - gateway
+                          - secretRef
+                          - system
+                          type: object
+                        secret:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  key:
+                                    type: string
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                required:
+                                - key
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            optional:
+                              type: boolean
+                            secretName:
+                              type: string
+                          type: object
+                        storageos:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeName:
+                              type: string
+                            volumeNamespace:
+                              type: string
+                          type: object
+                        vsphereVolume:
+                          properties:
+                            fsType:
+                              type: string
+                            storagePolicyID:
+                              type: string
+                            storagePolicyName:
+                              type: string
+                            volumePath:
+                              type: string
+                          required:
+                          - volumePath
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                type: object
+            required:
+            - controlNamespace
+            type: object
+          status:
+            type: object
+        type: object
+    served: true
+    storage: true
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging-extensions.banzaicloud.io_hosttailers.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging-extensions.banzaicloud.io_hosttailers.yaml
new file mode 100644
index 0000000000..d49355f12b
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging-extensions.banzaicloud.io_hosttailers.yaml
@@ -0,0 +1,2651 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: hosttailers.logging-extensions.banzaicloud.io
+spec:
+  group: logging-extensions.banzaicloud.io
+  names:
+    kind: HostTailer
+    listKind: HostTailerList
+    plural: hosttailers
+    singular: hosttailer
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              enableRecreateWorkloadOnImmutableFieldChange:
+                type: boolean
+              fileTailers:
+                items:
+                  properties:
+                    buffer_chunk_size:
+                      type: string
+                    buffer_max_size:
+                      type: string
+                    containerOverrides:
+                      properties:
+                        command:
+                          items:
+                            type: string
+                          type: array
+                        image:
+                          type: string
+                        livenessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        name:
+                          type: string
+                        pullPolicy:
+                          type: string
+                        readinessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        resources:
+                          properties:
+                            claims:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                required:
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            limits:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                            requests:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                          type: object
+                        securityContext:
+                          properties:
+                            allowPrivilegeEscalation:
+                              type: boolean
+                            appArmorProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            capabilities:
+                              properties:
+                                add:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                drop:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            privileged:
+                              type: boolean
+                            procMount:
+                              type: string
+                            readOnlyRootFilesystem:
+                              type: boolean
+                            runAsGroup:
+                              format: int64
+                              type: integer
+                            runAsNonRoot:
+                              type: boolean
+                            runAsUser:
+                              format: int64
+                              type: integer
+                            seLinuxOptions:
+                              properties:
+                                level:
+                                  type: string
+                                role:
+                                  type: string
+                                type:
+                                  type: string
+                                user:
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            windowsOptions:
+                              properties:
+                                gmsaCredentialSpec:
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  type: string
+                                hostProcess:
+                                  type: boolean
+                                runAsUserName:
+                                  type: string
+                              type: object
+                          type: object
+                        volumeMounts:
+                          items:
+                            properties:
+                              mountPath:
+                                type: string
+                              mountPropagation:
+                                type: string
+                              name:
+                                type: string
+                              readOnly:
+                                type: boolean
+                              recursiveReadOnly:
+                                type: string
+                              subPath:
+                                type: string
+                              subPathExpr:
+                                type: string
+                            required:
+                            - mountPath
+                            - name
+                            type: object
+                          type: array
+                      type: object
+                    disabled:
+                      type: boolean
+                    image:
+                      properties:
+                        imagePullSecrets:
+                          items:
+                            properties:
+                              name:
+                                default: ""
+                                type: string
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          type: array
+                        pullPolicy:
+                          type: string
+                        repository:
+                          type: string
+                        tag:
+                          type: string
+                      type: object
+                    name:
+                      type: string
+                    path:
+                      type: string
+                    read_from_head:
+                      type: boolean
+                    skip_long_lines:
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              image:
+                properties:
+                  imagePullSecrets:
+                    items:
+                      properties:
+                        name:
+                          default: ""
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                  pullPolicy:
+                    type: string
+                  repository:
+                    type: string
+                  tag:
+                    type: string
+                type: object
+              systemdTailers:
+                items:
+                  properties:
+                    containerOverrides:
+                      properties:
+                        command:
+                          items:
+                            type: string
+                          type: array
+                        image:
+                          type: string
+                        livenessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        name:
+                          type: string
+                        pullPolicy:
+                          type: string
+                        readinessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        resources:
+                          properties:
+                            claims:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                required:
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            limits:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                            requests:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                          type: object
+                        securityContext:
+                          properties:
+                            allowPrivilegeEscalation:
+                              type: boolean
+                            appArmorProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            capabilities:
+                              properties:
+                                add:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                drop:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            privileged:
+                              type: boolean
+                            procMount:
+                              type: string
+                            readOnlyRootFilesystem:
+                              type: boolean
+                            runAsGroup:
+                              format: int64
+                              type: integer
+                            runAsNonRoot:
+                              type: boolean
+                            runAsUser:
+                              format: int64
+                              type: integer
+                            seLinuxOptions:
+                              properties:
+                                level:
+                                  type: string
+                                role:
+                                  type: string
+                                type:
+                                  type: string
+                                user:
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            windowsOptions:
+                              properties:
+                                gmsaCredentialSpec:
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  type: string
+                                hostProcess:
+                                  type: boolean
+                                runAsUserName:
+                                  type: string
+                              type: object
+                          type: object
+                        volumeMounts:
+                          items:
+                            properties:
+                              mountPath:
+                                type: string
+                              mountPropagation:
+                                type: string
+                              name:
+                                type: string
+                              readOnly:
+                                type: boolean
+                              recursiveReadOnly:
+                                type: string
+                              subPath:
+                                type: string
+                              subPathExpr:
+                                type: string
+                            required:
+                            - mountPath
+                            - name
+                            type: object
+                          type: array
+                      type: object
+                    disabled:
+                      type: boolean
+                    image:
+                      properties:
+                        imagePullSecrets:
+                          items:
+                            properties:
+                              name:
+                                default: ""
+                                type: string
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          type: array
+                        pullPolicy:
+                          type: string
+                        repository:
+                          type: string
+                        tag:
+                          type: string
+                      type: object
+                    maxEntries:
+                      type: integer
+                    name:
+                      type: string
+                    path:
+                      type: string
+                    systemdFilter:
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              workloadMetaOverrides:
+                properties:
+                  annotations:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                type: object
+              workloadOverrides:
+                properties:
+                  affinity:
+                    properties:
+                      nodeAffinity:
+                        properties:
+                          preferredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                preference:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchFields:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                weight:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - preference
+                              - weight
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          requiredDuringSchedulingIgnoredDuringExecution:
+                            properties:
+                              nodeSelectorTerms:
+                                items:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchFields:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            required:
+                            - nodeSelectorTerms
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      podAffinity:
+                        properties:
+                          preferredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                podAffinityTerm:
+                                  properties:
+                                    labelSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    matchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    mismatchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    namespaceSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    namespaces:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    topologyKey:
+                                      type: string
+                                  required:
+                                  - topologyKey
+                                  type: object
+                                weight:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - podAffinityTerm
+                              - weight
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          requiredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                labelSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                matchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                mismatchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                namespaceSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                topologyKey:
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      podAntiAffinity:
+                        properties:
+                          preferredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                podAffinityTerm:
+                                  properties:
+                                    labelSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    matchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    mismatchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    namespaceSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    namespaces:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    topologyKey:
+                                      type: string
+                                  required:
+                                  - topologyKey
+                                  type: object
+                                weight:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - podAffinityTerm
+                              - weight
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          requiredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                labelSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                matchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                mismatchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                namespaceSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                topologyKey:
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                    type: object
+                  containers:
+                    items:
+                      properties:
+                        command:
+                          items:
+                            type: string
+                          type: array
+                        image:
+                          type: string
+                        livenessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        name:
+                          type: string
+                        pullPolicy:
+                          type: string
+                        readinessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        resources:
+                          properties:
+                            claims:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                required:
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            limits:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                            requests:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                          type: object
+                        securityContext:
+                          properties:
+                            allowPrivilegeEscalation:
+                              type: boolean
+                            appArmorProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            capabilities:
+                              properties:
+                                add:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                drop:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            privileged:
+                              type: boolean
+                            procMount:
+                              type: string
+                            readOnlyRootFilesystem:
+                              type: boolean
+                            runAsGroup:
+                              format: int64
+                              type: integer
+                            runAsNonRoot:
+                              type: boolean
+                            runAsUser:
+                              format: int64
+                              type: integer
+                            seLinuxOptions:
+                              properties:
+                                level:
+                                  type: string
+                                role:
+                                  type: string
+                                type:
+                                  type: string
+                                user:
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            windowsOptions:
+                              properties:
+                                gmsaCredentialSpec:
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  type: string
+                                hostProcess:
+                                  type: boolean
+                                runAsUserName:
+                                  type: string
+                              type: object
+                          type: object
+                        volumeMounts:
+                          items:
+                            properties:
+                              mountPath:
+                                type: string
+                              mountPropagation:
+                                type: string
+                              name:
+                                type: string
+                              readOnly:
+                                type: boolean
+                              recursiveReadOnly:
+                                type: string
+                              subPath:
+                                type: string
+                              subPathExpr:
+                                type: string
+                            required:
+                            - mountPath
+                            - name
+                            type: object
+                          type: array
+                      type: object
+                    type: array
+                  imagePullSecrets:
+                    items:
+                      properties:
+                        name:
+                          default: ""
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                  initContainers:
+                    items:
+                      properties:
+                        command:
+                          items:
+                            type: string
+                          type: array
+                        image:
+                          type: string
+                        livenessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        name:
+                          type: string
+                        pullPolicy:
+                          type: string
+                        readinessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        resources:
+                          properties:
+                            claims:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                required:
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            limits:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                            requests:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                          type: object
+                        securityContext:
+                          properties:
+                            allowPrivilegeEscalation:
+                              type: boolean
+                            appArmorProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            capabilities:
+                              properties:
+                                add:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                drop:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            privileged:
+                              type: boolean
+                            procMount:
+                              type: string
+                            readOnlyRootFilesystem:
+                              type: boolean
+                            runAsGroup:
+                              format: int64
+                              type: integer
+                            runAsNonRoot:
+                              type: boolean
+                            runAsUser:
+                              format: int64
+                              type: integer
+                            seLinuxOptions:
+                              properties:
+                                level:
+                                  type: string
+                                role:
+                                  type: string
+                                type:
+                                  type: string
+                                user:
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            windowsOptions:
+                              properties:
+                                gmsaCredentialSpec:
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  type: string
+                                hostProcess:
+                                  type: boolean
+                                runAsUserName:
+                                  type: string
+                              type: object
+                          type: object
+                        volumeMounts:
+                          items:
+                            properties:
+                              mountPath:
+                                type: string
+                              mountPropagation:
+                                type: string
+                              name:
+                                type: string
+                              readOnly:
+                                type: boolean
+                              recursiveReadOnly:
+                                type: string
+                              subPath:
+                                type: string
+                              subPathExpr:
+                                type: string
+                            required:
+                            - mountPath
+                            - name
+                            type: object
+                          type: array
+                      type: object
+                    type: array
+                  nodeSelector:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  priorityClassName:
+                    type: string
+                  securityContext:
+                    properties:
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      fsGroup:
+                        format: int64
+                        type: integer
+                      fsGroupChangePolicy:
+                        type: string
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      supplementalGroups:
+                        items:
+                          format: int64
+                          type: integer
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      sysctls:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
+                    type: object
+                  serviceAccountName:
+                    type: string
+                  tolerations:
+                    items:
+                      properties:
+                        effect:
+                          type: string
+                        key:
+                          type: string
+                        operator:
+                          type: string
+                        tolerationSeconds:
+                          format: int64
+                          type: integer
+                        value:
+                          type: string
+                      type: object
+                    type: array
+                  volumes:
+                    items:
+                      properties:
+                        awsElasticBlockStore:
+                          properties:
+                            fsType:
+                              type: string
+                            partition:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            volumeID:
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        azureDisk:
+                          properties:
+                            cachingMode:
+                              type: string
+                            diskName:
+                              type: string
+                            diskURI:
+                              type: string
+                            fsType:
+                              type: string
+                            kind:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - diskName
+                          - diskURI
+                          type: object
+                        azureFile:
+                          properties:
+                            readOnly:
+                              type: boolean
+                            secretName:
+                              type: string
+                            shareName:
+                              type: string
+                          required:
+                          - secretName
+                          - shareName
+                          type: object
+                        cephfs:
+                          properties:
+                            monitors:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretFile:
+                              type: string
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
+                              type: string
+                          required:
+                          - monitors
+                          type: object
+                        cinder:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeID:
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        configMap:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  key:
+                                    type: string
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                required:
+                                - key
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            name:
+                              default: ""
+                              type: string
+                            optional:
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        csi:
+                          properties:
+                            driver:
+                              type: string
+                            fsType:
+                              type: string
+                            nodePublishSecretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            readOnly:
+                              type: boolean
+                            volumeAttributes:
+                              additionalProperties:
+                                type: string
+                              type: object
+                          required:
+                          - driver
+                          type: object
+                        downwardAPI:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                required:
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        emptyDir:
+                          properties:
+                            medium:
+                              type: string
+                            sizeLimit:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                          type: object
+                        ephemeral:
+                          properties:
+                            volumeClaimTemplate:
+                              properties:
+                                metadata:
+                                  type: object
+                                spec:
+                                  properties:
+                                    accessModes:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    dataSource:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    dataSourceRef:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                        namespace:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                    resources:
+                                      properties:
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    selector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    storageClassName:
+                                      type: string
+                                    volumeAttributesClassName:
+                                      type: string
+                                    volumeMode:
+                                      type: string
+                                    volumeName:
+                                      type: string
+                                  type: object
+                              required:
+                              - spec
+                              type: object
+                          type: object
+                        fc:
+                          properties:
+                            fsType:
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            targetWWNs:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            wwids:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        flexVolume:
+                          properties:
+                            driver:
+                              type: string
+                            fsType:
+                              type: string
+                            options:
+                              additionalProperties:
+                                type: string
+                              type: object
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          required:
+                          - driver
+                          type: object
+                        flocker:
+                          properties:
+                            datasetName:
+                              type: string
+                            datasetUUID:
+                              type: string
+                          type: object
+                        gcePersistentDisk:
+                          properties:
+                            fsType:
+                              type: string
+                            partition:
+                              format: int32
+                              type: integer
+                            pdName:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - pdName
+                          type: object
+                        gitRepo:
+                          properties:
+                            directory:
+                              type: string
+                            repository:
+                              type: string
+                            revision:
+                              type: string
+                          required:
+                          - repository
+                          type: object
+                        glusterfs:
+                          properties:
+                            endpoints:
+                              type: string
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - endpoints
+                          - path
+                          type: object
+                        hostPath:
+                          properties:
+                            path:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - path
+                          type: object
+                        iscsi:
+                          properties:
+                            chapAuthDiscovery:
+                              type: boolean
+                            chapAuthSession:
+                              type: boolean
+                            fsType:
+                              type: string
+                            initiatorName:
+                              type: string
+                            iqn:
+                              type: string
+                            iscsiInterface:
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            portals:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            targetPortal:
+                              type: string
+                          required:
+                          - iqn
+                          - lun
+                          - targetPortal
+                          type: object
+                        name:
+                          type: string
+                        nfs:
+                          properties:
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            server:
+                              type: string
+                          required:
+                          - path
+                          - server
+                          type: object
+                        persistentVolumeClaim:
+                          properties:
+                            claimName:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - claimName
+                          type: object
+                        photonPersistentDisk:
+                          properties:
+                            fsType:
+                              type: string
+                            pdID:
+                              type: string
+                          required:
+                          - pdID
+                          type: object
+                        portworxVolume:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            volumeID:
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        projected:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            sources:
+                              items:
+                                properties:
+                                  clusterTrustBundle:
+                                    properties:
+                                      labelSelector:
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                operator:
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              required:
+                                              - key
+                                              - operator
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          matchLabels:
+                                            additionalProperties:
+                                              type: string
+                                            type: object
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      name:
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                      path:
+                                        type: string
+                                      signerName:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                  configMap:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                          required:
+                                          - key
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  downwardAPI:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            fieldRef:
+                                              properties:
+                                                apiVersion:
+                                                  type: string
+                                                fieldPath:
+                                                  type: string
+                                              required:
+                                              - fieldPath
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                            resourceFieldRef:
+                                              properties:
+                                                containerName:
+                                                  type: string
+                                                divisor:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                  x-kubernetes-int-or-string: true
+                                                resource:
+                                                  type: string
+                                              required:
+                                              - resource
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          required:
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    type: object
+                                  secret:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                          required:
+                                          - key
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serviceAccountToken:
+                                    properties:
+                                      audience:
+                                        type: string
+                                      expirationSeconds:
+                                        format: int64
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        quobyte:
+                          properties:
+                            group:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            registry:
+                              type: string
+                            tenant:
+                              type: string
+                            user:
+                              type: string
+                            volume:
+                              type: string
+                          required:
+                          - registry
+                          - volume
+                          type: object
+                        rbd:
+                          properties:
+                            fsType:
+                              type: string
+                            image:
+                              type: string
+                            keyring:
+                              type: string
+                            monitors:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            pool:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
+                              type: string
+                          required:
+                          - image
+                          - monitors
+                          type: object
+                        scaleIO:
+                          properties:
+                            fsType:
+                              type: string
+                            gateway:
+                              type: string
+                            protectionDomain:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            sslEnabled:
+                              type: boolean
+                            storageMode:
+                              type: string
+                            storagePool:
+                              type: string
+                            system:
+                              type: string
+                            volumeName:
+                              type: string
+                          required:
+                          - gateway
+                          - secretRef
+                          - system
+                          type: object
+                        secret:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  key:
+                                    type: string
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                required:
+                                - key
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            optional:
+                              type: boolean
+                            secretName:
+                              type: string
+                          type: object
+                        storageos:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeName:
+                              type: string
+                            volumeNamespace:
+                              type: string
+                          type: object
+                        vsphereVolume:
+                          properties:
+                            fsType:
+                              type: string
+                            storagePolicyID:
+                              type: string
+                            storagePolicyName:
+                              type: string
+                            volumePath:
+                              type: string
+                          required:
+                          - volumePath
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                type: object
+            type: object
+          status:
+            type: object
+        type: object
+    served: true
+    storage: true
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_clusterflows.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_clusterflows.yaml
new file mode 100644
index 0000000000..2d0586cc66
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_clusterflows.yaml
@@ -0,0 +1,2166 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: clusterflows.logging.banzaicloud.io
+spec:
+  group: logging.banzaicloud.io
+  names:
+    categories:
+    - logging-all
+    kind: ClusterFlow
+    listKind: ClusterFlowList
+    plural: clusterflows
+    singular: clusterflow
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - description: Is the flow active?
+      jsonPath: .status.active
+      name: Active
+      type: boolean
+    - description: Number of problems
+      jsonPath: .status.problemsCount
+      name: Problems
+      type: integer
+    name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              filters:
+                items:
+                  properties:
+                    concat:
+                      properties:
+                        continuous_line_regexp:
+                          type: string
+                        flush_interval:
+                          type: integer
+                        keep_partial_key:
+                          type: boolean
+                        keep_partial_metadata:
+                          type: string
+                        key:
+                          type: string
+                        multiline_end_regexp:
+                          type: string
+                        multiline_start_regexp:
+                          type: string
+                        n_lines:
+                          type: integer
+                        partial_cri_logtag_key:
+                          type: string
+                        partial_cri_stream_key:
+                          type: string
+                        partial_key:
+                          type: string
+                        partial_metadata_format:
+                          type: string
+                        partial_value:
+                          type: string
+                        separator:
+                          type: string
+                        stream_identity_key:
+                          type: string
+                        timeout_label:
+                          type: string
+                        use_first_timestamp:
+                          type: boolean
+                        use_partial_cri_logtag:
+                          type: boolean
+                        use_partial_metadata:
+                          type: string
+                      type: object
+                    dedot:
+                      properties:
+                        de_dot_nested:
+                          type: boolean
+                        de_dot_separator:
+                          type: string
+                      type: object
+                    detectExceptions:
+                      properties:
+                        force_line_breaks:
+                          type: boolean
+                        languages:
+                          items:
+                            type: string
+                          type: array
+                        match_tag:
+                          type: string
+                        max_bytes:
+                          type: integer
+                        max_lines:
+                          type: integer
+                        message:
+                          type: string
+                        multiline_flush_interval:
+                          type: string
+                        remove_tag_prefix:
+                          type: string
+                        stream:
+                          type: string
+                      type: object
+                    elasticsearch_genid:
+                      properties:
+                        hash_id_key:
+                          type: string
+                        hash_type:
+                          type: string
+                        include_tag_in_seed:
+                          type: boolean
+                        include_time_in_seed:
+                          type: boolean
+                        record_keys:
+                          type: string
+                        separator:
+                          type: string
+                        use_entire_record:
+                          type: boolean
+                        use_record_as_seed:
+                          type: boolean
+                      type: object
+                    enhanceK8s:
+                      properties:
+                        api_groups:
+                          items:
+                            type: string
+                          type: array
+                        bearer_token_file:
+                          type: string
+                        ca_file:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        cache_refresh:
+                          type: integer
+                        cache_refresh_variation:
+                          type: integer
+                        cache_size:
+                          type: integer
+                        cache_ttl:
+                          type: integer
+                        client_cert:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        client_key:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        core_api_versions:
+                          items:
+                            type: string
+                          type: array
+                        data_type:
+                          type: string
+                        in_namespace_path:
+                          items:
+                            type: string
+                          type: array
+                        in_pod_path:
+                          items:
+                            type: string
+                          type: array
+                        kubernetes_url:
+                          type: string
+                        secret_dir:
+                          type: string
+                        ssl_partial_chain:
+                          type: boolean
+                        verify_ssl:
+                          type: boolean
+                      type: object
+                    geoip:
+                      properties:
+                        backend_library:
+                          type: string
+                        geoip_database:
+                          type: string
+                        geoip_lookup_keys:
+                          type: string
+                        geoip2_database:
+                          type: string
+                        records:
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          type: array
+                        skip_adding_null_record:
+                          type: boolean
+                      type: object
+                    grep:
+                      properties:
+                        and:
+                          items:
+                            properties:
+                              exclude:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                              regexp:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                            type: object
+                          type: array
+                        exclude:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              pattern:
+                                type: string
+                            required:
+                            - key
+                            - pattern
+                            type: object
+                          type: array
+                        or:
+                          items:
+                            properties:
+                              exclude:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                              regexp:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                            type: object
+                          type: array
+                        regexp:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              pattern:
+                                type: string
+                            required:
+                            - key
+                            - pattern
+                            type: object
+                          type: array
+                      type: object
+                    kube_events_timestamp:
+                      properties:
+                        mapped_time_key:
+                          type: string
+                        timestamp_fields:
+                          items:
+                            type: string
+                          type: array
+                      type: object
+                    parser:
+                      properties:
+                        emit_invalid_record_to_error:
+                          type: boolean
+                        hash_value_field:
+                          type: string
+                        inject_key_prefix:
+                          type: string
+                        key_name:
+                          type: string
+                        parse:
+                          properties:
+                            custom_pattern_path:
+                              properties:
+                                mountFrom:
+                                  properties:
+                                    secretKeyRef:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                value:
+                                  type: string
+                                valueFrom:
+                                  properties:
+                                    secretKeyRef:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                              type: object
+                            delimiter:
+                              type: string
+                            delimiter_pattern:
+                              type: string
+                            estimate_current_event:
+                              type: boolean
+                            expression:
+                              type: string
+                            format:
+                              type: string
+                            format_firstline:
+                              type: string
+                            grok_failure_key:
+                              type: string
+                            grok_name_key:
+                              type: string
+                            grok_pattern:
+                              type: string
+                            grok_patterns:
+                              items:
+                                properties:
+                                  keep_time_key:
+                                    type: boolean
+                                  name:
+                                    type: string
+                                  pattern:
+                                    type: string
+                                  time_format:
+                                    type: string
+                                  time_key:
+                                    type: string
+                                  timezone:
+                                    type: string
+                                required:
+                                - pattern
+                                type: object
+                              type: array
+                            keep_time_key:
+                              type: boolean
+                            keys:
+                              type: string
+                            label_delimiter:
+                              type: string
+                            local_time:
+                              type: boolean
+                            multiline:
+                              items:
+                                type: string
+                              type: array
+                            multiline_start_regexp:
+                              type: string
+                            null_empty_string:
+                              type: boolean
+                            null_value_pattern:
+                              type: string
+                            patterns:
+                              items:
+                                properties:
+                                  custom_pattern_path:
+                                    properties:
+                                      mountFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            required:
+                                            - key
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            required:
+                                            - key
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                    type: object
+                                  estimate_current_event:
+                                    type: boolean
+                                  expression:
+                                    type: string
+                                  format:
+                                    type: string
+                                  grok_failure_key:
+                                    type: string
+                                  grok_name_key:
+                                    type: string
+                                  grok_pattern:
+                                    type: string
+                                  grok_patterns:
+                                    items:
+                                      properties:
+                                        keep_time_key:
+                                          type: boolean
+                                        name:
+                                          type: string
+                                        pattern:
+                                          type: string
+                                        time_format:
+                                          type: string
+                                        time_key:
+                                          type: string
+                                        timezone:
+                                          type: string
+                                      required:
+                                      - pattern
+                                      type: object
+                                    type: array
+                                  keep_time_key:
+                                    type: boolean
+                                  local_time:
+                                    type: boolean
+                                  multiline_start_regexp:
+                                    type: string
+                                  null_empty_string:
+                                    type: boolean
+                                  null_value_pattern:
+                                    type: string
+                                  time_format:
+                                    type: string
+                                  time_key:
+                                    type: string
+                                  time_type:
+                                    type: string
+                                  timezone:
+                                    type: string
+                                  type:
+                                    type: string
+                                  types:
+                                    type: string
+                                  utc:
+                                    type: boolean
+                                type: object
+                              type: array
+                            time_format:
+                              type: string
+                            time_key:
+                              type: string
+                            time_type:
+                              type: string
+                            timezone:
+                              type: string
+                            type:
+                              type: string
+                            types:
+                              type: string
+                            utc:
+                              type: boolean
+                          type: object
+                        parsers:
+                          items:
+                            properties:
+                              custom_pattern_path:
+                                properties:
+                                  mountFrom:
+                                    properties:
+                                      secretKeyRef:
+                                        properties:
+                                          key:
+                                            type: string
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  value:
+                                    type: string
+                                  valueFrom:
+                                    properties:
+                                      secretKeyRef:
+                                        properties:
+                                          key:
+                                            type: string
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                type: object
+                              delimiter:
+                                type: string
+                              delimiter_pattern:
+                                type: string
+                              estimate_current_event:
+                                type: boolean
+                              expression:
+                                type: string
+                              format:
+                                type: string
+                              format_firstline:
+                                type: string
+                              grok_failure_key:
+                                type: string
+                              grok_name_key:
+                                type: string
+                              grok_pattern:
+                                type: string
+                              grok_patterns:
+                                items:
+                                  properties:
+                                    keep_time_key:
+                                      type: boolean
+                                    name:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                    time_format:
+                                      type: string
+                                    time_key:
+                                      type: string
+                                    timezone:
+                                      type: string
+                                  required:
+                                  - pattern
+                                  type: object
+                                type: array
+                              keep_time_key:
+                                type: boolean
+                              keys:
+                                type: string
+                              label_delimiter:
+                                type: string
+                              local_time:
+                                type: boolean
+                              multiline:
+                                items:
+                                  type: string
+                                type: array
+                              multiline_start_regexp:
+                                type: string
+                              null_empty_string:
+                                type: boolean
+                              null_value_pattern:
+                                type: string
+                              patterns:
+                                items:
+                                  properties:
+                                    custom_pattern_path:
+                                      properties:
+                                        mountFrom:
+                                          properties:
+                                            secretKeyRef:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                                optional:
+                                                  type: boolean
+                                              required:
+                                              - key
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          type: object
+                                        value:
+                                          type: string
+                                        valueFrom:
+                                          properties:
+                                            secretKeyRef:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                                optional:
+                                                  type: boolean
+                                              required:
+                                              - key
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          type: object
+                                      type: object
+                                    estimate_current_event:
+                                      type: boolean
+                                    expression:
+                                      type: string
+                                    format:
+                                      type: string
+                                    grok_failure_key:
+                                      type: string
+                                    grok_name_key:
+                                      type: string
+                                    grok_pattern:
+                                      type: string
+                                    grok_patterns:
+                                      items:
+                                        properties:
+                                          keep_time_key:
+                                            type: boolean
+                                          name:
+                                            type: string
+                                          pattern:
+                                            type: string
+                                          time_format:
+                                            type: string
+                                          time_key:
+                                            type: string
+                                          timezone:
+                                            type: string
+                                        required:
+                                        - pattern
+                                        type: object
+                                      type: array
+                                    keep_time_key:
+                                      type: boolean
+                                    local_time:
+                                      type: boolean
+                                    multiline_start_regexp:
+                                      type: string
+                                    null_empty_string:
+                                      type: boolean
+                                    null_value_pattern:
+                                      type: string
+                                    time_format:
+                                      type: string
+                                    time_key:
+                                      type: string
+                                    time_type:
+                                      type: string
+                                    timezone:
+                                      type: string
+                                    type:
+                                      type: string
+                                    types:
+                                      type: string
+                                    utc:
+                                      type: boolean
+                                  type: object
+                                type: array
+                              time_format:
+                                type: string
+                              time_key:
+                                type: string
+                              time_type:
+                                type: string
+                              timezone:
+                                type: string
+                              type:
+                                type: string
+                              types:
+                                type: string
+                              utc:
+                                type: boolean
+                            type: object
+                          type: array
+                        remove_key_name_field:
+                          type: boolean
+                        replace_invalid_sequence:
+                          type: boolean
+                        reserve_data:
+                          type: boolean
+                        reserve_time:
+                          type: boolean
+                      type: object
+                    prometheus:
+                      properties:
+                        labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        metrics:
+                          items:
+                            properties:
+                              buckets:
+                                type: string
+                              desc:
+                                type: string
+                              key:
+                                type: string
+                              labels:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                              name:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - desc
+                            - name
+                            - type
+                            type: object
+                          type: array
+                      type: object
+                    record_modifier:
+                      properties:
+                        char_encoding:
+                          type: string
+                        prepare_value:
+                          type: string
+                        records:
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          type: array
+                        remove_keys:
+                          type: string
+                        replaces:
+                          items:
+                            properties:
+                              expression:
+                                type: string
+                              key:
+                                type: string
+                              replace:
+                                type: string
+                            required:
+                            - expression
+                            - key
+                            - replace
+                            type: object
+                          type: array
+                        whitelist_keys:
+                          type: string
+                      type: object
+                    record_transformer:
+                      properties:
+                        auto_typecast:
+                          type: boolean
+                        enable_ruby:
+                          type: boolean
+                        keep_keys:
+                          type: string
+                        records:
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          type: array
+                        remove_keys:
+                          type: string
+                        renew_record:
+                          type: boolean
+                        renew_time_key:
+                          type: string
+                      type: object
+                    stdout:
+                      properties:
+                        output_type:
+                          type: string
+                      type: object
+                    sumologic:
+                      properties:
+                        collector_key_name:
+                          type: string
+                        collector_value:
+                          type: string
+                        exclude_container_regex:
+                          type: string
+                        exclude_facility_regex:
+                          type: string
+                        exclude_host_regex:
+                          type: string
+                        exclude_namespace_regex:
+                          type: string
+                        exclude_pod_regex:
+                          type: string
+                        exclude_priority_regex:
+                          type: string
+                        exclude_unit_regex:
+                          type: string
+                        log_format:
+                          type: string
+                        source_category:
+                          type: string
+                        source_category_key_name:
+                          type: string
+                        source_category_prefix:
+                          type: string
+                        source_category_replace_dash:
+                          type: string
+                        source_host:
+                          type: string
+                        source_host_key_name:
+                          type: string
+                        source_name:
+                          type: string
+                        source_name_key_name:
+                          type: string
+                        tracing_annotation_prefix:
+                          type: string
+                        tracing_container_name:
+                          type: string
+                        tracing_format:
+                          type: boolean
+                        tracing_host:
+                          type: string
+                        tracing_label_prefix:
+                          type: string
+                        tracing_namespace:
+                          type: string
+                        tracing_pod:
+                          type: string
+                        tracing_pod_id:
+                          type: string
+                      type: object
+                    tag_normaliser:
+                      properties:
+                        format:
+                          type: string
+                        match_tag:
+                          type: string
+                      type: object
+                    throttle:
+                      properties:
+                        group_bucket_limit:
+                          type: integer
+                        group_bucket_period_s:
+                          type: integer
+                        group_drop_logs:
+                          type: boolean
+                        group_key:
+                          type: string
+                        group_reset_rate_s:
+                          type: integer
+                        group_warning_delay_s:
+                          type: integer
+                      type: object
+                    useragent:
+                      properties:
+                        delete_key:
+                          type: boolean
+                        flatten:
+                          type: boolean
+                        key_name:
+                          type: string
+                        out_key:
+                          type: string
+                      type: object
+                  type: object
+                type: array
+              flowLabel:
+                type: string
+              globalOutputRefs:
+                items:
+                  type: string
+                type: array
+              includeLabelInRouter:
+                type: boolean
+              loggingRef:
+                type: string
+              match:
+                items:
+                  properties:
+                    exclude:
+                      properties:
+                        container_names:
+                          items:
+                            type: string
+                          type: array
+                        hosts:
+                          items:
+                            type: string
+                          type: array
+                        labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        namespace_labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        namespaces:
+                          items:
+                            type: string
+                          type: array
+                      type: object
+                    select:
+                      properties:
+                        container_names:
+                          items:
+                            type: string
+                          type: array
+                        hosts:
+                          items:
+                            type: string
+                          type: array
+                        labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        namespace_labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        namespaces:
+                          items:
+                            type: string
+                          type: array
+                      type: object
+                  type: object
+                type: array
+              outputRefs:
+                items:
+                  type: string
+                type: array
+              selectors:
+                additionalProperties:
+                  type: string
+                type: object
+            type: object
+          status:
+            properties:
+              active:
+                type: boolean
+              problems:
+                items:
+                  type: string
+                type: array
+              problemsCount:
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - additionalPrinterColumns:
+    - description: Is the flow active?
+      jsonPath: .status.active
+      name: Active
+      type: boolean
+    - description: Number of problems
+      jsonPath: .status.problemsCount
+      name: Problems
+      type: integer
+    name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              filters:
+                items:
+                  properties:
+                    concat:
+                      properties:
+                        continuous_line_regexp:
+                          type: string
+                        flush_interval:
+                          type: integer
+                        keep_partial_key:
+                          type: boolean
+                        keep_partial_metadata:
+                          type: string
+                        key:
+                          type: string
+                        multiline_end_regexp:
+                          type: string
+                        multiline_start_regexp:
+                          type: string
+                        n_lines:
+                          type: integer
+                        partial_cri_logtag_key:
+                          type: string
+                        partial_cri_stream_key:
+                          type: string
+                        partial_key:
+                          type: string
+                        partial_metadata_format:
+                          type: string
+                        partial_value:
+                          type: string
+                        separator:
+                          type: string
+                        stream_identity_key:
+                          type: string
+                        timeout_label:
+                          type: string
+                        use_first_timestamp:
+                          type: boolean
+                        use_partial_cri_logtag:
+                          type: boolean
+                        use_partial_metadata:
+                          type: string
+                      type: object
+                    dedot:
+                      properties:
+                        de_dot_nested:
+                          type: boolean
+                        de_dot_separator:
+                          type: string
+                      type: object
+                    detectExceptions:
+                      properties:
+                        force_line_breaks:
+                          type: boolean
+                        languages:
+                          items:
+                            type: string
+                          type: array
+                        match_tag:
+                          type: string
+                        max_bytes:
+                          type: integer
+                        max_lines:
+                          type: integer
+                        message:
+                          type: string
+                        multiline_flush_interval:
+                          type: string
+                        remove_tag_prefix:
+                          type: string
+                        stream:
+                          type: string
+                      type: object
+                    elasticsearch_genid:
+                      properties:
+                        hash_id_key:
+                          type: string
+                        hash_type:
+                          type: string
+                        include_tag_in_seed:
+                          type: boolean
+                        include_time_in_seed:
+                          type: boolean
+                        record_keys:
+                          type: string
+                        separator:
+                          type: string
+                        use_entire_record:
+                          type: boolean
+                        use_record_as_seed:
+                          type: boolean
+                      type: object
+                    enhanceK8s:
+                      properties:
+                        api_groups:
+                          items:
+                            type: string
+                          type: array
+                        bearer_token_file:
+                          type: string
+                        ca_file:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        cache_refresh:
+                          type: integer
+                        cache_refresh_variation:
+                          type: integer
+                        cache_size:
+                          type: integer
+                        cache_ttl:
+                          type: integer
+                        client_cert:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        client_key:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        core_api_versions:
+                          items:
+                            type: string
+                          type: array
+                        data_type:
+                          type: string
+                        in_namespace_path:
+                          items:
+                            type: string
+                          type: array
+                        in_pod_path:
+                          items:
+                            type: string
+                          type: array
+                        kubernetes_url:
+                          type: string
+                        secret_dir:
+                          type: string
+                        ssl_partial_chain:
+                          type: boolean
+                        verify_ssl:
+                          type: boolean
+                      type: object
+                    geoip:
+                      properties:
+                        backend_library:
+                          type: string
+                        geoip_database:
+                          type: string
+                        geoip_lookup_keys:
+                          type: string
+                        geoip2_database:
+                          type: string
+                        records:
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          type: array
+                        skip_adding_null_record:
+                          type: boolean
+                      type: object
+                    grep:
+                      properties:
+                        and:
+                          items:
+                            properties:
+                              exclude:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                              regexp:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                            type: object
+                          type: array
+                        exclude:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              pattern:
+                                type: string
+                            required:
+                            - key
+                            - pattern
+                            type: object
+                          type: array
+                        or:
+                          items:
+                            properties:
+                              exclude:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                              regexp:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                            type: object
+                          type: array
+                        regexp:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              pattern:
+                                type: string
+                            required:
+                            - key
+                            - pattern
+                            type: object
+                          type: array
+                      type: object
+                    kube_events_timestamp:
+                      properties:
+                        mapped_time_key:
+                          type: string
+                        timestamp_fields:
+                          items:
+                            type: string
+                          type: array
+                      type: object
+                    parser:
+                      properties:
+                        emit_invalid_record_to_error:
+                          type: boolean
+                        hash_value_field:
+                          type: string
+                        inject_key_prefix:
+                          type: string
+                        key_name:
+                          type: string
+                        parse:
+                          properties:
+                            custom_pattern_path:
+                              properties:
+                                mountFrom:
+                                  properties:
+                                    secretKeyRef:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                value:
+                                  type: string
+                                valueFrom:
+                                  properties:
+                                    secretKeyRef:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                              type: object
+                            delimiter:
+                              type: string
+                            delimiter_pattern:
+                              type: string
+                            estimate_current_event:
+                              type: boolean
+                            expression:
+                              type: string
+                            format:
+                              type: string
+                            format_firstline:
+                              type: string
+                            grok_failure_key:
+                              type: string
+                            grok_name_key:
+                              type: string
+                            grok_pattern:
+                              type: string
+                            grok_patterns:
+                              items:
+                                properties:
+                                  keep_time_key:
+                                    type: boolean
+                                  name:
+                                    type: string
+                                  pattern:
+                                    type: string
+                                  time_format:
+                                    type: string
+                                  time_key:
+                                    type: string
+                                  timezone:
+                                    type: string
+                                required:
+                                - pattern
+                                type: object
+                              type: array
+                            keep_time_key:
+                              type: boolean
+                            keys:
+                              type: string
+                            label_delimiter:
+                              type: string
+                            local_time:
+                              type: boolean
+                            multiline:
+                              items:
+                                type: string
+                              type: array
+                            multiline_start_regexp:
+                              type: string
+                            null_empty_string:
+                              type: boolean
+                            null_value_pattern:
+                              type: string
+                            patterns:
+                              items:
+                                properties:
+                                  custom_pattern_path:
+                                    properties:
+                                      mountFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            required:
+                                            - key
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            required:
+                                            - key
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                    type: object
+                                  estimate_current_event:
+                                    type: boolean
+                                  expression:
+                                    type: string
+                                  format:
+                                    type: string
+                                  grok_failure_key:
+                                    type: string
+                                  grok_name_key:
+                                    type: string
+                                  grok_pattern:
+                                    type: string
+                                  grok_patterns:
+                                    items:
+                                      properties:
+                                        keep_time_key:
+                                          type: boolean
+                                        name:
+                                          type: string
+                                        pattern:
+                                          type: string
+                                        time_format:
+                                          type: string
+                                        time_key:
+                                          type: string
+                                        timezone:
+                                          type: string
+                                      required:
+                                      - pattern
+                                      type: object
+                                    type: array
+                                  keep_time_key:
+                                    type: boolean
+                                  local_time:
+                                    type: boolean
+                                  multiline_start_regexp:
+                                    type: string
+                                  null_empty_string:
+                                    type: boolean
+                                  null_value_pattern:
+                                    type: string
+                                  time_format:
+                                    type: string
+                                  time_key:
+                                    type: string
+                                  time_type:
+                                    type: string
+                                  timezone:
+                                    type: string
+                                  type:
+                                    type: string
+                                  types:
+                                    type: string
+                                  utc:
+                                    type: boolean
+                                type: object
+                              type: array
+                            time_format:
+                              type: string
+                            time_key:
+                              type: string
+                            time_type:
+                              type: string
+                            timezone:
+                              type: string
+                            type:
+                              type: string
+                            types:
+                              type: string
+                            utc:
+                              type: boolean
+                          type: object
+                        parsers:
+                          items:
+                            properties:
+                              custom_pattern_path:
+                                properties:
+                                  mountFrom:
+                                    properties:
+                                      secretKeyRef:
+                                        properties:
+                                          key:
+                                            type: string
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  value:
+                                    type: string
+                                  valueFrom:
+                                    properties:
+                                      secretKeyRef:
+                                        properties:
+                                          key:
+                                            type: string
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                type: object
+                              delimiter:
+                                type: string
+                              delimiter_pattern:
+                                type: string
+                              estimate_current_event:
+                                type: boolean
+                              expression:
+                                type: string
+                              format:
+                                type: string
+                              format_firstline:
+                                type: string
+                              grok_failure_key:
+                                type: string
+                              grok_name_key:
+                                type: string
+                              grok_pattern:
+                                type: string
+                              grok_patterns:
+                                items:
+                                  properties:
+                                    keep_time_key:
+                                      type: boolean
+                                    name:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                    time_format:
+                                      type: string
+                                    time_key:
+                                      type: string
+                                    timezone:
+                                      type: string
+                                  required:
+                                  - pattern
+                                  type: object
+                                type: array
+                              keep_time_key:
+                                type: boolean
+                              keys:
+                                type: string
+                              label_delimiter:
+                                type: string
+                              local_time:
+                                type: boolean
+                              multiline:
+                                items:
+                                  type: string
+                                type: array
+                              multiline_start_regexp:
+                                type: string
+                              null_empty_string:
+                                type: boolean
+                              null_value_pattern:
+                                type: string
+                              patterns:
+                                items:
+                                  properties:
+                                    custom_pattern_path:
+                                      properties:
+                                        mountFrom:
+                                          properties:
+                                            secretKeyRef:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                                optional:
+                                                  type: boolean
+                                              required:
+                                              - key
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          type: object
+                                        value:
+                                          type: string
+                                        valueFrom:
+                                          properties:
+                                            secretKeyRef:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                                optional:
+                                                  type: boolean
+                                              required:
+                                              - key
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          type: object
+                                      type: object
+                                    estimate_current_event:
+                                      type: boolean
+                                    expression:
+                                      type: string
+                                    format:
+                                      type: string
+                                    grok_failure_key:
+                                      type: string
+                                    grok_name_key:
+                                      type: string
+                                    grok_pattern:
+                                      type: string
+                                    grok_patterns:
+                                      items:
+                                        properties:
+                                          keep_time_key:
+                                            type: boolean
+                                          name:
+                                            type: string
+                                          pattern:
+                                            type: string
+                                          time_format:
+                                            type: string
+                                          time_key:
+                                            type: string
+                                          timezone:
+                                            type: string
+                                        required:
+                                        - pattern
+                                        type: object
+                                      type: array
+                                    keep_time_key:
+                                      type: boolean
+                                    local_time:
+                                      type: boolean
+                                    multiline_start_regexp:
+                                      type: string
+                                    null_empty_string:
+                                      type: boolean
+                                    null_value_pattern:
+                                      type: string
+                                    time_format:
+                                      type: string
+                                    time_key:
+                                      type: string
+                                    time_type:
+                                      type: string
+                                    timezone:
+                                      type: string
+                                    type:
+                                      type: string
+                                    types:
+                                      type: string
+                                    utc:
+                                      type: boolean
+                                  type: object
+                                type: array
+                              time_format:
+                                type: string
+                              time_key:
+                                type: string
+                              time_type:
+                                type: string
+                              timezone:
+                                type: string
+                              type:
+                                type: string
+                              types:
+                                type: string
+                              utc:
+                                type: boolean
+                            type: object
+                          type: array
+                        remove_key_name_field:
+                          type: boolean
+                        replace_invalid_sequence:
+                          type: boolean
+                        reserve_data:
+                          type: boolean
+                        reserve_time:
+                          type: boolean
+                      type: object
+                    prometheus:
+                      properties:
+                        labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        metrics:
+                          items:
+                            properties:
+                              buckets:
+                                type: string
+                              desc:
+                                type: string
+                              key:
+                                type: string
+                              labels:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                              name:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - desc
+                            - name
+                            - type
+                            type: object
+                          type: array
+                      type: object
+                    record_modifier:
+                      properties:
+                        char_encoding:
+                          type: string
+                        prepare_value:
+                          type: string
+                        records:
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          type: array
+                        remove_keys:
+                          type: string
+                        replaces:
+                          items:
+                            properties:
+                              expression:
+                                type: string
+                              key:
+                                type: string
+                              replace:
+                                type: string
+                            required:
+                            - expression
+                            - key
+                            - replace
+                            type: object
+                          type: array
+                        whitelist_keys:
+                          type: string
+                      type: object
+                    record_transformer:
+                      properties:
+                        auto_typecast:
+                          type: boolean
+                        enable_ruby:
+                          type: boolean
+                        keep_keys:
+                          type: string
+                        records:
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          type: array
+                        remove_keys:
+                          type: string
+                        renew_record:
+                          type: boolean
+                        renew_time_key:
+                          type: string
+                      type: object
+                    stdout:
+                      properties:
+                        output_type:
+                          type: string
+                      type: object
+                    sumologic:
+                      properties:
+                        collector_key_name:
+                          type: string
+                        collector_value:
+                          type: string
+                        exclude_container_regex:
+                          type: string
+                        exclude_facility_regex:
+                          type: string
+                        exclude_host_regex:
+                          type: string
+                        exclude_namespace_regex:
+                          type: string
+                        exclude_pod_regex:
+                          type: string
+                        exclude_priority_regex:
+                          type: string
+                        exclude_unit_regex:
+                          type: string
+                        log_format:
+                          type: string
+                        source_category:
+                          type: string
+                        source_category_key_name:
+                          type: string
+                        source_category_prefix:
+                          type: string
+                        source_category_replace_dash:
+                          type: string
+                        source_host:
+                          type: string
+                        source_host_key_name:
+                          type: string
+                        source_name:
+                          type: string
+                        source_name_key_name:
+                          type: string
+                        tracing_annotation_prefix:
+                          type: string
+                        tracing_container_name:
+                          type: string
+                        tracing_format:
+                          type: boolean
+                        tracing_host:
+                          type: string
+                        tracing_label_prefix:
+                          type: string
+                        tracing_namespace:
+                          type: string
+                        tracing_pod:
+                          type: string
+                        tracing_pod_id:
+                          type: string
+                      type: object
+                    tag_normaliser:
+                      properties:
+                        format:
+                          type: string
+                        match_tag:
+                          type: string
+                      type: object
+                    throttle:
+                      properties:
+                        group_bucket_limit:
+                          type: integer
+                        group_bucket_period_s:
+                          type: integer
+                        group_drop_logs:
+                          type: boolean
+                        group_key:
+                          type: string
+                        group_reset_rate_s:
+                          type: integer
+                        group_warning_delay_s:
+                          type: integer
+                      type: object
+                    useragent:
+                      properties:
+                        delete_key:
+                          type: boolean
+                        flatten:
+                          type: boolean
+                        key_name:
+                          type: string
+                        out_key:
+                          type: string
+                      type: object
+                  type: object
+                type: array
+              flowLabel:
+                type: string
+              globalOutputRefs:
+                items:
+                  type: string
+                type: array
+              includeLabelInRouter:
+                type: boolean
+              loggingRef:
+                type: string
+              match:
+                items:
+                  properties:
+                    exclude:
+                      properties:
+                        container_names:
+                          items:
+                            type: string
+                          type: array
+                        hosts:
+                          items:
+                            type: string
+                          type: array
+                        labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        namespace_labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        namespaces:
+                          items:
+                            type: string
+                          type: array
+                      type: object
+                    select:
+                      properties:
+                        container_names:
+                          items:
+                            type: string
+                          type: array
+                        hosts:
+                          items:
+                            type: string
+                          type: array
+                        labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        namespace_labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        namespaces:
+                          items:
+                            type: string
+                          type: array
+                      type: object
+                  type: object
+                type: array
+              outputRefs:
+                items:
+                  type: string
+                type: array
+              selectors:
+                additionalProperties:
+                  type: string
+                type: object
+            type: object
+          status:
+            properties:
+              active:
+                type: boolean
+              problems:
+                items:
+                  type: string
+                type: array
+              problemsCount:
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_clusteroutputs.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_clusteroutputs.yaml
new file mode 100644
index 0000000000..4a5f05e03b
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_clusteroutputs.yaml
@@ -0,0 +1,14812 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: clusteroutputs.logging.banzaicloud.io
+spec:
+  group: logging.banzaicloud.io
+  names:
+    categories:
+    - logging-all
+    kind: ClusterOutput
+    listKind: ClusterOutputList
+    plural: clusteroutputs
+    singular: clusteroutput
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - description: Is the output active?
+      jsonPath: .status.active
+      name: Active
+      type: boolean
+    - description: Number of problems
+      jsonPath: .status.problemsCount
+      name: Problems
+      type: integer
+    name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              awsElasticsearch:
+                properties:
+                  api_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  application_name:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  bulk_message_request_threshold:
+                    type: string
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key_pass:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  compression_level:
+                    type: string
+                  content_type:
+                    type: string
+                  custom_headers:
+                    type: string
+                  customize_template:
+                    type: string
+                  data_stream_enable:
+                    type: boolean
+                  data_stream_ilm_name:
+                    type: string
+                  data_stream_ilm_policy:
+                    type: string
+                  data_stream_ilm_policy_overwrite:
+                    type: boolean
+                  data_stream_name:
+                    type: string
+                  data_stream_template_name:
+                    type: string
+                  default_elasticsearch_version:
+                    type: string
+                  deflector_alias:
+                    type: string
+                  enable_ilm:
+                    type: boolean
+                  endpoint:
+                    properties:
+                      access_key_id:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_arn:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_session_name:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_web_identity_token_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ecs_container_credentials_relative_uri:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      region:
+                        type: string
+                      secret_access_key:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      sts_credentials_region:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      url:
+                        type: string
+                    type: object
+                  exception_backup:
+                    type: boolean
+                  fail_on_detecting_es_version_retry_exceed:
+                    type: boolean
+                  fail_on_putting_template_retry_exceed:
+                    type: boolean
+                  flatten_hashes:
+                    type: boolean
+                  flatten_hashes_separator:
+                    type: string
+                  flush_interval:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  host:
+                    type: string
+                  hosts:
+                    type: string
+                  http_backend:
+                    type: string
+                  id_key:
+                    type: string
+                  ignore_exceptions:
+                    type: string
+                  ilm_policy:
+                    type: string
+                  ilm_policy_id:
+                    type: string
+                  ilm_policy_overwrite:
+                    type: boolean
+                  include_index_in_url:
+                    type: boolean
+                  include_tag_key:
+                    type: boolean
+                  include_timestamp:
+                    type: boolean
+                  index_date_pattern:
+                    type: string
+                  index_name:
+                    type: string
+                  index_prefix:
+                    type: string
+                  log_es_400_reason:
+                    type: boolean
+                  logstash_dateformat:
+                    type: string
+                  logstash_format:
+                    type: boolean
+                  logstash_prefix:
+                    type: string
+                  logstash_prefix_separator:
+                    type: string
+                  max_retry_get_es_version:
+                    type: string
+                  max_retry_putting_template:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  path:
+                    type: string
+                  pipeline:
+                    type: string
+                  port:
+                    type: integer
+                  prefer_oj_serializer:
+                    type: boolean
+                  reconnect_on_error:
+                    type: boolean
+                  reload_after:
+                    type: string
+                  reload_connections:
+                    type: boolean
+                  reload_on_failure:
+                    type: boolean
+                  remove_keys:
+                    type: string
+                  remove_keys_on_update:
+                    type: string
+                  remove_keys_on_update_key:
+                    type: string
+                  request_timeout:
+                    type: string
+                  resurrect_after:
+                    type: string
+                  retry_tag:
+                    type: string
+                  rollover_index:
+                    type: boolean
+                  routing_key:
+                    type: string
+                  scheme:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sniffer_class_name:
+                    type: string
+                  ssl_max_version:
+                    type: string
+                  ssl_min_version:
+                    type: string
+                  ssl_verify:
+                    type: boolean
+                  ssl_version:
+                    type: string
+                  suppress_doc_wrap:
+                    type: boolean
+                  suppress_type_name:
+                    type: boolean
+                  tag_key:
+                    type: string
+                  target_index_key:
+                    type: string
+                  target_type_key:
+                    type: string
+                  template_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  template_name:
+                    type: string
+                  template_overwrite:
+                    type: boolean
+                  templates:
+                    type: string
+                  time_key:
+                    type: string
+                  time_key_format:
+                    type: string
+                  time_parse_error_tag:
+                    type: string
+                  time_precision:
+                    type: string
+                  type_name:
+                    type: string
+                  unrecoverable_error_types:
+                    type: string
+                  use_legacy_template:
+                    type: boolean
+                  user:
+                    type: string
+                  utc_index:
+                    type: boolean
+                  validate_client_version:
+                    type: boolean
+                  verify_es_version_at_startup:
+                    type: boolean
+                  with_transporter_log:
+                    type: boolean
+                  write_operation:
+                    type: string
+                type: object
+              azurestorage:
+                properties:
+                  auto_create_container:
+                    type: boolean
+                  azure_cloud:
+                    type: string
+                  azure_container:
+                    type: string
+                  azure_imds_api_version:
+                    type: string
+                  azure_object_key_format:
+                    type: string
+                  azure_storage_access_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  azure_storage_account:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  azure_storage_sas_token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  format:
+                    type: string
+                  path:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                required:
+                - azure_container
+                - azure_storage_account
+                type: object
+              cloudwatch:
+                properties:
+                  auto_create_stream:
+                    type: boolean
+                  aws_instance_profile_credentials_retries:
+                    type: integer
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sts_role_arn:
+                    type: string
+                  aws_sts_session_name:
+                    type: string
+                  aws_use_sts:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  concurrency:
+                    type: integer
+                  endpoint:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  http_proxy:
+                    type: string
+                  include_time_key:
+                    type: boolean
+                  json_handler:
+                    type: string
+                  localtime:
+                    type: boolean
+                  log_group_aws_tags:
+                    type: string
+                  log_group_aws_tags_key:
+                    type: string
+                  log_group_name:
+                    type: string
+                  log_group_name_key:
+                    type: string
+                  log_rejected_request:
+                    type: string
+                  log_stream_name:
+                    type: string
+                  log_stream_name_key:
+                    type: string
+                  max_events_per_batch:
+                    type: integer
+                  max_message_length:
+                    type: integer
+                  message_keys:
+                    type: string
+                  put_log_events_disable_retry_limit:
+                    type: boolean
+                  put_log_events_retry_limit:
+                    type: integer
+                  put_log_events_retry_wait:
+                    type: string
+                  region:
+                    type: string
+                  remove_log_group_aws_tags_key:
+                    type: string
+                  remove_log_group_name_key:
+                    type: string
+                  remove_log_stream_name_key:
+                    type: string
+                  remove_retention_in_days:
+                    type: string
+                  retention_in_days:
+                    type: string
+                  retention_in_days_key:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  use_tag_as_group:
+                    type: boolean
+                  use_tag_as_stream:
+                    type: boolean
+                required:
+                - region
+                type: object
+              datadog:
+                properties:
+                  api_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  compression_level:
+                    type: string
+                  dd_hostname:
+                    type: string
+                  dd_source:
+                    type: string
+                  dd_sourcecategory:
+                    type: string
+                  dd_tags:
+                    type: string
+                  host:
+                    type: string
+                  include_tag_key:
+                    type: boolean
+                  max_backoff:
+                    type: string
+                  max_retries:
+                    type: string
+                  no_ssl_validation:
+                    type: boolean
+                  port:
+                    type: string
+                  service:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  ssl_port:
+                    type: string
+                  tag_key:
+                    type: string
+                  timestamp_key:
+                    type: string
+                  use_compression:
+                    type: boolean
+                  use_http:
+                    type: boolean
+                  use_json:
+                    type: boolean
+                  use_ssl:
+                    type: boolean
+                required:
+                - api_key
+                type: object
+              elasticsearch:
+                properties:
+                  api_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  application_name:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  bulk_message_request_threshold:
+                    type: string
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key_pass:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  compression_level:
+                    type: string
+                  content_type:
+                    type: string
+                  custom_headers:
+                    type: string
+                  customize_template:
+                    type: string
+                  data_stream_enable:
+                    type: boolean
+                  data_stream_ilm_name:
+                    type: string
+                  data_stream_ilm_policy:
+                    type: string
+                  data_stream_ilm_policy_overwrite:
+                    type: boolean
+                  data_stream_name:
+                    type: string
+                  data_stream_template_name:
+                    type: string
+                  default_elasticsearch_version:
+                    type: string
+                  deflector_alias:
+                    type: string
+                  enable_ilm:
+                    type: boolean
+                  exception_backup:
+                    type: boolean
+                  fail_on_detecting_es_version_retry_exceed:
+                    type: boolean
+                  fail_on_putting_template_retry_exceed:
+                    type: boolean
+                  flatten_hashes:
+                    type: boolean
+                  flatten_hashes_separator:
+                    type: string
+                  host:
+                    type: string
+                  hosts:
+                    type: string
+                  http_backend:
+                    type: string
+                  id_key:
+                    type: string
+                  ignore_exceptions:
+                    type: string
+                  ilm_policy:
+                    type: string
+                  ilm_policy_id:
+                    type: string
+                  ilm_policy_overwrite:
+                    type: boolean
+                  include_index_in_url:
+                    type: boolean
+                  include_tag_key:
+                    type: boolean
+                  include_timestamp:
+                    type: boolean
+                  index_date_pattern:
+                    type: string
+                  index_name:
+                    type: string
+                  index_prefix:
+                    type: string
+                  log_es_400_reason:
+                    type: boolean
+                  logstash_dateformat:
+                    type: string
+                  logstash_format:
+                    type: boolean
+                  logstash_prefix:
+                    type: string
+                  logstash_prefix_separator:
+                    type: string
+                  max_retry_get_es_version:
+                    type: string
+                  max_retry_putting_template:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  path:
+                    type: string
+                  pipeline:
+                    type: string
+                  port:
+                    type: integer
+                  prefer_oj_serializer:
+                    type: boolean
+                  reconnect_on_error:
+                    type: boolean
+                  reload_after:
+                    type: string
+                  reload_connections:
+                    type: boolean
+                  reload_on_failure:
+                    type: boolean
+                  remove_keys:
+                    type: string
+                  remove_keys_on_update:
+                    type: string
+                  remove_keys_on_update_key:
+                    type: string
+                  request_timeout:
+                    type: string
+                  resurrect_after:
+                    type: string
+                  retry_tag:
+                    type: string
+                  rollover_index:
+                    type: boolean
+                  routing_key:
+                    type: string
+                  scheme:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sniffer_class_name:
+                    type: string
+                  ssl_max_version:
+                    type: string
+                  ssl_min_version:
+                    type: string
+                  ssl_verify:
+                    type: boolean
+                  ssl_version:
+                    type: string
+                  suppress_doc_wrap:
+                    type: boolean
+                  suppress_type_name:
+                    type: boolean
+                  tag_key:
+                    type: string
+                  target_index_key:
+                    type: string
+                  target_type_key:
+                    type: string
+                  template_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  template_name:
+                    type: string
+                  template_overwrite:
+                    type: boolean
+                  templates:
+                    type: string
+                  time_key:
+                    type: string
+                  time_key_format:
+                    type: string
+                  time_parse_error_tag:
+                    type: string
+                  time_precision:
+                    type: string
+                  type_name:
+                    type: string
+                  unrecoverable_error_types:
+                    type: string
+                  use_legacy_template:
+                    type: boolean
+                  user:
+                    type: string
+                  utc_index:
+                    type: boolean
+                  validate_client_version:
+                    type: boolean
+                  verify_es_version_at_startup:
+                    type: boolean
+                  with_transporter_log:
+                    type: boolean
+                  write_operation:
+                    type: string
+                type: object
+              enabledNamespaces:
+                items:
+                  type: string
+                type: array
+              file:
+                properties:
+                  add_path_suffix:
+                    type: boolean
+                  append:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  compress:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  path:
+                    type: string
+                  path_suffix:
+                    type: string
+                  recompress:
+                    type: boolean
+                  slow_flush_log_threshold:
+                    type: string
+                  symlink_path:
+                    type: boolean
+                required:
+                - path
+                type: object
+              forward:
+                properties:
+                  ack_response_timeout:
+                    type: integer
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  connect_timeout:
+                    type: integer
+                  dns_round_robin:
+                    type: boolean
+                  expire_dns_cache:
+                    type: integer
+                  hard_timeout:
+                    type: integer
+                  heartbeat_interval:
+                    type: integer
+                  heartbeat_type:
+                    type: string
+                  ignore_network_errors_at_startup:
+                    type: boolean
+                  keepalive:
+                    type: boolean
+                  keepalive_timeout:
+                    type: integer
+                  phi_failure_detector:
+                    type: boolean
+                  phi_threshold:
+                    type: integer
+                  recover_wait:
+                    type: integer
+                  require_ack_response:
+                    type: boolean
+                  security:
+                    properties:
+                      allow_anonymous_source:
+                        type: boolean
+                      self_hostname:
+                        type: string
+                      shared_key:
+                        type: string
+                      user_auth:
+                        type: boolean
+                    required:
+                    - self_hostname
+                    - shared_key
+                    type: object
+                  send_timeout:
+                    type: integer
+                  servers:
+                    items:
+                      properties:
+                        host:
+                          type: string
+                        name:
+                          type: string
+                        password:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        port:
+                          type: integer
+                        shared_key:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        standby:
+                          type: boolean
+                        username:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        weight:
+                          type: integer
+                      required:
+                      - host
+                      type: object
+                    type: array
+                  slow_flush_log_threshold:
+                    type: string
+                  time_as_integer:
+                    type: boolean
+                  tls_allow_self_signed_cert:
+                    type: boolean
+                  tls_cert_logical_store_name:
+                    type: string
+                  tls_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_cert_thumbprint:
+                    type: string
+                  tls_cert_use_enterprise_store:
+                    type: boolean
+                  tls_ciphers:
+                    type: string
+                  tls_client_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_client_private_key_passphrase:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_client_private_key_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_insecure_mode:
+                    type: boolean
+                  tls_verify_hostname:
+                    type: boolean
+                  tls_version:
+                    type: string
+                  transport:
+                    type: string
+                  verify_connection_at_startup:
+                    type: boolean
+                required:
+                - servers
+                type: object
+              gcs:
+                properties:
+                  acl:
+                    type: string
+                  auto_create_bucket:
+                    type: boolean
+                  bucket:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  client_retries:
+                    type: integer
+                  client_timeout:
+                    type: integer
+                  credentials_json:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  encryption_key:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  hex_random_length:
+                    type: integer
+                  keyfile:
+                    type: string
+                  object_key_format:
+                    type: string
+                  object_metadata:
+                    items:
+                      properties:
+                        key:
+                          type: string
+                        value:
+                          type: string
+                      required:
+                      - key
+                      - value
+                      type: object
+                    type: array
+                  overwrite:
+                    type: boolean
+                  path:
+                    type: string
+                  project:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  storage_class:
+                    type: string
+                  store_as:
+                    type: string
+                  transcoding:
+                    type: boolean
+                required:
+                - bucket
+                - project
+                type: object
+              gelf:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  host:
+                    type: string
+                  port:
+                    type: integer
+                  protocol:
+                    type: string
+                  tls:
+                    type: boolean
+                  tls_options:
+                    additionalProperties:
+                      type: string
+                    type: object
+                required:
+                - host
+                - port
+                type: object
+              http:
+                properties:
+                  auth:
+                    properties:
+                      password:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      username:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                    required:
+                    - password
+                    - username
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  content_type:
+                    type: string
+                  endpoint:
+                    type: string
+                  error_response_as_unrecoverable:
+                    type: boolean
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  headers:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  http_method:
+                    type: string
+                  json_array:
+                    type: boolean
+                  open_timeout:
+                    type: integer
+                  proxy:
+                    type: string
+                  read_timeout:
+                    type: integer
+                  retryable_response_codes:
+                    items:
+                      type: integer
+                    type: array
+                  slow_flush_log_threshold:
+                    type: string
+                  ssl_timeout:
+                    type: integer
+                  tls_ca_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_ciphers:
+                    type: string
+                  tls_client_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_private_key_passphrase:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_private_key_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_verify_mode:
+                    type: string
+                  tls_version:
+                    type: string
+                required:
+                - endpoint
+                type: object
+              kafka:
+                properties:
+                  ack_timeout:
+                    type: integer
+                  brokers:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  client_id:
+                    type: string
+                  compression_codec:
+                    type: string
+                  default_message_key:
+                    type: string
+                  default_partition_key:
+                    type: string
+                  default_topic:
+                    type: string
+                  discard_kafka_delivery_failed:
+                    type: boolean
+                  exclude_partion_key:
+                    type: boolean
+                  exclude_topic_key:
+                    type: boolean
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  get_kafka_client_log:
+                    type: boolean
+                  headers:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  headers_from_record:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  idempotent:
+                    type: boolean
+                  kafka_agg_max_bytes:
+                    type: integer
+                  kafka_agg_max_messages:
+                    type: integer
+                  keytab:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  max_send_retries:
+                    type: integer
+                  message_key_key:
+                    type: string
+                  partition_key:
+                    type: string
+                  partition_key_key:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  principal:
+                    type: string
+                  required_acks:
+                    type: integer
+                  sasl_over_ssl:
+                    type: boolean
+                  scram_mechanism:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  ssl_ca_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ssl_ca_certs_from_system:
+                    type: boolean
+                  ssl_client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ssl_client_cert_chain:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ssl_client_cert_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ssl_verify_hostname:
+                    type: boolean
+                  topic_key:
+                    type: string
+                  use_default_for_unknown_topic:
+                    type: boolean
+                  username:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                required:
+                - brokers
+                - format
+                type: object
+              kinesisFirehose:
+                properties:
+                  append_new_line:
+                    type: boolean
+                  assume_role_credentials:
+                    properties:
+                      duration_seconds:
+                        type: string
+                      external_id:
+                        type: string
+                      policy:
+                        type: string
+                      role_arn:
+                        type: string
+                      role_session_name:
+                        type: string
+                    required:
+                    - role_arn
+                    - role_session_name
+                    type: object
+                  aws_iam_retries:
+                    type: integer
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_ses_token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  batch_request_max_count:
+                    type: integer
+                  batch_request_max_size:
+                    type: integer
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  delivery_stream_name:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  process_credentials:
+                    properties:
+                      process:
+                        type: string
+                    required:
+                    - process
+                    type: object
+                  region:
+                    type: string
+                  reset_backoff_if_success:
+                    type: boolean
+                  retries_on_batch_request:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                required:
+                - delivery_stream_name
+                type: object
+              kinesisStream:
+                properties:
+                  assume_role_credentials:
+                    properties:
+                      duration_seconds:
+                        type: string
+                      external_id:
+                        type: string
+                      policy:
+                        type: string
+                      role_arn:
+                        type: string
+                      role_session_name:
+                        type: string
+                    required:
+                    - role_arn
+                    - role_session_name
+                    type: object
+                  aws_iam_retries:
+                    type: integer
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_ses_token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  batch_request_max_count:
+                    type: integer
+                  batch_request_max_size:
+                    type: integer
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  partition_key:
+                    type: string
+                  process_credentials:
+                    properties:
+                      process:
+                        type: string
+                    required:
+                    - process
+                    type: object
+                  region:
+                    type: string
+                  reset_backoff_if_success:
+                    type: boolean
+                  retries_on_batch_request:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                  stream_name:
+                    type: string
+                required:
+                - stream_name
+                type: object
+              logdna:
+                properties:
+                  api_key:
+                    type: string
+                  app:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  hostname:
+                    type: string
+                  ingester_domain:
+                    type: string
+                  ingester_endpoint:
+                    type: string
+                  request_timeout:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  tags:
+                    type: string
+                required:
+                - api_key
+                - hostname
+                type: object
+              loggingRef:
+                type: string
+              logz:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  bulk_limit:
+                    type: integer
+                  bulk_limit_warning_limit:
+                    type: integer
+                  endpoint:
+                    properties:
+                      port:
+                        type: integer
+                      token:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      url:
+                        type: string
+                    type: object
+                  gzip:
+                    type: boolean
+                  http_idle_timeout:
+                    type: integer
+                  output_include_tags:
+                    type: boolean
+                  output_include_time:
+                    type: boolean
+                  retry_count:
+                    type: integer
+                  retry_sleep:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                required:
+                - endpoint
+                type: object
+              loki:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  ca_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  configure_kubernetes_labels:
+                    type: boolean
+                  drop_single_key:
+                    type: boolean
+                  extra_labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  extract_kubernetes_labels:
+                    type: boolean
+                  include_thread_label:
+                    type: boolean
+                  insecure_tls:
+                    type: boolean
+                  key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  line_format:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  remove_keys:
+                    items:
+                      type: string
+                    type: array
+                  slow_flush_log_threshold:
+                    type: string
+                  tenant:
+                    type: string
+                  url:
+                    type: string
+                  username:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                type: object
+              mattermost:
+                properties:
+                  ca_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  channel_id:
+                    type: string
+                  enable_tls:
+                    type: boolean
+                  message:
+                    type: string
+                  message_color:
+                    type: string
+                  message_title:
+                    type: string
+                  webhook_url:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                required:
+                - webhook_url
+                type: object
+              newrelic:
+                properties:
+                  api_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  base_uri:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  license_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                type: object
+              nullout:
+                type: object
+              opensearch:
+                properties:
+                  application_name:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  bulk_message_request_threshold:
+                    type: string
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  catch_transport_exception_on_retry:
+                    type: boolean
+                  client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key_pass:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  compression_level:
+                    type: string
+                  custom_headers:
+                    type: string
+                  customize_template:
+                    type: string
+                  data_stream_enable:
+                    type: boolean
+                  data_stream_name:
+                    type: string
+                  data_stream_template_name:
+                    type: string
+                  default_opensearch_version:
+                    type: integer
+                  emit_error_for_missing_id:
+                    type: boolean
+                  emit_error_label_event:
+                    type: boolean
+                  endpoint:
+                    properties:
+                      access_key_id:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_arn:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_session_name:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_web_identity_token_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ecs_container_credentials_relative_uri:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      region:
+                        type: string
+                      secret_access_key:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      sts_credentials_region:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      url:
+                        type: string
+                    required:
+                    - url
+                    type: object
+                  exception_backup:
+                    type: boolean
+                  fail_on_detecting_os_version_retry_exceed:
+                    type: boolean
+                  fail_on_putting_template_retry_exceed:
+                    type: boolean
+                  flatten_hashes:
+                    type: boolean
+                  flatten_hashes_separator:
+                    type: string
+                  host:
+                    type: string
+                  hosts:
+                    type: string
+                  http_backend:
+                    type: string
+                  http_backend_excon_nonblock:
+                    type: boolean
+                  id_key:
+                    type: string
+                  ignore_exceptions:
+                    type: string
+                  include_index_in_url:
+                    type: boolean
+                  include_tag_key:
+                    type: boolean
+                  include_timestamp:
+                    type: boolean
+                  index_date_pattern:
+                    type: string
+                  index_name:
+                    type: string
+                  index_separator:
+                    type: string
+                  log_os_400_reason:
+                    type: boolean
+                  logstash_dateformat:
+                    type: string
+                  logstash_format:
+                    type: boolean
+                  logstash_prefix:
+                    type: string
+                  logstash_prefix_separator:
+                    type: string
+                  max_retry_get_os_version:
+                    type: integer
+                  max_retry_putting_template:
+                    type: string
+                  parent_key:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  path:
+                    type: string
+                  pipeline:
+                    type: string
+                  port:
+                    type: integer
+                  prefer_oj_serializer:
+                    type: boolean
+                  reconnect_on_error:
+                    type: boolean
+                  reload_after:
+                    type: string
+                  reload_connections:
+                    type: boolean
+                  reload_on_failure:
+                    type: boolean
+                  remove_keys_on_update:
+                    type: string
+                  remove_keys_on_update_key:
+                    type: string
+                  request_timeout:
+                    type: string
+                  resurrect_after:
+                    type: string
+                  retry_tag:
+                    type: string
+                  routing_key:
+                    type: string
+                  scheme:
+                    type: string
+                  selector_class_name:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sniffer_class_name:
+                    type: string
+                  ssl_verify:
+                    type: boolean
+                  ssl_version:
+                    type: string
+                  suppress_doc_wrap:
+                    type: boolean
+                  suppress_type_name:
+                    type: boolean
+                  tag_key:
+                    type: string
+                  target_index_affinity:
+                    type: boolean
+                  target_index_key:
+                    type: string
+                  template_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  template_name:
+                    type: string
+                  template_overwrite:
+                    type: boolean
+                  templates:
+                    type: string
+                  time_key:
+                    type: string
+                  time_key_exclude_timestamp:
+                    type: boolean
+                  time_key_format:
+                    type: string
+                  time_parse_error_tag:
+                    type: string
+                  time_precision:
+                    type: string
+                  truncate_caches_interval:
+                    type: string
+                  unrecoverable_error_types:
+                    type: string
+                  unrecoverable_record_types:
+                    type: string
+                  use_legacy_template:
+                    type: boolean
+                  user:
+                    type: string
+                  utc_index:
+                    type: boolean
+                  validate_client_version:
+                    type: boolean
+                  verify_os_version_at_startup:
+                    type: boolean
+                  with_transporter_log:
+                    type: boolean
+                  write_operation:
+                    type: string
+                type: object
+              oss:
+                properties:
+                  access_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  access_key_secret:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  auto_create_bucket:
+                    type: boolean
+                  bucket:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  check_bucket:
+                    type: boolean
+                  check_object:
+                    type: boolean
+                  download_crc_enable:
+                    type: boolean
+                  endpoint:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  hex_random_length:
+                    type: integer
+                  index_format:
+                    type: string
+                  key_format:
+                    type: string
+                  open_timeout:
+                    type: integer
+                  oss_sdk_log_dir:
+                    type: string
+                  overwrite:
+                    type: boolean
+                  path:
+                    type: string
+                  read_timeout:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                  store_as:
+                    type: string
+                  upload_crc_enable:
+                    type: boolean
+                  warn_for_delay:
+                    type: string
+                required:
+                - access_key_id
+                - access_key_secret
+                - bucket
+                - endpoint
+                type: object
+              protected:
+                type: boolean
+              redis:
+                properties:
+                  allow_duplicate_key:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  db_number:
+                    type: integer
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  host:
+                    type: string
+                  insert_key_prefix:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  port:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                  strftime_format:
+                    type: string
+                  ttl:
+                    type: integer
+                type: object
+              relabel:
+                properties:
+                  label:
+                    type: string
+                required:
+                - label
+                type: object
+              s3:
+                properties:
+                  acl:
+                    type: string
+                  assume_role_credentials:
+                    properties:
+                      duration_seconds:
+                        type: string
+                      external_id:
+                        type: string
+                      policy:
+                        type: string
+                      role_arn:
+                        type: string
+                      role_session_name:
+                        type: string
+                    required:
+                    - role_arn
+                    - role_session_name
+                    type: object
+                  auto_create_bucket:
+                    type: string
+                  aws_iam_retries:
+                    type: string
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  check_apikey_on_start:
+                    type: string
+                  check_bucket:
+                    type: string
+                  check_object:
+                    type: string
+                  clustername:
+                    type: string
+                  compress:
+                    properties:
+                      parquet_compression_codec:
+                        type: string
+                      parquet_page_size:
+                        type: string
+                      parquet_row_group_size:
+                        type: string
+                      record_type:
+                        type: string
+                      schema_file:
+                        type: string
+                      schema_type:
+                        type: string
+                    type: object
+                  compute_checksums:
+                    type: string
+                  enable_transfer_acceleration:
+                    type: string
+                  force_path_style:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  grant_full_control:
+                    type: string
+                  grant_read:
+                    type: string
+                  grant_read_acp:
+                    type: string
+                  grant_write_acp:
+                    type: string
+                  hex_random_length:
+                    type: string
+                  index_format:
+                    type: string
+                  instance_profile_credentials:
+                    properties:
+                      http_open_timeout:
+                        type: string
+                      http_read_timeout:
+                        type: string
+                      ip_address:
+                        type: string
+                      port:
+                        type: string
+                      retries:
+                        type: string
+                    type: object
+                  oneeye_format:
+                    type: boolean
+                  overwrite:
+                    type: string
+                  path:
+                    type: string
+                  proxy_uri:
+                    type: string
+                  s3_bucket:
+                    type: string
+                  s3_endpoint:
+                    type: string
+                  s3_metadata:
+                    type: string
+                  s3_object_key_format:
+                    type: string
+                  s3_region:
+                    type: string
+                  shared_credentials:
+                    properties:
+                      path:
+                        type: string
+                      profile_name:
+                        type: string
+                    type: object
+                  signature_version:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sse_customer_algorithm:
+                    type: string
+                  sse_customer_key:
+                    type: string
+                  sse_customer_key_md5:
+                    type: string
+                  ssekms_key_id:
+                    type: string
+                  ssl_verify_peer:
+                    type: string
+                  storage_class:
+                    type: string
+                  store_as:
+                    type: string
+                  use_bundled_cert:
+                    type: string
+                  use_server_side_encryption:
+                    type: string
+                  warn_for_delay:
+                    type: string
+                required:
+                - s3_bucket
+                type: object
+              splunkHec:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ca_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  coerce_to_utf8:
+                    type: boolean
+                  data_type:
+                    type: string
+                  fields:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  hec_host:
+                    type: string
+                  hec_port:
+                    type: integer
+                  hec_token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  host:
+                    type: string
+                  host_key:
+                    type: string
+                  idle_timeout:
+                    type: integer
+                  index:
+                    type: string
+                  index_key:
+                    type: string
+                  insecure_ssl:
+                    type: boolean
+                  keep_keys:
+                    type: boolean
+                  metric_name_key:
+                    type: string
+                  metric_value_key:
+                    type: string
+                  metrics_from_event:
+                    type: boolean
+                  non_utf8_replacement_string:
+                    type: string
+                  open_timeout:
+                    type: integer
+                  protocol:
+                    type: string
+                  read_timeout:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                  source:
+                    type: string
+                  source_key:
+                    type: string
+                  sourcetype:
+                    type: string
+                  sourcetype_key:
+                    type: string
+                  ssl_ciphers:
+                    type: string
+                required:
+                - hec_host
+                - hec_token
+                type: object
+              sqs:
+                properties:
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  create_queue:
+                    type: boolean
+                  delay_seconds:
+                    type: integer
+                  include_tag:
+                    type: boolean
+                  message_group_id:
+                    type: string
+                  queue_name:
+                    type: string
+                  region:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sqs_url:
+                    type: string
+                  tag_property_name:
+                    type: string
+                type: object
+              sumologic:
+                properties:
+                  add_timestamp:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  compress:
+                    type: boolean
+                  compress_encoding:
+                    type: string
+                  custom_dimensions:
+                    type: string
+                  custom_fields:
+                    items:
+                      type: string
+                    type: array
+                  data_type:
+                    type: string
+                  delimiter:
+                    type: string
+                  disable_cookies:
+                    type: boolean
+                  endpoint:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  log_format:
+                    type: string
+                  log_key:
+                    type: string
+                  metric_data_format:
+                    type: string
+                  open_timeout:
+                    type: integer
+                  proxy_uri:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  source_category:
+                    type: string
+                  source_host:
+                    type: string
+                  source_name:
+                    type: string
+                  source_name_key:
+                    type: string
+                  sumo_client:
+                    type: string
+                  timestamp_key:
+                    type: string
+                  verify_ssl:
+                    type: boolean
+                required:
+                - endpoint
+                - source_name
+                type: object
+              syslog:
+                properties:
+                  allow_self_signed_cert:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  client_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  enable_system_cert_store:
+                    type: boolean
+                  format:
+                    properties:
+                      app_name_field:
+                        type: string
+                      hostname_field:
+                        type: string
+                      log_field:
+                        type: string
+                      message_id_field:
+                        type: string
+                      proc_id_field:
+                        type: string
+                      rfc6587_message_size:
+                        type: boolean
+                      structured_data_field:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  fqdn:
+                    type: string
+                  host:
+                    type: string
+                  insecure:
+                    type: boolean
+                  port:
+                    type: integer
+                  private_key_passphrase:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  private_key_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  slow_flush_log_threshold:
+                    type: string
+                  transport:
+                    type: string
+                  trusted_ca_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  verify_fqdn:
+                    type: boolean
+                  version:
+                    type: string
+                required:
+                - host
+                type: object
+              vmwareLogInsight:
+                properties:
+                  agent_id:
+                    type: string
+                  authentication:
+                    enum:
+                    - nil
+                    - basic
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  config_param:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  flatten_hashes:
+                    type: boolean
+                  flatten_hashes_separator:
+                    type: string
+                  host:
+                    type: string
+                  http_conn_debug:
+                    type: boolean
+                  http_method:
+                    enum:
+                    - post
+                    type: string
+                  log_text_keys:
+                    items:
+                      type: string
+                    type: array
+                  max_batch_size:
+                    type: integer
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  path:
+                    type: string
+                  port:
+                    type: integer
+                  raise_on_error:
+                    type: boolean
+                  rate_limit_msec:
+                    type: integer
+                  request_retries:
+                    type: integer
+                  request_timeout:
+                    type: integer
+                  scheme:
+                    enum:
+                    - http
+                    - https
+                    type: string
+                  serializer:
+                    enum:
+                    - json
+                    type: string
+                  shorten_keys:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  ssl_verify:
+                    type: boolean
+                  username:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                type: object
+              vmwareLogIntelligence:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  endpoint_url:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  headers:
+                    properties:
+                      authorization:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      content_type:
+                        type: string
+                      structure:
+                        type: string
+                    required:
+                    - authorization
+                    - content_type
+                    - structure
+                    type: object
+                  http_compress:
+                    type: boolean
+                  verify_ssl:
+                    type: boolean
+                required:
+                - endpoint_url
+                - headers
+                - verify_ssl
+                type: object
+            type: object
+          status:
+            properties:
+              active:
+                type: boolean
+              problems:
+                items:
+                  type: string
+                type: array
+              problemsCount:
+                type: integer
+            type: object
+        required:
+        - spec
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - additionalPrinterColumns:
+    - description: Is the output active?
+      jsonPath: .status.active
+      name: Active
+      type: boolean
+    - description: Number of problems
+      jsonPath: .status.problemsCount
+      name: Problems
+      type: integer
+    name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              awsElasticsearch:
+                properties:
+                  api_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  application_name:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  bulk_message_request_threshold:
+                    type: string
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key_pass:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  compression_level:
+                    type: string
+                  content_type:
+                    type: string
+                  custom_headers:
+                    type: string
+                  customize_template:
+                    type: string
+                  data_stream_enable:
+                    type: boolean
+                  data_stream_ilm_name:
+                    type: string
+                  data_stream_ilm_policy:
+                    type: string
+                  data_stream_ilm_policy_overwrite:
+                    type: boolean
+                  data_stream_name:
+                    type: string
+                  data_stream_template_name:
+                    type: string
+                  default_elasticsearch_version:
+                    type: string
+                  deflector_alias:
+                    type: string
+                  enable_ilm:
+                    type: boolean
+                  endpoint:
+                    properties:
+                      access_key_id:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_arn:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_session_name:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_web_identity_token_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ecs_container_credentials_relative_uri:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      region:
+                        type: string
+                      secret_access_key:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      sts_credentials_region:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      url:
+                        type: string
+                    type: object
+                  exception_backup:
+                    type: boolean
+                  fail_on_detecting_es_version_retry_exceed:
+                    type: boolean
+                  fail_on_putting_template_retry_exceed:
+                    type: boolean
+                  flatten_hashes:
+                    type: boolean
+                  flatten_hashes_separator:
+                    type: string
+                  flush_interval:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  host:
+                    type: string
+                  hosts:
+                    type: string
+                  http_backend:
+                    type: string
+                  id_key:
+                    type: string
+                  ignore_exceptions:
+                    type: string
+                  ilm_policy:
+                    type: string
+                  ilm_policy_id:
+                    type: string
+                  ilm_policy_overwrite:
+                    type: boolean
+                  include_index_in_url:
+                    type: boolean
+                  include_tag_key:
+                    type: boolean
+                  include_timestamp:
+                    type: boolean
+                  index_date_pattern:
+                    type: string
+                  index_name:
+                    type: string
+                  index_prefix:
+                    type: string
+                  log_es_400_reason:
+                    type: boolean
+                  logstash_dateformat:
+                    type: string
+                  logstash_format:
+                    type: boolean
+                  logstash_prefix:
+                    type: string
+                  logstash_prefix_separator:
+                    type: string
+                  max_retry_get_es_version:
+                    type: string
+                  max_retry_putting_template:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  path:
+                    type: string
+                  pipeline:
+                    type: string
+                  port:
+                    type: integer
+                  prefer_oj_serializer:
+                    type: boolean
+                  reconnect_on_error:
+                    type: boolean
+                  reload_after:
+                    type: string
+                  reload_connections:
+                    type: boolean
+                  reload_on_failure:
+                    type: boolean
+                  remove_keys:
+                    type: string
+                  remove_keys_on_update:
+                    type: string
+                  remove_keys_on_update_key:
+                    type: string
+                  request_timeout:
+                    type: string
+                  resurrect_after:
+                    type: string
+                  retry_tag:
+                    type: string
+                  rollover_index:
+                    type: boolean
+                  routing_key:
+                    type: string
+                  scheme:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sniffer_class_name:
+                    type: string
+                  ssl_max_version:
+                    type: string
+                  ssl_min_version:
+                    type: string
+                  ssl_verify:
+                    type: boolean
+                  ssl_version:
+                    type: string
+                  suppress_doc_wrap:
+                    type: boolean
+                  suppress_type_name:
+                    type: boolean
+                  tag_key:
+                    type: string
+                  target_index_key:
+                    type: string
+                  target_type_key:
+                    type: string
+                  template_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  template_name:
+                    type: string
+                  template_overwrite:
+                    type: boolean
+                  templates:
+                    type: string
+                  time_key:
+                    type: string
+                  time_key_format:
+                    type: string
+                  time_parse_error_tag:
+                    type: string
+                  time_precision:
+                    type: string
+                  type_name:
+                    type: string
+                  unrecoverable_error_types:
+                    type: string
+                  use_legacy_template:
+                    type: boolean
+                  user:
+                    type: string
+                  utc_index:
+                    type: boolean
+                  validate_client_version:
+                    type: boolean
+                  verify_es_version_at_startup:
+                    type: boolean
+                  with_transporter_log:
+                    type: boolean
+                  write_operation:
+                    type: string
+                type: object
+              azurestorage:
+                properties:
+                  auto_create_container:
+                    type: boolean
+                  azure_cloud:
+                    type: string
+                  azure_container:
+                    type: string
+                  azure_imds_api_version:
+                    type: string
+                  azure_object_key_format:
+                    type: string
+                  azure_storage_access_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  azure_storage_account:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  azure_storage_sas_token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  format:
+                    type: string
+                  path:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                required:
+                - azure_container
+                - azure_storage_account
+                type: object
+              cloudwatch:
+                properties:
+                  auto_create_stream:
+                    type: boolean
+                  aws_instance_profile_credentials_retries:
+                    type: integer
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sts_role_arn:
+                    type: string
+                  aws_sts_session_name:
+                    type: string
+                  aws_use_sts:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  concurrency:
+                    type: integer
+                  endpoint:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  http_proxy:
+                    type: string
+                  include_time_key:
+                    type: boolean
+                  json_handler:
+                    type: string
+                  localtime:
+                    type: boolean
+                  log_group_aws_tags:
+                    type: string
+                  log_group_aws_tags_key:
+                    type: string
+                  log_group_name:
+                    type: string
+                  log_group_name_key:
+                    type: string
+                  log_rejected_request:
+                    type: string
+                  log_stream_name:
+                    type: string
+                  log_stream_name_key:
+                    type: string
+                  max_events_per_batch:
+                    type: integer
+                  max_message_length:
+                    type: integer
+                  message_keys:
+                    type: string
+                  put_log_events_disable_retry_limit:
+                    type: boolean
+                  put_log_events_retry_limit:
+                    type: integer
+                  put_log_events_retry_wait:
+                    type: string
+                  region:
+                    type: string
+                  remove_log_group_aws_tags_key:
+                    type: string
+                  remove_log_group_name_key:
+                    type: string
+                  remove_log_stream_name_key:
+                    type: string
+                  remove_retention_in_days:
+                    type: string
+                  retention_in_days:
+                    type: string
+                  retention_in_days_key:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  use_tag_as_group:
+                    type: boolean
+                  use_tag_as_stream:
+                    type: boolean
+                required:
+                - region
+                type: object
+              datadog:
+                properties:
+                  api_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  compression_level:
+                    type: string
+                  dd_hostname:
+                    type: string
+                  dd_source:
+                    type: string
+                  dd_sourcecategory:
+                    type: string
+                  dd_tags:
+                    type: string
+                  host:
+                    type: string
+                  include_tag_key:
+                    type: boolean
+                  max_backoff:
+                    type: string
+                  max_retries:
+                    type: string
+                  no_ssl_validation:
+                    type: boolean
+                  port:
+                    type: string
+                  service:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  ssl_port:
+                    type: string
+                  tag_key:
+                    type: string
+                  timestamp_key:
+                    type: string
+                  use_compression:
+                    type: boolean
+                  use_http:
+                    type: boolean
+                  use_json:
+                    type: boolean
+                  use_ssl:
+                    type: boolean
+                required:
+                - api_key
+                type: object
+              elasticsearch:
+                properties:
+                  api_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  application_name:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  bulk_message_request_threshold:
+                    type: string
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key_pass:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  compression_level:
+                    type: string
+                  content_type:
+                    type: string
+                  custom_headers:
+                    type: string
+                  customize_template:
+                    type: string
+                  data_stream_enable:
+                    type: boolean
+                  data_stream_ilm_name:
+                    type: string
+                  data_stream_ilm_policy:
+                    type: string
+                  data_stream_ilm_policy_overwrite:
+                    type: boolean
+                  data_stream_name:
+                    type: string
+                  data_stream_template_name:
+                    type: string
+                  default_elasticsearch_version:
+                    type: string
+                  deflector_alias:
+                    type: string
+                  enable_ilm:
+                    type: boolean
+                  exception_backup:
+                    type: boolean
+                  fail_on_detecting_es_version_retry_exceed:
+                    type: boolean
+                  fail_on_putting_template_retry_exceed:
+                    type: boolean
+                  flatten_hashes:
+                    type: boolean
+                  flatten_hashes_separator:
+                    type: string
+                  host:
+                    type: string
+                  hosts:
+                    type: string
+                  http_backend:
+                    type: string
+                  id_key:
+                    type: string
+                  ignore_exceptions:
+                    type: string
+                  ilm_policy:
+                    type: string
+                  ilm_policy_id:
+                    type: string
+                  ilm_policy_overwrite:
+                    type: boolean
+                  include_index_in_url:
+                    type: boolean
+                  include_tag_key:
+                    type: boolean
+                  include_timestamp:
+                    type: boolean
+                  index_date_pattern:
+                    type: string
+                  index_name:
+                    type: string
+                  index_prefix:
+                    type: string
+                  log_es_400_reason:
+                    type: boolean
+                  logstash_dateformat:
+                    type: string
+                  logstash_format:
+                    type: boolean
+                  logstash_prefix:
+                    type: string
+                  logstash_prefix_separator:
+                    type: string
+                  max_retry_get_es_version:
+                    type: string
+                  max_retry_putting_template:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  path:
+                    type: string
+                  pipeline:
+                    type: string
+                  port:
+                    type: integer
+                  prefer_oj_serializer:
+                    type: boolean
+                  reconnect_on_error:
+                    type: boolean
+                  reload_after:
+                    type: string
+                  reload_connections:
+                    type: boolean
+                  reload_on_failure:
+                    type: boolean
+                  remove_keys:
+                    type: string
+                  remove_keys_on_update:
+                    type: string
+                  remove_keys_on_update_key:
+                    type: string
+                  request_timeout:
+                    type: string
+                  resurrect_after:
+                    type: string
+                  retry_tag:
+                    type: string
+                  rollover_index:
+                    type: boolean
+                  routing_key:
+                    type: string
+                  scheme:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sniffer_class_name:
+                    type: string
+                  ssl_max_version:
+                    type: string
+                  ssl_min_version:
+                    type: string
+                  ssl_verify:
+                    type: boolean
+                  ssl_version:
+                    type: string
+                  suppress_doc_wrap:
+                    type: boolean
+                  suppress_type_name:
+                    type: boolean
+                  tag_key:
+                    type: string
+                  target_index_key:
+                    type: string
+                  target_type_key:
+                    type: string
+                  template_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  template_name:
+                    type: string
+                  template_overwrite:
+                    type: boolean
+                  templates:
+                    type: string
+                  time_key:
+                    type: string
+                  time_key_format:
+                    type: string
+                  time_parse_error_tag:
+                    type: string
+                  time_precision:
+                    type: string
+                  type_name:
+                    type: string
+                  unrecoverable_error_types:
+                    type: string
+                  use_legacy_template:
+                    type: boolean
+                  user:
+                    type: string
+                  utc_index:
+                    type: boolean
+                  validate_client_version:
+                    type: boolean
+                  verify_es_version_at_startup:
+                    type: boolean
+                  with_transporter_log:
+                    type: boolean
+                  write_operation:
+                    type: string
+                type: object
+              enabledNamespaces:
+                items:
+                  type: string
+                type: array
+              file:
+                properties:
+                  add_path_suffix:
+                    type: boolean
+                  append:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  compress:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  path:
+                    type: string
+                  path_suffix:
+                    type: string
+                  recompress:
+                    type: boolean
+                  slow_flush_log_threshold:
+                    type: string
+                  symlink_path:
+                    type: boolean
+                required:
+                - path
+                type: object
+              forward:
+                properties:
+                  ack_response_timeout:
+                    type: integer
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  connect_timeout:
+                    type: integer
+                  dns_round_robin:
+                    type: boolean
+                  expire_dns_cache:
+                    type: integer
+                  hard_timeout:
+                    type: integer
+                  heartbeat_interval:
+                    type: integer
+                  heartbeat_type:
+                    type: string
+                  ignore_network_errors_at_startup:
+                    type: boolean
+                  keepalive:
+                    type: boolean
+                  keepalive_timeout:
+                    type: integer
+                  phi_failure_detector:
+                    type: boolean
+                  phi_threshold:
+                    type: integer
+                  recover_wait:
+                    type: integer
+                  require_ack_response:
+                    type: boolean
+                  security:
+                    properties:
+                      allow_anonymous_source:
+                        type: boolean
+                      self_hostname:
+                        type: string
+                      shared_key:
+                        type: string
+                      user_auth:
+                        type: boolean
+                    required:
+                    - self_hostname
+                    - shared_key
+                    type: object
+                  send_timeout:
+                    type: integer
+                  servers:
+                    items:
+                      properties:
+                        host:
+                          type: string
+                        name:
+                          type: string
+                        password:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        port:
+                          type: integer
+                        shared_key:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        standby:
+                          type: boolean
+                        username:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        weight:
+                          type: integer
+                      required:
+                      - host
+                      type: object
+                    type: array
+                  slow_flush_log_threshold:
+                    type: string
+                  time_as_integer:
+                    type: boolean
+                  tls_allow_self_signed_cert:
+                    type: boolean
+                  tls_cert_logical_store_name:
+                    type: string
+                  tls_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_cert_thumbprint:
+                    type: string
+                  tls_cert_use_enterprise_store:
+                    type: boolean
+                  tls_ciphers:
+                    type: string
+                  tls_client_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_client_private_key_passphrase:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_client_private_key_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_insecure_mode:
+                    type: boolean
+                  tls_verify_hostname:
+                    type: boolean
+                  tls_version:
+                    type: string
+                  transport:
+                    type: string
+                  verify_connection_at_startup:
+                    type: boolean
+                required:
+                - servers
+                type: object
+              gcs:
+                properties:
+                  acl:
+                    type: string
+                  auto_create_bucket:
+                    type: boolean
+                  bucket:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  client_retries:
+                    type: integer
+                  client_timeout:
+                    type: integer
+                  credentials_json:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  encryption_key:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  hex_random_length:
+                    type: integer
+                  keyfile:
+                    type: string
+                  object_key_format:
+                    type: string
+                  object_metadata:
+                    items:
+                      properties:
+                        key:
+                          type: string
+                        value:
+                          type: string
+                      required:
+                      - key
+                      - value
+                      type: object
+                    type: array
+                  overwrite:
+                    type: boolean
+                  path:
+                    type: string
+                  project:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  storage_class:
+                    type: string
+                  store_as:
+                    type: string
+                  transcoding:
+                    type: boolean
+                required:
+                - bucket
+                - project
+                type: object
+              gelf:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  host:
+                    type: string
+                  port:
+                    type: integer
+                  protocol:
+                    type: string
+                  tls:
+                    type: boolean
+                  tls_options:
+                    additionalProperties:
+                      type: string
+                    type: object
+                required:
+                - host
+                - port
+                type: object
+              http:
+                properties:
+                  auth:
+                    properties:
+                      password:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      username:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                    required:
+                    - password
+                    - username
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  content_type:
+                    type: string
+                  endpoint:
+                    type: string
+                  error_response_as_unrecoverable:
+                    type: boolean
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  headers:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  http_method:
+                    type: string
+                  json_array:
+                    type: boolean
+                  open_timeout:
+                    type: integer
+                  proxy:
+                    type: string
+                  read_timeout:
+                    type: integer
+                  retryable_response_codes:
+                    items:
+                      type: integer
+                    type: array
+                  slow_flush_log_threshold:
+                    type: string
+                  ssl_timeout:
+                    type: integer
+                  tls_ca_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_ciphers:
+                    type: string
+                  tls_client_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_private_key_passphrase:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_private_key_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_verify_mode:
+                    type: string
+                  tls_version:
+                    type: string
+                required:
+                - endpoint
+                type: object
+              kafka:
+                properties:
+                  ack_timeout:
+                    type: integer
+                  brokers:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  client_id:
+                    type: string
+                  compression_codec:
+                    type: string
+                  default_message_key:
+                    type: string
+                  default_partition_key:
+                    type: string
+                  default_topic:
+                    type: string
+                  discard_kafka_delivery_failed:
+                    type: boolean
+                  exclude_partion_key:
+                    type: boolean
+                  exclude_topic_key:
+                    type: boolean
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  get_kafka_client_log:
+                    type: boolean
+                  headers:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  headers_from_record:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  idempotent:
+                    type: boolean
+                  kafka_agg_max_bytes:
+                    type: integer
+                  kafka_agg_max_messages:
+                    type: integer
+                  keytab:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  max_send_retries:
+                    type: integer
+                  message_key_key:
+                    type: string
+                  partition_key:
+                    type: string
+                  partition_key_key:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  principal:
+                    type: string
+                  required_acks:
+                    type: integer
+                  sasl_over_ssl:
+                    type: boolean
+                  scram_mechanism:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  ssl_ca_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ssl_ca_certs_from_system:
+                    type: boolean
+                  ssl_client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ssl_client_cert_chain:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ssl_client_cert_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ssl_verify_hostname:
+                    type: boolean
+                  topic_key:
+                    type: string
+                  use_default_for_unknown_topic:
+                    type: boolean
+                  username:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                required:
+                - brokers
+                - format
+                type: object
+              kinesisFirehose:
+                properties:
+                  append_new_line:
+                    type: boolean
+                  assume_role_credentials:
+                    properties:
+                      duration_seconds:
+                        type: string
+                      external_id:
+                        type: string
+                      policy:
+                        type: string
+                      role_arn:
+                        type: string
+                      role_session_name:
+                        type: string
+                    required:
+                    - role_arn
+                    - role_session_name
+                    type: object
+                  aws_iam_retries:
+                    type: integer
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_ses_token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  batch_request_max_count:
+                    type: integer
+                  batch_request_max_size:
+                    type: integer
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  delivery_stream_name:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  process_credentials:
+                    properties:
+                      process:
+                        type: string
+                    required:
+                    - process
+                    type: object
+                  region:
+                    type: string
+                  reset_backoff_if_success:
+                    type: boolean
+                  retries_on_batch_request:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                required:
+                - delivery_stream_name
+                type: object
+              kinesisStream:
+                properties:
+                  assume_role_credentials:
+                    properties:
+                      duration_seconds:
+                        type: string
+                      external_id:
+                        type: string
+                      policy:
+                        type: string
+                      role_arn:
+                        type: string
+                      role_session_name:
+                        type: string
+                    required:
+                    - role_arn
+                    - role_session_name
+                    type: object
+                  aws_iam_retries:
+                    type: integer
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_ses_token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  batch_request_max_count:
+                    type: integer
+                  batch_request_max_size:
+                    type: integer
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  partition_key:
+                    type: string
+                  process_credentials:
+                    properties:
+                      process:
+                        type: string
+                    required:
+                    - process
+                    type: object
+                  region:
+                    type: string
+                  reset_backoff_if_success:
+                    type: boolean
+                  retries_on_batch_request:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                  stream_name:
+                    type: string
+                required:
+                - stream_name
+                type: object
+              logdna:
+                properties:
+                  api_key:
+                    type: string
+                  app:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  hostname:
+                    type: string
+                  ingester_domain:
+                    type: string
+                  ingester_endpoint:
+                    type: string
+                  request_timeout:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  tags:
+                    type: string
+                required:
+                - api_key
+                - hostname
+                type: object
+              loggingRef:
+                type: string
+              logz:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  bulk_limit:
+                    type: integer
+                  bulk_limit_warning_limit:
+                    type: integer
+                  endpoint:
+                    properties:
+                      port:
+                        type: integer
+                      token:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      url:
+                        type: string
+                    type: object
+                  gzip:
+                    type: boolean
+                  http_idle_timeout:
+                    type: integer
+                  output_include_tags:
+                    type: boolean
+                  output_include_time:
+                    type: boolean
+                  retry_count:
+                    type: integer
+                  retry_sleep:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                required:
+                - endpoint
+                type: object
+              loki:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  ca_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  configure_kubernetes_labels:
+                    type: boolean
+                  drop_single_key:
+                    type: boolean
+                  extra_labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  extract_kubernetes_labels:
+                    type: boolean
+                  include_thread_label:
+                    type: boolean
+                  insecure_tls:
+                    type: boolean
+                  key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  line_format:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  remove_keys:
+                    items:
+                      type: string
+                    type: array
+                  slow_flush_log_threshold:
+                    type: string
+                  tenant:
+                    type: string
+                  url:
+                    type: string
+                  username:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                type: object
+              mattermost:
+                properties:
+                  ca_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  channel_id:
+                    type: string
+                  enable_tls:
+                    type: boolean
+                  message:
+                    type: string
+                  message_color:
+                    type: string
+                  message_title:
+                    type: string
+                  webhook_url:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                required:
+                - webhook_url
+                type: object
+              newrelic:
+                properties:
+                  api_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  base_uri:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  license_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                type: object
+              nullout:
+                type: object
+              opensearch:
+                properties:
+                  application_name:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  bulk_message_request_threshold:
+                    type: string
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  catch_transport_exception_on_retry:
+                    type: boolean
+                  client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key_pass:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  compression_level:
+                    type: string
+                  custom_headers:
+                    type: string
+                  customize_template:
+                    type: string
+                  data_stream_enable:
+                    type: boolean
+                  data_stream_name:
+                    type: string
+                  data_stream_template_name:
+                    type: string
+                  default_opensearch_version:
+                    type: integer
+                  emit_error_for_missing_id:
+                    type: boolean
+                  emit_error_label_event:
+                    type: boolean
+                  endpoint:
+                    properties:
+                      access_key_id:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_arn:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_session_name:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_web_identity_token_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ecs_container_credentials_relative_uri:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      region:
+                        type: string
+                      secret_access_key:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      sts_credentials_region:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      url:
+                        type: string
+                    required:
+                    - url
+                    type: object
+                  exception_backup:
+                    type: boolean
+                  fail_on_detecting_os_version_retry_exceed:
+                    type: boolean
+                  fail_on_putting_template_retry_exceed:
+                    type: boolean
+                  flatten_hashes:
+                    type: boolean
+                  flatten_hashes_separator:
+                    type: string
+                  host:
+                    type: string
+                  hosts:
+                    type: string
+                  http_backend:
+                    type: string
+                  http_backend_excon_nonblock:
+                    type: boolean
+                  id_key:
+                    type: string
+                  ignore_exceptions:
+                    type: string
+                  include_index_in_url:
+                    type: boolean
+                  include_tag_key:
+                    type: boolean
+                  include_timestamp:
+                    type: boolean
+                  index_date_pattern:
+                    type: string
+                  index_name:
+                    type: string
+                  index_separator:
+                    type: string
+                  log_os_400_reason:
+                    type: boolean
+                  logstash_dateformat:
+                    type: string
+                  logstash_format:
+                    type: boolean
+                  logstash_prefix:
+                    type: string
+                  logstash_prefix_separator:
+                    type: string
+                  max_retry_get_os_version:
+                    type: integer
+                  max_retry_putting_template:
+                    type: string
+                  parent_key:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  path:
+                    type: string
+                  pipeline:
+                    type: string
+                  port:
+                    type: integer
+                  prefer_oj_serializer:
+                    type: boolean
+                  reconnect_on_error:
+                    type: boolean
+                  reload_after:
+                    type: string
+                  reload_connections:
+                    type: boolean
+                  reload_on_failure:
+                    type: boolean
+                  remove_keys_on_update:
+                    type: string
+                  remove_keys_on_update_key:
+                    type: string
+                  request_timeout:
+                    type: string
+                  resurrect_after:
+                    type: string
+                  retry_tag:
+                    type: string
+                  routing_key:
+                    type: string
+                  scheme:
+                    type: string
+                  selector_class_name:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sniffer_class_name:
+                    type: string
+                  ssl_verify:
+                    type: boolean
+                  ssl_version:
+                    type: string
+                  suppress_doc_wrap:
+                    type: boolean
+                  suppress_type_name:
+                    type: boolean
+                  tag_key:
+                    type: string
+                  target_index_affinity:
+                    type: boolean
+                  target_index_key:
+                    type: string
+                  template_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  template_name:
+                    type: string
+                  template_overwrite:
+                    type: boolean
+                  templates:
+                    type: string
+                  time_key:
+                    type: string
+                  time_key_exclude_timestamp:
+                    type: boolean
+                  time_key_format:
+                    type: string
+                  time_parse_error_tag:
+                    type: string
+                  time_precision:
+                    type: string
+                  truncate_caches_interval:
+                    type: string
+                  unrecoverable_error_types:
+                    type: string
+                  unrecoverable_record_types:
+                    type: string
+                  use_legacy_template:
+                    type: boolean
+                  user:
+                    type: string
+                  utc_index:
+                    type: boolean
+                  validate_client_version:
+                    type: boolean
+                  verify_os_version_at_startup:
+                    type: boolean
+                  with_transporter_log:
+                    type: boolean
+                  write_operation:
+                    type: string
+                type: object
+              oss:
+                properties:
+                  access_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  access_key_secret:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  auto_create_bucket:
+                    type: boolean
+                  bucket:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  check_bucket:
+                    type: boolean
+                  check_object:
+                    type: boolean
+                  download_crc_enable:
+                    type: boolean
+                  endpoint:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  hex_random_length:
+                    type: integer
+                  index_format:
+                    type: string
+                  key_format:
+                    type: string
+                  open_timeout:
+                    type: integer
+                  oss_sdk_log_dir:
+                    type: string
+                  overwrite:
+                    type: boolean
+                  path:
+                    type: string
+                  read_timeout:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                  store_as:
+                    type: string
+                  upload_crc_enable:
+                    type: boolean
+                  warn_for_delay:
+                    type: string
+                required:
+                - access_key_id
+                - access_key_secret
+                - bucket
+                - endpoint
+                type: object
+              protected:
+                type: boolean
+              redis:
+                properties:
+                  allow_duplicate_key:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  db_number:
+                    type: integer
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  host:
+                    type: string
+                  insert_key_prefix:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  port:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                  strftime_format:
+                    type: string
+                  ttl:
+                    type: integer
+                type: object
+              relabel:
+                properties:
+                  label:
+                    type: string
+                required:
+                - label
+                type: object
+              s3:
+                properties:
+                  acl:
+                    type: string
+                  assume_role_credentials:
+                    properties:
+                      duration_seconds:
+                        type: string
+                      external_id:
+                        type: string
+                      policy:
+                        type: string
+                      role_arn:
+                        type: string
+                      role_session_name:
+                        type: string
+                    required:
+                    - role_arn
+                    - role_session_name
+                    type: object
+                  auto_create_bucket:
+                    type: string
+                  aws_iam_retries:
+                    type: string
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  check_apikey_on_start:
+                    type: string
+                  check_bucket:
+                    type: string
+                  check_object:
+                    type: string
+                  clustername:
+                    type: string
+                  compress:
+                    properties:
+                      parquet_compression_codec:
+                        type: string
+                      parquet_page_size:
+                        type: string
+                      parquet_row_group_size:
+                        type: string
+                      record_type:
+                        type: string
+                      schema_file:
+                        type: string
+                      schema_type:
+                        type: string
+                    type: object
+                  compute_checksums:
+                    type: string
+                  enable_transfer_acceleration:
+                    type: string
+                  force_path_style:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  grant_full_control:
+                    type: string
+                  grant_read:
+                    type: string
+                  grant_read_acp:
+                    type: string
+                  grant_write_acp:
+                    type: string
+                  hex_random_length:
+                    type: string
+                  index_format:
+                    type: string
+                  instance_profile_credentials:
+                    properties:
+                      http_open_timeout:
+                        type: string
+                      http_read_timeout:
+                        type: string
+                      ip_address:
+                        type: string
+                      port:
+                        type: string
+                      retries:
+                        type: string
+                    type: object
+                  oneeye_format:
+                    type: boolean
+                  overwrite:
+                    type: string
+                  path:
+                    type: string
+                  proxy_uri:
+                    type: string
+                  s3_bucket:
+                    type: string
+                  s3_endpoint:
+                    type: string
+                  s3_metadata:
+                    type: string
+                  s3_object_key_format:
+                    type: string
+                  s3_region:
+                    type: string
+                  shared_credentials:
+                    properties:
+                      path:
+                        type: string
+                      profile_name:
+                        type: string
+                    type: object
+                  signature_version:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sse_customer_algorithm:
+                    type: string
+                  sse_customer_key:
+                    type: string
+                  sse_customer_key_md5:
+                    type: string
+                  ssekms_key_id:
+                    type: string
+                  ssl_verify_peer:
+                    type: string
+                  storage_class:
+                    type: string
+                  store_as:
+                    type: string
+                  use_bundled_cert:
+                    type: string
+                  use_server_side_encryption:
+                    type: string
+                  warn_for_delay:
+                    type: string
+                required:
+                - s3_bucket
+                type: object
+              splunkHec:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ca_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  coerce_to_utf8:
+                    type: boolean
+                  data_type:
+                    type: string
+                  fields:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  hec_host:
+                    type: string
+                  hec_port:
+                    type: integer
+                  hec_token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  host:
+                    type: string
+                  host_key:
+                    type: string
+                  idle_timeout:
+                    type: integer
+                  index:
+                    type: string
+                  index_key:
+                    type: string
+                  insecure_ssl:
+                    type: boolean
+                  keep_keys:
+                    type: boolean
+                  metric_name_key:
+                    type: string
+                  metric_value_key:
+                    type: string
+                  metrics_from_event:
+                    type: boolean
+                  non_utf8_replacement_string:
+                    type: string
+                  open_timeout:
+                    type: integer
+                  protocol:
+                    type: string
+                  read_timeout:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                  source:
+                    type: string
+                  source_key:
+                    type: string
+                  sourcetype:
+                    type: string
+                  sourcetype_key:
+                    type: string
+                  ssl_ciphers:
+                    type: string
+                required:
+                - hec_host
+                - hec_token
+                type: object
+              sqs:
+                properties:
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  create_queue:
+                    type: boolean
+                  delay_seconds:
+                    type: integer
+                  include_tag:
+                    type: boolean
+                  message_group_id:
+                    type: string
+                  queue_name:
+                    type: string
+                  region:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sqs_url:
+                    type: string
+                  tag_property_name:
+                    type: string
+                type: object
+              sumologic:
+                properties:
+                  add_timestamp:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  compress:
+                    type: boolean
+                  compress_encoding:
+                    type: string
+                  custom_dimensions:
+                    type: string
+                  custom_fields:
+                    items:
+                      type: string
+                    type: array
+                  data_type:
+                    type: string
+                  delimiter:
+                    type: string
+                  disable_cookies:
+                    type: boolean
+                  endpoint:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  log_format:
+                    type: string
+                  log_key:
+                    type: string
+                  metric_data_format:
+                    type: string
+                  open_timeout:
+                    type: integer
+                  proxy_uri:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  source_category:
+                    type: string
+                  source_host:
+                    type: string
+                  source_name:
+                    type: string
+                  source_name_key:
+                    type: string
+                  sumo_client:
+                    type: string
+                  timestamp_key:
+                    type: string
+                  verify_ssl:
+                    type: boolean
+                required:
+                - endpoint
+                - source_name
+                type: object
+              syslog:
+                properties:
+                  allow_self_signed_cert:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  client_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  enable_system_cert_store:
+                    type: boolean
+                  format:
+                    properties:
+                      app_name_field:
+                        type: string
+                      hostname_field:
+                        type: string
+                      log_field:
+                        type: string
+                      message_id_field:
+                        type: string
+                      proc_id_field:
+                        type: string
+                      rfc6587_message_size:
+                        type: boolean
+                      structured_data_field:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  fqdn:
+                    type: string
+                  host:
+                    type: string
+                  insecure:
+                    type: boolean
+                  port:
+                    type: integer
+                  private_key_passphrase:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  private_key_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  slow_flush_log_threshold:
+                    type: string
+                  transport:
+                    type: string
+                  trusted_ca_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  verify_fqdn:
+                    type: boolean
+                  version:
+                    type: string
+                required:
+                - host
+                type: object
+              vmwareLogInsight:
+                properties:
+                  agent_id:
+                    type: string
+                  authentication:
+                    enum:
+                    - nil
+                    - basic
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  config_param:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  flatten_hashes:
+                    type: boolean
+                  flatten_hashes_separator:
+                    type: string
+                  host:
+                    type: string
+                  http_conn_debug:
+                    type: boolean
+                  http_method:
+                    enum:
+                    - post
+                    type: string
+                  log_text_keys:
+                    items:
+                      type: string
+                    type: array
+                  max_batch_size:
+                    type: integer
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  path:
+                    type: string
+                  port:
+                    type: integer
+                  raise_on_error:
+                    type: boolean
+                  rate_limit_msec:
+                    type: integer
+                  request_retries:
+                    type: integer
+                  request_timeout:
+                    type: integer
+                  scheme:
+                    enum:
+                    - http
+                    - https
+                    type: string
+                  serializer:
+                    enum:
+                    - json
+                    type: string
+                  shorten_keys:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  ssl_verify:
+                    type: boolean
+                  username:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                type: object
+              vmwareLogIntelligence:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  endpoint_url:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  headers:
+                    properties:
+                      authorization:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      content_type:
+                        type: string
+                      structure:
+                        type: string
+                    required:
+                    - authorization
+                    - content_type
+                    - structure
+                    type: object
+                  http_compress:
+                    type: boolean
+                  verify_ssl:
+                    type: boolean
+                required:
+                - endpoint_url
+                - headers
+                - verify_ssl
+                type: object
+            type: object
+          status:
+            properties:
+              active:
+                type: boolean
+              problems:
+                items:
+                  type: string
+                type: array
+              problemsCount:
+                type: integer
+            type: object
+        required:
+        - spec
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_flows.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_flows.yaml
new file mode 100644
index 0000000000..2a67723623
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_flows.yaml
@@ -0,0 +1,2150 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: flows.logging.banzaicloud.io
+spec:
+  group: logging.banzaicloud.io
+  names:
+    categories:
+    - logging-all
+    kind: Flow
+    listKind: FlowList
+    plural: flows
+    singular: flow
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - description: Is the flow active?
+      jsonPath: .status.active
+      name: Active
+      type: boolean
+    - description: Number of problems
+      jsonPath: .status.problemsCount
+      name: Problems
+      type: integer
+    name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              filters:
+                items:
+                  properties:
+                    concat:
+                      properties:
+                        continuous_line_regexp:
+                          type: string
+                        flush_interval:
+                          type: integer
+                        keep_partial_key:
+                          type: boolean
+                        keep_partial_metadata:
+                          type: string
+                        key:
+                          type: string
+                        multiline_end_regexp:
+                          type: string
+                        multiline_start_regexp:
+                          type: string
+                        n_lines:
+                          type: integer
+                        partial_cri_logtag_key:
+                          type: string
+                        partial_cri_stream_key:
+                          type: string
+                        partial_key:
+                          type: string
+                        partial_metadata_format:
+                          type: string
+                        partial_value:
+                          type: string
+                        separator:
+                          type: string
+                        stream_identity_key:
+                          type: string
+                        timeout_label:
+                          type: string
+                        use_first_timestamp:
+                          type: boolean
+                        use_partial_cri_logtag:
+                          type: boolean
+                        use_partial_metadata:
+                          type: string
+                      type: object
+                    dedot:
+                      properties:
+                        de_dot_nested:
+                          type: boolean
+                        de_dot_separator:
+                          type: string
+                      type: object
+                    detectExceptions:
+                      properties:
+                        force_line_breaks:
+                          type: boolean
+                        languages:
+                          items:
+                            type: string
+                          type: array
+                        match_tag:
+                          type: string
+                        max_bytes:
+                          type: integer
+                        max_lines:
+                          type: integer
+                        message:
+                          type: string
+                        multiline_flush_interval:
+                          type: string
+                        remove_tag_prefix:
+                          type: string
+                        stream:
+                          type: string
+                      type: object
+                    elasticsearch_genid:
+                      properties:
+                        hash_id_key:
+                          type: string
+                        hash_type:
+                          type: string
+                        include_tag_in_seed:
+                          type: boolean
+                        include_time_in_seed:
+                          type: boolean
+                        record_keys:
+                          type: string
+                        separator:
+                          type: string
+                        use_entire_record:
+                          type: boolean
+                        use_record_as_seed:
+                          type: boolean
+                      type: object
+                    enhanceK8s:
+                      properties:
+                        api_groups:
+                          items:
+                            type: string
+                          type: array
+                        bearer_token_file:
+                          type: string
+                        ca_file:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        cache_refresh:
+                          type: integer
+                        cache_refresh_variation:
+                          type: integer
+                        cache_size:
+                          type: integer
+                        cache_ttl:
+                          type: integer
+                        client_cert:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        client_key:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        core_api_versions:
+                          items:
+                            type: string
+                          type: array
+                        data_type:
+                          type: string
+                        in_namespace_path:
+                          items:
+                            type: string
+                          type: array
+                        in_pod_path:
+                          items:
+                            type: string
+                          type: array
+                        kubernetes_url:
+                          type: string
+                        secret_dir:
+                          type: string
+                        ssl_partial_chain:
+                          type: boolean
+                        verify_ssl:
+                          type: boolean
+                      type: object
+                    geoip:
+                      properties:
+                        backend_library:
+                          type: string
+                        geoip_database:
+                          type: string
+                        geoip_lookup_keys:
+                          type: string
+                        geoip2_database:
+                          type: string
+                        records:
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          type: array
+                        skip_adding_null_record:
+                          type: boolean
+                      type: object
+                    grep:
+                      properties:
+                        and:
+                          items:
+                            properties:
+                              exclude:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                              regexp:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                            type: object
+                          type: array
+                        exclude:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              pattern:
+                                type: string
+                            required:
+                            - key
+                            - pattern
+                            type: object
+                          type: array
+                        or:
+                          items:
+                            properties:
+                              exclude:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                              regexp:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                            type: object
+                          type: array
+                        regexp:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              pattern:
+                                type: string
+                            required:
+                            - key
+                            - pattern
+                            type: object
+                          type: array
+                      type: object
+                    kube_events_timestamp:
+                      properties:
+                        mapped_time_key:
+                          type: string
+                        timestamp_fields:
+                          items:
+                            type: string
+                          type: array
+                      type: object
+                    parser:
+                      properties:
+                        emit_invalid_record_to_error:
+                          type: boolean
+                        hash_value_field:
+                          type: string
+                        inject_key_prefix:
+                          type: string
+                        key_name:
+                          type: string
+                        parse:
+                          properties:
+                            custom_pattern_path:
+                              properties:
+                                mountFrom:
+                                  properties:
+                                    secretKeyRef:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                value:
+                                  type: string
+                                valueFrom:
+                                  properties:
+                                    secretKeyRef:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                              type: object
+                            delimiter:
+                              type: string
+                            delimiter_pattern:
+                              type: string
+                            estimate_current_event:
+                              type: boolean
+                            expression:
+                              type: string
+                            format:
+                              type: string
+                            format_firstline:
+                              type: string
+                            grok_failure_key:
+                              type: string
+                            grok_name_key:
+                              type: string
+                            grok_pattern:
+                              type: string
+                            grok_patterns:
+                              items:
+                                properties:
+                                  keep_time_key:
+                                    type: boolean
+                                  name:
+                                    type: string
+                                  pattern:
+                                    type: string
+                                  time_format:
+                                    type: string
+                                  time_key:
+                                    type: string
+                                  timezone:
+                                    type: string
+                                required:
+                                - pattern
+                                type: object
+                              type: array
+                            keep_time_key:
+                              type: boolean
+                            keys:
+                              type: string
+                            label_delimiter:
+                              type: string
+                            local_time:
+                              type: boolean
+                            multiline:
+                              items:
+                                type: string
+                              type: array
+                            multiline_start_regexp:
+                              type: string
+                            null_empty_string:
+                              type: boolean
+                            null_value_pattern:
+                              type: string
+                            patterns:
+                              items:
+                                properties:
+                                  custom_pattern_path:
+                                    properties:
+                                      mountFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            required:
+                                            - key
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            required:
+                                            - key
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                    type: object
+                                  estimate_current_event:
+                                    type: boolean
+                                  expression:
+                                    type: string
+                                  format:
+                                    type: string
+                                  grok_failure_key:
+                                    type: string
+                                  grok_name_key:
+                                    type: string
+                                  grok_pattern:
+                                    type: string
+                                  grok_patterns:
+                                    items:
+                                      properties:
+                                        keep_time_key:
+                                          type: boolean
+                                        name:
+                                          type: string
+                                        pattern:
+                                          type: string
+                                        time_format:
+                                          type: string
+                                        time_key:
+                                          type: string
+                                        timezone:
+                                          type: string
+                                      required:
+                                      - pattern
+                                      type: object
+                                    type: array
+                                  keep_time_key:
+                                    type: boolean
+                                  local_time:
+                                    type: boolean
+                                  multiline_start_regexp:
+                                    type: string
+                                  null_empty_string:
+                                    type: boolean
+                                  null_value_pattern:
+                                    type: string
+                                  time_format:
+                                    type: string
+                                  time_key:
+                                    type: string
+                                  time_type:
+                                    type: string
+                                  timezone:
+                                    type: string
+                                  type:
+                                    type: string
+                                  types:
+                                    type: string
+                                  utc:
+                                    type: boolean
+                                type: object
+                              type: array
+                            time_format:
+                              type: string
+                            time_key:
+                              type: string
+                            time_type:
+                              type: string
+                            timezone:
+                              type: string
+                            type:
+                              type: string
+                            types:
+                              type: string
+                            utc:
+                              type: boolean
+                          type: object
+                        parsers:
+                          items:
+                            properties:
+                              custom_pattern_path:
+                                properties:
+                                  mountFrom:
+                                    properties:
+                                      secretKeyRef:
+                                        properties:
+                                          key:
+                                            type: string
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  value:
+                                    type: string
+                                  valueFrom:
+                                    properties:
+                                      secretKeyRef:
+                                        properties:
+                                          key:
+                                            type: string
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                type: object
+                              delimiter:
+                                type: string
+                              delimiter_pattern:
+                                type: string
+                              estimate_current_event:
+                                type: boolean
+                              expression:
+                                type: string
+                              format:
+                                type: string
+                              format_firstline:
+                                type: string
+                              grok_failure_key:
+                                type: string
+                              grok_name_key:
+                                type: string
+                              grok_pattern:
+                                type: string
+                              grok_patterns:
+                                items:
+                                  properties:
+                                    keep_time_key:
+                                      type: boolean
+                                    name:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                    time_format:
+                                      type: string
+                                    time_key:
+                                      type: string
+                                    timezone:
+                                      type: string
+                                  required:
+                                  - pattern
+                                  type: object
+                                type: array
+                              keep_time_key:
+                                type: boolean
+                              keys:
+                                type: string
+                              label_delimiter:
+                                type: string
+                              local_time:
+                                type: boolean
+                              multiline:
+                                items:
+                                  type: string
+                                type: array
+                              multiline_start_regexp:
+                                type: string
+                              null_empty_string:
+                                type: boolean
+                              null_value_pattern:
+                                type: string
+                              patterns:
+                                items:
+                                  properties:
+                                    custom_pattern_path:
+                                      properties:
+                                        mountFrom:
+                                          properties:
+                                            secretKeyRef:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                                optional:
+                                                  type: boolean
+                                              required:
+                                              - key
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          type: object
+                                        value:
+                                          type: string
+                                        valueFrom:
+                                          properties:
+                                            secretKeyRef:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                                optional:
+                                                  type: boolean
+                                              required:
+                                              - key
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          type: object
+                                      type: object
+                                    estimate_current_event:
+                                      type: boolean
+                                    expression:
+                                      type: string
+                                    format:
+                                      type: string
+                                    grok_failure_key:
+                                      type: string
+                                    grok_name_key:
+                                      type: string
+                                    grok_pattern:
+                                      type: string
+                                    grok_patterns:
+                                      items:
+                                        properties:
+                                          keep_time_key:
+                                            type: boolean
+                                          name:
+                                            type: string
+                                          pattern:
+                                            type: string
+                                          time_format:
+                                            type: string
+                                          time_key:
+                                            type: string
+                                          timezone:
+                                            type: string
+                                        required:
+                                        - pattern
+                                        type: object
+                                      type: array
+                                    keep_time_key:
+                                      type: boolean
+                                    local_time:
+                                      type: boolean
+                                    multiline_start_regexp:
+                                      type: string
+                                    null_empty_string:
+                                      type: boolean
+                                    null_value_pattern:
+                                      type: string
+                                    time_format:
+                                      type: string
+                                    time_key:
+                                      type: string
+                                    time_type:
+                                      type: string
+                                    timezone:
+                                      type: string
+                                    type:
+                                      type: string
+                                    types:
+                                      type: string
+                                    utc:
+                                      type: boolean
+                                  type: object
+                                type: array
+                              time_format:
+                                type: string
+                              time_key:
+                                type: string
+                              time_type:
+                                type: string
+                              timezone:
+                                type: string
+                              type:
+                                type: string
+                              types:
+                                type: string
+                              utc:
+                                type: boolean
+                            type: object
+                          type: array
+                        remove_key_name_field:
+                          type: boolean
+                        replace_invalid_sequence:
+                          type: boolean
+                        reserve_data:
+                          type: boolean
+                        reserve_time:
+                          type: boolean
+                      type: object
+                    prometheus:
+                      properties:
+                        labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        metrics:
+                          items:
+                            properties:
+                              buckets:
+                                type: string
+                              desc:
+                                type: string
+                              key:
+                                type: string
+                              labels:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                              name:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - desc
+                            - name
+                            - type
+                            type: object
+                          type: array
+                      type: object
+                    record_modifier:
+                      properties:
+                        char_encoding:
+                          type: string
+                        prepare_value:
+                          type: string
+                        records:
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          type: array
+                        remove_keys:
+                          type: string
+                        replaces:
+                          items:
+                            properties:
+                              expression:
+                                type: string
+                              key:
+                                type: string
+                              replace:
+                                type: string
+                            required:
+                            - expression
+                            - key
+                            - replace
+                            type: object
+                          type: array
+                        whitelist_keys:
+                          type: string
+                      type: object
+                    record_transformer:
+                      properties:
+                        auto_typecast:
+                          type: boolean
+                        enable_ruby:
+                          type: boolean
+                        keep_keys:
+                          type: string
+                        records:
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          type: array
+                        remove_keys:
+                          type: string
+                        renew_record:
+                          type: boolean
+                        renew_time_key:
+                          type: string
+                      type: object
+                    stdout:
+                      properties:
+                        output_type:
+                          type: string
+                      type: object
+                    sumologic:
+                      properties:
+                        collector_key_name:
+                          type: string
+                        collector_value:
+                          type: string
+                        exclude_container_regex:
+                          type: string
+                        exclude_facility_regex:
+                          type: string
+                        exclude_host_regex:
+                          type: string
+                        exclude_namespace_regex:
+                          type: string
+                        exclude_pod_regex:
+                          type: string
+                        exclude_priority_regex:
+                          type: string
+                        exclude_unit_regex:
+                          type: string
+                        log_format:
+                          type: string
+                        source_category:
+                          type: string
+                        source_category_key_name:
+                          type: string
+                        source_category_prefix:
+                          type: string
+                        source_category_replace_dash:
+                          type: string
+                        source_host:
+                          type: string
+                        source_host_key_name:
+                          type: string
+                        source_name:
+                          type: string
+                        source_name_key_name:
+                          type: string
+                        tracing_annotation_prefix:
+                          type: string
+                        tracing_container_name:
+                          type: string
+                        tracing_format:
+                          type: boolean
+                        tracing_host:
+                          type: string
+                        tracing_label_prefix:
+                          type: string
+                        tracing_namespace:
+                          type: string
+                        tracing_pod:
+                          type: string
+                        tracing_pod_id:
+                          type: string
+                      type: object
+                    tag_normaliser:
+                      properties:
+                        format:
+                          type: string
+                        match_tag:
+                          type: string
+                      type: object
+                    throttle:
+                      properties:
+                        group_bucket_limit:
+                          type: integer
+                        group_bucket_period_s:
+                          type: integer
+                        group_drop_logs:
+                          type: boolean
+                        group_key:
+                          type: string
+                        group_reset_rate_s:
+                          type: integer
+                        group_warning_delay_s:
+                          type: integer
+                      type: object
+                    useragent:
+                      properties:
+                        delete_key:
+                          type: boolean
+                        flatten:
+                          type: boolean
+                        key_name:
+                          type: string
+                        out_key:
+                          type: string
+                      type: object
+                  type: object
+                type: array
+              flowLabel:
+                type: string
+              globalOutputRefs:
+                items:
+                  type: string
+                type: array
+              includeLabelInRouter:
+                type: boolean
+              localOutputRefs:
+                items:
+                  type: string
+                type: array
+              loggingRef:
+                type: string
+              match:
+                items:
+                  properties:
+                    exclude:
+                      properties:
+                        container_names:
+                          items:
+                            type: string
+                          type: array
+                        hosts:
+                          items:
+                            type: string
+                          type: array
+                        labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        namespace_labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                      type: object
+                    select:
+                      properties:
+                        container_names:
+                          items:
+                            type: string
+                          type: array
+                        hosts:
+                          items:
+                            type: string
+                          type: array
+                        labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                      type: object
+                  type: object
+                type: array
+              outputRefs:
+                items:
+                  type: string
+                type: array
+              selectors:
+                additionalProperties:
+                  type: string
+                type: object
+            type: object
+          status:
+            properties:
+              active:
+                type: boolean
+              problems:
+                items:
+                  type: string
+                type: array
+              problemsCount:
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - additionalPrinterColumns:
+    - description: Is the flow active?
+      jsonPath: .status.active
+      name: Active
+      type: boolean
+    - description: Number of problems
+      jsonPath: .status.problemsCount
+      name: Problems
+      type: integer
+    name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              filters:
+                items:
+                  properties:
+                    concat:
+                      properties:
+                        continuous_line_regexp:
+                          type: string
+                        flush_interval:
+                          type: integer
+                        keep_partial_key:
+                          type: boolean
+                        keep_partial_metadata:
+                          type: string
+                        key:
+                          type: string
+                        multiline_end_regexp:
+                          type: string
+                        multiline_start_regexp:
+                          type: string
+                        n_lines:
+                          type: integer
+                        partial_cri_logtag_key:
+                          type: string
+                        partial_cri_stream_key:
+                          type: string
+                        partial_key:
+                          type: string
+                        partial_metadata_format:
+                          type: string
+                        partial_value:
+                          type: string
+                        separator:
+                          type: string
+                        stream_identity_key:
+                          type: string
+                        timeout_label:
+                          type: string
+                        use_first_timestamp:
+                          type: boolean
+                        use_partial_cri_logtag:
+                          type: boolean
+                        use_partial_metadata:
+                          type: string
+                      type: object
+                    dedot:
+                      properties:
+                        de_dot_nested:
+                          type: boolean
+                        de_dot_separator:
+                          type: string
+                      type: object
+                    detectExceptions:
+                      properties:
+                        force_line_breaks:
+                          type: boolean
+                        languages:
+                          items:
+                            type: string
+                          type: array
+                        match_tag:
+                          type: string
+                        max_bytes:
+                          type: integer
+                        max_lines:
+                          type: integer
+                        message:
+                          type: string
+                        multiline_flush_interval:
+                          type: string
+                        remove_tag_prefix:
+                          type: string
+                        stream:
+                          type: string
+                      type: object
+                    elasticsearch_genid:
+                      properties:
+                        hash_id_key:
+                          type: string
+                        hash_type:
+                          type: string
+                        include_tag_in_seed:
+                          type: boolean
+                        include_time_in_seed:
+                          type: boolean
+                        record_keys:
+                          type: string
+                        separator:
+                          type: string
+                        use_entire_record:
+                          type: boolean
+                        use_record_as_seed:
+                          type: boolean
+                      type: object
+                    enhanceK8s:
+                      properties:
+                        api_groups:
+                          items:
+                            type: string
+                          type: array
+                        bearer_token_file:
+                          type: string
+                        ca_file:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        cache_refresh:
+                          type: integer
+                        cache_refresh_variation:
+                          type: integer
+                        cache_size:
+                          type: integer
+                        cache_ttl:
+                          type: integer
+                        client_cert:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        client_key:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        core_api_versions:
+                          items:
+                            type: string
+                          type: array
+                        data_type:
+                          type: string
+                        in_namespace_path:
+                          items:
+                            type: string
+                          type: array
+                        in_pod_path:
+                          items:
+                            type: string
+                          type: array
+                        kubernetes_url:
+                          type: string
+                        secret_dir:
+                          type: string
+                        ssl_partial_chain:
+                          type: boolean
+                        verify_ssl:
+                          type: boolean
+                      type: object
+                    geoip:
+                      properties:
+                        backend_library:
+                          type: string
+                        geoip_database:
+                          type: string
+                        geoip_lookup_keys:
+                          type: string
+                        geoip2_database:
+                          type: string
+                        records:
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          type: array
+                        skip_adding_null_record:
+                          type: boolean
+                      type: object
+                    grep:
+                      properties:
+                        and:
+                          items:
+                            properties:
+                              exclude:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                              regexp:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                            type: object
+                          type: array
+                        exclude:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              pattern:
+                                type: string
+                            required:
+                            - key
+                            - pattern
+                            type: object
+                          type: array
+                        or:
+                          items:
+                            properties:
+                              exclude:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                              regexp:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                            type: object
+                          type: array
+                        regexp:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              pattern:
+                                type: string
+                            required:
+                            - key
+                            - pattern
+                            type: object
+                          type: array
+                      type: object
+                    kube_events_timestamp:
+                      properties:
+                        mapped_time_key:
+                          type: string
+                        timestamp_fields:
+                          items:
+                            type: string
+                          type: array
+                      type: object
+                    parser:
+                      properties:
+                        emit_invalid_record_to_error:
+                          type: boolean
+                        hash_value_field:
+                          type: string
+                        inject_key_prefix:
+                          type: string
+                        key_name:
+                          type: string
+                        parse:
+                          properties:
+                            custom_pattern_path:
+                              properties:
+                                mountFrom:
+                                  properties:
+                                    secretKeyRef:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                value:
+                                  type: string
+                                valueFrom:
+                                  properties:
+                                    secretKeyRef:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                              type: object
+                            delimiter:
+                              type: string
+                            delimiter_pattern:
+                              type: string
+                            estimate_current_event:
+                              type: boolean
+                            expression:
+                              type: string
+                            format:
+                              type: string
+                            format_firstline:
+                              type: string
+                            grok_failure_key:
+                              type: string
+                            grok_name_key:
+                              type: string
+                            grok_pattern:
+                              type: string
+                            grok_patterns:
+                              items:
+                                properties:
+                                  keep_time_key:
+                                    type: boolean
+                                  name:
+                                    type: string
+                                  pattern:
+                                    type: string
+                                  time_format:
+                                    type: string
+                                  time_key:
+                                    type: string
+                                  timezone:
+                                    type: string
+                                required:
+                                - pattern
+                                type: object
+                              type: array
+                            keep_time_key:
+                              type: boolean
+                            keys:
+                              type: string
+                            label_delimiter:
+                              type: string
+                            local_time:
+                              type: boolean
+                            multiline:
+                              items:
+                                type: string
+                              type: array
+                            multiline_start_regexp:
+                              type: string
+                            null_empty_string:
+                              type: boolean
+                            null_value_pattern:
+                              type: string
+                            patterns:
+                              items:
+                                properties:
+                                  custom_pattern_path:
+                                    properties:
+                                      mountFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            required:
+                                            - key
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            required:
+                                            - key
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                    type: object
+                                  estimate_current_event:
+                                    type: boolean
+                                  expression:
+                                    type: string
+                                  format:
+                                    type: string
+                                  grok_failure_key:
+                                    type: string
+                                  grok_name_key:
+                                    type: string
+                                  grok_pattern:
+                                    type: string
+                                  grok_patterns:
+                                    items:
+                                      properties:
+                                        keep_time_key:
+                                          type: boolean
+                                        name:
+                                          type: string
+                                        pattern:
+                                          type: string
+                                        time_format:
+                                          type: string
+                                        time_key:
+                                          type: string
+                                        timezone:
+                                          type: string
+                                      required:
+                                      - pattern
+                                      type: object
+                                    type: array
+                                  keep_time_key:
+                                    type: boolean
+                                  local_time:
+                                    type: boolean
+                                  multiline_start_regexp:
+                                    type: string
+                                  null_empty_string:
+                                    type: boolean
+                                  null_value_pattern:
+                                    type: string
+                                  time_format:
+                                    type: string
+                                  time_key:
+                                    type: string
+                                  time_type:
+                                    type: string
+                                  timezone:
+                                    type: string
+                                  type:
+                                    type: string
+                                  types:
+                                    type: string
+                                  utc:
+                                    type: boolean
+                                type: object
+                              type: array
+                            time_format:
+                              type: string
+                            time_key:
+                              type: string
+                            time_type:
+                              type: string
+                            timezone:
+                              type: string
+                            type:
+                              type: string
+                            types:
+                              type: string
+                            utc:
+                              type: boolean
+                          type: object
+                        parsers:
+                          items:
+                            properties:
+                              custom_pattern_path:
+                                properties:
+                                  mountFrom:
+                                    properties:
+                                      secretKeyRef:
+                                        properties:
+                                          key:
+                                            type: string
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  value:
+                                    type: string
+                                  valueFrom:
+                                    properties:
+                                      secretKeyRef:
+                                        properties:
+                                          key:
+                                            type: string
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                type: object
+                              delimiter:
+                                type: string
+                              delimiter_pattern:
+                                type: string
+                              estimate_current_event:
+                                type: boolean
+                              expression:
+                                type: string
+                              format:
+                                type: string
+                              format_firstline:
+                                type: string
+                              grok_failure_key:
+                                type: string
+                              grok_name_key:
+                                type: string
+                              grok_pattern:
+                                type: string
+                              grok_patterns:
+                                items:
+                                  properties:
+                                    keep_time_key:
+                                      type: boolean
+                                    name:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                    time_format:
+                                      type: string
+                                    time_key:
+                                      type: string
+                                    timezone:
+                                      type: string
+                                  required:
+                                  - pattern
+                                  type: object
+                                type: array
+                              keep_time_key:
+                                type: boolean
+                              keys:
+                                type: string
+                              label_delimiter:
+                                type: string
+                              local_time:
+                                type: boolean
+                              multiline:
+                                items:
+                                  type: string
+                                type: array
+                              multiline_start_regexp:
+                                type: string
+                              null_empty_string:
+                                type: boolean
+                              null_value_pattern:
+                                type: string
+                              patterns:
+                                items:
+                                  properties:
+                                    custom_pattern_path:
+                                      properties:
+                                        mountFrom:
+                                          properties:
+                                            secretKeyRef:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                                optional:
+                                                  type: boolean
+                                              required:
+                                              - key
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          type: object
+                                        value:
+                                          type: string
+                                        valueFrom:
+                                          properties:
+                                            secretKeyRef:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                                optional:
+                                                  type: boolean
+                                              required:
+                                              - key
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          type: object
+                                      type: object
+                                    estimate_current_event:
+                                      type: boolean
+                                    expression:
+                                      type: string
+                                    format:
+                                      type: string
+                                    grok_failure_key:
+                                      type: string
+                                    grok_name_key:
+                                      type: string
+                                    grok_pattern:
+                                      type: string
+                                    grok_patterns:
+                                      items:
+                                        properties:
+                                          keep_time_key:
+                                            type: boolean
+                                          name:
+                                            type: string
+                                          pattern:
+                                            type: string
+                                          time_format:
+                                            type: string
+                                          time_key:
+                                            type: string
+                                          timezone:
+                                            type: string
+                                        required:
+                                        - pattern
+                                        type: object
+                                      type: array
+                                    keep_time_key:
+                                      type: boolean
+                                    local_time:
+                                      type: boolean
+                                    multiline_start_regexp:
+                                      type: string
+                                    null_empty_string:
+                                      type: boolean
+                                    null_value_pattern:
+                                      type: string
+                                    time_format:
+                                      type: string
+                                    time_key:
+                                      type: string
+                                    time_type:
+                                      type: string
+                                    timezone:
+                                      type: string
+                                    type:
+                                      type: string
+                                    types:
+                                      type: string
+                                    utc:
+                                      type: boolean
+                                  type: object
+                                type: array
+                              time_format:
+                                type: string
+                              time_key:
+                                type: string
+                              time_type:
+                                type: string
+                              timezone:
+                                type: string
+                              type:
+                                type: string
+                              types:
+                                type: string
+                              utc:
+                                type: boolean
+                            type: object
+                          type: array
+                        remove_key_name_field:
+                          type: boolean
+                        replace_invalid_sequence:
+                          type: boolean
+                        reserve_data:
+                          type: boolean
+                        reserve_time:
+                          type: boolean
+                      type: object
+                    prometheus:
+                      properties:
+                        labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        metrics:
+                          items:
+                            properties:
+                              buckets:
+                                type: string
+                              desc:
+                                type: string
+                              key:
+                                type: string
+                              labels:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                              name:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - desc
+                            - name
+                            - type
+                            type: object
+                          type: array
+                      type: object
+                    record_modifier:
+                      properties:
+                        char_encoding:
+                          type: string
+                        prepare_value:
+                          type: string
+                        records:
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          type: array
+                        remove_keys:
+                          type: string
+                        replaces:
+                          items:
+                            properties:
+                              expression:
+                                type: string
+                              key:
+                                type: string
+                              replace:
+                                type: string
+                            required:
+                            - expression
+                            - key
+                            - replace
+                            type: object
+                          type: array
+                        whitelist_keys:
+                          type: string
+                      type: object
+                    record_transformer:
+                      properties:
+                        auto_typecast:
+                          type: boolean
+                        enable_ruby:
+                          type: boolean
+                        keep_keys:
+                          type: string
+                        records:
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          type: array
+                        remove_keys:
+                          type: string
+                        renew_record:
+                          type: boolean
+                        renew_time_key:
+                          type: string
+                      type: object
+                    stdout:
+                      properties:
+                        output_type:
+                          type: string
+                      type: object
+                    sumologic:
+                      properties:
+                        collector_key_name:
+                          type: string
+                        collector_value:
+                          type: string
+                        exclude_container_regex:
+                          type: string
+                        exclude_facility_regex:
+                          type: string
+                        exclude_host_regex:
+                          type: string
+                        exclude_namespace_regex:
+                          type: string
+                        exclude_pod_regex:
+                          type: string
+                        exclude_priority_regex:
+                          type: string
+                        exclude_unit_regex:
+                          type: string
+                        log_format:
+                          type: string
+                        source_category:
+                          type: string
+                        source_category_key_name:
+                          type: string
+                        source_category_prefix:
+                          type: string
+                        source_category_replace_dash:
+                          type: string
+                        source_host:
+                          type: string
+                        source_host_key_name:
+                          type: string
+                        source_name:
+                          type: string
+                        source_name_key_name:
+                          type: string
+                        tracing_annotation_prefix:
+                          type: string
+                        tracing_container_name:
+                          type: string
+                        tracing_format:
+                          type: boolean
+                        tracing_host:
+                          type: string
+                        tracing_label_prefix:
+                          type: string
+                        tracing_namespace:
+                          type: string
+                        tracing_pod:
+                          type: string
+                        tracing_pod_id:
+                          type: string
+                      type: object
+                    tag_normaliser:
+                      properties:
+                        format:
+                          type: string
+                        match_tag:
+                          type: string
+                      type: object
+                    throttle:
+                      properties:
+                        group_bucket_limit:
+                          type: integer
+                        group_bucket_period_s:
+                          type: integer
+                        group_drop_logs:
+                          type: boolean
+                        group_key:
+                          type: string
+                        group_reset_rate_s:
+                          type: integer
+                        group_warning_delay_s:
+                          type: integer
+                      type: object
+                    useragent:
+                      properties:
+                        delete_key:
+                          type: boolean
+                        flatten:
+                          type: boolean
+                        key_name:
+                          type: string
+                        out_key:
+                          type: string
+                      type: object
+                  type: object
+                type: array
+              flowLabel:
+                type: string
+              globalOutputRefs:
+                items:
+                  type: string
+                type: array
+              includeLabelInRouter:
+                type: boolean
+              localOutputRefs:
+                items:
+                  type: string
+                type: array
+              loggingRef:
+                type: string
+              match:
+                items:
+                  properties:
+                    exclude:
+                      properties:
+                        container_names:
+                          items:
+                            type: string
+                          type: array
+                        hosts:
+                          items:
+                            type: string
+                          type: array
+                        labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        namespace_labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                      type: object
+                    select:
+                      properties:
+                        container_names:
+                          items:
+                            type: string
+                          type: array
+                        hosts:
+                          items:
+                            type: string
+                          type: array
+                        labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                      type: object
+                  type: object
+                type: array
+              outputRefs:
+                items:
+                  type: string
+                type: array
+              selectors:
+                additionalProperties:
+                  type: string
+                type: object
+            type: object
+          status:
+            properties:
+              active:
+                type: boolean
+              problems:
+                items:
+                  type: string
+                type: array
+              problemsCount:
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_fluentbitagents.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_fluentbitagents.yaml
new file mode 100644
index 0000000000..d9148dc802
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_fluentbitagents.yaml
@@ -0,0 +1,2535 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: fluentbitagents.logging.banzaicloud.io
+spec:
+  group: logging.banzaicloud.io
+  names:
+    categories:
+    - logging-all
+    kind: FluentbitAgent
+    listKind: FluentbitAgentList
+    plural: fluentbitagents
+    singular: fluentbitagent
+  scope: Cluster
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              HostNetwork:
+                type: boolean
+              affinity:
+                properties:
+                  nodeAffinity:
+                    properties:
+                      preferredDuringSchedulingIgnoredDuringExecution:
+                        items:
+                          properties:
+                            preference:
+                              properties:
+                                matchExpressions:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                matchFields:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            weight:
+                              format: int32
+                              type: integer
+                          required:
+                          - preference
+                          - weight
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      requiredDuringSchedulingIgnoredDuringExecution:
+                        properties:
+                          nodeSelectorTerms:
+                            items:
+                              properties:
+                                matchExpressions:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                matchFields:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        required:
+                        - nodeSelectorTerms
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
+                  podAffinity:
+                    properties:
+                      preferredDuringSchedulingIgnoredDuringExecution:
+                        items:
+                          properties:
+                            podAffinityTerm:
+                              properties:
+                                labelSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                matchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                mismatchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                namespaceSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                topologyKey:
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            weight:
+                              format: int32
+                              type: integer
+                          required:
+                          - podAffinityTerm
+                          - weight
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      requiredDuringSchedulingIgnoredDuringExecution:
+                        items:
+                          properties:
+                            labelSelector:
+                              properties:
+                                matchExpressions:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            matchLabelKeys:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            mismatchLabelKeys:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            namespaceSelector:
+                              properties:
+                                matchExpressions:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            namespaces:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            topologyKey:
+                              type: string
+                          required:
+                          - topologyKey
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  podAntiAffinity:
+                    properties:
+                      preferredDuringSchedulingIgnoredDuringExecution:
+                        items:
+                          properties:
+                            podAffinityTerm:
+                              properties:
+                                labelSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                matchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                mismatchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                namespaceSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                topologyKey:
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            weight:
+                              format: int32
+                              type: integer
+                          required:
+                          - podAffinityTerm
+                          - weight
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      requiredDuringSchedulingIgnoredDuringExecution:
+                        items:
+                          properties:
+                            labelSelector:
+                              properties:
+                                matchExpressions:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            matchLabelKeys:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            mismatchLabelKeys:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            namespaceSelector:
+                              properties:
+                                matchExpressions:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            namespaces:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            topologyKey:
+                              type: string
+                          required:
+                          - topologyKey
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                type: object
+              annotations:
+                additionalProperties:
+                  type: string
+                type: object
+              bufferStorage:
+                properties:
+                  storage.backlog.mem_limit:
+                    type: string
+                  storage.checksum:
+                    type: string
+                  storage.delete_irrecoverable_chunks:
+                    type: string
+                  storage.metrics:
+                    type: string
+                  storage.path:
+                    type: string
+                  storage.sync:
+                    type: string
+                type: object
+              bufferStorageVolume:
+                properties:
+                  configMap:
+                    properties:
+                      defaultMode:
+                        format: int32
+                        type: integer
+                      items:
+                        items:
+                          properties:
+                            key:
+                              type: string
+                            mode:
+                              format: int32
+                              type: integer
+                            path:
+                              type: string
+                          required:
+                          - key
+                          - path
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      name:
+                        default: ""
+                        type: string
+                      optional:
+                        type: boolean
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  emptyDir:
+                    properties:
+                      medium:
+                        type: string
+                      sizeLimit:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                        x-kubernetes-int-or-string: true
+                    type: object
+                  host_path:
+                    properties:
+                      path:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - path
+                    type: object
+                  hostPath:
+                    properties:
+                      path:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - path
+                    type: object
+                  pvc:
+                    properties:
+                      source:
+                        properties:
+                          claimName:
+                            type: string
+                          readOnly:
+                            type: boolean
+                        required:
+                        - claimName
+                        type: object
+                      spec:
+                        properties:
+                          accessModes:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          dataSource:
+                            properties:
+                              apiGroup:
+                                type: string
+                              kind:
+                                type: string
+                              name:
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          dataSourceRef:
+                            properties:
+                              apiGroup:
+                                type: string
+                              kind:
+                                type: string
+                              name:
+                                type: string
+                              namespace:
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                          resources:
+                            properties:
+                              limits:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                type: object
+                              requests:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                type: object
+                            type: object
+                          selector:
+                            properties:
+                              matchExpressions:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    operator:
+                                      type: string
+                                    values:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  required:
+                                  - key
+                                  - operator
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              matchLabels:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          storageClassName:
+                            type: string
+                          volumeAttributesClassName:
+                            type: string
+                          volumeMode:
+                            type: string
+                          volumeName:
+                            type: string
+                        type: object
+                    type: object
+                  secret:
+                    properties:
+                      defaultMode:
+                        format: int32
+                        type: integer
+                      items:
+                        items:
+                          properties:
+                            key:
+                              type: string
+                            mode:
+                              format: int32
+                              type: integer
+                            path:
+                              type: string
+                          required:
+                          - key
+                          - path
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      optional:
+                        type: boolean
+                      secretName:
+                        type: string
+                    type: object
+                type: object
+              bufferVolumeArgs:
+                items:
+                  type: string
+                type: array
+              bufferVolumeImage:
+                properties:
+                  imagePullSecrets:
+                    items:
+                      properties:
+                        name:
+                          default: ""
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                  pullPolicy:
+                    type: string
+                  repository:
+                    type: string
+                  tag:
+                    type: string
+                type: object
+              bufferVolumeMetrics:
+                properties:
+                  interval:
+                    type: string
+                  path:
+                    type: string
+                  port:
+                    format: int32
+                    type: integer
+                  prometheusAnnotations:
+                    type: boolean
+                  prometheusRules:
+                    type: boolean
+                  serviceMonitor:
+                    type: boolean
+                  serviceMonitorConfig:
+                    properties:
+                      additionalLabels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      honorLabels:
+                        type: boolean
+                      metricRelabelings:
+                        items:
+                          properties:
+                            action:
+                              default: replace
+                              enum:
+                              - replace
+                              - Replace
+                              - keep
+                              - Keep
+                              - drop
+                              - Drop
+                              - hashmod
+                              - HashMod
+                              - labelmap
+                              - LabelMap
+                              - labeldrop
+                              - LabelDrop
+                              - labelkeep
+                              - LabelKeep
+                              - lowercase
+                              - Lowercase
+                              - uppercase
+                              - Uppercase
+                              - keepequal
+                              - KeepEqual
+                              - dropequal
+                              - DropEqual
+                              type: string
+                            modulus:
+                              format: int64
+                              type: integer
+                            regex:
+                              type: string
+                            replacement:
+                              type: string
+                            separator:
+                              type: string
+                            sourceLabels:
+                              items:
+                                pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                type: string
+                              type: array
+                            targetLabel:
+                              type: string
+                          type: object
+                        type: array
+                      relabelings:
+                        items:
+                          properties:
+                            action:
+                              default: replace
+                              enum:
+                              - replace
+                              - Replace
+                              - keep
+                              - Keep
+                              - drop
+                              - Drop
+                              - hashmod
+                              - HashMod
+                              - labelmap
+                              - LabelMap
+                              - labeldrop
+                              - LabelDrop
+                              - labelkeep
+                              - LabelKeep
+                              - lowercase
+                              - Lowercase
+                              - uppercase
+                              - Uppercase
+                              - keepequal
+                              - KeepEqual
+                              - dropequal
+                              - DropEqual
+                              type: string
+                            modulus:
+                              format: int64
+                              type: integer
+                            regex:
+                              type: string
+                            replacement:
+                              type: string
+                            separator:
+                              type: string
+                            sourceLabels:
+                              items:
+                                pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                type: string
+                              type: array
+                            targetLabel:
+                              type: string
+                          type: object
+                        type: array
+                      scheme:
+                        type: string
+                      tlsConfig:
+                        properties:
+                          ca:
+                            properties:
+                              configMap:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          caFile:
+                            type: string
+                          cert:
+                            properties:
+                              configMap:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          certFile:
+                            type: string
+                          insecureSkipVerify:
+                            type: boolean
+                          keyFile:
+                            type: string
+                          keySecret:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          serverName:
+                            type: string
+                        type: object
+                    type: object
+                  timeout:
+                    type: string
+                type: object
+              bufferVolumeResources:
+                properties:
+                  claims:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                type: object
+              configHotReload:
+                properties:
+                  image:
+                    properties:
+                      imagePullSecrets:
+                        items:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                      pullPolicy:
+                        type: string
+                      repository:
+                        type: string
+                      tag:
+                        type: string
+                    type: object
+                  resources:
+                    properties:
+                      claims:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                          required:
+                          - name
+                          type: object
+                        type: array
+                        x-kubernetes-list-map-keys:
+                        - name
+                        x-kubernetes-list-type: map
+                      limits:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                      requests:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                    type: object
+                type: object
+              coroStackSize:
+                format: int32
+                type: integer
+              customConfigSecret:
+                type: string
+              customParsers:
+                type: string
+              daemonsetAnnotations:
+                additionalProperties:
+                  type: string
+                type: object
+              disableKubernetesFilter:
+                type: boolean
+              dnsConfig:
+                properties:
+                  nameservers:
+                    items:
+                      type: string
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  options:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        value:
+                          type: string
+                      type: object
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  searches:
+                    items:
+                      type: string
+                    type: array
+                    x-kubernetes-list-type: atomic
+                type: object
+              dnsPolicy:
+                type: string
+              enableUpstream:
+                type: boolean
+              envVars:
+                items:
+                  properties:
+                    name:
+                      type: string
+                    value:
+                      type: string
+                    valueFrom:
+                      properties:
+                        configMapKeyRef:
+                          properties:
+                            key:
+                              type: string
+                            name:
+                              default: ""
+                              type: string
+                            optional:
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        fieldRef:
+                          properties:
+                            apiVersion:
+                              type: string
+                            fieldPath:
+                              type: string
+                          required:
+                          - fieldPath
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        resourceFieldRef:
+                          properties:
+                            containerName:
+                              type: string
+                            divisor:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                            resource:
+                              type: string
+                          required:
+                          - resource
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        secretKeyRef:
+                          properties:
+                            key:
+                              type: string
+                            name:
+                              default: ""
+                              type: string
+                            optional:
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                  required:
+                  - name
+                  type: object
+                type: array
+              extraVolumeMounts:
+                items:
+                  properties:
+                    destination:
+                      pattern: ^/.+$
+                      type: string
+                    readOnly:
+                      type: boolean
+                    source:
+                      pattern: ^/.+$
+                      type: string
+                  required:
+                  - destination
+                  - source
+                  type: object
+                type: array
+              filterAws:
+                properties:
+                  Match:
+                    type: string
+                  account_id:
+                    type: boolean
+                  ami_id:
+                    type: boolean
+                  az:
+                    type: boolean
+                  ec2_instance_id:
+                    type: boolean
+                  ec2_instance_type:
+                    type: boolean
+                  hostname:
+                    type: boolean
+                  imds_version:
+                    type: string
+                  private_ip:
+                    type: boolean
+                  vpc_id:
+                    type: boolean
+                type: object
+              filterKubernetes:
+                properties:
+                  Annotations:
+                    type: string
+                  Buffer_Size:
+                    type: string
+                  Cache_Use_Docker_Id:
+                    type: string
+                  DNS_Retries:
+                    type: string
+                  DNS_Wait_Time:
+                    type: string
+                  Dummy_Meta:
+                    type: string
+                  K8S-Logging.Exclude:
+                    type: string
+                  K8S-Logging.Parser:
+                    type: string
+                  Keep_Log:
+                    type: string
+                  Kube_CA_File:
+                    type: string
+                  Kube_CA_Path:
+                    type: string
+                  Kube_Meta_Cache_TTL:
+                    type: string
+                  Kube_Tag_Prefix:
+                    type: string
+                  Kube_Token_File:
+                    type: string
+                  Kube_Token_TTL:
+                    type: string
+                  Kube_URL:
+                    type: string
+                  Kube_meta_preload_cache_dir:
+                    type: string
+                  Kubelet_Port:
+                    type: string
+                  Labels:
+                    type: string
+                  Match:
+                    type: string
+                  Merge_Log:
+                    type: string
+                  Merge_Log_Key:
+                    type: string
+                  Merge_Log_Trim:
+                    type: string
+                  Merge_Parser:
+                    type: string
+                  Regex_Parser:
+                    type: string
+                  Use_Journal:
+                    type: string
+                  Use_Kubelet:
+                    type: string
+                  kube_meta_namespace_cache_ttl:
+                    type: string
+                  namespace_annotations:
+                    type: string
+                  namespace_labels:
+                    type: string
+                  tls.debug:
+                    type: string
+                  tls.verify:
+                    type: string
+                type: object
+              filterModify:
+                items:
+                  properties:
+                    conditions:
+                      items:
+                        properties:
+                          A_key_matches:
+                            properties:
+                              key:
+                                type: string
+                            type: object
+                          Key_does_not_exist:
+                            properties:
+                              key:
+                                type: string
+                              value:
+                                type: string
+                            type: object
+                          Key_exists:
+                            properties:
+                              key:
+                                type: string
+                            type: object
+                          Key_value_does_not_equal:
+                            properties:
+                              key:
+                                type: string
+                              value:
+                                type: string
+                            type: object
+                          Key_value_does_not_match:
+                            properties:
+                              key:
+                                type: string
+                              value:
+                                type: string
+                            type: object
+                          Key_value_equals:
+                            properties:
+                              key:
+                                type: string
+                              value:
+                                type: string
+                            type: object
+                          Key_value_matches:
+                            properties:
+                              key:
+                                type: string
+                              value:
+                                type: string
+                            type: object
+                          Matching_keys_do_not_have_matching_values:
+                            properties:
+                              key:
+                                type: string
+                              value:
+                                type: string
+                            type: object
+                          Matching_keys_have_matching_values:
+                            properties:
+                              key:
+                                type: string
+                              value:
+                                type: string
+                            type: object
+                          No_key_matches:
+                            properties:
+                              key:
+                                type: string
+                            type: object
+                        type: object
+                      type: array
+                    rules:
+                      items:
+                        properties:
+                          Add:
+                            properties:
+                              key:
+                                type: string
+                              value:
+                                type: string
+                            type: object
+                          Copy:
+                            properties:
+                              key:
+                                type: string
+                              value:
+                                type: string
+                            type: object
+                          Hard_copy:
+                            properties:
+                              key:
+                                type: string
+                              value:
+                                type: string
+                            type: object
+                          Hard_rename:
+                            properties:
+                              key:
+                                type: string
+                              value:
+                                type: string
+                            type: object
+                          Remove:
+                            properties:
+                              key:
+                                type: string
+                            type: object
+                          Remove_regex:
+                            properties:
+                              key:
+                                type: string
+                            type: object
+                          Remove_wildcard:
+                            properties:
+                              key:
+                                type: string
+                            type: object
+                          Rename:
+                            properties:
+                              key:
+                                type: string
+                              value:
+                                type: string
+                            type: object
+                          Set:
+                            properties:
+                              key:
+                                type: string
+                              value:
+                                type: string
+                            type: object
+                        type: object
+                      type: array
+                  type: object
+                type: array
+              flush:
+                format: int32
+                type: integer
+              forwardOptions:
+                properties:
+                  Require_ack_response:
+                    type: boolean
+                  Retry_Limit:
+                    type: string
+                  Send_options:
+                    type: boolean
+                  Tag:
+                    type: string
+                  Time_as_Integer:
+                    type: boolean
+                  Workers:
+                    type: integer
+                  storage.total_limit_size:
+                    type: string
+                type: object
+              grace:
+                format: int32
+                type: integer
+              healthCheck:
+                properties:
+                  hcErrorsCount:
+                    type: integer
+                  hcPeriod:
+                    type: integer
+                  hcRetryFailureCount:
+                    type: integer
+                type: object
+              image:
+                properties:
+                  imagePullSecrets:
+                    items:
+                      properties:
+                        name:
+                          default: ""
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                  pullPolicy:
+                    type: string
+                  repository:
+                    type: string
+                  tag:
+                    type: string
+                type: object
+              inputTail:
+                properties:
+                  Buffer_Chunk_Size:
+                    type: string
+                  Buffer_Max_Size:
+                    type: string
+                  DB:
+                    type: string
+                  DB.journal_mode:
+                    type: string
+                  DB.locking:
+                    type: boolean
+                  DB_Sync:
+                    type: string
+                  Docker_Mode:
+                    type: string
+                  Docker_Mode_Flush:
+                    type: string
+                  Docker_Mode_Parser:
+                    type: string
+                  Exclude_Path:
+                    type: string
+                  Ignore_Older:
+                    type: string
+                  Key:
+                    type: string
+                  Mem_Buf_Limit:
+                    type: string
+                  Multiline:
+                    type: string
+                  Multiline_Flush:
+                    type: string
+                  Parser:
+                    type: string
+                  Parser_Firstline:
+                    type: string
+                  Parser_N:
+                    items:
+                      type: string
+                    type: array
+                  Path:
+                    type: string
+                  Path_Key:
+                    type: string
+                  Read_From_Head:
+                    type: boolean
+                  Refresh_Interval:
+                    type: string
+                  Rotate_Wait:
+                    type: string
+                  Skip_Long_Lines:
+                    type: string
+                  Tag:
+                    type: string
+                  Tag_Regex:
+                    type: string
+                  multiline.parser:
+                    items:
+                      type: string
+                    type: array
+                  storage.type:
+                    type: string
+                type: object
+              labels:
+                additionalProperties:
+                  type: string
+                type: object
+              livenessDefaultCheck:
+                type: boolean
+              livenessProbe:
+                properties:
+                  exec:
+                    properties:
+                      command:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  failureThreshold:
+                    format: int32
+                    type: integer
+                  grpc:
+                    properties:
+                      port:
+                        format: int32
+                        type: integer
+                      service:
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  httpGet:
+                    properties:
+                      host:
+                        type: string
+                      httpHeaders:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      path:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                      scheme:
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  initialDelaySeconds:
+                    format: int32
+                    type: integer
+                  periodSeconds:
+                    format: int32
+                    type: integer
+                  successThreshold:
+                    format: int32
+                    type: integer
+                  tcpSocket:
+                    properties:
+                      host:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                    required:
+                    - port
+                    type: object
+                  terminationGracePeriodSeconds:
+                    format: int64
+                    type: integer
+                  timeoutSeconds:
+                    format: int32
+                    type: integer
+                type: object
+              logLevel:
+                type: string
+              loggingRef:
+                type: string
+              metrics:
+                properties:
+                  interval:
+                    type: string
+                  path:
+                    type: string
+                  port:
+                    format: int32
+                    type: integer
+                  prometheusAnnotations:
+                    type: boolean
+                  prometheusRules:
+                    type: boolean
+                  serviceMonitor:
+                    type: boolean
+                  serviceMonitorConfig:
+                    properties:
+                      additionalLabels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      honorLabels:
+                        type: boolean
+                      metricRelabelings:
+                        items:
+                          properties:
+                            action:
+                              default: replace
+                              enum:
+                              - replace
+                              - Replace
+                              - keep
+                              - Keep
+                              - drop
+                              - Drop
+                              - hashmod
+                              - HashMod
+                              - labelmap
+                              - LabelMap
+                              - labeldrop
+                              - LabelDrop
+                              - labelkeep
+                              - LabelKeep
+                              - lowercase
+                              - Lowercase
+                              - uppercase
+                              - Uppercase
+                              - keepequal
+                              - KeepEqual
+                              - dropequal
+                              - DropEqual
+                              type: string
+                            modulus:
+                              format: int64
+                              type: integer
+                            regex:
+                              type: string
+                            replacement:
+                              type: string
+                            separator:
+                              type: string
+                            sourceLabels:
+                              items:
+                                pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                type: string
+                              type: array
+                            targetLabel:
+                              type: string
+                          type: object
+                        type: array
+                      relabelings:
+                        items:
+                          properties:
+                            action:
+                              default: replace
+                              enum:
+                              - replace
+                              - Replace
+                              - keep
+                              - Keep
+                              - drop
+                              - Drop
+                              - hashmod
+                              - HashMod
+                              - labelmap
+                              - LabelMap
+                              - labeldrop
+                              - LabelDrop
+                              - labelkeep
+                              - LabelKeep
+                              - lowercase
+                              - Lowercase
+                              - uppercase
+                              - Uppercase
+                              - keepequal
+                              - KeepEqual
+                              - dropequal
+                              - DropEqual
+                              type: string
+                            modulus:
+                              format: int64
+                              type: integer
+                            regex:
+                              type: string
+                            replacement:
+                              type: string
+                            separator:
+                              type: string
+                            sourceLabels:
+                              items:
+                                pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                type: string
+                              type: array
+                            targetLabel:
+                              type: string
+                          type: object
+                        type: array
+                      scheme:
+                        type: string
+                      tlsConfig:
+                        properties:
+                          ca:
+                            properties:
+                              configMap:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          caFile:
+                            type: string
+                          cert:
+                            properties:
+                              configMap:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          certFile:
+                            type: string
+                          insecureSkipVerify:
+                            type: boolean
+                          keyFile:
+                            type: string
+                          keySecret:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          serverName:
+                            type: string
+                        type: object
+                    type: object
+                  timeout:
+                    type: string
+                type: object
+              mountPath:
+                type: string
+              network:
+                properties:
+                  connectTimeout:
+                    format: int32
+                    type: integer
+                  connectTimeoutLogError:
+                    type: boolean
+                  dnsMode:
+                    type: string
+                  dnsPreferIpv4:
+                    type: boolean
+                  dnsResolver:
+                    type: string
+                  keepalive:
+                    type: boolean
+                  keepaliveIdleTimeout:
+                    format: int32
+                    type: integer
+                  keepaliveMaxRecycle:
+                    format: int32
+                    type: integer
+                  maxWorkerConnections:
+                    type: integer
+                  sourceAddress:
+                    type: string
+                type: object
+              nodeSelector:
+                additionalProperties:
+                  type: string
+                type: object
+              parser:
+                type: string
+              podPriorityClassName:
+                type: string
+              position_db:
+                properties:
+                  configMap:
+                    properties:
+                      defaultMode:
+                        format: int32
+                        type: integer
+                      items:
+                        items:
+                          properties:
+                            key:
+                              type: string
+                            mode:
+                              format: int32
+                              type: integer
+                            path:
+                              type: string
+                          required:
+                          - key
+                          - path
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      name:
+                        default: ""
+                        type: string
+                      optional:
+                        type: boolean
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  emptyDir:
+                    properties:
+                      medium:
+                        type: string
+                      sizeLimit:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                        x-kubernetes-int-or-string: true
+                    type: object
+                  host_path:
+                    properties:
+                      path:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - path
+                    type: object
+                  hostPath:
+                    properties:
+                      path:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - path
+                    type: object
+                  pvc:
+                    properties:
+                      source:
+                        properties:
+                          claimName:
+                            type: string
+                          readOnly:
+                            type: boolean
+                        required:
+                        - claimName
+                        type: object
+                      spec:
+                        properties:
+                          accessModes:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          dataSource:
+                            properties:
+                              apiGroup:
+                                type: string
+                              kind:
+                                type: string
+                              name:
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          dataSourceRef:
+                            properties:
+                              apiGroup:
+                                type: string
+                              kind:
+                                type: string
+                              name:
+                                type: string
+                              namespace:
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                          resources:
+                            properties:
+                              limits:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                type: object
+                              requests:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                type: object
+                            type: object
+                          selector:
+                            properties:
+                              matchExpressions:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    operator:
+                                      type: string
+                                    values:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  required:
+                                  - key
+                                  - operator
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              matchLabels:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          storageClassName:
+                            type: string
+                          volumeAttributesClassName:
+                            type: string
+                          volumeMode:
+                            type: string
+                          volumeName:
+                            type: string
+                        type: object
+                    type: object
+                  secret:
+                    properties:
+                      defaultMode:
+                        format: int32
+                        type: integer
+                      items:
+                        items:
+                          properties:
+                            key:
+                              type: string
+                            mode:
+                              format: int32
+                              type: integer
+                            path:
+                              type: string
+                          required:
+                          - key
+                          - path
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      optional:
+                        type: boolean
+                      secretName:
+                        type: string
+                    type: object
+                type: object
+              positiondb:
+                properties:
+                  configMap:
+                    properties:
+                      defaultMode:
+                        format: int32
+                        type: integer
+                      items:
+                        items:
+                          properties:
+                            key:
+                              type: string
+                            mode:
+                              format: int32
+                              type: integer
+                            path:
+                              type: string
+                          required:
+                          - key
+                          - path
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      name:
+                        default: ""
+                        type: string
+                      optional:
+                        type: boolean
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  emptyDir:
+                    properties:
+                      medium:
+                        type: string
+                      sizeLimit:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                        x-kubernetes-int-or-string: true
+                    type: object
+                  host_path:
+                    properties:
+                      path:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - path
+                    type: object
+                  hostPath:
+                    properties:
+                      path:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - path
+                    type: object
+                  pvc:
+                    properties:
+                      source:
+                        properties:
+                          claimName:
+                            type: string
+                          readOnly:
+                            type: boolean
+                        required:
+                        - claimName
+                        type: object
+                      spec:
+                        properties:
+                          accessModes:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          dataSource:
+                            properties:
+                              apiGroup:
+                                type: string
+                              kind:
+                                type: string
+                              name:
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          dataSourceRef:
+                            properties:
+                              apiGroup:
+                                type: string
+                              kind:
+                                type: string
+                              name:
+                                type: string
+                              namespace:
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                          resources:
+                            properties:
+                              limits:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                type: object
+                              requests:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                type: object
+                            type: object
+                          selector:
+                            properties:
+                              matchExpressions:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    operator:
+                                      type: string
+                                    values:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  required:
+                                  - key
+                                  - operator
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              matchLabels:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          storageClassName:
+                            type: string
+                          volumeAttributesClassName:
+                            type: string
+                          volumeMode:
+                            type: string
+                          volumeName:
+                            type: string
+                        type: object
+                    type: object
+                  secret:
+                    properties:
+                      defaultMode:
+                        format: int32
+                        type: integer
+                      items:
+                        items:
+                          properties:
+                            key:
+                              type: string
+                            mode:
+                              format: int32
+                              type: integer
+                            path:
+                              type: string
+                          required:
+                          - key
+                          - path
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      optional:
+                        type: boolean
+                      secretName:
+                        type: string
+                    type: object
+                type: object
+              readinessProbe:
+                properties:
+                  exec:
+                    properties:
+                      command:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  failureThreshold:
+                    format: int32
+                    type: integer
+                  grpc:
+                    properties:
+                      port:
+                        format: int32
+                        type: integer
+                      service:
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  httpGet:
+                    properties:
+                      host:
+                        type: string
+                      httpHeaders:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      path:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                      scheme:
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  initialDelaySeconds:
+                    format: int32
+                    type: integer
+                  periodSeconds:
+                    format: int32
+                    type: integer
+                  successThreshold:
+                    format: int32
+                    type: integer
+                  tcpSocket:
+                    properties:
+                      host:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                    required:
+                    - port
+                    type: object
+                  terminationGracePeriodSeconds:
+                    format: int64
+                    type: integer
+                  timeoutSeconds:
+                    format: int32
+                    type: integer
+                type: object
+              resources:
+                properties:
+                  claims:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                type: object
+              security:
+                properties:
+                  podSecurityContext:
+                    properties:
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      fsGroup:
+                        format: int64
+                        type: integer
+                      fsGroupChangePolicy:
+                        type: string
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      supplementalGroups:
+                        items:
+                          format: int64
+                          type: integer
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      sysctls:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
+                    type: object
+                  podSecurityPolicyCreate:
+                    type: boolean
+                  roleBasedAccessControlCreate:
+                    type: boolean
+                  securityContext:
+                    properties:
+                      allowPrivilegeEscalation:
+                        type: boolean
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      capabilities:
+                        properties:
+                          add:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          drop:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      privileged:
+                        type: boolean
+                      procMount:
+                        type: string
+                      readOnlyRootFilesystem:
+                        type: boolean
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
+                    type: object
+                  serviceAccount:
+                    type: string
+                type: object
+              serviceAccount:
+                properties:
+                  automountServiceAccountToken:
+                    type: boolean
+                  imagePullSecrets:
+                    items:
+                      properties:
+                        name:
+                          default: ""
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                  metadata:
+                    properties:
+                      annotations:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                    type: object
+                  secrets:
+                    items:
+                      properties:
+                        apiVersion:
+                          type: string
+                        fieldPath:
+                          type: string
+                        kind:
+                          type: string
+                        name:
+                          type: string
+                        namespace:
+                          type: string
+                        resourceVersion:
+                          type: string
+                        uid:
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                type: object
+              syslogng_output:
+                properties:
+                  Retry_Limit:
+                    type: string
+                  Workers:
+                    type: integer
+                  json_date_format:
+                    type: string
+                  json_date_key:
+                    type: string
+                type: object
+              targetHost:
+                type: string
+              targetPort:
+                format: int32
+                type: integer
+              tls:
+                properties:
+                  enabled:
+                    type: boolean
+                  secretName:
+                    type: string
+                  sharedKey:
+                    type: string
+                required:
+                - enabled
+                type: object
+              tolerations:
+                items:
+                  properties:
+                    effect:
+                      type: string
+                    key:
+                      type: string
+                    operator:
+                      type: string
+                    tolerationSeconds:
+                      format: int64
+                      type: integer
+                    value:
+                      type: string
+                  type: object
+                type: array
+              updateStrategy:
+                properties:
+                  rollingUpdate:
+                    properties:
+                      maxSurge:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                      maxUnavailable:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                    type: object
+                  type:
+                    type: string
+                type: object
+            type: object
+          status:
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_fluentdconfigs.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_fluentdconfigs.yaml
new file mode 100644
index 0000000000..68b148cc33
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_fluentdconfigs.yaml
@@ -0,0 +1,3240 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: fluentdconfigs.logging.banzaicloud.io
+spec:
+  group: logging.banzaicloud.io
+  names:
+    categories:
+    - logging-all
+    kind: FluentdConfig
+    listKind: FluentdConfigList
+    plural: fluentdconfigs
+    singular: fluentdconfig
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - description: Is the fluentd configuration active?
+      jsonPath: .status.active
+      name: Active
+      type: boolean
+    - description: Number of problems
+      jsonPath: .status.problemsCount
+      name: Problems
+      type: integer
+    name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              affinity:
+                properties:
+                  nodeAffinity:
+                    properties:
+                      preferredDuringSchedulingIgnoredDuringExecution:
+                        items:
+                          properties:
+                            preference:
+                              properties:
+                                matchExpressions:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                matchFields:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            weight:
+                              format: int32
+                              type: integer
+                          required:
+                          - preference
+                          - weight
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      requiredDuringSchedulingIgnoredDuringExecution:
+                        properties:
+                          nodeSelectorTerms:
+                            items:
+                              properties:
+                                matchExpressions:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                matchFields:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        required:
+                        - nodeSelectorTerms
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
+                  podAffinity:
+                    properties:
+                      preferredDuringSchedulingIgnoredDuringExecution:
+                        items:
+                          properties:
+                            podAffinityTerm:
+                              properties:
+                                labelSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                matchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                mismatchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                namespaceSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                topologyKey:
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            weight:
+                              format: int32
+                              type: integer
+                          required:
+                          - podAffinityTerm
+                          - weight
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      requiredDuringSchedulingIgnoredDuringExecution:
+                        items:
+                          properties:
+                            labelSelector:
+                              properties:
+                                matchExpressions:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            matchLabelKeys:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            mismatchLabelKeys:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            namespaceSelector:
+                              properties:
+                                matchExpressions:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            namespaces:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            topologyKey:
+                              type: string
+                          required:
+                          - topologyKey
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  podAntiAffinity:
+                    properties:
+                      preferredDuringSchedulingIgnoredDuringExecution:
+                        items:
+                          properties:
+                            podAffinityTerm:
+                              properties:
+                                labelSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                matchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                mismatchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                namespaceSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                topologyKey:
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            weight:
+                              format: int32
+                              type: integer
+                          required:
+                          - podAffinityTerm
+                          - weight
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      requiredDuringSchedulingIgnoredDuringExecution:
+                        items:
+                          properties:
+                            labelSelector:
+                              properties:
+                                matchExpressions:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            matchLabelKeys:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            mismatchLabelKeys:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            namespaceSelector:
+                              properties:
+                                matchExpressions:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            namespaces:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            topologyKey:
+                              type: string
+                          required:
+                          - topologyKey
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                type: object
+              annotations:
+                additionalProperties:
+                  type: string
+                type: object
+              bufferStorageVolume:
+                properties:
+                  configMap:
+                    properties:
+                      defaultMode:
+                        format: int32
+                        type: integer
+                      items:
+                        items:
+                          properties:
+                            key:
+                              type: string
+                            mode:
+                              format: int32
+                              type: integer
+                            path:
+                              type: string
+                          required:
+                          - key
+                          - path
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      name:
+                        default: ""
+                        type: string
+                      optional:
+                        type: boolean
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  emptyDir:
+                    properties:
+                      medium:
+                        type: string
+                      sizeLimit:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                        x-kubernetes-int-or-string: true
+                    type: object
+                  host_path:
+                    properties:
+                      path:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - path
+                    type: object
+                  hostPath:
+                    properties:
+                      path:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - path
+                    type: object
+                  pvc:
+                    properties:
+                      source:
+                        properties:
+                          claimName:
+                            type: string
+                          readOnly:
+                            type: boolean
+                        required:
+                        - claimName
+                        type: object
+                      spec:
+                        properties:
+                          accessModes:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          dataSource:
+                            properties:
+                              apiGroup:
+                                type: string
+                              kind:
+                                type: string
+                              name:
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          dataSourceRef:
+                            properties:
+                              apiGroup:
+                                type: string
+                              kind:
+                                type: string
+                              name:
+                                type: string
+                              namespace:
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                          resources:
+                            properties:
+                              limits:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                type: object
+                              requests:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                type: object
+                            type: object
+                          selector:
+                            properties:
+                              matchExpressions:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    operator:
+                                      type: string
+                                    values:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  required:
+                                  - key
+                                  - operator
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              matchLabels:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          storageClassName:
+                            type: string
+                          volumeAttributesClassName:
+                            type: string
+                          volumeMode:
+                            type: string
+                          volumeName:
+                            type: string
+                        type: object
+                    type: object
+                  secret:
+                    properties:
+                      defaultMode:
+                        format: int32
+                        type: integer
+                      items:
+                        items:
+                          properties:
+                            key:
+                              type: string
+                            mode:
+                              format: int32
+                              type: integer
+                            path:
+                              type: string
+                          required:
+                          - key
+                          - path
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      optional:
+                        type: boolean
+                      secretName:
+                        type: string
+                    type: object
+                type: object
+              bufferVolumeArgs:
+                items:
+                  type: string
+                type: array
+              bufferVolumeImage:
+                properties:
+                  imagePullSecrets:
+                    items:
+                      properties:
+                        name:
+                          default: ""
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                  pullPolicy:
+                    type: string
+                  repository:
+                    type: string
+                  tag:
+                    type: string
+                type: object
+              bufferVolumeMetrics:
+                properties:
+                  interval:
+                    type: string
+                  path:
+                    type: string
+                  port:
+                    format: int32
+                    type: integer
+                  prometheusAnnotations:
+                    type: boolean
+                  prometheusRules:
+                    type: boolean
+                  serviceMonitor:
+                    type: boolean
+                  serviceMonitorConfig:
+                    properties:
+                      additionalLabels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      honorLabels:
+                        type: boolean
+                      metricRelabelings:
+                        items:
+                          properties:
+                            action:
+                              default: replace
+                              enum:
+                              - replace
+                              - Replace
+                              - keep
+                              - Keep
+                              - drop
+                              - Drop
+                              - hashmod
+                              - HashMod
+                              - labelmap
+                              - LabelMap
+                              - labeldrop
+                              - LabelDrop
+                              - labelkeep
+                              - LabelKeep
+                              - lowercase
+                              - Lowercase
+                              - uppercase
+                              - Uppercase
+                              - keepequal
+                              - KeepEqual
+                              - dropequal
+                              - DropEqual
+                              type: string
+                            modulus:
+                              format: int64
+                              type: integer
+                            regex:
+                              type: string
+                            replacement:
+                              type: string
+                            separator:
+                              type: string
+                            sourceLabels:
+                              items:
+                                pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                type: string
+                              type: array
+                            targetLabel:
+                              type: string
+                          type: object
+                        type: array
+                      relabelings:
+                        items:
+                          properties:
+                            action:
+                              default: replace
+                              enum:
+                              - replace
+                              - Replace
+                              - keep
+                              - Keep
+                              - drop
+                              - Drop
+                              - hashmod
+                              - HashMod
+                              - labelmap
+                              - LabelMap
+                              - labeldrop
+                              - LabelDrop
+                              - labelkeep
+                              - LabelKeep
+                              - lowercase
+                              - Lowercase
+                              - uppercase
+                              - Uppercase
+                              - keepequal
+                              - KeepEqual
+                              - dropequal
+                              - DropEqual
+                              type: string
+                            modulus:
+                              format: int64
+                              type: integer
+                            regex:
+                              type: string
+                            replacement:
+                              type: string
+                            separator:
+                              type: string
+                            sourceLabels:
+                              items:
+                                pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                type: string
+                              type: array
+                            targetLabel:
+                              type: string
+                          type: object
+                        type: array
+                      scheme:
+                        type: string
+                      tlsConfig:
+                        properties:
+                          ca:
+                            properties:
+                              configMap:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          caFile:
+                            type: string
+                          cert:
+                            properties:
+                              configMap:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          certFile:
+                            type: string
+                          insecureSkipVerify:
+                            type: boolean
+                          keyFile:
+                            type: string
+                          keySecret:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          serverName:
+                            type: string
+                        type: object
+                    type: object
+                  timeout:
+                    type: string
+                type: object
+              bufferVolumeResources:
+                properties:
+                  claims:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                type: object
+              compressConfigFile:
+                type: boolean
+              configCheck:
+                properties:
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  strategy:
+                    type: string
+                  timeoutSeconds:
+                    type: integer
+                type: object
+              configCheckAnnotations:
+                additionalProperties:
+                  type: string
+                type: object
+              configCheckResources:
+                properties:
+                  claims:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                type: object
+              configReloaderImage:
+                properties:
+                  imagePullSecrets:
+                    items:
+                      properties:
+                        name:
+                          default: ""
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                  pullPolicy:
+                    type: string
+                  repository:
+                    type: string
+                  tag:
+                    type: string
+                type: object
+              configReloaderResources:
+                properties:
+                  claims:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                type: object
+              disablePvc:
+                type: boolean
+              dnsConfig:
+                properties:
+                  nameservers:
+                    items:
+                      type: string
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  options:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        value:
+                          type: string
+                      type: object
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  searches:
+                    items:
+                      type: string
+                    type: array
+                    x-kubernetes-list-type: atomic
+                type: object
+              dnsPolicy:
+                type: string
+              enableMsgpackTimeSupport:
+                type: boolean
+              envVars:
+                items:
+                  properties:
+                    name:
+                      type: string
+                    value:
+                      type: string
+                    valueFrom:
+                      properties:
+                        configMapKeyRef:
+                          properties:
+                            key:
+                              type: string
+                            name:
+                              default: ""
+                              type: string
+                            optional:
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        fieldRef:
+                          properties:
+                            apiVersion:
+                              type: string
+                            fieldPath:
+                              type: string
+                          required:
+                          - fieldPath
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        resourceFieldRef:
+                          properties:
+                            containerName:
+                              type: string
+                            divisor:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                            resource:
+                              type: string
+                          required:
+                          - resource
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        secretKeyRef:
+                          properties:
+                            key:
+                              type: string
+                            name:
+                              default: ""
+                              type: string
+                            optional:
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                  required:
+                  - name
+                  type: object
+                type: array
+              extraArgs:
+                items:
+                  type: string
+                type: array
+              extraVolumes:
+                items:
+                  properties:
+                    containerName:
+                      type: string
+                    path:
+                      type: string
+                    volume:
+                      properties:
+                        configMap:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  key:
+                                    type: string
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                required:
+                                - key
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            name:
+                              default: ""
+                              type: string
+                            optional:
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        emptyDir:
+                          properties:
+                            medium:
+                              type: string
+                            sizeLimit:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                          type: object
+                        host_path:
+                          properties:
+                            path:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - path
+                          type: object
+                        hostPath:
+                          properties:
+                            path:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - path
+                          type: object
+                        pvc:
+                          properties:
+                            source:
+                              properties:
+                                claimName:
+                                  type: string
+                                readOnly:
+                                  type: boolean
+                              required:
+                              - claimName
+                              type: object
+                            spec:
+                              properties:
+                                accessModes:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                dataSource:
+                                  properties:
+                                    apiGroup:
+                                      type: string
+                                    kind:
+                                      type: string
+                                    name:
+                                      type: string
+                                  required:
+                                  - kind
+                                  - name
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                dataSourceRef:
+                                  properties:
+                                    apiGroup:
+                                      type: string
+                                    kind:
+                                      type: string
+                                    name:
+                                      type: string
+                                    namespace:
+                                      type: string
+                                  required:
+                                  - kind
+                                  - name
+                                  type: object
+                                resources:
+                                  properties:
+                                    limits:
+                                      additionalProperties:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      type: object
+                                    requests:
+                                      additionalProperties:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      type: object
+                                  type: object
+                                selector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                storageClassName:
+                                  type: string
+                                volumeAttributesClassName:
+                                  type: string
+                                volumeMode:
+                                  type: string
+                                volumeName:
+                                  type: string
+                              type: object
+                          type: object
+                        secret:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  key:
+                                    type: string
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                required:
+                                - key
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            optional:
+                              type: boolean
+                            secretName:
+                              type: string
+                          type: object
+                      type: object
+                    volumeName:
+                      type: string
+                  type: object
+                type: array
+              fluentLogDestination:
+                type: string
+              fluentOutLogrotate:
+                properties:
+                  age:
+                    type: string
+                  enabled:
+                    type: boolean
+                  path:
+                    type: string
+                  size:
+                    type: string
+                required:
+                - enabled
+                type: object
+              fluentdPvcSpec:
+                properties:
+                  configMap:
+                    properties:
+                      defaultMode:
+                        format: int32
+                        type: integer
+                      items:
+                        items:
+                          properties:
+                            key:
+                              type: string
+                            mode:
+                              format: int32
+                              type: integer
+                            path:
+                              type: string
+                          required:
+                          - key
+                          - path
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      name:
+                        default: ""
+                        type: string
+                      optional:
+                        type: boolean
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  emptyDir:
+                    properties:
+                      medium:
+                        type: string
+                      sizeLimit:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                        x-kubernetes-int-or-string: true
+                    type: object
+                  host_path:
+                    properties:
+                      path:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - path
+                    type: object
+                  hostPath:
+                    properties:
+                      path:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - path
+                    type: object
+                  pvc:
+                    properties:
+                      source:
+                        properties:
+                          claimName:
+                            type: string
+                          readOnly:
+                            type: boolean
+                        required:
+                        - claimName
+                        type: object
+                      spec:
+                        properties:
+                          accessModes:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          dataSource:
+                            properties:
+                              apiGroup:
+                                type: string
+                              kind:
+                                type: string
+                              name:
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          dataSourceRef:
+                            properties:
+                              apiGroup:
+                                type: string
+                              kind:
+                                type: string
+                              name:
+                                type: string
+                              namespace:
+                                type: string
+                            required:
+                            - kind
+                            - name
+                            type: object
+                          resources:
+                            properties:
+                              limits:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                type: object
+                              requests:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                type: object
+                            type: object
+                          selector:
+                            properties:
+                              matchExpressions:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    operator:
+                                      type: string
+                                    values:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  required:
+                                  - key
+                                  - operator
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              matchLabels:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          storageClassName:
+                            type: string
+                          volumeAttributesClassName:
+                            type: string
+                          volumeMode:
+                            type: string
+                          volumeName:
+                            type: string
+                        type: object
+                    type: object
+                  secret:
+                    properties:
+                      defaultMode:
+                        format: int32
+                        type: integer
+                      items:
+                        items:
+                          properties:
+                            key:
+                              type: string
+                            mode:
+                              format: int32
+                              type: integer
+                            path:
+                              type: string
+                          required:
+                          - key
+                          - path
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      optional:
+                        type: boolean
+                      secretName:
+                        type: string
+                    type: object
+                type: object
+              forwardInputConfig:
+                properties:
+                  add_tag_prefix:
+                    type: string
+                  bind:
+                    type: string
+                  chunk_size_limit:
+                    type: string
+                  chunk_size_warn_limit:
+                    type: string
+                  deny_keepalive:
+                    type: boolean
+                  linger_timeout:
+                    type: integer
+                  port:
+                    type: string
+                  resolve_hostname:
+                    type: boolean
+                  security:
+                    properties:
+                      allow_anonymous_source:
+                        type: boolean
+                      self_hostname:
+                        type: string
+                      shared_key:
+                        type: string
+                      user_auth:
+                        type: boolean
+                    required:
+                    - self_hostname
+                    - shared_key
+                    type: object
+                  send_keepalive_packet:
+                    type: boolean
+                  skip_invalid_event:
+                    type: boolean
+                  source_address_key:
+                    type: string
+                  sourceHostnameKey:
+                    type: string
+                  tag:
+                    type: string
+                  transport:
+                    properties:
+                      ca_cert_path:
+                        type: string
+                      ca_path:
+                        type: string
+                      ca_private_key_passphrase:
+                        type: string
+                      ca_private_key_path:
+                        type: string
+                      cert_path:
+                        type: string
+                      ciphers:
+                        type: string
+                      client_cert_auth:
+                        type: boolean
+                      insecure:
+                        type: boolean
+                      private_key_passphrase:
+                        type: string
+                      private_key_path:
+                        type: string
+                      protocol:
+                        type: string
+                      version:
+                        type: string
+                    type: object
+                type: object
+              ignoreRepeatedLogInterval:
+                type: string
+              ignoreSameLogInterval:
+                type: string
+              image:
+                properties:
+                  imagePullSecrets:
+                    items:
+                      properties:
+                        name:
+                          default: ""
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                  pullPolicy:
+                    type: string
+                  repository:
+                    type: string
+                  tag:
+                    type: string
+                type: object
+              labels:
+                additionalProperties:
+                  type: string
+                type: object
+              livenessDefaultCheck:
+                type: boolean
+              livenessProbe:
+                properties:
+                  exec:
+                    properties:
+                      command:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  failureThreshold:
+                    format: int32
+                    type: integer
+                  grpc:
+                    properties:
+                      port:
+                        format: int32
+                        type: integer
+                      service:
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  httpGet:
+                    properties:
+                      host:
+                        type: string
+                      httpHeaders:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      path:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                      scheme:
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  initialDelaySeconds:
+                    format: int32
+                    type: integer
+                  periodSeconds:
+                    format: int32
+                    type: integer
+                  successThreshold:
+                    format: int32
+                    type: integer
+                  tcpSocket:
+                    properties:
+                      host:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                    required:
+                    - port
+                    type: object
+                  terminationGracePeriodSeconds:
+                    format: int64
+                    type: integer
+                  timeoutSeconds:
+                    format: int32
+                    type: integer
+                type: object
+              logFormat:
+                type: string
+              logLevel:
+                type: string
+              metrics:
+                properties:
+                  interval:
+                    type: string
+                  path:
+                    type: string
+                  port:
+                    format: int32
+                    type: integer
+                  prometheusAnnotations:
+                    type: boolean
+                  prometheusRules:
+                    type: boolean
+                  serviceMonitor:
+                    type: boolean
+                  serviceMonitorConfig:
+                    properties:
+                      additionalLabels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      honorLabels:
+                        type: boolean
+                      metricRelabelings:
+                        items:
+                          properties:
+                            action:
+                              default: replace
+                              enum:
+                              - replace
+                              - Replace
+                              - keep
+                              - Keep
+                              - drop
+                              - Drop
+                              - hashmod
+                              - HashMod
+                              - labelmap
+                              - LabelMap
+                              - labeldrop
+                              - LabelDrop
+                              - labelkeep
+                              - LabelKeep
+                              - lowercase
+                              - Lowercase
+                              - uppercase
+                              - Uppercase
+                              - keepequal
+                              - KeepEqual
+                              - dropequal
+                              - DropEqual
+                              type: string
+                            modulus:
+                              format: int64
+                              type: integer
+                            regex:
+                              type: string
+                            replacement:
+                              type: string
+                            separator:
+                              type: string
+                            sourceLabels:
+                              items:
+                                pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                type: string
+                              type: array
+                            targetLabel:
+                              type: string
+                          type: object
+                        type: array
+                      relabelings:
+                        items:
+                          properties:
+                            action:
+                              default: replace
+                              enum:
+                              - replace
+                              - Replace
+                              - keep
+                              - Keep
+                              - drop
+                              - Drop
+                              - hashmod
+                              - HashMod
+                              - labelmap
+                              - LabelMap
+                              - labeldrop
+                              - LabelDrop
+                              - labelkeep
+                              - LabelKeep
+                              - lowercase
+                              - Lowercase
+                              - uppercase
+                              - Uppercase
+                              - keepequal
+                              - KeepEqual
+                              - dropequal
+                              - DropEqual
+                              type: string
+                            modulus:
+                              format: int64
+                              type: integer
+                            regex:
+                              type: string
+                            replacement:
+                              type: string
+                            separator:
+                              type: string
+                            sourceLabels:
+                              items:
+                                pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                type: string
+                              type: array
+                            targetLabel:
+                              type: string
+                          type: object
+                        type: array
+                      scheme:
+                        type: string
+                      tlsConfig:
+                        properties:
+                          ca:
+                            properties:
+                              configMap:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          caFile:
+                            type: string
+                          cert:
+                            properties:
+                              configMap:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          certFile:
+                            type: string
+                          insecureSkipVerify:
+                            type: boolean
+                          keyFile:
+                            type: string
+                          keySecret:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          serverName:
+                            type: string
+                        type: object
+                    type: object
+                  timeout:
+                    type: string
+                type: object
+              nodeSelector:
+                additionalProperties:
+                  type: string
+                type: object
+              pdb:
+                properties:
+                  maxUnavailable:
+                    anyOf:
+                    - type: integer
+                    - type: string
+                    x-kubernetes-int-or-string: true
+                  minAvailable:
+                    anyOf:
+                    - type: integer
+                    - type: string
+                    x-kubernetes-int-or-string: true
+                  unhealthyPodEvictionPolicy:
+                    type: string
+                type: object
+              podPriorityClassName:
+                type: string
+              port:
+                format: int32
+                type: integer
+              readinessDefaultCheck:
+                properties:
+                  bufferFileNumber:
+                    type: boolean
+                  bufferFileNumberMax:
+                    format: int32
+                    type: integer
+                  bufferFreeSpace:
+                    type: boolean
+                  bufferFreeSpaceThreshold:
+                    format: int32
+                    type: integer
+                  failureThreshold:
+                    format: int32
+                    type: integer
+                  initialDelaySeconds:
+                    format: int32
+                    type: integer
+                  periodSeconds:
+                    format: int32
+                    type: integer
+                  successThreshold:
+                    format: int32
+                    type: integer
+                  timeoutSeconds:
+                    format: int32
+                    type: integer
+                type: object
+              readinessProbe:
+                properties:
+                  exec:
+                    properties:
+                      command:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  failureThreshold:
+                    format: int32
+                    type: integer
+                  grpc:
+                    properties:
+                      port:
+                        format: int32
+                        type: integer
+                      service:
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  httpGet:
+                    properties:
+                      host:
+                        type: string
+                      httpHeaders:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      path:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                      scheme:
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  initialDelaySeconds:
+                    format: int32
+                    type: integer
+                  periodSeconds:
+                    format: int32
+                    type: integer
+                  successThreshold:
+                    format: int32
+                    type: integer
+                  tcpSocket:
+                    properties:
+                      host:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                    required:
+                    - port
+                    type: object
+                  terminationGracePeriodSeconds:
+                    format: int64
+                    type: integer
+                  timeoutSeconds:
+                    format: int32
+                    type: integer
+                type: object
+              resources:
+                properties:
+                  claims:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                type: object
+              rootDir:
+                type: string
+              scaling:
+                properties:
+                  drain:
+                    properties:
+                      annotations:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      deleteVolume:
+                        type: boolean
+                      enabled:
+                        type: boolean
+                      image:
+                        properties:
+                          imagePullSecrets:
+                            items:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type: array
+                          pullPolicy:
+                            type: string
+                          repository:
+                            type: string
+                          tag:
+                            type: string
+                        type: object
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      pauseImage:
+                        properties:
+                          imagePullSecrets:
+                            items:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type: array
+                          pullPolicy:
+                            type: string
+                          repository:
+                            type: string
+                          tag:
+                            type: string
+                        type: object
+                      resources:
+                        properties:
+                          claims:
+                            items:
+                              properties:
+                                name:
+                                  type: string
+                              required:
+                              - name
+                              type: object
+                            type: array
+                            x-kubernetes-list-map-keys:
+                            - name
+                            x-kubernetes-list-type: map
+                          limits:
+                            additionalProperties:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                            type: object
+                          requests:
+                            additionalProperties:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                            type: object
+                        type: object
+                      securityContext:
+                        properties:
+                          allowPrivilegeEscalation:
+                            type: boolean
+                          appArmorProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          capabilities:
+                            properties:
+                              add:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              drop:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            type: object
+                          privileged:
+                            type: boolean
+                          procMount:
+                            type: string
+                          readOnlyRootFilesystem:
+                            type: boolean
+                          runAsGroup:
+                            format: int64
+                            type: integer
+                          runAsNonRoot:
+                            type: boolean
+                          runAsUser:
+                            format: int64
+                            type: integer
+                          seLinuxOptions:
+                            properties:
+                              level:
+                                type: string
+                              role:
+                                type: string
+                              type:
+                                type: string
+                              user:
+                                type: string
+                            type: object
+                          seccompProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          windowsOptions:
+                            properties:
+                              gmsaCredentialSpec:
+                                type: string
+                              gmsaCredentialSpecName:
+                                type: string
+                              hostProcess:
+                                type: boolean
+                              runAsUserName:
+                                type: string
+                            type: object
+                        type: object
+                    type: object
+                  podManagementPolicy:
+                    type: string
+                  replicas:
+                    type: integer
+                type: object
+              security:
+                properties:
+                  podSecurityContext:
+                    properties:
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      fsGroup:
+                        format: int64
+                        type: integer
+                      fsGroupChangePolicy:
+                        type: string
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      supplementalGroups:
+                        items:
+                          format: int64
+                          type: integer
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      sysctls:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
+                    type: object
+                  podSecurityPolicyCreate:
+                    type: boolean
+                  roleBasedAccessControlCreate:
+                    type: boolean
+                  securityContext:
+                    properties:
+                      allowPrivilegeEscalation:
+                        type: boolean
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      capabilities:
+                        properties:
+                          add:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          drop:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      privileged:
+                        type: boolean
+                      procMount:
+                        type: string
+                      readOnlyRootFilesystem:
+                        type: boolean
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
+                    type: object
+                  serviceAccount:
+                    type: string
+                type: object
+              serviceAccount:
+                properties:
+                  automountServiceAccountToken:
+                    type: boolean
+                  imagePullSecrets:
+                    items:
+                      properties:
+                        name:
+                          default: ""
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                  metadata:
+                    properties:
+                      annotations:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                    type: object
+                  secrets:
+                    items:
+                      properties:
+                        apiVersion:
+                          type: string
+                        fieldPath:
+                          type: string
+                        kind:
+                          type: string
+                        name:
+                          type: string
+                        namespace:
+                          type: string
+                        resourceVersion:
+                          type: string
+                        uid:
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                type: object
+              sidecarContainers:
+                items:
+                  properties:
+                    args:
+                      items:
+                        type: string
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    command:
+                      items:
+                        type: string
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    env:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              fieldRef:
+                                properties:
+                                  apiVersion:
+                                    type: string
+                                  fieldPath:
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              resourceFieldRef:
+                                properties:
+                                  containerName:
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        required:
+                        - name
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - name
+                      x-kubernetes-list-type: map
+                    envFrom:
+                      items:
+                        properties:
+                          configMapRef:
+                            properties:
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          prefix:
+                            type: string
+                          secretRef:
+                            properties:
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    image:
+                      type: string
+                    imagePullPolicy:
+                      type: string
+                    lifecycle:
+                      properties:
+                        postStart:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            sleep:
+                              properties:
+                                seconds:
+                                  format: int64
+                                  type: integer
+                              required:
+                              - seconds
+                              type: object
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                        preStop:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            sleep:
+                              properties:
+                                seconds:
+                                  format: int64
+                                  type: integer
+                              required:
+                              - seconds
+                              type: object
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                      type: object
+                    livenessProbe:
+                      properties:
+                        exec:
+                          properties:
+                            command:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        failureThreshold:
+                          format: int32
+                          type: integer
+                        grpc:
+                          properties:
+                            port:
+                              format: int32
+                              type: integer
+                            service:
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          properties:
+                            host:
+                              type: string
+                            httpHeaders:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  value:
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          properties:
+                            host:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          format: int32
+                          type: integer
+                      type: object
+                    name:
+                      type: string
+                    ports:
+                      items:
+                        properties:
+                          containerPort:
+                            format: int32
+                            type: integer
+                          hostIP:
+                            type: string
+                          hostPort:
+                            format: int32
+                            type: integer
+                          name:
+                            type: string
+                          protocol:
+                            default: TCP
+                            type: string
+                        required:
+                        - containerPort
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - containerPort
+                      - protocol
+                      x-kubernetes-list-type: map
+                    readinessProbe:
+                      properties:
+                        exec:
+                          properties:
+                            command:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        failureThreshold:
+                          format: int32
+                          type: integer
+                        grpc:
+                          properties:
+                            port:
+                              format: int32
+                              type: integer
+                            service:
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          properties:
+                            host:
+                              type: string
+                            httpHeaders:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  value:
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          properties:
+                            host:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          format: int32
+                          type: integer
+                      type: object
+                    resizePolicy:
+                      items:
+                        properties:
+                          resourceName:
+                            type: string
+                          restartPolicy:
+                            type: string
+                        required:
+                        - resourceName
+                        - restartPolicy
+                        type: object
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    resources:
+                      properties:
+                        claims:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                      type: object
+                    restartPolicy:
+                      type: string
+                    securityContext:
+                      properties:
+                        allowPrivilegeEscalation:
+                          type: boolean
+                        appArmorProfile:
+                          properties:
+                            localhostProfile:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - type
+                          type: object
+                        capabilities:
+                          properties:
+                            add:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            drop:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        privileged:
+                          type: boolean
+                        procMount:
+                          type: string
+                        readOnlyRootFilesystem:
+                          type: boolean
+                        runAsGroup:
+                          format: int64
+                          type: integer
+                        runAsNonRoot:
+                          type: boolean
+                        runAsUser:
+                          format: int64
+                          type: integer
+                        seLinuxOptions:
+                          properties:
+                            level:
+                              type: string
+                            role:
+                              type: string
+                            type:
+                              type: string
+                            user:
+                              type: string
+                          type: object
+                        seccompProfile:
+                          properties:
+                            localhostProfile:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - type
+                          type: object
+                        windowsOptions:
+                          properties:
+                            gmsaCredentialSpec:
+                              type: string
+                            gmsaCredentialSpecName:
+                              type: string
+                            hostProcess:
+                              type: boolean
+                            runAsUserName:
+                              type: string
+                          type: object
+                      type: object
+                    startupProbe:
+                      properties:
+                        exec:
+                          properties:
+                            command:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        failureThreshold:
+                          format: int32
+                          type: integer
+                        grpc:
+                          properties:
+                            port:
+                              format: int32
+                              type: integer
+                            service:
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          properties:
+                            host:
+                              type: string
+                            httpHeaders:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  value:
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          properties:
+                            host:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          format: int32
+                          type: integer
+                      type: object
+                    stdin:
+                      type: boolean
+                    stdinOnce:
+                      type: boolean
+                    terminationMessagePath:
+                      type: string
+                    terminationMessagePolicy:
+                      type: string
+                    tty:
+                      type: boolean
+                    volumeDevices:
+                      items:
+                        properties:
+                          devicePath:
+                            type: string
+                          name:
+                            type: string
+                        required:
+                        - devicePath
+                        - name
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - devicePath
+                      x-kubernetes-list-type: map
+                    volumeMounts:
+                      items:
+                        properties:
+                          mountPath:
+                            type: string
+                          mountPropagation:
+                            type: string
+                          name:
+                            type: string
+                          readOnly:
+                            type: boolean
+                          recursiveReadOnly:
+                            type: string
+                          subPath:
+                            type: string
+                          subPathExpr:
+                            type: string
+                        required:
+                        - mountPath
+                        - name
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - mountPath
+                      x-kubernetes-list-type: map
+                    workingDir:
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              statefulsetAnnotations:
+                additionalProperties:
+                  type: string
+                type: object
+              tls:
+                properties:
+                  enabled:
+                    type: boolean
+                  secretName:
+                    type: string
+                  sharedKey:
+                    type: string
+                required:
+                - enabled
+                type: object
+              tolerations:
+                items:
+                  properties:
+                    effect:
+                      type: string
+                    key:
+                      type: string
+                    operator:
+                      type: string
+                    tolerationSeconds:
+                      format: int64
+                      type: integer
+                    value:
+                      type: string
+                  type: object
+                type: array
+              topologySpreadConstraints:
+                items:
+                  properties:
+                    labelSelector:
+                      properties:
+                        matchExpressions:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              operator:
+                                type: string
+                              values:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            required:
+                            - key
+                            - operator
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        matchLabels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    matchLabelKeys:
+                      items:
+                        type: string
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    maxSkew:
+                      format: int32
+                      type: integer
+                    minDomains:
+                      format: int32
+                      type: integer
+                    nodeAffinityPolicy:
+                      type: string
+                    nodeTaintsPolicy:
+                      type: string
+                    topologyKey:
+                      type: string
+                    whenUnsatisfiable:
+                      type: string
+                  required:
+                  - maxSkew
+                  - topologyKey
+                  - whenUnsatisfiable
+                  type: object
+                type: array
+              volumeModImage:
+                properties:
+                  imagePullSecrets:
+                    items:
+                      properties:
+                        name:
+                          default: ""
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                  pullPolicy:
+                    type: string
+                  repository:
+                    type: string
+                  tag:
+                    type: string
+                type: object
+              volumeMountChmod:
+                type: boolean
+              workers:
+                format: int32
+                type: integer
+            type: object
+          status:
+            properties:
+              active:
+                type: boolean
+              logging:
+                type: string
+              problems:
+                items:
+                  type: string
+                type: array
+              problemsCount:
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_loggingroutes.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_loggingroutes.yaml
new file mode 100644
index 0000000000..2b465f2d6f
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_loggingroutes.yaml
@@ -0,0 +1,106 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: loggingroutes.logging.banzaicloud.io
+spec:
+  group: logging.banzaicloud.io
+  names:
+    categories:
+    - logging-all
+    kind: LoggingRoute
+    listKind: LoggingRouteList
+    plural: loggingroutes
+    shortNames:
+    - lr
+    singular: loggingroute
+  scope: Cluster
+  versions:
+  - additionalPrinterColumns:
+    - description: Number of problems
+      jsonPath: .status.problemsCount
+      name: Problems
+      type: integer
+    - description: Number of notices
+      jsonPath: .status.noticesCount
+      name: Notices
+      type: integer
+    name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              source:
+                type: string
+              targets:
+                properties:
+                  matchExpressions:
+                    items:
+                      properties:
+                        key:
+                          type: string
+                        operator:
+                          type: string
+                        values:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+            required:
+            - source
+            - targets
+            type: object
+          status:
+            properties:
+              notices:
+                items:
+                  type: string
+                type: array
+              noticesCount:
+                type: integer
+              problems:
+                items:
+                  type: string
+                type: array
+              problemsCount:
+                type: integer
+              tenants:
+                items:
+                  properties:
+                    name:
+                      type: string
+                    namespaces:
+                      items:
+                        type: string
+                      type: array
+                  required:
+                  - name
+                  type: object
+                type: array
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_loggings.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_loggings.yaml
new file mode 100644
index 0000000000..46c7f5f6c3
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_loggings.yaml
@@ -0,0 +1,20601 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: loggings.logging.banzaicloud.io
+spec:
+  group: logging.banzaicloud.io
+  names:
+    categories:
+    - logging-all
+    kind: Logging
+    listKind: LoggingList
+    plural: loggings
+    singular: logging
+  scope: Cluster
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            type: object
+          status:
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - additionalPrinterColumns:
+    - description: Logging reference
+      jsonPath: .spec.loggingRef
+      name: LoggingRef
+      type: string
+    - description: Control namespace
+      jsonPath: .spec.controlNamespace
+      name: ControlNamespace
+      type: string
+    - description: Watched namespaces
+      jsonPath: .status.watchNamespaces
+      name: WatchNamespaces
+      type: string
+    - description: Number of problems
+      jsonPath: .status.problemsCount
+      name: Problems
+      type: integer
+    name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              allowClusterResourcesFromAllNamespaces:
+                type: boolean
+              clusterDomain:
+                type: string
+              configCheck:
+                properties:
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  strategy:
+                    type: string
+                  timeoutSeconds:
+                    type: integer
+                type: object
+              controlNamespace:
+                type: string
+              defaultFlow:
+                properties:
+                  filters:
+                    items:
+                      properties:
+                        concat:
+                          properties:
+                            continuous_line_regexp:
+                              type: string
+                            flush_interval:
+                              type: integer
+                            keep_partial_key:
+                              type: boolean
+                            keep_partial_metadata:
+                              type: string
+                            key:
+                              type: string
+                            multiline_end_regexp:
+                              type: string
+                            multiline_start_regexp:
+                              type: string
+                            n_lines:
+                              type: integer
+                            partial_cri_logtag_key:
+                              type: string
+                            partial_cri_stream_key:
+                              type: string
+                            partial_key:
+                              type: string
+                            partial_metadata_format:
+                              type: string
+                            partial_value:
+                              type: string
+                            separator:
+                              type: string
+                            stream_identity_key:
+                              type: string
+                            timeout_label:
+                              type: string
+                            use_first_timestamp:
+                              type: boolean
+                            use_partial_cri_logtag:
+                              type: boolean
+                            use_partial_metadata:
+                              type: string
+                          type: object
+                        dedot:
+                          properties:
+                            de_dot_nested:
+                              type: boolean
+                            de_dot_separator:
+                              type: string
+                          type: object
+                        detectExceptions:
+                          properties:
+                            force_line_breaks:
+                              type: boolean
+                            languages:
+                              items:
+                                type: string
+                              type: array
+                            match_tag:
+                              type: string
+                            max_bytes:
+                              type: integer
+                            max_lines:
+                              type: integer
+                            message:
+                              type: string
+                            multiline_flush_interval:
+                              type: string
+                            remove_tag_prefix:
+                              type: string
+                            stream:
+                              type: string
+                          type: object
+                        elasticsearch_genid:
+                          properties:
+                            hash_id_key:
+                              type: string
+                            hash_type:
+                              type: string
+                            include_tag_in_seed:
+                              type: boolean
+                            include_time_in_seed:
+                              type: boolean
+                            record_keys:
+                              type: string
+                            separator:
+                              type: string
+                            use_entire_record:
+                              type: boolean
+                            use_record_as_seed:
+                              type: boolean
+                          type: object
+                        enhanceK8s:
+                          properties:
+                            api_groups:
+                              items:
+                                type: string
+                              type: array
+                            bearer_token_file:
+                              type: string
+                            ca_file:
+                              properties:
+                                mountFrom:
+                                  properties:
+                                    secretKeyRef:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                value:
+                                  type: string
+                                valueFrom:
+                                  properties:
+                                    secretKeyRef:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                              type: object
+                            cache_refresh:
+                              type: integer
+                            cache_refresh_variation:
+                              type: integer
+                            cache_size:
+                              type: integer
+                            cache_ttl:
+                              type: integer
+                            client_cert:
+                              properties:
+                                mountFrom:
+                                  properties:
+                                    secretKeyRef:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                value:
+                                  type: string
+                                valueFrom:
+                                  properties:
+                                    secretKeyRef:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                              type: object
+                            client_key:
+                              properties:
+                                mountFrom:
+                                  properties:
+                                    secretKeyRef:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                value:
+                                  type: string
+                                valueFrom:
+                                  properties:
+                                    secretKeyRef:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                              type: object
+                            core_api_versions:
+                              items:
+                                type: string
+                              type: array
+                            data_type:
+                              type: string
+                            in_namespace_path:
+                              items:
+                                type: string
+                              type: array
+                            in_pod_path:
+                              items:
+                                type: string
+                              type: array
+                            kubernetes_url:
+                              type: string
+                            secret_dir:
+                              type: string
+                            ssl_partial_chain:
+                              type: boolean
+                            verify_ssl:
+                              type: boolean
+                          type: object
+                        geoip:
+                          properties:
+                            backend_library:
+                              type: string
+                            geoip_database:
+                              type: string
+                            geoip_lookup_keys:
+                              type: string
+                            geoip2_database:
+                              type: string
+                            records:
+                              items:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                              type: array
+                            skip_adding_null_record:
+                              type: boolean
+                          type: object
+                        grep:
+                          properties:
+                            and:
+                              items:
+                                properties:
+                                  exclude:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        pattern:
+                                          type: string
+                                      required:
+                                      - key
+                                      - pattern
+                                      type: object
+                                    type: array
+                                  regexp:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        pattern:
+                                          type: string
+                                      required:
+                                      - key
+                                      - pattern
+                                      type: object
+                                    type: array
+                                type: object
+                              type: array
+                            exclude:
+                              items:
+                                properties:
+                                  key:
+                                    type: string
+                                  pattern:
+                                    type: string
+                                required:
+                                - key
+                                - pattern
+                                type: object
+                              type: array
+                            or:
+                              items:
+                                properties:
+                                  exclude:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        pattern:
+                                          type: string
+                                      required:
+                                      - key
+                                      - pattern
+                                      type: object
+                                    type: array
+                                  regexp:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        pattern:
+                                          type: string
+                                      required:
+                                      - key
+                                      - pattern
+                                      type: object
+                                    type: array
+                                type: object
+                              type: array
+                            regexp:
+                              items:
+                                properties:
+                                  key:
+                                    type: string
+                                  pattern:
+                                    type: string
+                                required:
+                                - key
+                                - pattern
+                                type: object
+                              type: array
+                          type: object
+                        kube_events_timestamp:
+                          properties:
+                            mapped_time_key:
+                              type: string
+                            timestamp_fields:
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                        parser:
+                          properties:
+                            emit_invalid_record_to_error:
+                              type: boolean
+                            hash_value_field:
+                              type: string
+                            inject_key_prefix:
+                              type: string
+                            key_name:
+                              type: string
+                            parse:
+                              properties:
+                                custom_pattern_path:
+                                  properties:
+                                    mountFrom:
+                                      properties:
+                                        secretKeyRef:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      type: object
+                                    value:
+                                      type: string
+                                    valueFrom:
+                                      properties:
+                                        secretKeyRef:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      type: object
+                                  type: object
+                                delimiter:
+                                  type: string
+                                delimiter_pattern:
+                                  type: string
+                                estimate_current_event:
+                                  type: boolean
+                                expression:
+                                  type: string
+                                format:
+                                  type: string
+                                format_firstline:
+                                  type: string
+                                grok_failure_key:
+                                  type: string
+                                grok_name_key:
+                                  type: string
+                                grok_pattern:
+                                  type: string
+                                grok_patterns:
+                                  items:
+                                    properties:
+                                      keep_time_key:
+                                        type: boolean
+                                      name:
+                                        type: string
+                                      pattern:
+                                        type: string
+                                      time_format:
+                                        type: string
+                                      time_key:
+                                        type: string
+                                      timezone:
+                                        type: string
+                                    required:
+                                    - pattern
+                                    type: object
+                                  type: array
+                                keep_time_key:
+                                  type: boolean
+                                keys:
+                                  type: string
+                                label_delimiter:
+                                  type: string
+                                local_time:
+                                  type: boolean
+                                multiline:
+                                  items:
+                                    type: string
+                                  type: array
+                                multiline_start_regexp:
+                                  type: string
+                                null_empty_string:
+                                  type: boolean
+                                null_value_pattern:
+                                  type: string
+                                patterns:
+                                  items:
+                                    properties:
+                                      custom_pattern_path:
+                                        properties:
+                                          mountFrom:
+                                            properties:
+                                              secretKeyRef:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                required:
+                                                - key
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                            type: object
+                                          value:
+                                            type: string
+                                          valueFrom:
+                                            properties:
+                                              secretKeyRef:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                required:
+                                                - key
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                            type: object
+                                        type: object
+                                      estimate_current_event:
+                                        type: boolean
+                                      expression:
+                                        type: string
+                                      format:
+                                        type: string
+                                      grok_failure_key:
+                                        type: string
+                                      grok_name_key:
+                                        type: string
+                                      grok_pattern:
+                                        type: string
+                                      grok_patterns:
+                                        items:
+                                          properties:
+                                            keep_time_key:
+                                              type: boolean
+                                            name:
+                                              type: string
+                                            pattern:
+                                              type: string
+                                            time_format:
+                                              type: string
+                                            time_key:
+                                              type: string
+                                            timezone:
+                                              type: string
+                                          required:
+                                          - pattern
+                                          type: object
+                                        type: array
+                                      keep_time_key:
+                                        type: boolean
+                                      local_time:
+                                        type: boolean
+                                      multiline_start_regexp:
+                                        type: string
+                                      null_empty_string:
+                                        type: boolean
+                                      null_value_pattern:
+                                        type: string
+                                      time_format:
+                                        type: string
+                                      time_key:
+                                        type: string
+                                      time_type:
+                                        type: string
+                                      timezone:
+                                        type: string
+                                      type:
+                                        type: string
+                                      types:
+                                        type: string
+                                      utc:
+                                        type: boolean
+                                    type: object
+                                  type: array
+                                time_format:
+                                  type: string
+                                time_key:
+                                  type: string
+                                time_type:
+                                  type: string
+                                timezone:
+                                  type: string
+                                type:
+                                  type: string
+                                types:
+                                  type: string
+                                utc:
+                                  type: boolean
+                              type: object
+                            parsers:
+                              items:
+                                properties:
+                                  custom_pattern_path:
+                                    properties:
+                                      mountFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            required:
+                                            - key
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            required:
+                                            - key
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                    type: object
+                                  delimiter:
+                                    type: string
+                                  delimiter_pattern:
+                                    type: string
+                                  estimate_current_event:
+                                    type: boolean
+                                  expression:
+                                    type: string
+                                  format:
+                                    type: string
+                                  format_firstline:
+                                    type: string
+                                  grok_failure_key:
+                                    type: string
+                                  grok_name_key:
+                                    type: string
+                                  grok_pattern:
+                                    type: string
+                                  grok_patterns:
+                                    items:
+                                      properties:
+                                        keep_time_key:
+                                          type: boolean
+                                        name:
+                                          type: string
+                                        pattern:
+                                          type: string
+                                        time_format:
+                                          type: string
+                                        time_key:
+                                          type: string
+                                        timezone:
+                                          type: string
+                                      required:
+                                      - pattern
+                                      type: object
+                                    type: array
+                                  keep_time_key:
+                                    type: boolean
+                                  keys:
+                                    type: string
+                                  label_delimiter:
+                                    type: string
+                                  local_time:
+                                    type: boolean
+                                  multiline:
+                                    items:
+                                      type: string
+                                    type: array
+                                  multiline_start_regexp:
+                                    type: string
+                                  null_empty_string:
+                                    type: boolean
+                                  null_value_pattern:
+                                    type: string
+                                  patterns:
+                                    items:
+                                      properties:
+                                        custom_pattern_path:
+                                          properties:
+                                            mountFrom:
+                                              properties:
+                                                secretKeyRef:
+                                                  properties:
+                                                    key:
+                                                      type: string
+                                                    name:
+                                                      default: ""
+                                                      type: string
+                                                    optional:
+                                                      type: boolean
+                                                  required:
+                                                  - key
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                              type: object
+                                            value:
+                                              type: string
+                                            valueFrom:
+                                              properties:
+                                                secretKeyRef:
+                                                  properties:
+                                                    key:
+                                                      type: string
+                                                    name:
+                                                      default: ""
+                                                      type: string
+                                                    optional:
+                                                      type: boolean
+                                                  required:
+                                                  - key
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                              type: object
+                                          type: object
+                                        estimate_current_event:
+                                          type: boolean
+                                        expression:
+                                          type: string
+                                        format:
+                                          type: string
+                                        grok_failure_key:
+                                          type: string
+                                        grok_name_key:
+                                          type: string
+                                        grok_pattern:
+                                          type: string
+                                        grok_patterns:
+                                          items:
+                                            properties:
+                                              keep_time_key:
+                                                type: boolean
+                                              name:
+                                                type: string
+                                              pattern:
+                                                type: string
+                                              time_format:
+                                                type: string
+                                              time_key:
+                                                type: string
+                                              timezone:
+                                                type: string
+                                            required:
+                                            - pattern
+                                            type: object
+                                          type: array
+                                        keep_time_key:
+                                          type: boolean
+                                        local_time:
+                                          type: boolean
+                                        multiline_start_regexp:
+                                          type: string
+                                        null_empty_string:
+                                          type: boolean
+                                        null_value_pattern:
+                                          type: string
+                                        time_format:
+                                          type: string
+                                        time_key:
+                                          type: string
+                                        time_type:
+                                          type: string
+                                        timezone:
+                                          type: string
+                                        type:
+                                          type: string
+                                        types:
+                                          type: string
+                                        utc:
+                                          type: boolean
+                                      type: object
+                                    type: array
+                                  time_format:
+                                    type: string
+                                  time_key:
+                                    type: string
+                                  time_type:
+                                    type: string
+                                  timezone:
+                                    type: string
+                                  type:
+                                    type: string
+                                  types:
+                                    type: string
+                                  utc:
+                                    type: boolean
+                                type: object
+                              type: array
+                            remove_key_name_field:
+                              type: boolean
+                            replace_invalid_sequence:
+                              type: boolean
+                            reserve_data:
+                              type: boolean
+                            reserve_time:
+                              type: boolean
+                          type: object
+                        prometheus:
+                          properties:
+                            labels:
+                              additionalProperties:
+                                type: string
+                              type: object
+                            metrics:
+                              items:
+                                properties:
+                                  buckets:
+                                    type: string
+                                  desc:
+                                    type: string
+                                  key:
+                                    type: string
+                                  labels:
+                                    additionalProperties:
+                                      type: string
+                                    type: object
+                                  name:
+                                    type: string
+                                  type:
+                                    type: string
+                                required:
+                                - desc
+                                - name
+                                - type
+                                type: object
+                              type: array
+                          type: object
+                        record_modifier:
+                          properties:
+                            char_encoding:
+                              type: string
+                            prepare_value:
+                              type: string
+                            records:
+                              items:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                              type: array
+                            remove_keys:
+                              type: string
+                            replaces:
+                              items:
+                                properties:
+                                  expression:
+                                    type: string
+                                  key:
+                                    type: string
+                                  replace:
+                                    type: string
+                                required:
+                                - expression
+                                - key
+                                - replace
+                                type: object
+                              type: array
+                            whitelist_keys:
+                              type: string
+                          type: object
+                        record_transformer:
+                          properties:
+                            auto_typecast:
+                              type: boolean
+                            enable_ruby:
+                              type: boolean
+                            keep_keys:
+                              type: string
+                            records:
+                              items:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                              type: array
+                            remove_keys:
+                              type: string
+                            renew_record:
+                              type: boolean
+                            renew_time_key:
+                              type: string
+                          type: object
+                        stdout:
+                          properties:
+                            output_type:
+                              type: string
+                          type: object
+                        sumologic:
+                          properties:
+                            collector_key_name:
+                              type: string
+                            collector_value:
+                              type: string
+                            exclude_container_regex:
+                              type: string
+                            exclude_facility_regex:
+                              type: string
+                            exclude_host_regex:
+                              type: string
+                            exclude_namespace_regex:
+                              type: string
+                            exclude_pod_regex:
+                              type: string
+                            exclude_priority_regex:
+                              type: string
+                            exclude_unit_regex:
+                              type: string
+                            log_format:
+                              type: string
+                            source_category:
+                              type: string
+                            source_category_key_name:
+                              type: string
+                            source_category_prefix:
+                              type: string
+                            source_category_replace_dash:
+                              type: string
+                            source_host:
+                              type: string
+                            source_host_key_name:
+                              type: string
+                            source_name:
+                              type: string
+                            source_name_key_name:
+                              type: string
+                            tracing_annotation_prefix:
+                              type: string
+                            tracing_container_name:
+                              type: string
+                            tracing_format:
+                              type: boolean
+                            tracing_host:
+                              type: string
+                            tracing_label_prefix:
+                              type: string
+                            tracing_namespace:
+                              type: string
+                            tracing_pod:
+                              type: string
+                            tracing_pod_id:
+                              type: string
+                          type: object
+                        tag_normaliser:
+                          properties:
+                            format:
+                              type: string
+                            match_tag:
+                              type: string
+                          type: object
+                        throttle:
+                          properties:
+                            group_bucket_limit:
+                              type: integer
+                            group_bucket_period_s:
+                              type: integer
+                            group_drop_logs:
+                              type: boolean
+                            group_key:
+                              type: string
+                            group_reset_rate_s:
+                              type: integer
+                            group_warning_delay_s:
+                              type: integer
+                          type: object
+                        useragent:
+                          properties:
+                            delete_key:
+                              type: boolean
+                            flatten:
+                              type: boolean
+                            key_name:
+                              type: string
+                            out_key:
+                              type: string
+                          type: object
+                      type: object
+                    type: array
+                  flowLabel:
+                    type: string
+                  globalOutputRefs:
+                    items:
+                      type: string
+                    type: array
+                  includeLabelInRouter:
+                    type: boolean
+                  outputRefs:
+                    items:
+                      type: string
+                    type: array
+                type: object
+              enableRecreateWorkloadOnImmutableFieldChange:
+                type: boolean
+              errorOutputRef:
+                type: string
+              flowConfigCheckDisabled:
+                type: boolean
+              flowConfigOverride:
+                type: string
+              fluentbit:
+                properties:
+                  HostNetwork:
+                    type: boolean
+                  affinity:
+                    properties:
+                      nodeAffinity:
+                        properties:
+                          preferredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                preference:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchFields:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                weight:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - preference
+                              - weight
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          requiredDuringSchedulingIgnoredDuringExecution:
+                            properties:
+                              nodeSelectorTerms:
+                                items:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchFields:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            required:
+                            - nodeSelectorTerms
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      podAffinity:
+                        properties:
+                          preferredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                podAffinityTerm:
+                                  properties:
+                                    labelSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    matchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    mismatchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    namespaceSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    namespaces:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    topologyKey:
+                                      type: string
+                                  required:
+                                  - topologyKey
+                                  type: object
+                                weight:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - podAffinityTerm
+                              - weight
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          requiredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                labelSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                matchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                mismatchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                namespaceSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                topologyKey:
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      podAntiAffinity:
+                        properties:
+                          preferredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                podAffinityTerm:
+                                  properties:
+                                    labelSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    matchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    mismatchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    namespaceSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    namespaces:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    topologyKey:
+                                      type: string
+                                  required:
+                                  - topologyKey
+                                  type: object
+                                weight:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - podAffinityTerm
+                              - weight
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          requiredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                labelSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                matchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                mismatchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                namespaceSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                topologyKey:
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                    type: object
+                  annotations:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  bufferStorage:
+                    properties:
+                      storage.backlog.mem_limit:
+                        type: string
+                      storage.checksum:
+                        type: string
+                      storage.delete_irrecoverable_chunks:
+                        type: string
+                      storage.metrics:
+                        type: string
+                      storage.path:
+                        type: string
+                      storage.sync:
+                        type: string
+                    type: object
+                  bufferStorageVolume:
+                    properties:
+                      configMap:
+                        properties:
+                          defaultMode:
+                            format: int32
+                            type: integer
+                          items:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                mode:
+                                  format: int32
+                                  type: integer
+                                path:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          name:
+                            default: ""
+                            type: string
+                          optional:
+                            type: boolean
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      emptyDir:
+                        properties:
+                          medium:
+                            type: string
+                          sizeLimit:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                        type: object
+                      host_path:
+                        properties:
+                          path:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - path
+                        type: object
+                      hostPath:
+                        properties:
+                          path:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - path
+                        type: object
+                      pvc:
+                        properties:
+                          source:
+                            properties:
+                              claimName:
+                                type: string
+                              readOnly:
+                                type: boolean
+                            required:
+                            - claimName
+                            type: object
+                          spec:
+                            properties:
+                              accessModes:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              dataSource:
+                                properties:
+                                  apiGroup:
+                                    type: string
+                                  kind:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              dataSourceRef:
+                                properties:
+                                  apiGroup:
+                                    type: string
+                                  kind:
+                                    type: string
+                                  name:
+                                    type: string
+                                  namespace:
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                              resources:
+                                properties:
+                                  limits:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    type: object
+                                  requests:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    type: object
+                                type: object
+                              selector:
+                                properties:
+                                  matchExpressions:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        operator:
+                                          type: string
+                                        values:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      required:
+                                      - key
+                                      - operator
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  matchLabels:
+                                    additionalProperties:
+                                      type: string
+                                    type: object
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              storageClassName:
+                                type: string
+                              volumeAttributesClassName:
+                                type: string
+                              volumeMode:
+                                type: string
+                              volumeName:
+                                type: string
+                            type: object
+                        type: object
+                      secret:
+                        properties:
+                          defaultMode:
+                            format: int32
+                            type: integer
+                          items:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                mode:
+                                  format: int32
+                                  type: integer
+                                path:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          optional:
+                            type: boolean
+                          secretName:
+                            type: string
+                        type: object
+                    type: object
+                  bufferVolumeArgs:
+                    items:
+                      type: string
+                    type: array
+                  bufferVolumeImage:
+                    properties:
+                      imagePullSecrets:
+                        items:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                      pullPolicy:
+                        type: string
+                      repository:
+                        type: string
+                      tag:
+                        type: string
+                    type: object
+                  bufferVolumeMetrics:
+                    properties:
+                      interval:
+                        type: string
+                      path:
+                        type: string
+                      port:
+                        format: int32
+                        type: integer
+                      prometheusAnnotations:
+                        type: boolean
+                      prometheusRules:
+                        type: boolean
+                      serviceMonitor:
+                        type: boolean
+                      serviceMonitorConfig:
+                        properties:
+                          additionalLabels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          honorLabels:
+                            type: boolean
+                          metricRelabelings:
+                            items:
+                              properties:
+                                action:
+                                  default: replace
+                                  enum:
+                                  - replace
+                                  - Replace
+                                  - keep
+                                  - Keep
+                                  - drop
+                                  - Drop
+                                  - hashmod
+                                  - HashMod
+                                  - labelmap
+                                  - LabelMap
+                                  - labeldrop
+                                  - LabelDrop
+                                  - labelkeep
+                                  - LabelKeep
+                                  - lowercase
+                                  - Lowercase
+                                  - uppercase
+                                  - Uppercase
+                                  - keepequal
+                                  - KeepEqual
+                                  - dropequal
+                                  - DropEqual
+                                  type: string
+                                modulus:
+                                  format: int64
+                                  type: integer
+                                regex:
+                                  type: string
+                                replacement:
+                                  type: string
+                                separator:
+                                  type: string
+                                sourceLabels:
+                                  items:
+                                    pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                    type: string
+                                  type: array
+                                targetLabel:
+                                  type: string
+                              type: object
+                            type: array
+                          relabelings:
+                            items:
+                              properties:
+                                action:
+                                  default: replace
+                                  enum:
+                                  - replace
+                                  - Replace
+                                  - keep
+                                  - Keep
+                                  - drop
+                                  - Drop
+                                  - hashmod
+                                  - HashMod
+                                  - labelmap
+                                  - LabelMap
+                                  - labeldrop
+                                  - LabelDrop
+                                  - labelkeep
+                                  - LabelKeep
+                                  - lowercase
+                                  - Lowercase
+                                  - uppercase
+                                  - Uppercase
+                                  - keepequal
+                                  - KeepEqual
+                                  - dropequal
+                                  - DropEqual
+                                  type: string
+                                modulus:
+                                  format: int64
+                                  type: integer
+                                regex:
+                                  type: string
+                                replacement:
+                                  type: string
+                                separator:
+                                  type: string
+                                sourceLabels:
+                                  items:
+                                    pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                    type: string
+                                  type: array
+                                targetLabel:
+                                  type: string
+                              type: object
+                            type: array
+                          scheme:
+                            type: string
+                          tlsConfig:
+                            properties:
+                              ca:
+                                properties:
+                                  configMap:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              caFile:
+                                type: string
+                              cert:
+                                properties:
+                                  configMap:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              certFile:
+                                type: string
+                              insecureSkipVerify:
+                                type: boolean
+                              keyFile:
+                                type: string
+                              keySecret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              serverName:
+                                type: string
+                            type: object
+                        type: object
+                      timeout:
+                        type: string
+                    type: object
+                  bufferVolumeResources:
+                    properties:
+                      claims:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                          required:
+                          - name
+                          type: object
+                        type: array
+                        x-kubernetes-list-map-keys:
+                        - name
+                        x-kubernetes-list-type: map
+                      limits:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                      requests:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                    type: object
+                  configHotReload:
+                    properties:
+                      image:
+                        properties:
+                          imagePullSecrets:
+                            items:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type: array
+                          pullPolicy:
+                            type: string
+                          repository:
+                            type: string
+                          tag:
+                            type: string
+                        type: object
+                      resources:
+                        properties:
+                          claims:
+                            items:
+                              properties:
+                                name:
+                                  type: string
+                              required:
+                              - name
+                              type: object
+                            type: array
+                            x-kubernetes-list-map-keys:
+                            - name
+                            x-kubernetes-list-type: map
+                          limits:
+                            additionalProperties:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                            type: object
+                          requests:
+                            additionalProperties:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                            type: object
+                        type: object
+                    type: object
+                  coroStackSize:
+                    format: int32
+                    type: integer
+                  customConfigSecret:
+                    type: string
+                  customParsers:
+                    type: string
+                  daemonsetAnnotations:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  disableKubernetesFilter:
+                    type: boolean
+                  dnsConfig:
+                    properties:
+                      nameservers:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      options:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      searches:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  dnsPolicy:
+                    type: string
+                  enableUpstream:
+                    type: boolean
+                  envVars:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        value:
+                          type: string
+                        valueFrom:
+                          properties:
+                            configMapKeyRef:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fieldRef:
+                              properties:
+                                apiVersion:
+                                  type: string
+                                fieldPath:
+                                  type: string
+                              required:
+                              - fieldPath
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            resourceFieldRef:
+                              properties:
+                                containerName:
+                                  type: string
+                                divisor:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                resource:
+                                  type: string
+                              required:
+                              - resource
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secretKeyRef:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  extraVolumeMounts:
+                    items:
+                      properties:
+                        destination:
+                          pattern: ^/.+$
+                          type: string
+                        readOnly:
+                          type: boolean
+                        source:
+                          pattern: ^/.+$
+                          type: string
+                      required:
+                      - destination
+                      - source
+                      type: object
+                    type: array
+                  filterAws:
+                    properties:
+                      Match:
+                        type: string
+                      account_id:
+                        type: boolean
+                      ami_id:
+                        type: boolean
+                      az:
+                        type: boolean
+                      ec2_instance_id:
+                        type: boolean
+                      ec2_instance_type:
+                        type: boolean
+                      hostname:
+                        type: boolean
+                      imds_version:
+                        type: string
+                      private_ip:
+                        type: boolean
+                      vpc_id:
+                        type: boolean
+                    type: object
+                  filterKubernetes:
+                    properties:
+                      Annotations:
+                        type: string
+                      Buffer_Size:
+                        type: string
+                      Cache_Use_Docker_Id:
+                        type: string
+                      DNS_Retries:
+                        type: string
+                      DNS_Wait_Time:
+                        type: string
+                      Dummy_Meta:
+                        type: string
+                      K8S-Logging.Exclude:
+                        type: string
+                      K8S-Logging.Parser:
+                        type: string
+                      Keep_Log:
+                        type: string
+                      Kube_CA_File:
+                        type: string
+                      Kube_CA_Path:
+                        type: string
+                      Kube_Meta_Cache_TTL:
+                        type: string
+                      Kube_Tag_Prefix:
+                        type: string
+                      Kube_Token_File:
+                        type: string
+                      Kube_Token_TTL:
+                        type: string
+                      Kube_URL:
+                        type: string
+                      Kube_meta_preload_cache_dir:
+                        type: string
+                      Kubelet_Port:
+                        type: string
+                      Labels:
+                        type: string
+                      Match:
+                        type: string
+                      Merge_Log:
+                        type: string
+                      Merge_Log_Key:
+                        type: string
+                      Merge_Log_Trim:
+                        type: string
+                      Merge_Parser:
+                        type: string
+                      Regex_Parser:
+                        type: string
+                      Use_Journal:
+                        type: string
+                      Use_Kubelet:
+                        type: string
+                      kube_meta_namespace_cache_ttl:
+                        type: string
+                      namespace_annotations:
+                        type: string
+                      namespace_labels:
+                        type: string
+                      tls.debug:
+                        type: string
+                      tls.verify:
+                        type: string
+                    type: object
+                  filterModify:
+                    items:
+                      properties:
+                        conditions:
+                          items:
+                            properties:
+                              A_key_matches:
+                                properties:
+                                  key:
+                                    type: string
+                                type: object
+                              Key_does_not_exist:
+                                properties:
+                                  key:
+                                    type: string
+                                  value:
+                                    type: string
+                                type: object
+                              Key_exists:
+                                properties:
+                                  key:
+                                    type: string
+                                type: object
+                              Key_value_does_not_equal:
+                                properties:
+                                  key:
+                                    type: string
+                                  value:
+                                    type: string
+                                type: object
+                              Key_value_does_not_match:
+                                properties:
+                                  key:
+                                    type: string
+                                  value:
+                                    type: string
+                                type: object
+                              Key_value_equals:
+                                properties:
+                                  key:
+                                    type: string
+                                  value:
+                                    type: string
+                                type: object
+                              Key_value_matches:
+                                properties:
+                                  key:
+                                    type: string
+                                  value:
+                                    type: string
+                                type: object
+                              Matching_keys_do_not_have_matching_values:
+                                properties:
+                                  key:
+                                    type: string
+                                  value:
+                                    type: string
+                                type: object
+                              Matching_keys_have_matching_values:
+                                properties:
+                                  key:
+                                    type: string
+                                  value:
+                                    type: string
+                                type: object
+                              No_key_matches:
+                                properties:
+                                  key:
+                                    type: string
+                                type: object
+                            type: object
+                          type: array
+                        rules:
+                          items:
+                            properties:
+                              Add:
+                                properties:
+                                  key:
+                                    type: string
+                                  value:
+                                    type: string
+                                type: object
+                              Copy:
+                                properties:
+                                  key:
+                                    type: string
+                                  value:
+                                    type: string
+                                type: object
+                              Hard_copy:
+                                properties:
+                                  key:
+                                    type: string
+                                  value:
+                                    type: string
+                                type: object
+                              Hard_rename:
+                                properties:
+                                  key:
+                                    type: string
+                                  value:
+                                    type: string
+                                type: object
+                              Remove:
+                                properties:
+                                  key:
+                                    type: string
+                                type: object
+                              Remove_regex:
+                                properties:
+                                  key:
+                                    type: string
+                                type: object
+                              Remove_wildcard:
+                                properties:
+                                  key:
+                                    type: string
+                                type: object
+                              Rename:
+                                properties:
+                                  key:
+                                    type: string
+                                  value:
+                                    type: string
+                                type: object
+                              Set:
+                                properties:
+                                  key:
+                                    type: string
+                                  value:
+                                    type: string
+                                type: object
+                            type: object
+                          type: array
+                      type: object
+                    type: array
+                  flush:
+                    format: int32
+                    type: integer
+                  forwardOptions:
+                    properties:
+                      Require_ack_response:
+                        type: boolean
+                      Retry_Limit:
+                        type: string
+                      Send_options:
+                        type: boolean
+                      Tag:
+                        type: string
+                      Time_as_Integer:
+                        type: boolean
+                      Workers:
+                        type: integer
+                      storage.total_limit_size:
+                        type: string
+                    type: object
+                  grace:
+                    format: int32
+                    type: integer
+                  healthCheck:
+                    properties:
+                      hcErrorsCount:
+                        type: integer
+                      hcPeriod:
+                        type: integer
+                      hcRetryFailureCount:
+                        type: integer
+                    type: object
+                  image:
+                    properties:
+                      imagePullSecrets:
+                        items:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                      pullPolicy:
+                        type: string
+                      repository:
+                        type: string
+                      tag:
+                        type: string
+                    type: object
+                  inputTail:
+                    properties:
+                      Buffer_Chunk_Size:
+                        type: string
+                      Buffer_Max_Size:
+                        type: string
+                      DB:
+                        type: string
+                      DB.journal_mode:
+                        type: string
+                      DB.locking:
+                        type: boolean
+                      DB_Sync:
+                        type: string
+                      Docker_Mode:
+                        type: string
+                      Docker_Mode_Flush:
+                        type: string
+                      Docker_Mode_Parser:
+                        type: string
+                      Exclude_Path:
+                        type: string
+                      Ignore_Older:
+                        type: string
+                      Key:
+                        type: string
+                      Mem_Buf_Limit:
+                        type: string
+                      Multiline:
+                        type: string
+                      Multiline_Flush:
+                        type: string
+                      Parser:
+                        type: string
+                      Parser_Firstline:
+                        type: string
+                      Parser_N:
+                        items:
+                          type: string
+                        type: array
+                      Path:
+                        type: string
+                      Path_Key:
+                        type: string
+                      Read_From_Head:
+                        type: boolean
+                      Refresh_Interval:
+                        type: string
+                      Rotate_Wait:
+                        type: string
+                      Skip_Long_Lines:
+                        type: string
+                      Tag:
+                        type: string
+                      Tag_Regex:
+                        type: string
+                      multiline.parser:
+                        items:
+                          type: string
+                        type: array
+                      storage.type:
+                        type: string
+                    type: object
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  livenessDefaultCheck:
+                    type: boolean
+                  livenessProbe:
+                    properties:
+                      exec:
+                        properties:
+                          command:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      failureThreshold:
+                        format: int32
+                        type: integer
+                      grpc:
+                        properties:
+                          port:
+                            format: int32
+                            type: integer
+                          service:
+                            type: string
+                        required:
+                        - port
+                        type: object
+                      httpGet:
+                        properties:
+                          host:
+                            type: string
+                          httpHeaders:
+                            items:
+                              properties:
+                                name:
+                                  type: string
+                                value:
+                                  type: string
+                              required:
+                              - name
+                              - value
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          path:
+                            type: string
+                          port:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                          scheme:
+                            type: string
+                        required:
+                        - port
+                        type: object
+                      initialDelaySeconds:
+                        format: int32
+                        type: integer
+                      periodSeconds:
+                        format: int32
+                        type: integer
+                      successThreshold:
+                        format: int32
+                        type: integer
+                      tcpSocket:
+                        properties:
+                          host:
+                            type: string
+                          port:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                        required:
+                        - port
+                        type: object
+                      terminationGracePeriodSeconds:
+                        format: int64
+                        type: integer
+                      timeoutSeconds:
+                        format: int32
+                        type: integer
+                    type: object
+                  logLevel:
+                    type: string
+                  loggingRef:
+                    type: string
+                  metrics:
+                    properties:
+                      interval:
+                        type: string
+                      path:
+                        type: string
+                      port:
+                        format: int32
+                        type: integer
+                      prometheusAnnotations:
+                        type: boolean
+                      prometheusRules:
+                        type: boolean
+                      serviceMonitor:
+                        type: boolean
+                      serviceMonitorConfig:
+                        properties:
+                          additionalLabels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          honorLabels:
+                            type: boolean
+                          metricRelabelings:
+                            items:
+                              properties:
+                                action:
+                                  default: replace
+                                  enum:
+                                  - replace
+                                  - Replace
+                                  - keep
+                                  - Keep
+                                  - drop
+                                  - Drop
+                                  - hashmod
+                                  - HashMod
+                                  - labelmap
+                                  - LabelMap
+                                  - labeldrop
+                                  - LabelDrop
+                                  - labelkeep
+                                  - LabelKeep
+                                  - lowercase
+                                  - Lowercase
+                                  - uppercase
+                                  - Uppercase
+                                  - keepequal
+                                  - KeepEqual
+                                  - dropequal
+                                  - DropEqual
+                                  type: string
+                                modulus:
+                                  format: int64
+                                  type: integer
+                                regex:
+                                  type: string
+                                replacement:
+                                  type: string
+                                separator:
+                                  type: string
+                                sourceLabels:
+                                  items:
+                                    pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                    type: string
+                                  type: array
+                                targetLabel:
+                                  type: string
+                              type: object
+                            type: array
+                          relabelings:
+                            items:
+                              properties:
+                                action:
+                                  default: replace
+                                  enum:
+                                  - replace
+                                  - Replace
+                                  - keep
+                                  - Keep
+                                  - drop
+                                  - Drop
+                                  - hashmod
+                                  - HashMod
+                                  - labelmap
+                                  - LabelMap
+                                  - labeldrop
+                                  - LabelDrop
+                                  - labelkeep
+                                  - LabelKeep
+                                  - lowercase
+                                  - Lowercase
+                                  - uppercase
+                                  - Uppercase
+                                  - keepequal
+                                  - KeepEqual
+                                  - dropequal
+                                  - DropEqual
+                                  type: string
+                                modulus:
+                                  format: int64
+                                  type: integer
+                                regex:
+                                  type: string
+                                replacement:
+                                  type: string
+                                separator:
+                                  type: string
+                                sourceLabels:
+                                  items:
+                                    pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                    type: string
+                                  type: array
+                                targetLabel:
+                                  type: string
+                              type: object
+                            type: array
+                          scheme:
+                            type: string
+                          tlsConfig:
+                            properties:
+                              ca:
+                                properties:
+                                  configMap:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              caFile:
+                                type: string
+                              cert:
+                                properties:
+                                  configMap:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              certFile:
+                                type: string
+                              insecureSkipVerify:
+                                type: boolean
+                              keyFile:
+                                type: string
+                              keySecret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              serverName:
+                                type: string
+                            type: object
+                        type: object
+                      timeout:
+                        type: string
+                    type: object
+                  mountPath:
+                    type: string
+                  network:
+                    properties:
+                      connectTimeout:
+                        format: int32
+                        type: integer
+                      connectTimeoutLogError:
+                        type: boolean
+                      dnsMode:
+                        type: string
+                      dnsPreferIpv4:
+                        type: boolean
+                      dnsResolver:
+                        type: string
+                      keepalive:
+                        type: boolean
+                      keepaliveIdleTimeout:
+                        format: int32
+                        type: integer
+                      keepaliveMaxRecycle:
+                        format: int32
+                        type: integer
+                      maxWorkerConnections:
+                        type: integer
+                      sourceAddress:
+                        type: string
+                    type: object
+                  nodeSelector:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  parser:
+                    type: string
+                  podPriorityClassName:
+                    type: string
+                  position_db:
+                    properties:
+                      configMap:
+                        properties:
+                          defaultMode:
+                            format: int32
+                            type: integer
+                          items:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                mode:
+                                  format: int32
+                                  type: integer
+                                path:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          name:
+                            default: ""
+                            type: string
+                          optional:
+                            type: boolean
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      emptyDir:
+                        properties:
+                          medium:
+                            type: string
+                          sizeLimit:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                        type: object
+                      host_path:
+                        properties:
+                          path:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - path
+                        type: object
+                      hostPath:
+                        properties:
+                          path:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - path
+                        type: object
+                      pvc:
+                        properties:
+                          source:
+                            properties:
+                              claimName:
+                                type: string
+                              readOnly:
+                                type: boolean
+                            required:
+                            - claimName
+                            type: object
+                          spec:
+                            properties:
+                              accessModes:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              dataSource:
+                                properties:
+                                  apiGroup:
+                                    type: string
+                                  kind:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              dataSourceRef:
+                                properties:
+                                  apiGroup:
+                                    type: string
+                                  kind:
+                                    type: string
+                                  name:
+                                    type: string
+                                  namespace:
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                              resources:
+                                properties:
+                                  limits:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    type: object
+                                  requests:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    type: object
+                                type: object
+                              selector:
+                                properties:
+                                  matchExpressions:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        operator:
+                                          type: string
+                                        values:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      required:
+                                      - key
+                                      - operator
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  matchLabels:
+                                    additionalProperties:
+                                      type: string
+                                    type: object
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              storageClassName:
+                                type: string
+                              volumeAttributesClassName:
+                                type: string
+                              volumeMode:
+                                type: string
+                              volumeName:
+                                type: string
+                            type: object
+                        type: object
+                      secret:
+                        properties:
+                          defaultMode:
+                            format: int32
+                            type: integer
+                          items:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                mode:
+                                  format: int32
+                                  type: integer
+                                path:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          optional:
+                            type: boolean
+                          secretName:
+                            type: string
+                        type: object
+                    type: object
+                  positiondb:
+                    properties:
+                      configMap:
+                        properties:
+                          defaultMode:
+                            format: int32
+                            type: integer
+                          items:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                mode:
+                                  format: int32
+                                  type: integer
+                                path:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          name:
+                            default: ""
+                            type: string
+                          optional:
+                            type: boolean
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      emptyDir:
+                        properties:
+                          medium:
+                            type: string
+                          sizeLimit:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                        type: object
+                      host_path:
+                        properties:
+                          path:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - path
+                        type: object
+                      hostPath:
+                        properties:
+                          path:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - path
+                        type: object
+                      pvc:
+                        properties:
+                          source:
+                            properties:
+                              claimName:
+                                type: string
+                              readOnly:
+                                type: boolean
+                            required:
+                            - claimName
+                            type: object
+                          spec:
+                            properties:
+                              accessModes:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              dataSource:
+                                properties:
+                                  apiGroup:
+                                    type: string
+                                  kind:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              dataSourceRef:
+                                properties:
+                                  apiGroup:
+                                    type: string
+                                  kind:
+                                    type: string
+                                  name:
+                                    type: string
+                                  namespace:
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                              resources:
+                                properties:
+                                  limits:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    type: object
+                                  requests:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    type: object
+                                type: object
+                              selector:
+                                properties:
+                                  matchExpressions:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        operator:
+                                          type: string
+                                        values:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      required:
+                                      - key
+                                      - operator
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  matchLabels:
+                                    additionalProperties:
+                                      type: string
+                                    type: object
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              storageClassName:
+                                type: string
+                              volumeAttributesClassName:
+                                type: string
+                              volumeMode:
+                                type: string
+                              volumeName:
+                                type: string
+                            type: object
+                        type: object
+                      secret:
+                        properties:
+                          defaultMode:
+                            format: int32
+                            type: integer
+                          items:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                mode:
+                                  format: int32
+                                  type: integer
+                                path:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          optional:
+                            type: boolean
+                          secretName:
+                            type: string
+                        type: object
+                    type: object
+                  readinessProbe:
+                    properties:
+                      exec:
+                        properties:
+                          command:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      failureThreshold:
+                        format: int32
+                        type: integer
+                      grpc:
+                        properties:
+                          port:
+                            format: int32
+                            type: integer
+                          service:
+                            type: string
+                        required:
+                        - port
+                        type: object
+                      httpGet:
+                        properties:
+                          host:
+                            type: string
+                          httpHeaders:
+                            items:
+                              properties:
+                                name:
+                                  type: string
+                                value:
+                                  type: string
+                              required:
+                              - name
+                              - value
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          path:
+                            type: string
+                          port:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                          scheme:
+                            type: string
+                        required:
+                        - port
+                        type: object
+                      initialDelaySeconds:
+                        format: int32
+                        type: integer
+                      periodSeconds:
+                        format: int32
+                        type: integer
+                      successThreshold:
+                        format: int32
+                        type: integer
+                      tcpSocket:
+                        properties:
+                          host:
+                            type: string
+                          port:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                        required:
+                        - port
+                        type: object
+                      terminationGracePeriodSeconds:
+                        format: int64
+                        type: integer
+                      timeoutSeconds:
+                        format: int32
+                        type: integer
+                    type: object
+                  resources:
+                    properties:
+                      claims:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                          required:
+                          - name
+                          type: object
+                        type: array
+                        x-kubernetes-list-map-keys:
+                        - name
+                        x-kubernetes-list-type: map
+                      limits:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                      requests:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                    type: object
+                  security:
+                    properties:
+                      podSecurityContext:
+                        properties:
+                          appArmorProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          fsGroup:
+                            format: int64
+                            type: integer
+                          fsGroupChangePolicy:
+                            type: string
+                          runAsGroup:
+                            format: int64
+                            type: integer
+                          runAsNonRoot:
+                            type: boolean
+                          runAsUser:
+                            format: int64
+                            type: integer
+                          seLinuxOptions:
+                            properties:
+                              level:
+                                type: string
+                              role:
+                                type: string
+                              type:
+                                type: string
+                              user:
+                                type: string
+                            type: object
+                          seccompProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          supplementalGroups:
+                            items:
+                              format: int64
+                              type: integer
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          sysctls:
+                            items:
+                              properties:
+                                name:
+                                  type: string
+                                value:
+                                  type: string
+                              required:
+                              - name
+                              - value
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          windowsOptions:
+                            properties:
+                              gmsaCredentialSpec:
+                                type: string
+                              gmsaCredentialSpecName:
+                                type: string
+                              hostProcess:
+                                type: boolean
+                              runAsUserName:
+                                type: string
+                            type: object
+                        type: object
+                      podSecurityPolicyCreate:
+                        type: boolean
+                      roleBasedAccessControlCreate:
+                        type: boolean
+                      securityContext:
+                        properties:
+                          allowPrivilegeEscalation:
+                            type: boolean
+                          appArmorProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          capabilities:
+                            properties:
+                              add:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              drop:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            type: object
+                          privileged:
+                            type: boolean
+                          procMount:
+                            type: string
+                          readOnlyRootFilesystem:
+                            type: boolean
+                          runAsGroup:
+                            format: int64
+                            type: integer
+                          runAsNonRoot:
+                            type: boolean
+                          runAsUser:
+                            format: int64
+                            type: integer
+                          seLinuxOptions:
+                            properties:
+                              level:
+                                type: string
+                              role:
+                                type: string
+                              type:
+                                type: string
+                              user:
+                                type: string
+                            type: object
+                          seccompProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          windowsOptions:
+                            properties:
+                              gmsaCredentialSpec:
+                                type: string
+                              gmsaCredentialSpecName:
+                                type: string
+                              hostProcess:
+                                type: boolean
+                              runAsUserName:
+                                type: string
+                            type: object
+                        type: object
+                      serviceAccount:
+                        type: string
+                    type: object
+                  serviceAccount:
+                    properties:
+                      automountServiceAccountToken:
+                        type: boolean
+                      imagePullSecrets:
+                        items:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                      metadata:
+                        properties:
+                          annotations:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          labels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                        type: object
+                      secrets:
+                        items:
+                          properties:
+                            apiVersion:
+                              type: string
+                            fieldPath:
+                              type: string
+                            kind:
+                              type: string
+                            name:
+                              type: string
+                            namespace:
+                              type: string
+                            resourceVersion:
+                              type: string
+                            uid:
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                    type: object
+                  syslogng_output:
+                    properties:
+                      Retry_Limit:
+                        type: string
+                      Workers:
+                        type: integer
+                      json_date_format:
+                        type: string
+                      json_date_key:
+                        type: string
+                    type: object
+                  targetHost:
+                    type: string
+                  targetPort:
+                    format: int32
+                    type: integer
+                  tls:
+                    properties:
+                      enabled:
+                        type: boolean
+                      secretName:
+                        type: string
+                      sharedKey:
+                        type: string
+                    required:
+                    - enabled
+                    type: object
+                  tolerations:
+                    items:
+                      properties:
+                        effect:
+                          type: string
+                        key:
+                          type: string
+                        operator:
+                          type: string
+                        tolerationSeconds:
+                          format: int64
+                          type: integer
+                        value:
+                          type: string
+                      type: object
+                    type: array
+                  updateStrategy:
+                    properties:
+                      rollingUpdate:
+                        properties:
+                          maxSurge:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                          maxUnavailable:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                        type: object
+                      type:
+                        type: string
+                    type: object
+                type: object
+              fluentd:
+                properties:
+                  affinity:
+                    properties:
+                      nodeAffinity:
+                        properties:
+                          preferredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                preference:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchFields:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                weight:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - preference
+                              - weight
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          requiredDuringSchedulingIgnoredDuringExecution:
+                            properties:
+                              nodeSelectorTerms:
+                                items:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchFields:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            required:
+                            - nodeSelectorTerms
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      podAffinity:
+                        properties:
+                          preferredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                podAffinityTerm:
+                                  properties:
+                                    labelSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    matchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    mismatchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    namespaceSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    namespaces:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    topologyKey:
+                                      type: string
+                                  required:
+                                  - topologyKey
+                                  type: object
+                                weight:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - podAffinityTerm
+                              - weight
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          requiredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                labelSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                matchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                mismatchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                namespaceSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                topologyKey:
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      podAntiAffinity:
+                        properties:
+                          preferredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                podAffinityTerm:
+                                  properties:
+                                    labelSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    matchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    mismatchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    namespaceSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    namespaces:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    topologyKey:
+                                      type: string
+                                  required:
+                                  - topologyKey
+                                  type: object
+                                weight:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - podAffinityTerm
+                              - weight
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          requiredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                labelSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                matchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                mismatchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                namespaceSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                topologyKey:
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                    type: object
+                  annotations:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  bufferStorageVolume:
+                    properties:
+                      configMap:
+                        properties:
+                          defaultMode:
+                            format: int32
+                            type: integer
+                          items:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                mode:
+                                  format: int32
+                                  type: integer
+                                path:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          name:
+                            default: ""
+                            type: string
+                          optional:
+                            type: boolean
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      emptyDir:
+                        properties:
+                          medium:
+                            type: string
+                          sizeLimit:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                        type: object
+                      host_path:
+                        properties:
+                          path:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - path
+                        type: object
+                      hostPath:
+                        properties:
+                          path:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - path
+                        type: object
+                      pvc:
+                        properties:
+                          source:
+                            properties:
+                              claimName:
+                                type: string
+                              readOnly:
+                                type: boolean
+                            required:
+                            - claimName
+                            type: object
+                          spec:
+                            properties:
+                              accessModes:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              dataSource:
+                                properties:
+                                  apiGroup:
+                                    type: string
+                                  kind:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              dataSourceRef:
+                                properties:
+                                  apiGroup:
+                                    type: string
+                                  kind:
+                                    type: string
+                                  name:
+                                    type: string
+                                  namespace:
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                              resources:
+                                properties:
+                                  limits:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    type: object
+                                  requests:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    type: object
+                                type: object
+                              selector:
+                                properties:
+                                  matchExpressions:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        operator:
+                                          type: string
+                                        values:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      required:
+                                      - key
+                                      - operator
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  matchLabels:
+                                    additionalProperties:
+                                      type: string
+                                    type: object
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              storageClassName:
+                                type: string
+                              volumeAttributesClassName:
+                                type: string
+                              volumeMode:
+                                type: string
+                              volumeName:
+                                type: string
+                            type: object
+                        type: object
+                      secret:
+                        properties:
+                          defaultMode:
+                            format: int32
+                            type: integer
+                          items:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                mode:
+                                  format: int32
+                                  type: integer
+                                path:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          optional:
+                            type: boolean
+                          secretName:
+                            type: string
+                        type: object
+                    type: object
+                  bufferVolumeArgs:
+                    items:
+                      type: string
+                    type: array
+                  bufferVolumeImage:
+                    properties:
+                      imagePullSecrets:
+                        items:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                      pullPolicy:
+                        type: string
+                      repository:
+                        type: string
+                      tag:
+                        type: string
+                    type: object
+                  bufferVolumeMetrics:
+                    properties:
+                      interval:
+                        type: string
+                      path:
+                        type: string
+                      port:
+                        format: int32
+                        type: integer
+                      prometheusAnnotations:
+                        type: boolean
+                      prometheusRules:
+                        type: boolean
+                      serviceMonitor:
+                        type: boolean
+                      serviceMonitorConfig:
+                        properties:
+                          additionalLabels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          honorLabels:
+                            type: boolean
+                          metricRelabelings:
+                            items:
+                              properties:
+                                action:
+                                  default: replace
+                                  enum:
+                                  - replace
+                                  - Replace
+                                  - keep
+                                  - Keep
+                                  - drop
+                                  - Drop
+                                  - hashmod
+                                  - HashMod
+                                  - labelmap
+                                  - LabelMap
+                                  - labeldrop
+                                  - LabelDrop
+                                  - labelkeep
+                                  - LabelKeep
+                                  - lowercase
+                                  - Lowercase
+                                  - uppercase
+                                  - Uppercase
+                                  - keepequal
+                                  - KeepEqual
+                                  - dropequal
+                                  - DropEqual
+                                  type: string
+                                modulus:
+                                  format: int64
+                                  type: integer
+                                regex:
+                                  type: string
+                                replacement:
+                                  type: string
+                                separator:
+                                  type: string
+                                sourceLabels:
+                                  items:
+                                    pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                    type: string
+                                  type: array
+                                targetLabel:
+                                  type: string
+                              type: object
+                            type: array
+                          relabelings:
+                            items:
+                              properties:
+                                action:
+                                  default: replace
+                                  enum:
+                                  - replace
+                                  - Replace
+                                  - keep
+                                  - Keep
+                                  - drop
+                                  - Drop
+                                  - hashmod
+                                  - HashMod
+                                  - labelmap
+                                  - LabelMap
+                                  - labeldrop
+                                  - LabelDrop
+                                  - labelkeep
+                                  - LabelKeep
+                                  - lowercase
+                                  - Lowercase
+                                  - uppercase
+                                  - Uppercase
+                                  - keepequal
+                                  - KeepEqual
+                                  - dropequal
+                                  - DropEqual
+                                  type: string
+                                modulus:
+                                  format: int64
+                                  type: integer
+                                regex:
+                                  type: string
+                                replacement:
+                                  type: string
+                                separator:
+                                  type: string
+                                sourceLabels:
+                                  items:
+                                    pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                    type: string
+                                  type: array
+                                targetLabel:
+                                  type: string
+                              type: object
+                            type: array
+                          scheme:
+                            type: string
+                          tlsConfig:
+                            properties:
+                              ca:
+                                properties:
+                                  configMap:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              caFile:
+                                type: string
+                              cert:
+                                properties:
+                                  configMap:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              certFile:
+                                type: string
+                              insecureSkipVerify:
+                                type: boolean
+                              keyFile:
+                                type: string
+                              keySecret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              serverName:
+                                type: string
+                            type: object
+                        type: object
+                      timeout:
+                        type: string
+                    type: object
+                  bufferVolumeResources:
+                    properties:
+                      claims:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                          required:
+                          - name
+                          type: object
+                        type: array
+                        x-kubernetes-list-map-keys:
+                        - name
+                        x-kubernetes-list-type: map
+                      limits:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                      requests:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                    type: object
+                  compressConfigFile:
+                    type: boolean
+                  configCheck:
+                    properties:
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      strategy:
+                        type: string
+                      timeoutSeconds:
+                        type: integer
+                    type: object
+                  configCheckAnnotations:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  configCheckResources:
+                    properties:
+                      claims:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                          required:
+                          - name
+                          type: object
+                        type: array
+                        x-kubernetes-list-map-keys:
+                        - name
+                        x-kubernetes-list-type: map
+                      limits:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                      requests:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                    type: object
+                  configReloaderImage:
+                    properties:
+                      imagePullSecrets:
+                        items:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                      pullPolicy:
+                        type: string
+                      repository:
+                        type: string
+                      tag:
+                        type: string
+                    type: object
+                  configReloaderResources:
+                    properties:
+                      claims:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                          required:
+                          - name
+                          type: object
+                        type: array
+                        x-kubernetes-list-map-keys:
+                        - name
+                        x-kubernetes-list-type: map
+                      limits:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                      requests:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                    type: object
+                  disablePvc:
+                    type: boolean
+                  dnsConfig:
+                    properties:
+                      nameservers:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      options:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      searches:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  dnsPolicy:
+                    type: string
+                  enableMsgpackTimeSupport:
+                    type: boolean
+                  envVars:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        value:
+                          type: string
+                        valueFrom:
+                          properties:
+                            configMapKeyRef:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fieldRef:
+                              properties:
+                                apiVersion:
+                                  type: string
+                                fieldPath:
+                                  type: string
+                              required:
+                              - fieldPath
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            resourceFieldRef:
+                              properties:
+                                containerName:
+                                  type: string
+                                divisor:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                resource:
+                                  type: string
+                              required:
+                              - resource
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secretKeyRef:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  extraArgs:
+                    items:
+                      type: string
+                    type: array
+                  extraVolumes:
+                    items:
+                      properties:
+                        containerName:
+                          type: string
+                        path:
+                          type: string
+                        volume:
+                          properties:
+                            configMap:
+                              properties:
+                                defaultMode:
+                                  format: int32
+                                  type: integer
+                                items:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      mode:
+                                        format: int32
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - key
+                                    - path
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            emptyDir:
+                              properties:
+                                medium:
+                                  type: string
+                                sizeLimit:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                              type: object
+                            host_path:
+                              properties:
+                                path:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - path
+                              type: object
+                            hostPath:
+                              properties:
+                                path:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - path
+                              type: object
+                            pvc:
+                              properties:
+                                source:
+                                  properties:
+                                    claimName:
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                  required:
+                                  - claimName
+                                  type: object
+                                spec:
+                                  properties:
+                                    accessModes:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    dataSource:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    dataSourceRef:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                        namespace:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                    resources:
+                                      properties:
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    selector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    storageClassName:
+                                      type: string
+                                    volumeAttributesClassName:
+                                      type: string
+                                    volumeMode:
+                                      type: string
+                                    volumeName:
+                                      type: string
+                                  type: object
+                              type: object
+                            secret:
+                              properties:
+                                defaultMode:
+                                  format: int32
+                                  type: integer
+                                items:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      mode:
+                                        format: int32
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - key
+                                    - path
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                optional:
+                                  type: boolean
+                                secretName:
+                                  type: string
+                              type: object
+                          type: object
+                        volumeName:
+                          type: string
+                      type: object
+                    type: array
+                  fluentLogDestination:
+                    type: string
+                  fluentOutLogrotate:
+                    properties:
+                      age:
+                        type: string
+                      enabled:
+                        type: boolean
+                      path:
+                        type: string
+                      size:
+                        type: string
+                    required:
+                    - enabled
+                    type: object
+                  fluentdPvcSpec:
+                    properties:
+                      configMap:
+                        properties:
+                          defaultMode:
+                            format: int32
+                            type: integer
+                          items:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                mode:
+                                  format: int32
+                                  type: integer
+                                path:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          name:
+                            default: ""
+                            type: string
+                          optional:
+                            type: boolean
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      emptyDir:
+                        properties:
+                          medium:
+                            type: string
+                          sizeLimit:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                        type: object
+                      host_path:
+                        properties:
+                          path:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - path
+                        type: object
+                      hostPath:
+                        properties:
+                          path:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - path
+                        type: object
+                      pvc:
+                        properties:
+                          source:
+                            properties:
+                              claimName:
+                                type: string
+                              readOnly:
+                                type: boolean
+                            required:
+                            - claimName
+                            type: object
+                          spec:
+                            properties:
+                              accessModes:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              dataSource:
+                                properties:
+                                  apiGroup:
+                                    type: string
+                                  kind:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              dataSourceRef:
+                                properties:
+                                  apiGroup:
+                                    type: string
+                                  kind:
+                                    type: string
+                                  name:
+                                    type: string
+                                  namespace:
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                              resources:
+                                properties:
+                                  limits:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    type: object
+                                  requests:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    type: object
+                                type: object
+                              selector:
+                                properties:
+                                  matchExpressions:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        operator:
+                                          type: string
+                                        values:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      required:
+                                      - key
+                                      - operator
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  matchLabels:
+                                    additionalProperties:
+                                      type: string
+                                    type: object
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              storageClassName:
+                                type: string
+                              volumeAttributesClassName:
+                                type: string
+                              volumeMode:
+                                type: string
+                              volumeName:
+                                type: string
+                            type: object
+                        type: object
+                      secret:
+                        properties:
+                          defaultMode:
+                            format: int32
+                            type: integer
+                          items:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                mode:
+                                  format: int32
+                                  type: integer
+                                path:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          optional:
+                            type: boolean
+                          secretName:
+                            type: string
+                        type: object
+                    type: object
+                  forwardInputConfig:
+                    properties:
+                      add_tag_prefix:
+                        type: string
+                      bind:
+                        type: string
+                      chunk_size_limit:
+                        type: string
+                      chunk_size_warn_limit:
+                        type: string
+                      deny_keepalive:
+                        type: boolean
+                      linger_timeout:
+                        type: integer
+                      port:
+                        type: string
+                      resolve_hostname:
+                        type: boolean
+                      security:
+                        properties:
+                          allow_anonymous_source:
+                            type: boolean
+                          self_hostname:
+                            type: string
+                          shared_key:
+                            type: string
+                          user_auth:
+                            type: boolean
+                        required:
+                        - self_hostname
+                        - shared_key
+                        type: object
+                      send_keepalive_packet:
+                        type: boolean
+                      skip_invalid_event:
+                        type: boolean
+                      source_address_key:
+                        type: string
+                      sourceHostnameKey:
+                        type: string
+                      tag:
+                        type: string
+                      transport:
+                        properties:
+                          ca_cert_path:
+                            type: string
+                          ca_path:
+                            type: string
+                          ca_private_key_passphrase:
+                            type: string
+                          ca_private_key_path:
+                            type: string
+                          cert_path:
+                            type: string
+                          ciphers:
+                            type: string
+                          client_cert_auth:
+                            type: boolean
+                          insecure:
+                            type: boolean
+                          private_key_passphrase:
+                            type: string
+                          private_key_path:
+                            type: string
+                          protocol:
+                            type: string
+                          version:
+                            type: string
+                        type: object
+                    type: object
+                  ignoreRepeatedLogInterval:
+                    type: string
+                  ignoreSameLogInterval:
+                    type: string
+                  image:
+                    properties:
+                      imagePullSecrets:
+                        items:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                      pullPolicy:
+                        type: string
+                      repository:
+                        type: string
+                      tag:
+                        type: string
+                    type: object
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  livenessDefaultCheck:
+                    type: boolean
+                  livenessProbe:
+                    properties:
+                      exec:
+                        properties:
+                          command:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      failureThreshold:
+                        format: int32
+                        type: integer
+                      grpc:
+                        properties:
+                          port:
+                            format: int32
+                            type: integer
+                          service:
+                            type: string
+                        required:
+                        - port
+                        type: object
+                      httpGet:
+                        properties:
+                          host:
+                            type: string
+                          httpHeaders:
+                            items:
+                              properties:
+                                name:
+                                  type: string
+                                value:
+                                  type: string
+                              required:
+                              - name
+                              - value
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          path:
+                            type: string
+                          port:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                          scheme:
+                            type: string
+                        required:
+                        - port
+                        type: object
+                      initialDelaySeconds:
+                        format: int32
+                        type: integer
+                      periodSeconds:
+                        format: int32
+                        type: integer
+                      successThreshold:
+                        format: int32
+                        type: integer
+                      tcpSocket:
+                        properties:
+                          host:
+                            type: string
+                          port:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                        required:
+                        - port
+                        type: object
+                      terminationGracePeriodSeconds:
+                        format: int64
+                        type: integer
+                      timeoutSeconds:
+                        format: int32
+                        type: integer
+                    type: object
+                  logFormat:
+                    type: string
+                  logLevel:
+                    type: string
+                  metrics:
+                    properties:
+                      interval:
+                        type: string
+                      path:
+                        type: string
+                      port:
+                        format: int32
+                        type: integer
+                      prometheusAnnotations:
+                        type: boolean
+                      prometheusRules:
+                        type: boolean
+                      serviceMonitor:
+                        type: boolean
+                      serviceMonitorConfig:
+                        properties:
+                          additionalLabels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          honorLabels:
+                            type: boolean
+                          metricRelabelings:
+                            items:
+                              properties:
+                                action:
+                                  default: replace
+                                  enum:
+                                  - replace
+                                  - Replace
+                                  - keep
+                                  - Keep
+                                  - drop
+                                  - Drop
+                                  - hashmod
+                                  - HashMod
+                                  - labelmap
+                                  - LabelMap
+                                  - labeldrop
+                                  - LabelDrop
+                                  - labelkeep
+                                  - LabelKeep
+                                  - lowercase
+                                  - Lowercase
+                                  - uppercase
+                                  - Uppercase
+                                  - keepequal
+                                  - KeepEqual
+                                  - dropequal
+                                  - DropEqual
+                                  type: string
+                                modulus:
+                                  format: int64
+                                  type: integer
+                                regex:
+                                  type: string
+                                replacement:
+                                  type: string
+                                separator:
+                                  type: string
+                                sourceLabels:
+                                  items:
+                                    pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                    type: string
+                                  type: array
+                                targetLabel:
+                                  type: string
+                              type: object
+                            type: array
+                          relabelings:
+                            items:
+                              properties:
+                                action:
+                                  default: replace
+                                  enum:
+                                  - replace
+                                  - Replace
+                                  - keep
+                                  - Keep
+                                  - drop
+                                  - Drop
+                                  - hashmod
+                                  - HashMod
+                                  - labelmap
+                                  - LabelMap
+                                  - labeldrop
+                                  - LabelDrop
+                                  - labelkeep
+                                  - LabelKeep
+                                  - lowercase
+                                  - Lowercase
+                                  - uppercase
+                                  - Uppercase
+                                  - keepequal
+                                  - KeepEqual
+                                  - dropequal
+                                  - DropEqual
+                                  type: string
+                                modulus:
+                                  format: int64
+                                  type: integer
+                                regex:
+                                  type: string
+                                replacement:
+                                  type: string
+                                separator:
+                                  type: string
+                                sourceLabels:
+                                  items:
+                                    pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                    type: string
+                                  type: array
+                                targetLabel:
+                                  type: string
+                              type: object
+                            type: array
+                          scheme:
+                            type: string
+                          tlsConfig:
+                            properties:
+                              ca:
+                                properties:
+                                  configMap:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              caFile:
+                                type: string
+                              cert:
+                                properties:
+                                  configMap:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              certFile:
+                                type: string
+                              insecureSkipVerify:
+                                type: boolean
+                              keyFile:
+                                type: string
+                              keySecret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              serverName:
+                                type: string
+                            type: object
+                        type: object
+                      timeout:
+                        type: string
+                    type: object
+                  nodeSelector:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  pdb:
+                    properties:
+                      maxUnavailable:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                      minAvailable:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                      unhealthyPodEvictionPolicy:
+                        type: string
+                    type: object
+                  podPriorityClassName:
+                    type: string
+                  port:
+                    format: int32
+                    type: integer
+                  readinessDefaultCheck:
+                    properties:
+                      bufferFileNumber:
+                        type: boolean
+                      bufferFileNumberMax:
+                        format: int32
+                        type: integer
+                      bufferFreeSpace:
+                        type: boolean
+                      bufferFreeSpaceThreshold:
+                        format: int32
+                        type: integer
+                      failureThreshold:
+                        format: int32
+                        type: integer
+                      initialDelaySeconds:
+                        format: int32
+                        type: integer
+                      periodSeconds:
+                        format: int32
+                        type: integer
+                      successThreshold:
+                        format: int32
+                        type: integer
+                      timeoutSeconds:
+                        format: int32
+                        type: integer
+                    type: object
+                  readinessProbe:
+                    properties:
+                      exec:
+                        properties:
+                          command:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      failureThreshold:
+                        format: int32
+                        type: integer
+                      grpc:
+                        properties:
+                          port:
+                            format: int32
+                            type: integer
+                          service:
+                            type: string
+                        required:
+                        - port
+                        type: object
+                      httpGet:
+                        properties:
+                          host:
+                            type: string
+                          httpHeaders:
+                            items:
+                              properties:
+                                name:
+                                  type: string
+                                value:
+                                  type: string
+                              required:
+                              - name
+                              - value
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          path:
+                            type: string
+                          port:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                          scheme:
+                            type: string
+                        required:
+                        - port
+                        type: object
+                      initialDelaySeconds:
+                        format: int32
+                        type: integer
+                      periodSeconds:
+                        format: int32
+                        type: integer
+                      successThreshold:
+                        format: int32
+                        type: integer
+                      tcpSocket:
+                        properties:
+                          host:
+                            type: string
+                          port:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            x-kubernetes-int-or-string: true
+                        required:
+                        - port
+                        type: object
+                      terminationGracePeriodSeconds:
+                        format: int64
+                        type: integer
+                      timeoutSeconds:
+                        format: int32
+                        type: integer
+                    type: object
+                  resources:
+                    properties:
+                      claims:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                          required:
+                          - name
+                          type: object
+                        type: array
+                        x-kubernetes-list-map-keys:
+                        - name
+                        x-kubernetes-list-type: map
+                      limits:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                      requests:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                    type: object
+                  rootDir:
+                    type: string
+                  scaling:
+                    properties:
+                      drain:
+                        properties:
+                          annotations:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          deleteVolume:
+                            type: boolean
+                          enabled:
+                            type: boolean
+                          image:
+                            properties:
+                              imagePullSecrets:
+                                items:
+                                  properties:
+                                    name:
+                                      default: ""
+                                      type: string
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                type: array
+                              pullPolicy:
+                                type: string
+                              repository:
+                                type: string
+                              tag:
+                                type: string
+                            type: object
+                          labels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          pauseImage:
+                            properties:
+                              imagePullSecrets:
+                                items:
+                                  properties:
+                                    name:
+                                      default: ""
+                                      type: string
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                type: array
+                              pullPolicy:
+                                type: string
+                              repository:
+                                type: string
+                              tag:
+                                type: string
+                            type: object
+                          resources:
+                            properties:
+                              claims:
+                                items:
+                                  properties:
+                                    name:
+                                      type: string
+                                  required:
+                                  - name
+                                  type: object
+                                type: array
+                                x-kubernetes-list-map-keys:
+                                - name
+                                x-kubernetes-list-type: map
+                              limits:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                type: object
+                              requests:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                type: object
+                            type: object
+                          securityContext:
+                            properties:
+                              allowPrivilegeEscalation:
+                                type: boolean
+                              appArmorProfile:
+                                properties:
+                                  localhostProfile:
+                                    type: string
+                                  type:
+                                    type: string
+                                required:
+                                - type
+                                type: object
+                              capabilities:
+                                properties:
+                                  add:
+                                    items:
+                                      type: string
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  drop:
+                                    items:
+                                      type: string
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                type: object
+                              privileged:
+                                type: boolean
+                              procMount:
+                                type: string
+                              readOnlyRootFilesystem:
+                                type: boolean
+                              runAsGroup:
+                                format: int64
+                                type: integer
+                              runAsNonRoot:
+                                type: boolean
+                              runAsUser:
+                                format: int64
+                                type: integer
+                              seLinuxOptions:
+                                properties:
+                                  level:
+                                    type: string
+                                  role:
+                                    type: string
+                                  type:
+                                    type: string
+                                  user:
+                                    type: string
+                                type: object
+                              seccompProfile:
+                                properties:
+                                  localhostProfile:
+                                    type: string
+                                  type:
+                                    type: string
+                                required:
+                                - type
+                                type: object
+                              windowsOptions:
+                                properties:
+                                  gmsaCredentialSpec:
+                                    type: string
+                                  gmsaCredentialSpecName:
+                                    type: string
+                                  hostProcess:
+                                    type: boolean
+                                  runAsUserName:
+                                    type: string
+                                type: object
+                            type: object
+                        type: object
+                      podManagementPolicy:
+                        type: string
+                      replicas:
+                        type: integer
+                    type: object
+                  security:
+                    properties:
+                      podSecurityContext:
+                        properties:
+                          appArmorProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          fsGroup:
+                            format: int64
+                            type: integer
+                          fsGroupChangePolicy:
+                            type: string
+                          runAsGroup:
+                            format: int64
+                            type: integer
+                          runAsNonRoot:
+                            type: boolean
+                          runAsUser:
+                            format: int64
+                            type: integer
+                          seLinuxOptions:
+                            properties:
+                              level:
+                                type: string
+                              role:
+                                type: string
+                              type:
+                                type: string
+                              user:
+                                type: string
+                            type: object
+                          seccompProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          supplementalGroups:
+                            items:
+                              format: int64
+                              type: integer
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          sysctls:
+                            items:
+                              properties:
+                                name:
+                                  type: string
+                                value:
+                                  type: string
+                              required:
+                              - name
+                              - value
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          windowsOptions:
+                            properties:
+                              gmsaCredentialSpec:
+                                type: string
+                              gmsaCredentialSpecName:
+                                type: string
+                              hostProcess:
+                                type: boolean
+                              runAsUserName:
+                                type: string
+                            type: object
+                        type: object
+                      podSecurityPolicyCreate:
+                        type: boolean
+                      roleBasedAccessControlCreate:
+                        type: boolean
+                      securityContext:
+                        properties:
+                          allowPrivilegeEscalation:
+                            type: boolean
+                          appArmorProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          capabilities:
+                            properties:
+                              add:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              drop:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            type: object
+                          privileged:
+                            type: boolean
+                          procMount:
+                            type: string
+                          readOnlyRootFilesystem:
+                            type: boolean
+                          runAsGroup:
+                            format: int64
+                            type: integer
+                          runAsNonRoot:
+                            type: boolean
+                          runAsUser:
+                            format: int64
+                            type: integer
+                          seLinuxOptions:
+                            properties:
+                              level:
+                                type: string
+                              role:
+                                type: string
+                              type:
+                                type: string
+                              user:
+                                type: string
+                            type: object
+                          seccompProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          windowsOptions:
+                            properties:
+                              gmsaCredentialSpec:
+                                type: string
+                              gmsaCredentialSpecName:
+                                type: string
+                              hostProcess:
+                                type: boolean
+                              runAsUserName:
+                                type: string
+                            type: object
+                        type: object
+                      serviceAccount:
+                        type: string
+                    type: object
+                  serviceAccount:
+                    properties:
+                      automountServiceAccountToken:
+                        type: boolean
+                      imagePullSecrets:
+                        items:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                      metadata:
+                        properties:
+                          annotations:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          labels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                        type: object
+                      secrets:
+                        items:
+                          properties:
+                            apiVersion:
+                              type: string
+                            fieldPath:
+                              type: string
+                            kind:
+                              type: string
+                            name:
+                              type: string
+                            namespace:
+                              type: string
+                            resourceVersion:
+                              type: string
+                            uid:
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                    type: object
+                  sidecarContainers:
+                    items:
+                      properties:
+                        args:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        command:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        env:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
+                                properties:
+                                  configMapKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        envFrom:
+                          items:
+                            properties:
+                              configMapRef:
+                                properties:
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              prefix:
+                                type: string
+                              secretRef:
+                                properties:
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        image:
+                          type: string
+                        imagePullPolicy:
+                          type: string
+                        lifecycle:
+                          properties:
+                            postStart:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                            preStop:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                          type: object
+                        livenessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        name:
+                          type: string
+                        ports:
+                          items:
+                            properties:
+                              containerPort:
+                                format: int32
+                                type: integer
+                              hostIP:
+                                type: string
+                              hostPort:
+                                format: int32
+                                type: integer
+                              name:
+                                type: string
+                              protocol:
+                                default: TCP
+                                type: string
+                            required:
+                            - containerPort
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - containerPort
+                          - protocol
+                          x-kubernetes-list-type: map
+                        readinessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        resizePolicy:
+                          items:
+                            properties:
+                              resourceName:
+                                type: string
+                              restartPolicy:
+                                type: string
+                            required:
+                            - resourceName
+                            - restartPolicy
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        resources:
+                          properties:
+                            claims:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                required:
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            limits:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                            requests:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                          type: object
+                        restartPolicy:
+                          type: string
+                        securityContext:
+                          properties:
+                            allowPrivilegeEscalation:
+                              type: boolean
+                            appArmorProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            capabilities:
+                              properties:
+                                add:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                drop:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            privileged:
+                              type: boolean
+                            procMount:
+                              type: string
+                            readOnlyRootFilesystem:
+                              type: boolean
+                            runAsGroup:
+                              format: int64
+                              type: integer
+                            runAsNonRoot:
+                              type: boolean
+                            runAsUser:
+                              format: int64
+                              type: integer
+                            seLinuxOptions:
+                              properties:
+                                level:
+                                  type: string
+                                role:
+                                  type: string
+                                type:
+                                  type: string
+                                user:
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            windowsOptions:
+                              properties:
+                                gmsaCredentialSpec:
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  type: string
+                                hostProcess:
+                                  type: boolean
+                                runAsUserName:
+                                  type: string
+                              type: object
+                          type: object
+                        startupProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        stdin:
+                          type: boolean
+                        stdinOnce:
+                          type: boolean
+                        terminationMessagePath:
+                          type: string
+                        terminationMessagePolicy:
+                          type: string
+                        tty:
+                          type: boolean
+                        volumeDevices:
+                          items:
+                            properties:
+                              devicePath:
+                                type: string
+                              name:
+                                type: string
+                            required:
+                            - devicePath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - devicePath
+                          x-kubernetes-list-type: map
+                        volumeMounts:
+                          items:
+                            properties:
+                              mountPath:
+                                type: string
+                              mountPropagation:
+                                type: string
+                              name:
+                                type: string
+                              readOnly:
+                                type: boolean
+                              recursiveReadOnly:
+                                type: string
+                              subPath:
+                                type: string
+                              subPathExpr:
+                                type: string
+                            required:
+                            - mountPath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - mountPath
+                          x-kubernetes-list-type: map
+                        workingDir:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  statefulsetAnnotations:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  tls:
+                    properties:
+                      enabled:
+                        type: boolean
+                      secretName:
+                        type: string
+                      sharedKey:
+                        type: string
+                    required:
+                    - enabled
+                    type: object
+                  tolerations:
+                    items:
+                      properties:
+                        effect:
+                          type: string
+                        key:
+                          type: string
+                        operator:
+                          type: string
+                        tolerationSeconds:
+                          format: int64
+                          type: integer
+                        value:
+                          type: string
+                      type: object
+                    type: array
+                  topologySpreadConstraints:
+                    items:
+                      properties:
+                        labelSelector:
+                          properties:
+                            matchExpressions:
+                              items:
+                                properties:
+                                  key:
+                                    type: string
+                                  operator:
+                                    type: string
+                                  values:
+                                    items:
+                                      type: string
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                required:
+                                - key
+                                - operator
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            matchLabels:
+                              additionalProperties:
+                                type: string
+                              type: object
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        matchLabelKeys:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        maxSkew:
+                          format: int32
+                          type: integer
+                        minDomains:
+                          format: int32
+                          type: integer
+                        nodeAffinityPolicy:
+                          type: string
+                        nodeTaintsPolicy:
+                          type: string
+                        topologyKey:
+                          type: string
+                        whenUnsatisfiable:
+                          type: string
+                      required:
+                      - maxSkew
+                      - topologyKey
+                      - whenUnsatisfiable
+                      type: object
+                    type: array
+                  volumeModImage:
+                    properties:
+                      imagePullSecrets:
+                        items:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                      pullPolicy:
+                        type: string
+                      repository:
+                        type: string
+                      tag:
+                        type: string
+                    type: object
+                  volumeMountChmod:
+                    type: boolean
+                  workers:
+                    format: int32
+                    type: integer
+                type: object
+              globalFilters:
+                items:
+                  properties:
+                    concat:
+                      properties:
+                        continuous_line_regexp:
+                          type: string
+                        flush_interval:
+                          type: integer
+                        keep_partial_key:
+                          type: boolean
+                        keep_partial_metadata:
+                          type: string
+                        key:
+                          type: string
+                        multiline_end_regexp:
+                          type: string
+                        multiline_start_regexp:
+                          type: string
+                        n_lines:
+                          type: integer
+                        partial_cri_logtag_key:
+                          type: string
+                        partial_cri_stream_key:
+                          type: string
+                        partial_key:
+                          type: string
+                        partial_metadata_format:
+                          type: string
+                        partial_value:
+                          type: string
+                        separator:
+                          type: string
+                        stream_identity_key:
+                          type: string
+                        timeout_label:
+                          type: string
+                        use_first_timestamp:
+                          type: boolean
+                        use_partial_cri_logtag:
+                          type: boolean
+                        use_partial_metadata:
+                          type: string
+                      type: object
+                    dedot:
+                      properties:
+                        de_dot_nested:
+                          type: boolean
+                        de_dot_separator:
+                          type: string
+                      type: object
+                    detectExceptions:
+                      properties:
+                        force_line_breaks:
+                          type: boolean
+                        languages:
+                          items:
+                            type: string
+                          type: array
+                        match_tag:
+                          type: string
+                        max_bytes:
+                          type: integer
+                        max_lines:
+                          type: integer
+                        message:
+                          type: string
+                        multiline_flush_interval:
+                          type: string
+                        remove_tag_prefix:
+                          type: string
+                        stream:
+                          type: string
+                      type: object
+                    elasticsearch_genid:
+                      properties:
+                        hash_id_key:
+                          type: string
+                        hash_type:
+                          type: string
+                        include_tag_in_seed:
+                          type: boolean
+                        include_time_in_seed:
+                          type: boolean
+                        record_keys:
+                          type: string
+                        separator:
+                          type: string
+                        use_entire_record:
+                          type: boolean
+                        use_record_as_seed:
+                          type: boolean
+                      type: object
+                    enhanceK8s:
+                      properties:
+                        api_groups:
+                          items:
+                            type: string
+                          type: array
+                        bearer_token_file:
+                          type: string
+                        ca_file:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        cache_refresh:
+                          type: integer
+                        cache_refresh_variation:
+                          type: integer
+                        cache_size:
+                          type: integer
+                        cache_ttl:
+                          type: integer
+                        client_cert:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        client_key:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        core_api_versions:
+                          items:
+                            type: string
+                          type: array
+                        data_type:
+                          type: string
+                        in_namespace_path:
+                          items:
+                            type: string
+                          type: array
+                        in_pod_path:
+                          items:
+                            type: string
+                          type: array
+                        kubernetes_url:
+                          type: string
+                        secret_dir:
+                          type: string
+                        ssl_partial_chain:
+                          type: boolean
+                        verify_ssl:
+                          type: boolean
+                      type: object
+                    geoip:
+                      properties:
+                        backend_library:
+                          type: string
+                        geoip_database:
+                          type: string
+                        geoip_lookup_keys:
+                          type: string
+                        geoip2_database:
+                          type: string
+                        records:
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          type: array
+                        skip_adding_null_record:
+                          type: boolean
+                      type: object
+                    grep:
+                      properties:
+                        and:
+                          items:
+                            properties:
+                              exclude:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                              regexp:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                            type: object
+                          type: array
+                        exclude:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              pattern:
+                                type: string
+                            required:
+                            - key
+                            - pattern
+                            type: object
+                          type: array
+                        or:
+                          items:
+                            properties:
+                              exclude:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                              regexp:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                  required:
+                                  - key
+                                  - pattern
+                                  type: object
+                                type: array
+                            type: object
+                          type: array
+                        regexp:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              pattern:
+                                type: string
+                            required:
+                            - key
+                            - pattern
+                            type: object
+                          type: array
+                      type: object
+                    kube_events_timestamp:
+                      properties:
+                        mapped_time_key:
+                          type: string
+                        timestamp_fields:
+                          items:
+                            type: string
+                          type: array
+                      type: object
+                    parser:
+                      properties:
+                        emit_invalid_record_to_error:
+                          type: boolean
+                        hash_value_field:
+                          type: string
+                        inject_key_prefix:
+                          type: string
+                        key_name:
+                          type: string
+                        parse:
+                          properties:
+                            custom_pattern_path:
+                              properties:
+                                mountFrom:
+                                  properties:
+                                    secretKeyRef:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                value:
+                                  type: string
+                                valueFrom:
+                                  properties:
+                                    secretKeyRef:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                              type: object
+                            delimiter:
+                              type: string
+                            delimiter_pattern:
+                              type: string
+                            estimate_current_event:
+                              type: boolean
+                            expression:
+                              type: string
+                            format:
+                              type: string
+                            format_firstline:
+                              type: string
+                            grok_failure_key:
+                              type: string
+                            grok_name_key:
+                              type: string
+                            grok_pattern:
+                              type: string
+                            grok_patterns:
+                              items:
+                                properties:
+                                  keep_time_key:
+                                    type: boolean
+                                  name:
+                                    type: string
+                                  pattern:
+                                    type: string
+                                  time_format:
+                                    type: string
+                                  time_key:
+                                    type: string
+                                  timezone:
+                                    type: string
+                                required:
+                                - pattern
+                                type: object
+                              type: array
+                            keep_time_key:
+                              type: boolean
+                            keys:
+                              type: string
+                            label_delimiter:
+                              type: string
+                            local_time:
+                              type: boolean
+                            multiline:
+                              items:
+                                type: string
+                              type: array
+                            multiline_start_regexp:
+                              type: string
+                            null_empty_string:
+                              type: boolean
+                            null_value_pattern:
+                              type: string
+                            patterns:
+                              items:
+                                properties:
+                                  custom_pattern_path:
+                                    properties:
+                                      mountFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            required:
+                                            - key
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            required:
+                                            - key
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                    type: object
+                                  estimate_current_event:
+                                    type: boolean
+                                  expression:
+                                    type: string
+                                  format:
+                                    type: string
+                                  grok_failure_key:
+                                    type: string
+                                  grok_name_key:
+                                    type: string
+                                  grok_pattern:
+                                    type: string
+                                  grok_patterns:
+                                    items:
+                                      properties:
+                                        keep_time_key:
+                                          type: boolean
+                                        name:
+                                          type: string
+                                        pattern:
+                                          type: string
+                                        time_format:
+                                          type: string
+                                        time_key:
+                                          type: string
+                                        timezone:
+                                          type: string
+                                      required:
+                                      - pattern
+                                      type: object
+                                    type: array
+                                  keep_time_key:
+                                    type: boolean
+                                  local_time:
+                                    type: boolean
+                                  multiline_start_regexp:
+                                    type: string
+                                  null_empty_string:
+                                    type: boolean
+                                  null_value_pattern:
+                                    type: string
+                                  time_format:
+                                    type: string
+                                  time_key:
+                                    type: string
+                                  time_type:
+                                    type: string
+                                  timezone:
+                                    type: string
+                                  type:
+                                    type: string
+                                  types:
+                                    type: string
+                                  utc:
+                                    type: boolean
+                                type: object
+                              type: array
+                            time_format:
+                              type: string
+                            time_key:
+                              type: string
+                            time_type:
+                              type: string
+                            timezone:
+                              type: string
+                            type:
+                              type: string
+                            types:
+                              type: string
+                            utc:
+                              type: boolean
+                          type: object
+                        parsers:
+                          items:
+                            properties:
+                              custom_pattern_path:
+                                properties:
+                                  mountFrom:
+                                    properties:
+                                      secretKeyRef:
+                                        properties:
+                                          key:
+                                            type: string
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  value:
+                                    type: string
+                                  valueFrom:
+                                    properties:
+                                      secretKeyRef:
+                                        properties:
+                                          key:
+                                            type: string
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                type: object
+                              delimiter:
+                                type: string
+                              delimiter_pattern:
+                                type: string
+                              estimate_current_event:
+                                type: boolean
+                              expression:
+                                type: string
+                              format:
+                                type: string
+                              format_firstline:
+                                type: string
+                              grok_failure_key:
+                                type: string
+                              grok_name_key:
+                                type: string
+                              grok_pattern:
+                                type: string
+                              grok_patterns:
+                                items:
+                                  properties:
+                                    keep_time_key:
+                                      type: boolean
+                                    name:
+                                      type: string
+                                    pattern:
+                                      type: string
+                                    time_format:
+                                      type: string
+                                    time_key:
+                                      type: string
+                                    timezone:
+                                      type: string
+                                  required:
+                                  - pattern
+                                  type: object
+                                type: array
+                              keep_time_key:
+                                type: boolean
+                              keys:
+                                type: string
+                              label_delimiter:
+                                type: string
+                              local_time:
+                                type: boolean
+                              multiline:
+                                items:
+                                  type: string
+                                type: array
+                              multiline_start_regexp:
+                                type: string
+                              null_empty_string:
+                                type: boolean
+                              null_value_pattern:
+                                type: string
+                              patterns:
+                                items:
+                                  properties:
+                                    custom_pattern_path:
+                                      properties:
+                                        mountFrom:
+                                          properties:
+                                            secretKeyRef:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                                optional:
+                                                  type: boolean
+                                              required:
+                                              - key
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          type: object
+                                        value:
+                                          type: string
+                                        valueFrom:
+                                          properties:
+                                            secretKeyRef:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                                optional:
+                                                  type: boolean
+                                              required:
+                                              - key
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          type: object
+                                      type: object
+                                    estimate_current_event:
+                                      type: boolean
+                                    expression:
+                                      type: string
+                                    format:
+                                      type: string
+                                    grok_failure_key:
+                                      type: string
+                                    grok_name_key:
+                                      type: string
+                                    grok_pattern:
+                                      type: string
+                                    grok_patterns:
+                                      items:
+                                        properties:
+                                          keep_time_key:
+                                            type: boolean
+                                          name:
+                                            type: string
+                                          pattern:
+                                            type: string
+                                          time_format:
+                                            type: string
+                                          time_key:
+                                            type: string
+                                          timezone:
+                                            type: string
+                                        required:
+                                        - pattern
+                                        type: object
+                                      type: array
+                                    keep_time_key:
+                                      type: boolean
+                                    local_time:
+                                      type: boolean
+                                    multiline_start_regexp:
+                                      type: string
+                                    null_empty_string:
+                                      type: boolean
+                                    null_value_pattern:
+                                      type: string
+                                    time_format:
+                                      type: string
+                                    time_key:
+                                      type: string
+                                    time_type:
+                                      type: string
+                                    timezone:
+                                      type: string
+                                    type:
+                                      type: string
+                                    types:
+                                      type: string
+                                    utc:
+                                      type: boolean
+                                  type: object
+                                type: array
+                              time_format:
+                                type: string
+                              time_key:
+                                type: string
+                              time_type:
+                                type: string
+                              timezone:
+                                type: string
+                              type:
+                                type: string
+                              types:
+                                type: string
+                              utc:
+                                type: boolean
+                            type: object
+                          type: array
+                        remove_key_name_field:
+                          type: boolean
+                        replace_invalid_sequence:
+                          type: boolean
+                        reserve_data:
+                          type: boolean
+                        reserve_time:
+                          type: boolean
+                      type: object
+                    prometheus:
+                      properties:
+                        labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        metrics:
+                          items:
+                            properties:
+                              buckets:
+                                type: string
+                              desc:
+                                type: string
+                              key:
+                                type: string
+                              labels:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                              name:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - desc
+                            - name
+                            - type
+                            type: object
+                          type: array
+                      type: object
+                    record_modifier:
+                      properties:
+                        char_encoding:
+                          type: string
+                        prepare_value:
+                          type: string
+                        records:
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          type: array
+                        remove_keys:
+                          type: string
+                        replaces:
+                          items:
+                            properties:
+                              expression:
+                                type: string
+                              key:
+                                type: string
+                              replace:
+                                type: string
+                            required:
+                            - expression
+                            - key
+                            - replace
+                            type: object
+                          type: array
+                        whitelist_keys:
+                          type: string
+                      type: object
+                    record_transformer:
+                      properties:
+                        auto_typecast:
+                          type: boolean
+                        enable_ruby:
+                          type: boolean
+                        keep_keys:
+                          type: string
+                        records:
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          type: array
+                        remove_keys:
+                          type: string
+                        renew_record:
+                          type: boolean
+                        renew_time_key:
+                          type: string
+                      type: object
+                    stdout:
+                      properties:
+                        output_type:
+                          type: string
+                      type: object
+                    sumologic:
+                      properties:
+                        collector_key_name:
+                          type: string
+                        collector_value:
+                          type: string
+                        exclude_container_regex:
+                          type: string
+                        exclude_facility_regex:
+                          type: string
+                        exclude_host_regex:
+                          type: string
+                        exclude_namespace_regex:
+                          type: string
+                        exclude_pod_regex:
+                          type: string
+                        exclude_priority_regex:
+                          type: string
+                        exclude_unit_regex:
+                          type: string
+                        log_format:
+                          type: string
+                        source_category:
+                          type: string
+                        source_category_key_name:
+                          type: string
+                        source_category_prefix:
+                          type: string
+                        source_category_replace_dash:
+                          type: string
+                        source_host:
+                          type: string
+                        source_host_key_name:
+                          type: string
+                        source_name:
+                          type: string
+                        source_name_key_name:
+                          type: string
+                        tracing_annotation_prefix:
+                          type: string
+                        tracing_container_name:
+                          type: string
+                        tracing_format:
+                          type: boolean
+                        tracing_host:
+                          type: string
+                        tracing_label_prefix:
+                          type: string
+                        tracing_namespace:
+                          type: string
+                        tracing_pod:
+                          type: string
+                        tracing_pod_id:
+                          type: string
+                      type: object
+                    tag_normaliser:
+                      properties:
+                        format:
+                          type: string
+                        match_tag:
+                          type: string
+                      type: object
+                    throttle:
+                      properties:
+                        group_bucket_limit:
+                          type: integer
+                        group_bucket_period_s:
+                          type: integer
+                        group_drop_logs:
+                          type: boolean
+                        group_key:
+                          type: string
+                        group_reset_rate_s:
+                          type: integer
+                        group_warning_delay_s:
+                          type: integer
+                      type: object
+                    useragent:
+                      properties:
+                        delete_key:
+                          type: boolean
+                        flatten:
+                          type: boolean
+                        key_name:
+                          type: string
+                        out_key:
+                          type: string
+                      type: object
+                  type: object
+                type: array
+              loggingRef:
+                type: string
+              nodeAgents:
+                items:
+                  properties:
+                    metadata:
+                      properties:
+                        annotations:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                      type: object
+                    name:
+                      type: string
+                    nodeAgentFluentbit:
+                      properties:
+                        bufferStorage:
+                          properties:
+                            storage.backlog.mem_limit:
+                              type: string
+                            storage.checksum:
+                              type: string
+                            storage.delete_irrecoverable_chunks:
+                              type: string
+                            storage.metrics:
+                              type: string
+                            storage.path:
+                              type: string
+                            storage.sync:
+                              type: string
+                          type: object
+                        bufferStorageVolume:
+                          properties:
+                            configMap:
+                              properties:
+                                defaultMode:
+                                  format: int32
+                                  type: integer
+                                items:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      mode:
+                                        format: int32
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - key
+                                    - path
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            emptyDir:
+                              properties:
+                                medium:
+                                  type: string
+                                sizeLimit:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                              type: object
+                            host_path:
+                              properties:
+                                path:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - path
+                              type: object
+                            hostPath:
+                              properties:
+                                path:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - path
+                              type: object
+                            pvc:
+                              properties:
+                                source:
+                                  properties:
+                                    claimName:
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                  required:
+                                  - claimName
+                                  type: object
+                                spec:
+                                  properties:
+                                    accessModes:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    dataSource:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    dataSourceRef:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                        namespace:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                    resources:
+                                      properties:
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    selector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    storageClassName:
+                                      type: string
+                                    volumeAttributesClassName:
+                                      type: string
+                                    volumeMode:
+                                      type: string
+                                    volumeName:
+                                      type: string
+                                  type: object
+                              type: object
+                            secret:
+                              properties:
+                                defaultMode:
+                                  format: int32
+                                  type: integer
+                                items:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      mode:
+                                        format: int32
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - key
+                                    - path
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                optional:
+                                  type: boolean
+                                secretName:
+                                  type: string
+                              type: object
+                          type: object
+                        containersPath:
+                          type: string
+                        coroStackSize:
+                          format: int32
+                          type: integer
+                        customConfigSecret:
+                          type: string
+                        daemonSet:
+                          properties:
+                            metadata:
+                              properties:
+                                annotations:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                                labels:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                              type: object
+                            spec:
+                              properties:
+                                minReadySeconds:
+                                  format: int32
+                                  type: integer
+                                revisionHistoryLimit:
+                                  format: int32
+                                  type: integer
+                                selector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                template:
+                                  properties:
+                                    metadata:
+                                      properties:
+                                        annotations:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                        labels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                    spec:
+                                      properties:
+                                        activeDeadlineSeconds:
+                                          format: int64
+                                          type: integer
+                                        affinity:
+                                          properties:
+                                            nodeAffinity:
+                                              properties:
+                                                preferredDuringSchedulingIgnoredDuringExecution:
+                                                  items:
+                                                    properties:
+                                                      preference:
+                                                        properties:
+                                                          matchExpressions:
+                                                            items:
+                                                              properties:
+                                                                key:
+                                                                  type: string
+                                                                operator:
+                                                                  type: string
+                                                                values:
+                                                                  items:
+                                                                    type: string
+                                                                  type: array
+                                                                  x-kubernetes-list-type: atomic
+                                                              required:
+                                                              - key
+                                                              - operator
+                                                              type: object
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          matchFields:
+                                                            items:
+                                                              properties:
+                                                                key:
+                                                                  type: string
+                                                                operator:
+                                                                  type: string
+                                                                values:
+                                                                  items:
+                                                                    type: string
+                                                                  type: array
+                                                                  x-kubernetes-list-type: atomic
+                                                              required:
+                                                              - key
+                                                              - operator
+                                                              type: object
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        type: object
+                                                        x-kubernetes-map-type: atomic
+                                                      weight:
+                                                        format: int32
+                                                        type: integer
+                                                    required:
+                                                    - preference
+                                                    - weight
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                requiredDuringSchedulingIgnoredDuringExecution:
+                                                  properties:
+                                                    nodeSelectorTerms:
+                                                      items:
+                                                        properties:
+                                                          matchExpressions:
+                                                            items:
+                                                              properties:
+                                                                key:
+                                                                  type: string
+                                                                operator:
+                                                                  type: string
+                                                                values:
+                                                                  items:
+                                                                    type: string
+                                                                  type: array
+                                                                  x-kubernetes-list-type: atomic
+                                                              required:
+                                                              - key
+                                                              - operator
+                                                              type: object
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          matchFields:
+                                                            items:
+                                                              properties:
+                                                                key:
+                                                                  type: string
+                                                                operator:
+                                                                  type: string
+                                                                values:
+                                                                  items:
+                                                                    type: string
+                                                                  type: array
+                                                                  x-kubernetes-list-type: atomic
+                                                              required:
+                                                              - key
+                                                              - operator
+                                                              type: object
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        type: object
+                                                        x-kubernetes-map-type: atomic
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  required:
+                                                  - nodeSelectorTerms
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                              type: object
+                                            podAffinity:
+                                              properties:
+                                                preferredDuringSchedulingIgnoredDuringExecution:
+                                                  items:
+                                                    properties:
+                                                      podAffinityTerm:
+                                                        properties:
+                                                          labelSelector:
+                                                            properties:
+                                                              matchExpressions:
+                                                                items:
+                                                                  properties:
+                                                                    key:
+                                                                      type: string
+                                                                    operator:
+                                                                      type: string
+                                                                    values:
+                                                                      items:
+                                                                        type: string
+                                                                      type: array
+                                                                      x-kubernetes-list-type: atomic
+                                                                  required:
+                                                                  - key
+                                                                  - operator
+                                                                  type: object
+                                                                type: array
+                                                                x-kubernetes-list-type: atomic
+                                                              matchLabels:
+                                                                additionalProperties:
+                                                                  type: string
+                                                                type: object
+                                                            type: object
+                                                            x-kubernetes-map-type: atomic
+                                                          matchLabelKeys:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          mismatchLabelKeys:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          namespaceSelector:
+                                                            properties:
+                                                              matchExpressions:
+                                                                items:
+                                                                  properties:
+                                                                    key:
+                                                                      type: string
+                                                                    operator:
+                                                                      type: string
+                                                                    values:
+                                                                      items:
+                                                                        type: string
+                                                                      type: array
+                                                                      x-kubernetes-list-type: atomic
+                                                                  required:
+                                                                  - key
+                                                                  - operator
+                                                                  type: object
+                                                                type: array
+                                                                x-kubernetes-list-type: atomic
+                                                              matchLabels:
+                                                                additionalProperties:
+                                                                  type: string
+                                                                type: object
+                                                            type: object
+                                                            x-kubernetes-map-type: atomic
+                                                          namespaces:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          topologyKey:
+                                                            type: string
+                                                        required:
+                                                        - topologyKey
+                                                        type: object
+                                                      weight:
+                                                        format: int32
+                                                        type: integer
+                                                    required:
+                                                    - podAffinityTerm
+                                                    - weight
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                requiredDuringSchedulingIgnoredDuringExecution:
+                                                  items:
+                                                    properties:
+                                                      labelSelector:
+                                                        properties:
+                                                          matchExpressions:
+                                                            items:
+                                                              properties:
+                                                                key:
+                                                                  type: string
+                                                                operator:
+                                                                  type: string
+                                                                values:
+                                                                  items:
+                                                                    type: string
+                                                                  type: array
+                                                                  x-kubernetes-list-type: atomic
+                                                              required:
+                                                              - key
+                                                              - operator
+                                                              type: object
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          matchLabels:
+                                                            additionalProperties:
+                                                              type: string
+                                                            type: object
+                                                        type: object
+                                                        x-kubernetes-map-type: atomic
+                                                      matchLabelKeys:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      mismatchLabelKeys:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      namespaceSelector:
+                                                        properties:
+                                                          matchExpressions:
+                                                            items:
+                                                              properties:
+                                                                key:
+                                                                  type: string
+                                                                operator:
+                                                                  type: string
+                                                                values:
+                                                                  items:
+                                                                    type: string
+                                                                  type: array
+                                                                  x-kubernetes-list-type: atomic
+                                                              required:
+                                                              - key
+                                                              - operator
+                                                              type: object
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          matchLabels:
+                                                            additionalProperties:
+                                                              type: string
+                                                            type: object
+                                                        type: object
+                                                        x-kubernetes-map-type: atomic
+                                                      namespaces:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      topologyKey:
+                                                        type: string
+                                                    required:
+                                                    - topologyKey
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            podAntiAffinity:
+                                              properties:
+                                                preferredDuringSchedulingIgnoredDuringExecution:
+                                                  items:
+                                                    properties:
+                                                      podAffinityTerm:
+                                                        properties:
+                                                          labelSelector:
+                                                            properties:
+                                                              matchExpressions:
+                                                                items:
+                                                                  properties:
+                                                                    key:
+                                                                      type: string
+                                                                    operator:
+                                                                      type: string
+                                                                    values:
+                                                                      items:
+                                                                        type: string
+                                                                      type: array
+                                                                      x-kubernetes-list-type: atomic
+                                                                  required:
+                                                                  - key
+                                                                  - operator
+                                                                  type: object
+                                                                type: array
+                                                                x-kubernetes-list-type: atomic
+                                                              matchLabels:
+                                                                additionalProperties:
+                                                                  type: string
+                                                                type: object
+                                                            type: object
+                                                            x-kubernetes-map-type: atomic
+                                                          matchLabelKeys:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          mismatchLabelKeys:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          namespaceSelector:
+                                                            properties:
+                                                              matchExpressions:
+                                                                items:
+                                                                  properties:
+                                                                    key:
+                                                                      type: string
+                                                                    operator:
+                                                                      type: string
+                                                                    values:
+                                                                      items:
+                                                                        type: string
+                                                                      type: array
+                                                                      x-kubernetes-list-type: atomic
+                                                                  required:
+                                                                  - key
+                                                                  - operator
+                                                                  type: object
+                                                                type: array
+                                                                x-kubernetes-list-type: atomic
+                                                              matchLabels:
+                                                                additionalProperties:
+                                                                  type: string
+                                                                type: object
+                                                            type: object
+                                                            x-kubernetes-map-type: atomic
+                                                          namespaces:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          topologyKey:
+                                                            type: string
+                                                        required:
+                                                        - topologyKey
+                                                        type: object
+                                                      weight:
+                                                        format: int32
+                                                        type: integer
+                                                    required:
+                                                    - podAffinityTerm
+                                                    - weight
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                requiredDuringSchedulingIgnoredDuringExecution:
+                                                  items:
+                                                    properties:
+                                                      labelSelector:
+                                                        properties:
+                                                          matchExpressions:
+                                                            items:
+                                                              properties:
+                                                                key:
+                                                                  type: string
+                                                                operator:
+                                                                  type: string
+                                                                values:
+                                                                  items:
+                                                                    type: string
+                                                                  type: array
+                                                                  x-kubernetes-list-type: atomic
+                                                              required:
+                                                              - key
+                                                              - operator
+                                                              type: object
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          matchLabels:
+                                                            additionalProperties:
+                                                              type: string
+                                                            type: object
+                                                        type: object
+                                                        x-kubernetes-map-type: atomic
+                                                      matchLabelKeys:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      mismatchLabelKeys:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      namespaceSelector:
+                                                        properties:
+                                                          matchExpressions:
+                                                            items:
+                                                              properties:
+                                                                key:
+                                                                  type: string
+                                                                operator:
+                                                                  type: string
+                                                                values:
+                                                                  items:
+                                                                    type: string
+                                                                  type: array
+                                                                  x-kubernetes-list-type: atomic
+                                                              required:
+                                                              - key
+                                                              - operator
+                                                              type: object
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          matchLabels:
+                                                            additionalProperties:
+                                                              type: string
+                                                            type: object
+                                                        type: object
+                                                        x-kubernetes-map-type: atomic
+                                                      namespaces:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      topologyKey:
+                                                        type: string
+                                                    required:
+                                                    - topologyKey
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                          type: object
+                                        automountServiceAccountToken:
+                                          type: boolean
+                                        containers:
+                                          items:
+                                            properties:
+                                              args:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                              command:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                              env:
+                                                items:
+                                                  properties:
+                                                    name:
+                                                      type: string
+                                                    value:
+                                                      type: string
+                                                    valueFrom:
+                                                      properties:
+                                                        configMapKeyRef:
+                                                          properties:
+                                                            key:
+                                                              type: string
+                                                            name:
+                                                              default: ""
+                                                              type: string
+                                                            optional:
+                                                              type: boolean
+                                                          required:
+                                                          - key
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                        fieldRef:
+                                                          properties:
+                                                            apiVersion:
+                                                              type: string
+                                                            fieldPath:
+                                                              type: string
+                                                          required:
+                                                          - fieldPath
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                        resourceFieldRef:
+                                                          properties:
+                                                            containerName:
+                                                              type: string
+                                                            divisor:
+                                                              anyOf:
+                                                              - type: integer
+                                                              - type: string
+                                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                              x-kubernetes-int-or-string: true
+                                                            resource:
+                                                              type: string
+                                                          required:
+                                                          - resource
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                        secretKeyRef:
+                                                          properties:
+                                                            key:
+                                                              type: string
+                                                            name:
+                                                              default: ""
+                                                              type: string
+                                                            optional:
+                                                              type: boolean
+                                                          required:
+                                                          - key
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                      type: object
+                                                  required:
+                                                  - name
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-map-keys:
+                                                - name
+                                                x-kubernetes-list-type: map
+                                              envFrom:
+                                                items:
+                                                  properties:
+                                                    configMapRef:
+                                                      properties:
+                                                        name:
+                                                          default: ""
+                                                          type: string
+                                                        optional:
+                                                          type: boolean
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                    prefix:
+                                                      type: string
+                                                    secretRef:
+                                                      properties:
+                                                        name:
+                                                          default: ""
+                                                          type: string
+                                                        optional:
+                                                          type: boolean
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                              image:
+                                                type: string
+                                              imagePullPolicy:
+                                                type: string
+                                              lifecycle:
+                                                properties:
+                                                  postStart:
+                                                    properties:
+                                                      exec:
+                                                        properties:
+                                                          command:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        type: object
+                                                      httpGet:
+                                                        properties:
+                                                          host:
+                                                            type: string
+                                                          httpHeaders:
+                                                            items:
+                                                              properties:
+                                                                name:
+                                                                  type: string
+                                                                value:
+                                                                  type: string
+                                                              required:
+                                                              - name
+                                                              - value
+                                                              type: object
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          path:
+                                                            type: string
+                                                          port:
+                                                            anyOf:
+                                                            - type: integer
+                                                            - type: string
+                                                            x-kubernetes-int-or-string: true
+                                                          scheme:
+                                                            type: string
+                                                        required:
+                                                        - port
+                                                        type: object
+                                                      sleep:
+                                                        properties:
+                                                          seconds:
+                                                            format: int64
+                                                            type: integer
+                                                        required:
+                                                        - seconds
+                                                        type: object
+                                                      tcpSocket:
+                                                        properties:
+                                                          host:
+                                                            type: string
+                                                          port:
+                                                            anyOf:
+                                                            - type: integer
+                                                            - type: string
+                                                            x-kubernetes-int-or-string: true
+                                                        required:
+                                                        - port
+                                                        type: object
+                                                    type: object
+                                                  preStop:
+                                                    properties:
+                                                      exec:
+                                                        properties:
+                                                          command:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        type: object
+                                                      httpGet:
+                                                        properties:
+                                                          host:
+                                                            type: string
+                                                          httpHeaders:
+                                                            items:
+                                                              properties:
+                                                                name:
+                                                                  type: string
+                                                                value:
+                                                                  type: string
+                                                              required:
+                                                              - name
+                                                              - value
+                                                              type: object
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          path:
+                                                            type: string
+                                                          port:
+                                                            anyOf:
+                                                            - type: integer
+                                                            - type: string
+                                                            x-kubernetes-int-or-string: true
+                                                          scheme:
+                                                            type: string
+                                                        required:
+                                                        - port
+                                                        type: object
+                                                      sleep:
+                                                        properties:
+                                                          seconds:
+                                                            format: int64
+                                                            type: integer
+                                                        required:
+                                                        - seconds
+                                                        type: object
+                                                      tcpSocket:
+                                                        properties:
+                                                          host:
+                                                            type: string
+                                                          port:
+                                                            anyOf:
+                                                            - type: integer
+                                                            - type: string
+                                                            x-kubernetes-int-or-string: true
+                                                        required:
+                                                        - port
+                                                        type: object
+                                                    type: object
+                                                type: object
+                                              livenessProbe:
+                                                properties:
+                                                  exec:
+                                                    properties:
+                                                      command:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    type: object
+                                                  failureThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  grpc:
+                                                    properties:
+                                                      port:
+                                                        format: int32
+                                                        type: integer
+                                                      service:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  httpGet:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      httpHeaders:
+                                                        items:
+                                                          properties:
+                                                            name:
+                                                              type: string
+                                                            value:
+                                                              type: string
+                                                          required:
+                                                          - name
+                                                          - value
+                                                          type: object
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      path:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                      scheme:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  initialDelaySeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  periodSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  successThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  tcpSocket:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  terminationGracePeriodSeconds:
+                                                    format: int64
+                                                    type: integer
+                                                  timeoutSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                type: object
+                                              name:
+                                                type: string
+                                              ports:
+                                                items:
+                                                  properties:
+                                                    containerPort:
+                                                      format: int32
+                                                      type: integer
+                                                    hostIP:
+                                                      type: string
+                                                    hostPort:
+                                                      format: int32
+                                                      type: integer
+                                                    name:
+                                                      type: string
+                                                    protocol:
+                                                      default: TCP
+                                                      type: string
+                                                  required:
+                                                  - containerPort
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-map-keys:
+                                                - containerPort
+                                                - protocol
+                                                x-kubernetes-list-type: map
+                                              readinessProbe:
+                                                properties:
+                                                  exec:
+                                                    properties:
+                                                      command:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    type: object
+                                                  failureThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  grpc:
+                                                    properties:
+                                                      port:
+                                                        format: int32
+                                                        type: integer
+                                                      service:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  httpGet:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      httpHeaders:
+                                                        items:
+                                                          properties:
+                                                            name:
+                                                              type: string
+                                                            value:
+                                                              type: string
+                                                          required:
+                                                          - name
+                                                          - value
+                                                          type: object
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      path:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                      scheme:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  initialDelaySeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  periodSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  successThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  tcpSocket:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  terminationGracePeriodSeconds:
+                                                    format: int64
+                                                    type: integer
+                                                  timeoutSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                type: object
+                                              resizePolicy:
+                                                items:
+                                                  properties:
+                                                    resourceName:
+                                                      type: string
+                                                    restartPolicy:
+                                                      type: string
+                                                  required:
+                                                  - resourceName
+                                                  - restartPolicy
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                              resources:
+                                                properties:
+                                                  claims:
+                                                    items:
+                                                      properties:
+                                                        name:
+                                                          type: string
+                                                      required:
+                                                      - name
+                                                      type: object
+                                                    type: array
+                                                    x-kubernetes-list-map-keys:
+                                                    - name
+                                                    x-kubernetes-list-type: map
+                                                  limits:
+                                                    additionalProperties:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                      x-kubernetes-int-or-string: true
+                                                    type: object
+                                                  requests:
+                                                    additionalProperties:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                      x-kubernetes-int-or-string: true
+                                                    type: object
+                                                type: object
+                                              restartPolicy:
+                                                type: string
+                                              securityContext:
+                                                properties:
+                                                  allowPrivilegeEscalation:
+                                                    type: boolean
+                                                  appArmorProfile:
+                                                    properties:
+                                                      localhostProfile:
+                                                        type: string
+                                                      type:
+                                                        type: string
+                                                    required:
+                                                    - type
+                                                    type: object
+                                                  capabilities:
+                                                    properties:
+                                                      add:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      drop:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    type: object
+                                                  privileged:
+                                                    type: boolean
+                                                  procMount:
+                                                    type: string
+                                                  readOnlyRootFilesystem:
+                                                    type: boolean
+                                                  runAsGroup:
+                                                    format: int64
+                                                    type: integer
+                                                  runAsNonRoot:
+                                                    type: boolean
+                                                  runAsUser:
+                                                    format: int64
+                                                    type: integer
+                                                  seLinuxOptions:
+                                                    properties:
+                                                      level:
+                                                        type: string
+                                                      role:
+                                                        type: string
+                                                      type:
+                                                        type: string
+                                                      user:
+                                                        type: string
+                                                    type: object
+                                                  seccompProfile:
+                                                    properties:
+                                                      localhostProfile:
+                                                        type: string
+                                                      type:
+                                                        type: string
+                                                    required:
+                                                    - type
+                                                    type: object
+                                                  windowsOptions:
+                                                    properties:
+                                                      gmsaCredentialSpec:
+                                                        type: string
+                                                      gmsaCredentialSpecName:
+                                                        type: string
+                                                      hostProcess:
+                                                        type: boolean
+                                                      runAsUserName:
+                                                        type: string
+                                                    type: object
+                                                type: object
+                                              startupProbe:
+                                                properties:
+                                                  exec:
+                                                    properties:
+                                                      command:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    type: object
+                                                  failureThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  grpc:
+                                                    properties:
+                                                      port:
+                                                        format: int32
+                                                        type: integer
+                                                      service:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  httpGet:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      httpHeaders:
+                                                        items:
+                                                          properties:
+                                                            name:
+                                                              type: string
+                                                            value:
+                                                              type: string
+                                                          required:
+                                                          - name
+                                                          - value
+                                                          type: object
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      path:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                      scheme:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  initialDelaySeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  periodSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  successThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  tcpSocket:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  terminationGracePeriodSeconds:
+                                                    format: int64
+                                                    type: integer
+                                                  timeoutSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                type: object
+                                              stdin:
+                                                type: boolean
+                                              stdinOnce:
+                                                type: boolean
+                                              terminationMessagePath:
+                                                type: string
+                                              terminationMessagePolicy:
+                                                type: string
+                                              tty:
+                                                type: boolean
+                                              volumeDevices:
+                                                items:
+                                                  properties:
+                                                    devicePath:
+                                                      type: string
+                                                    name:
+                                                      type: string
+                                                  required:
+                                                  - devicePath
+                                                  - name
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-map-keys:
+                                                - devicePath
+                                                x-kubernetes-list-type: map
+                                              volumeMounts:
+                                                items:
+                                                  properties:
+                                                    mountPath:
+                                                      type: string
+                                                    mountPropagation:
+                                                      type: string
+                                                    name:
+                                                      type: string
+                                                    readOnly:
+                                                      type: boolean
+                                                    recursiveReadOnly:
+                                                      type: string
+                                                    subPath:
+                                                      type: string
+                                                    subPathExpr:
+                                                      type: string
+                                                  required:
+                                                  - mountPath
+                                                  - name
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-map-keys:
+                                                - mountPath
+                                                x-kubernetes-list-type: map
+                                              workingDir:
+                                                type: string
+                                            required:
+                                            - name
+                                            type: object
+                                          type: array
+                                        dnsConfig:
+                                          properties:
+                                            nameservers:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            options:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                  value:
+                                                    type: string
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            searches:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        dnsPolicy:
+                                          type: string
+                                        enableServiceLinks:
+                                          type: boolean
+                                        ephemeralContainers:
+                                          items:
+                                            properties:
+                                              args:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                              command:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                              env:
+                                                items:
+                                                  properties:
+                                                    name:
+                                                      type: string
+                                                    value:
+                                                      type: string
+                                                    valueFrom:
+                                                      properties:
+                                                        configMapKeyRef:
+                                                          properties:
+                                                            key:
+                                                              type: string
+                                                            name:
+                                                              default: ""
+                                                              type: string
+                                                            optional:
+                                                              type: boolean
+                                                          required:
+                                                          - key
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                        fieldRef:
+                                                          properties:
+                                                            apiVersion:
+                                                              type: string
+                                                            fieldPath:
+                                                              type: string
+                                                          required:
+                                                          - fieldPath
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                        resourceFieldRef:
+                                                          properties:
+                                                            containerName:
+                                                              type: string
+                                                            divisor:
+                                                              anyOf:
+                                                              - type: integer
+                                                              - type: string
+                                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                              x-kubernetes-int-or-string: true
+                                                            resource:
+                                                              type: string
+                                                          required:
+                                                          - resource
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                        secretKeyRef:
+                                                          properties:
+                                                            key:
+                                                              type: string
+                                                            name:
+                                                              default: ""
+                                                              type: string
+                                                            optional:
+                                                              type: boolean
+                                                          required:
+                                                          - key
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                      type: object
+                                                  required:
+                                                  - name
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-map-keys:
+                                                - name
+                                                x-kubernetes-list-type: map
+                                              envFrom:
+                                                items:
+                                                  properties:
+                                                    configMapRef:
+                                                      properties:
+                                                        name:
+                                                          default: ""
+                                                          type: string
+                                                        optional:
+                                                          type: boolean
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                    prefix:
+                                                      type: string
+                                                    secretRef:
+                                                      properties:
+                                                        name:
+                                                          default: ""
+                                                          type: string
+                                                        optional:
+                                                          type: boolean
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                              image:
+                                                type: string
+                                              imagePullPolicy:
+                                                type: string
+                                              lifecycle:
+                                                properties:
+                                                  postStart:
+                                                    properties:
+                                                      exec:
+                                                        properties:
+                                                          command:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        type: object
+                                                      httpGet:
+                                                        properties:
+                                                          host:
+                                                            type: string
+                                                          httpHeaders:
+                                                            items:
+                                                              properties:
+                                                                name:
+                                                                  type: string
+                                                                value:
+                                                                  type: string
+                                                              required:
+                                                              - name
+                                                              - value
+                                                              type: object
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          path:
+                                                            type: string
+                                                          port:
+                                                            anyOf:
+                                                            - type: integer
+                                                            - type: string
+                                                            x-kubernetes-int-or-string: true
+                                                          scheme:
+                                                            type: string
+                                                        required:
+                                                        - port
+                                                        type: object
+                                                      sleep:
+                                                        properties:
+                                                          seconds:
+                                                            format: int64
+                                                            type: integer
+                                                        required:
+                                                        - seconds
+                                                        type: object
+                                                      tcpSocket:
+                                                        properties:
+                                                          host:
+                                                            type: string
+                                                          port:
+                                                            anyOf:
+                                                            - type: integer
+                                                            - type: string
+                                                            x-kubernetes-int-or-string: true
+                                                        required:
+                                                        - port
+                                                        type: object
+                                                    type: object
+                                                  preStop:
+                                                    properties:
+                                                      exec:
+                                                        properties:
+                                                          command:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        type: object
+                                                      httpGet:
+                                                        properties:
+                                                          host:
+                                                            type: string
+                                                          httpHeaders:
+                                                            items:
+                                                              properties:
+                                                                name:
+                                                                  type: string
+                                                                value:
+                                                                  type: string
+                                                              required:
+                                                              - name
+                                                              - value
+                                                              type: object
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          path:
+                                                            type: string
+                                                          port:
+                                                            anyOf:
+                                                            - type: integer
+                                                            - type: string
+                                                            x-kubernetes-int-or-string: true
+                                                          scheme:
+                                                            type: string
+                                                        required:
+                                                        - port
+                                                        type: object
+                                                      sleep:
+                                                        properties:
+                                                          seconds:
+                                                            format: int64
+                                                            type: integer
+                                                        required:
+                                                        - seconds
+                                                        type: object
+                                                      tcpSocket:
+                                                        properties:
+                                                          host:
+                                                            type: string
+                                                          port:
+                                                            anyOf:
+                                                            - type: integer
+                                                            - type: string
+                                                            x-kubernetes-int-or-string: true
+                                                        required:
+                                                        - port
+                                                        type: object
+                                                    type: object
+                                                type: object
+                                              livenessProbe:
+                                                properties:
+                                                  exec:
+                                                    properties:
+                                                      command:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    type: object
+                                                  failureThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  grpc:
+                                                    properties:
+                                                      port:
+                                                        format: int32
+                                                        type: integer
+                                                      service:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  httpGet:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      httpHeaders:
+                                                        items:
+                                                          properties:
+                                                            name:
+                                                              type: string
+                                                            value:
+                                                              type: string
+                                                          required:
+                                                          - name
+                                                          - value
+                                                          type: object
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      path:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                      scheme:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  initialDelaySeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  periodSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  successThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  tcpSocket:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  terminationGracePeriodSeconds:
+                                                    format: int64
+                                                    type: integer
+                                                  timeoutSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                type: object
+                                              name:
+                                                type: string
+                                              ports:
+                                                items:
+                                                  properties:
+                                                    containerPort:
+                                                      format: int32
+                                                      type: integer
+                                                    hostIP:
+                                                      type: string
+                                                    hostPort:
+                                                      format: int32
+                                                      type: integer
+                                                    name:
+                                                      type: string
+                                                    protocol:
+                                                      default: TCP
+                                                      type: string
+                                                  required:
+                                                  - containerPort
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-map-keys:
+                                                - containerPort
+                                                - protocol
+                                                x-kubernetes-list-type: map
+                                              readinessProbe:
+                                                properties:
+                                                  exec:
+                                                    properties:
+                                                      command:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    type: object
+                                                  failureThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  grpc:
+                                                    properties:
+                                                      port:
+                                                        format: int32
+                                                        type: integer
+                                                      service:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  httpGet:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      httpHeaders:
+                                                        items:
+                                                          properties:
+                                                            name:
+                                                              type: string
+                                                            value:
+                                                              type: string
+                                                          required:
+                                                          - name
+                                                          - value
+                                                          type: object
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      path:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                      scheme:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  initialDelaySeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  periodSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  successThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  tcpSocket:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  terminationGracePeriodSeconds:
+                                                    format: int64
+                                                    type: integer
+                                                  timeoutSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                type: object
+                                              resizePolicy:
+                                                items:
+                                                  properties:
+                                                    resourceName:
+                                                      type: string
+                                                    restartPolicy:
+                                                      type: string
+                                                  required:
+                                                  - resourceName
+                                                  - restartPolicy
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                              resources:
+                                                properties:
+                                                  claims:
+                                                    items:
+                                                      properties:
+                                                        name:
+                                                          type: string
+                                                      required:
+                                                      - name
+                                                      type: object
+                                                    type: array
+                                                    x-kubernetes-list-map-keys:
+                                                    - name
+                                                    x-kubernetes-list-type: map
+                                                  limits:
+                                                    additionalProperties:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                      x-kubernetes-int-or-string: true
+                                                    type: object
+                                                  requests:
+                                                    additionalProperties:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                      x-kubernetes-int-or-string: true
+                                                    type: object
+                                                type: object
+                                              restartPolicy:
+                                                type: string
+                                              securityContext:
+                                                properties:
+                                                  allowPrivilegeEscalation:
+                                                    type: boolean
+                                                  appArmorProfile:
+                                                    properties:
+                                                      localhostProfile:
+                                                        type: string
+                                                      type:
+                                                        type: string
+                                                    required:
+                                                    - type
+                                                    type: object
+                                                  capabilities:
+                                                    properties:
+                                                      add:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      drop:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    type: object
+                                                  privileged:
+                                                    type: boolean
+                                                  procMount:
+                                                    type: string
+                                                  readOnlyRootFilesystem:
+                                                    type: boolean
+                                                  runAsGroup:
+                                                    format: int64
+                                                    type: integer
+                                                  runAsNonRoot:
+                                                    type: boolean
+                                                  runAsUser:
+                                                    format: int64
+                                                    type: integer
+                                                  seLinuxOptions:
+                                                    properties:
+                                                      level:
+                                                        type: string
+                                                      role:
+                                                        type: string
+                                                      type:
+                                                        type: string
+                                                      user:
+                                                        type: string
+                                                    type: object
+                                                  seccompProfile:
+                                                    properties:
+                                                      localhostProfile:
+                                                        type: string
+                                                      type:
+                                                        type: string
+                                                    required:
+                                                    - type
+                                                    type: object
+                                                  windowsOptions:
+                                                    properties:
+                                                      gmsaCredentialSpec:
+                                                        type: string
+                                                      gmsaCredentialSpecName:
+                                                        type: string
+                                                      hostProcess:
+                                                        type: boolean
+                                                      runAsUserName:
+                                                        type: string
+                                                    type: object
+                                                type: object
+                                              startupProbe:
+                                                properties:
+                                                  exec:
+                                                    properties:
+                                                      command:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    type: object
+                                                  failureThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  grpc:
+                                                    properties:
+                                                      port:
+                                                        format: int32
+                                                        type: integer
+                                                      service:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  httpGet:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      httpHeaders:
+                                                        items:
+                                                          properties:
+                                                            name:
+                                                              type: string
+                                                            value:
+                                                              type: string
+                                                          required:
+                                                          - name
+                                                          - value
+                                                          type: object
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      path:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                      scheme:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  initialDelaySeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  periodSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  successThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  tcpSocket:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  terminationGracePeriodSeconds:
+                                                    format: int64
+                                                    type: integer
+                                                  timeoutSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                type: object
+                                              stdin:
+                                                type: boolean
+                                              stdinOnce:
+                                                type: boolean
+                                              targetContainerName:
+                                                type: string
+                                              terminationMessagePath:
+                                                type: string
+                                              terminationMessagePolicy:
+                                                type: string
+                                              tty:
+                                                type: boolean
+                                              volumeDevices:
+                                                items:
+                                                  properties:
+                                                    devicePath:
+                                                      type: string
+                                                    name:
+                                                      type: string
+                                                  required:
+                                                  - devicePath
+                                                  - name
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-map-keys:
+                                                - devicePath
+                                                x-kubernetes-list-type: map
+                                              volumeMounts:
+                                                items:
+                                                  properties:
+                                                    mountPath:
+                                                      type: string
+                                                    mountPropagation:
+                                                      type: string
+                                                    name:
+                                                      type: string
+                                                    readOnly:
+                                                      type: boolean
+                                                    recursiveReadOnly:
+                                                      type: string
+                                                    subPath:
+                                                      type: string
+                                                    subPathExpr:
+                                                      type: string
+                                                  required:
+                                                  - mountPath
+                                                  - name
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-map-keys:
+                                                - mountPath
+                                                x-kubernetes-list-type: map
+                                              workingDir:
+                                                type: string
+                                            required:
+                                            - name
+                                            type: object
+                                          type: array
+                                        hostAliases:
+                                          items:
+                                            properties:
+                                              hostnames:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                              ip:
+                                                type: string
+                                            required:
+                                            - ip
+                                            type: object
+                                          type: array
+                                        hostIPC:
+                                          type: boolean
+                                        hostNetwork:
+                                          type: boolean
+                                        hostPID:
+                                          type: boolean
+                                        hostname:
+                                          type: string
+                                        imagePullSecrets:
+                                          items:
+                                            properties:
+                                              name:
+                                                default: ""
+                                                type: string
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                          type: array
+                                        initContainers:
+                                          items:
+                                            properties:
+                                              args:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                              command:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                              env:
+                                                items:
+                                                  properties:
+                                                    name:
+                                                      type: string
+                                                    value:
+                                                      type: string
+                                                    valueFrom:
+                                                      properties:
+                                                        configMapKeyRef:
+                                                          properties:
+                                                            key:
+                                                              type: string
+                                                            name:
+                                                              default: ""
+                                                              type: string
+                                                            optional:
+                                                              type: boolean
+                                                          required:
+                                                          - key
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                        fieldRef:
+                                                          properties:
+                                                            apiVersion:
+                                                              type: string
+                                                            fieldPath:
+                                                              type: string
+                                                          required:
+                                                          - fieldPath
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                        resourceFieldRef:
+                                                          properties:
+                                                            containerName:
+                                                              type: string
+                                                            divisor:
+                                                              anyOf:
+                                                              - type: integer
+                                                              - type: string
+                                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                              x-kubernetes-int-or-string: true
+                                                            resource:
+                                                              type: string
+                                                          required:
+                                                          - resource
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                        secretKeyRef:
+                                                          properties:
+                                                            key:
+                                                              type: string
+                                                            name:
+                                                              default: ""
+                                                              type: string
+                                                            optional:
+                                                              type: boolean
+                                                          required:
+                                                          - key
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                      type: object
+                                                  required:
+                                                  - name
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-map-keys:
+                                                - name
+                                                x-kubernetes-list-type: map
+                                              envFrom:
+                                                items:
+                                                  properties:
+                                                    configMapRef:
+                                                      properties:
+                                                        name:
+                                                          default: ""
+                                                          type: string
+                                                        optional:
+                                                          type: boolean
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                    prefix:
+                                                      type: string
+                                                    secretRef:
+                                                      properties:
+                                                        name:
+                                                          default: ""
+                                                          type: string
+                                                        optional:
+                                                          type: boolean
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                              image:
+                                                type: string
+                                              imagePullPolicy:
+                                                type: string
+                                              lifecycle:
+                                                properties:
+                                                  postStart:
+                                                    properties:
+                                                      exec:
+                                                        properties:
+                                                          command:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        type: object
+                                                      httpGet:
+                                                        properties:
+                                                          host:
+                                                            type: string
+                                                          httpHeaders:
+                                                            items:
+                                                              properties:
+                                                                name:
+                                                                  type: string
+                                                                value:
+                                                                  type: string
+                                                              required:
+                                                              - name
+                                                              - value
+                                                              type: object
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          path:
+                                                            type: string
+                                                          port:
+                                                            anyOf:
+                                                            - type: integer
+                                                            - type: string
+                                                            x-kubernetes-int-or-string: true
+                                                          scheme:
+                                                            type: string
+                                                        required:
+                                                        - port
+                                                        type: object
+                                                      sleep:
+                                                        properties:
+                                                          seconds:
+                                                            format: int64
+                                                            type: integer
+                                                        required:
+                                                        - seconds
+                                                        type: object
+                                                      tcpSocket:
+                                                        properties:
+                                                          host:
+                                                            type: string
+                                                          port:
+                                                            anyOf:
+                                                            - type: integer
+                                                            - type: string
+                                                            x-kubernetes-int-or-string: true
+                                                        required:
+                                                        - port
+                                                        type: object
+                                                    type: object
+                                                  preStop:
+                                                    properties:
+                                                      exec:
+                                                        properties:
+                                                          command:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        type: object
+                                                      httpGet:
+                                                        properties:
+                                                          host:
+                                                            type: string
+                                                          httpHeaders:
+                                                            items:
+                                                              properties:
+                                                                name:
+                                                                  type: string
+                                                                value:
+                                                                  type: string
+                                                              required:
+                                                              - name
+                                                              - value
+                                                              type: object
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          path:
+                                                            type: string
+                                                          port:
+                                                            anyOf:
+                                                            - type: integer
+                                                            - type: string
+                                                            x-kubernetes-int-or-string: true
+                                                          scheme:
+                                                            type: string
+                                                        required:
+                                                        - port
+                                                        type: object
+                                                      sleep:
+                                                        properties:
+                                                          seconds:
+                                                            format: int64
+                                                            type: integer
+                                                        required:
+                                                        - seconds
+                                                        type: object
+                                                      tcpSocket:
+                                                        properties:
+                                                          host:
+                                                            type: string
+                                                          port:
+                                                            anyOf:
+                                                            - type: integer
+                                                            - type: string
+                                                            x-kubernetes-int-or-string: true
+                                                        required:
+                                                        - port
+                                                        type: object
+                                                    type: object
+                                                type: object
+                                              livenessProbe:
+                                                properties:
+                                                  exec:
+                                                    properties:
+                                                      command:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    type: object
+                                                  failureThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  grpc:
+                                                    properties:
+                                                      port:
+                                                        format: int32
+                                                        type: integer
+                                                      service:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  httpGet:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      httpHeaders:
+                                                        items:
+                                                          properties:
+                                                            name:
+                                                              type: string
+                                                            value:
+                                                              type: string
+                                                          required:
+                                                          - name
+                                                          - value
+                                                          type: object
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      path:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                      scheme:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  initialDelaySeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  periodSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  successThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  tcpSocket:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  terminationGracePeriodSeconds:
+                                                    format: int64
+                                                    type: integer
+                                                  timeoutSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                type: object
+                                              name:
+                                                type: string
+                                              ports:
+                                                items:
+                                                  properties:
+                                                    containerPort:
+                                                      format: int32
+                                                      type: integer
+                                                    hostIP:
+                                                      type: string
+                                                    hostPort:
+                                                      format: int32
+                                                      type: integer
+                                                    name:
+                                                      type: string
+                                                    protocol:
+                                                      default: TCP
+                                                      type: string
+                                                  required:
+                                                  - containerPort
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-map-keys:
+                                                - containerPort
+                                                - protocol
+                                                x-kubernetes-list-type: map
+                                              readinessProbe:
+                                                properties:
+                                                  exec:
+                                                    properties:
+                                                      command:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    type: object
+                                                  failureThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  grpc:
+                                                    properties:
+                                                      port:
+                                                        format: int32
+                                                        type: integer
+                                                      service:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  httpGet:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      httpHeaders:
+                                                        items:
+                                                          properties:
+                                                            name:
+                                                              type: string
+                                                            value:
+                                                              type: string
+                                                          required:
+                                                          - name
+                                                          - value
+                                                          type: object
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      path:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                      scheme:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  initialDelaySeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  periodSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  successThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  tcpSocket:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  terminationGracePeriodSeconds:
+                                                    format: int64
+                                                    type: integer
+                                                  timeoutSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                type: object
+                                              resizePolicy:
+                                                items:
+                                                  properties:
+                                                    resourceName:
+                                                      type: string
+                                                    restartPolicy:
+                                                      type: string
+                                                  required:
+                                                  - resourceName
+                                                  - restartPolicy
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                              resources:
+                                                properties:
+                                                  claims:
+                                                    items:
+                                                      properties:
+                                                        name:
+                                                          type: string
+                                                      required:
+                                                      - name
+                                                      type: object
+                                                    type: array
+                                                    x-kubernetes-list-map-keys:
+                                                    - name
+                                                    x-kubernetes-list-type: map
+                                                  limits:
+                                                    additionalProperties:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                      x-kubernetes-int-or-string: true
+                                                    type: object
+                                                  requests:
+                                                    additionalProperties:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                      x-kubernetes-int-or-string: true
+                                                    type: object
+                                                type: object
+                                              restartPolicy:
+                                                type: string
+                                              securityContext:
+                                                properties:
+                                                  allowPrivilegeEscalation:
+                                                    type: boolean
+                                                  appArmorProfile:
+                                                    properties:
+                                                      localhostProfile:
+                                                        type: string
+                                                      type:
+                                                        type: string
+                                                    required:
+                                                    - type
+                                                    type: object
+                                                  capabilities:
+                                                    properties:
+                                                      add:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      drop:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    type: object
+                                                  privileged:
+                                                    type: boolean
+                                                  procMount:
+                                                    type: string
+                                                  readOnlyRootFilesystem:
+                                                    type: boolean
+                                                  runAsGroup:
+                                                    format: int64
+                                                    type: integer
+                                                  runAsNonRoot:
+                                                    type: boolean
+                                                  runAsUser:
+                                                    format: int64
+                                                    type: integer
+                                                  seLinuxOptions:
+                                                    properties:
+                                                      level:
+                                                        type: string
+                                                      role:
+                                                        type: string
+                                                      type:
+                                                        type: string
+                                                      user:
+                                                        type: string
+                                                    type: object
+                                                  seccompProfile:
+                                                    properties:
+                                                      localhostProfile:
+                                                        type: string
+                                                      type:
+                                                        type: string
+                                                    required:
+                                                    - type
+                                                    type: object
+                                                  windowsOptions:
+                                                    properties:
+                                                      gmsaCredentialSpec:
+                                                        type: string
+                                                      gmsaCredentialSpecName:
+                                                        type: string
+                                                      hostProcess:
+                                                        type: boolean
+                                                      runAsUserName:
+                                                        type: string
+                                                    type: object
+                                                type: object
+                                              startupProbe:
+                                                properties:
+                                                  exec:
+                                                    properties:
+                                                      command:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    type: object
+                                                  failureThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  grpc:
+                                                    properties:
+                                                      port:
+                                                        format: int32
+                                                        type: integer
+                                                      service:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  httpGet:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      httpHeaders:
+                                                        items:
+                                                          properties:
+                                                            name:
+                                                              type: string
+                                                            value:
+                                                              type: string
+                                                          required:
+                                                          - name
+                                                          - value
+                                                          type: object
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      path:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                      scheme:
+                                                        type: string
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  initialDelaySeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  periodSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                  successThreshold:
+                                                    format: int32
+                                                    type: integer
+                                                  tcpSocket:
+                                                    properties:
+                                                      host:
+                                                        type: string
+                                                      port:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        x-kubernetes-int-or-string: true
+                                                    required:
+                                                    - port
+                                                    type: object
+                                                  terminationGracePeriodSeconds:
+                                                    format: int64
+                                                    type: integer
+                                                  timeoutSeconds:
+                                                    format: int32
+                                                    type: integer
+                                                type: object
+                                              stdin:
+                                                type: boolean
+                                              stdinOnce:
+                                                type: boolean
+                                              terminationMessagePath:
+                                                type: string
+                                              terminationMessagePolicy:
+                                                type: string
+                                              tty:
+                                                type: boolean
+                                              volumeDevices:
+                                                items:
+                                                  properties:
+                                                    devicePath:
+                                                      type: string
+                                                    name:
+                                                      type: string
+                                                  required:
+                                                  - devicePath
+                                                  - name
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-map-keys:
+                                                - devicePath
+                                                x-kubernetes-list-type: map
+                                              volumeMounts:
+                                                items:
+                                                  properties:
+                                                    mountPath:
+                                                      type: string
+                                                    mountPropagation:
+                                                      type: string
+                                                    name:
+                                                      type: string
+                                                    readOnly:
+                                                      type: boolean
+                                                    recursiveReadOnly:
+                                                      type: string
+                                                    subPath:
+                                                      type: string
+                                                    subPathExpr:
+                                                      type: string
+                                                  required:
+                                                  - mountPath
+                                                  - name
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-map-keys:
+                                                - mountPath
+                                                x-kubernetes-list-type: map
+                                              workingDir:
+                                                type: string
+                                            required:
+                                            - name
+                                            type: object
+                                          type: array
+                                        nodeName:
+                                          type: string
+                                        nodeSelector:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                        overhead:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        preemptionPolicy:
+                                          type: string
+                                        priority:
+                                          format: int32
+                                          type: integer
+                                        priorityClassName:
+                                          type: string
+                                        readinessGates:
+                                          items:
+                                            properties:
+                                              conditionType:
+                                                type: string
+                                            required:
+                                            - conditionType
+                                            type: object
+                                          type: array
+                                        restartPolicy:
+                                          type: string
+                                        runtimeClassName:
+                                          type: string
+                                        schedulerName:
+                                          type: string
+                                        securityContext:
+                                          properties:
+                                            appArmorProfile:
+                                              properties:
+                                                localhostProfile:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                              required:
+                                              - type
+                                              type: object
+                                            fsGroup:
+                                              format: int64
+                                              type: integer
+                                            fsGroupChangePolicy:
+                                              type: string
+                                            runAsGroup:
+                                              format: int64
+                                              type: integer
+                                            runAsNonRoot:
+                                              type: boolean
+                                            runAsUser:
+                                              format: int64
+                                              type: integer
+                                            seLinuxOptions:
+                                              properties:
+                                                level:
+                                                  type: string
+                                                role:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                                user:
+                                                  type: string
+                                              type: object
+                                            seccompProfile:
+                                              properties:
+                                                localhostProfile:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                              required:
+                                              - type
+                                              type: object
+                                            supplementalGroups:
+                                              items:
+                                                format: int64
+                                                type: integer
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            sysctls:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                  value:
+                                                    type: string
+                                                required:
+                                                - name
+                                                - value
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            windowsOptions:
+                                              properties:
+                                                gmsaCredentialSpec:
+                                                  type: string
+                                                gmsaCredentialSpecName:
+                                                  type: string
+                                                hostProcess:
+                                                  type: boolean
+                                                runAsUserName:
+                                                  type: string
+                                              type: object
+                                          type: object
+                                        serviceAccountName:
+                                          type: string
+                                        setHostnameAsFQDN:
+                                          type: boolean
+                                        shareProcessNamespace:
+                                          type: boolean
+                                        subdomain:
+                                          type: string
+                                        terminationGracePeriodSeconds:
+                                          format: int64
+                                          type: integer
+                                        tolerations:
+                                          items:
+                                            properties:
+                                              effect:
+                                                type: string
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              tolerationSeconds:
+                                                format: int64
+                                                type: integer
+                                              value:
+                                                type: string
+                                            type: object
+                                          type: array
+                                        topologySpreadConstraints:
+                                          items:
+                                            properties:
+                                              labelSelector:
+                                                properties:
+                                                  matchExpressions:
+                                                    items:
+                                                      properties:
+                                                        key:
+                                                          type: string
+                                                        operator:
+                                                          type: string
+                                                        values:
+                                                          items:
+                                                            type: string
+                                                          type: array
+                                                          x-kubernetes-list-type: atomic
+                                                      required:
+                                                      - key
+                                                      - operator
+                                                      type: object
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                  matchLabels:
+                                                    additionalProperties:
+                                                      type: string
+                                                    type: object
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              matchLabelKeys:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                              maxSkew:
+                                                format: int32
+                                                type: integer
+                                              minDomains:
+                                                format: int32
+                                                type: integer
+                                              nodeAffinityPolicy:
+                                                type: string
+                                              nodeTaintsPolicy:
+                                                type: string
+                                              topologyKey:
+                                                type: string
+                                              whenUnsatisfiable:
+                                                type: string
+                                            required:
+                                            - maxSkew
+                                            - topologyKey
+                                            - whenUnsatisfiable
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - topologyKey
+                                          - whenUnsatisfiable
+                                          x-kubernetes-list-type: map
+                                        volumes:
+                                          items:
+                                            properties:
+                                              awsElasticBlockStore:
+                                                properties:
+                                                  fsType:
+                                                    type: string
+                                                  partition:
+                                                    format: int32
+                                                    type: integer
+                                                  readOnly:
+                                                    type: boolean
+                                                  volumeID:
+                                                    type: string
+                                                required:
+                                                - volumeID
+                                                type: object
+                                              azureDisk:
+                                                properties:
+                                                  cachingMode:
+                                                    type: string
+                                                  diskName:
+                                                    type: string
+                                                  diskURI:
+                                                    type: string
+                                                  fsType:
+                                                    type: string
+                                                  kind:
+                                                    type: string
+                                                  readOnly:
+                                                    type: boolean
+                                                required:
+                                                - diskName
+                                                - diskURI
+                                                type: object
+                                              azureFile:
+                                                properties:
+                                                  readOnly:
+                                                    type: boolean
+                                                  secretName:
+                                                    type: string
+                                                  shareName:
+                                                    type: string
+                                                required:
+                                                - secretName
+                                                - shareName
+                                                type: object
+                                              cephfs:
+                                                properties:
+                                                  monitors:
+                                                    items:
+                                                      type: string
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                  path:
+                                                    type: string
+                                                  readOnly:
+                                                    type: boolean
+                                                  secretFile:
+                                                    type: string
+                                                  secretRef:
+                                                    properties:
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  user:
+                                                    type: string
+                                                required:
+                                                - monitors
+                                                type: object
+                                              cinder:
+                                                properties:
+                                                  fsType:
+                                                    type: string
+                                                  readOnly:
+                                                    type: boolean
+                                                  secretRef:
+                                                    properties:
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  volumeID:
+                                                    type: string
+                                                required:
+                                                - volumeID
+                                                type: object
+                                              configMap:
+                                                properties:
+                                                  defaultMode:
+                                                    format: int32
+                                                    type: integer
+                                                  items:
+                                                    items:
+                                                      properties:
+                                                        key:
+                                                          type: string
+                                                        mode:
+                                                          format: int32
+                                                          type: integer
+                                                        path:
+                                                          type: string
+                                                      required:
+                                                      - key
+                                                      - path
+                                                      type: object
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              csi:
+                                                properties:
+                                                  driver:
+                                                    type: string
+                                                  fsType:
+                                                    type: string
+                                                  nodePublishSecretRef:
+                                                    properties:
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  readOnly:
+                                                    type: boolean
+                                                  volumeAttributes:
+                                                    additionalProperties:
+                                                      type: string
+                                                    type: object
+                                                required:
+                                                - driver
+                                                type: object
+                                              downwardAPI:
+                                                properties:
+                                                  defaultMode:
+                                                    format: int32
+                                                    type: integer
+                                                  items:
+                                                    items:
+                                                      properties:
+                                                        fieldRef:
+                                                          properties:
+                                                            apiVersion:
+                                                              type: string
+                                                            fieldPath:
+                                                              type: string
+                                                          required:
+                                                          - fieldPath
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                        mode:
+                                                          format: int32
+                                                          type: integer
+                                                        path:
+                                                          type: string
+                                                        resourceFieldRef:
+                                                          properties:
+                                                            containerName:
+                                                              type: string
+                                                            divisor:
+                                                              anyOf:
+                                                              - type: integer
+                                                              - type: string
+                                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                              x-kubernetes-int-or-string: true
+                                                            resource:
+                                                              type: string
+                                                          required:
+                                                          - resource
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                      required:
+                                                      - path
+                                                      type: object
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                type: object
+                                              emptyDir:
+                                                properties:
+                                                  medium:
+                                                    type: string
+                                                  sizeLimit:
+                                                    anyOf:
+                                                    - type: integer
+                                                    - type: string
+                                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                    x-kubernetes-int-or-string: true
+                                                type: object
+                                              ephemeral:
+                                                properties:
+                                                  volumeClaimTemplate:
+                                                    properties:
+                                                      metadata:
+                                                        type: object
+                                                      spec:
+                                                        properties:
+                                                          accessModes:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          dataSource:
+                                                            properties:
+                                                              apiGroup:
+                                                                type: string
+                                                              kind:
+                                                                type: string
+                                                              name:
+                                                                type: string
+                                                            required:
+                                                            - kind
+                                                            - name
+                                                            type: object
+                                                            x-kubernetes-map-type: atomic
+                                                          dataSourceRef:
+                                                            properties:
+                                                              apiGroup:
+                                                                type: string
+                                                              kind:
+                                                                type: string
+                                                              name:
+                                                                type: string
+                                                              namespace:
+                                                                type: string
+                                                            required:
+                                                            - kind
+                                                            - name
+                                                            type: object
+                                                          resources:
+                                                            properties:
+                                                              limits:
+                                                                additionalProperties:
+                                                                  anyOf:
+                                                                  - type: integer
+                                                                  - type: string
+                                                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                                  x-kubernetes-int-or-string: true
+                                                                type: object
+                                                              requests:
+                                                                additionalProperties:
+                                                                  anyOf:
+                                                                  - type: integer
+                                                                  - type: string
+                                                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                                  x-kubernetes-int-or-string: true
+                                                                type: object
+                                                            type: object
+                                                          selector:
+                                                            properties:
+                                                              matchExpressions:
+                                                                items:
+                                                                  properties:
+                                                                    key:
+                                                                      type: string
+                                                                    operator:
+                                                                      type: string
+                                                                    values:
+                                                                      items:
+                                                                        type: string
+                                                                      type: array
+                                                                      x-kubernetes-list-type: atomic
+                                                                  required:
+                                                                  - key
+                                                                  - operator
+                                                                  type: object
+                                                                type: array
+                                                                x-kubernetes-list-type: atomic
+                                                              matchLabels:
+                                                                additionalProperties:
+                                                                  type: string
+                                                                type: object
+                                                            type: object
+                                                            x-kubernetes-map-type: atomic
+                                                          storageClassName:
+                                                            type: string
+                                                          volumeAttributesClassName:
+                                                            type: string
+                                                          volumeMode:
+                                                            type: string
+                                                          volumeName:
+                                                            type: string
+                                                        type: object
+                                                    required:
+                                                    - spec
+                                                    type: object
+                                                type: object
+                                              fc:
+                                                properties:
+                                                  fsType:
+                                                    type: string
+                                                  lun:
+                                                    format: int32
+                                                    type: integer
+                                                  readOnly:
+                                                    type: boolean
+                                                  targetWWNs:
+                                                    items:
+                                                      type: string
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                  wwids:
+                                                    items:
+                                                      type: string
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                type: object
+                                              flexVolume:
+                                                properties:
+                                                  driver:
+                                                    type: string
+                                                  fsType:
+                                                    type: string
+                                                  options:
+                                                    additionalProperties:
+                                                      type: string
+                                                    type: object
+                                                  readOnly:
+                                                    type: boolean
+                                                  secretRef:
+                                                    properties:
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                required:
+                                                - driver
+                                                type: object
+                                              flocker:
+                                                properties:
+                                                  datasetName:
+                                                    type: string
+                                                  datasetUUID:
+                                                    type: string
+                                                type: object
+                                              gcePersistentDisk:
+                                                properties:
+                                                  fsType:
+                                                    type: string
+                                                  partition:
+                                                    format: int32
+                                                    type: integer
+                                                  pdName:
+                                                    type: string
+                                                  readOnly:
+                                                    type: boolean
+                                                required:
+                                                - pdName
+                                                type: object
+                                              gitRepo:
+                                                properties:
+                                                  directory:
+                                                    type: string
+                                                  repository:
+                                                    type: string
+                                                  revision:
+                                                    type: string
+                                                required:
+                                                - repository
+                                                type: object
+                                              glusterfs:
+                                                properties:
+                                                  endpoints:
+                                                    type: string
+                                                  path:
+                                                    type: string
+                                                  readOnly:
+                                                    type: boolean
+                                                required:
+                                                - endpoints
+                                                - path
+                                                type: object
+                                              hostPath:
+                                                properties:
+                                                  path:
+                                                    type: string
+                                                  type:
+                                                    type: string
+                                                required:
+                                                - path
+                                                type: object
+                                              iscsi:
+                                                properties:
+                                                  chapAuthDiscovery:
+                                                    type: boolean
+                                                  chapAuthSession:
+                                                    type: boolean
+                                                  fsType:
+                                                    type: string
+                                                  initiatorName:
+                                                    type: string
+                                                  iqn:
+                                                    type: string
+                                                  iscsiInterface:
+                                                    type: string
+                                                  lun:
+                                                    format: int32
+                                                    type: integer
+                                                  portals:
+                                                    items:
+                                                      type: string
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                  readOnly:
+                                                    type: boolean
+                                                  secretRef:
+                                                    properties:
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  targetPortal:
+                                                    type: string
+                                                required:
+                                                - iqn
+                                                - lun
+                                                - targetPortal
+                                                type: object
+                                              name:
+                                                type: string
+                                              nfs:
+                                                properties:
+                                                  path:
+                                                    type: string
+                                                  readOnly:
+                                                    type: boolean
+                                                  server:
+                                                    type: string
+                                                required:
+                                                - path
+                                                - server
+                                                type: object
+                                              persistentVolumeClaim:
+                                                properties:
+                                                  claimName:
+                                                    type: string
+                                                  readOnly:
+                                                    type: boolean
+                                                required:
+                                                - claimName
+                                                type: object
+                                              photonPersistentDisk:
+                                                properties:
+                                                  fsType:
+                                                    type: string
+                                                  pdID:
+                                                    type: string
+                                                required:
+                                                - pdID
+                                                type: object
+                                              portworxVolume:
+                                                properties:
+                                                  fsType:
+                                                    type: string
+                                                  readOnly:
+                                                    type: boolean
+                                                  volumeID:
+                                                    type: string
+                                                required:
+                                                - volumeID
+                                                type: object
+                                              projected:
+                                                properties:
+                                                  defaultMode:
+                                                    format: int32
+                                                    type: integer
+                                                  sources:
+                                                    items:
+                                                      properties:
+                                                        clusterTrustBundle:
+                                                          properties:
+                                                            labelSelector:
+                                                              properties:
+                                                                matchExpressions:
+                                                                  items:
+                                                                    properties:
+                                                                      key:
+                                                                        type: string
+                                                                      operator:
+                                                                        type: string
+                                                                      values:
+                                                                        items:
+                                                                          type: string
+                                                                        type: array
+                                                                        x-kubernetes-list-type: atomic
+                                                                    required:
+                                                                    - key
+                                                                    - operator
+                                                                    type: object
+                                                                  type: array
+                                                                  x-kubernetes-list-type: atomic
+                                                                matchLabels:
+                                                                  additionalProperties:
+                                                                    type: string
+                                                                  type: object
+                                                              type: object
+                                                              x-kubernetes-map-type: atomic
+                                                            name:
+                                                              type: string
+                                                            optional:
+                                                              type: boolean
+                                                            path:
+                                                              type: string
+                                                            signerName:
+                                                              type: string
+                                                          required:
+                                                          - path
+                                                          type: object
+                                                        configMap:
+                                                          properties:
+                                                            items:
+                                                              items:
+                                                                properties:
+                                                                  key:
+                                                                    type: string
+                                                                  mode:
+                                                                    format: int32
+                                                                    type: integer
+                                                                  path:
+                                                                    type: string
+                                                                required:
+                                                                - key
+                                                                - path
+                                                                type: object
+                                                              type: array
+                                                              x-kubernetes-list-type: atomic
+                                                            name:
+                                                              default: ""
+                                                              type: string
+                                                            optional:
+                                                              type: boolean
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                        downwardAPI:
+                                                          properties:
+                                                            items:
+                                                              items:
+                                                                properties:
+                                                                  fieldRef:
+                                                                    properties:
+                                                                      apiVersion:
+                                                                        type: string
+                                                                      fieldPath:
+                                                                        type: string
+                                                                    required:
+                                                                    - fieldPath
+                                                                    type: object
+                                                                    x-kubernetes-map-type: atomic
+                                                                  mode:
+                                                                    format: int32
+                                                                    type: integer
+                                                                  path:
+                                                                    type: string
+                                                                  resourceFieldRef:
+                                                                    properties:
+                                                                      containerName:
+                                                                        type: string
+                                                                      divisor:
+                                                                        anyOf:
+                                                                        - type: integer
+                                                                        - type: string
+                                                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                                        x-kubernetes-int-or-string: true
+                                                                      resource:
+                                                                        type: string
+                                                                    required:
+                                                                    - resource
+                                                                    type: object
+                                                                    x-kubernetes-map-type: atomic
+                                                                required:
+                                                                - path
+                                                                type: object
+                                                              type: array
+                                                              x-kubernetes-list-type: atomic
+                                                          type: object
+                                                        secret:
+                                                          properties:
+                                                            items:
+                                                              items:
+                                                                properties:
+                                                                  key:
+                                                                    type: string
+                                                                  mode:
+                                                                    format: int32
+                                                                    type: integer
+                                                                  path:
+                                                                    type: string
+                                                                required:
+                                                                - key
+                                                                - path
+                                                                type: object
+                                                              type: array
+                                                              x-kubernetes-list-type: atomic
+                                                            name:
+                                                              default: ""
+                                                              type: string
+                                                            optional:
+                                                              type: boolean
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                        serviceAccountToken:
+                                                          properties:
+                                                            audience:
+                                                              type: string
+                                                            expirationSeconds:
+                                                              format: int64
+                                                              type: integer
+                                                            path:
+                                                              type: string
+                                                          required:
+                                                          - path
+                                                          type: object
+                                                      type: object
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                type: object
+                                              quobyte:
+                                                properties:
+                                                  group:
+                                                    type: string
+                                                  readOnly:
+                                                    type: boolean
+                                                  registry:
+                                                    type: string
+                                                  tenant:
+                                                    type: string
+                                                  user:
+                                                    type: string
+                                                  volume:
+                                                    type: string
+                                                required:
+                                                - registry
+                                                - volume
+                                                type: object
+                                              rbd:
+                                                properties:
+                                                  fsType:
+                                                    type: string
+                                                  image:
+                                                    type: string
+                                                  keyring:
+                                                    type: string
+                                                  monitors:
+                                                    items:
+                                                      type: string
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                  pool:
+                                                    type: string
+                                                  readOnly:
+                                                    type: boolean
+                                                  secretRef:
+                                                    properties:
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  user:
+                                                    type: string
+                                                required:
+                                                - image
+                                                - monitors
+                                                type: object
+                                              scaleIO:
+                                                properties:
+                                                  fsType:
+                                                    type: string
+                                                  gateway:
+                                                    type: string
+                                                  protectionDomain:
+                                                    type: string
+                                                  readOnly:
+                                                    type: boolean
+                                                  secretRef:
+                                                    properties:
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  sslEnabled:
+                                                    type: boolean
+                                                  storageMode:
+                                                    type: string
+                                                  storagePool:
+                                                    type: string
+                                                  system:
+                                                    type: string
+                                                  volumeName:
+                                                    type: string
+                                                required:
+                                                - gateway
+                                                - secretRef
+                                                - system
+                                                type: object
+                                              secret:
+                                                properties:
+                                                  defaultMode:
+                                                    format: int32
+                                                    type: integer
+                                                  items:
+                                                    items:
+                                                      properties:
+                                                        key:
+                                                          type: string
+                                                        mode:
+                                                          format: int32
+                                                          type: integer
+                                                        path:
+                                                          type: string
+                                                      required:
+                                                      - key
+                                                      - path
+                                                      type: object
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                  optional:
+                                                    type: boolean
+                                                  secretName:
+                                                    type: string
+                                                type: object
+                                              storageos:
+                                                properties:
+                                                  fsType:
+                                                    type: string
+                                                  readOnly:
+                                                    type: boolean
+                                                  secretRef:
+                                                    properties:
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  volumeName:
+                                                    type: string
+                                                  volumeNamespace:
+                                                    type: string
+                                                type: object
+                                              vsphereVolume:
+                                                properties:
+                                                  fsType:
+                                                    type: string
+                                                  storagePolicyID:
+                                                    type: string
+                                                  storagePolicyName:
+                                                    type: string
+                                                  volumePath:
+                                                    type: string
+                                                required:
+                                                - volumePath
+                                                type: object
+                                            required:
+                                            - name
+                                            type: object
+                                          type: array
+                                      type: object
+                                  type: object
+                                updateStrategy:
+                                  properties:
+                                    rollingUpdate:
+                                      properties:
+                                        maxSurge:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          x-kubernetes-int-or-string: true
+                                        maxUnavailable:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    type:
+                                      type: string
+                                  type: object
+                              type: object
+                          type: object
+                        disableKubernetesFilter:
+                          type: boolean
+                        enableUpstream:
+                          type: boolean
+                        enabled:
+                          type: boolean
+                        extraVolumeMounts:
+                          items:
+                            properties:
+                              destination:
+                                pattern: ^/.+$
+                                type: string
+                              readOnly:
+                                type: boolean
+                              source:
+                                pattern: ^/.+$
+                                type: string
+                            required:
+                            - destination
+                            - source
+                            type: object
+                          type: array
+                        filterAws:
+                          properties:
+                            Match:
+                              type: string
+                            account_id:
+                              type: boolean
+                            ami_id:
+                              type: boolean
+                            az:
+                              type: boolean
+                            ec2_instance_id:
+                              type: boolean
+                            ec2_instance_type:
+                              type: boolean
+                            hostname:
+                              type: boolean
+                            imds_version:
+                              type: string
+                            private_ip:
+                              type: boolean
+                            vpc_id:
+                              type: boolean
+                          type: object
+                        filterKubernetes:
+                          properties:
+                            Annotations:
+                              type: string
+                            Buffer_Size:
+                              type: string
+                            Cache_Use_Docker_Id:
+                              type: string
+                            DNS_Retries:
+                              type: string
+                            DNS_Wait_Time:
+                              type: string
+                            Dummy_Meta:
+                              type: string
+                            K8S-Logging.Exclude:
+                              type: string
+                            K8S-Logging.Parser:
+                              type: string
+                            Keep_Log:
+                              type: string
+                            Kube_CA_File:
+                              type: string
+                            Kube_CA_Path:
+                              type: string
+                            Kube_Meta_Cache_TTL:
+                              type: string
+                            Kube_Tag_Prefix:
+                              type: string
+                            Kube_Token_File:
+                              type: string
+                            Kube_Token_TTL:
+                              type: string
+                            Kube_URL:
+                              type: string
+                            Kube_meta_preload_cache_dir:
+                              type: string
+                            Kubelet_Port:
+                              type: string
+                            Labels:
+                              type: string
+                            Match:
+                              type: string
+                            Merge_Log:
+                              type: string
+                            Merge_Log_Key:
+                              type: string
+                            Merge_Log_Trim:
+                              type: string
+                            Merge_Parser:
+                              type: string
+                            Regex_Parser:
+                              type: string
+                            Use_Journal:
+                              type: string
+                            Use_Kubelet:
+                              type: string
+                            kube_meta_namespace_cache_ttl:
+                              type: string
+                            namespace_annotations:
+                              type: string
+                            namespace_labels:
+                              type: string
+                            tls.debug:
+                              type: string
+                            tls.verify:
+                              type: string
+                          type: object
+                        flush:
+                          format: int32
+                          type: integer
+                        forwardOptions:
+                          properties:
+                            Require_ack_response:
+                              type: boolean
+                            Retry_Limit:
+                              type: string
+                            Send_options:
+                              type: boolean
+                            Tag:
+                              type: string
+                            Time_as_Integer:
+                              type: boolean
+                            Workers:
+                              type: integer
+                            storage.total_limit_size:
+                              type: string
+                          type: object
+                        grace:
+                          format: int32
+                          type: integer
+                        inputTail:
+                          properties:
+                            Buffer_Chunk_Size:
+                              type: string
+                            Buffer_Max_Size:
+                              type: string
+                            DB:
+                              type: string
+                            DB.journal_mode:
+                              type: string
+                            DB.locking:
+                              type: boolean
+                            DB_Sync:
+                              type: string
+                            Docker_Mode:
+                              type: string
+                            Docker_Mode_Flush:
+                              type: string
+                            Docker_Mode_Parser:
+                              type: string
+                            Exclude_Path:
+                              type: string
+                            Ignore_Older:
+                              type: string
+                            Key:
+                              type: string
+                            Mem_Buf_Limit:
+                              type: string
+                            Multiline:
+                              type: string
+                            Multiline_Flush:
+                              type: string
+                            Parser:
+                              type: string
+                            Parser_Firstline:
+                              type: string
+                            Parser_N:
+                              items:
+                                type: string
+                              type: array
+                            Path:
+                              type: string
+                            Path_Key:
+                              type: string
+                            Read_From_Head:
+                              type: boolean
+                            Refresh_Interval:
+                              type: string
+                            Rotate_Wait:
+                              type: string
+                            Skip_Long_Lines:
+                              type: string
+                            Tag:
+                              type: string
+                            Tag_Regex:
+                              type: string
+                            multiline.parser:
+                              items:
+                                type: string
+                              type: array
+                            storage.type:
+                              type: string
+                          type: object
+                        livenessDefaultCheck:
+                          type: boolean
+                        logLevel:
+                          type: string
+                        metrics:
+                          properties:
+                            interval:
+                              type: string
+                            path:
+                              type: string
+                            port:
+                              format: int32
+                              type: integer
+                            prometheusAnnotations:
+                              type: boolean
+                            prometheusRules:
+                              type: boolean
+                            serviceMonitor:
+                              type: boolean
+                            serviceMonitorConfig:
+                              properties:
+                                additionalLabels:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                                honorLabels:
+                                  type: boolean
+                                metricRelabelings:
+                                  items:
+                                    properties:
+                                      action:
+                                        default: replace
+                                        enum:
+                                        - replace
+                                        - Replace
+                                        - keep
+                                        - Keep
+                                        - drop
+                                        - Drop
+                                        - hashmod
+                                        - HashMod
+                                        - labelmap
+                                        - LabelMap
+                                        - labeldrop
+                                        - LabelDrop
+                                        - labelkeep
+                                        - LabelKeep
+                                        - lowercase
+                                        - Lowercase
+                                        - uppercase
+                                        - Uppercase
+                                        - keepequal
+                                        - KeepEqual
+                                        - dropequal
+                                        - DropEqual
+                                        type: string
+                                      modulus:
+                                        format: int64
+                                        type: integer
+                                      regex:
+                                        type: string
+                                      replacement:
+                                        type: string
+                                      separator:
+                                        type: string
+                                      sourceLabels:
+                                        items:
+                                          pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                          type: string
+                                        type: array
+                                      targetLabel:
+                                        type: string
+                                    type: object
+                                  type: array
+                                relabelings:
+                                  items:
+                                    properties:
+                                      action:
+                                        default: replace
+                                        enum:
+                                        - replace
+                                        - Replace
+                                        - keep
+                                        - Keep
+                                        - drop
+                                        - Drop
+                                        - hashmod
+                                        - HashMod
+                                        - labelmap
+                                        - LabelMap
+                                        - labeldrop
+                                        - LabelDrop
+                                        - labelkeep
+                                        - LabelKeep
+                                        - lowercase
+                                        - Lowercase
+                                        - uppercase
+                                        - Uppercase
+                                        - keepequal
+                                        - KeepEqual
+                                        - dropequal
+                                        - DropEqual
+                                        type: string
+                                      modulus:
+                                        format: int64
+                                        type: integer
+                                      regex:
+                                        type: string
+                                      replacement:
+                                        type: string
+                                      separator:
+                                        type: string
+                                      sourceLabels:
+                                        items:
+                                          pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                          type: string
+                                        type: array
+                                      targetLabel:
+                                        type: string
+                                    type: object
+                                  type: array
+                                scheme:
+                                  type: string
+                                tlsConfig:
+                                  properties:
+                                    ca:
+                                      properties:
+                                        configMap:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        secret:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      type: object
+                                    caFile:
+                                      type: string
+                                    cert:
+                                      properties:
+                                        configMap:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        secret:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      type: object
+                                    certFile:
+                                      type: string
+                                    insecureSkipVerify:
+                                      type: boolean
+                                    keyFile:
+                                      type: string
+                                    keySecret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    serverName:
+                                      type: string
+                                  type: object
+                              type: object
+                            timeout:
+                              type: string
+                          type: object
+                        metricsService:
+                          properties:
+                            metadata:
+                              properties:
+                                annotations:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                                labels:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                              type: object
+                            spec:
+                              properties:
+                                allocateLoadBalancerNodePorts:
+                                  type: boolean
+                                clusterIP:
+                                  type: string
+                                clusterIPs:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                externalIPs:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                externalName:
+                                  type: string
+                                externalTrafficPolicy:
+                                  type: string
+                                healthCheckNodePort:
+                                  format: int32
+                                  type: integer
+                                internalTrafficPolicy:
+                                  type: string
+                                ipFamilies:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                ipFamilyPolicy:
+                                  type: string
+                                loadBalancerClass:
+                                  type: string
+                                loadBalancerIP:
+                                  type: string
+                                loadBalancerSourceRanges:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                ports:
+                                  items:
+                                    properties:
+                                      appProtocol:
+                                        type: string
+                                      name:
+                                        type: string
+                                      nodePort:
+                                        format: int32
+                                        type: integer
+                                      port:
+                                        format: int32
+                                        type: integer
+                                      protocol:
+                                        default: TCP
+                                        type: string
+                                      targetPort:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        x-kubernetes-int-or-string: true
+                                    required:
+                                    - port
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-map-keys:
+                                  - port
+                                  - protocol
+                                  x-kubernetes-list-type: map
+                                publishNotReadyAddresses:
+                                  type: boolean
+                                selector:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                sessionAffinity:
+                                  type: string
+                                sessionAffinityConfig:
+                                  properties:
+                                    clientIP:
+                                      properties:
+                                        timeoutSeconds:
+                                          format: int32
+                                          type: integer
+                                      type: object
+                                  type: object
+                                trafficDistribution:
+                                  type: string
+                                type:
+                                  type: string
+                              type: object
+                          type: object
+                        network:
+                          properties:
+                            connectTimeout:
+                              format: int32
+                              type: integer
+                            connectTimeoutLogError:
+                              type: boolean
+                            dnsMode:
+                              type: string
+                            dnsPreferIpv4:
+                              type: boolean
+                            dnsResolver:
+                              type: string
+                            keepalive:
+                              type: boolean
+                            keepaliveIdleTimeout:
+                              format: int32
+                              type: integer
+                            keepaliveMaxRecycle:
+                              format: int32
+                              type: integer
+                            maxWorkerConnections:
+                              type: integer
+                            sourceAddress:
+                              type: string
+                          type: object
+                        podPriorityClassName:
+                          type: string
+                        positiondb:
+                          properties:
+                            configMap:
+                              properties:
+                                defaultMode:
+                                  format: int32
+                                  type: integer
+                                items:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      mode:
+                                        format: int32
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - key
+                                    - path
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            emptyDir:
+                              properties:
+                                medium:
+                                  type: string
+                                sizeLimit:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                              type: object
+                            host_path:
+                              properties:
+                                path:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - path
+                              type: object
+                            hostPath:
+                              properties:
+                                path:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - path
+                              type: object
+                            pvc:
+                              properties:
+                                source:
+                                  properties:
+                                    claimName:
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                  required:
+                                  - claimName
+                                  type: object
+                                spec:
+                                  properties:
+                                    accessModes:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    dataSource:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    dataSourceRef:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                        namespace:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                    resources:
+                                      properties:
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    selector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    storageClassName:
+                                      type: string
+                                    volumeAttributesClassName:
+                                      type: string
+                                    volumeMode:
+                                      type: string
+                                    volumeName:
+                                      type: string
+                                  type: object
+                              type: object
+                            secret:
+                              properties:
+                                defaultMode:
+                                  format: int32
+                                  type: integer
+                                items:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      mode:
+                                        format: int32
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - key
+                                    - path
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                optional:
+                                  type: boolean
+                                secretName:
+                                  type: string
+                              type: object
+                          type: object
+                        security:
+                          properties:
+                            podSecurityContext:
+                              properties:
+                                appArmorProfile:
+                                  properties:
+                                    localhostProfile:
+                                      type: string
+                                    type:
+                                      type: string
+                                  required:
+                                  - type
+                                  type: object
+                                fsGroup:
+                                  format: int64
+                                  type: integer
+                                fsGroupChangePolicy:
+                                  type: string
+                                runAsGroup:
+                                  format: int64
+                                  type: integer
+                                runAsNonRoot:
+                                  type: boolean
+                                runAsUser:
+                                  format: int64
+                                  type: integer
+                                seLinuxOptions:
+                                  properties:
+                                    level:
+                                      type: string
+                                    role:
+                                      type: string
+                                    type:
+                                      type: string
+                                    user:
+                                      type: string
+                                  type: object
+                                seccompProfile:
+                                  properties:
+                                    localhostProfile:
+                                      type: string
+                                    type:
+                                      type: string
+                                  required:
+                                  - type
+                                  type: object
+                                supplementalGroups:
+                                  items:
+                                    format: int64
+                                    type: integer
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                sysctls:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                windowsOptions:
+                                  properties:
+                                    gmsaCredentialSpec:
+                                      type: string
+                                    gmsaCredentialSpecName:
+                                      type: string
+                                    hostProcess:
+                                      type: boolean
+                                    runAsUserName:
+                                      type: string
+                                  type: object
+                              type: object
+                            podSecurityPolicyCreate:
+                              type: boolean
+                            roleBasedAccessControlCreate:
+                              type: boolean
+                            securityContext:
+                              properties:
+                                allowPrivilegeEscalation:
+                                  type: boolean
+                                appArmorProfile:
+                                  properties:
+                                    localhostProfile:
+                                      type: string
+                                    type:
+                                      type: string
+                                  required:
+                                  - type
+                                  type: object
+                                capabilities:
+                                  properties:
+                                    add:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    drop:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                privileged:
+                                  type: boolean
+                                procMount:
+                                  type: string
+                                readOnlyRootFilesystem:
+                                  type: boolean
+                                runAsGroup:
+                                  format: int64
+                                  type: integer
+                                runAsNonRoot:
+                                  type: boolean
+                                runAsUser:
+                                  format: int64
+                                  type: integer
+                                seLinuxOptions:
+                                  properties:
+                                    level:
+                                      type: string
+                                    role:
+                                      type: string
+                                    type:
+                                      type: string
+                                    user:
+                                      type: string
+                                  type: object
+                                seccompProfile:
+                                  properties:
+                                    localhostProfile:
+                                      type: string
+                                    type:
+                                      type: string
+                                  required:
+                                  - type
+                                  type: object
+                                windowsOptions:
+                                  properties:
+                                    gmsaCredentialSpec:
+                                      type: string
+                                    gmsaCredentialSpecName:
+                                      type: string
+                                    hostProcess:
+                                      type: boolean
+                                    runAsUserName:
+                                      type: string
+                                  type: object
+                              type: object
+                            serviceAccount:
+                              type: string
+                          type: object
+                        serviceAccount:
+                          properties:
+                            automountServiceAccountToken:
+                              type: boolean
+                            imagePullSecrets:
+                              items:
+                                properties:
+                                  name:
+                                    default: ""
+                                    type: string
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              type: array
+                            metadata:
+                              properties:
+                                annotations:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                                labels:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                              type: object
+                            secrets:
+                              items:
+                                properties:
+                                  apiVersion:
+                                    type: string
+                                  fieldPath:
+                                    type: string
+                                  kind:
+                                    type: string
+                                  name:
+                                    type: string
+                                  namespace:
+                                    type: string
+                                  resourceVersion:
+                                    type: string
+                                  uid:
+                                    type: string
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              type: array
+                          type: object
+                        targetHost:
+                          type: string
+                        targetPort:
+                          format: int32
+                          type: integer
+                        tls:
+                          properties:
+                            enabled:
+                              type: boolean
+                            secretName:
+                              type: string
+                            sharedKey:
+                              type: string
+                          required:
+                          - enabled
+                          type: object
+                        varLogsPath:
+                          type: string
+                      type: object
+                    profile:
+                      type: string
+                  type: object
+                type: array
+              skipInvalidResources:
+                type: boolean
+              syslogNG:
+                properties:
+                  bufferVolumeMetrics:
+                    properties:
+                      interval:
+                        type: string
+                      mount_name:
+                        type: string
+                      path:
+                        type: string
+                      port:
+                        format: int32
+                        type: integer
+                      prometheusAnnotations:
+                        type: boolean
+                      prometheusRules:
+                        type: boolean
+                      serviceMonitor:
+                        type: boolean
+                      serviceMonitorConfig:
+                        properties:
+                          additionalLabels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          honorLabels:
+                            type: boolean
+                          metricRelabelings:
+                            items:
+                              properties:
+                                action:
+                                  default: replace
+                                  enum:
+                                  - replace
+                                  - Replace
+                                  - keep
+                                  - Keep
+                                  - drop
+                                  - Drop
+                                  - hashmod
+                                  - HashMod
+                                  - labelmap
+                                  - LabelMap
+                                  - labeldrop
+                                  - LabelDrop
+                                  - labelkeep
+                                  - LabelKeep
+                                  - lowercase
+                                  - Lowercase
+                                  - uppercase
+                                  - Uppercase
+                                  - keepequal
+                                  - KeepEqual
+                                  - dropequal
+                                  - DropEqual
+                                  type: string
+                                modulus:
+                                  format: int64
+                                  type: integer
+                                regex:
+                                  type: string
+                                replacement:
+                                  type: string
+                                separator:
+                                  type: string
+                                sourceLabels:
+                                  items:
+                                    pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                    type: string
+                                  type: array
+                                targetLabel:
+                                  type: string
+                              type: object
+                            type: array
+                          relabelings:
+                            items:
+                              properties:
+                                action:
+                                  default: replace
+                                  enum:
+                                  - replace
+                                  - Replace
+                                  - keep
+                                  - Keep
+                                  - drop
+                                  - Drop
+                                  - hashmod
+                                  - HashMod
+                                  - labelmap
+                                  - LabelMap
+                                  - labeldrop
+                                  - LabelDrop
+                                  - labelkeep
+                                  - LabelKeep
+                                  - lowercase
+                                  - Lowercase
+                                  - uppercase
+                                  - Uppercase
+                                  - keepequal
+                                  - KeepEqual
+                                  - dropequal
+                                  - DropEqual
+                                  type: string
+                                modulus:
+                                  format: int64
+                                  type: integer
+                                regex:
+                                  type: string
+                                replacement:
+                                  type: string
+                                separator:
+                                  type: string
+                                sourceLabels:
+                                  items:
+                                    pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                    type: string
+                                  type: array
+                                targetLabel:
+                                  type: string
+                              type: object
+                            type: array
+                          scheme:
+                            type: string
+                          tlsConfig:
+                            properties:
+                              ca:
+                                properties:
+                                  configMap:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              caFile:
+                                type: string
+                              cert:
+                                properties:
+                                  configMap:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              certFile:
+                                type: string
+                              insecureSkipVerify:
+                                type: boolean
+                              keyFile:
+                                type: string
+                              keySecret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              serverName:
+                                type: string
+                            type: object
+                        type: object
+                      timeout:
+                        type: string
+                    type: object
+                  bufferVolumeMetricsService:
+                    properties:
+                      metadata:
+                        properties:
+                          annotations:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          labels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                        type: object
+                      spec:
+                        properties:
+                          allocateLoadBalancerNodePorts:
+                            type: boolean
+                          clusterIP:
+                            type: string
+                          clusterIPs:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          externalIPs:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          externalName:
+                            type: string
+                          externalTrafficPolicy:
+                            type: string
+                          healthCheckNodePort:
+                            format: int32
+                            type: integer
+                          internalTrafficPolicy:
+                            type: string
+                          ipFamilies:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          ipFamilyPolicy:
+                            type: string
+                          loadBalancerClass:
+                            type: string
+                          loadBalancerIP:
+                            type: string
+                          loadBalancerSourceRanges:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          ports:
+                            items:
+                              properties:
+                                appProtocol:
+                                  type: string
+                                name:
+                                  type: string
+                                nodePort:
+                                  format: int32
+                                  type: integer
+                                port:
+                                  format: int32
+                                  type: integer
+                                protocol:
+                                  default: TCP
+                                  type: string
+                                targetPort:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            type: array
+                            x-kubernetes-list-map-keys:
+                            - port
+                            - protocol
+                            x-kubernetes-list-type: map
+                          publishNotReadyAddresses:
+                            type: boolean
+                          selector:
+                            additionalProperties:
+                              type: string
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          sessionAffinity:
+                            type: string
+                          sessionAffinityConfig:
+                            properties:
+                              clientIP:
+                                properties:
+                                  timeoutSeconds:
+                                    format: int32
+                                    type: integer
+                                type: object
+                            type: object
+                          trafficDistribution:
+                            type: string
+                          type:
+                            type: string
+                        type: object
+                    type: object
+                  configCheck:
+                    properties:
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      strategy:
+                        type: string
+                      timeoutSeconds:
+                        type: integer
+                    type: object
+                  configCheckPod:
+                    properties:
+                      activeDeadlineSeconds:
+                        format: int64
+                        type: integer
+                      affinity:
+                        properties:
+                          nodeAffinity:
+                            properties:
+                              preferredDuringSchedulingIgnoredDuringExecution:
+                                items:
+                                  properties:
+                                    preference:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchFields:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    weight:
+                                      format: int32
+                                      type: integer
+                                  required:
+                                  - preference
+                                  - weight
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              requiredDuringSchedulingIgnoredDuringExecution:
+                                properties:
+                                  nodeSelectorTerms:
+                                    items:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchFields:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                required:
+                                - nodeSelectorTerms
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          podAffinity:
+                            properties:
+                              preferredDuringSchedulingIgnoredDuringExecution:
+                                items:
+                                  properties:
+                                    podAffinityTerm:
+                                      properties:
+                                        labelSelector:
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  operator:
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      type: string
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                required:
+                                                - key
+                                                - operator
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            matchLabels:
+                                              additionalProperties:
+                                                type: string
+                                              type: object
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        matchLabelKeys:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        mismatchLabelKeys:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        namespaceSelector:
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  operator:
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      type: string
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                required:
+                                                - key
+                                                - operator
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            matchLabels:
+                                              additionalProperties:
+                                                type: string
+                                              type: object
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        namespaces:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        topologyKey:
+                                          type: string
+                                      required:
+                                      - topologyKey
+                                      type: object
+                                    weight:
+                                      format: int32
+                                      type: integer
+                                  required:
+                                  - podAffinityTerm
+                                  - weight
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              requiredDuringSchedulingIgnoredDuringExecution:
+                                items:
+                                  properties:
+                                    labelSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    matchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    mismatchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    namespaceSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    namespaces:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    topologyKey:
+                                      type: string
+                                  required:
+                                  - topologyKey
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            type: object
+                          podAntiAffinity:
+                            properties:
+                              preferredDuringSchedulingIgnoredDuringExecution:
+                                items:
+                                  properties:
+                                    podAffinityTerm:
+                                      properties:
+                                        labelSelector:
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  operator:
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      type: string
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                required:
+                                                - key
+                                                - operator
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            matchLabels:
+                                              additionalProperties:
+                                                type: string
+                                              type: object
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        matchLabelKeys:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        mismatchLabelKeys:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        namespaceSelector:
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  operator:
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      type: string
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                required:
+                                                - key
+                                                - operator
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            matchLabels:
+                                              additionalProperties:
+                                                type: string
+                                              type: object
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        namespaces:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        topologyKey:
+                                          type: string
+                                      required:
+                                      - topologyKey
+                                      type: object
+                                    weight:
+                                      format: int32
+                                      type: integer
+                                  required:
+                                  - podAffinityTerm
+                                  - weight
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              requiredDuringSchedulingIgnoredDuringExecution:
+                                items:
+                                  properties:
+                                    labelSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    matchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    mismatchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    namespaceSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    namespaces:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    topologyKey:
+                                      type: string
+                                  required:
+                                  - topologyKey
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            type: object
+                        type: object
+                      automountServiceAccountToken:
+                        type: boolean
+                      containers:
+                        items:
+                          properties:
+                            args:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            command:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            env:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  value:
+                                    type: string
+                                  valueFrom:
+                                    properties:
+                                      configMapKeyRef:
+                                        properties:
+                                          key:
+                                            type: string
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      fieldRef:
+                                        properties:
+                                          apiVersion:
+                                            type: string
+                                          fieldPath:
+                                            type: string
+                                        required:
+                                        - fieldPath
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      resourceFieldRef:
+                                        properties:
+                                          containerName:
+                                            type: string
+                                          divisor:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          resource:
+                                            type: string
+                                        required:
+                                        - resource
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secretKeyRef:
+                                        properties:
+                                          key:
+                                            type: string
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                required:
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            envFrom:
+                              items:
+                                properties:
+                                  configMapRef:
+                                    properties:
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  prefix:
+                                    type: string
+                                  secretRef:
+                                    properties:
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            image:
+                              type: string
+                            imagePullPolicy:
+                              type: string
+                            lifecycle:
+                              properties:
+                                postStart:
+                                  properties:
+                                    exec:
+                                      properties:
+                                        command:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      type: object
+                                    httpGet:
+                                      properties:
+                                        host:
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                type: string
+                                              value:
+                                                type: string
+                                            required:
+                                            - name
+                                            - value
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        path:
+                                          type: string
+                                        port:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          type: string
+                                      required:
+                                      - port
+                                      type: object
+                                    sleep:
+                                      properties:
+                                        seconds:
+                                          format: int64
+                                          type: integer
+                                      required:
+                                      - seconds
+                                      type: object
+                                    tcpSocket:
+                                      properties:
+                                        host:
+                                          type: string
+                                        port:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          x-kubernetes-int-or-string: true
+                                      required:
+                                      - port
+                                      type: object
+                                  type: object
+                                preStop:
+                                  properties:
+                                    exec:
+                                      properties:
+                                        command:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      type: object
+                                    httpGet:
+                                      properties:
+                                        host:
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                type: string
+                                              value:
+                                                type: string
+                                            required:
+                                            - name
+                                            - value
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        path:
+                                          type: string
+                                        port:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          type: string
+                                      required:
+                                      - port
+                                      type: object
+                                    sleep:
+                                      properties:
+                                        seconds:
+                                          format: int64
+                                          type: integer
+                                      required:
+                                      - seconds
+                                      type: object
+                                    tcpSocket:
+                                      properties:
+                                        host:
+                                          type: string
+                                        port:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          x-kubernetes-int-or-string: true
+                                      required:
+                                      - port
+                                      type: object
+                                  type: object
+                              type: object
+                            livenessProbe:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                failureThreshold:
+                                  format: int32
+                                  type: integer
+                                grpc:
+                                  properties:
+                                    port:
+                                      format: int32
+                                      type: integer
+                                    service:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                initialDelaySeconds:
+                                  format: int32
+                                  type: integer
+                                periodSeconds:
+                                  format: int32
+                                  type: integer
+                                successThreshold:
+                                  format: int32
+                                  type: integer
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                                terminationGracePeriodSeconds:
+                                  format: int64
+                                  type: integer
+                                timeoutSeconds:
+                                  format: int32
+                                  type: integer
+                              type: object
+                            name:
+                              type: string
+                            ports:
+                              items:
+                                properties:
+                                  containerPort:
+                                    format: int32
+                                    type: integer
+                                  hostIP:
+                                    type: string
+                                  hostPort:
+                                    format: int32
+                                    type: integer
+                                  name:
+                                    type: string
+                                  protocol:
+                                    default: TCP
+                                    type: string
+                                required:
+                                - containerPort
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - containerPort
+                              - protocol
+                              x-kubernetes-list-type: map
+                            readinessProbe:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                failureThreshold:
+                                  format: int32
+                                  type: integer
+                                grpc:
+                                  properties:
+                                    port:
+                                      format: int32
+                                      type: integer
+                                    service:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                initialDelaySeconds:
+                                  format: int32
+                                  type: integer
+                                periodSeconds:
+                                  format: int32
+                                  type: integer
+                                successThreshold:
+                                  format: int32
+                                  type: integer
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                                terminationGracePeriodSeconds:
+                                  format: int64
+                                  type: integer
+                                timeoutSeconds:
+                                  format: int32
+                                  type: integer
+                              type: object
+                            resizePolicy:
+                              items:
+                                properties:
+                                  resourceName:
+                                    type: string
+                                  restartPolicy:
+                                    type: string
+                                required:
+                                - resourceName
+                                - restartPolicy
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            resources:
+                              properties:
+                                claims:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                    required:
+                                    - name
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-map-keys:
+                                  - name
+                                  x-kubernetes-list-type: map
+                                limits:
+                                  additionalProperties:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  type: object
+                                requests:
+                                  additionalProperties:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  type: object
+                              type: object
+                            restartPolicy:
+                              type: string
+                            securityContext:
+                              properties:
+                                allowPrivilegeEscalation:
+                                  type: boolean
+                                appArmorProfile:
+                                  properties:
+                                    localhostProfile:
+                                      type: string
+                                    type:
+                                      type: string
+                                  required:
+                                  - type
+                                  type: object
+                                capabilities:
+                                  properties:
+                                    add:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    drop:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                privileged:
+                                  type: boolean
+                                procMount:
+                                  type: string
+                                readOnlyRootFilesystem:
+                                  type: boolean
+                                runAsGroup:
+                                  format: int64
+                                  type: integer
+                                runAsNonRoot:
+                                  type: boolean
+                                runAsUser:
+                                  format: int64
+                                  type: integer
+                                seLinuxOptions:
+                                  properties:
+                                    level:
+                                      type: string
+                                    role:
+                                      type: string
+                                    type:
+                                      type: string
+                                    user:
+                                      type: string
+                                  type: object
+                                seccompProfile:
+                                  properties:
+                                    localhostProfile:
+                                      type: string
+                                    type:
+                                      type: string
+                                  required:
+                                  - type
+                                  type: object
+                                windowsOptions:
+                                  properties:
+                                    gmsaCredentialSpec:
+                                      type: string
+                                    gmsaCredentialSpecName:
+                                      type: string
+                                    hostProcess:
+                                      type: boolean
+                                    runAsUserName:
+                                      type: string
+                                  type: object
+                              type: object
+                            startupProbe:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                failureThreshold:
+                                  format: int32
+                                  type: integer
+                                grpc:
+                                  properties:
+                                    port:
+                                      format: int32
+                                      type: integer
+                                    service:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                initialDelaySeconds:
+                                  format: int32
+                                  type: integer
+                                periodSeconds:
+                                  format: int32
+                                  type: integer
+                                successThreshold:
+                                  format: int32
+                                  type: integer
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                                terminationGracePeriodSeconds:
+                                  format: int64
+                                  type: integer
+                                timeoutSeconds:
+                                  format: int32
+                                  type: integer
+                              type: object
+                            stdin:
+                              type: boolean
+                            stdinOnce:
+                              type: boolean
+                            terminationMessagePath:
+                              type: string
+                            terminationMessagePolicy:
+                              type: string
+                            tty:
+                              type: boolean
+                            volumeDevices:
+                              items:
+                                properties:
+                                  devicePath:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - devicePath
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - devicePath
+                              x-kubernetes-list-type: map
+                            volumeMounts:
+                              items:
+                                properties:
+                                  mountPath:
+                                    type: string
+                                  mountPropagation:
+                                    type: string
+                                  name:
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  recursiveReadOnly:
+                                    type: string
+                                  subPath:
+                                    type: string
+                                  subPathExpr:
+                                    type: string
+                                required:
+                                - mountPath
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - mountPath
+                              x-kubernetes-list-type: map
+                            workingDir:
+                              type: string
+                          required:
+                          - name
+                          type: object
+                        type: array
+                      dnsConfig:
+                        properties:
+                          nameservers:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          options:
+                            items:
+                              properties:
+                                name:
+                                  type: string
+                                value:
+                                  type: string
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          searches:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      dnsPolicy:
+                        type: string
+                      enableServiceLinks:
+                        type: boolean
+                      ephemeralContainers:
+                        items:
+                          properties:
+                            args:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            command:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            env:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  value:
+                                    type: string
+                                  valueFrom:
+                                    properties:
+                                      configMapKeyRef:
+                                        properties:
+                                          key:
+                                            type: string
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      fieldRef:
+                                        properties:
+                                          apiVersion:
+                                            type: string
+                                          fieldPath:
+                                            type: string
+                                        required:
+                                        - fieldPath
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      resourceFieldRef:
+                                        properties:
+                                          containerName:
+                                            type: string
+                                          divisor:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          resource:
+                                            type: string
+                                        required:
+                                        - resource
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secretKeyRef:
+                                        properties:
+                                          key:
+                                            type: string
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                required:
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            envFrom:
+                              items:
+                                properties:
+                                  configMapRef:
+                                    properties:
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  prefix:
+                                    type: string
+                                  secretRef:
+                                    properties:
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            image:
+                              type: string
+                            imagePullPolicy:
+                              type: string
+                            lifecycle:
+                              properties:
+                                postStart:
+                                  properties:
+                                    exec:
+                                      properties:
+                                        command:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      type: object
+                                    httpGet:
+                                      properties:
+                                        host:
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                type: string
+                                              value:
+                                                type: string
+                                            required:
+                                            - name
+                                            - value
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        path:
+                                          type: string
+                                        port:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          type: string
+                                      required:
+                                      - port
+                                      type: object
+                                    sleep:
+                                      properties:
+                                        seconds:
+                                          format: int64
+                                          type: integer
+                                      required:
+                                      - seconds
+                                      type: object
+                                    tcpSocket:
+                                      properties:
+                                        host:
+                                          type: string
+                                        port:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          x-kubernetes-int-or-string: true
+                                      required:
+                                      - port
+                                      type: object
+                                  type: object
+                                preStop:
+                                  properties:
+                                    exec:
+                                      properties:
+                                        command:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      type: object
+                                    httpGet:
+                                      properties:
+                                        host:
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                type: string
+                                              value:
+                                                type: string
+                                            required:
+                                            - name
+                                            - value
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        path:
+                                          type: string
+                                        port:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          type: string
+                                      required:
+                                      - port
+                                      type: object
+                                    sleep:
+                                      properties:
+                                        seconds:
+                                          format: int64
+                                          type: integer
+                                      required:
+                                      - seconds
+                                      type: object
+                                    tcpSocket:
+                                      properties:
+                                        host:
+                                          type: string
+                                        port:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          x-kubernetes-int-or-string: true
+                                      required:
+                                      - port
+                                      type: object
+                                  type: object
+                              type: object
+                            livenessProbe:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                failureThreshold:
+                                  format: int32
+                                  type: integer
+                                grpc:
+                                  properties:
+                                    port:
+                                      format: int32
+                                      type: integer
+                                    service:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                initialDelaySeconds:
+                                  format: int32
+                                  type: integer
+                                periodSeconds:
+                                  format: int32
+                                  type: integer
+                                successThreshold:
+                                  format: int32
+                                  type: integer
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                                terminationGracePeriodSeconds:
+                                  format: int64
+                                  type: integer
+                                timeoutSeconds:
+                                  format: int32
+                                  type: integer
+                              type: object
+                            name:
+                              type: string
+                            ports:
+                              items:
+                                properties:
+                                  containerPort:
+                                    format: int32
+                                    type: integer
+                                  hostIP:
+                                    type: string
+                                  hostPort:
+                                    format: int32
+                                    type: integer
+                                  name:
+                                    type: string
+                                  protocol:
+                                    default: TCP
+                                    type: string
+                                required:
+                                - containerPort
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - containerPort
+                              - protocol
+                              x-kubernetes-list-type: map
+                            readinessProbe:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                failureThreshold:
+                                  format: int32
+                                  type: integer
+                                grpc:
+                                  properties:
+                                    port:
+                                      format: int32
+                                      type: integer
+                                    service:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                initialDelaySeconds:
+                                  format: int32
+                                  type: integer
+                                periodSeconds:
+                                  format: int32
+                                  type: integer
+                                successThreshold:
+                                  format: int32
+                                  type: integer
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                                terminationGracePeriodSeconds:
+                                  format: int64
+                                  type: integer
+                                timeoutSeconds:
+                                  format: int32
+                                  type: integer
+                              type: object
+                            resizePolicy:
+                              items:
+                                properties:
+                                  resourceName:
+                                    type: string
+                                  restartPolicy:
+                                    type: string
+                                required:
+                                - resourceName
+                                - restartPolicy
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            resources:
+                              properties:
+                                claims:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                    required:
+                                    - name
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-map-keys:
+                                  - name
+                                  x-kubernetes-list-type: map
+                                limits:
+                                  additionalProperties:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  type: object
+                                requests:
+                                  additionalProperties:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  type: object
+                              type: object
+                            restartPolicy:
+                              type: string
+                            securityContext:
+                              properties:
+                                allowPrivilegeEscalation:
+                                  type: boolean
+                                appArmorProfile:
+                                  properties:
+                                    localhostProfile:
+                                      type: string
+                                    type:
+                                      type: string
+                                  required:
+                                  - type
+                                  type: object
+                                capabilities:
+                                  properties:
+                                    add:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    drop:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                privileged:
+                                  type: boolean
+                                procMount:
+                                  type: string
+                                readOnlyRootFilesystem:
+                                  type: boolean
+                                runAsGroup:
+                                  format: int64
+                                  type: integer
+                                runAsNonRoot:
+                                  type: boolean
+                                runAsUser:
+                                  format: int64
+                                  type: integer
+                                seLinuxOptions:
+                                  properties:
+                                    level:
+                                      type: string
+                                    role:
+                                      type: string
+                                    type:
+                                      type: string
+                                    user:
+                                      type: string
+                                  type: object
+                                seccompProfile:
+                                  properties:
+                                    localhostProfile:
+                                      type: string
+                                    type:
+                                      type: string
+                                  required:
+                                  - type
+                                  type: object
+                                windowsOptions:
+                                  properties:
+                                    gmsaCredentialSpec:
+                                      type: string
+                                    gmsaCredentialSpecName:
+                                      type: string
+                                    hostProcess:
+                                      type: boolean
+                                    runAsUserName:
+                                      type: string
+                                  type: object
+                              type: object
+                            startupProbe:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                failureThreshold:
+                                  format: int32
+                                  type: integer
+                                grpc:
+                                  properties:
+                                    port:
+                                      format: int32
+                                      type: integer
+                                    service:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                initialDelaySeconds:
+                                  format: int32
+                                  type: integer
+                                periodSeconds:
+                                  format: int32
+                                  type: integer
+                                successThreshold:
+                                  format: int32
+                                  type: integer
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                                terminationGracePeriodSeconds:
+                                  format: int64
+                                  type: integer
+                                timeoutSeconds:
+                                  format: int32
+                                  type: integer
+                              type: object
+                            stdin:
+                              type: boolean
+                            stdinOnce:
+                              type: boolean
+                            targetContainerName:
+                              type: string
+                            terminationMessagePath:
+                              type: string
+                            terminationMessagePolicy:
+                              type: string
+                            tty:
+                              type: boolean
+                            volumeDevices:
+                              items:
+                                properties:
+                                  devicePath:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - devicePath
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - devicePath
+                              x-kubernetes-list-type: map
+                            volumeMounts:
+                              items:
+                                properties:
+                                  mountPath:
+                                    type: string
+                                  mountPropagation:
+                                    type: string
+                                  name:
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  recursiveReadOnly:
+                                    type: string
+                                  subPath:
+                                    type: string
+                                  subPathExpr:
+                                    type: string
+                                required:
+                                - mountPath
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - mountPath
+                              x-kubernetes-list-type: map
+                            workingDir:
+                              type: string
+                          required:
+                          - name
+                          type: object
+                        type: array
+                      hostAliases:
+                        items:
+                          properties:
+                            hostnames:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            ip:
+                              type: string
+                          required:
+                          - ip
+                          type: object
+                        type: array
+                      hostIPC:
+                        type: boolean
+                      hostNetwork:
+                        type: boolean
+                      hostPID:
+                        type: boolean
+                      hostname:
+                        type: string
+                      imagePullSecrets:
+                        items:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                      initContainers:
+                        items:
+                          properties:
+                            args:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            command:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            env:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  value:
+                                    type: string
+                                  valueFrom:
+                                    properties:
+                                      configMapKeyRef:
+                                        properties:
+                                          key:
+                                            type: string
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      fieldRef:
+                                        properties:
+                                          apiVersion:
+                                            type: string
+                                          fieldPath:
+                                            type: string
+                                        required:
+                                        - fieldPath
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      resourceFieldRef:
+                                        properties:
+                                          containerName:
+                                            type: string
+                                          divisor:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          resource:
+                                            type: string
+                                        required:
+                                        - resource
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      secretKeyRef:
+                                        properties:
+                                          key:
+                                            type: string
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        required:
+                                        - key
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                required:
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            envFrom:
+                              items:
+                                properties:
+                                  configMapRef:
+                                    properties:
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  prefix:
+                                    type: string
+                                  secretRef:
+                                    properties:
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            image:
+                              type: string
+                            imagePullPolicy:
+                              type: string
+                            lifecycle:
+                              properties:
+                                postStart:
+                                  properties:
+                                    exec:
+                                      properties:
+                                        command:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      type: object
+                                    httpGet:
+                                      properties:
+                                        host:
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                type: string
+                                              value:
+                                                type: string
+                                            required:
+                                            - name
+                                            - value
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        path:
+                                          type: string
+                                        port:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          type: string
+                                      required:
+                                      - port
+                                      type: object
+                                    sleep:
+                                      properties:
+                                        seconds:
+                                          format: int64
+                                          type: integer
+                                      required:
+                                      - seconds
+                                      type: object
+                                    tcpSocket:
+                                      properties:
+                                        host:
+                                          type: string
+                                        port:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          x-kubernetes-int-or-string: true
+                                      required:
+                                      - port
+                                      type: object
+                                  type: object
+                                preStop:
+                                  properties:
+                                    exec:
+                                      properties:
+                                        command:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      type: object
+                                    httpGet:
+                                      properties:
+                                        host:
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                type: string
+                                              value:
+                                                type: string
+                                            required:
+                                            - name
+                                            - value
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        path:
+                                          type: string
+                                        port:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          type: string
+                                      required:
+                                      - port
+                                      type: object
+                                    sleep:
+                                      properties:
+                                        seconds:
+                                          format: int64
+                                          type: integer
+                                      required:
+                                      - seconds
+                                      type: object
+                                    tcpSocket:
+                                      properties:
+                                        host:
+                                          type: string
+                                        port:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          x-kubernetes-int-or-string: true
+                                      required:
+                                      - port
+                                      type: object
+                                  type: object
+                              type: object
+                            livenessProbe:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                failureThreshold:
+                                  format: int32
+                                  type: integer
+                                grpc:
+                                  properties:
+                                    port:
+                                      format: int32
+                                      type: integer
+                                    service:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                initialDelaySeconds:
+                                  format: int32
+                                  type: integer
+                                periodSeconds:
+                                  format: int32
+                                  type: integer
+                                successThreshold:
+                                  format: int32
+                                  type: integer
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                                terminationGracePeriodSeconds:
+                                  format: int64
+                                  type: integer
+                                timeoutSeconds:
+                                  format: int32
+                                  type: integer
+                              type: object
+                            name:
+                              type: string
+                            ports:
+                              items:
+                                properties:
+                                  containerPort:
+                                    format: int32
+                                    type: integer
+                                  hostIP:
+                                    type: string
+                                  hostPort:
+                                    format: int32
+                                    type: integer
+                                  name:
+                                    type: string
+                                  protocol:
+                                    default: TCP
+                                    type: string
+                                required:
+                                - containerPort
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - containerPort
+                              - protocol
+                              x-kubernetes-list-type: map
+                            readinessProbe:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                failureThreshold:
+                                  format: int32
+                                  type: integer
+                                grpc:
+                                  properties:
+                                    port:
+                                      format: int32
+                                      type: integer
+                                    service:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                initialDelaySeconds:
+                                  format: int32
+                                  type: integer
+                                periodSeconds:
+                                  format: int32
+                                  type: integer
+                                successThreshold:
+                                  format: int32
+                                  type: integer
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                                terminationGracePeriodSeconds:
+                                  format: int64
+                                  type: integer
+                                timeoutSeconds:
+                                  format: int32
+                                  type: integer
+                              type: object
+                            resizePolicy:
+                              items:
+                                properties:
+                                  resourceName:
+                                    type: string
+                                  restartPolicy:
+                                    type: string
+                                required:
+                                - resourceName
+                                - restartPolicy
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            resources:
+                              properties:
+                                claims:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                    required:
+                                    - name
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-map-keys:
+                                  - name
+                                  x-kubernetes-list-type: map
+                                limits:
+                                  additionalProperties:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  type: object
+                                requests:
+                                  additionalProperties:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  type: object
+                              type: object
+                            restartPolicy:
+                              type: string
+                            securityContext:
+                              properties:
+                                allowPrivilegeEscalation:
+                                  type: boolean
+                                appArmorProfile:
+                                  properties:
+                                    localhostProfile:
+                                      type: string
+                                    type:
+                                      type: string
+                                  required:
+                                  - type
+                                  type: object
+                                capabilities:
+                                  properties:
+                                    add:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    drop:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                privileged:
+                                  type: boolean
+                                procMount:
+                                  type: string
+                                readOnlyRootFilesystem:
+                                  type: boolean
+                                runAsGroup:
+                                  format: int64
+                                  type: integer
+                                runAsNonRoot:
+                                  type: boolean
+                                runAsUser:
+                                  format: int64
+                                  type: integer
+                                seLinuxOptions:
+                                  properties:
+                                    level:
+                                      type: string
+                                    role:
+                                      type: string
+                                    type:
+                                      type: string
+                                    user:
+                                      type: string
+                                  type: object
+                                seccompProfile:
+                                  properties:
+                                    localhostProfile:
+                                      type: string
+                                    type:
+                                      type: string
+                                  required:
+                                  - type
+                                  type: object
+                                windowsOptions:
+                                  properties:
+                                    gmsaCredentialSpec:
+                                      type: string
+                                    gmsaCredentialSpecName:
+                                      type: string
+                                    hostProcess:
+                                      type: boolean
+                                    runAsUserName:
+                                      type: string
+                                  type: object
+                              type: object
+                            startupProbe:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                failureThreshold:
+                                  format: int32
+                                  type: integer
+                                grpc:
+                                  properties:
+                                    port:
+                                      format: int32
+                                      type: integer
+                                    service:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                initialDelaySeconds:
+                                  format: int32
+                                  type: integer
+                                periodSeconds:
+                                  format: int32
+                                  type: integer
+                                successThreshold:
+                                  format: int32
+                                  type: integer
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                                terminationGracePeriodSeconds:
+                                  format: int64
+                                  type: integer
+                                timeoutSeconds:
+                                  format: int32
+                                  type: integer
+                              type: object
+                            stdin:
+                              type: boolean
+                            stdinOnce:
+                              type: boolean
+                            terminationMessagePath:
+                              type: string
+                            terminationMessagePolicy:
+                              type: string
+                            tty:
+                              type: boolean
+                            volumeDevices:
+                              items:
+                                properties:
+                                  devicePath:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - devicePath
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - devicePath
+                              x-kubernetes-list-type: map
+                            volumeMounts:
+                              items:
+                                properties:
+                                  mountPath:
+                                    type: string
+                                  mountPropagation:
+                                    type: string
+                                  name:
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  recursiveReadOnly:
+                                    type: string
+                                  subPath:
+                                    type: string
+                                  subPathExpr:
+                                    type: string
+                                required:
+                                - mountPath
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - mountPath
+                              x-kubernetes-list-type: map
+                            workingDir:
+                              type: string
+                          required:
+                          - name
+                          type: object
+                        type: array
+                      nodeName:
+                        type: string
+                      nodeSelector:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      overhead:
+                        additionalProperties:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                        type: object
+                      preemptionPolicy:
+                        type: string
+                      priority:
+                        format: int32
+                        type: integer
+                      priorityClassName:
+                        type: string
+                      readinessGates:
+                        items:
+                          properties:
+                            conditionType:
+                              type: string
+                          required:
+                          - conditionType
+                          type: object
+                        type: array
+                      restartPolicy:
+                        type: string
+                      runtimeClassName:
+                        type: string
+                      schedulerName:
+                        type: string
+                      securityContext:
+                        properties:
+                          appArmorProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          fsGroup:
+                            format: int64
+                            type: integer
+                          fsGroupChangePolicy:
+                            type: string
+                          runAsGroup:
+                            format: int64
+                            type: integer
+                          runAsNonRoot:
+                            type: boolean
+                          runAsUser:
+                            format: int64
+                            type: integer
+                          seLinuxOptions:
+                            properties:
+                              level:
+                                type: string
+                              role:
+                                type: string
+                              type:
+                                type: string
+                              user:
+                                type: string
+                            type: object
+                          seccompProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          supplementalGroups:
+                            items:
+                              format: int64
+                              type: integer
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          sysctls:
+                            items:
+                              properties:
+                                name:
+                                  type: string
+                                value:
+                                  type: string
+                              required:
+                              - name
+                              - value
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          windowsOptions:
+                            properties:
+                              gmsaCredentialSpec:
+                                type: string
+                              gmsaCredentialSpecName:
+                                type: string
+                              hostProcess:
+                                type: boolean
+                              runAsUserName:
+                                type: string
+                            type: object
+                        type: object
+                      serviceAccountName:
+                        type: string
+                      setHostnameAsFQDN:
+                        type: boolean
+                      shareProcessNamespace:
+                        type: boolean
+                      subdomain:
+                        type: string
+                      terminationGracePeriodSeconds:
+                        format: int64
+                        type: integer
+                      tolerations:
+                        items:
+                          properties:
+                            effect:
+                              type: string
+                            key:
+                              type: string
+                            operator:
+                              type: string
+                            tolerationSeconds:
+                              format: int64
+                              type: integer
+                            value:
+                              type: string
+                          type: object
+                        type: array
+                      topologySpreadConstraints:
+                        items:
+                          properties:
+                            labelSelector:
+                              properties:
+                                matchExpressions:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      operator:
+                                        type: string
+                                      values:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    required:
+                                    - key
+                                    - operator
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                matchLabels:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            matchLabelKeys:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            maxSkew:
+                              format: int32
+                              type: integer
+                            minDomains:
+                              format: int32
+                              type: integer
+                            nodeAffinityPolicy:
+                              type: string
+                            nodeTaintsPolicy:
+                              type: string
+                            topologyKey:
+                              type: string
+                            whenUnsatisfiable:
+                              type: string
+                          required:
+                          - maxSkew
+                          - topologyKey
+                          - whenUnsatisfiable
+                          type: object
+                        type: array
+                        x-kubernetes-list-map-keys:
+                        - topologyKey
+                        - whenUnsatisfiable
+                        x-kubernetes-list-type: map
+                      volumes:
+                        items:
+                          properties:
+                            awsElasticBlockStore:
+                              properties:
+                                fsType:
+                                  type: string
+                                partition:
+                                  format: int32
+                                  type: integer
+                                readOnly:
+                                  type: boolean
+                                volumeID:
+                                  type: string
+                              required:
+                              - volumeID
+                              type: object
+                            azureDisk:
+                              properties:
+                                cachingMode:
+                                  type: string
+                                diskName:
+                                  type: string
+                                diskURI:
+                                  type: string
+                                fsType:
+                                  type: string
+                                kind:
+                                  type: string
+                                readOnly:
+                                  type: boolean
+                              required:
+                              - diskName
+                              - diskURI
+                              type: object
+                            azureFile:
+                              properties:
+                                readOnly:
+                                  type: boolean
+                                secretName:
+                                  type: string
+                                shareName:
+                                  type: string
+                              required:
+                              - secretName
+                              - shareName
+                              type: object
+                            cephfs:
+                              properties:
+                                monitors:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                readOnly:
+                                  type: boolean
+                                secretFile:
+                                  type: string
+                                secretRef:
+                                  properties:
+                                    name:
+                                      default: ""
+                                      type: string
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                user:
+                                  type: string
+                              required:
+                              - monitors
+                              type: object
+                            cinder:
+                              properties:
+                                fsType:
+                                  type: string
+                                readOnly:
+                                  type: boolean
+                                secretRef:
+                                  properties:
+                                    name:
+                                      default: ""
+                                      type: string
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                volumeID:
+                                  type: string
+                              required:
+                              - volumeID
+                              type: object
+                            configMap:
+                              properties:
+                                defaultMode:
+                                  format: int32
+                                  type: integer
+                                items:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      mode:
+                                        format: int32
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - key
+                                    - path
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            csi:
+                              properties:
+                                driver:
+                                  type: string
+                                fsType:
+                                  type: string
+                                nodePublishSecretRef:
+                                  properties:
+                                    name:
+                                      default: ""
+                                      type: string
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                readOnly:
+                                  type: boolean
+                                volumeAttributes:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                              required:
+                              - driver
+                              type: object
+                            downwardAPI:
+                              properties:
+                                defaultMode:
+                                  format: int32
+                                  type: integer
+                                items:
+                                  items:
+                                    properties:
+                                      fieldRef:
+                                        properties:
+                                          apiVersion:
+                                            type: string
+                                          fieldPath:
+                                            type: string
+                                        required:
+                                        - fieldPath
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      mode:
+                                        format: int32
+                                        type: integer
+                                      path:
+                                        type: string
+                                      resourceFieldRef:
+                                        properties:
+                                          containerName:
+                                            type: string
+                                          divisor:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          resource:
+                                            type: string
+                                        required:
+                                        - resource
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    required:
+                                    - path
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            emptyDir:
+                              properties:
+                                medium:
+                                  type: string
+                                sizeLimit:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                              type: object
+                            ephemeral:
+                              properties:
+                                volumeClaimTemplate:
+                                  properties:
+                                    metadata:
+                                      type: object
+                                    spec:
+                                      properties:
+                                        accessModes:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        dataSource:
+                                          properties:
+                                            apiGroup:
+                                              type: string
+                                            kind:
+                                              type: string
+                                            name:
+                                              type: string
+                                          required:
+                                          - kind
+                                          - name
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        dataSourceRef:
+                                          properties:
+                                            apiGroup:
+                                              type: string
+                                            kind:
+                                              type: string
+                                            name:
+                                              type: string
+                                            namespace:
+                                              type: string
+                                          required:
+                                          - kind
+                                          - name
+                                          type: object
+                                        resources:
+                                          properties:
+                                            limits:
+                                              additionalProperties:
+                                                anyOf:
+                                                - type: integer
+                                                - type: string
+                                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                x-kubernetes-int-or-string: true
+                                              type: object
+                                            requests:
+                                              additionalProperties:
+                                                anyOf:
+                                                - type: integer
+                                                - type: string
+                                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                x-kubernetes-int-or-string: true
+                                              type: object
+                                          type: object
+                                        selector:
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  operator:
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      type: string
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                required:
+                                                - key
+                                                - operator
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            matchLabels:
+                                              additionalProperties:
+                                                type: string
+                                              type: object
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        storageClassName:
+                                          type: string
+                                        volumeAttributesClassName:
+                                          type: string
+                                        volumeMode:
+                                          type: string
+                                        volumeName:
+                                          type: string
+                                      type: object
+                                  required:
+                                  - spec
+                                  type: object
+                              type: object
+                            fc:
+                              properties:
+                                fsType:
+                                  type: string
+                                lun:
+                                  format: int32
+                                  type: integer
+                                readOnly:
+                                  type: boolean
+                                targetWWNs:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                wwids:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            flexVolume:
+                              properties:
+                                driver:
+                                  type: string
+                                fsType:
+                                  type: string
+                                options:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                                readOnly:
+                                  type: boolean
+                                secretRef:
+                                  properties:
+                                    name:
+                                      default: ""
+                                      type: string
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              required:
+                              - driver
+                              type: object
+                            flocker:
+                              properties:
+                                datasetName:
+                                  type: string
+                                datasetUUID:
+                                  type: string
+                              type: object
+                            gcePersistentDisk:
+                              properties:
+                                fsType:
+                                  type: string
+                                partition:
+                                  format: int32
+                                  type: integer
+                                pdName:
+                                  type: string
+                                readOnly:
+                                  type: boolean
+                              required:
+                              - pdName
+                              type: object
+                            gitRepo:
+                              properties:
+                                directory:
+                                  type: string
+                                repository:
+                                  type: string
+                                revision:
+                                  type: string
+                              required:
+                              - repository
+                              type: object
+                            glusterfs:
+                              properties:
+                                endpoints:
+                                  type: string
+                                path:
+                                  type: string
+                                readOnly:
+                                  type: boolean
+                              required:
+                              - endpoints
+                              - path
+                              type: object
+                            hostPath:
+                              properties:
+                                path:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - path
+                              type: object
+                            iscsi:
+                              properties:
+                                chapAuthDiscovery:
+                                  type: boolean
+                                chapAuthSession:
+                                  type: boolean
+                                fsType:
+                                  type: string
+                                initiatorName:
+                                  type: string
+                                iqn:
+                                  type: string
+                                iscsiInterface:
+                                  type: string
+                                lun:
+                                  format: int32
+                                  type: integer
+                                portals:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                readOnly:
+                                  type: boolean
+                                secretRef:
+                                  properties:
+                                    name:
+                                      default: ""
+                                      type: string
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                targetPortal:
+                                  type: string
+                              required:
+                              - iqn
+                              - lun
+                              - targetPortal
+                              type: object
+                            name:
+                              type: string
+                            nfs:
+                              properties:
+                                path:
+                                  type: string
+                                readOnly:
+                                  type: boolean
+                                server:
+                                  type: string
+                              required:
+                              - path
+                              - server
+                              type: object
+                            persistentVolumeClaim:
+                              properties:
+                                claimName:
+                                  type: string
+                                readOnly:
+                                  type: boolean
+                              required:
+                              - claimName
+                              type: object
+                            photonPersistentDisk:
+                              properties:
+                                fsType:
+                                  type: string
+                                pdID:
+                                  type: string
+                              required:
+                              - pdID
+                              type: object
+                            portworxVolume:
+                              properties:
+                                fsType:
+                                  type: string
+                                readOnly:
+                                  type: boolean
+                                volumeID:
+                                  type: string
+                              required:
+                              - volumeID
+                              type: object
+                            projected:
+                              properties:
+                                defaultMode:
+                                  format: int32
+                                  type: integer
+                                sources:
+                                  items:
+                                    properties:
+                                      clusterTrustBundle:
+                                        properties:
+                                          labelSelector:
+                                            properties:
+                                              matchExpressions:
+                                                items:
+                                                  properties:
+                                                    key:
+                                                      type: string
+                                                    operator:
+                                                      type: string
+                                                    values:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  required:
+                                                  - key
+                                                  - operator
+                                                  type: object
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                              matchLabels:
+                                                additionalProperties:
+                                                  type: string
+                                                type: object
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                          name:
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                          path:
+                                            type: string
+                                          signerName:
+                                            type: string
+                                        required:
+                                        - path
+                                        type: object
+                                      configMap:
+                                        properties:
+                                          items:
+                                            items:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                mode:
+                                                  format: int32
+                                                  type: integer
+                                                path:
+                                                  type: string
+                                              required:
+                                              - key
+                                              - path
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      downwardAPI:
+                                        properties:
+                                          items:
+                                            items:
+                                              properties:
+                                                fieldRef:
+                                                  properties:
+                                                    apiVersion:
+                                                      type: string
+                                                    fieldPath:
+                                                      type: string
+                                                  required:
+                                                  - fieldPath
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                mode:
+                                                  format: int32
+                                                  type: integer
+                                                path:
+                                                  type: string
+                                                resourceFieldRef:
+                                                  properties:
+                                                    containerName:
+                                                      type: string
+                                                    divisor:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                      x-kubernetes-int-or-string: true
+                                                    resource:
+                                                      type: string
+                                                  required:
+                                                  - resource
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                              required:
+                                              - path
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        type: object
+                                      secret:
+                                        properties:
+                                          items:
+                                            items:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                mode:
+                                                  format: int32
+                                                  type: integer
+                                                path:
+                                                  type: string
+                                              required:
+                                              - key
+                                              - path
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          name:
+                                            default: ""
+                                            type: string
+                                          optional:
+                                            type: boolean
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      serviceAccountToken:
+                                        properties:
+                                          audience:
+                                            type: string
+                                          expirationSeconds:
+                                            format: int64
+                                            type: integer
+                                          path:
+                                            type: string
+                                        required:
+                                        - path
+                                        type: object
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            quobyte:
+                              properties:
+                                group:
+                                  type: string
+                                readOnly:
+                                  type: boolean
+                                registry:
+                                  type: string
+                                tenant:
+                                  type: string
+                                user:
+                                  type: string
+                                volume:
+                                  type: string
+                              required:
+                              - registry
+                              - volume
+                              type: object
+                            rbd:
+                              properties:
+                                fsType:
+                                  type: string
+                                image:
+                                  type: string
+                                keyring:
+                                  type: string
+                                monitors:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                pool:
+                                  type: string
+                                readOnly:
+                                  type: boolean
+                                secretRef:
+                                  properties:
+                                    name:
+                                      default: ""
+                                      type: string
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                user:
+                                  type: string
+                              required:
+                              - image
+                              - monitors
+                              type: object
+                            scaleIO:
+                              properties:
+                                fsType:
+                                  type: string
+                                gateway:
+                                  type: string
+                                protectionDomain:
+                                  type: string
+                                readOnly:
+                                  type: boolean
+                                secretRef:
+                                  properties:
+                                    name:
+                                      default: ""
+                                      type: string
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                sslEnabled:
+                                  type: boolean
+                                storageMode:
+                                  type: string
+                                storagePool:
+                                  type: string
+                                system:
+                                  type: string
+                                volumeName:
+                                  type: string
+                              required:
+                              - gateway
+                              - secretRef
+                              - system
+                              type: object
+                            secret:
+                              properties:
+                                defaultMode:
+                                  format: int32
+                                  type: integer
+                                items:
+                                  items:
+                                    properties:
+                                      key:
+                                        type: string
+                                      mode:
+                                        format: int32
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - key
+                                    - path
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                optional:
+                                  type: boolean
+                                secretName:
+                                  type: string
+                              type: object
+                            storageos:
+                              properties:
+                                fsType:
+                                  type: string
+                                readOnly:
+                                  type: boolean
+                                secretRef:
+                                  properties:
+                                    name:
+                                      default: ""
+                                      type: string
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                volumeName:
+                                  type: string
+                                volumeNamespace:
+                                  type: string
+                              type: object
+                            vsphereVolume:
+                              properties:
+                                fsType:
+                                  type: string
+                                storagePolicyID:
+                                  type: string
+                                storagePolicyName:
+                                  type: string
+                                volumePath:
+                                  type: string
+                              required:
+                              - volumePath
+                              type: object
+                          required:
+                          - name
+                          type: object
+                        type: array
+                    type: object
+                  globalOptions:
+                    properties:
+                      log_level:
+                        type: string
+                      stats:
+                        properties:
+                          freq:
+                            type: integer
+                          level:
+                            type: integer
+                        type: object
+                      stats_freq:
+                        type: integer
+                      stats_level:
+                        type: integer
+                    type: object
+                  jsonKeyDelim:
+                    type: string
+                  jsonKeyPrefix:
+                    type: string
+                  logIWSize:
+                    type: integer
+                  maxConnections:
+                    type: integer
+                  metrics:
+                    properties:
+                      interval:
+                        type: string
+                      path:
+                        type: string
+                      port:
+                        format: int32
+                        type: integer
+                      prometheusAnnotations:
+                        type: boolean
+                      prometheusRules:
+                        type: boolean
+                      serviceMonitor:
+                        type: boolean
+                      serviceMonitorConfig:
+                        properties:
+                          additionalLabels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          honorLabels:
+                            type: boolean
+                          metricRelabelings:
+                            items:
+                              properties:
+                                action:
+                                  default: replace
+                                  enum:
+                                  - replace
+                                  - Replace
+                                  - keep
+                                  - Keep
+                                  - drop
+                                  - Drop
+                                  - hashmod
+                                  - HashMod
+                                  - labelmap
+                                  - LabelMap
+                                  - labeldrop
+                                  - LabelDrop
+                                  - labelkeep
+                                  - LabelKeep
+                                  - lowercase
+                                  - Lowercase
+                                  - uppercase
+                                  - Uppercase
+                                  - keepequal
+                                  - KeepEqual
+                                  - dropequal
+                                  - DropEqual
+                                  type: string
+                                modulus:
+                                  format: int64
+                                  type: integer
+                                regex:
+                                  type: string
+                                replacement:
+                                  type: string
+                                separator:
+                                  type: string
+                                sourceLabels:
+                                  items:
+                                    pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                    type: string
+                                  type: array
+                                targetLabel:
+                                  type: string
+                              type: object
+                            type: array
+                          relabelings:
+                            items:
+                              properties:
+                                action:
+                                  default: replace
+                                  enum:
+                                  - replace
+                                  - Replace
+                                  - keep
+                                  - Keep
+                                  - drop
+                                  - Drop
+                                  - hashmod
+                                  - HashMod
+                                  - labelmap
+                                  - LabelMap
+                                  - labeldrop
+                                  - LabelDrop
+                                  - labelkeep
+                                  - LabelKeep
+                                  - lowercase
+                                  - Lowercase
+                                  - uppercase
+                                  - Uppercase
+                                  - keepequal
+                                  - KeepEqual
+                                  - dropequal
+                                  - DropEqual
+                                  type: string
+                                modulus:
+                                  format: int64
+                                  type: integer
+                                regex:
+                                  type: string
+                                replacement:
+                                  type: string
+                                separator:
+                                  type: string
+                                sourceLabels:
+                                  items:
+                                    pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                    type: string
+                                  type: array
+                                targetLabel:
+                                  type: string
+                              type: object
+                            type: array
+                          scheme:
+                            type: string
+                          tlsConfig:
+                            properties:
+                              ca:
+                                properties:
+                                  configMap:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              caFile:
+                                type: string
+                              cert:
+                                properties:
+                                  configMap:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              certFile:
+                                type: string
+                              insecureSkipVerify:
+                                type: boolean
+                              keyFile:
+                                type: string
+                              keySecret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              serverName:
+                                type: string
+                            type: object
+                        type: object
+                      timeout:
+                        type: string
+                    type: object
+                  metricsService:
+                    properties:
+                      metadata:
+                        properties:
+                          annotations:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          labels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                        type: object
+                      spec:
+                        properties:
+                          allocateLoadBalancerNodePorts:
+                            type: boolean
+                          clusterIP:
+                            type: string
+                          clusterIPs:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          externalIPs:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          externalName:
+                            type: string
+                          externalTrafficPolicy:
+                            type: string
+                          healthCheckNodePort:
+                            format: int32
+                            type: integer
+                          internalTrafficPolicy:
+                            type: string
+                          ipFamilies:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          ipFamilyPolicy:
+                            type: string
+                          loadBalancerClass:
+                            type: string
+                          loadBalancerIP:
+                            type: string
+                          loadBalancerSourceRanges:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          ports:
+                            items:
+                              properties:
+                                appProtocol:
+                                  type: string
+                                name:
+                                  type: string
+                                nodePort:
+                                  format: int32
+                                  type: integer
+                                port:
+                                  format: int32
+                                  type: integer
+                                protocol:
+                                  default: TCP
+                                  type: string
+                                targetPort:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            type: array
+                            x-kubernetes-list-map-keys:
+                            - port
+                            - protocol
+                            x-kubernetes-list-type: map
+                          publishNotReadyAddresses:
+                            type: boolean
+                          selector:
+                            additionalProperties:
+                              type: string
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          sessionAffinity:
+                            type: string
+                          sessionAffinityConfig:
+                            properties:
+                              clientIP:
+                                properties:
+                                  timeoutSeconds:
+                                    format: int32
+                                    type: integer
+                                type: object
+                            type: object
+                          trafficDistribution:
+                            type: string
+                          type:
+                            type: string
+                        type: object
+                    type: object
+                  readinessDefaultCheck:
+                    properties:
+                      bufferFileNumber:
+                        type: boolean
+                      bufferFileNumberMax:
+                        format: int32
+                        type: integer
+                      bufferFreeSpace:
+                        type: boolean
+                      bufferFreeSpaceThreshold:
+                        format: int32
+                        type: integer
+                      failureThreshold:
+                        format: int32
+                        type: integer
+                      initialDelaySeconds:
+                        format: int32
+                        type: integer
+                      periodSeconds:
+                        format: int32
+                        type: integer
+                      successThreshold:
+                        format: int32
+                        type: integer
+                      timeoutSeconds:
+                        format: int32
+                        type: integer
+                    type: object
+                  service:
+                    properties:
+                      metadata:
+                        properties:
+                          annotations:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          labels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                        type: object
+                      spec:
+                        properties:
+                          allocateLoadBalancerNodePorts:
+                            type: boolean
+                          clusterIP:
+                            type: string
+                          clusterIPs:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          externalIPs:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          externalName:
+                            type: string
+                          externalTrafficPolicy:
+                            type: string
+                          healthCheckNodePort:
+                            format: int32
+                            type: integer
+                          internalTrafficPolicy:
+                            type: string
+                          ipFamilies:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          ipFamilyPolicy:
+                            type: string
+                          loadBalancerClass:
+                            type: string
+                          loadBalancerIP:
+                            type: string
+                          loadBalancerSourceRanges:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          ports:
+                            items:
+                              properties:
+                                appProtocol:
+                                  type: string
+                                name:
+                                  type: string
+                                nodePort:
+                                  format: int32
+                                  type: integer
+                                port:
+                                  format: int32
+                                  type: integer
+                                protocol:
+                                  default: TCP
+                                  type: string
+                                targetPort:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            type: array
+                            x-kubernetes-list-map-keys:
+                            - port
+                            - protocol
+                            x-kubernetes-list-type: map
+                          publishNotReadyAddresses:
+                            type: boolean
+                          selector:
+                            additionalProperties:
+                              type: string
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          sessionAffinity:
+                            type: string
+                          sessionAffinityConfig:
+                            properties:
+                              clientIP:
+                                properties:
+                                  timeoutSeconds:
+                                    format: int32
+                                    type: integer
+                                type: object
+                            type: object
+                          trafficDistribution:
+                            type: string
+                          type:
+                            type: string
+                        type: object
+                    type: object
+                  serviceAccount:
+                    properties:
+                      automountServiceAccountToken:
+                        type: boolean
+                      imagePullSecrets:
+                        items:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                      metadata:
+                        properties:
+                          annotations:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          labels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                        type: object
+                      secrets:
+                        items:
+                          properties:
+                            apiVersion:
+                              type: string
+                            fieldPath:
+                              type: string
+                            kind:
+                              type: string
+                            name:
+                              type: string
+                            namespace:
+                              type: string
+                            resourceVersion:
+                              type: string
+                            uid:
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                    type: object
+                  skipRBACCreate:
+                    type: boolean
+                  sourceDateParser:
+                    properties:
+                      format:
+                        type: string
+                      template:
+                        type: string
+                    type: object
+                  sourceMetrics:
+                    items:
+                      properties:
+                        key:
+                          type: string
+                        labels:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        level:
+                          type: integer
+                      type: object
+                    type: array
+                  statefulSet:
+                    properties:
+                      metadata:
+                        properties:
+                          annotations:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          labels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                        type: object
+                      spec:
+                        properties:
+                          podManagementPolicy:
+                            type: string
+                          replicas:
+                            format: int32
+                            type: integer
+                          revisionHistoryLimit:
+                            format: int32
+                            type: integer
+                          selector:
+                            properties:
+                              matchExpressions:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    operator:
+                                      type: string
+                                    values:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  required:
+                                  - key
+                                  - operator
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              matchLabels:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          serviceName:
+                            type: string
+                          template:
+                            properties:
+                              metadata:
+                                properties:
+                                  annotations:
+                                    additionalProperties:
+                                      type: string
+                                    type: object
+                                  labels:
+                                    additionalProperties:
+                                      type: string
+                                    type: object
+                                type: object
+                              spec:
+                                properties:
+                                  activeDeadlineSeconds:
+                                    format: int64
+                                    type: integer
+                                  affinity:
+                                    properties:
+                                      nodeAffinity:
+                                        properties:
+                                          preferredDuringSchedulingIgnoredDuringExecution:
+                                            items:
+                                              properties:
+                                                preference:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchFields:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                weight:
+                                                  format: int32
+                                                  type: integer
+                                              required:
+                                              - preference
+                                              - weight
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          requiredDuringSchedulingIgnoredDuringExecution:
+                                            properties:
+                                              nodeSelectorTerms:
+                                                items:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchFields:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - nodeSelectorTerms
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                      podAffinity:
+                                        properties:
+                                          preferredDuringSchedulingIgnoredDuringExecution:
+                                            items:
+                                              properties:
+                                                podAffinityTerm:
+                                                  properties:
+                                                    labelSelector:
+                                                      properties:
+                                                        matchExpressions:
+                                                          items:
+                                                            properties:
+                                                              key:
+                                                                type: string
+                                                              operator:
+                                                                type: string
+                                                              values:
+                                                                items:
+                                                                  type: string
+                                                                type: array
+                                                                x-kubernetes-list-type: atomic
+                                                            required:
+                                                            - key
+                                                            - operator
+                                                            type: object
+                                                          type: array
+                                                          x-kubernetes-list-type: atomic
+                                                        matchLabels:
+                                                          additionalProperties:
+                                                            type: string
+                                                          type: object
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                    matchLabelKeys:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    mismatchLabelKeys:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    namespaceSelector:
+                                                      properties:
+                                                        matchExpressions:
+                                                          items:
+                                                            properties:
+                                                              key:
+                                                                type: string
+                                                              operator:
+                                                                type: string
+                                                              values:
+                                                                items:
+                                                                  type: string
+                                                                type: array
+                                                                x-kubernetes-list-type: atomic
+                                                            required:
+                                                            - key
+                                                            - operator
+                                                            type: object
+                                                          type: array
+                                                          x-kubernetes-list-type: atomic
+                                                        matchLabels:
+                                                          additionalProperties:
+                                                            type: string
+                                                          type: object
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                    namespaces:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    topologyKey:
+                                                      type: string
+                                                  required:
+                                                  - topologyKey
+                                                  type: object
+                                                weight:
+                                                  format: int32
+                                                  type: integer
+                                              required:
+                                              - podAffinityTerm
+                                              - weight
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          requiredDuringSchedulingIgnoredDuringExecution:
+                                            items:
+                                              properties:
+                                                labelSelector:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchLabels:
+                                                      additionalProperties:
+                                                        type: string
+                                                      type: object
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                matchLabelKeys:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                mismatchLabelKeys:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                namespaceSelector:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchLabels:
+                                                      additionalProperties:
+                                                        type: string
+                                                      type: object
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                namespaces:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                topologyKey:
+                                                  type: string
+                                              required:
+                                              - topologyKey
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        type: object
+                                      podAntiAffinity:
+                                        properties:
+                                          preferredDuringSchedulingIgnoredDuringExecution:
+                                            items:
+                                              properties:
+                                                podAffinityTerm:
+                                                  properties:
+                                                    labelSelector:
+                                                      properties:
+                                                        matchExpressions:
+                                                          items:
+                                                            properties:
+                                                              key:
+                                                                type: string
+                                                              operator:
+                                                                type: string
+                                                              values:
+                                                                items:
+                                                                  type: string
+                                                                type: array
+                                                                x-kubernetes-list-type: atomic
+                                                            required:
+                                                            - key
+                                                            - operator
+                                                            type: object
+                                                          type: array
+                                                          x-kubernetes-list-type: atomic
+                                                        matchLabels:
+                                                          additionalProperties:
+                                                            type: string
+                                                          type: object
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                    matchLabelKeys:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    mismatchLabelKeys:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    namespaceSelector:
+                                                      properties:
+                                                        matchExpressions:
+                                                          items:
+                                                            properties:
+                                                              key:
+                                                                type: string
+                                                              operator:
+                                                                type: string
+                                                              values:
+                                                                items:
+                                                                  type: string
+                                                                type: array
+                                                                x-kubernetes-list-type: atomic
+                                                            required:
+                                                            - key
+                                                            - operator
+                                                            type: object
+                                                          type: array
+                                                          x-kubernetes-list-type: atomic
+                                                        matchLabels:
+                                                          additionalProperties:
+                                                            type: string
+                                                          type: object
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                    namespaces:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    topologyKey:
+                                                      type: string
+                                                  required:
+                                                  - topologyKey
+                                                  type: object
+                                                weight:
+                                                  format: int32
+                                                  type: integer
+                                              required:
+                                              - podAffinityTerm
+                                              - weight
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          requiredDuringSchedulingIgnoredDuringExecution:
+                                            items:
+                                              properties:
+                                                labelSelector:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchLabels:
+                                                      additionalProperties:
+                                                        type: string
+                                                      type: object
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                matchLabelKeys:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                mismatchLabelKeys:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                namespaceSelector:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchLabels:
+                                                      additionalProperties:
+                                                        type: string
+                                                      type: object
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                namespaces:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                topologyKey:
+                                                  type: string
+                                              required:
+                                              - topologyKey
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        type: object
+                                    type: object
+                                  automountServiceAccountToken:
+                                    type: boolean
+                                  containers:
+                                    items:
+                                      properties:
+                                        args:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        command:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        env:
+                                          items:
+                                            properties:
+                                              name:
+                                                type: string
+                                              value:
+                                                type: string
+                                              valueFrom:
+                                                properties:
+                                                  configMapKeyRef:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                    required:
+                                                    - key
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  fieldRef:
+                                                    properties:
+                                                      apiVersion:
+                                                        type: string
+                                                      fieldPath:
+                                                        type: string
+                                                    required:
+                                                    - fieldPath
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  resourceFieldRef:
+                                                    properties:
+                                                      containerName:
+                                                        type: string
+                                                      divisor:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                        x-kubernetes-int-or-string: true
+                                                      resource:
+                                                        type: string
+                                                    required:
+                                                    - resource
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  secretKeyRef:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                    required:
+                                                    - key
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                type: object
+                                            required:
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - name
+                                          x-kubernetes-list-type: map
+                                        envFrom:
+                                          items:
+                                            properties:
+                                              configMapRef:
+                                                properties:
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              prefix:
+                                                type: string
+                                              secretRef:
+                                                properties:
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        image:
+                                          type: string
+                                        imagePullPolicy:
+                                          type: string
+                                        lifecycle:
+                                          properties:
+                                            postStart:
+                                              properties:
+                                                exec:
+                                                  properties:
+                                                    command:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  type: object
+                                                httpGet:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    httpHeaders:
+                                                      items:
+                                                        properties:
+                                                          name:
+                                                            type: string
+                                                          value:
+                                                            type: string
+                                                        required:
+                                                        - name
+                                                        - value
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    path:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                    scheme:
+                                                      type: string
+                                                  required:
+                                                  - port
+                                                  type: object
+                                                sleep:
+                                                  properties:
+                                                    seconds:
+                                                      format: int64
+                                                      type: integer
+                                                  required:
+                                                  - seconds
+                                                  type: object
+                                                tcpSocket:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                  required:
+                                                  - port
+                                                  type: object
+                                              type: object
+                                            preStop:
+                                              properties:
+                                                exec:
+                                                  properties:
+                                                    command:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  type: object
+                                                httpGet:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    httpHeaders:
+                                                      items:
+                                                        properties:
+                                                          name:
+                                                            type: string
+                                                          value:
+                                                            type: string
+                                                        required:
+                                                        - name
+                                                        - value
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    path:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                    scheme:
+                                                      type: string
+                                                  required:
+                                                  - port
+                                                  type: object
+                                                sleep:
+                                                  properties:
+                                                    seconds:
+                                                      format: int64
+                                                      type: integer
+                                                  required:
+                                                  - seconds
+                                                  type: object
+                                                tcpSocket:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                  required:
+                                                  - port
+                                                  type: object
+                                              type: object
+                                          type: object
+                                        livenessProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        name:
+                                          type: string
+                                        ports:
+                                          items:
+                                            properties:
+                                              containerPort:
+                                                format: int32
+                                                type: integer
+                                              hostIP:
+                                                type: string
+                                              hostPort:
+                                                format: int32
+                                                type: integer
+                                              name:
+                                                type: string
+                                              protocol:
+                                                default: TCP
+                                                type: string
+                                            required:
+                                            - containerPort
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - containerPort
+                                          - protocol
+                                          x-kubernetes-list-type: map
+                                        readinessProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        resizePolicy:
+                                          items:
+                                            properties:
+                                              resourceName:
+                                                type: string
+                                              restartPolicy:
+                                                type: string
+                                            required:
+                                            - resourceName
+                                            - restartPolicy
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        resources:
+                                          properties:
+                                            claims:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                required:
+                                                - name
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-map-keys:
+                                              - name
+                                              x-kubernetes-list-type: map
+                                            limits:
+                                              additionalProperties:
+                                                anyOf:
+                                                - type: integer
+                                                - type: string
+                                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                x-kubernetes-int-or-string: true
+                                              type: object
+                                            requests:
+                                              additionalProperties:
+                                                anyOf:
+                                                - type: integer
+                                                - type: string
+                                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                x-kubernetes-int-or-string: true
+                                              type: object
+                                          type: object
+                                        restartPolicy:
+                                          type: string
+                                        securityContext:
+                                          properties:
+                                            allowPrivilegeEscalation:
+                                              type: boolean
+                                            appArmorProfile:
+                                              properties:
+                                                localhostProfile:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                              required:
+                                              - type
+                                              type: object
+                                            capabilities:
+                                              properties:
+                                                add:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                drop:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            privileged:
+                                              type: boolean
+                                            procMount:
+                                              type: string
+                                            readOnlyRootFilesystem:
+                                              type: boolean
+                                            runAsGroup:
+                                              format: int64
+                                              type: integer
+                                            runAsNonRoot:
+                                              type: boolean
+                                            runAsUser:
+                                              format: int64
+                                              type: integer
+                                            seLinuxOptions:
+                                              properties:
+                                                level:
+                                                  type: string
+                                                role:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                                user:
+                                                  type: string
+                                              type: object
+                                            seccompProfile:
+                                              properties:
+                                                localhostProfile:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                              required:
+                                              - type
+                                              type: object
+                                            windowsOptions:
+                                              properties:
+                                                gmsaCredentialSpec:
+                                                  type: string
+                                                gmsaCredentialSpecName:
+                                                  type: string
+                                                hostProcess:
+                                                  type: boolean
+                                                runAsUserName:
+                                                  type: string
+                                              type: object
+                                          type: object
+                                        startupProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        stdin:
+                                          type: boolean
+                                        stdinOnce:
+                                          type: boolean
+                                        terminationMessagePath:
+                                          type: string
+                                        terminationMessagePolicy:
+                                          type: string
+                                        tty:
+                                          type: boolean
+                                        volumeDevices:
+                                          items:
+                                            properties:
+                                              devicePath:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - devicePath
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - devicePath
+                                          x-kubernetes-list-type: map
+                                        volumeMounts:
+                                          items:
+                                            properties:
+                                              mountPath:
+                                                type: string
+                                              mountPropagation:
+                                                type: string
+                                              name:
+                                                type: string
+                                              readOnly:
+                                                type: boolean
+                                              recursiveReadOnly:
+                                                type: string
+                                              subPath:
+                                                type: string
+                                              subPathExpr:
+                                                type: string
+                                            required:
+                                            - mountPath
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - mountPath
+                                          x-kubernetes-list-type: map
+                                        workingDir:
+                                          type: string
+                                      required:
+                                      - name
+                                      type: object
+                                    type: array
+                                  dnsConfig:
+                                    properties:
+                                      nameservers:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      options:
+                                        items:
+                                          properties:
+                                            name:
+                                              type: string
+                                            value:
+                                              type: string
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      searches:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    type: object
+                                  dnsPolicy:
+                                    type: string
+                                  enableServiceLinks:
+                                    type: boolean
+                                  ephemeralContainers:
+                                    items:
+                                      properties:
+                                        args:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        command:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        env:
+                                          items:
+                                            properties:
+                                              name:
+                                                type: string
+                                              value:
+                                                type: string
+                                              valueFrom:
+                                                properties:
+                                                  configMapKeyRef:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                    required:
+                                                    - key
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  fieldRef:
+                                                    properties:
+                                                      apiVersion:
+                                                        type: string
+                                                      fieldPath:
+                                                        type: string
+                                                    required:
+                                                    - fieldPath
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  resourceFieldRef:
+                                                    properties:
+                                                      containerName:
+                                                        type: string
+                                                      divisor:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                        x-kubernetes-int-or-string: true
+                                                      resource:
+                                                        type: string
+                                                    required:
+                                                    - resource
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  secretKeyRef:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                    required:
+                                                    - key
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                type: object
+                                            required:
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - name
+                                          x-kubernetes-list-type: map
+                                        envFrom:
+                                          items:
+                                            properties:
+                                              configMapRef:
+                                                properties:
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              prefix:
+                                                type: string
+                                              secretRef:
+                                                properties:
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        image:
+                                          type: string
+                                        imagePullPolicy:
+                                          type: string
+                                        lifecycle:
+                                          properties:
+                                            postStart:
+                                              properties:
+                                                exec:
+                                                  properties:
+                                                    command:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  type: object
+                                                httpGet:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    httpHeaders:
+                                                      items:
+                                                        properties:
+                                                          name:
+                                                            type: string
+                                                          value:
+                                                            type: string
+                                                        required:
+                                                        - name
+                                                        - value
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    path:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                    scheme:
+                                                      type: string
+                                                  required:
+                                                  - port
+                                                  type: object
+                                                sleep:
+                                                  properties:
+                                                    seconds:
+                                                      format: int64
+                                                      type: integer
+                                                  required:
+                                                  - seconds
+                                                  type: object
+                                                tcpSocket:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                  required:
+                                                  - port
+                                                  type: object
+                                              type: object
+                                            preStop:
+                                              properties:
+                                                exec:
+                                                  properties:
+                                                    command:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  type: object
+                                                httpGet:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    httpHeaders:
+                                                      items:
+                                                        properties:
+                                                          name:
+                                                            type: string
+                                                          value:
+                                                            type: string
+                                                        required:
+                                                        - name
+                                                        - value
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    path:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                    scheme:
+                                                      type: string
+                                                  required:
+                                                  - port
+                                                  type: object
+                                                sleep:
+                                                  properties:
+                                                    seconds:
+                                                      format: int64
+                                                      type: integer
+                                                  required:
+                                                  - seconds
+                                                  type: object
+                                                tcpSocket:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                  required:
+                                                  - port
+                                                  type: object
+                                              type: object
+                                          type: object
+                                        livenessProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        name:
+                                          type: string
+                                        ports:
+                                          items:
+                                            properties:
+                                              containerPort:
+                                                format: int32
+                                                type: integer
+                                              hostIP:
+                                                type: string
+                                              hostPort:
+                                                format: int32
+                                                type: integer
+                                              name:
+                                                type: string
+                                              protocol:
+                                                default: TCP
+                                                type: string
+                                            required:
+                                            - containerPort
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - containerPort
+                                          - protocol
+                                          x-kubernetes-list-type: map
+                                        readinessProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        resizePolicy:
+                                          items:
+                                            properties:
+                                              resourceName:
+                                                type: string
+                                              restartPolicy:
+                                                type: string
+                                            required:
+                                            - resourceName
+                                            - restartPolicy
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        resources:
+                                          properties:
+                                            claims:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                required:
+                                                - name
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-map-keys:
+                                              - name
+                                              x-kubernetes-list-type: map
+                                            limits:
+                                              additionalProperties:
+                                                anyOf:
+                                                - type: integer
+                                                - type: string
+                                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                x-kubernetes-int-or-string: true
+                                              type: object
+                                            requests:
+                                              additionalProperties:
+                                                anyOf:
+                                                - type: integer
+                                                - type: string
+                                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                x-kubernetes-int-or-string: true
+                                              type: object
+                                          type: object
+                                        restartPolicy:
+                                          type: string
+                                        securityContext:
+                                          properties:
+                                            allowPrivilegeEscalation:
+                                              type: boolean
+                                            appArmorProfile:
+                                              properties:
+                                                localhostProfile:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                              required:
+                                              - type
+                                              type: object
+                                            capabilities:
+                                              properties:
+                                                add:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                drop:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            privileged:
+                                              type: boolean
+                                            procMount:
+                                              type: string
+                                            readOnlyRootFilesystem:
+                                              type: boolean
+                                            runAsGroup:
+                                              format: int64
+                                              type: integer
+                                            runAsNonRoot:
+                                              type: boolean
+                                            runAsUser:
+                                              format: int64
+                                              type: integer
+                                            seLinuxOptions:
+                                              properties:
+                                                level:
+                                                  type: string
+                                                role:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                                user:
+                                                  type: string
+                                              type: object
+                                            seccompProfile:
+                                              properties:
+                                                localhostProfile:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                              required:
+                                              - type
+                                              type: object
+                                            windowsOptions:
+                                              properties:
+                                                gmsaCredentialSpec:
+                                                  type: string
+                                                gmsaCredentialSpecName:
+                                                  type: string
+                                                hostProcess:
+                                                  type: boolean
+                                                runAsUserName:
+                                                  type: string
+                                              type: object
+                                          type: object
+                                        startupProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        stdin:
+                                          type: boolean
+                                        stdinOnce:
+                                          type: boolean
+                                        targetContainerName:
+                                          type: string
+                                        terminationMessagePath:
+                                          type: string
+                                        terminationMessagePolicy:
+                                          type: string
+                                        tty:
+                                          type: boolean
+                                        volumeDevices:
+                                          items:
+                                            properties:
+                                              devicePath:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - devicePath
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - devicePath
+                                          x-kubernetes-list-type: map
+                                        volumeMounts:
+                                          items:
+                                            properties:
+                                              mountPath:
+                                                type: string
+                                              mountPropagation:
+                                                type: string
+                                              name:
+                                                type: string
+                                              readOnly:
+                                                type: boolean
+                                              recursiveReadOnly:
+                                                type: string
+                                              subPath:
+                                                type: string
+                                              subPathExpr:
+                                                type: string
+                                            required:
+                                            - mountPath
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - mountPath
+                                          x-kubernetes-list-type: map
+                                        workingDir:
+                                          type: string
+                                      required:
+                                      - name
+                                      type: object
+                                    type: array
+                                  hostAliases:
+                                    items:
+                                      properties:
+                                        hostnames:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        ip:
+                                          type: string
+                                      required:
+                                      - ip
+                                      type: object
+                                    type: array
+                                  hostIPC:
+                                    type: boolean
+                                  hostNetwork:
+                                    type: boolean
+                                  hostPID:
+                                    type: boolean
+                                  hostname:
+                                    type: string
+                                  imagePullSecrets:
+                                    items:
+                                      properties:
+                                        name:
+                                          default: ""
+                                          type: string
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    type: array
+                                  initContainers:
+                                    items:
+                                      properties:
+                                        args:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        command:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        env:
+                                          items:
+                                            properties:
+                                              name:
+                                                type: string
+                                              value:
+                                                type: string
+                                              valueFrom:
+                                                properties:
+                                                  configMapKeyRef:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                    required:
+                                                    - key
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  fieldRef:
+                                                    properties:
+                                                      apiVersion:
+                                                        type: string
+                                                      fieldPath:
+                                                        type: string
+                                                    required:
+                                                    - fieldPath
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  resourceFieldRef:
+                                                    properties:
+                                                      containerName:
+                                                        type: string
+                                                      divisor:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                        x-kubernetes-int-or-string: true
+                                                      resource:
+                                                        type: string
+                                                    required:
+                                                    - resource
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  secretKeyRef:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                    required:
+                                                    - key
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                type: object
+                                            required:
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - name
+                                          x-kubernetes-list-type: map
+                                        envFrom:
+                                          items:
+                                            properties:
+                                              configMapRef:
+                                                properties:
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              prefix:
+                                                type: string
+                                              secretRef:
+                                                properties:
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        image:
+                                          type: string
+                                        imagePullPolicy:
+                                          type: string
+                                        lifecycle:
+                                          properties:
+                                            postStart:
+                                              properties:
+                                                exec:
+                                                  properties:
+                                                    command:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  type: object
+                                                httpGet:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    httpHeaders:
+                                                      items:
+                                                        properties:
+                                                          name:
+                                                            type: string
+                                                          value:
+                                                            type: string
+                                                        required:
+                                                        - name
+                                                        - value
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    path:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                    scheme:
+                                                      type: string
+                                                  required:
+                                                  - port
+                                                  type: object
+                                                sleep:
+                                                  properties:
+                                                    seconds:
+                                                      format: int64
+                                                      type: integer
+                                                  required:
+                                                  - seconds
+                                                  type: object
+                                                tcpSocket:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                  required:
+                                                  - port
+                                                  type: object
+                                              type: object
+                                            preStop:
+                                              properties:
+                                                exec:
+                                                  properties:
+                                                    command:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  type: object
+                                                httpGet:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    httpHeaders:
+                                                      items:
+                                                        properties:
+                                                          name:
+                                                            type: string
+                                                          value:
+                                                            type: string
+                                                        required:
+                                                        - name
+                                                        - value
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    path:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                    scheme:
+                                                      type: string
+                                                  required:
+                                                  - port
+                                                  type: object
+                                                sleep:
+                                                  properties:
+                                                    seconds:
+                                                      format: int64
+                                                      type: integer
+                                                  required:
+                                                  - seconds
+                                                  type: object
+                                                tcpSocket:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                  required:
+                                                  - port
+                                                  type: object
+                                              type: object
+                                          type: object
+                                        livenessProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        name:
+                                          type: string
+                                        ports:
+                                          items:
+                                            properties:
+                                              containerPort:
+                                                format: int32
+                                                type: integer
+                                              hostIP:
+                                                type: string
+                                              hostPort:
+                                                format: int32
+                                                type: integer
+                                              name:
+                                                type: string
+                                              protocol:
+                                                default: TCP
+                                                type: string
+                                            required:
+                                            - containerPort
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - containerPort
+                                          - protocol
+                                          x-kubernetes-list-type: map
+                                        readinessProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        resizePolicy:
+                                          items:
+                                            properties:
+                                              resourceName:
+                                                type: string
+                                              restartPolicy:
+                                                type: string
+                                            required:
+                                            - resourceName
+                                            - restartPolicy
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        resources:
+                                          properties:
+                                            claims:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                required:
+                                                - name
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-map-keys:
+                                              - name
+                                              x-kubernetes-list-type: map
+                                            limits:
+                                              additionalProperties:
+                                                anyOf:
+                                                - type: integer
+                                                - type: string
+                                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                x-kubernetes-int-or-string: true
+                                              type: object
+                                            requests:
+                                              additionalProperties:
+                                                anyOf:
+                                                - type: integer
+                                                - type: string
+                                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                x-kubernetes-int-or-string: true
+                                              type: object
+                                          type: object
+                                        restartPolicy:
+                                          type: string
+                                        securityContext:
+                                          properties:
+                                            allowPrivilegeEscalation:
+                                              type: boolean
+                                            appArmorProfile:
+                                              properties:
+                                                localhostProfile:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                              required:
+                                              - type
+                                              type: object
+                                            capabilities:
+                                              properties:
+                                                add:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                drop:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            privileged:
+                                              type: boolean
+                                            procMount:
+                                              type: string
+                                            readOnlyRootFilesystem:
+                                              type: boolean
+                                            runAsGroup:
+                                              format: int64
+                                              type: integer
+                                            runAsNonRoot:
+                                              type: boolean
+                                            runAsUser:
+                                              format: int64
+                                              type: integer
+                                            seLinuxOptions:
+                                              properties:
+                                                level:
+                                                  type: string
+                                                role:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                                user:
+                                                  type: string
+                                              type: object
+                                            seccompProfile:
+                                              properties:
+                                                localhostProfile:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                              required:
+                                              - type
+                                              type: object
+                                            windowsOptions:
+                                              properties:
+                                                gmsaCredentialSpec:
+                                                  type: string
+                                                gmsaCredentialSpecName:
+                                                  type: string
+                                                hostProcess:
+                                                  type: boolean
+                                                runAsUserName:
+                                                  type: string
+                                              type: object
+                                          type: object
+                                        startupProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        stdin:
+                                          type: boolean
+                                        stdinOnce:
+                                          type: boolean
+                                        terminationMessagePath:
+                                          type: string
+                                        terminationMessagePolicy:
+                                          type: string
+                                        tty:
+                                          type: boolean
+                                        volumeDevices:
+                                          items:
+                                            properties:
+                                              devicePath:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - devicePath
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - devicePath
+                                          x-kubernetes-list-type: map
+                                        volumeMounts:
+                                          items:
+                                            properties:
+                                              mountPath:
+                                                type: string
+                                              mountPropagation:
+                                                type: string
+                                              name:
+                                                type: string
+                                              readOnly:
+                                                type: boolean
+                                              recursiveReadOnly:
+                                                type: string
+                                              subPath:
+                                                type: string
+                                              subPathExpr:
+                                                type: string
+                                            required:
+                                            - mountPath
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - mountPath
+                                          x-kubernetes-list-type: map
+                                        workingDir:
+                                          type: string
+                                      required:
+                                      - name
+                                      type: object
+                                    type: array
+                                  nodeName:
+                                    type: string
+                                  nodeSelector:
+                                    additionalProperties:
+                                      type: string
+                                    type: object
+                                  overhead:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    type: object
+                                  preemptionPolicy:
+                                    type: string
+                                  priority:
+                                    format: int32
+                                    type: integer
+                                  priorityClassName:
+                                    type: string
+                                  readinessGates:
+                                    items:
+                                      properties:
+                                        conditionType:
+                                          type: string
+                                      required:
+                                      - conditionType
+                                      type: object
+                                    type: array
+                                  restartPolicy:
+                                    type: string
+                                  runtimeClassName:
+                                    type: string
+                                  schedulerName:
+                                    type: string
+                                  securityContext:
+                                    properties:
+                                      appArmorProfile:
+                                        properties:
+                                          localhostProfile:
+                                            type: string
+                                          type:
+                                            type: string
+                                        required:
+                                        - type
+                                        type: object
+                                      fsGroup:
+                                        format: int64
+                                        type: integer
+                                      fsGroupChangePolicy:
+                                        type: string
+                                      runAsGroup:
+                                        format: int64
+                                        type: integer
+                                      runAsNonRoot:
+                                        type: boolean
+                                      runAsUser:
+                                        format: int64
+                                        type: integer
+                                      seLinuxOptions:
+                                        properties:
+                                          level:
+                                            type: string
+                                          role:
+                                            type: string
+                                          type:
+                                            type: string
+                                          user:
+                                            type: string
+                                        type: object
+                                      seccompProfile:
+                                        properties:
+                                          localhostProfile:
+                                            type: string
+                                          type:
+                                            type: string
+                                        required:
+                                        - type
+                                        type: object
+                                      supplementalGroups:
+                                        items:
+                                          format: int64
+                                          type: integer
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      sysctls:
+                                        items:
+                                          properties:
+                                            name:
+                                              type: string
+                                            value:
+                                              type: string
+                                          required:
+                                          - name
+                                          - value
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      windowsOptions:
+                                        properties:
+                                          gmsaCredentialSpec:
+                                            type: string
+                                          gmsaCredentialSpecName:
+                                            type: string
+                                          hostProcess:
+                                            type: boolean
+                                          runAsUserName:
+                                            type: string
+                                        type: object
+                                    type: object
+                                  serviceAccountName:
+                                    type: string
+                                  setHostnameAsFQDN:
+                                    type: boolean
+                                  shareProcessNamespace:
+                                    type: boolean
+                                  subdomain:
+                                    type: string
+                                  terminationGracePeriodSeconds:
+                                    format: int64
+                                    type: integer
+                                  tolerations:
+                                    items:
+                                      properties:
+                                        effect:
+                                          type: string
+                                        key:
+                                          type: string
+                                        operator:
+                                          type: string
+                                        tolerationSeconds:
+                                          format: int64
+                                          type: integer
+                                        value:
+                                          type: string
+                                      type: object
+                                    type: array
+                                  topologySpreadConstraints:
+                                    items:
+                                      properties:
+                                        labelSelector:
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  operator:
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      type: string
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                required:
+                                                - key
+                                                - operator
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            matchLabels:
+                                              additionalProperties:
+                                                type: string
+                                              type: object
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        matchLabelKeys:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        maxSkew:
+                                          format: int32
+                                          type: integer
+                                        minDomains:
+                                          format: int32
+                                          type: integer
+                                        nodeAffinityPolicy:
+                                          type: string
+                                        nodeTaintsPolicy:
+                                          type: string
+                                        topologyKey:
+                                          type: string
+                                        whenUnsatisfiable:
+                                          type: string
+                                      required:
+                                      - maxSkew
+                                      - topologyKey
+                                      - whenUnsatisfiable
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-map-keys:
+                                    - topologyKey
+                                    - whenUnsatisfiable
+                                    x-kubernetes-list-type: map
+                                  volumes:
+                                    items:
+                                      properties:
+                                        awsElasticBlockStore:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            partition:
+                                              format: int32
+                                              type: integer
+                                            readOnly:
+                                              type: boolean
+                                            volumeID:
+                                              type: string
+                                          required:
+                                          - volumeID
+                                          type: object
+                                        azureDisk:
+                                          properties:
+                                            cachingMode:
+                                              type: string
+                                            diskName:
+                                              type: string
+                                            diskURI:
+                                              type: string
+                                            fsType:
+                                              type: string
+                                            kind:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                          required:
+                                          - diskName
+                                          - diskURI
+                                          type: object
+                                        azureFile:
+                                          properties:
+                                            readOnly:
+                                              type: boolean
+                                            secretName:
+                                              type: string
+                                            shareName:
+                                              type: string
+                                          required:
+                                          - secretName
+                                          - shareName
+                                          type: object
+                                        cephfs:
+                                          properties:
+                                            monitors:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            path:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                            secretFile:
+                                              type: string
+                                            secretRef:
+                                              properties:
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            user:
+                                              type: string
+                                          required:
+                                          - monitors
+                                          type: object
+                                        cinder:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                            secretRef:
+                                              properties:
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            volumeID:
+                                              type: string
+                                          required:
+                                          - volumeID
+                                          type: object
+                                        configMap:
+                                          properties:
+                                            defaultMode:
+                                              format: int32
+                                              type: integer
+                                            items:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  mode:
+                                                    format: int32
+                                                    type: integer
+                                                  path:
+                                                    type: string
+                                                required:
+                                                - key
+                                                - path
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        csi:
+                                          properties:
+                                            driver:
+                                              type: string
+                                            fsType:
+                                              type: string
+                                            nodePublishSecretRef:
+                                              properties:
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            readOnly:
+                                              type: boolean
+                                            volumeAttributes:
+                                              additionalProperties:
+                                                type: string
+                                              type: object
+                                          required:
+                                          - driver
+                                          type: object
+                                        downwardAPI:
+                                          properties:
+                                            defaultMode:
+                                              format: int32
+                                              type: integer
+                                            items:
+                                              items:
+                                                properties:
+                                                  fieldRef:
+                                                    properties:
+                                                      apiVersion:
+                                                        type: string
+                                                      fieldPath:
+                                                        type: string
+                                                    required:
+                                                    - fieldPath
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  mode:
+                                                    format: int32
+                                                    type: integer
+                                                  path:
+                                                    type: string
+                                                  resourceFieldRef:
+                                                    properties:
+                                                      containerName:
+                                                        type: string
+                                                      divisor:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                        x-kubernetes-int-or-string: true
+                                                      resource:
+                                                        type: string
+                                                    required:
+                                                    - resource
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                required:
+                                                - path
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        emptyDir:
+                                          properties:
+                                            medium:
+                                              type: string
+                                            sizeLimit:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                              x-kubernetes-int-or-string: true
+                                          type: object
+                                        ephemeral:
+                                          properties:
+                                            volumeClaimTemplate:
+                                              properties:
+                                                metadata:
+                                                  type: object
+                                                spec:
+                                                  properties:
+                                                    accessModes:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    dataSource:
+                                                      properties:
+                                                        apiGroup:
+                                                          type: string
+                                                        kind:
+                                                          type: string
+                                                        name:
+                                                          type: string
+                                                      required:
+                                                      - kind
+                                                      - name
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                    dataSourceRef:
+                                                      properties:
+                                                        apiGroup:
+                                                          type: string
+                                                        kind:
+                                                          type: string
+                                                        name:
+                                                          type: string
+                                                        namespace:
+                                                          type: string
+                                                      required:
+                                                      - kind
+                                                      - name
+                                                      type: object
+                                                    resources:
+                                                      properties:
+                                                        limits:
+                                                          additionalProperties:
+                                                            anyOf:
+                                                            - type: integer
+                                                            - type: string
+                                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                            x-kubernetes-int-or-string: true
+                                                          type: object
+                                                        requests:
+                                                          additionalProperties:
+                                                            anyOf:
+                                                            - type: integer
+                                                            - type: string
+                                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                            x-kubernetes-int-or-string: true
+                                                          type: object
+                                                      type: object
+                                                    selector:
+                                                      properties:
+                                                        matchExpressions:
+                                                          items:
+                                                            properties:
+                                                              key:
+                                                                type: string
+                                                              operator:
+                                                                type: string
+                                                              values:
+                                                                items:
+                                                                  type: string
+                                                                type: array
+                                                                x-kubernetes-list-type: atomic
+                                                            required:
+                                                            - key
+                                                            - operator
+                                                            type: object
+                                                          type: array
+                                                          x-kubernetes-list-type: atomic
+                                                        matchLabels:
+                                                          additionalProperties:
+                                                            type: string
+                                                          type: object
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                    storageClassName:
+                                                      type: string
+                                                    volumeAttributesClassName:
+                                                      type: string
+                                                    volumeMode:
+                                                      type: string
+                                                    volumeName:
+                                                      type: string
+                                                  type: object
+                                              required:
+                                              - spec
+                                              type: object
+                                          type: object
+                                        fc:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            lun:
+                                              format: int32
+                                              type: integer
+                                            readOnly:
+                                              type: boolean
+                                            targetWWNs:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            wwids:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        flexVolume:
+                                          properties:
+                                            driver:
+                                              type: string
+                                            fsType:
+                                              type: string
+                                            options:
+                                              additionalProperties:
+                                                type: string
+                                              type: object
+                                            readOnly:
+                                              type: boolean
+                                            secretRef:
+                                              properties:
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          required:
+                                          - driver
+                                          type: object
+                                        flocker:
+                                          properties:
+                                            datasetName:
+                                              type: string
+                                            datasetUUID:
+                                              type: string
+                                          type: object
+                                        gcePersistentDisk:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            partition:
+                                              format: int32
+                                              type: integer
+                                            pdName:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                          required:
+                                          - pdName
+                                          type: object
+                                        gitRepo:
+                                          properties:
+                                            directory:
+                                              type: string
+                                            repository:
+                                              type: string
+                                            revision:
+                                              type: string
+                                          required:
+                                          - repository
+                                          type: object
+                                        glusterfs:
+                                          properties:
+                                            endpoints:
+                                              type: string
+                                            path:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                          required:
+                                          - endpoints
+                                          - path
+                                          type: object
+                                        hostPath:
+                                          properties:
+                                            path:
+                                              type: string
+                                            type:
+                                              type: string
+                                          required:
+                                          - path
+                                          type: object
+                                        iscsi:
+                                          properties:
+                                            chapAuthDiscovery:
+                                              type: boolean
+                                            chapAuthSession:
+                                              type: boolean
+                                            fsType:
+                                              type: string
+                                            initiatorName:
+                                              type: string
+                                            iqn:
+                                              type: string
+                                            iscsiInterface:
+                                              type: string
+                                            lun:
+                                              format: int32
+                                              type: integer
+                                            portals:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            readOnly:
+                                              type: boolean
+                                            secretRef:
+                                              properties:
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            targetPortal:
+                                              type: string
+                                          required:
+                                          - iqn
+                                          - lun
+                                          - targetPortal
+                                          type: object
+                                        name:
+                                          type: string
+                                        nfs:
+                                          properties:
+                                            path:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                            server:
+                                              type: string
+                                          required:
+                                          - path
+                                          - server
+                                          type: object
+                                        persistentVolumeClaim:
+                                          properties:
+                                            claimName:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                          required:
+                                          - claimName
+                                          type: object
+                                        photonPersistentDisk:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            pdID:
+                                              type: string
+                                          required:
+                                          - pdID
+                                          type: object
+                                        portworxVolume:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                            volumeID:
+                                              type: string
+                                          required:
+                                          - volumeID
+                                          type: object
+                                        projected:
+                                          properties:
+                                            defaultMode:
+                                              format: int32
+                                              type: integer
+                                            sources:
+                                              items:
+                                                properties:
+                                                  clusterTrustBundle:
+                                                    properties:
+                                                      labelSelector:
+                                                        properties:
+                                                          matchExpressions:
+                                                            items:
+                                                              properties:
+                                                                key:
+                                                                  type: string
+                                                                operator:
+                                                                  type: string
+                                                                values:
+                                                                  items:
+                                                                    type: string
+                                                                  type: array
+                                                                  x-kubernetes-list-type: atomic
+                                                              required:
+                                                              - key
+                                                              - operator
+                                                              type: object
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          matchLabels:
+                                                            additionalProperties:
+                                                              type: string
+                                                            type: object
+                                                        type: object
+                                                        x-kubernetes-map-type: atomic
+                                                      name:
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                      path:
+                                                        type: string
+                                                      signerName:
+                                                        type: string
+                                                    required:
+                                                    - path
+                                                    type: object
+                                                  configMap:
+                                                    properties:
+                                                      items:
+                                                        items:
+                                                          properties:
+                                                            key:
+                                                              type: string
+                                                            mode:
+                                                              format: int32
+                                                              type: integer
+                                                            path:
+                                                              type: string
+                                                          required:
+                                                          - key
+                                                          - path
+                                                          type: object
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  downwardAPI:
+                                                    properties:
+                                                      items:
+                                                        items:
+                                                          properties:
+                                                            fieldRef:
+                                                              properties:
+                                                                apiVersion:
+                                                                  type: string
+                                                                fieldPath:
+                                                                  type: string
+                                                              required:
+                                                              - fieldPath
+                                                              type: object
+                                                              x-kubernetes-map-type: atomic
+                                                            mode:
+                                                              format: int32
+                                                              type: integer
+                                                            path:
+                                                              type: string
+                                                            resourceFieldRef:
+                                                              properties:
+                                                                containerName:
+                                                                  type: string
+                                                                divisor:
+                                                                  anyOf:
+                                                                  - type: integer
+                                                                  - type: string
+                                                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                                  x-kubernetes-int-or-string: true
+                                                                resource:
+                                                                  type: string
+                                                              required:
+                                                              - resource
+                                                              type: object
+                                                              x-kubernetes-map-type: atomic
+                                                          required:
+                                                          - path
+                                                          type: object
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    type: object
+                                                  secret:
+                                                    properties:
+                                                      items:
+                                                        items:
+                                                          properties:
+                                                            key:
+                                                              type: string
+                                                            mode:
+                                                              format: int32
+                                                              type: integer
+                                                            path:
+                                                              type: string
+                                                          required:
+                                                          - key
+                                                          - path
+                                                          type: object
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  serviceAccountToken:
+                                                    properties:
+                                                      audience:
+                                                        type: string
+                                                      expirationSeconds:
+                                                        format: int64
+                                                        type: integer
+                                                      path:
+                                                        type: string
+                                                    required:
+                                                    - path
+                                                    type: object
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        quobyte:
+                                          properties:
+                                            group:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                            registry:
+                                              type: string
+                                            tenant:
+                                              type: string
+                                            user:
+                                              type: string
+                                            volume:
+                                              type: string
+                                          required:
+                                          - registry
+                                          - volume
+                                          type: object
+                                        rbd:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            image:
+                                              type: string
+                                            keyring:
+                                              type: string
+                                            monitors:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            pool:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                            secretRef:
+                                              properties:
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            user:
+                                              type: string
+                                          required:
+                                          - image
+                                          - monitors
+                                          type: object
+                                        scaleIO:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            gateway:
+                                              type: string
+                                            protectionDomain:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                            secretRef:
+                                              properties:
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            sslEnabled:
+                                              type: boolean
+                                            storageMode:
+                                              type: string
+                                            storagePool:
+                                              type: string
+                                            system:
+                                              type: string
+                                            volumeName:
+                                              type: string
+                                          required:
+                                          - gateway
+                                          - secretRef
+                                          - system
+                                          type: object
+                                        secret:
+                                          properties:
+                                            defaultMode:
+                                              format: int32
+                                              type: integer
+                                            items:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  mode:
+                                                    format: int32
+                                                    type: integer
+                                                  path:
+                                                    type: string
+                                                required:
+                                                - key
+                                                - path
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            optional:
+                                              type: boolean
+                                            secretName:
+                                              type: string
+                                          type: object
+                                        storageos:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                            secretRef:
+                                              properties:
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            volumeName:
+                                              type: string
+                                            volumeNamespace:
+                                              type: string
+                                          type: object
+                                        vsphereVolume:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            storagePolicyID:
+                                              type: string
+                                            storagePolicyName:
+                                              type: string
+                                            volumePath:
+                                              type: string
+                                          required:
+                                          - volumePath
+                                          type: object
+                                      required:
+                                      - name
+                                      type: object
+                                    type: array
+                                type: object
+                            type: object
+                          updateStrategy:
+                            properties:
+                              rollingUpdate:
+                                properties:
+                                  maxUnavailable:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    x-kubernetes-int-or-string: true
+                                  partition:
+                                    format: int32
+                                    type: integer
+                                type: object
+                              type:
+                                type: string
+                            type: object
+                          volumeClaimTemplates:
+                            items:
+                              properties:
+                                metadata:
+                                  properties:
+                                    annotations:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                    labels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                    name:
+                                      type: string
+                                  type: object
+                                spec:
+                                  properties:
+                                    accessModes:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    dataSource:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    dataSourceRef:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                        namespace:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                    resources:
+                                      properties:
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    selector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    storageClassName:
+                                      type: string
+                                    volumeAttributesClassName:
+                                      type: string
+                                    volumeMode:
+                                      type: string
+                                    volumeName:
+                                      type: string
+                                  type: object
+                              type: object
+                            type: array
+                        type: object
+                    type: object
+                  tls:
+                    properties:
+                      enabled:
+                        type: boolean
+                      secretName:
+                        type: string
+                      sharedKey:
+                        type: string
+                    required:
+                    - enabled
+                    type: object
+                type: object
+              watchNamespaceSelector:
+                properties:
+                  matchExpressions:
+                    items:
+                      properties:
+                        key:
+                          type: string
+                        operator:
+                          type: string
+                        values:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                      required:
+                      - key
+                      - operator
+                      type: object
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  matchLabels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                type: object
+                x-kubernetes-map-type: atomic
+              watchNamespaces:
+                items:
+                  type: string
+                type: array
+            required:
+            - controlNamespace
+            type: object
+          status:
+            properties:
+              configCheckResults:
+                additionalProperties:
+                  type: boolean
+                type: object
+              fluentdConfigName:
+                type: string
+              problems:
+                items:
+                  type: string
+                type: array
+              problemsCount:
+                type: integer
+              syslogNGConfigName:
+                type: string
+              watchNamespaces:
+                items:
+                  type: string
+                type: array
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_nodeagents.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_nodeagents.yaml
new file mode 100644
index 0000000000..beb6c35389
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_nodeagents.yaml
@@ -0,0 +1,4788 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: nodeagents.logging.banzaicloud.io
+spec:
+  group: logging.banzaicloud.io
+  names:
+    categories:
+    - logging-all
+    kind: NodeAgent
+    listKind: NodeAgentList
+    plural: nodeagents
+    singular: nodeagent
+  scope: Cluster
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              loggingRef:
+                type: string
+              metadata:
+                properties:
+                  annotations:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                type: object
+              nodeAgentFluentbit:
+                properties:
+                  bufferStorage:
+                    properties:
+                      storage.backlog.mem_limit:
+                        type: string
+                      storage.checksum:
+                        type: string
+                      storage.delete_irrecoverable_chunks:
+                        type: string
+                      storage.metrics:
+                        type: string
+                      storage.path:
+                        type: string
+                      storage.sync:
+                        type: string
+                    type: object
+                  bufferStorageVolume:
+                    properties:
+                      configMap:
+                        properties:
+                          defaultMode:
+                            format: int32
+                            type: integer
+                          items:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                mode:
+                                  format: int32
+                                  type: integer
+                                path:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          name:
+                            default: ""
+                            type: string
+                          optional:
+                            type: boolean
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      emptyDir:
+                        properties:
+                          medium:
+                            type: string
+                          sizeLimit:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                        type: object
+                      host_path:
+                        properties:
+                          path:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - path
+                        type: object
+                      hostPath:
+                        properties:
+                          path:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - path
+                        type: object
+                      pvc:
+                        properties:
+                          source:
+                            properties:
+                              claimName:
+                                type: string
+                              readOnly:
+                                type: boolean
+                            required:
+                            - claimName
+                            type: object
+                          spec:
+                            properties:
+                              accessModes:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              dataSource:
+                                properties:
+                                  apiGroup:
+                                    type: string
+                                  kind:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              dataSourceRef:
+                                properties:
+                                  apiGroup:
+                                    type: string
+                                  kind:
+                                    type: string
+                                  name:
+                                    type: string
+                                  namespace:
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                              resources:
+                                properties:
+                                  limits:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    type: object
+                                  requests:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    type: object
+                                type: object
+                              selector:
+                                properties:
+                                  matchExpressions:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        operator:
+                                          type: string
+                                        values:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      required:
+                                      - key
+                                      - operator
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  matchLabels:
+                                    additionalProperties:
+                                      type: string
+                                    type: object
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              storageClassName:
+                                type: string
+                              volumeAttributesClassName:
+                                type: string
+                              volumeMode:
+                                type: string
+                              volumeName:
+                                type: string
+                            type: object
+                        type: object
+                      secret:
+                        properties:
+                          defaultMode:
+                            format: int32
+                            type: integer
+                          items:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                mode:
+                                  format: int32
+                                  type: integer
+                                path:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          optional:
+                            type: boolean
+                          secretName:
+                            type: string
+                        type: object
+                    type: object
+                  containersPath:
+                    type: string
+                  coroStackSize:
+                    format: int32
+                    type: integer
+                  customConfigSecret:
+                    type: string
+                  daemonSet:
+                    properties:
+                      metadata:
+                        properties:
+                          annotations:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          labels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                        type: object
+                      spec:
+                        properties:
+                          minReadySeconds:
+                            format: int32
+                            type: integer
+                          revisionHistoryLimit:
+                            format: int32
+                            type: integer
+                          selector:
+                            properties:
+                              matchExpressions:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    operator:
+                                      type: string
+                                    values:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  required:
+                                  - key
+                                  - operator
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              matchLabels:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          template:
+                            properties:
+                              metadata:
+                                properties:
+                                  annotations:
+                                    additionalProperties:
+                                      type: string
+                                    type: object
+                                  labels:
+                                    additionalProperties:
+                                      type: string
+                                    type: object
+                                type: object
+                              spec:
+                                properties:
+                                  activeDeadlineSeconds:
+                                    format: int64
+                                    type: integer
+                                  affinity:
+                                    properties:
+                                      nodeAffinity:
+                                        properties:
+                                          preferredDuringSchedulingIgnoredDuringExecution:
+                                            items:
+                                              properties:
+                                                preference:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchFields:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                weight:
+                                                  format: int32
+                                                  type: integer
+                                              required:
+                                              - preference
+                                              - weight
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          requiredDuringSchedulingIgnoredDuringExecution:
+                                            properties:
+                                              nodeSelectorTerms:
+                                                items:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchFields:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - nodeSelectorTerms
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                      podAffinity:
+                                        properties:
+                                          preferredDuringSchedulingIgnoredDuringExecution:
+                                            items:
+                                              properties:
+                                                podAffinityTerm:
+                                                  properties:
+                                                    labelSelector:
+                                                      properties:
+                                                        matchExpressions:
+                                                          items:
+                                                            properties:
+                                                              key:
+                                                                type: string
+                                                              operator:
+                                                                type: string
+                                                              values:
+                                                                items:
+                                                                  type: string
+                                                                type: array
+                                                                x-kubernetes-list-type: atomic
+                                                            required:
+                                                            - key
+                                                            - operator
+                                                            type: object
+                                                          type: array
+                                                          x-kubernetes-list-type: atomic
+                                                        matchLabels:
+                                                          additionalProperties:
+                                                            type: string
+                                                          type: object
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                    matchLabelKeys:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    mismatchLabelKeys:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    namespaceSelector:
+                                                      properties:
+                                                        matchExpressions:
+                                                          items:
+                                                            properties:
+                                                              key:
+                                                                type: string
+                                                              operator:
+                                                                type: string
+                                                              values:
+                                                                items:
+                                                                  type: string
+                                                                type: array
+                                                                x-kubernetes-list-type: atomic
+                                                            required:
+                                                            - key
+                                                            - operator
+                                                            type: object
+                                                          type: array
+                                                          x-kubernetes-list-type: atomic
+                                                        matchLabels:
+                                                          additionalProperties:
+                                                            type: string
+                                                          type: object
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                    namespaces:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    topologyKey:
+                                                      type: string
+                                                  required:
+                                                  - topologyKey
+                                                  type: object
+                                                weight:
+                                                  format: int32
+                                                  type: integer
+                                              required:
+                                              - podAffinityTerm
+                                              - weight
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          requiredDuringSchedulingIgnoredDuringExecution:
+                                            items:
+                                              properties:
+                                                labelSelector:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchLabels:
+                                                      additionalProperties:
+                                                        type: string
+                                                      type: object
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                matchLabelKeys:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                mismatchLabelKeys:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                namespaceSelector:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchLabels:
+                                                      additionalProperties:
+                                                        type: string
+                                                      type: object
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                namespaces:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                topologyKey:
+                                                  type: string
+                                              required:
+                                              - topologyKey
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        type: object
+                                      podAntiAffinity:
+                                        properties:
+                                          preferredDuringSchedulingIgnoredDuringExecution:
+                                            items:
+                                              properties:
+                                                podAffinityTerm:
+                                                  properties:
+                                                    labelSelector:
+                                                      properties:
+                                                        matchExpressions:
+                                                          items:
+                                                            properties:
+                                                              key:
+                                                                type: string
+                                                              operator:
+                                                                type: string
+                                                              values:
+                                                                items:
+                                                                  type: string
+                                                                type: array
+                                                                x-kubernetes-list-type: atomic
+                                                            required:
+                                                            - key
+                                                            - operator
+                                                            type: object
+                                                          type: array
+                                                          x-kubernetes-list-type: atomic
+                                                        matchLabels:
+                                                          additionalProperties:
+                                                            type: string
+                                                          type: object
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                    matchLabelKeys:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    mismatchLabelKeys:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    namespaceSelector:
+                                                      properties:
+                                                        matchExpressions:
+                                                          items:
+                                                            properties:
+                                                              key:
+                                                                type: string
+                                                              operator:
+                                                                type: string
+                                                              values:
+                                                                items:
+                                                                  type: string
+                                                                type: array
+                                                                x-kubernetes-list-type: atomic
+                                                            required:
+                                                            - key
+                                                            - operator
+                                                            type: object
+                                                          type: array
+                                                          x-kubernetes-list-type: atomic
+                                                        matchLabels:
+                                                          additionalProperties:
+                                                            type: string
+                                                          type: object
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                    namespaces:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    topologyKey:
+                                                      type: string
+                                                  required:
+                                                  - topologyKey
+                                                  type: object
+                                                weight:
+                                                  format: int32
+                                                  type: integer
+                                              required:
+                                              - podAffinityTerm
+                                              - weight
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          requiredDuringSchedulingIgnoredDuringExecution:
+                                            items:
+                                              properties:
+                                                labelSelector:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchLabels:
+                                                      additionalProperties:
+                                                        type: string
+                                                      type: object
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                matchLabelKeys:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                mismatchLabelKeys:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                namespaceSelector:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchLabels:
+                                                      additionalProperties:
+                                                        type: string
+                                                      type: object
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                namespaces:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                topologyKey:
+                                                  type: string
+                                              required:
+                                              - topologyKey
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        type: object
+                                    type: object
+                                  automountServiceAccountToken:
+                                    type: boolean
+                                  containers:
+                                    items:
+                                      properties:
+                                        args:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        command:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        env:
+                                          items:
+                                            properties:
+                                              name:
+                                                type: string
+                                              value:
+                                                type: string
+                                              valueFrom:
+                                                properties:
+                                                  configMapKeyRef:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                    required:
+                                                    - key
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  fieldRef:
+                                                    properties:
+                                                      apiVersion:
+                                                        type: string
+                                                      fieldPath:
+                                                        type: string
+                                                    required:
+                                                    - fieldPath
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  resourceFieldRef:
+                                                    properties:
+                                                      containerName:
+                                                        type: string
+                                                      divisor:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                        x-kubernetes-int-or-string: true
+                                                      resource:
+                                                        type: string
+                                                    required:
+                                                    - resource
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  secretKeyRef:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                    required:
+                                                    - key
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                type: object
+                                            required:
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - name
+                                          x-kubernetes-list-type: map
+                                        envFrom:
+                                          items:
+                                            properties:
+                                              configMapRef:
+                                                properties:
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              prefix:
+                                                type: string
+                                              secretRef:
+                                                properties:
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        image:
+                                          type: string
+                                        imagePullPolicy:
+                                          type: string
+                                        lifecycle:
+                                          properties:
+                                            postStart:
+                                              properties:
+                                                exec:
+                                                  properties:
+                                                    command:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  type: object
+                                                httpGet:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    httpHeaders:
+                                                      items:
+                                                        properties:
+                                                          name:
+                                                            type: string
+                                                          value:
+                                                            type: string
+                                                        required:
+                                                        - name
+                                                        - value
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    path:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                    scheme:
+                                                      type: string
+                                                  required:
+                                                  - port
+                                                  type: object
+                                                sleep:
+                                                  properties:
+                                                    seconds:
+                                                      format: int64
+                                                      type: integer
+                                                  required:
+                                                  - seconds
+                                                  type: object
+                                                tcpSocket:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                  required:
+                                                  - port
+                                                  type: object
+                                              type: object
+                                            preStop:
+                                              properties:
+                                                exec:
+                                                  properties:
+                                                    command:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  type: object
+                                                httpGet:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    httpHeaders:
+                                                      items:
+                                                        properties:
+                                                          name:
+                                                            type: string
+                                                          value:
+                                                            type: string
+                                                        required:
+                                                        - name
+                                                        - value
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    path:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                    scheme:
+                                                      type: string
+                                                  required:
+                                                  - port
+                                                  type: object
+                                                sleep:
+                                                  properties:
+                                                    seconds:
+                                                      format: int64
+                                                      type: integer
+                                                  required:
+                                                  - seconds
+                                                  type: object
+                                                tcpSocket:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                  required:
+                                                  - port
+                                                  type: object
+                                              type: object
+                                          type: object
+                                        livenessProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        name:
+                                          type: string
+                                        ports:
+                                          items:
+                                            properties:
+                                              containerPort:
+                                                format: int32
+                                                type: integer
+                                              hostIP:
+                                                type: string
+                                              hostPort:
+                                                format: int32
+                                                type: integer
+                                              name:
+                                                type: string
+                                              protocol:
+                                                default: TCP
+                                                type: string
+                                            required:
+                                            - containerPort
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - containerPort
+                                          - protocol
+                                          x-kubernetes-list-type: map
+                                        readinessProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        resizePolicy:
+                                          items:
+                                            properties:
+                                              resourceName:
+                                                type: string
+                                              restartPolicy:
+                                                type: string
+                                            required:
+                                            - resourceName
+                                            - restartPolicy
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        resources:
+                                          properties:
+                                            claims:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                required:
+                                                - name
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-map-keys:
+                                              - name
+                                              x-kubernetes-list-type: map
+                                            limits:
+                                              additionalProperties:
+                                                anyOf:
+                                                - type: integer
+                                                - type: string
+                                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                x-kubernetes-int-or-string: true
+                                              type: object
+                                            requests:
+                                              additionalProperties:
+                                                anyOf:
+                                                - type: integer
+                                                - type: string
+                                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                x-kubernetes-int-or-string: true
+                                              type: object
+                                          type: object
+                                        restartPolicy:
+                                          type: string
+                                        securityContext:
+                                          properties:
+                                            allowPrivilegeEscalation:
+                                              type: boolean
+                                            appArmorProfile:
+                                              properties:
+                                                localhostProfile:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                              required:
+                                              - type
+                                              type: object
+                                            capabilities:
+                                              properties:
+                                                add:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                drop:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            privileged:
+                                              type: boolean
+                                            procMount:
+                                              type: string
+                                            readOnlyRootFilesystem:
+                                              type: boolean
+                                            runAsGroup:
+                                              format: int64
+                                              type: integer
+                                            runAsNonRoot:
+                                              type: boolean
+                                            runAsUser:
+                                              format: int64
+                                              type: integer
+                                            seLinuxOptions:
+                                              properties:
+                                                level:
+                                                  type: string
+                                                role:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                                user:
+                                                  type: string
+                                              type: object
+                                            seccompProfile:
+                                              properties:
+                                                localhostProfile:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                              required:
+                                              - type
+                                              type: object
+                                            windowsOptions:
+                                              properties:
+                                                gmsaCredentialSpec:
+                                                  type: string
+                                                gmsaCredentialSpecName:
+                                                  type: string
+                                                hostProcess:
+                                                  type: boolean
+                                                runAsUserName:
+                                                  type: string
+                                              type: object
+                                          type: object
+                                        startupProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        stdin:
+                                          type: boolean
+                                        stdinOnce:
+                                          type: boolean
+                                        terminationMessagePath:
+                                          type: string
+                                        terminationMessagePolicy:
+                                          type: string
+                                        tty:
+                                          type: boolean
+                                        volumeDevices:
+                                          items:
+                                            properties:
+                                              devicePath:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - devicePath
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - devicePath
+                                          x-kubernetes-list-type: map
+                                        volumeMounts:
+                                          items:
+                                            properties:
+                                              mountPath:
+                                                type: string
+                                              mountPropagation:
+                                                type: string
+                                              name:
+                                                type: string
+                                              readOnly:
+                                                type: boolean
+                                              recursiveReadOnly:
+                                                type: string
+                                              subPath:
+                                                type: string
+                                              subPathExpr:
+                                                type: string
+                                            required:
+                                            - mountPath
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - mountPath
+                                          x-kubernetes-list-type: map
+                                        workingDir:
+                                          type: string
+                                      required:
+                                      - name
+                                      type: object
+                                    type: array
+                                  dnsConfig:
+                                    properties:
+                                      nameservers:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      options:
+                                        items:
+                                          properties:
+                                            name:
+                                              type: string
+                                            value:
+                                              type: string
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      searches:
+                                        items:
+                                          type: string
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    type: object
+                                  dnsPolicy:
+                                    type: string
+                                  enableServiceLinks:
+                                    type: boolean
+                                  ephemeralContainers:
+                                    items:
+                                      properties:
+                                        args:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        command:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        env:
+                                          items:
+                                            properties:
+                                              name:
+                                                type: string
+                                              value:
+                                                type: string
+                                              valueFrom:
+                                                properties:
+                                                  configMapKeyRef:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                    required:
+                                                    - key
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  fieldRef:
+                                                    properties:
+                                                      apiVersion:
+                                                        type: string
+                                                      fieldPath:
+                                                        type: string
+                                                    required:
+                                                    - fieldPath
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  resourceFieldRef:
+                                                    properties:
+                                                      containerName:
+                                                        type: string
+                                                      divisor:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                        x-kubernetes-int-or-string: true
+                                                      resource:
+                                                        type: string
+                                                    required:
+                                                    - resource
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  secretKeyRef:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                    required:
+                                                    - key
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                type: object
+                                            required:
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - name
+                                          x-kubernetes-list-type: map
+                                        envFrom:
+                                          items:
+                                            properties:
+                                              configMapRef:
+                                                properties:
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              prefix:
+                                                type: string
+                                              secretRef:
+                                                properties:
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        image:
+                                          type: string
+                                        imagePullPolicy:
+                                          type: string
+                                        lifecycle:
+                                          properties:
+                                            postStart:
+                                              properties:
+                                                exec:
+                                                  properties:
+                                                    command:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  type: object
+                                                httpGet:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    httpHeaders:
+                                                      items:
+                                                        properties:
+                                                          name:
+                                                            type: string
+                                                          value:
+                                                            type: string
+                                                        required:
+                                                        - name
+                                                        - value
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    path:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                    scheme:
+                                                      type: string
+                                                  required:
+                                                  - port
+                                                  type: object
+                                                sleep:
+                                                  properties:
+                                                    seconds:
+                                                      format: int64
+                                                      type: integer
+                                                  required:
+                                                  - seconds
+                                                  type: object
+                                                tcpSocket:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                  required:
+                                                  - port
+                                                  type: object
+                                              type: object
+                                            preStop:
+                                              properties:
+                                                exec:
+                                                  properties:
+                                                    command:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  type: object
+                                                httpGet:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    httpHeaders:
+                                                      items:
+                                                        properties:
+                                                          name:
+                                                            type: string
+                                                          value:
+                                                            type: string
+                                                        required:
+                                                        - name
+                                                        - value
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    path:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                    scheme:
+                                                      type: string
+                                                  required:
+                                                  - port
+                                                  type: object
+                                                sleep:
+                                                  properties:
+                                                    seconds:
+                                                      format: int64
+                                                      type: integer
+                                                  required:
+                                                  - seconds
+                                                  type: object
+                                                tcpSocket:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                  required:
+                                                  - port
+                                                  type: object
+                                              type: object
+                                          type: object
+                                        livenessProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        name:
+                                          type: string
+                                        ports:
+                                          items:
+                                            properties:
+                                              containerPort:
+                                                format: int32
+                                                type: integer
+                                              hostIP:
+                                                type: string
+                                              hostPort:
+                                                format: int32
+                                                type: integer
+                                              name:
+                                                type: string
+                                              protocol:
+                                                default: TCP
+                                                type: string
+                                            required:
+                                            - containerPort
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - containerPort
+                                          - protocol
+                                          x-kubernetes-list-type: map
+                                        readinessProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        resizePolicy:
+                                          items:
+                                            properties:
+                                              resourceName:
+                                                type: string
+                                              restartPolicy:
+                                                type: string
+                                            required:
+                                            - resourceName
+                                            - restartPolicy
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        resources:
+                                          properties:
+                                            claims:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                required:
+                                                - name
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-map-keys:
+                                              - name
+                                              x-kubernetes-list-type: map
+                                            limits:
+                                              additionalProperties:
+                                                anyOf:
+                                                - type: integer
+                                                - type: string
+                                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                x-kubernetes-int-or-string: true
+                                              type: object
+                                            requests:
+                                              additionalProperties:
+                                                anyOf:
+                                                - type: integer
+                                                - type: string
+                                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                x-kubernetes-int-or-string: true
+                                              type: object
+                                          type: object
+                                        restartPolicy:
+                                          type: string
+                                        securityContext:
+                                          properties:
+                                            allowPrivilegeEscalation:
+                                              type: boolean
+                                            appArmorProfile:
+                                              properties:
+                                                localhostProfile:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                              required:
+                                              - type
+                                              type: object
+                                            capabilities:
+                                              properties:
+                                                add:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                drop:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            privileged:
+                                              type: boolean
+                                            procMount:
+                                              type: string
+                                            readOnlyRootFilesystem:
+                                              type: boolean
+                                            runAsGroup:
+                                              format: int64
+                                              type: integer
+                                            runAsNonRoot:
+                                              type: boolean
+                                            runAsUser:
+                                              format: int64
+                                              type: integer
+                                            seLinuxOptions:
+                                              properties:
+                                                level:
+                                                  type: string
+                                                role:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                                user:
+                                                  type: string
+                                              type: object
+                                            seccompProfile:
+                                              properties:
+                                                localhostProfile:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                              required:
+                                              - type
+                                              type: object
+                                            windowsOptions:
+                                              properties:
+                                                gmsaCredentialSpec:
+                                                  type: string
+                                                gmsaCredentialSpecName:
+                                                  type: string
+                                                hostProcess:
+                                                  type: boolean
+                                                runAsUserName:
+                                                  type: string
+                                              type: object
+                                          type: object
+                                        startupProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        stdin:
+                                          type: boolean
+                                        stdinOnce:
+                                          type: boolean
+                                        targetContainerName:
+                                          type: string
+                                        terminationMessagePath:
+                                          type: string
+                                        terminationMessagePolicy:
+                                          type: string
+                                        tty:
+                                          type: boolean
+                                        volumeDevices:
+                                          items:
+                                            properties:
+                                              devicePath:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - devicePath
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - devicePath
+                                          x-kubernetes-list-type: map
+                                        volumeMounts:
+                                          items:
+                                            properties:
+                                              mountPath:
+                                                type: string
+                                              mountPropagation:
+                                                type: string
+                                              name:
+                                                type: string
+                                              readOnly:
+                                                type: boolean
+                                              recursiveReadOnly:
+                                                type: string
+                                              subPath:
+                                                type: string
+                                              subPathExpr:
+                                                type: string
+                                            required:
+                                            - mountPath
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - mountPath
+                                          x-kubernetes-list-type: map
+                                        workingDir:
+                                          type: string
+                                      required:
+                                      - name
+                                      type: object
+                                    type: array
+                                  hostAliases:
+                                    items:
+                                      properties:
+                                        hostnames:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        ip:
+                                          type: string
+                                      required:
+                                      - ip
+                                      type: object
+                                    type: array
+                                  hostIPC:
+                                    type: boolean
+                                  hostNetwork:
+                                    type: boolean
+                                  hostPID:
+                                    type: boolean
+                                  hostname:
+                                    type: string
+                                  imagePullSecrets:
+                                    items:
+                                      properties:
+                                        name:
+                                          default: ""
+                                          type: string
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    type: array
+                                  initContainers:
+                                    items:
+                                      properties:
+                                        args:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        command:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        env:
+                                          items:
+                                            properties:
+                                              name:
+                                                type: string
+                                              value:
+                                                type: string
+                                              valueFrom:
+                                                properties:
+                                                  configMapKeyRef:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                    required:
+                                                    - key
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  fieldRef:
+                                                    properties:
+                                                      apiVersion:
+                                                        type: string
+                                                      fieldPath:
+                                                        type: string
+                                                    required:
+                                                    - fieldPath
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  resourceFieldRef:
+                                                    properties:
+                                                      containerName:
+                                                        type: string
+                                                      divisor:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                        x-kubernetes-int-or-string: true
+                                                      resource:
+                                                        type: string
+                                                    required:
+                                                    - resource
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  secretKeyRef:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                    required:
+                                                    - key
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                type: object
+                                            required:
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - name
+                                          x-kubernetes-list-type: map
+                                        envFrom:
+                                          items:
+                                            properties:
+                                              configMapRef:
+                                                properties:
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              prefix:
+                                                type: string
+                                              secretRef:
+                                                properties:
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        image:
+                                          type: string
+                                        imagePullPolicy:
+                                          type: string
+                                        lifecycle:
+                                          properties:
+                                            postStart:
+                                              properties:
+                                                exec:
+                                                  properties:
+                                                    command:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  type: object
+                                                httpGet:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    httpHeaders:
+                                                      items:
+                                                        properties:
+                                                          name:
+                                                            type: string
+                                                          value:
+                                                            type: string
+                                                        required:
+                                                        - name
+                                                        - value
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    path:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                    scheme:
+                                                      type: string
+                                                  required:
+                                                  - port
+                                                  type: object
+                                                sleep:
+                                                  properties:
+                                                    seconds:
+                                                      format: int64
+                                                      type: integer
+                                                  required:
+                                                  - seconds
+                                                  type: object
+                                                tcpSocket:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                  required:
+                                                  - port
+                                                  type: object
+                                              type: object
+                                            preStop:
+                                              properties:
+                                                exec:
+                                                  properties:
+                                                    command:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                  type: object
+                                                httpGet:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    httpHeaders:
+                                                      items:
+                                                        properties:
+                                                          name:
+                                                            type: string
+                                                          value:
+                                                            type: string
+                                                        required:
+                                                        - name
+                                                        - value
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    path:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                    scheme:
+                                                      type: string
+                                                  required:
+                                                  - port
+                                                  type: object
+                                                sleep:
+                                                  properties:
+                                                    seconds:
+                                                      format: int64
+                                                      type: integer
+                                                  required:
+                                                  - seconds
+                                                  type: object
+                                                tcpSocket:
+                                                  properties:
+                                                    host:
+                                                      type: string
+                                                    port:
+                                                      anyOf:
+                                                      - type: integer
+                                                      - type: string
+                                                      x-kubernetes-int-or-string: true
+                                                  required:
+                                                  - port
+                                                  type: object
+                                              type: object
+                                          type: object
+                                        livenessProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        name:
+                                          type: string
+                                        ports:
+                                          items:
+                                            properties:
+                                              containerPort:
+                                                format: int32
+                                                type: integer
+                                              hostIP:
+                                                type: string
+                                              hostPort:
+                                                format: int32
+                                                type: integer
+                                              name:
+                                                type: string
+                                              protocol:
+                                                default: TCP
+                                                type: string
+                                            required:
+                                            - containerPort
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - containerPort
+                                          - protocol
+                                          x-kubernetes-list-type: map
+                                        readinessProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        resizePolicy:
+                                          items:
+                                            properties:
+                                              resourceName:
+                                                type: string
+                                              restartPolicy:
+                                                type: string
+                                            required:
+                                            - resourceName
+                                            - restartPolicy
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        resources:
+                                          properties:
+                                            claims:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                required:
+                                                - name
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-map-keys:
+                                              - name
+                                              x-kubernetes-list-type: map
+                                            limits:
+                                              additionalProperties:
+                                                anyOf:
+                                                - type: integer
+                                                - type: string
+                                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                x-kubernetes-int-or-string: true
+                                              type: object
+                                            requests:
+                                              additionalProperties:
+                                                anyOf:
+                                                - type: integer
+                                                - type: string
+                                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                x-kubernetes-int-or-string: true
+                                              type: object
+                                          type: object
+                                        restartPolicy:
+                                          type: string
+                                        securityContext:
+                                          properties:
+                                            allowPrivilegeEscalation:
+                                              type: boolean
+                                            appArmorProfile:
+                                              properties:
+                                                localhostProfile:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                              required:
+                                              - type
+                                              type: object
+                                            capabilities:
+                                              properties:
+                                                add:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                drop:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            privileged:
+                                              type: boolean
+                                            procMount:
+                                              type: string
+                                            readOnlyRootFilesystem:
+                                              type: boolean
+                                            runAsGroup:
+                                              format: int64
+                                              type: integer
+                                            runAsNonRoot:
+                                              type: boolean
+                                            runAsUser:
+                                              format: int64
+                                              type: integer
+                                            seLinuxOptions:
+                                              properties:
+                                                level:
+                                                  type: string
+                                                role:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                                user:
+                                                  type: string
+                                              type: object
+                                            seccompProfile:
+                                              properties:
+                                                localhostProfile:
+                                                  type: string
+                                                type:
+                                                  type: string
+                                              required:
+                                              - type
+                                              type: object
+                                            windowsOptions:
+                                              properties:
+                                                gmsaCredentialSpec:
+                                                  type: string
+                                                gmsaCredentialSpecName:
+                                                  type: string
+                                                hostProcess:
+                                                  type: boolean
+                                                runAsUserName:
+                                                  type: string
+                                              type: object
+                                          type: object
+                                        startupProbe:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            failureThreshold:
+                                              format: int32
+                                              type: integer
+                                            grpc:
+                                              properties:
+                                                port:
+                                                  format: int32
+                                                  type: integer
+                                                service:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            initialDelaySeconds:
+                                              format: int32
+                                              type: integer
+                                            periodSeconds:
+                                              format: int32
+                                              type: integer
+                                            successThreshold:
+                                              format: int32
+                                              type: integer
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                            terminationGracePeriodSeconds:
+                                              format: int64
+                                              type: integer
+                                            timeoutSeconds:
+                                              format: int32
+                                              type: integer
+                                          type: object
+                                        stdin:
+                                          type: boolean
+                                        stdinOnce:
+                                          type: boolean
+                                        terminationMessagePath:
+                                          type: string
+                                        terminationMessagePolicy:
+                                          type: string
+                                        tty:
+                                          type: boolean
+                                        volumeDevices:
+                                          items:
+                                            properties:
+                                              devicePath:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - devicePath
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - devicePath
+                                          x-kubernetes-list-type: map
+                                        volumeMounts:
+                                          items:
+                                            properties:
+                                              mountPath:
+                                                type: string
+                                              mountPropagation:
+                                                type: string
+                                              name:
+                                                type: string
+                                              readOnly:
+                                                type: boolean
+                                              recursiveReadOnly:
+                                                type: string
+                                              subPath:
+                                                type: string
+                                              subPathExpr:
+                                                type: string
+                                            required:
+                                            - mountPath
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - mountPath
+                                          x-kubernetes-list-type: map
+                                        workingDir:
+                                          type: string
+                                      required:
+                                      - name
+                                      type: object
+                                    type: array
+                                  nodeName:
+                                    type: string
+                                  nodeSelector:
+                                    additionalProperties:
+                                      type: string
+                                    type: object
+                                  overhead:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    type: object
+                                  preemptionPolicy:
+                                    type: string
+                                  priority:
+                                    format: int32
+                                    type: integer
+                                  priorityClassName:
+                                    type: string
+                                  readinessGates:
+                                    items:
+                                      properties:
+                                        conditionType:
+                                          type: string
+                                      required:
+                                      - conditionType
+                                      type: object
+                                    type: array
+                                  restartPolicy:
+                                    type: string
+                                  runtimeClassName:
+                                    type: string
+                                  schedulerName:
+                                    type: string
+                                  securityContext:
+                                    properties:
+                                      appArmorProfile:
+                                        properties:
+                                          localhostProfile:
+                                            type: string
+                                          type:
+                                            type: string
+                                        required:
+                                        - type
+                                        type: object
+                                      fsGroup:
+                                        format: int64
+                                        type: integer
+                                      fsGroupChangePolicy:
+                                        type: string
+                                      runAsGroup:
+                                        format: int64
+                                        type: integer
+                                      runAsNonRoot:
+                                        type: boolean
+                                      runAsUser:
+                                        format: int64
+                                        type: integer
+                                      seLinuxOptions:
+                                        properties:
+                                          level:
+                                            type: string
+                                          role:
+                                            type: string
+                                          type:
+                                            type: string
+                                          user:
+                                            type: string
+                                        type: object
+                                      seccompProfile:
+                                        properties:
+                                          localhostProfile:
+                                            type: string
+                                          type:
+                                            type: string
+                                        required:
+                                        - type
+                                        type: object
+                                      supplementalGroups:
+                                        items:
+                                          format: int64
+                                          type: integer
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      sysctls:
+                                        items:
+                                          properties:
+                                            name:
+                                              type: string
+                                            value:
+                                              type: string
+                                          required:
+                                          - name
+                                          - value
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      windowsOptions:
+                                        properties:
+                                          gmsaCredentialSpec:
+                                            type: string
+                                          gmsaCredentialSpecName:
+                                            type: string
+                                          hostProcess:
+                                            type: boolean
+                                          runAsUserName:
+                                            type: string
+                                        type: object
+                                    type: object
+                                  serviceAccountName:
+                                    type: string
+                                  setHostnameAsFQDN:
+                                    type: boolean
+                                  shareProcessNamespace:
+                                    type: boolean
+                                  subdomain:
+                                    type: string
+                                  terminationGracePeriodSeconds:
+                                    format: int64
+                                    type: integer
+                                  tolerations:
+                                    items:
+                                      properties:
+                                        effect:
+                                          type: string
+                                        key:
+                                          type: string
+                                        operator:
+                                          type: string
+                                        tolerationSeconds:
+                                          format: int64
+                                          type: integer
+                                        value:
+                                          type: string
+                                      type: object
+                                    type: array
+                                  topologySpreadConstraints:
+                                    items:
+                                      properties:
+                                        labelSelector:
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  operator:
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      type: string
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                required:
+                                                - key
+                                                - operator
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            matchLabels:
+                                              additionalProperties:
+                                                type: string
+                                              type: object
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        matchLabelKeys:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        maxSkew:
+                                          format: int32
+                                          type: integer
+                                        minDomains:
+                                          format: int32
+                                          type: integer
+                                        nodeAffinityPolicy:
+                                          type: string
+                                        nodeTaintsPolicy:
+                                          type: string
+                                        topologyKey:
+                                          type: string
+                                        whenUnsatisfiable:
+                                          type: string
+                                      required:
+                                      - maxSkew
+                                      - topologyKey
+                                      - whenUnsatisfiable
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-map-keys:
+                                    - topologyKey
+                                    - whenUnsatisfiable
+                                    x-kubernetes-list-type: map
+                                  volumes:
+                                    items:
+                                      properties:
+                                        awsElasticBlockStore:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            partition:
+                                              format: int32
+                                              type: integer
+                                            readOnly:
+                                              type: boolean
+                                            volumeID:
+                                              type: string
+                                          required:
+                                          - volumeID
+                                          type: object
+                                        azureDisk:
+                                          properties:
+                                            cachingMode:
+                                              type: string
+                                            diskName:
+                                              type: string
+                                            diskURI:
+                                              type: string
+                                            fsType:
+                                              type: string
+                                            kind:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                          required:
+                                          - diskName
+                                          - diskURI
+                                          type: object
+                                        azureFile:
+                                          properties:
+                                            readOnly:
+                                              type: boolean
+                                            secretName:
+                                              type: string
+                                            shareName:
+                                              type: string
+                                          required:
+                                          - secretName
+                                          - shareName
+                                          type: object
+                                        cephfs:
+                                          properties:
+                                            monitors:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            path:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                            secretFile:
+                                              type: string
+                                            secretRef:
+                                              properties:
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            user:
+                                              type: string
+                                          required:
+                                          - monitors
+                                          type: object
+                                        cinder:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                            secretRef:
+                                              properties:
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            volumeID:
+                                              type: string
+                                          required:
+                                          - volumeID
+                                          type: object
+                                        configMap:
+                                          properties:
+                                            defaultMode:
+                                              format: int32
+                                              type: integer
+                                            items:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  mode:
+                                                    format: int32
+                                                    type: integer
+                                                  path:
+                                                    type: string
+                                                required:
+                                                - key
+                                                - path
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        csi:
+                                          properties:
+                                            driver:
+                                              type: string
+                                            fsType:
+                                              type: string
+                                            nodePublishSecretRef:
+                                              properties:
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            readOnly:
+                                              type: boolean
+                                            volumeAttributes:
+                                              additionalProperties:
+                                                type: string
+                                              type: object
+                                          required:
+                                          - driver
+                                          type: object
+                                        downwardAPI:
+                                          properties:
+                                            defaultMode:
+                                              format: int32
+                                              type: integer
+                                            items:
+                                              items:
+                                                properties:
+                                                  fieldRef:
+                                                    properties:
+                                                      apiVersion:
+                                                        type: string
+                                                      fieldPath:
+                                                        type: string
+                                                    required:
+                                                    - fieldPath
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  mode:
+                                                    format: int32
+                                                    type: integer
+                                                  path:
+                                                    type: string
+                                                  resourceFieldRef:
+                                                    properties:
+                                                      containerName:
+                                                        type: string
+                                                      divisor:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                        x-kubernetes-int-or-string: true
+                                                      resource:
+                                                        type: string
+                                                    required:
+                                                    - resource
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                required:
+                                                - path
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        emptyDir:
+                                          properties:
+                                            medium:
+                                              type: string
+                                            sizeLimit:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                              x-kubernetes-int-or-string: true
+                                          type: object
+                                        ephemeral:
+                                          properties:
+                                            volumeClaimTemplate:
+                                              properties:
+                                                metadata:
+                                                  type: object
+                                                spec:
+                                                  properties:
+                                                    accessModes:
+                                                      items:
+                                                        type: string
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    dataSource:
+                                                      properties:
+                                                        apiGroup:
+                                                          type: string
+                                                        kind:
+                                                          type: string
+                                                        name:
+                                                          type: string
+                                                      required:
+                                                      - kind
+                                                      - name
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                    dataSourceRef:
+                                                      properties:
+                                                        apiGroup:
+                                                          type: string
+                                                        kind:
+                                                          type: string
+                                                        name:
+                                                          type: string
+                                                        namespace:
+                                                          type: string
+                                                      required:
+                                                      - kind
+                                                      - name
+                                                      type: object
+                                                    resources:
+                                                      properties:
+                                                        limits:
+                                                          additionalProperties:
+                                                            anyOf:
+                                                            - type: integer
+                                                            - type: string
+                                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                            x-kubernetes-int-or-string: true
+                                                          type: object
+                                                        requests:
+                                                          additionalProperties:
+                                                            anyOf:
+                                                            - type: integer
+                                                            - type: string
+                                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                            x-kubernetes-int-or-string: true
+                                                          type: object
+                                                      type: object
+                                                    selector:
+                                                      properties:
+                                                        matchExpressions:
+                                                          items:
+                                                            properties:
+                                                              key:
+                                                                type: string
+                                                              operator:
+                                                                type: string
+                                                              values:
+                                                                items:
+                                                                  type: string
+                                                                type: array
+                                                                x-kubernetes-list-type: atomic
+                                                            required:
+                                                            - key
+                                                            - operator
+                                                            type: object
+                                                          type: array
+                                                          x-kubernetes-list-type: atomic
+                                                        matchLabels:
+                                                          additionalProperties:
+                                                            type: string
+                                                          type: object
+                                                      type: object
+                                                      x-kubernetes-map-type: atomic
+                                                    storageClassName:
+                                                      type: string
+                                                    volumeAttributesClassName:
+                                                      type: string
+                                                    volumeMode:
+                                                      type: string
+                                                    volumeName:
+                                                      type: string
+                                                  type: object
+                                              required:
+                                              - spec
+                                              type: object
+                                          type: object
+                                        fc:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            lun:
+                                              format: int32
+                                              type: integer
+                                            readOnly:
+                                              type: boolean
+                                            targetWWNs:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            wwids:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        flexVolume:
+                                          properties:
+                                            driver:
+                                              type: string
+                                            fsType:
+                                              type: string
+                                            options:
+                                              additionalProperties:
+                                                type: string
+                                              type: object
+                                            readOnly:
+                                              type: boolean
+                                            secretRef:
+                                              properties:
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          required:
+                                          - driver
+                                          type: object
+                                        flocker:
+                                          properties:
+                                            datasetName:
+                                              type: string
+                                            datasetUUID:
+                                              type: string
+                                          type: object
+                                        gcePersistentDisk:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            partition:
+                                              format: int32
+                                              type: integer
+                                            pdName:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                          required:
+                                          - pdName
+                                          type: object
+                                        gitRepo:
+                                          properties:
+                                            directory:
+                                              type: string
+                                            repository:
+                                              type: string
+                                            revision:
+                                              type: string
+                                          required:
+                                          - repository
+                                          type: object
+                                        glusterfs:
+                                          properties:
+                                            endpoints:
+                                              type: string
+                                            path:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                          required:
+                                          - endpoints
+                                          - path
+                                          type: object
+                                        hostPath:
+                                          properties:
+                                            path:
+                                              type: string
+                                            type:
+                                              type: string
+                                          required:
+                                          - path
+                                          type: object
+                                        iscsi:
+                                          properties:
+                                            chapAuthDiscovery:
+                                              type: boolean
+                                            chapAuthSession:
+                                              type: boolean
+                                            fsType:
+                                              type: string
+                                            initiatorName:
+                                              type: string
+                                            iqn:
+                                              type: string
+                                            iscsiInterface:
+                                              type: string
+                                            lun:
+                                              format: int32
+                                              type: integer
+                                            portals:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            readOnly:
+                                              type: boolean
+                                            secretRef:
+                                              properties:
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            targetPortal:
+                                              type: string
+                                          required:
+                                          - iqn
+                                          - lun
+                                          - targetPortal
+                                          type: object
+                                        name:
+                                          type: string
+                                        nfs:
+                                          properties:
+                                            path:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                            server:
+                                              type: string
+                                          required:
+                                          - path
+                                          - server
+                                          type: object
+                                        persistentVolumeClaim:
+                                          properties:
+                                            claimName:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                          required:
+                                          - claimName
+                                          type: object
+                                        photonPersistentDisk:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            pdID:
+                                              type: string
+                                          required:
+                                          - pdID
+                                          type: object
+                                        portworxVolume:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                            volumeID:
+                                              type: string
+                                          required:
+                                          - volumeID
+                                          type: object
+                                        projected:
+                                          properties:
+                                            defaultMode:
+                                              format: int32
+                                              type: integer
+                                            sources:
+                                              items:
+                                                properties:
+                                                  clusterTrustBundle:
+                                                    properties:
+                                                      labelSelector:
+                                                        properties:
+                                                          matchExpressions:
+                                                            items:
+                                                              properties:
+                                                                key:
+                                                                  type: string
+                                                                operator:
+                                                                  type: string
+                                                                values:
+                                                                  items:
+                                                                    type: string
+                                                                  type: array
+                                                                  x-kubernetes-list-type: atomic
+                                                              required:
+                                                              - key
+                                                              - operator
+                                                              type: object
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                          matchLabels:
+                                                            additionalProperties:
+                                                              type: string
+                                                            type: object
+                                                        type: object
+                                                        x-kubernetes-map-type: atomic
+                                                      name:
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                      path:
+                                                        type: string
+                                                      signerName:
+                                                        type: string
+                                                    required:
+                                                    - path
+                                                    type: object
+                                                  configMap:
+                                                    properties:
+                                                      items:
+                                                        items:
+                                                          properties:
+                                                            key:
+                                                              type: string
+                                                            mode:
+                                                              format: int32
+                                                              type: integer
+                                                            path:
+                                                              type: string
+                                                          required:
+                                                          - key
+                                                          - path
+                                                          type: object
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  downwardAPI:
+                                                    properties:
+                                                      items:
+                                                        items:
+                                                          properties:
+                                                            fieldRef:
+                                                              properties:
+                                                                apiVersion:
+                                                                  type: string
+                                                                fieldPath:
+                                                                  type: string
+                                                              required:
+                                                              - fieldPath
+                                                              type: object
+                                                              x-kubernetes-map-type: atomic
+                                                            mode:
+                                                              format: int32
+                                                              type: integer
+                                                            path:
+                                                              type: string
+                                                            resourceFieldRef:
+                                                              properties:
+                                                                containerName:
+                                                                  type: string
+                                                                divisor:
+                                                                  anyOf:
+                                                                  - type: integer
+                                                                  - type: string
+                                                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                                  x-kubernetes-int-or-string: true
+                                                                resource:
+                                                                  type: string
+                                                              required:
+                                                              - resource
+                                                              type: object
+                                                              x-kubernetes-map-type: atomic
+                                                          required:
+                                                          - path
+                                                          type: object
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    type: object
+                                                  secret:
+                                                    properties:
+                                                      items:
+                                                        items:
+                                                          properties:
+                                                            key:
+                                                              type: string
+                                                            mode:
+                                                              format: int32
+                                                              type: integer
+                                                            path:
+                                                              type: string
+                                                          required:
+                                                          - key
+                                                          - path
+                                                          type: object
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      name:
+                                                        default: ""
+                                                        type: string
+                                                      optional:
+                                                        type: boolean
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  serviceAccountToken:
+                                                    properties:
+                                                      audience:
+                                                        type: string
+                                                      expirationSeconds:
+                                                        format: int64
+                                                        type: integer
+                                                      path:
+                                                        type: string
+                                                    required:
+                                                    - path
+                                                    type: object
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        quobyte:
+                                          properties:
+                                            group:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                            registry:
+                                              type: string
+                                            tenant:
+                                              type: string
+                                            user:
+                                              type: string
+                                            volume:
+                                              type: string
+                                          required:
+                                          - registry
+                                          - volume
+                                          type: object
+                                        rbd:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            image:
+                                              type: string
+                                            keyring:
+                                              type: string
+                                            monitors:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            pool:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                            secretRef:
+                                              properties:
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            user:
+                                              type: string
+                                          required:
+                                          - image
+                                          - monitors
+                                          type: object
+                                        scaleIO:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            gateway:
+                                              type: string
+                                            protectionDomain:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                            secretRef:
+                                              properties:
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            sslEnabled:
+                                              type: boolean
+                                            storageMode:
+                                              type: string
+                                            storagePool:
+                                              type: string
+                                            system:
+                                              type: string
+                                            volumeName:
+                                              type: string
+                                          required:
+                                          - gateway
+                                          - secretRef
+                                          - system
+                                          type: object
+                                        secret:
+                                          properties:
+                                            defaultMode:
+                                              format: int32
+                                              type: integer
+                                            items:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  mode:
+                                                    format: int32
+                                                    type: integer
+                                                  path:
+                                                    type: string
+                                                required:
+                                                - key
+                                                - path
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            optional:
+                                              type: boolean
+                                            secretName:
+                                              type: string
+                                          type: object
+                                        storageos:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            readOnly:
+                                              type: boolean
+                                            secretRef:
+                                              properties:
+                                                name:
+                                                  default: ""
+                                                  type: string
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            volumeName:
+                                              type: string
+                                            volumeNamespace:
+                                              type: string
+                                          type: object
+                                        vsphereVolume:
+                                          properties:
+                                            fsType:
+                                              type: string
+                                            storagePolicyID:
+                                              type: string
+                                            storagePolicyName:
+                                              type: string
+                                            volumePath:
+                                              type: string
+                                          required:
+                                          - volumePath
+                                          type: object
+                                      required:
+                                      - name
+                                      type: object
+                                    type: array
+                                type: object
+                            type: object
+                          updateStrategy:
+                            properties:
+                              rollingUpdate:
+                                properties:
+                                  maxSurge:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    x-kubernetes-int-or-string: true
+                                  maxUnavailable:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    x-kubernetes-int-or-string: true
+                                type: object
+                              type:
+                                type: string
+                            type: object
+                        type: object
+                    type: object
+                  disableKubernetesFilter:
+                    type: boolean
+                  enableUpstream:
+                    type: boolean
+                  enabled:
+                    type: boolean
+                  extraVolumeMounts:
+                    items:
+                      properties:
+                        destination:
+                          pattern: ^/.+$
+                          type: string
+                        readOnly:
+                          type: boolean
+                        source:
+                          pattern: ^/.+$
+                          type: string
+                      required:
+                      - destination
+                      - source
+                      type: object
+                    type: array
+                  filterAws:
+                    properties:
+                      Match:
+                        type: string
+                      account_id:
+                        type: boolean
+                      ami_id:
+                        type: boolean
+                      az:
+                        type: boolean
+                      ec2_instance_id:
+                        type: boolean
+                      ec2_instance_type:
+                        type: boolean
+                      hostname:
+                        type: boolean
+                      imds_version:
+                        type: string
+                      private_ip:
+                        type: boolean
+                      vpc_id:
+                        type: boolean
+                    type: object
+                  filterKubernetes:
+                    properties:
+                      Annotations:
+                        type: string
+                      Buffer_Size:
+                        type: string
+                      Cache_Use_Docker_Id:
+                        type: string
+                      DNS_Retries:
+                        type: string
+                      DNS_Wait_Time:
+                        type: string
+                      Dummy_Meta:
+                        type: string
+                      K8S-Logging.Exclude:
+                        type: string
+                      K8S-Logging.Parser:
+                        type: string
+                      Keep_Log:
+                        type: string
+                      Kube_CA_File:
+                        type: string
+                      Kube_CA_Path:
+                        type: string
+                      Kube_Meta_Cache_TTL:
+                        type: string
+                      Kube_Tag_Prefix:
+                        type: string
+                      Kube_Token_File:
+                        type: string
+                      Kube_Token_TTL:
+                        type: string
+                      Kube_URL:
+                        type: string
+                      Kube_meta_preload_cache_dir:
+                        type: string
+                      Kubelet_Port:
+                        type: string
+                      Labels:
+                        type: string
+                      Match:
+                        type: string
+                      Merge_Log:
+                        type: string
+                      Merge_Log_Key:
+                        type: string
+                      Merge_Log_Trim:
+                        type: string
+                      Merge_Parser:
+                        type: string
+                      Regex_Parser:
+                        type: string
+                      Use_Journal:
+                        type: string
+                      Use_Kubelet:
+                        type: string
+                      kube_meta_namespace_cache_ttl:
+                        type: string
+                      namespace_annotations:
+                        type: string
+                      namespace_labels:
+                        type: string
+                      tls.debug:
+                        type: string
+                      tls.verify:
+                        type: string
+                    type: object
+                  flush:
+                    format: int32
+                    type: integer
+                  forwardOptions:
+                    properties:
+                      Require_ack_response:
+                        type: boolean
+                      Retry_Limit:
+                        type: string
+                      Send_options:
+                        type: boolean
+                      Tag:
+                        type: string
+                      Time_as_Integer:
+                        type: boolean
+                      Workers:
+                        type: integer
+                      storage.total_limit_size:
+                        type: string
+                    type: object
+                  grace:
+                    format: int32
+                    type: integer
+                  inputTail:
+                    properties:
+                      Buffer_Chunk_Size:
+                        type: string
+                      Buffer_Max_Size:
+                        type: string
+                      DB:
+                        type: string
+                      DB.journal_mode:
+                        type: string
+                      DB.locking:
+                        type: boolean
+                      DB_Sync:
+                        type: string
+                      Docker_Mode:
+                        type: string
+                      Docker_Mode_Flush:
+                        type: string
+                      Docker_Mode_Parser:
+                        type: string
+                      Exclude_Path:
+                        type: string
+                      Ignore_Older:
+                        type: string
+                      Key:
+                        type: string
+                      Mem_Buf_Limit:
+                        type: string
+                      Multiline:
+                        type: string
+                      Multiline_Flush:
+                        type: string
+                      Parser:
+                        type: string
+                      Parser_Firstline:
+                        type: string
+                      Parser_N:
+                        items:
+                          type: string
+                        type: array
+                      Path:
+                        type: string
+                      Path_Key:
+                        type: string
+                      Read_From_Head:
+                        type: boolean
+                      Refresh_Interval:
+                        type: string
+                      Rotate_Wait:
+                        type: string
+                      Skip_Long_Lines:
+                        type: string
+                      Tag:
+                        type: string
+                      Tag_Regex:
+                        type: string
+                      multiline.parser:
+                        items:
+                          type: string
+                        type: array
+                      storage.type:
+                        type: string
+                    type: object
+                  livenessDefaultCheck:
+                    type: boolean
+                  logLevel:
+                    type: string
+                  metrics:
+                    properties:
+                      interval:
+                        type: string
+                      path:
+                        type: string
+                      port:
+                        format: int32
+                        type: integer
+                      prometheusAnnotations:
+                        type: boolean
+                      prometheusRules:
+                        type: boolean
+                      serviceMonitor:
+                        type: boolean
+                      serviceMonitorConfig:
+                        properties:
+                          additionalLabels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          honorLabels:
+                            type: boolean
+                          metricRelabelings:
+                            items:
+                              properties:
+                                action:
+                                  default: replace
+                                  enum:
+                                  - replace
+                                  - Replace
+                                  - keep
+                                  - Keep
+                                  - drop
+                                  - Drop
+                                  - hashmod
+                                  - HashMod
+                                  - labelmap
+                                  - LabelMap
+                                  - labeldrop
+                                  - LabelDrop
+                                  - labelkeep
+                                  - LabelKeep
+                                  - lowercase
+                                  - Lowercase
+                                  - uppercase
+                                  - Uppercase
+                                  - keepequal
+                                  - KeepEqual
+                                  - dropequal
+                                  - DropEqual
+                                  type: string
+                                modulus:
+                                  format: int64
+                                  type: integer
+                                regex:
+                                  type: string
+                                replacement:
+                                  type: string
+                                separator:
+                                  type: string
+                                sourceLabels:
+                                  items:
+                                    pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                    type: string
+                                  type: array
+                                targetLabel:
+                                  type: string
+                              type: object
+                            type: array
+                          relabelings:
+                            items:
+                              properties:
+                                action:
+                                  default: replace
+                                  enum:
+                                  - replace
+                                  - Replace
+                                  - keep
+                                  - Keep
+                                  - drop
+                                  - Drop
+                                  - hashmod
+                                  - HashMod
+                                  - labelmap
+                                  - LabelMap
+                                  - labeldrop
+                                  - LabelDrop
+                                  - labelkeep
+                                  - LabelKeep
+                                  - lowercase
+                                  - Lowercase
+                                  - uppercase
+                                  - Uppercase
+                                  - keepequal
+                                  - KeepEqual
+                                  - dropequal
+                                  - DropEqual
+                                  type: string
+                                modulus:
+                                  format: int64
+                                  type: integer
+                                regex:
+                                  type: string
+                                replacement:
+                                  type: string
+                                separator:
+                                  type: string
+                                sourceLabels:
+                                  items:
+                                    pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                    type: string
+                                  type: array
+                                targetLabel:
+                                  type: string
+                              type: object
+                            type: array
+                          scheme:
+                            type: string
+                          tlsConfig:
+                            properties:
+                              ca:
+                                properties:
+                                  configMap:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              caFile:
+                                type: string
+                              cert:
+                                properties:
+                                  configMap:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secret:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              certFile:
+                                type: string
+                              insecureSkipVerify:
+                                type: boolean
+                              keyFile:
+                                type: string
+                              keySecret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              serverName:
+                                type: string
+                            type: object
+                        type: object
+                      timeout:
+                        type: string
+                    type: object
+                  metricsService:
+                    properties:
+                      metadata:
+                        properties:
+                          annotations:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          labels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                        type: object
+                      spec:
+                        properties:
+                          allocateLoadBalancerNodePorts:
+                            type: boolean
+                          clusterIP:
+                            type: string
+                          clusterIPs:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          externalIPs:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          externalName:
+                            type: string
+                          externalTrafficPolicy:
+                            type: string
+                          healthCheckNodePort:
+                            format: int32
+                            type: integer
+                          internalTrafficPolicy:
+                            type: string
+                          ipFamilies:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          ipFamilyPolicy:
+                            type: string
+                          loadBalancerClass:
+                            type: string
+                          loadBalancerIP:
+                            type: string
+                          loadBalancerSourceRanges:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          ports:
+                            items:
+                              properties:
+                                appProtocol:
+                                  type: string
+                                name:
+                                  type: string
+                                nodePort:
+                                  format: int32
+                                  type: integer
+                                port:
+                                  format: int32
+                                  type: integer
+                                protocol:
+                                  default: TCP
+                                  type: string
+                                targetPort:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            type: array
+                            x-kubernetes-list-map-keys:
+                            - port
+                            - protocol
+                            x-kubernetes-list-type: map
+                          publishNotReadyAddresses:
+                            type: boolean
+                          selector:
+                            additionalProperties:
+                              type: string
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          sessionAffinity:
+                            type: string
+                          sessionAffinityConfig:
+                            properties:
+                              clientIP:
+                                properties:
+                                  timeoutSeconds:
+                                    format: int32
+                                    type: integer
+                                type: object
+                            type: object
+                          trafficDistribution:
+                            type: string
+                          type:
+                            type: string
+                        type: object
+                    type: object
+                  network:
+                    properties:
+                      connectTimeout:
+                        format: int32
+                        type: integer
+                      connectTimeoutLogError:
+                        type: boolean
+                      dnsMode:
+                        type: string
+                      dnsPreferIpv4:
+                        type: boolean
+                      dnsResolver:
+                        type: string
+                      keepalive:
+                        type: boolean
+                      keepaliveIdleTimeout:
+                        format: int32
+                        type: integer
+                      keepaliveMaxRecycle:
+                        format: int32
+                        type: integer
+                      maxWorkerConnections:
+                        type: integer
+                      sourceAddress:
+                        type: string
+                    type: object
+                  podPriorityClassName:
+                    type: string
+                  positiondb:
+                    properties:
+                      configMap:
+                        properties:
+                          defaultMode:
+                            format: int32
+                            type: integer
+                          items:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                mode:
+                                  format: int32
+                                  type: integer
+                                path:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          name:
+                            default: ""
+                            type: string
+                          optional:
+                            type: boolean
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      emptyDir:
+                        properties:
+                          medium:
+                            type: string
+                          sizeLimit:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                        type: object
+                      host_path:
+                        properties:
+                          path:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - path
+                        type: object
+                      hostPath:
+                        properties:
+                          path:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - path
+                        type: object
+                      pvc:
+                        properties:
+                          source:
+                            properties:
+                              claimName:
+                                type: string
+                              readOnly:
+                                type: boolean
+                            required:
+                            - claimName
+                            type: object
+                          spec:
+                            properties:
+                              accessModes:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              dataSource:
+                                properties:
+                                  apiGroup:
+                                    type: string
+                                  kind:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              dataSourceRef:
+                                properties:
+                                  apiGroup:
+                                    type: string
+                                  kind:
+                                    type: string
+                                  name:
+                                    type: string
+                                  namespace:
+                                    type: string
+                                required:
+                                - kind
+                                - name
+                                type: object
+                              resources:
+                                properties:
+                                  limits:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    type: object
+                                  requests:
+                                    additionalProperties:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                      x-kubernetes-int-or-string: true
+                                    type: object
+                                type: object
+                              selector:
+                                properties:
+                                  matchExpressions:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        operator:
+                                          type: string
+                                        values:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      required:
+                                      - key
+                                      - operator
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  matchLabels:
+                                    additionalProperties:
+                                      type: string
+                                    type: object
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              storageClassName:
+                                type: string
+                              volumeAttributesClassName:
+                                type: string
+                              volumeMode:
+                                type: string
+                              volumeName:
+                                type: string
+                            type: object
+                        type: object
+                      secret:
+                        properties:
+                          defaultMode:
+                            format: int32
+                            type: integer
+                          items:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                mode:
+                                  format: int32
+                                  type: integer
+                                path:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          optional:
+                            type: boolean
+                          secretName:
+                            type: string
+                        type: object
+                    type: object
+                  security:
+                    properties:
+                      podSecurityContext:
+                        properties:
+                          appArmorProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          fsGroup:
+                            format: int64
+                            type: integer
+                          fsGroupChangePolicy:
+                            type: string
+                          runAsGroup:
+                            format: int64
+                            type: integer
+                          runAsNonRoot:
+                            type: boolean
+                          runAsUser:
+                            format: int64
+                            type: integer
+                          seLinuxOptions:
+                            properties:
+                              level:
+                                type: string
+                              role:
+                                type: string
+                              type:
+                                type: string
+                              user:
+                                type: string
+                            type: object
+                          seccompProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          supplementalGroups:
+                            items:
+                              format: int64
+                              type: integer
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          sysctls:
+                            items:
+                              properties:
+                                name:
+                                  type: string
+                                value:
+                                  type: string
+                              required:
+                              - name
+                              - value
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          windowsOptions:
+                            properties:
+                              gmsaCredentialSpec:
+                                type: string
+                              gmsaCredentialSpecName:
+                                type: string
+                              hostProcess:
+                                type: boolean
+                              runAsUserName:
+                                type: string
+                            type: object
+                        type: object
+                      podSecurityPolicyCreate:
+                        type: boolean
+                      roleBasedAccessControlCreate:
+                        type: boolean
+                      securityContext:
+                        properties:
+                          allowPrivilegeEscalation:
+                            type: boolean
+                          appArmorProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          capabilities:
+                            properties:
+                              add:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              drop:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            type: object
+                          privileged:
+                            type: boolean
+                          procMount:
+                            type: string
+                          readOnlyRootFilesystem:
+                            type: boolean
+                          runAsGroup:
+                            format: int64
+                            type: integer
+                          runAsNonRoot:
+                            type: boolean
+                          runAsUser:
+                            format: int64
+                            type: integer
+                          seLinuxOptions:
+                            properties:
+                              level:
+                                type: string
+                              role:
+                                type: string
+                              type:
+                                type: string
+                              user:
+                                type: string
+                            type: object
+                          seccompProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          windowsOptions:
+                            properties:
+                              gmsaCredentialSpec:
+                                type: string
+                              gmsaCredentialSpecName:
+                                type: string
+                              hostProcess:
+                                type: boolean
+                              runAsUserName:
+                                type: string
+                            type: object
+                        type: object
+                      serviceAccount:
+                        type: string
+                    type: object
+                  serviceAccount:
+                    properties:
+                      automountServiceAccountToken:
+                        type: boolean
+                      imagePullSecrets:
+                        items:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                      metadata:
+                        properties:
+                          annotations:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          labels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                        type: object
+                      secrets:
+                        items:
+                          properties:
+                            apiVersion:
+                              type: string
+                            fieldPath:
+                              type: string
+                            kind:
+                              type: string
+                            name:
+                              type: string
+                            namespace:
+                              type: string
+                            resourceVersion:
+                              type: string
+                            uid:
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                    type: object
+                  targetHost:
+                    type: string
+                  targetPort:
+                    format: int32
+                    type: integer
+                  tls:
+                    properties:
+                      enabled:
+                        type: boolean
+                      secretName:
+                        type: string
+                      sharedKey:
+                        type: string
+                    required:
+                    - enabled
+                    type: object
+                  varLogsPath:
+                    type: string
+                type: object
+              profile:
+                type: string
+            type: object
+          status:
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_outputs.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_outputs.yaml
new file mode 100644
index 0000000000..222995229d
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_outputs.yaml
@@ -0,0 +1,14078 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: outputs.logging.banzaicloud.io
+spec:
+  group: logging.banzaicloud.io
+  names:
+    categories:
+    - logging-all
+    kind: Output
+    listKind: OutputList
+    plural: outputs
+    singular: output
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - description: Is the output active?
+      jsonPath: .status.active
+      name: Active
+      type: boolean
+    - description: Number of problems
+      jsonPath: .status.problemsCount
+      name: Problems
+      type: integer
+    name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              awsElasticsearch:
+                properties:
+                  api_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  application_name:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  bulk_message_request_threshold:
+                    type: string
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key_pass:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  compression_level:
+                    type: string
+                  content_type:
+                    type: string
+                  custom_headers:
+                    type: string
+                  customize_template:
+                    type: string
+                  data_stream_enable:
+                    type: boolean
+                  data_stream_ilm_name:
+                    type: string
+                  data_stream_ilm_policy:
+                    type: string
+                  data_stream_ilm_policy_overwrite:
+                    type: boolean
+                  data_stream_name:
+                    type: string
+                  data_stream_template_name:
+                    type: string
+                  default_elasticsearch_version:
+                    type: string
+                  deflector_alias:
+                    type: string
+                  enable_ilm:
+                    type: boolean
+                  endpoint:
+                    properties:
+                      access_key_id:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_arn:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_session_name:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_web_identity_token_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ecs_container_credentials_relative_uri:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      region:
+                        type: string
+                      secret_access_key:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      sts_credentials_region:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      url:
+                        type: string
+                    type: object
+                  exception_backup:
+                    type: boolean
+                  fail_on_detecting_es_version_retry_exceed:
+                    type: boolean
+                  fail_on_putting_template_retry_exceed:
+                    type: boolean
+                  flatten_hashes:
+                    type: boolean
+                  flatten_hashes_separator:
+                    type: string
+                  flush_interval:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  host:
+                    type: string
+                  hosts:
+                    type: string
+                  http_backend:
+                    type: string
+                  id_key:
+                    type: string
+                  ignore_exceptions:
+                    type: string
+                  ilm_policy:
+                    type: string
+                  ilm_policy_id:
+                    type: string
+                  ilm_policy_overwrite:
+                    type: boolean
+                  include_index_in_url:
+                    type: boolean
+                  include_tag_key:
+                    type: boolean
+                  include_timestamp:
+                    type: boolean
+                  index_date_pattern:
+                    type: string
+                  index_name:
+                    type: string
+                  index_prefix:
+                    type: string
+                  log_es_400_reason:
+                    type: boolean
+                  logstash_dateformat:
+                    type: string
+                  logstash_format:
+                    type: boolean
+                  logstash_prefix:
+                    type: string
+                  logstash_prefix_separator:
+                    type: string
+                  max_retry_get_es_version:
+                    type: string
+                  max_retry_putting_template:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  path:
+                    type: string
+                  pipeline:
+                    type: string
+                  port:
+                    type: integer
+                  prefer_oj_serializer:
+                    type: boolean
+                  reconnect_on_error:
+                    type: boolean
+                  reload_after:
+                    type: string
+                  reload_connections:
+                    type: boolean
+                  reload_on_failure:
+                    type: boolean
+                  remove_keys:
+                    type: string
+                  remove_keys_on_update:
+                    type: string
+                  remove_keys_on_update_key:
+                    type: string
+                  request_timeout:
+                    type: string
+                  resurrect_after:
+                    type: string
+                  retry_tag:
+                    type: string
+                  rollover_index:
+                    type: boolean
+                  routing_key:
+                    type: string
+                  scheme:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sniffer_class_name:
+                    type: string
+                  ssl_max_version:
+                    type: string
+                  ssl_min_version:
+                    type: string
+                  ssl_verify:
+                    type: boolean
+                  ssl_version:
+                    type: string
+                  suppress_doc_wrap:
+                    type: boolean
+                  suppress_type_name:
+                    type: boolean
+                  tag_key:
+                    type: string
+                  target_index_key:
+                    type: string
+                  target_type_key:
+                    type: string
+                  template_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  template_name:
+                    type: string
+                  template_overwrite:
+                    type: boolean
+                  templates:
+                    type: string
+                  time_key:
+                    type: string
+                  time_key_format:
+                    type: string
+                  time_parse_error_tag:
+                    type: string
+                  time_precision:
+                    type: string
+                  type_name:
+                    type: string
+                  unrecoverable_error_types:
+                    type: string
+                  use_legacy_template:
+                    type: boolean
+                  user:
+                    type: string
+                  utc_index:
+                    type: boolean
+                  validate_client_version:
+                    type: boolean
+                  verify_es_version_at_startup:
+                    type: boolean
+                  with_transporter_log:
+                    type: boolean
+                  write_operation:
+                    type: string
+                type: object
+              azurestorage:
+                properties:
+                  auto_create_container:
+                    type: boolean
+                  azure_cloud:
+                    type: string
+                  azure_container:
+                    type: string
+                  azure_imds_api_version:
+                    type: string
+                  azure_object_key_format:
+                    type: string
+                  azure_storage_access_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  azure_storage_account:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  azure_storage_sas_token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  format:
+                    type: string
+                  path:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                required:
+                - azure_container
+                - azure_storage_account
+                type: object
+              cloudwatch:
+                properties:
+                  auto_create_stream:
+                    type: boolean
+                  aws_instance_profile_credentials_retries:
+                    type: integer
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sts_role_arn:
+                    type: string
+                  aws_sts_session_name:
+                    type: string
+                  aws_use_sts:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  concurrency:
+                    type: integer
+                  endpoint:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  http_proxy:
+                    type: string
+                  include_time_key:
+                    type: boolean
+                  json_handler:
+                    type: string
+                  localtime:
+                    type: boolean
+                  log_group_aws_tags:
+                    type: string
+                  log_group_aws_tags_key:
+                    type: string
+                  log_group_name:
+                    type: string
+                  log_group_name_key:
+                    type: string
+                  log_rejected_request:
+                    type: string
+                  log_stream_name:
+                    type: string
+                  log_stream_name_key:
+                    type: string
+                  max_events_per_batch:
+                    type: integer
+                  max_message_length:
+                    type: integer
+                  message_keys:
+                    type: string
+                  put_log_events_disable_retry_limit:
+                    type: boolean
+                  put_log_events_retry_limit:
+                    type: integer
+                  put_log_events_retry_wait:
+                    type: string
+                  region:
+                    type: string
+                  remove_log_group_aws_tags_key:
+                    type: string
+                  remove_log_group_name_key:
+                    type: string
+                  remove_log_stream_name_key:
+                    type: string
+                  remove_retention_in_days:
+                    type: string
+                  retention_in_days:
+                    type: string
+                  retention_in_days_key:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  use_tag_as_group:
+                    type: boolean
+                  use_tag_as_stream:
+                    type: boolean
+                required:
+                - region
+                type: object
+              datadog:
+                properties:
+                  api_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  compression_level:
+                    type: string
+                  dd_hostname:
+                    type: string
+                  dd_source:
+                    type: string
+                  dd_sourcecategory:
+                    type: string
+                  dd_tags:
+                    type: string
+                  host:
+                    type: string
+                  include_tag_key:
+                    type: boolean
+                  max_backoff:
+                    type: string
+                  max_retries:
+                    type: string
+                  no_ssl_validation:
+                    type: boolean
+                  port:
+                    type: string
+                  service:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  ssl_port:
+                    type: string
+                  tag_key:
+                    type: string
+                  timestamp_key:
+                    type: string
+                  use_compression:
+                    type: boolean
+                  use_http:
+                    type: boolean
+                  use_json:
+                    type: boolean
+                  use_ssl:
+                    type: boolean
+                required:
+                - api_key
+                type: object
+              elasticsearch:
+                properties:
+                  api_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  application_name:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  bulk_message_request_threshold:
+                    type: string
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key_pass:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  compression_level:
+                    type: string
+                  content_type:
+                    type: string
+                  custom_headers:
+                    type: string
+                  customize_template:
+                    type: string
+                  data_stream_enable:
+                    type: boolean
+                  data_stream_ilm_name:
+                    type: string
+                  data_stream_ilm_policy:
+                    type: string
+                  data_stream_ilm_policy_overwrite:
+                    type: boolean
+                  data_stream_name:
+                    type: string
+                  data_stream_template_name:
+                    type: string
+                  default_elasticsearch_version:
+                    type: string
+                  deflector_alias:
+                    type: string
+                  enable_ilm:
+                    type: boolean
+                  exception_backup:
+                    type: boolean
+                  fail_on_detecting_es_version_retry_exceed:
+                    type: boolean
+                  fail_on_putting_template_retry_exceed:
+                    type: boolean
+                  flatten_hashes:
+                    type: boolean
+                  flatten_hashes_separator:
+                    type: string
+                  host:
+                    type: string
+                  hosts:
+                    type: string
+                  http_backend:
+                    type: string
+                  id_key:
+                    type: string
+                  ignore_exceptions:
+                    type: string
+                  ilm_policy:
+                    type: string
+                  ilm_policy_id:
+                    type: string
+                  ilm_policy_overwrite:
+                    type: boolean
+                  include_index_in_url:
+                    type: boolean
+                  include_tag_key:
+                    type: boolean
+                  include_timestamp:
+                    type: boolean
+                  index_date_pattern:
+                    type: string
+                  index_name:
+                    type: string
+                  index_prefix:
+                    type: string
+                  log_es_400_reason:
+                    type: boolean
+                  logstash_dateformat:
+                    type: string
+                  logstash_format:
+                    type: boolean
+                  logstash_prefix:
+                    type: string
+                  logstash_prefix_separator:
+                    type: string
+                  max_retry_get_es_version:
+                    type: string
+                  max_retry_putting_template:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  path:
+                    type: string
+                  pipeline:
+                    type: string
+                  port:
+                    type: integer
+                  prefer_oj_serializer:
+                    type: boolean
+                  reconnect_on_error:
+                    type: boolean
+                  reload_after:
+                    type: string
+                  reload_connections:
+                    type: boolean
+                  reload_on_failure:
+                    type: boolean
+                  remove_keys:
+                    type: string
+                  remove_keys_on_update:
+                    type: string
+                  remove_keys_on_update_key:
+                    type: string
+                  request_timeout:
+                    type: string
+                  resurrect_after:
+                    type: string
+                  retry_tag:
+                    type: string
+                  rollover_index:
+                    type: boolean
+                  routing_key:
+                    type: string
+                  scheme:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sniffer_class_name:
+                    type: string
+                  ssl_max_version:
+                    type: string
+                  ssl_min_version:
+                    type: string
+                  ssl_verify:
+                    type: boolean
+                  ssl_version:
+                    type: string
+                  suppress_doc_wrap:
+                    type: boolean
+                  suppress_type_name:
+                    type: boolean
+                  tag_key:
+                    type: string
+                  target_index_key:
+                    type: string
+                  target_type_key:
+                    type: string
+                  template_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  template_name:
+                    type: string
+                  template_overwrite:
+                    type: boolean
+                  templates:
+                    type: string
+                  time_key:
+                    type: string
+                  time_key_format:
+                    type: string
+                  time_parse_error_tag:
+                    type: string
+                  time_precision:
+                    type: string
+                  type_name:
+                    type: string
+                  unrecoverable_error_types:
+                    type: string
+                  use_legacy_template:
+                    type: boolean
+                  user:
+                    type: string
+                  utc_index:
+                    type: boolean
+                  validate_client_version:
+                    type: boolean
+                  verify_es_version_at_startup:
+                    type: boolean
+                  with_transporter_log:
+                    type: boolean
+                  write_operation:
+                    type: string
+                type: object
+              file:
+                properties:
+                  add_path_suffix:
+                    type: boolean
+                  append:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  compress:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  path:
+                    type: string
+                  path_suffix:
+                    type: string
+                  recompress:
+                    type: boolean
+                  slow_flush_log_threshold:
+                    type: string
+                  symlink_path:
+                    type: boolean
+                required:
+                - path
+                type: object
+              forward:
+                properties:
+                  ack_response_timeout:
+                    type: integer
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  connect_timeout:
+                    type: integer
+                  dns_round_robin:
+                    type: boolean
+                  expire_dns_cache:
+                    type: integer
+                  hard_timeout:
+                    type: integer
+                  heartbeat_interval:
+                    type: integer
+                  heartbeat_type:
+                    type: string
+                  ignore_network_errors_at_startup:
+                    type: boolean
+                  keepalive:
+                    type: boolean
+                  keepalive_timeout:
+                    type: integer
+                  phi_failure_detector:
+                    type: boolean
+                  phi_threshold:
+                    type: integer
+                  recover_wait:
+                    type: integer
+                  require_ack_response:
+                    type: boolean
+                  security:
+                    properties:
+                      allow_anonymous_source:
+                        type: boolean
+                      self_hostname:
+                        type: string
+                      shared_key:
+                        type: string
+                      user_auth:
+                        type: boolean
+                    required:
+                    - self_hostname
+                    - shared_key
+                    type: object
+                  send_timeout:
+                    type: integer
+                  servers:
+                    items:
+                      properties:
+                        host:
+                          type: string
+                        name:
+                          type: string
+                        password:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        port:
+                          type: integer
+                        shared_key:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        standby:
+                          type: boolean
+                        username:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        weight:
+                          type: integer
+                      required:
+                      - host
+                      type: object
+                    type: array
+                  slow_flush_log_threshold:
+                    type: string
+                  time_as_integer:
+                    type: boolean
+                  tls_allow_self_signed_cert:
+                    type: boolean
+                  tls_cert_logical_store_name:
+                    type: string
+                  tls_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_cert_thumbprint:
+                    type: string
+                  tls_cert_use_enterprise_store:
+                    type: boolean
+                  tls_ciphers:
+                    type: string
+                  tls_client_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_client_private_key_passphrase:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_client_private_key_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_insecure_mode:
+                    type: boolean
+                  tls_verify_hostname:
+                    type: boolean
+                  tls_version:
+                    type: string
+                  transport:
+                    type: string
+                  verify_connection_at_startup:
+                    type: boolean
+                required:
+                - servers
+                type: object
+              gcs:
+                properties:
+                  acl:
+                    type: string
+                  auto_create_bucket:
+                    type: boolean
+                  bucket:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  client_retries:
+                    type: integer
+                  client_timeout:
+                    type: integer
+                  credentials_json:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  encryption_key:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  hex_random_length:
+                    type: integer
+                  keyfile:
+                    type: string
+                  object_key_format:
+                    type: string
+                  object_metadata:
+                    items:
+                      properties:
+                        key:
+                          type: string
+                        value:
+                          type: string
+                      required:
+                      - key
+                      - value
+                      type: object
+                    type: array
+                  overwrite:
+                    type: boolean
+                  path:
+                    type: string
+                  project:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  storage_class:
+                    type: string
+                  store_as:
+                    type: string
+                  transcoding:
+                    type: boolean
+                required:
+                - bucket
+                - project
+                type: object
+              gelf:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  host:
+                    type: string
+                  port:
+                    type: integer
+                  protocol:
+                    type: string
+                  tls:
+                    type: boolean
+                  tls_options:
+                    additionalProperties:
+                      type: string
+                    type: object
+                required:
+                - host
+                - port
+                type: object
+              http:
+                properties:
+                  auth:
+                    properties:
+                      password:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      username:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                    required:
+                    - password
+                    - username
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  content_type:
+                    type: string
+                  endpoint:
+                    type: string
+                  error_response_as_unrecoverable:
+                    type: boolean
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  headers:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  http_method:
+                    type: string
+                  json_array:
+                    type: boolean
+                  open_timeout:
+                    type: integer
+                  proxy:
+                    type: string
+                  read_timeout:
+                    type: integer
+                  retryable_response_codes:
+                    items:
+                      type: integer
+                    type: array
+                  slow_flush_log_threshold:
+                    type: string
+                  ssl_timeout:
+                    type: integer
+                  tls_ca_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_ciphers:
+                    type: string
+                  tls_client_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_private_key_passphrase:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_private_key_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_verify_mode:
+                    type: string
+                  tls_version:
+                    type: string
+                required:
+                - endpoint
+                type: object
+              kafka:
+                properties:
+                  ack_timeout:
+                    type: integer
+                  brokers:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  client_id:
+                    type: string
+                  compression_codec:
+                    type: string
+                  default_message_key:
+                    type: string
+                  default_partition_key:
+                    type: string
+                  default_topic:
+                    type: string
+                  discard_kafka_delivery_failed:
+                    type: boolean
+                  exclude_partion_key:
+                    type: boolean
+                  exclude_topic_key:
+                    type: boolean
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  get_kafka_client_log:
+                    type: boolean
+                  headers:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  headers_from_record:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  idempotent:
+                    type: boolean
+                  kafka_agg_max_bytes:
+                    type: integer
+                  kafka_agg_max_messages:
+                    type: integer
+                  keytab:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  max_send_retries:
+                    type: integer
+                  message_key_key:
+                    type: string
+                  partition_key:
+                    type: string
+                  partition_key_key:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  principal:
+                    type: string
+                  required_acks:
+                    type: integer
+                  sasl_over_ssl:
+                    type: boolean
+                  scram_mechanism:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  ssl_ca_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ssl_ca_certs_from_system:
+                    type: boolean
+                  ssl_client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ssl_client_cert_chain:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ssl_client_cert_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ssl_verify_hostname:
+                    type: boolean
+                  topic_key:
+                    type: string
+                  use_default_for_unknown_topic:
+                    type: boolean
+                  username:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                required:
+                - brokers
+                - format
+                type: object
+              kinesisStream:
+                properties:
+                  assume_role_credentials:
+                    properties:
+                      duration_seconds:
+                        type: string
+                      external_id:
+                        type: string
+                      policy:
+                        type: string
+                      role_arn:
+                        type: string
+                      role_session_name:
+                        type: string
+                    required:
+                    - role_arn
+                    - role_session_name
+                    type: object
+                  aws_iam_retries:
+                    type: integer
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_ses_token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  batch_request_max_count:
+                    type: integer
+                  batch_request_max_size:
+                    type: integer
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  partition_key:
+                    type: string
+                  process_credentials:
+                    properties:
+                      process:
+                        type: string
+                    required:
+                    - process
+                    type: object
+                  region:
+                    type: string
+                  reset_backoff_if_success:
+                    type: boolean
+                  retries_on_batch_request:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                  stream_name:
+                    type: string
+                required:
+                - stream_name
+                type: object
+              logdna:
+                properties:
+                  api_key:
+                    type: string
+                  app:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  hostname:
+                    type: string
+                  ingester_domain:
+                    type: string
+                  ingester_endpoint:
+                    type: string
+                  request_timeout:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  tags:
+                    type: string
+                required:
+                - api_key
+                - hostname
+                type: object
+              loggingRef:
+                type: string
+              logz:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  bulk_limit:
+                    type: integer
+                  bulk_limit_warning_limit:
+                    type: integer
+                  endpoint:
+                    properties:
+                      port:
+                        type: integer
+                      token:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      url:
+                        type: string
+                    type: object
+                  gzip:
+                    type: boolean
+                  http_idle_timeout:
+                    type: integer
+                  output_include_tags:
+                    type: boolean
+                  output_include_time:
+                    type: boolean
+                  retry_count:
+                    type: integer
+                  retry_sleep:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                required:
+                - endpoint
+                type: object
+              loki:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  ca_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  configure_kubernetes_labels:
+                    type: boolean
+                  drop_single_key:
+                    type: boolean
+                  extra_labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  extract_kubernetes_labels:
+                    type: boolean
+                  include_thread_label:
+                    type: boolean
+                  insecure_tls:
+                    type: boolean
+                  key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  line_format:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  remove_keys:
+                    items:
+                      type: string
+                    type: array
+                  slow_flush_log_threshold:
+                    type: string
+                  tenant:
+                    type: string
+                  url:
+                    type: string
+                  username:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                type: object
+              newrelic:
+                properties:
+                  api_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  base_uri:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  license_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                type: object
+              nullout:
+                type: object
+              opensearch:
+                properties:
+                  application_name:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  bulk_message_request_threshold:
+                    type: string
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  catch_transport_exception_on_retry:
+                    type: boolean
+                  client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key_pass:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  compression_level:
+                    type: string
+                  custom_headers:
+                    type: string
+                  customize_template:
+                    type: string
+                  data_stream_enable:
+                    type: boolean
+                  data_stream_name:
+                    type: string
+                  data_stream_template_name:
+                    type: string
+                  default_opensearch_version:
+                    type: integer
+                  emit_error_for_missing_id:
+                    type: boolean
+                  emit_error_label_event:
+                    type: boolean
+                  endpoint:
+                    properties:
+                      access_key_id:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_arn:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_session_name:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_web_identity_token_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ecs_container_credentials_relative_uri:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      region:
+                        type: string
+                      secret_access_key:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      sts_credentials_region:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      url:
+                        type: string
+                    required:
+                    - url
+                    type: object
+                  exception_backup:
+                    type: boolean
+                  fail_on_detecting_os_version_retry_exceed:
+                    type: boolean
+                  fail_on_putting_template_retry_exceed:
+                    type: boolean
+                  flatten_hashes:
+                    type: boolean
+                  flatten_hashes_separator:
+                    type: string
+                  host:
+                    type: string
+                  hosts:
+                    type: string
+                  http_backend:
+                    type: string
+                  http_backend_excon_nonblock:
+                    type: boolean
+                  id_key:
+                    type: string
+                  ignore_exceptions:
+                    type: string
+                  include_index_in_url:
+                    type: boolean
+                  include_tag_key:
+                    type: boolean
+                  include_timestamp:
+                    type: boolean
+                  index_date_pattern:
+                    type: string
+                  index_name:
+                    type: string
+                  index_separator:
+                    type: string
+                  log_os_400_reason:
+                    type: boolean
+                  logstash_dateformat:
+                    type: string
+                  logstash_format:
+                    type: boolean
+                  logstash_prefix:
+                    type: string
+                  logstash_prefix_separator:
+                    type: string
+                  max_retry_get_os_version:
+                    type: integer
+                  max_retry_putting_template:
+                    type: string
+                  parent_key:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  path:
+                    type: string
+                  pipeline:
+                    type: string
+                  port:
+                    type: integer
+                  prefer_oj_serializer:
+                    type: boolean
+                  reconnect_on_error:
+                    type: boolean
+                  reload_after:
+                    type: string
+                  reload_connections:
+                    type: boolean
+                  reload_on_failure:
+                    type: boolean
+                  remove_keys_on_update:
+                    type: string
+                  remove_keys_on_update_key:
+                    type: string
+                  request_timeout:
+                    type: string
+                  resurrect_after:
+                    type: string
+                  retry_tag:
+                    type: string
+                  routing_key:
+                    type: string
+                  scheme:
+                    type: string
+                  selector_class_name:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sniffer_class_name:
+                    type: string
+                  ssl_verify:
+                    type: boolean
+                  ssl_version:
+                    type: string
+                  suppress_doc_wrap:
+                    type: boolean
+                  suppress_type_name:
+                    type: boolean
+                  tag_key:
+                    type: string
+                  target_index_affinity:
+                    type: boolean
+                  target_index_key:
+                    type: string
+                  template_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  template_name:
+                    type: string
+                  template_overwrite:
+                    type: boolean
+                  templates:
+                    type: string
+                  time_key:
+                    type: string
+                  time_key_exclude_timestamp:
+                    type: boolean
+                  time_key_format:
+                    type: string
+                  time_parse_error_tag:
+                    type: string
+                  time_precision:
+                    type: string
+                  truncate_caches_interval:
+                    type: string
+                  unrecoverable_error_types:
+                    type: string
+                  unrecoverable_record_types:
+                    type: string
+                  use_legacy_template:
+                    type: boolean
+                  user:
+                    type: string
+                  utc_index:
+                    type: boolean
+                  validate_client_version:
+                    type: boolean
+                  verify_os_version_at_startup:
+                    type: boolean
+                  with_transporter_log:
+                    type: boolean
+                  write_operation:
+                    type: string
+                type: object
+              oss:
+                properties:
+                  access_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  access_key_secret:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  auto_create_bucket:
+                    type: boolean
+                  bucket:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  check_bucket:
+                    type: boolean
+                  check_object:
+                    type: boolean
+                  download_crc_enable:
+                    type: boolean
+                  endpoint:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  hex_random_length:
+                    type: integer
+                  index_format:
+                    type: string
+                  key_format:
+                    type: string
+                  open_timeout:
+                    type: integer
+                  oss_sdk_log_dir:
+                    type: string
+                  overwrite:
+                    type: boolean
+                  path:
+                    type: string
+                  read_timeout:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                  store_as:
+                    type: string
+                  upload_crc_enable:
+                    type: boolean
+                  warn_for_delay:
+                    type: string
+                required:
+                - access_key_id
+                - access_key_secret
+                - bucket
+                - endpoint
+                type: object
+              redis:
+                properties:
+                  allow_duplicate_key:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  db_number:
+                    type: integer
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  host:
+                    type: string
+                  insert_key_prefix:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  port:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                  strftime_format:
+                    type: string
+                  ttl:
+                    type: integer
+                type: object
+              relabel:
+                properties:
+                  label:
+                    type: string
+                required:
+                - label
+                type: object
+              s3:
+                properties:
+                  acl:
+                    type: string
+                  assume_role_credentials:
+                    properties:
+                      duration_seconds:
+                        type: string
+                      external_id:
+                        type: string
+                      policy:
+                        type: string
+                      role_arn:
+                        type: string
+                      role_session_name:
+                        type: string
+                    required:
+                    - role_arn
+                    - role_session_name
+                    type: object
+                  auto_create_bucket:
+                    type: string
+                  aws_iam_retries:
+                    type: string
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  check_apikey_on_start:
+                    type: string
+                  check_bucket:
+                    type: string
+                  check_object:
+                    type: string
+                  clustername:
+                    type: string
+                  compress:
+                    properties:
+                      parquet_compression_codec:
+                        type: string
+                      parquet_page_size:
+                        type: string
+                      parquet_row_group_size:
+                        type: string
+                      record_type:
+                        type: string
+                      schema_file:
+                        type: string
+                      schema_type:
+                        type: string
+                    type: object
+                  compute_checksums:
+                    type: string
+                  enable_transfer_acceleration:
+                    type: string
+                  force_path_style:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  grant_full_control:
+                    type: string
+                  grant_read:
+                    type: string
+                  grant_read_acp:
+                    type: string
+                  grant_write_acp:
+                    type: string
+                  hex_random_length:
+                    type: string
+                  index_format:
+                    type: string
+                  instance_profile_credentials:
+                    properties:
+                      http_open_timeout:
+                        type: string
+                      http_read_timeout:
+                        type: string
+                      ip_address:
+                        type: string
+                      port:
+                        type: string
+                      retries:
+                        type: string
+                    type: object
+                  oneeye_format:
+                    type: boolean
+                  overwrite:
+                    type: string
+                  path:
+                    type: string
+                  proxy_uri:
+                    type: string
+                  s3_bucket:
+                    type: string
+                  s3_endpoint:
+                    type: string
+                  s3_metadata:
+                    type: string
+                  s3_object_key_format:
+                    type: string
+                  s3_region:
+                    type: string
+                  shared_credentials:
+                    properties:
+                      path:
+                        type: string
+                      profile_name:
+                        type: string
+                    type: object
+                  signature_version:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sse_customer_algorithm:
+                    type: string
+                  sse_customer_key:
+                    type: string
+                  sse_customer_key_md5:
+                    type: string
+                  ssekms_key_id:
+                    type: string
+                  ssl_verify_peer:
+                    type: string
+                  storage_class:
+                    type: string
+                  store_as:
+                    type: string
+                  use_bundled_cert:
+                    type: string
+                  use_server_side_encryption:
+                    type: string
+                  warn_for_delay:
+                    type: string
+                required:
+                - s3_bucket
+                type: object
+              splunkHec:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ca_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  coerce_to_utf8:
+                    type: boolean
+                  data_type:
+                    type: string
+                  fields:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  hec_host:
+                    type: string
+                  hec_port:
+                    type: integer
+                  hec_token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  host:
+                    type: string
+                  host_key:
+                    type: string
+                  idle_timeout:
+                    type: integer
+                  index:
+                    type: string
+                  index_key:
+                    type: string
+                  insecure_ssl:
+                    type: boolean
+                  keep_keys:
+                    type: boolean
+                  metric_name_key:
+                    type: string
+                  metric_value_key:
+                    type: string
+                  metrics_from_event:
+                    type: boolean
+                  non_utf8_replacement_string:
+                    type: string
+                  open_timeout:
+                    type: integer
+                  protocol:
+                    type: string
+                  read_timeout:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                  source:
+                    type: string
+                  source_key:
+                    type: string
+                  sourcetype:
+                    type: string
+                  sourcetype_key:
+                    type: string
+                  ssl_ciphers:
+                    type: string
+                required:
+                - hec_host
+                - hec_token
+                type: object
+              sqs:
+                properties:
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  create_queue:
+                    type: boolean
+                  delay_seconds:
+                    type: integer
+                  include_tag:
+                    type: boolean
+                  message_group_id:
+                    type: string
+                  queue_name:
+                    type: string
+                  region:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sqs_url:
+                    type: string
+                  tag_property_name:
+                    type: string
+                type: object
+              sumologic:
+                properties:
+                  add_timestamp:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  compress:
+                    type: boolean
+                  compress_encoding:
+                    type: string
+                  custom_dimensions:
+                    type: string
+                  custom_fields:
+                    items:
+                      type: string
+                    type: array
+                  data_type:
+                    type: string
+                  delimiter:
+                    type: string
+                  disable_cookies:
+                    type: boolean
+                  endpoint:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  log_format:
+                    type: string
+                  log_key:
+                    type: string
+                  metric_data_format:
+                    type: string
+                  open_timeout:
+                    type: integer
+                  proxy_uri:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  source_category:
+                    type: string
+                  source_host:
+                    type: string
+                  source_name:
+                    type: string
+                  source_name_key:
+                    type: string
+                  sumo_client:
+                    type: string
+                  timestamp_key:
+                    type: string
+                  verify_ssl:
+                    type: boolean
+                required:
+                - endpoint
+                - source_name
+                type: object
+              syslog:
+                properties:
+                  allow_self_signed_cert:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  client_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  enable_system_cert_store:
+                    type: boolean
+                  format:
+                    properties:
+                      app_name_field:
+                        type: string
+                      hostname_field:
+                        type: string
+                      log_field:
+                        type: string
+                      message_id_field:
+                        type: string
+                      proc_id_field:
+                        type: string
+                      rfc6587_message_size:
+                        type: boolean
+                      structured_data_field:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  fqdn:
+                    type: string
+                  host:
+                    type: string
+                  insecure:
+                    type: boolean
+                  port:
+                    type: integer
+                  private_key_passphrase:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  private_key_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  slow_flush_log_threshold:
+                    type: string
+                  transport:
+                    type: string
+                  trusted_ca_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  verify_fqdn:
+                    type: boolean
+                  version:
+                    type: string
+                required:
+                - host
+                type: object
+            type: object
+          status:
+            properties:
+              active:
+                type: boolean
+              problems:
+                items:
+                  type: string
+                type: array
+              problemsCount:
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - additionalPrinterColumns:
+    - description: Is the output active?
+      jsonPath: .status.active
+      name: Active
+      type: boolean
+    - description: Number of problems
+      jsonPath: .status.problemsCount
+      name: Problems
+      type: integer
+    name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              awsElasticsearch:
+                properties:
+                  api_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  application_name:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  bulk_message_request_threshold:
+                    type: string
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key_pass:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  compression_level:
+                    type: string
+                  content_type:
+                    type: string
+                  custom_headers:
+                    type: string
+                  customize_template:
+                    type: string
+                  data_stream_enable:
+                    type: boolean
+                  data_stream_ilm_name:
+                    type: string
+                  data_stream_ilm_policy:
+                    type: string
+                  data_stream_ilm_policy_overwrite:
+                    type: boolean
+                  data_stream_name:
+                    type: string
+                  data_stream_template_name:
+                    type: string
+                  default_elasticsearch_version:
+                    type: string
+                  deflector_alias:
+                    type: string
+                  enable_ilm:
+                    type: boolean
+                  endpoint:
+                    properties:
+                      access_key_id:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_arn:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_session_name:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_web_identity_token_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ecs_container_credentials_relative_uri:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      region:
+                        type: string
+                      secret_access_key:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      sts_credentials_region:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      url:
+                        type: string
+                    type: object
+                  exception_backup:
+                    type: boolean
+                  fail_on_detecting_es_version_retry_exceed:
+                    type: boolean
+                  fail_on_putting_template_retry_exceed:
+                    type: boolean
+                  flatten_hashes:
+                    type: boolean
+                  flatten_hashes_separator:
+                    type: string
+                  flush_interval:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  host:
+                    type: string
+                  hosts:
+                    type: string
+                  http_backend:
+                    type: string
+                  id_key:
+                    type: string
+                  ignore_exceptions:
+                    type: string
+                  ilm_policy:
+                    type: string
+                  ilm_policy_id:
+                    type: string
+                  ilm_policy_overwrite:
+                    type: boolean
+                  include_index_in_url:
+                    type: boolean
+                  include_tag_key:
+                    type: boolean
+                  include_timestamp:
+                    type: boolean
+                  index_date_pattern:
+                    type: string
+                  index_name:
+                    type: string
+                  index_prefix:
+                    type: string
+                  log_es_400_reason:
+                    type: boolean
+                  logstash_dateformat:
+                    type: string
+                  logstash_format:
+                    type: boolean
+                  logstash_prefix:
+                    type: string
+                  logstash_prefix_separator:
+                    type: string
+                  max_retry_get_es_version:
+                    type: string
+                  max_retry_putting_template:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  path:
+                    type: string
+                  pipeline:
+                    type: string
+                  port:
+                    type: integer
+                  prefer_oj_serializer:
+                    type: boolean
+                  reconnect_on_error:
+                    type: boolean
+                  reload_after:
+                    type: string
+                  reload_connections:
+                    type: boolean
+                  reload_on_failure:
+                    type: boolean
+                  remove_keys:
+                    type: string
+                  remove_keys_on_update:
+                    type: string
+                  remove_keys_on_update_key:
+                    type: string
+                  request_timeout:
+                    type: string
+                  resurrect_after:
+                    type: string
+                  retry_tag:
+                    type: string
+                  rollover_index:
+                    type: boolean
+                  routing_key:
+                    type: string
+                  scheme:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sniffer_class_name:
+                    type: string
+                  ssl_max_version:
+                    type: string
+                  ssl_min_version:
+                    type: string
+                  ssl_verify:
+                    type: boolean
+                  ssl_version:
+                    type: string
+                  suppress_doc_wrap:
+                    type: boolean
+                  suppress_type_name:
+                    type: boolean
+                  tag_key:
+                    type: string
+                  target_index_key:
+                    type: string
+                  target_type_key:
+                    type: string
+                  template_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  template_name:
+                    type: string
+                  template_overwrite:
+                    type: boolean
+                  templates:
+                    type: string
+                  time_key:
+                    type: string
+                  time_key_format:
+                    type: string
+                  time_parse_error_tag:
+                    type: string
+                  time_precision:
+                    type: string
+                  type_name:
+                    type: string
+                  unrecoverable_error_types:
+                    type: string
+                  use_legacy_template:
+                    type: boolean
+                  user:
+                    type: string
+                  utc_index:
+                    type: boolean
+                  validate_client_version:
+                    type: boolean
+                  verify_es_version_at_startup:
+                    type: boolean
+                  with_transporter_log:
+                    type: boolean
+                  write_operation:
+                    type: string
+                type: object
+              azurestorage:
+                properties:
+                  auto_create_container:
+                    type: boolean
+                  azure_cloud:
+                    type: string
+                  azure_container:
+                    type: string
+                  azure_imds_api_version:
+                    type: string
+                  azure_object_key_format:
+                    type: string
+                  azure_storage_access_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  azure_storage_account:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  azure_storage_sas_token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  format:
+                    type: string
+                  path:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                required:
+                - azure_container
+                - azure_storage_account
+                type: object
+              cloudwatch:
+                properties:
+                  auto_create_stream:
+                    type: boolean
+                  aws_instance_profile_credentials_retries:
+                    type: integer
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sts_role_arn:
+                    type: string
+                  aws_sts_session_name:
+                    type: string
+                  aws_use_sts:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  concurrency:
+                    type: integer
+                  endpoint:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  http_proxy:
+                    type: string
+                  include_time_key:
+                    type: boolean
+                  json_handler:
+                    type: string
+                  localtime:
+                    type: boolean
+                  log_group_aws_tags:
+                    type: string
+                  log_group_aws_tags_key:
+                    type: string
+                  log_group_name:
+                    type: string
+                  log_group_name_key:
+                    type: string
+                  log_rejected_request:
+                    type: string
+                  log_stream_name:
+                    type: string
+                  log_stream_name_key:
+                    type: string
+                  max_events_per_batch:
+                    type: integer
+                  max_message_length:
+                    type: integer
+                  message_keys:
+                    type: string
+                  put_log_events_disable_retry_limit:
+                    type: boolean
+                  put_log_events_retry_limit:
+                    type: integer
+                  put_log_events_retry_wait:
+                    type: string
+                  region:
+                    type: string
+                  remove_log_group_aws_tags_key:
+                    type: string
+                  remove_log_group_name_key:
+                    type: string
+                  remove_log_stream_name_key:
+                    type: string
+                  remove_retention_in_days:
+                    type: string
+                  retention_in_days:
+                    type: string
+                  retention_in_days_key:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  use_tag_as_group:
+                    type: boolean
+                  use_tag_as_stream:
+                    type: boolean
+                required:
+                - region
+                type: object
+              datadog:
+                properties:
+                  api_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  compression_level:
+                    type: string
+                  dd_hostname:
+                    type: string
+                  dd_source:
+                    type: string
+                  dd_sourcecategory:
+                    type: string
+                  dd_tags:
+                    type: string
+                  host:
+                    type: string
+                  include_tag_key:
+                    type: boolean
+                  max_backoff:
+                    type: string
+                  max_retries:
+                    type: string
+                  no_ssl_validation:
+                    type: boolean
+                  port:
+                    type: string
+                  service:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  ssl_port:
+                    type: string
+                  tag_key:
+                    type: string
+                  timestamp_key:
+                    type: string
+                  use_compression:
+                    type: boolean
+                  use_http:
+                    type: boolean
+                  use_json:
+                    type: boolean
+                  use_ssl:
+                    type: boolean
+                required:
+                - api_key
+                type: object
+              elasticsearch:
+                properties:
+                  api_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  application_name:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  bulk_message_request_threshold:
+                    type: string
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key_pass:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  compression_level:
+                    type: string
+                  content_type:
+                    type: string
+                  custom_headers:
+                    type: string
+                  customize_template:
+                    type: string
+                  data_stream_enable:
+                    type: boolean
+                  data_stream_ilm_name:
+                    type: string
+                  data_stream_ilm_policy:
+                    type: string
+                  data_stream_ilm_policy_overwrite:
+                    type: boolean
+                  data_stream_name:
+                    type: string
+                  data_stream_template_name:
+                    type: string
+                  default_elasticsearch_version:
+                    type: string
+                  deflector_alias:
+                    type: string
+                  enable_ilm:
+                    type: boolean
+                  exception_backup:
+                    type: boolean
+                  fail_on_detecting_es_version_retry_exceed:
+                    type: boolean
+                  fail_on_putting_template_retry_exceed:
+                    type: boolean
+                  flatten_hashes:
+                    type: boolean
+                  flatten_hashes_separator:
+                    type: string
+                  host:
+                    type: string
+                  hosts:
+                    type: string
+                  http_backend:
+                    type: string
+                  id_key:
+                    type: string
+                  ignore_exceptions:
+                    type: string
+                  ilm_policy:
+                    type: string
+                  ilm_policy_id:
+                    type: string
+                  ilm_policy_overwrite:
+                    type: boolean
+                  include_index_in_url:
+                    type: boolean
+                  include_tag_key:
+                    type: boolean
+                  include_timestamp:
+                    type: boolean
+                  index_date_pattern:
+                    type: string
+                  index_name:
+                    type: string
+                  index_prefix:
+                    type: string
+                  log_es_400_reason:
+                    type: boolean
+                  logstash_dateformat:
+                    type: string
+                  logstash_format:
+                    type: boolean
+                  logstash_prefix:
+                    type: string
+                  logstash_prefix_separator:
+                    type: string
+                  max_retry_get_es_version:
+                    type: string
+                  max_retry_putting_template:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  path:
+                    type: string
+                  pipeline:
+                    type: string
+                  port:
+                    type: integer
+                  prefer_oj_serializer:
+                    type: boolean
+                  reconnect_on_error:
+                    type: boolean
+                  reload_after:
+                    type: string
+                  reload_connections:
+                    type: boolean
+                  reload_on_failure:
+                    type: boolean
+                  remove_keys:
+                    type: string
+                  remove_keys_on_update:
+                    type: string
+                  remove_keys_on_update_key:
+                    type: string
+                  request_timeout:
+                    type: string
+                  resurrect_after:
+                    type: string
+                  retry_tag:
+                    type: string
+                  rollover_index:
+                    type: boolean
+                  routing_key:
+                    type: string
+                  scheme:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sniffer_class_name:
+                    type: string
+                  ssl_max_version:
+                    type: string
+                  ssl_min_version:
+                    type: string
+                  ssl_verify:
+                    type: boolean
+                  ssl_version:
+                    type: string
+                  suppress_doc_wrap:
+                    type: boolean
+                  suppress_type_name:
+                    type: boolean
+                  tag_key:
+                    type: string
+                  target_index_key:
+                    type: string
+                  target_type_key:
+                    type: string
+                  template_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  template_name:
+                    type: string
+                  template_overwrite:
+                    type: boolean
+                  templates:
+                    type: string
+                  time_key:
+                    type: string
+                  time_key_format:
+                    type: string
+                  time_parse_error_tag:
+                    type: string
+                  time_precision:
+                    type: string
+                  type_name:
+                    type: string
+                  unrecoverable_error_types:
+                    type: string
+                  use_legacy_template:
+                    type: boolean
+                  user:
+                    type: string
+                  utc_index:
+                    type: boolean
+                  validate_client_version:
+                    type: boolean
+                  verify_es_version_at_startup:
+                    type: boolean
+                  with_transporter_log:
+                    type: boolean
+                  write_operation:
+                    type: string
+                type: object
+              file:
+                properties:
+                  add_path_suffix:
+                    type: boolean
+                  append:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  compress:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  path:
+                    type: string
+                  path_suffix:
+                    type: string
+                  recompress:
+                    type: boolean
+                  slow_flush_log_threshold:
+                    type: string
+                  symlink_path:
+                    type: boolean
+                required:
+                - path
+                type: object
+              forward:
+                properties:
+                  ack_response_timeout:
+                    type: integer
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  connect_timeout:
+                    type: integer
+                  dns_round_robin:
+                    type: boolean
+                  expire_dns_cache:
+                    type: integer
+                  hard_timeout:
+                    type: integer
+                  heartbeat_interval:
+                    type: integer
+                  heartbeat_type:
+                    type: string
+                  ignore_network_errors_at_startup:
+                    type: boolean
+                  keepalive:
+                    type: boolean
+                  keepalive_timeout:
+                    type: integer
+                  phi_failure_detector:
+                    type: boolean
+                  phi_threshold:
+                    type: integer
+                  recover_wait:
+                    type: integer
+                  require_ack_response:
+                    type: boolean
+                  security:
+                    properties:
+                      allow_anonymous_source:
+                        type: boolean
+                      self_hostname:
+                        type: string
+                      shared_key:
+                        type: string
+                      user_auth:
+                        type: boolean
+                    required:
+                    - self_hostname
+                    - shared_key
+                    type: object
+                  send_timeout:
+                    type: integer
+                  servers:
+                    items:
+                      properties:
+                        host:
+                          type: string
+                        name:
+                          type: string
+                        password:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        port:
+                          type: integer
+                        shared_key:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        standby:
+                          type: boolean
+                        username:
+                          properties:
+                            mountFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            value:
+                              type: string
+                            valueFrom:
+                              properties:
+                                secretKeyRef:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                          type: object
+                        weight:
+                          type: integer
+                      required:
+                      - host
+                      type: object
+                    type: array
+                  slow_flush_log_threshold:
+                    type: string
+                  time_as_integer:
+                    type: boolean
+                  tls_allow_self_signed_cert:
+                    type: boolean
+                  tls_cert_logical_store_name:
+                    type: string
+                  tls_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_cert_thumbprint:
+                    type: string
+                  tls_cert_use_enterprise_store:
+                    type: boolean
+                  tls_ciphers:
+                    type: string
+                  tls_client_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_client_private_key_passphrase:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_client_private_key_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_insecure_mode:
+                    type: boolean
+                  tls_verify_hostname:
+                    type: boolean
+                  tls_version:
+                    type: string
+                  transport:
+                    type: string
+                  verify_connection_at_startup:
+                    type: boolean
+                required:
+                - servers
+                type: object
+              gcs:
+                properties:
+                  acl:
+                    type: string
+                  auto_create_bucket:
+                    type: boolean
+                  bucket:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  client_retries:
+                    type: integer
+                  client_timeout:
+                    type: integer
+                  credentials_json:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  encryption_key:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  hex_random_length:
+                    type: integer
+                  keyfile:
+                    type: string
+                  object_key_format:
+                    type: string
+                  object_metadata:
+                    items:
+                      properties:
+                        key:
+                          type: string
+                        value:
+                          type: string
+                      required:
+                      - key
+                      - value
+                      type: object
+                    type: array
+                  overwrite:
+                    type: boolean
+                  path:
+                    type: string
+                  project:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  storage_class:
+                    type: string
+                  store_as:
+                    type: string
+                  transcoding:
+                    type: boolean
+                required:
+                - bucket
+                - project
+                type: object
+              gelf:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  host:
+                    type: string
+                  port:
+                    type: integer
+                  protocol:
+                    type: string
+                  tls:
+                    type: boolean
+                  tls_options:
+                    additionalProperties:
+                      type: string
+                    type: object
+                required:
+                - host
+                - port
+                type: object
+              http:
+                properties:
+                  auth:
+                    properties:
+                      password:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      username:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                    required:
+                    - password
+                    - username
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  content_type:
+                    type: string
+                  endpoint:
+                    type: string
+                  error_response_as_unrecoverable:
+                    type: boolean
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  headers:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  http_method:
+                    type: string
+                  json_array:
+                    type: boolean
+                  open_timeout:
+                    type: integer
+                  proxy:
+                    type: string
+                  read_timeout:
+                    type: integer
+                  retryable_response_codes:
+                    items:
+                      type: integer
+                    type: array
+                  slow_flush_log_threshold:
+                    type: string
+                  ssl_timeout:
+                    type: integer
+                  tls_ca_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_ciphers:
+                    type: string
+                  tls_client_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_private_key_passphrase:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_private_key_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  tls_verify_mode:
+                    type: string
+                  tls_version:
+                    type: string
+                required:
+                - endpoint
+                type: object
+              kafka:
+                properties:
+                  ack_timeout:
+                    type: integer
+                  brokers:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  client_id:
+                    type: string
+                  compression_codec:
+                    type: string
+                  default_message_key:
+                    type: string
+                  default_partition_key:
+                    type: string
+                  default_topic:
+                    type: string
+                  discard_kafka_delivery_failed:
+                    type: boolean
+                  exclude_partion_key:
+                    type: boolean
+                  exclude_topic_key:
+                    type: boolean
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  get_kafka_client_log:
+                    type: boolean
+                  headers:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  headers_from_record:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  idempotent:
+                    type: boolean
+                  kafka_agg_max_bytes:
+                    type: integer
+                  kafka_agg_max_messages:
+                    type: integer
+                  keytab:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  max_send_retries:
+                    type: integer
+                  message_key_key:
+                    type: string
+                  partition_key:
+                    type: string
+                  partition_key_key:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  principal:
+                    type: string
+                  required_acks:
+                    type: integer
+                  sasl_over_ssl:
+                    type: boolean
+                  scram_mechanism:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  ssl_ca_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ssl_ca_certs_from_system:
+                    type: boolean
+                  ssl_client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ssl_client_cert_chain:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ssl_client_cert_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ssl_verify_hostname:
+                    type: boolean
+                  topic_key:
+                    type: string
+                  use_default_for_unknown_topic:
+                    type: boolean
+                  username:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                required:
+                - brokers
+                - format
+                type: object
+              kinesisFirehose:
+                properties:
+                  append_new_line:
+                    type: boolean
+                  assume_role_credentials:
+                    properties:
+                      duration_seconds:
+                        type: string
+                      external_id:
+                        type: string
+                      policy:
+                        type: string
+                      role_arn:
+                        type: string
+                      role_session_name:
+                        type: string
+                    required:
+                    - role_arn
+                    - role_session_name
+                    type: object
+                  aws_iam_retries:
+                    type: integer
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_ses_token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  batch_request_max_count:
+                    type: integer
+                  batch_request_max_size:
+                    type: integer
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  delivery_stream_name:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  process_credentials:
+                    properties:
+                      process:
+                        type: string
+                    required:
+                    - process
+                    type: object
+                  region:
+                    type: string
+                  reset_backoff_if_success:
+                    type: boolean
+                  retries_on_batch_request:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                required:
+                - delivery_stream_name
+                type: object
+              kinesisStream:
+                properties:
+                  assume_role_credentials:
+                    properties:
+                      duration_seconds:
+                        type: string
+                      external_id:
+                        type: string
+                      policy:
+                        type: string
+                      role_arn:
+                        type: string
+                      role_session_name:
+                        type: string
+                    required:
+                    - role_arn
+                    - role_session_name
+                    type: object
+                  aws_iam_retries:
+                    type: integer
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_ses_token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  batch_request_max_count:
+                    type: integer
+                  batch_request_max_size:
+                    type: integer
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  partition_key:
+                    type: string
+                  process_credentials:
+                    properties:
+                      process:
+                        type: string
+                    required:
+                    - process
+                    type: object
+                  region:
+                    type: string
+                  reset_backoff_if_success:
+                    type: boolean
+                  retries_on_batch_request:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                  stream_name:
+                    type: string
+                required:
+                - stream_name
+                type: object
+              logdna:
+                properties:
+                  api_key:
+                    type: string
+                  app:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  hostname:
+                    type: string
+                  ingester_domain:
+                    type: string
+                  ingester_endpoint:
+                    type: string
+                  request_timeout:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  tags:
+                    type: string
+                required:
+                - api_key
+                - hostname
+                type: object
+              loggingRef:
+                type: string
+              logz:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  bulk_limit:
+                    type: integer
+                  bulk_limit_warning_limit:
+                    type: integer
+                  endpoint:
+                    properties:
+                      port:
+                        type: integer
+                      token:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      url:
+                        type: string
+                    type: object
+                  gzip:
+                    type: boolean
+                  http_idle_timeout:
+                    type: integer
+                  output_include_tags:
+                    type: boolean
+                  output_include_time:
+                    type: boolean
+                  retry_count:
+                    type: integer
+                  retry_sleep:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                required:
+                - endpoint
+                type: object
+              loki:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  ca_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  configure_kubernetes_labels:
+                    type: boolean
+                  drop_single_key:
+                    type: boolean
+                  extra_labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  extract_kubernetes_labels:
+                    type: boolean
+                  include_thread_label:
+                    type: boolean
+                  insecure_tls:
+                    type: boolean
+                  key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  line_format:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  remove_keys:
+                    items:
+                      type: string
+                    type: array
+                  slow_flush_log_threshold:
+                    type: string
+                  tenant:
+                    type: string
+                  url:
+                    type: string
+                  username:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                type: object
+              mattermost:
+                properties:
+                  ca_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  channel_id:
+                    type: string
+                  enable_tls:
+                    type: boolean
+                  message:
+                    type: string
+                  message_color:
+                    type: string
+                  message_title:
+                    type: string
+                  webhook_url:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                required:
+                - webhook_url
+                type: object
+              newrelic:
+                properties:
+                  api_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  base_uri:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  license_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                type: object
+              nullout:
+                type: object
+              opensearch:
+                properties:
+                  application_name:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  bulk_message_request_threshold:
+                    type: string
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  catch_transport_exception_on_retry:
+                    type: boolean
+                  client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key_pass:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  compression_level:
+                    type: string
+                  custom_headers:
+                    type: string
+                  customize_template:
+                    type: string
+                  data_stream_enable:
+                    type: boolean
+                  data_stream_name:
+                    type: string
+                  data_stream_template_name:
+                    type: string
+                  default_opensearch_version:
+                    type: integer
+                  emit_error_for_missing_id:
+                    type: boolean
+                  emit_error_label_event:
+                    type: boolean
+                  endpoint:
+                    properties:
+                      access_key_id:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_arn:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_session_name:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      assume_role_web_identity_token_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ecs_container_credentials_relative_uri:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      region:
+                        type: string
+                      secret_access_key:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      sts_credentials_region:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      url:
+                        type: string
+                    required:
+                    - url
+                    type: object
+                  exception_backup:
+                    type: boolean
+                  fail_on_detecting_os_version_retry_exceed:
+                    type: boolean
+                  fail_on_putting_template_retry_exceed:
+                    type: boolean
+                  flatten_hashes:
+                    type: boolean
+                  flatten_hashes_separator:
+                    type: string
+                  host:
+                    type: string
+                  hosts:
+                    type: string
+                  http_backend:
+                    type: string
+                  http_backend_excon_nonblock:
+                    type: boolean
+                  id_key:
+                    type: string
+                  ignore_exceptions:
+                    type: string
+                  include_index_in_url:
+                    type: boolean
+                  include_tag_key:
+                    type: boolean
+                  include_timestamp:
+                    type: boolean
+                  index_date_pattern:
+                    type: string
+                  index_name:
+                    type: string
+                  index_separator:
+                    type: string
+                  log_os_400_reason:
+                    type: boolean
+                  logstash_dateformat:
+                    type: string
+                  logstash_format:
+                    type: boolean
+                  logstash_prefix:
+                    type: string
+                  logstash_prefix_separator:
+                    type: string
+                  max_retry_get_os_version:
+                    type: integer
+                  max_retry_putting_template:
+                    type: string
+                  parent_key:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  path:
+                    type: string
+                  pipeline:
+                    type: string
+                  port:
+                    type: integer
+                  prefer_oj_serializer:
+                    type: boolean
+                  reconnect_on_error:
+                    type: boolean
+                  reload_after:
+                    type: string
+                  reload_connections:
+                    type: boolean
+                  reload_on_failure:
+                    type: boolean
+                  remove_keys_on_update:
+                    type: string
+                  remove_keys_on_update_key:
+                    type: string
+                  request_timeout:
+                    type: string
+                  resurrect_after:
+                    type: string
+                  retry_tag:
+                    type: string
+                  routing_key:
+                    type: string
+                  scheme:
+                    type: string
+                  selector_class_name:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sniffer_class_name:
+                    type: string
+                  ssl_verify:
+                    type: boolean
+                  ssl_version:
+                    type: string
+                  suppress_doc_wrap:
+                    type: boolean
+                  suppress_type_name:
+                    type: boolean
+                  tag_key:
+                    type: string
+                  target_index_affinity:
+                    type: boolean
+                  target_index_key:
+                    type: string
+                  template_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  template_name:
+                    type: string
+                  template_overwrite:
+                    type: boolean
+                  templates:
+                    type: string
+                  time_key:
+                    type: string
+                  time_key_exclude_timestamp:
+                    type: boolean
+                  time_key_format:
+                    type: string
+                  time_parse_error_tag:
+                    type: string
+                  time_precision:
+                    type: string
+                  truncate_caches_interval:
+                    type: string
+                  unrecoverable_error_types:
+                    type: string
+                  unrecoverable_record_types:
+                    type: string
+                  use_legacy_template:
+                    type: boolean
+                  user:
+                    type: string
+                  utc_index:
+                    type: boolean
+                  validate_client_version:
+                    type: boolean
+                  verify_os_version_at_startup:
+                    type: boolean
+                  with_transporter_log:
+                    type: boolean
+                  write_operation:
+                    type: string
+                type: object
+              oss:
+                properties:
+                  access_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  access_key_secret:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  auto_create_bucket:
+                    type: boolean
+                  bucket:
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  check_bucket:
+                    type: boolean
+                  check_object:
+                    type: boolean
+                  download_crc_enable:
+                    type: boolean
+                  endpoint:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  hex_random_length:
+                    type: integer
+                  index_format:
+                    type: string
+                  key_format:
+                    type: string
+                  open_timeout:
+                    type: integer
+                  oss_sdk_log_dir:
+                    type: string
+                  overwrite:
+                    type: boolean
+                  path:
+                    type: string
+                  read_timeout:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                  store_as:
+                    type: string
+                  upload_crc_enable:
+                    type: boolean
+                  warn_for_delay:
+                    type: string
+                required:
+                - access_key_id
+                - access_key_secret
+                - bucket
+                - endpoint
+                type: object
+              redis:
+                properties:
+                  allow_duplicate_key:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  db_number:
+                    type: integer
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  host:
+                    type: string
+                  insert_key_prefix:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  port:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                  strftime_format:
+                    type: string
+                  ttl:
+                    type: integer
+                type: object
+              relabel:
+                properties:
+                  label:
+                    type: string
+                required:
+                - label
+                type: object
+              s3:
+                properties:
+                  acl:
+                    type: string
+                  assume_role_credentials:
+                    properties:
+                      duration_seconds:
+                        type: string
+                      external_id:
+                        type: string
+                      policy:
+                        type: string
+                      role_arn:
+                        type: string
+                      role_session_name:
+                        type: string
+                    required:
+                    - role_arn
+                    - role_session_name
+                    type: object
+                  auto_create_bucket:
+                    type: string
+                  aws_iam_retries:
+                    type: string
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  check_apikey_on_start:
+                    type: string
+                  check_bucket:
+                    type: string
+                  check_object:
+                    type: string
+                  clustername:
+                    type: string
+                  compress:
+                    properties:
+                      parquet_compression_codec:
+                        type: string
+                      parquet_page_size:
+                        type: string
+                      parquet_row_group_size:
+                        type: string
+                      record_type:
+                        type: string
+                      schema_file:
+                        type: string
+                      schema_type:
+                        type: string
+                    type: object
+                  compute_checksums:
+                    type: string
+                  enable_transfer_acceleration:
+                    type: string
+                  force_path_style:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  grant_full_control:
+                    type: string
+                  grant_read:
+                    type: string
+                  grant_read_acp:
+                    type: string
+                  grant_write_acp:
+                    type: string
+                  hex_random_length:
+                    type: string
+                  index_format:
+                    type: string
+                  instance_profile_credentials:
+                    properties:
+                      http_open_timeout:
+                        type: string
+                      http_read_timeout:
+                        type: string
+                      ip_address:
+                        type: string
+                      port:
+                        type: string
+                      retries:
+                        type: string
+                    type: object
+                  oneeye_format:
+                    type: boolean
+                  overwrite:
+                    type: string
+                  path:
+                    type: string
+                  proxy_uri:
+                    type: string
+                  s3_bucket:
+                    type: string
+                  s3_endpoint:
+                    type: string
+                  s3_metadata:
+                    type: string
+                  s3_object_key_format:
+                    type: string
+                  s3_region:
+                    type: string
+                  shared_credentials:
+                    properties:
+                      path:
+                        type: string
+                      profile_name:
+                        type: string
+                    type: object
+                  signature_version:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sse_customer_algorithm:
+                    type: string
+                  sse_customer_key:
+                    type: string
+                  sse_customer_key_md5:
+                    type: string
+                  ssekms_key_id:
+                    type: string
+                  ssl_verify_peer:
+                    type: string
+                  storage_class:
+                    type: string
+                  store_as:
+                    type: string
+                  use_bundled_cert:
+                    type: string
+                  use_server_side_encryption:
+                    type: string
+                  warn_for_delay:
+                    type: string
+                required:
+                - s3_bucket
+                type: object
+              splunkHec:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  ca_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_cert:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  client_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  coerce_to_utf8:
+                    type: boolean
+                  data_type:
+                    type: string
+                  fields:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  hec_host:
+                    type: string
+                  hec_port:
+                    type: integer
+                  hec_token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  host:
+                    type: string
+                  host_key:
+                    type: string
+                  idle_timeout:
+                    type: integer
+                  index:
+                    type: string
+                  index_key:
+                    type: string
+                  insecure_ssl:
+                    type: boolean
+                  keep_keys:
+                    type: boolean
+                  metric_name_key:
+                    type: string
+                  metric_value_key:
+                    type: string
+                  metrics_from_event:
+                    type: boolean
+                  non_utf8_replacement_string:
+                    type: string
+                  open_timeout:
+                    type: integer
+                  protocol:
+                    type: string
+                  read_timeout:
+                    type: integer
+                  slow_flush_log_threshold:
+                    type: string
+                  source:
+                    type: string
+                  source_key:
+                    type: string
+                  sourcetype:
+                    type: string
+                  sourcetype_key:
+                    type: string
+                  ssl_ciphers:
+                    type: string
+                required:
+                - hec_host
+                - hec_token
+                type: object
+              sqs:
+                properties:
+                  aws_key_id:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  aws_sec_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  create_queue:
+                    type: boolean
+                  delay_seconds:
+                    type: integer
+                  include_tag:
+                    type: boolean
+                  message_group_id:
+                    type: string
+                  queue_name:
+                    type: string
+                  region:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  sqs_url:
+                    type: string
+                  tag_property_name:
+                    type: string
+                type: object
+              sumologic:
+                properties:
+                  add_timestamp:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  compress:
+                    type: boolean
+                  compress_encoding:
+                    type: string
+                  custom_dimensions:
+                    type: string
+                  custom_fields:
+                    items:
+                      type: string
+                    type: array
+                  data_type:
+                    type: string
+                  delimiter:
+                    type: string
+                  disable_cookies:
+                    type: boolean
+                  endpoint:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  log_format:
+                    type: string
+                  log_key:
+                    type: string
+                  metric_data_format:
+                    type: string
+                  open_timeout:
+                    type: integer
+                  proxy_uri:
+                    type: string
+                  slow_flush_log_threshold:
+                    type: string
+                  source_category:
+                    type: string
+                  source_host:
+                    type: string
+                  source_name:
+                    type: string
+                  source_name_key:
+                    type: string
+                  sumo_client:
+                    type: string
+                  timestamp_key:
+                    type: string
+                  verify_ssl:
+                    type: boolean
+                required:
+                - endpoint
+                - source_name
+                type: object
+              syslog:
+                properties:
+                  allow_self_signed_cert:
+                    type: boolean
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  client_cert_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  enable_system_cert_store:
+                    type: boolean
+                  format:
+                    properties:
+                      app_name_field:
+                        type: string
+                      hostname_field:
+                        type: string
+                      log_field:
+                        type: string
+                      message_id_field:
+                        type: string
+                      proc_id_field:
+                        type: string
+                      rfc6587_message_size:
+                        type: boolean
+                      structured_data_field:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  fqdn:
+                    type: string
+                  host:
+                    type: string
+                  insecure:
+                    type: boolean
+                  port:
+                    type: integer
+                  private_key_passphrase:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  private_key_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  slow_flush_log_threshold:
+                    type: string
+                  transport:
+                    type: string
+                  trusted_ca_path:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  verify_fqdn:
+                    type: boolean
+                  version:
+                    type: string
+                required:
+                - host
+                type: object
+              vmwareLogInsight:
+                properties:
+                  agent_id:
+                    type: string
+                  authentication:
+                    enum:
+                    - nil
+                    - basic
+                    type: string
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  ca_file:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  config_param:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  flatten_hashes:
+                    type: boolean
+                  flatten_hashes_separator:
+                    type: string
+                  host:
+                    type: string
+                  http_conn_debug:
+                    type: boolean
+                  http_method:
+                    enum:
+                    - post
+                    type: string
+                  log_text_keys:
+                    items:
+                      type: string
+                    type: array
+                  max_batch_size:
+                    type: integer
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  path:
+                    type: string
+                  port:
+                    type: integer
+                  raise_on_error:
+                    type: boolean
+                  rate_limit_msec:
+                    type: integer
+                  request_retries:
+                    type: integer
+                  request_timeout:
+                    type: integer
+                  scheme:
+                    enum:
+                    - http
+                    - https
+                    type: string
+                  serializer:
+                    enum:
+                    - json
+                    type: string
+                  shorten_keys:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  ssl_verify:
+                    type: boolean
+                  username:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                type: object
+              vmwareLogIntelligence:
+                properties:
+                  buffer:
+                    properties:
+                      chunk_full_threshold:
+                        type: string
+                      chunk_limit_records:
+                        type: integer
+                      chunk_limit_size:
+                        type: string
+                      compress:
+                        type: string
+                      delayed_commit_timeout:
+                        type: string
+                      disable_chunk_backup:
+                        type: boolean
+                      disabled:
+                        type: boolean
+                      flush_at_shutdown:
+                        type: boolean
+                      flush_interval:
+                        type: string
+                      flush_mode:
+                        type: string
+                      flush_thread_burst_interval:
+                        type: string
+                      flush_thread_count:
+                        type: integer
+                      flush_thread_interval:
+                        type: string
+                      overflow_action:
+                        type: string
+                      path:
+                        type: string
+                      queue_limit_length:
+                        type: integer
+                      queued_chunks_limit_size:
+                        type: integer
+                      retry_exponential_backoff_base:
+                        type: string
+                      retry_forever:
+                        type: boolean
+                      retry_max_interval:
+                        type: string
+                      retry_max_times:
+                        type: integer
+                      retry_randomize:
+                        type: boolean
+                      retry_secondary_threshold:
+                        type: string
+                      retry_timeout:
+                        type: string
+                      retry_type:
+                        type: string
+                      retry_wait:
+                        type: string
+                      tags:
+                        type: string
+                      timekey:
+                        type: string
+                      timekey_use_utc:
+                        type: boolean
+                      timekey_wait:
+                        type: string
+                      timekey_zone:
+                        type: string
+                      total_limit_size:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                  endpoint_url:
+                    type: string
+                  format:
+                    properties:
+                      add_newline:
+                        type: boolean
+                      message_key:
+                        type: string
+                      type:
+                        enum:
+                        - out_file
+                        - json
+                        - ltsv
+                        - csv
+                        - msgpack
+                        - hash
+                        - single_value
+                        type: string
+                    type: object
+                  headers:
+                    properties:
+                      authorization:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      content_type:
+                        type: string
+                      structure:
+                        type: string
+                    required:
+                    - authorization
+                    - content_type
+                    - structure
+                    type: object
+                  http_compress:
+                    type: boolean
+                  verify_ssl:
+                    type: boolean
+                required:
+                - endpoint_url
+                - headers
+                - verify_ssl
+                type: object
+            type: object
+          status:
+            properties:
+              active:
+                type: boolean
+              problems:
+                items:
+                  type: string
+                type: array
+              problemsCount:
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngclusterflows.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngclusterflows.yaml
new file mode 100644
index 0000000000..51534c3ed5
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngclusterflows.yaml
@@ -0,0 +1,360 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: syslogngclusterflows.logging.banzaicloud.io
+spec:
+  group: logging.banzaicloud.io
+  names:
+    categories:
+    - logging-all
+    kind: SyslogNGClusterFlow
+    listKind: SyslogNGClusterFlowList
+    plural: syslogngclusterflows
+    singular: syslogngclusterflow
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - description: Is the flow active?
+      jsonPath: .status.active
+      name: Active
+      type: boolean
+    - description: Number of problems
+      jsonPath: .status.problemsCount
+      name: Problems
+      type: integer
+    name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              filters:
+                items:
+                  properties:
+                    id:
+                      type: string
+                    match:
+                      properties:
+                        and:
+                          x-kubernetes-preserve-unknown-fields: true
+                        not:
+                          x-kubernetes-preserve-unknown-fields: true
+                        or:
+                          x-kubernetes-preserve-unknown-fields: true
+                        regexp:
+                          properties:
+                            flags:
+                              items:
+                                type: string
+                              type: array
+                            pattern:
+                              type: string
+                            template:
+                              type: string
+                            type:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - pattern
+                          type: object
+                      type: object
+                    parser:
+                      properties:
+                        metrics-probe:
+                          properties:
+                            key:
+                              type: string
+                            labels:
+                              additionalProperties:
+                                type: string
+                              type: object
+                            level:
+                              type: integer
+                          type: object
+                        regexp:
+                          properties:
+                            flags:
+                              items:
+                                type: string
+                              type: array
+                            patterns:
+                              items:
+                                type: string
+                              type: array
+                            prefix:
+                              type: string
+                            template:
+                              type: string
+                          required:
+                          - patterns
+                          type: object
+                        syslog-parser:
+                          properties:
+                            flags:
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                      type: object
+                    rewrite:
+                      items:
+                        properties:
+                          group_unset:
+                            properties:
+                              condition:
+                                properties:
+                                  and:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  not:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  or:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  regexp:
+                                    properties:
+                                      flags:
+                                        items:
+                                          type: string
+                                        type: array
+                                      pattern:
+                                        type: string
+                                      template:
+                                        type: string
+                                      type:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - pattern
+                                    type: object
+                                type: object
+                              pattern:
+                                type: string
+                            required:
+                            - pattern
+                            type: object
+                          rename:
+                            properties:
+                              condition:
+                                properties:
+                                  and:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  not:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  or:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  regexp:
+                                    properties:
+                                      flags:
+                                        items:
+                                          type: string
+                                        type: array
+                                      pattern:
+                                        type: string
+                                      template:
+                                        type: string
+                                      type:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - pattern
+                                    type: object
+                                type: object
+                              newName:
+                                type: string
+                              oldName:
+                                type: string
+                            required:
+                            - newName
+                            - oldName
+                            type: object
+                          set:
+                            properties:
+                              condition:
+                                properties:
+                                  and:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  not:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  or:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  regexp:
+                                    properties:
+                                      flags:
+                                        items:
+                                          type: string
+                                        type: array
+                                      pattern:
+                                        type: string
+                                      template:
+                                        type: string
+                                      type:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - pattern
+                                    type: object
+                                type: object
+                              field:
+                                type: string
+                              value:
+                                type: string
+                            required:
+                            - field
+                            - value
+                            type: object
+                          subst:
+                            properties:
+                              condition:
+                                properties:
+                                  and:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  not:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  or:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  regexp:
+                                    properties:
+                                      flags:
+                                        items:
+                                          type: string
+                                        type: array
+                                      pattern:
+                                        type: string
+                                      template:
+                                        type: string
+                                      type:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - pattern
+                                    type: object
+                                type: object
+                              field:
+                                type: string
+                              flags:
+                                items:
+                                  type: string
+                                type: array
+                              pattern:
+                                type: string
+                              replace:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - field
+                            - pattern
+                            - replace
+                            type: object
+                          unset:
+                            properties:
+                              condition:
+                                properties:
+                                  and:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  not:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  or:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  regexp:
+                                    properties:
+                                      flags:
+                                        items:
+                                          type: string
+                                        type: array
+                                      pattern:
+                                        type: string
+                                      template:
+                                        type: string
+                                      type:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - pattern
+                                    type: object
+                                type: object
+                              field:
+                                type: string
+                            required:
+                            - field
+                            type: object
+                        type: object
+                      type: array
+                  type: object
+                type: array
+              globalOutputRefs:
+                items:
+                  type: string
+                type: array
+              loggingRef:
+                type: string
+              match:
+                properties:
+                  and:
+                    x-kubernetes-preserve-unknown-fields: true
+                  not:
+                    x-kubernetes-preserve-unknown-fields: true
+                  or:
+                    x-kubernetes-preserve-unknown-fields: true
+                  regexp:
+                    properties:
+                      flags:
+                        items:
+                          type: string
+                        type: array
+                      pattern:
+                        type: string
+                      template:
+                        type: string
+                      type:
+                        type: string
+                      value:
+                        type: string
+                    required:
+                    - pattern
+                    type: object
+                type: object
+              outputMetrics:
+                items:
+                  properties:
+                    key:
+                      type: string
+                    labels:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    level:
+                      type: integer
+                  type: object
+                type: array
+            type: object
+          status:
+            properties:
+              active:
+                type: boolean
+              problems:
+                items:
+                  type: string
+                type: array
+              problemsCount:
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngclusteroutputs.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngclusteroutputs.yaml
new file mode 100644
index 0000000000..7227853901
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngclusteroutputs.yaml
@@ -0,0 +1,2911 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: syslogngclusteroutputs.logging.banzaicloud.io
+spec:
+  group: logging.banzaicloud.io
+  names:
+    categories:
+    - logging-all
+    kind: SyslogNGClusterOutput
+    listKind: SyslogNGClusterOutputList
+    plural: syslogngclusteroutputs
+    singular: syslogngclusteroutput
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - description: Is the output active?
+      jsonPath: .status.active
+      name: Active
+      type: boolean
+    - description: Number of problems
+      jsonPath: .status.problemsCount
+      name: Problems
+      type: integer
+    name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              elasticsearch:
+                properties:
+                  batch-bytes:
+                    type: integer
+                  batch-lines:
+                    type: integer
+                  batch-timeout:
+                    type: integer
+                  body:
+                    type: string
+                  body-prefix:
+                    type: string
+                  body-suffix:
+                    type: string
+                  custom_id:
+                    type: string
+                  delimiter:
+                    type: string
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  headers:
+                    items:
+                      type: string
+                    type: array
+                  index:
+                    type: string
+                  log-fifo-size:
+                    type: integer
+                  logstash_prefix:
+                    type: string
+                  logstash_prefix_separator:
+                    type: string
+                  logstash_suffix:
+                    type: string
+                  method:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  persist_name:
+                    type: string
+                  response-action:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  retries:
+                    type: integer
+                  template:
+                    type: string
+                  time_reopen:
+                    type: integer
+                  timeout:
+                    type: integer
+                  tls:
+                    properties:
+                      ca_dir:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ca_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cert_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cipher-suite:
+                        type: string
+                      key_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      peer_verify:
+                        type: boolean
+                      ssl_version:
+                        enum:
+                        - sslv3
+                        - tlsv1
+                        - tlsv1_0
+                        - tlsv1_1
+                        - tlsv1_2
+                        - tlsv1_3
+                        type: string
+                      use-system-cert-store:
+                        type: boolean
+                    type: object
+                  type:
+                    type: string
+                  url:
+                    type: string
+                  user:
+                    type: string
+                  user-agent:
+                    type: string
+                  workers:
+                    type: integer
+                type: object
+              enabledNamespaces:
+                items:
+                  type: string
+                type: array
+              file:
+                properties:
+                  create_dirs:
+                    type: boolean
+                  dir_group:
+                    type: string
+                  dir_owner:
+                    type: string
+                  dir_perm:
+                    type: integer
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  path:
+                    type: string
+                  persist_name:
+                    type: string
+                  template:
+                    type: string
+                required:
+                - path
+                type: object
+              http:
+                properties:
+                  batch-bytes:
+                    type: integer
+                  batch-lines:
+                    type: integer
+                  batch-timeout:
+                    type: integer
+                  body:
+                    type: string
+                  body-prefix:
+                    type: string
+                  body-suffix:
+                    type: string
+                  delimiter:
+                    type: string
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  headers:
+                    items:
+                      type: string
+                    type: array
+                  log-fifo-size:
+                    type: integer
+                  method:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  persist_name:
+                    type: string
+                  response-action:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  retries:
+                    type: integer
+                  time_reopen:
+                    type: integer
+                  timeout:
+                    type: integer
+                  tls:
+                    properties:
+                      ca_dir:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ca_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cert_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cipher-suite:
+                        type: string
+                      key_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      peer_verify:
+                        type: boolean
+                      ssl_version:
+                        enum:
+                        - sslv3
+                        - tlsv1
+                        - tlsv1_0
+                        - tlsv1_1
+                        - tlsv1_2
+                        - tlsv1_3
+                        type: string
+                      use-system-cert-store:
+                        type: boolean
+                    type: object
+                  url:
+                    type: string
+                  user:
+                    type: string
+                  user-agent:
+                    type: string
+                  workers:
+                    type: integer
+                type: object
+              loggingRef:
+                type: string
+              loggly:
+                properties:
+                  close_on_input:
+                    type: boolean
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  flags:
+                    items:
+                      type: string
+                    type: array
+                  flush_lines:
+                    type: integer
+                  host:
+                    type: string
+                  persist_name:
+                    type: string
+                  port:
+                    type: integer
+                  so_keepalive:
+                    type: boolean
+                  suppress:
+                    type: integer
+                  tag:
+                    type: string
+                  template:
+                    type: string
+                  template_escape:
+                    type: boolean
+                  tls:
+                    properties:
+                      ca_dir:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ca_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cert_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cipher-suite:
+                        type: string
+                      key_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      peer_verify:
+                        type: boolean
+                      ssl_version:
+                        enum:
+                        - sslv3
+                        - tlsv1
+                        - tlsv1_0
+                        - tlsv1_1
+                        - tlsv1_2
+                        - tlsv1_3
+                        type: string
+                      use-system-cert-store:
+                        type: boolean
+                    type: object
+                  token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  transport:
+                    type: string
+                  ts_format:
+                    type: string
+                required:
+                - token
+                type: object
+              logscale:
+                properties:
+                  attributes:
+                    type: string
+                  batch_bytes:
+                    type: integer
+                  batch_lines:
+                    type: integer
+                  batch_timeout:
+                    type: integer
+                  body:
+                    type: string
+                  content_type:
+                    type: string
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  extra_headers:
+                    type: string
+                  persist_name:
+                    type: string
+                  rawstring:
+                    type: string
+                  timezone:
+                    type: string
+                  token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  url:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                type: object
+              loki:
+                properties:
+                  auth:
+                    properties:
+                      adc:
+                        type: object
+                      alts:
+                        properties:
+                          target-service-accounts:
+                            items:
+                              type: string
+                            type: array
+                        type: object
+                      insecure:
+                        type: object
+                      tls:
+                        properties:
+                          ca_file:
+                            properties:
+                              mountFrom:
+                                properties:
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              value:
+                                type: string
+                              valueFrom:
+                                properties:
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                            type: object
+                          cert_file:
+                            properties:
+                              mountFrom:
+                                properties:
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              value:
+                                type: string
+                              valueFrom:
+                                properties:
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                            type: object
+                          key_file:
+                            properties:
+                              mountFrom:
+                                properties:
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              value:
+                                type: string
+                              valueFrom:
+                                properties:
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                            type: object
+                        type: object
+                    type: object
+                  batch-lines:
+                    type: integer
+                  batch-timeout:
+                    type: integer
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  log-fifo-size:
+                    type: integer
+                  persist_name:
+                    type: string
+                  retries:
+                    type: integer
+                  template:
+                    type: string
+                  time_reopen:
+                    type: integer
+                  timestamp:
+                    enum:
+                    - current
+                    - received
+                    - msg
+                    type: string
+                  url:
+                    type: string
+                  workers:
+                    type: integer
+                type: object
+              mongodb:
+                properties:
+                  batch-bytes:
+                    type: integer
+                  batch-lines:
+                    type: integer
+                  batch-timeout:
+                    type: integer
+                  bulk:
+                    type: boolean
+                  bulk_bypass_validation:
+                    type: boolean
+                  bulk_unordered:
+                    type: boolean
+                  collection:
+                    type: string
+                  dir:
+                    type: string
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  log-fifo-size:
+                    type: integer
+                  persist_name:
+                    type: string
+                  retries:
+                    type: integer
+                  time_reopen:
+                    type: integer
+                  uri:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  value_pairs:
+                    properties:
+                      exclude:
+                        type: string
+                      key:
+                        type: string
+                      pair:
+                        type: string
+                      scope:
+                        type: string
+                    type: object
+                  write_concern:
+                    enum:
+                    - unacked
+                    - acked
+                    - majority
+                    type: string
+                required:
+                - collection
+                type: object
+              mqtt:
+                properties:
+                  address:
+                    type: string
+                  fallback-topic:
+                    type: string
+                  qos:
+                    type: integer
+                  template:
+                    type: string
+                  topic:
+                    type: string
+                type: object
+              openobserve:
+                properties:
+                  batch-bytes:
+                    type: integer
+                  batch-lines:
+                    type: integer
+                  batch-timeout:
+                    type: integer
+                  body:
+                    type: string
+                  body-prefix:
+                    type: string
+                  body-suffix:
+                    type: string
+                  delimiter:
+                    type: string
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  headers:
+                    items:
+                      type: string
+                    type: array
+                  log-fifo-size:
+                    type: integer
+                  method:
+                    type: string
+                  organization:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  persist_name:
+                    type: string
+                  port:
+                    type: integer
+                  record:
+                    type: string
+                  response-action:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  retries:
+                    type: integer
+                  stream:
+                    type: string
+                  time_reopen:
+                    type: integer
+                  timeout:
+                    type: integer
+                  tls:
+                    properties:
+                      ca_dir:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ca_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cert_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cipher-suite:
+                        type: string
+                      key_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      peer_verify:
+                        type: boolean
+                      ssl_version:
+                        enum:
+                        - sslv3
+                        - tlsv1
+                        - tlsv1_0
+                        - tlsv1_1
+                        - tlsv1_2
+                        - tlsv1_3
+                        type: string
+                      use-system-cert-store:
+                        type: boolean
+                    type: object
+                  url:
+                    type: string
+                  user:
+                    type: string
+                  user-agent:
+                    type: string
+                  workers:
+                    type: integer
+                type: object
+              redis:
+                properties:
+                  auth:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  batch-bytes:
+                    type: integer
+                  batch-lines:
+                    type: integer
+                  batch-timeout:
+                    type: integer
+                  command:
+                    properties:
+                      string-list:
+                        items:
+                          type: string
+                        type: array
+                    type: object
+                  command_and_arguments:
+                    items:
+                      type: string
+                    type: array
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  host:
+                    type: string
+                  log-fifo-size:
+                    type: integer
+                  persist_name:
+                    type: string
+                  port:
+                    type: integer
+                  retries:
+                    type: integer
+                  throttle:
+                    type: integer
+                  time-reopen:
+                    type: integer
+                  workers:
+                    type: integer
+                type: object
+              s3:
+                properties:
+                  access_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  bucket:
+                    type: string
+                  canned_acl:
+                    type: string
+                  chunk_size:
+                    type: integer
+                  compression:
+                    type: boolean
+                  compresslevel:
+                    type: integer
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  flush_grace_period:
+                    type: integer
+                  log-fifo-size:
+                    type: integer
+                  max_object_size:
+                    type: integer
+                  max_pending_uploads:
+                    type: integer
+                  object_key:
+                    type: string
+                  object_key_timestamp:
+                    type: string
+                  persist_name:
+                    type: string
+                  region:
+                    type: string
+                  retries:
+                    type: integer
+                  secret_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  storage_class:
+                    type: string
+                  template:
+                    type: string
+                  throttle:
+                    type: integer
+                  upload_threads:
+                    type: integer
+                  url:
+                    type: string
+                type: object
+              splunk_hec_event:
+                properties:
+                  batch-bytes:
+                    type: integer
+                  batch-lines:
+                    type: integer
+                  batch-timeout:
+                    type: integer
+                  body:
+                    type: string
+                  body-prefix:
+                    type: string
+                  body-suffix:
+                    type: string
+                  content_type:
+                    type: string
+                  default_index:
+                    type: string
+                  default_source:
+                    type: string
+                  default_sourcetype:
+                    type: string
+                  delimiter:
+                    type: string
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  event:
+                    type: string
+                  extra_headers:
+                    items:
+                      type: string
+                    type: array
+                  extra_queries:
+                    items:
+                      type: string
+                    type: array
+                  fields:
+                    type: string
+                  headers:
+                    items:
+                      type: string
+                    type: array
+                  host:
+                    type: string
+                  index:
+                    type: string
+                  log-fifo-size:
+                    type: integer
+                  method:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  persist_name:
+                    type: string
+                  response-action:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  retries:
+                    type: integer
+                  source:
+                    type: string
+                  sourcetype:
+                    type: string
+                  time:
+                    type: string
+                  time_reopen:
+                    type: integer
+                  timeout:
+                    type: integer
+                  tls:
+                    properties:
+                      ca_dir:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ca_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cert_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cipher-suite:
+                        type: string
+                      key_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      peer_verify:
+                        type: boolean
+                      ssl_version:
+                        enum:
+                        - sslv3
+                        - tlsv1
+                        - tlsv1_0
+                        - tlsv1_1
+                        - tlsv1_2
+                        - tlsv1_3
+                        type: string
+                      use-system-cert-store:
+                        type: boolean
+                    type: object
+                  token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  url:
+                    type: string
+                  user:
+                    type: string
+                  user-agent:
+                    type: string
+                  workers:
+                    type: integer
+                type: object
+              sumologic-http:
+                properties:
+                  batch-bytes:
+                    type: integer
+                  batch-lines:
+                    type: integer
+                  batch-timeout:
+                    type: integer
+                  body:
+                    type: string
+                  collector:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  deployment:
+                    type: string
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  headers:
+                    items:
+                      type: string
+                    type: array
+                  persist_name:
+                    type: string
+                  time_reopen:
+                    type: integer
+                  tls:
+                    properties:
+                      ca_dir:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ca_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cert_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cipher-suite:
+                        type: string
+                      key_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      peer_verify:
+                        type: boolean
+                      ssl_version:
+                        enum:
+                        - sslv3
+                        - tlsv1
+                        - tlsv1_0
+                        - tlsv1_1
+                        - tlsv1_2
+                        - tlsv1_3
+                        type: string
+                      use-system-cert-store:
+                        type: boolean
+                    type: object
+                  url:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                type: object
+              sumologic-syslog:
+                properties:
+                  deployment:
+                    type: string
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  persist_name:
+                    type: string
+                  port:
+                    type: integer
+                  tag:
+                    type: string
+                  tls:
+                    properties:
+                      ca_dir:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ca_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cert_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cipher-suite:
+                        type: string
+                      key_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      peer_verify:
+                        type: boolean
+                      ssl_version:
+                        enum:
+                        - sslv3
+                        - tlsv1
+                        - tlsv1_0
+                        - tlsv1_1
+                        - tlsv1_2
+                        - tlsv1_3
+                        type: string
+                      use-system-cert-store:
+                        type: boolean
+                    type: object
+                  token:
+                    type: integer
+                type: object
+              syslog:
+                properties:
+                  close_on_input:
+                    type: boolean
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  flags:
+                    items:
+                      type: string
+                    type: array
+                  flush_lines:
+                    type: integer
+                  host:
+                    type: string
+                  persist_name:
+                    type: string
+                  port:
+                    type: integer
+                  so_keepalive:
+                    type: boolean
+                  suppress:
+                    type: integer
+                  template:
+                    type: string
+                  template_escape:
+                    type: boolean
+                  tls:
+                    properties:
+                      ca_dir:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ca_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cert_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cipher-suite:
+                        type: string
+                      key_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      peer_verify:
+                        type: boolean
+                      ssl_version:
+                        enum:
+                        - sslv3
+                        - tlsv1
+                        - tlsv1_0
+                        - tlsv1_1
+                        - tlsv1_2
+                        - tlsv1_3
+                        type: string
+                      use-system-cert-store:
+                        type: boolean
+                    type: object
+                  transport:
+                    type: string
+                  ts_format:
+                    type: string
+                type: object
+            type: object
+          status:
+            properties:
+              active:
+                type: boolean
+              problems:
+                items:
+                  type: string
+                type: array
+              problemsCount:
+                type: integer
+            type: object
+        required:
+        - spec
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngconfigs.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngconfigs.yaml
new file mode 100644
index 0000000000..879463dd46
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngconfigs.yaml
@@ -0,0 +1,8104 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: syslogngconfigs.logging.banzaicloud.io
+spec:
+  group: logging.banzaicloud.io
+  names:
+    categories:
+    - logging-all
+    kind: SyslogNGConfig
+    listKind: SyslogNGConfigList
+    plural: syslogngconfigs
+    singular: syslogngconfig
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              bufferVolumeMetrics:
+                properties:
+                  interval:
+                    type: string
+                  mount_name:
+                    type: string
+                  path:
+                    type: string
+                  port:
+                    format: int32
+                    type: integer
+                  prometheusAnnotations:
+                    type: boolean
+                  prometheusRules:
+                    type: boolean
+                  serviceMonitor:
+                    type: boolean
+                  serviceMonitorConfig:
+                    properties:
+                      additionalLabels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      honorLabels:
+                        type: boolean
+                      metricRelabelings:
+                        items:
+                          properties:
+                            action:
+                              default: replace
+                              enum:
+                              - replace
+                              - Replace
+                              - keep
+                              - Keep
+                              - drop
+                              - Drop
+                              - hashmod
+                              - HashMod
+                              - labelmap
+                              - LabelMap
+                              - labeldrop
+                              - LabelDrop
+                              - labelkeep
+                              - LabelKeep
+                              - lowercase
+                              - Lowercase
+                              - uppercase
+                              - Uppercase
+                              - keepequal
+                              - KeepEqual
+                              - dropequal
+                              - DropEqual
+                              type: string
+                            modulus:
+                              format: int64
+                              type: integer
+                            regex:
+                              type: string
+                            replacement:
+                              type: string
+                            separator:
+                              type: string
+                            sourceLabels:
+                              items:
+                                pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                type: string
+                              type: array
+                            targetLabel:
+                              type: string
+                          type: object
+                        type: array
+                      relabelings:
+                        items:
+                          properties:
+                            action:
+                              default: replace
+                              enum:
+                              - replace
+                              - Replace
+                              - keep
+                              - Keep
+                              - drop
+                              - Drop
+                              - hashmod
+                              - HashMod
+                              - labelmap
+                              - LabelMap
+                              - labeldrop
+                              - LabelDrop
+                              - labelkeep
+                              - LabelKeep
+                              - lowercase
+                              - Lowercase
+                              - uppercase
+                              - Uppercase
+                              - keepequal
+                              - KeepEqual
+                              - dropequal
+                              - DropEqual
+                              type: string
+                            modulus:
+                              format: int64
+                              type: integer
+                            regex:
+                              type: string
+                            replacement:
+                              type: string
+                            separator:
+                              type: string
+                            sourceLabels:
+                              items:
+                                pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                type: string
+                              type: array
+                            targetLabel:
+                              type: string
+                          type: object
+                        type: array
+                      scheme:
+                        type: string
+                      tlsConfig:
+                        properties:
+                          ca:
+                            properties:
+                              configMap:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          caFile:
+                            type: string
+                          cert:
+                            properties:
+                              configMap:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          certFile:
+                            type: string
+                          insecureSkipVerify:
+                            type: boolean
+                          keyFile:
+                            type: string
+                          keySecret:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          serverName:
+                            type: string
+                        type: object
+                    type: object
+                  timeout:
+                    type: string
+                type: object
+              bufferVolumeMetricsService:
+                properties:
+                  metadata:
+                    properties:
+                      annotations:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                    type: object
+                  spec:
+                    properties:
+                      allocateLoadBalancerNodePorts:
+                        type: boolean
+                      clusterIP:
+                        type: string
+                      clusterIPs:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      externalIPs:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      externalName:
+                        type: string
+                      externalTrafficPolicy:
+                        type: string
+                      healthCheckNodePort:
+                        format: int32
+                        type: integer
+                      internalTrafficPolicy:
+                        type: string
+                      ipFamilies:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      ipFamilyPolicy:
+                        type: string
+                      loadBalancerClass:
+                        type: string
+                      loadBalancerIP:
+                        type: string
+                      loadBalancerSourceRanges:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      ports:
+                        items:
+                          properties:
+                            appProtocol:
+                              type: string
+                            name:
+                              type: string
+                            nodePort:
+                              format: int32
+                              type: integer
+                            port:
+                              format: int32
+                              type: integer
+                            protocol:
+                              default: TCP
+                              type: string
+                            targetPort:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        type: array
+                        x-kubernetes-list-map-keys:
+                        - port
+                        - protocol
+                        x-kubernetes-list-type: map
+                      publishNotReadyAddresses:
+                        type: boolean
+                      selector:
+                        additionalProperties:
+                          type: string
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      sessionAffinity:
+                        type: string
+                      sessionAffinityConfig:
+                        properties:
+                          clientIP:
+                            properties:
+                              timeoutSeconds:
+                                format: int32
+                                type: integer
+                            type: object
+                        type: object
+                      trafficDistribution:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                type: object
+              configCheck:
+                properties:
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  strategy:
+                    type: string
+                  timeoutSeconds:
+                    type: integer
+                type: object
+              configCheckPod:
+                properties:
+                  activeDeadlineSeconds:
+                    format: int64
+                    type: integer
+                  affinity:
+                    properties:
+                      nodeAffinity:
+                        properties:
+                          preferredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                preference:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchFields:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                weight:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - preference
+                              - weight
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          requiredDuringSchedulingIgnoredDuringExecution:
+                            properties:
+                              nodeSelectorTerms:
+                                items:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchFields:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            required:
+                            - nodeSelectorTerms
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      podAffinity:
+                        properties:
+                          preferredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                podAffinityTerm:
+                                  properties:
+                                    labelSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    matchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    mismatchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    namespaceSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    namespaces:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    topologyKey:
+                                      type: string
+                                  required:
+                                  - topologyKey
+                                  type: object
+                                weight:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - podAffinityTerm
+                              - weight
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          requiredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                labelSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                matchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                mismatchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                namespaceSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                topologyKey:
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      podAntiAffinity:
+                        properties:
+                          preferredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                podAffinityTerm:
+                                  properties:
+                                    labelSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    matchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    mismatchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    namespaceSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    namespaces:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    topologyKey:
+                                      type: string
+                                  required:
+                                  - topologyKey
+                                  type: object
+                                weight:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - podAffinityTerm
+                              - weight
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          requiredDuringSchedulingIgnoredDuringExecution:
+                            items:
+                              properties:
+                                labelSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                matchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                mismatchLabelKeys:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                namespaceSelector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                namespaces:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                topologyKey:
+                                  type: string
+                              required:
+                              - topologyKey
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                    type: object
+                  automountServiceAccountToken:
+                    type: boolean
+                  containers:
+                    items:
+                      properties:
+                        args:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        command:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        env:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
+                                properties:
+                                  configMapKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        envFrom:
+                          items:
+                            properties:
+                              configMapRef:
+                                properties:
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              prefix:
+                                type: string
+                              secretRef:
+                                properties:
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        image:
+                          type: string
+                        imagePullPolicy:
+                          type: string
+                        lifecycle:
+                          properties:
+                            postStart:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                            preStop:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                          type: object
+                        livenessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        name:
+                          type: string
+                        ports:
+                          items:
+                            properties:
+                              containerPort:
+                                format: int32
+                                type: integer
+                              hostIP:
+                                type: string
+                              hostPort:
+                                format: int32
+                                type: integer
+                              name:
+                                type: string
+                              protocol:
+                                default: TCP
+                                type: string
+                            required:
+                            - containerPort
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - containerPort
+                          - protocol
+                          x-kubernetes-list-type: map
+                        readinessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        resizePolicy:
+                          items:
+                            properties:
+                              resourceName:
+                                type: string
+                              restartPolicy:
+                                type: string
+                            required:
+                            - resourceName
+                            - restartPolicy
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        resources:
+                          properties:
+                            claims:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                required:
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            limits:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                            requests:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                          type: object
+                        restartPolicy:
+                          type: string
+                        securityContext:
+                          properties:
+                            allowPrivilegeEscalation:
+                              type: boolean
+                            appArmorProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            capabilities:
+                              properties:
+                                add:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                drop:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            privileged:
+                              type: boolean
+                            procMount:
+                              type: string
+                            readOnlyRootFilesystem:
+                              type: boolean
+                            runAsGroup:
+                              format: int64
+                              type: integer
+                            runAsNonRoot:
+                              type: boolean
+                            runAsUser:
+                              format: int64
+                              type: integer
+                            seLinuxOptions:
+                              properties:
+                                level:
+                                  type: string
+                                role:
+                                  type: string
+                                type:
+                                  type: string
+                                user:
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            windowsOptions:
+                              properties:
+                                gmsaCredentialSpec:
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  type: string
+                                hostProcess:
+                                  type: boolean
+                                runAsUserName:
+                                  type: string
+                              type: object
+                          type: object
+                        startupProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        stdin:
+                          type: boolean
+                        stdinOnce:
+                          type: boolean
+                        terminationMessagePath:
+                          type: string
+                        terminationMessagePolicy:
+                          type: string
+                        tty:
+                          type: boolean
+                        volumeDevices:
+                          items:
+                            properties:
+                              devicePath:
+                                type: string
+                              name:
+                                type: string
+                            required:
+                            - devicePath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - devicePath
+                          x-kubernetes-list-type: map
+                        volumeMounts:
+                          items:
+                            properties:
+                              mountPath:
+                                type: string
+                              mountPropagation:
+                                type: string
+                              name:
+                                type: string
+                              readOnly:
+                                type: boolean
+                              recursiveReadOnly:
+                                type: string
+                              subPath:
+                                type: string
+                              subPathExpr:
+                                type: string
+                            required:
+                            - mountPath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - mountPath
+                          x-kubernetes-list-type: map
+                        workingDir:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  dnsConfig:
+                    properties:
+                      nameservers:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      options:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      searches:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  dnsPolicy:
+                    type: string
+                  enableServiceLinks:
+                    type: boolean
+                  ephemeralContainers:
+                    items:
+                      properties:
+                        args:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        command:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        env:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
+                                properties:
+                                  configMapKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        envFrom:
+                          items:
+                            properties:
+                              configMapRef:
+                                properties:
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              prefix:
+                                type: string
+                              secretRef:
+                                properties:
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        image:
+                          type: string
+                        imagePullPolicy:
+                          type: string
+                        lifecycle:
+                          properties:
+                            postStart:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                            preStop:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                          type: object
+                        livenessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        name:
+                          type: string
+                        ports:
+                          items:
+                            properties:
+                              containerPort:
+                                format: int32
+                                type: integer
+                              hostIP:
+                                type: string
+                              hostPort:
+                                format: int32
+                                type: integer
+                              name:
+                                type: string
+                              protocol:
+                                default: TCP
+                                type: string
+                            required:
+                            - containerPort
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - containerPort
+                          - protocol
+                          x-kubernetes-list-type: map
+                        readinessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        resizePolicy:
+                          items:
+                            properties:
+                              resourceName:
+                                type: string
+                              restartPolicy:
+                                type: string
+                            required:
+                            - resourceName
+                            - restartPolicy
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        resources:
+                          properties:
+                            claims:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                required:
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            limits:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                            requests:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                          type: object
+                        restartPolicy:
+                          type: string
+                        securityContext:
+                          properties:
+                            allowPrivilegeEscalation:
+                              type: boolean
+                            appArmorProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            capabilities:
+                              properties:
+                                add:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                drop:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            privileged:
+                              type: boolean
+                            procMount:
+                              type: string
+                            readOnlyRootFilesystem:
+                              type: boolean
+                            runAsGroup:
+                              format: int64
+                              type: integer
+                            runAsNonRoot:
+                              type: boolean
+                            runAsUser:
+                              format: int64
+                              type: integer
+                            seLinuxOptions:
+                              properties:
+                                level:
+                                  type: string
+                                role:
+                                  type: string
+                                type:
+                                  type: string
+                                user:
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            windowsOptions:
+                              properties:
+                                gmsaCredentialSpec:
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  type: string
+                                hostProcess:
+                                  type: boolean
+                                runAsUserName:
+                                  type: string
+                              type: object
+                          type: object
+                        startupProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        stdin:
+                          type: boolean
+                        stdinOnce:
+                          type: boolean
+                        targetContainerName:
+                          type: string
+                        terminationMessagePath:
+                          type: string
+                        terminationMessagePolicy:
+                          type: string
+                        tty:
+                          type: boolean
+                        volumeDevices:
+                          items:
+                            properties:
+                              devicePath:
+                                type: string
+                              name:
+                                type: string
+                            required:
+                            - devicePath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - devicePath
+                          x-kubernetes-list-type: map
+                        volumeMounts:
+                          items:
+                            properties:
+                              mountPath:
+                                type: string
+                              mountPropagation:
+                                type: string
+                              name:
+                                type: string
+                              readOnly:
+                                type: boolean
+                              recursiveReadOnly:
+                                type: string
+                              subPath:
+                                type: string
+                              subPathExpr:
+                                type: string
+                            required:
+                            - mountPath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - mountPath
+                          x-kubernetes-list-type: map
+                        workingDir:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  hostAliases:
+                    items:
+                      properties:
+                        hostnames:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        ip:
+                          type: string
+                      required:
+                      - ip
+                      type: object
+                    type: array
+                  hostIPC:
+                    type: boolean
+                  hostNetwork:
+                    type: boolean
+                  hostPID:
+                    type: boolean
+                  hostname:
+                    type: string
+                  imagePullSecrets:
+                    items:
+                      properties:
+                        name:
+                          default: ""
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                  initContainers:
+                    items:
+                      properties:
+                        args:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        command:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        env:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
+                                properties:
+                                  configMapKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        envFrom:
+                          items:
+                            properties:
+                              configMapRef:
+                                properties:
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              prefix:
+                                type: string
+                              secretRef:
+                                properties:
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        image:
+                          type: string
+                        imagePullPolicy:
+                          type: string
+                        lifecycle:
+                          properties:
+                            postStart:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                            preStop:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                          type: object
+                        livenessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        name:
+                          type: string
+                        ports:
+                          items:
+                            properties:
+                              containerPort:
+                                format: int32
+                                type: integer
+                              hostIP:
+                                type: string
+                              hostPort:
+                                format: int32
+                                type: integer
+                              name:
+                                type: string
+                              protocol:
+                                default: TCP
+                                type: string
+                            required:
+                            - containerPort
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - containerPort
+                          - protocol
+                          x-kubernetes-list-type: map
+                        readinessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        resizePolicy:
+                          items:
+                            properties:
+                              resourceName:
+                                type: string
+                              restartPolicy:
+                                type: string
+                            required:
+                            - resourceName
+                            - restartPolicy
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        resources:
+                          properties:
+                            claims:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                required:
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            limits:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                            requests:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                          type: object
+                        restartPolicy:
+                          type: string
+                        securityContext:
+                          properties:
+                            allowPrivilegeEscalation:
+                              type: boolean
+                            appArmorProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            capabilities:
+                              properties:
+                                add:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                drop:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            privileged:
+                              type: boolean
+                            procMount:
+                              type: string
+                            readOnlyRootFilesystem:
+                              type: boolean
+                            runAsGroup:
+                              format: int64
+                              type: integer
+                            runAsNonRoot:
+                              type: boolean
+                            runAsUser:
+                              format: int64
+                              type: integer
+                            seLinuxOptions:
+                              properties:
+                                level:
+                                  type: string
+                                role:
+                                  type: string
+                                type:
+                                  type: string
+                                user:
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            windowsOptions:
+                              properties:
+                                gmsaCredentialSpec:
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  type: string
+                                hostProcess:
+                                  type: boolean
+                                runAsUserName:
+                                  type: string
+                              type: object
+                          type: object
+                        startupProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        stdin:
+                          type: boolean
+                        stdinOnce:
+                          type: boolean
+                        terminationMessagePath:
+                          type: string
+                        terminationMessagePolicy:
+                          type: string
+                        tty:
+                          type: boolean
+                        volumeDevices:
+                          items:
+                            properties:
+                              devicePath:
+                                type: string
+                              name:
+                                type: string
+                            required:
+                            - devicePath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - devicePath
+                          x-kubernetes-list-type: map
+                        volumeMounts:
+                          items:
+                            properties:
+                              mountPath:
+                                type: string
+                              mountPropagation:
+                                type: string
+                              name:
+                                type: string
+                              readOnly:
+                                type: boolean
+                              recursiveReadOnly:
+                                type: string
+                              subPath:
+                                type: string
+                              subPathExpr:
+                                type: string
+                            required:
+                            - mountPath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - mountPath
+                          x-kubernetes-list-type: map
+                        workingDir:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  nodeName:
+                    type: string
+                  nodeSelector:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  overhead:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                  preemptionPolicy:
+                    type: string
+                  priority:
+                    format: int32
+                    type: integer
+                  priorityClassName:
+                    type: string
+                  readinessGates:
+                    items:
+                      properties:
+                        conditionType:
+                          type: string
+                      required:
+                      - conditionType
+                      type: object
+                    type: array
+                  restartPolicy:
+                    type: string
+                  runtimeClassName:
+                    type: string
+                  schedulerName:
+                    type: string
+                  securityContext:
+                    properties:
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      fsGroup:
+                        format: int64
+                        type: integer
+                      fsGroupChangePolicy:
+                        type: string
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      supplementalGroups:
+                        items:
+                          format: int64
+                          type: integer
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      sysctls:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
+                    type: object
+                  serviceAccountName:
+                    type: string
+                  setHostnameAsFQDN:
+                    type: boolean
+                  shareProcessNamespace:
+                    type: boolean
+                  subdomain:
+                    type: string
+                  terminationGracePeriodSeconds:
+                    format: int64
+                    type: integer
+                  tolerations:
+                    items:
+                      properties:
+                        effect:
+                          type: string
+                        key:
+                          type: string
+                        operator:
+                          type: string
+                        tolerationSeconds:
+                          format: int64
+                          type: integer
+                        value:
+                          type: string
+                      type: object
+                    type: array
+                  topologySpreadConstraints:
+                    items:
+                      properties:
+                        labelSelector:
+                          properties:
+                            matchExpressions:
+                              items:
+                                properties:
+                                  key:
+                                    type: string
+                                  operator:
+                                    type: string
+                                  values:
+                                    items:
+                                      type: string
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                required:
+                                - key
+                                - operator
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            matchLabels:
+                              additionalProperties:
+                                type: string
+                              type: object
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        matchLabelKeys:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        maxSkew:
+                          format: int32
+                          type: integer
+                        minDomains:
+                          format: int32
+                          type: integer
+                        nodeAffinityPolicy:
+                          type: string
+                        nodeTaintsPolicy:
+                          type: string
+                        topologyKey:
+                          type: string
+                        whenUnsatisfiable:
+                          type: string
+                      required:
+                      - maxSkew
+                      - topologyKey
+                      - whenUnsatisfiable
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - topologyKey
+                    - whenUnsatisfiable
+                    x-kubernetes-list-type: map
+                  volumes:
+                    items:
+                      properties:
+                        awsElasticBlockStore:
+                          properties:
+                            fsType:
+                              type: string
+                            partition:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            volumeID:
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        azureDisk:
+                          properties:
+                            cachingMode:
+                              type: string
+                            diskName:
+                              type: string
+                            diskURI:
+                              type: string
+                            fsType:
+                              type: string
+                            kind:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - diskName
+                          - diskURI
+                          type: object
+                        azureFile:
+                          properties:
+                            readOnly:
+                              type: boolean
+                            secretName:
+                              type: string
+                            shareName:
+                              type: string
+                          required:
+                          - secretName
+                          - shareName
+                          type: object
+                        cephfs:
+                          properties:
+                            monitors:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretFile:
+                              type: string
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
+                              type: string
+                          required:
+                          - monitors
+                          type: object
+                        cinder:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeID:
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        configMap:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  key:
+                                    type: string
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                required:
+                                - key
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            name:
+                              default: ""
+                              type: string
+                            optional:
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        csi:
+                          properties:
+                            driver:
+                              type: string
+                            fsType:
+                              type: string
+                            nodePublishSecretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            readOnly:
+                              type: boolean
+                            volumeAttributes:
+                              additionalProperties:
+                                type: string
+                              type: object
+                          required:
+                          - driver
+                          type: object
+                        downwardAPI:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                required:
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        emptyDir:
+                          properties:
+                            medium:
+                              type: string
+                            sizeLimit:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                          type: object
+                        ephemeral:
+                          properties:
+                            volumeClaimTemplate:
+                              properties:
+                                metadata:
+                                  type: object
+                                spec:
+                                  properties:
+                                    accessModes:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    dataSource:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    dataSourceRef:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                        namespace:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                    resources:
+                                      properties:
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    selector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    storageClassName:
+                                      type: string
+                                    volumeAttributesClassName:
+                                      type: string
+                                    volumeMode:
+                                      type: string
+                                    volumeName:
+                                      type: string
+                                  type: object
+                              required:
+                              - spec
+                              type: object
+                          type: object
+                        fc:
+                          properties:
+                            fsType:
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            targetWWNs:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            wwids:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        flexVolume:
+                          properties:
+                            driver:
+                              type: string
+                            fsType:
+                              type: string
+                            options:
+                              additionalProperties:
+                                type: string
+                              type: object
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          required:
+                          - driver
+                          type: object
+                        flocker:
+                          properties:
+                            datasetName:
+                              type: string
+                            datasetUUID:
+                              type: string
+                          type: object
+                        gcePersistentDisk:
+                          properties:
+                            fsType:
+                              type: string
+                            partition:
+                              format: int32
+                              type: integer
+                            pdName:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - pdName
+                          type: object
+                        gitRepo:
+                          properties:
+                            directory:
+                              type: string
+                            repository:
+                              type: string
+                            revision:
+                              type: string
+                          required:
+                          - repository
+                          type: object
+                        glusterfs:
+                          properties:
+                            endpoints:
+                              type: string
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - endpoints
+                          - path
+                          type: object
+                        hostPath:
+                          properties:
+                            path:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - path
+                          type: object
+                        iscsi:
+                          properties:
+                            chapAuthDiscovery:
+                              type: boolean
+                            chapAuthSession:
+                              type: boolean
+                            fsType:
+                              type: string
+                            initiatorName:
+                              type: string
+                            iqn:
+                              type: string
+                            iscsiInterface:
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            portals:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            targetPortal:
+                              type: string
+                          required:
+                          - iqn
+                          - lun
+                          - targetPortal
+                          type: object
+                        name:
+                          type: string
+                        nfs:
+                          properties:
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            server:
+                              type: string
+                          required:
+                          - path
+                          - server
+                          type: object
+                        persistentVolumeClaim:
+                          properties:
+                            claimName:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - claimName
+                          type: object
+                        photonPersistentDisk:
+                          properties:
+                            fsType:
+                              type: string
+                            pdID:
+                              type: string
+                          required:
+                          - pdID
+                          type: object
+                        portworxVolume:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            volumeID:
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        projected:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            sources:
+                              items:
+                                properties:
+                                  clusterTrustBundle:
+                                    properties:
+                                      labelSelector:
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                operator:
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              required:
+                                              - key
+                                              - operator
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          matchLabels:
+                                            additionalProperties:
+                                              type: string
+                                            type: object
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      name:
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                      path:
+                                        type: string
+                                      signerName:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                  configMap:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                          required:
+                                          - key
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  downwardAPI:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            fieldRef:
+                                              properties:
+                                                apiVersion:
+                                                  type: string
+                                                fieldPath:
+                                                  type: string
+                                              required:
+                                              - fieldPath
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                            resourceFieldRef:
+                                              properties:
+                                                containerName:
+                                                  type: string
+                                                divisor:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                  x-kubernetes-int-or-string: true
+                                                resource:
+                                                  type: string
+                                              required:
+                                              - resource
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          required:
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    type: object
+                                  secret:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                          required:
+                                          - key
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serviceAccountToken:
+                                    properties:
+                                      audience:
+                                        type: string
+                                      expirationSeconds:
+                                        format: int64
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        quobyte:
+                          properties:
+                            group:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            registry:
+                              type: string
+                            tenant:
+                              type: string
+                            user:
+                              type: string
+                            volume:
+                              type: string
+                          required:
+                          - registry
+                          - volume
+                          type: object
+                        rbd:
+                          properties:
+                            fsType:
+                              type: string
+                            image:
+                              type: string
+                            keyring:
+                              type: string
+                            monitors:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            pool:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
+                              type: string
+                          required:
+                          - image
+                          - monitors
+                          type: object
+                        scaleIO:
+                          properties:
+                            fsType:
+                              type: string
+                            gateway:
+                              type: string
+                            protectionDomain:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            sslEnabled:
+                              type: boolean
+                            storageMode:
+                              type: string
+                            storagePool:
+                              type: string
+                            system:
+                              type: string
+                            volumeName:
+                              type: string
+                          required:
+                          - gateway
+                          - secretRef
+                          - system
+                          type: object
+                        secret:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  key:
+                                    type: string
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                required:
+                                - key
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            optional:
+                              type: boolean
+                            secretName:
+                              type: string
+                          type: object
+                        storageos:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeName:
+                              type: string
+                            volumeNamespace:
+                              type: string
+                          type: object
+                        vsphereVolume:
+                          properties:
+                            fsType:
+                              type: string
+                            storagePolicyID:
+                              type: string
+                            storagePolicyName:
+                              type: string
+                            volumePath:
+                              type: string
+                          required:
+                          - volumePath
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                type: object
+              globalOptions:
+                properties:
+                  log_level:
+                    type: string
+                  stats:
+                    properties:
+                      freq:
+                        type: integer
+                      level:
+                        type: integer
+                    type: object
+                  stats_freq:
+                    type: integer
+                  stats_level:
+                    type: integer
+                type: object
+              jsonKeyDelim:
+                type: string
+              jsonKeyPrefix:
+                type: string
+              logIWSize:
+                type: integer
+              maxConnections:
+                type: integer
+              metrics:
+                properties:
+                  interval:
+                    type: string
+                  path:
+                    type: string
+                  port:
+                    format: int32
+                    type: integer
+                  prometheusAnnotations:
+                    type: boolean
+                  prometheusRules:
+                    type: boolean
+                  serviceMonitor:
+                    type: boolean
+                  serviceMonitorConfig:
+                    properties:
+                      additionalLabels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      honorLabels:
+                        type: boolean
+                      metricRelabelings:
+                        items:
+                          properties:
+                            action:
+                              default: replace
+                              enum:
+                              - replace
+                              - Replace
+                              - keep
+                              - Keep
+                              - drop
+                              - Drop
+                              - hashmod
+                              - HashMod
+                              - labelmap
+                              - LabelMap
+                              - labeldrop
+                              - LabelDrop
+                              - labelkeep
+                              - LabelKeep
+                              - lowercase
+                              - Lowercase
+                              - uppercase
+                              - Uppercase
+                              - keepequal
+                              - KeepEqual
+                              - dropequal
+                              - DropEqual
+                              type: string
+                            modulus:
+                              format: int64
+                              type: integer
+                            regex:
+                              type: string
+                            replacement:
+                              type: string
+                            separator:
+                              type: string
+                            sourceLabels:
+                              items:
+                                pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                type: string
+                              type: array
+                            targetLabel:
+                              type: string
+                          type: object
+                        type: array
+                      relabelings:
+                        items:
+                          properties:
+                            action:
+                              default: replace
+                              enum:
+                              - replace
+                              - Replace
+                              - keep
+                              - Keep
+                              - drop
+                              - Drop
+                              - hashmod
+                              - HashMod
+                              - labelmap
+                              - LabelMap
+                              - labeldrop
+                              - LabelDrop
+                              - labelkeep
+                              - LabelKeep
+                              - lowercase
+                              - Lowercase
+                              - uppercase
+                              - Uppercase
+                              - keepequal
+                              - KeepEqual
+                              - dropequal
+                              - DropEqual
+                              type: string
+                            modulus:
+                              format: int64
+                              type: integer
+                            regex:
+                              type: string
+                            replacement:
+                              type: string
+                            separator:
+                              type: string
+                            sourceLabels:
+                              items:
+                                pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                type: string
+                              type: array
+                            targetLabel:
+                              type: string
+                          type: object
+                        type: array
+                      scheme:
+                        type: string
+                      tlsConfig:
+                        properties:
+                          ca:
+                            properties:
+                              configMap:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          caFile:
+                            type: string
+                          cert:
+                            properties:
+                              configMap:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secret:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          certFile:
+                            type: string
+                          insecureSkipVerify:
+                            type: boolean
+                          keyFile:
+                            type: string
+                          keySecret:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          serverName:
+                            type: string
+                        type: object
+                    type: object
+                  timeout:
+                    type: string
+                type: object
+              metricsService:
+                properties:
+                  metadata:
+                    properties:
+                      annotations:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                    type: object
+                  spec:
+                    properties:
+                      allocateLoadBalancerNodePorts:
+                        type: boolean
+                      clusterIP:
+                        type: string
+                      clusterIPs:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      externalIPs:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      externalName:
+                        type: string
+                      externalTrafficPolicy:
+                        type: string
+                      healthCheckNodePort:
+                        format: int32
+                        type: integer
+                      internalTrafficPolicy:
+                        type: string
+                      ipFamilies:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      ipFamilyPolicy:
+                        type: string
+                      loadBalancerClass:
+                        type: string
+                      loadBalancerIP:
+                        type: string
+                      loadBalancerSourceRanges:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      ports:
+                        items:
+                          properties:
+                            appProtocol:
+                              type: string
+                            name:
+                              type: string
+                            nodePort:
+                              format: int32
+                              type: integer
+                            port:
+                              format: int32
+                              type: integer
+                            protocol:
+                              default: TCP
+                              type: string
+                            targetPort:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        type: array
+                        x-kubernetes-list-map-keys:
+                        - port
+                        - protocol
+                        x-kubernetes-list-type: map
+                      publishNotReadyAddresses:
+                        type: boolean
+                      selector:
+                        additionalProperties:
+                          type: string
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      sessionAffinity:
+                        type: string
+                      sessionAffinityConfig:
+                        properties:
+                          clientIP:
+                            properties:
+                              timeoutSeconds:
+                                format: int32
+                                type: integer
+                            type: object
+                        type: object
+                      trafficDistribution:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                type: object
+              readinessDefaultCheck:
+                properties:
+                  bufferFileNumber:
+                    type: boolean
+                  bufferFileNumberMax:
+                    format: int32
+                    type: integer
+                  bufferFreeSpace:
+                    type: boolean
+                  bufferFreeSpaceThreshold:
+                    format: int32
+                    type: integer
+                  failureThreshold:
+                    format: int32
+                    type: integer
+                  initialDelaySeconds:
+                    format: int32
+                    type: integer
+                  periodSeconds:
+                    format: int32
+                    type: integer
+                  successThreshold:
+                    format: int32
+                    type: integer
+                  timeoutSeconds:
+                    format: int32
+                    type: integer
+                type: object
+              service:
+                properties:
+                  metadata:
+                    properties:
+                      annotations:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                    type: object
+                  spec:
+                    properties:
+                      allocateLoadBalancerNodePorts:
+                        type: boolean
+                      clusterIP:
+                        type: string
+                      clusterIPs:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      externalIPs:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      externalName:
+                        type: string
+                      externalTrafficPolicy:
+                        type: string
+                      healthCheckNodePort:
+                        format: int32
+                        type: integer
+                      internalTrafficPolicy:
+                        type: string
+                      ipFamilies:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      ipFamilyPolicy:
+                        type: string
+                      loadBalancerClass:
+                        type: string
+                      loadBalancerIP:
+                        type: string
+                      loadBalancerSourceRanges:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      ports:
+                        items:
+                          properties:
+                            appProtocol:
+                              type: string
+                            name:
+                              type: string
+                            nodePort:
+                              format: int32
+                              type: integer
+                            port:
+                              format: int32
+                              type: integer
+                            protocol:
+                              default: TCP
+                              type: string
+                            targetPort:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        type: array
+                        x-kubernetes-list-map-keys:
+                        - port
+                        - protocol
+                        x-kubernetes-list-type: map
+                      publishNotReadyAddresses:
+                        type: boolean
+                      selector:
+                        additionalProperties:
+                          type: string
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      sessionAffinity:
+                        type: string
+                      sessionAffinityConfig:
+                        properties:
+                          clientIP:
+                            properties:
+                              timeoutSeconds:
+                                format: int32
+                                type: integer
+                            type: object
+                        type: object
+                      trafficDistribution:
+                        type: string
+                      type:
+                        type: string
+                    type: object
+                type: object
+              serviceAccount:
+                properties:
+                  automountServiceAccountToken:
+                    type: boolean
+                  imagePullSecrets:
+                    items:
+                      properties:
+                        name:
+                          default: ""
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                  metadata:
+                    properties:
+                      annotations:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                    type: object
+                  secrets:
+                    items:
+                      properties:
+                        apiVersion:
+                          type: string
+                        fieldPath:
+                          type: string
+                        kind:
+                          type: string
+                        name:
+                          type: string
+                        namespace:
+                          type: string
+                        resourceVersion:
+                          type: string
+                        uid:
+                          type: string
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    type: array
+                type: object
+              skipRBACCreate:
+                type: boolean
+              sourceDateParser:
+                properties:
+                  format:
+                    type: string
+                  template:
+                    type: string
+                type: object
+              sourceMetrics:
+                items:
+                  properties:
+                    key:
+                      type: string
+                    labels:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    level:
+                      type: integer
+                  type: object
+                type: array
+              statefulSet:
+                properties:
+                  metadata:
+                    properties:
+                      annotations:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                    type: object
+                  spec:
+                    properties:
+                      podManagementPolicy:
+                        type: string
+                      replicas:
+                        format: int32
+                        type: integer
+                      revisionHistoryLimit:
+                        format: int32
+                        type: integer
+                      selector:
+                        properties:
+                          matchExpressions:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                operator:
+                                  type: string
+                                values:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              required:
+                              - key
+                              - operator
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          matchLabels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      serviceName:
+                        type: string
+                      template:
+                        properties:
+                          metadata:
+                            properties:
+                              annotations:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                              labels:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                            type: object
+                          spec:
+                            properties:
+                              activeDeadlineSeconds:
+                                format: int64
+                                type: integer
+                              affinity:
+                                properties:
+                                  nodeAffinity:
+                                    properties:
+                                      preferredDuringSchedulingIgnoredDuringExecution:
+                                        items:
+                                          properties:
+                                            preference:
+                                              properties:
+                                                matchExpressions:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      operator:
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    required:
+                                                    - key
+                                                    - operator
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                matchFields:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      operator:
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    required:
+                                                    - key
+                                                    - operator
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            weight:
+                                              format: int32
+                                              type: integer
+                                          required:
+                                          - preference
+                                          - weight
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      requiredDuringSchedulingIgnoredDuringExecution:
+                                        properties:
+                                          nodeSelectorTerms:
+                                            items:
+                                              properties:
+                                                matchExpressions:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      operator:
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    required:
+                                                    - key
+                                                    - operator
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                matchFields:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      operator:
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    required:
+                                                    - key
+                                                    - operator
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - nodeSelectorTerms
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                    type: object
+                                  podAffinity:
+                                    properties:
+                                      preferredDuringSchedulingIgnoredDuringExecution:
+                                        items:
+                                          properties:
+                                            podAffinityTerm:
+                                              properties:
+                                                labelSelector:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchLabels:
+                                                      additionalProperties:
+                                                        type: string
+                                                      type: object
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                matchLabelKeys:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                mismatchLabelKeys:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                namespaceSelector:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchLabels:
+                                                      additionalProperties:
+                                                        type: string
+                                                      type: object
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                namespaces:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                topologyKey:
+                                                  type: string
+                                              required:
+                                              - topologyKey
+                                              type: object
+                                            weight:
+                                              format: int32
+                                              type: integer
+                                          required:
+                                          - podAffinityTerm
+                                          - weight
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      requiredDuringSchedulingIgnoredDuringExecution:
+                                        items:
+                                          properties:
+                                            labelSelector:
+                                              properties:
+                                                matchExpressions:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      operator:
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    required:
+                                                    - key
+                                                    - operator
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                matchLabels:
+                                                  additionalProperties:
+                                                    type: string
+                                                  type: object
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            matchLabelKeys:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            mismatchLabelKeys:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            namespaceSelector:
+                                              properties:
+                                                matchExpressions:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      operator:
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    required:
+                                                    - key
+                                                    - operator
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                matchLabels:
+                                                  additionalProperties:
+                                                    type: string
+                                                  type: object
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            namespaces:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            topologyKey:
+                                              type: string
+                                          required:
+                                          - topologyKey
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    type: object
+                                  podAntiAffinity:
+                                    properties:
+                                      preferredDuringSchedulingIgnoredDuringExecution:
+                                        items:
+                                          properties:
+                                            podAffinityTerm:
+                                              properties:
+                                                labelSelector:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchLabels:
+                                                      additionalProperties:
+                                                        type: string
+                                                      type: object
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                matchLabelKeys:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                mismatchLabelKeys:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                namespaceSelector:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchLabels:
+                                                      additionalProperties:
+                                                        type: string
+                                                      type: object
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                namespaces:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                topologyKey:
+                                                  type: string
+                                              required:
+                                              - topologyKey
+                                              type: object
+                                            weight:
+                                              format: int32
+                                              type: integer
+                                          required:
+                                          - podAffinityTerm
+                                          - weight
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      requiredDuringSchedulingIgnoredDuringExecution:
+                                        items:
+                                          properties:
+                                            labelSelector:
+                                              properties:
+                                                matchExpressions:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      operator:
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    required:
+                                                    - key
+                                                    - operator
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                matchLabels:
+                                                  additionalProperties:
+                                                    type: string
+                                                  type: object
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            matchLabelKeys:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            mismatchLabelKeys:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            namespaceSelector:
+                                              properties:
+                                                matchExpressions:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        type: string
+                                                      operator:
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          type: string
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                    required:
+                                                    - key
+                                                    - operator
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                matchLabels:
+                                                  additionalProperties:
+                                                    type: string
+                                                  type: object
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            namespaces:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            topologyKey:
+                                              type: string
+                                          required:
+                                          - topologyKey
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    type: object
+                                type: object
+                              automountServiceAccountToken:
+                                type: boolean
+                              containers:
+                                items:
+                                  properties:
+                                    args:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    env:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                          valueFrom:
+                                            properties:
+                                              configMapKeyRef:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                required:
+                                                - key
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              fieldRef:
+                                                properties:
+                                                  apiVersion:
+                                                    type: string
+                                                  fieldPath:
+                                                    type: string
+                                                required:
+                                                - fieldPath
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              resourceFieldRef:
+                                                properties:
+                                                  containerName:
+                                                    type: string
+                                                  divisor:
+                                                    anyOf:
+                                                    - type: integer
+                                                    - type: string
+                                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                    x-kubernetes-int-or-string: true
+                                                  resource:
+                                                    type: string
+                                                required:
+                                                - resource
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              secretKeyRef:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                required:
+                                                - key
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                            type: object
+                                        required:
+                                        - name
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-map-keys:
+                                      - name
+                                      x-kubernetes-list-type: map
+                                    envFrom:
+                                      items:
+                                        properties:
+                                          configMapRef:
+                                            properties:
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                          prefix:
+                                            type: string
+                                          secretRef:
+                                            properties:
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    image:
+                                      type: string
+                                    imagePullPolicy:
+                                      type: string
+                                    lifecycle:
+                                      properties:
+                                        postStart:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            sleep:
+                                              properties:
+                                                seconds:
+                                                  format: int64
+                                                  type: integer
+                                              required:
+                                              - seconds
+                                              type: object
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                          type: object
+                                        preStop:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            sleep:
+                                              properties:
+                                                seconds:
+                                                  format: int64
+                                                  type: integer
+                                              required:
+                                              - seconds
+                                              type: object
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                          type: object
+                                      type: object
+                                    livenessProbe:
+                                      properties:
+                                        exec:
+                                          properties:
+                                            command:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        failureThreshold:
+                                          format: int32
+                                          type: integer
+                                        grpc:
+                                          properties:
+                                            port:
+                                              format: int32
+                                              type: integer
+                                            service:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        httpGet:
+                                          properties:
+                                            host:
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                  value:
+                                                    type: string
+                                                required:
+                                                - name
+                                                - value
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            path:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        initialDelaySeconds:
+                                          format: int32
+                                          type: integer
+                                        periodSeconds:
+                                          format: int32
+                                          type: integer
+                                        successThreshold:
+                                          format: int32
+                                          type: integer
+                                        tcpSocket:
+                                          properties:
+                                            host:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                          required:
+                                          - port
+                                          type: object
+                                        terminationGracePeriodSeconds:
+                                          format: int64
+                                          type: integer
+                                        timeoutSeconds:
+                                          format: int32
+                                          type: integer
+                                      type: object
+                                    name:
+                                      type: string
+                                    ports:
+                                      items:
+                                        properties:
+                                          containerPort:
+                                            format: int32
+                                            type: integer
+                                          hostIP:
+                                            type: string
+                                          hostPort:
+                                            format: int32
+                                            type: integer
+                                          name:
+                                            type: string
+                                          protocol:
+                                            default: TCP
+                                            type: string
+                                        required:
+                                        - containerPort
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-map-keys:
+                                      - containerPort
+                                      - protocol
+                                      x-kubernetes-list-type: map
+                                    readinessProbe:
+                                      properties:
+                                        exec:
+                                          properties:
+                                            command:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        failureThreshold:
+                                          format: int32
+                                          type: integer
+                                        grpc:
+                                          properties:
+                                            port:
+                                              format: int32
+                                              type: integer
+                                            service:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        httpGet:
+                                          properties:
+                                            host:
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                  value:
+                                                    type: string
+                                                required:
+                                                - name
+                                                - value
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            path:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        initialDelaySeconds:
+                                          format: int32
+                                          type: integer
+                                        periodSeconds:
+                                          format: int32
+                                          type: integer
+                                        successThreshold:
+                                          format: int32
+                                          type: integer
+                                        tcpSocket:
+                                          properties:
+                                            host:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                          required:
+                                          - port
+                                          type: object
+                                        terminationGracePeriodSeconds:
+                                          format: int64
+                                          type: integer
+                                        timeoutSeconds:
+                                          format: int32
+                                          type: integer
+                                      type: object
+                                    resizePolicy:
+                                      items:
+                                        properties:
+                                          resourceName:
+                                            type: string
+                                          restartPolicy:
+                                            type: string
+                                        required:
+                                        - resourceName
+                                        - restartPolicy
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    resources:
+                                      properties:
+                                        claims:
+                                          items:
+                                            properties:
+                                              name:
+                                                type: string
+                                            required:
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - name
+                                          x-kubernetes-list-type: map
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    restartPolicy:
+                                      type: string
+                                    securityContext:
+                                      properties:
+                                        allowPrivilegeEscalation:
+                                          type: boolean
+                                        appArmorProfile:
+                                          properties:
+                                            localhostProfile:
+                                              type: string
+                                            type:
+                                              type: string
+                                          required:
+                                          - type
+                                          type: object
+                                        capabilities:
+                                          properties:
+                                            add:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            drop:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        privileged:
+                                          type: boolean
+                                        procMount:
+                                          type: string
+                                        readOnlyRootFilesystem:
+                                          type: boolean
+                                        runAsGroup:
+                                          format: int64
+                                          type: integer
+                                        runAsNonRoot:
+                                          type: boolean
+                                        runAsUser:
+                                          format: int64
+                                          type: integer
+                                        seLinuxOptions:
+                                          properties:
+                                            level:
+                                              type: string
+                                            role:
+                                              type: string
+                                            type:
+                                              type: string
+                                            user:
+                                              type: string
+                                          type: object
+                                        seccompProfile:
+                                          properties:
+                                            localhostProfile:
+                                              type: string
+                                            type:
+                                              type: string
+                                          required:
+                                          - type
+                                          type: object
+                                        windowsOptions:
+                                          properties:
+                                            gmsaCredentialSpec:
+                                              type: string
+                                            gmsaCredentialSpecName:
+                                              type: string
+                                            hostProcess:
+                                              type: boolean
+                                            runAsUserName:
+                                              type: string
+                                          type: object
+                                      type: object
+                                    startupProbe:
+                                      properties:
+                                        exec:
+                                          properties:
+                                            command:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        failureThreshold:
+                                          format: int32
+                                          type: integer
+                                        grpc:
+                                          properties:
+                                            port:
+                                              format: int32
+                                              type: integer
+                                            service:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        httpGet:
+                                          properties:
+                                            host:
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                  value:
+                                                    type: string
+                                                required:
+                                                - name
+                                                - value
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            path:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        initialDelaySeconds:
+                                          format: int32
+                                          type: integer
+                                        periodSeconds:
+                                          format: int32
+                                          type: integer
+                                        successThreshold:
+                                          format: int32
+                                          type: integer
+                                        tcpSocket:
+                                          properties:
+                                            host:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                          required:
+                                          - port
+                                          type: object
+                                        terminationGracePeriodSeconds:
+                                          format: int64
+                                          type: integer
+                                        timeoutSeconds:
+                                          format: int32
+                                          type: integer
+                                      type: object
+                                    stdin:
+                                      type: boolean
+                                    stdinOnce:
+                                      type: boolean
+                                    terminationMessagePath:
+                                      type: string
+                                    terminationMessagePolicy:
+                                      type: string
+                                    tty:
+                                      type: boolean
+                                    volumeDevices:
+                                      items:
+                                        properties:
+                                          devicePath:
+                                            type: string
+                                          name:
+                                            type: string
+                                        required:
+                                        - devicePath
+                                        - name
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-map-keys:
+                                      - devicePath
+                                      x-kubernetes-list-type: map
+                                    volumeMounts:
+                                      items:
+                                        properties:
+                                          mountPath:
+                                            type: string
+                                          mountPropagation:
+                                            type: string
+                                          name:
+                                            type: string
+                                          readOnly:
+                                            type: boolean
+                                          recursiveReadOnly:
+                                            type: string
+                                          subPath:
+                                            type: string
+                                          subPathExpr:
+                                            type: string
+                                        required:
+                                        - mountPath
+                                        - name
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-map-keys:
+                                      - mountPath
+                                      x-kubernetes-list-type: map
+                                    workingDir:
+                                      type: string
+                                  required:
+                                  - name
+                                  type: object
+                                type: array
+                              dnsConfig:
+                                properties:
+                                  nameservers:
+                                    items:
+                                      type: string
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  options:
+                                    items:
+                                      properties:
+                                        name:
+                                          type: string
+                                        value:
+                                          type: string
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  searches:
+                                    items:
+                                      type: string
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                type: object
+                              dnsPolicy:
+                                type: string
+                              enableServiceLinks:
+                                type: boolean
+                              ephemeralContainers:
+                                items:
+                                  properties:
+                                    args:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    env:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                          valueFrom:
+                                            properties:
+                                              configMapKeyRef:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                required:
+                                                - key
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              fieldRef:
+                                                properties:
+                                                  apiVersion:
+                                                    type: string
+                                                  fieldPath:
+                                                    type: string
+                                                required:
+                                                - fieldPath
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              resourceFieldRef:
+                                                properties:
+                                                  containerName:
+                                                    type: string
+                                                  divisor:
+                                                    anyOf:
+                                                    - type: integer
+                                                    - type: string
+                                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                    x-kubernetes-int-or-string: true
+                                                  resource:
+                                                    type: string
+                                                required:
+                                                - resource
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              secretKeyRef:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                required:
+                                                - key
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                            type: object
+                                        required:
+                                        - name
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-map-keys:
+                                      - name
+                                      x-kubernetes-list-type: map
+                                    envFrom:
+                                      items:
+                                        properties:
+                                          configMapRef:
+                                            properties:
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                          prefix:
+                                            type: string
+                                          secretRef:
+                                            properties:
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    image:
+                                      type: string
+                                    imagePullPolicy:
+                                      type: string
+                                    lifecycle:
+                                      properties:
+                                        postStart:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            sleep:
+                                              properties:
+                                                seconds:
+                                                  format: int64
+                                                  type: integer
+                                              required:
+                                              - seconds
+                                              type: object
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                          type: object
+                                        preStop:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            sleep:
+                                              properties:
+                                                seconds:
+                                                  format: int64
+                                                  type: integer
+                                              required:
+                                              - seconds
+                                              type: object
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                          type: object
+                                      type: object
+                                    livenessProbe:
+                                      properties:
+                                        exec:
+                                          properties:
+                                            command:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        failureThreshold:
+                                          format: int32
+                                          type: integer
+                                        grpc:
+                                          properties:
+                                            port:
+                                              format: int32
+                                              type: integer
+                                            service:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        httpGet:
+                                          properties:
+                                            host:
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                  value:
+                                                    type: string
+                                                required:
+                                                - name
+                                                - value
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            path:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        initialDelaySeconds:
+                                          format: int32
+                                          type: integer
+                                        periodSeconds:
+                                          format: int32
+                                          type: integer
+                                        successThreshold:
+                                          format: int32
+                                          type: integer
+                                        tcpSocket:
+                                          properties:
+                                            host:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                          required:
+                                          - port
+                                          type: object
+                                        terminationGracePeriodSeconds:
+                                          format: int64
+                                          type: integer
+                                        timeoutSeconds:
+                                          format: int32
+                                          type: integer
+                                      type: object
+                                    name:
+                                      type: string
+                                    ports:
+                                      items:
+                                        properties:
+                                          containerPort:
+                                            format: int32
+                                            type: integer
+                                          hostIP:
+                                            type: string
+                                          hostPort:
+                                            format: int32
+                                            type: integer
+                                          name:
+                                            type: string
+                                          protocol:
+                                            default: TCP
+                                            type: string
+                                        required:
+                                        - containerPort
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-map-keys:
+                                      - containerPort
+                                      - protocol
+                                      x-kubernetes-list-type: map
+                                    readinessProbe:
+                                      properties:
+                                        exec:
+                                          properties:
+                                            command:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        failureThreshold:
+                                          format: int32
+                                          type: integer
+                                        grpc:
+                                          properties:
+                                            port:
+                                              format: int32
+                                              type: integer
+                                            service:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        httpGet:
+                                          properties:
+                                            host:
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                  value:
+                                                    type: string
+                                                required:
+                                                - name
+                                                - value
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            path:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        initialDelaySeconds:
+                                          format: int32
+                                          type: integer
+                                        periodSeconds:
+                                          format: int32
+                                          type: integer
+                                        successThreshold:
+                                          format: int32
+                                          type: integer
+                                        tcpSocket:
+                                          properties:
+                                            host:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                          required:
+                                          - port
+                                          type: object
+                                        terminationGracePeriodSeconds:
+                                          format: int64
+                                          type: integer
+                                        timeoutSeconds:
+                                          format: int32
+                                          type: integer
+                                      type: object
+                                    resizePolicy:
+                                      items:
+                                        properties:
+                                          resourceName:
+                                            type: string
+                                          restartPolicy:
+                                            type: string
+                                        required:
+                                        - resourceName
+                                        - restartPolicy
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    resources:
+                                      properties:
+                                        claims:
+                                          items:
+                                            properties:
+                                              name:
+                                                type: string
+                                            required:
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - name
+                                          x-kubernetes-list-type: map
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    restartPolicy:
+                                      type: string
+                                    securityContext:
+                                      properties:
+                                        allowPrivilegeEscalation:
+                                          type: boolean
+                                        appArmorProfile:
+                                          properties:
+                                            localhostProfile:
+                                              type: string
+                                            type:
+                                              type: string
+                                          required:
+                                          - type
+                                          type: object
+                                        capabilities:
+                                          properties:
+                                            add:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            drop:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        privileged:
+                                          type: boolean
+                                        procMount:
+                                          type: string
+                                        readOnlyRootFilesystem:
+                                          type: boolean
+                                        runAsGroup:
+                                          format: int64
+                                          type: integer
+                                        runAsNonRoot:
+                                          type: boolean
+                                        runAsUser:
+                                          format: int64
+                                          type: integer
+                                        seLinuxOptions:
+                                          properties:
+                                            level:
+                                              type: string
+                                            role:
+                                              type: string
+                                            type:
+                                              type: string
+                                            user:
+                                              type: string
+                                          type: object
+                                        seccompProfile:
+                                          properties:
+                                            localhostProfile:
+                                              type: string
+                                            type:
+                                              type: string
+                                          required:
+                                          - type
+                                          type: object
+                                        windowsOptions:
+                                          properties:
+                                            gmsaCredentialSpec:
+                                              type: string
+                                            gmsaCredentialSpecName:
+                                              type: string
+                                            hostProcess:
+                                              type: boolean
+                                            runAsUserName:
+                                              type: string
+                                          type: object
+                                      type: object
+                                    startupProbe:
+                                      properties:
+                                        exec:
+                                          properties:
+                                            command:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        failureThreshold:
+                                          format: int32
+                                          type: integer
+                                        grpc:
+                                          properties:
+                                            port:
+                                              format: int32
+                                              type: integer
+                                            service:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        httpGet:
+                                          properties:
+                                            host:
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                  value:
+                                                    type: string
+                                                required:
+                                                - name
+                                                - value
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            path:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        initialDelaySeconds:
+                                          format: int32
+                                          type: integer
+                                        periodSeconds:
+                                          format: int32
+                                          type: integer
+                                        successThreshold:
+                                          format: int32
+                                          type: integer
+                                        tcpSocket:
+                                          properties:
+                                            host:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                          required:
+                                          - port
+                                          type: object
+                                        terminationGracePeriodSeconds:
+                                          format: int64
+                                          type: integer
+                                        timeoutSeconds:
+                                          format: int32
+                                          type: integer
+                                      type: object
+                                    stdin:
+                                      type: boolean
+                                    stdinOnce:
+                                      type: boolean
+                                    targetContainerName:
+                                      type: string
+                                    terminationMessagePath:
+                                      type: string
+                                    terminationMessagePolicy:
+                                      type: string
+                                    tty:
+                                      type: boolean
+                                    volumeDevices:
+                                      items:
+                                        properties:
+                                          devicePath:
+                                            type: string
+                                          name:
+                                            type: string
+                                        required:
+                                        - devicePath
+                                        - name
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-map-keys:
+                                      - devicePath
+                                      x-kubernetes-list-type: map
+                                    volumeMounts:
+                                      items:
+                                        properties:
+                                          mountPath:
+                                            type: string
+                                          mountPropagation:
+                                            type: string
+                                          name:
+                                            type: string
+                                          readOnly:
+                                            type: boolean
+                                          recursiveReadOnly:
+                                            type: string
+                                          subPath:
+                                            type: string
+                                          subPathExpr:
+                                            type: string
+                                        required:
+                                        - mountPath
+                                        - name
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-map-keys:
+                                      - mountPath
+                                      x-kubernetes-list-type: map
+                                    workingDir:
+                                      type: string
+                                  required:
+                                  - name
+                                  type: object
+                                type: array
+                              hostAliases:
+                                items:
+                                  properties:
+                                    hostnames:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    ip:
+                                      type: string
+                                  required:
+                                  - ip
+                                  type: object
+                                type: array
+                              hostIPC:
+                                type: boolean
+                              hostNetwork:
+                                type: boolean
+                              hostPID:
+                                type: boolean
+                              hostname:
+                                type: string
+                              imagePullSecrets:
+                                items:
+                                  properties:
+                                    name:
+                                      default: ""
+                                      type: string
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                type: array
+                              initContainers:
+                                items:
+                                  properties:
+                                    args:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    env:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                          valueFrom:
+                                            properties:
+                                              configMapKeyRef:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                required:
+                                                - key
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              fieldRef:
+                                                properties:
+                                                  apiVersion:
+                                                    type: string
+                                                  fieldPath:
+                                                    type: string
+                                                required:
+                                                - fieldPath
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              resourceFieldRef:
+                                                properties:
+                                                  containerName:
+                                                    type: string
+                                                  divisor:
+                                                    anyOf:
+                                                    - type: integer
+                                                    - type: string
+                                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                    x-kubernetes-int-or-string: true
+                                                  resource:
+                                                    type: string
+                                                required:
+                                                - resource
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              secretKeyRef:
+                                                properties:
+                                                  key:
+                                                    type: string
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                required:
+                                                - key
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                            type: object
+                                        required:
+                                        - name
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-map-keys:
+                                      - name
+                                      x-kubernetes-list-type: map
+                                    envFrom:
+                                      items:
+                                        properties:
+                                          configMapRef:
+                                            properties:
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                          prefix:
+                                            type: string
+                                          secretRef:
+                                            properties:
+                                              name:
+                                                default: ""
+                                                type: string
+                                              optional:
+                                                type: boolean
+                                            type: object
+                                            x-kubernetes-map-type: atomic
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    image:
+                                      type: string
+                                    imagePullPolicy:
+                                      type: string
+                                    lifecycle:
+                                      properties:
+                                        postStart:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            sleep:
+                                              properties:
+                                                seconds:
+                                                  format: int64
+                                                  type: integer
+                                              required:
+                                              - seconds
+                                              type: object
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                          type: object
+                                        preStop:
+                                          properties:
+                                            exec:
+                                              properties:
+                                                command:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              type: object
+                                            httpGet:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                httpHeaders:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        type: string
+                                                      value:
+                                                        type: string
+                                                    required:
+                                                    - name
+                                                    - value
+                                                    type: object
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                path:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                                scheme:
+                                                  type: string
+                                              required:
+                                              - port
+                                              type: object
+                                            sleep:
+                                              properties:
+                                                seconds:
+                                                  format: int64
+                                                  type: integer
+                                              required:
+                                              - seconds
+                                              type: object
+                                            tcpSocket:
+                                              properties:
+                                                host:
+                                                  type: string
+                                                port:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  x-kubernetes-int-or-string: true
+                                              required:
+                                              - port
+                                              type: object
+                                          type: object
+                                      type: object
+                                    livenessProbe:
+                                      properties:
+                                        exec:
+                                          properties:
+                                            command:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        failureThreshold:
+                                          format: int32
+                                          type: integer
+                                        grpc:
+                                          properties:
+                                            port:
+                                              format: int32
+                                              type: integer
+                                            service:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        httpGet:
+                                          properties:
+                                            host:
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                  value:
+                                                    type: string
+                                                required:
+                                                - name
+                                                - value
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            path:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        initialDelaySeconds:
+                                          format: int32
+                                          type: integer
+                                        periodSeconds:
+                                          format: int32
+                                          type: integer
+                                        successThreshold:
+                                          format: int32
+                                          type: integer
+                                        tcpSocket:
+                                          properties:
+                                            host:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                          required:
+                                          - port
+                                          type: object
+                                        terminationGracePeriodSeconds:
+                                          format: int64
+                                          type: integer
+                                        timeoutSeconds:
+                                          format: int32
+                                          type: integer
+                                      type: object
+                                    name:
+                                      type: string
+                                    ports:
+                                      items:
+                                        properties:
+                                          containerPort:
+                                            format: int32
+                                            type: integer
+                                          hostIP:
+                                            type: string
+                                          hostPort:
+                                            format: int32
+                                            type: integer
+                                          name:
+                                            type: string
+                                          protocol:
+                                            default: TCP
+                                            type: string
+                                        required:
+                                        - containerPort
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-map-keys:
+                                      - containerPort
+                                      - protocol
+                                      x-kubernetes-list-type: map
+                                    readinessProbe:
+                                      properties:
+                                        exec:
+                                          properties:
+                                            command:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        failureThreshold:
+                                          format: int32
+                                          type: integer
+                                        grpc:
+                                          properties:
+                                            port:
+                                              format: int32
+                                              type: integer
+                                            service:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        httpGet:
+                                          properties:
+                                            host:
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                  value:
+                                                    type: string
+                                                required:
+                                                - name
+                                                - value
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            path:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        initialDelaySeconds:
+                                          format: int32
+                                          type: integer
+                                        periodSeconds:
+                                          format: int32
+                                          type: integer
+                                        successThreshold:
+                                          format: int32
+                                          type: integer
+                                        tcpSocket:
+                                          properties:
+                                            host:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                          required:
+                                          - port
+                                          type: object
+                                        terminationGracePeriodSeconds:
+                                          format: int64
+                                          type: integer
+                                        timeoutSeconds:
+                                          format: int32
+                                          type: integer
+                                      type: object
+                                    resizePolicy:
+                                      items:
+                                        properties:
+                                          resourceName:
+                                            type: string
+                                          restartPolicy:
+                                            type: string
+                                        required:
+                                        - resourceName
+                                        - restartPolicy
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    resources:
+                                      properties:
+                                        claims:
+                                          items:
+                                            properties:
+                                              name:
+                                                type: string
+                                            required:
+                                            - name
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-map-keys:
+                                          - name
+                                          x-kubernetes-list-type: map
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    restartPolicy:
+                                      type: string
+                                    securityContext:
+                                      properties:
+                                        allowPrivilegeEscalation:
+                                          type: boolean
+                                        appArmorProfile:
+                                          properties:
+                                            localhostProfile:
+                                              type: string
+                                            type:
+                                              type: string
+                                          required:
+                                          - type
+                                          type: object
+                                        capabilities:
+                                          properties:
+                                            add:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            drop:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        privileged:
+                                          type: boolean
+                                        procMount:
+                                          type: string
+                                        readOnlyRootFilesystem:
+                                          type: boolean
+                                        runAsGroup:
+                                          format: int64
+                                          type: integer
+                                        runAsNonRoot:
+                                          type: boolean
+                                        runAsUser:
+                                          format: int64
+                                          type: integer
+                                        seLinuxOptions:
+                                          properties:
+                                            level:
+                                              type: string
+                                            role:
+                                              type: string
+                                            type:
+                                              type: string
+                                            user:
+                                              type: string
+                                          type: object
+                                        seccompProfile:
+                                          properties:
+                                            localhostProfile:
+                                              type: string
+                                            type:
+                                              type: string
+                                          required:
+                                          - type
+                                          type: object
+                                        windowsOptions:
+                                          properties:
+                                            gmsaCredentialSpec:
+                                              type: string
+                                            gmsaCredentialSpecName:
+                                              type: string
+                                            hostProcess:
+                                              type: boolean
+                                            runAsUserName:
+                                              type: string
+                                          type: object
+                                      type: object
+                                    startupProbe:
+                                      properties:
+                                        exec:
+                                          properties:
+                                            command:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          type: object
+                                        failureThreshold:
+                                          format: int32
+                                          type: integer
+                                        grpc:
+                                          properties:
+                                            port:
+                                              format: int32
+                                              type: integer
+                                            service:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        httpGet:
+                                          properties:
+                                            host:
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    type: string
+                                                  value:
+                                                    type: string
+                                                required:
+                                                - name
+                                                - value
+                                                type: object
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                            path:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              type: string
+                                          required:
+                                          - port
+                                          type: object
+                                        initialDelaySeconds:
+                                          format: int32
+                                          type: integer
+                                        periodSeconds:
+                                          format: int32
+                                          type: integer
+                                        successThreshold:
+                                          format: int32
+                                          type: integer
+                                        tcpSocket:
+                                          properties:
+                                            host:
+                                              type: string
+                                            port:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              x-kubernetes-int-or-string: true
+                                          required:
+                                          - port
+                                          type: object
+                                        terminationGracePeriodSeconds:
+                                          format: int64
+                                          type: integer
+                                        timeoutSeconds:
+                                          format: int32
+                                          type: integer
+                                      type: object
+                                    stdin:
+                                      type: boolean
+                                    stdinOnce:
+                                      type: boolean
+                                    terminationMessagePath:
+                                      type: string
+                                    terminationMessagePolicy:
+                                      type: string
+                                    tty:
+                                      type: boolean
+                                    volumeDevices:
+                                      items:
+                                        properties:
+                                          devicePath:
+                                            type: string
+                                          name:
+                                            type: string
+                                        required:
+                                        - devicePath
+                                        - name
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-map-keys:
+                                      - devicePath
+                                      x-kubernetes-list-type: map
+                                    volumeMounts:
+                                      items:
+                                        properties:
+                                          mountPath:
+                                            type: string
+                                          mountPropagation:
+                                            type: string
+                                          name:
+                                            type: string
+                                          readOnly:
+                                            type: boolean
+                                          recursiveReadOnly:
+                                            type: string
+                                          subPath:
+                                            type: string
+                                          subPathExpr:
+                                            type: string
+                                        required:
+                                        - mountPath
+                                        - name
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-map-keys:
+                                      - mountPath
+                                      x-kubernetes-list-type: map
+                                    workingDir:
+                                      type: string
+                                  required:
+                                  - name
+                                  type: object
+                                type: array
+                              nodeName:
+                                type: string
+                              nodeSelector:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                              overhead:
+                                additionalProperties:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                type: object
+                              preemptionPolicy:
+                                type: string
+                              priority:
+                                format: int32
+                                type: integer
+                              priorityClassName:
+                                type: string
+                              readinessGates:
+                                items:
+                                  properties:
+                                    conditionType:
+                                      type: string
+                                  required:
+                                  - conditionType
+                                  type: object
+                                type: array
+                              restartPolicy:
+                                type: string
+                              runtimeClassName:
+                                type: string
+                              schedulerName:
+                                type: string
+                              securityContext:
+                                properties:
+                                  appArmorProfile:
+                                    properties:
+                                      localhostProfile:
+                                        type: string
+                                      type:
+                                        type: string
+                                    required:
+                                    - type
+                                    type: object
+                                  fsGroup:
+                                    format: int64
+                                    type: integer
+                                  fsGroupChangePolicy:
+                                    type: string
+                                  runAsGroup:
+                                    format: int64
+                                    type: integer
+                                  runAsNonRoot:
+                                    type: boolean
+                                  runAsUser:
+                                    format: int64
+                                    type: integer
+                                  seLinuxOptions:
+                                    properties:
+                                      level:
+                                        type: string
+                                      role:
+                                        type: string
+                                      type:
+                                        type: string
+                                      user:
+                                        type: string
+                                    type: object
+                                  seccompProfile:
+                                    properties:
+                                      localhostProfile:
+                                        type: string
+                                      type:
+                                        type: string
+                                    required:
+                                    - type
+                                    type: object
+                                  supplementalGroups:
+                                    items:
+                                      format: int64
+                                      type: integer
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  sysctls:
+                                    items:
+                                      properties:
+                                        name:
+                                          type: string
+                                        value:
+                                          type: string
+                                      required:
+                                      - name
+                                      - value
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  windowsOptions:
+                                    properties:
+                                      gmsaCredentialSpec:
+                                        type: string
+                                      gmsaCredentialSpecName:
+                                        type: string
+                                      hostProcess:
+                                        type: boolean
+                                      runAsUserName:
+                                        type: string
+                                    type: object
+                                type: object
+                              serviceAccountName:
+                                type: string
+                              setHostnameAsFQDN:
+                                type: boolean
+                              shareProcessNamespace:
+                                type: boolean
+                              subdomain:
+                                type: string
+                              terminationGracePeriodSeconds:
+                                format: int64
+                                type: integer
+                              tolerations:
+                                items:
+                                  properties:
+                                    effect:
+                                      type: string
+                                    key:
+                                      type: string
+                                    operator:
+                                      type: string
+                                    tolerationSeconds:
+                                      format: int64
+                                      type: integer
+                                    value:
+                                      type: string
+                                  type: object
+                                type: array
+                              topologySpreadConstraints:
+                                items:
+                                  properties:
+                                    labelSelector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    matchLabelKeys:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    maxSkew:
+                                      format: int32
+                                      type: integer
+                                    minDomains:
+                                      format: int32
+                                      type: integer
+                                    nodeAffinityPolicy:
+                                      type: string
+                                    nodeTaintsPolicy:
+                                      type: string
+                                    topologyKey:
+                                      type: string
+                                    whenUnsatisfiable:
+                                      type: string
+                                  required:
+                                  - maxSkew
+                                  - topologyKey
+                                  - whenUnsatisfiable
+                                  type: object
+                                type: array
+                                x-kubernetes-list-map-keys:
+                                - topologyKey
+                                - whenUnsatisfiable
+                                x-kubernetes-list-type: map
+                              volumes:
+                                items:
+                                  properties:
+                                    awsElasticBlockStore:
+                                      properties:
+                                        fsType:
+                                          type: string
+                                        partition:
+                                          format: int32
+                                          type: integer
+                                        readOnly:
+                                          type: boolean
+                                        volumeID:
+                                          type: string
+                                      required:
+                                      - volumeID
+                                      type: object
+                                    azureDisk:
+                                      properties:
+                                        cachingMode:
+                                          type: string
+                                        diskName:
+                                          type: string
+                                        diskURI:
+                                          type: string
+                                        fsType:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        readOnly:
+                                          type: boolean
+                                      required:
+                                      - diskName
+                                      - diskURI
+                                      type: object
+                                    azureFile:
+                                      properties:
+                                        readOnly:
+                                          type: boolean
+                                        secretName:
+                                          type: string
+                                        shareName:
+                                          type: string
+                                      required:
+                                      - secretName
+                                      - shareName
+                                      type: object
+                                    cephfs:
+                                      properties:
+                                        monitors:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        path:
+                                          type: string
+                                        readOnly:
+                                          type: boolean
+                                        secretFile:
+                                          type: string
+                                        secretRef:
+                                          properties:
+                                            name:
+                                              default: ""
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        user:
+                                          type: string
+                                      required:
+                                      - monitors
+                                      type: object
+                                    cinder:
+                                      properties:
+                                        fsType:
+                                          type: string
+                                        readOnly:
+                                          type: boolean
+                                        secretRef:
+                                          properties:
+                                            name:
+                                              default: ""
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        volumeID:
+                                          type: string
+                                      required:
+                                      - volumeID
+                                      type: object
+                                    configMap:
+                                      properties:
+                                        defaultMode:
+                                          format: int32
+                                          type: integer
+                                        items:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              mode:
+                                                format: int32
+                                                type: integer
+                                              path:
+                                                type: string
+                                            required:
+                                            - key
+                                            - path
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    csi:
+                                      properties:
+                                        driver:
+                                          type: string
+                                        fsType:
+                                          type: string
+                                        nodePublishSecretRef:
+                                          properties:
+                                            name:
+                                              default: ""
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        readOnly:
+                                          type: boolean
+                                        volumeAttributes:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      required:
+                                      - driver
+                                      type: object
+                                    downwardAPI:
+                                      properties:
+                                        defaultMode:
+                                          format: int32
+                                          type: integer
+                                        items:
+                                          items:
+                                            properties:
+                                              fieldRef:
+                                                properties:
+                                                  apiVersion:
+                                                    type: string
+                                                  fieldPath:
+                                                    type: string
+                                                required:
+                                                - fieldPath
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              mode:
+                                                format: int32
+                                                type: integer
+                                              path:
+                                                type: string
+                                              resourceFieldRef:
+                                                properties:
+                                                  containerName:
+                                                    type: string
+                                                  divisor:
+                                                    anyOf:
+                                                    - type: integer
+                                                    - type: string
+                                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                    x-kubernetes-int-or-string: true
+                                                  resource:
+                                                    type: string
+                                                required:
+                                                - resource
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                            required:
+                                            - path
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      type: object
+                                    emptyDir:
+                                      properties:
+                                        medium:
+                                          type: string
+                                        sizeLimit:
+                                          anyOf:
+                                          - type: integer
+                                          - type: string
+                                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    ephemeral:
+                                      properties:
+                                        volumeClaimTemplate:
+                                          properties:
+                                            metadata:
+                                              type: object
+                                            spec:
+                                              properties:
+                                                accessModes:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                                dataSource:
+                                                  properties:
+                                                    apiGroup:
+                                                      type: string
+                                                    kind:
+                                                      type: string
+                                                    name:
+                                                      type: string
+                                                  required:
+                                                  - kind
+                                                  - name
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                dataSourceRef:
+                                                  properties:
+                                                    apiGroup:
+                                                      type: string
+                                                    kind:
+                                                      type: string
+                                                    name:
+                                                      type: string
+                                                    namespace:
+                                                      type: string
+                                                  required:
+                                                  - kind
+                                                  - name
+                                                  type: object
+                                                resources:
+                                                  properties:
+                                                    limits:
+                                                      additionalProperties:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                        x-kubernetes-int-or-string: true
+                                                      type: object
+                                                    requests:
+                                                      additionalProperties:
+                                                        anyOf:
+                                                        - type: integer
+                                                        - type: string
+                                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                        x-kubernetes-int-or-string: true
+                                                      type: object
+                                                  type: object
+                                                selector:
+                                                  properties:
+                                                    matchExpressions:
+                                                      items:
+                                                        properties:
+                                                          key:
+                                                            type: string
+                                                          operator:
+                                                            type: string
+                                                          values:
+                                                            items:
+                                                              type: string
+                                                            type: array
+                                                            x-kubernetes-list-type: atomic
+                                                        required:
+                                                        - key
+                                                        - operator
+                                                        type: object
+                                                      type: array
+                                                      x-kubernetes-list-type: atomic
+                                                    matchLabels:
+                                                      additionalProperties:
+                                                        type: string
+                                                      type: object
+                                                  type: object
+                                                  x-kubernetes-map-type: atomic
+                                                storageClassName:
+                                                  type: string
+                                                volumeAttributesClassName:
+                                                  type: string
+                                                volumeMode:
+                                                  type: string
+                                                volumeName:
+                                                  type: string
+                                              type: object
+                                          required:
+                                          - spec
+                                          type: object
+                                      type: object
+                                    fc:
+                                      properties:
+                                        fsType:
+                                          type: string
+                                        lun:
+                                          format: int32
+                                          type: integer
+                                        readOnly:
+                                          type: boolean
+                                        targetWWNs:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        wwids:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      type: object
+                                    flexVolume:
+                                      properties:
+                                        driver:
+                                          type: string
+                                        fsType:
+                                          type: string
+                                        options:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                        readOnly:
+                                          type: boolean
+                                        secretRef:
+                                          properties:
+                                            name:
+                                              default: ""
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      required:
+                                      - driver
+                                      type: object
+                                    flocker:
+                                      properties:
+                                        datasetName:
+                                          type: string
+                                        datasetUUID:
+                                          type: string
+                                      type: object
+                                    gcePersistentDisk:
+                                      properties:
+                                        fsType:
+                                          type: string
+                                        partition:
+                                          format: int32
+                                          type: integer
+                                        pdName:
+                                          type: string
+                                        readOnly:
+                                          type: boolean
+                                      required:
+                                      - pdName
+                                      type: object
+                                    gitRepo:
+                                      properties:
+                                        directory:
+                                          type: string
+                                        repository:
+                                          type: string
+                                        revision:
+                                          type: string
+                                      required:
+                                      - repository
+                                      type: object
+                                    glusterfs:
+                                      properties:
+                                        endpoints:
+                                          type: string
+                                        path:
+                                          type: string
+                                        readOnly:
+                                          type: boolean
+                                      required:
+                                      - endpoints
+                                      - path
+                                      type: object
+                                    hostPath:
+                                      properties:
+                                        path:
+                                          type: string
+                                        type:
+                                          type: string
+                                      required:
+                                      - path
+                                      type: object
+                                    iscsi:
+                                      properties:
+                                        chapAuthDiscovery:
+                                          type: boolean
+                                        chapAuthSession:
+                                          type: boolean
+                                        fsType:
+                                          type: string
+                                        initiatorName:
+                                          type: string
+                                        iqn:
+                                          type: string
+                                        iscsiInterface:
+                                          type: string
+                                        lun:
+                                          format: int32
+                                          type: integer
+                                        portals:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        readOnly:
+                                          type: boolean
+                                        secretRef:
+                                          properties:
+                                            name:
+                                              default: ""
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        targetPortal:
+                                          type: string
+                                      required:
+                                      - iqn
+                                      - lun
+                                      - targetPortal
+                                      type: object
+                                    name:
+                                      type: string
+                                    nfs:
+                                      properties:
+                                        path:
+                                          type: string
+                                        readOnly:
+                                          type: boolean
+                                        server:
+                                          type: string
+                                      required:
+                                      - path
+                                      - server
+                                      type: object
+                                    persistentVolumeClaim:
+                                      properties:
+                                        claimName:
+                                          type: string
+                                        readOnly:
+                                          type: boolean
+                                      required:
+                                      - claimName
+                                      type: object
+                                    photonPersistentDisk:
+                                      properties:
+                                        fsType:
+                                          type: string
+                                        pdID:
+                                          type: string
+                                      required:
+                                      - pdID
+                                      type: object
+                                    portworxVolume:
+                                      properties:
+                                        fsType:
+                                          type: string
+                                        readOnly:
+                                          type: boolean
+                                        volumeID:
+                                          type: string
+                                      required:
+                                      - volumeID
+                                      type: object
+                                    projected:
+                                      properties:
+                                        defaultMode:
+                                          format: int32
+                                          type: integer
+                                        sources:
+                                          items:
+                                            properties:
+                                              clusterTrustBundle:
+                                                properties:
+                                                  labelSelector:
+                                                    properties:
+                                                      matchExpressions:
+                                                        items:
+                                                          properties:
+                                                            key:
+                                                              type: string
+                                                            operator:
+                                                              type: string
+                                                            values:
+                                                              items:
+                                                                type: string
+                                                              type: array
+                                                              x-kubernetes-list-type: atomic
+                                                          required:
+                                                          - key
+                                                          - operator
+                                                          type: object
+                                                        type: array
+                                                        x-kubernetes-list-type: atomic
+                                                      matchLabels:
+                                                        additionalProperties:
+                                                          type: string
+                                                        type: object
+                                                    type: object
+                                                    x-kubernetes-map-type: atomic
+                                                  name:
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                  path:
+                                                    type: string
+                                                  signerName:
+                                                    type: string
+                                                required:
+                                                - path
+                                                type: object
+                                              configMap:
+                                                properties:
+                                                  items:
+                                                    items:
+                                                      properties:
+                                                        key:
+                                                          type: string
+                                                        mode:
+                                                          format: int32
+                                                          type: integer
+                                                        path:
+                                                          type: string
+                                                      required:
+                                                      - key
+                                                      - path
+                                                      type: object
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              downwardAPI:
+                                                properties:
+                                                  items:
+                                                    items:
+                                                      properties:
+                                                        fieldRef:
+                                                          properties:
+                                                            apiVersion:
+                                                              type: string
+                                                            fieldPath:
+                                                              type: string
+                                                          required:
+                                                          - fieldPath
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                        mode:
+                                                          format: int32
+                                                          type: integer
+                                                        path:
+                                                          type: string
+                                                        resourceFieldRef:
+                                                          properties:
+                                                            containerName:
+                                                              type: string
+                                                            divisor:
+                                                              anyOf:
+                                                              - type: integer
+                                                              - type: string
+                                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                              x-kubernetes-int-or-string: true
+                                                            resource:
+                                                              type: string
+                                                          required:
+                                                          - resource
+                                                          type: object
+                                                          x-kubernetes-map-type: atomic
+                                                      required:
+                                                      - path
+                                                      type: object
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                type: object
+                                              secret:
+                                                properties:
+                                                  items:
+                                                    items:
+                                                      properties:
+                                                        key:
+                                                          type: string
+                                                        mode:
+                                                          format: int32
+                                                          type: integer
+                                                        path:
+                                                          type: string
+                                                      required:
+                                                      - key
+                                                      - path
+                                                      type: object
+                                                    type: array
+                                                    x-kubernetes-list-type: atomic
+                                                  name:
+                                                    default: ""
+                                                    type: string
+                                                  optional:
+                                                    type: boolean
+                                                type: object
+                                                x-kubernetes-map-type: atomic
+                                              serviceAccountToken:
+                                                properties:
+                                                  audience:
+                                                    type: string
+                                                  expirationSeconds:
+                                                    format: int64
+                                                    type: integer
+                                                  path:
+                                                    type: string
+                                                required:
+                                                - path
+                                                type: object
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      type: object
+                                    quobyte:
+                                      properties:
+                                        group:
+                                          type: string
+                                        readOnly:
+                                          type: boolean
+                                        registry:
+                                          type: string
+                                        tenant:
+                                          type: string
+                                        user:
+                                          type: string
+                                        volume:
+                                          type: string
+                                      required:
+                                      - registry
+                                      - volume
+                                      type: object
+                                    rbd:
+                                      properties:
+                                        fsType:
+                                          type: string
+                                        image:
+                                          type: string
+                                        keyring:
+                                          type: string
+                                        monitors:
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        pool:
+                                          type: string
+                                        readOnly:
+                                          type: boolean
+                                        secretRef:
+                                          properties:
+                                            name:
+                                              default: ""
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        user:
+                                          type: string
+                                      required:
+                                      - image
+                                      - monitors
+                                      type: object
+                                    scaleIO:
+                                      properties:
+                                        fsType:
+                                          type: string
+                                        gateway:
+                                          type: string
+                                        protectionDomain:
+                                          type: string
+                                        readOnly:
+                                          type: boolean
+                                        secretRef:
+                                          properties:
+                                            name:
+                                              default: ""
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        sslEnabled:
+                                          type: boolean
+                                        storageMode:
+                                          type: string
+                                        storagePool:
+                                          type: string
+                                        system:
+                                          type: string
+                                        volumeName:
+                                          type: string
+                                      required:
+                                      - gateway
+                                      - secretRef
+                                      - system
+                                      type: object
+                                    secret:
+                                      properties:
+                                        defaultMode:
+                                          format: int32
+                                          type: integer
+                                        items:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              mode:
+                                                format: int32
+                                                type: integer
+                                              path:
+                                                type: string
+                                            required:
+                                            - key
+                                            - path
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        optional:
+                                          type: boolean
+                                        secretName:
+                                          type: string
+                                      type: object
+                                    storageos:
+                                      properties:
+                                        fsType:
+                                          type: string
+                                        readOnly:
+                                          type: boolean
+                                        secretRef:
+                                          properties:
+                                            name:
+                                              default: ""
+                                              type: string
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        volumeName:
+                                          type: string
+                                        volumeNamespace:
+                                          type: string
+                                      type: object
+                                    vsphereVolume:
+                                      properties:
+                                        fsType:
+                                          type: string
+                                        storagePolicyID:
+                                          type: string
+                                        storagePolicyName:
+                                          type: string
+                                        volumePath:
+                                          type: string
+                                      required:
+                                      - volumePath
+                                      type: object
+                                  required:
+                                  - name
+                                  type: object
+                                type: array
+                            type: object
+                        type: object
+                      updateStrategy:
+                        properties:
+                          rollingUpdate:
+                            properties:
+                              maxUnavailable:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                x-kubernetes-int-or-string: true
+                              partition:
+                                format: int32
+                                type: integer
+                            type: object
+                          type:
+                            type: string
+                        type: object
+                      volumeClaimTemplates:
+                        items:
+                          properties:
+                            metadata:
+                              properties:
+                                annotations:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                                labels:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                                name:
+                                  type: string
+                              type: object
+                            spec:
+                              properties:
+                                accessModes:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                dataSource:
+                                  properties:
+                                    apiGroup:
+                                      type: string
+                                    kind:
+                                      type: string
+                                    name:
+                                      type: string
+                                  required:
+                                  - kind
+                                  - name
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                dataSourceRef:
+                                  properties:
+                                    apiGroup:
+                                      type: string
+                                    kind:
+                                      type: string
+                                    name:
+                                      type: string
+                                    namespace:
+                                      type: string
+                                  required:
+                                  - kind
+                                  - name
+                                  type: object
+                                resources:
+                                  properties:
+                                    limits:
+                                      additionalProperties:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      type: object
+                                    requests:
+                                      additionalProperties:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      type: object
+                                  type: object
+                                selector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                storageClassName:
+                                  type: string
+                                volumeAttributesClassName:
+                                  type: string
+                                volumeMode:
+                                  type: string
+                                volumeName:
+                                  type: string
+                              type: object
+                          type: object
+                        type: array
+                    type: object
+                type: object
+              tls:
+                properties:
+                  enabled:
+                    type: boolean
+                  secretName:
+                    type: string
+                  sharedKey:
+                    type: string
+                required:
+                - enabled
+                type: object
+            type: object
+          status:
+            properties:
+              active:
+                type: boolean
+              logging:
+                type: string
+              problems:
+                items:
+                  type: string
+                type: array
+              problemsCount:
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngflows.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngflows.yaml
new file mode 100644
index 0000000000..712fa42628
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngflows.yaml
@@ -0,0 +1,364 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: syslogngflows.logging.banzaicloud.io
+spec:
+  group: logging.banzaicloud.io
+  names:
+    categories:
+    - logging-all
+    kind: SyslogNGFlow
+    listKind: SyslogNGFlowList
+    plural: syslogngflows
+    singular: syslogngflow
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - description: Is the flow active?
+      jsonPath: .status.active
+      name: Active
+      type: boolean
+    - description: Number of problems
+      jsonPath: .status.problemsCount
+      name: Problems
+      type: integer
+    name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              filters:
+                items:
+                  properties:
+                    id:
+                      type: string
+                    match:
+                      properties:
+                        and:
+                          x-kubernetes-preserve-unknown-fields: true
+                        not:
+                          x-kubernetes-preserve-unknown-fields: true
+                        or:
+                          x-kubernetes-preserve-unknown-fields: true
+                        regexp:
+                          properties:
+                            flags:
+                              items:
+                                type: string
+                              type: array
+                            pattern:
+                              type: string
+                            template:
+                              type: string
+                            type:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - pattern
+                          type: object
+                      type: object
+                    parser:
+                      properties:
+                        metrics-probe:
+                          properties:
+                            key:
+                              type: string
+                            labels:
+                              additionalProperties:
+                                type: string
+                              type: object
+                            level:
+                              type: integer
+                          type: object
+                        regexp:
+                          properties:
+                            flags:
+                              items:
+                                type: string
+                              type: array
+                            patterns:
+                              items:
+                                type: string
+                              type: array
+                            prefix:
+                              type: string
+                            template:
+                              type: string
+                          required:
+                          - patterns
+                          type: object
+                        syslog-parser:
+                          properties:
+                            flags:
+                              items:
+                                type: string
+                              type: array
+                          type: object
+                      type: object
+                    rewrite:
+                      items:
+                        properties:
+                          group_unset:
+                            properties:
+                              condition:
+                                properties:
+                                  and:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  not:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  or:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  regexp:
+                                    properties:
+                                      flags:
+                                        items:
+                                          type: string
+                                        type: array
+                                      pattern:
+                                        type: string
+                                      template:
+                                        type: string
+                                      type:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - pattern
+                                    type: object
+                                type: object
+                              pattern:
+                                type: string
+                            required:
+                            - pattern
+                            type: object
+                          rename:
+                            properties:
+                              condition:
+                                properties:
+                                  and:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  not:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  or:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  regexp:
+                                    properties:
+                                      flags:
+                                        items:
+                                          type: string
+                                        type: array
+                                      pattern:
+                                        type: string
+                                      template:
+                                        type: string
+                                      type:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - pattern
+                                    type: object
+                                type: object
+                              newName:
+                                type: string
+                              oldName:
+                                type: string
+                            required:
+                            - newName
+                            - oldName
+                            type: object
+                          set:
+                            properties:
+                              condition:
+                                properties:
+                                  and:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  not:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  or:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  regexp:
+                                    properties:
+                                      flags:
+                                        items:
+                                          type: string
+                                        type: array
+                                      pattern:
+                                        type: string
+                                      template:
+                                        type: string
+                                      type:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - pattern
+                                    type: object
+                                type: object
+                              field:
+                                type: string
+                              value:
+                                type: string
+                            required:
+                            - field
+                            - value
+                            type: object
+                          subst:
+                            properties:
+                              condition:
+                                properties:
+                                  and:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  not:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  or:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  regexp:
+                                    properties:
+                                      flags:
+                                        items:
+                                          type: string
+                                        type: array
+                                      pattern:
+                                        type: string
+                                      template:
+                                        type: string
+                                      type:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - pattern
+                                    type: object
+                                type: object
+                              field:
+                                type: string
+                              flags:
+                                items:
+                                  type: string
+                                type: array
+                              pattern:
+                                type: string
+                              replace:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - field
+                            - pattern
+                            - replace
+                            type: object
+                          unset:
+                            properties:
+                              condition:
+                                properties:
+                                  and:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  not:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  or:
+                                    x-kubernetes-preserve-unknown-fields: true
+                                  regexp:
+                                    properties:
+                                      flags:
+                                        items:
+                                          type: string
+                                        type: array
+                                      pattern:
+                                        type: string
+                                      template:
+                                        type: string
+                                      type:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - pattern
+                                    type: object
+                                type: object
+                              field:
+                                type: string
+                            required:
+                            - field
+                            type: object
+                        type: object
+                      type: array
+                  type: object
+                type: array
+              globalOutputRefs:
+                items:
+                  type: string
+                type: array
+              localOutputRefs:
+                items:
+                  type: string
+                type: array
+              loggingRef:
+                type: string
+              match:
+                properties:
+                  and:
+                    x-kubernetes-preserve-unknown-fields: true
+                  not:
+                    x-kubernetes-preserve-unknown-fields: true
+                  or:
+                    x-kubernetes-preserve-unknown-fields: true
+                  regexp:
+                    properties:
+                      flags:
+                        items:
+                          type: string
+                        type: array
+                      pattern:
+                        type: string
+                      template:
+                        type: string
+                      type:
+                        type: string
+                      value:
+                        type: string
+                    required:
+                    - pattern
+                    type: object
+                type: object
+              outputMetrics:
+                items:
+                  properties:
+                    key:
+                      type: string
+                    labels:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    level:
+                      type: integer
+                  type: object
+                type: array
+            type: object
+          status:
+            properties:
+              active:
+                type: boolean
+              problems:
+                items:
+                  type: string
+                type: array
+              problemsCount:
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngoutputs.yaml b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngoutputs.yaml
new file mode 100644
index 0000000000..09b75d417d
--- /dev/null
+++ b/charts/rancher-logging-crd/104.2.0+up4.8.0/templates/logging.banzaicloud.io_syslogngoutputs.yaml
@@ -0,0 +1,2905 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: syslogngoutputs.logging.banzaicloud.io
+spec:
+  group: logging.banzaicloud.io
+  names:
+    categories:
+    - logging-all
+    kind: SyslogNGOutput
+    listKind: SyslogNGOutputList
+    plural: syslogngoutputs
+    singular: syslogngoutput
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - description: Is the output active?
+      jsonPath: .status.active
+      name: Active
+      type: boolean
+    - description: Number of problems
+      jsonPath: .status.problemsCount
+      name: Problems
+      type: integer
+    name: v1beta1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              elasticsearch:
+                properties:
+                  batch-bytes:
+                    type: integer
+                  batch-lines:
+                    type: integer
+                  batch-timeout:
+                    type: integer
+                  body:
+                    type: string
+                  body-prefix:
+                    type: string
+                  body-suffix:
+                    type: string
+                  custom_id:
+                    type: string
+                  delimiter:
+                    type: string
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  headers:
+                    items:
+                      type: string
+                    type: array
+                  index:
+                    type: string
+                  log-fifo-size:
+                    type: integer
+                  logstash_prefix:
+                    type: string
+                  logstash_prefix_separator:
+                    type: string
+                  logstash_suffix:
+                    type: string
+                  method:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  persist_name:
+                    type: string
+                  response-action:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  retries:
+                    type: integer
+                  template:
+                    type: string
+                  time_reopen:
+                    type: integer
+                  timeout:
+                    type: integer
+                  tls:
+                    properties:
+                      ca_dir:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ca_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cert_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cipher-suite:
+                        type: string
+                      key_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      peer_verify:
+                        type: boolean
+                      ssl_version:
+                        enum:
+                        - sslv3
+                        - tlsv1
+                        - tlsv1_0
+                        - tlsv1_1
+                        - tlsv1_2
+                        - tlsv1_3
+                        type: string
+                      use-system-cert-store:
+                        type: boolean
+                    type: object
+                  type:
+                    type: string
+                  url:
+                    type: string
+                  user:
+                    type: string
+                  user-agent:
+                    type: string
+                  workers:
+                    type: integer
+                type: object
+              file:
+                properties:
+                  create_dirs:
+                    type: boolean
+                  dir_group:
+                    type: string
+                  dir_owner:
+                    type: string
+                  dir_perm:
+                    type: integer
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  path:
+                    type: string
+                  persist_name:
+                    type: string
+                  template:
+                    type: string
+                required:
+                - path
+                type: object
+              http:
+                properties:
+                  batch-bytes:
+                    type: integer
+                  batch-lines:
+                    type: integer
+                  batch-timeout:
+                    type: integer
+                  body:
+                    type: string
+                  body-prefix:
+                    type: string
+                  body-suffix:
+                    type: string
+                  delimiter:
+                    type: string
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  headers:
+                    items:
+                      type: string
+                    type: array
+                  log-fifo-size:
+                    type: integer
+                  method:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  persist_name:
+                    type: string
+                  response-action:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  retries:
+                    type: integer
+                  time_reopen:
+                    type: integer
+                  timeout:
+                    type: integer
+                  tls:
+                    properties:
+                      ca_dir:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ca_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cert_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cipher-suite:
+                        type: string
+                      key_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      peer_verify:
+                        type: boolean
+                      ssl_version:
+                        enum:
+                        - sslv3
+                        - tlsv1
+                        - tlsv1_0
+                        - tlsv1_1
+                        - tlsv1_2
+                        - tlsv1_3
+                        type: string
+                      use-system-cert-store:
+                        type: boolean
+                    type: object
+                  url:
+                    type: string
+                  user:
+                    type: string
+                  user-agent:
+                    type: string
+                  workers:
+                    type: integer
+                type: object
+              loggingRef:
+                type: string
+              loggly:
+                properties:
+                  close_on_input:
+                    type: boolean
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  flags:
+                    items:
+                      type: string
+                    type: array
+                  flush_lines:
+                    type: integer
+                  host:
+                    type: string
+                  persist_name:
+                    type: string
+                  port:
+                    type: integer
+                  so_keepalive:
+                    type: boolean
+                  suppress:
+                    type: integer
+                  tag:
+                    type: string
+                  template:
+                    type: string
+                  template_escape:
+                    type: boolean
+                  tls:
+                    properties:
+                      ca_dir:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ca_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cert_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cipher-suite:
+                        type: string
+                      key_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      peer_verify:
+                        type: boolean
+                      ssl_version:
+                        enum:
+                        - sslv3
+                        - tlsv1
+                        - tlsv1_0
+                        - tlsv1_1
+                        - tlsv1_2
+                        - tlsv1_3
+                        type: string
+                      use-system-cert-store:
+                        type: boolean
+                    type: object
+                  token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  transport:
+                    type: string
+                  ts_format:
+                    type: string
+                required:
+                - token
+                type: object
+              logscale:
+                properties:
+                  attributes:
+                    type: string
+                  batch_bytes:
+                    type: integer
+                  batch_lines:
+                    type: integer
+                  batch_timeout:
+                    type: integer
+                  body:
+                    type: string
+                  content_type:
+                    type: string
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  extra_headers:
+                    type: string
+                  persist_name:
+                    type: string
+                  rawstring:
+                    type: string
+                  timezone:
+                    type: string
+                  token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  url:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                type: object
+              loki:
+                properties:
+                  auth:
+                    properties:
+                      adc:
+                        type: object
+                      alts:
+                        properties:
+                          target-service-accounts:
+                            items:
+                              type: string
+                            type: array
+                        type: object
+                      insecure:
+                        type: object
+                      tls:
+                        properties:
+                          ca_file:
+                            properties:
+                              mountFrom:
+                                properties:
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              value:
+                                type: string
+                              valueFrom:
+                                properties:
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                            type: object
+                          cert_file:
+                            properties:
+                              mountFrom:
+                                properties:
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              value:
+                                type: string
+                              valueFrom:
+                                properties:
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                            type: object
+                          key_file:
+                            properties:
+                              mountFrom:
+                                properties:
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                              value:
+                                type: string
+                              valueFrom:
+                                properties:
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                            type: object
+                        type: object
+                    type: object
+                  batch-lines:
+                    type: integer
+                  batch-timeout:
+                    type: integer
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  log-fifo-size:
+                    type: integer
+                  persist_name:
+                    type: string
+                  retries:
+                    type: integer
+                  template:
+                    type: string
+                  time_reopen:
+                    type: integer
+                  timestamp:
+                    enum:
+                    - current
+                    - received
+                    - msg
+                    type: string
+                  url:
+                    type: string
+                  workers:
+                    type: integer
+                type: object
+              mongodb:
+                properties:
+                  batch-bytes:
+                    type: integer
+                  batch-lines:
+                    type: integer
+                  batch-timeout:
+                    type: integer
+                  bulk:
+                    type: boolean
+                  bulk_bypass_validation:
+                    type: boolean
+                  bulk_unordered:
+                    type: boolean
+                  collection:
+                    type: string
+                  dir:
+                    type: string
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  log-fifo-size:
+                    type: integer
+                  persist_name:
+                    type: string
+                  retries:
+                    type: integer
+                  time_reopen:
+                    type: integer
+                  uri:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  value_pairs:
+                    properties:
+                      exclude:
+                        type: string
+                      key:
+                        type: string
+                      pair:
+                        type: string
+                      scope:
+                        type: string
+                    type: object
+                  write_concern:
+                    enum:
+                    - unacked
+                    - acked
+                    - majority
+                    type: string
+                required:
+                - collection
+                type: object
+              mqtt:
+                properties:
+                  address:
+                    type: string
+                  fallback-topic:
+                    type: string
+                  qos:
+                    type: integer
+                  template:
+                    type: string
+                  topic:
+                    type: string
+                type: object
+              openobserve:
+                properties:
+                  batch-bytes:
+                    type: integer
+                  batch-lines:
+                    type: integer
+                  batch-timeout:
+                    type: integer
+                  body:
+                    type: string
+                  body-prefix:
+                    type: string
+                  body-suffix:
+                    type: string
+                  delimiter:
+                    type: string
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  headers:
+                    items:
+                      type: string
+                    type: array
+                  log-fifo-size:
+                    type: integer
+                  method:
+                    type: string
+                  organization:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  persist_name:
+                    type: string
+                  port:
+                    type: integer
+                  record:
+                    type: string
+                  response-action:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  retries:
+                    type: integer
+                  stream:
+                    type: string
+                  time_reopen:
+                    type: integer
+                  timeout:
+                    type: integer
+                  tls:
+                    properties:
+                      ca_dir:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ca_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cert_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cipher-suite:
+                        type: string
+                      key_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      peer_verify:
+                        type: boolean
+                      ssl_version:
+                        enum:
+                        - sslv3
+                        - tlsv1
+                        - tlsv1_0
+                        - tlsv1_1
+                        - tlsv1_2
+                        - tlsv1_3
+                        type: string
+                      use-system-cert-store:
+                        type: boolean
+                    type: object
+                  url:
+                    type: string
+                  user:
+                    type: string
+                  user-agent:
+                    type: string
+                  workers:
+                    type: integer
+                type: object
+              redis:
+                properties:
+                  auth:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  batch-bytes:
+                    type: integer
+                  batch-lines:
+                    type: integer
+                  batch-timeout:
+                    type: integer
+                  command:
+                    properties:
+                      string-list:
+                        items:
+                          type: string
+                        type: array
+                    type: object
+                  command_and_arguments:
+                    items:
+                      type: string
+                    type: array
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  host:
+                    type: string
+                  log-fifo-size:
+                    type: integer
+                  persist_name:
+                    type: string
+                  port:
+                    type: integer
+                  retries:
+                    type: integer
+                  throttle:
+                    type: integer
+                  time-reopen:
+                    type: integer
+                  workers:
+                    type: integer
+                type: object
+              s3:
+                properties:
+                  access_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  bucket:
+                    type: string
+                  canned_acl:
+                    type: string
+                  chunk_size:
+                    type: integer
+                  compression:
+                    type: boolean
+                  compresslevel:
+                    type: integer
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  flush_grace_period:
+                    type: integer
+                  log-fifo-size:
+                    type: integer
+                  max_object_size:
+                    type: integer
+                  max_pending_uploads:
+                    type: integer
+                  object_key:
+                    type: string
+                  object_key_timestamp:
+                    type: string
+                  persist_name:
+                    type: string
+                  region:
+                    type: string
+                  retries:
+                    type: integer
+                  secret_key:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  storage_class:
+                    type: string
+                  template:
+                    type: string
+                  throttle:
+                    type: integer
+                  upload_threads:
+                    type: integer
+                  url:
+                    type: string
+                type: object
+              splunk_hec_event:
+                properties:
+                  batch-bytes:
+                    type: integer
+                  batch-lines:
+                    type: integer
+                  batch-timeout:
+                    type: integer
+                  body:
+                    type: string
+                  body-prefix:
+                    type: string
+                  body-suffix:
+                    type: string
+                  content_type:
+                    type: string
+                  default_index:
+                    type: string
+                  default_source:
+                    type: string
+                  default_sourcetype:
+                    type: string
+                  delimiter:
+                    type: string
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  event:
+                    type: string
+                  extra_headers:
+                    items:
+                      type: string
+                    type: array
+                  extra_queries:
+                    items:
+                      type: string
+                    type: array
+                  fields:
+                    type: string
+                  headers:
+                    items:
+                      type: string
+                    type: array
+                  host:
+                    type: string
+                  index:
+                    type: string
+                  log-fifo-size:
+                    type: integer
+                  method:
+                    type: string
+                  password:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  persist_name:
+                    type: string
+                  response-action:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  retries:
+                    type: integer
+                  source:
+                    type: string
+                  sourcetype:
+                    type: string
+                  time:
+                    type: string
+                  time_reopen:
+                    type: integer
+                  timeout:
+                    type: integer
+                  tls:
+                    properties:
+                      ca_dir:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ca_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cert_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cipher-suite:
+                        type: string
+                      key_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      peer_verify:
+                        type: boolean
+                      ssl_version:
+                        enum:
+                        - sslv3
+                        - tlsv1
+                        - tlsv1_0
+                        - tlsv1_1
+                        - tlsv1_2
+                        - tlsv1_3
+                        type: string
+                      use-system-cert-store:
+                        type: boolean
+                    type: object
+                  token:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  url:
+                    type: string
+                  user:
+                    type: string
+                  user-agent:
+                    type: string
+                  workers:
+                    type: integer
+                type: object
+              sumologic-http:
+                properties:
+                  batch-bytes:
+                    type: integer
+                  batch-lines:
+                    type: integer
+                  batch-timeout:
+                    type: integer
+                  body:
+                    type: string
+                  collector:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                  deployment:
+                    type: string
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  headers:
+                    items:
+                      type: string
+                    type: array
+                  persist_name:
+                    type: string
+                  time_reopen:
+                    type: integer
+                  tls:
+                    properties:
+                      ca_dir:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ca_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cert_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cipher-suite:
+                        type: string
+                      key_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      peer_verify:
+                        type: boolean
+                      ssl_version:
+                        enum:
+                        - sslv3
+                        - tlsv1
+                        - tlsv1_0
+                        - tlsv1_1
+                        - tlsv1_2
+                        - tlsv1_3
+                        type: string
+                      use-system-cert-store:
+                        type: boolean
+                    type: object
+                  url:
+                    properties:
+                      mountFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      value:
+                        type: string
+                      valueFrom:
+                        properties:
+                          secretKeyRef:
+                            properties:
+                              key:
+                                type: string
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    type: object
+                type: object
+              sumologic-syslog:
+                properties:
+                  deployment:
+                    type: string
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  persist_name:
+                    type: string
+                  port:
+                    type: integer
+                  tag:
+                    type: string
+                  tls:
+                    properties:
+                      ca_dir:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ca_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cert_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cipher-suite:
+                        type: string
+                      key_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      peer_verify:
+                        type: boolean
+                      ssl_version:
+                        enum:
+                        - sslv3
+                        - tlsv1
+                        - tlsv1_0
+                        - tlsv1_1
+                        - tlsv1_2
+                        - tlsv1_3
+                        type: string
+                      use-system-cert-store:
+                        type: boolean
+                    type: object
+                  token:
+                    type: integer
+                type: object
+              syslog:
+                properties:
+                  close_on_input:
+                    type: boolean
+                  disk_buffer:
+                    properties:
+                      compaction:
+                        type: boolean
+                      dir:
+                        type: string
+                      disk_buf_size:
+                        format: int64
+                        type: integer
+                      mem_buf_length:
+                        format: int64
+                        type: integer
+                      mem_buf_size:
+                        format: int64
+                        type: integer
+                      q_out_size:
+                        format: int64
+                        type: integer
+                      reliable:
+                        type: boolean
+                    required:
+                    - disk_buf_size
+                    - reliable
+                    type: object
+                  flags:
+                    items:
+                      type: string
+                    type: array
+                  flush_lines:
+                    type: integer
+                  host:
+                    type: string
+                  persist_name:
+                    type: string
+                  port:
+                    type: integer
+                  so_keepalive:
+                    type: boolean
+                  suppress:
+                    type: integer
+                  template:
+                    type: string
+                  template_escape:
+                    type: boolean
+                  tls:
+                    properties:
+                      ca_dir:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      ca_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cert_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      cipher-suite:
+                        type: string
+                      key_file:
+                        properties:
+                          mountFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        type: object
+                      peer_verify:
+                        type: boolean
+                      ssl_version:
+                        enum:
+                        - sslv3
+                        - tlsv1
+                        - tlsv1_0
+                        - tlsv1_1
+                        - tlsv1_2
+                        - tlsv1_3
+                        type: string
+                      use-system-cert-store:
+                        type: boolean
+                    type: object
+                  transport:
+                    type: string
+                  ts_format:
+                    type: string
+                type: object
+            type: object
+          status:
+            properties:
+              active:
+                type: boolean
+              problems:
+                items:
+                  type: string
+                type: array
+              problemsCount:
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/index.yaml b/index.yaml
index e15b9e4a63..bb692dc010 100755
--- a/index.yaml
+++ b/index.yaml
@@ -17739,6 +17739,20 @@ entries:
     urls:
     - assets/rancher-logging-crd/rancher-logging-crd-105.0.0+up4.8.0.tgz
     version: 105.0.0+up4.8.0
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cattle-logging-system
+      catalog.cattle.io/release-name: rancher-logging-crd
+    apiVersion: v1
+    created: "2025-02-25T21:43:03.380039406-03:00"
+    description: Installs the CRDs for rancher-logging.
+    digest: 16348871b91843d294d8b5d305dc5f78ad9cc5a22f8ffccbaa60ead853bdbac9
+    name: rancher-logging-crd
+    type: application
+    urls:
+    - assets/rancher-logging-crd/rancher-logging-crd-104.2.0+up4.8.0.tgz
+    version: 104.2.0+up4.8.0
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
diff --git a/release.yaml b/release.yaml
index 3e00b835a6..e15f1733ad 100644
--- a/release.yaml
+++ b/release.yaml
@@ -2,3 +2,5 @@ rancher-webhook:
   - 104.0.7+up0.5.7
 rancher-logging:
   - 104.2.0+up4.8.0
+rancher-logging-crd:
+  - 104.2.0+up4.8.0

From 0b5b65e8956411646d0ff9f61deab41af88d8828 Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:44:06 -0300
Subject: [PATCH 05/19] fp: fleet 104.1.5+up0.10.9

---
 assets/fleet/fleet-104.1.5+up0.10.9.tgz       | Bin 0 -> 6446 bytes
 charts/fleet/104.1.5+up0.10.9/Chart.yaml      |  18 ++
 charts/fleet/104.1.5+up0.10.9/README.md       |  30 +++
 .../104.1.5+up0.10.9/templates/_helpers.tpl   |  22 ++
 .../104.1.5+up0.10.9/templates/configmap.yaml |  29 ++
 .../templates/deployment.yaml                 | 251 ++++++++++++++++++
 .../templates/deployment_gitjob.yaml          | 136 ++++++++++
 .../job_cleanup_clusterregistrations.yaml     |  41 +++
 .../templates/job_cleanup_gitrepojobs.yaml    |  44 +++
 .../104.1.5+up0.10.9/templates/rbac.yaml      | 113 ++++++++
 .../templates/rbac_gitjob.yaml                | 133 ++++++++++
 .../104.1.5+up0.10.9/templates/service.yaml   |  36 +++
 .../templates/service_gitjob.yaml             |  51 ++++
 .../templates/serviceaccount.yaml             |  12 +
 .../templates/serviceaccount_gitjob.yaml      |   6 +
 charts/fleet/104.1.5+up0.10.9/values.yaml     | 121 +++++++++
 index.yaml                                    |  22 ++
 release.yaml                                  |   2 +
 18 files changed, 1067 insertions(+)
 create mode 100644 assets/fleet/fleet-104.1.5+up0.10.9.tgz
 create mode 100644 charts/fleet/104.1.5+up0.10.9/Chart.yaml
 create mode 100644 charts/fleet/104.1.5+up0.10.9/README.md
 create mode 100644 charts/fleet/104.1.5+up0.10.9/templates/_helpers.tpl
 create mode 100644 charts/fleet/104.1.5+up0.10.9/templates/configmap.yaml
 create mode 100644 charts/fleet/104.1.5+up0.10.9/templates/deployment.yaml
 create mode 100644 charts/fleet/104.1.5+up0.10.9/templates/deployment_gitjob.yaml
 create mode 100644 charts/fleet/104.1.5+up0.10.9/templates/job_cleanup_clusterregistrations.yaml
 create mode 100644 charts/fleet/104.1.5+up0.10.9/templates/job_cleanup_gitrepojobs.yaml
 create mode 100644 charts/fleet/104.1.5+up0.10.9/templates/rbac.yaml
 create mode 100644 charts/fleet/104.1.5+up0.10.9/templates/rbac_gitjob.yaml
 create mode 100644 charts/fleet/104.1.5+up0.10.9/templates/service.yaml
 create mode 100644 charts/fleet/104.1.5+up0.10.9/templates/service_gitjob.yaml
 create mode 100644 charts/fleet/104.1.5+up0.10.9/templates/serviceaccount.yaml
 create mode 100644 charts/fleet/104.1.5+up0.10.9/templates/serviceaccount_gitjob.yaml
 create mode 100644 charts/fleet/104.1.5+up0.10.9/values.yaml

diff --git a/assets/fleet/fleet-104.1.5+up0.10.9.tgz b/assets/fleet/fleet-104.1.5+up0.10.9.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..f0c5c0f2fbc6fc4d6948f4593061bd8251f467d0
GIT binary patch
literal 6446
zcmV+}8PVn+iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PKBhS0gvla6b31sAKY;N%CT2Gr-LHBze{go>>wG`~b7roIQJp
z++DUc)0R4t8pccb@6XYtukN-D7$(VD^I>RRN+qdOH<jd3h^TfBCq$^$j7-BXo*=c`
z?e@Xmp83DsZkPY>yli*A=<L1P-{0%BU%q_xMZ2@R`)cnCXg>uq<rGUr#24*H_f;O;
zA0!dRxFU*jCc7ShPZSCHxaAY2LTpjKLt@37lu1RxunUG<n!X6Wn-b+uDqHv{6dh3v
zx*!PiCnzeb;im`%ogz~t>_S6{7#o!pCo~9<Ev)h}9%Azvg`}Ky;l=mgL8sMu-D)@6
z@GW#&FFX3r7nMyJnWBt{k6o~tO*=+8lM1JmO}OkrNLl=;vNS?5rAju_TH8021^h-<
z*B1Pm1}K~3YtaQijHN;$TLy<*wd)QEqY3F$!f>-(oPgcdU)=b2Tb*|O_yvYYBsTRt
zxb^i&ME{Y%y599j6s4bS4eT#ofYKK<QYP<>ZUpZLBV!cMgtt_kMG}aD3!jAOQD4`Z
zC>6=>&W^8njchrj4T(vKO74Vw%;k<9xx5~Gd5qGbb=rHaPHX@F$C1P2b8nzOc(VNe
znuIaRrxE~5`2WGd!CsmF@9)3d@c-vXbV|mkIlsV&ORBh-rEJ^oMGrucaTl)Lh66Bd
z25}e;cu4(O7mi1#Tnz+DWXki%7@0a=3b$$M-5dHAyx}5Ylpt_Sr4mMfftnyh@i3%5
zygxqyJ~BB!#zPbg6-ww0jzOZhMgh}UDi|V2R4_q--WK#fk!ciS#;MR|w0u789_;PC
z)O_*6G=G17(uGE2IW{;2WIhit0JFyuqz-%cM(=n8A&wN_G*UC53aA7kWjw_I)P%}1
zq|1{FT}9F{!vKaeAaH|W2p<{0VQ|=MWy3k_C8Ie)rNtLR2{#i|6BGtXvs54_JPrd;
zLL+zBgJH~q5G9NRpPFhsLOpmk1}i;ZNLN`ZE>J^c;B&^%H<c6z;%&jy2o9|XBoo<!
zOA#Yb2ESN9O#|Q;nDPL(VMIddN|m6#viU7bc$X&^?|6V+Xyluk!Sx`B-QwtmYz!kV
zV8U;Jj}$UHN|_8(6RuD|V1h)bArfUfIGmvWk+Nf^P+S|;rL#XZ@PBeMHsdke5T?uk
z!;s&k1QJJ_m8gV+jL@f}nVvx^AS6Q!Wy_;u#swbQhUd8^C#FKz&VugtkjENrvkGIX
zG~Pf20*{p@GC5;D+)y=f>ve=t$Y*A{r6LMj-WL3z7fGNJGd-;YSUeq~Fs;$&EYOsu
z@e`;?ig6eVBnocGOb<W_I@Xe(Fu-dKS51h5fTLtD6!;{T2n0gTqn4#(#+9M$07oPa
z4JCK>ldg0fH(!1BYm6}-VMu0O=<K$o9<Sb>|C0ZPNbpZHw_&_3`)N0CcW39@SfbDx
z#P@&wHX>5qa1ngp{Wcci_uX&x!hWwo`FuJhATc6>C=4K^(#%=Fr-U*ITmX%L1c5*)
zQQCps&@ePZ(Bm?@T=(oTKCl>cc3-vH`rpp$?M^%U^VM#vb6`F?yW5?==&#rI^I*Fr
zul?;-LjEE5N$7b)&Xr#ENb^x-WEg6lT5G``z!qFi5K`?mhuRQ9EA75sA`F1Az+h>B
zrj(e}w8V%41E9<U$f?7YOIuv#`@1pJpaGkDjz#DVwV*S?wt<c;3o|ec<1)nwEht{2
zhno&gGxQn_1EFU&s@ZBmpmk1XtAL`@{Hz3q><zh=@oT}QM#F4XX@GKuy5=Yj!x^N@
zU`M(QR7uUoMs%F86FtYePhAr58zz-NGELQa1CufXR!+ETIl1TtA<-A8+{e%e$u3NZ
zZt4L<L`|gS&*P8}N$Bh}6&m>pj@KU9`E#6N<{0`Gobmu2Q!%R(@j#0WI%b*$=o;rZ
z%4FWhRETKJJm9|E(L1R*j%k29j0f117-|O2*^alh<>{;olfy+9Ztpb26Ss|Y87M+E
zd(sonLoFW=z7qIrOa&HXmND86zV=)#W0AtY{%r;^5R?n5W``k>QqzDNf);(;Ev+6-
z%Zti2-ON$NBRRj1yeVoCQdJV*Fdipt)_k1cHHKYidy(J~854y^I{N~Z7H9I3_ly8Z
z0Bmi+nX!;a2#16B5JiHIiiFdGf#4&mg{bD(J`eRoVxVg&%3>bNaAv4Wl4}e!dlfU#
zb~6t&{2rTWy@CdC&BJ(#C9?Dh)7#G3n8CIoeW%sH5Vd5AHCvl-sRl$%G)Ii$fyT4z
zZ2`ERy3jai%ZACZ{T$}Iu~i|3l6+gz?ZS?lMmuKkX@QzW*o7l14B5=i#GzqUo;Rgq
zk@H5(OTWVq35%nY4LX7M10Tv_k)cB*0SZXywKzLoXiEF8Q1@pn;iF_&@Ukt<Mpa@q
za1+sSSqyKEkOU!R*oEDFX}Ys^uwFW$7gCh^%L=Ss>~rQ*_m%S3RPf$#@ezd+Ihr^O
zd$I(N#GjZs)D<&8299fIfu{4*g~oon;qt5=P?42wBv)v(VkHP5yQYF0mI2p9P`y(m
zXu)bR%H%-Atq4cmuFtMDH8jE6^8J4f`sc^*`lpw@ldH4C<Ex9yv-95DzNIX!AE#a(
zZwusvh(KCuY61<qHmB{VsK9tq$|~|NO_H|jk1vB}99h2Hv^qnxT?XA*8|Y3M^zPa~
z@2=J5VeNl~(<meg<<8Xv!w7|Jsc3DkfMx#Q_MH8{ckpU|WB)%#y1i{`)r&Gr45llm
ziCsB6W!8Y^-JPc^(h;=&VO>R56-oSvl`2TuEE1Hd5j6gv+-W=r0BU<L`DkSLAPeUH
z_HJ)?zVUvtF4v+4sujdk&D2_nQHYF>*6d5U?dd93Fxu>#GNRd>X09P8f!6=Dji@bj
ze}X|ACTx&P%tQ3P*>U(KlWYo`Mv=+^w_|F;N7R~I-qox*bix`<Tb+TU5&D`*pYjXW
zzs|Pyx7NcN{a<4eHp(+oiH3CS$l_3BMVYHR2kCRu>?W-*mHEF_S*9dfqceC3|KHtf
zm-+wxZo9ML|Id*MM?D?yBV|Dsta|^BMA|$e0a2vuTm$I|V5-Y{NwKAzF8pRx%3G&c
zHYz!LqYI7OTS&-mf#_+$-Cbil0hYOz?+4-bHW51+gjVL6zPsyI)=*?z-FxPqc6d}Y
zF8Q&G<H$LZErb+6uB5WXVb3-g9_%6WVXoa_Zw}>>$FkI6MU6QK&Z%0_(v{>|+};-S
z1R{oHjEB~;r9ABe?(UK<YU>pHtF2b-TnniT_7XR0qYGIFOX}X;rIV7ngminC3D7XE
znj+F^&6X+5p$gE@6j)bXmlbPUH&I=ETUu;keMyZjR5!83#U`nPudbi8La|-ZJ6G4Z
zSnKXCF+a1Jy}{vx^N;7~BdyvW^W}MB9aA-lhwsl%1_DR)Q;B|xg-P#s|J6sxW%-};
zrL9c?SS<f{+XwpxW%<9i`)VWqpCf6t{!8m=f$n$q0OYHH`U)B}XlP@rk#|`%K$m@;
zT3uhpjQ$$qMG-)Sz394V8qTcC1Yu*WF18h@Jtz8VLL{_kQ0(gKw5qL~4B<N<QKTh6
zlF=$xEFhd!FJ$ZP@~9*hRPn21Te%V0j`dU|DBRr@0%}MU$(>Zy%1+}dbgf2N*}A=@
zBL`RGcz4${e>ZP$3%R$q$O6sZWQ2a#oG>IFCp{z+y5)`$-PDjMs!;79)vsK`9ELiD
z1sL^EY%0ezS=4D@HK;uPjkJv;1bgP4ud)QHQv-8BV;Q`hf{@IQP8wrES<ZK=t6pcL
zOT3t;y?6bKLGQ4imN*Ojjo{O6E)!rxF$~UeRLphx##f%sX(m|9ga0zwBo(Kk`I$)Y
zdvnt7UtS%ayuY~YpI`M)|Mz|WegEpHf71K8jIq{!R)$}iyDALrk!%G{f4{sOTn*08
z{<#E&g#a!d1>y8;mFDgg_nzZUPE8gp$Kd_dU~qo+=IZG9d>)1DjAZAj`W^JokI#-O
zNB?Wg70yF#+2fyk&PDN9rBygnslxNHcX@fzzv`d#4=<0;POnb-y^H?U(fjkB{;a}x
zrLG=@bneV&6_n5Wm*+n(nBWz<c_g~I^QhGjKJEW>b=2=2ogAOe@v+4y=eoKd(&h|x
z0d`0Ie_XvgJE}luF%z%c7^(PaW#?lpcQ)3tr(IR3{O$ee(MkX6ynlFhdU$-&Kfn6v
z?EJ_6`Nc~6=ANCdX&jl#UO%Fv{@~>7=Xd?n%O@OLH6poDmPePI5!y0P{AV%^D~f*u
z$^s4cbx!Tdbzy@T;l*kWp)ZYwlyyT(-XJjUpmMn)ns#5Leb#ux3Ml2H7#s5-D?CKC
zgy7;7S}sT-Kl+FZCG%=Zs>uwvP+fT4e%;P3u|?d$TSSW{IEn>%$Y!_|qfM}_QqY>v
zY$mE+E;A#ssz&u&L)!$a%!=+dpi<{IR~YOH%&OTmne#c#5U(+;99sdLi65C8Whe_w
zL82d<02a;^eo}eO(L?|Y1ihvqj<GL&61qqQ8>Eue6i9+I7S7H&S8r&Db}yts6Dj2+
zu!4CIK8eVXhE!3MMfEihJSyfip?7k!Xm)MX$U76Lm~YyIsm>duaUun<mQwS%tLQ%!
zP+j!NJnUlr9O8MB%TXz8fu7tXq|CQ*CpHMoM8V}ETGd4Gcs#K|0F-H3kun#t^gA^*
zo>NwD6vmYi{_j#47wa5JsB;DOZ;vm}`-8J5QFSW1-RPr#P<=GX`t16nl^|<V9`B*K
zHKE-3MiY8EP3Uur`J!)VaDF!Ez3p9UasIdWZ?7);mzT$<Z!fMc&#roJ`=^&H?Zm~w
z(7zXlz(&bf8R0*-lJU8Dy|EB71L5=V{5mA6Z0zjxeu<TxR@~UxpGUgPWmvOY&I_EP
zrEN~vj;Ou9Q@u=!4jSyemJ0t}dX7+WX#{=)=A3$+cI6PfWSzt{^|9ys+NM8U<aH}u
zMY;vb{4fscqFpnSKEvg8m76jTx5iajsFJxWq3EwHy2%P{k^^OTi2M;}+wi5mGMpYI
zS0SQn7W||3ILo%2@4Y}Cg_~A2(^ZI3UU|myVbj$UmakDeU)8iYcf~8KT6Oy?CpG4Z
zGX|O`yeckO;#0NUL&U5nPdU>Zp~MGF(R+!a3!QemUCe(gcpSNc94^gfGyl2%_>cPd
zpQ|xdANX($VL*%He>&~Gx%Yn#UhTIx@juUzHt|2t5&u(WVfH#|UZHwugpl2&Pa7BH
zI%zyC9w^t^rr&uSP?f@Ahu|vA2MU>+e%7v7F(~~pc10tny0Llmszm03bF#Vf!|D^n
zPC*f^K0~Zj_yLF*m%!H<Cc12HEL#1ynN2ebg`#Jk?xogCmHkq0!Q97&shQkGC$BYU
zuggzgSL&;*j8^qp(74M8DE@=wtP<RBAT4?;Bem+W@Zy8vnm!6nJ6PhlgL>y3EO6k#
z%1*q8JGbB=4la0%lWPej-Otgr2>lvo*GkA&JG>r>dX3X-G4eHzuNBd+c7ClmfVqH4
zSQfVlD@I<H0nNv6J_J%l9A^!fidfDS=j7f;fN<Z_M_B6#<a(p5I=j_jRx8QBRlN96
z>&dV7)h+ba-N#?Ivd3<*&u)>|4k|r&Fz3Cip~SjKnPssu^U*RJZ`j5g_9yd(<+sTF
zyxPy{Qu{-tvj6V`A6~hLfGc+&B>!IFgWiZ;cK?63eE)BEx6|Id|N1Pc<fhBs-)hxA
zzLo5vyw7S#lt0OwRzL7z{o4T+O0$Z*Jb==R<N%EchSQdu>`XZS*yuvUrAl5T-?m?I
zG!`Vl`RdI8LsZy|lFRxgQ^vlJXkJ7c;)n}unr!o8BIPV~k3IPITjIf3=2xmY$P%cD
zQY9zBr+A$fJ($(zS?XdQTy+u7u3u%G(gPo2D7#<^Z!pl@^9#k^@+aiEcNg4iLh}dY
zY3sF|_dfivwqElr_ffBS)*bO@6j<=I&4+e1p<>THOkHf1l^zS_-bz#joFVZ)^3mvo
zPO0ibXCthiGA)w-&d~h8hmU(2e(C!^d!_Tg-F9bl|NnWClmCPTRXV`@>zYu1gtbH^
zI24?%q87M5wG5TnL6v*utP735284#QhJA6!kA*<y&k~XFhKr$bbsG^c<tPp{@_(mN
z%NWN}w4fUi8e%YC*6{#7@Zn`a^5?~PQ73>3y#Ok71E|&y%D`cj^CwuWAuJJg3pE8;
zq%FV#tF8J}tX^|~XV)I!(Hg|kiM^jEYCTRQxQAu|%iUUK4Ff8)45&EMtI{^0`aJIu
zibiL*xE_zvHuAv!dsU9I{1-#wulsjkmdO8?`|a}kKYN}1&HI1PlJWxEtUZa<gbVr~
z`#$-{*V6v{R3gNkQ-FuK%G-b<4mE3Q0*R;*DTZk@%fTAvIc&*e;iIeY;+q#9z%`0t
zE@KXic`(1!GCePq=F>@2Vx_5kAW-|bnuVCYkhu!5+9{pyBQec*=uppP3@HmJ8{7P>
zMyY5qGSy=<mCdhq$ij@LKuSv8{b=NG7P*y3g@@>l#S^p_^yUG~6J#xH84o|8uM8#H
zW)}q|tG;F72QhAMTj%!I(ptGU?7WA}(PKAI6_MVHFn!KNK-prFG-IuR_RtYOJvlrT
z9hAcvD=$SnZm+B`E4eEcb%bFV=Stl4nRa#_>8IP{xn3T;%7q&&%lG}CLP@OB|JE1z
zZPOC{Z*RA=TYmp>zrDNB|DGe2_}b#Y<VQ0!XAC;#Wp1JsRTLxJjN`~!?j>Et@U9Ph
zDDB<4oVJp&xoVj8;36K>fD5TqFS5@u=D%(<k`L+6>5^+4K_>X`4YZ_)*Y?qHUOCyA
z&)SiSsMwX1`fhyFSX<u$?a%!gQ@*M*y<X|Z7_+}`+;0^>5)b!#hmCShc4sDEW;{vK
zCoG?-g-up(5&rhza^Z07R~!YzRJ<?QWLp1v=y2ZDnkNVQqjdE&Q473a)-8hTGVJu#
zcC<+8sO&#6y5_n@>*UK;%A%5fYWr-hSmX@8Ib>YlPo~?sIDCh~I`ugx88Y2X52r?Z
ztGM=1(AHpHU4!-7X{*Vx3LC4Qxma7PmWi(2;!1|F20QB!Yxk$nq5sIKtp7VEzE&6T
z68*oke^A!{_g-!E|K~~N_^<h!Gn*Tt&;3Gt%E2A?th)C(<%}vWC>u8`ABoRJCl{`R
z=JWG6LW@V%)epI+VR7cyJDn6i9(cJcgiZ5j?#)p}#28iSA<{^2#eE)j;qq{h6AIaN
ztm4Jg`gi3E_d-i!GZj|97Fxb|u=tv4sjo(X66T|ff46e3hX1eC1+*;wr@de1{|CD-
zH}SvElJ4dIS%EPnx}akfxx2+lD9A*qsF}V<oUn`JbB;4qvXBb)kX|!ScHTy+{h_7W
z!yY!M5Mw2ZTupd&s)SeP;le9tsxE%Y;Hl)*{Id!x39H|&+}fn|q#F6}oOsV7|JyG+
z<=_82*xkhcJWpE0p%bso3di*iIv;;{f4P&|4TpMETD<?)V+JhS|DFBv`(LjP+6SBc
z{~YO2`hWd~-MDxEAj$6k^M3E>UB5LAo}`au_W!Gw?b8159K77$?EmLTTku9x0Q?=p
zDI89SP@ZRVsD!svokbFe0_l?wTacCnDCwAC0E)X`JAr8&DjJ2D#I4Gf=WT7lPZMHV
zn5O^ZdEX?q7a$u`hTRM($u5!Pe?o<@AoqhQu2}&CJ{qBbSfY?H<pRNJ3cwkt2|~zy
z5+-;Vcs^%R5vCxsIMbhMv7=4~JK}yUQ5u_^vv8Kcv^O_qx_dJ@+c1n3Pz5BE9LDq-
zrNfB8gpMZ=;8-96AEnr7M6Ri%86<}d;3wj%a0WMS^4x7_43gg6SXz2Mvj+lmvzAP&
zPgt@*xiAG72|m?KTB9S#4g44nQ7}{};pg7FlWj{6zNQDc4L`<G@hSZeZUfizHv^wf
zhwfxkgU~3ci9l?@IgW`4%&*+I0(;iE4I~V+lTRQ5A($~Tr9KJ68K_w3)uc@EV&{66
zOa?U*8UT?7tfK?Pli%Sf!l%WFf}UOofie!&wp$oIH^@HdrZr2nZ3u-*h0LE>R7f09
zl`Os;Ar&Q>Kh}+d*o3Nh-sOZ!I~s?n+YEXwNq**2T#p?UCDkRL8my=?KOKZDK;~0D
zi4tTyv@_MxJs||#kM$bcwb4BzQ-Xx_KW28#r2H%3KHT6?QicEiYNAvmyE{A9fna_U
z97T)rov-a^1_A~C8dF_cdfr=9Ffr>ff*Fq?;OvEh3Asj~s%4kzrSAAcEENzqJUMQ8
zZdwc#+tGVo@~JV(F(Eq|_)1Mspdk}=!(oU%i6z1fg2adjq7Znj;PCuN!iWpd+-ItD
zM<IT4TdMVS*Yke)<rnWui?Mk&i3EYQCm<PkGGzM$;d<oO-q3BD7M-00M3aGavAAOw
zd)F%2pwP6B2w*b}NPuSZhESE5Fv4}dlYXxUavrK4^5>Q-o3u%r^!rc$7XSeN|CLa6
I0sy1{0EkGX-2eap

literal 0
HcmV?d00001

diff --git a/charts/fleet/104.1.5+up0.10.9/Chart.yaml b/charts/fleet/104.1.5+up0.10.9/Chart.yaml
new file mode 100644
index 0000000000..5d5d8440ce
--- /dev/null
+++ b/charts/fleet/104.1.5+up0.10.9/Chart.yaml
@@ -0,0 +1,18 @@
+annotations:
+  catalog.cattle.io/auto-install: fleet-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/experimental: "true"
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.18.0-0 < 1.31.0-0'
+  catalog.cattle.io/namespace: cattle-fleet-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: clusters.fleet.cattle.io/v1alpha1
+  catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
+  catalog.cattle.io/release-name: fleet
+apiVersion: v2
+appVersion: 0.10.9
+description: Fleet Manager - GitOps at Scale
+icon: https://charts.rancher.io/assets/logos/fleet.svg
+name: fleet
+version: 104.1.5+up0.10.9
diff --git a/charts/fleet/104.1.5+up0.10.9/README.md b/charts/fleet/104.1.5+up0.10.9/README.md
new file mode 100644
index 0000000000..2f2a4c302a
--- /dev/null
+++ b/charts/fleet/104.1.5+up0.10.9/README.md
@@ -0,0 +1,30 @@
+# Fleet Helm Chart
+
+Fleet is GitOps at scale. Fleet is designed to manage multiple clusters.
+
+## What is Fleet?
+
+* Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.
+
+* Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters.
+
+## Introduction
+
+This chart deploys Fleet on a Kubernetes cluster. It also deploys some of its dependencies as subcharts.
+
+The documentation is centralized in the [doc website](https://fleet.rancher.io/).
+
+## Prerequisites
+
+Get helm if you don't have it. Helm 3 is just a CLI.
+
+
+## Install Fleet
+
+Install the Fleet Helm charts (there are two because we separate out CRDs for ultimate flexibility.):
+
+```
+$ helm repo add fleet https://rancher.github.io/fleet-helm-charts/
+$ helm -n cattle-fleet-system install --create-namespace --wait fleet-crd fleet/fleet-crd
+$ helm -n cattle-fleet-system install --create-namespace --wait fleet fleet/fleet
+```
\ No newline at end of file
diff --git a/charts/fleet/104.1.5+up0.10.9/templates/_helpers.tpl b/charts/fleet/104.1.5+up0.10.9/templates/_helpers.tpl
new file mode 100644
index 0000000000..6cd96c3ace
--- /dev/null
+++ b/charts/fleet/104.1.5+up0.10.9/templates/_helpers.tpl
@@ -0,0 +1,22 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
\ No newline at end of file
diff --git a/charts/fleet/104.1.5+up0.10.9/templates/configmap.yaml b/charts/fleet/104.1.5+up0.10.9/templates/configmap.yaml
new file mode 100644
index 0000000000..719898d6d8
--- /dev/null
+++ b/charts/fleet/104.1.5+up0.10.9/templates/configmap.yaml
@@ -0,0 +1,29 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: fleet-controller
+data:
+  config: |
+    {
+      "systemDefaultRegistry": "{{ template "system_default_registry" . }}",
+      "agentImage": "{{ template "system_default_registry" . }}{{.Values.agentImage.repository}}:{{.Values.agentImage.tag}}",
+      "agentImagePullPolicy": "{{ .Values.agentImage.imagePullPolicy }}",
+      "apiServerURL": "{{.Values.apiServerURL}}",
+      "apiServerCA": "{{b64enc .Values.apiServerCA}}",
+      "agentCheckinInterval": "{{.Values.agentCheckinInterval}}",
+      "agentTLSMode": "{{.Values.agentTLSMode}}",
+      {{ if .Values.garbageCollectionInterval }}
+      "garbageCollectionInterval": "{{.Values.garbageCollectionInterval}}",
+      {{ end }}
+      "ignoreClusterRegistrationLabels": {{.Values.ignoreClusterRegistrationLabels}},
+      "bootstrap": {
+        "paths": "{{.Values.bootstrap.paths}}",
+        "repo": "{{.Values.bootstrap.repo}}",
+        "secret": "{{.Values.bootstrap.secret}}",
+        "branch":  "{{.Values.bootstrap.branch}}",
+        "namespace": "{{.Values.bootstrap.namespace}}",
+        "agentNamespace": "{{.Values.bootstrap.agentNamespace}}"
+      },
+      "webhookReceiverURL": "{{.Values.webhookReceiverURL}}",
+      "githubURLPrefix": "{{.Values.githubURLPrefix}}"
+    }
diff --git a/charts/fleet/104.1.5+up0.10.9/templates/deployment.yaml b/charts/fleet/104.1.5+up0.10.9/templates/deployment.yaml
new file mode 100644
index 0000000000..025eb0710a
--- /dev/null
+++ b/charts/fleet/104.1.5+up0.10.9/templates/deployment.yaml
@@ -0,0 +1,251 @@
+{{- $shards := list (dict "id" "" "nodeSelector" dict) -}}
+{{- $uniqueShards := list -}}
+{{- if .Values.shards -}}
+  {{- range .Values.shards -}}
+    {{- if not (has .id $uniqueShards) -}}
+      {{- $shards = append $shards . -}}
+      {{- $uniqueShards = append $uniqueShards .id -}}
+    {{- end -}}
+  {{- end -}}
+{{- end -}}
+
+{{ range $shard := $shards }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: "fleet-controller{{if $shard.id }}-shard-{{ $shard.id }}{{end}}"
+spec:
+  selector:
+    matchLabels:
+      app: fleet-controller
+  template:
+    metadata:
+      labels:
+        app: fleet-controller
+        fleet.cattle.io/shard-id: "{{ $shard.id }}"
+        {{- if empty $shard.id }}
+        fleet.cattle.io/shard-default: "true"
+        {{- end }}
+    spec:
+      containers:
+      - env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        {{- if $.Values.clusterEnqueueDelay }}
+        - name: FLEET_CLUSTER_ENQUEUE_DELAY
+          value: {{ $.Values.clusterEnqueueDelay }}
+        {{- end }}
+        {{- if $.Values.proxy }}
+        - name: HTTP_PROXY
+          value: {{ $.Values.proxy }}
+        - name: HTTPS_PROXY
+          value: {{ $.Values.proxy }}
+        - name: NO_PROXY
+          value: {{ $.Values.noProxy }}
+        {{- end }}
+        {{- if $.Values.cpuPprof }}
+        - name: FLEET_CPU_PPROF_DIR
+          value: /tmp/pprof/
+        {{- end }}
+        {{- if $.Values.cpuPprof }}
+        - name: FLEET_CPU_PPROF_PERIOD
+          value: {{ quote $.Values.cpuPprof.period }}
+        {{- end }}
+        {{- if $.Values.leaderElection.leaseDuration }}
+        - name: CATTLE_ELECTION_LEASE_DURATION
+          value: {{$.Values.leaderElection.leaseDuration}}
+        {{- end }}
+        {{- if $.Values.leaderElection.retryPeriod }}
+        - name: CATTLE_ELECTION_RETRY_PERIOD
+          value: {{$.Values.leaderElection.retryPeriod}}
+        {{- end }}
+        {{- if $.Values.leaderElection.renewDeadline }}
+        - name: CATTLE_ELECTION_RENEW_DEADLINE
+          value: {{$.Values.leaderElection.renewDeadline}}
+        {{- end }}
+        {{- if $.Values.debug }}
+        - name: CATTLE_DEV_MODE
+          value: "true"
+        {{- end }}
+        {{- if $.Values.controller.reconciler.workers.bundle }}
+        - name: BUNDLE_RECONCILER_WORKERS
+          value: {{ quote $.Values.controller.reconciler.workers.bundle }}
+        {{- end }}
+        {{- if $.Values.controller.reconciler.workers.bundledeployment }}
+        - name: BUNDLEDEPLOYMENT_RECONCILER_WORKERS
+          value: {{ quote $.Values.controller.reconciler.workers.bundledeployment }}
+        {{- end }}
+{{- if $.Values.extraEnv }}
+{{ toYaml $.Values.extraEnv | indent 8}}
+{{- end }}
+        image: '{{ template "system_default_registry" $ }}{{ $.Values.image.repository }}:{{ $.Values.image.tag }}'
+        name: fleet-controller
+        imagePullPolicy: "{{ $.Values.image.imagePullPolicy }}"
+        {{- if $.Values.metrics.enabled }}
+        ports:
+        - containerPort: 8080
+          name: metrics
+        {{- end }}
+        command:
+        - fleetcontroller
+        {{- if $shard.id }}
+        - --shard-id
+        - {{ quote $shard.id }}
+        {{- end }}
+        {{- if not $.Values.metrics.enabled }}
+        - --disable-metrics
+        {{- end }}
+        {{- if $.Values.debug }}
+        - --debug
+        - --debug-level
+        - {{ quote $.Values.debugLevel }}
+        {{- else }}
+        securityContext:
+          allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
+          privileged: false
+          capabilities:
+            drop:
+            - ALL
+        {{- end }}
+        volumeMounts:
+          - mountPath: /tmp
+            name: tmp
+        {{- if $.Values.cpuPprof }}
+          - mountPath: /tmp/pprof
+            name: pprof
+        {{- end }}
+      {{- if not $shard.id }} # Only deploy cleanup and agent management through sharding-less deployment
+      - env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        {{- if $.Values.debug }}
+        - name: CATTLE_DEV_MODE
+          value: "true"
+        {{- end }}
+        {{- if $.Values.leaderElection.leaseDuration }}
+        - name: CATTLE_ELECTION_LEASE_DURATION
+          value: {{$.Values.leaderElection.leaseDuration}}
+        {{- end }}
+        {{- if $.Values.leaderElection.retryPeriod }}
+        - name: CATTLE_ELECTION_RETRY_PERIOD
+          value: {{$.Values.leaderElection.retryPeriod}}
+        {{- end }}
+        {{- if $.Values.leaderElection.renewDeadline }}
+        - name: CATTLE_ELECTION_RENEW_DEADLINE
+          value: {{$.Values.leaderElection.renewDeadline}}
+        {{- end }}
+        {{- if $.Values.controller.reconciler.workers.gitrepo }}
+        - name: GITREPO_RECONCILER_WORKERS
+          value: {{ quote $.Values.controller.reconciler.workers.gitrepo }}
+        {{- end }}
+        {{- if $.Values.controller.reconciler.workers.bundle }}
+        - name: BUNDLE_RECONCILER_WORKERS
+          value: {{ quote $.Values.controller.reconciler.workers.bundle }}
+        {{- end }}
+        {{- if $.Values.controller.reconciler.workers.bundledeployment }}
+        - name: BUNDLEDEPLOYMENT_RECONCILER_WORKERS
+          value: {{ quote $.Values.controller.reconciler.workers.bundledeployment }}
+        {{- end }}
+        image: '{{ template "system_default_registry" $ }}{{ $.Values.image.repository }}:{{ $.Values.image.tag }}'
+        name: fleet-cleanup
+        imagePullPolicy: "{{ $.Values.image.imagePullPolicy }}"
+        command:
+        - fleetcontroller
+        - cleanup
+        {{- if $.Values.debug }}
+        - --debug
+        - --debug-level
+        - {{ quote $.Values.debugLevel }}
+        {{- else }}
+        securityContext:
+          allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
+          privileged: false
+          capabilities:
+            drop:
+            - ALL
+        {{- end }}
+      - env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        - name: FLEET_PROPAGATE_DEBUG_SETTINGS_TO_AGENTS
+          value: {{ quote $.Values.propagateDebugSettingsToAgents }}
+        {{- if $.Values.debug }}
+        - name: CATTLE_DEV_MODE
+          value: "true"
+        {{- end }}
+        {{- if $.Values.leaderElection.leaseDuration }}
+        - name: CATTLE_ELECTION_LEASE_DURATION
+          value: {{$.Values.leaderElection.leaseDuration}}
+        {{- end }}
+        {{- if $.Values.leaderElection.retryPeriod }}
+        - name: CATTLE_ELECTION_RETRY_PERIOD
+          value: {{$.Values.leaderElection.retryPeriod}}
+        {{- end }}
+        {{- if $.Values.leaderElection.renewDeadline }}
+        - name: CATTLE_ELECTION_RENEW_DEADLINE
+          value: {{$.Values.leaderElection.renewDeadline}}
+        {{- end }}
+        image: '{{ template "system_default_registry" $ }}{{ $.Values.image.repository }}:{{ $.Values.image.tag }}'
+        name: fleet-agentmanagement
+        imagePullPolicy: "{{ $.Values.image.imagePullPolicy }}"
+        command:
+        - fleetcontroller
+        - agentmanagement
+        {{- if not $.Values.bootstrap.enabled }}
+        - --disable-bootstrap
+        {{- end }}
+        {{- if $.Values.debug }}
+        - --debug
+        - --debug-level
+        - {{ quote $.Values.debugLevel }}
+        {{- else }}
+        securityContext:
+          allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
+          privileged: false
+          capabilities:
+            drop:
+            - ALL
+        {{- end }}
+      {{- end }}
+      volumes:
+        - name: tmp
+          emptyDir: {}
+      {{- if $.Values.cpuPprof }}
+        - name: pprof {{ toYaml $.Values.cpuPprof.volumeConfiguration | nindent 10 }}
+      {{- end }}
+
+      serviceAccountName: fleet-controller
+      nodeSelector: {{ include "linux-node-selector" $shard.id | nindent 8 }}
+{{- if $.Values.nodeSelector }}
+{{ toYaml $.Values.nodeSelector | indent 8 }}
+{{- end }}
+{{- if $shard.nodeSelector -}}
+{{- range $key, $value := $shard.nodeSelector }}
+{{ $key | indent 8}}: {{ $value }}
+{{- end }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" $shard.id | nindent 8 }}
+{{- if $.Values.tolerations }}
+{{ toYaml $.Values.tolerations | indent 8 }}
+{{- end }}
+      {{- if $.Values.priorityClassName }}
+      priorityClassName: "{{$.Values.priorityClassName}}"
+      {{- end }}
+
+{{- if not $.Values.debug }}
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+        runAsGroup: 1000
+{{- end }}
+---
+{{- end }}
diff --git a/charts/fleet/104.1.5+up0.10.9/templates/deployment_gitjob.yaml b/charts/fleet/104.1.5+up0.10.9/templates/deployment_gitjob.yaml
new file mode 100644
index 0000000000..5c3df9608a
--- /dev/null
+++ b/charts/fleet/104.1.5+up0.10.9/templates/deployment_gitjob.yaml
@@ -0,0 +1,136 @@
+{{- $shards := list (dict "id" "" "nodeSelector" dict) -}}
+{{- $uniqueShards := list -}}
+{{- if .Values.shards -}}
+  {{- range .Values.shards -}}
+    {{- if not (has .id $uniqueShards) -}}
+      {{- $shards = append $shards . -}}
+      {{- $uniqueShards = append $uniqueShards .id -}}
+    {{- end -}}
+  {{- end -}}
+{{- end -}}
+
+{{ range $shard := $shards }}
+{{- if $.Values.gitops.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: "gitjob{{if $shard.id }}-shard-{{ $shard.id }}{{end}}"
+spec:
+  selector:
+    matchLabels:
+      app: "gitjob"
+  template:
+    metadata:
+      labels:
+        app: "gitjob"
+        fleet.cattle.io/shard-id: "{{ $shard.id }}"
+        {{- if empty $shard.id }}
+        fleet.cattle.io/shard-default: "true"
+        {{- end }}
+    spec:
+      serviceAccountName: gitjob
+      containers:
+        - image: "{{ template "system_default_registry" $ }}{{ $.Values.image.repository }}:{{ $.Values.image.tag }}"
+          name: gitjob
+          {{- if $.Values.metrics.enabled }}
+          ports:
+          - containerPort: 8081
+            name: metrics
+          {{- end }}
+          args:
+          - fleetcontroller
+          - gitjob
+          - --gitjob-image
+          - "{{ template "system_default_registry" $ }}{{ $.Values.image.repository }}:{{ $.Values.image.tag }}"
+          {{- if $.Values.debug }}
+          - --debug
+          - --debug-level
+          - {{ quote $.Values.debugLevel }}
+          {{- end }}
+          {{- if $shard.id }}
+          - --shard-id
+          - {{ quote $shard.id }}
+          {{- end }}
+          {{- if $shard.nodeSelector }}
+          - --shard-node-selector
+          - {{ toJson $shard.nodeSelector | squote }}
+          {{- end }}
+          {{- if not $.Values.metrics.enabled }}
+          - --disable-metrics
+          {{- end }}
+          env:
+            - name: NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+          {{- if $.Values.leaderElection.leaseDuration }}
+            - name: CATTLE_ELECTION_LEASE_DURATION
+              value: {{$.Values.leaderElection.leaseDuration}}
+          {{- end }}
+          {{- if $.Values.leaderElection.retryPeriod }}
+            - name: CATTLE_ELECTION_RETRY_PERIOD
+              value: {{$.Values.leaderElection.retryPeriod}}
+          {{- end }}
+          {{- if $.Values.leaderElection.renewDeadline }}
+            - name: CATTLE_ELECTION_RENEW_DEADLINE
+              value: {{$.Values.leaderElection.renewDeadline}}
+          {{- end }}
+          {{- if $.Values.proxy }}
+            - name: HTTP_PROXY
+              value: {{ $.Values.proxy }}
+            - name: HTTPS_PROXY
+              value: {{ $.Values.proxy }}
+            - name: NO_PROXY
+              value: {{ $.Values.noProxy }}
+          {{- end }}
+          {{- if $.Values.controller.reconciler.workers.gitrepo }}
+            - name: GITREPO_RECONCILER_WORKERS
+              value: {{ quote $.Values.controller.reconciler.workers.gitrepo }}
+          {{- end }}
+{{- if $.Values.extraEnv }}
+{{ toYaml $.Values.extraEnv | indent 12}}
+{{- end }}
+          {{- if $.Values.debug }}
+            - name: CATTLE_DEV_MODE
+              value: "true"
+          {{- else }}
+          securityContext:
+            allowPrivilegeEscalation: false
+            readOnlyRootFilesystem: true
+            privileged: false
+            capabilities:
+                drop:
+                - ALL
+          {{- end }}
+          volumeMounts:
+            - mountPath: /tmp
+              name: tmp
+      nodeSelector: {{ include "linux-node-selector" $shard.id | nindent 8 }}
+{{- if $.Values.nodeSelector }}
+{{ toYaml $.Values.nodeSelector | indent 8 }}
+{{- end }}
+{{- if $shard.nodeSelector -}}
+{{- range $key, $value := $shard.nodeSelector }}
+{{ $key | indent 8}}: {{ $value }}
+{{- end }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" $shard.id | nindent 8 }}
+{{- if $.Values.tolerations }}
+{{ toYaml $.Values.tolerations | indent 8 }}
+{{- end }}
+      {{- if $.Values.priorityClassName }}
+      priorityClassName: "{{$.Values.priorityClassName}}"
+      {{- end }}
+
+{{- if not $.Values.debug }}
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+        runAsGroup: 1000
+{{- end }}
+      volumes:
+        - name: tmp
+          emptyDir: {}
+{{- end }}
+---
+{{- end }}
diff --git a/charts/fleet/104.1.5+up0.10.9/templates/job_cleanup_clusterregistrations.yaml b/charts/fleet/104.1.5+up0.10.9/templates/job_cleanup_clusterregistrations.yaml
new file mode 100644
index 0000000000..d039fd40b3
--- /dev/null
+++ b/charts/fleet/104.1.5+up0.10.9/templates/job_cleanup_clusterregistrations.yaml
@@ -0,0 +1,41 @@
+{{- if .Values.migrations.clusterRegistrationCleanup }}
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: fleet-cleanup-clusterregistrations
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade
+    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
+spec:
+  template:
+    metadata:
+      labels:
+        app: fleet-job
+    spec:
+      serviceAccountName: fleet-controller
+      restartPolicy: Never
+      securityContext:
+        runAsNonRoot: true
+        runAsGroup: 1000
+        runAsUser: 1000
+      containers:
+      - name: cleanup
+        image: "{{ template "system_default_registry" . }}{{.Values.image.repository}}:{{.Values.image.tag}}"
+        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
+        securityContext:
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+            - ALL
+          readOnlyRootFilesystem: false
+          privileged: false
+        command:
+        - fleet
+        args:
+        - cleanup
+        - clusterregistration
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+  backoffLimit: 1
+{{- end }}
diff --git a/charts/fleet/104.1.5+up0.10.9/templates/job_cleanup_gitrepojobs.yaml b/charts/fleet/104.1.5+up0.10.9/templates/job_cleanup_gitrepojobs.yaml
new file mode 100644
index 0000000000..c7233630d9
--- /dev/null
+++ b/charts/fleet/104.1.5+up0.10.9/templates/job_cleanup_gitrepojobs.yaml
@@ -0,0 +1,44 @@
+{{- if and .Values.migrations.gitrepoJobsCleanup .Values.gitops.enabled }}
+---
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: fleet-cleanup-gitrepo-jobs
+spec:
+  schedule: "@daily"
+  concurrencyPolicy: Forbid
+  successfulJobsHistoryLimit: 0
+  failedJobsHistoryLimit: 1
+  jobTemplate:
+    spec:
+      template:
+        metadata:
+          labels:
+            app: fleet-job
+        spec:
+          serviceAccountName: gitjob
+          restartPolicy: Never
+          securityContext:
+            runAsNonRoot: true
+            runAsGroup: 1000
+            runAsUser: 1000
+          containers:
+          - name: cleanup
+            image: "{{ template "system_default_registry" . }}{{.Values.image.repository}}:{{.Values.image.tag}}"
+            imagePullPolicy: {{ .Values.global.imagePullPolicy }}
+            securityContext:
+              allowPrivilegeEscalation: false
+              capabilities:
+                drop:
+                - ALL
+              readOnlyRootFilesystem: false
+              privileged: false
+            command:
+            - fleet
+            args:
+            - cleanup
+            - gitjob
+          nodeSelector: {{ include "linux-node-selector" . | nindent 12 }}
+          tolerations: {{ include "linux-node-tolerations" . | nindent 12 }}
+      backoffLimit: 1
+{{- end }}
diff --git a/charts/fleet/104.1.5+up0.10.9/templates/rbac.yaml b/charts/fleet/104.1.5+up0.10.9/templates/rbac.yaml
new file mode 100644
index 0000000000..026c1c26d2
--- /dev/null
+++ b/charts/fleet/104.1.5+up0.10.9/templates/rbac.yaml
@@ -0,0 +1,113 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: fleet-controller
+rules:
+- apiGroups:
+  - fleet.cattle.io
+  resources:
+  - '*'
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - namespaces
+  - serviceaccounts
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  - configmaps
+  verbs:
+  - '*'
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - clusterroles
+  - clusterrolebindings
+  - roles
+  - rolebindings
+  verbs:
+  - '*'
+- apiGroups:
+    - ""
+  resources:
+    - 'events'
+  verbs:
+    - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: fleet-controller
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: fleet-controller
+subjects:
+- kind: ServiceAccount
+  name: fleet-controller
+  namespace: {{.Release.Namespace}}
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: fleet-controller
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - '*'
+- apiGroups:
+  - coordination.k8s.io
+  resources:
+  - leases
+  verbs:
+  - '*'
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: fleet-controller
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: fleet-controller
+subjects:
+- kind: ServiceAccount
+  name: fleet-controller
+
+{{- if .Values.bootstrap.enabled }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: fleet-controller-bootstrap
+rules:
+- apiGroups:
+  - '*'
+  resources:
+  - '*'
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: fleet-controller-bootstrap
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: fleet-controller-bootstrap
+subjects:
+- kind: ServiceAccount
+  name: fleet-controller-bootstrap
+  namespace: {{.Release.Namespace}}
+{{- end }}
diff --git a/charts/fleet/104.1.5+up0.10.9/templates/rbac_gitjob.yaml b/charts/fleet/104.1.5+up0.10.9/templates/rbac_gitjob.yaml
new file mode 100644
index 0000000000..e2c93169de
--- /dev/null
+++ b/charts/fleet/104.1.5+up0.10.9/templates/rbac_gitjob.yaml
@@ -0,0 +1,133 @@
+{{- if .Values.gitops.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: gitjob
+rules:
+  - apiGroups:
+      - "batch"
+    resources:
+      - 'jobs'
+    verbs:
+      - '*'
+  - apiGroups:
+      - ""
+    resources:
+      - 'pods'
+    verbs:
+      - 'list'
+      - 'get'
+      - 'watch'
+  - apiGroups:
+      - ""
+    resources:
+      - 'secrets'
+    verbs:
+      - '*'
+  - apiGroups:
+      - ""
+    resources:
+      - 'configmaps'
+    verbs:
+      - '*'
+  - apiGroups:
+      - "fleet.cattle.io"
+    resources:
+      - "gitrepos"
+      - "gitrepos/status"
+    verbs:
+      - "*"
+  - apiGroups:
+      - "fleet.cattle.io"
+    resources:
+      - "gitreporestrictions"
+    verbs:
+      - list
+      - get
+      - watch
+  - apiGroups:
+      - "fleet.cattle.io"
+    resources:
+      - "bundles"
+      - "bundledeployments"
+      - "imagescans"
+      - "contents"
+    verbs:
+      - list
+      - delete
+      - get
+      - watch
+      - update
+  - apiGroups:
+      - ""
+    resources:
+      - 'events'
+    verbs:
+      - '*'
+  - apiGroups:
+      - ""
+    resources:
+      - serviceaccounts
+    verbs:
+      - "create"
+  - apiGroups:
+      - ""
+    resources:
+      - namespaces
+    verbs:
+      - "create"
+      - "delete"
+  - apiGroups:
+      - rbac.authorization.k8s.io
+    resources:
+      - roles
+    verbs:
+      - escalate
+      - create
+      - bind
+  - apiGroups:
+      - rbac.authorization.k8s.io
+    resources:
+      - rolebindings
+    verbs:
+      - create
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: gitjob-binding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: gitjob
+subjects:
+  - kind: ServiceAccount
+    name: gitjob
+    namespace: {{ .Release.Namespace }}
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: gitjob
+rules:
+  - apiGroups:
+      - "coordination.k8s.io"
+    resources:
+      - "leases"
+    verbs:
+      - "*"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: gitjob
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: gitjob
+subjects:
+  - kind: ServiceAccount
+    name: gitjob
+{{- end }}
diff --git a/charts/fleet/104.1.5+up0.10.9/templates/service.yaml b/charts/fleet/104.1.5+up0.10.9/templates/service.yaml
new file mode 100644
index 0000000000..49aefb490a
--- /dev/null
+++ b/charts/fleet/104.1.5+up0.10.9/templates/service.yaml
@@ -0,0 +1,36 @@
+{{- if .Values.metrics.enabled }}
+{{- $shards := list (dict "id" "" "nodeSelector" dict) -}}
+{{- $uniqueShards := list -}}
+{{- if .Values.shards -}}
+  {{- range .Values.shards -}}
+    {{- if not (has .id $uniqueShards) -}}
+      {{- $shards = append $shards . -}}
+      {{- $uniqueShards = append $uniqueShards .id -}}
+    {{- end -}}
+  {{- end -}}
+{{- end -}}
+
+{{ range $shard := $shards }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: "monitoring-fleet-controller{{if  $shard.id  }}-shard-{{  $shard.id   }}{{end}}"
+  labels:
+    app: fleet-controller
+spec:
+  type: ClusterIP
+  ports:
+  - port: 8080
+    targetPort: 8080
+    protocol: TCP
+    name: metrics
+  selector:
+    app: fleet-controller
+    {{- if empty  $shard.id   }}
+    fleet.cattle.io/shard-default: "true"
+    {{- else }}
+    fleet.cattle.io/shard-id: "{{  $shard.id   }}"
+    {{- end }}
+---
+{{- end }}
+{{- end }}
diff --git a/charts/fleet/104.1.5+up0.10.9/templates/service_gitjob.yaml b/charts/fleet/104.1.5+up0.10.9/templates/service_gitjob.yaml
new file mode 100644
index 0000000000..f33c9a5457
--- /dev/null
+++ b/charts/fleet/104.1.5+up0.10.9/templates/service_gitjob.yaml
@@ -0,0 +1,51 @@
+{{- if .Values.gitops.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: gitjob
+spec:
+  ports:
+    - name: http-80
+      port: 80
+      protocol: TCP
+      targetPort: 8080
+  selector:
+    app: "gitjob"
+---
+{{- if .Values.metrics.enabled }}
+{{- $shards := list (dict "id" "" "nodeSelector" dict) -}}
+{{- $uniqueShards := list -}}
+{{- if .Values.shards -}}
+  {{- range .Values.shards -}}
+    {{- if not (has .id $uniqueShards) -}}
+      {{- $shards = append $shards . -}}
+      {{- $uniqueShards = append $uniqueShards .id -}}
+    {{- end -}}
+  {{- end -}}
+{{- end -}}
+
+{{ range $shard := $shards }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: "monitoring-gitjob{{if $shard.id }}-shard-{{ $shard.id }}{{end}}"
+  labels:
+    app: gitjob
+spec:
+  type: ClusterIP
+  ports:
+  - port: 8081
+    targetPort: 8081
+    protocol: TCP
+    name: metrics
+  selector:
+    app: gitjob
+    {{- if empty $shard.id }}
+    fleet.cattle.io/shard-default: "true"
+    {{- else }}
+    fleet.cattle.io/shard-id: "{{ $shard.id }}"
+    {{- end }}
+---
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/fleet/104.1.5+up0.10.9/templates/serviceaccount.yaml b/charts/fleet/104.1.5+up0.10.9/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..ba27c748d7
--- /dev/null
+++ b/charts/fleet/104.1.5+up0.10.9/templates/serviceaccount.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: fleet-controller
+
+{{- if .Values.bootstrap.enabled }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: fleet-controller-bootstrap
+{{- end }}
diff --git a/charts/fleet/104.1.5+up0.10.9/templates/serviceaccount_gitjob.yaml b/charts/fleet/104.1.5+up0.10.9/templates/serviceaccount_gitjob.yaml
new file mode 100644
index 0000000000..c769b47cfd
--- /dev/null
+++ b/charts/fleet/104.1.5+up0.10.9/templates/serviceaccount_gitjob.yaml
@@ -0,0 +1,6 @@
+{{- if .Values.gitops.enabled }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: gitjob
+{{- end }}
diff --git a/charts/fleet/104.1.5+up0.10.9/values.yaml b/charts/fleet/104.1.5+up0.10.9/values.yaml
new file mode 100644
index 0000000000..37f39cc8ce
--- /dev/null
+++ b/charts/fleet/104.1.5+up0.10.9/values.yaml
@@ -0,0 +1,121 @@
+image:
+  repository: rancher/fleet
+  tag: v0.10.9
+  imagePullPolicy: IfNotPresent
+
+agentImage:
+  repository: rancher/fleet-agent
+  tag: v0.10.9
+  imagePullPolicy: IfNotPresent
+
+# For cluster registration the public URL of the Kubernetes API server must be set here
+# Example: https://example.com:6443
+apiServerURL: ""
+
+# For cluster registration the pem encoded value of the CA of the Kubernetes API server must be set here
+# If left empty it is assumed this Kubernetes API TLS is signed by a well known CA.
+apiServerCA: ""
+
+# Determines whether the agent should trust CA bundles from the operating system's trust store when connecting to a
+# management cluster. True in `system-store` mode, false in `strict` mode.
+agentTLSMode: "system-store"
+
+# A duration string for how often agents should report a heartbeat
+agentCheckinInterval: "15m"
+
+# Whether you want to allow cluster upon registration to specify their labels.
+ignoreClusterRegistrationLabels: false
+
+# Counts from gitrepo are out of sync with bundleDeployment state.
+# Just retry in a number of seconds as there is no great way to trigger an event that doesn't cause a loop.
+# If not set default is 15 seconds.
+# clusterEnqueueDelay: 120s
+
+# http[s] proxy server
+# proxy: http://<username>@<password>:<url>:<port>
+
+# comma separated list of domains or ip addresses that will not use the proxy
+noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local
+
+bootstrap:
+  enabled: true
+  # The namespace that will be autocreated and the local cluster will be registered in
+  namespace: fleet-local
+  # The namespace where the fleet agent for the local cluster will be ran, if empty
+  # this will default to cattle-fleet-system
+  agentNamespace: ""
+  # A repo to add at install time that will deploy to the local cluster. This allows
+  # one to fully bootstrap fleet, its configuration and all its downstream clusters
+  # in one shot.
+  repo: ""
+  secret: ""
+  branch: master
+  paths: ""
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+
+## PriorityClassName assigned to deployment.
+priorityClassName: ""
+
+gitops:
+  enabled: true
+
+metrics:
+  enabled: true
+
+debug: false
+debugLevel: 0
+propagateDebugSettingsToAgents: true
+
+## Optional CPU pprof configuration. Profiles are collected continuously and saved every period
+## Any valid volume configuration can be provided, the example below uses hostPath
+# cpuPprof:
+#   period: "60s"
+#   volumeConfiguration:
+#     hostPath:
+#       path: /tmp/pprof
+#       type: DirectoryOrCreate
+
+migrations:
+  clusterRegistrationCleanup: true
+  gitrepoJobsCleanup: true
+
+## Leader election configuration
+leaderElection:
+  leaseDuration: 30s
+  retryPeriod: 10s
+  renewDeadline: 25s
+
+## Fleet controller configuration
+controller:
+  reconciler:
+    # The number of workers that are allowed to each type of reconciler
+    workers:
+      gitrepo: "50"
+      bundle: "50"
+      bundledeployment: "50"
+
+# Extra environment variables passed to the fleet pods.
+# extraEnv:
+# - name: EXPERIMENTAL_OCI_STORAGE
+#   value: "true"
+
+# shards:
+#   - id: shard0
+#     nodeSelector:
+#       kubernetes.io/hostname: k3d-upstream-server-0
+#   - id: shard1
+#     nodeSelector:
+#       kubernetes.io/hostname: k3d-upstream-server-1
+#   - id: shard2
+#     nodeSelector:
+#       kubernetes.io/hostname: k3d-upstream-server-2
diff --git a/index.yaml b/index.yaml
index bb692dc010..8366d95506 100755
--- a/index.yaml
+++ b/index.yaml
@@ -1072,6 +1072,28 @@ entries:
     urls:
     - assets/fleet/fleet-105.0.0+up0.11.0.tgz
     version: 105.0.0+up0.11.0
+  - annotations:
+      catalog.cattle.io/auto-install: fleet-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/experimental: "true"
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/kube-version: '>= 1.18.0-0 < 1.31.0-0'
+      catalog.cattle.io/namespace: cattle-fleet-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/provides-gvr: clusters.fleet.cattle.io/v1alpha1
+      catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
+      catalog.cattle.io/release-name: fleet
+    apiVersion: v2
+    appVersion: 0.10.9
+    created: "2025-02-25T21:43:38.833810293-03:00"
+    description: Fleet Manager - GitOps at Scale
+    digest: f60c237b73f5d1a595b9777b2a5191efa940f93778c98a15377e37b803a07c7b
+    icon: https://charts.rancher.io/assets/logos/fleet.svg
+    name: fleet
+    urls:
+    - assets/fleet/fleet-104.1.5+up0.10.9.tgz
+    version: 104.1.5+up0.10.9
   - annotations:
       catalog.cattle.io/auto-install: fleet-crd=match
       catalog.cattle.io/certified: rancher
diff --git a/release.yaml b/release.yaml
index e15f1733ad..7a1c4f2b64 100644
--- a/release.yaml
+++ b/release.yaml
@@ -4,3 +4,5 @@ rancher-logging:
   - 104.2.0+up4.8.0
 rancher-logging-crd:
   - 104.2.0+up4.8.0
+fleet:
+  - 104.1.5+up0.10.9

From 11d231ffb78ccc1fb3c5d4084b6af39bff5ec39d Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:44:46 -0300
Subject: [PATCH 06/19] fp: fleet-crd 104.1.5+up0.10.9

---
 .../fleet-crd/fleet-crd-104.1.5+up0.10.9.tgz  |  Bin 0 -> 36274 bytes
 charts/fleet-crd/104.1.5+up0.10.9/Chart.yaml  |   13 +
 charts/fleet-crd/104.1.5+up0.10.9/README.md   |    5 +
 .../104.1.5+up0.10.9/templates/crds.yaml      | 7076 +++++++++++++++++
 charts/fleet-crd/104.1.5+up0.10.9/values.yaml |    1 +
 index.yaml                                    |   17 +
 release.yaml                                  |    2 +
 7 files changed, 7114 insertions(+)
 create mode 100644 assets/fleet-crd/fleet-crd-104.1.5+up0.10.9.tgz
 create mode 100644 charts/fleet-crd/104.1.5+up0.10.9/Chart.yaml
 create mode 100644 charts/fleet-crd/104.1.5+up0.10.9/README.md
 create mode 100644 charts/fleet-crd/104.1.5+up0.10.9/templates/crds.yaml
 create mode 100644 charts/fleet-crd/104.1.5+up0.10.9/values.yaml

diff --git a/assets/fleet-crd/fleet-crd-104.1.5+up0.10.9.tgz b/assets/fleet-crd/fleet-crd-104.1.5+up0.10.9.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..c3169dab52a51deac1924cab19d69755d48c0e88
GIT binary patch
literal 36274
zcmbTdW0xku(ly++F>TwnZQHhO+qP}n=CtjrHEmAY@0@d==MTKORz*feL`7wNsFj&J
zb`iutp#lA;{ZIkX7)dHKnn=pA%X)FK8MCM}nyRo_X{&ItE2yip%W2qJ8`+zBsVX_}
zNt)T(0bTWddF-^Oar6s(Gz^xwCtRtsB%@YXeO}oUs5xWXeY(?9@O_#0z=w~{7>a?=
z0!in)e+&d5(gXFwLkF^uY+6Mcpx8(vbpp}fT%OXi2(Qp0pP!Fm!?FSPc|S5hJ6irV
z0Iv_k4<8TD<@d`Khk^eygF=Dd+Ze`te!k!LRZ9Su&->dZhQ&|t90Ffrzq)kT*g)>}
zSKZCAKQTPZIJ$Z&%iAZiFtj@7QH@t{+Vo`Z-{nv!v5eHx`J_QwE!4%2jqGwNqxr=o
z6f&+0ztDr+Nf3%-F6MyTtXT>U<)q#hbozpl*yg_?w+-OPTx!nhd~VJXTGO|tx68q%
zU^2|hBcAcqem_tck3Phtf3CQ?zpjw!qb~|99x5yz8t}_R$%B8vd_TAOBliu%HAD(x
zl&SItNRTp!3DZv{GsBGfilTl!YF7#K3-HN39wfWS2=U?4k}3UVJ))skFk*G_>hWH|
z+pWX-z1;FI<pYDi-Y<962(6#@PrzX<>0f?K!L!c-zK>p?Z-I}$9LsM3k<YM?{&Hm6
zOR<F1$Y#-ueL+s?c1TmOZCnfDIa?H)7Y_}R`lg!5UfGe4g}#Fx-v$2e?$4W>8F>#s
zSHI^6GUt9oS~qRix`Ca9rXa;KzcX?HpXwJq7tiM<IMYj~A?v#(xs<uaVQp}W$W%zu
zoGQT<Sja8tMh`j8Lchpnm0gh4Id-l$KhH59S|p&dWE_>6SxKm<nER)oRh;eXr!J%e
zNMV!D6l%d3V0~=Z{n_z0g)*T(@!xxE-$M(SsaHGt1O`f%c$H1d2DRoh_cf$8t7jTF
zzQ2%#nGe9d;`MpXDf~hc^IGt>;0{>J!Y}*Lv%zCv^V7OMc6lEJl3O}7>k3M`R5jC_
z^OdzsJy|#kLgMvU(0X^ih3p;;OHoqmin-^xN}^-(_Y9ssQFi@?v$C2$4?Gfn0J;M&
zw?F=m@%yeWkH_;5xsp*Drk6SEckMqRCsW%MoHT2%RbM5tYorrwd|pBuZ`(Du0s}Xn
zfr>IaJU8~xelqFFrH*PaE(-MQ>a?S@V$QR_X~kk|#0#M4BE9I!f=Q{jX9(K-zmKvR
zL$4uL0FE)yXcCxYT2$!BP%NTZs+nY9_hy%2U=~_7bV$S34z3l<5~n%=BEe|El6`GS
z+Nh-&u>56fnwu3mdCqI!P~z{ZOJs7@LI9;UaaF082(2%$JJffM5xSGJuWU@|_8#5y
zl$CeXw8$3QkUP9zjJ^3@nB-)$lTRj5gqlfcbX|d6n+L5vYXXCiPaMv4Co1jP1RVKP
zU<|FwqQ?)<j5h3B?>-(9=XMtPB2_1aql#O9!IHQ7tRv;k`iKR~<kz9vfkk}p1xS_h
z<jS_$kh?89=uqeEqZW>(UZWQW)Cy9(OU|7F;R>s-;{+KvH!m<+Tt7^>_6UU@B^9Tz
z3mUt}o?#n02_u`y8q~_r)o%8rJo7VRt7oZniCmSa>5r|X?WNqQ&#lA7n#-d}tI>|p
zFkB&)P0Ts|oHJC*IqtkUGZYBlWZ%&j^iw_V4L-ZEba|&e7O>(0`a1m$u7~TQMy9jH
zY;d{e->sIE+ewFeyU}<f=8@8W<uaRju&(lGq{G%>k_dfkqf{L~uY1jB(C;5Yh^v*p
z7e4a3j4goANx27+dA<HwsUf%Ujyl9>rOL7$FjOymN<pR0wmX|7Nwg0=Im-y9Uwv-K
z+jUv=++dO>Ud#p*p?#bCEYA$(Zsg-5cOM;^?>)pg<aQ&6V_<D=?e~fJ8Rff?G#{17
zl!{8d^T$(H({s*4?U}1}({)Kot^oC~DHO9!IhU4AfXmy@s4?dVQACb}oW+}CY1<Mo
zt<TumP1vpId5T5Fop=Rj`T!r$+U#Jbo};pDRJD;`%SYe{M>jCd_7^ETHANLqc3gWD
zB1WYyq#nq$j;b<blB_*9dCbntCc4|bZ@CeNOiaS{6Vj$Rw9}8)W$ATOBoWHY-dvfP
z9$Q7-tg&j9^rj9Lg#JSHf$aU~2o4m>_D~AW@}HPe@k1?(J_e;AcP*~%<dVEtqisVl
ztasyRA!;TWou*xeyyLps9-4r7)88eXk}U3w#652F!~LU4X5*KWRfI2-dH_Ckyk~;2
zj21*&l>8Kf_-<``Cat7$)^A;JQ+Hx@F+xjS?dc=t7^W-~`wjiq>Vbh!J%6D83ZU-x
zVA~i(g<Ie;zWG^?E^ufb7z<R}peviz+Pnchd=_piFKD*-*F*?Roe<Nc&9BKJ1$<O=
zV~WERv`>?$!H2~|XXhfvT?7Klq@|6rB0{7L-HZ+Vi69WHaDEg8K1kHS^xb>yQ2F&d
zvP6?Z;&ySFr(V6fsA@<XpFpOC-urih6*8OH0zFw!2oq)5OWUoJ__8(j38`)q>SH#|
zR{;h=<qD_?Rrj%I{|U@D$_}0-EzxY@M9N|>Bt;YvE!dtV3agkmVu?*V&B%O>S&_2L
zl&+@qs1hogAPX_eFOOBGIdjAC0uKSSRfaTsvQA67(f*@m6A-KEPvM9^aptI{la9j5
zsp*2&iY1N2G})u@R20TyibYz!EB4WcedTdmo;OaJexu6-|2~yqC~>qT7C(&HtB>eY
z)~KFv2(p*%Syq}zPikizuRlH4kRziTS#XY317Ogj3Ss3;Y|qtE`fu#0R<Tn%Q(W|{
zIBz}u+6OzIpy-*=gfv``IL_kQ4%$q8_el%Tiv<-Z=d;c+EOb<s-*ZS)u{(nqI?api
zW)-_PYr5Gy{!&s9=?Nt`&0O5TPn37gDOC7+O(Z1twoGZ#><6^4*SjR150f-8Z=1p^
z>G9r`Z5b}Qp&ibJ+l4^aJZ5d{2N%rZ2i5rQhfAwvD)Pz7P{XS2O~i^@XT1(I67fF!
zzW1T}j*h%9`O9ma0A1ZK3!{x<(ldLxOr^IAC489;wX~S>?MhLUT#WZrt2d4!$wc%t
z>Bnoq0c=}1WaJQz`62mL)B1?ZZcZ!BnqBP2ctHJcdhx=<A#0lrNM>!Kgac~x9ZK85
zE$nxBaauI9K_McOwKc<W%+_AqnYZL|?6yzt>MlEw@H)>eQS8q4N>@q}3~Y<D=se9k
zW63F$jI8R<J|&5(*XD=xqbaq8T>VvL6i59q475(k=^<FI*F>&qoY2dL89mO#z6&f3
z^BSsnsFogAP4gK~=MZK8iEx3f10V4p*Y81ZToDb=)F>*-*)md+Xx-i(*CMzO+6osd
zcY_u_DcAcO<+(+ICd1UaZ^Rw(5m`k7)m$liK)6WvK^ZKCsM<?UPKMn45&MDJ2c89&
z+oc1f4g(?9$-`57*l(@GTmbjPhVgb3ueG^rS8NV~9(|8XA<g*ppPUD@Lv0$2mwnS2
zBM)&)KaQi^#?(?M8dB+UOa4iQl4qNl*^Im1!QkH2!ybcz^PSz<_1MP*$1x#6{D@U7
z_Vo)0xS|8Me~V@pu)gVJrY2&4MG6$3uj8@#j<&%Wj@RU!W8hE%lMccJFqruc6kOxZ
zz|FMONeIH9>+((_osC#@tBwZlc#agoeZ&aOU??2f80;Ufuah>P)jS=)=Q4gbOfpf+
zJf>iTZW2{PbfHK~okdESMfu}6CYmR38rzO`SF;j~LC1!lftCjTD7_<(s;4<vT^snU
z^OU@d7w%_SdqL_?t7dQ$3>crMg?5N*{nlQBgLhvIT>fB~ctglz=r2$<Bk$SYS72$)
zqgo3~W?M;Fr%JIb#<4c=L(HRm9c&z^V9+U*5SW|GlX7NTk|Vsq*Nw|Ndl!DD3R-<l
zf+cG$u`bYjE3`vs-OH>45t(h{)Yt)Y6s$d#6C((q(S1fF6G&fAcOD@IVCbLTBgq0t
z=3KJAjA|c!)X7>-%XE_KRy^$e9$;MR^T=iw9P_=)3(ecnk2<hxq`ylbzTu~wE%54y
zJuZdv3uE_?Xx2=adS&0Id4+<}da-I90oplE;G#A*r+1vmqv8hh=H;NRGk4RKOM(f3
z4Q+(N4Je%&Sky6TgI1mf;c(u9fU_!G5q_pK0Me2fuM$q{VGFuaG}Pm6Pevr{<H_MP
z50*um1Z*uw%^s(J2WqU!i@mStNddbgQmhKrgw>!7>t9L8PHpM3o2$Q1Zme(gH5%RI
za2PBKhBUYz9>Glkm-;iv+)d(eDfNcWSP}vkQs0rka4dRv0PmOOa87=qWI4Bl<(`k9
zJhvpdW}ouJULrBVw+=r=5^6}qM$lwS;_L+0?hfEyG@inyy?iIlALW-a#2JAVSTWyZ
zt_sTLT^kZkCL3Xjxc555U~<sKUi#F08C!za8I*%-xq|w^{Mngxk^5yYWu4G}UPm-L
zMrtn5Q<Wm~Ir?7^Ss7eLr+tM&)Bk{XmF;uB%*h_=BwO=eeNw$Uo<Csc=iIJ|x*gwN
z2FCB0kKbNo%v4RJC#W8QmTBEDC{4eX_uC?;ySTPJwwR3DR2ab!iywu=(>27Z3M<Q1
zgr34q3vUZx`U`H-4J`5=BC7V0fESEl1n7OC$_n?(5Ka*2qqHkuo}R_bBRXlJX&U%m
zalPLX++8_Xv^0EwzD8ty4H$F@@V)IG{bc(D1pKWrxbY#e;-d6^v9x~LRPXot`Mz#@
zvbc~C?wQc<i~A};cLzjqUa{3Oz^B|m4#nsnc*Q`i^D#K=ij${J%Y<!@Z_~(Tslt2X
zMi$WcitOz$5g%uJt9`D)0XP7{T>V5#wDtM=+m1H^9@51A6WLyaAM=qXp&1w1q`77H
z9oHXgHui{@bB|+g5mg{*!Yt;usn$NL-=93Vja%lsfE>vx5E&YvVYc9ULYUrtWo5r3
z>YJS|qVg#FNpW^pLIKn<lsZqk>`c@X#J~7nmLV5zG}AD``D1ihX;<O*JnSrUd4nA@
zvIFItP{RQR1Iu#+n!^QX5`#0r62HK^bVI|KmOPyWWkkhThal12SOr;zTnOWB!{39P
z*bi)_G`Q$L(L#8wlc9<cE|hs8MnP~8jU&vGNf?)vA<yBM(QvH7E7LUp4w?R*TMQ$l
zQmgx%aO=vX;1$p_{}VyVw`x$(H95H~HjYtYF_pXz@P8XSjCtH_0Ut8(dji)_WDxkd
z+H@%Jf4X{@pX=w9$%tX)qO(`8=qyCx&dNc67apM^mG~C>*$um^ePz(+|M;W{U^VTX
z-AMd{PTx<K<6*i0DIn;BTHi$)%y<+x)Gh+09mYt>a|3l`XzTke*|X32;brPPEq}6<
zG`_?cfrULSVdJ@KH=4RKpsHUk3Cobah5=r4#YW5;{!KU<_1Mif8Yqt04j;g^;?%NZ
z&24?nj>o3(k%ik9;qj=7DR|$k#)C9T85^x({S;EQsBQP29rJS>gRDJ6aG8OmCp=D6
z8r+KBDtxDtoxH-}8MFwM+L26^ZAG`!FgmEQ{+eD0PDFT)js<LzB84&E)akSswZ<LV
zXdoPh=2{o_HlT~BcA2GF9NU7PySFy#N4zBzoGkaLnmTd~gYQ-a^L3xXUVLLO$IGq>
zintp8zC-am5FU$-{B@>pRpaQU;jIj7eENq+WU>>$-SX~77$YDp(X}4hrmzs<CnCv2
zfA_w9g0st4)e{pVUBAeOfS=}j)a&eY@C{Ix@5Nky-Var#*8Q8CH^Io$ZDni++)JX#
z{2bGoz|}$ZWZvb$>Pn5Yk0n(@g3U0NY(a%ASQ@<q{C&l%$X+t!3UvNE-57Xe-7>fc
z6wo^4f|lC8RqB^87R|~cn?4BwwGj(ObspWu93Fn%v{T9n$FC?sd0~@JKlE}7bO40H
zR7YlHth}<l9nk53d5yAsmER&-&6VqcOxLl^iI3m({smkZmy{_QIzBLz{AU(V2PrgW
zxRhQqFwZ*=mpdPnWrv2H-2e8SrJEqKmOV^IWyNr3Wz-gBHUO6&pNR~)gO%u1YFOr1
z#<JJ0_n3HC=UaEq>NxUSOV(%B5DCS(7SC+p5$0~eoIzhLs`WWanld0B1VHpERTo9t
zxY1}hQd9jR7!O<e%E)rqA!_PLqVQAC^AYiYz}k^OQW4fKsEhd;J;ZNAGV}$Qv;Vx;
zc*OY-*C~ZiRwqp%uT%td4Z+QpM2AWMUuD&hZQY^lDs|aQ2%nEYBAq;_XwfTE%hP~d
z*d1Xc!vC%I-~D-dvtnEDHTmgyaWOx*wvOnBH?sRi3|Tn{INp&pU=YS;TNuCuN+WbL
zq`tFd+h|04l;Um$(Ovm)33|dpIC&u$7^7#<L1CObQ!2nDmL7vm4DMEJ`+@}HRe~*^
zTK?!6IRn!qe4SPwKnI;}>Lj8XM!82psM%=*ZpBlKO=dHvF}@i|rA)32a+Dg-Cq>s!
zdUS@P9eY}%+1^Jh-}VtJWi0SSg}!w3-Sy>#*)96P=0MePUL0U2G)_dU=6dQ^%K{=K
z2a1FSD(0&ACpzSSkWhg}!GM^61!e!I2L1CZKvNol1ZDye7XH70#qEFQT?p3y#fk3z
z8`|dp5rVMf|1YC)<G)z7f2L~o|CdajCHwz5K>{t?pn;4*0`J<XX!^FxYabK%3Za2O
z<Rt94tr402sm2vf3jdoz(<(U-)c-xI?q9OjZ7`rkynmwUcLfCy)bf8{V7UF?{5Sur
z7BBwme82)RKc%Q^r|Y8L<?-mFW5b1zpF<e#Xr}YWpdVu3WS;a5$%}qoRxDucoZ>Px
zsV_YZQoKVY)$)>7JOP{!buC0)(Byxt<whHC@S4URU1bdqBCC20P(2srAdNS6d~X_S
z8@ZmbwB$=iYc`1dR8BHy!G@?p0h<}fW>lmc&FIom!>Tcyu=?*;K<37)#aArgLXD4`
z96q1u?_tuY^^xARJtJE&tzQ-HhPvzK16(CFI7?A`<?ju*z&?L$a-|MgwEZoL(Vww7
zcu}Ng<$z0EU^Lin_#g-;4P>apn>ftV8$$#x86Lke_h*u38Vg=3RDWUJJmG_Xz&D9l
zIA9k~8XfD~IQ8Dn3;z1_^B?Y+rpNm6zO(hNuWR>wuU=JSnG#D3hW#TLdewv<y;g%N
z(IzQl#x^P>btTOeE;Bfx6atqC=F*ANs0Ocq<Q@p43x_ZaW%X68{@NTbC7OWNSj=j}
zmy_sx^J4OfnvKY@mMiS}<sb6o6O72Q0abBvzz@N5^DW?7KwIE+;wcCa{gnC5=_BFT
zy;*?VXaD5N$v@gz-IoyAOiH67IG$*he?$~mq7bLUyCU^d!CUHH79oI+p(hf$ufHy9
z>*^lb9c;{UF2T(%BGs$kWWIu7b3NkYQuvzr+-T8WnlG~S%cq}3GYYetZN_-EMYTA2
zaUdP2&{DWdo_79j{<-J2p8gMR5g-LDBe{^LA&&ab)vIO^M}xsPwBYpqHEIdYr4Umn
zOSF(3hiiEL7fB<Flw*<f0isHUEV4O>^cpD*DJcV?7K{uOANK1iCKWtAwl;DBajs+g
z%pKC-GAn_wZKV3>`<Fs^B;H;p=~vvJ-BPyG`g!UfLwPj$reSjQ`7isKYf~W2mT1_s
zFLVlM464p~uee`l%`3Rph5+)&G_dZ;T6_ID<UY2RBAo7QDWLvim7c3Qj;oy%z8ghw
z<=RQvMc-GS6u7_8lY}o*O{Pe@#9%_mZ*SkSbwO26pI9hKOKTFWEep<ymkxi5BhIyG
zNZ&sM@Mq0iB;r7;5GmdYp+Z=X-ew)jrtUn!K30uIx$!};=*CqqF(bbrZp3LV)k!?l
zk(qRm*$1dFOqG^s$w0V03i|nS1ip;@pC|3LanRN5YH>yKOL7^8s`3oWn3*d+lW3s|
zb^qa<F{hOuExS49l;+ssRO<Mz8s!$Af-WBpe29IeOSD2sX&@FMC7~9r`3B~iaC}ct
zS&pgVtb*^A(Q|Dg`C869{9{^8;|jae!rc~q<-LSgpVzA|1qL4eXMITB%gp{NEYe76
zwNL8A(@3w}7pQwMlLW>uBeMN|^X!h0Dw2uKUOFcZq-_tZ;*Qj9-`0oWjtwz_G%Yjv
zsrV+FZTxJ)+NG9#Ob$^C)ON!fvEOy?xvnow>BFVL%hZ^2v6ww}wiC6d!SnYJ(8UtL
z(rd4wzpXdC5705dl-iH$;OIS|Q1eg8N~~RAPNV3h$HI8!rs$^R$@FF$CD&AwL}P0I
z?T1)0@mZ=$yxwD?kzM~p3B}tykFfnigxcHM=7h7)&`GbC*F+ElK5V2$A$q?OVT!du
zR@yO*KAD<l_Jx3AU4)pwT-B%E#~}L{Own^)zu%KfU0mnjx>Y?K(aSB;xguAuopM20
z0N?w92C*7?Zd6x&Xuc>a9`-^*ZZVj3f>CpmbvockA0K60Eoe_F@LM-TsrC-(;~X=Q
zH3qGoe56}k$ZJ#?n7fIy(3U#cup6ur%VUL6u<@NT^7e-;*VgaP<Zx|gg#wlj!|;5M
z1cC)XAGst!PCGuRn{WDid=gcfegnm}V{v6gU-wO{XsbF7a<BrlB4e-+T*kXVuZ7r^
zn-LmUV0|ajKc`_)hbuK6Q&GON=$~UH0uqU2sdNDH=-Kl&a!5Ko;V#(Mz#JmgnLA@q
z_0lpFJ*LsHyrKm5I8loSy+~Glq*2ZsEJwbN1NE11^ZusDUrZi2Az%Dp!Z`*rboo|B
zkY#3rf5X_on}}(+71>5xb0g93yK5C=kr}6PF-$&f4j?RVcv>8QOSNxpj0j%fvEKJ<
zwKw!w$$vt{<;$G(US>)8E7===U5~7zq3nN8Iu#`V08e2+AAbod2URDzxFMT-33rR%
zdS{btU3UjSpDHRvz2EGePGDdeMVVa+xUkBdXbK8@*fLBV#cHsjBsff6T$yuq7kTF;
zG_EFf{dFRmx~aH+v!6lv;|RJv?Yxedd5(wGyFIJM#~jeDT2P#qwrHwa?Hsl}tsW=a
z?)?LD1#)$Pro*soj?^D2k+i!j;0D2oCPsjJQPYJHqM|mZD))e!b%Clg%4yDzy57I{
z-jBd3mykv;gS*@FyNu63PDy(Lo2d}%lz^^AWEqrt<riDgYzG!vbg27WmPEMimPE+;
zO#df{#~IIwQt+27Q}CJ3iSE58=Qn{pI3sXAi!Kdu94nuA7Kri8XGh@cbN-bayi~07
zvMv<=TX4{d>w;e|5LuZHdkSD<4<edYuiC~E)wZ`wM;JN#FwCQQ8o9;)8R+uA1^j$L
zb@O=tJ?)CK*~T7n<5(>^4S{sS!q4IA5D~us!aQ;TJy?Lq5!vcXwk*sKkxRIq)Y5=2
z^u@3S5xP`#D-6a}4kT54qc}~#Z|iw0k*ac4<W?olG8~V@PnxAf<E2A2ZngxQZi~Na
z@7CLEXAKsMxHL*VTTbo7=E*Z8<m<PFiSFPxo%qt^w`$>&F(wJ?7-*-}ie^K0TC3Hs
zV)M|6PTLf9P;m(q5zW@ZSa;a#QpU)0@YQJ&N;MJB5T*7Cwk|~i&Ctwlj6^kcvYD-(
z<noqK*R<?*t0&iB-xNdU5QhZM=YTt94I*X?ZcK&Bgb#FB`Rah|w+aBJUaivw!#7ht
zpmpg3sstS{QHBnFpeCu>Q$wh0_9~IZw|ktwT+E+|67X;-M%B-rwUBXwyQJ0)`5ET(
zhAuATdqtlpsS5IE=Ea4H+$it{Hw48E!t!=;QbRB1^6h(56np-t9OqY!;xk=_Q8fe%
zynAzc?&;K<o<?83^WWT}T&vsdQpbhlK~UF87{-sOX%1vuT#!)LM35i0Nsg+j40K3e
z3{hY3XedTVpMQ<t4_%!5sLBHp_{P*^042)rjMl4jYD-@^^u^roeyZYtDr#>_a&V(6
z-(?(%-K-G5r9ude;YwIeHYCM4RT^#>w_RFu>e}sL>auWL`x}y7AtQ!pfxvzY3obY=
z?}gA_;EuCF!Umli;XcqAMc^}IA!fuK_v6eX6d)7cXiyc*Bb~?R=&k&TB>nMjF*1ys
z3okfV8;59-SHc`qtn;|qZA`}}Ny{fZ-!$YtZb8!XC+#&mw0Dn<6fVX-&jRxmG`d&+
zT8|cc$QKv(an|s}gJ`k(xR+pY<l+e<tV={YS+8CT)@s1C5BIbLHd8&ngOzFmUV?Qk
zpw-?9f2CV2Ly|yGk&u3ByA6-G&JFfW_wwYSpS>V@N1UVvEi|f$1q<YRt9zHm_^p0#
zXYeJj!GmJJe%Jl}4x+pEbKt&zulxG&3EuVGci7}>z%6ELNeOXGqDtJoha!8UxdTa|
zV)WLTOOc}}Je0U9sC?mLOdRGp=Uk8mwDNQZh{GgIbP8?Ohb^a1Xci?OLo>01JdtU-
z+;!1=%=X8;2&a!oXx%N01VW>Sxl1FBTn9=!#Ddom7(Tu|{_6^-4i4Vq1$bimjLGX=
zhsD-&pf*+C<H+@haJa`R8VBVq>oSs?KdA$V^MZ?Wa@?})|A58WJT5=;GJdxI0E^^M
z31O;~wIC_{wAr(kDB+_(0-eBH&9FKdIF>o@KRh4DCD);jeRXyp3JP_H3dZ=zWlit*
z=N)z%0&ym~>$7-FmmI4yH*15A#s{)%xa){Phg+U4icemsy^Fo{@`_Y4k*S=_Bsh^d
zHQSgna4+fB_?R_AX*P(|#Tkof>*D8j-bLc`f9mx0dgd?xK-^~MtHqY>`&)o3-=A3t
zN$s3aW3_#g%#&-M^4|5K-R~l6wuk`!`h)8_t_#Ix*$Fs*<dGMa++SE>ITLQxzc*vF
zk4H#{46b71Qi`gMrKUCy`MwLEYbX>I2aKHf5_E?z9u~XCx_F{V89NP{vpg_sn|qq=
zSTTA~>#d>yhz8-(#-#UMUxEz;2P%sQ41lWI#G&#zOc*x`(F^J#l|>70_xeP2TZ3gG
zBKiltm(OPzZLt__KK_A+?AXZPTHx+m-bwgm-;9w<RB7EQzt`85OuK9GZ>i_q@(}w*
zCzi(3bo=}9O9Qz;DAfJJCuMs)INy~NE+kqvI`@NjNf>v~hT5bxo0-PI#AiDm=!dn&
zZ%LCmRtiC~R%Lcg`i~h<RoicE_hA02--S+cUjH<Iq+d!9i~S{DcA=hO=qHiN8c6*<
z7zw5=LXWUj6;cVd%+G+4rgXiSfG1#sdRv)*X+cNs#Z`S9L7lvhU@GEmsGd*~C&FCJ
zWENQHok6B~07oWgeoqg^b9O{Q0VJzF%)&f7HU+hu6#QP03%l4aU&p_$gMHTQGnBVh
z`<Rb|Ug3&tUs&I4j8t;sg_Cm6$9C&QD3m#PxA&cF`kmHwFGtt#4;iFvJNtOQgQV*D
zqiDG%K0bdSGf@8xEgnHso_mDI0IgH?<nlOn`oVYuaw!wRC-L(In*Vie`@C8}@Wa^h
z^Fs4dK{4R-Y2b2utKk3iTh9T4PDk__CWC)r^<?0`upsCKt*0v1vA2OG`d@#WG^-Ok
z6z;(Y9!gVtx!3N~u{xX~hz5YV0^Dz||3HFqUAI#v=>0?vH<-xIa*(U5?o`PqI6yNr
zv%}}-uCf&?DZ$gXnk-e;FIcTG3=?uidZk-85-ML2>#KQnSJ$x^JrD8&1AVjX103@C
z|3E-m;B5#~&nOsrvek~PLweOkAKw39fTrI@;^Ac4_wU{u6h@r%e;Cyec;*NrXOKEf
z)w8#_SxjnQd`D(3Y_i2rUOwL6+&xq3?kAGWIp^k2j;MiYRN>k$zqOsjfQEd~r;6TS
z^G8I@mTREQIa89r8q+f2UG$|;gu)fc#<?8giFTL9@wSUHH)!D8cBL!~`PXZ(($#w>
zAyXn*Brt+YRoj$l*8Ujh-+j7fr4b}Qss?zS<knZj#4^awCzA~geEp3X!#HoTfDIma
zzkux}H1Pl4Yyt3pU2L8f<oS7}(_>gUYwy&`I|-4wGIQW%uPmud_PoY?_rSs$+#B@z
zKEG*<#IJE~7ZZ)q==#dA-%2*TI0vqcfAsuA|4cY0+F9;`L@@jCYz8;bP%l`9=g=Hf
z;-c+vtjuwYOksQI7ZhKuM+mG$&`Q6{ntvoTL7RRfhoR%DI^&G=X$XtH^53{1B|#{R
zpdvV_(t23or<@adZo4Ak8zV))%yPvF9wyjX%8*<Gg;Qhk6~5w$7cC2auj_tN7>G{)
z38*y?bcH?`K+0HECxaPsu##RfVgjE*Dl|@&U6j2H9x>+fwTp9r)<y#PtC)n$sF#@=
zhZ}>F;c%Gz(A2tG3gOcSlXlp^N=U0Tz6m3*Yf~&DJfmM_MBYzwhSC*0v8P!e8K9f4
zgcpl5w5Eew>$@*U3oW7XCjDR^_f_oOTNk*pdnQF2nK#i0wU>o8bNI6Nm>H<b&ko`W
zmc1nLgs_LCJX+D^x9!{A)8VR7m)j`VelX-bY@a(onoFxyA|uKLud?OP)VNsYzVmf8
z90yZNQZD~)NOb=t)3P+wnh?(~1s;6tZ^edd;=*2b8H9<>=Es;;pS7d#z&v`dGwmr$
zRRV=7hKt7Uu*b5Wro46RgDA-u$5}?!jKy+dJ*d2dZu3X%#YGJPI_%4|x+EXSz!Z8<
z1(Fm*Q}k(3_*g`ZrurcER>09aR7SSNXELj9+;<N=*t+9mNYH2Z!3|Y(=e2_>+iVxN
z6X?hI2i}-P?9#0fJa56+M9IOu!oU)dpVfEg@;M^Nnw+Yoz)++y9Z{|k<kE-2(-`m%
zvn~`<?rT&W#5E^FXV|y3JFt10L!z~VEzar}VX*>{v@%*Al(<I;{nceO^{RTEcQFQE
zXsTv*D0mzO4QASVbOf9aR?j_hQ-e|qUy95J;9eNcq@hz>{!Tltes_v{9G&ZELfmLn
zQf-eeXI*a7;1dtv4tQ!7F4}6F%*9hEwR-XMftXF>aVkz*vjj_8%7F9jthFCT$@h-&
zb6=33IZDJAEz(aJ$~ghSqiZA`@Or*n1@ID;AgVdpGaB{FIrKE-R19UnC>3eFiJS(&
zpr3)wGuQQI*G}m#YehV?8aNszr2k|RuqDy04MS@`Zi@ib%FcTRo<f<m@@o>(QZn6i
z2S<i7hG~pW-l9)#(UoKAFT_@V!=!&m+@(bixQ%q<D{}1%wR;^kRn8Ib6wjW5q@8VR
zebb|fvqF_=n9SY^o-v@$H!)*+h8WaG0w{mCi^d|#JfpMAJW+Gr?&23U3qM|t0oPc7
z3R%xDS{Qs@>Qf8-_L0uYc4A_2ee6v?LIg1NBs3SST&Vw6eS`D^Qh36xskJ&eJcj@T
z$E;z8P_NE|rE!TofyiWA8YwyE*1}&EaY$~k{$}CL`E6gq<vl`MYl3&LCdWr1I<<C8
zc<z`9M-H|)WaNbql1_X&X-uc(%TK+y+|m-zCX_)%fl@8}uOx${MK4vHNTELF%X30_
zmf(ApqR7;DfYMWNlV!O>+Mf+m*=%W-hmgQGf|s*)9;vz75@E1J+!?78$g~EOqh2{5
zc(3ij3fT%%CyJH0W3<%GVqKFY;=jh2RqJa2I(RW)8!KOc&DPpg{VO`mvzQsK=5O|u
zA^={%G6NfRLg`8Kpv9O}Du_*`28?{-h*y}x6A!mjI!=Q3(bIG?^!yYNsP5XUKBrg_
zj{)dU{h?YOF8sF)^`+Tgcf9ijn|QZM&IF5@ZAsN@F3#T(4X%(N2LTyedoc|@xRvPL
z5{5LcjE*#{5T<6NlWL*~m3qMxzs{(uPdOQBTL}n%VP{209R@Wm@CBO`Edps-@{Z1N
z7Sg)T8){h+4AQbfu+nr-EbePtW{5>XZVJCZwuT{qw}*)X+lzU0=`~wQEYRJ)wg+|;
z_w3MHu;Tl|UIPt=jR!dv>9L<_GSas)5Mp41Plpu;buC~z(zB9lVaJg!=^sZyTnh7m
zxED3`n6f%*%+&4Due4HlVssM#F|;y7Vqha4qc5AZ3@+ao>Ra-P>y3sS1@+0cyhkxK
zEws85s(q<*6u@avE7aA1x8;2-A0t$cs$FdN$=WVWk>~vr#apE*a@?DxDc4N>QWOt;
z%;%=ahzkEP$Z==g4(YiycM>8mgV;MQ8|NKeS4fz|NI)cj@dJ)XJG@mbV^*2OW{bI>
z4B95GK_i+(sVw*<x^oQCNtrN7jJD+QU6#d-oAXPQQJ8dKq&2hcVo&;tJ3_lA|8n{*
zuNmoB-w&@qizmo!!OZ3J(zc#cBvz3|b(TSMDWK>-LvFgqg3V6Y#m2|{Tkd6kanE0k
zaLb<Gp(DyUj`9=-$U~4Yatku=YUDcRnSCPE0wdhch8aAg<gFP|#aUacsx!Tlmk-7|
zno`yDC(r5})hCkZjoP+X{RM$&kLq``b<@%jSSgxBWDcbXb1Zg9rNcgV`*ob&8C>qY
z#ookDe+LNtM)cd5(O_4>pDCcv_L5h`TU4b3?Dq<QQc#ccQmY?1CaoSF(t(&0n2ZMx
ze6^7pg9^He&p$U-nm5@{2v0KCl#yn1Eoty~+Utn7X+H~|&V<){K-eDq<?B17b$Nno
z4XuQ}#SsnoiM+2)IgqiX4r5;^SGIJ^kuEB#Ldy=2RiSFFLfbO@H}=|Ag|YkRPZNH4
zx?_?l5)+rf)#b@XE4gN;5>GK^{jXp=lVbX3!W(D%&v4~ozZ6q0TB$@XdQttMr;z}v
zblgKT?uQBFY5Hxuddql!#pNE>PM|@g_=<p*Adzba<8d0L?`D6!<lSAaP22osDH(=t
zv!#2y`oZ-k%xl%Tq&Srn>z61yF{`c^As=u9270C84c&av`MV&Vb1fC^!jqBqzHlG(
zw5eo0cPdT`Lm9As6;-^=MwU8x$0;SftmwGNzVh_}U*DNmTV3F)Xk)?s43_0#7XmrD
zccC1$>n=Guwj6b9fNTm3U)4g0opMp%zl#FhTe--O?-R^7CQo`Jj@7nc+E@)`{y0Z-
zr@xIw8Aa;lIeoX_<)QdXTd?XLU$8GFmRuVq_!An6P=tC$nN~R!HO!%4?!Z<Zl<Dc>
zp!-H;hu6>L;KR9vg>SnW;#Mjnv<}D(@S<718UT>UC<Br-H-dp$Lt$0b)Vt8*a83s1
zaP~+~`(yfdN8b9h)cv_t>N<C2PU;%2?SINuyVUjPW@Vl(RC1+^P)1Xk89jD`>Q;E@
zJ0jKR>~obGaEkeP)(;*A#|N=2YI)fw5X%KxMi9r2<aOsc3L5y&0TlYCtKF1XC8M2<
zq`~E>oE6DXi)~N}j>?TEdq};ll+eNfh|f|PVb5Ep4RWdgS*v*j7}Hy6ow9Qg>~em9
zhSC?IYBy2oEB5jg4mCOk@VR%5rs<K~nG`V@>+UNG%wke2vDxuX;HS;<5fM42lP%ro
z;H4woQQgv4-AlHh?+Ie`rClLMu?2aavpxhrzy>53bU>){JGo}<0F(KsdOC<==0+bt
z$eh0;7}Ss$R+eOJ&kAmFQ9bb&sk|!HR5U5ZBV%u?{AP2!TF<`E@+0}|aJMYCM8J56
zQs;{R)RRdTP6dHEWv3qz(rZK}NLHWI8>7A+t0heC)`a8K?4!<}N`vRvoJnI|^%9=1
zxb!j-YpD!Uu#AtcTNfdf7h-5K7z(U<SkOF7j;9e=Owogw101PIxY#rrpD>iPnICi>
zmUdDn1(gW`y!FZ0%)h?+z-kjlohH=Z{8CI~^&y!}${vVwIFXf!Jyc}7HT$SRS=f7m
zK%EScIm~ICQg`9@3mgDx;s5<Sy&BNbA-<bcr;ky^tE0@-;vE}hY)bW=WPSG|Ik)FL
z2!iDh_BMaX(Xjjb#?<B;2;GoTIx_HL<Uk+U6}@s-qvN9m`bzSOlVlj)OsUb$t}Cv2
z<(hj}s6*ShlRMg~VA3Bpgd?k6kE|Iq_Y<{3NRYQuC%|jp?z~MTS@ZIqLKwxwDiYM<
zX5m=wsk+Y(slIE<F>SZ*fIZT~5PwBLH{^S_S5@KPS=|9^(w&F-;c3OyuD!`}!dvNZ
zNQB3QwP~F(%Q|z>FK*Ae{5sH}x??il#ka;IgD>pK9aJYM-;THYW@Pr4tOJkyi;srM
zVqNt;p|5ibZrF@>!;9aeq<9JF`vAU)$U#FFGZ#ctweFXAz?1v9S{~FvoAenAOQijJ
zZm<C&ILp*iI9UMUjPuH5mv7&fIe2tM=Q-wMcBFI_xg>a@aKHmCBY{BfS+=RyF<3v5
zmi=r_`JwaniplRvoHiI(z{&FA2sBFR{wz{p#9~QYmLFUqMQ`Ct{y}$3);S0rOE2>{
zLZR$Jij@<24Ra4o5NI3Kzmk#QEwT!C{{ll`T&Z;7ux*ICZ#%Ixa!|j|%aQ}^%Ju9R
zI*O@S846D8;L_SBVwZ<u>pSc?j>)$cnaw><x>GL17gGcThZtp<vWMr}yEhmWLrq3E
zIYkDWn4ynn&E%!IFJ3o+%P4Lw#j*S5?!;n(ce6n8*f>@xq6xr5g#z4&%4q6@r_#I!
z6pxz^6HY$r7@iJ>atXx{zT9N{A0H^KgnyqF@P8+MCiT|eH$C+nQD{>!vh!_>1EFRR
z)3oy+k@U1ZjM1Pov4vDZtn)J9igU!a>Fn^lFwlmr7b7v7(NOvj`Z0N$@dB|PoPE{$
z!dSCaW?Nj}f)C6NsjwKw>A^HSj3QAEQq^7^50&R56$-91xFd>t?aN7NdGUbN2CTh6
zx`8TjE7<$+1nfz9bb@i``1*9BU-e`4)Pd-s>EjZ3GzM5)6NLxlyatND__2`>fKzw>
z;>^l?3$F4g-*Ndqt*;6U<(>}kI)5IJ8PT-)$M?T}Dz3{0J*`gVm;8JK&wsnKe_YHb
z1Y~ahe58FWrvUiA8@gUzC<fmD5ZSZP>BVg*Wjp(|*E{SD1o+r}?Y<}7#W!PknkdkL
zBj%=$7@WKhcgg=_uOm5QBCT{xI_*BZuj!E=1Of5c<J>kdnklnUx(w<F9^m{viAN?{
zca;UceVKhxjCY7+{ashF>7E=qSC$+JU<$=Ln$8?YU}4Ed)vvZmc1(}&Y5{cUyY}dK
zR5bMQ$f8#=WoJQ_t8YUijy#zRD{RC4_@KV28d{CXbOtY=i@IUxN>|@r@1MIG0kebX
zus=2+ZU2`Ebd`yU3A2Om*EsR(D$vl}NyeP4$LKSDHa3Rgm5=4L!HV4)tG@wYZ2?Jp
zpb$-B=!ZOkE#^2zspHUEbusvy9~~O(0|#Xp7#w^mNWBSn$zq6_OLtB^Ar|Sch#yEA
zTp7}no4_E~4|gZT!<m8*l$CBOnd>)@JspKdc?gn(SpGePs|S^={DfPVMt%ISyo|1P
z>CB|y>EAswjVR?^Js{w+nE3x25}2bB==1Zg&d~S|CkQ;M?*BMJH6r9jnNtJ9V;!as
z@nA6k+qxj=6<rje%zIsvZL-jsJ*BpI<{9oOR(|$?R=a2XORgK!etf&$c(?dseMqX;
z6zYu1xP_E&(edkB90%g`H6n;hd`5d#Zcj#Lu@40TYt0f|#Bf-=8$s=Qi2H`;La|wA
z?%4bW*$Af<MuD<b94AbH^c;ku?M%zo_L(&pu9oVW!?fz3!RkKso&J+Ufj8q+h^L8n
zwo{qV*5vkNO(=gEm1GE1UCVSV^k&m&bEuD`I=2vphI=|8SYg3<T4s<FCKX7AiNkTR
z8EqYPO)^xl3Y<E~@P2(nOld!<RHyb}mOWxYS(F*z;d8ka{nDd*7<~6c*RP~L_T~qB
zx!zx9bCrk1cp1G8`Z47=aZtn;qHWz7ThXSwS@}D}nmzdD1=t*>7VZOxGYDfB;ytUj
zctbn_2bp32Xzxwupa6Ej`HjY|k*%y>-jfpp(-X&>2v*L_U%Nj`vCyD*vb1HxWw)De
zuN&)fr~xR{r$K#xiU`S+u_rrjHxMcX!7FAsZD|H({!xU0J(IF;f=m{xF9pjkL6WQJ
zo`S`D@FFAlmCqND6S?Kr+K~Cec{}LUX_o_L*#$3GR%D-M1Yv=(4C*L#!gLMvIx?Py
zI&jI!St0SVit_UE@WPyd>0B`N6QN)vB1imyy5k1-$eKHm*sY|byN&BcMGB(wA!UBp
zA7LQ45;E<m&q%WFf=k;Dh2h=>1EW@)l=-cc=FOwd72D)o7gAfS(@)z_O+BT?^=p+R
z>I9s7nDA33R$e{8Y5o98J1J#vQo?lVHCmOP(1z6zLaT91G47reoqs@4Hq*9{e~F5>
zBlS>&gd;3XklS@mIwK;Fr)obV6Y7R~MVxzUr~smxY#$U(8}zvkPDNdsl&yiq_j$ks
zs@Rgi*nwz^Jc>1gsJ0XK#~h+2@5J-J^*mk?Pc5zOX(V)Gl0e*co1}f8@3+Js6@^oC
zCNQNg;`}P=h=7e~{!TT{FGtEL`n**VpDH0Wo>@n+_lkO`)^8v9LOk=4So%}{7Ly*c
z5|iyq6Yh>rKW1`8!XEl;#kTKn`q}=FYC*qxj~GB~$}UO>NyPL%+d&d$kiur$8NdX~
zhvFVe-9NXUWD35dxMqR>yT>O@0q4}z_nI-}c8OD!;Br0Gq8Pv#m!SiWK{Z+=+-t>A
zfBZVPZy$Lg(c?_K&o<($6bN}e?$^uQQ*aB$IoEfWy{Jn*Xke@wikW|SN{-LY^qTVT
z-y$877d-d@y_OV3M#H(!l0n-v<i+NHJ2>cGenUVjWu3KQi>BPRwu3~v7IX{^R{BNX
zpzN?GVA--|RE9PUo<S$Yd;GtY8n7<MlOEX_<*ZV;`Zdu|<@DYUIfV(ZqlC<9pTVKp
z3Q(mzdw!3Nus=RPvLxc^s8sjV?vj91E^`(kM;M}uXERYPm_~TpFy&&#)%W$_41S*G
zEX_8`4_P53+7gz*SV+AA#Z5VyV*KAXjnBk(KUM^o>usA3bA6}bt{`S{uPA*HzC8_2
z<Wci<&v{XU+crCQlB8@L;IVU?iPcWGOo2#-hchVdcNSk^A~No4p;+d_87D*7n255_
zaj}rO_VSNB-qCjrdqwJE<v_<B1>nD#=bJV#>GiJ7N0Q)+YgzPOnof}r!<)21?<A|P
z^d8V-Tx}J#?2ty2V{q}lY`ota&KK|K?RVvtZZj*XbTa-dHQ1bEnFrec>1~0ykplc$
zuVMLAyMxj0xJ^uC79PFBh0xrlyf7G{XB2(0jYUn}r=?=?bAp>gjMfKT>^ykRab#a2
zI=SR4<odqL-U(CKr}0FfOxm@=JBVrF;_g_Mn8I#J3)%#^a<96p4rn#VeR2R=R<gry
ziR1thS?$33yg&PQC*DX$CidajO#OXtOa(x`j`}jf+hP&(2Ujm8h=klT{a$&qa(-zP
zaLf0*L$gw|=y`Q8CxqoTPa*~T3&m=+DU9Mehf|t}bhB`bU0|Dm2r-qIGEx$1dAq(v
zepV=!f{Daq^JG}Fdc@Rk*RxxitC~H5k7kyS-!jw^Y&r7=;;st#d;zBR$YKH`(J1kq
z<$GI_RHvacio6Udlqv%kL+~#)f+92#5LkKYf(LynORu2=eSLMsF0brO$43dvspJ^A
zWTG^K?hhO6^k`xO(ra-)8zl=1*aSSaw2~tip`0g{4|2d>4XFK}gPAwNJmK+-$bD12
zm(32wCUpKDgOXhZBgh-ux1qtd6FgZ}^f_eteAv5d+q_Nb@1|yTLs?2@6>49BC%AjX
zj8w9@uNhm>+7Toutx-vYQ{on7y;^=NGr<Hw&A7b^#kHm4B$%pXlhWa{S9}uZ5C|sf
zg^GLq8NQS2t!jLTNFK#KXfAXrm}cJGILT1Xh-@;G#;ybdRR=ule*|)R4%&Mvp>j3G
zd<YT|1D<RR_G*@j&v+>^sJUG!gs~@j>702&FMM4vVlWJL&iR=(R4wn!C#T3Z6ZO+H
zkuJX1EmfzOp!G-Wvm^T^mmH{*wrF2tsDAQb%;=8~R%})HeQfLzg391lHz{Bw5b~n1
zA$X<PIQK#~<6K~t$Vd#aZRIAvF1ry&ch~*=CF5Z*a(GODmN?v7Qw&<1mRSr8{)n#o
zWVP>Zk%C>NwWLoFep1to`tlZjN0wVB^-T2M1w7C?N@y+qD(*EDb4|@bmK)UbWJcU&
z)i4@DL8^IS!yjGM4Ke{sBU+JWn*zOx&38NAG?((2FD&D_a^R{dUp5JehOXc*$I__P
zVt-ME7g#uKSGkosIzR0OQNWzI$E6&rdCTr@9q8MAl`+So+hC7k2fLGYgU4fyB6w(b
z5Q2J9rvRAeg_FfG{06^Y4;XNr?j^M+TVkV`vAufI>I%}n045}6P;EK(KL1c!1A@+j
z<PNYH(gxhZkE7q{`pg#il^ZT^w-q9!p7j}$K(nS~ig`@fDf{)oNxn)Ta}QuDVanZa
zaw<Wd!O!q@-xSRMZXOZzCI4<u;2ZpkH5QLyf4y$~r6;fhp6SI4)I;3g0ppI+2(}BB
zb80%3HCFE>EcV;VAidy1jD44h2aewI{<{6X2a5}KD-**Vm1Ti5t=^vGRm~%`WOCP+
zshzdfW{)#2B)$<r9)}FGI8Vc_RI*4%N`kSdJ^f{OwXCW8d|tbSVqQ5)TKtFmu#?Eu
zO$%L?qXX28=5g0UBf~j<;Z`bGMruKCfqWgC+G1h?rqAo^uYw{2k~fdjo+_n8o)WHx
z+$QVYI*g=`*Z@U&HS-MbP#CosCUWB@WvB0uZyUK55wH}>l(MGq#o~p5gsYYCg<O?L
zD>KBm8T;8N!P&6|#iu{7DVF)Q*U`-0MIl1#y?^x9+k%tgsP?eQE@-c+L;5-nd-?0&
zJ<iLLgj=&4p6$4uikC7wo`udNODi$0>asw3CAg8*9kX@HW1ZI@MX*&JGvKS`!+{8^
zi)1exG(IG*(T#@}DcpYG)BPYz=ZLDUe`TtP_qLE_3ejIKtRM6EJ54=Y?QCXjY>#EX
zuo*(JddzqyrA2jR|C~7%<ZBk}VHP+ZvvFI-&g0*I-;nxlBg$>?4Xlo=<*VS8rkJDn
zi#tfRV}YbruVM8OI9DHurg7HbE<HK@fjgjvCaI`t3pUPuPi73`4Hu=H3)g!M?1dF{
zq4>2v2BM(S&MhQL_R!>IfY<sVqF5)?u?HBTc8V3EP(*n?=}`7KGW<HUOOJ>_c);-w
z{~f)R^pb|*7imO52z6T&!2@wf(QkSBmB2p;A5suyl=0U)PT=E^W8I7a*X#B^V;zv2
zqoFt)M%WAlCkZ<Y@&}y^8O`Dse@#IgmhoHzZ1RlF1_ux+ZtgTt9j|%^`?d#BI%t)C
z(jm0jc)G*Pk2cS(#g|*UkHX_0dT4znqKp?bTPz&&^9;ce5JAq$zxu;e5*MC4VT#sT
z&W#h1`%`%%<RhwxVbVAFq+GdS!P;4rMza<bgOV8Un7UI3w>LO&Smpk%K*w`M3H{VD
zCBgVdBY2?nfq25WA<!2eU>xxXHn#U}1#i^!g-#WU<D92TuCIq1gJOiLf<${XruTP*
z8%le%i$zgHs#?p3U&k+ux5z}1Bq4~~L1Dnyqu_j3NThf$Y__9}V7m}LkXZ4s47DJT
zBcL&ew75qa_!tCE14Z2TMIlGJB~41dUT~pt32-^>y_<%xUvMqh$XSp4BT(?JJPJl$
zBl*Xi!jxWM4|qP^*vJhXOe^&%;BHBFHHrp%zZz<^S2pN2ZYsQke6eHw4=3{2i5cx}
zC3h+fJMV$jNI>_+!~3t1l-b#L>{JW4U!n5#g15)(hbtM2CKcP2glx|)n60fNU=3p6
zbhi;CVlMnD65BQm+Xy2)T+(^MtG-yG?U?SqK1vG1LFe2N*?4l>JQD7j8;961mE8%3
zOnW*p#UT>Gg-3@&p+m#2agj~{7$w3(<6uEy6j$({TTI873lWC4nHrvJ$VGZDs4M6=
zb8Rw&8L+F^<>r*3G|Zkfq6Q2&h@sYQp(qBaYngHD#<?Mk9_Bsg4I6F!weM?7$TlZI
zWx1GmEFP5mUw-Y~l{@9lgi{EK&VS?sL;pXn-Z9E{XxkPpbC+$~wr$(CZQHiJ%eHM-
z?XqpV>eW5xey@G){a9Ij&Y6rPEy-9dWA)yrF8zSJapkWxdn^FXIy{#T>$P*`h!zD+
z^UM6JT07iEuK<)z)bD4sXwCY$ydc>MG{;*$SOWd~mpMvd@ePq|;tV+UI`aZ1vI#Tb
z^dEZbJ64-kMg?!e|4$-MnD6v*w$b>uNOx=&S0#HHdm(w-5dT1ed?Hb&h>@Z6EpGQ`
zi|6wb+r_VivKj|K)p%G$NG>}AZCB6L^4Q96ZmU0!=~pPP#n<i3P9mZTmF*%5*(*Mw
zY7#2)(JD5Eyk|KCQxf;ru-;X_QI&zDTWkn)cA~4@&Fs{V*vzh8lTXa4G0`bXpWANl
zos~77p!~z&xyESrJjFd|hvA5>mCxv>=R?hs`~%PT<@IO!$?NC)Mr?%U^>Egy($vo9
zrNav3;w|6f{+VJXlEwENR-%EFqlRJ%dSGTp*XQTW<s^(&UC&4lJw-lVgCYP@DltLW
z0kB?H9tzf=Q7y~eSLU1EcnY00qq){!^sq39aoKv(mOgRa0yBsvMI2r$u7>YElCJsK
z++8+~=tA=Wk3c71ZeWcD;eB2Fzq<0u!0x7B;_xj`zrE?>&Q<#PHhKlNT|B-gak+7f
zTpQzw7G2kVp#R4chbEQE*hyI#)n9BbssGiM+mm*XqoCb0le7|Zr8u(;5^5-kAXeYy
z?g!53drs9oa({^oD|VtS=AZvFv${<FZVJdkscMOss8$^px$W|D`0{Nt#ILH-XnJ4f
zg=&9VEH1HzjGt>7`4S8+kvCe@|7)sT`Ou(!h%D&wqlvgi)J3uVPy*csmroi)Wl{Gu
zg(8H;PPPV`>VqPA?ZNT%cRWM4@D<cX*L{QTF$KK-MWylWGA%X$BqY^p)IwSwPB*^F
z^Q{;xHl+78=n=-1I3-l>X`I$e4G0M1_LmaNP*Uq`WEHxVw!SBIh0zHG4EE_M@6VP(
zcupp8&Ex08p>1!ZoV?I(ru-bQ_7WrqD(pfZ(THZ~EW}Dy>I|@`meQxfmg@@w2xh%M
zFb=ledg-)NUXb<890|C78mASpJ}3SI*u(?>f}=ryiqc<<ckL!Cl6jAfGHOhxl3cr1
zrGcfCL%;-dn~B;_(P!&l&F!Aoyz#<bWWi$I=vMm=(sMfHdlp)0L#6hXgzTP0?KZ6(
zxd^{v3VsxRqHB+OUT`-ClCz4A1JWb_*jO{kvr(zS?hox{^x#<3knfl;9uzm7G$=?S
znq?9A+`DkT7$r_hyE%f#OZ`6w{sNPSsDydOO7d4tO{gRt+LXD!urh*!V-e~J<p2eP
zD<4r$;y&pXGz#>E;n^0le2sRLxr@fP%kmx=Aef^tcRt>z+aL(XFSo*O>4e(B-;P}e
zk$0k1S|9XmqWahM*g=91Zax(KJ>TGz^eB$8Gc;ZAyQ5h*>PZSkAA2}ed=exJQa({k
zK1G5Abief1-ut7}A^X5z<ufdt$c{j~Tp<^42SHX5l3%%75(<t^eNhr+cCSlY<p!4i
zOWZD-9C4)><y{s!utj_jU+c4eEc6a4cB=I#S`U-r=`cLKZ(b@+M6}({mQ=Ms{feCw
zwnC|0xujkZyB?Q$XEHFOtV-|Hu@7vl&)=cd+!^JFTB(Ez#2w`byH1&uSKb^+?-fJd
zfllik_ft-9=#MphjGp0CJAEt3JV}(E3e^3wI;gv5__&~9crC_7`nRLZoii4z!|eGI
zx&j12YGJ><p^xI&w1Ng#TeEEGuZ|OvIBOg<8hYJ^>u4Toy$>XftqwNHVK@;FcknBO
z3ScT1_-s)1nDFz68_iiby%1X5@aHH$7=IvNDKH>j`&5;w-f9bt=|cg2s84jzCuuBr
zkf71_eXDJzGntT=GV|snqUpwspq8BAC>tDh7C&~TUZD|Au*zPwC2_Y+m%}h9rfT3c
zLd&%73$Q4#d`fH2;}H?UEPK)^RtRJ@r{HHu7L;Mk#<3$WBfRa>fQw^zE=t~Ghg)$`
z8c}!R5{0(H5yKRwote@<2FIK@sPOtCZnzKs{z=%K8lNbO3e#!sO|vh!@@DI<88K(d
zN|`rGy30B5!$()wXQ>pQ^3~zpcxKW&lm5wp6fzr_%lLoc)iZ?vzBD>#wJ+J99Goyl
zgVWyzQs_)@!9#*5!`*>w7QM6g!S7~<xq1JyEzasU#&8RyP?_z2R$AQnPvjG_r~;;f
z3hSZ@h=#&=5(uJoaOD!vtoxdIn$M1q+=btF7vT~Xc6WVfDUl{VXTNyLXRnTvk!=gW
ziYZP$QGje@Vh5fL=2qJsEk9p;<fP+wWmLqll?0pfEPkfo+<%;5clml!75EVotVmrF
ztvit0#(``er$?W}doq8fYiS4TjnJMY8ojCl`fLf~?epV_WuBtb@QYp~5mPVTq3kUk
za1o&9vrC%(h*C{Bt3V|dR!SK&{dp|$>Q0C}eE1cUc$uV)$=?E^ti_+;m{P#0Z8Q=y
z%4y+KKK#fqo;hSu)Ibmc1>$&~-HtxR*FoI(RS{s<fUvfqO<TQzD429tZ{>k8R*4ga
zGYV+fOK*%bzqfRvA+pu%@nVjaEr3_y_^eh>7p%UE3_x3UAxyUoPYmn#;k@@k%NAvJ
zaS1#}qvgMdzxnd$SKM5moEvoK5P0ZX&Kp&P|I2)mZ&MK)7m1SDtmz5s20JO%`?8w-
zggX}CvEni4Cc`I6;e;d5mdUT33&zhT?lS&5r%M^rjR(Gz)f?0FJ7x=RXA%ck9vX<R
za!`OLrE-9!8B^3#v2Ou)>8w6t(8<H^XTq{C`LPq|&z;A!KWbE$)6CJU40`G!TfXkT
z=BnE1H)4>?#jsLeRC?}wDZ9>)S+Bg(8I(hq*!HP3;a`zt)3Tm&p^d@Q;u8fK2v6u-
ziEs#<Esk<oFOHJw_*Wct7ORY!D*apCKZ~9RBM&Kx-d>Sd?JJadj53h_8UPf7oJmx~
zo8J=#xG%_8b)Vb$JGT~H4%8dCv3l;SFFG?8&*X$Rf8~!@hvOQ*KsV(?V<?0=feQLQ
z<by=>g?)C#w|Eo#Tk?*g2l80rSx1{TC6UA$xAB<hE1lCiF;KlWqanqWr@TZ13N!8j
zM7Y_bpTB{r+<f(CqF#345?j}JD9Lp3eJdLjaC_&JY=aj@%`O33fcDWUm|T8lI}oAw
z?S1anEtq5<b53N9U(kwE)liSz$gWgvB_EBZjZmHm>RfsU`KMlI-NuCXBr)Mw69S@d
z0HCj)VJs;jA4tMsK}>X<zK4PklkxmqfpHiZ<P)WQ^Vq4H5Hzsdg<R8nAmMz|B;lMV
z{37A(#vAoO0s)8M@p>{n3V1Ctx76UDOzn_C5xh04+HixiMqSIvn`#R2<>-x5Y$)Px
z=`clLoNM~E)BHYY+u%)}opG1^dfF_~I0=;})vFn&$W+rb1<+Zt)S4QnP0z>+F#wMg
zq|+vKiTDY)x_nZr8m;E%dlx`l0#yv=jLhY;n!X)Q50&zU3evfb_jvlnP#Oswfc*-q
zs!R+1=X#my0*prjct<Y}DCq%Kz%BDYKC$FG+ZSYSx9@Kv%Lya=Thz4YfVmw7+v%%6
z5QTgVM}&$I<^f}mkY1Tf8Z-P+mQ%$!i_3e`caKXDLK7n`^R$8!PbQb3niYvpTQbDF
z2cDI6i>PWWmbGknYH~x>!WL#$XMot{)r*76mOEbK>VO0&|Jv4Ux7GlkMPcGw62PP9
zz(b+(Q1RiZj|d9FKi%}eG%6uyXhNDCfI~78eo<go<4n(>EoUx9X!k>793I$<)qoNJ
z{(^~%OX4$m02j3L_n-GWl=!WZxT7S`vg)&6{V`@s$ksa65*7(=LhyWhXnH`W9k%~S
ztdj6yEc&)A40T4kNJ$3FbW}8{^4ehFj9~q9+*5#na=%O{dfwgsICjpU2orY~f0-=_
zMy;q>Z;@Qa;ZxdY|I1xFhiP%}Ffm^9%KqkMcLz2k!W-m(;(f3s!=EwCOGFzx%}$_#
zq1Jjx@p@3>E~Od-l1!zzV`mpF>wGwVX5ILyAl4P@qQumW5EHP`OCg-I7TGThy_Aes
z-U~}+2T0nn5b_)4tkSI!)B1w+4wkDGU`$^19#i4gv6K!-)JBU|9K|(5=&dF#Hd?=0
zOST-2=vtpeTZI(+&jz8^X367xK60hCJ(F^8Su?{<YFTNE9M_Ew74V6RXhQxn#F>AF
zTvw=So@UNz)BRWK;be~4)%W~G9oDgTaFTI1C7c%C=9>UmMS;<<m(fY8`pt7nMeoit
zOm!_NK$q3%i8wYL!()s8^g7FHIp@=L52R3<H^!Fqn=a~c@(8WhV@YCvIdZ!Sogou=
zE_tz4;YaJ`n+8q5ch96);_-S`(^p9dxB_w6!J`uHzY7GX^x#p^tl-g8TCzO{L|h>o
zL|m_pS#5W0mL7&?l+NjYvSOKzKjzZgI2+XoZaUihU3&e@H1r)n2RHr9)=3Q@rc{Bs
zGr74rA$AaG$>JIBpN-;_AMhyJQCoeDp+4NN<pte44j8R)`>rRsCAM%^uq|xvN5NLh
zL^hnJz%@E2P1X9wj)n2Pq8yg(8s@gZ)lj*a8zW%h?0L?S?7t6Qek+wdn#gQBM{Tga
zoQQ@pf%YLWy+zfZ``C!$dbHeJW{1i!T;Mt<O+>Bpm7y{2JLs}}CH_RqK9uSbUcjGu
zWL3kWUO`((C6eOrB(2PHOA7qgFt8?V{EnM}nC144KjzrC2V7p_$3dQ*3qGM7>8fkH
z3jb#8w%;ZKGEpf6tSwGWQqPv@zvr*&ML9(g;%7YYPBv0P+RGL+ww5vvV+e;BYES99
zPe5m1Ef=-ffdfPz1~~pPBpwMSrblgyl5|~PhCoEvI?|57`82@6G>!8jFOz=A*U3B=
zjPo+Dg^_;D8RH55ME^G1*&*Y$SRvySey>8%@8>_4<UfmfzM|V#{h8rck1Ot?w&6S*
zt(TzfCVU^)0_nPoz%nk<7*y`3!)VN2*#R>Qxw<l9g0>uIwUrO3e*l^8WT$r72}oo9
zi`a<R5~a94{fndb<4F`JO+w=oC(aWbIgYY6GiR8<dI_k)BqQx@IcKZ8v6&G+AdK=X
zKlNHz_|oS(=H&6~`k0A5HnTML2AEpVQvhWY5()xCQ<omGsY|Mrc5>8nB_t^?6$l=M
zS7*_Wa%@{?)lt=1ESLmzDpEi28b$i>4uK=Eq3s7wR!VPH62X8o<yXKcGg4KYaB1u*
z{v;q}bedW1n(N9Ys-_t<aw}^EL_i?%T3{nCboH#&cc|4{pXcSBP+PW|B(GwpY^D@m
z)s-6wh(zx;Ad*8pjG8EyJE=ZS7$tg`;syRkF3NE;k{eAunVK?19UT6ks8{A8A_p|}
z<(-0_W2!TjSSDhwk(#2LI53UoZbAdLV46+M29-JZm@Dh^O{ewO*LL+H^{N~5-RC?T
zjN7qm?dEwRSaxk9T2iJlaV=1#EC;cr0vnebMiV$&2iK)~$Y$R-e1$e2j{?$t+jp8w
zw;%D_bE}2ag+*Rl%hZvsOfiK%uwyl(iq7Or6zk*4k)l~r^R%Q&O;KyeSK>=S@kqi$
zdx^APG(B@tej64q%^B84o1&<b4h41%y;clRGhcio;#}!a6)DUY5f+d8)ZsC3u^fAz
z>dJ)O26hgj=?#EqE5QX}n<)#U>>M{M+L#=(=^W+4|54!~vQji@C4uApkN;AnErSBt
zLF`$E36?WRH}=zz$|@&6_r=CM6T^Op&n9TOOVzJIg$|)stX{LH{X3X-dSIC-do1z4
zm}`CqDj2QF6b8e2>ZmOe=s@I9PfTftZUkbP2$~|0-yh5QNe&3p-YsM?j1xAKy_O6i
z$rv0I6UbSe?=Z-Z6|bG#$PB>QsSXlCADLMITjMO)XQN5fd!hlvF9=O2p}2w%GQJVm
z7F}Q?&SR2W>T&|(6MU>mB%1{Ko}Gf_2%H=$={e$x6-;ImJfqUnqzPXXs`LI8(4&7V
zQDGIFspq`NTz#GqR(`E_mFY02{t5;vhA(kVKn9oi+gx^u%gSlm)aIFpU>y9mo&Y*q
zra<)@aV0hvT90EhOyhE#cp?&@NL3l&$s*=YxH6>byb|yHl^<Ba@aiPwR4Z);;jL)?
z!ohnYsB|Dr9{VU(>i2Vr`YKR?s_Jh@6_`nwL|k#H8o0d4i4(xuTwAgozpr@hln2w!
z57?i_2HNvB#&6%OItl^LOudC2qhAHK6*R0&I?A~cUrsv8Q_D3RbwTs$pE8{OAHtWR
zHTyjTW^HG*=nkj5I^9XTPk#k%#>vfQ^msjuLvh>&tqsGDn%rl?L1ytJvP=S}#ii5c
zl|qs))|&?wY!O|z9FEViLbPP*lTOD(Yy%coT%3_-b+Hv)S$al)OIS%z`j}=KM(#;J
zuJ=2#-y7G|q(3xG<9=Lkc4R-*e!@vVs50Lh|7jDgANF2ZB>g-uKJKh=?$fqJgaTbQ
z7)ygnR+%%3lG$o9PW|`{ghrOS7|=0^EbiBvP+^*tpf^Y?sYX@9VGn8FH8x#PL>a!=
zRKc!IJ2Y~5wY**hE=BlKcwYYb_@0XGZ~#1wuBJ^dZ2X(YS!5VYHW)A{`k|Cfc-f+s
zlAvBPyR60ZeB7pmG*1Yd(!$PQ>=TtJ@a8^Ks3J46czQ9isWH-P;t`_o6p)*Lvx;T#
zM+3(#2y+~DGJ)yBX2Fj^FAB$OShUYfgsMZ>DITql12ZXrvPzra*ItPBeFV$Jel&cf
zQ6U)DA?!N1)Y}^^R4Fz+nN5jSGVT&k8<uW~%)gDB(!n-RCs#j>&*k5dep`4uD>kcB
zdMlRwal-55HZBgU)1RlGHqt%~5QYRylTveq!4~mGXhx$S&2`}q_fK~o(Cn%&qf>fF
zbO`+(@wRhW{ATPfZ7}aO%;`^MP;>y#)6C{H{P?DzFk;WDk{oLzU=vD<iB+38c$5yX
z=z`Bw_F+>IJIG4V>ff}DR3_eRJj34_m47);RTnBUKj$O8%<29V0}mBr4(h0#uS9kf
z!n;ib@~tJr{uajzNH=F9^$G2R=Pm;pJ@?P9`JY?)L_d*I(G3NSXKV5)!r5HCOZ0(K
z0UoyI<^?YviU8gj=jtVU!zhC7LpMEX*w#@V{Mey5+nXG`vEv*KFJ_djT-vMHK<1@O
zkXGw+`5E2{sIU9Wi*C(LTp-KZ#r5{q%l656t~?o*e`HYyPjRKEpx$E>q>lsJ=`};m
ziO=Rtk=v3_d)Ce9vUi;AaZp?O&1ko`{_1@>(S!bJfss?gH3^LSk8qWPgu3`$IIo*r
zA7+9#N=5RP(8SH2Qw3~-7z=3_lt?KE4zZu5^0jjIGiDx}OP)n{CyCUS8t2W}p9+RG
zg`Tdm^c)UaCQ40O91^Z*graA}0$1@>oQ%I*Td;7RT>P5X&H|6Kk7h0cm+{J-t2hpL
z<4ub!2zR%@+DKf)liON_m%8<3FNkg(UXGUqNJemZ$en(Imjy`%WN^AgGPqsiL2Mqk
zq;R^Gzqp$9KQR9njzA}Y&$f&QnQa{QZ~W}}aJw5N3XGBljtEF$GebV=BH!sG@xf)k
zdc;ZOeUN&84_(O@C34-+)IZ!x<QO4xj*>WKhJS|J9vD3vfpJjsI0@fX3YC~%r=)uL
zCr_OopyYL+Wre=oJ=_&SwK9slP;9Sr#{r{ggO`QaamXkrP-;Cm2&1g_^Ol|0<f^R{
zH|jHx=yvPSO0uN5f0dEnaW>JFa@Ka+{C(iu`~^xmtM*yvU7}h<WZAp2S@wayUyx+(
z1CX&+NV2!`|Lqv5{9hboGXR-uANbSm5Lm`p>yYyuTzMtqqC0qHrYmgs8!=_}H<m2h
zY=B*E#mt4X$lJQ|iAzU0?@^TH@946}maS5b8uOc7>&9Vk&S&d?GSEo#Z>m`${kb~q
zwdvw~vkUvpIWR5%Nk2dBU#-6fSTR%C`@5G`KK9=TmcJe4tjiwF|8oY*9y#Y-&n@4a
zwbjN;-ved3n9Wgz-@%dHqS9RljQ3Aa%lc)JwMxUQ75f*;cg?jjD0;2yzhJpEvKC4A
zF&J%Yk+ka+lFoA=D)+XKtm`zPR>pnad?4z&<v*RU&2mU|o_}9C|M^<7e3b_J3Nd|Y
zpgd+#_Q;le=Kn_1$+8Wr*spXe<*S4?{9R86DTY<WTjalcJnWCMOalM)EB(JW%l2;<
z`ru*zg;f%`-Tm%=2UNUsD0@OXbAN-P=>7L_tDohR@0LH9bP-B*>o#ucPmheMh5WYN
z(T4!;1t6m#I!gkX;=^t0^W78rhgp(~j3<ECHz2|M6%~!Wi@Z)7Gu_*)t-MXmX^g-w
zaBv#n{=g@n7kL;2lM=pPu^T9*9Age{RI%Kyve#DTKS#U8>S}bO6h-xF>-4yPeV<=c
zqTPhbNF#s)wMiTT#Pzx*2Q9<|pIyA9#r5*}y`-(4)ar8AcNX+fljtH8B(wUd)AiFF
zl}xdsxLxjuhvIm>OK(aB6f8dEA6q1bYh^wrt*J}ccgsXiPA?t=@`uW~N-5Tw05zoJ
z99gniC{Tvc9%tu~NUfw-i*t&lb!i*-MEu;R@w*8uFy19?r5{FHK29Qy?z4EMluA}h
z+wZBC*4O0H9)(hT?s?Sxxt^!P`od{n7}bVb({42V##joQo>O?Rup6a&OqW>SOd!=s
z+e8Fp#qGqCi^r#;UWgVyLz})?0il$@f|;-e+JP50DKgx=QS4^6wbqXk;~i&w-u0zv
zD+{)`xYZQ`(?kK9Yki2Tp6xSh>?!}8g})X^OOeB+y#Tn?&bHwDAG@(y`#YMoE}}_<
ziV9KB#$zjZ3ubV(oHv@gJJ~RDwL#T-9iki!1d2;!^a6@kyL3<fx~JTtgF5VG)Awns
z@!ST40N@mzAnG(?g~wE56<04$Adw*(#Wx@_HaB(Qh-b)I=&I8|Q)QdL=3bdb$KvS-
zw_^)Z6tEftDLLRHBPQbdhk;C{UBs~iQDBjHB*Mq)6q~u6-Gs#Z54JSB+@c5OW|SK#
ziBuC)DY{t%+S3<d@rgCajsj}=;jN~`(%z`IM=Ds2GpX<YkNl{qoTKEMc`uwxnoUwH
zf1kW_?v=Wkv+dv@v}Rd)#>pgD&J7xJ{)l#)_v)bsrJIlUq=xqE08N;?QT<gE5jyYa
zzpEiSWG!O&m$EoJ-5*_)Sx9MlN>#afa+rJ1!zhtSLhZik?oEl(MB?!5r1$HbEo?~v
zem{g^EcTFfHNW0gb5(s9<cUV4Xwx*)fP*grWtxzzb(fpypWM4U47KrCTnoyzC0Vc&
z%QYrv%?-ie5A_GN`#bh{19_V~;*szkG8OkK8NRcm7F-a<KFF8)*Zk1Tm%aC=-A>Qz
zq8~Qi&)ev6t-T4>to230TtO13#Bp?)upS`Uah|Fp@2?_;(Zo;w*GIbNSW%}NMrMdt
z`}XntO5#GV03zU(s>3vZXg1cTG7wArmr{G%t9Rkz9kt9!%X}a!UxF{YIN)-76ww(J
z^Xm5Tc$#n6w*X^*m~0^H+GE<dQeUZqr9Lz?yQ5p6B{U2yOP8yoZ2a0LJxIXo-HrBO
z-`)09;k<dWn+pkFB$&gGF-`GLKzfWcfzo}Cm-S{UsgS$=X4WauslMV{B9djixq~$+
z61ofOp8myV(c+12(Z<So!zWC7OcPXAvLIy9`oP_K&JulAk#eCo7P&QxN>d{tx=z=|
zY;MHXL-p8U4quj#ex0*(IWvp9d@5l<i_$1Cf_|e5^3rnAl&Eic-A?#j!ZR4p5_rzN
zB2rO<x^1HAxnS49WZ3dwD(i)>C$e{YpCm&6FH70?Q?K`XXYH4o?E5*mc3H{yTM_b`
z-t+T)I&_o!Ui~^)mCNP+9cr!pzWu(6;#(y9`2ePRz<Q|t@%aSyxH}n>&E<aEq8ojS
zBv)dhH4R;wO+f6YRE;G!n(gBn9k8lV)nUdPZn_D*bD)FzRrf9t{J|+Db2CHZw&`Ht
z>$oZcvJVtkAskV>^^Wapz;Ph#fA)b62xuw8LR2`>Zzy%&FqX-vqDW#X$rT*SbhJ^A
zV<-_8#gr{gwtp$enDXa(`9?p@O40arYQ{*m_m1_jm+f_Bv&i=A^6Vnv7=SU4m&G#0
zX4HGqGk{d3Bx*Df4bRMYdB=^;-t40YSnGC5wB5Y?JDNZ&x!yVTHSUp~Sd|<Z9)KN)
z9_MFoNYGC*PLC5ib$)7oTLtP-9eB8Y8j}*Yu2h3oWqggYSTQ;WR=}om-z4QCbzUAM
zHh2>&IrSKNt8I%uW3iw5#2u7RGNHjm#KfL1$zAYkY>CupUm_ov0ZG=ZQRx|`tc2b2
z4mxnIIr&l}aa+oi&J+lt1ccAKeXsoR;BjHmUfan?&G;PdZ;!_xuG+lzsA~nw);9~C
zJLAQwMO=KLm8+?(v8>6_4QDX#=zTDtP{d3Ud`nZRF{TlV-ypi6EOr0H`=a-xu<AX<
zbJ{K-zX^&SySpB{y}))Dg9bLhRa0PJhmF>4hyJiRH#!3P4nEC&cbp^MI74R6u{LkG
z!23iO1GDn!U;v~1A8x%E`$@?-@mz;`MQE$J&umBA*xn+mVlTY`T1h|>`!vHK6=P)&
zTP4Ty*_=g8;%#^~>q%J)$IhC|nXTM}>vnD|j@R?aGNKAzDdJr=rAf?wOy{1kRe}t~
zdUkQY?%BeorZVAu!I-&VKhdtYI<CQ=KLBn^OEP_b=DX-Ac<l*IWnY;X6rbjR?*a~m
z3RMi4&hzFhV8s6Po@9XLMJ!=q(y1$~gPaHg)K8<>axd1N1@u>-@Ob<7o$ejHw48#6
zi#+M`&#6L@S$*g{OzL~{m|_*9@n=k*2Hu6G8p^~Y$~*1v{LOAgGCKT-6K%6r@hY2m
zduMy``(eNr3NcZC$oPl8i+0OgNL?b4a%N|0$+@r;;P8IgK)Sv|yp2wQPN~J*aaR^4
zG#vXbt#&*{c@UGox`|pwKz2%F4)UbO&13a+_Dk2a_Qq#McnMk6+%7$DWdREy5JU><
zvtjLqu@Ox-1B#sOK3q;LPitWn+Z-VDmv}DTwx5YNVQl=VRZ@QdH318=Y%^lQZRODy
zx9wJk`U$ST5_zD<7R<V}<K6|=;RnW>*J&w9Yw(E&V;$5{+8x%D%AVFz7&w;O1~7m4
zRt-GInO*>azAysw4J2*_3*&#v2JzY(!oI0wOJSxh2Z9z!VjKjr*sj|*Y}~P2!TR|h
z`_TGh|AUt;w5$v0ZwA8hYAQh<OoH>=-ceG^ZIzw7uCcUO0@cgIVhY117*epSONm?E
ziqPV5Ua{UC_W3caX^|A@xm4lyF+Vr#E5ns8vvE-2Sw2}GE!=@_JBz~Hsrer<5V#{9
z`Ub`nugi>DfGdyy5Dw~j3{Pt)?s;x9is4A(?M;EYG>)XdW@Rjq{a?o#`h4#$Aqi)U
ztc*RR)ebhlmPG7Ibn!o2>aAbJrqVIUGNTJyx{r^ae4cqm#A8sh%^X!9*=HZjOJo=%
z(mFa|A@c{&AI1Gx<QQL88b|p6VZqZ9N(0C`wqQ(gRS_E)93N@n^7hy?_-o_m@MPi8
zO@x1BbuG1RnCaT&Wfz=uUJ^X{f_^fko-)h1Xl)0A-%EYlTAr{rzM2OjsV6VjUmv6-
z1a*keYp=y%%tCTk-^4?9Ta^`U8BNl{*8<R^E0Ad<Q%!{nN6~6)<)!dE8{oD=vwyA0
zm;#nY0MSdgTXWd3>GWgp0kB5(pPKuPia;A21*WK}@T4Yg(wF`)*Ro3UspOz+a|$#<
z!2%gLe?OmRhHDZ2>U<Cn<D;Cq^FLD|1e6#rIqgq{N%x1^DlEh5QS+zlowPRxd9P{3
zy25O&bS&+3i~^?cte>5B9$Qsye^fLJ6Z>IgR9yHBDJHXvtEU4qzD>rZT3~G0>-?%H
z9Sp$qIp`6E7nV{%iY{?gEBZ<<TgTlB<8?SQm@kF>E{5j#DRupMzr5IQ(o%AF{EUFI
zZv#)C=%2{E3O+x@y5S#DsqSNuKRey%28--?YTiB*ee3=*Oy5o9y8E<jR$$&n7OIS(
zu`e!AignO|$6BY?a4Cej0bf)~ETULb_|da1@_%}d-mQG(ZWN*-Y2t+hE92ccaHN~<
zd<qI?>v<~?(>+$-ec=;oaamVCx!Y7Zg8y5?MNB>@q<=|@6T_@bY3jhJn|K2|NddAB
z17F>DB}<UvB3Eg)9?A!c&|;)ogE?@sHWkeA{J_0jJ+yHiKW${`?-<E|tSxxJ97|+u
zeAfR_zg2u=lN{SmF{r44#F&CPd$qY-WDzb_&Szp3E-;o!#PU=3PmTA-T5~qz5sD-6
zTtfz;s(jDiy_yOA?wcx_17kysOxVk~DHZXl1KXZ-p+YrgAAya8$9ozY{&T#5Z8%~e
z)i&7n4K}&`nFV`q^@36qTJ`k9B2h>}ekn9-JKhBh1~3|+RQMQTXAk-wW4*^tK*X$r
zZXGxl(Xu_yWV3nuK2XbGI>k1?bd^^wBF!#<(aliy>qUox&jSyrMuB#^?;Tqc^IjlA
z%@(<*2_ZSR3?<nP#mI!Id1CKL&Oxlx#~gz$w1D7t<?-WntzCWI3vzbGZR|23ZTYcv
zbRN@{7kYh6`YF8x$$8U7@9b-wLcBPu2sSg)A3}vb%|`Ti{V)Ta0x*D9SD@4;;2$6e
zAun`?E3cCL*BYzZB+NZ;@M41gK+PHSIYwM`@7H^L>iV{Hn(|grFC-<!nBTWXh7s66
zUMgEckxKmuaCYxOe&tXmmD6KGwMG441CRv$vP~4cXyB;vdJO4rr6ciC%l1P;of~TN
z9VDFnYG%zm@u#NVTx$GRH*2|<ykHMbS#OSA??L+CWe_Z=42AQLRy+tsa6V&&gia#i
zxD_tkwW3H;cZj_MfF}2!`*##MqD#J$n6e9RZ<kRVeYW@c@RWETNnh-tnI8o>G6lYY
zdU~?zJou|`S$Gr02u2GG<!Oo(D4lGz(&@jfih5-u+kD~n=DZbXh&}7*Ml80saCIZ-
zhnQw-_Kpq%7>%^wfV>7rGzSKhB`ksQaO?pd?J@_^+Y$KmK}zzm1Fiud>l`j~<Ka$A
z9+OUq%0%TP`}91!?G)wpU%J_&61p?0*10>mjvDGxW;EU}vakEz_Ngyy<LRBdZ6>g-
zt^8RjST=@d&VP0|$|uBMX;r*r-5=aJIJXBgv7S7@H4X}YhUMh`p|{0c3#^N?Ga*!V
zw~)%sX|PjM4Jvk{rAwUt@WhNHc&|0cs}OzutbIHmvpQPMzG>wFl_*EP*hVDt+_1Y`
z)QH~yTX!F!mB?M%B31!*4I(bI^@nCAVXE+cp~(h*MB)!BHl8(J`k6{U2eXIOJ$d6Q
z{)=VAp-Zhe<lQ@l9329pcPGG~6q@~_54aJKoR!-T<77n5^P)UT{W(rVm9gTS!CAbT
zl^9uJ$P8{T{!t$l#uUYAhH?}ls$>$}E3VE%5f-11zRXaU1*mivM5;E);8OT8$Qj=3
z%jBT1y>hvspR*e;i%%g+I|kDh+!OYIKd|y*zQSw1c`HfC)@p^G!!>!~fJg6tCoFEo
z5Bs(DxSLk2Xz2SjkHWENDy<fMyrI^`=(*5_XX3c`_LmjJZh}K8)I&;_;&qY`;9soP
zP6NAkLL}w!h=mTVY0-Po+&*hX_JxZ;_gxka5Z!I}h{in0pANT$Psn^LaBe?BvgA`4
z4aH`Wiy7V?m{Yi~;s}p8wQ4%+42|d@2V0*CNypER&&QWH2lovFlsVUX{(tTB_M;XY
zE~vx}7qYXS)=hLHuEiM-;<-m-hWHd4h^8bFm8&zHtBlBbZQ}S|*%^EUI{gYlVVHp-
zu|LutE<J{8S0%5`GqEHpP94T44dm*k;@!w7N^aj(@33OJAw3{xdMWx_+T&h?XedZC
z=7(5*rXUOr8b}<g4f-fVwHgYD!%(8ldOqQa*iWV~Ol({=)NX{$4ecJw9MFdM)voMI
z0fT=So*|YGb5TOx=uocdExJrRMRk4ik2>_}KCiGhuB!&C;xTASuUlt-ZcTXoWE(-h
zj<YPj!>F~qKbBAQ{2s3M-Ob<<*3V4;?TMade+OI?`1l8>@t-!;Dw)F!DvfOWZXM~<
zrA5*h>~u<2rFLCkd|+Q(b+VlSSn72O9kXg^_OVC*fyotofY2J%kgCJ)I5x~+zQ?=W
z+RL{gn%;#&kDDT}BevmxK2l%})a5WkNJn11`6fbZkkkW7!n@iSEP&Qnn{-Xi31+s3
zGmV18pa74w5ro3sNYoY-W8D(^m4m}dvfWv+kAPIHP*Eb5-BkN{i~+As300A&a8vZt
zWH4hK5Y;R2NEp@sRkSv7GMHiAFxQq}^P74}Rx?wtrL@@ev)#tqN~v$?E!DG+GL$7~
zX`{nX=pToAJ|G-vUIvgyZ2dVEkIKpVA;mXXLifTK1c{#U&!AY{%m~5{2e{dCADa)-
zQ%idF2?=f`3?9hjzYvT%J}E8-swbIDUN;$*)m^#4lhyT^hwnz2&%}FbDs*XroT;g7
zgfU726s7Glac?HnOhs5>EGb?%-KjX>(Sm*jsJU@=kQ-ooi9aw`hDcbl-wYWK9%svD
z5wz0LEs0s%6;>WP7Xm;XlsWlC&l$Jxt#t?0wVbA^Xkj;Y`mohl)};ow*AoZCVva-=
z;Z}t3b-ixNm920qJ0R>N++By(MP}jjSIIv37%J@=ZhfaE7h<7Mo4&)0RESY0-?|Me
z5<WMq(3SEvD@DA7hCg-P%%&bq4?hfDx>Xl%QXk#jDgNuGR`s)@If69gDOdQkwP>Fl
zPqE5C1kH=96t%V2VdLf?G#uV%9!1-*1UWUT?`Yw~`tFgq1)3*3G@y_-<PXQEE*9)2
zvR&Ik@l5K?xp8c?Xp^@46n>yD?t3zb8jVE@2{2W<_E+QJ*FJAw?y<XgAn%)NJa&=L
z76WoAd+V=dSlH+WNxIWkKE=jhu>zwQR-5$!d;WqcU+b;i3$i0FzR*jsd}3pu$eiAJ
z0EIZ19EE9aEKiq~MpzCi88261ES79>G!f4DB6q7c@iK>>_POXE)<IXLaj76RU+a5O
zBy`?wdHpo+a|2@F-fQpOxD?JU1TKVpBp!(-i_xb+JvCXv?YEBi`Uiv84#|YgF`{j?
zZU^20m*sFwcN~*pQZt%^QS^?F+9#kl6YNL16Nj4!^z-*wTB<nqPVx21PTfjk6%+H^
z!@{SlJ7UKAF9}URFUDhCK6h>zVWmQSq386F!>DBa4F6;Y=clk2*d`E4s(cQ4)OJ^V
z(lj)QVuS3D2p+q3^~9GOI=aW`_#1Umw#<Z&;sIzE`J)ZIoliJ@e||19)}DnxB_}9@
zU{s!w#{^ER)S2j-${0y1YyQ4a5=wgcD)ssme-r6PQH{_HgaN&JbwSJ&dj*>L@D6~_
zgy46OpIk#N!Co%m!r%{2a<da7O)o7{?Pa$l+)Ly5tn;gVPpSrH*e;h^KW8+doo@eM
zInsOARVU`aIJQN!22(;A7_#*C-mh&9G*dMMb%QFSk>=<t;|^?_BS8Pz_t7}n1_+?q
zD4_DqIa;nT&Y;&#0R3JY$EO#7ZMwe~%`g=Y>XbT}_08nY7z6HW(utY0*fsV;i=oj=
z>$EmZw<s%j_UD71*y7n^c}XsYN{ml=I{nW=<Axm|;M?^ZLb=SLcM+8aC*2e%a5M<*
za6+Yr)w_90_b_eeaI|T4gV0>t#ryTz<(pcgnV2e9;B4PUY#mKHFVn%jcr8ZuloScu
z1zPcsS>>w!j_c+><WEEAZ@y+fpFta#CYO4JCUeeEJQg(nezhNO;qaN_jQ9sm#+e2E
zk8Dk#>s%q9_!C>&{J%C#(2mnXYn_vMJ#E)t{c0l%5UMj!`l+dc%=Pb0Oi|k%JJWY|
z1pb_pR40)pDu7UaZV7II<yt5vQ_p{MOiux-?%XK<@>4$KGXx_y)nVwzLmoo`b$)vJ
zD-G?aU!Mba8k(^TmE%FE(MB^zca9omj}|jswWUcoj3y@#Ft#Iq;<>oFkPr|Bpa0DT
zg}&!BUxl93SfEk(gWtzmxD0v@nmg|?H=fqzh{cp-(vHxzo;!eh@E}8y!aKc&LnX_i
zCtES0+GUuLurGI(DHp&EnB}B;+*?W3>6Z>VY|sh4&-72TK6$DYMaW{&Ba7>zx;T(7
zpSi|vU;A<(o{6nluiEWnZ4Q(6()(%9jhY|#@<^aE=0Q=a_7Ma^>tFiY2fe~vfGc`~
zmtUmhi9qZJwJMJ`5AD4yEFfXr%E!QPfOdCR52RX3K)3S2BFED9SS&+SMigjcz<|pf
zG}4<UAqZFFZvHW0ASbp9&Y{2!Z~3xQo766|6Qo&?8!aeD841-)#WPKk*fziE%Hxu>
z!aJ&^Ug{v6cex(b`<t5Hg$#xc*lO)8@6Y+gh0IyigDo1+ocj8%Z&qR`Opnr^#Rmia
zFlZbZ<PNK5GQU51=;4I92~Wj|dss34iYGFMxELim51`i#P8!w|u7X#|pE^>2%~#`7
z13G#}$3qy$;!Ucsjthq6azV8ot2$*wT8jA_fw+&(p|vuDHy$0H>h0F-e(n%%J~TX^
zYI(+Bwm8<sUj76f%+j4}OET+V$Ke*5E&5vv#`MNmKn$(&>P2Le8oNcd!Wmp=2vo~<
z2f(pQ#_~(LIszLpxUcg-EBE2`w0p5Qnmw2JQ{~$R6$R`<q-KL~9aHkw<GgJhA~HN|
z*#`t_+@gBat=0~dR}r@Fjk{0y*c!61#_@5JE!(Kl8j{^|o&^!FVrk(h^y#05YV$DW
zqEBmCEs5`V%TXdp+j&)(jQL=M$YGP^ytvGLoWUJJ-hD{|W=Eo4#m3a+Z{w+3Nw{wp
zt3=h@^Sw%iOrCo`rGRd>W<N4b7e;;2GcwD3)Xz!_UHb}93|n*~;uTD4;FTb~e&~j|
z%riSJBX3zNKyXT5)?X#5n>@pCp^*i8Sbr+~0lRM;l6kat+-blqS5;m{9b9Gvxid^=
z!`}BjeohX-XynJLLb~>9<^6GBw$pW=20mQzhYjSuj(UF%{AQ=zexCG3(|d38{Ib^E
z^ZOxcKIT2~r1)(1g5(>m*ViOzF>i4t367fi3f!u;nm&Pe#!yl*JPYhylU@LJ9cP50
zzH;Jm2c|Or`uY}Y!|UewyDvG=o|4@R*ojbjCvy94B!UxMH`wsihtIYb4&aUNXt3?{
zTiM5F5W)8jKv9Si`MTduM(?LEaW*_Kc_W}bb*AyblQL#BcJ&uE+cK$TnCtUZffLVL
z9!}_xFX1o_a*fg4k5q_ZtHSk#B7E8Q#g6lLJ{;mWBe%g*X`0w;0_4Tg^?T~5_hy=?
zv_3ClbM4e%a9pp1<tj}#Qfw(#8rfwjKK0IdhTQOhO_VD~nk<LxN8L5hom8h?H1vdn
zrwrP)usCUm&RJfUbZmj^hW+xgHKXUHyjNq!V&mxiB^)lp)v+0n#U(NOUgRY$K-1M4
z$d8#jhpRr%kSnPR3bwBn_>)kxHe#|i(>I0)t8C{H{4M;t>u8%^!LgdjwLc#AQtO{y
zlF@406)qM8x4)OZz}DxA6+@YR=ekVJf^?dSRE`z11FLflvAL2GXZ{u4fiGSx>p1V&
z*}!Ktt|>3|b3EL@s<mTu&e{lozNR6mX5;XQD}?W7TQ$;bj~7A=nLH~XO<!PM_p$gg
z4;F5_(gA^Sw3|JoB)7IPb_=f!y1XC^>b7r3T89Bqrx7Yu2}k?Y=$ISmY)7wv&g|l}
zpNiVUi0T`+s(m6v=47B)U!ZH(lYG$ou61Ag1f+Xr6o@Hjqjor*AzjnCs@~xG$Jd+K
z<UBVR<9)hqdGw+|lWsYynj!HYX*wlfK%z_p9R~o60b3O}6mANrx^H=OSEgrvEN^Y0
zcbG~^x_jKMJHS2dhoOOYCi~DWb7@wOAl&GB@kJ?~m&~Rtp3bikbJtijd%FKEfH-gw
z1zq<*JVbcVltTo3gYj+M&uTOPSc*y0mIUc+CBbhe<t!R7e^x#`)V=#_7})ovGu~0}
zbBH$RQK6ff>=nQcewf2@6Vy3_YT@svwqQdod`od=LyZ)Y7$8#p#Vy^>QB2o_0({u7
zYF!Ro|CJ`5-MrWynG`W6x)q155|4iDYt`3H#Juz+c0MWuVx;y2+&HIch+_&N*OY%E
z%K*e)WS_?jH^|S!8ENB#NnEt5``l|kf$#Q{3M~#sADFy#v>hO{+QADjbwL5n|7nku
zX@WIeWB2xcJpCjmeK*X$uxavA$@L0#;#Q=wMegC_^l*(i(?h6C+gH)h32h*%7*{9(
zbNC4s<%kc;CK;I$$Y9>bw$DM-YOTXl4nfW2JDjSm21)N{H%qtGNy91q@(W_Bg8dvr
zW>%Hw6IG<&K*p0N31}z(gu1P~5qnP>ZOcjHH64-{m(j>64%g8tz}w#$#H!Urri)|?
zzqwu8RE-1un8mQdf128TKU0HR^x9Q0!SNeOTV3M-N)$iC0z_jj_*gEIA1zDTQqtd^
z#YwapLYJnCH)U(Lw{Fpxgm*?FxsCBO$|6>ikxOnsgC-gEIYe#b?bP>lotcFsw>)N7
zUhV)1UhQXj_OccEpC347QCVCR)_;POI1Qnb`EkssDyzId`r-V*)I!fae2U2_#D`Ej
zmNMt3A$4bP0Rb*Av7%Ik!oB|rzIlIZbwPJzx_bmb7W9lU5$hp*DjfAgUm#YSdAr|z
z@6Yj;wK%UtdqDEoF^<qmsPYAenY4SlV@KWgQAH!kd3KcKbfe_y*;0RPzdmhDD$Ny7
zU~d#a#xd;^ODf#9UZ$5=$9_Z?)ax%%RXa7@MS}$8mWYzUm^Lh&yLP+4YR5h*+2r9W
z6uz?cK?rfsI6iLCgSrj~<}$bW??fC|4o5XomQR6@<74YB@rk~nSi)kI#Rg}<4z7l?
z*NO)KXlbZJN4lPGgK9en$_}vJOU&s>LdR!iAwUD$Y@?gLx7<lvSW4g}7Iza@HPPOe
zI!PI(f$T5MT*_tYuVV6T=VA~H;Uy_?2UA0>aeBcS_FK^cZTM=4@QGn@(gJ>pUm~v)
zDhsqqgVoq!u|u=qE6#sHb}LEih>2O<#S#KBj6Xa;8FU3ADy^z5eHLC67q<I6{*0KW
zPa4#OK3^e<9!L(MOZc-{IPGSl;L}|8L%vk#$UDzK6>iz3H2vW1iH13ZDdmEpfetK9
z!dVSB!KR@6f#3OQ>P+hR6W*eUhHu4x%+=d>=lXmgQgw~H28a7p#ivm1Yttly30h19
zeSvu!o~YHr)9<J?upPpvs#rCN8Xg&l<1pDW7a3#WDW1Kkl^V>qvX_k!yY)UM@DNnV
zn>oV_1ZXWPH`mWp^>GO@boAQIb*;jqB$JFhLxTF3mj2pxcvXTp@J|_rb+o>G=FJ;q
zV!@`qJ(+eS(tT0Yl%K9I0KQlwEiLgP-vpGegka=)L_&+~(~NbKg*IyXWI0oK|F&?Q
z2yDl*Q+u66fU9O3Y1+VM(pUtutzZ{XEX3%(_L5*E#i?(jub9M@<CUr4-x*<SPFgNf
zh}6DbVStN`IKzuTQ&E!*fJy?(cvb81#wLOkX&Mc}QpPoyZ96gY?k)W<Ug@m(qKfvY
z(&rD!RBoxxP(=Ov(qnRQcPa-A5~9iyMk71czLM{e>{Ft~wb&}TZp%co9<T7GkzhAR
ziPdBDx3YFkgPqT)DvCIXsMl-(T!DU0Jx$QM<?(;83|mezQ-<wDAv7g&pa!5$0q8z!
z<f{Cs{#UA&T?Y)4DOQf&lP#lUcbM3(O>n~pQV!mVYFcO5l+D(N)U7+*qqj#6%BWFz
z&=OLdXC*V5v}c?q6j~ab#{sud_dR2inq_a{>tnu=V?t;6a_gf>&v(T>?zv=F2NECd
z3%n!$7roE^4r$Hv?yJxuQck7g_0c@OVva%}4QTOZkDt=WA|XLG<`fot#31ZvPgDI>
zld-fEZ~=vV=$&j&Gj6`?C=^?m)V}u;B-Q(}Rik)oEHwS8R5c=R>JWDM0coe?`HnIF
zoz*W~o!FNv7WzCii_L{53M;p(VJF?9+<n|yzK*0_1$~e}BW$1huKy@F414JT_9h}2
zX*>P_w~)&f|7fI|QVMpJ#`C(umN5+uea)OF#WrxLv{?P`I5yC=k(%x-gbuBsXB8(o
zqN>~k0WrC#OV!G}f5oc+mE$Jk|JL-rktpbCwLB+4Q#%QA(oHOVy931k-dGgy+=5IS
zS>@m{+q#n^WNokr(F-~gt{(8}0~i6FG3!QHLGf^3mMm63T~U6<;*O7^<<@>{!r*^g
z<g+?a|15Jo_OdSbXt6jm=;^GswsOV#WX#`bb4J}HCN7w7Tcz#jWc>aoV<uRe*(u_1
z*Tj`sgH1)eEThV5Hvn4A8hsm*kh(Qq9Km98nODW-C_HkpXgKEEe_dXFuCQ!U^F@=W
z3ZQ<m5~~EirNBFv+k~7=b<>I?4qquvT}&ASg7d@6_vHgy=p%JM=OEF$M$mTnF}II-
zyOIAOsoG@D3&F}^ZdhC+99%gssH;O7TFJJ7<7G(2)VohkYG40Ygat3m&VO_TOlN^$
zy5lBOVgXR4B#&2`s4o2;8M)yT5r<nWrTc})0k;}?DOR{l*NU;E9b!+^E7-n1Hut>&
zx8~NP5E*g)?|6b7%rG(DJ@t~>C#%K=`6gz6k_38F5*TpFX9$a?@^q|(H5J{+zZ)bY
zK&?h;7K_$pUEE)3@tSu?N5~+J^NNZ%3-<KE`{Wb^aYG5bUH=;<S)n%Dp5DSS_SJ*y
zuuE<mw#Nb4q^*3c;SG8Ljor$IxsnGZ2X59d=bt5{J>aG<R$T`>a-IegI<qAHE8=Q!
zC$i6Csxo|<)!+s2$AQqu3cAJhz%7-8X$_fEDSIEwPKLdDVb8jRWv25`iRaIlS7~MZ
z++j(3%{0hraNcsLgUoVd0Wpd!5(H8d^zLTV40rzX-v>{)t7?}YmNDY*x01DqE$U-g
zW@nAe=Y;O{ecJ_;)l}y&mI_S{&g1tu{SA0&t!ULFyxMXW#ebbt^?RLz0vn>4{dn}a
zT2;LNttPUjbbeMRswRB;h<(csLtbzO99$9~{?#+2r#{fna^JGk`I4j;Mxty1p=N8N
zgQbu!|9|R-<&Tmc|64!&wVxrdpkCob&|1@mr_?U$w;09P@|x;Y-HbxryttYO&UE{d
z9{w5&huX81&&Mp=5q#}fzQ(6%U?pPuR8n?{p)LD*Ks5@*fcw6Kh^dxpLG|m?T$8GW
zGf%Kz>|oU3Qdm>-wq{AfowBl)4oF$3*gWzw*xb%lWa`P{-r4O~$8mVRUg+=O1l8}-
z{TURgi&?_KV?d9n{y-Rhc9U-3ZJ`V{434ugncBsut-+~G*pe~py#-`uHCd8}t3k@j
z%}d>|ARP`AyMzqSU@u#vL6eeSm83jPq~K}HKVYJb;~T+tOc;06se`IUjo{AEcICU!
z1fnS|W04X~uPe;t_A_-?kPO*lu$LI&p08dML|FG;EDtDEF`wOVZZpA<SHE=##L*3|
zA8SiqJ_!P}&820J7zPggonDy5`<=q|!`8ME57UZXow9vF$jI7n)-Rd5Psisu&wrUP
zl@c4B%v8lUu)n6$DV_ard+Oz!sNb->euJ>Hq2)=Ne)uLk16(@O{@uQmM@-l_Ck8Ct
z0~8yMWyRH`T7<|Leuu;KgwasRUd|G^=4j=}{4j&=u&W*1W4jMIE_hOFe*qPXcYI!p
zXg@40F#vvHo67u<sGq2Fm4S94Db}Mtqb8!J+mT>s;JI-TahU8VwcqS<cZ6(Lnd-y^
z6mVlMTy(+reJZ^@bbjX6Z9K*i7Jo3jU-33k4G^W_OZuDrjX4TdP{qygh>Jdknjf*A
zQ23tsMnFi=*^F)lrmOipR;C(KAF4ipvtYKIZ-yr*9lBS`_H$z3#G$k~f-eG{p&MDo
zc0Df?Hf<i%1}^WK{}O`<R}zOkxT7roB^d+y{{&eJru4c_J!X;?-%dhDEc$q4;qAEO
zoDOGgWyi5-pW~Kc>iC2lzf{Wo3v@cHl5<!vP}*ATMg@fyp;5DYe;fnq@CY-9tJ}Lq
zI62>@jdt=)m#?zcEQ5kt?$x|5s5PdGqsCs+^&xY2K(v$Hr{l;*c0UKaR#x?H2W*VH
zuOMrz7QPc@kq7r@P2vu%A!XrtYCK+K9tn0qm)HJI3Rds^Gy<Em;&Ae6PZXfTGEc1}
z_tcjH)V*rej;q7>hmcq&WF8461$j-&GQwJGx&}l#q{+dcTBGUyT;IvFHwnA;JX<B`
z*Ct@BavaA`VmvpTH8(C|8xJA8VC4amE!3&urVA4ooyl;&ue!z0V8}vNWDE6O>cw&Z
z_k|R&L8IWh#N(zEgBXLpzJFrb70EqY@S<?>7j^=}%y6aOYDZ|0>=C8kPs-4b&@K=+
z7K~k6Ne81u>S8h<6hgLVcfoI2M+$+kmsYIk;8>4egl>1GnPBY+!qvD{G|fgaZvyCc
zND)sF@eHFzWL*?1oJSqyxi)9x2Ap)gBvC6#(%a*qu<aFjzuLAA;1O1Iw#~<;+b+Ry
zJY$Ib&WEt_+e@M@1yQf@I1kb^(ml`sdgJ7}F5_j+ZdJ8HGDkH(a75N7EO(eRQ7EGg
zTvjfZqyap~&of%5y-*A2ctWVH@-sd#s7R8O*t-jeK#JG2d3G`ukX@68krOH7NH^Az
zQRh(eJT7%35naP}Q^|`vU|R1zDtQS$mX9@*B%9)64<p%nxbuNOmPS6l9ug91Qw@j@
ze_c6=c<1Zt$Igf0>ncTZBae7r^~U)K*Ht5G;B}N08!S2F+y?)q7sxN;pnp1#dr!m`
z*MD|dc_h_m*&TH1wMx=meeT%-O@-`^s6uu|RY~+H?LD5Iygc1r(q~}@Hyk0GSQuLK
zboGb#=!&Ok9Y=GZEOJdYg8#n_BbOIRq&e&`Ja4&JlK1Z~FZ7I%?-<mNAort~Aa;0C
zOePh1`{SGcff`TH&Pk0VPX(a`#|rQ`ThK@9tXVoUx~?{gjl!nj!=XMV7${b(SZh+!
zTSgjKeKSJ%E1WxtRKi8IL?h|~Dkvp^7X3SlZ3+GEP>Ltq*F$APJf^j`Wx`ecJc@&z
z4ARw4N#j6WZsnu982au7G;i0|=WXBBK$lE}A>_sxvt}Ys%{ZF8!<P?V7iL=L=IAn4
zf5x<q@nyapaOD7k(-Tl8pKKEZTpb5cy=&sgB$_$0_Z|onj+?{32jGSYxYttBRwB*~
zi50hTTK48|^cY95n;lYm5pSoRw(G)wp^Wur_-B8@hhDR6=BcCY%F+zKI4oP%Rs&D0
z;rr+I+fA~0#cbAm8>>pOjPbjGsTr0Gb-f2i?Ue%p6X*FEldL<Ju+1^({<fKW5_>G5
z4*BQ5j;7P;QA>FyzVM6FyXQxs)RJ?E!*D*bi#iVD$R*pDKBy3~qAjqkX6H<oOw4XK
zb2i`bB4-L3cU|8-n?3((_Uy>&uD1ATMuna&%nqDow5kd=<MPNXCDS(4T6sbGf3|uj
z_KqX3bL`=_g6rx}-QVAETl{lfY!ofp-NVnCi{+-Es`ZB>f~A*Qq1t9iSb}W#(+=1n
z6o5UK#inc{kxj|pwG{7YwR%Bjuub~O{>YK5+6g>Z9KGe#Z4vX)aWUV}<)Ga+@RxX-
z_~zYnTC7*}xm#Y@ij}k>M6Q`Qdw2QM7uUT%gmvn$<)#O=+~i3?{Ev-ZwajL@9ZQ{f
zUPJFvFD#Z^0HiW(DUUzp+H5bSUA##q#T`>d?91d*@PE|Z)g?adNdfaKXn|_jFyxF1
z&t+TEt*zBXHlo!<5bXB{sTg<xUyxN*t@Vr3(<QImZZ#*>M(}ET3LB5lH<eWSG-r3L
zIMsYPr7BzTie*OeI;Cqq1@Z)9<COXD>Jy`X{{&AipUJB`eJ<aHcJO<fS#p6SS1+$`
z!ts?bvp8ujY~{%O8P;;K0B{@Lgg6r>^0nlmvhnWRXq9?1FL|W_H;ZYH3{go>Pv>yl
znQOa7ksG{oDabi3S#eG^`}osoW=&7c6s1pS`#c|h;6shHCvyAg=Q+ZyN^hCKd1%qP
z+RSH}EKe83=0ldB!s$0vY=J=F)8+!{^$;`EEqSHbT83%}_>xGQ0<m!1dA>TVwjIzl
zI+)9{m15QQg}~>nNT7!wUusFtNx!gp!Njs!!9Y0{&Ns3ynX~FXC}zXm8lvqHDhsY<
z!L#vL%*i`=58`o<xHVN3&&=gt4;S0A^7=v+g}e`ya1T)rDEIEzE2W0p1u6#^R`|#t
zE!}Od<~gf)=AXg=sb{SZ9KyWX6o_fF(ab{PG%p1e7pZav$GYWDMVG-eh$IVAiU}S%
zP0s3?yfv@)>Zfa|U=E<El)>Zk3SzZz;a3p(W|54dUpY=fl|;JKCxq(EnlNwx_aJTH
z(jfmApqQgA8Uou5#QX2Geik)yCfgNLVK8GxMa{~)@I>|y;8^(+Q+9Jw^C=Y-&+3GE
zMa7cURe{3>pC#o&SM_v9f<Esk2UZ06^<e86#-6^OuYlARC+?WC^gBdWJXI^Y{A1iS
zykca<mn)+LL|=4VzUS4-Ciq*1uV^)yfcJtf$re(LT5@r;Q5fVeWi>|stXZa5b;TCr
zm&mnym1I<yOJZ3c8BJXxY|jPu1ua9FV!4s$Xwf;C+t(%*rAKfx+v-TDysPC4Vc$O+
zojj`w`>Sgrm)R{-Q`h{@Cl)f%-(mx4zu)COwnbtdZCmI41(}4_QO~8&2{8eo&!+~u
z2Wn{4;QDN_Fjw~-E4DSrE*k&x4V*o5n%&-0m1~m8a!o5f=LN6AZWkUqe^9otqK2z8
zB6LMX*1}l>XBx~U75G-LMbx~|u&W|h7A-(3$(S;$v)Gb*CB-tvrMDMvUy!prw{TG#
z%@&&i`KD(rP5%TG#uKvP`G1F-^Qc8lexuQha+ztP6lH8(=~H>f)E#H{r}t9ba<QBm
zZcK3}>r*fYo&FB}f+G}MD7nThVa-%8?DF~<Qy;qaERsv6#bgpmkYg+-yz(hLt%Oa@
zm-@8T=_%KG!}RGF-~Qq2N5L1}wK#&_=r!|)w)Ao*VYd`?Nh($p+5vGp>v<(zQ%2?1
zM%xyC=HcmvCP4qBT~@$;a7fYhx&V=!78r7`D+<U<*Z{e}NrW?WK@07_bK-#k6<sDN
zlsEWZo$yAN=9oe6gINyR?&tNUB3zJ?3cd*4lNgd!(2Uuw^uU_YLso*ILJFfOfDW6)
zsmZzfCKLjgp!VAAB@067Un;yr@6nuBnv^tWgnd{SJmb|LAxGeZ{EYXVIa&%nS5$3J
zX|d*l{p@d1Q8?zR6&2)X`(|WK?NyrMsrW;eoTuUseU3a8e|ReXFnoTI#UB7FdnbJC
z9w>IRk?~S6``6s=;<2E;jq-ZImrRd4kl(akcH_<QUr^B${6iHDi)qn8Tqc>0CvTdU
zTLw(T>9PvDOC3ZvX3#QgPWX8Mv(0xapP+2K;6=q0%OOSrY*Oa`TcG*j7SX1<`vqG2
zH4~=@q_M7p-~3XK+y*t_aCRL`8f5w*fejx&M&Prj=hHk8*D%dgetPxt?Ba))voe41
zKAt^$_U!8~zl8rjd-kmV-)CPu|N67%Uw-q|S6@DV_QjW9eD>`5=U;sD^=IVSgO9}X
zY>W!`*|UTD>J#@Xd46X@&(5zd$ZJ-V<a|X{b##Qk{(#`3!Jr(C-(=<+biKFhQ#-j0
z+iF^$9Ua}&Kj$*rlrDw>$}TWbDOx~yg1t}vlFN+Tv$^IK``dpw8wZBuC@QiQYE=I@
e`_$ZgdY+!A=jr+NJpVrc0RR7oXCs>c6a@gWFG#Nd

literal 0
HcmV?d00001

diff --git a/charts/fleet-crd/104.1.5+up0.10.9/Chart.yaml b/charts/fleet-crd/104.1.5+up0.10.9/Chart.yaml
new file mode 100644
index 0000000000..93b9e9e9ed
--- /dev/null
+++ b/charts/fleet-crd/104.1.5+up0.10.9/Chart.yaml
@@ -0,0 +1,13 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cattle-fleet-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/release-name: fleet-crd
+apiVersion: v2
+appVersion: 0.10.9
+description: Fleet Manager CustomResourceDefinitions
+icon: https://charts.rancher.io/assets/logos/fleet.svg
+name: fleet-crd
+version: 104.1.5+up0.10.9
diff --git a/charts/fleet-crd/104.1.5+up0.10.9/README.md b/charts/fleet-crd/104.1.5+up0.10.9/README.md
new file mode 100644
index 0000000000..2452ab2f1f
--- /dev/null
+++ b/charts/fleet-crd/104.1.5+up0.10.9/README.md
@@ -0,0 +1,5 @@
+# Fleet CRD Helm Chart
+
+Fleet Manager CustomResourceDefinitions Helm chart is a requirement for the Fleet Helm Chart.
+
+The Fleet documentation is centralized in the [doc website](https://fleet.rancher.io/).
\ No newline at end of file
diff --git a/charts/fleet-crd/104.1.5+up0.10.9/templates/crds.yaml b/charts/fleet-crd/104.1.5+up0.10.9/templates/crds.yaml
new file mode 100644
index 0000000000..4ee4cd986b
--- /dev/null
+++ b/charts/fleet-crd/104.1.5+up0.10.9/templates/crds.yaml
@@ -0,0 +1,7076 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: bundledeployments.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: BundleDeployment
+    listKind: BundleDeploymentList
+    plural: bundledeployments
+    singular: bundledeployment
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.display.deployed
+          name: Deployed
+          type: string
+        - jsonPath: .status.display.monitored
+          name: Monitored
+          type: string
+        - jsonPath: .status.conditions[?(@.type=="Ready")].message
+          name: Status
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: 'BundleDeployment is used internally by Fleet and should not
+            be used directly.
+
+            When a Bundle is deployed to a cluster an instance of a Bundle is called
+            a
+
+            BundleDeployment. A BundleDeployment represents the state of that Bundle
+            on
+
+            a specific cluster with its cluster-specific customizations. The Fleet
+            agent
+
+            is only aware of BundleDeployment resources that are created for the cluster
+
+            the agent is managing.'
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                correctDrift:
+                  description: CorrectDrift specifies how drift correction should
+                    work.
+                  properties:
+                    enabled:
+                      description: Enabled correct drift if true.
+                      type: boolean
+                    force:
+                      description: Force helm rollback with --force option will be
+                        used if true. This will try to recreate all resources in the
+                        release.
+                      type: boolean
+                    keepFailHistory:
+                      description: KeepFailHistory keeps track of failed rollbacks
+                        in the helm history.
+                      type: boolean
+                  type: object
+                dependsOn:
+                  description: DependsOn refers to the bundles which must be ready
+                    before this bundle can be deployed.
+                  items:
+                    properties:
+                      name:
+                        description: Name of the bundle.
+                        nullable: true
+                        type: string
+                      selector:
+                        description: Selector matching bundle's labels.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: 'A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+
+                                relates the key and values.'
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  type: string
+                                operator:
+                                  description: 'operator represents a key''s relationship
+                                    to a set of values.
+
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.'
+                                  type: string
+                                values:
+                                  description: 'values is an array of string values.
+                                    If the operator is In or NotIn,
+
+                                    the values array must be non-empty. If the operator
+                                    is Exists or DoesNotExist,
+
+                                    the values array must be empty. This array is
+                                    replaced during a strategic
+
+                                    merge patch.'
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              required:
+                                - key
+                                - operator
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          matchLabels:
+                            additionalProperties:
+                              type: string
+                            description: 'matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels
+
+                              map is equivalent to an element of matchExpressions,
+                              whose key field is "key", the
+
+                              operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.'
+                            type: object
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
+                  nullable: true
+                  type: array
+                deploymentID:
+                  description: DeploymentID is the ID of the currently applied deployment.
+                  nullable: true
+                  type: string
+                ociContents:
+                  description: OCIContents is true when this deployment's contents
+                    is stored in an oci registry
+                  type: boolean
+                options:
+                  description: Options are the deployment options, that are currently
+                    applied.
+                  properties:
+                    correctDrift:
+                      description: CorrectDrift specifies how drift correction should
+                        work.
+                      properties:
+                        enabled:
+                          description: Enabled correct drift if true.
+                          type: boolean
+                        force:
+                          description: Force helm rollback with --force option will
+                            be used if true. This will try to recreate all resources
+                            in the release.
+                          type: boolean
+                        keepFailHistory:
+                          description: KeepFailHistory keeps track of failed rollbacks
+                            in the helm history.
+                          type: boolean
+                      type: object
+                    defaultNamespace:
+                      description: 'DefaultNamespace is the namespace to use for resources
+                        that do not
+
+                        specify a namespace. This field is not used to enforce or
+                        lock down
+
+                        the deployment to a specific namespace.'
+                      nullable: true
+                      type: string
+                    deleteCRDResources:
+                      description: DeleteCRDResources deletes CRDs. Warning! this
+                        will also delete all your Custom Resources.
+                      type: boolean
+                    deleteNamespace:
+                      description: DeleteNamespace can be used to delete the deployed
+                        namespace when removing the bundle
+                      type: boolean
+                    diff:
+                      description: Diff can be used to ignore the modified state of
+                        objects which are amended at runtime.
+                      nullable: true
+                      properties:
+                        comparePatches:
+                          description: ComparePatches match a resource and remove
+                            fields from the check for modifications.
+                          items:
+                            description: ComparePatch matches a resource and removes
+                              fields from the check for modifications.
+                            properties:
+                              apiVersion:
+                                description: APIVersion is the apiVersion of the resource
+                                  to match.
+                                nullable: true
+                                type: string
+                              jsonPointers:
+                                description: JSONPointers ignore diffs at a certain
+                                  JSON path.
+                                items:
+                                  type: string
+                                nullable: true
+                                type: array
+                              kind:
+                                description: Kind is the kind of the resource to match.
+                                nullable: true
+                                type: string
+                              name:
+                                description: Name is the name of the resource to match.
+                                nullable: true
+                                type: string
+                              namespace:
+                                description: Namespace is the namespace of the resource
+                                  to match.
+                                nullable: true
+                                type: string
+                              operations:
+                                description: Operations remove a JSON path from the
+                                  resource.
+                                items:
+                                  description: Operation of a ComparePatch, usually
+                                    "remove".
+                                  properties:
+                                    op:
+                                      description: Op is usually "remove"
+                                      nullable: true
+                                      type: string
+                                    path:
+                                      description: Path is the JSON path to remove.
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      description: Value is usually empty.
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    forceSyncGeneration:
+                      description: ForceSyncGeneration is used to force a redeployment
+                      format: int64
+                      type: integer
+                    helm:
+                      description: Helm options for the deployment, like the chart
+                        name, repo and values.
+                      nullable: true
+                      properties:
+                        atomic:
+                          description: Atomic sets the --atomic flag when Helm is
+                            performing an upgrade
+                          type: boolean
+                        chart:
+                          description: 'Chart can refer to any go-getter URL or OCI
+                            registry based helm
+
+                            chart URL. The chart will be downloaded.'
+                          nullable: true
+                          type: string
+                        disableDNS:
+                          description: DisableDNS can be used to customize Helm's
+                            EnableDNS option, which Fleet sets to `true` by default.
+                          type: boolean
+                        disableDependencyUpdate:
+                          description: DisableDependencyUpdate allows skipping chart
+                            dependencies update
+                          type: boolean
+                        disablePreProcess:
+                          description: DisablePreProcess disables template processing
+                            in values
+                          type: boolean
+                        force:
+                          description: Force allows to override immutable resources.
+                            This could be dangerous.
+                          type: boolean
+                        maxHistory:
+                          description: MaxHistory limits the maximum number of revisions
+                            saved per release by Helm.
+                          type: integer
+                        releaseName:
+                          description: 'ReleaseName sets a custom release name to
+                            deploy the chart as. If
+
+                            not specified a release name will be generated by combining
+                            the
+
+                            invoking GitRepo.name + GitRepo.path.'
+                          maxLength: 53
+                          nullable: true
+                          pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                          type: string
+                        repo:
+                          description: Repo is the name of the HTTPS helm repo to
+                            download the chart from.
+                          nullable: true
+                          type: string
+                        skipSchemaValidation:
+                          description: SkipSchemaValidation allows skipping schema
+                            validation against the chart values
+                          type: boolean
+                        takeOwnership:
+                          description: TakeOwnership makes helm skip the check for
+                            its own annotations
+                          type: boolean
+                        timeoutSeconds:
+                          description: TimeoutSeconds is the time to wait for Helm
+                            operations.
+                          type: integer
+                        values:
+                          description: 'Values passed to Helm. It is possible to specify
+                            the keys and values
+
+                            as go template strings.'
+                          nullable: true
+                          type: object
+                          x-kubernetes-preserve-unknown-fields: true
+                        valuesFiles:
+                          description: ValuesFiles is a list of files to load values
+                            from.
+                          items:
+                            type: string
+                          nullable: true
+                          type: array
+                        valuesFrom:
+                          description: ValuesFrom loads the values from configmaps
+                            and secrets.
+                          items:
+                            description: 'Define helm values that can come from configmap,
+                              secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439'
+                            properties:
+                              configMapKeyRef:
+                                description: The reference to a config map with release
+                                  values.
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    description: Name of a resource in the same namespace
+                                      as the referent.
+                                    nullable: true
+                                    type: string
+                                  namespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              secretKeyRef:
+                                description: The reference to a secret with release
+                                  values.
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    description: Name of a resource in the same namespace
+                                      as the referent.
+                                    nullable: true
+                                    type: string
+                                  namespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                            type: object
+                          nullable: true
+                          type: array
+                        version:
+                          description: Version of the chart to download
+                          nullable: true
+                          type: string
+                        waitForJobs:
+                          description: 'WaitForJobs if set and timeoutSeconds provided,
+                            will wait until all
+
+                            Jobs have been completed before marking the GitRepo as
+                            ready. It
+
+                            will wait for as long as timeoutSeconds'
+                          type: boolean
+                      type: object
+                    ignore:
+                      description: IgnoreOptions can be used to ignore fields when
+                        monitoring the bundle.
+                      properties:
+                        conditions:
+                          description: Conditions is a list of conditions to be ignored
+                            when monitoring the Bundle.
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    keepResources:
+                      description: KeepResources can be used to keep the deployed
+                        resources when removing the bundle
+                      type: boolean
+                    kustomize:
+                      description: 'Kustomize options for the deployment, like the
+                        dir containing the
+
+                        kustomization.yaml file.'
+                      nullable: true
+                      properties:
+                        dir:
+                          description: 'Dir points to a custom folder for kustomize
+                            resources. This folder must contain
+
+                            a kustomization.yaml file.'
+                          nullable: true
+                          type: string
+                      type: object
+                    namespace:
+                      description: 'TargetNamespace if present will assign all resource
+                        to this
+
+                        namespace and if any cluster scoped resource exists the deployment
+
+                        will fail.'
+                      nullable: true
+                      type: string
+                    namespaceAnnotations:
+                      additionalProperties:
+                        type: string
+                      description: NamespaceAnnotations are annotations that will
+                        be appended to the namespace created by Fleet.
+                      nullable: true
+                      type: object
+                    namespaceLabels:
+                      additionalProperties:
+                        type: string
+                      description: NamespaceLabels are labels that will be appended
+                        to the namespace created by Fleet.
+                      nullable: true
+                      type: object
+                    serviceAccount:
+                      description: ServiceAccount which will be used to perform this
+                        deployment.
+                      nullable: true
+                      type: string
+                    yaml:
+                      description: 'YAML options, if using raw YAML these are names
+                        that map to
+
+                        overlays/{name} files that will be used to replace or patch
+                        a resource.'
+                      nullable: true
+                      properties:
+                        overlays:
+                          description: 'Overlays is a list of names that maps to folders
+                            in "overlays/".
+
+                            If you wish to customize the file ./subdir/resource.yaml
+                            then a file
+
+                            ./overlays/myoverlay/subdir/resource.yaml will replace
+                            the base
+
+                            file.
+
+                            A file named ./overlays/myoverlay/subdir/resource_patch.yaml
+                            will patch the base file.'
+                          items:
+                            type: string
+                          nullable: true
+                          type: array
+                      type: object
+                  type: object
+                paused:
+                  description: 'Paused if set to true, will stop any BundleDeployments
+                    from being
+
+                    updated. If true, BundleDeployments will be marked as out of sync
+
+                    when changes are detected.'
+                  type: boolean
+                stagedDeploymentID:
+                  description: StagedDeploymentID is the ID of the staged deployment.
+                  nullable: true
+                  type: string
+                stagedOptions:
+                  description: 'StagedOptions are the deployment options, that are
+                    staged for
+
+                    the next deployment.'
+                  properties:
+                    correctDrift:
+                      description: CorrectDrift specifies how drift correction should
+                        work.
+                      properties:
+                        enabled:
+                          description: Enabled correct drift if true.
+                          type: boolean
+                        force:
+                          description: Force helm rollback with --force option will
+                            be used if true. This will try to recreate all resources
+                            in the release.
+                          type: boolean
+                        keepFailHistory:
+                          description: KeepFailHistory keeps track of failed rollbacks
+                            in the helm history.
+                          type: boolean
+                      type: object
+                    defaultNamespace:
+                      description: 'DefaultNamespace is the namespace to use for resources
+                        that do not
+
+                        specify a namespace. This field is not used to enforce or
+                        lock down
+
+                        the deployment to a specific namespace.'
+                      nullable: true
+                      type: string
+                    deleteCRDResources:
+                      description: DeleteCRDResources deletes CRDs. Warning! this
+                        will also delete all your Custom Resources.
+                      type: boolean
+                    deleteNamespace:
+                      description: DeleteNamespace can be used to delete the deployed
+                        namespace when removing the bundle
+                      type: boolean
+                    diff:
+                      description: Diff can be used to ignore the modified state of
+                        objects which are amended at runtime.
+                      nullable: true
+                      properties:
+                        comparePatches:
+                          description: ComparePatches match a resource and remove
+                            fields from the check for modifications.
+                          items:
+                            description: ComparePatch matches a resource and removes
+                              fields from the check for modifications.
+                            properties:
+                              apiVersion:
+                                description: APIVersion is the apiVersion of the resource
+                                  to match.
+                                nullable: true
+                                type: string
+                              jsonPointers:
+                                description: JSONPointers ignore diffs at a certain
+                                  JSON path.
+                                items:
+                                  type: string
+                                nullable: true
+                                type: array
+                              kind:
+                                description: Kind is the kind of the resource to match.
+                                nullable: true
+                                type: string
+                              name:
+                                description: Name is the name of the resource to match.
+                                nullable: true
+                                type: string
+                              namespace:
+                                description: Namespace is the namespace of the resource
+                                  to match.
+                                nullable: true
+                                type: string
+                              operations:
+                                description: Operations remove a JSON path from the
+                                  resource.
+                                items:
+                                  description: Operation of a ComparePatch, usually
+                                    "remove".
+                                  properties:
+                                    op:
+                                      description: Op is usually "remove"
+                                      nullable: true
+                                      type: string
+                                    path:
+                                      description: Path is the JSON path to remove.
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      description: Value is usually empty.
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    forceSyncGeneration:
+                      description: ForceSyncGeneration is used to force a redeployment
+                      format: int64
+                      type: integer
+                    helm:
+                      description: Helm options for the deployment, like the chart
+                        name, repo and values.
+                      nullable: true
+                      properties:
+                        atomic:
+                          description: Atomic sets the --atomic flag when Helm is
+                            performing an upgrade
+                          type: boolean
+                        chart:
+                          description: 'Chart can refer to any go-getter URL or OCI
+                            registry based helm
+
+                            chart URL. The chart will be downloaded.'
+                          nullable: true
+                          type: string
+                        disableDNS:
+                          description: DisableDNS can be used to customize Helm's
+                            EnableDNS option, which Fleet sets to `true` by default.
+                          type: boolean
+                        disableDependencyUpdate:
+                          description: DisableDependencyUpdate allows skipping chart
+                            dependencies update
+                          type: boolean
+                        disablePreProcess:
+                          description: DisablePreProcess disables template processing
+                            in values
+                          type: boolean
+                        force:
+                          description: Force allows to override immutable resources.
+                            This could be dangerous.
+                          type: boolean
+                        maxHistory:
+                          description: MaxHistory limits the maximum number of revisions
+                            saved per release by Helm.
+                          type: integer
+                        releaseName:
+                          description: 'ReleaseName sets a custom release name to
+                            deploy the chart as. If
+
+                            not specified a release name will be generated by combining
+                            the
+
+                            invoking GitRepo.name + GitRepo.path.'
+                          maxLength: 53
+                          nullable: true
+                          pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                          type: string
+                        repo:
+                          description: Repo is the name of the HTTPS helm repo to
+                            download the chart from.
+                          nullable: true
+                          type: string
+                        skipSchemaValidation:
+                          description: SkipSchemaValidation allows skipping schema
+                            validation against the chart values
+                          type: boolean
+                        takeOwnership:
+                          description: TakeOwnership makes helm skip the check for
+                            its own annotations
+                          type: boolean
+                        timeoutSeconds:
+                          description: TimeoutSeconds is the time to wait for Helm
+                            operations.
+                          type: integer
+                        values:
+                          description: 'Values passed to Helm. It is possible to specify
+                            the keys and values
+
+                            as go template strings.'
+                          nullable: true
+                          type: object
+                          x-kubernetes-preserve-unknown-fields: true
+                        valuesFiles:
+                          description: ValuesFiles is a list of files to load values
+                            from.
+                          items:
+                            type: string
+                          nullable: true
+                          type: array
+                        valuesFrom:
+                          description: ValuesFrom loads the values from configmaps
+                            and secrets.
+                          items:
+                            description: 'Define helm values that can come from configmap,
+                              secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439'
+                            properties:
+                              configMapKeyRef:
+                                description: The reference to a config map with release
+                                  values.
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    description: Name of a resource in the same namespace
+                                      as the referent.
+                                    nullable: true
+                                    type: string
+                                  namespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              secretKeyRef:
+                                description: The reference to a secret with release
+                                  values.
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    description: Name of a resource in the same namespace
+                                      as the referent.
+                                    nullable: true
+                                    type: string
+                                  namespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                            type: object
+                          nullable: true
+                          type: array
+                        version:
+                          description: Version of the chart to download
+                          nullable: true
+                          type: string
+                        waitForJobs:
+                          description: 'WaitForJobs if set and timeoutSeconds provided,
+                            will wait until all
+
+                            Jobs have been completed before marking the GitRepo as
+                            ready. It
+
+                            will wait for as long as timeoutSeconds'
+                          type: boolean
+                      type: object
+                    ignore:
+                      description: IgnoreOptions can be used to ignore fields when
+                        monitoring the bundle.
+                      properties:
+                        conditions:
+                          description: Conditions is a list of conditions to be ignored
+                            when monitoring the Bundle.
+                          items:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    keepResources:
+                      description: KeepResources can be used to keep the deployed
+                        resources when removing the bundle
+                      type: boolean
+                    kustomize:
+                      description: 'Kustomize options for the deployment, like the
+                        dir containing the
+
+                        kustomization.yaml file.'
+                      nullable: true
+                      properties:
+                        dir:
+                          description: 'Dir points to a custom folder for kustomize
+                            resources. This folder must contain
+
+                            a kustomization.yaml file.'
+                          nullable: true
+                          type: string
+                      type: object
+                    namespace:
+                      description: 'TargetNamespace if present will assign all resource
+                        to this
+
+                        namespace and if any cluster scoped resource exists the deployment
+
+                        will fail.'
+                      nullable: true
+                      type: string
+                    namespaceAnnotations:
+                      additionalProperties:
+                        type: string
+                      description: NamespaceAnnotations are annotations that will
+                        be appended to the namespace created by Fleet.
+                      nullable: true
+                      type: object
+                    namespaceLabels:
+                      additionalProperties:
+                        type: string
+                      description: NamespaceLabels are labels that will be appended
+                        to the namespace created by Fleet.
+                      nullable: true
+                      type: object
+                    serviceAccount:
+                      description: ServiceAccount which will be used to perform this
+                        deployment.
+                      nullable: true
+                      type: string
+                    yaml:
+                      description: 'YAML options, if using raw YAML these are names
+                        that map to
+
+                        overlays/{name} files that will be used to replace or patch
+                        a resource.'
+                      nullable: true
+                      properties:
+                        overlays:
+                          description: 'Overlays is a list of names that maps to folders
+                            in "overlays/".
+
+                            If you wish to customize the file ./subdir/resource.yaml
+                            then a file
+
+                            ./overlays/myoverlay/subdir/resource.yaml will replace
+                            the base
+
+                            file.
+
+                            A file named ./overlays/myoverlay/subdir/resource_patch.yaml
+                            will patch the base file.'
+                          items:
+                            type: string
+                          nullable: true
+                          type: array
+                      type: object
+                  type: object
+              type: object
+            status:
+              properties:
+                appliedDeploymentID:
+                  nullable: true
+                  type: string
+                conditions:
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        type: string
+                    required:
+                      - status
+                      - type
+                    type: object
+                  nullable: true
+                  type: array
+                display:
+                  nullable: true
+                  properties:
+                    deployed:
+                      nullable: true
+                      type: string
+                    monitored:
+                      nullable: true
+                      type: string
+                    state:
+                      nullable: true
+                      type: string
+                  type: object
+                modifiedStatus:
+                  items:
+                    description: 'ModifiedStatus is used to report the status of a
+                      resource that is modified.
+
+                      It indicates if the modification was a create, a delete or a
+                      patch.'
+                    properties:
+                      apiVersion:
+                        nullable: true
+                        type: string
+                      delete:
+                        type: boolean
+                      kind:
+                        nullable: true
+                        type: string
+                      missing:
+                        type: boolean
+                      name:
+                        nullable: true
+                        type: string
+                      namespace:
+                        nullable: true
+                        type: string
+                      patch:
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                nonModified:
+                  type: boolean
+                nonReadyStatus:
+                  items:
+                    description: NonReadyStatus is used to report the status of a
+                      resource that is not ready. It includes a summary.
+                    properties:
+                      apiVersion:
+                        nullable: true
+                        type: string
+                      kind:
+                        nullable: true
+                        type: string
+                      name:
+                        nullable: true
+                        type: string
+                      namespace:
+                        nullable: true
+                        type: string
+                      summary:
+                        properties:
+                          error:
+                            type: boolean
+                          message:
+                            items:
+                              type: string
+                            type: array
+                          state:
+                            type: string
+                          transitioning:
+                            type: boolean
+                        type: object
+                      uid:
+                        description: 'UID is a type that holds unique ID values, including
+                          UUIDs.  Because we
+
+                          don''t ONLY use UUIDs, this is an alias to string.  Being
+                          a type captures
+
+                          intent and helps make sure that UIDs and names do not get
+                          conflated.'
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                ready:
+                  type: boolean
+                release:
+                  nullable: true
+                  type: string
+                resources:
+                  description: 'Resources lists the metadata of resources that were
+                    deployed
+
+                    according to the helm release history.'
+                  items:
+                    description: BundleDeploymentResource contains the metadata of
+                      a deployed resource.
+                    properties:
+                      apiVersion:
+                        nullable: true
+                        type: string
+                      createdAt:
+                        format: date-time
+                        nullable: true
+                        type: string
+                      kind:
+                        nullable: true
+                        type: string
+                      name:
+                        nullable: true
+                        type: string
+                      namespace:
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                syncGeneration:
+                  format: int64
+                  nullable: true
+                  type: integer
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: bundlenamespacemappings.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: BundleNamespaceMapping
+    listKind: BundleNamespaceMappingList
+    plural: bundlenamespacemappings
+    singular: bundlenamespacemapping
+  scope: Namespaced
+  versions:
+    - name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: BundleNamespaceMapping maps bundles to clusters in other namespaces.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            bundleSelector:
+              description: 'A label selector is a label query over a set of resources.
+                The result of matchLabels and
+
+                matchExpressions are ANDed. An empty label selector matches all objects.
+                A null
+
+                label selector matches no objects.'
+              nullable: true
+              properties:
+                matchExpressions:
+                  description: matchExpressions is a list of label selector requirements.
+                    The requirements are ANDed.
+                  items:
+                    description: 'A label selector requirement is a selector that
+                      contains values, a key, and an operator that
+
+                      relates the key and values.'
+                    properties:
+                      key:
+                        description: key is the label key that the selector applies
+                          to.
+                        type: string
+                      operator:
+                        description: 'operator represents a key''s relationship to
+                          a set of values.
+
+                          Valid operators are In, NotIn, Exists and DoesNotExist.'
+                        type: string
+                      values:
+                        description: 'values is an array of string values. If the
+                          operator is In or NotIn,
+
+                          the values array must be non-empty. If the operator is Exists
+                          or DoesNotExist,
+
+                          the values array must be empty. This array is replaced during
+                          a strategic
+
+                          merge patch.'
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    required:
+                      - key
+                      - operator
+                    type: object
+                  type: array
+                  x-kubernetes-list-type: atomic
+                matchLabels:
+                  additionalProperties:
+                    type: string
+                  description: 'matchLabels is a map of {key,value} pairs. A single
+                    {key,value} in the matchLabels
+
+                    map is equivalent to an element of matchExpressions, whose key
+                    field is "key", the
+
+                    operator is "In", and the values array contains only "value".
+                    The requirements are ANDed.'
+                  type: object
+              type: object
+              x-kubernetes-map-type: atomic
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            namespaceSelector:
+              description: 'A label selector is a label query over a set of resources.
+                The result of matchLabels and
+
+                matchExpressions are ANDed. An empty label selector matches all objects.
+                A null
+
+                label selector matches no objects.'
+              nullable: true
+              properties:
+                matchExpressions:
+                  description: matchExpressions is a list of label selector requirements.
+                    The requirements are ANDed.
+                  items:
+                    description: 'A label selector requirement is a selector that
+                      contains values, a key, and an operator that
+
+                      relates the key and values.'
+                    properties:
+                      key:
+                        description: key is the label key that the selector applies
+                          to.
+                        type: string
+                      operator:
+                        description: 'operator represents a key''s relationship to
+                          a set of values.
+
+                          Valid operators are In, NotIn, Exists and DoesNotExist.'
+                        type: string
+                      values:
+                        description: 'values is an array of string values. If the
+                          operator is In or NotIn,
+
+                          the values array must be non-empty. If the operator is Exists
+                          or DoesNotExist,
+
+                          the values array must be empty. This array is replaced during
+                          a strategic
+
+                          merge patch.'
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    required:
+                      - key
+                      - operator
+                    type: object
+                  type: array
+                  x-kubernetes-list-type: atomic
+                matchLabels:
+                  additionalProperties:
+                    type: string
+                  description: 'matchLabels is a map of {key,value} pairs. A single
+                    {key,value} in the matchLabels
+
+                    map is equivalent to an element of matchExpressions, whose key
+                    field is "key", the
+
+                    operator is "In", and the values array contains only "value".
+                    The requirements are ANDed.'
+                  type: object
+              type: object
+              x-kubernetes-map-type: atomic
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: bundles.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: Bundle
+    listKind: BundleList
+    plural: bundles
+    singular: bundle
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.display.readyClusters
+          name: BundleDeployments-Ready
+          type: string
+        - jsonPath: .status.conditions[?(@.type=="Ready")].message
+          name: Status
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: 'Bundle contains the resources of an application and its deployment
+            options.
+
+            It will be deployed as a Helm chart to target clusters.
+
+
+
+            When a GitRepo is scanned it will produce one or more bundles. Bundles
+            are
+
+            a collection of resources that get deployed to one or more cluster(s).
+            Bundle is the
+
+            fundamental deployment unit used in Fleet. The contents of a Bundle may
+            be
+
+            Kubernetes manifests, Kustomize configuration, or Helm charts. Regardless
+
+            of the source the contents are dynamically rendered into a Helm chart
+            by
+
+            the agent and installed into the downstream cluster as a Helm release.'
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                contentsId:
+                  description: ContentsID stores the contents id when deploying contents
+                    using an OCI registry.
+                  nullable: true
+                  type: string
+                correctDrift:
+                  description: CorrectDrift specifies how drift correction should
+                    work.
+                  properties:
+                    enabled:
+                      description: Enabled correct drift if true.
+                      type: boolean
+                    force:
+                      description: Force helm rollback with --force option will be
+                        used if true. This will try to recreate all resources in the
+                        release.
+                      type: boolean
+                    keepFailHistory:
+                      description: KeepFailHistory keeps track of failed rollbacks
+                        in the helm history.
+                      type: boolean
+                  type: object
+                defaultNamespace:
+                  description: 'DefaultNamespace is the namespace to use for resources
+                    that do not
+
+                    specify a namespace. This field is not used to enforce or lock
+                    down
+
+                    the deployment to a specific namespace.'
+                  nullable: true
+                  type: string
+                deleteCRDResources:
+                  description: DeleteCRDResources deletes CRDs. Warning! this will
+                    also delete all your Custom Resources.
+                  type: boolean
+                deleteNamespace:
+                  description: DeleteNamespace can be used to delete the deployed
+                    namespace when removing the bundle
+                  type: boolean
+                dependsOn:
+                  description: DependsOn refers to the bundles which must be ready
+                    before this bundle can be deployed.
+                  items:
+                    properties:
+                      name:
+                        description: Name of the bundle.
+                        nullable: true
+                        type: string
+                      selector:
+                        description: Selector matching bundle's labels.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: 'A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+
+                                relates the key and values.'
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  type: string
+                                operator:
+                                  description: 'operator represents a key''s relationship
+                                    to a set of values.
+
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.'
+                                  type: string
+                                values:
+                                  description: 'values is an array of string values.
+                                    If the operator is In or NotIn,
+
+                                    the values array must be non-empty. If the operator
+                                    is Exists or DoesNotExist,
+
+                                    the values array must be empty. This array is
+                                    replaced during a strategic
+
+                                    merge patch.'
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              required:
+                                - key
+                                - operator
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          matchLabels:
+                            additionalProperties:
+                              type: string
+                            description: 'matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels
+
+                              map is equivalent to an element of matchExpressions,
+                              whose key field is "key", the
+
+                              operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.'
+                            type: object
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
+                  nullable: true
+                  type: array
+                diff:
+                  description: Diff can be used to ignore the modified state of objects
+                    which are amended at runtime.
+                  nullable: true
+                  properties:
+                    comparePatches:
+                      description: ComparePatches match a resource and remove fields
+                        from the check for modifications.
+                      items:
+                        description: ComparePatch matches a resource and removes fields
+                          from the check for modifications.
+                        properties:
+                          apiVersion:
+                            description: APIVersion is the apiVersion of the resource
+                              to match.
+                            nullable: true
+                            type: string
+                          jsonPointers:
+                            description: JSONPointers ignore diffs at a certain JSON
+                              path.
+                            items:
+                              type: string
+                            nullable: true
+                            type: array
+                          kind:
+                            description: Kind is the kind of the resource to match.
+                            nullable: true
+                            type: string
+                          name:
+                            description: Name is the name of the resource to match.
+                            nullable: true
+                            type: string
+                          namespace:
+                            description: Namespace is the namespace of the resource
+                              to match.
+                            nullable: true
+                            type: string
+                          operations:
+                            description: Operations remove a JSON path from the resource.
+                            items:
+                              description: Operation of a ComparePatch, usually "remove".
+                              properties:
+                                op:
+                                  description: Op is usually "remove"
+                                  nullable: true
+                                  type: string
+                                path:
+                                  description: Path is the JSON path to remove.
+                                  nullable: true
+                                  type: string
+                                value:
+                                  description: Value is usually empty.
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                  type: object
+                forceSyncGeneration:
+                  description: ForceSyncGeneration is used to force a redeployment
+                  format: int64
+                  type: integer
+                helm:
+                  description: Helm options for the deployment, like the chart name,
+                    repo and values.
+                  nullable: true
+                  properties:
+                    atomic:
+                      description: Atomic sets the --atomic flag when Helm is performing
+                        an upgrade
+                      type: boolean
+                    chart:
+                      description: 'Chart can refer to any go-getter URL or OCI registry
+                        based helm
+
+                        chart URL. The chart will be downloaded.'
+                      nullable: true
+                      type: string
+                    disableDNS:
+                      description: DisableDNS can be used to customize Helm's EnableDNS
+                        option, which Fleet sets to `true` by default.
+                      type: boolean
+                    disableDependencyUpdate:
+                      description: DisableDependencyUpdate allows skipping chart dependencies
+                        update
+                      type: boolean
+                    disablePreProcess:
+                      description: DisablePreProcess disables template processing
+                        in values
+                      type: boolean
+                    force:
+                      description: Force allows to override immutable resources. This
+                        could be dangerous.
+                      type: boolean
+                    maxHistory:
+                      description: MaxHistory limits the maximum number of revisions
+                        saved per release by Helm.
+                      type: integer
+                    releaseName:
+                      description: 'ReleaseName sets a custom release name to deploy
+                        the chart as. If
+
+                        not specified a release name will be generated by combining
+                        the
+
+                        invoking GitRepo.name + GitRepo.path.'
+                      maxLength: 53
+                      nullable: true
+                      pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                      type: string
+                    repo:
+                      description: Repo is the name of the HTTPS helm repo to download
+                        the chart from.
+                      nullable: true
+                      type: string
+                    skipSchemaValidation:
+                      description: SkipSchemaValidation allows skipping schema validation
+                        against the chart values
+                      type: boolean
+                    takeOwnership:
+                      description: TakeOwnership makes helm skip the check for its
+                        own annotations
+                      type: boolean
+                    timeoutSeconds:
+                      description: TimeoutSeconds is the time to wait for Helm operations.
+                      type: integer
+                    values:
+                      description: 'Values passed to Helm. It is possible to specify
+                        the keys and values
+
+                        as go template strings.'
+                      nullable: true
+                      type: object
+                      x-kubernetes-preserve-unknown-fields: true
+                    valuesFiles:
+                      description: ValuesFiles is a list of files to load values from.
+                      items:
+                        type: string
+                      nullable: true
+                      type: array
+                    valuesFrom:
+                      description: ValuesFrom loads the values from configmaps and
+                        secrets.
+                      items:
+                        description: 'Define helm values that can come from configmap,
+                          secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439'
+                        properties:
+                          configMapKeyRef:
+                            description: The reference to a config map with release
+                              values.
+                            nullable: true
+                            properties:
+                              key:
+                                nullable: true
+                                type: string
+                              name:
+                                description: Name of a resource in the same namespace
+                                  as the referent.
+                                nullable: true
+                                type: string
+                              namespace:
+                                nullable: true
+                                type: string
+                            type: object
+                          secretKeyRef:
+                            description: The reference to a secret with release values.
+                            nullable: true
+                            properties:
+                              key:
+                                nullable: true
+                                type: string
+                              name:
+                                description: Name of a resource in the same namespace
+                                  as the referent.
+                                nullable: true
+                                type: string
+                              namespace:
+                                nullable: true
+                                type: string
+                            type: object
+                        type: object
+                      nullable: true
+                      type: array
+                    version:
+                      description: Version of the chart to download
+                      nullable: true
+                      type: string
+                    waitForJobs:
+                      description: 'WaitForJobs if set and timeoutSeconds provided,
+                        will wait until all
+
+                        Jobs have been completed before marking the GitRepo as ready.
+                        It
+
+                        will wait for as long as timeoutSeconds'
+                      type: boolean
+                  type: object
+                ignore:
+                  description: IgnoreOptions can be used to ignore fields when monitoring
+                    the bundle.
+                  properties:
+                    conditions:
+                      description: Conditions is a list of conditions to be ignored
+                        when monitoring the Bundle.
+                      items:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      nullable: true
+                      type: array
+                  type: object
+                keepResources:
+                  description: KeepResources can be used to keep the deployed resources
+                    when removing the bundle
+                  type: boolean
+                kustomize:
+                  description: 'Kustomize options for the deployment, like the dir
+                    containing the
+
+                    kustomization.yaml file.'
+                  nullable: true
+                  properties:
+                    dir:
+                      description: 'Dir points to a custom folder for kustomize resources.
+                        This folder must contain
+
+                        a kustomization.yaml file.'
+                      nullable: true
+                      type: string
+                  type: object
+                namespace:
+                  description: 'TargetNamespace if present will assign all resource
+                    to this
+
+                    namespace and if any cluster scoped resource exists the deployment
+
+                    will fail.'
+                  nullable: true
+                  type: string
+                namespaceAnnotations:
+                  additionalProperties:
+                    type: string
+                  description: NamespaceAnnotations are annotations that will be appended
+                    to the namespace created by Fleet.
+                  nullable: true
+                  type: object
+                namespaceLabels:
+                  additionalProperties:
+                    type: string
+                  description: NamespaceLabels are labels that will be appended to
+                    the namespace created by Fleet.
+                  nullable: true
+                  type: object
+                paused:
+                  description: Paused if set to true, will stop any BundleDeployments
+                    from being updated. It will be marked as out of sync.
+                  type: boolean
+                resources:
+                  description: 'Resources contains the resources that were read from
+                    the bundle''s
+
+                    path. This includes the content of downloaded helm charts.'
+                  items:
+                    description: BundleResource represents the content of a single
+                      resource from the bundle, like a YAML manifest.
+                    properties:
+                      content:
+                        description: The content of the resource, can be compressed.
+                        nullable: true
+                        type: string
+                      encoding:
+                        description: Encoding is either empty or "base64+gz".
+                        nullable: true
+                        type: string
+                      name:
+                        description: Name of the resource, can include the bundle's
+                          internal path.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                rolloutStrategy:
+                  description: 'RolloutStrategy controls the rollout of bundles, by
+                    defining
+
+                    partitions, canaries and percentages for cluster availability.'
+                  nullable: true
+                  properties:
+                    autoPartitionSize:
+                      anyOf:
+                        - type: integer
+                        - type: string
+                      description: 'A number or percentage of how to automatically
+                        partition clusters if no
+
+                        specific partitioning strategy is configured.
+
+                        default: 25%'
+                      nullable: true
+                      x-kubernetes-int-or-string: true
+                    maxUnavailable:
+                      anyOf:
+                        - type: integer
+                        - type: string
+                      description: 'A number or percentage of clusters that can be
+                        unavailable during an update
+
+                        of a bundle. This follows the same basic approach as a deployment
+                        rollout
+
+                        strategy. Once the number of clusters meets unavailable state
+                        update will be
+
+                        paused. Default value is 100% which doesn''t take effect on
+                        update.
+
+                        default: 100%'
+                      nullable: true
+                      x-kubernetes-int-or-string: true
+                    maxUnavailablePartitions:
+                      anyOf:
+                        - type: integer
+                        - type: string
+                      description: 'A number or percentage of cluster partitions that
+                        can be unavailable during
+
+                        an update of a bundle.
+
+                        default: 0'
+                      nullable: true
+                      x-kubernetes-int-or-string: true
+                    partitions:
+                      description: 'A list of definitions of partitions.  If any target
+                        clusters do not match
+
+                        the configuration they are added to partitions at the end
+                        following the
+
+                        autoPartitionSize.'
+                      items:
+                        description: Partition defines a separate rollout strategy
+                          for a set of clusters.
+                        properties:
+                          clusterGroup:
+                            description: A cluster group name to include in this partition
+                            type: string
+                          clusterGroupSelector:
+                            description: Selector matching cluster group labels to
+                              include in this partition
+                            nullable: true
+                            properties:
+                              matchExpressions:
+                                description: matchExpressions is a list of label selector
+                                  requirements. The requirements are ANDed.
+                                items:
+                                  description: 'A label selector requirement is a
+                                    selector that contains values, a key, and an operator
+                                    that
+
+                                    relates the key and values.'
+                                  properties:
+                                    key:
+                                      description: key is the label key that the selector
+                                        applies to.
+                                      type: string
+                                    operator:
+                                      description: 'operator represents a key''s relationship
+                                        to a set of values.
+
+                                        Valid operators are In, NotIn, Exists and
+                                        DoesNotExist.'
+                                      type: string
+                                    values:
+                                      description: 'values is an array of string values.
+                                        If the operator is In or NotIn,
+
+                                        the values array must be non-empty. If the
+                                        operator is Exists or DoesNotExist,
+
+                                        the values array must be empty. This array
+                                        is replaced during a strategic
+
+                                        merge patch.'
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  required:
+                                    - key
+                                    - operator
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              matchLabels:
+                                additionalProperties:
+                                  type: string
+                                description: 'matchLabels is a map of {key,value}
+                                  pairs. A single {key,value} in the matchLabels
+
+                                  map is equivalent to an element of matchExpressions,
+                                  whose key field is "key", the
+
+                                  operator is "In", and the values array contains
+                                  only "value". The requirements are ANDed.'
+                                type: object
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          clusterName:
+                            description: ClusterName is the name of a cluster to include
+                              in this partition
+                            type: string
+                          clusterSelector:
+                            description: Selector matching cluster labels to include
+                              in this partition
+                            properties:
+                              matchExpressions:
+                                description: matchExpressions is a list of label selector
+                                  requirements. The requirements are ANDed.
+                                items:
+                                  description: 'A label selector requirement is a
+                                    selector that contains values, a key, and an operator
+                                    that
+
+                                    relates the key and values.'
+                                  properties:
+                                    key:
+                                      description: key is the label key that the selector
+                                        applies to.
+                                      type: string
+                                    operator:
+                                      description: 'operator represents a key''s relationship
+                                        to a set of values.
+
+                                        Valid operators are In, NotIn, Exists and
+                                        DoesNotExist.'
+                                      type: string
+                                    values:
+                                      description: 'values is an array of string values.
+                                        If the operator is In or NotIn,
+
+                                        the values array must be non-empty. If the
+                                        operator is Exists or DoesNotExist,
+
+                                        the values array must be empty. This array
+                                        is replaced during a strategic
+
+                                        merge patch.'
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  required:
+                                    - key
+                                    - operator
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              matchLabels:
+                                additionalProperties:
+                                  type: string
+                                description: 'matchLabels is a map of {key,value}
+                                  pairs. A single {key,value} in the matchLabels
+
+                                  map is equivalent to an element of matchExpressions,
+                                  whose key field is "key", the
+
+                                  operator is "In", and the values array contains
+                                  only "value". The requirements are ANDed.'
+                                type: object
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          maxUnavailable:
+                            anyOf:
+                              - type: integer
+                              - type: string
+                            description: 'A number or percentage of clusters that
+                              can be unavailable in this
+
+                              partition before this partition is treated as done.
+
+                              default: 10%'
+                            x-kubernetes-int-or-string: true
+                          name:
+                            description: A user-friendly name given to the partition
+                              used for Display (optional).
+                            nullable: true
+                            type: string
+                        type: object
+                      nullable: true
+                      type: array
+                  type: object
+                serviceAccount:
+                  description: ServiceAccount which will be used to perform this deployment.
+                  nullable: true
+                  type: string
+                targetRestrictions:
+                  description: TargetRestrictions is an allow list, which controls
+                    if a bundledeployment is created for a target.
+                  items:
+                    description: 'BundleTargetRestriction is used internally by Fleet
+                      and should not be modified.
+
+                      It acts as an allow list, to prevent the creation of BundleDeployments
+                      from
+
+                      Targets created by TargetCustomizations in fleet.yaml.'
+                    properties:
+                      clusterGroup:
+                        nullable: true
+                        type: string
+                      clusterGroupSelector:
+                        description: 'A label selector is a label query over a set
+                          of resources. The result of matchLabels and
+
+                          matchExpressions are ANDed. An empty label selector matches
+                          all objects. A null
+
+                          label selector matches no objects.'
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: 'A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+
+                                relates the key and values.'
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  type: string
+                                operator:
+                                  description: 'operator represents a key''s relationship
+                                    to a set of values.
+
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.'
+                                  type: string
+                                values:
+                                  description: 'values is an array of string values.
+                                    If the operator is In or NotIn,
+
+                                    the values array must be non-empty. If the operator
+                                    is Exists or DoesNotExist,
+
+                                    the values array must be empty. This array is
+                                    replaced during a strategic
+
+                                    merge patch.'
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              required:
+                                - key
+                                - operator
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          matchLabels:
+                            additionalProperties:
+                              type: string
+                            description: 'matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels
+
+                              map is equivalent to an element of matchExpressions,
+                              whose key field is "key", the
+
+                              operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.'
+                            type: object
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      clusterName:
+                        nullable: true
+                        type: string
+                      clusterSelector:
+                        description: 'A label selector is a label query over a set
+                          of resources. The result of matchLabels and
+
+                          matchExpressions are ANDed. An empty label selector matches
+                          all objects. A null
+
+                          label selector matches no objects.'
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: 'A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+
+                                relates the key and values.'
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  type: string
+                                operator:
+                                  description: 'operator represents a key''s relationship
+                                    to a set of values.
+
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.'
+                                  type: string
+                                values:
+                                  description: 'values is an array of string values.
+                                    If the operator is In or NotIn,
+
+                                    the values array must be non-empty. If the operator
+                                    is Exists or DoesNotExist,
+
+                                    the values array must be empty. This array is
+                                    replaced during a strategic
+
+                                    merge patch.'
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              required:
+                                - key
+                                - operator
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          matchLabels:
+                            additionalProperties:
+                              type: string
+                            description: 'matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels
+
+                              map is equivalent to an element of matchExpressions,
+                              whose key field is "key", the
+
+                              operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.'
+                            type: object
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      name:
+                        nullable: true
+                        type: string
+                    type: object
+                  type: array
+                targets:
+                  description: 'Targets refer to the clusters which will be deployed
+                    to.
+
+                    Targets are evaluated in order and the first one to match is used.'
+                  items:
+                    description: 'BundleTarget declares clusters to deploy to. Fleet
+                      will merge the
+
+                      BundleDeploymentOptions from customizations into this struct.'
+                    properties:
+                      clusterGroup:
+                        description: ClusterGroup to match a specific cluster group
+                          by name.
+                        nullable: true
+                        type: string
+                      clusterGroupSelector:
+                        description: ClusterGroupSelector is a selector to match cluster
+                          groups.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: 'A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+
+                                relates the key and values.'
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  type: string
+                                operator:
+                                  description: 'operator represents a key''s relationship
+                                    to a set of values.
+
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.'
+                                  type: string
+                                values:
+                                  description: 'values is an array of string values.
+                                    If the operator is In or NotIn,
+
+                                    the values array must be non-empty. If the operator
+                                    is Exists or DoesNotExist,
+
+                                    the values array must be empty. This array is
+                                    replaced during a strategic
+
+                                    merge patch.'
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              required:
+                                - key
+                                - operator
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          matchLabels:
+                            additionalProperties:
+                              type: string
+                            description: 'matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels
+
+                              map is equivalent to an element of matchExpressions,
+                              whose key field is "key", the
+
+                              operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.'
+                            type: object
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      clusterName:
+                        description: 'ClusterName to match a specific cluster by name
+                          that will be
+
+                          selected'
+                        nullable: true
+                        type: string
+                      clusterSelector:
+                        description: 'ClusterSelector is a selector to match clusters.
+                          The structure is
+
+                          the standard metav1.LabelSelector format. If clusterGroupSelector
+                          or
+
+                          clusterGroup is specified, clusterSelector will be used
+                          only to
+
+                          further refine the selection after clusterGroupSelector
+                          and
+
+                          clusterGroup is evaluated.'
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: 'A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+
+                                relates the key and values.'
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  type: string
+                                operator:
+                                  description: 'operator represents a key''s relationship
+                                    to a set of values.
+
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.'
+                                  type: string
+                                values:
+                                  description: 'values is an array of string values.
+                                    If the operator is In or NotIn,
+
+                                    the values array must be non-empty. If the operator
+                                    is Exists or DoesNotExist,
+
+                                    the values array must be empty. This array is
+                                    replaced during a strategic
+
+                                    merge patch.'
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              required:
+                                - key
+                                - operator
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          matchLabels:
+                            additionalProperties:
+                              type: string
+                            description: 'matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels
+
+                              map is equivalent to an element of matchExpressions,
+                              whose key field is "key", the
+
+                              operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.'
+                            type: object
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      correctDrift:
+                        description: CorrectDrift specifies how drift correction should
+                          work.
+                        properties:
+                          enabled:
+                            description: Enabled correct drift if true.
+                            type: boolean
+                          force:
+                            description: Force helm rollback with --force option will
+                              be used if true. This will try to recreate all resources
+                              in the release.
+                            type: boolean
+                          keepFailHistory:
+                            description: KeepFailHistory keeps track of failed rollbacks
+                              in the helm history.
+                            type: boolean
+                        type: object
+                      defaultNamespace:
+                        description: 'DefaultNamespace is the namespace to use for
+                          resources that do not
+
+                          specify a namespace. This field is not used to enforce or
+                          lock down
+
+                          the deployment to a specific namespace.'
+                        nullable: true
+                        type: string
+                      deleteCRDResources:
+                        description: DeleteCRDResources deletes CRDs. Warning! this
+                          will also delete all your Custom Resources.
+                        type: boolean
+                      deleteNamespace:
+                        description: DeleteNamespace can be used to delete the deployed
+                          namespace when removing the bundle
+                        type: boolean
+                      diff:
+                        description: Diff can be used to ignore the modified state
+                          of objects which are amended at runtime.
+                        nullable: true
+                        properties:
+                          comparePatches:
+                            description: ComparePatches match a resource and remove
+                              fields from the check for modifications.
+                            items:
+                              description: ComparePatch matches a resource and removes
+                                fields from the check for modifications.
+                              properties:
+                                apiVersion:
+                                  description: APIVersion is the apiVersion of the
+                                    resource to match.
+                                  nullable: true
+                                  type: string
+                                jsonPointers:
+                                  description: JSONPointers ignore diffs at a certain
+                                    JSON path.
+                                  items:
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                kind:
+                                  description: Kind is the kind of the resource to
+                                    match.
+                                  nullable: true
+                                  type: string
+                                name:
+                                  description: Name is the name of the resource to
+                                    match.
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  description: Namespace is the namespace of the resource
+                                    to match.
+                                  nullable: true
+                                  type: string
+                                operations:
+                                  description: Operations remove a JSON path from
+                                    the resource.
+                                  items:
+                                    description: Operation of a ComparePatch, usually
+                                      "remove".
+                                    properties:
+                                      op:
+                                        description: Op is usually "remove"
+                                        nullable: true
+                                        type: string
+                                      path:
+                                        description: Path is the JSON path to remove.
+                                        nullable: true
+                                        type: string
+                                      value:
+                                        description: Value is usually empty.
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      doNotDeploy:
+                        description: DoNotDeploy if set to true, will not deploy to
+                          this target.
+                        type: boolean
+                      forceSyncGeneration:
+                        description: ForceSyncGeneration is used to force a redeployment
+                        format: int64
+                        type: integer
+                      helm:
+                        description: Helm options for the deployment, like the chart
+                          name, repo and values.
+                        nullable: true
+                        properties:
+                          atomic:
+                            description: Atomic sets the --atomic flag when Helm is
+                              performing an upgrade
+                            type: boolean
+                          chart:
+                            description: 'Chart can refer to any go-getter URL or
+                              OCI registry based helm
+
+                              chart URL. The chart will be downloaded.'
+                            nullable: true
+                            type: string
+                          disableDNS:
+                            description: DisableDNS can be used to customize Helm's
+                              EnableDNS option, which Fleet sets to `true` by default.
+                            type: boolean
+                          disableDependencyUpdate:
+                            description: DisableDependencyUpdate allows skipping chart
+                              dependencies update
+                            type: boolean
+                          disablePreProcess:
+                            description: DisablePreProcess disables template processing
+                              in values
+                            type: boolean
+                          force:
+                            description: Force allows to override immutable resources.
+                              This could be dangerous.
+                            type: boolean
+                          maxHistory:
+                            description: MaxHistory limits the maximum number of revisions
+                              saved per release by Helm.
+                            type: integer
+                          releaseName:
+                            description: 'ReleaseName sets a custom release name to
+                              deploy the chart as. If
+
+                              not specified a release name will be generated by combining
+                              the
+
+                              invoking GitRepo.name + GitRepo.path.'
+                            maxLength: 53
+                            nullable: true
+                            pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                            type: string
+                          repo:
+                            description: Repo is the name of the HTTPS helm repo to
+                              download the chart from.
+                            nullable: true
+                            type: string
+                          skipSchemaValidation:
+                            description: SkipSchemaValidation allows skipping schema
+                              validation against the chart values
+                            type: boolean
+                          takeOwnership:
+                            description: TakeOwnership makes helm skip the check for
+                              its own annotations
+                            type: boolean
+                          timeoutSeconds:
+                            description: TimeoutSeconds is the time to wait for Helm
+                              operations.
+                            type: integer
+                          values:
+                            description: 'Values passed to Helm. It is possible to
+                              specify the keys and values
+
+                              as go template strings.'
+                            nullable: true
+                            type: object
+                            x-kubernetes-preserve-unknown-fields: true
+                          valuesFiles:
+                            description: ValuesFiles is a list of files to load values
+                              from.
+                            items:
+                              type: string
+                            nullable: true
+                            type: array
+                          valuesFrom:
+                            description: ValuesFrom loads the values from configmaps
+                              and secrets.
+                            items:
+                              description: 'Define helm values that can come from
+                                configmap, secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439'
+                              properties:
+                                configMapKeyRef:
+                                  description: The reference to a config map with
+                                    release values.
+                                  nullable: true
+                                  properties:
+                                    key:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      description: Name of a resource in the same
+                                        namespace as the referent.
+                                      nullable: true
+                                      type: string
+                                    namespace:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                secretKeyRef:
+                                  description: The reference to a secret with release
+                                    values.
+                                  nullable: true
+                                  properties:
+                                    key:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      description: Name of a resource in the same
+                                        namespace as the referent.
+                                      nullable: true
+                                      type: string
+                                    namespace:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                              type: object
+                            nullable: true
+                            type: array
+                          version:
+                            description: Version of the chart to download
+                            nullable: true
+                            type: string
+                          waitForJobs:
+                            description: 'WaitForJobs if set and timeoutSeconds provided,
+                              will wait until all
+
+                              Jobs have been completed before marking the GitRepo
+                              as ready. It
+
+                              will wait for as long as timeoutSeconds'
+                            type: boolean
+                        type: object
+                      ignore:
+                        description: IgnoreOptions can be used to ignore fields when
+                          monitoring the bundle.
+                        properties:
+                          conditions:
+                            description: Conditions is a list of conditions to be
+                              ignored when monitoring the Bundle.
+                            items:
+                              additionalProperties:
+                                type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      keepResources:
+                        description: KeepResources can be used to keep the deployed
+                          resources when removing the bundle
+                        type: boolean
+                      kustomize:
+                        description: 'Kustomize options for the deployment, like the
+                          dir containing the
+
+                          kustomization.yaml file.'
+                        nullable: true
+                        properties:
+                          dir:
+                            description: 'Dir points to a custom folder for kustomize
+                              resources. This folder must contain
+
+                              a kustomization.yaml file.'
+                            nullable: true
+                            type: string
+                        type: object
+                      name:
+                        description: 'Name of target. This value is largely for display
+                          and logging. If
+
+                          not specified a default name of the format "target000" will
+                          be used'
+                        type: string
+                      namespace:
+                        description: 'TargetNamespace if present will assign all resource
+                          to this
+
+                          namespace and if any cluster scoped resource exists the
+                          deployment
+
+                          will fail.'
+                        nullable: true
+                        type: string
+                      namespaceAnnotations:
+                        additionalProperties:
+                          type: string
+                        description: NamespaceAnnotations are annotations that will
+                          be appended to the namespace created by Fleet.
+                        nullable: true
+                        type: object
+                      namespaceLabels:
+                        additionalProperties:
+                          type: string
+                        description: NamespaceLabels are labels that will be appended
+                          to the namespace created by Fleet.
+                        nullable: true
+                        type: object
+                      serviceAccount:
+                        description: ServiceAccount which will be used to perform
+                          this deployment.
+                        nullable: true
+                        type: string
+                      yaml:
+                        description: 'YAML options, if using raw YAML these are names
+                          that map to
+
+                          overlays/{name} files that will be used to replace or patch
+                          a resource.'
+                        nullable: true
+                        properties:
+                          overlays:
+                            description: 'Overlays is a list of names that maps to
+                              folders in "overlays/".
+
+                              If you wish to customize the file ./subdir/resource.yaml
+                              then a file
+
+                              ./overlays/myoverlay/subdir/resource.yaml will replace
+                              the base
+
+                              file.
+
+                              A file named ./overlays/myoverlay/subdir/resource_patch.yaml
+                              will patch the base file.'
+                            items:
+                              type: string
+                            nullable: true
+                            type: array
+                        type: object
+                    type: object
+                  type: array
+                yaml:
+                  description: 'YAML options, if using raw YAML these are names that
+                    map to
+
+                    overlays/{name} files that will be used to replace or patch a
+                    resource.'
+                  nullable: true
+                  properties:
+                    overlays:
+                      description: 'Overlays is a list of names that maps to folders
+                        in "overlays/".
+
+                        If you wish to customize the file ./subdir/resource.yaml then
+                        a file
+
+                        ./overlays/myoverlay/subdir/resource.yaml will replace the
+                        base
+
+                        file.
+
+                        A file named ./overlays/myoverlay/subdir/resource_patch.yaml
+                        will patch the base file.'
+                      items:
+                        type: string
+                      nullable: true
+                      type: array
+                  type: object
+              type: object
+            status:
+              properties:
+                conditions:
+                  description: 'Conditions is a list of Wrangler conditions that describe
+                    the state
+
+                    of the bundle.'
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        type: string
+                    required:
+                      - status
+                      - type
+                    type: object
+                  type: array
+                display:
+                  description: 'Display contains the number of ready, desiredready
+                    clusters and a
+
+                    summary state for the bundle''s resources.'
+                  properties:
+                    readyClusters:
+                      description: 'ReadyClusters is a string in the form "%d/%d",
+                        that describes the
+
+                        number of clusters that are ready vs. the number of clusters
+                        desired
+
+                        to be ready.'
+                      nullable: true
+                      type: string
+                    state:
+                      description: State is a summary state for the bundle, calculated
+                        over the non-ready resources.
+                      nullable: true
+                      type: string
+                  type: object
+                maxNew:
+                  description: 'MaxNew is always 50. A bundle change can only stage
+                    50
+
+                    bundledeployments at a time.'
+                  type: integer
+                maxUnavailable:
+                  description: 'MaxUnavailable is the maximum number of unavailable
+                    deployments. See
+
+                    rollout configuration.'
+                  type: integer
+                maxUnavailablePartitions:
+                  description: 'MaxUnavailablePartitions is the maximum number of
+                    unavailable
+
+                    partitions. The rollout configuration defines a maximum number
+                    or
+
+                    percentage of unavailable partitions.'
+                  type: integer
+                newlyCreated:
+                  description: 'NewlyCreated is the number of bundle deployments that
+                    have been created,
+
+                    not updated.'
+                  type: integer
+                observedGeneration:
+                  description: ObservedGeneration is the current generation of the
+                    bundle.
+                  format: int64
+                  type: integer
+                ociReference:
+                  description: 'OCIReference is the OCI reference used to store contents,
+                    this is
+
+                    only for informational purposes.'
+                  type: string
+                partitions:
+                  description: PartitionStatus lists the status of each partition.
+                  items:
+                    description: PartitionStatus is the status of a single rollout
+                      partition.
+                    properties:
+                      count:
+                        description: Count is the number of clusters in the partition.
+                        type: integer
+                      maxUnavailable:
+                        description: MaxUnavailable is the maximum number of unavailable
+                          clusters in the partition.
+                        type: integer
+                      name:
+                        description: Name is the name of the partition.
+                        nullable: true
+                        type: string
+                      summary:
+                        description: Summary is a summary state for the partition,
+                          calculated over its non-ready resources.
+                        properties:
+                          desiredReady:
+                            description: 'DesiredReady is the number of bundle deployments
+                              that should be
+
+                              ready.'
+                            type: integer
+                          errApplied:
+                            description: 'ErrApplied is the number of bundle deployments
+                              that have been synced
+
+                              from the Fleet controller and the downstream cluster,
+                              but with some
+
+                              errors when deploying the bundle.'
+                            type: integer
+                          modified:
+                            description: 'Modified is the number of bundle deployments
+                              that have been deployed
+
+                              and for which all resources are ready, but where some
+                              changes from the
+
+                              Git repository have not yet been synced.'
+                            type: integer
+                          nonReadyResources:
+                            description: 'NonReadyClusters is a list of states, which
+                              is filled for a bundle
+
+                              that is not ready.'
+                            items:
+                              description: 'NonReadyResource contains information
+                                about a bundle that is not ready for a
+
+                                given state like "ErrApplied". It contains a list
+                                of non-ready or modified
+
+                                resources and their states.'
+                              properties:
+                                bundleState:
+                                  description: State is the state of the resource,
+                                    like e.g. "NotReady" or "ErrApplied".
+                                  nullable: true
+                                  type: string
+                                message:
+                                  description: Message contains information why the
+                                    bundle is not ready.
+                                  nullable: true
+                                  type: string
+                                modifiedStatus:
+                                  description: ModifiedStatus lists the state for
+                                    each modified resource.
+                                  items:
+                                    description: 'ModifiedStatus is used to report
+                                      the status of a resource that is modified.
+
+                                      It indicates if the modification was a create,
+                                      a delete or a patch.'
+                                    properties:
+                                      apiVersion:
+                                        nullable: true
+                                        type: string
+                                      delete:
+                                        type: boolean
+                                      kind:
+                                        nullable: true
+                                        type: string
+                                      missing:
+                                        type: boolean
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      namespace:
+                                        nullable: true
+                                        type: string
+                                      patch:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                name:
+                                  description: Name is the name of the resource.
+                                  nullable: true
+                                  type: string
+                                nonReadyStatus:
+                                  description: NonReadyStatus lists the state for
+                                    each non-ready resource.
+                                  items:
+                                    description: NonReadyStatus is used to report
+                                      the status of a resource that is not ready.
+                                      It includes a summary.
+                                    properties:
+                                      apiVersion:
+                                        nullable: true
+                                        type: string
+                                      kind:
+                                        nullable: true
+                                        type: string
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      namespace:
+                                        nullable: true
+                                        type: string
+                                      summary:
+                                        properties:
+                                          error:
+                                            type: boolean
+                                          message:
+                                            items:
+                                              type: string
+                                            type: array
+                                          state:
+                                            type: string
+                                          transitioning:
+                                            type: boolean
+                                        type: object
+                                      uid:
+                                        description: 'UID is a type that holds unique
+                                          ID values, including UUIDs.  Because we
+
+                                          don''t ONLY use UUIDs, this is an alias
+                                          to string.  Being a type captures
+
+                                          intent and helps make sure that UIDs and
+                                          names do not get conflated.'
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          notReady:
+                            description: 'NotReady is the number of bundle deployments
+                              that have been deployed
+
+                              where some resources are not ready.'
+                            type: integer
+                          outOfSync:
+                            description: 'OutOfSync is the number of bundle deployments
+                              that have been synced
+
+                              from Fleet controller, but not yet by the downstream
+                              agent.'
+                            type: integer
+                          pending:
+                            description: 'Pending is the number of bundle deployments
+                              that are being processed
+
+                              by Fleet controller.'
+                            type: integer
+                          ready:
+                            description: 'Ready is the number of bundle deployments
+                              that have been deployed
+
+                              where all resources are ready.'
+                            type: integer
+                          waitApplied:
+                            description: 'WaitApplied is the number of bundle deployments
+                              that have been
+
+                              synced from Fleet controller and downstream cluster,
+                              but are waiting
+
+                              to be deployed.'
+                            type: integer
+                        type: object
+                      unavailable:
+                        description: Unavailable is the number of unavailable clusters
+                          in the partition.
+                        type: integer
+                    type: object
+                  type: array
+                resourceKey:
+                  description: 'ResourceKey lists resources, which will likely be
+                    deployed. The
+
+                    actual list of resources on a cluster might differ, depending
+                    on the
+
+                    helm chart, value templating, etc..'
+                  items:
+                    description: ResourceKey lists resources, which will likely be
+                      deployed.
+                    properties:
+                      apiVersion:
+                        description: APIVersion is the k8s api version of the resource.
+                        nullable: true
+                        type: string
+                      kind:
+                        description: Kind is the k8s api kind of the resource.
+                        nullable: true
+                        type: string
+                      name:
+                        description: Name is the name of the resource.
+                        nullable: true
+                        type: string
+                      namespace:
+                        description: Namespace is the namespace of the resource.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                resourcesSha256Sum:
+                  description: ResourcesSHA256Sum corresponds to the JSON serialization
+                    of the .Spec.Resources field
+                  type: string
+                summary:
+                  description: 'Summary contains the number of bundle deployments
+                    in each state and
+
+                    a list of non-ready resources.'
+                  properties:
+                    desiredReady:
+                      description: 'DesiredReady is the number of bundle deployments
+                        that should be
+
+                        ready.'
+                      type: integer
+                    errApplied:
+                      description: 'ErrApplied is the number of bundle deployments
+                        that have been synced
+
+                        from the Fleet controller and the downstream cluster, but
+                        with some
+
+                        errors when deploying the bundle.'
+                      type: integer
+                    modified:
+                      description: 'Modified is the number of bundle deployments that
+                        have been deployed
+
+                        and for which all resources are ready, but where some changes
+                        from the
+
+                        Git repository have not yet been synced.'
+                      type: integer
+                    nonReadyResources:
+                      description: 'NonReadyClusters is a list of states, which is
+                        filled for a bundle
+
+                        that is not ready.'
+                      items:
+                        description: 'NonReadyResource contains information about
+                          a bundle that is not ready for a
+
+                          given state like "ErrApplied". It contains a list of non-ready
+                          or modified
+
+                          resources and their states.'
+                        properties:
+                          bundleState:
+                            description: State is the state of the resource, like
+                              e.g. "NotReady" or "ErrApplied".
+                            nullable: true
+                            type: string
+                          message:
+                            description: Message contains information why the bundle
+                              is not ready.
+                            nullable: true
+                            type: string
+                          modifiedStatus:
+                            description: ModifiedStatus lists the state for each modified
+                              resource.
+                            items:
+                              description: 'ModifiedStatus is used to report the status
+                                of a resource that is modified.
+
+                                It indicates if the modification was a create, a delete
+                                or a patch.'
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                delete:
+                                  type: boolean
+                                kind:
+                                  nullable: true
+                                  type: string
+                                missing:
+                                  type: boolean
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                patch:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          name:
+                            description: Name is the name of the resource.
+                            nullable: true
+                            type: string
+                          nonReadyStatus:
+                            description: NonReadyStatus lists the state for each non-ready
+                              resource.
+                            items:
+                              description: NonReadyStatus is used to report the status
+                                of a resource that is not ready. It includes a summary.
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                kind:
+                                  nullable: true
+                                  type: string
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                summary:
+                                  properties:
+                                    error:
+                                      type: boolean
+                                    message:
+                                      items:
+                                        type: string
+                                      type: array
+                                    state:
+                                      type: string
+                                    transitioning:
+                                      type: boolean
+                                  type: object
+                                uid:
+                                  description: 'UID is a type that holds unique ID
+                                    values, including UUIDs.  Because we
+
+                                    don''t ONLY use UUIDs, this is an alias to string.  Being
+                                    a type captures
+
+                                    intent and helps make sure that UIDs and names
+                                    do not get conflated.'
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    notReady:
+                      description: 'NotReady is the number of bundle deployments that
+                        have been deployed
+
+                        where some resources are not ready.'
+                      type: integer
+                    outOfSync:
+                      description: 'OutOfSync is the number of bundle deployments
+                        that have been synced
+
+                        from Fleet controller, but not yet by the downstream agent.'
+                      type: integer
+                    pending:
+                      description: 'Pending is the number of bundle deployments that
+                        are being processed
+
+                        by Fleet controller.'
+                      type: integer
+                    ready:
+                      description: 'Ready is the number of bundle deployments that
+                        have been deployed
+
+                        where all resources are ready.'
+                      type: integer
+                    waitApplied:
+                      description: 'WaitApplied is the number of bundle deployments
+                        that have been
+
+                        synced from Fleet controller and downstream cluster, but are
+                        waiting
+
+                        to be deployed.'
+                      type: integer
+                  type: object
+                unavailable:
+                  description: 'Unavailable is the number of bundle deployments that
+                    are not ready or
+
+                    where the AppliedDeploymentID in the status does not match the
+
+                    DeploymentID from the spec.'
+                  type: integer
+                unavailablePartitions:
+                  description: UnavailablePartitions is the number of unavailable
+                    partitions.
+                  type: integer
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: clustergroups.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    categories:
+      - fleet
+    kind: ClusterGroup
+    listKind: ClusterGroupList
+    plural: clustergroups
+    singular: clustergroup
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.display.readyClusters
+          name: Clusters-Ready
+          type: string
+        - jsonPath: .status.display.readyBundles
+          name: Bundles-Ready
+          type: string
+        - jsonPath: .status.conditions[?(@.type=="Ready")].message
+          name: Status
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: ClusterGroup is a re-usable selector to target a group of clusters.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                selector:
+                  description: Selector is a label selector, used to select clusters
+                    for this group.
+                  nullable: true
+                  properties:
+                    matchExpressions:
+                      description: matchExpressions is a list of label selector requirements.
+                        The requirements are ANDed.
+                      items:
+                        description: 'A label selector requirement is a selector that
+                          contains values, a key, and an operator that
+
+                          relates the key and values.'
+                        properties:
+                          key:
+                            description: key is the label key that the selector applies
+                              to.
+                            type: string
+                          operator:
+                            description: 'operator represents a key''s relationship
+                              to a set of values.
+
+                              Valid operators are In, NotIn, Exists and DoesNotExist.'
+                            type: string
+                          values:
+                            description: 'values is an array of string values. If
+                              the operator is In or NotIn,
+
+                              the values array must be non-empty. If the operator
+                              is Exists or DoesNotExist,
+
+                              the values array must be empty. This array is replaced
+                              during a strategic
+
+                              merge patch.'
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        required:
+                          - key
+                          - operator
+                        type: object
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    matchLabels:
+                      additionalProperties:
+                        type: string
+                      description: 'matchLabels is a map of {key,value} pairs. A single
+                        {key,value} in the matchLabels
+
+                        map is equivalent to an element of matchExpressions, whose
+                        key field is "key", the
+
+                        operator is "In", and the values array contains only "value".
+                        The requirements are ANDed.'
+                      type: object
+                  type: object
+                  x-kubernetes-map-type: atomic
+              type: object
+            status:
+              properties:
+                clusterCount:
+                  description: ClusterCount is the number of clusters in the cluster
+                    group.
+                  type: integer
+                conditions:
+                  description: Conditions is a list of conditions and their statuses
+                    for the cluster group.
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        type: string
+                    required:
+                      - status
+                      - type
+                    type: object
+                  type: array
+                display:
+                  description: 'Display contains the number of ready, desiredready
+                    clusters and a
+
+                    summary state for the bundle''s resources.'
+                  properties:
+                    readyBundles:
+                      description: 'ReadyBundles is a string in the form "%d/%d",
+                        that describes the
+
+                        number of bundles that are ready vs. the number of bundles
+                        desired
+
+                        to be ready.'
+                      nullable: true
+                      type: string
+                    readyClusters:
+                      description: 'ReadyClusters is a string in the form "%d/%d",
+                        that describes the
+
+                        number of clusters that are ready vs. the number of clusters
+                        desired
+
+                        to be ready.'
+                      nullable: true
+                      type: string
+                    state:
+                      description: 'State is a summary state for the cluster group,
+                        showing "NotReady" if
+
+                        there are non-ready resources.'
+                      nullable: true
+                      type: string
+                  type: object
+                nonReadyClusterCount:
+                  description: NonReadyClusterCount is the number of clusters that
+                    are not ready.
+                  type: integer
+                nonReadyClusters:
+                  description: NonReadyClusters is a list of cluster names that are
+                    not ready.
+                  items:
+                    type: string
+                  nullable: true
+                  type: array
+                resourceCounts:
+                  description: 'ResourceCounts contains the number of resources in
+                    each state over
+
+                    all bundles in the cluster group.'
+                  properties:
+                    desiredReady:
+                      description: DesiredReady is the number of resources that should
+                        be ready.
+                      type: integer
+                    missing:
+                      description: Missing is the number of missing resources.
+                      type: integer
+                    modified:
+                      description: Modified is the number of resources that have been
+                        modified.
+                      type: integer
+                    notReady:
+                      description: 'NotReady is the number of not ready resources.
+                        Resources are not
+
+                        ready if they do not match any other state.'
+                      type: integer
+                    orphaned:
+                      description: Orphaned is the number of orphaned resources.
+                      type: integer
+                    ready:
+                      description: Ready is the number of ready resources.
+                      type: integer
+                    unknown:
+                      description: Unknown is the number of resources in an unknown
+                        state.
+                      type: integer
+                    waitApplied:
+                      description: WaitApplied is the number of resources that are
+                        waiting to be applied.
+                      type: integer
+                  type: object
+                summary:
+                  description: 'Summary is a summary of the bundle deployments and
+                    their resources
+
+                    in the cluster group.'
+                  properties:
+                    desiredReady:
+                      description: 'DesiredReady is the number of bundle deployments
+                        that should be
+
+                        ready.'
+                      type: integer
+                    errApplied:
+                      description: 'ErrApplied is the number of bundle deployments
+                        that have been synced
+
+                        from the Fleet controller and the downstream cluster, but
+                        with some
+
+                        errors when deploying the bundle.'
+                      type: integer
+                    modified:
+                      description: 'Modified is the number of bundle deployments that
+                        have been deployed
+
+                        and for which all resources are ready, but where some changes
+                        from the
+
+                        Git repository have not yet been synced.'
+                      type: integer
+                    nonReadyResources:
+                      description: 'NonReadyClusters is a list of states, which is
+                        filled for a bundle
+
+                        that is not ready.'
+                      items:
+                        description: 'NonReadyResource contains information about
+                          a bundle that is not ready for a
+
+                          given state like "ErrApplied". It contains a list of non-ready
+                          or modified
+
+                          resources and their states.'
+                        properties:
+                          bundleState:
+                            description: State is the state of the resource, like
+                              e.g. "NotReady" or "ErrApplied".
+                            nullable: true
+                            type: string
+                          message:
+                            description: Message contains information why the bundle
+                              is not ready.
+                            nullable: true
+                            type: string
+                          modifiedStatus:
+                            description: ModifiedStatus lists the state for each modified
+                              resource.
+                            items:
+                              description: 'ModifiedStatus is used to report the status
+                                of a resource that is modified.
+
+                                It indicates if the modification was a create, a delete
+                                or a patch.'
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                delete:
+                                  type: boolean
+                                kind:
+                                  nullable: true
+                                  type: string
+                                missing:
+                                  type: boolean
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                patch:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          name:
+                            description: Name is the name of the resource.
+                            nullable: true
+                            type: string
+                          nonReadyStatus:
+                            description: NonReadyStatus lists the state for each non-ready
+                              resource.
+                            items:
+                              description: NonReadyStatus is used to report the status
+                                of a resource that is not ready. It includes a summary.
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                kind:
+                                  nullable: true
+                                  type: string
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                summary:
+                                  properties:
+                                    error:
+                                      type: boolean
+                                    message:
+                                      items:
+                                        type: string
+                                      type: array
+                                    state:
+                                      type: string
+                                    transitioning:
+                                      type: boolean
+                                  type: object
+                                uid:
+                                  description: 'UID is a type that holds unique ID
+                                    values, including UUIDs.  Because we
+
+                                    don''t ONLY use UUIDs, this is an alias to string.  Being
+                                    a type captures
+
+                                    intent and helps make sure that UIDs and names
+                                    do not get conflated.'
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    notReady:
+                      description: 'NotReady is the number of bundle deployments that
+                        have been deployed
+
+                        where some resources are not ready.'
+                      type: integer
+                    outOfSync:
+                      description: 'OutOfSync is the number of bundle deployments
+                        that have been synced
+
+                        from Fleet controller, but not yet by the downstream agent.'
+                      type: integer
+                    pending:
+                      description: 'Pending is the number of bundle deployments that
+                        are being processed
+
+                        by Fleet controller.'
+                      type: integer
+                    ready:
+                      description: 'Ready is the number of bundle deployments that
+                        have been deployed
+
+                        where all resources are ready.'
+                      type: integer
+                    waitApplied:
+                      description: 'WaitApplied is the number of bundle deployments
+                        that have been
+
+                        synced from Fleet controller and downstream cluster, but are
+                        waiting
+
+                        to be deployed.'
+                      type: integer
+                  type: object
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: clusterregistrations.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: ClusterRegistration
+    listKind: ClusterRegistrationList
+    plural: clusterregistrations
+    singular: clusterregistration
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.clusterName
+          name: Cluster-Name
+          type: string
+        - jsonPath: .spec.clusterLabels
+          name: Labels
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: ClusterRegistration is used internally by Fleet and should
+            not be used directly.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                clientID:
+                  description: 'ClientID is a unique string that will identify the
+                    cluster. The
+
+                    agent either uses the configured ID or the kubeSystem.UID.'
+                  nullable: true
+                  type: string
+                clientRandom:
+                  description: 'ClientRandom is a random string that the agent generates.
+                    When
+
+                    fleet-controller grants a registration, it creates a registration
+
+                    secret with this string in the name.'
+                  nullable: true
+                  type: string
+                clusterLabels:
+                  additionalProperties:
+                    type: string
+                  description: ClusterLabels are copied to the cluster resource during
+                    the registration.
+                  nullable: true
+                  type: object
+              type: object
+            status:
+              properties:
+                clusterName:
+                  description: 'ClusterName is only set after the registration is
+                    being processed by
+
+                    fleet-controller.'
+                  nullable: true
+                  type: string
+                granted:
+                  description: 'Granted is set to true, if the request service account
+                    is present
+
+                    and its token secret exists. This happens directly before creating
+
+                    the registration secret, roles and rolebindings.'
+                  type: boolean
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: clusterregistrationtokens.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: ClusterRegistrationToken
+    listKind: ClusterRegistrationTokenList
+    plural: clusterregistrationtokens
+    singular: clusterregistrationtoken
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.secretName
+          name: Secret-Name
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: ClusterRegistrationToken is used by agents to register a new
+            cluster.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                ttl:
+                  description: 'TTL is the time to live for the token. It is used
+                    to calculate the
+
+                    expiration time. If the token expires, it will be deleted.'
+                  nullable: true
+                  type: string
+              type: object
+            status:
+              properties:
+                expires:
+                  description: Expires is the time when the token expires.
+                  format: date-time
+                  type: string
+                secretName:
+                  description: SecretName is the name of the secret containing the
+                    token.
+                  nullable: true
+                  type: string
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: clusters.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: Cluster
+    listKind: ClusterList
+    plural: clusters
+    singular: cluster
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.display.readyBundles
+          name: Bundles-Ready
+          type: string
+        - jsonPath: .status.agent.lastSeen
+          name: Last-Seen
+          type: string
+        - jsonPath: .status.conditions[?(@.type=="Ready")].message
+          name: Status
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: 'Cluster corresponds to a Kubernetes cluster. Fleet deploys
+            bundles to targeted clusters.
+
+            Clusters to which Fleet deploys manifests are referred to as downstream
+
+            clusters. In the single cluster use case, the Fleet manager Kubernetes
+
+            cluster is both the manager and downstream cluster at the same time.'
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                agentAffinity:
+                  description: 'AgentAffinity overrides the default affinity for the
+                    cluster''s agent
+
+                    deployment. If this value is nil the default affinity is used.'
+                  nullable: true
+                  properties:
+                    nodeAffinity:
+                      description: Describes node affinity scheduling rules for the
+                        pod.
+                      properties:
+                        preferredDuringSchedulingIgnoredDuringExecution:
+                          description: 'The scheduler will prefer to schedule pods
+                            to nodes that satisfy
+
+                            the affinity expressions specified by this field, but
+                            it may choose
+
+                            a node that violates one or more of the expressions. The
+                            node that is
+
+                            most preferred is the one with the greatest sum of weights,
+                            i.e.
+
+                            for each node that meets all of the scheduling requirements
+                            (resource
+
+                            request, requiredDuringScheduling affinity expressions,
+                            etc.),
+
+                            compute a sum by iterating through the elements of this
+                            field and adding
+
+                            "weight" to the sum if the node matches the corresponding
+                            matchExpressions; the
+
+                            node(s) with the highest sum are the most preferred.'
+                          items:
+                            description: 'An empty preferred scheduling term matches
+                              all objects with implicit weight 0
+
+                              (i.e. it''s a no-op). A null preferred scheduling term
+                              matches no objects (i.e. is also a no-op).'
+                            properties:
+                              preference:
+                                description: A node selector term, associated with
+                                  the corresponding weight.
+                                properties:
+                                  matchExpressions:
+                                    description: A list of node selector requirements
+                                      by node's labels.
+                                    items:
+                                      description: 'A node selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator
+
+                                        that relates the key and values.'
+                                      properties:
+                                        key:
+                                          description: The label key that the selector
+                                            applies to.
+                                          type: string
+                                        operator:
+                                          description: 'Represents a key''s relationship
+                                            to a set of values.
+
+                                            Valid operators are In, NotIn, Exists,
+                                            DoesNotExist. Gt, and Lt.'
+                                          type: string
+                                        values:
+                                          description: 'An array of string values.
+                                            If the operator is In or NotIn,
+
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+
+                                            the values array must be empty. If the
+                                            operator is Gt or Lt, the values
+
+                                            array must have a single element, which
+                                            will be interpreted as an integer.
+
+                                            This array is replaced during a strategic
+                                            merge patch.'
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      required:
+                                        - key
+                                        - operator
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  matchFields:
+                                    description: A list of node selector requirements
+                                      by node's fields.
+                                    items:
+                                      description: 'A node selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator
+
+                                        that relates the key and values.'
+                                      properties:
+                                        key:
+                                          description: The label key that the selector
+                                            applies to.
+                                          type: string
+                                        operator:
+                                          description: 'Represents a key''s relationship
+                                            to a set of values.
+
+                                            Valid operators are In, NotIn, Exists,
+                                            DoesNotExist. Gt, and Lt.'
+                                          type: string
+                                        values:
+                                          description: 'An array of string values.
+                                            If the operator is In or NotIn,
+
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+
+                                            the values array must be empty. If the
+                                            operator is Gt or Lt, the values
+
+                                            array must have a single element, which
+                                            will be interpreted as an integer.
+
+                                            This array is replaced during a strategic
+                                            merge patch.'
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      required:
+                                        - key
+                                        - operator
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              weight:
+                                description: Weight associated with matching the corresponding
+                                  nodeSelectorTerm, in the range 1-100.
+                                format: int32
+                                type: integer
+                            required:
+                              - preference
+                              - weight
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        requiredDuringSchedulingIgnoredDuringExecution:
+                          description: 'If the affinity requirements specified by
+                            this field are not met at
+
+                            scheduling time, the pod will not be scheduled onto the
+                            node.
+
+                            If the affinity requirements specified by this field cease
+                            to be met
+
+                            at some point during pod execution (e.g. due to an update),
+                            the system
+
+                            may or may not try to eventually evict the pod from its
+                            node.'
+                          properties:
+                            nodeSelectorTerms:
+                              description: Required. A list of node selector terms.
+                                The terms are ORed.
+                              items:
+                                description: 'A null or empty node selector term matches
+                                  no objects. The requirements of
+
+                                  them are ANDed.
+
+                                  The TopologySelectorTerm type implements a subset
+                                  of the NodeSelectorTerm.'
+                                properties:
+                                  matchExpressions:
+                                    description: A list of node selector requirements
+                                      by node's labels.
+                                    items:
+                                      description: 'A node selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator
+
+                                        that relates the key and values.'
+                                      properties:
+                                        key:
+                                          description: The label key that the selector
+                                            applies to.
+                                          type: string
+                                        operator:
+                                          description: 'Represents a key''s relationship
+                                            to a set of values.
+
+                                            Valid operators are In, NotIn, Exists,
+                                            DoesNotExist. Gt, and Lt.'
+                                          type: string
+                                        values:
+                                          description: 'An array of string values.
+                                            If the operator is In or NotIn,
+
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+
+                                            the values array must be empty. If the
+                                            operator is Gt or Lt, the values
+
+                                            array must have a single element, which
+                                            will be interpreted as an integer.
+
+                                            This array is replaced during a strategic
+                                            merge patch.'
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      required:
+                                        - key
+                                        - operator
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  matchFields:
+                                    description: A list of node selector requirements
+                                      by node's fields.
+                                    items:
+                                      description: 'A node selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator
+
+                                        that relates the key and values.'
+                                      properties:
+                                        key:
+                                          description: The label key that the selector
+                                            applies to.
+                                          type: string
+                                        operator:
+                                          description: 'Represents a key''s relationship
+                                            to a set of values.
+
+                                            Valid operators are In, NotIn, Exists,
+                                            DoesNotExist. Gt, and Lt.'
+                                          type: string
+                                        values:
+                                          description: 'An array of string values.
+                                            If the operator is In or NotIn,
+
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+
+                                            the values array must be empty. If the
+                                            operator is Gt or Lt, the values
+
+                                            array must have a single element, which
+                                            will be interpreted as an integer.
+
+                                            This array is replaced during a strategic
+                                            merge patch.'
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      required:
+                                        - key
+                                        - operator
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          required:
+                            - nodeSelectorTerms
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
+                    podAffinity:
+                      description: Describes pod affinity scheduling rules (e.g. co-locate
+                        this pod in the same node, zone, etc. as some other pod(s)).
+                      properties:
+                        preferredDuringSchedulingIgnoredDuringExecution:
+                          description: 'The scheduler will prefer to schedule pods
+                            to nodes that satisfy
+
+                            the affinity expressions specified by this field, but
+                            it may choose
+
+                            a node that violates one or more of the expressions. The
+                            node that is
+
+                            most preferred is the one with the greatest sum of weights,
+                            i.e.
+
+                            for each node that meets all of the scheduling requirements
+                            (resource
+
+                            request, requiredDuringScheduling affinity expressions,
+                            etc.),
+
+                            compute a sum by iterating through the elements of this
+                            field and adding
+
+                            "weight" to the sum if the node has pods which matches
+                            the corresponding podAffinityTerm; the
+
+                            node(s) with the highest sum are the most preferred.'
+                          items:
+                            description: The weights of all of the matched WeightedPodAffinityTerm
+                              fields are added per-node to find the most preferred
+                              node(s)
+                            properties:
+                              podAffinityTerm:
+                                description: Required. A pod affinity term, associated
+                                  with the corresponding weight.
+                                properties:
+                                  labelSelector:
+                                    description: 'A label query over a set of resources,
+                                      in this case pods.
+
+                                      If it''s null, this PodAffinityTerm matches
+                                      with no Pods.'
+                                    properties:
+                                      matchExpressions:
+                                        description: matchExpressions is a list of
+                                          label selector requirements. The requirements
+                                          are ANDed.
+                                        items:
+                                          description: 'A label selector requirement
+                                            is a selector that contains values, a
+                                            key, and an operator that
+
+                                            relates the key and values.'
+                                          properties:
+                                            key:
+                                              description: key is the label key that
+                                                the selector applies to.
+                                              type: string
+                                            operator:
+                                              description: 'operator represents a
+                                                key''s relationship to a set of values.
+
+                                                Valid operators are In, NotIn, Exists
+                                                and DoesNotExist.'
+                                              type: string
+                                            values:
+                                              description: 'values is an array of
+                                                string values. If the operator is
+                                                In or NotIn,
+
+                                                the values array must be non-empty.
+                                                If the operator is Exists or DoesNotExist,
+
+                                                the values array must be empty. This
+                                                array is replaced during a strategic
+
+                                                merge patch.'
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          required:
+                                            - key
+                                            - operator
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      matchLabels:
+                                        additionalProperties:
+                                          type: string
+                                        description: 'matchLabels is a map of {key,value}
+                                          pairs. A single {key,value} in the matchLabels
+
+                                          map is equivalent to an element of matchExpressions,
+                                          whose key field is "key", the
+
+                                          operator is "In", and the values array contains
+                                          only "value". The requirements are ANDed.'
+                                        type: object
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  matchLabelKeys:
+                                    description: 'MatchLabelKeys is a set of pod label
+                                      keys to select which pods will
+
+                                      be taken into consideration. The keys are used
+                                      to lookup values from the
+
+                                      incoming pod labels, those key-value labels
+                                      are merged with `labelSelector` as `key in (value)`
+
+                                      to select the group of existing pods which pods
+                                      will be taken into consideration
+
+                                      for the incoming pod''s pod (anti) affinity.
+                                      Keys that don''t exist in the incoming
+
+                                      pod labels will be ignored. The default value
+                                      is empty.
+
+                                      The same key is forbidden to exist in both matchLabelKeys
+                                      and labelSelector.
+
+                                      Also, matchLabelKeys cannot be set when labelSelector
+                                      isn''t set.
+
+                                      This is an alpha field and requires enabling
+                                      MatchLabelKeysInPodAffinity feature gate.'
+                                    items:
+                                      type: string
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  mismatchLabelKeys:
+                                    description: 'MismatchLabelKeys is a set of pod
+                                      label keys to select which pods will
+
+                                      be taken into consideration. The keys are used
+                                      to lookup values from the
+
+                                      incoming pod labels, those key-value labels
+                                      are merged with `labelSelector` as `key notin
+                                      (value)`
+
+                                      to select the group of existing pods which pods
+                                      will be taken into consideration
+
+                                      for the incoming pod''s pod (anti) affinity.
+                                      Keys that don''t exist in the incoming
+
+                                      pod labels will be ignored. The default value
+                                      is empty.
+
+                                      The same key is forbidden to exist in both mismatchLabelKeys
+                                      and labelSelector.
+
+                                      Also, mismatchLabelKeys cannot be set when labelSelector
+                                      isn''t set.
+
+                                      This is an alpha field and requires enabling
+                                      MatchLabelKeysInPodAffinity feature gate.'
+                                    items:
+                                      type: string
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  namespaceSelector:
+                                    description: 'A label query over the set of namespaces
+                                      that the term applies to.
+
+                                      The term is applied to the union of the namespaces
+                                      selected by this field
+
+                                      and the ones listed in the namespaces field.
+
+                                      null selector and null or empty namespaces list
+                                      means "this pod''s namespace".
+
+                                      An empty selector ({}) matches all namespaces.'
+                                    properties:
+                                      matchExpressions:
+                                        description: matchExpressions is a list of
+                                          label selector requirements. The requirements
+                                          are ANDed.
+                                        items:
+                                          description: 'A label selector requirement
+                                            is a selector that contains values, a
+                                            key, and an operator that
+
+                                            relates the key and values.'
+                                          properties:
+                                            key:
+                                              description: key is the label key that
+                                                the selector applies to.
+                                              type: string
+                                            operator:
+                                              description: 'operator represents a
+                                                key''s relationship to a set of values.
+
+                                                Valid operators are In, NotIn, Exists
+                                                and DoesNotExist.'
+                                              type: string
+                                            values:
+                                              description: 'values is an array of
+                                                string values. If the operator is
+                                                In or NotIn,
+
+                                                the values array must be non-empty.
+                                                If the operator is Exists or DoesNotExist,
+
+                                                the values array must be empty. This
+                                                array is replaced during a strategic
+
+                                                merge patch.'
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          required:
+                                            - key
+                                            - operator
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      matchLabels:
+                                        additionalProperties:
+                                          type: string
+                                        description: 'matchLabels is a map of {key,value}
+                                          pairs. A single {key,value} in the matchLabels
+
+                                          map is equivalent to an element of matchExpressions,
+                                          whose key field is "key", the
+
+                                          operator is "In", and the values array contains
+                                          only "value". The requirements are ANDed.'
+                                        type: object
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  namespaces:
+                                    description: 'namespaces specifies a static list
+                                      of namespace names that the term applies to.
+
+                                      The term is applied to the union of the namespaces
+                                      listed in this field
+
+                                      and the ones selected by namespaceSelector.
+
+                                      null or empty namespaces list and null namespaceSelector
+                                      means "this pod''s namespace".'
+                                    items:
+                                      type: string
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  topologyKey:
+                                    description: 'This pod should be co-located (affinity)
+                                      or not co-located (anti-affinity) with the pods
+                                      matching
+
+                                      the labelSelector in the specified namespaces,
+                                      where co-located is defined as running on a
+                                      node
+
+                                      whose value of the label with key topologyKey
+                                      matches that of any node on which any of the
+
+                                      selected pods is running.
+
+                                      Empty topologyKey is not allowed.'
+                                    type: string
+                                required:
+                                  - topologyKey
+                                type: object
+                              weight:
+                                description: 'weight associated with matching the
+                                  corresponding podAffinityTerm,
+
+                                  in the range 1-100.'
+                                format: int32
+                                type: integer
+                            required:
+                              - podAffinityTerm
+                              - weight
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        requiredDuringSchedulingIgnoredDuringExecution:
+                          description: 'If the affinity requirements specified by
+                            this field are not met at
+
+                            scheduling time, the pod will not be scheduled onto the
+                            node.
+
+                            If the affinity requirements specified by this field cease
+                            to be met
+
+                            at some point during pod execution (e.g. due to a pod
+                            label update), the
+
+                            system may or may not try to eventually evict the pod
+                            from its node.
+
+                            When there are multiple elements, the lists of nodes corresponding
+                            to each
+
+                            podAffinityTerm are intersected, i.e. all terms must be
+                            satisfied.'
+                          items:
+                            description: 'Defines a set of pods (namely those matching
+                              the labelSelector
+
+                              relative to the given namespace(s)) that this pod should
+                              be
+
+                              co-located (affinity) or not co-located (anti-affinity)
+                              with,
+
+                              where co-located is defined as running on a node whose
+                              value of
+
+                              the label with key <topologyKey> matches that of any
+                              node on which
+
+                              a pod of the set of pods is running'
+                            properties:
+                              labelSelector:
+                                description: 'A label query over a set of resources,
+                                  in this case pods.
+
+                                  If it''s null, this PodAffinityTerm matches with
+                                  no Pods.'
+                                properties:
+                                  matchExpressions:
+                                    description: matchExpressions is a list of label
+                                      selector requirements. The requirements are
+                                      ANDed.
+                                    items:
+                                      description: 'A label selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that
+
+                                        relates the key and values.'
+                                      properties:
+                                        key:
+                                          description: key is the label key that the
+                                            selector applies to.
+                                          type: string
+                                        operator:
+                                          description: 'operator represents a key''s
+                                            relationship to a set of values.
+
+                                            Valid operators are In, NotIn, Exists
+                                            and DoesNotExist.'
+                                          type: string
+                                        values:
+                                          description: 'values is an array of string
+                                            values. If the operator is In or NotIn,
+
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+
+                                            the values array must be empty. This array
+                                            is replaced during a strategic
+
+                                            merge patch.'
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      required:
+                                        - key
+                                        - operator
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  matchLabels:
+                                    additionalProperties:
+                                      type: string
+                                    description: 'matchLabels is a map of {key,value}
+                                      pairs. A single {key,value} in the matchLabels
+
+                                      map is equivalent to an element of matchExpressions,
+                                      whose key field is "key", the
+
+                                      operator is "In", and the values array contains
+                                      only "value". The requirements are ANDed.'
+                                    type: object
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              matchLabelKeys:
+                                description: 'MatchLabelKeys is a set of pod label
+                                  keys to select which pods will
+
+                                  be taken into consideration. The keys are used to
+                                  lookup values from the
+
+                                  incoming pod labels, those key-value labels are
+                                  merged with `labelSelector` as `key in (value)`
+
+                                  to select the group of existing pods which pods
+                                  will be taken into consideration
+
+                                  for the incoming pod''s pod (anti) affinity. Keys
+                                  that don''t exist in the incoming
+
+                                  pod labels will be ignored. The default value is
+                                  empty.
+
+                                  The same key is forbidden to exist in both matchLabelKeys
+                                  and labelSelector.
+
+                                  Also, matchLabelKeys cannot be set when labelSelector
+                                  isn''t set.
+
+                                  This is an alpha field and requires enabling MatchLabelKeysInPodAffinity
+                                  feature gate.'
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              mismatchLabelKeys:
+                                description: 'MismatchLabelKeys is a set of pod label
+                                  keys to select which pods will
+
+                                  be taken into consideration. The keys are used to
+                                  lookup values from the
+
+                                  incoming pod labels, those key-value labels are
+                                  merged with `labelSelector` as `key notin (value)`
+
+                                  to select the group of existing pods which pods
+                                  will be taken into consideration
+
+                                  for the incoming pod''s pod (anti) affinity. Keys
+                                  that don''t exist in the incoming
+
+                                  pod labels will be ignored. The default value is
+                                  empty.
+
+                                  The same key is forbidden to exist in both mismatchLabelKeys
+                                  and labelSelector.
+
+                                  Also, mismatchLabelKeys cannot be set when labelSelector
+                                  isn''t set.
+
+                                  This is an alpha field and requires enabling MatchLabelKeysInPodAffinity
+                                  feature gate.'
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              namespaceSelector:
+                                description: 'A label query over the set of namespaces
+                                  that the term applies to.
+
+                                  The term is applied to the union of the namespaces
+                                  selected by this field
+
+                                  and the ones listed in the namespaces field.
+
+                                  null selector and null or empty namespaces list
+                                  means "this pod''s namespace".
+
+                                  An empty selector ({}) matches all namespaces.'
+                                properties:
+                                  matchExpressions:
+                                    description: matchExpressions is a list of label
+                                      selector requirements. The requirements are
+                                      ANDed.
+                                    items:
+                                      description: 'A label selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that
+
+                                        relates the key and values.'
+                                      properties:
+                                        key:
+                                          description: key is the label key that the
+                                            selector applies to.
+                                          type: string
+                                        operator:
+                                          description: 'operator represents a key''s
+                                            relationship to a set of values.
+
+                                            Valid operators are In, NotIn, Exists
+                                            and DoesNotExist.'
+                                          type: string
+                                        values:
+                                          description: 'values is an array of string
+                                            values. If the operator is In or NotIn,
+
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+
+                                            the values array must be empty. This array
+                                            is replaced during a strategic
+
+                                            merge patch.'
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      required:
+                                        - key
+                                        - operator
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  matchLabels:
+                                    additionalProperties:
+                                      type: string
+                                    description: 'matchLabels is a map of {key,value}
+                                      pairs. A single {key,value} in the matchLabels
+
+                                      map is equivalent to an element of matchExpressions,
+                                      whose key field is "key", the
+
+                                      operator is "In", and the values array contains
+                                      only "value". The requirements are ANDed.'
+                                    type: object
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              namespaces:
+                                description: 'namespaces specifies a static list of
+                                  namespace names that the term applies to.
+
+                                  The term is applied to the union of the namespaces
+                                  listed in this field
+
+                                  and the ones selected by namespaceSelector.
+
+                                  null or empty namespaces list and null namespaceSelector
+                                  means "this pod''s namespace".'
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              topologyKey:
+                                description: 'This pod should be co-located (affinity)
+                                  or not co-located (anti-affinity) with the pods
+                                  matching
+
+                                  the labelSelector in the specified namespaces, where
+                                  co-located is defined as running on a node
+
+                                  whose value of the label with key topologyKey matches
+                                  that of any node on which any of the
+
+                                  selected pods is running.
+
+                                  Empty topologyKey is not allowed.'
+                                type: string
+                            required:
+                              - topologyKey
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                      type: object
+                    podAntiAffinity:
+                      description: Describes pod anti-affinity scheduling rules (e.g.
+                        avoid putting this pod in the same node, zone, etc. as some
+                        other pod(s)).
+                      properties:
+                        preferredDuringSchedulingIgnoredDuringExecution:
+                          description: 'The scheduler will prefer to schedule pods
+                            to nodes that satisfy
+
+                            the anti-affinity expressions specified by this field,
+                            but it may choose
+
+                            a node that violates one or more of the expressions. The
+                            node that is
+
+                            most preferred is the one with the greatest sum of weights,
+                            i.e.
+
+                            for each node that meets all of the scheduling requirements
+                            (resource
+
+                            request, requiredDuringScheduling anti-affinity expressions,
+                            etc.),
+
+                            compute a sum by iterating through the elements of this
+                            field and adding
+
+                            "weight" to the sum if the node has pods which matches
+                            the corresponding podAffinityTerm; the
+
+                            node(s) with the highest sum are the most preferred.'
+                          items:
+                            description: The weights of all of the matched WeightedPodAffinityTerm
+                              fields are added per-node to find the most preferred
+                              node(s)
+                            properties:
+                              podAffinityTerm:
+                                description: Required. A pod affinity term, associated
+                                  with the corresponding weight.
+                                properties:
+                                  labelSelector:
+                                    description: 'A label query over a set of resources,
+                                      in this case pods.
+
+                                      If it''s null, this PodAffinityTerm matches
+                                      with no Pods.'
+                                    properties:
+                                      matchExpressions:
+                                        description: matchExpressions is a list of
+                                          label selector requirements. The requirements
+                                          are ANDed.
+                                        items:
+                                          description: 'A label selector requirement
+                                            is a selector that contains values, a
+                                            key, and an operator that
+
+                                            relates the key and values.'
+                                          properties:
+                                            key:
+                                              description: key is the label key that
+                                                the selector applies to.
+                                              type: string
+                                            operator:
+                                              description: 'operator represents a
+                                                key''s relationship to a set of values.
+
+                                                Valid operators are In, NotIn, Exists
+                                                and DoesNotExist.'
+                                              type: string
+                                            values:
+                                              description: 'values is an array of
+                                                string values. If the operator is
+                                                In or NotIn,
+
+                                                the values array must be non-empty.
+                                                If the operator is Exists or DoesNotExist,
+
+                                                the values array must be empty. This
+                                                array is replaced during a strategic
+
+                                                merge patch.'
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          required:
+                                            - key
+                                            - operator
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      matchLabels:
+                                        additionalProperties:
+                                          type: string
+                                        description: 'matchLabels is a map of {key,value}
+                                          pairs. A single {key,value} in the matchLabels
+
+                                          map is equivalent to an element of matchExpressions,
+                                          whose key field is "key", the
+
+                                          operator is "In", and the values array contains
+                                          only "value". The requirements are ANDed.'
+                                        type: object
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  matchLabelKeys:
+                                    description: 'MatchLabelKeys is a set of pod label
+                                      keys to select which pods will
+
+                                      be taken into consideration. The keys are used
+                                      to lookup values from the
+
+                                      incoming pod labels, those key-value labels
+                                      are merged with `labelSelector` as `key in (value)`
+
+                                      to select the group of existing pods which pods
+                                      will be taken into consideration
+
+                                      for the incoming pod''s pod (anti) affinity.
+                                      Keys that don''t exist in the incoming
+
+                                      pod labels will be ignored. The default value
+                                      is empty.
+
+                                      The same key is forbidden to exist in both matchLabelKeys
+                                      and labelSelector.
+
+                                      Also, matchLabelKeys cannot be set when labelSelector
+                                      isn''t set.
+
+                                      This is an alpha field and requires enabling
+                                      MatchLabelKeysInPodAffinity feature gate.'
+                                    items:
+                                      type: string
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  mismatchLabelKeys:
+                                    description: 'MismatchLabelKeys is a set of pod
+                                      label keys to select which pods will
+
+                                      be taken into consideration. The keys are used
+                                      to lookup values from the
+
+                                      incoming pod labels, those key-value labels
+                                      are merged with `labelSelector` as `key notin
+                                      (value)`
+
+                                      to select the group of existing pods which pods
+                                      will be taken into consideration
+
+                                      for the incoming pod''s pod (anti) affinity.
+                                      Keys that don''t exist in the incoming
+
+                                      pod labels will be ignored. The default value
+                                      is empty.
+
+                                      The same key is forbidden to exist in both mismatchLabelKeys
+                                      and labelSelector.
+
+                                      Also, mismatchLabelKeys cannot be set when labelSelector
+                                      isn''t set.
+
+                                      This is an alpha field and requires enabling
+                                      MatchLabelKeysInPodAffinity feature gate.'
+                                    items:
+                                      type: string
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  namespaceSelector:
+                                    description: 'A label query over the set of namespaces
+                                      that the term applies to.
+
+                                      The term is applied to the union of the namespaces
+                                      selected by this field
+
+                                      and the ones listed in the namespaces field.
+
+                                      null selector and null or empty namespaces list
+                                      means "this pod''s namespace".
+
+                                      An empty selector ({}) matches all namespaces.'
+                                    properties:
+                                      matchExpressions:
+                                        description: matchExpressions is a list of
+                                          label selector requirements. The requirements
+                                          are ANDed.
+                                        items:
+                                          description: 'A label selector requirement
+                                            is a selector that contains values, a
+                                            key, and an operator that
+
+                                            relates the key and values.'
+                                          properties:
+                                            key:
+                                              description: key is the label key that
+                                                the selector applies to.
+                                              type: string
+                                            operator:
+                                              description: 'operator represents a
+                                                key''s relationship to a set of values.
+
+                                                Valid operators are In, NotIn, Exists
+                                                and DoesNotExist.'
+                                              type: string
+                                            values:
+                                              description: 'values is an array of
+                                                string values. If the operator is
+                                                In or NotIn,
+
+                                                the values array must be non-empty.
+                                                If the operator is Exists or DoesNotExist,
+
+                                                the values array must be empty. This
+                                                array is replaced during a strategic
+
+                                                merge patch.'
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          required:
+                                            - key
+                                            - operator
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      matchLabels:
+                                        additionalProperties:
+                                          type: string
+                                        description: 'matchLabels is a map of {key,value}
+                                          pairs. A single {key,value} in the matchLabels
+
+                                          map is equivalent to an element of matchExpressions,
+                                          whose key field is "key", the
+
+                                          operator is "In", and the values array contains
+                                          only "value". The requirements are ANDed.'
+                                        type: object
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  namespaces:
+                                    description: 'namespaces specifies a static list
+                                      of namespace names that the term applies to.
+
+                                      The term is applied to the union of the namespaces
+                                      listed in this field
+
+                                      and the ones selected by namespaceSelector.
+
+                                      null or empty namespaces list and null namespaceSelector
+                                      means "this pod''s namespace".'
+                                    items:
+                                      type: string
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  topologyKey:
+                                    description: 'This pod should be co-located (affinity)
+                                      or not co-located (anti-affinity) with the pods
+                                      matching
+
+                                      the labelSelector in the specified namespaces,
+                                      where co-located is defined as running on a
+                                      node
+
+                                      whose value of the label with key topologyKey
+                                      matches that of any node on which any of the
+
+                                      selected pods is running.
+
+                                      Empty topologyKey is not allowed.'
+                                    type: string
+                                required:
+                                  - topologyKey
+                                type: object
+                              weight:
+                                description: 'weight associated with matching the
+                                  corresponding podAffinityTerm,
+
+                                  in the range 1-100.'
+                                format: int32
+                                type: integer
+                            required:
+                              - podAffinityTerm
+                              - weight
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        requiredDuringSchedulingIgnoredDuringExecution:
+                          description: 'If the anti-affinity requirements specified
+                            by this field are not met at
+
+                            scheduling time, the pod will not be scheduled onto the
+                            node.
+
+                            If the anti-affinity requirements specified by this field
+                            cease to be met
+
+                            at some point during pod execution (e.g. due to a pod
+                            label update), the
+
+                            system may or may not try to eventually evict the pod
+                            from its node.
+
+                            When there are multiple elements, the lists of nodes corresponding
+                            to each
+
+                            podAffinityTerm are intersected, i.e. all terms must be
+                            satisfied.'
+                          items:
+                            description: 'Defines a set of pods (namely those matching
+                              the labelSelector
+
+                              relative to the given namespace(s)) that this pod should
+                              be
+
+                              co-located (affinity) or not co-located (anti-affinity)
+                              with,
+
+                              where co-located is defined as running on a node whose
+                              value of
+
+                              the label with key <topologyKey> matches that of any
+                              node on which
+
+                              a pod of the set of pods is running'
+                            properties:
+                              labelSelector:
+                                description: 'A label query over a set of resources,
+                                  in this case pods.
+
+                                  If it''s null, this PodAffinityTerm matches with
+                                  no Pods.'
+                                properties:
+                                  matchExpressions:
+                                    description: matchExpressions is a list of label
+                                      selector requirements. The requirements are
+                                      ANDed.
+                                    items:
+                                      description: 'A label selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that
+
+                                        relates the key and values.'
+                                      properties:
+                                        key:
+                                          description: key is the label key that the
+                                            selector applies to.
+                                          type: string
+                                        operator:
+                                          description: 'operator represents a key''s
+                                            relationship to a set of values.
+
+                                            Valid operators are In, NotIn, Exists
+                                            and DoesNotExist.'
+                                          type: string
+                                        values:
+                                          description: 'values is an array of string
+                                            values. If the operator is In or NotIn,
+
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+
+                                            the values array must be empty. This array
+                                            is replaced during a strategic
+
+                                            merge patch.'
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      required:
+                                        - key
+                                        - operator
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  matchLabels:
+                                    additionalProperties:
+                                      type: string
+                                    description: 'matchLabels is a map of {key,value}
+                                      pairs. A single {key,value} in the matchLabels
+
+                                      map is equivalent to an element of matchExpressions,
+                                      whose key field is "key", the
+
+                                      operator is "In", and the values array contains
+                                      only "value". The requirements are ANDed.'
+                                    type: object
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              matchLabelKeys:
+                                description: 'MatchLabelKeys is a set of pod label
+                                  keys to select which pods will
+
+                                  be taken into consideration. The keys are used to
+                                  lookup values from the
+
+                                  incoming pod labels, those key-value labels are
+                                  merged with `labelSelector` as `key in (value)`
+
+                                  to select the group of existing pods which pods
+                                  will be taken into consideration
+
+                                  for the incoming pod''s pod (anti) affinity. Keys
+                                  that don''t exist in the incoming
+
+                                  pod labels will be ignored. The default value is
+                                  empty.
+
+                                  The same key is forbidden to exist in both matchLabelKeys
+                                  and labelSelector.
+
+                                  Also, matchLabelKeys cannot be set when labelSelector
+                                  isn''t set.
+
+                                  This is an alpha field and requires enabling MatchLabelKeysInPodAffinity
+                                  feature gate.'
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              mismatchLabelKeys:
+                                description: 'MismatchLabelKeys is a set of pod label
+                                  keys to select which pods will
+
+                                  be taken into consideration. The keys are used to
+                                  lookup values from the
+
+                                  incoming pod labels, those key-value labels are
+                                  merged with `labelSelector` as `key notin (value)`
+
+                                  to select the group of existing pods which pods
+                                  will be taken into consideration
+
+                                  for the incoming pod''s pod (anti) affinity. Keys
+                                  that don''t exist in the incoming
+
+                                  pod labels will be ignored. The default value is
+                                  empty.
+
+                                  The same key is forbidden to exist in both mismatchLabelKeys
+                                  and labelSelector.
+
+                                  Also, mismatchLabelKeys cannot be set when labelSelector
+                                  isn''t set.
+
+                                  This is an alpha field and requires enabling MatchLabelKeysInPodAffinity
+                                  feature gate.'
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              namespaceSelector:
+                                description: 'A label query over the set of namespaces
+                                  that the term applies to.
+
+                                  The term is applied to the union of the namespaces
+                                  selected by this field
+
+                                  and the ones listed in the namespaces field.
+
+                                  null selector and null or empty namespaces list
+                                  means "this pod''s namespace".
+
+                                  An empty selector ({}) matches all namespaces.'
+                                properties:
+                                  matchExpressions:
+                                    description: matchExpressions is a list of label
+                                      selector requirements. The requirements are
+                                      ANDed.
+                                    items:
+                                      description: 'A label selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that
+
+                                        relates the key and values.'
+                                      properties:
+                                        key:
+                                          description: key is the label key that the
+                                            selector applies to.
+                                          type: string
+                                        operator:
+                                          description: 'operator represents a key''s
+                                            relationship to a set of values.
+
+                                            Valid operators are In, NotIn, Exists
+                                            and DoesNotExist.'
+                                          type: string
+                                        values:
+                                          description: 'values is an array of string
+                                            values. If the operator is In or NotIn,
+
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+
+                                            the values array must be empty. This array
+                                            is replaced during a strategic
+
+                                            merge patch.'
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      required:
+                                        - key
+                                        - operator
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  matchLabels:
+                                    additionalProperties:
+                                      type: string
+                                    description: 'matchLabels is a map of {key,value}
+                                      pairs. A single {key,value} in the matchLabels
+
+                                      map is equivalent to an element of matchExpressions,
+                                      whose key field is "key", the
+
+                                      operator is "In", and the values array contains
+                                      only "value". The requirements are ANDed.'
+                                    type: object
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              namespaces:
+                                description: 'namespaces specifies a static list of
+                                  namespace names that the term applies to.
+
+                                  The term is applied to the union of the namespaces
+                                  listed in this field
+
+                                  and the ones selected by namespaceSelector.
+
+                                  null or empty namespaces list and null namespaceSelector
+                                  means "this pod''s namespace".'
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              topologyKey:
+                                description: 'This pod should be co-located (affinity)
+                                  or not co-located (anti-affinity) with the pods
+                                  matching
+
+                                  the labelSelector in the specified namespaces, where
+                                  co-located is defined as running on a node
+
+                                  whose value of the label with key topologyKey matches
+                                  that of any node on which any of the
+
+                                  selected pods is running.
+
+                                  Empty topologyKey is not allowed.'
+                                type: string
+                            required:
+                              - topologyKey
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                      type: object
+                  type: object
+                agentEnvVars:
+                  description: AgentEnvVars are extra environment variables to be
+                    added to the agent deployment.
+                  items:
+                    description: EnvVar represents an environment variable present
+                      in a Container.
+                    properties:
+                      name:
+                        description: Name of the environment variable. Must be a C_IDENTIFIER.
+                        type: string
+                      value:
+                        description: 'Variable references $(VAR_NAME) are expanded
+
+                          using the previously defined environment variables in the
+                          container and
+
+                          any service environment variables. If a variable cannot
+                          be resolved,
+
+                          the reference in the input string will be unchanged. Double
+                          $$ are reduced
+
+                          to a single $, which allows for escaping the $(VAR_NAME)
+                          syntax: i.e.
+
+                          "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+
+                          Escaped references will never be expanded, regardless of
+                          whether the variable
+
+                          exists or not.
+
+                          Defaults to "".'
+                        type: string
+                      valueFrom:
+                        description: Source for the environment variable's value.
+                          Cannot be used if value is not empty.
+                        properties:
+                          configMapKeyRef:
+                            description: Selects a key of a ConfigMap.
+                            properties:
+                              key:
+                                description: The key to select.
+                                type: string
+                              name:
+                                default: ''
+                                description: 'Name of the referent.
+
+                                  This field is effectively required, but due to backwards
+                                  compatibility is
+
+                                  allowed to be empty. Instances of this type with
+                                  an empty value here are
+
+                                  almost certainly wrong.
+
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?
+
+                                  More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+                                  TODO: Drop `kubebuilder:default` when controller-gen
+                                  doesn''t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.'
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap or its
+                                  key must be defined
+                                type: boolean
+                            required:
+                              - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          fieldRef:
+                            description: 'Selects a field of the pod: supports metadata.name,
+                              metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`,
+
+                              spec.nodeName, spec.serviceAccountName, status.hostIP,
+                              status.podIP, status.podIPs.'
+                            properties:
+                              apiVersion:
+                                description: Version of the schema the FieldPath is
+                                  written in terms of, defaults to "v1".
+                                type: string
+                              fieldPath:
+                                description: Path of the field to select in the specified
+                                  API version.
+                                type: string
+                            required:
+                              - fieldPath
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          resourceFieldRef:
+                            description: 'Selects a resource of the container: only
+                              resources limits and requests
+
+                              (limits.cpu, limits.memory, limits.ephemeral-storage,
+                              requests.cpu, requests.memory and requests.ephemeral-storage)
+                              are currently supported.'
+                            properties:
+                              containerName:
+                                description: 'Container name: required for volumes,
+                                  optional for env vars'
+                                type: string
+                              divisor:
+                                anyOf:
+                                  - type: integer
+                                  - type: string
+                                description: Specifies the output format of the exposed
+                                  resources, defaults to "1"
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              resource:
+                                description: 'Required: resource to select'
+                                type: string
+                            required:
+                              - resource
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          secretKeyRef:
+                            description: Selects a key of a secret in the pod's namespace
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                default: ''
+                                description: 'Name of the referent.
+
+                                  This field is effectively required, but due to backwards
+                                  compatibility is
+
+                                  allowed to be empty. Instances of this type with
+                                  an empty value here are
+
+                                  almost certainly wrong.
+
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?
+
+                                  More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+                                  TODO: Drop `kubebuilder:default` when controller-gen
+                                  doesn''t need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                              - key
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                    required:
+                      - name
+                    type: object
+                  nullable: true
+                  type: array
+                agentNamespace:
+                  description: AgentNamespace defaults to the system namespace, e.g.
+                    cattle-fleet-system.
+                  nullable: true
+                  type: string
+                agentResources:
+                  description: AgentResources sets the resources for the cluster's
+                    agent deployment.
+                  nullable: true
+                  properties:
+                    claims:
+                      description: 'Claims lists the names of resources, defined in
+                        spec.resourceClaims,
+
+                        that are used by this container.
+
+
+
+                        This is an alpha field and requires enabling the
+
+                        DynamicResourceAllocation feature gate.
+
+
+
+                        This field is immutable. It can only be set for containers.'
+                      items:
+                        description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+                        properties:
+                          name:
+                            description: 'Name must match the name of one entry in
+                              pod.spec.resourceClaims of
+
+                              the Pod where this field is used. It makes that resource
+                              available
+
+                              inside a container.'
+                            type: string
+                        required:
+                          - name
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                        - name
+                      x-kubernetes-list-type: map
+                    limits:
+                      additionalProperties:
+                        anyOf:
+                          - type: integer
+                          - type: string
+                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                        x-kubernetes-int-or-string: true
+                      description: 'Limits describes the maximum amount of compute
+                        resources allowed.
+
+                        More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                      type: object
+                    requests:
+                      additionalProperties:
+                        anyOf:
+                          - type: integer
+                          - type: string
+                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                        x-kubernetes-int-or-string: true
+                      description: 'Requests describes the minimum amount of compute
+                        resources required.
+
+                        If Requests is omitted for a container, it defaults to Limits
+                        if that is explicitly specified,
+
+                        otherwise to an implementation-defined value. Requests cannot
+                        exceed Limits.
+
+                        More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                      type: object
+                  type: object
+                agentTolerations:
+                  description: AgentTolerations defines an extra set of Tolerations
+                    to be added to the Agent deployment.
+                  items:
+                    description: 'The pod this Toleration is attached to tolerates
+                      any taint that matches
+
+                      the triple <key,value,effect> using the matching operator <operator>.'
+                    properties:
+                      effect:
+                        description: 'Effect indicates the taint effect to match.
+                          Empty means match all taint effects.
+
+                          When specified, allowed values are NoSchedule, PreferNoSchedule
+                          and NoExecute.'
+                        type: string
+                      key:
+                        description: 'Key is the taint key that the toleration applies
+                          to. Empty means match all taint keys.
+
+                          If the key is empty, operator must be Exists; this combination
+                          means to match all values and all keys.'
+                        type: string
+                      operator:
+                        description: 'Operator represents a key''s relationship to
+                          the value.
+
+                          Valid operators are Exists and Equal. Defaults to Equal.
+
+                          Exists is equivalent to wildcard for value, so that a pod
+                          can
+
+                          tolerate all taints of a particular category.'
+                        type: string
+                      tolerationSeconds:
+                        description: 'TolerationSeconds represents the period of time
+                          the toleration (which must be
+
+                          of effect NoExecute, otherwise this field is ignored) tolerates
+                          the taint. By default,
+
+                          it is not set, which means tolerate the taint forever (do
+                          not evict). Zero and
+
+                          negative values will be treated as 0 (evict immediately)
+                          by the system.'
+                        format: int64
+                        type: integer
+                      value:
+                        description: 'Value is the taint value the toleration matches
+                          to.
+
+                          If the operator is Exists, the value should be empty, otherwise
+                          just a regular string.'
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                clientID:
+                  description: 'ClientID is a unique string that will identify the
+                    cluster. It can
+
+                    either be predefined, or generated when importing the cluster.'
+                  nullable: true
+                  type: string
+                hostNetwork:
+                  description: 'HostNetwork sets the agent StatefulSet to use hostNetwork:
+                    true setting.
+
+                    Allows for provisioning of network related bundles (CNI configuration).'
+                  nullable: true
+                  type: boolean
+                kubeConfigSecret:
+                  description: 'KubeConfigSecret is the name of the secret containing
+                    the kubeconfig for the downstream cluster.
+
+                    It can optionally contain a APIServerURL and CA to override the
+
+                    values in the fleet-controller''s configmap.'
+                  nullable: true
+                  type: string
+                kubeConfigSecretNamespace:
+                  description: 'KubeConfigSecretNamespace is the namespace of the
+                    secret containing the kubeconfig for the downstream cluster.
+
+                    If unset, it will be assumed the secret can be found in the namespace
+                    that the Cluster object resides within.'
+                  nullable: true
+                  type: string
+                paused:
+                  description: Paused if set to true, will stop any BundleDeployments
+                    from being updated.
+                  type: boolean
+                privateRepoURL:
+                  description: PrivateRepoURL prefixes the image name and overrides
+                    a global repo URL from the agents config.
+                  nullable: true
+                  type: string
+                redeployAgentGeneration:
+                  description: RedeployAgentGeneration can be used to force redeploying
+                    the agent.
+                  format: int64
+                  type: integer
+                templateValues:
+                  description: TemplateValues defines a cluster specific mapping of
+                    values to be sent to fleet.yaml values templating.
+                  nullable: true
+                  type: object
+                  x-kubernetes-preserve-unknown-fields: true
+              type: object
+            status:
+              properties:
+                agent:
+                  description: AgentStatus contains information about the agent.
+                  properties:
+                    lastSeen:
+                      description: 'LastSeen is the last time the agent checked in
+                        to update the status
+
+                        of the cluster resource.'
+                      format: date-time
+                      nullable: true
+                      type: string
+                    namespace:
+                      description: Namespace is the namespace of the agent deployment,
+                        e.g. "cattle-fleet-system".
+                      nullable: true
+                      type: string
+                  type: object
+                agentAffinityHash:
+                  description: 'AgentAffinityHash is a hash of the agent''s affinity
+                    configuration,
+
+                    used to detect changes.'
+                  type: string
+                agentConfigChanged:
+                  description: 'AgentConfigChanged is set to true if any of the agent
+                    configuration
+
+                    changed, like the API server URL or CA. Setting it to true will
+
+                    trigger a re-import of the cluster.'
+                  type: boolean
+                agentDeployedGeneration:
+                  description: AgentDeployedGeneration is the generation of the agent
+                    that is currently deployed.
+                  format: int64
+                  nullable: true
+                  type: integer
+                agentEnvVarsHash:
+                  description: AgentEnvVarsHash is a hash of the agent's env vars,
+                    used to detect changes.
+                  nullable: true
+                  type: string
+                agentHostNetwork:
+                  description: AgentHostNetwork defines observed state of spec.hostNetwork
+                    setting that is currently used.
+                  nullable: true
+                  type: boolean
+                agentMigrated:
+                  description: 'AgentMigrated is always set to true after importing
+                    a cluster. If
+
+                    false, it will trigger a migration. Old agents don''t have
+
+                    this in their status.'
+                  type: boolean
+                agentNamespaceMigrated:
+                  description: 'AgentNamespaceMigrated is always set to true after
+                    importing a
+
+                    cluster. If false, it will trigger a migration. Old Fleet agents
+
+                    don''t have this in their status.'
+                  type: boolean
+                agentPrivateRepoURL:
+                  description: AgentPrivateRepoURL is the private repo URL for the
+                    agent that is currently used.
+                  nullable: true
+                  type: string
+                agentResourcesHash:
+                  description: 'AgentResourcesHash is a hash of the agent''s resources
+                    configuration,
+
+                    used to detect changes.'
+                  nullable: true
+                  type: string
+                agentTLSMode:
+                  description: 'AgentTLSMode supports two values: `system-store` and
+                    `strict`. If set to
+
+                    `system-store`, instructs the agent to trust CA bundles from the
+                    operating
+
+                    system''s store. If set to `strict`, then the agent shall only
+                    connect to a
+
+                    server which uses the exact CA configured when creating/updating
+                    the agent.'
+                  nullable: true
+                  type: string
+                agentTolerationsHash:
+                  description: 'AgentTolerationsHash is a hash of the agent''s tolerations
+
+                    configuration, used to detect changes.'
+                  nullable: true
+                  type: string
+                apiServerCAHash:
+                  description: APIServerCAHash is a hash of the upstream API server
+                    CA, used to detect changes.
+                  nullable: true
+                  type: string
+                apiServerURL:
+                  description: 'APIServerURL is the currently used URL of the API
+                    server that the
+
+                    cluster uses to connect to upstream.'
+                  nullable: true
+                  type: string
+                cattleNamespaceMigrated:
+                  description: 'CattleNamespaceMigrated is always set to true after
+                    importing a
+
+                    cluster. If false, it will trigger a migration. Old Fleet agents,
+
+                    don''t have this in their status.'
+                  type: boolean
+                conditions:
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        type: string
+                    required:
+                      - status
+                      - type
+                    type: object
+                  type: array
+                desiredReadyGitRepos:
+                  description: 'DesiredReadyGitRepos is the number of gitrepos for
+                    this cluster that
+
+                    are desired to be ready.'
+                  type: integer
+                display:
+                  description: Display contains the number of ready bundles, nodes
+                    and a summary state.
+                  properties:
+                    readyBundles:
+                      description: 'ReadyBundles is a string in the form "%d/%d",
+                        that describes the
+
+                        number of bundles that are ready vs. the number of bundles
+                        desired
+
+                        to be ready.'
+                      type: string
+                    state:
+                      description: State of the cluster, either one of the bundle
+                        states, or "WaitCheckIn".
+                      nullable: true
+                      type: string
+                  type: object
+                garbageCollectionInterval:
+                  description: GarbageCollectionInterval determines how often agents
+                    clean up obsolete Helm releases.
+                  type: string
+                namespace:
+                  description: 'Namespace is the cluster namespace, it contains the
+                    clusters service
+
+                    account as well as any bundledeployments. Example:
+
+                    "cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f"'
+                  type: string
+                readyGitRepos:
+                  description: ReadyGitRepos is the number of gitrepos for this cluster
+                    that are ready.
+                  type: integer
+                resourceCounts:
+                  description: ResourceCounts is an aggregate over the GitRepoResourceCounts.
+                  properties:
+                    desiredReady:
+                      description: DesiredReady is the number of resources that should
+                        be ready.
+                      type: integer
+                    missing:
+                      description: Missing is the number of missing resources.
+                      type: integer
+                    modified:
+                      description: Modified is the number of resources that have been
+                        modified.
+                      type: integer
+                    notReady:
+                      description: 'NotReady is the number of not ready resources.
+                        Resources are not
+
+                        ready if they do not match any other state.'
+                      type: integer
+                    orphaned:
+                      description: Orphaned is the number of orphaned resources.
+                      type: integer
+                    ready:
+                      description: Ready is the number of ready resources.
+                      type: integer
+                    unknown:
+                      description: Unknown is the number of resources in an unknown
+                        state.
+                      type: integer
+                    waitApplied:
+                      description: WaitApplied is the number of resources that are
+                        waiting to be applied.
+                      type: integer
+                  type: object
+                summary:
+                  description: 'Summary is a summary of the bundledeployments. The
+                    resource counts
+
+                    are copied from the gitrepo resource.'
+                  properties:
+                    desiredReady:
+                      description: 'DesiredReady is the number of bundle deployments
+                        that should be
+
+                        ready.'
+                      type: integer
+                    errApplied:
+                      description: 'ErrApplied is the number of bundle deployments
+                        that have been synced
+
+                        from the Fleet controller and the downstream cluster, but
+                        with some
+
+                        errors when deploying the bundle.'
+                      type: integer
+                    modified:
+                      description: 'Modified is the number of bundle deployments that
+                        have been deployed
+
+                        and for which all resources are ready, but where some changes
+                        from the
+
+                        Git repository have not yet been synced.'
+                      type: integer
+                    nonReadyResources:
+                      description: 'NonReadyClusters is a list of states, which is
+                        filled for a bundle
+
+                        that is not ready.'
+                      items:
+                        description: 'NonReadyResource contains information about
+                          a bundle that is not ready for a
+
+                          given state like "ErrApplied". It contains a list of non-ready
+                          or modified
+
+                          resources and their states.'
+                        properties:
+                          bundleState:
+                            description: State is the state of the resource, like
+                              e.g. "NotReady" or "ErrApplied".
+                            nullable: true
+                            type: string
+                          message:
+                            description: Message contains information why the bundle
+                              is not ready.
+                            nullable: true
+                            type: string
+                          modifiedStatus:
+                            description: ModifiedStatus lists the state for each modified
+                              resource.
+                            items:
+                              description: 'ModifiedStatus is used to report the status
+                                of a resource that is modified.
+
+                                It indicates if the modification was a create, a delete
+                                or a patch.'
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                delete:
+                                  type: boolean
+                                kind:
+                                  nullable: true
+                                  type: string
+                                missing:
+                                  type: boolean
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                patch:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          name:
+                            description: Name is the name of the resource.
+                            nullable: true
+                            type: string
+                          nonReadyStatus:
+                            description: NonReadyStatus lists the state for each non-ready
+                              resource.
+                            items:
+                              description: NonReadyStatus is used to report the status
+                                of a resource that is not ready. It includes a summary.
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                kind:
+                                  nullable: true
+                                  type: string
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                summary:
+                                  properties:
+                                    error:
+                                      type: boolean
+                                    message:
+                                      items:
+                                        type: string
+                                      type: array
+                                    state:
+                                      type: string
+                                    transitioning:
+                                      type: boolean
+                                  type: object
+                                uid:
+                                  description: 'UID is a type that holds unique ID
+                                    values, including UUIDs.  Because we
+
+                                    don''t ONLY use UUIDs, this is an alias to string.  Being
+                                    a type captures
+
+                                    intent and helps make sure that UIDs and names
+                                    do not get conflated.'
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    notReady:
+                      description: 'NotReady is the number of bundle deployments that
+                        have been deployed
+
+                        where some resources are not ready.'
+                      type: integer
+                    outOfSync:
+                      description: 'OutOfSync is the number of bundle deployments
+                        that have been synced
+
+                        from Fleet controller, but not yet by the downstream agent.'
+                      type: integer
+                    pending:
+                      description: 'Pending is the number of bundle deployments that
+                        are being processed
+
+                        by Fleet controller.'
+                      type: integer
+                    ready:
+                      description: 'Ready is the number of bundle deployments that
+                        have been deployed
+
+                        where all resources are ready.'
+                      type: integer
+                    waitApplied:
+                      description: 'WaitApplied is the number of bundle deployments
+                        that have been
+
+                        synced from Fleet controller and downstream cluster, but are
+                        waiting
+
+                        to be deployed.'
+                      type: integer
+                  type: object
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: contents.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: Content
+    listKind: ContentList
+    plural: contents
+    singular: content
+  scope: Cluster
+  versions:
+    - name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: 'Content is used internally by Fleet and should not be used
+            directly. It
+
+            contains the resources from a bundle for a specific target cluster.'
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            content:
+              description: 'Content is a byte array, which contains the manifests
+                of a bundle.
+
+                The bundle resources are copied into the bundledeployment''s content
+
+                resource, so the downstream agent can deploy them.'
+              format: byte
+              nullable: true
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            sha256sum:
+              description: SHA256Sum of the Content field
+              type: string
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: gitreporestrictions.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: GitRepoRestriction
+    listKind: GitRepoRestrictionList
+    plural: gitreporestrictions
+    singular: gitreporestriction
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .defaultServiceAccount
+          name: Default-ServiceAccount
+          type: string
+        - jsonPath: .allowedServiceAccounts
+          name: Allowed-ServiceAccounts
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: 'GitRepoRestriction is a resource that can optionally be used
+            to restrict
+
+            the options of GitRepos in the same namespace.'
+          properties:
+            allowedClientSecretNames:
+              description: AllowedClientSecretNames is a list of client secret names
+                that GitRepos are allowed to use.
+              items:
+                type: string
+              nullable: true
+              type: array
+            allowedRepoPatterns:
+              description: 'AllowedRepoPatterns is a list of regex patterns that restrict
+                the
+
+                valid values of the Repo field of a GitRepo.'
+              items:
+                type: string
+              nullable: true
+              type: array
+            allowedServiceAccounts:
+              description: AllowedServiceAccounts is a list of service accounts that
+                GitRepos are allowed to use.
+              items:
+                type: string
+              nullable: true
+              type: array
+            allowedTargetNamespaces:
+              description: 'AllowedTargetNamespaces restricts TargetNamespace to the
+                given
+
+                namespaces. If AllowedTargetNamespaces is set, TargetNamespace must
+
+                be set.'
+              items:
+                type: string
+              nullable: true
+              type: array
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            defaultClientSecretName:
+              description: DefaultClientSecretName overrides the GitRepo's default
+                client secret.
+              nullable: true
+              type: string
+            defaultServiceAccount:
+              description: DefaultServiceAccount overrides the GitRepo's default service
+                account.
+              nullable: true
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: gitrepos.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    categories:
+      - fleet
+    kind: GitRepo
+    listKind: GitRepoList
+    plural: gitrepos
+    singular: gitrepo
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .spec.repo
+          name: Repo
+          type: string
+        - jsonPath: .status.commit
+          name: Commit
+          type: string
+        - jsonPath: .status.display.readyBundleDeployments
+          name: BundleDeployments-Ready
+          type: string
+        - jsonPath: .status.conditions[?(@.type=="Ready")].message
+          name: Status
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: 'GitRepo describes a git repository that is watched by Fleet.
+
+            The resource contains the necessary information to deploy the repo, or
+            parts
+
+            of it, to target clusters.'
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                branch:
+                  description: Branch The git branch to follow.
+                  nullable: true
+                  type: string
+                caBundle:
+                  description: CABundle is a PEM encoded CA bundle which will be used
+                    to validate the repo's certificate.
+                  format: byte
+                  nullable: true
+                  type: string
+                clientSecretName:
+                  description: 'ClientSecretName is the name of the client secret
+                    to be used to connect to the repo
+
+                    It is expected the secret be of type "kubernetes.io/basic-auth"
+                    or "kubernetes.io/ssh-auth".'
+                  nullable: true
+                  type: string
+                correctDrift:
+                  description: CorrectDrift specifies how drift correction should
+                    work.
+                  properties:
+                    enabled:
+                      description: Enabled correct drift if true.
+                      type: boolean
+                    force:
+                      description: Force helm rollback with --force option will be
+                        used if true. This will try to recreate all resources in the
+                        release.
+                      type: boolean
+                    keepFailHistory:
+                      description: KeepFailHistory keeps track of failed rollbacks
+                        in the helm history.
+                      type: boolean
+                  type: object
+                deleteNamespace:
+                  description: DeleteNamespace specifies if the namespace created
+                    must be deleted after deleting the GitRepo.
+                  type: boolean
+                disablePolling:
+                  description: Disables git polling. When enabled only webhooks will
+                    be used.
+                  type: boolean
+                forceSyncGeneration:
+                  description: Increment this number to force a redeployment of contents
+                    from Git.
+                  format: int64
+                  type: integer
+                helmRepoURLRegex:
+                  description: 'HelmRepoURLRegex Helm credentials will be used if
+                    the helm repo matches this regex
+
+                    Credentials will always be used if this is empty or not provided.'
+                  nullable: true
+                  type: string
+                helmSecretName:
+                  description: HelmSecretName contains the auth secret for a private
+                    Helm repository.
+                  nullable: true
+                  type: string
+                helmSecretNameForPaths:
+                  description: HelmSecretNameForPaths contains the auth secret for
+                    private Helm repository for each path.
+                  nullable: true
+                  type: string
+                imageScanCommit:
+                  description: Commit specifies how to commit to the git repo when
+                    a new image is scanned and written back to git repo.
+                  properties:
+                    authorEmail:
+                      description: AuthorEmail gives the email to provide when making
+                        a commit
+                      nullable: true
+                      type: string
+                    authorName:
+                      description: AuthorName gives the name to provide when making
+                        a commit
+                      nullable: true
+                      type: string
+                    messageTemplate:
+                      description: 'MessageTemplate provides a template for the commit
+                        message,
+
+                        into which will be interpolated the details of the change
+                        made.'
+                      nullable: true
+                      type: string
+                  type: object
+                imageScanInterval:
+                  description: ImageScanInterval is the interval of syncing scanned
+                    images and writing back to git repo.
+                  type: string
+                insecureSkipTLSVerify:
+                  description: InsecureSkipTLSverify will use insecure HTTPS to clone
+                    the repo.
+                  type: boolean
+                keepResources:
+                  description: KeepResources specifies if the resources created must
+                    be kept after deleting the GitRepo.
+                  type: boolean
+                ociRegistry:
+                  description: OCIRegistry specifies the OCI registry related parameters
+                  properties:
+                    authSecretName:
+                      description: AuthSecretName contains the auth secret where the
+                        OCI regristry credentials are stored.
+                      nullable: true
+                      type: string
+                    basicHTTP:
+                      description: BasicHTTP uses HTTP connections to the OCI registry
+                        when enabled.
+                      nullable: true
+                      type: boolean
+                    insecureSkipTLS:
+                      description: InsecureSkipTLS allows connections to OCI registry
+                        without certs when enabled.
+                      nullable: true
+                      type: boolean
+                    reference:
+                      description: Reference of the OCI Registry
+                      type: string
+                  type: object
+                paths:
+                  description: 'Paths is the directories relative to the git repo
+                    root that contain resources to be applied.
+
+                    Path globbing is supported, for example ["charts/*"] will match
+                    all folders as a subdirectory of charts/
+
+                    If empty, "/" is the default.'
+                  items:
+                    type: string
+                  nullable: true
+                  type: array
+                paused:
+                  description: 'Paused, when true, causes changes in Git not to be
+                    propagated down to the clusters but instead to mark
+
+                    resources as OutOfSync.'
+                  type: boolean
+                pollingInterval:
+                  description: PollingInterval is how often to check git for new updates.
+                  nullable: true
+                  type: string
+                repo:
+                  description: Repo is a URL to a git repo to clone and index.
+                  nullable: true
+                  type: string
+                revision:
+                  description: Revision A specific commit or tag to operate on.
+                  nullable: true
+                  type: string
+                serviceAccount:
+                  description: ServiceAccount used in the downstream cluster for deployment.
+                  nullable: true
+                  type: string
+                targetNamespace:
+                  description: 'Ensure that all resources are created in this namespace
+
+                    Any cluster scoped resource will be rejected if this is set
+
+                    Additionally this namespace will be created on demand.'
+                  nullable: true
+                  type: string
+                targets:
+                  description: Targets is a list of targets this repo will deploy
+                    to.
+                  items:
+                    description: GitTarget is a cluster or cluster group to deploy
+                      to.
+                    properties:
+                      clusterGroup:
+                        description: ClusterGroup is the name of a cluster group in
+                          the same namespace as the clusters.
+                        nullable: true
+                        type: string
+                      clusterGroupSelector:
+                        description: ClusterGroupSelector is a label selector to select
+                          cluster groups.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: 'A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+
+                                relates the key and values.'
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  type: string
+                                operator:
+                                  description: 'operator represents a key''s relationship
+                                    to a set of values.
+
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.'
+                                  type: string
+                                values:
+                                  description: 'values is an array of string values.
+                                    If the operator is In or NotIn,
+
+                                    the values array must be non-empty. If the operator
+                                    is Exists or DoesNotExist,
+
+                                    the values array must be empty. This array is
+                                    replaced during a strategic
+
+                                    merge patch.'
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              required:
+                                - key
+                                - operator
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          matchLabels:
+                            additionalProperties:
+                              type: string
+                            description: 'matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels
+
+                              map is equivalent to an element of matchExpressions,
+                              whose key field is "key", the
+
+                              operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.'
+                            type: object
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      clusterName:
+                        description: ClusterName is the name of a cluster.
+                        nullable: true
+                        type: string
+                      clusterSelector:
+                        description: ClusterSelector is a label selector to select
+                          clusters.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: 'A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+
+                                relates the key and values.'
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  type: string
+                                operator:
+                                  description: 'operator represents a key''s relationship
+                                    to a set of values.
+
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.'
+                                  type: string
+                                values:
+                                  description: 'values is an array of string values.
+                                    If the operator is In or NotIn,
+
+                                    the values array must be non-empty. If the operator
+                                    is Exists or DoesNotExist,
+
+                                    the values array must be empty. This array is
+                                    replaced during a strategic
+
+                                    merge patch.'
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              required:
+                                - key
+                                - operator
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          matchLabels:
+                            additionalProperties:
+                              type: string
+                            description: 'matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels
+
+                              map is equivalent to an element of matchExpressions,
+                              whose key field is "key", the
+
+                              operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.'
+                            type: object
+                        type: object
+                        x-kubernetes-map-type: atomic
+                      name:
+                        description: Name is the name of this target.
+                        nullable: true
+                        type: string
+                    type: object
+                  type: array
+              type: object
+            status:
+              properties:
+                commit:
+                  description: Commit is the Git commit hash from the last git job
+                    run.
+                  type: string
+                conditions:
+                  description: 'Conditions is a list of Wrangler conditions that describe
+                    the state
+
+                    of the GitRepo.'
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        type: string
+                    required:
+                      - status
+                      - type
+                    type: object
+                  type: array
+                desiredReadyClusters:
+                  description: "DesiredReadyClusters\tis the number of clusters that\
+                    \ should be ready for bundles of this GitRepo."
+                  type: integer
+                display:
+                  description: Display contains a human readable summary of the status.
+                  properties:
+                    error:
+                      description: Error is true if a message is present.
+                      type: boolean
+                    message:
+                      description: Message contains the relevant message from the
+                        deployment conditions.
+                      type: string
+                    readyBundleDeployments:
+                      description: 'ReadyBundleDeployments is a string in the form
+                        "%d/%d", that describes the
+
+                        number of ready bundledeployments over the total number of
+                        bundledeployments.'
+                      type: string
+                    state:
+                      description: 'State is the state of the GitRepo, e.g. "GitUpdating"
+                        or the maximal
+
+                        BundleState according to StateRank.'
+                      type: string
+                  type: object
+                gitJobStatus:
+                  description: GitJobStatus is the status of the last Git job run,
+                    e.g. "Current" if there was no error.
+                  type: string
+                lastPollingTriggered:
+                  description: LastPollingTime is the last time the polling check
+                    was triggered
+                  format: date-time
+                  type: string
+                lastSyncedImageScanTime:
+                  description: LastSyncedImageScanTime is the time of the last image
+                    scan.
+                  format: date-time
+                  type: string
+                observedGeneration:
+                  description: 'ObservedGeneration is the current generation of the
+                    resource in the cluster. It is copied from k8s
+
+                    metadata.Generation. The value is incremented for all changes,
+                    except for changes to .metadata or .status.'
+                  format: int64
+                  type: integer
+                readyClusters:
+                  description: 'ReadyClusters is the lowest number of clusters that
+                    are ready over
+
+                    all the bundles of this GitRepo.'
+                  type: integer
+                resourceCounts:
+                  description: ResourceCounts contains the number of resources in
+                    each state over all bundles.
+                  properties:
+                    desiredReady:
+                      description: DesiredReady is the number of resources that should
+                        be ready.
+                      type: integer
+                    missing:
+                      description: Missing is the number of missing resources.
+                      type: integer
+                    modified:
+                      description: Modified is the number of resources that have been
+                        modified.
+                      type: integer
+                    notReady:
+                      description: 'NotReady is the number of not ready resources.
+                        Resources are not
+
+                        ready if they do not match any other state.'
+                      type: integer
+                    orphaned:
+                      description: Orphaned is the number of orphaned resources.
+                      type: integer
+                    ready:
+                      description: Ready is the number of ready resources.
+                      type: integer
+                    unknown:
+                      description: Unknown is the number of resources in an unknown
+                        state.
+                      type: integer
+                    waitApplied:
+                      description: WaitApplied is the number of resources that are
+                        waiting to be applied.
+                      type: integer
+                  type: object
+                resourceErrors:
+                  description: ResourceErrors is a sorted list of errors from the
+                    resources.
+                  items:
+                    type: string
+                  type: array
+                resources:
+                  description: Resources contains metadata about the resources of
+                    each bundle.
+                  items:
+                    description: GitRepoResource contains metadata about the resources
+                      of a bundle.
+                    properties:
+                      apiVersion:
+                        description: APIVersion is the API version of the resource.
+                        nullable: true
+                        type: string
+                      error:
+                        description: Error is true if any Error in the PerClusterState
+                          is true.
+                        type: boolean
+                      id:
+                        description: ID is the name of the resource, e.g. "namespace1/my-config"
+                          or "backingimagemanagers.storage.io".
+                        nullable: true
+                        type: string
+                      incompleteState:
+                        description: 'IncompleteState is true if a bundle summary
+                          has 10 or more non-ready
+
+                          resources or a non-ready resource has more 10 or more non-ready
+                          or
+
+                          modified states.'
+                        type: boolean
+                      kind:
+                        description: Kind is the k8s kind of the resource.
+                        nullable: true
+                        type: string
+                      message:
+                        description: Message is the first message from the PerClusterStates.
+                        nullable: true
+                        type: string
+                      name:
+                        description: Name of the resource.
+                        nullable: true
+                        type: string
+                      namespace:
+                        description: Namespace of the resource.
+                        nullable: true
+                        type: string
+                      perClusterState:
+                        description: PerClusterState is a list of states for each
+                          cluster. Derived from the summaries non-ready resources.
+                        items:
+                          description: ResourcePerClusterState is generated for each
+                            non-ready resource of the bundles.
+                          properties:
+                            clusterId:
+                              description: ClusterID is the id of the cluster.
+                              nullable: true
+                              type: string
+                            error:
+                              description: Error is true if the resource is in an
+                                error state, copied from the bundle's summary for
+                                non-ready resources.
+                              type: boolean
+                            message:
+                              description: Message combines the messages from the
+                                bundle's summary. Messages are joined with the delimiter
+                                ';'.
+                              nullable: true
+                              type: string
+                            patch:
+                              description: Patch for modified resources.
+                              nullable: true
+                              type: object
+                              x-kubernetes-preserve-unknown-fields: true
+                            state:
+                              description: State is the state of the resource.
+                              nullable: true
+                              type: string
+                            transitioning:
+                              description: 'Transitioning is true if the resource
+                                is in a transitioning state,
+
+                                copied from the bundle''s summary for non-ready resources.'
+                              type: boolean
+                          type: object
+                        nullable: true
+                        type: array
+                      state:
+                        description: State is the state of the resource, e.g. "Unknown",
+                          "WaitApplied", "ErrApplied" or "Ready".
+                        type: string
+                      transitioning:
+                        description: Transitioning is true if any Transitioning in
+                          the PerClusterState is true.
+                        type: boolean
+                      type:
+                        description: Type is the type of the resource, e.g. "apiextensions.k8s.io.customresourcedefinition"
+                          or "configmap".
+                        type: string
+                    type: object
+                  type: array
+                summary:
+                  description: Summary contains the number of bundle deployments in
+                    each state and a list of non-ready resources.
+                  properties:
+                    desiredReady:
+                      description: 'DesiredReady is the number of bundle deployments
+                        that should be
+
+                        ready.'
+                      type: integer
+                    errApplied:
+                      description: 'ErrApplied is the number of bundle deployments
+                        that have been synced
+
+                        from the Fleet controller and the downstream cluster, but
+                        with some
+
+                        errors when deploying the bundle.'
+                      type: integer
+                    modified:
+                      description: 'Modified is the number of bundle deployments that
+                        have been deployed
+
+                        and for which all resources are ready, but where some changes
+                        from the
+
+                        Git repository have not yet been synced.'
+                      type: integer
+                    nonReadyResources:
+                      description: 'NonReadyClusters is a list of states, which is
+                        filled for a bundle
+
+                        that is not ready.'
+                      items:
+                        description: 'NonReadyResource contains information about
+                          a bundle that is not ready for a
+
+                          given state like "ErrApplied". It contains a list of non-ready
+                          or modified
+
+                          resources and their states.'
+                        properties:
+                          bundleState:
+                            description: State is the state of the resource, like
+                              e.g. "NotReady" or "ErrApplied".
+                            nullable: true
+                            type: string
+                          message:
+                            description: Message contains information why the bundle
+                              is not ready.
+                            nullable: true
+                            type: string
+                          modifiedStatus:
+                            description: ModifiedStatus lists the state for each modified
+                              resource.
+                            items:
+                              description: 'ModifiedStatus is used to report the status
+                                of a resource that is modified.
+
+                                It indicates if the modification was a create, a delete
+                                or a patch.'
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                delete:
+                                  type: boolean
+                                kind:
+                                  nullable: true
+                                  type: string
+                                missing:
+                                  type: boolean
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                patch:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          name:
+                            description: Name is the name of the resource.
+                            nullable: true
+                            type: string
+                          nonReadyStatus:
+                            description: NonReadyStatus lists the state for each non-ready
+                              resource.
+                            items:
+                              description: NonReadyStatus is used to report the status
+                                of a resource that is not ready. It includes a summary.
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                kind:
+                                  nullable: true
+                                  type: string
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                summary:
+                                  properties:
+                                    error:
+                                      type: boolean
+                                    message:
+                                      items:
+                                        type: string
+                                      type: array
+                                    state:
+                                      type: string
+                                    transitioning:
+                                      type: boolean
+                                  type: object
+                                uid:
+                                  description: 'UID is a type that holds unique ID
+                                    values, including UUIDs.  Because we
+
+                                    don''t ONLY use UUIDs, this is an alias to string.  Being
+                                    a type captures
+
+                                    intent and helps make sure that UIDs and names
+                                    do not get conflated.'
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    notReady:
+                      description: 'NotReady is the number of bundle deployments that
+                        have been deployed
+
+                        where some resources are not ready.'
+                      type: integer
+                    outOfSync:
+                      description: 'OutOfSync is the number of bundle deployments
+                        that have been synced
+
+                        from Fleet controller, but not yet by the downstream agent.'
+                      type: integer
+                    pending:
+                      description: 'Pending is the number of bundle deployments that
+                        are being processed
+
+                        by Fleet controller.'
+                      type: integer
+                    ready:
+                      description: 'Ready is the number of bundle deployments that
+                        have been deployed
+
+                        where all resources are ready.'
+                      type: integer
+                    waitApplied:
+                      description: 'WaitApplied is the number of bundle deployments
+                        that have been
+
+                        synced from Fleet controller and downstream cluster, but are
+                        waiting
+
+                        to be deployed.'
+                      type: integer
+                  type: object
+                updateGeneration:
+                  description: Update generation is the force update generation if
+                    spec.forceSyncGeneration is set
+                  format: int64
+                  type: integer
+                webhookCommit:
+                  description: WebhookCommit is the latest Git commit hash received
+                    from a webhook
+                  type: string
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.15.0
+  name: imagescans.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: ImageScan
+    listKind: ImageScanList
+    plural: imagescans
+    singular: imagescan
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .spec.image
+          name: Repository
+          type: string
+        - jsonPath: .status.latestTag
+          name: Latest
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              description: API is taken from https://github.com/fluxcd/image-reflector-controller
+              properties:
+                gitrepoName:
+                  description: GitRepo reference name
+                  nullable: true
+                  type: string
+                image:
+                  description: Image is the name of the image repository
+                  nullable: true
+                  type: string
+                interval:
+                  description: 'Interval is the length of time to wait between
+
+                    scans of the image repository.'
+                  nullable: true
+                  type: string
+                policy:
+                  description: 'Policy gives the particulars of the policy to be followed
+                    in
+
+                    selecting the most recent image'
+                  properties:
+                    alphabetical:
+                      description: Alphabetical set of rules to use for alphabetical
+                        ordering of the tags.
+                      nullable: true
+                      properties:
+                        order:
+                          description: 'Order specifies the sorting order of the tags.
+                            Given the letters of the
+
+                            alphabet as tags, ascending order would select Z, and
+                            descending order
+
+                            would select A.'
+                          nullable: true
+                          type: string
+                      type: object
+                    semver:
+                      description: 'SemVer gives a semantic version range to check
+                        against the tags
+
+                        available.'
+                      nullable: true
+                      properties:
+                        range:
+                          description: 'Range gives a semver range for the image tag;
+                            the highest
+
+                            version within the range that''s a tag yields the latest
+                            image.'
+                          nullable: true
+                          type: string
+                      type: object
+                  type: object
+                secretRef:
+                  description: 'SecretRef can be given the name of a secret containing
+
+                    credentials to use for the image registry. The secret should be
+
+                    created with `kubectl create secret docker-registry`, or the
+
+                    equivalent.'
+                  nullable: true
+                  properties:
+                    name:
+                      default: ''
+                      description: 'Name of the referent.
+
+                        This field is effectively required, but due to backwards compatibility
+                        is
+
+                        allowed to be empty. Instances of this type with an empty
+                        value here are
+
+                        almost certainly wrong.
+
+                        TODO: Add other useful fields. apiVersion, kind, uid?
+
+                        More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+                        TODO: Drop `kubebuilder:default` when controller-gen doesn''t
+                        need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.'
+                      type: string
+                  type: object
+                  x-kubernetes-map-type: atomic
+                suspend:
+                  description: 'This flag tells the controller to suspend subsequent
+                    image scans.
+
+                    It does not apply to already started scans. Defaults to false.'
+                  type: boolean
+                tagName:
+                  description: TagName is the tag ref that needs to be put in manifest
+                    to replace fields
+                  nullable: true
+                  type: string
+              type: object
+            status:
+              properties:
+                canonicalImageName:
+                  description: 'CanonicalName is the name of the image repository
+                    with all the
+
+                    implied bits made explicit; e.g., `docker.io/library/alpine`
+
+                    rather than `alpine`.'
+                  type: string
+                conditions:
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        type: string
+                    required:
+                      - status
+                      - type
+                    type: object
+                  type: array
+                lastScanTime:
+                  description: LastScanTime is the last time image was scanned
+                  format: date-time
+                  type: string
+                latestDigest:
+                  description: LatestDigest is the digest of latest tag
+                  type: string
+                latestImage:
+                  description: 'LatestImage gives the first in the list of images
+                    scanned by
+
+                    the image repository, when filtered and ordered according to
+
+                    the policy.'
+                  type: string
+                latestTag:
+                  description: Latest tag is the latest tag filtered by the policy
+                  type: string
+                observedGeneration:
+                  format: int64
+                  type: integer
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
diff --git a/charts/fleet-crd/104.1.5+up0.10.9/values.yaml b/charts/fleet-crd/104.1.5+up0.10.9/values.yaml
new file mode 100644
index 0000000000..d41d3a2444
--- /dev/null
+++ b/charts/fleet-crd/104.1.5+up0.10.9/values.yaml
@@ -0,0 +1 @@
+# This file is intentionally empty
diff --git a/index.yaml b/index.yaml
index 8366d95506..6bef74dbf1 100755
--- a/index.yaml
+++ b/index.yaml
@@ -2727,6 +2727,23 @@ entries:
     urls:
     - assets/fleet-crd/fleet-crd-105.0.0+up0.11.0.tgz
     version: 105.0.0+up0.11.0
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cattle-fleet-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/release-name: fleet-crd
+    apiVersion: v2
+    appVersion: 0.10.9
+    created: "2025-02-25T21:44:24.58122284-03:00"
+    description: Fleet Manager CustomResourceDefinitions
+    digest: edb134bd5d36eb79e5228978de5c7689a57653a149e219bb289d7af40a882f88
+    icon: https://charts.rancher.io/assets/logos/fleet.svg
+    name: fleet-crd
+    urls:
+    - assets/fleet-crd/fleet-crd-104.1.5+up0.10.9.tgz
+    version: 104.1.5+up0.10.9
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
diff --git a/release.yaml b/release.yaml
index 7a1c4f2b64..dd16d16ef4 100644
--- a/release.yaml
+++ b/release.yaml
@@ -6,3 +6,5 @@ rancher-logging-crd:
   - 104.2.0+up4.8.0
 fleet:
   - 104.1.5+up0.10.9
+fleet-crd:
+  - 104.1.5+up0.10.9

From cdd36aefa5b92eb3e9270a7af122c243eeaac25c Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:45:31 -0300
Subject: [PATCH 07/19] fp: fleet-agent 104.1.5+up0.10.9

---
 .../fleet-agent-104.1.5+up0.10.9.tgz          | Bin 0 -> 3488 bytes
 .../fleet-agent/104.1.5+up0.10.9/Chart.yaml   |  15 +++
 charts/fleet-agent/104.1.5+up0.10.9/README.md |   8 ++
 .../104.1.5+up0.10.9/templates/_helpers.tpl   |  22 ++++
 .../104.1.5+up0.10.9/templates/configmap.yaml |  16 +++
 .../templates/deployment.yaml                 | 108 ++++++++++++++++++
 .../templates/network_policy_allow_all.yaml   |  15 +++
 .../patch_default_serviceaccount.yaml         |  28 +++++
 .../104.1.5+up0.10.9/templates/rbac.yaml      |  28 +++++
 .../104.1.5+up0.10.9/templates/secret.yaml    |  10 ++
 .../104.1.5+up0.10.9/templates/service.yaml   |   9 ++
 .../templates/serviceaccount.yaml             |   4 +
 .../104.1.5+up0.10.9/templates/validate.yaml  |  11 ++
 .../fleet-agent/104.1.5+up0.10.9/values.yaml  |  70 ++++++++++++
 index.yaml                                    |  19 +++
 release.yaml                                  |   2 +
 16 files changed, 365 insertions(+)
 create mode 100644 assets/fleet-agent/fleet-agent-104.1.5+up0.10.9.tgz
 create mode 100644 charts/fleet-agent/104.1.5+up0.10.9/Chart.yaml
 create mode 100644 charts/fleet-agent/104.1.5+up0.10.9/README.md
 create mode 100644 charts/fleet-agent/104.1.5+up0.10.9/templates/_helpers.tpl
 create mode 100644 charts/fleet-agent/104.1.5+up0.10.9/templates/configmap.yaml
 create mode 100644 charts/fleet-agent/104.1.5+up0.10.9/templates/deployment.yaml
 create mode 100644 charts/fleet-agent/104.1.5+up0.10.9/templates/network_policy_allow_all.yaml
 create mode 100644 charts/fleet-agent/104.1.5+up0.10.9/templates/patch_default_serviceaccount.yaml
 create mode 100644 charts/fleet-agent/104.1.5+up0.10.9/templates/rbac.yaml
 create mode 100644 charts/fleet-agent/104.1.5+up0.10.9/templates/secret.yaml
 create mode 100644 charts/fleet-agent/104.1.5+up0.10.9/templates/service.yaml
 create mode 100644 charts/fleet-agent/104.1.5+up0.10.9/templates/serviceaccount.yaml
 create mode 100644 charts/fleet-agent/104.1.5+up0.10.9/templates/validate.yaml
 create mode 100644 charts/fleet-agent/104.1.5+up0.10.9/values.yaml

diff --git a/assets/fleet-agent/fleet-agent-104.1.5+up0.10.9.tgz b/assets/fleet-agent/fleet-agent-104.1.5+up0.10.9.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..470454e910e7cdef56a99c0d1a13ddbd3e7fca41
GIT binary patch
literal 3488
zcmV;R4PWvfiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI|CbK|&?p3nRhU38^pXV0W1`DJ!lcUR@}coXM5&Xhfy)YWEd
z0+B5VF$i!0P+mo=|9*uRQY1xNGZT-U&8k1xBG3RDK;uDogT#a(>WEB{>w~iykvd+G
zoV|Ed8Vm-5lcOX1e=rzy{|^TzM=yp)uaA$9hJ(YS;fulW@bLBU1q>cnjD9MWCi2DL
zpKhz$xnBtp&V?qL3a*j>ASIeGF^yBAHN%*SgA}Ev6N*^^lJInfvX^Z}vkZ9xp_V0v
zy)3uo7^68#MFmgb<$wPd4CCQ9@gN$&f5I?69Gagmdy8_Cqbf*>3An__>8)BQjd^bo
zp%P$}mp}LB7ASM7RaA5B-%*~4JJrkWJKh$46o2bwAH~DL{jy7BNEAk<4+%8ZTR;l>
z=c>l}C?G{qKMqWl-v$|~RMJA*wC_w&cuP2$qJ&dZ1w`<Bs{d3dAR2B`!Z4tz;hkw+
zsN~=vHA`B>z5_-aq7-U%z{FIj11n9e=F?zPy1KK&!BISnkN=}Ayj0Jvvpae`YU2N#
zuoBhdZvb2H|7dtT?Bf5)==Bc&pMq#krf87gAYtf1aNk0rL2-$NP*e-KsNw&h2@(LB
zOcR)UWC-@){S2Wf$Bd@%{q-e?3FsNZ|CVEv95pI9eRly0<s2o*l5@(ZmZObsd8ssv
z5fo~ep~PSh&VMF(!ElXj=n~>o<jKj=(V@Z98(Z=B*Ov)|VI_{KzQ7!iry|1)te#hr
zot=KBjB&6B7ZYGO(SUiO7eF;o1w^Sb#|-q0s&1X{FK-NsqEn6;j2A%Q4jF@6F77y-
zoyO}voSjx(c!S#PRvZ=F%}~!!T4C%2fSQStWuT=Qu(MMbmpo&rU?N3s*+hYoXww6?
zS-w=BS!p5B)W{(foMUR4v;Y$9L2mn)n-)@5DvdIR_p(Hw9RB7iifjdcgIr{|4->+a
z&()Hq+NH;VmGb@N&0CRS0%5agJwLt$kT|7EOKXj|NeZ;MwN{1Yy(D8~%8Hm}=AUj9
zE(^iiH3-fYv1wodL?UpZO*zbfOtc@v2}!k?M`mkIf;|A32$8^;$hCCT48z5nN>8d5
zjT}meloE|_NA)altQT*Z%2%5%-Qss>#d0E>XIF#Gyjt5keKn<mYeH+a^o3Nr`wCNu
zS_N*%uNzrc_gGU^J(XD%?7=&0yFe!F@TD`tr*1usk%>FAJgwH0oS{;%5G6<?j4iB2
z!`+N%n`k<k3CgDd<r*a?%s`H7=00g^+s^4?cJ1t_s|`b?8Xl414Khr%kU+Rm5QeV9
z3MQhtXfiCASQzaNY(>_VG7|0W!Ij9+>w_&-h|Ekgo$}lP-rgQu<75p(xAhV?=2a$A
zbx<ml(X^x)9vG=2WyPX`AK3B%w1iDyxpMVhQl*WWm|QS3tgW{Djv#y`@u!kXY~hNv
zqfcHLC|-9sfggT!b^bvpeTDi?$lH3l?i-ER75R(71cSVUF>&XIL5evw_Mj<mMD$fk
zWJDV*^SJZX+0}*7&k3EDPL@{&706ocsh){a!`an^X>PU_FL59em;p^S`}dlU03d=}
zTqL%#IAx;D?3iXK<F?2pr<`g^82txk0RVUmH<E?tKb3@qHq|0z!{Y+L$pllKz?Ha3
zXPA`?gJ8<U*ey4=x)RIj7S|h`kdkSS4GRl40FCkQHvl|?&3D`XFdlsy4}u`WaXGE#
z(LP+_99aT`ozw8INlp7-V_ulmtPVcRkQFFZtcyo*1wK9gbNu?`XlMUF1ud5mWH_N5
zE92}#=1}2-w<Z=LM5|R`80iG!KRYMU!Ace8=!KKISRpCb69|8&4#Ll>0F7-~J%np{
zkY^jegXQwz>)<cWk!kEYj9IJEcg~@?-B7HrV^LY{2ZqI&HZHkoLudhJn__}w3Q}u!
z8xO@Jtv5)8!e))Z*9Ts{YLIPaWVfM4<*rYDhX|WdEQ81u(${WT1@z$>=}q$HKG7MO
zUNMy4_nZvvy=WapYt;1II=iFCqkjB%23$^xM+pXP!T-U@;i!ZEC!<~b|7qx!@+^Tf
zJKt|f(T+(EgB&%<h$hAu+zb&{IZj;?_$9J7;nMyEST378hPUBYE1w&>gfLkywfLhF
zyu-O#?XT-G$g?h4`PpF-E|*oQDsi<6tAb%O`Vc12;BMxuR$;HiQzFM?if4j(cj3Y~
zuXDm0qTI{VZth;TR@;qUuAazX?qB~6m+%n)V9WYHe!aQ=kB2+^?@6e+-bqoYgZVIU
zm~f+s#!1O;P;Y?&RbXo4IVk5e?TOHsEbm)e<<5ytXO}+a=Cq#_MYl|)j=oGo1VgM<
zyte{?N-{&nsXlXoGn92fW7N#owM4#qSEp~!Z{D4ro!2?u3j0oqJZU5XOenJK8Yk^k
zpZ<>MSyIa$*CD)`*TvuA<#Ji~_W?sZhSh2fDz<FA_Rv?Wq?@V9bhUa}x3)2NQ5Aly
zSyGYbglEkmvHa^nb%`4VI}U>N{?|ZhibRo3+)RlW&XG0JmrMAm6dK#L*;qoe%Gx(*
zq$x~GN%g`^HU6xdvtq+p?<Ad5hEqIODPhDNt-654no}al{>0hhS_u6eW#}d(0WHfW
zTT#`OZB~(zf{ZDnnxbl}MkYnkPKn_3^0M8l=6;v%v~~kfs*(8^W!-7!m(omtxnO0E
zZ$-&<tFj1kljbz(z(zP*6}vfYB>%=$x;}i-M3?H5(YU|#PVv8#;yblhoBG;ObbB!T
zhE`_^ZZxcwbeg7Sf%F+mJyW+nrivRUCTn?G$0&^<*$}*Q(6I!{Q&wj8MTBDb1vupy
zat+_WW*D#`SL^)Ea)K8BM{>56`4{N6&=R?ItaXpXtx(!02;GeDZIijld#}j8DK7MV
z%kJLQAWMF#t^_w4-qCBD^}Rxwz;G}aw9|htMOpZah9n<n|M&ZU{&ep{As9^;AM7eM
ze?QL~+!p^iJn8s<qv6qL=l?wkMN!m>`S_Wqd>Y?=V?)5TL+J74oz;mRm(cH$k<}LS
z*XQ`d{pGS=5!Fioapw&HqqddHR*0-~AWQjFqVh+nHU+y0PG8?I3iPQLu8jSC?tVV^
zi2rL*|N1YCgI=3Ge#ati$NF>(*s}gdgX8Y{AB}eF|7obZ{>NtK*K7WdV%)RRt$I|i
z>5u@R^A<TkI761lYIZOa;x<g65K2dsD@_>NcTZ(8l_bMW_9#P!8Y8!u!vt)iD$^7(
z!)zbMI1v&fo199t?bf)_jv6%sKp$s#Ni+(f9m*Ndo7XXpK0n+Ih#dq+-j4`B#gFJ7
ziuxBU8Xg5$m*PG?O^kgJwq<x%GFJ6svuKB<X|7j32mBEF2Eu&^?VOt*Z8R_`zFX#J
zRG7cZzlNmL!g_!=tx<n3Zjt{r^tSmb{Ba$>lT&4yjCi>Jk$c6DU&f}bMs>SE+spaX
z)@-c=+f3O$#s`EQlk`?hCYLm)I)UMC-~6|v{{3H$N&0x-0c?H$=lHPu{?F*}aJT<I
z1vU46JL{y>Ga>0eEI@4d0B0`FbS)S@d?@5!-;G*l4W^VVnK8~IAO*FatGCo&e*MyZ
zZ=ggeQ*0&9QH~o45pcn;J>&P+mp&`}I&AZrgsyq>X<hsu$}`HRpV!l9>`R*mAC|28
z{D2?<z~)eY$^ff!{C7;X9b<oz*V=-6kMKI4TI^r8j_d9AqXP;%`c+Xs{=07n9%~2K
z7XLZkIR8IB8IE@N{}j}D-={*k2R|AKm&@_V5%RP)EgxWaeo4=FEgO||d0ffr3!n{l
zo8fpmAAW7HHuF0r>}OW@7dSgL{1uFvMX_Zw7z?4z7!<z}xV&%u+a2SP0ASnt9}Q1-
z?|(lNb=H5&VED+_egO2Mz}jHBcxThn>M4OM!CjcA{T5KqJ3G%k8oxbyaQ%OF#J5e`
z*8gzO-Tz-7?)<-}p@-Ig<uE)91JB)q9sM)Zzy9Zh(TwOvG61&5e-69ff1M0>@Bcmx
zEthlx9AVSr|ESa2<q{@@GWe?c#_RozDzLZC)OR@eV;{_ba{Jlw`a|~LDIm(G`CD>q
zUK3uztzx`#av;y#H%>kM*{oypoAT%C&88%M9csKz(sX8;LWivks=$AoY(GqMS843q
z@8WZzG%$LLYypHR(R7BwX4}uLn>+gQ)WrYm^V2tP&*MCM<Tke9|8Ufe|Bqe|clZB1
z3GMCqTW#EZVt+uEgS`hZ2+rpy7cMvQC<U3g<4Q{;dHd5^S#luUUnrqxMB7v3lGD`K
z6ZR~zy0FDHmkO?>V9Z`DV^G!=r3(ITfR=D!FS=1^FJNd~udptt>brS75^o9@2f>Xd
zJR?l-s^wCdqNPH2LytrEiI7f$$lbl5F>BqX62o^wLM|jihMG{OKq0~p50&}xtLjP$
zcg<Sk5;iYh)MVf5)b%P3oWPXBwJQplKxH?Bw)p!nE;ZO!AyD<+?4h8LVk$|V6HQaX
z*dh*s_w{UKA}tM@yE(>Gi(E^014T8uKV%|>I~*&j@qw<ril1AhceJA&?Py0ILH{2B
O0RR889JdMpSO5Uxn#(=_

literal 0
HcmV?d00001

diff --git a/charts/fleet-agent/104.1.5+up0.10.9/Chart.yaml b/charts/fleet-agent/104.1.5+up0.10.9/Chart.yaml
new file mode 100644
index 0000000000..ea7222465d
--- /dev/null
+++ b/charts/fleet-agent/104.1.5+up0.10.9/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.18.0-0 < 1.31.0-0'
+  catalog.cattle.io/namespace: cattle-fleet-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
+  catalog.cattle.io/release-name: fleet-agent
+apiVersion: v2
+appVersion: 0.10.9
+description: Fleet Manager Agent - GitOps at Scale
+icon: https://charts.rancher.io/assets/logos/fleet.svg
+name: fleet-agent
+version: 104.1.5+up0.10.9
diff --git a/charts/fleet-agent/104.1.5+up0.10.9/README.md b/charts/fleet-agent/104.1.5+up0.10.9/README.md
new file mode 100644
index 0000000000..2c5724dcef
--- /dev/null
+++ b/charts/fleet-agent/104.1.5+up0.10.9/README.md
@@ -0,0 +1,8 @@
+## Fleet Agent Helm Chart
+
+Every Fleet-managed downstream cluster will run an agent that communicates back to the Fleet controller. This agent is just another set of Kubernetes controllers running in the downstream cluster.
+
+Standalone Fleet users use this chart for agent-initiated registration. For more details see [agent-initiated registration](https://fleet.rancher.io/cluster-registration#agent-initiated).
+Fleet in Rancher does not use this chart, but creates the agent deployments programmatically.
+
+The Fleet documentation is centralized in the [doc website](https://fleet.rancher.io/).
\ No newline at end of file
diff --git a/charts/fleet-agent/104.1.5+up0.10.9/templates/_helpers.tpl b/charts/fleet-agent/104.1.5+up0.10.9/templates/_helpers.tpl
new file mode 100644
index 0000000000..6cd96c3ace
--- /dev/null
+++ b/charts/fleet-agent/104.1.5+up0.10.9/templates/_helpers.tpl
@@ -0,0 +1,22 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
\ No newline at end of file
diff --git a/charts/fleet-agent/104.1.5+up0.10.9/templates/configmap.yaml b/charts/fleet-agent/104.1.5+up0.10.9/templates/configmap.yaml
new file mode 100644
index 0000000000..5b052e8745
--- /dev/null
+++ b/charts/fleet-agent/104.1.5+up0.10.9/templates/configmap.yaml
@@ -0,0 +1,16 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: fleet-agent
+data:
+  config: |-
+    {
+      {{ if .Values.labels }}
+      "labels":{{toJson .Values.labels}},
+      {{ end }}
+      "clientID":"{{.Values.clientID}}",
+      "agentTLSMode": "{{.Values.agentTLSMode}}"
+      {{ if .Values.garbageCollectionInterval }}
+      "garbageCollectionInterval": "{{.Values.garbageCollectionInterval}}"
+      {{ end }}
+    }
diff --git a/charts/fleet-agent/104.1.5+up0.10.9/templates/deployment.yaml b/charts/fleet-agent/104.1.5+up0.10.9/templates/deployment.yaml
new file mode 100644
index 0000000000..a13d85abee
--- /dev/null
+++ b/charts/fleet-agent/104.1.5+up0.10.9/templates/deployment.yaml
@@ -0,0 +1,108 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: fleet-agent
+spec:
+  serviceName: fleet-agent
+  selector:
+    matchLabels:
+      app: fleet-agent
+  template:
+    metadata:
+      labels:
+        app: fleet-agent
+    spec:
+      initContainers:
+      - env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        image: '{{ template "system_default_registry" . }}{{.Values.image.repository}}:{{.Values.image.tag}}'
+        name: fleet-agent-register
+        command:
+        - fleetagent
+        - register
+        {{- if .Values.debug }}
+        - --debug
+        - --debug-level
+        - {{ quote .Values.debugLevel }}
+        {{- else }}
+        securityContext:
+          allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
+          privileged: false
+          capabilities:
+            drop:
+            - ALL
+        {{- end }}
+      containers:
+      - env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        image: '{{ template "system_default_registry" . }}{{.Values.image.repository}}:{{.Values.image.tag}}'
+        name: fleet-agent
+        command:
+        - fleetagent
+        {{- if .Values.debug }}
+        - --debug
+        - --debug-level
+        - {{ quote .Values.debugLevel }}
+        {{- else }}
+        securityContext:
+          allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
+          privileged: false
+          capabilities:
+            drop:
+            - ALL
+        {{- end }}
+        volumeMounts:
+          - mountPath: /.kube
+            name: kube
+      - env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        image: '{{ template "system_default_registry" . }}{{.Values.image.repository}}:{{.Values.image.tag}}'
+        name: fleet-agent-clusterstatus
+        command:
+        - fleetagent
+        - clusterstatus
+        {{- if .Values.debug }}
+        - --debug
+        - --debug-level
+        - {{ quote .Values.debugLevel }}
+        {{- else }}
+        securityContext:
+          allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
+          privileged: false
+          capabilities:
+            drop:
+            - ALL
+        {{- end }}
+      volumes:
+        - name: kube
+          emptyDir: {}
+      serviceAccountName: fleet-agent
+      {{- if .Values.fleetAgent.hostNetwork }}
+      hostNetwork: true
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.fleetAgent.nodeSelector }}
+{{ toYaml .Values.fleetAgent.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.fleetAgent.tolerations }}
+{{ toYaml .Values.fleetAgent.tolerations | indent 8 }}
+{{- end }}
+{{- if not .Values.debug }}
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+        runAsGroup: 1000
+{{- end }}
diff --git a/charts/fleet-agent/104.1.5+up0.10.9/templates/network_policy_allow_all.yaml b/charts/fleet-agent/104.1.5+up0.10.9/templates/network_policy_allow_all.yaml
new file mode 100644
index 0000000000..a72109a062
--- /dev/null
+++ b/charts/fleet-agent/104.1.5+up0.10.9/templates/network_policy_allow_all.yaml
@@ -0,0 +1,15 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: default-allow-all
+  namespace: {{ .Values.internal.systemNamespace }}
+spec:
+  podSelector: {}
+  ingress:
+  - {}
+  egress:
+  - {}
+  policyTypes:
+  - Ingress
+  - Egress
diff --git a/charts/fleet-agent/104.1.5+up0.10.9/templates/patch_default_serviceaccount.yaml b/charts/fleet-agent/104.1.5+up0.10.9/templates/patch_default_serviceaccount.yaml
new file mode 100644
index 0000000000..aad4eea415
--- /dev/null
+++ b/charts/fleet-agent/104.1.5+up0.10.9/templates/patch_default_serviceaccount.yaml
@@ -0,0 +1,28 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: patch-fleet-sa
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade
+    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
+spec:
+  template:
+    spec:
+      serviceAccountName: fleet-agent
+      restartPolicy: Never
+      containers:
+      - name: sa
+        image: "{{ template "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }}"
+        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
+        command: ["kubectl", "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"]
+        args: ["-n", {{ .Values.internal.systemNamespace }}]
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.kubectl.nodeSelector }}
+{{ toYaml .Values.kubectl.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.kubectl.tolerations }}
+{{ toYaml .Values.kubectl.tolerations | indent 8 }}
+{{- end }}
+  backoffLimit: 1
diff --git a/charts/fleet-agent/104.1.5+up0.10.9/templates/rbac.yaml b/charts/fleet-agent/104.1.5+up0.10.9/templates/rbac.yaml
new file mode 100644
index 0000000000..1a7e8d8841
--- /dev/null
+++ b/charts/fleet-agent/104.1.5+up0.10.9/templates/rbac.yaml
@@ -0,0 +1,28 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: fleet-agent-system-fleet-agent-role
+rules:
+- apiGroups:
+  - '*'
+  resources:
+  - '*'
+  verbs:
+  - '*'
+- nonResourceURLs:
+  - "*"
+  verbs:
+  - "*"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: fleet-agent-system-fleet-agent-role-binding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: fleet-agent-system-fleet-agent-role
+subjects:
+- kind: ServiceAccount
+  name: fleet-agent
+  namespace: {{.Release.Namespace}}
diff --git a/charts/fleet-agent/104.1.5+up0.10.9/templates/secret.yaml b/charts/fleet-agent/104.1.5+up0.10.9/templates/secret.yaml
new file mode 100644
index 0000000000..4715882047
--- /dev/null
+++ b/charts/fleet-agent/104.1.5+up0.10.9/templates/secret.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+data:
+  systemRegistrationNamespace: "{{b64enc .Values.systemRegistrationNamespace}}"
+  clusterNamespace: "{{b64enc .Values.clusterNamespace}}"
+  token: "{{b64enc .Values.token}}"
+  apiServerURL: "{{b64enc .Values.apiServerURL}}"
+  apiServerCA: "{{b64enc .Values.apiServerCA}}"
+kind: Secret
+metadata:
+  name: fleet-agent-bootstrap
diff --git a/charts/fleet-agent/104.1.5+up0.10.9/templates/service.yaml b/charts/fleet-agent/104.1.5+up0.10.9/templates/service.yaml
new file mode 100644
index 0000000000..36d35588f3
--- /dev/null
+++ b/charts/fleet-agent/104.1.5+up0.10.9/templates/service.yaml
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: fleet-agent
+spec:
+    type: ClusterIP
+    clusterIP: None
+    selector:
+      app: fleet-agent
diff --git a/charts/fleet-agent/104.1.5+up0.10.9/templates/serviceaccount.yaml b/charts/fleet-agent/104.1.5+up0.10.9/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..73e27f0be9
--- /dev/null
+++ b/charts/fleet-agent/104.1.5+up0.10.9/templates/serviceaccount.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: fleet-agent
diff --git a/charts/fleet-agent/104.1.5+up0.10.9/templates/validate.yaml b/charts/fleet-agent/104.1.5+up0.10.9/templates/validate.yaml
new file mode 100644
index 0000000000..d53ff1c508
--- /dev/null
+++ b/charts/fleet-agent/104.1.5+up0.10.9/templates/validate.yaml
@@ -0,0 +1,11 @@
+{{if ne .Release.Namespace .Values.internal.systemNamespace }}
+{{ fail (printf "This chart must be installed in the namespace %s as the release name fleet-agent" .Values.internal.systemNamespace) }}
+{{end}}
+
+{{if ne .Release.Name .Values.internal.managedReleaseName }}
+{{ fail (printf "This chart must be installed in the namespace %s as the release name fleet-agent" .Values.internal.managedReleaseName) }}
+{{end}}
+
+{{if not .Values.apiServerURL }}
+{{ fail "apiServerURL is required to be set, and most likely also apiServerCA" }}
+{{end}}
diff --git a/charts/fleet-agent/104.1.5+up0.10.9/values.yaml b/charts/fleet-agent/104.1.5+up0.10.9/values.yaml
new file mode 100644
index 0000000000..089fca8277
--- /dev/null
+++ b/charts/fleet-agent/104.1.5+up0.10.9/values.yaml
@@ -0,0 +1,70 @@
+image:
+  os: "windows,linux"
+  repository: rancher/fleet-agent
+  tag: v0.10.9
+
+# The public URL of the Kubernetes API server running the Fleet Manager must be set here
+# Example: https://example.com:6443
+apiServerURL: ""
+
+# The the pem encoded value of the CA of the Kubernetes API server running the Fleet Manager.
+# If left empty it is assumed this Kubernetes API TLS is signed by a well known CA.
+apiServerCA: ""
+
+# Determines whether the agent should trust CA bundles from the operating system's trust store when connecting to a
+# management cluster. True in `system-store` mode, false in `strict` mode.
+agentTLSMode: "system-store"
+
+# The cluster registration value
+token: ""
+
+# Labels to add to the cluster upon registration only. They are not added after the fact.
+# labels:
+#   foo: bar
+
+# The client ID of the cluster to associate with
+clientID: ""
+
+# The namespace of the cluster we are register with
+clusterNamespace: ""
+
+# The namespace containing the clusters registration secrets
+systemRegistrationNamespace: cattle-fleet-clusters-system
+
+# Please do not change the below setting unless you really know what you are doing
+internal:
+  systemNamespace: cattle-fleet-system
+  managedReleaseName: fleet-agent
+
+# The nodeSelector and tolerations for the agent deployment
+fleetAgent:
+  ## Node labels for pod assignment
+  ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+  ##
+  nodeSelector: {}
+  ## List of node taints to tolerate (requires Kubernetes >= 1.6)
+  tolerations: []
+  ## HostNetwork setting for the agent deployment.
+  ## When set allows for provisioning of network related bundles (CNI configuration) in a cluster without CNI.
+  hostNetwork: false
+kubectl:
+  ## Node labels for pod assignment
+  ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+  ##
+  nodeSelector: {}
+  ## List of node taints to tolerate (requires Kubernetes >= 1.6)
+  tolerations:
+  - key: node.cloudprovider.kubernetes.io/uninitialized
+    operator: "Equal"
+    value: "true"
+    effect: NoSchedule
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+  kubectl:
+    repository: rancher/kubectl
+    tag: v1.29.0
+
+debug: false
+debugLevel: 0
diff --git a/index.yaml b/index.yaml
index 6bef74dbf1..833ac271fd 100755
--- a/index.yaml
+++ b/index.yaml
@@ -2014,6 +2014,25 @@ entries:
     urls:
     - assets/fleet-agent/fleet-agent-105.0.0+up0.11.0.tgz
     version: 105.0.0+up0.11.0
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/kube-version: '>= 1.18.0-0 < 1.31.0-0'
+      catalog.cattle.io/namespace: cattle-fleet-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
+      catalog.cattle.io/release-name: fleet-agent
+    apiVersion: v2
+    appVersion: 0.10.9
+    created: "2025-02-25T21:45:13.557652278-03:00"
+    description: Fleet Manager Agent - GitOps at Scale
+    digest: c45b998311a1aaa76c25f8bf007aea69cf21cc3965e9340db59cc1a6beaf99f2
+    icon: https://charts.rancher.io/assets/logos/fleet.svg
+    name: fleet-agent
+    urls:
+    - assets/fleet-agent/fleet-agent-104.1.5+up0.10.9.tgz
+    version: 104.1.5+up0.10.9
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
diff --git a/release.yaml b/release.yaml
index dd16d16ef4..a8f4962ab4 100644
--- a/release.yaml
+++ b/release.yaml
@@ -8,3 +8,5 @@ fleet:
   - 104.1.5+up0.10.9
 fleet-crd:
   - 104.1.5+up0.10.9
+fleet-agent:
+  - 104.1.5+up0.10.9

From 930d94b41c50fc16e759761e09826bf1eaa340da Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:46:18 -0300
Subject: [PATCH 08/19] fp: rancher-monitoring 104.1.4+up57.0.3

---
 .../rancher-monitoring-104.1.4+up57.0.3.tgz   |  Bin 0 -> 479438 bytes
 .../104.1.4+up57.0.3/.editorconfig            |    5 +
 .../104.1.4+up57.0.3/.helmignore              |   29 +
 .../104.1.4+up57.0.3/CHANGELOG.md             |   47 +
 .../104.1.4+up57.0.3/CONTRIBUTING.md          |   12 +
 .../104.1.4+up57.0.3/Chart.yaml               |  126 +
 .../104.1.4+up57.0.3/README.md                | 1080 ++++
 .../104.1.4+up57.0.3/app-README.md            |   46 +
 .../charts/grafana/.helmignore                |   23 +
 .../charts/grafana/Chart.yaml                 |   39 +
 .../104.1.4+up57.0.3/charts/grafana/README.md |  770 +++
 .../grafana/dashboards/custom-dashboard.json  |    1 +
 .../charts/grafana/templates/NOTES.txt        |   55 +
 .../charts/grafana/templates/_config.tpl      |  171 +
 .../charts/grafana/templates/_helpers.tpl     |  305 +
 .../charts/grafana/templates/_pod.tpl         | 1296 ++++
 .../charts/grafana/templates/clusterrole.yaml |   25 +
 .../grafana/templates/clusterrolebinding.yaml |   24 +
 .../grafana/templates/configSecret.yaml       |   43 +
 .../configmap-dashboard-provider.yaml         |   15 +
 .../charts/grafana/templates/configmap.yaml   |   15 +
 .../templates/dashboards-json-configmap.yaml  |   38 +
 .../charts/grafana/templates/deployment.yaml  |   53 +
 .../grafana/templates/extra-manifests.yaml    |    4 +
 .../grafana/templates/headless-service.yaml   |   22 +
 .../charts/grafana/templates/hpa.yaml         |   52 +
 .../templates/image-renderer-deployment.yaml  |  131 +
 .../grafana/templates/image-renderer-hpa.yaml |   47 +
 .../image-renderer-network-policy.yaml        |   79 +
 .../templates/image-renderer-service.yaml     |   31 +
 .../image-renderer-servicemonitor.yaml        |   48 +
 .../charts/grafana/templates/ingress.yaml     |   78 +
 .../grafana/templates/networkpolicy.yaml      |   61 +
 .../grafana/templates/nginx-config.yaml       |   94 +
 .../templates/poddisruptionbudget.yaml        |   22 +
 .../grafana/templates/podsecuritypolicy.yaml  |   45 +
 .../charts/grafana/templates/pvc.yaml         |   41 +
 .../charts/grafana/templates/role.yaml        |   32 +
 .../charts/grafana/templates/rolebinding.yaml |   25 +
 .../charts/grafana/templates/secret-env.yaml  |   14 +
 .../charts/grafana/templates/secret.yaml      |   16 +
 .../charts/grafana/templates/service.yaml     |   61 +
 .../grafana/templates/serviceaccount.yaml     |   17 +
 .../grafana/templates/servicemonitor.yaml     |   68 +
 .../charts/grafana/templates/statefulset.yaml |   58 +
 .../templates/tests/test-configmap.yaml       |   20 +
 .../tests/test-podsecuritypolicy.yaml         |   32 +
 .../grafana/templates/tests/test-role.yaml    |   17 +
 .../templates/tests/test-rolebinding.yaml     |   20 +
 .../templates/tests/test-serviceaccount.yaml  |   12 +
 .../charts/grafana/templates/tests/test.yaml  |   53 +
 .../charts/grafana/values.yaml                | 1315 ++++
 .../charts/hardenedKubelet/.helmignore        |   23 +
 .../charts/hardenedKubelet/Chart.yaml         |   15 +
 .../charts/hardenedKubelet/README.md          |   90 +
 .../hardenedKubelet/templates/_helpers.tpl    |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/hardenedKubelet/values.yaml        |  166 +
 .../charts/hardenedNodeExporter/.helmignore   |   23 +
 .../charts/hardenedNodeExporter/Chart.yaml    |   15 +
 .../charts/hardenedNodeExporter/README.md     |   90 +
 .../templates/_helpers.tpl                    |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/hardenedNodeExporter/values.yaml   |  166 +
 .../charts/k3sServer/.helmignore              |   23 +
 .../charts/k3sServer/Chart.yaml               |   15 +
 .../charts/k3sServer/README.md                |   90 +
 .../charts/k3sServer/templates/_helpers.tpl   |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../k3sServer/templates/pushprox-clients.yaml |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../k3sServer/templates/pushprox-proxy.yaml   |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/k3sServer/values.yaml              |  166 +
 .../charts/kube-state-metrics/.helmignore     |   21 +
 .../charts/kube-state-metrics/Chart.yaml      |   32 +
 .../charts/kube-state-metrics/README.md       |   85 +
 .../kube-state-metrics/templates/NOTES.txt    |   23 +
 .../kube-state-metrics/templates/_helpers.tpl |  196 +
 .../templates/ciliumnetworkpolicy.yaml        |   33 +
 .../templates/clusterrolebinding.yaml         |   20 +
 .../templates/crs-configmap.yaml              |   16 +
 .../templates/deployment.yaml                 |  314 +
 .../templates/extra-manifests.yaml            |    4 +
 .../templates/kubeconfig-secret.yaml          |   12 +
 .../templates/networkpolicy.yaml              |   43 +
 .../kube-state-metrics/templates/pdb.yaml     |   18 +
 .../templates/podsecuritypolicy.yaml          |   39 +
 .../templates/psp-clusterrole.yaml            |   19 +
 .../templates/psp-clusterrolebinding.yaml     |   16 +
 .../templates/rbac-configmap.yaml             |   22 +
 .../kube-state-metrics/templates/role.yaml    |  215 +
 .../templates/rolebinding.yaml                |   24 +
 .../kube-state-metrics/templates/service.yaml |   49 +
 .../templates/serviceaccount.yaml             |   17 +
 .../templates/servicemonitor.yaml             |  126 +
 .../templates/stsdiscovery-role.yaml          |   26 +
 .../templates/stsdiscovery-rolebinding.yaml   |   17 +
 .../templates/verticalpodautoscaler.yaml      |   44 +
 .../charts/kube-state-metrics/values.yaml     |  491 ++
 .../kubeAdmControllerManager/.helmignore      |   23 +
 .../kubeAdmControllerManager/Chart.yaml       |   15 +
 .../charts/kubeAdmControllerManager/README.md |   90 +
 .../templates/_helpers.tpl                    |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../kubeAdmControllerManager/values.yaml      |  166 +
 .../charts/kubeAdmEtcd/.helmignore            |   23 +
 .../charts/kubeAdmEtcd/Chart.yaml             |   15 +
 .../charts/kubeAdmEtcd/README.md              |   90 +
 .../charts/kubeAdmEtcd/templates/_helpers.tpl |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../kubeAdmEtcd/templates/pushprox-proxy.yaml |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/kubeAdmEtcd/values.yaml            |  166 +
 .../charts/kubeAdmProxy/.helmignore           |   23 +
 .../charts/kubeAdmProxy/Chart.yaml            |   15 +
 .../charts/kubeAdmProxy/README.md             |   90 +
 .../kubeAdmProxy/templates/_helpers.tpl       |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/kubeAdmProxy/values.yaml           |  166 +
 .../charts/kubeAdmScheduler/.helmignore       |   23 +
 .../charts/kubeAdmScheduler/Chart.yaml        |   15 +
 .../charts/kubeAdmScheduler/README.md         |   90 +
 .../kubeAdmScheduler/templates/_helpers.tpl   |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/kubeAdmScheduler/values.yaml       |  166 +
 .../charts/prometheus-adapter/.helmignore     |   21 +
 .../charts/prometheus-adapter/Chart.yaml      |   28 +
 .../charts/prometheus-adapter/README.md       |  160 +
 .../prometheus-adapter/templates/NOTES.txt    |    9 +
 .../prometheus-adapter/templates/_helpers.tpl |  113 +
 .../templates/certmanager.yaml                |   76 +
 .../cluster-role-binding-auth-delegator.yaml  |   20 +
 .../cluster-role-binding-resource-reader.yaml |   20 +
 .../cluster-role-resource-reader.yaml         |   24 +
 .../templates/configmap.yaml                  |   97 +
 .../templates/custom-metrics-apiservice.yaml  |   34 +
 ...stom-metrics-cluster-role-binding-hpa.yaml |   24 +
 .../custom-metrics-cluster-role.yaml          |   17 +
 .../templates/deployment.yaml                 |  143 +
 .../external-metrics-apiservice.yaml          |   34 +
 ...rnal-metrics-cluster-role-binding-hpa.yaml |   20 +
 .../external-metrics-cluster-role.yaml        |   21 +
 .../prometheus-adapter/templates/pdb.yaml     |   23 +
 .../prometheus-adapter/templates/psp.yaml     |   66 +
 .../resource-metrics-apiservice.yaml          |   34 +
 ...resource-metrics-cluster-role-binding.yaml |   20 +
 .../resource-metrics-cluster-role.yaml        |   23 +
 .../templates/role-binding-auth-reader.yaml   |   21 +
 .../prometheus-adapter/templates/secret.yaml  |   17 +
 .../prometheus-adapter/templates/service.yaml |   27 +
 .../templates/serviceaccount.yaml             |   18 +
 .../charts/prometheus-adapter/values.yaml     |  277 +
 .../prometheus-node-exporter/.helmignore      |   21 +
 .../prometheus-node-exporter/Chart.yaml       |   25 +
 .../charts/prometheus-node-exporter/README.md |   97 +
 .../templates/NOTES.txt                       |   29 +
 .../templates/_helpers.tpl                    |  236 +
 .../templates/clusterrole.yaml                |   19 +
 .../templates/clusterrolebinding.yaml         |   20 +
 .../templates/daemonset.yaml                  |  309 +
 .../templates/endpoints.yaml                  |   18 +
 .../templates/extra-manifests.yaml            |    4 +
 .../templates/networkpolicy.yaml              |   23 +
 .../templates/podmonitor.yaml                 |   91 +
 .../templates/psp-clusterrole.yaml            |   14 +
 .../templates/psp-clusterrolebinding.yaml     |   16 +
 .../templates/psp.yaml                        |   49 +
 .../templates/rbac-configmap.yaml             |   16 +
 .../templates/service.yaml                    |   29 +
 .../templates/serviceaccount.yaml             |   17 +
 .../templates/servicemonitor.yaml             |   71 +
 .../templates/verticalpodautoscaler.yaml      |   40 +
 .../prometheus-node-exporter/values.yaml      |  530 ++
 .../charts/rke2ControllerManager/.helmignore  |   23 +
 .../charts/rke2ControllerManager/Chart.yaml   |   15 +
 .../charts/rke2ControllerManager/README.md    |   90 +
 .../templates/_helpers.tpl                    |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rke2ControllerManager/values.yaml  |  166 +
 .../charts/rke2Etcd/.helmignore               |   23 +
 .../charts/rke2Etcd/Chart.yaml                |   15 +
 .../charts/rke2Etcd/README.md                 |   90 +
 .../charts/rke2Etcd/templates/_helpers.tpl    |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../rke2Etcd/templates/pushprox-clients.yaml  |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../rke2Etcd/templates/pushprox-proxy.yaml    |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rke2Etcd/values.yaml               |  166 +
 .../charts/rke2IngressNginx/.helmignore       |   23 +
 .../charts/rke2IngressNginx/Chart.yaml        |   15 +
 .../charts/rke2IngressNginx/README.md         |   90 +
 .../rke2IngressNginx/templates/_helpers.tpl   |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rke2IngressNginx/values.yaml       |  166 +
 .../charts/rke2Proxy/.helmignore              |   23 +
 .../charts/rke2Proxy/Chart.yaml               |   15 +
 .../charts/rke2Proxy/README.md                |   90 +
 .../charts/rke2Proxy/templates/_helpers.tpl   |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../rke2Proxy/templates/pushprox-clients.yaml |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../rke2Proxy/templates/pushprox-proxy.yaml   |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rke2Proxy/values.yaml              |  166 +
 .../charts/rke2Scheduler/.helmignore          |   23 +
 .../charts/rke2Scheduler/Chart.yaml           |   15 +
 .../charts/rke2Scheduler/README.md            |   90 +
 .../rke2Scheduler/templates/_helpers.tpl      |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rke2Scheduler/values.yaml          |  166 +
 .../charts/rkeControllerManager/.helmignore   |   23 +
 .../charts/rkeControllerManager/Chart.yaml    |   15 +
 .../charts/rkeControllerManager/README.md     |   90 +
 .../templates/_helpers.tpl                    |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rkeControllerManager/values.yaml   |  166 +
 .../charts/rkeEtcd/.helmignore                |   23 +
 .../charts/rkeEtcd/Chart.yaml                 |   15 +
 .../104.1.4+up57.0.3/charts/rkeEtcd/README.md |   90 +
 .../charts/rkeEtcd/templates/_helpers.tpl     |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../rkeEtcd/templates/pushprox-clients.yaml   |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../rkeEtcd/templates/pushprox-proxy.yaml     |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rkeEtcd/values.yaml                |  166 +
 .../charts/rkeIngressNginx/.helmignore        |   23 +
 .../charts/rkeIngressNginx/Chart.yaml         |   15 +
 .../charts/rkeIngressNginx/README.md          |   90 +
 .../rkeIngressNginx/templates/_helpers.tpl    |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rkeIngressNginx/values.yaml        |  166 +
 .../charts/rkeProxy/.helmignore               |   23 +
 .../charts/rkeProxy/Chart.yaml                |   15 +
 .../charts/rkeProxy/README.md                 |   90 +
 .../charts/rkeProxy/templates/_helpers.tpl    |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../rkeProxy/templates/pushprox-clients.yaml  |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../rkeProxy/templates/pushprox-proxy.yaml    |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rkeProxy/values.yaml               |  166 +
 .../charts/rkeScheduler/.helmignore           |   23 +
 .../charts/rkeScheduler/Chart.yaml            |   15 +
 .../charts/rkeScheduler/README.md             |   90 +
 .../rkeScheduler/templates/_helpers.tpl       |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rkeScheduler/values.yaml           |  166 +
 .../charts/windowsExporter/.helmignore        |   21 +
 .../charts/windowsExporter/Chart.yaml         |   24 +
 .../charts/windowsExporter/README.md          |   42 +
 .../scripts/configure-firewall.ps1            |   31 +
 .../windowsExporter/templates/_helpers.tpl    |  216 +
 .../windowsExporter/templates/config.yaml     |   14 +
 .../windowsExporter/templates/daemonset.yaml  |  200 +
 .../windowsExporter/templates/podmonitor.yaml |   91 +
 .../templates/scriptConfig.yaml               |   14 +
 .../windowsExporter/templates/service.yaml    |   32 +
 .../templates/serviceaccount.yaml             |   17 +
 .../templates/servicemonitor.yaml             |   75 +
 .../charts/windowsExporter/values.yaml        |  367 ++
 .../files/ingress-nginx/nginx.json            | 1445 +++++
 .../request-handling-performance.json         |  963 +++
 .../cluster/rancher-cluster-nodes.json        |  793 +++
 .../rancher/cluster/rancher-cluster.json      |  776 +++
 .../files/rancher/fleet/bundle.json           |  246 +
 .../files/rancher/fleet/bundledeployment.json |  219 +
 .../files/rancher/fleet/cluster.json          |  484 ++
 .../files/rancher/fleet/clustergroup.json     |  468 ++
 .../rancher/fleet/controller-runtime.json     |  454 ++
 .../files/rancher/fleet/gitrepo.json          |  325 +
 .../rancher/home/rancher-default-home.json    | 1290 ++++
 .../files/rancher/k8s/rancher-etcd-nodes.json |  687 +++
 .../files/rancher/k8s/rancher-etcd.json       |  669 ++
 .../k8s/rancher-k8s-components-nodes.json     |  527 ++
 .../rancher/k8s/rancher-k8s-components.json   |  519 ++
 .../rancher/nodes/rancher-node-detail.json    |  805 +++
 .../files/rancher/nodes/rancher-node.json     |  792 +++
 .../performance/performance-debugging.json    | 1652 +++++
 .../rancher/pods/rancher-pod-containers.json  |  636 ++
 .../files/rancher/pods/rancher-pod.json       |  636 ++
 .../workloads/rancher-workload-pods.json      |  652 ++
 .../rancher/workloads/rancher-workload.json   |  652 ++
 .../delete-workloads-with-old-labels.sh       |   14 +
 .../104.1.4+up57.0.3/templates/NOTES.txt      |    4 +
 .../104.1.4+up57.0.3/templates/_helpers.tpl   |  467 ++
 .../templates/alertmanager/alertmanager.yaml  |  191 +
 .../templates/alertmanager/extrasecret.yaml   |   20 +
 .../templates/alertmanager/ingress.yaml       |   78 +
 .../alertmanager/ingressperreplica.yaml       |   67 +
 .../alertmanager/podDisruptionBudget.yaml     |   21 +
 .../templates/alertmanager/psp-role.yaml      |   23 +
 .../alertmanager/psp-rolebinding.yaml         |   20 +
 .../templates/alertmanager/psp.yaml           |   47 +
 .../templates/alertmanager/secret.yaml        |   35 +
 .../templates/alertmanager/service.yaml       |   68 +
 .../alertmanager/serviceaccount.yaml          |   21 +
 .../alertmanager/servicemonitor.yaml          |   84 +
 .../alertmanager/serviceperreplica.yaml       |   49 +
 .../templates/exporters/core-dns/service.yaml |   24 +
 .../exporters/core-dns/servicemonitor.yaml    |   58 +
 .../kube-api-server/servicemonitor.yaml       |   57 +
 .../kube-controller-manager/endpoints.yaml    |   22 +
 .../kube-controller-manager/service.yaml      |   29 +
 .../servicemonitor.yaml                       |   69 +
 .../templates/exporters/kube-dns/service.yaml |   28 +
 .../exporters/kube-dns/servicemonitor.yaml    |   71 +
 .../exporters/kube-etcd/endpoints.yaml        |   20 +
 .../exporters/kube-etcd/service.yaml          |   27 +
 .../exporters/kube-etcd/servicemonitor.yaml   |   75 +
 .../exporters/kube-proxy/endpoints.yaml       |   20 +
 .../exporters/kube-proxy/service.yaml         |   27 +
 .../exporters/kube-proxy/servicemonitor.yaml  |   63 +
 .../exporters/kube-scheduler/endpoints.yaml   |   22 +
 .../exporters/kube-scheduler/service.yaml     |   29 +
 .../kube-scheduler/servicemonitor.yaml        |   69 +
 .../kube-state-metrics/validate.yaml          |    7 +
 .../exporters/kubelet/servicemonitor.yaml     |  246 +
 .../exporters/node-exporter/validate.yaml     |    3 +
 .../templates/extra-objects.yaml              |    4 +
 .../grafana/configmap-dashboards.yaml         |   24 +
 .../grafana/configmaps-datasources.yaml       |   81 +
 .../alertmanager-overview.yaml                |  616 ++
 .../grafana/dashboards-1.14/apiserver.yaml    | 1772 ++++++
 .../dashboards-1.14/cluster-total.yaml        | 1882 ++++++
 .../dashboards-1.14/controller-manager.yaml   | 1196 ++++
 .../grafana/dashboards-1.14/etcd.yaml         | 1229 ++++
 .../dashboards-1.14/grafana-overview.yaml     |  635 ++
 .../grafana/dashboards-1.14/k8s-coredns.yaml  | 1534 +++++
 .../k8s-resources-cluster.yaml                | 3088 ++++++++++
 .../k8s-resources-multicluster.yaml           |   24 +
 .../k8s-resources-namespace.yaml              | 2797 +++++++++
 .../dashboards-1.14/k8s-resources-node.yaml   | 1026 ++++
 .../dashboards-1.14/k8s-resources-pod.yaml    | 2469 ++++++++
 .../k8s-resources-windows-cluster.yaml        |   24 +
 .../k8s-resources-windows-namespace.yaml      |   24 +
 .../k8s-resources-windows-pod.yaml            |   24 +
 .../k8s-resources-workload.yaml               | 2024 ++++++
 .../k8s-resources-workloads-namespace.yaml    | 2189 +++++++
 .../k8s-windows-cluster-rsrc-use.yaml         |   24 +
 .../k8s-windows-node-rsrc-use.yaml            |   24 +
 .../grafana/dashboards-1.14/kubelet.yaml      | 2256 +++++++
 .../dashboards-1.14/namespace-by-pod.yaml     | 1464 +++++
 .../namespace-by-workload.yaml                | 1736 ++++++
 .../node-cluster-rsrc-use.yaml                | 1063 ++++
 .../dashboards-1.14/node-rsrc-use.yaml        | 1089 ++++
 .../grafana/dashboards-1.14/nodes-darwin.yaml | 1073 ++++
 .../grafana/dashboards-1.14/nodes.yaml        | 1066 ++++
 .../persistentvolumesusage.yaml               |  587 ++
 .../grafana/dashboards-1.14/pod-total.yaml    | 1228 ++++
 .../prometheus-remote-write.yaml              | 1674 +++++
 .../grafana/dashboards-1.14/prometheus.yaml   | 1235 ++++
 .../grafana/dashboards-1.14/proxy.yaml        | 1276 ++++
 .../grafana/dashboards-1.14/scheduler.yaml    | 1118 ++++
 .../dashboards-1.14/workload-total.yaml       | 1438 +++++
 .../templates/grafana/namespaces.yaml         |   13 +
 .../_prometheus-operator.tpl                  |    7 +
 .../_prometheus-operator-webhook.tpl          |    6 +
 .../deployment/deployment.yaml                |  143 +
 .../admission-webhooks/deployment/pdb.yaml    |   15 +
 .../deployment/service.yaml                   |   58 +
 .../deployment/serviceaccount.yaml            |   15 +
 .../ciliumnetworkpolicy-createSecret.yaml     |   36 +
 .../ciliumnetworkpolicy-patchWebhook.yaml     |   36 +
 .../job-patch/clusterrole.yaml                |   33 +
 .../job-patch/clusterrolebinding.yaml         |   20 +
 .../job-patch/job-createSecret.yaml           |   73 +
 .../job-patch/job-patchWebhook.yaml           |   74 +
 .../job-patch/networkpolicy-createSecret.yaml |   33 +
 .../job-patch/networkpolicy-patchWebhook.yaml |   33 +
 .../admission-webhooks/job-patch/psp.yaml     |   47 +
 .../admission-webhooks/job-patch/role.yaml    |   21 +
 .../job-patch/rolebinding.yaml                |   21 +
 .../job-patch/serviceaccount.yaml             |   17 +
 .../mutatingWebhookConfiguration.yaml         |   77 +
 .../validatingWebhookConfiguration.yaml       |   77 +
 .../prometheus-operator/certmanager.yaml      |   55 +
 .../ciliumnetworkpolicy.yaml                  |   40 +
 .../prometheus-operator/clusterrole.yaml      |  109 +
 .../clusterrolebinding.yaml                   |   16 +
 .../prometheus-operator/deployment.yaml       |  204 +
 .../prometheus-operator/networkpolicy.yaml    |   29 +
 .../prometheus-operator/psp-clusterrole.yaml  |   21 +
 .../psp-clusterrolebinding.yaml               |   18 +
 .../templates/prometheus-operator/psp.yaml    |   46 +
 .../prometheus-operator/service.yaml          |   57 +
 .../prometheus-operator/serviceaccount.yaml   |   14 +
 .../prometheus-operator/servicemonitor.yaml   |   57 +
 .../verticalpodautoscaler.yaml                |   40 +
 .../templates/prometheus/_rules.tpl           |   44 +
 .../additionalAlertRelabelConfigs.yaml        |   16 +
 .../additionalAlertmanagerConfigs.yaml        |   16 +
 .../prometheus/additionalPrometheusRules.yaml |   43 +
 .../prometheus/additionalScrapeConfigs.yaml   |   20 +
 .../prometheus/ciliumnetworkpolicy.yaml       |   27 +
 .../templates/prometheus/clusterrole.yaml     |   30 +
 .../prometheus/clusterrolebinding.yaml        |   18 +
 .../templates/prometheus/csi-secret.yaml      |   12 +
 .../templates/prometheus/extrasecret.yaml     |   20 +
 .../templates/prometheus/ingress.yaml         |   77 +
 .../prometheus/ingressThanosSidecar.yaml      |   77 +
 .../prometheus/ingressperreplica.yaml         |   67 +
 .../templates/prometheus/networkpolicy.yaml   |   34 +
 .../templates/prometheus/nginx-config.yaml    |   68 +
 .../prometheus/podDisruptionBudget.yaml       |   25 +
 .../templates/prometheus/podmonitors.yaml     |   38 +
 .../templates/prometheus/prometheus.yaml      |  472 ++
 .../templates/prometheus/psp-clusterrole.yaml |   22 +
 .../prometheus/psp-clusterrolebinding.yaml    |   19 +
 .../templates/prometheus/psp.yaml             |   58 +
 .../rules-1.14/alertmanager.rules.yaml        |  305 +
 .../rules-1.14/config-reloaders.yaml          |   57 +
 .../templates/prometheus/rules-1.14/etcd.yaml |  461 ++
 .../prometheus/rules-1.14/general.rules.yaml  |  125 +
 ...les.container_cpu_usage_seconds_total.yaml |   43 +
 .../k8s.rules.container_memory_cache.yaml     |   42 +
 .../k8s.rules.container_memory_rss.yaml       |   42 +
 .../k8s.rules.container_memory_swap.yaml      |   42 +
 ...es.container_memory_working_set_bytes.yaml |   42 +
 .../k8s.rules.container_resource.yaml         |  168 +
 .../rules-1.14/k8s.rules.pod_owner.yaml       |  107 +
 .../prometheus/rules-1.14/k8s.rules.yaml      |  237 +
 .../kube-apiserver-availability.rules.yaml    |  273 +
 .../kube-apiserver-burnrate.rules.yaml        |  440 ++
 .../kube-apiserver-histogram.rules.yaml       |   53 +
 .../rules-1.14/kube-apiserver-slos.yaml       |  159 +
 .../kube-prometheus-general.rules.yaml        |   49 +
 .../kube-prometheus-node-recording.rules.yaml |   93 +
 .../rules-1.14/kube-scheduler.rules.yaml      |  135 +
 .../rules-1.14/kube-state-metrics.yaml        |  152 +
 .../prometheus/rules-1.14/kubelet.rules.yaml  |   65 +
 .../rules-1.14/kubernetes-apps.yaml           |  568 ++
 .../rules-1.14/kubernetes-resources.yaml      |  282 +
 .../rules-1.14/kubernetes-storage.yaml        |  216 +
 .../kubernetes-system-apiserver.yaml          |  193 +
 .../kubernetes-system-controller-manager.yaml |   55 +
 .../kubernetes-system-kube-proxy.yaml         |   56 +
 .../rules-1.14/kubernetes-system-kubelet.yaml |  379 ++
 .../kubernetes-system-scheduler.yaml          |   54 +
 .../rules-1.14/kubernetes-system.yaml         |   87 +
 .../rules-1.14/node-exporter.rules.yaml       |  188 +
 .../prometheus/rules-1.14/node-exporter.yaml  |  801 +++
 .../prometheus/rules-1.14/node-network.yaml   |   55 +
 .../prometheus/rules-1.14/node.rules.yaml     |  109 +
 .../rules-1.14/prometheus-operator.yaml       |  253 +
 .../prometheus/rules-1.14/prometheus.yaml     |  707 +++
 .../rules-1.14/windows.node.rules.yaml        |  301 +
 .../rules-1.14/windows.pod.rules.yaml         |  158 +
 .../templates/prometheus/secret.yaml          |   15 +
 .../templates/prometheus/service.yaml         |   80 +
 .../prometheus/serviceThanosSidecar.yaml      |   39 +
 .../serviceThanosSidecarExternal.yaml         |   46 +
 .../templates/prometheus/serviceaccount.yaml  |   21 +
 .../templates/prometheus/servicemonitor.yaml  |   97 +
 .../servicemonitorThanosSidecar.yaml          |   55 +
 .../templates/prometheus/servicemonitors.yaml |   47 +
 .../prometheus/serviceperreplica.yaml         |   54 +
 .../rancher-monitoring/clusterrole.yaml       |  135 +
 .../rancher-monitoring/config-role.yaml       |   48 +
 .../rancher-monitoring/dashboard-role.yaml    |   47 +
 .../addons/ingress-nginx-dashboard.yaml       |   18 +
 .../rancher/cluster-dashboards.yaml           |   17 +
 .../dashboards/rancher/default-dashboard.yaml |   17 +
 .../dashboards/rancher/fleet-dashboards.yaml  |   17 +
 .../dashboards/rancher/k8s-dashboards.yaml    |   31 +
 .../dashboards/rancher/nodes-dashboards.yaml  |   17 +
 .../rancher/performance-dashboards.yaml       |   18 +
 .../dashboards/rancher/pods-dashboards.yaml   |   17 +
 .../rancher/workload-dashboards.yaml          |   17 +
 .../exporters/fleet/servicemonitor.yaml       |   53 +
 .../ingress-nginx/network-policy.yaml         |   19 +
 .../exporters/ingress-nginx/service.yaml      |   27 +
 .../ingress-nginx/servicemonitor.yaml         |   49 +
 .../exporters/rancher/servicemonitor.yaml     |   58 +
 .../rancher-monitoring/hardened.yaml          |  147 +
 .../rancher-monitoring/upgrade/configmap.yaml |   13 +
 .../rancher-monitoring/upgrade/job.yaml       |   46 +
 .../rancher-monitoring/upgrade/rbac.yaml      |  131 +
 .../templates/thanos-ruler/extrasecret.yaml   |   20 +
 .../templates/thanos-ruler/ingress.yaml       |   77 +
 .../thanos-ruler/podDisruptionBudget.yaml     |   21 +
 .../templates/thanos-ruler/ruler.yaml         |  189 +
 .../templates/thanos-ruler/secret.yaml        |   26 +
 .../templates/thanos-ruler/service.yaml       |   53 +
 .../thanos-ruler/serviceaccount.yaml          |   20 +
 .../thanos-ruler/servicemonitor.yaml          |   82 +
 .../templates/validate-install-crd.yaml       |   23 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../104.1.4+up57.0.3/values.yaml              | 5433 +++++++++++++++++
 index.yaml                                    |  130 +
 release.yaml                                  |    2 +
 573 files changed, 104986 insertions(+)
 create mode 100644 assets/rancher-monitoring/rancher-monitoring-104.1.4+up57.0.3.tgz
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/.editorconfig
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/CHANGELOG.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/CONTRIBUTING.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/app-README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/dashboards/custom-dashboard.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/NOTES.txt
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/_config.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/_pod.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/configSecret.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/configmap-dashboard-provider.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/configmap.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/dashboards-json-configmap.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/deployment.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/extra-manifests.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/headless-service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/hpa.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-deployment.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-hpa.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-network-policy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/ingress.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/networkpolicy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/nginx-config.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/poddisruptionbudget.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/podsecuritypolicy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/pvc.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/role.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/rolebinding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/secret-env.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/secret.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/statefulset.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-configmap.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-podsecuritypolicy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-role.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-rolebinding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/NOTES.txt
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/ciliumnetworkpolicy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/crs-configmap.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/deployment.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/extra-manifests.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/kubeconfig-secret.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/networkpolicy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/pdb.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/podsecuritypolicy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/psp-clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/psp-clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/rbac-configmap.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/role.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/rolebinding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/stsdiscovery-role.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/verticalpodautoscaler.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/NOTES.txt
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/certmanager.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/cluster-role-binding-auth-delegator.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/cluster-role-binding-resource-reader.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/cluster-role-resource-reader.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/configmap.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-apiservice.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-cluster-role-binding-hpa.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-cluster-role.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/deployment.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/external-metrics-apiservice.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/external-metrics-cluster-role-binding-hpa.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/external-metrics-cluster-role.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/pdb.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/psp.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-apiservice.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-cluster-role-binding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-cluster-role.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/role-binding-auth-reader.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/secret.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/NOTES.txt
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/daemonset.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/endpoints.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/extra-manifests.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/networkpolicy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/podmonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/psp.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/rbac-configmap.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/verticalpodautoscaler.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/.helmignore
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/Chart.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/README.md
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/scripts/configure-firewall.ps1
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/config.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/daemonset.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/podmonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/scriptConfig.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/values.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/ingress-nginx/nginx.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/ingress-nginx/request-handling-performance.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/cluster/rancher-cluster-nodes.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/cluster/rancher-cluster.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/bundle.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/bundledeployment.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/cluster.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/clustergroup.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/controller-runtime.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/gitrepo.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/home/rancher-default-home.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/k8s/rancher-etcd-nodes.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/k8s/rancher-etcd.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/k8s/rancher-k8s-components-nodes.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/k8s/rancher-k8s-components.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/nodes/rancher-node-detail.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/nodes/rancher-node.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/performance/performance-debugging.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/pods/rancher-pod-containers.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/pods/rancher-pod.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/workloads/rancher-workload-pods.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/workloads/rancher-workload.json
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/files/upgrade/scripts/delete-workloads-with-old-labels.sh
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/NOTES.txt
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/alertmanager.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/extrasecret.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/ingress.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/ingressperreplica.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/podDisruptionBudget.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/psp-role.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/psp-rolebinding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/psp.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/secret.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/serviceperreplica.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/core-dns/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/core-dns/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-api-server/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-controller-manager/endpoints.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-controller-manager/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-controller-manager/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-dns/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-dns/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-etcd/endpoints.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-etcd/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-etcd/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-proxy/endpoints.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-proxy/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-proxy/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-scheduler/endpoints.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-scheduler/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-scheduler/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-state-metrics/validate.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kubelet/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/node-exporter/validate.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/extra-objects.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/configmap-dashboards.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/configmaps-datasources.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/alertmanager-overview.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/apiserver.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/cluster-total.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/controller-manager.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/etcd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/grafana-overview.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-coredns.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-cluster.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-multicluster.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-namespace.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-node.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-pod.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-cluster.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-namespace.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-pod.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-workload.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-workloads-namespace.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-windows-cluster-rsrc-use.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-windows-node-rsrc-use.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/kubelet.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/namespace-by-pod.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/namespace-by-workload.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/node-cluster-rsrc-use.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/node-rsrc-use.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/nodes-darwin.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/nodes.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/persistentvolumesusage.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/pod-total.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/prometheus-remote-write.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/prometheus.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/scheduler.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/workload-total.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/namespaces.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/_prometheus-operator.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/_prometheus-operator-webhook.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/deployment.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/pdb.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/ciliumnetworkpolicy-createSecret.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/ciliumnetworkpolicy-patchWebhook.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/job-createSecret.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/job-patchWebhook.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/networkpolicy-createSecret.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/networkpolicy-patchWebhook.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/psp.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/role.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/rolebinding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/mutatingWebhookConfiguration.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/validatingWebhookConfiguration.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/certmanager.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/ciliumnetworkpolicy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/deployment.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/networkpolicy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/psp-clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/psp-clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/psp.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/verticalpodautoscaler.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/_rules.tpl
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/additionalAlertRelabelConfigs.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/additionalAlertmanagerConfigs.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/additionalPrometheusRules.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/additionalScrapeConfigs.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/ciliumnetworkpolicy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/csi-secret.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/extrasecret.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/ingress.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/ingressThanosSidecar.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/ingressperreplica.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/networkpolicy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/nginx-config.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/podDisruptionBudget.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/podmonitors.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/prometheus.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/psp-clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/psp-clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/psp.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/alertmanager.rules.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/config-reloaders.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/etcd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/general.rules.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_cpu_usage_seconds_total.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_cache.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_rss.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_swap.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_working_set_bytes.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_resource.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.pod_owner.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-availability.rules.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-burnrate.rules.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-histogram.rules.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-state-metrics.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubelet.rules.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-apps.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-resources.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-storage.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-kube-proxy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/node-exporter.rules.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/node-exporter.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/node-network.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/node.rules.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/prometheus-operator.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/prometheus.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/windows.node.rules.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/windows.pod.rules.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/secret.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/serviceThanosSidecar.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/serviceThanosSidecarExternal.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/servicemonitorThanosSidecar.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/servicemonitors.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/serviceperreplica.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/config-role.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboard-role.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/addons/ingress-nginx-dashboard.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/cluster-dashboards.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/default-dashboard.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/fleet-dashboards.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/k8s-dashboards.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/nodes-dashboards.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/performance-dashboards.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/pods-dashboards.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/workload-dashboards.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/fleet/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/network-policy.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/rancher/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/hardened.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/upgrade/configmap.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/upgrade/job.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/upgrade/rbac.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/extrasecret.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/ingress.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/podDisruptionBudget.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/ruler.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/secret.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/service.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/104.1.4+up57.0.3/values.yaml

diff --git a/assets/rancher-monitoring/rancher-monitoring-104.1.4+up57.0.3.tgz b/assets/rancher-monitoring/rancher-monitoring-104.1.4+up57.0.3.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..88dbaf67497893a96e9dd0e7d53913fa532f3cc1
GIT binary patch
literal 479438
zcmV(=K-s?^iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PMYMcN;ghAbP%zeg%fiJ+{-TA}Lvk&F-9g6w6LD?T3zJr_Y&Q
zJqlO_l8CB+3V@Q#M7eAJ#{GJK+WeBcu<<CMsz_0OBu-jhE3sJsHeMSW`wf9vwj?4c
zIirdT$`+$1ODt5n!e#L<ALh?^JRX1X@FDy?9*<jpPsRsd?ETB+;g=7;m`omyzj*jB
z<H^BzGWi!Y{y_b2{8LMX#lMW-yRY`-ekXr0V_acHIg`^Jgs@O_jx)8aXDQ{Qf@XwC
zGDU|K&Xy$EOUHec*oB;;>m7s;N)W>(nIb?UbjE9u5hy^Y7R3}Tm8#@)G+Iz-p7C;2
z30@MlB(+R3UY0eZYBgGtqD(RkL`HDmR8k3oOLQXm4<u6-_BOzIMFdt{j4tXKNt%N0
zj9kqr8Yoed!45(hR=D7cG{Z_2L|4MK;t6F^;i8zL?m0>_k$+WUl`VUlXGHf&N$%VB
zR?A6M@RdwBOSqh(E6Q?yCHt#VSrvGdn1y=b2hv*^*5Hx|NjaOMd;j(onxuPQq~m0a
z{(>gy{zU)tUT;$kUsgCHQ)E7dla?!~NZH%2BBG>9!aNGf>bJX_W>X1%Npm8T#if{{
zriV1+f^exfH*NNCbUEpT;<hE4>0bKSPINDwjMq<8kb+=I?1FZ8cuk`pYa*3QvZ|h<
zhX><v|7!SpB`LXBP0_>gc>IF))>W%YFLqH&MMR=FFM6xhR3D&<Gs0B3Wc`)xL28!f
z;LCKJ?(g7=e&;@2?(N{JYJQH>FEt6sNkv#rSVoDQ?j$JVET;;pECilohEu}utRVRg
zvgg)*-$6)_ic3AR)fCNXL8hZoIx;7H<Z4AAmssS4k^Haqj1)w5K)1?o=%QV_x2u;t
zCr{s2Tqq*e_7_&#veT$Z)bqu@JR{<=r#oMALmy4O7;rr!X9_Fwf+#^V*@dqufz&mU
z(p0&rqi%yvkB52rgfk_0Q4sM0GrZ`V*_w)5^xxa8Zxl~emapqrmu=S<)a(O)BKX_Y
zI`~kyT?eLWUk_*5lH_%<e))Wb?RsjeN4*92B+hZwhxgqoH}u%kAnKECI%Pp)T`wWq
zowT*hqMpSC*}EA(du!d$e}9`!=e=m@3byE?i;(*3F<S^C<;w+SZ+oGK6}IRls^00X
zANPI97VvwpUVmPX@=@s)9jrliaY44){dd^>oA-X*)^E4-y&HeizTa-!H}3k{P2Y0Q
z`?q}Kj^AR#*X+0DGuP6ZR{0J6v}@-?W`b4?)ed9}eNSc=DAO2`DTy@KAsA6aq7pMY
z*Bsz3`o^$5D93U+<5=W!R|_R9*HVs!ghX8si85Z!C?h$#qH2k9p4BB`Mu39`W+)OV
zjw}a_2$n0P_zprwt|5r9JW)I$EDr}{`OAQDG@S%vsHOg@mL&MNgU~B0FQq$64jj_E
z$ze3pD`=M+OG%U*6@0<vsLOk&6<h3Fkku6zIq;wk>P`||9Xm;TLw5A<?*eIHl1?5Q
z5un7BDNGp=0FacJ7E`^bf?WOkk2TISE-Ec}r1gbI9aFrxAXiP31;tF%Gs^#cp+D&P
zH+--w3#-E_EiSN7OL`&uTDh{ORWG9byQEUlv{Jt1H!rko%g9g3nJ#Mg`tLtn2u`XC
zlIFy>ao?KCGUH19yZB<ZiiQQB1zpTmP1TYLE(?5_E^+?Tl9J1w>HMdni<JnL;K!OU
zMOiwdQgYVQ;y+A<uc3Trtw1J0-vHb9E{cYmTCK%gBcS1`Drg30amPzllkvlJl0N)X
zU0M0+x7PT?e|q$Pm$;~j{D2C;jrzZX{r&xegSP%}?~6PA->>p#h>pk{*M&l6+tHkh
ze%g}m4AJW)m554&(SIGjc%IC;D6vu`2coSj9FeTRf}l$*sJ>(2BAO9YX>y(;$`nT{
zUJIm1Sru3jneOZi(W$}0Kxu`Za5krlTA1UsGaSZWV4OVy#&C!PnZJ{saijzxBYg{O
z5MYMGo$lA^4nmfvm?9-=O-h?uQ_xWk(UT=+3xX7^;ao2R%G@V{yjJbiB@sg3+g!lM
z=Jy=+(4w74`#Bx;+?Byrrt36zsl3bplxAwC=<)dR7#98XuTRlQEti^a3w4Sc*4YkV
z6s~GcE|bf>^zo>|*#%yZzAN2-s%p8c1b?d+yN{)gmV1s1sn^@8B2HlVlkwicmuQG`
zi`$ALNwQiHm>$AXFXqJ~iHzQJZwH}3a|Y<2`CgOKGyhpZ2~&1Q&D5;|y1o7S4`rs)
zvkO{%M+BX(qT*VTGa@c&Mh>%#*GxSTB-hs*E@V)#vNIY_COfv-bDrU1$)yUaX=(S2
zXfBfrHz<&R1usZ?;n_UUJ)5~z1!g4BaU-O7K}2H>Kqx_EJ|~%)qQOi4^exG1Wve0-
zXvv?xrBca3w~1rOH?|2_GKcKYJ@D{S3C)*H(cmwzRR)qFR&Ji1z2A%X-fe{0eac|#
z|KfID|A{uXv$@d*JA`w8`gXZpXY*E@+B>2AvK@*)?!j9bNK3yhy6)Yf>)!rW=sMXJ
zUH3mNbOm94D^z{hhpLrT8AP*b@MnJ${`?kOzhm_;H_v!)|I5A!6Qkl;Gv9~X9n*{m
zbwtG!jfl!d%}E(aSp-#{X)(I#Hu*fQz%Hl%T#!|#IJqFJph||H#6U6}luGiPvij|-
zD%b!7OwKp-l1Qh{LSXWf`lJ9OC<r#JqSRR39{=Y7nAfX{Xht(9bI^8Bwu#eljDsX#
zSM+d<SSBvWIdnsCPQ<yoHT}^G^qbS2ot9>9yBp$RjD^$yNSM_GuEE5ETb;bk(_gy)
zH!Q*0cDLEND=scbW5(B9>&3qOO&MBmrrT}<$1O6lFB9pkf$u^$ZzL~UUh_Aw3u1;d
z*9*>#9u^m;bwL88VVs>3qq2E(`dm)Y-v=YR0HX}&msD~w_=m@bOCn}aX+f0#oFH7$
zZv?L^C<>|z;<Q2N?*ok>(gEKL^S5Ctq*-%|kfvk8@`_Wx!-?JF#!3qt${82W@r<;#
zN035)q-+taxLFZb`|s!H7S?%%)$;tjSr>)Hf+(oyJA_IbMxu+SsI!Bg`Zz1WXXLk9
z%^l|%prKyu%PB&J$PuM!*9k9Zw(38wnqvL6o{__&7r!k*TVsyjQc8a((R)jo_*Wu!
zx4Dr@EEU{Hzab~l_5}C{!seDz;N1po+Ms_n@hWh(*+#^AG<io6>jS7HJ_Rh%1pb2T
z{nqN)uDi>fe)dCQ*9MXESCzW%G_+3TwRhWF^Zl^=52(%kCqVA4^|_xKa(_x3$FGP3
zJI<x@Q)fGF)<pi=t9GMGvPY7AZ?)x6A0o9R==85o_nhC_E_{iq226rcCRYVtf#2Uy
zQ(uf2XNlg9mu8Si|F7UUM^b^?)B<4zVCTFj_?7-(9eX4INi^xc)CW18?EOivhnQGP
zO*&4-ah?72aa84Dx5~qGKdN%jt#Xi#Z58-_sHY)_)THK$pqwMd6=H<s4jI8MP@han
zq@MK^K^bN!r-EdvSfNZ1tcY0?r-njmsV5F<3keJ0R|Z@H^_K;`Bn;uI0xt#YsTFxJ
zxI4^;1cj%gg9MeMJw0W1Sf*6A4hycT)-h?Eg_Abw+=kdg3{)S%@0safu#S}XUCv!)
z`vwBB=A7Sr);FH_EzbN6?eTn08C9!rKo!pqdp;v1$d5G@BtNRPEMfbiY;n9`+<!JR
zpq#~R^*}-W)+UqTABePj`nJ-$-Cm{;&;?md(V&Ynp4<$28%8T}%+^(k@uaW+K|_<e
zKoqZd!56E)!XV=TYOK(R*KOs|vA5&I0J6uhY5kr=6k!>F!srN-lCv|S4276zR6tit
z!VG*%HZ_FiY<U0%XsL<)O*~IPCeWJG6;TTmQVb8Nb=(aDKJnp?K+o^a{@vN{uEgEh
z@1FgTg*x&_`9?wzoVsl(L3A)6OrxL~mQytO_~c>Vk_XGn-I0eo^3Yw0JM!>>$;0^f
zLLMFl<l$kue@7nf$U}D}?#RO*o;>V;W$w^BJ^iNkxt(D<Jq9R$I4f3YMw%_5bI^<g
z={3HBIS<kC+%3Z{q6*eb;|uKeS>&|TK%1?g*r~uRWW>Q;)NCw9J43%R$qY-9BNwZ0
zv`;xF5|mk%09Z^hN^}!d#4EzUs*(v@5vN8>cUn_^H%~jCP2^piB=6kpZtZ6GtJ-|-
z-0l83-R*|G*?ZQ~#J&tAACNGH;D1H37*73W+W7d($6v&xv7L`)4T1b(6M_6q4Ohb<
zdQ&X~&WYTq%|G-YhC_5(Gi1N`R0=aP=X#x+5-yNtYi2mRK$jFFjQ$6op(W=RJ%OOZ
zAv!Mcg6JKoCHy67!#~*`b`YYvhFOR(^@QUE<dPI7xI^Iu<l)*&Cni3#6FCdlzHQii
zopwfMhIZKSfR0B7lQrB$^Hm(0s!QgS<%apQJvTfTKnx8*G1m=z_Dfyn2&@f8wFV+L
zAh~WFYkJftQ6C6Nlwm@Fb3#|ND3B5><92~XwuG4Ben5_+jYbqq9J3rzHYcXNAEAqx
z7Q95X8O@qL{Lv*E5qA;e&FyK18<3yWt!Bet{``xLgSIEp9B|4O$gtav`EJ;5jSF<M
zh1LxEb$gqG6@z%~wLP@=ylbs(+wW|I@nh=`V5oI$`_+O$Y~~vpLthtq-%UOoqBBGL
zC{sjS;v(%JNs!gVkz*OR(LzQo%}&@^B40Q~gZ;6lCAL419Nvgxir$<)M|_U3`DBQ;
zT=Kfe_4aCju&QqFBIpg2K?C}~8FK6{MU+7tJOotXswxbE<FYD<r&W|Kh}6V2f^OiP
z26rp^`#<dJCJ1LXgAE~-Uvfbf<n0vQ)7<d+{TysOlBnwjtFJ4bU;Ev^)_21-B!`>V
zg(T`h`lovyTIUAW?exuUYy7wOo}ySYxjx<jpEqLidByW{J$4w<KbjGf3ft@B&+SF|
zU-#3`AAIJ&MqGymWzFKQ4X_6wnxfAp4Nlutx8<5c2{6+o*6GQHaALFjU^sf3egOb*
zDeKKaq>=7>eT2R@DiNunynOZg=~SPMC>sHlhO+I#=dzXx)m4s_$yCsjDlSMcP>VuS
zoiKC36b-uKs=0=Jas$H_c~a>S>Z1>`t&LlkAYss2^@~T+Ya=w8)`~azn-DF5A2Sy`
zB5whAjZpa-@TBE~Fg58{zi<H+Ybp)QC=QE)Uxls=j`1@UbHdQok`~1HcDR&HmU6l-
z)&XxJmOgp)Oe(5sMf?pquZzNLl14axi)q-psI~hBusMCvnZ`vCH_muja^}wI&%f*p
zk<7{^mdh!^vuv`rzcWPT%APWeFD}X)fFGMgy#0sg^vD2*R8f6#G+8YbFA)gNdR*M0
z<zUXm0B-+*B$q@`wHoNNX0Hrr0H6VY5xn)V!8NBKLRsJBXP6cwKP3gn;AEzc{#;X)
z{jyW{1u17l$YYjqCaF|bo8_Avlsk?%nGsFV;0g=o57iU!=<(N@NgSqkF39W!%#P9A
z>G6m2(VZEmAkV{!Mx%g(kp}#{@l5kS4FNavB_b5=7K9O@?@#~b;*os9ZRV{fRsBZd
z1vw)bXSsaM)!M2rAaCvyoGr=58mCfjEI+%#)tU-UZL+cb-?+G-Y;i`^*DFO@eVy?9
z)fJ0Y3Zfh;YN9v~FEK6fj25ts{dK;s1ry<Jw93DwQt^er<+=)I1(&U|uFrm4UJ%v#
zVq8Nz-|S)grn{?AxfVH3NybI4Ws$g+xq%O>sy#?kaM~!CdP>g}7g}`cEd#>cD)Ro@
zaOAq9@#X7=8z$2Y-8hW~yXDx~`st+Zp1#B4zOI9OLVX`!c`?@)+B}7kxOYnOT8lH*
zYtITddNfF8ywVMERlW3P0do&c(IEYNU_qP_1w7*UoN7vPt_h3&Pg7rjq~%#%;Te=a
z<HB*X%^ffYrAR=Yc93OC9Q7Qc!zMF*Z~ZWHJ%~o8Rik$=n!XxD)D*56W~?&}uAL4r
z+#1bx5D#xLMp==J&S};Q8ZAKg+UWpPvUc1(<Qdk|5oi0OLz?Y(PnhlRo5^xd#fT`c
zEeDdkw$u>hp5lfaH-!y>b>G&L*S;DJaqTM&NNZoQA*?}34_OULfv5(*ElG{Pv<Yf&
zX^Wf&bwXm=`5chaPMIg9-4aVigMuC++E>~?#F&8E0#82OZy=t*k1px#DeQI_lFiPi
zhG=ec<ToBrx$%S^#;<JL9n-sGdUs6U`It5b>~OIVWB~`u>vsNOPx6T%bNUueuBh3J
z^9%Im^tnvY8)?-Cp`ZssEfrFs3Jax$TK&Z~)a{HSk3t6K(#rf=dez)W3L=uJ3d%cY
z*0&#J+LO33&B>*&;P|5>DnT|~%U|TSf|oKO1;okm5x-)M$pHc89UdPY5wKW<vhES7
z1j(=>Il98DFj2IXf`!{11YDijM=M1dJwsz6V~U5OWU6J!VX#5*G|cu4o7a5GRifc0
zb6ODn9a$<mH9x|N=TPFldy&-tPVBg$uK8zEh!A;O2{22c&w~n~zT*SUe(l^}SaLZu
zV>hqL^h|o)l;a6+obKAm?koyE!^PCR2%`$8k(X7+SHW8c5Hbodn<w^^ET~js<sH|C
zL-aQzX~b_1LCHHfxf~>h`gMI>tUwc*9=+n%Aa=o5GKxju^H3w?8cJj=tGqX>SZ|(K
z+xNKx;k3@^=_L^>zXD*21zqG4UlN415Z34k`5cYYNjm<Mw*_i4WXx6foqS`$f}Qzj
zFFi;fJ@CD~=H3VyLY8_e;TYsDl7wtpdEMM)yw%9-v*<UAEfd?9h;-~uuI$GcpB!#Y
zD3`ukGF8~tea22(!&ET#PH^<H!Ln6d6gHX=9nW8Kbs~r~w!p?6rqP0(etq~PFth3F
zAa=Yl0dln@LWZ-9G+^*WS2^W@YfV?xrmLVQh8jRsdrj~w(}9TwRz%=Tb&~5pIhDIs
z(f<Nhau>#RMlwN^^OtC;<?JBbEx2hMK&!k%)*~5}T2R=*dClEnhv^1uP|2z-)B0hY
z0e`##kG+6*ZYrFH#2|K2%y}k98D|-(lpIyCy`zff2{=DdwMy)_A+9PcO7G|Lp}<O#
zWxT9DG}M*!nCuYC*fycJ)HO(PQ7v)HuN3fx<R^mb>(Lm_(Y?>_-42S~^8m^e-OG7)
zL4+%7AiBkEK+cHT3Zkf)q9tiS8h+**xNnSm0}}S?aMX{^5jC-@GB#iklipkMk~C76
zZjoV0B)U)11uA%k3kQ-Cx$7=)=u7URG)*5k>ok08ZZ0$Zlya{Xn-f8pv3zp|4jv^J
zM6a+Q%8d?ex8RGaX^>_MOkX?QtF8xO6qXl&HekpjiAI>r$xI^+F#&K%CFmtqByr0%
zie_<A7lkDX*1|dTEW^M8(6G$V2T%^DMOW*quw&_Y>?;!7rx5<zx_W^&*$XG}ThzQ?
z0_BEjy8i>88B-G6i!*}mwV~a6(BqeIQ^xlWH}J7izxQ;sv!U3o-cy)P+Y=0)Xdx<m
zcEwn{?U8_}biH8k)opw`mwXvIJM{aP{=jF}Nap^v1JByPi-xu&&<kr`$#<&<)7>LI
zHs_1qc4X^3Q={kEebvU#hv%WrvKeb<siU<tFC_wOe{h_y+6Nq+Iigc^omfRoVH{Dq
z9M8SK+b-lkcFo{+{lM<6!QfEy(?Qw5MD56i6G28{!x2atp$=&$JhO2pc3QpOUo92a
zVNbg?diIJMiMScEabdD9ZuXdIIn#PJ2B1@P!lk5oPpt<PycsdsMVEWN+xQtuho&Yy
z0XD2#XUz5(r5}PKH{Y#`QDS=?HJ(`^A35!^jR?8-Ypkr)UQ75^D_&{<F<bhYUl0~;
zmcu0i99B-HsEtGYtj-}%L+=i5xeB6YN$`G6xGMQ<G&CfBMcE?3dYziyP3O*w4D=%*
z%2SDGS=I^;ux6R;3gvJJ0b`saD|lrceeI>}g6L}Im+|_@O*cIRK1d@S{F6#q6FGW#
zu>bf`Kzok-;J=2!uaQ&`Dk-z7$%42bkrKas!*KJ}o3<i6j2FS=+Mt)ctiq-<AAuPS
zqn}1;0`TBZKfEh4Q=At8Ou=jYccQPngyi}n8MR2CQ8as10kUrX#U(k{OdhY5^+G_1
zvL&5SbuQwV10!yogUcrot;n-`&T#>Kg)%`E&2Vwg*D!umH#hx%kac>vrfkle_T<O9
z8MbZZZJqbx@31Jk@ZRl5ZhOD|z|pTbUf%$Hg^t;rADivs;@25=as%`mhNn^0M_Pe0
z?0mMGqQ3_n{Ua*9!c<Ms{#Zs|8=uXC(xY=lunI~hdrM!G5qe3)6y0NW;Sm$Y5@7h6
zYSzuUGu3dWgTLu2IbWDd!9ntF(dNns!1~9MT#b8>J3rzG%+Vcvo~p7c?%jqaq5D`O
zEkv;eWX#`1mCyo_=A^VhW>lQe7%j0}q7qj|va+qr#pFGhYol5#R=ZllQ&nNhsSI4=
zKUoqOPAQ=7Cs-OuXuBm<OTp{K5`9aG@}6`XXcVKvAtG!+8A+Y5_y(AkACWCK$05Y7
zfv1*ab+0H)-Y5Iwmf#f;#R?Ib;fmx)a+}p@NmjsbF|Ld<suFP1&Q=DP9&^toX>lo)
zOS3&Wxg-UzC|jIcfoTYDLndlT5>*w+yk_9pdgJbF+-;4^=VnK435ao}MN-3Sjozd2
zxpm$IARd`x@A=-nu@7A+j?6P@jSXiwL|?C*bh7IkJcIgrXTXy;_itqMopTeBFmJZs
zDV*W_L*Gc&^ErL%&m~xr^Aw#Ccbrp?M+ndOr9DcTdk1!F7vVfdTrG*Pu!sbl#knz%
zL?yer52@Kx&4hy|u7TIzmr;dgMGeL`E=kkHEh)su+3Mj?Z*H_VHa^Fwsn4D02Mg|{
zMg8aJpA-9V2^z=(XBVk$lPdC74N&sSFG1Y~VFqEf^Rg}!tqL+gDT*2-h_D=h^!B(0
zNZ9G;fB)w6)teKPpd+F%E#yC%w^v>T>MvYiQA!gVL#>B{!80Z3VnOr`fl;`GX*?!6
zM+=4S7lffSa8*jb1F7!;8izCc9BNn>vFYc*^{GJ#aQlv+oN=K@euAlxAsmGM&;S1a
z(C0t@jMA6-!u{o!>F4Ns{S&%Hzx?uj3$|X*o+WO5qH~l!eXEFIxOj8=JR16Q$}TiU
z10`@y1)uBPUDqV&WT$7IhsLR7D@@UZcP*a0GwL{~NzXFa4QQB}2)PcQKRtbo5}18Y
z%>db8M1|~Y->%ia9~QjlQbRar&OO@hez)%Tx9GyXjvV%2Z79>vQ8?G0nj63eDwtH(
zWr;;=7Ur8prW<N+*-uHN#EW><Uzl$_{q)q{vY+5(?5MA!;Kl52e`{K8*{AiWIIl$!
z^?BO(fJ{F}e`$9bH@lw7iV9quGp@*ah4bmZ-82qRa#<AUFFPfrzW44Me&(#889@Vo
zFa}|S!NB6s;6cxHJw<KP&%k$WGZFoj3Fmg7%p!#v$?aFs9)$rKSY#cbL4ZaBGzj+h
zofkE<eEyzRHlX=72B=r#1>c6~85f~>0@AEZ9zl?m4P&&*z$oEMkm}`<V(U&tiriIr
zQeY`xHW6`Wfp<czl$;fOG1?pNjYs2$qw(H|mX+X_5IH9k#X-Vwz2b@{lqC&-M2|I6
zSL*7S?mXf11T)vv4x>G~sR?x5>DAW4$0BkP2WHa;u~}$f^hY_JgH=)aN9-UZjN8y}
zqwKZAu)j<Y?4$9c$+n=Ie7%H)HjiEV%rHc-&g;TGIBW$(2OjcW7?|FON10TZnMgtn
zF_b>geX{5eFHFK}$@oD$F|)MWH1v!5Etg7qlc9A{gQN^L<+Prh#o)+21>9eJ@TZM!
z4UG>uFEM5Cyu9n|1goWVHn=$#ez}dkC;_8zh1Jp>0Z{UEmglS@Sqh3G<9rwnOSg_=
zQb)e~+Z{O#3EoG%pA$tyNg0u7$*=svKvzM`vC&B74_tR2_w3DxQbZ(r5DE0GPobvW
z=95}g#GO7jlPNmZa+mG~j@y~VMZZ9=pP#k#A|1=mad@tW)^En+Pl;KL3!m*eck%vB
zoN2ICs%Qld11y8X5w==i>_ioAMh^Y_&lc`k3DY58uZ1w0mg&2(IO$*0b<}ByW~=7m
zf%e%ojrFl%T!CiqN>HT;vyK?J5CrEdlbt|1)g-Lf@!aIjh}9n5q5F7K%se)N(g}1B
zC9d=tBRE^eleCGr0-`t^#_Q$?BoU{!uG?8l0=$oe>9whNch$YiRk!A*dqy=MH0Ppp
zw}Z<q2ip%jTLl|RJ*jpOe*U?;MX3g2-L-%DCHeVh^qB?lvMy&JNu_Js9RW3WEKlPN
z8n}N0(d-#jgPEYy_&$ld{oaAXRYh2CG^-jGVY$C)OgEu3tQ}ATJk0vAW+)z<X&j}0
z*nBtLT`?c%im?|4;IdV^yEtjMeTcAHF4A%1Si7U|dJm~Wo&|SKfDC6Q9|g%BHSaxk
zc9&B01T&9*iZ2K#Y(b9F^9df#3hzGCb(?~&Nypwx6gG{mMG_oQ=;=4DHj)J2-2S6-
zCo$Zb!M3+-bMds()!aZD5oB%!Y5n*lKDe6Q?{wu{SQJME1otB_k~D|dWXBml-uKK;
z;CyIugqh4T<gF6eM_oa~XeWcbIw80dn<$LDt+*sw9)Ue#JSSf2V8zOGNat=bQe~gy
zzW0*nAgSC7dt>(F6zz{6k9}v)sRSqd;}eAQTyH#)NE5~-wfuA7oMoc5yi7wS@_rT$
z-c4S)wbX1`O>;7`VB}~>tOhorm8X{uU?AS>1vEiH71@X*e$qj#hi)5@USq`NxYkt3
zzKdj7!m1_Zwe~6~h@pgO^&&WX>)`B}X}b9zpEN@(IL^Pug%<Q2-nKuVfoH)fW((ru
zs;rY4<N6Yzb0cLsl+KBy!kD~32=W~xCGcF!mWrF?amIO9GmPfsBv)F-^$8fmHFhvw
z8xYR(->P2ym~3{KD{SQ15??rDl)i^E&KSw8pPS&NK0{b2n$-msHh-P5ykRMui(cx>
z;DqPqgeY2iJUq<6`5WDP0&R~^?&;awd&wDzj)gQig?(mYq-(4lG|$}y?7+4GAnSkQ
zX~WXG(D@tY-^S=){}uh^t4Civ9FOm7ES{houO8^#avo+5*jHbnf$M3oVc1Usw;-49
z@A#x~aIk~2VW(3x89y42gFDMoyj2y8S#T{sakO&_p~9tO@@}=w6%(YK>Xj{8r2Pi@
zV6FD&MzS7Wbz6}5cct+i;{Kl0J-BsmL+2m*exGxk&n)4vK1rJBgIZMHvgg6`fC~N2
z>Cy*8{+27bN5L1dzwVlZc*k?_zS->pazct@Nu8V$0{2`%OeKoB>n4a1`gOAJ4f?Kd
zo7k-PihkY|XU{+x^PHB{DQTrXz=<770R@~PW_V6Mw}Z@mGP+30!*D6IhAf*trl=u`
zCb3G~HEwzYnV{2a^B~(zy{ZO$*z3v0$=PHiz0i%&V`r0^lYEH_3KC4Pn?4|MFWvhx
z9fO++BUh~uLg;C$(G`R()G`>INlNxB4N=Qq&tU}bHdu2t|5~F3Thf~0e#HEgGFuYO
zrGESR^@;rvsw+I8NE(G(?t4{8L-M{iH@VS{Y61@4WQa;dIVxX2KQqH{T?M_HoBLa(
zs=X=t+tP@*`T{gDBYIGKX`fo6KRn1q=l6b_6?|r*gpPPtdtJf^S2Qj2p}Qvnj>3*B
zB94C2(;mIHT{ws`^XXl!(g}d4pvt*%rSxq(x3^5sj596>m+vx3RY)^pr!H`FaddS?
zupk1$7oO3AO#QrHgy~10Y{>A5=ZZ9Vvx{c6TATHAn~<;f*;AWPG??=5B$=v~m2X^W
zyQ*%ff9o~<{bz6OvLsLYn8$`I@x{@EjfAj9?2q#4H}QL#OVnp)t_5AqFt!YnJzkX`
zerv-{rR#JDbq3SqX;zr!SmcP$eju5;C-uR?IaWADFU*Ob^WG5$aXw8<ryZV2Xuz2g
zbXF@ati$q1(nW$rwxo(=sun~KJIOe^B+U9c<wMthK(^qw%U!20;LuA2II>Fc3NNr~
zbO(`iSn*uO7b(vj+=wGJnd14p9mmyhz)hm~{_F`Q6@m+rhlY0C1{UOz|1x#Y=g1|F
zZdNNXG`<CpRlxBvg2;+96T}zfkiky*+X?!MFFL>f+}w4pCl_c?`4sLmf~a}w3Eeji
z!*C^rj=2wDQ*>+2h*PQiaWp2Fa3O0+z@`bQJHe_N*#@2F9^4Et$nknx{72R(h=N3l
zJs|=HuXnA+Q!cR?4n+I~Ib=NL2-}`$v;iHD>lcew)2@TKjaeVHM71VjJlJ2Dao+~>
zN+Djulzn`nUiQP2V=X7TmujLuwhLqo<lGmyYAtX0{X?&C&(elkw4m!P7TI8FiL2H+
zXC6wl)CTyOH^4iSk72|EyPT`?j+6J%A{}Q5&wMUvE0)Ch`=rPw{Qy?sUgYR-50<EL
zAlPbkqJ?o`0QRi;mH8W)y?%aXBZQnF?2K;u_AUt|?9t+Z=H<_RB_1W5&lQ>3y9}W#
zGK&ayxRe2>HFJ+dm<ypKVnJNsx((uuHbGO%_%L<go`vr~*xsL7F~Fie)R0Xk)~J1u
zXxp|15^W;>jnT{uZeR*rWHwuAEFD;hBXM=OXn#xgtPXk8;5{4D|LUHJ+^}!$1!D>d
z!zW#iSyT|dq1WX8N>Dt`8;TQaPI<pIjuuz&f(#(<gW{c)yzQEWnG?(`H27(Il5Y4-
zF5fm@wsqL<5K@`(OCnZAYe$P+^E6VnB-sVxSFE8(H(>0`&O0z$p>Fdi;aWts-E4!e
z9$JjD{_`fR?M~p<=o^jn!(egCXKhoBWN+s->wV)wdlWY2l6POZE)sXUn|j}_kl4n^
z8YJe?w<E7mp&9*NUULnW+Dg5+sh7hn6~Z<ke*Lzt2kob6%((_o?D*Px-~%~}Msp!b
zC9on3Ye1Q;`p&N52Bfios?0LrGDT!D-Mk7fOw{t3?PTq0)RLfA%x|wB)!H>^18yX4
z&`kxfTC+ya`2szI&`I0ojU=exi+R~(%X^>?^$(IWU9fN}jDjyr!>O$wn5h;PL;6yO
z%t&)T=iNKG;EU(F?G%L4Mo^$X5y#Y#x0NBTQh)68pmw<;fujms34!e<S`al3LSVs$
zeQzLn-lt~Zoa7>nAQs<yr-egEtzM;h=+yJPv?M5Z9AfP0ur%*-XjT$|=sV}avxi_C
zoa~L4_e_R5Fg!Q@(1I+$s7^d>bUprkoIL)=pYE6PT3(me%LnLwNsEF?V>L$Z?~<}w
zfxB5P<b&4hKFSE{Q=|vb?0`v%>ox({NYJn7bzAZ)ByEMrAJ1k9>Sc!IN7pYlo+@%=
zhnJR-geqI9euwCi7j;RV6quH;t^C`ZC)ub~P|!T^_gq-pWI%MYj7a%{=jQp&Q-brq
z3985|mXX0fLKefPB#tf}L4K@B<nN47H1vb<H#8hm^p;sDetDDZo73kTwxuznIL{zd
zv)mjf6Ys!?o)R`$=8S{3(g#flO~p+H;BH+yZ*?fGy;59iPD$_*3C@i?jE-KO0VPje
z)`Y-opk*C?BZ_G>Ph)_#o^35hg$0!$>wqC;iCJD)$)_2yiRRdC^!{OVsXmR)tV1Od
z<VsMG+5w<RU}0up_ifkfO>m~kP6UlgB$atXuO_>04zpVM_!VmwCeq`9*^DScC7f_<
zyU-LEY#sVuu}MG8=;K4*#8XTIht~C0r;lW4+S+Vmos9x-;opbh#;AlWiwF8R5OS>B
zlr>7j1{W(ma)Y?JXF6O?i3JA*oykH$#GH$g<hzKx%}Ax}Qyv9T#DR_#qgd}+TNh_J
z0>it$)a1%|5%An}D{U(C9IdkqZT1xe=MO`i^ooT8(nXQ{(i&4E@%clb4;9#i?YjXG
zNF8gOZZWoumsJhvAZ<sZ_)3fjGqN2wzF8(Oou<U&7u0{vsu~hRkDG)zAtetRPI?;#
zu~U%lRnf$~>JP8!Rswh#`^>3LG;auLRp3lxNSKz-GAKSe4isNJCy|QId5RdT`atrz
z8laM3CVgg;pf79F{@f(9`P}&UC|?1oEABnDDvd~-g>HYkcc6BRqeYDcW{LoZ;X=`(
zq1hoVvB)<JiAwajOH%kw1M2H@VD3bl7~W>z4Y$K3eqp>-V1nDc`;X^*+m?z$rfB2A
z7+VNph)qbIrX%K%Dqit|FIImgtI#bVY8cFmO2D5c=NnRdHzeA-XpU)73zFDCzMd4d
zKXFDjOyYGjq$!G9x_FjG=9H2ym`g6(T06TxxQ|!a_Ne<r!g1~!4E;h*LcR0Rp~rqR
zJZq@y_&xF*mqWIr8iJ(_rct&yHU<^***vuz$*D2fdrd^yQgCcie|QB*JXx|w68uvV
z*;UP-wVIF(x)1<1S@V4_y3kCdhrWU!w1wyQWcd8_)--v|MrkQYC79(&12o#L@Tu$2
z$O~&UxFD;6pGNptwU+6c5?F{S8o=Mp=iaBUZ=SqCe<UkGFzBSU7*CmchsC(!;-cU<
zmm^KHAPu&IpBVT_0Kc^`rrsG;d(za3mZ`*V&o0Q7%fC1b8p8Q?Kh}}}gn%!5!z5Nz
z&Z)`Uc*I|F<<`ts1l?CxXSG&qWgjJu46I%%wK=q(aHhyxg_gX?rQU+XXdqmUZG@Gv
zQ`^k6_JNTm#jUi){g_JTfwhKlX5<rV!Bb0A(;O~%0J)$!+8d9@Df;|!lAiFqJ+?@K
zdC$bDJ_~wgfJb{S<Bq*0yJm+Ha{EkSpyB72oSky6qV&d4@J15z%!R8y?*U<xq}y!e
zfzLW{*rz6Kxm9g6Y9eskhIi{h5z}LMvjUKJ@J0pa)eL7ByZ*wZ!IR%Js)e%!*0+P>
zUD5H0-_n;{5g)S;`u4~T*Y*15co)Fwf(4h7RzarS_G8FJGmADu?On>Hd7eNb%6@Q;
zBaQQl-_$^8*4&M1-Zikfz%WC&R!hQ^9f@-<)J#Xm8KP}7wVed#KKSS<!TOLI;}wB^
ztno@CDOA}rb)p~B%P-S|H1OXMizrq*N$N@}L2&t%M*rz(G}-$y9jD`TGHqh0Y*k$&
zu~AK5jiJ_f8in=fTGmgeui{=%F-=qd3j&eCVfn@AL<k|TRPI|AaM)Bl<HZ!cesZ!A
z;@%pFZTF*fFh%remHiy}K^fhZ=kR&0s#>8l>)dumRG_vqOJQ3ChV&5LcToDmyx?(L
zpr%>u4Z*0|@>I~M>e`c$gB%Qx7#LR8+q3RhM3mHUPP-_l0x3br13e9AS$E6jJoFSc
z4-qwjKLCq|5>4ntP!87%goGo*Pd5HZS{#j7WLrJZ7xwztpOF6L0mT8IhwBucdbp-4
z;%+CK6%k>yq>E*-3iNsYF{NN|IPN~4Cl?SW8wwZDGqSM@EpbM;s9HF`S7g@A(uQLk
z=9fe$D#@Wavw?EIpcz#zlo7Vt)kTywy8V~In-)HGi5{4~s863gnLM66LVut91KqFc
zSwXW0O>|@m-))`d7KRL_DJ5#2a<LdKRauP0JkymTTG~H@Hu<;JzJVL$*hO3fvEDuk
zV@A{!A<SJiSSeCg0iPJo)H9n1OY{vtvK;a*!Vn?WSQ|`Co{{n@EUYsA8~%U(_x~%Q
zYI>r-Iso?{z>^;-dU#OEU9>-zyJ%AGqRDb^Tuu(;gK+BcoFXK)H8cvnHW6##lx+~3
ziMp|d6^*cg5B#S$+h8ueQ?2E)s*7T)Ev{_k-@zug=M~NU85bEbPe#}S{enXjm#hV8
zIX`*+EGIZq@a{_Zq8lo8OVH{%o0|>Kvr0XyukkDO#y(O5nh-r3Sz*(z%>}t0a3;8v
zp%0iXk^Nn1Izw<~EtB)!xwen{3(9C&mtjPaHMVJFH(FJU7`X}(6I478!a_`D7(F0;
zM68bmRWguLGJ)k%&lGZ0s36OfQ7%cEn}nf`(#H;GV{~748EB(A4K&6{&YAw3Dr4fn
z`O4Y|OUh35PalOk?sLbE)%IrU*4P7HFO6N$Bv4k=C9F-+eHR^UlRK-bc+k3@dUWa^
zrt<*7oB_z^^TPQhW|<zCPcw}uEMGS}m4ow2Es40IlI)syXToGVoks2XZNCy{U?2<f
zXg__c1h!s|S(KdujD`eVVnKN=joq0teQqEKHq3;C?!)s@DzfEx2um!NdL^->83-kz
z$11!u)QrLVq0=Bh5j-=!p|K9^h`H0Y-Snu3ckH%uMy-}pbiLzP=sD-p&u}FspS^na
z&HjI`X4Ple#q;sAZ;uWy_<#P_aq;crG+W8nW8Xrvk(?1yNMc(az4)L1x%WRG{`lD!
zXS4q}p0DcX|B<I}OFlXomwQ<X&(FL86H}x&w*l}yrlo~>5hr>Vsj(^953Z7dm9B7E
zz`K&>^R)BM3~JnqTrRr+8|))I_oQY&A(?60aYx@iuU<c$y1`QhX`})&p*bCcK$KCN
zYr7TeFdc#3BDJFg4hqz?MG?Pt;+1#6PPyuoQG+M&hM!X*Xv8=-T=h8@i*w_J_Z=ly
z*2E5*ZYx{u{CU9_l%4BAMxo}lTBewBwkmnueP$@od#vp!1$5t#s-=17$Uk3*Ubut<
z)Q2j%+~3gyO1`bW5w4gMw;<1vdq=6l3pYsH?0m^fa_-xn+rSl7R-<Mx{=G@tDAA45
zAEb2~aq6OG%%|>=C&dvdXCx0_9iz-YoN2E^$e?&h$rU>Cli<vkK7CsiT==L65Npl>
zta+Z;d961gTCpRO)gsw6X%?%20WmKz9btu?ebBuX=|3UwMGlTXkcQN~O6B|0<P6O;
zf99V4b?7<o?Iupq77fMC-w(un_<-Z^NEQvlK1<cXC;#S_Eos_6?YveMUZlKg-mL00
z?E~kuDWMs$aje&(X@N7+Z3iq5HMr>OPwnHmNi+`)K8Qax7!e(#$dez#I}6^3-jrFd
z2)Or5d`de@p^x0y4Z$~qP8(qD*!~S2I|}EbVqP}W4V1&p6qjV(3|wckRrtVd!%P-r
zuF#AuDTA|U2UIgllAB3t4##Yad1@d&=>XgJy6eMOR({s*4Jqhk+1m*i!i+aYcjm#9
zC0g_#nAO!Q_Qt`8aa@aGKXFF9;&u(T8`jICFcxHrW`bWy{ZWLOSe1pii)czx^t9GY
z;pln&mXtGIi^bZ*<AyRtwaOghl~eNw*Sx@so5t9CA}xUCNaDPt>;y}B1rJeIf|uSK
zrITzpOhMu943|x=g{7fFqc?Hm(6#i+Dwt3UY!mhEF>hlU*;c&D#(arAZ|AjokJMNF
zPv*7^q_)Ep^mVSc{;H~w3C@5A)hpV_zBWeDi0U{Gk{0$1t0%$Zx7PgKEZ&Q4GVr#R
zu9E}RaZ*9*T@<D2^~yY~mav-c0t(aVSq9>UtgwsTefVezVQqKY<$`tV&`tx3AOjG%
z{Ca+h2nqHZh3*?R{wxRtH;v%`zM@H3H|*gY8+U7y*mc<J9y(}$8aU}C@Dkl=d;lVE
zQ3sX&M5buZczx;*bINc*f3keDkB^A3xw_1fN^oVouXeV5Sy40KpvZ41l9qWhYz?<v
zj<=7aE=<U`-I<16wZ)QPku6`|boGZBIHqVY8SMCzdsbJKOBuz;6*5$~!i*Gh*XWj<
z&x}J|kU2}b5b#_MST>40Y6wPOEdWGcqiMb*SFiQoC%Wit#T0%UQPGV=tcN#j@-;eU
zxtFTJi!)Y*)mU5O#{}1iDDYWj`Hj^qEehZR<Nk)efoF$gEcZ05@dh;T*PW~Vw5Jl4
zN9}51U@Jm3wfCSk(KHKfv#tcMr8Wa=FYFN2qVSSyCt-T<8t~)s<MAlyC32|)hd!^?
zrpzh*d@uej$Nh1Gt~OJX%~`+OJn9;}qSX8o)I%l>j@L1R`p^3(c)*<%K8u=7(d0mG
zg_&LP=|<FSz@F(lfT$(UeMl*2jtI-qk2NuF<DIS1Tk!%~P0`7#v)2K@u2ko9(w*>J
z?|HB(fo1Z~4G3UlYe^(p5}X(MW_39*zwbEulKgwGIcz`#EO*e|E60radLJa3VLT_~
z@jjXC<=L0n9>J5n$)ow?F(!KlB>Q6a=<)u;FUALt$D`_E5kMIQnM~3JA3onZI7puF
zJ^I29&&;72zD)}!dxYCHq`S3i>qzntJ%fDRpkD_w2;>f<?7}>VVBMF!_ywv+ySa_V
zBMorCS~)aXl9V%&LuT+s8LFpn76jiSMBaj~R=gHCBggp>(Oq?jDV!TWtv8yw{0~f;
zEDmsr4TR?|U)9unIj6Z-YJ~4ZcL-}h-z)*^Nf&`^Jc6COv8?9ik*YQcr%|HiHa&D1
z4b9074Dq3lN2cK>{(M``0c_(Zh6yAp^SVeWi;=D3<L}qO5CrG1Sg{IKJ6cGLkgPQt
z7giY|*wAR>j&mDS6+O@#7{M1Ex+T}C&u>y$g1ki`;*N4Q^5{m{Vl)ik@1TCv>r5=X
zT40J1!#73Fn?!#D{o*0$u>-Ese+|SyEM>dYcxvT1<Bmi1!lc6;{q+aQnI3P$Dw>4U
z7qt402s&Ryef!l98QjP}LVxyGsit^8|BNa@nVO@)|0RQqG?kax0Hvqqd3^sykG@_l
zm`nE-x!dd$pDEVuu&ifB(}7v;Bg`xzw=edi87cTxZ<^`GF#!ZW@GkOFk>elTCAeJ@
z=|^KPDZPIR=||%R+^>*A`e57$Zd+&2G(KKC=vH}h3OW;5tddaPhU_?#bnjt0PH<6C
z=9D~!D@2%~Gn+2IF@RFmTF>`#n)7H?@jM`#-qYtAhU!kTlR_K+uh6*->IKtFP_pp<
zG<nDnpU?l?6leaQBWP&;pK5CAcwysmH;A4klq;!7>7K?sHz93eWu7MV&s_ln`F528
zh_u-pedN|uQh0%W`DNhv|HeVC-<fUfFC*4>q)@LHTgy4jgAcEra1~K&?c)^=TU}x?
z%5b(Mz3uJbcuBm>+3O?Q@_L=bpRMPs{%%n9JL^Ff`eB#@8Tb~<4r<wE@mtiLA(FCE
zt0UTEbZ8@DIML=(-n4QCcf%YVfM$x6K~R$Qn(tsE0`?#$Q}l5EQSi;EjDqSru_n@L
z>2WJ-Zm3Awm{)g0THPn7NBZQ4S#@zJ|M8GHAKot3&$NO6leVEm0|PZ$PYzC-wNR$$
z1zjvb5!OU%T0%`kDmYj05+c=-i1G^2&>|XW<OVJoozp``wi0{wL7eRU&}qFksi#6a
zOk*to2luMrE4X7HIKVcqs#9ObOWv>4{0Pa2%?%U!9-$y+)RUPw#?n;LU|%<Kx4g^N
z=+&dYMYhIP_+%VB=^`Naf(S^6f829%lkKR<zL?1<Vp0*Qo(Wu%D=sejpQh5{X@Nlk
zbuoRoC;(9}0w*zER-C~TfPhm%?hJ=JO@;Vm$gX3?4hSp}5SMCJLqWKrmK-?1hZQ}8
z4}D%94XztRhl<U!e`Zkj+`#=tLayEk0c&!X|ElT4?~;PwB?Z4r3jSV6!GGX0OPf8J
zvQ!}qtm_G?Gu)zWGSxK5k|58|In94aRory`=n1Bs!Vw(_UO_$uDd{CCR)}#bSIu&v
zS)E-F=fI7EeAKz%jR<7#R^RO0UT5ddhx^=G49*R_Ki?mxlY{GVx_3QJ_w|4J$3y*}
z{>K;B<Mhkxar)?boIbvuq<aU~lT`or<-zsd_5SsKdT{;l`eAx-{l)c{*N?6rUr!FM
z_YSTfj;{~wgR!Wc*E(S36Xa4{M<0Fg=3Ub5kI2UP1u*;2=IHuT()HD|_xpJ(2)wVV
zOPg}8h5fj}rhT^8|DPL3e}*;n(~4Nf^K%<_W09)EJqCtq3ptgS+4SMV{r7l&#P&4j
ze2QjR+{B6%#HbYQzmp}G`l`qd^GhnZXU_`b&AitA*1o@NR5Uy5nXN;maJKYmxGf**
z{L?MBkvcz28C^?z>B9qK|8i-~V`nhprQSHa3%c|PvF-V0J&_E*Dktb=`v9mGTJH-Y
zE0U=P?nd{%F|!ruL`6G(ZOIuI4g;c0$bEg7J4iZV-A2sOl1PQis=v3uCvba6o{Q`b
z_O+|j9`GG|e8(Q&vB&TGW{$NZ^wN4wX$>P_Qij<iF7QHb@Ujgk%Ovp@m-k>DsFXF4
zqsMz+M05ZE#;3nMZm0PhW!T(CCc4B<<(}+&HPc;O+k&nHpSiG=jet$XZNWO#&t|~h
zg5$j2!zb2fB*XebXly`^&|*P?_tYzHt%3f|j`%O<Nff$SKXZe!`kqNTd9>Rd{OEFm
zi)x7{NPrFu43eE%Q9mcK&bA9`@COyB+~U8uL9hY`9Fu4<*x4s1Z@l*0i&bmI0Vkhq
zlDqDC;OALYpWn~s@?0$iSE?Yn7rhi$xVSDj&d>2B5qLq)Cu4bSEp2hFS`ra|dT?)>
zxs4DmuJB5tpNQaSP77kdf4m9L<@tTe&$C(xErC&fuDO!dblle~LKjQbSrdJ_<T<3)
z&+R7(>V<Pt5`DT7R7(}+oBa_s-Lz2g@`Q)I<YM*l7RkUrzhC02BKf)Amuq>2tL-+m
z5<JrdA8mN|^?=TEA~QiN#f7|vyg=t5J724%-5>n6J>DR*QAILOGvQX%mtO$^el{s+
z0^pL5HVZw3^z-%z7lPMS%r-OLWUlEM0L^!G`Ih~sfBN&ieo4ET%C51oZ)YG0w&m|Q
z`RV*0e|qreev!7vAmWF(VKlcM1|#Z<i;HuWRp+(Tbjut*_r1>J?;-MNde|m;4{kS|
zKjs}~Se)(+w$c7}hfW_3oqm7%z2VT&F^Ir5X%m_lT9dimrM<FwEg=mZ1bj!FQxDIS
zbgZh5)b*Kx{U}009ckpkO6zgx6SgS-PO-!gmb(r9!)~w>^X|5I%Psz6F%FxbtG#0x
z?pTHo%QA>NGIQ&vf<KP=Fnnal1@%~y;S*o-q6rV`M%)iwG6t~@pvz+AT{a=lM8)%6
zo6TT_j!z(Imvuy*^BR&rIOkf@dIni<<z$>r9!}DS>E2%F%YNs}!)B!BVU6Airj20|
zlI)tK*fwUP33mYft$i`J8>-O_oihEhx`61%nt5}iF=l`>t4+L@qkP41Ni&E(pJ8e8
zQ<%QPG;r34f$}gdkL!)ky%HLRPg&S>lJ4zwvR+PMd^@NW*Wo`7Tkbi-*cS(MG0n~=
zLAL8YLvrsL-TCp|87l7#mA@-PrJ)=z?OVm3TtfOUuN^g$cZfU}HoZqgd?4Fy@MwML
zCFuTT&Q#~I&~@4Ox1&zIR=_p&L)&Y^zF9{XlatZJm7@EGZWZ&yq*XRgkmsZz<`wuj
zu4|-!azTGGQC{$rYSY8Vx;kR74r9#)a&MRL?1EM%i3$;l&h=P{K~tBYlCYR3?epCZ
zA%=KjT@k~Vu^eo+Xm@LOzHu54p#F1-Vs}oA|E#enA6Fd6xFAPNrjVkTP@BVzN=<e2
zdK@u`AhFf@JPB{$feo2|JUQ6!@R<H%ACGzQNG9-z3ee=7$vcknj-$NeDDODR-+-g+
z(xN*S<c<ZoV?jO)3u4)fUKYgi9ZoaZW<gp3qBg-FlO>ivI{mVt3X}2p;Gz8z@*vH3
zd9liw?6x{s)9T>8S(iIT<&IIgV^n@ujLID=amPyBu@ZMa6ydg5eq*!u<sHVq$I@=?
zpYo|A{zv1XiOO=vBtNyek~doHb%RgHJg>*>^8v=jdR_F9?DK}n-`ltEriL88{{WUi
zX}@@b{Tmj(o#)e7Lu|fGmuVkX+&%9$TcLvE+&z&AIp`@<Jj?`!nVE;%40txwJq{fw
zxQG0aCM?iDhwq+=Gr&z0m>xrt6_hZQWJD;pPP&thfHEAmvR6s>aZ|1y(<(686g<Pl
zl1t?ZGyIGe#3pME^8mw0<)}SK`vLp*M5uRy03RHb3$l85Ajt(;ZAt)lr<A^v_3mW7
z-><BP`ttT|qIxmOvk)Aib3Z-ZvL8GN`kko3d#=4dAUl62x!y^xzl{<cNKRfCjVJDz
z`>>q{u5bSdarO}}@8|PR<8ZtGQ5<d?M7d)??-<ZK2J{cffUfgTZK(V|lUwTVhBfXI
zXhRP_v{&t&TkRb?f5*;$%Iv&(b;YvsC+-oNo7s4Cd3+)){8lRT$$0PK;|@#Pe7)IA
z#;nyHH+#p;-f^>kIBxd$z`?B{N9);evnanN3*N&Z$7zu7IJY~_?cF%HPhmAbvTjum
z%aIwcU)3MYsag9LPWvJGZuUX{#G?Zn7f-`<>#r_}5Hxp2ATh&P?>pwgyg6xUn*A6&
z@oY{=$Rzc?`So!)CDc5r+~t-&KED)n-^Vk3RIVxLyN`4FG<c_AkUjj<C&WRu2fB`n
z`jq&n_L$f5QsLRNZ@b;*==m4g*POi8qjAykdruxN=%vfYX_EU_LMs30p5UcFK{-}<
z7nmYJbK|fiF7>|AoP<<8=wZzx2p@}~`E9P>V7}|wnl)GPhrW!rxsKn5z4^^oxR1$s
zcLmiN71cT=)lF)u^@^&sswyot^y@>Kw*ij;4WKLk`iD^&c~r6Q3_~5@fb>6}+PZy_
z-DWc=Tbx1KZ~qt~tKass9QsR+#T8|1S(4!pJ>w!HX1qsOE@vEz96d2FuIB!Of1w?b
zOTrMHqj0#WL3^~s8V?Ecx%iz1Y~It63>U4-+y$tpyG#61hAiH?N}CwHiszBY3G6Q1
z0QVvo_Y9TPd*$eJ^IW)lL)Ir-lM1uktX5fah9GU7zRsHDYt2LRZUsWNx)GbBQLJM?
z;Z5K}|A2IYk|g7W5wX)IL3|3Y94AKon2@(wQRn2V|24XwlgsN$@a$Ty<n<*Mqk_&x
zInOSL7^Q#mU+k+3qx4S??tgYYda${(xlGimB0)#@ajp1VUe73-m+HKvGP|Bt^J|m8
zd+-0gHpn%X*EyNh=I_f&!C$JZ=JI-8OOmPLdRZ@sDrR$eO(lQ)#TVo2^2eIg<eJI3
zyf#_MS7u83e{*?VNyP=Z7FBj$(TdFFwe#79f5Pd}|N61Uayf^L{d0M(1kT7@0u5R7
z{(GeJcsE&~M@e!gCEQ5~cT&P{EhT)*uTa6+0@X~>LU(UwU|(J|Z*!sT1&B{ve)#8P
z>~DCQVhb)4I8(S=HD52!*<7CA*X)tHw!9i=aF;Nt?~MoN>7Q=Jb2j;D@A&^uhX2>6
z1=7$(Zz^hXb660eT#7pHfg)oT^_5-G9`z<{)Ei0Ay`O(Zij-BMS@40gZn!;>3TGGT
zye<koi2+K{FTePWx)(frrCDxUE8>1lM=$-|#)}-LM>8ymdAv*zg(>sFNUxW~Q#0>b
zG#T%rv7y%sEM|B?96#8B2yg_sq?$y3OEpWjvSfEMw&OWd0xPmuIa5?4QFv!lTLW~>
zrctv4iCb87IZpQ<+Z#ZypcWP?Fl@bkeufxU@EC9EpeiQ=^jNhKTob6QrLr8p^F9T+
z!suH3sp17@i<FDSsJd8;GO?-@AE`o)hSkL)$vD&Efla)u3i*Pv?+mmlvj2Gf{A}V<
zaJ`X4NOZO2;B;$N!z2u*(xh<KH{dsaeTphUFEysvU^Z*CW5lF^#(9qBRFEqzYZ^I3
zar@et0S0RW*KA%=X>QRgGFx(f;ogE*L@-<!H-bm@SyhmkYy(%{FSQ2OY|bfk>tFHL
zV<PPf-0$Bw-5)zA3cDu=BJqH-BFZu@gq8+Yx|b3wWkpOoJJ^&GU)b!*RG=%o>Wk(>
z6<35Q3J!4=yi3X4Jbq;KX$lKv2&!MCzu6`766ANlmcaRtQ}hheViz4R7#GC-{fZrH
zBq$2a#<*rZMJUmH#i<eb(qn0h^s%f3lW3q(bg-+r4m2?B2Z*aB5m!_aG|+t;r^Pv@
zMJ>n)FKD(3T^Yk8ZCR5u^KO?p+s5;INl=O3(y}g_bH6_}7ku0bPV$;#G(?B!<mn4U
zSjP3nKRHCRn&kySS4)~LJ<kX1i{j2xjzIqwv+R?9)_!Xp=RzmQni)SFO7dM~A4XF`
zpIpH?__YJL=Jjpo%Wi;V_-hzaxJJiwH=A9wAWY*Yfe=n_H4X;@{2xOV(1~E=acro2
z-E~PkNTa6pb9u$=@vf_dz&VlVJ{O2Ozd{HfC2y%z@_|8BA}rgi8PS>MQWFn4MgPTX
zI8C)X?&cg^(wrC{Cw|3T*TyuCmjvfPhG|K3$17f=D=L@qYru?g!vsXeKZM1CXL+js
zss#TbrF^7UVTw)!Ia{&priw{U3Zh6-S(N>j^NX`O%LvJdjdAiyowLxLz^J?Yt<jOZ
z1KWJ-0(4hZmvJ%Qr)UyN$(t^!n5A!BSZ3y@AuATVTuu2X=b0SA`vxOXvqZCZ&H=$8
z5lO0iHgeoN&yT1Sb)~C(UFQp;{9c&OO8oW>!<U#AdKL6Uf-=eu!;-$Gxq&z6Atvw4
zAD9(i&m-8r-tWqf_D6+J*LUgGM`i)GVFSz%!sT^D#e}!$Ro*)o>#LND+&COxadDw#
z(}d3xwIs=mzg^2I=mo=<oaSKAXNwl6korNyEC6&G9too&(?YwJhFZ6ObG6$m)4D~k
zlM~mTiQo+IJn>g_@ZIX_5<8Gl=R}(FLsQ&rKCTr9LGCQ7@S0x`7Dkn#u4jPx!(5<g
zGpDXLJ6IClUXt)V+wOpak@k>X<g^;`C%enXC*i=%83H#i&joUZ2+o!u7=_h<6@g2c
z&V4orwW{EF-+Re(q5<6tnl$TS3#Vv*GJZ7P=@h)ygWaF_C;Cyx=|p2V5FB2S+pgbM
zNR@GxkxI#tZ7UP|<P2pC_iZ#R>q5~)55{4a?3-}o5Tj>j1l@2j&pFO#xWFtU0v(_9
zEpy*04|Kb)ZM#8V$3;-VZgpSLnR!+Uvjyo6?uan1h%`(FmHs^EM1tp>ruw{A1d+Ff
z3?L=&d`>f60+tHMDghY+4bml7n!oTq&wT@TuwENbjzxW907T<+<I$@Ues?Ii>slS3
z?4oeR`uf#CrcHx*m#9?w+B-hc8!CvDT3S(-Pi^V<EFWpNOz)PzXhWDc-S@R5B3aZl
zCms<;L$^2ytu`*+@kz9sLzslsRU6sQraSQm#$6y?wxy*al@Z%AM28LKxjk$LxlO(r
z@Y{{L;(14<=}md>Jl=k&hik`rC^h?!Fgg*G3#wL63M?f!(kgg=R+_WiEN#`U*t#r^
zz}kVH^96baLalH4MiNx;#k^GLzGVU)=!5oy<V+VV0zIGpZJJMQo2UzYa~WuwiJ5Up
z6=)BM5L}qZ-w@Jsa!HD*DeY&#ItvL8k+qi+J~lU)APXv$SWVH7HD0BZ2PKsr6W3(|
zvusJksHD1kk|#Y{$;8Xzi5)<|G*PdZN4TmiXNBgJ6vm4gJ<&o|y27QmlQkp)FQ%HQ
z{BkcH`;T&oBkEe!Md66n@%$xMCxS?g^1r8D4bC6EB#cOD-k5CfVPQ*8bm2`*vsF60
zUJ4?YyvV0$KVT%OqPRFB1zvg8!G5#K6%mx@ZKVRNe+~JY0;r8J)6qplYIB^^^)nN$
z_~T6N;G@pWDAbH)O`?Bw2C5!O)~enD261ScHSg*plvVW<?TyD}@Xfq$4xe98|K0V}
zX+7z0J%QGN5Nsc+(|jH9KFq#SmZRp5Yy_42vd)$WOLX|RGxYSYXAg`TC99><NBQM(
zQzOF#&G>^|-`9*}Sa)F`l1ZupGva%jtpH{QHxoE+)XYSKLJyjl-_!iSljEaPBQLd;
zo)T0^y0v8<+pE9iQoS^+WmgShX@uc0G(#f|pP?@iESe+|Ia+U7+sst}gJvQxC}$m+
zNEde%DMqg6g)?LMjk2$-=LBi#D?qjF`Rzy{HUcmSW_hA~cb!2tMQt0>1zAne;DW3M
z0oJ)2Vu}V&f2?s4mVts|iU#m^SU~1;lBp>gyyPx1#-MxYTa?p0E7O$LtJEQWrYoVm
z_xfPy7erpY?46}?BWY=VblpQ&6nsbik;tQ3P`0pBrEFmo$@cTpw<N2<^cA&@(d9J}
zrEFJ7jGpA_+e-7#uw$(n$ZcD^2xN~W_@^W=%{2|eEj?yE#a8X!Q<5M9IJD};C406c
zXVM7m?WM#eG0c9eg9J^|y>vf)7<`oki)`5*N`jc2r1COLoq&|{5>uAi{D7^><tojY
zObx75*7G@i8&u(y>aJ^Il@KiFp}^Iw&J+#y2E9#4&g9r@9E^L^6V4QQ8|X;p@*BbH
zYKp!%IM{DyENXVRq2wiJr<|+SH3~&<BoXa4l4Kb#s}sTJv<PlvC$^o|Oy7t{*238w
zt|v|#lvp!B7A0rYQ;8Mv+n>wL$|u)LVteVFPha(H-OA#k;8!PtUebar$Wxi&0voGy
zta;L`$}3i^^nyO~4tK4k&2WWhw4jQHIEcWRApEU&|M2<qU<r@sraxoH(Bw>CB1VJD
zD}{Isva#2dQMN#bC&wrgBsX?6*-^1>R;)G7a9}lA@5S09L~IZhC|hXKlduJ4ZxgVe
z+p8KfM=l6!ar%?=VY+{NM&AvkhqnST32ZFb%YG=+!k_ie;*p66rmxrY2R`daqP?P{
zUEW@8;MQiC_b|lRv2~?nQ_x{5?0CC(Rr_XdR<LzmkY<gg?lLK~4AY!%tdyX$TDkX)
zjq`0|!j(j6WDT$ry<Sr9pe2nKi-Dog;k;U+n&z76HD-l{{gI;2FDK~<F!IspqO<z(
zsmfY19nxbx;9HX8sL8uf<7VGH-PNq4(VA=gZZ-z$n}Rd2YyJ;Do8C0P--KAkq_Tg8
z#_-#nAbhuK>fgfzjdCIje3=w)%-`OqP23ye`d`7r)TnE7b;}kS&f%=JbKoHO{Dg>L
zIdXenYpSP#c&7#M$Uktp4KJ15ruC%Jj8G|SB2LLX6lkqg$CQPl!Ubjd6b+mb*_K<!
zDrcPrx*{`P8Ak>%p&55FXFBe)kvYGM#!=xuU<4|tR1eafhI~<p%39Unz5>4Xl3rT*
zEGKN$j3Y&7h5~vA0L&06E44y=_5;bR`+$wtaQ-h5s|0k%+ucKpzYR?Ay+!_0ja9^j
z_9r%A7m&5PVp@uRmsPv3XB;lk4r(oeyIh7t^o$mYh+sOp%R*yyE9S)OH?7d;uX@)7
z4qX1gNrz>m)n#1C$QPX|O`mI_s3m3`JgL_8)cERI8RG~<3~Q11j@96MW%&<VF|7y@
zR;qBT9FE#z-QTEMY9<h{$a~wkb`dP-ZHX^kCbAG(Vq+sHTO`r<aT@(Jt55Rj<MHE%
zUQKEMK4?btYY!*&c+(@#!B~A7_jn_wXy66~<}x4{*5qjUOLItkh6}hG?Vh|0D>j%I
z`Q-HZx@dea@Ff>+V{MPf@O6<beu&T$aJ=)0I6e=xar$&LCerlc5pXk?lTkFbrfEhC
zT9-gHfdzn{&}47)1b%cI&S9*fYQWt}rg@VhgaDI2^|LhI88)K8Sgn~)IAU9cxkef<
z(rw)rnx*=<E(>95)yP$$<9fhCabP=HYirMh#-iR$_1Y(Qv^)?x-Um1O9o)*}z+!yh
zXE64D2C<L9IP_P&rFTKN1|QX*pp#Z3@*?Q<AGodOfJ->k?=Nt(ufVV7C*X+Ljs5{$
z&wwp`0$i@GK2LxT?FI0`JOEnD5?KDXu=>Z|^afVZrh{8p%)4IsJr?~NM`P^m(7a>4
z-)<Z+gdR)%Ev@t$Ec9#axLezB*Vu1wVY}_M#@nFWvydzsC7!1AyDdit&Hq>tTniYQ
z9RV*+>=8E%8*{)N;(fsIp(QE$o1H#AJbLjoE%RQ6Cc5#goDm8VcAW1RJ!7Za3Z99*
z`t-eN7tpPlWgKDY!sXud6iv8ASqt8a0Ny%Fl1ok)<RA#tsLjdKFwP>dtqZ2@Gjo^1
z@h*kqZys9w$4udP7G)56@1#R(B87bzuM4=eN}P?6qMh`D@YkoF>aPhZefK&35t1g~
z<O5{mE}ebKU~A;`({}iA?m7qF*{AL3({}RdIQVF}#PJ<Z*(DX6mCZwMgkAc_?9g|I
zr^kn1KYuzkhjqsnBlOLyZ=OuiV1H~b-(SgL=(lkef^F(|5_$&*q4#wTGOFGlr=aZ}
zf<C-6kO|f8I01DWfYv$x^g8}*a{75Mho2AX>|>;?w&AqT!RK9_dp0`uY<B9ol|#=4
zXP$mXo^?(<{VqIR_njWsovzzX+hu2Kcbywtby{vZ{VqB^?m2yqIlach9*3NMXPh;b
z-(Dx2ev|JybMHGk-h34EIGmHs&NkbaR&O+`_L)>ebE-F`dNuwf5sGG@bcDpxTz4D<
zDXy_P?I7Rsgy)C8U4PO!Wc_OOr9@axgueJI&Lq`C&|O#?u9okGtJbK1L4XBoptA*l
z8mvh!V+@A(y>pObRYlOHiS~51VqGil>47^L!tE3yZ!yI3b4Ef?sW&hBPqMKgn$uw@
za}rcZDk2~$0Q0X(cx_&jegI?wcqM1e#$=c|1|UU8ftN^D)kc2;OpieaQ?DTTY2ygw
z`N=bDmXh}Vc7w2FE?C|M&J>s(&2xcZ!iE2R$Z`-aoYg02^qoyR(5dQ{!LkuHq~9C`
zk_W5ekiZ4Ql=$tTsT9!Dm|q;WxW8^slx@=!Ww-4KKGs!^6$wpe@sgL6(GnMdl<k6!
z?QXan8Co<f=%qO(-<=$yHvkzdK3FM@`G6wil4harpzh%`2omoO;cBT5wFuBSx5GBf
z8-#e1+`JHkHB+Z$JxDh}azM2W5PW|jq#SN|Sl@!qiOCjq!t)fJaA}Bv#Xa3>@M=CE
z?4rT3iCxhDJS9diHQ0sz2b%B<oa>b7`329(6zPI)9u}{2bg@7{mjm~`TSxiylg6GX
zozQV_Q*=%=U^6uLQd3NdH4ZhLf1iqP7}U0e;%h9)F-$io3sj!#M&RP2KE_Z^J26+5
z#SK#ybrvEte{a!!SbgJKgca8hq;EYw;E2{ONr1|R`$z;SIL;fxQ8N?6Zl2n5gWi#&
z>igh&xA$J8Z_wTnN}T7RSYp5+2gXNo!QmEhY?Qz3LWamN8YVg_W;Xm~X8VXSHeMWi
z^!vh))`k+T2}C*w<B)C_!*tN-C|-j<4U#k`NroNL0Uh>Sr?)W~=bPg#iI}Nv|B6V}
z{=;;#)7mqzVk(4<<{mi_Or!nWI4WIf(Tn7r^hN&X;UX}|b$y8%LH@QqMkjTH&(pj2
z5V$q<J2|Zd{R~1mH-I*|a%5wT(LbS808>jg|NX0u0CGV@Hec-am9`u<62&hFvo)8b
zC{wu{S*N)4a^lAPft>5j4s7e_5%@b?@}e#qR|Ci#{GIt0co}pWAd}v(r`ZcAFm0QJ
z*EqV@>=wou@YZF%d(9V%BGRZp&MvHR8<pNg<Rw?2kAwU>bAnYZh(tM&nV>U$8IXcs
zq5C9Vq()V<i+-$$SnV3bg{+l=lp2bre!CXu9yBSGz&lDauD<6!wb}<vqL>p&7cArv
z66o6)L(P`!--hi9b%UX$JoaJPY@T->Kpk%|&zgsTdVJLWxjfCRd&*ho(LCpa=6>7A
z6X%rHDo+~e##ii=R6OtY)Bi>mf(NoXoaJVBHlw@zr2W`>oXfT(d4BE&kIfD5oRp}{
z_$3i5#2H-s85W_I#w1q643+qTIQHN_H0f~p)1dbENdhUwzsi}E;_^@D3sGh1xyq{a
zv!6G68~oxp13#4Xv!A_1?3YmAXgox}*IVT)L-zsOqPZ5%LV{_Y642G|pTGsADIEdf
z*FTkxZX6{r7tz2p(M3PhQlX4jE5m$XsmOnS;P33S-ghY*F7gJCK}SG7F%PpoAF~_X
z#}=n2PfUKUARlg%I9}t6|1?FD@#FEtGKtMwodaE~G3<W(`t?Z&65ZDbZnMuDrJ6p%
zCsB6#=(Fi)FX-r7Uoy~@n$G-;K>Yy*iAJ*nDnAoM0OtgD38N*!d7<S9ciQd`UUEhT
zW^AD^D12@#`RhGGcLT3R<h&Z4cVD;<p%18AOFg5P(f7TGKm<=WSX29%JyA_c{~>xw
zNG@Xpx9TF7m=sHNMT(+*3^qLvg4TJ&-2TBe*HUInqIVt8#QX@QW}gk*-nquZ7VLK4
ztHKIu-$PYv-_T26OU;8)sVGO~>*r_A`M`7)jN5~lnuo0;@8a+UZ0}yCnFDtsQ}k?`
zeuqQ!YHp8Q4-1xYLAZRE)YYnx!7&Zy;?{RYupk0%nrC1VapQS!Z;O663kUw);kI2H
zIya*yo){930L1o%*yI|9%UTAmf?@t(xX=7;R4aH{Dhw@YAC0HB?{~c^(0lqY|K6$d
z@9&0;oUgYa{O?NJZwPGo(D4k-G+G@6H$_3EA`EdB&dFfb<MHFbBaz2s*}d-o^0v3I
zLdy;^J{muoY#fhM!L1#T(+&QO%sj~P@75cBOZ2)`cFVqKlVJP$k~`i$vEv^oGUJ{2
z=53>M!c?Cd;${$vBT!9=7r2ec$#Jcg_IYV1S69ukLXpSbNxLA1(r}I~ID6~h>@_?$
zXZq$8#x{+MqFH&c(`B}t<Y*uW&Q}Bf4x4udQ%h1xQd|=6W47&)6J$;VVHpVu6I@ZR
z>-36y|K)Nr8rls$tBAca>sdkN@+DWNdWeUPTC}x9$2O%nX3EPEvKH1^H{*;MZ#0`-
z8KVjdMYFoV8apXr3MN=#DVtDMiAz`qbI=tno8<H0^()c6C(!oz<eo<Jds+~QPPa6k
zP2Q&p=^ASX&2u_8b|(k64ZwNtdLqAc;ir&IdPdN{jnTjUEBeb<kG^;~9s|=bK{;MM
z(A(-19S+!6U!j5PX|Q3~mVJdHWS8ssq=|^{rtN<;9<RMWO#~`i0QUzDt|aCpv3d5+
zdGUtl)Ee7c7w!oW)?~gl2e{2;TY-rj;Qm?{Zv^NaFPvsIZgurc`mY{qjypa<0<MT#
z_I$&g^hdpXB7JzpbCmm>`e+78^?Q};TWU@>C-NT}r@0jbpC=X1o4!rgLB5Aru%;5x
zvaA*8E;-9=w7Bycq3~P?_=1`n;^=Fux-e;doZpL43fc!$dIalcUg19>BZeG3JlKEy
zD2T)BJVvnYgtwm_K*rxFdaA&h`_QpbmD`ggy;^s@%-I-hLoIv1!`w42&|e$F!@qrn
zCh6o6kb3KzWp~JCqcEAJyx)~TmlQ*h$t-It_#i^t%NZeSFlAQo#b|H5Hy({2j>dZ<
zT2_Kzg7?2n6o(A{u2)>qgt8>KqxD!L9MaVx%~ZnY31+UT9Y%X}Qv@lpcD9v)9O(!|
z<6n>A4tx8SOC|j^YM(O!xDH#WbQ>N;eJpjuRt8C{#8_ZOuJ9_gp1v6`o5^9dl%Yn=
zE~GIqMpulk8O4)~8spflP)$R6trzEhP81O(M5!(Lm7gJW6*v%<#_au|p@1I~=VnA{
zI;{thls0==qOVZ%30{D;Yv5)wMaN}T5U+u=UUFG;8F#dYdabR+<2b}*NWmnC@+eSZ
zW)k5zB1ml<pEF`acR<k!`2kqwK*Y$9sG{NL4et1#n-B-;*t_MaW+m)!vq1l<I08cw
zy2OI=TEZ(pV0UJQ{jlRQQ0{{qsUjt<hp@zQNpdv9l4eNDBB9&B18284WAI_9G>Afj
zz&;-(R|g57Y&h=C7CJq8`(tPfcFQTc-f^bNIp@>Qa3v<6y?XY|{(r7!)o0no^YQ=B
z-n*{1abt<1{aa6gLwmNRjCj+<j<qNK9kuNwnzj?QC3kwJlTnH+kgTX!s8oTH)wcF`
zUgNypd6M&C;f_MxNJ^F+)(=~(0u~l-3k&P|?e{N_FUddt>m>gEd2f7^pAS@xoXjyv
zFphI9YQB8)-~ZVA?}OhTKRp}$?PPMZc>TAq_kK?Lr-S+4xW~pj+EDzpQG9)S45JK>
zsiJy3fRw&j3n$u;%Rq$(t#wPcPYz3B#Yj2qQYGhq)1It9DsE1#3UD{3J_DN3chm*r
zbVkPH3Yn`UU%DAa&U(P-o@Q7%fozV2J31DOJK!B14aLL3P%m-%7^?%Ka71X&DPtuH
z$}O3Tnk#prCRKYe&w~`$EXG_F@7i|28l&ODrB4ly*iOn&o3~hVOW%;v<w)tb5hIrq
zlFg-!)J%{+Eln{c8IdA;62gZM#VP7BAe`u++uQDk59qM~AQHLV-u6oCi6C*ew-!Bp
zgakZg5az*3uSy85_G{N}_E!liNK@{&AVhUI2^Asc&6rsi1wxkNzDjIef{FsCBCT~c
z%=`UPX+d>iEercFsp<y;u0wsg<hyJ>mnG#i&d&^@ZN?lCB1~x;?B8@^j%;fQN~YWo
zhr5yEjCQqMw0V5+rd|4378BJ+5~^@>2!bRDo_2d_B|%Wt#UH8Mhx*Xy6og|2%O`wW
z0ZZu#n37QYei{a)Z3Sn_H=4ufrzGquk5BQA3!J2vr)ioh{LNmNZklpWi*JnQJhe9a
zm2C>Wp2$76l)fxr&%H+7S>DEI6R&3zujdaEuV-UUx2i|Or?;)!L^ArUA{n`d(<`6q
zPoGcfv(;g)-z_o52<Yqx_2p~jNCt@^PykV2*haDCId|*#BX)_dlFKG7H$H|)kp)SE
zJV)FYA(-MG&BIY|9=z|4Vluw$%DDI6?9D{NcPR-_vEzdn3`tN(5`$2jYo|pq>LM)s
z3o=jT#Az0m&D!b78CZS2&|CfP2Tg^?ADgZ6Wg<Vh)CT;FV{)C#j36dM8)Q>xMTaLi
zwVY^;j1G6-I~|g|$1R%y_|>p?YBQG_|KrRtA3l-1;Rw@f%)MH32>Ww|1(T#ju4asj
z{egbJmTn4X$nKzbZ~%GH9k=-LWZIjON3Vxp54x|1U+-HSAs~99S=s$Tu8&Hcr#|QA
zERg>^5NZ-moOsImJS9me$tc87m3jJ<1lbL%XSGy0nwYUJT=-*$V^{CXI`A6IR9=Ji
z!#uc@p}h+Bl**h1#e}4zV0^iYa>AJ<#uO8gI$;zgAqu8Jl;l(zhM|*FoBh#kx`tWY
z6Y4meN6GQ&iMX=nCO(iEfPIg0nn7ND&Ly$p+#obc#_=M=IhrhzF<+bPIw*s!f%O3}
zEzum51d*`}C20~QCp6-*`j@0Z*W~5VSX^;HaZdZ-{uw1xwz>L`7@>s3u}PN^3TwWs
z?z@9?#%>cb`9GOh@xrfgmPMiD#fls$?|BwoNqyQQZrTQ7Q66?7nD)@SoUss$sT~J7
zj~*h-H)t@`vpgY?5G2QQwl=Qz_}GZ1EMD>_JUV}U#_6ECI!TcXJLTsXqUEve!shYp
zp6J^(9@)I%H6B@X`qg`g;G5;Z-EfJGIIFpZWQI}3!%+$IWj1wck(^Lz`~oBaCn~WC
z7J!jBIHe1*^y}e_z?A?cOXo(;EykS&@1yx*Zd?adL9UU7iwO@pAmUcU)>@ZGxw_{Y
zO9ostBdRa^a4|CK9gC|HnV^5+j3APsScqd2{zmK{KGl*#P+Ez3@cu0N7lu$egMqyE
zh|T}4^r$uofOZoxWf5|dN+)a`vZ?J3m7p#psJ^iuB}NvjC&ydzKbla(ZnCzgEfrZN
zJclFFk?|b%dWVCajQV3o;b@UN^)51}O38*NYw9CZOqvRsDu2#Y_~c2M3h&D^rt;;j
zlCtc|cu!B*DoROArZ*^083PI@Da~L!{6xNLK(0x4$##F<PYM60E8%xJ{H_7t85~~j
z42r$brL2X<Hp?ZxmPTrijEa9{gD8LWY%Kpp5`7P1xAk{P9?&SCMBKRTCHa9+IcBOL
z+~bPg-=+TFUJr1==bC|X7*_;`GlW3Mm3&2IF}w$U-9X4|*QvQsN94g{*K?zAsX;QK
ziJS!788Zzs%H`-$E>lxkcLNav!heCZj9ebs(dLb}{GO?txE>jD9P1^!bGrJif*eG?
zbwwd&jUbKwE>HKXJ>!rR=CrY!Z6Qc*Oa=?d&`G%ra3cfPGL{9Xk}}QZ@eaKvw;rjm
zI9a>hYdq@lA6*_@qkEl2l>Hdvh_NY?IGEb*>Rry<7CErD0N^K9|E;L*GGma%LFh}c
zH4MtQDg>)!r8&`(2`M#!_pi*p6%<BRHU$;c_?je7C?D#zH~%8W!3w?gL|-X1t!Ln_
zJHH|}-my@N{@vTx+6~QUNfNgV2jiK^6<TZgU1lpr+NWV(Jqf#E<XTL?uC$+ASOeEK
zwg%M8M7zBxGQ~)sa|7WqJ$FUV@>#$~2ZCt;pDIYIQH6EdxRYVkCL0K=Vjt77$<K+9
zOZ}dz!tKj*6ig`2P{hLwT8YhqBDSvoQidmNc(lSdTO^=e229bpify6Qr+IA;ca4yz
zO2aIT<9Tp2p=Oq7T=Q&m7$x{x&4*~t)?@K^mOO@&{5L`B%%}PO9;ei3wsuzec{~r&
zyl-`LtYBC@g_tR4DIQxl&fj??6*8Z*v5nbgV@HBGks#tF%xHmaziZ9}5X+?xo9G(6
zv^FEVtwr&!$S8-%b)x5}=Oq0E)=I2cTLJzS3<`Dp7k(BjVx7yekTn@-9#`jx35ODS
z0cw<(DJ@~Ka;j|V^x1Wjq1egEoa+rFo8iYo@gOBEs1er-DUih@Bw&Nb*pLsm;`VB*
z%6qOI<sw!%2o4a!^3$1;JEx}goA7)RJ}tsJ1cpFn0L;-S$bo#z_@`pK&2T(7@>=bx
z-425dZ3l5q44Y4T;ElkxHoZ`DD?9Q-6u--H{ymQ8GF-2Hwz)IvSxQ2v>8v0=)E{ou
z@?<2zfmVi9-9q!hvNEA++UQws@LmR-<w4szLOa<71FQ~P751y{p1CGVmSRaLdU3aP
zjWEP@sWk3<Y1DZWuj;Q|;pV&iSXzUakr?aUY7bfc=oB|9gLmZgXXR~bo4-8R4QuD?
z^6pcAPil9p9q(t=9qT}=$FKg7a1m^MER;07+PP4DTskqD3M1zkkR^^!cVt#PKI`!L
zL<ea~!iT;)QxaC~%wiAf&rwxn<ug=6s>Z1SyJjHOdUbgkTzNq)&(11j+%eQ>F2m1i
zuq*DxDl|UTKFrAI;c~QqoqzY4czZUUWy*TW!K}=-jvTvu6Ng6kqR~>T#%kshZZC#M
zVP~<I%Uu#jc;)@%Z~PN&C2pv}1sD%@N0~_a8BR|x>h_lnbhT|}!Ky>7ex2E<wdbCE
zjefc<Xrkkerul7&4QYX1mFKKPWwqh^o?N4tBvWob1*w`Wn@Xw1pg7@1fx|(l&3A=?
zL>~PM6c<%Bxh;a}qX5<|WI?-R(j{4lv%dH-B8w!<l~pV^hm}%GL)t0K#ijNcg*x>Z
za=oh>87SC#cl#Gu6ai%Rhcqo93;N^aM~3`)G{-+hNl31b&>(kgt<advr5r<Qc(~#$
znBgFV%;4NG^DGI{)V=~;2k{GC-Jum#+M6^ZW1a%!#<6lV^sYj3Zym&pz7~SM|4>Y?
zL?$9K)GWw^LI~0W@QJY;S|m;FRe+l>VjA)EMxz@J6r|{28AYg-;t4c1g5El2(mGL-
znuLFxzIuD|=G719$FGk}b3)z(kG@T_XtbbMd6bZZlDou~r#JvJr+gehAl8skF9AvA
zDabG%UWgmPkU|-r3%5I|Zp(L3<nf=IlPjaWlLYe6vwD?n;0Qe6Mhh@HlzMp@B@20~
zs_;G9ybZJ&3LUM3AVMQBjmZdbVn??V-8@J_`HB^e*qCK9djo6}ju<5<Kx3THEQnD|
zc%&uO)EVmmcY@%?&cbI1at9_<Zo6MEE<}9Gi;G|7Njk?g=mKH1g%2=H=1O`^rYOc&
zICi}oN7%?GgCZ*+nNI5;B@<%7f-H80XlFIRzJ*Fh?9a)Z8f-au0!rm9PppJ99+WHJ
zHO&_d^(g<WMp4)%3fAm>Bptdk%qQaA+t;=d%m{^WWH{2E(I5%glHyvdCpnBUo5mh`
z!<`%^#H;Ty;!g<!26`ivJFGu_a4ctgm1KE8WCPpJqiHwD#<PgxF<oT1AEZ%tOp+^p
z_T*q}E!tOym-sDH>9bX6CfWcZkY*$erUBJn%?7WT8rn8>FBVV@qmS4*l3imS`Tp|j
zyjy1Ib4o%KBsA)({IugBL1~6r4+SU6HP;#6lW81`ZAF_wwoL`3$a|tRhL$-ZV@4*l
zgXTC$jD(81E#cbyRSK~szv7YJs49TyHBq(^Y`8c9vswp2lMpmr1X++!3~{1lP!J0>
zffC!46(~hH`bwt9T?!#zn;lLEg#{x|Bxy~DG}BIq^MS_}k=6=&TPsP*aY7><jM6sD
zutDjlD2!K>CylaFvoffe6>Y<75u8XwghQ0<nm%m1Xc9#6BEvEj?g-PM)avb#uM_8{
z;hbGlhC$FwV7uhYD%FsvzP|L!+H`D_g1IIIv$;L^A$<WBo{SN%jNo!#s(y|X!%6A;
z`Kz}$2rWy%MHX{Jj{1FGWY}l*B%<2!=B)w%b{$5j3k{mDA5Rs_Zo(KgexyFIaRa2B
zfdeDG+L22a`K)Z@0D^z$;FEXkbhGw#s{c~Z;qS6w5+nf%gM2n3z|+FX!S)S1{cH)7
z%~A>@bhno;6)5)tBoqINWQ6E{sg#EH{X-@{6jww$b)imDxIY-^42L40;c%c68oK!s
zb<Jmog^JG(2Xl{o0XpM$^I)a}gMqUg9D^t_d7-;nSlTi!?@I@Txh)^l2%18bcW_NP
zRoL=mbT8r{nwzyB$&e24<s6&^C^kr1uAM6RXo>cW@IF%&O;i=)ju3B12<`|SwuNDB
z{Fsb!=NGf2Guw(>+LNcLsBHfT9S**W3_N{?fqW3?Je}mCn@-;$SNF@vv>~74Fj~xy
z&>Nn*T6`#G2$W19S<rMr8M_XC&1YD|UWoMFN(Rl?k_SPe!y<KOWRBHRRQTw;pR%;E
zYIr;)wS1*@nO^6pqz(_@-ZlJ*_#;?Wo;UAc|7%aL&18nHyKd${6jP%?pIH*oKscVN
zXj7)|sp;^?!z5T#KkvyPA@*xUQhEAkE5?#tQipSt$#RV*rEsW+{*#Q{iXb|G@J<k?
zi)3@vYHmo_gq)mACeb*udlZ@*U->bwPyEJ5?1I1Tp<`zZ!M;)9EJkTpXW#@s0i7t{
zibo$osw;>z(KDnnTp$N72GV<M9^B}hIP4mb=MhAoxsgp%f<_q*F3}>LW<iK^$4LpD
zKx0986{&mrRfMnYiyF`B#=~ucW1EhfpAZx!V=_+z8X4&}ii3fsB;s;ij*!s+x6*~N
z;aK+S*0s1a$Ow>uHf_!L4=QMHh;j-J%@(QRT#s+js~8qMp(osvCQ%Y1e%a@_?sj#M
zNIJtedZ9w(lipYJoc6xjRUsBk&5(#!ytn`CIo$AJgCb1Fp$@E}BT&NJNULK4N$t&W
zU?xu1oxwk97Q^%#8C`I)26_1y2Kwf&gEi!#SmMs5fZKKHILnSRik2eKI2RC10OR0d
z0`4ZL)R>!L)a8i;x?`MC@ggvx;EW15Eup{*1JWhFkq9jVse6fUjEfjddvV-!<PRt?
z4^jgI5$U2BE(1bkaERNzf8Q~n@uU7C)}c0(B++CF+_)F|ixo%1s9i*B`=9@F^uK@k
z_no8dpF;x&H`vC9;q4Jy+LcIpJ7~uOLH-yi3LUY<*4IqU*jVda4@&Q=%Aru-xE|`F
zVqr*#2EGxwkm8AtLI!fdWgr(Lr)v?p$nZ2G$w$u@lKb8U*?8uAFC`im^d@c6?!QQa
zcRT|MJq<G=CeM%|SyWesxL_nZ!zrc_4-~=uRdylJAv@$`{*y(H4dQO75(J;Xs3{jH
z3+WL9zz&NXV~B(ZN+IyM`E@$R26^L=lY|llBi1iT#7fEON7-?coOZzHhMme8mH8}S
zZ0z<7YWU$p##5xSM$yqXsK?dtz3DiG0nTsrTH=vif8!3Y;;&)HWb0XtBh>lu0pQ)<
zS|3F+lHp)rwvUt0Y@&3bqF%4JWeEf|H|b>|Ig=<uzDSSBC_w>Y+)S*)4n{Fnlf}&`
zqFk;6HP5f!r(9buO}jJG`Gz0A>{M0c_z`*mF;bm$EB*<sIy*%abA6F`R1#W|-xbua
zOMIilOBq?Av~3ALUQ9{9VA_RWr4i#*a@j`8YTomnB}!d@&O|l}jxK!Y+0M9%0+gpw
zk_4ALH=C3pi$D&7)6k>3iy-C(p5F9SJ;-s*%d-J^0weIm8NaGN+R<@zIGGq{^bL2g
zb*?b5J3*1?Fl=OE`{n*dM#_K&;#-<G2H9lOi^Cc(4F6$bDYn+1HKS|v+}%U^zO$|?
zmufZlHJn@Rtn1Pu+pNF4tn<<$TWxZ8DIbd^t}f1I@T_c$9Uqe<U&P+?p)11i9En1`
z5MTA!dOQ01&?Mu2Z*ZO>VT=>XAcXkJ;&G-IM%c9{yH8ALA`7A`?iWTiW}pglWtW@|
z))rmvjM!zDJ3E6L1E+4fGdx$>!r~ik3gBANeS%}gGyC=H!*k?#&KCKDN5(A%S8|A}
zh)Gy3A2QcAtKb9*)Uu)DimxRk%MeN|Ei7u-Y*B#ZlN?Ee>IFz^JP2S|-OGSUl6~WT
zH#E6~7;9<8ozUcF#Ml}IiP0SpWqU_B8G6b?QtC;+&>06&qX3lpZd5@l%a-^bgjm|M
zQa^9ah^0h82Jn7C5{lnbG$U~c_A^~>Or^q!2UM8haeJIGna@e0<1(u7V75s^Xv8&4
zNP;p#DBrEn)kPG7W(`12qY&*427{g}qF%c`)!YNQJpd{))gn30zstxXJp!c6*FTWt
zEg@9cdm10!<&3i!>f#d*h#ZgE-agF;h}o33gvSDY%VVmENIZt(Fd{GwkRAhZGYQT4
zo|4dU*x<ztWttfoi(B;Bmj`kF$(L|J5_z!#c39B75Gz8&MuaUVVB+K|%1C0_lb#!U
z1uSLWr#OpXPGW8y8QjSD5v*H~r68g44XhEepllarm>U%`iV2CW6EL0?bhHq_&};)1
zS8W@kV0?KUWU#V<@N!~b(#{?0`*~tBHzopqYwc`KT28r`JcH>rv)>5$d3J=R<J5ew
zA`jZRa#Y-mkJf80m*av(v6_UuCGS5zef#5ozIt(faq?0Lh}p@{|CV=S$q#fKxCq1@
z0wx*#2EqG!H^DqMqW%2{hKfRA{z6I1xVe@JSt8>JMu}LAI^Z5D0x<ji2uM19ALS4M
zLmnH^#4rlm^#SP#%C4++1sykFOQ;^IY|v&SxS>I$?YEC)PSGU9nGYLz&VcD8r_nNR
zL_~#sFq|@@8$|-Rb(fsmU8}i>n@e%Ai5(-k$CqNyHzszE5$t_x0haql0EtMSMydE^
z7$fu_<@-jxylezH;XK=SUXKg&%>NxN#+M9EVaSn+;qLv&<;vbq+$!OsIA<p2>a(EG
z<h{DHSTPZ6q9Vr8C=0S1M^_K=5Qn|JgWjMU#A#&Y%~na2)g32FeiOmA4OUB?<VJ+*
zITkDv*UhogJS|qRpfj9Mky2NrYz8CnQ_Bcf(MuKH+MC^Zk%ob??}tRDz#Z_i<6;tM
zjq4Foq{?H@pwr5;C&;FT$xav9BiKdVsquq{ooCmf|7{i-8$bF0fdAWLt4)35^NBhi
zJ}3b_>hQR37lI?Y;6~utO$YVR?d^vTO4MEH!utNE2f%xJjiB4xqt?}FFhx=xj)XAW
z8XPsmPR@P)Sav2-#v&kPgpx6dkI?yxQ}y05*D#uaut%pnG`u|@Wu_)2m9K)VKMuw-
zTmr^p6H~(ZA(xvQx*r5jH#G9$o+J@%xX~i3Xz6AP;ZB#6Id&X@&~}QmdBiPHcTpH+
zh-Mh?Ad;vkQqq)2#M@TEogCYC8x=bvBgr6rlWDqK645mkMUPO2t%dG29vQx5*(jon
zV10Xb3{>)bmXXDDcJ?MW&+zLR2G<swCsod%D$frRfePRvCZgg7vI*cN)G!IrJ*ZRo
z-jj|dzPR!T_oh7&0}@eki4zWu_cSQ)g)3$Hk^6Gs?@2;3;lKdtmU-;VY=Nb_2ZnXR
zZ$pMt$&6JL>RZS~WI=+{l<_!r^bFN$D>#5?aF<_Kb+cv@tPu2o_mmXTuk7J@G{-p&
z=BcTyQ7%O|nUHLZd4n?OxF{Yah8rxhgg?aJf{Vycj4|O{O2PS34V4;$#4W<F`gV|s
zT{rd#<D<9>H|KS<!+>Cqb`3$o4gW}z_(nOcDz7zmq`B$R)QW75fNGC@aO3JI+>)FI
zajfmaRNgAFjkF`K1ZQR-FxEra@D?N2!%T;&B&;2|0CL4U7=7nL9Wp^Ai>6Vc^R02I
z58T>#78)LAKNnlYan?JZNl@G)L^y+A2RGoZ<sENvWsq=3nBnFEepw8H51+8Nt9Hsm
zJHphf_Yjgl{5B(VF;J+h0uY*J&_>iTEGqG3${Pih<U|gpGn88N@)OA}bG{6tNeRB@
z=IEg}N>Vx^bY_R5<FOdU8y<_(%8nOAnO;QvqR#G1?9})b7kkbwyT8H;m4^9g?P%GS
z=6;yQh>Gb2&nKJ+7xVHxwktN6*lK2IIkD*taec+iR4nf0r$!6v@Er;qct6#E@pbMW
z=VGYI*JS!FoU%fvkn4k21-@qE`nT7@i<FB-V=|p$OB@f!lyo0ePP5lpMA=5PD4$U9
zORM=%TrU_`Kq=z`B@@&`$1%86(&!4uH(Xz!+7MvGfCnh2Az4uUJztEq<3x`7A-?L1
zGL(RGIPVcSO=feIBg~|^2D`y3<TS&<T=RXf7PQ}Pl&CCfS|?+|`13btuQz<!8}LkH
zbH?C>m<Cat?}BlUo3fCMbF^Kdv=Lqa;0@f3$+XX{n0_~=)=4}3F6X)LF%?I>hzM}O
zlgl~0BJXK1raTD;9~3j2p(o@R$@;Jx)t;5P4bJ#X2|EkZYQuv`kMTolZiUk~C5peW
zrpd_iV5LE{dM=N-zha!e%t)HzkS9mX?d*t!tca2e2ze!Trs%X`cGA5|oKl^>LUvrc
zJR0m{as!*LcUeFOx;?rnQaXbQ+I-C-fg~0s@B|i7j;3%-W=6IPh$pKOU;qGII!-+_
z5FVll;T||W>r^e)Ff#+n@%JUe6boSKM3{V?+M{c<BT--jo8ks5R_FoMz0MH7LHZk^
z_v7pUTP<d%C;@{{KqrWm*3ak@?@M0<m|uWYkgw-FV)qEK12lDwCRPhTYOnc3Qj>RL
zOjE!vK;n$H=jW_!Z|KSKrwetbr!s4(cQQ=4Ql|Lm(H%{O*_fORU>(aQMDFlrGhu?4
zGqGDc6}#+E#wj(#Y9b~CuN395BX=43;OFi*5LQJANxHCGZSat_mfbRe?=uva9FE+h
z+{2kque~15&E&0OJt#JKT^U?YCj6WO0s~w^0Sv=A&9IqKBPBT%SBS1Aw!0!-Cyg@Y
z_@D+`1f>dcaJFVcQ=nG$*-vHr{v@b!;9eVPWu54WYfUYCGC_f0N1+a^wqz<PxG|ca
z(YO_I-7YbL&GX$FL#XzdJBAKHxaTpHt=A;rwZ^cRf!DE@ieqy9;}y>0AWfrW`j?oD
zFLRZX>I!Ex8iVFQCZ>eu)O#LYW{xwilq+zAQI2xTI&Ug#6=kzlNKPC*u~5q{(lMDc
z2FlXU242M7?!Ac;Cx@8KVaO(5r0ZdWXQaD_1nWGo22XGiY6Y?gt{qWRsyNPqd?x*!
z;UtmG^N<sH6k>KnDE_}^31S9ln>A^~s3=qbV=lro+zBr!hSm-rig}d0Wk1h&*EB1I
z-ijazDmND6IKeU|G_9(~+y^&D+cJUR@lR*y)nCtcL?V8!L45JUi7qh?;%H2E#C;8o
zFb@j|(P2p3P2(WJs;$utKpb;J7@ZhLB<o5^m_I=$r|8AW%eUN5EEK|Tbd5(dLN0Te
ztpZ(>>{6wb<hPU=Ml+JrCpk(mW#5fEdNe6WKPchncTQPT!gz-pz(jMfZQ`~^(Zn(-
z5?Od8FDpcotl=L-t2#o6kjBECGF~!Fa-Kb(0eZoQ``akX=}!@zea}IlU_lAHU5<k|
z7FPlTx^qckm5$>m$b~fz>&BdK1(iPY<P-)|`qencFjrhiGez(tOc>e9ZlpjlCE@?~
z|NOr>0LbC4ud#x*v6JyE0*y&;IOwr|3}an|f@NOYMZvHaq-l>`#bf)+$o!(jfEk3<
zDVhgR{=p$Z_aj!(RRk7hHf|H)5-$KZ6BkeL$&*lmbXl8-rWr$uf^cO-u5b@+r$G(|
zh+J2JXd3gIy;eruS>qBK4_dV=_e+8q=?brcWXurbx=|4>jorsh+i1{PDxCvka<8Kt
zbGc%<lGE*5^HDeh?^sVxBDsNhL`BHzrGgv%s+<2+ll><-SGg@x9=TP*gY5<BafM<|
z2%a@rmnT0s<(eR*@dsUGDvDyh5DGA5<oVO_Yi@H1A&J<*9AnBE7|3!-l@LLlViK5j
zt$#W|+u}6b>FL2&QRhY&;olcQ%t+SL!9bmy+rvW%ZyqHJigS4m@zFcuU3w|jlzl20
zF-8_K&c7v@poVY3!xo4Mkdh#cKn2Sv4C-`{_~68RP~-xfg8R}I0A63=Y{Y9%G41T4
zP8{X%|8+peGX~MZ$B9%gak2A)Iag3h1lJ(*iCg*YJiAS+<JhSHms6Pt`^=jHpoh-M
zl&ej75M3GAO+cDtWNs*@80(Z#Q*mp$VR=%^iB<*UYp@AyL(NAq7kU3iM*LnOh5-!B
z|HELG|J?nLlw|bJN>x4qeijNuxtpTWR8R?(j~zww5o@uianYkkvmnVQGTK_fNsNOR
zB3gcDx4|3kuC_|NVG|I$tO9;Y<ej<LgcScv1to|tx$}t@r33rmY6;Ucj%?TWNB+<y
zM%-P%UIxb%t#I{DY@GfQT0wuROsgKDHxPE2alopS`Y8WkpDjj3+DymMIHF2-quDdT
zmk@zZ5g>%)g8n#>h(u~hxg=F&VPp13%9OzECoW{BENpdI<cVHT$~K9Q$Aa=WpP)m@
zqbtG9Y6~aTiLP)&m225(EHkA`cC#WnX0ujPyFHDB(<&%&#39CcMZ+4xkeTs>VKPPo
zH3Y=g^!QV1>gH5Rca=m?I8+%|EFl*30gqHl_k9`F7r;U~^fX|jP2?RLTqcbW$PTEK
z+YreT4lM3WW*WlCzWZQVu4fw3`Rg->pAzt#!8E4X2VJKwm9Pc;Q_*1t;Kea8<W>Rm
z2O0<NbU09WEC+}x0hZDf*FnS?ErEG<8KoAaE1dB^Wk6^z#0b*+XP8z0JFDRm4?oJ6
z_@)NcOMFv?DYs{bqesSS1!QmFlA<$bdf{?w_=2(h8(371vl%5ovEj-ml@gqblPh5t
zf^P~ok;mDN$`W7RMZ7sc*SM`H@;Ep96D5wHkT+O`@DqB%4#|scZdsXQ`cXUAd`wCB
zQBnSnjAQ$li|9`|raQfV*Z!EC#e1#8Td;Z;7rz+M;A+QO+Qpgs_>+!mRx+N2&bqNY
zQWE;&c~tpp{m*vqtDVQ{Z6Ume6|1t&gG+`BvG`>p(~h54wr$kb#wVW^lJwj)k9<nP
z`{j>Q5~>5DHIwXNFD18Xu$IQ;G-oSMZLU_a$hjP8q46_fHnFi&F@E_f?A5T!=Iz9z
z0ZuFRP0h5xPG3!J=b(m(PF1erFO`9otHr}T-=!3dgn~7*SR-?p@KZLov&wI&tiNXT
zR_<r=b`j%j%cc3YN6MJYQ<C6>=KX9DgG<WRqeoi?0N}#7-CIm<EYJc!Co~E#ZiYBv
z0H8o$zbKs->jlLKA;y(F7>~&!p>ActQ}(usr<o@NGY#@f9e)`^&}AjUGTw_TPFFPA
zmne$&$NV*4%$$@Po{^S&lfP3hl$#PGZef&Xi<FyxFGA3$`-Z4t@3KYG1tK=K9nf(%
z4M+V)+S|Vyu>R}DdD~k^IThN>dz7PSK3{-c8Y0P9=Q9eDP|E5+!NL!wmwyr4M&`E`
zNsxG`@2#>8WJKII{*3Z`f%E>s;r{cl<z%EJe5sKC3n0&D#1orm9wo<8eRPC|Qb6}E
z3G`cjYDCF2!_uX&xRlxE`<7%TQUCKdXxJNm4bon5jT3_m10eu*g)WG#*{diJ_JTML
zWdY^5Dq1nc^!8+rVlwUT4fY28!9jnp*N^6DMy`Ni$-9(v=?r&et3eudqok_=bQ!MJ
zGGN8Q$F@r*-5`-wx8$Y7#!mQ^Y?ZBUBvTBSC)f9&GLhDeI>g}wopA7mvdB7)K-XeQ
zCD>&i_5~wPSx>};9}^?sa6o6dd36;%5SGSWL=wy|%VM&00xc7=kxIfuh*h-tRh?#{
z-MV0q&TmqTwnI#DHizSUMy}P6KvRZb0Pw`&j$#Mybb*X8r8w&{B)ZTtTPlp9<ge&W
zszRj6o*bbQ#yY6O?2PkqW38|%NCaGJeqye@M<SztF_(;_Jg#$rIa4%t<2f)`d<h#9
z-Q|%-;x3JK+)BRe)K7cOiSTlA(Roi?vrppCaL$k;?*?-A51cPtBXDwRo7<DDcov>%
zVP6cPsu8i$wQ#Z9aPWMvr>2BBkr@2$ib|d)2iFj&S@2Fpj8hR$ge2TzUdK>;#0@&2
zMQ{=VlzVJFF(UBf2NGfi<cZl_B3>S${lW8rQn<Vp{NKqb65%Uxu0?B(QLu2`m(t59
z*9Hap8eM(B>ImX}DLw8#lId%@QL1hYo;w`48-gWnimTR$eW}dMP|vcZlT*F2V-kda
z3F06bt0m&TK7$MOTX3kenBJF|$6|>lmVjLt@d2_x1y#fBiZhu+V;<Tf#9h!wBa+EQ
z+P#iKEzPqoQ4+>E2f_9KM^gJ=(7>?uU@bVHFE8X?DBXBK8Td8S(HF=YbN$v7HI9ty
zDfg%1WJkN^*`Q5s4e3}L@kGM2lckC9+ES+5<F{a{wU$=OGU3Z)*YRG2wUD?<m|)hZ
zR*BuirL*M9={KrvW=-3mRce}X4%TnMS!?`PVzDN3YZ=Cp)z~d>D7g+43wDVuk!^01
zxDITK7JwREIQiaX@ez9W_B9XvBHa8TFP>t=lmJc&Q*Ga11;yBZQbkguUFo40DvGB#
zkbhPBk6+EyNIJYgl+%cy`T6TJnJbhxWwfqUD9b2ixYJE-yX<722s-V#*NsVrNxoEM
zm^e3Wh;&~hm2!1%U#KEtqlQ@jn0^UL2={=0<zv6}8UL!F?AIE35-iwt&&-_b)fEGy
z#)F@sU@{RA9}E_VhjF^Es8Mh)%VnEe$i(DKC*Api6G56xZEYq<#n;Y*DJW^q{k*Fc
zqo*=L4<B#wpQr%wd9DV%{e#}nr$z8*p*Ovv{W-;#PO$CV2a3S&)-YBl-8Pj`i(Ch0
z<P^#DLqGHBoobTU8*9Jk?1LTy{$SJBJAUZOveB2x-t0(S277l^t(L>yfmVi8T~c-*
zEZt=_SS8un;l1=+<4zbI!Ju_P%-Lbf!hY4=leqvaJQbC%%JeAmJbLoPqN=oxrAZx4
zysE!;g=A^@v9ty;BQe&=?d>6}ADv=8d!7l$?vEC)K&pw?WQur_WKr*3jzzX)v@I_7
zJ8Zgs%h~maOsA4BD$lNLXMT3nVRpi1)_eOJ<WB&77X1s$jNw>Db(OjFwQ!ubBE&u1
zXxmV1z_x}oz#`{&a4F)!YCwwR6Pb+!ENxv~z@R5swPG&y^JtD$rhQwoGYh!!cn~E#
zJm7?6%F_rWje7^PC%Zi6$|9!*A<FP{5eMwbBR7L=@1KM2^I!gbd!B#HKh8hScF^`b
zisMMyg3JGfAvl_mMJCO`6~jsS>3@Xw4rWF$Eg{j7&MIR9#$b>T1+#r5B5zwFHTC|)
zC-XUz(IIo`^e@uMv5A<GYZX4ybc~hm4dz%DGpT>_6pcng+{&DbZpy_b85bKTTrA1A
zSe9<lpKZ}=T5@bSg$Sn(k+`O)J{glFkqkJo+)4Dk+>W;a1W|;;yyE^z+%qbg&e*1Y
z6Qs(V+k}_*MBW}zm#>Z>n@S%<qo^Blv`M&84}h9*qotunJz++DAx6#cqT)Xf5=%rG
z6=c$hHEPEf^>w#8l4xU_jYn2e2C@8nV`SlQWPAXZlM5kOJ3?1`#y13rT-eb@<w_p~
zc{ILY_el2(f?!sBR&p}O7wl)DOd90*HOWFzhW)h4<cw5|?L-;KU{tIPpa#kY;ik%v
zA80hkWC1EI;~0N+`u5d}<MUT9d-6zs_x80gGJ+(2SZH?4UCV`LrJKyV*j*8$6^w#i
zo(R~PK<Iw39B|^YvHj!&Yns$m?e0Yumuzikp}foDBP)fpQV_j+``S1@kaK=$0k5J(
z;CiaPqZ7<%Z;*k^Naln<W0GZz&tv26D;rIm26LfF$*yF`Du}`kBHfoioB?U*iR6%m
zm58IN;@W?^r(7YH!WZk1<iSmGmU9{JEJ(tb{Q|Z_qP)<)fn13CN;JjB4Lp5?#2I{=
zud@iqB>;qmML=?K!f@sV=5fpzE(@A+HHW*R?80b4mCupTe*v$|Pb?A0BS2v^fv{NA
z>aQ&bme!wenp`eMcuZrCz0L4wJBlO2R$|Ej*HFDOw)Ne_wO;2zvz|ECO-`8hv8vn0
zsrDW#PJC)qh)s?Baj8*ROlsthM~%v3QKQm0)G~&fw)vFGMKQEIzFDUA*rvrRB`V4T
zh(i^1HtA}&%gapSV9KvO0GQj4K!x8e3>>w5BTkQMWN!=>9mGR|+=vXhT%ByU=s!Wc
zoq>vy^?UL9gdGdOv-iA=CDmu%&}J-k$Cuf(M#VectYV)U4c^iIG`qAe&X32m3(}}+
ze|8@-2lwvn>lN5FAvf0(L{0vLi-FQ0%3ygL2Y3%1D>Dl#r;qT0MZfZ~zkp3F)BgOb
zSsEUGH3&nMk{YUsJt3UXB}gGtNlEx5*I9B5Uvn8WPe@ZalgW3G$G-B!j<y`cu}~B#
zCj>azV@UEP!;r`*cruiTPN@VzCMP7DV-<c22oSgAm7r}ML%`O*H=a%|6XjTGjsy+K
zy>>auCi|`h4n;MR*(oFGP&ReVQ292<@SITGWvm+R8Tv)OLSfF2(8unUxx_oX(gjrN
z*y$R&sKWqvj##NNj;?Ul9k?k(Bml7iSmFIaUMRK5;*N+=u1H5$L+v?lj=mmzJ!B)&
zzZ&+%OE)ltI0Sznp@<Q2svJPZGaN2rPzCtqMAZg$U{A({A#7sIX<(ncnh=4L7WFDd
z7UDBT^GK{Oksa&Q(2TXgjnUZ!#a-1<-xldfF_0EY6=gs?wB->x7!2M-mNQk5(5M?s
zKst8=;aSrRWT>1|7vm~C@6(uvcCiwxalxp{+{(xa8#60jv=#Fcb#gMH9T96wh4#>G
ziJRzGDa6P9iW~e<RRGazBHQI2GRmt-wGMZUgrMmn$by7o5JXDTZwobn(k#fr3Y4N8
zeI*<W!le-Mwb|hWR|Zr~3)7Jkm7vc4z^%!RFjaz4aW${U35||LC5s0=nK%%&2|Od1
ze0x!nl9)_y{)%r*dm*c$oe4^W_Z4myh>~5?Y-ksWtlnK=IX}WQ=-I3PUnId5ojBJh
z9U;4>jBBLnKP2svT#z$%(hbfdX>Phl$0T8gQ|@G0<hjDYyN6A@wOa!<7izPzGHQy{
zhLvmWC1eIW;|ncHrYD?(<F8-62O&L4OkuA{ug-BccT{OriZ-Qcvpb9Ta5wl@*Rl}d
zPpR&$Li+~5h9&R!ET*F1iTQ-hTZ}VX9kJ|0u|uAAgCy)~pw?^|ZCU0joMpenH#)z$
z9*NGY-xoowzlc+~1OMyS7z|gAQ0E6CW*2uFbe^w%l&2XE;3AOIjCEs)!MG;bWlVxF
z?=zCc{^?5iT@Jr%z;_0Qmpg-EFLWtunC8LzvrBv}J)RyJ6=D0zAEgukA-Ji$OY(q5
z`6S|=QZLC5gvv2f1%WRuYEDaarw9dUDt$4!ocWSN_z-h6qOY!oy;BmpxLE?k6<rWz
zzu*;qPpvusJn}Za2G5h%;2AIvE(M?HTHWJJyQrX;kaQG`FL%{(8&MPz%*D8)C<#$8
z4cOrzc}{e4YKg^_$OA&l`>qu4PIdtrdp{+49;HU)MZ>(4U$Jx_+$+t!<`zp_!!8TU
zu`iF2X$dHEA_>NjENHr*=uDV*o?&Vzg*jwVqXgdHjg(fcfr?C6rljl3OChz+oTa{e
zRHnef=FwC_Dw&H4jAdvR2!YbrFf6A8B<onEI|aEG1eoQHUqWicp=>XB7(CPZTtS!x
z`3#3#W(4aPjWZmw#T>->&KBbEgd|S(EHXS@K=`4AC<{aFBSUdk`cos3<6is#aqxo9
zcsfsh&P)h7dK{$L@bQn|ez*URn^F3BeEE9t?e{N_FUddt>m>gEd2f7^pAS?Gwth&0
zahzjO^W~fW{>R>bAN>CK>DlOSCzG4S>%WD)_jA%e9nAN}J@C617O_eSlV&7bfc;vG
zg9KDW!k!LH0lAgA;4*U*@JX0QQ<(`2E89FPnug5(kx;Q<<w^%@oQ$tso~)T);(#QI
zj33~)O%hnc5o{~Snj|RTqeokStG-;y)azVbBjP3qf+!alng>ZVfonG<!sJiHPYtpx
zxY>dw@J1F=VGTjW{CA~c9*W_=jFRw3cy_%B(k*#?76z<a2D4!VJuGC-gGR+?v!Ym$
zUA|}}Pxz<J<37U3w=1GvM9H)-Gdt$}AAUT4b=ITr>1u5Z27|%Vg9G?~Fc`T14-WUA
z{%Lsd?BMBecrbW+@TbA>>EUqyPiU~NPF6h&b^!couyR{&=RT9?!w2-Z_hJ@gv<Iiq
z?JXnrXoN*>21vHnLoa4{d<h}Ia~jY^4ryMvX&>8iQZd}^>L4vvj!;&hYwX*c2II?~
zD$H|*A|ClK%uzQ+9TEBb8^G|b2!k$g>}+lQJ<226R9NgZF9HVSG+Su-`HWoam`&(^
z8M+12;={?MWmr9MRX?NMlAQKF1A<ez|1V}ZW(QG^rtu1GRPX=&XV0Duo&EppVEAma
z|L@~@gx>NMu=U|XSDGJ|r}XXK-a^4>qVn?c^f$e6KxvG7yr#G<z7_RUwKR(oIzgR(
z%ln<B0N^An{B2>b*Rg{&Laf+hwz$<7bo33{juOZQSCz+j$AAz`Tp;`#|4OrHezurQ
zqW7rN@Ayjs?s1N-iq2qwQ_fpYJ%9iEUu}6P;S9&(A01fd@DcpYF2y*Z-GgV(o;~||
z|M_t1UCs?|KOi+A;~<W^3C<}FJ7^oiaP?5<?A>2pe1H7*{Njh>H?KOVbN=eh>FeY3
zSDhVnd%FeMX6u1WvtSY=K}Y@7n=IlObYcMJtG?)@oL38s`1Uv?lucojg!nz`p@I64
zFGdjX&ipz=A5osh5rudXot_4xjwz$`p86^rFpj=~_QX8NuNfrm(Cs;uBs}@Mhm5(C
zTS<(RMq@jS#uRnnRPM-M?Brtu801v9x3hyf9HEYCqa)7B4#!vgLY)^u8jPYiq7js4
z-^^D#4r*JE5JYwXgEMyV#94052o`Tas`!eI!=BJ<SX6>!YH7RW)Q9ZS|DIJi4(DZc
z_N))A%?`Vfb-aYar4ttRFO+Y?8)4Vkpev=7OdRVAUGC>RJZo9^8@01nUTT$rk<#Br
z15zk#B3S;hb^t2j?iIhT(&1CEY;4e3tDuRH|3hsjOX2O=UsmZ{jA@gu8O7B5S&)S|
z!Qo#^z8Cwq-u?I+8F2#WVL<$CU+(8!E`r{&4qUhjXlJIbG@oB#Z>$+Pr3_zo`K}os
zo?v3B)wW(tVoV#MAzQcO_w=M-?lhn?jnQLPn#Z6KQYv=TOFIhdi0rY|FADX(i&S}Y
z^H`8%LV2WnpAd?+@$ZEVSAi?)NT>Y1eBHkq25~wIhMgVJkyZfZ*s;Nd=v?zFoV_6P
zG{`XO{P~+<Z*R~WbO#;Z=&<$*2-%ZWj&Gy+6L(U#3(|+myP8CuH;VmN#gRQe6$L*c
zO8zUD$JY4BWg_amRKCt|d58(QT%@QIq-oy28g@`e7w9mqmECE&{ASTnJ?rckE5ZZ$
z_IAtBrh*Pt6x>2QnzLZmfxj%k=&6tgA^=Zk%-Kn}N(kAC2I=sm#Xq+mp`W58B-c4Q
zTci*uj^8`vTj}7*eZIp`Z6VP9gTy6{lEr(TwPtsV6&c}}T#MI+4FH5~mP&Ip)+rOD
z?HMRqNRCa2{K{ahBlrroA%@{W&X<ogE)ciQi1Z1V)=4V@sLNh>?FW2z2&Gq20}byI
zcDCPt412=^w)Yy*9tOu_-9z#tJ~%}xT3X0=wKV<em0XL@Ji3bJM?7PG6k~dm;&0}Q
z98#1YA#s1}f5k2j(tpL&Z@_9a@+HEZS%w|xntn*TDu+gpu!19+1!Iba``lCx(pBaZ
zJ>54<)C<?ga`~g43QhC1I8;&%R#H*(kBDZAWQ-06@Tb1<cRL=s*8ghjg^VaCn_!pS
z8^qQPn4Ylh&ApYje!?6$l!soik;;{x2$Y^i_)!>Bu<{qV=c9R~B8Egc+7_O^!XFCs
zrYRop^tMhWk_>PlLeHG@sSzRAsqHol7S9ZMfh~6om*(l*j5(4JWE?%M-qj|Yp#H~t
zX~<cW(I=pF?zxroW@HH+^$dcfsOZFD$ZbQoW^?};AQ6n&wUrwj@KJ@__sRk9>3(<r
z@SDA-y`sRuzhab>!gmJAk7}XFGNlFNO4@r`v6AHGg<}Z1Z!st}i`BqW%`k^z3)K~_
z*4x$yY6)NW-|~(FjkntfriU06WM1f7F`h2@ki^*_L&w|<<2l<Hdr!^PKqjbquA5R5
z*=qG7Nef!n`gPN!jvUqf!}c>JG4B}C(7N^C+i_`~OZLp8!|{+&Y7^9EfQ{sc<E(Um
z>vh|%<gLE1K8_H^uib!kx@LHn=A)-I=)gybgs&-2uG)U^M13BdwWoo1?6rY9q99|E
zFTVzsfw8#0BhJ>5t!1_?7w^w?zRgY)My@c3CG^a+ooqUKW_+k3Ju>#b34FEv&--vT
zBN@esI>Xo66F<YYy>xeES9a8Da$75OlJ`<@bOx&=GK9k>4RR~W3NHosuwK(%L!Asy
zbZ<p0K-Bs74(eQV<jF4y!^gtWYj6hMnfgvT-gC1qaZhZBA1@6=EJ#!5_91-Fx}zJo
zqbepqhJE%{l0?F;A{73f@+xXY=fj7(!MVNdcp#)fM!RHk)YMc#5C(nuuB)Uc5h|)%
zchRKbBl>+oDD-rOvxrJv+~dO786{mp2v*TtX24}0LY(0%P<Q%>1#Vv3ynR%W)@9}v
zVaC{&XR>pylnM<!oRD3!CvF{Dx2nlR4KeWWZ@rxsEhl2Bekkg96%HNoM`u~MrM&Qc
zPngP9|C2~oe=k#L&^VDKzn;i@=e2TTi+$4}4)1K%mu|Gpl1S}L3CphogPm+W?``LM
z1t!}!&Fh}QwM~x6EUq{`7W3S2f-35)eTpo;c&8Bx%S}^bh;1f{7L!XXIZr0L*>IZ5
ztE_PL6`AawpC?|+q%;LsYU~6N2SgM{EyCn>r#!R);c}5sWMP>vVj3C7shYHc)N)Mb
zqln#EfMd&>N&^l1Rm(uk6vV-IOS0pde3g~*jHx4@<9%sj9rjMR7zk@CW4MTH^v;H<
zD^0xWhO1Dna@guhuXFhLdgI!88c-~Qr|TrB?y74#Hbt1mC0C7*uu2oQXPsiD4i6|H
zhoED1dfD3E5fq{!ACNW+(KD9!x+Y7;-M2iO4xhCMmzx1Eh`XQz#(02YQd(}@?<ACA
z(R3=x>bIVdWdN;lT6hE<WT<!x^rW%i=u!hQF|9Xf@maIDb}WAEzr$3eGdw;$K@w6!
zj75&Zf*@MWdXR)@+eZBO^hA`+d*26niKu!9Z5M1?(6Bdr-W}9m8?Aw47e+bH79A`X
zksB+7opJ5aA7L5{J3iuDTe^yJ<M$LN(6qN!IUfuzKysdQ%6rpT{~%{M%FiIVtkvl6
zwX@+{B<v<puc9dJ0XJjGb&5`{EmW_r0~zd#5>z_uj074wdB_Laa#$obr=n$Zct{2&
zV@-!hk1!h`Fu~kG+pvk&JkWggl<l&wm)T`I6*Pt`td=1$X*gPqyl`Dx1x?u-u8*eZ
z#u{vARk(C3+rRX1^594+vB!9kK`dBfAz!r{Wute(e+P~d%l}4uQ)sUZ<Ff(6_T4bb
zkT|qGHH>cwzBa$@o8ROSXna4gSHfkKgeN)bL<!`d>*zWb@8FtjSy;DP0%AD)>i{}q
zHf${ct0Wr|tE4^k{-vWj*MRuz^}@Kp5*up972*W!EWr63BAMtcVA4LT)v@6>2bZvU
zcFi^mOkq{Fx{9Bz1-8g>2CKSknKhq&dyjC}DCNY%iOL?>;3}LYavF;&a_P*Mj<I$}
z)1(dJ|0vV5zwGp!VOmJ{Y6ddoGBM%HSeyg<dyfNvM3=edeL&&fGm@^deQxDo{qVu-
zkj5(-c~jX3D~)PpMV--<y*Kll)>m_~j4A+y?4$Ld+!UY+Rxvkd2{8NSd`{2|#}G~^
z4QM2`2Q*0N3}@o%D~weaIYy={=jkGjd3cn(C!|R@f@(5;1|k#mLBzLEg>TV3NOQD(
z`88XhH!<GXMZ~Tnj3m+aoMc!=#+u=HE-Li4I37n^BGsFL3VSC*oa#o0-nV;OTO`}6
z1?GY=0W@Wa9l(YO1bAEeTxE^o$UM;*!%J^c{Nn_e*m;otlMmQ0kU)6?feLQHjG>DR
zjk&O)L-rX8rTD<eHKPyC$_3P3tt$1Ky)c2GLE2#Ku`)~q8rNF)iA-BkE~BUi<b-N)
z5aH$q=I<W+tsA(#?d4bF2CCpnEvR%9DmEuatL%L_I$i?^!x!Ze?{&qUsGCfq<bACe
zn^h5)%pdFumGbPy)#}Bv!ri3&R)2ddLsL}7e=wD2){ovzFmE0aqB{P=-u~hKz8(Kz
zZ+~!ju!;Y0AJ2yh9k8+8%ot93sq}cdX9zZMHQeGcolHy6Ei<5#BAj(*Q(ntYL2cEh
zXl%7*QY|y0lyItQW&366t+&iD2h~<`>^x!IXhP9}$8yW+uo3%=qihC4^H_D2RxUOv
zwmwgnR*8f015%2@A*;{3$7Tc#H3r_;8?5U}_}sj$o@&7r)wBUZgK4Ys`7Ge=@uaw5
zTKL$&q;EJ9HtU2;r;BcHk6Kn{$lu=n-}x-qJAB%<GVe*pl|nz1vG`=Y;)D92X1L?9
zn0JF)$7WR#Queb;Azfs9TCJ&k7PM|yRra%OX713&kX2NDemIx`VH?9RYKhJj40+lg
zdp=_zafAg6N+6i&nN{YTT;evfSp}x{jB<g=)GO~YF$Ts9zL05Jc4Sq->cPr2H+$(3
zAQcyGXbNwk8Oh~M(Z*Dy(GUo4TYBOuP=g)7wfVx+3DXK)gct!NL)!&;v_E9lB8zt#
z7Z!fnC*jUc$xM|t!bs5N*Lh!n$or**RU@p5$Tgxfqnq`Lmz>+%zF7QuA7-P$*0FE5
z7ME5^lSL!FltA33K7_gGY}u698XRM7ERRpGJ=@x}3pO=$@~IfSs@EZ%@o7n89@SmW
zW@E_fe9)qPDdVaW5H;Rsyn-O_I@5M@;x6kb#|s5Z<kxNm3+gzajAYR*&Mi^Lg4Jru
za#LKEOBr6<iIY%D=d2Y@Jm#i|Wetd#Z(59x3urZjAWxow4*T7Hs0>)^8Lgm@Kib@a
zcB*FkJ4c=!aIJb!(V*_pjua3YWV8Yk^kJO?pv<o7Mxsz~Z9`H-q3zfdaa(1OuJMRB
zbd5*t7cHxOSF2TKy(}39@wq+D<t^P+Pu>J{Jj2-;%>s(2H)TC?imjt(Zp-WGp$^m`
zPAHWEzb(cZ(wZ={_~tDq^KfT1{(A|0oNO)XG__N>EODw@P}ehdGS4!{k^fkd>`71_
z(zYCKDGA>QS+U^s^o#c6XF{tRJ0tpGEl@K<TGK5ni*uTw5|AxTd<=N4$%m|4Hzr1a
zx^`nC()$U;l$#h&rY2e<=Ndv?JE>Lk8$fAdJETmhylJhFPHR=j<0hXj`T%jniq7Ti
z4!3J1Zrhc)+R#5uB!9W}Lo|w%!dXR`^2@CybXb1Md6LQMDd!m`mzeWw98G7C{CA*+
ziM1hT6K8XCM(%QnR4kIZWpWn_<r6Fwc?-Al^_55#tcZK72^Y-JfJ;z4v-)}t($chi
za(K$J_AP;XSxZfOQfVbqwBf1OX%@|Ml(o#-ga9&En7nh#EL_Xnxh1UiAZMoq6QgLS
z3Tus|19Lry7P5{BwyKzn?8Ao@ATG_usHlLaSPi7}a*6wq19d$^DKo}#wVBAB*BUno
zWt}*QBz*>ABLCi!*a>)50$7!TuEpspGTgN$1YC=79A4p!MmatXL-5?;RKfqTjf}7y
z{L-Y0gZvIMPo5+cXID}w=>60l+al-{ab+9joM)J~5H;Sn$I=11DvFDImM-GhJD~2z
zC6M)iUl!vD$;S8<Xdqv3=x<0UNU#4}3w+CgFN^LxO5Wliyg9>Tl7wPsIWJov=mF<7
z&~8b~xui?${w;CE4ti`bmwW4N^9*c-?UsAB4cZo#5Bq6u{|SM0xw@yF`Db1Jzv022
zlmBmT@7cj%WB+*{Po@2*PU_kNQJOR%e$1D_55fjr2IVp<cmGW!=WG>I5^;waCu1nL
zE9HpzElQ<<p@~>+mlDMkuVz%*bO={6>?{LR!K$s()K$Q6L>DUbw=IKM!7x^edsSww
zOMJ5nZdYufHCv^ET0>oQd&}b}G6)~h=;;AY#%>J7&y;kp<!Mg;rM*)-+W)6|`u}wB
zv_Svas}23Xho{c4x{)=V<(Jb%k5%}DvOOy+s)E`^ymK;7V?4(Rr*M#iZW4{P_mePs
zat|L7^|oCcIuj|~!YCMD;v_t?8>;MxiPT4LxXKlg+j0AUN_cw1CTKy~8Z&&$mP{S=
zrkeEV8^qH$E~BVb>mqNoC~^Z`3kii;kVYpW&;^6IT6_!*RunpO!f~{0q8QD?ZpvhE
z8c1AyAvxHfa>htFjrlnvYrEVrv!n2=WOSs*TCLLA18&E!Nw^c1r%6v^BbIU{`{q=r
zkO3~sIdP{Rouk&=AGPNCYHRTS9htHFwp=1m4ab@)+j4&q<NT;0l7{WJ!6>q~wWP(U
ziclA^pL~s^v4HT{WDdES4a|PE@{v)eBfISsvcqz^Who51P+T{WqQ`at%d<(Jo26vP
zsVpn-t)7;YvW8ke;+S(am8A>Fd<0c->zahebBY$gaCveO3PQ<ZKEjzr!cK*ia}ix_
zOy|MzhgKLFZIw3ejOT~aSUW}Rx|`LsSxsi+UYc08lIkcUjim-U&YKx_nKcWxT;)N5
zKJ~3-^Q`M>eg98!CY<IPO9E={|A$YX4V?S`!Epa@bN|1OXQlhUq-HpKE0#nPae=3J
zTfu<=!Y4w|S9u<jy$o9M(kk6S87-uyyu1F+?Y}?^gn5PL-TDIWxk`}#I?7AL_>ILQ
zkKNl^w?Lg%zUf93&-p1T__AmhJ%#~VBs7ZU+JbYki|ng7g8S#HcYMX&nS*7qMJo&#
z<3=LQu`E4S1`BH5zL9YQZ<K_qfT4<V*z`vHSaUF6YosItYHdXC#ob?|45q~b`x`09
zL10i^SqSpTL&^c!>h5x!q&T3K2lu1yzreG{D-38{+dFdB3ndERk8w$N8e#91d{Hgu
zp1<HrG7qA}X3*`M7&32T5;N;YW<&Md&rq{F8d~+9h8o}1yd$iik~>@NnlYc!yBoS2
zLgfrY$%PNKx%8pRiy!h_{_dtbO=J%hTd3>qX_C2%md5#+){vKd^fPE2G>r?Jv*;4B
z{=Mp_QjIX?BP%=Yqa;2sX#v}<y2aA4k)ouaiYVUo4ZQjNFD2p2D9;utJBR+V2&awh
zfa>gjJomqY!AAdkFV9N%Ki`rl2^v>VG~F2OhKB33*v@j1<tpNGd@-@*97Ry$iJM2s
zF^~K#k9zY>xz48<tb&}g6>7ozcS+zNXT58Qo(G<VU~c(%fp6Dq>vH3F<8sWPL{a0_
zis29Mz(T17{m;{GMq=FF0H}`sKN}pl_CLdeXB+x|A5T;Iziqfl+p(U~Jk_O4IHFiK
z3dS-sq3=_gr`)DpM5L0$p<zM}NPE#gCE=OyndezTI{Nf@OJZ!DMbK=ppfi$1|AK3^
zPHD0^SIW*6aWVfO({!9eM0g`vM}3N^?;`5UGG#$B;(*De;O1LF!`|?)H-O;#MNA+_
zcaTQkWn_`&N9dnV_*!}Lixu0;DWkI@$#OcXpbUNiph6j&0iZ^hm4{%8qx=Zy{Xd^9
zattqJO^D~h!=tabmey~r+MfQ8BFG)l;uxsq{|9?+{O5yb8~T4Q&lgSq8xwtfQ2d3j
z?#(e!dJK>lzr_=Vh9saBgS&;0aR{$zDD%bWH$0XZC!}|X8N?LEXt{Xf6@gdRVLSQI
zd<|OB|0Qhy|5Q)^_YU`5`aj$oZ0P^JJbxJaZ&%QQCA->P(EU3!N_NKaxTS|#MfE$h
zP)@VxDvI$Ghev1<#5p?`9*GpVW0GMJ$pF!t6z4rN<N{YOJW+u(pU5|Op3<9_QKnv`
z8DU2R4%HhjomW3Ya-CcUS$KSUqARhrl2e?}ze9^J;vkx{uQQU<A9(&tjWT<Aa{9u4
zaeDGnzsMHJasDpHLX7kXo#G5~e9;-!QB4pftR#0+&IqA;fN~V%=o-gy4*;+m*b#d2
zmVrG^Zk~Xk>UESX-pdBgXHhOzItua};!Uu|5)v|C8AgjdN~Y*IO^>rV$xs$R5-K_i
z5_I+oV3oJENTp{^EG|xF(Km~nLUBHxpgL9ZGC99N2zloqb3g0ql)>q#XixJfIYK(n
z(>!>8gq|KA?jLR;G|4%$ai48wI0%1C;+waG&~Kv{^UOMOh9Ba2-u7vJ{x9YF4NuMa
zzdtPKe}+$=?QPEg`*=Q>IdCf&fE~1*kfy$0iyXgtALTSkL<nYau=l^>6lxO17)3cd
z4dV!h=z4||*q=OhSws@{b%x_PijtfLaSRBu5<Cx~(6yqF;2gr`W7eFJBi->(-!5@c
zuXoAw3*#+Lg=Bnewqrsr7b)so4LhjAJ6_*_c}dtY@!r{ie9a}chOiei%=xO52@H3R
zXtuyRF6Yz8gWeplHMog+?3_AmK70ABKO^L_bA-|icg5`P!jDBd&4LgY3wL=Cz|Ils
z?04+XQpDEfhhFChU1FS8`flZ3Z~PknEl;I;^1NS%FMZii(A0>nQaNT22gQuTVtr<3
zf--sXlMxdF_u?z@#n<5|RpLe;ys?1P;eb2KVKr`sPaW*4mD8XJgN3MTt+t^ituzj;
zAlEFgK4|s03ZE^P^yNNn_&;vnzV`SJhkKs*4~HB7k9&DOfjX~J&Q#93!0P+b<?`H)
zFrLW$SZ>!Mw&NR_102T_@wZKe?;=H|Bn6G#-<=9eg}{_BRtlr!1F}M%ObJfryE;W?
zXu^}z+Uc`vwj2qWoa*G%No96&+I%ETAS=yFOoH$)K^!DwJrMT0`q3!DSOJMMxEZ_!
znNSfO^Q+^4J&wYx*3GNBC20l?pj`X1VxN+daAmSF#tEa&3%OQ0_H>_T!DJGRxdgj@
zkiFFkcNp+MFcZWt74Owd#NMEXKadct-BmdGM7*f)l`QG8<`ZrLwIEW%&YsH|nl-J<
zs`fHM$(Y1P=={a0F@_mt%LZrNYdqRA?Al!mmv4r>y+M_Qi#TgeRXa0EQ(tfb-t(^q
zUk?i1vXE&+d3AJUwm4eQeYd6}G;a7z*YvWno#mRXEbE3M=VAVjt>hlg%ld`mfl{Om
zbvwre(s>a_IH8J4IN$jdoR98Ul#~*4%0u?n27WDRnuG31s6888VWug#FO{b3u_%L+
zqUTd{&0o&b`u-Pi!-zK5z<U3WX9fGO{Z0P=dwJI3|1WH1q>{hp3MWl;mb%F`HPv}&
zce=83>@x_-+Tb{p3t$~rGaszdd&zRCu-%s0CBm*qsB%~7RQB%9c&s)37X{Zx|A&LY
zfh+&pKiJ6s?&nzt{rAbBoI^k_uiltsnB=`NnfKkJK~(<Ig?y{g;_`F`&UENY*K0#g
z*HuKgB9f-%Lnu*o2tYp0f)u}w<`EFBdW77p3C-N>Rz4#UyXfK|7kcjATmGvjV)Z(~
z9&O<(4`pL6pR*#$%DqF0eRSC0w)%eyADo0K;d#R#utcRWqDBnEps}6&J*DYhW2v%H
z2N}^0YuEu<JF@b%AQaW6XsH3<3B1@46-e&?E{hET4g7A5iVI+QRPyl*>sjHynv40Z
z%F81$!a;^JU~#^UbZ8Ifbz`(jz%7p-jdRo50OC#v$ptcLSSwJP{yZ(gkjHN6Fp85!
z^RvZd61_*AehGOih7Yr1UiasiX3;qB$QVvpG=7VLv`5L*h=km5ObQUpPSn~V)B-a`
zXGeQH6sFL_3JXJUsmcho2%H<|2%3)md2tc&99tI`zetf22qdAzk<^=9M4_VGX&j8f
z=G0n?H4V2%+9Z@qqs>V9GKiavFTZ87;=(Xqwca+Fe`$E})Vh;)e90?$z#$PuO&@Wo
z6K_|9vuSl|R3AVpy!>h~{S(#{S9PpZpHQuEEr+=puHx(|KfqdH>4&x&hVC)c=9p`R
zeA9+j>yAFTYR|(~*n8oAl*FOwDG9qYptB`AS3H2q54hslsn5JtJ#W;gZzQTt#8%xl
z$!a5#-Ku}3&>PS0m*CT|d73}1<$vps|GfX~sT=?0V7RxD|J}>84*6e2K<D+wU*<6C
zOmmzl%J&z8xUfUk7lXLlC<w9BRYu%x>q+#74JN#<Fv8YKY!Kns2rpb-wLy$wUp!wM
zpksr`?K@06#QO3d%HkT^HS0{@stxTB@*3N<Zlh>oSK0+%pAzgg={K?i(P^onodcrO
zw5|jfWn?Eir2Vm$6Y^SJ#J~HySg^7ayVkU|b1K@_b!Iz-(86g6h_q1Mv9WV;Em+mL
z3Io(G5Z}6t#H@hMISnYDEaDtf2alA5-6AgCdO}p%s7q$G0hMo>9h0dNZoZQL!|&Oo
z;VkcuNrt;&k}u^2QfL2jP>BDrKRnpPf4!H-!~e0lewpM2)=$1ycErwiz5H!;Zho)M
z9SqAb$yZm|YCs76Mn+QBE8Z@z!?oBWsLG=XD5a}$YX3kIyk#8|9&2o8UX&QnqMQZg
zp*x#SamRq!L$1pJxpdp6*^WTltt<=sZHr4wyCbYabc>&tU*}y|12EunS_Mt~Bg;CL
zr2nm~fNJRf!9gMZ-@)PGCjQgCJj>I6+eTo8W8nU6gEVP($dRsS{0WS9G)+jxBYB!;
zAbBN4cQXa7YJ{}TAOrRoSVl!96YaAnl2o+JrpOT}uNpc^pTqU%pDe4<XlKdf2U};v
zRDHe~mU8Nt<F&jB{JPr4V7m$mBRj=<?5a$5sEtXLwPstGQFV-s)M;Q0)qo3XHaAki
zTV=FVQ?;2gzYOChrb;z+{p}ajp8cyJ>t~BZ#CFR2_6^qd_~=tsv4t&5362$JENwP{
zPj6SY88-GSpTd5n*>b4SftF>lZ2+yX9yYqo;?t1-2Vxwg5$HJDIs?@5|NE~0*VDn_
zM*edzkB9$fbA6mfXE4*BBYPjD5nrZv!r%*oj0er!yCYz+_xAigJSM+At6tTkBE#-*
zl569NoTXMd%#BRrTS2JiH7h|i;y7DD@CG56QJUtK&7gkMjH9f?!OK^ca1Sj3sdc(8
z%jjlIS{-+J&-~>&a5q@YJ7F>_Cw56zvoXxVGI7RP+iXhxe6S3~83(;_MwLdCVfBNn
z6R>es4fk|$y%eJaQrh6N%P9Rj&Z5apBT&U^9Hdu9Q#ppVq^6;aplck&S_D(n8C14h
zqCn7kfltkz-TBjo{~wctW+aYTabXmw&eEzYKn?%DH`qUP`TxV=M*e><PYM73LQVCX
z5<|eUQqrSib*-@S4q3~kpkxKF&TE$gcGZraLU*A?UW{@qnOku#`z)`TPNZ?{M|^O4
zr4~(=J(EXO?Qg46an0L!?5+8dp8zM~Bm$lD(Kl!~*gM>71>vkv|Cw1|37c!?%HKV8
zP{Q4%gSO)+r>NJWPfc-eG|Vu*J688BW&cJr_D6bFJpUV+gVmk?&xVEbfB1B`IsfnD
zS@Ze-ux-OW2@jy}L-)x9ENM%&!~wnP@x0pM{6!zl4Xp6Kh;HjX?UcxLsu@&U5MODK
zQH@Bo`C-GlwZ@1>jJ7Jm;k8bbR^Q4^VMTszJ?DS59<b*8f4V=|ch3K3hfg>9zk7M^
z=KTMRZ3D}9<R8~ouzE}i%Ej7c@c@*JrBdoz<X5#TY|=<eE5k;3H?%oy2kSm95UbA0
zhiH-5nwMT?RvRmlTSK}l<H2Qm*;qr}7*eIy9RFS$wyzyy4f#SLJ6}6&K|zjoc0?dT
ziDprMeiy36yBdrnikBFQqPnp#EPhocE8>?{FH1*@D%1)s>{9SN%hLE+X)MvI?Y6eK
zO9EZHW$wm)qBZu-?I&s{cm+F(R<Jh)ym$Y!x&Pml|M$~<H~!E5@Ngslzn7=v{_peu
zdq6V$wK#ZNuE36z{vo({Gw!Y{V#qRt=0X0uEA@8gOm0t6e0i_#GJwUX9A0$u%Ny-1
zR*Nk!y*^|GyjGs*1sJuW;4i`xeM$PiPXF)2gMC;2dvN%4lmGu-p1Y*~pGbK7NB8V@
z2B9FH{fu0@OVC}12zF)H?h@Quh*=+sYqxb0Js3%9Df`oG9vTZq+xv0fr6_b+hwz%Z
zO9+zcK#M7PvxEq#4YZBy=yQ@CmCvkag%pHFZB~kZjTF3Yywt?FoqQR@q**Uo#8<D9
z;Vl=8q4m01LCUxZ4AA&#bN|D195(a#v7b8m-(E5P<I{t|=KgmdPs#o76&;7(3!wP$
zpuK$9I$hH>N`NxNHtdavg7Hwicbqv{x5EyAukq3GiulZm#Tpx@lZWuMrvFPQfa>V~
z;h`)4+ut8-@_*mUvlRXR47@z<;tX(fMDYGoD~Vdu>b8`+r5eV9WGi4iY=7b8YH7)D
zwN|gO@fUAnudmiZOXK|RLp|7*rT=XdKy~*2gW<r{|2!LP^8eh+vkLwH+^zh@X8wa~
zii}YxsET~E{g8D<K77}qEb_oDcCpoIwS>B;viiO2i_}T@U=&6zS)qm#)L8V}r1Cu~
zlDyq-s!6J<TxU67yJUI7*A5u3w=rpNyrWv#XEz1W#CF^ViyPwWYSJ*j0UB=AG8F0o
z;fy+1h&RpfC{$l|FfQ?p4M@CbghrvV=E3>z27%1{o75l3Yz1|xubE|R?VG{bs7OC2
z6{&AdSI~9Uf!ip%Hc!RV=Kc>Hz!D0;TK(UC;r>4yZ0!H<<te%UpR%d;UhL(U2dx2w
zmAa<;v4rKCZu9pKL<Q*1%DQ!c9R4y&K&$3P3;58U_VmBK0<c#9_pD(5ad@za|9UUa
zlJx&G&;Z`e8Q|yu@9q#-K?&G^ShptCE!BWFs9HT>@%U<~2(;U)*94Z7Z|S|Im&IqR
z4qTf4w@?7q(Eo#H`%fMEe>i-)vH!T2XEpl&xoZIB2L6Mq0L@`2=m5PF{*aY`UWC`7
z1@r-4!fDKlUkg28b^Uu+1nNWZp=tta`Jtwh)L0kTsP;W71N|e=R2x`XyHXuk3xx-`
zYOVuZIjohfGit8U@nXM>N~a;9jZWut(&>07bp@qPExfg9b=vU%Y=4G}xM|uS_0-9K
zo<1$ae|R?B`2XC?Q^NnB$*K0T_U6|Itp`vmc1?`33C|S<=x+~1C*Yf<b?XIm8#TIt
z4>HQXs!@?0VA!Z;F)zS#uQsAV@Jii{%Fy_gxYyxWIcy^G|NW~*mZSgebO1H<fA8SX
zjsJGAf3T7N+{?2f{r?Q~0C#%^IQoFQJp@+J2{a_s%aZBki1g=8qSuq1<<s}e%)U}`
zzwxsYEp;@-mh1I26?IytS+O_nXREPU@3YeR-%tlsbN(Mbd-}}P|2*5|f4QG$J?H=D
zt_Lzn!yjB1<PJqaA5=Q|4_PNviu5}4LS?|0&<&O1*+M^5598i-ME249Q1wKOc;q&d
z)>vQE7{Wd3jLJu&sotm-LY*sFle{DK{Bue2l~U|JqogbKo%beNsaS6JlVqiWM746>
zYX!$v{Vl5qENyZbWnc?n8-?KKq!28f*cFt5jbOG_47R%e(STwZM6-Vt#8DW~214MP
z``_Sjzi|KCAM9`LfA{hD)-Ic79*Ebvr-`Bop=g_3$4+w8i4s@_opJ#7S}n`(TTw+{
zdVajZSr&y@!k7e6%umO5)vtpbWq3}maM(kqz<Z)aj!|)udn!jsPH_<SI^~<|b8=&8
zvHxRCmrDOov;X%F4u`J&@4?|l|9?M^*o)gi5~6Lkwar}_V=4*2j`}bQvJfXY{Ht4l
z-{3R+`y$G4h&nHVgaOPkt*iSDaH!WaoRl^H4KVQ?)bVXQiGNAm7Sbqd1WG$<kJCOt
z(~`2CorfXRiZQ(tX_mu+vyo9>4Ux`+m2l~CDTuaMU)C?w>aHr)T23le>`YM})p!&r
z4aT!KVrBBW_Pe8Yqv8l;JRE@s3&U8{4C|iD)4JrE-VAtSSxtkw^~SIsAdST;4eBn1
z0AEVy(HxTn)lv`RWfN4qP#k>jLU2+kl~|jcY(^52$vbELU>L<^-{BP-o}32rv^f-A
z1+|u0cwkmYE4rmO&_;0dwtu>jR6Kl1g=bDzkWth?Ync_o18sa9UPZaogS0sY(tys6
zP+y8K#sLSkIU*k95%G`+?dN%1wcAgnX`I^ShH2Hp`lvyZ<U;K+Zi8zpw9|}?@DiM?
zL&7+i4FTH_us<*X<D1~_$X6Ns)rl8}yk62(gt=D2m0`}yE=#&x3!jQ6P6ImY*!PDG
zf!h$cKOTXT8{+OrTzLzt6FCWcy=2Y@wIQK%#nZk7ksFG$p*R&3XGICy%KLTYY@1(<
z%*WcW8v)N|GvC!_-iS%oBPLm1Hd3|KH-eDOMqkrL--r_)ggC*o+c&a<4NdqoG+}cC
zU+WFLco~;Jj9>~pv`%xMuWkdow7dwR;NI4=<u=>^Pn(S)H|!64tzAhzwKZq^r=k6C
zLPFe?KU<jo!&7JfzrR<E|MGNW|9dY_sr@gT@mFHP%Z-44@Rn*}3G4&lF$eZxQ)(0Z
zsmJtldTRDR&4Ml&{f5Ua()|>ky8S;a<o_KUZt}n1&%^eq6*&&({7sNV6P)vaaoujW
zz#QzL$6}Xn_S|RvRPO(27EFR9=#N3SHV@Kn8051N39_&aIjD>OHXIDy{4WQCP5hU8
zdBpioGTVhl%zVLxM!pYujH#DuIlOW?1X*%IvN3*%)0o`o((=H5Jc(kQqoZ$7?_2g)
z@4J|cP)Dz_?yxsJ=zrDwEhkCGxbujLWkKY)GWbo9zK(Lb6;V8g3yzGE`8W;eY?lLh
zK@y4+3P@<EfSf`DtZ9$FK^dOn_iwo!?r|KW&i4QGzUuF6_rBWs`DeiKafbs(oyQ;c
zZUN&ia!^FbL2?UjkcJzDa{EcMD4`S7`M13LZ+WLSB!Kn;dc5PJ{}It_k&MyPefTq)
zpDiYn=soImm21D>$)|M6-RqU@ouh;fk6l1{6ykA^^$c1P>kurwW~*Al3n)v1?524|
zD26)24(EHf@jRt%tMBZ%@k%`L58C-Dv2(R68gCI1=dr$hKjlrEUODb!xV?qdD&nt*
zt%s>tyB`rH|Cy7d(G~tv6R^#*($ntz&%10@ammlR@_!Bo2YW96zyIvnCjZ;LJWHPc
znkwq$P!JM$SpZeO{_tLlE381mShxkBRB^I3>ST_COb8y~<f}W9O@CHj@Pn$hKxz`u
zh$KQ{YrH7>Tebw~cxRS+*;b#$8n$&9H?P4@VdoIN?-LV7KrS?mA`rME^sy_D(ra~C
zHjN>UF~!a*XSE9-N(Juap!5k}l&?b@HuNrf%yls*Qai=?>;@B~I6e95%m(wZuw%;I
z%JZ_So&7=HX}KW^h`rL$Nstly_*CH_STG*dHFaMvqR`9g`r2MZ<sq#q>tzOGyKuC5
zjVpd|V)F@5GfLB=e!o3cG$yRQQ~r_B0|SuI5XoqHfK?XFPcsbnjDDxVa>>YoVo{@l
zqaKfOo*yAI^;DFLxW|nLSk=($NjJgR<Cltq28|=7=^IREr1_fBRWx9PXf#(Ff>TRp
zlNe=NEHr9sTxCnH*0v>xa&==REASpxRCb;PV|)_6#5s);^CaU>MKL|@U4yQ@Yq4P~
zfcGqjCPt_jJ$>0WD1QeUM(K{b+-Qz79I#y>cgkCw#?d&)onuDJHx>zvV#b;@q0pIt
zwo^_;yLO(C8fx0;@aN>TD;jqiFlk$AVNpk^jBbuIgFO)NjqhEO;w+#zJbFHOKJXB$
z$4gSH8sY>>t5PD<gf`U6Rqk&iu8KsXow#x%4Yp#f2~#Cs9pjA7gCv+50kfUmbZnHd
z_EAv$(1tIu+Fq7Pv4Jehv6MquH~V6>v>F3rfojgeSk=rQE3z>jz9UG&7=Opd{S7n{
z!eYvoo0xKV=Jt!`X$-L@U<)nRk`1HvPSc^6*npgw2VLdG$zN}68S}oZr;+^6)yJ5#
z+$C3R)8OlJabUIl@9^2dz_tH*x_`LQ|KH2QmVW=Mt?zKcxgj*k$Q(WK&hQid5uAFD
z`u!}p?oA^)TZ|St&c<Ai2BGZ=To%dt4q@&GUyp+4&w}CMVEpWGgb(%xL-toV9E_gr
z4aSFuc=+|+WEk}4(iWkwMR{U5zQmI#iTD}MR^Qf30^v!=Ghl<GqzkIL{|lWYh-4wo
z5GC>>okcmCL@`E_D9b6za1f#iiDPmdB~uhf$>q_O>?-f3+qW^9&lgEVZ~8MF&%5JU
zkkPzPGmQK5AWHh;h4)D6&w}yg)>nN<Eb~ETPdbMvKtjxfj=s@?mKQ-9jG{QA5zc#m
zU5v0O)cY<{<xTTP3z8c+RV4h_CRt;FuUCz`gSK-#zrxuIGEajHqt2hdVFaQ#=ngub
z9u>>~$MfFv-t+Erf9a-LXQyA@GurK#@7y;MB}`<@y!KM+6;!BeQT%qio3~T10k*`;
z#e7T^8c|!YY)AdGg~`jQgg;}2u*3CzQqi{m+~%5KA?5y{IKa-uMU<oqns<)SKeyED
zUv|wB!p5_rjIlI2M+SKK7)Lp^t3q}4>(&5-!-%pi+!1$Z<I^<3^d#&Yp=1%q=KCy2
zXXk{(G)g;1XlQ(zMIo4eWF*c#5F-yXb|h4EG{ch&=d;cc7j2tg$ThELcG4aRC^sf?
z9HhCYhlL_xMVT~6a9nJ#ykS){h@&8XL1L2exhgGrTWnSV83mbVL<_~(_IZtyDP<!z
z9MqJ=%|ObF2%Ch*#?PusI3H(G$`&ZAHC|*H+c!C;h)np7$x%*8hC>u3h|aKem9GLl
ziQ?E^cHSc2WkDF>gl&YXVVGu7cuH277+BML6$N5E#YtG$rG;`q98Hts{M^4A{Z+1}
z4NHm%Xjpn4yl+}EN*b2TqUnsDMPbvv<uh{Kv}hFKpP~@fyiHxa#VMgd+z|8?oKhWI
zz*u~$7DyZ=0D)$Us%^%KU5idst!)pzbe~@;s<ZJqB~e1(5SR*hQMKJtoQ-ipgK2|_
z>p<*bw(%AW#lyOiO?<s$aAghKE*RUkZQIzfZQD*dM#r{o+qTn5$LyqI+n7Ah`_0T-
zGv}PDUAuPG`m<^;)TR5n#}z`8kSw@N+U1Q!svKt=BSE#hV0gG^NwQ@=eSgk_Q8Z!q
z%=`|pODR(m$Ldn*Q+AI0jTTl{R6LP<jZ}UBndVbjff_J)rIH@%!@R?hkqaw7CrH)$
zmi2Y#a@6qp;9{Y%3HGPw`R!=-0s&_$-%d?Fbv@?W1)9LRQk`xQu@-6Mp7sg@xcCf|
zwMvPf=)Kx8m6BCa>{X&r9`00f2>Luf422muIFL_X|6SSGpnx*<1UXkbYFE*EcCRRr
zvWRvdacUpDH79+w0~|i^MyBv(i6=p1#R1R|+7U40)GsV5)2B0=So6TK9UYc*!qUjK
z;8g<94*K#rssG@R8@ZzYj3Q#ltEv<g8U)_%sGPbAeo{&(VMN3I?x^$8;N-eK3|efG
zs?<uyZzpCCqCq%@Agx81k2DLf#*KVag};!yCaC+_Z6%!;Uu>VB53vb{8-u|pU+NG2
zheX+_ziJ^H+6F4~&IleBmsLZ~v(m^eR29>nulT@q^{vDdhNDfcE75mj8YFU!oz)<K
z#<4M6IDop*dSb&Obd0NWkk~{-;OXt?^YF8y!#_1(byHAA#{M$TJz?(nbHcLw3grj!
z#4EUM)3V2czd&!hVLjvi!*yB?<8x-@cI3SFnXj8!Ys0)))L$RgIl03ZF;g@<)*1g7
z(kOB=@9<TUwQ;KIAYAO9R~;7E;8M5=DU2TiJpkkpbFq0Al*mCH#FN^;(IZc&kxfFI
zd$h2<<SPVIU{!TTLAh^FexTHBjLzTF*O4>1Kcb)#GZJjF4tdU;O;WG9VIomPilo>u
zFf_U4kJE@~c~-|GIT{O5kZ`q>tR{Gq&<AE5Xl8rDDA-=B$we?e^yTI2qoUVd4v%I{
z{#vA<4Se51X3}W0fh@iNV^VK+*&r%?b;))uG_$BZ9jv98<ch-bcK39fL#Pi!r%Vej
z==qJ9%?bMU1m2h2n9YjPYry5bR<xx~M^fKKO#e`=DJ<V!z@Dj3@c2F~y1lC2Uyece
zW@LNY5ZvBGf6HBf-k4yAs|m(I^7o{T-_09|q$S$l3*oDmyRAIbkkhM9%%Ed~eNWj$
zroKP#H@<p5Omy8=KDgI}1vP5m*s&1rN8jGLa|%>?*^Al}BJMt5#kygS9qYA(5DkHQ
z28__yPK8VoCir0%U~EVYrmt*_RBIzY=O$2AMG0OY1HUY~3*+h>N86J*WL`%AFqSgF
z^HbvdE6oYOspuQyK<M|p@xb=`YG)}x_M>-k79QpmKFjugtq0i2@&dWLUPM9m4L_X>
z{fas98koizX1I9S(lI8&@ZoI;dg2me+vJcFsHIEMogz15UpV84d8^`YmEQ>-lVh87
z-LipB+#=hMIYozyZhtG=t<O#cKpa;~>(j=i%Ga2-i7I2iRO}B^?OO8mF*>>rtxKK(
z#-O@YMFe@`+oFJJL5b7K<_koG=h{=J{gCbq4O5ECws5SPS=MX9T9scr!O4u1@W<GL
zlzSFjRksrp@5E(`a4enamqB!VsX_KIvmtM}U(Zjk{mn{|M~&$_CKegh2Od-D-Em~S
zhCBPDx@9zaiqmRBgO@5H={e8{yAnmB@bX;H-V1MMVs)NkQCFVa&f9PlpBgs6V6u81
zJFZ&tweyNwH~vP!s^9B#=&dC-aOl0HbPSM}FS%E($Zwsb-eH$#HV%KkpUR$==5lmo
z2HV%t&sNiyas4e-ks#3-=usKq&dK&Wd0oZT@TG^_<f+Hma14SlmVoI>6(S-&Sh8jd
zo*KFEJPoei3=ofc+rHDgqF-kpfql&io-1p2z4)OVGcP0fQ<kxe(-&<xqkfCIuS$0&
z-5!7ZFPc0r`0jeQ2-|xY^r*f_@*OYPpuKz<CP``Uv;Q7Yj3b;D5t=<)7oCH^SxOJ;
z;vUo{zZ(KEa&i+!&N;sjE`;CcbJ?VVw6c5+ZU0%@z5X@v<;cXfy6^w3a?*VTXYb0*
zhJAm+GVTV>Uz~7qoPtbEcV5pIIL7(gq?YQXmh$6P1!aFgh)%mfo?uH4B6|MC@2?ou
zoW8>bSk(EOlEI0|{Zk1KFulhm_<am>1tdrA8p_Hx#uhco4O7Gy6O4;Tl6Z|OK`%Ib
zyc1$dCEYHK-k4nAnovSE#!VvS^ZV{*FBPdstmFvmmmu1roQ>BLY2GOeb3gl=ItoPo
zU9Sk+kD_$HyPNTF=_V2?ohYw(z0m!2O810<)6m}6)Xzm)du0%i_+YKP4{IgTk@0I*
zIcApcMogdCJGhlB!Wb#p#y+sWQ&s>BDR6*0JawL}YWwzH@tx)O(|QxA&|rr?Ra#`|
z?eMk6fOE;eBMup?$9C-d(LF2IdPl{_1@##0>|IRLR7aj;H#+~l_^OSw&CbO4$iW|m
zj?>rLgFYgeeB+jHEoWGsu}O~8Zu9bf>$}huTB_WO7JA(YpFi&dKL|4c4Jxs7HPMHw
zNhgelNchj6Kku{f>Za`p=%)1H$qqTZrbcfBBfy{I*hP+E(CBWiT+XX(3+18%&PPgs
zSfrNuh)6h}t0L-Na!axBnEHzy<T$JhYl=gD2li0`(P8(XiF?9@kX$w*@=NLR#3>wE
zM<y+{1p0WbXO%(TOl@=xb0uElS`xeXjKok7KSC=gc%7c1ZTOq_N-hj7tmQ-44~kGx
zhH){9`ef$`*>ao$+qM0|k}&I$X&l%th8D_|c@83(-3i57auEh6T1OrK@c0)DGD4Q*
zhY?HVg(cD1L<9h2Cgc1-ZFjKD>`EE!^z|DVvJ?#|#$BoFSZl;=u^FUi)!8_sdINW7
z?A)m8A^Ak2@5L%z#QbTMfuzoLa1?FcR0R%Ss=@*9c`fBItCRh>%e?aI@Y1vBksG};
zrSCJuGnG27*+Y#FrZ=Z~^0*rD+vp;jS0j@FV*!G5AwH=buOMLkg=kT@`A!<2Y%|#A
zlHI7T@hVDxMJ+CYgR8<v$(>eL`p`Mq>m)tUOrzl#f@M=#S0I`_57sBD0(<S`QbG0a
zZmMUI1|hm_CSi(6aaQ15_|s|8Ez9R!k@DGePMKVWrj7fmvJF`p3US`SqFZtXw5w+!
zj>PemC6i@Ur7jb@g1ly+x5@aCinlRJo>9g6Bxh4~IDeWybeTa~xZ5DIlD?f#XDKj#
z7E1j)xZp4iSZ@v+40hlk+zVjJWJD;BWX~%$3=qgn45vhxVLBau!o|6mOEevi>M3c5
z2yu!@MJqK=)=$uiP27tIJz9cq`nO5#Cv6+>+qpGzI1jf`i%Uj6nAm3!3etu*#$-pd
zsYaxzWo2ZqNSMuhz7p*^o2uGYAWeu5VsvXiy-IZ(%gVDIm#zazjM1I7&k_f))F{fj
zMYgG~0;BvyRwvy;=v%H_S7QYhg^2XK?(fVgpOq7iq*0fGyzH))Ble?+0d&OL=R|;w
z>xc>I-?*>OF2t3wo$ek8N*~!*xSVSix*qsYD#yWKRDIV#RD$g5xc!hcyUsr$jNbjR
zT)UzvP~F$>KiC-G6$)@Vk0T)=eLg`T`MCb1@n94G^ege4BPWPF9VQvtg(NQq`7MDu
z7^m<HKlnV?<imC9299faprO|>(8L#d><2b;Wt-crFUk4$0%&^=%N%|sh31pKM+Jkt
zM-Kf?pY4&PL%sJ-Z?6jVltO(IOz)X4&jtQ7J$Qn;sE<QEpDOph%LfiH2Ha3jNvGpW
zJp0MBk+8`TrTe@B2@?1tW8h|SvtkCmX~~_+pR4Xfi=-9obLe!*s+l`1L~SWbgm|2O
z&!4=DB7!5*^kUxo(8TMauKdnYUUBchV??zb)qK%bt^@OlaaKYVe|hItmFp$qB{cu6
z4GVcBk95Eb@SOX<x~fj4H_Ejpv(}dc(1Y7j&-JG^ibJ`dC841}W%VyF8QQMiFMau{
zzFxR<my6>!Z?|0vc*^(U0^K_UWm+f#`7j`X_+aS8!R2}I9rp&c%&QPvVlCf;Abq40
z@d(6YDCJ4uT&t9B-6vb=v#_Yjl=DXzK3E`BF=zhLF)qXXm@Tl-0x;xT2+iGqA9GVc
z+|v<n;ojpF&D>vqif_JN2OMi^iu8Ib>x=kt;J%jLT_dF(5#Zb;{GM<+##A|Fwb(PF
z^?k?<0RknPRjvh!;B=AZ4lqV$4lw3Y=Oqs{nXHOv8%*nV#JqiBElQ#c_3;}&Vzg>*
z_3_ge5kyVC{xl%073}+ZdA)mESxMXR>;3Wev2oTGzeSiNFm(Pokh+mi)J53%CXQ+P
zB<e0``ZOg;+|?)VE~pXjzS`PmhSB}w<m2m5n|l9A)K75#2^MPQSgS7L>ydNAU_HwY
zi0h9jB<0&6xV*dMQ<^*S!pF+Ixa5=ntz{g0@!J&fCPN9GP_O^cYBZFj$e<vYMR;8e
z^lZTX{c%vp7d_MhP}JlPl+P?&jYql<gQN$DXj((v2u7yb;o&YD-8B-)t_N&5o5^7X
z#|u(SpjARH_!9(L5o;=7A`&nm`p$eXpk$zOvYiSeaLpb)av+hBkTf8wfi+$OM4=>0
zUZ67M{*z}AE__tb?9}*6`0VY$AfPS+b~q$%nGP7S&_p0(5uk}eSZNT+h_<c2aDSo6
zfu*UQ+Q|A{nw4!!+=NP}gWdixSA(`JvM?d;GcY0A)_DoJqn*yCL%#R(+%u7edBl3$
zNeF?k42SMY^j?JR<RI0RVFV*JsccxRE_Wz=nBB%HGkxWy4H-Q@8<80M^YZN3KNcS_
z!!(Q{yo@BpQpOXK3x@0fy9YqH1C4bF3x?u_>ElAYLbFyV1DgjZvoL`cE9?Yd_pi+`
zo!C7j3^@ilyuakn66DJZ<pl5myQT6&DOyDH!0$Cu1IYtr#{qNIiI{^ne>dATQ+E<<
zobbVW?RS6{v+v1aDGFuJK|4*l9_oo_vlDdj2e`-t<!ews!8@wRzQFC4vQ-&dTpt?K
z-4?79z{Ms2g^xNmBhB(fFK$bKmXD2-NdzcQ)ma26_l-rbzViQB<Rkv0IuAZDuWSqz
zTU)ptbYmN-jQK6vyPCV+4kO{g13(8rNs0oeE1IhS!CTHM4iQU0-HV1CNPOiDYeE=L
zjjZaRD=w~kZ=!J_GIQplQJS$Hf_Pi3d$4rCGjPCNQ5V3YGLj}sm-rUw0heAP0hfhm
z2?e~E20)xEFgr%FMX-1?a}cb#z~*4nQ0d4_CKJKAl;-=h`(RwB_VKTAQz+INj|8Bx
zV&2iDj5}Y^AcAPjK;$kVK;+_>Vze44qRr0a4=RXM0pmv?By+%GAmLz0&_s><!gHu%
z^4Yt?H`xI{tKnk-Cr!D$Lhlr2XhPv$B0}MXut>(_H?6$5|D3_z&!5Rtqp*Zf0P&j#
z>IO%jQ_+ILguSM>aubM0dlp6&tX#TD<O2#U<T;AyXZk3=!d4O=Qqoi#W5C5k(7C$o
zDQkfbN?jftRT35`*2{3(lJ{H#R92!;XOc6tE|G(Aief3U2<;l%Z}uu(qtJOs>}myf
ztda$we6IIts)<ph!hR}$u;H$_;NATqRBPjcMpXs@v^ZHwDz@ZC39{*omwa%Mfp1<Q
zz%gU6w?>o3$4y|xmLONdG%+o4RMYIW^8PqHWMcc*9jejoyd}mo=FN_l2|MQD`El44
zuxg8n8z*a=zb5PJDKvZ!ojKEa!c0f*P}*t_0pVq*{^yqaX{3(+4Q;z6(t><b>!y53
zE6L*rRs|p|unQ{PoSKE^F4Zi(4Xj_4)u9?bjahIg$#T+P_EoPF2IXYUl50?XDJ~XM
zlg*u6EKs4g=)1F!g|`o6%GAL=BiZIJ`+X$<mMpMGp<P5;7V>W2T$AfeldFT*h1@Mw
z&7aC5GH8!A_8c<uVzZ^0<Wwyk^{X^lV4>s{p7R!+08haHM}a8RU)rGgj5d>|+n1!5
zzIm6{cUMo&=S>V<CF&eVTEkO=^_FJDVWgoL1KV6<)0!W{<3e?l-6^h%|He+#^-0$A
zNsQjljk@Ul#IdUE_PRd55X&?gG^vDYxG(lZX;zhUjP^?w-EUF2ZpS~2#3`u+zMW7~
z2~tdOOp`Qtpu&lV;B54y!<_?X_om$<x>>1p!VU(Y>gVEqef=x)ArG_5!)tZ9Y}iIC
zRxabOlJ`OcG13k1%`cBbZ6g^Qn;v<(LY>W(h2F7LYTvNR%2TVlv9GF1>(4&Dhx7gW
z^PkJSXF1l|3j7y6id{Xw{l37J2~B`N@{F#2cHVYH61I_QjCbeMA@mY++%S<sz?kvB
zvTzO=065E{J3htB{_b`?hBR6+!T9W*#Lk4ztaqBY9a7aCwC~>G)u9evF29E%2oUZL
zU@yN``YjVC=xZzu_QA>F=eVi$>`<<Ic~tMl{<Pzv5Rh4`Pifpm$5zR5CZ6cH`ZFoq
zIutK3@)$y7-KL9rw$FIXi_4uW%r~69FTqhFfOF>(QE|k&k8GRYV3IkD-$FTF{5Ufr
zd|NSZfzc=DK}TCp-E}1!VbyX^{g}REL_mxWtI~zKL*?TY#T&q*QoV!cvm{)jMaGSx
z&?bgir$~3M_=eKuDJC~bb+b_*78S9+^D9{(AsJRd+Q*Q}4-=o%7Weqq4Mwp|(D`?@
zXKYy#?Ox{Whwd!_^xWCvkAovOjFT^qUj)sNHG%1!%J+S8PRGFRR-2a~Th@@AiyREU
zN=)KT_VL{j=>{FkGYs&E^w&b)?zv!UeWZ9x5O+}7kLdN{)@`Gc8Q+&NdxH>6M)+Bn
z>8Cxt@zN<YTIZ*V(Bc5JGQxSHay!fOC(vI>+Jr$j>3$;8G7;O6b{j^U%SQ%ye0)TQ
z?~(LP2my1=VtL3d@W!l*QMr?9&R;=ShRhb-)i;vcbU#E^Yn5;XT%$cX9xu;0_e~||
z(Oj`=uSJbJs;%ydNbj*fkh!9#yK-&U-t$)7{%(u&8m!5FFZBBE$$j5*1kjWU;+)oN
z`JtfHPCJzLy%Cf8+ly~ySK$v4w`>KV0|Azux%VkgmFtf4Cl*XKjot1Jsq!h_W>XEz
z_(bemesRv17pPak4U0KTA_SDFDN(>I;b%c=I_cb*h9EAPEG{*hEM7dtC8$SIqAI@g
zG`W95_HaauNz=!<G#O2MgH##8KcrzLL-*-rtcE~WKPMpG@;ua-pTqcsGvH@=#Zp5J
zg%9SzD4>Sqnrf95&yF6#c$=DZM+yRVsCK(~4?x^x3Yn7?P)MhJD_1QT1EHyKL<5(I
zd6i)W?bD_tx`SADcM`1NdInmN#Tjch&RldyWK$Xv3o9Z_NM!`-SjZY#&>9m?7@>X9
z8l>IEO?u3j;^~4LaUxTugsS@Bz{Ygce~K?7hE*d3SF2U0Obxdcyei5)euW>6SI~%3
zRf$sCgvzRqSuDaO$kOGUSW1o8hSyE)Xpzn~7UEThXC*pLHvZH=mY|NxLyORlS|=<V
z=b!)PiP_2(aA?)&mRk6RTG*Oel=+R$Llx*k)Ht)J0TX13%3Pc1$cYamq_m_Y<h{@L
z0Z3yeqQTFv1%#Sm$relBk0(=01ZOjJmrHk6frP7wgOqAK`D{Jv3v;Xr-plEi0L?|;
zjacXKp6|^9X|D;y?riR&vD`@sxhAfJ90Nc`nlwSCknH#D5>(Q3sDyO+px41W30Vau
zrwTd^wXF&|jut7Ivy#>;HCX&CRuA+V$Ojs8#4iSYbPR69u;htP$?`P2+lL}T@x6AM
z^#+p326a~xoFyu=Kc}9fI1=_|pjhI4Mb!+%#hP#zDDYW)iAp2^hcd4*_xXdF4Q>y{
zr`972YLwb)5VPzG$?I3Un#oE5F))Js)EqP)4a8h16+A$(KzP7h($qkB1^l2A(?hKe
zN)X3Tzm&LnI%7LRfQ3K;lJ(~>kb#6I^{YV1wwOVy$l{eZ$?P(V4|Jzg=#QYevmNDr
zXLj?!_&ry-dQ0-gqd1hJI%K-;&4ltetrerD;hqkwCCTgBm7_Xjx$a$r^4z#3$@}ya
z$ou>*M%}S3N8RB#8E!kf6svSwJ{`&a0UqOwO&bT56pNolJ^%{(0IPJCQo|<$83g5e
zsr-E)ellvv7F1tiRl*--4w-b<y7~Mpmvlm7&-=X%4ELSdj4dHZKUM53JyDB=L`C*O
zwqZ%>xu+xha5ARFjSXgt8J{t?2nJt9!M0Ck8G@OK)CKPCtgi2K{l`<So7>OckH^7A
z2A>LPE2JE4rODXy<k|QLo5cp`iNgZh$rK4WRP5Ot`X%cM-@7IYX_hiY(*WaWPxqVw
z1DTN&EL8alBP6RY&@6LlnrbT*No+gfA2Ns0vRR;ScJUvlRQG45!o2l>l8!m5sUTv%
zO+L`c3;q+-07%ZcU}e5GLB8kLR8LP4At-x%Q0azu0ahZYftp?63Tg{~PbQ~MvO>h3
zv4joaRRy6(&vQ!lJ%0GN4qVf|=s%zc$qD=fkka(+Z)1Vtz~QxgV{S%-7)ksDxYBmd
zZ)2e#!cf^%q~3h;$vn=FVW|G)f0@@6{Hkgf`%t>DzeAeX0)#oP3NfrcJj<ijbsJ|D
zWo49QN3SQ?1Rg9Yl7Ah!trfH@bZQTHLcb8lvV1JM7d|N&5*|*)9=?t+yj>bK7{f$!
zRFj|b?mXxTcYiarPrvs#YG749!m0Fnnzo0q(d1CZy~aYHt^6_w_ulmMG%-PL>oTh3
zWh+wtdvj=kwj*yCk&4X7UZ8Ap{#%}kZob4^)q34WyC92Bi8Dxmsf4{u)tX^5(f4~l
z?pn4qyyHfTY|OX_u!@e0bqSz`UZ<9+ZRSwjnnGJ<bQ#cCC%`lvB4Jrv&Yu~wdDU`D
zml)|l&YZgz<UmfQpm9|rm3~$6CoFNnbK*ggazMR0f}R&jy_F=552`g9ir6dKQ<}62
zDjr2Dow{UKwndYesDlQvl)nm1W5apfHfC(OiY}hCu9_)c`RY!p^??Ruf1H*UwRlkm
zKZ%wfwPu#OgWZQe&PleGPlbfs#xK+U;?8(?Q*SL8C$Eb(XEcY~(}NN&+p2EG!_pz=
zj$lQ}k=R$0eojo9UgIdq#z5g&ZcoD|ttCsa@TQ{A?NQN+JuKN45%Hs@r9YGKZ9@_`
zK8h!#vQm_6Wf>2Njxj5qW3{!&mKF#~M8TDV3C`lqBoH_2wck<^(6|H$mM&DQfjBZ`
z2dV<rgzvXTLJeLL5_#RMhETv4PjbhdhUhr+%7C{n?F~A}kA|azG~`ZK5oBKkpBhNg
zM!>kdTt0DzO+gNEqQ>Rdvp<TXL0g5D7S#Ytjppa6a@05Yt8>aa*5&VGuYJH5d;6O$
zcPS8WiZR6g<0lc`s9WARF|lVQD7Pt?4`&h*-=h;=7Qb*2Kv;erX4O$xeyhQ*Fl})#
zOodI6pH`tpg>6zg!G47pM<@AvSjLj?0~^Qbm-x>?I16)AJHqPjKQ<qztYoAq%#Kjd
zfB4`gDnss=8qqd<4T*q~mw=?(fR$H5mi_?e0|@~KfB>0A0ZpoSrvMk2=H1*wk>6Z_
zhyjNuvTZu#;1NkbYELEjc4bTZEfA&Xq9JvYckC~HyNj6mpG2x70BWTz)7vEU!NHa!
zX?P14r(JfaHhQ{l1S4=PIp{WWs&}is)+*YX$$s0^OX|T^Geb^0@P>^Iye_?g03Ec>
zo~47^1wYYq_sjK_)eE!OsKEFOmc|m1R&tKO<W{GC_ZZ~5M)dE?7h=?f#MwQ|WQ#S6
zFY^bYSRW9Q3s&(osTOKo%<$U^xWb|wxB^revKT>9Pxix9^5di`zYHI;Jh$r+zmk(r
z8}-)@Z0!7p`;&lW;2MW7M-K5bSPu`{nHJr4LH){mc?feh=spZUj));dy0<eMvCe}A
z^Apr;q9k?yW>Nu!3u3x=|0d`m0rSH$m^t4Xv9{IMz-dy~<JPGP+%F*wWXPZsN(rb^
z!g=u0JQ!o94^>6M2S*O}kMJG%asHL#HKL~hnDGy4#ADEXgmFCp#JHX;+_;{|>va6v
zW43>eACS<~X3NztJ*0ZzV?9ZzV?9^kA9X|!_xi#gi$l=I_`lvj=8N*5%J`@dfAQvf
zU~947Gn{$Ez*7$zILO*+h<14uiKTozp|Ohjy86Ble2Ae)KE(0h>io&zlZ;_r={t6<
zuSE?u?yBKc4-4@eeJEFWpB;Cl$iZrEA*o(w!QXN4nt1cc<7wR)Y@KHTSt;f*FaG&}
zyV1cK!Ay+Nkg=1HN8OCK3`7bALMjQprj9M#4nOP;$I=XahiyJ&vxPrO`v{uxEaELu
z;Rfm!{~YlJqj^^*-il)V2Di~=MkDnKmzoH#BkjBq757bD+ZwD$@>bzqOb37RrOP>o
z7;+%%#o2L0a2)lQszEXr^^CopvE}vGQ(&em^+z{K-cy;QNhu6OCze34!lWx<;LglY
zJ&iltPU0c@K0iS2&$w-w*;1oUmJWpLDC_>qQv0tQ>j45Cv18#Y1-*nweMJ>pNqx6{
zZeuWR$Lb3FE1gG_Wxh=5!^4J53Go7y!4n$_ww}H(pF=(P!Sn1|a;dFD0SCp|ICPW|
z2V|Q{($$n1F%Y(t+#>Zk;SBXT0T;!IK4qaT6&I$vm-b5tUT0phZJ!IokU{fMPiKx<
za5|ROk2$-bFve6H-}3nIU?0+4+$aTZb;0wwz$*%<H|LrK3!hf9z@!`#Nv<5$jSj|#
zn4S1D06@1g9KD_d9#NORXdzOe{sW@uMTW}aK!Rg8fE%3>GL%eo3%dPdueiD%x-4>8
z+$h<_)I}zIczSG{l7a9w)z+drrjLOPwJsr1fQ@~~2{o#?6t=~Um1*3j=@f3%8n{$5
zaKduLWRG4e!{(0}zQ^XZ#*4XTi4-y`NcRIB?ZjeEa-)!R=B$Ba*R;Gr-x0fOqBdWc
z_086L=ay+ddj>|vRU1djz0R`?w4dT9RQPv(eAj7*hv7mD0FjoHc$5GQ-DX&Fj{FJl
z=Kna2_|&T3AY>fVTkVNDg!-M&BTTwX>tRVbhyjq>s(o+7mK3vWjb^x>a9f1^9Dx-B
z0R+SECUAtXsQXpI7euBlcj2=kRrb6NR<!x;s(vr<l7<zFV@ScN`Fg6rEJ(#0kLOH;
zM1R$9v`(R&W_l$`L7P~pPNiNO>A=hDQY%W@ePUs#-hT=aWg%?7;isM=jU!nlBtXJ1
za&IQsKt+seh}jTe50C9>4g5G6AIRNp>u`;|_<Ip?5?#MW!9kEQEYy_ot%Qc3pt5DT
z4GCUcAEsVlI~{S3rF8cVjqiJ4wIlZNej5lWjv+;ihq;KCu(n}DYh=|QU97Lf=LFV8
zYv)DI(R71+m2aY$O(#`x(v+Vb5@VzE5BOI_EWCi5v}A6=Ws-AJWPJ*(R_PE4)cWf8
z*{zJMd~+=m@B=(mCY5MXjUZ!Qj~Z~Ue8(-8cR6a`Vwnfr%LF<;uH0UuM)rs$tP(~x
znh5k?D9M$UB<w2HJ~Wxnj}bJb7`cD8(6^VOyG=i8xKbBML^GsUs>k+fb0WJaE}b;W
zt*G@9+H|>5xA~Q#4D=?c{CPITaU&B8i#f)zASt?}!5`dY<D3b4JGgK2D!dTfejzF)
zLbgzr2Qy&q7ol9IlbU_EV4aw>Y!IH91kC|nBaH4xeII<76mOuhO|v#j0mI|)T)dv1
zmLs@>u<eCYL#+bj`n0h^1&_t3xMC4I5oN8cJ3czvI%jUKW9GRgnMS;}f1z*IpH^9>
zwhJmNf2^O~d{tIve$}}<FQ_eHYF|}*R9f*rG(U-4JSudRF~+}Qfg(M_c{47i?5MrB
z<97^_&%d1h!8JxjWHrurWE3`Fn7vM$XOv1$2)kNWDp&f0%1B1ZK`Vyeg2(Ao{?|=}
zyeI`)V(^HRk84QVU}^4^bm6R0`#G(kqNu61^65>C_bQfsv!PyYY}kUDu~k{Wo5aLg
zg&~6b3163c+#PG7Y&922?BZK9%XtU)wICg14G&9CdLJ)clrXVIVJpp@i<hVm9F4W&
z@hAXesql4iB8n-uK8ZC0=P-N9p=Pd06&NA7<DDigHZijH*u(wF=x`IBK8tq732ES_
zXoCS=l19A79%mDwM|ix49!XAPZD5QUS1yH3?#GLk#jNy(o4G)_=ea8-rHT}}BR&ST
z0m0+i4UU{^IY07dGWL4{-AV4qk6}CRSAjyc&Ym7mY7~D^a$g@ziKvcUMdY8T{}vaV
z{k^hI-zPlqBbPR&k~4Nj7HB>d!CT_Yn?TPOo@+3V)p^?sTAczJ@V#Xzuj;)Gk-rm7
zE=~c8+Jry<rc5%ls=U^xDY<MfJe1FjO1=y_`0mnX#KOLm@FU131w-E7hC>dcW0VC6
zkRF1!#>y)^=PkY>MUUO1Dr-yMTib3R{3Ve1+WWH$%zUI_o8fk?UP}HNU2cbzRiJ;b
zioo^`+uJvqblvzpQ`dA1ZPW#@dwyo#TU+g_+lfyi7FYRYL`8-WanM*g6Bql-;$Gqp
z6U)_)Ld9!;<CPe1%!_=p-`EP|nKRlqQHYJJvYS-@qctp}*-n0I4Km+agKv%v;9spl
zYO{W*K;jdsTq7FmTWWX~+2gJ$&_oGt<O1pr$W4imOYi@{|9P!jmLP@gI6eb?6NwpO
z0%$n<Sq42>z<zILA*k%<35f6|^7sM3p1HM9Jl4!hR3!EY!bvdgG~wCCt=^I4qpY{_
z94W+zP^-Xja%+yiUAZ*Oe-fLA;%0GR84TM>YBDKygB&X_BOq<@6)1-ZSN*iU|M3i#
zmep&9>@!u8Qmn+~9$rM2jEX0V5%>v`@l%jIxVAzKnh>J}b&qC&E2uP;kqtWRT_926
zf6QNXY1r}76}kr?1{Bi_kP5TU!eRLYWqXFJlJwh##k5-OC**&<--H$!l--mPT^UV7
zW9|cr8O4O7ZRnTyf@%Zfo9DdqmLK1HV+c`pqYm-UCwbfVeSA9y;rbMmQHxoOCx)Zy
zm)!PgDp%EX$1F@}njXw2dfjbP#fl%67>nuol#e>HD+f$oRC|Xmf9z?aqS_gzaz8uY
zM?77G$=3utt&ZXf_<;H(7ylTS>c(Z2{!<?BYhs<rmzP|Z=6EMCADd8`Lr8kzgJi$G
z?sag8Pg0oaEw@^A{#Ll+wq#NaFHd8Tyakh%*rD6f<2v2nSf%Oen?cWvArk{a`3bqV
zHJiXFO%!#WSvCf?Z1g8`s<04dXMyCo_RQ+FeEO8E#SspJ`@MBP>eRy<0l%b2-(X!{
zd=OkDs5vL}gc~<rup=4w1x7j>R<P@A#!AcRW2{#=Zyh!18BT`vvz;e?t9bSx3$4sx
zh2kKDw6J@<|1&u>%+@+;kMWsUeX!cL+T(I<k5cF%ShuMCHBh$Cpz(F!_WIm(YFA4&
zH9wYTp`1ZDnONnhL21zfUz&<QQ8*P1F`hmEJ>ec?xw0QTzNL4&+KpQ-yG5U!LLsj;
zm#k`sdwYfu7<wEDH<Xcg#1Q`UM`G{CKdK93lK-{X!!Fag91eZ*e)*U~UK`(GY`w&+
zrUBqVj%E2Tqa@0*k`@K;WNuNt>5sS4hoc%<t*^GfTls{d2!J|x(2tM|RZ%Tv|GM?Q
z;)GCYY_gI%Ig{0nVpj`J*rydTzepcfET!hKieoc^bJag(%q+*0NA?%gCtiDYuH(Ua
z1<CtL7ch;dYK9s>T_An^wcnIVPgrE~0!Eqe1YrXm?%NnjN9!*}67(&Th0!3s3*skM
zfO-U*e;9uR^T)XzN7&o3qj!J=g;@rxrwCvN=8s?(hKT6T1X>333uGszfUpS)arLi;
z{*M=F^DGfy2at0vZ-optA!A}49t|Z@CJq&t$KSXPLxx)WaW}-wLfC^OxJu+c1aZS}
zKD;~?2})cqBIymO9)5q4RWEW*Vz|AR4uPdmFB|}07>#0!L|%N>Ae?<!0AHAD1ssh;
zRpv{V*9f5=t~_aB`Lo=me`gt&SXn1n!iQsVMiK80M`GAQYH)ZI4tlK9<l1}7y=%C-
z{sRzvS*Bp~^PTo=V}regl9#WA629zl<}P!68$rRYZg){%pswQL>U!}JSN>w@u6f{-
z6$|<P^~2-1EWCrLLskgNTyq|L!VG<Q!#?~cviMZG@yHd#hC%H-$NJ}N|086pVEsqn
zMcuw|jGh0{o8em(f)I+~FFR-v9zfeLY~IH|POBNS6!97}44=zNVf<h$qZkf&E_5K^
zLHN>}60DWEKSng>mtlYD@mTr+@XaAK@J%EG6kj5WgU9LbCc^1bE{|P?5Ii#gr2-tW
zgrPeUUqBYVDV34N3_|=Pn3aN|Yd~|^`@?xP!cI4Mk?2}eUf29CE(ix?J$Jy2(TX9<
zDqjDg;=6i1_qaiJD_E8&^+eG+9)!20OMoIIlp9bLXfZc>Ed&7ae`&foOol6}3z&IS
z1CInz27HniH;_EXx?l*s^AQXAeBUidc`{vkVx>BG(ugKFdPuTgx=5w2TtLPk!_kZZ
z>CDVRvd|~nLb8{g@{XmK5EW%VippX+sOF*TQ7@R!yM4Y`Vcr!<fN!UfL2l9X9CIbe
zZ`^s)jf8+*1W2c;&)^N^`?GJr(^)AXrm4Rj@@a0TP}DIO5R68Sc4lCOR22>cWBC^t
zAhTQ~pps({AuXxyi&|N%-^W3#X2b`L4O5UoN=iPy(sb{zH}A(fE&7iV?u2gB{o8Vf
zW-voZ;@pKH*3lNIfcI2!K_wmJ-UQ?+cIKi-Q(<>niiZqEfru3ah#@Ik$Y`Ivsneb#
z%@8>$qAjToFot+eW@D<~P`^@aGfy(rYMF+PgQsEQ&zYo4dW4)d<2A@}B_cqI-jR{6
z1Y)O?;^fOCeoiWPJS+0C5EuMXoFqtKvN#OJfCB%k&GNR&<{x2ErF*;YSv)Vs!M;w$
zN?7@9vUsR>_dh6^m|~@2g(H#uvaP1ylnns&e}Ks56ImvbH|x~_H!hb^20D+_-8SfR
z((O%qN>xo1SNBZHF$ka@2aQurCTLF`)0k<y4=CL#GiMFAx~=M1xng*?Cbt<SQ549n
zF#yJYID#iXKvYiz?RlT)G-&m(=?=D4R`p0-t>ac-6yBye7bW@K6V{p)B5IA#8+Un)
zXIblVRu??iEQNN`t2|#lhV(4t8$Q$5gjb*+4);-)#JN`Z4bjK`gdF>w2EiFVP_lq|
zf)-f{<B%8b0E-VJZQ!Yax+9=8vPeQ3yzno49=z3YqN@-OT?6mbjvLYAMfZ@~{A;h^
zvw^h5|KH#l3|Bg)5X3Z|89_GH81IXxRDxU7u$RdXj8YMDrUX86M6Ok?KSyO!E3I7Y
zB5u6B4gsQAP~AH?VVw~7M;$K_fN^7=<0l_YANRkYSzG;Z4%3nU<iJQL52enGo5L(t
z;zEiNB7XR4xOyq$Y>~dE=7A^V1n@?nW8ULYURjy@_~X5=vhwh&>Or3U;vWwV_UpK!
ztOwJ&&D(w5KX6gb-^UYNU}ziG?Z5+F&|ad}k=(tP=Q(tBcqkf+YIEvW+Af?w_6NV&
z^aCSL4z$^C!^LI%s5$>A9%MpUD&BVI_zR|Dg$91&@OAo?VV)P**I7WU1rj1N<x7HG
zMcn8jnWZd$9&wx@Xbk>u*UNH#VTu+91_ZFH?7v5;mzwH^D(*WOD8H>wRL+_EhWJEy
zFiPDidy#3BYGhe2FHU6}{9LZpAX|)??^(#Y4jHOerGpvt3pCRUAIaTs!ZVYV_S!@v
zuu)t33aEWaA~184x!zF{B>r#Mdy?~KVeg~i@5z2-d#Q_H+PTE>FUn>58wUKT5dz`K
z9fO~+O*O5m;@9F)_g}o0i0i@2Lb7@tE!}cTuD5z&#^jH7<HR>@)aAZxS@?!&ql}$G
zZR-Q@EiqA!Z`i*lc+UwmLw1q0bn%G%N_n0<oqrjuRk=$Oy3<+D>U0vctYJ|bJl8P#
zkpI>oj%pqYv~sQw&?g`!H+2U0MF9S8l>CkQN!cO*_Luo1BsmqO2X3Qvs9pSbAD5@6
z(DVzsjyXQ7_<uv*Sh8=(8$3$-@!ya){Qm=aq5pr7w~{5~Yq%EoiDA89l7cChk1eZZ
z50lW;D79UQZPBRdos4XH{O8t{-*{`Dj?&fPy1Y5UR86gM%Pdjvr4ncBPZxJlfmYq5
ze22o>BG=|$_+~0(Y|S*o`LbAJMY6VoU>vRpb0$3sNLb8>@8jBOM*)oijA(NmI;s<C
zRezLTsqbo0c`^WFD359yt_aI8<N~hM3g5jtyu$DbjhE@MPY`FEsB_TgIJG<F;>P6_
z;<^{As@)S%gznxSCW}|%Un(2Hm734(OA~9%3!T9xiz-9rN9-F9-{>yKEl%lKy@j8P
zm*z=w3h!M;{7UV1JbU5J(^Py(at=SlJ-qQhcz6Z~))eD2dAhMwo%@B}nsQjJxWT_p
zK13MD|HhYW3#au*SP$-Ajp}+5>6rZtOar=1%&TC$wM3tyBR!JVs#^trM=YI0BTzfs
zfp+#=1b*TMr07gK?=S0TH`J933Ua+Im0Z_fQD~3<fxyY}_1FK2Kt?Nc7Ge}3xcw7>
z3?BzdvT?)rVx{Gpck|&WW$Cg?J+~P%kI?9-^CPy~P2ib3P=zO$D!avZUqQ`DOy@mF
z$fow)Bl;}3>%{0t`UeQ3g^B0>i-cj^tC4R0LBh7V-$+=6@Bc-@myzE{*c@jsCNq)y
zT<y_!{;YEs!1r(b@vo+Iy2G*IrQ#9(>u?wOwqxW+fmFS4_bMW{N5-^u$zu(9VdHGn
zKk@`6&ztcVF2G<p{}J112vM1{p20aGQ+YQDC*I$^#I!+SwCr)1Okik1(z@5p6kJ;)
zMTTwLP!DAWI!w*01=uJxw98gH_XhJF>1y@aeSs>y)DQ4W`_`{jbS7@WuXqH%eU@f}
z<kY&*?atAis;U(Fb@g=^Q>)}fo5`44+$GIf7p#Mp{hn5f(}UuItY%U0Mwfr>k8dbH
zAbJz|A)_8a9_P}xPJkvbrspk(-{7<CDNW6yq|EN9Q}IO6P9A@q2`|-o2yG*DEgZMd
z`x|_T73E!g3z$uU{xKC&(N6?*CBoQl=W~Jymfk*ZR*^$T*m-?T9eUgE?@cid%<Mxk
zH!k6keI7nvcjyBEs*P>G1!(5*hTqYcF=LVMX<6BT_a}4T_qI+BhLpCfnb=BV(9<J;
zmf!e-IZ_wTDK)MWk6KRkrtf&^`nNJ&BNZ4V`i@K{WG4ZFmVX>l%Mf|_U6~IQ34sPr
zr7fo4=P5eEX9pf`ADJhrTp5-h!L${Q(^>S`$NaktT$Q~L0{?ZIboHB(#45s~8)!ln
z(tiy~h>CYJ9)tQj(f_pEN-u||xZ)?FFhF(jRj5}WNb0cezMfBydOD!asDl1eYgn5D
zv03K^a5$R=>$eZsx_jJE^eRsM?Q=v#(tlYNwgu}U?k0hw2J&J>N{J}ow0WC~g$q}x
zLOZEev-*%bOvilFZY09Pr$jH$B$b>HBvn|9o=)aI*f0nBSgoT+h*Jbr4d?qxiLJ~l
zK<z+$Uq9Q5pVn30K!rq;eCK<soN#;!zgOT9Q@^9KhUkv7rxtf_Z^Fx84}u!Tgz;U3
zW!&`|)^UN;?1|FesuxVQ(uDNP|1((uh{+Uq6o?7PFkHLl`?sfi9WY>|+8)S2wqh<j
zBCKYY5V#eaed6B~m=ccYByza$N7gPrN0`ai_Hq~iDP>qrK{ZO+hA{|PNs|(1t7u59
zN)SL%fqBwFX1)do@$z(bg-jSpzEF1>b1=)xm*uz&b;dc&5!z{@mCO(AZHL!XJIwF^
z0rj3f6`*^%lmD$>#@6mBfp_cNvh{bpJZ4>+T@pouR@0JxFWIrZ56Nf*#ReaK2HEyS
z>4rsUK{<s7+TQ1LjC)=r;=t7&cJ6*t>$b}Ji6A(FFMj1Ikwpx3vJ#|V3*D~B4ci5e
zOti_Y(D4(gpjXCrF8D4NOzr$7onwUP`{Dq{Rb0OZZWfIE9lxa~%15>%Y)rH&NB;iW
z3aAFsA{J67xy4~8@F4SczFcVdkNIxDfaHALOdEF`vW-G2LO?EMN#Z~I8?;{L6Z?35
z=r8lqya&sd(Cd8=YT0Ex5Sb20B6|jrkVU}k;RR>F?6wd*R=@d1;7q?@@~<TTvmz)!
z5}Jxa28^my@>5qan((vb4(iZAxaOi6B7`~?vOjHUH_FEys1L|5qYd&M<k`$)6zzHn
z<e>BKMlo7|!9NF(6IR9;bqIG-=W3;r-P4d9ya;6l%FJPbX1qnZAGl1VAtCaoQ4~u*
zyMbbX@mL)YxgZ>;FQZRf2AI872(Hln$YWFY=On5FdAQ?W(j8Q5ft;SZGWTSU_GX$$
zavcK|ssB`ZJ4Xx(0`r>0A64oq9TtRUT5l1yj&#Mi6yf;QbT9hQk4Rn&W|&G2VyI3Q
z7mzWn+fdX`C*U^mfVXnfaDq7YzPL}(e?DKo@YbI6ZhF*DDuZ{S`!VC~G}`{ms%MP5
zm`gW%iYmMNR?c|bd6}*;WAyH%;3oE@U8c~;SHu&1aP-@50;XqwOLqf=-p8#-s&}(T
zYP8m7!7guarPgM9C3n}Ar*@eWpVv<M6*>-E8Uj`Rgw`7eEAjSXH@UZ`kvC9OK!VZl
z=@HkJ1;HyL@ZjWJVBKVSh3#b6@4{frK-&U$om?eBf>PzNpw$LhR)(8|i5`98X}tMg
zDCUQ-ln#bFj5{g_?<;bytXqV=5uZFEhjQ$_?Qp+L_M=?k?U?`O7rMRXVbiiCU&@44
z+0E~TCNNK!>&5O5jz1N?OP|0>z=eC^lX-p$=g=BN?AWT%)Dr?hY{ocgvHYb;)`8al
zU|MzhA4*_hKBFG1Va~HcOEyYQ&Zno!iOt{dG^t)__B*HnwUPKf4{KW?VwD^<AHDYG
zW*B^>7gZC+Uc{8jyOK}~Y53sppe$GU0IO2-sL8TD_+oAe<YF$lHbM(8!^*_jHNnlQ
z8wg$Hqwv}vHdeIsfsplod=oUEgX%4tJjn~BE_3Z)Qaw2y7P4@SL$H{LSYjpEEAoc8
zqK8TzSR`pBv#hqJm8*rtAfFdh@9wIgEyRJsMFWaKcEQ^Flq?b8MhBv4lal3vMTYO1
zWjCb8H>Yf}V5y1I!TP<~#{RDgC^Ww#SzmLG&y9awtZ2Qppc?$fkVACbbh#Utq`<z}
z&soOSsXs)kJ8-Xf`!N^++Sw_|Q2dd*SsJXzKs;<-`m;-BKMfCRou*fS93%JacwOpI
zqIXyKN9>gXGkUr)THcmK9b3Ie(k|D}-HAe`zw2^Sg?Z&QP~Jn~2bt+g-t+NA|JXh^
zRJmnv6sekjv0jqJwzU3Xd@*Q$NqU90hw0Kyr&G@-?|}0E^*fr{$#v3|t+J;2hgmKp
zUr33zeSK_meegugSXB2W%>wokpkK)5$5hyfe?NSuEum7US^r5}dQoE%&a@9a;89=8
zzXYIi>;;sjE`^v8{Ns#>j)~fRw)lDP?J~DIZInUGfAhY2L4592*7sKQ^ytw)mHf;(
z$Q&EPqohe#F<D_U99BLd=By99z{tNTEji9Y{nsHfQ+(<E$8;L>VYPUFt}zQ9@K(R6
zHZ@Y^tDLC(vxN(Q(Vu-081XxI7XW-)C@jO7T5RNwO+V&`VSKf`Ln-HnKhs@1T^~jg
zJI<?ycB%+b7<VnhrNcq;bR`&3b^hLVt?Sz4nt6atS~S&TMw42Wug>bpoay{Tpqh^G
zSC!5?QU3TYLV!_dm0A2Sg;4?hsi~&%N-|JkS$X{!@!YEZo_{<s*cD|!D5xb%FJksj
z;*wUfbtf`dmY!w0x)9x)?sC1N-DZ!#!+URoM5{I%`YN}4q>kYrUl8BENQHm^!_@lR
zq*Ge_^xGvdZ^}+grm`)No%lp@d<rS_7~?N=b2IVb!AhFXuQS>F?MP@-r2jOG^^Y$?
zqpNXtx6u?F7N$;@&+6YBVAIBcxbd3oNk7#<?ZRiRz|)W``z}B2ob&RywXm+u*s<em
zAK@W0q4y8dd*M}8Q&aHf|1?ljgZ;YjX!$&Wt?^jqU24w#vF=^q{zjSk3Q`fr3=}w5
z|0JUKqBjz^kwB~4`Cnm655apgr_jFWO9gC~k0|-EA&-lHxE|W`@NfJq<g6CAvD0a{
z_td|kajxHEQA{K?FNpX)0)xS<)emYP)q*5FwUs~pu`_vi&MJTODKy_*Y7XJUZn(<&
zq&geZ9t_j6lyV%rfgbe+(?YHxh$;mT6uM8bH^_em^)@B^#U2)&mhv-IIW1ylhsIHv
zvlu5`6*3uP%i*<Fh?ly^iVEIWDVn46%lhB)MWyFkjHgA{Qq4Z@=gMI1hGQS>L_HS|
zndp@H5n8k<uf^VB1_Grd7U}m#!C>Tw|3og=$S`t~pR-Vy<-X}+sNxEv%HIEzw)FYU
zEfOZs@ckd3XfixPDSv*_B*WXal+Xk*Y8QX)2z!6$FCmOiC-tuEHaFJJfx6i2Jp%1p
zf^n^JF{xnIJj1p?qnPkS3Zg(mL_Tu7m${BB{&(q1rXaN4=(c~z;qf;)bb@uaccMOa
zDMwr9;o;x)S3VPEBKWN!X+=FB)nLa9=i>ff?65n<DnfwN`cCx9dtQb6{+jVQlz???
z3MX!VrjRn^0;grSXe`{q<f_+CR6Z0<PB?6rM35|XDw9KyM<j2aFmPzR`>X;2^%J$r
zezVK+i#BW8lVsj@Inn@cRuUXiOcbAEN<m~W9aiV`n;g!5lS750N=<VC4Nj975bMS(
z+lU@=2W89eoTZY4Qk7chGzmA!gAG|IBsBPU&QhZB<}R3m)Tf-FsJ0Zp$iB}%x>=bk
zTj+iTd-RL&ew~bfwuM)`*S_Opv>3x|6P@vHL?`{^_sXL$J*2noi0))OUz^KF_x7}^
zYLOQ{m>!Np**Dp2H{o*NjN0^AsUT%#O;uW5jQFuVw{22@f}9nnpwR5s$9eqFWs#8_
z<%KpK`0G+f*-26nv?Ai8THVmFCqQUquvX?mt$n~9g|(zmntxo2(rf0}k#DbdU%Ibs
zE?norM65+u?LF{E<2xk*vD@T)QT2!FDYR5AOx`+6&O@=2+F)&N)e?S+vSjvPOtA<<
zqUv-+R2>RmH48|xgkNfi;Z68lVls_ZJ|*I{E}oRqQ+qLTcOlCuedZxqJVRz*;<lr3
znxb*sAC|!#(7gE@Uuhhsvc=kSCF3SB0%<9JV=$f<jTkBc@v&0<9!K;j!!ABoQHq@Q
z@_X9C^3xEF)JyXOhXdj1#zyrHrMeMb*ubzOJ2@;*O>AMxj6^bH26fmlzVXEMqymZe
ze$x!H?ytA<?)NQhU)5M86z0(@@-Ha=Yi#rVB?)q`NeMHGtnhN`Dg>1pY{E9AJ&K~4
z;iL#km)+V`9X;edHBx;Wd*P4FAB(xkXYmyr=m@UA2cx>GTmx7V`h+sZ-7GniBN}&b
zXi$&xWrugbCWl*TQ2h+?DPY9gRm8PJ1ZC}j*wJCECI&2u(57pK-wKhZ?~o5{IHBdM
zk#}tsci3-we2mD_=mM~tzYTmLoeKN5k9BFSMp_LGX@A@Dx^R@qN^}hW(@ozg(S=Ep
z;yj-u8IE=(AvqJtiv|@B4N%EV!zXW41jg4{f+$zOPp{R-qU68@C<d~;IVwqN=PW&5
z0}1Io)A+{jE`kKbHSV!2!>mtgxwXn1fQ*3C*KXDuVLcI*(&|1Bj6t<L;of3Ia6ZLL
zxCF#f*$RG^k#$*O0U#-YHIBAwjqG7;#bJ-<p>bWYdC}ggRAK=_%?!KTE?z-q+Cp3y
zEICKEM!r^-C#5I!jtZy+_I@~@IjB16JTu2xYN<I{0C|qRDag+Qu=KqNYFsk$Hj>(R
zSiF(#Jeh4sG?DBs*++nglC~jBV$fmoI_up^&djujp8~+2pwLcyPK{Qlb>1i07N6Eo
z!C;`G)p|JbE4{x;uNx-?UOO)o7c&Z(ZX8G4`1E9qJh4n$F!crEt);hCza~u*9O=He
z(p<)EH{}PoMkQ>GDyC+IyilzQVaen&1&*l~ezNWdDsmQmG8?o*__7IkVTDGISh%&d
zDy<ce@9mP5ShSj2O0hgUiV}LFxDpY{#nOZ10uLE^l6KYmc;<O_cV_q;6YP7zCDuL^
zzOugD|Hau`05{UKS-NIsX13eR%*@Qp%*@zrW@cu)&2468XfxYwW@f(XZ~mD(v;W?R
zyIT>8kV?u5rAig`=E-xOBnt{t8Q%CiRT@4MDvmUSRdT@K`mIh&Z{wM8>h<Cn%C4Ux
za{*+`S4tUS9~sD`CSRP7z5<e&g`DkFpqZZe<KzR9n5?=yN2v@*Tx=%_0-Qk<q@=P}
zOw1@s8=USGt)ZOWP|0LF9kWVPY(74%IzAjksRXn-fI^4$4hE9oMZ}xeVrm@Xff{F_
z(p2&1cOkQb?}zRPH;lQ<xWkpg$U6MdC?iI68RWJ1ie>#GG2;j<y_$jb1h^(ren@AK
zS|C5s1FLqgfEseKN2$-YN%LuQ3DxY5YSkX=k!hn~c~ghm4uP`j&Phi?D7d(V4T$Yf
z!|fOiRqpwBwXLP~L{ccL>)V@4D^7m;aIyI{y)1NkwO3eigZdj*v%VV;!@J?k_?S{@
z?Q~_OpDY9BVp^iPS$tpc<j7`i3$K_+o9U_RK@StdkFm34+A~>`9Aoe3>Qa*93S7Uf
z<LXGgFxppF><j)b2>G7!ZS{Wt)H%7|;?ieT>c?}t#3m<{C<%BHss<SuIyr4t+WSwX
zvj(Zv9`Of888R=a0SGl_F00I|u0HL||JRGdB#8U7y`r&)`b@8S=npCj_i3RxU#R7#
zDp}27=uk1qtTPwwSfS2(M`ra(shMz0<I0?H-}sQDj#vG7St16?=1*@MIkVt>s)+FC
zO>8?^cFAX5UHQhH^L*aNlG3qxefX%g>g^n*Gt6@(US=s8>Ydf_69P3nHJ~{22U)@j
z{S$jhiG!x!5ZQ?(r-KtaNLl0(e7q@!(zK{E8r&r}jXHFNm50z$`>Jyo!HX0jYM0Xu
zLn)Z2S2fByZRXGiU6iT1+?;2$xY=mlZyL%aj3Q`hNc{N7ivm|Y9aI(QlMcdOf9$$b
zE5CePE?ZnjNX2!1n|AT%UVF5kihC5lT9!jzd*WPD7QUt?9d%z@HZP+qq~76J_MiWF
zY}Xe+U9r&hXCZ}7I-0$mXq+25ZNVvs=;@bF=%6{ll6%R(-bO~hf#)<ezT5w3=xA{6
zI52a^O<T58R@cziW#9ASqO`0Bf3NNoKSBMya)XqG;))%aPRO5s9WX1zbsXD31*7}p
z%3#*2jK3^SO{utPX6<x)4XUe;pDEttD3>*0<d`7lJ5{$s8KJ8BA9wvN^|MC>h`V+2
zMLSqG+r^|`eO?L|c?ff;v&{A7B=$R~7_rbVgBlfM9-|w*QHa|SB3)bQD;NidlMf%B
zoNEhIyllCXLr>rYPxWM3t_`x5rGqlet5#{Ei=HmqTH%V*#P@TOrdn_fWUsBIeHESK
zPQxgT&yHHz4Yd4RDq$9V{KQ;0JQ^exH_MT?9B$HEk`o)F(%EY04HeY7q^$F*U3HyU
zF`duRy=HzyMU<}egdn+g+%%3O#(^!YjaiUx4D=BViVg(3dX(h7A|0?s+l5uDA;!!v
z8tUK<u+AnEAk7n?O$Weh2SKX`z^eyFoDD$dx4mcY`N`lqX?X_*4XJ0j%LX{^df4_k
zSFOB*+OE_7Eje*;i8)ma(B-LN%CJAmf916ivA<0B{b+i&rI+j_8z&2R_H<`DIugQ&
z*2_H8Mi0=#@#?zfTIEzEh{wLF9k>pV;-x_BnN$V+EFV-QOxc_BUF=Q?UT@DG$R^$Q
zB(z(#c~{%6<HWxEUG}`;MK6mnT8x~}HocB%x<HMH*s1a>gJiTYCC4H!TR)(3X`g5;
z;l6=U@udE4PH-j!Nr4dmwt|QH*p+-Xr=fg0QG~=s%xO9p=fHU1TxznERb2(6NQ)qg
zY87tKqWVZc2+yjmF7!zE5{6mYY}PvwtIIP?=NdBwVo$9Y++K!3CM|)JR}lk)5*{+U
zhmwUcP{>(B4z9r?((z`C8*PVxvL6a<=RzZx#y#S`0wD`VzI#jNfqOw!eX)MPBAA+e
zEj@N>`&zTz<+<UgkUQ>jmN4oE>>7*Z%=)s-?_43D=`CNF3oV|_z*k?GQx=d1ueZgc
z9CcTX1*b1p+Xf{T=72tviq@Tp+=R#u&gT4`@1Y%jU10E-tQ+T3ayG3)%pN5PC>Au<
ztw;GgB)=V>^ak|aD@W9v;4RSUT2x!uvKJTDB^0e|Kbw+C)>Uw=ptFXtvxG3?7~jdG
zXjM#VF5zrBl3QOfag-h{C4~{IdIzJoPy|tQii!k?6Olf_3_*Ga)dM36&2&{IeCP}d
zdtn19faG{_GJkJI^%>8Os_n@=n?Ob#omK6%eY|dNdf$`M{nD#Uc)M3%1|&8UmmF&<
z1PSjbPXQ*qUdOv(?<CP4zDRdHsACM5aTN2nOiKyg<5PEpSLy+3O-eSTNp6Xzo`521
z6oHKK1vd$|4ksf{x)Dmo4L0F{LTrqDBX21|OaojVAcUdC_`X@N6~?c1eiIQTivIBx
zBxmO%0U-7b3fpo!DBPNBU2OIRAlxP8@{BFPf~~~tKSv<M9xnE|;0T*z6<+*?sV9ME
zz!OVn-wap1Y<e4f;>>Iy<*d8rrkBBf#cK$B0r#G3_ny;}Uq08EyqO-K#MV2<atDO7
z4$^zC!(j8y(h$hd9XROlhgoodT<vo0Nb!E(385tj??QcaMx~|_-8KsVtyUFnHPfzO
ze784ix(D;6y(1K)^P_HZwef?2{Wi+Ml7JCi_|7`8XjcfoFwyrXYGkrhYnrQWNyvZy
zM$K$bM?k|o<)*sv`s(`mv1CujzI2;OGI<hd<s=Ua1(>LEUJXbTD7=BAWmtB5QGHMZ
zN0lS}3&``B$z&R2pbM#z#|9c9iPs}Vv`mgq1577Zrc~vedezcDoXGSX8Dy~;C+hN|
z&VfVJuh1xN1_#YH=M07cHQL*CEzh&`32{M~VzD`2I~=eG<jmXySRIC;-Q$SF(_MA6
zO^2d|$tUQaHH#n{4XL@c1sAhc_w8SeOQk0=w{l>apNH8hGw6TpFP;TZi)nBI8sSla
z@;M;7;+?_sTkHjZ@27P@kNtA<HI66v7%qI}CSmKV?+AhJE<MK83aw8y^TfH$FRr`a
z`|_0J)jpjD&36Fow80T)&uaJINA#2#X*;T-FchkE0mhqiMBL?RO|Q_W<mG9rSvvbF
zT3S89$)7KX`3C%@3PXk63~PRm2X!-&7uj?0*(^Pmy?J#>n7E2UH0;lj1yNY0XOOkg
zaZme=1)64g${6y<3p|0|kn39$-xQY-VQOJ916qv->VGf1Xj1+oD_zZR&c7&}^J_Z+
za=eFhSh@SyqD<%Ke<+xhw2nbZQ*l8IcxsIR<^ips1A_77_7E=febl_2r(6?ccJd&@
zLasf`@M0J*+QcXfRqHcz!}w+Mj5&*4<UFhc7?x;$+V4s6ejrJ+iH|px>eBgg@;(!=
z3c<+&AiJ9`<_x%z;rnT(tdTv_UZOhBX2Sdtna>;xAFC_^8|&U<-^iJn?xf86EsU_!
ztu)pR(6?!gp!3obwrCQ+W2ZtN)n{wyBZRH69{4IFCWr$it|bq(Gg>4Wk;Ni{wv@|E
z#wryGqAiAKXHy}4P?`8+3V34I6qDPXUGKx>bs{%MKfNcBwCqA3aea*x?+r<O+pT>r
z+4;B?zaa?^ExI=OlXP}m0ISIK!LwRt;bJ8HQfxYS%sJPFw%%rwW4eeK!gb>(_KcNw
z%7G_uMu36%$~Y?!#Vuryxx*nJ$-zqVb>+Xat$i~bp<PT#skGVO!zNOJRUm+mP?j79
zxe!ay%y)B*wcd)q?ppINMeHn{z^qqX{KA#j8Gs>sVE}H?plsm~s1yizi!gT|U4OCn
zMv~hb5P?Nr7yPx_7ggQCYkQ`$+eAB3I(bvhcQVMs1_;$!x<$LDYyb7Z+E0I^N{|>G
zwYaieWB=oX4Y^WOQ{%gMcn(lgoBC=gt1R10`X5f%Tz7@ne|N$PAD;WVUBlN)g_pyj
z!JyoiI0Ez@|7_;NSInGPfEo6$S)TGbqKt=~l-=em7GNhJq8owFJM+xRG8EOmBjkSe
z4TiMPJp1{o6(H)Z2T+=rS>0Th)E@lvERQzpLwPWoPtu=h%|_J6V>M2OPhBqmuiXKO
z3Nie@p6virFhO#weiqWQKT8zqN8S<cpiVT?*K(f4cP4Z;U=}irKMw!=M6jMBfxh|c
z4sg%aB$oJ_ur2#<3EM9?aWV?)01=f}(NQ{HDyHy)XFb>GI=g(45gnxHe<VxT|CX|~
zBq$Kc(`*^+aHYlc0iy~CK!*u$UQ<Tz!=#)0y2|IXMAQalaw}Qz$9-~V=jo-7S=Y<g
zx%d;hHVhsq`}!{rEd0eTP=R8}j(a<-s)dbZ+5L`B;bCXVnNn6v!fnX*Yrn>CqpC1s
zG0wdUC&NtLEMbPYcoJPBm{&Y%$A9y|y8rdTmdL$F{Ro2`%r>YuqxTI_fG;$u<-^>(
zkd?W|R$3=w7wI~#&=t93c#cJP8U619kjUu&6o91vO#nK<!2g#3^o=%a)|36e1R&i1
z6o7Jerye{6OwVVk%R5}u=vXSEnuF1Fj_hYH1h7R_E;&^w*o`*a(>cOLLu<|!4pW85
z@yd0%+3)aF42Sc0m<|D4s|B;e$ZO1_nl=8RYNXN#y`F^z9QTCZW65Gyikk|snn=V$
zL+o0={mic9bTD{}AWM>A^#>+J#(B%ZnIi<$1gYG6=#Z8~n%l%lAk7j??GvN$BzG>U
ze9TpaM8)Hw{ip<ELChjpoPuK4SM=YO$>mLzqL@AQK}r_*+647ZYjlfgT@2_Iy@}@o
z!Y85F_^TJPI|Zq3Lg{~}dQ04;+1e$0$%C6l5ULG}g9NE|`X{j(Tz7|ZAU)3J4Z4`h
zQau%6L`?9Nl8kf1>Yd8b{f_kgDHD@ADb_A&9krpamDq4!1<qX&)g-8Q=t!sUY}8Mf
z@{GQh^WJ~>u(tW<J7zg<X!%bEzQLaE*YeKjulI7=c0Ta9+O#MVORS6y&FX^~MLLJ#
ze5GLp8uDDaA!#m!V&_tVJceAMWO4=%c^Jxx&IH)vh=k*hnPUraxl<QE*|h`|g#!?y
z)3z#7jiH)J@CNRhsdw_E!7&$KYX#X|7Fu)?V})aoj7gSuLE4+-zde=5q&#!*bD6Pj
z;}zxV>hK&J);Le1(`VaPR0Ar?m)hklC#VVU+$f>Wr}t=x3?H)B05;1YZT6HJ#^cKZ
zu9m`!tI*XGai*ewFEK>{(mKGggVP$jrxsNII{^tz1+0aBoQtLP66BV?cFfh-4lQna
z%ss5=VH;W@*J)&|EN9*NhUu>e(h;i|rh)fIVaJh9)dn;mTyB1ri6d#432tK$_fuM1
zNxl0^iA!Gp;k2l*qfg>M^BqIbqa*Zk&cu)bf1+>_#sg2#D{3L|RunV8Q`%V2D+Tb}
znimInT!d<z2RIp$vi2HE&@1rPIPpW&i=v6rurmZA@FutzJNk*w0#DF0@OqqH(38tr
z&~tG=@H$ctIQScd7R=5A&<=1v4KD~10a0hVsRmMRs5V}b7;z#-J>Hf7bF5}9z!V^2
zg^K=C1K}3(xV$qSwKg12PiC2*P_uUv3bgeI)Y-Ln2alW{xFO9TXb(8PJ>d8ofaC8|
z0FK`_=Bg@aAGiV32Kc4g(2twPIWUQ9FQEIQUqKli@(c-rjX^d*TOl253&)z_DSNvt
z;Gg7yFM&4zU+E7)Z&$jh!_F3|xCzLLOw9+d4^k4eB4R#)AfHu|9q#XMVcxJF;Kl|w
z;WCbGlCc3_vB-!ckXVw?0nV3TCBiO*KKQUt4gJ{_*I%iIq{^`q<@~<|xDM`By_E+l
z!G$~gD3P?ubb-|-ynB^yvGYv@$3i4%gA&brAt=3mDmmYH&hpBQQANU<t_LQH(DH<h
zb9wqQL5{cM!hsSh2-j8cG$ZG+V1XPGKQNM-)p@zb9ZLGn|8a+|YWHk-4j?4><jE@W
zJN$aB{S!Pg7v`sMkp*$8=Gt6PYL7$B(8f+sKxQ?nF$2fQklUw81Xe}c4g_GHfU4IN
zLsWITSJCQ!aB(3LX}!negO90Uz2Gr28}9d$_9nq$aTTnF(_|3BbYYOkM?E?Q*8WT}
zLxWXe4om3yd_AkJ_PEm4&^TUqV4ywguLU>Ko5Z>~r?`?s8cN22sHefJq50{2QrGDb
zt!+>o)?w1wYfY`>-B6(33r2Rda_?o6f&JrnArc|8x=1%G0Y1MpjjuRX9>dqfxMR3s
zv_*EO-uXajUNqFjg7lE6<q$6f@nv<dqkfj_YVXrZgO6u9=4KVJ1sYZv4IJkjbI-CV
zbLy})CB5%q_*A#S+)x+Ezbibe7!yiYiM*Syy)I7dD1IyDTEL-CI&SUi>8@!~wayet
z{E6T~J~4w(g?w{*|9xbqMDw_Q>8uC;YS@*LRvY?7op!B*0yRaa?fKo7S2-q#ov2;f
zF~E22D#vn@U{?M?AM**8hQn{RxoU@_E;NKeX4w(n#A?kNaoLg1hu^LnZMh>Hw`Tod
zX`H+YeP_bihFq%e`+>6br)=s3IxXhTMDPT-A24ib@_PntdP_%(VS|-?T$^p-ii0L|
z$^MM#m~WSl%;C*bI;Rqdd%E+jMT2hlYS+On8qXwRgd4cJEY*wp%7y#yl`Y4eH91YE
z4)x1Dd)GQunK7301*?EXFKhYR42g@ecCLzh4Xf-6^WBd5VvD0`id<STY&(+gStEN3
zmbaV{V?%~l+<X&cEX(;d*i&5%RZ^vz9w1rxyX#UEn|w~^!SntJd0((`*Q3%}jsA1*
zSW_1GtwcNDwdE^E4!>6`?5~hQlplC`p+IP!0namT&blt&;+=naD@@Y?5ukEtM~qlw
zueazFt1iz3jm1)Qq-J1&!8oqW;i*qFz*v<DKp+gvkY6keG!r`e;Oi??lcog67gM(r
zNi`*6C92X?5KBE!C92AJfJ>@vZmKShd&`4j1MgP~*HmW1opPn1UaHib(l5AVk{&&K
zD$OWNqX9rQ3rkbIM4iwA+Ku?a_DOY*SJTH~ido`ztXY2*`*SS3_H;P|KUMCV9v*IX
z`-&@1GlBt=WcM8gfb&Ta3?@=AB@qKb{NW}zf1o4w2f$cY65XKj2hUpg0%_y0jP;6y
z8?2SC2%`1l*pUb2EwE__aaE}buo%ICAzmH3;f1#*?x`>x$|dSjXuINSn4n%ces}=D
zkjcW6UJ2q>(15uR;_V-WaVjj8#dpM(-IT{aZw42!*rAI<-B7`Q>l}2dm;(3*44oUg
zm4DM?QtTEH{*+yULkmyrYG`%N7gq&;VbNma(Ih>Ua>t=WRg?OZRfkKCNbEux7Zu8&
z1nluWj7`5VtVm51$ta(r7s@EVnC=c`R_X=U(WS8dx)pg0w{g#JRvlzhe6`rJ6qt~?
z2+Y=`BnIu&vTeLFtFWHrT!62%{PmGi@u-RcY@yy56si8;VyUwIeoU~)1aYMXLZ{lY
zw(h!~GldZ1s)Nl|yw0!GUQK(Bd~5&2d8IB5?9~$QLG$fL=eo1-Xa`+cXs6Ct)ARs3
zX+gL@33ovY*k3$HwN^MYC20T!u`5qH=-aSgXZ*bBfv(TWBi*>+N$=e1&cghNF1LV@
zcsz?dJ3c4?H$Vr6A&(8{JSR_j@F{;^ztkfhgbn1<G(uSs|IiwhJ@@gri?AgOZ28}-
zDqn9>ZZmcYa!HXK&_skMz2Y_92I}_0x)yD;<%e&FFzjec5-;NIMXpdcz5o>)>WVe0
z`;jMy2m=V4h`t*!x7I@fsov4<@jq-0KUMQDFD|^$O?(O?kRGAJW%shTG0x~AZGk$h
zHDrwSHQjz{;zRL#6i?eXFIyWHM4BNiMy&-?$aGtqB>XcNX3~aO;95I@T06U2W4j=T
zNes4CU~?Ud!+mE;x3jzXM9QCpB<{7e>Ig4Z@p%+&L;`dY@Gn-2`|)|9&D;Xjmk7XG
z)*V?T6nyWq<>P?0QQ5$(teqRk<m84e<4c<tt*pzK6FFt7zoTZ7R|G{lfF9>+n_@93
z@kRGQjDB8UZ-<3_O`BWgz4QQX8;f%kF9Y3i!s@4$&NDc(9Am5-G^~UI0Mwku>r~*3
z*fQzf9fy6_buAreQsA`NLPz-Y5Cdd(x{WH~w_G53uxw3Fus@=`5lmwQe+Dg3${_`r
z+8)s<*{Q35CF?sq0@3EnK$XFYTWckq0J+^4Co^RN-<G%NF`vLO;3P}};B-7jFWCmt
zbi8f(UJuy#Y=bwLF@tRsL<OjJSx(>BDHq6a-D0&=poSx8;D#vrz;pCLpjDa*59Ed@
z0|Y_l<#PV`<cdikGGIxNcr;~@_{k(Yrg*TUntWoSvE5%!&{F2(F(B!as37TRdO#F3
z;lQ%$%2y=mx~&~LpWE#`Agy75OIAmfVg3Yo5wsFgm7y3+HSgQ{Zv4fO@-vE|pYsJx
zmBFqlhv4Nw7wCR2zaQx6CO9Bd?uQ%S@q7S;<q~rWI?MtT4TJ?72h<A{$V9OU+WTx<
zxdLh|TjM7YJr&Ce@mq6?2Po!b9+(xxazo>HtD{HDMpwiJL)yci#Z8NNe*_|YLGK-8
zpgG{;5i%d3xx95M!@$KPo9%k<*^a0hk|l`V+;3pL^zA@(8c3jqwZ&Uvz4ZQEK%=@v
zuRzW~Kqx?_fYwC7g2RB;M0uOD-GM}a*2u-Z>##)1vQR|IuE60{L=Z??Qe9C*&O4X#
zK7QoPgq=MdkX!JDDzJAq)>0UTe(~EW%0Q!#@rXnQqR>PF3Xg+C2HzHV??GW>E?NFy
z;bS;{tq^*H;l5a2VvR3DT#e0t-kuhrY%z|~#R$F`jS#iu6b0aEr}8s9tl7Ug<Xz}Q
zHGVy=;$mO)_&pAMb-;gJp?(DnST_N7?gs2$j}+k?1|4^i>;b*vYQO*CiNk=+sD2%i
z@wkRMM~|}0ZRy(W2<ZB9d{$|t{Caelu3*Lhz7zGj>g7!UoQA`QoS}Kc{CK6S!XV*y
zXQ1&m@dw~KIB`%Q2p~8hO-X1VPKC#N{mb?hkNUcYJHg(wuge1`#@;_6>@&C!1`2%N
z(q*?Hqkrr`!GfXzz>a7bdWx|f-?0K6$sg!Jc0xKj4l2HS@$_TgIs$@R^Z~U|6PIcx
z9$5!XIv!Fwo^>XkX*2{y*a$0^sI<!v_d-s54w*!~3-ym@?-Ur4y`sZIL^+CBlsAdR
zRt}cH=kqPyIPLK#Y=r#EMGrI?cV>yU|4ju|vfiE!@SDqRWf^8uvB4Rq?U6NNJTT*@
zw)r%rP6;7;oO@0!FI?T5Ce`*bNOp(M9aWosw;moVxi>ehEGIrwxwWw$^fB2zq*K|i
z(e+wjP1xC3Z9)QSa`1m_wf-G169COYdB42e#Mx9@Pu6xSYu*3hZWt4;QHB{L$8vqF
zlqTbbC%lHVG@)Oc#!;sq%z$dkaO?oJBuD<iqQ#L`XCKUvW%DzkZ98V_W5#W2!C96s
zj@+dQP@lw{2@HL&aE&RcHX1s=i}Zq}5x=f%pre?bG2BT`5=aWUW243E`#Bdv$^+?9
zuz06WwP=sl2$*O~|Diiljv2vdz$kvy8TVEOz?tcC3|jy;(C_u3@I@YlXQIoJM~52@
zUSzkAFMw&j6T+4io2ie$T4w&fFX#Yi<Gw^mMt>Lmxq}18a@2X-R>KR5s#ZOkN2eP!
z+C}ACI3Bk(1Gn7FB;P|Np9Xt*>JK%X*{5QoRvNIv8iB3HF%lgwMd28Vg-7heAPBan
z>?W|jrIQSaVO|o+iUZvW?1T0OQ`^D#pJh;>685ALOU?$i<Pw*^!Z#FCKQRJsSoFU)
z@e=EFf@#QS0yl4nH&-3ltw=ZPYA|D7AF$t=(Pe$A-yVEMO~f3k+uwKy>>X%Ms9blV
zaxfIZL6J=zW^k+*70V&6`;R`lrSr3Wsi6o*mK}e$mPi?l-`A3Ym&#R0-;dBfj(nXg
zDhhlms8X|<J_<4fLj$ZB3i~C@EAUERo%WHiDbd9Uu)28_^k17Q89Sy-{emX-2iV;#
zDWu5X{)=-!RsGlSCPk)Cn{h8BMNLJT_l)Cx#f4#{f+87Lebmq_NPkFsBa&>DETc&x
zH3we#4{A_L*|H&xGUcQwaxavZc$GvN4euZ>(DP}BXQOf!x~W|;gE|d8Qi5VXNmNSK
z<7N_)4hd$s$@H<_>Jw!~y)E5pn6!zr2wQ+v4qP7Vcn5fv$@-4r{(lPu_#1Z$CHq(0
z$-Vp=wk5j?fFQu+_uc%L{c{=q7Oj_yuk4h~FA|5QVfvzLeKlT+ovYTnEED^!ZKGmw
ze2B|Xgu{#yqI$Snvn9od2EDFOW3w(>cxK)R&BKxXJsC_Bl0n=UtCh;v*&FUSiu_>8
zzc>W&o94Xj_M`PT+KvpxX`v81Q@jGUA@@sd?Rui<{_JOtlKTYuMF&p=$DO{L`;tHU
zRqOzQpwY{}c!HCg8n68w|Kb3oj4HJQUL;_;_n?m?YMZ9(<^6on+-Op9S{~%Pd>m{E
z`KI}w_BOL*0sP!rynn+0u+<$_ZV9M7K)V5mb8Wz+$7N)Rw4E(P6e)q2!HT0;d3mw$
zQ;KfYKX)zx#2(z7-0a;XCj<OHceY9Es>@Mu^#AzXIvF}WC;tNkF!7h)5x15kUxka(
zgBoXS(LK}D*t|p|x_r>w?PHrU^xqOq7@zAr7kQ8RmR-NLDoP&~=C@#*eB9?Qx&=>7
z-~|7$oOdZ|_-owkx$ncQ*4!=jaSS3Dp))B`HqWLVu)LdzGW`>1!bjY0`j#yB1AqZg
z@URuPU0TBb$+B#w6N}5gal^gSy_Na(yYK%W3qYY+Irl$U0Pmdt=PUpK;W=rI0~2zr
zOgvBPoqe;us<-sKn}xh|5dai0@elI~cBPfQkoPURKA_W2EMOUWo$AxTU&s^#`C}%D
z0lqqHiKN#lT#qDjA#=Wq%tlo-=n$4j{V&}Ugr1j*Dj{gsW0tAEIS2vYLCBgS(&pxK
z<;K-nOn1I5PiBGC^%(Um)w7^+@IPWv%7y<Pi=vv_F13FA|3(eI8sO!(%>>fCL`+6q
z-}Q?&C8o`oc(qC62!sjr|2G1_G2^0jh=Oe#==^>qhqqU7^6f)u{!F-6(Epl;as&RG
zhmsrY;e-+x{wEH#kob?`4R_GI9Fs5Q=h-LtcCN9%m)2fFr`CONon8_9jp~1}2BT3(
z{xQ6@|C`=9=0Eurq1S>?)VN0__Didu1yU=R)E*7qZG~0<8oE~caeezEep#Spm;dWY
zXl$~=`36bH<@0X+T$30ghV}{bD`)DIQpRBqf|Bg(s-C$X`fXZ~o^v-EhOgA=<CJM+
zGA(wB_uIl4>14(N<LivWh|31L)lTHmMo15@>1p;*Ok$;ZWa(|8xfT4cFW&vAM83(`
zJrEP830rI?IX?NQkP?BJ3m`8RLEUE=9(nj~DQq%=e&5NT{#GLybNYDr#o(O;Fy!s6
za!l0y=si45L4#k1p&R=S)@1<}kw#*O5$6rF+fG71(^+q%t^=lHlU`MjtxCs}Q?tT^
z^~!~{%5@*gp848v6h8JE6IJH+8ue9lYpm+2Ri3wW)ruUQ3)jRp_lgCT-dlCC3!n9I
z4nOk3R!Z`)Xz6W7h(tEw>09;EdHh8TS@K474>sFI*l|i$<SIMW&3o{VbW_GNynSn^
zN3gd|2A{DJO`LxeK_1-xOSF{0INfXec}?sFK|wf12erAEEy8d%lZ8J5rGHbw#}qN+
z$k|YDb76GJ8}*9RHe!6GX}b{NKh~ho&!|f<$Y1uwI~hjp?nKsHatvG%ARLv!?r$>s
z%lh%<*Pa?d%7xwF@177u-|>g7kcV!*vrWXR0mm=A_E@Iuky<j`z2Bq(V8o)MgEhf#
zG^Eul($7j<;?NI2<03C12vb&(PxJ4`bd!VaK>kCI-2TGhzZo-~QMiH1ml<iG{3Uz|
ziru)!d<<s#`*M^hN&B8lCjaW?>Bsvj>B~Im%P+oL2@yJa8j{~8$P+i0VOQY~uNW#U
z*};_IPyL8hqE%>=wF7<8<;DdlD2*t~XGv0V9-U!8d5==A_d>3=amSh*zLBEinGb0%
zB6-SCz_Dv0My@dZmL9=MEO<>Lg-}3?ui(fYVq*1&voo*>2dnE&crWilP79v>8#lgw
zGIhvwJA1ZJt;~FC{S1^IPD4kJytz>_G5b5KvEu`m>=Pn(=s~04>NrO6m@$|x#1$QV
zjMq10$s+A0-^kg8Cpn4<%=e*UE@yXmVVY&V4}QU<goU+^*`|JC<$PixSSuBV{P;b|
zgyHU`H%G&7iUhWd@|{NC_pV~qJEBAk<;+)td`aEL@qtX;c}anJaa_#TT)qY;w-sxv
z(^GGbLVxgvikpg&5-L)*q9;5oN!Wj9dBO9db5Ot2Y~NVfxrFxD6Y5Pe%`rEFK*c`4
zr9at3p<^^ZGgUj5Mt>Bz&`lQVV4F_fhq+!}O!rDPVo%lAjuw&j`@3Y@cC|u}w%fFc
z=r0qNPj`5hTvG&FfPf@t@iKFXl~aipD!d<1#jsRei7SS`G*K2M93MdB;VTkAXpKX7
zX%{L`uzG$lz$i^>!*Uxjb=c<S<hR8-aJjS7)7B=dvXOf9$8Bb-(?v;dxgnPvT?3Zy
z?SiULR296?5{xPzhTH;!Ys-^$W(`0~SXrNnwp=o9supotHQh~x4bs#xsBJc1%k?DM
zqQ@e}6?r5C4cl2He(M~TeMM(7x>X3gu?f7nJ6W@4B+Md&<bgSST7KumG;(STKYE*3
z45CT4OOk5(#w<xOOHt4(5$1spc>=(O6m2#r+*0Q9VcO2h+I6W$$t4@j=b+gb7FF35
zO^(NIG8?lps)!egU9b8$R8+m+>aplm_i1Lpimz1HIvCc{=6Eq`eIG-SO~vKV;)e!W
zr6x6}h_`cbpB%wCgx6%}VB*JRwYM+qfPI{z%bYGF%t4RIt%&4k&%=BLxjU-Sgl_m#
zY)KC_Yt}tkv&17Gc{beSwr3svrA1qa%dAvtYOk$+U=+Jbxcgcntt&3ZB_Ekm>R~?O
zq^HD&-(L=5XDu6k$f;rDuJ6TSdeE9_UZZ^8Sr_S^om``OsGI7wLTj2(uDd6qo6l4|
zGb+OjFjz6kDF@sLsXE;Vbaor-j)rI`L`UOy-a;_YVyW@(FM@gLiHNZP%<|Jw=%3%#
z1Cw%{mAC$U{d&6Cwp$<ld|3?uPtDqD(mAuziuJR<%pJDx;OnsaCAG%)LBRzhDvV;&
zE&biy7k#tm!v`u*Aqa8RJAUpujJ*`%kBxcYjNu{ZFv+MSD7FMq5f~gH(f<3-QPZUS
zk3E(uMJMT(&)*8&LJ#Wa@L214%=|rMA`i}UdF3W^-?|FiotTs$(>{Jh1yv$Y^erQz
zS9d%&u3+~WjMYPY_E_4<Nq=e#e|fn3vvXdVJ%5EBbrD~G+3l4Neqs6<5q*K)_I!|j
z(R4}5zO`^o_kjH(Liz;W$@2}A`}Hy8+D|pzv+;pP{hMk8Ehs~diR7{eZqqjuoUv_B
zI24glMwqaMgWQ3(O-yWZE|>TMqcaFQ_w2wA9A)B%7ufUccVd_fh%~W&^1<wCFPKLb
z$!g9*ug_*7F<j6awebf0V&${6a*etl@{J8z1rv*pvW79w)|Rv4>=E#8%3|#=@K{~$
zN^v)lHV9@uWY{%BsTZ;-`W4j;d}ul&)s3?notWb2R^6Kl<WkMc3g}~luTCivKf5JT
zHGOJaQD^<NWuKLri7|f3T++5p>XnP5geCJuHkVJ(W)@9Wdif9RJ9}5Cm13;TdS#fR
zi^O3bC1~c%r0Hol2b`}<(>-AN(B^^#PDhG*x(l8ZmEJ-~mlU~0mN`tMu7tYUVOQKG
zZZiJ3n<ZR5eJ&H-*XXFp&aZk;A$Q-CHIGQ)*qF}Ep8d?+K6K~`U;1TXK1!fS)V+Ga
zG~d~LoGu0|tVZ>k?$e}Edi-rHJDvev$8a2B1>~11R&y_Hiv2D|`fU`bw=CNlmNzXH
z6%ZeZU|b+UNn#)Yi*q1BUM3LO3UXahL~9|CbFvhub25G)o=gZZSE@9qbJcG)ko|Cy
zeN9#euzjde<oF_0lz0>I8i-M+3g!JRcLz5c?pr9i3#dd{Ll_PSt0?2dN5aQvi`2UX
z@hGu_xx__9gHn_Ov=fTl#By4*r-^haXGg)JDWRf?j>%qQ3PI(-Vj!ug%!P{(5HdbX
zNp2uXn0VHC@W1<o!HBHrh)>Ly#ew5XV-G=<HHpDFsd<26ON)VHQ=_i<@btK8oW78c
zWT!9afBi;-h0)LCEdW!Iv%j%og(7=Im`vCeWtYr=pZ{bl3Q(Z?j^5ZdL81uuhP7|t
z3JEucX@nto8@NwH@<PG~O7_J`miH~X68`MFFDg~QEBjD6Ivt}L_8)8>i{H<++fR^b
zN6Tt!q6F0>jHvvT<EG&*hCK&F^|#>W?c&Dz;gK;U8tQ8NM&N4kX4ISwI~kjaFj(LD
zy~x3zKW~S$kojZQ0zs;@fSb`K&d>p-&=wtLtOb(PmX7}58&Ga{Tf6y!S_#pHIoT4)
zj2VHcqdW}Qk)@R{0XmEnBm?8Cq;bb6l(33Fp_{tJAk^%26C(LWhKXL?=sibNg^2Qw
z&Y^l2Kb$k6oI_14eRxucY@WB`us?Q8SeW>=*{@VI2oE@(3kccVOF;JG24Qt5DR$p#
z&?K)6G<9vir7%DtJFNmE-zXb}ho?!4i27b2JGDJ%+}$A|IoJz!(h~3odvXpAu;>Yz
z>(K4)xJ8Cmb2QOya5%>ZeR&+Hn3H8wMIaZuURB@97k;!>8gLAv8+%N^D;yUtD}#57
zRipT%s^utzbY!LwL#S3YD+SoR@ZM|zRs)9N#Z&BS6W^`4xKp>m7CKl!@L9z9MfV)v
zP#8I^lc26R9|;_BU4APkvWWOJMdQ%dQVTmf%5HZsRcRAyNRK|4Wl3M#t6PkjlnMI^
z14p6pE(lkuJT2M<N1+AMEcfeW+1d))kooWDm^r3cGA`nnZq)x6(sS)X8q;sH&FH!_
z^>;S2)ure<8PO~zZMxf1Yg>4J7D_;fFcTe}4q+j-xB4*Q!OhUmjO`n52u#=_oUUju
zc0CUGBD*uoV@1r1tsur$ccEn+)>^j6v&mJZjoEtygUU>yD^MzzeYjaHXYMO$w3MDL
z6-$7>5a%QxW#3F~Ok~-Xg>q-*svk_FxGkd>x8%AUXN~NF>JQ<zGIu$?(^M&c#OkV%
zgn-6qYLQZd6L}OMcX*(Fe*;!Uy%1-k33<gissaPJ{|3fi6{%vuYhch^)+4p3jKQEk
zzaH%(5y|_uhf*;uebDvddJQUwl0ioiC?P4)L!ASattcT^q__mP%7G4mrsyCk4@TN3
zQ3Abz${{H+K>f3Qh5n3Cr9yh6{TTrUr{oMIv~XyvQG#A&yS|WIJ0}L08EpB*=I)fg
zq18V9Nad0F+!W+yafkOnkc;B#yIr3UxroihYVS?7L&a&0>SlpjK>-m#e5y|duk=(c
zv6*B~2y%5RkAvgM5Y^EW*vd1w$)X2@s6e-S=@!`zjHu9%ba;K89DObWkJz|>BnYF0
zD>*bEw3RvqzTzo8gg9u7GdlcBB?`Db7~}@D9-C;Ns@-(SIWVbA^j)y3G$@;w2iqzz
zwM_M0kQTzyE0UfH9youG!(m%p`wVh^)nfjo+pF|fQlB{1l$#cc=mK#16o1wfq9OZS
z)Is{xy3cvw;(ioi_~JWgmAE$(kv!P0D3N^hE7<N}sSY*Lx5KTuf@N&G(n-rWtRFbT
z1EUY{&zI7;7vIqLwzzVI+gTOe0d?AUWuTa?ts9>2U!ZCR)~dL}qf?dbXNziWLJ2kT
z%2rmj7?Fe0Q9>!FKc!PrJFE+&xA@!zlTLq1rKAQ1diVJON$>kw<%`-Qafz6;fdyt4
zNaBoQyNgW&RgHop*eZ-+(?<dJ0*_)x4h3ct8z7Bh-<AYr7yQvYqTkz~D&!C)f5jK7
ztt)ZLs&<@#%rtQ&;`#+|YVCPo%V5IZnC(H|%&Ssn$Zg0CUuwHjdeYgKOyq-tz>VV_
z<AnzY_e}wC4V6W7!t*d@J5ClD@)+{Kn>(z8T$n=QyY8(4vx0+;qYEH`T9agm@IesP
z6(|EvL;*wtx9xmr{$#VH?~z$^_}XZFlQj>wV4GbZ@ImupChLZA!3O(ND!YpP&yMs&
z(c22K<F1RXSlw7_&z+I*YRF|WY`2@w7fZB_2TEDYXHSrqa<-c0DHSH_!;gHEPAO2=
zs^*~%GyBP%R+Qu_U}^RB!c}Dn2yKc?R>28toiLrn6f0g)i18&Lv!8b4wq|J%Yk%Kb
zU(%v~<E+wt8*gM>J+-L0D#?-(ioi)ON5@kvOic_$X>xX=R1#^TSNh2<ELg4WVzU@|
z8HoN9T}H48NA)LqRLG*Wm^Ij<byJNxE=EMSaTAK1X0>`X1gsxV@J_pw_`8h;=$=jQ
z(%nnh%lo|X&I-=kSJ_bETyUJ*9Ye0MvRkv;?|h$>%-$}Ljl#T&sGNQa2q-$9X1D?a
zuEn_~>(D14K};zQWWfmr1V#GAa_(drQwm^8NJWJFY+00iUG1u2MfprcNKJ&g4T!o8
zX<Brk!`mx_UR{8_k_*V?4dyU)n%#!2adct;=9qurkfeb>a0)03m|cb(n7wSs8ZPUA
zO*k+Mn8U#s-qo#=TX5#Z1M-;b)DQG{75E<RxDDZ0%ipQjwL*N6X%pL!yVo^?9%vr8
z6qUp$@WfgA7I*=;e4VIVCq^9GQSWmTxF*UQQWvt--oR;dZq>XxGSpvSdwF2(n1AmW
z_>X1pETFXnXe<Vxby1Ym2#`Ez_SP<rRfrxjkjl|EzTs)PNAE&l#S^*;puboQfc_5C
zWKMw$gGNJQDNsXWG0>@-L~Havz!D(}Zn-bZ0w0Zm10D#yUgZ6OchV(U;dg-kdS5j5
z9u44F-(9;IulJ|}?ptnn`mC^!cnF+$j;*RFj-J}KBb>VA?M~+}6gUEmg3+-o`M$d`
zy5E~9jkw--7#IX7fiIUvb7~UP0D=kErR9E&%k7iNyz0oX-MUr4-B3G=)LRzArKSzw
zIqatk=KB%LTdjHX+O{v#s({n=-k5juhR}BYL0GHD0~n+lXzni9choWVF#PQ2o3v$z
zxNR`^=c#~n5=<({K@!0EGDcRqs#`}CC4J<;A@1SK-&HL-wR{5kO`pFhiy7z+d;yaX
zn!hP6$RVb_0hF%^=8^SC8|al}hk$$6oz>PXkkj=@CDM)e401UI1#+2!-+QV{0$1Lm
z+8$BvaROKu_0P8Q`jE<Z|99}z&4V0P)?P&%15e-^@Nfpxc27~?0?ApT?z*XGkUZA3
zl>%$XQ`KJW-eT6>3Nw{>5<YFdB_&B_LI|GmtvBmgggAbzvy9XRr%>SX+Y=s?+?>JZ
z$EWRpudauAh3YKa`?vtzjKdTSEBiA;=?I%@=S`%&Nmn^ib$)qan+$#NT5^4vYBW2=
zAILf@zC$lLI0(1o&*12|N(<ZC{E9<xt&&@R3L;^;`B4H!05h_1o!%2rZ8RJ;_E?g?
zuBxS>1Y7I_+*TJ1#ppihu=0N!^i&sDp#LD>Q939JU2}LjOm9`Y>~FaT<6Wz4Oa6v0
z3g4&yxTdck)FsJ4fvx|W1M0j~^;7Wt5a(RnyWX>TeBdJ%>WQ#&N>w|N8!oBMDtD~Y
zxl<2I_GC_T0f*K+kM5AC4r{FBHZ<MQA0jk~!JjDfjt?t#UpZl?vpK32k>q8dIpG!@
zt&td2XhA%-T5UooTu$r^ZpPq#)KC&)U$+ZuPYBb4A@s-2>H$}VZuFZ)&N`<41i5d{
zj15=w;}g$$^KMg5T7+Bg7mPoQN^d_HqdW67P}E(|Kc#~&KTgFUqk5xGS*G~XglP+G
zd9Sg{5NagAWwN>2MB%ltSbfsYM)kDZpWKa4zIltbC~$r=fjC|*Kmk!en5<%oa(Y_H
z;mnxR^`7rKxQ&l)<I!%>ktJm^MKNwKP@6(dp=w#ELoh_Un!kJeD-~^p+T$=0dICn7
znyyZD($%lQrK&us!q`Z0{6l42`X?5f%J>h*<b$R+pSNR3+t?Hg32Up^F%aC}lOOYw
z(l$tJ^RiMGnB|9`73L*|0aL1Xf!XGZ4U=7dz>v0?DXFLk9qo6SX;S(9iFvK71ZwW>
zE4Ls`wT1Ue;dQD=r-EjX*MuoBBIK48tg7EH>rl{|e#cxYX%N1h6WnSaV1yD#Z3XUD
zuo&-dho9XXN!#a)+c>SjP`NvxVyaT+()+-%d$`aEM=Ucx%y<_jl6#3s%Z~J_wv@`~
zYcsjVN%JLaXri!%f<Kfd`<k=guQkaDTMRO6yyd*CMYrny+Rve6(RWPWlOh3Cvu7MS
zwo^K=<V>Y3VJnTi0OM9-6y29~OcwCl<*y6bZ)icCJpDeV+Fh%t%S@gJOA#?knd_NP
zE;Qyd_42yH=#OeZvprQ+N}9rI!se&hq|d3E|AKddx?rww+*C%NYY5xIr$<WdzK-)~
zZi3s9xy<hO;}j&Tu`HBtSUgL!k5@`0O3Z^_V(=PDoA$L&p!$#Lbc&k{n{SM-O)^@G
zI+huly9W7Y@GG6Yzsva4rN>~I(nxnwZzf%wv9vabj=v%X^6tbBJ7}KK492wepmfKh
zRpcR+&($w{e!&`{kXX->CzM9&EA18PfCw((Zi%fMop{7e!^xqdz8YG37%kheLl6~Q
zF-&}L@gpBni%>pg!|2=N2@+&~U{bxXgwpB3yJIourBarmvB_l$UfM#<N57wGB^Ju%
zbp9&N9j>kqscQQc+!%Qbk%eP770&coRg_&d_xBm^jmc6XTxq!%V+wh02XoB*)Fljj
z>+^H5$0m<@rxe)aF}GG8v^`A)?@Rk08-$|@G9Hm_@wt3w=6T#2N}tQ-=fLB>-K^wu
zqhN0kT@mJ@SHZl}Omjo&r+LWoLinzBS+NSx-l*mtg$S=)t_;V|O*!;&8otBxg`J!u
zM+5#(yCIcw^nW+#VZJJ>A1rF*)(j^aDIHLHH%Ldjmi!J887sd&cy(<nSazFb*XJrO
zPL~=<9SLu^cL&^dxom$fU&1p>HK$f5Jc6>vblSLfY+gDt8h%~5cbt4Zz5ejOI@fY=
zWWsv%{&DGeU9~PisH@8>vT4@|v|Y5~x8!%*)PT4gPpWu5y(}Ss6xEuJ0uN3K{<?mP
z`HA~wCSI|p=f+Ln?V#YseK*oAp}W{jS#PP+G$kLcpwo=%YTbd)ZV?`E{0Gy-*DJ{9
zNbh0SR~F*Kp5Zxd=`5DvRqx?F`(FS48{Y;~eThQ21gV~_Si7ePMSBU0z(nKK@vwNR
zTmtvNQZmt|H5Y{Xn8EKjj0U}!*6_8RIM-4i%R*c*IoIW)QF2WY)OE&lpUq4Xkrw;f
z*nWwFxC}q`MRvLExf2l!akyV4({(ak2yW0P>6$IvyP}6<I?+)jECZ((v&;Ak+K!la
zyhwXok0kv+YV=8V7?j>{cs#3cxfdgr5wZ)BtiSRlZVP_tol@-&3+-yZf*Hw(j5K%b
z=Zi3A@(I-IrEDOL)DapV`F)S&Gu}exaGYErmwd@f3-Yk^(9sjS6`i>K@>}h;HE5<k
zm@6q7@j!Ov?~kQl(<|uMnyt3C(l}mgrg**oc8-@3ybA=Zi(lX=J|5_EBDR*`>xjRV
z-Q=pfS%_Nfd(hN<i{?rT1cF#Y=Xdis$N|S*CNZNB-(af`^ZLE~OotjLw?5$XP$z(S
zR)Dmm<XXmLqJaw5##=+;j;rwTYK65Di~xmh7PD9fr=Ak$T7UI?yTf=dM=|aQz1?)m
z6H%xmWv%W>BErV#slZ!A|GD@c%@r^Gg^3Bj-TE#G^&b4=WIcJXg#h9DT;ZH^_wpGl
z{fTR+Of*VNMwj!Mgq*wA!0k8f2eR;DGThGq&midls~evf3+f04ZKUjKMl;e(`I2Ji
z@dXl96ucv_S|>FH5Jna_KRca;CV1$XwCEXHY=_tcLkKL&8owUiG>HB|ZDfknt5HQV
zpx_9>bWK_aT;_dP{uD+g1*~e#UW?rs$sq)Fw@l1EX*SaoFQI`R|7}9uTn*{U*iNk>
zUFw~@%6(Wz?VgtGoSs|o??Ma&2tSt=LhY-(;q6U<)e`%ZljA~m<7AfCkVMQtoA;2A
zopqwV?-dNsxG*Ex#T@YQBYq-hLzQ^~%B;%007VS=6%k{#iLF0}$U}V9&rGWx(P=z*
zI=EsHB^pj7Rj1FS+XM4|x_&mJtF!5Ob#u+>$x1aj^l%F8K@K{{oPCWMt;e^<O;MzF
zf1-cjP%anjC-ut{#}mU~7naDKJ_-|yxN2FZz|E2fAnJs$a@?w6JX3@4BRzlb)fno<
zJV$GwU5U?;H1de$+sY||@r}~Pr}SG5ig)f`!n=(su|0r)ng2#mU2JYh|7J^H#}f8#
ztn4CW5Y)FHNf_S8>L`N{gtU^k&YBf)Qi@<A8}uBME(_YSzw(JS5Cblr4j6|rr9oVd
z)JGvhG-FbtY<uVcQ-5_v0jGRPM}nz-p6IN}_Uo%ScRq&8*VUlCj_h{m4XGK*;^Te6
z{8a5B)u8QQDIqChG;rCERD`1x*2-F&U%Hy6%0~bZ1M7c$@Fe>I?4kIhfxXE>!l79J
zgl&Tu^>wdwEoL<GtHnXZms0Ddw*ijp-c9Bu6z`S9YP4Wm3c(LByyv=~nkry0i{qq0
z2_*BDEM&j{eGK;%GK?EdgM5TCj4P+}36_#w_X7fnsFRD?bAMNfxwLyyZz&~>Q|vC$
zUaZYsy?_fR+qXmDF?~c;Vb+fhj=kbxSFY!tDAAXA!w>@1kAN5&On<X6hJrLU7Mnvt
zUH6uyJ$WRirMN0CFsg4TUjZsKMna!(1ztdD3Xfc*Vgy-08I#Wxp;KaRU|{3@9sTN8
z%V9;|0S4)%!;VRmP6-%TMp+T{4a(C&PzS;eA`Y4dniL)<YE1xVMxX%3nVArCvgfA7
zz@-s?N1a%PnUw9ttYCq$+ns(oR(*uB7I|_<Z-*Jv@({R2tjlInNJ@}~>~FU00)eZN
z45=pU4p;S{>VIoI^*h8moRgtIShy;%)?OHT2wg)ODip_{5(ld?T|))gWdoh&PXZ-<
z)@YPy8=!cm12%3;^}3k0Fkxl_#j#!Sut7w1J<PzYlU~aH)5~l@Vh>4-W|0tAzI1*8
zeQ4_Hmjwf8O(E*?zM{qaIUMni#omq)1k1jnrhH{t0_&YkNW=KaGzf?>2(<~0=2qOw
zgQ(&HZGVl$+c>fW-bCKU|0;nbPT&&-<{<rz;5%9(V5!j*(sF`Ph%A;#0CNW_Usd0%
z;gd9q2VLQ0-E7+T)6qqq$`@WnFG!WV^b~^?#w^U)YxUO2T*coD7a1@0S$3Vx5<U7g
zXK!;POq0gpOR>7>sLK$;5K9`b_3Lv4(P70yvR9*T%M>;so3V5s-M>@mGP;a=AV$iR
z?z{9wGvc(OA~upydew3n5aJFy?Ajdoq%OJ^Cz@B4BK}OI42EINBlY{fb`IV3xG;oj
zyVG1|BRXWSGq7cAYoc+tR_dUrmmmMQP&cw-iAs}>V`W)?Jbe_7MIaO<Ch%N_o;}&t
zU|$hho8S<WnD_+)8r6SUS)8TVGc@HO-?sV@`#gEF;&B+TvX@4f-ec{BrZUG2?dG=l
zmQO36(3-^?om%%Jo6ETkKb*@w7hj3@An#*)2Xr4t^*CI^n?dO3ZB0n^ZCX0%zRx~>
z5BQ5E{ID)Bj&1+$Et9CJqk5oGvxyy(Rk6LCt<@jXKGJW7j%SRm3mKj`os!eNuBG4^
zZOg$UENBzm4i61@t}snQ4$}5%u{B%F(+RR8yLU1Dnn`&2)JF{wVRL8F3VCA+GHu_J
zT~1bW-|w|F=;=%jR9@$P@zGtV@|$m$*e5E@P3F3f-0I+tJIMKud<4BW(h4a4k1|M?
z?r#~?HT$nJh~sY=gzPXJf1HPWDEOac5b4s{cNc+m9HEg~yD6Dh%pnUrRq3Afq0^`c
z_T1<Z%pW(a<hio?oyQOQ@j*)}Z`KWCdSHp3n$AwFc`bv%r`UMw0{=@P)JuNDEnLKX
zBigoT^91pCG()31^PnAD-9%VtwXa{ae&HVW1NbeVWnJ#;t7@CC=UCtjo*rUA-{Cht
zLay7}k;RWsmW9n>*lWJXO^eNM{|{~N033PSZhLn;v2EKnCdS0JCbn&BVoYpvf{E>k
zZQGh;qSJYv_uczBd++mAeW&VFS30P!^qqfIy6<(b^;?%d?Xx{RH|XuDx6d6|U3e7r
zv;tFbUKhR3cGorG*Cd_|)so$v=LeM%R=+c^epQ<&l&B`v)w6!A7E@l~oTgPnBI38a
zApPj;eTa)JxA~}BX6(DRjxBwy8s5$$xA|MA8L#P_JNu#j6aiv_7?nEovK{#Jqm+pk
z!P(9NTwF~Ku@g9L<v{0(eJl-fKVd<wVORDY63Z~bne>ai2wNn!Y27%IR0DW9>%Q7c
z7pq9P_0|p^7{X-1uMf*At86|pC5Tzr%;PCMeGEV-oxIT4X#FG{HJ#FqS-g4zuA*5&
z-%Y`)=XLW|D7vI0iVCIGGa{H!;@s+NtIqaFg;I~#enF)4HHcs&ET~&ao|qOJWpRe`
zlQs@d(|S<=DR}$xE$XW32)qN_Gcke6m#I35ao!zBFi2NurME-VExeU=HT8JD>G~Hx
z{U*lM)GC>u&c~$>y5N&>wFObG>POXX&K24#=&emv5dyE!yb=_7Tte9D5}yV%X-h|^
zmSgvVPOlCsi*`>ivWWI+YwnXva*aVm+yQpSQO%T{hD=-j**Qd}Bdut6<o<Xmk)dX1
zIjv6%IkI<?zzV0A(WQFp(ZHgO`DyRi(pO%N7@E2mQJFi4;}mhaNXT||NY-{*4h-0H
zcfCBBh3MZ%KeWr>y?l~dFkA`CIrruzrR9Z(0+I<)XY(pJ1i6Lvr*b;wq`XhJ_kvy{
z@Fmvp2|;c<iysrr>&zoyq4WzyAs#CbGKvI6O4G-JP6+jYCjeS6YP(V@J3$!1ezdY=
z5yi^X=_M?UpOQt_xSL&dz9#zb!4>JRVz}6R?yaHPjh7YwVeFj|KpSbb$vAlxP|~Ev
z*I2a5iO#YNsz{GCj}g`LAompLvfMeMo9wEnX>(dU-(+NYS1c_*;S??qS%)Kt{Z6*2
z-^q2_ODRQAJ2_wdz#8|*{Ylt^;PqOVTP(H;;t)^Un3rq>L(IM2-1#S@O$yq&lN>OD
zP%k4*GXzD;rCJt9@0YCkHX^U68X{#~Sj_VVWqRGi^P~_#Z_tcWKg!i62t!;RDuiEu
zqTmx820yPRN7Ci{YDN9@rf2%C55e*qDgyWR-@6-1Z{Y4G^9s1TSuHtt&}jW+!^uvk
zo2PwYRQ^dsfkz)MaONrS`G=PlYOhUeQ7gFD9v8lrGUZ12gwA)RAal~NmR9`GCGey#
z)!K=ZvFA!V^<*ePQ-7IsO>^r&lMavou|mL|HlgRMz_W818`;Ra-k=V;mfm}j`Dx?%
zupmB)I)X)CFxw=^vsC#8^5O31DdG20D<&uW?Z|vs6{Zcc?V|ivo_SU4%G!ha-bhIo
zi|>jhUuX?;Yaa_%FEFFA;va*;v8W)^twWg{cjI&2*5WZ(O+>h;-Y<yo(C#|}>=hi{
z5<L5vXrx3$OI2`4M0g`Uq5tvv1k27zr-Fgbv)WgRL`K_N{Ras%Q1{*x9>H4um8Rm4
zVg=ZGn$c#njm1UEpVjp?@>=vI`7Yqu|9DZr^YP_`jzQw?$My_sNw(`Kfx00e>rMu^
zr!c{3Nql=4!depl>#-0`(~PYq)@+85pc=B(kDc1lt&s?GV<rZDYEpi+hP2j8S{<>E
z)bjyAdS;`b$_%F|rsCxBbcqS|$6hUm`+7Yu^_nKK3KmDO?)L)P4R2KEz1pToo80eU
z5EE?WzZUA_KEuas`TOgFI~5sX_CO|oV&lldKLLv@%o8x6ya$O}6Jc5hNP}6b;wX$_
zF$2w*6+kIG(2SV~_wM;j%o59|DW>5rMAvqz-M2<}&FtOV4i=uE4u2@l%#e64%ir3(
zuDzZS%O@hS3nkqi!<@nw!{ib%B+7Z6bS3ET{xjQQyA_$yDcKHTnZcehNF4C$m>(At
zy5VQk+HJ)?eeJi=NslA`Km&=`&kG+}-XNug8q|%X%9s#Z`e&iwL@Eq1z{P_S9=<Yl
zU_Oc@97#Q_#dDyA$Nqv27WD8-C!75R8lDy0P!0Hg{sEMh$&bqr_h00j+X{AL;$Sbl
zML?&G8GdhbxoiL+ECSp-FTp8Xq3N<%ad-DBlK?kjvqBizS<!4l{mL}HL>OSAd}68N
z(BSO>LPGJto%Y1<U#wYKa2&nn)pb0i1{_boU-y6B&CwuRLzJQ*E07<!fvQ9-7pSR3
zC`h4oCcl!MT43FisEg!QgFOr!c$JcbsSH~}iX(9V-Uit{WDL5;*jD6Wh6ewPCVzFZ
za?CbBO&4!83|Xs`YtcKe0=({%@3?;BzW<YoJJlMzpsEE?8M08Ok%c_f#y{OAJqGNP
z<Gm!{&2{z4cTHZ%^M41LI1l^Y76$sZNb;h_7V!R*`I0#9B(4LfAmHN=2$gw!$VK4e
zeIy`6k%0VgBW5Cl2~6uxilXsQ<|wzctA^A8H}oQxHosl>P?C?_f}x(CVr3geUf(f8
z#y15CV*<mlLSldKLPI^qR<VcQ%-1z$eCxQN{^r-mj?>YbGKhZ_kn6GKV2vc;w-1OS
z&Ar9Rb$S{AVJgN^g^b1oV1Y1wZT$c%6vNLz3{0ZLi@$&{W3YkuWBu0k>wo-G$|f|(
zC+r_x4@P7h!6Y=ObW9;KSk&-KYl{BnrZ%H(XzK;S-wALCJnYW|<H98I0!;MH>p(R`
zaOFB#d=@%%*u0lGv|}P4&L*m>uE<-|`3X``0s&Gm7E5pJ48_D_aK~fd3|tR4a6RI&
zss4B%+`#n!(*+;vag0uJ0pY=52S394y^eQ;#c-u06z37>Phbj_JA`5=6jwAOCmJVX
z_Pwze_s^@hKH_P+SM)*@IiMO0XiP99g12O2R50sIGTd2K<FC=>x&l{p?y&hw_<R{c
z-?=XtFV{;8DYxwmaHK~9H`M_=LZ8z0b?{FBIv{x_0U3ZKQ2;rJv^4Oe7-*l6r>gma
z$N*PEhYef}9knJ1Bo{R%I2Sc9;7iIUuuNdMf+SOiXZ0v~3p59jw)a=ib%b1?wwO={
z&l)3EBFF`)|1;osQ3BxitPyYMGtG32@g(Q;V*rSeb7s#Qs@)z+Wl=*rL}m@l7Q16f
z1zGpr5Pr;>%a=D_>x`4778~AkyG{)^iVsf$-wOD(dyn5m;Jf$N_xW)(phH3NOo`yj
z7k{ze@`fY~CIV&`cv-(|(4A<uQ9-rSQDGLbmys9YRUQ6rxCzm#^!<~}>*LsIGm@J$
ztjL;_Yj=}jQ7@7QO|q@go|LacxPKvzYMgbZun8CmZaM=|JxDw}@yxej@uJ*87FG{d
zz<#0#?mbkJ7y5E3#vDLy+#?2QWodD0ur1x{d3M>V%N{EjAW@A4&XvCrAWGPa`;4=p
z!LwS~pV2($dYzO@=qF6?T;Me~KjdqV2;8m0H!3hKe|`^nl%)NRBGf5&n=f}d*^Diu
z0+X)<e0mxPMQY&Fm#VP*A_iSTZ?NT1&}={m*AKp$<}6jhkpLsCf}W15b*J*gRuK7d
ztP^95(e^^&$AQZk)GeNk1<sMbLF@!3g8PiS@=YJF*125KC0ZvK5<m(j4jE0C3?7|{
zQ6X_4j_%%`oVD);o$z}H1caKgncKP$kMWhYeSDiGcR!ja*K`@g0swTMl4XGIQ*!FW
zg$z!&3)eyKiJu-Ne2hjCBwged3^*N;fg-bkVxc)w?b6roz{wJsGlfPl7aGYULnWN+
zx%y?Pc!DYdKI*+Y=mJX9OP|K82noXI`*DqBuD)8;r*Yt*^e;w$m*>l__l-ZtB@4gc
z{|pIM%ifMwu${Xw74<i&{j~k$_qDYcnU+u_uW_8OU=f9JLJdZuv?rY2x^rhv9v<om
z#XKl7hU&zQp0L!2M32nwib@<ppD?1!n7CUVQm?}l{3IDyofEEb`L`OmeXe$MSF5#U
zZ9WjUfKxcC*;JdEi*!f=hAk97pEr9u$*$43ZEJgia@)-7j5c89hZ-<?*)Z00>jA?S
zaEwRa19cvX5V~z2R&1+#Yzr}?%qqOeyOC)@!Yo;n7b+3@Ol&jESZeU>Fd>y&EioE_
zlTFN`o)GB79n0E@DKc{cwm*#aZEwU-(w{0OT+_XH8qyzczL9^u`KmO*nskdh4xpa=
zcN>JRE$i##1^((BPojcmf=~!W>%QVR#@krxj93u+UWM9E)>K)In^+}_I%A0+<^!I8
zOa|SiW^1Lu?taXWe5Sv@1H4+y&%AZ`AwyZ$CaZB;TGx6>w?eOESfg546@`RoS)Tej
z^#`_6tcsp!QJ3q>xbSNnwrY_dZgj<hacoG_!iMRBdH$lMP|(40rn=8zXlfTaub}cl
zYotRDwp3gOS(7g6RbbSjfxpkcFT>RB5WkbWfkczfLPmWT*NGEUPcTSJ-3RxvSn80|
zQOI*|J!4*yooM_-t~WL(cp8zPvWHI1j1Q)~p26T@F)+nXb1&*>ER}?dk(8};lfFD<
zwa5XTh1_NC5cm9_o`%;yJq=`w4^LzNzj_+ri}s@%UzjRjDU_c&MI1(wycyES#0%Va
z0#d-qFWC=Ijr$(uysNx98!}>5W}@fs4CiOI6#@>N3gs2P^XDyQx4H+?uRS=&lrGs=
zEq#x%IkVJTy@M}@Eu6{5dBDQ8F@m@ygQv$>f5JoVBLzx(sP`X%iQMWK(L9?t<Sy0d
z;@BbUs#2VJzER&dGaVbA@vklB>MqH?nT-{sC8P*t5GIKQzuy>W_aZn_jPJV=QLK5m
zie4xAJ@|zoezQ`@Bh@?Z0IwQt!)O}SH;Vms8SnOjvG<u1%jw#@mNqI16id7QXZM`=
zw3tM|^wY+0x?vm|RskPIgCw|dw`7lGYQ}j~JWo@T+^w^<O`$fbmub*AVl0D(Gg`DW
zzIX-?YS6kEiq^5L152)DuW@Rm>1MO1W-)un$_^)avy6ng9d?j-vGMg&zCtr!cwy!k
zQpmq`e!AU1bpCGkzjS{1zjZ!a&i}6S$LpvtXBy1b&y){oM&DPW&p)S6rrJk|Q!H^F
z$$@KcKzk&Sq(*}gzDEZ_mj+ea%wAIq+kJA|>-o7zeOdY#EiHwe-E|b-^9^qJrzi7Z
z5W|HY98_P!m=nuStlyIfau@lfQ2L%4c)t$m1HNU?@7UKBO@yzq*vOPLRcOz~e#$|r
zA=R^?3=OQ(YvVjx>%7vkeazST-CDH#TaOkz9C3+FY4OOlZGGFI`)%{wmGzwvZgK)@
z(laQkr*;w7IV{L*{cT`ic?<i*b{FE2VBn(RBC#gfrzI3GK)|(A;7@=?|3H#C)z$uy
zU5NgposRk6j)!vA#EZj+&A}poNvpzPxtM)&_kV3xkh!5kWonh%WONqIhD}6ceU-^F
zO!dS+L78E$vvui*<{*_~Gu9E!!dA13>%7Qa2wc4c%5%)r@LGxwdHyc^PkGMrFL^#;
zRaWv17be2$7&Vw49)I;Bp%0dn=^ygkHI(vbiSz*90ZbxHH!$hl1AED_ZS{mEfl@2w
z{c`NV^ts-JI+fvmaMScc?PyLuK7))zT4HHhZ1R7U>1j^-K-a=(ct<nuawl)6NPZc{
zj#0cMx<~V_uhssa_61(Nkc^kLymz0$ti|06ICY3?K`vu>YiCjZHuiIgZRb5D>MN^~
z7EBkcwI+utEns6_@rv&+@1p<cfAcP6*V>Fee^V&`hj$TPv#qt{Q@Zgj6_$n{0v~E(
zJ1q@CxAAEN`cL57osIO4HsX-Z1Ep&wP3sJXJ~}-{-U=Q$ch7#zzm<CRz~@7tQoq*M
z+G!H}l{_ukjF;m%I{zG3GHSk;An3DBzH`|xp<aDp<goiXG*BkOmc?kI@1sRmKAzHv
z3a>!)cC3=F75r98tqy152(w>GQ|&bhIB&F3TtuMQ$FpLomSSKW1_XIU6Q$*6(p38p
zW@b|^iHNO!!&NzU!Dct_2mj-nUHp*A_yt0)#5|pB_sm6}boAHJAy!36UTf~;S(f-%
zE^#_hg~ZO}tYC~e<6&m8(jD#qQU9j(G0RJ{t=RhkY@9VZgNZv@S8&wD+2nwQ<nXW<
z>W`?7x#w{t@~`eF%Ff|CJk&FNx3l3Z3NLu5STJwBrWw6kt<)J^Tl`KeU2hh{OPB(7
z390g#QKK~*lVYLYXFk&hUl#LK$Sw6qy1XC<aq;=c5WsBp1Wh@MSo)@{n_BJdLy0ZI
z-3V*8U#8Qs)4a7(_davAMReK6D;0WI&<SK0&v+(9T^vVMJ7x^eZfj)^4?@c`S?B3=
z0lg4um(RZ+EiWuG)mY<D%pOfW-1Gc0Mt!7;JL$eaw5#*2XW;Y~a6O8Xz?u>qre6UE
zX_Jw}i-LPTGD?ZTsm49Q#Ajdo5_D0=!y^rT4^|A5dE(DI--!&UcT0R_{E{=HdSm<3
z!W)iftq7G1jItJ)a_i|U9(Hu5P|_SWLee;6X_E{e#~X5-v~J%HxQoJ65%BM!Ib(P<
zHhKCwHIjVzom<ZBfO6xC@@A^hCWD6^%mvhM+S-p9;HQY{XLwZHDZjC!-*f9<vqY-z
zfY51V3?OB?{9*CE|HpdRw0!@|2KgRN1#A9wLOiGyW-LifiCd2h<GBeX!!D(3qQBU~
zus&Rm{+Y8a@mVJdl123pK&9R<dl!^X0-sL;LUKl@3*^z{Tra39@9Kp3?N+Hu;pRsv
zTqG}wi%{O5$jN)eKz7^0l97A@Qx26t%3=L%WZq^Q2an>hj>V{TuNvE|4s}LX{odAc
zuNp2p9(%+1(^f6lujRXO-iY#GCHX6Al7ndOq-x38hl_)VM_lR3S%-Nu16!ls1ngRL
z`8iJr-966}f2y`#E1RTI`NlH5la|ad)@Di95}C#x$L2N}9h#kgdNr$@N~zY&RMM<v
z)4y1bCNCY(4HVFnD8^XG_i^+R3=Eo0|KK&gflkn<jwOb$zG6dXz)fs;kcZ%}bI%~Z
z+1`7anl4NWG2SsCzZbe@&>FLi6*Q4tq~%fxku%HT4tDzGd8U5qX?>^KK=9J~Cy3He
z@8SB%q+K)4_jb;X0ZFp2^U+QIeMfKz-R-;kjro$tOOV@-iLH8G0_SJ5z6~)y{~>;x
zT!e|RzPy$1TVvPu35nVSzd+x8!`9XKaJpop$KTOk&=#Su+nX&RCiw2}%p511=zQ^I
zi8ll^(EP-s25z6iF_{~wpJXu|>TYkRCCNjPlldkObCmQs6hWTcWAuJEN881*1|P0#
z4zFkZY>2xLM#`+G#N8M+fF?)3;#${18O5=?Q+*I`e$5aQDzCmg{9{2_&xF=IxY};9
zXSTKgtf-@YX<>=}aKv6run2EM#1M(W`vgH&YCu+o^eZ+1`rrgX@0U0`mo|G2%gEf-
zzG2kZ>#G-4wsH~#d21jX)IYEebisee#OmKlh`evd0jJM+&XlGVh^sUm{W$E5@N4|T
zOR=5m+4fro$+HsAQ?@nu>i~sXxPW-9$jzP?VNm7Gm0Xle6){TsD4hAiYz<O0-JeIK
zgy3&v!DP(@32SssOVZ<YTJ^^iV6j$y5wyYiO>cK`FqCRir>iD(b&&d{#PPl6C>*{*
zBYDvIp}&L<q&~%m9D%^evc~*|EFtb{$;HG(^S(^==m(>ht__t?!MVkfnS{tIBq?Q0
zn*GMl!qdQoE*iH!PP>=GF;I_>N(V_pCyA<zx6JG$e#urytzxt<?K~)P_>D_BdU)E0
z5#}?@OQ?E!I$t1s26H5t6hj|1j-M1WztgZDwJ+u+{hQ{WnZ32KF>qw+gZ;<z2W7j|
z@7|Zr5le~@_lLU{2`S9ia^UYqvW-}#Z?FgbKewb!R3iGYZ~0#s#fF1b!kw_6w!Oq%
zhSTA><B50aO$z-ocjFR~Sd0Y4nM?23#9D^aIIn!_K~PPbd$HcQ@(6b?jh%g>vlzYo
zzxmdXl*k4K#7&BRc48>nXgk<EeiVEmh1`sqzN7}Ldfs_?G0NA?)_oZ4u>HML$$N~*
z0A;K?aB?MPkemm0#2`R_GSs48V;uA1H;t8J3ZOf9=RMVjYqfamYOw8E1$*nV!K1x?
z7t_bW0tA2{VFA<)0J1vpTz~+uTK7kAjBfm|UUUAJc6N#U9GUlOwK9M>k?Sl_n!_-z
zCP*=}FjQk{pL7Z`e*mpv;*DVLU8PhUe36-gCuEVCY8Tfkb<rR;!TRkOtoJnjmSK$y
z!(?a%582A{06@RAa8+;&+MK6JjlY>R+qRw%PkYs;71)${3P9nv45PJFiEDcLzUdmH
zRYa-fwZ3w&xjSgN%;9&sT5Y$Q33CQK7{Xr*5W~$-g;EDoy6uRG7GMvnLC%|$g^+d1
z&w)~XTd2gMsx9H9hJ<0ae<pwn!Qm<m2*TkCj}fu{K~Xn-P8!vUHh4~S^D{ZMV*|7`
zV~|}2cFYxNuJU-%#(r379G=K>xfV%SZ_5!@%$<NaT-tcvKcA0k)JsKiBT-Pk`Rbhf
zG^*&5ab!T@4YJRWs4<hH*G+>nFpjRK<IAI8se7fzfN>#XLdFnEU_!|pUv=HvWL=~6
zKB1uW$$O~Tt8eRDjo<XSzR>F?M{M%RJDzsXs9@<!&}bJr&Br$xf~8Mmge-Y0h~=*t
zwccx)mR-twOIr35b&XVW=(;w^Y-y#)b07p?qG3+}#88kYfII}Gf8D7+?`(UQ5zALo
zT)4d}3*#^o+ld~pQ4p32>^qao{~SPRlk2?1Pg=LRaX3+qY=*usTU`xJ=m3L-6B;21
z=H$$RUkZOTH3llx9%W&2LQ&?t1Voyr+<)EWe-A@iuN?Aje;csVj?uk1E3mGRtagnb
zp+pO@VW(Rr`c=Bx7M$M}Bzg-E&41(fg4Asgx*|s9m=^duRG_i*e&gC&_3a1T&8?q!
zc+Pt|)Z_XV_GY~nU0xmZz_oMCOIV+0-Wx6qbR{*~w}p&*C`gkAiq#_0826L9!|$4m
z9%n|<WO^$kZ1z*6!10@1q$}au;GIf$Y=lppX1;vf)Sv7^O$|4VlUHm>JUAT_?E2-1
zQ;zW0*^IX3pOQ|gFa13Pl}mnnt=ZP~)(^4UnV*GB$a%675_I*YCX{Hsj{wxfkDW*8
z+I(#v_QqVILbt5XqrkPS=X`PGo=m=LbgVA=)jl<=6N$=EEwb+Q>vThZHKTB+BRC1p
z^+|WJF7}V#Y6rV@rt*uv+WRIU&?UT;eSNo|!UrB*a>QERzwf}BMZW8LZyu2U?vz;T
zHbjm3T5)Lu+*7+Y+~4EB7)3KO+F!O;=w-%@<Zhlryw7;9UyF5BWalJqM7<S;@lrJ1
zL0_8}##KoY+6{{~J0F~;J%BWH2e82Mg>dHHkuV!~Lmq<$M}VjU>>>8xYAo^r51U((
zsGwxN27-?6u^WU%U;Luqv@!?r2VOwJA<%a8MT`Lb2A_AlBS`=*sDec!ph!^Q5)scv
z!t;AEKC&-(a?8j$pp?Fb)}Ti|Cmu71zxH;%xj(F2(?=3<!xZd|kr*!VId#08iqk7A
zy0Qt5ChO4YbDRWA9NZERp~wuLDb{F{NR_)_2MH&M2R+3+!U$dCgWr11(V`#`h5L9l
z964@#iu9NX?I@F};j*;S+c|L3`$@>Mh)g9HYO>X46xymL$yNrcc(4)pRFY6*$kMEf
zVma>j#?83Yfhs$ijWlAb6q=zxCGrbkuuWFp<;p&o0a-LHg|g%#wTP(?7OgKvJ>{E*
z)+mrgGxY?rXjQW4tAhFsA|1Z*aQeS!ltboN)Q_VgFuEPRJ>1cFQ5Vqlc}3{rwu8_!
z>#bv=Z)mE@RW**|me1*0{wxkR?a<UH4=sFol#|n4brXk7pW3xYafs~ot8+<9Y&lfC
z3o^D+S9A^bA><2?S;{os52>o1+zPwe9JxKC2qX-8Zy1X3h!E6(D981Qv?qrw!W<dJ
z{i;5#5FjERGjnSFU-2i^>MXkcVc9arRq)XX>k0+uYpPqhYJk83M1MsnxqOn2JRPQ~
zqG%G?FRE{`6#3++f%ZQ2GgE_o{iY}JT5F;s^S>nELk$IugxT~JDw9(99e%`W39t9l
z(4vf04%GAY>K84ZpvIZADCR~|g&5UKOjn@8_R14N7%h^rgwbFL=+l;2-cE}+P6u-*
z93+lK>fSz?_6XriQFLn8ol;+%GU=JCnoVq4T$^B{KRX>Wj@_W-;G5#@tz9@Gh}7i{
zOAn(;?@{k*_^}J-jGG9JTBki!V&4aa3ssSTnt}w7umM0oK7CSw`-FCk4Gx|`h(zVJ
zFi!$%SamjA5}2<66VbYS136MoO~&}0=8}x2sN8oQNj*Gr;~#w0{#VsQWkX>tY$Kro
zOWgbBlu6Xo4%I07D|;b`L!5|`QE>GSyh?@KuyL?*4vCt!++4?3S6Ge~lB~C2loMW6
zkj{h7u7?)!Gh4l!c0|-zkB%eIDbvvl_z8?vvt!<&V*#zP0IYGBTR4gl&RV$!Xl}Z0
zlaI&zb<Vd+Xl%5A%9M)t5r(?VFk@)LGSuKlT9S@!sZG8qr7aIDGtb(7iXy;<8}ZMq
zz%=GN+PN68XX0z)qfCr)c&AfF-&tDO1ZLzT7oqhi7U14!AF0PFpq-?aM!3?+zK|OV
zay30DS)X*}uk*~a)#*{Rts^7Qv8(gtNoLkrHfNyS7*(k!5}@yeMYr-#mhQp{?8}iH
z<d^R*Yb9KkucaHb3P~5$It}2pQMRp{+Qj|%+$%yJKEkJ1J!vV;7fEfA9^Be`0<r0*
z$`9k^_av-{Pk866f8VL};_l{&sOJl|vH{Ws>TBBPTcniMk-bY@-~?U;Ri&?cN-H*M
z$hJ;vQ^S=Js18zdBUz(lAq;ZT1^#Xma7QrjH_$%1-%2n5DFczGCF?5Gs8PnG5|u3d
zxpC=B`M`}hL@9=qZKDRY-?(NxASp`tr$!yt)zBX7h4N1gr$^%*|G*_Dil5L3r0M$D
zF%r6O`}<JjTzTK!r5_2AqyQUfb9FTiL3bQQVaPmylQc*OuzpCAUwzd`a8wDQ2Hgum
zAmr5qJ0QPepprtsAdwLK?S+bA4dMdqg{Z*Jm=nHa^bsf{_lp5(D}{ZbQAS)zqQ7Y?
z;8erEX)9tNZ52TB{ugbP8~-<LB~|=4Z6(X{L0icd|3zC3n?y1|o3IE`fSIr;<_J;D
zI?F(?q_1fQ-nG8U)~ptY@Ds(4&@1e_LX>yal<PYYVB23k4-tYfkk9>ob*2^~28-0c
zQGHOpwwfRTGd}LD8}k1Q-RL8T4}&zk7gbyV=Kq;O9f!*VM}=cyiH4F2mo_1^9+)DH
z0f~_f09&1{ugeF;ro#QKz@bJ5X=?lwsKAlJ2ybc(F~s9`zWW8agP3Oe@{?x>eatG|
zUddhrq2z)onANZz_v)Au0{vlD6#e8Jbs9q2m!PPTCJUaw?5p6Q*ib!V0w}P)5mZ5>
zJ_{qUWdt}%JSVCpgrzS*r=zZhyvxE+>n*MTxgLK<;05!~(D<qr*8^o;3cM!PM_#qW
zBSpEQsM2hCqO2#tPv33J6!O!(WKJ2U`5wG))6Tg)@XQ9Zf;Uz#&WHEyLl5z8`Dw&L
z&%9%uKZ4-3)z+yf%|54b5yIxrh+Z$O91(#l=5>#`nLr)S`(HEv6=sVJ8z1gq8$pN%
zD51Q7hCb=4h)h{y{g0J(lleFOfgdYeWe>RxmR6eQn&wO@-I%plwOCXrx~Aa{TuV@i
zAc+Aa!;wL7OTgQlyntoew7V>}ER<}?&*VT}9NTW!ZdX?$-sA;8gtk!*S-jVD+)Kmr
zwom&_3bxwKCkj-}^a-Jkt5vD1YWT#t7fnB1n#J6@VeG=hKo#6!Lz)MS47Y9KvxT>9
zs$lJ+_=GgvwDX}WlGjBpK>KM5^;wZCrsP<5I27rP>Ouki-ftEH?>{uSng-wAE$T|y
zXuqz%L>;23WhD?en;0dNTy;cBhx-;YxWeRM@4(d?k2!>@e<5E~=2U=F3?(_H5Xaub
zglhk8se*l}2iSmU|9%X5#jvGIT#x9EsT2otHHrhW_3P5Oz~7Dhf<mYrh((2Sp5P-f
z0*4QZwSU-))p~pThV(vh#;}Y;O@O)(Sxh8t|D`}A3u$YRO*un)d=XeAEps9B?N#2L
z9ctmlyrMzoP$6Tz)fH7yu}{KbKZwBbO`yQ>rGtr&6lm7_bAw)X03pgTG@rL+{Cfc*
zK=2U_l8R3B0R*Oxh1bAPleD|{$>$6YmQrH?1Oe!mB8(yU_mTGk!hp`xr?6BY=LO&C
zP3J%0;X(O~6Hk@m{|!8tjEIalG5DLPmh~brbgn{Z8hAgM`{sR|6rT~I)+d3zO?+^|
z{0&YdZ+oIgKu;JCI3e(=>;bO|{u4$iG?6~|Fy^-!Akl57RXH(?=_&$pL~92=#n}~C
zC8R$hzTxjX8|d!~bY3@s&TH3)^V;=sY3>OAc3#h(@ocEDjEPtLiB<s9kY!||xHCpB
zu^in52}sUV*5JZnF9NRh8?m-65h8oU^q=CPmO<jfPz=NQlB7AAZ-~0Mh_-<wl;k7a
zHzuNOAPE%=0u3AQBh*_<&L_0JBMu0;eO{XX!<%dPlPK448N|Fr6l==93<%?2%`A)8
z^kF`}B-}rej@;5_^N>=!#k3Ikm2VI|k@{@?&Ncka;UFBcb6nr75SX55g)H5kQs%cn
zFXs6l#0bG(#7M`tH5C;1CZZN$U|Lf6UuntScJ>1^)}0Db%_MB7W^P|H7WsWh<>(EJ
z5b9nBQEGT|swPx()1IqutbU4bcM;FsYc9*HiaIRN2hva3AJz)^oAAgf30}{CjZ5;T
z|3_RBvP1*|W@-VvaT(R~yex`xsn<q+F+6g;DYRpGX|VdBQEoH0wVUj`%rLHQngW9W
z*lqsbc@c=#=LIV0LKQ6I{|1XF40V!TS#Q;75ey{#0Oxwmr6W=BRI-KQp51ihMVdY2
z<IQ&;6@2dMgBoTpokFg;(+gDF*M-&IXJnQb{yog=3wslQ8~xLrZ7F#`EH9FN84tF+
zA0)N=$lGpjyjB7xT9JTAi>#NypwOUD=GVi3<nquuu&aUvqjk8Sujgye*AKttS7=5j
zl<W5{736o&rgjAFFIf=<8c`;5qGo@RBT{97lMjuSe^=>okX0*azZCDe9v_|1Yy13i
zrW4TrF+~vvPkT61|4mQb^N*~rRt9@srp)BSUdd#uqs8$=j1Mqcnew1c*l?-DIYMR8
zF5hPSR0Y4^OwqObCgiJygWdj5rsQ-17^Xx^nEE?RNrLhbrlf}+ME>O`?jSNJyx4U7
zn3T&I{QSJN=9iLHy3?S82k|=;%$xZ*J4^Qq1LH`PO!AhK3ttOSsxix%F4^}rF-5sf
z#}=-PNo^9)8*8VqD0&z1wG<0&o<`mE3|G<dM0fn_86Jn1;(w<o$KdsaX`O5IXm5tj
zp{#MH*<06b-MFx7-`(2Q@7^a{U*E*u|H+kjE%0B$XXjl&=J4`(#~J<B{5`TbDxmW@
zR%nDrpYT<PZpTQP4b9!+u6c&>g_D7+VD7q_2Oo2@xr8U{$#|2r+EP17<44uXS4xEW
zCTq%;&~sNT@7VtzV9C6-Sh>evU`guG|6{O(j<DoE!IBC;;P@9~O?IO?Fx?K(UYEQF
zcGoKnPUmve8vI8};<-2BxV_I^&2!3W3Bmo1chJ2lp|Lh@BkG|J%V$p!=jD5$T%oT>
z&(o;RXUMm)Edg=;48o)D?Qof5|ASfMvbQOwxJP<+l)sMNdWye(lHwXtZDW-$@7FsK
zFGYoLaHcLnl`UV7<@$d>OYrsyq`KU_c5orThZG!AN>Vp+K==sH-P5DPPc8|%+*S#u
zALYc)C_QEw0KpRNi`(kh11Hh*%{mJe=n+b-d`8J;HX}v0t&aM#7PkR$vOM}pTIZ3B
zYl1*m+D5~gM3lwei_iC=vT)QN?u?qBtZZ2I%F7<Ok1(*Mg8aHF>@(9dDsOBHuYkyb
zkM6bUw9zyQrhs&D!3gfPIzF3>U$BDm7}UC8yU=#mkH@MZ<*0rr291GAre+c#S(4uQ
zL6+2qjyLFUh-vae1IC%IKb#j1vXRt!ve~^}Yq(_=R`-F%%T&q^g{k#gwg(cBVWTj*
z2P5WTqe)C}OAN1Urt%cB!8L+7k!7?349AfiU#6m(1cqYB3l{U2#mncQvD;G`8<IG+
z>S?O&g7U(JUqE1VK|6a)=Lxi@8xt`C9apTnvfR5Drrbm}ECd8yX(iIjD;fr?wXCKR
z@K+Wy5Oi<U?h6RPJ|pl{kDAQILYg@0@cR%UT`--t%mEr#6GtSBcJ&Sl=KQrpXIP2J
z9`bw>TMxCz{?kEta$jX@=7`Lf6q+wc3G<n`S!h`%nAQRs?X6^&O&KcoC>tIcE`eH9
z&!}Fd87f75%Z(D2HAY}<e2Em`RpYBQmE<DaUzg?us7eg=flSMGdtTK?pfkR?CAGC<
zoo2xJE8kUJI#v!b8?b02XIZFfxxDe~VvV0z7o;({N>UL-UcRiW_0RmuI&uXCWi>K*
zc2n&dYTBFI?vs@@G5>mYz?O3eyT3JNoCX-x466oMDSM(^(I<oDhH4B@6V?7x-6MB(
z0aNkb^aL#7w>Mx&q}lgRnTu1<+jSi6Z2JvOk0g|`w2oEsX=qCzRKsl@w3gk~dyJiC
zE4x^YO_k@7K9<%1butb@C3!9gx|J=E#O?ehuCl%-HL6;?0vY#7<*Fv0YckW*bZcH)
z++6dggG--KhL1k=3J%-bJiGJ>J;`-&%1wV(m#?;zGVS2snz3>7=9h!5s$F@A-7&OK
zJ-t&I%6Yifd0v%DWG{YbRXeD5ydIq?t(}@2Ex@UaXhYPgEQuWSp!XMq4+LZ)tuGOz
z(=1;QvVX?w&%cT~(q;Zt)B)_}FliDTv^NewE*1iYIro7?#~6b+mXw8qZ9yML+KE&h
zZxd#fvKm^pvhM3&d@V#%YQ#X(Uwmy<uP7~$ul*5uTe*aYy#4zxzoF+#{TZ!;(VYHt
zy-bU!(ytTK<yHJopTCP=-ascR(Ic+b{&ppkEqV`}mSn`hhF_AZb{8q)Ij`YuTOf;T
zZDrSOrr3YeO7m%bvqYGGpl>B5sMyI5M_10*Op*CJfWo3qGf}&cz^}VMp~GSb{Z+as
zxv#3E|MT+X#F+1c<PdGu<GJ(@X-D`ycQ9i??VPFU#u^E{^jyeQAkx%B$IOE?tn1eF
zZ=oUHt<T+Id+eSGh-E)QHHVNB)!_oGgQ`;-Bb+;Cc1WXBy>fSx2W75^wuII0h>{nK
z^HyFqJLRtPRKB+XQCpju{8PopW)&pMSyQOF;#8Q=HlAf{bH$g19Q<}F{wsF}3&p7@
zbJ^(7LJmA=C74kl!Zw{mNOKrtV1m?0bAg~}ctQ%#;av104ph@*#peRGN11<lBn8)C
z<c6}$KT{!|&XyR+8CJ~)iGI9>@xP_p_)P;%9;kh^h}zxZ9_NRfpc!O8H<ilu<Lq+*
z3Igo)6MbN`I1sfpq9pje?o&1eC69-~wN!4$x&*~s_(KY=MZ=Loz|%wBc(dHgijZ&H
z&;9V6Gy%YSl`PT%mdQ}cBGyuHT?Da%hA~jovWHgHFekNmYJ4@nVEMdE(+5z)Hb^F(
zg;3a9FiOt*!YrQKE$0e~*0M~&&fowEqm$cB|5L++0o|BDv5%h((_q4!1(qQ$!g^W9
z|5NjabS(}LZQ*UiGN7SD5=8nA!mySv^OYXz$o?ZMY>6Wo)|MC#iRB>kp@;pEn~xH@
z!(pRay2HP7Jy2IdMYk}a(ERn2pIHD>+XsNSjzRygCJRVXhB@qW?W}16O(6GoQ0ptU
zPbu`$s1BoVRj!LgV`<0TNOT2p_#<Zmn#)^wy=c=&aK2-Kt&<63al_G42m!9zLQog=
z3hWRlec1v?xYTi|0&!J3H<v7(s5XJw+?!Y3<V!Fa`w!`R^O`SWO0_AW(5X)cx&I85
zzMVOY@cYjYLpV;g)jyR*?ZTz+cmwqeWp+7WM>IWlp0oRx*0kQ#Cmu%iMaDc1jmB7A
zV2Z(tXSZ74Y%(TrWufaSw{r{f7So1$y6ta(*TEh~W8?Cy+rF1MEb!d_obBg$7i17Z
ztHU`UBM@XC2+D!5*Y0#t1R*XdlmRoo3aH$GCiBk<&-yf-w<~_4HhU^2tTt#+Lh~6W
zrSE1?bMJjrpYGq6!A{=u-nw$dP*30E_&50$bY({zGHq;;aj<TO_qRdy@R^JvFxbnG
zHQN0Ia3I|HVQ%dOvad2-ekA>1kkPCW8}#JSf8EPvowFM8P%y_+2?p)v>E_|E!EfAS
zFJ*J);**3t069=xGJn@VDu*X9AT%Hh(+uyLxyrj{$6!KbO6(PXR`2dwVFGmp-sbm`
z|16oad!!M)vU1M#tsLTyj^<Ui+p10}r~w;nO!u`JX={KzAwC{Xr(;pTo{%)eDDd2F
zJecvQfnLyC68<32TP@5qOb`Fs&UR5$HCo0nyg>0Ga=o`rsG`?j;-u)n#*j6V@&Vcf
zB;T~ZOP->xs+S3KFruVUjTaWX+#Pl2HIId%DAl%kmnyo0kIYVtO0Lq0=ZJWl@PG|2
zDq|uw*bJdUpW~fT!Qg?NUVC!v<!~O1fE&=gU(O)kFo|lAmZ64W(|i0qQgJ~J*2xca
zBg)`}?10rBM=_pIQ?R*i`ofnV)g9HC9v&Kso4Z%Nu%8%(+=2f<!I(ttM4}ledfjfy
z8j4{@prV)=$hwaYu`TY>Q!eI}4r#<wS>K3{X-Kw$w?1nj1tQji1tOC7B6(8*6Qozd
zz!YtNnRqhsHMx+He?KrBi~>f6LGlcUFdV>Vx^^V(?vLs2hyLQ@KVTv3KTr>5;1I#o
zy#ovv_wIazixX?Oh`J*?+7o@?<<Vq>yg_$Rk#fFCiFlLHH=RC$*AjpB2L(k_+`LCr
z;4`B9`bp$N+!B9?+hBX5PawkKJmADYaeMV4ZeM`n)?Xid3$q(2Zo5Ck?H1+(56B&@
z75Gsz!jXD?0Y6~t2NA$v83X{-lz<OS2?ErVU#oh<{%SO_d=`MhgBjHL#6|RpOQ>6z
z1{x&nhej3{Lahf`KRyhO@LC>%L)ck4Z|k-iOwWhbCj@GJLZH@v{LuPaA6h?DIi@^l
zn-$Op2nA|=EJ&sgtq<3SaqS-(g#&_94Th6a*$YOL0t-r%f)5Cn2?jw*mF7f7V$8C+
zv-A#_WYkO+OyKMK4-~NE<Zl!Z5$8YJ5MasE_<myK^;@O?F<VzE{7(`v?=KP%c0`UG
z!~%8)7g&aX@$WK(aXn*S4$@BPT(NWq@9(=3B)2MmS0NOV;7KISq=g#s2B=}cA#&eh
z?#t)2Adc&%cHj??CmK{IT~ec^%1Uh!Cbcv4BJ*7f$pj|+&bYm=Gkl@wRO?LCl#`&b
z7_|ITYw1m+k_)hx`~Qv&YWzDkxLqgA_Cv$@&`A_7E_WcG@MRX}%Ylw2pdE+-YDkAL
ziyOMB&d8N+?i_HIteyEvc*D4y@q*4kzLoDQ%1X&>%_5GH^cGR>yMAMRrEdmf_L*oP
zjVyU-c<1%@*9n5bzm~ovH&@+gtW|wOaSHa1Yu{}qB5dhNi;@V^)zm?&T1xmO=77GQ
zu>^5I83#j;Qis7bhLb`5P^O#j5il&-=<~JR%;TZEkjqxVbA7FBSlU*IG}cfsEx;Q+
z>>JW%rPb7j7ZpG;b5Os2v`2!PJ<eX2!Nd9$W%b&a{gvtT%BQ*Yw!*62r*<x3k)hor
z8{;fKRTij(VWY@0=F<_r+MfkW1fl;07UoHZJdJMsD{#2ns{srg<`u9bd5nMIPNg^>
z!!LKF5Tw_gQky6;^SYTe)BX9wd90)J&RSl^Yddb)t?au=65CD5dfm%H=#6&brh^}F
z(nZXYj^t#vOM`q?1=YJ%1G$)~fPP>kPP)NnE+?{*H|3t9Wf?^*+be72W-dZ&liW}V
zcn7gJ8tlX?9uKWEo)WXCR8HX|ota1vBLl^5wd-;lnPuwM?Z}n4{lY1tq+Kb(pGUss
zJq8&5>;0^OY3~gbrh9BWE3W^76&l(1pMEku?!OLJt69f&w$*p9@>-uc^Qs{qtWG)o
zX*u>=@)_j2_#d2g+h$%oxTW{Db=!mY*V~4Mw}y=^Bc`)^$o1_l&1OGlE<%C--nLL%
z@{hKK0@Od+)4;Zc)O5uYclE4^54Lbk&88tS`g-tBQp`(J2@ij3UA(Ds;Y2Mvxn#3e
zY=G(w=3POEwK^$7zUw1t)-gfG5u`Bc`aP8+^ukm>2i&t>bMf$0)oKOl$a=r<Sc>KM
zV!PwJJXX@sWhJwvBE7KIU}xD%ZG4BofC*976kr#U;r+wWDS{<^%d^Lap0&UtVT=7}
zN>KP`Q$l<3znT&_^-ieA4gcAc(9=hy_wds1s_NKhFMYNy|1UBy8@COd`u&!LY2USZ
zUX@J#2i^N->Nzlcc&fyp%hT?i`cpekM^MZ%AzYfkPy&-*|9>n@5Y`1o4?D+=^7Br2
z#^7ag>d`m!@U{)4sPhRILjK7L?o!o=tr&mE+aR2yCupU}adBaNBo`kUu|C!Z`E~D8
zd5S+~g+I`IQ9nq*lyB`71zQehf2rGBihrnEmX>YZIuMnkxmy_B`mgO_z`i4!{vmt%
zGXWL5;r?$k%2N(oxUmt(Q>x!{GIJS^<Ts1SI`8cVyWjd_mBmz7b_((bNaivMOi~it
zk^Sa{8}1}NH8$FBz4XD}y~@a}-Ix4i!8uOZRhIwh`F^c}9iwwoQqv~-lJ$5nI<G?)
z*YV!Mr5awWoK5xzc%IDi^!$ZQDB!U~+0+vGPeHK`Gu(tS%|=KW$+|M+eT_|2tE)dV
z7oG`rosM219prB;LwPZ7Rh?%6E`E8H$H*o_emji`T-D3YoD$Y=hf&J$a&%f0PN81w
zvsA2Hf4F1Y3i}vH#yHJU*F4_Yr2DdNe`rpBMw3JFYY@A*+H6IC{m!V^aKFN|tMY<E
zVOA@MSz;JSg(+7U;HqrLkl2zwvMO6-7I|8jz%(gepdxeal&L^{L!CNH5p-ItL=@EA
zhl=m@I?I$3zv)h6rKm$PD(5YTIT8{HjNnO^zEC|H7xKIfm$c@2$-32Ct^Y8SE+B@z
zW7o2^14i?Pk`E6XPl)6PAYC=}c1d}-xS{7hlc^Ub9<dzTj(S%E+k#T0L6?%G4U~Db
z4jm;KAQ>TdFWkL-IXbaq2QB?7V;LF#n3Z!J#VWHNZyoGR8(m+sCHrA`f9Fb##?>M*
zrsM0G%5Z%Bqkd=g5}Q2BHETt%?-+4849f93tHPtkf@|eK14?0NshTFt9_Li}IPZax
zBpHYT!u2LI!zJQmkS$$^(UCKBscr7cqzk)26$c43gi>5^7mWW94DXtls*y?IiJHz#
z{u=&_*eboj)Vvf2dob({^Xc7#dYjZktI(|<Kf(lI8+S*(Fq0yYC23g!+O{Kf;u<c~
zIL`^MdW<vUBV(B4Wr9QTTUqY6l3-m4ghZo&gi9-Z91|d}RyA&G-Po*fl@v-o!fn8k
z{b7Z&ePHg;n3l)aD-Qq8_z?4s$Ne!;{3$%Ssx^QW`)ve=HJux3v5~y6<aomd<0J;g
zTODpK<qr+OO76EiXRBKju$!w``2NAM$ILQ14mU7vb>eQEgl&JDZ<FrEUhcQ5AZo^)
z@)4J!+fro&_G(fi$83Gob`z{U+^Q3t9=H)g4<i}zcdE}|sR}jR<CB@QdCaqEm|ImG
zp!0m2CgUi1jNI{+33ARs?uZ2B2gARwl63aFYY^3DvoOI77MFU;zYyZ=*CBv=b`&+?
zF3r`i!pM^97OdfBh9-~XGijP6bm><MAtaG0+Tj%`j2pkRV1|%HN~SA(>C^glG`^#f
zB;d?i6YDpx;$y4hfMi};N+PMcIEanfG0ViLuSn7XOqNl`7=j>lnRstTiExhDrBQ}i
zSH>opCXkH@1b;?hq-HpSJLT@b-02t)l+n*<w`6rjB!*Tj{>tjx_Byw^pR&%YTQ09)
z^!ntUQOO|bjjAY)qz)(A;Hd~;!lZtu+x6ozW(a*R`jpO8;Kwkw?KjEt;1MV=Ib?SH
zo6aq(r2JOLGbLw&Wj{H)_!A;lNmrLVhe7_Cnnpg)q>P!x5#4Dfd3qQk(${$PadK(0
z1YrI!X(?J6d#|hW72#F%Xna8dO7|Ag`GxT9J`iyrVIcXIm5+<Jt%c}>d@%9NgaywW
z^&a#$#i3cMnORUb-siDPV9Jb0(0hJ&<Y}`kKqKKrH{;#MRR9l;^=Y#&s)2R*ePd9O
z_?`DYg!l<Jp^NybjqQmSUY_U{m!-=oOjh!FLoB$ALvyo(2P$pH-u<!t`{W-1F~cM(
zF8nvIWFikwa(?WuFnW|^YU<$_=d&~FHjZh(XXg4e>Mh&$z@c%Dr|!Ti%!)@x^7jw2
zF@JK41#G+n?O|Y^SZNE3Y;Ur{1OmdX6YZN`TnVsKGk39HY_UnETXT-3buC;Zdc{O{
zaU~3XfkQVQ&B)rk9>sLBdj6R%RV}xs`<>0G9_3{>tXm{aSSB$=`MEp1ns65ZMY~!O
zPt?EZy{}4-YB7{=FoRFb(_|@hlj-_!7ZF1w@3gjKI_u)tnADNzgGEg~<mVP3Z&9Ib
zO=|(|>}y3f?`^G7ZK=;$r^)ZyTYNkx-Xz7*cY_Tz+Slf&r_j@{J~bV6jhV-ueoWji
z_CFN(+(TA-^ICC+fFgfI^9;WFL~!b!5+NhGBUQbq+;JFD^t6*#q@9x&;*&ZQ3of%e
zI_tGc09h@p^=SBuup;H0-v?(TYR`9hicd)`)~)yS8i&0i*s;A;cm;>7aB+paiV?KS
zh+VI$?<!1%)eUg;0Fk>&S)hG=o<uu9&IO=D)CuyMHiK8$5EpS8sCgauqbm=HRH^`k
z@&jRKdqlJ~{4nu29kgL>@T2b`hVPC^WE<KHD!=@Sz0^wzvk}qPaLCn={pp|72o!B(
zyv~Bq1+f1>CU?x0==vDfuyYi$=UE8kyZCY&kl6^Jixb)|a}tU(8ZvYg{k*d@-E7R3
z{w(F@L^&HU4JFre(){&4*{XFBX(o!H5&C<W<N1ojjW5LyYUMaR#CC;wrE}n`y=C$;
z1Z^Ab-r)LjsGThlZ)^{K_{RJ?*nTb{Ra<ENX={qE;M1)$?B+&XZ~Q@r0RLOZ%WH_O
zuKVp&884lg)<iRMn+ug$jTQIvWRrM`)$-VpoU8KKTgx9iKUp}D{rQbC3By;nE<rBB
z2bTLyv%__QIX}DI;fnVIeJ<tm^POjonz{%6o$@BJ2(gC!g(lQHleXo+69ix8!Bor^
zw+&Usi6N7z%ZETei;j!O{7u!#NvTUQznMOKRP8^(?rcikYK8us(@iY|vjSA)f>TO2
zk3V-v&g~zj5ndDB*&rI_vsE<pJk=fKp0r>`pNxf`xRT<+aIzRM;y9&aWCjy?DJUQM
z<dWkLM+&9K8roo;l2X>cX?8wY>qKO))A5uuPo7<7m2t@15@nU~>Ypg4-cf)Gdm!S3
z4zXy1GG1bK%?zH8ic*FS;!9s#+!Fii`u3$aciaJ%NzD+g7uNb?3$(>}%~S8c!JVV6
zQFY<KRuDnN@vmN4Z1|qWw@XAQJ6cf{X#*eq-DiOtcC42E2Yo_=)ceiXjf6OE7nk$K
ztoOT7*`Feq+-+f-wCd*HZdVTjU#AK4t76A&<19K%KK~~974Lo7Pw>bcSGE#*{zlfx
z6xX}A#>cv?fYJtj2>rJ0rIN!ZnlI4k)O_UTVx)-NO@rYQaZs_BnsB&184R!5N$M^=
z-c9hjTrBt;O1wy>VkA0F><-~I&05B^k=8KFH>&QAK_SyIDBZe?^`_FCzlE>FV6s66
z0~{7r9Qb?8cv14&`&I)^*9aQ^5S*izE_+YmCtJ>QAHn;$_#%fEokjpxUUju6DX>y^
z3{hI*<=3exj6l?<_I&3@-Y#JdV#%-W@%B97dN0Rf4@gR#RVU>p9C$V}Z-dR1fU%dv
zE~ev!*EwK8@%R9JD_`265*-#=i>2&rbBZDr7V9p7!T8!<TKezRNaF+S==3_O==4Sc
zR^5w9iP$Q1^@M7RC0RP0cm3iwwAUNR{k0XKK#RI~d^=&?0KTRl+{#CZxx1ak$wv(!
z8~{fG!XE&Z!43d36S&M!?seJR{(C4)Q2yLPQe*2AAS$c*8qML_i|InnK}>|Dr`}sU
zGsJ1=CJ1ThlDu~PmAR?Lu@zrnCk(ZaqI!Sirp$t7$Mdt)g_QK~yVQ~TIyR#QDWgSy
z0#Y0h6>~#_;ji5Flm%X^>}*(x9*omzFZ5nAN1PAGQ!Y%Vfx_HQ-MMt<?bty#_WVKh
zg}7Krh6)T8&_OJONqx+kq}dlJ@R0jE!cU=H6j;fIDk%gpgvrlVqkM@vgyN=H$ue5D
zZYp2bl*;Z{lYb5)JLs;i+jwhrnn6eRPfLzVu-@rjmAP^wlpLW>c`rAP%w;Om?QO^>
zID_1i5pd@lQXLr;9S0bKtB*cW9~dX?lMDLrjlxf+n2PAD5XO=HFUH<E$dZQ3`Yqe&
zLYLKL+qP}nwq0GetuEW_vTfV8>z?QRW@6sCGxx^#*NJm7A|oR*BhPQ`wf5ey{m6tO
zTRx@fWXM!L)A5~|M}Dwm$cva5F8yOKupI`ApCKsFs^bMx4z~V+5oth7N<8r>sM<Io
z&uH+(e-9~rnEvj@JNZedB9<*xv(Jy%2N3)nr@+cVsU&DCN!^2vuf__VAZ*ha&?XX(
zix@FxPZydR)-c5{dt+6EBXxWxPLp)J<{Q*WxOQcukLu_qJ?jOp5+P(c@Pxcq8FFm?
zrRkg))kvb!uJ;^|7s6MRYY>SVKmu3!XO-boI%k#y%HmFB0PZ05W_0!^bw~<>iOd!h
zD#|L_n}O(392Wwagq?iCV@X0T{5rH@mI?6Rq{L?+WIx$iB;*2n*$U#+-3LsOuB2G?
zS^7lK?Noz~i)1Ll+(jQn>$GMi^SD5&q8)=ab@3bGpL;|Uyk_L5zvX^P2BXlqqZhf2
z*cq>$19^^oH7Y&Gr@hvJc(;PR#G!z`#34bx#96kQ-2{Mxo<|W0rYj}oM1uYn$9EA!
z=1ziE2dNzZp2z~0GDhe{Vd+Kr9CoaKfLN>xeqaGf1ELQAlBQ;{MoLRN#RH6!WEJy!
zTPbK4i0QZ-A6HTaH!(MC2r(C;;{9ofw!<z0VIi0Tk{1JZ28E8OqdSKM!-9bXMG!X=
z_2k(63HDK!dJQ@=d^I~<c%S#yg+3GJ90PL#Is=&(TO0~6h%ZIZU#GzmE0tO&0{ks1
z1E|N!2OC+*1;S9t3Bd3@0wy)1V01s4cC+|(B=bI3m=gCdH-~OP*n+AS072sQwU495
z?c{VL_Xe^I2Zm_aPz4B_LI49n0K<V`YFn-l(5w4Ulmn5n8iJP-Qps}l|E{nQ#0v*g
z0V2nesze~Q3l;><0%LDm9ygZ*O7wc=1(ICCk^DhR)vXRJA=xrn_A?>t6#I3``9!E~
z<(s$~z7|cNqF0fyX^KTMc8xZN422-G)izn$56;xIRD6cp5v77mKmJfyycyW&>3G2j
zS25#2tGX2G4<67U$<M1#lo?d}3Bcv@GqQ*=4n`VQ@ME1`=>eGljR7SAlPe*ZU`t>E
z1ChCazQgMKn}Fy`uh?Jzx&$&}gzQbj?oAVGkj~1k@i#2WL<ji|j0Q>$AuoM+Q42%G
zA~I^wu|aEuUOAt3!2rZv0h05Rpf%hV;s%v%<9?#z7k_S-H$ITJE21}Eb_DB54Ul)y
z&%P!27a&z=Eg)6k$~*EUP?xi{Zd9A{4oL_N8UqO#jt<0BlIsi#Oca<OeiR3NXV5_5
zpL$g8Ai*p1Y#;;$M+61*(AK1AgqywC@?d#T{K!)9KZA+Nm-|!yMh?+<0g142VgKgU
ze+20jE7;8uJI@8;dAjofx`7IgC~a@=4;KdO3eT4df6K!Li{}Ek(4?yLx+{#n$(o?4
zeT%W<==S5Vy)+aIy)@7cy)<Q^@O?Dn&N>k3G1`VFTb5wkO#x)^{DfgZOuFCa9r#Gg
z#OljH<_=H_AHVz~d3=b0=qwQse=oDB{)J5SM^rTQM?~2Jd;%^JQFZ541}Mya2~M~N
z2rmI878r3?3JeGs$gsxfR?Z*spT~gv0*{-!z39VR9hd9Dqy=FGxE2)TqISU^FvZOp
zB@l>9oCGfjmw5#rtQM5hzl~8pYyo&Be{{vby&1$cZi-&5A3+4LXQ@|+kX4<@lRRM^
z-dkVLA0LR%zRcx_tZkr>co8aVafH<GZJ<!=;P0fA2&aloboP16ItM{MZ+PDK>%A@O
zZ|gBJZmV7~?ur-W`zN=J_gHrGUNIcykMQNNH{|J`H^|dez5|)2!-`v--4K#?;kh`1
z<$I_^<X&&01fg>~m}4StA(+374}u=m)cp?kkoY86tmQw7ygyX}!Cc$E-q3h|bM3{*
z#b0B~XhcSHG(~Xfa-Mb!5z?%6?~Y;6tbovf_r@Cc^XOH3gS@PaKLgJgJ<kXUzW7rT
z#zvyY4X@6}Lso88gL?O#*$9Hn3}erP?XOYZcE(GA_%xl2{Nv$84Iw7EcT5~r@-edq
zV|~j>|I{}{WO|>$PBU5=UcEpyefD~n)eqIX#`4{=qnf@Ug~g=r55w}MMqv6-?uVGX
zSw#_KpH#!;(_~oDq@9I12d6);>972Ld#o9G20;yt;FJF7M|z@uG4)~}_30b%v)hK2
z{y68kO|@}~z+<^jmFd<$LS*_D$1(i^JVP0;a+k9Ut~R+4Zy<FaLb;3INT(pu=LVWR
z&r0fPOLVx!^KU0L!E7)edOPib81v_3K4E)n&sgZP&G!pf47YXzk1r`ST>^JvZ@pa!
zp_}W*xq!KNESk^|#Q!-LPwV%?@1(StfHGT|)J}iH6TD<i$(WY#(qeE*p;5CE`v1&%
z#Ye7sivrf@sF-?RWgP1YRsEk@I9{~?G=2#h5doP+1C85nZ57%6f2IP5;{@%sB+A#}
z2m!KQqyg#V9y-B=LVE$_tuxxeM*kGS12W~#MkMha(J_Cc=<%lg0hGWuGybD<9$^NM
z?sE0_9cFc9sj+#3SR7=o;bFO8U|k!4xycCq5qaeu6TXYwsQwV-r}=j@iz+f=w?z~y
zE}~IRoAp{@r7HOW-O@}#O-@b5b)J|P6aRh6yXt;-kOBoU4r5uC+!t@qt86clLoH`l
zp8N3Z?)oO(iH7{4ld5YhPsL-okNwqa8u^arE@m6x7H&|VPu{On0H*LUiT?Oekm{1A
zuA#@$Qm2GfsWZSrsqb-K+X<L`H`OXW)#Y3wm#(oKT&Ol!f34L;ZLaiR1As$38F3@0
zF=%kd6yh9d2is3AtepW_t#-4qsT@F7>x<9pdTXQA<}vo&t_LP~liAfUqKNvHb(1%-
ziOr&9x@7&zHfQwuJO(B{E;tPg6RC0ew!G$(4UDdUBo54_j`U}i#eOjYzcvEG&Fc=3
z*w@=if|Qhjwb<K|tJyNscaELZMWL@lZMCYQ$E@suNMdU1d~%PgiJe@rU2N5>W-8?v
zzVeJkold$Qew#TIajf3qcwuZAcN(E@iS+2UQzNkS&GP^mIykXF_Rry`+f}5suAFtQ
z7O&D@$Nd438x8kNC+f#S&z)%ptYHG9@!O+c{X$ea9_U{i>(yZbdr`<%uSxo{SY*UZ
zgX-kW^G7VD<5MY{%^jxP4Nw`4EUk9n3pU$A+f?77CK^i;EmU7t8cP>`msb%kbE^#<
zrJJbhSDL>zc`D``<Su#ic|<{l3B#<XHD9&vlh@;asY>6kf8r;$mXCnf@jz}*Jm0X5
zzB3#PxEo}^Z8eFd#TE*n5gp0*A@ACRy&a)JHz&+&C8ghHZD)Mx_cZ`>^M$xhJIZ>2
zE?la+exzDy1<l7CK6sAsp2OLgzs2nk!gy3iRB5Bu%pjpsTj$Soe^S9f9rj`gF$w}D
zs_qCt`hfcq`7>fL^jbU-<L@KE)rIvUHN=62=D~(8+@Ii*5$_l{I@RT>u#_EnZ{nQ2
zBme!_!Xciv<1iX=H+Kw;I~9_ico@{4)H2)$6ikjyzqL>s75i@}f4q~sf-2I2Yj;AF
z$$(x;VfF$)(GQbb4>wbyTYiT-y-pC&9wgcL8;e3A0+Z0P=UM*^H$8Fq`ix_Q)XDEH
zd{zSWf<gcofJCkmpFoUYQ9a!;HbU!`8lgp^k#~L^cDXInTE~v3ny}xj!|m_%y%z1T
z_Ey*1`g^+mQj($W4+s$NynFPzfbL<?xbr6dwI+Ov<GWk8gaaazUiw`jeQ(_6ZUlJy
zI6CKIo-I7loL?#XJBtSO^mGWcpxzMzzz)5mbuXyz_yxO2eh{ML;=FLs`Px|{@N`f3
zctE8+g4;^F&@dE#G5jMUp&&O&)aq;z=?0vWDTk>-s72~Y!q{~RnF}7-4Z-TY9)ktp
zFq?r9_5^(WKm6HbeBGhC{kMt7W*bjlKXATLAp|trjlZbQCmM<W8qZ1cb?OCk-U&-6
z4Ud{~83-^mP&~HKs~*!;6&1~!i1x%vAl<^KHq%uj^;-Mh=aVbV{9cS$5D4b^LM;Q5
zY;bR11mPotht#ZM97s?vv~1<B?h*jwN`k^i-~Gjb-3xjS<!t>9<?Pu-te+Y<49D%K
zhso;)vF#Ops~F=XDPMB-YxfuWQv1lDwx*krFcQYk<c2J<dc7xx?JcTWq=E=qirpyB
z1l;EVA!Ay$h-ZEU7ZC9{uqX-cV4O1#dZ>!0UMA!gLDA9466t%@_RiALO`ZgN7@DS=
zLTjehsba#{&tEZf;}2F~-y+u}V+pV!MxM_MgF>XfWJ+$c!Q!BH1P-XfiHxU+FNpDm
z-bCmUVo+2lApE1769H40gS9cD=rRWbMxXG`wxUs@MUoZ4#zTavFv)g3*nVeOxm-FL
zDudH~JI*n3vHqJJd>}gKQ0kWr_lkx0zgpHqhV5sqM;eRc3o|2eE`H(sp2!zj6zRwO
zYu+dha>)07<Fr)NtioFFEzOwE81J0f@OyKji{^_hT?4&%Tfj9)z0fKr=^~cof)a=_
zUa#UJwo191p|6l3HI<M-wtoK8gS}_2Zeb>JB22)4^u&m9z{J)9Jfc_|yPiV>X_6ra
zHM0R`y)N<+D&-D;1f~}SvrN}NrW5G*<=ZQa;|s4-Mj}F`ySxt+0mW>y2nJsmN+3>5
zQIR(FC&TIs?QAp!yapp#D5l31pJfrh;R;WwHm)NBVyJd^D#93+bKDAVz*%`DF#lDl
zf!3>14i!+_xM;RAZ)Eov#w$7}ae^=ytknk@`7J)s;TtTBP?g~{@IoWDOhnM#WJ5dS
z#A|=@Xuudl>hY0rg*!%l=2AEzNhDcg9QBYUx~Z$^Q*&*hI)#pcRjstmRs8X62iaoT
z4eOXm!`XwQi|>LYLz#_+c+%pZzG0@+NlWK)^}=Gbo*^BroH}b=1oM%wR=`+*_g6?s
z_h$1e4LvDRtnx9jkMg+aw5F}U`W$Y3)|qlw*g4}SUy6L0+iJgOxf{?+hH4FmU_nQ0
zI|o2JoMY}fH5_+VctM(dT){3H?%k_wbCatV!xXxD;K=@@`6c)abAmj*I#>)1Hq|8L
z02Tr!c*e_(IUCCe@Yk|ioXPhQl7&A)@3|#yK43W_b&HH9Gpdxz-b2g3#2$a6{1RyZ
zKOLkB6+9EUodZ<BCc|(N?p$O9?5DuH#=4xgz(3=4CJ%YKxAqGtzP>RIpk@f&QQeqd
z)aEYdNR6+?Xn+cZ`O{Vl7C95OXb4*>7YhWk?$22;D>oXPR5D2!-#G4lrErs&G3wK@
zj|5TTF$O}CzFK7&g<X+<lL;|n6^zDdNXUdrJIxr2zZQ-nokFr;F($_UbLft71Zj!@
z+Gm30=Ux3uT&zV;Dm5_+VLf1$BHT-{CP~HB@ZC93ue49dP6oa5)9padt(+x%4y;`X
zl3fOxp$)R_F^t1%5t3Ep45wOn1z8ArBz?Oj;T9{!z&bqoUKm-(i@|0Hl=<SG$J?j6
zEx1r)b7nsb>qhf|sJ988jYY0#M}Sh{!%?kRSBB--fjAv~%9b{`KGYX~)R<j#d5;FA
zGiDY0AF8DyKcN})wxm%KNU?F-oIG6-x;AoW>?#ix+sbltVF!g_MW@nM5P6e3G=28V
z!i*+UgG>X8fiuCFlE`U2zt6|zr4F~M3aXoy9-Wsj5%o4AT5CXQmLo)B@KKM+P^rdx
z|F^+3C~a58o~3Ys+(d;I2V|VnK)B@o@}^WWk4jZWmG1D03sqZ5R+W_PipIQj9F^vk
zzjo7W+OK)b7J()ujfQHaNAUwhNjex{N#R>fv>NQ=LyD#=8{KEh{IUDlt|+q+X*_qt
zM6avHH;Dl}xlc-gv-v-IwE~Y+n7ma1Du%J80m*QK_w&6TpitGA@E|;h<AZo|@KhY-
z$EBetLVsB5Brk56>k|HW^JctsXCV9JWT^U1;8zOGYTu)+nJtZ$1x<Af*IEfIoVs{z
zCeG&=<sydh3{!6?WL`ZPGFpN!eBzIZ^0n1m@|C8hbn!O#@oft(W!T=zKD!Mf0=ww-
zoIT?zUkb?2++hFsut@6oeW>A1wb`+`nFy_KkB9(rR&F~M$%RWPT)KYClF>c)`SN@H
z7G050EWn!>nA&79XQONn%gvZn=nf4x9e#vBgY7g&`EpdUepe!_=xQufM<Zgb#X!Ct
zI&GGxe627U$ejwJ^lC0tM>B%Ns$JRUumd@F01?O00xi_rA=kNY;#v~HwZkVl)u;PL
zt86`z<Zg?pef%8y`o>d~kk~}`=^O^DExx0O6aJ%{gn_Ds!SDdH<D?4z=KW2J=$miA
zyeSERk3(jzcUX=UA?4{-tKVYMQ;i*WfDwa&k1h$KmHOV+yYeNaL-3LYYq@@uA%nWw
zgnu)XkcO=*#^<g!^|aZ3^0LS(%2$IG^86&VL8cCVmTns?+32opk6RVz@0R(_`0)x(
zB$?QL!fS30TB`Ea`5ai9ILMKeenEi5tr@&DGrfnVe!U7{GhI42DdQ+NI1BUa42jfB
z=kgwQ23qc7zJ$SkmGKnSRY!6-_hz$J>EGtei=m+eeW6vQV=AqXQ_8VKGsWmz$2!eQ
zHe!vCSD3&_BKaUoICf&iXmF=l&Z<%Hb4&O$enZ+KdyZ`Riv7Eesq%KEKN=?A3;v_p
zvbf5!i3<Va+KSM|M{}0?PNJPZoR8+3cAO|RAO)QyMCdcdm#0pYBuMQuBB}frv{iSB
zxaA9d7I$1kD?tW+9FFx`KPkU@ss*iUS0ay0DlG<fmKA}VWWy{6Y->oMa{&wu*!tu=
z_EaU1;Z>zYu}A$ja?SPB#ho^S5}*R7Q%?G99vC&#tI%(I-Hj4*F1Zyjo8t&op-m4~
z$rG;BYSG=*hK<DnD~?*luq88+3I#6#=5;mgy$v7Slxc8u`cLI%l=Wl7GfX}&N;~T6
zzaMS-EKk#e%IyBy>H)ALCRQ8)+KN7;3d6|8(?n`<JSs9;leosQfrD8Yd3h+@$IuJ>
z56ar$(#La@d7hM&jymk}z^khbZ`qUW9I$dBDtf4og@m4EBd$UZn)%5Lo}XVqLnrBt
zLnmdGLnqjUR#CL^zQ$4A;J<|K?=0hTc&BlT*gCVN_a7J;qUY~7SY(&kecm%0C}j2A
zJG73~#-rau<!Y{4sY1bGQ`-&2edwC#h9ZeQmAx6-D{i=lGmdAuV~;$TrwcuDQ0i!o
zJerT!{&cQnTuI~}%RW;(p|>7+j}0&%CmvUG;7`6<`#G^5dLL{r#rcrUHuzsic4JW)
zJfVQVm``+*S21`|Rxor7U0^pz73Hq62?e>rujS5&3GKU<<qcidi|s#Q8$_>L73H>b
zWbQqMv~(O++@>&$EnSz_(OJL~!*`*V)>iGY?ZX{S$TH}hM8zZe2~bO~4e?Taja(;Y
zw8m|s-5=ODn%hJP`qSh44GqNk#uM}15DXhP>hHoMhG|<4N^XdhsJ8@8?4C4W23%u3
zBI6TV`1@;XuAFk*l2s=7kDyPHuL7}E6NK#uq0=Nz3W?GL7|jqYU6xz<NTPh<5xUY{
zDCwM|DOXMih2<l^X(JmEshtUi`~V}p)bwo0f0kO)LRTX~cPUa3V>Owr&+&5ya)(+g
zFgNfT*g-;BL8yzw8Cj!+8wQ0*|JnRGvd<2VeHkwXIb%f(0*UAN*VvGU8|WYeN}4SD
zMGmEh`jwF^2BYo7tLAFy@7w7hQgQhxnbJh#P3F9$!j^BnD`$9M*!IcJV-s?Vy`mBD
zJ9*?!`et6dy-UE4$F1&p@MMWr`%o|8Oc%kQKzFz2R{hf7Hk>nEgM=o_LkCbrEEGc4
z;D>Y_MwP0s^DJ)Z20Qjie<t`E#!_PnCf-;r=h;<!mQI0WIP-+bVP=PmpvK(PmSXh_
zKXq20^#?3AH;a)=eZoWyv+z?{>f$7qSezOTqSOmDNL4#j-SHg{sAQ-_UMDk%G2j{g
zo@SW2l2kc13>-imkcgk!m!*T5U8oG2xLC2Od9>k=>f3atFB>G=+TTQY;9o^3x$)Q<
z_KcBzW7zgkDmzzPs>w}SKeF0XWvEAqY41vV=%8m3q5?HZ2OtyCt)eNc%Z#;OwJL)<
z&UStqu9~EgJ|<Av>q~M%COz2N4BF1^xT0HeXxVycD_k9xq!>|gpS_9|hs-qm4V0JF
z{>4S=DY()FoiCl7Ybp3=zW7lV5<bdOZIj()*)B`6r@Cq`aHhR-ZX%N+gqI?rO5OYt
zXOdI;i4$J%S`&6Yg3wy&BU2&6#6SDz?jwDw!`kv^rRAN0{zFkw>xO@Fr6Zh{Y01IR
zc<o_LEKOVEL(Fr`L)GO}Op)Jo3+a<W&lm|aRb8j~ue*X#sg3v;<w9ckbq7ixFYC$W
zc4dXHygv8=cXxFHVIAh+_~9By-UlN}L{n{~l64Be2{8PjePw}I$O>QZvE(5jugiY^
z*sVu~ZsFOtwuhO97|uq0M$3V_%wN28?pPWfy&X+=a)b#RBx!lI72m6+U-ff0F9y5F
z@y(g-CvX@FZ}OI;FNI5tPq&rJpOHpi%wl|^>9BE|%u2C<ztXBh@kDFC^g8jHvr|to
z$#(A8>q#-0{Aw|BiIL;-a(!;}GF;a=FX}LJk>$)z{GU1>Z~3U@osTFG^I!!0b^@w9
z{s|!TV~wVQZu*$9I;~>q@x_A3g(vcZiTl<O9w$#_H6tM$x|7laAG80jg?>zxHg1ih
zFB{rgi=PN^J`TH)xG0qV91Qmf!0?v?lRqMYV4w6oFv1BWd_uxB{NdP(<oq|z6R#^$
zraWwPa?n?Gu_)u-#p%zr7+`#bQxtd4VHDwh{wS7U2_gf-JcbjC9W<Mu6I^!Yr=849
z2FcK)3iXo$J7|g5?9LvGcq!COcQ7!HKB7}ppDQ<Fk>Dl118wdk9V~}QbrQkn4?GZY
zZF~OJzO1Cn?#Ui}#iKkbH1`KzPCeYfAf(rpa2-WHe>mX%ni?a}*=EfY!m`<d551}N
z<IDS{HtlxTKJUzH^s9cL(o@>rsxH5v2rpn-3aq_ZF3gMf@P14Oor@rf3TjtME55m@
z!~JWLQIRo!gTAod7fx#*T<jf!?fAqecP~tjoL+f=&<}{9i=hVyePG1@x6toK00{jT
zhhU6%L`462z5MGk>*gPdfpkEq7|00i64f9?p%{ksax4eQf+<8A2|`)b3fQy3I1C`G
zU7mu35OC{2khkJ|{Jy=JWPIFUdcD`khvu3O)-J?f&_M(=I*h0(kLGKc`ivIE_*-<g
z6Jw~PGPu7oFN47^v(mNwV2uX9<|Kb}>6AUbr-32Y+}NEyW4-b8S#Ld7lPk$bFX|{l
zAV0mx6@dg#F%nk&cww;MnXyb3_&Y$mIIL8e(u+X4C!a{rEC%YXj~ftUgC8JU;|6vy
zXHydO{?bh!`UThhj6~ICTDfx;f0j2eF9a-1fZ=4Z8I3HUy;qj(p6WZ1Z3?@PZeAcI
z$zGT<(80&C!<3qNkR`0(B54~^*3DN+&8T+^lFgW2+96Q-7o3yj`I!2nRm;{V6*^NB
zb<wskm7xlyzNN^M)6nkDXp_EnF)ZM~Gq>c{ld94q(Y}jierQSbyz2K$YqfqCg-KS6
zYRC#YO!k=_>+cULm$Yh_4=vW4-(g=Q&3>;VJ@uo8xAJ-)f~*5BGutHjjx%}|PG-kf
zV`oq93Vsy(J{TcW0b@<<@O|HucoiLF+aQv?0<>Oe^3OLJQJB$z-C?001fXzYfW7Y*
zbGv9N5BK;WXSxGOq+f+{*HDHSaL~?km91g~<9CmKHPKIQgKT@}b>1J_Rz?Xpa1*{f
z+?}*el*pG~%nniaeW18gnBvPms~+8Kb)m;<x8iE<oQ(|RI9(MB`j0z9l1^5yM_#<M
zQl!o=0G(3VkB>phivOkF-x=N4Ifwsqk9)OTW}iFyo_T7Vlz9qt8t(W|t;{^HG(eZ^
zF)KiK_w7gYBlD6}E(WYE^AZ(rg%MAfXS|++E&uMp(C}GBbjjDZpuNmyh7UI&8=-Xg
z0O$q4*aFO8W2P9$1jx902|`*n<$vT|>ze$37k5G-FLe@xz8ms{UrR+uep+sXj%Iwx
zf(Lz6mA_K+D~xwM#i6HhIH#&=Ov=<sDpFjh;wxLFPAReKtGjhve}+Q>3Ee;%DkGep
z8~B~jYdUNOr|o`+=21CPBub<lo1`iz)D)y{1S=`>>bG-d+h5bP*rHc9jCuCu<C$3C
zFILuOMGffQh00<$GKbXme7&95RJmPis;TYR`E}fUM%FqCoDxC4j~X<#Q^liKS4Iz(
zT!jpw_vb)rd#XX-?hEIpsX0(1kw{}7ha)Es>5X@lQV`)7EsG={#zOs|!H?M|tSzA+
zRBHr}Z7<hZ<Ze^#fiKS;bM(!o6eseN_l(CRFV~O4W2^CBw3f>WTKYSAu1}ib#mo8f
zNn>aq+=#rv30^6DH?0BOguH=`TS?-W6N``n-a3Ew3)PGJv7+cENAxoga7q&8pe6qF
zm3<3+Qor{PX8UxgTupekn$TppuY09_QllkvnT<{|Roi`Te3=ivkk5kSGTX=aFV#8L
zW$w!?_|VeQ7^C%HziiFit?}^@L$kLuo)0b_1{@{?`4JPgTavfOZupX-eI51I{bcQY
zynL)f{JKLbSswE;-=-t*gHy9^;!(dRK2LQY-w_htQjWmsPI|@=_U2Fg(7C#ARL_P>
z<W4VZ?@MkDYmf#>4r+(w_|UWNuPYmWIDKXReBQIR9&a+LTbhJu*BE`a(`DPe6wj2Y
z$`D!AW}$Ke$x&r#TJ_#-*Ju;EX;f<WT=-d)HLb)!^^DkT+*Q_eUu<c1xYg&HJ|zl#
z-jpEerO%e!=y+@}F8ya|F15TkxdX+D1Fti_up6KKU~XiX12*el>M-oBUP@0Y1`X}n
zn+DmVol5WWK4e=`E;&owm%I&^&Fie$uiUn~j9e~9;!uXYP5CmKohd=(*$E9SbFdvH
zV$5zV9l5NV;TNDEFhjd`Ph62!$t6*iRykj~O}Y{=<=_O8C7UAYqH#%kQBD2zDBI$9
z`%iaAiR4UoM}wxH9;O3Uc1NSdR(2=pl1rNliBjd8D~XZITN_Nt%I$y6D65?lr=#32
zqj}pJ`zCqYtRLa|R+WkuS=hcNMpSTmsm79V2gY;CX{OJDJlfLECiy)A*9xtbBtkL+
zOZr^cASNZtnH&2Q`U0&FWdz%@=As1w0*mKS3?#CkX;a;4UtU0V_b6Yx-4>C{t9+7q
zCX-1Hg6HnZ&XYkQr*;%v#G{}|TRG{tq;WA@N{u-2B7S%X%*B`F{6?fqh=(a*@uZX>
zqag3%Anb0kd7j$RmS+qc-Igz7Om!<TDY9%kG>J!r$zk(SyiNa+Mxrfk%toTEcCJdI
z&H3_DqRse|MzZZspN(Xj^<kCdYJ+=+;*+wA(4&piY9YPbA6>SjU-BKU=9JZrpYpU-
zj_|X}tyi1{+VxkO1s7%J4tbeOsmiufjz7D}zEtk<O^CE6{T5)VB>l52K!i~VGJs~m
z#3?JG<6ve}Mg7e&_$U3*9OvOi%HhKIJ~1-DC{X7~!pQ_m=H#N+SfKBUNJjeBH(}m8
z?0FIvw9E?){M>j$ol66R;)9bsL<NdUQ>{NQOXHMWzhBlGC7tW;R`fYL)5iGOd6n>?
z=1i?I^(rZ2L=%CGR1~#v4JsvVZ3u_3MZlGMpxgf*Zqx_VJ{)c^Ug{Qg<48g|N*3&$
z%;@t+w~W0|T4b7WtE@I1tfON|zwchS>ep5}b5dibY19{g(X#;YhXGSLa&&(D@OmWB
zN2gICur31O98eqlvq0GW8)Y4LN&~bSeV>C(P<sxO4cozDfaOzzm^Qk#8QkGC+7G_%
zs3-^WV2pK#<!COA3Q#l<2p!TMG@~&{c6)^g-G}&DG8Z!8s{L2qPoF<mfP5NiA%9z2
z{1GAa3Pud+Vt)->cAp7~vRh*uM^HX~>r@Gf^6n>BXzhXoFbC8$UUDJG<MW<cz<t4n
zr!0(e^qA=mk6dvqEcdKKz*u)B890ogmXjvG-q;&TEG)A=>Rso90q|o#$T%3qf*IJ@
zKnf?Z{9lKI`e->Q@<w;u=Xf5i{bzi0u}7D;&-0^=x^YD2dwDXjr73RmP2XCSM|qbt
zH6_G`xeQNn6Tpk73{r+iyeK!ybB2(O`B{EM$_a6@Ei4rIjOA0FtmHI|+f9bg{LSDW
zZT(q$<JyAoJN4)DaEG-%29FsDw@}-0)IyJj*HkC{m*l9^kZwSC!obKVDYFj?Rn=*Q
zvg*7VphESKEbM8;ZRXr4G-+t@!wMIVd5029GGi<Qc|kelVpdr-y0)a=@?ZK`QRB|e
zip-E~)=8gef!jhgpNJJnLPZHV<2O=l36XyZ5i>fW2kW&&VH?z>h&ipH3?55HOdO0Q
zr{I%0XMw2tJTl9i+-8={Y4|@nTjTy;I$OPg&LY}fFy{C#dx#Bs50)9dnd|RUL9;0D
z7g$4sIo2nQTQT3<g@KTZ5<uj+P{hh;Ad*%TNz7n;IG2H;Nbg_-k$Z#zi$>kOzn?Hw
zvkv7rha$9Q=MVcEwdjtQsL#MKdAYMOx~r#bC$t7xo?pnhJZo<>)d--GY>?IDK2Bj=
z3X3`1rQ>X>G9kD}EPNC8U3r-k9G&XE)X+TG5Y{NkB%Z=0Ul2Ah!Ih>9Y4M%(vg-Hy
z&~MJUKg5{{K^oJ1+(6u5HVTckJcjmA(AHrqA_&Gd7@_;XArtWHz6TCjdvQ-Ag`g)*
z$N`{;ZTgILcz8f}f?#BcvLC-9^isUBP=_P6AG*}sR4hIp48s){jT0$MHD4wziplNx
zG`Mhu|MuHC-@L7bYq6Kr`8OmD!eeUTBi=p%est32o`Fb|h+6d?z;f;L1$upXY%(bM
zX2m_(+Ka2VGI9i)%fMNp@>>P>Z5qq1ZX1UK4J#Bj`AS#mc1AN<YEj4>Dm!bCg*2Z7
zCKXf&=Oq)7@4j&@MusDnJ*VZ4VZY>JM%n*pt&9j!uCGqdBsCkro}{c>YwCNCBi6If
zq!_bX!f7)Phn8LDZXmWu9@iujQ<^JwZe5TLlryQh3*<`}Tyy8D>8IY@*+ISM-9Rn9
zQoJ1SPoDf*^S>+tc2d}x_3GiAcwg{EAIP2X=Ak_0N;mRxn>>m@zGXkM<$6D)urAU)
zka6;aV6880Za%m1lxQg?Gi^@=+#6$%ycAg$!2?pRJ<Dn^jb+@_a(>#3XFX~yN=*TX
zid1cbLVk&3|AeiosudaRjq0_vbea~PYVv2t``J2lyvL8iIl&Y3dq6X9N9qN|Ikdqu
zSumrDZ#i_nZ0ZshE;D_(j?4anPLBiSXL~bXp~rc>B$HjqdsGN=S}Pd!g$O)q7*fzo
z$5NlOA=EnBw`r0omj1D5Yv-g%){_fgMTR#fCeP_q{{N!Hna8C6Ww49Q^&GFGy#LWN
zLCHu~*KI`gm^~o95*I6<jfW8CO77-qKC;p&C-;-z1vTg9roO=b4~soh6ko}Me!rAu
z)9K5r8xmIf#z~OVkn#6-e1L`hjbD1MCPSq7i_OoVzj>f?a-KIuPH?lg=|0vjm8i!H
zJlBHn1K2+jH;&eaBFvVJzjyPKuaqxO&Ft)A|C`~y`7N5C?pn{WiDJEK(_w{jR-h^w
z(WpL>rHWSY#Ph&&%0@k2FWatjt2bV6`fcTQVRY_1eU;-XXWe0y?fhIhB{6(<34G3g
zO#s7T?6owuol&z9!+q;c-?RCRj66UfMjLL1eiPjo)+6DI<AfKCQ8K!t;}!hMjx9`R
zh(L;iyyg1GPPXMti#hzhcmi!*avopWoz?%ibmmH9%EHdS9d|tD+tJ3#eyuJ`7je}r
zJ0D&KAB9_(aC)&Wxnf^ssy9^d{i%kWAPLkAZWIbwS~CC=_W}JS0%%No0H|~|);mgw
zegF?dXhIMHGmsWjak|j0j^mELt!-txJVV*3+ZN&RGhE*nu>1A6C5yqBo0&ss<bjaP
z^v$sPh-TN%CMMsh;kyc2GjV{t>-Qip4Bgqn>c1>^5Ac7p+*z6b!*XY(J4kxX3wqFU
zhazzJ3v2@W#J#?i>&I6#A)pqhnY;ETWRFDj{i9Cm3^I;T|KricnqW<JoRNe@GwFNW
z<Gs^oi!)VfS(epqe(r}AO2yT>^|VhnClg=Ff(7Gh7_cm?1F-Go=TGSkSbK?4q*#Ej
zw=IS<G;?f-FWu4`tS4d<vEJtWkxkMjjzus1f`q9TR#hVeigWM<s`zMuNIZ?I57EgP
zmFkhOYw1r17#@Yd&hf*~@LPx(XK%XK9BXu$kT40hrs2l$dl%ULjp~61eK}50@&;Ug
zkEl<8ZB#|S=|*s(wXD5MaYT_s$}xPNMUprpj#!kSLrso+z~A8K4gu>=$Pq;M`Gc^q
z9oQG10vwsh92$lJJ_DqpVyTkFdOR5~RB5uRhyHgFHWZJ7qOyJChU_@2Qs<H{nke*l
zDJqI9=eC7wBNXAzzMnPQW+%^34IW~<1=0d6lsG47DLDY!+_!!T6M2ACH!kA%X?TOM
z%bx%o)j<N<Y#}iVN)iEl>X3{>OJ#4)U3+g%z0&v*-pGW|IZ`buIh1k<!-a(pPfH_^
zbb6R}(OdAIGWO+i%VL3slfInfZ9_InHB?{sa^R#-Vdh2TkV4+4xq+x~$c(F^dS*Sj
zFdGtb84O5T5FsLnc27le8@j-Epe{_P&b2js*L+$I*K&}P?7par)zNK5Bdn2q-VVcw
zEFS;Z7g<!MfeTEp3*rZRCm9(O?ukH3mWYnjQ>-6U!x1ws5PBH>JuA2rUVkN;Z?zZ|
z-L@Y{Zi!@7tilx3nNd>xab2te*}Rjm{o+L0uZ`w=zu$dwjs=P>*1NNAJYAUd?-P54
zR`i*pmh=^WD<K*zR5{XggtPEMsy7jlP<!RG&h6lgodzgAAQ6||12DbtKmu&tpo2}L
z^9aqEpx%J*$lG*4a6arRISKgTw7b8RUCF@Bg*8<;qs0MreIgntE8%t}nsu~z+Rn|Y
zb6?tRKhHS=P0vU#)w_^7kZEe?HdAm$jY$}DRsIGL3sv+=|5)#_t7EpdWf}O&Ln>&#
zywiZwd+pNzH$j~TGMBQv5-{V~5-?`c8yu}>3Q~ga=Fmc>h-Q=+Rhmu~9B}LyOLoe{
z1$$>zW3inRYSGR|Ap{RT%-0(>2Yv@EJF95ezxTr-gW3CTH*90QUhIN9Vd@rwU0&Q&
zfAR}1JdFR0Y-C3n)ej;mw2-?8bPSGy<*`Mv2-1ykQwr8-x>*GyFbgh2>5#R_Ky^uD
z{;3iOrid9g|DuAHGAO4OW|Y>2-Bi^jmKjeSoU&H!Wuu%U>a*#@M*STk8n>^t@aBSA
ztL#K<PKY$NlT%n5%gd#EV90pp<&0G?d{KN&YXmZP+oF18e7LK&8Q@`Tz8U0zX!@gE
z0i)X^{Q$5))nb+k1gA4%k^CoA+uvoJmCC%MUgK$ECw)6trj+X+PWtU40j{y`5(ndD
zWO~f6iU}cPdXl8Mq^}^&**?G-zVYGQuy2DV%<i`<KB=o1n*kZ#8o#|M+VON4u+6VT
zoahc?k91+?w0hCZuMW%FQvZQ4za&}EHDC!ReeiU#!`>-o$P$j)1ZrkTRmwIQoU|i@
za$oSgi=p4$k+u$@r#d)W4-5c}u$DgnpBg<4SSmOu+WpLJTL-j?D1izHBb_Ptp(EJ!
z%6-qYXeGf|j`2U8tkdK`yX0v#znDKqV}R;Rvp6r#G?Bo<>qwEZIA^1K=*~PM3<}}3
z#l{#c-x|Q1vZSHwySCF+*Ih*A4b|6+8EHhD<Qk0w2Cl=}xmj^>H+^|>X*<FEbGc}g
zQiT%Wc@p3<lp`d11ZDba{K44<=zSxQZfUU=1Aheq)er;nu)SYA-p1*p%$A9F=ELo0
zcf)r0!+{C@_!B<K|Kk=s3w?-r77AlM$vM8C0X&Uws|>TJlB6V{JkoEn&XAS$88KAB
zy_*ai-NY<(XyWg@?hw2(3j{<&w{*JM0r3!X2a6BFW(Ci}9%cDN;(D<};tU**7@BvK
zQDg?t%541A)W&dRPNRc<JtWvf&$Z3H*biQcWLUEpI!v6HAD5#SjHQSB(`lG<v5p6j
zcn4`wKPFmtcjKgFlD(18{T;z?`)17;nzxwFh<Qa779GhMhMWLfh7-*Uqfi&L18MIF
zt+WLY{)SP)kY-v(Y1R+s2~?J&JBg3h554dRUg)alv@b<0o86+6Z+K$DMax?=Mb%R?
zeo`x&3&_t^lXfBUT&Fg+jKRw>;VR5UnZC^=v5%vj>;mr)nnz-XULpqxiR*I>&^i)W
zb<pD=k{jEuJQ2t4qfs=9;o<VvL_^`YkANpeJl+7sVGz-$JMZyHeAFL|r?KlE6kK;<
z_lX#6F$k9dcH%y8(R>^wX(hGfRyLpvs6LEN5vr{UYy_UAQb(Sv@ad?g!s8-{NyvRO
zQ8}Grj!oDVmV_%Unq?zQ7i~%g7a;ja|0Xb7HT|`FD$GMM1+4D;k@bjAHZw->P;D|@
z2oyB`z*fjS4#dS4=#??fe%b8{;cz%^Q22|<C)7ql4}V;5z5BvO?rkZhhqw7)j#1m#
zxya7OZAtXgtDDB?k`AF_QIeW&Euz!>4#lngZn^s6vh3lqjz#ZWQRFoUhH(nugwWU0
zqQo0lJHEd$BttS$i|+dWazS>_r1kcP=Jj!h-6G^Ip{4(O7-+&|dw-Zhsw)c!t7(?$
zY|T$QA_fg$4WG;YhsROPq+nj6V<me$@lTYoM7_Q~j-!fP_#cBKdApW+ob%Lm(2r(3
z<FjV7u0zM_-=RvjW%=~#e?k=!<3CUpkJ&_sG2jIKVp;-#D%}_k#6H-0<C|)pK5rcO
z0wjholo%*Gt_8MIsofv&dmrRXb_KweGJf>Ct3Wxqf*ocYrCq>huGCy#<4sk6EruOE
zd5m*iLRp!8#BY#7xYhbqt3%ZQwEsg?-F*8C9X!}^CyEe@&|iY;CNHQPgb$fNJrZ+=
z`8__?0V;GwNIzU-1XySWT<FZ>0U;6j=Km6`>Mjlb3#@$q0juAWk!W&(k;?=uC3!y3
zpzOVPN0=d(Jz}6qFim~~ZQiC47>;AjzWi@A++cC7JO1_H=h;<W$J>Y$PBZ8*+@5?*
z7hyXD!e2CosSAh%LcK5NfaRi%RVgOomW|}!srOF+xN@OQt<KimDk-K}B2itnX4UvJ
zH4#hdk|F(M;6E>@?XTta4T1U$qOHg{Q0PX#@{AnD0N1txNuV1T>B9ibZYj0#zuF!l
zD7|sza{u@q>YqVsVH9q0@JgWGz*!;#z`us~<SzWeLxn!DFlmTiDM^AI1*ZPZ_s}o?
zcewHoz7dojE6ezAa2504;R@q_z*Uvtf5H{O6_)lw{uf+1#4b4d%`G_8ugZ=zIhvaO
z!&a{VwmNbqUHpfwyb<8h+e&<M^S6m7j#eK5bVW)DMG+E0>d27V5rjz`*cwbC-OR;%
z)WHsJPp%FKd;+Wr<9(i6<MeTvJ!|>O6SRS;0F0p74iU^epFfR=$<(0v9xA@bYax>2
zmKc<mf-H2eAUc0?`r9g3D+IC$&cu`;qceo$HP)7whbk_vb$alXCwWNazUFYf07Nl|
z$5RX_`iVW6$KqYi-UGm3gImgPR?Y2#T9|tYNkM1;@P{Q#oxFhLplbY!us|%|>KSyv
zu-2XMLtGDqSGj$SP_Alsw=|sq`THjoA`}v6>NVf#3Q|KLHq97b^bZzI?-&5W(ENii
z_xS%Di)3In{D%n)uPq0vk-a2-VArKeS`P41)hC8;it(B}-@muh!2;CirfBPDwmeo>
zgBInVy7r4%bseL}<CS`uy7rHC>|awPYm!;&O+-uV$mUsp915fr_XjlMvj-wtd`Aec
zA&K$7$fkz6_@B4`p%s20F{lqDwtzW6&K}LYu5~uEasS<d>uhpMLjaz@WSSUM{OGLq
z@f<v+UF0w9#)b?TP*+cdgO|XOf`iwhrS`sSo<qmbCF7_~-=#?(zYRQ*w1c+jz21nx
z%a3$Q*m$_IWx<x@W%2ntALF=S-lIvF7g3RnVU6JmhJ1B%Fph4KDm^w}DHfx^H?Ui-
zG21ul*;W!(L3|(A&XGamh36C4BKf)97S%oD!&$XWKW^OkcF=u0)2A{8L;$`lEKf&3
zp!1OS{>@a6<Y$F9nJmMq)exBUAI%Xn?cD;)sL`MUEzv?VPmM?w?#i+}6H%fg)i6IR
zR=(3vq|;w-!^j)Oh!|-g(9;$TN=4XoOZS@nEG<hl`IB0(K8s!$V5-Y}ulQwtR7}tX
z&JFmMli{HO2$OV+oigWT$1;Pe#(5}1Tu3wNX8==;3Nq;zC#(<nTl^?FQzHnv^}*QO
zgPZJN?>sf)MD=<C-+K-V`{w5UFk_U+5dC<~O<&0<=IDB05+>sP0I-XiEP!1WXuTei
zQK!MW&QoZ3*ZlSd^M;+G@mM^mM+FOq6(yqa%tUhFJv)VN&Bdxi<FQ3);fa&`n9b2N
zC`%NKb2>!h!40B`+{#Td3q}B()r66y>DPr(IqMC$U$fpO7R*_Y*i%;Qbcx;p_FL8d
zP+URBMve1s3MV)#c`h<Q?BU;tFE>oB{oc~V2ngQT$h4lXP;mY389ZQ+ATNk@VgFQM
zdJydhpAtY{Oyv0_-WSiU3K?$r(25yTskOqt`7>$O^7YB8M|YbPy+LH;MjW@1J@<sH
zDIP@K0F+G*plotxky{+CCsIW;LkM*)DL~u>nb>(~B&>(v2iap|#~}Wzk0K?;l>5xj
z|HCQe|393vV+sEG_uo0i@ZUM*LbHBoI;_$GoC6HMJUq&}p23m=F$kirTy=twbR2vC
z8LH09z~fBwmu~K$)E~!l1A1n`x=H%6`jLkQ`FwBziH?*9-iJ=Txh+aI?n!5138suw
zA*DA;rMxgm|FAq7OU!05I0V9gOQepGfXd50d+xlrHiPw8?ii(!89WbXpe|M-`yE0I
zX|kn$P=4L;UgNolZ<5>b1UjQV_xQ-}XG?R$5Rc)11zqN^0YMif+kb*CQ<6a1vltx1
zx+Z1<u;qI7)YWRA&Kf$b&g?j(JfG8*6U9d4Og+&VM6xQmE}Yznu2jgs1s@nF0<+H7
z4qkkc0@O^~axI;WN&Xrk#99+wBNAP-`ACNrBNG;P4kjJV7+K;PSsqO~-*Qn@SJcX<
zwxKW5=TpG}!W~cC^{nhNeoT@LaJ5dv>Wghr^H=9)Me#U>*gUI_eYG^F=SHtq>#1Fr
z65DHc%fl(!nnNs@xTjj{+1bzEJliR^QHnT`75`OJaz3olSzT8;T{p7oUMl{52Z_$y
zaC=i*Ywi#ah2@-FqrqEpryq(%owZ&}3u3243@Uwd+OKtkaLeEl0KJDFS!V0>VHlB`
z_!$<a+CH=Db@VTwagRiqpy)R?E_s0oF<tvOa;{pbUw2)Ol5t;gB<$!f@<H^edHb1S
zqVa39`lZH1qv5-Wt28^O$;?fz<5%-$lWe<}YUw)9)&Hy#)s<v!Uwwx|8O9M~3_Rg^
zD_!i`CAj^61~w=_tY-<PVi@nqu=AE4AW?JRcU~zPy;7Xke&*Q@*YEdeuVZJqQkO0Z
zJ!zPk3(bdtAu5bG(O4g9x`%|O=^OkCdAih7;3tQi!c0I0Noxc_<UFCeK?P1~3kQ~M
zz<<RI(+}qX3r!2bp$F5UFUk?SrpE$COw5e@tSpxREcQH--;RYkdOpJR@Eykz8WKum
z3YNw<G%TSzvfM)PvOU7&WP9Jv$YYVHoTyO0C|u!?vOu%H#V&e6Xrwa$f?VmxDXjf`
zHuqP|e~M*KosK#blwIv67VilO146;Tk#E-5XKH2p_7zVLs+QlGeJ{HOyaovG?2tQ(
ze1Wh)hV=A?UGr_4sD%^@MP7TdTBg^JtDM@Ls~-I_Q=as@IqTL;RsHg10i_~kY06A;
zCbB|A!+u)p(iFPSUW1KpK>Nlk-T#*A;M2YUMWP!Y^sV+kX-c;FUpqMZVD-gWYIvf!
z<p@A-&gc!+>w#_k>HHhQ*>?`qKO#O6XYIrJKnqPs@I!*-X;&uxt$gH|ABW-%oYop{
zKO^IaUQ5`ClxSO?SA$lMHkyF5=Nvs3p0Xc~JaV;&3d5kk0>K^*KM8yXy2bpuOZWof
z8%r)WUtm@NcPobpW^tPE+EPh8FAJ6^LG@|BLCn&X%j}Y6-Hhs3Of7rb6H<rmXF*z=
zMVs{IBOMq%O_)u@wtmg@;1#_3VXLfAl81~AR^3;C+?F<;ofZWMV+fZ2S`Wg%*O>;n
zLEZUGK$-gU%K<~;qvpslv2_HEiWB^gQ}2NOgRMhE4bOM;_<fD&fdcM#d6q}xc5a;Z
z+_l_bzCg$4B=_2-o!919PCo_j?tz<r&<`l$o)hWg0zjp&e<9e&HIRHg;51S|ZHRuD
zLht)|t+zU?Ti+9s;Ty#ftjp1@ee~OF@p?FS>~+)+9}iC#6?F$0nR_$<RX9w4z#Q#?
zhxx!E9~T>$m!=L?cyySlrpJ_27DiiPsQ;J!X$7XUM*(9h@2~JizT9@c?ZbDu9VJYy
zA<9$u_8XOzpFoYUxvsnGlwwSz5_MUXvsOTj_gnML7HteEUj^5t7XDT(XZ-7RLrvJr
zV+}K{&B}`VYZ~!r%S$YyiJ)2mz&tQI9jiV}lIEutayF~H;ZzViG=_`eq|<x1Mgs?z
z+g`4h+gkab=YpM;J)f7y%fL^RJoc~ZJOohXq1wu;9`jf+mWt>QzvzbMUE{^XRs!(s
z$(7zMxA@fP68+z{)pL7l7R@FFl7CwuP)_@R;wZDnxEOP#C5R5=v?Tk_!M}kZM(cKe
z7hN}cO2F-?dNez;fd0Ya_xO<kOr7i<0H?nw^VBg2^fpp@!3(^(h{1PB{qxS(8y}|f
zQ+C0H>$LZPkwN|fRl%d)xP?S5Y0?x^*gAO6!=eqRM{D91f$5-{hAr$3SjeE&IEBlx
zRJ|Z%N2xPyL(<gwUByAn^X;8LedvfA8@MAUzVq|*#?N6h<urn`+=ZB@t^j@G>#B8v
zYUK~pR=4yPS1v8{H4oh%54+X-k<OM{1-hIP9pdY%pAQP1w5cRC@yBGp%FZukJw4mE
z1OqIB)>9;@%3Gc%K2-H!<e3BPkre6nD7Qcfh?&o#rEV3d<iCK!JPl_JYG;A)9x93T
zb6sQjTin1ZpI%Q59zpV77NVA$lIxtjJ;5%fUXf2U9SEnVRJ2h|87FAZxEh*kTph-r
z0gqPY)13>Koje=q=-n#Aw3xvS)b?{3)kppLbUCyK&-)J*G@CJXRSq`0vlVSu5ndpm
ztr&zQQF0v9s6NB)id&d4EUKoo+q;)mqIvXuUB^W}c4@nJy%ApzMK+F!=S!A48Y_&n
zlxY6`A*d(;6bN~nAlu)L`pgO1I8=1cwl+tpjI^G7db+9U(ymT?eigD0${c6spWb=T
z_m95a!j73w_v66<YmUm8d#zC=t=iYHtww21!qUmfqdt;!Yd=eTVL}Gb2F6Q82hXkb
zFYg7Xg=K2)ksR8Mk|k26$8jaa3q-rVuA3b6+fSCbKXO60-5|DPxXk^YLpI+2d~RZ}
z+OKc>K<|HdM1Nm5y!b8KHTAsjMe-SZ?B{=A#|`UbR3L>}5;hLlZ^+6;agd7Bgf0b5
zo(QaUuAf3Pl)`9id?m|LT9}Zlg*v}!RkRE^uK1m|gd_sZlu&~_D688+r-q->>~cTD
zTSNCiyE=X=ip{Mjr_i(vJL0(<vxQ}o9~hFA>G#)*nV6k>*uutQ3L00i23-Hs++)%r
zQuVaTsuD`UaWPqxy>y`6MJAbWzPalXpV+!tX*dgCF0BK6XiM)sl3hn)s$fF&*Y{`8
zdv5-mC8r!)^ovnvA@c4BxH4ds0%aaDJvPBmogtNpoKUe0HUR@5?bfTK=)(0&>olwO
zaE<usNw;w;3*V|qK}t>jrvv$sNX4WDOSYbO<C?MM{U^;p&PtxoY`fEve%l|HQhmpm
z-sO%8j^9PS(qr6jPVwq1Ae9VEKeTZm@H+k2eiABB<aYWNE^HR5?3$8#vFeE6`|38!
zF0RiGn(Zg|Qoge?K|ArkyrfuyZk&2{CdsO;>umS(wj%Nc{pDf5F@hua7Oc-h7P|O<
zNPEkmIM;0p7j0aF2X}WTxI4i;1b4UKF2UX1-Q7J9+}+)s;J1^t&e`k8t-DX%9}QLg
zLD5Flm~%X1yg3RYnJ2-&q6*qAqq-S)A3&dg+qoF+wIol{Z!BhBjcPKlQtoPYM9rvY
zi1}$cA8qAyR;&vYt9o2Z^4nx%4?lZ;AGlwGLXr49R>f)7IBh#RATDTx`b@Vy(Egbl
zl~;$6iv9osyON$^nluLC{nj&2nV1YW0t<(#F^UxmDd@#y#5=P6JDt>$($v~CQUU0v
zKoV!&^RaT7T7YNX$NFuv>1?IErXX_9c2yK`Puq=b+1bg-?_rg5MV*d#-;<Z|hD2!^
z$&6gG4@B^H4}%x=tozXp-U_~}jfaSU%MiBN7<ciKYOCAxAR@wwWe;x&kiaeB9n71@
zMiX(^qc-g_UVkj;&$Fw!wb_^IQuQKSk(SlcU{X<RG4^C$Amm}IByhLH^{pZ>aAm~`
z((__0b`3g!S>V9h53a?BA3;6Afsc<M?D1yJJU9*z1S1mdKIedmDP`sL1Mr52hVj`@
zI|M=BhKZ_4LVkBOkZY+s`$>ke9L6QvM4qT)%)Sx2ff|88wUZ{EWHDDT+u~#p-a+}m
z><Nn>0izSUsD6CP!mv@da#uH@#@Rkak@cm2*aR~Wu}=`t=q>gVS^Kd&+W(TyzNZJ|
zW)i*(WKuOVldlYUvZx3Yc)L3~5*@bU=Iv0n==@dJMas1KI_p#Ab$wH|un;7^XL8rw
zv}vg}adOoBh@K0KM`$6u(C8o>-ng;&J+)_^emkYncDZR^pV!?iO;dsz^A^dbYQ`jR
z=<HLkqt1>TOcgMYjbI~-#jzOweo8+-YS|1(!?BbjOM*-zD53$2;4pz;TaV|(v6+Xq
zXxAWlogG_3v-v&#ukFoFR(bk=`!bCy_8+J}wV6v8|Mhde1bsSHRL_>_l;tSBu_oVJ
zI2<DKz~4Jt+VuhhSI&5Mvme2-plvG1u(+Obxq-}ot!%SX@fm4DIKHxn+kx#$0R;Kf
z|Dq2>5eyx^f0iajd$E)%{2p5ncI6%r(3FQV+aT8t2uqUObMDhK4d4s=z)l91;)Ow7
zPe^ID5W60n`J4COyEhXP$8j=LA}^{uU_z;M-Ee0^b}uF7FTlz^^#@W1+Ho3%!p-DW
zb8Hf5ZCT|SsPJe51Q!O(`9>iW?MMbGz*P&np-Zy%$2cl@>YY~DRCW88GTjelm~}M~
zA4<{RSju!tq)g_kKj#hnMg+vAr+fcK1foAM)qU7@oK8oRWlrQ&$LWI@!wOh$IDKqr
z>M?uz8%Q5+c`tvq|3&>J0Eah)jM-B9=}G-<Igv~JBkz%x)}NU9&&iOfn9hcSO1{Sj
z53ND<c1{qrfAQ!?BVT?h6#WxN_p4&U#~0wicK&-Q-64Ac`xj-w|9g1hq@>L*4(nc-
z?FaeL?my1Yhel>|vnOY->{<JMISCfhtjD}GGa-f#2xW;(3j8}%t^>%OlxbUbyy3I{
z?Qsvri7s{qcNX0u{H!gHvsQaqs4ZW5U(Q&UEUNqG&~mVN?)2c(aJ77Kb|(7IKso-`
zKcG1(3H7d@t2O9G2>u)S<52PqVLPKN;9{9%bZCkY7R7;bE9A0K*wdj^$jS)HWHimx
zNAuq|x2qD$HqdeO{Q{XV{$14E4x8_fy`3EH^Y5bO-&g-5P);7I;f@~WiT23__NIHl
zA{s~KU!?i{MjohC;4=TVHecNjAZp$Q@h{Ze4_zDr@zXAS`+vgb=37WTf*~(j{q!XS
z0zp1k3kx-Zrdo7Aqi0P&zcBz&^ZRcn+Vna+1MRZX?u=hD)W6h~82#tmf`3SshqO%`
zTz&Qx)pPusKRgW+z)AN8+1&78!)V7KU{7@RH;tb8XKpDP*#8NskRtcLy59MRkXVWX
z7Qbz81@LxmnIArrAYVXCQ2qyx4uHw|#Kq}Z^L`1!`HKFuE>t3XN(@zd?-*o?`A;rA
zBmh(2Sswl7pIo{j@g)(^{7%NDXSM{#?Fa0GJc8P!zFZ=EfOd(;=b25_?S=oMfcL9+
z91hT$_cy!n9nMei;yjN@wU$rimSbOmX<`4)^#aVFuLASut}_MdfAZ&CFUq80Po6<u
zQH*IOJz>m{D#d#7Xo<N%_xoI5FC2Os^*h5-;;-b3Mzj!=9)PxDFZLa2TT7@zzqWNO
z-l@K5QMC)=Iac^O9T=47cSD|Zcg3o7>V-h@hmn$Ic5(MT(%5Ah;I~mp^Qv@>m|2=4
zF{R8^D)IhOzG^|ZfEc86MuM3TfAFl<Lu6bT9p`jH#V`=`B9GS%3-C7lC%+@S{uk*V
zD7VyL4ASY&h)7kTFqa|FV!Pcixx$3>w@2=#KX!z8ScyF}^(jJPqf8dM*l6q&H<vdj
zqfW$?nGUZ-jJ!nTkj*HFohWjDK4hVt=g(9Mlj$!zQ33~nO5qhuXh})?ve#h8H1a6E
z`fJ7QUIGj4GP{aTa1j<jTd^_&eJNpv91I*78gZ`sKqh5s=80^R!qaL+(2ov&iBV(T
zA8T^;3v}S-{(`sd{-R>?Eed16z4U#e3j9>XEt}r)e%Va`Ss9_FxK_!U1$S;Y#vp@X
zMid|KE0kMzj?7uvw|DIh8L(q-1JAck)hsqB73xB+VxZEqRoLR3k2%wm${YY?U(05=
zgkAxTT~A)KN&O(!2`18NEIz5A@g_Og-HOAQKR{G<WEzw*>A*anfkR5?JK`h3j$nff
zZuc;ondJ4eZ%#q3;7G0e2ZZ2|z>|@4RG^7SpR$tY-byRXM2Zd>qp6otlq;|>*~T-2
z?w=p4B@<G~$LU<ig8O;sEMIKFNX(^>B?z9)pyUfB+!MVS{aI)eWwD0B(#>L$>wwtt
zK%BFMp`epL-*=?-STv05)m>7njx|a7iPAuppP%sQ5>%CKE>a$4nTj=y!L|tVb^BFF
z=3zWmXeAu`ip>!3Vh@unS$&{*PoNizGDs%R@IcEvy-KknQCY+8+7+>RhKj_y&(jHf
zE738pPunGbX@S6UglA~1sI@ikxv%YdtGYk7W^fdz#pVlL@&xvfe99?`ocdYGUq-%r
zSG}kbpfmDCrKQ!{$GnyfuD&u<FMaduP!Dl^cZxBomovDVcG%?``^jah$49LVysvKT
zet|f`kp+Idk$S9dg+2IjK{G2U3}!qIWr(cGk5ngTGTBWmcg}^t!J?7n_h9iP{nub2
zbNY|LVx(y4<39I)8!Vy%WNcV$?ObP~RE+O_kW{_9Tj3_tx3VF<A9O!t_`1v>E^l}e
zHSw7PM+=12dzUZ0zuv8P-k)jTHtw{}E;@g0%VWK}Qg%UpRqIO(*=o*6t96iy)`YKs
zN}KYp|JLLn?kb1QcveK$)GLTk0lzmAE$3~q7ORW+Z1c)@_{UJ+=fA~249{K%PvDJe
zhk7#RAi1D~J!zB3Y&ZIOR+BEi_PC}%0o#%+NxfKo`gv*OTjp~%Nf7c<sm_G^?zda(
zB~O7e&qmpVuTtZFEM`S)TxwOJvAb?ftU9}-UgTx!j{ek2Y62}E;R)<bXkj3fQY5N3
z1~=bKitAIyXJq?|u`WzSIPF1Ia6f;CHH8QVgxHlYN-fPOn8g7kMvZxhY?GAN#)nnU
z2W?vJLpnMzD>x2@G_7W*(P#ISLROP1*o)>Iy{@Lr<4R=D`EP2S4$6D%KcC3;>;eU>
zi<$$Pq;E?6xAb}9nrcXO17q4|PWVr*42}Is6&sXJ9A+xb8pD~gYE!{kNfk<W&W=}0
zu4L6Contb+xX65+1<N2Vt@sQDGjq-h9MwqYeG|Wv*e_V%uvyWk<1av)pOV<>PWWX=
z@vT%`59|6F#PjZHS;CtBCtqxP3hM(Wx>DElx{5Y*rAQn2k?{f`U1_0Ft7O)KQJ4D2
zI*!y$IZMCB^FdG~Qt5_9F13Pn(CX^5LQ20^m@T%=h#$!WX)=8>T9Shwyjl{bS!{^4
z_fzL*>KN2WG583y74cMmDB(AjJ$`ZB0gQsvl0)mG;Ax-0UKAdN2V+%o4gbz51kEc}
zv&oVvE#Wvm-Lep0zGj<Aa&uGD0nvqHr7x|BqB3XS7jn^8VrzLO9f*<aZ-p%xIrP6f
zyid!UW9IxGCbFTcH@dytC7P>uopEu|!Uf`HY{f8gImavJNQs24cS)^>zmkSs=w_lu
z4Gv6qrO>=;KKfcRuvr-mC`<08-VJN}pUyUWoz~bvbb5tvP3d9zJ@#a8V`oxmZ|Efx
zjJPpUN|#$ODzN)Oyid7imVE%g1fcnT-yjt!oxX*}xn(4$e`+ro#U`F)z|bK>r`(R<
z+8b|VNK!Xt*k@f!Rd-HV@}TgNW@XP0x53w`R7p}in2%t(&t3g_OXbQ+?kK5mP*OM1
z?lED#Fv0g_>ryPs!wZEXO9zb`9twN$4g0qt1tN^t+w=nx3Vc+Ur5sE^>zmtCxsX6s
zCIEPwFDk+$YdX5URjhd2o_LGx_W?H8bUqDFROx>Ch@X%(2fpD~r^8!S)EA@{Qh3sB
z$#z-g$d)~EG6sEo;|7GNE@;=rZrrro4N9!#@K|0@d<!>qJw_i94aQ1ciE%8zBG}mG
z<0Z_?xoB$J)LH7ba4gNMxe~N7EWOezp;_0{QD$A0?oENSMER9*#H|vCiBfwDkjHjT
zQWEaEN7(n2bim4C5#xJ-tYIw4U!(gS9VTwEE&K!k0?l<yZOLYjzgXxw1<?3MVhCKL
z4QgGJBDb~_&I^bL*db3<1u1QBHNp!Y!k<E-J}a{o7ec|qZObMj7^H)=#0o|usqVnq
zL-Q$r2470opN)lv<WGw&$u&IEf59i(Ix~fEs`yaVvu&i<vc`yolQXd$AR8)Bm=y?1
z2Q9VSkpGZ#@EUus+Txiy6(feX6hB;Y@=YdyX8l1Ip+B?qhddR4@;RH}8}5Q(;t_J?
zu!R!>>cBaLMIr>a=+)43GQ1h~Hq1qzI(ZPgTJ+jidn=hj&f@S>>SF!j$0|3Ka^0~(
zF}Xw4UlZkS1>6}aePR_DMWqwmc=VDVlAuM2o|4f7$NNXeLuND_6zhl8x4)Xff8aDg
zc3Y@Dz}x^79odMPC4xFzlR~}Mo&UTl^FTMhH7xw`w*#WJk7soY<TxHr45aDl{7J-s
zSZ!w8^X|rt6}JD?Hnes{|8;K0k1%ouyCNEII{%Epe?lF-gRZV1XNHRnf0;+O+#NJn
zkx*#N952Zu{@DB3)qc6Z&5)1aGRW_3#W;gjo$He0rSiY24iFTendBbz#3+$&*RGih
z;V{C8opN*x4YWZ(3ey(ajhfCXvHJ&*xQJg8-D0A8DFaAmfrACb^FL~;R=wSeI;>s(
zNq3A7mw2{Al@FQvQ0_*bY0!9EblUS=_q&;RwY`%NGffK6htSdg5?k-vAnp2}bVsau
z=b6GrdgZR>66lBjn-$_|x%c#!6;c=QZ(1SR+Biu6$CfHTDfXesmZkT3hzd#Or!NEg
z1ds&jy+psAkVdHg)d_)L5R$`AL!7qRBJ$~ngo>xb;t|>G7C!HNCNe^774j9oC<?kn
z#trz<C3+hB1ZoJ4<?V^571B6Y3ojXgvG;Dj&IjzO8sD34Nc?4`xjbx00N|8$`43Ju
zdNuj!@1`n#U{e)x)kFVzH>3j7!<jbUn_R4RK0Fq=2XuH<-~2)jDB|=U8)N=oZB_HV
zn{zpfZ87jnzeB9t|9xoSL;5{59J~K(XkZiiGc?S)Ho^U~waO6@*jg1|`s1IiRR~;v
zwN?$=VfC?h3x1kKiYB-$97aOw!Mt=A;Y!8eP4gc33z^;Tt)-W3`wN)`QXPkae^VW^
zb%t)Qbm1z$iP;NBrm4TE4p6km$iJzM&{ZJS!9gv75;%Ycq&hBQKmMjV3Z#<nq8@_;
zL6Knu-2Wi6mJ;O8&kik;>|evsGr*c!oZ5R1*S4qC2m%%n-{WU%^35M!r|_hyt-Xd_
zXaX};GNN?mAw|F5kY5RWMovdnhV6yHt0JZ>c7^Q8eFz<)-&EzwQa&dz-H20Gf6i16
ziN&F47=6h9Jzm_21P~&U5UhUXD@5V{p*~9@P#lKX16tHG=IaT8xSbFa?8>jPbqnM@
z7hUu~@J26YX!>y(V7c_Gsv^{mvK9tWBurPgsc8%xR?G^4O#}kCivTOel#u6sWRpdh
zXVBdp;A$!5jpvQ(%gRvJ@H@&oa~HhBr;t~5>c@iyCazDP!Yx)cYnE;4g>I~8pQj8s
z7<SHYs6?#o(U+YE{oU;}>t3mEz=cg=5=z28HqEluzUqGM3Rzd_w5qNFo|DN^dk<R{
zJ*WG18^fm3SSYiBWM*V0(Rwn)<c1;!_b_}){FDTTO5F%W_UNzjERh}$aw=vd46>~!
zU$g(Y$~RlX^OUR|zdAyx<~b10wiq}XA4i`V$U1V0d)GL-`EJo)O8#@Nxa3j6O{I5O
z=c-}G7m43wO<&82B`r#lT$`fQdgrEL=$+iLVOcx9$PH=<L7xVN^n~arvMD`3jiM`Y
zFIJVv+XD+CIh>E&B9%I^gs>%%iu(rP0}X696>?=PEW0M1e$TOzuBt$yB@PF}Cb`hz
z^W_ct?xp8of=X(LsQE-r0AbNSh<N(3!FH1-%NYdguCVsru`1fLFKT8B@<Vy4G*g5R
zQG!RHvcILMTBkp(FNsQ`NJ_9Kn@;Lalge&j*Az|Y%%>ZK!_OnUswqDheNG3ZDF<*?
zIQlbPQlK2eP4*0)p%?F$P^u@!cg&Xf$}+}+KW8|Y)8izS{_5Cu$Z*}V^U{9KaU|D%
zJ1t(^YY)F-C{db12%J*ai&We`Oob+A--*hET1aK7NSIsZRh3~Z*=PG^-En92iH4VZ
zr%9PH(n+ze?8aj-#R+1(LdyNR_;y9=MLlHrhj0zX0{%BDxh<19rRL}_3utmX7)-i0
zdiUe<*OumBm;@3G6yq*ed#ioDD`(sZs{3Rt9k;9wyI}9JVjc5MStBRRaiPvn8Y%LJ
z)?8WH8D8}>@>f%G{L4oaN$ViUIz54)LyBMdVPo3Bqm4OMF$0FAr>j?vu4_x<)D@fX
zrjq6|`kZaTPx~1`d&f*d?XGKIJz@bfk$lX8XNM&2_)Am43c0&Y59Mo$s+na@?id7T
z`y>f7)_f}3an3hXd}%H>CApZ5zKOuQmdAkj6bJAJ^42^`MH<rNOVZ>ECVp5miQn-t
z@(90}Z6rOK#C0-!EX-Hk4zIrnbM{&SJxKDDEGxe=-d}`Z@#BQOYZ!gfG*0ObYfj|S
z&4gE>H~-K?T~wC#C)~7$c_aHzx&mz>F~OtdF=FD#WWjFBK~~kG^Fm|5&aL8S|1gS#
z#V_b4k)()n6G!RWN~DXswbnO>AkKLvSV<jYc}7G6(0*B1O1UU`UcLn`zKsJ?0Wcv3
z-jJX7=r|E`hNJD}zMA8WGE#>ayy;EklzqJ&&)k&$h$GP*Yo*!n-V<EVdVVFKP@#}n
zEzq2(JR^fGo_w4a-7JpAPG`O=JY0c&4!ga+Yj)$UiAplHyeN37ygvuLv#q6Z(<l)h
z8E=#ay{mcFW@ctuejyDNQ8Y%rUt-B?yabmAJN<ydyA}-gP*?jAY^i)iiNrn9=ZLx%
z)QxykR*!1PA5uN!O^gm=hLPT+xjB?SAW)_fq>TEkbR?D}_zM>1RDt;<QU4#s0E&~z
zUoS4;cJ?PW-I17dTX&e&DkbjZYPE8z2kH7pk}H;+14byh$~#+Tu0+))9|_{PRZZ7*
z;Gd=COg?7O{K|UvnA7zjJykNB4c3>Ydui6u8grWRX853r*zVgeD@R!6-t<_knxfpk
zHP^A3(7tifz8=BvG(M35JPmgHAV~LYFl*Hs6TeTij%X&4JfLU`7zBrLA^z-Y<dTPj
z<V-f<1Q~UQ{oc-Ou+lH8v&5#u-kESJKb&Lr)%%ory=MH4_KD-?2#1&}>;5%!{JOJ-
zqc;P#G`iOwvuF7oiP{Z8)#a$^F@x?7#rlhgoRaq?4!<oM6e*ea1+ZvO0@uxGd43e3
zef_nq`bgowl<SFa>BT_xq4Lu!xKvW~*ufSt#*r8`Ch+gIfMvUtT5^YVQg4o_fmU31
zW5SU51<HDTi2sG=ixbu7*j-`E8BiF|bA4dDFUOQL49YenLZS7uEqbk944#P0Wf{v{
z1#1O+X{DFksNnYaK-$>CA?lO-@laDVeOcrP({MR=hjs};gJSu0wqzz{S<Lq)d(}Lp
z0UWx5Uys-a_TC!<;YM{1cc9pJ{!DXF`teA;l(;@6)pOsWbkQ>WERdRuWuw0iw5xgh
z85P9Qz*49t@{}lg3W*k)+)*f+%jYUPdTi-tfsYc3LjhAx`hMzJgkIuHvROn>TPwGb
zbDerMyP04!8L#j3xcS+YuGk6>%gHZYYD?62+vvhXce$>-R~LPyH@p#1a#+JKIDvK6
zvgcT4_Jz6kw1LZ<$-FE?;)iTazLcwAwGyx|aP|;~$nBxecrP?lU`MUYU2MYH5}`iZ
zIZ%Opi0G}_-pzt@UR1co3MZ{k!f>gCQxKAZyO1cP1^kt9L@|v0sYFxop~e#Xq-?^>
zS^mZnBLrj768y#3u_@uK!nxS7Nj=fF0LepxN-EULSgP2l5}f#QIyUKA$wb2i&)8Fd
zoMi0DMP`iB^apN|xgebwCrPK|gr`gDhOa8AOuA-R=u4^Dd>$i8+yljSeEJ~iKP1wQ
zS8xw(?8-HpNk6NUk`@kWl;saDirT#TY%H|3y?KXBnU_H1s(I3b?x~;-xKowwn%khM
zgtz6Q+7uw#{)o@!t{#yQKwsiC9l5B8`&x?dF&E9bfNxdGDj7Wi_=oEP6gd-64;2>>
z6AlZRb-!z-$D7pKzycmN3A4{zr+Q$+-u?p*gej(Zd(KLUONAST<IEPKK399xgrN;a
zM{98EI3!w=s<>*cZ0WIfbI?ghkQ;AGk{v#-`H<h-My@I(8xB#h2u;m|a%@0EIcnlm
zgM`80ox~>T6z)&$Mn%A3<2S-o;(XV+obW8AcDA7O+MssAv0?4DK2~FD&nlDhekA!-
z>Tcc<Jl($3?z@c8PW;gXPLXN)bv@@ElM4f@0w@oJaxDTvgfgq*Fe=|gL5mpmfQeJS
z;$k9A3Rqa1JsGil6V-xQHI)mwj)>%i@{df|j?zF^^u1x0k|2*3b-LTMm~uZK$Q~p8
z$^@Za>=<*?<gj@&S$cIf3x!~82O>!EHj#=EaP7GuzOwJcorVG|3C*7x6o8p@zx0-R
zoZEDis=(|PM>@0&sd>R^ZAFyS{p;hN$JuOi`brQD2Mx$9J_Uk^O0bdf5EX&t+*PTb
zGwK{``bO<|*1I2X)X1*X+E9TeWGbWOV65~%RE2i6<zT2y<Yft&=bX!ZCY4g8D0PsP
zd}dp20e-F}mM{PXkncr9%ioT&*ah5K;4@9~0tOt8%w;lpC)f(z_e+yAb|5Z3;FaGi
zTH}aH8>N<sJhdc8o^&<_4vY^tAyMZzW^QT(6IG2%bC?jf@P1xn(_=tivhLQUsi)Sj
zIweF{GAUp)ls95CT!_{Yb`HHI5x)0u(Kc|7Si-z<MH|)SR4@M8rmWECyp;FVJ)%13
z?5{NQ*Jog^p8HADdX>Wy?mhC^jP-K3(FoJgOgsW}=((8F9QS7x1GrSZJXzv={X}?u
zp{JsT?6c{z_zWNF5ykziEp`N4*%HCn8``xiY7~NP!eMTqk1+%rB&j<qq%ui4RW{C1
zk@a{XS~L(U?wKHU!+_Qub}%4=W`L<qk~W3rr>P+Fpe`e754yzZ{ateAAZ*|ou?2k0
z)JTX3I|Y6?gFo>Rb}Rze!mDDuj`uBLcQDt_6DfwY1}U|=NQOG|*|uT0GNE?R8dYA5
z(|gjFs0!gSn69@NLINdM7ES(updWyhr23ga5VRt~?gIicNl0GxU#S&_|46OSw*OA8
zRH%ot45K}%+VW^n`v1MKIO0qZXQd3`AWDJIue4Pe1~mUgf~u!}+Sa7YQVNk!btX}e
z?A;*gKM(XQwaD=Mp73}9WI&CW+yp+Cz@cj*$JbjN(S@!v1lp>QZO|S|<V9Lal^XE^
zO_@vNdeN!g`;Z<Y(rP??Os?n#oxg^7%jcLOyYD>9BvFXj3u3>WD8J!;H&>7!a45+#
z+*etoUK-a%GPn%(QxA7ruI5FU!ttf#X);VRy*6?*qTil}myZZx@xAi=7Z$`;dnF?v
zVe@INyBD8aLz=wvz){2@>U#`P{n-iZf-<TJ1o*r>t&)$rWT9G{IP*`JlW~3P$qP_I
z3rD^<^J-LF7g?M$_jPYkeopZ=PGG<jt)?#4(fD7&*N}By5FgJjMmnKLP^inUF=j(%
zI)zD?#-o0ws!Ncaq_$|-i<M86qn7E=v?Fm{Cln^+z8H_igasvUI*zgM#HzL==-Wfs
z%jN&cV6)tpZfCZ!rIod>Mj2MKuaBNoOL1`i>TgGS=r3tA<*4~$6xY@Gg~zNbK78I<
z6L|Ec3vuykgL;*?wp9Yu*cy3XgJYS60XxI3;b6JY*QVv<yV-fY4q1kd##tX3juPe5
z5E+o!=}fVZcEdh3tD;XQtvib7KSXcd!i=OvX(Y6OZD`0(|7=5>!x*(}IkOXONlLSh
zthg*bAV|OvngGBFJ<@B}o|RDqtfe83C_k2v2XO0XUN}y67dy{ID7m}>_ckZX)O64l
zKdHysQ_i6<#Pn*Nx~fg$#rKL_Dguv4;cCCEilj|2caKM09{vshop`CTJu))7P2=&k
zfYNB}VKt7*3`Zn={rQDJ%iheaJna9g3oXLf@t<9217pAh(Bhii6tWn8*9eEpZ(w#X
z%e<B2<-wy0EqU_*!q9*jjNFyq|2jg#mFQ#9BwwAJ9G>GkZ;%dLu3Xj1NoM*z?z0Ey
zDc7G8H0y0!wm&6kA0^!3QBA_te-{0{MT(?_9joWwcZ@6jy+z_$!?k4ERf^Pffp_@5
zLTYOI^<OK{G*lm4|LYD(^1%^FJ+^)R?Z0-NL;mhMM-ha#-}PJc^0Se0`<1qP@c&kJ
zE{c#Nn9gEUxOklWZ#SStS7;Me*_Sf@-y6_^Gyh#%T21p`4QM3Se;UyG3lXt?H=xPF
zn11O6L97nu68rl6ZgR1)veI1P{dx8M?Us77<fbm3PFGYiQS$+J$R71#u*8Dv>^#&#
z-4;NKG6rG*k|%BG`Q`Z=Aeo1WBeqomER&)pL_@uqj&`%I8YJL}nE3e3=fjga5}ob$
zwNSx$%uFx|+-lh+zw_@+>0wt&BbJVS9!a_dZdOp14!ap7_d#xahS2KX?&zf<)?G7A
ztZbV3?<b!hirr_qrj-_`=bHkj3oFteZ)U}v)rPOSgqh^xg3mxbara!{$Dy=Lk~xPq
z5y+H2xg)*OA;Dl(9!50@v_g_J-C4jb$R752DBGt@n<R%&Rd;S>*fc{n#+_MI<OADW
zPDa?cT|48P#(qS|!g(Mh&GrMJ+^^+NGXOJGoe-)+ijTrV#nIOCFRmv~IM7c7hb^)m
zADF3n)O<qyLqJFdRQ!;=Xb%!48Z$ZcsN$#)zqYEH8Ir*ELmR4%eUM_-L!hn3I}Wkh
zeayAG&cM4w_kbxDFq_&LR(=cUBuJ1O%Qf=Exua-qITFFPF?z+i4OLbO9=^^%{%Nw*
z|H6Y5_-rAL&Z&bFK9u~+x7Zf?V-)ris-Eht%Gk7FKwfWfSx+e}m%4~a?)BzmDhes9
zm+OejFQskNj2beD@Yf*Jp5ijDksLW-1*jR~Ks@Ih9`I&#qV8Fwxb!n}NjgF5%OtDX
zhX(#d^*h()Sg4Ol=Dbv{QK!U&4wDSI9a;Wf2{vh!&XYD<5MQu9e{-F{9WK+GeUexg
zM3;0VuBwzgf0bCjH;L6r3!hsy9ECKp4H|U#ltw~72<9FFclc-^Gl;ts&-v+!>Q`2}
z5@>e-oCI-^->)H)6MzRf9!T%YWw?a<pmV%d^X4)nsDn#)_*6H6G-MrK(HiK=9@z_O
zHX$8_IH}g6k@QoMT6Wh>%Bctaiq}}f-qSebeEKz5_O`a3a@8-(O*>qI1)4XIZKRaJ
zFA`{sF2lk>3H?!bo10NmFWp7z*WEl|<KHl8y*Lqy&Z#q-TtlkQ>7g7#Y^~r@B6vi8
z9OQ(vPVpn1u4)NyKXXc&E-OPi&`c_UPDGu;;)7?BXo6=VxUz3@8Ke7~tRM&$28W7F
zUF)Z{`A&D8yLX*|z!cZH;;;f{*^D|66zG1wq?}3_TIn_T&Y|b0Ji7|jFu8Jxn_kw^
zW3_8bTV7rV)thOxw<EV{EL@PzPd$4|51&3CP-P_^<?gc4=*eKh6fo&v&4~J5!=%#V
z=nOn>T47FuDRewe<Q%kxL@`lm6Hg*uxg@UMRMmXG>~2J{kB*CXcoYH~IhG+VGl^vt
z)fwAPi@K=SeL6|hnx9B^3fCy|V>OtEF_LtXAnoIfpOb+0WqP7T#>tDK$I6qZt6_Sw
zlt|-a%9|+Bbj1pbs`-^q>SBIX0@gIR4IVylkfZJ~O_5Q$N*=EBV=+)l2(C>bus{z{
z!@UW~0F{y47k1i|>6h4;<EHXRvhN$05csQ8kHEX8KKLs~zU+#Sx92**ejk-r<cCIs
z7f195tRIgGghiln4{+pV?J@WWiMZ~U)0>k16bn%l8-3FLWKID9>0`g1*oJ<9w6#PU
z4(+2z^=?j2Ebv|pELsgIvueZ4-77sw8Tdq2^=pi3QgYxGXoSRBNPjYmP=v(QXm&RB
z>rlPnB!DyyZHdX(YD21mp4e}(;{IfK{Y=7<J#hf}N&@*z$}Q$(MR8Nc0(vYN4QWfp
zz29$*Obc?`*CFkn_3d1HrB%|Ap}zMt!p|h&X9)ERb&Qjp@z*dy&*FAu?g;e+E0e+O
z7;1p!kEUH-rVN<wo3f+^faL>d;EzIrp8+3B{YEsq72Mg~w~sO@(znP=Mn(=;3NY}+
ztl5gfW&%c;hBtx*Q6c`rw4I_YcfvFAY|Y+0BmDxZ;2H}^8vK-7V0#O8g=X-^bVMx4
zY+Kg9dkNBJ3$2(=giZn0;{G2<37y9(>uU%NCC=yl6ha@vA$!!3!yyHQ&1j*&#Uj)b
zLZ8bFVou^Yu-+h}>_|*ux!P>HL7KfNA0G|75Vp{1NJjUZatZk_Ic-HU@#N%J=5#Ch
zBmrtS_zf2htbiTRQ~nU4Dh%dW(a`V`tc0I|4_ZId5L{3{1c@QL`XFTB7vo?UfP#Fb
zo1N^_<un>VKs9<W>SCnA;nF4ul38FHWH?sO$1w2;)CV7&^nyTwzTbLry=wZ}cx8d`
z34VBu_=(s55Fr=%%7*-YWr?4tMQfNsG6j7bf8w>{iS=ERMXuX-Hw--d^{+M}AZu(#
zZddrz<UWKBcCe;BzV?pIL~1<Tpe1o~5yP>EGjRd+<4*7IH*&|1&&J;jc;pXhVMXhQ
z1wBnY#)_VL94UXZ8`3C<895^73!G`OZ#W_r$Y)l>%NGU7*aBr_tUjuk@Yxk)>^{!I
z%d;TMMPR07^XGs`FmO|Z>^TJ-fi#M5q&|s6J(oHp%bZH!W(fHmIySacCV&}p7=*$(
zNPjcn`(C&P{0t`Fm*_2*e((d#fccvNFDc;2{Ql)+j2H$`SbfVj*g`hOneI{8X=vk4
zm1_XnDk~$4ys2IxJ+SUe+EQ=-_mfBlei}8PA~p=HU3$bR>r1^F>ISt^$!nT<#qnP-
z^|e)4Phu_X><Yf`2{<PXkD}T(7K<=9RXcw22n{V5`%F0DlGAP2nB7c=>5!u$_tX<7
z=!G5x;Y+`l{1lB=WiAzS+$69*nEQ1M9iBFYDGt;kLjbhLEJ2bmQ@31m$5-@KL4n3N
zA{IUTj!fW`+B;BA10P<tZ%(o0yc#PtN5Medh*p1VRN2&5Vdi%}UgzP<XPbnw3{_^u
zCR-u;TG5#TC0ds%8bQh*Fl#qgSgq2PsruwdU8og<N?O92pFparKr{U+<B``hm^cF=
zoVlE%5i}NjJ@|5>x!O-4E4xt!kH)pReXTK3IPGG<t*xIH7C>5Xebdsu{-S^(k+vV~
zcLs;*NEB<o9<*XK)2daNgXa8<^m)lfp5w=L<Xo@gGi`EqjeJIpY^YB%A^V`AR8<X>
z3F?t^m#mZI!^*_`7=4J8deAqP(gKL0`LaawY}9deV2?DmTB)-5fP+?9BdpR~UF2+*
z`66nrPo8`!v|C&HRFoLM@e+L*!B4RfUaFeKWJhsLT7#`Lh()J(#F^zQYenJA&w5DO
zzPtl5AF7$>9K!qy4?WqCk`%4ZHrojGDzTMLu#{SoXW8xJAlDbQ(%;HUn02%QbR7}D
z52{K}9;T^`Ob^|stoBkfMz-4E+K3)jM9z24Pcj`^<UQO@fy-mIRYl+(<~=;QnP)sM
z;g}mh$$3e=S1cwj3h$hT0G-^YTsp^`+_@xI&S`O;)<t2fQ{6806Gg#C{}Eo^lP5RO
z1TIrpaJ6*O>{BHXB>OgzlqQZ3vJh^B?o1YmPoHYc?~HcG=I@*+gls2dT-$vG^(RnH
zT;ufwvB~Rn4V^^VF^9Do8bBNYYdytDpcQJ94ky=#56`duQxb107Y{e@i1&z3!FeYB
zQ(K36j97O_ViQk&Q?{%gfG3wJ5Kzo$-jk|ywHo`6sJ&m;pPf&jM3DW#xCqmCyTj^(
zzZ3&M_I&*3cUbL*<JHMfaXuu*O2o)0I%#g$Ifn}ThGH5Qz_(TIDF^C{+~yP!?&-r>
z-zy9b!n6M+gUMtTF5>h38y`+Pt{hbLfuLVeNSFwKClo$2n~Gdr4ngs$QI3*O8N?lN
z7#>uHyA#gpmf|uJWCXY0C;LjAX$V)QCafEcg&stB5>)B9^%g7++m?xoXZ?FwX{kne
znk+8^p}O|n{*OEEdtBxocR!-p8$$99%3Ot;NXO&Du^i9FJ1Znd>v%s;{8-P}Ozf#n
zFitN>VsxZdn`|VC#Q`vq^;dUBL6pxAQ0bFHH+^75i&c;!-?pfH`axIX=|-t)V5+eA
z3r58#ez+W|aBrOYSVguw^sg&S1jB=#*i;EsOrE(sB^HW>-FovL<2yxhi@O~!!(3SD
z+phZYMNZ@S-}KC5laDjG3J;@AtP6Yp6b1`Y*mH&RK?alH$1^)GAIndh41O%$WiFUt
zL{ZZ7?Bm(6g|ifw0H`nHU&w(kBpiZ&+892=^{FB{Ct~MZjPusNU`>|0BCF<396?1D
z3S3p$8PZx<5SV-yn6T0>9LtCJ0!ofZ3>J>27OMEGCVh{j#&zAN07y3k9BCHBoRK4w
zMC-80Qx5yERd+jcwl~Ebgf$MkICraEl0heZlAPKxig<zX<fqO^y%}j`Iu^2Zm<eS@
zbk8rmQ29#|hZ!2<yk-Owzcl2HBv<}q=GCZyT+~wu#ib>Vn*OxfXbb@}mI*ww@G+iq
z#Ly=P;=zUzCA<}9gEzxQ-&u_XvTR-uF<(7gmzMq^sqN@n<fSG3SVZ4zr+0}~R9aZ(
z!l_M#M>Y*KPMd&DG{1v`4cU&Zwj(DX+MgdeFKXcG7e3y1nlDUkcv1R5&j|yHt3-aU
zFYhigfN)xm(y8-x!u#zeYy9~kBksfHPSjAQ%jie0w<m>wuvqrTLBJ0#XIv5URm-x+
z2D3yC)?yD13dyg*4vMV3IIT%bSFEZ#!Z4+x>|0HVm3Gk)yhcz~yActR;8)`@G?P~u
za4SVJi6ZkbeU)&yZh|<E1p4;(a1J!^t6bONuB8Q+SzkC%r-Hne?M$bOAZu)*iA8>t
zIPB|0#C>@IWd7)ek00U#wzggP3W3=u9vj6=$H2$)d?dXn?SQfm9cBC$-<Ln=OPX}*
zix9_?A^*mak^EUv>TOYc_+rfMoeC-X7h?c6snKqfXLLG8l26emg;8iKvI%IVs%NW<
zPO?zApkd3k*!p<%ON_|V6;?tpnab|_3&&WukLP|jhIOhJ=g&MD5=s3VNBJYNHD{ka
zTgc`JLq~*Ind`-2=50&6_DY@sv)Y7TG#za;uKHikdVUV9uY<0DxtqE}Ir>Z#M{p82
zfTm!Ht5Gb*bFMmm(@4$#`Edyw$NAA7XS?UiNc0uoCv=5pTHDk^3>%~3m_VnEk#54R
zoKcRLUxvpeWUMZnhkh-6If?4$#tYgqU_LF~TkH(B#p}aR@|S>MfJ0v|8zR^DhISa6
zPl2V-Hd9K)BL+RLu-NiMJ5*?acW$sMYoA-0)R3;bSLk*5i)*oOX!N6WmWY|+@ou_l
zx|c?t0WPG*`|SRFIPY>4JeyjK0`6%J2wydC*)gH1t@)|KoMr~b;>4Opl#%4BLS99D
zDq5^<{j*CKByK*jsvFswqu-HlD|_w(*!NHes!K{CP&riA@T_cS`UYiHGAwLo26qZ^
zBwdlKsr-|hS)3W0j=1!HgkCDyZP@6ncs=+8@rfdsW=~WIW);<DndnUbdNLz)ia+iu
ziFSnkFd=fTb3T;Io%21fWvgRrYQd^Q)Q^Pkr_J&Bg*;<9Mu%z*-CvI5{IQNrt(Fdx
zq!qnsU%+O|=_D0C|EEJ4ExTnMgK=Uzo$*h&YCmK}>_d0B$%i{GecPb!l2s$fi`;uC
z3c-2-mSj$8Q^p$l<ce-{eee*A5)KsPw2E#gYe-ePNCY|eMb0rxNP1L0;`ByPE#Ir*
zZajr!X)3j5k8pac0NmYhirE$%hZiWEw#7c7j-!{8?q@3#@O$tbO`mEE!g9#y22MF$
z120a*I2s03)e{p$-i@_WIaL)#-t>#DVuOrsml_1fSaGiwpUf_ewRB|=Qgp@)?L$MH
z5T=Ys3RXhIjq>vXUl2!F<tf>rV;<E`>*|<SYUwxRw!0WjS`z6!G<^=egf%Pp_yWU0
zffQQ~Ii5i=Gs}3%&*2e@@+4OADqb^x?iduqhBU|v*GOoMwKZYRB*9uK`i1r6wTKrf
zBxu$C37=1OI-4Z=$)k7~YtgYR5<kY#SBcCTz_AC7U_A}#pJpD4U|m|UF0xt=)OEpl
ze8fGB+`*Mxr`aag>L|xKg2iO<fE=8FRG57M&rxczVmDjrm3ks9Pi;=L00fX!%t^iJ
z#^l?fYG3&ioW<@bMP_jE59feL9L^`#t>UFYEeZ)YGXX`I0#Hc+sgWP3BvYAGwBZD}
z{e8S(tT_mHtTh5@M~Q_Vc&yYgyo6Nq$7n-==^aQ(xSBLz(43kQE-Bi0Nbcuujo%ar
zxR^900v4Md>j!wO2#titcw**0h=?wT5S@sOLqL%cJ<`e^edAQw1O_=o4HNKLT(Pl5
zH&7YAno#;|lAz7W58(7`3K=6?^sW)A`l}N#=(DZ3orowVpaG<?DUGs~(ct61YYZri
z_$M9b%p(6f^%*Qaev$?W?Y4$ad|Jz!n78hu2xdPsHeO-`u&*7Dk>?aLaWI^~AUIA#
zI^5W^)%3_V%%+8;Vd!&M6v;0SEnnPNnVDPIxkrBb#n9he+NT%)N?EBKiD+n&0#65O
z5>`sIvpRcqNk*Q?F7EqjBM>ZZ$&b5Hdo)mW?+{81Agtn}3slCgkH3|1ZnRW`z&gNF
z%YoJ;5Vax(UhD({7Fw=s)8dnvdV|11t{0_0x`W_wZGY^~>2?#%Kf0Jqp+)zPF8&DA
z#oI^RN;!~1vcLNn9M`-DI_6%#7=2@pMTyil3<F4Kh@|Sawf5D(Xb_7{3>h3ImRpaA
z6jx;A$?Y@NtaS@k6%ggOdzDze$x#?-eDkHTWlK}Hq-idvuc|FKXn+{$t&sH5F$o`z
zAL%Ha(5P^{kM(YJ?%S4(e>$$)`|Jm4lsw9(#nHCu!cDc3qZ#~5jUh(3f_g9Iou$(7
zi1YiMO<5z{Z)qEJm=r51h6;)6sVF)*F>VaM@s1T)0cnBt!>Rn-l9eJTCQSz!a|C|T
z34T#qrq!}@n0~c7KBza=s`L~aBL_1>5XDc+Pi&)HF_EuvB0r+GoAbDHmx+ZJqv77^
z1l?kCLG0ov4=R)1`O8P1N%4!jyIJnM0Jhmd#Ps%{$G;`3g4S=zigy@R$Z%zwA2rY0
zXpCoW@bEOCnFI?wG*i>1;>2Q7rLU65z!pdbaQ~660(@BtKXBiua-p~k3}ADn2Y3&C
zz0*mYBd0_YnWMFYmIO^QC<rB&Fl`zut9U?ApjLs$)_>gr_wUannU`D$=zuOGUJoO!
zI3OjS$99Cu%bYmeQ+a@Ov(EeU^y>8v4Bx)rKfk_o`A_LB@_Vpj;YA_>{6D|z-InvO
zenbqO5O|-rct2gL^MU)3d8amBrrv@8vt@ej*>(p`93tq8i!5ig8F;#dc|4>Iokj5A
z2CwUAqCV;`*^N?1g%T1{Dchk7uu|aP75+bq*%$86Um3r}>^S8AE@q2q_I>~VYT4EC
zlYePh*gsk}%|3<*7Pkv5Mh<F?V>0-|slG4D#T##Oc1ZCvxZL3m%vWEf_B@!}_DeK@
zZ6B)<4005a&3@5wp_h2(j~Rp;1!_kSb>NL$*W)Pe!n_2`5anGRu;@Zf8%J8HICRtR
zcff@&?=kLCiG@jX(`U08H!E>u!E-4^a^$$ND?#((Vtb6k^VL;LK>~5Ef2mxO4JpsR
z7QbMLJ9HqZ^&ar4GVN;te6%T2^h!_gADAHLIofX!nwSIUMkHKtnkxecHXkEd<#cp4
zHZ7o4Ll6+}ce56G5DJw%V9Fy4?EM22h{kIEwe*E6*k2T6H(XOrabfxA^7n%mEyZhb
zMb<x-zi}}Cb@}V}KbF5Lk$(%_k3ZcQk9q%7=&t-NbfxoBt-TL&HoeY@w+m?MudqJw
zBSYpVu<=C=!F$3m(paY%nK9=oe9f`0HWfw0*ecd?l&t=(ew}@mhhE|>Cyc{Er}-}b
zY=7<E6zF9jt#O8uEJc-kw7aD-@-V}Y4O-#^nL?EW>t3b^KQ23<(cha*>Xoe)(i?3E
zK3fi&3Q$YM%cFcO#z9%INzwGi$H!aB^KYdyU{C8l+gjhE$AXV??kVnqds<5pccQ<Y
z&&rsBKJU3kxTD4l+|xdd<&{L$uZJDMhBpoq3xH%s(jAQ8J6t&J(!?icvcofTmaYk6
zy?Xd1S(2YvvM%f#gjKcjp>o+Li|G`oz&XvO5)`(gVqAYoAY`+klEz1@5$Jp(sd_Au
zIAgQb*K=jZEE>6Qaa5`}+&U247&5$<)R?Ar?x>5mxQYm&E1$l`rk^S>Ywg*0wM@fT
zj;%bmM#hY$+MVq5={p9aU;2_nq0o&~Lt<DEseZdrPeo*2lubTI(IBtDQuZr8jH<Gh
z#ALX$NTgru_W9L@T8VKspeo<IN7Z@H{jh4Ng@XMZkl;=Q<Jo?9?Qr2lVxP*`1<Cat
zSD{Rq^nr-SA>oTz#Ce+jLPF=AeS1LM!@3?OJb=NaXLIi}=QkwXdAW6>b2H9`fP#_z
zqS}x5zze2T?0I7AYzdVvIg#GNYuzMH#I1b6E6`qKw%$=$#LkiGVCyy`WJFYQ`yD-J
z-Cd1qK5+fIo{gE}-d>Hns+VOGsu(q<3U?Qd*L4A0I<^iU3a_K}7WWMZzCQx5F+9C4
zwVK&qe<r3&%6qO5y~&L=KJ)Ct{~^n)Z%RFteD}mYD>LrY?3UgC{GsdD$=!y|*JSaP
zFx<G5ux6ixA?V%mtc);S)d|s9FC7OI1g(BIC%74fZ5UfEmYC7a1JjB<Bb@{L_B-5B
z-zx3gU)^d5!$|Pl>RbuR2~NC}mKVNx)w0};sv_ZI7~HayHU4jS859<q#qXC$11bo<
zE1YN#>WF=F&0Z9a53Z(_rLx<?4o<T67e)KM1!e64q}pLpGjGXXP~6Mk41L2~mv~7}
zwCj`jA|E_HA%-P26I%7RZI?f-hm)@1RemGbwQGsWarK>{(ckD*A&H3mLUYi|oz}p`
z*whH)wSzeNc_TepYbn4gmF2@I9*I1py=sSBdr5R1sFpt`x)t+6MQw>WNKxiA$oQw>
zLXdH;eZO(6+rg_2nw8h{sVQp<<kG|rKp=VO$hoJ+{-BJ%j84AKk-P$-{ukdo5+<nk
zaFKb!xlcKQrLDFLP5OM_^cuv{&2j4Jq;x_&)j3+@x%eok`MCr@`KH6j)!Ggvhy#af
zi>!KDbzPfv_^l0CDal%t@&xCoy_F&W##zg!N+0Wbz&ls(deRVBpJyRL;YP*>`Qq*&
zkm6F7N-L!e8%vW|pkK-Z5IiIT$4)gYpd-ixFh?_;5U%_iA(Qu6-RI>2UaA!s9Oz!D
zycTsPR^3IQSuNE;ycX58)Ex&M7LRgLGIem;^)M21mL^5<CjwQ*1}oi5V?K2N&kB^$
z)Im!)BTW6VLFYoJ>we%RbqrSce50*P6itlL!N#RU_QpW>S~_LCswJ!yA$=jekg%Gw
zpkwv*=<m&&23(!zy>itSO5%eEZEF#0qxibIm2)`N*R{_%&e!Vzmuuaha&PA)&ex{?
zJl|$(<2F9c$*pf}%B|Zh4O7U^xIRDV`E{QlU380+84q4a2%Ew;wCcS?nujF0!Y?)B
ztDtU3g*CD*9pA9C_iE<`o052#Sq2P>ng0Hw-do%dQ7x5Y86Hu+{x0D!cF}uM44;un
zf?@xB88suXLN7tIL=T<ZX2vJ+wa4I{1X&y~%El)-_Vo-3M`#Ip8pnjx-;M)($C?zM
zWn98&_F*mAD&|b6+)iwyUM_QylLTAXKggGr6_-~?*q>|PFp>+KrLQ9y8<2psh|SYy
zW##YxWBRgB%fOU!=XDkVfuGR8gwYvbV6w<+YIzDjIId7$R>PuflAh1%9Hbb_)4-z4
zK2(T<6E5z5Wy)9xa5yeO)>Oyw5VPukOwO@AL}9v*7GIikwI@UF0!IoI>wf&23^M9T
zaYpp+P9+OiIDkQ@TnOYDyi@G6BF6RX*1ay2RblkHmItV+CJc5<fz#ya=^2Sw>KQ>E
z<@qMqM{y4(HWH9(O<V9MuWh%=g0uCI1f|;Wy?}w?n-lr7I|Kl%j(c@3h$n=xmjn!N
z^;}|Q{c+MC18j{GzU1|!08GSsHb+AiH-Y<Waeo#Q$4`0T0Ae(&Ivq1c!_3--V0&U|
zfXF@!LdYy6II%@2!Bb*^nG!m%P&m<EV`!I7woH9BlLYAvj;ZpP8_S6QJB<n>RBfG%
zaiUM1D6f8?G^SXzK>N;?v<$6PB-po3I7sq3$Th2$WVi~i>8LDt>#}N0Xh*8xIVdq+
z(tXO}bjbn$eRLC(wz>o4wiNl8;ix8sf`F}N;L8s7U}*!2`Ye)BgZ?(9Mz{JGu>MNo
zs<z{K7&ZMZ{Ss|Yb@(xbV%BnIj2c^G>Ux3VKg|J^&sD`uBW&_=Vwz5dTEeocH(Rw{
zu&uSG?SF~TAkNjG@{@jpbeE29bWS12wG?TJ$unXw3VQqQG1>Pg9Ks|LTL%{Schawh
zlH(}Ab6e&G9+aPQEq|60hpG0_B#z^#mW374-m23@G=jgoVc$B|!R6W~p0yb5wn6O7
z{&cC=qyI<%HXg71!cwVuBoK;jS%&dPvJYkho3j4iMz4$yB26>jrGJ#%gS!VvSE(9M
ziVY&UBa<1JBJ78!-EKBw$DClrv?M$Fdc^6teWkJr6kSkWqNf#N;PxlpZiI;F)F`0!
zw9JzHXy|J<>lxbSkME}W+=?E|_Sdp`nGRs_FXjI6FXjGXzu%;<rH>R*C;Y7e^(4$W
zn<2Hczb}Swd1?UvAHp5SNLco>HvXSoGbwb4_xD4=ahc?<M_pfpNpQtJ!(p%%VI#a#
zgsDrt4Z+u~sh*!PyvOoE;O_RWj5S-PZmc8ZT=I+xU&Pieb-uXd8mT=k%(Hwrr(l#g
z<<iHCLZzkbGn^00Cf)9k2zNU=Ze=+{6zf1<=k^U#|E=V$@L#>UycuzZy`Nvb-ZpyH
zv-ywtKZYZUL;3d<do#Mt6GT4w_pnTMg#n<OeNHvJ_u9WFtVAP6_N+H)@e}%Cq5S~e
zYKPP%<$Vzn9SyvEw5uB06m<z2_>>HR%an%d8*;cjdr~0LB>WnUY1CnxGA+q}yZIC5
z6L*0BYo}*3zaa4B805D-_@}tOuN&(d;{Hi}M<Dl~BrehHVnXyNP<lSF4nRm7F%;OG
z1b_)aRv$!<B6sKSv`vb6gIz#pj|##=<9MSvjP{_lLCY}hfH6YgF&0!xGccxrV#d|&
zR5X{CrVg|&&EA0d4XD^eYF8Od5PfK;z!Ks`(w`0^hGo0>;n}#3yKJJhaW8NnR?>4o
zv_#ROfwA<x`-%pc%4*UR+>^719s}#jx;TX-_Z*2cCyMP2tjM(t<sTbqR3>ivL3ygW
zDVS>=w}f#*9=$Y@3)~ux*&8C^?x&S91uDnqjLw3RDdN{JQLW-@dE+set<JFSX?l;%
zx+_nR*Jil|xv-kqZ4M4~kU(m~`G2D}z%qg2U5Jo~L%ZNLr_uDce$V)C`W<q9MDn+O
z?`H(+cV_YtH+7(X&-@?yJpicR>B|45-(^S1Q{p#iy88u1d}6k#KO_D>l)Yn+rQf>k
znYL})wyIK<wry70&Pv;MW~FW0wr$&7o%_Fc-+NB?xgF78X2kntAy&Na8gtCw7>{5w
zs@uZRG;U4eC|U@UPB~lMD%f|9sQd_;9J>YrV+FyvkK@j3mg98_;RU7(OgXpVWR!>e
zKf0ZA+=Kb-$3MD#YwQoVH_76HL7f-n07{x{XZO9lU$=`g@;v&oTVxnvC`iTFTKMoC
z3G+m_mZ3&^B$qN)B5s9zT!83-wzA*FQY2Ac?Oi$lnB3@=)ldo1CEUMVYdM6&A1XUV
zx4NUMY@+?(cE-#ewV{**dy}Lb4aZd4tMj?N1T8W;V_gAHtC6#QY%2|_)P{~qq<e3d
z^5@h21*D#T*R4n6YFEK*5T6lTd-dHKV8uRlX0E&V${cT-zb+!h>=2V}lhs}c=#HgR
zFWBOdVpZg)^qI68u;^mlZ&+*|esoW1_4JcbRFOt;z+|-0kVWGOQa3KJEP9SiA!(h?
zO+Rv}2sq`8<>%}vvg^#sOb2wuj9w(LWT?D?no=$AJtJjU6=Jh%SB-ZLLTGK>R_*1+
zJ2_MSY4MZJ3w;8|Q^m9!{c7X$2k{B*#G!Q_$VV-bf&S4X#B;91@GZw@wf-Z=S#bU>
z$8oRz2RUv}+4QK&+eGnjyY)KVxg0fO(f5IIKy`;w*&(|eaxtOOmBZd<8?K|4O%l6L
zp4ssX(XP+r)(Q*37}GcEc~j?dhj1&`-%3HJ!XcQnS<?**A@13TZBpD<=v1Y>)|F?o
z6UT$BlcQt}){An|JuHXJD`#&5r(E{)%6+p(Z>oSpbOlyRlK=&7-RnY_+4phvOtf22
zi&I9{Omd*m<@CChVlqN1z486?4Nj10d*=)o)mHLjZ~ITel|w)On$kh)g!TY<1s^Vv
z8Q>!Gq0U1#{^2}5!F+{esaz{H8bz;aJw47CLQvd_f${t{dB5^lKf2`*g@1t5#uE`Q
zDlJ85LW(Fzf2x^(<NmkG?>gq=_4sE26i@&b{4Cd7(5Ut8EMf+P@hGPt4aOCHm4*VN
zw@B*}Z}#EYCsXv4sEMB2b%EPogj|EoUh)~s(~dfcvY$2-sa#_E@qy2zObV0@DCyT%
z3g#@~5N)huHL0Frf0X;)<8m9sh2}^r2TmvX!{@o3L8qnlBA~Cula*Z?;<FQq-I+ev
z@SO?snA9TCp(ao5bXxZ3cNext%2No>z>SKyCm#*vhMqK?v14mHan{S>hMsVcao4TB
zRY`5<l3?G)237l*)Wl(pi?edO#Wa&`mq}BUa#Ff=6c={;r31<0M6T7rxVkeeH$AB}
z{6weNT;$~Q?z)!_6;f?=&um<3fUlT?ZDf!8Pb09Up!P13htYMqWpfaYsMRH)4kRlE
z@X2re_ClPE&GGc|FWoh)hCRcvNMNh`&Q$G<717~-S%8#$OJ(#QDXXjbr$znLV)QB7
zsGY;vc%x>Wo|%r%YrpsA?#=*bl+aN8`nR3<b>qcJyDPVk5I+CfPBg(kR}kM<o!!0o
zo!fN<IVJGV*S%o=%Y<A0F_H_B&sD)QST@eRZr4jlg68v;7P9-D@5U8DkVBg06+!<j
z<dK?MuzCUzRtBBL@emPPNg;~VT;Ru{L41NA`wvP<!-~I}U_p*-(u)<<Z@@VV{aTN*
z_Ks?vK;iSO!7O}PrX(QtRgnd-BCUv4ageJlCYoMch?lr1O*ARxtTPiLTYvNmrQ;$H
z=C$_XVQ_>5Mb+-=M#2Y-@g7Ar?lM%s3wE#%1+#3)ZLZvavNS;$Sur&Q%LEJ$E$Lgs
z54PcG2|Eu-NE%uFYs;b~yeNB6w1yLD6=46HX$is+sSHUI3-^E2uJz;foWpSP9pHmK
zU*F&m_=|3MV(*jt&w$Hs1f{l9*)ao30vBZ)a)9%9*`M2VUz(Y_5g{p1diVymnYzH)
z`M_j{a-N}-Z|TZA@9H6@)r|gohr(^Z?tU^vPpC&&#TdyfdWJ|=hbgo^`Q^toRR#pR
z`aQJ4<k%6D{=DBL6;=&4GVXWV@|$_jQDn4P;;c|$zPDP85EdRZ0dw>RaU3Nm*?l0y
zuW#+!PX3Sf-MIH_W{}A!)6Yz7OdRK-wzbe4+<U@vztIb|S6S|*dRNdc{lgubWx`Sq
zmPvnxOsn0+^apGYA5qWH(83XI<X(r0DUJTbW_(cF{4v4j!?;E(Xi_Lwin~I9>5Q0J
z{Kug*4ZEFxN7QX!IxUeJiv@+z5|2N~pLv=G!f7Ve%B-Gmuelr@ReTg==naL)1-*4g
zrCGKG1r}54@T}j^Josm!K~imK5bJ++n?*ZSs@xq|=E_Ldajf>T5mTO&W|BnrH?aeh
ze(7@#>~R?DP!jC_8?j(H`Ts;LqH_nVnjyN1=P*sQRM9mWaCB>(mTEM0*i7<<EiD@G
zUzW#7O1?efq(<v&deVJzu43Jx0#V0REM&VPvi%(UM@dMj3S+HC&D64NXEp>C)D)zD
zo6YNP96q_pr6(KaG<pr3>OPG);><igFQC-e;@tB?GHvg_hn9JU)EFpq?zW6EmDI;%
z4Y1i&mY^bLBBpXf^XPvR*s4-X5w4rf)v4>_IqU5W<U%Gab=klhz`w1X@OwA7?DwoK
z4<S6vdV2FWPL=7yH`anub_@OArgP6foW%b!on4%2L)KP0eQK8q|J*?)6)nk!pkeYM
zr1$lpLl^Dlka)zhejHvmsoelS2<3a${q^7QtP4KTcK~{(C<xn^hAi0KHAcL;7Uo*P
zg}Vs&q@$~wLN%UGiR1h}DbF%zPI|phgO1_(@5<GV>RY)QdY;a8{G(jI_xIW`S<xF<
z=ej?pE5{19ub&acNMCKcx2FNTD})4B_yYe;y<R;-LVo+u3^+tPAa!P+N%u6WHo`x-
z<~+A;KK-B!<%u8zmB`%Uu6HqMTo?kUV?6mG7~5Fsj(W*<LRS-^L`0U0bQuT7@Xtcv
zsLz97i~j!*6$rdxc>g9U82)Dy`u|K+{OkgX8eP3r)mBlNG~Bd4a|iC-E8`TeTCP2g
zh2BDi%gcsjJ{3g{N_Rc5(XmCitgp27%tbw2{YShWVrXRiOT5aU<i10^+5OR>W7^xa
zqX-Rc6Wj?D$Tq;>8pKVml^s?B3IlDT)=Et>^wNpUQ8X<;J!pTR$*Ohf;Sk^AHnc4{
z77q4%Y*x!NJ$d5wmQpGZee3>)DcZ!dNco*F6JI%MA^v4FpGNn->Yu}*9%FUn8Hbx)
z=XD<v0}Jmsc7O{(Q5`^3G>9&k&izl2F=}G&<?R)lolclZ&pp2WVMsD~SMaa!l^uP#
zudvQ}eV)OTo-=hCtzS^+a|dHF%~jR@xd8v{^?~Sk3Fs~mX*>}yEb1zhyBj0!XYu^o
z4q&M?X?v*oMoH3jS)%VbQI^^A@xWI4{+D*4wxrXTzZ0%6{Hk}Pguo>uvgus<a%P?j
z=1N<uD`*RBz&JUxsP-%ABo`<ZW$-D+U4POg2c15+5`^C^N7I<K8REt;--0UmnQFk^
zsq1nEYuFdiNhQREEly4(0JZPomkMRMqly%R`p8d0@MN*P6tgKb1{vrcqZu1ypqwI7
z{{E_m-nhE{v#VbN8~py>t}h=xU{v0JKC$x(2v}w?%wGV>Ot&T7omaQT1%f=#&#P=_
zC;esaqO_oUQ*0c=Yt#}a^YD*jeVeYZW%=z`%jH#^Bx=_=cs92g>)eGCs^HU-UH9=o
z^rIYOpV#$`IVb7oThFYlDC1gQu&*X-zP!{lZ9R~Ff5~d=m>u3<c!$<aSDVe7JO*XX
zzZacl4#qSUJ2erPG^ZC;n-*7;R48d43Cbpee~c1~bHj}>Y*pYx1RVA2%iZS<MKrcP
zTXrs67U236%6j2e5uS~H5e}HMt5gnKbrxF*BQARgrUesJ)<$tzRKnDu4qTq`;kFDe
zZ4g%^6s^2BTJJ2jbgH(tpD9;|jFvhyEXZI)b?Q}Wc29}<)INUIH2T!YeCSzGW{Q1P
zwH;MF+eUqAHcsm7&#X<vH7@x#_ED0!4<)lOyC5|;yYKuqa#x=#5)qO{!bK(P6Mau5
z#@%)NTeTmCAiH#d-};O03dj8yll6Tq;^4=kSvltC)#?oQaAsXyR^cXCp5*rOK?<K5
z_O&RUpjoIACzKjO_odfAv!`8twx27R9kZq}<GdJQ$_%<hio5I!{)OF_g~=Hnh0Ng@
zHmK|q9D4Xe<T4RE!0SP|J$H9SLG{Zg%-2|OL^1H9&-YvFo(=8QJn-g79CF7c3v@+v
zbtYXsk_&Y96eF1L%w#wpROZ5v>qS%1ORyqV^Azj;PUoTAf|zQL7$1!x9x770(c!Y|
z5oeEV@MLgC=qTN{S-dDI>Z~)7cNEmw3{*Kz(b|t$A3@~2?XE=I@|a$CBcC-NV|Wgh
zSwhqd7o`-@saJX5P%Sxe;__8{eX<f}oH5<XiRutImqS=;b88ZOeQwDxQV_>}P=9f%
zKB;{$l6oo8g2Q<+-zo5qfe!MI*@^2F?<LwLz<?0M`7poPzk9h=Vv7#+kA?V2u{&x=
z0ZLqN;0%?vI?3=OaCPzmCH{SVe5vF^5vxdtSs=7o#gakTUEdW&rPHb9AWOtVBp0He
zl1)WjfVd2)C{PS$k)$a`_!3_Nvavib#Nk!}v}w{Bg!@i&UFhd$Dx->}snkf^@){b-
z*}MBulWf7pY?RC*M_6FR=b&s<H3N&9kP5S<H@LD1r_BVue5njr_Vh&Z8%2gle3#Dl
zqlS!)uEwHrJd>p{i$qDe45htW#j|y%fH>Tg{5}19qUd>hb9w~}%_S4`DrtvD`RtCR
z@2hG#x#FWSkmV(hy&KcAlL{_hJQ(8T&(aW&^?Hjb`1bSFR27;&k4c(Fk@7VageaZC
z6_v<;EhL6UYNbTpmM-Y~R)%o2g<+8fqSN~XaI}kEbkvweTGYg>P3T5i5~bJcSo+qq
z&z4#mp_>)!n0wTF1h#rBFXen}7)grH#VP5CF~<xsBH=wT*Dbkgu<C?2Is}Jir4#lQ
zVxR^qUPR_FGf!NqNxpU&_v$Ljh;Krw=$mV@#*I88i!W_=>69l95S*J_>TgI%vMreK
zmK@|@tK?f>M`Y;crtlG!`fD69m3rhLH$4c7*u{D9HNQ9KxoL8Ej?mCY=)p*jvvAZ6
zWM%wK5x3a|Syg5goe?+EP!-S%<}yRa6!|Ws*x@3z9#x|-xMbI(Ax5x?QeLh7GJzcs
z!AGze!2=H9;;o_&3~hly58)CcPz7u*40E+P_+H29gXvvdA=}=!2!<{(9z!T5xFa3J
zauJj%MP#a*u^0?5xE2WdOK1k_j+xTA;^`fc3ZNgwat6$Q`dW!IC-czf4L{kNJ80)0
zNvpvhP0v*xH;5einVX>gQcNR7eReX=uVXC#4Ub(1>1dcgT2zNf-o!K%8e$Ro%j4Mq
zFU{Qa@2{0qP}E68=>bUcy>`kTNOqP<?l8RF-`NQzOj%?Nm2whn=C?cvl6V9YtB~7V
z=hgQY0ss2F)%vj5#zK46;BlfDlGR7^^V~O>^O!KA_!?`?MH;@zU^<+k{Jgv_&IqwR
z9Rq2cp})1MBdKgod{+a1<60kk)!7>YhsyF`hsqR$tt)WYzm4+D-<3GuK#4O%w|49H
zCO-o1>GAy0Ou&_e(EjoL!h~Vehu4#8O}I*)g%SF=5^lM=h*gE*5RGYtA<h}({_#E&
z4#qmxaHKt5!U)#z_ZtmvLuQsBThbYG|1=_=2R9-vC+5JY!#R7mnQFpd@!lHhiIaN3
zg2S8q@KLR`+vt<(9O^Tm!(+jMg=E4&Fxs67Tz`INra&;-Q<pZD#^WJ)J_Hz5;A#Fe
zI-CJFIxHdPP>ufgtEol@txVp5dW>V4oV$Xq%{7Q|5r^FCry9;oA7Qglm1J4-*i6Sk
z0)nvAezUrz{fjP<!5f*X;{(s6x5TB@c3}R03x9LBe+mCa^)OmROPmrWZ)hiK@tyye
z)=uq79&O+JH3TI+40^QeEl{&;uHR0>SSb3muxe%N__y$1S9y+0BK!E({p62II_JhB
z6%+3fdDt-Qkt#zZ7-!N!7*On&njRsQ|FWxTt{le4ew9aCTRBF03V><+7tNny1i2dP
zj6ZUW3X|5~uDb(+mlu0AQHXltg6xlq$-Q$_<m(L|JC5AaiXH45&s0Zt47Jeda&D7S
znWIamQHH}&t1lMR&0m^$h+p0~?*ekllr{%78*GoykSml0mF?4HgQDK1#5iu^ioZ1G
z&=AOgd;D!(gMC}qQm470NfzZ4|A5p(8J5%kv96=4@u~=8RiAy64k1B*oL6NcfZ?yR
z#rC^YSA>x#X%?YTbmD20OZ*(2N5>qoVv{mHwN-29G7pE2PG)-bzeT!kY+aS1XD#fn
zF|C>?Z44jhTCP}(ci4{8U0=D<3c=v-|6-ir?<8^Aq`#2dPOjw7Zt1E-`h={s#id?-
zpRZ`P(C(6m8nIG{b#1wd821*3x$E-mJ!vJ0n{}jr%nbNWsJRn+qei6=`zE$kI~iRT
z)zmjxq$@;6PA-R+KTms~NCylm$;JqoU2z8Nyf;U65SElld{U-U;o$?9Y!1|MIV5>1
zv3A$AoIgp55)sS1G5)0|uUz?KrF#dlULR$Qz!u-$h~6#}fLO+{aDPZJK|9vD(b2Gc
z-2T30V?jIt<Ka(rTPiQhXZmxc13FJS@!INVNkZYHEF^v6SxKt{PNg1q(veNW9LQ{2
zgCYaP<JCx{&|zrf4lt97joZJ_oS@Tz_%`Yf)1<nGT5pQa6xhguE`ni|c|=evz4Pik
zHGT4OJgZzKC67ZB_<!$`o;DluI9zrP#OG`Wn+6DQ)Jg+g$d@oLh4k3G!$Q{LEa4j&
zL;kD7&*SvHy@B<7{AZs;IjZ_u97=G|VWcFN(@mMpm<#Enn!%MiA%ythIjd+1ezz0l
z%;m+MMnJIkq;F@p16S-B(Ahca)B<pDy1DyKGu2B>p+e#x3VYT&dvAt$fn+a&Lxk~*
zSM2|rX!3|dMcC^snd$`lxW7Vw*w8Ernz?>{hb)NuXx_fY1YCaak@)}H770NN@*CCZ
z{w+2h_+LStypo-7-dZE}VP*5L3s^@KR5LXC<HDw2L32tfthA{h<$CDOktysOmjeec
z#Bo3+t8}JOY^=5WuO7Qk=MM0LuY!l7(rE_dEhbo?gSK$O@whs=lnajXjRQISzdUyb
zztj#5{TW_hnCy{|_5a?5d|T3;@UOS33vZKalP<_){s6=~*xo?cleTbDAjbm_9f9kh
z5<%?@7q2tJ_cJVYGpJWpF+yWN;-?<>*SzK95S<<JHB9&8Ni{y8|MRPc>nj9OnDy(L
zB=BzLf8q1`;W`W8l*%xL{2|7{Kot1fK^$+WZsI^D2!=v4F9oSa3`+jgrrJQkxu8W0
z&ZnYWldY+l__mY(9Bgp*8xlyjaXhm0E!LJEgM&qs>r##4dm^Om@b@B}xg#a$qUGUR
zc5*jNH+5b5%aUz6EQ0_`L08~4t5RLvxpH0c5^sr0yT$fk8|u9FDiVJ8bh|AXP-Uhd
zM-;@>WSvZ>SyOYSoL!Ksb+?DLiw!>o$oA~QIdj!f+q;Qp<<ZIQ635h)N5fxomr)vZ
z&^(8R>Irpc(`d#yaiQS9Ub%?Is}It}zAT)M=mfn;t!T^)<JCG2@Z8`TV#?M;461Zp
z-Z>@s#mOU;n;)gZ@)*sOlk71}dXJ7oHNnEN1@e^i$I7Gyj9SMft~(xp+5GUr;74F3
z)F#6SB~39uc~4(ysbtS-$%UJWJrdrtDT=rrSnTMaA(u$6i4ThqIenJb#B$!0?_0p4
zC6`HO&X1kUc4IKnqJ1VuZT^MEEh(yyCQ#^8vQMS;f+DJ|zc&NBrK6AQdsB)!+^lXW
zcrxSk6%tMA`X}$5XCaGlacUR0l;K?d$K;0~R#f;s;D_&Z&ji2~ne80Vu#8D0bfoll
zTpDv>Q|Oh*a3vQv89P&bVZ=<QWhe)_Odcj^^u+tXGdtx{5?)jvTCUy2X_&?1F1dBf
z(kVmxmr_I-|MlEyvl<-aA3|S8kHUQ?PUHEQ8R_A3==WT1X-bG#EzsY^^AQtGh5+@|
z5|U<H<}5oO@Pq(l5{`e4Jc#h6JsJ!oJ_#q!t>yrp0r_8q5AR}tZP6C;Pk;a=p=&iD
zYOCA1(^u<FK#?BD`MO=-QzI(}a|B-_owDL7VMZ5F-1n>i0(iss$NB7D-af~C0DNs_
z&jMUgNYKSKSpG_Swq@_}Ka8_|%B7~9yy85@mAxM4A&i+vz?Fg>(w2MD#irmKW-M?l
zVM}ZN%z5Yjlam+X5)rraqGB`!<RsL@JkPw=NG+Tw#e4QDbmq7?;VyP3+%)T$K`_bI
zZT)y|rE|D<8G^p{={`ov%iWlho87#g;+`!l#<))+@~K;5UX<b!A65{VA6AmAnIp$S
z4%*{wJlvS9rg@kQF8UQtGTqS9S%46123GH5F34t)AV^s3wFtGaMqUy(a>5BI<MxpE
z`F6cvIwL+A+YRIV;yVj4`W|<c_RY`)KJEiDy*8Ndj#+F2zHG5SkJH^%V1*VYfV_d%
zg|uH!2rt+87;Slb_DGbCR2R0Wbw?6CdaG)@f~Uvfp=Wt2?1__^Z4O}Sl~mFfKYXn(
z_Ie_kRFgavjP!bV067YP+!8>@yXU`tkdh^Ug0HXqC;l|V`iT_(?LyFT;`e<S-MF(;
zyw{%kG!-(Nc_SwFnQ2mg1Z{Z8Z4jmTedajXNI6<I?Y0^dN_u@GkaWyQ#XFT3)#ela
zmN!BM%RaWK$f_FTKnX=L8w2DfzjEK4A|RYu-m1`>hR`A)tTt>Q<*IZYCvO?rP&L4S
zKfHs#3VwET&-}tpzh}z{E_+%$w*c?KHV?re)&9&0FJQ&mrwq$sd#bUbyK@BLCy#JY
z-SVvUoW9pMqvooDDeaIH=EI<sk*cNQ47c{16;SR8jODCw&I;7{Vr%e4c=Zhb)t)ee
z01(AgsDo~3=Ma{sXRM!Z`v3!FE`|dTGfO;Q6e_PkKX?|1oRT_AdA+HnZ7p;1Gsakv
z$n6UT$T?2<$E1cFRzMI5&sE}}5*<OIwSWYBwLKo+%rC+Q_eA!Nf^qAQl|a(qm(=^p
zYV(}BGg<Fu3t#pKix~71v;}5glWf7hm-NR$eOx6S+ep-3BaYcX`7~B+Hv#?9mP_hq
z%ZuL73;PPU4NqYHelS^!=j^xYecqL#e%VK_h}2~h8(fNUzFvWxlVm<rZaaX7esCoi
zDaJjhN0@{w^I0Z?<{cO%ex<|+O02bD5bySFy4ImPSo@YULH%`;PM_~CrXxK7f45m*
z2(x~)?bmD%{L0ZM@y^GU19g7$<yvFh>;Bs6`o6o6uham(#UiJ1vY-p1gtN+TEh2A~
z`QA-?GL07xEy+tey$7zw5x;&99jTQz=&j#X1y`!_I%B`?aC4kq=4;XZUUP<ByM$((
zw&iDA0^qr}uyHmEf@l{5-aq%grtR#^KYXvql+OWwRy8Jw^E#Lf)SxFI#inZmR&X&T
zy}B1qog5s4Nt8m;<(H3IJXa+s;7{HhQ@7d2n7t-2ewyrB)k`VQ-i#iwu?-=j?#(Cz
z3Z!~>;!%aNzVtQ#*y-<tS5%2cnydSgyDq|?>3B6hRRcmEKm^?&0{tS=j*#@-yZC8q
zAnQ?`yzTnpM>A_$L~T^WY8B~cf2T~E4~b(Z;Tf($<%f<KTwaY3g1j*^JOs!?LoZav
zG&6xnDA!n>8ey|@ggMV?w8&H9bo7e8y|KC>7Vq)O8%pf-Gr-823+^-E;`$o>5wN3g
zzV!XLN`3-_gOgC4lC4`!ds7|dRCy`0`0Xb`uP%#(XkGJdi-wKzXwU6YH&xO-j~vNo
z`gB1TXQ`r2$zH(#$zTvtp|U%VC>AZwkcC3Ee@`VF4WAXtMTC>NHAzj1XytG>NXwB?
zF?ZX_U34$1n3i(;LD;=tOmeXiOZuj`-e8ZwC0UfNUITQ9!%4ym|4~E#5)xU{FcOFv
zkI6dDKzc@5oci5In7+Gsx1aTvso|SA{Q+G*rXgrwS>p0O$F#2D1U5Pe7;U5ClwYb@
zamNx{d<%AUmVInID5Nc08K)4ykH^Q<$O#Rn%l9RRlk+UV%4iR*U`_#ljyw=|*jDfc
zK2C(qt_#I5G_a0h86^YD1?|fT<1CQO;r3(3?30Vp`^E2+IX#P5AJMQP^OQXkO(v)D
zuF*wfOi||qLZiYFG++<HZufyw)>j+BC7tUX9O|guVqd4MUq_5nFxZgP&qdhhK~Dkc
z2et)PiwDasMPEbJW=M~Ab!;j+YOI)Ul?T3`la={k>SGeV$b5Ida424WK4x63xev`5
zkF+a>)v+o<=b$tw%g1V3KmFysUH<+yg97l5e>$8$>0AreuR#Fd!y#aPbWeUwZw40L
z=B!z`sR{YlhSflT9HE~3<$^0(?Z4e*k2UY>+sr!-RLyBGq`(ZMFgmDmlDo_<)@nDs
zj`?jEuB-I5YJoV)0goMOdC>b+C7KwiFFTmA#=l^roq*`_dmyFSZU@WDXPj^V83+_C
z>KmZy()#y%K~xeOS~!5B5nlZiWQE<@<nd)z0!58_prhrt0t$0qT*RPZDDoNct0n)s
zM>ZPyPO@lSfGzEHf9`$ic|t-SeN1P4e`-BGB;<E2Xpv9Tyx<mMeQjfTc$`8(2k2^&
zFGaXTCUgzPls1{3L5dqkHzt|}$(07f7^H^EPn4F4XYkGjn1Q%@ZwFZI4(*=yomT5?
zKd6hLI`qxdB=IDnKlv)VmUSmoozhmPM=)m6a90PqmFX;&<IU)d7^<yiv^uDV5V;ue
zXA)y>N2(@o(ijzBbrRvpAi1>|iL8pt9<ggICfC5_+8AdMRl~6cGlp|RrH%9{5x-_i
zV6eT^N5~@Oq)oz@Tpt4|7XnfbQexfhfa-vV88i^c4q7dVK+Pd=d&*{j*@6+*Fl2?H
zBTJIftf_)fcQ_K2^N=O|pv>#dz-f@7XL94$OQaL<=fijBsiV!t!a-;^PNJ!}NyY`v
zQcS`d?JyxIra66&IfhDgh1qFpEmvFSc<A$u_8Ajh%4L;tOzT38%F*_8K>LecY+EyO
zluLSj`)AFS2Yf%h@4wcw0y#L_=$rvcXZ&4mkjm}-MebkZ@4Sc2;{2Hr83Y5|jeQ(q
z-p9ks_jDU<3m<<<I9%ZtS)>@@G&>kd+~d-<(a;!pe(u>dqMOVD+bRt#kM0QO@QiQv
zCrP9>dU95ZbGXmHH~EYaH{bo~!zS6|cV?MS{Sv6Uh>MMuZdBp$Ut*=w`Wi@aIjo?v
zzdNkHqOsxQi<>8oItE}<q|APg6h!o2m;e;)`rLlS?0#+iBNrQ7c$~9NJWs45ozrgr
z8vpE~z?K*)cxF`JrPC|8_mt2Iky(eweZ=y*92tU2;x{zPQP9%$L_3`on&}?74rLx2
zV#qpVGM)Z$%+G*_17!z{t<WIgg0V|=k|n&9Fg;ziTlL+`UwfZIpESr#@+aUNYg|OM
zj+%Hxl^ypXgfwY5N|N>aA)q+$iF_Cmh<|usfaomB)%``zK|8nVCYc5qlwQpQ%;@9I
zP!lr5(3l6yv%`%k5B9-%lSv!{!xkLf-}iE2)`JY|>jjO3ssHY-p2#e$G=Q}3j=TsB
zMBQUgK4gGkU{uO<0w5P3L~?>5BVHT_!4?-0Zpxud2b-scVYjJ5J#k8>Ou%P(%1c#y
zO8UTUIl*iFSln@gnwmi;1pI*ZIMf;Sje-2^f@Jb<>N!4H>;Wd|!23>{d9a^M#~;bZ
zbQfjOeXbx$)cdUZa=%DfUNs8aOCQQ63%>HagTA+}#dRNaMe$1yF_5q_Lk86Mab|dY
zsV_mn!RGueDcJ_m3D3R`1_AMgK05qu*4^(o@;li3dr<0yvB1b*j$?P2X%#}2z?A^j
zh4)SI`jctwY%$+gV^ykkZeul*MQ5fIQ+6P~$FGM?t()^)$D8%zsw9hg^}qqQ=-dFT
z7lpUs32IF2GCQQeL-0;%wL@cyu!uJRqetB>w^Jbx*3-LwwICR1akN9VAdu&$Cd;p?
zo-Q>p_SQS%W1td)(!KnYfO?7C{ejEaK*0Pf5oH!<UHUX=4s38PCbNQOUUZ1`x_bc&
zSTdoswzbx(GVG!1VN~TvXZC{doU-?V;Mp@v7AO!R#XhwQxS^4xbt3-K>$Js2gyTq0
z$a0Pkp6|=c)4MAGvI8XfF$Ht&rRsZa{kTE19xh`zh&;f41^{o`3c5A}s`s~F)iUm@
zyWi`p^U!>=c2CuECb|qWd>TQYoS%l(d<0+t@B8J)F<o=37qnSfzMVp-w#TosvI9Uu
zDFUXqFA;qTx&$_LK}IKk4E%cl>%5+6+T_EYo3@^H2F>l;SAJXfz^P1N(=3bODIc7(
zfezadh2mK0RRHg^O#LYk!3FMZ@TrPHej?|mZo5gn8vtSIJK&0f?h=rP8X8I8waL(O
zEj<S3L5OkhKA|Q+kEnSD@6pC^&*binP@7@%WMVXy8IxfjZZDIiBR3AO`}I>l&$zWk
z)nwjoJSF-#(q)LRNuR)z<f*0@LvsRvEb-2(e|7}et>FS7K0}%Uu4Vh??tPE=Y0f%g
zL<+d>kNE*C*X2jsh1Pv8X~)#42#Z@zh<CN4hZx`<zAesO{H1A57#~x6bz)z13Tn=a
z>uQ1qh!K5FCqKqEi>ExDG2ho;7+y0CRPH<XDkry3MV81835QFv8GV*B`Jh+Hva~ny
z$A3w+U8Yc98uqO%^VM6$!BOf?644dPWy!^UH&ecISj=C97<wL|EG9EfMU5|m8QYqM
zXN#3VEXkj8u1>t|>Hge*6;zqE>H@g?I@!td0hl*%)1J4l$P)Y0`=FyBR*FX-GTW!P
zy+`jFMT9l*7R;*{>qaf(3M0V|r+{O6MeKav({E*#MhzV^<S!4Q!h|lrb3y5RL8l}X
zOlgJX{s)csHxZD~nZy`U_p-|ER0<3D*nNY~fOTUX*SU`5A9H??MDO9|MO<x~h4;2*
zCfxKDQCgadb%j!#4Tg|rzwzq?jmrZMM2lB{<|wmLZIr~Jfrht+^Fyfa&mE*`m{{#B
z1sy!$9iEpMYO*bmM5w@$Ygc&**5Sqf$|5lzV?@6A(OuL7K3*$O5Lo1ezUqbbu72rm
zR<0Xr{i^EdZ&ZenLYKc`DLa`wjh$}5u!7FzlQac>O2-}DT~3|5r>UqTuo>uimFrYb
zNrDCmY!+ql%GcJX@ue)xTDdbRQ#~+I&e$sFz5;bea)JTf53;@SvF(Kr@(%eMrEE@X
zH3KUB`Q&o(bIK|o=jO*lexn`zK-;)6`e(p2D@^&NxfO@%l+>cmIOUmMy++5t_#pi|
zPUk_fid_~5xJU{}ZKei{pO<z*J7!rL!$yCNv{aGcwrOh!Y%(XqpE#3}Ki^JLvWrQx
za<)vJ71`0EySh}PiW6CTS>D*MWb;B6)kbV~%N&@iarS7<cHhLRaDb_LZp?_-3!W&v
z(p#(3c0Kre;TZ1X2j<aH$T8!DN)#5tl#5rJ#kuIFcHJ1&7RUC5?4B1iX?3M~L}1%a
zUABVWX}BqiVh_w}c#s>XNW=PfIoCB;4O5(tgX*olC@#!yzD>_Y*3dwl)FQ8$S@B<6
zNml6N-b^)BYWsMJRIs-eSAi4q7lk6LFb>b#`C9%}_VO3I#0nIL=Bw=uDpyu3+HRha
zMisGN$@Egq-coF|KD%N<XMa5rxCwDF6L#uQeXa-EA<~u1qab}a3YsvYwb#Pcth})7
z4%n1`hjSG#x%dAaHDMe(H9|<6XDcO%j&yf=Lgf*^Vm43aD3Vk3W#nJiB2$CTf0!eF
zr?eDqHdtk)X3^0z`!g;pQjL$8@QrXarhD&+jLULkn&*$%`BPjj6&s8x+FO|gTeB35
z&Q8T^P`;IR)TU$d94e_j6ye|S{~^&2HS=VN9_MdUCbD(1k7tOGb$}MzJ-=tivRwGO
z<t0Jl4VhIR8)nBJgN^*Y7mH64#f#V!l*{{!S2l|NW(#x1HobY#G7NFzA8Q7W8w8y=
zKdV<$#&kAg|D;Z7BVLexWhO&H7S%FV`9k)-J5nDP3ysg&6AUMZDp*VYSx4>rS)q^y
z=1M}3_od=mqLI)d1$rBEDwrCePIU+v8py+}9aMX+G@!R~U*^FPS)9=`lh0JheGm5V
z35Dys%IY)zOa(Yp2m~ocNJ@ag&NvkOZE1`PGpE7B#t<d`T?w){-WhkNB)A5@lG=a9
znvGAW85N%JWuul4mlF<tzBhhs<;mMAdM<?!7o)YsE&=!rjjJg^fup4fs}z-eI=%84
zMEXVQz&{AAybONA--zvid@x(cw;6M$rnYAJU6aQuAmsqGJdO}S*Pin@WyCH*>$+&z
zROr1_!Z*$loa1J2bl#2CEt14Op_VWq8f>CiN(*=+Q|$MCM4*ZrfccZu_O}vDHOc67
zjFpF4l@qs78r+di4Xv53T2W#g(=F;}vQdX3YD!r0(|TRhmS*ll>p5+kYBiZNXs<X}
z#zk6jh6Q1QG4Jh}V6^#eO5!LV%W|XTne<)bMe1qU@=|okp+c+aL`t1Z_2_0i`54*!
z;hW4*!xdK&;Eum|Zd-EsFucin8-2VPVH~LrG<a|kR}!oZ4Vqw7tZ9gxJNlf7k}V~m
zhhC{<O-|}W$s1$wOgZPdZeDEUcdZSrYH1lo<x@Os2S%}pjKwl1_3?`(jw?57;hhLA
z5z=IeiGBz}0QzlSun9HK!jfUsiu|yzg>kBZYA|g1FV&0erPP`_Iw{US-{z+Li)&(3
zxO$NTw(7b4b=>gyL9ahrqVZO^76{zn1x}*v@8B;+;P`AyEuay>br~NT=csQI0zFAC
zYguGxdHy?ds?DxJKk#=<oc?Wbh*q#acaeo$R*iF!lLZr#)@G8}v0{Zq=Ox{;m=V}?
zgc}-*qF%`}I<sfc_{m1h9Od%~Wz~Np{+HJm_+zP*nVPS-noRS|J@`u^3lO%NwR<#K
zwUSC~`s1aE^^9%@@&_GV*cVE`=0W%$qnqf9KaLtpMmJWP1KTzYABukz3C0O;U+KF=
z)T<J>v%=eCpAO-_JJRpK`|4Y{AOd^@9UJ;2-jJ9X*Abh^(a;SQD6!5lqj)i*gH+U4
zCTvpEDy-8mWrI!8#WUeDn#SleoE|Ha)f;5JgLChLQ5diy5rqoln{Qe->6Ejj=5a*6
ztmdZQgm>DCS1-#9FYE&XoCn#;IKlh3a5UKmM~l-;mjBedTovHxm2dkmDA4k|N1aRS
z<Pn8f#9Ji;O)n7dI4>!(n|}#u)$>%Rn>^ix)DN}Qr5|IrX|77oTs#<^g<O+RY?a?D
z)E-o%>Z%m2VB+*~l-G}eh;P<FxCiS7(V0!hS1RROt=UQB(I2+eog_O7NF9Ha;2*_?
z!1_P3g@}5K#?vM5g|aUZn?h^01vE^3lE%~Kqj*;mYh)}1>xNKIInQMmXce~{TdC%;
z&}8V-uU47ynRB0`zo9VDfPD9BpXH-`%1Xmlrt<0amyv3pbyFwO5-!^;s_ry<0DA|Q
zHVho=C2NJ+z&JQv*sNw(XM;s!4By$Z8|msZL#{9M%gDltNz?JX;;-&0V|OJcYVx{s
z$*-TSuglz@Th^_g=1Wb8Lg^l!tVkrjko<-NI<#x3s#Y6qj{VI>Rk`7;Yc=)fK-NvP
z$zMe)rrC=9u@g0o=N^Vn>oMs{NJpVw^f|pdFB|bt3aHEhb`~D8G+755B<4E8-1_iW
zb&9!mx8oUvZpS_9r+G1^5kfhw$lxhIJW5Yiltz&<ay7e<I!EuHA1;rdr&g~FJ;mGw
zz1BW&0=gJUs11C6+Hvz|kGaR8%on+Y)OmECWE%H*c`HdZ+O1AGH6bm2+10cLZ}w@5
zM;eTcEwL1nL0JWEX$p6Z1{&q5j7sVvMTx5;5?rP>5DUKFe>i24w~bzJe0c&2YLH%V
z+5_9Vl2VEH`~_QDgFtxQV;$4<gp(?e(1-i$dcBDXatJw1#dvd!CK|^Gu<Q&q8)9<u
z-jvruNLko6uAQcQtHYUSs5u5CMLpm4P1mmKCGJt$u%;^ssIHK;T@B{yoov7<njT2G
z5xsXydza|CrX8-G^`0Uqkf!u0G0D<=KdTsM_d#Eiae@^7>}dK0dCK6qni>+)onKJF
zU&tO720fFGGmZ>f$L&{2o_B)b<q9(+oU?I~ghDU4@aJfT4e7PyK^mp8ZR9&StVeG&
zou;w-`LVs{WTgm!0F`hrO>3dakmMjf9lZcCwIzmRhWk8|Qy4lm>a5Id@?wBqm7Rsx
zc-<j(m3D*O(T9XUn~LfP$RNw$qH&!=FS&E@sbOyf+IV8eh_K#6<EivX+ru8=acJwz
zGjp2vvEn=3kkp#3417jmWXdTNVnPfQk6Q6a5m^^h9@1)!K8~tX5|pkX<Bcr%_Y_Gv
zkjCCDMm=<i`MD*N1TEc3YRp;E1^8Dp#qavG)T_n_;uuW*v``m)o^cEKEnv8{)QP%g
z>Z5#358#6qm1Nm;rS+BfdQmv+gJfOaxefwPOSt8f?b6s7fg^{@B~uqE*8<KiK*oF4
z2?&vx&cYeWP5QGS1mtJH-aEk4+Y#`b6?iUo?Q0w}eZUxW*P5ef(kfzX4RTpEi8O&%
zI_h)R3gBo<cc&~j*%BiBKDq)I>v(_bZ$D{M+xkRy&@X*n@jMQIMzNcD7s{GH=?L~f
z(6ONvx5cK-`~0Po*si2~gz#_Io89Bv^?nfHC9HV$uZ^DmgmeIH0b7GP6GT)h6Seh9
zxw<WXcpB4&{P^DqeFUAIhnSJb)Ki6MK6m1(e-KDcrW1sx_D|XExuk<5Qz?PxJJ16E
z>6qSXM&*?57y8XGjlVxqK#-{^nDHg5!osUj<0>*=++q&G6@D?=-e%qySqQv5iuS}s
zMk-0RFWNf{PI_=^UfF&ymI5eKxl-A@pu1!N*NEY7zD_l+`VRn|K=BFyuGM=`*d8zW
zW{ew7F2h@B(ePRRJz?T(Q$tkK9%N&k<LR1aAf$sY?_4EK!TiQ1)n!K^%bu3UAdLE9
zS~ZO0nRm?5Q(n-QE#O8D&GG@Tb@F{8@*eW;T>!Wy;Y0q+k&6|e&y;KW3JF>+y>J%C
z-Q)1uy!*@!KR~BQR>`4w!WI~2NGGQ3B8T@A3|Rh-RQbtZhvRAZwcH_JoAUo&xY~<2
zu&Khdhr9E#cmAV+vdfAiOF1H8nAomzH=l=j0K#(o7~*P?FE867B=RA3^fDB*;;CSA
zM-wi)BwVuAp^{#=*HoLSz--gXbhjD8`5KCNEjtH=5xe|>8J#bz=?g)KbYHV0G@)?j
z1p@|8ox~lXKr`pF2jpPquie~^e%(eGfJrFaR6V)~>pt2imkO3*50P_}DjonYG-cA+
zHv#4R(-h9%&xi%I+8e-rPX!7W?yerlO}6t;d7zT5w)0-Ku@z_o_Ez`z8kB*o_3XRt
zItx!IVi1mJcT6@}LRG~^-8F&Lg@9t1h+p@(cihOXrn|ej8@wm6JZMhmXcWom>&HfU
zOk((TZN$qrfgyE`WzCS|zzW2z(V4z#IO1DUKf__z6-nG0c^i{wEX+KO$sMNC)Iq&o
z)EsAh!Bb7grUQ`ZS1_BwkMw9wNlnC5d>pIs_~gVPxVT1N@_jG(^sfJEk3fQPzFw~+
zMEU^-bMT9j<;Ji!MvtnouxtAN5x1+g6Z;`DGK|e?74X7lQ(a?z(wl<n<^%=#?)`4(
z`$w$*i|At<`++i~zpJx527)nU9{9pNc87ZJ&#`fJf@_!}!YrloTgR&7=}4f&uxnn_
z7uXiEP+9>+`$+-RaT&D>a;o7_&_biWr0^nAnbp7Jbwy>#gJu86cwIwz;eWDq@vaV6
zD@3%<)e)+zYP(R3^<!6bGyl8KVt<Yco3M@qW5io&jBI^4EWw!L&Uap7g++?j#o5&_
z>ClY4m5fSox;xu_iLXY<{Gg?5Ed{rc@LtW{h1;Qcc3V_?{>5aW#{cog^!H>*+jN<I
zTKjXc^76BfrL2q2rso-YpiGK*Ys2px3wjytdwE*<F@d^KY6XppGh^aR0-)sT4Rgns
zXeX}CWo&`%@1eZMqz<JWQ;bW_4$kcf9!X;rF+ViM%ult=Bf?ds8UMn5$J3^qqtw$m
z0Cpbp2$Qu5FC_g+1u$A@Rq0w5_C|PnL^iA!<x0F`j>Hb$z>Xum$}U1&Sz}WfiV#)b
zGe5mQw=-~Wv`5`|octpJ)m{$OLi<XTUn??qrod_P9vlejTf<#UTE9ph2~=!MV&C&%
z#_Hlxeo9OST%2K1LBkw-{&E1p*d**yKWs@nnKK*Sv7+34HM_B;J7Pm34#fSo>Azcs
z%{gsooC820IpDP+MecLk#Itj;(O&Rwb$XD;>>^VLF)=Z9#3+F=1q?ajJLd))FuRF1
z^8T_0^upcBwj4>Iuhq<_c<&Pd*N(Sqq^2d?^RDX~sodAXwqljL;NA-n)TKdO{i|3(
zvg@yUX1uLU#pd5(bO{<DPR^yt>h~>M-krsAunXCOln6XNP}S9wCO`JV36Q1S>%wcj
zRbb48_tZxLwJkR8;>^sBOyUFInEuwg_m?Vm=OKjG{nALnagfpDI+m&fSfl<)9coA*
z@nb5ml&CWlRIQ#mY>bs)n*hzj>wprhhuP8mqO%`yj3;R=ri<`pliaRKu}-#<h=uVL
zW21BCTXZ(*zY{F!G-4%FUXxijJr87%_OC-_B#bSsId?6vQr)kYjypFZYtB9>D3K*M
zXqgIu?O8q!&{d#OcS^e;oM@tgnRO=aTzMpZk>*6Mr|}dx?1-j~Pvlk?>;)I<qzbE?
z8V~jZ7o5TCV9HxOMRki~^T(GqdN`=45QwYjI`hb|eA4EES?lQyi?>)pjGeDWjwa`k
zDQwJkG<$mEM}?7fZ$iagi4|@uyy#!#myRfF+0+M&F5)K}y<eq!6x%H3E6kqmnfQ`o
zGQQEIu}>su_m?DHP<n)ilJ38<r1EEMRp@hAgD2$sM6=PRR_hbE#qJ2sgxE2VgG{lE
z<Is>J$kpPrcjQKp_le|cfVExsF%g-oqo$${U+fjt<bH!TzpRz5L$y04Q<&G&W+!r~
zq}8|yjFNiQ<$=|PHYA!lrGXC~p;IS%ID})B;<M(hq?)%33w=M~AKE{Eu-*%)#*y7$
zn9A0#!I+q?!j3>uu(FN{d`WQJ)#^A`(VG|*ZD{2<2u>p3F!k#098y4VTY$kyT&}s@
z!BS%7HEj~NN}3T#r{h2Z9bKB9t*6-*%(11r=%@)^-_@)!m8vh&;SK#n+DDDGSetuY
z?LUy6v1(%CeXgMyLEl*fd^Epb`VyY}%<KC5dl{iH+`c~rN#&8nZIh0CLb2~(i(yhB
zSl(ZwWK`#bha3)5?mYTZ4cP`wS*-qnc@3Fg)wzfGSQzsekNumPfcZ2=v`LJFFT8Bh
zot;y(TBhSnGraCXY~3S;eRp{+ZUp{?Dh$|!7w-!T%;tsRGw6C=h9LA;;3?u9t#+Yf
z5-cB0156>#%db=Pk{l;YWeJvb1kQO0c`Z`V^_(M-a<LugP9iDbN2a_qO<QkE?^%y~
z&!~i3Fk%o8y|<j!P)BD!4}?vN3$~M=3_V@T-u4+l8xo@Qtc(Dvh+aQ&?C^+rhpJ#W
z|5*2e$_LNvd|<!h`bb30o$3oxfZELUm08^k>8WS+vn2bXDkEsOp2=D+f=>v|wLQ>P
z35DsI@0bz*7vgoJaADZEX#s_3yoU~);91d+_zO_`T)p{wee8>CYuFvVWa=tBNwV(1
zYG38Jd+zV%B=_$#R7$hz?X$BKToPhvc8MAwbFFm=y?0;WollB02FaZOk>t>Epn%s2
zI0#S#YH<udyp>;l0!TswKfAk>!681`&p}MHk5#Kt$#5-#ZF1w`Ye-{IP?=3fM&rZ(
z^eV&LnluFc&?|wh?nzU{u%v~R*li({6b>e-<h$^{tI7K-40`}j=<2TG!HztsxDaH$
z7u0>2W~hJlh4@6x0+^vrE7^bLT;N@cJ>|4K*#4;Gft>L<0#f{VCN>tVF|x3&8yBYR
zT%G^Rxf+(-FX%d!!AWh?HHg7N{28bC(<*RJ1#L@jzDxg;(QMO<HgmoQkpi}LF7hXu
z#*P7re!+;c96{<h6Oz8=7tn#>tpm2^P*D|j2bJ`bwR0R@C{0w?DZdm|ZZ)=_AIZ^r
zN5ZHsD+wCdQ5w^yj{k3PdUD>Y9%?L-9<GMC0cfSVw3n%8x>6b;SDJ~}!wneGvOi~D
z4JQk+d1T|1e6S{@ct?1tLa;(elr_L-GTamaT?q~(e-RTxRFX~l!swT}wK{Fh4x3BW
zhh?Pgm1L$Ef<w_q5`%H_&=V_05jLCB@^jevVOId58A~wNzU?P^*(UdZZ0!fgwXf{~
zB||_2H$%fKDo2f5aYWc&2=md}l}*<s{SnLT^a_nw3_%{Ag2Yyg;ZOivQy<Y5^SL%s
z9{nAE<H+CvgK1Di{11Twk6Pz6kaw%!!{t8Ms9H-b#X9ukfw&!&8^le5qfBcYwmPEj
zw|yr}cFM^=tFxFSNu`(<)tjpBl(cUYXif)?cc5C6#cRgrGcqPz_tg5LE;yh_d%tWR
zb$`Wr&AyRL^b-?voD8?81RgzE6s!rvUkF%g7~P#Dnh)76$}k6qAhBaPv?6C>NN49r
zx|}`tO5}Xb+7wUo`PWS@8NPGWYo?peA4#l?Rxa4JG8l?o`8}pzekJc!iEwVUN>hPT
zh%q2ibP>>@p)K6h{C4XJlL$L_M?qrtr_(7u4+)cnMNMYeE=79{aEaUbBEZ9!$kS79
zsu^g`FEX-IOpUDz<R!KDTBEYimJUlE^Q2GOPSA^WI$TB>++ElFveEj2aL<KRQ~-0Q
zPz<Zl0kP(`Z#=O3aFINa^iCo6h$&(ApOC*s3*S-v9ukzRZuC1bRN6^ze6TY)LU8}~
zpi}vW4{j;9Z^564bLg?TJxvE2Er;YSu-pR;ERk%uD77D-$34AO-;KlmIaF`snD`<b
zEQ_%ao-asDd@ez2>2s#kh6BYEhWJdq`_NDu5Iw<otw#-{fBytwKk}=r+u@jAQbvnw
zA2?9puUeDTUm+s*T=5&?#Sn|D(wA1PMKzqUHCjl-=p>Mg%*-l`5hvLBk<|(<8iTQ8
z!x1+RJkMenKk4-l3p407L_b{zI38OP8QoSF=zrkNC06x71m{iXn_-dyv7uFhhAT(s
z`ueoE-~aeUq)OSnalykzbxA|zO)A0;U)*-H*UbDV-T%YuCtd6$zMOUts6@GbaAyrv
zGFW9;wn!HJ<1ONw_s!2Y+rOAPE`oJ5+O%1u^u({cbw2%M7;RtekE5NAqXF+4%=hp~
z!|exnK3_=smoYJ@RBhJYKF1CsI_AD#2YsHQziXQWx`Xh(eqz0UVEh;#VtBiq6&d-d
z>IN<W=T&DQ@F<^;co}HUC5y0{X*{{PQoff-U$5q_<O*%7Shy?KpA#$y?~C(=0P+Ph
zO)w4YJK6YdnwR4uaz*$-ZuY)Jf%pi-s3j@9(L{W8C?x=#JtqI>cUp?k$L^6#qz(9L
zSO1<hGFb*F!{T<~ObQ6c_cUL_<T2n4Fjm<iG@c<nfy4%aM^8pQ7n+_QBNIeFLYN;W
zc?YCs<eVSQ&zH2=^6f5&QbGiwM_O!N8UD`Gl?<fL$rfi4B>t3e`D9ykp~)5AAJp9s
z3g2)m0C`fOd48)=P*g7%Zki=sx#CP<E#P8TyCV$)=QZ`~=e>wlgQaH&^<mu{l-?67
zHBpAaBcE+be5o?A3-448FGc~A*rw%^`bwb-Eb0^D=3aAcn%0lyB(SBrg$j7;i>@yL
zfrnX#2%7r^!I)ZbbCmDJ)NdgOXS$M@K(}1XhA_Y)zy#O#49hSjL0HVCrtx}o10zbe
zF@U>omhe~ftt;XoXJvtXJ9yb*A?4uILDSDx%g@aFCuv&NP&fsKVuQh8r)&%tv0@8j
z!H8DsCN|;>hcT$wN)HH+SK)>ntCv#a^H0f!#AQWYDR=rq#2;g75PbN-k;_$YpJ;cs
zq5Jw>eu>j)3x+<+{})~F7$r#?Yzw#D)3$Bfwr$&*#<Xot+qP}nnzn75_4Rx1S>OG2
zSLVOWm6cCbW>oAQJ9Z3pQBhD5skPD^xNK>a#}f!Y{Ay3h*VYox6)0CdWzpR+waTRs
zt9<;Rz1k7}6&9Zlc!Cb=jStiLvnNjX$3Rn6=F?8bn<fpt@751dklFXI6hUW*_^KHC
ztBmX_@qRZbFHS@S9o8vviiZcK0(%~HXhkz*B-h`y7&8`x)s}w5fcTHTL9lip7k@0w
zw-!DWZsHEcC}zybK&m9pzv-R_a6QOySze2*Rr$`#IL5kgm)L_;5>=Y7K_-f-3U$zg
z<I#P^1sTs#LcIw30jb5ON^PMTkpyN#mO)0fM2DjiC`_R@N}K>d(P4nXd4Qyp5j@F8
zXaY_ot*tYWnTVB)_pdQY$y=U0`eT@%fc!YtAO4Ce8?K-Q86J@YiAM?r#Eklv1@qrf
zNiC#S!=`e)seJq&iaJP_-QBxjNJA2Y+MUApTjmmK&?~+I6~@5mQs5Dl1LM_Iv3Poa
z28%=i?%m5_F~G1`FT8%hpM+vKX=!z3mHwhET)X&7mW<#<I=wg{*5)K!f}!3AE%ISk
zOWQT}mLfUSOORY5qR$g92}MUnqvPyK5SP4hA4^cnjiIEo857Q^y5M(v!+p^#&{#!>
z&BRSJXP(z)x+<JV&f!yiEy11(mULk~G&wZ`HyP=)LtPjT*;qQ`hJ%mA?Kh^o4if?$
z>TE8F8q9zLz{Fz}*b2-jX5*0F-N~1OG-QaA@E#_et<IaR5Q>ex3SAqu-f_NGlgKU_
z=HqM+PjA<0>M>Mh3YDDLTDq!LogMz_jJx|J$cta}ksgwpqlsWllwidT05c1IhJpFT
zFDpAc>*7Oz{f-xH2au3)u+{ddqKagIm(TFMISVTZG6KruRxD}FciJiT{Ai!>k5&LQ
zN|(7nU8ws*Y~TH5g;K8S<mhstu7FE!aZEZo#qY*;lX~jxZ`VZQoEzWF7xs2JR(iUw
zJe7=o4Yc!%N8qPe&K(=6j9v*A+(P|%D4L7<0RQK-n6Q95l$esc*hP;F5-UYu%wlNn
z#4nVivefpZjomN+0xmeYALOT0Xm(nfyvIrz<HLY4n@m$No4RS}aAk4Cv3kWzr=>a>
zy0r*hB?wH*;rJ)U;qegh!5SiBPdTum9?-24<$D_NX$2GHuR!|L0BHJ$5V$NsdNToM
zt`f;^GFu=7udxw&WhR)K^7oVuXD#)biev)(T~$pqVdvkX*{CtWX~Vp-e{s8*Mf-I?
zDD|W6fBoLWoHsoZmWZnq1&Sqd!%9u%&4k(^SqCK$!%_A&NiAfOyKD&Xl4QC&A{+BS
z&8m}Mz9BS%H9BTwgOH6Tk?pP-VD*TU?g#vguOu8I_Y96LwI7gQ-u8^jd!qThRvp#O
zWktqAS=NJe*z@$p%9ckX)Eo9#AZ@sF5f6>pPv$~gCE5>KSnkQdC1ebS50(4|%S(N!
z<CPIQ>1FCH90zf=zKRGFz{=b<B!-Rt42{0sPI5n!y_?TyW?>?7?h22H0}9oC%mnJp
z5QgHvgbQ>T8}1oWY`TmfEK3+h^nuSr^?X#RhqFb(Lz%~{3XOxy6JCA_l4{6)<)6>6
zXF+X{KPLVHl3TRP7QvFl<P~_6C|AMz3GO2W^tTU=`~rztEPwvt1g=jKM6Xp;K<E4`
zcH(F@0)sg19P~FzOgT7IB3)=QH0=4?gJ8DLw=Pui$?Twi?a3_gfnv0XBAXHsAsjbl
z3&;dz1OsN?(22D&p`*`6Y`mhIzFySz;$ssy3ZYj{zW37{NyTtFTV`LbJ5~=APlVL*
z_xMWh=j-0Vl?rRyir|yxwkZox4-LnCco#5=;@SM?Xf)e{CvS-*?TR#MGH7SX!y{@{
zf+hXB5r(P2@XGFw6|MAmkvc`r*F`Uh&an&X@d`9Vu1IW+j`cYxvUQM2hgeKJyx17F
zj?(+uKx5zc&X#+A<2EUM*s9n+M!ua}EZkA7+Czx0b-b!=z(p>?%*WYR?_y$OBTF}+
zHKNoMP-__5S#sijgzFx}bv?ngoxLS=P8_?6v+pc@iG$N2d4qg?Lch1=?wmnp&~x{x
z5J=;Irs9jr+itTF=0Z!+-QHH38RgPv?tG!t4(1$Yn118G_j~EwuZb^lHT^Dp30Nt0
zv31_$&!HPRAM>I7ePoPBB`EF?6?^)g5P!Qp9;6?B=3K|9>^j<NfXU;ND-F~`REBL3
zhE1KP^q7667OO4mz65=}B97z!mYx0PVi4ac5G237^D^4Bgz-LHoMtGaQ0`EwvpI4j
zvUkB4>A#M@N6}@>TCDpCmFb(#!``FuS<PG|HNWyub*kVSpUzP_v`HK{JZpR-bJ5oP
zemO&BW0SK|P+}l+4}SCT^iHk&eI*JRZ1`n*9M=K<;r@IxHiZf}J{zp>zR6v$;&sL-
zw%vyd^AOv>SRPWkRYpr_7`h|gkrn)momO*F;vJXCYe@&?F*=f1XPxe$N<=;%RtVMV
zfYPc{!ByEWflh#n^PfMy1y2Au-iHf7($!o5WAzt7%`+gN9^&jf>CD9hvg}P|1bzO4
z%0&BOMcYsR0^!X{hTD(O<wf;CL8&$O-S=6m`g;~XFO>tx{2YM61ppX2=Kt>njbodE
z^WgojaDZA7=4|4@3DINOfq%_{AwKkk!xK(ekqF`d{~;mVFQd}}&fncqVIh>;_T2!k
zTml3o&O?aklIbL^uh4!0?hi@5z7HB|AA0Q$(+vO!$8D2{HxpdTBmV3VEe>#>GWADv
z`vOoUw()xLI*RL(oV+ANVOdd{aP87fZ+X*UU2lq0HaZPtFo(}M8EC~x_KO3W3Ev7x
zB>Zd-^#FtEM?h|tUY3FRf!_?o`{#>z4%Z{VF}As<_UX&+{DT05A8eed<0!t+AesMR
z$COgMTwCO7!okcs!#)p^jBQh|6>ng;%q|490c}94)(A(G+O(%hXx^YFK3`#vV}-65
ztA%?(-@}tyU&WxOsi$fbcMOk11ID@PmV7GkIV0)5fxl?RaI~U59+#h`3)=Kl>f7tf
z{Q{yL-EA~ipp54sP*>x~(`#--txHsF$(p$)Z~Tt0qk<)ILuofL(BtO!Gp|#n;-ZZD
zg=Yg7DQ8D~I>(&-o3!$5Xo@pud9sgI?%Whxa}Fzd@j(yG0t?5C3)K84CO^$L%?VD#
zCUJmnHOr*NlzWq+U5jG23tMJR?Ne^{oS*FM%Eatml}hy|tI}IJ1%30e3iDXzl6SD^
zlJ%@n_+rJMminOP9Se=8oOfRWwm8pXcCTXVVT%*A++pyNWp8QmKPTS&*0Ig!i{1g;
zE7Hr~Ict^fQq304-}u#!mxI_#(h3hr_*WNJ@gppgD}_th!sE@81;1lPAyXp(Xt?6|
zx}vayzJ;aS-|mjio}MWY06u}6i`ShPUX}wtK4aG-+>1H`yywo4x*Z(jFY?tJphBO*
z;?f}R7ydDhKxHn_rTXqno}_2N(`>msHAkETT<0KSD%HhvhhYWiYE9)2*2#)fptl?%
z^c~j=(0g0k0i7Wo1Mc)l9o4U~L#fea0f>DAHBDw~$fj6NhV|+u;cj#kvTG@0Ruu^8
z&D!Q{N7^${H~wX}N>!tez2DRm59*1Bv2CVu<l`ARScO#6RMqk27tT`KrxVz;Mlle%
zo~JOHV~ykggy?t5LXt%%>MW*NiX+Q3V^}K2G-J(YNS4*KS@o1iPuk0sJ*b2}(22v^
zz@6PdD<#;c<Mnwx?^s>##xTTx+y;&Y14o`f7GTTDVNZL<9Uov%6qx_Pnj@f3VP_wC
zz0w{5Y9HT6XQMv}PB2n2umFIww}=@)cY;L<zz<&E@9ftK{#Ve`=}pz3Ugz4&*0la$
zJN^iC^08%<F!e%5U02<=<?+#T0y*w9iRUBKQTTHpt53JU_^l7?kqi0N$Jgc?N&Xwe
z_7!-;Rr1NG%pC4p?4*RvG}e{0_*>*#ERh9i^#Vhl`bm&V1y^%fgD|{@TiK@g1JBGf
z2^y_(ys(oEt}?@k(IA#d^Ge7S7tLYKob~Hr?R)GgU+#CHS0c^~5KRxI>FkMs-yiYD
z62Ej(u{X-H*WgKG3*`(C&lXN6$;LK9R+V!CZ_VAZAKN-hw0g@LXtN)%(!^PLEV<f#
z5P8&&oiW@GdxEoOLDZspUT8iI;FqeiKIX-}Yxc-VH@~~yrviP}@}NuYEz-iB(>!An
z@WPLM)h5;wZESPzU+mpL(&xzy&eL+~75FP-qc@rTYLC7X%F;0GA`NcalJFoU0gFdT
zO{3-nV!34DW?eOj$5+{?2z1<`KA2$~wt{oT<5GXQjfKK@W|RB4#fy_q;d_PBi^KHg
z#WY_T?Px&yts~3!$SCrNKTqEkwyNG=xwzkUd;WUU_?@>iy9wA9=)Syoy^-TJyW43z
z*8CYNRDWO-gNHG!@AazAY>3eAXh~AZ+@Oo5i2K3aU&n*tz;9!B#`)MCB{E7c@rb{!
zv8&2u6xjEuRYkZ%2c;SIViL4TV(oaDN0O*H)+X`W18oV-z8U;(ZWV1ZD!>2mWwGZ;
z0;daz!eSSk^U5N-u(^`^O2=x;y848y65YL?dbO!BsgX*zO@nNv`Kd@W<`PaN<Y9VP
zNnwBZqF1N4tMlviEmy!ddhokpk;W!zu1iI??5$=dLcbrS8C({0_35~EBQDp0-{;f&
z;r$>pSD^RnE|oywn={ItfN~~BVScJI-JR$d4R;B6iZo|;uMS1xO`jPDCq==mdp?~i
z@s(b~H>*taV)7<voZ#y3v`V`$+?syBViLz+MNzlNhvs`lcRbsWe3tX;2@l3fxZ0?V
z=9;RtZu(Al|L$-&g7;&*eKxZeqZM;gwc3;)n>h^AL#+lcEd4A4Uxw|Bls!3%uc4At
zpx=vk^W`z)0Ob~}-C!W|#IS#H>0n59iZTR$JdtTt4%G#?=-ey)-i#SDMJua9Gn5vI
z)fC+A2VhcXGb|@-d#(4m**omv7g$^RThSV6Ioz;$$Nw;B&3BoTwA>@<PN%<x@5f&L
zd)ldHoVat@`>YI`+thd&I}FBuYGkkgd_S-Cz^Tz}ga0LQ%^@h~BW6D>BYtYiEpFBo
z|HKeXLY~Mu3NxakR@rr~I<iA$&<AXB-#lp>1ivFOIq@?>_#aqwE(5IHDVwgc7iyct
z)kd*0GM_6C$<3Exwethmu$(&4xW)556GC>6Vb-~UvVwMuZ{+|_b|S8e?MChnP}RYk
zhbJX{)uc^i(ZTAadvlpZVh-gtggJv~3x*$>JVMNY<yH+E9edAWuhhoB6~obcZMK7v
zyw{+Y?%97JaD>b&E6&sWI2Jc^ah*EWbG(IFna&tRaiFZ@Z2KbPGo8>kc2^a6o%yj^
zSaOBk-FaTD_QI=6!~zDTB!#dL^)KM`gWx`SrrzzNnoiW`_*?}x0UO_K5?}ts&#JdS
zaj$Q>4-ZE74~ab{P6|0k4}Ney=P->GpYmhpp9B~d78XHMUva4?C-2{*F}w=R_kKku
znkV0L?E-F`FQW*+je%P;9|`&@+$W>kN1v3kcL_PJTo_9)N;QTyJ*xpdGt;l>ozi&6
z2qG3&D}JrK()gvhL??4u-Yw&=ES{pr7IBLF#E-zrGHF=L1XpTd?GC?9|EYhUhm{Z`
z*BZ|CbsX%ySjoZ$zQBY%_KA~WoM|vp@?iTn{L}Xsxk)Jag9A({V}D5jz1kl0RfLY=
zRxv)4M*QQ-8jM_l6SQzEQ2p~u4vSu3JX~P33xR6)YAW|qVlIH<B!herb5KI&8OUbT
z7|1sHI#K@5X)KRXDAfj2wFZZf@Rnc3Twev2k_fh{_wQo9iq8hUoK_vaP6ba<BJ&LL
zO}<Pry_{D(+Wl!d{gjw&d2G=~tkDBZe04_Sm6+g#4FGQO&{GI%EGn3$lmrh8KvVQ$
zPvKIumUZZ_K~2HQIU`IO4d&mN;sLQv{zjOkatMQ*OGcQGg@&h$(OU1r?a#*l@B47*
zfHWz6;IR5CXp(?E#W-2_`?;C6pG*F%^X-4uDc?(p{ogvfd=m(gzE&9MGw?&5@&_4z
ziS@Q|Ml(kLt>UN@XzW-7@f9mn^h9r#&AKUQt4xM0Pl!EjkS%XSfV5{(sX)Id=36KQ
zU13<ZSd9-OTc+@$U&blVO^tj?pXflpaN+2zG}g1ZpyA7RRW#<~!Tca!&iwOUEL%0p
z4^ue&zBzqerYR8L$Vh{7!GbV?o1{A%GtvY79E#6HnRv-ILtr`2@7~Bmy^e4MG;nU(
z=~kDT%e=}n-lOsBdCh1?yJmLlvSz~d%Fw_H@l`0|>C*5rQ`5oR-;Tv0?VoXXlLYss
z+m*48`sLOCJ*aDvu9=H>SoXi4-kXLy18y<717PcqPGky^KLa;hdhvT=fcRRx{QB|o
z_wfO&kmq>5_?aDR8UU3r0B!8S_WAy5cO7*AnyjMs0be!J1x`tK<H7=W_ZO?h@_U;*
zS{0Z0+MZ0!u1fv~%zo}a2eC$%X>}%wXm<<qDD&^yQM0Dcg^6*N<^2^M0k0Trj{o!^
z1gu({2;r5>_$9EiFg?bF)+5<~@}atrO>aogM(u~w!;%=fr?JgMuhlo!(Km)PA-Z{K
z?E0FuRra`W|5V)o1WkVbdH%j}@d3Pq=6F8$rkU71+7$YQ#eC~z*5S3j3{x+Ne;Z-G
z8P_DH_{`Z6#mB;AwlXHdF|0gXWV#C|OP?b2u!(;{=63A5G<{0UnU~>FyXyhjiN2vx
z(qmBirw5c_4kWd_bMxgjiq|#SvgYhevt<4m=2Eh_JI}2QW2>OO@+kAt2~S7$(w)eR
zLjlv@=>n|)`Qh!}|Diz*Km*4*$g7rMGbTMOMp@_g@Q@zP+?La&+C<DHGWZm*zuuDp
z2j7!C)>UaQ@kU$d+c$E@%VS*Y)3*h@$#4Ia%i=~QKbqgIa$kmI5bRy~=@pL%R-9|L
zUjBWpy2MJX8k-z4nx{7PNjHa$v<^~@Qi>K+e#Rn?%T;6*RlXVADKho}4U790G1nIV
zx{f)11HYE3z6)=eyk?{Yx<P*Z3Ile+dgPzyCCZe$oJZ^346aQ+jGH-^BSZ>hD;!(~
zwXe?Z&>S}Tn*i>amTq$6{7-w?p77vs&fsuJU{sX8pH$P&yN<>-9fThAkR2KoB{wMM
zK`nI<G6EZefz8ljqpztvkxL(gL6I04c^nuuPG30Or;SX9pO-b%Vd%s>ubE#jY!WgO
zd1W$OJ`mZzpoxS@HH<bLgjUKEgI0<&5(yiF2HyvRcT_(*TX07ZA=h6YjaMfV=QqU-
zaB}l?OW^}J`MMPx{4i;%!+uHAch{nULp-nCAf^b!g3`vk`&#O@);FeE5^L7;NCY3a
zcS`IR<Eseq;o_-~SH%kw-oC+lBl$K3zixlP`+vY2_YJ?T2O`Lg-9rPl`@Xy1Jo$KF
zNyAo*RWYU}&mOJf(O6}NA@jW_=Y2%hhefs&?GzB`+8L<=4stT>k9D^b^bqB%4G_S4
ze0sZ?=4E>V6mTt@`?G_#m_T$<puZzBAJpK0ipfZ9fI%9gpvw8CTlINMWFw=6z%4!$
zKIBoGB#6-d5CgC}?AERW0%M><yzhxlU{}kjI||tX>vp$;07zmsmP)129fOb<y@-<9
zwB9|%+(@zRut;<0n93H`g{(v3?;k)Sln`;t#~i8>3zCzOsRVPeP}TU8j8pwi4|<dK
zpwLS<&+#$KDMpk%CI<p|zTBPc@cV#C{BR@wBtE30yR9!wqXB-tuUCsPcaw1fKD^d6
z0^<p%;!X$)m+QbKCk%m!X_n?oQyE6fRg?0?+Tm}ZZ?OrI*p=y}<5Mb3ox2`POsr9U
zO`BHq7nd~*9!dZP7K*WZJJHEO{sIg2@3_T>DBJJ2$^PPJfc<{?J;40f!~L_H8+c6r
z-AAl`BmBgg94G?jvPFcmF{KIABNwkPeVpFqRo#qSwM0raAwWJJ=`&=@$#tUd@L#?}
zoMNn{xzm?a=uKgJ?9|o3YVbnS3)vblN6}B{_<*1(SOTl&Lou{d*CF3APpL$i7W9&(
zJVudtXgR)WzH_4s)gcQ*sJF2Ss809Hmem_EiMn%QSwfhe@*0@3ndi@_^0u7WMw!ts
zyq;%V5@~$Qse6=Wi+d2a#y`nOe+f=s$^V1;@SBAdVS4RjVC`a&H}cKPf(>DM;p3+@
z$r8U4$EW_wV(%5<7uPv=xQgve+qaqc=jizE{yr%Vz{xZJ=lQ)?9q}VQ@o+B?uor9f
zRqI}GBJe_dQ9@r!NVAB?%{@c_$b}jQSBRi>fD_Xoo!5Ew6OZSdD<*XRLX(nrWmY`2
zs-evuC%c0+*EK&gd17`&PlZ>l=bK(mPo<kAzmQ$xG^m;3B>|cWUJ9WUuc7jXDt`;c
z6~rLK*^;S34~MUVwVmQrWTg23<%iK6gj;?6wWeYyoExFdh%rZ@X&vrwh<{gF*Nq8c
zH0dbmP5&k=rUk<MiIScLoTwNnYp)QpM9OWvA!7kAr$X2JcL&S>szdQF4hoj&1%h@z
z5cty3LIl3pNLAT({1T4PQ)n3}Ck`@pU5Ml3kxZos(u1Av)?dAF+Lh)l_6_+o!_o12
zZE&WG8=uWD4d!<1TMPPn>-wVgFE5<P#PSqn7JwRjrn7}<k$EB>7Fki%ebp#3<~PIG
z^mqYb4rP^67Z>F>VTm1qkuGuzGVUz=ys#j>%^D7AZdk@v@O^OCIwY+^VqyR1ZvUqn
z$dUSZZ5o%d|8&gh8a8W{1IjX=F%u9KvLn?^RlK*&-aM3&l0z#^u~TY<7E1U<>@DYN
z={b-%t}58nuPhi|4NiOD(N?Z!uoe@EE-|u`kY0O;HmyE4`HZWIc^+C)!_9u$B77~Y
zI`hqrFjQ2c3|u~um~C509g2*A+FGIBU%_S=r~JE`z;f7AtZCzBZ#3o$s9JF21N+z`
zEzl;wywHR$|Gble5<R4_vK9zcD4UR8jpQRWtPK?+i<DvS4gp-ZPNVasun-YPxjj!X
zS^fY>+}F0AXC7-#c&ro9D>owbQvGrkU7Y&tlfWxQ>??S43aADDZVCVHSj-migI?Pq
z8`5v+9IQ9L_aLF?@6yJ`#ei7A`j83|0PQED2K$~3351~nnUmz4o+~*uwe2ntswu)g
zuJd5dpjDILjW>@b=+4tp1hw_)YLNt5!_A7D1QBBuDE$d0rkpzu-tY~Dd^_xL#SQ&c
z<I`ITy03!CZXJZ--)7@bQC-qkHy=(=9+fzduM$y`A9Vg}&i;4;iqs$|c^?kEk{^rs
zge#+v8`k11Xvx#{`uzM~)B_>LNxOblXD=s*&%W|ce;w@%yhq7nV}ykeAlG^5cmB!J
zEs**LfSy4?LB8?3cXE>D3a~MxvImfvs(%KuM%ZQN^|x*@@Y?o7@SlimzkK?bD<-F=
z6L*-6(l?G&tqam09Xem~9p!uGAwT9i`;*1ccM_`UKxvw20Ci^__GAik<<6*}j!cI$
zkyz%?Bbal-F$AKZ0PyvEe@SK7C5UuAK!ZMf0es&dalXWs!b}*1<fp%B0dWq|7tG7p
z`3I?Bq`}t2-=p9vfu)~H(PVrP<o$Wsu>5EJlEZ+5Tr?u)`xtH(iGGRdM+V|QBxwk7
zC`0H$gLiY#C-HyqHCPx0uQ3)<Idj^ug}7jTzND8jK<@<l(m(w~%vj0utJRw+ie{b(
z?)DrzDJO1>wx(pH<ZxV4w1`*me1gH9h>)zi59d;VlH4?EzK~<cQ{fd7tlG-X5E|A}
zaSf`h3POcEK7dHLrVkEEci*i%>vsqaiEx12W<6sM`5btV%dX+dNjM#zL<R(Ws$<4(
zHk{$qb&&`q^@TBgbkf@lw(ijU+~lSk9->$<J{kI>XP|%$8@ym}F>s(K%GliHVv_4z
zJ*cVK5A?B*m%V>}OY}PV3;FV(fVeScO;)__`FUI%6n~qO2$?Sk6;%Vzd3W8yfe|zl
z>On-#wU!!=b~vkWCu3mH`ke`P5Cg(xFuR}brG{UW>F*Cw$q$X(wC-YQJ*#uLW_nJT
z3OS=DyZI*XufCLrRv1GmeuwJs#0se_qbaG^uzyZmJx&}hmGk#uUFqBMQhPNRmnlEo
zv5$gs4K05#niM@SzxG=-%q1R{vi|60u1lv_AMJ$~KkVKle|QkR2Z7e0r0N#R#KV$g
z?WE?^DLsXZi2Pc(>~}oT59y*MzBy*C8eatT_TJHilYio7cXi@eFHOpdMrkoul<?q~
z@bDigDBMD6Z$4@BZ<E!!298`LKJg)(7CPc|UW8l%-O<M)oRW}4FbHcWzVm0q)v6<%
zVpd|>J*z~-QO2MoLb|x-;JFc!zlK^2jsLGqj$OW?7R|lNYe^kDLyC@qmZ!D(D*Cq^
zaIOaRfB8F*J|}T**4{O>D1Ofe__HI=Rjbzg4H$|=PG9~`*{ke7O+PQwo$X9~O6mu1
z;<vn*&cIU3*m-y~jE|I9Dn<8^wz%DBA+-If!((_|nsX=0@$|sNiEY*+IRy$U)tPNQ
z>X2m|wK~pvP24o0GZm!J!;^Lhj+AmSBY7f&gzdKCJw8$Btn@V0bCyj=tkP3`#+XBa
zFqrFqKA7j1)*#HC4VTT0$UT!-$`9q=xn-woYfnx`Lgl6^fY-Qi8ihUC&^9Zj7NGq4
zpn6Y7Y|PNGk2qrQD_1?~z`i=XYPC$aZjWsWZd~0AWJ2x7uU0^^el%$|4Fs7x{?(}P
zUO@Stu<AjU86^Btc+Y$ZJt(GM#}Dm7tOg+v^AMR66BSgV{QD1Vz`54{$aI@UiSem{
zdpxtNn%wbTG4<Jh#Zq>R_MfdJfvbnclqgXBh=@{j!nEN0Z`Q->wegfe8%Dm1=oT>|
zdd;I(xjD*NdV;X!qnFk%Lk<=pcn*{~4e}+37>-{AiKt1XX+*<H5W7Rhh_30hO)omi
z%GCYYQ6kV|zXCg#8a(#+`=L71<bv6S3iS+4r2t@ued6(Vu2<S&*%|d#cnLYHjVU+F
z%Dym+KOw&IpzI4QC>_Q0?U}o-5p2|juK{roRSV}-Nk`T@TL`9O->_x=?u=n!MX-Gi
zMcYJp1%06{F-XOo!*-FjxeG)GYF187cQSk)<|3b}%3%PP0szy{`fow4vA8Lt1Bq>k
zWI1{hW)++&#5IK;HXK$N%SZa}7b>}fB*o{rScgCK-5E98dKm`-Rn4TSefT)^N9v85
zbmNwyedv!LyT!gmF}5~5jCxM-Y|R<w2Dw~d3kWl71s-;V*!#5CfP;vdvpk1vL)l2{
zG--7d@Top4-rzs@dQ8GXHcsmS8XA%)lj8BS0tmeUt<X%EY{vQG`7?gCP+i;k-OQy#
zwoc!Q+bTz*(Y$4clKvDTagmLF;f>lfIvBh00_^o??Deu6m~tR|a><fPkwr{BZ-wny
zI8LP6YRH$r-<R5LskHH--Etq(HUTouRBYQgX++{dllcLYeu;Zt13QSLjYzeyH0i?F
zitHei!bx;ssD6L*yLzcy>oNv;0+5~L7t1s+E+30_90Fzy_j%@q0YVNzQGWX{oWSOc
zUzLw9KN%_go_T0J@-5Lw-#|*oAc+UOA;u3s${ZzC@@gM+{qABE3YzWm8bJW^XpE~&
zzZhG)%^p;f+%kiFC7gKhq1H_0-vF-<JWl08q#*v=a*9iKN(tJ_rZC1+??86Zk(~2a
zvMB5=FxR1e$-Sb$w^S%lEN1~w=S#R#6&SrC%KipAqa9c|w;$Ob<6%b@X=il^OBl~w
z4h69J^I^5|WojByZCJVHAFo==aX-ty01E{A6y3tSJn^8Iy#85^S`3jO==@iKp`*Fy
zaBv^_G%9jbRf}aPcIK8;O_TlpHE6b>JX0@&?T7n1?Fd3L(B!RktsSGZOQCfvyhsGb
z>L!sZWRa3(!s>E`2>R{{E^&Njc*ssjcJ7^77VcXomBPeG!L1p>FaCH9Pd$x8RT`ky
zk_z|XB1^FwAhd3Sy#w5^0Tl2i<5q;oY;Fy_OEF>k?AlC?Biw$K5Qzcsx3uJ^I_7ut
z3rjCO4I>?tO?4oxws0IcLuh1H$16z3^0<v2<z6L(kQy$bCL9ATU)=4DX=IH}f=Qd=
z&Y<mGS|Z<0RHl6u6sA8HzFIi{4K;FdBM1CAAEpClAx<p5Y9TCAEii)mwE+8<mEYrH
zfX7Fgxt$@P*JzP<HNUf#h9R~?q{-vg;YPwMl!m@=WJq3yjDwT&XOX9oV3#;OJOY*1
zIUE!IyD)x{f28yh^r<Ub6g7?%Ib~Uj<J=LQTXB2tBCq$zzh*v;kKPcovmYV%6WLA?
z7!=-*-?*^7-I=lbOdvZvf-x<iuf0S}x37Q7)Z@}2p9z<*mvl-vV+-71t5=@vtn(|o
z*|1Q}!OFq|1V<x-P#aLujAposV04VcEpqsWLMWHpdVH`}>W}6TtPuyV^v8<_&<)u&
zTmeaqCh|z!ZiH@eK@8WCHLU_Uf)CegQ6_Wnr0HPSama}P1f|dj*qRy=@Xi+qPseb(
zDJElOBn18QFBFNJFk^0wMTeJgW!wDV6q>l-%!ivK@1dOdMNmyYVu7XY3-^!e!0RTL
z8$Uq9%g^@F@OmXY$4C{3n_TYAE*&@;77s7v9Ny3|y~Ng6WA%X!QazAxJ>hWFUs6*z
zA!XM_)*NXuHz<@^D@cp%MV=qd$aU}%WZ}NrT+=5Pd5{xQej0q7Z-3(F34%XNPY|%o
zQS||D6Hs{G^CaG52bpbE>E2*d2hI;F@3R7iQF>3}X8$!0B@n3IT1?2iaA}GlY^1+z
z`sl_8WCaf6seh#%2$PdzJ|(EYHupE20O)&-Hfl2VF%7Fk_13uOnA==$y<}>wWQkoj
zK`Gr%&+^>Zw3sm2WD`EE*s>v)>SIj2-c0x9_GFr(ej-G2fQ{}!H9@3qngzs+4Z>6R
z%v=2(2TfAdQIX}Fh`mFKRSBeiXVV*mXcj2)`yO0gdP7H?5TP`WRa6W0$DtT05z%l0
z8Zv8D84HNMK7JGb<xKjZS9X>{OJ8R7a?kJ|Y4f@Lb)jSrR>_G08tx=qCCk8hP1?;A
zdtPtT3Ze;mNTO?h!fDrKO<FKz$7D+c^q=l36e6<~y2S^bi|aa2g3QI8!#`_N;!*f7
z@G)NBS<c7-8J;;bGDG&ADax3u9sp$`Hl0npH#Dwb`4hFFhT<mrWkS8FghY-~Zgh#=
zQ8k28??LJG^LJxUEvz**H5Rq59=8^sBbpJ}rI(bS>G2VbIvQYZ)w7e7MxEj^i=zUi
z(Pm0z<?ounc-mw<y2+Q*)207u=U_cXnU9*ZTN<s`bom=74~>eMs7g)%WUpo__VkdQ
zdurekM&q}t#;>iHiZOGD{7-YPHX!9o=b~F}-<__ep5G^B93>~MItJ?(U}eF5obpOK
zDCTmrJM1ImBvJi&?)rNlV`HgMj+tnhDw5&in}cGy#r||)9U)?D*X+>lG+#s)0s2da
z$fuq0EG8sCRi5Z3b?;s)MjjkhTOE?Rl)tfIM$DQldHHpDQ#Nnc-JlKx-dgk!B3MFL
zAsjG+c4m{`aaeX)E@NrfvF#Dr5+?UJ)0w=%7%kq=i3y{(lLT9&r&7>_#|;Y8dXX*h
z5d6K>;yK9!MdkYtftAX*lh2JYFIj#@r<&q|^17MH?jpHih1tg=NTP)cnOp5@w7V<k
zE!}j3?F0#7Ihrk7swkNMWb=7wZa;oKOF}})hJj}k>Ksvu9nlcf@T!%N)B)@&xoAfy
z)O}QM?1;5DT*7(=vp}VmTI|@Fe^o6lxlJwqN5`50n?68{oyN*oji08N(Mj!S1%d^&
zlLDP?d$|jPapFt(uM!Igt!762KqV0B>V!u&*wf|V>>wC<#_lrKZ{z@b?ZsJ)RoD(Q
z-x)(n)dW7yT&8a(GgINg0Ev^hX&En|Tn8#h2YRxWT6fJArQ~E(RNgp6Rv%U}A_7wc
zWQtdm$yp98KIYm8QygVQvE3)^f0V;YxSqD2Jw~x<NdNq4MVbU@%^e5wzfim1o?I)J
zfX~U-*{%(X?Xi<M5X4oqd&D$^G%_;u&c10J!Q^N9nJ^zehTWf!N!3v1JHnytWUtXw
zIY_Xko!<;FDNtjT%$`%V-VEdw6zCP0-wbAE=|8vuljJ$2>2C&sT+3?)zn@dD%>3Hb
zWTBSRKg86tri0vF^#WOPFv4o7toyHz<Di%8X7C#UYbJr^z7XiscrGNbsn9~-enZcA
zk0>o6f8WO|Pmby7e4&1YB&BJ`@DNow^IHszLW8WO1C_wn2UR^H9nJ;D>Gz~EOuDOt
z0=)4bPw~ntEJQ*(>nAs-Au(U>mnf|hzyIv7t5K9k>5`K~s(Tu9^O%zipZ93&mW|DX
zD03EljJ!~9U9<0pRv3h?F@tW4*hW2BkBRIjDDWa@oz9aak*vc;zI>Aoz9d9fr+zkr
zf&{bjj!~>sAMDOHQS^2cl0W7}y#2oT`ow?q`dU1Vy8N<gkNtqt+Bo}tF4^>x(?ZJ&
zNbB-zv?*?!#bgY)!&zp8GYt}<dxAs=)aVc(Hu<_-oz>1|xAc&5+@oY`W*S(M4N(C<
zkOEld3bSY@5l144`XlsOIiHj=IyUJQsXT`HOGet#%;yswInq&GY=ym2b>*Qc^@biA
zReqI%Xt!W?=Am`*Dc<_}!)XaqtB^k8_T?Q!Se=e-eSWEb%@u~p*3?|0NTc5Jt)aX9
zCrH(FobcR@nV1!5O$o;eXRR`~ijsgnYdFX-QFh<7yQ-&a9_{~g&@^f)!1tf9b#R0}
z@X-<@{oo~PoB+=eLf;?dZuU&9mmy5wX0WpgUg230XS-jKsv6Eg8q4<t8MdBGZC{p5
zn`t>`R;|2u;fgE37I=lC?=Rg-`C<k7@tp0FG;n-DGG$wZkBDOD#zgh`X-e|?AKilf
zF_<m&4^aed*eU;w91rmaRVzT5I&`yi8v=Fyb27C7)svo}H+@_=Rkw|+{^IT_j{K>M
z&9>c2M~P=fzRk>m;1-&mi$20RI+w7QLS`ig$9kA{Ifspc^?f#|N~T{?l446*OVxxm
z*`Gn*MNM1~G6V~nzD#8^ig@5;v!*-+l(GHTDwPvash+HQBY}Vy;o+g^w}29OUg>M5
z!J%n92|Ce2#_EcqoByK&q6oJ$_306+Av3kHFjrryu;Guy&=*<EPC+iz<MIlTn&#A6
zi?$el$W<9hSPa2858o!y_C{=a|2!EVe*5$Md2)32CYTG@98x*>v@nl-5>oU*{2c`;
zM8<J_uQWO3Ja0jdusdaDK9d^|!f@Tn<ot#s%7t%);{13}7*>91Ivq7JLBk2<!i|hT
z(^#Sw^MJKj8$fjeoOUNVhFS+=lQ&B-c62Tyj~op~{0pYVz9<H)4z_3~Ng)rG-pi+1
ztx=do!<BtrBgrh|-!K)|1S9Bw3}sn@n9_Pj%oww(jCesEQmYxGDe{VOsFZgq4TdMJ
zL@^!>k@eH}fxvhjJb9WEbIBaj_kI3keN60o_jewNq=AS&Y5LuqxSb;@YHi`4QOnaz
zcS-?C>KGLqZv^^xi=C%Q1|5b}6!_-vN~(3I+TWxt88<*<2@TU1{A^j)oYlcU!b5$6
zAJsHlp0!{##J?N*8P**1-81=)e{6X*;EIDG;Z-XfH^*yxbd+VlzfFMN1)yc4$w9h$
z{%GJ9VO|yEuS6JS2|`f*otHyb<SF92jh(#7KOvG#0QctLHqb`WN|SVm#+zUB65Yep
zx(}7dsy-7M>Cd~VLasg_3c#n|*ry{HAbwY|?8a|HVM&1TfN|)EPW%qVBl{;A-HVim
z!>$zn$r1J^s7Ds!6DDgK91A>3H&Y**%6_|>41o>4MwclD`6CEfBzRLRVxs_gXUK}v
z_|BnL=TnDiatZl64Ooek?lul05B7&{R4PZf84bmx5D`4Foi`wV+}I77>i*_?t$B<+
z+$6Rui%<~_6R+$Rt~`8xu|e3WU_?8V&eH~3Iv!w-G1L*PQzXN9K-VT<Rws)E0Xnx0
z@fb!WcIi;&qykNdQz~?Mp}BpB$8vs4xH;ncv$A5S=%FJXh>+=_Al~t@e%2&0@Q0~#
z|9DG66z>vd?%V(S9_hf9Pf<*)*>*e4_M1~^*o#G2^TE;_ozLAG8M4zvFepN=UNr7Q
zVlgW*=|+c$(V5B2oi7k0rp}BhjOCMW7ZW#NqJuihud~3u>B#JbqS%Wrgr>cmToRgY
z9d3=IXv3|@{jTxvtDj1U;YI=e>44KQp`h!hAK>%SIX?EM00cMl`x79ZvwjD7<64FU
zeiZVz!v*s|aoVqqL_)z6pq^=sr$P4g*Unqnerp7KD=tMq!=1_x{5)iE>LBcdJO5yY
zjk<1q(j~S?VatD5nz=ccTB(<dvzRIX4znKtXl3Y8FkCIRyTNQ02f0}E?6wsg)lK40
z2%Fp2-Kk5>a{DCrk6LV~Z)!YN4SmA`e>-V=0C}f;xqC8?<pB73cvhZw$aB`84R}Xw
z>OP8uitIWDo6qdQOr~274sBu@w)V{m?OKBB*Y>3hHq{fW^mq89^nWbKmTRrdW3nvy
z7z!@BXXKAdo~F|O(bgKKWVlsS+hw@?b!xR8pc3kJZlu#DqnlGEvv*%I)UgJ?3QuSW
zb!B-tXhAy<<)di?*bYTC`b{?gW)vVx*FFs}Qhz+|zBh(gQok%nYB;`{0@`5LdJFEx
z&3U^!a*T#3ud*VHw+Q__7ogUCTo%N2H~vDJ$*hMn*h}_Mp#Lv_$*04tW!&5P>P9X2
z{O21JuRc<K?u|Y<k&76WGnhDe+|=<G?&Ujf{q_Tzc2EHV{T^#S9CVOk9Za9>eSvo|
zVRdsEk*t{=vIhL#VpY>p_Nkg{=}^;>k}D~L0VO<=T!W*^ET5_698&%V3KDnj<2UJY
zCszW6kqzvvC=uPDyLhNcNs&8artp#ZkkD?x98acT6fmTGKO%5s8kbNC!>i%a{^o4G
zcz~!vR}$A|7UKC28vf;!rc)uEwUdA5Dw8A)=Y)`WAj(ty3p*x$yjJIC+)mKvLdL@e
z5x-LzO`t<$F_xEW9wN&9=w?~sXPyR)DvjwEBfNc)$Cb-~Z2e#UO!m9#?X>v%n4<MK
zJO#b>IW%}TloKreLCBPk2A+T#GZN1!-hs}v&T59MiH|_$sFv}vWO5PE6(W$-m{$p5
z-;nFaP))YD)8a|X)%DYME1Wy6+b3Nh&?mk6P~gL;Y|~C6bjEy0xhahfJ2R3QXs0}$
zC*$Ms!&^kw5~;CgQg?(R+3dDZQT)4P*CFAnf3ArzMtsJ_3_uwXHs_&v%aCGvZ3Ynf
zRYbicKRIqq1UG&?w-ftcMy!Z?TTFKBI}$MhitR0IaVK?wSO`4C7;-lW(_>2Ch+3#<
zfnj&s8j4C8aF#>4Q-2eS2T-x-*MFibboIpA27N2zlbB0Xlc~j0`U?YX<>!*Ik-_Z5
zuR@i?AGMKC$&a9c=x#_R0&8;*!MC+`QYVqt!={B&pq8B9d*J@2V8YF&DZQ#!mq)Xk
z7WcBo90_`~&xJLs*RfDo#aL7}J||EkaKU2tqu*!|mzG!tHWQ5*FI~QGK7@^gwFEz7
zmlLT!I9pLOVPt-qY;@ibfhWX2N5l_Wd!%c>Snw6Bai-P+v9s7=<nz_2s@4r|q0&_r
z#dk-&l%x<<MgE=fLh1J$qU=&lVs1cb_BTNb(twu{@^#nkS^IBC!duUZAJnBLrnSRV
zom;;%f#PmMS4W|M*b)l>McPhzV9%5Khpd3>f^RX33cx*eAU#vaZu%wnn(tD5I&Pi6
z==a$A0N2*^|9I)u8KSYVX38>=VXOW^Qw?{WBs$9NG9Z+w;mStPij=nTSZh;J4_7BA
zA9!&_G_FiX0&$Z-3f2_b396Y1O^9Cxvjbrh?Ppa--DY^WH=~djLEnR{kA@V!L7eWF
zINwfPcz|NxPhW(>Lj*&>#y?EFSa!O#@GyyPN+!M_zgGdlX-<}52bctGu#yT66u{y&
z4fqCX>=yJ+Sw%8q<rAGa5?P$#tW;dg-8M44QnjVnidvGEU*t<UdZj<sCEuWjzMppp
zTGm{w3WLDbWM#V2=}=ZDa>RgBDGkVsakh#aj&ILv>71Tt(l?(j6=+21(|M*Mc8_o1
zYB2n9zo4y0@3ukjKG#k-5_J&6(|)v<eXP)0g`KZlsF<bl)XMob6Lp9O^F`Bk7=EAA
zu0`+Gezcyi6uY6F?~Gs8(Yd#-e#sMcn8AMc*L?)K`g0AQs}+OZhqL2YMP)@1AAmH(
z-k{1D7KMKZ90zjoRW_6S)AM|(N^6c9xu)N$6G)v?+3}?VC+Cx~7|7l6w=*=Ccmzg-
z-LOo4+)nJa;&bX_s`%eO!*T9lt1p0{5M^l=ErjsWk|m-wHWV7=A`hf67mbk=;>02^
zXfOzh5p-X<K07=_R(h~i-x^IHl@zBvNsbf;KZoGb>>h4cRloUxVdM1gN%nmm`4(P{
zx!nb>G*J4LoWifa`S9&Gssd*gWN*2Hs%lM~ppR1@e)Ka9FMzC^(+@xPd)}pK0Pb}C
z3{W+TU@aSH6K@f|RFdEay-L-kZNQ3fE_!0~Lwi;sT5%&6fh_xp<xgs-%YS11oxAZE
zT~X%XUlMuQilt4-kkTsl^WWtVFYao)L>t5DIyqw1g{<z2qZqm6zJ^a{x(tC+ocw4x
z`8#oz`m(pd%Wt4`{Tm04p8f;t<L2{Gb_dXyP+Id<TFr0wbT!Z|z+<;yC339@*ADVf
zU805Vc=J=ajn8CjtpBOWwOX~P@B|Z3gcB2*>RS1t!N!S)M`B|+=S|i_UoUx&t0n_b
zT!GSt?!u#V@r(2Hi-*x!&x_JYjT*c4gd~#hT8@iW?S5Rd&_~j6famcLIVivrg%VVe
zWA_8tLit+`rsfR*)kP&o4YMH5w5iQKzqKQzb+Ugn+|`#F5-+_koeThvc@;pj7lZbd
z8%`H>FFbMMekQh5B8AB4^yO@hgU>&eyUvFpQ*s&0t_@33Ss;*Fhix&U5b7>IKfa+{
zQ%vAJr|T8QdbM{D=*Lr{$OIdh1M40dQdPr!X$Dc{BDE0RlwT4lDS7TxMY5ZuPN>CX
zh2eLM>$wHJ-bNePS&o)87L<>5*5yk~5g|1I`|KCb@*!gz=>gnQs*glCp8EO)`LXze
zL&|BHS$3=N2oLc0ZeOZLaxw)KCk~Myh^;T+t)=%mj9b7&=1c(}_EAOoBap_2pTau^
z#)%f-M$BLoV0%b)2SA^?v-j{98})^IFaGNJID3(sxq~!Cw!SjtRp^JAzuw_<{W-^V
z0l3O`<!|OeFu#!ZuUOgH8z2hz-qfi}8&BV)IL>^I(sesm(Y*`w7TbT3Y+;I(#m@P<
zV&^x>(pZ-~1@|<^JeiA^(kl-25F3nU4iK)DbFb2v)<7LV+i@zi$>!w8Ja@IgwNkKl
zzvvTre`=nGjk9UIf>Q!4v3Ypd4s2QqO~)>_Cgd2~$)}_3#{(lSM)DqOVA?^%>XDgT
z@<~)^ic4y$ESZ-<dqmVUiD6o7rEJ-Y!Cf+2Q5mnew>d$$!lfg%V}E=Q>fyuK|5MUv
zvav*j&Hc+gn^;@|?EXAm4IONtw{~J?4tZQc%hu=bXj}qHs+ou96ZUqTRXQpQM4G?l
ztZOm}z_<UEcY9_-qM192F+7LTKWlQdyJLoJ-j4kGRC#WSmni~K9w%(~Y}&3TfHO97
zvoJLNsS$8%SA|^HQ$4O0n!s)mv;zDjVoiQsb>^&mJU4pX<ZZX+p3R;6e56PCT@MSy
z-5X4vJ@<TFj>Rc{uGX0Iim<t=t;<aZdW{7lK*dquYRT;l+xoGou%}a@Xgg0FYb@rv
z!3@D&{{LbjpFH*%^Uc~?9d@aQE!kcbBbn3rCLbooP&rlr9zDPbM(^0L2N+_CwU|rM
z#ZZ}EE6D=~$-jYU+9%^fS=j38GSyz{!65O?;i+GsG8~ZZ^!!k%bte#%IN2B_ME-qp
zd8zw@5yyVqY9u7SPsehnCB84MiE~-SFXD4Sq23Zq1YWFWUxtJQjBv_P3R{hp{RUcM
zw(ck#p0Uy@76R<+!cL4P!1|mmjA3lDZ**mO(fr%qiVmff;(k^9_80Ni=(C!iyyu8B
zOr?Mk%<*G#_Z2q>Bd+0#*@-dLx-tDXkt6p7(dVdxD_IWm(`KdoO#_7b3FhrkZc=9a
z`$(YBGTKx}=&2`_HThqC#*n2k1n&=Pa8H=segk48ouD*lk{<(kw)$T)>^N2$V()pD
zoErxBbt+L<p*Kzki?R1PbWr6|goV`S8#wL>waKdhn$C@yYd27kFM&4##EFtYz75$s
z9$bWx35Jko6F0MOZ`$WPFogvJ{rk^uck7e1&9@O^n<*@TT*bjqy|NNPuKboU07|1)
zK+o^bVm0xWiFJ6nua(7I-w8SLDy}SR6(UFj=2eX7k7U{<rQOd@1#TAJWnL_J0oIv^
zaw&f-RgG$^Pvv396MVPh{k<W{Jl<t3)Y7F6*JNB5Y+Ppz4<!9e%1=R(VmNDzC#Yyh
zG6Iw<h>_)|GFMAJ=$(GnOBX#I84G2m@DU^B!<0yD=WUa<#98U2eqf6=lXHzTlVhE=
zMLlC3^c)|c?yJ2znN43Uq#ks+Nf<RuSqFdRHK`!u)fPlw`};u0msK1!|A<M;R~I#Q
z7X8tlLALMu#-p@Y_n>=&%eiU3+7-AO)>6-~)it2m_D`)E(JHLZt|`yEzdEFw5Z+u*
zfXFf=vM<To5wg6;Tk$e<lYCvYe4RMMCuM&wn|miL_p)s8&R&fDo7n+Ui$9^AvrYIC
zVkMEfi0zX2%eLU<uNx-<kRfZ9=Uc|-?uohwp(FSAgyr^?y0)y5e=#Q3-^7EwyGE%b
z+=1j75$(vD@iaFdf~Z<zh-<SVq)^U5;4ct?ea$u^Bfx%y|5+%^|82z+Ps1_|hFKSF
zI&B&B=RhekfuKYdp&MBZxMp2EW3^2=(L%XOrs#OT|A=^yz`@l}-4%NHb+_i4WN@X?
z^@<%S8xm|;r~taKHA;A}u^FC3TSjyyNJKS-(WWE|gQJI=#JrUgBCVu86k<eGVN~3f
zq#HO5Q36MXo&F0e-FM_*+-nDm_&v0ZzI3kZWBv%0<T-+<5?@knCI8Mk(?jj#*o_&)
zoYM)YJRLNic$dYr8cLqrgV%{HPE-z@?u{vqG(oH<^E%^n0n>?#utW|MB#RPi=+}$~
zG^ivdmXZ^RWi29<aH)Y3u!wrC;r_iheS}UobJH!K<K71n-+gXf%r@eNI61}Ra?zZ~
zz4fbSL2CsBod*ZK$8eH=-LJlR5{-1*X-7{Oci;PwAt+-VF>Ge8+{(2Kq%Wkc2+u-l
z321XE>D~0Eq$g!5Ln?(qa`>lEq7CYlz8`?knCe))??b1Jpxe|_AMwZCD-3^|IM#I4
zp6*WuO-ab<NJv>$PzKLVnppX0Ney(U$}VE$KXT{Z6#)yr+rmlj$i9y_j(xktHWJ=v
zss?{4N-^@*Qen!;ssogU3Q8B1xxVYUpycDiU~e_kNO!?k<*yj~SiDEe`1x=m{B3M?
zTJ>U=LfWZGVbmRhX^q0JbC53Tbys=4%?{DrUdXNH-|rvVI!9bsh@D;;t}tEUh%u3n
zagjIBz1bbd!N?daWH}eaCM{*+qk0k&{g|{|W<Sx29P>A{1-NWt(15qb<nCO5jnFkx
z^1VO=SV3Dq=b<keToG}}-_^fm;{kCC>gm8WD~66r5hQD9i<Y!hgyIL|L<i$xD>vIc
zVkR)v9T4gb!Qyc-g<+V!KvW@%fpS+<{7(<>ltFriA-04=3?L~C-48=z#^o}FQv;W=
zQl$wBNEc+fpR)Qorb^y%X%(?=g-Go6c~K~g193ns$0R^L^0<_s+*fDTjFG~&T2`^L
zf{D0wE6#n4QQ@?=zqwMn7Spl*Kf2y2I<x58_Kj^;oK$Svww;P?RczZ%Dz<G~72CG+
z1r>ic|9#HB_wL)yZR=sZtf$#Vn`@5W9KCmp&tsFQ>OroZ<sA;hPLOy#&s{XGq{AH~
z4uQcPzKL%*G<Wnu*urypo4iFy9Xxz=5ubS1tt^#MARLZs12KGcLrK1J0y5B^Fgg%>
zxMzc83xSgkg1JZNmVBp${Jw-G#V8bkn{e^dlo{k(ihmX<=emzNdN-E~M#YR)58YmP
zrHQu5)P+~_gWeNN(rzCkRtWOD6bj3CAu7p)%#f%F7@6%V@Y}P$U^ma~h(TdKA$c=a
z1syV}%a5NlkaQ$=Q6|;K6@9@+9;w9{+7_LA-cpV(W<*B`+R#6eQHFrQ<<VEVStO5K
zfdcT)+Yd{uB3rLB5^;3k8yw6ejID};s?lQ=KaqTf<8D)~8TD59{4%t~<(Glc((`A9
z^WsI(64<c}v=Zs*xO&aW=l%P~-#1)&_a1=A0VjE6)y5F0lxd=VkKYflFV3A87LGVS
zkHEOd{=sx#`I8pw`t&+D5)$5C(jjrdYUocFAT2&ndhp$&>!t+|3<MD4MzEzY?IuR2
zynKw4U|9!~dI%!*fqf6{whbuzw9Y<$I8ye0a2Y^HRQC4T8~v3S*za}Y1<8R(I&!~2
zuPUkNPb?q_{IN!W8jBSkjMa8Qs5<UTL$1R=Jf5~t-r%{U^c%z$jDC*<PEG_HA|Y9Q
zND_`;K!FJyiBPdU9~nN>Ks-+TvoHcRFDn8R>w(0D-cSTPW6lD`5Gib&EN<%VT4k8;
zfW;?%B|vomb5(ms!BCwEFhDzgVM+nY>KK290n<*)9z~`S=^QL#Lg97$W4sAS-K@HX
zX}>!Q>Q1uJGC=F70_C_qvaOatn=i_{gM@SGCyrFGXt19bveVCOEExIE`b2}8p~}hO
zp}ou;jLVoNfbv8n_lcqughrX@sNp3QNARM+7&`mkd!+S%R6{t*rA&7%CWXUynSq@^
zWV#0^5@XX-GYK=?kD>2T4Ia8=19Bh|YC#dy|2QihDa9w*<^>FI6^9gYnpjVwb#L*;
zh}wIYKz~u&RPyMNQPd(#MXlPYlGLQ&BHH4v6^qX{!~$8v$u+gqhBj6V>3x%x<@c;h
zMU{-AA7M|l7|(IYV*bh*_0k^cc!X%CDjbgG??P`gm1}?5e?(=kk{G5L2;!HxM9TVN
zq^YUHo>SXucEZ79Yc@4dD#nE6iiYL3Wo-An+vx+1T2r91r@`Yg!0&E2@6zLaAma86
z{L(*{v63{bPuXj!v`})PKG}G3o;7bBOjXAYhbP_$)Q4S$-E2VE=fNn{cZMF@p@;O$
zp(8I4<c_#i4?$tA6V%5x+cqLD=H_ryMD*OmIiFZQz<AjD30V5685>=r%e9mSP$RfG
zCKkxq=j`y$f~-K~rbP)GbkB|e^i{flg=bh?rCPAoY8;^_;duCDSQPBBX-ccA4<RLg
z2SFk1j_8^TQT0AU6)WBpH`b<J;g)ppg9Vyv^N<%?;&YkezXY~_E07<^nZ_{|7W@wv
z1Tz9FW8RTW@#n?D4t2CSFDY0IIl3jCeg>z43@f3k=SC1Ky8a{*hC@!tL{+mKpJADU
ztZ+~l2;g{m>-?zq3tPmad3{i`Ea>wWG4TDc?jwZL`yFJtO2Tl$@^_3`GR{IYZmmHw
zGWZ4J^(rH3{S3(~n3Y<lb3pt@54Fpcw%z0V=hw)3=11S|tp!j}P>{ffovVwl>j%Qj
z8@7ePlj4j5!@EJ?7X?(m1^z<an`~Puc`Zr2;ngAb>{p~NS@6PtO@JuQ-2Z06`m6BC
zvcF}bIW~qN@Hm>G_)#!x+UpyqyTclpY?#GxFIEylxce%)B=3m+VGm=VKRDpI+s#K*
z*p&Pw<kJZCxqmFZ%O@xqe5)V<?r|lA9glJ-r{RRINuWt_6l6MN;SjkrIR)!724mQE
zxjrXm5bVxCyd<J#XnR+L5Red_B$2^_L=}Yf19g)EStMp{t*6TiYoYRN3e5s-3^i@;
z(Id#V%tnFu_$os+B#t0r`*1HB;rv?+;pxs7c(UDuJ(iC*p5`C1Dj>om@c~3J%V^)b
z;8DT!cF2bgUmL|IU3n++j|fWl0uIl=7raa@KW_3DV*H{is1jZUlSJVD7tu=+Hx;ww
z<w~#NUblPQ2G_Yb(*ykcyYv0r{5@!c5ABdnRC1Sb!Mb<ocP^~@p7OBMBu-P{PgWAk
z$c}j*XyU!n(cGgLL72rKE`a35sHd-Xfn7<Y%y8{9qIV3@TYRR6&<RCf!h3C{pKKMX
zL)4i#o&(DRE$g)jidKC^<!$@23?UM(+En5C3CDt*Re7wGo5qgWvz^pA-qgGT%3tS3
zFAS-uXb9z68JHF_0)jbfUIB1}cx7#V*c<VgcD)L1Zb)MFs+<n`X+yrr^N>I-p)twE
zJ-Qtros|3`cfP?9C13MeYvhexIrks1Xl)@xPunv_Vc30;-uxC6b<!<Q;@+iYv+|`b
z8~D9<bAk6lt8pj^N#J)3BFS+NNAZU{4@jyLp6=X7w4mMYX@Pa+blcPabWJg@)poC?
z2B<XC4yvXVfN7=mGED!YVOjS5R_znsOW$t3)HW{=KQum};>1zLvf$H>uS>(T=vT?J
z<33>Ex8}6xe`1&0xK{URKkx1xU477*0CV(nbFJPT&=o^J%f7W1)q?-S_~KWfw>4x^
zdtT$lFC^|aOs6RM=l}Q+lxz&1Pdb#i_gt1cOT$~O+RBQzwbK1tYgALsZl+DWPv_mA
zh;)YzQ+0fNgeb>Q1!fc+brZ%@<Nm!7r_spIbIZ*Qy2)&v<tog{2<7P~)xg6?<bl;2
z4~)05%hoE-hmS;p;ImdD`&NP*vJR1^1#Y8$A9oj38`NF^CCg6gZec6wNS2<%)~-UA
zM8O&#W6HPUU6{M%OGtt$-@HMO`iQj<DJrc_MX%kfcb(vmb8?|orF&F{`q?%)ycB_t
zJ}Y|L!+8Y&x)R-@EE=#%F?Ik+d^4KXouU*LE1{cpek~^0O6=P|MV_uzmw8MRrC$N)
zB{kpsR+#JOcl8Km-X3AiW}n)lx%USm_>fh-4-mzon5nb-{?d6tWTPC{slKWke~m1Z
zL7Rl%-Eh=WW>IEnU|MOjY_hqj^csAG+xo<WxgGlhIWES)fI@L7bMLQ?TWdO6qwoUl
z8IU3A&k~ofhtLQ>5xLKzhD4taA3h(X#aVKQ5XiOJ5is4Esq$^Xp_p|L&QV6pns!T^
z#ywrgyVULn8tfg^?7);i1M{8~p~}AH_pc-0N*ag%z!~gsIAaSjT;dOJz5EB{y#qEO
z@7z+B*tFb`){y$2x0WVtB|p-v)G~k9L2*}4kIg0m<fZa0=heBN=zuOG)|^}Nui!qz
z(eGR4Ib7JgN|{>+p<kI>Iuxxn`7^JBTS3&`88F!oC<Lf9$%Rp{piz=X0fyKa*1_8f
zVzr^dR`-hco)nz_G{_(e(+eHac*fL<m4|mj4c4{R)L^k>Lt0W}gY?+p&V%bEr`%W0
zcq0E?iv?p*P{&)bix?x$|0ccZD45xzVCCcEFS%E-PYPA9$}{PI2b4S={}bMQE!u_}
zGi;OA1C0d`uJ33o*Bhl?SsT-o;yhj%Hybq&+m#y>W@XS5D9x~r^bvDXMjv_?wnM$-
zfV@C6lfH-EB^7&;^m^gD;U1c;Y9azoc_Z(+Rnp6x7-AI1>pnqV*@SVA*(akFwiWc6
z>}4t|7jO?bqwXC5?TCPW#HfU>gDdTrZI*2q@a%B{nN<uFT+M`;9GLMtMN_~rOY+i?
zH;3zVqpe1t&}j0T+?rE$V^nDrwWE8zO@g<Wnf<T`3fgtW<*9F4hrb^)f{gCBuao~l
z3FeUEZ#0sbe95AC38MK5<N`<St(hsc0w>ENu17w2xV(X3_xxyJ@c$kyio__=qU$;=
zM#MV8!%xf#NPDr@x4ooKEo&oG5-->O%OxKxjVtHAfDl{Gis4DyFdgTfKFO|C5UR~&
zA=CD$1PKtc@)f!SSCLN1dZwHW@_|hyHi%w<bJL}TStxyRo_W?{RC1wVv8jLpEQjc$
z#4IUPL03kH6*||chp?4ws-gqX90b`yMLL@s^HU+`E54~sAByv-cXSopI!|+9eNW9r
zF(&@3n%)opz5zRnbgl6;UDh^FB6JN$BSqBVadhFiMk?c}Z%G}3%4uN6mCQPF0Cm31
zP;?mf2<``X(25JQma-Xpwk?JNS~)7*(5t%u^Y6T>BEiMR&sn(l<ew5g)(oDCqIy3L
z*apmCU#M|m8eo#@B)#+hw3Xq%aG4ycySY$XcJ)Giy6IV}R<#6bDyX3qCCZUz0@{F)
za&gtj1-3f2dF-l@qpc@Kc!(4Ydm2lAb$NYQEm$YVtQz6O?F3o~k;OO)@_Q!TXoaXa
z3ejO6Gae++osKbdq}FfL?I4V{=Ar|l9V4CCa~fi)qwSxA?Vs{>4G*&_uYwwhKyODD
zE<9cHTmOqZWS6gac|OG^fd7@w26E1g$?l?WNYAI_$1)9?@30_|LM3v}zR4}C4<Gnn
z^5+*&9ft_sL3W068Y&l<uK@KoP^>nfMeYFqOz%D_tt-DTiaPoBCP!de_rOHT;#n0+
z8s_?WWW1<lrnH1~#^C^HGel%XFGP-<Lk7hH-xv0aW`ZKyvDS@P`r021FDbQ)O)Qu@
zNfr*r654md1|&lma%%)5;QoGr<iwoCmgth0GmBRS{?K05I)hV}$yq$=C7d2<nil1D
zZ;Vb8O8A<>3%^XxZj|{@SPWj2aqw$t<PW^pNV^?2jG2AJIyVBb%l37=E@>9DUeILY
zIC;z4q~C^&*<ifKcfG#vps`fO$$3j==MQ^Yt<_;o=7X8pqK@wx_btI8HQ|}b-;9jB
z+UhA{tU8~!2t!sKZ1;LIA&hOyNOKQM78I%}W>1gQk^~!_jZtgdRI2H7YJCK4w_{Cg
ziYni{ZF>@zTO$_#7Iuu(R;J>)PXI6vy^GoOmF%$jkT0dqkE^^AMO8PV8=)Of0rEj^
z4w5i`F$cvOh-54=Fy3~(Y$DMJY<w5~U6c_Rb?9S=^GYa=mG&zejL28h4c`!ZErPk9
zat^Z0w=B*nb?a+O`H&_vNsxG}z9E`e9?ZfyC4(e<qCS!LB)Md&8mav(7<;doXqWb$
zW<GD>`mpdOV=kEDWbyc_xBLkwQAypnYJEN4T&dLQtKLyx!gKfM>fntQ7}UFzePr;F
z1!fQPu5gkLruC5lEkJNqlJyDd)v(k7L?(CA(0XAhg{7sUgM~j3J>e)o*N*Al#5ADx
z?8EAy=%*HH<=IgPD)a!@4V?yUh-a*>XZ+8?aWJF;DQd)EOFmZ83D|%D&vA?(PIiP6
z840x3CQ74)GcBJ-GiqDD+HJ0Hdrqsx`!a09x!W;o@C+xKva~fT4(C;JWziQS;g|mm
z#;>L(1`tgQ_UkFfhFzMs`!TB)2<)@T966Oyk87*<J8g)?XB`y_q|7XD`)(h}fm>VO
zA;7b$Vu-9Hb>-~N2F*r|>|R~ZS`V_R5n`$Nb^E>#LE}jG`vqNmyyC-TGS&n(;Pg|)
zaKPU`D(C6aln(FX<A7t_kbsc{gXR$%ijEGPn?9jTX0of*G%826OvWlrWiZZOMyLcO
zhjTFBf^}^VUfDnURamk|R2$K5GV|vwtusy6mB3icP)rABia4`%;uCg`3puJz_CTUi
zd}nK9_K4xIW}V5C%5MR>Ez#3r_DU(n$#m#C3e9|(k`0t%!?Q$^*tYPowz?@la(E@=
zsz-mFc|7}gBEUu2<Xb__LBz4*D-eBq{H~z;qPGsJ$f=w!&|YgFOJF|`bO=Pw#=k7l
z%CON4m<HvWL15y|JtWxB$5UP`)ZHGMfEp8MMedM$XWdi**l_)mjPQziXpw<9`y?Dg
zAtw+x<KJwr)lo6IoHCb+Qnc4(sV$KNS*nB=%b!uOwwCc>c-1si@$fSS62eMKfKJNq
z(wl>WM3Sf>_(ymgCpH;2#%jXW52;qFd%i$V$azkSL#j858Bh$NHD*=W{=p*D!oo{{
zI8>Mbw8l6Z)*gv!HQ`B-hDX}HjFCVgNB+-zl4`1(>zM9ZP${S`SI}xaWqt{@SsD<(
z)&Z@0h(CyOBM?@GJamR{)2Ds0ennV?(Il$Mo`~|$;PMSj&<QF&jJLaY+{C1*qUKK#
zVm=BIjW<~dWKyP9Og{x~lax8fotrQSQS<OjO~)%az{SLAYuBaJL=wXahk^=`$4T(F
zoxi;oKQZimrUJ!7F)f*_p?-`|E@oQR-3UXnBy|}Vc$|{uMWo8KGKsklI%{^M`&di1
z)Z#a(A!is*DQ7W93)6P0=^#l2@u*|MTvQ(OPru3pgTh|Gv~7#@ozn=#%;Ec(<0Ah0
zHJzLHI4?m)l+I&;Y)=L9;#LcqVC9m~(!#98d{4_Ir~*SXEx@QEku(G5l7PF~M|E-r
z%{EZW-q)H+Rn1;wZmAOpcTa4NWT>IKY;0JrReTpT-{D%l%nPN4O{P9XCWu9=wJxkA
z{(K}St#VGyZ;&Ls2TQ1katPbT<AxX}cc2sP0A4oh=mtvI#WHfK9Av=LU*?7f(KX}2
zw-5iQUlIgkrBtR!Dxx7P&RfBoJ>|G^6mleBiDc#6yyDodGxTeiNqprRLd6DDQ@$6e
zMwCq{ynYD*taPnEr1gB0reOixMLie%g3@7cVk-w714FBng_*w2z~$R)^bb1dwbM^1
z0bwv@5S-(bTz}2A(nj|%aH72Wzg#YmGCo6S*h^E9l)yMI{1s>c_`!1wA0)IZf2ea3
zovKcZDI(e0eq0^ZZL9b(!723^I&Q?uJ<v;CPzy-#j-Q`L%LfFgbiIjmI%Ws{4$Vb$
z>RybO{Vrs?`nK@2$_kev({rH<o~el-_JLxM_Nj&5;AYwE{q{cXms{H48}DvCv6R)8
z12<aFbYzl9u5jhi3N90O_wB=z3P`K)F;cZTVc^nPXm&<KKfFGoaE5NQKE6!4zfJ}c
z4{+HE*`Ss2r?mE;no6k9wz$(1)@;HtB^xp=369sQF$}+byaGVe;!UT5<q4yxD`ABv
z(_^>`g`dgTGyVh?9F(lu3el8EZ?cDn%3W*>8q^2B&SuP}4*XPCAyxjJAT=7X8vYZL
za=ITSbIw8vEa8$@RLrbi|Blv6%}D}q8e+f{(bx)^S4}b&TCJxcFwl)wmXu;4Z9FU-
z_|AOR<pCrtseqF$v8<2^PmE#Y<P)(at)7vJn>1IV>(TuatIw^&W=())J+VU%rc)7w
z+k^zwloEhkSo=3$hNH&Rnes){g{_@P{F7KL>`l5g<IV2rj^ft_N+)DGNFB%)+F?71
zqLH;WC*Edbv85$1on==l?FF>4yu-c!+|M7Hy1`IgCjol(uWIO*gY}Wk4ovi)7TQ*#
z#`1_^z~Gfo)5_#RocYPEgtVVQip25MsIFkj=OS|>#%q%?1Lg@;9t|9LgECeNT5b_q
zrAemrai-@0+%dMe)I+U=VWS%2(v5ONqs%=CSbfh+TFIeC%QXB*c@b@|mK*SdW2yxv
zH!Y^pt?4$^RRm*?lU)i~j1`bp4G`K+)TT+%h;4P_9e$aUo{Ua&2!pkraE{iW!bGFX
zto=T-P0Woej<DuJM@#II)F*!;HH>b9;Vy>eme@5@pL+zydNquF#S<3AhN%lBB;g5v
z?0m$GB?F&ObG}6ObSYm{A=zixhLluJhrjJQk^!p{F%?bfl%EbD-!55LSD=Hk_mKKV
zGeIij1SZ%M53-39Y+TStZoa*7WcTQNx#MZq83Qs!VAMe;5M3tg2G9b=WA4U0KMGko
z@}+eb%UEz2#Qk3*%)V_C<D=vGs1Fe5^UNBnX)jOOKP=Td2}p150Ap1U-A}z$Q0+^F
z_O1M><lok%;gGiC|8)A?$|^1oP6N7dm#t8?+8fj}mS+cQF@OUtugK`OMOVkK0G^@L
z0qX(8AseQ84E`u2aVW~UoIyT#tRXUI`GYR}`J;;GMTbGB$rvS6dFpC8{8qPmyd5O4
zxTH_3G6fFJ-M6~VhHUaxX^yX_UEr7diRr!5^-eh*)8&<{r%K17bwVvkR2Jg)6U<Vn
z^$@C_@5ja5{|lrQEdMW%mbCDtm3w{tjnJA7p|5m~0-tn^3vxetIYZ<0b|k(Dnn8BX
z#CN*A-wALr`tL*X|3^yox_-W{nco))nov9V|B$rL|3%WojuGipusw704o?SQIbOXp
zyiH?Xhl!r$4)DK`nV8-%sw_YS@arRDd*{c)HwjbAo&KLB3<j{4d?zU|fDjWhS)4TS
z-#VxeH$#(uHy7H%4ro>iatB<!(Xamp4hBEJXzGUXKS-EV<TnXRsRH~r2V2<u|KVVN
z|8EXPDEhxS*yJS>HCT=2sxjvC+qPd-KJWF``)=P=&-c?y=hvn50~*$Ha2L${g*|J9
z(77Z~wUlqei9{IT(Q$4EGs3gT0xb$AdC^tS!!2Bo_K(1Uwnt62kafX~lusOn{mN%p
zOFycc{AL@9C8mOr!_j6d)h1XEhvhL&*Z)!Wlt8*rZ2Df{LubR})kU6~U}5D7{@=o<
zegs@~aC+DfP^8@H#>Oj{4T}t=f#}z)%M52LUKWdZjZJ&;Fw<7o6B5;!>J$a%m@d$&
zqq4V5mH=CfDRE8*KB*!IgtEP}b66$n;4fxTBTs%p)y(3^_QXyMs{EX?vi!W#Yt~$L
z;UGd>+et3xL7<N!&p}ElQTKxQf3gGSSJJa56%wV(T_GWIG>uXL$lo&{svPL>y;>9Y
z89SLp7ML=pZtb<;gIBg-ggzGN^sZmPtDblFO|B#+FaMq|+B@p?KkchY<gcmsJ6GCm
z$u|=Ul-D+87BlXRzP1q|WX;q;;6iR}=UaWBydH^rvOW<>)ggSWR?!e}koijLRBD(3
zd$;S4HxR$251!N9a0;+h-f9H%V9V)81g)Zo0vH02lUo`!t)wc%ETLHs3RelPyviS*
z7W*f=9M0$!Y{1U4O^{h5m$-d05OgZNJJl@i*IUpHV-_i<y=hg<JO_4@&J>c%?Kll+
z>)6;>MOj6#+x9cxuPq0rJDhbGEO6>ML#d70kTZ+|izGTRD$Pr}BN)*U2lc5LH`D>9
zniGq<NPD}&g@v8qeP~AJ3&-AU?~y-UsQWwM^sDv+tl;F6lwf6~l4oPuJz^5Q@%mvq
zpO_BSNnj9%2{KPc1Z>%11PWNswxKZ4qdY-p>A@sWMIQ?e-lVFya9h<1HZU7mX-y?D
zLizkYloNi*TJj26`rAvz&TQV-RO_aj2cqdi^p*TgV@RJflZVnyrz`QXmv+{a0+_9z
zLu|_+P%oPA2_Y|}+X~QbTSq1b#PIjTaM_&SPAu$#xWL0QO33fkvu#Ri2goSP*+6=A
zE(Mvix-^aWgamFdCKJo0_B^`GyZO@}QK0crG(x&DFk4a|O{heW&#w4x{GgPGm#YWw
z`Gwu|{wpfq=H`-)cx2$}-{<i4i7d!p+P^eHt$Pf+Co*S|CPkZRYrl*QI%oA((JUPy
z)z;P8q7B=y2N3-94}Ze+{2`3s%q#emi&l)$Fw^OA{&mSP9>P>w{t;=*5dkNaqLeYV
zCOWE_H~?$Cd`#KRw$epN=Puau(>YC;8FjU6+nS8lJ&Aroz$i)YAC9ta(;aGCEK~_b
zr0u7+P$N4uM_x<T5PDgQ-Je4|;!zeIJJ~FHD~*E)P?sB2i#7~y7(rsqabsu|&fIOf
zc$S)+t!E|5-vU2>_x-#G#m^P4{k_&wRjw!Q`r|{!hSr=+8~r{#mFil>10cIED{LK%
zc>n}INP`11MgWNj^AMpXUV!`O`LV#=;RiF%4}Y#PyBA<O$48(3i$9kmC%*F|p;Ht=
zX4Bb+tFW%OX0KVHj(h3Fy3@TPbDdDT;YKsqu7^&bW9jjWg()V?&}YOf$unwfwidwn
zOGpi?YtO$2DrZLX4xHHUP^M~m1{B6!^`g}YIrjB${V*s@gf|N6r9j5OEF<K=7SwQy
zSNJD$<U+C;{Y#xeQ&)Q*QVZXp;Lf^-L*Wc1n?9@ey+9c2T4jf#%(PzbjVTvhaI&+-
z=rxUxR~1twoyASsjBlL9HO*Fuy5$Gmu?U7Ww?5(8O6^ctH`4XGZTfyK!%)Bh^!WTW
zX~Dm>ye*cc+KFwwWbLMPhB>`o`2q*VVAJ<Pkq>)r>H^2=nHh?!xpQttH+zFe7;kh-
z`kSd8544MNR1Vmuadb1W+&-Hw<mYt7xi8HAqZb7ciQKMpH67dM(Vh>TMJabP!t)1>
zAC0Sj*^$If3wuk^t&i4(lcVYI!ym2T$3$<19_yQ{t|n?5&BW;IG;75dcJWF67FbTa
zOeEdc!oyQ$_?IOO!k)1B;@E_aBpaBehKO?~ePO|NU}7o$iQznD)K$?MR+Y5K3-+7n
zn5K8xWtShZdh32v?s&Yl+xE`GKgR0#hb3V4>5t<~bs(PGyFTj--2K{nIpW#}@^TU8
zwtn^f@t{*w6`h^0F2m=qQJl}?1a<cEf%6@d!M;kICmP@9%vRzOP9G*Zl-{~^#gyU~
zuh}b6e6bFgvzX#~rsPE1^IN!Ndt_AKZTgh?HkhZERJnVqdh)$wD0I>#3(-GX*d98X
zBWVhF89zPkr}?$pw1kkG70sZUJnwpBTP_5?9NzAKN+SlK{E<UQx(n(b<Ua!|iDO^>
zHfvY6?8<liD(KsfR7nm3_X0eh&(AvoQd&^be^+W#Xn7d9GeusH%*Ff4E3N3xTJ`YS
z@z!@ddT4nOvsYo%7w=3zF5p_Rt$S%mu+KwV5QqSy-t!4Bgz@r$eOTn~cw39Xu|FF`
z9lct`26o0OxfH(BMavJi5}ib97_4Q)zz4QXQ~>Qui5u|JRj4c_S{~aU%T}u!-NP+g
zWbBVgtJc5r?g8DUcGtdf4Kjzhtrl?f$2L{?-<agztb=Hfz?qVQI0c_5K@~1SlhY`V
zHEj$;d-D<q1rUf3fR>yr$6N>vxwUTqtEq(0Kg7?bb_b$}=vtU#0@c-3#;7-w$#pv&
z@BMs;i2ll%5=)vzM>UmYc2e;~Vg#|ScuUiG5f&L_1g{}K{ghl`Xs7{9@@%eQ-gMzq
z*LTbMH)veFV;9aqk1r8b+y`EN5!7hu6H62dHpdkOFeg3@;t($4SoIyIWiVy=tWd0<
zp!wbS@+<I}FHAkXr=-YD=g@<7s4m#pwX}B<)s7WMOR7pZfCN%Dbngq+`~g_NtM|dr
z=qdC~32})ug`byV=$8#}sZD3XW}p;HqqNmJB9cv&+-z8^+H5@t%niegqb64-y-cFm
z-r8))I7|y<tv>VQ!Y&N_F+PMc>BH_V<QlA(XGx<AllKUT+<nT=dr|F|J*|Q3(crSm
zwR@PS`KtYYAVpu_S{`a{r#bJ{wt)UAF?Ud1<AKf9%=v~ue;1dmEg%tc{Oraj@V`VU
z<Y*2tI~@av-PRqK#wQ8TV%VFzqh(AwW6!(-d*qz^nW@&czyn8(wS-e}8iWzeMx)Fi
zH*{<iv*(lhs0sqFn;rV1fn_(x$fu<v0R|+Vj#yfa90%*`Vl>i}HAT!Tg2u466QqOE
zDUHTSkf_)V_3Q7r2~E85K8k!>FD7wD0Xn?77xRK*v_6HJo@I2_JoU%Ewk+wIG+>oK
z-xYH5Yu`-V<^wR6Z~DxigxppbnXRx<nBDRE;un{`>r%VvvHEfcioU9~9!3AjQWr|M
z@&gUB*EMTQ<DEuEh-;q1l2uFMVjTJJwfqx&r@|JiIV1EI_VXVhSy6^;L9~`Dkycvr
z)Chs>C05}enhWi!N?AB}Z@4dBP(91zn`NV_%E0hA(Gx#$!M&fr-Nod^kS~8WE`rv#
z|E%6yA4LSbJPMD6ZQxFw?5Zm8Hy#k>KDFjg5In!Rth@Uk`}WYWZ1W9G_vy)?lrGJH
z-wNi19@)79N!~};_;O*_bfAgzPmz)mbC>%#+4)r+r__=T>+45dEbpVH1niI52ijkr
zUpi)H;$L;q>=QufVBtyNKTF4zT%g^Nb}G=~wLn95+7})Ck-qDtb~N6E+2R!)wFCCk
zcs-4!XbM2boJ4_87#TW?4+s7j9dmk(QDoA>F|`pkMeJVMHw^Z!f!ztBbVM?~6eD=6
zS7pH8;oF>D?3!XRb>2C2j_+#Q*da|y2NL??cGz(kjXt(X)=D%6{c0~%?;wZv_qqKz
zn>G3z@*RI3`Ybc*#9bQrVEPn7q+!LD!77gWe4(k0{i3zp3F8<~ZBR1DXQ-b&R>(#R
z5@iW=QNNOaQ4uRi0-!$+&QR#5<JaRGN~g<=mrY{+?d{rQ`aMq>k(k6SsfiJZYtTn{
zQH9524LU)zD%HqyrMSjj&VfM<!tup-*Z+4xH5JNCe!UkJ1g9yjfP^REHzR<!e$cf`
zh#Yjz7RjfxCv>t2@cjIbX;M==)im?>VXI^G_8qS{AS)$P4NzmnVA;!a5fsf9*k$<p
zsa_G#zylvvdLF#NrfDU;XbU&d-~grlwL&ksgBVx+?S*AgGxLX~eFtiNS=E4benK7d
z^SMSj?Eqd;$ufas3LUrPma4%ctxg0TuLEuP%8Dl3LTKW2#9;}1-XJXC>9*42L{t}2
zaT*qoDGiCxWK<KRr-E8pXs#~QZOdBaLVn;B>eB>vlBon_lgp>$Or=EwSk=UpWa{%X
z{3=*2$(q6q6(Q8E{mXGlH<Cj8NRRDyuKnrfOzMNI$p7xp!j$k6*q3}*R1DlbKUcN^
zZVxwYef=RgQdXP0%fh$lpWX~^DI->W?DYNP2$uJ>7Rp*?y1BAXSIl8TIun6gX-w^R
zak6)S5}Fhj;aY=I5|FZ!X)aP_oJa*~$Zncuvu>tm_J<wUB1nJQMHkW(M^#2gyl$}!
zBW1i>+faoXn!&iK2Ir+BGmth(X5gzL=$Ch^*<bx?-gfrNG9b48E0H(cBXED>Tzdg{
z*uMMrUB(sHKvb)w`{My;Ul9L+m|LSbb2;+$$(9!eNcs%ritP}s^Gsei`mjO0P>-K^
zF1rUjw6++zl1xdS(N)xSvo^emeDUq7G<o%g`Rm?+33#Ofr=m?{(d*<Ph^d>@rWO3m
zpQ|EtK7Rre&o_xo$r|DeGdZo(l6QZrRi~`v3FFL%^$#-ZG2^Xj>06{hM$$tQ*Eb*4
zrs{9_;RXMo)sINCA|t*Tn{q=VGL|Q&O|_?A9sW}xtV7SBd>pkgHHQIk4V5D&t_r2B
zMORA!f)<K|4<S|OgJP@$;}oEzU;Q^u{MV<NDuJh%g{xV_bieZg-gMv8PsK<m2*NO6
zT2i>qa8Wu@)%`sOM`2L4`3=A)*r>1~md0~4P{y{GI<?k2GZqqZ55e#7BX?$f<M>(Y
zaXOXKR+@CTE4FVL4f=m~<M3C6d{%q1OV>qnL6!~?kmatEAj?*su(!*_%j_qOi@*!9
zY|1;mra&cat0+6(0qRY`IZ?B8J7Qf>ob9n2-;Rn*lh+HzRBopb1r-9u5m{yi$PqX>
z2;i`dSLW>kqaCWf&+^u{WyRAko~*|*C}=2#+<(7;T@i0VL=da<quTx%X2%@L=7XrO
zV72+1F~tpAd6JVN?>s*5al<@}jtPF?Ry0|u)0Q!28qy~tk-C?AUY&kCR~O?k+>IyB
zr+{S>fzw(nmO{c3y@Rezl2<tT*_@m7=D#X;v2Qo}mk?QF9JnaREt?C>dxpM#{g!$%
z8X)<D2$CAek%5tp*B4<jGf`le%5l8xE7j3q$2J%k<4C#~yD*rHGJ0RoW4=vF_Li>q
zlomOr3(p{o#M1Dw$EkUKin@oHh3(#u;>yEzSY*--_+VBSIDR6dKLd-3_NBYNI00$~
zKy!1=J#Z4I>QUs}@hpxWPiLF1sm0+pcjdjr5ro&Rx5Y+e1_R*Gm$aY}kQWyz4(j^t
z`^dHQ^{*;%^VO}tUP=lZIA=QFWJxlHjsgW5jSt)jIlkon4Aqese4nM8t?BwK`2i(G
zn6!MFpPB2OX^(bnUaf09C{tf~N=*md>xYzdaR=Y@16S59PEfrAOZ0d96_PlzR>}vh
zdG=f=AFCd!53b?SX5OKq4iej;NPI?y4dY|o_!#Z%tcz7`qdC41tEPb`w9?{&XQ{An
z3+tEJOHHU~x3%Fq<nZ((o)(Vo7S9fT-gkGQJm9yh#M;pV%1jHa^exIzn!-*eG^MjA
zQ}ES^bU)%~-ja5e#w8Cm<H=O9I+&gL&gZg2-SNydN|@DAq#ofk!uPkA(Jz8E&t|xK
zkm&;M{}U|Y<*=Cv3t26KGUU88HDq72g*y!MdDX!)ROSDAdvb)_VCjK{LH9-lz40+~
z#8<cq?9CRL^u`uO(HnU-u!Re!EUV%y8Ldp_W0TH!>Kh@Ed*b#~!l+gLotEZ1qKa7^
zgrWlmDn+@HWN%3BVG2MmV9nrKK)Wj3d>Sw2O*1g4n=9F(V3BN!B>W5_wEfra5zcq-
zH1cK2k+7bF$vf0D%pU6I&!aa``}B|D-<nPG9(7SlFx72bL%2Rslpyk<J)q<c?P*7p
zNFjj$NTK9H1q6&Zf-B2?B#9;lPxI?kBW8LxM<mP(rtKdXjVA6cD*)>>_o)j#aj=UW
zSf(6OysLSK{Qe2wXR4nmvrY0p6TYv@(K<2J&B3sTkgsRh{Nr9pYjBq1M%F6$pbGvr
zKC1GwM;G7n8iABXb!mwI(N$;~(zt5gE!WKoHj;-bsJK^m5Q$U<<K^>KcQi&(I&Szz
znV>3;olj~}T=camt+=^B+?<O0bvYKV$w~0Et2VSYhA(=H2-q`z?TKkIrvvvv3kFe^
z+hT7f0ME8<SyE4F$&%ld#rbp6aY#HWpg?V`de9-?njMm3>y6OBS!PLZM`@Jq_^Pe`
z(2ramz&;$+oNd&VO(I}`XNGWJ$~l64P-CA!Ka96Sr5VAg7fh{Gd?1R)oFCf%lXk}N
zheJGxg~IanAinR3d^7HaBB#@uG}%gvwkPq9PuNa!N8ZYH$_d4i5rw=itOn^~rU5k}
zmD<;^#lVCAQ_l!D%C9{Bt`3AnO>^1{aeR6^WDiAM7o@mwCp%U37bR8$Nv<Gi@AJu1
z^xC|L4QOH?%%Z}B{9MckV&UG_S(`(b99x?TejUSvZta4Nb(@`O1lS_0Sg|j1<jcyE
ze|2zvGCzO;FW(LBe1<loiOtkgCbPR0<3k>k*#}XEBCxWOO<`BSsmU0#rVX>a8#Tu8
z>ZcF)zZ0wvM3cct%BT@!|LSziRbZ{>o2ek;I}qZAir|OV9*~nu<^;%dk%#aLm>0`e
zl~>U_5Hkbb5agHLh5l`h=^l6#7>*21E%``M3eH11yq^!QFL0|j2ohHx&Mi^x?)0Rf
zY1Y#x0>xwWIaK9hljGX}lM1dpda8Fvrjrhxz^&`&JcALN-B32p@b4?zj<JFAlWhvv
z@`jxb3i$y%I^sG9a&r+r|N82Sw5a;Zo7RQje)Hux`)7sanEaIon{f#MXP>U#Bx0+|
z0qdI!^Gbu+j|=zagzJ9QW-eH`t$nQ4V$90M?8<Rf)wzxy*0eM4(bFDkIh6moIBa*c
ze5d`H1n^?h1>86<Dy!@!GMS~_P;5i?(sk^1&RA;nJa_8g$<`5bS_BouhvZ}nxxdJ=
z9Q!770PQEYP3(%gW(Gdb8cGhmeSA{5yKOtV{8e!^tY*KMiiAi_@}z|8?I8R1v}eB<
z{p39oKX17_ftT}lSC8%6K)VA^m3P74{4W~{;WRstJsWOpu@j3ut$YZ6_8vB!rWS8C
zyVX5-@xlCjd9N3bD%u-e7YzRFam)5^Gk)KF@%;R}bPzBP392g>*a186294tiKAvO6
zsyFR5dG9YzWKD|Z{E+^4dD)|+0h$N~l0e+?V$D2uuuOxTdqw#ljYB!h$MwHt7R9H&
z@QM8)CD}gN*Nb3&U7SJ-OhMe9V!Q-a=3iMZenLCdW2NE75HrF;%GmEQqO-gx{<Fcb
zp$syqSDoXc_^#kRR)hu21?9AY(z?v|$VZIlFyXqzwL%`x2;EQX*+2WsGC-$5a^5>R
z_EaIhh>KiI;$aj^Kk!{TDRVG=U|AXkNBN=9NTwt86ns%X`7BuQ(3fW)W{~7-uVa2W
zXmE>8-6~~HyJa_Mjf2oW7{huS3uI5(9-SM;u*di{@{96WemA-XX)2Kxw5_TwK8oyJ
z3+<yM$9fJXu{PL_fR)n)JmOAuX(UF3`ndvBy@P~B8dvpPx=+O@;pr!iLLdS1;@hrt
z)pyAmQ~}wGffKoQLZ75Dl5cr0_wv*MQ3AP9xRxi6zvjV;zM5qWs~}os_9Sv8mQzHp
zMMWaRWlsICkZ0d29`gM9_<`%=56$ZJ!`h$(!ewPKkTwf5rtpq4Wg!Rt(m1<a{^Y;=
z!z|P{5RbAvw7;Tg#k<VTGzosipC93_A*I>q=lCpFscQVQmT}Oo8WlMuTxcU70s+cR
z@YN4XMg-4fm?_q~;lLbf$>%_y8DTqLDY_iSAz)=+<`>j&+0MYr@DuYif+!Bc{AI|1
zW;hz(LGGc$!yqZ5LaH;hY({ugMQdw9)<?_I6?zL=4uF(R*Xj>yTLDX4pB^Tw=-QHl
zN_|+>P@uwF@0*sC!oK*783L4+U=$k=p_HtNucRdutb-S(n_>w?37rZK<a2VJKXrX7
zU{P#TP-HpXormJ)WB1*Tut$qgKW35|AXQQ0a5snz6AyGyB&mpuN-af{sw*6oVgC+$
zv{Bvc#P8lzqp}U&h$U~3Tyt*_v>H4>_m4XA_s@s{^5EuX-?V=KORofLK4w#Zf|Zzy
zm7t0Wh{S}Q5+;EqM*n0_+-7w%Evnow`TU$Ilcpv8iNkF|$rhJk11NC8s&ofdZ8)cP
zZx^q=3_eny327357GsnZpFk^b;E;K489i{7^hh#ELp1Pf*R+}UhJze4Fl^YD)Q=@o
zn>`6tyX&0LB#t`mb{Vlpm@#885Xr+6ieXrhNg`pE8Vunb3G828#@YqaKajnxMXND}
zQ5M&j_;rkq)BHSyJS{(V;onEylLgw#NALMm%JbHo40OMRbl}%Rv`twUo@-dMZKnSj
ztVxuZzC{i!uLCMl$p!H*rQkc*cT<VnYs6kF@nTQM+XhZb#=ig17e=uuH%?2M6DRhf
z2ab&*z3(NT`dQ~+)bSFH$f22+npP}nO*__PIgP!4^f_qw-&2^rIw68(!V5w^CZ3L+
zS4hw>APHSi&OYLIL34uDB$VeZ%QL!bOGbtRE4BjA%yArLIeX@Z)v@KCC64<hVCZI<
ztlF?-DqNiT1u0FAzteqb4rs<Rq!ZT;9Yy>5-UKTU^1Mr{T2#I;r)23)b+2&!k>4L?
z_3nFYzyufD&;wJOV@+|pKZflqJhdlS%iU_b5WpH(7ms7})JxAv<V^oo1^D@9c0PA!
ztWVSRI9}j!MzK2prM;1{*Zma~l1~MP77w4lzSFd7J}n5I^IAGKOQ!^F1a7V76x|lh
z^QSw;{3tbu+4J$(!R!{GOuLBMDDutah3*^d=!I$^&tPLmlUqQ@HDg)wEU^}gKTRoP
z_~2^slWThm#V%P=8N(Krn@)@%?@Rq#N{d%gnpx=o*E`XoC)0mP^~ZPiTvk00Kd<F}
zS8)Q^Ht^y=0$Lu=WxVTv&`yYRrKqwq!kYzY*<>%BFGK7>Ns89Jcmh^we*zb=SqkdK
zg1V=7Cr%!SrRA>+L2-3mL#M3sq~&me{e&?ITzZ|oU!U0p&QAh0z69A{fz$Z1{GgC~
z-qVmxZuI%`;7!ux`P#tv07x8b(ZCNuTtXtsTYr4QyzBOl-Ndr>6mUi5p!CV0yM+}&
zmcm&0MzX6qY2^rHPnT&kpS{cDirtaB!z&DcIR}F?fkM>Zx)D<HL$;!Ut+(}q%me7F
z0$AtSfgfH7R+Q-Rd|;B65*G*Vp69Ta*W?UAw?Wu6P7~fgx|tm2==P#HGr}0bWWI!u
zB<)`$a-Ks4^#EsrA{Y9)J<&9<S?2h!AGeJovd9OSFSuR&oB4G5y<MF#eeGWVD7=JE
zzaZaZNoqp*z%?Ugm@HJD;C)d+C{^fF-U!G;B*BM4O!rVd^%cSLe<SAvW3Pf;h4y)n
z)RnwKewR^cV7$n*+7TSFiSd%DiGUL%Q&fMpkv|wi&|c6C3?v4iLdXct*YQDPaMHns
z5P~p^Bu{i!;a5>~ZyqZ{bk%+F{`D_7cJ{tGSMhf+%Jt>QfW^hoPQx(YV~*lnoDUx)
z1x1B8g=df-te9kd6CBh*H+8*j?Gz!v5dLATn4-+g{W32@KrH|Cg@5F*!yEM+5Q@@b
z;@#kV>{A1{`MtYOGb%Cz|9YYI*<Fg2PXAD)aMG33j$&CDqMj~e8u)`L{Mj6$^Y9^<
zBT+s6C3r@83&hDLXn7Un1T=s2Aps439n@(c*lHsz$>Oh=BiQ6^`(&j8GgtetZh#8m
z(yxMi0(OW0`54f*6x&>r4;+Q?eU={l=Z;e&{i{}Uq9muan;N+u?91ORtrPfu*8T+S
zw3v2rd~E{#$}?>En{+4HRsB!)tkKF|mvWL!G~<ZLT-mu)_Cnv-fa+Bb+HEXliYyp`
z>iPAD%U3MH7hbgEWk5P)^(YqNduT}w^BVMj!FXg}Er>$B;Pd2RXZl`M8%$Pn>Z;Fd
zq%b7V`HpZhaEYD>`A2*aR3rZIsb@N(^5fn#apt%jcl11^$10$L^p}CJ1FHF36sG!q
z&FZ*lLctDiDJ{%>XgRVKOcgkfpzxKe5CE#IQkFXI9IaRb>ApJFSeJHsR4H~+Kh0gM
zu=q!7Gh;rFdy50D^hUu`qBTQFd8#3oU7^ltxWWss*_ej-LCD0QL)6wHF=O4XzK;){
z_tWMw-oxZQ6QIL*>-7F*4rZ#-+7Y4zBY=rof7l3u6$MUDJj(HZ_qspfhmd=Hq@m8B
z5)@|x$q&&@e9PB_wyqn5s4QT}Uk<n2dwBj7{RrhepDFe-Wvc2;7!o)RZFA-mHJx!y
zOSwQCzQijx>ackXm^W!J?Jt`d%Kr_*vq4!^WbbXXChjn1V$}&w6cKN`V&|D}W_a||
z|9$|4<JU!zPNiCBxDh{Z9Cz#60bx&??4vBp5GE|iwvJ@yV(%xu5?QqMEU>%+!T+3Z
zceRYKy2n(IG$q;KC(;i@*P+<k&5tsV6xIhg44ctNBcw~W0e+qAV5$vK%M=NR^fk(1
z_yXhoJ9p*DaOibQpW<S4G!MdO!t6e%Cho(&SC0z6l<?BtlnF2`K4OVrs;JBgDIfl`
zPAw_zvl^}#NE0o{CqnfoLoT;Hvq&+%zZbuGB&io-6fK+omUlL2S?OOcXbfPi{A?iW
zYSL%3Vfprb{gnq<KKGRj01EQp-MoDgeec=i@3Xt<3uZQ;*8ka$%UeKNu<}>HFhtg!
z;1gDcb?}sIz^(0sY7i|=IPx`Znn2ZA430JfIm}?e6nAjdyoKN;AKvR>m;daytcO~o
z=@zvXOq#=av;JD(Q8NT`3*e9e1d-yy%j`bJByvmXh_=Ve?8#eDSve#habwAcE%sDA
zy+!&HIL$o{NU^(<&5%HzK?`c(0B&;JIH5kCBz8C+F$DK+a%VfN#MUPMV9imrtv|np
z877R=DvP<v*c7NCaHYG5JD1fzFDiTMuJEl@Kw;)M(E!{p0N1+B>l=RXZ(1`I{G;M8
zyrUK3LN<wJOtBCJ2ZiyAX+RrcyR(UDpuK7SaJQSd4PsopsPZ-0GKWAdhwRGQx>hkG
zag_2Uj^j!Vbk1Rs=I2+l;ANA-mNhm*#)DFhLktoD%O6yOSf#N*ev_-okhR2dUHxoX
zr`m~Wx^Do0(_fYVucBIkz8Aqq%rwt-PO(Z)S?LWpK3OfzJ_y4uDRMBiih7}Au9NUV
zqjwzGLy>nDVZQ@iN&7(|;W;zsrs4XV;eNW>8ZXaW!}W#T-Kvj=m%gb{Gj%D^v?XPP
zCv&zb@T8=(DJFlqdMISUhJlrz(Po6vmzf5hZ|a+9R#hnj*@9D1rHSj$Z%m1GT|bGu
zJp`glV(B-aF-H9J5YbNih8Bf^&C5W}ds{wWRbie24M3(RebC%8B-Teg1+^u2-XM>#
z+Uw1bNO*-;m`>q5)Q6LJ?KISi6K^6-n{+7iTqa_4ak@>Lb=KU9RJ&R;s<<lcw!&PP
zC&!kb3+FQ?zH|<3=S|n#m(6PLD8QOrS!R2!-*9(QXmSFxfUg=yOmI?(?4K4uZCQwV
zp-W8t>MyI6Vt&G-`FJ5Nc*jE}uyS{TR~LjhKLkD8<23)_9#DyXs}LAS+9cbMtOrt>
z4gJjS2?pgfD|~v|M#P&IsFZ{2hGY?;dR31QqxlG0#Q^N#K8!H8c$@TtJNoX!_Q<S&
zygb&2eVl-$2jFDHSZ%J<v5K;af<R5`@Egxaqy7Z!ZH!M{Oh%PBwh$vre$(ThA?D|T
zaA4|ZqSN^4IWmn!nHSL$WQhS;!C0?$f6+h3AfMb%7NU$Vd(b1*GxYN_p+&}|0OMUc
z;;8~AAvcQ_L{a1(iQxA8-IN#=QKPM2gDHA?cL(9v=hC6V{R_XT97PU0#?(&geiE~I
zYk`Gaj37Xjl2XKK5g39xp{w&xwSS0)-lc<^(1|n<O-wLvSQZMWUeU?9P<&-W*S<Ev
zVX@>`D>x9E*}pg&4lcIYie2`LAyX|oCD#gEdBLe%w1%@8)+jBHq<-g{LmUUK?h+uI
zx80X4L9Q^EBY6tBpgIAD+RPmej2dX)-q>Sx8+AtOagzX!>*pI@J0T9o+TuW2i?_di
zQ2-#q4B9JE7-gB=cXQ9DC<^>LTlUXox!)`Ez_z3<P(b4Kz`1Ee-GS6M+ClWWF-={t
zql^XEww3!ADxCflIJCIG&eQ=U%5HxBUVpYLE6RcM<mvAQM&!EB(-8tbGWcevDt<(M
z_-CMu9&8S_I~D{Tnt+1{%U5n3Milfcd_1@ePA<Pm(`*NS$#8)y0IEgnMYrQ`$KS0(
zV+B<zIKC?(HzX*)Dmd2By(ZnWRJ6ez0`^8u(*@O%b`y4y89}Y(t~Ttk=Z|7?Y^|w}
z&ywL1H<lMPc^Ai&SJzx;B&odXF}jmd*3Q)xYqWT5yZ{O5H+60}_=tB|_R2VGx}Mpd
z`t|6?>j2j?UQlXm%5%-)iSDU&Ss~`c^i}T!>9KH_iKVha@kDsqA<+)q9q~{po_Av_
zmPv)dj2JH|g0B#FXy*5T(q_Ym39vtBdGW-eZ9He5B*R8zZ$GbT=@Opx(uGpC?{GaK
zIwSOd&7s|qLKl@Znd|F~?o~EihW2+_iA_!FVul{1rEq&JyJ4ibi`UQ_FvDqcgx+T+
z*3Ak_-W@Hq`+Rz}`<!Q>!oZ-55nE@cR}AbA-@F}TsO)sXfYsaw)ENMy<@fK7nladx
zD-?{m4$8_DJL;&X4xu}-D4B)ZbG{ASjY7rn5)_OF>dnR_X?wh)a|Osarb=y=4r_O!
z`t;+h!D<QQf1V5>{E9QyM`V&J{KLIwCNV^soClL5oXZYEnCUVGuo2$<T~Hmg%6JB9
z7IHz=%y-}Lqe|{aOCk;2uS+-aNPCwH5|pFBHnw6W&_~5P=mCK<e3xf4B^T|flHAvB
z-Me2BPp2!V5336cd7J_j;|*Yrb)lp5^{ocxlD|?jaz3aSc;)2W3iEAA;uuGkV6|pd
zL2YFdrab7WNEI;LSp6jeZRd|P1Fle^y;KKZE(h+aS8t!ZgQHvsdc2A<7UL60s7snQ
znwsgS|8|OCp2_Ib^R^|SrHB=D>(cJVZs7L|+%d9hxV=J2+Th?Gk5$Q7SjTGxy8Tf(
zRADPkxn@{?I{F@Q-NU3JlU!z~L&FTPmSL<G@L9(_bZ4zL>o6|_>QQF6Q@@?!Ggn-7
z`*g^epBm#3R^I+&V`|;~9rW58>e@%gLzufCmXMflUC8pES+Pr8{QrxlcZ|-Y>Dq>4
z+qN_DOl;e>Ik9cqn%K5&+qP}z{BqsT`~B_JYgKi1?ZSb*!Mo@ct+4V@psISG7F`Y^
z5)_U>RC1KMRIZh3Or-Tlwbx9)n46Mra*r~sr4tNv$n%yKZENfIm1-i#I%$XSe=i^6
zY)x2I#uHH2mou7V6k5utm)HG~R(mYR<I&8o<orW#{g*ULOEg?VhgKr=2)BF-b0Z|R
zpsS3;{oSTNNxf8OFgoN&1-c`97I(Z{8ysJ|SdV8ZhK=K4#j&Pxa&~|?E6l2L{^+X8
zAl>wL>)$L>*P27gs#(>mZ>rGa9LD=ilP~$9b|VG)5TE!n8c?4<1xpT(O{oXC%z^Ah
z>rzGX=%?-V!hL=W!KyjN_4`pIaD;Q>zSj;6LjEi!#+3jp&(o&KD@S!wbVC;!ZT}ph
zw^W7@vv9++!7x_(7xOw+<?A^TK@q^{$lyQ}X%DPUD#@@eW?h#tl_rAnb=@`G#};Ih
z*)Po!0#tx+?AIiZ>96_eM$~Lw-KFqcsa)$%gP*OV^47Q%j<@E$=Dke@Eo+wuu*a<+
zimP)ow-3af8a`F{<ecs}D}-0-+(_F?7RukRtcU)p9A`k^o|5WWX7pX_<s`|2H7vk<
zIC(_Pb;t2ODFuRXvP+@M(~||cKV^2xlm2mstrJgO7LO6hUv~pWJ}K;}Mk7}~U1`LJ
zCh(%Rqjd_#0$!ju3=H9YjP|{CZiOQpf++1!t2k9LCuO!;!TVP#RJtpSfxYUxi;|ub
za%A9D(~AC&<aMhWo^wj2789RI`mweit{@5fUd1Yi<~5$8<WYE4b#0qR1uL{o*@j%2
z`kKSK&E%ODx7~EOc8)#ZKK76RopMw|v1M~s7W#k_Q8*~!iFp`BJ13pg=gJy@S{wxc
zeK^xoNq#(i8;nNT1^Eb2`#;ElXHjlJ*Id5_j(k0u%xf-X#s+)Wj(eE*I0cBsmIkS<
zd^9{%y8WiJu6BG89|2bQY|fk%3de`$1E4nkS&*Io$@g{m#V~NN(69{fC7l_500@^w
zE^zosj#iwCfcSukP0$^k?3g0fC#*X4rPka%(rHbvqAbtMEE-;683jl(<;F%5Noqc*
zx<~=sPBQg??O~NDt*4oKHi=Tj7aN;@OH~zq#bl4)^XUt;7$W56zux>1(#D@JyQNb<
zRjW(1&mo8YB0hOjhN=Y=ly8;o|H8MzRbx*2EOK@ZjRCPIIw3d*{}m>=Hp`qp-M|a}
z%dLVTXDt>DnCrIPDc2+MU64(`&r}gr0#OP0nzRsgF#7KGv+1bISng%#n6wb~$!FNW
zou!#tyoZ-avM#bx!p!{H@02_pJdR}cO^)#tUe@EwrYA92f<y-D^-&OcHFD?WuLzOC
z&(9xC6}A}1)*-5Il$5V#$`UWd3csf)3qy0v(VfIjV33(&4F2ni9&HCXbW;A=BaIM8
z^6l%DF!@tfZgU$@n|@Npd<Ai&Xww{Ts|v>*yhv7`qu_y(uKb%zKw^Me5=UCGo>tl`
zxC8-E<3a2618p0#i{JjR;Tk<hfK0b;&~Mv@H#cxP9K|IUYD5(m{x0kVWr%=)OHiqD
zOw(m3DxY4045AmjsJxLNv>$AZ`v;E*l`otb0@ecydwNDWIn=ooe1q-@?Sp-Qm;&i`
z3$%D8$rXk|I}EX1%yW5NAdmefExaCD>L^V}^B#_$St@%dg1nRViq0aUXVWQ`B^ru!
zRZCS+8;Y!Owav$Ly4I`R!J1bcG24Zi!#+Mg&YYzLwIh)%Uto53S7DEV<A)%KKY1bp
zs_Wo_WT*yTh4sA?q`>?CAql0)-{GL6Y25ml(PK#&{Fjr*a3834$Y7XGqExwYa!W<r
zyshrE21hM_5J3>9;%4&9b|fqRA0%Or8pDz2z7z-S6ueJvpP-Wk#ojf$&o%JP5$1(q
zdi%h^&cngMxdy5~nMBes#u_~`_J{bB@{+h&A8%?B&KEU8(B!S=PYn$x{|_QWfJZ(9
zh>3~SeCvrXd8Hzu%u-F0kh*x-Sy<D=)+1_?q$ysIRMsM{O7UOh_o(_M4?fQC{@F-<
zww2sZ|EWP1%W|=TL;R?LFW%iTPiov%$}Y%S3UNG5I{Ss}G3%NS9MMC|C21i}OX@^=
zRlK5jSgg>{lYKMf<&1wh4??-+aFsscNY4L8p+$1>{U*hdl|~Wl0K=IYQqF0g@G8Fd
zbG16qRkgWgp)Kj`>{ohac%sKXqrflw^Y4fk=g!8Lh`ya9>8C_=w~s<|MX^_mmBzks
z&V&#!xLyH%h5P_!Ugo{Jo(YyJUT`dd7AMlkh*<hTZvrUt3~g(9ji81cI1^T|MuH*f
z%afH^sLI~WeOU!S$i$tl37(1*fc>0!0vIu?0_>P(TR!&~issVYb7<@(W<oeZ)vj+F
zSig<0bVRBT74b5yqw`#*8gEITY&7EcR*<b9qRo)dxxIejS6vP&r2;PQWo`in1&M`U
zCxyP7**^|>iwr=|ic?=4+p;fZF#oZLMX1DFF0HSvX;J^btviF5c{tPJR(jsX@F(KB
z<|S_{=AJhGmS2jhEl!2TZhZ^xTRJ*O8+gFI|EMEw9$GPnA4P!e!&DK2q~fF8@UVt7
ziVx^BTfersU&OI7GN8R&^+~`8O@q4<`RC-FT%O47h5p8MNI>dKdI>ghd837@t(O~%
zYd}D73%@Z>-6WLD6QqIFpOY+Ekzo=)Q&#@1e-vh+W>@f}aTT$sFyI}uyUV^7YfOWI
zpOn9ROz*6V9^U_*)KidNE!Wb*In;M`bweyd6&Uo((MGzyWfi_h3C(Rb-ps#ljru=D
zk>L}oe~0>yqG(3KL@!;}JVUWmCP?LSQiG9HQ$hnHXSND0k9!Jg6k5klXu{?z)4Wo2
zBYJqgr2ZS=M>T@*2(llcL+O|s3eyY>{tlSC{Z$6YA;@Za`H{@jJpxj}r&Uec3nHZv
z2_dq+iYzkVnzWH$Nb)hNatinPShQw00(#5@-m_gGn}>B9rA7%{BJh|qiFZVj(tE>C
zWsW?3r7wec;S-mtocL%S``KNC2_<O{sqs5~Mnn#h+z1?M2JpDzEpxuzbcrb?Xgme$
zEaig=%hQAN-W3ax)q;1_F->n99^2|k0}EW&3fcv6FS25>pBJ*Acm6D<mqzbTQ%$LI
zJxi^8FK)RwfTnluRL>*)$zfa8^EoHEJ>A3w`j8RnUO0D*=9PNtiHb!R@;y?@1!QHz
z|5&;q1`H~GxW2JkK+5B44huT%AWj=Fr%+;KsVvU;r+5#@keOnerLrWE@e8yp1)2<z
z7-4vKj$k+9%XM28EUgQNf?G}?LW$#I_yZGuMP@ra-vVcLH_Og+{8UmnJswDsk3IV^
z@8fNc^q%_DtJuZ;7bfbF#tt|G_vB>GJ;XO=6O-DSnaQzcibwn)i%tCU7m3ZM>#7__
zvAc=r=(ppVUnzUgq59{o;SaP?9X%Ky`G%m_%HKhLODVFeMR^1nMc^8j1isECI=(^K
z+`j2_)~`isJ#8O&m@bByC7S{DxGGg}ej?&>9zLD)u-p00Vfe_yCFguvgiW=xDZ7ZX
z@z?Q>W`o6;&5X~E9puHIbYm5?m^{Qp%C$YlAmJ1KnTz)@`$LyrDfce}L?@>w*;loo
zL!W&D2&G(oB-UB|N!|Fa%_UP}q4r@6nI^AaZI2qLempbeCC*28QxoQ-d7%hscLwOW
zRUXdIzR53ucaKttmmd+!oCNdt&1K<#lw8Bomv3F`@}cQ706uHxujDc9r5PjRd8$*a
zwJ<gVkCTVqT8#El{DQ}R3%kQa<IQsKHxG}>Q4j2zlQ5ApZ7Gn*y)UEmIN;!CMNs{=
z-M5hcW|)g}bTZG1xsT4HerDxb;V0GR$>02IosZO}yTAQv&HOAA)@R<!>>TFO=`cd8
z<hZ(aM^pBz(PMy~x9NzFE2vt^%cay7_4FO}(l-XfzX%6y2tbfS{(~p%J~mGMq_3rv
z`ldW|wJ5WOv5a^ng34#~o-LAiPcf{ft(~6TqIMv@Nx375z4V)T5ug-Z!^fWIe8IQ#
zC@j#jJw9OihU46lebz{>OEARbh<na2YT%}o8=gWS7odAtk>)6g>3cwdAGK7S6iwzl
z$z?e;9`aF!<#0pj_PIJgmK-F-wSVPC{w@x?n83WPr)+3@@_8PGavI*hVaMhA%xl=`
zV0;-qf?%@sykots>;*in4BXOentvZ`^pkw^;r*j{^958!1GYvN$N)Pak!)y|)jYB0
zvt(rq@ehr^9HSqWQ?lrdN}!K#zZe(sJ#lscWlgD#Fc=Sj!7oIyuZ4q!6oBpio68#@
zX*6vo<;^zsEt1-t1CZ$R^QsXdadypD>KK4k`u^vM=XXQ=3GN<10_QI_Koz^^Urfrw
zP45B_pvQM8#U8N#iTIT$kN`l0u>PKj=Dx2MZ*%K=yC|}H|3;6jG4F~}xnf)0L+MXT
zNH=ag@A6KMm1{Ne7s~+^<jBAG8Ee_JkM51f)}HUx3ruy)A-3tcz=9FkwC}jjNZclj
zdd>2ltpX<2V2kJHCj62@)sjP{Zase#siX{@1lcFeX;|_=4^2MLnZ6|_-X1@zh(UAX
zDAPTW`#G^i<}h*qUs?8C$iCHm2Sz!~uY7r1g_S#%YO1lWgvWtQk$B^qVnoh1uB=wm
zI$-0zeW+D&w)i;9E~r%$d+W)8zULfX&|U!`&%S(rR+!^Am!S}{301qlO9(_KxlN$l
zdnLf%ghZSaP7vNdIq&@i0X=>HDHSV!&S&n2vSY?!$+*RFgr{#)qnGrs6IIqNds(5>
zr5iqk<m!yMB*r-@t>IN5zcb`0R&yHn%_{asG7?pxO!#DOefR0vfL3k+?3@-4J=TYB
zE>FG!DRh7>dH}gi#TVbzPrCr|(=M^xOj=NwHvppr02?k=^SdYhWa9`B@=J@jR)-jA
zT8I`pdsitLkf|hH?CmwK4XJ(#h;IZS&P>N>0eYgj!_$VmI;4zJU;iXv{6_bx!2>El
zeQotqaOFG`{M*N#5&U8?NMFLjmQ^;<x_VDLu%6k{Z1;cx<Qo@nBRu_+54>8D%uwLU
zrDKeYoT~$kA}!Ic$!hOI6V`HBiXjC0*f&n0!qxjm&ijjjfboWu9_`D9=*Fq65pa`}
zRs0MPGqe7VjpmlfbBztTxqQU;&|OmDaYvEI9B*&F3e@4F_%!r%a2Hb`%EVmyW1TgD
zC$bIdPyi3$!Eq6qk3`lPFGk8T9;PYtA^)-FLz`<ZucSa5wp4?%kj(9`lp!zd-%B0|
zH`}biQ|%2BZ*#o5xi>-b^KV93F)DRxzDFt&+LMW~T44!ypyXnO{9IDnU1W?>W==9S
z0Tk#?%Mi7r->xoB|F{8Xge}iMqxJk1%eyD#_^PhPGw=CG-w@P%6h-{Zf1+4z--`qZ
zj;{BE<nP)?d=_DKro1S*@)!GdTMtZ13!q)>))N?OGBpwC-HeY32izTwH_?Uvu{n?l
zXn5*>ZL#EveiS9Ou8od%niRECFQ4nJneKz!CmkyltX^L-Vn5<OUFU+2Gi|CXMrk{F
zsdxWd7^#;WfRPN2?Mg`*WI_S9!9#9sp{q;Iu|MXy`p3Soq{9cNJLJu`82`U-NQnU8
z;}N!e>*2a<e(UuDF0@=TP!Lq!YzFoVyGI#8h)_h2YyNCW=9orZv}bfr{xZf{P;{sc
zl4i<IT|Eio<(HcPd1#O?C%-t+?3XkmxnX>d4vCw*nJ-O)SxbvTDh%@>dl>~ld!FLq
z@$!3!pM2-Zn)zbwpjzzC+K+CYgla2m+f@JBT0jGvuo(qqh#Ibdq}62jn3Gvqf={Zl
zZgStS1jos<IL~DrOI8AH$Q^n+<NPV*vjUiW^SOhz^Z$1B`Yk;KK-~C@&2(Qr0O$>P
z10??CTXeD@PNonh|DmWS`6KXsnC+6rbRG(N(d()|lcycn%PTbfFF(^0?-O5vTlXJm
zp6|s>ez{@fvtOf`ubdR`nq^aZQ9tTsQbK0Q$MCOB^4?DiGHpYHAtY1QN0`49(2aK=
z0u?uNf@7tB-ZpU!O<W+E=1f(YB=ov+^F%g4F5ZKo_mer{fW%+k#4bBlbNsHj=fZ5E
z{RbBgJ5dpJ3hduvuKeSKQznfny)0ST7XGjje);2(?ieb*3QC|mTdFm*t&(R|Y}YTh
zGc9_Tp97S{bq))ZV|GmB{J(vF<X4F=z64EoJ(=!>--Ps(>0pz|>9IB+_(&|N)Dx-;
zz&%Wvf4d(5|MFULm=0ERf?COxc*dmVRMj|J0%eO@LAcHo+3I+(1+Jw@z4v>@sI+2F
zb!3T;c&ZwmK^3Yd^w*;@3D&h2ta&Gs5Jk))IyGWt5KDqKU4K+aST}|__NVTU=PTT4
z@~8Puch!;HgYnPBr~g3T5~lDWi80$C^@E0k@~ge*ZoCEt5nqHtto~(o39_>?QOECK
z-nlWs+NC1{^%4O+E|Vw75sv?%VG~MYpbwv!Gb3n{{g1uo|FjZx`x{!w_ce^f0~zSk
zL%5y+&ayYYc7*4}kLYm$<|nt=>VkjXL-2f(W73>p(>(n_v(9b5Pi(1!ng~8flL$LP
z%p1BY_8ZSi;05g+6)by)!0)8{5bW8qo>jn-d5X%V$1DDbP7jkiFtLzGZR13%>)VDp
zLx1>8a43H;Uw@H89LguulP3bCKj=~8RBH4A#(`a8&+g9)Hw&&*IfMZdZh(*}3l+vk
zNeule2N3?6^_`ekDBbpHcQ{{%|Le;Hz-jkiVmcL)T2^7+t}o{aKY_XTm2iicIHjT4
z+Sxlw0QN?$aKA;{nYaA6Vp)HB`6d@8;fVPQDDPP22|_O{^z+b7nHHH*$B`d+vuDQE
z?;n8St`W0mBqQ}kr{U8CIV$Z}p#sv(e~KQ%KL@D`C(!~%s6}kHR#^;P(bO$mW9x}Y
zebnm;hu4%i2?b-oav8`nfm)b**!GZ8W9!#R`DX*6eNgu1oNgkUxH7ZYys27e1<13&
zLx`(FsE3x#Es(uQjMX~A2MjwpI>UO}U7o02VS_cC*6Bad-08+=_PL(0#!xtQhDnTL
zbYz?k>r31-6WE&wfpaSIj|Toe*n^g=&>4mM=cbJn)aePqmlL><m{^d=12imMRS?pv
z0Jil*QxkJi1kx38M~58xyFF+ezP<^j2QR^Ai3ISpX<NQM(5y52x6VF{7QC{FC~B%f
zmG$2Tfa`S+>)3Ui!%KFHyS0n@RPW!kP^YdO`Sb3jJb#B(&Fydy)Z%s6WRt9zxeHOy
z5rq$gnub6nISF?A4z)YPODSvb5NufA=xvxam6U&p-4GxSYy?PQ1;8BeCA{r~PzL@~
zQ=j67)-5e@4c5}SSPdXe9JDmuWrjeGkamQ;ha}Ht3z+tX_7qR~Iv_G3kM9{l@*JJ=
zdkecY9_KpAUAXx*lcTSS<4A?zHg*Y}eA09M4hW2r%=C-=^o2ANllZt<lehrX#h0wV
zGgyIdt-seCyk$gAA}}Qyl#~-UKbQV$Sf~bS48nFLPm<DfpK_rwIsSt9+ZlhAGW}JZ
zLaXX$NZw#Amu{UHCDbpDYuyk@F5N7HWlh>p^;8avAhyb9ys+9)jr#GHv&;ZA90USU
zi<sSmXS4$z8pb7x7D%rL1{L)J0Br>uEC=@cM-7~H(RTAg#b!6?)~vk63S&b$-2U_D
z>w_A$1L-B_t(U6M`SP^D=7~-It%P0T@F1S}fPT2}fOYK2syuNU2S3gvnZ0#i4p+Fv
z$y-)Z{Y@D?K#ty<{{UE6ID7-#>CavRSnrh=0FrpxzmE-9XoA-y_Y`^TX2*Cu1O25D
z6WP5T|ECKmOKhRHBhEn1A^u9V|4;FMhMA(b4~xiRVeli5DaU0v|L2HKVArJFuvZmC
zl;<(xKjzq*QJ`{^W+%0H2gV&&Q0+AnRPMI5-~^|xA)s5b!!KoxYZS?$i?W00T6yR_
zH~uk&`rO<pzuva}sm<^(98UnHc08bU%rD2<O5vN8MmYU)UV@6VrfckeU5KZiu?=8o
z0^CwRLSIA(<b|HHl*sR?lD`%#e%X#a^z5zW{)a+R_B}5}=|w`{j6wG(pwg?mqS@q?
z@^ijt^<exPJTaPmV_QyExs<AD&?wuAFev*di-VQ2Mw&8-MDk`t9w;ki@xfB)@L1Fc
zuWP7@6X&8XOcYA;Pt3&1&;C1+5l3~PP6BG;hWO4=i#-Sv9uP$+d|KufivhX&2Kor*
zot!TdewE5lU*1V6^hpQw2`ySOGU|Hym+wNnu&zMP{kz5+f%g6zP>}}6!9z^^)*JB2
z1X#1kiT=|2n?=6=c4-?zR2l7`gaCZF5E}_}RHdWD@ax5FbcpN5RCEH>>zaZefxw7T
z`t@1c69Q{aNobmkXiPblBWzevI;21Lf3~XVJ2Qp3fhe=(=5LIz)3v9|JVTS=aE(B;
z0U}{oh*$iMJwqBW{>K?X>c6{2Ix-YaXLg)oSx}YqPArJV^V76eHnhL{P?i#9)(m^p
zqp(U9=y>WRbr@r&)87T70+uU4gUsoZ0sJFQCgiBJe$6?u(RK7Pxx#EJR%;e=sY!YX
z`<6?cfyc7+o)+djd9`fsJ^y(P@{<oY)U%WB^$i=)KJwt#i{#Nd{$ljamM6Mt4JuS-
z7>-c;WM>As!1O+hmY9yW9RZP~&$)Mw@rNW)v7$Q;osI7!pZ11S5J-Is2au*-kkMqq
zSeig`6ro7?PO=0{^F(|=Yd{r+5BvN^l~~ppH`|Yuen|3w_2bKlMvC?qH%oxTPWS)G
z)l3x{u_SI&fgMgF6XkWx09$1v#ka%tW$e(wy-vOBzPUiw&(q~fPtDqvnr^)y+WYOf
zVfi+kegDzp*J{gH@W6jcz&E`mVZo*U1M@x_$2|f#Ijz5XSnn%q0TU!)|Ag`lb?EKH
z+}}S{+Os@HB-&J~t??+2Xx8B^x=hUehI~arhINU{uh}}FZ#v{ER`$Rc-agp!O6OvD
zs=>Fx*{!WXKlJNAT<?ct3#cf3ER}CmKWS1<JovuZ!e8hi0|*h6UVITDDXRcCrr9QD
zSWVR(pI8E`!1Ovhe(Ir8uBlpzsvJ}_&g_N4gD7wbtWwyqsCVNh6rYr)p3zVw7zAk8
zzoc3gVfRK@!Q96sSm6*T(Ip$oc)8~L<d_c>!-iLCLODn%5CQ*MOB~F7zuy1Ptg%#H
z&g*o!<(mAabAt7^h|fTMZ6R$zcKp{ow{8~9xGFGmE%l^IB}}<#PDQ!b%Bp|mZ*3(3
z7Mn@-dtYMN{pv&$q)JZFt_pOe40{4&f2!sf$~(avj(pz7{6He0{Tno$TcXSv%-#zL
z&DvBMf(PmB?c_$x61(K%t^pyV2;_tlM`-=8FJmx^w+5Dqz;t#Es-^iq9!pD++}&}V
zMfA<TRKqZNtHoVro$KTga$N<c=*aI}MPNjM2aDK}lZ599V)q>ji<(kjN5Jf+<Fqp3
zOZPL7<HzKJrimD4LZqW-zsQ0fVLkY_IZA;fmc@bc!$@;*Nu@Zp%dG~9R16FdXEUW#
z9&|1R%N{@G*-Zi~#Y7Bq-ibf511IH*CP$BOB(T$Zyy{k!T`qPfXz*oTY>#YAUWTQ`
zz)dD0o`F4km<GQiI@5oEHoKUuqD^?4vOF98puA8j0N^-G)HQ2Jms&vwQgK9I8I;($
z1kA+#Uu8?OhC7NS>LfRWvI*TeaaO+;$F&KOt)8=EEQW(urbT7RCkU749JQ8XZIh5i
z$vw(gz?39n%vV#z=V-F$HbH4ZY2NCyy1_bt+WfPs4Oilc<hz>2nSzK_AQR;fC8M!h
ztz^h+_sPNzdUCzdY`{1;E7dj!CO$YmLlhE5XuTp{6|4lhT$242Sig&kfttC6Gud9k
zn2T9!R~V+yvLHEVZ7_{V*4*51k&ot}$l$j>VtijR8_YfmLcBsXX9<-}CGQ9oa0lzj
z=>IzQzP{A(tgJ41*oB3Urc63u=sP?=3O49n6D#|e{l`NAoeozO*(N9j+<ni{i;2L9
z@Iiz_W&};uBl_D}SFNovS7p&zW-7mqA5i%RBa6DwW~5buyjzqj!*`lV<T{fBePS-1
z#P!<1_ughd@%CwBW;A^w%NxseRDz$IS>qF)ZhV7bpUNwWf3;gX!R>&H>1p(9bz=rt
zBuWHf;`l6pK@xR}8;1{wj2~^BXO#;8#4Y}JrjIhXfK%=J%Zfs{L!AEKy7d0bt4;H@
zHVgByh$FuIZ_&nK<DWzm?mg0nJQACBB*<B7iFLf|>Vo(pk97zzYrmthI`$;pu`AZC
z==hi1|LL?r+Z&5tP~<|jrw*F^>o@mI{b(yM9k(s{%iy#ez!+UP@08|zZrU{^$biU?
zI)FufsQkJL%~=7T1YQO`IJn;<O@!&IhTaD@DC$HK5x(g?C`7GTGqhd_UqfKYS*S;h
zHvFQ7%LG~wo>!k3vM!$fJKvdcVKybJ0%<&Tc(AZ2w!9WwtmS#kYy1PSB>6>@Ljt&I
zQ2q|>v&aN^v&cCEdK4|NyP+w2mgcdkT+_rROPpgt_{X7TwKNus%IqDdeclI&Otlma
z%GSC=5|eQaG@J~J5KPql&z;P}+sqGi>ZK2y+Y_4eYPJJaz|GLVYqT|RW&n1Ze6q*B
z1ka&j|I1x~0!Rg`0|n6!eq@7lH)>#a_@mYJd%MDrM?nmbHObikQDfggKQX*RIli)H
zhlNzZUTM}>dedr?%R#ep+(Fwl#L5?0Os`wFPKEU{;Hm~qIOeKWB-R&FHy-5%*3Ku0
z_%8b!>drNoG#)~MFc{ap(}Ql|q$s|wheELbhrP*f{563)FX4t>NUo^#GCCuRYr39*
z>ElEXAMdn}`W4@QhsCvAL~e4-sY>g}Rpki%;q1DU7m#4I8}o7vYHzaWVm|l$6xmOZ
z9)MjQ5u?lyfTYfJjyDgzUxX7A5mKelA1>7Cc>5!#LPLc8QU_0i`DD>xx{+*FHa9q9
z7yKBqbcmWDgLJ2dVqzA5#rvzpXOZ*7oBZVKE$5kR%^&|mwdAw|Zd&=wp8zu4w1a?=
z0Rs<aE+(3Fy2_*vuAV1EIXBq&ksG$uRL86j1eP!OOYnOBKX&&kqiuSMrM|Qz^~``3
zaNI+HnOTX&w=eVGw;x~o(wlF}Qi0~UUnW+r?Mk*XK-i!xnUe`|uKN&kf@Be%V>=-!
zz7CBUVqvh|3?Uf!9ejonGYn(j=nvcEI=l&`riKb<N;Hn53GVNE4X{+?RWw~Bv~|k-
z!?Pia1?&CIShk4#Q<!vC+qGl&wjq6sQ#V66yI<dkK-y?8YVrUn&KZ3UVGv1PF(%D<
zm|G2S^JJmHBt3M*V`+uoap!6l0TD}8(fv>Y5vO7fv7b41NuG>%?Y|T`W-X0Ix>nbU
zCl5+^2K}cB%lRX)CM^(rXd(;YDoWg3SO{b9%w{<zP4&i(kP%1O{}Id94RE4!RhR3K
zj_uX)L02V}A)XY?17ilXh??;2N9xVD{R&nd?|2zeAF6`U$u%_nJpqwpW1DxOIJo*B
z|08dbmS{2^jsA_%vF92Ag2>6d;2MPnn;|!+Lwp`k_s73ux9i7KUcan)5mF2tS}b1t
zyJ_|>=hz@K^SIhP4+^ngvp5V&x{1ne-viCPVcQ`zYEcasvuCxWAr4I8QGOXr@f(p^
zzj9=j*PIIY$X|Whz0@Rr6)<h|#fjzyMKh8-6)Nb8-E8P*xdEi{aj`a5;+*9RO-+!c
zM0b^Uo${$l`_a^}B~ELWc}4Da$r}g%)a*5s=klWGod3CD7KeBbW*^!SoHJhl*a)$*
zKkhIy%CF_`hVYYgidSez2A;#fR086c2Oy`Etv?&kvHdmSp`5v--z`0e@AIag(nm0O
ziETFl4=cSx2rayfgHt22*#=M^eP{>>48P1ohn6_c3A!S74gD+wT1l#P)0~0jnFXKD
z&-Yqk;6X4^4<Fv$%&BNWk^Wj05p0PY%}XlbvJotU8Ise<2+gkFki+dld8Qc+dSI&E
zG&(10kl$fR6Mx`preWwgI1Gq*=C;&KeC<FN8j7%IZO~=@ebne_ESS6kcB9XdIr<}r
zV+vQ0dYWT^yw-$8L4k(uR6V7ax?+pvhvtuMDjkL1nlQ|gTLkpuvBDFiHUy4Wla8e6
zO&1)0@-8YaeH|`ID~shBqlW1)`&wmn{d~@G_|Y`@&jDwo0=^b}<^isDF3ax#n?sGz
z&l%o~scy-2wCA5Ob9DcEQxoSe`&oWAut>g;^@X&LWr*m+D;wW@jKzgu2W?niNA1O*
zkXY2~_rtUs$fn1=wWW;>-l?&v!RhZ9T7{f|C$U38`>b9Ja;zovwD171FM2|??@A(+
z%=4r3pZLUwec@$gV>G{fNfF6|0#_98RyRI=4-*)M(i<-z`!AY=@;!d*4+6a9tXXWa
zzcE2-`WQc_Ftgo=<%*iOlAp`&jH>|D_onKmCFaG^f^RudKZ1KW$SS~(I{1g|cZeyS
z0ixue;&l5*LKt<tnmFzal;z1TP}%YV=Y^&?vv~}?isnv$bgzSNYvk)dWUY(GM`WSW
zxGl7^<q6^SJANF@4SSUI&mql72%u>PwC8;r1W9ihjmjTLVb_50>Dj~9#>SRC&-@0v
zm8=2#u5X9I)-RHJ<3fg!F9|^N_~KFEJ16v3<Ia?Y7vVc8_q<Ce>L)sjj1zn4?aBAJ
zYE=6oWD9ol;&XbZQTs9g=y`$r#8;F)hU@fvNV$6Yp9N#*!T_^RNF^qL?>QT|&IzGN
zwfEWQYb3N~h0Rmxbd&I!<JFGAy&NDEEBD>h!uG;+5@zqxn!4X(wSvgJ3^>wb;Qjo3
zPSx|hp4t>$SMUA~9We_$7<}jBwfgd9d*B95RXUZ66Ql6N%%)T}Dm&&>LYHDGHl|oQ
zbnj&sv4bFaKzvmx*_`vZC4J^*6a;FgcL3*#=d8~?+uq)8Fxy>7-Y4U)c*@-Y;5+rz
z@?E-qm~HjxJ!kWHLeL9ebydGJyc+*;-Rt)wegByFDbUTu$Nf*AH!HRfc|_AK^dE^6
zd!XPBpK(1`=yG`=%s8(f9RF@U5VX#)233%ha}p{LPb_x;hmbO}>>~#e9I)9md-~Y}
zywz>g+71YH%R)D4H#mU?5oQ#|a<O3zZ1r3eH<6v$o{a+@J|{uIH}@&$qDuUr>wGXn
z$6sX%VX6vSgAo<VI>g~ye|i4l-B^wT{plnQND0T-$g)S9gacEp5c-;(T3vQuO;tap
zyxo}X0;zpRNp8fsmvKB#SE8MZPW8PTT1j4pYXs$*Qyz~A{1*i6sWoM<_yd_XEH7Yo
zL*3nPbkID~---3$AG`0iwo?dkCixJ3TVKc>0*}CRQKmpSf;JfjyWe4BA7n^P8y@bI
zSYD=(Ly#Sz^=kV?=f~ZBN<g|1C6!Kl(+*l~c4l>Xi#LV?Wjj@@g*f8C?T-ZT55-<-
z{~in+=0hv;sEAfyyOJY+H%ofV<<Qv2FCzWeMc43&x~HirQWJ#Zi4kfKAzbHcJt$LZ
zb<cT<XvSz9+-KVcGzeH`2hr+5%1|^gLd5@|0$nT8hq&rT#h+xv2>Ajlvxj8bRf7iw
zoRWcR>#~Tfr&+Z~7b7E5dBhoE*UT7?kV0jQP;2>58mAgFjO+dWm6yaPJ9#NG<_Vnc
z7^1T@R2%wJ2}lIiA^|}R>H|Rhl|l{+!7EsOI51yMsyr&(f_SA{lDT{^JPVpX8>wlw
zOP<N4L`(ywssJ9I%rCBsVBma$f1rLVM6J2VZFNlL+3lPA-d}8d-8PR@6lGx99Nt-n
z#P|yg^mtbxWuDbT!I5HpKAu%%tFto&#%Woerj?*u4C9)|E}Huh$h*2U++R!>*^hu!
zpP)4%qi~OwWbdK{({{V(YHBlVZ%2j-Pl)h&P@6OEnZ&wz1gUTxT9wF&GBu{D{2Faf
zOsFIU5j&8}gy&MU_Zlp3JqShq-j5tq(WoM^5LyC$5qiNBi?N|G&fyYat_z-+R>IN=
zJGef68tSt$B9M)kgx^*9p6rk8uW(%0xWEy0I3gub%M{ATFuuCw4w75!dv`=A@5w0P
zu<R{Ni7V0|uevjm7%=lQJctAt5VE>X!O48+s8>tOc9u)n>%Uz>^v5A$S~Y}>9-Xjr
zT@9B5m-LEhWc+Q4#71uWpfoUHJ9#wZU$wadOS#6>G^s0=e!>0V-b_-%x!jsi#gpK;
z?NVtuMLb%+NfhSiEM4<@#yDCJoMNt@J$JLzJH3$gAw72AM<S(w9SQLKz|#Y<v!yxQ
z&?0~8RVzbQH1HX^lTdVU_jl8VWagD-B5h8Zh-R8gPu64X8xuew&<&$(lC$67vxB)}
zoT&5|nbk?pRhJWZx1%!NT(aD9jlJawK`Z@}ks2fTDf@=Q!JaN(7cO>xA{P`v+>RPl
zWwyuvvPJ>il-*x$m=JDI2JBGS)jKO&soPpE27BAWxJj3&o*Xt-sPQF{U=!i+Gy(>^
zlB-?!6kqudXby!Pj#3dK@hqj_$<ypG2JJj!KqIUU{J`7=vue3S<Y{TN%TR4$!bnt`
zTNem5-PN2$FlH)b;n)+h7wQH)T}ht-NJm5H!e2T7#@&WOMntb+jOM+Ycbq1dTuRd>
zAnXvSbPrQMsx$}=Ofa0>XaiFp7c7;7z(R82eJPKaBXc$g#^g6F@OzJ~&leJnKX5)A
zOLh?%65p_ykOzyhfwI)@*eFet=Qxs202JM{PwrcLQ^S08=FetsKdPXXNj9jJUbgzT
z=vq*kq>47GqkUnyPwOlA>Gjv`;p#?Jxk8(&33>_TL7kheIM#=syjoW}2?JCMsN{xk
z5NvX*>|2)nVMiE=8XOK9XT7|9>1^mPnMGA0p`cXjTw?;8!%&afGSV<rjmliaSu=K6
z?lK2Ky90p}-2xm<KE{S}W}u;NB^r&8<-gvn8we=!pG4&s6?{yFyTC%ksMPi+G3JmU
zggoamS!BVl#O;Quw#qLxPw@G!^+u3}T4b6JwMavf*V7#70`#gGEl82Px#O4QA?mkD
zKdHEA`0DdbsxHfuGX#iTzrj9oZjx9$lSbK@zD=>YWs9t(qe)FIcPhnbwY6M(&1+X7
zUDp#zk{u_=MOZ6EnhA``tRNj}=<J9Sq3!z<7$$eSHWk2wm?|~O4)buvFyTI*5pJo;
zAHrAtOS2^;)5k4LAL6-Z-NHQ*vx%QErO`JLU8nBuX0wijcMNE#G!y!^e)3a%<GYo;
zaJf=I+{oIvC{vdFgLHLx3CpeE#EAdQa>3}{-~)<Px|ANs8ahBbGcg&~!&GV9O%x*{
zWdWjuoKrQEJ}p?)3EN6owIvx&k1vIgU1V6o6(}X^CRWbkI)C|aeL5R9^!y`EnV&q`
zyuiIC%x>fF070uTO^QQTkP)O|iQZqwpIn^P^9Y!qImncMCk>czW!oM0=T&k^p)RDq
zkH>v~jlzJ|ecv%Iq#*O#OwVt{o_12CY^E+Nm9(}^*CZC{u8WkK=nWENLt}$s3Jg>Q
z<3Zf?=KqYJ^*oAjG81(mm-e{VKI)P;T@(edNrlk7QQd$f6bDw4f|-;`5Tb8u^eY*L
zOUR|3bA(B@U1fuQoli?blK|^V-jS#s=&}tm$X42$h|GocKQILP=n+4sHuU_X_XjdN
zU4ay)c2Teqd!$h=(KS?f9TkWYXlHEhdE{7x#bCYPcw*Q+(s8<}Rmi<+?pvu@-m_&;
zkep6ZX&fQ=*Wv9y1_cu?J#5qvm#iQ?Zc%4mgzr?`;e&M1A*!6umdR3`@(vX|l!~AU
zNB+m5P5JdJW~XS*Sf_UsZb&9oGZs-MU(+-**6@kQn~Io?(EWI+t2#;bxNFE*_>Kwr
zQphf;uud1pZmBS-7LLM2VDMx$X9HvZR$qxTY>`tmd{X#?Q{o^?i0ZtZw}Xp~3qwTd
zm<!HM4L>dn#RIOtralCffXO*Jm=-e4?Sz<~R|~ChM>Gkn+Xo%*DB9uO33UJuo~R+l
zt9N2B1t(VM<^8L+rS3{ofwCW%4UbV3cx<7rNJQOju(|V}G9UA}aDBhiJXN6U9MPs7
z3`Yi)g|lmPlt2Gv*b<ZC-$63`m^du);gjhuq$E+!anh`c9;v1vM=H9Te`%tQYfAuJ
z#H<e%sHsBV`L@t+mKPkuaO2i!IK+F8T|sjjw7Rwt#9mU6pR3Jz;p#)-o${I9w;*L0
z@OxpOW(J0d{Ah_~&Sgb|lRwYh(0g#AM57+O9C`mGxkf#WE!H7K%#e#+x**pk3a&H#
zX2%R;QGl(vtOQlIKA{Ih{XdQaia0@|pyFF#+E9P-hOkTOeVuN2SsVZ0XFO5dfHEvc
zsmN$NBrid;Sx`d)|Im?94R%R3wOkWyZ@pmSf24;6Ofk~(j8Ihml3yxf?%9~_o#x53
zF<DYxg_p<#K2TTenk*O}W{d)ONaTLnMKwZpZ0J~)``rsC9>@-UuiJvk#(VB@Dl&)z
zS--~_M!8)qG5h3?1<sHHwB7x7K~FP_y+Mz9@qTZwsewH<l8)7U+Zv1kfRyg3egxJK
zuq+3k*XzHnt864%gCyGHXNS0l<h;-oi8(d(W_4;s=TNFOgwmuwT*EgcZW_U(TV3<I
zD17z}N*}JJLZ`oApZ#A~f^MfdPX8keKy$YN!${~1kY7GM4=QDyoWMcO>(thTz_30>
zrzBAHr_$zA&9E}%hayQw*H5W6u1vTZ%gsu4@*AZh%&vTvdYHo;Y4D5i4tUIoBT^6o
zTp~H<-{;2>PrbJDhLpnCj|6*yzeNWz(owzDOW7lJ)Uv3xhBcX<70)`_=3@l6No*iR
zMIo6Xx$Dy5>1N+(M4cd0*2%_@Q9=8af8&b)i@?2UUo{G5W@%r)hq)QA;fTQw$?C%J
zI*owJna3jE_=`SU#ezzFp*Y_5Fl+-*o|#km=}09vkwK<OCwl5rcxA&^qe+JQH8Uu`
z@C(F*i<-2kV=X0wa$X~`(^-`0P}1l6n4~;Qur>!nl&B&txe)cK5RKKqIamFf;Xe!u
z3*(S!f(CeUo1nUC*!Tr$*<Y`+O#PAj6=LHVN>_T7pOM7lv2x1NL{0YQ9In366Ad`W
zjV^$qj<xH>1)4)mJ(}KhtJCD!4ThvZ5haVsmTWte5<&>_ns<XHMql;SSH&4jEf(TU
zv$+!aKBm*qo~@7qtuiO_g?yRlOu3(Kaj=x?E}(Y7p3Yx=P2T|D?|TPN9fZCguh&8>
z^u6HUfWSS*BY^Ls?TzpH=mVVi3paO$l<3<7UdQMFui?DWON}94X>&k56ik;#a^m@R
zE~F31qi$D$cqO^)={`{FDX=?PoOT51@Dg%m{cD&e-?W)Oc_?9{SZ%JOGfrM3lg4w^
z%rTmOg;g)pOWf}Y8Uo@(hb`}M>C~5xtkMs}I;E^W&$4)7nCw+_Mq*gfXEz`$#R!$w
zD~$K>Io)DQs?~m1zfNh6VmLAHk+5(VhLX`XwM_*Gpvl@;@C-qQyPzb@EPaF_f96!n
z6GSEHn9QR&EG{mUN{Ot?pb(*o+IgttgRBiufYyTuaawfz#y+P5Lk+3-5Y<@tywFl)
zJ2S<emVY#NZE``H62!;6jCv_t`RGzpeIA&+m45c)BQQg92&K=~l`Rj!y{9MhtFQRC
zOjBJF05KMVvZU-awt)3N2F8pi(f#_WO9}T+lX4;+1{FdkdRRQVe_UyoFH!6i&y3wl
z-O)OE^Q~JHmKo%3;<CN6P(FTFC<^@5h+E5Us!L^<u?%v+GA~G?P%3-ff<PO`VJK6#
zn|QoXY2?>fRgiNlgZd@Z$FSxBiW#p^H}6c`_bxIQn<pq(I$WH*kU!A<7CoiTVTViV
z)biB5d8&*${`kdsw+Z@N(jJ4NM-21!)ywm<O{285BL7v}%Dl=r45ob;55#WRWE*)O
zf}&DIr;vxIXA2>e*vXy+=+Q2+B<%;Bf-Uis?V17O`lU0`3=_2?c#%aW%|&>r?A&T%
zcltUd!A9gR{T#Y`6rE1=p(Q&bWvC@+_EBp@di^UBp-9)&mZZu>1WDV7ej4mih1J4H
zF5Bxw&yDjE#M9}H$y*MxT2GBo6>R6jh_UU>_4PC{FDb!#VuDI3g@chnbcB#;LtEz{
zuZ-&4NOrcCw6T|p8YHWzd@@UnxxMX;YTS59$L)cRFv-47tjtn-V!Y;lj+Vl?ot_1}
zF>B(s(R2PhX#q$4`Bl+8SEBcCiUGM5TVHoi`-kV}fuWC<9<yh5iTI2?4ezi!{~bNv
z$ggck(!+Q$|4bU|7QIyyooeBlowVNHdGgm^=4)Fd^N3?C;~nluqK)<{VOg+-?@4?p
zOn};a6a1wnsD7|bgB{`BBH)`75`(TN{Abo6NdmX<xI2c7RR@Z>Lh6P_bRBbF+Z$47
zrQp_OG!QkBk<~sT%aJ<^))#gJZezuihMzvL+_WEO5qDrMiS$JV2VtVq33%qwxt(Re
zMz@8ll%&jyHIe>{haB_^hi^2|ZPfFRLWY!jkaa`IhtlRq@~98E$56A_G%7&aS73)S
z7|UmhqpppT;KfL#mQfrhB5TKJ2$RAmYWy{w%a{7?5^wR%%^EgrS<DHAcRp-$^XFyI
zl!A`7Tsu#bUmJB*Jr9MPRJp2CH`tEkxKnn@<Eo6u@+`t~Mce)IAeBtHwDjJ099Q+;
za_opqwTK%u9zmW1R*^8jnhFd+yqv53iYNw|JE+J=-!>#Aka~HggOWo%LRtK4BgZ(<
z){yg0JOx-vLnS#v3+dpiHGkefUEpdSOmFv}?Zp;)93#C5(dL|89Lw4W_YfMj$v;=n
z3E6|^5azix+49q8ydGdIuaJ4e`%Nvbd3uBJ2J4B(Mch}OSdSrHKc)@2TgJ;L&o6I3
zZ#A4j4Xj16q7C>*;Ae2FVC`(&XsUW^J!W~uPh}R6+)cl_?0x{Hr0MQq<BP_whr{wm
zWm{{X1R{8Y(}qpyh64z}dsl-&O;3v}&r6eDHvt3s6cHs~6f&DdgFccQY(wyz%p)^)
z(J$!sb?idgK#`6E`M{!E1=>nSiZx2ib?4x(>AdUSyl0RZng!=l&$KpK+lI6kkm*jH
zLEjd}7Liriy{f{~m^?hp!;bLJ>6ms!GZ*NWR?#M<G|HrQoqnETHOavy9E-uvaEynN
zroqqL6~0;-?SFm-H?Is`eKxRwz8F}5>Fo~PWDD)5TCb;8zb|=G3*BcXzmJ)iw^n}-
z@AU@8H?4lR^PV2zi{PGbWiUX3Zf|GjiO0uxWXOx<^#<d31O0(^w~LOc2W5N%<3Wa~
zr=g&mj_K!p>&Q2B#+~-Gnpn@gG`@MmZ}l+u0|o;8GfBe5IWG(<IjjPZe^*y$Tnt|Q
zq<oGQ+ms`RaJp}UpV*XJ4L-hnE?`WHZiGt;a<YJVT;o-WX^(*{RZZa*7Yz#wD8N>~
zSB2yRjhn56g$Dc)9W7n-|5_$5G6COgscftacxz5hLAPU2)`ZY}MHJeL^&ZLWSO=Hh
zLTr|2Vwu-)4SFRN>~;x4_@YmfMUyCn=6{(p!g8Z?1S@~ULwvXS$pjP=bG8P}=2Wbc
zbIX`MY(6bRl_y=F=SV4OHo^6wsCQwD-GYN^N;CY4fTXD`L+mvG9gM2nz0P+MM!!E)
za3&eDSU#REb9FVAZ8)=lS%Q2fX-JZKJy}{|?w)Lya@OMvf}tmZamGK6egC$-Ef*Am
zNnE-}yEHOQriUjYF&qzDsMLBAFLvZe2|Wek+6~DM(mp;LKR4Lc{lfP=)(MsitM6yq
z6ySkC5VD6!gt=9P8knDrY`oeQ?8qD41IbLZ9LnNEzc98LkrR#rY<w9nua=6$SA`NK
z6obD-6)AKx{H}kDi`voN{i>sH({=0?GWstkP#~ua{Nq5|WAx(?nMzDtHUrmEgcJFm
zL#W5=HWdy~4^71aE|OU5g(E2=e64IO6N1oEGcAyz!;LMImR)i8`)_^)Me7CX_ELB7
z)?EI?4@?eUQ0*Lxae`x+N?p5^)@u`nmP$l$@^?;n`9gk;USz+vW@s;WS@%`tnBz;M
zhJokzQqxHL<(%D$>u8P3M&%CDcSrD>i|gpmG^@hDm!z`w4BZ5~=i)lwSSMZ?@!sG%
z{F!I(2yMLAB3y?DJ?6=|If~Ga#}P#VVxFF!0RCR`^WnT1|5Y|2-}orRFq`IOB<qIH
zJKCjc^PUhIhh<zmzi$C<@PF^D+*8U*vW|;MThF{mpmhtDlK(fuRg_eJg2QtBr)e!2
z3y`-g{3q)&>L>f1=8SrfV=XnM^8?+|;(r#-dn%GT@~Sw=5-;#dsr~}HBx;mzMh^;V
zJ1CDoNByo}kkl}!ADJCc)+!<puDo2F96l-xu0W=LV^;HkYHMt<istEu=ghXlAc~A=
zW37f%vthi&Ax1+<@0n@5iPMUdQ*90%<W(!bwrwsXOSo+2Eg=4jgO2uj7&lufHBIOv
z>kG;M7lAruKf$}4tlH~!(XQyd3F}ObAMLJ9i}UbU$W~g3MRrApIIw+ZU)*OhdvVi>
zVPAiMk@|m2L4`=A-%E32ShD<fGsfKi4fH(8`9Zfeogw&SOSQ=2NSA!%tU=aDQ$MF%
z?0hJrAT^dL4fxl#-AHmk0X`eu??8Z!LAOqkK6qzK5n5%?J?oJrYM8B5_40`K$NW#n
zg6Ac~NC^m65@ZMdp8Xz;mkq>EmF3C~sU`k&g?+e^EZLG0YQ-7fNRs9HH)i`2&<t5P
zGodB6%SlW!r;fV@kdC%_h8g(~QNPXwTtm{4Gywbs)Wk29Y$2<eN`*C6D{Q9axW!C~
z#L({;BG?xG1aaMVXVq#jot?GaB@AdOEtEU<oMNuKMb259K60Z<XdMompzWQ5O(T1U
z2%miE;Q4CfqF&M5AUbFjWe&W2AirT>Nz(5$#uslDUF{$PcW)#Icl?<|vuQbrAO&|S
zvAFP76aXVn`QMOdrM`KDkDinkU;3}9S!@=FE}Mm0aQ~aZPl4#S+bKS^KMUm|Vg|pL
z*1LfBW=jp>&v@Fsln>0uI`+>$P3=%{W<?3O2{7fF2Vj>(-hRKHUK{2nyafK22^^Hb
zgFhR=xJT(G>9%W`$k^D~uM}Jd`XplSyc`;8(Hk0O7+8GB?LwE>`z_)c0vi;f&WeUo
zo(V(=DDu#lbABU(kUXRv5ZcA2XLBI>A$nq~10Iro6MaZbO`qTF_^C?WoY*?-@+c|m
zVEPvm+$E4K-?X5_zqoKT`~90w&CcegBSC4keGb<(A_+`|JjFu*6!CWVZBIienC&=B
z5*%o>=Dc^Z5aNvb)fMdKJWX0lAibs{1PkvUjQ(6Ho3rvgQg(o(NlNZQfRDufP#4YV
zjploLr9QfZN3A-UMFEmtlic|fh?ldr?eannQZVoS&FvfJTVde|xt_vXf<k`7lWM_s
zc}AgxihaUNV=~HUX^Qt~-cBDWq<gd&!oBJOU}WiGDxj16y^A`oMLCrX`d)SJPR74;
z=%d>`uElLfieFb!ey(>Q3dY{)3@(0x5W=2LT_q}sSYc956?ud=m&z}{yJFKSnWC6J
z;*{jn;mxI}cP%*0p5vx0RvS8R0fpDg2+MHwAX?5_CP>N9*N(iM_2~|l2c>L$PkchT
zzftAynE-FI6GYrBwRqR4K)|S=!mr(tDi4D+vy0Ykb@U)}f(iy{QRJ$TYP56id$f4k
zbHKs*o9JCX^Vc?#u6p$Z?jS7f*=xvcKZ^GbyRLfv4Y}K1f&j6DKu+YOVqX5yvOrhg
zQI7cRP!7<0IIYfbdWOhm^ddZ-OO)uSYdkFXs!+B9>;tFIuWIufq#Xg^f)C@#@EDtC
zTXDDOFM%tF1_PNR?#&ZxlpYG)%^lS80>-&D^Q~AKMVd?LxEVr`O7#{c-33<nItq#p
z6YRQqaA_;`afbs7g&e1A#p3Z!Oa-z;!~|SDt14cd@!&Vz=}%_o`xj4wv$4bFGLYgA
z#@?s+51s!Hpg>>0ng#X%3Bjjx;y%Ea6XCK~1%XWJjeHt~NP-$kZZ<?%<ZJYhBP!(!
zTO9?^QCQIv={EUF;NVm)oD^zQnL*k~W)Ri3Tcp&|XfY4VG+;b><T*Y%k31FGiu(V!
zdcIjC_V`kfE!X8uBC$uD&1;FiZyt%QFDF)8C7WoAWD^%?j6x=o4kJMN!0?p;S~CzL
zA;+*kkRCJ6nLEamgaEp(OfJzrtlw6F8wpv7nUU#18@#$cVjN<1UkEv-6G;;`M4`+8
zOBr@(9Vi^4vPaxNpT%|5{gmNNCsj@v-mds0d5G0@AK!~HTqGm7N=ajtWukqQH&s$H
z%93INC43ja0Lvu-43$cV+{i(|fgBw`53{?HA#&lZjgm8s@+`oY;&b&;Zj7QoB%GTZ
zDz>(LI2SlMDg`HpkG#q$AKIe^C#&iI<Ldcl!O0T+-V``ls>_=MC#&fArohSKecwDd
zS-kI4!HJ5?Y<K38K!>FgsPov5$B#U%(~A24xO%=>3H12VIxW}bO-i6goEd3}zHeRv
ztuMb&Tg6_s53&+S2#pCss8cG0+V##OH<x!FxfEJW{~uS+H!Fpf==Y|i&{AFAq!e03
z$2TQ~7VrD!rO@JipDKk^gkQT|AcfKq0clIRtUAo)PP^WyH|jvuCl1jVqZ{$A&b}+`
zl$Zh<^^|d4>Lo|;8Y$B+{!`dU#j`^~*?SWC>^vj^9Eck!<)I4uXt(ASoCgyGXR{98
zGU?A2_uEiWivUhlAGuCbX6hsqlo1&U`p9MQ!6TQ!tLgva>iK46@Dlyrlnh>~%bS$J
ztLXTqWbopB-@FW7yzf(Gu!;g}=cB+vG$Laqih2?DSPlC?i6M~omJ*Up#qfg=c^FYZ
zgb>O;sI0F^M*p3ul5G@G2702TZu||>FO`TCd42W!Rh)%@cy6{QBY3x?4UatpM$nI-
z=iLFvL(oSqhynon9BsHL@JK8oeRRV|$nk~=3|h)jzFp)f&jl|nbw}6HYMiIzPmq8^
z4{6&>zf@OWe+PTWdnvO&+zhcZ1kiP50~Pg1Mfzs(&lG%I`fXJ?6cY83oe&267d1ut
zvEE&Y^W6;zuK|geexXNh0USW=R{{226d>P4etcKNa27YDdMiq3#)f0)g$TMb^+wT{
z#uye-M`Aib9C{_89v%!??8YcpHDE)?G}QrSqPaBfQ?sia+FJQiR~$&vgm@gG3cx11
z#`!%Yo`=Gku5iV_DZ3p<lel+29AQWHt}kj>8}L=5K(Wl#7wAr3lz1f);|0V=J`<5A
zhPSBdAqC@Rz15N)3C((|4MIc%<S;x&-d#O*ij>Qov#sMrl%Y_2q3V%}X8v9+9horY
zb3PTxKwV+Y2S0!Ocz($n6@+OvTAibbp9~}4&wjM6Kbnwi#&4aZCQ<o>wDJW=Tufzn
z%{g%|krRcO-H8+~d?PcGn)HwZ`GR3XbSL6vToi;z7AZ*+zgcg|Kv>;Vx$X)c>m>Am
zaU^z8Kll?4^nu(M)d>lWg^NiK4I%$6<h@n3#|zmb$TWNx@3U1i2Tc0FRS$d6sRuN8
zlRT?;-|Q_JcBEp}b2s%VCFPOPQVuGud>IrKeN}oAlxMm%g=6tg%^rotpMInIH9ZK+
ze7ZOW>x>@<`Nw6DJ0DQK9WaD^@{u2}FG%I;96}fP1fYH&IqWp{rjan^O&F4p&mzB?
z#AkgVE{eOZ?#hLF)}zR0{2Id}F?%1gwf7l-AdGs1T>l!X?YUsw@e^0z22v2Bq<~Lq
zNhl|sRz3l~T(46!1o3e{jonfSilnGA`K5IICpYS&vV(VeNh=d?t2Fg)nYw_(J*^SY
z2#iKSELU`AIkA03%POGQcaS>5Qx+mP;t!9Yd`CU0{ma}9p6}a_JS1&3{eN6N-|YE*
ziGFYDe7{teH+jBaMaMUFzF)lWn?K(#-uG$e`<Alwwv?q;E4{&0`Z#<A<cR`-ZXPvu
z!GD2nnQ-jth--1eN?{S~gFYOKK&yUQjS!#zbN%?gL`Qmr4U>nc)Zvd1^r<|#<$AAF
z`BbU$hcF0`AD`+}Cd2?zl}SjM2tpR0H+k><?-_7$$mjhoZjryhzn(yBHbg?V5h9iT
zFg~uSddsd6O;t5>EeR3@+E@YIG`>@5kqRe3ctlSew9YTdkyzQ`IFDlz6^VHMl0W`l
zJzcI?Nzji>ZOKun&U#e%;i7l-aLX6g0)w6d!Wlz1(Rlq2(i7@~E4^&eqnigL#!aQL
zp)z~5gxTwy13Mp%P?~}G6<4srTgou`p6-0o`A9izWW*sJkP&*A_({wl=1<o#+4mqr
zl*vF)5{O_>kvL1n1F{hI``A%u_Yv~hzHYS^x4QqG{$wqGbFaR$^A&s*nl-ryzN$l#
z_<iSV?Q1RhN&UX_6<nEUsBZpo86c<5Df$79&=vR!u5M6I{L6<}lYj6QGU~tdJL+Q5
zd!_SN*pOPlS73JtL)RfLa`)m!<C~d=jioT#aE!&F42&&dV0<luO$^hV-bo9XOob0u
z<@O6b{wO~@OD&6-WAS`Hk`WhDyF`3L_Zfs(S}f()us=AR7|t8FOzSWRsEX>Xr(=<I
znzxq)lC7G5oUi<s1?tLL&4JW`E_zAAU<iFF=t!vd)`%hiBSz>@grQ9Cxh4cfo9lWq
z=Sm0PYQ{2J>M7y`c=1M*Y!H3uFcKoS4$eH!6mrQ!@t(!+UZXp6iKa99CR?G0M|{oj
zKe;eNlu@B{;+w3}!E0@bP#(sEXetGGODMoqnqSarB=+&5)2@h^Z`3=A0*!j7Rllvv
zL@q8tR0I$4Ssg)!9kE7ZMo<X^Mf{K|b4Pptl};!Yzm%lH*!4TH9XwwA${;S(^`+}a
z!NFAn!1bs1-_9Oydtav=eYdEm<%iv^>g43(?KXC`{6M=sy`AL<yFI;~c4%!Xb6ZoG
z+om2&1bPmjgMLx*qguBt1Ymtfd53X;P;@pac)cJUeN$PFn#ZPmYaY)e-wsY<`PO)r
z@~!dc<lAa`yzPB`X!*88PajUcE!D|~m2a!)>ch#m#e2I6`L=j(r^+{F@NOQZWXaKN
zvgBCH5-wGqpDZ~zd2F&|MLpj3zCN%lS*E8CCQFv<<b%qRm2~yNWXTe}-GD4vqPJ6J
ziSm?b9;Rf;VIoUP6D^C-nRGrNT^~dRj?_HtBLKsJNF}J%f>N)j+NuJIkhG9}>Um@U
z0zz3?T1x)Feyh=H?l%tho9+F4*J|ThtJaWND6_eqwL6S1>)=8<>=78c$|$JZWRRQo
zuxlQ0`G;WWVHBp0bjnGm*-4SEGn*JbjK%QLvlPSY&l<FyJ>K@dKC~EKOD>?T>g2<U
z;q~Us*`D4`6>Q3LrFoFroeyT)ojdXFeE2MP=k;gQ+0GtsdtV=VcV0`LoUQ8Q!|u-O
z%_p-xy`8!{D<`IAJGDEvXWN|*;@!FPu)FhiY|iUXG_yTDesB(5X%?K!qF2sY%~opB
zw`N=P?Re22Jhw%!VmE7i>?>PGs#ceB<P|305gvph7>|)SXomRS9T4Rt#%-a%@F2_R
z0hISqvzeOK=4{j2il?>Br!_7Ha)a4WPdoGhbY09a@u3H<&Wwd79kJ+@m?)u&iQ}Q3
z>k?_NdUF&j#h6z!vfYT_WF9>a$?cu+BpwV2Ws&bAPrI=TFLoa?JVxN-yUTciWdhOS
z1u}rxN3L84<3_zLi_FKXPPqg$Q~q+z+5F|&i4CY#xab=BMRzXnoLy(hI%}-}8K(t=
znwArDN>8-Q?l7)Sms)`67E>91n9SCt2y0eb!<$=%LLYip>3E8=$1jl+B6g(|s8XQ|
zJj5vAB%^=^$ie+PnTA0;E8Ne;)~NozMk1y&q9~3EF;<d{xdthRa^9hYh+3;GKG}~v
z(Te=KP}IsWh=Sz}DS%1rrVQq#L_QAzL!-cxIgB6!PKZQWg&BHhvYm3{IX2v@`Ff7q
z?nk~OV@P_4&x*)ffMqU=IG|XorH|{k^;<o^%KI9oLOhM)hjDR4J}%=rrocxIq7;UA
zym1n`vIL>A!HnwQM;uaCHQN^cy28yr?hxto0Sd3Fgqu>els;X&dH3e*@=f={+50zN
z=BS_qYBl|pqk5;_h~;l;yvOVR`X}*?FY^2Ev5!a4OO?hlXsh3m%UJS*;6LdShAFse
z)j6CqxmaoTkBlV(H6s}*Q1m*jf`l%7Ir!v82Le&Kwf^@@Aik2?|CNU7u;eR=Z@o&?
zQC!ionhFkxKYNv~pH=IV&=G!Z$?6JGO|p;{gX(i4B8n;g<?=v;2tXg8FeEDT0&$#(
z%L5lXV)vFDnQjL-(C4rB5Eu~`_c3zQn>_Z%(8KPj*pceG+SDm{E3Zp`_ERu!)<q1>
zrF!80J!H;MCiplV!Qc~Re1rZX|GBReyX99-D|zBozEy!}?agfvA}X?FoPPR}{o;kB
zDj(FYkG;Kbr?MiJ5Tm0}#9+@uae*;GI!UV`-_KMY6XB7Me1}9nLm_gj0IFFUV#-K(
zccqPP!r#7!;;Q#9VkjJ8AE`7idhznsZ%BB}+Y%vZvbm6WUJp9gS9*(3&!-;Btqh$f
zPvk%G5nrd^mAQxR>|7!QKD|;Y^K?2KnTqcRDa_wWVb5nHHURR^)#*?MA_>s3FH&4|
z`HlVWoTR-P8zLF+SCinNhU513>fj?0mPQUH;?2G1A(gF#O6cPv2C=6Mn8;`JG`|<o
zA-Rbo0%zWU<oy0qqz=4O_Q*(+(`fQaCO*<z&G!_1(z$RPjOdr$@612<#Li@hFEtvq
zQCvXZ8KMxpk8wzLQa+{<M2M9rdPDUH(QQEZLh9WWwDvuXzfDtNk*7O5U%@#H;fOCj
z@D;p9)CsXnO2q$?ITXI`d<7z=3#fl<>Az%P6z9LhxArUFpU2qc5?uffX}cYg$aCXm
zZ{&H3`y`*f;fvUZBas8a;~PIEQRpBY=Ol+}?Db!-Dxn;BErD~DtGH(w*Wa(;7qbeD
zv7f~cgRkJK;y}hcWHec$ca)(~MTe&u8BjR%xgZ{*b-Cm6ue_3bug*rn9|5mq798=Y
zkOzETHE`lsnxPOnOfGdp%DuXvRkbkQ!+=%=!jL$S^3KX6Q4_ia2ZIm|AVVLCnp$z4
z_w!8On$T738+nSZk7@dDx&sDZK^F%6C>{rseg(e|ktmjAoE$#o-<Vb+F=1uSohpWS
zpM?m?+KB2xzTrJVT7~vhPNM1kH-K*xdV*-+*Nb-`AlR4EQF4|sW5%*lUljEy)h9&>
z&X}Mwq7qXPeAR<g)UlGVm(pk?c~USDKX?Tm^rh4gxs}X3q9*24fo<|YX>iMp2y4Eo
z|0Yx9<QU{-*}7M$Zp;_sck=ufM?i`*UG}cA`PR$6SEplVrYYeNntzUyR4Ife%!Z(&
zaqCPrC}gt885>8%F~Y}i(l}{MjsL_0pM>axrlrOeg1_F1dmwjHCwifJiV#R@genG4
z<+IZo4*}o82vv>eX~7FJu1{#kTudF2LF=5jsYj{F56S*#roWO~uGj&-f~!9CsNj^0
zU{b<}zoWQa2tF70`zYjecQMCry-13pF^1riUKc?`he1eg3%OoBwC|#EhR-=8?FZ1g
zh66<RvyJW5!6lMgeD)T&x_EQ;`u&^w$dy?UMtp*>FB9sBQ<e{IME*F>(<4)uO(PRE
zJ~3+%9ZI#5N_e<J$r@hsQ@={Y_FhF(8{4T8GBECh-c{u|<ltgxQI^<EdyQcqT>Rrr
zlB>;}Z`qkkouF;WP9%xmX8*RJ@si&S#5~RZ&A0x5pBp|5uz$Pwr?G6M=JRIe`1%{>
zxQl-kF~^<bW3Ba%wN?84>o!$o02iO%HmzkU7w$qw9LMOSgpJwMgViL1V`{bR@j+a-
zY55qU9y)VJ56iFWqtiOIR=%CF4{PDy8Na<+PMY{pd9ZsQc?<_$d^o34U{Zd<kw7e?
z1mI`Qk$$NF$Wg7Mluan;iu-X&8gYPz&Jd%qbl0r{%+k6?^%(&Ph>sGGm{RT<+FIWQ
z5CjkleY9zP0RaaR;%MuGpU=|T*ebXgVo#prWoc9+g{hH|S0&|?Jy(AK2;$@O9dIMH
zrzCSz6(~6$GHPVGOeK3k>9mz9r${QfpPV{zA_u>d@Va&ulE_!%`-e|%eDIdih|i%o
zv#SiI#0No$$9x_AWNfWFJHPW2>`#OYJOeMt6Nltwf#Id<UALg$t}5)6GSMWB{C55d
z1W0DT>>+l8kUCfx4$-Qq|MS29KTd5?uU5@uoF-FsPEMvMS?~vPSRK4gsSi0|<A+g>
zgwz`x-^t{pe68_yRdl?OI?Fx|(TzC43$40=oZ_Zc6O7~r!Pl3vG8kE*O!cNp(+X}-
zZ%D{>vc}};8H!2CkXM$Z75SzUnx@TYsa_{%bp9nV%c&X6^j~)+AZ}f%k~ou#JWxdt
zbI98z{Nq_#X=s`MB469_R`7}6cZow2<m`APa_a*zTLM2Pn$jBLG8sul-H_bW7};0!
zsp;kS9dzBU?o3y7W^ZTb%o7GGnNYYI=c&~!D{NmP{bX^jO>GycLwAIQ683jVsF-VC
znk<-Xej=|ZIMZ(d{o2mX?->P2Y<kg}`bNFo_<L0`U5E;w4T!6>XH=-aeODal<x&%B
zaO^WA91i4~5_x%q?pi3t)pV!!zAJMP_Yq`*^@&L2%h%=zdVCFVCXh4D&wkPnCF@XY
zC7n_f$Svn*wF0FwR%-~AZR}@Bk~5I>Oz`_CV)BoKLrjBSY)TL|%6RNVDWRoeSsaC>
zYC_)RT=((arN~~2Ih#_7)qcSD<tWhU=NuF=+{cbI;St~xC6q+AG#`uzXF@I+t72#J
z`ZbCNK61@B`6rN1qQOvVOekVeAa#bA8XO;wMU=Z1yvA>O=oXOB8S?E$4q7M|Wd>%U
zx0bCk6v(5i)ZS_Ngk3ZW2;(0R*>mE(APRl09@kS$d|9o!-xo`TL@ds9EsoAYi_AND
zP3t>5%{n;aOF}Eaf!sDiGR88aH%wE(SF1wE{^Xc02Lg2_SUzOP#B_+|8n-9SoC3+n
zgy>;vdXzy3rM{`n8p3+5tWctt=oT|t-)TwOC0q`O$yYeF;j4uMg<FNhaB)rbs#<V@
z;XER8=JCNKeW~xX>)^Na;(kAIai?c9t?sMFyo^K8huGuOHzKageZ+`T*eKy6W}GT!
zmCHgm+q*OHn6ziJ<O;(hR0W*r0bdS-VM<sHp)|eSAtnt+{fG;C#X>cX++ueP>1iQ1
zvJg28ygF0nDT-Kq=Rm9_LRoq-@!6BS%^%kqCT0IOhQJp;keSQ_$T+Wv2j?TVB32L*
z1qnP)@e0)Y!K<@mJ*qErUX}PzzbIIY3M$LaxXIct|1u{(p`3_nHUp9P9Ej<oWY(tS
zR%^&Qy0i1vG+daQ9be9${y<Eaj`sOt)u*#UEmq-^dmO$)bGu>)P~t^8@u7zHYSU!#
zvJp#$A<B>mG*sUB7(1qRRnB=Pf2THwF_s%ne8MyYxe$6Y33J{;?#wHd+nn&Sb`_`b
zJ3PWn6a9xI<$kh-#F|TfUXe~C*yjK=Akr8bA}N0O?u?;l*#BdppjQJUKz>0WIztt#
z9;kz)3!LbfUh}p|#BLBC3=>Z8As_XzD0nf1W2N;JT*8kfrZf;@OKL%rgya(4yhdZ>
z5m8FQz$6msa8A>)kFVp{N0nY&ZZY}WS#J~7REWSI9Opvdkl;@40H0>`p_*oXne^_S
zl!Jn;mEo=m=$-E%7wk%8&N)oZ{+?K9LOUuz?WZAhuD|T^|L=i5@mv(94<)fv8-V^@
zoRyUWQhl!M<B&4&iGyl3L?ex-NQej67k(rGq5NQfH}fbn=HmUHM|#rEB%pM<$lSgg
zPq1lX76POOeYd8LptU5pwLWt9bbdZx&`PcFggA2T{1}CTu5XibgiNujP8T&71#HMq
z1R|U_cHGK%aw&T{KUZOYK&v`oEk$T&rv^S1VCAJ&M7qtSDZ`$EiQzxsMlw4o8KZEF
z(apYSL9P74o+z45wg#$)zS9$sJiI5Uo9>QuGm~1IB9Ie{XYIr#oM8loYtn|NjV^b5
z3RG|ittucUcGbjwa|KA4&x9*HIen4iGw?Xz)3qN0Wnk~aP>YX(8Lo@9QGDp++nr%P
z+RvDd%rzlRjOjJyXT`$A6>yb#oiFZFvD7l3U1pgXZ28*!+CIm-wLyekME3_$sMRQg
zAs3z__d69DU(1B=$W@zAXp>ztV#-9fv<6Bmxz^t~b(V>9>54sTXXl4lxK&f;R<-i!
zR12k29`O|(A8V?rc2kI?W1M!ej-j>ok7973IHFK{85i-o<oEE1GvA$Z@6pmCHjFBi
zI*}zf#!wE$vD#L7qq>m6*wh}nwE%|fPIxy92RgxwXFfoX-hmq^b_AEmeSn{d^^uW-
zmynEbyhX&8{qlY#`%D$+14{;7m;>bpgh{Ox&xr0|TufBf=;~util@HwQ5^9pNz_9^
zPg`y?58_T}i}(lZ{Ynx28F{1Ml&h6c+LpJG&J#GHovfPoy@(^>0}+!(g<n+>cSzVJ
z-uV{_`513}zLs`&E=5I_t3qG0D?StQNS8g7i+!{FdvT6usA64&)<RKVe_Y!Rl(yfk
z@BB<|&{!*8iRVgJsvtyte4FHg?jdlEf+QvW4fI)D6ivP%IZN90CCBmep*|;y-2n6u
zzbV0-?$Vxd4k4z0mGl5hTP6y8_O!oZ(G<+%MC_Y(n_4YI5k)m+!mrh+@`aBbR|-BS
z{QzIQ_&^wX@#0h|x=i<DWkwOF1qn9=DXwZYH@vIyTeX^tdeJ~FwhN?ub;M&at#@PE
zDYsGtUc4yi(2EzQcSX^9;!VDIQAm*&FZ6=SPpzCssr?cbFTLPScXs|;oU7%02O*--
z2q_)Bs<KQ?-w<$Rdj2E|DxGxN$RjQWp;co7=8ENreRXCqHl4VRf&@Q;bIk83Xdm|@
zepPDN&iS!ldT5}KV#<*3px=lWjba_nengYwT`BjA-Qxl=i2W<zco2`2hT(K)2LJ$!
zwaow2u`NRF0D|%U{~dpysn7GC{x_%v;QRXu4Ukhgy{`nBhc1x#lq}*_IjzVJRK9)t
zUVl`6U9QyA7cam^0?;jTBIWT7dt@9}h_31yjiEGusE7+~N4yd9j6!v!Hwtd|Q3yU6
zI_--e&R&&e{}B*gyuwMnFRddr7_p%*{{QEG*n`gg-p)>|4u18`(4n%GuVp=7Nh-B_
zDyAk&+E<)r(u6-oA@1LS^WQ*^GcN)cvMsk>IBjwpiaS-b8dAGUYOYn+g0W-Fwq9+b
zPkPRCO~ey<78{|okwwQ?#W7WJZA(#Z5Mn=D)hrHf;vMr4yV3`b;xT8F=F4Xbqoq`X
zd;roDKsf28N1z3OGbDtX#W*=Zg@r7hHxXX8n}b;A3DT_s#GLw`&i*fD6{+v+wCmtP
zHtR&8@GZL%0S1CyE>J%%>%ny07P$%h_B|D40U~8}(aV89cQ%ID<1%?Nou;#Njok$Z
z{6UEiYQf9zKiyYIP&ow^Nr*}nR07C`{K`J>^uF$N<=dC<%NEB2a5y7tVDd9jT~`*W
z7gDAw6}^(=94{j}oFKSTE*Zk21+NjHu`ylEzTP58e?nU$K6CNGdz|p)M->+quNq}7
zxKcGF@8HPO<q&(=7ey$!@FPAFYSXx3r~>b>1K@~6vM?@XB!q+5l7?JWGL#L4z7=9$
z+mJ`ZMO0PHQHP9bQdP)}TT&m<g&?ttizwMYCDIasj0Iyp-2tM#Q?b_67hZXg(hqQi
zPQf5(i9523?|BbT!Kcavg6{7jX6P5+L6tA!k=RRLwiSEPsz2k_PeG^g6Ha0+^cJUs
z7GrW2&yg4_Zy~0KI3c8ZbY+sXzO$3xSCvZN86xL8wUo~O#V1YdR2~{Y=PtDdzo+2*
zHz`}vZXI$V$H&sdH$fa%&;F%PsT`OSAI0`I;Y0(4>JC7|SN7~*9BL^q=HIGjkdL&j
z^dS~SpZS7J%R}O$Dj0Iklo&^@Ob!swf2(Uva{BZD5EjUbgM2v)nom?*8XJbffR$p2
zDnRu?y~y03J*4@>jh&u3XfxKNd5f<UrID|>gbTNN4>6bt_4<?e=#-zMS?vZ<R%^nz
zOiTc&J~z|2SPG;Zms2hY^|6E&xfLl6H;RAjRU)JPYLGGL4CUI;Re6O(Rzl?bH@P_Z
z!C8kb7acWanDL~eChte=36?9p=8#cOgq;g(R%{nhKvg=)h+)wpwPn?~SWS6!RpYQn
zNWl&AJiTZ|S6Cz~6UF+Uv{#v~z6uS$g^$`u;}bx!P?`u3C(5rGhg&WWV_&8?7KrN4
zYaPGvEWc&Qr+AE1IeHeK$An}^0*Mf$I2B^6rq_XiENLt1*Y{(lROZ`IA{D5?fR+V(
zRj5;xRLN-uG3w){{P%()|2+{*ucu2%<(kAc*z-)4R8sy~P$Cs0CCX|Op?SW+beKef
z7zc2<v5`m~?iqHj5u>RPSq_Rm@d;W=bBKjk+<xbzCG8jGEs9t`9hDP#-u~gyVP{W!
zx8T9B=Akk2fL8hQF~5>CFP{01qhsU(Gqldk4I%<D#S`tx;du3(of`N+TvXG_)2i^;
zsR?Jon(`(*<)`0t>2;xwB+!+D*K9MfE5`xit~});Px(w~21wf5scBQ5_*QJ!i%-`=
zt*`8fwNQHGKr`@AdI=~u3TYvAkpn}u3DDS2Pxw>_1*Hz86MUE$5Y@iKCE5rEG!yiZ
z^*ODBAB#dJ(rfNhTH&w#*+j=@w%{a+>9hrBKMvp6Q;Xvt>TsgY6KSKeKDnsVja(~<
z8V393+!+v)0LMcj*gxJUvQ25MXq<>l^@rj2CH&C&wh{Zi#16&mMxM{aNRo2}kOvDI
z7mvRY;>g3-qTy?VWWU7B>McUym_(NVB#e^Iz{Rc%O0vZeLcO6AC!GKGO4*oyqlso-
zdypj7EQk1fq{6hA-8bc$NnmZpjT8FG*U$ds#CI{hmhQ#!T&`uZ13eF=RKm4blE_N#
zNk~!>II3fJWS<TE0RybEc$|W9bLSfS?rBb?uropoaw>C#;tOCLjGbCh7tD)|9SyBb
z_`Cx^4W!^Ie}IqqHKx}REjv&^VE)1>_&|Jl2IVCAFvr*RJHKAMJq7zT>cvq=bidze
zwmR-{tJXSfwQ2`Wr%^k0Tb)|Ff7F9*bON1&-oB>aPa%l{x=+RA8DG=)YXknkzOqS%
zbpJheLPANO)nAcO5HYmR`$6|-?{}YmybI7Ns8r<fTg;1eEpgRx1G>NX-rXq>TKyd$
zM7x98UFs}z3YtIR9RMck)=t4|q5jw@IszqK+X0F*<h=ZdJ*0FX0)Wo7q{OKvwXP)8
zmYpw7aFFQ>F#a@e6_PbsxXE+VX2R{&=6JfHJ|Q-~Q&WvGGZ$ozkl7PtW=a>EDt%)f
zMvBvro&WYqLN&&P1iA51NQXGkoA3E=@^C+tKKW|90WjXYw7X_*cUDT}I7JOs?#Eh!
zCE8B07b_=#QLNuq(elX-3{1VYu>-4U439)Ei20R+6YRl|ue*>y;R0v`r_>D@D?)hG
z2}MaSaRh~~8}bvk&R`;4JcW%w+AkRaSIyRu$VlHjZ8lm5Cs$IK6hh?}FJx|!7cUYQ
z`?^psDiJ2#wv$dMUm$T3RTqE2zI!J7b*20zV_&qZhUiH{_av=j1P<}|nN&Cs)pvGY
z3$Uj`K2n~f`d~ihF9xF8wZu_%{?C=1#h$<karAx)E$k=ck}e>{_iD1$tCSoq&Zw2v
z&jRFfkT^1?W#V?Fw<BW|r{HT%ZA;0cygAWYT|IeyEH<if6MDfAHjQmNUN`B)7W{$l
zK)qg9zvXA`6l7M6c(UlZ)NH0&7E~!1i@Yy87|+b44f)ihpx#Y$m(=cOD#$st|FT6t
z`C$Bg7zDK#Qm^70jYgw!cyJ*8Z8RF0f1Ax#r}dZS!O_8Cvw6@sJorna*=aTp{{kAT
z`1rJ+h%y-drLpw4vV(ghKZQAGxZDysE4jel0fxURrs<3nQ9xOU;0Syw)U>ZCaYtd>
zds>nu$9{QIrK@*YlnN$BrJV|TM5kU{nH%C>HP!30wI@D-QcmkQH>G9UH{+E?(8qn9
z`(gkESkOf@!CR(-A>w>BTJ0xeDe@tRv<ieW#|WLxmv*VD#DpU9L1-l9anmQtS6!t`
zD%3ip9U2W6>}q1zB2g&x5r&tX+5`o4r9De!nHaa~xBJL9@<P_2;tPJSv%gn2)lRXh
zHGT3-)I6tiIn<WxhW9vN{%Cs0EBHpGPnqHL;-WtGRmLX~z?w`;;)E)dzH}D9T&3C*
z+r#^8h(m!3Z%i+lxp3c9GVkvtAg`)dWP%cvGaZBBKr1XokchdmV$#+*WiuPa!Y<u=
zpa#w~?u)&q6|dEtNG2UFVwGxvOMW%ulP_KJ1>9AhKrkLN^4%IEHRQXoQrMWxOqR<P
zx<T_1>z*sVhSGY>0kAx}>`V4FRD~&75cgNHw<4cBc_gD3-S&x#V(-z_?{cZ;_rShd
z8L4D|tCUTthQ;^hN@ioW?V@pQ+^QetQ`s00E!(<kVNdP~G&Y*(9eE5xOd?v$IRH8#
zq0}%q=C^LZ?gAvI?m?xL+~w4t`Gu*@eac%mPLZiq2gw!AfJo)ljTfj|x0>~4+Wg`i
z2}%`ikm~IGEl^oYip3M}nBX80ri;80kT5%mU{wi&zWWaRDjXnHGBM*L<7U0p`TNdJ
zoB<m9x!YCYsSYlY6NQ-F0io9t#*Yau91igv6fn9^)oc3!aclaIn)Gnn-!n{)x-eWE
zO_-)deP`#43Uvn+4&g6e#3`UB4DH1WuuDQ|9Ful*?SUnX;yFs_1-e&NI7Au-1G(`q
z0s<8B2>{Rs*sn>~!8pftKa~nicx|eLc`^-IJ)l7nyQTs{b#4#b*D-j49EKHGKPb}3
z)p!2S|Neh>{yTBZ+xc(s)-T9TTNOb}x*4UTkiqAW0!S%wu#h`4Y|6g_=a=V(T01{8
zW+L<0)+h%kn?Id2-uh0q*HSH_sb{8mC|spF=eOvN&{tia%UoYDotE?p?25=(rFV(_
z+hT)DJjgx1j<i0^Lpl`pXVWMk7D_K9*T@$RUZ^O^AC065je)+3q7rRLM4<AEdY-ha
zlJFYrUZouZud10LDF3uNr&LU<P;bNo!~kWHb1iKlSh}7iPOT2{sZfj!QG6idY-u3c
zm>8nn)QDvmFGt0{2E<RCFea>JMx?5|YS@y+h_#DeZh6IKKqA8ddT0o}e!~4mE<>41
z*xXxnm(qEeC2Oc%La?R`#3Z3uD%pK3&it^<Mi$4Z?(b!ikj6f6rIQgShm&b%Q?nC$
z0438N&rhri62~O5o>I=*#iNvfSY*UcJ#fjO?}|XdjHKwx;ub>r_4g=f9@Y=*4Ow%b
zQE$p?C-p|XE$!?d2*VB%W?|)3ak`_8&^tA7r3}b*BQlX97&^l^cOhqj<S7Q#Qpr6g
zy|VO^@+61Cg6HDkIpAT+Wc`JhbUwMM@9g{|hqrcW(y!qz5Ig#n!kr@DB2G%23hKPZ
z0?#Wym3Npjj%o7ggVK>C`Lvi<Voz3!Rsh_qJP<5+O}RM8EJD&>g46mJ$AL8VNn=Ka
z@4i@PVzr1I(^R?<B$+{U@Va3G4I>YUY#*pzSkT}q;ZX>#ldfnxtybz(V~2gdWTD7{
zBp90j7UID`dUGby)K|GS7#^WI_|$G4G!G}@Uj46f91$;kC;m|BoNLFe<KyGzQR{GT
ztF)$1=cnLs(Z?R5`>Diz`{MugKPd4R_{K#2Z?kc9c+^bme_PE)<H+iNAL8eJ2Y^bq
zi~S&Cv~mhQ?d$;Xr7ExLJUZ#?Nn|s>aW70F6~14K$E0=kUi<liN-x45d+S$DL9?1%
zO~ggz6jW-7@}X9%7>`N3QaP0wZj<Xn>=s<b4)I?RkA%X-e$a!vjVfq0n^n;2bgH1a
zXErUX1c1s}G92(<QteI6=eS(q&&6V}qV9dG<_DV|*58ajXBZT^4MfjrG}=`Xc~>xA
zS21HZN&eWCfTQa{%DN%)2z0wN62{Sf<aI@SD}$q;OOZo-m)`4x>tA1fu0+1r^*>jt
zW`iE2^yPm(SN@j0__<PzC7F02{_At)+oyJee%TY58+NlVrs%DvOrp+7b0+5M<WT;X
zo-+@RFkfcPMx$URrR5G>2x_F}kPgX>Sc2wjlpzs|(Qc&Y8xH<~?)cKKWXF?vOz_1Q
z^BQIz`cWMBbNxYX(V`Nq==CK2{j#H0Rt343Wfn?h;3M|dt(*cs@;rGZgu(D5As)kl
z9$*FQlp35?o%TVyb8^@@IBvJZT@U-$N#830^pQtn=GCjY;y`DJKH?D~5i`Ch@9`P?
z0Xo+MfeNzoD({PE+u~c)*eigZ_k&IqbPnWyjrvJy=H(OZqbg{&PO9Lb!5=v;c&5{+
zg62`H3V3Uc`pMCrrf)n`GjM68AI~BQl6kKTU^GDSt|u;y;H@5LdRdOJuWvLmYq5Y2
z*f2zNNIX|oI+^sudl+6LK|;PRvb#}b5MuY7&~z_{l~d3*8sl9!H2%KL^zx4XoogEN
znQk?bzkP<nG4!&_BfY{DnSucOgO76IH;b;P7e&%}gT<5dLFkqla}U%l-gJENTXk|{
zp$rC_)L1KNEVqhA@b)!i@SI>@h)!enE1VkQ#(N@mJ-(IrLMK&8J@b)&IYYdFP}awM
zLMoN)#UF{!F7cnD$xh>c8TUnOcjg^&t@IT!{P!@JKz4p+;_vbPr3u7j$15N9&oVbi
z{K5p<(Ex_m9`-Z5)W@Ee76$ER6*Qa2RnR;>;r!e@PO*HSe<vqMdBbKivXvI!8BW@J
zS;0`oM`H7RMZ9R_r|GH;QsrdRf?Vv4yIh>(5HeIQ%(Zjdy>TrdZbllfMqal@U-tGm
zDI1NHa7}G`96xj^3NfPTM>NO(2>A&+4eI!sLVY2gDw$QGWbMI(B@u6LG(&AJRFybY
z!vq&96Qy*YG@cEi&zBbRSx)X~kt@}p{Ggt^C)nL&lw*@o#NEk^BBMHA&d4KrcbUp2
z;=vDUyMp6^d{!+{E2z_J)+auCCX)JaHc5TlvXa_LYAdOyOKL8o;dsy`V-$+RbGfXR
zH&lw!u39aa_^T7%=Eut9cvWbcUw*DYhv9J|*cTA!l)=2X1luF*UnL~AlHN-CQ&0&|
z=pdg(K4wb`{Nr^=d>x4dRwMG8tr<_}O)K-Q%(pUsHkrRI$MUMoMD*AHe6D;tsCB;7
zU&Im}?1OFU>Ebx!VX(wWrwUF^_<!}zWL$A6%_ZOhG6Z&g;@1woc5ZJ$h-g53iVX9G
zg&WTgZn((7BPgVO<9TTt+F9svJfph7LJwe}hlL)~p$8lfrkMnkG5<l83g1381>$%C
z4jWHMkx=9m@U$g5BMf?0rdyc~%4B-0IipN(TbXWUx|QkEWx7b|wV=P=JW{?~dV`lQ
zL1P&UK$^0fmD}$i)uk=Lj}Ut%Gd*e9U3waa9)|Rlmb3TC+U>zGCqsn0>O15QM0V+B
zBXu1WJwA`{Ozg@9PKxq+7>Wgx{t9RLltAF}D?OM}iFTBcXeotwk^5RZ$K*qV2SYJe
ztwtlbtz<;qVe&WqfNruw^3VVYP-JurdU)WU(T~Lry?iQj7gbWe0--;|E_yQx*j>rJ
zf1!}%+Z(~#g6BurFSr`=@n07DP8*w}c@?|pckGHq)J`EDN<u+NJ)F#~*N8g#<|Ho7
z_e*ByE!&&<4o`ElfqitNde)kRMP`xC%Af=Xd0;E*;D*q}5pTDXzMki!5cw_&k&p;|
zj~JUzhynz2@?TzkEwbQBf8EM3c}H&7I(jHGFtP0yvA9T&lIt1Ylmq0xlX5t-X>Pwq
z+e}7r)e&)B{hsL2dv{=0U0mG%t=Nlw#^Y~F)PWfUtlV-EkMjF_phf_`eM`3_W6p%M
zkwxAs^N8wZV^&#hEI>}AA0=o^t!aM!a)|r6#U2ayw`vfjetfY%yLtGc7f6>wE!aco
z5QfMt*uvyS)yi%+U5yl+XcWoJyt&AZnUIF?z)$*q3vY2oeDxxcaydf|J|wjzaf+Ec
zs5-P{o-W>^<Gu6Kmt6Pn;O(S?R<hnh^zR_E(nZFzTqpPqGWY>flv}J)5ak}1k|=jM
z55~*Sa7jOZ*i0`?TYeFT+~wz7AcKNsDz3jn<G9y5W}{OuUrOqO8o-ocB2&(B>U?*6
z(&#r@m1_365u{AYr0;tDX0Or6KazxxnvdmH)Rth)bb}MYW@9a2Gv|(xN1GB<9&Hh*
zEC`}gm@)?+Hw!BH7%iX#lL6({fx~TbQz(XlliVy!c(`Rg7qjEqwODO<1I@;K{u~P-
z*Ekt|cZ5bHyz5334$vuQ|E|mV{}Djixx7kN4|AJ~!Q3YVWs96c!PWv=I^^^Aj3MpT
zLCZC(F%L7y@;C!5vs%n%-Y_>=joEH3jW}}?JQ;GXNFkZu=?aafCVFgHmE==HkU(k{
z!BpJUrT9<OrP1htU1Zi5X0r;Mb%7j&$Ejo!D^(7b2sAx`H8A58N-*@e=5T`UcXbnZ
znclhPn7kjh0S14NT?B9Ue-VYkX%wzkuiID*@IDj0?uPWGR;xP?1WrLGtJR$edoQHb
zorb-$e(nX>TYT&2p_RH8VJ8<Y!d?bp!|`C&(Do4Vh2S%-jO*Po^uYe;dthsUwxHEh
zRAiowk*K8pUi2LN%6q<zmiZ@y(gbHc0-W~jm6fYQYFhxo+S>@hn%UGw6ZM}N)#uU4
z)5c|Tzs&AS3Gm9?vA}D)fEU=Eq87`f778Mry|*i-auZ6jMF7}?gDfYA)`h5wCsjnd
z#Vb6-3_CCrGov=iTu6nAgUMZ&p#=jrDNbN{Q1|Nm*F_Lr&aKC~T4uXHGuTT783GeS
zRU8uLaNu)<d+B~Y9NKe4{8vU;%#@ib2`Oqe%$TB59CVz)L9K%f5X#ws5A!$(yCRZT
zOSv4|NKn+7B(DQFK&tCUhFD!7RKejAC5s#Qg#L`6D@1hqj@&B@vN*)c770l7Nx8vO
zcIQoEIDy;^$DH&!HaGCxDlCX)mIRm<&ulz3F{U|rt~{<8m`fh0g=i#~|K~sd`On(>
z_qErr!OuURjz*{1Ar>iH)s!=aLNR~1h&DlpC<@2PxAKY<3VqDvs>$ChQAq%EBd09H
z{viEb;jt5MJ5%?mc!E_Bft}%^85U9L;Ja+xZZXCY_sYAcC(n;YJrovC9tr3iQ};%c
zG_n&{K5;)xnz(gO&v~Z--a&?Z=k7VrQ6mfBb4SFI$$Pch$#a>jO8?F^i6?dvbCZ~#
ztJm8xS0{F^rq9)zZJ4XKAD;6RO_N(cJ`~{iVJ?Ygr>tPgKBiS7Gjh}ryDsuq1L1%9
z^`o5`eWN6KQg+r9qy4nny)eyAJDG9LuI?UU%E%yuqwc>W=rio0-A0{LbLP0JuHKYm
zCAie>-K$sr`toxnt;^nm`~n`T>Nuwf4yMA^l)5=XT7h|!^UM)}6|2i%P3PH(6MSMP
zc)KU~^|BLuVkdZ$6YL_&u&;?KYE+j`_M6!!d-jYjiOc>r&*Id0*ws#89$Kz}cYj>*
zbY?>^p4fao?8f@jVs_h1@bJ0xjKCfO7ixY0N9R;jV*eOIpY~BGVvDn>Y&k9Rl$gn?
zDqq<FlPzM!D^4fBdzJGDHWT1!kC_QH+7dHcOD8QXayM!=S_c`IqvQFlYiqQW71x}Z
z*;JN42+nz?nS7{>3u!Yn$Jy}X$9Lst!-|8l$x5Hx>9ABAR>*UcG%bznC=O4Wt;88I
z-|1OSjL%H{GJ`&4zy4x>wWso|K4tN9`9%MJO1&<+4RDCM%Dqe0j=zq2DD)9Slw$!Q
z$Mb+-Ug<6c`;bt!2Wmjn+*^57nF2}9KR6);$>17wJ;W&To$xMTT?d6s(nQu%FP8o#
zZe|l9K}PhyLLtL_>_CRV8~(k!G6B!=fFMN|4hA6_z-(!}0<pfMzRkPLmm<I4k?&Nf
zGejf!8w#l^7=I`)bEzTsYZY=D*Sr^PD(AeoWrjw92O0JUv9PLmm@;Ecnj$Rrp)G_H
z=SkdJF`_UYDB6BBnm5IJ>}K^EG6*iy;KIlhUI0CWf1V^WA5DDKEdKxR2!+B6JSghB
zLHK6s>Hytlc1BZB>W*Y(ddl_5)2Zhx^%rJ4Q)qmam7Fng|JLooRK{WxX-vgw#ni{X
z<3%nyD@@_7XXb<6HO$6Fk;ia>Z<n4gzvv}nx(X*re6lMY`lcrB9zr^-f})em-hxwH
z5WLLbK+GfkAKk}F`fhG8{95tDY5~d78aE<}KFWp)k>V3wRc0+wekz@3ab-`mYh7da
z<=)t-<tKWQa?Q4DZ|m3IVykXL>upx`PI_Gi#I>t(QU|wtt>!&tr!LgI1L=xZX`Ebf
z=_NW%lld*t_b<72TidaA#lK&6)WVSg4>2N-i@cDVT2s4k>pCvvrjmLsz|OVMN2!+;
zNxJ&fWu7<naYFoV#{E><<{zz5@_Wbly=nf@ZkTrrC-au^d()LH@<oq<pAk)zKJ6=J
z!-r<W=2uz=<{w57+mUPbSNA1FzCVcw^{MniazoWtZe+^&>FtOA2ke9R0GQtME0NGI
z8X-`XadJf4`SzF9{DjbVhA6C!h>sZwu|L@FV-L}N#S=C0{e8ubwITFf5Bq~!fI@LR
z_Z?LKgA#wzHyVvb<M7}>{M%?WGXEYnjygwwX&xLM95$N=jl+Y#G+Ld5gT`M#V?|?}
z_!ChE!@o3^{#JHykK{*jcDIZDAY#VxR<l)CY{fW41^1xu69zTM#YTh7sXwEM>P6UN
zZ~dIECN0`(HSkji`_PA=R!a*?<QK;3CW0?-?{SEqt~AxCf>yIx1+7k}3bJJ&v~W91
zh6nx&oOvkB1{owLbvo=37`g>II`OZP;X+Rz;y}mG=>4}a{bXg}BPR4qCx^`geJzB+
z@M9dZr${Jm5s419f*Dc@t5eYI9JiVWhn>U2c3as)a<+;}0DY9&&(pzGg&8|bqSnjf
z)=MMTXGJy{@_i%>dO~#w7`#S4=#vnL4NKU|qJXjx!4VMQEFlGq02N#dAW&PHc#<OD
z6_=#V&HQ9G*QdJlQwUuwL7zFiB12T(6jhK^K5vf7)aA>mw_N03N{wiqm|{7cn0+n?
zeUHQ2^Cs`obn<0E?qy-_WucVi(dlNGWhU)|Ih=wZ^-P$$Ir>~wdZxym0b1{~d(yj@
zRSJ7j9?YH#XK!Wi6ir=eNc)ta_6cF_Wr6LJL)%NN3hCW^vcJ%0AAm-^Q|15CXr%mW
z_QZ7ngnxqk6@Z0(iF5-Xw$Z=*4=@c4`T<egR{pWa|JnQO=gdK+{u~9i1f#rsJau_5
ztJGqdpLQoR5bqI^?xdV{Kdg>+Cr@<Yot%_X?<_^V`1jN~v&<G*=BA?VT%bYGxxOs-
zfO*uBa#{;qeTD$pQ2e4y1m)QV3Ux-gj04zr@ff=iEK#TwXBH^TEifUwKzV+FvJ3+g
z1Y<tSK)TEMOanRIFk<*~tEnV{zdVM&G>X48j=v<5e=<K$$~&;}eiw35J`X{8CV~mM
z2$JTD)sEW=zK2LcZyF$<0pf#D<enCsJw!2>2K|tX#FY#l-yF)$Tv`%lA6S^Ju3MP>
zh+(#J2Yw*9Q<|i63K*K~@bgGv`oog`$>H?vCEsHM>c46U9Sd)Z(Je+V?6bw_+lbLO
zt*t&@97eaN!{|w=S|12zmlr#=82s5_@C2*`kPTO)R&+?@F9%lU!76j(==*!X2b*=B
z-+oM^Ys`;Djd?z6=a3C8rdcnh$rqI0I6knr=JDd1jPCJA5&{IBq1=*4Pbd`KD!`0_
z5ppr~6J=xRQD);h$0fkhu?0&OEG4AeX0TME_sQuit6&i@wJo}z=Yyx-PugECys|1I
z3#~HEKPqT-9?LC2`rzPJx>9y-Z(~NM0FH=10MPT2YxQl?LdCiA=SNn}RJ}tBtyT-I
z0Hokg6cP)uRtm9F+9<GSa<)VPRf3fyU}KO)>ei=&TIWms1xHZ=Kke;-eeiIdQQx#M
ztq7*Y`J+S)H-V=uIC~gyruHR~yk)E4j)iGY2Bwv1z}OIp9hmgZ6Pnb3Z=C{cDV)}_
zIBjh>&Em67;<GZHmXV}0i-s%|n#HS0Xs8_G(`bZTi-xSK%3`2Q^V^MqHmz5Rlfy28
zS7wODwRpwi6?J<H{F@%st*M$k5o?$X1yi-uP6v8-0#{Yldk^Oa1@7;4UmqPL%4mnI
zZ&W-k>l<ZJQMP%DisYpdHO>;S=;XwrB8!R=Qf@OUiZPL}rOe@+q${j|IbcwXbM`*_
zd%(~h?SoW5=Iw@nV~ckr?nfSFmDSIA*l^DolvHzveeyp9(dVhCGphrdBDA)jstCwZ
z@@99LLK1lB(E-x4F$&?p$Qr<jXaVWN08$q@y*q|1CbgI}b?32Q(!8dw-C7)y9!`g(
zHlK%lz@p04qRQ!LPG8c-{jMj=#hXUL1>oJ@0>E-=SC+$?+lnxuL@F~T#@H5o^{bhC
z2|Ea=$+FPOT0e7rezuru$M}R<Dl180pR1PDYUvxfdRf_uS!T^FBX51aZr0Qs+Qk(o
zrq|D!RzWMXLJBHLOs}Igt&&!zmKFfUoph;;$rZKAN;H%dX_#17Yf|aLlByr+SxA#@
z7Kkid`uf<%+M{p2x){YpE6S#9LirDKLNAqU$QJ@BF9kBO7)WV3ki`pvln#8(#Xzrd
z@N4K@-uX^3{?66(m{!%JyyQzsWseE9JxZ&4lqHr=Rr$!)`7o<qq)L6H-_Ml$m{RZ~
zUGgJS^dnRDBVG6-U6dnJmLpUCBVDH>T>``?0+Ow^Tu=yP+E>$`IZS^h{Z+FlNV+UY
zx-f`Y8l-5#iVB1jl?c%(EPmFRbI+6N8~P<xF67{+AA8ro(0|1eC{;9MCs+TWwEl;>
zvF~^hWhm5t*VNxNpSXxlE&U;WCfENsI6Ue!GW9<W4jOG+|KlNkII9=d@t9D%v#^54
zjP*Ops&^FYx96(dF>Bq9@~R!#(n$qnIg+9r8oXvpatO&QRY@(Oy~-5Z$d=lOH`|Q%
zF6r<6y*%DJ=-W5m@9)}2Cr554R}{2R$ycW0D^c*xREHfS&wVAz$fY~#qCSi~mc!&u
zM41pr_umRnR3xRE$qh>>6C0@uMXJQ|I`Buv*KRU(;fu<^H*%erq&ify9sgONH7wQ{
zmTL@)^@YXSLVak;>7j~Mg~f`(WTZt(!eSNS6b0b~C0`}*q5<}kV^rm+-ZWCRmZ<<s
z6oBRGzlqAfQq^Cv;%}1LZ}tk@O;7`HJlMrT%XZ%t#bmqPm;d=(;WD-B1W~L(6Epbr
z2Kz3#q2i7JH{$Z=N_9kB^zw5ByB_*n`S$5=-7ar4Mr+!hsCSP{nWIvzSb;^+*nqO2
zJ7-laD0W?}?<&)FmFl`mHC+j0dUgIQ_?2M~|Cz4WU8vkDQ*9L$qnxJJO8BQ(rB$HN
zDphBdDYJ@IS;dO10yS3B#k>kDt-nu-+^5e{(_<V<^+aV_BDK*~nwit4*yt*a%%QD7
zJ5+XZpQO)Pw3m6UW1$|axSu(;$m_4lv{$9Nt8eC+!Xk+@k}zJ(sL4i<@xx3`f2Kuw
zrFZuMj<P!bls2RCjzITQXY>W^npEAZq+a=!ZlMx{BtRj<S^aWK#kmOpbi4up)V2V~
z0-)&th(@Dbfpk0q-46KWg2SOM=Ujnqb~W6gca)(~S5@pIVfWt=icr@Rz2%&@DtJ@I
z$<vWeiRdXDX>-w$Hdj2-=By+AOnqZ;W#1ERY}?kvnK%>Mwrx#p+nFR2b0&6fY?~AF
z#<qQ5e*dah?|nMmyH1@Cd)MA)ukO{WP3DrB`OBv?W^7##ZTy?4!G3!Z=2+NI;&e?1
z8@8Z4>jc??S9JGyYiQj$Ln~kPiV7e;SkAi-%^LqNsL(C-2f#K+a_(Kmu#v#4JNq0o
z>&V*qXC*i<ppcZ}!59W#I=#t$uV}@*+k_VAY?3`AEcIxJ1gseA{Utn5F~*2cPiM{v
z)A9#eSb8J`4N=q*lDvaW8EuP66+Rg())zOvKJ@c7e<m#nZK>2KFrx6x)aN66G)@`x
zb~Mh7so-T!mIM_zXfH*hx_xnOsrUSPQuSENQu@$y<zM5M9b_JdGA`VI@WZ+hU<{id
zdUE~6Q^3IjM~q>lYbda0h;xn&DiZt8%bJ3toyT{cBv%%VDqv6vabu;wrrm`T>(qc_
zx3o5vXwF51+HBH3`%cvc&t^7i6hq&Me9vnBk{f6nu)Z}cvb_Fb#JHl1x$;V$VmqnZ
zOLITpUv&fqaKWjQa9&Ct(!sHsiUs%$I!ccw{|ddvb63HmS2m{e;=gr|TdDipt(42L
z!&)-(yYQWTO4bUzSqvsQ1l{+)#%B6;^YTRhC<Kp5)aDKnEjj6KHAqHK_Z%6SHUi!G
ze?XTc^%Z>X+I<W;9gz<99AQZ?qxUpKc_O}rzQ$fH9|s1Icff5$k<{QnTO3Kx+vt_Z
z+?!=v$>13;@0$G1r@|4<Phed~P^3UVOCAMUD!!H-bK){|>0&dqk;8Kd$gq*NW$>}O
zaY{KX^V=Bu5MwZhT4t9nGwhW(WRzuO??$iHe2dYssp0hjH1Murw23FrG$)7do@9y<
zeY8@`CZoF4^o{&i8(iO>?2cbl<v4gMS>-4WGT2X_=hqhIcCmM-)Z}g`bEJadi5N3?
zzoxOO^sdmhw0KR7%#Wb0JzasZw{dV>I(%ICd5~bsmEU-$Y&czfE^l?sFh0dg&Z7BK
zbJ~WNm)2^3(wt@HuSd@BSXURCX?2q6=ZZ`dcNduH-PG7{cwE~3tx1|qS&Q%TM{Em(
zl6=u7x4JaJJA?P(mbd-tr~T@?{j&4Yxz;5r@(1c1m^fM9P*djNKP&q0rQH#Pn_hQc
z?Z2;+tiaZqcMH_L1-C}Yo)o2gU?1*R$~Z|=-WYYz-Q>UOaDagJnV|id)c3$IprJ_v
zGU{+&Xm|mU?2a6Q)|cJ`HM8q|93m9XtkUq6$g6=^?!nq*>?95?%t#}a*K+PFk~{pd
ze{3IkO~ChtIB5<6na_-t^%)W$RX;F+MOpV5I;Ek%Fuv7CnET2hm+0_iC>+e|Ir1E&
zn5i9>vk3UKwz^ACQ1l;#!?jSNj9T^sl+WtT`}JflJ4&mh8gwo-Ly@cK#~@%4iFSJ&
zZuyLV4!9~Aw)mf%=5eIfXP*2cZWcb|g}{&1vNz<7)oLcHwWqJ$*i9yyHE@TT8YoH7
zbK9rT+4v1xxpMBzr8*=^ERc(Hy0YPjb7qgaw7Mzo(qhC6cH{Zfi^m%m))C(&aP3*w
z(TC*pg2F_o!QiUKlsH~8IkSdw%*ZZr2Ip<~frMQ)k8|TfpIN|3>#k?)vy{E+;C`1P
zbHx=3TykM-%;PtixSnZmXs^zTR9~z6#hXQ$zRtnCmL;QWCfUMSH@p9mNtw9b__9jF
z+ZcgFXP1#B^EKDbzJ>%y*#lFyta+(01D3{sFE7}^;@Pa)cz{Mn@7vUo28%spH(=?T
zU9QjR%JiWMz<VK2nuOE4hbnMQKXX2BcxK_<$sd)x85rxgEOtlb&mKT?6lh1ni2`^5
zX2mOx90vMEk@oFi<EqdOn&M)*XiYYox7qu!w~1M#WE6*)y>91?U8~duYs@Rr9ab&&
z`ufG{D_7!Y@=tP*6qg3Fia-`P4R8NZncBqu?7{ckUJwJy@~OKW!@h0<$Kvj2s*%8;
z5x~H{Czr3HBB*96Qv_xZb7wzD3LLoTdkI6e*)yt@sJ0Z-G%7dZ&y?FBBZRs3jV{O?
zp2(bw8?<4<=l6E_x)CNNk!w+{W56D#=Q9Mxf}ZuuZ-GXiQU)BRxT^7OQM+huvD~`t
zeBFP`NaUzLiOJgHN@yj~Q@)S76oB9xGJ-i>8}$+ZSrS!gU0i8Rx-&^lzmFo`M;d59
zmTw7#o%;vH6%r#I&;Bl}6{RSx=-NC4*U>iBNDsFE1r~dD188DCFxb9s`nS`bd2mz8
zcpfHbUU+SGMXTAYP*%5yN@13iyStySaF2$ZAn`J6GT_jsvBDr<dbJR`?xyhM(qux9
z*re?9PXdA#9zPA9_g1jT78FbVT@t1K9f#NfCY1bSN1VtRN!tHxBkn0il>B^4oJc*Q
zZW3JqL!#+xIGL-q)HXe?R989c{LwRLM_BKXP(O^<v3c(K4TbDhdoG^~BeWDDU)3l9
zxUf=Dt=CQY-dK&KeBk*zegJH>?aiD-Kr>#ZQ=aXLXXmJdRX;8FMP}-s(*`J}-E`1j
z{6jtL>mE%J%ZEzmiq{exz{!lt;au{=39Hc(GX}ca931@F$7m$-qsaJmC5>3pUm6)z
z@7qtbnF}js5GpP-NgE+~{?q~d_aV?9*V*w!kevrg6=+24UH%&6MLg5|09BtywvJ$%
zB2X@eZ+>jZdzTh_QsH%ZU{yZ(?FK%xXSKLf7{d_YbNq0f{s7AsNRrW)mu~3}ALCDE
zPf{enhJA(+_C{=4vVbySN1sRfvK6-Dx8UnyyG$MRBsUmvVzl)#eQq1@@(w7?QLPn}
zvN*?3pC@=f!1|ouE{85LKImQGleUM2)iJgW{_+!p{ctjLjoZP;b&OwEg3BN9GHkb}
zr`@pkOJ3*J8(bx;ASyjXBaf_rd2^qYIK!s!U^MH2>$x6)lz5O6F^TTmmDoGhTHusE
z{?fVKRJUHZYGWLRq0T0_<t7?*7;`S7a7*^>t8UFlI8wimNq`$l)M86@<X#o|%6n$)
zf#w*&d?Kt8J(o>*$5II2giS}{re{@Npj_tg<&PN;;5X$x{+&&$SQMhE$G;B8+q{lq
z<i9qH3?jupG5P@EM+x?4w)4I#Ip(<Sm^e_W%2&ZCq$#VlW~)xnNVoQdy)n)8N4xwg
zl05mW*+M4pukozKXNa2tEP8<rg8&_f-{eO7MsNGWMwkx)Y1Kj+yUDD0qJa)}SGbGs
zYSdpPjrMi`))ma&-(}!>Q!=zcV!jY{v_Tqkb9rDmR5=3RE0{q7;QWfWtN%T}9FeS5
zMX)8ZbjrN}ynWrslxaw*nHzqxJ<LPPf^YD~zwP}+CbDnanno@koL46!TE^@>>{spK
zxqKZ*hAiNp^g|uBB!o~x43U#vKbG=gxuUgt*BQO?n-kZG{eEDTUWCg0c#hueyFmFg
z4g>snPFd}95WWcu+WnTd#zpvou{w%-9TMmgJvNVCUXJG|k#~gK-t{a0Ww!^GJUXN;
zw6}CHkd%ms^ZO03`Z0J4^g$++vfC553vdYSZIObu5A6j!tJ+IfR>K>uG*+X5TCowh
z(ER-Et<KbILSj%aLOC5^8+>Op>DV1uTQ_}|6o*C{pR_?KMCe~7&7rJwj`+AIJz-AE
zqDP6kCocoE-Kx(_A89fpImLu6f-H&8L1v*-%fmSH(EC#T1y7B}LkQf}nQ<in<XqX!
zu&bL^KN5JjW~VL%J)XcHlK{|>L}%tk{px%n7EI-}2txJvDY3|bz+ddq4+DX8T;59r
zvl<t6GgEBMNj_Xe0np-&Y&UXhvoOOf3SxxYUHr%n5y2MUo}>2mFI4(q{2cJPSO4_W
zm)j&FOeoKgV4tg)5YkyEB0QGWL31=pg<JWl*Ch|Ji}(EQ_*mQC#fHM2Inwx0-;14!
z8Yv>%%OaasL*UHg{7ipl{7+^`7w;vf%vBs*DH`NJ)SQ+1415fZ2l;2@?>+;)n)||Y
zF04qQJE3iBjz~VT&qWNHVBHG`zAlRY>6MB4fM8F47Cgb8_}54$t3!PeC4wF<uTpCL
z-(W7U>Xq>CiSIAgb7rr^I8F=Ek_4X(9x;qb-(~06l?hz)RxKm4@bsSKcYVZ0XC1+<
z!bi!wLj@KjOr%BEEW$*bG*R9b@cmcUA-jImRpOT-K<rMtOn&!9-T=Z5=4Kx;s~@rL
zV<30#P=eJyv!O#pfl4CZ>~mOJa<Q{9ySnmZa?acg{p988_$Ndnu=6=F9XZ?W6*!6n
zL$4K4C_u!8aP9_Jbvv?s`~M~f>-Rv{)4|J~t~mUTIYw*MGVixYrZkZm-@n7{l)YWS
zy(0Nqx2RlkRFL6Vz)OAWju9n?ZcjyoPWSLlc8y<Ay^Rx6h9+6dmZ-?}B-sAU>-o+N
zX*kXtDhS`F7a@tI|J`e3#^o22r*D~(D3lM}8zfp$pj6cN{mbAx#l2OyR)?e2&}jNp
zD>NJJQ2_1w6o8g+dlhp6pf>=(Y~q+9qo~cWQfkh&QsU|b(Ehe+3A6ga<-szNHS2z)
zQPeE^?92t7VBTXPkNZAbzH&L~-Un?yq=`6TiaKK&IkR~rFkqMr91$!L+efe~!0~q-
z>x4C}G}^0ypuVW$v)X%i<50<+x99hd$dbyZ)V9B4b@g_i_Le51+StHeJC8Jn!f>!d
zb|bKdo3;qSIM)GhWkT}hUnM@oe;%0pGr5WpVPKffo@=7SIFOaQLK2Z%HfkdX8JO+O
z!MomHC&%DoX}p3tQ71{;9ATnFWBW5}X6zg7&IB4;H-gr7G=N-TI-ICie=UcYFrFjS
z=yyF>p8j((%^K<77J8RWB?Q{n(0dYB4iyZhl!Scg5v&7KTP`$h4zu?eFaR2~`Q^XB
zT`QM&rOHkI$t93oGoJz>=nhRN{6<K~#3LBu_B=G8nU3wk74=i5sCQ8_Rq;k&8``r*
zzp;JQEp5{xtA(14>kP%g?z1`-s5y!^k1C)<AHQ(wQ3b6grLgXEUIHK{z|}jSapd!u
z_pW%|lKMIA^{DX~!y`@Yq^q(R>(|k|Fl2`N*8INJ?lnzQZIBhlrFOAFbvNdN`7W6G
z-st^r^>1Tr@|0zfL7a28bS@vUv5s{UHUYMt-hwCtVs&$jIgYN5wMF6LAF_?TP|YRp
zpQ1HaW0Kg}lK#;gr+4d>dHM(sjq}>$^C~Jw-wqT4>4nrjgd)wu?nyb_X{v5w0dFCS
zkD#yk3@TsS`_)Cl1IRCmw3}M}D^Wm0@ug|!#rXLwNZ}EJ;KCLv(D&eftWxi(2_tCg
zWI&liea1qcaB$m6EVOF^(j_ViH=cg|HN37aE3E#hS#V3IVUk+TLjM(cS$V(2EHjag
zM!^5WI>=n)b6yUMpn)x_VA5)}ua2ejAU;08X!GM@BJ;d%__ONqop7JmJZ!(FmLRJ9
z@c&Z0Cc^MFh<1~&VUP7uMKNA#cvHqcfUV{eqf*|q)z4*Np(Gm@92EuL3l$+>j4zH;
zTB#DGl*Gn0DUDhCT=hPYP$5@8)oY}{E>|*;-GY*7wj~lI`@{}EDx!RoIwSLxMK(dQ
zw0-WMUNM%kfVjvsOyTcY;BhcE*6R3udICSDBHD^1SC+XaC)}hRU8GC<BZ$<{X8cEz
zk*5Cj`t1r}$((5r0svyP11KYEtvh7P_h>tP%4j9t8*q*cHe9^&pZE9(BeN6C?(#wf
z=PT@li4-<y#(~!=4Vr*sAD`7yOCw0hU>I=9phCUh5I=8moZ79uvAA$V16hmfsSJi%
zi1OpMFYHFQdHcGxYldaZoiU;buc8^c572;8C}NJ(50g@#2S^f-qB^9&k`^lW8>wA@
z+<U2Y!~C<+@CVuf5PezJ2z?+BH5A@F5!`;?+XjMd^=3Ts12Bn<(Zd?-!4b666#0P!
ze5gO_+Wk?GLDFs1^hHRtC(#nQdk%Bbp4wZ;TS^>6r<~C0v;YvV%Evkt(q5=T#<)s+
zr3}#CRvC6BD1|7=5bo!{^`Dr595EMqnTb$6>Z6=HuVMf)Efc6Tf<IN3;fr`KwV~|&
zyZXB29LriMDcT1QX3|chT8|Ho5Inl5)_yvnc5XAU2*8gy(h?|3JuFbd2x(=-|H>8;
zjfAJ*Qfm=gz}5cyE7Ny83C_SqKI6q}VsD|6$fKfn6vC#pIv0cxV6id~h|rswK85uL
zi3(4s<fr6Z-L{oD^}u|oXm}Oo*>l_ARn8sL5>;+z!2c|A!K;WBq5rBaog9IMBVbSN
z!()gcK%{+NKnOVQD~cSNg^ZVkt~2@n14JP87S9p1_#Mc?O=B;qdPso}HzD!UZv%QB
zs_R9q(j^A8K*x=JOlZohAyy_5Z%MDg3LX+fX&VyeXw?Kp*|~U~R8y64Q#uPz&-76E
zVA3#)vxM&)-_b_8Vux2m0zYPsWToNG=4*upX5HDkKH~$47D3FcV=TBq&mF$TajkVg
zhx3cz9>}@IVNw!&xbr?E&UMmQORu+%)!#h<e3c((6E+`LzSO{N?J_SgEKu7LINk*d
zXHdLwExIYWhw20jKN^*9{7DnEIU;03h#pRIHG1;PpwwBAS+TX9zZaujaIR&LKql0P
zi!tLEo&DSj%`Bd?v~^Szh5S-;hW!~E{s<vM1J4Jior}-kwcPJtQX0JG%-6H^+kGLh
zh$NcuBq+ZjQJD})+{|$JwXf@-yjl}{${4mGa6`~9L}w^bu;LMO$Vy%f=_yOPoNLVt
z3<GL-MDD*>sD6{rq*RlU_4eF`Xf$kyc#Os?roCkM(KAqN=Kku3Vo0<&tjEJ#;CM8m
z;Y;tzg%*YV17hJCd`VUFz=Px<qzik~2Miob?F{f{D9eoSd7L?U4#wHpcn9LyIz^g9
zNNf28nG9)D@TM@o57%OZRND~l`)B3QMMW?~LPmRKyPt^0VoSX4iYv3tbt2rBCZXZT
zt^*N^&u+5CgJN&Z%=-lN9qo!nt5OhAe?!YOinKY*=g?L#I2LsOaW4#Gj>PMH4a`Q&
z&RSCFlVF~EN$TPqn@Ahkq&nwUEs-F(elOV-<@1Yt2PZ6X-+kw!_wma*Hj;EKl};Ir
z3LoUfi37?TJbw#gJ`7_YbZtB5pB$aG$?VLk?mQo?iG7zl3C=Apt}0tQrt(jX4w)AS
z-V^DADbW)CoQB)NF&GNyTl@uQ+Q;xxYO%HaZz}1kyis`e58?UvBB#vz5tOOy-{WT+
zo>9nM{g;qGK7cJYYRX6a{O72w`iWbgfUj!34mxpD&r9FI6}-QcA1vkWRtSu+*lZXU
zvu)G<;aB$HE<hRh^lomzwYC{eWsiGD=TyyBYtK0ong#2iqobS4!CPuy(c%vSb#qsn
zO4FFMuUb&-^UOhgbf!Kx(~vFVl{E8Fnry>g4X!FzpCreMK~6x~sOJHywp5HB7@_ML
z5Z#;!Lg(!nu64op8cV}gqTK+LOG{I+XPl&s*p%w6><$8?<ZR$F9lVa^I*y*M)*tZm
z4zIXPIG;8OPBv3CUc(fWjeflxbmFejw%_M=D4|z<wpN(D<?&~yt;yc)UQP*5+Yrf~
zuuinZ$u47b;`Legx7$avvdms9l%b?#5--MP<hK7l5-b!h8`uiU<umWoP+qDWTGQJ!
z0@L$7j(0?o<FJ>3Uv+%{!h^eYuA619f4i$1V0AVzdI7c_$gh{IgK)QR4lsRp>6E9&
z`Dm%3KbBY}PEfU-c`;k#{Qa1^^|8A*IBWqc|4b+1jVE$q=Zdx)1n~85SB3tN0@7se
zFE~wS&`=}J8<Z8b^<P_mmX8xZNvn=v(-```m+!@VAE`#Z8^<>q3oA`7?QfQw5iMDS
zSW6XMDrP&GY}CsQ)gnjNYS|*m%BpRK+F^KNkG;Yje2P%gLRr;4?@?wUMR{{F5o!BR
zyC6ou6lQXBk|tL%9E6><mv~n|D1!SIN>qU5wGOuKMK%81LYUHPp^v?IogtbqxKzIM
zEu@fr(!hc>bzL5(4B165d#jI(_z@1tAnVC|XXLv|>vg?+;E6n`QueX_wpE|}8K!#3
zq)Za?9o>kqAB|Pj?WX5;l@tXGv-z0PwIDOn>niB{s1`yV97>4N2`Yyi3E!EQ{TEo9
z{^04+D%$r?b74niIwyZw#gXlFu<)eh>xs*x`k=haD^ylO$*y)W$u}7XAc4vZw!wO3
zXv;34fOIlq6zU3EFkJzoxHFWXfs}wc`xa(oqz$Rts5RD0#^wcTGIvEZ`agdhibkQ3
z6`&R_!ul3_d4Iko+MCOHr`7QFUhM*Jd|)f2ZN0`&XjWCQ)Fs{5j`Tkk0~6RqrSm`!
z3Zj6K7V172MuNzp3uAn-{0+xG|Ko0p1Wxo8)+OWkI*|&B5`!Yh|C<i$4ev+feu*(Y
z_<uS^e+x)|#mmcKLy?4FeJPD|hcMO#2)<p<XM6U%tCP0nB)#i)v({w6p%+K%2OU7X
z{Y5+&cfxt({}?5KQxT?fdZ@_>P<AG#C8z8~Csf5Mg77(vyps{y#~3+IIt@QY@4@u6
z+o%9uQU(Sp-Iu5aHA%8|dc^Bq0BP*tRK4pb(9g{avVa@mcLf_Oo>=;$X>Lx$;}hr8
zY7pd|I84RVvMOUw_I;kNp>c~6<y}U;>^R3SV62-2Gl=6U*`lJvobs#019i(uBF>pO
zY7w3u!Dw<0cljQ>m69SK;`X?jTHNCa+-h2|$6S!e$X|NmRN;NUUi-@F_lGz~=dnjq
zmLbmd5xbIobWV}gj76V#A6dSO_!XN4LC>?a{Nn;yC;S5b7`{@tOY|7%G|Ms7{j#-G
zcVbC!NeXLt8Rol9x%{lT>;sD3jXzCzrbyc?0|EYX@2O~967~k?UAVspE7Td_jXvcU
z+T@nKmVX>1#VJ>RbBZ^MIA1BcT7PG6`h0u%`R<F%Hd6gEDB<?Fd!=^P(}J3ag8Kad
zs23@vpa=TOSzeYd1<uF~7={TvF3rG2-tSas#_m{GTgD*n<3jaNQ?R;X{}@z~YX7=#
zF4}8~RL+-&92zD|^UFm*{*M@A-l%Q*Ek~cG4ng$cu)-6FBh{!=xoL%zA`^IZ)#P)t
z&izx;jx?93Etel}Jpl1glmNq~!u~Jwq*Vp~I8jOI5bM6(-HdUWd?Qu%&)^9Og__N!
zXXS_?&DYmIT#Wy$8yWo0+E_1Mqc)SS+t0lG*gRoPw%x?`$@nE}IBcXnU*CkJuMUo4
zcxG>Laj#3cDd$Tv7rd-`|ChD^ck-{Za}@ENSYIo_488?6hk^Bo+jAk<$Koz4;U3ir
z`=BkY00hluP{EnF3ir2kMx%Zq|JH9Sw&L8};L@An>MuvmAd17Ck{q=E9#ApSh+-<N
zcCr~Qy>9#HSTtPL`PFXa3w@8-Czf+}7Za92k;5yGvW|PzQdf$ZI$zJyu@WNH!y)AC
zR$8hQNCXpr!Jo4e{7_uJkV&Ex(5Yhyo{8z5JR|L;{=}S0+~JBgRxf3;)tQDC$Q^*S
zmp#^VHtmc4%HLTiO|$r;^9C9pbf(<_#=MJX;6~`qRbj*;^o!@Cu8fmUGa(^f^k*wU
z({nFJvKssY7XKz@(nvghYP|xm!e+;e1@7#`jytw|x|`_;&`BZEi!|DCy8fB&2Sk!d
zph{l0^)%D94MhgY+>aEG@wwuWP<9zI66vc(r%B4|MfNZ%Hu9(df&7Y-1ki~%LD9sB
zm`w6H%XDSi;%L8ul#l0X#3U&vP00X)1Iul%R9?kBt(Nmfj%BQH{O>`K0x7_3Qfwyf
zNx{J_$b?&|o3>S$7u#+ToJ1Dk?%0pMijkkp*|`p6wJlHshP{H2K5#e#x=0<^AB}jA
zyv8e4GOp-faRs)jp*mONm2U_<#g{RDcw5zrv1hyQ*sVeK;1fqxD~>U@ECQ<K=dMw)
z|Is}U(gUmf&x!8GlInGA>X>we1YB_#n4;4NsI{Z3mdzZ#{pHA>$(2xP$B!){*)r{f
zi{oox9q%tYVYQ9=Mj48h&<;u{n5m2OAbdzkp_jHx72o|sc<lamKkeD>h!qo5%ER4*
zrKkojiS5<4QRa&0I<p0S^N}W2<y|%#I?Z`&P)xmv_RSE)ib~xKZ5?f{oZh)!i@nIW
zuZ!W*G!8a#*e44=BS5QcaVN=t)rr2INm<1DCQ5S=GJVp3+PV+fK^hf%Y-mCeK_wsP
z!xz!E2Re#*PZv_#1^u|Nq{RdQ&)synK0)LG_U|CRJ&**)Y{(6WtI7yiXY%p5(tR=V
z*c9<l%a{}xOZlXQTlrP2>qwa66nY29^?QZAIvuW?)*RYcU-3jtTd1}|PAeJiX2HL3
z99Yk<*=X6hKzy8!d6KG{s8c!96cvgud*B=?uci9#zb-bnOyt+y?tI6jHN5id0vO=p
zvik9A6TC(VW6Nc~vD+wx$<^I1d^05#QA>~Gx7P<`KzIs>dcM?<a9c-nM8s@?3DC*N
z2#>}=UIVj_g&{>G&=&;rT}?V;N~|~3P=EN%&|;6*g#0IOm)IgXPU1Tk+?r@6Q|R}^
z?{Kg9QUXrAXbmRQ43Xkolit}PiO8<aCeupflWqK+ytpfV#%Gf(x9nQ)PY-O>yyjSF
zq%U#P`tSj=@1A?db(zs1K_2_{*DKUpv%Q{Wd=OJ$;NSx=Kh|YHGDdH6SS;JdI4I44
zQXG_kX2Jd&vJ4`!HMTUOtLLaT@a?heG&nD}2Rc1Ods`G^LYHgFW_9HkWrM)@I!E1W
zceSk}WyjtG&YC?#V;lL-Lk}fZVNEOqS7+h_G#_l7m>&+tjF^c7ls}K~&XFv(^W4*|
z>yX6PpH_0zs*NDyHgiY;`{%?q=hcdC1q37aGuurOdQm0Gi&Mj@cZ5J`?VZa2%2#J`
zSk=Z`-ku~TqoTG$KSkJ+1DIOVdrg5`xz%(2fq<@H6R{EUxl?b0_)qy}K~(fDek$~&
zs~Ca6#eu*-Yq?h2LW29f22qlOMvwzNILI?&S3&~E{Z>hZ0sGY^*Xb1}ypf<gm`9(4
z#=UI2)w>tmtqGP%vA7n!qAM?KO!Q-wcU0PTqF4=I{v|N1Z06}s$0m}*UJg^t8Exo(
zF?uwfsAHJH3zssiIcE2W(Rlv-tsh^41-R!dLRy2czhyLvWGMovwpIO&Clttz1{V#6
zKEd=6PPM6wlY=B6aNt)aX>j29ImxzB>jKw@KFP#WJusU@wYK0ycgqL`UBWId4Xw4p
zvcTI{NcY_k<*c#AL+#iI7}=%?qgG`{UOMcZnKVNzhVg5Ba(0OJa^}gl$<8lKf$->m
zt%Fr6uPp^Uj(O;e%c>mvW8hp$x*Krx`eMEn_4h8zCFLJT9dZ-e-^N{QVqoK)4rsyS
zUznKqThN?)o5)Qga@~(b2nsyTmIjIoV7*3>cc+{=XGc?$#!|SJ;0Ee5e_9>NCZ+5J
z>PkgMuD&K-D8BU$gZKv%<3T!B?}-I7I7@+kH3STVOJ<y!>o`k*U&eV%Ee5OC#Dv{|
zp^wS>h^dy^+V!%W2Qo~;G_&L}vxIRS8^&oa7+@9izNMU*z2=UE!rVUohBe(3XlAR!
zvnAf_E#wF|S1LTQ$nB9JBNIS9=jM~}Lq_93lcc+T-u+e6);ubVs_|P0a*~I7wC@z?
zj_D|6vVS;~Orp#FB~7_Wa|lDEv;N7+$^N~r8<OMcd2n)VW^7|3l+BJG#Z_pgr|NED
z!e8L9VQYZt>78RDKF6dSwYuPHWu;b3!%h$Mx$^p;gZ1#2E4#-8&?XqGnlDj~?N=|-
z6jF=bc_-#S_;=|FRkNq|C~AxoHEp9*jcS>n+a(_*M*q%wG?X9FWpkbs^`>=%6V+>h
zmT%S*sqGAt_=(hgnU?PqlNh)konWEp!sr^Y$Cn>|B(zNzEdWl@<4rEZ7XMrDvwr)1
zB;ZZPs?_h(%&D{+bf78t@RCT#52}Z}jOW|{eb*G(;;feOm;U?6D`1?DDM;$5%0qoy
zyqvOIvF!VKrKC`<;VbfMbwbbNzT0q?#~c?TPdc?Q;B#R^lIHW}rSuT>@CyHtP5e(>
zt>>`$JKA(cC(mn?U<pT2-~xB&*1lt^;fjv@vY7|hkEu1DnwGzpGcUhh#buDqZ1MgG
z0l00bETi#Io-S+{;VtxeLbd{hpZ!)+?C`)QOGG$KDOA66bq5an(!+3vSWZqVF;7>%
zy<OZIBAHnpr;Q(aI@Z4A+Hv==170c}=T;AayVssILZ7*-nA<}Fef14_$JaT|-&}3c
ze4){Nuda>a)p}TRbVnpBX*t2(CBcnhy`@cp*znl}Pr9i023+MSHxi|5g=C^L5D}5k
zjEmCaXhL9kzVjmU=%fzd*eaw2P#ldRP{Ynsv(VjFeBl6(8GkFMLRi};{C1k#vP~->
z7ULM;<(8W2sIgnG_oWc!y{2zs0Geef8hnm<oODMRwP_7>|23)8+I(n6fy4Yr<vePW
zB%gse9y^EIaZ$+NW}}{)5Lla0jK+YRhh-p27wE%x88lPv9bOhMprHgGRY5>?Ov=4Z
zRvPrcbxe?*rl|~c8h!W`10ZlN{A$=6R0*ShV7b}nv7-UDEP~u>+uH=e$-IpThLW?b
z3=ZqRVs%(D<0hRVPMKstP1UA24Grg#tLAUbo^E8<PF=AOjGI&PE!wFB)#7kp@yCsp
zPN;>?jnfnSbeCgSt;q&*UuzHb?q#qF^0qBlX&z7@D0}Uy10lp$m9mwfuR3Pi^p_zk
zbD^g2G4BcbG_vC8rabzakK(^%(6ilW2z&p>h!HG$f*Hn3Vh;>Y(QUrq6Y0zyJW~iR
z#_&ozJ{@LCW4f`jTS-h|6(yi4&gQx_Q0SIaEm$q*IkD$85fpHb@+p8pg^2&2Y1z=s
zLGqeNYS0y<6`8E;dXGRK@F%E&Kd<EO@+C?1fn+<XKjOM#<xv(g%Y`VGP2uVe!9r)v
zO6MI+>p1#y6Z`jZ%sDwA-Fj5VMG1DHW+o{H>~6Md0hX=AGQN9X-ge4j*iFJEmACSq
z1hvAT*h86g(0Przz2B>5)J@Qe|Eh%qn@W*%cDzxnt?~8!Ca*POtK2(Sk%t7yTG=<s
z(e_X6BibTK(VE!bZml78_s5!TavxpaC|lGy4FPc+gf?FpZq%?6kCtwR4FH$WtN=md
z)%=Mosj^*Hsm_&6z*$t2WriOdQp)<gK=hyEt9C8fiMAqCYa($SX_P<o_u2w~viBHe
zZ6sXgjU+=kD)}I9&%dFoiad)8(#DmBJ-y<`_mjlKPO1uO@V_l|PA)EMx<6eqo^Byz
z=IoN+7d{)6Y)$RX<D=dSmoM?5eiu<(*rfye`P^~{o7;!_nh*}<&<$m(z}akJs2u6-
znuX=|H2$|hYa67W_pBC(a}(&X_D20VlRNzxFa`1^%+CVdb>9Xqk<>l-_S)Lctbu!k
zmLfR)-f|_BiG6%2r9u9q!yN0B`L}@PnNht}koC#nnWnjiHfg(48`EzIDxWi>9A3~a
zWF~7HK=WKBa^5u@$f@|z?R@&dbFKCD2G})Bmktih2KI=R1hj3|OxEGu7ghU0ys}RQ
zS@HZSs|Ry&<?rE@e%j@&-uC%>$&RYRoKBT9^6ze`I(4(6EK|U+_!AMP08z|TCF$S(
zop#jDO;4Js%17)vtF5~`3r-VD|JJGqHA@~l9t}*xC9l)Z?eZz#A+MKDNYk4`96nl+
z@n=h4JH!v#wa&!B^m)#%%RX<38c+ZI7GrUz{K_-FP@hUhxHHmu@97@w-33de6N7p~
zLlfbvsCO5CO5NRFeTv&lpNae5-!N(cl1{mwE+1#=0GesMMeHaR-0Folp(;<2AaBSC
zx6h~=VgEL3andlsE(Q8BLcB?D+eVt6_wG&s&KHY|i<gow!~4r9A7i*etKXpGFXyGd
z@=DcoAKHLL(z(J}>Iet&1yq&O+0l<@#Wa)@sXJ|8V;B2q4+*zPo{qh`q6#9u2x0b%
zfQG?;f*wWx%|wX7>)`$io<0DbyYcyUTws8XKBq4g|F^V+yCBA*Xd4M#VNBg=By1yV
z&ZJh<#=>nyI&S77v#gNPB7=}j8&<wJ+IfNwq*eOY@<BP>^BB9ibd)kU=X=zUm!C1-
zufK=3tyKONr^%O4KmLo#OYxKdE(sWOxLcOyDF{slI}8V|wncz$ZN>t1q7?NApN=<^
z6J7X-ibv8aE7t_OT$e2!39yWLcTS>jG_aW3Ix#A}B=W0|v6(o|!FeRC#&6o}5Ysa6
zv-a7wi~MX$c)Gh%sjaeqTsS1h?=+;LCk#Y6vnn+wxx7he!!03d=eXdEMdm;;qF9S#
z*;SBhV6ST5MEb|*<?p)h<JB=LYUF7>0{mZgm$q+RHl;|cS{FDfKssp-D<!j)GgPDd
z^dhuw@=(9#k-PdRB;Jmh;sL2}jo$qjjq_XWd6f=F5e5zbep|bz+>h%4xY#)ss4B%J
z5H0*aN2@2D6UH4?<_gRDH}v?q`YhY2Vt%d4=SfTT4uEWvR{8M4UxR%N2IJoyl-Anl
zJYnKcIUz;gsy=>*U@6sx&|NypHA-T=&bgxxg|1t5$w~J`kGm7b%kY`*a3N@07Y0d>
z@t*92J@UM0Ns3pX3v+#%8otlpDJdjB9JF5@Q58cc{Ve_tX23{yKu|Ye?&lrd?WeLB
zB4jb;NEm^4w7WBBhbSRf)~yW@RWM~X&j!&&I?q9E60f+hC(8-iKVf7N%BvsK%2VKm
z7S7|Zycr2~)ptXw31atH=bSG4Im{i${yQ91!-u$c;C7{eKGq2mPkX4FpRo*ED681e
z6ZNuk7bsAM4H{5;|DgrncDX@3;8y+o@JILN$Bg56pL5@HX8RHal?-2dgk*PYZZNkt
zT!i6@0NOpnp4D;S*keI@gTRAeFUI5f=jWxuNt4Fp>BmQxZr4_m&&7F7g^{OcO@R@v
zIMiq%4;C%oxf%Vlm&C=7B64p|#eXq$I9`uE@K#O#YSJD<Rn~^hlm;9)=I!zc4^F8P
zxu%91e;EF4wcV^L1C@X8y-G3pWF~xqm$DCvyD}s^bocAUK=8I|x(*@?f&TH}2-^G;
zVpSOu()Ga*6tZ?$v-tE>(|ttes9YH6^I6_D?-*$7cm(8IZXejrv%4f^i<getn0nHU
zW~mi?^04%ocT$PIx>(4&`=PbV;5+?PyUS}N{Lo`K(Y<ujl+g3FfdiB`SJmd^c;5I=
zqEml<Zvu6@q;72>ExTfD3-*N><srCHWydC1xYnZm))Ir|kh38rI^UR&e+~^LT(2wJ
z8I13X4z0AuS_u9`C1F{Rf?Y<%4UuMEaNiBDAnLK`y@puRql|bMKKHbA#NY6q4Jh4`
z^76{q8Pj-%;d5X3424B*N-=?7V3hzb;6j2Rij!VZ`*lSS^A<NOt7ezS`0P8X^Sjq5
zdSS1nvfD^_V%FC>GwJz|R)<(%CZO=AcIC-X`}NpXJoH+1L2~~2#WKRnI`1%OpZ@6i
z2PeC7b$Ji0f<Wl#ks7~Pc(&W1bG2U#DZOuE%p5n7;BWpCuCnymWF^nb(2{_5HM`SD
zD?XvFf5A_><X_+MRUR#qrF8n?vtnya0Gng1BGSq&rU7b(jNGgJQ!Dq-+IfEk3z`3?
z%N6%U@q(f@Z<)KM%1+=N?EV^1DL!|xz<jQY8i?xiycThjj*fG>dvcVY)zGRmH4$mY
zI3S^^F?<WHAa&|<syo44zup1xC7rHu_wYDVIEpN-|8Y?%UU9KBvTU37(N%H&pgpb8
z-q~DITYBX5+B~|JRpWl=aC$hMM$wOxBU|b2TAkg4yeS`c4$LEa-#A^}#ok_4`HRNx
zFG=Hx4T4Uu&Z=xv!;mGq4UW^1ot2|6rQ_2iR(>l=XH&|bq6t8h0RtR3hBoIfraA*v
z<Frd%i^=L=k+iEjdn^tFjBG*$HY(AEQDt32&vXmG_qZ$TdhlIaej!#1{IK*ne4%f$
zAxoaWpu5O@+!Cp7w4!%lU#wtx>}j!ln${>9^RNYUEN!4_x<+zXY{Y4hfeaEYM@&{a
z$o%_4*nd5`VeA)9jW6WHt@4(81^;YZl}wzwwa}l4>_!vb_TuSUaop2whRESTQuR@s
zMZ_7QD%+b}w5p%J<nLe$Y1SwhP<$J1zOXxX)|xeWq6c^Gc;j>{D;)4dB3>A>bwv|N
zs%!-Y96y-9=FJ^1x9MCITEC*sBAbXT2KIg{fAFuqvh%O)xMRNm*h*s#EB|w3>u+@S
zrqlfXRCA6xP^bBzrT&mh`y{gH$;T}z9;l!JoUP@OV5Kn2LG0b6Jw0+ODlw0G!B+=l
z?wSZXWq+%>OdS@}vt%!#aECdSOZ!LfmPLjRubNRz-SySQFCvexLKMPsIu%158B^a=
z^WQ25N)aPfq)M7BphFtX+qG)Hpi%`uSB!l%<W<!%DXVm3Q`2*smZ*GZguj!r8Wfol
zj72lVJGXBxEtoEDpq4YYPnnoN`%_tk7vRE>g!#^}yje`3!#AxV=Gwc8m&(?0&G%+z
zV9ajuI%2ug6$WEf@X@{B^U)`)!1=(~(4c7K_*0yxDu##bnEJ$OpfE=*Nwe~gTQ4l>
z`g3$%<dH{>XgUWA9PbZBHt8lyz|R*_;8<iO%Kb3o@2rgBfu$fx@y7d5&3@6hAvx`1
zXhuc0czE1TA?Vn2x<8waEvS!=+dz*FgICX5z`P?!%Ia!tOQaOAEV%NP_&9CY;eSn9
z=8t#*N|gVb0g`%Kvq&R+5*Bm`=K4tlz`{+wA>!Sbu}<wyklXzW2A`c58L;aWWERIi
zgUw2{#I2p0`c(EWt^ho?&kL%6`+RTek!$V5t$A+x^ONhe6>K_YdZ3f{IIuu0`Vw)M
zHQm&7!73vX5SAfcTD<n94=w}VEi)kcL18i(EumCE-e~iv{*jB3;7+7-RB-2ZWE@xu
zXsJvy7vE!-qNd@YQAtp@T%Gf_Tlj{oot&QDphMW9lqUfHRQhvyjp-6%*ptx$Bb-H>
zzhJ;rLF{|4PHId81nT$Xkbq|wopK+YzO77)ik4cF3ZZYAr%Jfmr&`f}dwvAqA%B#l
zz8DbhRcbFNb-Tx|Ir>?dNw7L<xwA+&7_y>uxee-MNm8A|W7P3rjZaQ3gYxqNZArQU
zU&`B<B*+&&UwVW%1M9xDS6VP}`kmkrg*aPOb~e9`83aOa#ObQlFs<fHqj#@3d(2r&
z5l06mbT#e)OWoO@{{de^qeO$kf!R0I(WT3fVe$^NE>kA<;K)JEui#6D_`m0_gDgXL
z>%_v8bfWnl17G>rt_QM+duDp?#W{6#gbC!sSWYCG9aK9;i+Ix6-FG@TBNq-M!$r!M
zKi{vBX(SQ()687>i$dLAkq0#W@6r9`ZNx#!tuMNY<Jl<omsWk5suzxChh8jAxvH{V
z9{HBi5PZXPZbJyngJfeB1No&}nFl)R%5L;+{Y7d*wO9H##0##r3XHeuj_Cn`V$%-A
zh>}Mk4)bdp9SW{jCj^sS9qVb;Q(dr@mj~Kr^22dTKDcrDb6zW$;`#iBmC>{}(;Sm?
z5)6Ma>*@s_I+q%j!)-KMNUkuZJHxxH(UEmYi%uqk*j*D0mxD@RIDp>@zJ=u(V9)WF
zqbtN){}$tD+&_wzp=VP_ObMEG{U^sthj($QgP~BhJ5k7<!`q^nTnUklT48F9O}Y`I
zc&ig?HZui$Io|M7s5vKC<kYkA({%G<>F^Sr-nZ=%iaj2tciSAgSJgPT)L)B@K-8wY
zoWtVEE%K(;^hBx^8{BA7tUvQ9HuQEE3wfH>dc0UXUW062Tl>7p^McwcPmrV~LWSWd
z+XUy{N0I)uhOhhs($*^I#n2mcjO_>RDaEMu2GPxC1m<ObwH4J?Xv=Rd)JvQ=sj$2^
z?FaS*?$!N;w?&SSgQt5I3ji>=oX3s8N>SSy2)?TX%zBtyR3x|G1yjQJ%sgpyy9nC5
zTxRZpX-%DJ0CdQ?J*dd1ZYe>u&MMcdZsV$S^#!m>7;T_nZ^Jt(Z(q=qNerf_3IPy<
zc2MD;Afu^=c2-}ZNnjT~b0n`l^8bUIa_<!jxE5^<K{x#s*_Ikk!X*OKT3j;?f+y6B
z=W|}Y-TID{Z<m_xMi-2yl?a8|yX0<BU#Jr0f2h)}wleF-|4^lTZCLn|4IKtf4Idn@
z8y!XDghOiG^$s%Pdk0qjn6(XGO2oQfY?{8o%Ek<?FJRuI`@G$VZ}0ue|L7{=&7$Q(
z@Mmvt!kwp73MrOedyqqMc!G8mmytG2QZ>Y)ET>-7@;CNceg}Q7%Pi2YFQ{q~)WCQW
zdzU!_YIxfpn+}Ku6}vjuY2Ec~43{1TdLO^DGz~PA_>~j?24)Q0)_gNs>c6>l_}RW;
zgpqz$-|VNx$n^B<_kk`yBM{?i+@D&v4Fw=O_4n4mL1sao{wYAqw1X?>QthvlLY^w2
zBB%Gb?x>n0g!B^8Hz1>CIj^d1nW`A}M^}kNdHuM7S(@Hoi8gkU)FvV?A1`rQ&k_5E
zJTrOJ-|hR;ZL&+^inqO^(n|w^x3epfOX4iI&L`rRc|zs}VdR`5(hi8rP~=V2`g;AG
zv~U&3J8u?nwedGQ3DUwOztH{G{ktARoTk9KQN8K}HFZfDs_P4Ul+F6GD*g<Ipb{f)
z@o9`SwephC;EuSDa$oYYR*Z4ks^1$F6lK}}p;<5c@*3i^?8UHe43Zrt_m^9l%ZEij
zBN2yZC?be4;O=4>jTpsX+44aqPEMc#gWbRt-v)r%ozVZL(d+mf)u@|_vC7--0+kav
z?9ZH?)ylxn2nWMpSkvZ|(Zl+nLXF)arhB}4yiajJkR@**mUD<2#^Y<s7Jj@~wD>_!
zvD7X0%V<!<*J0S?ELWhw^t9BQ@S}2%!G>mOes9?%B||6F$s`GzcBp^OfSlQT=~xq8
zWMgidneJT=Ps>+pc*Deie9il@PH|3mW3Ej1F~-TqSO}pXH^FWyB02q@=>mVj9`7k&
z-ME8`@+uf#C&hHZa^E2<S+35MF+N7KxHALUlZ2pIXK1)nPFu~@s)~4ZVFRDDt~^*l
zp-_b~+c&~~X|S+9r`Brf9v>LeV|8k}+vKyeEU{Xjw`1T`j%wyt>cnkWNf|JOM9vL}
zTULD@z`Mji99t8(KO?7l`R${t5>&PS-6(edJ;0}Zu(_eGQfu2lM?q$@0<9zSAL&XI
z3&XH&)|b$^gW7!Of@1cXO{i^i`kIw1sy~+;v9CdGc}oNZDGW!uS>O~C$_3wqAD)>n
zveA@3Sl2`O#p{9xve#lL!Szxq7w7heCfL;jk3%=KHH0}Yx4*O%=T?qWp`H+0=SrKm
zk+Y$~lv-%#6~zAH0zW6`jDyNuFR6f{I8HG@+ho!pyiJnO<u|o}V&osUd7A8hMryit
zh|r9&^HVGW&ueEg*coR=pqphI&p42FMNe4x;Znc;P))Dg{4Hq*6?b;e2QWXYM`-JH
z!G05UIO~n)=RTUD_cXszkVAJoFDLTKX=c;l<oD5sVasKr{r4#aeg~9|j%ZlW5|uu?
zbZfw(9GC-1y>i(c3#JQpMtzOKlsiMd-E|<7*avjJ#Jf?)4`1rf+D+QGH%`#9gP-kZ
zZ5F6<i&q(F_gU+6)XU#V`Tf1gC1{g2@+s}xF=Ca`GEg#Od93or-~R~8NQ*>y=-T~b
zPy9~OCH`I)_&sxZv35Gk)odw-8>cpO<gA0{vi+7U04t2;=d(0O<Ide5k}#UnXt@h0
zw^1|I?Q8tF=x5Nh>bY(Sbm!^l2LDw<2>yptY?(XO!ZxCYV0=Nj#PYbJeo|oYJEz<-
zacEJ0{S0UOlwC;857M>W@)=IPe|C;FzFhyPU1~V_HhKhfYwSE5C}MT{$-B8!UWnaY
zqJP;*veXI>HnodZjI}!Y*Bwn%XN8`<xlAq)={M<>cuW*zg;qX}Z>ZJEPYpaU`Iy@x
z)c796x1lPx&{&ko;M-<Yk}R;cSZ-CAT(&^D_7Fc-GyK6Q0JgWye@9LCIwQCyo^dhX
z!gbTSb6A|c><IGU1ZqyTXnc8odYr%||9rLo4Y)63)*i0=jQZ)(_c0b#!}is?=L@mF
z^fZ`{{*>0G*yfOtV4y;miN5gOF_?ARucx~g9)>rHvrPLsCn`5j&aZwy_n@r7!v1fa
zxIPz7=UW#?Oc$)-eo-Wr1qyN#5Ykza-;5rG-K1VeEO3etkaJ=yM~!6+CGm*z$mAVG
zglc*H%ub0i7Rggm;@bCi!(&(M%qZRpviSK-G&wp9<I*rdu2^9!{3}Xfm`YJXg7{ue
zi_rk*AR4Q5kT4~6UYL=2GyR*Fyefs?xGo3Iw}jA&UoE9-p;=kX*xrUg5<z0OIXC8E
zdzop>8mKP#=E-DFe*-)P7SEK1N<}|mDJRwDcCGfIW7VdMqOMzbhQ<2zSoYZiLq_Hh
zEEtnO7qm(!vbTX&PF5|yK`l2w%Sbzr!ys~YqmVzqN^QjV8?@G44Hi=ET6Hp^!a^d9
z4epO?XH-Ujyw~f7gdfoE@0$tlcPa;!@@^{Pd*^^VbtRb>9y0!7NZEeoe?6L|08JU(
z^3L3s^KZJfr?^dy*XA(INGxN6bUWv+khJ$#B?d>iFp9t4?bffJee(h=O3^XGQ@3~O
zQ`>Yx>i$rn5f-?K&#KT!O6B<fe!aMZ+Tjt$>w+@ykta)&A+ID-DL3*%yA1SfU%9{j
z6H((cWa}Uu`<DSaP#h9(FM_zZxo5A1kfAp4z{p4iY|;pn`!Q{Z54s>aUp@nA3KAX{
z$1n-oTF(XDl)G<pbIp!LA&5iwACpEp0ljQH$f?PH9frtX|AIn4gvvEj{3%2MQH=Be
zFI$I3CC;IUpH&w}d0|c4@5FJtdxD1w|1S?Ldg_&txG!XEIr_as6RN!z0$E0$CxXwJ
zE20z<N8((x`}3Dfwzg(XeXyiWR+M8U=id{$vo~<U7NP>Yx*MKY8$O%NwB=K&Dj)^a
zmo&uw_O@}Y>-D*g)zK;-*8>fSb=a#VKK~LHRtaX`rZg?R>850_>*RbQqMRo|o~?(A
zU?A$@=U)qZf@EgAp=jy$HD%4g*1|I?<zI47v#{U)QXF8~aB!nx?8m2OpI-dyh(~sd
zqM#SfB1*a8-D$9r7-x%Dqf%{~hF(J&3mT>p|B%r@?HZz>_LJXJZiF&#fc~>R3T6%|
z|2`~f2Kh0{L&1Yr$o^e~Lo#8ZAsAwvE=>*oFH(DfN>~Uw{Pey(dKg*7-@jW%B0btj
zF(Gs**gjNAzfG;<=8eV0%^-KYO!q74TC_&--4w+zC>YJBpiJ4Qi1)-7-~1UTe$T^H
z%D3!zA2TCs<InQ6K$4k{xQR)dE*1%j=wS3Oq*{JA$4NnaD51Z701L)tjgGQ`{WTFe
zxXnqK6K2gm8Fh}E=^vINuBptOxaTE3xYX<z=>tqf#volHGUcbzPkT-%7Iz~g98I}6
z&>^aXNtEVjj&&jYVC<<V#+JYg3m+YJVM~nqk)w*0<N2Q349rWW)W%f_<7e5&Oth-6
zu<PZa7114)i_^vlZ#e9Wg2%vJ$j#-cD`%J(k8F<3!Z0~^%Zf)1yYF?|aSCe;b{X_q
zlgNFX{!9ocNUM;Eyx(szDqT|h3>prB!lxavQWpj1%aAV}gW{!m&w<%z4XXF+laby{
z-IZR!wndM%Az`#j0yHEJ!^a-nD@pOB8Ei(5m8Ui4;4jb$esSy_IqgrGZP$7n4F5rS
z4$)8II<$*ivXK|!EK+RqkemFOb^W2_k>7S3N4DACQo%)!Yrtu8*G#cGhLp?`#`7nF
z&YV0v<HDsY_B@95E~}<K_t2!Qf;sk^Mnz)rzqzybv;flRFsP)KHGvCeWhBPr*YKNh
zps+-oh@>oZl1v<ILw7jlY2pC#y0*?XkVZ1go+11(S&B>nbMi*}Szx7^rr9Auyk5cN
zB+6M}tZ>AwcJ%VjxS*q?g#lLnVJm5`dsZyo&H4WTaX^m0l^KsN)b#|UXhZ@#x>U$n
z4Sk)kB$I-|?es^&cCkRL|4$O6zRk%I^l;!6u`HFXQITaZCGF0;l>WZ*z553G>WLxi
zAV`XE#Nwf#AyH}s<nJ~VCTJWGM4`6ib3y_sexdr1Qa8~E8#N*H<gu9ig(_6zaampq
zy|fS>)UN6m2)S%nNm4a`?drQ2(O^_8$DkP5D+v>6{=}|L)<AkppY0wzgB)KEP$ny-
zRVch|bd+w%#}98nQRTqN3@yy{ZmVTLo%iL7l@^zm9whd^z!p*>a6m3EeQ_T6TI>1|
z3vkr^@<pYS6}!AtOUVlFF$=+1vpQUNrc`T6fGKN8&gLxDV@Ql%M;9Z)iBoY-L@Kt`
ztiPawporje7+@U{V%CvHM9@ES$YfXWjBFS1qU@^y;}@8RfEGCUS0)R{1=UE7!|NmY
zdS~Z}-}c*nM`f#DXR*|W5@6aI>O6GkyP{5t8t9D%XoNSi`(z0@zAHgQ7&aUPL<o@e
zdLEopjD9{jIXZ4wJtdXQ271Y~R@N<)m7$!dM6yOIFSla<R~1;CpPOx>R1ZY07+C^h
zT$QBq955absOB-qv0~<n#zk$`A#B$uR*F-BCmfQ0W%79<(Wnq`uY(kwAP&$V!b4q-
z7WX>ql*x|Qn6Q{{%Falf!@~YV&Z?B5F+L**XX%J>`UeS(lr){tSXRBO>QoGGmX2gn
zWsO6L&M>QybJPYZz3`T#BNiHiVFP_2I25`uFpUkMm!^nBe|BTlz5-_4Ad7=kgSe0+
zoCE+>X>3-XR(8lJJA@MoT|UMWITJV;vvc(ZMuRMsN=AcnT~eQ5PWXwe+K<#&J2Pfq
zMfxM0j=HGXI>)@lv$!Qlz)31vMVGW5Rz0dM=!oXx-cgy!%3Bn6m;G}L)mhL(S89%#
z$uM~q4uSF(HC4^>sI<VD-cBgn8IhJ~q08k*g_+@KH31M(A*+OrkKZ5w*fgCevrw(M
z*|1wnFUmnHPoxL{Ij)pROr!|Je1cBi9HW5n6h=u}r_$V1tJ^HW0LOCdV8;UTmFZtn
zuGNbyM@~)XWLV9xQHrEu)U%@uU0^}`IvWK=!2A&jivdi@S_zU$=p$^AuwG1=XJk_N
z9^e<{Bpb#T@Lq-ZRrp<$;iYAPsYpVlQB8O%e51tGltS1^3?kT-yeUJRVC9TaJ)qZx
zX{QydS{%#q@Ec|lgIWn;7(kx_uA~EWTI@7EM^7#6i^FmfT^=McWvX(D{h^?mwFiy<
z{B=YCPdjtbK*OvbQ86l`HBYPbz`<x!LoR_)rAr1O-p7F{{4fluS}5hd)h#KRHCol6
zzMP!qnJTm42rfN^Emqfg;p);1PR#XXX+>CQboNxB!=u-_sP}T*EG!?O%8`Q+D?XX0
zIRPZv0OGvDAF@bW{tY#MR6r?;=$L{+=K2>q%p1sA2MVrB&<1<i@S6gmrqzz;UCL&e
z>e$8j2&F92_csY0SB?h*8q;)QiUi-K8d^>gCZq*AvD*nb;&uis#lxvRg#3BH#$z0Z
zUG!VC^l}qAB4Eix$^r3ue#v7hEiMvz5$$u#Ctg1jlRoS$=qkYWOs8QD7GqA(IF%zK
zt<J%eKiDFBDx6s(*SR@hYGx1)I1?i8e`6L-&sCiXge=L4>N@_6nIa_Wv;!t&)!agl
zSSW>&HU`s7Uje360Y*W@ve2vvDZM$lkQGZfIfu-TSm>QF?`Nq$v`<(AwSJbOn58Dg
z5erpAer6ZsobYX9@nq7ZjV2Pmmnv5B<Y-Te{9z1RD*!^VV{0m#7VJD6p5r)>0u?5<
zUV31Xb9Y8NYZ;3|X5fsILYocT%_iSiO&Idh`3P-U6AZY;INqJM<rzN`D9*-x!eN>a
z*k}UZZah?;UZQfAS{@1ma3uAgpi<#W5u_rGlyAy9h9#!s^2cam#2o}6Rum^&k#DnA
zI>hz*faG1&ZZyDtTVS@QBhIqnNSp5^WuUF^e41E^4Ov^;{b~DYyMfSB!b>Ns5MQu(
zK=Wo2QAz_bGG?;7!?>gbTR~)**36Jt=5dw4f@jU&>$s2m{8@4T*Y4f5dLt4ggbP1S
z7HtJD*#F%-*x4`b|L(Utd-eYBZG1M64!LbKzI^eF0npS}p=mVG<9hG0iM-28Na#3f
z)y}2~>Zshaw67(c#_0ex|14U~D`i09aO&^I2KrS+lB44+0R-Oo@}>2-VScq9Mk%s!
z80Jn>*bkLT2!c=)M%ix2Bz+RG3;nYrKcx`1F|a5wu1^t+NSH-tJAw(~=Gb`LlGSuO
z7@n#yNhf#Jzn(U(-7pzx>VfCKtKXGBkimciX%{u$v145U`Lpp#bW!uwzu>fHp|@sK
z!+5p}W2|-?U$Ai^@p<zv9lx{ZwVTL)ffL-P5ltx({xA7%o&OU}&9<J*r%zH`3M9;9
zexO>BAdqryqUurqN$pY=n}m}jn*36+f0#Gy2fJ;Jy3bKagVa8PebqdHd~T*`)t=<+
zzOq^P&d&P}v-{2MG^k@wmOUnX2wQ}3g59lnp1%&<n72Y^W~kfdW<1r;Zs*#Fko?db
zBtobp6sGn!buyK3QL4hkurGa3!CL-1^Ol>sYKD|+egu0L605NI4MeT0+UqE=F8cDN
zSPHtlbhlUKV`J~zE!wZ>Ul~gwsj)4(D4)#B)W~dPG)sfE$&I_Dd7>4sam))uD7Y_7
zh4OtFX(Sch61D(^DbsuhQi?upSfb6T_eB2UbTM07Rmx!MMU}=8{LR^E&G?y-ciz*R
zSAQ1%pM@{ZgYKWhCfd|zucrDECRP*qTcsrBsjCvCRjotC$yAa&YM*fC3{$<XDp6K_
z79amvc(&{Ffu5dVRG2{zo73}eYw2mPDkTaY7;r$pTe6;>e%I3ucTahLZ?pE1vue+t
z3J)g<EK7q+XO4oe#<MzMK_K{OTG2qdxvO`H!B+Ort@M_v(kh)*ST@({t70I=4E0fr
z|CrHve-<8yi-JVHjqWSe&h5wQKAhdA>-6PPm9tSGj`C0f^}`#`A+uy8=o>%plOHmn
zc5q$HQ|;QduLzPlo4&JOEN>6zIZW^D%+94Ety}rozU7%Y&V9>iWu?fR)w_!Xt&f~e
zSB}yT1m+k-Wp<ydxF?e$4}Nl*F>4Z_X^pH_wi&ttzK~GB2f_zE9rBsu%*7%yt}5z>
zb(i&nw%A^Wx@Rm-U%KDiY84GkoA-1Dr^{_(*a>c;CMQV*pkbM}lv~d%?M<jyv)996
z$cYfWUUO@yY*cs_WYa`V{k%uR<tm|TJO+rdbZ1QW>~n;ZM2=3yv*}`IkEWddGsbh_
zXc;tK-Do%GRYt7v-gU;TkWuxhDSfb94l9gYp<}K#c5czrqelm@^|49DNjj;>rlMDT
z)SODzM4J`wRu)%QD_&IrDqgawECbOjD^HV^Rcg+Un<FfKArlZs5PexSvYSIKuuO_(
z&lIVrhAMcgV6{|=Je335gb6<@o2`njFLsMl?KBdaCUQ>A-9*i4-Px>EzKa@@XKLEB
zWX@IXb60&)F;~Ss`K1`4xq7CQwt20BDuR>N+8PxBv}}7+>gH@*a_y=W;)crAD$c}0
z(s{G7oKVqaT%%g@{S}IH!kFyTRU&z2KQ_<E<T^EUiuBLO#BgxoXkD3_{1(fgVt1JK
zuVV<R#ea2q-}D$P5a7<ADf<T=M-@=oD6d=G|GD!1Unwp{c)X8;>Vu&R&VTPe*)Q+^
zJvr#q{2#aSf%#~C6La=X{5jrUr2M0E4sU?xBtJ_HbEUYZ&Yr@)&v~bDM&q!HUMOt(
zfkmV-CMgbain|Sj)N$vfU495D?+v^%+gOjR6Xq+5X)ISa+LP~dh(DXZ<(Y`YZK#KE
zLVw~cOGFp__9$Ty4JMC%FNS-_-$N7X3P~stkm#K7zUV?Q?Qf4VK?-le)`vRpvx3*N
zj0JEUF7WVN!Ce9^k6CP@Tt0qyBiq?*=~%F))41Q7Ly|UspS5|QrbjUb(D>1m>|Fkh
zDk1E7-ZiG<-)J1tczCC?l11bL8OV~&T$|I1213(oYUMhM3=Veb*{3or&IZ`2Te&9?
za@ZTn-7&RcQ#E{ckV@6L)&Q+qsp}4@Y}Ab9u-xLC(Ie7U&_ocGhbM}gIV<<s953gc
zbR$9~MiVr@+5U<Xqa;OE(F^VXDW%Xl@AOHE&0rm|@K|evBY6I>X0S*I#J4A$p3{g7
z-SA5%8rFtd%HLiey(lI+di^s0foJid_$Ub1fr?o~y6Djd`Ridkc~oXWn0kIqb!QGV
zltx#Vx!~o}nG7xJrcNe&S?=|(M)Bo+eo&f@2#G97B5)ewNaGK;U*2XSg}!;DeuWra
zbEL;ZV;Xl++aBc^<Ii1mu)n{%-#};}l#W?bcAVhweH=|bFa}3iRLEC8?&mDZ#wIfl
zJyIu});6AcEIjlGe3~yQe`J1uDTvdN`~gmSlJIB!lR0LM)6o$p1Ns?8FW-%PM@VST
zTr%B;{5+DOfjB;XqYfgevordT;?E~1M-`C~mGw5grx(&9lhgUJ0{^eg{+q)Iw21$w
z-D#Kk9}k}F)b`(PeD22n!$~3}wx01;9@6e+pp>L@8sGJJ>4)ZIgS!;gs6;Dv{nrm*
z5VC8_FlcsBQ-=y!ExS_Jxu+j0RF3nKJ;PCmtW)a694crifu07VH&<=yfy&bKr_RzD
zDEYZ^M?SUcR(F;OA*|>ybC%1zQaIf;)84diRTNt4Hn4DtXEL1jR0iNqwPi-#-E8OE
z$Ay$%Q918IWecZ8X4JJ1v%G9|-7xC8wRICNsB9Iml%Fsb3PW3~_eaV_`YTOGKdV=C
z!lD85ZguN*YG!Ge2q$cgvM5qEnAw?8uaq7-xXDVWRkEAv7JGhoD(9-hh_*(hrq4VD
z;Df}U8aK$p&(9N~%ggS}WGNoz_03NZ*&p(llk)pIsr$Bei1}_buA31lCdYi}9A@{B
z=MDZ9#?OD){Q3RyN$>U1R^b^0s(2ZXp8v3U^x^$~|D*Tu!<(%_{uQ%byS<8HIL}l+
z_HY<-neY1#CtLHXEZ+e{>PeOGd>VS1@?8>=l*yT(S%C6mzI|fAZN;HqoWjwyW>toz
zUae@gOLbDNekO<)nTPY*I@b?U(VuhES8sB=^)e|uaYhsG9MW95dW+mNZo%Mk@uWrZ
z{0dALSFU2op0Krv)T8Guk_IgyBEa}+_B((236QB4-#a6d1+RH$r25qWFHxu$U{5A1
z<S?V%rJqQA?k;sD1@$_2<OiIh_>r@*OLBn}zm#^hPW`S}N<@m&O!&&3aV@E!>Lx`&
zxnf;ZB}gIKe}3z2rbcc}=R7YWSOtl?8Jax{X&aKysoO8$u6f5|Y1Wr+19N>jsMBt@
z%l)(_n;x14miJq^P{j1e8@VfA^g_y=DvsqVYD_C;;}w>h-S2VJx@Uf8?`POIb7<9R
z&mHS^ccjF(FJ{7sfF%>?L$Ou_Q6x543?)kG7hwtyiIFRS0_V$DXC{zf#8C5?U>=NU
zJapJzK%*uT@aJgW6Md*#O}pk)F0zxl=!Y*aUVS*}{rLLLtKPfAx34az6T+dtAHMwZ
z>K}8HDR~Jw9!}-yq|TomzyJ8*#jEE(Yz}A~>ZuKNZXpk%Xa)!fuu*fmmgp-IQp$MJ
zY#0$7A}>arEvFn?-&Kk!HF9w&Zd+Gs&r~1HD$6M>B_c)MAB90vg<hin@jvu9{D`SO
z?+MkgKD{O+`Ak#Psm!v}U$b*OBa@{vobH-AwZxV6oSI}WSOQEBHnrk{`Jr5r%-H$y
z<nY5!uTI=K8zdDkO}&A>ew}V%FdDNE?d|Q&O+T~hru%fwOWh6?x4%`_yZlNy{i0gW
zPCmQ8@l=mbjjrnR!-c&*{bI#i3wwT<H!2}kaottIj<WMSXX#QMz_>C_Ts}k-GzAQ)
zi~Z(5%8V-TP(c7KU%7lzU9)bQ*Q=^(Ws$Xf?Oq(Nv-d31SY;(kvtqiED_IexLAhF<
z6(+`Xk6tnBD*Iz;D6ICiDgfFVb`(uj*0!(M*{O82t%|EXrIP2t>vDq9#@3<|Rz>cG
zUB%@qZngy7;Z2~ZyV?F*qC?EKrl$WvMRQ@<t-<>99el38|EuKV?C9Tx@xQx!dwb>h
z-`$-j_5SZ|e6F_t>*_GYLI&3Syi=#Q5&k=Mh<(u>V)2~(!w>$gIK_WgL9c5ciyIGl
zovQIVB3>)H;T{CMR@7?U(Si$x^F9Sn-hFQ@9Xjd$c$L^m8?>iwlf^NVYY8jNT?K0i
zE1Z$tb;1g#0P%N%jn{<#=H3Xn2>(5KGIjs+UXA~5=W{3c&xHR?Mf9ytWUnDoZ-LB4
zGXnJ#&65@BD@V=EE_Mw;bF(uq#>}C{0vFeuz254b-Zh87=?Snf0Ink4ZHK?9Dl80s
zn@+Z%qANtMRie;`8n{;6jla&Wv+9-wQEP6Z)nnEY%k*`<h_%W&wR(I(`Mo8g3l<q4
z4@ziTpv}0k>-6kOoOz|F+h>Q^Ib55C2s_R2SCP!<3(is&u&9epUZ_wZ#T9g93Y_(-
zsFa*bH+#0r_xkuxiy@ss6%bs6|2j`f=RbDayY2lN|J}ytdgniiG<4I)K&EKwD&b&0
z_xyly!XU!8RhBb`P;v=zvw)8A2E@(`#>koSC%?NBefhFDKZoS80*C&S^#M|L^P5sY
z#Dyn05t$ZtZUS!_zPep=JPll}1G3TuIius&er&|Jj()Irly;w^W)qe8%H-sEEl`uj
z=QyGcAE@rzEwt(zz9~>sy;RI}n`F*0h!UTY)iIlf_w)rEVYYW`&n)BlpW$+w>3hd?
z3C|@gZ=%hV{ZGN-*{#`fde5cpvu$}U^C;km89lOq{AN8c;$9rnnh7M#1-#4Ph$TYx
zBPvo-xG8dp`23||hFgJYoMCQBm_u@E`)A9UE=z-t`g7->E8{;9kvJuuzUSQwcsRog
zxB&lk+6U$HzfX4eYW}BN`D|z<HB8ZFL}IiVF?N<Es5x(Yu!)+^zFJeNk7jdg3$+0w
zZh-ap1KguoxL-p(0Mb+SusI9)wThUpsa*I@Cfdj@+@^7O^jd2d;iRMkq}d8}p_?f?
zPT}5hO@6(B{*O|<3Q43Ab@DSDZB^eiMRIQ&{Xjlbp(vYmo`o81l7HDG(6mBLa&2L+
z%Y5<SrMe;!E^my7J~{$Ubfi}wI?6AleQz$Mg_rtdz_?9Uyk*UYp<CFtJEEqmKezC?
zzWh%_VsyaO<bV61JuUyA)cZfT^0^85zskP;hHHS$l;{4>SfFNc-@i4r<FDvvA;$rx
z5o(@{h(^Bl3b2q70fmk5xw;#EDjRfo^xAq+t)MkmR39B5=^KyjU6oqICY%L?gi<;;
zi-L2`-*-L!E3SWkM4~Yr#*CBY%UHDj_jk+upF0OToqGM>#%BW^;WQ;&-E5~uRyh^=
z8I9mp)&vJ<cu0ib&^PxAb;+JUVnm_{$@Q)LIy4?`BTgcm(sKeq($4QV4jUUNCPQ_l
z?q&icN+eXV(SO?V)xFXzhBsxEP(t8hKH@k0m&d*1lyTD7Kri6h6!iBO$0(#+H2fh=
zTkwBX{f6KFgSX)S=7-U+CI4r>iu1UYXVk}mlz0%3-FWPai=^?`@8h$^V?Q0szZs{)
z#^ZlCHqhTOrz{ib^~+bH;U}E^lLTqQry;>Dm7KGGHvDrDu#mLwd~q-FS#kY;cy;*l
z?JIvAu2RPQ^}ln_+1)9v|IU-WTL0h5XJhJe??&U$+zD#*8y4y|fAjNi<}&2pH{pmv
zx78Zbbd>eMd^2|ln?zgc?rT9(fwH7{FE!jpZLd~Vp(HpC-Ak%vnyJf|S&VSuig2ag
z{YK-pf}#TbR&Lnb%IZm<aza|ek(Wq;*D{i?RnBS)+;yDbluXwRS{vZlo(35a${|4S
zkwCG&5?nS??MuVGr0Hm?AAEF(eycF+Dx0CK=T>5qd*%|*t<wGpdhr2Kfp8?4@q6Z%
zlUom@OAI1Gl5sx5nM8tvksOu$zHwnM%eFUQ`;Ep&X{jO{E8{Z`h<eH5CQv0b#pWV#
z`R;&45xY=Vq?1^RThVQJ=pQUYF{$J$fhu8hWw)GYBe<1Sg1kP_g8-L}vn&-fB&O<c
zFlUqaLq9(!cS_PAJhgdKIn73xha@JUnPgk@>jP60@`l<-qg_^od`=iFqr4KGohN?V
zZ~L98TAXElqV}V0T^5vT`d?jkk_mHoS3p%rC{-m1Qc$qy)SPKLU7~BNFXD%`X-5Sr
zm<i~dVuVd}3euD%x`_$l;K9&0>5lQ4y3vvd@OGaXvgp$V&6O*LWvO%EN}Ze)Xp{QH
z*VnqE(`oXT)2&A1#F@BqA!@n9iC)uTF7mJydIPy^_0;*zS!ntS_;k{mD;4Lyv4u32
z@EeVd4fHX;5udsJf8OzT_W!fdI8HH7<zpI8J>EvY9kCD@lLj5>;{|!8ip(-03q&hm
zaX^w(v`oBLD`BB$zIfX3+EPYSpO6@FGG^x_R8vHDiBpfmqt||;aVQX$W>glX+vxFQ
zZ6sy$n)diHTtW)nKHx-*tb2==<h|+%yCSzyCJ0v^GV(bgL8@j=Lim93v64X^+^M8%
zP?kj?f=_3fs;A%{lrt3Eb*Iu~rP7ELsyh-+&LuL8CN^QpGji%T{=fg{|84vgJ%0R-
zrKJ1#apSM(b-{Slch5?EJh9m*dKtCIF0epY2o_M7nMzm06KRO%u|5?eLt`|+=dwGc
zj+Fu-B1kn*W#66GUcXVU^#Dy+W_xeKGH#9Ps#$8RVyKQBZ!nydY&exxq{-?OZIW{m
z%N~^ljB%XdD4L)kA~=?S!8USB&Lf(tYrG?34EUdAX1W{IMCo&OMq(i5AudygsjtX_
zk?Pz*#^DxS$U~`2kWEm86x*PzH+6+$JsnTCOHJ5DBn|v6U-p#kD-E9n8j=)=Gz-qG
z-vDa1jS^MofW-oCBOehfZRE04r$;Y9x|z;^d<!ksgi%u8CM=fI4@ASfxtucPb>3FJ
zq8C6E>A6!ey%a;F5{WdGlYWGwLB9G8{!#`a1<+&n4^5Snj<?QdD<bS&XOKe9ld=#y
z47Jv{jugWtlh&5O2z??2M`)cqGe<&JY%Hg9NK#Cr!qC`V+kDLJ;Mi?vdvSbz6gVaq
zsJfL30w+l{DJD2haU5bE3Z*7q=#pX1Dy^2oCxBH#U5N-IWD-lg2v?GkREkWk(aH!{
zw?kG$;a4-5>b7yHfO7%+hWuuBD;i(XktqOuMK6g6IE4e}=qq~l8IO~Qps$Uu$dezW
z|MiOBAi=3c9H;0j0<~@LdNr7}Pk`V+p<5E7uNpo9l9PEjo7^TBbxn4h!$5`ERqUxK
zAYLhxF0k5+*C0eenNxiw^<OlX*k8MUaZ37Yj$~wwc6OgUJ5^1Zy7Syr%02*3j8=U4
z0{x0ko6S?*)$jGKLvy?Or5>{7y1F`6>lE^li(jtQHP|Dqe#H8%F_z+@^^ye{94wMG
zZsCOb<8Y%GP*`QZ%r#dW9BzhJ!&TQ_!LXKdp(YhmZo8mEX&!~P-MR`Y8+~U}%8(qO
zgoPqs(-wT_2o9hjg0~d@S97a4B~{#nnz;ZPW{igp0h1$gsMa+b<bh-wEJ!IXt)4Jc
zodTQ##SXOC7Le>K!w4c05-dWlb`Y;Lu%@oCB7Xa#qGNPdT>f5cwv8+@tHVZ@n8BBV
z8!#SAG6?o@n)*nfSGHpqoZ|GA_{en~;aq~F3<LouaY$gtSMP8Ex*nj@8KG6DV7!tP
z;fTdUFz7(D0kGPZXe%HRAX4GrQ8fqQMKztY7E=AM2g^DEUg(*s93ir-mg_nBicY^=
z>OPyQoV#WVj+BCr0?@Lw<pZ36T400R2F)jyvyk*TMBOrX{S@b}OHe3llMCI85#hvH
ziE1p8tRGP^D*IAAIVb6W24<G{5?ZNZLFi{uN~JQ%-9ow-g<N+r3k}54&mGqQ0A?vb
zA{xMGE0^|Hboy-f;90pHnhR03#m2-IFpf!K!44Z(4PnD9T~-#W$1X4R5jr>x;NEqv
zl)>etFU|vV-K!4-s?+Babf|dqG?zuEd98InDjCykmRjd>w#pVB6Dc6kAi_gAv}%f|
z(aM>^<$UEtc@?zi723(5*5#?zivTxIt*=8CV2r3jEea%sGS#bCL6|8LBPpw0KZlmv
z=Tyo(Lm?%M*abnUTLHR$Zu#Y#%4J1<WPpKhwI1_mWM!RR4~(HHm)-W%iqg)>X+I21
zkCGckYtG#J;_yTbsvSUDoH`|DLapm^fxuOp_lxoR7@rXdP4U_fB#b01dKBh&*DCkL
zF4KLPm~M!3>!TtZA|b*>a7{wB>vfgdRa`QAs_iN5XA^50H!9>59<fjhaZUo|^qQC{
zY%reD?O+Ft@kBxk$G?ElAWJha@|C%B{V}TQ1wa7Gti*;`2?oHZri6v-n%5v8uRz9J
zmZ?{{_;(!>^V^sel@}1-UH4qO1?eOqdG)KS4agAaOWC00QK!o3qTjG`5}XoR7s+X>
zCe{iwaqd;QOV#&`Opu|$g}I!2&?l>@G})LdwR+X%xA-dG;zV;jWlk4Bgb`KFllAq2
z4Np>dVeY)E*xOiQg_t;|<Ks8>bT<k{Bsg0z%{2|3GC%VjB#r2ExD()53IvFH)p7-N
zB6YN;Bgnzqg-#1>(=t;kK_^Qnk*GeJXpdPygur~F+4F$JQrh7$dZj7vOtxSh_9rfQ
z^{s;n1Q+BA$)ue(1BGfUuL?C6IYzB#Nj6mjm?E301n$OxPvcp=dn1+9WTUg{Xh}`)
zu!=d`=**tP_o6S01e&t4B}z?ozea)ulw=H2d#>HM8ewL`it*90GD|};ps~d4dEzQm
z!wC-6UO6lRv$vsHA}!E%%=T+^giJq65XhCSOY<vxtaRCd?5tl$1U6h8v1Gg;OZxz3
zh^eYOfI(W>pUOR{YhUt{X}OI05Vvo}Pm2(cXIjKr50uUZR~KYL8}dV4Rom>KN1m$9
zQxyqkqGYLc+mwj><=Cun`3UAj9cK87PJjEo)OpkQhPhrOr}`kf9Y56OQ0)OYQ%a`J
z;*jtNyfm)k=!k_S$Gz$c0G(q9G6S*g7O^#Jz$>mTv%d6f+$XU03I17GBd5+IEVdD~
zGY?`Em4b0!oAP=Ub68?gP4}uRVA`{rW3Cr7&9T>w0VARI-bG3ZS_??e)R={^4XRY=
z>^3|Ss&9A}U%M$&o=CfMsQpQHD-lI>Om)~r0n#~BEEj)OS-V^=DtGy}ZmxU?OIua9
z;QUiw%BlPu#udm8#LdK|fr0v&T-?P|AUP_p7Zp^ZoIj2SP4Bb1kzYmMY3|P}>{glh
zq1+r>GIzC4!7lPpAy80e-C5ydd{R%_Puqp6Tx~2>1*?a0nv`eOK;{`Kky~;(mvUTU
zC^zXKhml)(=Qw@J$_1r%`+<aNdAXC|tb#6~xJPqL#uBIoEEXxpu-5{o%LLj~Dj!C*
zV&~;8Y^IE99Ez5JOtzr2^&ad5k0X0ZT=?im#?@rd_DEIDwu?b8QKYaxXeC07^bRu4
z<#d{kuzV!Yxyn+BO(Gy#K<^@pa!YfBAQi_Mnb_@wF;1kOlchqGpvrE$;8cfp!i<7u
zxy@DqGP?00iS5o;mV|knjM-*~H(~R@ZW-9xbAm_=%96k-{4fJRAhV8e0uEo@EX75*
zwXN%~-nTn$NfJ@z0AV~N+}D$&(Rh49lP)Y|3D_j8RdRD0xc)^#tFLEd@>Rj%zbZT&
zK=_h6f_*`wFu**75yU}CxOnWNM&p=}JmNJE=3Yb0Yo6Jb8Va?650L{90+G)r2N(Gd
zA^5%i%!&UWay-B>ZoPnDoq7C@i#`j^|Lp8^O8noQCkF?0{Qs?dfNDgu-8B%xJf#C1
zfT*CX714mif^^Ygf`bw9cKmi#qWDa7_5E4)$_)?*$L>`M8IQVETFy+g5sAj0ntX+<
zJ|-gN1dq{?K5w&JcKY82LIF;3#D*pmj<VJWbVe67fgz<b3B(Yc8@7^1e|?TR{?38l
z_S)z#sN?T;<e!f!UuB|;fGp5?s@Iu(EQLI5#&%8ARdqUt(?sR%EK*NV+*QA*{qCOX
zKC{A2e-ubqb{aTI?AK1)-}5_-FpnZqdMhF(WS2#t1OAl}K2gE_Av&ib!x8-hQqVCt
z;3-kC(Aeya5tDVX!=>sX$E!gDS&Vs7np;4-*Xr*LNZ7$oyo2EBz}tJax9|0zJqx||
zvjZ}~yJWA^IcS`b$pzyf92dwtN`8SlG#oSp<7tNTQDZETiXk2J5E)|{b<rO<9tlcD
z|234~p{j<M#yrXs^C%0>DEY5|ihvc;@>D&_(~dFY{(w^wj&b~7oP;Bs7G9AF2Hbgp
zawZ~t?vHTz$B2^iiYongN{189+)`-tUn%1vCGiE0Qo{W(r$8?}XsF-J1Tpl14R4v{
zH8+vFq|-@4x(X&Ke|*EPt|$Jk-|5td;SN5F^}mC<uUN)h{omO+cye%1I{(-1?6+(E
ze;XeaCEitvB#ktwa3T^zYO1{(Ig2_%O84mK(hr(kwTqf?{p1EZVQ5661olsHO5r@e
zx-b*5)SfC7+R)F0Ih9amiWNR&cL?@5q3|k>5#}6&!TH7T!kQN@rBNx+=Gjx>iF6W?
zt!>1L?^wedg1G~A02ri{dO;QWLfJ7X87ERehU(Y6t2Sm3;cgV@YR#k0%qKhWgz=TK
zugbWX<<z_Ax8EBL-p9aLrnV+6XY<Ae`Y4F(B-nD4O5EXgXvzPf&5$Gn?*D*T$vzHp
zKDAIyjF!x93o4We@=9kV-|j-QJvQ(J8xxPKn>Y%|oB~U!gTnP4iAY|Rr(+_LkAfT~
z$sr#zp8uX#F#nBwPC1r&!QKFLi>yiU&X(VGue$fOnBVmEEbtvNb83G5Jd1?R6=MbS
zNB?_51SHwmDDPV+PB!1AxVtPQw2=`G`1jpOA7MM`QOQ8q0GV(md_2Z~uozz`$|gCg
z9_Dcu$^YRC(WQ9Y?RIu{_x2B-Jbl(~x4SY;i{dd%0RX4oh;Y(Sb;DW8;BL86_(|ay
zQ<gH=LoT-XMBj$)WRj2hymxfRHq7op7j@LZ3KKjxA~=kQ$Rl=*cQf~fH%uCxzbRSf
zqxbcyqT>1x0mtl?cpk~rSf<8#C4Xj|{=woDM@K9?%u*%-91*Ugo}t2S(B>o|jSVP5
zrlavtv5}S*)tJT~oIZhjHu4|#8-`Hu#nHzuY96$k_LsM0%(OB<a7yT$GIb9fbO<5J
zVH%_nBA=58(^$4Sq=IK)aP+fqNK#)UBsjIFZse<+400=>;_y$3#hGaFEcP6T*|LFo
zUJ~|Ojf90SZBc)NqM&XYaH){B4w_B*%b3Q8=a@#aZ)7iQKsS7hvHRo9Ryq46vN66$
zIZnxNvRbR`k){jA&mx9H_(_v8h*n-mYr_=K$bUT6Kglsx@cRP;4zQ2lB$X3i8g@j8
zBhLCDT4Y^*BAV!5U31vN32luCj?$6CYPs8Pw;PR!o|9|5uWlKqIC@DUJUJ!-i$l>x
z2l9zDC0Ul*A9v-C15BfglamoAV#K0Q+N|oxtkPj%&%|<Fh+ss*EFydx!Ev3YNEttC
z`peHH9FA!W8!1K&In&Abkv&_EXf-xA8XI}Rijlvmo!NQ9W}~4<>*2~8!#Zyb_12hj
z&NvB;#qQ;vjEz$C`A_PJ()cLFLv%4>B6pzcgLwKZm$md^wGOqt|Ez(K7-79+C6Z7y
zNL}=L@Q$TNoCqoAl$18-j-rW<DW4SJRV9Lx3k1HQaV9|W<!3x~n3RrTusU16x7;{6
zYn+9i-EnHkrg%^zFX8kYr^GWi0kl;9l`3yT_ks(a49*%)G~E4#O!Dgt8jX~Q^hb`z
z1a4`nlBl+4Dm!<^MH@3N*_ggyV*}~EIIE(AB!j18^TSvR=FZO3w^aRT_Ux8@sj-2=
zI6rlzqV%LRlUgf`g=yNq<rj50(O?fXw1l7Qiyc&VKK0>0{hcKRlwsg<95QeSLWRt2
zz0I9wDH#c4(QY&<`mwSXoj%-qvSWVG*UG712JY8}oma=xCBPQqk-59;mDH?QdC$!7
z2M)2B8rzVw#87D;zImgjfHawoI2%x7h-s;v#Znq-i%X7!g28J2n4<?;Oz80$<D{XM
z*9-IAf(P_UV%I#O;$l$XE4KM0EEK?bB<+6{J(4dJg?>#2`cmK={Hig5@Fp*>j~cP^
zWxdAHAVk#CNkrCH3AC?NLP6mNJVhI5(}Zbm>BK7kx3YcJ1(xm=Zm7zeh`||khkZ*a
zENMLSVg?>tE*3PweW{hdB)j|&j`Kpv8keiX!(f3L$PSO+<fvULt3x5^Fh&?1amrxg
zMOX;9Mg>m4g#uBC`D|>Uq@1MNXoTz{mdN2H7Nb7HJQS~&(mp}PBam7G{xmw{iT`vT
zb^(^r8PjDe;drj)0*TLm<ZP@&sm{&4zvOb3WL&)Bs@9yl>hg70z4B(PJ*YD*30ZL~
z-q5Ree}~K3b6IL;<u7ES@2%X>HzBFDVJ0b9Liy7(GU+NQ*E=H<m;pyDM2EQ<CdZkD
z&JT8~$b@S4s5I_ON?3TrxV|RHAc`Rqf+o)I@Lgu*#5&<Z(YT`AR}h<05JJY@QPC8N
zro}{?7z!Mhl40`=!{Og>gyVp4^Y#{?HO39i3r$r96_gH}+7f?#l)ntYDz5Pb(e?UB
zJ2Ka|fL1~@Eh58ez>x{Uy<tW}Vh({Q)Th4`G{06fY8KhrNvqsx>FXms>)jt=^;Z0@
zcGEtn8xfVfQds(FyHTWg-!=DcZ4`dq>pbnC6J}!<HSd&)dodDSX}OZaV3DJsJS$4R
zhs4e>-BZf57wXVFoXE8Yl=X)Bgt-H!!!BXbmxvUoNGY>~_c~06ve-wjK6g=54rNo$
zpk^8*O}IPO7NtCv#begmqw;#7qv!GT>GPLx@>~N~IJHo9Hb&*M(#d!OKBuswHly;J
z1vUy79^|fj1OY`-PT8B~(;~4zfqcuxIHhc>JYqCX2|ve?oJ+Du0jD9=+K`hiDgrze
zO?IM8HuDZAkR^?WX1b~-e3<$@buTIbZ>3VvAXkpyiUmlRtLHN^2_lBi8Xz~#GLQ>l
zqjcQ?{My*a1Er*7R5tmDiS#g{Sma^UMt+6mILU^S*Z~VP>7r)G-|=_-Jp)N)%Gg|$
zvY~ZNb3B3a<Rp+5U_9hRh)P>w10uPc*elq4?mPu93LUd*tS?z-otKw;1}vR{T1`5E
zMFmjCF(ET-tA50Wt)2ExyVc%nwRc){EO8Amv<NR{UOFP4DHA8uqp_D~;K`b{Hgx?Y
zc#_EjS+vIn9*)hcP>FKQx+osf_%l4yz%wX`n@VXT(-#||bM^xzOii}a3DZb;H~>@K
zL<1CMms)*lZ$o}Lky?c6V<}PqoIN!|^jxPu0ik~c45tl!JFmSs2iBjb!>H7GZY3=g
zDpvtw5LOOecljqdCw!tJGz->O&bN~ZGRPvu+$yD`lm?nA%Jh{celUv5H$H5MW8EpO
z8~j*L-aZb_h`Qu%!@YM<%X1NV<`{T6g<5}^AYNVx?MC2v$H{(sR$cT|SI)1IgR!)f
zsH~k97tVK+yj0bO5_Gu-z|+UORMQLN=%tZ0QtfDO7@%1-<c%WGbxin@EnZ=X7mWAC
z$tALR$3kKZ4{fs}45kHmv6t|+IN-;*tdp|1)!1m1uJ=^9@T3$&y?U9}|5=#!Es0T5
z567W%6DI(%!sVS(k4OW`1kX=b0c{cqwXr^wW@OCPHL9jE2UnErlh%fb-G}PpIHjKX
zMON7S?etl~A~u|$;{*=+yvSo|ujnwA+6$PlQk}IYAZyPF)771)o~x3bg7dD-Pq@fh
zJGXVNr6)^umPO?LJXJ@KSg+l~f_d$<Qv}C0@;eVdr*R43id=S%iRO1wq2M?SHE(J0
z{AeB@j$I!~qm-}SKA8ITYop*?_&jNB<ky$}E5j4nA45Fuv*_8gmcciQ8>9<&E~M}V
z=0m;cJ>===YW`dyO!KooIz_|hrC*f%vcIagJjRF5|MLFBPhi3R)jWhiA}?fPOylQ|
zZAOfpQBuxGj;@EpP^#SL+J0&S;YYhGtqzke)3JPB#v_x?QiF8CY%zGwNVa09c^9PL
zFml@tZ*JbeMEJY9=sjoRH3kojr{--=o1_V2&5oQsL;`{WAYgG!bty3YHu7q!1E`)f
zRCO<@`l`Q8qY9ct{Vkyt6z=9m#z{KyLdrdruX>$m-&JmbtErz5F5tqjfM`yVBlAnD
zdj-9SFdd84j9r^=s;i+Eqf=bI#gv=})u2|SjN>73uwH1LD$2lr%fkGA!4Cw7zjB(A
z_c7Rug8o6Iiu*}<uctBKfW|nYf7q*oy%Nw%&I7q#Ql+$1m9)lsQ{E`g`kq1!jN8Kv
zM}N0&(pkIZ)^7>6yVSaPtj_a0;T1=Je=+NQVgn*D9d}(+n7a%WFCa)EnUh6v=Yi|)
zF=nhgBd9)Fu7*aR1j&tR<p54cIw}NEiWxLSV^3iUAg5CXfuUE$YJk9arLo=tZp;WC
zk}3|4Pkg51Y>YA?b7!$eENDzZnvL`0+!vas(Yy;sFK7(!s^cMjl3oy^thZzO2YDk=
zRL*#0UW8NX#`hz#u^bg$ras0bhbf9&*#Kk~QpBq~wD}-RA>e0`@CpvEkJv^0Qr};w
z`d%{!ggC{BUC10qG%3g$PT-7fibRTenk5b0KhC)1HmRrfPqa&oXR!hJ2=hKoIp%O`
zZ`zNbyxx#?p{A~SlxoP1q45td@DN9|FAMehnV9t1XMNG&5Denoj^Al2=c@G+FWg-$
z*3KR?vuDfX@TtL4=|3zjzydZ-GS~prn7d^fTXr|!&Q{t|8-DqsadxZPt9z`gUEw%%
zE-v@bi=W^B`VKZK^tQL6cyY;7z_^q%H#5ZUR;Fp%i%mh~f{fV3Rs*)rRh{9_#)kU$
z2n%t+c-TcE<t!d1`nxQ<9Eqm0HBmS4KFo1nW#27I*_?o*TELoo3;PW+yI;se*V5A~
z$kfVt;#714y;NuQ&Bg9&O_I+f$TTgKUeTyOaX03)b5+)vkWihlRlRw74p9OmK0j3)
zS+Nw1nt%vx7BF-l$A4fNL@W!zrw9%k8vm072H^>h#wn9li0~le)|Rfdi3@1*EcV5y
zDbcz)g_v*tJrd|83(g3a)2p$O-*hiAY*UPy>W`Mr1iHkD4KPdwd<dIUrk6BpV`cM4
zSd3`Ec+w*Ax#Hoi=m`1h-zGM`A!f1+V474rlxiEyKx7X!b${sksxM}{PXFlV-y2rn
zlK7l*ri{dM%&DTHD{ySe`JfmF%Q$gkLuTYK1DF}01h(a@e<4TkS2%snVs!ZHF?#jO
zaaX?E@hyW}j3^!>&J;f*Y+*EiC4EF;U8a+!CW+9N0Ae%@d~zoI$7nNV=6tw$DwmR6
z4;<#hj*m!4)h0>vgl8hv*Y~hk>MGH+^uR14+frm83^(#18rv-#byec4e`Qie1QE^z
z$qDgfDL}?3tA)s!$g6?@j*!qWg>OPSEHsg-76Gy}s4I>H+cs>`NLnh#M~5$783O;Z
zH{C1rc~uBr?iQC>z%HB`IMlR#m<f+yk$Rm{ydw=;|GnVT6<NR8MNJhg-7S)ab#48-
zbL!sQ)-~Go5l&Maz;2DYq)hLSsDYWV4D1})^%!n$f}MPwG{8|rLT9#p&>P~1FcW0~
zd%oQ*$SI^@pLWyqxEsp}JvJT6srnjdu<?b+J6f?Sz%g+-jb-{R-7;AQ^tqh=y$|o-
zyy_i(cz2aBQk%)Ium0A1{qohjlh-Hz=$*X(<<-01kFVdn>Y^!Hx9K?6Drz^Udar(Z
z{r+7S*;%0*vG1cSmO@VPQWLq1rNlBcRshhI(lOBnpd{tH2jzDihpm%^Gl5NfFv5Ly
z4($d)MUio$=wZ}&t=xmo=)o{y9yc0huU;0@JU9E^%}V(w4NAhLsWFR<xFjfjrMana
z)$|e$BU?^Ok&mP#bdq^Ep{?_d-+9*BAo2M*<_h6?=N&K5ahD%}?-vk$4uYl4fUwZ>
zF`t<T`Mz)dG=}+K&dB7i=0_cu1R(+WZwUQGnJ9`~Sb4_&arpMlUmLd{L|_=k^>q*m
zSec0>f6qJ6k&K3i3%W=jz&CsPF2%Gn9U8`h$sI3)EVBG=iVsw%8xzzXPiX>72Zg90
z+gRP=vxH`L`#UBVrnM?0dX@S$^j>gI?54ZGQpGpFd}#t9z~qrM>-23kebBfG;n4&U
z5dhJKV3vh^Vs8b4ZPtVn%@y}EiN;e4U__#^FGgzWkJv@Z^bxIIN)yq;ao9^a4bDVs
z1Jo{TxTQ(t4YF9dI!Ju3CcNoW<7+mX!*Dc4L(Q9-6R)KDB5}$mW)IV3fz`x3Ba>~#
zX@q0MrUOkc9O@`N8YZCB09a!Xo3~}2Fo+d$rZCO47cckFYL}cw1#qW68PLyN{jd7X
z6yrqY7rHcHF&(G?y9d#$R-9a`W7j6YcXnGFwn`*EFNtwIfG>=UoEpQDbX<NI(QB}!
z+%0&sYbr%br3CUD^S0E>_mim1JbfD+oVsLjEbTYv^n&noLeOKTNY578P#zu~q4Gu@
z!?!ch*{gAbvLL!jEgpa(4P(m+m%mIsQ^Rg9n7K+AcLnk(#aZfwrf%P?j;=JepN<W6
z9Ot=bY$}sd&}S*GRQYG&S1I_l>4i4IroNCEd8+~tgL^~YoF`JA<p58jB!FXEg~s6v
z;YpyC+7n8})~yOi=e14WAV!>hacw5QWg+RJy`6TxVQ!9i=X>B@30|t>Mukmsgm4y8
z@b)8-mTFo`Nj@i3?TFd~98VAS+U-&@wc&5O#}3Gg<Jaog#^E0l*8V~!=<i_hPYp`N
zWD=f887Cf%rSYgrbbH<DapS$4?$1C_+xn2xbHYp6`+=bPN^Fy^a$NL=&|#W#+RxHL
zud57?v_)*<{_xqkJ^LY&z=Rb6_0*AKNmNS;{GZjI4aFhI4X+#c?vzz-?BImcIG_ov
z_K-})PM8|V+60`0VjYFd7fdd<_YA>QNTTJ7+Sr;QUm%6vwes2(Yj7N=E%mrPdwEsn
z)|s1IXK`*t@l_@M^6YlXefLvU-wC%zmh6n;rjyyf4CJ@PZ8to?`J~n{JelAvF~XdL
zE&E9Mr<Lqo&<XDHTYCM?Sb+0Z;EW|`Dn;URwFLEjTiQ~5LkA?71Q9_$Gj=9?^h$Yt
zrDbL4O8Z!html()ed|FCH%6HKf<|OAf_$tcm@tvTC68S@MkL5<ZM?B2@Zksx&6O8r
zLur-RORMxXQigLmq5|Ta8#<vgK|(s@G#GjPtly7_3Rp^TOd|c<^hgk~;4FW#0k?F*
zZMRY{O7W}?`KuC;IRSt^et5GjD-p4HsGWSu3_8aV4bdM|-@v`Ca+RIt#yG}~i(hAr
z2dT9N#x!6Ni+%Klo~ba`uC8|l<qRB1)IHD|V;*FJMMALH`=|V0h*PW-WJ@!Yh*rnn
z^><pPG5_bhmkL+2IRT|M!PMTn1c$z<ALB!N@=%8q6;73G6f<f#UrijD^Apf^=$Hfd
zgsTe3a8v3;W>w}FeVKp-y}Lj4yX9f(w%n*@=T9Y}OnT-1c4J@=LR9Fj3B7U)b;%u<
z#k%BRZEoHf4Xe_UP+dK2_Sy8$ax~R8?naJ!Oc<gGSg?=6oCHI5tK%3{Pa~3&m+lCu
zSdq$puAVnIBI>T!&2k{@*7fF*$rz&0^xswh0ne<SJWA>mXOH@AsQ3+>C}+lpufse+
zjwT*``GR~!B?l(s<z;U?>B(Yxkjo?IjRA{7DelLU-hgtE_S6qfiaa{~pe>x=q1r{z
z>Z$P`PkJ=$bxQCvrKy|%wjlX_DTxHHR2?lkEIkU%Zhrw3d2&o-CzO*H7u-i#t4Cg^
z-F{S&PJ*RqI`2Y-MD=r7109Q}&ofjcL7=EP9?#6gWVJizxmt$9bY>E>p)s!z%?lNW
zGt&Uu*!5ddH6H52Ntgv>iCRWj%x<ho0+p>ylaKwZf>aK@9{HT`UT;RCZ0^JX%Zn4C
z7wYrpWs6IF%mR8V+%v?b&lrD}vg?Sc7|^}lof!$|OnB3%F^1Fs#pR<91%A{E)c!DK
zB*r8Hv9eR1jWLroJWhcn<<Lm9VwwTtWjP@~Rm3LtBiI;R=Uw#|xZ_HR^dW(%S5tz=
zT_iZ^$-lJ70jFG$svGqRa@B+dnry1%EHdxwp(vQ`6(ZMe4<sdt$4Nk_dj=cXY+za`
zDVWjewWzf}9ugjA>GTBG*WOhwLOI!nN(VtW#ee_ze^;au<eYGbgbp}OsXi4^N~BM7
z04uNNf~ZPmZtm$CE2$#UP#x~ZN#cnV2WM4P%En{NCyLv0dS-w5f=<7DvDCbV>A@cp
zA@Gnik&iAfPtoONNwwz(gRif^_0eSIF!X{Ej$=6fxzVtt7+7e3a6w_7s)$Qe@UMAV
z#9i>LfUe+|j`?XrvvpYr#rUvCLyJ0*BE51RsxseV8l(4o=;x@g7f!=Mce3ReO~oEd
zh=t=G)TgI^`!93uB4A?|m-U>s&%*3lAlaaWYh!nF4qERVpC)jJj`661LolL!d!Rgj
zq4gJ22k5Q8D(tVH8uQgL0rV4F@dcKEO;?%+kMsaMa)#@*JCp{jJ$h7}Bsy>iKKjm~
zm$KWPL)ue7+#O@f24ROd$$h3Xx+t^+3G+u&g|IRXJ1FnopS<d#6J@*RnW@X@<+y-h
zt6c3l*9e;K`>Bl&*W{cUd8ed=*lSz(HdMpL$izA%MsK&|BcA&T%nC93gpG-3ljY)A
z+BHQ%_QQw6Uwi-a`29QMa>+!>##Qe^jG<HGRynCJbI<+I*6>TQtF4AHN#)$xar`xE
zak#%ZFv+!!)ME%ruBu{z4cJ-mtvrIYl@gJ<HATwt40E?Kd#{fLIoMmh6t91<H@_r=
z`UiVbtAmzuyjA5Y3~3tS{uQdAUM$u^{dTgb)imvA!I_InmT$Ouw^*=q=i!`!@gEr{
zS11(TD;0<Z4GR5@gMcLI&jc%R^|<x;QA34-=)FidX!#lVqatK?6$`7=hX~cG)d>!(
z{3Y{5T|5Au+x#_W>6iCeHO*yzQc)9u7@T8r2wAsv5CQ75bmZq^PgViK&ULSKt<V9-
zhVm$?bBo0_49ApIe_82J5IgQ}t5!8eL+e0|pKJta!l{H$#Urb^$klt?G)7~b*w~GL
z#pi_U12{CM2u>KJ3-zw{bQWpf@`HgUDUHFe42Ntr5s&PXX|)2+A~qD}85=s3;s{v}
z>eQS1NyDmDt^Vh5#lV?n98FRh=vu+89K8YKJ$0dlutFkYLzQF<+j;?ug<{9l8TVpC
zzgA>O*BuZOMK{IImBEXUI^oqtO^Ia(Xj9H)bGfuRMQyH}D*p~gUANHXrE?*5;Tig>
zj0%;6M1r8p%SVso-*Jd8FPm~;jfOrfp10EuFH^P+<jgl@^%P<@Zds0R0}l4&?UMok
zZr{kvP2&L?;6T2g@d)(1)VXpMadsiJ4p!U_=J2pOdjPOfH1uX4V`)!zvHV`C@>!6x
zD60c}Eu5tz%?8ohPz^JO@MxS9y#bTu$X8Fgy1?>b8U^KKSM&rO#yx4xxQ|4@5;<=&
zL3kIczRd{^yNnOb%UL?=&EnCI*pS981~s;qHR~5an=SVycw~Eehu5Ib;;T5JzVo_@
zz*pr+3z`CJP~KV+_81@HSYP33AF3mc($FaWU=QAHpf@iMkJdHItQ`Bv1{#}dK>&V0
zfxlCx!vD>6I{7^|QHT>iW#b4@DfwXU12hzjw|r`Md`dhr8`FdBJW&F#r+`{P%-9l3
z!Wp_^N;01q=d!tH%6OaQ^5~67lt@z|O`-yFR&{mHD#;$Q%FVeQTg4HXwi>Z=9pSzq
zbMs_wtK}l!FyTd}15E!{99}#vo*g+=mr-*UJ5(H8(Xm*Dp-tvr>T{$69xRh%j4<Gd
zQ<>P419v*}=*k8<Rk@v7rbmS+5gVusVB}AW(UGuwYJ+u5?2bOFYNnDc!F>Jd>8W;3
zc%KQ<i`Z}|8}>XuUxpC+?KjQx_xtb84l#O;n&SzKlHLt6K@Gsd^c)@R9_Sx3L3%<&
zCR=UP$ko(KBY~bfV}g(nQBR!Fq<0SY-<F>CX&m;#SQehq@cEy`Hp`w%=_0nn;Q4sM
z_)z|#2w4h?<M{1K#o{Q<_wA)7yBMeInddU2hWuZ5eG^h<H-ADdJ~q{qe>KZTrkduP
zj^3pq39vbC9k2+ldMm^nnrJg~a8o&0)kd(Ku|jj*fU_;sm!GC1GR`kq<wU-n(sQES
z5<&rdeS1DmQADsv?PA-vTv9qf@=@yC>p4_`k?M2}=6Fm}!bOGQzwPd$LROBoFI3CB
zE1awR|Ji%@uE=d{QGEWcPoXiKX~?BsygG-uJ!c5e9ezX8T%eOXt4|IXTUF)YvK&iQ
zGy(2s|1CW&+48HZnx>QTT1iv39$Q<|*4|tDaU0wP!zA$AERa2~pE_5vye0jNYh_h<
z(Oj$%GuTKrd`Rl8$Q)c(KrY@0ud$P>u+uB{Zv2Wt`&IxY6PF?8iL!ZQIG!S#oz}NO
z3@CYFbVPCnEJV$O<#r306AjL{q)uVJ#Xm;DZxi@72q6yurAC&Cv@Bwz8PSuaLgxex
zK?tWXRBmp}Ha!f1SPN+kHWWdC27BP}=!cK*Ho)=e+YcMy=l%234RCaR{^5KB9Go9t
z9v|$VbfoVeGb*M9SzjR<p3tuL<SV9B#>L*-x&@Nm5??uMvX+3pe$&8@w53DDq}K$-
z31S{`Zb-3o55#ZigGuC#+-L~>bOBQ~OytQ02^3bd9noYkj8Fpic{^va87*|~il8de
z5<f?N7}U%zW$Y%mf{1fjkXBUYN>{9)Xp{4IXi&d#o}xW%_a_n7))6hLH89Im%aLa1
zmcBe5q!gAXG87ZU*#ivS#2bkPM}g%-XbT&5;qw<@GgLEe_yZ-DcR?=XoRNuE_7$+S
zvk?zcCGs|6?xV|qB(E@6yT%A}uMfIOg*njv$qA3!$UvnGQy8WlVnH0}$I~=OUNi|q
z(fWHxMm$|EGbTmAhlHL+sp^C;I@|$2(^>m@|MK9+JgR&IT=7lP#tlBr7bizYXCM$9
z7s~=lK}=OA4Dk`bA%ro*^=^-nGZgulqktKza5(pPA2RlU8njwl8_K;UVQL_8zDO0S
zdbPq^y<qH@iqt1S*8?t60ocVXf>^*lcp-G7@E&-fjPfbA9VL>|3d>cSP!B=4+r!ZN
zI~Y&A5f}wSdY%etDhzHR*xK!>k%P7VXq|120d)DKQ`AH#Y6~Oa?=MOQLYv~B^+E?s
z1XP6>k0e9ku(iy;Y$zs(j+(i^iSQSQ=`z#JbB`uq<W3=QfiT_&XhPf}WTzCnm!xwY
zyR@Fz_7MW-7nj|)$EO=ID5r=#G(vaWAdYn@bNIRe!O|%<fikt)-_jn;DX`*w7ef!M
z;lTUrdI>&uO_Uu)KD(jj+bhlL%iRi@86T(WVvW%^AJ0!joXx#%mm!TZ{4A6Yv$JFO
zVdgcMv^MJU79`EvzriS+kTml@9zjZySS~uQoE1ivY{?1JC@^Ga2yI9N``{I{El&^Z
zb5_DU%4GbfNcp0tC7D3QLVywk_{gJsd8SEit>)%W7m}Qa!!-9a2T{@u7c+NmJ$e<d
zLtpLlleg%wHCr+*rP<l~nIx`Z0}WV^M}h_E`d#E}mR6KzgEFF!Xqn?J4Rpc|ZQqFE
zJTHHsX~AC>k8p7yIr}DzgEpKR+=FiF(u9M^^zzl%2rgbp9YQR#`U@Ad5fWK%grEm?
zi3qGsB9>F<S`e(atSx$0%arn*WXYT5E*Z!A{b{PvP5I+cUdL>xb63Vs0C;jE3QQtj
zSPWnDH`hFRz=Y`V@j)dl#sPsYpQ0SB21}tB4a`lf8?ad#gVjx4FlBHBtg%w~#j#qQ
zC9hS)YgH_O5TRSnWvAZ$Lh~$`YsPr-B`j92T&lywjYlk=m7K(XYvCVQ14><yQDa=I
zi%g*(d7Gdyl~(Zub7z|*@R})(7*GcJVHy$x9xSVLwC$RPr8m~WGjSH0iNc(`Md}JW
zJAbj{x0n2ODZi~O0?d>;>?jTCaOB0P2!dp?P3Z-*uU~Z<o-)d+NSw@+`ZE=kC@$P4
zIcbt?k7^1f!+?1XX-e%hMwBSV3UT|>EN_sWMmn>nAmKJxwl+1RGTAB%e3TiMq4Q$~
zXR@?zamIDw9$_h<fGfIfv+&&_L)}C+Wz^GmGrOZ>;bGZ*JY5xv@|f%m%TPg~{CF%Q
zt<icPgOBne-`1*BNs9n3EaQ!4v8HG(Z=NZ?Wd`sRVHR>;$ee3!FHWY&H(F1w(7ccq
zAy}y9iUbQw_>~u{ku>fW>PQyK5v{3cVfOP4s3=pAmwL)S5bwO?o0fdjyn0IAOLk6?
zLNzq6OrephW<rH_STxsJ>U6!n;!>|wOMPj0xoQBHatjI{P1pr#dAR^qLHf(TECpmG
zOCZ6n!4B}E4Os!b{cnH`5b*$(EWnZlSh4_17C^E9x*h(^$G;2{GUw4RNYw1QMC;L9
zb}}<+BhEpdEy6Po?OAvUc`%gn5fqFw=^deup@bC>_-VohXx^LiGXkoyZ;TUAaM$4l
zls9iPZous08{h{dz)Ox`$q_6$f+a_wI08M5`y4!h9&%xB&Oi~Xh42Qdwddvx(nF$>
zH#kiLQ`F=Ra-*u|4_HDHk@1&vO=;+PMQ&M`4EaNrR*tNvJZ%9Q02KP*oZrfDDCvr#
z7^4kHANC&uOi*$!K<M{myhavnoy9?-8)A$I<ktE!N_nDzCd0k9Sc!8{fHF8~nF~Uj
z8r~~=@uSrHidAb{8U}yUGH>TtC2`|~`7NG1AqabJ7(~ND)@mF?=SC$KEhv4p!(Q<;
z%m-&5_kgq8bF_CNNtk3C#5G(ZlTW9P5-Zs;9Sht^{|T{`OWY}B<U;wc*<e{O#2pHl
zhkIbF)9-b5%8KKW3)W;XX->KH<X84usnZ54q-V(55AWQ2?sEW(lhU+AssdX3$IHvJ
zs~<mHT<!r!q+gVMpC6qb9-SYbzPs8#e|ND5+U*Fnu^ag}=<`OqEiOLW!+5gMZr=rw
zkM7!ZOTFoDe&752dguFGJMTXn9_`5l{4&uRIDU8f;r!@|LUM7%_`3@u1KIN=kzieY
z;WQE=1zA}l306eSkCseA{V>x>sMkh93GHo3N{PZ-O(U%Y5U#QL#1cRT1}R7_p}uF6
zOITL6HbrJs=@!Vm;HGrK*RZS=!=K3FVI-+xaU0tF<XThTE^LlV3&^&{e3-zeSNkU?
zulPlJ9d9TZ&-NT4@>bpXr=GvL;j;9`da~^p`TMy{nPph|5n%#Eo_mqGJe&2txN@8X
zh+>b&>7w0>7h2L!X49c%>@GjT(o-w%5^aG+g`GwTKj%47MTuBwuP8ZqRiiHR0lc|q
z5=fdkD)P0_s;2kA_r34?+Ua&?zGQ3w=WX1Wt|Edw6pGyZLUysk(lK*E3TH*emj{>x
zEWsFWOeN#)fTPcXp>?QK<q$9CXMonX*m0tl_b3WPkVcuhk~4TNxG+k9gY!d5Xr<3E
zGhoyL{-}75vL#D!07^O$?pm^5iAqH*hY0^Ph9n6*X$73}a(iIRfuu49SkvW+Nlvb3
zA`FXhOozj#lpQYXsbT{w5}HOE?T-a#K7w>L(c$rF4@F=URR?>C8^ct<>nWLow#|Z<
z=@vCGJ*a%-b-cvK9Uo40#91)LPAe_aZZ}0ihvS*mG$*k;?f-My>-77b-U>aa+I-FO
z<gwZ!mf2(llz>H3);{&^uX!M+;{hKJMX!vk5Jb|-Nu-{o(uK@%!t$VEzCZCRCb**{
zfgTCd_%T9!cf;_;^=?&0=QPBh;PBE_E+%LN97n)&v9JceVzQY?Mwkc1NVk$<)n(^t
zXBTEl3B&v@N1PJ^kTRL))cH)&CIxJy1dmJuf={Q&V!+-)7`M_WS~&>>NHJe<lqR)x
z!Kwb0iE~Wq3Zfe{iF`m3cQ6P%`hgkC>EQyj1n7Lxu&T#A^ov2Et9nBdGHZ87qBle3
zt8%yt#jncT!mI$9<~D=YH8|{Op~e&y<M|9SBrsjjoK}d0^bC><kxp9fn&<Yqra~+7
zp-dLd?nWs?fN?O4#F15lFV^zrM#zV4b+)ib{w<z}LXK5SH+_jh$W2&h?_1@_F{2+)
z=8Ux6$Zr$XiAv#{zT$}IJ?#$$K}30xJSbpI1W4xmvy>aw=K_&8-;R;rrugZuxB>tM
zwi}V4E#FAM<!=p#A_J})vgls~va`mYgfQ9Q2~ixn$8VjQA`Wr!EmkopVbT`jS{lf(
zJ)VRlh(p*`J*CN!SJLhUqb|<Xw6N1^<%rD63iu~;K``l$iXtUQ0^8gHiYTQsiG$iW
z9iCxC>@P(k0t^O0$iz;eXT9sRvT3hXD3AhZ7*};9!>k>m=oOKvOr$oG-;4-19ig!l
zxu-8j5C~{lux^!_y#sz``f(m%K;!^t1dS4}G`^5H-*{_Ae@x<KdRnQaO;g5dlrSMu
z*CrMN>z8wGLp>%Dk9?;Ofm;!~(LGS6qAM$4Eejj)Atph@Cy92ruCN?rD18x<MY$9<
zF+VsZ?;`5R3RhI};&R}z)Qs@`qR&`m*YGnvEd!D|XGxj`_Vv_WjBQb$n2MHH4DSV7
ztzFP?%!x}Ou^K&T&@RGLwIml^0zrVmIKV7b4oc)=d3X{lMJ$Ii<O?N;%iPg87po8Q
zm3EocQi(HIl`+pN%$$F`Bp@&eTz+qcBB@(pi;RVBLP!K$*<hYT33SD+*D#F(v$6ty
zm=G3Wl#0A~1KdHLW<)C}nJBhm<?R<Ak3b#=DMjf99~sNYNcYMeG@O}u$GJ%oGn4g^
zV-XQydYM^>E$N5AZt7U>ZZ+wQ0aPoUrGyqy6xpxhSyieUhWnE=K)8r@ideRZgvDs`
zjj~57XuDRS4IY@Th3EKHvGl=lv>`5{_P{6E+%Hdx02ae1#Q&AD|3SX7r3h!=T4q#0
zwz<WR4HkCDwu_}EPqr+1J6Fb8(^in6RYpio7SK{&tFx7)B~ldUTBpz!V5QE0ZbIbU
z9-dyDLw1Wp$(}j3!_y0PIEjx^H_7Tr73hkJ*TM+C*tT+TnY-tFkIkW`lo_+Dh9L5T
zY2Z)X5b&2`Gjh5lW4iHbN`0Y8qWr=_RZR=is^SWp&Qx3IJ^nY>voLw(AF_#~&j0Pm
zzuQVdl6|wiz13id1PR6-nv8(DSr0t@uo7}C%8pDgQZc|F{((--9{Aq}$A{<E!4af(
ziO}P+iPfor+{$xqa<O=RDcQX(C23Ll^v+Fu76#uX0aHcZQzlE>FL%ttS>!k3*{DIk
z)87I<f|znb>S)L(nG~_PMfyp4lKvpNJkWcT3weSeOVBWwgcp#c!M_irgSLMkx#PeC
zV>b#0RN4X4z?FmN3C%vR)V+GXDm{j|qiOB=Q9~KvX<r7JyA2|L4@k!0LPok{)E5%h
z%;Qp)m5i>CJuSwtcMBt*rv@5&vB;14o;m9!MnG#bWdoaVm0yoC=WQ7-%}6vLl1S15
zXYzY%g$gn-A*bjBy0_4mSvi?`0FTfJWaeLW8JmgTD8jIfpm&Se?Jh^jinMQ#>51Xz
z7~wQlpt^L>1K+8Of(|$)y1wV;Uf$|=S}QFo9<mT|Y206ejD{%pi6){`VJR@?0TDHO
z5y}>*yCV2Gb|bb1TJ>YFVn`;jybaU@A^B!SHs4mwGx+y~OcqRGc)vl>#?q_>nBDVp
zH$F2<G?AP|eI#zQR#Y~BaVICWmC(CoREj4*C|Ctj<mj}l-v!hB7xjqS(srsj6v?F(
z)}(ZdyQd#6k1jgoGx<xir`PNCcDJ|Lzr9{B`|r-~&g;MQw_k7X_WRqt-R-~hHv8MX
z*M9-MhW*U+OfYeizx3wrD?7Mv<mq?7J4m<*&nqp6Gb1`5F-*YI(<>J2QN?$pi%=NA
z?X~C`N2#wzLNJ6xZh&?>WwiAaDJlxJ{K}K0fNaklGv*|CRIxtRa%~MJVMyC^Kxdt{
z)kZAYLF|&z8|R@z$!{muz80)fYuqu3u>+o-o*eK9cpd=IZu`(fJ_LUU&>NvvtF_r-
zihxWmP7zX=%Rta)#~I_4G%(~14}1UgB=y2+)M3hMGG#KCI0G^YB57*HcwLTs8+J8}
zfTyQUjS1-Bsn?M_G_!(g@o3;hfxw^GHHWY%y9pv+=ia~XZGbq0E{5D&8fvlLwdnOs
zR!yJ?ddk?P>+9<lC<q@(7u`OlYjO|tv^Vc~A|LT;kp6CIsWMya;B_!0p3CpU+Q50`
zx$#v5$rXzfD`w=)|AO%=S%RlAy$Paj$`G(A{@dSV5j;|blS$MOKgB=}A#sBcbE5`|
zn!-b>Ec7d_)TRrCv7R52RJ|ia*gN+g121v$sKZA6mdV)@BE!hYC9|Q~NrI2(Cu^7)
zEeiZTJhVaLMnhN-%AL<SkkM=DVpi{HT^`ZB#s1`h-sv|=UWm3wKAtlR*lB<RqLC6I
z$&2|i6Xr7;y1ka@CK$-;dJLRX<ij(R5GS{>Sik@Y9zBB-0!}|19$lS%IKO<ex~5aD
zrsOI^Vkle4rLa%EUpkQh>B&j&9;$cgdLGc@vkaKDWjrsi0fA!%CnheLP<kjbC((D}
z$CD$$@kU6__o@JDZ&jgDP6?ZCV_r^>>;K?}ZsftFbZ&T1<zoWI?mZwZM=lt^J1`ES
z3DGR{^#;N5nUrj&ZV*z6)M-hkSq8&lCZl`}v4K(nNLy~Nj8kjsHAm}RjahwV%<9F_
z`A^3OmWiFE|LV?-nSb>lCp^?JDR(%X`yhULwQlV2)fC{pqNA(Lr_sI&4mjC4K65~=
z{dxA`kXb5a(8Kg7jpru>jvL1v^HzkGdQ()L*WAe0V#GP}Sk2BkWJjCKW9k%cFezKI
zw$+xB18X`S7PMr55+>TON=$(*p1m<gfcc-TtqwRr!yroU9TXeK_zFy54EjQA%p4gK
zE_D|0f~}Sy!Bjky1*ljVU;-l#>I}llq94&B0L*>l`1IW#I7_=`rW{;k^8fnRzcNA~
zf^A{QIVYw<WVgBiWLi{@epbbZn>)i~97N2r5R^Q6i;En!HlGXU|C`8vSDY>BkT`7A
zN4fmh-|Fr5GV<SMZ+CYo|2@a^@X-CP1>On!SD}Ys37P0#X@T#$f}n6sQc9k9$wQa8
z4m$&EB+ROU;N*<8xypn1@4W#XX5FaXCkPStS~T6}<V(>T;fDD1lqRx&cmThmAOg;Y
z)`8eHdh#dm*h=}_RT#qY2LI<LH>6z#kq<x1p3<QNQQ+{?N~3>kw?X6|W8jS4*io&l
z8|7pXk?bWcCQI=bl)}GhndhjiiV5A9r8Vg<5{GG#)f9-77tdA6wx}>xbe?FayM^}~
zV3k`VH^7^TGG3j1|3u-rh4<j;>6ex+j94Z~ulL8nbKxOgjCHvq^l%-bvRtDh7yk?1
z%Q_BM&^YV7n8Y~G3`wie(XA2mZz`XQI*%Ztvl|hxxi0o*epS?mHFXu56Vf6e=Yme<
z+fRYZ0!FD;4y=|2(wd-b9V+|sS{?cVtXshp%Ww@P#W=8kc*`JJXAO0~1Njs`OaUNt
za>~hpia`#i-<&2hZH%Kxy<Es&XL;oFtIWFq<UHnjz<_@C(OpDkqBJNo?%<KgmHJnv
z0lEpIE{vuCkC@do0c|)Lq_n3TbW^p`Y}g>9m=TL9Hp`4}{U8DDm@(}lac+khxf)F<
zGE+u%z^Vn38q=d7Ok+;2YKXSAfYa{nxLM5>RT#JJ6`o$!vR5Wa=&XxV*_$LGXye-f
z`0o|~?Y1y9XbWFju-g+K#_nhKQob<`elZPc3Re@+W+^@KC@<Ik5jgwoEz3V13SZJL
zl_DL{TlP%R>(E)Uww<Y*&bNX~)MNShw1!1~KjDDFzoxy&(zTn{(!CaT@&hZQ^<q}4
z-<OL6uecZXRqI5QuHC$rGB@qy?ELtr{mY~F<%fSAo$B*pmM-Xows64LO`BgHXBWZW
zsSJi8dGqn|ZToviTY$!<UG?KLy36<80LKxU7=1VS^vfFO%xv4*DM%CUtY;~V!V3J2
zw#$?g=~mavNSNNRayDXA&i<sBr#n?taZ(KPw;UxIO*8j;$!gc#IMCxlYjefu1$cVu
zN&|ZORfj;nr>ITqskii{0HFQ!)R#kPKRtEjnWDjIAEXw{#YA+DDJ?4h2r%@)t8Tju
zI^ThIyZcvwyG~lp+3S3_VZPAuX*B3;bce5Ot1S;!7<jM*D$Ai|D^vjf>cfNc;P9-n
z5m&Q4vHJ$e_oraiKH740BS*Z`dp<uuZU3N1<MqV~7mGstG8aQxmU>!A+d2BONx2-B
zjoA?csw0(U{%mu;#}Mw*=)AP?8D#wo0ZD~_6;_^750NWUH_+*~(n!_9v`{*}>X**K
zy<g)H6djVwKn8?H$?(`Ww3KC)c_3@s8C|D#VQ}TNMHR5RCO{%ab~>KiDa5@?Yc^--
z(v2Y24E;4*F@t8S=Ca|dYqn-qOPk|2!pFj=?t;fpsokozwswQR)k}L4htHm(H6>B9
z8_iqkQjngC<t?fOkW+413g?oK06`8l@{!;B`F$*m*>t5H+X!ytgEf6Oz-Zce_x9@I
z=-}h|@#Vj-4v#PPe>ge1IzBzVJl;RK+CO}Me0p_oezbpi{NZ%ntZXyjSTAp%w|BOG
zaq;tq^TVsFx5p<(jjAy2o*Qqlbl3Lli$`#?yA2}`Jc8dQh(JxoHwsH*yR=bxX_9YP
zl`U#qGANdYathPb@Fc6k%>0?5UObtyX)^Ql)KV#g_oUv+s2~o2)nd@|>*{OktC!DW
zpGNmTngwZ-KFaTZHn)1a+u8e{&DXu<{m*keE8v{30OP>maVD<BxpS4kVSq_;ZyXwu
zlng_3<Axp2B_xC$UQ<NFI2ZL)wKxePG62qh;I1=M1Ck6GN8JkenZ>KY;9?TTC?SIL
zm2ZXdlW>M(ZUCHFU|yv>FMkkCK6Cq;jTSA!E#moW&A(K}V4$)cP949bH>7YIM;PiY
zwish=Aeen+exjN~E9UqW_Ti2|NPxNsQ%PVdA}zAI^aUIYphxzAbBZnm0Q7b0L*N|!
zHgQ9zm@&}6z`|?6m}3mbQ<yNT{saQ&fA>56?RL)rodYezN#|da8z@-)&bxq!KUq6B
zkhmFJ3WWDKa$35;)G94xn{}q~o(AJRrjQ*3A*5XJn=#$c-U#kVai;rS>*#YV4IFg$
zd`9RxtwOPfn}oE}uWZqD4p=qDhN&wJcdX)vfk!}+N#uduE%s+HzL*RK!DryKoxEbY
z`&}#bgOKU$CSiCF=+yB<=x!V{xI3+%A#a<NC$tBqC;~Uob0-)w*F4>|k=u_3FckR$
znftk1r2z(O!Xrr7nzBUkG4$3ut>XbmxSb1cMA`K4s2S{CK#TyGEY=(YUO-!j*wjqP
zLQmvJg-=nW@OvG6s~e3rSY@#9y{SK;DU1pWypgOa5Qo!v*$}vtK(_w_JDIk4r}dXt
z;T24}=(O3SJ4E^exmX3jQ5%K3hnCDLE9F>dJs*mWW&XD$6pt*hh3i4!{4WPMSI(?k
zD7(Q`+#V5psu1*iOe*WrG>dgaI=l>hs4!43Xe-iIkiH<4WxDtyXG>{qz<%#mJ?cw{
z$s8kRQ(lDtr%h-trI?^_%#97Bk%Dc&oeH^IPD<@WkRWDZiZ~VUVZ;~(7A--u+)Kkj
zi5PI>8|HAundtJfMOgP)(47lPnI(dS1$1l~)PsXtMHSF^j3N;~q!@VqokKo?;kbiG
zTxzgOwSq7Rkv9KbvK}X**^WkWQ6j0uejH1Jq0H0A?htl}%P#BlR-03)etdWUlr1=i
zL&#!Ox*psQ!;^r(#0`P-Pdsuv-#M0M9Y<3w<>9c4%XvU}`aZvXbI<h$a$bZ}C9v5z
zF}FvK5rH>x-Cd#?;FGAl<g2DJi}$t_cx4V+Vlr!~CQW9|5ufI%RHKz=#6?~7Iy4(!
zuFC4Q#Y31%l+~TK#jU$+EZ4c0;R!<ABbH@=e#L?(OTC)3qv2jll-&*pR_4?!=W~Pz
z<%*@H4Q@s7E;YEO6?wH1E-F<4%5z~=^t<;4tc3{OPGaCp`wnopqR+7$xVr85dewov
zt}SfYmwdyoj>SuMhv?Xx<Z?&PTH;3jei)D3)5#cY_txv`7}ZRiLo!Js88k6LaS|}8
zN8Kv1<2bo-y%J=y&uJCotX(yQ*!{C(Q3`i{bTM#vUEP|XbNf9Oj^zfwUbAeD&o8e>
zMdyAAOWy=d(vPcThl&yf$YM7HRTvYI8-i%4jeZ@hWwZ$Ycmw*K{(qM15yZdi8H8E8
z02xENS>QCWUD8`-TJm!WKNA>nYl6j2;*WHZPysXqXUGTpB1|_-N~U!byG2u4fg~*o
zcz3!<hX8;+%);*iC1s^4R*WhP8DLh##K=Dka57=neLqb6AuJ`ZmePeJLK>Wx)-e}A
z!%B4*Esvqoo%XwD`F67lR~0T>sH#w-MH&oLkgfm&Ot|x1C0z;d1uL537yf2Bm~3Q-
z%8cdvz8p-<mBLuQP_c+>fGz7DXR4;dKnYkY9ZEWKIuMdfAf<_npw5i~K66DR_WODy
zcD*ScW0#CB@8c%;I}=s@_;`DZlCeufjM1}6D8kL)4mghD2@8<2<_8`<{1IZ(h?6bq
zfX;)8YLxx>v|hnx8x1KQQhC(q_SxJ#Yt2KE=Mw%Yb19Q;5#-+J+#{VAav#GF1BUsr
z8-L>FYrn7%$^+)=_{8>Y8>AAgzz1hY*Vr{Rw=bjst*;9eV3v|e10s2|U1fT%&y=u?
zI^Y3t?naP>q~ochv>aICCS9<<BUeUr5s}MEET(vHIj)vG(Avsz^>10|+r2kDYK!{X
z$lF61G})a8fNq_s_xgqfgPF<O$Lh=R72(jmHcE}e>p4`+2dZAfc5B6&&a6G@e9OW(
z5dz0C8xBF-mqV;UrelmlH;{P?KqkDL8BD09uE0R4OP-7bHDIAABOH)m3c)SB*CKWl
zuk`{izqVm+x2oFx7re)8+wZ*r*Dd4qUaKvPr#>-R^Tx%{*#M3bHGk0x;4z7dKZ*b%
zv;arl)h)a)EW#w(D{D(sI^$O3g`Ke?q3<$qSSXR=Vnc+6AsZAARCXm6WWFGa{9dnM
z=+-I-BbWr<6{5dtlt;J3tx?SVeUd=euLFR{L+GJ#{n8O66@_X4v<TfkSAh>B5|I0=
z;tG?9U8`P6nnCN1+^Yoo0k+Sa$T`5Km#%~>3ZT8Hj8=KY&dDpfdEFuG;H{FCSWxE<
z-uUjcaMcymV(7TK2@zWo;^s?qc?}+!*FW2SZNny75mGCC$n0e?HOEm<<@wpRnS)<#
z=sK-DW#|}hv^GTd-Xuw2MBckGtFJ+mD=N-m6p<j}CkBf_oGm8+V<QosrUEqP9v2I9
zZ&gR(jk2TJPSnYw!O5Cj&$OXCRjh?DGWw&uuJ88+Q2DB+BXR<V@bh~X@x=M>|6X1D
zuf40Qwg1|K(e!Z;gz$0dPC~N2{$CHD{^#kJ|Mlc3uaF#!ww`!j12+i89p3;r7y3B?
zUi}AtB_rxmfNr1)J*WlNO~XI2IOq8=ejtc2fv(?CQC!Rzcv|v9=H<&HQ{UY4q?a<g
zph|3NUCbQ^tZ`5Aj$>lH2+8vB&b^l$TfT~pSGhxSxVAT%>#VA)%<|J&$?~T2@60z3
z1*SJ&+h%R~EbeJ!{~05{aqy2S`_KON=FU#m{<FW`U&jA<mZv~Ns>`W_dGE4Jzz(LI
zy`zQmb?7_(3mf8XMF<ZguLKpGvWX^ydxN73SGLq~c7uYvIS;?4o)9#q?=FlI%wN+q
z?Jp^4y{^whEacGUf*3xeUhAEThy_OLS{63?T~Er^tX17vJ;EY?#nV$u{V=d#6e)wx
zk3{|}(UwStHOGi^iQ@osGs|U@lR*gc<6L96^d%9hEdJ<*@x`&8G#7K#W7bKB$q+c#
zWae`a1!SN7xo&SpQ|J`7rI(=%9;UwwT2;!K!Zy<qMq*yB05OsV<2@^i^=`{>%-R~E
zyNE)qz6w2y)a21ZZI6~}bB9F9;Yj;)E^Ua-UTCA<(XAt_{c}@_L^m$i80xY*c;rgm
z5KmIeU1?QQ+-0@2Q<<q2JU#7I6y`Q0|HLDAb7!}zFbB<Pfn4Z-XN1+Uxef<ro?C;&
z*qTan;OcrfgFKkkEW{TSMv*NdNxQ)2Kx{^kWqzw{g{oiebM>bYBGKr&qe9naFljBv
z0@wn@l(#|Fo45{6R0<{8P@0TvHazfD+wbWyh*M<nohy_NO0r-_r$~#J1>P~_50mI?
z6a@3UdO(v`uuQd=SNUf}n(~t`6IDcxLOSiY(*ld6L9%(}M~#nb(V?Pxjc8GE=LLJb
zs6ru4DhG2`y0l=p8`Gzv=JGU3(h2a%Vex|S$PtNt6PD}~IBljvR>6A8Vg$&w^S8eN
z(HLld23<(Jw6ryBkpq6QQ-}OO7EdBn9`afNkMaP)XsVOFNJ#=BC_+j)q%V|;W1)S0
zumyCP1s0V|I}enENi$|MK$D5Pb-I)fowd$<ZzWdyJx~^|scJUA=pk4K02oc_uv7PA
zu_Sa{w8cf1$~n%TqMO`?#}L2xvY$dVwod+_u^0RX4!`WeHv}6#LmY+HrLCMvEJLE7
z)la>Q%vH{d$Y0haoj;lvAzPV;d6nTXl{K)}=B+I9n3wR?6Ee)wjgIteM+FC>S*-B*
zwgEEhp*;s=jSpy}k+a;X+~`Qkt-LRG99dR?T+hP@C2&8a8|eNlK_Z1n4vyn@rytIb
zuJ%vPkM<A$eRX#J;o#`v;^;636SJHuf<?CW{^;_@5Ba($#}}7Qrs&E34@W1qkrxbz
z=QK6(VGVeqm;cFC@m+I$U;VUy^6@AO!NY?%iaUj;s6xG_7?PcbXm|prFf4>he$T`7
z;oa5A(NB4tJUkTAhUUE$&fMD%Cx=Jpx%n{8I~KkM2Pg`nVOL#yXBs*`y7=(%{GbG}
zc336TXu@ipVNS|FM!|0r_%;Y3b5qC<>Er3~|M_^tg20^azdyRLF1D&2R<^`2bQ5o6
zc*U6zux`)xt;nD>UqzbE@qf)>xeemW5dQ>|U~r#@<l<k)XIGae7gs+Wogcsb_spxl
z6a+5`Vq)q0;QaXPa)vGoI}C#<j3CBm3A#~8GhQx=Kb1XFG8*K%G~X`1&jrg>g*|;y
zp1)M#BRQuwFICNRm(rlB70TGwEW?@^4zm%pjA{nXb53>qOpK`3-jW+#a-)T-@i|#i
zV~zh|_)>jTwVBggrI*8@8lXK7n_AxG;&@f9pSjsp9p)FxvsP@u+1XY{D2>*dG@r7$
z>oc<3^YOM7DEpJMU)s#g#)BDqs~%r8vq8a39Fb~k$qz00p@LQToZOJMwqFo0L|LI(
zIiYk!wfUe-m6yW>X@ETs4^-CS;y57H%iR1=3hxW$ek#`6BDf!er;+z(-wI!|RGuxi
zr?1JqsbxJI@1{`&(Qjc0v5XZf121ch(2<*=(s)>-$f>QK@(mYXihRePo?6*=(nQ!E
zi_36jH@xOKxHixEBIxX?*9s%5bHewp$qoF$^=|Ln#AiVQNWek@uuad42m|qxAi6cP
z800@^di654we_yS*KAoUEOy3CIPT>=_>$9J-h&tO*u|IIEXn+PNJhxg*z%@41Jm-R
z{F~vsmpA3la#OB0T4f3zp6}-4#nE|1Vw|d6JvrddkNyv9mrkWQgsc@Sx83{~yw8|#
zY6hHZdX^bmCLqdeKGqGEtzhL3%Zrdrz|)yvnEZ>`;;Qh_X(k|NVW>}24J|sA(M&TY
zd-xV-OvbaY&YBTdw0!1DSYb*m&S8jL%R#^v{JHHEDkR*rp^xV$_O|Ry!`TO=m}|)T
zFs6bE4lubCX=!sKFFa&)j>P$S|MK8RN1v33Tp))7H==l);PNI-c*=;R4#9tDB3W^<
z^%|!)8_Lzi(fLnD=U11<?~guw%n{rY-pY#88Cg@-)&Yw}@p9(Jgy(C`&%w#@(dp%^
z^OMEtQbYFV)sTJ5=4F=r8S1`WbC=-?ora1U)xuI&v((iTt*o!)Mpt05_LKWk{OC%|
zY!vohxZ+8JbTP^&t-%J?aAuvCqlD5SdoEkJk{+8Xqn<r!@B+;0a{k2Mf__VP==_sh
zEZ4&ZUt{}J=HSuw3YPBG{^{w5OQxatGPBZ1)mGQMvLfZXO>3}J&@B~oO9fp+1zmGh
zn{kdjkGd_(N;Ouw74Ty7s&&fYsv?|K>K%L0FR6m7!gF(*c(c96s<>yGw;C$BXPmck
z)m)8fGlx@kpSM)f{RxzGYKfHS>1v5I*40$CW4@f)uC7z4)flTZP-A0l-_k2|sqb5Q
zg_^B3P?n{jE=pUrbRGpu=h1IR&9zwf(dK$C3jtYxmaC%0xx8$fE1v4KRt3^hzqHgZ
zE%i$aFaR@l-$JawOyd7sx~UB3GJ|r;&il--<tT-$@))Ytb6CrMSp`)EvgbKZW>rx=
z)9lq!Qa$7BHMbzEME25*?9Z&B`T}7xitW4d5i%Moe3n5kmg=5m(2E&VJt?4zQS>Zh
zV=QB1lx>Vfs&;BNy^NkQM<6u~6>}?iENv~-J4^M>QoZvG>K$$GEkwDalm6#X?PNHW
z#)=&~r!%i&pcJZ#!=*|oU@iG26*?6tp8f2YO_}p7Ggd>9^K3KLT!~YG;-w1b&#S`u
zQn9iu8$Avu!yuYjc_XSXRX0o3jdf8yr{YHT`oh&V63oRYZDeaUl}!nb=2q7<Xm=6%
z9M%5wXmg6YTbwRO^f9+4N5c9o8R<xvUyzPQfwXuptgomOS}I|dN|>b*W&uhVMIIKS
zf=Oxi^C(~po};n)#m2GBE6SHZR7#$!#CS`&FR6AZMeM8$>})ERFFs2()Gg04OU+d+
zrHEZBTK>F>7O^m9Q?n=rK2@?9s*}#a$W2J+RLd;AAQeeH)yNDgkqU)Fs%X$);-lP;
z<DX!HdH4j2dSnr5kp)55SVfXXRyTDc8GL(aJa*F-#m_xe)XYnsDNR?72q0_t1zL7d
z=BEaMn+(-{rGFRot(Tj<V`Dd~(C!ysYdhCXg|Fi6M}Z~(z4q09SckqFo7z$x2>P`e
z1l9&Y<In<t`c}p~SW?^{u;Gv0xFpLxW69~Sd?tO<eU%kVbKd7lXH)a9sr>yK->r$`
zs$zqb`59tOP~r{?Nc7ZAx?yl5@#`4Oj<HN*N(C^1kp~sXCFAPkM^G){r~bOONn2%S
zh!2wuu&R~Zdy_SRva4EGi&_r`U=1Z;ZRBDq|A-pSuNXzndhYcg2%)oXkpa`@+msMX
zU<;N?4)xu%em7IUo9cZ#45~cVoq{4(oX_y0V4C>WdGE&730u2`_n1*9j1saR#v`{9
zZ=D(ORjJac8d4@BuPn8ye<@mO<pZ^>u{BDqKbwtr)`7#d1AKXbhllQW-UxcPw6-@%
z5=!6G8UT;bB=o@z1S2={A*HG=777ONT{nklPUhRZKtqmA12l_mbMNO)!#umv{NPzE
zD08m<$V^nI7E1bl;mag#y51s@<)3wlC?LP~0+|z#IhTiwC!1Lv^7Yt_+4@-I^2l|q
zuaYLE->S3CzOGai7*P@9IainL`fD$)`QTX8!Fwi{gE@}f8EJ3PnY*CzmquPL5*@xk
z1Zb(00L41TqVUY%Im6zR!*y|Rmg7RLph;$P_T`{ACtJgvd)F$d$pY+q3D#@PLO#-t
zeXNW0?P>&~)ldk033XZ{unOGIz?U+pDhAFXlk<zN5`mlx<Aq|lCW1GRp)*9xCYe{z
zFUwGV(ljrN8%hH}XV4uK4CQDXll#LUS?pjky~ilYtEe;z86*D;CFC^Ik5Z%2k0wdw
zX%#!fO@@%r&w9N$K?Hdy+yj>fXT`k^5ynBRb=)RiT-5o0_WpBw{thO7(+)l!@(wi9
zGuhMGhr_GmGgZfWH$4bo=;!XG*;_t=n7CxZW<WLd^{plBy_ApiW!}R7`Rpc&`}-E>
zZ&6khiqi3O-HNv3(~Haflas5nlaKF?PcO>R<w-SNDaOh$U`2p#!d&C7eoW%*6j&F;
z`^&S%Y~flx+b5J&vFyjpPRxS6u+=*+=mkr0hDFG(@Xlf6!vrS9tm3=3SLa8khezkf
zr|+aSh{d93L`b~X?N+b0HtV;Y$c~E)>Y4Q;uadjbR8UI}Am(R(m$zCrf`k2&lOOgE
z{#9X>WOgIqIuqwH1*y(Zn~p6znkslMvbQybS4HpMUY+e<{&;b9xPQ5C8TQ%`D&nuD
z-;M%jy%W1+#P#SU?Vfyim$QYf)ozG}b~?!0wNk;FO_xzw(fav^pN=n%Kb#()zMHKJ
zO(d#wRi&M;Ke;a}A5JB}c{ruPF#~qB$a#T5#tf@8z)Ee5Ohb4WP3eFIja)Oo@GT+F
zeOnE@o_(Lc+Y%r4?1a(;K*Itj_ZeDm-Yi?2s1ewqXo$6YucE>*nl_LT4TLsC0l!=~
z4>uH(07Y)dX|DXG9cTmB(Cnsoi4!;oKAUnLeUtVlN~~7iP}du@?IyIHGG5>O(5tLi
zp3k=LIc@sFU;w>)FN8lLbc@qriMK{K8fEQB`;D1~w?Om3T<g-{g)0+89}@hIaTIKV
zG}<}+GeSPRfFbk<N=(`j2GQhmn|^O&QNS@k+qA->H>d%UA6XWX{GHoi5JUlC8ZG(v
zUaQu;RJKh}j6yWLzliA)J3tX8i5m#@SK-IK`lBHzgb7QZgbUHCm8pYSt#~8EauqKF
z-f~T(h?!i74J1c)2kIrzC6H4}aZv5O0q{4A@XfCl4{{ZlFwWfyh4JP?J_^6y&)AKv
z9kaT{7nA%?IZ*!VwC<sqZO+*8O^nd04bY0`gjG<Vv({MYk_iYLYiAbwxn~>;mWA_u
z!8wupq46kL^Q+v2Wxibg2D8FwXr?7f&%w5}!5PMu<pb>IYiuGlzPY%5P3yAqb+DRU
zIJF0sx7p0uYnofdTE9Slk=a(Y>g2EUn{Cb_#xAq&+gz<eL1}9yrHq@(8JpS=sM90e
zbW&vlfxlV5llvF~C!TsvX2t7foT>uhmrDns8z`~Fqd!jd>0h$~A`r~#)>eeB8(V|U
zL!GgXTwFZZRZL{AlZS`ycOXJ!MCD{*Kw?g~4I5dlsn$Udy@z9z+-LPxP+Vk5oQ<I$
zOvZbFm(J11vX*i1J3I--fxfQgD`5*!%2R7=SwRIJEWBdbHZ8N1D7BKvBBII$qw#2s
zt@_aT(5N!Ds4}#uJw83L;};rZGh2;nJB^w7G0C8$y*D`$DlIRntu7kOiWZ;!D=od!
zI4^e7joRZ=zOi3vY!xAhi|jvYk53E0_8cRuWk@1Xk@5{WX4^1gC=~^At<XmtrSFk1
z3TZE%hXof0b0<#Fuh1iw=tRa4RWX~2A#Ee4YcTrqa8TZhhXY&tw4S}?CiBc0p}gE=
zKp>~y<b5O(>N8dL1`KSB5H`$Q<nI&%3IVEUkuE2P;byqZwxVRhBH6)cQI)Q0R}zIH
z9!qakl`U&@Hm<0q*;3IG$@G?MzC@d5EWx^}r<}S@{P~v`_#|%RjbPFqqbMLK38G=w
z8@UO=%Jz@IaU8k?;;t7?Fo8*eLddK<>-N#>^?JM8+w9+7ub2IIv)AAKOMm<I_HMtw
z-P_&%OK)?lzx(<xp!a2m&YuY;Zt|Dj+<j#S_l-Oj(KfkpJ)v*ot_iw%5c{Yuvi)`Q
z1K&J+nVh2#o=-xE*DWnfFg#N9RuyL=<82W6dq8{Ja^pbwEAIhT+ntaRN`l{+I<#~9
zJ?;dkJMFi|khqk+q~wXk-qL)2bNn+eV5(lX3y6ZN(%}nIpuI@Du$<`I7K&D%rBC;p
z3|MH15@r#js^_E@=U>G&S4*l1?Q5@PyW6b+{+ES~o)>N$yi3p|#(UtC<NN|vfa8E5
z@&k_&JU~VecqoBj|LhnHX~E3x4fy1EQpt;*4e4`(onKhNDNJryp&=ynD~q^6{|Ez2
zSeXaSbUJ@+R6Ko^HvoFm`svGO1bq4>6AY98^|h(d@_FuO#`FJ%ZjxwNj}53e|NGlp
zTbc8JduMZddHz4g^DO7T?NtAPub|lu_gRimv1DH`Yk(&=R4NyDwH#v?+%Rz8^QfTH
zDpv_&qwuMDL82zDIFhkuoY<l$6BaIcjx48qDq-p}Oi%3^rp!1K)0APn<Y`~B&|bQ@
zw(zGB{nswrn+Ska^55>}PFDWg+}>Hz|L1tVlo7}5CL9c+K@f`A9B%``@3Qwy-NIrq
z&`$KTW7=;?ipfkg^2deK)Xc+aHKv;8;qtPM7mkgGN`qfB+JTtJY{(ovxIkJ^*e>gm
zNDjy~F}t02P?`mI($>H_cmy}Q+c5I<!K7EoE(U18d=Btlw>yI2xPwPsA9<J)t}98e
zu7;Dqhh5k6AjUy7ykfm}0T~4t+y!9>P!!&SJCv|^2={0L2J~<Coi)W)uj~7OuSSAE
zK=d2zoPrM%N<a^5;yDwarWDZ}$wepzj~4Bufm$7xS|BR>FseZ};-!2`fa`0U?&or_
zix)Kmd^XUF7SGq=Jer^XV>h<kUYGF$73Y8N^;TB@ySufswLJfy<FTC6jWlxwwhq>l
zS=qt;;S{wN+lz*bgT#gv1HApiY@`@^&=i;s*Cr%0?f*u%Kh^txx0l`jn>(*Jm;3)Y
zo{Suy<<XmM<p##%bMe(LiA>bmxbyGRFZDFp|C+t>uNXz`y7Zv({&y!U|L^SX^q2ep
zIi80ygZ_tyLP@+be5<v=1=A9Xm4C*HzCM{*ZAfNT^Hc$VJYURRdb6he0_&^w<B!o+
zN=nOwS9`Szvd<+Ut|fTp<fZz9^ut>;iF`WW%5||=23yT8t~tW=+Msv?NHWos$HMVA
zFTJs7x_kOW*!q`vd2DOC93kM*0yP~0^R2UC=tW8tBLk@tF*PAIWXOj!drKBk979DF
z+wHdg^JN@U%jXL{jn01<hv<F`qej~Q%JYAFbElux|Mz-J`>$ttBo)rZnVMjDL0kd{
zlkftP_54k+#VcsNjtdkg;5sMZ#xd?HcHmI0vTs7Rut*oYw1vVKRxdV3UF7w0481+m
zo6VR|cR~>M+%SlS+JvS)>~R=)u5{~?Kg~N`@zSD8Ng$7w@?(GrO71lu0aZ6&fLE3N
z=X|(hmw2O->Pr?`>%=m3y9LNj3ETxqTmpw8o+1{%tOzFw^R+8eBuNq~Mxd=~`j|IH
zGYm&_8?bq}A^*f!ko6o8a?Ffn=`l<55%g~HWGu8p_AQr{gLy_AJQ-*EEAcJPbY~Yv
zjqYXWna-uaf9D4mLuQumR0y-qdO4g1UNoqzo?SNB>g)E(aK-j8CCvHFY>AGy_~3w<
z;DhTN5UZoH(T>F(n4SxZ2}Gz*2lw+SFqUDanl%uene2y}ae8uav|%(&9eCyTvp3Uh
z{oPJ(phv<E{Wpmqfy`)1xG1$%pwXg4Tt#$aKYRGhOg!Y-Q%K)p<XdR;Qug@LPZR#1
zS@*TaZWIh4Cb+f`P^JIx=k)(uueX-=pU?6<JlMReK5#?CR2`7>dlKrw<>vgxpC<c%
z1YJLb7`J7#%9;eAV*mFyce49`ySKBH|DWYyN=;0d&OQt<0S+eE0gfj7JM<m@h3PNN
zyifDzk&8nZESsF5HG)W?GC_C5U9S^qB&Si(i~$)mvl)-eA^nlAD<vZ)%%qRc_P{BM
zU{1_#EQE@#=%grHaTZZt#r|&;fj>@T;xC!NFZeW~|FPT9@`FDW^nYu6vzMX&{jJwa
z{_k0y`RIR%>M%=^ZDf-!sI-irot$w0h?3xUDz}Db$ln*u!{n=|gxxsKNY=$YXQGlx
z`((DK3KT%}lU60)+t`iVA@tifA}IVh455o*M;^6>6@v&9Hxh$Z)uiMvj{=6-OO{AQ
zg|xM)=gk|<@*`QoBu?RUF<HYw<P`rF4MKy-9tY96O+BrzQmu@r<bJNMl$H^dAV~rb
z8+XaJiabpXk1i$$)D~yux$q_y+7anooN8G4$j5pZGu4^ZM<chb)`6oz)17YKK;rg|
zbV3}${V7b`A^b>!Q20d^;=(p0+uWv&>%o%w(6xTFZ|;JCsGTP~*Wkg~#~EkIizhE_
zinPIerTMWzP%t?qQ*#4H?lh2Lh2^h3J?c(btum(gPt0L9;s4C^9qroY0OkB&zrWSX
z+yA{@+W$Sv!<}H{&M8a`Q{jBK&>Q?rnwT#leVYSqcD-+_yO_&<v*l;J`p<M+Y6xJK
ztz#BouQ7{}K(?jDnhazU3{@BqRL|fGwkN1R)^h6tvz@PKYfyUG-|TX~e1Ko>QnaLB
z?2Vv531MPh+ZwOAhjXVm!A^BAx%d%USGjMC=+B!Z0l7aw5rLo0DB}8unFD9mfMJ9%
z*$)F3Lv1>>mtV5)I0+CNX6RyUqC5AgBJOl$U+h;Wo`hj8mk;}NmVPmZEUpLjb)3y%
zkj+G3#<j9St85aC0PU%Q*f3Jaa|C)ns|g$im?Za<H&KKR-(v#DSHcG3N|tf7u;^uo
zQf;=iQRU<lTTMK2fl-IO=9?u2_35ebSd#$62ve5)zBCOUFHGDaczXILr)X7$Ie<=P
zR9Ttu8R5=>Vj8z-3-k<yfp=fR5~Qn~7X|fa&qL#}o9$V=G&4Fr<U*3xXo)Uwa|f3U
zIJ<p7HivS4!;}$pmR2xp@FNFUlw#T5l0D(FfY6c^85E_A;?IbX_?@YG04g6tH~Y38
zi1xv1`IAlL{djqKc6IjQ{4&#9Rc1&FMl4zTDi)n+<UN<Z^QkyZP>)WT1>F0i%k$%d
z3p>0#220hBD)!PT5(RBp3r*-sau;e4W-}P3@Kok8+_i3!xd%4iczC&~&7-OU%#y=e
z?aGTH4hfWTNuZcp>2KD6ZmOlX&u$tm_j{L&;|xkT<}!*RGL8qh{@`=j()g3hnKs`z
zD}cx+GGoKj^QC=3#!ydw#w+M4(6nC5qfyTRK`z}Gee|?u^Ne20NhX(7t%YL*^8OPm
zZ5Q~=q5rLI4p4Rfzq6Iq|88$C<9|QT^N^4KVpjs!Ru#UWi~j{{l4r96unDh!G_wHf
z1^(=_RCIw~y!L8e=a)3m<Z{2bnLo%?f3pFC=eSs&5v00i09DO@!$tuOhV~+6a(07(
z;+E^157cPmk7G<Q2mcpAa)*-JcFZ(wC9GhT|NqYGtpES+PH%U~|2@YuC;unb09Uql
z!eAVb<7k*btbB)bmO+%JTPcm}&UuGZy`e=gd+mV3F$>d|yL|M}n6fo{fZs8jJps`Z
zAPJSyJupbn7>L#tI~61U;yG@m)0Udu(-w&FyH+utjfc+E<$WyW_%=9J7#A3kA2O=z
zc3n+wk+RvQXdW1P#dbRBd3{X*_T`h|vc*#Dl=J%L0#blxC%s1ZjXf{=+j-Swy(j>s
zGhfuK#T&Xzk7f`E=3FS2i9`%GuGqBWxW+B|0MtM$ze6TY(PAmt(aRuY@VV$1G|3o2
ze?}s9B(V)O61D=|FhqC2k1*r%!--;e3#r@AmX%_CJUpvgR1&upK-}<_hbz}6rL=dA
zw$4IL30e#-T@uX~E*s3j|JU{cuHgSSd%Z0Gzti7d#{YemXU<bou7LvG?_&ILzbSiQ
ziIFd77c6`D0`|dq@7<cPD0gDswB}u$+PoNJ)Q+t=tXLXYgy^Pqmh(=XjWdcRRTsK(
zd?vcp?sU_arPh5lJhSWbSKBZ199lkK=b8Wf7d2<s|84cRvi{$@J3CAL-?Kb3TBl_N
z;&l0RJd{9$J02Q$v&X+^XhB>+6VMe)z$vQ9KrkETX07N)nvtWh5nEzV`RC_R<gjLD
zRV3R0BR@t#B*T2nXs6i>=pZ66nY!vYmA}oC)N*xHzYFXoZVWGjF+>w})Eh5LI~$=$
z9>IGoG&y_AO<SvwBSE00)1F7L4xf~QPs`6XbP{47mS0v^FZODxTIRxh0@<1jqM=%r
z+N+sB_!Zr-xe#6}8LNj3b#b1{hYS?yR#<-&IMrRd0a0l%(TtbXwH*4JhGN8$t^DSm
zM*JUF+&7K^RKfr4P@XT7|7okYjQ{g2PnL-iQ!H6M8S7_NeAthJV|+pA$HEk`vW-9#
zw55iX?OjY_rU?*tLa8HMRpYpzVx7*;Tr#@6kL!0LD_9$+Y^nsgl!sL{1PNve1kEwQ
z&{kw&XO6787lQziF$lK8a)7o9?3=2@F6C$yY%8yQ&3gUY&Ldf^z`9dj5nCmI6qU2F
z(+dvcFNd;FO`b$gE!|y#BTL#9cTf>&f2bHEO0AY8_px&Dni{xrYi7q1WDBrPvTsek
zwX~{)uU(EqqBs_VQOO3XEqA3)CLw3B3JBo{VS+(gG2{1Vlv37#^r!9}n|BNv5fZ0&
zSaeSsS6XV!`sU2}v)JyRdii2G_nvktgc#%{b8{syQb;{B#U)|MwQDPEg$sZi*Sm#T
zcgq|k`XQ9NZ4*>9?_yR&X3U4luDQ1WM3eE2%;u%jZ~JXu&X-n$?6d|PS`T%*v~2D?
zFzu>^*IrJ+{8M1Q=KHv0pQRdsn!DuLHl|L9m$Ka-@@XRf39F|{d*AF+rT^dD&E@~v
z+3qdnzvp-|Y){5q&wi`_MXldn0OS9{^LOQp)=K9vNX@Z9#!9!!BPO#LOwE95@2H@;
znQaB@2Ht7}scy~pkfz2gZQv$E-tFP(#ksQhOGiDM(O(ANxn?vG$qErG4jutP{~u1F
zu`D}lZGzGox`AJjEU{T&k5J}-Q?mHVjKUk5EmqDTGuJ%&OkfhZn#D!dNPIR^!^*2l
zFASKKZ6+2+)hvCE!@vvJofxBUI3IwZhBao5*|c(&vtpwrxwTnFCMbk^Ac3x5vCNjt
z=a+gK@qfc0`Ye*!HMs<+;Qw~}n_2z;)@FZc|M4tO<BaTLS+x0Lh!gbrUMz{cU4>XV
zUxsy4U{OF=8pS=CtD6#4m|VpP@*u_#bK>Go2>Ltw4wD2WS0Nf2)TryjX%`b8O$fMi
zlZcm%10Up{?$k}Xp6iVu-xd7-ojCCS-r`+MVMH)^kQ7gV<e?~n9%l#pz0Gaj#}ltJ
zA|zHdBqBtAka(h}aWLkA_VM3E(GU%<1}GW3gcIu^0<S);l3)z4Lgcw2U@0D4GQq!q
z)dY?afmg2YC!no<PB2X9kKZN`6R@^QLAgrc046Y5e<jAmIGWG*au8QUSVr)t-}}2!
zijwtA5nAf|Ofd{2OR*iZ(9L8pfRs2HlYj;TvlyF@D|RJPHdpL#5W*=8@tgkMCb)(7
z`095Q!8hZ3_U~T5*BgT%ay=4E;hVk>#_s1U9Q+R7^m{{vj<Fj9j;cvKOk5v=)pUZ@
zJGBN>;6d@_@9M*=SHKGqR&SnU50nXliPl8OQZ1x|`@WYV6ad$w3qD=h3`6Sc@b@4#
z@E85v_;xi8qN@-_Lox#W+sro)jpHkZGq9QY#1<p}P2gwJjYGNw-IxVaps48n>P}tk
zB|%J#*Pq+k2UgX?*eo#)`3J2avuEi38pEOZa~KT7UvV_dz&3T0`=a6c0cHwJ0D$xU
z;`j)B>bG})`R|US;Y==4ay5dk4-@bs!UU|25GGnFy3Lq;&~@WLOD(HSoNOv~F~=3t
z#CE%Ehq4QUtzJ)?%BP~%F?17eG(*c;1w6UA8U!JMiI_ZNvapURqcDm*sBgOxFvDO9
zyA~+fcA4@c2lPArzvoJ5$o?p|mA=VJYaFQkXWNUVRmIHGp7``y5j@MZS<t{~kbDH$
z$#=;q+SCo%DYV(^fvw&q==)VAw|afB)vGM#M)zQ6TvY1jo-Zkm6aLOa5lK*}S8;t`
zqEJ2mw|&Mqg9A3q)k%y=0^PA_gdav#ZLqrS1KuHU;>k@Ic#dAH;TGr??SXVzXRgk8
zqz;v>EJQbM*zsIK!qnx#2M+7T$%Kkc+Xt^4H;ykRHy@MG*>jv%nHOxoO#5BM9pP>r
z?x`yzWZY$=wN^0&(>;rLEqo)o41vz8zh^MO?onnQ*zNbYEAYg|RE5c>rx%S2aTQX4
z3p$Zgm$*sy75yRqHWpPd0Be%Xq7@+p2>d_L`R>0vYyY+PD}MAae*85aKGO5;aTp99
z<7oI8c<9laB#*=2AMtcZ|NH%M9B)6O;qVa+r;m5=X1u<-ZqOM3;O96<<jE|a|1^n$
zF_;A2B>{opf6RI7e8&;8*7<H7bXWV}CV}p)Hms+X{_j#m|CXL6@_&qcKfuW(rl;D?
z#2><{%rE?@kpKIeTU*)qf3G)}{-4kCWYo7Y@(<M%|G=g=d;4S4e_E;)S%978i~i~E
ziFB*0tiyQ@kK-WPpSnSq+FIyu3LPx#we5cX7`d6&jdz9Z&t@K9dAGCF^gi#?kp9b%
z(~WEZs{H@^yIKFg?d_%h_jw-8@N-Se=4~?QF^+R_0FoQmqaTja1W^ZW?A`=nKmv$6
z`)9|3{Nv7#E(Q)?GTmvP1u^WNAzubJ=l5SuE{nHWBRxONdb6G$vmXYTGgD&1k{C$8
z?6*W3wAC#3)K>TZNiYpUIE4Nl7`P#ZEx^OmoXHPI*mFY>c2Sm~LPwB5|1d$ZK2b8j
z&7sguVn}!ZvqR+F!eoOVB8U42S08>lIzK-?JYtLG;KvU?pQ_8-{gabcCaiZGyz=BV
z!Ylbk2Jlud;spH)Jpz68#>0X78?$^g>ZgzHqB}S7_s@>g24wbG@)PTwC5@+Fsnjp5
zQBow(m&a!Z=8LoALk&%nXdi#XP@HSYgdTyf&gt9z=>8Qu_)dao^11l?B#uKkh7obY
zcL|!r*eLpbf(a|mhrsNK)tR{h-lF6t@PX_5K{Nzp1ObcbKBNtG6u!qnv<Lc102{lX
z_rUJX&el!~fB|N`K5wT9bo~!ecz=!%c^ia~XWx-%T^{N$_GxtfPrWaa|Gl^KI-CD}
zdnx}t&-0Lv|Dz}LmZ!dvEz&6PIlv@{hK%m6gEdWEnoA7s#8b~%FA5QKW~1cas%U7U
zh$QaW)H_+AS)ty(ZelpEjbTMsgCKIl;CGnFp3)aH8Z+`6%lF8q=Mi&9y8?S}6t@B#
zdUSy}LDRs8z$GArE+zm)P*eqD<U=q(2}oH1$%%johCaBt2k-bKI(Gb}AV`ku%L1`B
z2oh}HP8uxh`bsd}j!K{hX`-<*7qCn+9ifp{ECD7cVaeY#CAr=y4t~#MI}&tcEkx*c
z5(8)2cYtHv(vHR9Qs0m3mhamBUKe=b*j1h!&(U#*F4|7oans!+u$u99%f4-((b3yB
z6f3n<H09wFmezNFil+(xm!Pmlw8#8YrT^L4+RXBQJFl1iAJ6hw_&=tV@Dk_}X!3pR
z!vw=4!SkJ?5U%IE!dWSILPjVNxgT;~BDCT+!P$LDcMgGhl+3Mo%T1m_f~nNQfe$@5
z>7@2axyI8X#1$MuVVO9b41*~Doq@oZUOLa`lMrHlXlH$`UyRa`vP^Cq2yG2#fj+&0
zp9zduTd#f*T#{s(WRa{!Jb<$76ec&a94|Y;Fw+hX?*qW6>V^MHf!oE)n0gx$KRM1X
zU<Ei12qHi5=mEksOCCxf*grew+NCUBKRGH@J9ajJ!!>}|F_8Mn8A3w8-cgo@{t*V4
zI941PyVtTZ(~_1=yJ>7%$q5P1V!oQer(as%GON_|{J){I88tHhue|@?%Ef=)>i3uN
zf1c&B-DQZgf3|b|2fjf5^v65hEFy27q>3dtY{?vYj5W%6)!8_&6kmpzUR?Ac7p$`8
zoakzs$<43OBY3aX21aPlea}M^miVu@VQdsVonzX+IWqfVpC<I5AI5DMO`A!974*Ni
z^E#XVb@O#^ng8`!o(!RZ(UeDuykK*kJp;6WzV!2KfqY>!eO^M(quPIn-QOlqxQ*GO
zYw6L?EO@ZS+gf849|1uZgl--laO!4v8%Cb4AbqhcV)OmqTmw|a|Mg#I@BcRYn@j!A
zvpkv>f{Ek0zQ^^)L8NZ@_)b_ii_o*+-P@~+ql1s<$Cv-U+CO}Me0p`Ze{u2ihx5a$
ztGCA|M~$jf6h1t@*#F_==<4|N`0{xFL{vUFKia=M{&2dUQHF%R8{4li`4@9!Is2nU
zP`f`8OKYK{g=U^iY(I2~>*OWsmqh{p+)p$5Uo+uT=Bcv(*y(5O|2LQU|DWl}@PC$k
zPV7FM*@Ma0qYKaQ^a2bvzC_xlhKZW=z@>U;>jM2nCKU4Oou1*E`HhO7!%S~fPA6v_
ztT8i8Ye9LtULz6I%&DK09>VmlG~qo#uK$A@x{(JHM~6xOPzF}0m6NcU@9JN)+uCIJ
z_4#Jm>-k!~V9M}wW}}(!K>s?EaZjoOA~GnXbqX3l4@ID*<1+!U_F{emq--yjJU=PF
zz%lzXKFyeWtU<Q1x$}!P$|$DD$vnBlK<e4d8UDf@c#3=$?9>q~c>&dkM6vbt^|S~1
z(mGiAu>wM4?CjF!=yQxPtC~&uT8nh%da99E?GK+xZ3h0&<@($DY+$AQpUeNXwY#;m
z<o}-IvGadIMPG0el;!!P?%$mdG^T%<?=R6UjBJ!Z_Co8ur+<M*6(XmkXi*mwOr87u
zG903W<O?v0YLIjDi<U!gc`dViEYA$|zdGS#=Bc3n+x^X~{J*vPdP)DE<+0QM7m@KX
ze+@osQpXpS#&M=orzBNl<uPDY8dRlhtevFsi=<`zDv21IrCw~7Z1GE{R~$o<1m1Zz
zM`HQ@$yKs(Gj*%hNdc+DQXB$G2<F@-P)^&YD;Ba6VtjS=iy>5ttd63Et3bvQPGB6m
z9&^MsCa$96=0NM)V`i`^Rhb3w?A|Pn=3bp*vuf3TfvlX3NkQS7E!Y7K;VI7&I(u5s
z7m)~bnfi12WS>U-KXC~hOhVky2&97l-`U*G#sBUv`Tys6*zF!BEcIg;U;-RWumhY6
zG1nK6IP{&G`84yTymOM|WrCqrD`Sc=ms9!3#l>Fb6#Dh`tXsJo$5@j_Qn<c}3(7BP
z#UUjC%4P(fi%sic@zSOsU*K7n&BIn@GB|>+AMz|Sk{s>HQ(sLceZowVipBtbpWYSN
zW2l*4{3V#rwPf6I<mQh)-UxcPcrxyCCl~`YYjF}p1gv&01p+!hxEQj0a!yw{%`m#`
ztTRCH$lcu8#gnlPi0UHs1Zw|^QPghQrM-S55U|%)t+a)AebN{Z)v=|qN?0<UXfMPD
zZay=%`Aq2SGsT*&KPQ@{XchJ|S!ix2H_#(thyI&HkU-{PB5nof+8}Nai7b$v1Inp%
zviTcryVeq$YsRfB$!8&TiIH!mc^Prcav-u|(==d##H`TKWN95gyhQi_4Yr466b(xh
z4Kvh8QD6&8G>xJN4YdP20FaBf0W2{$Kql@+0p3{Xjd>=DHBfxhUKLb=ftkw^RgfX7
zV1MaZiu3j<OM&tkpC<Ajq05#1KXckw^ig^LpNs#s{kp%kl>eUN$(%}ba^EKI7~Y}e
zwkZE+tvpdRxO&>zERt1@cXmcF9Cz@jJ3{Ez*#m5e;t8YW`2uYphLFHEj}74L0p|t|
zPy*ZRBQtpjP_)5*u|}W|eP<!Ls**|6!6TKY>Yo%);9S!G{|McXj2sohf0Bf69FfMN
z8ka0>!iYB^1M_>xhi_Kb?uL+ncAIAsY9|oKD8i7wi7AT=+HIMA=|6k)M-o6xDfH^Y
zBnh9u=0E<{2amwLy9KYh{{z5}mzQVV2f_SpKD}BOy?p}CD(%q$Z{7fBv)6L~S9mW;
z`AdFgr2maVL08fL?cJ>YZ+B;VN&lba(FNf7W2uxMBXh=jdA{h-@?`q<4jL6!u`nLA
zxc{~Vk)APRvL)cKjE8Iwm#lv+4VJ7Gw8mxDzGq@jtI*Tpw-!2Dypf@(#ZMK8S~h?K
zd7;al|Nfwd*o^eQQ7E`7`oH-)XaD=Ux4i#(mgn20|6elB+@DA^Q9;>kA<#G+UqAdA
zn~z`qs5JO%K6B9j+M&QI`Txx<{omPK`hPsn^M|MZ^TZ?jGaUnSg)3`@&@_k`J#`Ag
zh&A(AxrCTFsR8iPZ>8=tBmHmW3Rpq^d%N4&_>ViUcbEA;p5=MS$C0%Y?}c~>F3LS`
zX43GDQ1a&^NVDz#g~tEe+V17zf4$yW?*C_b>fZm=i~@6p{JA)-d5FT-V!9gA6se-k
zQ>vLLTF!vOoI)v|AE1c9&qSJE8ZT!G(ZPep$xef@JA|Eh5{BFg4QCmBR^Uwg&Kk<T
zEt&XiQ3tH~fk%Kt7o{WCrjsvK2;q9uI3yABm2ZYPO|&=j$2oBagCGis2x%gJ6*zp$
z$QBLzASi^1ZU?8mXgmUCjb{m_lJT68`<p&&Cb)x5nxvm647?JCepd+`2ACxGe4}TB
z0+>sj&#bHgo}Rjzd6vCsj4(azSSZhm!o(d4&mRRlU0*W9j8k4cEt<CBq4C(I#PXBV
zMKS5#xCD1^f{6X$YyhXtg4>JZmYWPX(s_*EbFgR$nx$16u%HNM%%zc6)U2@htYqKH
zl#QB8WF<9GD!@|9wrZ<NV;N<xZt~Eo%bc`}rsqlm=`l~_tewIsO#aMbpL(kKzYaYl
zgJFacIAb4G^54!@_Wr-ud%cYR_bkr}ICBYsNrVAGfKM~H8^H+NOoEW*gN<G9)*V9J
zX{~_EQGnT{EepbgM=%TlJ>j_lXb=rIm`f-LrjR*UYwz92Z>@j`4%uk~*5U*Xg3r+B
z^yaVY9YCoOGY5`2NFas@2!jZATAjm-s|$h>*jfPxXgo#{`03yR_(6hOonb(_?Ef76
zR_EsTq|5#<UyO!b`ak&-Por+y(2eWePGT?!LWo=6b?{x>`mS^1-nPE$ka67l?*Fw`
zz)x-xpa}-Yhex>8nPLz5u+<Tl#;s1^L$}MzC+OGKho4W6&M&?RqEfy8&yV&G-ye0x
z{>*)p?*IO7e`hDN|NE~ux0d<epXFJR#^T^d7>)t+sA#pm1IH02ZW!{MJ$LX1DCZhV
z5;(U8K8d=&tO-L!c?hFq*j;b6R#w0}NWeLa5jc(psMWf@zV=XrQ3zY~SOJt31Fr7_
zQ4`RHu-4KrAfw4mCqP|VzRlOBR(BHnE`hY&R_p2lLhwm_<51DYq?qR;53?Wae^<0n
zcbys23!V)4$eS>06sGLHVnYz9kg2f+iY^fd_y?ZWh`!~djOEYf>@VX}!1egPEnZyj
z<#8aJNlQs=NG$N-t*n5LQBVZTM1JaWIhK9an)G2DqI(upAP<75k{0JZUb1{m95V?V
zqbbBd4)|ZnL5CKJQ3NA`fr~Nn0+&d#o}z|fmvw`640ZUp;$h;lmE}f2`ZEC`L(qfC
z1rfXhWA|5-fGO8Hv|9V(1@Az-roW;g1Z!b%3&FJC+3akA_CLUMv(xMJ){SgbE}@_#
z5Cj;wQ7ee(NL&)!gb>^$(7mNli1s1~8GvIqnz$iwJti|T@K?Yk0^78Cu(luhV5`&L
z?DW?u{sOGv68;>RZ?u2B0h_c~FKuCmw$N(*8%@B-o$_J(K4`ZGDDl|Odo)P^o3IH(
zSUNi{N2&-9g9aMnSzCM%e%jeC@2nictxjJD@HMaVmhG2Fc!}KeiAEHWydvMD8w`YN
zUHn%v+BJw>DpL@cfIAn11k!!tw+J#ToXheZa6F)+2X}O~B1Ax(z$rbE!+U@sVauhU
zuMH3(F<q?yr*1VUl2|lbZ_+ZW6og@mt`5dPMVLU>r!|X)!WKNYoS$&XyVZIGX9^)z
z&m%a5*h_+#u~F3zEzia0rq5&Rv0eXZQg)W|TFurYxR##E*VW@cos4f_LU%>P9J{K@
zU-v5;Ey5SLj*)*D;AFz4=ZA?ugrqYLqW!5GgzilUuhV|ckPm!S7L0=^7*EE)l|^%K
zML{?VWW{i~pFc)!2C_U{?q>$qB(g&G1>j0m%h!588Mx9?_SWZvD?KkSNa7MWyf0{q
z?k`ysU{SWLb#VOv9C9B+XAd~%h#lr185`q(r!sgMTwySU5ybc`K{v3pG&m7O0V^x1
zS<(9Ea8Z`&9VE^kcmNKS;3$x~cgY5DsPO0PfvsMz2cCcvL;(rh@DPUX{RQ+;<YQ+K
z?DjT*BRosew_Eh>zzxDl0xw4i#3K~?&K~m!yar-pQ%<192p_?@ELv-Xvkvg-n!%M(
znim6RE{Kf&y#Ovp**80TVEgsv2H<a)A%=Q2(0|jV!go*-Al8L+J1qk35io5m8h|rV
z1@I{5l+(aC7)BsQKGp%7X9s1^{1Sv6)1pABaI0De*FN%YVbTduUFZymr24n8ate{s
z6jwo%VcBPZi@3w8T94qv6edaF3np61Zma=7+#$FdA;#?U6F<N@2Oh_gUanm;pW+)x
zxje>qUa!+Z%y#bSgTSN8p-bfAkqg!kqvdY6URHhqaK%ayUpeWtsPHbS7{~ST;1rRw
z1Y#JK5QHkY#D!Gxw$<PgnRURL=SFn?<PD0yuEX`|mzgjo=$w%Pq>RpS(>x`+i<-sd
zuSqf~J+tb-MNiJsHXe1^RKmnU1r@@j5?wR{&VY*^8uj5~DFg19@F_tIFn}z=y|3W<
zzBm6o$_Sn%>s}rUlvXgnP{jVWPiWe9Q{W7^w2TGzb{@gL?{fmCr#u)0Fl4e;7Q#8{
zL_QZoA;WhZ@pKdV)G@pjl)t8&#JuZXrcEfBN6Wfb$rh||&2zk4vfC8Rqp$+gEi_69
z80Cjb`QUnRaa~9$+i@_#1dXNEq_XwJz~xoZnnxZqm#!~SR?X(|nH{c0%%hnc$I{#*
z?OsGP)mTP?SbiFCBkF>+U?8uE=&a5FULjn1@*7Q%W`XO_fWmihe0Ywz`y=#aTp0@D
zjRmfz$E0~ara5kk*1eoISyV%yMGdj2bK8~+=i2B;s5B`7m7JnIxz4O}C*!qURGkx#
z;D8&Dx<J+`Wg{NJHFG;{jwS|IHjPXPE#3G1fU~9wAb#mNKncKs4?Q>0EMR7yJdQ7f
z$$l8P7*^=B9_jkQ%>5P1GcZQ}D-61jcwO2KHp|borh;fl7i)c95QAf0rK<J$=25~`
z<Lr^}7-!Fv8Mgp8$(}!R(s&8iOFMfcT(L_=6+EiKm*>HlK%ZaZm%!DXLs_cBby>#O
zr*JVw9u3ODqHvut`+~;68E~=vRIX&p;fvN`HlGD>eR7yM-iDvuaU9a~&2vL%5u20}
zw=<WFiXcvbWkneZ85M~W7{iD$)o==vdo~7Pb|vm8I^ZLQgGtD3L*%C*8iG$AU&-P|
zj9&-s|9k=VPkvAx9-xRMC=6ke-pZyS{@OSgV(qHey~AyK?6)OP!2<vB`rYYfXSX|?
z1U~GFk$1Jd-CYrItare<ywA$cCqevH3`G#21dLGv`H*46!rycjMK?()5iq9Y^5nwA
zctQDvz$N}I))=O6aSb6Y)B*4J|4mtTb%jQcLQUon_lOw$;|=I{`rlJ%9j5|Xq4O0+
zgw?vEgR_s__i&7odu4j4Lg{tGU>q0+;GA?*H}I{Xo2STE_pdBGAMyo<%=Eyy@^itZ
zS?yM>uS-?54s>&_FKM(~<5F&4T01MHeFa?e;EU0_<0v2pieW3}7XqU3b@CQo@LE#U
zMd4f&TvagfelBt>XBlX9c3y3`e&PnYw&osz_{gm(giOzjk)aQQ$igYlxW-brPO6wI
z3x7q|7PGN&qhJ6tO!5L`dv65&NyyW2l=BO^uI=`F3{+LH#%(Cb$c>~}Hk0(M!DR_D
zTeR*!VwevpO4k-9^mz1L;u_`W;@`7D+)MbrOUdu0RlwSHJoT>W(S5B&roUciaIsI#
zpB!8`_`M9Si{N(?E`>8Mbc1oO{B^(gE?CGs>cR1|4f1)^ji}CkI$$gwZ-LLFMfcWt
zo#pYB34VKR!j+rHDtyglRA3M3n{V$CoN4Py3qxFdhy3Xry8h2eK;VbSgS81+9<DOk
zRfCKCltzR$q}U8x^UyCHu0asFVeq^CI4XiGt&}Z){Ruc`Fz<Nkwc`X4$QX48*imR%
z_f))@dRFrP2#%OYBgj2H8RIy-=ca>aKOJ;(<5(EJ@Z{#KP^^9gJh7<@@Z<*gL87i%
za@%0eO__r$h&Y>UCH#-z*d(a|W@dGw>;@I{_-TarY0k|Hsi-Q0RD&RDk2xbw5D3O`
zf~IU-1C)%Z)HcT<Q8pY(mrp34Z`cN1$hYjMr@*G*nP7wY$qQv%4@T%NI&_I!cCa!u
zGaPIHA4RVSm06&m!sw2&L!%%DE&<FvX%d4+=8d%wxJv9V9sw=d_GsBQ14i*@!j{0a
z#hAt7q6TCZJB&Jz={6aU;QD5Q?{83JO-~_QRy&MpxQIJ6%3t?8Tm4RRQ^G>Htfm#!
zaG7Qna|#AFxU8lX)o__+7V{cY7;u%S6Y_9Tc`2t!0Dl8QmoW25(Nr+l57`Y2ftpCb
z+y@HE&qcvtG_858h=UbI(;z`yDxbPZz?J>6i!nERmWE^V3dGTrIi9{vP>#3F!exbM
zkf1SeQ&jSG&;b{a-*@ew9RnYE7@!DzI-<RaOGTSrlBFI&9_}V^026u)b%!v52|b;4
z^`#pJ-D$tmf8AYy(RAu2yxaD)-}X=fxr+%q776enaf1+dz(MA?m#C9?peW#$LG=Vm
z*S!9x6~WqAn0axph43Emcr8pcXZ91cvWif!E;lI^9K;<7LA1W>`%q~bw6$O#2Bk3h
zVU*v8oQONz+#vAR8pWqy%u%Rl_a&BEmQkeDUcx}mVdTT4YF#~o3m9SM2UBa~yOGcJ
z1k4jfWd8wcveYO+li>(_B5_#cl!fjH5}t=wB#7~q8~Ilx3A|g}U76q@8n(#@wn-ee
z2a||N4(sc6>5UjX1zp@op9Ilu*)_?p&?6Re8cc_0#Ykrs^R`r{#V3Tj^%t)$?M_;^
zxnl+*Y`-&B9jo$l>2eudKWX6xW`Rq{HeU#?awVVv*E<_rIT?B`-S>nbHcm6<)g`)x
zQHJ?`FZ83j1)B(^1_&)L4e&IbZU?+~Bj2Tb?*<44QnAV}v1Op1%pzoPaT0SN6SmZ_
z=j5?&gomL7L1lc=@imV<r_?d?R!f#x+4@qUAu=ni;D*0qiZvS%5goj2<(I)Fql;(2
znsJG7VK|%&gR1);4%ZnkDh`Vfx%9MfLlh19?X27kviw}@o-)z3ZtotI*IT-(w92{T
zg2dtaZ2TnOk0DIxDz0%Cm4{1KULa8EogxVaLFsKzF<h#$wftPHw{q}46Uh^c&qv!l
zipnxiS%Mc1R~5n@!J#TDR8oaDxeJA>f-!v5SwJO8hzm2$;NcX3b4Z*VE)_5<s<>`=
zlyu+~25}OM-Q>R10%2abY~HX1aIvDgo<OOi<V7C)hC2eTXcE?vg>!(MmAPNo04esr
z=z#q&M0Xg#fN4(M2)Ie&-cxblfyXOKojsnwm<a^8-{UqW_aR*00LZL^Ny4th*O+;V
z$77YSAPBrdXKu=^=M}9Kwi#z|a=3p6+zA=Mhy-4tnaZ5EgO;qOMJMp(NW@s60<d=L
zCHP@Yeq!F}tYw16;WZ2QvH{2_z<^0*+~s}*!7aS!1>3A(#}H^)1ALRz-&_o96}CNd
z>g6g8A=7>|=ftAhBonTAHhrZbq!q3jMv?Pg;20@kOBEAm$ghK_g~3(Fyg|ZM(|U9v
zaGh285s7|u1BX<8Nu7$M>5PJ_p~s{FR~QVSckhMpM}!ImdLUFYq9_>AveMk>g2?D3
zaRM(0iovHNZkbuC5hO0Y#a+3nVLL{Cnw_}o65@KJ_Q;L=5GHK}WgAXmM7k?J90U=q
zgbBO&X}gi%juVIpie)XlE)g`BWeOJ)%PxZ?f~19!?E=VF{`$9xdtZJbWCfwn`!)|k
zx%cfOxV{bUf?*Q)U3QT2+Rfl8@w&~zW8Uys;pulacRS5py)1B*IMQa}s&b^A^K3ET
zIxF#`&B9gXNIU19kA$nzcr=A8jbB;X`eL?RWx#+Gt{PDS76%vS_&!F#Zxi@72wChM
z19y+$g0i@b8M5pz@bUEc|9m`RdF@a4-ydCAHKHu24u*tEVnR>E)Lo*DyC4jO_8UwX
zD2yZHhV$Gn)}OElFGLuh-NJj!89Z<U$sL4|E?2pc-$e<K(S`2<GSYSGC;{V1NP;+o
z?0{nWb*{9n<WvphF~vZELrm%f!<_Dg@7^8D+6~>r8wu%!w!lst*Y|OkM=--(EjZQ~
z1d%#BA592t&@eV2ZwkgZ2_<I^f*}_=m<mWhfk$W(`YPU(x>`t&<ttXQmWJI16}!#5
z&O^oYb2GzMgPi^U?7eGq8@IM7c)m{m3JjSXNxtf)B+IhHigS-*JF)KeLnApmXO}Bw
zf!!d9sM+W=x+Qa4nwszPFXxv`VJ*D+!G|8PclI@_5{qm!u&@9utoQ1I2v@<b|Cxr!
zZ3u`Y#GRY7n2$M2w%gmby_h(K5T-zQrdq4lq-V^L5qYcR!b>hu&ah9^VqZ>qJgtqy
zB`K;5L>Cxz#Gt%;M2^Z0NoXns$%RB4O(`_Ib8`6V6?{byc?QCAR^Rb!7>>KJcS*~5
z`kIwf;qCh?g1@LiE6mlFu#&~4JDfV)P)6iewYt9^zI*nvjnqUCs-GDn{5Ecf(^oHE
z91~t*JBamElX8b2mM9}KWh{qPIoMGYRb&ay7kWMGoRhf_8VdST+<HEcDKL#Z1LOjc
z*>*Z{sR+zSlv5Z_{c#%v7c3Pt`Q_wQof!Y5uF<MU6;ti>r44}+-v#qF%aUC1tlY+g
zWEbL`5js|+h<Y2<1c9p4q_a1IpVU;ya`<p(X9sfP&}7E50qFE37iu>SjB0d%L-x86
zE6;g;0u5@19|$Ch<6IH}9u~k18xj5F#sBr;my=gO9@XEkU%Y$y_W1%Uq@&(lAn=Tr
zhwx|JQw;AUaI=Els>DvrGN9>>UU903G`NdcPxuHE;BpD+09gWt7&}u)w^CGW+r~uG
zY;Jl*mOt@*y-Ge~(TYicHKJ*Ss97EwP}d9&YX&ma26mdr1-ha2t~pPkx&Bp0mfUq7
zT&K^Bj{2+<E>o-l)My$nMlbERzgs?%He6;5sQGZ_#z9`oDynLdaSJTs`tF+Lo!}D1
zgxlr3B1ee<M-&s9afu}^)b@23lDClhM)q&wwfx&w!ZjADo8}dHB_=$kDZ!uJ{b-Oj
zfhv^^o%t<9oRx4TT&f-Q9QNy(I(Ko&FBD5!3PLXgPjnD{%FKR4s{>0K(A`KMx)LtP
zZ}1DptZ@<mQ@>y~T*%pND0UqX@QzXt|8jI2CGASMYOx$w#O&W?*>}9&$(a%X{*3d8
z8%h3Dh?$aj<Y`${aak2Uu!uop8Z8CU8752b2oPyrL{vh~aL9$+bTIFp-YvbM7tODe
zBm2v;Wa=V)m&(7hf{!~bL#?}8y+O(pB2W3)7$nqi=anK-IVUkBvA(Id<RXN33R){9
ztv3B!CT-c)HxqE0FgC@mI-tvhul2yasQ~7|SEKbFXg^tEZ?wb!paDW?emoXw3WeHz
zNH?ntQipVnr$gzmdsJX^NhB+`G&cvC1dNQOLl<F_4$4_RXqcau&&t^pjBNRC>Zd(w
zpD`s?z>ejaFHV$#2%YIq-!QV|nc3ffDDWxenhm}~jNp1Gvy(9iV>A?sr`fiYAU4Td
zWHr(asthiGDO<W3K>uEq{+i-OD45Nuyyi3)O{!D)znk>$LHlo~0a%Pj$UWUYzlS3!
z(yG*TKNJK|9R!<0YKf05R?q9Qs1ijdqSOMcK6!V6uTzR{iP4RP`}|_G17U$6?W4R)
zm|k0&K7DcW=J554ZTNP4czXKl+mq+p_abT6(B7d*`TVLBUwZ8lo$Io*$JpJU_-sAe
z?xH339pmmrRqVrc3w^N<&suDZX?|<u-CBLTCa5=OVH|AtuSoWR{<phJ7UJ>WN~P>i
z>|aB#T!-kdpj`GKUU)5f$M6d(nSD5T#>?kTH|S-WW)IU#w9Rnf^ks#S?D1U`(LRZ}
zsW#gB9WU}1T<=zM?#s8<2`_@HTQpyBt2ubqxYJDI8y&$0fNi;aof~Z}FmHOFImo&t
zqr2T_4rKo}+Y}~LNpAi7-E0n{-HN%t?9JvT*3IRA{+rE*s7u^y+-#=#7rWOGfLP}!
z?7rE&1KBC>eXg6$!J%%WH|=nhWjC9}^yj<R9I09RR-2W7j)VE>>vzW_E?B~{lG9X1
zYa6B<T$N<S-`MgLdI;A!n;Uhhg$p3)22ORHQH_qC`nCpO4z8R^c`1ry8Em(L%XExz
znQtp#L$7yr(AHVVo30~t>@Q?zyvLer>w&t)+Ac;R0=3TCLd$T~3VU#^v9`B^tG>1f
z*Qyo9EmsSojg|-3UXerde0fYQ1&7qcco=foYRV<B4=sw(0B2$BfGu{Qo308SxLUFm
zmVdh7Lj8NU?Mx?HZ%%ko@Ap!y#lW>V45Wpx6(J4xQ-s05l`V{C@QPMwz<_!n<F<`i
zkRiy|a-G`O)ns(A8*038mCy`DSc<IRnKrGc{e0HF?-UI0nC$i?UJNhh#A34i41fdE
z46qj?8ZX(AKJ2ClK$ZZwCqEuOTjHyI$Gr(~Syq2(QhS6;k`s|4bn1^0&!7^lu}f(e
z8e<sKwS?>|_+5Sd5nq%xMVXOtp>l5)GtwkG0BR-K3r%ZPFAFX>&5}`42y~-1Yj5ea
zdO$*8r*iw<#`=e3R4KLz#S6R|VezRYWC^@trmwS)*x}TUP*gSQ*af-FU#u=6pm)Ks
zNKUmsye>nr38GDHLv1VMWhD$RNzRHHmzaE-N^;3kjMDCQxTwMPi)4p+ept*FWq4Lx
zH&);^?FjM)a9TQmwPkc$bKhF-1>)cW(}h~>lPX;l*HANL*n$vVLSWc|e*5>oEkyp(
zPXjJ*gLi?q5-$IM+#N1m0eKBJj64VNz}8Gg{fV|pCS)}Cb6sdjrIwj*T`M~>R>fqU
zxJM5z>iKjQ6R8NW0o8CN*#1tLztlDGQ$c6!QWWRQa~J;VazJXszIr(<7-kk~5a>Hn
z<vLtTa~DF}aBLc%H6qrcM(bN<E?fdtXWqhvP?^?ExJI;;1NFaqf@?wE!Ub@ZbkgOs
zc16xEcBB2<<}K`it2<(BAzWV2SX6I+msqhnTuUOeI^bFwoORbE65=vT1x=p&PS;(j
z`4;87Ln7wVae<?a={5A7mmE=B4)YSYI#Sa8Yv-Tqm_~QB;1xNs)J%+5V(|W#{ivJZ
zU6E&1p%^kn!q$k)y>)5a#Sk@!T{lFF19jCET@@+j>lmm%?**<FvFn0sS-|cUIeQ#E
zet6qp-9>P<!gjmhS{AT-$6(z>aJ7=OcEPnQVE2v$*q(7yz<9Bq>22Nd(Po8khM)#q
z3SXONCoE-DvdG!7medp`4TZpKk*WQ=gdf7p`nvfHo1+tWUWl1ulqyL?&I+m?+{N9y
z3$Cnbob%wa6Gp2*14J%Syi8N1y7!}SGH^kq$_v_Qczr1@$r#L2S((nsu|t!#V#>In
zHZI_bob4`8`Faz$78g3ZBFDx*(I0+s@8oPSV`ahP8}ezLaLIVex>ZhB<P@IyDjPj6
zLaOe>I$YDTT$0Z3MsSs>&SKTEzuJ|lMyZI;tro+W&MaK_prA8wEmIu6a;057rLWod
zjwSLo-dlG*QTMtItljIV_Rc##W1=b>oP_>Wn-4vUHSRYq6~;`FX9CrMZ@RS>!lh)h
z5lea25<V4&1J7`s>opQ2Bs`I1#KxjvcE3di!nLzZb-{$Y_@o0eu!p;6Ye2@c36ofl
z?&fe63=Og`xm3JLvxtC?t2fnb#GqJ%NE32`kwBOgL6CweHn7(IZ1)b8x^+slEMWy(
zb_F>v8!T|3UJDETo_|yR=c-cdjZRnIR2^V0ODJ>Igzadplrk&9^jO;^5Ow93SqRbc
z3^OYs(i)?I{x__TvINZTv@;99T$OlcC74Pw>arTxCX2xA&O);Q%vE`4R)V>T@m&aJ
zX9<D@U^;!oO(8U39;TOczN}bV*P&jVZ~sb{<7C-IctH!i(HfB72Fz7gTQ`^s)9)|L
zxZj5M-y{it9XEAbSUnS3Yo~d{xc%PxOL&U|u`KJ*axm9PLDUWAEp}Qx0UucoX5(vK
z%gFbqg1M|P_cCn06tX1x#Wex6V6I|ny0BSr0gKmBd~F$+<~<TamDd}Axv_DJy{Svo
zcUGiY%-Y<9n`wf%$|kV{%)BGxVGEmnarh<mT2_I%N|svzW}8^I&P-9F4QVv@cfbw7
ze6sUosbydZm?bSHtURs(yBwPa+#4?c?ZBjYeq4xB#G)&}`!Gq+v)yY(#+;>ADShKT
z3Qis?nzX^xjOJ-q(YY&E<)9kbFifLNFsfRO>6oVJh{osOBD);STb%S|`9iO1iBP)s
zX=kR;6{xz^5n3h@UXjcSfej#aW(Xp+KzPnrzBZVvB*hLeGge-T;vBiw2nti_^4w>R
zZc_5bZw4;1P!Nx2BT;1uDGNFt^BB1^k)`OcYYZ}8sR?;Yy4eBd3k~HOV2Y}&!&!<I
zP~K8<U6wBr{b+1CFkJ(zgT*!VuGU=iTd*F>YL9>Ba^rQtmK7iW%=N|_Bz#Hr@y}dv
zynYncQt9|ftLjI@ZrIgHW^M*)=ke))AJPrI_z3b`^LD%<&vju-@OmO~%54g7z;G<G
z3`@P<j1yi9{thbDh5wI=Uh~q$Gr5CxMGk$#H7J$MQ_Na`@1|<wsGq$kAta?*!>g%Q
zY*S<@q_Jf;Soa?5fS(&;-`R=BH~V`CqAuV)qI>Hy?fE$D!W?w4JdnL>WVUkP+U{FC
zvf>9?6Tc#dUZDhN0!m}Z;AG7b2tqgBHPL}_adK)8{7B>TOIjq)#4M*JAMvzKP3(+E
zx*>`EmI@fBkkCHnxkxs2WD4Ntf)x^MC`<vn8|^+MiC|J4AzOl=U8;<rTCI6zuY#c8
z?-QM{+^#pcODg^^2q22g+?of`Lkzqei3=74XJ=<~I!gnuV#qKcx`dJXi;zUjD9?sO
zTUB^Ai5LzR#bO3c3L(l5Rgn%!@7v8>^Tu0pI2e4piLY--qaW?T8!*5Jb#^|;YV<(?
zI)u2MKu<u8t+$+hK!}pWB?1+aUN=0dd+e>}Mm#$^t7A!wNvpOQpvA8&76h)yjpvwW
z>V~01YP}Sh>Y`rmsntqnqlkjQ0HbzmSE)7CSuBcz$y}hnZGE(%TfWxY3QHl;B}cFn
z6yOb@ItKg<E@&}G`N*JY;J4Eit%us`Cp#Mzj3#fhbUwuT#@>+5WoG55jizdib<0W?
z139GyOBOY50^s9eAqr~6^N03pX!Q3`i+=H3)&>wZorcAFhL?hznZjUak@47eRj&Pt
z>Sx=*nHlYDo1DdxpFxS3Gh6cP3^tEI7tMLD*n^)$L1?h3M;rX=2S8!<eUQl1b`8#I
zC{kOs-zP^{O39mG@D8XORsWGOyCgG+Z1oE-CADfyS~QKwk3jg;i&D%O(Z|=Ez&xdy
z)(KL0Zz?XWCp(R&dK_>2yJ6I#Yg{9tPy;v*F8qy<-=)Zg<SH;!{Zrs5e9sHl=?w$#
zNfbriw?0vKM9NAA-9aKQ@P2Q+;dfo~GG)CX>7A;1TL+!qw%@4YiE2Veak9JjaKHXg
z-yOXn*|k4k!(VYFOEGKDwQu7osZ|J2gw};$`zw|30$889{~YRax<|Ti)r)^Z22CI$
zg&Jt=Tx3F7QbWfTcqeQ;Bu43PE}~e>{QO9Jy7eSu<xw&u=DU&J-7hZ1!O%1N!^2dZ
za|c@ZN5$jw5W~NRjsAD{c6Ps8XAJ#|Ar{Y1KOCRDef{Fy%NM_#+64kX#uhlWw_d&d
z+flRqD{;;>;4w|xD+@QSL0myEqX{pk)u@uJh()H(KA=&3A2>7TU`A!h3Lm?T<<i$B
z`SI}d#le2<$Upb9W@#>0SA7*3v9%8&hk@d0NCtVm%Bsl7|2lp9M(?0>4rkp9pW&vN
z+NM8J$qx1j%VLqR1o!GDizX5InH2>uw}L~Gu}hNEg3egU3NodVj2O%6UZPcz0@aAA
zRHTORF`0|X(Lgdf*w>iS$rsok6-}iLY)1bL(-q6gV(!38SS&CKNP@EhXNmQmFl-!v
zUJ8<Mc^(BvWAx9$jyPgRvXY>amKz+dGkDrHh@Ktv?FNKKr5g+w9>kYLLJ;U54v&v8
z=aBXl)M*428lh{U_-Kd#il=Nwhva*+&*q{kCeR74^?(jO<%Rg2#bu~=^Yvg<&@7%Z
zIrxNsg*>?)K>veJ>L2*7(f)&Gk?UQk%@NqPq>|`3tf1Q%Y-q<}UKsyiC_M}~nUmMQ
zoW4_=vS4{iV^ki0yZ4h`eSZ`kQGrKen^;)Y?|4L@V+}=peG*>m4iaAMxuX-9U4k2l
z%cUq&1An{slN#FLOCL-`l^WvPy`R(|>K`+VMI4+^Q#_=ei7>#8#=P^fG_^Oz@@=c*
ztNZf`^-FCka1Ps=L<dlj7VZ|;9I{@hB}r31(L*EYM=e2&MsmptNkoOwyCTyJc0jcn
zfx6Iso-Ikt8bORQ?q=_Waw;VAAyUl8Wx>mmWdUA@n5z<Gqc~<#*5ZL8@(h!5n8VlT
zN(&<_feuiqjY*&bKMQ)H6GgK`C%s9cAUGrii^XilvIOO4E)BaQGH)c3GjEl*A*})_
zSW?AC>bCVwYB@9&u7Y|`YR#&mK(9<iX7WPhtVri%#)|^x;qvczqKZqFhkbcG7|r?L
zkvAEVi{0RyXUWjz90_Kur0UvKcNboI=+<S~Zg-G~)*9+-u9X&dNP4@yz;t&0L^jxs
zA-M_zLf%JF^qalQ>L<l!L0W!PI@0*rvw{gNZhulzE=xQoww|OYylu6u_G~qo>KjyV
z5SDbEpJ3tnAuG>MGbLd60SfQ{8Bo2`L)JJwiZ{?PbP@SQ>dXL=5w&x0tnI)g#WKDk
zeg-I=dBL2iC<t`28Fig2;YBSgrc_a#`)RItW=&!sJd}LKyb}yZ0giUE4Oj7sEMr>K
zJk!~$ey`+$SG=S&O2X5rV!oFbG2A{sMBiH_;t!F$h$Fq85ion}Cr4A_*{QcI-d2J9
z!9Jxzy%^qmz!QyFOckB+5oT^%y;VtGK)QQ4a3tmDF4F|wye5|eIQKX>6pEp2Da{pe
zDL5_Np0(DMQji(Vz`;#zFpt!@*dLlCN^}vjoD^zPy2NQf0neKuN5kbb34!b&NRARY
z@=&Km?bMb-vY{Bo4brzFKHmRhQ4Gn#Qx;%l*XMftd=e(3NP(<r7a>0ADCv2fG^LK$
zbCOR;GV<D3S)!chY-q7(e+JoMHV@5%KhiK64Ik}4+;dGND~2Q)g$1LD$kI8a6S0rM
zTZsKHDKaw+^D#SONH$J?$ysswLSg)ve)Em`b;Gv&z2jXqgAtWX0f%_@<!LF?nMf4Y
zby)^LJpMV*=7#}ff}e*mHGhq(H1#@}(T{I)mOT?$CWmB)^eut7cogmbk9y0aBxSng
z-jbHF$g<b;<10R9ioguX?*9JHvaSu@-6HQm`|oxhKK(9wxJ|y>*?;<7w6Fen^z^&v
zk^1A{>37k=HZ*;@yW{ny#*{HlSu%3UIQ;a<_ah<FAGB&*Eg_sLmhiH6?!CegPR*fO
zDdd`7;W}M(ME#SQ(7aTlo9gtvMgqF_4F}-MXWSSfQB081aap3(uuk&&T0P{Q%TTA|
zQa8s|O%LQB5&zV|*$TSORmZXFlkf3-ZX1(U@<YvG!Mzia6Wt>459H4U&8NI%%R2P1
zrOs%hCv$KoYxIOSE>R~VQk>k!xe_Q*(k7dyD3XhU{8)%f>GJFUa<tVN6uTN?FK$e(
zBsEb?2u~uNe$FX0MKL)_$gYyFK%O<(0rl(f*r}`R41Q2FsHw@QWm9{y^JJ&}mZ1=q
z%xtTXD`^L`<Y&pd>KHWN1A4dQ9i8XC_Kqc2LF2R`!#L2iiHxY^F_g{L4dI8ws+@L=
z=o;Irw)xgC-LQIZ8Z0#5JZ@vB6Jp>V{q$E;MiW+;8$>;R=AO2Co6+K2Go7$c{3G+4
zegw%Thiy60uX6d^SKLBhGn)T^K2{QSN+w}VEV2s*HFipY>Q_(#lty$>Kf(3kDSR7O
zjX7DC9Q1ah-JW}1rV`f2SfA=Y|ElJH_>2{0t%0`|0F@a1t`4EjtXrQ0%i?0513QZ^
zFS=37RGOiBQ55xR55U&G^x@ywy#DN>&RE>-j_AB08UmM1&$mq6>c}tqZzgOtGu3`k
zQOi$92@+7o(xoyN0BfK!LH))l3)PUp*_5R-6Kr~hN;z8AvO>z{QmSzvNonc&zYm!P
zisCJpW<$maw2VWXj04FEKZ~H#O1Zs^d1{$RMC@#{7~->>nF6eYK2}156`zx`tL0l!
zyWR?sh9I*dQyQPc_lhS&yX4rUPZ%$!T7VG6<O8>MoIVlmXD!kw(erIFK{CVT2V>Q9
z)K;=A`B1PK&k`l5*xz-)aXcTAUA%7fo%TVkMtZ?M%$SsP!hBY_50NQnr&X?Nx1DMi
zF-ZPli%MC?F{v9OfnzkD>TWu=9k6#AWPE*SO-nJ)6^$N}jsO1d|2Co#Br6<}jgR8v
z$oy92O4^6;rP_^CGXlW^fLlg@dd3eoUC54w^Ve!=4`wmVoo`;;?YtCB5mD#cw(NFj
z7G3_bI_piBh`<o;(R^jC;jO#ry6csmHw~7#Y!+(X`j=CJcPuu%p_Sm<WGXJ%g<{D~
z9Yv}A3Q}H{sV1<onCWtS3E7m4p##-c6a=uMb|c`$Rq5DoOaJuIgnVS%xc+fTAZ}f5
z*H0`st8v!+*~Ez9eK4y^rX+8m2NY5oTq;Jzl5Fx^#MO*t=uEH%0ngaS(iPX0tPHE%
z(eKba2`v)ARutAKJfK66F)MY<InG*NE$FCdI8d)d<Thp_x9$Bt!CJU^w^=3Zf~6v7
zg&e3CK7f8x&*wvZ0$Wk=4^hD~g3AZo8fZNh1^LI}>sLC4&$~qR^nkAT3w@6U3g~o^
zaRMH;4HNKlG+(OM!%C)(+Yg%(v-%)JwoC7cXXbb(v~{Ug`_tR?=mb(;3L;CEt5)ia
zZ-W*+V|ZM254Gd1w~ZksZkMQD1AW*tSNg4<D#E;Mi#vEP`+Sh8pjvx-g)(>9`r(M-
zf@QQ6-1lr;pzrNiUETS*i;T@7SE5tiw$>Rg-`#_Qz5T~ecEW>42m9gvqa+TW>^+LZ
zC!>TV`!xA(FL~%LRCNkt;AI<hu70x~q31&ae%fZKbtd}`+PrylQVArnn_6y>f=#NF
z7U>+IK+h3FZ_dp4XXX@ZN7qJjRYTtOQ*dC7kn#gPn-p~9b{F`yX?9xOW{^yRLn=pu
zFj|sP#nS{$LdItpBp5|jBj3SIof*%)O)f=yefv8D)crfYnIYAlDgcl`Z@(Fx?c!z(
zVd0$8Q~PPzn+2K<TqFJV-uiFvwcmcY{@V}hZ`YVfv!53Cpj|E(zt!y0Zp54QS${1c
z<{aQL@cL>Wcir+BS}r;8NT^N~*KUMU`>bFw;}@E9cb5au2+jM2rj6I4EsL2?Q}{5S
zKKYf6rb3*PUrt`>WP4+-lSMV!qLX*8qX$b>n2c%8NFpi-X{pqy9~BrYq0d;Er(|4Z
zAXY_<zDo8{NkgALk+V;qEDa$&J>^KtZaor_>+3UeeZA4_fR}1%7x#cpnBMz%c~0?^
zW2G3L@{((a@vyhaWSvK%g<>`ykfSVhx$nV6OMC2iJfe<?@rbGsFo3EVx)7=EfP;ns
zu(wL$7f8X%FLbR<Q2D3_Rzrsln}rab*Jd4p`c1qD1aKomC};+PErX;D0E~|THF*#_
zFu#JP+9-tZh8)5ikDPo79=US@k)8lzP7C-_%P<PJz<MfD4ZJAK%)Fz%fQ85?#ww`y
zzm2}xP{>GRtQH%9x0bkIg%ZK=E`-*w>=`;OiZS7OLv42+DbTOcLJeS-{%4oN*t>`H
zy1;E%pmQNt8#7TnqV!}Nvo{bAW<q$Z6Ek5K7+Z>xYR#gq^lNYQ;hAxAgeXduMC66K
z#{l&(eU>Gp%F&QtLyi%+Yw-`Y1E*zGn|fUf{69Ams{1QMB>yL~3LE33&ZPlQ$-0+D
zVQB~yIg6lReDpIb&p;}f(kw}#0)S#{Wi=jiL)~UVmauXXz2;xy4Gw;P7BsCZhJ%|I
zY|KBBO|!qZg5W44qDV05a`%h+9TrWZZFDmn4hCKjjOpx$t!>P@U32Lyh2p}D_axk7
zkz*;A#NT+1@py;SGqmV8BS<7MB)x3HvyXUHz@H|DEvmm(FxdYgCI=Xj!8f}r->D=E
z3pQaNhoq-~>jgIK#}bPFxfwm!YDNv6Kan<CC}9`DvcM-7)zn?*$tcSEsDGZ~(u3~7
zwzQ18-3W12uyjsrCL60#_Z;qc#<fmE!>U+7X}7_9N4gSL$XjcMYxH5zcXTpg#g<lg
zLJnWg&lWg#2(v*QxCvHj(3+G^$flPB-r!36hwFYZMrsR`<6h+!V*)s;VPv>4TJ1fp
z%4q}{fq48usBgcy?Mt4T{flv_AGrGIn-3q<d_N6X84vW31NG*IT0aB(&b8}6Lx1B=
zu*J1;qNtT0g1{bIe<Kx8%dVV)IO5Gb48t3GH7Ni>4NeH)gg9b=eB#@j{!y`pLz12K
zkbDn||3h>3?g7l^D2vl7VTNq4w?q7Sk=7f&!g}E(LfAK2x2}G8vtrUHi~}S18a#=1
z_V>}rzz<SezMe=OZ0s5AE*oOlnuq1sT=BEhQWSK;$Wd0ZVoYO3HlLjyZP_E;b@(ZH
zc6vmTLb3Y<Vj&7v7MxwUJ!FP@fB4U;VB~LXPW}!m;$z*fM=2mu1PBE*HnR=EgdWC{
zhd7ia2q9JNw$@&<dWXQouoj++Dl;Q@Ar(X^$&J8*5H-4vV#y;#*151ol~yN2GZ%+t
zS@2O+GEWG?-VBPK>C0<2w=*}=P9_p|T#ZsLr#R^oHXb%aIeLB(#sxFsf51Acl{N_q
z$Z=Xt!lO*DaD&xkrncYvg3Uz9Y6)9-HtAfy<@pB(qg0GcWWmXc!{@JGM6;w{R9VQg
z5VI+Ii(1R3(B=W`E^o}LmaHHMew;i1psxHbiB{P_v@>mnh$CACc|X7(LE50^TKbZ%
zoFInjLm*%B$&?&kP@Ym9ovrS)Dg*B%E6)W+Id(~*P8cbw%;O>nB~#T8_4_e)AYXBc
zm<mvbM3YnjY%&6kY|068W*+L;Zp7@F8VR_vGmkAh3$!BYP!c8gpxRaqYO23V1{Dq!
z$@MP91-;>HF6le~slikTol*4ZHLP?C`ce=v0$*U7rqJZ*SnAe+aa$(;5S7X5tb=dJ
znG(Pu-QD%|*%@AFrB{UyKm>)GOGgzgyyh|dQZL^JU-i{yRSB8W4>@Cn91;gZXr?y&
zZs)sw(=3HJ*$*^Hfbk{Yd^&#n{KL`lb*&XmF4TaMEo`Vb<ZhsxXUu>63w|*Cs0f`J
zd;oMwc0@II2Y9X?V`pb)=U{&y{@vNxY5u#jv$OXfyZev#4|aF=cMkUdV`p!F_wnQZ
zAUmG}0hKIi@gF;P9;-RIzsTp)^_Pa=>*q^;7N7qqEfSWo<c&z!i;w8<GI*w*!G&^z
zF;<=b$Bz#h=YMa1cmM18{~Vu&S|_F@O~oXNX<4Q$;$kr6Ny0L#YUyfnUX562{Yp1}
zcuIDoy@O~c+#%nS-RR-2`g5c6RUwBY<yrO7d#bmjdK{}8Ro(bQqJQmf=h<_yZ*M<`
zaxP0Y>wdAoq9GwN@a8b&m7L~<_}G-TX`Z{UJJD{mAL>{3f`rMq;9#Cq0=bgMazg!7
zo0`KquH^K%5FfR(KB#2LbIN8SJ7v(yw6J2gi~@z@zk4V)7~TjF^sdvYg?xw{N3&L7
zS7|5Oi*|w=pMQ^|Tz`)(KmWUrcK07P&%bK^_56Q^PoF&ZL)TD|-8=_T;O7zf$KmT&
zAsQ4)ouENAc+TRK7Hm;%GM*XLvooy*fg2vBU9bMvNN9n<ofGuJgZy%rR1%v8+{uJa
z(fu5xTLoOuCmoWrmy#qFvssn#ay~F84+Uq&Xfk4t4-O9YcMrb%Zg=my@Ah`$cuXm!
z4|nL3NAbbqF?+H*aAWmf?S`**AE}8w^Hp9!FiFLTrkci<sSX;+Wp1<x4S@l)6F|8%
zhE8<#1Z{$q?3JRMox(=YCx_@(Eym=O&9v9FEDOprB}f+FwzlcHFLq$)HRugyJWJ$2
zLMQ0M=+OYMU==)3YuOL_kbelQE4og&N3~2<Cvdm7+7FOH<0*^JQJ`gnBbC$<>V9fI
zEo^Q`n?r4e&YMA>&}?p9MVj-KMzsc}u5&h*Cc*5C<_P!OOpT42I_Pw}R?^o-b>ifF
z1YizejfR9}*1b-9H+pg}yTmtf$RjUee`cIe3kVDmRaUZsC1f+HPyoMRMM|-1uby53
zzL;CvdLH<`8QbIv;o6vlBfb%!`s$NV&9|sBG+m<%ZVu%(d8xkQ(E>*qDItlK8pm5s
zMG7u<qrIJIXF-oT5P*bXQq04m%C?<RFD`3+Y0bfik$5U3%WBu1-8e(?{x=xQE$xu>
z6o;|5+Y9<8bq-7sbd6X&=~xuyknHa4J=)U`^rdRr5xx2C*VcJ*4|s+~oYQlzSOGqs
zx7$>b)oYsjp;G3Aw(6n5u?9MezOEu;U=yKWqa4BJbUwD5JYo@HWt?mUw)K$o?BBL8
zuyQu4@|(I+(7RD#jZB52B&cC-@A1R$e0s)ArEy)~2Yb<=N!zz2$zEr+R8&we5!7XG
z^hua`tq})SOZU?NYD6WbB~s5`m<m-gXEF4Bssp%}Uks+4Tjy`SZnfqWJD@p_W=Y>p
zRt@O1qT6_({Zgblu%w_f8GXRYV0LaEMX^)CRByP+0b?2~sCmy}wKTRn7YwmCDd<R=
zVpM2%m1aGL0j3ONI@hULT~mL!6eJgU1uiun(l?|<vD8s-k?qMN^sFdE0lx1dbBb+4
zdmx9=m_&a^@@iOLW69G+=fOOtGm~+N^miKulRS$V;Q%fBn6nrn1ks}J>f#w<gBwC`
z9?O$s(45r#xEgOjo?8|ku3f~-kbJrh0!vA{_OCsCt^}AJ$8a$m3NFghJ+Ws~1Vpdt
zcMlJ~gC38@q{<-jp|qZlUMw!e=AFE<J{-t6nWZ&`Y{S%rpFUY?aeW;^<LJ{TMVN9)
zV|IPr&P*}<^a<N3z^<?HC|Tk?6A5b9%^j|hsjf97VAfGXRHe%<r}gQW49WpsFj-39
zi6&+A0v0&Kn0|APG)DyZk(g9bEy8w<UsSjnivqH?DsBPdgk<RvDzM=n9jn)O_Z~+(
z(N46B-5PftYn8AN>OM5`eNyK~LRXT#vhD+xziY6F=)Vqu7eMRvKDgkNynOfW_%yKh
z6nfn~7y4G#Gc*a9p%Fw2Vq~}n*#GQe7MJ&Cr>L$6h9^diKtzEfVV_VSAHc*ahV{-@
zt&8;?H)oXM#i@N>681->p4Y1UX9<!6FeaNovdr&VJJ0&X8BD(rW98Vw(Of4_18WGa
z%Bd*$KbfsiX^;@Cd%Y8~V0o)@s+t-nX;E8dTsiOBAdMGZYZqYSczMDoxFoB|z&17v
zy-x7x;+*U&AjVnmCJdG;SnSti?y6@>bB<vzbdCwuX5s?hpk!Q?>XOk+xd}OEv|z<M
z1=>$MWzJOEvHLpOAL}f>7qsy0#Er60dRg_V4ge9o)!5N496WPz0ACV6r#f-XQViW{
zI%X&9V2Tw>fZC!SLgu`D<949G`kX^xc@5?2W6HnXi~yLt1E;62Y#}NX3-Qb?X1g`@
zvQDldLpqL^NyZcjq{SSIn6d(0AeD6L3c#8psNJ{5qRKFFf@=Sq7uM&wPkz##o~R~4
zw?}m`>fO;~UEn}Rx*KFgoKK^IKtW|Zv+a;@Ud)*1Y+m~w(`U^leWMF_n`8VyTkoO+
zdb9_M1|;W7sD`jYbBW`Y!XO?KAPKp|J<1COFlpjD_-eAN=V{5RCdX<$qQGoo%s2we
z0QV{Im3&Oj>PTzEdP4iNPP{@BGp32O_3?qMnw1C5{rT&ZVd`YJ7Y%EOejZJ3E!0<f
z?D1%=C0C45r%Hy9VnkyzxaS?$z^$H1L#)wP4bc@+ga>ut5w5Q2$E23P+#k*Q`r7-l
zaUv{hbpAw=!{Z}8)LXS~mMtHX&XvOq=CvowZcYreG4^{0Fh)%&$v?pTQ>)CPuxebr
z%`*3icMf#P2AZbe!GrlbfeAIU_B8KVfPOxwK95g`SMLM>A;c6KF++mxQu~eCRJ+!k
z;5cq?!Ad%5*$~|GSj=WLONQiqukmsZ5D|-fuIK<3cV9fRN$41+d{oe49*!zGAAw~-
zg8=54-M|VgHn14N7IbRKrastm_L!_v?;3T^wJ(s}K{PIeln(z!ENt&pQyn?ODkC+;
zpAl1};yUeufftHD=&^v5ms%JsD;-XSR{<q)Dyqb~*^x0X*rft2FW3ciek_vkod}_J
zpVkR$Mr~9<@Plb_EE1f^OB1=QB_42rPv?q%ZvfWN<Y-L`rkl;^1es9k$(ktBf}BT_
z3!24>pknkJo-pZBwdft~on`Q;cb)m+be^#(GEx(TzH~oQOV*46-(nQ+-rQWr8`28~
z&}FeqPDP3LJoKz?c^C|sBX$2tKGNk6s(eyl>PAm7ta!RY{fK3tRYwJ%Ov{epB8bQ|
z5OpfV_4$D2L$VVDAiu2;+skPIX<<-&Z(Igi`gYsIQf!kw3uSkm#%e9%rJHq-FE~8L
zJ&h72Af`r4_AQKSQm`A4ESC$clVX|2T?7lB^?v)8bbI>x(VrXIf359q@L|f*oE0)E
z^Hrwc753l#gS|%$`|qQjokw5ozn|mNCnwsmBKY(vGy*^mEsrMe&IePuy+^|9YiQ^x
zYSFT3oH{yfmiD#0;8{5)y>I29cdHIqmbCs3`s7!hCE`*Nox(>=X7C^|zgi8WBH1)a
zoYEBRq3RL>ClusSwgc4!>oeic9{p5ASl#KVptUjx@suT1YRnNrGQY>*!9aoOBN(2B
z>S^fpj`$6=aP7OvC{a&WhQN2#4{SVUaXBQtH{w(Spnf)5i6QB|_@km}ua2z+U>MDI
zZH>{|2=%ZEMta}xM!WmrPLD*-XiiO_Z1gv0t&4u<r7`QNenzaMjrc9+^8;X|l0nO*
zjk;I;XS7n*rv%adf9tRxx`};b&DLc2lq5VZ?IW<Ox(4dG*`{4K$;G&`T|}Pc{hP&j
z^N|KHeo$l2STO+;A%=;1fV=*+<HoWRvamxvH^1W+o_*w6j}WVBLaY+fAPOz}rf!A}
zSGB5b4ExdvI%`EXsgmEiYlk!;KL*={;#EWjh5q!O&|YBREnXXiTwnX<RrT1&`_@Ez
zMgFKn2~CY`G4z5X*MZ0wGJ1{0+B9iiN$;JBWY<4QlN!eW<m@s^NUEzP>;O7yz*!(6
z7##&m$a&RLXPAcVVYarqE`!#K*v2FLy~S<K`k9sY-qXgbZ)NnYjO0Z;{5I*4O|B!)
znz)3G)g#eXqe*k?VuP}4cBH<U8k7g^gbQ~VVjY2KUVWB7{#J$-^=_ft8;nbv?zh+8
ze_LyBdjv|>G%%omezPW=p?){i3ilATzn>HO)H}71ekaf2Sh_?H3sxb*_3Um~BM1>`
zUo_Be>FHf#u~8oSEZ9PjZi1}ZvAGkj>W&x-u8+F^#{%SiD?=a`HH!Q>(AR*@$744R
z7tiS~xLgZ3>jmOn9!OA6Ucnu*h(^MF6FHoGQ%SVo`aDm!YS+FZS?L*l7r)pv54#@P
zmYv1DbhPz>U#weR*yGZ-yjgaV%thE;MQ9`9AsrQ^Ck*x&cx4WsqTiEg;hdkmX)M|V
zq<tgf$u>(@<1Z8|5RsnS4sPdod$G<LcMbK;eUJ5xme`IGjTy_QuZ=e!th#_{`)&i+
z9=Auq65Jy_9oN`f>n&94nWMc4fb~9@=)n&kdRuFCgYH?-O^@{S^A9{(4+stM3|Ne{
zk<rHNQ$q7xtxm_Y_OOdrQ*HkR>$!5Z3^(3AX}{;2tXS>6yR2EQqwZD1`(V8uZm@DS
z#N2M}{Gr>crz<;bLgm_yZaT0MkzT7=k8F0l+c{kGS_!)bK!3>|N(QpmygW@;_EPhH
z+?-PRH#P@y1m2fjE4w+-1k1GOeK14nt$_n?)ufhAl7~HzP1x{@y4mVLeH|?x*kvlw
zxo8>WexqLd?(B75zN;qVIyLiIv*)h)`KP{qF?abrMGYUJrT0vuZSPJ4bvP&8>uk^i
zXx;f>>)v9%<j$bg{Dzuf)pug8>9XC}Y}hO3`3;w)4wicV2E%!7Om^!cNnVJ@-Z`7!
z1wwDg=$y?-&p1cjSEr`G)ikJ%4m1DzSb}cy-#y;H^%|@o;NG95_y?V(9jvsuygsA-
z=hpVWhF^*dixG{x14CEDe?NNssA>Oue6aI1|HEhbz<#v4i6yp^Xo<F$pnh~o@CIm3
zTr4&0mHL^&EKUQL+#7k*6Opox#Aa)&{A^Bd^~z#lJ+(@hE0Xa{oo=$P-Y+m~_fnH*
zE^~jPA)z_{856sc_ZyhlXydoKyNCKcF|MvAfiX0?V8uud!I}2`MkQJ8O)!06yw44^
zo=skWX2}W-&n?s?F!M}g#>?fGlUHh<y@B=x>v@xV-<z<q_uC@l0d9}F51`SbA?;lM
zjV>bGOr&?S?f4^ygrr||SBjMB1Y~BfEty3?Nc&9P7-m^PV3*!~Ch?%Z8!&U{O)*i+
z#@|Fo%V5*Bd|n>J8aQ`apqm19*CkbxT5ufJJABJBL!xVcXYfSbm~&&CEzxp*5j3t$
zRNI(#bi<9&pdvT97yJdnOJQ)aJ7Og@i*+oLQ+*@oWO{$89V~MO{_T0eFL=r(zWb%;
z4QpL3)o(|~&+3hikDj|9iYhyluG%HkbRioj>es_;zR}Er(0YEy>&^r;G*(xSx#HzU
zOok?Pt;mE=>%D$uE<T6zgT{6wkV-NIr6Em!_6o~ryu7Yt3An+e`Ite#)hC$oY)D*P
z;TionBnOWkJ$w`pGM0G9+*5ZZN#}_W5XyosUvAwoU#HF6ynzu;_qLvTEkd#ZI?d<2
z*f2l97Nq5L1M>N$;*upV^-m_unwHaJ$iWS(=d6)$7)xx-r7#K2Z9I}m195u#3ImZa
zc18y&zI^xYxWhA|6YfTe(^Vp;_hSeDe{b^NlAJ)R^8f7Y?lk1TgM)*IU**5g@%b|H
zAI)>Ac<Tjkc?m(i4)BunqVau=mwsp>8~meikC$kN)&Kq(7((pXV*1<-Nl&{9*<1ET
zsPm&AI<6e=B^$$0^Q^<`#RL^#CTCj4(^t2h>H&6X@Tt4>7D|0?jmRhVy4A=sE`%Kj
zGqGIem0EPyLV44^)iG!TZG^O9GQ9b8I^eeEvH*6!+vW0ct>qPI_FV(E7A>*>)|$`q
zy5Rb5)JviD8?FGhi?LLnB$LQPTdDUaUdZxSUQS=)E4pD_fO&Is>9w`9G@A$!Hpf+(
zp4!~>?v=(vk8iRR>L%T_&|>3vTRnFLBU*?WQ(qVb5CO$+tsC?axp*RSeLY;*tfUhM
zuZtkEKRBP0=KH#-|F%|$MZPz#-w~@fr^TdJbTJIae<az{Z#G}PJ$?7#=y<F43>;O$
zsz{%Hvw3{-_P_t};g^$FTebc>cDq)4)yc5yR6h=Bk`$`nw<qtmmVvC^0gg0OSHjaa
z>uJXKlaQ3cR$lPKd`HYMw;e&hw1m*LURQ?=tai-WPj%7+zmhC;#Zi{bb*Ubt1D{LV
zcN@8VxJ-*sp7T7sfHt=VZ<U(H9~e|Fp^_+`-Xhb*twC(a6Be2jA3eni7%~MOA9ug^
zXOu%S)%ttqY`)^P@SJtO8q+lf4PzRrX0;v`%)9Xu%P#z*j#N;ebB}&N6va=4nAI!f
zL4K)Ptq1RS%u*stT2?Ybb;g~j0>Y+9K@+ec=^~`y?Z15Xwo^m5+C4Ax2u3GSze8iQ
zcqTHa*5~yH>Y6tqQ(}GXGPVyvmqT`Uc6OS0x+j^Q*lHiHC`la=hVH5t!-V_Q6I(@K
zYP<0k$IaDL_1gL|zl-e|_D#oH?d~jH>-$Ee;%}cVWFumc&jE+>UO9+*VuRJJM5FyG
zo+2c2>Jy;Y`*P*&1Qt&P>77CecPuwoIDL&86ZAPc?}-lT#%<SY^%6t*;BP)XdvWsa
z!%s)AUVM0S`1-|lyCDSqee>yWFaEK#8PZGW@vzmW*V;Whef!JFvlmal*&OpM(OVl}
z9*_{cXvPE*V3S@ON^(V{qB5Zp8>WmVB+SU}mN$-t_a?(MCb@bPf37#0PYXwj#_|R$
znJh{8&)TBlpx5L-|5LBSPn7F;PXNQ}^m@?bBQI+;yj_<Kd@b(roXywju#K7}P|{8~
zTbt~e$RX2%ZH>8LzG;r6I`)2icX;yii+BE>jq{F|T5pi6tM&}z=}aVKe}8{z`-Pwz
z^l8W&Xa~UUZ{2V=Uum{q1@+?Qi}6ic7;mjE;{0$W*4r<3ytNYZ>%7s)V%5)GC)?3f
zp1UkvhyYQbaN_4fG)_~HA$7Ih{3q2>2R~FJK<fkNHq{+r(|NtRKx>k$^`U!qc%Rs_
znZ`PSZ0w3QkT;Sd8jEtfK08E=Hb!sRb(j3HHY<#Ftqun59xRFmlzX!)?(TIe+HT5M
zhj=9~W3QVHI&1gcALm}PDy|Q>F$wz1i`8bojQMX3gc!4?PX9yd;=;P7!LOhH4L*0b
z{~~={?ESma|M%hk{(jT{_u<~oSNreh_}tF^>)&CRg$$(mWl^V}!~M4v#J<XgSdWwc
z>pTB;MDc$qr`LO5i$C4vwFU8gc)WI?;a|YvwF9dA_7+^Roc~JBlV2ViYr9VRKi<Z7
z(mL&F*<`g3<-NESI#t2FxD_tw?k;YHEr$4i6W;iq_`jtU0ax*Vj~_Sd{~hdq<^Mj<
z=Zo-v#{IA5(RY6&`yM>?R?uv+z)=s=JXw-{W3Rcz!`_3_+~UsbK64~kq2gL%>+QDm
z-m?pw-T*5d;5yoUZud6?VWsn1yV(jrZ{WGs$%Xz^9oOpC_`6u05iKjc*8D~{_gTwr
zrmwqstaa|GoBJ0u-&@1GV3qLkmm=Dh(H4b~>-6r*y?uqL+ZVgodAT-g9(FpzUq>@@
zUlgJgu}FvH-7|C*!dyYeX23<S%1+9;_OutPeDBWxX)>fc=wbv{@qfFI8}T0xclI71
zeC7W>$LDVGAN4eJ?J$s5nz~MQ(Cxh_76lXF;X7#38Iw?Q4RW(09pj%sb{1reTu6Uh
z?N0LP)9U`bB##|@=<i|#EalKuN&ym=ymN`jG_ms=gl+cKN6l%QakUD_P8H+=#NB(?
zh*2GVV{4QSpORjWH1d_H&2uD4k7pM&<z7BejoU49(>EeBpicGDvD0mnC1DVad`k9?
z*)(}ipFs$-t*yOqjHlm1ahrDCF+IXl#g_NTW-0!c6xrh0Y<bx8)Arf9JXL+v_=p7<
zS&{tae%OeAi7>5&jD#t`yAB_*hO2(cWyxxlBG>TGUz^SF0ci6Xrb@z+B&QZXTi$kA
zoB8<q`Qo2j^M61hX~{xe=RJ&zWPuiN1^>6ZbI^?cef;p@*ZfbP<<r-f)TAVvDa*)a
zD#Uq}lio7(V2|`XyIN0OAHCkz7TEzFu@BPYH&92jR$l`jK+;ou*jvQ;4eC5!4^{YH
zCtAp^Rns^;KGL^~^jh*U(b)?1pqr&QEurqXPJZ1d|3?F^S`&4Ndi|LkZC&4VisTR5
z<Qw*pOHA3U`>a8<$^NiSU}`l;+-+gYWj;H3jwKSIcw;t+$T8$ZC;Ie}V^@^+ttm<i
zFOAq(6t-Qx%31_Vw{mV@C^g;J&u94Do&M)CH+R78=>N{aPMiKe{%ZgEET2Dv{@=u|
z-}eQuh4egnNhRsk?f!$7#UInpLXTt0Q__1kWt#J~CBPEFBn&pC7g!s<)eSj3KC)U=
zOK44r>f_U6UGdn~s?;PlFGS2(qNsDPPB@qR{iWCchUY(;vUJ8LnJC!$W2`#=j~+Jj
zf9@UZ?tMM~pX1Xf$FwY2ftBrWWl^axs(1=jS#uhn(+QJNpey%EEV3twoU$|}>U^VK
zhi8**Qm~Yk{DOg#wD&vBlAupAHo=m*n>i#=VhQ?2|DRhC)|D0+ys1DUIfKG{EDECM
zryovBQLvy-o<Z3Z^7m(_B;kb&q6set@P7n9h(`Y`2JnCL!*nuG|1)3ZMK*99jcBYW
z9ynwN4<dP)2M?kVJr5p4<xKr83O)%Q{NF*J{GAqDRFWJ$e<6b?FU0RGE`x|Cj1I7Q
zA$|{{3mJ=q4Zir{UgLAa^MCT<@cHW((JZ;i7|YN9-ofs}y~g?9eZ2qm{{JkWeyg~5
z5FDDCpyqy~607-}pWmBe$iHnuh{A9%nDBC1jX-=eHH1y0Ev$VlSt&`C*XvS4J!)H8
z8C^+emiR@gRhw4vWswnDD-n*@dlUpm$cjqxzB#d_!0Jt37K{xh(=b;AZ(u0jpxM<H
zsOt(wOV)-BW*gJYMuSWlFTg=>Ly}CF1Xq(pyEN1#EvGF!MC6dX?-1)cr-9P*Ah*p!
zQv`IYVLu_yP6(HTrcxNarz=iwHIRN{5XB@J<s-x-G8#|Ss<?XN(iY3M6|kcq_(e&o
zgk~swW--H;EZ+oI2`{NB1g_p4i!>FNSR$QeirmU!5R!k0ie#)aUkQLjP04Px(WX$9
zRWW%ZrWXN<jf<+3JYfcO2+Y}J(Ij$la%ZfJlQY{lSKG`GLbJ)Xmcs*E6Z!^dl+dm~
zVIOk=$H)P(yZ1QSiFTsh78K{zh@m~&!m?sigMTb`Qb`lMD*+UisH>92C0wxN%)~UE
zt%2I^Li{i{t*9V1F@aogN~rNpAv$G=o?^}l&|v6Fx-)u?6)l+rZTFc;7Jas2y6VJ;
zs`LV`FmhIsO&+mGmvtv+?c^_KTS4&7+qmi=YPwS}eWnvf@~9<xV|8rx)_Lz8G+hF|
zoDY^##ieg-5zR|PLD27$UtC3e;p6{eH`;sjKZ4-2q(!M7^Q`rFo4h|32{9rKIo9C?
z4ybx&nMA~L5Q{8kc_|0R-)oSIBs5<_EqHCA&@^H!BL$m@3zpy(Q7G}?I6OXzg5XdR
zs>G-&Ew{;o2U<v~mQC%!11LfYXdf3$POW;2H|RZL!k)-&Qb|^zhKzm8SzO|-$yqTL
z#SCds2sM>71Wj55B=~HhsCowKLA66cU3aELR<49diRj1+cA+@KbZ#4#Ma9md;Q#x7
z{@>sS^5DT6QL^EK2f+{Is3tt>+Ovv3p4)CPy$l|*ODYMKQp6l~Cf*g<TnVDi*QaA;
zct*zbLZMULv5Fw1jNk;Z`{A<rMnMzmF`0|XVs9?0!V1-0yVOX<0FGL35S)=VoGB^N
zbah5H*#*lKM%4f_npHGS=Oj)U%@o66C%L8e5ihZfcgl<a|5A0P(TE#mRETqyL1G@}
zXX-HU$|{~Ba>rExRdk^byfT3{!4QgU!)3jx0nYSxJlk$eVVkfrj<zC&DT^!3K1niR
zC6Q$npIf~FK(<YCggF+OglgndW~q%jmKZ&H3DnIX1NyDaSSO59_iZjRwf%rJEZfVa
zK&|sOVnrW-G}U{jV|!tSNF<58RGWTE)3H1KhW|nVkpt6X?S}>=yyLC%*^&rb>kL|`
zebOXihl##5?n1?=>142Fc!UvCgd?#^o`ox+0Gp}poUoGew6-+XYU|eAE{-)j+rsfK
z6gXp-q<fag0_S-;uQxa?X_n9;k$6o!(<8&4#aqp>Prz15EQts!WE!h`5lWJ=Qjtu3
zqcu5PJr4y4@~>twvD!EQ;1yu+t8d0y5nPdDGXS|F&zX!14gu%nioEzpXL-uVRd7W@
z^&$G-u>K7ioLP?Jj9d}8wr#Cf!?TVUBsf6smL=p$vroXusXja-x9J7TWM_^IM4lae
zPi2kcRW#|6qA^}GA;`*{>5|mn>s(?#48QkA`oVEB3ZlJ-kH0&^DYa^z8=&k1(8TDA
z&mGV!a@OmeX;i<}Rfm?M`ng`R^-$gIt91tbsKc+$>OIIKgHb9*gBexiV(?tV6$BP3
zhzB(1(JblL9SXbTm!;y0$A_Ec)$FP-uTVJ4j;N`N$;mF{P>Dy0owo)7yU{h9N<q{D
z<sy;pOk3tddvHJ+B6th=f81O3Es1^;xO0JNSg;=21x&5TA)ae7c8+A4Sx{75Nj*t|
zNP(OKbp%@87C6}#CL@T<S-gsKwTpPGg*C9kiFp4By<;>gu79gf+j<t6(_y_!%;GD;
z4LqL6D{%Jlrn(`?3yT;5QJfKy4|mtGqEO6H1%#krS;D~Lt1Vo>U60Ax0@tcD5MEhH
zXezP^2y}3>0b{kTxUHBe29ZmTAH_WgFXDF6w-DlAFP2pTJkvWB6(MS@fv-8aB4?kj
zHO^YV`DeDKNU7;4fLm6wd`xq=7R1=epl)M%2T8{v>Y4fHr@nXn1ceG3M|3ZztYF?r
z#I?w)QOf1CsY?mfp5$X5n_Utq)(VFOqF<#YSC@%X3u!D$b?!2e7#2rA_f!MGFe?I*
z@)%YdRoYkN?7N2t-!<o<b0Mm^SfAJ$k7HU`W=D+e4Po6Z{j4nZ9=pEQA#@N8;MY3G
z%i#Jtk{7Wl_ZmS0)pmS>b`|fPIa+k)pw@Uq8q@1FX6NT@RWm$gia?TaN+)V*af{$;
zxlG||zZML&3Yzpvtz^J+d8Y40U^maKu0suAgs2)6wIqeA)r$;Sm{t-aMXP;1ho;*X
zT+uv}LP{F43xrb70`B^y<2NgnD?ok{zyp6)IF_Z6RWKcmji9NH-FE9lY2{>F4+Gny
zp@z{nr_;W8d7{SM3Ls5Ry%8&k=eju{<f?UeF<Kv^Gh&GuUh9FRp@emf!g6%oq+aYg
z=&NLVB3{);OgO|6LhH;mOVH|d8|XTU%${j^O6%F=J*^v;Y70+AqKSCHVpMv~%@#I1
zp1IpW4w%uoVl6!V0wv?BtU$;|ap&%9)P)7$08p%?Cb1GMfVrA-k=)n51_F7DWXw&P
zdYi((_pvemJ$6NB0pc%*o;%N=oafAe-wif!hLFBgj2jwtj!GB(hNY9Bl+bsP+P1i{
zZm<)VmdafV-g7o5CJip^Wv4-(-|R|LleyKbZ+iSzm-4M|G+$HZp#VILI4V!>4-3{k
z3HgPk`>w;bvBn88eoUvQuWWQTiKi?+U$M<~8afm|odrpA^p4$$X{HDQc)e=60(T<!
zZcUGngSLyD)v`^iPPt+_Mb4Sx>eIQ_n8i#=TFiC!JV;`x<nWBV&?)asw;&yk=05Wp
zSp^jkF6b4SDLHQe7pkSaF0Q$rW7KMv)KoPCQ_p6q7<Z$<=h-6c{wYA}WTT5<v`J0B
zAc!v8=t4}=e+gXH6KE=68!0uhzD7<ZjAR5-8`o}Bjj*%f#6;v2#nOb0d8T-F*SL$T
zDHu)ARt|^2*fw;QNXuw@V*4Esq1rDZ1nOk#(V|X_HHsZ5Wc@m2U~uuslF@>!tpiv<
zrn+hX1GTb0H8H87Z|KQ1T_z*&+c)c{NeIw0P2#KuN_RuM2Qsb=E~u-^%ntX+6EvQp
zC!Fz;<yLLeNaU~9<_5(_Xu&X;;fkES|E+<%cHJ;vi{yb1wA<4|ZBEbz;B6_@y2=t(
zq@bno6-UP+X(;Xy7r=DRXhtVUw*4Wt7A<&3*)pq3uVy0#rccn%Du_Ior&MkeZg(E|
zDB=a<zt+-v)q7auP_?n@6PTUF(=p}6%yewIF~~@$wRb5}K`R02otlXR%%FIME}p}N
zMBEfrcIT<IG?CVFsP#$Klt@xO<J#?_#?pCP%#pvYuKipt*t_~$PggyJqmAI!lz*tD
zZ1v}5T!HR@+|2znFaV$F#Xmf?BuCBjf=(r<{P8qs+Ro~Ge${oSPM=q^RvG^xCyuSz
zJK8D4rE?X63(A~3OMHw@>dDTNof;^&TT2A6dnwyVc@{0C>j+71L*?A)agC+i<YUK1
zZaL(5I2Fx-N^5>#2_7$h6P$OXOQ_puPT5Q`s<FsqSx~UGKy;ZTn|S5Js&-gjUV|}Z
z#<N5YBy_R`$ksO4Ii008N?b<dCsE*L(DFzZWZQM8mo!D*A8sYa4E2tyqEOqZ?P0kg
z$pv<aWRpqo7SL8?*_^545Y)wS&gRyfFr&G;=hUd+C5YW^*OcloPuNi~Eq~hRAfqRr
zu*_P%syuOiGRDjfZ-Vi_nhY%T1tTnj%aTD9eo_HLpt??J4hmmAEzCu@wXNaD_pQY(
z&r^;H5K$zoi1a22f(P$-K7@m;7&gV$BHe5=uHP%x>gt@$uaF)70r}w=+?Ox}`;w<g
zOp63okj5n|<b#L=!6{?T<JCEH--FMq>ud{`0uA`!IRGvYZa;Z^QS?`Ee*gMe;{Oj$
z6yT_2Y84Kif#1%uRF9pXRq@{kj}DsgKRdg-U;Y0-#|Ki4=xlcZA+#v@n8rXVxEQ27
zW|?F|a+uS2%EG;9r>jwRE{D2)mMysf1mV;#rBD^=u<MrV^o*UdbQa=H3<!y7NmDT~
z&TL!^ra<+Fqz5@pI-9@-zA*VlHhy?YcB8$6XeZnu-;>?w;ja2~qw`fEhXm67c~A98
zQI8dw26O7r_)T@U^Rkj)-`+6`F-cwbi&}FYA}-AtZJ)?`MwPvQ=DGd47wzsuyFuby
zf`&u~N04?;>dHe&u4KStAirs@{V-)0EVao^rb5Bhv6jwI(nUXlb2h&eMFKAU_@ny6
z;v@(?GeZy(*IO`C+=NLC7!o$4JROpf7W|Khj|w{Fv;UeY;Yf^21&K`}15I|He7ED?
zn$fIc>3<a!n?$U#EobTn*D9eGJo&Gkk4YTOT<-8hlt~=m-yQ2=Qtt)fEwEG0b2daq
z0yWlw-Mx>Z-GgZVPq<TWME^Yo>?UI@r~msqyN{doANKb4AAP0&pX1ZFUV^x|z~Z%+
zJ__8yJO#;7Cw;~An~;1PlWeLZ5}yMZ!?N=_tEMGmgBdRhQLv<go^_EpLP|PO)D7tw
zA#zHGq^D?pUZtt2@_jUZBg*4~NtTsC&`MKE-v1W#?d{Zq=b?H(M2k%?2+(1Ah!nX@
zb$;Dk<|e<V7W7?0aYB%YYZRVX6!f4HW1qYeWXjSUOo_DQ5ZaElBZ(+&fSuGbZzYX`
zeluyRjG((i5LFq6S7}CQQBaV*KA9A$=7nn|UrDlg{zQhdoTqGSn~3^5Rt5#X<``pP
z;o8L)a7c%g{(|hU{aTJz^JsVBlRbDMiW_y`)p5Pc&J`!5?;$RyAk=D{YZ(tRteMRV
zN)QFG>9D?}{SNCI*CL=+ICb2tpfNpFKaH#Olv$^0lF*U{eJ4RyrI^u@$DmA=5O$Uj
z8W%!J^1X5QGMdgGP<!V*k46<w%aCV5A9_l-jMe<+WXxz;6}Pyr`x+vagaD1Yq5IAi
zBLmmQf@5U>GmM#?`U^teh%Bkz_>+njG%FdCQK0%Zy<$eh+TjY!JcndgA^zDEa_gXW
zz^Y+osrZ%293$5KF2RWbO`S;;^hv?S4gt$z2QEc%o(h`4Ph}y}lofK|#vJs`pnwaf
ztl*OLP6VXb`2}<kJ+<;VD|{`AZVa*X&#MA8A2tMNqxSv=$kQoUdju&j1u3d5!>})m
zr$lN^iJXd}R6}u*fGUR1n4&2uBO50SZPD19a|@d(K5#;F!ZX;23L?~<oa*@viFsEo
zz#FR?7imJKTtcd3Fh?oA%xTgT%0@Ik58Tz_2M2*lM{ABtL3Ve7f?aUM<-Ei`U-20)
zhw4GlC$F>$%`>gUDJQg;fP1m52VivE9(`YDF(hG#`z)ONljkAJVv#^{f-p?QBpmaU
zVJMF}MB4j47dm{D7L&Slo2XrW3pUtyl*Y}M^3YBxnk51ISQhlKm>?Akv`34{H#j6u
zcAo42VKW$p5Fy~ykB(u+Y6UJqPvl=c>M{i;^O<QJU}kpA45<24d;dq8s_j)A9qWs>
zj}|FhU>9?#&{J=3)ya~Pqhs0V55>U~Ea`#t*+Q*H^5s$T=^El(JOdu)8-&f4B*q2b
zDyW0FlBJm0^rF`QI?eM=UR`x<^rFta97hPuchkTE<B@+0#?<*b!Rtf{=PhbgqkdEa
z@&G2x*NDHer13dK2}yKJ$5%(<W1#!jd0sV*>?jQr6eAkry?Hd&my|yA{|OAn$&ZK6
zJd6?jRI_vN;wes%s-w&>f&t4Ef>Vl`lX^fxBF{N0NZ~tlq`rk@R4LjF*P=iLs_!v}
z1_P0@5f+t#c$ae94X1Fd&K9yDm1HmUz$Zc-;<>1b(7+O^w*oU^-)Dz}<fO`MsPMD2
zDp^638PA~3j)d4^mXMIVee>!c8tr`S#o?GZdDZJCA2%VfWK7+N0JsTDpwcfqr8qD6
zw-iK8nUrEHAgZO;$X|fNBxzZYpTX8XF$=fh>WnE0u6h`Fy;+|EW2WYrqLaT@Sq#2a
zu>G)0V){fLg}l~mOI(XCQ()=PE!<u8LTBBX{CdA>X3ejC)^i)4N!vmfK6~Fwxh#9z
zq<2ZncnXh!7=kq)si6ye(-dEAdF?|_epQTs<|WL|mylGZ(bO|dsXN-3*IvGRckCPj
zH!TmRR*j`heV?mMqKDXuG#6m)UyA8b+Z_TvTuuau`x-qH)$ypkP%5awl{^X*oa&H5
zp4AS{$do+5@<=P?D>q}E2v*5bJJIfbgq1m*G__2gQj2tpyI2nnW4CVNGL>P>^C>Gr
zS@Dv|j%yg`_Z=?ckwVHp2MtX0D@iBJY%O=s64LKmtD$v{(-9qp*|J`0*c?O)>CA8#
zyXjCQv|A9|!#YxJ^H?NX&Dtv1-N_0*wWRVKSW`rEn2RK|JJ|-l!cXj@VpdrhmQxls
zpM+ykgw(wnc%?T^yNbRnDz0TqzW{S^YzmmYkTFduY8{=p9DDiQj8vTzB6qbu4qv?r
z>ctXu3EMvTRgp4`4KJ9IS6POkJf+Y9E_2I_yU1mVK0GE|oNIY37MYB>sHE;Zo(gp`
zjrF>cHkjFDN-5O+3zjb6ytNcrR2f8dWEZ>;8J+_mt|>3el<D3rINKO|P9=HGGp^P*
zGLiL(aB-%3Hr{JhhBGefSyFWWDbG|Rn*3g2xbI92VeQ=8+C&e*-P*pJ&dI2Nz+^fu
zSwS`&$~Pk0?TnieFMUGdyn>QGGxNiY&4BV8?7!xArbyPBFSXuzxc8dt6XzF}*3?e>
zib56>yrp#UHg%D85pjuK{UVi+4a;b}FZr0qa0w_JoU^$M8l|j}5yd;LSxCA}%?2?F
z;07rP{T7V^)<L~O58j)nIur|1x1%Db>3HUX)3qD%w#~Gn1~x~o#<+pDNe2-dzOm6Q
zGI5b%mDI^G9)6lb<Wh5t)Uq?iCXjfVhH;gq$QJ5sphi0mU7xTqD_DkM%<AGbq4PSJ
zLOWOhR{~<Yx^+ORRo5D<<4S3LITZx8p4RXc{6g{kM!_>!qA6<P%M(QqX}?HDVhZN4
zUr))4znzk!!`HyI;@!{)Jm{E;0zRUbGNLp3Pm#eD#m?mbQmU2%MRg_>PuM_H08?Bg
z)LjCz8%@hu+9fJE#!9V(=E(3McBn3!ufuQl-m1w^wfy>;S7_IXFz3jXqtH!DzYK+G
z)hth8e&<=qiVN!AR#!6c44@d$PO_j_3AG<3kSRrlo%^2gZj#zpp&lF^$1E>dqRCtz
z`5-rj5`@jr8phht)Qwno8Z@Kggx49hblv--9xt7o5rVsVHyR<Bjdmo3RK1FDdeQqA
zCR6rawD&mL0V<HOOIFmtgOS#PE@j!IoO;l?$oJ0x;u|_+uK<GE0gGCx&jl@LavR{n
z76dTg@fj0U>6mgI#p@pk>qRY0rYj{p?D<qkAAfx}VXK#AneWxi7hPHo^<XM8QJ9nI
z+M_sh!eAPTC$`77==e=S1g#IZVjQgtJBBOi_)vh{s7&<vfwvj~fi<##u{Nd9(SU1r
z9O;Y#@Os8rB2AZgH<?%-2qL%I04i(otwxgr{Ju*vhyIy%_qFq7G-rjgu$Wh?g`5V$
z7ix0^J~?OeAyNN#KbNUQdDyC`j0D3Wxne6B*nEMFkIWSF=(vtx4ROS(&2@^fuC!r6
zzaQkyB+J8&3(PF520s^x-^4t=50Lsa&uK9;$K#$ll`K|L-u?DDmvNc;B&1LDIFV@_
z(KMgZs6GUUV=Or?gc7H*aueBjuyK<<v^3@QF(eyk-Zjrme+Hqh!x1aj>aS3I{*1W}
z1D_B1yRO-cnjc^FV=`&x%l34jTe(fw;)MF7)+QRKkTop~$xo@tpN4*<wefsz`WfgV
zko|q&d946Y`aPaaTmtpM8-GasUd&To&ETMe!#R9~_Irb8@TK_{f;#m5WKaxpSORGe
zJ8nz>kVSJ2%BsR%1po}bVPrVf@-XM8(6C+>45g-0yvWL$P>&Yc`Vgo^Vv~YNX>^EM
zMbERYUx8@2(fW<@VfrVc_FiM7E%eU`Ittp_9ias&s9%eP$)U9Peyy6i{b}6UrdbkK
zpEJGX5j|*vIl+CeEjTs8y;}8juZpKHsdieXbXuWuTCH$utDBs%NvoRreey;m%rJrq
z&v5TZ$tR%BSqD2xZVORx^U4@=kqv@I*<)?cGT}V6^}YGH_6Dix>Ic{ftWgGe$W8c=
z1>jvHxaHo4R%=;?G)ue^$%CL)Qdtx7cOn<5n9PaHfobz&2JQ%wGvVg~{}+~ev=B!N
zz0nkS`0x~-J#&wYz2VStA(}(1<=66@1EhBIkgN>arp#3x<swm>(qWek6i}h~xq=Hg
zCn=TkjW*7KD+mYkSI{SUvx)IuS?`n=RTg?qi2kWhMgs-lb1sVt$jgsaGSSSdPN+{q
z$#RM+BNG5qk37<*7F$jLS}7`3aEW0B>?4g!{T4Fdint9#K?*iuA5DD#X^byG37{KA
z0~40b@k_zTtSV7u%s$3xCHV!50_^zEyyUD(%c0k*W;KJ%`jvdi89dj`R!zXW6g*E1
zv{XY#PEGJN=0db;qfU5327N;!aqNiv=(O!FU!u#Q2tkCP1OQ3cN>SJg%-bd)_aVgR
z+b*cqPQ!+sAwCgAUXVPk3JN;k8I0xTXn@99LMBJhtfu^&IfoUk^PiDTW8fqkPhH~9
zr|-|7$PoGocemZ&*>)5~ziq3d_w+r@^WW6>tqnD^Lz8ZI<H3e8RM|MFoE2^=Jd>q%
z@X^i{+1#RFRO!T&Q>vyS*##?@$!QGv)cMRFQ&|Hap?dJ!#+KPE$TZbAJ#t%XOm*q@
z^7fQR^48s1pKW9Lu-((<a$Vkaht+6t$>_}AT<xd#x7R$Z-1CO>ZZX((uj;!_Pwj~e
z9SC~Uc|YLJJG`Jg1vOVJQsku;J1Y0R4YUo$V`^Xb%z_2;+yt~~O;kYPwclVAxY2a=
zWY3($CmBdBXztR*mDNQ#qq+WCi0pSU!Y_%*;;6q`mI1%pY>V&>^3$mOp5`I}uf~|B
zXyXcvti<q}9RS>e^q+jjOAJ<o@3X1|$DB(xnhJ4V<JhDvU5k4WzoMj=>(uf1n@IFu
zIV&Vor7h8n7N?ZYx*zFZMUq&KVFVn5eSm)$XHWA$e^>22FHHRim++5DloWr`h9&(s
zXy^17$BmgEL_sGCVv9gs$8ITla5A(kX*|U>3;LLzkY^Lvg!qz9W=XN=2MI&(k#UnC
z&4eI<YqUT=F`|+k>_e2QI@GY~b+1aOL@Bdi<*){puF{0MgqrivDP|w9=Ly6PUxP!a
zqMfP>OlXZG)hIb|?BMFxA!Bz8wqRn1NkTTY*U}bvNHr34DC#`8wCNe@JxgMur%ehJ
z4XFS#Y2^Hd(7C~>NOfvSmsqHkt{bt2#~&Qr%$T+7Nf8$>!#5O=z;}>2JQ|yxT{_R&
zrG@W|L^(xMESa%lVy;$$Y_H2^Z`SLt`*z+$AO9^P3Ib8n=C-S+C3hU{eN5XuF=EFe
z#=+~O&0B+s+8d;Xwy?$_8~kktea9V`>DffLA9bx8o^^KQGb#Qg9Fq-`@mxk5zUcOq
zpx+N#Nxt#*rd!LO=+yFOy0rYc4lRF*JB#nk(r{&IJF?W>Sn5tJEf*HF@@RJQ{E5qt
z09i;dqmy;j)S8V(!AVU5!HY9e9scBd$|<Cx8M=|oVMunP-Tml0wc(aD!b7M@o@A+$
zXlqwp-Gw1bY|?X`H$3PJ6?0CJ_0BXW>Jl^{IaK=sTxQK{Z?yCIHWvR->up_bO)79m
zidYI_+6HP8ubq2C$IW8<e<{?_-GSW0JM~A$#+81z{`(uxAKoGELh*hvO;Isrd9vCy
z+i@A1*N#PUXkY4zcR|+~O#zT?&qandMb)=<#6ha8o4IvUr$Fa9cfOj=kBH6ka!xkE
z&D2k@QFsFa0kk2&cq{tjZ0Wcy!?~c2Lsx9{I*RlGvOma%tU1*8c<8kWJt3p+ZR&`g
z&EdajDImZF*~Q50RrE^DE6i022Uoi~0#lisc%I3>wH&l~JazJu-u0e$mhEK-36vDU
zz#5i?{eGAwVB^;=MD7&~=Nh&f1}3mWQ4Y*B@{wq3o`(&aXGbIfQEd*fiM?5XX6+dg
zXK2>$&W<K={s=r<Jp#{eG6H(;Lp+hQz17h>;~AgP)N^bxVt~m3q-%eT7@;Y@z;p2T
z<3ob+QJDI%EY;?Qt-vmLtew>XAfBCgL1fM0jr*P3g^30jSsIhj1w+fgj*gXkic;sv
zTGE5DihBJd814lzGknZ+=|ho3<k&bi>m8=v>b)J0d)uUUl<|_&RQ+k9v3hv_^%Onn
z8COjl_q9+2Up-KitL9g!IyDLFXp+?3D$#+$OPmFHzJfkEWz1YeWW-W&8MIs{`=rBf
z5-)?GPpsc0{u1Kr4!RY9H9%Sdkq3+wWrhfV1z`r}Ck?_f*j^~nfy`*e$0j4Wj_;(>
z2GL@a)@#$qqjI&Z3?^XpoM*{UTV`L=+!!=jNfTO9W6ew(woM&9>tcjpQ2p3{Q9HAT
z@EhsDR_Ym(x%QF8LoNx=e%B1X@5^tSMb0YMLA#42<QXshkli6U=a+m^@MHi1$2?&%
zEr#gT2rwM^>0Ot@QOg7?qoDr16COR_%|Lp^FIdJTC<8~pw5R%)WA%f=>zMMiD%iVe
z!Q@n=$&fq@2pCX)X4)-YeR;{Kcg;D!C-p2KFd<IU=Paf3QzZbKKxDt^Cvr$01w;pI
z+Mjk6e<CYzCGv(;`=>;oFz;<Nh|z@Cr%;%m{t9#W(zy@5er}lm!}xp4!JD`5UYthd
z$8w!9R^)%$YuA5%_-N;A{-@9K>2L#tG7FN!4J-Y^S1G7=7uDy`eng5jF;axIk|rI2
zZhgvhQAX`kg(8cLpmv=J!L!n7E5a+dd#JT7VBXimIoF_fUez~UNK^o?r~SO^p@D-&
zoiRj?DI^pHN10ZiLS+A^Pc~SB^g65-CZwWAB658lt!i%7OS=8i0zpQM)+K@l{)Fd#
zyrM}gB1xW74sJL~l*tQGictlHmly`@>Ny{Rk2IOW-4VI|5-^Wg<{hdk&fEZ_x$hUt
zOVCM(0`vZ&6LjI#c*FSh6f1c;Uta2WqSK$6)ro@O)2EQ|u|+~Hs?wxvy}k~DW>~0Q
zU^Q*@;(;S!<n<u55wfmC7G}D*#1PIPBrh_F&Udw{bHuAhpp%>0C{U~^c)?o*d$wFA
zOIO^nXz0p^!P(ha0Lg*TQsu|yl3tG(Cv7hb*H}shH`|*%><Z&`ZP?y~l>mamI?EDr
zef{-z|4V#sdH;WyvNTuhd6}<H1-AVD-`(GR^tf^V@9*#If4%=d$ER=V+``e-`syBf
zT7J-K!Ve~Tu1CV_>n3Hb*BS0ih-F{P3!ar@()(5pdbjF8(U#`lHOSpQZa__lYW9uV
z!uAOnJ|&yRRb=s`qb;uoK5lk`&+utk@Y!iK9`lc+H|TY@1lS=zh4*3u8MWk7{(D{X
z?~`A7mMDSx6qV5mC4&cn`PG!Y1`RJw66an6$*9Moz+{(b<KGTc6Hu+_pZ)yVx{5Kl
zSCZIhLY1_bRH^Y~6q5Np1`h_!WrC;Ro$5J?N?fTBqg;A^I?i4|P&+o%@2Vfzc+BE*
zNP2I?sRls(Y|2v&N$<rU6-|4KcZ&yx@qe%FaZLRD3_Ykx@B7_ocR$?ek?5J{SseY%
z<=KvY=EeX6{d5FDxZI+(jj*&)_pTp2AQyZ#1Y60Nr>vak?CDGqw0O#f1h5Vp;l;<?
z<Q((kgLN5h-OgcU0mJDqWA;yk34y^2)oftZ(wa!GNLf@_Ob#BxpYCjgz3vGG&x}8U
z8AEX&bE4J}3s}-The<@iuMB&K_N5v_O-Paviz(Cr6SJC-0#k>);mELoLC|bjF3F}&
zt^fSZscH*86gi8xqQKelu@mcyhH0-cR=VNm1_oILyoPoiEIUrCgU*_V7P+R)!Uk($
z-|Ro2jxdwq)AbkFgVQ1fdx`u?rViHHuQvwJ-5=q%ve)Ph$GypxTY9$4R&1V{c702=
z;A^dKJs-fEMJruz7HJn9cU#!yad+2pwtZ_+*D$Xpq8o$s^dG&oI$4O#LtAE{?QDZ$
zqL<7cYP?lx$wSx3bD6_zMzaw(|L7#q>ryc-HrFn6e{0vgHaf59MXkE;^>#tu6}P#+
z_dNOnbszN2LZz*5X6ZOu4%VYH@Ir6lsqzm!{%x+bD=^WiN%a0lkMutDZb9LHHYVl~
zl{_~2*46<VoA%URo3eBk$tlVz!<Fh4Jz*uk2JL7uU3VxP&7mi|WX1ua^Cepy(v~pq
zXq3~U48?dgfKI+fVzA^~8%E`o#)f-oY?kZLrUCDU-KLdRvu(X{MgFKnSv%5g8s%r&
z!^fl)|DdyUNsC2&`MK@XWBt9p7;hR>rv4{xt<y#lzx8Nx9i3g|xE>_mJ>BkBnj&<r
z0@|-WeOkKO-o|M6VDf<87*kl{+faBvJ%a4WAwXJqtUr&i19V?-#~$=nk(XCP4PQ&M
z0Ts{Nkm8G8Y7F(DmMLTDi!Nz}`rS`qvHG<}A_?0;E5XF-u9{gMY+vp44+}c0)6Jhm
zF{A44Yo>-KM_FEhu5>fuaY=f(Bkg^yvt4_y^hor{mep%Myxv;t+_d{N>kgjhWHT0u
zHSZK`z1K+Vmo4I7&Fl}dspOisW5vewW;B0~POZN|qL{I|i#}b$u?>lLD)ntd>NhjA
zvga-$wVQa=0=%0tM3za1xxnRXZR|OeebcRx=u~DzTOBkC`itb0de2;^ZSBjqa`>(M
zFLm3yR`tGIW<jV@h5V-J;lkq++|9Ao=%S>P=1(4kW<eH0)`aH^f$41r58`$3`{yHf
z4OD(+JTAO<T9@_0<7CY=-6zReaqjyNb@YBuN2;smJ7K)5!`ePxF_*OuUpM6c^3%KD
zL;LyWccTOSFSa)89Q`kC?)ds?d~Rv~!vryYoZx(MS)i5vKRZqP-{YM}dtdE;pW~y+
zBFz$~->RiUGLd1M?2iR4bi$+_?up(O%Bs!-)=y*<XfN1~bVj}>Y~y0~L$`rtZ&a-#
zq%Dv8?_80LX9>$nvfpC)eV1E3@Dg!6wMv&OQt#4A6*usu2x^HnZ|L+BC<zWDNze_Y
zo|&nUDQTU_wKYq2k_QN_OWtJHXz|X`X{Y{w_TIL+Z5&w?{`~M);Lw?4E7znXzb2~5
z-10h^o!pbjxa`dC-Abimh=e4rDUw4_PP9o*-S78b-e2+*8ZQJ$P^4tVnVB^|%)}Jf
zXfzs)?na|~)sMb4wG{gDMPXc>)-|A%vwng!kF4BVdEiPtbyY2GmHJRJjFzp60k}wW
zneW(x;4cjnFW1o&jHP+nka!^2DoEoIdUJlE&zs?olDD7K>QoS{U6$>Q%TMUDasfRV
zJQ;RJr`*^d_Vqvbv+4fNLkhGa9xJK>w$*<<IH=ZtJvljisQ-5_k41{Z<#}=FXuLBE
zmVn)@@AJ?GFAB(B0XuJ*@KEmi<>!ClY-4Qu-*6{poP0?pkd{=$POcb{qptIm1FD^B
z2$C5UV@w3wnws0yM&r^pF1p~+)+5Ig*qaH@J9l9_#=g5cqdQ!`^{V*yc{Y{*IrUV!
zo3?_mE%JYGdU{xq|HntC5Ay$B9_z8Lk-J3;map7vtlntUMfoPe%HzGOD0OHmZj#<f
zv}|i<xks~9(vc4zR+ucY4soWovvzaZL^hmCCskkEhU;IuCEQ*OdiDB091Lsq|Br_U
zhY#!jJ|2BZ<1C|0SF5tQR#sIvIE4;T7Pd9?75?k<^6Iw6d3O~Qe?V!_CJ7n^f%Njw
zukYO{OYZ8rsm#fsk2y(;R`x)uI<KDfT7zs>o7J2V)iSzumz}+2tbujCfqmARvFBRu
z>&^I+=Mp%NaWsD;rKY%CZHz=h9m)C{YGEK`GU|rR`b77p8ACTS4VTSY__p#{Q%7oq
z2uT)(yXJbyQf<Pt_a&UVp>ZeU#Og~kvX0mNY1Mr303c=D)Bpmx0tUoJa?+K1a5Isr
zlT%CctUk1)ch(5m_+h0#{({FV$zyyoNrP%w$-tm}u0`9_e65xq11pe6V#>fJIeLZ)
zk|#J{qNjtW1GLxRIMp1NgQl~|QgPKfGd-YYcSF6qZcfv#eR~}@x}?gmiZeQhEdG$>
zwv-sM--}<Kzkhx9^9%KZxKHzAp3X<wOT=$T2v<n$Jx}o>#gwnrrm1&zb#Zq775d{j
z_H^PHJcgh=s3|h_g{4Y<qAHE+EmkjJ0h{%%zx0sjF(!TX>66LY)em*Et4wQK1*NQ^
zXWAmy+J8p>Orr$3`)(^{6%k|23tjD=H{yAqsi)GE>&V#QG~-p7E-O~H<iQQ7Y1`E*
z{Hze~h-3@VR$;RxI?3#m4H(GmmURTwhimo!NXx7_dWNb!e`>f+L92~;i0GpPps4;W
z-+e|ji=)DZo{q~iX1g$a^_P1^7DFG8dL4$gn%cEAu4^OH8s)7_lrGpt69al>_O;aF
zOb8kDoG)ncYZCpoG2_)!qc(SMFd&<by%kVOgnH=FdN{RhiCiX!&mQf`&8b)Yt;AYu
z1zT8e4MfUZ&P`~PEuQt$tmxl7p?&zQuRLArbXL<is{JYD#bYY=v*E!h<iZ>_G*Ua4
zsq|E5LpwvaAZAsbeoE_{QbDfm(7FnuokY!QTq7nODX^{tS>ai&;-b=H^0uDt2!-P4
z&v=f#y0^5ixeGhsmgePxtaEO!{BZ^HS}Q#@pdrMJoPnDzowBA^WuYJ=`=Gg|v__TU
z%wJ*V^yH=uPHY>-4Rg5-)Qt>~)@w^f3!5$9mEF}f4w3Ftw@G=BXr_Lweb;&oN`!jb
z>>@2L%`Olj!LAY1qQ~fngpu4Xy=V#7(XCDmp!8z8v!ck{F0#nVKXo*kWsvGpP{>_#
zx@x%&<x|fWsFB0?%C9yx@iS5kHju>X^%0*#;^z8x)i54Z$zxb+FI3L=`{)tRSH)CM
z`?v(=z6P(_m1fQhaOxT~G9Hn%LTkrs4ObdAj40z0Vn%RW%>HHmq<Eyk#za~c$4{To
zBFjkLGGN}^1Y*tn*vJx=)+V@0zQ{&EMmrNkJ-uWjlxkBGP&FfEBN(%x4y2xMQ$8!#
zk@?x5XdzVw_Pbk2TU<g7L)~NzRY2Wg5mg{<x{4}bHeN;*IL+&*W^T(Q<i=W)+3PHN
zO!<XUVuk~>`U-nP=~2DUTDe%uJ@+Os&4}ouZa3&q&52yeS?Gx*z5H42{;YJ->I`ja
zzp-l+C`vq@F4Mzdm=j8$HRh{q)VUa}MMjI9;Q2E~fKk7%gxsjUsQaeD4|G!r9J$f=
z<jIpKrXf}}xvGTc4f<L;)AX_%KFt$ZvlHr;LhC2BV;yq}t0sZ@q2)k_bFbNK4c*^%
zU2H8&pmyKWU!luyN1JcZ=PkeumZ^N`3AN4bpe<PUc)9iPtfKlanZ0wq$<?*R#_Zkl
zspsa_XS-2+tS_dUzV9rwO#oXG;T?gt3G}M0wHbWv!d#hre<q3E@dnCT^1W&sca!i>
zA0+&rTEef-X=sHr#V+!nuK4yor2f+fssH<u`t2`_^%_`$Y}N{=DgF0`i`B@hBYtSg
zyQ9EXf9W1=R!;%6MgpP+yn9^&%IfETlL_N?P1wjc*2qiQx>Hw48WMH2){tG+?6H1x
zw3mK}ssXh-=8YDe5Y-atHsWa{+wF#`p8eN~sor3d$t%(<jnnD!Dr1uJJWXhk<H*>&
z8k^Xrw;A3#*nO3=G1@bM){K4a*i4qSvJ<V2QrE*WSu0rILioE)LS4ODA8pgUI!<m4
z%}FcsrH^H!n<voETEkd<Q>HqYPKScq98hbAZR3;m*H)YwuCbsVu8IFnpAGN-@LF@K
zK;G(0KyCN`hQmSi{`cT$@Noa<KAumX#DR_x{i=!@vPJ88o+HDzq#O_tS`P^z{^-w!
z>%ZLfJ+3>fk^pV%|M>8zy8aIjPaoF*eLU?!Sk*KS>f$fA*zSJo*U%up`Mo}VP3@Nq
z|F$5NTeu^%TXA~{Qt>5#zI@sJ!(}npaQ%18{KlWQ{BI|N+Wp^?<A?jd_wsz&UjDZ-
zH#yG%$EAds<V_bO0!oxjwLCEoS>QIz0#|h~nUe?!%XnWqJLow{mI%kO$mfQ}OX(c9
z<ak?|fK32cO<FBq+Da@%J83z#b}rl7d)I<KcXkjjKO(<K6LlH@#|tI}j4W>LIo$MP
z<kIS`XHM%L4*KmbDr%!`iaoUtOii}&N0x?WR>GC@ueI*X1Nt{LKB#lTSGhM|8#Kf0
z%`zj3g<f*L6MwznfBY`|A{*}iSvc;H_(MEx`QL_vYW|<Yqtlaz{r^6mPqmx?&m)>I
zGPY&@Wf4wEA@Zxkl{2&M-Py%Uv6)l<CrpvcIlq59>|fO3xHU^cH8<-|S(}VWfrt8%
z;o60zpFc%*k<M8^R+N?LUU0~g;-SU`3cmyNkgV;`^K2^r(@>tUx7&bi_TTWJ=Kno@
z$p3UdkH!Ae^MCHKANI631G89fMl+?mYQjT?P?#oU5AAi`KS0{EO~i!c_G-z+D;tE`
z70eH}u_tUptk-wj3aQpjBDESqz4J;^sVt9fqnJ!dIO5mjoXWYghjzJhYqtaLVHmM~
zas0PcXNO%rY(%`0KuF@uUcS6IH(y-5d|tlD7s(m@l@hU&=8Kq&(C*I*T3oVUUZ=@r
znijjT<-UrN#YdwZv^h(b@cSamm|>I@I2JYbtsr;#TbxYGL;M}|W15en5V0XAQ(g`;
zO$#(-fP57hI**bODzECy@y8K5IX*r-b`Y9So}KnyJC!$38IgXBV!~@>OY;6MESZOA
zlV{WYpJtwx1N=_szr(}RVRip!CgH>We-F<eeg9uC>G)U6HqO?=x*5k8F^`t@&?DCR
z4HUSPMOcj@+#QO|>&`s`Qnemwy{i2WXy^}*{ed@dZJ0pKM41zvj?mj(K25vtjC`M!
zHsoVL5|~=quFTyiBZUE!X-7nawMXcd<YPL5edz7(f)aQszl1D2y!yuG+0eiB!uy>(
z+mZjPYe2Ng|AXUN{ima&;e-6YkLTY@{(tSF6Ps)UcP~6~hu+JY5K#EYUKL^sbs@G=
z8R9`|Z~xg){%i5l?FArO_5Wc#{$ubE|8*}<$Kd?0UHQR`zyIdPFZUXIVg{L&cT7j<
z^Zx+Q#zr8$I#L-vD~dcCFAAbv+`1F}<hhbD;qtZYbtH3h)AGjMVqE^Zws&>&s}2v_
z!(E<D<$tTwM|)Pw|KY*OVO9Pgo<7L``*}W<1s(R7RDVg4OXCRSfx4|KlTE7{&l4QQ
z$UQH!P$z_hs7TS6AdDcjGL4depgI#FU@vs&ANU78x`4F0D43Dp23@{5d;aqar~^Mw
zbAqB|lIC-+{<_xt!C;+efr+~5QsfKLLwkCu3R|7Eo~j?u??LRzFsr?;d5L>y5AxT#
zZV!-oRP9bLng<SZZpL_?*WHvUlO48$FT*2LT{^QWOSNj9r7X)PyXd1kheJNn=C<=t
ztNUGbQ&5gJ26e{l%z)%YG>HNx%A#okQGvfL2rbwk>TF+kZy6B8EV=It=N1@L%^j6K
zuD34Z9(NzPA8--O+;{R;O&NE?k(SzaXC$o{DJUCYkf+H%({bni#{ya%2?1z*6hchq
zX+lZ&nJOKT3_8v-YQw06y8%wB#?iKsDgm#LmCAf_7j98N?$AHmOgbYGMl?uoNxodM
zs7%P~V+QgyO$r=mX$YCa100jQGmi3;D4E*OYXZMMq9R(kJM~Pqs>RpauvLAmkKR^9
z!DeCrw1)1&I!*I1O7tz&h6)F|0W#4%D)^E6UDlcgW_=vy3ub91(+^}kOVb-J<rgZ`
zLr2CA=MiP>lapx##k*D!3_=E0b-Vs3N(JjKge;+KfPr?eDe8_!r=?bby#aD*ct^@G
z0PFXgF%6X#Bq?}oP!Qv2ekVli5buuJR*~8SpEL|r;OrOzXFH?B4?pbd%m#NO?CwUO
zG~A$9SwL{>I-3S~W2_iGgET2}hE8`CU<EoAh?`)>!Tz>L3w%e6bV%!CLS?e1%~22_
zHtCzY7w^`&a#60^yC`b94%0TVsSaxsOwt@rnSfkJ5fopo+`CQ4>tl9{<0$+VN=Hk_
z8;k_RJuV6y%+@mFx{$dByfc10&F7=`<j{5dWJZ!g$fA|V73mF0a&jAy4+dV`h33Aq
zfv$R|8n}xeEMrI<zN&}1Q}0oS6ie3i7nS?QO5DucNFjl2aP6$4;c1`=&M8Qna=D1B
zQO_-{w2|u*e}7kN?%@Al9rU9;ZRfv7wfld^2Zs;&f9~a}IMP>n(yM-Ut7p6FO;=9z
zM|CfHuUg)3EsuEV;oeqM&zAhxR)6${VLr-5A5HjCM$IK|o@Lz4>rM=hI==<Js=w;3
z5*19;7)rExAd!`{U5~aOeOn>>JAO8l|1t$arz7AN`F}V(s>=VP!_$ZJ-+Or)GCRTS
z{wZ!!TSIj!rPk9qDQ09ruYw$BDpy4Lp6xgkelt@*S-#w@=Yz0h{@{zJ7F1--cVTPY
zl<C5}-N#c|xt7c&>=*Rqi|c6V)xCPri+ZY$b#kHD;;3ZvBn^#fOY(0kY_oBNwgp^P
zSi95**Wp`pv3S<Z@SW(gULyL&VXOmYMTQym@#}7sZ~d~8^razjyPSqN#o=FYjFW)m
zFE7OEHs0A8wf3F6B1^pOqbsoSF5y_E-mU(tOiv{0n*~v5R5t4dT--_FUsvhWjCphY
zVsXiW(dTuVXu%woajUkqPi>^tTf62J9a_)Xvsr?iqlcip-}!Sl{SR{u{f_b92Pf71
z567p+2M_w+eLQv%Dl9MQ09cU%)UfZq*0q{DTs*nswUcJjtedG}#pjLL4(eq-Do{45
z`eCd0aUYdFT2SvbWEgrd*1zg=H~BBVx|94L4u{9p`0ta!@In6H%hPBJ`}4Xzr0)SG
z!}vj(la%^FI`3C^24O_}NjwRks)d{^<SLWdaDCXY?DZ7-x)I-#?#)^%&DQQZTufTC
zW9dHlXF7%<0KKKL>Dm*{xvOxLfVz*0Tf;g5^*8n0wCFP`@@U?Yhqg=4SsK2nbzXUS
zm;M#wRU{~PFTIN9k-lfv5v=TzE1X$sNNP2h$yIBwwH$*g!$LQrHS}PiQmw36bMDxd
z)Q4U0k|6XP7;B)V<&FIcX<}6vvzcdD)pBm1*eEGTev9K0N%_Wb=5+XSwZGCvSzy;U
zyntZYzwx>a2`h}XF@fSxzvdbd<eRqsWxGv#<{RTrMUfqpoog@K`q!Fnioz^SB*&E~
zXfH=_c58!;5NF&=0^41bOq(i=S-P!#inKeN78iCW5N$ON<qI7*GaH5UXlczo#DhE}
zIo`g1FACJYfB#OQtZgnM={9>Gh1#vxEXD!kd^0AswfjxbXR>!I17K2lvmxjxtj&|T
zjV<yzn|0-s+{z<Q?jX8mM5nN<x7sGG^sm<Lw1_FcEnoJlUad=z64o}zF(x=C`J42H
zBtJ&6MwiMDZ3Jq7W5K6w*VZ6i$-*jioUSTm3>$WIJ7HEFlvGmj%WYX~^A9`o!_NGb
zcjgBP`ygTe91^yE?D?&|T@O$7+0_4AP<2(;YfA>wcK$c0`+tuf>VMwP^QoTy&l-$i
ziwmwE3w8|GwK#(fcKYLahDC-6{Xzo74!Lg2B|3OBB}M&HoI!?$yQe(ub{|P0!fzr|
z{tvkO@F2hc%+I#u|EkL%ZSsG3TCM+jdU|^FAph^<`3Caec3tDou?^hej>k4g@Q}>)
z;aT_DQ2yVNyoiEIikl`IpzZ$0;HZ}W`|u(E_x(Kj{lAv%+*;nFQm(tbvJ|Ogii<Qn
zE15!N|E}y7R&ZjQ_?r#VpCX7vFV}0hY3#(yNs!LxBne4Qr8Zx_u?8Znia?O208gjR
zKM&HRz)?c-3z3*cU6YnSyk57WVCgUFFhrFsBa}D2HLs@S$L<a(>-n4Et!u+bL^WE_
z;lCIzyLEwWhTI%~gj&W#Kgw0_bmCMUovrY;NWyuP)Uj0WHo&rk*N!DW4HcT0naY@%
z)qRoAxbqzhsi<8E%lV2F)*uny>bc6=XLHYTxwXFF>bRH|S%?d<y!nUvn>FRdgR1uD
zf7a6f{27Vo(KJbOvQ8f@`rqJqcwEu{4h|mjKi|)@gD!AUkUXKNND-e~^kGI4G+sn8
z)C<gTaD%6W`pyn|Gm9uxK!mFKbVlMBP2+UT<MX0qx(^4DMRZG0hKrf@9w(u*gAy_Y
zBN**vIhjNsNyx?8fAoCxOA;?pn!uL~C6tjI#Zf|h$A5nH{;EiG;_RUFbUsfL^tbaX
z6h=99{ApD5;lCVx#~=SI@56uPi`lf#{v-dSw@JSQG{(WrB14lXCe(TC(+`>R*dOB?
z=doYRGw1PtJ3HuaIFHf=MK7PfppKvADKoSkKMD!%^LBaq&p)D+Tx<RF1l|5TT(6Io
z^?!VDR9*kW2m9}yo*i3?_Mb>RN9T+U9Oq?13mnH3%7(tRG{#es6z}$CMUl}_zdwzN
z*<uWr0m?9O3p4e6$JyCIe<cOFBw0!s_bt)OWRg1H|A*(Hf_yCEC@H)!qD&V<p7(=u
zeSICI2~A_-u&oH?BufzvL+!4<$IPQe5*14%QL_E$3p}H=&mei6={2ZaZ(=<<&igAu
z&|CFeIav0}r?Y;T1{D5)|Ga07`aMWw&pKqrb(jVVs2K|$!1t9ga&;4i$cQ3nE~lV6
z>PY<j_VUH67iU*5-oHNk`Ncac4J?F5ZznOH(s%mMj0|e;_I8ZFduUAJ^n?H2AcR1o
zl@_913pv=Re@&v*<6b28k@Jzj)|8WZdP^u`jTpoJmtsNIb(SV1DJa5}ra^=Yx%se`
zyet9WMq>B?>f{p03hWz0S9r7zUbXBp{A`+I*l?SM4-Lo`r(FlzJ{I1teIz^R=V+Qk
zf<83K(>bCA<8B*H48lq&;W+<D7bw7q8hw;_5Xm}noS~22PDuf4Qpk@enWXRbcBZ88
z%C{bS+k@t6usaJ$Zoc$;Xqhf@L_~HYIq_hxp#_z7lN0hma7qcjGJ8deZV&x|KX4rW
zf9WTpHc@+f;1Bi@C4|e@V1|<^iPP!&0<}Mm({W$m?H%}o{`pU5umAeu)h~bb=OLf9
zIsPY`yBW_|kS5S6&Q#)3k47P5_BS&k2_A~^Cg}%gJxQ4z&IT&Lj2!1NdY-3QMnb6?
zLTA8Tw+CpC|Kkv)IbsHHj$onwwuo{P_MFE^%dvPvmgoa!KQqEZNfC8??L02sceaLF
z-e)!==ei7Y9ANl!$ov=mOHL=OH1roTVOp<{x=}K1SPM~7<Y^z6;XSO2ouGv06*IzF
z$r}SaFH-P&K6;bFBs00Bgew#IX~yqvfgB1+fuop_99(<_qit0R&{_Hc-Evn_$EDAg
zJX@IX8`Ro@5X*9Pi4Eww{_(ZCr~+wENC4V9UlG?8c-KDq%Mwvi6zbPn#!4Rec)gDb
zCa*bfeTd>%R679upMAuGMN20n7y}BGJ-L4V6RG?pJ>Pkgs$y9L@!XU9NXv&w_$rr0
zIMCj0gb_y9<|)}VurK+D=UGg8d}=Vd){@;_Bc9L`I6jymEM{tn=kd166LU{deL}pP
z;82E~@KBL53np@1#IFVDWp-6IT?=!#ytxVk;lAG~DLB`_vZ+k7Bn`C+sWCGt{?)I1
z(=T#D`g6>N+Lzz=C6XRiRm^&2{U5#@sQ*W_tNtj@YWwdjoWtVngP`nO@T>B)`F~DN
zs_}n=)8Rw>$Gtq2>%svpaGXx%eIRBXMPW#i5ptQ>cCAfdsozSGxBJ60H1rQn{DC(>
z-=m>_IAs6awSJn?5sIT^@lpF#uq69g)K6l&hInglryc8Y*cv~3bV&;`w|^+rB`$2`
zV#pSB#-vs?=?TuV^3Q=k^p8C8$$=9R8srh|<|A}P3W^pP!deX<lukhBxLD8`TU26$
zV=6F4&!PU%6@gZ=1>|swm>%FeH)Yv(AhD$Iu2b$4a<w`<@tdaCIcjzW{((Qx1Zv0i
z&lQdh1;Fa{KRmAIe;f{vjvv<leLOqpxwzRcbV|1SR@Z^@{6-XE^pCTjUwOPTAG4sL
zUa7<21ToGDy2W|KG(9Tn0cMy|5~3(6Qm%ceC=%as%I+Z_j8ylS`Z!L7WnQimu+w2h
zfbKsf3CY2V2Q$;OPM)X14apgD&JMDuDOTNCt~_o_5rV@pIXyW!IU1fkeL6gN`t)EB
z1QU!gJ{;gD$HB?zgghDc%f5DA4ZT;xW5=o4AN-=Fkg-KfxUQAaY-HR|3P(JVGQ8xH
zOHk;N=f_`;cvvwdubABAUst|$cF-9_@iJ+0Mdr7J8SDuya?F%xTI6uoXAe@JlMs!U
zHVXX=%Gx|iLfWSQqzAL0$pVy$oAuOpcAOpbBh#C4Faz@}N{}YC<Q;rk*Zg_)$AVi(
z5tov|BG1`8>kb^QDDP4vq!~Y4Ak^7GI9W>hN~_}qJLxuJrYr^vQ(3-qoN>H=Nm$>E
zZ7>JA55I@{(%?n`8=OvnNkrmMk|87sAJLcy|Don!N{F!Ac$Y6HXugPxD2s_42V%>I
zBw&M(oP=mETo6VV20q4F#t;<4<AtJn`(hmYd)YTgepquT%|nv&9$%+WBzOmTY`pm*
zN%(-ltdxs#pF4l~(u(6H!jvxN!W*VdCldv?L;qml4;mm!U!CWL`O?c53CA@^^PB{Q
z0gKMkMI18BgIP*RVr+McaYpFvJLs#N+7WV@hH)@-ogHSx@SqI%x4hs^d2-9);NbW`
z{2(?}*$xTjSAW*lQ~5)bP!cS1a&;3iRUn!y>una4nD*p(PC{mY;+U!xsx%fkJXqEs
zXG!U*M8ymjjMQUbPO(Wd&WL>CBT@um&rz*M$W{MVu)rOoiB;eiVLStLt#m8D_Zd0{
z<ql2{pX&0ARC4=pC;~OAU@MWV0aNz7Lk$okM<cno7paRdl`4bxrPw?SIqIyN3Q}Xt
zHXX6fUr4tB%}4;SuSA{d)f+>avHc~@t?yuq5C-jY-3!{sS>(^d9W_|i;a`?gn(V7<
zupmt{oZ~t5-;3*ya%`GJQA0_K8Oa5cR}+X-?<w0Rj8ku#<1rOeEkb3eoR1OU`Ua$^
z$mAk9a6vh(vou>k*osE<U8+b-Q3^rGzJjC)dXnd9j?zWJMw3Gf8?YpoJ?x)aJdRX-
zWhhQW5hVq}ahgnN6cWCTfc)Ku&UnS)2(Tp|GZHZI3+O{jF+?eBI70~LQ9AiK?^NjH
ztiQe)(4(@_pif^MM@bSJ|EksZVHO25vmdF&FsfuJEy`ci+DsjpR`}`R$y0#%a)K5N
zDY1nLw;A7~#7KU<d<7d-sW{201zsQZ`%<a%K7CTs;>#EArSU&~VuC57I3QoX`1CfA
zDIxqg4RAdA^oh4)h(Wl}4!Tmpd!B}1tf@U*5R+|dT!3+Fh;j3x5OYZ6zK%Z3NKQ1w
zb3zNc&$<3XL<x!szJ&=+7IEz8*U3R60{XBiW2DFzWZ%#i8LcL1{sHG9XbZ{*s07uF
z&BMzJ_WAJO)F1c*f5^d#&(nnMhfKj#7z!AI_`0ZLq6Vnpz>e^Wk&pFI>UR|t5vGm%
zEJ4=G1A+*npWeK=xN_7!#WtB8^gI>2vKXQ8sPje)BMwVP?0?#n#nsT%5ZU%X_=;gY
zpfu+_ahQ`d4+x-nB`$mGz}x0U+$X_mjf%Xo!u1-G-xlomjA^4#D~g{SfjB^u7*9n%
zLfi|`Mal>-bV3s@)IBQI!ts)ERgt1Oz9FRtIh0aTE85&`d*|p_rq?LV1U+ig%x6y9
zHc;h*pGh%GRrKTzx+FNHVlcqQQlV$22-E(Q_gsAfX53_va5sKL*^<mj0IF(~$kit{
zJ0v$dgtG`pKF3SO3H+E9zQAa*DA*<=l=6nV?M{PgC0|$CU*KXkLT>*S=ly(<^hF)H
zzL|N>%tG7;Lb&bJ;lLR3N(=jz^r_ynw^C@M;TQ)Gty3V%1#rw<^*YelTfIcgjv67?
zAUS*Zc@~b>696*C<Lc@a0tGuNmfS4lYpz-C7Sb!qVOL%<5dd<WZzc(0A`s_G^ybwS
zRAc8y&SVMZCSToh2?jV}b2mvB2~YjR+CPtSvAwW<7;6HNVKqa<7-Acv;Et;50t?y~
zV7Mv*<`2!%1e7U;l{hY=s!N^=LiBk<md4)!KCd>}k-mUm#93n9@4^i)d6Fg&$s%S{
zlf0n5+{8IcA*?k95v)sIIFiNO8N(?c)`c9W601TSv-$8H$;ABF7p4LBQ_w4;3A#3k
zCV2E(seMUUZ6f-ECbCc7k4X=%swsO=?w^035zwbKUX-fgVjM?wR@K%#v84x^j#is;
zrWjdWG6>EBW#?xqOK6q0Vk8x_Mr<``%$QUD#`|<M!6jH&>FNR&w)ZCW#B#r^tO%tV
z-8`Y_?Bb>93gR@CT0TM6nS&WKe_6G2f|96G;*<zOu{^N+9nL@ez>rtVrpE1dG0i(j
zTL)ZShhujre$3v9gJv;m&GXJ=Gi!CF>-Y#2X-q_INk9Z4Jb{vdOW7s(E=S_nRfdJA
z<AhS<)+VgL)7lwA`MZd&fwI8n$1V^eNV6rA1N7zUp63y>xJc;5(KyHX(i<=6attR6
z0tGmp89K^fk>*5{6l`Xg)j6s8gOz3<QH^WZI)BY;Tq_R3L7q}t(qEc|bzT)fApaF(
zRD0xBnwJws8ESf`7iq|ZkuU~}g-DCbw*riUI9-HtO)%-5lMf8BEGM@B{2~p#H>vj%
z+dqU)SSV`aMS+sEkS#9KkPqai^aHsi`M$Jx7R;oLmrQ@JAXf3@2u}-pF~<p>awQaN
zwkEe}!Op|sElvU^P=T?<(gTw`*Ew2S%a|I#z!}Gcb~@1yn|x_CVSpvzP+?gU40?-n
zylZ1C0q;_jEaqd91Dl9~%rY{F@ACke?efqWC`WAnqY>NinFv~xp;M(}nCWzI6(?Rw
zahFHaSz+mpjiNkevpU4Z`heymG;kcS-&)M}VwR_i=}egKmCZm{-zA$UiOnNxr0xD>
z@MPd1)Jb@WW)|@UiwAbz1=A>*ff!3OSwCUyD8becS#mTD5=;JU6Ik$@`|crn<M;e@
zJpV0ke!riQI3qdri>&KWaLf7c(aAwI{{QfBaPn~edmqmZx)gyGaNSQB04_gyd@r<t
z_o6oU(pAMX8?)G2&n(qvSso?D1i9bQzPk|sTLDjJ2mL)t!t?`0S3Lfd4W|Ftk#CiU
zk%?>^hNaUK&O_NI1VJcVN7;8+6Nq^iuQmC}gfQFF<CIzBfpmS+U`E14ERQ2nN_2?M
z<32-ECouf#v0pt6I;XEEjB7nihM9Wc`5%dI*$Xn6kf0bL_jP(D5MZyRS7L<R7r!lV
z?3&bSKtp=AjXCD0jpyk+WBR%K{m>sCc>@=jsRI71JgxKp8Wr+bkHHy}0$1t<lrcZ*
z0xfH~vXOn(|H@A(%^~3|i<kdpIX^51_DCIDqtP=2m2Awi#j1f`0nT<N*-R@1!q-mT
zA2riWCmP`Rp7lK^`4o-_KjcwCbi_;eB5-5X3TXr=>-K1XYjoC$t0F?Q><FGMrEcwf
zQ#9iZ+gcfnp+344moZ+eC~(iXvfPR}4@3^&+MmqR&l-v-Fn*g~?*)DNq93nnm;K8l
z+Rx~>MOr{pX<Ll6OATExk_Q=XWwQ2Ulst0Z$lK!L6-6Wh_l1_`Q=H4_^`f}4TBhO!
zow6uTAmJ(pH!RU!?K@h2SnsCSvuy^o4|y9+@Vm`z^)l3z@5JHNchvum`t&v!eHXfD
zPi5e!&{8I&=vA6jS(i5`Y@<UaGgTxHKPPPDFiv%jM0M*^`tf(vQ=~5^y3SzQZ3(x|
zf4$CZ&yh0oI)MZFbw@ls@vSEu?jHC4-Y534wrX#lP!DHWB{NCGEQs7w_J)Q)@KJrE
z;bE1lR&R&N=JwFNP>Z9q4zY}7b0=C=DnHq`4>SIwfq36h55$Ebk?(_i73_36+G*H4
zrn}Ix6LKmFMB6;LK)rkgdq|Uvg#E@ZY4T`6`3bJB^VnUx>Jv%|?a;UR!|L&H388+n
z(+tJZR!6?sx7-ME<yYD$ts=9Dx^05iM;g)Vbx=mnc-)h0Q3gNNs}a|j0M&QoOuv1F
z4E=(s0zPs}b|^WgUV%|)#<s2=ZM&~Ws+NkNjMCFP(@jTfMV%HC!Fs<ghLd0yxuSxK
z+vzL4Xp4*X05Ml9-QxB-fzj%^xX3Ll({w{ZtNG$~Cq|vJ&k)WsHanKz>fJWaCS(7G
z`D~pnsg2tQtwUaC#*FXoGG_)L`>gT(pc{lWX3ikYW^<=^Z7o2Xqy^d|^Q>4}z*wl_
z%X;}*GZ*byzO{B&-BvtX2RvTV<(2_;tDC0;r8YI~<=za_{~}8eM-Y8!o7ugo5LmK>
z`(Ab_Sc7-mGprV?$m0-X$=n7oJqzhgvS?_l0u`$;*BiO@z0<XBzHNgkfy(i8glrq1
zzUs}5*%tRyEr79dpQ*HU@6?ecIBBb+;SoSx$HQB@&3eh5Q8O<rSI{y!(P+Ag8><c7
zVwtTuEhbv*`!%}L!k856a*^CfNB4#-?}DM$rGG<~$d$oS+X5=#waXxr9CG~Im;$@_
zxA*s_o`V(vuKiOaU#zRr-=N6(+UI|jcoYhE{8wKLZOi|4dR#sKI~fii>c8B}1N^9b
z6D!V6{1x6_#QmcyE^n+~DPVP4jLt4Um9-g4Z#Ek1db;MsQrczZk!MCTeV}GWj@=AW
zukOAx!#&vhP=>l@BJ(md;+Z%gnD*`Nf)eA)raCaIy`EKFK(F>-_wa1sE`gCJX(FRs
ze!YAJxkvhXq7gB;x9*e_?z^VL1I`|1450L*nc0Hdzpx2m&-3oUj?MKe?vE=st2Cjn
zskL$5yt>3{N>r1wuRgG`O`n>i3OaY1pmmYD>y)xVH7tj2i?4wq%vKNyA*`1t%)^|u
zX|}@4`Ax`(P$i=YT0LxkO~$B5k#+V3eS-L=(7zpyNrB~LU8Lca*b#WX?mrd>%hCo}
z9^FPUnd;$}S~RQ*wPf#JUYwhaE?zz_U*wDAjQ&bVE&>%7F&UxVOZN6GS?*S|Ak==p
z<8~)6G*o6+^x5)p<xYkWb+wxbpSpeiS#ErlD(Ro}?DBMxWidDnaa`7tQ*`-xK?|VG
zE`KYs_wjo>9-2qV2o2O#o;m(FLMO+^hsO>=6Uz6PErH7k4u47F<z<?}RTdudRnGfu
z8ZYK$A&Omo!)a^tsY*NVf=}~#l<&$Hz=F7#u@{&Z9QaARlGm(pF}r}&)i8VIY2<4{
zLUrdd6=NvxBgr%nS68q2MI?TAMqE<->CKx9OJsx<Z%I9|klIYnPb;(d-`W1_kQ1ma
z|Ic7JsMvqU!;^>nU-$BS8~aa|;b{1(3~AQ^)XHn<9xw5uyxE{Hg)MHPmQ(-jD=-MD
zHAX&WX<m?ggj^9SWE2qUOgjDcgJsLnK2mo$>cxXp>H~)h^dgwO+H|NVqEd^XrvRx<
z6ni!%q$&&}iG}LrUgX&2U9Pg0jCQ-L(cV;Fb*q_Exs#!d#~OfJ8%qQ3I@s0rvC&dh
zq<T_QA>g8iep{pgS0iS*E4q3Z^-65@hAqh26ifDm2^BSOq}BUll+)txQ8D|8e<B*z
z>m06Wz1BEOsEKgH=3)`Y+y;{;GyIdvkDA`3B-A?KYGhIOcWaPsmk||4m7zD@0`NiN
z*X9ji_*y#dFJDHD%?hlQ>Mw5)8P&ab%t`fonR{IOS~$dfJsMXBM9k(mpK6!cJ>+?l
z-@@eCqrIPgxq9>d<wei<4FXlXMIJwUw0Cj&%m4nz`(H0#^$hqHZkMH;Dy5_(P?^ma
zhhfg({&M-Iw+dzU4QQku+Y+ADRZrQ!o`j@GRkmsUn(vrM<<@fP7Z-4K&9wonP}MSO
zJ=IAS{RJgnEPq@z)|Gw`3q4o1w;yurc*zzXy@@jK7TRo#UYnan?-*Pz9<wN(ZIJ0=
zV-zd)gu*7~KRxS{BIr{ZgRU>qH<$nPGf1Xtes@EbEuVQe#Qtf3J9O#=*kjEM2o2+|
zyduf1zSOxC6zg1*A8?D}$2^_uNiGo2FQrP!Ro?R~CA7fBg8JN@aVM$3abu#Oir5I*
z1Sv%OuO7VuD&<xk@~Vhn9we#*lxG&_X;P4ng-#c6*St;>X4V^<vHB5wIcPW-461b6
zl1&f80?Yenwoqt&=B3<aA9`VwYbegyCwxvV+_=GV%j*R#%{#x%=NanDQneZmR?hXd
z3CZ-^^F}oyNV6r-kZx6jFcTZJs}hy=Z90XA=u8(tf%eB|jT1;POObm;a1O=Gv}`Z1
zqh?F+=ZL%~;!-zfJGTaf5ov@TeL8<}`R4tPFJJMxEnn&l;nLruPyhAeA1j-2c?l5D
zYB06d<!@KN{Cau*;@P9UNtA?wwE^co@*s+4f*=7la_d;4&xkT9<1w>gMsSF{1Pyyy
zKMLP<x~UAZy%&9~YmKKyqo%&J&I&>c<o(N-G~VeK^q>DJ=HW+Ps-s8|prL$vE;RWV
z6=-M$S)o@m#2d2g1h7t;6<A^`o;4;rPcz8$pjz`>FpsJ|F~Hi(H)ofBeep);*&wrg
zRQm#b{#+knFq@|#IyyR9*}f5VNj`yjh3tU1dS}PG`bo8Y8`jOuo9T^f6tB%Lr}<ec
z)$1QxzG|g>moKa;mbvb%YDd+1US{dy1W0pkoap%wRSB5%mgMbz^B)-?i#}uspzg?(
zOm#=xL|!i&YE_Zd9lP_hZBkEV8nYr<;fgwvYgrMMN!bjh#l)ynbVJZK`=hfe%+Iwf
z3fdM<6eTKKJ69YYSRHNa>eU|Kl2@tM)drP=t+pQ4)!dC!#qNm9BSC$7GwABu9RGD7
zh&<L5>3<MvDC@oYXz=0rH+VKb|K)PAJ^Hsb{`c_c=%{-Bdvfql|My;=&CY-IJ&b1|
z18aWOt<(Dm|E*nOZ#zRY@5%r1gMTfz_`g-q>(=MutB1VSFy2PQtAz}|gMe2HR@;si
zY?;pAQ}E=sr$*<{N&V#}v6CujPuM2yF_c>gD=b|FTL~*{0C$(L!kR+-Z=xIDQUB{y
z5wK1FJ3Xz||2sN;(Esk|`6l|G4F9V|^leXMZy{2zMP{RhKs}!3Ns08eqvo2s-9pe@
zGjKCz4mm9@t`%p!_LJT%hrkI2Xbpg~w7c){H;zJU@LRoE3!-a8u35FvKWgBbc^ZG0
zQ)f<=mZ&wo(fToKnacEaw}>?>PpuzcQ2nk$bU~Z(@rM%HO3_YpY1awv$~3;>soR@F
z?6h2)MueTn@Mmcz_lrC&(jbjT=*>9~72>&qE@X#IpHi#j>^$sdm+$8KpAbLd!&Qo4
zoBlUEt=|7QIX*po(Esk^x!e5@GYwt+8b~coomCwydCw2hoTL!p+po$QnNYHWxM@kp
z_!Y!XL&nHP`BT>JM4vvj!_$&HTJ+F=rejbkM`fiH5OLv~G7*^&c6tM^uD<G|xvDF!
z$^mJ0K{gO>>(@r4>*$fHQ962tTo+aHl`-adNs${Rw>XZpe4v81J+$r@zU)w>da-c2
zYO>-QL?xe++GF-)-qUlq!mMg*H}>)DJ1A~buRA7sc*fLn7wr}4|DtKqJer<HJw0uo
z8p|^V!_XrdDAJPrW;<%c@8X(Pqaq;-@OIH7I)v)S5iN*ODY8R+erGj9N1(1}$SMgd
zlAJ2~^fY$qtb9B?-~3ry{{zv83*w3T?p~0GEndJD{ckupsonoQIeN(dbT7}2*rcWf
z+KWko_Tn_XS!Bpvbv)=IS36g8+4kYOy&f8Xj<^HX<0Gh}Y1G%?KS0t`{-fKZ`Snem
z&*d(B4TvzZjcOWa7ca%`LbaCB1c_{gqSL)1y(*yYxJZ7zgZ{q?UPcqPiE8j<jyBt0
zB1Q81ee{TYj3`gpEMOWK?UCP96BwF-Nx567a+&9s&v}VNDBhS%eRKgi(UDk%=%Or2
z`-?0}3m=WiB+XSjv&xzeQ`b7SZ<Lzu;kk!rbNQdqOzr`9lmCO0L0$fzKAivD%kwql
z|2pUTJGueZD9`<$Fh#C;?%%JS`1AC$0C9q&7`bm|L}<RM1X!373Z2dHEw2q<1B1>k
zUMerD611{J^~KeNsCcYuRSFTC<!L}j$fUDt3eFY({?_x~asB%<63?S)lICRnKHAp*
z@nJRp=WsYYd|3bY@$8@rTofedmF@TpbEm?15yeoIHN(LTo)YRiqH-_gMfND7GZM#$
zt#9tviIV9)%1Mli=$1f`wDuk+p|gV$GUX+8_cBPLL_!`L{U1G_*Og8a_>!T7G6IG9
zi0}B%uijr3X-=FSbPi=x(BIClP#ERZ@uyMIhyQZ)9e@0<ybu4CFJ{v|`;YvS-X{GL
z&=?0y;z2;R^Vp{!GUu^B#y8GmznHUsr+GAW9{;zqgZ_r|C|ywW^7#wu_*tI*lLUq1
zM<Ky|-aJqL>G-!aNJG;9=8L<-({cS@zBqgS^9z3-Zqmo<^?z_OJUpnZ|G~l0!~TCS
z&rYqlx8t12nxJxj!<1L^m#^Q-V#x3I;EKYi-=9XsY%vD&P1X>Wje5NHH6;Z_i_EM`
z4fUv1X=NTtf|F1$Qq9`biZ7=L!bXX3zP<a7^OCEi6uqquY$dXS>5H6@{&ePLOyKpU
z<m*>K^}t=16I_rwZZO&aC+arHj6^vE=<QOJh?3xJko;U4>XH_-8XbIehTdAtI_ogF
z_1w=?b59ll?N!cC(D@~bD8eyKrQfqGPOdzVdSVc!BuVEZ+({%jn6X(Y>y1-YEL&B;
z_8sR}W~m~aaN{!x2>(dwO|X?j1(t=t*|(E4j?)jkL^?^BxTPb<L;pw@C?VE-C4dr^
zCA%4;&7dkPQ}V_{Oac@ePZtG^LLyOzi#dD5pZeuJxoc7c;kAMtF*cjwJR}JTC6o15
z;{&V-umKxpv@=x5$1H_qR3b4vIQ0kqz#rDIV6vB=M=M-fdX@C&#ZDGfUf!jE3JKX(
zNrD14SadD#G+lQft-TOGj7>NykYOgE+Xy2pqf?MbSt5p*ksLf2qLS_$-|&i-go3yG
zS|*FWZW%6HG3lbvE?n`OvlQ(`KJi6acXVA({&L-OoHrWdvV|z*PEN#{4oi`TmC&28
zWh+?ct+voa3HV~!Unvz=e$hihm+&2DX9xXSR>V(r`ri)ygX90<I9CPE3-)uA)PCMa
zZ!gjiNs|U$i0cI<Qf6kEFb!xwNRxnM1?|gtuYQ(>p8UfThF6apO=Ch5l#_XSOG3^f
zj3gQ!XBRJh$2p@2Gc#%t7yIb(V__sMRt@d(V<<ujWS``O&XjvAs>pjz3AG~k(Snkk
zd&tPgj06SenvCR=G@o-B<Uvg(fk9Okfe5~CG*z#`J;*o|+;!K?WQ~{+NjW*PoZK?a
zFkY&LMZO@{zVrY7&;NCPK#w24P75-6{Mh*cy)=wRQG1r@$4do<r<dW2>;t9<Q<?@5
za3<d?k|i@l%UB=F%tQ&A;9Evcw#PDo5EH})$ia_Rjn{XoSWnP0T`1};(?za~Y8#hI
zs~FH>^9_bGmkrm<nv|ff(H^-a38N_MV2+aoj^iZ?VuBN<FsMQH7#~FiFXJ5(X~6%)
zfC(~kMj7Yn4M`v|579GqNPOucm~rAx7CBVW1sHtG1la^#FtH7r^`1aD5$t%qUm3za
zB1Pc$d`2lnE1^D7G$jS1#Ui*-egnX4A7vcpAWbM#BcBl^ZP>Epw?{vKbd$sYxW<S@
z!YH=iW@*CM4@AQ%UM^DZb>8Px5ep!W1@Bnci)V=BA~7l$)6Z}`DObPLzqo-IfzqSS
z4<$-`k5|rTB_dR<Gibs1q$<SDLa}SyMT%hwq~DV|!k93@5h^E7<4iEb=8T;~Qs5{y
zrbeCGmUFHqM;$w>!tv!*;DmfY_EB;bILqRt+2E?cNr>~1@@?W=^b9=9cePS|0=0_r
zl87)vvN78ip(Gh8n8*}6T2;dp<6wwz{Z&pTuQm<{Xa(4J*kAIr!ugCYWC!RodQNDN
zM{waBeMT=n;&~Pm^x650JoX^*f6x328eA)l;~ITNux+bauTp0n6G(8twObOR&q93y
zO^(6P4!I>1UM4#!)j+PZ^Vm~rXuM1&eZc%MUML}4mAMurslOMw#C{lkul4jpsmU;m
z4h~PBUh^T<YMx7^)DPf^5gT8*KtH2v*S!{`{zX(BT1o2XV#>Oa+8(QQ4RF}vXKQr}
z_DFvmr{n${GjY*>o(2oJSi~^y<1F&$;f@(tXtQ5dnk$+fE~i(htGc~{VJ(+JjcrV&
z?Sjsjc@(N~3lumQQM0K?5u2ba4QaWimGU7XI3NuXe8u&D&RZr+^0*1kxu7&O%!dd8
zV>5Eb*L6B61IdK4z@#{{dcu$s1#%9U1XQ{$XtFP4Mi82jpiOgClep2uN?c(@y#2(Z
zV+1L_yfcTbB8%keP|+oF@|oZU9WTum5bUE3b(f+SiZChM;`F)rDEB&&=S<AqgL7o@
z`{?=Dwr$(CZBA@YoQa)GY}>Xov2EM7)0^+_F7B;W?N)8o_FvH5RekF8=e(Zx!>!{_
zG%AgP!gYsEsh_8>IO{5Exx|iDTO`D#kVuX7yRI?7xOt|j+MfxWxgbMe+!IOQ@RH1p
zSiz53dmP%4fh(C;M9c8cmdic1zTZ2ErG}`2VPh!i(5<q6%cSiakVPGRQQ|xVJ+`c_
z)ILE0R(g-G-1ZVG8jGz={)dr-b3wJ30Os0%J-c`+_K2n|ltz<cxJ$Pl>IBd44UY=9
zqbSyuQi^YIO)bh-a~izKumM6drx4nw@?Se<xSBbA|9SYgaLy&hAjW}#j%stt)exfM
zHXpH0td>@slPrE^V%QU2`P&g!sMd9wGl<d9#|wAVxmJKosd`5dDS!Xkl{%_MwhA1-
zJ=$q&{PZ!a+BR4-7+Q)g;x0*^-U3-b*Q~^GxR!g*0G!yX+>zzh)sy~NT#2(bxi-j^
z=r0v0EU7fH%@fHUjU0Uha^g})uIT91M)(+Cx=5r<J#3&#G|2ON@|PxUGOL)coG@gM
zCZ9%eyct(_mXv5BedpJDB+B$y2O-32;eIGGuf^G)xqC7BO9Ucfg=PZGq}mJXu(-;W
zqNvArsa#}evzLBEv0^edewfO!W`*umhC|)iccG?=SiU_ZXk?CL8<cz1TKT$0wDfL_
z=cL=lIr=GGF>KhGc_pa3EU?Y9<|H~gSHAYvAbh3~*%BSgZ}4b}C}Us=0Z#X80Z9%T
ze~5omGIXf4ePE;2)UpG1ckEE3@CnSCX6F<keyx3Jeh4*n7)0N0hwTqgk!BJyk5`sK
z=1^y{3(`Y{1Wu(<uOeg8jxyoh;q~+uRqR|&X62g-uiJ6t3095)sj`Ug&fWBX;mr$`
zYdb&JW#2NQOT5R~P=tb&2eT<R3Ikyj_uu<vdK$Crerpl4#GIX<CwFZ94aA1F*ICso
z%0D=^@C+nldso?lcI*cO5$lF&2k|y8y2{8Pf^@*_;AoI%%|lk@S)e14tBg(UH^D%X
zaq2-^dmxG+ZyZ2<6e;RT{ME;U$LM;rq=`U-qz8na!OUAL42!OjBX7gu5=}FMf?J{V
zYtptv&M6h)lgg^#T2oks4A-t-nVkJAlqzLS0+%|%53`94)sn@OmYUu3&tEvzQ)!%{
zbA!&`>>w5ck#}?GoU)=U5hx{%sekQs<P{u8XU2_?M;qbe$yKP=GuC_|Me3gA1O2OQ
z=Q16NwTf4PNtbslz!3D<>dCr^vi|_V8;@&%VihHOsTUXh>)EG7b;kZnY;QQ7i$qK`
z6CAEeKm`o3!JCi|e^kt{!OVL}s`$D`9UGje+z{`)p@#C-*sfjp3N;PgJ9&$(-}^_C
z*r3}!?OJ?(7ILlnE&sXX6Hds4df6*Jm@KwWwvac5VZLs^?W75)*d+#)@5uOPo9_zS
zUP^=6cxq2tEHvJqK))2DqCLKW--P0k4@4624ovSB?6s-T`2z(Ns_K|bLC1Te_r}g#
z6`NS5WN6!+X|lp*z|acv^GGqmZy4)*q59)iiHr%nh{eYdYLsF9xkWK3%6L<x$Zkeu
zzj30H_h%q<W{&#v8~vj88VHT7Tz<o!5Wc7^?^<DN0^x;c7Uw`f+$JhL4w;Z~SJYq<
zsP$(HW<bhkHJ-;CmfSQwo?w@%v-p;=jqr$^oS>bBv8X|DP_<tt-Np-)QwC9jf+kNL
zCy-j^j(e%(ltj=0JH_idacdH}rHyx6s#L^xCvf4&FIY>4@c0rD8yfJSZfebwr&+LR
znogrF5&g`!nQ++zY?z^4-O&@8FFD`ev*MLZ7LpbHff4c&vUP&!9DLB)LMat^XP)9_
zh4LN@UF*SqL>bY03Db{2qV5h7&tY||kkq<X`8^@*TrW)}1{<zws)KJ;PF(l*Ae3&&
zsUOe6HrJ$EB#8*J)q!itDC?gx6WyOxJ|PJ>0kR05Hyu+WY)aDDwLMubJ|#&An2#)?
zgn#DJyBNN0Kq3ACF-{N&hRk$1QFX11w<kN5sI7ESq}M>w4{?V*zfeXzKPko~>f+M-
zhZl7iI4>eEUgVnJeMD1o+j%}gSHeJ{4EHtb1jU@NcKL#_2Ze>5-&ZALT*RfY?{pws
z9Egvb!IlqH`w(x5oq<G%WPIlzNdU1(pWnAt;eZ*3(Y^`O3{)9I#lk}q0A7Jx2boV5
zpWVw37^}Pk3>@@{egeAr;;h9?J6(`q90Lx1(-aODGzo&<@rW>xq1JN*IA-dmubRAs
zSy-MDX1#(s`1eSP0vt!b+ikwsib=sdpPCH8WgBwS`GQ?0;^CAUS{LU19RGvH_;9nn
zME44wJ+5Qc)x%}_QL@aAazXu02|f1{K`H4(9V9-%(64!dhxH*3{Cl5TKt;7L5o20X
zK_kdR-0=gv%$j+ISV&2GXq{e43(YNee>?_p?ur&*{kfAMw%Xw5&F?9*11@eKZ(ohR
zc19Wt3kF{w`!NjlA<vHqv;KV@T%KrdlTDqp{ffj;wblwcAq!7uagBNiC)`}&H$oyV
zzfSmwQFTLv#whOomsI1VW4R)2N>;$~n@N20LFrUN4jb^w2X8Mm9p~a^+wnB+;X^PX
z28A$k_;`4DXz6kPcy_ycwh$zYB*!%T>gb<~2T56qdT+YQ__6NE{%8Oni(iV7JvQJJ
z5>0O$-_2f_K1o15Im)8XE~4iQ4Wl1PmqL2ju~fB{?2w)P(JGLIZ*hXFO*B1?Z;SNr
z!}kj5^xnV@`Si|J2Z_hoEpB8ulQAI}5sPH)s9^J?@2FT6QMDrtR#h)kfda-p?7QzD
zA)8PVa#arIu`Ht@**+c36tSsPn7V`sWMfjo;OaHnLG<i~`>ZB+GwC4<{K2nN9^Qr|
zOgLpzi4@@!QZ_t1Ji>6o!4jGc;=a%GnRPE3zp~u+rHv}*{t9%RD3DMyc;^<`xW=|4
zwg28kc@{;e^S5B<P2g%2D~>W#xjTBjs-;>qd#L!6C>6Svw&a+|<uvh{JJQaCQ%Ny6
zOW)Wsk1mBffv;-r{=;duh1-C34?zGlB+Z-lMxzIJT5yfHocER@*_RBLNTabQp(!YE
zCE{|Ed9q0IXD#y>WqB>&#g=z$K(8_Xmvrh#cGLy8+KSsK`5jRSVxQkwOZeM{V)SF5
zOD19URWr&nIp=kJEd|O~-b(pf#mfpmUFi0Ibx09Vqv64AsoqIgW3{QZGz?nY&1D3C
zD~dueg2usAC7gtC_7!Ab*vQ~E<HJ%-0*|dmgX9XO>6de0>*gzI?EB7J8^&jU#ds)K
z3cql#_=Qs;YxWd?kVkQaT2uSrL;tlbWq&qGI3{!?2y9W}se*@m{h>weks3$8hE5zA
z`nQHqL|KiMF<og6mjm#H!B<n>^~J>xk(oYQ8t6wCl|RrnOx<Q5lCU6M?pYYvKt@_R
zd>I116f+yza58X6HV6jq$S;74xo;u{szRqS{@q|yMT*{U1b)>JR<O)L?*sKGi3?h(
za9dtsCGr@s)L6&Lxpvs!;Ned^;s8r~X()0``5ZUdffDP2C9+|;&64*KqXz+Vq`>fl
zNsCE)eijG-v)VUE1&UBP=@jLLlhsMQn<?uy<tmMfD<*SI$1mjRjIE@!%^<H+AvI?6
zkVw$VjMHlFBna?9HHC=a!jC|?+GK-VGbbnqo5h3v?QT8?SE}A-mzpNP7H!P|(n3x;
zuF~iXc?|T1wCbUQt?4&cfru{GqNAg!Tp3_`{KxK33!*>x-2ZM=1uYi3G<o1)N~fYW
zGhn;yfF2;|sbHCMKZ+8X+{PrLo?2&MnoIIq_Dg?Q+RE|^m?REwY|xM!A>u>6Vkxed
zE2aVR=-cx}icBK%Jc)H^^gKaWsY=PMXDE$K5>?NTn@RfjlX_v|Ym0@1Q^3)U<2SPi
z;$%aHPsY)a7Qy9|2@KQbF{h~LU>W-iZ{k!ki@1`5G$YjGb9Rs#SIlL?O5Wbnxf(XM
zYnGDr=6W!?hYqhOm0xOz*{p8seLZY2)V%H3A<&<n9SNR;bPOn7PHfXoJ&(h%9e4v{
zfkMDB7NIdLT1DJH^ez+I+*N@tbs)r?@C^CMD=l6|gW!<5nEb0)TkAv}IQS`(RiYVk
zztof4Xdi4Hiov8`3M*(x<k;E28mN#+0W)6@RnF_=5Oi~QYK$JJS4#9o{`_n38F3F4
zBXZqCSxBwL(kVXFhe)uPaFl-RrB`GT_rD`CZ&UUp48wO>lr6tXb&?E{W&@$^M!^fH
zPGu{hLFrug(sh@?g0@NUZ`N0%i5ghU6(IJQ69v<q6&d&9)))}81Dpq+1#=Q2B8ce8
z<<79odGx0ZhGnU*?=5*~>9*>XlSXVc!rHV5XMKVpVnCmDqt+NyX`CLqQ;wr_86xGA
z22;#}+x|xjGgKI}I^8KXZpyF;wWNr}D^tfVrlE~CMpJ({!x1o4N!;xX1@^`-Xp;p<
z;m+Hck;;nCdKX_lqG~((d^tVL%K$uCI(q##3llTxav+qAU<AabIopU9z=8^|{T~6-
zFgWGjbYl-Dbez8exVp^im6T5N%{z@OEinr^6LdS&Ju)&S!3{GyV+(muYJnC;f>}|1
z#$Pu5&rE?wHDp{Qn}E}J)tyj>fE5$z9!bgwGBr7m*ojkaemQDed0G)9`(e9Nb=Vk_
zDk2|%^p4(Jm;x0Ajr6cbp%x6}viVUaI__h?6+A{iQ3u{KshP9+f2UtsRXl|&v5o=k
zG>7#BL97(u&+@hM*bktVWBmxUxN8>r#f0-=O$DLpV0S<21^0=%2?e3zdHyurSal=a
zl(iZS%8=L7Z&8jj+tUBQd-)~nP?d}1GfonG4w-Q;>fc{=+9KpUtW1P935)Eu7B3kB
zJTSFjk^kPjRGbXY>TGZoMZSg545w4niXD+GD~Sc%%}aSPo=#wXc`Rl0idODW+eIPM
zq_@LL+!GB{%PkvdLm&R7vnqB5j)U67OkpFkGH{YDLugYdH>0I?;Ao5Usz08NgTL5%
z^lF*PdnR@$g!XN1ug((Wepq+kzdh$Y_mlkNg&W-it8ZgOQ#fi_J71&$1BZjwGDn=4
zPLmLpi^}1gW{_Xi@kIUg%6m>dpNgt)QO5!ttdXGbwRti5j7QyQ&BT>w=su{L^7$A%
zuywG#^D!u}tZ_AkdcH@eTd1I?Dk@6!TGlfs)R|n_I$#=gUiTtQ--u_6X}o0pU@uoG
z)2{IGY(zh;t%<^qgc&N<gLu!b_VAb&oc}kJ9$b>M$c*x^X+F>TVHf1-9{rM7o(1I@
zx3_4l5d4U;tz+86{mRQMWK@Lr(eAs>i%(CaEccR4w7zL6-r<>^Q$+7AnM0;>)V9Dr
zGw&&0;`cRGH`zZEq-1Wd;e#C0D3(`gTnSWEwv^mjH2kA?a8+=h!<0)UXNB(2(%EP`
zeg1Vf!`R@VXBM<1WiKy_jx)=2h>}2k$-3>@s6Db(@tRT93%B>k&ZooqZP3BZmm4Rn
z<KX$1n=J!MCUNb5E8;b;Uw_ctL`5d5F8*J07yVp*?X0NDMq?{rll;io&Hrobl0yYG
zHi#@{xNh#|Km(RyyVsMd53{_B{{mMzM03vt)&vQ+16EQT*bw1{tV*EQ1mn^jue-ym
ze{sCQk%m%+rzknva(7ng`{3iN!AEPi#p`Mct+0M>ImzZ|cd%EzW!`-_U8cQIyY@d4
zm!~Xio8P4&%+$+AB<=Ar*YMig-~%!u?1$sKWp=>Hx9etc(g@t&c5(swpBo<^sx!i^
zD6f~f1u4Gz$=?v-Zk#-T%E2NfL={GM130^Oz#pIg5-!~Me2ajdRLEE5Hwulc>{r^Z
z?t&&j<OJ?6H}#Fm&rQX}rkFIBh)#gEg#rxTK1eKH@T=>|k9!Gjdw~$J;#f903Vw@D
zpfak&#jn31-kZ04ink~(st$9+_+nSY#KzBW?d<ZHzvgA#4C+QSE3=`nW)m*dO^7{%
z3bfj}W}ss32`)tR-LZhLwNS_WC%wAAxAspTgj8`}OrrhM>n-x{Lb9iZzMZ4P7B%&z
zyL=dAi=6#@?68@|3!|;b>O&WA-GN~NS#-h~=g~MDMXG7PS4vllF&cu%6MHkq^lxCy
zPOujze+tfj(p&3ELQ)gkO5~DP|AsmKSSQe&ZdwH{i=Wr1jzcWf;dRjWKtwX>3X=uZ
z8RRe_x-6Hh!7!e15|fG~M^jin)qSyJ7m|oCuVFqyv&g1Lja8_V08E^irl1B}Ej)kY
z4w+Vj8CuWP(JUr(dwV+Bb98vTb@{|ICa}KKlD9*t=?$6&yD_e9G@7>SP6aA`e8p^J
zcg-rL>(5zCj3o17i!3hLQ}~=ezge{3C9?^Z*O3NxZ2kwv&^;n%GYB$T0ynK4IS@-|
z8l2tD^2tb8=GEN)59NoR5nE_I1;^K)i9N;zw3>$7xLW6JPXr6#Nzu;F(1qn=)ya@B
zw}?@kZd$|9rsYfU%}265#r@<i^S@DR;7JT&YqW}_hNvjkPf`<)%bx-Xa-dGGPZe@7
z@<-%D|DoY^ViH<+DT}DE<x_`?20D*`>Qz5_?tt}s09<HL<d?gTm(Sxbz}Cov-KAib
zS<=}uyx~$JGAocz;-dY*#s3kEc@qEMU`&zQTC-H?j&GeUcZ%5fXn57ZMpT#Du48}!
zSfgep!c%Zi(jyvCbA<8CaIjB7i>@#owumKhnoKpF0JFV2`+DX%t!ycJLqLeh_So#O
z3H-n6zs11r_?OlntCnxr>PEPuIIZG1j_k%ModuO)%C&<U4y%Dx^7W>QX-YMsw3RO-
zRHZ{Zg~rdQ05LW;__UP^-CFi(6l;>rx^}HW=GMN$F*rccePIbFHFPsV8;<tk*A|ZH
zhM8E1vf1h1Rv@3a*Je*pEML!Ds6THk*0vhERuK-KK~mjRCJGfhQ6=vy{lv!?b8S3C
z#vCJWYMqnU#50+n7!*HYsfY|${sT@ZwL1*Y&&#>(p(94X2jPuhx6cymu5Mem%BRpx
z4luf)Hy4}>#7pV~XSX_4qk|CX(`w3XRgKs9_Y)bJgy;VK|H@%#vVNBMfNJGem@Rr$
zB+|UY%5-Ucw^>)wei31K)z~@+9xmS{(DQkrnr+iJtzmU@aQ@w9Zqws4SLWLwS{NFp
z(zt{Uk)QPQTBa1AEoFn?&vog2Rul{}tvGh)G+nz-cNe|Pz3*VKGlcxV<uK%W)y*$_
zve5L7^?3sB7Ms#Ej+<#zWh5LT9Ktk_zBL%QAZ1CquA`MCfu3<?2ueBHS*6m#0vJ5{
z|MVYt<kPerY=_S!Z;$f!eleBJTgh_p!@<(s<gSV2Kc%NSr~Ww&QLf2{Ix2t7(rI%F
zI?`C4Sy?}K_syJPT}&;uX2+|_y0Al?FB?@?B@JZL1%W@)V25I@7w)7{w%RFC^$7pD
zM4(yv`7Cn<fHk7EYl5Bh(aDtPv|z3(Hx^g@>~1Q4Ew-O_vxkQvormIo|NXsxKlMRq
z*yDBg{j@g2*t3Y+U)(F1`+YGasKIe?k3y8Q^vk+>VyDLU?dkq=s8P~8kqR2z26Xz*
zp)lGMm@tU#;c~rLF0z@*u!;FV^e&PoG|qFAFIvyVZ&hqlZ^n166&%IC67qknveAPv
zMn6)St-2N%Pk%PPPY%R#p}g<|!yhfU<d2P%35n8<!gOa4k2l!b0bLYn2avbyYnwDY
zum#B>nvJoKf<Kh4qk>j-`?$EhtzbI*&Vgr{kZfk0J(+nzhG_J}DJU!~OuoWZ)>OaZ
zI!12*-9OL9zd5H|dbZQz<a8+EtWoab=*&8{s8*}>vwW*azSr-mtI#^`Xsp0jKk+O!
zCQ0mQF4!=uU)D`%{h0DI^{0D}Blhng)nr-1cS7~-wk=Z^*Kog_o@tThPqvzjG!3CW
zm#Q%nSEDdvO~XJfRG5Po-nfjNu3!>eX`r&y<x);6v%S)D^7!T2R9&g*?IUYYY@ms&
zhS0L^rKRb@ses-|$`A|obT*Y&>EQCY5<qmXrCJ0KE@_{A`fniS+U<M7?BM)#XZdw!
z;OEm>f8Na9=6^4A^JQiO&b_f_L?D(wD|Aa=kiT_12e;iqEw>W^2ao_A`#ZnNyp`&i
zAx%WjYNM{d;hM16zL3DR7*#F!^s6k{y`{Tj4vK%L^Aq1E<c%rSXLIW0*G;HeQ8ctV
zU|LW#R)MY=j6&E$UU$Sew*$XdbpAIGBjEf09>grkj&6vK(_LNjepYK_`l6TE1ou=U
zx0^4C0LlVvj;%iR6|%XtbqbarB`!v)%xD%?wn&z%_?mrvgr7PQ=D_WSM+jvsX~lV`
ziuEbmXct~1OYI#H>KB~taFE?d26BtjHyQ7nq=MK8@;OiV)WT0-I^ys-{>W4(G(Oa2
z>i4)W0D_@V2sx<(?cR58o4f!AkGF@9!hp`$6Z;pzNw(ilHbl*At{Sd&hx~$4E(s#R
z4!txMrXphq`z7S~2bxH{@YtldM~d2=sDIuU5fo+bE$2i5=`q5^c*)5sLW3a=<6@>F
zt7q_C9q$#1#}zegG>}D0;A=u{)rPq7HHDHD5@)B_&iZO&n!{-)<l^>8oBLez_W>~L
z&$AtduMMK{=R^Hx6=RV$NXb4j*0F1eo{BSjFpU+}TdO0DH+gOH-PdWSd)TTI`c0Ze
zfT$Ab2TL!Ur^lv0)^syiaH6r6c~Y|XnO9}Vy-_wge<OqG{%wfIo+4EcN;VNm6ptd@
zy=5=K;Rkf&5Lc2_NjX=XE-b7TH{Rdf`aD>WejyH$GK5oFcX<mF)ZBu!ocay)Nvi{R
zxp{p4e=lMJ{%=IgiT%A`VfrR0N9zA9V)*{Q6*0ZT?=Kc)Ig$%xQ)6C#nyLW@1J>U&
zduO}1|8+F_Uu}ad&6b14iENkyaWql&WjIJq51F!?@bT^>%(cSsX(>F?mY#M)N|}-m
zDoSRC0$mW{`E~EC;AsSz(WKPHtqGzC6lhP|$DgEufhLdqu52jEI2773Y0rURua}>C
z5x0}uEO(N;upe))h*6U2NUnr9;rGOx`{!Nny}+ktPn!J4rQp4ySLUOvkO>}B1SIg<
zv`Mb-Xx7L#)(%(fm+|y>_VL`J=jYBe!aMGC;cwx&i4(@M0}Ic0MHI9c!Vs_*&j-G*
z(u19OB6w*)CgU~249*4MerW9>*YNehaZ5m>_UF6a+Y@&ELPQ{Z26%hASr2vNpU5qP
zC4b<SbY=AVd}&~a`nE!9qDg#xv(cDGF{e2+gx1+E9yHfdQ&Z`fn(JGaNmk3yJ}9AN
z1$)I?FPCWeaLXfc$OJ!JZMkQq>fslk+PVG=d7{f19tJ;_vND>0)H0GA_QF&^UUy{e
z1}-`U%|UP}w+fq+jS~wwq!x%Jfms9{p3EzyHl;0{?iR8>E*mdvhxJvT_?BdNH$Yj|
zI{OArGb)QA$5_#P<(N4+9|bI;1~HLK^APSSko5IMPswOIWK|fi{RC-mxO!P+(f5LJ
zbESn|C1o4}tI25U=)k6XvWuLue0Ry`rTYiz@wo}!B|C(m>yK%Hlj`W!rm*ZF)V0$S
zI4O)#@>V@Ms4US?B6##B*GRt?8E?k)6G@<I(J#a6*WgZwrKPCSt6Fggf64p9uQC;8
z=ZgrKQ_~fqMC|pI3*JJ0*M$yE8OyzTHuV=5YfAeWT$&0W9qGfA#l_hrlTrN&5?{Gj
zSa5}$Ux&RLSPd=&!8Ql!_{-GK!UG<WL~b08J=PaQOmjAU2VZL`P36&9Yu0djk+Ro-
zp2z@m)sNoGEjwp$h-#SRD!KA>$hg8k;#tVdpc^i7eJECSR)^-P1>Fs;+Y;!yZ4E1*
z<j<J$m8{})gvn3#8+ymd&26^UO#D-=6mT^w$n{Ma<D$OX^-EAv`s(D*<1-0-Je$>Q
zNSlEYiJ5r{^n(9$5F50V#%xdY%ejTs>6jp&k;hZp92*6hFn4-sE7>7kzf{4VliS_A
zdlqXX6Kf%cQ++IfAcn-e@zN}TU?@qE(6h9{sa$(&L1foSk`k>mAwAVtdswv3q?D3l
z&6t#c^aFRQFu|f43YMA~a`^6rgz6K{W>B<fpT7H)+;TW}d{QFm#2Ebo+(EIm)*-C(
z6))fh@M(Ag`S^Nw(L_`@5}QppD?8wU)@+gP+okr)!wb7-RNz-6Q?V5iu*H2hi8hO9
zQ}k2)q+C)SbdTAgsW%-e6tl38Ki;S1lE<IY$R{xRg^+@67X8EVvKFWErbu9Xj-6jz
zE^Cfcbkfl0I9Kty2~3d<2*+I7yIckZL=;>`FhMw`v3JU9w=CPt@erSiaA`!O7D-My
z+i_qh4@mr~VS}j*f!LJSrtzZa`u=^ba&hvr;HVpQ+BeX_sC_XjAIZd*KNHiwGZslI
zO(^H6;;Je{I&^`!N1Q;D&&tD22=l=r?DyEp^P%*zzTS_ZQk>Fo{x;ECWYNYSb}1Cm
zUqWnE`$r^41}A?M(CdNrwQgfVx;;Xr7*GlWnZMvh5}lu9zoKx%k*WC4Ka~mwUp$U{
zG)P32c!DsZ6)Qw8>Cifd^^34lgx>kfNu!}r@$#MT*`~onZKqec$-rZbO{^Eo?YK{@
zofqpHY48jUz!gRzO$o_00~+ZJGT>`qvVyq~sdp%*#b^FC`e@QFQ7TnZF-AbKlHoS~
z`C0TH9~dE5U#QNm$BYmPwPJW=dT)K;@2}ziC+v${kv41QRK(3+pztIZ!V?U0dd}i;
zpESpUSvWU)X4C``1@JQ2o7dMo&s8&L0k+Xn@kHag%p3p)sn<zP{7$z>IeUl&cNM2A
zvS-$ir~-e;!yC(A96CH<IuALCco2fpubytBobc`)FMAm__oAaHn3MrGaJqZ@c*ahs
zQhnSmCi4Z9gH?Z*4ExC1;kIQXd~PVVl%HJW%TQ8<TYgoqvjP-G@7to$`YZNv#EIv6
zh8Y#}>%^+gKS~_#Kwz50kKj5@IE3TFthl}4Y|q&%q@!Yk7Hip=dU17FZJpsXI$bg!
zr&TB*2$?-I60IJ3d_FG4Mu(b^BoK5SsZUc6aMESgKo*<1n*}Q)I^YwI#Kb{r;iF%g
z$Py<<1uGZHT1g4VtxR;{FD+EO5lHbNVh)y%4ZY5$$sU0#Up0uXF}R_~$0HH9Kf&v=
zO4A@!gMhA2LYWI~KYKTC3*0BLuH;Vbl@FEJPp^<073*9}>N%ZM2o4pPMMfNeYUnf$
zzWxNJ&l#+tA9N=J6MVpy9w-dSi%X^PA-4eorHVvaaaNcGxhFcUV2ru{h?!WN1#}Xq
z+D;n$w6wxcnLGDX${1+Qe)!04!=(a82yQtsnS$sDu_3}kZ8w`x-xNZ2O&l42b}@3O
z&o4|oP=eM$Xii4CE_3J-Pe1G=W}$8vIpV>RAr^3ml3T9PrHk|))fT>LuF??#hEA>P
zE{!9DF8Nv04k2V@4nh_Kl4f^3{~cYEOOV4?9V2=uVrrtyTpt=ks!L@?nO%l25~6*s
zt-UDld=%9t0oe-tsB_}O`g%W9+8RLjaxMz8^!^2gOml6J+Hl%2s52WsfwfW{tuV7T
zF5w}b<}da$D89DnjIr0KZVqGdnSpw(j#Q8eLkVh_x?*ey=K7%X#-jx}AI?(8lz`Tt
z!H81RznFl<tX=)V9lY7|H*GSJx~L4TlZa}F>Q}AdnqRXDx9H&r+V5TOAro~R?a+mZ
z2sXC0hK<^4s=chL4<mnm8hfmImy~Txdd0=TYao<;wF@WVw~iV&sCH}F4yoGMN9=ed
zH^xsPH5rkG!nzE-i^Zrbksk1BM6t^EQB;I@BqP;!3Sz;hbueDp_%$0NMQB0Xt@$qT
zr21Pr_z<KS>3`V<vSa-!BZ=O;tH3T@rWGN_hW{Bz$M|*V;&O8BVp<4d3A9-?$Wo6Y
z=f9cJz_y8D805c6gzchUVz2V*jvM`UvI}Dayzd~H!yB8YWnLt<6T@Nov+tcPTaE7=
z*}Ws2F)0hIG<Y=%Yr}b1CkRzDW&A4m240&a9Rky%{V|VmWn+Hz7YEK$$3$&+Qtg;!
zN2wesuo#y3re^~`P1!A34P(_I@5Gu!7&^&8T1|~X`Nr0N`jjOhQ{p&0_P!~UQX++n
zOW8n_azsLlm2tFnloIPT<<QQzZuvH(8*HFB%*CuzB>heA9@Kp1!1-t=vhn<g30f??
ze8P-k<Gj!qRReb_ng)N4@<95)mGZG0A8?wKjE>ft%vndu?&<3DVZetc&BxK)&;G?G
zP@MaslZiLXQQ)boEI5Q4r`t8fC%n1~%d!Sgh_)oCB(AKCGKJ(630GV<%W9H3a#Udv
z>N_>EktI?Y@p!MTmMk5Dg?(1xVFd7PAZe2%7gVQTxf6le?2tjNj$?GcX+)|=;xie4
z{gK%HCypvR4?DjGIZISx%kD3%Q?98l19M61%R-zwhqeEF^a+g&axWLobrgW|tFD_A
zdtJ%kyaB&)K;S-@Fy~&13!5C5x>cS$UNAG0Ju-GT>vjU}=jXWLj=sNi5qf4o2LC5+
zD}&J5VSEONEycJRQ(EdCtBbAU;FJWOHpW{4R*C0?t521o<%z*d9@U;&x5Vcx>MiZx
z9ObJ8wgk>JtK5rn5f`E{+8acnpT>h%IuZ|E1&_KbFsmg&3>_mySmF3zVF{7F?x=P&
zHH^63MKbt3tR#p0DU;RWERHvl_6H^F94S|4s!!>2D&(O#J`^L&P?^$tE$VOEyeB;d
zJf4qMEQSx{6b{K1$8RS_Gx(eoC-8p(ZQAEnzkmdx#SQr+5(>|~_Jqkd-wHiv2e~T=
z-pt+=Wc_lSbjT0FWL&C9fBP!L`%;O9{0d6AP=F>pOY~y#U|~{Pvt{58d@iq|JhI9d
zMM1)BM^AMDHx4V`jG`#US)+|8oMWqYQ!6`wM7cjIX6^e+t{><r;Ua!4rwl(IjKLk+
zh|#7mF-Nd-Z=^v_$tXBrH2%MIWCk%T>SXz1m*}0&3kespScB>$ZPTtYg&CbDUHw**
zq2lLxwGO#WO1*-Q7{pug$S^a5MVkD%#7maqQ*b~wxa>z&@F^#qhM&2YX~m$O9X~=<
z@rR-Dzz62Tra(;xcSRG*5^KdVQk+=s)9`zO2S8m-^Xg`xNuX_0!0h+JV3nY-PO&U@
zZ_x+#+o8NaK>WVDd7LI1xb_j^*bt?!VJV!lMjQ%k!C=#=ZRM(uoEvM}d}q`uXE;sY
z(kll99sh9o-;(=+e~6-m0Z)sj3FD!WmB#)#<kAdILasGqdciO@kp0Ckfc^<YNCHU&
zR&You&v*}j>bpTyl>HRke7eaMZBx)q896S!`kpzHW(OSX{`#5wc{3o8Vkc?X;)Vim
z`{%@ytZbsZo*UqSPmGxmp_M7rHdQTmS^s|)PYUevTCWWxUz?F5=x;xgf}mR4usRdu
zvi+OOp94Sro$sjZ&F3z8MI%OT^gni!Qt~-TeFI_K@kI`5f}H;Ccx?pa(>+5<ZcGFW
zCiHj42<g{olxmrq4z`kBzx-ZYg!=^b`vr5%aACON&beQ|bm8a0$5&AeC@c*7M0~lw
zETdu;n5Y}lTnXrSgQRo>aDBWbbN<|oGNcs@CE+aZazh)J$ZhTO?L)q}Dq@LARd^rv
z93*Xt28vrTG8NloVXV8NU`Ld};maYv@S$}es}2haC<fssupVaNXWDnO5af=q{69=0
ziCf$|>JghnX_-1qSyD7g!mu{TY5qk@)e96!C5bwMYPV;%aX-?vIQgzdv=~`?lfVdX
zbb-VLyX`UL1?%Y2)CKeM$;Jqd$-+OZzdMd1+XD@ia%-o0@pSY&TO9aLLI`c8Brzgz
zBj1nd77`xG46O3MC4?flqGVj4u;-1E=T`gZipiK;c!#)1AD{6b)fKLw+T{kgusWt=
z=#Ice(bD71;*Ox;At6T~_aW=c$K9ludfyvca>fbIE$p8-DzoaWLzWBtjkJTZu22r?
z?77i}S6$RDke!!$(dirsej=H%b`Yocq3UO-&T!-SSp))0N80o`Xn9bJmRsf3Cs>J;
zS25U|<E$hw2~m3Uyt;7C?8bV)&*)rr67;wOZvFcC1HE*`Y-@}r;Ct8D(|1|#H`KwI
z<@Hu5;_&1liKx?u5(v^clgfyt%?enh+iW8y71wSeZg4awCSYy$<eM78I-G|s)cX4s
z{<^1^7m!;S(DyxDF$rWG-%G{@#gskHE#!fQsya!%Nd`KS6i7Z^9`|TOJz06;Bp@s#
z#MegzPk_dk>M1+iv4UJi-yywG?T8K#sj-&Jy8X@h`0T$oPAJKTmpSyB<9NWL$h1g8
zOnIjEhpHzZZ>cA#n;F-hz*x7$b1DtAzEX6~1pGg*uMGS4gj~fPcDXuh8);q~br)D#
z2z92Cz=d$v!EBs||G*lR=?NE!63=MilCd^)n^?F>E%hT>tq=7SXn2W#vct4JVQPNa
zjug2*<mhAORxnE{w|LSKmNr(G16+)?R@gyJzu=bHL0>me=kz5j_v;#XU&Uwjs)(v2
z>DH?h!Zy7eNl$@vNq5-A#G?KCR>o_HR26qr_Y>AgYF#v3Cd)_KW})CV-rw4BE&(0E
zLqmmU<dGM`9gIV8WQ<M}c#YT`x`dzheHCoxz0-p?Evo8u3cnzcO6X3;8bb?Rhtd`w
z+Vd)o;>))yR(JysR=0J860(<6ZCS6gT<wtdBY&yD3}A4Zu^l@z3k}QUg%L%Nv0h_t
zfiJe*(M8cv4{FEzvLyV&KGP(dDEKN;Vz96tbVBGxn3MT)75;&jpbKuyFcK3zC&Th^
zcuss5B%CM9^t<wCQDiH{9vCM^4K1JA`B!|adN)wT(g%A|RBU9vZY(ezl*|K0)K-Fb
zUuRHPR%T$OV|toDGk%n~nc0&YRw#ZO#KE`_re}A!CzusT!XBH+=if+inRU;!izi*P
zT}5pcgF`HBlDq^&iMAY+>8K3VQ2Vo9`K%=HWkMp5F;%h8kb}5c`}wNS&$WjpfwJqF
zPDv7IHMUkgC<%o`xB%l2>wEZNGEa<y_x=EB=L$xg?BEpx{zzChKg6?A3@;_d%7~3B
zf)V37&S5kqk10b$`1s0}pWFZ^=Qx^hH+d(~Y?vWm!GP0Zl2#DJ#nKrI%X;=NGJBf=
z8n3x~;<O!gBkcP=hu_b@$jSzj;Doylm@|Cx!NWuQMDo+JI@3W9*txku7Q%r**Xe&0
zY3XFLr5a=|qi1<WVn+5<8Wb<Xy?7_3C~0HIvs{AwiZNQO)DcLI>A~|mK<^&rZPOlw
zRstu$SQEy7v8%S@?b76t$vkLRO$YC8lXr$<c9C}m_9@<TdE`RwM16>^2N&nL2~-l%
z=(cc;ndptays>v0A8liXdx>UaJo4cf&e5U3p&PofzA+)V<g^85>nM9k57YKF5o3lA
z|0-*ufH66PoGH_0g>jBz>C&~S1dmTo<3<mrRQtXJq3?#1#AxM{gXoWM12B;%{u0)Z
z!7{<ZV9}@UkvoapN*)_3a+agiFxs?L2x{Z|Q8iK!IgsxgD9!rCY9deF$;YtlnDP`E
zCY3BAWu3ivU3ebBRfAootdJl5Wu#6I(=3UT;K@oG18pRbx<O{?1yTwz#lCLLbXB2`
z6DCBXH*bxRfE6;|Z!RONJ{bayA)K0B^6wpsFvzLTTF9`Vk<Zwd`!y9$d%m&-Vs!s&
z7_S%-r6(~_h1}xn5}8e(p^xus2qn+cD?e}D!&+&Kla;J2BWs=dwC|eIo+S*4z6L8i
z+(PPC(IN7ms0>x%rDwqyx9o$>TQj~8&BAL@`|L2O+56#K@KB>#JE`;ZC35#x572^y
zqbBnhkoC`=NxQHyD0M_Sfasd0Pv5W!hPvoJAT3uKXmDkmhMDX;)6jzL>0<R9Xkc->
z=^3m0@5oyd(tSH%%C`+bhxPh*99Cnf?si7Hc+<-`%SB_Z&c2zMSr90N=CZCX-h0LM
zo!DC%);g`6ILETpwOSxVy<d360H<f(^!#4h?LY<*StsX(a?7JJ9)igi%|%h$6PTg@
zf~7nSz75+D!k&(YI2&}lc@4Dn)|PZdU6C3{QYeVJ=`*tdn?rB8LISHpm6tPgX<eLH
zepK-{^E96~B`sz|C<_dnEa_Tf+)S?BO9iW6n0l}38HT8FxF>pe66t`0?Q%>x*u6n=
z(|kLS7RWKIBu-qHZ5sI_7?rBdn#|+`1fdFJ%OrM%k#~l{j4O5%k1=l4-N%;Q(sy}w
z>$~*Hk|y70WY{MSjxYMhbiZ0NNny7{q6RgSrBb_w<oV#@F5fBTWf4=Si1x$z!u_2l
z-)tEt?iK}8B2Yh#bgAEUwcIn5TDLV5R-T_8vV!_GYaGN2P<8JM^dIZ&^@&uzJn?#o
z?6#Uv_E4mRXYru;<S2z3m`wW0fo;f^^P^vy!WxwvH`Pu{R4Zpa0$D@c8zRO)mj%P|
zH=uv;m-s-bj86Oa5&{cb2aja_X%`DW9R<KWJ>qW?>+_*pXU^^(jzt$juB3QwmTdh~
z3$LOpb#Nak@m`IdeZKr1yKiX&x?`t%jpt;<Xp^jvvKF#s7R^D1F+Zo|HSRx5MC0-b
zbC9D3i~4CwUl;|&Gcm&%8B^dxEEW*=8j1&Z)MVo!Gq%dUlqf&*BxY^vU=o2%Us@Z@
ziCfhXSUzG8x|*|6x(odr!T7NFPWvR%n8UNq3zP=9BmH}j;Pic0xT9;8HjZ}t6v5~R
zNE@sKHZog&(v+0IZLEc&hpFd{*;!w3yD1?8#C+*>=*r-@Gp-YOX5&{rbx!0gK{(&w
zY(rN5ts9<RLUQTsZY;IG$)TAZDiLRQhdcNuBlW4lntRFh&Qoe*KpS8K5}o>}%)0CQ
zaIYqMCOh@+EQt|}b_rF$sL$K!LX4eaz2~Q<Dl`8t!kfK%Xzbn*tN|2khkY^uX56)|
zGReeoj%4&o!uR9)F+269VJJ;_$x8!oty$n>aYrCG7j;@f7odR39hk_`k>Q2YW_HoH
z?Axm6Y%!a4wz8R|Wz!LklL`N2ZBW%tfAynk<Sas%t>(p3HX|ef2~#&9Mx^;Tcj}Id
zB@pTd^e4iuzssH+jA1t~cldV%p9rcnKny=sm**X#<`I=l-T48Aq*x)4aV}PC1GD5e
zy}7*}+m8T#zh^DLov(mU>^evNKX(*{y65rvZ&(5c|D(aKVgoh3<xaT<52-4U#_c3^
zwi0xFui#ymlVo|{;Jhb@j^DHw<sAK+adcyYXB0DHeo}30dYAXMNloxj^a+BgZ&kaZ
z_eQu;ly(3W#22KU5t_y3IQERZIds~YH>5x-LE9Ow$|tZD$etJNf%CN_a7zrv`rFNZ
zJrLTNdpYs;PoH;%ss&9?jXyR{grBe)Z@s^{5%tnHlknj^PtN)E<hY;$dE*Xx$+fdg
zF%e~wJ;xQ+v?i-8?fPi=MAj{=?b6=h2;8L42Y@dYfpR*UnT5lXyYnMrQU->b|9B<h
z>~2~GErXxe=+a;;IpJyW`ru<BcLYvC@A>d4yB}BmZ3Neth7=|x{u@nUde<<(4qezM
zzTA#^315-QlA5_xA@)5|@XLTH+<|fYkVbkf1mD+6eBfM3_HJt<@xZGvv9)#z^N5aj
zU(iKkTxdvpJk<0<&Br@wsx?y^NvC(`u0s_O2d9(vL~p+RjzYAdV|gNYN8`e`kU=2m
zVE}>~rEDTQa4xPy<-6|gejr-YKhy3L!}#}7VvfIDqOBCfJM~PGFHXY1$xN=m3lz3X
zmk9@(-k9a5YRa_Y171$UuhG;s_sKmvNZ3)19>?`n-|=p!QI16I!qz2Bn(F3P5CgA<
zSMRrEFLU|IG3Xywv&FhSN{Ag*?Nvn4&E6xaV)cXMx6_Me_4rjjzrQ|EB~61-?L+uI
z<5J4AmQxYl0QT=Y*4zOpM*!?gM4b1XMvECkzH`5qJ5Q{ySPXE?23N^iHx^@NAcKTu
z8=sARaz8aj+{?ncKH0^+r=2b!(QpCtOV#*PblRU2?|hN>6n$9N=L^V@<O8W9IqP^=
zkM1%_Z~~S`nvAZ_D-}d1sSri(qGsiN7aOsj#g%HY6d2;)L~^AXDf-s6ojgzSTNBJy
zpmuqCi#w)T7fuknEz9%3o&1-^Uv10xp=={Hz`EY_^T0Or=AP<~S4`(2v+MAwKo=-<
zLzL58<Fh&!UkucqPb)<kKC$|y105g_2k+}PQ4K|DP>i+;=2nqBY4?-AQio$xHjB6y
zc?Ozi3wCZ=B;5EV7LnLfw%=fgz<#bgoLHo6HxZ*JGXvA+=-o`W8JJ@4u&6HcmyDU~
z-NnLmO@&TZ0b1SM^o&&_m%z}0cePH>=VLKd+AEb`5CJrORdR;>YuwylXM*3)cP9((
z-RrLi)(&Wbb)}d=<GG+XBgI%Rr3)|J;y+yvqIigX8IL6l{-sYhlms15<A=$YEb6`G
zyHiY>td!&%oVoz@k%}udO8HxhEb#Jor#T(Wbz!_$z18ij!<Ic2dJx}qv_ABvc6N`6
zNw(*~U(V3M5_jhq=?wPp#-h2ivqi59l>(Io0w>hrA5ve-f&(B4<;x%X4Q~ndedI3g
zLmdngUXpA`Q`V%vt2*z{Cu%MWWAv1AT%!E`(MH~k`&d)96Qvo-Wa#Mbn53W>%vleM
zvRQ0K&=T1OqO$?xqF|CHiwj~l!gH7H>t4lUii4TNmGS4@YvY}04+*Gq82r=wS@Q?o
z+~bCQLD-if`V1K)jH-w`e`che=LsM}fN{9#+V3ndL82@MCrK*p=XX^)ppVHc&vj^S
z-uZO<VEwH~s&j>ias5<+tX(;}ghE=-l?ICNCP5zVWgK)=AXfOrl1@V8W6YX2`hGB6
z0EQv&yr0XgBaukfS=Z40@2}3J`VqAhLr82#{N?8|6^OLx{bB0?XX%Zg@5}R6W~?B=
z*X^-OCo$i<_x(n1@7qSd`6#2&VBvC_hRwsqnxbGXL9geNsYRA)J(-<<yCO(<0XC|X
zzx*dh(qX7$pBYF#haA>l>A3i>9QN2y_iQViC_RCw?&ap?g?{A~y=7DM19a$b<qfv1
zN7lE6+(Q8$Nz}J()PJ)a{Dc`kGBgc0cntxy*U0MHEoPuC%8fuW=fREQrX!xf=>&5B
zC2NYf6R}p`@4x2Ga(B8~tvG1#vUT`Jr{uju=1en24%ZqjU^m<YYbw`?58<0Yci(wA
zH>Vh;o+t9I?YI9rtoM7^xFerP%GPgRpPn|OJybqAMru8|oS^Y$3_nN=iS@bainq$w
zFVku;v}XEILO73#vO_fSIEI#8LuF209D!7iHE4ugzgi})E~F1<32~Gaz#r=9h?%I`
zbC!q>S(-eih;}~4CW{+A+Hiw4!F!;gQ{g_)UK4V`+g*$=0UL}(4PKZBg__u`!ClB)
zv)AsQ`_rc8b$5fyJuzMPq9YY-X0UuAmRG`7c0dpc0zh(g-~HmLYtX(r*}h-SelAEE
zcfB7Uu}`_zM=rd8+CO1N7%a2LnB6?xv9~+Rq|asogYUd=g1)!42j~D%@NRn_#vYGR
z8`yn$u`Zt3TV5y+SE1%J%RcgrH*c669}n9qJRU1Q&&*Y6{3c4*#3SY;TxeRhlEA;g
z=x%WTiOr-4eKL~Z?udWuHk0hKyxj~%nSb?KK*rwheEATFeXH*IRfqRX)nCGkozw5F
z6_F|-F7R2U^tdhRy)@xMWn2(+5wJ>jkyF%w_ZYO6x(^ULUZLDy$FWFuejxbSER`67
zo#Es={M2T+i~m!b(b>ZF!>na3Fq2-)*s}aeYZkG1@6a90NGw^7Wwd<OCGPl@et#Ec
zysk4lEnB=IeNIEy(Z6`LMeL?gGo=%pJ$ZX#S#ll4QhQIO7<Tx@913GplZVP~q^Ws*
zm_^IjxpC+%`=)qLux1lM)F$`6;Wy_4aN_cCx~2NzlPC5!g6CGJ>oY<+R_9s!dHLN;
z<FYBDKe%ShLQP~0eRV3~ceJ7Z)o;`2%R|8uH_ErG)}sS$X##xb)13zwB<ipd6_~oV
z*KTPsiuCL)BFm^+4(sXlz)B7w9{D)@@Qv3-WHTPG0-GcRL*yOGzdmMx9^20Qlxyhn
zsI-J-gLbi18>DKe<7$iuGAr^Jd_k6ns`KuXG2`A|aEfWJc30Ef27kbZ?ABdJ4&iEp
zwXPGhX#jqFGaZ@>jdd2KR|__t<illS$oN>=Ke-uJ<DcA2x<)BcKFn<miDVU0MJ`2`
zakET3?chl*o%t$I(-E9Hxsh;!>fhWPaRypg!q{9$Kounb*sus4*3{{Ri00r(;~)9`
z&i8H|HGqG|?>!B0W+0$@pU_b@sxZ#dka+xdR7Lbn@{*_MGf{gSbusYb&Cdda?F8F2
zLa8L#s9^}|=U-I%TDU|0_H@CL8%yD1gH&$1QelOc-Id%5+p0rhLehvnF700NSryoE
z!1DHl@n#6$W-UKRZvD5^xvBj-fjU9(I-c@UwV&Cn5w8(q4&g(cGoW~hh`BX{A=T68
z9Y>Z-<Zk$qgp4u{HG4EjN<r@D@KsG&=k)jVuxI(kQe{<0ovZB1vrzdNf#Az+J2`;S
zBmdf;_W{timp27KB>WP5xqn0X^uzD{PO0{Hy??m%9*;15`FPPK@RJjSC5^F4KmmLO
zOOI)$0!6tD8#O?8_pjep8;#D5>Dq}eMQbFN32^hqqsO{d%ZwREvBY9UfxACnM7#9$
z5_$nNxdD5@#S4cd6S8iV+$q_B6UEFoLC6`1u-FrTfPn5{um(D9eFMHd3l93Ug*1%1
zHY|?*JnXQjqQ>=+mT4@ifRUBV;G0CJLW2Hfd_r-PObr&8wC>IV-E)i7FhgC@wF0no
zl2&y69H0}^SpSSKC<la0g^6l%M1;}j&+}c?xa_fAya`pN$hWhP#D3ACfk(XBpI64f
zn~)O#)yJ*j)6ii7<9Ffrp{Di@+;0WazB?kKjScuW*S)LIlgIfD_{#EEcLNH{?Q1_T
z-9yGExqEC%2gBYy1FfXD9c?vFBNW#4kz=!OcgC)LWrD`<Ai`^Ofyykv0;goHp9iYK
zf$ntu>n9=JwIF|4F5nCE=iY7`@bmBA8vW(Di&Py|ZOb9agx&Ay2~r*IEfwFRfa&su
zF~ORJ7xGDd2}$Fxm)1u{V`QSXa_xVjGp<%<aOC;gwwUD@b~;0;57Dza5sqEkqBGu6
zD%6yO8L+xgRb=lKrd58-&@g?s?~xBrnW9hs^fXy?>N#xd*2B%;*++xP$-z$TToT3-
zc8%jtQ$st7mWo2c;_%`T5t^sl;TCf~LhK33Nb<Tv0l|2=3Bjlt_j+sm@=nfn0Zphu
zP{h*MgnRNNg>zz;k>#AzuJyM1z`T!LxgjMomZ9So7|fSNM?b4l6Cx`_b_;H}6c;{m
zWQ!W*>U0GjLGD|9Bv_6oH9?4!)f;q?*1;+oV2E$B#^n8t58kTwr6<u&Z<#E@LNN0^
zDLIYR(PAH0BZwNI=}l7VwUD(PnE8Y<m^g$;liYw|KGY5!qv4P~AQ}6Gxu9NjmGq{k
zvEK{X>155-Uq_57S!)PxoPk1y_A5-4!7=Hu%Q@u>(UmS31`%x%Lt#`@QAgE9pw;K7
z#Y*VnW$Cn_G2pbN-DMc-3&;<CT@jR<&J~hRpi@%hsxJr8`fyK-DWEhcrMOZSy4|NL
z&pd4F2Gb%G9P*MUTJUht#afqeVvJ}cOhaDejiKBwb@j&4GF;A)s-!^iJJ>{h+S2Tw
zaD3N34+Nb6MjobVbTsx)$ZWp4Bn7e#nU!hax#MSG;gp^xS)2&&e3LAYX=%1K?+m_3
zVnLrIiO_2aXyi|#&5BGHJ|l;uNI=Lj@FXc6L}z&SgJIaMQ#8Cy-8E^X8^vWewn9jX
z{GXl1Ud1w76Cipe<xWxCCC#&vEs0HXVKCIC*uiN>Jh{aQ(1hg4p@kDMfnf<;D=J8t
z5Mf}zUACmksv?v~xC;uY){^7k7TWE#l36)mx&d#sfaf0a&Q8H&blmG}ubqTe_9Nxx
z9Q6A;J;b0hv)ed*RfYeFy?1)9EN&k!lkOxPt2?%B+qRu_k`vpuZQDGtZM$RJwljI>
zV&*#+b2T+n^_zPCgk81wIeUMe^{hpH<dz6xw5t<08ANDq;DybV002l=gK-YxP@xNs
zLDC|I;L&Q@9JA!%Cb;qbTh2JDSEO2?rBu;m@FjZ0`eU*WN0cXDo+k<j(W#aGt1L}l
zv=Ui-k||74kcNnUPw3$v9S=S3S|Uwxy%o_*j2S0CHU1uN6q_2dlE(R`!xL2ov2{-a
zO2tthwu8}+t@n?=RliXu5$F^#NAx46)G|?Jc%LpgeUTl>Aek(!x`-=F1a0F62>u!o
zcpvrwMu_?T@8Z@d_T*>xd(4&$L5N5#ty*bxlFK#1X|NYi3w7afm1xx?o`G;~5Hm`%
zVFBG#0%Q#XMX3Co8AnUm?)Ywb0crl@*-s&G<jtGa=Sq#hDklgUuq@`ZWd&-RsCHY1
za)^_s#7NsIu)Wa6xDp34u)j(IQw$ZR@rzBO9#)gtXOpwmCOYh!+~8BoEOyn%BHQ`m
zM-LDtD3b=7L)g_}h8#>Y)SKp_o<C~C4JCw^2^Q4XBjn>FRs4;{uz(ahV@{C#^4=;L
zVGBc`AQd2Q$<I=5R2^9M`K0)4`z(73X*~fB_ClMU`Tq!w_J`UD{GJhCzH&d&n9<F`
z427*Bwb$AfE8;b#F^JjuPm%}sMZ@LrN5dGt#o?IX;{X#;Sm87rLpe8@T@>z<^n4~=
zXae%FNPxtt4S=@RCS*&U$;*Nm19Z0cADUi_tpqUr2%7xkr@F!Zpb7jj9LCG1c>XJy
zhLb5lx!yR97Tm(6IuI$62)>)W0&7O>^~lV7Ge@zP_O<%X6apavY`{yCc!znjd>FOu
zJ|*ZhoFt^;B5AiASS`;!9$Xd{F?vk9FJ3BEtJ@3)8WP8nQJxtJM|qo?!2}FKz~}`v
z3(Z9v`x4i3iXUi!D%3{A<a`tg_6@_~=yS-5k-<;<g9?U*rYVO_q=<jSkK?D=1TOIy
zH3r!SgG!U2{Xn{DZirH8OUU~kJj;NLlH*fGrzM73_AjqMYW@&r2#!%#cLINTSo4&X
z%!b*(-gOXz@QvODhf0b7d(syvkvamy)w8G`rtpjb!zoZTir>u$CC@Bd$5-$d8y2Lh
zhu~^>Dk9=<>(K)7fElDwiA}*!pH_`kNLy+O6gUEdsxB*zR)T^pUa8DR-}-6G$ymjD
z1>Xj0$Cpr4Tbg~tf&k3EI{0|c5OOu+oE*-JRVZk1=I?>Oocd^GLa2wr#MHk)x%8$)
z{uuzHETITV9wN|I^Y3eYgXDmb!Gs`kgmz{-bxcwykx#SqPkee9h<H+@bJp|*n~~$Q
zk`O(%B?1S6@W$iR<@Cq`O;dd`yfZAp5RFw0jeDNQmwHc`U)7-Jnn$h}o}bva72-)A
za0GtlZ(jbeC{JR+Xi>29$T1^^p53*aTqYIjI~c!V<0F;a37SwPz+A=w&}jFXj183H
zi{nLcpwkE9n-Tcd(G5T$>D<Ip%s-99LHP?Aup+6d$V9yrR$L+bYieQJZj?cP)GX1^
zi?qSlA7GAbR4LJXJyQZ;J*#c0C5fp1x^t<97qdHi0DqH2C0KF6#)|dB64}Tadez<v
zM{PjhkIDiuOt7b&90W&HEUxn_dB=<g3|KlFe%cK}ouLK|9&489o>LxY+&l_amdB*p
zh7JZU23epMES<5=aD-1p7xI!^Sb7S*CEE)0C2%K8cL0zuI}gJHlOjtloo9X)JJJfn
zjCb*mx~fj{kBT`RU3%>I{SXH!RaHz<hhpW|krBbQ39s@K*d)YoNGRDXzP=)byvqro
z%mfd`gXeM46=0!D1>J&U75@)agU3dF3WccyK$s-!B`3Hd6lfAxw~*iMQ*5Q`^%y-A
zF6sr>WJSGyaaT)Mp8%?MUfyWwjy21gHWf_>ep59hrrayosE)44V=yo$Q#)(wJAtL_
z#r5?ruTE@Xq||NNf`^Q7IORD*0mLNkM3=(MzhOc1bxHL6xEN}!Wg_AN8Y3djSBeL7
z!w@;|2=xWa<&NeIP#LDoI8y%OnJJp-XSx+F?ojIYcXs7%4qB4OD)qJNEuE1*cEeFD
zoxjyqbl@2-ZK4h<k_0Wzo>Yds9P`Zq=q!H_@{a)ubm&hDixD96M_E_HBwpKljClNt
zL7L(ef1g?WN$i)FBv`mwO)5ho$C8y6pOUAET45gzoUq1hFHDc0MfW<eg-o;&G7g*f
zZz^iq0!7OALL)*X)0#r%WLPA3#*ckig8CT}F_@f)0x-hj|CM3C00LoM)NO8{D7aOV
zAkif~_3fFt$N>=aOcO`^LnY^cb&@L-#F{9eP07Hyj7vG@9u#LsA;~bUmm!MlUj7eM
zGZVjK7>vdEdM)+S?V?S;31##Lo@=vF$Z9J;p09{v{sVP{Mw)-p5G!`pzFog<ObbY!
zgCvu?pXFM1{!-&kbe+*^GH*sUldYG(mnuJ?mpjihhB*BeUlfTBy<KbkR0U5zNN8cG
zeDW{E#<;@4;Jm$KE5nF5Inaf|UH}LxAvt-AzMktE<Xo+vL1aCq;e1roKpnU0Kz<>y
znj}64NFS+*NEbJWOV#(O%Dd2}Wp8_K)~<R+ie~lKV*1QWs$<DcvI7tP>CDvpuLs1_
z{LkC<d^|SGGz>&i?#*yrt^{8N&WlQO7N&>pq*l>xNF-;|?(uQSNVQBUqPG0$y4hiY
zr6S!gx?e2v*3Bu9xgJz&5^im*bFhKb&HDD%ku80ym&ArdqK~ll)R~8qVU!o%e;IJ;
zG9YPjPLNM|)0tRN{LK?hIw&cgHMgBG$hce&`l~p(>G*t^jM4!NR}ScfzebXImpQVE
zUz6AoMqS*(2Jjz{&;T9}xhc#dD|pr<Lw}y4jg2Tq%5d~sCr44>!z>f*LQ!LN0h`)o
zafkzhcB6-@S@cCgEk^^Dh$Nx?7YmW6HL|(n>dBp!u(5FwF&f1@di8{?c8p__@I1Y4
zxjGP-uklF9y+)(kDBj#Z{rF+C=6=9-*=wYJJ7&mshCf&LRR5UyL&SDOYG6nb-gIm{
zNiYNkP=m1&ED~;6!c=WR&Ym8|Puj?1f1)1jK=!3vLp?gh4<XSQE(>6)RPMJE+;lJv
zNe@&&9d7bZRA5wwX!*f=hGP37LJG+xYybH~^54SaliK~7&WDOHp`dyjMy#th=o=m~
zS$WGr3!%fj^7%d%JBqpa7IOM26EUu3iHQqSr5~bEnp2Oy{r+1mv@67jWbzxbxm7WY
zr>WaZ<om6%-xd*egbl#w*+%!-dU2k9N8s1tzE~YkJUH!-=f7oN`Xh1uqVgV(y-8#m
z)HuMwC6V+L#KEN@TaXz!c_yFU2fpv)S_8iw+qD*|6C?i@$|mPPV>3L<udlf!_#Xf_
zKG#JZcyd+r%}3(nN3(}=x87h^lDvz5|JIlw5&Hb}rz*02&MtK_hETshagN@m(_i$S
z5VCo*zdT+nPskb8^;>o`j`+LZe<G}JMSHuVMc&y<QW2O!<%u%8PUb5^DycO{&)97>
z1quWfdduRvXQ$yJQ&V~gK<XU18S#)Q#D!|k=4Iv{<kcmi|NeUBjG@(_@V#r&u6yWn
z^^7z!h#WdPAKcm5ssHG&?%w2kemx5i_!C7@bbs<)x5vflLa$GG^I}?BZ2#Ea_;i@I
z5HT@euiCFwp{#F4?T}v~D#A3IQ~B+mDP?f1Y+Q?tyk%p2VSWG5bgB1t-P8g6HOJop
z<T}O&dHOgdpg-t5C8XbraT|P|StImQx8WFP)TS4%s}O1p={*=K730W}DWbHtD)|ep
z_O{cDkL?&)N~j)yPkSW5F<wYVNk;$}`S#%$iX~*$S2}N)^<l&#boXc*TZ9atArJL-
zU0IbW>edLSVQ7GBz>j`zZ@>7x3+R@Y<HQYAe_3Xc-3hH7En3%)Kvu|^QbD6fvs|yJ
z_-7tal~9IzWLxtPcYQYF!bFOpYBd^W=sQ02jV%XuU>?Hja(}FTuhh9JqKo(st%+K3
z4X55Vcsy*YPK1&x&^k!iSkaF(qV7Q(=J<hHwCo!!OSe!-KifDA$~;O};&<>AkYwFn
z6NT6^b+Sej92f0xa|jStAH)s-qMg}+4*iH8Xe2yGuU2G$;cauiV30G>KC1`uv*2~-
zA}Q@ZwlE1^FS%>({vFfVB^+T9-oR8fqcEH2Ccw4D6xCfs?VLNM-}aImLU%CIR`e)!
z0w_ip;OR6vp6cc0UZ)?dqA9tdK!K&X#y}q2kdi%0U2MIKK~AWzhvuMz+vNM;6CIEq
zsa5+p(i5qo(&gW%XOuSc7pw!&vFjoJ{l{Q(JF2D_XPI0qPXj(3ml)cVJj5G$cblHf
zAPzJ1SBJ^Bn+Ivbseuxnsy#ptY;q8~&wU_&^3-tz_>0XSzJ}#iM@V=865SJc4$b&*
z&qG3+_MOHxVHwVJkA#WpsR8EXRP=sUOQ~yfr|ago;1<3qPVnC%oAfbc=+{5=e%oav
z4Ij^>->tb+z|X*(LG;J$v$-wUHPs>|cyeIMHF48Uf$p6|?9mrMaN-pWo<Y{VDUBrv
zf+|STB6`a>B~e3Kw4Z=VFn7p!amGFGSsnf;tm(Sac)?7R6EY&G%s6k6I_gz9=mYy=
zQS76cGeqG0Qgq8SL8}V>q5b&?I*^!2t_l~K4;`!xOsH8?mS*1S1T}Y7Tm&hd@E59^
z)&fkfW~ZJ|>vJi3+XH%!e=f64?J`X(S_jw2cq>H<bV?W$`oCIrW!3M3iT<*m1$`B)
zW86|is#q*3K87sQ&{nB>VPRHCt8TXn#AhPOo=9{Y$q&kxzkz2II~}DQM#ssYYXcG*
zfB$2b;T9RtV~2;jAe}TH$>EVZ3poAk@F0%o7jYO5`n%6Oib$?nO1kw|I^Kk#iVi!K
zxa2i|R>JjSp`eBT?kU#WJnz>-U3$ypsU0<hhoLlR(9-+E3}UPK_${rgLxD8XyjC5|
z53lDzB2H{EnJ^a98r>{fqJj-5(cLE2%6v2$JpUIRlw<<DcTp2OM5Kd3?Q76a=bMRt
z!lv5P@N@eeg$La1IX5pHuBgP2+u18m4So6ZVZ;>!Q;<N1b60FylDC2A(&qk1$GY3n
z2@bYrHFNz8)dPHkO-00VE<`@M$zTZtN17ICdZIE|Ri>nI(5fGj`OG<kr_zv@I&~JV
zy;^lt=<mca0Z(q%oh^KYGV0LgNA=M8bw&{h+(SX0IePU}s+V4VrEK$N0@DRID3gS}
z@;63o2?%@iM`2XUWhg}{fDUA7EPFpw*kDPEeEMYX>&SGL0{mw3{`STuO~kaYG$jF7
z!GmeqnYnRWfZcdM03SQ-4MB+!3KdWk$Plbg@Goh1+_7p|Crw+La@f%TWoYt{IduFE
zbTS06?Uvh3qp+qTNuvBcl<$&vm<8l>G*J=-w!Mw_j{Av?NKQzxI@Hibaw4-`Q8SHd
z%R@EtL{iz;u&5_fgzxXGpPHcc_nC`#b3^#QXY*CO`pCc^$NWx4t=!jFsXT_(-Tm@%
zcAc5{dc8l17=Ew*{{n-#%@tqaKAOOtUAusxw*qrPNr24_=B8Y7PK}g*=(*)f^cqC7
z{N6xkA^wbM<t*E^FiJv4{+g_2N`G~-bn?|Vx6$;7+#K5T)P#Il|1#!V_d$hy7d-&4
zFi?L!Dpa)QVVL5mFja3}O-;oEkwS4+Umoc^<NS#2ECgqnm`9XrSZh<w>7(4qwV;F3
zGh=jmA#S%T3W21VeoL_KSP}n;&KKTVQrQ85w&RqhJOQyDN%xZtH7j-s^kDVePs_C_
z?yS7zk1tVf?;p)inH5+pS_>5-*p0F*tbX&0{8-X`vNm*+?9POw2w@=%@Zh4jbB*t5
zWs}E3T6cf>R+(c20mDECwD4Hm4jZe*u<{SLYDvu#Z4heEyC5Psab4C4WcMG56hKRo
zL!$tMGBmA2*o7J%nd<NQtR_xv)Zp{SWs~{W{FK&5;oT_}uJ@pjHws*LxR;53xn|s~
zZh=I_A9UtY?Fu3%19My4``^xrsXBR;ZVzTJ&s4ak^BGarzf&bZ^pgtz@ja=MdVrPd
zvY^Ax@Kr&Ul)qw#2YC1{ZoLKaHp*TcNa4=ptAA@{)cP@nASK@N{hVRs{)@o;7lHY|
zM_|0Z5g7b$1jfZ|_J1HSIJmG7F`wOU&mcVJYXd*FBwBh_sifZMTsuIMf8Qm$E7)mV
zF^=vM)Iv|VE2++=syZGc`A=u5vA!VrFJc|f0V_*ZAsvM3h<}%4aR2`JHp|%7j@K*9
zvEny~e`+7r`y-5oSW#y;d`R)E3wh#I$S(;ln)-{XRdOE*K^A}1@a$DC{?^8O-ZX)$
zFi}Fy)#w=LbAWMxs^lJLLOHm-JK?I8)jQC501kRx)2SbP%^h&t8rds3Gw)|rJlQhr
z;6q;WM}H*)?BaE}$yE+1xQq-L>hl}HE3P5Ua>^R@51Cw-Ny-p@RVw{-JzX3EBT#(|
zCgs$G$69(kkumpmD1p;ND{Z$fQ&%3gQ@^-&`YU`4&4?FxcO$%!R?j+xs?LE278S_M
zm>xSg4!=Yk34x|@q+7#Qsyn7_ty+Qnf*0ZM){EcONuE$aY=q|gT!aEwAw)CiVj~xQ
z7A3pc#j2NBe;)cZp+WHz#e@PY{zB>ILV<P5+E~E!!+ZElmdDieyeiW{;%F!XcJx$}
z?zguV@GYwC8FmT*YhOH<)&*KrC|&ZUe`p+mNf*?*=|(GbRz=SJ2ct|K0mg9&x6-Sb
zID8JD&+9r7VB#ivWyY4I;6_e^lW)?&b<CeY&v=U=q#m0Zf9<)?%<zrki4cEH+Bj-c
zRj;&RaTmt*WOVoHK<zY*1xQLJ--hix?MmbWpl&*iOTS-y#+4}YW9RZPi5GNu5WjhQ
zx{||=Ly~PldE6J!EVkFw<J|vhKl2%P_(3!N#k7paeBXWaYZ~v&XKVaO|DI3tkM_tS
zPUq@q=pcxzgl6@PRYc0WLZ@X-OdkZDLdcTO-49rT*U(xy5na_vY-GJ)=o2kxn)#J#
zJZ!aSqBzDfk;R>dd|VXQk(mn9+sh^?o&f?B-h<dh(XeSC(u<;AGqMI{;EW%AmZpYt
zS?A^HJew2Ua3NfSU$Bx-f<AB<!*@+n>eu;WO~k{V<~Y_Ib~}XSMWgty%Er_KmEOkw
zQZzveHtipkQZ;{a*!ReVEPzk#h5HM73Ffyv&T(*O&=WCd7S%Lk@dkt)H5_S06sLd3
zm;!V#`84el4&~2amjolcyVo#R9?%tp=GEPgsC*IGy)Cx>M$UAQ5$5nAaAm06_w`ul
zBA(DmPe{~vTbe&5L)6Yh4>kTWcsOk6sKKrOMGQIAJ+x9m##LvmQ~ihqRt{Fr==A_N
z+P^RPdR`m;#@Zju_qa+s72bQYbzv!e;7zep4AygGx1Lb_s9$}BF+-_#RJ87u@75&5
z%@4vRnYJ8?1GR<=^h#|tRl6*DAXITGnv}Abdvoki3r~kdEObnN*=;-Mdo(Ak1xqzT
zJ{u{5sm&ZNZqqRRTmBs|N`i<vSfK@IYhek6^AZ$F*p;h(tqgz7EWtk|deHiUg%K~-
zymA>mlxhP{nb<%%Yok8HndN7$h?=Rr98#lhuZ!Wd7jT=R`2?*d@1nXZ%i8z<>rG*1
zZsirDA?Yeofq^iaX-8J&TLYy!17<0%9jT1^p*_L6pBrw|D5m=dDN-Q+(Ra+mF4F|%
zO?kx?)L}BljdcEX)u_@3ObdPm4;Dg(+e*A7#K`aPBY>T}qw_BODm+>sGZ8gZJ{$UJ
zULdNO-MZMjYhls*ZtY@vh9}Cjkx#v4DMJ(hBvg}%481jgXWz$4!aogzOO8N}dK?FY
z`(B4l`VyYSU_~ISGmnP(44Goc#Gm(#J^o-bXHZKj!EgP;dn#IYr&Rz+3^$sv6}^?&
z_4T~5=3>M9>3ZLvF?|tyeS9@)^YwXX1Cv3}9f%a8X{ZUDv@zlP@N|DaTu8{Wiyw?{
z06pY|`YtX>e;1c-*5u={`oL450$1tvnMnmiA3YYiF*lux&8Y2Ps2??#H05B#bR0Ai
zR3g=gpT(^H+0ISx%lX8=UE|2?d&q$Zt=)T?-cpo}bUBPbbhU{o8?7Y6EsIY6ATRqp
zg&K!*1P*YgCt1Qrn@Bj6Hu!rs{v=l7<9)YTyi#iGX#RlD#&&@snqY>TU^1OeW4Q&@
zR`snGXPbfdJ-b@BWou_%qYG$jcVp`^gV_Uah-Bi?47#@$6f7xDRL}KO7%WU@DV>{Q
zPGh0`24Av5*<c;itX6MbxBkpRA0a?kK%Y77!N_kTvSh4IfoUKe*TiYtE08geGr@HD
zv636k8f#&O6eZKTkqVDe5H+g>e=*0WiW)RqeSkQ_x~-s`YdKNf;<L@%0Hjj;<w`<_
zT%7@j84WaIs-$XN>Ikp+S*7j&_=rls(BJZ<${%WPF?P>aSVdcTis||O4&!;b{UtKg
z!u;xD_I~y6`|?;my6GOD@IJbqZd$Xxmb&`sVK7YZB6PDh#hz`>klq;a3_h~n@%WyX
zZo<Fv{B_y7(Db<X8^Lc#33YKypK-uCICEDW8@A&w-g&^~c)3|s;j<dLJ7mra;a3yd
zMsLx_zUdcCrC!lKXs+OPDRq4*{7<yFs4L1ZpdylO+WXV4Nd4#5U2nm=3t!H!xG&{r
zJ*s>g2WpR>aqd#CtS6B3{mgRdMb$VgOFS14{)cV9s)r|#Y{J4U{Hm8OPBv^Iwc7(b
zxC$p`FT47;G#gLQ1lmN8*D&KOWGU`rFk4ighPDRJB26`r8;#jC`HX=xX<e77wTFde
z4|_1_AF83W>cyV#d8tjP4R?wsPVsHf5mod~9xkC-Nfz~}`ri>bj`Xs({D}(gv3~?^
zK9PBXsZ__pGRq4|TpUMZ<Cm;2n*yH+?_!VI_>i;-UypjsTRzyhxLvM^-^C?|<|n)d
zX2%N?d?2%vtli9vF8Tq<I6+_Y);<$u-ahoXu>|K3U5_&-qp0&Oo>F_l`{UZ}O(k&*
zJjeaj3rA?8kP-#By7v1fF=4{Qlr>_*pc)p7iB+!(7Je4#2>gK6`${My4$mx$WJq=B
zRf1?2qX4%J$4$a{cyU+~g7R*Y*y06JIh0X3+OMKBQkZN3=39yrE@QC+9-d&biMA%^
zBkbxf|6SILHbeVhH9_j9QQ4#~zHF0?iW80H`hSlnjUC8_^ZTLjk<=32^%xAhE;rH@
zO0n|bu4-{as^2Ei-@3J$MI$J?cWS6imLRM4!R7Ha_@iY*a?^w<NkK8g(*Zt<DPO*9
zbK&51JsyZjHwIMO$S*eEYHIhdx7`!N&yw#$y-}&td_pdY@e$edqm+98=ZN(H-W!_k
zbh;{pt*eI-5WoP<3~mlT&ZMRn+&gG|_HK-K%KlRIxF>J=HBg{1UZ<ki&hb`tlXl%a
zEi!CEm7Hv&?6w~IG<tl0No(JSWxJdODW#Mpdu;abRjOG0vqdbsMh<E?angPQQ<&>q
zZ38S>HDF*JwN3l*=EQ<J4ssByJ|Z@gU)GTjfq;WS#LP!g#4PV02i8%MwOVx@YTqJ_
z&f3qSVvqOr{v-JJ?(LwqpO*t)-@6#BUwoeT-_fNbsp~JN_gAf^AB&^Y{Z|xZ-Wyk2
zHg4|>AJmcT#S)V5Prpe?^mKkuPho_NlHNmG^fw0+e2?K9QB;^TRq|i=&xKXF7aJ)_
zB520A4X9DqSE`w&z`wkYKlC2nLw+aACPYxvt*kmwbA3(cu-^Gx;=%ssfb{LzGVZsg
zO69<qb4#zOGJ6gQg|ZQisiOoPIs%VIYl>kUkL+_`5e3o_)&-}8bFG+U@*HKW0V1)L
zmt6hw8X-n|Pkb8}II)5O!;t9Lm2Rk0(H*QibgX!9E<GMh=k>$Na6KhmTC+%Wo+b3l
z_zgx_LcGV0h~mReH)I!D_E*7qzs~|%LPXbd%xi+4kr&epM-<p_fUl(u+x}8eGgkIL
zDI2!R;@vH`G;P=RuM?}d?it2WlgtjUk6;gdg+m_`g@Yi82~)g`l$Wi}>u@o*iB|;g
z7PaR}_fNSk?9R^}8TKd}hT+{iAKR9%`&_%vUvmF%5irRAC1Czb!2B;wz)1g>fcY;0
z^M55^Q2tjXU<&?!O2A0`mw@>%0rOu1=D!5Ye+iiXCj<=4?ictIdw9tqR1bsjMP=+&
z?Tg0a=h63i&HLBqUGI+J`?n|_e<5_j`3MPlHoW*HC>&Gj_7iOREcQ88dSC^t&#Fq<
zAm+kGFYe=dn;skN=Pld{Le6D`k2P2Op{F>0b@oFAvBXXNcF1-!b~y-%3m4VLuV|}T
z2j7+Lb)2Fw&YpD~U<qPWAV~xHL{5M$pC{@F?Jr$RL7U)XfuLr1y9=PuWN-I<V*rT8
zCPKDT%Fl3=;AS4MPB+a?bKM$(O-a+w`+In}z5rYNmpja(tv2tag4)3&pRbqCdgITf
zZ`2<icl!Gxnj90+t?9IHCLMD1KK*`O+KBOWzzn%@6eS@x1j-X(b{H#A29{B2k{-9%
zX!YR>D)Nya@Jvg8=arJW@B^#vI_k0$O2vhN$MUi>xAH5JkzqcbSz;-be|p@sXjk0z
zxp{{e8ASIS9(S*=uU9^Imh`UhJU<?K@xzA_6<;0s^>}08^&(fsKf2N^&NjTSt-o52
z8uOVLu+?stDU(*TV025*;}oNqPs*VLrbrkZDeKkY!>-uso!MU9wVtZIT(veAf12TM
zF5);M`o4KTAg12xIw7Ur40jlK9$UrnS2kxFVbFf}l@{{W`?u{4=L<5Yixp9to0Mw&
zD?YCOBEoZuDkD`2Ag0{qW*W_*C8Z!T0%DBvYYQZ%G*sI!nRj4EL-hXA);9|6!a(i)
z-Fj+Lrl3>LpNOpVrw#%5*j~T$f8x`rEJTa%F8MS~CA{QaI9N1m00I}t8c@JthcTbe
zDFvo(lax>fdE}aLk@dc`V!(%pB7m#4lk{!w`bL(5x^ND^=(4@7?&?*!DIy64_N)q;
zvJ9o&Ry*Bosf>ja$x~Vjn_1EKH6!eTYNvaAS+wmLEJ@c<NZ*@VcS$`+RS`F{XX9nv
zp5ugC(sVNh748-7uQT!Emh8n17{$0U7hCm1J0s$=9X^_V*BRP2;tBaW5$!a&7di=9
zx6hH#Lbn8sc6rWN@d#|1O#jOq5b0K(sHhuY^VDK|W;sfF8B{mpN#ei$4}sesYBLN-
z9`%hBuJdpb8%_FNny%9KSJ9GMoh?n*QfDajXF$mmtt7gfPc0$P-%hsI&1PbpG=yc8
z83L+%0R9e@Q|k4uR@X_J(*Mw9)V<*;d_4<fdfBHc6K9oDDoyr35|<R#k}|{_a&waz
zM=u07tf|82*~$*R<kUn7N!sY8^FK5I*XJ>qHFo0MUktz!__d7rQbj;$00!Ho>I|Od
z{+f-PGJ)!rRiADs%QF-t`geJ8dV1mS*AfXeEv^imf;PgO7lkptTNu+$>SWEz>$VGw
zY7xVm6RCG|R=K~^4=!JNBM!N27HlBZP+|5oxC%{-^n+^WCKC4W<KmC_^U7?447;OB
zivUD5umnZ)rV)w)hLi|UM%5qReI?>FyY6G!+@UBF4P^;}sqp)RIIt=4ZbA*z3$h@4
z4ke;!hhwKu)l&<x^`qEzN<;?^XF#NCd>WY=LKq(G4;}wJEt(S4(<Vol8H2)nNSU~w
z5gow)y{}ZAr|qc>yWtM|S3o|!S^YeD9cB|}|6u)(cF_0$SmcR1H6_(|=Y;;ehXq{?
zqHW|%WP(WicPwlP#-5Ebwc^}VzjpN&<xiin_#49E5oFLLPx`)xL|fhYOh!kkFRR@`
z>Y7gwB=Ky*T{`TLK<9*SZ{jx%^&sHnv&n-jk(=LoAV_bY4uJearJP_xPdZwUzJvxZ
z9k1jydraK%c&ebC`{E(a*Ekd4t|7B-{J@SH(8*Bj+h_6VZW^lHXyk_0(W+1kc}lYa
z?#KJSi-Z$hP&|OitX?gf5;uDZMr5ajr8*mtjL`dD1w9^%;9XFU5c)kkpnV4MX?Hy|
zBV?vU{bgpaJ7<rZIsN>O%?*PLW;=cEp{cKMDjct3U=p~<;mi%667OXoHovAX%BkU|
ze3*&#PSsc=Q(=$DU_$}9fD@XNV%%T&s|{6~G&N2cq9SeV07MOxL?M0Jz=;&>iFSph
zW1D6L1=c%$xc80wS$7?8j+7d_@lFF=VWn<R0(VcaYr1*`h3ct`e;(_!A@^wZIovqz
zZ|QSg#%PFL>fHd!`F!}C6r(OwF<dJ@GlWnPivqe7pR4F(x<ag0;?9Pq7ES2Hz(g57
zciycDn(2uVdtJ+cJ|klEz()v08W>ESVjp^cP3(!}jS;8Xd6hIRX_6slE%ctT1LnZN
zi|?Tj<2CopR&wbDWf5}u6_8o4wAGYx7F#O`NpR!iVEdql2taa3lEJZzCW;f5;gXyN
zpe+qt#T`Q7SjMCt|07~=PyJ9Ip|8(UsE7Mgz<WA}<-MB}{C*fp3P$y|hEmlIobKj}
zmy6r<(8sIkEA{Kan^%i+I_j4bXW@?-9f4^Du<~rvk(2uQ4dt+mYS*pq1rSPv&JP=#
zh<BFJ-S_kaCTSTe)PGwK^UbS$<m#+ZhK9`GKBX;z_>ka6i9B-5942PoG~G=<#f>m?
zn9){U3#D_kvymw>jxtw>+}piCi=(!y4B|oOW5o_u;S-R`an(OV>Z+gpqlT%=g9pAC
z)P|KkftAQYyWKBNqDtM-KzMrT3mJ=;*)`WpIT(VRx2^M#w`qUBt<sLaDzGqLnaX28
zvLOx=6u2{0tlxJ(|CaT^!(g?#=#=2qr8MLQr(y1fIcqJQDyfrTJ6;s+P{|b2<^b5L
z?h*42+<fMu*s#n%_QV*T5|hxj2|H*L!dHAVZj82v@_)~9<Z5T|*uqS++Uq<d{;&mO
zP8A&QrpVCmHv*am=5aMT7^(wx{>%lw3#08#)VtK#$C;8B^wcoN^T52kuQ*q8-npnh
za3xv$?Wl`SRPYyKV|W|ZJ4=(qK9v_HO@a3y)9bO%`R*I_Q|FQKr_GJ28tAe<e}|Qf
zrsUz){@uG*jpr^Pt*J+DU0GK=%3X9U$Z=M8?e3^?@2kyTS1h}r7MG)7T(G1!Ncsr`
zj5Ts9k`+T73GnHY1+AcrrK{y6$8_)diFU3Wv-+ihA*xDnemK||)rsYvss!|ceC&nW
zmWSu~F}M6O{pgfCRyv#4?b-*W31>MSaAK)s2#jr@!!&KazOSlTspCBN`dgt3?~DRy
zG{4)#REx6Dx;*RG$gHO!hUlR+$A00RSyGr}@<k4&#ipfTcbC$x0?SmvRMx{Ck(b-*
z#hDu<+UbIVlg*xBcek}l8@5`7lMWggvwwAVv1|*OgtVHLeIk!;V!hsII+#L2d#qDE
z0i@|H>kOF+84%#W6_vo6!sauERMTHdG}8CVEi$%+=GMP^795k0p$Yzh4Et_n%FDI~
zmn25&DDkY^Ys(c5J+daJ&f33@xz_iVQ>D6}v-)1Rc|m9Y&3R^&19mIYF`tzcbpG^x
z!Q-1_r^PtJ<9qE)3NDid)ysLleTtFjz(iCv*70!yG%&n{&*USv?>z%~te&i)Z?Bf8
zi`t6{?Vj>4;+9rwHM`r-HLUQTs&>3;Rv|6Uwc!|=*SI`RA1}*xwJkN39fs-QD+32?
zSnfun3#uL34jYkMNPAo*@K}CcveC)0BzDbL(zyTx#CxOhU*{U@xzOVE%TPbXSc-_@
zGF#OCX=YL*h~abbU+eT!m*r~zYM11IK%?<rx885QlHGE9q1B4SPzIU|#_62Z%Y9tj
zy>RSUHauK0#}Toc6;za!_-QraT3)z}lej=krg=}wgf$jNl-91yR38qeugy)BH4Qnc
zq9>5*07kQ1@99?FX%ShG%aQcJ#jMQbSvKu)mBm6dzet;UCO<dsK9sI{%}K5Y`HW~j
zn#eyuM4W97zAOd`uR#>)oOoe%Za?2%B93Ifwss<V@5H{gygYqz8?6ldu86h&UL+NL
zpmA@4jEA{Nb(XeNx}*VaV%5QoJ1HtmrKvdYA$yOes50Im1<v3cPgEC`tO8pJG~&bl
z$z+Fp#@d>-EFY|pn_(ep68q5JY4nEd_p_qPt$r5aUJ`W0sFYd|SbVpYs8qA>2*Cb%
zFK64So<UV1cwW^9FVs`O%uwqZ?6d~8f~jU7q=nmmBfVMbCDpf;uZz39&uEpmJ}36L
zEsU)cT$s003mz@0wuoRZ_`^O@b?l?GxQUc^iCJ~EsT#AZ{wl744b$_h^miEC=kfC)
zKNrhDxt%Nw{Sm1=gnr}DghW}q-IKEPwElwt!p!S5D^r*6u~#}jbJ7z!f~Uduy}0II
zPH146z*J@;_=^f+V#ti_8iiOOiv~ngI?yd+DbpFzvQ?;ry~l|3cKk)$(oGyyiLZm<
zdY=mqUdT({ZEq$Ueh~fM{>`BKUd9;kIjl_d3$IUv8+|N$ek9MZVXMb)@b2DoD#2xD
zc2=8eEp*tE2?jU;Q=qzmiyxvoo)AYNaQ4LVDO}(M1TsbM`g;c<7}X$bYtJ+T$K_-^
zplPHlv9R|_*%Tkl#39o;d|sDGjEAnnmZmN7v(F{eSviLs+(x~zboE!M{TlG7u~wct
z4YePM9!RlPr1hdU6?Dp)7B}D>_kf$HTdIeNbk&64<T~)}CLM8njHp@<;xg_Qo-u`U
z{FzyuOcHsm?uE}EZ%<^=Bame4&>pw=G)f#mI-J`t(fe+a|6zf-Lko#{=)O9*qkqMt
zfu;qVMeAMw1`I$th=EJbO@mUOrMj%kV)_9orTu5!ZlJ-4UR}#2gmhG@@L_a9LH9K6
zsHf*k2+>r-apGz7glE_83Ng^!fMXSAH<z^{+}&8{9D8w#f`OyOP|vbztuSg7!DIeZ
zSs-=$ysnGWX+~R$;T*&&e}7r`XwBjtY>ySN=%=&C^5Cl-@Bq#%TIXleqh{gHMa_xZ
z^6gdqd6>LLELzY-67_JoOuNLq#&5le;_Yd*1j`F<`$(`8_~GzF;}WWo1Ot-pa^}R`
zA1C^Qv|idMJepPshf=3ti#(C;Evu+=_sCKLbL!4J6n;qT?nWDWQPa)eanm^=S(B9R
z`r9mYq4#K{hlMM8tc@O00qUk=d#gWd-5oS_)nitEB7^Pe?VT?q;AqrWslCDdQ1RDD
z>vFGiuz&sM^M0{6U2^5#c!M*)N$&kujt(M;?-z5l6vL%l$(2V0KdKi$A>2UHbvccD
z`O5_{apUd4VcHdkQXg<{mQI<ShH8uD@6U>8m9;Y2^zCVO7{!OZ{6^Y_0QT$Fn$ERR
ztNtQQuy;lZe=1W4i|gbxv-7atePqa}-31y(opsECVBWkuiJKBNFI5q*DW%xExL2T0
zFgUT&Hzx$RBiZnmI=l>b(n)@ZHpNe05It6R*`rF<SrNl&&E-Bq{qj}&vz7ERFKaJA
z-<`<Z*wi&lP12FS5E)`R)$&`7e;JI*^am?3tte%LH?1+2z5HPFDiK{c<Pg4s2me7m
z`&50nSGi?}Z|mVO_iuBr3&ur0f0~eU1c(6AY}Uem{dN3zpWjZ}%}uvK7m;CnSxFdS
za=9Rn)7&8~Y&IpnEpv<Rmy1V}<80A}RXpnTGZ~^f)wl{0QDHZRU)Z-%l86rj5aS|Y
zqHjiwBK*$-#{6*)!%-qo)am;Je1;8?q!P~hMjn1xjj0u5O0n9|cuqtsFF*yb_~89f
zn_(N-EuZ(xi*`0VAMV$k$s=bW*ZZgaW*?us=Ag+~y}nQ}AOmpmu(>|Ro0rG??sRmD
zebhi=6~rM23{ixMG!`V|*@}D=Zs%KpC}@>RkC}i^^u}X>3wOo&j~TVq6V(G~0W1kB
zsA{bor5vI{elKV;V?QyuE#VvWdX6T&?IiQfvvTKUeo0gYY;gd7>TM8}*IAB3SQZ$A
zCeA~dM2tk={b1xtjkkz}Ih1f9WvF>Lcq{nF*X?HW&r+G4v(Y^^BjXXeV3av#^xKkx
z+H?h`qt+-if@S)v=fTCgB||6uB1K?hqXTQJA?RlDl5i>}*`RY{cGiO8Q0-*rPwnZ^
z6ooT$)KOG;nEzQ*xOIjBP_0tin(a##c0V@69M;rn8&+Whi8XC$99%QO2nfG%GfP@q
z!W6~fXDKg&HPYA+I#j%FEgcd*J9JDF;(UTf714LRWDjYIbxlqw&w8k~&S#6cx|me)
zvm+iYY-th#Zg{Z{V=-ynLU(WhRE<`^!viMuRDa!v3SYRD#po4JQ4LMi369tM6P(xO
z?u*by8~cAsV5T4O&iFRQkDNdC-r)PG0lAZO?oRG_JKaFB^KsA62bWu)_iepls?QK;
z_l;*=&zsmK)PampSEt+^7sTsRU-N&n{!&eMPk*>yu9ww09Opi7S!)wGP32BW#|_EZ
zkX22k!M{~7=ji_lEYbKq>j|@N`o1?e{GSq-qiMW@?zb22(D#zQFHIz`48s+y(0Q%C
zdI_;y++w#mYOjmZ)=M)sMCK(PS03YNS1D<27|%{?xvOBI?NyTf4FaQR=O>)c#d4W$
z$T=3lt;JAn2gy92`JTo$woh7J6XEgrQkM4FR|boqse7m9P!=*7AfDdLd9$EnFXO=;
z!eB#VZdQt9b;7)gx?@n;TD#DBrFKRmBv;zb^sMv-nvw2-LN@&9n;|SppSA#*d0$o4
z`Y4B*u5<I~ll5&5K%mYc<^Pbt-0Yr2n0#ApygV--KMS&ht3F^0lZvM(;4xQW3OWEB
z!q1Nxo}wg)+I}0<62s5n%d%oaBeI`{<}UGD-deobN&B+|A)h>azvApoDT_cNBDOMw
z0r4v<aQ;ot<^_k9G%e;o3;%(w__ajwVJQ?BkhO`PT%+80&5fv$h91$7dB^L_GS}Yv
zNv=PRwDAbC<Vip5<~nWwdYM8+c}cv6&r3T>hOYxPmKHBF_ZHOT*Nb&rq^GVWLl1aY
z%5J}{3Y8u#JTM;4tGu1bY6g+%*t33dB%?O0M56Ds*=A1A$mJkcl=cJAd9P-DRH_w!
zS_M5n#|(nu__e0wRgh7MIToHzH1_N2u5X^*uBU<fe1Bsa4E!o@aD|OJdZ1f`KiBZE
zSr5AVP2}+IzVAB|DP2W0lobgLQRg}C?o5;cy?xyKFq@YJPdl$??`km!d?IVV$7irp
z)5TMZZG_nSKR);E#NFOHhj+7qHgJSV=b9{0-$uDx=N;8?fHa^<kmE!)DMv-#MVqvH
zlklqoR1Fx`A`HAyj%HobV-&d^=D7{@l4LKoOg3D^U)AqEC9P?|BtC4KIbe*D(=!Yc
zCf`ie3ET&>&;RZAV>FCH@-2Z<5+-YEg`Li+-94!hvB~;m6_=c4WA6x;*JbYuoNgY+
z*5i|p9lPP>Yp3ArNS9a7|Eqd$X{!#UM%EkGTaM%A%=^oGd@tt2M1O!mMsc@0ho0i)
z6#1{+6uUHQo|-yV7Yi&0r&|TEG<~)ld4bG?tZuiqN`*qhQsEHEuy%XOJIjvt`AO*N
z3-gFCv&J!98{js&`2Co?_<S~`eK~v$es15qZw;G7WX_Zukf=8GZ-^B1y--W!QCbKT
zNV)gA9*>T7Vn>|Y^^sA_gt2dZcjoINcogdrRYy?*@XgLV(g!zDN0-5q=Qk+6D@zd!
ztgk*#f|XQRCNoOD!q5;wFY3oZ)ziG$DsH14H1@DYN+WvF-=X8gbr`z%a)d9D>(1+U
zJR`i%imp`c`$3=ioOjBz48JKeVs>0GfJZw)H*Lqpb*8R+yFLrb*VOoa-`a=V_osMJ
zvIOtm{>2&FI!pxP7gq!&owR}I+j7Um*JY3z_n6_L&vk!ipGnl6&+Fmw1A<MTS;r-I
z#Pqju=ks5{;R_zOSI5`YLHz>d<%OGAIcaIz7WuIG=jj<jIr=Rf*R`<z@|7O(0>Bym
zG^3oL67!+vk;MdstUg~i1@lzlY;Fu)Qm}rRR*`14A)M|ABd-y8$F(yg`w4YWL6(;p
ztqD<G;$CG`{mTIPkN?gC%F!8H$f;jz6`;YuYWZ&?(&W8GER>Wa<jmS3aRN#2AmJ<>
zoRdU_1k5)%MTm!Op5=g1%JT%X!7VSs?*aD(#lcGgMaF#4TIZ3zyTAIwj0^%vFrJaO
zFGE<gAZ!^$$tLs6V5RMc^RXKrj7-uDY|=Ef!Lr1-jBOGzib_zA$d+Ap@e50`xJlaI
zX3t~reVdm^z(iU#7=L~_pc%gbO4$fSaFZh;17vXMPGc}3m11T`e+nLkPVi3FdZ3&f
z_oVi>fbnn5A!@@~!n#cZS6^m*OJ7m)iywa;%SLw4G4LM|bOQry5igr_5j)U6W-*gV
z>M7q1YZEZkVq7?U`wZ+<>Pr1#k|XCcif5rqozQke8YP6l%gUhkDf0r$kN*%VC6ADx
zR)WC<R~B*=rKr!w+toP7DAyg&#vg?LPMD@V>qY6xJOGeEX^@Y%B`9#cjF%p{UD5QR
z{8G5hiXUad!Acfm`G*x@NF{L;;4}k(dN$wG8$m&PJVv6B3e0Y96!B(7xpBby`p-h>
z-PfL*2?`C>jYE8+_a+gZ>}@J}QgG(T5jaGtyKx$Oj4R(*eJBdbRfTJ{cigbwD^YB?
z8bVUB!w{olotgKb0Wp#vGEDUMZ%5t{j-6l-CW}-BPhC4zQsGK|(Z!`8k|O_G3&1mf
zQcEIWi-`0-Y@LW{O0prgRt`LZvM}90X|E%b5CJ;3I6g3UG{P4=hErt$DfJh4kbkQ+
zvGSrYc^vkvLgKlkc<_lfTjdxAR?z0x`;w2xR{X{W-d#AHi%X}?=vw+Mxy3Z}i)&R#
z?>(dINEHQH;vKi7FXK(s$e|z-OD%77mINbXvD%NU-Dnh80wXZA(0&9oAlrSqe9S0!
zj@kL-okm%bIa(4W5WNTK4KAGNHaKpEctM`1uD?p1l%A3_b<R@spQCJk;;b|zta}`f
zfS5#(QHN6TpXaN=zsOPI<VQx{qm1Gc{pZp+(7L=4q@n9Km4TFP^bopfJsE$Ydz*IZ
zHse4{;<3d%qDan>R7LdZ{-n;e#P9wlL#rh0NEb<2wFZg3i2I=*eH$snatrluT@+i&
zlgAxyU54Q25D=(N8j1X56=&lA?#n`*e?Tc#affRlg6qqi)Ubz7H-Q*N%}@q5D`(2d
zTB0|qSBg)He{cGg_XFz6)yi{`T5#z*ujDVAE`3g(+&rYyg02#9?;$D5ZsKn@usZUu
z_4kjOGW?@d6=n$wt%A-b<LQS()8=|wY@6&KCg<rbYGH)73Way>0rla=3^az(O9Qo;
z7^bK;EJVD1>Vvh!gy*s5)R!XU5<`^VF9T7FiM9uvVEE+S<&y*Edmz3lzFt!AMI9)c
za2yK1W3g`2Z%U=Nd%w*hHoUWDag6qR8?pSJq3=HOUoe=F4Fe2>Y+zMZI%g`Ql}E71
z*tw452KGdQWU>1L=*bCMQT|4COhgd*6VbIL9i%tV*^V-^7<561e~d)yh#%M(Q<j_i
zZ7S2cSmGmnkGD@Es>NCgRVN+56F)(z8E$u(e%%L0dioG6d?ZwIHXtrkA0z{V&0Q)N
zA%~Dc^fDLVj)^|*nE9^c%KoB#EV(fUgoymu<)w+Y#k5%nfYx~(7jzno?_YS7v|CtI
zBhNJIpC1?mIHK7T&ljjyYx(>3kEF|}$PPfDxJ^u^E%t>(Zu>F|&%hk`6aqOV4A#LE
zX(8co-Ux(x2BNWdTBn9dW2K>C{3Bq1WYI_zu@1S>{4{I+#BZWTU_0Ou$r4rWzik?8
zp;g(D@Vxtv(Zj;0yXRAYL=p2RGqWV-ci?*v7<6>Ti06hhP8kVom<${pyRdOysqN88
zMTpVHJ&=;ggRtCPbK~H152=xyf)%2<9d+R|%+s{|c>x)4U==(BRwB}np-|2H3WWm4
zq5H%(1Owgc)K*~Z$%)~?hzx35O_}Slvo<*-Q<^<1CQZiTWh><Tny77_!Z0nUx3#kZ
zaQYg*B)WtWsp_ZYvYao#f_`B3J64lb0v06(I?0WX%=*Y=v?TFO88OJ>^5f-0RoQ9i
zKQuH+b{QFr3Bp8Zr*x8sB?scVwTeLzQ^9{qBtSZ2$*i&g?jQd3S7)5XwjvH{I!as0
z3@Okw)Fi|_z~%K*UsO`R;=a9W@D>Ctfj9#lI$(Ky;9pb<$2x;!`5QlY1%kuhi25T$
zA<V<X_8Gdi)U&ecRVuF|p&%rNC^`|fB8dIljTnPq+-Wd0QHakD=0<#v?1`^L5ZT05
z7YRt^C6(dAHRA<mPi2A$rK!T=wilYRgl;b?gs-`i1jDJCU?LT(eq6o=-LX+6!SHvD
z3qW+Kv7;8nq0o2YP>CpEw|6dv#Se`(;XsTO=m*EKmDF~ryX6mA|BMBcEJiX#AGL81
z?3c5+DyZTaF&WgR>#q8>>;^hT^cgq;mFS#N?k8P62viruq}c}y1kd_dB4*E=u#T}s
zjKvgl;+<K$^1P&4@OLC|rAT$_Aft30MEWF$lw7!uL6tbs@`H@@ask{G#<}|iZ4OU7
z_WGd2Aj(u_l9gasxmCr4F>E4BJ@__pk*%XjHcHPfzXM;U1yH7b3?PJLb5-Z2qfPi;
zL0}OJiR-1uV4*&MMbXxU947otjCF~_*CMWDA-B^nTTj~V1UTf+ZU3Obf_e4qq>`aN
zRISi`dZwW}&>~}AQ#8&4A&f+3&bEYy;pB!o2nupMy0)sc6;#Ilx3a?Z(Uu|n8&!vv
zz#%OdenD<eARf6B$%QZ-Di}neI=;FmD^<O@cyOe5RYbJW@}I$sFl3fn96iB8iGvwK
z1o}}!=J>f=?118T)6|VfX|qgUfQvh4t<RzqPPwP$ud*rWeFr>+vbh^=S!=eTvR3kd
zViAbav@s=^i&2kU9qqX{624L0EG@c|;=f;DvjD7%0pbsx?YeA!C6G1ovakmh=rMiL
zqS#ZHi?MmgL^v{1Vw2M3A<ImFpfOvNj-t${X=Il@JJ?t=LA|iKz?$OPl`rIMR|HaM
z0*whw7P`eBF2s@VF{fYupn=pFbX^@>Zh%ayImplEIXxBziaeX;QDQyPBgE$FN4Yx0
zZIk#xGnho|;5IVFJh(%Jl<`UUrx7W~Yy;xV@OYVqmEyP&z4J-TK{3<OYleO}46o-R
zzYgaO`n7O?A411kozR7LE<z6>#jJbsV5M}gq#;(c>}`vFi<q|W3`Y@0Cx4Tb-0az^
zt=I~ql~j(*G)4<=FE15--QR5aE-_>oH^hQaw8#yh(L;GmO<$h5;es)Jz~w>dt${g5
z+d4XcIB~K4PiyX?FL9Bv8?3c_hhY0s%_I`r0d@PGqGq!A1xMl|@r5L@8KVqfSwyC=
zUVNg4Z)wJv77bhHU5i%j9a0Rd7l`pSBe{Y(J=XH0AGAGf?YpYP%M$M8YAz9-egqyM
zIrD6&F;kec5dB`hCL6_5eF#*%5fa7GvU9vw+Fv47hNLBTx@5jnU@c1tND06sZ(frE
zo9RrtDCE|`GJ_CIUZdw=6V=wIa*3}+BJzOXK$X2a6i#yHt3i)RkpWAIc7$@mo5aX~
z7GN1;(oOo~Npsy6nSj%AtFMNWor2es_Py<w`osY{_Y)w6cb+M$^dXrUvfthzY!Lez
z3RBnVJ|mT$e~!?MY#8n#R$upLe?Gcq{cs;TM7U{`T^L53j?t!SUL10Fw*}yEA)7iU
zxb9$}8j3uy^Jp&Wq)sOPhk9I>6=Gy$aG3gEcC`jl20O-qaY*(y_YCb%IImI2@$EXm
zH8fwgA3uJutQjbTUMuy4$nsjkwV}_29aT89z)x}Ap-NbiIM>a~w?gzj0n{HEh!$}+
zP2fv5fu>Flqlawd@IDdWg7_V&XRtR;iM`NdhI9NVO4ZwqSl3MqL(<&^Fb5m_!v)yI
zejxuZUSW8C$iO@@DO%|N1eIcPz;C{iBT|MMO4V2Rf?KkTPH?qyjJ_@IJQiJF9Lspz
zLtk6tzZ9cJEM0I3kbtJ?dZnec{~G{}Kytq%?@xfe4v7!RM4U|^+~!Ip_SpXR71<9D
z4#Pn(Am5Pv@aewz=eDzJ&W8l@>RG=^k`zA+eh7Zcp$brPx3kiJ;Mf*D2bc}c-BFsT
z1I*o_gP>ZZ|Nq&0^X|B9<Wcnf%};^p&OA#Vk*(cHzc_Cc%bDnm7hTDjyg9!9NoW$?
z&4?s80N8TJ_V3)UalhXEB=4ZG5Zt<3i{&iMbK<B;EQJD4s4CP_4_$)uy!^Qx>}&_y
zUQ`<24AGG?(o=L%l1(YwIXZOH?v%=oTZnXd<>2#p(zYGFD>A>PECK`hX^uVL1|RXA
zt~}p%<}d^>PiC4Pd8s_CP24>nkrc<tP@Zuj#ypr1!vFpY5nSN#N=4V!!A?{G`Q0-C
zP`Ds7lKFf}$aG$|H60U{;VdG*{yim}@_b4dkt4N@O@R~qWq0i9kZjEno5*%@z>83(
zY1p!2otU+Yc|X_<w*SaS*^TJG!+_nSkHz$V=V0fc?*FyBx4(}6_8?E+S_!JjHMFXQ
z1_ptrY>M?kArc*eHs`qsfvIKTGUhfyiu~$c&U7fwA?o!!&&jm@$@2uwX+kIS^PCYJ
zJu791A$t4H^HiWumC9a6>a-Mlkj9KrMxqw5+o(B00#6j>mirr_yhsw0FZ^Wuii%T4
zILU<PC3NzF%t$gs`<|!i>lu-v-HDVKW;hw5oz(MGpe7Yz>2QC4&+}>#Z$Ein&SDDD
zbQ8?E3fL;q(C=HLB4vwPHy%bCaOovQ7r%U2YGgnO9MW_IvZUI-n_k1v)b{3RM4j^=
zgyASMhK*M2_rih;njSfvg32q@M~o)&$c67FqjkLp6(VX$<2E9kYPY0Dt;c}ZM?bLy
z+EV^M&S_WvIfSObN(wB}b@+<NL#SYhI&_Bvht36B?hN=W^i1@wZ??aI1p*nLB>s%5
zafo&#Ao5(_33hkDQ;D09_D0D<)Zw4e3^7Vw`zh}A5hLRzXTSSr%y~ih;K}yklW)Ad
zj9TEtW;Ox!A@DMQS1V-Q_KaReK@p$@X7vK|D=@BCCN6$XBj47yw)XIfycb?e$Y@Zp
zoSNJQ&v}Rwtk@(&CPF9hgQ6u7qxlfM?cpTpy;~66Ux%J<jYnOJM7;w6&ccwU`6;7P
z7*}11c}|AttjI*15>2Q)kBxAsme9Gjo`Yz6aC>p~{n0bWJEHU^(D%M_MDUje#nU9R
zt*xq~#iFJZvb<{C=dNa(mS0Pulnog}^irc!x8{=KeE?-oRM-x4O{7iE<W_^5XRI2E
zIZ{^yf<%s?+_*>*WgV^erQrkBc&b-14wX_}|HKIjF(*TG^z%7-{?BuCa`Y0&kvhR@
zU~@&S-0dcpc7U&WfK&V{&0yb=D?We-H)2q5!X`x=k%78@nwwa+zHZW&odr{oCUSw-
zXrtFh&w#F><5%aU>jjuK==}S}K)XraKrQb@8CU)tmM8)}Cv2u;WA`Bn=T5L2>;?Pq
zn?t^0;(X2cj%z&XM^rNUfmY$zV(C1HG9IY<0WZem_&t22xs?q2PAKjyq8g>BOrY4?
z?bV8rDC66bV3q-?^|7Iq#irdbFJOnJ`gclFINf)4zkV6RJEdt}t-M!y#t@XmGm_~e
zVnn?DB0|T=m@txs#1#>69uKZ5yGkgId^;5IESl{M`lryW=>>jCC}l7IAUa;YIy(ka
zf)g?Q)rkxVuqY-8j7^8ioYYgvw_}_flLXJtNl3GZ57C}Hh$M}og|IIVs^gVpGIj=R
ze}5U!bOtSCRJw*9BF!`aYbSf@BVTUXnDGBm5IL8RK3rVLWpr`z^uK%m#c4_|6oYXA
z+wZI1r$@S?8}i(~a?&KAZ@&%Bbcyf2vn33%G3B*F7Y_OItvu&@>HI>0t3fCWXr4#I
z%!_p6+i!z&7{_<tefaj<02rH>&@|)UefMb-jpj%ef`j_|`FGzz=IK6Cc{SDL|2Uq!
z#JRrwXT&e*r@H@>6i!m%sx3M+qw&0@@w<h{dm#nyMBmcrn;Vh|38ROUp^;>?Joups
z|8Azm0Q?yz#*D%xK9=@bK1g@;(SAX)(`K7!!zqD~oYf86$VHeJ7X`-?a>3Omx)4<0
z<by5om#4knRtxlR_tJNpPRr%rQVQt+ZZ+s+0{~bRq?AVFFHd`Ml#t$*`9ZI7EbLD%
z2u^MYZe`7w&-RXMSOHH$R((^}AHvsaajPWku49T+O5`-^u9DNJxf*OZZo_3)&Z&D_
zJ$N>`khr;!l-F5Cs-FvaY{l8+f)jBunhU}|(>l5tn6RESgfB_@My@6e-U<LA<gecL
z(G1549wlV;_WvX+@jA{TdObvYsg);&Eqtuu2KM*&JR>LR$bToN&{SxC4J|9`2^DQ#
z>4IDtZ-_qnnnIrzqa+T|vm<5DrvkUclZ+^{o1@bc6BitzD>8R$vUn!tj4NWVohzmF
zok0j^OufJMN+2f-M6y}TXa)v8Gt6S;egp;*+7Vz&pUx@HIigIieB<vWrX)p}!^9~?
zsYkMzK1lnPCw}wt^y2vBOizQ!JucF`QtI^R{QT$FXUA@_9~e!`$yWgVlgxEa%)Ya<
zhA5q@@6HE6Vvae#rYv$-v^ILS;$<HlWpl|1FpMyp6iQhEzmLpMXIQ>367J_}Qv542
z_vM5>g*4nE;qt%Wip(peAz^j1Sja@Rd!4XPb^b4%y|0c@EzE#oOpnV=*{#N@`CR$G
z0nG-ofc>VH^)a}vQ8s_go`E1+>4ftHpytbZFxkhU@F2wgsK}y(z}TuC{tzdmZMe!x
zx-w{;bKQ&_EgE|@89EF&&Ia}U-!-oGRO)sx&femcA=Og1dzB<wZ{NvrDivSVGg*?X
zoJNlJ4-itSB-={Y6_Jaol=?QW{Ik)3n_{!3PKn2D5_+jh;Q}+E%syN*JIMiorUIJ#
zH!aXL)G!f~z-YoT@PyDRoFJS4KP!l~Kbf0=VJ3bCnC#(9?ck%+6Qnc(s89iqARYxo
z7Ya@66PqSpl?>34Y``oXZ4XpBnW>f?kbZ_hD<*Ck&Cv6Io(Jfh5EVl#%DB$A+R*-c
zef0B`R1s4SdkcDyQYs!L^D@Q)(N5BWnxp22m~ruQET%uIhP-~+>#(zs*LMvzxsc54
zWDc9pGrxxRR6C;(9Q!A*9`X=k?r)R2<o!<>HY~*u?H>Hqygx74M8A<M^f>0M0J{2p
z5lu)#M;DLLX|t5Gsx*qA8lcePER8eE)yNa53Y2LAW(KU-z`QJI&JC)xBmt}sZ^!fG
zc7F**xop_hgtAgP)|#y$+TZ(ndwZ(S;PUm?PY$=If8<Nl-|=&!``<DG_^a1%o}UNe
zy;!A>rSZRa>-qop4%hZS5A#&A<#gQp8dZG{1qglmR7O2BMzVo-0&bt=T2hrl5EVA3
zq-W-A0*hE<hwR)1*r-K1QQ`*Q9M%#nf#%EFBCBjQSH*~gB7p!~zR&PA8sI$U#<Q~w
zSgsO<SJEnW)m3`4ptFf4Ojg6Tuw7HCyX7wu6a1F@|6)p#oG>1Ue7PyelKp>p(6Im8
zKiGb<-v1Br^i7;ISb*9Ctvi8gOAf$loViwO4_nP-IQuIf^lsIFNkiiPE!j*^XK-|`
zB9nXGhYy3to_TA+{(-4Bjv{McF2ERHvejUNsGJVAJXvH!5_+v)yZ!?@id#Z)#8GIa
z039S-%N>*xw?*&qK!WKaxGR^i9FMPL^`2`b+4IVKHmECKknxy=Vu*ULsEN`oUmN%Q
zA?iK<Pl1zO6<Zx(l&P1UIaY@6&uE%sMo{nDonU9*-|p2C?>Gq~gMY+A{|W6#+7?u=
z+Dem80L$d{Sy-rT*5wqVS)2})l|`Ho$;m%W<%SNYWQYLkun?ZV&vhWX%H6gOL#WG@
zSm`(h)e-2Ig<%Z^$|xGr8k-d@OInMbk5VMgLUgzXf5z!K+^?dZ-)kR~_sqm@F@4Ab
zc#h;;svtf%&tV{e_cKwgLwO<lkb{!PbBG}p0!=G{RABhvJE1%u;9k`%+nA#b?Ot^J
z>Rgru=ZBnxn}K&SuGl4&!Sa-etGenh1CW9H82AcG;5D?XV!C8FTIh}WXc276bQV}?
z2FyBy+*L4|;nUS8*@4p{Mzs>S5uHj{D{pTMU`a>)zw%zKHP!D;mfgZV<{eoFsit9?
zGG=hxaBgm>cBB2LQ#dv@VKZ!&J53cUxW${!S<T>SrD+-FHljcokr6E0R$tXnsn<D&
z?h;df8$$Zg#7ITGzx7b>qIV0L@(+E5j7FHpp*G4}8FZ88@zW=7N|H3-Q^h4#vu7?I
zcc3zW=C$KMJN^2jxynpwX3~UQY^`KNvy}NZn}u@Bgipt{jGzmNdtlSHE*X<KEnnFD
zpbnu@vv*`&1lq@7ZOrAU8&#aF@U>j3Zbn(hc2cLLt>tNLmT1e%s+NecRlVursN<q_
zv^JybGR!&?(QL&e5~wZ}*fVV-(tEmo?zh{t-C(?~ZQ84@bE;Y_(AIIjPSM($UUj+r
zz1h`#=HkE{6}66f`j19p<JLwxd9HsDft*ZPX2q_GzC0QQr8i9lb&}$)oCK`5i8gBd
zsq#G9S<Ip8|8F`N(!|(pym{_+6$SBq@tOLig}epNE#?1^Frg@SXV(AnSt9=*?C<Q=
z<o|=cz1_9^{}508L@71?Hq3~xbFTN%vofe;GS;{CC!80AZCSr(Co>LKHt)}l+&g*6
zA$ond>zC5SH5pAQy;3w;=PWTdj1{LlxHC3O4)kU^f4Bl*S^Dr5RGXhZNg;UbtAY8k
zYPX(Se3kR7nrOWB&~|Sup;XNgQ&ws{%iW5#MB4~eG@Oae`>$bG0=b*(ye-waM9w+j
z25wE&lCXRwmh=3~nP(FnN20Sbtu{o2p8M6N*=hQI=31^zxX@ltu`|UXBjVM4pfs}A
ze{R%chrCoT57l_op3^2R_q~rpNcX4Ru0kB><rg%Y>j5awj<hvHmH1_v;wYP?!o+mP
zBRV6Fr$deE391ICLVi6wWrL|%leF4;53y?N-qyWZDnG;-PLlbST@J<@r+UCyLWuKN
zbK=|xBVUFluF2s&lEamV;AbO&)eRqI;BN}J@ozVl+f)l~wR|3^Cvfw0#I!HXihq&k
zw(_5LC}T7s{wU6(IGgym5K})Q37KF)9l3B>{FmL`+Wqg|&XXr=`R_rV8mWdDnvSZ<
zJ%$!#gf|CLnHBzfwJ0j*((nCTxCuFSxly>%u5AxbZXHeLaUN^G?M@tf2sKb_;nBX(
zwGMaziEkiUimF@ns=d*0+LWF_iIZD$3oTmi-?+Z)kM`Ur{Wr#0J|j4C6oX6Y|C8++
z{oma=SjT^PkY`Q*KR^Ai?Th=Q{C9+8eMJ1(pZlQyU3A|(%k00OJlUzy|Luc=oi+V`
zi08A>|25%nA^a*DhHuHf*2h3-gNnbg?_>^!pAZuUsb~zKD1;xSH>!uwjIfceJOS5F
zAMEYnk83Q#X&V8(?fy3%uM!M!+5PX6gS!96!S>F<djCJfqjzRTMZ>E>#RX}QfpW8(
zKqdF0dtR%ZJ%d8ExnO4v(MMw(Ls@Nxtnp*ztpXltgB4A2>Quf`Ul&~%=%tJ;5j^f~
zxnU$uUmy3j>|8)xiJV6A|2h&3((V2bCxS3;L(4Sc!!+V6w1!Jq7A&C_Dxo`20;&X?
zL2jrSXSf@|<IQU1ldo)fTt=m73pfMOQx->^X<+ix+k^Do=BDkU8I$HAr%J!{QOsXa
zQNc^_xE(9Mn>k(2r8}3u%Q;+m_HH_HZLy$Q=c+mZX6F7<pScyMWQBQH6g{gGZ5A_k
zMAR3=ONG|lGkX5(^Uwpm{T~Kp3lG&hVCA!&eBIco8__oSmXgD1+PhauRJp4~4lhf5
zddt9gXNI3@@7Pvb-1QQ-=5i93bZ4vC?hY4?w2lA2t^8LB`RtblEN$}O68UfUV6UP7
z+1X$F|3AocTj9d`x-2x-$9b%Mhim#G?Ilu5m7OI^Bm7lsH2mq6xa!3FD&^JY@Y^h)
zZzfTy@F&JzOM?|>zmQP)A@;|NrXb)t&d`75r43ncxkHF6`flFPf5g$J8&F-_vfnD4
ztI77a73V7g{b$u6>g5@<hM8~-&umD(J84wz>*l3_f039pr0R2szlS(y(97s>pJZXB
zY=~R*CKGk@)s6~;W~IhSZD|WdMg`h%_N)WVf^EF14eXq>*>7H)tIXLp0(uj`Q=PQo
zWt_!nkwW0<5<2r$z5YT$Jnrz^&-veK4lvEJ;s%!8{~sLg)$jigch=|sgFJG@4jy}u
z);J!cwBP~)_9V)?2Li|~m~5C}4|7Dtl(6fV>(F+34XAJcIgOQ<rA=%vKS6cx@u2Pi
z*mf1QaU=d@b8WhCUpH9O97AFcMw8@=S}v&Ig=GN#wdunBJoiukn-bvi`~Snb{I|cq
zzW;lW=Ql-o*A%yf&~+INbg|7&x|O%R$B;WoSqA8zRZ?`z{qJOhUv2=fc>nM0?(Ej{
z{~heE@Bbg>scKYmUhc~>cy8OabTuZ84Q9TyhFtE@naFm5+q{v8zeJR8ZFm7xH*EZi
z(~WyJp)l%)GR2+awq{<cj%);F)KpH}Sj!FknNTq%pt1<3FC4V3hPY<zovQlVx$yAx
z{e)e;@<}Q^-g>gWHcO&)k=dx`^-|8_5-d&~95otr7V+&46J52j*Ff<%CE*n>Qf<mr
zSuYzZ#>rQ~8{Jp%J?7*Tiz({WOuu@YFcdz;y9bB7NS7g{Wy>wtc8gJR6QXg;PRx$b
zH*Pf{;m*QEi)PaamTvXWwyYbd-e{~^QB!NwhD$F?I1$vHP2N&aw{3sh>qzIK)-Fyr
zikX8|mAe)7D(LDAGAfbdzyy_pGV3e)^l8}mEbs(<`qZoTc<N+zZPX}JzAju*B%8V4
zNj4kab=6`vaW<ll24z}W^UC*?lG4v96Hgu3%QUm~PO69UYAR8;jh5sbGt368$OhVX
z9X{Di9rb$66d;||RX&hT{KysoiYR7J2O`Y}+AqEQ>}<1wB@#g*FApFmrE9?wv!0y&
z;1tLeD%};;{QBVo?0}9kk}lT3H-a&POu>GvQw6&-*_unZ-p;Ht_c|4E16M$iRW237
zsyjA>^;Ke5b|s}t7olt~e8a;_<q@hZdP_!B%H*X>+-8Zli3wY`Yb6t-TfdQ_amgm$
z*}m!7Q%$w#7HuYBypPUZD*~H8w$f|E5~Ou%%gT2dz0FtZmMW8&Iu+dk-}aoZB^h?h
zw&WkaE4F8D7M_LM$<5bOZM1bmRf;d$Q%y2i&(&i#e`C`qYT&%C<?Cs0Qe~y8w&cFM
zpHs)}vF*fYfS_i>?<mtTvL-)W&Cc!!ORYh%8|Qm%_TA>p=h}={inO#=0net!UqqBm
zq4qV?olk#Jo1L}VJ84O2UpXafUpqO}W<K+>Xy=Y@0l%f4R=67ouVk$1SPqp??aNk#
z8#TUtLAWKBt%q9UB@275GSihME$6GhRMEw7HX*AtQ)TNH63E62owse+4!fJp4Y{o>
zAdxN9@vu_0(!bwM_H1U|x)F0#&rx-M`FN{1t!T3ejY~R7nv3~y%ygE;`=O@(3ItMx
zG;$Ge=O9P5CGe#+n(OB#&n@-;#?W;o3(%$ZpW9Cw_kV|L|KA6BmRdir4L#R}o@+zT
z+Z%dz<o)_{ntFC2<9BWB`J1!pxyjQw$QPS(-s)Lq|G8Vg|KHo&-uu1hf4d!Hbw6Xe
z!L!8vr-Lt8+gE-T`%1sQ8^55zWdoFz4K4vJnhBivIgNZ=2+Bj8)B{gn6(gcUBmOZ+
z>F@HnFZpkg1?V#RFaNH|e^1u=KOW}!67+vf_*=+pXKbhrp1CDtRPS-G8V1USe=_l)
znqi=Bx&QNMv^qn$)c>a*|9N-saGn46VV>qS%yG<Fk;^UgeGyHFaP`dYo?k)6tf%@4
zN+r!{v!itwsr$`du)@@)adtGraZ*b6?wjgW-b&TYfLbxx+5~?8Q-*6WRNgIzqNRx{
z91mi4`un^Bxh?(YD@FcO&l38-w|BVHp#S^p_|FgWIQ*ZhWUJ<6m$O}0k;`|AN!(mL
zXCtWg2B+m6y)wY;fws=~{mKDTtyP{I)w=g}YWzW|ey2Hcn<=q;cUl_i`SLVaYMPhg
z_Y2EZMmy$8hXHjZ%R5A8MRvrGvbp4E<)2Fn{KN@!zrQTFfHLYG&L*TffSv8#eHYln
zgM+;TI2K;SS@FK3FJ9z%LQ;|moRkcCOF_rl!PmFx@Ta-scOtdE#Cc<x-$8cz!ZJ+G
z^ER;s!GIsB?fa<ak@hI3k+J825;5VA93M6LynR$~0xwO?yX7vr8^+tTmA?hVe=*IV
z?0xNh{Req&$^Y5N*7srmv46PVu>W|nz2^TO;%T-2FtfWh|5%%Utj#~}Wd5<X`WT|M
zvBz)sxv%rT&1}SQ0?YLOdky=K-Mxc#{I3UjZgl@=<IS$^KR%EB$Co$zxUsdzTEP2V
zKc9pC-_ZVJ`^l4f{KxGl2kZOa2YJ2({a+LQPs`0dTI@S)4zP?y#QAH$1s1o=0CwB`
z-^lyjk^AreTE+hNpdSD0$=d$ofu6el=WhA`*4$lXlRF!u+xGRAyk3RLBku*t<SZFI
zEMd?&$wVAN^>xPA_0#s;lK!h}&J|5SmeK$1?Hd2LyT7-N|NSsex7x2W@1qJ8@TaBk
z_iS${=D9u)SVjba^He0<CWF-BwmS8$go$`8iM&?S>iAk+<*&$mO<32DeQr(vJF`7C
zpJnv_V7H$CcmH5}?f?HEPX~ps-=DUHCoyXPw?zJ3{RD81jkX3g&2NO5Z7EtO=^yH$
zdY7M2_i!Zr(atAxV`&5U`S54O<j>4T?idE<j0zgkWQg88JB2p_vk4I@+@Fc!SGCN(
zqZzhFl{!&dz>^<ZSA!{_m6#`|`p(n*Y;CPp`1fi4eMkC_mE^bN7+6OCcb?SsKZn}~
z>-g^v^0e;+Ezx&rg6ao_(H(qg6Uon`k0`C6nuni3)P0|UZS8iQPz$OoKdK(!Ol<jc
zEq44?o*U8sU`moSo@A7foAj~l{_kL??*F;Fx3jkYe2}M)PO%V#WgH2L)ZC)$Dap{N
zh!e=+mgDdWPY4gZK7u@PyvTtYM0`q;1Wgh;QciVoHrYaqBv`~Vf*>w-`5tGH*GCzd
z0LefbIV0ovy~#26m(2jZ&XPHz8Pt>@p`0+3#2E>^;Q0LFTu?^5K6*yelxFB(&(2X4
zGwubGSPbA_1-=)Ieq{sr*Swfc2J#>Clh3k2+0Y1wS4ED-aYDHFIN;a0_c$2gEAMe2
z(%gIe-(Da63$vIO9Gx6L=U$LA`U?q#7sL_4167XEUw)4y?MD0m?D^60%jZEF-K>wr
z`+sNu$xbc)-|o)-I{)*-JbiR(=NTR8JOtiJ#sy9ij>MFpx6KmoHb8(I4hEB0Op8$v
z(sWSjFnu0R+7{3z8dC;sK2wRLU#eShbaZ+Wn0NYS9AQRK!AXST4E@tKjYf0y_D36G
z2A$Ff9oYyoyacSOQH^NG2LkgeK43-W;~a9?NJ2E|3Rg4OloS#EMAwvEB@{;-jj#l%
z$Z3Y=v|xx{XBuLZ7fC`QG-fnKIJ2?N?0|AcXK@51?TR>P4-{2}ZHGddYOgbmd}Cmv
zZuMFbFHdE&YXu`@kYXvB4!FRhgbb=JZ0e506bl0qx0VKoN*Zhoc0I2z*9T$bKSj)A
zLAd8RQ?V25?EekQ{DTPeBS}(pX0mj|grk#eOg-=N@-n0urwQ>Spoo#2A{<4?Ssx)y
z(*hz{o8h&64D^^|3PbkQkeybGJi>y=9zE~koDlT((tf-wQ77L8e5w`&AW!~tAxjO^
z5|v%zEJ6_tA>o0#fxUpS>b;@H3+YapV~ll~w`b2^JU=>re(~z)<@0x~BW~Fy?f{hE
zV4-{;-fi?Nzc<l{B=lMWrb@e=FCDKgx5AKr%HkCUU1aUUR>Ofc&PYmUgd<r<u5M>B
z$%RidSofH78pc={-awXAixvPR2~?188A%A{B&dwv!m$(sw&W@}$R`W~KeP}BP>R$i
z{_V3LkIvq_L%y#&bf?&@xEy3vZaKhx^oFASU^m$Iyfc%30uX32VaVk;B8t#v^csze
zB$*?-z(xr{V#;VSnW7oUedw~9$l?;3yR2l^xRlh4pq!BzFig7U6we465t5-Rk_&{n
ziK?xLj0SdF0(+{fCi5*D`5m%_koN-7v04o#c?i139C0EfCrCn(%;jkzOO#38tlB`+
zS-oaZimwPqv1lK$Y$GGrsIuSC46_)DUDjgKU!v=2oN$4z2+8Fl5e^cPIe@59;f@{s
zP%tqiETxQWxkxkJScm6J6mys**;1Uf03hcA$_RCA;%tr*noS4`&?yXgOMYn74BS34
zE(neSbfU1xaY`DKumw%X{d&r%<eD$h6mvDZ#*<0{BOw(O)UoLDtjI*1l4CXU%W~HD
z)T|#DL>9(!qh}K$hv-b9QVwkaOlFJ0p~U2>tn57BA5#_*ITl2jJZ=R=jQCoWRb3nE
zgnQ=BvFE|2RLn^HtC>sK@929nmhzE40^)4av0vj%FghrBoJ}rZ@Akv8Jzq?TI=lQ4
zv}cGyoJ}?Zi4#r;kjTo)q`6YH07;C9z_CQMqyUm=ZlRexp-Wo%h@-b^#esJA-9|8Q
zer|3d$`C7HnmMU0b4^zGuu0(flwO;ae52#6-><NmT62h=XAz_a_q;b0mZu%S79trh
zn0j+rP3fd5Pc2c?C6F>Rl*;KrnIsP`09tE?hz1})Cu8?}%n^B?Q{eV8xr}~%^XBv%
zTANZX(fjNODW52tHQiK@tG+^|U?reSH=%(ZLL&`~*&3SDMrVZ-OTD8gisjtkMAF6b
zL=0(4^qRo1<LKBXECAb5L<>tcNAx`!6|hL=D8+MNS%G3wic(2146jNV5Rw$<vT$k;
zn9SkW0nRrgBm&-*Fj&P~l9mE}RckU*h{$PPfYSET%@llTKu%%~;3-%)<jM!OSIwe5
z*lsCs3`PkZ8Fm<Urp}9%Mx`v0Gnx}7f2LS$YV>!C7)ECCydPpS8?;<>3OC)gg|o_C
zd1nimp@&s5h?5ZZq@KdJKb{_;Yn)u^gX$gy9^Ywp&^NCo!J?U;7Kw=S#Bun}BEOmi
zT%t~%{Y`NZg*bx^2j?pxD2m5p!X#xk@{JS$?^Sy1Yb}*L4k}*in?p6jRT0$lp39?4
zk^7iyYKyL8NrthUvf8`|Dt9~#DneMG%Ykfs(3+LmI4fTU=(#>1M{~PPLECm&$*v8j
zy<i2|g8eGdH!={!zpCnbV*z2QY%N8#A@iHIE=Rhm2~i@Yv;R>LHXou#A1*F3oRW)+
zr~lpiFHTc(p<us&+k~%rpB|~GC-r1vHpeRZ_S@i0fBo*e(xKHxToK`v@S(D3mk*Xd
z()opgNq46{YP4zCc#&>=`)zOz@P7B*hi|_P;MVsgG|BjP-+kJYn2?3QZua~6ci(N6
z$IWvifv-Hr4Vk@TmOElHI`jNYO&KYtyE$K`mDU+EAAehOW}y0vvu5C0eb%h<V#%y^
zPS#ny0cad23B5)+jnK2xpWw89Nm9z@wQh`#>cO;9n4@bV;Zrj3rED`42@*8FG_2cd
z3(z30bpe`>I@Cd4nAKs~8a?43%j7~u+MHRm;bv#Uf^66ZF2cOHC^(*w3r<3sMf^fg
zfs+rm#9yBFdRr|k=<QzmZqv5A>Ev{41!@(jWMu%T3Q9^N@|UN*I7&!w%lx3%I2QJ&
zl$nwnfZ39mk<JKXaa7IKC?RrxJ97fxYFVt*^>$ZzQ^5J2)2OR>PNVv4!`O!9Z@u;9
zj<}DNfoGEoiG>R(COS(*^>A@b*_D*0I1v}4xgh-B*T_x4gSDa|dr8taa;0dnmI8v1
zziPWSxaO*D{{dInb(}@?dWiN?bwoUV{Oa|a=flU3(K!)7%&?M2fuFAvHbcod)l$D!
z8`kLk(dmg12)DFS+z9@l0vQ)ssHCr0%q8Kyf3<vojyU2)IMrg56u)xHc??=97yJ~B
zsF)f>7r>`&(Sn=bK(2KE2gwhmaLXk8D#iB=(t#|s|2k~Mf8IS@-~T_zQ?o|GOvGax
znroIM4oSwz5FO<>oDzRG*lsJ7UGX9M=<Aq^%3ez;%+6t->5X2nWQbZeN~<2pz2T|Y
zp6z-#&+X5h;7PFUMTCbe2F7rRj+BO8=|?0{DBDMsmF!Ka%_!Xk(Ev!YUHje@nO{>D
zf&W~!G2iLO^O1d@;<!wh?<11pI2oczj5Ah@V*2-qd?9<arf&9IS^QU=O?gbFEv3z;
zvM{4maGXVw=<vVilnX+GsPq>6m9SWd*i*l{_PJ+|5dUT<QuenFGwa!SKl{PncChz*
zw3GOwKDVI%jv9HjJ{Hse{oUP$|Ht0J&f5R`L7qO+S29MaUnQ8;skatjF-I8v`{?Bh
zUujJRiNJnJ7C0thf*G-wSVm6HF;|kZph`(<t;qw=gG9ti>V!~#^C608cm=WQ;H@?*
zm=BR&v4b>bj4~4WodgV_K6-7~USO7>8zk@qT~8?|Rs|PxHvr!3ue^r>#pWE@vqn1?
z;K>lp)Tx6&f3Ct%57Ei^6&0t9Z~|V`Q9L1BfC|NHq+~{K-+6s|RQBMzFB|ifV{H#;
zvw<BNF>W1|mtG&eD$)^Qh>j6WA~cP;#FD!6lBW(_s(~Vd(Igq+@X9Nv+_`>NEOgAx
zt=-PH$H**}1OHLA`65nZF_a%X6&)P(iVz@N@%TBniItVs!AZfceBE`wXLgR|5acYq
zp=e5y9E<?4h#}DATwM`RF(phL<{Vv5<8TTJbRD3)j@ba3JAwg|7^>n7VaD)WqUeJ@
z@@$1qD8)HP8&_X*pNn}y)Ww)vhYLv+Ioe1m+%AF5AaEzDg6gtFNxvfpci&--N&t2`
zzwE*n%5KzrTf@~RTh}5&eFt$l2GzXAxu8~dw7V0oz$Cz?L1#+szJ=xa%wCK@%mX&U
zq1>?V=K=b8T3#4$A$311=}N62Tp}?lNT_Z%D|;L`lkyG^=##n{CR`}f2CW8kFZT7d
zwz>cu6{1=JF8Tsbf^qi!(X&$t1ZZRxs6#Zy36~@9_oWPqNH&WZ&ETTCBzl;`jH=TT
z<v3;>+L+mt-+lD2qqCEv?_WG0s_kcxspE{dQo<#)u!cMBcO^;IcCd2*Gz%d<#a6Z3
zNx@(}ywJCE*xo*(Fo_XnlR}%QxmRD!&iinjkoP#vB{}eYk#IkZbIEb=A{K;iA>U8v
z#FwYX79t{4+sPORSqT`k2{-p3V_IYpniAH|ypJSSejU`H>4Tn8Db^W2ViUFU^)%)r
zjK}lR)PXDAf;tYdT*X!;(bwCAmns!d4m&t9SM@;7n7RkuIHl1hs@Yzs=FZ5t97v~z
z*y0%!!d6K#FirZ}JY&%3M1YM!{R>=$Vc*rS*uT%KfWab#nJ}nPv%$1+iMcy{MI&NG
z9p}P(qsX~n1gB7EQ~M7N(bp=(X0=(lPnwoJvVyLslG95JLEVz3V4Jc4uJ6^2nR%sj
zKaLJuYfQ>694i&qg)y+3{YTxD+4I$4_I4ltOi;lKoFwz|_8Sy9vSB??dns?~L+^s3
zgkZQAje%xh2_6q)T5#QXIHi(I8H^X4Fm1^MYOOevl#>%MAk9L;4c%r%hG^zeCv7K?
z#PZD6ty^%ml=2C4^fJz3xe5WLb6TK?qHCO0M&nc~GHrtb;Ek!=8*w(#?I&?23*qRO
zf(xa+l9Z8zgmcX1;1;0G0`=`TOXg_AFkombSJk5u<&Of}Y#N(16@7I(fp)gHQ}aUW
zrP1O3%h*%nR1{txmAXReRZ8#ezKlK3iOp+CzGh^UX#31~e%fXI&695qy{d<+ekD&U
zcu`r(Ci)jbDqF_u>?lc2GC|lF!_w0IH6l(s7B4X!@Q`5%P)`<@^gPaw3!Iz_9A2sN
zjWbJ@`2nYK5<@zM-pT3gu(yTe|Mz?E+yZlREc8wp853q(hI3sWd>H8jBB~^;uA$dQ
zaW-Lub7f0Rv&!D``Y5A_r~)}*X)J{YFLN7eIc&W?DlK3-PF%2PHhW%68`=^l!X%{`
zC&DuaaKEn(WB3C#PGYY_w1h@W$DKGWX}``ZWoU!rcBpt=gnpqTt>`vy%5yfSk+yXM
zzCD5gWEC1)E*)8Mu{Mq7gkeEh>pN{46K8{C*Lrk-^EgPOzMeEaa!+gX-@pntgH-1y
zLOh%jhe9JX!aNR-3Nf{a7!k|}dqb~C_CstW29a<@%gu2E#~~coKe1$pemZ*r+y~N(
zpqyYnr9~3ii&se&VH?ERL=%U;*(tgei{?@qG)wZO8l81RcN;M8N`cFP@kj_9PSw;H
zuUF90$2^p5fn0ikDjuLSW2opD#>{quy@Oy|F%Ba-BNf;&wEoiZrnQ$f<w1nN(`rN#
z$){*8-rU8XwS0*sd70tFvVMwsyopmn3lQwMGXsXo==pcj_@SfnPje{M&}r_|H;kdH
zL`|<$F$E!IgmPG}vz?y0wQ`lb&Xk=4?+C)DJVWJiBI$;&pjQWhBr=(mgVmQva`}0K
zF5oaExgb#m-@NQ&h_-Flda+l!#$}Jdx-@##)4oElqHNyn^>pFj40UL0T{Ej{G}@hR
zhLadLA9wNT+zn_q*nOfGVMeYAtAGbRtpr^{vWb+`Ep))pJrs!YM127e+zwbJpgk0{
z;6dF4w~tO~WVVl4YvqP9fDm&^XhjDj<KQ!%0bM&bD1ikqe&XsL))_;J=Wq-I>%bKA
z&1p(%{HPS-<VIqkdzuk8M~U1Pdc`Xh$XJOP&&?5N#C?u7cDA>-|F(%nWEx9KiX<S3
zrAG=$V3Sxv7IR6Z>sEML9l@_-<*%yTxX!C|O;D$yEofX40TC;8LaZFAibU83w7lWi
zRvSG;4OieGQJO`nwW;9$K?0p|A-Vf4jVxHHQo<M!mjJ7Jj_JSFn5FS#DwJS79vegG
z|M3F-r%+I<vrb)kW8HfI9IFAcllAGNSBA%tbFBKS+*bovW6lwyd*p^SGwv9cQwmxb
zC)JU|0UCz@5=;UktV`Mq!v__1*{40pk@gjdGxw@)A^+A#20$IO)7eE_GQ+ymX_YlX
zg5ivh3FC&!Xz|w3xSrAo(M)4OodrQBo27bj4q^9X?cAnq=c;PSGC~qh7C#^d%fI0@
zRgpr2Zf;0V%je;RmNP-Bd%3;Uyc^qU(0#L*Xp!<4I#MT++>zA<sJBa=2UWF;EFN@n
z>*v7k4ork2({Ga%HGFYTl4yhaQ!J*+vlI>{>+Wi1A4{&eXUs!vr{5cvTC4MMX6Ycv
z3T3oc0*WccgQIE`SR+2aq>|ufV>)bcxU_mFbxgpOpi9CAebaFVuiw`pBGuX~6o8E2
zNJ{}oNHL&-FS|mVNmW-N%FjUGA-Og$mO>aqNO#M_S_(s=wTB}`h@3_DS|5QyO^|9)
zzrhhkvXBfWB$KsB<hmZ<JeGTHcYn}V5MPnG*)9HT$Cq2OE&?h1I0$?5;=F!Ns6_?F
z;U$))j>Afe2&Ffq8#mZG5GY<f=CuYsrwrLin9lK-RG?Hl-hJbY=d~=lYlV%U&R*Ps
z7yA;!RRe(jsT}04BTFK<Uyzb6nE-5RFTS5EyRhNz&Nl}EItKSfu89V>T!g(LX_?uI
z1g!cx(J~;C%r2bNB`;M9)>@PS{h#D9l+rIIk%Q;|^S}PLzLYYA%*dCL!IGkR&@OfM
zk(M~Mc26@5Q)1hJakO>6Ro}#`08o>1Efhb}j57I}3!LU0=`1Y3lfu2B(+?vO2JMkA
z$~w8aD*@hCi+}R0QXNmL9XOYvx^vAcgi}hnzMob^|Ns22|6TG88478V#Ju$VQ>4;i
z5p`dNU2yvOS&v0f&AP$m)~-DS)j=9KyxosN<hu@<jv38C;82{Q@)Z_{6<H?NIokLE
z{1CU$c@c($L?qfY8?EW;60{vWEfhDTnH0eIz{Xt|ND$;deiDyKI1dvt=*yq^6l+dk
z94CUXGX<D4f*(L5eMTa^h3q{_In{ar*;_!R#0FfUz4z}CGnHErH?DTza#^`%SD_`j
z$8*eZN(5nCANCBV+@%IubE9aw(gNmr0$beZGnCV4$!fG6Ym%1I6w7lzN#>Hj<yPTu
zRYO{;9FuD#rHcr&$YoH+F-f$CAEGRt#96u5exV~+rTPw7HXL(QCgGpO7#8%!g-G*@
zl9pclLPy}cQpy;s^COPQ8Q6`88edZ5QuIhK)ay=-SzkMvtd99On-E^IQ|&4@!wG#(
z^;J!8rOE4O(puHjRr>I{CuNn{Ft<F_tGcRg&~B}%x)1nT6je8XbY(TweSq4krLsPg
z@vlUC;zwAJb0Jyc$sEOFDP4Qjw?lhtc1FR&{U;Tp1%W-1{jJ2i6u<u|vqWTwc08|s
z-TE0XTR-Pj>*u{_{Vdn4?j>tqdw`+cZF6U8FHH}&+pkzFm$Gh!Jz2r4ngEn{@=Wqe
zOdyp$zIKo2=m8x!kv=*#W+Ey;<q#bu*Lcp6xq#UG_&Sq}O2Np-S7b(*r@JwCoLP}1
z_U2bd(i}R53bDg2;9A&IhjUg&Op%B5UzQnD60K|KP-{bpdkXJ{?<FeWjgDMlJ%X`n
zC+5h?qdLF<tP5=?Xw56V(znySPFCBg!x{{@2MJddN|0Uc6;#cZMRqXeI)BaK!NK0X
z+~h@e)cWof&CVzl7C|-$i7DrGnx=pe296|wlTG{(Cq$VSI@k`Kbk$}(;wUN&<<9?o
ze(~ny<#W$tBMbqq`~A{{M5Fxw1`+)1`=e*&KJ>Iczc#@+&yQ-@^_2Bf8Er(LgrMrJ
z*v#uPBto<hJdR3h7-ea&rP6qTwmD{UAdGNHho*!P&x&x0@94t@;Z?n`-ak{y1=4rz
zp8TON@bxg{rkr9Oas$fdj7k!MPL3V_E-<h;IW8-`R7+SJ=RM-!fdB@<+VB%?3^t|A
zIgnKc@U?D?1Fgb*@|R}!)y*%!aupbwDZPg9Jg`W)Y>d2*IcS0PE5qtYiUA7rT6dsN
zWh(jup1>w*gzbPR7!lbr0$@BN$vh~jjfv>P6mYL-Mz+w8l#4giT8t^u`+cmW0}uz4
zt&%)efW?+OnJPO7kZ?2Gn3ZHp2AQQwt3xxjmRFIYxS$MA$Y7=-j|}>NBHxT$sbApT
zY58hcA4uy&%k@#4X!**SY$(w>*{6(#&Sdx7@VYWiTSuTQq#Ho<Ij_OY=iC8Ves6{N
ze9j*L;66IyJf36-t2EVM0x=%P5Fd|+QxX;64G*r4Ucc{|kIJw`E6I<{OL&7!xTNT~
zU~x7%x6PbDOjP~)`Fj!;0E(`q+B(<j%r}Iky!<5TD1-|50VGBDgZc=0Xv~!W1l6t;
zLCEOVhUg?~d{k(yx2xJ#;)pM&#fO%?K5`>cD}^zRbQqed5e;Ng%xQE~wXf=<AL92w
zwBaU_C-fTq<DbtB88$Jdc$piZbj)Y9D+G?m#23^jvp5viL<^|1VA!$pSq`OhCv}rS
zmPSwZujUcew_&=Nj=&W~m3ujLMZ#&Rgw|(M)j&w`yRBDb5IwUVhse|I>&q2u<)x#t
z9KUMOhr2`Va{5q6i!xU$-dATA=u`D-^3hJP8|(%9o<sm<5bi>M$@osdXQ4^(;72sY
zaTaJRW?d+q2T{fYRX5<pcpSg?`o{9tHU-vxSwscbix`&l5cPI@l_Dg{_;z*gyBiOJ
z&zsvAgwb?9VsT^^p`-zBX}OfEi;?o76cLK|ivOv8lp`1-oJNQHE?Yj4!U4(&i>Z<@
z;l;Q}kRU9LGi<^VfjL6uT5WF|a`_iYVggB79j@n8{)cSv6goIpF&7LYE@(nnxi5W0
z;M#hKUQtcCl-8-F9?#|R&ue8BIqN9u84aa`QCkE!XTLkhR7z13Vy(ixh3Bp^*N(`j
zn5cg%fjuIkS|+}fC20oM++!u13|#EIRGpqG6=AFYf#f5s0|j>twXv8gF}67hiKMn}
z#B_)T5t$8~kA6ZYi#t+M+ReJsGM8lBz3Q4jWibU-Kf#>80x5<n?Xy-c^if_fQl6TQ
zlR|0YZCn-PCaIeKtNrKuAx+f238I)^K`z}uMGBAnNRn^DpZ?bd!|BI_(){B%`nWOu
z$Un|Dqqo@q_1(v8mXiPZKcl~8@}GQD{`*x+<5G43A34PYP&R)$U`6I=HS43$oUAn@
z0ghagdB16NZ$~JZ4>zQo8Lc5U-=-!##&?P;0XGH<;9K*j`EncfQnn#ips(KeVxALC
z|CB1I*Fzh}MlwG(=y=VZflO7t`6!o&eJy`{Jg4Cm5g(sTF*}C2`S^W8!z=Z->O-+r
zYB=_9Jsu-CDv{!&+DT3=ml>0s+{YRt_p!>uHJ9Buo`6T0I<BBm5(RQ<%8xbozi-u-
zmpCt{q+<-c)qn6?^?GsbP@=#w{HO&<Eu}kon3x|mXT$bA#<i0VXl0z(ND#19uK52)
zUnMAQ!<N-KC_=DR(<2~(uS(BM9oj=~0eK2nSGyFIL(CcrJe$Q)jQuE_q@_0~%(C*Y
z(gg;U0>hnPKiE^nX729MC%0)_q`75C9Yhc0dx;{o^OSXig3m#f1GTe5>+oBm;TxjC
z8%w)RJ8H|@FjOlMl!b8KBQ^PQJM$!q#j|q33W}s~6ywC`vU3_)`dKZkwJLq|q7pY*
zmaarT2K|>h$KOmD;ZvGKL$v29BKi*^l#W~e_z`k3mse0V`*{u8F-h>;GDhHTT;-K^
z<U3w~nTylqjy!eMeRo+DMo`9qwnL~!bpFkc!LV#I!r*QbjDAWP%%mn+=*8}t%BM6c
zgS53dou~_06V4QL(>cwQ$PXN`(!YW*Zi->y8pbOdx}bEXEOo^s&BYvTh$%4<tIeH7
z*&*EY7%i_B%iMl8wU4mbxrn^S5T%u7#BIn}3)>f3+_eNp1@d$X_&H&qZOTGY^#v{O
zR6v_4f$Ex#5NF1&qADPSc>x*`btRzv5SgTU(OG%nqa2ef8u&PzmeHHE*2Pi3+g65P
zX-K%>Dya;!zmKvAuC%mqZCS-!9W)Ahj^<HWY2f$D2#-V#Hf%Uq2yB(&_eZLTy|}7g
zpqSf`oo#b};`R_{%X^5koAdy$)ZJX^WmQFQ8fS5e6Xyb#5fEGq<};#%Zz+gN+6NH*
z>+}ezOFXbM!9vKD4NC!ZAI7??FWW!U4XPd9e!t=d5LN&y%^FBiBvK}EU~CTY3It|C
zM;u?!g0Y}=+KE8r1sF}@F;SjIr!;C+@S@)9@faNC6k(Hpo)L8k&{OKYo+KtcbN{OP
zeF^5O@<XZmNpTjB!Oo;Klg8Y}98hP_OH;^h10Ukm^=lTrGvnv467oGWtfakjE6ryW
z)6xj~1KsJ*)uQmlhj*w4r~n0)Wg+!VG9WI`x2%d$3Twb<1p-gN-X2!Anxlvk72Hf4
z*>IB16iv1!%3nGr%Ae`EMf{&K3+SuYZ=RnA;=Neh$CCJOdx!gn_59CIo~+})J;<{Y
zK=K|*1RX6E*s6`@#>~$q2{35^bmmCSb#T;srQMu+3zF_?3GvnI<L4Krug~5*{c6L6
zuALBpe805lt|a^Hj7C(;(usVEe&ICBv6w#XeF%6?Lhw1}Z@1qC#u58d&uFgsirrKb
zDsR?Ca&lT5hpf!+e>AZmDGY=QED9djOJMm<|M&#1lq8%|V@dp#hH?0nMY~GEnQ&5_
z!50)q-{VB`du-7xB7`6SCpr<}xCGL=G9paltPl>L;x>s+P7UW^?0W*wxzPDHEr4CT
z#=@8b!#L&P;w;2RE~fb`ME>=yX7N!ui|5bJ{&n)KWg?;ZJ5S?npsURNqYq}v69=Dx
zcCweVALpMQH733s)^I_l?)J4{101ZdoljpMLz1H!@<3^O51SxCy>|DUr>i%p+S+Qi
zW4!8QTfv#mB?W5dPoH|78?bVr>1?^)zaRsPo`9X*C&6~G9qcSXzj5+_aA*$s?db~~
ziA<Bj;2N{&9uWGKnXg6p+ntQPUM)#*B`Q*&1!h^U9<|9jC+XNta9;_w{Yu96e4G8R
z^g+-$jvxY)=cDH)0gRS2!z3n|sQ5aWJYd>#djlK-XEC;xFFHl}W|<7eTFxOx6QY7p
zaIWr}E-x?32<X1#w83~ua^a}gL+`W|aVetq%waOP%|_P|H)e#5Y+Pnv?jHc8oQBVL
z{@;oJyO@$BCyWOoUla;*N&e4+!@YX^--E-$-8KLB5KkYSsTBaLO$lnKrwn5*v`Xs2
zgd*!f;_ezn(2@95B*36G(4VblA}s!u4|=z1z$6cM|MvRmX9yC`(YaFpNvbt??3uU5
zd_%<ok0PsTlgFLX6~g7XV%@epSp*U*>etR~w4~T&GSIN}m{OP0+J=mB;<o5L9vDh$
z5DZ_{zH(Yu_|<kZJ&h2!zLzJ0F&%)q@`btR?v=OV@^yLB-FyC@0w=vHwmQHtE{l~p
zR>Ju+6~+wpzTF9S_WkW13Z6OkmBBxY5zz{X;2*ItF3Pf<5fM1(vPH1Whb+0UP}{7_
zDMqt69fAeRI8KP<O`fK5Lx)o`M1XZz2+!Z=VE<i@H3ktrJzcKE$`WS6FN?z}(vd=e
zZ!l}xjns)gBEgC*M2CCuXPlmcxd`g{z2<2<c<ibBPK0d_Dl?;;OXY@#^BgG`<)4Xa
z8_EmWgB%n`Bcf8HK*$Bhr$_lgtJ^p^rC{Q1mTk<@hW3;_eswO(%0p6$QJaBxGOoDl
zm)xR?v#m^$OWy>Qf{;tephyx8?dq5=kI5E_QxAn|kl6Wsl?jmRQ2+fE3}*Or^%*W<
zv}jR{)VWFpXXWJ$fh$R<4`FI6ZK+OIUvKSyR#u@iy>bs3ogY?~sm8NfmC`<4t4}jj
z>$MyYz7v91p<VrLXv;@XO-nYo_qQJEUG#3g$y6X$WrueIkW~c*v&s1g!x&1AI?lqR
zh*lV~<o>*-M3UkRPe|mC=Fps-U6U@cwUSMpTLzYE7RoUbJ{_+JWyzv?E0s5=#|w>}
zz~CIX?$%h!O%SaPSdJWhME@zMAT7&OwW;@^wU5-W3i@xHCM5t)J%@z2)`#-54f4?<
z2`=0v)<W;b3#pDWzZEA+U4PR#>lSsFj<CA>>qllys?q}NjYjP{l)UO9@zr91_Q$9l
zyc^4L;)q+DU5#fh5*$ivy6NdZ8p@E?20GTsn=<<NO;HBbN-TXP<uA*U%VVm<Lnq%J
zY_@Cybw|Ue*nAt~IMLC_;q{oZQ5;1i3(!wo!yl-?<|b8eudYR^Hm(boeb=CG5dOdN
z;a~aRCH1eBthQSQLAE|#Xk&5w_RU%o0#E9%s?gR)<c1tS>m0zK9KphhUuZn5z-vJI
za*#Tk$N_rQ<?}#m=N^{H7g-}KEQbeP3#&7wDnNZ}+%SE;po4NpI=~R*t#!1ft~VZ-
z6Q(1$n%0?yZYB$A#cIp>)v%zf%P5@%+-a$t(+d98n09k)t2%85xQXk!`hax}{~-qM
zG}sc0G^=CdCS`An-#V(%IT1FKKXTpo)dg71J*I)@>i0l3pbU;m#41kL3G*PkuS9(S
zR=JBsc0xAD50wZG3oDlK6y$q1y2A2mwJ-;^fkya)<xSPY5ZJbw@d-K_t89)Rz<ZK6
zoSp-8lH~<tf!T=SP@tY#PnHU5p2(@vL%|2_(-Jn?`?Pse?yl0ZnS6$`2|*hn%|a|%
z4+^ImYP{K0*K~S2k^i6#G0(~CvE&7NDbC-j#3t`z6LuVZ_ypXXk6bZI3Dad;X8#z|
zL4$bxwR7M2tJ5eaklPIqeBEPrCSAKO;MjK3F*~+x+qP{x>6jhcwr#s(TOHfUz4N?l
zy$gGfvFiuam#Q&q%vslY9_b6GlfTQD434E#tQ2p<h*ik8GejyrTF4c0a|O!NnMPh}
z5QQeETwqq=uY({YU(bwSeTzYu5poM^t5i11G&fEvV$t2HpFWPv-<6UnFW)AKk9A@B
z)B@|S5^fX>zJcg!oet8r&$d{Y$Eym~l&c-cHbCdXXKjzhcfuoT9+++#(4pH4;N{`a
z*a7g36|S((5H|^aDW8dpbFgT!_ro-3zOGw=6--jHnpx(-(W(-Ar@TJ%+BQ|C{K1wD
zKf$5d5qQ>Qt-Nu;qPA5AHr81eF;ZP2P{c4t9tT^8+^VaGOt=I>)`*4#7ufPB!U$L2
z%d=E8iV+|bqa$fd({Ub^5Me8>p2@e<W_OjLKMlp)%_|T(qPwmRu6>`6^7!0*Yo~wX
zk8J!oLtZ`F$Mih{+NfR(@ZR9w_|6CbkY??pzx-=c6pygl#FehHDA`+<?hl#xNsOV2
zN-VE}_B@x#Mme|6TH_m>`p2E|I;B#|1KX?0s42HCT@Wl+!az*E)Qro11$G*W+p7Bs
zLf6jRIZ!(<KT^7^oX9=wjG${}!TB(L?rd!D_$!?N+*{q39{@!7sVWCNCuFL8zs7kf
z_P0Im&g}H3^ZK_go_)|*WF*%IOv(#lc%mC>3W;qk*XHK41Y9JqhRlShtkz-887dJ<
zEzOnP{47|oZ7n;u3X6&bAjPbZ{qhx<d#>T<0%;NmGFI1;ALwk4d1Kb%<&DKK0&ZP3
zt3hCdme5^WRZYDam1E}`1S%Yk>){&PVR|79A?F}WbyLWrGPI|%ZPgqV`W<<JqG;Dp
z_8ynR?PhF9mVeW3pd6HUnQ2r%rU>Ah{%ynAJ)j%3Vq&L8X$99&JP*Jak)=MTg|2M@
zi!p>$>Y1Mt(mL8x?zGxS#ce}we#4-}Af&;PBh8iCjh)w37`@emURd{|a@cSuCdhO!
zK?qeTfi|^zu#%l3NAQYAct|#8gm)4fWc1e(<Fln7IoV9vch;j+K}EJwblh-IwaieY
zve~#3*FIov{JPG$0(<Xo>D?0kK{O1#XJ~n11Lya{?1ya&o~{Bqayoe840nJa5Xq|{
zAwNrBRn=r@tttJA30j%TM9)*G@7q&l41s=bZ#xI)mJj>KO@7BOZ7sXRI1;u!TQY5l
zp_wbGKDM{NFiyJF%aURCK#J5n@xbko(#_W_$5cBw*3N(F)Z(7B>k$%YW0q~p;Qm-l
z$8N0+vNiQ?E%|vje@B$Vnh_=1B`gekzgPzBo7B{vW!Ih6>E6_A+^U>>VckTJwNI(h
zL2O@|bh6f}+94;-YpI#8MG`)0)}5y+Q$bYMk!W(fhI>^if&jknIOh%m)eRuW^*=;S
z)%AC~w5rV$AK?FFnwL(t2$STbGMC1bX&^u)dkJ=1;FU@JtcFOmZ)-oC&}wMSkgme%
zuPlyrhUE@by1J{3Rf{8c(6Vtmp_5<AbLQ3d%?hoMu6SJkxz5R!Ea<4<Z@oNS;G73%
z{Imy3b(d8~R;V_7KHUVtf38DMTYL_GEK66@T;7#UxhQNcqIqsps@Jrw!pov<F1!@9
zWR{VCGGV^wR;l(ec-^}00HFC%W4zkB;n+NK)pTTKyX7~#gwrutQrX;OvBIh`$JC=^
z>%L4EHF?&0#AeN1L%r<!eymN3q+X$3=_=ZhGG+~EY3d=Nck|Un#*Rr{YHOt1{$z5{
z*4PlVQ&@HDZv^*l2E)a}ke#-(T9)mH9}}@OQY|T~Lae2OZ;h_eEOK=)t%(i8(>Atf
zML$Is!Xfs771Nq%Dj2$anmjP6KUHP~s**UeUG}$4vu*^t5HK!PHF$Serv>9CH^?8}
z<=uZz`Dx4k=A+@Wy>jO;P|H7tWf$dSTfYN;AT_rIRfAHpKGf;}ss9JtaD@gVL>LL|
zCOl2`A|gh400zIU`e{r*KMpBW=MGssdheBd9f}HKmY{mr3&pv9?PV*3i|IC$c1r8E
z6C}RlP(8CueWCeL%DPuhSGTrA+U<;Hp7foLxj6xaTs=DYJr8%GWYWrZg`&l@CRLiv
zcKt~UjvjJQHv2hIuj;GG){(CA{*QradJy`r?GnUanxuZRWSi)b)y09tCqc+re73MB
zYQHTYV%7urc1Bq5O)2DizuwMke~_V1-;Fv7<sgJZK{j*FfkVh~GPJZIFRX4KgR~U<
zKq{Rt_>purMb{%AxWzq?<-*aNT0#jQ_GCqpU0J_>s`sN0>G3dH?VY}Sx&T7<Rz4R(
z`qvf5gx?#Bj*`YM^xMPVYoADWM1)jywcxWQ@Tgz-Pwc$Q5HF9y&8ksd8B%SIk!(q`
z)030mRbVhMB;%Pam7FDSlkh4l*(<uuf$XP|*v9hnbpBEf#3j8?YKvX27L(B#VxeYL
zev_Sj3Xw$ceNMj9{X(vz{S}>`<S_8++4V*B%?$@R$#^k>%kGOd<EEz1vYMq~BbaR*
z+AT~Kgxjw|tG8R-nvlBZoxy`PX*)y4hgfv1pTARI=r>w$D9fq0YQ`qjaVzY17q@`B
z4|~-aASz5$+)lghd$h0`ey+ge<lw4zmR%rcLM>y|ujx~JbX2;gOy_B)Q2w^sww6!k
zNo~>K%{}^jR3HD)OQ|Fa=`HV0|3R{tQc+yr^@!zS)@>+kP-*F9dt41;I={l4+;I7}
z9QwFbz`kPXcFK(T)D{i4C8^pLDP@7|V#=#raVg@U8jy_j_NMrXw1MVZ8Nbz8@vPPl
zTvW~#tBDRt8L>}{SCC2`xS&h);iT*eo3?=-QyE~X%&WGiqjt;YVQYo04y>SBDWqPK
z+65lX-fpC?sb3El!|vv<)V=ifdXty)qJP}}8xW`Jur&-Y_kJJW^BV-1yZc`P?vdne
zqf*MTtn9LuX;0fJZ%18V_lLu+^9RM*Mq|%&l)A;r38xh5IrIkv)E+e1o5H5lmxxtm
z3An@8wx0M&!y8{OI?DPQK6^ilt^m&__V(F;bHN-$f-~5TL|+9u%$;YVIwv~tl-hWh
z#t(6ROaRSn_LF~!3l8Vl)D}-)!wX{P2KVD<Z=-YFKY{qg8GqhFDcJpnQ#$%Q*x|Jz
z<cYmxZ2)3Fkxz5bK^<q{?dLoEIg5Qoi@rIo+AjFwu@CcXgzX_GOSylR$+5az;XUM?
z(igLYT5sGxA8csEb_pOIApqjD`}qUF!T)_c<BNaj-Y{9A1n(q3*nRyxITVi?bTo$q
zijpJ=l1LV^5f6&5GB!bZV+501cztl(FO~z17E%h5tMF%vIkenFG{q!h^0M&}CRY#}
z5Vo7y`a;}8N`UD))odLKp6;zNX3J@`;Eo7gL{2^NmkhO?#?GCFb^op*crbcqhBp_~
zj}G9@Wvy5vs4s2&uU3;#HC-E_U57WNYrg3jmF+E#htWvh6Be&R5Mb`guBW>Z-^nLc
zJJQNNC(jD>X8KCHri{46g9DdB>0yKq6*`6s^ikd>o`20Hw0gdu^#uDjJ;^hWz!jvI
zMY%)9zLkarh?B-hJG`F}z10pSJKKG1tsnwJCi8NM5uH5?Kfpcn^Vbh)UcXKIR(nGE
z^AE})9#8u|G8AK*+V3Yh1S&sI)III#y;nLxb<oRlUzZcO7W68bdC}E7>+PuPM+1SP
zo7;&XoE!;Pi6(1bSHUNalydhM+De9wxl@0n!_?NnR3f-eLX0{RLvbr}K2XaFt(Fhd
zs!?&<3SnF_qYT3tiEg9KX?<#E1*yJ^Kfb4U0PfF7uE+uRoBBi$A55RuPlESfCl0=V
zd%{^rimzJZ9?j|T?0X$lj3y#!EoCkWDTgE7nfnv2t4;FtGP5W?F5W*<!1y2G?Pw^!
zIkFJVxJig_W_HoC{`Rw|b}HMZL;|y?T}>$d%A^8oceqAV$KMJ&tp%M_7jEMx{?4TU
z@y2a?)~s=Py?<wN7(c<QhDFfl|EwR~KPmQ07MGB))%;{}3xoKYpLG4)ym!uh=%t4E
zn1Amb4EFkXrr@@I&xQ2#V}Ahn8BgpiFgnne_H7ML?6~rn_PKkCxP<uhX1;x1rM8_b
zpE~on7XzYb`Ij0)zOJtb7Vr7-Y_4nW`FY3gJBt8II7iur&D#V6A129dj}S+>L^i%N
z`<hwt&=J3+Di4Sj#i?MOC9wb0NbZgffYu&Y92SZ%D*+Nbjd7(eqOue{-{Qx56cHew
z%tdM&t)~hK7k)P+>cHy6%Xr7|NIPV$*N)5z_mpuQ{Z(M5!ar|xl3B){rF76*Uw`=-
z(@4aWZ>s#^7mk34@Pts5rfMSoK_T}bt4olL0x`}yoRn0vE}@{QB#T?9l2mpC<?JGx
zNE!f9q{1N*H)GN$zV?Bv<KGkBxZnMEcbetc3z2ZDeW-P!M2ch$i==GVkxfwC({D&=
z0%_2QN-%97E}K8BrQ@CIj)#bH989iB;S9r9(*bxGy{6x7(Q0dIqA$UuO(nyQb1}k(
zq7E|^U1zzD^EeXJYm85pl-R*A3U%N_Cw`G8mY;3MvGjh&F+<Xkow`m1;J!KsuqCLu
z_y0a2jEquCr5<Az-q?^|@8mMvdR%1%S`t2i`!m`LOk~k5&Z^Z&LZrb%6>{$8ed3~8
zk{^q-Uvix<Nv-I$d1s{J*R2{v?~dd?gZxySdimB~`p^1;H9?aAoI38m(HZ9Y`k%2k
zoKJS<b;Dar$=+pzPa=^jdaJ#iKmZ3nor4pdgNLeXQtUl}0}chFBKuXd0=@0hB#x}Z
zL#wAWSSz^f^yDfw`bH>InqYMd)1BbegbKA6lNFjROJb5*#&vfAGT7mHzHC#1Vj!Eq
zyiL-KOZ&9!;ZQuYz4jg>0p_X=6ocG_P5y^Yy@^#(iN+t)CM!g5ckRW`=AcLUx6RSl
zI9IohjS2slkJ(OnH}{n<|L@$~+m5K#mKMIyXLHVZ`wV{CWTCbbG&Kc64`{Cg{V&`t
zxM0~$4}YJ*FtMs;E&W#L?qv)YTh^jY@wR3%P=|ur%VmTL#Pg3?ckip<FZz4nf0o;p
z=hh$J>uomRRWQd6(EGqP<NsHe7w|BCTigxsL#^@uYd?2QuY2{NUI-(N2bia;?NxQS
z*UTEe+O<pjiuHk4*YbY8hLE`04LI?drxoy<2G}JB`XTSMHvN5h63&WOYh{1kle=R1
zoBCiS&0j05{^r@;J|E`fDRsTIQ~u`@MZefIp7th4%XZC0B+{ilzTz>Vg@La;G*Tti
zaHRP1ayT@0+0F5GCQv--qz~zD3f=w~WxqtuE)oqsm5V7jp&fg?mq05wyeR%+E1t|k
z>#O`V!egoT6)9jE3e_?Eca~TiQc@TP5v|c~!+URV$CthRyMwte;F&Pa8qhu@w;<z4
zcBO8QYKui|oH9rm6FYH~cQpD7+1%P$3+6*zTiQQ-a>T4pkv5%mX4}n%31yyzOf&sy
z#n;(bZ*w*26jq?@swh>F&g_?bD}l<-(+QwXkIW~<u@o#>6qIb%-_1=vUHUC9*fLs%
zYasD&PR<Cm-J@u|kQ<`xP;ReRL?c-vny4V}SIbC0<wUugRjRWca_$4!Je9mZv3@6+
zog7~Aky9gdjFHe#wOenpx6X|Kax{yzvjF``q?SD6KS?Sd>kmJ6_*To`{Vy&FuBvAN
zVIFU%Xt07BBMEsD(^MTfiEuHI9KgTNaKqF+ggkaF7o7DD4MqcBl1QNw8$y*5hu2JC
zi&T(jp+v}?whw5&r}{{^0GDDjV;p|+#LcFF25iEyB5CF_N<kq`!=Dk%C?5T{ufy$m
z(H_1J(Iu4AbG<p)g+I+UVae;U`g&n}=&?R0AZ}_s8MEOI`Hv}bO@kZqkr8Smabpfb
z9IhSvYMrkg83xq14+M(ZpI>^r`Q9+UYo0l{IQ?e21-xlI1aXmh6ppYykDeuf?dk!u
zIRtpUKKMm{Dtu|y0AcU)Zr1Pq&kpW*fIUI{+BmsOkwSGA;?s7+zdR>V>Aox_aI%b1
zHH;*LY+ZaSRAj2*zoBA|Pj4%K0}yqQQxZb#^Q|#p1)0#yPYG0PUwA0VQ5`6in-za@
zRw*cqfX;$)fx;rk{6yDb$Z`(R)!0!B@NLaUZI&})q!n|hSE<<z)al1GgUkF0k`s&?
zXz`1|>s{Xa)o`PHGt36ZH|nVhSvhF?OCnJP{baCT06!8q*AB-iLMdwx+A#3s@%@xQ
zB(IT)@mP|rWV_Y>)|Yh5J7FmOrZ5eZO(lglV{RPx^~-(x=*U!pSq^o7oDPYEQ<Nhz
zzLCEeNI^i20aSKlRG^T&1gNU^sePfsDA*(}$K6p5%FDW!b%ZnAVr&oc!<h&cp3Ts8
z4B==X+(ILO0J)7`e{rPp6Z#10-Pa}2G4MAS?{5ar7{SrE`;EpE`W%96{$3B)hr8EK
zH8hubT6diZvOI<M_U}~K^fgDOO#!mxsjGuxe;|YbC5}rwSz0{F7iAP?T>IF%c=ZVI
zkC23<87T3Fc%8%}rWD;17LxQ`C}+7rELi8oAblJg+JG2R1z_A#2_XgwLDN%=*y7+;
zGIeY}K0~b4sG2=tV5d?_@t)dma>#1y<BqZ1X;OSq+`Hd<T=)|5n)h1Afc)@uB)Y_+
zq;}vr_|m`|R>7ANxLM^<NnT<~7vw<3obpgy>s3KWue%-mMK~jr6w^n*JY?F)iFXco
z!?zv8r(*LHl88Z|$I77&JC9v?U`(SS;CpJ9G6$KHxLE|KB+(&u!U;!Q&=iGCC0|13
zsG%TNg6PKbgspn2hoEp~ynFbHADcRW6KDphdqzRSK~VXj#mZBmp!HGU)=~}&BdNLP
z2bl|tgku(b>{cjKpC@jSVy~BAPsC4Q`^oUp+{P0o{Oe<k3ByK`#M_{Lo*zX~lo8k+
zESM9i7P!Aj_o2dwOr2)Qoi%ZF<i?xz;sV#f_{Sc5D%}QhHlb%r;`Kx@)QEQWZJ0um
zK`f`N%R!q#>10y!U?)7uW%NvZ-BdxG#hj}|qKV!ToNj;dF<VhD+4R=ptpsd(<Ijbd
z*Fo*;Pj7=3g!HIe>k!B}vi&8*bR@^Z>znBYn*W11`Q*b$c2@Pcl*7m(iO&Y?C5%h~
zCeg;5eAqAHY)T77%1sP13LOz&01{-MuQ_F`IDaRO+nr5W9X7Pm8Dp^fvALNT6^))=
z)dyXX<^QYV*6=sXJ!Q8VrNgW3Q>G4bvx!~Kv%OXxlDXH{oT)l$>ar4$%#kEiAJv<O
zru8F}z|Jf(h0tm(JiA!40v*|B^VE@RmIO*Ng-a|$qUxe=(?Of<+cI^bR4`mf;PWpn
ze<5Obm^~lZ?QaR02qR;k;Vu^h<=ke<D4L<8Dq})#fKhn+fJJ_+B*Q0~F57@Ub^Rkq
zBph=O&G70XaRYMPGAed~k^Z}#hN*v&P&Ng%2ky~JLRYIJa57pp-e_ntrK97toLohN
z`FxO<NQjntwV@f^Abv#q?}@}jdoO~OD?|`7lSIA9K;I$(R-dnpuE5gYTq&cx7Ggxd
zxB<V(1zJEOb;J9VMbDZv*)&`LLk-HquxH9&Kn}~D|0TXn?Po8+Vfk8qn8t31Ty%Z_
z8v4Oc;x(j4(%Xw>j6hvhW|xyc?(*NmE8bW(?;EGuO{f=_WBdfoYQ;X`i5%41-1?7+
zNx8xUB0RBVm&^7Wlbq~c6}INQ?^IdB-lDX(FI=4U+i;%!rHKNI**_d|Qu$khvki7u
zRNcD6Z{mmBjd*4vcFV?)m(8Pi8j<k^ft|E&%6U>B1WAUWb@YP9luAOtI3tc634pji
z=^=+92IF|(y*BI~lf?07?nUqg8K-%;WjFfm>MplD0NgUe6V^7jUpt(uYqj6GU%oZ%
zcL2}Wg81k<jE1wPaX6;(7Npuefpf^8-Z;IUo6)3V4JeerZJqx}x(I%k5susUhYp12
z;X2C^qnQU$VT`TENhI{UA<7Z_x=fr}4!6=3ZI=(&2*nGmVH8JAl&lvYAS{lJ3=fR8
z^bk!0n>jBWMo}G~&d4r3{3+zXLM)Gf_`Qon=zTRaf6labYaMimW*qU}csUQgxfxIM
z>1O`<e%8BstABy(p+{*_=6ga3OCxJ6Dukx}+c|S!)v27E99byR$r3I*L2?Q_6H&2N
zJq}u>^8E1+vXl|R;$c=1^8l$?yMcz&f(`@2=0^A!$4pXB3%D?SAidN9%|0kXjLiTI
z2Pu%E?e-LC?e*gy#6-{GJv7|}&Pe7%1zKaM>C6vz4zj&u9a<%%Nc3bl*pWk?PAb~r
zYQBB7T#!`h5O3d*#`gT$E<U|@9WzG};*j=`XcCwpBq_(5UBB${o}-5T3dQ20h|TJJ
z4rfjdOkhHsA1orI$|N|*)iSOsc1kM0GAbs2GfG8?40#GoaS*zojtd|WMvGXGPzf-k
zPE&Bqk_C8qP(jTfr{ITG*uOypA$lVyVj!1z`G^vwNfNv|b;&@wj6#9&Hd40E#od*z
zYe_1>GaSj3l7cs88@O|?URnIHp!elBa?V9xONk91#)1|tru}D*UUF=Z@`$t&*WGOo
z?$3t%oH}Q-@ZxXWkt?~`b7@b(bo0KQk-22*+>7r@hG5-KL4t}B-1(@TFPn?fJK-$B
z4^t;UbZIq0{Mk%X7`Y0eEoL!dO7Q)V4LmDO3}&9yWdU=^@-9)MNI`0jpy6^v%XX&y
z0I=|IhV=)VzeHziy|&uB(%12-8uV{H5L&ZP5iI3uZc_>B{hL?6yX|$n#H{$ZD$wC^
zT5YuxFIdcmP2<!vEEbO2NULNT;C$Ci@kL==)@0$!kW<29w@=8A5cfHuzsYSp$&;%J
zws<`4WLvkohQaHTUl}%<QSNyqRQ7@n`MwxatGJOyVM0WanOcXg{4fWi`Sn{|hA`f!
zzr=Oqn_Cw5%=mugMAC~_!A9!_f~&X9Sn3HZ5<>os^GL_Qr95&n&~}32HH>EZRu0^Z
z4H_V%mHyzrmKt;0YUm&MV>k~*2yo=Dg^cEvM7J08YR_TEHOA**<&j-GLs6FXg(Z50
z|5_~r&&P~A8qY14W96rN|B+`rInY@ncsfWi+n7{j`?<d5&Komm*-S7vEKzls6m=K1
zmAS~=-qX9r{Q;rHgIy>DQXHpH-8G-ivncUTHUd(0oFlzl^v!62!SyQ)F-6Pgtq6^{
zKMXOE;RrYEaG^9{R>+tdpOj^2{ALhRRSpEAM8Vg^F2Y@k1ZnvKyC#7$j#acTiG@_%
zndku*#k<*ymn@nifO!CXN2&6Q>llm-Y}O#Ckyw&v#Tkr)xGye?DFQ|<z8a?Yrz300
z1x_PW8+c`SV~7>i$=;!g+RmCU%6Fr7f2@_7dTBZjBGGzYph9bY!gV5-q!rK){46MX
z(l--CJKSlQD5!-Jv@n75N3OJCtk0L@>A&sfvy@<lh;ik7$&XNE42&cd@gWk;M<7pt
z7RIP3?MC6GQBXy0v8RBa%Dm-lqe-D)eLO4pT6PDM$D(1VeQt4Q;V4=F>;wSXoi|;(
zA_B&^09PPxo?{S22Z8LB>q5|gXxu(@<t2=lXhR|`?(|Uw3R>|?WRlh9n1W<5nEld$
zZr}n_cQKzvPa-eZLY3JJC!0d`fHZLl3l)ie4l=GIFP6s0ul&@4@WZbvj14tlMmrr7
zsdRkjb~0?}K-C!L#`ox$P|gda8Djy@$P*{BvMBSiz&~wBckzE@Ji`t$R{FKlSDNoi
z<CkjK(+t@RMA;OO4LvVw8gcwhfWl8{M`NvIK<wM==p%By_&U|#wyZetBKEmT1Sq4t
zU>b6K@wg^8Zdp2rl~AhlbokEJVJO&1fJR=9K0d&ipyiS@%AR!CH>%4qNfQce=p=#W
z99`2)L=pw2j!&nfoY7Eh?+J^QDeWq@Y+DS%nK|9R!(<cuGAaDA>3n)7{7#l2iH7XK
z!-R>Dg?f0d%iwG-d6|k;P~rSMrPvJ0C{(_d!?vjtf0Um+MURtri2T&(=h-^~R^BG+
z%H7LDiPZuQ>(MHpQF$1`+O(9QxI>fcQ-nRiLj&5Swm`7v-Up%=5>;hmk9@##G>06j
zL>S;5azOO4<NlbUTYAOlX|>Qtor${mD-1o9zm@L`*ITLKvz(mFDi;(IZ!}wI3>qa3
z`DmRi`}h`xA;c}GIgMjASC}B_jHS=SRZ08fwR(}V){7CaT99IvzLvZ_;0_e0)*UUm
zYPWT>4^pI@nA(bKET5iP$HvOZyQmwKTCd$PT4i&l)t{w`Qcy5NWVnhU^qD(M|0MI5
zuO@J14?_v3P?(M@Drt|)^37XyZPQi%Q{SHjUgP~(hBw_=G~KY+K6yYwY9W-?L!1ym
z7&3am5jDK&0^K2v*RYQBx^^Ctc;H4ZvnzRkkpEF*e;9UZTdUR%84hL1m+BIbOLN5;
zQ#>R}%pW2C{hyJa>ct0)9To?yEobevs?TUBf&<mbtZ0$b?lhRzoWR+9i6e0N5@vv?
zFe~+i-N?|n`b?}(SDS9pO`C0E0{Q@jrFB6WN7AS$R8aBML;CDz-%l9}<aA!5a(0px
zl)CQ*1{Oal5&-<8f6__VGPJdrtqN3<qM=mQyafEAxR<P1h%I(RX*{tlQ|gB|d|d{)
zxV6?HtSJSI%uhEHS+a$otgu4t86impL&NiGNMcTB^`^#D##$DL2@c7ozpLFgFwu)4
z`LtUID~YWAeXUr-oy;u_d*ZmJqFlsqDbRu5<a3u_fQxQx=MAw2hL6|&+B8TfwE}!(
zQd7+qO~>u|iJ1{|JaID4PKqO`bP|J~M&KY&5J}U`K4(7sfV+>x))H?!Ac!uBrlgBV
z0+gsMY5DJKr-Zv(K$?CqVVD;2cc2656+eCytbScyIs$kT++eImA#qPyQtaO$s_4vV
zOQh5j&<sS$oqGX)?Shun-^7`^GDUBCop41@wqqjBHqlOs9q)}_jXmOHQd81w&UN%0
zJQX28WI}>6Nf|cYSn7uc)^#+^8Q)tYKQ~62mubMGKB>aK{zGF8V1?)Fi@{KG1_nRr
z6-E691#sQJ=hyf(yAbvg$Ng%Ppp5-pRE=E>vRim^8=M5ehc^FwDqPU5HB)D02VFX=
z<USe2K|4AG`1Snp13oYDa}Ds+GPZNTGQsEM^h<tW$jGZR=S@u;3w*Lf(ImQL7ZE)b
z2`oP^y5S^({02tA&-PZnKV&#N$3*A{V)EbLVW=3>C`Ykl9F5`+Zr&g=Kl*Q|A-XjS
zN&GsM+FJ%qLMk9r0QncxJq8Diu#-f$J7(r6K)1~eQg9J~vsP@`52_ZeK82La3H-v=
zTaL_QA-?BcJh0$kyB&%p6<~kX?T%e~$MQ`tqbz5&c`Z9e)cZnZ-H4QbSoKf()8Z<+
zh+|JCK;@vn1;&#^XZ83Ec%V!28O2Ry2E@L5C!3h>l$*|9B9O`ZuQEJ)wt1itM58N8
zYPvqrm-=vNGf=yc)W9E6auVkORGg)(4xrz_x~oWdGHSlHQXh87+>QN&*{XwPC5+*z
zT<M+Xg!a;;-DN>M*C7@{bS=J02Fo7>vB14fKW~h?qo_;0W|T85%uCi++mz%vmA@Fm
zM&X|5;YlQewYJN0`BP+H+^SW=e#6jF{XT}pR*8Pt+^jS(mE`9bV@bug0t1B@Dm2uO
zJ58LztTu8Bf7|GS#l&rl8U1>@tJnFP@74JKcD?<A+_?$R4;{28&b>$@1y<F8V4@c&
zT`rRASj}^(u1V2t8S$KxUzIWpcLgi(d$fFg`LVrJ#{OfAl)>XPl>c4!?Yv6n2}*@^
zg$^rkrv}Pg{pnIF*c-FD*B#o|D0_X<yi5ANOK)<d8@9nOrqeK#2<)+I;6>zV!DsKU
zu3@7hK?kZ0k;FM+rIU?aXr&f}`tze=48THgo4pJ6qF^B58pN0N)P|?SakZypW7mmn
z*99%y)ss+|*B8`X;zwM_J2?Y~C(FTUf3qomtEIa8UR6_8&n4dZl_9gxLgNBoWMMVD
zPp56W>riNSl`5B}*$=l=#`ORV3HuUd+@8KRilqTCe$7b>5|H_>1m|~nwDPfk*mc6e
zSW-w~&S{o&B_=o7M~ek#-ub^6WM<ztXWF)@!zgm90$I&kDcyyBilA4fexrVDVCH%=
zfdsm*?uzv@FE*@7isQSLeVbScs7n-lt0XCmSi=lCZePV4wV$@!a957^pY)^Kq9u#z
z#I%j;nu%3?+cKM_0&RDPzYbm!(=a}v3U6QAUQ=dwr^iRF%usU1f>Z<9XU}*w8U3@u
zsr#w*x8vW``pSP%>*Ps*<mo^>!G~gNb9Xw@K_%J`L@Oyt91h3Qf@Tg){MfuRqb9fo
z%W|7NFzpj-J+StzG5hW8p8Gr97A)p6t=UMD&Smr5x3l4kNbd^saXpW35&W$+V+=W~
z>Cch@*j&YV|FU1Fj+6CVMeQ$Z169iUc^72X<sWZHJo?Vs6$a%6PSkSdp^TREqA8n^
z;()|yd(eDVQ-|^6A@zR6OdOS%)+|WXKl#hO5ws4C{?9&udGETAKy5%$1X*Um1Fs5G
zM?0VvBW++$xBK4kH1T;yK8LUT9gxF!$$#kI`5SSrutk>UCL0X4svGRG5EkEl(TRVD
zi+y;4oL~90I#Ic0x@J}4iE2TI#>MlPrxjC6HoQJtSZnQ4zj6<M|6L-q<Cy6W6U#sm
zCX&p%pZADnF-05SP4_I0+H41nf%?0%wuhYoU0`ylW<`OHAD=I1IlmVZ##AfD^LDR6
zF~B<W9%#G}2ej<MVkxL~@*hvVb)y@c^NUlikfXazy<!T5e1V!;OS=w6zF4c}KRk6a
zc;PeWWlvJtqa#eC0$zg7NyCHnp5_U;8kpq{fh{-b;R3DLL94J@a1tT)cu&HtIEspy
ztY*iSz6noy3m27Towf@D*?}_01lKEY@8BDyQ(gEOP01y*Y?D9fUC0cWuLMy+s${`k
z;kElAx~qGsYAjU<&1gH_e4I6GT%MovK8jQGBwx(t4M>@7QDG+UDn8yxGp*;ENI1Pa
zcOA-zI98q1Cpz=(PvpW49V3$=vz4yBYMA=fB^xJFYaN<76b39s5lQ?uT^}3=WV>cR
zdPA{vf9qP~lnT$U$a|JNEX3pTdEUK5h>xWm;5Fv&!H5;+&YK`Wf9{7Ej-{?WSJI@*
z%5FvcTU7r;wqdZ~gN?ay21_WYB{zhLR!R6l*sC;KWy#4IxOi0OJ@Vr<rCy@9ed-Wr
z%9}J9V*la-o=;?;mH94VAMtuSn}e7n%Ypi0Jh(~b=%cGnsQ>t(_bE$Y@(%C-`S?~F
zCZCJTbL#JY+fMK)uL^AW*Hmcz64<02=^kgN#be1jLPMpuUwU!xai<GNIGj(5ieNwf
zg-NAMiQd9=ajljBS3Pz~vUg9Tl<MqFIvHFNo$n|<IkKQtpr}T=Fuqs_3J*%zzFmg$
z$GNL|Wly<xwOVZH6ZxQ495YaBeG10vr6K0|XmUzN##`erC}2e1ixpzpIyIvdb?_C0
zLOrPJEeGg2x_%{}f}}|=KB@ChK01%r=eDem09}*83Xpp@-^*q}%`2w&C8MaC@4t^h
z76{EV4)9H<&z&&|x^c*?BF)9EJs?m42kcMqBT!S`#CJ!Nb<LWR)gVpB;EKh^Xd_vR
z@0Bzc$peMDG!v$x-+ua1h0FW^o%cG~*40bvPv2XMld#;GZC?-H`SK5lK&maxgf5S!
ze<A8$cY7xb?Aa492v(_PwNyXYf+uo2St4Qng{X7=2cmu%Nxdhk{Gf8bAt^B-Q|i@{
z`<lZ{w#kM6IggT4^I8LJt>Id=F6XNBUEZ$AuE<ZPbuPpm4w?(Q(V4x;rc)uBsz2iS
z470w8)n#gi<88#y?h-0?yAP30X9s5_n>#m0`mzv(Pd$i#0v-Osq}=do9xu$aWYsIp
zraxcpJ-(?c+%ZtJ74Ih6H~~d_UgJAFPyJp-f|+!(xleEtx&Ka_xh_cub(}h%d||a?
zoPwe^?=%9+V!jzkO=uH@z6ksS1(PJy0x(>;5=_;zgzKp&!T=Gm4oa09ssO)MIzIxN
zX1#4zu5eDBTK|P?!)Y>i{e14R9xsPD2{Qd-0_^5^hPsEE%dN1jPGATGq^=afs;l3T
zI%Al&(%x_56T71nxf<d#)VteK1m^XrO*I;-(FcL!@JBLXMFf0G6iV~cq)8;*9%?3V
z=rX|y23eg$A~GQQ4@l&S=9=EF*z}3PY=Wo!VWAx<cQ0e4z<fN<o6pDD!&ca}es8}N
zn|=oT-k+VqS%2Th$pN!5dc&c@ku){y`;9eu{#^WCuUiXq+|mS6+kkfQj(_v%vOmXJ
zzxi~R&~*kw7UHcWIId+LoNd>Va$2WXnkTIlEqPFJTW8JR$<e7r@3Rvndqw(VxnHEu
zd)`%Jie_Mab8Nf>89tHHOb!T|gX-_$sWv_H0kVrU0f}6DHb`rZDZ(X?TR6`BJQcH~
z5G_4E?k;bs>en_I@Xq3;Vu((@TRMgu>1N2B92^>}J?Ji>e9)fomq2Y_Gw|-+(%qj-
zWgD5T2bpXP+pD@muYZ)P*txm9Xoo+jc(aJr9yd9MV>@m)P5ugjnSfJKxbcbTqLOzS
z4LfzdJ{u8+@u(OIRDzm^pQY4|cj?j1ozYmkp2o(pMet@@PC=W*P-O_z6pJph9eqd5
zRieqo>^YjG0UF<-qTUo?fsFuh#lQx}-hG1|OABrFnydZfE{U!h_A<_vl<B&fL%mz7
z8iY0{==F`vL6zr&FKu9=iE7FP0MfitgHOHn&ECEJ%~}8e6Whf4;d=gMXA}|=^6_OS
zxPP}F;EkD^`Raek4c8bS$kuzh^j9|oz=mH>e@~>gGY+^7_Q$Jzxu!mKJ@CF=64v{H
zWKX=m6!>dLu&)xdLRK7>Zf#~q`R4G`*!XBp@_jOMNbW3;w>*<3E`L)(BcBo7hP0~A
zv~42<oegZ?A9c+``EI8mGGOwsw^aW85rB}(Gv@Dp-;Vhz9|~Y4eq$SLU`Hx%4Ke?n
zBETziU!?iAuIPNZU`J?C<9lN@g?pQl)`s!owUx6CAJ!)cqJaZ+V&T5BXAd<nzuRio
zNET3o+<u%S1Sku%R<-}I?V1TsAyc$=D||FwcFO*H?uKkFm!ZYqlecXjdKzRpF-j0=
zX)VZ2ouo%mPThJ6qukmWwyN3AMvd&oG?-hM-a#K(H8ntko#;M_MHSK>B)1r1tK0tD
zxu)yF?e{grA^&*TAryk3L;451hn6?swhi!d^Eddz9W!^M8&Fn~Z_Nj4Syb*E8T{)h
zh=E!I0=cJ~D_0SkOx=K8dY;h_yk#Mgu^}0dww`@>e{yu7DT$Bgbjsi0j6@k$q6Aad
zcA70ILY|(zmA8SWZ@ZYq3a)M&;F3Y8jnsN;PBP*0AhGfjuZOTl-s*J%?6&K8C~ko|
zV@QopAz}kTvsFBgJgHm{H>oC*#sflevb5+r4KMlm0V{{$e0}|!?|gxX++aEXj*ja=
z)o)U8n?4cnNN=bw)YqApUM^UB5{-NxkJDmlCVrSP8x39Wr>j*G=EL075Q|qKRpbtJ
znIuakP!FBd(wMCRu^hpvk{JpnD#zr;iqcWT5+LS!12%QOK=CD|my<)cI}MTBs{^DD
zdj$b?UtiCE`wzlC<lXPq5>ppNCEZX`60=Ds>C8EAG20=1_qF|4^>qk(cK*imjfHFH
z@$v<6WhB4hynvGO4ikK`jn}FtzxuH3X$MP?bt=gooE|oJ>9#E~;iINkE68;yo0*d>
z;-!w)wvGYH`&BK8=@hMbk_)FFQ)Lo94C8o=a*bjsGmp~H!`)WxJD_Q*K_c2|UD~G(
z7E(2ckt5klFo8J(vra|u`J9X*=f8>~=Y>k0*=At2YP3vg1FE$<TD+xXpKscOXCYqv
zXPjLjH^TwXi0`sr{x7?L_TRHByMXhT$5tEgs^nZqeg(OYik;q-n-}9ZO)N*5gOHbN
zav7<f4ls=*Mugw8r|8SS?BRrC<@BtnE6kcIL>|Z2BC0&9tW~8jGBGvBG)UVT^-Z&2
zzkGMzd#_#*$!XF@FfG;Ul20_;zH)hLP5_(!>;4}OU)TGMqH-3R4ItDTdm{ykdp;Nx
z3dyXcdt}`PJU1psda<HU9DArKq#{}NP3J>@hw&*jgeG4i1>>6@d1XoLqlzv-q|dGn
z<3%Dwv3`8|a|16Y&nTTz3J`M!5BSjB1f`l2%uG}nY-4c#YM?x{A2lb9guMdCbX*Gt
z5Wna-e9aa>0#x;7=)Cs%&*c4*pQZ#(SkQ10K^nTZ0{o}Cw|4&_)CD=e3H8XAZ$h2^
zn^2FzaAZ3;e4JF@guNqvhlG`;4<`}xUhNwD+5=bTnIc~9eEx?}-})xhzpFaqYJ)7B
zM*bnxzxH--{XRdQ3HUbw->;Ar+VfKvi7KkfmVJ^jtN-Jpw<_H03Z6#+!^I=rz7rES
z<fH5ol3EOx#(PF%;%`m8YH9e#GFMAeII?_86U=f9Tb$w4#-ur^2#2n1&{^-8#Ge$`
z=djvPRitkX2378ie~-Tjb+nW7rLePr_8NmG6WMP<ok;fan^2E}{THF0{9lCnq$DUJ
zFemXf-hUG6PFr1-kpXU2U#Lz#QbuwX1I(t+EW_i?;PY~D#37`nJ|XN8(Z5jZsY|vw
zR)!l~!7uvm{V+19@+qluEywD9r)2I@MMzh`1V;57&`37KX%J@@2W{QuuaNbcFefsZ
z_n-hpR3vT%&5<i4t3r96$k>6P{g^c)iz6u!2n*xnrfGwk;%-N#9<(SLjRjAawLq><
z5{(?=irNF752**n$!~&HSS{rVHZ}>sy5NU@6XeHY$!p8XW_}R2)<~JExQQE<Gt=SS
zJ_3S?8d4n}K%vuMQnJqwqt08_4JTM8het0eAdjz1L#ZfG4wum+PEBhBp}}fMyh_qD
z5|tk5U*}aCFA$ebp_Y?jqppTje{o9roy}noNOLYHHhoB67<<y)2&IlIGVTsTKI>wl
zfxjeUPZL{Bn*F>i_?v8Z($k(uU1zmWxQGVXV|y9nbxmbx*5*SWKIoGIFnd2ErIoaQ
z!eRT-CBB_&f~-gd&zUd_3#YI&#iWRFr<YbtG%3BUe5=>Z6V-7RSEJI!RmPIdoRSzM
z+enQ;6akf_;eeang}`$ij!Lyyrm1w5u%%m0I*mbV>y8;253)WAet>Gb9clf6&zLWN
zh@bALmKPfBJE5sTymVNFWj>7NseoxkB?)!b1*LIQrmBh;=&7LaGwobV$TTJtWgHpL
zv%e<9ByGxdupzBparg7u9}xG9x3=Y*nQYV6dG0H&r=BFP>8&<4>dXsQlG-o)l;9-9
zIXi&$6ZJaMg$_*-_55HporBESi)@baN~0eMMa&_P<HO;P7icZQW7<?>`p7m<Cc0L+
zn_~HVBrtCMP96t|Jr*>X5<Dw0_eEqeNTE>>rK~xN<T0rXmTYKW9_AXd3tFni2)ChB
zAV3g~{7-m@lb%T`P3REM)XZZ3?op#d&=}q<Oj!Y}@oqA77jy}d%@4YBJZJ~1amOZg
z?E!p4Q!E#dK*|_uN<K%YeyM>;O^@<R2%t6mapYqLX-*ZAT!v}eq57efLW00fN|U~}
zWc0}p#r>Y?MwNJix?iGAI%XEG+rm|2pz)-MZn%e`*u)8BBgKSo(6S@P57e))=tEc`
z_?P@DgnM|kF|!$>r&{K7LUWSY5qP3^%Wd$Og;w!;;^R;!G7Pa2KRmVEg@D-54{_@g
zM<h+Hn^u-D+P85p-IhZSrj>V-d`YiV3!t)2#=F*ctBNc|qQVbY9cj!VGKRIM!{rIp
z9BCq;xQlS2ypg36>y_$cJPVh|blMSsp(bjrnCsU$fDF(Lc2N8&?L*yV<rcvXGrCN8
zXpB4@<Z8w%<y|r;qIJAiim3TSzIwGk{}WMP`M(f#Vkg@Fg{Uk48&N0zM${h?3Yhg^
zh<;8)n@FD7o6^-^|Ju=F_BAKP2LAJPP&)gKsEhqCL_OnwBI@-2FQVRkPs)8Q`;Dk~
zr)qKphlzsh<4+$L;Ml4jK>vRcb%}o?>ZW2t5J#Fr|2Lve^>0L-_P-JJk^e^2Ba!|=
z)Fb}`QJ4Bg)Hz{O|AnYG{R>gQ<~MeU78y>}ubf;?5Iu7_Jw<7L4RQ>QPCa6Vda6(9
zm>#E&NrTgKgc#$S(jAQyf)Zyo00WmMfxy@Qy9@HyOGb<~UzJ2bPgBw&u^2ONu74UL
zXelSYMTi`1C{6qB=RBc{h*M%K(!Rc33L6Nnw3MiDcv_{o_V;r-y~m7bgm8FDuf|fM
zVuOiK38f>L$E^vqv2jrl)>sxyyhb{jxVTp?*5ww=4;W$CibGXnI49lLJ8ZlsJ^tN6
zTTE@igg=^JkSOq<h`Q3qe<SJ{qW=?7-$(ifQC~56__*D>f8#Qt6RF3*L)A`jRDq?v
zFfsNOK4p;RrjF_v?eR&VKiy>w&^^bc52n`#@k6h0ss$!hu<enL&)@$VyD3Nr)Y?b(
zjJ{q`Ge5CGr{*yZ5=?Xyq90l&j@Y$Jm)Q%_gZ-rjKJL}d!nE6tJMN7<H2vKc7Y?0-
zq8eC`SftS8m0SR|AYnx6(QJDX@AFQD!6RQBzaM!CQkYa3(CN4L@hEi!5`WDcA9#%x
zD{5&1E>k-y^#^U#uGX=j$g#mP4EU}r-SBYQvWi|Ur>uShh;*%-^&tA7y+$6Y-3neW
zX-Rx7TBE2W)s3)*!*Hpf4omlZF-jNQmw8(!T=fwd6`?+SuEJrO_`z!nj7vOWEn%^=
zC_Bd9V#kP1!Xr^MF#?lDq;N$ip)T=uaSOq#FKH&!!f*}qC-&?F_RrU{t4+T+9StC8
zpe3ma6zYD6vP#O?0@**T3}Zh?jce`~Gts`bzzn~v6+#<<Za?!+mZ^W9a5C?9_Ct&#
z&8M0jWQg*L6-Hg;zmj5+9qN*fVL)5MOX+A(xs!R&uVt07v<Xa(1o7!#OQA-!|EXBv
z^_!G_RfC>xNz(io09A+;Ly<Wcgdi{EX-Kri>GOm7+a4TsaeET$y&~TW2~CwA(<#Xp
zeq8W~FA}jI%8oAyA`)1vJfwD@7+J2iWOS-?OHd@+Xu@K_5He30m63QH*U_318sVfp
zX7a`-tw;0nkkT7Za<|f$Lzq2jxxujjMQ5PHLeGHatrdky*2<B#syW75N+GLPq3ly>
zOo!>$#lAUcg74G^mq@p1f)~qPe83lESrgM{l=R1Jt0JF6>swZ`GV+bda!Qk=EPB)J
zWMTy|9gKh;!>%Ys{xMn}zb0#(s-nz*lV6LA5O`-hMw6g5*RuGeO(@i4Zw$6?GPwpq
zF=9200M_uuXSnN7zna((RAmEdVW?b#)7Mx1pzbOob!zR#G@d%nIdob1`I`ppCEdhv
z9fT|_|0+VoBG_~B$f<FV_YN+*6brhvz{J?LrJU>z)4NgZ7FmnIXUaiV?ApJYs8*AG
zs)bl{7xcR2LV+9e6tqr4swt-!nHr^Te)U)3Z<-41D`ZSU7dfI4xYZV3(Nfz%Jk!Z0
zT3<F^^W8VF_o{%gAWxxJ{D|*H!DwPV2DjE<OO;#$FkuxDs+s){8>xj8QRPRcPR8*G
z3R>4Fhe2APiAfn|$ZdkRFt+-GY~q_}jStJxmKwy(CkpGoo2U~=Z&^|dG0_udh#3dJ
zbc8qBbsSu7?b~&3NpNk!T8%!0sZEV}s1IP^ATP}9N&|sk7JokNm6LK-<YK~62_D3m
z3jX#}<G!o3;%0s7ifok{M#Oft8UFJ}KEanIU&ukQ+_^M8u0fLboc~;1pnXk`IN++<
zhWyBKLxLHpVKZaAooydRyB#$y25XIRtllAGiGr&6Jy6u6%Z9kkrAWH$&0=O%1**a@
z<*p%b*E(>;H0xqF8L{*1rt1T0Cdo2OtZURT9)VE%&EUi(<5Yd0hj7On93^;BTqpig
zHCQhZ%+$Xv8B2MSI}1IOu+%K%h>b#>gS0_*gh)%kE5XyZSWE~BbCfL8+I=ADcs~cV
zQ7DNJp;eu+VvsAaz(Dh<fl)w=j?bw4$!Gd*Y-s!^JNE<FNuV3H#VM?q223hhu=>j%
zI4}@K7a?bcmkCotx`COT5Q2B>IPDw?MjU|#Vk1$)h@pG8o#9s`ga)M55RE9GM#?rn
zYLUuwX|`T5#~1FTFkvYD0g6?E15y}E<bH(tIur06`0$f#Ml)hPS%zl_BfV(@yiFLF
zUExEZ5CJT&hQos0IHZrS8%<mQqWq`#C{lGJVedi1Y{N6ZJmUE+;Iscr_ydsbL%0+^
z<#vLMGM`Ak78;2Y)wm6|dLIAsJv6rlHeg$$Vib3Itrss?=a2Q!>3c_u4HgHvpSv+r
zgH3=kR%!l8C8_j5^Fs7O8%8BCzBMBS2sGAy*c`TTxQd+@*&5!&iz!8F4k2TiozDF<
zK*Dt~P4%T`%4ZjT$Q#fOE4y3H-`~}LTNezVxrUtWm;@e%8QjPL)6G$<%{s9OZ$-}F
z<?UwvG~hp7dAWl*+39ez7c>6e;p~p@=H&pI0WafwgRi|&vnjDCgSNk@d;Aa{Ci!pr
zKAj#8GOswOOPbJvQjn}ff>UW^LKs{{qp<LvWu>u1B+e)f15eWb67?6%V}{JR<|HpW
zqo7BWq2o<JYvD_2M=;*T(Kp^CqJwbQPm*cVM~{wbkdIin%;eyIUvLPy`~(;L{yjU0
zgN(&Vd{+zR@&kjV#!ohL%+9vm*e*M8IUaf>T&RPNWO1~p>D{a+?GyNvOA^0pGLQ~+
zP=rgFqK@KU{CKV1t7}_bpVz}$k8HPoL+smb2|)t4U8^AmQeLZI24e4+ksS!zN4X4p
zMQLX22N5Oe;!W_v(Xos1PQ2PssXAJ7gHyNRfW3d_?JyNY8eF;+8g0{>l|P7@f``DZ
z8K+xZI3zlzsMT=GatPmjsi#faT*ki$4XhHpY^P8iflDW)C#c3B#lyY5%Re0<-YKbG
zhLieznji3_6J+qUnq`WLY4{5LQ0#N43Y@J$Ii%6&Og3D+bvY-xee8YIFyLwU)^j)D
z3M(<yM#v9U8Cn4kx6YZltoxFNXwW$JIL(*1#uE!ys=?ZfBn2YvQ)J!E{e&x0(bUnt
z5D-;+iBX2kdo>JuxhIjC7wH;;9^PWGTu1$o2zzE;wix1nq{sW5gGBVki6X{vFCDZ_
zei1#<!FbI)Zpe+r_AmLt0WZgdY@8)5!?)W?r?&mv#UOuw6Kq`q^VH{&cSgbd)MBii
zK+(Uq9p7DvPCdpnE`C%2=|71>%pDA`9W_ar2#D5b@OBj+PyX<ED=`aF)t1iqQ<kBv
z!B`f=c$D?4itK7Jt(3@cH^oUWhnZ=b7>+4sG)BYQ#9*X?O22=-wn4^%0Yr~M?~b?V
zEsoLrZd_d_(Itgcffjr=At}5iWrQ!fai4^iI36RqzrzT~-<P=K+(H#s%?+{_DkBO#
zWGP%UbLnrqHliIEo`LmYXGVB9GQ*438oJ5ZUvDWLChbGh5vo|uM=VU7KtpYQe)Zr_
ze>y|QTMMs<eXsZ{X-3d-m@Megs<3G_$X?w#s+d)K=G)Fo74$09Rp1cHNzaC+V+&nI
z@<$)KGAmD$iq^Bo*j<j6R+M-X^GCFeXl`@eA0chTX-NZhqH@?VZ8~uA^(d!A62x*b
z@1pL&tad!ogGw-tYDKxxqz+<lN4E_Y{FF(P=~j+e!nLAJO8VUUd|`)TfoYTVB*snq
zi#+We@*f6Brzmh+7M#fnt;N~_DJ1Bk7Lm9bhqkKp0alNG;79v~MyJchK(ImcUBgDL
zhk7?xgw)3+yHq;l<OVXMMv9u6-PpejA#3{EnC3+F=#B6NGXhLFrm_4BjS}|F@Q<xN
z)v#Zb(V|bV#ZsWk4ug?vN<;1oj+64W-|SH-OamVw!v*fpko}K1NSiVjD~bGXd8!dB
z-tV6hBtXy~X)%Km7D$EjH1acif*B=qhTD3a3=*@>D#a-Fn$=_WL8f<v-^xSqRVJ<W
z+5QiEcNr9S!>9S45Zv9}-8HydaCdiihv4oW+}+*XEf6HQy9IapbnbhenVoaa>`c|x
zZtZS8ui+gObpQMF`(Bl!^;qXI%;0Exx9TDy`xW$)o!isREMf}w;|x%DAL?<(4tVV3
zOL_fXt{u_QZj@LNYpZpMdTc&WhwiExp<R#G*}j6J=?BjJkWXjBtn$YBj`d}kLr38B
zha0!pxw%2+LV+Nc83Co}7{zi!meg+I7TLz5dk)kqqi&+z_+~{(DPdwG?ftz<u$fIX
zkjS?ffeIS|Pnw1tU%m2Z`%MF}rA+Ix%5@MN&=pW9R_K(>g&nQ}eS<N(z&iu`<r~Ug
z8O}b4E)gwJQv+9@tAfjHR(8pv9Eb%>2v^W)A9{ora8H}^j^>UdOY#lMo*FX8!yMCZ
zhtSU#!snxu^<YZi+XdMmJ{PkqV#x@2h);i4jMq-y+0fD^51$&EDktL2zbVDEI5FjF
zXge@uL5dxE52MZigKYqIa|i3<PhhT1S=7&K!Wk)wjla~x?3p>^3>`dwI~19J<o&Ug
zT6RHGj8btG!=_)>Zox8#r=5Z<yz#CH(A*+5AwML~<o<;zjvtZfp8DN{p)7cnU<94}
z7Y^MdnwXOl-F;(}p&@&bJ|U=(-)t`WTQ9}IZ5XtSliKgRsbxoS#%llp-X-TvFF!W#
zf`3QSZ0dybo=`SIIY^WG4`;N13JM&j7dlr?)!jqf&0Bl6ZxbT+fVDLe|G1x2uVdrb
zB_-%lCl_9)+O~#hbeZA_%-;hARCI)qf&*D5awxxNHIltj^|pMLG{wm!LtXVK`<ly}
zRcDb(<t{ps!B^0_hH9`1Wk(DAZ;EqMrn6?qBE0x{5}@#au3vYZ9s>NsZ{NrY{q0Fh
zlRR|D|9&l+!Vg`W-XMK7bLsy>U20YJ>S#j2{Uc-!mQeSy8WSN@D`O&_Kh>!ihK0ne
zch>wwT#?aI82k!<4Kyya_taG=2ptdeze6aL)8rfQ)xE;|Zn^}lMl)mBzFh~Udrw5d
zIw1Se?Ix~#%e*$-9w|Vb|B|PZ$@iCU(Y;UZ*oG=&4hi*F<`@i})KY~Kakn}gsnhDD
zDnfXUU>M0Lwl_H-`9oU_Ey@0cwzwW%)t$Q2Y#2$xG1r17IGH>(Pp>kk2yT`qs(rx(
z0g{#-$<K-C?2W-WAg0o^+7X^B+ajmKq5n0^vZa|`p=8peY&}l}4goK{d@7leZj}Z3
z9$bxPrcPC<@2kcC5$eu<IxWr#Jw^7dPI~?%mxnfq4^*`p2M*%6m3E+<#@DU5zdLGa
zt23CtUhd+6b+g#BM?AZ&B@{grDgIC_C_g1i?g}Q8zH)FAyrts6KwU_!kmD-GQI&T2
zq=!Fim^)M02=kX%2<aC1i&llFTYhjpY?us8>?Tqg?I-gTh{ZHWmW7|34q;8#l5O^&
zK}iy<u>?BWhmM(Uoh8C1mfXH;JWCscX2B)qrM_qq+PF_{Yffk3u-=-LE)7#0=M2V8
zpX%ddL+6zt*dP=$1~IW7i?q_WDXoFg(;r%XJ!&p!2e8C2U_+ey22`b*gUZq)HRS}h
zUNsU*#@_f+Qx@F5rd=xrs_0+&+)(=tyZFK7>*RehN|*G@F~8q0%x!+^dqX6&Ktqqd
zMI?NikseGg`Bp3M^ZXjdr3DW~+gQ{4h2?v?uaHGf)Q02RQdWyEC-`&g`O*A_(tMlu
z+{4(}xkmAp?L!qyy!Y~Nehu4TcDI_q^vsKFK3C^Q6-Ne+>B)BE{|aj{5t8hWC3=}}
zZsfsCG%UyXfMhQwgU@PHp3};rLzE!m5&UgCNLQYx1K#<S3j&iqaNTa7^Ga^Z^O-?A
z8e65>d^kb(tWo}b`u3T7r>gnho;`t-%d)Vtyd*%og}~;bb&|XlVmiZbS~eo3B&w`_
z^9SS6^Y^v+sq&T)7d5OT3SE=&YL7d{l{XHgC6o$eeQ*g|D+TsVCju3*Ff9N@OW*Xz
z#_hYzRlgPa?_mK``u7qlUqmst<r~1Fk)j8t5(B+2R>%JPV^XR7=|?YR9O0(_)->d?
z;u;0UlUyM9lAh+OfBznQT~>PQLR93WSDGUZe1xjOQf5P<cvF!`9FosvSHpN5Qq!hj
znwu%#oOrr*;z&8y#=hWPSg_3CFvF~t)EYy+=UW;{=7EporoHiX(SIXe8pKiAI*f+7
z35A(1UN5lCQ*yRn`X2eMHTcdNKx7NaF>-LzWeg51Q!A*_a^<(eU0-NsE9~hnyZ!s6
z0m~dm0klb(4TZ#4I^AJW(C(cZ+VOk2du)+Eqr8hJ=nPA3=*-lbS`5$$h^JYbIi`Fd
z5If24cfP4wfyi&HrV|ZKY$`}d3<Avyf43C7gI%-G8K~<TJ$jTCH$o+T4@NYUt`J3t
z1Ak807w4ss6;Rrv?!1I}EpgNakCp!K!HRn%XX~&J5UMg6lhalzBmiSYrdjNv)*~?=
zbjtGqgx;nCL)Wt6r_1|s$L6{5v$Vq~qf~<HTy9#Eyj?m&kp^Fy9zN-#wR<|Km@RwH
zjdDo%=8Y6*h7%p{Bw|h7J=1}s#SZ<-sM+neI`LSrQ>Xtw?Q&mKDpTV4h0OOo*<4xx
zetaj1GA`F6IGTHt85gI<fbE4^_OMhFLSB<;fAXB?&>=O*b)2KeVfB~aME7x`Ek&ca
zeI=ucmi0Aw*PY26;tlQn)c4dRR4QGBPV=q=d+ewxuOf<W_8ti(OQM;X&Ge!lI($lR
zI~$#-5+=c@z@D>bd}?{tQX0ZDK<#BKk~<*v0C0l%!v21>4V;BXeA&|Vxs(7Ddd`H{
zY|K|?L~Fo(ODnqnqg}=c7bhWJsce3uxO%*EGWH=A%woSLn~RM{5?`B^#rK#l3unK-
z^gAAKp-?ADo8ap)o+<`}!F9t?+S_$3h~O#hC?i<fCO@rXCCuKr(kA?+Uw)RSn5Ipf
z)u{O@KRSKY62Z0LTI9rD^2++u7Sr6+XNTCSAyCuQMR8wG+oz@%)zqgIp{a+i!xQaA
z+~hV$-q!&pa~+`+%hI&u)f)$^_rb?NDPVxPQdiN}rK|64tB{I@x)U-zPA8=Rshop-
zuJk&Wn8_BVW!?s%b@#e4GFCGhj#IEYudV+HtnV846~Y+okPrF!#`M=}RS_nH-ff_y
zzoC)b>AR_NXDeGcxEosyA5tYp>2Sz>dbdo+#<jiT%kErkmFDt)2fx&!3)Gcj{wMf_
z<{)C4b<4RVSbMZkzsx}^xyQN>M-9KSMLBz+Ki6?db|EfmspAL2Zr{<sgB@ine45qV
zL7L-ccOVBRgndTFNDkIl2Hkwct~Q~PDBK{8pOkED&>wdNqZ4(bo}f4UO1<~9L}4Zs
zi+(_GQKbEt*xqTRn`YWAvWh-UL)ui;`G77{dtMl;qmbhq<=;mec@<@2McGc2t}p#v
z3->>wFDYUIn2qq<WxLwb37BGF#_?r*c{iGP=9c69DI9uzI=37$AzJ$F(f4r%lf*%O
zz51g+LtVTyFf29&B7+7pd1{|(j(^4M4uB$0DDUKaDZ7RkonDx2U0wZu>lZZ|C-$Lm
zrb%F7qel_C;QKFwb}B{d-mfLcDE#%<3Ks8<wu+#zl-Sp^So8x@S$Z0O^OuSnG_te-
zi493NKV!6jB4W?G=cmP!PQ<NVzuVKnwL(IDUrUZ)3I8~L!2Kd4Y$kDUFmfD@u~zl8
zy}7`<kJsDjaACG%mUv>*r$d4hVYKOVK~S4r&U~`vU|5Eq=)m6RT)2xe%dy6-g~xJ6
zNz2$l<1cGnYd(0q=4n$|H5R?ZO99%<&?G-%|Cglouq#WtEpJe))siETBzZ?Eh#6w*
zCo4k56jN;u15|d{ydpU+Tv4~IgZPvFWSt-#rnpnqh=6LwE&S|{gGHW9v%&Sb^0^=#
zeNJ^Oxe`rL1Ox<(7JG1A^=6SVYYWJ}dw09GGu_jRG@*^nF8r;gfa{S<l9{+vqwbZt
zIcw@e^^+a6`ii3&YPW@$qvptnz%!0WyG)~M^(qZJPJkZVetZ}WoQ3N)oZ<!wN5=9b
zxK_4lHNwXA97TO8YYcZlm7*BxSaVbOYRS6I*RaUBp=0<kw-Z9zsDa~UCnyWt-&8aT
z9Ea+7=REMXXA_IMU5S_x%l8oMqe~6gODXHLdc%vK)ER`ly`9rf{nq_yiA3AkO<xF=
zR58_D;rV?&;Q2Xk0VMJ|^e^s~Z&!OkLBRfnJ>dEy2=K`8=S!>ZSZ2hZZT;pde|ACv
zY<Z3J4@Ihak^p;<fG>L2Tk1c~Mjm%7!@4+#HbsXjKg0J1eN%^2$&AI&X~^y^-5!4(
z9ht~adPw7p$X*cgR^rqo5NS`S6E>##C8=RJ>Cg&IYXda|plG<J-|tPK1!YJAYSHRt
z01wvxfPZ0^8S508z`MBo@>Z>w>4#io9o$p>ztF!-1O1DaNvUbzHp{d9@1~EBy*hzo
z0ifr(Zr^x~v%={(WQ`a9{-u=5!h#X1G0+rgXRY!UJ4L|>+^vxee^1?jhaQ_$`#G+B
zLyF&Dk3T16e~vipgOmp{!O4QA7$hocGeguQab*R*L-u-6d|Ff4VG%;I6uJT25!aui
z;HyNOOU(QZ?Cxt(YVB8~S!=mBuI>UUn}g3OZ5Q#b-e6Y38K=WSCmrK~=19#x(l4<q
zik|XuJJ5|a)f-<%qwMqAWE(Hjvvxv|CVd-}%>ez4O}^~-u-<OKmjJ1lM$wUYbAbuu
z<Mte+;%^K&md!9I6(CnMPD3#HFH%!7YUOC{!ag4pMxpS6$}<Y8C>Uhii%%yS`wb1h
zuYb2c&T8Ed)`@8~)Kpz;!be$v({7_Y+y4-#n)H`{ktetj*cdmL(Nn@CUy;&~c1xt|
z%sLp--zT_>uzz0karAxiD;0SmBDD*6c!D~$P&>8WMvT8h^S@go>(x^|yqycShbKun
zmu8PCOj^Ei+fkeJ_-fK3%zYx4k)5L8u0zqgNdhQ^P%n;X6Ro~hiRD<<XA!#z<GTs>
zjpQz|Ni|j@S~cuFp{Q$uAv<jOaljHMuWu9~O0}7;2euF9RDkM<G9E!K{hCB04Vyg!
z97uHOv`T3PX|X$5y`*N}7(7DY=iCEu&o1IScz<jOoO3<_@&Nyn`OCn+@t4f$`tvsd
zPn}u7ihq~??|;u<7z+Py;x8fp#$SNFaEx5Q`(Xdx`{^?wFQ3Pa17K_1yi##}?KW0L
zR>8GbF?R87arsJ>d0*dsJ7S=2xifrn{2XtAQ&mKR{nX&XdPZ8#%(Iz+eW7rvIE6Vm
zxFkWhNUO;bO@Bs7n3jCt+6$5QiaoM8tE-mLhPW>AcrvhlbGRrIHgs7zt5%(`;`3og
z;9MfRVbEeI+hVN{1swyCpnYbNN-7v;lxQ#80y#Y;JTKUOc$a&b>x^mM!}_G_Z4C|R
zYWcJL*fn(ocRuuN^2Sdz%4G~m9_DbQ#N=z_O)?f7xuKeLuRR^i$tCo<&$F+Z78SuI
zWj-augK}DSft6$o<uqUnFR_he<NQVuE~zkXlVN&kZ;8{A6IsvFAY>KNZm`0cf~so7
z``N7R&<ZxZnJK)n>7e)ohv#+MBurQP;#F{k2?RVCCLH-<LrNIbBxiJ?kdmk)5EjAn
z41$KaH*m2DpN#4NY{!uA20y;-I=RjKAgngjWT_kwz~ISny!S}^Oht#HP7W*6W-u<<
zZHZI;P0O9wPa~5}B|Z`eH;tsrBISr#Oe1uRW?<?J#-uxxy&}-*u_3J=CCQ@*=rwD&
zm{+Qr2y}KPHRarPzkxSY@nEwj^+tcmd7L59aYQ2DqE6@inPBLt!rEQW)spD4sSPQc
z`i=3ZJ4DCPFb*N1L3G<wTYKMJ8Cjt5+MgZjA@@ySmWS3-F*0|r>H3zy(?3y6w47~U
zl%J7FP?dF3RCCPRFg28p(Nlid`~HURv_ham>H0Kp-epEZ8ir%KMkAPvM8T-v(dFjL
z?=DigGKE4jsdfoB_u@o0?WU#;T`FN13qs6j`6f@=nrrW&VEzPelM&4T43-CKbHfOg
zq(-AGbme^^-Li5r;<8&3gZ@G_RadY>A)$PO8eHfUb_{7U3738FPLxDLmSy-!qY?3d
z$6mm@z^1#2`=hN|!_H;RBfh7uB7y0JCNbgcJyW_K1mcRs1oQzfta0AgF53Ba1yR|m
zIAinO<mi(W!O}Kka1lwYe(>GjgJNg!U0)WAS!RJO`_@LyqIgxTSeh2XVaP9NH@eG^
zj7^$-A^g0KHWem161s#fdyXt42`GxuL4)*6Bz`FB7-3%pQ-gm%GN+4@qD*)u=r*9C
z+%oYfhXtn14nUK*^U~%;GDHWcQ~ah#7p}8yt8ypnD<>PB)3b&44o)%r0S#8dR#Wse
zG!9M+&1k+;+=2^Y;!P%zK1g?<5aTnz)`~oeq95l6c3BetX-`d!4pltjm19;($gd9v
zW6miff6)`Mo&-@aQF7HW9@8vbG!-i?@R*VfJM(AlKBEefF_KpkKp`O5y^Dk28YAC2
zTL@N&(v`vuZCrbgLnpdI$P1sGG>f&Li^O){as&F)FO_)bA!!`Sl<GM>?ZzW7=cYAH
z%vetO0Of~-HuVS+haAdVtDwfj5@dRk*yW-6ENlx5dv;R(0FB{#GLrLnE4oWDDyb3a
zewKq6wKRu=FJMGey%p0#R(l}dRKNMkycKt$Z?bbMqQ+a_Bwp8r@APxGQ`GX$S>`Y~
zUFas&JRv;;?Cu#YnC4MN!*x*GT3oBu$s2Q6B^|!a(?^XpqvZ-Fq8e++*|Ec<j?2Yh
zg|qOC<lICK(R$2FM9z3n2j@|-CX$!;rnC?B;QCol-(@G5fQi1w<?<8mB;v5oqAR>W
z)(wqC&EoyAX1RG!5WSagIQ=24(wnT^f>W_kuSJR_f#>I_#+es)H<NVU#aSGvd#7i%
z14n=X9q!E*7i8I_3eVtj!U(&FE`y-HMmwykt)K6Z3a^ZcnKY+6mY@(v(rpI~ia=`3
zk%Enkn{1BEX|4rJ$P)N@9!ZEX8IaIYK^EbND%noN)^r{Q_X(B9Dfs9MZl)j$H60WK
zLsJfwaFO6l01arf4Q%2$Z3=Sm5uFZ2`>AZ#+z5@vj%XLq%`>B*>-$wRXiH#}|I9Cx
zSvZ6pfoIW6ohAA;s&&diS<7a`;xUX(^vdLpPYXkgH~kG6jV=bu!>70vw&;u*yE#}b
zM$prgJYOnR@0&0rCoYtlx9}=V1`?97-FTs7&=2HssZHT<|8~t)C<i)fba-N;njBl;
z&#7=$pKJ!FZ^gXDNV5DFm7o?zhmWLl8%9I@oDjUBCZtr4NHT5XtbB^w1y~3u&Y+8c
zoJN0DQn+`*>`YR+{Ao*aP2RW%URb0wD6!T~Q{SDr6n50)P<jX%Mmv|gB?dLJ#D`r5
zgrETi99e|OFIzTC{iM0u(XiRGv-ozTVJ(-hHew@+^i6e1G57HKgLD^FbT0(2H)8yy
zLCYX+K!yz0;{*MqS~k%Q5ii*M%r6ug`ARw%B@ST~A+gWgqpzKv-KbjiI~p27Y6Q9)
zNjr)xu+x+!1lEflOADRs>|lQE+mRF5l^7DI#Oe|;g@UvSc%*cq@Z70tB*|COh=lFM
zmTZxmi%N~(yeYzwv@NjFN;RODFCn+fv?;KHJ+p!kJ<41d#R=$4-2}8^%6OgKBN2%s
z<0beIV})j+37n<%JsO?`BX*zTO-h%dS!0hn_=)#{QGG=<LQ__wgztK*0d2d%s!;<*
zF4fA6z;x)ehcmI-qQqCOArj%r0rsdLXRfHncw%M}O1X({96kBIQSC%KQW#PcdUZ%K
zdd^}4(j&_5Jjb7uzhD-GnCj=5@Y0&+?H6`9zw$X5ej)==p)HrL0>jO#DdCOc5L@me
zvX75$pHa3~dU8h%ey$Zlp8*|u49n53&C5EP`gR3@OC}<z|2@VU;~p!9p&{%r$sjr2
zJ%LD@tcsn=(Xf0yWxLzNxnO=9lpYuM#iyHAmhMozQt$DJp7B7NoNZ0XEFXj<+K4U3
z1_Aa9FZ4l3h|AG$+bRcP6}+D-E4c3+nZc+SdJM$Q8KDS^@_RywDBZ~J!rx&+K@@8f
zYx}aXv|CGt$NE>r#8Yg38vW3K%GM-cC0?X-wq%CIK59yzJok(rQaawD_9R!{EH@P5
z;muteu+D>5>1#7kv7or?!k|{M@?<D)|8A_JojRmc45B=3Mg!(<+86he<J=FO$h2XO
z1ItzEr#IM~39juh*}Lv`!*@Yt5N(<Ah<kRY2}6qF_*3_bi3O-+cuEQ)^RiTN8@y6s
zGtL-YCE0$9;2tL~u!&aUMo}xFHKjHC0I0d1807FIdUMz;tV(nqq_LOR;DEtlBbf=9
zh6eb&5ZQJskk762`isoe`L!$KWcn0GNUgOG@(oDa=840Wu*rC#9h6G>@P~?NlhX)~
zW2`PYMr2u$i80M9C8=Zj=hHaD5*GcxnFraiy8+FiU1l3hYmp`ah+S(9A{RP&h<zl~
zb6%<9Rg!(u#<;O^4P|C+5<1_0a2Hc|3%1zG&snZHNUX5f%H+z<Vz=@4^V1SF800AQ
zNEpd_A{B;XMsHLb-dDud4dh!HEt)aCKOB_Z7+G<5tYevwB`<Y?wdXB;BP%Y^1hZ4<
z5?))bn?~jwrt7{}!bz39;7)!ZyO1W6;*Bx=B_>wXC^=Opu>8Y~0TWO6O`Ade4N3yH
zzZwhhLwW^kcA^b*@Ka~Tnxz2<KYOIF2aQzh=@EF4^p7WF%^yX%i?MGNt8y`XwY$|y
z*COKh+Kw)F$|i)eWk@;-r|Xu7g*HmFFS9S`3U)1NP<h_8nNpss9P@C&bggDiH8E`i
zYL`RCq~dOHPIOsj_Yu+;eg?<{jG0gj_$Me8{NGtQ&;zZ~i@WHkp0u`Iu_<{x4hCz!
z@G=SnvYO(QB40UT6@4B{<^RQ<P4SY#g*f)888Ae2kBn*Jy_lCqCbU9mM?Qk~h+r;8
zJXVfv*giduju2s!<QR?-uV<pCU!H(8H0(HjxSGvW+}?IHRE0zyK6s%TeOf1%N2QV4
zZ37pd5EZ9U!KdHI%i_o~F^$02@0q6yf%6iGoH}4SzK!n3_BlWhF8c=_T#u7xdQ@E_
z<<98G>R#%RR5V0<Rk#MSB*}HxhPxwwa1b3B2k{cgmJLkJ7R=n~OX75`BHjnW!4A?u
z+HdHGQLYGKEz!ClHag9I_s_eY=Fu79>ZnuQ0qN?j8j!7^_)kdOAjC+aIdtt*Po!YI
z0zMd{fZUKj=jdv8vBXB^i@|Zte=8Wovn&6cOMxNadjv?Om@yl70%Br%%S7F>vU;vF
z*>Bwl5s2fWS+YdyhtlK^zdkO(vB6%$gnHK~w-SYZdk}rJUz~rxCJyNGTB=PX8=eg$
z4BT=m15IAPsJbKMY7v{&oq{;Jq>^3Go!Xf5fKimu5WZc1TS0{A7gBdyc_cygViiTC
z>2eLHvB#%D_$aQ$2OGQb`(4$Er%=Vzbs_bm`sZoNZ5I5sxbV-?Quk8Ab4cGP&RUO;
z>PmNC9BrQuNO=gz`?uPl{-jaFBLD-x_7`cmR;-$*7w#X7fWFU<lXG$Q9eY*j^GZ-!
z!ez+tdJRm-0}JT%MlS1|^oB^p<y%RRIp!r{U{TWgNW#mWYFe{WDr5y}E>x5jo>aEv
zBSQi`Qv)(;P}^PfX*S(V1cb&JScP-k-d-La9!y+5A3k+}w`V^AxY1;#mp1uaK4`?;
z*p)`1*{SAxvmd^!9=o0~$6w(_Q+QjxnmjCJ9np9fsgTNcSP92FOTlGN(4~s(zTQ`D
zH1}*SZCDd-rnb7u<Ak@m!s3H%_h|Ehm2@fVf|>bbrbHul)6b)y(VJOD!iGw^xl%nc
zwXI{_Qyn#ys|;6PpjB;KA)P-4`Avq?1U9e5M0&QS7tdp+pd+!E#F-Y<4@!+_YPDao
z?ZAz{>KigNHjC`SLL2*UduvxDW6~*_iK_{vim)7C39O_EjLE1rlO{gh=f>Qc_*uNH
zf49ZJHoS+n75y|=55eCl9pC74pc1M$`twiL46tMza6M*J>1M+kU8ARgof!}82Yvh;
zowfB_3a1QFB(vzUTxfBQrk3wihqoJ!4o5j)NxNHu2-2Ztu3>t>#;OaIVF;ZL?i>jA
z&!M$zFgF6<xxl7BPKG4p3eG%f*2EKIB>y}Mjp9ijMn>V>G-#QP8~Ur0>X>`ko`;wR
zLj9E)OoJ1}u2MpabH9aNcemi1cKZ1l<c1pRzV9{fw3N=B^>7!BjL&o{d5}J<-go`z
zlqKN0c&-4y4+3cqL6RoTXBMOJ%SC*0^_$z1%<s@@w)B?bg;sWk!+9_x$<8<pscp)}
zIibMQ?g>xNnK8B~rZF}GPNR#20PM;NA8_m536}hRD35-R@yGa6fsw3nN_|JEdCf$@
zW;9+2C6ZMwoL8oq$hf9(K`kbTv&c_x_Yuc6g{qDkEBJ3D77S`gYNQypYNaA}d~L`s
z->MU?tVl@2`?jr3)#J-cuc#fzZ4%P3E4dCAjCCx)LT%sQbl@KV?ZLytg(u{ZXF?r}
z!*FD@4itEe1RUD<Z*Kh+Y(~A)Lsu=zs&#S(kVqwTN8|I~3tflP7jE10Dh?9LH!GHT
z0{4DxN(&}tFDl!xUS_%4BJD;RD8US3aGSF2Ix!25NauwSMR2iSVs3yhv|ZD|%TNz#
zCit-=_F<o-jZPN47b!59R}4EMbYsj(`(A{<;w9pO8!?Q=M$bhm-|nCCUk3^0$uPMT
z9;gU!q}qMbicvw!r*<+(XjSb7saSkPPmYR<%-4?lL<c2(ixIVv=-uBLRF$3?Sm}_F
z{*4(wO3c*s-V7@gzYSt<LJ-rlJKPft7{=LQGk%MS6pPICOs~AxHr<w2WXdte(j>`C
zL=<n!L79pAt{iH2(kq*l48BB21UjxP`j)a6|HDqHHuP=ywu!&&a&}FE1X^XGRR>C3
zE(tEcD8%XpeuT^uWA9}mK+3727AHG+S&uyumdzjWq!h(Vfxa?gt%_jOsE%_4O~GSY
zA09rTvW4y{kaKwgO{kl^ljz5*K3~D0<3h4V5X9Ny2@A_=wgH))^`NxZ+;8IaEmcG8
zo6TC+hfm0csk7jO+qIapyfGmo!v%IIxtLAq?z84Teh4|>(4cMR5IJfZ$zPC5i+^F~
zyT;<j4Hlaat|8yMr6<U#5nx~+K>(!bZRRWRM5nZ&gk2$b%|lk0P6BGc(xA=AQu>`r
zoVfc`1*OtW8YQ!#`@3NukoA6JoWno}j2B#XR=ozb2^7g{z*rqMq7*ckMkUb=guKQ3
zny6R(dWBK6FZ&soBT-2EJv1<XchZi6aKvy1RlQD`RGLxFlRBMaA9M~2E_q4RknVjO
zo84Mm$WAfT-P$&Vhy|6kH1K!uM6O<5aoWz<Zfe-LAQ#FbVTlO}-Iz4AG2EbV3GGnY
zxK4fNe;k3SOqMR|;hgu$KP(sr7GPAxp<Ex$-_3pF;#1PoYz__dv0TaQHZ`ph+w)MY
z{!xHYMjIcmUzlYG4Oxu$^MwL?=JQv(1ANE(K}bP2uGt^NqQ8jVH3aZ>Xw#nsygXfR
z69dk&eOgp<a1l>kB*F8#19J+2t&h3*pXTMA<tUt6zjOQxKdBISy>4w{JbPz}uSm$v
zFtJx_e6?Rz-m-!%G+1GajGjY#%il!_BtlD8eBhni&mv!ucy7iQr1|+omhodm#PntV
zrbu#ycW;VdZtVh^2}py{lg@?VJymKhn6UFt0}lMDULzTQc}xvBNxrpae5u&AHci1o
z0W8|Het%N6Y5rztWv}HOy*aXH^Bwki9pHuphtT2MtLE8Xfrar#&XA%lAMHFNjiXY{
zL2(G#rxb#Z!Qph(AtzwMXek8G%05JT(NeQeS|`nQyecz@`TeUd|M-6~^5SIs&<D@E
zHs-phd>TlaH-d)qA-e*H%V4ca47X99fjemRSKWoO1Is+MCm|(DR0JD5v^e2hb1aRq
z#d|TMcd%ls+$D;bd8i9UbRuDAnZtTi1=O=tTI)mygbw01gcM#<ZD9(<3pAO!+J^kl
zGzhUA6Za5qv5s4|bgu&r2fsdM`04$j#R{-6qy1iVdx}foGx*sL9icbE$K0?&I$=((
zTB;BYi;YURl2p~G!ja$(wM8jiH^1uN$6S&?256*8{V)HDxinib{S|X5rFmURfp}!l
z^1niP8T!(kHtUgg_>AMayNaWRB`o+I6TV5?!%O{_jVAsBL!Bx;WG74mPP3<dbfs3i
z+~fTY-OLIaN@pJf4c;@uk7cFlMp$w<T`nCZhr7@=9cZpfwz3}H`23un0G^^4i2+|!
ztSsK|j(6LuEOBd1YwYMGGLt83oAs9j9HeY~JQsyrtE+vjYpL22I=?2hijz!R4BfE{
z;lo2**phQt@|eRX{$0-{aOvi@xuB3rA4-vksE7DZ%mpXsUt=zbIBRE;M&gqvw0qMK
zl@$i3^_d_XNB7hofxf$wyv-ld-9M^IV;>Me4*j153(E|$fH$b_YB(iq;6A`_*b*3;
zvl7(EaD87)m>W8W6~5IukKJoMY`W;A9_uv~NV`l;9NCC!k<c?ArFpk&G*1aw?+ktH
zw<4{ocSavtx4Akm&+IIXbgsA5o53ICszX8QotvWMiS3y=IbD`sX8$xI^HPTG(Cg<}
zk$+cg=G#sRD-7cXHkVeDz0n>IC)4~}pp2T_a(gH{a%tDZlM8g^Q=mPrnH2Z|%`ejd
z<~9rDeK*oxPxqIZN%s|_sXQw_+SqfgT;EgsoY`4u^Xh8<$_TuEDO_DycKG#%djsoU
zU50jci<vuXJLxJmUD25PP(SY3<@HoExn}l~#({LU6A~G_;X?oM!`6VhRE3x)8ZIm4
zpo;6%+dP^t3oo4Y;C2sJIam5#h-$O}j33n2C!As@-c${pEx?>h+(2i%o8`{n5Av(t
zTwY(LM*uzoL>S^nZ|4&TpVitB=$2Gn-zu%lE2Br(r&QG2R4+wG%_|nULgIRuDKBNU
z`S4ViW8}cuY;}%j<iI7|<N2B@%2g<5*?BJX(oDSYk9Y^mwqFODw3ch+Y;gc3lg2E>
z@mE{AoThhc_H_{-!g7UWoh6GvarG*$BN3<)-(J4Gs(Dl$pl3FRuQb=i$g^x38gTyX
z3|+-Lt%QC6d`W{_FQ<Q?d0#!;{m7_s0$4rdbue{Oc4OPmu6%T0-mz=-hIM*#&JuU@
za;#O!AU{uz8J>z<!l)V`E%Gc`3eA|^HcTtx$E%Zu-!9k2MGe+i!96{;;Ih$KE9ESQ
zn5pKl(9N^!EH+Z4A2n<qTn<FeryUDMni)k^HJ@4K(l$8g!em2HnzRtcVC2zAVzSaP
z$@cEw%(J3)Zr6;F-uI`2Iphv{diYP1FClO$S>!g7E%L*y5+^>LIpF!%uk^J%_j&m(
zolZ04+1B<fWR=!kU!S_P9<5!kv9k!5#u5Z|FTtWi*%EHTV$ulByTI0M_F9n&D|7B#
z#@Xb;ifVIjzMhm4bNk%vU!%swGmr9^i43AgiwhKwzp+hjQ^SV(WcZHa%{bLDtc+mF
z;jYQIW9l|cn=BpM-iJtA)AxK!%b|M_@+;2K{ORNbT0Cj^7|nS@Z=9eSw@}nN@+e6I
zKLmUpl7#lXQX*2I%iDc7JlbKPx{eZYo+ahy%RDh)OADY)O!=eXP2gRqw*<h4&Feb`
zaHY(Boda0pI1_8P-dRzQVtn2vx9lEirPsTWxNqp^hr#U<#n%H&!!iXQvySi|Xeu@s
zN%~;Z6xpvdE138CIp}c5icS=vXof9Ed8up@i!ct3XJ#_oBZa9vC5vd`lJj$l@3Z=D
zNSl-+2}2IJSedRA-*i-}ZY^}<B`y7cz>&L`4Q(bc2eC7zr>|QZWLS!$rLUFpJ%_1F
z`40myg>co)n^${*Y5sAO<A}e+II3uv?3b7IaFfZ0MLi6iS!7Ta`jgEeIv4z!_9>?G
zm#}LBFy8%InH$cS3qs3U?v~U+J~_ON^z>r|c*=|R_+Yni(4K?@EO!yj>!+tDdHJs_
zT++iE1>nb6BMwzeTRIx@nO!B?xxZ;A_jojsS}(cM^a|xkyQ`5g5?o|ueca{t`aC_~
z$(FM81g%;RBc7iO=iMAJ#1sfezy3VwoFR!9BaD~q+?Dp2L*rX~b3;j#_B6Vkdd#BU
zS-L*Pq{+f4zQU;sRUNIkP@!}Mjz_wp-tQGOGc*Np{cf-8UK_U^EY@;)HqCOc&6|$t
z*ETDur-Vq7QMW*2w2MF49U)q}gNBz46zD##XE}Gw`BoLTVE@iKMx0^QyhWbLc(T-O
za#^FXY^r(npXXl^OO{3+(~E=CnzF7zrm<UhVW2V%z+L-7hlV9h=Vpg(L=Y;T)SUOl
zko&R7tPsn9@Ax&f8sv*(FqxLSrj_!S)ESK5Nq;$w<!xOpUpEnF6QqKFe~jDB`)>m<
z!8a;xe+OV#?{BMH9x}Jw{6jA-MJt8;cl7LW5>g^{;F(FLZn(GO?NtKHC^$42q!(5h
zlc+m_<!vC)wET6nllumw#NSxOqa095G1Xcy+Z1oxD|o@ji+?L}CT4G8i4j>!68Q4_
zxxQQuKGtq^z5ISS9##Ken}NZZe9Qp}Z8>@Vv9GL?7~njH)3Yj}V!DzF|4Vcll&Tzc
z1|k99oZG~UiF}y|bE@#=tC7Lkq`O3^zvul-$qJLZi`5;`^71r#Xp$vH0uYIWTxbg|
zt6m`8;H-Xfc+bYY^h)!3HC1Tkv>)ZPHR!7E48JWb*06VTxzmb#R`uc%t2%9Wj>LD}
z^Q<;1*zSlaSS!&uL#It$o9@N@%)Orv^H~d@OGKqLSoZMVDL~C!vr@#}r%CGk<g2k9
zk+sSkm=isHK?^k}?$3N9HfFEEeBGDPi2|mVW<1bU2;NAT<d|o4$X7X$wGJm&%-Vgi
zUDs}*>H21yP*?KDNOecoz7&}so11tg9fXftFi?tivKb#?DvKeix<QD!{z0?T@4aJ~
zX%Ya27=W*jgM-2&fZ$TV_cvg3_{i)-{}o}7&LnS|(aY5fbEh{(;(XF4e9`^J|7}};
zl=kBl#%tqA&*wgV8Dc0i+`~0*#~tbS={KvNbAd7~w~uJNo`7E(+%EGUHx%_rUo7NL
zDJG4nI8oFrzJlWd^$YeThhYeOz|)o}M^EuvtCCos>CM*9()$;GNO{8j-p=RssJGGq
z01mQmrtu1H_=5I8qm)b@L5b%)o$p0i`-3GX65BGr2fJCUhs;+USf6e?`KwTo?eFCK
z8^oruZtnOWOJ%aXQ1k4<TT9_O&eHk*3w_NMoF5!|=Ax5{W$c}EFU;2MGk30?;p~*M
z)r9&ASFOS>z>mE45Qm$Z^Rm&UYm*jIv|U2V*VaVNt8_9`pm;KNX6L?cV2Y`k8K%OG
zcN)W?59kO{S`D<+tdDc6>$!D~KOWxXng}%Pk^D;o#vkD5@yq{)2(U4H<aQ-cVR`(0
zRuISXG;236znf?ZCRHfdzIMi3MR*+j*L0#ww0^)vlS#DAfk25H<@1~8vxi!uL>S&n
z+&P};M1FZPC>?{BIZA?*nK|b%$FMpsySZ$?DlSnr#Tdqr?b}K?3qIdGyL1?1_*Ift
z4~r0QE%)`_T_i<)3Zlwxi^$Riav8K~1tw(i83k;P(83M%36Gh?0Uuu|<y1$D8}RtJ
zCt#Ojy2IEh6jPY)aa=Cr9ddU5VbO)|e8uwhPD?MGnZ`*JRy>ugcO@F@y3?a%kw&r%
zw5xIqnKt;8l9^GnSZN>T`k6Kgn*&6aTSQe#BYt0HuhckUa$;a~@Mu%OdeXlS$8x-*
zp~st(u7F&vkNjpU&;OSPz}w?@Jm5r*U;8GpgKAuEK&c_gWaWU4@`L0tPu^#;_Au&f
z@R0|99unITwrNyCL84Jf|Fi$MqSB|rEsE#+3YOeB3Lk5vauf9mOJKtxwH3BiYs8qO
z5q(0+ed4?-xMPpy`5xn0fW3`Ic8J_6rqrpa{Ueb&QQ$m5;#_%(*|ZU_5p)jWRhBcL
zSe1ymHH0C})8_?6hD`W+<c@@hG9ER1Oj%OytKw>|ilWxB%gl&o{+eoK6?mPi%(9z&
z`3V8P`|oycz^rG@<+rtKz=vV)I3Sn*$^UZymi-Cv#qXV7`;+y-Q9oibYVYae6+7=o
zx*vu(-cK&#k51^M#9D?=7^cyKCa7K^%{#b*@j%A28d-r|O{3`R<VHeEaHf@#ID9CE
z!GZyOd9IFq6zIS8_yK%48U!s<axL~9-R7M;H5)(~clIm*8T8)&*O?#&cfRR3OqER-
zPqcUlaGgd_btx+}?Jn@TFDb>F8)IcJSY9I$$+2gy2DKE^yT|~VevcMHXnyIDEvAb;
zu>qE@yfaAzg&f1s<_>THrlI~tCchLUVjm9Xw!RNmFUOaQwlUCCdmn3}B)%6vH-U<w
z4O3^x6!9Z!+q?f+Ad28k-IuxjI08^6@T|JZ`Z@cjf&(wq*n`{W59UX=AZM?W3y1@i
zHy+wuSo_D`F8Uizt)Z3Zq-92ZN5-+Jb3!`0ZlYMM3&UHI*Dy?-Yo;iTt4+j5m|XN(
zz)59cnm`Xs$(-z=hR??%B4pg7^-*sxQ2zYS0Wd}X1Tg;uF#jh5m?o)z0+@dSn12so
z=>AUyFs1*O0+`}|0+@dSn12G8e*&0)0+|0H05b%rtW)p*jH31sOKf4D;uClO7l6q{
zIKA>GASB=g3Yg*l4FwGGar3_j7$xDe(o)W{KLTbrM_mB0bkRu>L(dNgq6A(keJuCy
z488)NkJy}0F|X^l?VcS8_P%{aTxXOJ=sAgPG?JDfwt&tTXY&{z5QS1!ZwjAt+-eFI
z3NG@KA@In_AV8s`@fCv7J<_z~qf|@?*P6@E$~(w!O2I+}Jh8wsY7&3DZP97CAMo&r
zHZ_VCKRQ3z+1cse{{4L0|8aZt`p$%>EPb-a@B2W;>+{8I7J`p;c_~xqae6!Ah`oT7
z8BhJ@7fZs5wsTJ9d4f_5+ernq&<r`V3r(X2Ld4Z_qucU}m$rMYuZQ;L5}zf}<`TUN
z(zjQ;d!+OmIalQLYg;uI{<{`Q^(vrhp=Q7$Sy{|qAKZ2_UMS3(Em1;mZBecZtQ4x-
zLVTeot$<px<D@y<FiMryS5Xrji|0#?7(t-KHn%+J_!-PfcI6+^KDC4p!AKVU9&lw_
zuB2Bdnt`neu8A<7*9$Pw{~%&iU5u67UH0dgNqWvdakg&JGzng$Y(fTy8^w7#rxBXD
zNm0fY$Cqy<K+y+i$AOQKMpduYPcwCR8JgM%>w!DJ$`cB-K5LTZpou5sU6&}X%`lhn
zUg)v6p|g@mCr|3kYvaN>RS&fd{4zJ_!(nL0;y}HGLH+QoX&cXpKo4#;Z^~09@YzPP
zD_J&kMC(q5<E50`Pr*w}pPEA`b+yAXx+=&!(&@bjKF89z7)3JJkZh|au-u4WYjKH)
z0<|-2s3mmKmW_WLzGb6yoU28@t)RPR-%5q^oA$8uV^-6WCr9%6c>2v9{p9u4tQ>AE
zoV-)rJy~abw$$E=LZi942s@^tJp?_721|Lya!hMiF2)lF1;UQ{=zyE_C*1(iPmlHR
zW(f$hs)`%*s&|^nU<lG}@ICS^kqQ8oGexe?Fu9bu6zHPTZ#=083v0{sK`vVUc@j{|
z9f0|jZRc7`%Fs1njZgqQRjwBJv4T|WUeOoXN000~j!w%n<I+bvc{w@Jr1)X$NE7IZ
zSi5Y#SHIo^zeGSk90({Gm2`_y>!TLqs>Z;e0Tb2~su@jCvmuDT^FU|ipSFz4Uu_xk
zV6&lunNyXq>d%~kFm=`c)|SCAIW6;!)Caa@RK?*(vwWgqWBTf<b8;v9Kc<1FDulB1
z3HpcwzT@UZngOgk>GyS-&c8dsD<P2IU1$84vn#S(L3zG0nKH|#F5y+vjuhoEa;dsX
zlzgewyMl@}^^W;Q##c$XWwy?Ju}U<A(NBgRO7A2c6do}Qf-Mt35J<M$<kVZnkT)WG
zXsH21EEjc$ngF&W*~@zw`G6|io?ebI%I%~jO8eYQe(5Y~haSEXgO6N@Ub>i688(Cn
z5#VNUtTxFkyz!+KL{^+7vW~_nFQHZK531>en0S^L`B6Ozk_uMLJvnUG-@Uydq()cq
z2i2&2GN!?xMM_!BG{o}S#)+l{)g8JYINB+KmJIzFea*>&L2Y+v$Z^&h*_T_8M>osV
z5G+DY5Y5C+o`uO>3bmo+ukNUXqv8JzicA9K8Z%ZzxKpYd=f-?g@g=WI;EEt(NKtXi
zi2+MfmIW*lePWywD{0>%`V1D5BBH#<!UaXo+YAlU;saqm4%y2fb#cfxHO`p%7p^f3
zsK>N@XlS^qb*lSJrnPBg-e#g6((yZFSeXMJ_upxmis)!3N)?pW7DH19AgWR6og84<
z@76v$2PGMx(|6$S+oa3&#Bh#@64wKw8ln2%Ge<U#KveSyh-yM(l{AWgsD^wCyT(<H
zE^aWygzyac-YY#p`VXoxM*k?*`c<UL43*ou9c+a-G#d##sfApHV%VFKqzXFFIdu9~
zNkn9rI8EwF!S%>+%-*$4e~b?2mngQ`IrW;eML0k~2iAP+39YzNFf4_!Biu7vbAnF)
z&?ESFS_XVhH9j=!52~Rd_=9S+|3)>M;~79yqlk4^yoA=LaoW#nwZsO}E{3z&+>9+`
zqB@lYH?T+J?-h`$7fE`nO+fK^Cw$94Ju#w@h@SkbDb^v2Zh!ArjKmG}>*1!RucPXU
z?JHFfj*k3!&*5-*kaw*J&AKHj!uQ<?hp_CJVib|alPtnzoxNCHSX{wXLtUb*u&)DU
zq<*(EKWQ>xY4SV59K{e?ASNp!Ni?}r-&RKI>Tu@6Mg`-yZp~c*_9>t*d&v~s^y&JC
zwC#aBZ@rLVuRwGupG$Zt@Zx{9*GPW5&ZST)LIrYxen%&kHzg{fmRo#EA+zo?{Bl_h
z5$}0?@6V&XU+aitx*VNlXr<MY{!v5PtBN5$(-1^e@n=fu;2%>;zbTH`#%qR`y+Fz(
z_mWI>a1o17k|MsA3v<k3ElRk!z2bev?+1!*zB1ytiDm+dK~=uGw>VM#5Af`-78<eP
zuf`P0%{R5hsz##g%e^x}L+tg7pyI0D%4^1V90cZ#S(8VXoFe`n+wkjJ2jJC4>42lQ
zWII0o8E*Q|TTQDf%mN^(bmw(V3BJp!FT}o5GFIv1#5q*0&5F6gv^#lLj4^sNEX~hk
zYmUXCzu9MBlia#aBtK&b+_alFwSi#nxFV;iKz8BigW1vX5LbVWY(DwS`MZjASxtWY
zvxHy_HQQTe0XE0El_^r_>B3Y@eshbWB>oMmYBa0NR^)_OSAIC?;JoAu-TtllMz_`U
zR{r8ua>sDE${$uUpRlvUVO?4Qb|aVCq|^>#0e1*1gA-p>mO;J%Mx|`EB3+RN&rqai
zlg?@~c*xeBbHQTaGQ@$i=f1W!@t(v}dyhI(S(^?(zg<z~dZBTu4k?c&DeTrt5~pUe
zP*_!y`1-G`M(+=+p?-d%J)~Yx2W}+Q(R>P4OO$(G*UmUcrfU4dYW#JO<uq@8qC&VM
zR`)(a`xXE<k}#)WZ+v3DINHL)hi)ewihaIF&Dlif&{hfSMzqQJM_H!&Pg%yYm%r*y
zS*8H;d|-R*F`y^aDu*DMscEOKaQm3vu^q)h%TnR*eI(ew_mM_w9d1l!egsuc^1A)3
zQCAJ8V=uM$9_{dM!^uBcu_PRxSA*=?Xj%WVJFmA&Q%%<h->DnDM2Ry$r{E<WFhWG*
ze221^V-iL4B&98mi`<l&TZ@h__8b@m%I`?)RQ6X{MslR3JjceXhEmwr8x?wr>Q7nb
z#2^Ev1g8_)z*&zIM7~Z&C!usn_fJ`7|4&(FJ&rJliiXOVP@tnbC6u}nw1>fQ_=<4P
zf}N;os^ju>%);n_9Qr2fD)!(nRx>^hWHmhQGSYhwVrQhajmF}=o#z?M@xK2k%ghK)
zT|CI;cC>ppaA9U291O5TgVXXm;!f){7@t^Y*Z5U?v_LcI&5KQcYrmgVMkr=rznH{V
zL`rNV4ex2XIG+hI&}ayGRg|Na{7iX?treAWumfcR3Dskp9t$%;0aP_iZ5G)3UZky_
z?j1{$t=7zoc}_r8W22qxcWR$II|~C;HQuEWbbnM$Oa?@aHQ%pQ+ccR=xbN)m-?LF-
zN+$n=W#}>gH7uirl|=GaSjL6%WS8Nuu#7sypRf$K9w#Ep9Pu)6BdM;@|J4WZ!@Euk
z+UG-FQKpw#T0k&iW9<oGMNB;vG$nI^D8jSpFW~)AbqV0{d3gGG_2U<eo8YJ)a^GdF
ze*k9oWeDuQ9Ta)VbXT=iIb)a3g<F7|Wn<F^QBegYh(PhX>#gidKxx_M$#gd4P?1i-
zOYJ4++Bx;TiVPIbIi;Cb7gb9H@_slcOgnRsT(#DF%s)V~t_S%Ojss22!XH!9#AQzU
zm#HydIEJo4^toybU2J541+!c*+-VPK2UE*2E01=1e!ipEFQvV$>R8>~?8Izx5oqED
z{&KGu;lq0#o$}dy{dL>L6TjCxYKc~gi71_-DJ*{yJWFS3J5GZq{N3EjHhl$;zzzCz
z@RRJnbY(;*|L)2dukkknyE2zef4VZu^auaim2uD&G6|~V&tb~uw%)UeNVygIAt^~;
z2(8&;<NuF2CEuVar9-1eoRl$u2HKPp%=LvQvi>l1_m4qF;BX_l)p)PBvy%;QMd`NU
zr69dj;@n&u7P*W|{y5ww_r^YMe%Or<R(S7`N6-C6NW|8CI1B#|sR8?o)YvuyV`96N
z4t^S>5}>Z_s7yEz5%B^pU2jb0|5#CaE*d3m<ibw~@S0$S<&PQLX*8G5<qrOe^;cIW
zPv}nhJDpr3Tuy_*n0oV7`k*G<VZz@tN@(6Y3AQv1;`Wn_CR)}Xz^+Wu+~Y3o^VAor
zQc8smJh$2#@efJMqD9i`dF?%KvW!0?O13Fz-^V2)w|c$ZjUuA!2I%W45tPy<%6%;p
z0G#;%*8{NA2>>e=g4N4b<6uyK;fFh6ZrB_kkk?!Xc%Z)cReTDvPe#c*rdGRaDDK8I
z$PbOfBSNd|BNNjAN)a;JZ=$iFXgIu$L`8C=!8%{g|J|V7i7p~J0{M@r@ln|(0-BnW
zwY5K{Ciw|X#0qy<pjCVy)^!8MWE@Etc0k3-bZ*#VW3j@%LN8Uy+Tt_(s83RU^(fA_
zH4Pcq^Ow5Gd*i|b`0_Yg5bG`s%Yeo3KUo>RXfNs}uR#O@+dy)FD76T-mSy+WFgPs$
zC++7|eUya-4U<4kZ8ry%OnAiafkTrVva%qlSva@y_p))>NRet*ozL{A?{>x}YsRAB
zinb@!wIDv*Pcgnh%x|Z_tjwF|!fF*91C2)|rs!!D&0*1|KHH)<Y*2cw#NO#=#YRsB
z9gDaXzFp5G{ldG0Bz(oj8uLG!N}FAhdi*Qg-0vs7e$P+0Cu=#(Jt2Qc&E3g!-mW=g
zctK#?A5yc)67LBlHGF>LT{e+9PJVpQ5sEo&UWeXt#SYe<cd+PkQS;648iN(4i(VB;
zU!I)ByG1|RY^r50h%kH@Z0+5h&K$-u2s)#kuYik6I9&{^G5pNwI=nTCU0q@&QQCj1
zGH8FQG7a*Rb+a0vfxxQFgS-H+Dr43w({X%!sH^0yUUfFV$OFf_Ifa#Py3t%~;Z;oN
zx*xckW&QS9Ptix+gq3d`y#GyUU}5!%pfS0Qh3aTZ!g(aS4Rl~cQwYBfxt>``@y?lh
z4Jk<a&!Cd#pFyS5&(gWWj;X14%H@0DQ|tm})aqw3lN#?(EqE+=a1gG%wvwe`rU8fV
zp9QF@+HVuDZesP&Fmb{aa$p`8gkxH{>{Q=<s;fT^TQ_p^z0?X89qL?aIb$RXNz_ID
zOe%fiG67C1O$|Y86o^*)rhVN(=2*m5D0_D-R0M@D#de&vPze6X)%~NPyD#QDqsala
zBtuACN5c8~2o;_b>CJxY-g4;`zu)8G#aWyH!TawQ=SE`Q7w?-j|DF$1OV<4~rd>tj
zuhp*i|1zxP_iSR0Qkp;n99EL&4KK(*lKdvSPLaGH$~0rjTf_0y5($}+d@zS2F3>&O
z(kkjaM@;`r>&$Yy%$C8nA+aIR!=IA_p7Q<c#~o!o;ud(l#}%{zRb~#XEdMY$wpLix
zPNlD?W@@!{AB9z_AhyOoc9p^^_Hp(DJ(Y4J5UYHjFOTnLYqw6=a1T@EVhHvROWFq<
zzD$xhIXKic`O+R&{6Fm7RZv`iqvm_u-66QULvVL@_uwwU-Q5Wm2p-%$xH|+7lHfEF
z9D>uQA^&&p_nbL0Q&VRyruGf@O;=Z~wSLd~ekzE>jKulDYPuT-4A0b@HlW>ouRQ!<
zk>lQb;JO4XMBi9S%hxJR*3J#kn`Hr}>Hmq!<h({@w1@O+t!EwH0~1iqlOvH}n)sZt
zRez#$CofOH{99CpJzn?UqcV;Pv9D1XrpT6mqB0F{Q5m_nsLZMUTU3VFXl!Ee*e5jm
zL!}*PP~$mJ*~YgyM^)zJgrY7O_vi#2Ce!*=1}LuJZmPMwxdX`CbfW>XGz=#kY)s#6
zl>Rl9o&ht&&po#n?YThho&i=weCw+TqugK8cTPL#z8R>qel)-l)R*SY?ZC49<@mE9
zTvTrdk<RESZA5|qSnyh$GHxQKAN6ldnaH=M%tJ<NbgqV|uh{#;gjZ9^)Z(9}jOX8`
z3}wT`&%K`0m>|Q;jVl0XPc!pHXgu)t${X!oIpRM}rRBbV_B3k$zNcx!=a9}p!Cb~L
zuKhXRv4z%V3GeMIlU4H5KeC6*cAh2lWBm74F7o9nwF43^=c()AjiKW>>%%C$`FGVM
zjp>yN#-6b{jdKeR7tl8W3=+5>=|}=;zg9z?R3-W3=GPb$F(~}}MQm2Ox5`QWTOvYO
zp2OQ1OE)WAm!149flUL>4LWxee(f7ONcQtyIicR*9}5hDjP9-uG0Av(?`ISUyzm3A
z%uC;&2?=@n0!{xVDmBK0VxQcbYJEo{_j_~~qQI1^>2>4-iAv!Ah)NpG{9{f%?un&T
z-c6$gffLiB#e|xl)Pja2&nhI$LskxvJHOsl6zx~hwb4TsFG8(^w8aa*Oa59!Qz3PD
zK;>enHlaNn4M3)F%rSzNt=facZaYbK_q}r!OFkMBJFFN>d27lXC9Hr9wAZFg#cNY$
zqV{i7CUc7lcf#<kDboOI$_OI+`m72yr)T(qs2}S-8R^T<Q&H$Wu~vH3Az_TY9WjLU
zVr2msjVT15$hD(pjCCi!gIkZ|H^}v;P?jPH3&tC0;Rq26qrSAqKf$iE(U#N5b^4m3
zGc`hZj0O($nHs+E`|<fr0zb0kF}cVZrkT?e(5=We{C53<>6zvGovLPE+wJ~l>suEw
zeo$N+^y&^~S&_}caxV$#A>GSCi)?_u`o7z2SS>Pnntf6B@a)(-mk!oy3js26{esMo
zrIXWgW&F%3#!ksV?a&G9eil^+fvlpbKN&K~PcDf91$kx>bf1SZVI=skwHKk%Ek)FR
z;#3&yUmP+pCc_QAn@7yc5mEX`o<Pc54!Y8#jC}=__{I<xr>h$F2bSDxPJ-3u1p`jE
z+-P3%8V!Dddu{?l2SihWBmxhCr+Zgaf9EuYuXCE0TX2e+!`rj>f9EtgP%dKYp6c|J
z#+nd}<Fuh;U;F+AD*d8ms4#14cmtKnysB(95ne$h8JofOMmzRtDqz6Dv+?uOqk8t_
zb}T2uLAKk+T%eUQXigJ30}5b&0Y2W@C#U8!+5~?(arT`pa~4X(EE~^;-Lh~N%{q%3
z??Q_G&DQ^wQx;Bm!+JS-K2}ieJ0<N71A^$>>a8dNuRdi7u8x`~O(dlpXaA3bz{C5u
zJq-<P^ez^{mFmWYajw4rXivlU&z^?xbx)JIV?1a<0@~B?zua%c3O#8Duyq|=0Y`;b
zG*@e3_)x{BFGxw(R&G|@Pk%oE`brv)GdNz(s-jqOegZvOMvX(rr}yJJy>GI41B}cA
zi%bviTqHt;xLF!{cwev)8>9Y^JUQ2%>pnl_bqo324A=$YR11z=UiAd>_<b|x2ZjO$
zMjnAiLi+LBzY^Ri?Lx*MnM`!1j02vHaKvBgAeFJCo?j#llmLMI?lFS?231r$V-7ub
z_L-?~3o40vpR|TmQb^;k$rn2ni$Ks%N-r&X!g9wMkCO_q#jd}<seCZDgfULqAC|91
z)A&ZluH6CtWyG1s2n1<O@b9X)k<@Mo%;k0<Ag){RWhG^uyJfEB#SQ0NS9?R16GnYw
z^{fnGY-gSgxNgnSzZ*>jiX|w^PRb<JDXa=sZtspml+(a$iKTD~^?#Ni2vhH7(Cl*g
z8e>t3@S}U@X_8A5qxiKbGo&Q<R+NF%h0D3kHJ42>{1E*y+tp)2DnUA6Y@f1Z$&U(5
zja1&lP3*InrWW&Vu6q4jQ6_^ip$zJ^D5C=Gul+R^Z-X!Ofy-lZOo3fY*1T))9L%Qw
z2N<&UDlhG|`j<YoiXgmG;ak|3UJ`DQr<A9DEzO|AXZh)F#Eiy`n&gZfEL`fTqSzE3
zml1#Bz2XkGiXF=!svTwof>{~-E<K72X_0!Aj4pY4<~+z#Doi<LY#WS8PYZ7LWlWV!
z<WHYaR^Vo7e)E))bAOa}(;h1ggFL03FFT#{a2X^LeVz#P(;qeJJ4M*K;DuX4KK`<U
zRZI(F!F?_<aIr}wMsEl^;{oMl02Sl`Uw44EptnOGwMTdvLJN0=M{ITgf|sD*X_SV|
zXtbA+3b=)3dUQk5%>W~^jZs5)-0cxScXv!!pup=!#fGnxlL|W5LYq?zV~cinlZVfH
zhkqKK0$jUj|1BpIp2BI|@=s1C4=YXa(?2;GK2T0(+8UITd7vwO&B@H0rC@XHiV`nq
zV4y8{qt|V^R95i8T#=Tlur9~9j}y32rI7Jmh8VewvFesZSg@6T*tqWj-Wvn-8#*38
zXwA)@)?6`pf1ph){KJ@$h--_dz!Dnyo6m&Ogz=x8479dHr4Gr&^dP9?tWB8vl(2_H
zRse+?HISHIz3h3UqC86enc+86gLgri?YmEM)p)&IkH|3`ml15*RC_8P8pLa@$Jxed
zGNBIzWKy8vF$szdOjKfjyYR)xGw$T7l=lYCz+zfUi1D&C$Y+b05m#6pC7m~T^GNP0
z?L%wKhO?cIL;ZqMcWyz>xJdxx!QSQhRmo(U_?`XQS7;=y{}WmsUVA>3>7GERh6iMj
zec~>hTV@GTMY3}FHusax_VKLUrXvPEYfZgbGHc96t9QEVCFD|FT>1o3^|WskwhLH_
z#P@{oPF8WshQYR731Q?ES@(yMr*H%_B(cOx61k-F1nps~A##ms4(q<d;_1Nzau>Vx
z@K|WqqyXh{I6xXlf($+gR0@Fvv2291>`|B>?9!H7R^6I;$4{ydMzlda86U;pl@jPY
zGpXS#n^j12w6x?Apq@<TYfq+G&JUtK##C0~2iZ#IMyyIoTzZa0%)4sltr&M_5tV>X
zpQ9It!NID*9&v#3J`6eUT*+xj-|u2un4%Aay19xQ1tM5_i;cy*i3_}tZ3DmD<8tCL
zM1N3lgfm#HSgK6ZouQ-T5jjkk+LZ#)O=A~qoHVV3&=cmRpZ@k_*u}T^1P=K`tUA%e
zRMPNcQx-O&49qqXx@RpPT2jn;Bp#LX0tJVuxNN`3=P#g|M5E&xyNfuD{%{|GSQL(~
z5SLedma|{6Eo&LEjW;C>xVzW=86-3(tlV(*!npan5J-;*IIoKmUq`+CkteBdsZpR9
zs9RBE?b^0(L{@Y3AO~jEZf5&rR`C(nb#SprrdmHJXdo(E(L(C(RaC0rs18F#?*q4q
z%EuiC%IH)7o2Vq#dzV1C)jmzFNt%U*!-EUZQ^q1wBLxISi%_kFP(JEeLYeX+cTj3K
zN4Ku(z%%4T-S(J%j1w6Gpzb$lnkNeo(SMV06tY?;-LbeQ4DoL&apbtvBcl%0&Jk)z
zJgO;@><cgAWeo}WiVmGv>+BZ%QIKpW{d)x)ZEX{!=zoez#2GDO<IsbdHvfo97_Xv|
zeL6b?AtFdrg3GI{)mL&Hy=$F;utMIv=CH$4LwW}-GhvW{8u}_KsU7BHo7%w2c8X&$
z%+DmscKC#dp(qZ0tSxQIUzHu~8U+AkC%?Mu$Bfvpe;F(&#>k7+;$dQa_EsByVlST*
zgNTg-8NRW_Q4|5o3Xr6%ZZIi>WWTwyo18}Pj!PqrmzT+0$u67AGIhj<lbO=$QWY1F
z3;G#vsu+)mAD?tPi$HrCpVy#_P~e{xP1=dBhrdCYu$YdW7~FV<GHBxDkv2yMcb{pk
z?tYGOe9A1!KIjcSO7!(=dUc-C<&Z*6(K;jQI3zFTk!>R=7q=>VB0q?7349eiSp@IO
zWx5#FcuJ`p?PCv=zSdf^=__*tI_ec>R=IkFw&RRx<64br@Ox%R{5zv9oph=6fon^0
zY{h`ze+X#g@Mu1J;E^U~<4djQe7cdGz~rib7X-z>Xqm$yuzUkgrtJ`pYjcy#O+her
z7)}%=t7NT*m0o0*>r-Eu?=+o_I9nlP)=x%|+>2FX6J}JqCSpa$&X4nuR@YdMe4;<e
z1FzgD!+H@CVSTM9gOSeurE^UbH4_?<S<m`Uc#y*W9$}iFhUaOwG&f@qRFJI&DJF<i
z8vPGaN&k&hTKh{XeNYK+2D=z208BH`;__DawuU07kQK8`QFF!m#7W`KieJdG%0+d6
ziYXXN1Zize8mDsSMsv`~HqOE642TbAT@3Lo`&zF>8TX7!E_lV(G@Jh<l@MM@CAy!w
zZ=@3bE2*T_1tOKwA~J}~ndiP2Jm`8Sg-IAk^P48Qz7}OdUW+nztzU;<i!#GfEjB{d
zli|~hiF6r9so`~*;c4~xI#I7hnUrHtQHDwF*VyZz#`vJWvKHxYQD*q&wJ2ll&0W4S
z$yUKA?^iAs#MYSQ+Gj}cmsEn1Nq!}jJ}q2>i&iznx0tct8E(!g<c|ecmn;lE5P0{R
zP?slFc%IC?6=jBLUW+mxF-i?AYYEnhvqNCeAI7)PWHus3G0LGF6digX$-N%ArFxZH
zGN)S2s<eIwQ5@H*BcR~MGs!ZHj&ld$a9dP@BdyE%YmO8Lbz9P4`eo&auXnEt_lX7N
z!Q+%Ns+eW=3MC^slo7kHtp9dS>=XgeN%fD>uIOYr*hW9y|Ef~;qok!3vTP&Uxh1h3
zwOc}-ua+UW>+Rs;Uzmn|0OL&At_Fa(JE$toZ(9eHv9=MugV1ofjikuTNe;*A*Q?y?
zYAp&YbAU!Sgc{|#8P_Pz%u?_*iuyu<DAhqksk5azpDc<h=dx^_Mf}Npf8K`9OoIga
z_b~YI;Wx~p%w?RUqUAO?!SAqYzyIN~=NMFEQ$FiVi=a~TMhO>`ZO4$sm@z~5Fpc_1
z5Uu%phP&y@1hg~&h%>P#+&?SjjJ!jlNB3^W24CBR$K*YtATm-fjr1&PV)AZTfDvmM
zRJ?FDwBnua%_z&fhu+E+lGCR+l8S|TY-wp>Ne{ztgg$7hnOrlWIqDm;b2F15*N!d;
zuoL|ih4J~8<VBHDS37FJY7~S0o{~WM;HXhJA#$m%f1z4CiFMeBJWYta{5Pn1X*Ve=
z0~O@Pv`>;?-8f!`!=orh_jQ#xGZUzr3Ry!ogAYhBhu{t2s2=E(7&me`_q!ccB4%h0
zQOFH~90ydgDt{vNqt(W`2E0|BU2Uaw964OW#mU!-kqV*1aI+S*^<?3mw%dvk_mncB
zd3ykNf0Hu!Qtmo5Dp-v2#@sNYQA5(4nqO+Yi8Wo==l&*T3}6r*LNK!XEo8SqNg3GS
zAk<taUOc~{23A~CC*|J6=T9R{GpTsUq`K&{{kRg_JRN7-eo(Mki1r3mlHDs<20dGa
zi&IpF>-juSOydJ&VJusizmIvM`}3nrU_<MQq1SGrcXCwqBs;bG*55^WSHm1{Y2`zb
zki(Kf6&BJcGG7AW`py#bs4jpR%J>;nHnYMJ&biZ^iPd>Ex56{1$M+<#0|Nsicc9xN
zkqY$WlW8(aq;b+QX7dG|oSV{KBk93#bMhr>G)FfoOkexJ#}uUJXYs&I<k9!$2f{>`
zfsXnemi7{)wO{^JlFGht03tVA3CF;weEFH4VH2un8zWaXe-njAuMYf6RucW99f<N&
z5V#r5{HUZ6{wwZ#D1s9a`A&7{*5;YtNv|l*ZD`TYy&$vbEeBXp?b1a$TwbCr_b?A-
zX@{xajayji4@P@WcDJY1*7o=JBtq|qIj4brpi=F9PvT5^490-ro2#_&kE=AG@05bw
zn7<o>gKO&*s?Dj;#_EoZ#m0B~Ih{2sNdtAvf291iD5GY)`C62*osl)CEL8glA@%)I
z<w#Be8+b>L$YRqM?ABu6a5MM1s43)(nm)V&{nJ9Xww8@iZ+l*R0?{H;N#R0DLpO&S
z&(H6}y7B&0wzvF3>1rLYN|=wD9&|S7`!FG4?lh&#+$fE})gY&>2<OTiT%evj<SJp%
z`lY#JX?f*a;K{&>YYVXqq)W?bekj=bZDnL{+HFN_Z=A3tl?8=Wte0Qckbt5~AKDl*
z>K-vnhPG5!Q2o6^+4ic3tClm@HR$#v-$DYv@5o!V{yfH;-cMB*oJ{;dN0ZY7WYQ?c
zA1k3xM|A?h+%)z1$(b`)|3ua_QptPwVMtn<<D2u65A?k>`d@^$X;|=+M;Sk_@F*{$
zD(2}oPO(!|@fF0=n(!?3T4}?(;?(AhvmWtQ+(fk<ZP+rh65H5oCOSmS?jcr=Q}5zs
zt_8ka+vWb1mB0z?2%2vQKg`XaX7*KQqO0Z`?56x$HA$*O-$D407YuH<;KF84y^c-&
zbQ``)?W<Wu+9`+_V>0}dh}1u|u*#WGn4S_0fQnupeU+7Nob`@hWu=(SobuM(B%;u<
zXFTw#ckr#66xHus*V36?bbFZ;{_KT1PC<F+5lOpXynD7~tDSq5m7+ni(x*k1PoI{O
z;h}m0eD1j7?kvUj%i%_&pgS@=({x@pHFnfG?Qff!ws4%#aeVdZkffHuT&;Z@8N4>C
z+zde4WCL8N!j3G(5;4Axg(h~b$&I$I<}0nFqSXMRm5wu2FLoK2W%-mb%F;ssGBOhS
zx%H^2Rc$CSaK+){CJuPL8#(8v^m^El*gyMNLiWwz3-Ig98u_qYk9*_uA?z9MYpBW1
zppd$?TA;J|j=pSXOyYQdQXOEUA=we5V70FV09@+=8{uOoq}AnjmqVS6FY#rxHWhd*
z1?`szpB(!tL?r@quQuFE>8)~mQAibZCsRwfq>p3R$^nQ<nm?1vr(c^gA6ASgNM&b^
z##-?`l{&cL>Lpoa!%bsz=19%VKusC7x28<>I!gs&nM<lSLAqGfJo&Q(WiZzqOJYai
zbC?RVC8#NrkOOMU1UN)L5+>_In|XYY9<&~^x!FA;du_@P;eA_ljZ<lzW)c}ljw7#%
zA++ADev_4If?Z#d**+e#1yPCGOuN?WJF|FsCSk``yvj<Ny_qpX2oi5i8DdaVCPoC;
zrR&_A=U+{kxVNUv)I&A-c_}UJ1V<d>mP#}%g@PhHKysQ+taV{SGbat^ttpc%@f7~A
zrp$^<nh@>TOoueN3#ciRgD9o-)|7F5ZOZTx>^$@b%bHcNyf$UN;15A(_k>=52qVt4
z;BxuAx1)pfXE-wi%;@TK0h!ri_FnGQzFro2S!*#aln=0vjGj<hDVoc=&M23jqG%od
z(_poO4!!|MR$4r3s6+BTTjJ{o0_Es&b5QHvPgs2!GT13h&KLwpsxWq5@#^P*WThaG
ztW;2hg;NfamBu_H>~b+DcAUvpMtmf?h%Jj#US%bn@W65$ZW~RcegG3s!7AiMW8o_6
zRxo$S1P=$sxCw7YJK-ihoJ^+qmCP6T=`KVcWEL+(AL!6L^W<CRt8Tz;WF0)B=!u_^
zm`01WONwM$(pjUOk7R5Y3))QtAJc)i=tt~gGOJfvDdtU9!ucyJX}P}2N?0)d<y_FL
z=|1Oi*<8pXj>!?84h~Xiy4V~vq33OXn=;#@Pj5|`?boKvHlvI@ygGhFyMp#POKP~e
zr=%Yn6Vv>KriLSTrKmv;s<jX~<Ouk4wYWnD-6s`)r{a6DDaqvM?H>(sXh)|kFf1@A
zWDIO9vy=VZtVdBBomWkA`yp~=r=|wUq1Am26@@Zd2~>eCY>ZVA*IR68ySGoeLqL6t
zfES(;StZ2%jC+EbO%&i+-&TMi@c5;1VB|sh7Ua`=I}(=7lVJt@LGVc@SFtQ4tDI4D
zPo;9~HuJyLf*cjNe(1?%x?JXoZ?KaBHD#EL6#|!&H|P;5tX4#^G^NzfBQNFQLR3_w
zR@}T&-LlP>x9tRjG>R`|*=yn>=dQ>4>EidJKT4a&9Z~Rg_@jJH*laONAznz5-qS-(
z-Krqgd66z;0fs11b23T~KC|&-f}Q`@{^fts{^jhy_AmdnfBB!-zuY_pHk)AWi%yr+
zL>3T%qB5Y4)h$ra*XK?Lcw+Ql1DJncCC~t7H|)O#F#nwcn6t0I>U7L92H=bdPuXE0
z=*)RQ`WbXOidqDO_MUG03oB)!f?%aT1jemi(Ik5lFwd{BQu9BsQUX3mhmw?yMR$=b
zOZxT-E4@7Qx$fy;&|y+Epw!~tm-UK97)8vtwi+Ihq0n8>MJ#Z~1Ukl#;vRj&9!((&
z!wD;27%z;yc#X<vbTPg~WfJbG#q|@pz*_6maemyGW*m=5O}tYhSp!@0Vw!`fL~rb*
zZ}Y*sQM0~@AnIL(l7ER-i(qe>^XZ92)Oz7!F5UQmJNsS3B*5U!RYH4nl>|VpQtF$l
zq?-B}>#wV{@aihHj6@;)b(QY^x=MG8zT}tpS7pt*_y!v1S}aiuxSEr)T|L$nw>U6t
z#)-p=u!WXa`EB2c8+`|_sC%RiCusN!Ee&VxkRdcXy^}lr8r)nT<^!KEF97qcf*<@4
zo0nrq4(6{!hh~h>B%w)eOXoeiEJ&|}NRxe@<h)j}1oxhNFffV)Ty8*38M&>c%fC$-
zyLX_b%tXb_Yf}ag=M(+pvZ9x<D$00gu=?wCcWEnyNx%ai@C&=Coy*J6lEB}LwcX30
z$jduc0k;*V{;M*rHOAASMP9mTUOm*He{sM`UI5CN##BJY$JyDbj^aO{q)bVrC!SYl
z7Ms|_H#_6mYdPVgQRpGw<vZBU!n>MLOP>_Pko%Ib^5zRcOFB~vmFcX+{WyLX=&*Ru
zS)&Ps*@xo71AuD_8O$fYO5V$cC=(=%Mc6c<*d0cu!&0>o#7w(@Nwu1#cNz5$==Qwk
zJa|Y)UaLt;s1p!VkFWtMI&J`}jXk0+T4qkP0s-vP@^Attm-UK=dp-T<DW?u$@tZ1%
z$}N+_*QAV;WK9Gfy5&8D^C&mHXl69>H_2$dN9L@43i}F<e3i!?sUj!>C64Vcv-xnP
zE<ObozQOOfj7P`SlME0@+$mPt<5hW5q;|)gMrxHe{GU#z)|N>E1s=9;0G8rj*SEW^
zK)>gSIm=NN)4`(QOugfy*2cU5A;Ey>%du%nB?{41Ft<D}G)WG!B(TqIinL?Mra2Q{
z1`e5Xq~u0&5rPiH&}V$}3pgu+vE56}OY^;|YX+<4R2EbhFOK#EN)K62hstIo-H2uv
zzc71MxCL>u{bJ<Vn^1HIv>&4y81<Kf6c-qS+3WgONE>z-BNb3J$GAqJuZo2*Npv1B
zf6gA}8TZWFa8EMj5(th?DY}JkeN30!-P|;>dDQx@smUMK8Q}qD;BOV#@vG!lH{#Ks
z{gXQs0z9YR%-c_8n8#BI=|;Jk#wC%OgX}Z8n!n55&DddM@-91I{j7;;HkvJ5b9^Bp
z86`)>e^r&}3%^m=lh<Y-H}OsA5q;Y!QZ!SxAZUcpEsCK|va>;NR&4*7iGy7fJ*$u6
zFfXiy6FysOf&QI)Q#CE$ezKNly_H~f=~Ja(XG+FjRY_|Z=~(VG;<YGKBCoOmD$4la
zy%uGX9Tk&bA~TQrD{A^iW`z3y=`Y6SF$|JGk71yYAP-O32oU9q@KWHnjG2?Co(G}`
z-BFRx#($2kh57^ECI0B}i`wVE7Y;bD-NOcoLw7m)v2=Tl+CgqBN_6UdKj(+@Y8Gie
zwC+ndc@l(H782mrLdjj|=~Vn(jIfINP1X}>PpTh*LA?+3S3jadUdL3N^o1rl{)`-0
zt%qJG|Kj`7X#_koxuXUCoB@dL3gf>lM;)vYPW%!nHiDg@W(xMn+?TDtZZ6tiE&VC-
z-QaQ4a+1)6Pr*Rmugl|KJ(&|Si*%3MzdaeGe|j>FZ#@~V`FDZ1wH$>d6t;>^O#zd7
zHSGRBnarl-)Q?AS7apt848NE7Jr!iOU^F#~9l3{mbB(WIb@%m+%1yVMkE+AOe_@>3
z^;b2wz_A>Q>f|3*A)CbhNKRvaJYJRKwrA1$+0Tg%2>*-1#~m&NwB|YYetsU=+Fa=?
zdIC)xJGy|Z^WVAhf;s0Fbcgz4{yecVSi_)qKl9}!!&7OSyeB%u>j7J{8N*u{53E?t
z-EH0YHZq?gptt+I#{xjAmQW!_*SlTlsY%Y>_xl>gNZoHy)olsO;1l?qZHT?-`fy&n
z%=|2-X3@v%ls4w_J%*jZs|fV>O0^-BOP9e2>wiYS3HtFC$lRC}d|Wgi<A~A|qH-Vk
zJ=$41avr9;xa63-v!|`H{#DmgVe&jBc8__5t`TUWyV{-oB|=cpAy02YUMPZ0y2+%N
z;(p3<Flu9nqgqQ;3}@3&GC_w-LpWMjHeN27VGvNuXn6p}xrd}nWh$GZ9-j9_ikShC
zBry*bSVaQ_H%5{>irzjo(vkS7)r)fP#KQw3m1ZIaMxI`8*f25{BxOA?vQu&?Czt`e
zE*b5xhTFCQTp7kBHEYMo;G<Fc`GP{heA!a|$WP!YU$zq+KkqKTw-CZryjvv|8{>Y<
z$)L9)&g%_hk~d(-{3|Cz{+g2s<Z6qfe!^HBPUT&-4~)hdBe@;Le4w+;Y|xFf5or<+
z)KoOFfuUS<C>XaO&g<^Sh*s%j>pCBU-<6=*CQV7LpgmD;pk?~VSDIR-axzJ8CuDC3
zSS6<A`ndxj7HZuE@=oj#Ia|F5^AK|01N(}A03#ve5Mb@j^2Qu?omRkUAPMVsb^tJ7
zU?=g=%5+c`jb_mQeTmqmCRJ}?9DAlcfq|*R-7xF!!ESs*A-xoXyhdJ5ZdA-jg;t44
zy?1hWnp6&d2lbA@<yqt}pyqTBD2B(_Ez=nC%Qm6r3i#Vb5D3^jyy|;<I*P*!Kc0f4
zvx4#-KOO;a#S>gn<&9<pgPV4rP_{l%H%d%lFP9p2eiiSL%hUCP0$MSIy}J;Nvf7`d
zIJr?$%_o@3-P2X3P=X>Z{w3o}qI*drmXB+aj8XwB$qf;3ab={DouRBzGNHg8;eO%*
zKYBZa7ql+<v(*FFy^{y*Iv5Dt!<~;60wzAC8kRiU=3kNS5~4yh<QnD~0;X#Mi4FKV
z0(f_T(=m7bE6+|=u}@UA+xF9=pS5eVb^wxp-V>xJkVtbLd;s-iKJOUUv&LEj`(Ar8
zn$y6;<05V0&OcVOOaPq#P){aO`F83`*zd*u&I`CP@g^#{B$z9zc=tdfRo+k3ZcLbs
zl6ZhbrLv8lsENZTkf@|9uETv~dSWLfFSXyUn?Z1-S~)k4Cx=m-Y*d`x`X(x2;Ju1U
zw?qJBxste7QHicD1SBfWy$mf(@D3cyPcPS^E<(B)iiW0ezlutt6-J>7HU=U=zql#N
zY2l}FqXTTp<n@%^d7Y1;dpoHfS51hVwC7dse_@1Jt^6x0;lpF3%XV04<{0Rb-VBl&
z$fOKQd!@>RI*)snRJ@<osJGVyU-Qh#YyT=2g7s;Jv-pSXn4<HiK?_pE;H&ObM%e~C
z#$+Y+X~&h(i&2)9oZ^M-S|}0F(AiPRTD@$1JiOD5o*O(S-s&o42>nz3z(5Ysk@4Lk
ze>)q~fOXYy0&kXLD0v}WJZ17t`T%4x{0B%*0~<j8cV%ywkunIgHsCtR9c17S5UCWP
zG)q!#a+s;PO%j_sndR3x0ft3zQJE4!Wl(3%xWO5(EmGZuCS0Y6M;}!{om9y~8XTuY
zMs5+UW2S^yXA&j%t#K2BK~D{4>9k$}NAOgKS(t65bK#9tlJYRidng2vO7B6Wl5fJ5
z5`{qk8uSKT8PB}x&?UssHTBaEggNh8B2HC^ZiDL#*P#+YABj<n?j3uF<h;t5yQ~CY
zWkC<{w=of*3MnQ9NLU)5cRTu+%1EwOLPoRgEef5MrAs|7wuIWqS?oRb!2YW;&nlS)
zcpkRBC|+`yGna<-G2L($PByGaB6J7z>pSC-j)O9Y&!*WUUipbFH|Mu9=iylZN0;xf
zroyecU)?r*hK_k8ahl9q1g$rEP?`feJ5yAOmDQR|g7sEWmlaU~NcM(|R976~O@`)(
z^%=b1r?;E@BolEkis&;$HDF#qkUo@?;12-400MKJ#!gQYb!DYHI;LB9;|m00RvQh3
zjLJ+|yO4+*j)Rhe>KWsL*)M8ja1GF_&HNepF-y%c3_$b~e>z847={5Uim+ab(MGwr
zAX%(^O<n8gez;nNg9d%G8Cc}md)n#Icf$q+Y2xu?C|!kgBeZ!YIK@|_vN)6q)=93x
zqD&1VhqTP~ah_r&5I{i^g?x1Qz0Of)8-!@@vM=T0{S*6JSjqfZxGIvk!@UfcUYH7f
zE8GT4{1BTONjqM(En$LU6W`D73Dps_#r({6L(;=OU7f3~AcHjsrcg|prn8qx36;dG
zoqvd~m97o$kTvgZ8;+6erw!QH*Bu{2)fr&dW9De$J0sH?1ed`O<;S_~M@k;W*h#^B
z=9HmcJj}SnrH^8R6C4ku747FY!q3BwRcW5ihb~R!!{m<{taia=#u*iT5Tv8XQJ>}^
zw|F&`P=3Uvx=BosD#cZ+8m-yREbh~`HqsLs3qmU$a@E&jNNx%!<5-3^vda|ZN8uS^
zj+j~I>vk^EU%(I2M^K@gMw)*JU=fpL*K<v$b8Pw+#<0`}E_$!&NUik_7OV;4xBe5$
zVYRd4Xmn1{dXjcpxFizl^cb@DGhOB$Jk|SY<cqt=D4_4Y@pqFd$^^D{GG~WMy;?O(
z!P2Bnuo8WO<acC3!IUE--*eVou^3ZxwaiGzf8+U%BSmLi6(57;UWmbos#-G2sRdHF
zM*H(WNPRwBlS|n`I}!GOxxvd=DD!3xRuc}Qk}~jH1n(mIuuO!g0i>)zVUoOIsJEyr
zSS7CHig3Bx0$902KF9zC#-<+|gBoLBDj9PI2FOudghxLF;y7g0hjTw$lz%H6+j8{{
zZ>u<F0MFTrDZhv<pEDdq*G?pFb_55ZO12<WY3mhLs+?}Z5R!m`EhY;wq6JboWc?ee
z1P8wJhAMs52sRhf*)+(p6I2b83C@9}hWPY~D%oYBhwX9xPBB=d{$=}ts>+%C7cgR$
z4FWq)ICDZPS@QB@*#SoTeU3|LT*jUo+@IO>Z&Rao;h9KAE)SzZ6&(pU(6|Zvy>JNG
zQdk1r{VULOH(_!5VwJ=BopUKr|As0VtRm3iqJ8-KFH~tAgeukRj)PDoS`ez_SJUmt
z+fKH#A%vL26*NCnWh%pFk44JlW+;T@3PP1+OG356N{A>gP*kfFgoUY3j^Gh^IkD%v
zzRZQ#(xBgx=jG9`eO_{)BQ72D!iY?f^J9KPl>oB%R};nTi13W;0jG0}DdY)vh8)O2
zy_5Jd7?E{r)^putJGFVl0fxqrqv4~=g=S{R_|h#Z{Yu=b@52xp7aAMNe1BhAU1Xye
zK^`<uU$EajtypOnFy0=CLoDt;LZQ>2CNLOr*5u=ONf7URYhFC$)xSrWp|wgfPl3Yq
zvrCq6Zmm$*$}vKW(Sq*t$zo;SY$uHMMIW51Z*V_{FUGJCF{Py2tu`v9?dMFvb1|x3
z<AvJjj^Uk2r7O-f@93o+qTj4B<_qjn<AvSrKr-L-4ga7^po=p9Ia-7BzJARvht@R5
ze$_Ncz}6Da#Z7Aomq~eH&=Cydx5j6e>2rf+nlOWAY@^~u>D4%E%2HepQfl4;8&#cz
z8uz22nviZ@J7$T>hbZ_+YY7PTwy)?uU5=2sC8NJ}4%GXnhq;@a*mfudrpWsS5eW)s
z?Z{+x#=R~bVFgWa7~8B1R&XKMvohRNE>(ZFKN7Fhfnk7Ed<s?osY;}^|Dh@+zo|;<
zZ>mzFDE1P>AZp|n{#wuhWD~>&3b#x|Qa9)41;!&b0z(PZA(}o~vQu)U78xBomF+pT
zc7{G*SzL*)eb9O}j0dqdHJsg<`qe%^ca{yumnk`as(t-WRf+ypRVw*tb@8eynZK$^
z`Zpj|Nu9vRBdJ|RJo3nDPZR^gpXxMBbQ~W-q6?uL!qcqkXEp%^tQ{`?yOpo^`E0m+
zjRIc{DwJ{h&2ZF)L(Iq;0HPT3HIb#e%`)CJk<cgSeg%lN-RvshJ0YqC_{&#%#VQ4R
zE5()^BV`SY7bOVb!;_Zd(4IDbRV8#%$yZfLQ*9m=s(ze%HD+wnGgzJ@m>RYvT@CZt
zZWlZ>t5~e!SF^l2g$j2LUS3Xt9>J_^j%!wzt$nI30)fN<L!>yV|2uN|VvHuP=4X_s
z&671eaN!j*?v0pwy?V%msvade9s|x6%4$-EH88y&Y1J^S&I~u2M5z!D*|`em7Op5R
zkFG!{MDPG=oty@dXj6zs3HGJ}p9KrI#sR@gh}=><c$y;f4;C%uRF?qXMyZSB{QSGj
zt%$gdz%sI0-S-Nu<Tjg-XG_0T_;C*)zstn5ekny~!l;`&h$u>BtiV4-$0hwZ9m3fr
z(o(HFYq#bszrt=IpEom2_sS|wkj<HVfw4~<jJYJ0LTAD2(jPdo_{%D3TCs-y*&Dqy
zbLFjgWtFhrSf#ljsDEdb(B2OTbX~o&N_)Ime<=4}S*2LXAK_$kHk4ZR!fW4sK&(<O
zP@gda_{u7A#RXcI*vFMx7zA$x{bao6WChD3loS?_N-28q?#svEe6hyi+_GAv=uud+
zv6$iL)MO7RQybADBzneLamS{I!c7zKjJcQjyb#+L8w@^v@&^OF$;pC)PI*mA3zBT2
zIxEMHqNeT>|3xtdg)g=%=NqfE7myEPm2%;jnGP`&NT%>}T|~Ji)wFQH-&iGzH&#gx
z#3}`GSm2bRA9LUp!;azz{g7mpUtn<APd#gZh!#Dd;2!-m`7c&Uj_MW#AlWze#wv}z
zu}bVwIA})ZTE;e1WaqIvDa>j7rZ~G#Uv?VB(nwKSt?(92b466^82wl9NGWhgW;MLK
z_q{cS#$?{}Uqb<cUGZrT5ap~9GN{6}?`8?1AcQ_*?3$coPxKpvbqRtC|IsFH6;L+g
z3^JFLKr}{+-uc}fdxcJD&RpkGk8^LS?))4PtMxwPqf6-ac`GeyBwBZva$W5XB|<29
z2oX|$3Xc6UO@f=04fcf|w3`#@eltN;q<%1pUld^wT2#yz&h}B@tE&`{J_MYZIaKA`
zk@HTbf@cZ<yQn%K5x<^}X(s{pX#NUBwY>m7Do4(c91Cwufbud?_MRwYrYbP99%Mzs
z+f~BQfB49mDKYE0gPlJ!Wc~Q?xRzmla7OX~=_JxkCJsDI0=liOa($qH@V;p>hL*j|
z;}wSL*^_~xU0Jg^6n3_c{~|aEV|7NWut2<jYAq06M#Tt!+4<nMiTVtw{Bgyzkp9{-
zj9A0#7!BWv2njY2U<ZrR&_+Ud!VHTgkL1J;=d)(xJ}#*w?Zsb!zo5#`b$<KYN0IkZ
z`m!DZv@`o*>&6HG4p<F<3Nx>-E<Gkb0fmJ0>E+N`u_ZeBNHkc4`yd}DW>KBGKo_MU
zDTu2EWqZg*v#eYF*P1GWcx|&yVPaubax|O#N?d}JKhhq^alg$ps`)BWQmB3^e8(D+
zUaF>TR(ZFqt?MO=h?3K2F<+hDJ<_YgEf;!_BP1*!Ab>|4@O<M8Jg&WkHRXX1A@$;e
zGZH{V%~L*zHSNi^J3jgD%kQ_(6MtZUG=k%4pB44Hi+94}kBX^O+1w}0koOtA-^)kM
z_{eMYXI71lkL`c<{5iDe)kiH3=F|85E((77xF~Kq?z<>yI!w}-(g3<E73ltD_T_7v
ziPsn@Xc8mDTo(5Y{KHii>yY&tNETWAzCm&qnvQM()d-Lr>Sx$5KbN$G4vRbdpgDU7
z0%|z928kqjC@x<hCp8^TqS_4l*Gaxjr!(%s$YW*ITO^%CA;CV*{24+OD@!?vA`Q5)
z+7Zwc=Jc<b;+}{*KMLb6?A_9V%rm4KHSBa{7$^gjEm3S&1XkAfdX?2{3bqhQWw89F
z|D6B9#1VKuU+ezLEJdh7Syvq{e0Q51lR+FoavYA!gxDj`xC1duIq`T_c#lX(nMDb)
zrW{+-tXn-Sl<!w6%_O%@OjV#b_5;n)9Ltuzx?nYfGBZ{(yHY5s3j5`e>iX}I>OEDV
z0190v;lF7WPDkKgGc(Nupv=s1%g3w<h#J!d7Ltz+)G|-Md16w39B9XSr+>-Jc2b8D
zwyLTMD6hIsP$0d(nIEV%9ej_;t}H2{#Q3ADvuIE*K*(R8qi>>`YRcMth^YzBd^*z=
zC#;F;w9Qpnq<@s@uv4hiJY5pcoKTs-i76>qQ_KAVK`-!=c6bD+Gh;!uCSK8#fRC;G
zvYk?VMHy_%>y;2D(X@#F$UYWxoDXuA$_Q~HAa|$W&uR)kx#-LiJ((RaC!uAdSMpV=
zlP#mH!_oJCOL=paM7HeQ^^@w0PU!+b&XP7h7h&Ti8#gD!NQ9g)DeU9>&vk8noXrve
zf^fH>hic}~(_tT$2EI=9o#9jwN?b4V0u4PY+?L>fgY_>A3Fzv%HPzy!`gLz=ED~k?
zuJY-k;7LE>f|$Fms`2~m0%)=eMbn4+tbx}uN{38NjRR@U2<-!x5<Nfu{PkN9!TYRI
zQ@Su7ra5(q6dek|t2TyJb+|pVuX==Mqc-T(yUXcq8|dwtq>k@BB;t&6w3JVYF@*7;
z)`JW5nMUB;f3HI{VU5$yRg8v9{nERMkss$$h1`3h_&~e-0ZcvwBX`fNb<^nll#&5Q
zv(K<ip(02WI~F%;{9%ffP|z8D7&};L+h^;_c@Bzlz-IW40Y4V!{gw0Q8(+yyZB><Y
zkh3&cfPos3nGJH5a@504%X=z$c#*4wMWC`NqVEt#3JQJ}8zDb7?$G+H{L1r8l-MaN
zbK=E~tD?q-7^2_XeHSO|#yNZw4mm%lVa&;gTr0>CgUT5QdpH6o$Tm^2%{?(Pi}yQ`
zjSAe{ja58!u!3s_5ir%vuBqZA&jNSz5-P62lb(ZNhi2L(rYR-Uo=P9BzgEZIW__1b
zv0-6KcKNH?-Q(3+V&Ne%aY~;Nh;1L1q+p4jiOtvX0=TvCz|N$Afv>xXOVcr`<wnh?
zoFOgq(WLK!i8UnN;9~n^X31%h{5MIMz^G*G#fWG)D2lcu4vGS#bhoSt$eNI#Fj?-z
z-K@>^j{N2GkdAz9);n1o?=$u@-+(~4&vj@E(*P=oy;vL?-7v&^p^mTGO+OwXR1;sF
zC0q$@Q3BV97?#I!FT7}8C;L9fc-ko*3o5JCBt$9G?-_dPU?0k1&&qV?!FF+Myq1?N
zq0qJ1QrY2BE1wRb^?c|OCY`)9k-{hffTnWH(;-c1BA-k%Cq6<0*>z<+v<GqL=h%si
zCHE|w2?mGmgZ3%doe95h@GW>`sUa@jN@c%aFu=;9O<<akDL8!rjbk^_8ZfRfrWk)C
z7ERwx@hexF3zdZ(5$|L3{vcqiq>r)K)48;IH_&gZLqbe6*#nqidg{^SJ5N;4-fc1o
z$YODW_Ph&3MY%n`56mM%`6BdB5{8ghrBw1Y34_HX**htr{x=Cj=>Inf;|_QIe@eob
z{of~H$O_^b0RNeUsh8PF`zHw#u1+w8d6+Qz?@<_udmn)UgJV-QgGI;*pv?82@%OQ?
zh`p#bVM{9ru$Sg0xwxpuhh^`iHtH6=-ZI--+rQRQy4(Hwv*iIQYG<&1WoLnA+!c^8
zW3GB+gtydU^Rw1x`hCRSlyJdx?uN5(a>6AnHnPb4yn~o~E!;<`)>Hx-C)Km^l3%&=
z%=v2;&_EX|fpZD(iEO}jq=jzdaBw%tJDImrj)JszVteB)Xo}rM>bd<lVZONUt{&NV
zZ^D(ag+~Oca}GopRwMPR<Yu?4HZ5@@l#2%x#?)IL>Z`WLyvI@v(jkz~3-^1e>d>yf
z*Kc~LR%`8b7NFeMBuz;`YHiWw*QCnyY$(nehZg<7YOFKYYc4s(SU@e3r8c3Z-evDX
zc4Ik^L-vll^zg<$L$rvZWfrez?U&YR-nw^np0knv&{J*ZOill+cCsClf+beg$znFA
zT%Ty@TnnEWhI;%}eqP<D{%ZvHn@Z)e5o0#xg6`D=>R?THk*1WeBfzh5^F)y>&7wZA
z=baem@rv3ntZly5&t1v~m?sNH-6lp!0J{Zvdpm1Zs60*<0_)c6>zcZiLcVi<lL<!H
z&R1(G%PAgYEonX8m@-YTVqplH;KE3Eqh2>_xZUK3l^{nFL0dURPkaiRmm8><fW$vK
z)Nd1C^`cyV9}u2O;}$_|V7OoZ*`upM%(|S{e~o|X=fEPI;*8QGZF&pe`AN&(5_-m;
zIV~HDEQcQ_W=%q~NeK~i>Ij@Ls#!%Dc(;`L8hy&E?5k0|Y932o#d1jhrz(u*e`giu
z$Nx(eX8PZ%FysG|RhW1G167!`|DGz$>i>5YX7>M5g{k}ZD$JMvrV7(K{PDk8#T=pk
zKUQJB_w_ahrmwK{G1f=Tp{khQE4}pS*&|$$LTm4sT7%v=wVKIWd<s;Cg$*5fIJ><B
z_t9vHrs~EFjBd`z_y0JygIt%R;dGdRjqAa@!%2W%-CM^|WPt{4!RiXv2RLQ;`~)X@
zjQr6?dkNDbtewmz=W<>V#Vb&zjZ5$Jvg#A(ADN_)K;{PTX{p_3Zk(Cb7n2Cz^D_$k
zqwH7$!|w+%H~@R7zNWKQKpcT!-%aqDKj`I$C5vFvcs@pfR@RK(@p;Bis?5T9-FwF$
zExs6P>#zIXhNPcHasz^yQuCUM$j%J9BIDtGzj(sBKHc)fZ(nbVmb1$r(B+<IQB^bP
zhKtKwDO4kKd>$BJ7WL=Jm;DD@vR>hT!<OvVO1VMUQtm6Zbo#Bt??14m8ipuJ(xnm1
zuN+nmIZXAgLU07|<rYn36B#G9vUps~4bxruPD#4sM)q1o7|$fJA-YOr-GVIJl{^Kw
zK6fQJ$dzJD_nuBl2~$!uPDYx>SXb9k&y&_<5ZC~CqU00xmlM@*KWeN*t)Bu$j+KP0
z%T8)C8;jgd6eCRB<1^rUs+XRnjQp^tQSEkR@|k@hqy|XQFC!B&NcOA#!Il{EuD#50
zN-5Y?l)WwcO3``!{`@}Vh)jYXc*B-BqXOhohiuaO)NzpREB+9<dBye#G{m#yaJS@{
zu?RFMN-mu{+=naJP4|GXCC&#UKdL-k*u85gx#fXV&0nJ=bn#6-O`1M#eu<RxB00HT
z)hQty_c9lco@Yvo$>>^bRDT9VkJNaZS(q+?Qa3&6IU<JlfiMH2OfRXxM^#`);>^H7
zpy(G4<~M7pXdh%Pm3Iv<GZ}45-#3T~zgkO7f32l5H%VcTwKQiYVSr9w><F@!N_zt8
z40zKeRtKZ12970#=$(@aGPbTy95Q^O#O3^A$eQD~^Yke$!@oH~H<-f}K%3Gxw;Y&t
zp4u+H*JPO}=4uL#_|QG}edz;ouR~P{w1@wXy@&eQ%ZP;$?jSCs*rs0FLB?8y8e*v~
zEWIvM*gEdMl)%EY0;KAuUuWAPp91424sU-*a&ls4lKiEX2H&V9We~Mg{6;M;>{1W?
zrIv19sihOP!jQkzlF(mjDd6Tyl;4Yht%DW}E_UZ4BKeIZwwu}+OZHJ$xaj0^k;_eR
z*@^%ybJNIg;)~9)TGfZkv4k?+9~=RpBG^twlq`9_U#TVI9>1siYlj)U4Y8BvZQO@z
zKb4C{TnW{_k>|r}Lnr*vPE?s<;vNhmZb@a{o-bj8w91BpSAwN#ZOsA?;RvmghpRAE
zri%@>f{U_5PrOA&<beh)OC=s?h(Z}Ht^DooZRUuHhQsZi&<>8sMj2UBd3XxU#LKis
zzsTo@szs{~F%hz%0)19WEq+)rg5MLD8$XujiL)CvZcrJ1{CLG&-o>zVb9h7qL+oT3
z_r2kCRhzSGE|Jew)Mc9M1-zEFo1r1=%WjBC0G+9=gI}VqoDP1P+kO%6j*<bm=}uKX
z%8#fYc;&PY-*OzHM5#7x6FM2m@j@kTz)NOAj>G@QvoJ{iWMRfPidq*po?0F`G-l+Q
z2vE{bZ@!}2XqekYy<W(IMcNl(gk}B6*H0^JK1-n!=>N(GiO?+U$SIe<#Yu6Bj~wGn
zP>QSf<}8I*3Bdg0EUn>%Q`ks+dGdIAxc)hE_N&wX`C_Dq#3;~_J4`xIIpA?-xrfmq
z;t4}az&5VDxh8=B@enY-vkdw&6}CAsiji4wqhVD!F(Kf;N3VsYtfLLL$BisTfNom0
zOU!@F@2j5Ia40$?|7<+4Gqe*#CTyN6QPfh?!Z<q{{<>A1H<tH8`Dd$x6z5D39LZwd
ztzfLQjZ*wLiOa7!k#^$J{nc5*poL_}K_=&)b{)M|`LrHtz^Z)2aS`0ivO$#la(~00
zYdNq!S3VoMzRszQr(~rofr5gP-r@vpsL3TUYG)1GyXfiBc5HZb(vk1z^ef>kKloz!
zlzcjoum0C>>%+xpkh7#C$#}J{JCyM4q7!ua?DkV?_NGGT44diO$^OPgFym!XUyv4T
z4S5BBKlP>0ib!Q+)nWm^&?@C0jjwDBNn91y5bfzWs%vR$@iwY#*?3)h-?^VZSg7JX
z>*0VqKoU#Bj}Je^4ER?TI2g9C4lsCUc^NvXxY@f;)z$1edSPqB8hnGgIhiu8h;#u~
z2caD<VI2lWl`~fz5%@hlVfu0J040fS5?@Z@fc`!pW+@Rw38Iqxudc$t?DZ`DTNUP(
zWUuG(ULfj;X5c@SrQ^+&Vk#BXc>%igZjS|n$EJ61*>)uBaaj~fk<oV1wacf6Kb_%n
zNQ0)qc;q`CQ3A!$_(C_br})4ODO{)M!(UV(mld3z3_GWz(i6(Ky55kb@oV?iC@zNo
zK$b)^E-xa@R^`4=Ba|=0AB}T;>t8rIA@k6yQKaZsGQVr&Oudy%{-m2pMR9qGCmznK
z{XIITu9~6Ib^24rPshujaZfZl$#})ga2{iU1AyjR66MHH0BqvrhQHtGpO*mz@nt`l
zIT>{;Y*>cXtAVO~e2Ke1$9_`OX$HYRKNf#@g0L^8`e4ogEVuPc*$6l$R+hiCP8J8I
z=Z4DgR?wG##m4^9j2?w*oPXz~c%dmhrK|3&2_sVp-vI6ME|8mCQCe9eer{HN`&)5(
zZ5-yzJE?V^E`$`F30QjPHHzau=X+t~i?QKznyFMXq_+2I3q*|+S6_$+FfBFpJKPg8
zj742OTmEEY8<1yC?=UZ&d<nI%d9?K*_;cOlZ_C7Tj~78W8<L!``~EXJMF8$hlO8m@
zZjdK7uUWXtGo>XJ7rkT+T3$~>W&z~)G!FAmVN|k8*a1ES?Ny9^0s+KNZZ!9(Kg?Cs
zloxz%`^g)0!1;H3wl?dSfyfccBv-;eC#>WR)NrX*WUb{qQW!gO0E346#2=$8?-vaM
z{M#IBrC~@Z9E1PdK^<8W+;E-4%J{?xe{)DN-blMQ;M}qcg`-+4`wBWNmRe_4u)|l5
z8r7nu{z=!^h;ft<ySuEv3tZe}&pwyec&EH?-S|wUMj5zHp?px9X*zDn_7!{<<yn&}
zxCB2*qcxoV6<I>~i!Aliydq0csnSXng-syIxas?0j#7hIGe>3BeVu!*op1ia$HY9}
zJNpPAfHA|f_u(nfnaBDPI3Nw2>GJD_0veCh_LMM~R6nf)g-iyyo?o6LMo8vo`lC`w
zm7*RU<-&I><$@&fEm&7L+xl0}<4s3FVH*oc%{Z;}G9g}mbnHaUYPmkMD{@4-cpgs=
z#o_kd4b(1RD-ZA`jk@uUd<x;)Dxo0&lppeW?kR;G_`j@TJhA_`TE*z+0OyybYXiJa
zW(qa`V-;fu2n2op|DUQbNdNm*VeAR8&=qYcqpMm8iAfdl-sNw}@xz7(jC1fvVWSN^
z13+Dvy8#%ioZCWSy}miN%0Xcq{w$7ruMBWn&TVZfWcfCeF`aH3g4!TGU$Ow5&#W3~
z;)<l&E+P>4xndII81;iWI3|5)pFUdkQE4?5BUSzUkj3b;UT+X!*5F+(*w&xX825Wn
z=tff4liiUz5dW4CkSo>pM2gU@uHy2wC}s~j=1}pj9=rI;h~K&p%CG%^WiLkF_c|(x
z%5P+4m0VaG`+|cAs4Wiq`g{1Mb@8#NfV@iYgwK+1X>=uu<;0Z+uR;)LIT{tx!mCIu
zZDg)eZY(;rg=ff>U$)?fDkJ6Qc}wW%4j4NM(No~0qhUrszr78Y1U&dQ0xsoo!G;co
zwBq}Ql9N+0bTyI3;(YsxNqv|24GQXo=yeJ=Da59vS!G^i`Qq#xoYbmJGStibuPH(K
z)3HI&iTaw0Y?-jU;UVpglbTDJ49Q5d$+*`s@)2WVT#T{2M32+J=NTa1M#|5hpr`&I
z84xs&c_;3T)oj)7*QqjK;)5?>z6?$Q{y`TH(qh{%nYoQzZ|FhCgIZ~fvTgfd*OSo-
z4xXw_gfO7VzN=e3(nkzu#lX}lc?z*aW35cXb_fh*!$~D4`F&hF3|%BaDv^(*dV;D@
zAEOLFG=)(n^E>GtM5vy5;=HPX8U9(A9Q2E?P^Jh4#<+K~;T#smm5QKxWLU=303Ep}
zJ4=2Hb6l`C_5Z=xU4>P-Hf-Al=`Km>?i?UUcXx+$cSs`*($Xc}(%m85-Q5k+DKP#4
z)A_vfTl-g7XM=5UbKU24?B|rp{xvp@rLK^_eiHXz=-R+}1}0{&UvU+@FAu!$8GvGd
zqubxiul@jL>`5-3+)Zzy5a}g_*|6D<uJ>IR!ZmKd*C7%!JW%neeY7S%j;J!&q*lk&
z+<8s7Gz21=+~0+MCkU4`hN6#x>d_)vrg)lZmq`WH2-PDVsNf&y+RDmDhm~!aE{GsU
z<xJ`FK2&>~QHMS{;M!A3jI%J!L1buPx)}q%5|?T}BvCL8M?1H*em0|IRMFN<m9yOg
zK5fd%P>&+)mwN_1=$(~Gw3r|oODknm?}$K+TZ!rxMu;k+G-(&|VBeE&V61WN4!!b<
zxig%4X#j-(Wyy+6DF-r`In+YKz221e=1MdM7kCp%1vNrA4q;l{hs#H0=3xve+q4f`
z7bs}JyOEBpP7O(XBS+zlCAB);{1Fd1l1^}`1_0?tA+L9mQQxz<ns%u*D7nje1mYK2
zZsT#$nf4{;!9Q&Wq59{HXvF8ei0z>Nak-A<m~KcQ?<QIDd3-u%Vf?9hrSmS|8%#Q)
z@xB<sL%6S;8>{F=QiVV(>`2{kSWUQ&SIr7>`@DO6{0RCw=EXfW{mu;B4EtGKlk?j*
zQT#3M=>8Y_CDs5qo5x`#XVJLs-CKAE)p_-IoWq#P+t|waEzxA<grb(K?;!ETW~^!1
zx;|2mld7d#P<VyFB1;HEwkf=bFR@CZZ&OA)3YwcQqM*I&bKQX*cjox{ZZNR&R}<&F
zM-FVvJ1!U*NZLg#^2K>pGT32@1&XF(+1A-UDUD5$Rv=QY5hN|24|7r(Y52~e!X$;`
z71uU2F4OQn>Paqx^N*N$coy8&t?QVtDy{?!@QnDQerWFjk<@NpL9QTY2@ba*P%To>
zJ)Z(Dmc9)v2-%hcwe+^J7E_6lxKAcdJO(<OEH<t&2o-2p6OXo`p+Ji#bg%Pu)zMM7
zuj4BgrxjRXre=4v;R3aQ)?Tw0&W=5Uahw!P8LTw7#1=u0MvAw$%+f5zdq;EH0#Dw2
zs98DE-=ci{@`fB`%St?QaTnys6bbh_wOtl|hvRXqdr6WeSm+wYPb>MF<f8Z&Ev9&2
zekp9x<j4jMlX+i-`}FvEpPJi|V-R90M0<PiSfi}71JkW@Y+*4?f0~&n-Yx8pZ$03*
zLQhzwZ=0My)Qp!4Y5t!523b6M2S=*1LZIGit|Q2B9>UY-Y*jMtRDX$?p*Ti7NDjw%
zKSvt6VXK<b#np!Oz6{>~hSk9MmlGG(9cjo9Ba`C|3<-)M-!2KI0qr(9#Xt*kmaSH;
z1}E6|ub565RLT-8gD!rGVXD7AcYJyA$ah2@aK#<?bqC*H4XDO1_=xe-{L-jlo>Q@l
zbFsD?%zb8rd26q<lu0Y2D0CH!eBmd@cG_lBxjbx>C0(mT$@f~^NeMZo69E}Vq3N7T
z{LjZT;h&+tI?d^XsNJApAWw!s7TC*@U3;uTf0B+_tePkcOpmlNUpMTNbW0WW55)$E
z<jxDlR>oiKtRj2-qSvsW6slo@G-hSm&)UgtcDm!OHUK9FQ=x-M(SYL+(3N$^vI#5q
z6I>(3bxJQ>D>y%+guNmPpe=<8AwuSL)fH?Suz+eOu#QF~`D(%OQ**`$&>TV-ChxB(
zv?7{j9aA}%)svs^sP2Ck%NQaPfKaQWIe~rr*}{vZLF=ZuzoI3+LejiBUq%>Q1gF=W
zXAvJu#SMK3LHclPYguD6aDcO*rl#S@`6FB*p!I~<DJB?sc6=y+ocvL01uh_-4Kl<7
z(+lc%k46hSyBP8uBP&O>?3JJq;}=tRnI@G?`oLcLya=dXA>;7?@<bgJ`9Z6gOF3kO
zrOgK+Y~8OWS?~Iwa)sE+_v<9Gg@$V+M@^#?O*FTpG2ca`jK(AUp7JFsv{`s26$mrV
zwP7yKD?ouYOt7iNjO#pmmt^`*7TKC1pK@+~00Np#GDxM(Dycv$%bJsgk4v}?kQ2wb
z%j!A1Ksoy!5Hg{T{7vAILnKjx!raR84*_cDas$gd@9JLbc1)u>Ll}HbpL8YrMssUP
zEkU(<@Y+fmZ6y5-wWE?xlu*~~+$kHwJNR3-yDxB9@1A5TIZgb~yCH8wjm?E`iiY=0
zzj^LJeUfKEmlGT88?pvn?jOH1jocy=6ue;RM#Aj?DhTV=*e2VGPW^&eD_hKVVVr=;
zig|CxD^I3HuAe`NBu=HN!nQ)jC~%M_=!;uv^EFI&Iaqrrkw*K`%SEp92JTi9IR^R)
zpzlep77xP`=GJ+zil@fp6o`qeic#_@0JoM&JP|u?SaG+Hm@K<;jbZ>Q0h*keeU#Kb
zU<-4pJ=i9=k!J5OJ!z^^gmyf;l8Q#1RB}s`zKantMvkm1?0GSG&Z%kR;A!2k=}DY(
z3AWteNtn*Wh=*Yt9uelmG`r9b{C<b}ag!w$e|8)JIw9*qye12dzl89?WJ!+BGh?$X
z_Ch$}Q~lP#LE%7oi2_Mu)=rc1i1<>TE}||XqJnKh5^UC2x*wA6OB~gBu$s1`J31d6
zg34AxsS<D&OQLf(0VVP(w097Z=Wd50_7;*!`j6&g2N4Lx28q?xu)pTtRSe@ScG3~K
z%x<|qfTz*aa7Jomb`tXn)Sq`U`fKLshO%XPC1FY+3K3Na)|)}Mk;4tW*wZP}Ho0;#
z!OO{w!VcSrmD@`g|A-f?^*tx8d6c4q^V7pm`jWi@S3|siho6a=1L@Gn+g*fw3>oHc
zayZ-vhFf(XQZRJIKAuY}C)T`}O~r{4KP(`qry!)<NKez+^?i>R^*lR{7$%@X18a};
z<P`3{s^hY8*Bw0<oScqS>)u}i-|X&l+V>4&C%?$>x`B^B{Et8C)HXNeg@1VetwYqE
zGw__k%l|6@l_Ji2v=e>Q#9I9pK8G|msgjU++GI}%mWo+@-WB*S8^SwafdVSmd4r-a
zL?rjm7t;hlU^8Ow3k&2)?XK&|<Civ|ySIi9kd4#rRs;B;%NK1aV%*{c3m3pDQH_Ah
zj%D^tQ#p_3K#~$t2N$@kGuT78yxvX@dZ?Tra)Y=;!hMwg_LR9iSC0DuZJ?y^nN}he
zIPySp&mhh!Ft{cs4fHdzx;`=B;PezX$hl>972l>2VK9)4-k;5c@HrrI%NcIRP|f~G
zcAeFw{cXVQSfBHrTaVj5y7zg*+?6X!!_aM6Z~}xZ#fPUwoeK#K7v^%9ZJhmqNN2Bb
zd8zwxhXtsAdP2!WLOFWSg8}k;>MgHuM3Fx|Y*zddHseSnii^eXms5#ry8M(vux`T2
z$X(;9{8I%oCc2kh)Dd<l$|bGjk2mnrdr<iRS|A$o#*prIr2NK!GVy%M9Dw&6{JVRt
zrvJ)^D3gJJBG?mA-Rl|uAjxOL@6YZ*f5RH*Xkjg?e<G@-NWeUOND#BL=oKu%ovbvD
zh{Vy|cKdexw6MQuJ`-%VRXkRo6FO#S5hlS9oE9OxawyF<kzQdZ#W0lpSfXsbF3$Jw
zRWcEi_C3fb$jG;UV3_o7?{wQ&j-fh}m83Fn4#M|4J2#Wt4qS&pnVH+RhUfjinVCVO
za1B$tQMZC>aVhp{nYYYLXf|6)ucN^KkIc;3l>dbvXj4<Q=9Ng^s2^gi{>>3PU|2er
zaMz0?p}4Us-5*ou=D96n-3nJxw9-R28T5~PqJ*AGs_;NGml|#)fsE2v?2vOIoS6Wh
zS76gn83C%g1div|`9-DtR{c;`wrcol{Ah2xvxkf)L0wQZI;N)rXq{Gg`K@5QY|#|-
z1|V}n>^(ES)kaMTB-gOIoG7Xb{;G$7&a)ja7S4CXddohJ?t`NsRSOJ9+T>-BJTSFm
z7U`yhBkJGxL(GP)Kl!qjdv-%@B!pU#(Mi(IhIyb4{WUWa0B%*eW4IvGNGEf@-?T;9
zV)B}q$>mCS1Y&%%XKUjK$UVr<+u#x;t=Ng~F^)3jEOYKg^#rAd9G>ejs*UXHh#-8O
z$u{df@|=Zjm!~Kg;TwYn+r1}j*ag?H`zO<S#5%-AN~(M2y|h{H*>^=Bq%HEDRo-<b
zjU(%Jg-{u>N*fD^kuSD2=k9<eHJ+eJP4VlbMrD*C0!O7YnN<#A4&7BNwUESMBhgVe
z3MZw21Uf}*Tdb6qwQ{PMR<AR)qIzgTACkwcb)!Y%W**J#a!_3*+8C=}fdOhfCO)J-
zv5zle`YCmfL;@kdv)K@gp9^!<xt120t|dSZa<mt|%d#hD@aW4MvV>g8u-lRv5`xBj
zueAt5mJU3nbU?_G^AK$m*9{Ifo}Ym>Kfijw^AA}K9iCL(oJPXDKT0D4Q}||GEXM{l
zv#*mHDdF2=nJ3#%s!+#}E?@>jjv0WTTw3Z8k_4krstn&{oYmUa(C~+E)!xO9lx7%$
zCN&XnlbSds(4+=8mn111oK@`|FQlZ1<e~TEXMxBM<FQ%MLTPA+RAg|aG2WWB^h@&a
zyN;kq&HgXYq-F**sTl_cO=|WWPX=(xsA)2Fc*(t)VZXoy+t#H?6)jIO2-L)ck<y3b
z<Lua|F!@^E*h1}Y<r*H$8G#}APo?!5Htc{VHN>O)CY`E{GDE&B1mU74Z<!ffP-bRG
z0NcGS#2xbA%uJYQSgLz+$&I$jhI|HFMm~-vX;v(XSYrlgQj@A2Y<t)-%t-_BI;n}x
z4Y{Z5CwZIHJcMtXe^pq0oz$R%CN)i{|4eG&XJ02Zj);9X2@r8RDthdn;40cI|529Y
zDXz1$)G!(}d82yu?ILKh&Qm+^@JQ8dG}fT($`fe(J)}(qvrvc#a=IO6;xz)Gk7o~A
zS(nlkq*nTZF|Ttrg{ghigG>fs8s-+EL?A6Vu)TaU=`-B%;3C6=bnzn{Q^(sTBgVxy
zG^2@qJqymvgG7H~C@O`dqiO9gTypA2-NxW5+6Cht8t)2bIO=Zc{S1=TN(cyXcM>eR
z6?g(LeU$OYqU$vA$CWgxO#Z2ZY>%mc-g8K=VkTsNmiD<DVJ+=*=SHE$L7RLVQO`4p
zO_!3whf(;Dp+p9`X;kb>VUN*rjrKp7Ico}qP`uxR)d6sj!o5kWGJFx;X;k(4g<|o#
z@#jL!HUm&OEC+ODp<Nn}ugFq_|4I(xS>F<^ps~qF8hjT9t&bxJSqdf#e?yieRzS#-
zWF;{fg^UFb7VBrm_K5wk)!oV7yh<4=HO1yvWXT<bEcsr)B1;sOEmA)Nk37jnu`L->
zWdQwZCV>jBK9io4POzGx?t`XSw?T^HTYKpgCal;hLb52^VffZaiK<wl)sFNxHIW7e
z?0Mh6`w@c{HI^^yth-l*aN%r;P8|bkE>KJtz~4kC?3W$4x1jCl>*?%nlS7u=Hx;lY
zx&zHH0aXkn&98~gKWH7Ukj|PL@C0_VKLSs!V>(17lXaaOqkdZS8a8uBJ*sKrKn)id
zXyD0q645e}zzPZCn#`lgiqXqe?9Q8l{gm0pC=~jD5`P#6gMl?>xEm$G#Rfu_n%~J_
z{2#J}OG%~zLY7dB^)8@3eAiS!4Ee*zn*<h8k)UcQu=25E%=|>{6<N~soL+cEmI|k3
z2KIk9eC_BsyLm;HazV&aQjvl!FUwd6=1hf_%}_ECm^7w~#==1R@u%nLraUP2kr`C^
z+T~`Y%r5H9EGs4?U5mfS(zkP@H)JX06<G>xDx~jtMV1ILM<84A^`LF(KY@^?p}G_h
zvSdyAUu3Bo7j%87SO}+CneAin<dPVP^MJfF%NW3&jt)CCm=zvTnk=Oznn_RQu9)5D
zn_`FZAr?+l(5tdE^rkGeltNzWCe%(ffoVX#DNBHg6pCw*vV^xNHT18tqynnUq(}Xu
zEJ432OU2L1+;-P-V<mQtK%~0|RpxujFCb-!R#c3;jxth7e<G{0EJ`KxXP^6o{DPE$
zX;Ag!Y~k*<U1Oo5p6!>oUqg_nVv?Vpoy<(C#j}c413-fsTTxEc6nS~P72evHHLB|>
z2TLYB`|qZUc+Oi(cxpKQ@~PNJwc2hT>I>GI1h;&ZsthnKuY(%*w?U2E+n{FgZBT<5
z<wbO0^>gn~5Kj05a?*SJHVQ`dcVpB@#Y`y1MP_!J$QIi%_Urc)av39>9`>>+{kBUt
zL+~*{o7XmH8m=fwWB^|7(_D?E)L#wDiQ3{i3&R@u2`2RhuDH23p?+Tg@fj>xEFnYq
ztzC^&vpI;~tcjCikY&63R-)pH?Wj4v@+-0UQbQJV=kc*sHpNswGLA!M7UYCNaTy9L
zB0gf27W@C~w|%#eHlM!%=MqYHHPcLYBUF>|X=xcO`OhH+Qg@oe%VFHIrbTiN{l+o6
z`pXLqygEeJK<ROLR0O4|9$Ko2p(}j{d!fy`tl$g7pQbMj@c>)BTCU4a+-ireNxUV9
z#_Q~@C~6-JBGXHV_gp;9<W^UBRnx*{YYc61`}{F88zW5_7wfO<<kUOVc$Oh?m=1GH
zf2}_5{tTW<O1;>vr-!9kKoikha&h@1#7aNg^_*7_pXZ0+O8b{t`tZsuQDDZG=wq|=
zZ{&zZ|A<`KTRqfbS~m%&fl)oybTD3i98m^YNZx9kRyM2Lvc_<7O9z(478{9WFxoAr
zj)UofH3fP#%7*!eq?V;0zl6Kj@6`jGipyBi(faZvu{9m(2v?;!IuHWu0xf$~I~9N6
zsYEuU!KhAV&;8F?nt5}UF61@;b(Wl;ed_Gr{}!Cf??n+#Y6W_G-?#n-dU{s^|8{1U
zII4bupry*&p{W;yH)zRAx~=FHTB6wW#Q{M}G<4<?2%qdhbDFXL%xR2lKyw<&_>gJY
zTT#%Q2B2{Qn$y(Yz>em0>>Sc>LtJjsV99$tR^k07X-82lvZAyC2<Flye!mCvx8UbV
zcThY0541Evu4DKYTFMIz13^nCWg3Mgm!-{pTYQb!rS|;wZ_rZw{|hZ;=8{LmhQs6!
z0Zh%T=}pyY>-8~_Nk-Y~I7YmnQCi4vHhoq9LQ6dZ|AUs={sS#x{tsG${VZtu+L<Z(
z<TTf}_>OKrAS)(XOAMphZSf^FP;r~|cm-h(T2(q_c+^sb6lkQ#JdV@TVCMb>v-hM6
zu>+7};9Qh{|9j`Uap~ZC$N52&Pde&;JZ+a%!2zoV+}(q+omXm4{#X+guVek9Ss4Y-
zvIV4COf}t73RgGx4F|5P9ed|8wxjREusf0~BymIMl0@b|8EozL<1&GLl)umpnN*ec
z;9-r71wTA2<WYWf7XYOcd~R1rj7Kh_7ANevayR8AdHAK3-G=;0^mf~gkj=P~#WS`L
z3L{SoR}jAQn6O%1E8hf3SuwPO_B8ZQg5LQVn$w1k@cF|AcT#pc+<ij1gcd1lc<W?8
z0jT@?cEfoSI=o6xo6mogrHunIZG(8-qZ5Co^(A3F0LvfOX}SCocY%jDp6t(dKzqBh
ze-|}?;l}7PZ4dT1v~ckASb*;K4=kpKT#rS4!XPBw9IOi99u$tyHHlGX4S-35kGLEW
zbE@G)tB6gHU!xpfn$$!o^mS3g`?{#X?%a7@)c6Y1dJU08MxwthYT9ins#RVWHJ|FL
zPn6tWrKO|4(o*3gWw*w^p_x$w?Bo7~#E*G=E>H_YRxwx_bS%Rq{#L<?Oo4OOjgT5Y
z^lA7Ex)g)ww9f7n$HF^Adv{<?NI$4yCc7S6RUi$;8j`kFa;5jO9O)0S1$?&T$8(I^
zQ#eMP7YO(6SjJhr#ZeSi(e^l|10&+}Hd@z5?C_EoY4^gd<)Awdg|mC`m+(>SOPl#K
zTwrQvfqFG+uH!_kW+Qinu+7pU&SUpvmE7u4&0sa>Oxq!t74~s>TV1|he%$+UT#xVB
z>$YAQ_ia)Gvv+N%@K7V(&5XVM^5wR@2G)2IhFnQr2d*MDr!aM0Mo5W9UWf0BfQ4d3
zi||<}Xu8$j29$oc)T~Q6%0qsMU}I9_XVf|t;tqkzL|9%<U!l|~4(eyh9cl6BXn?j$
zN$E=iO=>bGsC8HWoz&o^;`n&Xnut#9@<1C9{an8<%oJpuwd|1Q(3=`<F@7!0m}s8)
zdgN%D1SUGqw;K*7xX;8O3_01JqqvD)e9e#>CC7%ml9p7q+V&h#>O#;OY5ZH7k*x%k
zW*|VNnd*am!+H`J)z{KY&TDCg9YzIIngP%(?05BmN;7Nup$f-zNmVbP(oEj^@y-90
zX2cy7+?@6?*D(p&n1_)5Q<@oid=S&VdMnM`(TkRN+ikv<W)i}5kXT41YPdF{?Nt1W
zC^<A3rDm3x;y|MsDoP0W2!2~cDg91zir-wh?#!XF2xQ9$D@BVssu}(}O7}${2FGk7
zNTUJ7^4{FuPPZ@9cT{%kULLO3+dr5_gU=7n2JL_sdr3i~(Ry7W;*l(obGvr?{Lfx4
zPkXa*rw;Lfv9;iPj2FaVrZU9f91cGeVn1|2C0ztAF&hBLb%h=Yj0ln5N;6GfSWabD
zWrcpZ^-U3j@O=nd&$-nWoQK$#h5UnG?=!?M+o*iAZ9EtO5BQjQb_CVI6}M=rn)N0S
z9EvqyQkFqAg2w$8&?$sNu~yLtdy-!%St>7f|K!$mw7T0(Sx0MrV)uyt@na7@U=V;b
z`1117bz7EoT<iktj&usv_%ep<+9uuh%v!Ykqhb382lLv(=bnd2rP7bwS{@9&Pqe(H
zq-r<+8`UV<gGM!{)f&f`!%54d9oP_>JK69MS_F-;MZaNxj2xRll#NxZefxcH9=9-^
z(pM@lSCj*{qopNcqip-JK(yD~@H$a=`TBc;sKK?BCS)y=+j~sv4_9=zccsDg&byW<
z6+5C^&TWFDRdv=NYw0fRH8qnUJ+ZQe_%}79Xe*oY@=awnNcD5T_e>wZ@v`TR0W9^9
zm(O^>Kh{1z9fZI?Cl8ysz&k#^hAUvID~>4%gpK!P$@Cvspbd|q-kxx2dmL~Z2B@Wb
z!LKrL+;_KC@~xGFcul0I1PZAmz*ikX<wq2jPW6AVrM*{dX-3df>7yp0a8pcW*OW>n
z=xgHUZ*;W<)DWPk@pj9gPl+m|4keI)aPAm*ddB}RwiNV#*iu8FSzMw3ugq1R=Hrs0
z)9JJ=v3dE|b4yTcCNa4Y>)zuuV-4xsFLvpHW#J+E)8E`rWr{z%(ekVU+sn|JOcR8F
zMSfPQe|I$$idLq%H%4=;>4(R*XjW>eTKw%<Yj!~g{w72HL}3<Ig50ACx>P^u*bd;8
z8ydbX;5Kp4p}DYjXXd9gGhNn71ON!5@A`3Q1DpKiW&=T!rUa+*))SYwv$9>#FP?En
zkpBkjLxm6MB+udeWbx`>ZAnq~|8_OfOIHB^Ga8Y57tpST;&oR;FWG;OxgaOqH=y>S
zJolTt<GJ38hiouc6#3cn)4Lc)1vM#fEbMkBj2KB%Gmi7rt&-5xtAdSUq-Zq^V}vb^
z7i*D}sEh-=`~dYHXGsRV6ygjFxfSZB90%hah=j(|XppvKDU|Z6Ej17NziCU4QHyH-
zXiMd<+ER(#KiX2-W&$cmTl$;_9GlMj%1!{`X}ZMMmZ)wR5%#*Pp%}E|AQO9H%&@3~
zM=u6Dqjl_o&wh01K~VeozDdaIWymlXPC$7~K@}Z~oNM;}5ND^l`uyVF{d~OnlE_|6
zi&;L=_0FG1#}rD36nNta<NR>;0P2Ij<z`|*xf#KFqr~V_PFW^1TnFse+zg&KySff2
zH**+G_`lpt!Xw^21UYXn(JIGag?7U0u;xR61VxLI?DoO6$Qt8{Ic{X=h#EE3D&y4E
zyQ8S#w_(l9Mlk>_sfZ<GXwvkLbb-W6t#n4^I9h-FsN)E{$nuH$DrBOXUtTN2m!^^J
znt2UUw6Kqq*nC_;X$K;N!j4*4`OlJ=`9X4I9CA*p<yt1A-^#R`>tUp1@9vwvjh8+6
z^sza^ti%BCkUfxIIy&wSfK5r`^Bch9`<n(CsM3VYKl}=EE5+*_%jfq-kD53RGP%i(
zXH+s$?ah!H$*jn6vIqZqOY*gts%%=SIgi&*Dr!7)b+i=Wqn7}E`u8h~WvpXRZ{E`B
z(;o~h`P^{w(M5(m4VRZp{*ry*2?5X9UvEiS>pgw{kV|8)xeCr`4o-2kDWEYAJK|4N
z>B?}`03nrE*H&`KYj1|SX@P<(+yd=03v4V$d!gikbxh!AeaY2R#8~PoRHIy=U4MV`
zl*Kz<C<$^Sh2-xKQNYKiY4@1Dkwwye1&*MnoBOmt#W4aPDQ)w)9_0FkIB=llT<@lL
zCx`AO_hm<2vH{;*1fuheTe^5~-aEM`^Ef=Y?^Su?9?eBC+wVwYxKvLSKa7Zro40G+
zHgkV;#d;q_6cpi7<(~1fdQssP9bEcn<C|yDxFzUY9GyHSTECw@S97B01A4+dn|aP&
zt%GhrdbI-2c57y-f1h%S7gH8BuT%G1z8oE+6ysd>+qmU0AGk2(7_xrwdn~YoEfFIq
z{W_}IIY?hJmmlmg(_G6M96Lb{2v-T`h};^s5Himf;nY2A-%iVt85;cd*oF0uF0_3B
z_gGh^Rff5>e9LR~QGtMYem4TE^p#u63iU=}HBdwb_mJn3G?uil`iEOGoO<JyVE%GT
zt1=(&RL~~mUb&@li5|E}_u`Wb69-2dKLADmEQus8(WWeEZl}nJl%`$UvEgF#yZSRu
zegxTs3CM(Ta{UF#VNh*G1WGmNm*~0!UjHF`qJ&wfeuLMB+fLFKF?7>W^>@UIs@2-4
zOOVCY@FaFUJCp)d7hlxQsg2>kxFy$&J|T2?QGGNPMMb_@h#{_l8x>BhR6x@-W8o1<
zW#$kdi+2Hs|C5$)A0b8j==sfi{OsWw`n~__uBN-%SS`qh-i3Ah=z<YOL4&$n3hTXn
zXKc2|G(ZQu?pEljlEb2i7?a&kM>JjmGhN7d2)(H%VpqR2I^j#<HK;Yiiahr_TMCO;
zr&`Csa7xpF=XF<;W-ZQlWdhpOSc7&oF8KRxf{k0mQtfeU?gibkyNVzpZ)-tn>OmhL
zp!u#n*%jNdH;DHWXtMK9Yi2m?{%0t#q`l+r3CK0(E_fyMgijHf={opr8bB_UPf~d4
zE(oW>UL%tX-TEO<@>jLLt7@zIM`>aC=S|7pk^rgckgC8P>r~w;R7sJn9$(O>M~`b7
znOu=VuBk(nw2Mn#EI_-qHl2W42;Q7%KSI9Nov!%8vnP-*rp35VGYX6Kmdi-cPbIF(
zD{W8t&0C87$6GQ0c}tL2Sy>=&2`Oj@4~`<1>{E5xXShM;jN@QYJ|p4vhjri!(LQ%|
z%@rfVg1%Y*LsXhdytt;P+CaY(FJeJbr?87GS9V&VAY^=~t0*gWm^tpT(P9cUiIE4z
z1kG=aPE<oNdq2)6{Yj6ng~&I_BcSJoHJ<cct)KOZKc~XL@vGLeILYjA;GLC_*vXeq
z!YJP58v4`7ngXKs$wP2u1Ak><FQR>UkEzkeZ7Ssl6hx$)3<+c%nwCx!FeEfJJyJNo
z)MOUii8AB*KW+*3m0PNZ<c!(jTq$EPNU9_~=WhQM-<R+{le0-5YO|NVapsj<N-~CZ
zil)Q|aZAa299w_6C3swBTa#W^gZM_f8UWf3OeqN6!=}+ncSWPS1na5FBS3IB2$nDo
zRU`@V7TR`je@uAgmLP?`-xAS+xTX0%vr*D7Aa04|;FVhva)0HP6xk&ja*YGgFe1oi
z#4_g6QGI2hxW1KUDe5fZoz^kj>DWcNa36PF>?&^re#ZDis|Yz(?WSvEuRB4W=RR<e
z%9+RpF}hWz7A8-u=0G0`%bkY@>U2oORtZ(gxaZDN=rkdN!wywgvQ;f{g6Y54Uq|<$
zu?un%mYap#32rsz86b1B2Pr;3#=oTYMyzmt?7<)+1)iw_{h@^!91sVQ{H(O+Jycnb
zLj?UH;%zl0Z1e6RW7BZD?Hx-LD`i}i!u+Ufj814OBwGEcJ}ZCelO}-_P06O0d@dWI
zxLw`QHYzxik`xoDy*oMIMSU&Jl>1J-mS%Llc0r{X;dufnP-&(FnL*^ns_AcOCeWd0
z6Z@?+<NCfZ_jf$J%jDN|Xf`(ua$-;m<+5;7jlFuJpo3mT9g$1NrsBQ2?AM?!O~#be
z#$>70AbhwR>Y3w2;tl3%Q{@=+DnU)W%S#!nO<^&60X))!piBNKwFGh&+jlhBfx(H-
z(IonY;!)>1h1;yrGVlog;Rt0^h-fs?PFZ0B46oXfm<i-2E<&PYxd(<_T@}0<CmNA=
z_W@357!y&+@LY`O(U*e*^tuQC*V2qB8|*Dh;$wW=M?4mqw^dENE5Wc63I3=r+73M&
zuA5hW320Trf?FS`h9u~20+sEMs^cpJ^YH_$T8q#Ud@?F3ne9NXM8E{vpyV2;G}ENH
z1S-wYfJ!rl<>eNj(oFYyy9B5-!!~Z+8?98O=vzzw<-ym~o*{2r35Ee~m{a1CAV(*~
z-MhHfijw;MM7+$MN0*~%n#fAHHAfg3-%rr0Mlf!Y6aIa|z0g0ank`cFBuNXbSdE>n
z6$*<Y5&VZ11JJ5QlR26bUjJ=X6U>xJ&{|p{yeIVDYLcZ26IZ-$qD$`6+{ZxV8bD3;
zf#=CE_Cq45G?V;Rnz`)VSNEg+w={!G`x{wW7eJq#__s8Z!lm5{Kc1o=4N9FLRMkn4
zHfoy`*b7#0377aAx9Q;Fp6ej*w!v=gDJ*~Lfs_g@7EqK_qSk7YRCrz0ptmm7I!S<5
zHE<b)N)isepjFM#>#D~7byWjCa7XjDs>uOVzblBVQUdf=E!(6~Tl}vy<L;C=hfO9w
zvtSDrdoq*k(0B1qX@){KepY-jLZhf4$%VL_(_l8I66f!#hHXtJMDcZ1Qx!c?Y(FaW
z@2VzyrZ6u(($0LHlu^PhHaIqPpI#t$UMHq9_G0FBRTDoJWNxs4O^rJqhD-fW^n2y&
zcWVtWIIvl%VswzUR8&GE-7P!G&OGq{XiHB2(U$gb={o;vOS1hSZ7EO;dr|lbq%94!
zNJRgmEmgj0OVwP8uiBC{!lPFkoh<!7+7biPt~Lc=TFEpEj5LB2kYSCC@aeTQ6ZE$<
zqk=#E@Sy$N`~wmLONWufDdlxlGZjEi@u;){XHJR(D$Pi}mS&7sQlZ~UGiuec;euo&
zUkWsP0#%5{^Ly#_)26)`YhFt;+25#kB4ykQgP~6C0Uv|Z^*$8&I&>CI$Q*zWrlOfk
zYb7W4{-S#N(0nQIg49tJ*xy6GL=>P^4Xwb?>#FAHZB>)<x~jQ$^&7T)Cky^}RYUzP
zC0?j_y^ikR(oC)vUbRC!Y)YFos5Ij!CVZXHO`_0_ltQ6|uoS%H4I>hAYZD=mX3h1(
zu2-XM!B1droe~kB5n5YGEjqyljKO+H4Fabz;iWiA67K7$9OVNmuHZ`h68|7bTav^o
zWKeL#vCNbR;)ws=Y;Eh(D6X4z^`2}~CEhx3l%r1M#n5h!nor0n_&cucz<GB+-eszD
zw+vk@IN!N#H*(!qKR&R4JdtBf^lBbxx=0JoPqN*qn}iPFLi_QQ*Y6hVxkL+Xx*1G{
zYZ<<B5U|*P_5Z3SVEl_G+bc;V^`Fp84Jb6DN?;HqJlj(|sPAzK8r1a8IDTnj8IYhZ
zb7gT9ECZL6lAS_b$#M&-uh^s!U)ibI8I!iqAg$Y1Sc<Eqi|LsJ#2R2@#*7hH#e!Bf
z9IvaIt#!wyt=CnJZSVazwV^&Yu|7;3<b}}{83>5;pNb>h%94&M{7g71{(VH<{*=$9
zraS7hE?P@hv}?4O{3^vpbWu^>Vb{%wnEnV->D;4U@v=vvXQCDF{-4rJ;(tmr%ae`o
z$+#&T5z`88Lg7!n^+^bs;@(O##eAtw9GL!=(Uh$NG;gIDs%5v`?()~tj6a(R9tFvn
zBTgQ~KqB7)S9;%L0_WY}okdg+@eSGs<CfX1Bu=qKB3p{S_jkyq?u-MV(#%7A934LT
zBIPzJ1996xYx|Uv5Gr;*#Sbgju6Wa}42*wDGukZ0-Jkq&^fmXYSp>uw`HVwvy+*4m
zBjOZoT@K*JAWm5)CiWvLAsMBiE6%%dVId6<l1=r`6JAR*>7U{FZ|4ac=)=hXzM#Lm
zj(X^z(oF03YH)mGl1jM0r5UvlP-({68&sNcrAC4Ir!<qxiD*vPg*=s|&$WI5(w5lN
z#99;Iv?T_Z<Bk7mOL<hn|7uH67r+OK<$w*KQOKMo&2;W_&B^olrXbr3NI!lCO(uwE
zLq=ToQPC&-`woM`@WQ8lLoOWqHb%?zEJ1eJl&ctiFI;aU{pxe}>&%_^lHu^r_~TZl
zeA#DZKH_Ng@q5+SynD@a;d5<d72nvl^q3cjevX61ZfpD7s40<CgWpko${|`^=&2^V
znY<lmXP(u=85oJ#A0ggWHI<ih*;^ZWk4u8S^k*>rjl<x*@ZItRaLqhraxCKuV0L5x
z&rcp^9xoZ|B^SGxV;v5sYf*hznZTE;7m%c3RRK%}ZhG@+f09CMz%9Rj<eFdt{(`t0
zp8Rgt=8!6HK?2D@G7|z_p^1uMa1^$O_E%b(`3{nnXbM5nl9V2*&^$Fm#6CGKx+2}D
zc#K+}_XX(6ef;fm0n&*G8)*zbtlO9giHuTkayLT=2=Vbx?of2wPtMxBn&uJwS@Prg
zjwi9l0|L5PJSWc*oow1pJ?;LC6BMGQhi*2;_G49ztfgMan0$}7G)^f`McvUs7dB%J
z-}P;@<+XAxtEh1XE`6)nwdRe6-m+d5gaL0nQ%CWmIa9^<!(GpZ+J*o*ONMO^^pf@<
zXQ>={mk~NCNsM>s!J1ap!H64*uJP!PCvV3*YfhN{O)GPz=L3CAdlBGUG>KCwD;{@p
zUK&Nhu^h&juh%`SQ-U@(ad|ZJ?PGaOz7)t=GBGvAH0C0HUR%53eF$h(QROBL)dPZ@
zrQLs=B~r3dzW+E&i4|#K#3!81H@=OJ>mDFy3D<fy0^}^sB9u%~?x-*~xZa=S502wq
z<S~aqMt+Q3GL2%{wQwzdbCz;+_THQ&D~dkMK0X+TIsL)j$`pI`<nwW-URjr64M8_g
zF{e+vFI32zrXDuX;*-*nolgEDx`VII(&%4j$??<HqYagD|Ar+$G}y6Nm(7jDaqvog
zzO>GJdxW^J&socs{;f<=xm=-<-jT`bCZQD%^~UE`L*bW6Q&Pu8kp8bv9)W1`ea49c
zz7Z1Dp3dTf2~VJ-a#Md*ZRym>qEu}hmLh)^lQig3ir=*WdEu^K47;uPEUdD^h^&!)
zks6-H`uVD=?f&d~CJEV{ux?{+ovtxQ6=Y*OaTP_xgY;3^TJRZUG-x&qkza8NAJ|8Q
zqp_p{oO{8%9ci17%~kQ$Twpq2Q^PR>XG28eW)GvaVQe7@^tFdv+0oF*^v~<683tx1
z@8TPc>j#eGRq>sUSQr8Cy6e5Y%c0+zGH!r25eHt0yZmIoJg&E<jA=>0I)g?+@X372
z{py!u__wA^{4S4$l2dItPTZ$dgkmkil%u~*nKDT76iwb<j_onrd1#V)Sjv26>lijM
zVMc5S<5EaaQzj&K>N%$c)Rf7f5F`oWB%6{KL)RdCt~S@K&3r$!D^tfg<~L2M^|OM(
zArr!}L||lhA%;auQHig~L*hvv^#C1l)sibgp&?(}H<1ieR0E5Pd0@Fn7i{)u6@I8!
zymz9k9}EjJpDVoAcCc+@RWNmY*uTU+B_7=96IS@p(9tL}BAY!@UxFXwr3cy-?BAx$
z2h8yI>{ra{#|=ZjGI`8+q*<y(1Sp6i?0G5Du-OX{SEqcE9F(9ne0*Wa#nCR*qlAT8
zB-`*VL2IbTtY-c*!ccMr#dSv#98FnP$S};}!H+m`J2(-?bTE{IKie(8pzC_hQZr6G
z5#(h`9SGKyQrgyd;D>jv;V27iviq<DM9P;cTM^cD=#(LE5=Z<6i1<E<eA_Ofse(qD
zE15PiuI0{-Z;V6&y|?N9rtne@KOBu>TULV*0y|~Rcn`*}$#Vrj$HPWw<HXwqWP0Y}
zW`6%wLo5h(C$l~YAFf1|lZVPpRy$U;>(Cf~LdKS}hR8NGI26FM+uGBigz%%576$EV
z&tKux@7_Y!Hu+jW-G3O8Ep|wsMfufP$|4V$)+`ze+*spk3C3>aYVq%spPul{^xzNq
zBfJ!tpT&`iiJHKmomN1?xby8g^>dZi9i2#9wj6>7AyS1oIxHwD(~{za^Nma1x>GKa
zx{Z1>NFS7x5iy!j*TM*@x(+a#DaD0q62)DMtW)(L7)s{C45U(d*?Gs%hA58Jz#{|Q
z71Ic0rijxQ6q8DxVx~84*73p}$7~tS4VN@Xkt@ylQlp8qb?GH=1%Akdd|)R%<C35R
z_nMSpn$ZEIm`9Zj!Ge-9Id?hxuSuEMx1>x|&nUO_kTGLXU@BqXKS>$-Fymc~qqn4t
z1Q8L0p!awt=2M5s<-R-ymKpuNcTCwfyzUlom4BgR-)GhH_Jjqv-R4!VlJNoN=!*nY
zR-1oDKCBA+Wb~}r&z7I)AJ@;zJxjn<2tBUW$FLr>;{y-bsrHjo)#wXawu|iQf)p#Q
z@q+Uw-#=w<q5BiRk5_adm^AL$y4LcxfsP&m@Hx=dUI?V{xicGV(yRRriDz>XF)O6|
z1wdO-lbH&@yDZZAVZbW%nv@Z^#nh|3NQUb5Z9JQDg7dxC(xiay`FeF6(PxXP&7dD&
z_c4-J%x>G^(`caAZ|~*1KYw(`%T#rlX@ehpLg9DkFt#H!1fPp%3nCuCD^(1>1x22;
zlux6iNNXu{%OG8dw3N}^&_tjkH{VWeBv2~<kgq0C_kdkLZ{@e>{}BrCy@*Tp9J)lX
zN7LO`?3DR6d||TDmxD3&DNE-Emp#NdrK8PFJdZu(OtMgS2h9(IZj&<Fz-(@ICnKCP
zoA*lJo>Z{6W#SsD9b?R?bAMF=V!03=E<yON)|D&H4R?Yq3o!*t1?XJfxUp_@iIL8)
zRh^>j3nLho-$Pd{H2J8NDI72OP`p@u?4?Nn!cXiEdx*1@T(X5mEr@soRgs<dtGD%*
zz?rcR&v{ozAAb9EfAz*hY=`@7Wl$^?GbvXlnfo3GKy6(@rfOL1KzNN&uavBrUFv;f
z@o@j)x5Z4-hgI@QR`5W@SUKQ|X37a#k>#vDvp|P7nw;v@bR4uRN?FGp+*j+grD5!q
zT+Mp1^v3#N%;1f<JyD2Ltc*2G4sEq>Z79~N!=2^+rD8T~+S|oy<<s6@HNu@Zf<#aj
zM1#oIVIH-L-8~e#CW5;upv2#jGHg--N3Thl#s4K`LgT2|q6l@A-;y%bLdFK1|0HF0
z|4qtJ{*#o!zGeL<Df79{{Hq}`0aCshqB&v?D@+CRZ^=69fXoP!S~NkchX<`m#dxMb
z>J5wr@^7(@sq8%Y#@0WM1`GB*NZIS-6b!|N59zi?Axnz&kE(uvaqK(OxcPtH8se$@
zE!8$rS{QZ90k-G;DALVrmge)g<D!OFK#g$U+>_AZ6V^5B%glP*Ttb!`x~Lv#nzBGJ
zY&UAL?5Z5?GwjW{%0LmhjBOLuIu@n+xN0&^3$f^mbQUlxreU;C8`8A8mZJR8RUUKS
zaJn>EJGe@}m&!IbMY^8hYuWT{1?D&hc%O805w3lMw|jB+b-t-r69a+}ybI)HQhoYr
zdo-eSojw0g8VZYzp7gLeLlbw-cZ<;eb{|Y7p>}B(L`PT}&CzyD$r{{Uo9BjI7Y&C5
zXFb&L7wh@1X4d&KGcm`swD06FH2vc^no}+D8cmKn=WJVa9L*+559d$fH7uG#@Q#sI
z4KvD`7)H}9tz^ssSuCbR6Ia5-?_x*K-Wf1t<2k6>&lEtbZZqr)s(vZDu`@(CIa%jh
z=f5E=RePuRq&zoe7xr3|ab*DNF<=FGMmt&@c27`%q$MK0ia)@NJEC=;^>LU3#brvY
zd$}j5IbF>qpU&5wOuXGsY|JEQ#$0lI)ZAaCY$i}h7J@LyB=;-sCUHb0=52nAr$Zj4
zk<1^-L(v_Y2ip%&;F6%jKWEg%))QuHUMKOSn|KNE@$_y<%JZvr^Y+|j!#j@}M^c)9
z>AgfF5@0_4R>(F+`=6c+cxs^Z-=0hyK=HLF(}sEcMKwcpUSkF3&L8u4|65PyNA>^P
zlW~d<RCK(^Qc3AMiHPhS37f+z?IOu@FPIBX8Q(BS%HzYYl=|C~!CCz9Z%^jqe|j>8
z|Le(Q(+%XIf_gHlW@Ag7+WNa*r~q`OVRIoYre(c2W=kF8bkEL}EK3@vCe28x9Upr5
zJ=}o%Tl(+iImw@sH<QEwrO0*f*VEGo)jy<Xv@&)Km<^%<Q)+aeX~zsXh~>w78pH>m
zEO-%ww(q!gU5^BXZCrQLq(9BC8B3_myQQ2jTdvy8^r~+?Wr;;W9y#{w1M;fk`DI$4
zIJcoT_Gr8jSelO{zl#?rvJ&%xj3Oz1l!4Bx{qYR$zzD82mJfK0W`HM}(0wxtczI3c
zost#TkxhD-s{v)N&DyHxc+bt4LK)LY@8Wg^i?Uwq^QpKX{(*`aHY+U|x$G}oC%T7`
zUi}*8Gh__Y+S{Jw3D8?lPc|v<Q%l6d_*;E^EJGtIyUHr5P^MTDrthanf$Ne$Z5FDD
z>L>m-?}`G@d)}K&{v)5e3wNC7@20re)y~otrmTi6V7jq=R$kLv6h10UA4YO3JEdo~
zZq{4DghTkuPMi|=poU?360(IJ6F(z3?;XPoCm2cQ$<W3)yR{XGLm{(XlP0&eohqT&
zO9aVt<y9$eIa!IcPt2EzB*K%_63Y~-C4Q!@XwkZnT^(k%K(fi&R9QF1Ij(}<;Fz0w
z*TQvT_}n=4nv^LA({=|*OI8%7?yB~q%tt{JsYpp+Rv7fXR5F}H6I#d5d_(RR4MoXM
zzMqY|i{D+@em$)d)KroQ#O5fh;S?i~aW}1$J{1?Xox-<F-^4SYJahd(woFK78Dc4I
z_Z4abqTlZ1L&Rp%S?E9#Q^1@l6zCa*K@atiX(&0)!)I~kgaOI09XHYnxu<y4!rOqy
z^e$vS(g!IHw0JQYZI;{p2&-~o>i%>zczd`g4}2Id%p6~Hq21OlYEygqm8OeG>vL<4
zvuC)HIkx7C<wyVMD{>S{x2dXpt#b84Qi66jbl9w&tRPT(I9IR8J{7y%<`<qCLkWj+
z`b=l0!(Q)Ezo^w`bC{|PCj-xxxaC0Uy7POJcz5-Qy}1nrw&`SyfWcl2yxtOR<K{;8
z5caP^!Wi4~70sov&1wC_XJj`YfY)pi1zM-BgL~4=?nxtSn8(fZ#{>%UfRcZjGW1QX
zuT2^EF{HPq%=q-rl((jg#Xn6MH^Fe+yU8>Ms&d~-I5h<rYXR#B6|85S5ssa#Fgtc}
z-S=n_f;oG>LuL+Xlu&<klHI_aMq2=AmS1;S=lJ~@zFm8^=@Q6)m^w7j%yI`(Bg5PM
zZry6h$;B3H0w;|x?BcCc*k*{**5qF|w`zZ|xidS+$Ty!oV^}$sC9777DIpO9O}Sz4
zFC(Q;XM3QBU#TS%)*$iw9%BK&i~dMKIQrzg9$qs53Z<f>f$=M~^rPgz)DmPY^eeSw
zH@4>U__A~QL;ftv+v_TS5tZ<n_u-U(?WwvF_fi_?qKKtnvia%s3H0-eS_iG0c%xz!
zVmW@TP!NhtM!=E(qO`@3aujadV9ikYKp7F-BQ4QkG?Kgd*(`O5G-=$h+_~%qU_Zl=
z#G={hCfMqu!huBfEc9|s)r7J>Ezy1l$y_Tt9z>a$>wjG)Ja<0JmqR;TZ~cqX5=%g`
z%$_6UgmaX5T3FK&$+45?=QueuN4uBLm)oR|XR@hCtkQ*ID2`6kItI+3`w)xk>v{|A
zm|s56B9l~P6M)UHFK(8*{%p{LcJ{n-@tTJ2`_K~3$*&c5V=69Pk^c|1RGh(GvY_}e
zW1f~0zI>Uw`7@SPo8g0F%fp=^aX62Pfj|j_I{GYuL7aP=b=Iur+|dL9kqx@%r|D$O
z0X$WJpN@2Rk<HL)Uu_YNY{Z(Q`Hz>XYU&7YhH&3{@b5YAOpLsHUovJV>dSRbHxpVV
zTFXBcan&cjR%LWAXv>is9pO@!e{`y#Y`<uOlMI#7Oar5fn=6a0&M&T*&YRMK*zQ}F
zlO59AKAERyXY<b;FynWGf3q_4t=-HBxaL>ky6J1;_jcQ8e^`kOZ_=NL`0wX0!+_cT
zx*yxI^>}ycz%M9Cbs5a>2_RdwvX;KoZp8ivTLQdcOUO%c&4ZUXLy>`)i3R?kul0zo
zNtIo}0#8h&AJzq5w3|pli;=VQN)WcRxCzpU_%mT*fGYQTWI1+D^qvqg9@1_c7H~7&
z0QuDX3Ig_dzEf!by(O56z7aID&`>MCzg-!fn!r}xypgHj?cM8mb%)r3&0+`3crjLL
zG}qtp8r5$4)_ad5%r(*LOgXgpO&O+B+J9qJndbkz*+w{eRtsU&D0tJBuxh7u4xMA0
zSp)uROEFe8=mu15PnxMe|B%Xu10=S=-F+gmg_7wGRAd+C612JYhlXuGKCH>T#FdJ>
zXi>s4#sMF{-P{q4qh#C=f;u_(E2q!m>`0%la3#oO(^c{5Eyhu%((+L^m&>kj6BHbw
zTx!S(w$=5y8F0z8ALKP#;+}4oFE1j<zhiM-pB=)A3<+w|KxydQx66o7rlc?avI?u9
zv>f~4U&0}vB^%8UvV32IX7b4+$0{CK7j2%R&dbE#O^(wccPFebCI&@it6q5Sbh8A`
zq!=3^|CkaXLvZGj=8)S|dzY6tm};cC-sKp-qTO$cW3<`GF<4!Q-gVF==7n26?soPI
z;z^3dpKC4MP!?K85d^VB@{Yv_oQoE>f>~OLqIaz&188)CNBw9_8u>~)@D~qs;kcAw
zvRuNdk{Z!FD%*ud(ZfSs{oDJU{8ocLzpyMic{G<-5iaea=r+(FD%QEpTY<csUL(LS
zOqmSslAqrjbDP2~MonKkCZf5<cur81Z>l@>-fT9fBOm%jG(s(HV-)3T{;crh7no9h
znzV^~YF14d7sY622~nx0n*~J4$?u$YMJ7%r4_F5|PMwnSGG+a4l<{s8eUV2hm%?xe
z#oPXgZ&Tl49JV9hvIF-A-$7=PzQ0tUcGP<o#4TY;3@r;K4fF7MMpB?>yBRrd#wibk
z%I!#!7n&$8WvVD@9RLis0rRKDs&ifo&H4We%dA8J&3Keuf2}_FoMnMVFW)@Bzktr?
zyg*BsC_SHHm0wy9O+bj<p0da17Nqa|1(`u;{eZC0Ki*w=J0;S-K{VUUi-Ed-y`^gr
zZAJE6Rf=Nyae0$oqt7Ku)eH3U5Pd?O>8rHcI_Iz666kc4-{1n!EHRa~Y8z#;4}7Tc
zcp2CA0Uh%`t@oROFzp<DF17mZ&tkb<=2*Q73GBI@6m9w|uEx8%QKGk;n;2OAB58KD
z$0CEhjDwmo;Rj)Y(X|)6vO;Fz<R|Z>k8I7NMM8scK0Nzy^UWp5VI0s1km3e(d5yR}
z&F^Q9g#*mSu(*P&X?805_sJt1f8S#(P6h!<@1yu1#n*y>#Y~jgpD&1Rs5+#YcLm7s
zV54Bb7ssN;E7;8Xi6*7Z`k4y0)-4D>b8-WBLDx~Hc%;nI(ptT{3HXPnJ8H7*pQw#%
z!$+^K&!T*K0|3UWF#IcYUTT~`GrK5V;C)|aa6`J$#lt%H0snGI2JmHbZFBqChbgm6
z%)zdoONm`@_F0Te?MhwGN1->G-?kegNU*^Z4Kr>LcIKn1um<~){;Aa%yqu|K9V7cp
z?p%HXOMD<@wq~AIEl69E!w{nTt1UtHD#`K9VArE+NM4JMY1|oZnfPxyW9}c%eLM1P
zVl=DOmtD}W1DCzFiiQh!gq`plk|dS(4;RhR!#j$_ii0NfaungynE7<fs^IzCw7ID;
z%-6;81;f!xj8x8iMA_tyK0M9}Auk0-1XgnB9@Y*W7m3nPeaK^52YYx9v+`^IgQj_L
zAZ3vkC3v@-maTsYIc*UwB;#Y$G^boemB=S)$d+A*ezJ}{wpeDXc66}N;@DOH2}*?o
zRakd2%8wvysj$XhoJ9E*Te8{HyWiz*BBArQFY1qiOp!GwtPTtc8~7By2|g8A1&)_p
zi=eQuPakBY@@{gS``QyUfcco!2r7d==CadEo2uUT8&a{A6P`JO1qE#t8w-MC)8iI@
zl<me;uwv>#v5E_ZS5m|nP!)kwoum;dppTIr(LlyR)Rc6UVyeoa*w#NKEH<9(rWnSg
zqD;r^3!wAj8Xk1nVbe==rs_7mOfu+qSo;u2hn%y+%@t?%iC&X%R>qD#s*F4xrB5)9
zVk6w$l|)@<Ay+t$ev^A_4(p+*G$b?iz5{e9J`T*>PQwN;^^7Y{-Mc4wamotksNgx$
zW@5(+sIm<QTKsAeOogPUb5rm2bglth&k$v(w0<fAMB+$Gj1?SWBE*P5N+EKBK0dtq
zxwZn~*)6fKTa3-bX(ek!rI#1|Nb`Je9meiOel+CZb%@IxU^GdartO-8R_Sb5?<LrA
zhx;w~L<x5UWhvkU)3L!32<wZBg_%*{;h~&X6^cq@6iB&p$c7gaq7k>7Y&CY+IIh!y
z&u2h~b~0{m(9KsQ7niiN0ZCE!_&T#7FP{0oU72`{A$L3xffP4&a;NN&#45hT^iXux
z0`+(4TTz&ZB&LwqA>AlgW%I5_3f~8L(k)I#r!~tHEI%aBmf`$D`-2q5b{U*KK|QM=
zTn)MgN6Jh~nLK4Iw(Tb8pFAl7`~R_bS5I}c4Zr7cclY4B(BKf<-QC^YCAho0ySoJo
z?(XgoBv>Fg%;LV^clMs6nK{@~d#awJ^$&Ed?&|(s-w%RU0->O|Vt{FvaVf^*mq7!x
z7zyek-fk0E@?%4@QY1*mJV<nrOOI4xOkEuCI+<NrrVxV-2Tglve{{*%fvt5kH&{Bb
z-UE0bGbVWxkp!=XqBj{RZOZ{N>LwY=1Z~-0fcF$^X-5`I(L>Y?by*q@dZ4BTKo^U6
zVV6c1{QeUUYtAX5aLE(9ffQMQKzh9)9@{KjBozlU@D~*;QCgY)n0`6281bFOM*$e@
zm4~g*GC*jBI|wUK?o8%_I=O9Fw;e|{$c0Br42QXoQ^@v{S^`~FiFY1_!y8JenbX^F
znz=u=Xlr61(C34cTm6?>0z{oGL7hO#3T1{7)I}I`eVqktTa`RQ7-5bihSv*MHnd|G
zkmJ%pOeAw?>Gr3bqxk2)R<fg4#ejo|f&QhxNxN0!<TzB36|ft%9uDFSggyZ-VV-2l
zG$%)6oP~LBNNzv$?inqZ7STrHH&NPKU2D`SnqqOtIR#ErLk`7&OPjF>W(2A>Jje+X
zsuG-V7M|hU+sHvWk9jsx^DYb_g=F0E#KoO)9itt@9yYV*+GG<55$_o!eI!T8n9LJ6
z>Nju=qr)L}qFH<vm#qSkd-=w*Ss|6)RP9#0%HIuI!Z_jt-yPLB^5a~@9l6isDh#l<
zRxFu<!bHLL8Ky}6@a$BB;DJ>cA=jb!fu+Avj!TQ`)Y(Ug6%kPti@Ku;3UNZ+cCbKc
z$(kLL1{FWKgoJUX8H>;4e@IKJ|5H^47mU*Fvns>Q06tb+Pu$)<>(!6)S(T}TS!|@2
zXtY-mL&<G0$T+OzxKYEeG6+Gx+2e?gO(=i7ZTMkBs97u*7R#WR#fZZ(>S4(qWbnnf
zLY~XB2sNpnPVUQ^xaUd(FLwVN0*>HxVtl}ex>u*b527SPX^SP4WOX$Zys|M!Y8Qv5
z0D~5~;u?QgQ0Dzm-bhv$!i4NY`rya3tdbazkwm3A6w>3f%+w@&me=1=gPP!+e<sxs
zXfW|1B_@Q@kS(BAgt!@8XA|qAgUEMC##1s*%A`8Y0);?j$6V^D0OrGzgWaQMMV$Ld
zKj??hS#e{E1Qa6}Md-4z(%%6Lq>dTMW+V}!4AZ)ap;Chhz4)b|DCv;k5k(+w__FI9
zCXcskeG|{zCJZ7CScK@>363i8^cTg(zQVtlq`%Td^^ElRB+Q)dviWPC6EFrb>ic}h
zEO)BoBUiBPk&iFfzpOtL9YC{+5I<zD)z;3*Xi}}d&W44O9A@rD(T*Yy>{K;_!@kS>
z+Dt34JW-MWI&-A39Yt)1)KViXlb>7;-0F~r6fR{!h^C97k@Z!{@`N33s3+`t(uQED
z+hF6A=s<4X!=Kct(_;Jk<OL%5)Hwj8$mk5Xap^>r2|BliBNB(lN(rGxi_Ah3ILs}5
znQuj6enSzD$;IHB6U?~!3XQ62?~7{sCQpTjSb14O??<Am(ZfZ}wa9g^s?Ks8Ooia6
zeqr82frqVuTLFmFt=Q%_VPp_W`AV&?J%;|J-wzC?vZT)Nm<D6@n!<#o!<FCqoewQ@
zsuPYC>Kl-FQ=J}=7<V?k^)MO=84sdRQ%u`{X5;@OvypWZLl-=#OO)l9TfSR%Z$}p8
zm>*hI10IE+!0WOr&?vV7&4*`|7+2_d-bJUWT-?GX;TvlnL{V^86vP^-VU1t}y!25m
z#1%yrdI}V_MMrb~%u46{ppjk6nQPq6tx}Jw&{uj>C^+JNYN3O%<NEx8Bn3SU33sfW
zVK^$0A?BRC-le)uNhZU-BQ%yY%U=p_fNv5?g^WWv{*-|v0*h6LbPiNv!!?#nPW5gH
zh7=pkIIL(w=9!{068AScT9aVITvI13-bCaL7+xMi+oQ?uRvNQN;?Bw*_bmZ%IM~r}
zQ^C0_q#;uDGn8!V&e2vAi5is{29;|vA-lB*kBal5TXkT?GVJS6MRHcp{=}(kV%p4-
ze%S5Rl(QH=mzAuHd}E@W(j{q%pLIJ~*uYE&B5uaGDoaT4#UtX^CWhH7D9u?#^tlMY
zjyB>oNn7%5%YVBI1Y7J3!win4Ha)3DFGUi<n7rBc|J*aGr!a-oT!WhJFSTLw570iX
zJ4;WVUAZtxWK2RG{9W~y1b}$VFmYT5qX;Yb8=+z${PcgR%7~7Mt$$W!82^4&WmwHW
zr6mM@pXyI(X|kCV7bq>UUnpz<r6nc_speb?k_qGb`Sj4D1=i|+r6oB_A;x&yEM=E<
z_D!W$nT>h#1yt}As#SAH5vWP@ad*jL8e}7kn?UAHwrag4R5eZ&+3HM$(v=<pRXrJc
z@ihFP=-_!TY%=Ucy!hfpa>PEwNOg-Byj-V2Sw88@u4JH?=#5nJO|lbBl0cRW*G&=i
z6akHHEzj2CYZ`nk!#jN%-S^<4m|eAhr6qHdf25_!sZVJMZ-|#Sg<SmpPoN-$#Va$w
zVt&R-?7OOMS;@D${Tihk;gWx|G7@zYpIMp3j)h6_wPL+Hy*t|cO*=+ZffqIQq}yg&
z6E2j-&CIb5_I)_*4#F7VM^9zak)M`YdF8X0&{+F7ED^i&i3|m2MO@~}B;`<+{ZZM0
zb&z^#j*T(ud>55Ne{RV*l}i=TZW+P^x&3WUgK`!utMwzC^L+A-B@mQ8vohL<UJ=I0
zZ+mJ+GLBaUsV9NinW(AqTpj%+3AQXqb71pPljn5w6cCP%I*lD}R5F&7mt4$rBCz`o
zotQ=3)#%i4siqA0;3kLr!l@QBD**TjPTV82u-skVSq5-K-)R`>-A0pZIR5Ma0pieD
zODHJ)4#1@7>RQURvEOgUiAGK#aEZ(?zyn1B=k)XoHU3XQEU+vT>jZmt$QAn#3s>i{
zV-9L0zpz^ekUi-~h!^h20smu?3t~jL)IWrIoYP#!ri0eFlidO7D^B%Dc97iHBu*eg
z#8O@?hom2ID6j92ngkzyi8_bTf84PZZ#%pZ1bM2CeOUP?wm%4n{#sx8J-@sKjXZw5
zJPK5zX8fKeA<u`5S%Al6!z$T=tzQBCKl3sbgGBPZ-lEU%+W|X&ybiVJAM);p`17<n
zOML{0>vC_Z$R%%@cEfht2+Bbyym`pppkr-ko5I$1F9=H_)(18TW6Drkf+<)h#`(R!
z@9aF7q<y0T2-`#b5)5fWGCZmg9_s78YY76;+(wRdOaqU^49(+4yF0UVjr1Ib@}McW
zUzo#R{PXadYcx}p=XdZ|H|c*G!hGyL{f`#R3;h3^7R=#)S}^}<!ThHMqYd%DvIUd$
zpBBu2S}^~sTQFz977XIuf45-R6+W7J{p!_cK7Q<+^B?<lr_H2}J0A$-AXR`gtIsxJ
z1XNPuH9iAeIaK$L@wZ*=+5E?a?cX=nNd2M`nYxb;36vKihg{qV?rU0^;8JA=>RB@b
z`Bij;P=W(l#%swkqcyViChDd@lrn~?<U-hqs28Y^DFN9-<Ae!LX0g96Tp-ga12-Zi
zy%dCrQmntqh?RR8JbfAM*@tH*YRbn!dC>J@07cQKs~YrgxBs3qw_0OV1sUD=x3pp8
zmo2YcSw{TKmi^0jzn$}rmT`EoA*K&T#ez*Qqij^Va{ZR|WM+PlRN9OB`UKw<*Jl!E
zNqDRD3X)ulHrEoq5XFAM6+OJJc@wKYlC1|)$b0y?4^+QBz9v91eMfVa*ZdC3(0|TL
zn-1&2)q}99;Uc63ooxLT+HQAEq_!qE5jxf%Pub#;!}P07d$no^lS`SI9YRq{jL=zp
z-kDLh<*k|;0~(?!22QFNi#dsYPx_^*^*d70_p*6<sNzprNh$V|R@yM7h<~UoPML=M
zN%~1E0jIt|T8T;^V}4XksmI2F<lbl?y8sVJE4lnjD>45=EB($}_bkeD(eoX6vu~fN
z3+&@40MbgTG%V{CY?jGjK~N#KuEkO^Y|}yC`_<sS(j_m|@zH<r8~7IU>{OHmp+@P?
zBsG7U$3vI&4NSEL4*}|zJ6(Up_;;`Q-OGae2fl*17-jFLKyTKG<#P0u<@$aUpZP9}
z{H^|l&VI9rv-*dC8Y`|<)%d0IDQ|0?rE%BwI%I3d>C*ULpq=Fohc5#9(rog`QaI}l
z?Zvyl=p8%I9K<XYd_9SUzj?#EOW?-^zYH@v-kJ>01zC^tx-HbItAzs)%Iv*Iet5SN
z6r8SEei@oyhUnR9-Q?cy*Bhp-0W=|YPT<tYBNP`E+(m=N2&x?KVh(?+z%so~YKUeh
zwV>zMr{j*i4MBnQ*-t%GP?Bp3ElZBJRsObirz2lH?1m;aX~E@d+Ld9TiYfEW4gKeF
z7Xzexy|hk7+44WM(&F4U)Xz=%Jm6R0=s)s#o6}MQ7^a~5Y3;WU@`~+vC}L*1?ye@R
z%rB9%0Q64dry4HX7dyCH`?Z;p&XQusm%^!pm9++`-p&h6Q{tD}J>U9u80!liNanT;
z9_O>;%Zhy+n@mjS2_~%S$3a_G=dsq3I@cf1E&FSfKRqO|*}yNC8RglMdlsV^+e`%|
z`eKQn=UbaLuoDd{ur8_CO2`qj+m+|EssYI2#2W(FwgZ5Qd>zQna4slp`oK+_L-s4V
z6|W}-Z5gg|t(i!&jb-!P=Z%v;P5qkI=i8Q~(hl=t>dLa<Z8qOl*KO0JFA*}?-ZFF0
z=wz`Kjk^o9C!5&XN-~sfV@{))C}n?)CTidO(rbLuC9bAWA*+RpU0=+%>N?^rk3?#D
zm$eDVdD}R7DccTOlG=^(8`pZ4ReT1Gyx1Q8P=}Y?BQnvm^27OY`1bH;;KcP~r?2ne
z<?7`L<eSyTAlObs@6UBQ=@&+iF3{AZTl)LL{l;n2<X~_kjC9x1>U<LVUq4A8@_6cO
zZpk2OIA%+9HRD=Pk3-27N#!`!u-{1b<_#Jqn$+f($ylS_6U&;Skw?SIG<Z)>N37bz
z9{E%XYBQ?mAYy7Y`1ZkJO5d(shBZs5+WD@#XYkZ!egFiL93nzau#V9*JQFEt$B#~$
z+Kh5)$D7XZqF#3O>igeTk9q4&os`{J4|A#>>X{8^{#**g`o$(PNih&5(=MdvG&H1Z
z&aDTkat5=`EUq*C!R5V3TnqzOs{rM7wKfh!A@dd{Bt#60v3<FtT>9Cu096COsN1Fj
zs667Vc6-!fB6WexK<t0^C_J0g#5aep&PEOt6SBgU9o;v5u|^Y%iK=#HOvhKDH)Y_c
zQjB<w6Yb+QM%l?dnp4GSg8%wDA0E0?kh<TQv~XZmw2-uNg#85I+UIvpoe&t(oP;_&
z&3ODvoxxx8->}lRPgp72S@L8(3t{XGj}iU5cFjx7k4LHOFN>oI0=kzt(V?uVw_y=!
zU(CBeHhG8aNyOB@o!*SHN<kHu<=x7ho`7<ByuYqFhs86Ge8Ngc(V_elH?IKMJsS8>
zpOlwauIwWNBG1TwU?nF;-rMA{>N)u(Y}%TZM=(9F#%t)O6fZN`s4<#khOjNV?u08G
z_!zHZQ!i_uxZ-(%?7Uw3Bq8T}iJP#8D|z})SPAp*p`cc&6P~`-;fL%mzX>NW`iYN)
z^9QTvoj*XOYv<w5|MMA)!GC5j|Nof5{QA!fM)5y0n36En!T-HyFi9WSng@x$c1mt~
zXZ}7soPYix{kN|4|J@8m_gz~L)gj~6-9w}9<H6@c@x3!|CTP@;_O%Xmu8k|TJ3ykF
zf;X!f;><9UYHEHZHq$!K4P4OqcaXaAad^|<V9U=H>xVl#PKa7fp=}~1GfVfKJ^PsT
zyC`B^vOC+DQMM|KXK_TGDzAg9eOIw&K!ny;{F*OKsi!jf?ok>|^NY_nkoVu|M6dzM
zeD4Y}+VJa^wRhZ-x*3A%=|8%^4Ni}?Xhzg0;l2Z=7JU=SMDdDm{JZ#v6-XvAT`DPU
z&c|!AosUf0vV5+{KO~XJUs~Y;Ck}hx4d32I_L{c;lY#l~42<m||88uvK`!9t64JAM
z6s}$5{rmyx>~^QG>Ft0242<CaT?QuS@!t$gz-I<V_TBICe{luo?SE8YGMxcDA3*){
zkKbS9zt3?ep91}1G8W`SLnEObBOaz$6Ln~1H7+8<Dda&98Qp^upm78?ubz`~-=|2I
zN{Ycva@t5sL>(cpIOfU{ja!@C5L-jZohOJ~3NX0(>to}lq1Gi+Kpqrr3<u-bxaXjk
z@54o}n9I3!lsQ?J#P1s)m0_~;NN;!~!z*^5`|BM4EyJt2FLTGQ$d7XVC)Ig+XuLTA
z2VR&_H#eW}Ib1yN;d<OW-<dH#<o^8XUwdLSk9tixR^&c7JiN!heALW+&w&g%5GN_p
zwaG2>bAP2HDkeGSd)(98YkGd-_jbN}9^rUr)$xuUIss0OK5T#$a__L0xQ7qm2^hSg
zZo(6ZB?#3A{3DGiecv}hOyT!-M0pITtxHiA88b449Th~wrShPbIxafS4AZ3_iwbdC
zX==j?Xqmxg308BZiauPjFg3|ABj;Q0+33mQTu%!6t3n18bJ$$QTTu~du%Roe*>&1q
zD#4F`WX}b%83rvuvCh>AQUb<F1g>bPA^@-qSP|bX%cZqs@I0=^P@fDG&#NZ{es^S@
z9_P}6tyetBkKW)$a27Djr))I=<Z9{T&5Te;$Y~D9x+G0l)5CRX&SRW)0ov+6{}P^<
z7gV5S=HF&OAn;grz}6;~=U1Y%|KgE5;OrhoI|ZO#q#_f<y(Uge^jAMgfsj{9xxou%
z38<=(9LA(?LQu2kPQwv}$OIrEJGW-|0e8oTq17<`1w=e(ChP^Cqi9&Pr00N8XbJRT
zD2w2E1_8soCX84`SP{Rg*{i2-y*vK<PV7d%;+E?H8LE3<qH-qNy}BkqF|Z=55+NaV
z>P^bGSrOF*YPwPQt7Y+MB}9R`5-Np?Xc<aIqX+}DF_#9D3B?vo_h4jdbWn?Td7>zC
z8bCce-9-%tx%T=9K(&!D<D<EpgOD|*A4)jlX^&FN8J>7`D3g0yZ{n%)wY!0{HPM9+
z2U<4OpYeDrM90xE4k@8A_=;0o`|zZZ^t;vmN9EPkw-3KqXT8}j6n=5ZgA?7`JyygB
zCCkwYA3X&y)hPgaDd-iHC0c#;t}f=)($xH{vY&_2%~}3Ds}X>NE2~r;AcBTU&AiLW
z{q2VEBpjV~v0PK<A~A=sf_w^#-qsvCG9GMwgzEs^c01DQm58}O{*WQVF|{Zp+ILz*
zfq2OT@TKet!!sV5ErlGyRSyE-v07P))W=IrjWOveT+k>c6mb|H3ous~Vu?QaVVE$p
zI_v)a(E9;Qzg%2&NyD?Rt^xNjRG3GK%ek1hH#*2cr>58Oy2^6YCzdFnpSaRw2&vZa
zC$1zlnyv@y63L^+6r7H#LyW|)(X6*qA^eT<k4tF-hrD@*TBWT@WwQ~8_yq^`^eBF)
zP>PB$;uw3UQN+*kbOWg*+?WF{SR*lX5~g3GZV-f`kf}GZ8A`i;C_$2}qy^EpcZn47
z>0uce+!$RxSTZOb2bxH#E`|tQECC#S7=g9}rrq?Qa^ze{?$*+)6xA@Vv5ZV5jub;w
zaty$ut<3NYEn6VO8x*+x1jVpnR)^@N9Wk7#k6w3p?O8%l(b}2~GB^~M8vt2|Cs1n*
zkqOaAwG-XJNL~;}faQpgUOEYyrjZIvVcx8VPVRRKzk)!VfZ3wAFgWtAgO(f3CK%mw
z1T7fuimwet3fp+@dqygV^S`Na4F@3(U|JH&T&W-olm(|r=qxbQTgAL>C%&y@6>Uxb
zaPWD;;51wr?2*C<XaeM_;{yj%u$DwlKwIhPA6qHq(^di|HT#h&hW9^hrD_y_^7f~#
zR4WVuw3XKXv6XOuw$h;f_@}L;%=T$3;UeF{{9`K}f6XytCgYe!ycrA|{qSA_+DZ!2
z1j3)T(sGMl$|Sc@{4Pj|HdZ1&4PO8`)i6``rWFPtDJR*8c>Ds#dz=ofZdY;zBj-j5
zMo`g=T3X4E&N;%D<8e9tv{NY&73KFg9v`kj3O1`;y8Jt2gNOudeNO@V(OK6pv?czr
zN?~}#H!Zt0tMb+nD?~#A$HyVfEq}gw!lBc0o{~Ua7a($gK!gPw-pLyEYT2$DL)(1H
z2)~3WjHJFnH>9epU*M1`T}sJNs^m^0F7yrV{s#pNXLR+NO0kHILTYFi?}FB2JSsta
zD2!LZYh1G`g=BP=z&K<<fhoTUO!{g98SlzzI|6x9f8g%E&^fHI2;3n-IjO=#EAd#5
zBCepvaG+^o)%KvaZFL}~++f%a6Sr95{=~>xqpL{*HzD^A5!)VvP2z)+HH1Ll=n}r8
z!x%9cxH?W>lP^cQBeyy*;$ICQxTJ-ki1bg7!A`woLg@=sg%$KP1ue2EvGZs9rl10s
zYU5kMC?N*J@o%Z;iCsjT65CMr_3cvG!3d<KM1{lCtE{zvwVvxXMl^H8-N~=o%*84;
z7{v7Ox_tS#I`F6Mi-OYqEJ%qyVbtnoxp}m|GhyK%St%B}bL+ElsZbwCvtstc<<D9%
z<Y!G-W5GlzdQfT{v<#k`+QSD;l`=!fu{t>2CGluc#oz7Hp#%)D5XfV}R&7}=cjEUZ
z%%K_2&*M8#hO}H{Y($3@>6`15V($?P1^`plfM=qYThX4PpcN3a8s{#A9-o^h)%@}9
z=XimZCqBW@$j*U8Y((jD3ZjIOb~{^FvuU-4erHM?a@>(SAshNcm`k+`8l73|>DfwR
zO~y1aDBd(-PsYG@uEka)<^ZKaS_PFvj7T+mGz>#L$!Lf=_TL1F_WGiMClwe<It{u8
z$xfIKD~#E_dKEe#x4v*J*WLXM)G^imrzX`HvW^#S_*7DOR9S8~#BrIpV%ymz_d}!T
zY_0hI<UDL<*^ay`_pl`Dwh`E-_loRfSe2(GgyD2@8ZFcSu@&xnBXz-@Xbx;672m;N
zVE}nEtxgk4w_aPow33M%^*xQH`2qfVTR1#gZgGLhJ{SD#FE(}ZY7<`9wjd&=5@!-E
zoWGD#!%ap|Qhb#>?mJ}oSOQ=IEs2$bQuUx`R^#&y$}Wfqw^(E8=e+mqA$}Z!=^q3t
zhV%lj4!=77zyUudOI`mq2r_{=m0ob1DkLhH6a72ugBA@O380xo1-C#^FaT0I(Yn%X
z<W%r<@{i^N`Sh=((4#t*Dp$UJpOAi1gPm$l#-;X$DT0Zi${Gknk{9wcB-zsR!Kcec
z!5ne<{;t-0N!b?+nI=7|Q(7Q=-*iVT8PS8`4weZM3Zht-Sobpr2e+-XZ?tb+G&IF#
z!Dv<jCdU$snPh3i*^(I^=Y%zH;=(h2Q0dnmtS6cBc7>rJ55bh|-qH#bt$_{`Ei1a0
zUK9px3vbq<&J=Scy|ht<l7EHSSIodpmR)g4e79b>c$PH_{AliqQ}93yGkn`2@;BYx
z#!LZa5N+v-h<i4caYM?I_%rw4<BKrKh*ZN=C*`T3HUtzxW{mh7KooEe#rMboCfQ!t
zEMhURwV-te6t&P7pA3acd-_<LS&hz(IR3s37CbDfFEts{#1vluKC5vF1j??Yx6)Wi
zNWUpbvPVV?rLFF-d?U)PdE$^Id@@1kI+aoZ;!zPpRu<u90`@Q7Aqh@Q3Vh2ZS^9+D
z)hxEixY_JI<51ut?YaRN(%NELh&1s>?%Jpqw$;x^{z*(T=am`^i0hLw#*39(s5fgD
z*YTg_DuL}5XtkA_v)piyUSqM9&XW~K(8)8%!$iSllBeFGNGRnER~&>Nz5uH8s^S`Z
z3TzElEa`eLPAZ<vEd;uD2rOt)=en;SYu;_YTN6wK@1Az)oFrCK59tGoO~y=fopKb{
zoYKrU7zibo*t$3MRL~?6sRKaZV5Q79a$9z0uqUs6Gjh?9-A2MQCIZ}L;gMTmOvJ>t
zNy!c(RTOso4?oi~i}@bG><@-f2djsF4uP-ZB}iM26~>dAX@O}OK%yBolC(KJv+(<w
zz(#`(%8y5FH+7%jnwVeQ{rt&FYP*`K>L3L1Ss{c_P}j-|7gGliT(no%th9oAaTJ0{
zUTPb+6Dc`(p1DOeN`Hlqxmzh+7L|)vhE-sYs9UaBZxmT7uDo|12vqFY)4~njRMdiQ
zS!IhsgUQ>-ofrgljA`478Vt$YCwDcBGgI+to1X(h+Pg1A9W>Dy`j+Oh8!`-3f>`%N
z<pfv2woS8b4ib=?w2C}E;m4CTlY@cJe4|JRt&4pOzW~d6`<qmC^90yIU2%(st><{%
zgUq+@4z$dr<?c)~&JEd>SgG3CIwTV0S-@vL|3%V2PV$Ih#7MEyt+QvrxKo2%R9cX9
zf)H)zFiQn_^@aJ`Zf$b{Vs5~&%(Bl^)9mUPH5<<&#8H46uEmA3m<CuF1vulY0}?_2
z2;l+(L{FnOPLzYW`hMJf%P{@KJ`5zWB~jyMTGZelqCD|65cWocRS4}Um!|RdcVdmI
znKYXl+_k+g315(Y`oQYe*ZmuoLHG>I_+6mS@EA{Obm19a^3;2>{d9AnRR};%1vdaQ
zTuvIoe)5AlcnCA^c>8cf4c@{wsBU5zJxDZ9`IuQ4=&}CT@$>Sy-u>`pL=MJFn7iZ^
z0@Ir1%%QGop#Civ(1j!c9~iNS1?rqdhq-EeK5|lgbw&8xEf@DH@cjN=|FuI^o9zf3
z%<;au&Pg(ICXgs_+bJI*`D{XSj~}JAC6@;Wv9_lWL(!edO?(Km5ThP=aQSKN&&zvK
zY<1&F$nc$+Kc339D-5ANw0K|d{DxpYU<P`Id%`e$3C7+N&2_UzuVHi*1eq+^%gf8?
zvn)fGbhPxc!|iI{KAd{>@h<ow$@Oksx8rwP|8aF-X-&tRZO*wr@gm^;9sqS|FK)l%
zGHl6L6k^Z}p-cwXWg-Yjub|5mFK@4t>i;RE#FO}vYn~Yf5_Q%?oL;M_rEy6<j;5&Z
zLQO^ONqr$5-Qeew0hI>89`*dqz3o-;jc=WWS!@8++snh_vDokNLeuYRt*KiNC7Pzh
zrB}R{9|kEecJ1M<*0SoYbjNdn|GF#El```{3Qv2G#mjp5E9N&PJu=yLE1`I&F;wmp
zMF4d160P`ehNb)U2fvr=b-fq-ErG7T^q0i`4{zJT`D5PQQ36r_;7Ti$gmXJSx#X*c
z^(N|BPS`OMF$!@`e0gJ4?QA)L82^PU`IiGUcygHZU2Z)|T@@{nD23Sp#z0(2c^d7c
zeF5HFVB62Xb#f6&LfQex`z>`vt)eSGiiM?-<zHOMK>mAtSS79a;r<Fg-OHFy`PpWr
zX)3JYJyMMZ=s+tJcV}!u)14D-pu@;Q33PGE$8x=Zhe?9!Mk{VU9Wosm`fYZ?hWC$;
z$x?GnZzX?H#RJuXRzhPL%k^(7?U-bw<0NSf#T)Jxhi9wpU>9Fe3=q`_5ZsL~;Sk@O
z6&6iaR^bA#aHmeAUxbm4&3@QpiO%Ut3OWZyZAOqp^by!Pudl-n%w-+A47S))i2%zo
zd{F-9Iq4f#5?Ps>>><)RW)AQ%zP?4;90J?eGYiSZc5hnjby8^h^R|))E6Lc$Q3>;2
zwEnwIZv*BaH^Ay7x@A17q*L8A^;(j?{7$k+y_J>Z5}v9u`~;LLN@?_hKig^!-VG}R
zf(_l#QFwwTUSWbIYwhYf8R%Cf)l*1oZ&Ta_1Cf7ZrS{LTO!360tVA>tPY?N!a2UQ$
zXZvN?^1JLGly*q6dN+vOI(ZRS+nPuNQ`gz3{B{k)Us{0mV!5nMF9%W!aP5Je6b+GP
ze?j{rZZc*0Jmvj(%cL|KXAI|YTx_@i1MSW{I)e{+!lrhD%*#SfqT*+zW+1GjEtGEB
zq>26bJ6hFp^gTW5s#QrfUXB>rpcJqnnUq-QDx0-9CsbXzlv=U<V}z$r`D=HqU?Sm?
zvdq`%Y*!l;CG);w1_WEDaf?w?a|2wuP@-t^!ohNV7tHqIm=j3_3CiilyQEZzmQ*0D
zG`=p+a@1IoNO<zo+Ms6f9Iq1yD<zN|pUow(YbhG()b<=b=A-_KME#-YPN3YDqU>Kt
zW-4ltNT4yXF|G%)cBVZYA0@svYbyqlic{h_v1TXP{qu@=3Y&6|mVk2DKxV^8F+;Q4
zD%23a7F5Ub7ik>!T&zYW(`bFx+`HHsspt~tq}{uk<zv!Gv^kAdDol0p0L+SP|93@O
zsRjDCja5lai#J$6Ja0>QZzCbvxa{~^e6L4t4|3(7KYvptjHt(z8E}fU5)cARLMm@~
znk8=m{r4$|NhZqrOWd$=-&P{w?cRxMzl_}dl&y+bsLnQ?TgA79qxSgISxV9fyw&Q?
z9xG*%j<%UlL3n-ik*yPmvqf-OFzM&Wkrge$h90z1R_7;0BK7&GN0^Sjs8u+@Ljh~_
zA^G61_qVC$3GI#z_2}Y7*~d}S7Sq^dvj7PUfo}^BcOjy>pIw=+WOg|Rcqa~HYvQe<
z-L_`MK`GFl;~ltuuJqNls<0x>Sy3Tc_ThQQX8pxb>&y)3gA#gBQ5}&-AmX4Dg4xr;
zEmRQq(`#%V*T)xd{&~fQC%nI30n^Ad=&8}`7JB}wtpLZw(A9*z1#7pV+pRi-`%rhS
z_LI5mNXh`>@?UFH#l{4~ycJ*FDm6|;VHqLjLN$oJAbee|3qhoLcn_vB6?e6hcel>6
zj77|Bj+0Sy+i$7RlkZr90dk%e2<c>w?}ieTf`QfXOkzv`j~_Z+(b$ojM{_1xi>y>$
zhKn{WV2&O9`H%j0yvUdKbhW=}i_!FU=nQ+Vj|<ZxN>^!PP`0;vuY7m@z-UH!j2W>V
z!q>zOj`7ILFkyEEuj37~(X2v|PmqgNmS~(g6ZZAnNPHne5PZ+bTYA<<fAHiqbsToO
z#9kAt+{Jv}p$hXpdaU#IhDLtMyF9Y2;^ZJYJdMZpKSuCklg!@~5N_d?)|D-3e~NY2
z<^apzpWX2Dw!QtgD`Sq6speApvZ`#~608^x?8=B)z&$HC!UUkg-BNevQnMI2deQ4|
zKozq@%V$S!c;t)Z@uoLA5Yf4cjAtOud2eD`tb=bR%QS*>9o{(EW{rhc5lOs5H`aRe
z4I5)&fX{oS<w`;fT2rLp#4q1`amH)goU;-bINWYN#%YORoY$m${IiVg+xt<xV4cFk
zsDV51+A9*GbPmf&rlzoyvW}DWML?RuO+%~v`?BjJNvE{5Q#uVwT=V++n7m<$!)!+y
z)XY6g&4MI*Tnf~lcIJcl)PWf?-YzGG?TiK=DCR%3lGx_Yv{3vBHwiL<H4c0S)9l}U
zH4|lvprQg1)GBvbjW}33s^gkCKa|+mLsfs+g#br9b7PzfhcS~n<Zx1SOfoShZ9+Xh
z4NFxmH$2s^IcLDIj2UxXP=b<4vs6-xElWUlRk9j47D$wUk0LrSEF*0My9IKatk#Tn
zur?bw8-?i@N~>XOW?pv5RIW0}g0*MQmZtir%xt@oDn)(A@q_2`PnE&7?rNp1%n>>6
z77b=aF<20osP0vGXS!4}^nGv)-Q=`_8s9Uk-z(wOuL2HqU0nl8kl>U=Ilpa9?=><d
zyJZ6uU|9xTKIN*34DymN8E7m0ZD_G(>^&jOG{rxRu%`Wm0+FYJj7Qz(@=(jX#=>*q
z8=abk<d)M{d3fA?qmeT2y8Pu!%NSRcj1lx`h;YJ{@grWNryFsI;TBG<1gF<PgAP0w
z9a}jcZ+w1kPr%pW2(f<8gDhrG)|2wS7SCL-IlB>)Z~&mh-g&6eYgM4!$}O{CF}Wqd
zK9!zBNJnep%#?o225(C>c$sQBzbOAMxepJ#YO>F{*;|Ps`X*^9rc`t`{d-Tc3&s<C
zAKYWHX=;!r*AhW);@4X1vpL<idx`B;y)Y*e*1Vp-?Q0et*fNNnkp?YWSdg*~QOzdV
z>&sd#3e{z;f7ywb@sKP(H#K|pElpVI{p8oS38}Aq(f#-F^`z&m%U`0;M){~%Ck8JT
zeX7_uc(aV2I3`cV*OWFre9LS{vnJD(uh^ZBK`Qguc#)Tb>iZ_Sz@3{qnzCxAbET$-
z%rqOyL6yJK@>!}zwv4*TZml1Wk4Tl(f;Okw>`nQ%jfa(il_0a7AGONB(2SyL=r2!Q
z{1rh1s1~xR$c~o;AYO5{rD`RHp^UNv9x0jVSg1QKu$jdV3Qf~DLbR5enpC|XYtN!V
zE1#Pv4}ZL`b-o|pyjtA=Qf#*>3-At#d49*>L)oeN)w@(>Fm|w6wd}2&sTV4{tXToD
zZ7`#31}rOvRW|auCZZ)7b;-wK4px7dL~R&oz?F+>jdPyW`qO$;S;q4aRDQTKL*5_u
z_H=&~ofvduJnqY9NcWCQ`2~@8X8rn*Dy8lMM@>`X39Y^U;PdcOSpFcqLn6BE-I@SD
zSDc_s{U!HGF|U`g?icX~N<uE0@xJk}ar>WH4MqCB*}t<IGKj656|5)Jz<K=gc^}}c
z2IcsxWTD7~-L1%Cn7?$;5$%kU)CSVOeHn8ffo*%k+u|DJ+Kw=fFSN=lGRGEyLh67o
zH=sBRJv*7s$BPh4(9bV6#P@(dV63p}5*~KM3<0@RmW9<i-@o~iJ+CP_s%fj8Y`0NX
zTliWi5iN>3DLb(i=bW#UllAAwonTGelu^SLncT{%o8mPovt!X$wX_yv6Ok-^Yhj-D
zL5kINx+f8EXY(($J4hfNjNDcrijC|qwR^rJPnqplg0PKTv@KI{sWjxNZhOKL6WPQx
zQ3=;NfmP3Fx=E)`aQdEPNM4LF7Yw*+?cM9AR!oqchV%~HR5^BPq|F%p(4k8=N4VH%
z;{6e6#NIH)NN=rSYelo&&F8s?#qIev-!*yy49ui7>EO{$8?zH@m+k*nY+R)k7cBSb
zJ#s7~z>{jC+t5+$I7}ju)E)Y|x8SwJUllYH{bXp#g*G}t7&IF{ocK{ca`ZbJn~7cf
z5zEFUMOr>=vd~1pYdytWj2~%qudnYtKzua)0M}W3*GX(ZKheW6vvhYnkW$}ln>n-z
zVwpty*Pe^{ADWXw;nwtMyzUac^7`d{NDttu#{5aD1IR0RfmKWx{*7k8B{VKbiCYYA
z6Z0d-gxbHjh=GNhN=e$EIXR(XOGRz*sG3W{w_HkD@X{Rk*g1Z0vy;hJz47yU(>r~C
zDDLh3aQNtqJK5O$ut;_6)8<&Lgd)QNxsGq{y0MK&doAb1zo>Bt3$ut>{<y>i@=9XH
zU;gEl=q+iB<=0|Dr~iI0=W?<Fqd^~OM2f>cQrRUDWDGpb%5u9$5v;sPCa#G<n~8zG
z_4eHy?^B`-W&<x3rkkLRbyq*|RbHvIY-Y7_7;yAuseWI?+f{p>_wPh>dwN@?dCEvO
z<Qe7OCPi%LW}i4Ow9Zmw99m{*2V3JFR^m16PY7FX+g1niN;`!{&tKINAh+NrJE!dH
zQc@_^M6T<(GDeuU`;yI|s*?G%e3D8Pviz$MqW<pG2-G@@E#jp7*!~5q%M8^`;{Uvk
z;YWSCHJ#O{&PNZbyCI%ujGmJ0=mA)*q=GT;v<|m`GPiL~QKf$M4s+o?;O{?tDzeRJ
zvKx7V3Z>2QB;xmL_H}xm_;}s8URmJaL3+(x(v$jbz`^K0K0}BX+Ts5)ar!jPk}OKN
zE5Wlb;h|^xP4&eM1&!)kgCh`E8rodud=m;?=(1P>1;kj%*8NtXGQB&=b~U<p)YMNK
z7ql97wtVuUXp2dso!d)OT<!>D;SjS=NguYu5n&*7Eb{msB!SH#*5HyiyE^!I>Y0Wq
znDz$;=ey3^a^82SK9w!6G@FJ(t&_wh^`S0?Dl6z_vPdozyk}jnp+q|GDl*LEm(9X2
zyP`L=^5$;w@PRia#pNxxL`BKhfmqI$MVtp}Dxi+&#re^z{)?ze8F$WHYw-e@Ta`k3
zW~k9(h3o<)O&$rrxQxc?0oZ<~yCrGu{j^~<e<0wWxQu7^<u5tpt-!1Y?FK~;*JI2r
zOiUibWNm68FWT&d%q5SY-)6Tb+NQR7J7&J2wU!z{UFlS3=U#vtw}aM3B;E`jNBDag
zK`{QR0UMCG?u{(_g~HbYt6=c<Xj21$C8IpgZOn=cj5jqDcK?jXq*pnnfnf-d+iJhi
z!lX8ehdP`q!yYL+8Bnj=Awb?C?EdzyL=Pk97svNDa<h|)CF})@5=YBaGk?6X#@L(N
z!}<N)!kd7iKxf_GInCwgC$0p-ZmHTpo(GGqQc6~fs4ONtFDc<SVkLgiDfzWTuGVho
z@?7k#B3e;dTg@2q0P^&8AcNKB4*sdlFX_*9q}cop`s^%AHx|Yd4rZ}Fd?Tyg6pE@=
zt13v9a1(^IR+PDELbt@%@H+#gTHqT4@uO4-gY%=Oxl{evncr;qCTuCRY@;VLOGHo$
zns|v+^0@%|o$w#iR$=LBp@b+aS3qP!ohD5`#MSxc_@*=kwQiCj_GxZhu}-bJqQ&WO
zr9yGSsN<zJ^*1&Aj5IDf<Wdbe(1Ovb)9BH%dzS*K+zTTBYvyw@Q`|!1z+I_AYGE1E
z`qGIl?#|`KJ+DEZSfZ*Z>QtmHVyR>Y)pQ)GNH~WdSlj7WJq1^!R~0JQ2_91@bToYz
z`PQu^xKZlk3LST7dg0n3AlcAT86wN&E?(8nw=YFuA#V>Q>x+NCg9l!?n91^r>{thX
zUJ3Oj*Dv5i>{*{Y!dmO2w)tbr@Agnq^TYeP`62(KJMP5nS^ouLfZD_%OaIu_>&tO3
zCe>e6ZjlxF_Zj<F?Sr9@nrOW%ABLVEW7d!do%J3yxS@VvK`VIGm+M*%LoV-Mapk|i
z%xP@6%zyVp-;lIzrn;i6vZcNntey>ryBw^p2i>%tgrh^a>4mZPaelXdi}tU2>@Aa@
zc>4H@{N=It#j^+Yqiphn7R%RNyz%O%l0D=UC1R)-&aq_DT};h!W>z<NQHR-X?G(X{
zT6lZvFRyd9Zg(3nby*U9dnGmH%buwn+K$sS!yf^s8&Ij%EjqvQmK>&*hIhoyqX!!M
zt)>{7JEpWs$$Yn_jcVLvZSC|GYTH6x`zj|!@**v)#dxNcy5(wXC$-dZesr%5PDi$!
zYOIdI_^}Nwdj8k8Cc9TanIsz1r4Y}ia@?BcWPQsH>uEduBPm&YS#u1gcK_p9e&YQL
zG_*YMxnXC*ndbwU13`BQu^6qiHkFXo`k%s#!QKY_0xqTkuyE8wN^qb~%!7zZhJPA2
zwk65utA#iNcdIcF_MRK-UqX;BLnE-??~EQUgT~V-P&VGPF6^vks?!3}s0Ojd<luhE
zUMM0S=Mp>L=R9wfpwz|E;GyR{ADKvpC$7e;z}3oQvVhlPr4Z^>p?Uga6pbTXiI>86
z*ruwzjPYlP=E<_1&B2p<{AOvUyG-k~PW=)6C$SV%Ch2VNRz24=@b|Qb7n_NIuh39L
z4WhRLpM5{CU$!bCK>^ldWshu`X(^6OkBLh85by7kbrUW-m@1#JsiX$lp-S9LY>Upa
z86Q!u{ku*72dHW><oW30Wezd&N&;Bz?#FZYK;*}j;T6gILN~9ir-UqABVkjp&4{HJ
z*NlX9hF86)R;peNMQog!wRzZ`zqrl7?;F&^IhR}OU1%7u$S>Nm+4?I-Pg>OdZT_Ru
ztw}&)>9B=Yw_TM54;{Bgf&GVWu{q=+VOn3^#^DF;-Vp|BSUIHpkVVxCg)lj?`xx0@
z=6#$-&3+fAbu+(Tq_b?$=+0WdTrwEt^o=4#B(~FKe4N0T=OQ*E4+qIh-b5)%LZm*0
zCEe+%#^Zs-nu`q%IN68m%>ie!=e!%498h<G5AU#U+Bd)3d?2uNVm<pId-rVn0=6tM
z^Oi?LMX!FfQv*DO`U(&rSfHk?`9qVGT_*>MRT?d9tn3xiu}5bxIyYubFS-=0R#MK#
z#gl*==UOWzY1G7vhyxGlYS$6$Jhrpr^{#&9=QqBu$tnp9%+$xIzI+(;5_~kR@N9ao
zemvYXkHONzr5c;@WSe2oMjtC8Xlj1N)0u}o=%M=h;3V_8tZC$=H1aFbp^~EPBsXWK
zFQkJKn_u?M4A#pcw+W<iZTkvSI4IN{^KQ?>cMR;yl+!2x`!a(*lMk<H<^xTnQyD9i
zjKsEZPv=oz(ZskOUL{pr_Vh(|{`|u$)p;@JxD4^1edcALX2YQZ_X7l5A68FRG9Ffe
zd6}yQ{mDUKUPiWS<YU4*=`$~L0<6n;PJRRCWp*?bJicSFtPkybK6jqz-w-2eK4jTn
zvgIzleB3?$I@&Py!`g0-IePKCs_*SRx%>cLI`0EdevI;+iJKdLVpZf6TzeE_*It*-
zA82uJ!)zTCaa=l+%G0OC9ekC!f>jF$C;!2fc%A<!3G-RyXyM9ATA-~<R*Ggw-5#-$
zEJ~urj&xpm)+I0=9r|_{ODCj6ed0=Tr8zPvUA2WiTP)?kyTB)|6p4Qa#FhR+Wi(Pl
zgLl)*p=F@yxS-w7$EP)?s}1*2i68n-wbZuadwkYqJj5wLw`fk~N28R{9EFT?X*<d!
z<!UM7-3(Cr$Z7V-9?4noWQMBKeGYV}CYEvQeP>=&H&tL|uRn)1be27^vA|&sEoyuD
zzrz{~;IQT}6}b!PNt>Grwkk#)j9M|JQ5(=qV`7RavmHJr>2Gpy+O?}VigC94sVha;
zzaBDZpax^(xsj)?B_ESWYm{THO*{D*Sc2L76w_IUq`fds?Pq6^xO>Qb{?>c)K&PQI
zEsk(MhnI#~Q+YFDLgieW?ar0oFXX7wnC}msszaSu8pRgc%7@B-Cksa#?)>kvMzahB
zw^76mxU7+2GNIhU?H-H<E^C@!gdn4OH0E?0jORTKxpWFn{$18&Ea&K`1oi4%cx-pH
zI1Gs;yHJ@s$%lm=D$3ps8*Pl2{MlZ&V1e{$_{C5XDQ$g$GA8|)yJDB5FDv%CNc8C|
zxnE!9x~l<~HF-tFx1MQT{F1_jwXBCCKd^C%H%D0v@viOSDM2UTwpIV?Z2=H@&cwy_
zy4<e+YgtpG4j7~$4IS+N{Oh>#6wg+0jL94sV(@&`&`Ug?`0@9VnVclV@Do^S@t~uf
z^Cp1pCUYOlZX%#CxiB6M1m1UsZyhsd;-OrL%Mu6kWup8c^jY;(83lN$)u_YI83t3>
z(9$Gg2NI4hq#QzTgs=g(T%Fh5AI~!%GcO6e-(P{m((aA%mH6#?2k-c1Qy{;d1rv@Q
z6vrCdQLs}k6l%2$FI{3tdpMqUUS`HWi5Vl#AzV5bp-C7wls@Ft`;~`rjkqz=obx&D
z;y*h2mFH>|KQO_$je7R>qnr1HbZ9Wk;s0sOh^eqL6^&&N-vmN17eyH0xKOzda!10+
z91wnW4fxOmNg4=;H%%@}0|fl!os3;9xIX%05E;aidlD~-ZLpgF+YFnDVuFu!ZX4l1
znszW`R{`G{j2X~-0DSLmOtD5KM_EnWl@6VzWe1Y}I}yPVX+Bt({g!57QOrjA4j7p^
zD}@5z<^GlmS~TdHRT81`T>vk&=7?0Z;txY?<R)-mvm!Tj+Ygf<fmS30c&3RNF?*nU
zhi42&W%{P&SFX_iRS!OoEn>D~IzL#0%9PX%V_f-wT_u{9c#Cj|EIOT-paAQZbvjtU
zhBEb^%FOhlMNLhH^EWQ7-___N`07AqDd|~{6h7PZrk~zH?O$an-Gf9slr5?((=gA!
zW<MPb)l32t>x8tJ+&F|d<5q;uxxMiV80w+^l8I5Pqrgw8pW9fy$*uh_GIA>5hhII%
zJmST79pw0u4&q!=hoXJ{@+HN3gunJ4ya$3|XCAZ@=fM(eaIaMDYl<U)5fHmi2;FKn
z%KsdL#Ys)n7VKkPi!cOFFc;rYzI5mcq|{Yb8J4Dm(9D3(NPLFImA)A1LspaK$CDE?
zXm0zsTZ43~Nc^KiQo`>~E=J^I7WADGyJk6r;7s3Sxu8V&O-XLeOIX*w$`#aM@EF_s
z9_f;7OEEk4$5+}>(Faq!$-V{&gUu4n!<qh8Yh4X@KTR*)hDQgs?nK>|D>{t7jU-n4
z1}s3wjJ#I7;Id5wv~M(9R#a*b!qjqfDtCD@ta;a;Nkjqu$xlc7GEt-xR;S}9E9+z!
zD=7L`r{EWELVRJCF#rrLgWWg7@E|Z|=uObYE_#Q?5n5818IAf#=cOc%q6pRY{#cI>
z*c#(Q1)rx~H*IaKimieg>BU3%eneiq%&ETBk+U-_su3>(rR)8>1fTS#*rN`E*kb`0
zr_^8s)*huTU=t->hc#VI_vcXxX7I2jO8`7!w#`qC-*9$x27!Xn?L%?<c)^kF*@ra2
z2aHtG@Su95DUpFFb80K8**=umc|D`dRmA33n&R>MqtyP|Sni+B5}?@F8JZ1#VqIb$
zS@G}WHvi>%3pfUx4Z>V^ZezA459$eNRvd6)GtrnFtMTb9Ez;gVT8B)5&E<`Vk|Uv$
zVI>xg4)sXSD>QK4c2eMhgleLEI!mpJ#cvrpyc_&JYL{WrA=J->wnl_R;wiI}Kxc_6
zn7ygFsPUIG&{;Z_hu#Kpt99o6uZ7Kg_cMw>%UK?=?2tBgD3&fx^${m&jAe^dcaw2z
zBvCH2An_PyDLQjYyNE-pOtC|Qo^z-Yq@-5|2Fq?wSNsWSeHOOXG6|kS8Z|ULl|%ux
zYc?^wGOQ7~MGO5&yvqwM8moLr{C?yGSV3~Pf75r%mm`@Yump9Q>z@yiBaKXrU}Y=D
zu5%b0c5RJC#SV?MVF5>qXal233ljR(oQeltpz-8oYEjOyFF!Vk2P@eQ3XA!q%m#&)
zx{|>iMPYR#`fvBv$@MR|2RKfaVl_0sFz*68Gp-rdScS{yl&eeR8Qt*@G&JT1?yUBx
z*wP-Ep^4!@XsKXDh~9AMprVQJ67=g2l<E)){d^N%#$$)Ek@M-_C*^h+{@_2YDO3Ye
z48RuWl1uh<YpjXmIbeo$N-H=dU%j#6|9nKNDrWgVZXnLocq;%{%x3Gv@i~QI^fP0n
z(e7bF7#c%MlZcb!%@Z_Q+w0jiBBYg%YD2Clv{5jju$LPX@)_BA=0(iy7SCndcFt6K
zE`^#XOqWsoLllGilREJsZF7TP`{!NNi#9Zj!>D;mo0>S*JF_5^v2<!Rj#&^0_4s3;
zB%SU;w}93X446i@)DJLoBa@s=ED~r-><))QS@`?}1MUTYQD9XZwvrJR)3jwz{M;Yn
z@RD|*wWJZ+rEIY0#;LVBSyczABG3*(i-G>o1;wDUeS6k!#xY!;3W%tcf*Ou7qs4Kj
z_!*a2I`>8^F>X*K%XyYxx`QH$Zrkige#$?j@dK0<vauvSGhLsoh(JpTTj}>otw>CL
zqv6QoAwu0ht(o05**)&s&(@4Cmkn6SM!X^^Tam5qhCMS%p$|F<3XgW{@k*=)%~}9X
z^-d`Q1_PF+l2Uw&DF~uTB?B~*0^M6BZz9@DVz$h@DGOMqFPmRtFvzzgayjXIavZIl
zcothGIbByPH%{>$@go|oej2(pi6~pCfY+f-n|Pn#V}u-BzNDy!FH%A3Q}|}m34pr*
zH*Kf#->_#O)f5y`GfDAB%o3J1eRGm{sSppGSU+8+Erh5fT7OfzWm0xg+GeDd%$Sow
zRm#WDz(oVH%aX4WCF*$V6$inGYt<6GI#8BZRhAT6U}fq$cxb!R&tl~`pip5;?ij>q
z%k2f6N+>O1tQ2^KvR>+k9Bpnroz81j$P=`jsgESJQY7{*uq2z{!%CV`(@FeX^M7kF
z!05ixchd3oFN?Vl?tPJ>p}VdQrvpJ6o$5yd2Y;lY{(I~gNRaXXkC&2vJ(8F&`K`+K
z>1bRohIeL8jpl{KnNS;@`;2DZ+L#ssI(gka^N~7Z@uB<58;O=9OIoD<J8hMqXC~!5
zh)|+78dn-|Epy7o+-iLSkC{U?v+M*Srq<g}p-sKNr0vzPX}f0@)2lK}m4cbqq-FWm
zpjRw%tv91#nl*D>U67{Z04bsEBM=j4DD5)?Y!@tRM#sw}b<5Z&!ENy~rVZB^y?q={
zKh6{!<wc(KlMW3zRrm>dxmpzRMA_j!Edi?p&yKQCVHD^Q3T+G5{%EuPZ1kGI6ym@Q
z*Wj~Rc@4!``pyjtVltjDjUv`P$C?%wCdrwER)MzyRS2wqxyS$k1Bn6H-#MW}1^j`j
z88H1d`e@PiCc2xEXRU)&Q^#PicvfW1%L&na&$yW)8xVX=CY!(-(I1+oI({hCODEE;
zkI@&`aihr420g(Ht1F5GP^`#?P?iey+5CSaPI8#d0D3XZ4}_~-cm_P2nB_mACqS73
zn9j%cqh9%gZe9kO2H!uprTXtOzf8;$1BWrqO>VQ|=bA?!-4D(Bw;!ip?vRNtfTNNC
z1u~ZP9P$4n%_1`0NI(l3rxRs07Ny-Okk<ieK`@cpB4BQFr2>0w{rH^p{k=oK*XfZT
zNZ;S@i$Aw&tEPNF<U+H)%S9;)2#N@r%YiacsxM~+072;1itb=MxcZ7xNZrBc9cnvB
zoJ?RGCv?f4N3%@-?D=~Ke%}j??ahE3p^YArML{(!@p%RIG!;#+YcnjX4^{Q9cgYsl
zX&!>1d<D3E<#jA1ybjSNX5ye$G50!z&1e)42%_=df4|IAmR&MGH1V_5I}d-B2!*G@
z&v~6&^r={6Y=DO<N^iX@Gv51t|KWJKn`eFcZ*gB6wz10p>u|3^|DPWAAL##mJZ)_y
zi1S+_Ruw|1oj^eu`?sUFZ#v^NpV30_+=9Oq1zxfs7JT&;%_Fqos0u~FSXRdt@I4O$
zc|sU(4A(gzVH#WlmBs}2GCrrK(%o5<=V{Ku&Ju(@Lc}4{lJCU{)-KubK+B|{6LLLG
zxw(EsoP7F3R8+33?|6&&$ORo~@-IX3(#e3d@E{N^Wb-&y>BnD>-=)P#&NxP03!@3+
z#elS0o`+@w1M;~e&ZacRyReL~CdCQ^vh`jf#6Rp7LAE<%vov4q>Z|pZ96LKID|!FH
zYwMU)E%@FMSancA)dJeBh5@h{&*QlA(nBlq0gT#tN~SE%Kru>-2psh>6DCOu?JmgW
z4Svp*yFobwEcXH25nQ}k1XXE5Xr5EJNq$lRUsZ)K;<m`i_T~4y!;3}Cc6LeX*3ma=
zu+k3Dvv<nknXG_K+P$fdW!rWl&Z<xS#xHyDCCxViUkBI)Sv#RbvNpIrkg1Wo_f+p0
zF=<i*F3RCKDx)<(dSW!YeD?I&p@&hKAu5>s@XkKbJ0_Ny%_fphUp%jEi`7|j73FCH
zl2L2V+Xks}>q{ABsB9WNmRteAc3Y+q6n_x%*Q3+dM?bwe9w1rrJhQ_Es`9idZ4@1a
z+6dxxq`^w!jh0N7YJw-Ww8CG0YLhoof|I48j28zIqYyeGM@chMPUyGx3f^ZOOWG(|
z$3R*}nsb9alJ{0`K45n^7_=dy2`@&JN5Rn?QkmiSl&o)Xe2bXBkc3LiJoK)u4IT&N
z*V8xXV`RxBUH=Lv7ojg9s7Q4ZikgqMq0XcfUR0R?+W^!%L$xd%kBWjyS)z`U4#MGx
z2k8}vdoVnR5$1C{lG4?lzklHO&>drxUNHxE3eew{;;)OwRLTj=V8LMJ2<jwvF_A0f
zwB}2c6fD1@I3PG{InCI4G-K(!7?6ICTQeXL^;INZb4wvd=1(P(Ee+?X6yt8I<3$Wj
zV@R$RX5+Q*LDrO=flTO4G>ZzU#sp)vj?{F4pqQkIrC?F=XD+2luK9Wpu&iLAGv3^^
zF(5tNv|RU2)6}%+s&!PWa@yBuwJ_lAR!^38PSJ`w=xFI8dm~kS5Lt;tiL>}rEVDg-
z@2Omb3A+|7n1vp+v=(+TOD4tC!p`_6+yjc@V0i-=+zeS11>YC8U|L;8w@pscP;DQz
z*35=ch%j|#NJb}TWB)522TeQHH^>4S(jDLKgEZdDayDjpj?!zM&X|3ob7QlgGr<#I
zv3x;du`T3^M;2&Iev=2Hx-wcm1l#>yulMgeWW=Tsgm;kssLI;|`Adw(q>ziaGFAfp
zh@?_J`EAM)!mp!3=4Q{+S=q&<NG(9S09??4BAP*y5#!P`Sp#rf<iPw)dDNGN3;YJc
zXgp@1A;IN|_`ecJ%TNcqa=f%7>BzN?hI*hniPL1la>+E$qRF%XV01iYK>_Rc|9wOL
zm?PGB+@Y~Km96_2?D=giPo#1m36RF8z^I2EO{rjW)KQ}Dh1wju;?n5XuvFNP#Tw%H
z>=F!cAblgK>^|HzO`FEYhiVOpC9+z|*|mv6a6nY_1htWPL4!+K>cnM~NRiWok6F$Y
zp^=&_OY?P-hQ_f3j|0Df>G~jBvCd)paBbYFbw?{g(!7uuC*uQ^%D>??IyiB^nIV$X
z@^#pu)qD^(FSa+%yUcnEwoFAHG3m(tdpg2HN$f~>0m|)?Wxi{QEsFbPK3=o$=)%!e
z;gD6kRc=(V#w|gm)zF_v1GJL04pp-cIe=Trj954Nlj5qSW|=0&z*t-!j7=&-14dxO
ziEFDWk0kOIV|R{IBOkWdKIQl<9oLgd*CAnD?Qz$@?zahEFL7<ol~WH5<wZdHZaA65
z)e5mDRoc8JjD<?lqpV@U4NH?9%FAR1*OCd*BCQ*0+)Vw_wW`Md8%{Bn1gwiTNd*h7
zVjY@AVz2Ez>9!H$OSVwErE}Hqh%H&Z1>yKu0|u6e?m2;r3Sy?2QJOM6>we8GN^VHU
z-kA%^uG#g7mjHat8)YM5I-_IeV2L~4eq;6L7g2Oi-#30eeRB(T>|1mfI{@vcqLX{p
zb&^2fb8*>a6QVr(#4B;6vwX1Ee|F%Lm*4@%wMU%dBD8Hu&CEKNU~KEPyap1g3}Or~
zW$xDUHUowYg2ym!erBBi>p%auiuxf5nYv;sCtAP$;@Kwh(n;vJ&<qOfY6%DWQP=!#
zc@wXLK<T2ZvG_Sn(p<de1)XK!^j+j>3~VWg4y|@_CU7XY=JsTr48^a&-pU)GIIFPX
zsoQ`hN0N<8Rw0<C+JhU3{(t@F|2BL>0utPa%lIMU?7+~YhDDTZDR#kXN1Mf_Ds<7$
z=jSJT`Vho})VFxMpNk^fvxezqo@UC}(F!}2&yxh=MQ^{NQ7oqBY#s!Rg)H1r8|^r$
zGTAi;&$5Uc*J*wkr!?eUfda(ch@&wJ7D3FqZSgakQppL7qqt!CDI#X|;1$HKIF&x7
zmUq9I>awRGhP!~VBKsddYKK%_J8)yS0h`N`o*xKF>~RwzLmu`yopGBQNZ}3AbQB9h
zzz)GMNRft&fTLNB+92I@UZgWB&iy!E2>w>d4=uToyjYIeHQ_P@h|QpaEtK@gO!H_G
zC1$Vvo{nIZibGfejyR!LG>T!FskjHjVKK{whL#S0Pe(&w#`GOyeSXBe>VkHsDDfpF
zE=Bfqh_4%kW^MA;7Mrax@=-Ej+^|#iQa8m3eN72gNpvO2>sJz7l_Xa3@VX;;mD(^j
zJk?!sRWoWg7FOK_el@bH4KQ6>Qgs)o)(WcHZSrEyi*y$K120x+6M0q$mUyxt5x9tX
z?pvcQI!z%@z_0MxBP6$ft1M0*e@!$I8IZo`*=YyAfCS?=M&=x2dF3ofXET;y=moJ+
zrD?8GwVFs%6n!pKcrQV$IJ(5}AWA_D&=yB=6qulqbFM>AskoLoqvEU%rZfo{SDMLu
zo`4U&Bi#~5bsQB1WQcDYRCX~=80F+`ltkk6^HmhIFf}oOWKXPW^8|ZaxDhP@dMvj2
zE}`M?a}3Nh6AfsK<Xve@4Pm&XC2qVRqZ~p=AtSbBhI-4FKxdKBF9z9sK=yjQnf#6V
z;sH76y^UlK@%VHq^hE``_`WFaxk*N`#+l^v%(+a<zB7hLm7b6uk$-8nr>%n?DVa+N
z241YNhl<0L9!WB~LByq#BSkn7C;H}R#bi*LZEbF#ESYK)n~kbhIHv_(E|zdh)cT&9
zbh%PXD80i5k_+U;NuG*1x41x^Hy4$#t#{|-=-2a~e>r`9{<pvX9o4-p&&x*?GEcQ(
zRIvYYJpK)CqNhI{y)etslag&`^u0C+X-g3sq=*X~0c4z7&&fWo>Yh!h4B`T1Gwcd^
z{nFg^J)MwVR%(+Y&Z9{}D4FExJOh=Xa%<til!bH1P68e-Uc2q7kEkA&5~U;c65bG<
zD&^%|+~&?SnAZ^LTfRR2$bvasRb?$V8}T{IXWV>(Ec3JormujlvOnO*OSTwj`57b@
zD-|KyLw-PBCzX$AXj6uZu<`8fh`|GkL{PMwB`T#WI=WLu1ueL5FH6HC*Q~QmUPT{)
zT!QeP3#R!m|8cAXBFZ?1V1tRTI%2)^fW|B@iQG6HvrdtA*i{r1+Ab7URFP9lO}-YQ
zmKb-#t{NKx{nt^&N}+8#Lu=i=CCx^`B2SIzM!PcDN_IRYY6Z&>)sJH!DXcn5KY9|r
z6iG_*pw4CT@?DJ-$?okEgC-ohFtNo+ZQOVuh>$C*L;C)nzwbZs#2C;#m@@q(;e9)%
zP$x`hG)jDF*)I#t7Jis;AM5&jJ|0IOy*5b|A+zmak}xf}T+pz*2c)&va*D7p;XRiQ
zI9a))G0|d7LdkS7$|D_eS<nL~fw)JAyDD8n;&%D7=)-`}S$O!w^Xv@Ykhzb6u4O>p
zrILamK{mVi7*aL4*q`K43ba0^oI_S?2u2oi#b32aRxX0V>9(UGF)mUxpMb0i$R88C
z=_sElTP}fTr=yL;tPG6sKktB+P8MtdK5t(C$1&OBf5hKyRa%9kjF-H>%r-NtO{1rg
z`Z?vrU%|`%EdWsns+s;_rt*>hh)Y7n3K)<d)SvPTl$4+J-|}0|XefANJV8FIEmR)6
zaWnzrFx)^g!hkQ3H6Kgna6jOew=^?IHekYQ?dg8tI+b~I?Lc(IQsAItllCArC#6{1
z<(QC57YdhtIN%p(dG!gF18gt_NFIeOpt(fdnx5n;3M1MHgUQSoNut%2%%zScx=x8f
z-+$uo14=mes1?9QEYz%~tu<0XLa*bFKpInTw988ZLhx7$z;<a})Gmppg}oHjZ@Hwc
zT6vn$i4>~8OB424;B}trxEP;*icofiu|G>ae{F}*z;rH2R75mZ*T5_d^(J-;qadW+
zCU2rEmIz)h%hM68qgcK<5ibO}9MdSC=j?o%Gd@k@a6tAw0@9$rutM^;MUnl?Xs95Q
zs`Z&f?Inxp;*14p5^}s}XDp8(BNM*ri+6ku8X~L7zPPQTsMr*R9-J~7Ms62!_3F>i
zhkLgFUf=%T<bfMbS)8$)`$e{vE5LI5|Nhhc-d;KXTfhI1|LI<yPoKJvy%#E2pc2Q3
z8}owvF{d%AlW3L^RJH#GF(eYuUekgc?t^HBlMxFj1m8+$j`0NQ^Wi21ItdU}C_~_g
zlWnQ-6&!IwXW(s{v0%sdUXLA<6BC^oovQG{Z)9v>X9}VsfxN`li5Oi@+onP!8VYKp
zP%31vjDL+rI^4u{g4U(YIX0t87(pe-X;lRphA7(t>Pz;YS`NIs;{G8=6%@f*cyhSk
z**|!`cj$YMyE2oq3=-2?=A)qm9xa)(U;8k8S1sHkz8!PaPS`9eJ8hy2VklS1P&sO-
zW|n0At2I{F)eL&w){OutY#T8z5i>t$VthhWC~%_^FkO+kT$Mg$mpn??H5oj&vSBX=
zib=x-AM!tVnqY$04#5Sc4TgrGV;K%Vpx+Do2#L3KtLR-~MaUnJE%9BT^5x5xr-l7^
z%~a6Dly5vFDwVe=c=<i=&@3w_Q(tSzL3(v<i}mSKb$#g_Y20$ma`a@tfP7$G;chyy
zW;!3q4^Bd2LHx*7&+i}jJ)(EmqoF7S>3~%w)y#0l`5*BRjK(OiVSFh5zhc88Eoj_Y
zqh!l%`f%N*X*d@D4C8bXCBq<15@ZC2l9}PH4azEXJL@(q{cr`{AG)SWm3EgD-MHD1
ziOcP(7VArG+!&DNgcU;>IdT}M!DTuxD(y8E+_=dx3sGFXs*8;UH*PYcoQut}s>P;q
zH)`-Y&BI|Z6*LvrAPei7tCqTTV_aD~tZGje+_*_Fk{c?eO1T~P>&C#<k0>eFWUZC5
zy2d6*h*h4^;F1-5n9d7`i8h4L`F6ugO5L=voCPepV&O21ctCS^2A3DSb(2f`S1NVu
z#>xjrbD>)|HBT;+^g3D9m@KwQb78`Vs5l%7MtnG06y}gwUaIDd{!EHgFimv~jJd8@
z_W%frBn_@9*TFwc@)T*rvJn>zHCr`IYRB>f2A)R#txUc@D~^q{{=G$7!<OifVDH6s
zN&Fej&On?_TAh~7aGM^Y|0=R%n_+FUaZ?u0d_Kh+J@8_hcU`07z{piiu4R<I&S>Fs
zcPd9pZ6%B4Q(ltQLK)4APC8y6QH$YRw~8|OeItj-SK|)~o?7?rDxx|R1*B~FO#Yas
z1uIRYfvNH|C}o#Kw@Cj+XR$%Rs%KrJY(3IS#<~Q?SyEcja+5_>9<@&Gu%N7T-I*xe
z7^>iuE6vKjx@4g!Srt_C5eWLQY5#4V|2yky?M#+i%$EWN(+<d1wl^J}ohJB+Jrpso
zwA7M+wAKR9ux`#xfP@<i9Mr5GEBNB`DOIgv%6{{DoaQ5lJ>-*Lxx~T8=n3Fu#c0@a
zdS3x93*SsOQ58*m#|Pi>{|>Z&12`^9CW-}7Znrf=$E{P)$<ETA*>k@XUxmXxqGqis
z3(LEii*GU!YmE8V9`ME;TiLuvI<{rSdrvA%tq6(`SbrWDQO6WA3QLfl2I*`B@hVYA
zuo*4TP;2QyMFpxlw6cIb6@Fd*q@_btIyJCP-T9%yEo{_hS*dd$eYXJCga$~;1F}ik
zn+|b#v@x}m&I@Xp(xOhgWOP#*YWKU30Ko9ox<(+^Wtm)y<{b-cVB4D5HOqWjd~mF(
zmsT{k&Eman>AbpH$>dlAsF)(J230l**08F!!VSQj{qYK-JMoHHq)%Qa*&Ko-ZG%9y
zh3iQZKY5m0Ra(UVq@%f)KYrP{0cYU=cP01RL7D`#C?65!YNYaJ2Zio(N3lQ1cCpCV
zFJr-owPrMXk7}O};Kei+%m33CU_?5^=IZgDXJDx<q)ZCb*vqetTc>jEZKhO~U*%?F
znWf>kCsf9TeJxtGtoVJAD>H6YQf0n9kg2aqroOcX{m=c}#Qp=#=hlw|xg!2=?{IIw
zWdE`MwEy(M{^LF#C$4SZyNr@>AQOwfrI|OgqB`74yyFB4*+jl44<iW#g;!{y1xHDf
zE?$X2ACb=_iIR{d1$ko5TSqddOld7&5G+{=j*L~U6TSwpBuZ+`)K;0r1M*peFiBv=
z*D|1co&THce{FBSCJ9(&|J6IJ*nd6QKYZB#_wm^KpJo~FY9gTXM*sPVK*L^jh(Mha
z$!)2Cxa^23+;UqW=v?&1>cb6saoEs{lBXvWs``0u&;_FHe+J5j+6nVhr{<`Ppm-{y
zxCD*wO*ID<?e<y%vC+_J;A(aVS>@elW!o-E(3jP7J5f4u96v!*vc`e%#v@gonu^DY
zE?eWNVlJq)&?DD?+%rCG%EDhpZ|IDpoL$p6_Kc&ObTn9(1V}A{g^qZFbT*?&IPh!-
zx)+1L|MvRb%U^yw`}-M)f%o_RF5}Xjq}MDzo3c3m`&HlX{XG-Ex%lm~kIaHX(d(ww
z8Mk&x3#0n;ZnZ;x#`~=gR>dpZg}{0b?o^gvg9Pc6P^49Lx>GJxna&zJetUpcub7%y
zttz^1LF{ponwLmTsO~#mAX>7cLUCLB7{%!(PPbbVRzPV2I~~c)jiZ=7|L(;v@6L~2
zzdJr1o*lh=`O`1|bNKd`U*DY%Pkwp*?)<y1Vf<>qC?786`{JWlN18{BuYz0wcg;qA
z9PxrB9U6u?<NW!cO0XcInA^#wC3TcfcwNbw#nj)cE9k7K+IAZ0A6Z5NH$bEo4TvvY
z1}5!%FWF+3Ji^!wgXd;IlB;qLEdidWRsO6UAjNltXBh~r94awQm8FLb>bTA3(Yp&`
zc-Nd$wbL%$mo}@Sg6Iv%`HK_lTg5-fJXJ3nt2L*dUoKj1-*L@xUn?h_(kE+fhr8s_
z6iV4s>mnc<@GXedF|el|0csUGDLvLAkR@>~REpNF0;1y!cFS)!n>FRJ^yw3sXBo>^
z^d5_s!PNRWHBMzs=`z5Qe^etVr(79G)uE~pPPu3qRM`uw5s+KZ1yl7hGtbhU;8y$=
zTcL!(zuI1C=>E+%LkZZec0&o)&9_4d&@J{u3DU9+Q91REdsS)U=!{Y2#c<P;ei<Wf
zUr$Oa#OBc(7&tM|BP`NTqO{vEuBy#a)cMdaV=`urtyUw(rl@{dEpI%KO>y;ZE&gP6
z|Ek{K_un}kQ|Fd_vEmEdOCN4J<WiU2jN@9^ZG=~qr<VZ-Hob#tRePE*TSKK!%QsN-
z{{J(q-mkqi|Fp!XVHsAWUhZP5ntZG<2{AIRnhZ`>D{D(895a;-tYsQHutPqRHROLz
z=q~FBx6{Epg&|y5so=@$mrEpyI)IlE^XdRy_E6nca;c*onKC8-(w(;C#3a(i%CU#;
zu01<9xh_=-P;}$gkPOyH-Wr9BN@Mw!W-i^ljozoyN+T2Y6&iQO?^b--I%HADg>gCj
z5{*=)mJ+hto>l9h%Vt@zcp2p`x-%9=^VxvB1y`**!0=Bss`WhII%uw1y$uy_GOksI
zZyf}&nv0zYWwj=b-&$k+@Z9Bd6Z;R#v~ev1kQMe{hfnsNl<hwb4<7RW-pjL=J+90q
zMZitZ*o#=KVtqX;4bo@hmDZSHP{2pq6DxDsw>3Vgw~W3+JCs^AeeGD5GGE!%n=LtN
z%~4FMq)(sBwAA}^wpO5}U}1CawW!GgdMQM!4^q;%!g^-S@hj)Wa@ppZ5j=E8P+F9m
z8aMPdZi27Qf4$1is=Wpac6EApZec*R?vis7dtueOWM3N?6Rp{DDYF{ZEvH-Cv~2+&
zeb0|oE**r?S*}TNEoIhSZYAY`rF>XsRkQB+IBc$Fgzo^dP7-Enn!I6mdh=~)znpu^
z!lROw>mKmYX}hf3dHhu*4-I?JNfBnmEKUZld%y$JVVP<&J=Q(6tg>TS>s{x|x|=nx
z^HCYWpH7B#H!YM>Oxa?$QtqicY|rHrO1Y=*rX43|mrd-PR9<(}mYokt*R}Hm-NRa}
zWDqhCs>y|JgO8Kr%i_`?Wbj(tI@C1)OG&pZkPsPvIYg(j1+$z_YePg!^>1(r=5)sG
za}bhr-E7?dMI{_Jx&Na$_r=;?U@QH<_RIbs2mRiYhx`A1Jon`PWvKxE1^vK2eIncb
zt0-pN|4W>Xj7|CD){cLq7)-6y1G0TjROm+gUyjqd4xlUc|6cF#up0mS;9>vY$5Xri
zr8CQ)-|?$q*Sq!sH33kRz;kV}=&h;AJmIV$zC9w4Yza7N2q1{$X0>?5h^i_L)xp*o
zoHpsg#xkFh1QHVs*2r7L2PLh^*ObqYvhBw<#Dm;sf7F9-y-P!OlIBH=?2zpwEyy<L
zK`W&bS#D>C?6|f7jkfdZ;}X^$BQ>mPeP3sFPqXYqzqXtLjIq~JA(ksny_wwlTT`uv
z=dPYxoc}VQ;%YWv#rfag?^pQ$Cx`nF=l^{?l4J^ksm-)UG*GcC8{A&y*G@?xSY{w(
z@muf_b%8hk>0QaoKEii*ov5*tb=$g$tz(^)<GtE9uIR%~>1I?TwCOyYNjH3MLI2mb
z0a-!+4|-3^_8$iadk^xTdwH7eKgxHZwTwSzx3&C`C&xdB^~bj~{h0j|+I`Gc8+|N|
z(Af;KYW1<s*nAZ;fm@iH%)Yj*$p)ceHZZ)HeLZ^*b_+`j+hk(NSeFbf*6HXsF>;ty
zEgW7&F{`z25Fc)(H=TV;^M%>h)!fg%uG)Tfm%8m5t?<$f-JF-s-QpeH!qSv-_{hX^
zTi3H_xa~jQ*|NUandMZPmPdV4qCUS|L(}MQvP+UEsI)E`{=daP`U7VfmHD-|8XCmJ
zUiup*QX43=>$~x&|7dUHu~A(QIOI$VXgtjFG+>;kId2#)3^U(=`78}tvyDQ>>HNUJ
zaPZY{J7hQ%oY2sm)59zchtrf7!zf!>PKOB@LPD=(J{wulb{xD_(v5#refYoHv;O_h
zpR#xsO_DTc8@91Z|9{XwDBb`1Pxl`3|K7{fCMUEgSe{_QaF||lJ!J_Q&7(Msk_pLZ
za7ibO`(B%zPa{tFJOk|vf#7Lm5~m~NlcQv^3*@edt{9l5TJLERdTo+0OmI%Nvz(2i
zk1WK4_`mJ=1pI*01ZoPDNXBv!M+x&i|K-{6tVna_wTVoQ_170?B#d(I`ID&V!oP^V
z=a2r8ci~_4Vmj%Hf7DNYm2?fD5e+Wq8Nnp<k9~ffd5`@Oz4RXY#Vqq4|1Ymi{z~&G
zopbW~<uUgJx9~d)3eS&1M!Q%pPk;Y263X@W|LO73%eTk=EZn$_Rr>#@y|VnL-+S=?
zxu2&^PBiOFE@Y%cq9*;q^Q_NGE&{Rdr!)_*X^y$~emPTV-Jp<6zo(#G3SK1UyW~2L
zih?C1O2}VQ-1k{LpG@c|W)c9=(eb$NdFLiu_b5#ZUgR|6gj$Mh^1h1nhwW)mWP@&Z
z5*5?=2!u?Qm?ubQvw0E~3$?_Ds$)AuM}Z}2LMVA}GMQ_jj;v&d1o51UF`08gD~l;3
z?|)|T42$zYw=0wI?I=1*Fo9m~dtSRu{=y1!Y7zmxPR6O{U0hrQX~NT(K?*;?ccz4f
zA*t&HQ4Q67^yLslDd5qOd3y|03=S(=^t|C2W90pX{&-R8L^n(W4nN?Zp(xeef%PDx
zags0%=7K>6D(?@WldlC+8OH>Y8&$g($<OakkKY_0ogEL~9lbsNP}|w=5^<f~2^Fjp
zu=uduR==ZUvO`8JPOk-OSk}g2WshaKH9Gxk5-socJgM(E_5+rF&SvQq<3tn^OUp{E
zZ>6=ToTotqY35;1nY5RH8;hZWl?BRox~}n9*?C=ZjqblNBkp<7*o!$Y(pmHmwNGGJ
z$WLr6SPr>FqGZy5MU)hI+J#*<1dQ5&f!8Uf4A*vN1n@eMhPUIB^OSJLU=;Pj5F{tf
zP%8(c7P10T4nwcRxbBjxh)0DP&Mi*fU!lBUL1*!YZNF>%+}R~*PV#voDsV=eC8&mq
z531{cPt$9Rk;ZSf=5Is)*FXQ4$H86J#)|WQ|4F~1|9SHC;rzds=h1PVr}+^GR!(v@
zW;sg&MxK+c7im&N$((I@-gurs0rFzXg3DKO+E3>(gWBX1$P(J*H%6wBpgII{Bl~z=
z2xvm4G|Oa)IZ9CeK+-YE8Rcohccnl~P=*L|8Rhd>Y}lO9a6#C|h|BOH(U@#M0_g91
zA9iHR>Vx^>AAbxO>~8-Z+(rP=7iq|LNC&LL)+p+qr)QAsX?urs*dL^Ig!mi-I;|bM
zc^rU~oL#{^L1u{MqLXH8kr`c(DZMg1Lqm#?6k?#%z!EXCCCERqfX=y0^%RK_tBw<w
z10_D>j6|FyDM^?BpUPtZPK2CE`;DmZoo0T^qk?sQPI*CEFIm9?fg1EyAn%~JOWvi0
zxY!Be`Z8^4IA2hI@u?9oE}7#5l>IDcAvt3OH1KOiPT3#xNW60zYdOGbX3qJ}K1K!U
z8-zUk_lxJ*XdD#<n`MRUfjX_2+b}1u(wv;YW%t?BXNS9_-`hLrwLEndj__P%A8Ak!
zPG^iLqKGq7Old);l#^-1#Tp1`952X-u|!Y(Xh9SazK#;^wKYR$v9Gd(Aj-Tuiqlc|
zS$}-^v==;iI_^IU4#Q_-_Uvi+{rK>Z9zHt=_j}*>Y545flW{k@oOEdx@vanT4yDFr
zIGfB0f0DM}^q)NQ-m&Y>J670xn{-}AJd5c9)G{`Xm1C%L{^Fz~28eVvDvWf8V4BK~
zvT7vfFHT73O&ZV`Y$>tqvD8DK=W|9n7_}Qj0z^Q$VkjP{r%=w!tNX&cG-UeH;LbZa
z!w8w<xtK0YycU{Shp7ejOs>`_A!#16Tx>Mh-(pdm;vkS;Uy~3A5^P8HO(_CSfousp
z_!cSXNF{PpcMA3~i_@ItcQHG#aMzw5S$e(sk%jMkf~>2jREVrMOU^cr<MNhvYpIPN
gw*HLbn}_G&d3YY48$bVl00030|K^UmLjaUV0KG{oQ2+n{

literal 0
HcmV?d00001

diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/.editorconfig b/charts/rancher-monitoring/104.1.4+up57.0.3/.editorconfig
new file mode 100644
index 0000000000..f5ee2f4610
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/.editorconfig
@@ -0,0 +1,5 @@
+root = true
+
+[files/dashboards/*.json]
+indent_size = 2
+indent_style = space
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/.helmignore
new file mode 100644
index 0000000000..9bdbec92b4
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/.helmignore
@@ -0,0 +1,29 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+# helm/charts
+OWNERS
+hack/
+ci/
+kube-prometheus-*.tgz
+
+unittests/
+files/dashboards/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/CHANGELOG.md b/charts/rancher-monitoring/104.1.4+up57.0.3/CHANGELOG.md
new file mode 100644
index 0000000000..8178169b91
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/CHANGELOG.md
@@ -0,0 +1,47 @@
+# Changelog
+All notable changes from the upstream Prometheus Operator chart will be added to this file.
+
+## [Package Version 00] - 2020-07-19
+### Added
+- Added [Prometheus Adapter](https://github.com/helm/charts/tree/master/stable/prometheus-adapter) as a dependency to the upstream Prometheus Operator chart to allow users to expose custom metrics from the default Prometheus instance deployed by this chart
+- Remove `prometheus-operator/cleanup-crds.yaml` and `prometheus-operator/crds.yaml` from the Prometheus Operator upstream chart in favor of just using the CRD directory to install the CRDs.
+- Added support for `rkeControllerManager`, `rkeScheduler`, `rkeProxy`, and `rkeEtcd` PushProx exporters for monitoring k8s components within RKE clusters
+- Added support for a `k3sServer` PushProx exporter that monitors k3s server components (`kubeControllerManager`, `kubeScheduler`, and `kubeProxy`) within k3s clusters
+- Added support for `kubeAdmControllerManager`, `kubeAdmScheduler`, `kubeAdmProxy`, and `kubeAdmEtcd` PushProx exporters for monitoring k8s components within kubeAdm clusters
+- Added support for `rke2ControllerManager`, `rke2Scheduler`, `rke2Proxy`, and `rke2Etcd` PushProx exporters for monitoring k8s components within rke2 clusters
+- Exposed `prometheus.prometheusSpec.ignoreNamespaceSelectors` on values.yaml and set it to `false` by default. This value instructs the default Prometheus server deployed with this chart to ignore the `namespaceSelector` field within any created ServiceMonitor or PodMonitor CRs that it selects. This prevents ServiceMonitors and PodMonitors from configuring the Prometheus scrape configuration to monitor resources outside the namespace that they are deployed in; if a user needs to have one ServiceMonitor / PodMonitor monitor resources within several namespaces (such as the resources that are used to monitor Istio in a default installation), they should not enable this option since it would require them to create one ServiceMonitor / PodMonitor CR per namespace that they would like to monitor. Relevant fields were also updated in the default README.md.
+- Added `grafana.sidecar.dashboards.searchNamespace` to `values.yaml` with a default value of `cattle-dashboards`. The namespace provided should contain all ConfigMaps with the label `grafana_dashboard` and will be searched by the Grafana Dashboards sidecar for updates. The namespace specified is also created along with this deployment. All default dashboard ConfigMaps have been relocated from the deployment namespace to the namespace specified
+- Added `monitoring-admin`, `monitoring-edit`, and `monitoring-view` default `ClusterRoles` to allow admins to assign roles to users to interact with Prometheus Operator CRs. These can be enabled by setting `.Values.global.rbac.userRoles.create` (default: `true`). In a typical RBAC setup, you might want to use a `ClusterRoleBinding` to bind these roles to a Subject to allow them to set up or view `ServiceMonitors` / `PodMonitors` / `PrometheusRules` and view `Prometheus` or `Alertmanager` CRs across the cluster. If `.Values.global.rbac.userRoles.aggregateRolesForRBAC` is enabled, these ClusterRoles will aggregate into the respective default ClusterRoles provided by Kubernetes
+- Added `monitoring-config-admin`, `monitoring-config-edit` and `monitoring-config-view` default `Roles` to allow admins to assign roles to users to be able to edit / view `Secrets` and `ConfigMaps` within the `cattle-monitoring-system` namespace. These can be enabled by setting `.Values.global.rbac.userRoles.create` (default: `true`). In a typical RBAC setup, you might want to use a `RoleBinding` to bind these roles to a Subject within the `cattle-monitoring-system` namespace to allow them to modify Secrets / ConfigMaps tied to the deployment, such as your Alertmanager Config Secret. 
+- Added `monitoring-dashboard-admin`, `monitoring-dashboard-edit` and `monitoring-dashboard-view` default `Roles` to allow admins to assign roles to users to be able to edit / view `ConfigMaps` within the `cattle-dashboards` namespace. These can be enabled by setting `.Values.global.rbac.userRoles.create` (default: `true`) and deploying Grafana as part of this chart. In a typical RBAC setup, you might want to use a `RoleBinding` to bind these roles to a Subject within the `cattle-dashboards` namespace to allow them to create / modify ConfigMaps that contain the JSON used to persist Grafana Dashboards on the cluster.
+- Added default resource limits for `Prometheus Operator`, `Prometheus`, `AlertManager`, `Grafana`, `kube-state-metrics`, `node-exporter`
+- Added a default template `rancher_defaults.tmpl` to AlertManager that Rancher will offer to users in order to help configure the way alerts are rendered on a notifier. Also updated the default template deployed with this chart to reference that template and added an example of a Slack config using this template as a comment in the `values.yaml`.
+- Added support for private registries via introducing a new field for `global.cattle.systemDefaultRegistry` that, if supplied, will automatically be prepended onto every image used by the chart.
+- Added a default `nginx` proxy container deployed with Grafana whose config is set in the `ConfigMap` located in `charts/grafana/templates/nginx-config.yaml`. The purpose of this container is to make it possible to view Grafana's UI through a proxy that has a subpath (e.g. Rancher's proxy). This proxy container is set to listen on port `8080` (with a `portName` of `nginx-http` instead of the default `service`), which is also where the Grafana service will now point to, and will forward all requests to the Grafana container listening on the default port `3000`.
+- Added a default `nginx` proxy container deployed with Prometheus whose config is set in the `ConfigMap` located in `templates/prometheus/nginx-config.yaml`. The purpose of this container is to make it possible to view Prometheus's UI through a proxy that has a subpath (e.g. Rancher's proxy). This proxy container is set to listen on port `8081` (with a `portName` of `nginx-http` instead of the default `web`), which is also where the Prometheus service will now point to, and will forward all requests to the Prometheus container listening on the default port `9090`.
+- Added support for passing CIS Scans in a hardened cluster by introducing a Job that patches the default service account within the `cattle-monitoring-system` and `cattle-dashboards` namespaces on install or upgrade and adding a default allow all `NetworkPolicy` to the `cattle-monitoring-system` and `cattle-dashboards` namespaces.
+### Modified
+- Updated the chart name from `prometheus-operator` to `rancher-monitoring` and added the `io.rancher.certified: rancher` annotation to `Chart.yaml`
+- Modified the default `node-exporter` port from `9100` to `9796`
+- Modified the default `nameOverride` to `rancher-monitoring`. This change is necessary as the Prometheus Adapter's default URL (`http://{{ .Values.nameOverride }}-prometheus.{{ .Values.namespaceOverride }}.svc`) is based off of the value used here; if modified, the default Adapter URL must also be modified
+- Modified the default `namespaceOverride` to `cattle-monitoring-system`. This change is necessary as the Prometheus Adapter's default URL (`http://{{ .Values.nameOverride }}-prometheus.{{ .Values.namespaceOverride }}.svc`) is based off of the value used here; if modified, the default Adapter URL must also be modified
+- Configured some default values for `grafana.service` values and exposed them in the default README.md
+- The default namespaces the following ServiceMonitors were changed from the deployment namespace to allow them to continue to monitor metrics when `prometheus.prometheusSpec.ignoreNamespaceSelectors` is enabled:
+    - `core-dns`: `kube-system`
+    - `api-server`: `default`
+    - `kube-controller-manager`: `kube-system`
+    - `kubelet`: `{{ .Values.kubelet.namespace }}`
+- Disabled the following deployments by default (can be enabled if required):
+    - `AlertManager`
+    - `kube-controller-manager` metrics exporter
+    - `kube-etcd` metrics exporter
+    - `kube-scheduler` metrics exporter
+    - `kube-proxy` metrics exporter
+- Updated default Grafana `deploymentStrategy` to `Recreate` to prevent deployments from being stuck on upgrade if a PV is attached to Grafana
+- Modified the default `<serviceMonitor|podMonitor|rule>SelectorNilUsesHelmValues` to default to `false`. As a result, we look for all CRs with any labels in all namespaces by default rather than just the ones tagged with the label `release: rancher-monitoring`.
+- Modified the default images used by the `rancher-monitoring` chart to point to Rancher mirrors of the original images from upstream.
+- Modified the behavior of the chart to create the Alertmanager Config Secret via a pre-install hook instead of using the normal Helm lifecycle to manage the secret. The benefit of this approach is that all changes to the Config Secret done on a live cluster will never get overridden on a `helm upgrade` since the secret only gets created on a `helm install`. If you would like the secret to be cleaned up on an `helm uninstall`, enable `alertmanager.cleanupOnUninstall`; however, this is disabled by default to prevent the loss of alerting configuration on an uninstall. This secret will never be modified on a `helm upgrade`.
+- Modified the default `securityContext` for `Pod` templates across the chart to `{"runAsNonRoot": "true", "runAsUser": "1000"}` and replaced `grafana.rbac.pspUseAppArmor` in favor of `grafana.rbac.pspAnnotations={}` in order to make it possible to deploy this chart on a hardened cluster which does not support Seccomp or AppArmor annotations in PSPs. Users can always choose to specify the annotations they want to use for the PSP directly as part of the values provided.
+- Modified `.Values.prometheus.prometheusSpec.containers` to take in a string representing a template that should be rendered by Helm (via `tpl`) instead of allowing a user to provide YAML directly.
+- Modified the default Grafana configuration to auto assign users who access Grafana to the Viewer role and enable anonymous access to Grafana dashboards by default. This default works well for a Rancher user who is accessing Grafana via the `kubectl proxy` on the Rancher Dashboard UI since anonymous users who enter via the proxy are authenticated by the k8s API Server, but you can / should modify this behavior if you plan on exposing Grafana in a way that does not require authentication (e.g. as a `NodePort` service).
+- Modified the default Grafana configuration to add a default dashboard for Rancher on the Grafana home page.
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/CONTRIBUTING.md b/charts/rancher-monitoring/104.1.4+up57.0.3/CONTRIBUTING.md
new file mode 100644
index 0000000000..f6ce2a3235
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/CONTRIBUTING.md
@@ -0,0 +1,12 @@
+# Contributing Guidelines
+
+## How to contribute to this chart
+
+1. Fork this repository, develop and test your Chart.
+1. Bump the chart version for every change.
+1. Ensure PR title has the prefix `[kube-prometheus-stack]`
+1. When making changes to rules or dashboards, see the README.md section on how to sync data from upstream repositories
+1. Check the `hack/minikube` folder has scripts to set up minikube and components of this chart that will allow all components to be scraped. You can use this configuration when validating your changes.
+1. Check for changes of RBAC rules.
+1. Check for changes in CRD specs.
+1. PR must pass the linter (`helm lint`)
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/Chart.yaml
new file mode 100644
index 0000000000..c64e70d302
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/Chart.yaml
@@ -0,0 +1,126 @@
+annotations:
+  artifacthub.io/license: Apache-2.0
+  artifacthub.io/links: |
+    - name: Chart Source
+      url: https://github.com/prometheus-community/helm-charts
+    - name: Upstream Project
+       url: https://github.com/prometheus-operator/kube-prometheus
+  artifacthub.io/operator: "true"
+  catalog.cattle.io/auto-install: rancher-monitoring-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/deploys-on-os: windows
+  catalog.cattle.io/display-name: Monitoring
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/namespace: cattle-monitoring-system
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: monitoring.coreos.com.prometheus/v1
+  catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
+  catalog.cattle.io/release-name: rancher-monitoring
+  catalog.cattle.io/requests-cpu: 4500m
+  catalog.cattle.io/requests-memory: 4000Mi
+  catalog.cattle.io/type: cluster-tool
+  catalog.cattle.io/ui-component: monitoring
+  catalog.cattle.io/upstream-version: 57.0.3
+apiVersion: v2
+appVersion: v0.72.0
+dependencies:
+- condition: grafana.enabled
+  name: grafana
+  repository: file://./charts/grafana
+- condition: hardenedKubelet.enabled
+  name: hardenedKubelet
+  repository: file://./charts/hardenedKubelet
+- condition: hardenedNodeExporter.enabled
+  name: hardenedNodeExporter
+  repository: file://./charts/hardenedNodeExporter
+- condition: k3sServer.enabled
+  name: k3sServer
+  repository: file://./charts/k3sServer
+- condition: kubeStateMetrics.enabled
+  name: kube-state-metrics
+  repository: file://./charts/kube-state-metrics
+- condition: kubeAdmControllerManager.enabled
+  name: kubeAdmControllerManager
+  repository: file://./charts/kubeAdmControllerManager
+- condition: kubeAdmEtcd.enabled
+  name: kubeAdmEtcd
+  repository: file://./charts/kubeAdmEtcd
+- condition: kubeAdmProxy.enabled
+  name: kubeAdmProxy
+  repository: file://./charts/kubeAdmProxy
+- condition: kubeAdmScheduler.enabled
+  name: kubeAdmScheduler
+  repository: file://./charts/kubeAdmScheduler
+- condition: prometheus-adapter.enabled
+  name: prometheus-adapter
+  repository: file://./charts/prometheus-adapter
+- condition: nodeExporter.enabled
+  name: prometheus-node-exporter
+  repository: file://./charts/prometheus-node-exporter
+- condition: rke2ControllerManager.enabled
+  name: rke2ControllerManager
+  repository: file://./charts/rke2ControllerManager
+- condition: rke2Etcd.enabled
+  name: rke2Etcd
+  repository: file://./charts/rke2Etcd
+- condition: rke2IngressNginx.enabled
+  name: rke2IngressNginx
+  repository: file://./charts/rke2IngressNginx
+- condition: rke2Proxy.enabled
+  name: rke2Proxy
+  repository: file://./charts/rke2Proxy
+- condition: rke2Scheduler.enabled
+  name: rke2Scheduler
+  repository: file://./charts/rke2Scheduler
+- condition: rkeControllerManager.enabled
+  name: rkeControllerManager
+  repository: file://./charts/rkeControllerManager
+- condition: rkeEtcd.enabled
+  name: rkeEtcd
+  repository: file://./charts/rkeEtcd
+- condition: rkeIngressNginx.enabled
+  name: rkeIngressNginx
+  repository: file://./charts/rkeIngressNginx
+- condition: rkeProxy.enabled
+  name: rkeProxy
+  repository: file://./charts/rkeProxy
+- condition: rkeScheduler.enabled
+  name: rkeScheduler
+  repository: file://./charts/rkeScheduler
+- condition: windowsExporter.enabled
+  name: windowsExporter
+  repository: file://./charts/windowsExporter
+description: kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards,
+  and Prometheus rules combined with documentation and scripts to provide easy to
+  operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus
+  Operator.
+home: https://github.com/prometheus-operator/kube-prometheus
+icon: file://assets/logos/rancher-monitoring.png
+keywords:
+- operator
+- prometheus
+- kube-prometheus
+kubeVersion: '>=1.19.0-0'
+maintainers:
+- email: andrew@quadcorps.co.uk
+  name: andrewgkew
+- email: gianrubio@gmail.com
+  name: gianrubio
+- email: github.gkarthiks@gmail.com
+  name: gkarthiks
+- email: kube-prometheus-stack@sisti.pt
+  name: GMartinez-Sisti
+- email: github@jkroepke.de
+  name: jkroepke
+- email: scott@r6by.com
+  name: scottrigby
+- email: miroslav.hadzhiev@gmail.com
+  name: Xtigyro
+- email: quentin.bisson@gmail.com
+  name: QuentinBisson
+name: rancher-monitoring
+sources:
+- https://github.com/prometheus-community/helm-charts
+- https://github.com/prometheus-operator/kube-prometheus
+type: application
+version: 104.1.4+up57.0.3
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/README.md
new file mode 100644
index 0000000000..9baf58bb16
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/README.md
@@ -0,0 +1,1080 @@
+# kube-prometheus-stack
+
+Installs the [kube-prometheus stack](https://github.com/prometheus-operator/kube-prometheus), a collection of Kubernetes manifests, [Grafana](http://grafana.com/) dashboards, and [Prometheus rules](https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/) combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with [Prometheus](https://prometheus.io/) using the [Prometheus Operator](https://github.com/prometheus-operator/prometheus-operator).
+
+See the [kube-prometheus](https://github.com/prometheus-operator/kube-prometheus) README for details about components, dashboards, and alerts.
+
+_Note: This chart was formerly named `prometheus-operator` chart, now renamed to more clearly reflect that it installs the `kube-prometheus` project stack, within which Prometheus Operator is only one component._
+
+## Prerequisites
+
+- Kubernetes 1.19+
+- Helm 3+
+
+## Get Helm Repository Info
+
+```console
+helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+helm repo update
+```
+
+_See [`helm repo`](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+
+## Install Helm Chart
+
+```console
+helm install [RELEASE_NAME] prometheus-community/kube-prometheus-stack
+```
+
+_See [configuration](#configuration) below._
+
+_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
+
+## Dependencies
+
+By default this chart installs additional, dependent charts:
+
+- [prometheus-community/kube-state-metrics](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics)
+- [prometheus-community/prometheus-node-exporter](https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-node-exporter)
+- [grafana/grafana](https://github.com/grafana/helm-charts/tree/main/charts/grafana)
+
+To disable dependencies during installation, see [multiple releases](#multiple-releases) below.
+
+_See [helm dependency](https://helm.sh/docs/helm/helm_dependency/) for command documentation._
+
+## Uninstall Helm Chart
+
+```console
+helm uninstall [RELEASE_NAME]
+```
+
+This removes all the Kubernetes components associated with the chart and deletes the release.
+
+_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
+
+CRDs created by this chart are not removed by default and should be manually cleaned up:
+
+```console
+kubectl delete crd alertmanagerconfigs.monitoring.coreos.com
+kubectl delete crd alertmanagers.monitoring.coreos.com
+kubectl delete crd podmonitors.monitoring.coreos.com
+kubectl delete crd probes.monitoring.coreos.com
+kubectl delete crd prometheusagents.monitoring.coreos.com
+kubectl delete crd prometheuses.monitoring.coreos.com
+kubectl delete crd prometheusrules.monitoring.coreos.com
+kubectl delete crd scrapeconfigs.monitoring.coreos.com
+kubectl delete crd servicemonitors.monitoring.coreos.com
+kubectl delete crd thanosrulers.monitoring.coreos.com
+```
+
+## Upgrading Chart
+
+```console
+helm upgrade [RELEASE_NAME] prometheus-community/kube-prometheus-stack
+```
+
+With Helm v3, CRDs created by this chart are not updated by default and should be manually updated.
+Consult also the [Helm Documentation on CRDs](https://helm.sh/docs/chart_best_practices/custom_resource_definitions).
+
+_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
+
+### Upgrading an existing Release to a new major version
+
+A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions.
+
+### From 56.x to 57.x
+
+This version upgrades Prometheus-Operator to v0.72.0
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 55.x to 56.x
+
+This version upgrades Prometheus-Operator to v0.71.0, Prometheus to 2.49.1
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 54.x to 55.x
+
+This version upgrades Prometheus-Operator to v0.70.0
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 53.x to 54.x
+
+Grafana Helm Chart has bumped to version 7
+
+Please note Grafana Helm Chart [changelog](https://github.com/grafana/helm-charts/tree/main/charts/grafana#to-700).
+
+### From 52.x to 53.x
+
+This version upgrades Prometheus-Operator to v0.69.1, Prometheus to 2.47.2
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 51.x to 52.x
+
+This includes the ability to select between using existing secrets or create new secret objects for various thanos config. The defaults have not changed but if you were setting:
+
+- `thanosRuler.thanosRulerSpec.alertmanagersConfig` or
+- `thanosRuler.thanosRulerSpec.objectStorageConfig` or
+- `thanosRuler.thanosRulerSpec.queryConfig` or
+- `prometheus.prometheusSpec.thanos.objectStorageConfig`
+
+you will have to need to set `existingSecret` or `secret` based on your requirement
+
+For instance, the `thanosRuler.thanosRulerSpec.alertmanagersConfig` used to be configured as follow:
+
+```yaml
+thanosRuler:
+  thanosRulerSpec:
+    alertmanagersConfig:
+      alertmanagers:
+        - api_version: v2
+          http_config:
+            basic_auth:
+              username: some_user
+              password: some_pass
+          static_configs:
+            - alertmanager.thanos.io
+          scheme: http
+          timeout: 10s
+```
+
+But it now moved to:
+
+```yaml
+thanosRuler:
+  thanosRulerSpec:
+    alertmanagersConfig:
+      secret:
+        alertmanagers:
+          - api_version: v2
+            http_config:
+              basic_auth:
+                username: some_user
+                password: some_pass
+            static_configs:
+              - alertmanager.thanos.io
+            scheme: http
+            timeout: 10s
+```
+
+or the `thanosRuler.thanosRulerSpec.objectStorageConfig` used to be configured as follow:
+
+```yaml
+thanosRuler:
+  thanosRulerSpec:
+    objectStorageConfig:
+      name: existing-secret-not-created-by-this-chart
+      key: object-storage-configs.yaml
+```
+
+But it now moved to:
+
+```yaml
+thanosRuler:
+  thanosRulerSpec:
+    objectStorageConfig:
+      existingSecret:
+        name: existing-secret-not-created-by-this-chart
+        key: object-storage-configs.yaml
+```
+
+### From 50.x to 51.x
+
+This version upgrades Prometheus-Operator to v0.68.0, Prometheus to 2.47.0 and Thanos to v0.32.2
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 49.x to 50.x
+
+This version requires Kubernetes 1.19+.
+
+We do not expect any breaking changes in this version.
+
+### From 48.x to 49.x
+
+This version upgrades Prometheus-Operator to v0.67.1, 0, Alertmanager to v0.26.0, Prometheus to 2.46.0 and Thanos to v0.32.0
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 47.x to 48.x
+
+This version moved all CRDs into a dedicated sub-chart. No new CRDs are introduced in this version.
+See [#3548](https://github.com/prometheus-community/helm-charts/issues/3548) for more context.
+
+We do not expect any breaking changes in this version.
+
+### From 46.x to 47.x
+
+This version upgrades Prometheus-Operator to v0.66.0 with new CRDs (PrometheusAgent and ScrapeConfig).
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 45.x to 46.x
+
+This version upgrades Prometheus-Operator to v0.65.1 with new CRDs (PrometheusAgent and ScrapeConfig), Prometheus to v2.44.0 and Thanos to v0.31.0.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 44.x to 45.x
+
+This version upgrades Prometheus-Operator to v0.63.0, Prometheus to v2.42.0 and Thanos to v0.30.2.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 43.x to 44.x
+
+This version upgrades Prometheus-Operator to v0.62.0, Prometheus to v2.41.0 and Thanos to v0.30.1.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.62.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.62.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.62.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.62.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.62.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.62.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.62.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.62.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+If you have explicitly set `prometheusOperator.admissionWebhooks.failurePolicy`, this value is now always used even when `.prometheusOperator.admissionWebhooks.patch.enabled` is `true` (the default).
+
+The values for `prometheusOperator.image.tag` & `prometheusOperator.prometheusConfigReloader.image.tag` are now empty by default and the Chart.yaml `appVersion` field is used instead.
+
+### From 42.x to 43.x
+
+This version upgrades Prometheus-Operator to v0.61.1, Prometheus to v2.40.5 and Thanos to v0.29.0.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.61.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.61.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.61.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.61.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.61.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.61.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.61.1/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.61.1/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 41.x to 42.x
+
+This includes the overridability of container registry for all containers at the global level using `global.imageRegistry` or per container image. The defaults have not changed but if you were using a custom image, you will have to override the registry of said custom container image before you upgrade.
+
+For instance, the prometheus-config-reloader used to be configured as follow:
+
+```yaml
+    image:
+      repository: quay.io/prometheus-operator/prometheus-config-reloader
+      tag: v0.60.1
+      sha: ""
+```
+
+But it now moved to:
+
+```yaml
+    image:
+      registry: quay.io
+      repository: prometheus-operator/prometheus-config-reloader
+      tag: v0.60.1
+      sha: ""
+```
+
+### From 40.x to 41.x
+
+This version upgrades Prometheus-Operator to v0.60.1, Prometheus to v2.39.1 and Thanos to v0.28.1.
+This version also upgrades the Helm charts of kube-state-metrics to 4.20.2, prometheus-node-exporter to 4.3.0 and Grafana to 6.40.4.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.60.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.60.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.60.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.60.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.60.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.60.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.60.1/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.60.1/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+This version splits kubeScheduler recording and altering rules in separate config values.
+Instead of `defaultRules.rules.kubeScheduler` the 2 new variables `defaultRules.rules.kubeSchedulerAlerting` and `defaultRules.rules.kubeSchedulerRecording` are used.
+
+### From 39.x to 40.x
+
+This version upgrades Prometheus-Operator to v0.59.1, Prometheus to v2.38.0, kube-state-metrics to v2.6.0 and Thanos to v0.28.0.
+This version also upgrades the Helm charts of kube-state-metrics to 4.18.0 and prometheus-node-exporter to 4.2.0.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+Starting from prometheus-node-exporter version 4.0.0, the `node exporter` chart is using the [Kubernetes recommended labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/). Therefore you have to delete the daemonset before you upgrade.
+
+```console
+kubectl delete daemonset -l app=prometheus-node-exporter
+helm upgrade -i kube-prometheus-stack prometheus-community/kube-prometheus-stack
+```
+
+If you use your own custom [ServiceMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitor) or [PodMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#podmonitor), please ensure to upgrade their `selector` fields accordingly to the new labels.
+
+### From 38.x to 39.x
+
+This upgraded prometheus-operator to v0.58.0 and prometheus to v2.37.0
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.58.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.58.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.58.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.58.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.58.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.58.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.58.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.58.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 37.x to 38.x
+
+Reverted one of the default metrics relabelings for cAdvisor added in 36.x, due to it breaking container_network_* and various other statistics. If you do not want this change, you will need to override the `kubelet.cAdvisorMetricRelabelings`.
+
+### From 36.x to 37.x
+
+This includes some default metric relabelings for cAdvisor and apiserver metrics to reduce cardinality. If you do not want these defaults, you will need to override the `kubeApiServer.metricRelabelings` and or `kubelet.cAdvisorMetricRelabelings`.
+
+### From 35.x to 36.x
+
+This upgraded prometheus-operator to v0.57.0 and prometheus to v2.36.1
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.57.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.57.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.57.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.57.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.57.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.57.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.57.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.57.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 34.x to 35.x
+
+This upgraded prometheus-operator to v0.56.0 and prometheus to v2.35.0
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 33.x to 34.x
+
+This upgrades to prometheus-operator to v0.55.0 and prometheus to v2.33.5.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 32.x to 33.x
+
+This upgrades the prometheus-node-exporter Chart to v3.0.0. Please review the changes to this subchart if you make customizations to hostMountPropagation.
+
+### From 31.x to 32.x
+
+This upgrades to prometheus-operator to v0.54.0 and prometheus to v2.33.1. It also changes the default for `grafana.serviceMonitor.enabled` to `true.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 30.x to 31.x
+
+This version removes the built-in grafana ServiceMonitor and instead relies on the ServiceMonitor of the sub-chart.
+`grafana.serviceMonitor.enabled` must be set instead of `grafana.serviceMonitor.selfMonitor` and the old ServiceMonitor may
+need to be manually cleaned up after deploying the new release.
+
+### From 29.x to 30.x
+
+This version updates kube-state-metrics to 4.3.0 and uses the new option `kube-state-metrics.releaseLabel=true` which adds the "release" label to kube-state-metrics labels, making scraping of the metrics by kube-prometheus-stack work out of the box again, independent of the used kube-prometheus-stack release name. If you already set the "release" label via `kube-state-metrics.customLabels` you might have to remove that and use it via the new option.
+
+### From 28.x to 29.x
+
+This version makes scraping port for kube-controller-manager and kube-scheduler dynamic to reflect changes to default serving ports
+for those components in Kubernetes versions v1.22 and v1.23 respectively.
+
+If you deploy on clusters using version v1.22+, kube-controller-manager will be scraped over HTTPS on port 10257.
+
+If you deploy on clusters running version v1.23+, kube-scheduler will be scraped over HTTPS on port 10259.
+
+### From 27.x to 28.x
+
+This version disables PodSecurityPolicies by default because they are deprecated in Kubernetes 1.21 and will be removed in Kubernetes 1.25.
+
+If you are using PodSecurityPolicies you can enable the previous behaviour by setting `kube-state-metrics.podSecurityPolicy.enabled`, `prometheus-node-exporter.rbac.pspEnabled`, `grafana.rbac.pspEnabled` and `global.rbac.pspEnabled` to `true`.
+
+### From 26.x to 27.x
+
+This version splits prometheus-node-exporter chart recording and altering rules in separate config values.
+Instead of `defaultRules.rules.node` the 2 new variables `defaultRules.rules.nodeExporterAlerting` and `defaultRules.rules.nodeExporterRecording` are used.
+
+Also the following defaultRules.rules has been removed as they had no effect: `kubeApiserverError`, `kubePrometheusNodeAlerting`, `kubernetesAbsent`, `time`.
+
+The ability to set a rubookUrl via `defaultRules.rules.rubookUrl` was reintroduced.
+
+### From 25.x to 26.x
+
+This version enables the prometheus-node-exporter subchart servicemonitor by default again, by setting `prometheus-node-exporter.prometheus.monitor.enabled` to `true`.
+
+### From 24.x to 25.x
+
+This version upgrade to prometheus-operator v0.53.1. It removes support for setting a runbookUrl, since the upstream format for runbooks changed.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 23.x to 24.x
+
+The custom `ServiceMonitor` for the _kube-state-metrics_ & _prometheus-node-exporter_ charts have been removed in favour of the built-in sub-chart `ServiceMonitor`; for both sub-charts this means that `ServiceMonitor` customisations happen via the values passed to the chart. If you haven't directly customised this behaviour then there are no changes required to upgrade, but if you have please read the following.
+
+For _kube-state-metrics_ the `ServiceMonitor` customisation is now set via `kube-state-metrics.prometheus.monitor` and the `kubeStateMetrics.serviceMonitor.selfMonitor.enabled` value has moved to `kube-state-metrics.selfMonitor.enabled`.
+
+For _prometheus-node-exporter_ the `ServiceMonitor` customisation is now set via `prometheus-node-exporter.prometheus.monitor` and the `nodeExporter.jobLabel` values has moved to `prometheus-node-exporter.prometheus.monitor.jobLabel`.
+
+### From 22.x to 23.x
+
+Port names have been renamed for Istio's
+[explicit protocol selection](https://istio.io/latest/docs/ops/configuration/traffic-management/protocol-selection/#explicit-protocol-selection).
+
+| | old value | new value |
+|-|-----------|-----------|
+| `alertmanager.alertmanagerSpec.portName` | `web` | `http-web` |
+| `grafana.service.portName` | `service` | `http-web` |
+| `prometheus-node-exporter.service.portName` | `metrics` (hardcoded) | `http-metrics` |
+| `prometheus.prometheusSpec.portName` | `web` | `http-web` |
+
+### From 21.x to 22.x
+
+Due to the upgrade of the `kube-state-metrics` chart, removal of its deployment/stateful needs to done manually prior to upgrading:
+
+```console
+kubectl delete deployments.apps -l app.kubernetes.io/instance=prometheus-operator,app.kubernetes.io/name=kube-state-metrics --cascade=orphan
+```
+
+or if you use autosharding:
+
+```console
+kubectl delete statefulsets.apps -l app.kubernetes.io/instance=prometheus-operator,app.kubernetes.io/name=kube-state-metrics --cascade=orphan
+```
+
+### From 20.x to 21.x
+
+The config reloader values have been refactored. All the values have been moved to the key `prometheusConfigReloader` and the limits and requests can now be set separately.
+
+### From 19.x to 20.x
+
+Version 20 upgrades prometheus-operator from 0.50.x to 0.52.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRDs manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.52.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.52.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.52.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.52.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.52.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.52.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.52.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.52.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 18.x to 19.x
+
+`kubeStateMetrics.serviceMonitor.namespaceOverride` was removed.
+Please use `kube-state-metrics.namespaceOverride` instead.
+
+### From 17.x to 18.x
+
+Version 18 upgrades prometheus-operator from 0.49.x to 0.50.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRDs manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.50.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.50.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.50.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.50.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.50.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.50.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.50.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.50.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 16.x to 17.x
+
+Version 17 upgrades prometheus-operator from 0.48.x to 0.49.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRDs manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.49.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.49.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.49.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.49.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.49.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.49.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.49.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.49.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 15.x to 16.x
+
+Version 16 upgrades kube-state-metrics to v2.0.0. This includes changed command-line arguments and removed metrics, see this [blog post](https://kubernetes.io/blog/2021/04/13/kube-state-metrics-v-2-0/). This version also removes Grafana dashboards that supported Kubernetes 1.14 or earlier.
+
+### From 14.x to 15.x
+
+Version 15 upgrades prometheus-operator from 0.46.x to 0.47.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRDs manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.47.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.47.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.47.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.47.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.47.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.47.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.47.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 13.x to 14.x
+
+Version 14 upgrades prometheus-operator from 0.45.x to 0.46.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRDs manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 12.x to 13.x
+
+Version 13 upgrades prometheus-operator from 0.44.x to 0.45.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRD manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+```
+
+### From 11.x to 12.x
+
+Version 12 upgrades prometheus-operator from 0.43.x to 0.44.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRD manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/release-0.44/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+```
+
+The chart was migrated to support only helm v3 and later.
+
+### From 10.x to 11.x
+
+Version 11 upgrades prometheus-operator from 0.42.x to 0.43.x. Starting with 0.43.x an additional `AlertmanagerConfigs` CRD is introduced. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRD manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/release-0.43/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+```
+
+Version 11 removes the deprecated tlsProxy via ghostunnel in favor of native TLS support the prometheus-operator gained with v0.39.0.
+
+### From 9.x to 10.x
+
+Version 10 upgrades prometheus-operator from 0.38.x to 0.42.x. Starting with 0.40.x an additional `Probes` CRD is introduced. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRD manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/release-0.42/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+```
+
+### From 8.x to 9.x
+
+Version 9 of the helm chart removes the existing `additionalScrapeConfigsExternal` in favour of `additionalScrapeConfigsSecret`. This change lets users specify the secret name and secret key to use for the additional scrape configuration of prometheus. This is useful for users that have prometheus-operator as a subchart and also have a template that creates the additional scrape configuration.
+
+### From 7.x to 8.x
+
+Due to new template functions being used in the rules in version 8.x.x of the chart, an upgrade to Prometheus Operator and Prometheus is necessary in order to support them. First, upgrade to the latest version of 7.x.x
+
+```console
+helm upgrade [RELEASE_NAME] prometheus-community/kube-prometheus-stack --version 7.5.0
+```
+
+Then upgrade to 8.x.x
+
+```console
+helm upgrade [RELEASE_NAME] prometheus-community/kube-prometheus-stack --version [8.x.x]
+```
+
+Minimal recommended Prometheus version for this chart release is `2.12.x`
+
+### From 6.x to 7.x
+
+Due to a change in grafana subchart, version 7.x.x now requires Helm >= 2.12.0.
+
+### From 5.x to 6.x
+
+Due to a change in deployment labels of kube-state-metrics, the upgrade requires `helm upgrade --force` in order to re-create the deployment. If this is not done an error will occur indicating that the deployment cannot be modified:
+
+```console
+invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app.kubernetes.io/name":"kube-state-metrics"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable
+```
+
+If this error has already been encountered, a `helm history` command can be used to determine which release has worked, then `helm rollback` to the release, then `helm upgrade --force` to this new one
+
+## Configuration
+
+See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments:
+
+```console
+helm show values prometheus-community/kube-prometheus-stack
+```
+
+You may also run `helm show values` on this chart's [dependencies](#dependencies) for additional options.
+
+### Rancher Monitoring Configuration
+
+The following table shows values exposed by Rancher Monitoring's additions to the chart:
+
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `nameOverride` | Provide a name that should be used instead of the chart name when naming all resources deployed by this chart |`"rancher-monitoring"`|
+| `namespaceOverride` | Override the deployment namespace | `"cattle-monitoring-system"` |
+| `global.rbac.userRoles.create` | Create default user ClusterRoles to allow users to interact with Prometheus CRs, ConfigMaps, and Secrets | `true` |
+| `global.rbac.userRoles.aggregateToDefaultRoles` | Aggregate default user ClusterRoles into default k8s ClusterRoles | `true` |
+| `prometheus-adapter.enabled` | Whether to install [prometheus-adapter](https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-adapter) within the cluster | `true` |
+| `prometheus-adapter.prometheus.url` | A URL pointing to the Prometheus deployment within your cluster. The default value is set based on the assumption that you plan to deploy the default Prometheus instance from this chart where `.Values.namespaceOverride=cattle-monitoring-system` and `.Values.nameOverride=rancher-monitoring` | `http://rancher-monitoring-prometheus.cattle-monitoring-system.svc` |
+| `prometheus-adapter.prometheus.port` | The port on the Prometheus deployment that Prometheus Adapter can make requests to | `9090` |
+| `prometheus.prometheusSpec.ignoreNamespaceSelectors` | Ignore NamespaceSelector settings from the PodMonitor and ServiceMonitor configs. If true, PodMonitors and ServiceMonitors can only discover Pods and Services within the namespace they are deployed into | `false` |
+
+The following values are enabled for different distributions via [rancher-pushprox](https://github.com/rancher/dev-charts/tree/master/packages/rancher-pushprox). See the rancher-pushprox `README.md` for more information on what all values can be configured for the PushProxy chart.
+
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `rkeControllerManager.enabled` | Create a PushProx installation for monitoring kube-controller-manager metrics in RKE clusters | `false` |
+| `rkeScheduler.enabled` | Create a PushProx installation for monitoring kube-scheduler metrics in RKE clusters | `false` |
+| `rkeProxy.enabled` | Create a PushProx installation for monitoring kube-proxy metrics in RKE clusters | `false` |
+| `rkeIngressNginx.enabled` | Create a PushProx installation for monitoring ingress-nginx metrics in RKE clusters | `false` |
+| `rkeEtcd.enabled` | Create a PushProx installation for monitoring etcd metrics in RKE clusters | `false` |
+| `rke2IngressNginx.enabled` | Create a PushProx installation for monitoring ingress-nginx metrics in RKE2 clusters | `false` |
+| `k3sServer.enabled` | Create a PushProx installation for monitoring k3s-server metrics (accounts for kube-controller-manager, kube-scheduler, and kube-proxy metrics) in k3s clusters | `false` |
+| `kubeAdmControllerManager.enabled` | Create a PushProx installation for monitoring kube-controller-manager metrics in kubeAdm clusters | `false` |
+| `kubeAdmScheduler.enabled` | Create a PushProx installation for monitoring kube-scheduler metrics in kubeAdm clusters | `false` |
+| `kubeAdmProxy.enabled` | Create a PushProx installation for monitoring kube-proxy metrics in kubeAdm clusters | `false` |
+| `kubeAdmEtcd.enabled` | Create a PushProx installation for monitoring etcd metrics in kubeAdm clusters | `false` |
+
+
+### Multiple releases
+
+The same chart can be used to run multiple Prometheus instances in the same cluster if required. To achieve this, it is necessary to run only one instance of prometheus-operator and a pair of alertmanager pods for an HA configuration, while all other components need to be disabled. To disable a dependency during installation, set `kubeStateMetrics.enabled`, `nodeExporter.enabled` and `grafana.enabled` to `false`.
+
+## Work-Arounds for Known Issues
+
+### Running on private GKE clusters
+
+When Google configure the control plane for private clusters, they automatically configure VPC peering between your Kubernetes cluster’s network and a separate Google managed project. In order to restrict what Google are able to access within your cluster, the firewall rules configured restrict access to your Kubernetes pods. This means that in order to use the webhook component with a GKE private cluster, you must configure an additional firewall rule to allow the GKE control plane access to your webhook pod.
+
+You can read more information on how to add firewall rules for the GKE control plane nodes in the [GKE docs](https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#add_firewall_rules)
+
+Alternatively, you can disable the hooks by setting `prometheusOperator.admissionWebhooks.enabled=false`.
+
+## PrometheusRules Admission Webhooks
+
+With Prometheus Operator version 0.30+, the core Prometheus Operator pod exposes an endpoint that will integrate with the `validatingwebhookconfiguration` Kubernetes feature to prevent malformed rules from being added to the cluster.
+
+### How the Chart Configures the Hooks
+
+A validating and mutating webhook configuration requires the endpoint to which the request is sent to use TLS. It is possible to set up custom certificates to do this, but in most cases, a self-signed certificate is enough. The setup of this component requires some more complex orchestration when using helm. The steps are created to be idempotent and to allow turning the feature on and off without running into helm quirks.
+
+1. A pre-install hook provisions a certificate into the same namespace using a format compatible with provisioning using end user certificates. If the certificate already exists, the hook exits.
+2. The prometheus operator pod is configured to use a TLS proxy container, which will load that certificate.
+3. Validating and Mutating webhook configurations are created in the cluster, with their failure mode set to Ignore. This allows rules to be created by the same chart at the same time, even though the webhook has not yet been fully set up - it does not have the correct CA field set.
+4. A post-install hook reads the CA from the secret created by step 1 and patches the Validating and Mutating webhook configurations. This process will allow a custom CA provisioned by some other process to also be patched into the webhook configurations. The chosen failure policy is also patched into the webhook configurations
+
+### Alternatives
+
+It should be possible to use [jetstack/cert-manager](https://github.com/jetstack/cert-manager) if a more complete solution is required, but it has not been tested.
+
+You can enable automatic self-signed TLS certificate provisioning via cert-manager by setting the `prometheusOperator.admissionWebhooks.certManager.enabled` value to true.
+
+### Limitations
+
+Because the operator can only run as a single pod, there is potential for this component failure to cause rule deployment failure. Because this risk is outweighed by the benefit of having validation, the feature is enabled by default.
+
+## Developing Prometheus Rules and Grafana Dashboards
+
+This chart Grafana Dashboards and Prometheus Rules are just a copy from [prometheus-operator/prometheus-operator](https://github.com/prometheus-operator/prometheus-operator) and other sources, synced (with alterations) by scripts in [hack](hack) folder. In order to introduce any changes you need to first [add them to the original repository](https://github.com/prometheus-operator/kube-prometheus/blob/main/docs/customizations/developing-prometheus-rules-and-grafana-dashboards.md) and then sync there by scripts.
+
+## Further Information
+
+For more in-depth documentation of configuration options meanings, please see
+
+- [Prometheus Operator](https://github.com/prometheus-operator/prometheus-operator)
+- [Prometheus](https://prometheus.io/docs/introduction/overview/)
+- [Grafana](https://github.com/grafana/helm-charts/tree/main/charts/grafana#grafana-helm-chart)
+
+## prometheus.io/scrape
+
+The prometheus operator does not support annotation-based discovery of services, using the `PodMonitor` or `ServiceMonitor` CRD in its place as they provide far more configuration options.
+For information on how to use PodMonitors/ServiceMonitors, please see the documentation on the `prometheus-operator/prometheus-operator` documentation here:
+
+- [ServiceMonitors](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/getting-started.md#include-servicemonitors)
+- [PodMonitors](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/getting-started.md#include-podmonitors)
+- [Running Exporters](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/running-exporters.md)
+
+By default, Prometheus discovers PodMonitors and ServiceMonitors within its namespace, that are labeled with the same release tag as the prometheus-operator release.
+Sometimes, you may need to discover custom PodMonitors/ServiceMonitors, for example used to scrape data from third-party applications.
+An easy way of doing this, without compromising the default PodMonitors/ServiceMonitors discovery, is allowing Prometheus to discover all PodMonitors/ServiceMonitors within its namespace, without applying label filtering.
+To do so, you can set `prometheus.prometheusSpec.podMonitorSelectorNilUsesHelmValues` and `prometheus.prometheusSpec.serviceMonitorSelectorNilUsesHelmValues` to `false`.
+
+## Migrating from stable/prometheus-operator chart
+
+## Zero downtime
+
+Since `kube-prometheus-stack` is fully compatible with the `stable/prometheus-operator` chart, a migration without downtime can be achieved.
+However, the old name prefix needs to be kept. If you want the new name please follow the step by step guide below (with downtime).
+
+You can override the name to achieve this:
+
+```console
+helm upgrade prometheus-operator prometheus-community/kube-prometheus-stack -n monitoring --reuse-values --set nameOverride=prometheus-operator
+```
+
+**Note**: It is recommended to run this first with `--dry-run --debug`.
+
+## Redeploy with new name (downtime)
+
+If the **prometheus-operator** values are compatible with the new **kube-prometheus-stack** chart, please follow the below steps for migration:
+
+> The guide presumes that chart is deployed in `monitoring` namespace and the deployments are running there. If in other namespace, please replace the `monitoring` to the deployed namespace.
+
+1. Patch the PersistenceVolume created/used by the prometheus-operator chart to `Retain` claim policy:
+
+    ```console
+    kubectl patch pv/<PersistentVolume name> -p '{"spec":{"persistentVolumeReclaimPolicy":"Retain"}}'
+    ```
+
+    **Note:** To execute the above command, the user must have a cluster wide permission. Please refer [Kubernetes RBAC](https://kubernetes.io/docs/reference/access-authn-authz/rbac/)
+
+2. Uninstall the **prometheus-operator** release and delete the existing PersistentVolumeClaim, and verify PV become Released.
+
+    ```console
+    helm uninstall prometheus-operator -n monitoring
+    kubectl delete pvc/<PersistenceVolumeClaim name> -n monitoring
+    ```
+
+    Additionally, you have to manually remove the remaining `prometheus-operator-kubelet` service.
+
+    ```console
+    kubectl delete service/prometheus-operator-kubelet -n kube-system
+    ```
+
+    You can choose to remove all your existing CRDs (ServiceMonitors, Podmonitors, etc.) if you want to.
+
+3. Remove current `spec.claimRef` values to change the PV's status from Released to Available.
+
+    ```console
+    kubectl patch pv/<PersistentVolume name> --type json -p='[{"op": "remove", "path": "/spec/claimRef"}]' -n monitoring
+    ```
+
+**Note:** To execute the above command, the user must have a cluster wide permission. Please refer to [Kubernetes RBAC](https://kubernetes.io/docs/reference/access-authn-authz/rbac/)
+
+After these steps, proceed to a fresh **kube-prometheus-stack** installation and make sure the current release of **kube-prometheus-stack** matching the `volumeClaimTemplate` values in the `values.yaml`.
+
+The binding is done via matching a specific amount of storage requested and with certain access modes.
+
+For example, if you had storage specified as this with **prometheus-operator**:
+
+```yaml
+volumeClaimTemplate:
+  spec:
+    storageClassName: gp2
+    accessModes: ["ReadWriteOnce"]
+    resources:
+     requests:
+       storage: 50Gi
+```
+
+You have to specify matching `volumeClaimTemplate` with 50Gi storage and `ReadWriteOnce` access mode.
+
+Additionally, you should check the current AZ of your legacy installation's PV, and configure the fresh release to use the same AZ as the old one. If the pods are in a different AZ than the PV, the release will fail to bind the existing one, hence creating a new PV.
+
+This can be achieved either by specifying the labels through `values.yaml`, e.g. setting `prometheus.prometheusSpec.nodeSelector` to:
+
+```yaml
+nodeSelector:
+  failure-domain.beta.kubernetes.io/zone: east-west-1a
+```
+
+or passing these values as `--set` overrides during installation.
+
+The new release should now re-attach your previously released PV with its content.
+
+## Migrating from coreos/prometheus-operator chart
+
+The multiple charts have been combined into a single chart that installs prometheus operator, prometheus, alertmanager, grafana as well as the multitude of exporters necessary to monitor a cluster.
+
+There is no simple and direct migration path between the charts as the changes are extensive and intended to make the chart easier to support.
+
+The capabilities of the old chart are all available in the new chart, including the ability to run multiple prometheus instances on a single cluster - you will need to disable the parts of the chart you do not wish to deploy.
+
+You can check out the tickets for this change [here](https://github.com/prometheus-operator/prometheus-operator/issues/592) and [here](https://github.com/helm/charts/pull/6765).
+
+### High-level overview of Changes
+
+#### Added dependencies
+
+The chart has added 3 [dependencies](#dependencies).
+
+- Node-Exporter, Kube-State-Metrics: These components are loaded as dependencies into the chart, and are relatively simple components
+- Grafana: The Grafana chart is more feature-rich than this chart - it contains a sidecar that is able to load data sources and dashboards from configmaps deployed into the same cluster. For more information check out the [documentation for the chart](https://github.com/grafana/helm-charts/blob/main/charts/grafana/README.md)
+
+#### Kubelet Service
+
+Because the kubelet service has a new name in the chart, make sure to clean up the old kubelet service in the `kube-system` namespace to prevent counting container metrics twice.
+
+#### Persistent Volumes
+
+If you would like to keep the data of the current persistent volumes, it should be possible to attach existing volumes to new PVCs and PVs that are created using the conventions in the new chart. For example, in order to use an existing Azure disk for a helm release called `prometheus-migration` the following resources can be created:
+
+```yaml
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: pvc-prometheus-migration-prometheus-0
+spec:
+  accessModes:
+  - ReadWriteOnce
+  azureDisk:
+    cachingMode: None
+    diskName: pvc-prometheus-migration-prometheus-0
+    diskURI: /subscriptions/f5125d82-2622-4c50-8d25-3f7ba3e9ac4b/resourceGroups/sample-migration-resource-group/providers/Microsoft.Compute/disks/pvc-prometheus-migration-prometheus-0
+    fsType: ""
+    kind: Managed
+    readOnly: false
+  capacity:
+    storage: 1Gi
+  persistentVolumeReclaimPolicy: Delete
+  storageClassName: prometheus
+  volumeMode: Filesystem
+```
+
+```yaml
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  labels:
+    app.kubernetes.io/name: prometheus
+    prometheus: prometheus-migration-prometheus
+  name: prometheus-prometheus-migration-prometheus-db-prometheus-prometheus-migration-prometheus-0
+  namespace: monitoring
+spec:
+  accessModes:
+  - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+  storageClassName: prometheus
+  volumeMode: Filesystem
+  volumeName: pvc-prometheus-migration-prometheus-0
+```
+
+The PVC will take ownership of the PV and when you create a release using a persistent volume claim template it will use the existing PVCs as they match the naming convention used by the chart. For other cloud providers similar approaches can be used.
+
+#### KubeProxy
+
+The metrics bind address of kube-proxy is default to `127.0.0.1:10249` that prometheus instances **cannot** access to. You should expose metrics by changing `metricsBindAddress` field value to `0.0.0.0:10249` if you want to collect them.
+
+Depending on the cluster, the relevant part `config.conf` will be in ConfigMap `kube-system/kube-proxy` or `kube-system/kube-proxy-config`. For example:
+
+```console
+kubectl -n kube-system edit cm kube-proxy
+```
+
+```yaml
+apiVersion: v1
+data:
+  config.conf: |-
+    apiVersion: kubeproxy.config.k8s.io/v1alpha1
+    kind: KubeProxyConfiguration
+    # ...
+    # metricsBindAddress: 127.0.0.1:10249
+    metricsBindAddress: 0.0.0.0:10249
+    # ...
+  kubeconfig.conf: |-
+    # ...
+kind: ConfigMap
+metadata:
+  labels:
+    app: kube-proxy
+  name: kube-proxy
+  namespace: kube-system
+```
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/app-README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/app-README.md
new file mode 100644
index 0000000000..3920854384
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/app-README.md
@@ -0,0 +1,46 @@
+# Rancher Monitoring and Alerting
+
+ This chart is based on the upstream [kube-prometheus-stack](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack) chart. The chart deploys [Prometheus Operator](https://github.com/prometheus-operator/prometheus-operator) and its CRDs along with [Grafana](https://github.com/grafana/helm-charts/tree/main/charts/grafana), [Prometheus Adapter](https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-adapter) and additional charts / Kubernetes manifests to gather metrics. It allows users to monitor their Kubernetes clusters, view metrics in Grafana dashboards, and set up alerts and notifications.
+
+For more information on how to use the feature, refer to our [docs](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/).
+
+The chart installs the following components:
+
+- [Prometheus Operator](https://github.com/coreos/prometheus-operator)  - The operator provides easy monitoring definitions for Kubernetes services, manages [Prometheus](https://prometheus.io/) and [AlertManager](https://prometheus.io/docs/alerting/latest/alertmanager/) instances, and adds default scrape targets for some Kubernetes components.
+- [kube-prometheus](https://github.com/prometheus-operator/kube-prometheus/) - A collection of community-curated Kubernetes manifests, Grafana Dashboards, and PrometheusRules that deploy a default end-to-end cluster monitoring configuration.
+- [Grafana](https://github.com/grafana/helm-charts/tree/main/charts/grafana) - Grafana allows a user to create / view dashboards based on the cluster metrics collected by Prometheus.
+- [node-exporter](https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-node-exporter) / [kube-state-metrics](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics) / [rancher-pushprox](https://github.com/rancher/charts/tree/dev-v2.7/packages/rancher-monitoring/rancher-pushprox/charts) - These charts monitor various Kubernetes components across different Kubernetes cluster types.
+- [Prometheus Adapter](https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-adapter) - The adapter allows a user to expose custom metrics, resource metrics, and external metrics on the default [Prometheus](https://prometheus.io/) instance to the Kubernetes API Server.
+
+For more information, review the Helm README of this chart.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+​
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Upgrading from 100.0.0+up16.6.0 to 100.1.0+up19.0.3
+
+### Noticeable changes:
+Grafana:
+- `sidecar.dashboards.searchNamespace`, `sidecar.datasources.searchNamespace` and `sidecar.notifiers.searchNamespace` support a list of namespaces now.
+
+Kube-state-metrics
+- the type of `collectors` is changed from Dictionary to List.
+- `kubeStateMetrics.serviceMonitor.namespaceOverride` was replaced by `kube-state-metrics.namespaceOverride`.
+
+### Known issues:
+- Occasionally, the upgrade fails with errors related to the webhook `prometheusrulemutate.monitoring.coreos.com`. This is a known issue in the upstream, and the workaround is to trigger the upgrade one more time. [32416](https://github.com/rancher/rancher/issues/32416#issuecomment-828881726)
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/.helmignore
new file mode 100644
index 0000000000..8cade1318f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.vscode
+.project
+.idea/
+*.tmproj
+OWNERS
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/Chart.yaml
new file mode 100644
index 0000000000..ff6bcb26aa
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/Chart.yaml
@@ -0,0 +1,39 @@
+annotations:
+  artifacthub.io/license: Apache-2.0
+  artifacthub.io/links: |
+    - name: Chart Source
+      url: https://github.com/grafana/helm-charts
+    - name: Upstream Project
+      url: https://github.com/grafana/grafana
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-grafana
+apiVersion: v2
+appVersion: 10.4.1
+description: The leading tool for querying and visualizing time series and metrics.
+home: https://grafana.com
+icon: https://artifacthub.io/image/b4fed1a7-6c8f-4945-b99d-096efa3e4116
+keywords:
+- monitoring
+- metric
+kubeVersion: '>=1.26.0-0'
+maintainers:
+- email: zanhsieh@gmail.com
+  name: zanhsieh
+- email: rluckie@cisco.com
+  name: rtluckie
+- email: maor.friedman@redhat.com
+  name: maorfr
+- email: miroslav.hadzhiev@gmail.com
+  name: Xtigyro
+- email: mail@torstenwalter.de
+  name: torstenwalter
+name: grafana
+sources:
+- https://github.com/grafana/grafana
+- https://github.com/grafana/helm-charts
+type: application
+version: 7.3.11
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/README.md
new file mode 100644
index 0000000000..0ff07f297d
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/README.md
@@ -0,0 +1,770 @@
+# Grafana Helm Chart
+
+* Installs the web dashboarding system [Grafana](http://grafana.org/)
+
+## Get Repo Info
+
+```console
+helm repo add grafana https://grafana.github.io/helm-charts
+helm repo update
+```
+
+_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+
+## Installing the Chart
+
+To install the chart with the release name `my-release`:
+
+```console
+helm install my-release grafana/grafana
+```
+
+## Uninstalling the Chart
+
+To uninstall/delete the my-release deployment:
+
+```console
+helm delete my-release
+```
+
+The command removes all the Kubernetes components associated with the chart and deletes the release.
+
+## Upgrading an existing Release to a new major version
+
+A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an
+incompatible breaking change needing manual actions.
+
+### To 4.0.0 (And 3.12.1)
+
+This version requires Helm >= 2.12.0.
+
+### To 5.0.0
+
+You have to add --force to your helm upgrade command as the labels of the chart have changed.
+
+### To 6.0.0
+
+This version requires Helm >= 3.1.0.
+
+### To 7.0.0
+
+For consistency with other Helm charts, the `global.image.registry` parameter was renamed
+to `global.imageRegistry`. If you were not previously setting `global.image.registry`, no action
+is required on upgrade. If you were previously setting `global.image.registry`, you will
+need to instead set `global.imageRegistry`.
+
+## Configuration
+
+| Parameter                                 | Description                                   | Default                                                 |
+|-------------------------------------------|-----------------------------------------------|---------------------------------------------------------|
+| `replicas`                                | Number of nodes                               | `1`                                                     |
+| `podDisruptionBudget.minAvailable`        | Pod disruption minimum available              | `nil`                                                   |
+| `podDisruptionBudget.maxUnavailable`      | Pod disruption maximum unavailable            | `nil`                                                   |
+| `podDisruptionBudget.apiVersion`          | Pod disruption apiVersion                     | `nil`                                                   |
+| `deploymentStrategy`                      | Deployment strategy                           | `{ "type": "RollingUpdate" }`                           |
+| `livenessProbe`                           | Liveness Probe settings                       | `{ "httpGet": { "path": "/api/health", "port": 3000 } "initialDelaySeconds": 60, "timeoutSeconds": 30, "failureThreshold": 10 }` |
+| `readinessProbe`                          | Readiness Probe settings                      | `{ "httpGet": { "path": "/api/health", "port": 3000 } }`|
+| `securityContext`                         | Deployment securityContext                    | `{"runAsUser": 472, "runAsGroup": 472, "fsGroup": 472}`  |
+| `priorityClassName`                       | Name of Priority Class to assign pods         | `nil`                                                   |
+| `image.registry`                          | Image registry                                | `docker.io`                                       |
+| `image.repository`                        | Image repository                              | `grafana/grafana`                                       |
+| `image.tag`                               | Overrides the Grafana image tag whose default is the chart appVersion (`Must be >= 5.0.0`) | ``                                                      |
+| `image.sha`                               | Image sha (optional)                          | ``                                                      |
+| `image.pullPolicy`                        | Image pull policy                             | `IfNotPresent`                                          |
+| `image.pullSecrets`                       | Image pull secrets (can be templated)         | `[]`                                                    |
+| `service.enabled`                         | Enable grafana service                        | `true`                                                  |
+| `service.type`                            | Kubernetes service type                       | `ClusterIP`                                             |
+| `service.port`                            | Kubernetes port where service is exposed      | `80`                                                    |
+| `service.portName`                        | Name of the port on the service               | `service`                                               |
+| `service.appProtocol`                     | Adds the appProtocol field to the service     | ``                                                      |
+| `service.targetPort`                      | Internal service is port                      | `3000`                                                  |
+| `service.nodePort`                        | Kubernetes service nodePort                   | `nil`                                                   |
+| `service.annotations`                     | Service annotations (can be templated)        | `{}`                                                    |
+| `service.labels`                          | Custom labels                                 | `{}`                                                    |
+| `service.clusterIP`                       | internal cluster service IP                   | `nil`                                                   |
+| `service.loadBalancerIP`                  | IP address to assign to load balancer (if supported) | `nil`                                            |
+| `service.loadBalancerSourceRanges`        | list of IP CIDRs allowed access to lb (if supported) | `[]`                                             |
+| `service.externalIPs`                     | service external IP addresses                 | `[]`                                                    |
+| `service.externalTrafficPolicy`           | change the default externalTrafficPolicy | `nil`                                            |
+| `headlessService`                         | Create a headless service                     | `false`                                                 |
+| `extraExposePorts`                        | Additional service ports for sidecar containers| `[]`                                                   |
+| `hostAliases`                             | adds rules to the pod's /etc/hosts            | `[]`                                                    |
+| `ingress.enabled`                         | Enables Ingress                               | `false`                                                 |
+| `ingress.annotations`                     | Ingress annotations (values are templated)    | `{}`                                                    |
+| `ingress.labels`                          | Custom labels                                 | `{}`                                                    |
+| `ingress.path`                            | Ingress accepted path                         | `/`                                                     |
+| `ingress.pathType`                        | Ingress type of path                          | `Prefix`                                                |
+| `ingress.hosts`                           | Ingress accepted hostnames                    | `["chart-example.local"]`                                                    |
+| `ingress.extraPaths`                      | Ingress extra paths to prepend to every host configuration. Useful when configuring [custom actions with AWS ALB Ingress Controller](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.6/guide/ingress/annotations/#actions). Requires `ingress.hosts` to have one or more host entries. | `[]`                                                    |
+| `ingress.tls`                             | Ingress TLS configuration                     | `[]`                                                    |
+| `ingress.ingressClassName`                | Ingress Class Name. MAY be required for Kubernetes versions >= 1.18 | `""`                              |
+| `resources`                               | CPU/Memory resource requests/limits           | `{}`                                                    |
+| `nodeSelector`                            | Node labels for pod assignment                | `{}`                                                    |
+| `tolerations`                             | Toleration labels for pod assignment          | `[]`                                                    |
+| `affinity`                                | Affinity settings for pod assignment          | `{}`                                                    |
+| `extraInitContainers`                     | Init containers to add to the grafana pod     | `{}`                                                    |
+| `extraContainers`                         | Sidecar containers to add to the grafana pod  | `""`                                                    |
+| `extraContainerVolumes`                   | Volumes that can be mounted in sidecar containers | `[]`                                                |
+| `extraLabels`                             | Custom labels for all manifests               | `{}`                                                    |
+| `schedulerName`                           | Name of the k8s scheduler (other than default) | `nil`                                                  |
+| `persistence.enabled`                     | Use persistent volume to store data           | `false`                                                 |
+| `persistence.type`                        | Type of persistence (`pvc` or `statefulset`)  | `pvc`                                                   |
+| `persistence.size`                        | Size of persistent volume claim               | `10Gi`                                                  |
+| `persistence.existingClaim`               | Use an existing PVC to persist data (can be templated) | `nil`                                          |
+| `persistence.storageClassName`            | Type of persistent volume claim               | `nil`                                                   |
+| `persistence.accessModes`                 | Persistence access modes                      | `[ReadWriteOnce]`                                       |
+| `persistence.annotations`                 | PersistentVolumeClaim annotations             | `{}`                                                    |
+| `persistence.finalizers`                  | PersistentVolumeClaim finalizers              | `[ "kubernetes.io/pvc-protection" ]`                    |
+| `persistence.extraPvcLabels`              | Extra labels to apply to a PVC.               | `{}`                                                    |
+| `persistence.subPath`                     | Mount a sub dir of the persistent volume (can be templated) | `nil`                                     |
+| `persistence.inMemory.enabled`            | If persistence is not enabled, whether to mount the local storage in-memory to improve performance | `false`                                                   |
+| `persistence.inMemory.sizeLimit`          | SizeLimit for the in-memory local storage     | `nil`                                                   |
+| `initChownData.enabled`                   | If false, don't reset data ownership at startup | true                                                  |
+| `initChownData.image.registry`            | init-chown-data container image registry      | `docker.io`                                               |
+| `initChownData.image.repository`          | init-chown-data container image repository    | `busybox`                                               |
+| `initChownData.image.tag`                 | init-chown-data container image tag           | `1.31.1`                                                |
+| `initChownData.image.sha`                 | init-chown-data container image sha (optional)| `""`                                                    |
+| `initChownData.image.pullPolicy`          | init-chown-data container image pull policy   | `IfNotPresent`                                          |
+| `initChownData.resources`                 | init-chown-data pod resource requests & limits | `{}`                                                   |
+| `schedulerName`                           | Alternate scheduler name                      | `nil`                                                   |
+| `env`                                     | Extra environment variables passed to pods    | `{}`                                                    |
+| `envValueFrom`                            | Environment variables from alternate sources. See the API docs on [EnvVarSource](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#envvarsource-v1-core) for format details. Can be templated | `{}` |
+| `envFromSecret`                           | Name of a Kubernetes secret (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `""` |
+| `envFromSecrets`                          | List of Kubernetes secrets (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `[]` |
+| `envFromConfigMaps`                       | List of Kubernetes ConfigMaps (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `[]` |
+| `envRenderSecret`                         | Sensible environment variables passed to pods and stored as secret. (passed through [tpl](https://helm.sh/docs/howto/charts_tips_and_tricks/#using-the-tpl-function))   | `{}`                               |
+| `enableServiceLinks`                      | Inject Kubernetes services as environment variables. | `true`                                           |
+| `extraSecretMounts`                       | Additional grafana server secret mounts       | `[]`                                                    |
+| `extraVolumeMounts`                       | Additional grafana server volume mounts       | `[]`                                                    |
+| `extraVolumes`                            | Additional Grafana server volumes             | `[]`                                                    |
+| `automountServiceAccountToken`            | Mounted the service account token on the grafana pod. Mandatory, if sidecars are enabled  | `true`      |
+| `createConfigmap`                         | Enable creating the grafana configmap         | `true`                                                  |
+| `extraConfigmapMounts`                    | Additional grafana server configMap volume mounts (values are templated) | `[]`                         |
+| `extraEmptyDirMounts`                     | Additional grafana server emptyDir volume mounts | `[]`                                                 |
+| `plugins`                                 | Plugins to be loaded along with Grafana       | `[]`                                                    |
+| `datasources`                             | Configure grafana datasources (passed through tpl) | `{}`                                               |
+| `alerting`                                | Configure grafana alerting (passed through tpl) | `{}`                                                  |
+| `notifiers`                               | Configure grafana notifiers                   | `{}`                                                    |
+| `dashboardProviders`                      | Configure grafana dashboard providers         | `{}`                                                    |
+| `dashboards`                              | Dashboards to import                          | `{}`                                                    |
+| `dashboardsConfigMaps`                    | ConfigMaps reference that contains dashboards | `{}`                                                    |
+| `grafana.ini`                             | Grafana's primary configuration               | `{}`                                                    |
+| `global.imageRegistry`                    | Global image pull registry for all images.    | `null`                                   |
+| `global.imagePullSecrets`                 | Global image pull secrets (can be templated). Allows either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style).  | `[]`                                                    |
+| `ldap.enabled`                            | Enable LDAP authentication                    | `false`                                                 |
+| `ldap.existingSecret`                     | The name of an existing secret containing the `ldap.toml` file, this must have the key `ldap-toml`. | `""` |
+| `ldap.config`                             | Grafana's LDAP configuration                  | `""`                                                    |
+| `annotations`                             | Deployment annotations                        | `{}`                                                    |
+| `labels`                                  | Deployment labels                             | `{}`                                                    |
+| `podAnnotations`                          | Pod annotations                               | `{}`                                                    |
+| `podLabels`                               | Pod labels                                    | `{}`                                                    |
+| `podPortName`                             | Name of the grafana port on the pod           | `grafana`                                               |
+| `lifecycleHooks`                          | Lifecycle hooks for podStart and preStop [Example](https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/#define-poststart-and-prestop-handlers)     | `{}`                                                    |
+| `sidecar.image.registry`                  | Sidecar image registry                        | `quay.io`                          |
+| `sidecar.image.repository`                | Sidecar image repository                      | `kiwigrid/k8s-sidecar`                          |
+| `sidecar.image.tag`                       | Sidecar image tag                             | `1.26.0`                                                |
+| `sidecar.image.sha`                       | Sidecar image sha (optional)                  | `""`                                                    |
+| `sidecar.imagePullPolicy`                 | Sidecar image pull policy                     | `IfNotPresent`                                          |
+| `sidecar.resources`                       | Sidecar resources                             | `{}`                                                    |
+| `sidecar.securityContext`                 | Sidecar securityContext                       | `{}`                                                    |
+| `sidecar.enableUniqueFilenames`           | Sets the kiwigrid/k8s-sidecar UNIQUE_FILENAMES environment variable. If set to `true` the sidecar will create unique filenames where duplicate data keys exist between ConfigMaps and/or Secrets within the same or multiple Namespaces. | `false`                           |
+| `sidecar.alerts.enabled`             | Enables the cluster wide search for alerts and adds/updates/deletes them in grafana |`false`       |
+| `sidecar.alerts.label`               | Label that config maps with alerts should have to be added | `grafana_alert`                               |
+| `sidecar.alerts.labelValue`          | Label value that config maps with alerts should have to be added | `""`                                |
+| `sidecar.alerts.searchNamespace`     | Namespaces list. If specified, the sidecar will search for alerts config-maps  inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil`                               |
+| `sidecar.alerts.watchMethod`         | Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. | `WATCH` |
+| `sidecar.alerts.resource`            | Should the sidecar looks into secrets, configmaps or both. | `both`                               |
+| `sidecar.alerts.reloadURL`           | Full url of datasource configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/alerting/reload"` |
+| `sidecar.alerts.skipReload`          | Enabling this omits defining the REQ_URL and REQ_METHOD environment variables | `false` |
+| `sidecar.alerts.initAlerts`          | Set to true to deploy the alerts sidecar as an initContainer. This is needed if skipReload is true, to load any alerts defined at startup time. | `false` |
+| `sidecar.alerts.extraMounts`         | Additional alerts sidecar volume mounts. | `[]`                               |
+| `sidecar.dashboards.enabled`              | Enables the cluster wide search for dashboards and adds/updates/deletes them in grafana | `false`       |
+| `sidecar.dashboards.SCProvider`           | Enables creation of sidecar provider          | `true`                                                  |
+| `sidecar.dashboards.provider.name`        | Unique name of the grafana provider           | `sidecarProvider`                                       |
+| `sidecar.dashboards.provider.orgid`       | Id of the organisation, to which the dashboards should be added | `1`                                   |
+| `sidecar.dashboards.provider.folder`      | Logical folder in which grafana groups dashboards | `""`                                                |
+| `sidecar.dashboards.provider.disableDelete` | Activate to avoid the deletion of imported dashboards | `false`                                       |
+| `sidecar.dashboards.provider.allowUiUpdates` | Allow updating provisioned dashboards from the UI | `false`                                          |
+| `sidecar.dashboards.provider.type`        | Provider type                                 | `file`                                                  |
+| `sidecar.dashboards.provider.foldersFromFilesStructure`        | Allow Grafana to replicate dashboard structure from filesystem.                                 | `false`                                                  |
+| `sidecar.dashboards.watchMethod`          | Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. | `WATCH` |
+| `sidecar.skipTlsVerify`                   | Set to true to skip tls verification for kube api calls | `nil`                                         |
+| `sidecar.dashboards.label`                | Label that config maps with dashboards should have to be added | `grafana_dashboard`                                |
+| `sidecar.dashboards.labelValue`                | Label value that config maps with dashboards should have to be added | `""`                                |
+| `sidecar.dashboards.folder`               | Folder in the pod that should hold the collected dashboards (unless `sidecar.dashboards.defaultFolderName` is set). This path will be mounted. | `/tmp/dashboards`    |
+| `sidecar.dashboards.folderAnnotation`     | The annotation the sidecar will look for in configmaps to override the destination folder for files | `nil`                                                  |
+| `sidecar.dashboards.defaultFolderName`    | The default folder name, it will create a subfolder under the `sidecar.dashboards.folder` and put dashboards in there instead | `nil`                                |
+| `sidecar.dashboards.searchNamespace`      | Namespaces list. If specified, the sidecar will search for dashboards config-maps  inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil`                                |
+| `sidecar.dashboards.script`               | Absolute path to shell script to execute after a configmap got reloaded. | `nil`                                |
+| `sidecar.dashboards.reloadURL`            | Full url of dashboards configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/dashboards/reload"` |
+| `sidecar.dashboards.skipReload`           | Enabling this omits defining the REQ_USERNAME, REQ_PASSWORD, REQ_URL and REQ_METHOD environment variables | `false` |
+| `sidecar.dashboards.resource`             | Should the sidecar looks into secrets, configmaps or both. | `both`                               |
+| `sidecar.dashboards.extraMounts`          | Additional dashboard sidecar volume mounts. | `[]`                               |
+| `sidecar.datasources.enabled`             | Enables the cluster wide search for datasources and adds/updates/deletes them in grafana |`false`       |
+| `sidecar.datasources.label`               | Label that config maps with datasources should have to be added | `grafana_datasource`                               |
+| `sidecar.datasources.labelValue`          | Label value that config maps with datasources should have to be added | `""`                                |
+| `sidecar.datasources.searchNamespace`     | Namespaces list. If specified, the sidecar will search for datasources config-maps  inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil`                               |
+| `sidecar.datasources.watchMethod`         | Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. | `WATCH` |
+| `sidecar.datasources.resource`            | Should the sidecar looks into secrets, configmaps or both. | `both`                               |
+| `sidecar.datasources.reloadURL`           | Full url of datasource configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/datasources/reload"` |
+| `sidecar.datasources.skipReload`          | Enabling this omits defining the REQ_URL and REQ_METHOD environment variables | `false` |
+| `sidecar.datasources.initDatasources`     | Set to true to deploy the datasource sidecar as an initContainer in addition to a container. This is needed if skipReload is true, to load any datasources defined at startup time. | `false` |
+| `sidecar.notifiers.enabled`               | Enables the cluster wide search for notifiers and adds/updates/deletes them in grafana | `false`        |
+| `sidecar.notifiers.label`                 | Label that config maps with notifiers should have to be added | `grafana_notifier`                               |
+| `sidecar.notifiers.labelValue`            | Label value that config maps with notifiers should have to be added | `""`                                |
+| `sidecar.notifiers.searchNamespace`       | Namespaces list. If specified, the sidecar will search for notifiers config-maps (or secrets) inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil`                               |
+| `sidecar.notifiers.watchMethod`           | Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. | `WATCH` |
+| `sidecar.notifiers.resource`              | Should the sidecar looks into secrets, configmaps or both. | `both`                               |
+| `sidecar.notifiers.reloadURL`             | Full url of notifier configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/notifications/reload"` |
+| `sidecar.notifiers.skipReload`            | Enabling this omits defining the REQ_URL and REQ_METHOD environment variables | `false` |
+| `sidecar.notifiers.initNotifiers`         | Set to true to deploy the notifier sidecar as an initContainer in addition to a container. This is needed if skipReload is true, to load any notifiers defined at startup time. | `false` |
+| `smtp.existingSecret`                     | The name of an existing secret containing the SMTP credentials. | `""`                                  |
+| `smtp.userKey`                            | The key in the existing SMTP secret containing the username. | `"user"`                                 |
+| `smtp.passwordKey`                        | The key in the existing SMTP secret containing the password. | `"password"`                             |
+| `admin.existingSecret`                    | The name of an existing secret containing the admin credentials (can be templated). | `""`                                 |
+| `admin.userKey`                           | The key in the existing admin secret containing the username. | `"admin-user"`                          |
+| `admin.passwordKey`                       | The key in the existing admin secret containing the password. | `"admin-password"`                      |
+| `serviceAccount.automountServiceAccountToken` | Automount the service account token on all pods where is service account is used | `false` |
+| `serviceAccount.annotations`              | ServiceAccount annotations                    |                                                         |
+| `serviceAccount.create`                   | Create service account                        | `true`                                                  |
+| `serviceAccount.labels`                   | ServiceAccount labels                         | `{}`                                                    |
+| `serviceAccount.name`                     | Service account name to use, when empty will be set to created account if `serviceAccount.create` is set else to `default` | `` |
+| `serviceAccount.nameTest`                 | Service account name to use for test, when empty will be set to created account if `serviceAccount.create` is set else to `default` | `nil` |
+| `rbac.create`                             | Create and use RBAC resources                 | `true`                                                  |
+| `rbac.namespaced`                         | Creates Role and Rolebinding instead of the default ClusterRole and ClusteRoleBindings for the grafana instance  | `false` |
+| `rbac.useExistingRole`                    | Set to a rolename to use existing role - skipping role creating - but still doing serviceaccount and rolebinding to the rolename set here. | `nil` |
+| `rbac.pspEnabled`                         | Create PodSecurityPolicy (with `rbac.create`, grant roles permissions as well) | `false`                |
+| `rbac.pspUseAppArmor`                     | Enforce AppArmor in created PodSecurityPolicy (requires `rbac.pspEnabled`)  | `false`                   |
+| `rbac.extraRoleRules`                     | Additional rules to add to the Role           | []                                                      |
+| `rbac.extraClusterRoleRules`              | Additional rules to add to the ClusterRole    | []                                                      |
+| `command`                                 | Define command to be executed by grafana container at startup | `nil`                                   |
+| `args`                                    | Define additional args if command is used     | `nil`                                                   |
+| `testFramework.enabled`                   | Whether to create test-related resources      | `true`                                                  |
+| `testFramework.image.registry`            | `test-framework` image registry.            | `docker.io`                                             |
+| `testFramework.image.repository`          | `test-framework` image repository.            | `bats/bats`                                             |
+| `testFramework.image.tag`                 | `test-framework` image tag.                   | `v1.4.1`                                                |
+| `testFramework.imagePullPolicy`           | `test-framework` image pull policy.           | `IfNotPresent`                                          |
+| `testFramework.securityContext`           | `test-framework` securityContext              | `{}`                                                    |
+| `downloadDashboards.env`                  | Environment variables to be passed to the `download-dashboards` container | `{}`                        |
+| `downloadDashboards.envFromSecret`        | Name of a Kubernetes secret (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `""` |
+| `downloadDashboards.resources`            | Resources of `download-dashboards` container  | `{}`                                                    |
+| `downloadDashboardsImage.registry`        | Curl docker image registry                    | `docker.io`                                       |
+| `downloadDashboardsImage.repository`      | Curl docker image repository                  | `curlimages/curl`                                       |
+| `downloadDashboardsImage.tag`             | Curl docker image tag                         | `7.73.0`                                                |
+| `downloadDashboardsImage.sha`             | Curl docker image sha (optional)              | `""`                                                    |
+| `downloadDashboardsImage.pullPolicy`      | Curl docker image pull policy                 | `IfNotPresent`                                          |
+| `namespaceOverride`                       | Override the deployment namespace             | `""` (`Release.Namespace`)                              |
+| `serviceMonitor.enabled`                  | Use servicemonitor from prometheus operator   | `false`                                                 |
+| `serviceMonitor.namespace`                | Namespace this servicemonitor is installed in |                                                         |
+| `serviceMonitor.interval`                 | How frequently Prometheus should scrape       | `1m`                                                    |
+| `serviceMonitor.path`                     | Path to scrape                                | `/metrics`                                              |
+| `serviceMonitor.scheme`                   | Scheme to use for metrics scraping            | `http`                                                  |
+| `serviceMonitor.tlsConfig`                | TLS configuration block for the endpoint      | `{}`                                                    |
+| `serviceMonitor.labels`                   | Labels for the servicemonitor passed to Prometheus Operator      |  `{}`                                |
+| `serviceMonitor.scrapeTimeout`            | Timeout after which the scrape is ended       | `30s`                                                   |
+| `serviceMonitor.relabelings`              | RelabelConfigs to apply to samples before scraping.     | `[]`                                      |
+| `serviceMonitor.metricRelabelings`        | MetricRelabelConfigs to apply to samples before ingestion.  | `[]`                                      |
+| `revisionHistoryLimit`                    | Number of old ReplicaSets to retain           | `10`                                                    |
+| `imageRenderer.enabled`                    | Enable the image-renderer deployment & service                                     | `false`                          |
+| `imageRenderer.image.registry`             | image-renderer Image registry                                                      | `docker.io` |
+| `imageRenderer.image.repository`           | image-renderer Image repository                                                    | `grafana/grafana-image-renderer` |
+| `imageRenderer.image.tag`                  | image-renderer Image tag                                                           | `latest`                         |
+| `imageRenderer.image.sha`                  | image-renderer Image sha (optional)                                                | `""`                             |
+| `imageRenderer.image.pullPolicy`           | image-renderer ImagePullPolicy                                                     | `Always`                         |
+| `imageRenderer.env`                        | extra env-vars for image-renderer                                                  | `{}`                             |
+| `imageRenderer.envValueFrom`               | Environment variables for image-renderer from alternate sources. See the API docs on [EnvVarSource](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#envvarsource-v1-core) for format details. Can be templated | `{}` |
+| `imageRenderer.serviceAccountName`         | image-renderer deployment serviceAccountName                                       | `""`                             |
+| `imageRenderer.securityContext`            | image-renderer deployment securityContext                                          | `{}`                             |
+| `imageRenderer.podAnnotations `            | image-renderer image-renderer pod annotation                                       | `{}`                             |
+| `imageRenderer.hostAliases`                | image-renderer deployment Host Aliases                                             | `[]`                             |
+| `imageRenderer.priorityClassName`          | image-renderer deployment priority class                                           | `''`                             |
+| `imageRenderer.service.enabled`            | Enable the image-renderer service                                                  | `true`                           |
+| `imageRenderer.service.portName`           | image-renderer service port name                                                   | `http`                           |
+| `imageRenderer.service.port`               | image-renderer port used by deployment                                             | `8081`                           |
+| `imageRenderer.service.targetPort`         | image-renderer service port used by service                                        | `8081`                           |
+| `imageRenderer.appProtocol`                | Adds the appProtocol field to the service                                          | ``                               |
+| `imageRenderer.grafanaSubPath`             | Grafana sub path to use for image renderer callback url                            | `''`                             |
+| `imageRenderer.podPortName`                | name of the image-renderer port on the pod                                         | `http`                           |
+| `imageRenderer.revisionHistoryLimit`       | number of image-renderer replica sets to keep                                      | `10`                             |
+| `imageRenderer.networkPolicy.limitIngress` | Enable a NetworkPolicy to limit inbound traffic from only the created grafana pods | `true`                           |
+| `imageRenderer.networkPolicy.limitEgress`  | Enable a NetworkPolicy to limit outbound traffic to only the created grafana pods  | `false`                          |
+| `imageRenderer.resources`                  | Set resource limits for image-renderer pods                                        | `{}`                             |
+| `imageRenderer.nodeSelector`               | Node labels for pod assignment                | `{}`                                                    |
+| `imageRenderer.tolerations`                | Toleration labels for pod assignment          | `[]`                                                    |
+| `imageRenderer.affinity`                   | Affinity settings for pod assignment          | `{}`                                                    |
+| `networkPolicy.enabled`                    | Enable creation of NetworkPolicy resources.                                                                              | `false`             |
+| `networkPolicy.allowExternal`              | Don't require client label for connections                                                                               | `true`              |
+| `networkPolicy.explicitNamespacesSelector` | A Kubernetes LabelSelector to explicitly select namespaces from which traffic could be allowed                           | `{}`                |
+| `networkPolicy.ingress`                    | Enable the creation of an ingress network policy             | `true`    |
+| `networkPolicy.egress.enabled`             | Enable the creation of an egress network policy              | `false`   |
+| `networkPolicy.egress.ports`               | An array of ports to allow for the egress                    | `[]`    |
+| `enableKubeBackwardCompatibility`          | Enable backward compatibility of kubernetes where pod's defintion version below 1.13 doesn't have the enableServiceLinks option  | `false`     |
+
+### Example ingress with path
+
+With grafana 6.3 and above
+
+```yaml
+grafana.ini:
+  server:
+    domain: monitoring.example.com
+    root_url: "%(protocol)s://%(domain)s/grafana"
+    serve_from_sub_path: true
+ingress:
+  enabled: true
+  hosts:
+    - "monitoring.example.com"
+  path: "/grafana"
+```
+
+### Example of extraVolumeMounts and extraVolumes
+
+Configure additional volumes with `extraVolumes` and volume mounts with `extraVolumeMounts`.
+
+Example for `extraVolumeMounts` and corresponding `extraVolumes`:
+
+```yaml
+extraVolumeMounts:
+  - name: plugins
+    mountPath: /var/lib/grafana/plugins
+    subPath: configs/grafana/plugins
+    readOnly: false
+  - name: dashboards
+    mountPath: /var/lib/grafana/dashboards
+    hostPath: /usr/shared/grafana/dashboards
+    readOnly: false
+
+extraVolumes:
+  - name: plugins
+    existingClaim: existing-grafana-claim
+  - name: dashboards
+    hostPath: /usr/shared/grafana/dashboards
+```
+
+Volumes default to `emptyDir`. Set to `persistentVolumeClaim`,
+`hostPath`, `csi`, or `configMap` for other types. For a
+`persistentVolumeClaim`, specify an existing claim name with
+`existingClaim`.
+
+## Import dashboards
+
+There are a few methods to import dashboards to Grafana. Below are some examples and explanations as to how to use each method:
+
+```yaml
+dashboards:
+  default:
+    some-dashboard:
+      json: |
+        {
+          "annotations":
+
+          ...
+          # Complete json file here
+          ...
+
+          "title": "Some Dashboard",
+          "uid": "abcd1234",
+          "version": 1
+        }
+    custom-dashboard:
+      # This is a path to a file inside the dashboards directory inside the chart directory
+      file: dashboards/custom-dashboard.json
+    prometheus-stats:
+      # Ref: https://grafana.com/dashboards/2
+      gnetId: 2
+      revision: 2
+      datasource: Prometheus
+    loki-dashboard-quick-search:
+      gnetId: 12019
+      revision: 2
+      datasource:
+      - name: DS_PROMETHEUS
+        value: Prometheus
+      - name: DS_LOKI
+        value: Loki
+    local-dashboard:
+      url: https://raw.githubusercontent.com/user/repository/master/dashboards/dashboard.json
+```
+
+## BASE64 dashboards
+
+Dashboards could be stored on a server that does not return JSON directly and instead of it returns a Base64 encoded file (e.g. Gerrit)
+A new parameter has been added to the url use case so if you specify a b64content value equals to true after the url entry a Base64 decoding is applied before save the file to disk.
+If this entry is not set or is equals to false not decoding is applied to the file before saving it to disk.
+
+### Gerrit use case
+
+Gerrit API for download files has the following schema: <https://yourgerritserver/a/{project-name}/branches/{branch-id}/files/{file-id}/content> where {project-name} and
+{file-id} usually has '/' in their values and so they MUST be replaced by %2F so if project-name is user/repo, branch-id is master and file-id is equals to dir1/dir2/dashboard
+the url value is <https://yourgerritserver/a/user%2Frepo/branches/master/files/dir1%2Fdir2%2Fdashboard/content>
+
+## Sidecar for dashboards
+
+If the parameter `sidecar.dashboards.enabled` is set, a sidecar container is deployed in the grafana
+pod. This container watches all configmaps (or secrets) in the cluster and filters out the ones with
+a label as defined in `sidecar.dashboards.label`. The files defined in those configmaps are written
+to a folder and accessed by grafana. Changes to the configmaps are monitored and the imported
+dashboards are deleted/updated.
+
+A recommendation is to use one configmap per dashboard, as a reduction of multiple dashboards inside
+one configmap is currently not properly mirrored in grafana.
+
+Example dashboard config:
+
+```yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: sample-grafana-dashboard
+  labels:
+     grafana_dashboard: "1"
+data:
+  k8s-dashboard.json: |-
+  [...]
+```
+
+## Sidecar for datasources
+
+If the parameter `sidecar.datasources.enabled` is set, an init container is deployed in the grafana
+pod. This container lists all secrets (or configmaps, though not recommended) in the cluster and
+filters out the ones with a label as defined in `sidecar.datasources.label`. The files defined in
+those secrets are written to a folder and accessed by grafana on startup. Using these yaml files,
+the data sources in grafana can be imported.
+
+Should you aim for reloading datasources in Grafana each time the config is changed, set `sidecar.datasources.skipReload: false` and adjust `sidecar.datasources.reloadURL` to `http://<svc-name>.<namespace>.svc.cluster.local/api/admin/provisioning/datasources/reload`.
+
+Secrets are recommended over configmaps for this usecase because datasources usually contain private
+data like usernames and passwords. Secrets are the more appropriate cluster resource to manage those.
+
+Example values to add a postgres datasource as a kubernetes secret:
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: grafana-datasources
+  labels:
+    grafana_datasource: 'true' # default value for: sidecar.datasources.label
+stringData:
+  pg-db.yaml: |-
+    apiVersion: 1
+    datasources:
+      - name: My pg db datasource
+        type: postgres
+        url: my-postgresql-db:5432
+        user: db-readonly-user
+        secureJsonData:
+          password: 'SUperSEcretPa$$word'
+        jsonData:
+          database: my_datase
+          sslmode: 'disable' # disable/require/verify-ca/verify-full
+          maxOpenConns: 0 # Grafana v5.4+
+          maxIdleConns: 2 # Grafana v5.4+
+          connMaxLifetime: 14400 # Grafana v5.4+
+          postgresVersion: 1000 # 903=9.3, 904=9.4, 905=9.5, 906=9.6, 1000=10
+          timescaledb: false
+        # <bool> allow users to edit datasources from the UI.
+        editable: false
+```
+
+Example values to add a datasource adapted from [Grafana](http://docs.grafana.org/administration/provisioning/#example-datasource-config-file):
+
+```yaml
+datasources:
+ datasources.yaml:
+   apiVersion: 1
+   datasources:
+      # <string, required> name of the datasource. Required
+    - name: Graphite
+      # <string, required> datasource type. Required
+      type: graphite
+      # <string, required> access mode. proxy or direct (Server or Browser in the UI). Required
+      access: proxy
+      # <int> org id. will default to orgId 1 if not specified
+      orgId: 1
+      # <string> url
+      url: http://localhost:8080
+      # <string> database password, if used
+      password:
+      # <string> database user, if used
+      user:
+      # <string> database name, if used
+      database:
+      # <bool> enable/disable basic auth
+      basicAuth:
+      # <string> basic auth username
+      basicAuthUser:
+      # <string> basic auth password
+      basicAuthPassword:
+      # <bool> enable/disable with credentials headers
+      withCredentials:
+      # <bool> mark as default datasource. Max one per org
+      isDefault:
+      # <map> fields that will be converted to json and stored in json_data
+      jsonData:
+         graphiteVersion: "1.1"
+         tlsAuth: true
+         tlsAuthWithCACert: true
+      # <string> json object of data that will be encrypted.
+      secureJsonData:
+        tlsCACert: "..."
+        tlsClientCert: "..."
+        tlsClientKey: "..."
+      version: 1
+      # <bool> allow users to edit datasources from the UI.
+      editable: false
+```
+
+## Sidecar for notifiers
+
+If the parameter `sidecar.notifiers.enabled` is set, an init container is deployed in the grafana
+pod. This container lists all secrets (or configmaps, though not recommended) in the cluster and
+filters out the ones with a label as defined in `sidecar.notifiers.label`. The files defined in
+those secrets are written to a folder and accessed by grafana on startup. Using these yaml files,
+the notification channels in grafana can be imported. The secrets must be created before
+`helm install` so that the notifiers init container can list the secrets.
+
+Secrets are recommended over configmaps for this usecase because alert notification channels usually contain
+private data like SMTP usernames and passwords. Secrets are the more appropriate cluster resource to manage those.
+
+Example datasource config adapted from [Grafana](https://grafana.com/docs/grafana/latest/administration/provisioning/#alert-notification-channels):
+
+```yaml
+notifiers:
+  - name: notification-channel-1
+    type: slack
+    uid: notifier1
+    # either
+    org_id: 2
+    # or
+    org_name: Main Org.
+    is_default: true
+    send_reminder: true
+    frequency: 1h
+    disable_resolve_message: false
+    # See `Supported Settings` section for settings supporter for each
+    # alert notification type.
+    settings:
+      recipient: 'XXX'
+      token: 'xoxb'
+      uploadImage: true
+      url: https://slack.com
+
+delete_notifiers:
+  - name: notification-channel-1
+    uid: notifier1
+    org_id: 2
+  - name: notification-channel-2
+    # default org_id: 1
+```
+
+## Sidecar for alerting resources
+
+If the parameter `sidecar.alerts.enabled` is set, a sidecar container is deployed in the grafana
+pod. This container watches all configmaps (or secrets) in the cluster (namespace defined by `sidecar.alerts.searchNamespace`) and filters out the ones with
+a label as defined in `sidecar.alerts.label` (default is `grafana_alert`). The files defined in those configmaps are written
+to a folder and accessed by grafana. Changes to the configmaps are monitored and the imported alerting resources are updated, however, deletions are a little more complicated (see below).
+
+This sidecar can be used to provision alert rules, contact points, notification policies, notification templates and mute timings as shown in [Grafana Documentation](https://grafana.com/docs/grafana/next/alerting/set-up/provision-alerting-resources/file-provisioning/).
+
+To fetch the alert config which will be provisioned, use the alert provisioning API ([Grafana Documentation](https://grafana.com/docs/grafana/next/developers/http_api/alerting_provisioning/)).
+You can use either JSON or YAML format.
+
+Example config for an alert rule:
+
+```yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: sample-grafana-alert
+  labels:
+     grafana_alert: "1"
+data:
+  k8s-alert.yml: |-
+    apiVersion: 1
+    groups:
+        - orgId: 1
+          name: k8s-alert
+          [...]
+```
+
+To delete provisioned alert rules is a two step process, you need to delete the configmap which defined the alert rule
+and then create a configuration which deletes the alert rule.
+
+Example deletion configuration:
+```yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: delete-sample-grafana-alert
+  namespace: monitoring
+  labels:
+    grafana_alert: "1"
+data:
+  delete-k8s-alert.yml: |-
+    apiVersion: 1
+    deleteRules:
+      - orgId: 1
+        uid: 16624780-6564-45dc-825c-8bded4ad92d3
+```
+
+## Statically provision alerting resources
+If you don't need to change alerting resources (alert rules, contact points, notification policies and notification templates) regularly you could use the `alerting` config option instead of the sidecar option above.
+This will grab the alerting config and apply it statically at build time for the helm file.
+
+There are two methods to statically provision alerting configuration in Grafana. Below are some examples and explanations as to how to use each method:
+
+```yaml
+alerting:
+  team1-alert-rules.yaml:
+    file: alerting/team1/rules.yaml
+  team2-alert-rules.yaml:
+    file: alerting/team2/rules.yaml
+  team3-alert-rules.yaml:
+    file: alerting/team3/rules.yaml
+  notification-policies.yaml:
+    file: alerting/shared/notification-policies.yaml
+  notification-templates.yaml:
+    file: alerting/shared/notification-templates.yaml
+  contactpoints.yaml:
+    apiVersion: 1
+    contactPoints:
+      - orgId: 1
+        name: Slack channel
+        receivers:
+          - uid: default-receiver
+            type: slack
+            settings:
+              # Webhook URL to be filled in
+              url: ""
+              # We need to escape double curly braces for the tpl function.
+              text: '{{ `{{ template "default.message" . }}` }}'
+              title: '{{ `{{ template "default.title" . }}` }}'
+```
+
+The two possibilities for static alerting resource provisioning are:
+
+* Inlining the file contents as shown for contact points in the above example.
+* Importing a file using a relative path starting from the chart root directory as shown for the alert rules in the above example.
+
+### Important notes on file provisioning
+
+* The format of the files is defined in the [Grafana documentation](https://grafana.com/docs/grafana/next/alerting/set-up/provision-alerting-resources/file-provisioning/) on file provisioning.
+* The chart supports importing YAML and JSON files.
+* The filename must be unique, otherwise one volume mount will overwrite the other.
+* In case of inlining, double curly braces that arise from the Grafana configuration format and are not intended as templates for the chart must be escaped.
+* The number of total files under `alerting:` is not limited. Each file will end up as a volume mount in the corresponding provisioning folder of the deployed Grafana instance.
+* The file size for each import is limited by what the function `.Files.Get` can handle, which suffices for most cases.
+
+## How to serve Grafana with a path prefix (/grafana)
+
+In order to serve Grafana with a prefix (e.g., <http://example.com/grafana>), add the following to your values.yaml.
+
+```yaml
+ingress:
+  enabled: true
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+    nginx.ingress.kubernetes.io/rewrite-target: /$1
+    nginx.ingress.kubernetes.io/use-regex: "true"
+
+  path: /grafana/?(.*)
+  hosts:
+    - k8s.example.dev
+
+grafana.ini:
+  server:
+    root_url: http://localhost:3000/grafana # this host can be localhost
+```
+
+## How to securely reference secrets in grafana.ini
+
+This example uses Grafana [file providers](https://grafana.com/docs/grafana/latest/administration/configuration/#file-provider) for secret values and the `extraSecretMounts` configuration flag (Additional grafana server secret mounts) to mount the secrets.
+
+In grafana.ini:
+
+```yaml
+grafana.ini:
+  [auth.generic_oauth]
+  enabled = true
+  client_id = $__file{/etc/secrets/auth_generic_oauth/client_id}
+  client_secret = $__file{/etc/secrets/auth_generic_oauth/client_secret}
+```
+
+Existing secret, or created along with helm:
+
+```yaml
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: auth-generic-oauth-secret
+type: Opaque
+stringData:
+  client_id: <value>
+  client_secret: <value>
+```
+
+Include in the `extraSecretMounts` configuration flag:
+
+```yaml
+- extraSecretMounts:
+  - name: auth-generic-oauth-secret-mount
+    secretName: auth-generic-oauth-secret
+    defaultMode: 0440
+    mountPath: /etc/secrets/auth_generic_oauth
+    readOnly: true
+```
+
+### extraSecretMounts using a Container Storage Interface (CSI) provider
+
+This example uses a CSI driver e.g. retrieving secrets using [Azure Key Vault Provider](https://github.com/Azure/secrets-store-csi-driver-provider-azure)
+
+```yaml
+- extraSecretMounts:
+  - name: secrets-store-inline
+    mountPath: /run/secrets
+    readOnly: true
+    csi:
+      driver: secrets-store.csi.k8s.io
+      readOnly: true
+      volumeAttributes:
+        secretProviderClass: "my-provider"
+      nodePublishSecretRef:
+        name: akv-creds
+```
+
+## Image Renderer Plug-In
+
+This chart supports enabling [remote image rendering](https://github.com/grafana/grafana-image-renderer/blob/master/README.md#run-in-docker)
+
+```yaml
+imageRenderer:
+  enabled: true
+```
+
+### Image Renderer NetworkPolicy
+
+By default the image-renderer pods will have a network policy which only allows ingress traffic from the created grafana instance
+
+### High Availability for unified alerting
+
+If you want to run Grafana in a high availability cluster you need to enable
+the headless service by setting `headlessService: true` in your `values.yaml`
+file.
+
+As next step you have to setup the `grafana.ini` in your `values.yaml` in a way
+that it will make use of the headless service to obtain all the IPs of the
+cluster. You should replace ``{{ Name }}`` with the name of your helm deployment.
+
+```yaml
+grafana.ini:
+  ...
+  unified_alerting:
+    enabled: true
+    ha_peers: {{ Name }}-headless:9094
+    ha_listen_address: ${POD_IP}:9094
+    ha_advertise_address: ${POD_IP}:9094
+
+  alerting:
+    enabled: false
+```
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/dashboards/custom-dashboard.json b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/dashboards/custom-dashboard.json
new file mode 100644
index 0000000000..9e26dfeeb6
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/dashboards/custom-dashboard.json
@@ -0,0 +1 @@
+{}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/NOTES.txt b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/NOTES.txt
new file mode 100644
index 0000000000..d86419fe23
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/NOTES.txt
@@ -0,0 +1,55 @@
+1. Get your '{{ .Values.adminUser }}' user password by running:
+
+   kubectl get secret --namespace {{ include "grafana.namespace" . }} {{ .Values.admin.existingSecret | default (include "grafana.fullname" .) }} -o jsonpath="{.data.{{ .Values.admin.passwordKey | default "admin-password" }}}" | base64 --decode ; echo
+
+
+2. The Grafana server can be accessed via port {{ .Values.service.port }} on the following DNS name from within your cluster:
+
+   {{ include "grafana.fullname" . }}.{{ include "grafana.namespace" . }}.svc.cluster.local
+{{ if .Values.ingress.enabled }}
+   If you bind grafana to 80, please update values in values.yaml and reinstall:
+   ```
+   securityContext:
+     runAsUser: 0
+     runAsGroup: 0
+     fsGroup: 0
+
+   command:
+   - "setcap"
+   - "'cap_net_bind_service=+ep'"
+   - "/usr/sbin/grafana-server &&"
+   - "sh"
+   - "/run.sh"
+   ```
+   Details refer to https://grafana.com/docs/installation/configuration/#http-port.
+   Or grafana would always crash.
+
+   From outside the cluster, the server URL(s) are:
+     {{- range .Values.ingress.hosts }}
+     http://{{ . }}
+     {{- end }}
+{{- else }}
+   Get the Grafana URL to visit by running these commands in the same shell:
+   {{- if contains "NodePort" .Values.service.type }}
+     export NODE_PORT=$(kubectl get --namespace {{ include "grafana.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "grafana.fullname" . }})
+     export NODE_IP=$(kubectl get nodes --namespace {{ include "grafana.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+     echo http://$NODE_IP:$NODE_PORT
+   {{- else if contains "LoadBalancer" .Values.service.type }}
+   NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+        You can watch the status of by running 'kubectl get svc --namespace {{ include "grafana.namespace" . }} -w {{ include "grafana.fullname" . }}'
+     export SERVICE_IP=$(kubectl get svc --namespace {{ include "grafana.namespace" . }} {{ include "grafana.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+     http://$SERVICE_IP:{{ .Values.service.port -}}
+   {{- else if contains "ClusterIP"  .Values.service.type }}
+     export POD_NAME=$(kubectl get pods --namespace {{ include "grafana.namespace" . }} -l "app.kubernetes.io/name={{ include "grafana.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+     kubectl --namespace {{ include "grafana.namespace" . }} port-forward $POD_NAME 3000
+   {{- end }}
+{{- end }}
+
+3. Login with the password from step 1 and the username: {{ .Values.adminUser }}
+
+{{- if not .Values.persistence.enabled }}
+#################################################################################
+######   WARNING: Persistence is disabled!!! You will lose your data when   #####
+######            the Grafana pod is terminated.                            #####
+#################################################################################
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/_config.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/_config.tpl
new file mode 100644
index 0000000000..19df19cd2a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/_config.tpl
@@ -0,0 +1,171 @@
+{{/*
+ Generate config map data
+ */}}
+{{- define "grafana.configData" -}}
+{{ include "grafana.assertNoLeakedSecrets" . }}
+{{- $files := .Files }}
+{{- $root := . -}}
+{{- with .Values.plugins }}
+plugins: {{ join "," . }}
+{{- end }}
+grafana.ini: |
+{{- range $elem, $elemVal := index .Values "grafana.ini" }}
+  {{- if not (kindIs "map" $elemVal) }}
+  {{- if kindIs "invalid" $elemVal }}
+  {{ $elem }} =
+  {{- else if kindIs "string" $elemVal }}
+  {{ $elem }} = {{ tpl $elemVal $ }}
+  {{- else }}
+  {{ $elem }} = {{ $elemVal }}
+  {{- end }}
+  {{- end }}
+{{- end }}
+{{- range $key, $value := index .Values "grafana.ini" }}
+  {{- if kindIs "map" $value }}
+  [{{ $key }}]
+  {{- range $elem, $elemVal := $value }}
+  {{- if kindIs "invalid" $elemVal }}
+  {{ $elem }} =
+  {{- else if kindIs "string" $elemVal }}
+  {{ $elem }} = {{ tpl $elemVal $ }}
+  {{- else }}
+  {{ $elem }} = {{ $elemVal }}
+  {{- end }}
+  {{- end }}
+  {{- end }}
+{{- end }}
+
+{{- range $key, $value := .Values.datasources }}
+{{- if not (hasKey $value "secret") }}
+{{ $key }}: |
+  {{- tpl (toYaml $value | nindent 2) $root }}
+{{- end }}
+{{- end }}
+
+{{- range $key, $value := .Values.notifiers }}
+{{- if not (hasKey $value "secret") }}
+{{ $key }}: |
+  {{- toYaml $value | nindent 2 }}
+{{- end }}
+{{- end }}
+
+{{- range $key, $value := .Values.alerting }}
+{{- if (hasKey $value "file") }}
+{{ $key }}:
+{{- toYaml ( $files.Get $value.file ) | nindent 2 }}
+{{- else if (or (hasKey $value "secret") (hasKey $value "secretFile"))}}
+{{/*  will be stored inside secret generated by "configSecret.yaml"*/}}
+{{- else }}
+{{ $key }}: |
+  {{- tpl (toYaml $value | nindent 2) $root }}
+{{- end }}
+{{- end }}
+
+{{- range $key, $value := .Values.dashboardProviders }}
+{{ $key }}: |
+  {{- toYaml $value | nindent 2 }}
+{{- end }}
+
+{{- if .Values.dashboards  }}
+download_dashboards.sh: |
+  #!/usr/bin/env sh
+  set -euf
+  {{- if .Values.dashboardProviders }}
+    {{- range $key, $value := .Values.dashboardProviders }}
+      {{- range $value.providers }}
+  mkdir -p {{ .options.path }}
+      {{- end }}
+    {{- end }}
+  {{- end }}
+{{ $dashboardProviders := .Values.dashboardProviders }}
+{{- range $provider, $dashboards := .Values.dashboards }}
+  {{- range $key, $value := $dashboards }}
+    {{- if (or (hasKey $value "gnetId") (hasKey $value "url")) }}
+  curl -skf \
+  --connect-timeout 60 \
+  --max-time 60 \
+    {{- if not $value.b64content }}
+      {{- if not $value.acceptHeader }}
+  -H "Accept: application/json" \
+      {{- else }}
+  -H "Accept: {{ $value.acceptHeader }}" \
+      {{- end }}
+      {{- if $value.token }}
+  -H "Authorization: token {{ $value.token }}" \
+      {{- end }}
+      {{- if $value.bearerToken }}
+  -H "Authorization: Bearer {{ $value.bearerToken }}" \
+      {{- end }}
+      {{- if $value.basic }}
+  -H "Authorization: Basic {{ $value.basic }}" \
+      {{- end }}
+      {{- if $value.gitlabToken }}
+  -H "PRIVATE-TOKEN: {{ $value.gitlabToken }}" \
+      {{- end }}
+  -H "Content-Type: application/json;charset=UTF-8" \
+    {{- end }}
+  {{- $dpPath := "" -}}
+  {{- range $kd := (index $dashboardProviders "dashboardproviders.yaml").providers }}
+    {{- if eq $kd.name $provider }}
+    {{- $dpPath = $kd.options.path }}
+    {{- end }}
+  {{- end }}
+  {{- if $value.url }}
+    "{{ $value.url }}" \
+  {{- else }}
+    "https://grafana.com/api/dashboards/{{ $value.gnetId }}/revisions/{{- if $value.revision -}}{{ $value.revision }}{{- else -}}1{{- end -}}/download" \
+  {{- end }}
+  {{- if $value.datasource }}
+    {{- if kindIs "string" $value.datasource }}
+    | sed '/-- .* --/! s/"datasource":.*,/"datasource": "{{ $value.datasource }}",/g' \
+    {{- end }}
+    {{- if kindIs "slice" $value.datasource }}
+      {{- range $value.datasource }}
+        | sed '/-- .* --/! s/${{"{"}}{{ .name }}}/{{ .value }}/g' \
+      {{- end }}
+    {{- end }}
+  {{- end }}
+  {{- if $value.b64content }}
+    | base64 -d \
+  {{- end }}
+  > "{{- if $dpPath -}}{{ $dpPath }}{{- else -}}/var/lib/grafana/dashboards/{{ $provider }}{{- end -}}/{{ $key }}.json"
+    {{ end }}
+  {{- end }}
+{{- end }}
+{{- end }}
+{{- end -}}
+
+{{/*
+ Generate dashboard json config map data
+ */}}
+{{- define "grafana.configDashboardProviderData" -}}
+provider.yaml: |-
+  apiVersion: 1
+  providers:
+    - name: '{{ .Values.sidecar.dashboards.provider.name }}'
+      orgId: {{ .Values.sidecar.dashboards.provider.orgid }}
+      {{- if not .Values.sidecar.dashboards.provider.foldersFromFilesStructure }}
+      folder: '{{ .Values.sidecar.dashboards.provider.folder }}'
+      {{- end }}
+      type: {{ .Values.sidecar.dashboards.provider.type }}
+      disableDeletion: {{ .Values.sidecar.dashboards.provider.disableDelete }}
+      allowUiUpdates: {{ .Values.sidecar.dashboards.provider.allowUiUpdates }}
+      updateIntervalSeconds: {{ .Values.sidecar.dashboards.provider.updateIntervalSeconds | default 30 }}
+      options:
+        foldersFromFilesStructure: {{ .Values.sidecar.dashboards.provider.foldersFromFilesStructure }}
+        path: {{ .Values.sidecar.dashboards.folder }}{{- with .Values.sidecar.dashboards.defaultFolderName }}/{{ . }}{{- end }}
+{{- end -}}
+
+{{- define "grafana.secretsData" -}}
+{{- if and (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) (not .Values.admin.existingSecret) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) }}
+admin-user: {{ .Values.adminUser | b64enc | quote }}
+{{- if .Values.adminPassword }}
+admin-password: {{ .Values.adminPassword | b64enc | quote }}
+{{- else }}
+admin-password: {{ include "grafana.password" . }}
+{{- end }}
+{{- end }}
+{{- if not .Values.ldap.existingSecret }}
+ldap-toml: {{ tpl .Values.ldap.config $ | b64enc | quote }}
+{{- end }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/_helpers.tpl
new file mode 100644
index 0000000000..68d2d815d8
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/_helpers.tpl
@@ -0,0 +1,305 @@
+# Rancher
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "grafana.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "grafana.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "grafana.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create the name of the service account
+*/}}
+{{- define "grafana.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "grafana.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{- define "grafana.serviceAccountNameTest" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (print (include "grafana.fullname" .) "-test") .Values.serviceAccount.nameTest }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.nameTest }}
+{{- end }}
+{{- end }}
+
+{{/*
+Allow the release namespace to be overridden for multi-namespace deployments in combined charts
+*/}}
+{{- define "grafana.namespace" -}}
+{{- if .Values.namespaceOverride }}
+{{- .Values.namespaceOverride }}
+{{- else }}
+{{- .Release.Namespace }}
+{{- end }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "grafana.labels" -}}
+helm.sh/chart: {{ include "grafana.chart" . }}
+{{ include "grafana.selectorLabels" . }}
+{{- if or .Chart.AppVersion .Values.image.tag }}
+app.kubernetes.io/version: {{ mustRegexReplaceAllLiteral "@sha.*" .Values.image.tag "" | default .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- with .Values.extraLabels }}
+{{ toYaml . }}
+{{- end }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "grafana.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "grafana.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "grafana.imageRenderer.labels" -}}
+helm.sh/chart: {{ include "grafana.chart" . }}
+{{ include "grafana.imageRenderer.selectorLabels" . }}
+{{- if or .Chart.AppVersion .Values.image.tag }}
+app.kubernetes.io/version: {{ mustRegexReplaceAllLiteral "@sha.*" .Values.image.tag "" | default .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels ImageRenderer
+*/}}
+{{- define "grafana.imageRenderer.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "grafana.name" . }}-image-renderer
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Looks if there's an existing secret and reuse its password. If not it generates
+new password and use it.
+*/}}
+{{- define "grafana.password" -}}
+{{- $secret := (lookup "v1" "Secret" (include "grafana.namespace" .) (include "grafana.fullname" .) ) }}
+{{- if $secret }}
+{{- index $secret "data" "admin-password" }}
+{{- else }}
+{{- (randAlphaNum 40) | b64enc | quote }}
+{{- end }}
+{{- end }}
+
+{{/*
+Return the appropriate apiVersion for rbac.
+*/}}
+{{- define "grafana.rbac.apiVersion" -}}
+{{- if $.Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
+{{- print "rbac.authorization.k8s.io/v1" }}
+{{- else }}
+{{- print "rbac.authorization.k8s.io/v1beta1" }}
+{{- end }}
+{{- end }}
+
+{{/*
+Return the appropriate apiVersion for ingress.
+*/}}
+{{- define "grafana.ingress.apiVersion" -}}
+{{- if and ($.Capabilities.APIVersions.Has "networking.k8s.io/v1") (semverCompare ">= 1.19-0" .Capabilities.KubeVersion.Version) }}
+{{- print "networking.k8s.io/v1" }}
+{{- else if $.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }}
+{{- print "networking.k8s.io/v1beta1" }}
+{{- else }}
+{{- print "extensions/v1beta1" }}
+{{- end }}
+{{- end }}
+
+{{/*
+Return the appropriate apiVersion for Horizontal Pod Autoscaler.
+*/}}
+{{- define "grafana.hpa.apiVersion" -}}
+{{- if .Capabilities.APIVersions.Has "autoscaling/v2" }}  
+{{- print "autoscaling/v2" }}  
+{{- else }}  
+{{- print "autoscaling/v2beta2" }}  
+{{- end }} 
+{{- end }}
+
+{{/*
+Return the appropriate apiVersion for podDisruptionBudget.
+*/}}
+{{- define "grafana.podDisruptionBudget.apiVersion" -}}
+{{- if $.Values.podDisruptionBudget.apiVersion }}
+{{- print $.Values.podDisruptionBudget.apiVersion }}
+{{- else if $.Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" }}
+{{- print "policy/v1" }}
+{{- else }}
+{{- print "policy/v1beta1" }}
+{{- end }}
+{{- end }}
+
+{{/*
+Return if ingress is stable.
+*/}}
+{{- define "grafana.ingress.isStable" -}}
+{{- eq (include "grafana.ingress.apiVersion" .) "networking.k8s.io/v1" }}
+{{- end }}
+
+{{/*
+Return if ingress supports ingressClassName.
+*/}}
+{{- define "grafana.ingress.supportsIngressClassName" -}}
+{{- or (eq (include "grafana.ingress.isStable" .) "true") (and (eq (include "grafana.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" .Capabilities.KubeVersion.Version)) }}
+{{- end }}
+
+{{/*
+Return if ingress supports pathType.
+*/}}
+{{- define "grafana.ingress.supportsPathType" -}}
+{{- or (eq (include "grafana.ingress.isStable" .) "true") (and (eq (include "grafana.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" .Capabilities.KubeVersion.Version)) }}
+{{- end }}
+
+{{/*
+Formats imagePullSecrets. Input is (dict "root" . "imagePullSecrets" .{specific imagePullSecrets})
+*/}}
+{{- define "grafana.imagePullSecrets" -}}
+{{- $root := .root }}
+{{- range (concat .root.Values.global.imagePullSecrets .imagePullSecrets) }}
+{{- if eq (typeOf .) "map[string]interface {}" }}
+- {{ toYaml (dict "name" (tpl .name $root)) | trim }}
+{{- else }}
+- name: {{ tpl . $root }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+
+{{/*
+ Checks whether or not the configSecret secret has to be created
+ */}}
+{{- define "grafana.shouldCreateConfigSecret" -}}
+{{- $secretFound := false -}}
+{{- range $key, $value := .Values.datasources }}
+  {{- if hasKey $value "secret" }}
+    {{- $secretFound = true}}
+  {{- end }}
+{{- end }}
+{{- range $key, $value := .Values.notifiers }}
+  {{- if hasKey $value "secret" }}
+    {{- $secretFound = true}}
+  {{- end }}
+{{- end }}
+{{- range $key, $value := .Values.alerting }}
+  {{- if (or (hasKey $value "secret") (hasKey $value "secretFile")) }}
+    {{- $secretFound = true}}
+  {{- end }}
+{{- end }}
+{{- $secretFound}}
+{{- end -}}
+
+{{/*
+    Checks whether the user is attempting to store secrets in plaintext
+    in the grafana.ini configmap
+*/}}
+{{/* grafana.assertNoLeakedSecrets checks for sensitive keys in values */}}
+{{- define "grafana.assertNoLeakedSecrets" -}}
+      {{- $sensitiveKeysYaml := `
+sensitiveKeys:
+- path: ["database", "password"]
+- path: ["smtp", "password"]
+- path: ["security", "secret_key"]
+- path: ["security", "admin_password"]
+- path: ["auth.basic", "password"]
+- path: ["auth.ldap", "bind_password"]
+- path: ["auth.google", "client_secret"]
+- path: ["auth.github", "client_secret"]
+- path: ["auth.gitlab", "client_secret"]
+- path: ["auth.generic_oauth", "client_secret"]
+- path: ["auth.okta", "client_secret"]
+- path: ["auth.azuread", "client_secret"]
+- path: ["auth.grafana_com", "client_secret"]
+- path: ["auth.grafananet", "client_secret"]
+- path: ["azure", "user_identity_client_secret"]
+- path: ["unified_alerting", "ha_redis_password"]
+- path: ["metrics", "basic_auth_password"]
+- path: ["external_image_storage.s3", "secret_key"]
+- path: ["external_image_storage.webdav", "password"]
+- path: ["external_image_storage.azure_blob", "account_key"]
+` | fromYaml -}}
+  {{- if $.Values.assertNoLeakedSecrets -}}
+      {{- $grafanaIni := index .Values "grafana.ini" -}}
+      {{- range $_, $secret := $sensitiveKeysYaml.sensitiveKeys -}}
+        {{- $currentMap := $grafanaIni -}}
+        {{- $shouldContinue := true -}}
+        {{- range $index, $elem := $secret.path -}}
+          {{- if and $shouldContinue (hasKey $currentMap $elem) -}}
+            {{- if eq (len $secret.path) (add1 $index) -}}
+              {{- if not (regexMatch "\\$(?:__(?:env|file|vault))?{[^}]+}" (index $currentMap $elem)) -}}
+                {{- fail (printf "Sensitive key '%s' should not be defined explicitly in values. Use variable expansion instead. You can disable this client-side validation by changing the value of assertNoLeakedSecrets." (join "." $secret.path)) -}}
+              {{- end -}}
+            {{- else -}}
+              {{- $currentMap = index $currentMap $elem -}}
+            {{- end -}}
+          {{- else -}}
+              {{- $shouldContinue = false -}}
+          {{- end -}}
+        {{- end -}}
+      {{- end -}}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/_pod.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/_pod.tpl
new file mode 100644
index 0000000000..2ebf7d5f10
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/_pod.tpl
@@ -0,0 +1,1296 @@
+{{- define "grafana.pod" -}}
+{{- $sts := list "sts" "StatefulSet" "statefulset" -}}
+{{- $root := . -}}
+{{- with .Values.schedulerName }}
+schedulerName: "{{ . }}"
+{{- end }}
+serviceAccountName: {{ include "grafana.serviceAccountName" . }}
+automountServiceAccountToken: {{ .Values.automountServiceAccountToken }}
+{{- with .Values.securityContext }}
+securityContext:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.hostAliases }}
+hostAliases:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- if .Values.dnsPolicy }}
+dnsPolicy: {{ .Values.dnsPolicy }}
+{{- end }}
+{{- with .Values.dnsConfig }}
+dnsConfig:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.priorityClassName }}
+priorityClassName: {{ . }}
+{{- end }}
+{{- if ( or .Values.persistence.enabled .Values.dashboards .Values.extraInitContainers (and .Values.sidecar.alerts.enabled .Values.sidecar.alerts.initAlerts) (and .Values.sidecar.datasources.enabled .Values.sidecar.datasources.initDatasources) (and .Values.sidecar.notifiers.enabled .Values.sidecar.notifiers.initNotifiers)) }}
+initContainers:
+{{- end }}
+{{- if ( and .Values.persistence.enabled .Values.initChownData.enabled ) }}
+  - name: init-chown-data
+    {{- $registry := include "system_default_registry" . | default .Values.initChownData.image.registry -}}
+    {{- if .Values.initChownData.image.sha }}
+    image: "{{ $registry }}{{ .Values.initChownData.image.repository }}:{{ .Values.initChownData.image.tag }}@sha256:{{ .Values.initChownData.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.initChownData.image.repository }}:{{ .Values.initChownData.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.initChownData.image.pullPolicy }}
+    {{- with .Values.initChownData.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    command:
+      - chown
+      - -R
+      - {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.runAsGroup }}
+      - /var/lib/grafana
+    {{- with .Values.initChownData.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: storage
+        mountPath: "/var/lib/grafana"
+        {{- with .Values.persistence.subPath }}
+        subPath: {{ tpl . $root }}
+        {{- end }}
+{{- end }}
+{{- if .Values.dashboards }}
+  - name: download-dashboards
+    {{- $registry := include "system_default_registry" . | default .Values.downloadDashboardsImage.registry -}}
+    {{- if .Values.downloadDashboardsImage.sha }}
+    image: "{{ $registry }}{{ .Values.downloadDashboardsImage.repository }}:{{ .Values.downloadDashboardsImage.tag }}@sha256:{{ .Values.downloadDashboardsImage.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.downloadDashboardsImage.repository }}:{{ .Values.downloadDashboardsImage.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.downloadDashboardsImage.pullPolicy }}
+    command: ["/bin/sh"]
+    args: [ "-c", "mkdir -p /var/lib/grafana/dashboards/default && /bin/sh -x /etc/grafana/download_dashboards.sh" ]
+    {{- with .Values.downloadDashboards.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    env:
+      {{- range $key, $value := .Values.downloadDashboards.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- range $key, $value := .Values.downloadDashboards.envValueFrom }}
+      - name: {{ $key | quote }}
+        valueFrom:
+          {{- tpl (toYaml $value) $ | nindent 10 }}
+      {{- end }}
+    {{- with .Values.downloadDashboards.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.downloadDashboards.envFromSecret }}
+    envFrom:
+      - secretRef:
+          name: {{ tpl . $root }}
+    {{- end }}
+    volumeMounts:
+      - name: config
+        mountPath: "/etc/grafana/download_dashboards.sh"
+        subPath: download_dashboards.sh
+      - name: storage
+        mountPath: "/var/lib/grafana"
+        {{- with .Values.persistence.subPath }}
+        subPath: {{ tpl . $root }}
+        {{- end }}
+      {{- range .Values.extraSecretMounts }}
+      - name: {{ .name }}
+        mountPath: {{ .mountPath }}
+        readOnly: {{ .readOnly }}
+      {{- end }}
+{{- end }}
+{{- if and .Values.sidecar.alerts.enabled .Values.sidecar.alerts.initAlerts }}
+  - name: {{ include "grafana.name" . }}-init-sc-alerts
+    {{- $registry := include "system_default_registry" . | default .Values.sidecar.image.registry -}}
+    {{- if .Values.sidecar.image.sha }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
+    env:
+      {{- range $key, $value := .Values.sidecar.alerts.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- if .Values.sidecar.alerts.ignoreAlreadyProcessed }}
+      - name: IGNORE_ALREADY_PROCESSED
+        value: "true"
+      {{- end }}
+      - name: METHOD
+        value: "LIST"
+      - name: LABEL
+        value: "{{ .Values.sidecar.alerts.label }}"
+      {{- with .Values.sidecar.alerts.labelValue }}
+      - name: LABEL_VALUE
+        value: {{ quote . }}
+      {{- end }}
+      {{- if or .Values.sidecar.logLevel .Values.sidecar.alerts.logLevel }}
+      - name: LOG_LEVEL
+        value: {{ default .Values.sidecar.logLevel .Values.sidecar.alerts.logLevel }}
+      {{- end }}
+      - name: FOLDER
+        value: "/etc/grafana/provisioning/alerting"
+      - name: RESOURCE
+        value: {{ quote .Values.sidecar.alerts.resource }}
+      {{- with .Values.sidecar.enableUniqueFilenames }}
+      - name: UNIQUE_FILENAMES
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.alerts.searchNamespace }}
+      - name: NAMESPACE
+        value: {{ . | join "," | quote }}
+      {{- end }}
+      {{- with .Values.sidecar.alerts.skipTlsVerify }}
+      - name: SKIP_TLS_VERIFY
+        value: {{ quote . }}
+      {{- end }}
+      {{- with .Values.sidecar.alerts.script }}
+      - name: SCRIPT
+        value: {{ quote . }}
+      {{- end }}
+    {{- with .Values.sidecar.livenessProbe }}
+    livenessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.readinessProbe }}
+    readinessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: sc-alerts-volume
+        mountPath: "/etc/grafana/provisioning/alerting"
+      {{- with .Values.sidecar.alerts.extraMounts }}
+      {{- toYaml . | trim | nindent 6 }}
+      {{- end }}
+{{- end }}
+{{- if and .Values.sidecar.datasources.enabled .Values.sidecar.datasources.initDatasources }}
+  - name: {{ include "grafana.name" . }}-init-sc-datasources
+    {{- $registry := include "system_default_registry" . | default .Values.sidecar.image.registry -}}
+    {{- if .Values.sidecar.image.sha }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
+    env:
+      {{- range $key, $value := .Values.sidecar.datasources.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- if .Values.sidecar.datasources.ignoreAlreadyProcessed }}
+      - name: IGNORE_ALREADY_PROCESSED
+        value: "true"
+      {{- end }}
+      - name: METHOD
+        value: "LIST"
+      - name: LABEL
+        value: "{{ .Values.sidecar.datasources.label }}"
+      {{- with .Values.sidecar.datasources.labelValue }}
+      - name: LABEL_VALUE
+        value: {{ quote . }}
+      {{- end }}
+      {{- if or .Values.sidecar.logLevel .Values.sidecar.datasources.logLevel }}
+      - name: LOG_LEVEL
+        value: {{ default .Values.sidecar.logLevel .Values.sidecar.datasources.logLevel }}
+      {{- end }}
+      - name: FOLDER
+        value: "/etc/grafana/provisioning/datasources"
+      - name: RESOURCE
+        value: {{ quote .Values.sidecar.datasources.resource }}
+      {{- with .Values.sidecar.enableUniqueFilenames }}
+      - name: UNIQUE_FILENAMES
+        value: "{{ . }}"
+      {{- end }}
+      {{- if .Values.sidecar.datasources.searchNamespace }}
+      - name: NAMESPACE
+        value: "{{ tpl (.Values.sidecar.datasources.searchNamespace | join ",") . }}"
+      {{- end }}
+      {{- with .Values.sidecar.skipTlsVerify }}
+      - name: SKIP_TLS_VERIFY
+        value: "{{ . }}"
+      {{- end }}
+    {{- with .Values.sidecar.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: sc-datasources-volume
+        mountPath: "/etc/grafana/provisioning/datasources"
+{{- end }}
+{{- if and .Values.sidecar.notifiers.enabled .Values.sidecar.notifiers.initNotifiers }}
+  - name: {{ include "grafana.name" . }}-init-sc-notifiers
+    {{- $registry := include "system_default_registry" . | default .Values.sidecar.image.registry -}}
+    {{- if .Values.sidecar.image.sha }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
+    env:
+      {{- range $key, $value := .Values.sidecar.notifiers.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- if .Values.sidecar.notifiers.ignoreAlreadyProcessed }}
+      - name: IGNORE_ALREADY_PROCESSED
+        value: "true"
+      {{- end }}
+      - name: METHOD
+        value: LIST
+      - name: LABEL
+        value: "{{ .Values.sidecar.notifiers.label }}"
+      {{- with .Values.sidecar.notifiers.labelValue }}
+      - name: LABEL_VALUE
+        value: {{ quote . }}
+      {{- end }}
+      {{- if or .Values.sidecar.logLevel .Values.sidecar.notifiers.logLevel }}
+      - name: LOG_LEVEL
+        value: {{ default .Values.sidecar.logLevel .Values.sidecar.notifiers.logLevel }}
+      {{- end }}
+      - name: FOLDER
+        value: "/etc/grafana/provisioning/notifiers"
+      - name: RESOURCE
+        value: {{ quote .Values.sidecar.notifiers.resource }}
+      {{- with .Values.sidecar.enableUniqueFilenames }}
+      - name: UNIQUE_FILENAMES
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.notifiers.searchNamespace }}
+      - name: NAMESPACE
+        value: "{{ tpl (. | join ",") $root }}"
+      {{- end }}
+      {{- with .Values.sidecar.skipTlsVerify }}
+      - name: SKIP_TLS_VERIFY
+        value: "{{ . }}"
+      {{- end }}
+    {{- with .Values.sidecar.livenessProbe }}
+    livenessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.readinessProbe }}
+    readinessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: sc-notifiers-volume
+        mountPath: "/etc/grafana/provisioning/notifiers"
+{{- end}}
+{{- with .Values.extraInitContainers }}
+  {{- tpl (toYaml .) $root | nindent 2 }}
+{{- end }}
+{{- if or .Values.image.pullSecrets .Values.global.imagePullSecrets }}
+imagePullSecrets:
+  {{- include "grafana.imagePullSecrets" (dict "root" $root "imagePullSecrets" .Values.image.pullSecrets) | nindent 2 }}
+{{- end }}
+{{- if not .Values.enableKubeBackwardCompatibility }}
+enableServiceLinks: {{ .Values.enableServiceLinks }}
+{{- end }}
+containers:
+{{- if and .Values.sidecar.alerts.enabled (not .Values.sidecar.alerts.initAlerts) }}
+  - name: {{ include "grafana.name" . }}-sc-alerts
+    {{- $registry := include "system_default_registry" . | default .Values.sidecar.image.registry -}}
+    {{- if .Values.sidecar.image.sha }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
+    env:
+      {{- range $key, $value := .Values.sidecar.alerts.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- if .Values.sidecar.alerts.ignoreAlreadyProcessed }}
+      - name: IGNORE_ALREADY_PROCESSED
+        value: "true"
+      {{- end }}
+      - name: METHOD
+        value: {{ .Values.sidecar.alerts.watchMethod }}
+      - name: LABEL
+        value: "{{ .Values.sidecar.alerts.label }}"
+      {{- with .Values.sidecar.alerts.labelValue }}
+      - name: LABEL_VALUE
+        value: {{ quote . }}
+      {{- end }}
+      {{- if or .Values.sidecar.logLevel .Values.sidecar.alerts.logLevel }}
+      - name: LOG_LEVEL
+        value: {{ default .Values.sidecar.logLevel .Values.sidecar.alerts.logLevel }}
+      {{- end }}
+      - name: FOLDER
+        value: "/etc/grafana/provisioning/alerting"
+      - name: RESOURCE
+        value: {{ quote .Values.sidecar.alerts.resource }}
+      {{- with .Values.sidecar.enableUniqueFilenames }}
+      - name: UNIQUE_FILENAMES
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.alerts.searchNamespace }}
+      - name: NAMESPACE
+        value: {{ . | join "," | quote }}
+      {{- end }}
+      {{- with .Values.sidecar.alerts.skipTlsVerify }}
+      - name: SKIP_TLS_VERIFY
+        value: {{ quote . }}
+      {{- end }}
+      {{- with .Values.sidecar.alerts.script }}
+      - name: SCRIPT
+        value: {{ quote . }}
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_USERNAME
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.userKey | default "admin-user" }}
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_PASSWORD
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.passwordKey | default "admin-password" }}
+      {{- end }}
+      {{- if not .Values.sidecar.alerts.skipReload }}
+      - name: REQ_URL
+        value: {{ .Values.sidecar.alerts.reloadURL }}
+      - name: REQ_METHOD
+        value: POST
+      {{- end }}
+      {{- if .Values.sidecar.alerts.watchServerTimeout }}
+      {{- if ne .Values.sidecar.alerts.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.alerts.watchServerTimeout with .Values.sidecar.alerts.watchMethod %s" .Values.sidecar.alerts.watchMethod) }}
+      {{- end }}
+      - name: WATCH_SERVER_TIMEOUT
+        value: "{{ .Values.sidecar.alerts.watchServerTimeout }}"
+      {{- end }}
+      {{- if .Values.sidecar.alerts.watchClientTimeout }}
+      {{- if ne .Values.sidecar.alerts.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.alerts.watchClientTimeout with .Values.sidecar.alerts.watchMethod %s" .Values.sidecar.alerts.watchMethod) }}
+      {{- end }}
+      - name: WATCH_CLIENT_TIMEOUT
+        value: "{{ .Values.sidecar.alerts.watchClientTimeout }}"
+      {{- end }}
+    {{- with .Values.sidecar.livenessProbe }}
+    livenessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.readinessProbe }}
+    readinessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: sc-alerts-volume
+        mountPath: "/etc/grafana/provisioning/alerting"
+      {{- with .Values.sidecar.alerts.extraMounts }}
+      {{- toYaml . | trim | nindent 6 }}
+      {{- end }}
+{{- end}}
+{{- if .Values.sidecar.dashboards.enabled }}
+  - name: {{ include "grafana.name" . }}-sc-dashboard
+    {{- $registry := include "system_default_registry" . | default .Values.sidecar.image.registry -}}
+    {{- if .Values.sidecar.image.sha }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
+    env:
+      {{- range $key, $value := .Values.sidecar.dashboards.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- range $key, $value := .Values.sidecar.datasources.envValueFrom }}
+      - name: {{ $key | quote }}
+        valueFrom:
+          {{- tpl (toYaml $value) $ | nindent 10 }}
+      {{- end }}
+      {{- if .Values.sidecar.dashboards.ignoreAlreadyProcessed }}
+      - name: IGNORE_ALREADY_PROCESSED
+        value: "true"
+      {{- end }}
+      - name: METHOD
+        value: {{ .Values.sidecar.dashboards.watchMethod }}
+      - name: LABEL
+        value: "{{ .Values.sidecar.dashboards.label }}"
+      {{- with .Values.sidecar.dashboards.labelValue }}
+      - name: LABEL_VALUE
+        value: {{ quote . }}
+      {{- end }}
+      {{- if or .Values.sidecar.logLevel .Values.sidecar.dashboards.logLevel }}
+      - name: LOG_LEVEL
+        value: {{ default .Values.sidecar.logLevel .Values.sidecar.dashboards.logLevel }}
+      {{- end }}
+      - name: FOLDER
+        value: "{{ .Values.sidecar.dashboards.folder }}{{- with .Values.sidecar.dashboards.defaultFolderName }}/{{ . }}{{- end }}"
+      - name: RESOURCE
+        value: {{ quote .Values.sidecar.dashboards.resource }}
+      {{- with .Values.sidecar.enableUniqueFilenames }}
+      - name: UNIQUE_FILENAMES
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.dashboards.searchNamespace }}
+      - name: NAMESPACE
+        value: "{{ tpl (. | join ",") $root }}"
+      {{- end }}
+      {{- with .Values.sidecar.skipTlsVerify }}
+      - name: SKIP_TLS_VERIFY
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.dashboards.folderAnnotation }}
+      - name: FOLDER_ANNOTATION
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.dashboards.script }}
+      - name: SCRIPT
+        value: "{{ . }}"
+      {{- end }}
+      {{- if not .Values.sidecar.dashboards.skipReload }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_USERNAME
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.userKey | default "admin-user" }}
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_PASSWORD
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.passwordKey | default "admin-password" }}
+      {{- end }}
+      - name: REQ_URL
+        value: {{ .Values.sidecar.dashboards.reloadURL }}
+      - name: REQ_METHOD
+        value: POST
+      {{- end }}
+      {{- if .Values.sidecar.dashboards.watchServerTimeout }}
+      {{- if ne .Values.sidecar.dashboards.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.dashboards.watchServerTimeout with .Values.sidecar.dashboards.watchMethod %s" .Values.sidecar.dashboards.watchMethod) }}
+      {{- end }}
+      - name: WATCH_SERVER_TIMEOUT
+        value: "{{ .Values.sidecar.dashboards.watchServerTimeout }}"
+      {{- end }}
+      {{- if .Values.sidecar.dashboards.watchClientTimeout }}
+      {{- if ne .Values.sidecar.dashboards.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.dashboards.watchClientTimeout with .Values.sidecar.dashboards.watchMethod %s" .Values.sidecar.dashboards.watchMethod) }}
+      {{- end }}
+      - name: WATCH_CLIENT_TIMEOUT
+        value: {{ .Values.sidecar.dashboards.watchClientTimeout | quote }}
+      {{- end }}
+    {{- with .Values.sidecar.livenessProbe }}
+    livenessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.readinessProbe }}
+    readinessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: sc-dashboard-volume
+        mountPath: {{ .Values.sidecar.dashboards.folder | quote }}
+      {{- with .Values.sidecar.dashboards.extraMounts }}
+      {{- toYaml . | trim | nindent 6 }}
+      {{- end }}
+{{- end}}
+{{- if and .Values.sidecar.datasources.enabled (not .Values.sidecar.datasources.initDatasources) }}
+  - name: {{ include "grafana.name" . }}-sc-datasources
+    {{- $registry := include "system_default_registry" . | default .Values.sidecar.image.registry -}}
+    {{- if .Values.sidecar.image.sha }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
+    env:
+      {{- range $key, $value := .Values.sidecar.datasources.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- if .Values.sidecar.datasources.ignoreAlreadyProcessed }}
+      - name: IGNORE_ALREADY_PROCESSED
+        value: "true"
+      {{- end }}
+      - name: METHOD
+        value: {{ .Values.sidecar.datasources.watchMethod }}
+      - name: LABEL
+        value: "{{ .Values.sidecar.datasources.label }}"
+      {{- with .Values.sidecar.datasources.labelValue }}
+      - name: LABEL_VALUE
+        value: {{ quote . }}
+      {{- end }}
+      {{- if or .Values.sidecar.logLevel .Values.sidecar.datasources.logLevel }}
+      - name: LOG_LEVEL
+        value: {{ default .Values.sidecar.logLevel .Values.sidecar.datasources.logLevel }}
+      {{- end }}
+      - name: FOLDER
+        value: "/etc/grafana/provisioning/datasources"
+      - name: RESOURCE
+        value: {{ quote .Values.sidecar.datasources.resource }}
+      {{- with .Values.sidecar.enableUniqueFilenames }}
+      - name: UNIQUE_FILENAMES
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.datasources.searchNamespace }}
+      - name: NAMESPACE
+        value: "{{ tpl (. | join ",") $root }}"
+      {{- end }}
+      {{- if .Values.sidecar.skipTlsVerify }}
+      - name: SKIP_TLS_VERIFY
+        value: "{{ .Values.sidecar.skipTlsVerify }}"
+      {{- end }}
+      {{- if .Values.sidecar.datasources.script }}
+      - name: SCRIPT
+        value: "{{ .Values.sidecar.datasources.script }}"
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_USERNAME
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.userKey | default "admin-user" }}
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_PASSWORD
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.passwordKey | default "admin-password" }}
+      {{- end }}
+      {{- if not .Values.sidecar.datasources.skipReload }}
+      - name: REQ_URL
+        value: {{ .Values.sidecar.datasources.reloadURL }}
+      - name: REQ_METHOD
+        value: POST
+      {{- end }}
+      {{- if .Values.sidecar.datasources.watchServerTimeout }}
+      {{- if ne .Values.sidecar.datasources.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.datasources.watchServerTimeout with .Values.sidecar.datasources.watchMethod %s" .Values.sidecar.datasources.watchMethod) }}
+      {{- end }}
+      - name: WATCH_SERVER_TIMEOUT
+        value: "{{ .Values.sidecar.datasources.watchServerTimeout }}"
+      {{- end }}
+      {{- if .Values.sidecar.datasources.watchClientTimeout }}
+      {{- if ne .Values.sidecar.datasources.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.datasources.watchClientTimeout with .Values.sidecar.datasources.watchMethod %s" .Values.sidecar.datasources.watchMethod) }}
+      {{- end }}
+      - name: WATCH_CLIENT_TIMEOUT
+        value: "{{ .Values.sidecar.datasources.watchClientTimeout }}"
+      {{- end }}
+    {{- with .Values.sidecar.livenessProbe }}
+    livenessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.readinessProbe }}
+    readinessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: sc-datasources-volume
+        mountPath: "/etc/grafana/provisioning/datasources"
+{{- end}}
+{{- if .Values.sidecar.notifiers.enabled }}
+  - name: {{ include "grafana.name" . }}-sc-notifiers
+    {{- $registry := include "system_default_registry" . | default .Values.sidecar.image.registry -}}
+    {{- if .Values.sidecar.image.sha }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
+    env:
+      {{- range $key, $value := .Values.sidecar.notifiers.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- if .Values.sidecar.notifiers.ignoreAlreadyProcessed }}
+      - name: IGNORE_ALREADY_PROCESSED
+        value: "true"
+      {{- end }}
+      - name: METHOD
+        value: {{ .Values.sidecar.notifiers.watchMethod }}
+      - name: LABEL
+        value: "{{ .Values.sidecar.notifiers.label }}"
+      {{- with .Values.sidecar.notifiers.labelValue }}
+      - name: LABEL_VALUE
+        value: {{ quote . }}
+      {{- end }}
+      {{- if or .Values.sidecar.logLevel .Values.sidecar.notifiers.logLevel }}
+      - name: LOG_LEVEL
+        value: {{ default .Values.sidecar.logLevel .Values.sidecar.notifiers.logLevel }}
+      {{- end }}
+      - name: FOLDER
+        value: "/etc/grafana/provisioning/notifiers"
+      - name: RESOURCE
+        value: {{ quote .Values.sidecar.notifiers.resource }}
+      {{- if .Values.sidecar.enableUniqueFilenames }}
+      - name: UNIQUE_FILENAMES
+        value: "{{ .Values.sidecar.enableUniqueFilenames }}"
+      {{- end }}
+      {{- with .Values.sidecar.notifiers.searchNamespace }}
+      - name: NAMESPACE
+        value: "{{ tpl (. | join ",") $root }}"
+      {{- end }}
+      {{- with .Values.sidecar.skipTlsVerify }}
+      - name: SKIP_TLS_VERIFY
+        value: "{{ . }}"
+      {{- end }}
+      {{- if .Values.sidecar.notifiers.script }}
+      - name: SCRIPT
+        value: "{{ .Values.sidecar.notifiers.script }}"
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_USERNAME
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.userKey | default "admin-user" }}
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_PASSWORD
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.passwordKey | default "admin-password" }}
+      {{- end }}
+      {{- if not .Values.sidecar.notifiers.skipReload }}
+      - name: REQ_URL
+        value: {{ .Values.sidecar.notifiers.reloadURL }}
+      - name: REQ_METHOD
+        value: POST
+      {{- end }}
+      {{- if .Values.sidecar.notifiers.watchServerTimeout }}
+      {{- if ne .Values.sidecar.notifiers.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.notifiers.watchServerTimeout with .Values.sidecar.notifiers.watchMethod %s" .Values.sidecar.notifiers.watchMethod) }}
+      {{- end }}
+      - name: WATCH_SERVER_TIMEOUT
+        value: "{{ .Values.sidecar.notifiers.watchServerTimeout }}"
+      {{- end }}
+      {{- if .Values.sidecar.notifiers.watchClientTimeout }}
+      {{- if ne .Values.sidecar.notifiers.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.notifiers.watchClientTimeout with .Values.sidecar.notifiers.watchMethod %s" .Values.sidecar.notifiers.watchMethod) }}
+      {{- end }}
+      - name: WATCH_CLIENT_TIMEOUT
+        value: "{{ .Values.sidecar.notifiers.watchClientTimeout }}"
+      {{- end }}
+    {{- with .Values.sidecar.livenessProbe }}
+    livenessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.readinessProbe }}
+    readinessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: sc-notifiers-volume
+        mountPath: "/etc/grafana/provisioning/notifiers"
+{{- end}}
+{{- if .Values.sidecar.plugins.enabled }}
+  - name: {{ include "grafana.name" . }}-sc-plugins
+    {{- $registry := include "system_default_registry" . | default .Values.sidecar.image.registry -}}
+    {{- if .Values.sidecar.image.sha }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
+    env:
+      {{- range $key, $value := .Values.sidecar.plugins.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- if .Values.sidecar.plugins.ignoreAlreadyProcessed }}
+      - name: IGNORE_ALREADY_PROCESSED
+        value: "true"
+      {{- end }}
+      - name: METHOD
+        value: {{ .Values.sidecar.plugins.watchMethod }}
+      - name: LABEL
+        value: "{{ .Values.sidecar.plugins.label }}"
+      {{- if .Values.sidecar.plugins.labelValue }}
+      - name: LABEL_VALUE
+        value: {{ quote .Values.sidecar.plugins.labelValue }}
+      {{- end }}
+      {{- if or .Values.sidecar.logLevel .Values.sidecar.plugins.logLevel }}
+      - name: LOG_LEVEL
+        value: {{ default .Values.sidecar.logLevel .Values.sidecar.plugins.logLevel }}
+      {{- end }}
+      - name: FOLDER
+        value: "/etc/grafana/provisioning/plugins"
+      - name: RESOURCE
+        value: {{ quote .Values.sidecar.plugins.resource }}
+      {{- with .Values.sidecar.enableUniqueFilenames }}
+      - name: UNIQUE_FILENAMES
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.plugins.searchNamespace }}
+      - name: NAMESPACE
+        value: "{{ tpl (. | join ",") $root }}"
+      {{- end }}
+      {{- with .Values.sidecar.plugins.script }}
+      - name: SCRIPT
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.skipTlsVerify }}
+      - name: SKIP_TLS_VERIFY
+        value: "{{ . }}"
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_USERNAME
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.userKey | default "admin-user" }}
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_PASSWORD
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.passwordKey | default "admin-password" }}
+      {{- end }}
+      {{- if not .Values.sidecar.plugins.skipReload }}
+      - name: REQ_URL
+        value: {{ .Values.sidecar.plugins.reloadURL }}
+      - name: REQ_METHOD
+        value: POST
+      {{- end }}
+      {{- if .Values.sidecar.plugins.watchServerTimeout }}
+      {{- if ne .Values.sidecar.plugins.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.plugins.watchServerTimeout with .Values.sidecar.plugins.watchMethod %s" .Values.sidecar.plugins.watchMethod) }}
+      {{- end }}
+      - name: WATCH_SERVER_TIMEOUT
+        value: "{{ .Values.sidecar.plugins.watchServerTimeout }}"
+      {{- end }}
+      {{- if .Values.sidecar.plugins.watchClientTimeout }}
+      {{- if ne .Values.sidecar.plugins.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.plugins.watchClientTimeout with .Values.sidecar.plugins.watchMethod %s" .Values.sidecar.plugins.watchMethod) }}
+      {{- end }}
+      - name: WATCH_CLIENT_TIMEOUT
+        value: "{{ .Values.sidecar.plugins.watchClientTimeout }}"
+      {{- end }}
+    {{- with .Values.sidecar.livenessProbe }}
+    livenessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.readinessProbe }}
+    readinessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: sc-plugins-volume
+        mountPath: "/etc/grafana/provisioning/plugins"
+{{- end}}
+  - name: {{ .Chart.Name }}
+    {{- $registry := include "system_default_registry" . | default .Values.image.registry -}}
+    {{- if .Values.image.sha }}
+    image: "{{ $registry }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}@sha256:{{ .Values.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.image.pullPolicy }}
+    {{- if .Values.command }}
+    command:
+    {{- range .Values.command }}
+      - {{ . | quote }}
+    {{- end }}
+    {{- end }}
+    {{- if .Values.args }}
+    args:
+    {{- range .Values.args }}
+      - {{ . | quote }}
+    {{- end }}
+    {{- end }}
+    {{- with .Values.containerSecurityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: config
+        mountPath: "/etc/grafana/grafana.ini"
+        subPath: grafana.ini
+      {{- if .Values.ldap.enabled }}
+      - name: ldap
+        mountPath: "/etc/grafana/ldap.toml"
+        subPath: ldap.toml
+      {{- end }}
+      {{- range .Values.extraConfigmapMounts }}
+      - name: {{ tpl .name $root }}
+        mountPath: {{ tpl .mountPath $root }}
+        subPath: {{ tpl (.subPath | default "") $root }}
+        readOnly: {{ .readOnly }}
+      {{- end }}
+      - name: storage
+        mountPath: "/var/lib/grafana"
+        {{- with .Values.persistence.subPath }}
+        subPath: {{ tpl . $root }}
+        {{- end }}
+      {{- with .Values.dashboards }}
+      {{- range $provider, $dashboards := . }}
+      {{- range $key, $value := $dashboards }}
+      {{- if (or (hasKey $value "json") (hasKey $value "file")) }}
+      - name: dashboards-{{ $provider }}
+        mountPath: "/var/lib/grafana/dashboards/{{ $provider }}/{{ $key }}.json"
+        subPath: "{{ $key }}.json"
+      {{- end }}
+      {{- end }}
+      {{- end }}
+      {{- end }}
+      {{- with .Values.dashboardsConfigMaps }}
+      {{- range (keys . | sortAlpha) }}
+      - name: dashboards-{{ . }}
+        mountPath: "/var/lib/grafana/dashboards/{{ . }}"
+      {{- end }}
+      {{- end }}
+      {{- with .Values.datasources }}
+      {{- $datasources := . }}
+      {{- range (keys . | sortAlpha) }}
+      {{- if (or (hasKey (index $datasources .) "secret")) }} {{/*check if current datasource should be handeled as secret */}}
+      - name: config-secret
+        mountPath: "/etc/grafana/provisioning/datasources/{{ . }}"
+        subPath: {{ . | quote }}
+      {{- else }}
+      - name: config
+        mountPath: "/etc/grafana/provisioning/datasources/{{ . }}"
+        subPath: {{ . | quote }}
+      {{- end }}
+      {{- end }}
+      {{- end }}
+      {{- with .Values.notifiers }}
+      {{- $notifiers := . }}
+      {{- range (keys . | sortAlpha) }}
+      {{- if (or (hasKey (index $notifiers .) "secret")) }} {{/*check if current notifier should be handeled as secret */}}
+      - name: config-secret
+        mountPath: "/etc/grafana/provisioning/notifiers/{{ . }}"
+        subPath: {{ . | quote }}
+      {{- else }}
+      - name: config
+        mountPath: "/etc/grafana/provisioning/notifiers/{{ . }}"
+        subPath: {{ . | quote }}
+      {{- end }}
+      {{- end }}
+      {{- end }}
+      {{- with .Values.alerting }}
+      {{- $alertingmap := .}}
+      {{- range (keys . | sortAlpha) }}
+      {{- if (or (hasKey (index $.Values.alerting .) "secret") (hasKey (index $.Values.alerting .) "secretFile")) }} {{/*check if current alerting entry should be handeled as secret */}}
+      - name: config-secret
+        mountPath: "/etc/grafana/provisioning/alerting/{{ . }}"
+        subPath: {{ . | quote }}
+      {{- else }}
+      - name: config
+        mountPath: "/etc/grafana/provisioning/alerting/{{ . }}"
+        subPath: {{ . | quote }}
+      {{- end }}
+      {{- end }}
+      {{- end }}
+      {{- with .Values.dashboardProviders }}
+      {{- range (keys . | sortAlpha) }}
+      - name: config
+        mountPath: "/etc/grafana/provisioning/dashboards/{{ . }}"
+        subPath: {{ . | quote }}
+      {{- end }}
+      {{- end }}
+      {{- with .Values.sidecar.alerts.enabled }}
+      - name: sc-alerts-volume
+        mountPath: "/etc/grafana/provisioning/alerting"
+      {{- end}}
+      {{- if .Values.sidecar.dashboards.enabled }}
+      - name: sc-dashboard-volume
+        mountPath: {{ .Values.sidecar.dashboards.folder | quote }}
+      {{- if .Values.sidecar.dashboards.SCProvider }}
+      - name: sc-dashboard-provider
+        mountPath: "/etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml"
+        subPath: provider.yaml
+      {{- end}}
+      {{- end}}
+      {{- if .Values.sidecar.datasources.enabled }}
+      - name: sc-datasources-volume
+        mountPath: "/etc/grafana/provisioning/datasources"
+      {{- end}}
+      {{- if .Values.sidecar.plugins.enabled }}
+      - name: sc-plugins-volume
+        mountPath: "/etc/grafana/provisioning/plugins"
+      {{- end}}
+      {{- if .Values.sidecar.notifiers.enabled }}
+      - name: sc-notifiers-volume
+        mountPath: "/etc/grafana/provisioning/notifiers"
+      {{- end}}
+      {{- range .Values.extraSecretMounts }}
+      - name: {{ .name }}
+        mountPath: {{ .mountPath }}
+        readOnly: {{ .readOnly }}
+        subPath: {{ .subPath | default "" }}
+      {{- end }}
+      {{- range .Values.extraVolumeMounts }}
+      - name: {{ .name }}
+        mountPath: {{ .mountPath }}
+        subPath: {{ .subPath | default "" }}
+        readOnly: {{ .readOnly }}
+      {{- end }}
+      {{- range .Values.extraEmptyDirMounts }}
+      - name: {{ .name }}
+        mountPath: {{ .mountPath }}
+      {{- end }}
+    ports:
+      - name: {{ .Values.podPortName }}
+        containerPort: {{ .Values.service.targetPort }}
+        protocol: TCP
+      - name: {{ .Values.gossipPortName }}-tcp
+        containerPort: 9094
+        protocol: TCP
+      - name: {{ .Values.gossipPortName }}-udp
+        containerPort: 9094
+        protocol: UDP
+    env:
+      - name: POD_IP
+        valueFrom:
+          fieldRef:
+            fieldPath: status.podIP
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: GF_SECURITY_ADMIN_USER
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.userKey | default "admin-user" }}
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: GF_SECURITY_ADMIN_PASSWORD
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.passwordKey | default "admin-password" }}
+      {{- end }}
+      {{- if .Values.plugins }}
+      - name: GF_INSTALL_PLUGINS
+        valueFrom:
+          configMapKeyRef:
+            name: {{ include "grafana.fullname" . }}
+            key: plugins
+      {{- end }}
+      {{- if .Values.smtp.existingSecret }}
+      - name: GF_SMTP_USER
+        valueFrom:
+          secretKeyRef:
+            name: {{ .Values.smtp.existingSecret }}
+            key: {{ .Values.smtp.userKey | default "user" }}
+      - name: GF_SMTP_PASSWORD
+        valueFrom:
+          secretKeyRef:
+            name: {{ .Values.smtp.existingSecret }}
+            key: {{ .Values.smtp.passwordKey | default "password" }}
+      {{- end }}
+      {{- if .Values.imageRenderer.enabled }}
+      - name: GF_RENDERING_SERVER_URL
+        value: http://{{ include "grafana.fullname" . }}-image-renderer.{{ include "grafana.namespace" . }}:{{ .Values.imageRenderer.service.port }}/render
+      - name: GF_RENDERING_CALLBACK_URL
+        value: {{ .Values.imageRenderer.grafanaProtocol }}://{{ include "grafana.fullname" . }}.{{ include "grafana.namespace" . }}:{{ .Values.service.port }}/{{ .Values.imageRenderer.grafanaSubPath }}
+      {{- end }}
+      - name: GF_PATHS_DATA
+        value: {{ (get .Values "grafana.ini").paths.data }}
+      - name: GF_PATHS_LOGS
+        value: {{ (get .Values "grafana.ini").paths.logs }}
+      - name: GF_PATHS_PLUGINS
+        value: {{ (get .Values "grafana.ini").paths.plugins }}
+      - name: GF_PATHS_PROVISIONING
+        value: {{ (get .Values "grafana.ini").paths.provisioning }}
+      {{- range $key, $value := .Values.envValueFrom }}
+      - name: {{ $key | quote }}
+        valueFrom:
+          {{- tpl (toYaml $value) $ | nindent 10 }}
+      {{- end }}
+      {{- range $key, $value := .Values.env }}
+      - name: "{{ tpl $key $ }}"
+        value: "{{ tpl (print $value) $ }}"
+      {{- end }}
+    {{- if or .Values.envFromSecret (or .Values.envRenderSecret .Values.envFromSecrets) .Values.envFromConfigMaps }}
+    envFrom:
+      {{- if .Values.envFromSecret }}
+      - secretRef:
+          name: {{ tpl .Values.envFromSecret . }}
+      {{- end }}
+      {{- if .Values.envRenderSecret }}
+      - secretRef:
+          name: {{ include "grafana.fullname" . }}-env
+      {{- end }}
+      {{- range .Values.envFromSecrets }}
+      - secretRef:
+          name: {{ tpl .name $ }}
+          optional: {{ .optional | default false }}
+        {{- if .prefix }}
+        prefix: {{ tpl .prefix $ }}
+        {{- end }}
+      {{- end }}
+      {{- range .Values.envFromConfigMaps }}
+      - configMapRef:
+          name: {{ tpl .name $ }}
+          optional: {{ .optional | default false }}
+        {{- if .prefix }}
+        prefix: {{ tpl .prefix $ }}
+        {{- end }}
+      {{- end }}
+    {{- end }}
+    {{- with .Values.livenessProbe }}
+    livenessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.readinessProbe }}
+    readinessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.lifecycleHooks }}
+    lifecycle:
+      {{- tpl (toYaml .) $root | nindent 6 }}
+    {{- end }}
+    {{- with .Values.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+{{- with .Values.extraContainers }}
+  {{- tpl . $ | nindent 2 }}
+{{- end }}
+nodeSelector: {{ include "linux-node-selector" . | nindent 2 }}
+{{- with .Values.nodeSelector }}
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.affinity }}
+affinity:
+  {{- tpl (toYaml .) $root | nindent 2 }}
+{{- end }}
+{{- with .Values.topologySpreadConstraints }}
+topologySpreadConstraints:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+tolerations: {{ include "linux-node-tolerations" . | nindent 2 }}
+{{- with .Values.tolerations }}
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+volumes:
+  - name: config
+    configMap:
+      name: {{ include "grafana.fullname" . }}
+  {{- $createConfigSecret := eq (include "grafana.shouldCreateConfigSecret" .) "true" -}}
+  {{- if and .Values.createConfigmap $createConfigSecret }}
+  - name: config-secret
+    secret:
+      secretName: {{ include "grafana.fullname" . }}-config-secret
+  {{- end }}
+  {{- range .Values.extraConfigmapMounts }}
+  - name: {{ tpl .name $root }}
+    configMap:
+      name: {{ tpl .configMap $root }}
+      {{- with .items }}
+      items:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+  {{- end }}
+  {{- if .Values.dashboards }}
+  {{- range (keys .Values.dashboards | sortAlpha) }}
+  - name: dashboards-{{ . }}
+    configMap:
+      name: {{ include "grafana.fullname" $ }}-dashboards-{{ . }}
+  {{- end }}
+  {{- end }}
+  {{- if .Values.dashboardsConfigMaps }}
+  {{- range $provider, $name := .Values.dashboardsConfigMaps }}
+  - name: dashboards-{{ $provider }}
+    configMap:
+      name: {{ tpl $name $root }}
+  {{- end }}
+  {{- end }}
+  {{- if .Values.ldap.enabled }}
+  - name: ldap
+    secret:
+      {{- if .Values.ldap.existingSecret }}
+      secretName: {{ .Values.ldap.existingSecret }}
+      {{- else }}
+      secretName: {{ include "grafana.fullname" . }}
+      {{- end }}
+      items:
+        - key: ldap-toml
+          path: ldap.toml
+  {{- end }}
+  {{- if and .Values.persistence.enabled (eq .Values.persistence.type "pvc") }}
+  - name: storage
+    persistentVolumeClaim:
+      claimName: {{ tpl (.Values.persistence.existingClaim | default (include "grafana.fullname" .)) . }}
+  {{- else if and .Values.persistence.enabled (has .Values.persistence.type $sts) }}
+  {{/* nothing */}}
+  {{- else }}
+  - name: storage
+    {{- if .Values.persistence.inMemory.enabled }}
+    emptyDir:
+      medium: Memory
+      {{- with .Values.persistence.inMemory.sizeLimit }}
+      sizeLimit: {{ . }}
+      {{- end }}
+    {{- else }}
+    emptyDir: {}
+    {{- end }}
+  {{- end }}
+  {{- if .Values.sidecar.alerts.enabled }}
+  - name: sc-alerts-volume
+    emptyDir:
+      {{- with .Values.sidecar.alerts.sizeLimit }}
+      sizeLimit: {{ . }}
+      {{- else }}
+      {}
+      {{- end }}
+  {{- end }}
+  {{- if .Values.sidecar.dashboards.enabled }}
+  - name: sc-dashboard-volume
+    emptyDir:
+      {{- with .Values.sidecar.dashboards.sizeLimit }}
+      sizeLimit: {{ . }}
+      {{- else }}
+      {}
+      {{- end }}
+  {{- if .Values.sidecar.dashboards.SCProvider }}
+  - name: sc-dashboard-provider
+    configMap:
+      name: {{ include "grafana.fullname" . }}-config-dashboards
+  {{- end }}
+  {{- end }}
+  {{- if .Values.sidecar.datasources.enabled }}
+  - name: sc-datasources-volume
+    emptyDir:
+      {{- with .Values.sidecar.datasources.sizeLimit }}
+      sizeLimit: {{ . }}
+      {{- else }}
+      {}
+      {{- end }}
+  {{- end }}
+  {{- if .Values.sidecar.plugins.enabled }}
+  - name: sc-plugins-volume
+    emptyDir:
+      {{- with .Values.sidecar.plugins.sizeLimit }}
+      sizeLimit: {{ . }}
+      {{- else }}
+      {}
+      {{- end }}
+  {{- end }}
+  {{- if .Values.sidecar.notifiers.enabled }}
+  - name: sc-notifiers-volume
+    emptyDir:
+      {{- with .Values.sidecar.notifiers.sizeLimit }}
+      sizeLimit: {{ . }}
+      {{- else }}
+      {}
+      {{- end }}
+  {{- end }}
+  {{- range .Values.extraSecretMounts }}
+  {{- if .secretName }}
+  - name: {{ .name }}
+    secret:
+      secretName: {{ .secretName }}
+      defaultMode: {{ .defaultMode }}
+      {{- with .items }}
+      items:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+  {{- else if .projected }}
+  - name: {{ .name }}
+    projected:
+      {{- toYaml .projected | nindent 6 }}
+  {{- else if .csi }}
+  - name: {{ .name }}
+    csi:
+      {{- toYaml .csi | nindent 6 }}
+  {{- end }}
+  {{- end }}
+  {{- range .Values.extraVolumes }}
+  - name: {{ .name }}
+    {{- if .existingClaim }}
+    persistentVolumeClaim:
+      claimName: {{ .existingClaim }}
+    {{- else if .hostPath }}
+    hostPath:
+      {{ toYaml .hostPath | nindent 6 }}
+    {{- else if .csi }}
+    csi:
+      {{- toYaml .csi | nindent 6 }}
+    {{- else if .configMap }}
+    configMap:
+      {{- toYaml .configMap | nindent 6 }}
+    {{- else if .emptyDir }}
+    emptyDir:
+      {{- toYaml .emptyDir | nindent 6 }}
+    {{- else }}
+    emptyDir: {}
+    {{- end }}
+  {{- end }}
+  {{- range .Values.extraEmptyDirMounts }}
+  - name: {{ .name }}
+    emptyDir: {}
+  {{- end }}
+  {{- with .Values.extraContainerVolumes }}
+  {{- tpl (toYaml .) $root | nindent 2 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/clusterrole.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/clusterrole.yaml
new file mode 100644
index 0000000000..3af4b62b63
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/clusterrole.yaml
@@ -0,0 +1,25 @@
+{{- if and .Values.rbac.create (or (not .Values.rbac.namespaced) .Values.rbac.extraClusterRoleRules) (not .Values.rbac.useExistingClusterRole) }}
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  name: {{ include "grafana.fullname" . }}-clusterrole
+{{- if or .Values.sidecar.dashboards.enabled .Values.rbac.extraClusterRoleRules .Values.sidecar.datasources.enabled .Values.sidecar.plugins.enabled .Values.sidecar.alerts.enabled }}
+rules:
+  {{- if or .Values.sidecar.dashboards.enabled .Values.sidecar.datasources.enabled .Values.sidecar.plugins.enabled .Values.sidecar.alerts.enabled }}
+  - apiGroups: [""] # "" indicates the core API group
+    resources: ["configmaps", "secrets"]
+    verbs: ["get", "watch", "list"]
+  {{- end}}
+  {{- with .Values.rbac.extraClusterRoleRules }}
+  {{- toYaml . | nindent 2 }}
+  {{- end}}
+{{- else }}
+rules: []
+{{- end}}
+{{- end}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/clusterrolebinding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000000..bda9431a2c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/clusterrolebinding.yaml
@@ -0,0 +1,24 @@
+{{- if and .Values.rbac.create (or (not .Values.rbac.namespaced) .Values.rbac.extraClusterRoleRules) }}
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ include "grafana.fullname" . }}-clusterrolebinding
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "grafana.serviceAccountName" . }}
+    namespace: {{ include "grafana.namespace" . }}
+roleRef:
+  kind: ClusterRole
+  {{- if .Values.rbac.useExistingClusterRole }}
+  name: {{ .Values.rbac.useExistingClusterRole }}
+  {{- else }}
+  name: {{ include "grafana.fullname" . }}-clusterrole
+  {{- end }}
+  apiGroup: rbac.authorization.k8s.io
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/configSecret.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/configSecret.yaml
new file mode 100644
index 0000000000..55574b9bbc
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/configSecret.yaml
@@ -0,0 +1,43 @@
+{{- $createConfigSecret := eq (include "grafana.shouldCreateConfigSecret" .) "true" -}}
+{{- if and .Values.createConfigmap $createConfigSecret }}
+{{- $files := .Files }}
+{{- $root := . -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: "{{ include "grafana.fullname" . }}-config-secret"
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+      {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+data:
+{{- range $key, $value := .Values.alerting }}
+  {{- if (hasKey $value "secretFile") }}
+  {{- $key | nindent 2 }}:
+    {{- toYaml ( $files.Get $value.secretFile ) | b64enc | nindent 4}}
+  {{/* as of https://helm.sh/docs/chart_template_guide/accessing_files/ this will only work if you fork this chart and add files to it*/}}
+  {{- end }}
+{{- end }}
+stringData:
+{{- range $key, $value := .Values.datasources }}
+{{- if (hasKey $value "secret") }}
+{{- $key | nindent 2 }}: |
+  {{- tpl (toYaml $value.secret | nindent 4) $root }}
+{{- end }}
+{{- end }}
+{{- range $key, $value := .Values.notifiers }}
+{{- if (hasKey $value "secret") }}
+{{- $key | nindent 2 }}: |
+  {{- tpl (toYaml $value.secret | nindent 4) $root }}
+{{- end }}
+{{- end }}
+{{- range $key, $value := .Values.alerting }}
+{{ if (hasKey $value "secret") }}
+  {{- $key | nindent 2 }}: |
+    {{- tpl (toYaml $value.secret | nindent 4) $root }}
+  {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/configmap-dashboard-provider.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/configmap-dashboard-provider.yaml
new file mode 100644
index 0000000000..b412c4d1f0
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/configmap-dashboard-provider.yaml
@@ -0,0 +1,15 @@
+{{- if and .Values.sidecar.dashboards.enabled .Values.sidecar.dashboards.SCProvider }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  name: {{ include "grafana.fullname" . }}-config-dashboards
+  namespace: {{ include "grafana.namespace" . }}
+data:
+  {{- include "grafana.configDashboardProviderData" . | nindent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/configmap.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/configmap.yaml
new file mode 100644
index 0000000000..7d7428be51
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/configmap.yaml
@@ -0,0 +1,15 @@
+{{- if .Values.createConfigmap }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+data:
+  {{- include "grafana.configData" . | nindent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/dashboards-json-configmap.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/dashboards-json-configmap.yaml
new file mode 100644
index 0000000000..b96ce72026
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/dashboards-json-configmap.yaml
@@ -0,0 +1,38 @@
+{{- if .Values.dashboards }}
+{{ $files := .Files }}
+{{- range $provider, $dashboards := .Values.dashboards }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "grafana.fullname" $ }}-dashboards-{{ $provider }}
+  namespace: {{ include "grafana.namespace" $ }}
+  labels:
+    {{- include "grafana.labels" $ | nindent 4 }}
+    dashboard-provider: {{ $provider }}
+    {{- if $.Values.sidecar.dashboards.enabled }}
+    {{ $.Values.sidecar.dashboards.label }}: {{ $.Values.sidecar.dashboards.labelValue | quote }}
+    {{- end }}
+{{- if $dashboards }}
+data:
+{{- $dashboardFound := false }}
+{{- range $key, $value := $dashboards }}
+{{- if (or (hasKey $value "json") (hasKey $value "file")) }}
+{{- $dashboardFound = true }}
+  {{- print $key | nindent 2 }}.json:
+    {{- if hasKey $value "json" }}
+    |-
+      {{- $value.json | nindent 6 }}
+    {{- end }}
+    {{- if hasKey $value "file" }}
+    {{- toYaml ( $files.Get $value.file ) | nindent 4}}
+    {{- end }}
+{{- end }}
+{{- end }}
+{{- if not $dashboardFound }}
+  {}
+{{- end }}
+{{- end }}
+---
+{{- end }}
+
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/deployment.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/deployment.yaml
new file mode 100644
index 0000000000..46c016faa3
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/deployment.yaml
@@ -0,0 +1,53 @@
+{{- if (and (not .Values.useStatefulSet) (or (not .Values.persistence.enabled) (eq .Values.persistence.type "pvc"))) }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+    {{- with .Values.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if and (not .Values.autoscaling.enabled) (.Values.replicas) }}
+  replicas: {{ .Values.replicas }}
+  {{- end }}
+  revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
+  selector:
+    matchLabels:
+      {{- include "grafana.selectorLabels" . | nindent 6 }}
+  {{- with .Values.deploymentStrategy }}
+  strategy:
+    {{- toYaml . | trim | nindent 4 }}
+  {{- end }}
+  template:
+    metadata:
+      labels:
+        {{- include "grafana.selectorLabels" . | nindent 8 }}
+        {{- with .Values.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+      annotations:
+        checksum/config: {{ include "grafana.configData" . | sha256sum }}
+        {{- if .Values.dashboards }}
+        checksum/dashboards-json-config: {{ include (print $.Template.BasePath "/dashboards-json-configmap.yaml") . | sha256sum }}
+        {{- end }}
+        checksum/sc-dashboard-provider-config: {{ include "grafana.configDashboardProviderData" . | sha256sum }}
+        {{- if and (or (and (not .Values.admin.existingSecret) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD)) (and .Values.ldap.enabled (not .Values.ldap.existingSecret))) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+        checksum/secret: {{ include "grafana.secretsData" . | sha256sum }}
+        {{- end }}
+        {{- if .Values.envRenderSecret }}
+        checksum/secret-env: {{ tpl (toYaml .Values.envRenderSecret) . | sha256sum }}
+        {{- end }}
+        kubectl.kubernetes.io/default-container: {{ .Chart.Name }}
+        {{- with .Values.podAnnotations }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- include "grafana.pod" . | nindent 6 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/extra-manifests.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/extra-manifests.yaml
new file mode 100644
index 0000000000..a9bb3b6ba8
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/extra-manifests.yaml
@@ -0,0 +1,4 @@
+{{ range .Values.extraObjects }}
+---
+{{ tpl (toYaml .) $ }}
+{{ end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/headless-service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/headless-service.yaml
new file mode 100644
index 0000000000..3028589d32
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/headless-service.yaml
@@ -0,0 +1,22 @@
+{{- $sts := list "sts" "StatefulSet" "statefulset" -}}
+{{- if or .Values.headlessService (and .Values.persistence.enabled (not .Values.persistence.existingClaim) (has .Values.persistence.type $sts)) }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "grafana.fullname" . }}-headless
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  clusterIP: None
+  selector:
+    {{- include "grafana.selectorLabels" . | nindent 4 }}
+  type: ClusterIP
+  ports:
+  - name: {{ .Values.gossipPortName }}-tcp
+    port: 9094
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/hpa.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/hpa.yaml
new file mode 100644
index 0000000000..46bbcb49a2
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/hpa.yaml
@@ -0,0 +1,52 @@
+{{- $sts := list "sts" "StatefulSet" "statefulset" -}}
+{{- if .Values.autoscaling.enabled }}
+apiVersion: {{ include "grafana.hpa.apiVersion" . }}
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "grafana.name" . }}
+    helm.sh/chart: {{ include "grafana.chart" . }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    {{- if has .Values.persistence.type $sts }}
+    kind: StatefulSet
+    {{- else }}
+    kind: Deployment
+    {{- end }}
+    name: {{ include "grafana.fullname" . }}
+  minReplicas: {{ .Values.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.autoscaling.targetMemory }}
+    - type: Resource
+      resource:
+        name: memory
+        {{- if eq (include "grafana.hpa.apiVersion" .) "autoscaling/v2beta1" }}
+        targetAverageUtilization: {{ .Values.autoscaling.targetMemory }}
+        {{- else }}
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.autoscaling.targetMemory }}
+        {{- end }}
+    {{- end }}
+    {{- if .Values.autoscaling.targetCPU }}
+    - type: Resource
+      resource:
+        name: cpu
+        {{- if eq (include "grafana.hpa.apiVersion" .) "autoscaling/v2beta1" }}
+        targetAverageUtilization: {{ .Values.autoscaling.targetCPU }}
+        {{- else }}
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.autoscaling.targetCPU }}
+        {{- end }}
+    {{- end }}
+  {{- if .Values.autoscaling.behavior }}
+  behavior: {{ toYaml .Values.autoscaling.behavior | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-deployment.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-deployment.yaml
new file mode 100644
index 0000000000..28231b803e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-deployment.yaml
@@ -0,0 +1,131 @@
+{{ if .Values.imageRenderer.enabled }}
+{{- $root := . -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "grafana.fullname" . }}-image-renderer
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.imageRenderer.labels" . | nindent 4 }}
+    {{- with .Values.imageRenderer.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.imageRenderer.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if and (not .Values.imageRenderer.autoscaling.enabled) (.Values.imageRenderer.replicas) }}
+  replicas: {{ .Values.imageRenderer.replicas }}
+  {{- end }}
+  revisionHistoryLimit: {{ .Values.imageRenderer.revisionHistoryLimit }}
+  selector:
+    matchLabels:
+      {{- include "grafana.imageRenderer.selectorLabels" . | nindent 6 }}
+
+  {{- with .Values.imageRenderer.deploymentStrategy }}
+  strategy:
+    {{- toYaml . | trim | nindent 4 }}
+  {{- end }}
+  template:
+    metadata:
+      labels:
+        {{- include "grafana.imageRenderer.selectorLabels" . | nindent 8 }}
+        {{- with .Values.imageRenderer.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+        {{- with .Values.imageRenderer.podAnnotations }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with .Values.imageRenderer.schedulerName }}
+      schedulerName: "{{ . }}"
+      {{- end }}
+      {{- with .Values.imageRenderer.serviceAccountName }}
+      serviceAccountName: "{{ . }}"
+      {{- end }}
+      {{- with .Values.imageRenderer.securityContext }}
+      securityContext:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.imageRenderer.hostAliases }}
+      hostAliases:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.imageRenderer.priorityClassName }}
+      priorityClassName: {{ . }}
+      {{- end }}
+      {{- with .Values.imageRenderer.image.pullSecrets }}
+      imagePullSecrets:
+        {{- range . }}
+        - name: {{ tpl . $root }}
+        {{- end}}
+      {{- end }}
+      containers:
+        - name: {{ .Chart.Name }}-image-renderer
+          {{- $registry := include "system_default_registry" | default .Values.imageRenderer.image.registry -}}
+          {{- if .Values.imageRenderer.image.sha }}
+          image: "{{ $registry }}{{ .Values.imageRenderer.image.repository }}:{{ .Values.imageRenderer.image.tag }}@sha256:{{ .Values.imageRenderer.image.sha }}"
+          {{- else }}
+          image: "{{ $registry }}{{ .Values.imageRenderer.image.repository }}:{{ .Values.imageRenderer.image.tag }}"
+          {{- end }}
+          imagePullPolicy: {{ .Values.imageRenderer.image.pullPolicy }}
+          {{- if .Values.imageRenderer.command }}
+          command:
+            {{- range .Values.imageRenderer.command }}
+            - {{ . }}
+            {{- end }}
+          {{- end}}
+          ports:
+            - name: {{ .Values.imageRenderer.service.portName }}
+              containerPort: {{ .Values.imageRenderer.service.targetPort }}
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /
+              port: {{ .Values.imageRenderer.service.portName }}
+          env:
+            - name: HTTP_PORT
+              value: {{ .Values.imageRenderer.service.targetPort | quote }}
+          {{- if .Values.imageRenderer.serviceMonitor.enabled }}
+            - name: ENABLE_METRICS
+              value: "true"
+          {{- end }}
+          {{- range $key, $value := .Values.imageRenderer.envValueFrom }}
+            - name: {{ $key | quote }}
+              valueFrom:
+                {{- tpl (toYaml $value) $ | nindent 16 }}
+          {{- end }}
+          {{- range $key, $value := .Values.imageRenderer.env }}
+            - name: {{ $key | quote }}
+              value: {{ $value | quote }}
+          {{- end }}
+          {{- with .Values.imageRenderer.containerSecurityContext }}
+          securityContext:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          volumeMounts:
+            - mountPath: /tmp
+              name: image-renderer-tmpfs
+          {{- with .Values.imageRenderer.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+      {{- with .Values.imageRenderer.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.imageRenderer.affinity }}
+      affinity:
+        {{- tpl (toYaml .) $root | nindent 8 }}
+      {{- end }}
+      {{- with .Values.imageRenderer.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      volumes:
+        - name: image-renderer-tmpfs
+          emptyDir: {}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-hpa.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-hpa.yaml
new file mode 100644
index 0000000000..b0f0059b79
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-hpa.yaml
@@ -0,0 +1,47 @@
+{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.autoscaling.enabled }}
+apiVersion: {{ include "grafana.hpa.apiVersion" . }}
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "grafana.fullname" . }}-image-renderer
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "grafana.name" . }}-image-renderer
+    helm.sh/chart: {{ include "grafana.chart" . }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "grafana.fullname" . }}-image-renderer
+  minReplicas: {{ .Values.imageRenderer.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.imageRenderer.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.imageRenderer.autoscaling.targetMemory }}
+    - type: Resource
+      resource:
+        name: memory
+        {{- if eq (include "grafana.hpa.apiVersion" .) "autoscaling/v2beta1" }}
+        targetAverageUtilization: {{ .Values.imageRenderer.autoscaling.targetMemory }}
+        {{- else }}
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.imageRenderer.autoscaling.targetMemory }}
+        {{- end }}
+    {{- end }}
+    {{- if .Values.imageRenderer.autoscaling.targetCPU }}
+    - type: Resource
+      resource:
+        name: cpu
+        {{- if eq (include "grafana.hpa.apiVersion" .) "autoscaling/v2beta1" }}
+        targetAverageUtilization: {{ .Values.imageRenderer.autoscaling.targetCPU }}
+        {{- else }}
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.imageRenderer.autoscaling.targetCPU }}
+        {{- end }}
+    {{- end }}
+  {{- if .Values.imageRenderer.autoscaling.behavior }}
+  behavior: {{ toYaml .Values.imageRenderer.autoscaling.behavior | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-network-policy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-network-policy.yaml
new file mode 100644
index 0000000000..d1a0eb313d
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-network-policy.yaml
@@ -0,0 +1,79 @@
+{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.networkPolicy.limitIngress }}
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: {{ include "grafana.fullname" . }}-image-renderer-ingress
+  namespace: {{ include "grafana.namespace" . }}
+  annotations:
+    comment: Limit image-renderer ingress traffic from grafana
+spec:
+  podSelector:
+    matchLabels:
+      {{- include "grafana.imageRenderer.selectorLabels" . | nindent 6 }}
+      {{- with .Values.imageRenderer.podLabels }}
+      {{- toYaml . | nindent 6 }}
+      {{- end }}
+
+  policyTypes:
+    - Ingress
+  ingress:
+    - ports:
+        - port: {{ .Values.imageRenderer.service.targetPort }}
+          protocol: TCP
+      from:
+        - namespaceSelector:
+            matchLabels:
+              kubernetes.io/metadata.name: {{ include "grafana.namespace" . }}
+          podSelector:
+            matchLabels:
+              {{- include "grafana.selectorLabels" . | nindent 14 }}
+              {{- with .Values.podLabels }}
+              {{- toYaml . | nindent 14 }}
+              {{- end }}
+        {{- with .Values.imageRenderer.networkPolicy.extraIngressSelectors -}}
+        {{ toYaml . | nindent 8 }}
+        {{- end }}
+{{- end }}
+
+{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.networkPolicy.limitEgress }}
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: {{ include "grafana.fullname" . }}-image-renderer-egress
+  namespace: {{ include "grafana.namespace" . }}
+  annotations:
+    comment: Limit image-renderer egress traffic to grafana
+spec:
+  podSelector:
+    matchLabels:
+      {{- include "grafana.imageRenderer.selectorLabels" . | nindent 6 }}
+      {{- with .Values.imageRenderer.podLabels }}
+      {{- toYaml . | nindent 6 }}
+      {{- end }}
+
+  policyTypes:
+    - Egress
+  egress:
+    # allow dns resolution
+    - ports:
+        - port: 53
+          protocol: UDP
+        - port: 53
+          protocol: TCP
+    # talk only to grafana
+    - ports:
+        - port: {{ .Values.service.targetPort }}
+          protocol: TCP
+      to:
+        - namespaceSelector:
+            matchLabels:
+              name: {{ include "grafana.namespace" . }}
+          podSelector:
+            matchLabels:
+              {{- include "grafana.selectorLabels" . | nindent 14 }}
+              {{- with .Values.podLabels }}
+              {{- toYaml . | nindent 14 }}
+              {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-service.yaml
new file mode 100644
index 0000000000..f8da127cf8
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-service.yaml
@@ -0,0 +1,31 @@
+{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.service.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "grafana.fullname" . }}-image-renderer
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.imageRenderer.labels" . | nindent 4 }}
+    {{- with .Values.imageRenderer.service.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.imageRenderer.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  type: ClusterIP
+  {{- with .Values.imageRenderer.service.clusterIP }}
+  clusterIP: {{ . }}
+  {{- end }}
+  ports:
+    - name: {{ .Values.imageRenderer.service.portName }}
+      port: {{ .Values.imageRenderer.service.port }}
+      protocol: TCP
+      targetPort: {{ .Values.imageRenderer.service.targetPort }}
+      {{- with .Values.imageRenderer.appProtocol }}
+      appProtocol: {{ . }}
+      {{- end }}
+  selector:
+    {{- include "grafana.imageRenderer.selectorLabels" . | nindent 4 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-servicemonitor.yaml
new file mode 100644
index 0000000000..5d9f09d266
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/image-renderer-servicemonitor.yaml
@@ -0,0 +1,48 @@
+{{- if .Values.imageRenderer.serviceMonitor.enabled }}
+---
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ include "grafana.fullname" . }}-image-renderer
+  {{- if .Values.imageRenderer.serviceMonitor.namespace }}
+  namespace: {{ tpl .Values.imageRenderer.serviceMonitor.namespace . }}
+  {{- else }}
+  namespace: {{ include "grafana.namespace" . }}
+  {{- end }}
+  labels:
+    {{- include "grafana.imageRenderer.labels" . | nindent 4 }}
+    {{- with .Values.imageRenderer.serviceMonitor.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  endpoints:
+  - port: {{ .Values.imageRenderer.service.portName }}
+    {{- with .Values.imageRenderer.serviceMonitor.interval }}
+    interval: {{ . }}
+    {{- end }}
+    {{- with .Values.imageRenderer.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ . }}
+    {{- end }}
+    honorLabels: true
+    path: {{ .Values.imageRenderer.serviceMonitor.path }}
+    scheme: {{ .Values.imageRenderer.serviceMonitor.scheme }}
+    {{- with .Values.imageRenderer.serviceMonitor.tlsConfig }}
+    tlsConfig:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.imageRenderer.serviceMonitor.relabelings }}
+    relabelings:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+  jobLabel: "{{ .Release.Name }}-image-renderer"
+  selector:
+    matchLabels:
+      {{- include "grafana.imageRenderer.selectorLabels" . | nindent 6 }}
+  namespaceSelector:
+    matchNames:
+      - {{ include "grafana.namespace" . }}
+  {{- with .Values.imageRenderer.serviceMonitor.targetLabels }}
+  targetLabels:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/ingress.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/ingress.yaml
new file mode 100644
index 0000000000..b2ffd81095
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/ingress.yaml
@@ -0,0 +1,78 @@
+{{- if .Values.ingress.enabled -}}
+{{- $ingressApiIsStable := eq (include "grafana.ingress.isStable" .) "true" -}}
+{{- $ingressSupportsIngressClassName := eq (include "grafana.ingress.supportsIngressClassName" .) "true" -}}
+{{- $ingressSupportsPathType := eq (include "grafana.ingress.supportsPathType" .) "true" -}}
+{{- $fullName := include "grafana.fullname" . -}}
+{{- $servicePort := .Values.service.port -}}
+{{- $ingressPath := .Values.ingress.path -}}
+{{- $ingressPathType := .Values.ingress.pathType -}}
+{{- $extraPaths := .Values.ingress.extraPaths -}}
+apiVersion: {{ include "grafana.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+    {{- with .Values.ingress.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- range $key, $value := . }}
+    {{ $key }}: {{ tpl $value $ | quote }}
+    {{- end }}
+  {{- end }}
+spec:
+  {{- if and $ingressSupportsIngressClassName .Values.ingress.ingressClassName }}
+  ingressClassName: {{ .Values.ingress.ingressClassName }}
+  {{- end -}}
+  {{- with .Values.ingress.tls }}
+  tls:
+    {{- tpl (toYaml .) $ | nindent 4 }}
+  {{- end }}
+  rules:
+  {{- if .Values.ingress.hosts  }}
+  {{- range .Values.ingress.hosts }}
+    - host: {{ tpl . $ | quote }}
+      http:
+        paths:
+          {{- with $extraPaths }}
+          {{- toYaml . | nindent 10 }}
+          {{- end }}
+          - path: {{ $ingressPath }}
+            {{- if $ingressSupportsPathType }}
+            pathType: {{ $ingressPathType }}
+            {{- end }}
+            backend:
+              {{- if $ingressApiIsStable }}
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $fullName }}
+              servicePort: {{ $servicePort }}
+              {{- end }}
+  {{- end }}
+  {{- else }}
+    - http:
+        paths:
+          - backend:
+              {{- if $ingressApiIsStable }}
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $fullName }}
+              servicePort: {{ $servicePort }}
+              {{- end }}
+            {{- with $ingressPath }}
+            path: {{ . }}
+            {{- end }}
+            {{- if $ingressSupportsPathType }}
+            pathType: {{ $ingressPathType }}
+            {{- end }}
+  {{- end -}}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/networkpolicy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/networkpolicy.yaml
new file mode 100644
index 0000000000..4cd3ed6976
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/networkpolicy.yaml
@@ -0,0 +1,61 @@
+{{- if .Values.networkPolicy.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+    {{- with .Values.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  policyTypes:
+    {{- if .Values.networkPolicy.ingress }}
+    - Ingress
+    {{- end }}
+    {{- if .Values.networkPolicy.egress.enabled }}
+    - Egress
+    {{- end }}
+  podSelector:
+    matchLabels:
+      {{- include "grafana.selectorLabels" . | nindent 6 }}
+
+  {{- if .Values.networkPolicy.egress.enabled }}
+  egress:
+    {{- if not .Values.networkPolicy.egress.blockDNSResolution }}
+    - ports:
+        - port: 53
+          protocol: UDP
+    {{- end }}
+    - ports:
+        {{ .Values.networkPolicy.egress.ports | toJson }}
+      {{- with .Values.networkPolicy.egress.to }}
+      to:
+        {{- toYaml . | nindent 12 }}
+      {{- end }}
+  {{- end }}
+  {{- if .Values.networkPolicy.ingress }}
+  ingress:
+    - ports:
+      - port: {{ .Values.service.targetPort }}
+      {{- if not .Values.networkPolicy.allowExternal }}
+      from:
+        - podSelector:
+            matchLabels:
+              {{ include "grafana.fullname" . }}-client: "true"
+        {{- with .Values.networkPolicy.explicitNamespacesSelector }}
+        - namespaceSelector:
+            {{- toYaml . | nindent 12 }}
+        {{- end }}
+        - podSelector:
+            matchLabels:
+              {{- include "grafana.labels" . | nindent 14 }}
+              role: read
+      {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/nginx-config.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/nginx-config.yaml
new file mode 100644
index 0000000000..557471f6ff
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/nginx-config.yaml
@@ -0,0 +1,94 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: grafana-nginx-proxy-config
+  namespace: {{ template "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+data:
+  nginx.conf: |-
+    worker_processes      auto;
+    error_log             /dev/stdout warn;
+    pid                   /var/cache/nginx/nginx.pid;
+
+    events {
+       worker_connections 1024;
+    }
+
+    http {
+      include       /etc/nginx/mime.types;
+      log_format    main '[$time_local - $status] $remote_addr - $remote_user $request ($http_referer)';
+
+      proxy_connect_timeout       10;
+      proxy_read_timeout          180;
+      proxy_send_timeout          5;
+      proxy_buffering             off;
+      proxy_cache_path            /var/cache/nginx/cache levels=1:2 keys_zone=my_zone:100m inactive=1d max_size=10g;
+
+      map $http_upgrade $connection_upgrade {
+        default upgrade;
+        '' close;
+      }
+
+      server {
+        listen          8080;
+        access_log      off;
+
+        gzip            on;
+        gzip_min_length 1k;
+        gzip_comp_level 2;
+        gzip_types      text/plain application/javascript application/x-javascript text/css application/xml text/javascript image/jpeg image/gif image/png;
+        gzip_vary       on;
+        gzip_disable    "MSIE [1-6]\.";
+
+        proxy_set_header Host $host;
+
+        location /api/dashboards {
+          proxy_pass     http://localhost:3000;
+        }
+
+        location /api/search {
+          proxy_pass     http://localhost:3000;
+
+          sub_filter_types application/json;
+          sub_filter_once off;
+        }
+
+        location /api/live/ {
+          proxy_http_version 1.1;
+          proxy_set_header Upgrade $http_upgrade;
+          proxy_set_header Connection $connection_upgrade;
+          proxy_set_header Host $http_host;
+          proxy_pass http://localhost:3000;
+        }
+
+        location / {
+          proxy_cache         my_zone;
+          proxy_cache_valid   200 302 1d;
+          proxy_cache_valid   301 30d;
+          proxy_cache_valid   any 5m;
+          proxy_cache_bypass  $http_cache_control;
+          add_header          X-Proxy-Cache $upstream_cache_status;
+          add_header          Cache-Control "public";
+          
+          proxy_pass     http://localhost:3000/;
+
+          sub_filter_once off;
+
+          {{- if eq .Values.global.cattle.clusterId "local" -}}
+          sub_filter '"appSubUrl":""' '"appSubUrl":"/api/v1/namespaces/{{ template "grafana.namespace" . }}/services/http:{{ template "grafana.fullname" . }}:{{ .Values.service.port }}/proxy"';
+          {{- else -}}
+          sub_filter '"appSubUrl":""' '"appSubUrl":"/k8s/clusters/{{ .Values.global.cattle.clusterId }}/api/v1/namespaces/{{ template "grafana.namespace" . }}/services/http:{{ template "grafana.fullname" . }}:{{ .Values.service.port }}/proxy"';
+          {{- end -}}
+
+          sub_filter ':"/avatar/' ':"avatar/';
+
+          if ($request_filename ~ .*\.(?:js|css|jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm)$) {
+            expires             90d;
+          }
+
+          rewrite ^/k8s/clusters/.*/proxy(.*) /$1 break;
+
+        }
+      }
+    }
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/poddisruptionbudget.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/poddisruptionbudget.yaml
new file mode 100644
index 0000000000..05251214ac
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/poddisruptionbudget.yaml
@@ -0,0 +1,22 @@
+{{- if .Values.podDisruptionBudget }}
+apiVersion: {{ include "grafana.podDisruptionBudget.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+    {{- with .Values.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  {{- with .Values.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ . }}
+  {{- end }}
+  {{- with .Values.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ . }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "grafana.selectorLabels" . | nindent 6 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/podsecuritypolicy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/podsecuritypolicy.yaml
new file mode 100644
index 0000000000..973caccd57
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/podsecuritypolicy.yaml
@@ -0,0 +1,45 @@
+{{- if and (or .Values.global.cattle.psp.enabled .Values.rbac.pspEnabled) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+{{- if .Values.rbac.pspAnnotations }}
+    annotations: {{ toYaml .Values.rbac.pspAnnotations | nindent 4 }}
+{{- end }}
+spec:
+  privileged: false
+  allowPrivilegeEscalation: false
+  requiredDropCapabilities:
+    # Default set from Docker, with DAC_OVERRIDE and CHOWN
+      - ALL
+  volumes:
+    - 'configMap'
+    - 'emptyDir'
+    - 'projected'
+    - 'csi'
+    - 'secret'
+    - 'downwardAPI'
+    - 'persistentVolumeClaim'
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      # Forbid adding the root group.
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      # Forbid adding the root group.
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/pvc.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/pvc.yaml
new file mode 100644
index 0000000000..c9b234305f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/pvc.yaml
@@ -0,0 +1,41 @@
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) (eq .Values.persistence.type "pvc")}}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+    {{- with .Values.persistence.extraPvcLabels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.persistence.annotations  }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.persistence.finalizers  }}
+  finalizers:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  accessModes:
+{{- $_ := required "Must provide at least one access mode for persistent volumes used by Grafana" .Values.persistence.accessModes }}
+{{- $_ := required "Must provide at least one access mode for persistent volumes used by Grafana" (first .Values.persistence.accessModes) }}
+    {{- range .Values.persistence.accessModes }}
+    - {{ . | quote }}
+    {{- end }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size | quote }}
+  {{- if (lookup "v1" "PersistentVolumeClaim" (include "grafana.namespace" .) (include "grafana.fullname" .)) }}
+  volumeName: {{ (lookup "v1" "PersistentVolumeClaim" (include "grafana.namespace" .) (include "grafana.fullname" .)).spec.volumeName }}
+  {{- end }}
+  {{- with .Values.persistence.storageClassName }}
+  storageClassName: {{ . }}
+  {{- end }}
+  {{- with .Values.persistence.selectorLabels }}
+  selector:
+    matchLabels:
+    {{- toYaml . | nindent 6 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/role.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/role.yaml
new file mode 100644
index 0000000000..469b6f4e6c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/role.yaml
@@ -0,0 +1,32 @@
+{{- if and .Values.rbac.create (not .Values.rbac.useExistingRole) -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- if or (or .Values.global.cattle.psp.enabled .Values.rbac.pspEnabled) (and .Values.rbac.namespaced (or .Values.sidecar.dashboards.enabled .Values.sidecar.datasources.enabled .Values.sidecar.plugins.enabled .Values.rbac.extraRoleRules)) }}
+rules:
+  {{- if and (or .Values.global.cattle.psp.enabled .Values.rbac.pspEnabled) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+  - apiGroups:      ['extensions']
+    resources:      ['podsecuritypolicies']
+    verbs:          ['use']
+    resourceNames:  [{{ include "grafana.fullname" . }}]
+  {{- end }}
+  {{- if and .Values.rbac.namespaced (or .Values.sidecar.dashboards.enabled .Values.sidecar.datasources.enabled .Values.sidecar.plugins.enabled) }}
+  - apiGroups: [""] # "" indicates the core API group
+    resources: ["configmaps", "secrets"]
+    verbs: ["get", "watch", "list"]
+  {{- end }}
+  {{- with .Values.rbac.extraRoleRules }}
+  {{- toYaml . | nindent 2 }}
+  {{- end}}
+{{- else }}
+rules: []
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/rolebinding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/rolebinding.yaml
new file mode 100644
index 0000000000..58f77c6b0b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/rolebinding.yaml
@@ -0,0 +1,25 @@
+{{- if .Values.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  {{- if .Values.rbac.useExistingRole }}
+  name: {{ .Values.rbac.useExistingRole }}
+  {{- else }}
+  name: {{ include "grafana.fullname" . }}
+  {{- end }}
+subjects:
+- kind: ServiceAccount
+  name: {{ include "grafana.serviceAccountName" . }}
+  namespace: {{ include "grafana.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/secret-env.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/secret-env.yaml
new file mode 100644
index 0000000000..eb14aac707
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/secret-env.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.envRenderSecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "grafana.fullname" . }}-env
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+type: Opaque
+data:
+{{- range $key, $val := .Values.envRenderSecret }}
+  {{ $key }}: {{ tpl ($val | toString) $ | b64enc | quote }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/secret.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/secret.yaml
new file mode 100644
index 0000000000..fd2ca50f4b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/secret.yaml
@@ -0,0 +1,16 @@
+{{- if or (and (not .Values.admin.existingSecret) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION)) (and .Values.ldap.enabled (not .Values.ldap.existingSecret)) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+type: Opaque
+data:
+  {{- include "grafana.secretsData" . | nindent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/service.yaml
new file mode 100644
index 0000000000..e9396a15c6
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/service.yaml
@@ -0,0 +1,61 @@
+{{- if .Values.service.enabled }}
+{{- $root := . }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+    {{- with .Values.service.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.service.annotations }}
+  annotations:
+    {{- tpl (toYaml . | nindent 4) $root }}
+  {{- end }}
+spec:
+  {{- if (or (eq .Values.service.type "ClusterIP") (empty .Values.service.type)) }}
+  type: ClusterIP
+  {{- with .Values.service.clusterIP }}
+  clusterIP: {{ . }}
+  {{- end }}
+  {{- else if eq .Values.service.type "LoadBalancer" }}
+  type: LoadBalancer
+  {{- with .Values.service.loadBalancerIP }}
+  loadBalancerIP: {{ . }}
+  {{- end }}
+  {{- with .Values.service.loadBalancerClass }}
+  loadBalancerClass: {{ . }}
+  {{- end }}
+  {{- with .Values.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- else }}
+  type: {{ .Values.service.type }}
+  {{- end }}
+  {{- with .Values.service.externalIPs }}
+  externalIPs:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.service.externalTrafficPolicy }}
+  externalTrafficPolicy: {{ . }}
+  {{- end }}
+  ports:
+    - name: {{ .Values.service.portName }}
+      port: {{ .Values.service.port }}
+      protocol: TCP
+      targetPort: {{ .Values.service.targetPort }}
+      {{- with .Values.service.appProtocol }}
+      appProtocol: {{ . }}
+      {{- end }}
+      {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }}
+      nodePort: {{ .Values.service.nodePort }}
+      {{- end }}
+      {{- with .Values.extraExposePorts }}
+      {{- tpl (toYaml . | nindent 4) $root }}
+      {{- end }}
+  selector:
+    {{- include "grafana.selectorLabels" . | nindent 4 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/serviceaccount.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..ffca0717ae
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/serviceaccount.yaml
@@ -0,0 +1,17 @@
+{{- if .Values.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+automountServiceAccountToken: {{ .Values.serviceAccount.autoMount | default .Values.serviceAccount.automountServiceAccountToken }}
+metadata:
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+    {{- with .Values.serviceAccount.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- tpl (toYaml . | nindent 4) $ }}
+  {{- end }}
+  name: {{ include "grafana.serviceAccountName" . }}
+  namespace: {{ include "grafana.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/servicemonitor.yaml
new file mode 100644
index 0000000000..b321b1269c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/servicemonitor.yaml
@@ -0,0 +1,68 @@
+{{- if .Values.serviceMonitor.enabled }}
+---
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  {{- if .Values.serviceMonitor.namespace }}
+  namespace: {{ tpl .Values.serviceMonitor.namespace . }}
+  {{- else }}
+  namespace: {{ include "grafana.namespace" . }}
+  {{- end }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+    {{- with .Values.serviceMonitor.labels }}
+    {{- tpl (toYaml . | nindent 4) $ }}
+    {{- end }}
+spec:
+  endpoints:
+  - port: {{ .Values.service.portName }}
+    {{- with .Values.serviceMonitor.interval }}
+    interval: {{ . }}
+    {{- end }}
+    {{- with .Values.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ . }}
+    {{- end }}
+    honorLabels: true
+    path: {{ .Values.serviceMonitor.path }}
+    scheme: {{ .Values.serviceMonitor.scheme }}
+    {{- with .Values.serviceMonitor.tlsConfig }}
+    tlsConfig:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    metricRelabelings:
+    {{- if .Values.serviceMonitor.metricRelabelings }}
+    {{- toYaml .Values.serviceMonitor.metricRelabelings | nindent 6 }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+    - sourceLabels: [__address__]
+      targetLabel: cluster_id
+      replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName }}
+    - sourceLabels: [__address__]
+      targetLabel: cluster_name
+      replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+    {{- if .Values.serviceMonitor.relabelings }}
+    {{- with .Values.serviceMonitor.relabelings }}
+    relabelings:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- end }}
+    {{- with .Values.serviceMonitor.metricRelabelings }}
+    metricRelabelings:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+  jobLabel: "{{ .Release.Name }}"
+  selector:
+    matchLabels:
+      {{- include "grafana.selectorLabels" . | nindent 6 }}
+  namespaceSelector:
+    matchNames:
+      - {{ include "grafana.namespace" . }}
+  {{- with .Values.serviceMonitor.targetLabels }}
+  targetLabels:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/statefulset.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/statefulset.yaml
new file mode 100644
index 0000000000..49278083e8
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/statefulset.yaml
@@ -0,0 +1,58 @@
+{{- $sts := list "sts" "StatefulSet" "statefulset" -}}
+{{- if (or (.Values.useStatefulSet) (and .Values.persistence.enabled (not .Values.persistence.existingClaim) (has .Values.persistence.type $sts)))}}
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  replicas: {{ .Values.replicas }}
+  selector:
+    matchLabels:
+      {{- include "grafana.selectorLabels" . | nindent 6 }}
+  serviceName: {{ include "grafana.fullname" . }}-headless
+  template:
+    metadata:
+      labels:
+        {{- include "grafana.selectorLabels" . | nindent 8 }}
+        {{- with .Values.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+        checksum/dashboards-json-config: {{ include (print $.Template.BasePath "/dashboards-json-configmap.yaml") . | sha256sum }}
+        checksum/sc-dashboard-provider-config: {{ include (print $.Template.BasePath "/configmap-dashboard-provider.yaml") . | sha256sum }}
+        {{- if and (or (and (not .Values.admin.existingSecret) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD)) (and .Values.ldap.enabled (not .Values.ldap.existingSecret))) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+        checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
+        {{- end }}
+        kubectl.kubernetes.io/default-container: {{ .Chart.Name }}
+        {{- with .Values.podAnnotations }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- include "grafana.pod" . | nindent 6 }}
+  {{- if .Values.persistence.enabled}}
+  volumeClaimTemplates:
+  - metadata:
+      name: storage
+    spec:
+{{- $_ := required "Must provide at least one access mode for persistent volumes used by Grafana" .Values.persistence.accessModes }}
+{{- $_ := required "Must provide at least one access mode for persistent volumes used by Grafana" (first .Values.persistence.accessModes) }}
+      accessModes: {{ .Values.persistence.accessModes }}
+      storageClassName: {{ .Values.persistence.storageClassName }}
+      resources:
+        requests:
+          storage: {{ required "Must provide size for persistent volumes used by Grafana" .Values.persistence.size }}
+      {{- with .Values.persistence.selectorLabels }}
+      selector:
+        matchLabels:
+          {{- toYaml . | nindent 10 }}
+      {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-configmap.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-configmap.yaml
new file mode 100644
index 0000000000..01c96c9243
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-configmap.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.testFramework.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "grafana.fullname" . }}-test
+  namespace: {{ include "grafana.namespace" . }}
+  annotations:
+    "helm.sh/hook": test-success
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+data:
+  run.sh: |-
+    @test "Test Health" {
+      url="http://{{ include "grafana.fullname" . }}/api/health"
+
+      code=$(wget --server-response --spider --timeout 90 --tries 10 ${url} 2>&1 | awk '/^  HTTP/{print $2}')
+      [ "$code" == "200" ]
+    }
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-podsecuritypolicy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-podsecuritypolicy.yaml
new file mode 100644
index 0000000000..70a0a884c9
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-podsecuritypolicy.yaml
@@ -0,0 +1,32 @@
+{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.testFramework.enabled (or .Values.global.cattle.psp.enabled .Values.rbac.pspEnabled) }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ include "grafana.fullname" . }}-test
+  annotations:
+    "helm.sh/hook": test-success
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+spec:
+  allowPrivilegeEscalation: true
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  fsGroup:
+    rule: RunAsAny
+  seLinux:
+    rule: RunAsAny
+  supplementalGroups:
+    rule: RunAsAny
+  runAsUser:
+    rule: RunAsAny
+  volumes:
+    - configMap
+    - downwardAPI
+    - emptyDir
+    - projected
+    - csi
+    - secret
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-role.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-role.yaml
new file mode 100644
index 0000000000..976418b137
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-role.yaml
@@ -0,0 +1,17 @@
+{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.testFramework.enabled (or .Values.global.cattle.psp.enabled .Values.rbac.pspEnabled) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ include "grafana.fullname" . }}-test
+  namespace: {{ include "grafana.namespace" . }}
+  annotations:
+    "helm.sh/hook": test-success
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+rules:
+  - apiGroups:      ['policy']
+    resources:      ['podsecuritypolicies']
+    verbs:          ['use']
+    resourceNames:  [{{ include "grafana.fullname" . }}-test]
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-rolebinding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-rolebinding.yaml
new file mode 100644
index 0000000000..509566eccd
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-rolebinding.yaml
@@ -0,0 +1,20 @@
+{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.testFramework.enabled (or .Values.global.cattle.psp.enabled .Values.rbac.pspEnabled) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ include "grafana.fullname" . }}-test
+  namespace: {{ include "grafana.namespace" . }}
+  annotations:
+    "helm.sh/hook": test-success
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ include "grafana.fullname" . }}-test
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "grafana.serviceAccountNameTest" . }}
+    namespace: {{ include "grafana.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-serviceaccount.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-serviceaccount.yaml
new file mode 100644
index 0000000000..38fba3596a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test-serviceaccount.yaml
@@ -0,0 +1,12 @@
+{{- if and .Values.testFramework.enabled .Values.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  name: {{ include "grafana.serviceAccountNameTest" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  annotations:
+    "helm.sh/hook": test-success
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test.yaml
new file mode 100644
index 0000000000..83aaa185c2
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/templates/tests/test.yaml
@@ -0,0 +1,53 @@
+{{- if .Values.testFramework.enabled }}
+{{- $root := . }}
+apiVersion: v1
+kind: Pod
+metadata:
+  name: {{ include "grafana.fullname" . }}-test
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test-success
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
+  namespace: {{ include "grafana.namespace" . }}
+spec:
+  serviceAccountName: {{ include "grafana.serviceAccountNameTest" . }}
+  {{- with .Values.testFramework.securityContext }}
+  securityContext:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- if or .Values.image.pullSecrets .Values.global.imagePullSecrets }}
+  imagePullSecrets:
+    {{- include "grafana.imagePullSecrets" (dict "root" $root "imagePullSecrets" .Values.image.pullSecrets) | nindent 4 }}
+  {{- end }}
+  {{- with .Values.nodeSelector }}
+  nodeSelector:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.affinity }}
+  affinity:
+    {{- tpl (toYaml .) $root | nindent 4 }}
+  {{- end }}
+  {{- with .Values.tolerations }}
+  tolerations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  containers:
+    - name: {{ .Release.Name }}-test
+      image: "{{ template "system_default_registry" . | default .Values.testFramework.image.registry }}/{{ .Values.testFramework.image.repository }}:{{ .Values.testFramework.image.tag }}"
+      imagePullPolicy: "{{ .Values.testFramework.imagePullPolicy}}"
+      command: ["/opt/bats/bin/bats", "-t", "/tests/run.sh"]
+      volumeMounts:
+        - mountPath: /tests
+          name: tests
+          readOnly: true
+      {{- with .Values.testFramework.resources }}
+      resources:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+  volumes:
+    - name: tests
+      configMap:
+        name: {{ include "grafana.fullname" . }}-test
+  restartPolicy: Never
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/values.yaml
new file mode 100644
index 0000000000..45e3df9325
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/grafana/values.yaml
@@ -0,0 +1,1315 @@
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+
+  # To help compatibility with other charts which use global.imagePullSecrets.
+  # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style).
+  # Can be tempalted.
+  # global:
+  #   imagePullSecrets:
+  #   - name: pullSecret1
+  #   - name: pullSecret2
+  # or
+  # global:
+  #   imagePullSecrets:
+  #   - pullSecret1
+  #   - pullSecret2
+  imagePullSecrets: []
+
+rbac:
+  create: true
+  ## Use an existing ClusterRole/Role (depending on rbac.namespaced false/true)
+  # useExistingRole: name-of-some-role
+  # useExistingClusterRole: name-of-some-clusterRole
+  pspEnabled: false
+  pspUseAppArmor: false
+  namespaced: false
+  extraRoleRules: []
+  # - apiGroups: []
+  #   resources: []
+  #   verbs: []
+  extraClusterRoleRules: []
+  # - apiGroups: []
+  #   resources: []
+  #   verbs: []
+serviceAccount:
+  create: true
+  name:
+  nameTest:
+  ## ServiceAccount labels.
+  labels: {}
+  ## Service account annotations. Can be templated.
+  #  annotations:
+  #    eks.amazonaws.com/role-arn: arn:aws:iam::123456789000:role/iam-role-name-here
+
+  ## autoMount is deprecated in favor of automountServiceAccountToken
+  # autoMount: false
+  automountServiceAccountToken: true
+
+replicas: 1
+
+## Create a headless service for the deployment
+headlessService: false
+
+## Should the service account be auto mounted on the pod
+automountServiceAccountToken: true
+
+## Create HorizontalPodAutoscaler object for deployment type
+#
+autoscaling:
+  enabled: false
+  minReplicas: 1
+  maxReplicas: 5
+  targetCPU: "60"
+  targetMemory: ""
+  behavior: {}
+
+## See `kubectl explain poddisruptionbudget.spec` for more
+## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
+podDisruptionBudget: {}
+#  apiVersion: ""
+#  minAvailable: 1
+#  maxUnavailable: 1
+
+## See `kubectl explain deployment.spec.strategy` for more
+## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
+deploymentStrategy:
+  type: RollingUpdate
+
+readinessProbe:
+  httpGet:
+    path: /api/health
+    port: 3000
+
+livenessProbe:
+  httpGet:
+    path: /api/health
+    port: 3000
+  initialDelaySeconds: 60
+  timeoutSeconds: 30
+  failureThreshold: 10
+
+## Use an alternate scheduler, e.g. "stork".
+## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
+##
+# schedulerName: "default-scheduler"
+
+image:
+  repository: rancher/mirrored-grafana-grafana
+  # Overrides the Grafana image tag whose default is the chart appVersion
+  tag: 10.4.9
+  sha: ""
+  pullPolicy: IfNotPresent
+
+  ## Optionally specify an array of imagePullSecrets.
+  ## Secrets must be manually created in the namespace.
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+  ## Can be templated.
+  ##
+  pullSecrets: []
+  #   - myRegistrKeySecretName
+
+testFramework:
+  enabled: false
+  imagePullPolicy: IfNotPresent
+  securityContext:
+    runAsNonRoot: true
+    runAsUser: 1000
+  #  limits:
+  #    cpu: 100m
+  #    memory: 128Mi
+  #  requests:
+  #    cpu: 100m
+  #    memory: 128Mi
+
+# dns configuration for pod
+dnsPolicy: ~
+dnsConfig: {}
+  # nameservers:
+  #   - 8.8.8.8
+  #   options:
+  #   - name: ndots
+  #     value: "2"
+  #   - name: edns0
+
+securityContext:
+  runAsNonRoot: true
+  runAsUser: 472
+  runAsGroup: 472
+  fsGroup: 472
+
+containerSecurityContext:
+  allowPrivilegeEscalation: false
+  capabilities:
+    drop:
+    - ALL
+  seccompProfile:
+    type: RuntimeDefault
+
+# Enable creating the grafana configmap
+createConfigmap: true
+
+# Extra configmaps to mount in grafana pods
+# Values are templated.
+extraConfigmapMounts: []
+  # - name: certs-configmap
+  #   mountPath: /etc/grafana/ssl/
+  #   subPath: certificates.crt # (optional)
+  #   configMap: certs-configmap
+  #   readOnly: true
+
+
+extraEmptyDirMounts: []
+  # - name: provisioning-notifiers
+  #   mountPath: /etc/grafana/provisioning/notifiers
+
+
+# Apply extra labels to common labels.
+extraLabels: {}
+
+## Assign a PriorityClassName to pods if set
+# priorityClassName:
+
+downloadDashboardsImage:
+  repository: rancher/mirrored-curlimages-curl
+  tag: 7.85.0
+  sha: ""
+  pullPolicy: IfNotPresent
+
+downloadDashboards:
+  env: {}
+  envFromSecret: ""
+  resources: {}
+  securityContext:
+    allowPrivilegeEscalation: false
+    capabilities:
+      drop:
+      - ALL
+    seccompProfile:
+      type: RuntimeDefault
+  envValueFrom: {}
+  #  ENV_NAME:
+  #    configMapKeyRef:
+  #      name: configmap-name
+  #      key: value_key
+
+## Pod Annotations
+# podAnnotations: {}
+
+## Pod Labels
+# podLabels: {}
+
+podPortName: grafana
+gossipPortName: gossip
+## Deployment annotations
+# annotations: {}
+
+## Expose the grafana service to be accessed from outside the cluster (LoadBalancer service).
+## or access it from within the cluster (ClusterIP service). Set the service type and the port to serve it.
+## ref: http://kubernetes.io/docs/user-guide/services/
+##
+service:
+  enabled: true
+  type: ClusterIP
+  loadBalancerIP: ""
+  loadBalancerClass: ""
+  loadBalancerSourceRanges: []
+  port: 80
+  targetPort: 3000
+    # targetPort: 4181 To be used with a proxy extraContainer
+  ## Service annotations. Can be templated.
+  annotations: {}
+  labels: {}
+  portName: service
+  # Adds the appProtocol field to the service. This allows to work with istio protocol selection. Ex: "http" or "tcp"
+  appProtocol: ""
+
+serviceMonitor:
+  ## If true, a ServiceMonitor CRD is created for a prometheus operator
+  ## https://github.com/coreos/prometheus-operator
+  ##
+  enabled: false
+  path: /metrics
+  #  namespace: monitoring  (defaults to use the namespace this chart is deployed to)
+  labels: {}
+  interval: 30s
+  scheme: http
+  tlsConfig: {}
+  scrapeTimeout: 30s
+  relabelings: []
+  metricRelabelings: []
+  targetLabels: []
+
+extraExposePorts: []
+ # - name: keycloak
+ #   port: 8080
+ #   targetPort: 8080
+
+# overrides pod.spec.hostAliases in the grafana deployment's pods
+hostAliases: []
+  # - ip: "1.2.3.4"
+  #   hostnames:
+  #     - "my.host.com"
+
+ingress:
+  enabled: false
+  # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+  # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+  # ingressClassName: nginx
+  # Values can be templated
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  labels: {}
+  path: /
+
+  # pathType is only for k8s >= 1.1=
+  pathType: Prefix
+
+  hosts:
+    - chart-example.local
+  ## Extra paths to prepend to every host configuration. This is useful when working with annotation based services.
+  extraPaths: []
+  # - path: /*
+  #   backend:
+  #     serviceName: ssl-redirect
+  #     servicePort: use-annotation
+  ## Or for k8s > 1.19
+  # - path: /*
+  #   pathType: Prefix
+  #   backend:
+  #     service:
+  #       name: ssl-redirect
+  #       port:
+  #         name: use-annotation
+
+
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+resources: {}
+#  limits:
+#    cpu: 100m
+#    memory: 128Mi
+#  requests:
+#    cpu: 100m
+#    memory: 128Mi
+
+## Node labels for pod assignment
+## ref: https://kubernetes.io/docs/user-guide/node-selection/
+#
+nodeSelector: {}
+
+## Tolerations for pod assignment
+## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+##
+tolerations: []
+
+## Affinity for pod assignment (evaluated as template)
+## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+##
+affinity: {}
+
+## Topology Spread Constraints
+## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
+##
+topologySpreadConstraints: []
+
+## Additional init containers (evaluated as template)
+## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+##
+extraInitContainers: []
+
+## Enable an Specify container in extraContainers. This is meant to allow adding an authentication proxy to a grafana pod
+extraContainers: ""
+# extraContainers: |
+# - name: proxy
+#   image: quay.io/gambol99/keycloak-proxy:latest
+#   args:
+#   - -provider=github
+#   - -client-id=
+#   - -client-secret=
+#   - -github-org=<ORG_NAME>
+#   - -email-domain=*
+#   - -cookie-secret=
+#   - -http-address=http://0.0.0.0:4181
+#   - -upstream-url=http://127.0.0.1:3000
+#   ports:
+#     - name: proxy-web
+#       containerPort: 4181
+
+## Volumes that can be used in init containers that will not be mounted to deployment pods
+extraContainerVolumes: []
+#  - name: volume-from-secret
+#    secret:
+#      secretName: secret-to-mount
+#  - name: empty-dir-volume
+#    emptyDir: {}
+
+## Enable persistence using Persistent Volume Claims
+## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
+##
+persistence:
+  type: pvc
+  enabled: false
+  # storageClassName: default
+  accessModes:
+    - ReadWriteOnce
+  size: 10Gi
+  # annotations: {}
+  finalizers:
+    - kubernetes.io/pvc-protection
+  # selectorLabels: {}
+  ## Sub-directory of the PV to mount. Can be templated.
+  # subPath: ""
+  ## Name of an existing PVC. Can be templated.
+  # existingClaim:
+  ## Extra labels to apply to a PVC.
+  extraPvcLabels: {}
+
+  ## If persistence is not enabled, this allows to mount the
+  ## local storage in-memory to improve performance
+  ##
+  inMemory:
+    enabled: false
+    ## The maximum usage on memory medium EmptyDir would be
+    ## the minimum value between the SizeLimit specified
+    ## here and the sum of memory limits of all containers in a pod
+    ##
+    # sizeLimit: 300Mi
+
+initChownData:
+  ## If false, data ownership will not be reset at startup
+  ## This allows the grafana-server to be run with an arbitrary user
+  ##
+  enabled: true
+
+  ## initChownData container image
+  ##
+  image:
+    repository: rancher/mirrored-library-busybox
+    tag: "1.31.1"
+    sha: ""
+    pullPolicy: IfNotPresent
+
+  ## initChownData resource requests and limits
+  ## Ref: http://kubernetes.io/docs/user-guide/compute-resources/
+  ##
+  resources: {}
+  #  limits:
+  #    cpu: 100m
+  #    memory: 128Mi
+  #  requests:
+  #    cpu: 100m
+  #    memory: 128Mi
+  securityContext:
+    runAsNonRoot: false
+    runAsUser: 0
+    seccompProfile:
+      type: RuntimeDefault
+    capabilities:
+      add:
+        - CHOWN
+
+# Administrator credentials when not using an existing secret (see below)
+adminUser: admin
+# adminPassword: strongpassword
+
+# Use an existing secret for the admin user.
+admin:
+  ## Name of the secret. Can be templated.
+  existingSecret: ""
+  userKey: admin-user
+  passwordKey: admin-password
+
+## Define command to be executed at startup by grafana container
+## Needed if using `vault-env` to manage secrets (ref: https://banzaicloud.com/blog/inject-secrets-into-pods-vault/)
+## Default is "run.sh" as defined in grafana's Dockerfile
+# command:
+# - "sh"
+# - "/run.sh"
+
+## Optionally define args if command is used
+## Needed if using `hashicorp/envconsul` to manage secrets
+## By default no arguments are set
+# args:
+# - "-secret"
+# - "secret/grafana"
+# - "./grafana"
+
+## Extra environment variables that will be pass onto deployment pods
+##
+## to provide grafana with access to CloudWatch on AWS EKS:
+## 1. create an iam role of type "Web identity" with provider oidc.eks.* (note the provider for later)
+## 2. edit the "Trust relationships" of the role, add a line inside the StringEquals clause using the
+## same oidc eks provider as noted before (same as the existing line)
+## also, replace NAMESPACE and prometheus-operator-grafana with the service account namespace and name
+##
+##  "oidc.eks.us-east-1.amazonaws.com/id/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:sub": "system:serviceaccount:NAMESPACE:prometheus-operator-grafana",
+##
+## 3. attach a policy to the role, you can use a built in policy called CloudWatchReadOnlyAccess
+## 4. use the following env: (replace 123456789000 and iam-role-name-here with your aws account number and role name)
+##
+## env:
+##   AWS_ROLE_ARN: arn:aws:iam::123456789000:role/iam-role-name-here
+##   AWS_WEB_IDENTITY_TOKEN_FILE: /var/run/secrets/eks.amazonaws.com/serviceaccount/token
+##   AWS_REGION: us-east-1
+##
+## 5. uncomment the EKS section in extraSecretMounts: below
+## 6. uncomment the annotation section in the serviceAccount: above
+## make sure to replace arn:aws:iam::123456789000:role/iam-role-name-here with your role arn
+
+env: {}
+
+## "valueFrom" environment variable references that will be added to deployment pods. Name is templated.
+## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core
+## Renders in container spec as:
+##   env:
+##     ...
+##     - name: <key>
+##       valueFrom:
+##         <value rendered as YAML>
+envValueFrom: {}
+  #  ENV_NAME:
+  #    configMapKeyRef:
+  #      name: configmap-name
+  #      key: value_key
+
+## The name of a secret in the same kubernetes namespace which contain values to be added to the environment
+## This can be useful for auth tokens, etc. Value is templated.
+envFromSecret: ""
+
+## Sensible environment variables that will be rendered as new secret object
+## This can be useful for auth tokens, etc.
+## If the secret values contains "{{", they'll need to be properly escaped so that they are not interpreted by Helm
+## ref: https://helm.sh/docs/howto/charts_tips_and_tricks/#using-the-tpl-function
+envRenderSecret: {}
+
+## The names of secrets in the same kubernetes namespace which contain values to be added to the environment
+## Each entry should contain a name key, and can optionally specify whether the secret must be defined with an optional key.
+## Name is templated.
+envFromSecrets: []
+## - name: secret-name
+##   prefix: prefix
+##   optional: true
+
+## The names of conifgmaps in the same kubernetes namespace which contain values to be added to the environment
+## Each entry should contain a name key, and can optionally specify whether the configmap must be defined with an optional key.
+## Name is templated.
+## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#configmapenvsource-v1-core
+envFromConfigMaps: []
+## - name: configmap-name
+##   prefix: prefix
+##   optional: true
+
+# Inject Kubernetes services as environment variables.
+# See https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#environment-variables
+enableServiceLinks: true
+
+## Additional grafana server secret mounts
+# Defines additional mounts with secrets. Secrets must be manually created in the namespace.
+extraSecretMounts: []
+  # - name: secret-files
+  #   mountPath: /etc/secrets
+  #   secretName: grafana-secret-files
+  #   readOnly: true
+  #   subPath: ""
+  #
+  # for AWS EKS (cloudwatch) use the following (see also instruction in env: above)
+  # - name: aws-iam-token
+  #   mountPath: /var/run/secrets/eks.amazonaws.com/serviceaccount
+  #   readOnly: true
+  #   projected:
+  #     defaultMode: 420
+  #     sources:
+  #       - serviceAccountToken:
+  #           audience: sts.amazonaws.com
+  #           expirationSeconds: 86400
+  #           path: token
+  #
+  # for CSI e.g. Azure Key Vault use the following
+  # - name: secrets-store-inline
+  #  mountPath: /run/secrets
+  #  readOnly: true
+  #  csi:
+  #    driver: secrets-store.csi.k8s.io
+  #    readOnly: true
+  #    volumeAttributes:
+  #      secretProviderClass: "akv-grafana-spc"
+  #    nodePublishSecretRef:                       # Only required when using service principal mode
+  #       name: grafana-akv-creds                  # Only required when using service principal mode
+
+## Additional grafana server volume mounts
+# Defines additional volume mounts.
+extraVolumeMounts: []
+  # - name: extra-volume-0
+  #   mountPath: /mnt/volume0
+  #   readOnly: true
+  # - name: extra-volume-1
+  #   mountPath: /mnt/volume1
+  #   readOnly: true
+  # - name: grafana-secrets
+  #   mountPath: /mnt/volume2
+
+## Additional Grafana server volumes
+extraVolumes: []
+  # - name: extra-volume-0
+  #   existingClaim: volume-claim
+  # - name: extra-volume-1
+  #   hostPath:
+  #     path: /usr/shared/
+  #     type: ""
+  # - name: grafana-secrets
+  #   csi:
+  #     driver: secrets-store.csi.k8s.io
+  #     readOnly: true
+  #     volumeAttributes:
+  #       secretProviderClass: "grafana-env-spc"
+
+## Container Lifecycle Hooks. Execute a specific bash command or make an HTTP request
+lifecycleHooks: {}
+  # postStart:
+  #   exec:
+  #     command: []
+
+## Pass the plugins you want installed as a list.
+##
+plugins: []
+  # - digrich-bubblechart-panel
+  # - grafana-clock-panel
+  ## You can also use other plugin download URL, as long as they are valid zip files,
+  ## and specify the name of the plugin after the semicolon. Like this:
+  # - https://grafana.com/api/plugins/marcusolsson-json-datasource/versions/1.3.2/download;marcusolsson-json-datasource
+
+## Configure grafana datasources
+## ref: http://docs.grafana.org/administration/provisioning/#datasources
+##
+datasources: {}
+#  datasources.yaml:
+#    apiVersion: 1
+#    datasources:
+#    - name: Prometheus
+#      type: prometheus
+#      url: http://prometheus-prometheus-server
+#      access: proxy
+#      isDefault: true
+#    - name: CloudWatch
+#      type: cloudwatch
+#      access: proxy
+#      uid: cloudwatch
+#      editable: false
+#      jsonData:
+#        authType: default
+#        defaultRegion: us-east-1
+#    deleteDatasources: []
+#    - name: Prometheus
+
+## Configure grafana alerting (can be templated)
+## ref: http://docs.grafana.org/administration/provisioning/#alerting
+##
+alerting: {}
+  # rules.yaml:
+  #   apiVersion: 1
+  #   groups:
+  #     - orgId: 1
+  #       name: '{{ .Chart.Name }}_my_rule_group'
+  #       folder: my_first_folder
+  #       interval: 60s
+  #       rules:
+  #         - uid: my_id_1
+  #           title: my_first_rule
+  #           condition: A
+  #           data:
+  #             - refId: A
+  #               datasourceUid: '-100'
+  #               model:
+  #                 conditions:
+  #                   - evaluator:
+  #                       params:
+  #                         - 3
+  #                       type: gt
+  #                     operator:
+  #                       type: and
+  #                     query:
+  #                       params:
+  #                         - A
+  #                     reducer:
+  #                       type: last
+  #                     type: query
+  #                 datasource:
+  #                   type: __expr__
+  #                   uid: '-100'
+  #                 expression: 1==0
+  #                 intervalMs: 1000
+  #                 maxDataPoints: 43200
+  #                 refId: A
+  #                 type: math
+  #           dashboardUid: my_dashboard
+  #           panelId: 123
+  #           noDataState: Alerting
+  #           for: 60s
+  #           annotations:
+  #             some_key: some_value
+  #           labels:
+  #             team: sre_team_1
+  # contactpoints.yaml:
+  #   secret:
+  #     apiVersion: 1
+  #     contactPoints:
+  #       - orgId: 1
+  #         name: cp_1
+  #         receivers:
+  #           - uid: first_uid
+  #             type: pagerduty
+  #             settings:
+  #               integrationKey: XXX
+  #               severity: critical
+  #               class: ping failure
+  #               component: Grafana
+  #               group: app-stack
+  #               summary: |
+  #                 {{ `{{ include "default.message" . }}` }}
+
+## Configure notifiers
+## ref: http://docs.grafana.org/administration/provisioning/#alert-notification-channels
+##
+notifiers: {}
+#  notifiers.yaml:
+#    notifiers:
+#    - name: email-notifier
+#      type: email
+#      uid: email1
+#      # either:
+#      org_id: 1
+#      # or
+#      org_name: Main Org.
+#      is_default: true
+#      settings:
+#        addresses: an_email_address@example.com
+#    delete_notifiers:
+
+## Configure grafana dashboard providers
+## ref: http://docs.grafana.org/administration/provisioning/#dashboards
+##
+## `path` must be /var/lib/grafana/dashboards/<provider_name>
+##
+dashboardProviders: {}
+#  dashboardproviders.yaml:
+#    apiVersion: 1
+#    providers:
+#    - name: 'default'
+#      orgId: 1
+#      folder: ''
+#      type: file
+#      disableDeletion: false
+#      editable: true
+#      options:
+#        path: /var/lib/grafana/dashboards/default
+
+## Configure grafana dashboard to import
+## NOTE: To use dashboards you must also enable/configure dashboardProviders
+## ref: https://grafana.com/dashboards
+##
+## dashboards per provider, use provider name as key.
+##
+dashboards: {}
+  # default:
+  #   some-dashboard:
+  #     json: |
+  #       $RAW_JSON
+  #   custom-dashboard:
+  #     file: dashboards/custom-dashboard.json
+  #   prometheus-stats:
+  #     gnetId: 2
+  #     revision: 2
+  #     datasource: Prometheus
+  #   local-dashboard:
+  #     url: https://example.com/repository/test.json
+  #     token: ''
+  #   local-dashboard-base64:
+  #     url: https://example.com/repository/test-b64.json
+  #     token: ''
+  #     b64content: true
+  #   local-dashboard-gitlab:
+  #     url: https://example.com/repository/test-gitlab.json
+  #     gitlabToken: ''
+  #   local-dashboard-bitbucket:
+  #     url: https://example.com/repository/test-bitbucket.json
+  #     bearerToken: ''
+  #   local-dashboard-azure:
+  #     url: https://example.com/repository/test-azure.json
+  #     basic: ''
+  #     acceptHeader: '*/*'
+
+## Reference to external ConfigMap per provider. Use provider name as key and ConfigMap name as value.
+## A provider dashboards must be defined either by external ConfigMaps or in values.yaml, not in both.
+## ConfigMap data example:
+##
+## data:
+##   example-dashboard.json: |
+##     RAW_JSON
+##
+dashboardsConfigMaps: {}
+#  default: ""
+
+## Grafana's primary configuration
+## NOTE: values in map will be converted to ini format
+## ref: http://docs.grafana.org/installation/configuration/
+##
+grafana.ini:
+  paths:
+    data: /var/lib/grafana/
+    logs: /var/log/grafana
+    plugins: /var/lib/grafana/plugins
+    provisioning: /etc/grafana/provisioning
+  analytics:
+    check_for_updates: true
+  log:
+    mode: console
+  grafana_net:
+    url: https://grafana.net
+  server:
+    domain: "{{ if (and .Values.ingress.enabled .Values.ingress.hosts) }}{{ .Values.ingress.hosts | first }}{{ else }}''{{ end }}"
+## grafana Authentication can be enabled with the following values on grafana.ini
+ # server:
+      # The full public facing url you use in browser, used for redirects and emails
+ #    root_url:
+ # https://grafana.com/docs/grafana/latest/auth/github/#enable-github-in-grafana
+ # auth.github:
+ #    enabled: false
+ #    allow_sign_up: false
+ #    scopes: user:email,read:org
+ #    auth_url: https://github.com/login/oauth/authorize
+ #    token_url: https://github.com/login/oauth/access_token
+ #    api_url: https://api.github.com/user
+ #    team_ids:
+ #    allowed_organizations:
+ #    client_id:
+ #    client_secret:
+## LDAP Authentication can be enabled with the following values on grafana.ini
+## NOTE: Grafana will fail to start if the value for ldap.toml is invalid
+  # auth.ldap:
+  #   enabled: true
+  #   allow_sign_up: true
+  #   config_file: /etc/grafana/ldap.toml
+
+## Grafana's LDAP configuration
+## Templated by the template in _helpers.tpl
+## NOTE: To enable the grafana.ini must be configured with auth.ldap.enabled
+## ref: http://docs.grafana.org/installation/configuration/#auth-ldap
+## ref: http://docs.grafana.org/installation/ldap/#configuration
+ldap:
+  enabled: false
+  # `existingSecret` is a reference to an existing secret containing the ldap configuration
+  # for Grafana in a key `ldap-toml`.
+  existingSecret: ""
+  # `config` is the content of `ldap.toml` that will be stored in the created secret
+  config: ""
+  # config: |-
+  #   verbose_logging = true
+
+  #   [[servers]]
+  #   host = "my-ldap-server"
+  #   port = 636
+  #   use_ssl = true
+  #   start_tls = false
+  #   ssl_skip_verify = false
+  #   bind_dn = "uid=%s,ou=users,dc=myorg,dc=com"
+
+## Grafana's SMTP configuration
+## NOTE: To enable, grafana.ini must be configured with smtp.enabled
+## ref: http://docs.grafana.org/installation/configuration/#smtp
+smtp:
+  # `existingSecret` is a reference to an existing secret containing the smtp configuration
+  # for Grafana.
+  existingSecret: ""
+  userKey: "user"
+  passwordKey: "password"
+
+## Sidecars that collect the configmaps with specified label and stores the included files them into the respective folders
+## Requires at least Grafana 5 to work and can't be used together with parameters dashboardProviders, datasources and dashboards
+sidecar:
+  image:
+    repository: rancher/mirrored-kiwigrid-k8s-sidecar
+    tag: 1.26.1
+    sha: ""
+  imagePullPolicy: IfNotPresent
+  resources: {}
+#   limits:
+#     cpu: 100m
+#     memory: 100Mi
+#   requests:
+#     cpu: 50m
+#     memory: 50Mi
+  securityContext:
+    allowPrivilegeEscalation: false
+    capabilities:
+      drop:
+      - ALL
+    seccompProfile:
+      type: RuntimeDefault
+  # skipTlsVerify Set to true to skip tls verification for kube api calls
+  # skipTlsVerify: true
+  enableUniqueFilenames: false
+  readinessProbe: {}
+  livenessProbe: {}
+  # Log level default for all sidecars. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL. Defaults to INFO
+  # logLevel: INFO
+  alerts:
+    enabled: false
+    # Additional environment variables for the alerts sidecar
+    env: {}
+    # Do not reprocess already processed unchanged resources on k8s API reconnect.
+    # ignoreAlreadyProcessed: true
+    # label that the configmaps with alert are marked with
+    label: grafana_alert
+    # value of label that the configmaps with alert are set to
+    labelValue: ""
+    # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL.
+    # logLevel: INFO
+    # If specified, the sidecar will search for alert config-maps inside this namespace.
+    # Otherwise the namespace in which the sidecar is running will be used.
+    # It's also possible to specify ALL to search in all namespaces
+    searchNamespace: null
+    # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds.
+    watchMethod: WATCH
+    # search in configmap, secret or both
+    resource: both
+    # watchServerTimeout: request to the server, asking it to cleanly close the connection after that.
+    # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S
+    # watchServerTimeout: 3600
+    #
+    # watchClientTimeout: is a client-side timeout, configuring your local socket.
+    # If you have a network outage dropping all packets with no RST/FIN,
+    # this is how long your client waits before realizing & dropping the connection.
+    # defaults to 66sec (sic!)
+    # watchClientTimeout: 60
+    #
+    # Endpoint to send request to reload alerts
+    reloadURL: "http://localhost:3000/api/admin/provisioning/alerting/reload"
+    # Absolute path to shell script to execute after a alert got reloaded
+    script: null
+    skipReload: false
+    # This is needed if skipReload is true, to load any alerts defined at startup time.
+    # Deploy the alert sidecar as an initContainer.
+    initAlerts: false
+    # Additional alert sidecar volume mounts
+    extraMounts: []
+    # Sets the size limit of the alert sidecar emptyDir volume
+    sizeLimit: {}
+  dashboards:
+    enabled: false
+    # Additional environment variables for the dashboards sidecar
+    env: {}
+    # Do not reprocess already processed unchanged resources on k8s API reconnect.
+    # ignoreAlreadyProcessed: true
+    SCProvider: true
+    # label that the configmaps with dashboards are marked with
+    label: grafana_dashboard
+    # value of label that the configmaps with dashboards are set to
+    labelValue: ""
+    # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL.
+    # logLevel: INFO
+    # folder in the pod that should hold the collected dashboards (unless `defaultFolderName` is set)
+    folder: /tmp/dashboards
+    # The default folder name, it will create a subfolder under the `folder` and put dashboards in there instead
+    defaultFolderName: null
+    # Namespaces list. If specified, the sidecar will search for config-maps/secrets inside these namespaces.
+    # Otherwise the namespace in which the sidecar is running will be used.
+    # It's also possible to specify ALL to search in all namespaces.
+    searchNamespace: null
+    # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds.
+    watchMethod: WATCH
+    # search in configmap, secret or both
+    resource: both
+    # If specified, the sidecar will look for annotation with this name to create folder and put graph here.
+    # You can use this parameter together with `provider.foldersFromFilesStructure`to annotate configmaps and create folder structure.
+    folderAnnotation: null
+    # Endpoint to send request to reload alerts
+    reloadURL: "http://localhost:3000/api/admin/provisioning/dashboards/reload"
+    # Absolute path to shell script to execute after a configmap got reloaded
+    script: null
+    skipReload: false
+    # watchServerTimeout: request to the server, asking it to cleanly close the connection after that.
+    # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S
+    # watchServerTimeout: 3600
+    #
+    # watchClientTimeout: is a client-side timeout, configuring your local socket.
+    # If you have a network outage dropping all packets with no RST/FIN,
+    # this is how long your client waits before realizing & dropping the connection.
+    # defaults to 66sec (sic!)
+    # watchClientTimeout: 60
+    #
+    # provider configuration that lets grafana manage the dashboards
+    provider:
+      # name of the provider, should be unique
+      name: sidecarProvider
+      # orgid as configured in grafana
+      orgid: 1
+      # folder in which the dashboards should be imported in grafana
+      folder: ''
+      # type of the provider
+      type: file
+      # disableDelete to activate a import-only behaviour
+      disableDelete: false
+      # allow updating provisioned dashboards from the UI
+      allowUiUpdates: false
+      # allow Grafana to replicate dashboard structure from filesystem
+      foldersFromFilesStructure: false
+    # Additional dashboard sidecar volume mounts
+    extraMounts: []
+    # Sets the size limit of the dashboard sidecar emptyDir volume
+    sizeLimit: {}
+  datasources:
+    enabled: false
+    # Additional environment variables for the datasourcessidecar
+    env: {}
+    envValueFrom: {}
+    # Do not reprocess already processed unchanged resources on k8s API reconnect.
+    # ignoreAlreadyProcessed: true
+    # label that the configmaps with datasources are marked with
+    label: grafana_datasource
+    # value of label that the configmaps with datasources are set to
+    labelValue: ""
+    # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL.
+    # logLevel: INFO
+    # If specified, the sidecar will search for datasource config-maps inside this namespace.
+    # Otherwise the namespace in which the sidecar is running will be used.
+    # It's also possible to specify ALL to search in all namespaces
+    searchNamespace: null
+    # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds.
+    watchMethod: WATCH
+    # search in configmap, secret or both
+    resource: both
+    # watchServerTimeout: request to the server, asking it to cleanly close the connection after that.
+    # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S
+    # watchServerTimeout: 3600
+    #
+    # watchClientTimeout: is a client-side timeout, configuring your local socket.
+    # If you have a network outage dropping all packets with no RST/FIN,
+    # this is how long your client waits before realizing & dropping the connection.
+    # defaults to 66sec (sic!)
+    # watchClientTimeout: 60
+    #
+    # Endpoint to send request to reload datasources
+    reloadURL: "http://localhost:3000/api/admin/provisioning/datasources/reload"
+    # Absolute path to shell script to execute after a datasource got reloaded
+    script: null
+    skipReload: true
+    # This is needed if skipReload is true, to load any datasources defined at startup time.
+    # Deploy the datasources sidecar as an initContainer.
+    initDatasources: true
+    # Sets the size limit of the datasource sidecar emptyDir volume
+    sizeLimit: {}
+  plugins:
+    enabled: false
+    # Additional environment variables for the plugins sidecar
+    env: {}
+    # Do not reprocess already processed unchanged resources on k8s API reconnect.
+    # ignoreAlreadyProcessed: true
+    # label that the configmaps with plugins are marked with
+    label: grafana_plugin
+    # value of label that the configmaps with plugins are set to
+    labelValue: ""
+    # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL.
+    # logLevel: INFO
+    # If specified, the sidecar will search for plugin config-maps inside this namespace.
+    # Otherwise the namespace in which the sidecar is running will be used.
+    # It's also possible to specify ALL to search in all namespaces
+    searchNamespace: null
+    # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds.
+    watchMethod: WATCH
+    # search in configmap, secret or both
+    resource: both
+    # watchServerTimeout: request to the server, asking it to cleanly close the connection after that.
+    # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S
+    # watchServerTimeout: 3600
+    #
+    # watchClientTimeout: is a client-side timeout, configuring your local socket.
+    # If you have a network outage dropping all packets with no RST/FIN,
+    # this is how long your client waits before realizing & dropping the connection.
+    # defaults to 66sec (sic!)
+    # watchClientTimeout: 60
+    #
+    # Endpoint to send request to reload plugins
+    reloadURL: "http://localhost:3000/api/admin/provisioning/plugins/reload"
+    # Absolute path to shell script to execute after a plugin got reloaded
+    script: null
+    skipReload: false
+    # Deploy the datasource sidecar as an initContainer in addition to a container.
+    # This is needed if skipReload is true, to load any plugins defined at startup time.
+    initPlugins: false
+    # Sets the size limit of the plugin sidecar emptyDir volume
+    sizeLimit: {}
+  notifiers:
+    enabled: false
+    # Additional environment variables for the notifierssidecar
+    env: {}
+    # Do not reprocess already processed unchanged resources on k8s API reconnect.
+    # ignoreAlreadyProcessed: true
+    # label that the configmaps with notifiers are marked with
+    label: grafana_notifier
+    # value of label that the configmaps with notifiers are set to
+    labelValue: ""
+    # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL.
+    # logLevel: INFO
+    # If specified, the sidecar will search for notifier config-maps inside this namespace.
+    # Otherwise the namespace in which the sidecar is running will be used.
+    # It's also possible to specify ALL to search in all namespaces
+    searchNamespace: null
+    # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds.
+    watchMethod: WATCH
+    # search in configmap, secret or both
+    resource: both
+    # watchServerTimeout: request to the server, asking it to cleanly close the connection after that.
+    # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S
+    # watchServerTimeout: 3600
+    #
+    # watchClientTimeout: is a client-side timeout, configuring your local socket.
+    # If you have a network outage dropping all packets with no RST/FIN,
+    # this is how long your client waits before realizing & dropping the connection.
+    # defaults to 66sec (sic!)
+    # watchClientTimeout: 60
+    #
+    # Endpoint to send request to reload notifiers
+    reloadURL: "http://localhost:3000/api/admin/provisioning/notifications/reload"
+    # Absolute path to shell script to execute after a notifier got reloaded
+    script: null
+    skipReload: false
+    # Deploy the notifier sidecar as an initContainer in addition to a container.
+    # This is needed if skipReload is true, to load any notifiers defined at startup time.
+    initNotifiers: false
+    # Sets the size limit of the notifier sidecar emptyDir volume
+    sizeLimit: {}
+
+## Override the deployment namespace
+##
+namespaceOverride: ""
+
+## Number of old ReplicaSets to retain
+##
+revisionHistoryLimit: 10
+
+## Add a seperate remote image renderer deployment/service
+imageRenderer:
+  deploymentStrategy: {}
+  # Enable the image-renderer deployment & service
+  enabled: false
+  replicas: 1
+  autoscaling:
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 5
+    targetCPU: "60"
+    targetMemory: ""
+    behavior: {}
+  image:
+    # image-renderer Image repository
+    repository: rancher/mirrored-grafana-grafana-image-renderer
+    # image-renderer Image tag
+    tag: 3.10.5
+    # image-renderer Image sha (optional)
+    sha: ""
+    # image-renderer ImagePullPolicy
+    pullPolicy: Always
+  # extra environment variables
+  env:
+    HTTP_HOST: "0.0.0.0"
+    # RENDERING_ARGS: --no-sandbox,--disable-gpu,--window-size=1280x758
+    # RENDERING_MODE: clustered
+    # IGNORE_HTTPS_ERRORS: true
+
+  ## "valueFrom" environment variable references that will be added to deployment pods. Name is templated.
+  ## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core
+  ## Renders in container spec as:
+  ##   env:
+  ##     ...
+  ##     - name: <key>
+  ##       valueFrom:
+  ##         <value rendered as YAML>
+  envValueFrom: {}
+    #  ENV_NAME:
+    #    configMapKeyRef:
+    #      name: configmap-name
+    #      key: value_key
+
+  # image-renderer deployment serviceAccount
+  serviceAccountName: ""
+  # image-renderer deployment securityContext
+  securityContext: {}
+  # image-renderer deployment container securityContext
+  containerSecurityContext:
+    seccompProfile:
+      type: RuntimeDefault
+    capabilities:
+      drop: ['ALL']
+    allowPrivilegeEscalation: false
+    readOnlyRootFilesystem: true
+  ## image-renderer pod annotation
+  podAnnotations: {}
+  # image-renderer deployment Host Aliases
+  hostAliases: []
+  # image-renderer deployment priority class
+  priorityClassName: ''
+  service:
+    # Enable the image-renderer service
+    enabled: true
+    # image-renderer service port name
+    portName: 'http'
+    # image-renderer service port used by both service and deployment
+    port: 8081
+    targetPort: 8081
+    # Adds the appProtocol field to the image-renderer service. This allows to work with istio protocol selection. Ex: "http" or "tcp"
+    appProtocol: ""
+  serviceMonitor:
+    ## If true, a ServiceMonitor CRD is created for a prometheus operator
+    ## https://github.com/coreos/prometheus-operator
+    ##
+    enabled: false
+    path: /metrics
+    #  namespace: monitoring  (defaults to use the namespace this chart is deployed to)
+    labels: {}
+    interval: 1m
+    scheme: http
+    tlsConfig: {}
+    scrapeTimeout: 30s
+    relabelings: []
+    # See: https://doc.crds.dev/github.com/prometheus-operator/kube-prometheus/monitoring.coreos.com/ServiceMonitor/v1@v0.11.0#spec-targetLabels
+    targetLabels: []
+      # - targetLabel1
+      # - targetLabel2
+  # If https is enabled in Grafana, this needs to be set as 'https' to correctly configure the callback used in Grafana
+  grafanaProtocol: http
+  # In case a sub_path is used this needs to be added to the image renderer callback
+  grafanaSubPath: ""
+  # name of the image-renderer port on the pod
+  podPortName: http
+  # number of image-renderer replica sets to keep
+  revisionHistoryLimit: 10
+  networkPolicy:
+    # Enable a NetworkPolicy to limit inbound traffic to only the created grafana pods
+    limitIngress: true
+    # Enable a NetworkPolicy to limit outbound traffic to only the created grafana pods
+    limitEgress: false
+    # Allow additional services to access image-renderer (eg. Prometheus operator when ServiceMonitor is enabled)
+    extraIngressSelectors: []
+  resources: {}
+#   limits:
+#     cpu: 100m
+#     memory: 100Mi
+#   requests:
+#     cpu: 50m
+#     memory: 50Mi
+  ## Node labels for pod assignment
+  ## ref: https://kubernetes.io/docs/user-guide/node-selection/
+  #
+  nodeSelector: {}
+
+  ## Tolerations for pod assignment
+  ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+  ##
+  tolerations: []
+
+  ## Affinity for pod assignment (evaluated as template)
+  ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+  ##
+  affinity: {}
+
+  ## Use an alternate scheduler, e.g. "stork".
+  ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
+  ##
+  # schedulerName: "default-scheduler"
+
+networkPolicy:
+  ## @param networkPolicy.enabled Enable creation of NetworkPolicy resources. Only Ingress traffic is filtered for now.
+  ##
+  enabled: false
+  ## @param networkPolicy.allowExternal Don't require client label for connections
+  ## The Policy model to apply. When set to false, only pods with the correct
+  ## client label will have network access to  grafana port defined.
+  ## When true, grafana will accept connections from any source
+  ## (with the correct destination port).
+  ##
+  ingress: true
+  ## @param networkPolicy.ingress When true enables the creation
+  ## an ingress network policy
+  ##
+  allowExternal: true
+  ## @param networkPolicy.explicitNamespacesSelector A Kubernetes LabelSelector to explicitly select namespaces from which traffic could be allowed
+  ## If explicitNamespacesSelector is missing or set to {}, only client Pods that are in the networkPolicy's namespace
+  ## and that match other criteria, the ones that have the good label, can reach the grafana.
+  ## But sometimes, we want the grafana to be accessible to clients from other namespaces, in this case, we can use this
+  ## LabelSelector to select these namespaces, note that the networkPolicy's namespace should also be explicitly added.
+  ##
+  ## Example:
+  ## explicitNamespacesSelector:
+  ##   matchLabels:
+  ##     role: frontend
+  ##   matchExpressions:
+  ##    - {key: role, operator: In, values: [frontend]}
+  ##
+  explicitNamespacesSelector: {}
+  ##
+  ##
+  ##
+  ##
+  ##
+  ##
+  egress:
+    ## @param networkPolicy.egress.enabled When enabled, an egress network policy will be
+    ## created allowing grafana to connect to external data sources from kubernetes cluster.
+    enabled: false
+    ##
+    ## @param networkPolicy.egress.blockDNSResolution When enabled, DNS resolution will be blocked
+    ## for all pods in the grafana namespace.
+    blockDNSResolution: false
+    ##
+    ## @param networkPolicy.egress.ports Add individual ports to be allowed by the egress
+    ports: []
+    ## Add ports to the egress by specifying - port: <port number>
+    ## E.X.
+    ## - port: 80
+    ## - port: 443
+    ##
+    ## @param networkPolicy.egress.to Allow egress traffic to specific destinations
+    to: []
+    ## Add destinations to the egress by specifying - ipBlock: <CIDR>
+    ## E.X.
+    ## to:
+    ##  - namespaceSelector:
+    ##    matchExpressions:
+  ##    - {key: role, operator: In, values: [grafana]}
+  ##
+  ##
+  ##
+  ##
+  ##
+
+# Enable backward compatibility of kubernetes where version below 1.13 doesn't have the enableServiceLinks option
+enableKubeBackwardCompatibility: false
+useStatefulSet: false
+# Create a dynamic manifests via values:
+extraObjects: []
+  # - apiVersion: "kubernetes-client.io/v1"
+  #   kind: ExternalSecret
+  #   metadata:
+  #     name: grafana-secrets
+  #   spec:
+  #     backendType: gcpSecretsManager
+  #     data:
+  #       - key: grafana-admin-password
+  #         name: adminPassword
+
+# assertNoLeakedSecrets is a helper function defined in _helpers.tpl that checks if secret
+# values are not exposed in the rendered grafana.ini configmap. It is enabled by default.
+#
+# To pass values into grafana.ini without exposing them in a configmap, use variable expansion:
+# https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#variable-expansion
+#
+# Alternatively, if you wish to allow secret values to be exposed in the rendered grafana.ini configmap,
+# you can disable this check by setting assertNoLeakedSecrets to false.
+assertNoLeakedSecrets: true
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/Chart.yaml
new file mode 100644
index 0000000000..587a5f22c3
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: hardenedKubelet
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedKubelet/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/Chart.yaml
new file mode 100644
index 0000000000..32f406da4b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: hardenedNodeExporter
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/hardenedNodeExporter/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/Chart.yaml
new file mode 100644
index 0000000000..59798c5dec
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: k3sServer
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/k3sServer/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/.helmignore
new file mode 100644
index 0000000000..f0c1319444
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/Chart.yaml
new file mode 100644
index 0000000000..002a6a180d
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/Chart.yaml
@@ -0,0 +1,32 @@
+annotations:
+  artifacthub.io/license: Apache-2.0
+  artifacthub.io/links: |
+    - name: Chart Source
+      url: https://github.com/prometheus-community/helm-charts
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-kube-state-metrics
+apiVersion: v2
+appVersion: 2.10.1
+description: Install kube-state-metrics to generate and expose cluster-level metrics
+home: https://github.com/kubernetes/kube-state-metrics/
+keywords:
+- metric
+- monitoring
+- prometheus
+- kubernetes
+maintainers:
+- email: tariq.ibrahim@mulesoft.com
+  name: tariq1890
+- email: manuel@rueg.eu
+  name: mrueg
+- email: david@0xdc.me
+  name: dotdc
+name: kube-state-metrics
+sources:
+- https://github.com/kubernetes/kube-state-metrics/
+type: application
+version: 5.16.4
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/README.md
new file mode 100644
index 0000000000..843be89e69
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/README.md
@@ -0,0 +1,85 @@
+# kube-state-metrics Helm Chart
+
+Installs the [kube-state-metrics agent](https://github.com/kubernetes/kube-state-metrics).
+
+## Get Repository Info
+<!-- textlint-disable -->
+```console
+helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+helm repo update
+```
+
+_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+<!-- textlint-enable -->
+
+## Install Chart
+
+```console
+helm install [RELEASE_NAME] prometheus-community/kube-state-metrics [flags]
+```
+
+_See [configuration](#configuration) below._
+
+_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
+
+## Uninstall Chart
+
+```console
+helm uninstall [RELEASE_NAME]
+```
+
+This removes all the Kubernetes components associated with the chart and deletes the release.
+
+_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
+
+## Upgrading Chart
+
+```console
+helm upgrade [RELEASE_NAME] prometheus-community/kube-state-metrics [flags]
+```
+
+_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
+
+### Migrating from stable/kube-state-metrics and kubernetes/kube-state-metrics
+
+You can upgrade in-place:
+
+1. [get repository info](#get-repository-info)
+1. [upgrade](#upgrading-chart) your existing release name using the new chart repository
+
+## Upgrading to v3.0.0
+
+v3.0.0 includes kube-state-metrics v2.0, see the [changelog](https://github.com/kubernetes/kube-state-metrics/blob/release-2.0/CHANGELOG.md) for major changes on the application-side.
+
+The upgraded chart now the following changes:
+
+* Dropped support for helm v2 (helm v3 or later is required)
+* collectors key was renamed to resources
+* namespace key was renamed to namespaces
+
+## Configuration
+
+See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments:
+
+```console
+helm show values prometheus-community/kube-state-metrics
+```
+
+### kube-rbac-proxy
+
+You can enable `kube-state-metrics` endpoint protection using `kube-rbac-proxy`. By setting `kubeRBACProxy.enabled: true`, this chart will deploy one RBAC proxy container per endpoint (metrics & telemetry).
+To authorize access, authenticate your requests (via a `ServiceAccount` for example) with a `ClusterRole` attached such as:
+
+```yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: kube-state-metrics-read
+rules:
+  - apiGroups: [ "" ]
+    resources: ["services/kube-state-metrics"]
+    verbs:
+      - get
+```
+
+See [kube-rbac-proxy examples](https://github.com/brancz/kube-rbac-proxy/tree/master/examples/resource-attributes) for more details.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/NOTES.txt b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/NOTES.txt
new file mode 100644
index 0000000000..3589c24ec3
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/NOTES.txt
@@ -0,0 +1,23 @@
+kube-state-metrics is a simple service that listens to the Kubernetes API server and generates metrics about the state of the objects.
+The exposed metrics can be found here:
+https://github.com/kubernetes/kube-state-metrics/blob/master/docs/README.md#exposed-metrics
+
+The metrics are exported on the HTTP endpoint /metrics on the listening port.
+In your case, {{ template "kube-state-metrics.fullname" . }}.{{ template "kube-state-metrics.namespace" . }}.svc.cluster.local:{{ .Values.service.port }}/metrics
+
+They are served either as plaintext or protobuf depending on the Accept header.
+They are designed to be consumed either by Prometheus itself or by a scraper that is compatible with scraping a Prometheus client endpoint.
+
+{{- if .Values.kubeRBACProxy.enabled}}
+
+kube-rbac-proxy endpoint protections is enabled:
+- Metrics endpoints are now HTTPS
+- Ensure that the client authenticates the requests (e.g. via service account) with the following role permissions:
+```
+rules:
+  - apiGroups: [ "" ]
+    resources: ["services/{{ template "kube-state-metrics.fullname" . }}"]
+    verbs:
+      - get
+```
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/_helpers.tpl
new file mode 100644
index 0000000000..ed277fbb53
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/_helpers.tpl
@@ -0,0 +1,196 @@
+# Rancher
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "monitoring_registry" -}}
+  {{- $temp_registry := (include "system_default_registry" .) -}}
+  {{- if $temp_registry -}}
+    {{- trimSuffix "/" $temp_registry -}}
+  {{- else -}}
+    {{- .Values.global.imageRegistry -}}
+  {{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "kube-state-metrics.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "kube-state-metrics.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "kube-state-metrics.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+    {{ default (include "kube-state-metrics.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Allow the release namespace to be overridden for multi-namespace deployments in combined charts
+*/}}
+{{- define "kube-state-metrics.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "kube-state-metrics.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Generate basic labels
+*/}}
+{{- define "kube-state-metrics.labels" }}
+helm.sh/chart: {{ template "kube-state-metrics.chart" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/component: metrics
+app.kubernetes.io/part-of: {{ template "kube-state-metrics.name" . }}
+{{- include "kube-state-metrics.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+{{- if .Values.customLabels }}
+{{ toYaml .Values.customLabels }}
+{{- end }}
+{{- if .Values.releaseLabel }}
+release: {{ .Release.Name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "kube-state-metrics.selectorLabels" }}
+{{- if .Values.selectorOverride }}
+{{ toYaml .Values.selectorOverride }}
+{{- else }}
+app.kubernetes.io/name: {{ include "kube-state-metrics.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+{{- end }}
+
+{{/* Sets default scrape limits for servicemonitor */}}
+{{- define "servicemonitor.scrapeLimits" -}}
+{{- with .sampleLimit }}
+sampleLimit: {{ . }}
+{{- end }}
+{{- with .targetLimit }}
+targetLimit: {{ . }}
+{{- end }}
+{{- with .labelLimit }}
+labelLimit: {{ . }}
+{{- end }}
+{{- with .labelNameLengthLimit }}
+labelNameLengthLimit: {{ . }}
+{{- end }}
+{{- with .labelValueLengthLimit }}
+labelValueLengthLimit: {{ . }}
+{{- end }}
+{{- end -}}
+
+{{/*
+Formats imagePullSecrets. Input is (dict "Values" .Values "imagePullSecrets" .{specific imagePullSecrets})
+*/}}
+{{- define "kube-state-metrics.imagePullSecrets" -}}
+{{- range (concat .Values.global.imagePullSecrets .imagePullSecrets) }}
+  {{- if eq (typeOf .) "map[string]interface {}" }}
+- {{ toYaml . | trim }}
+  {{- else }}
+- name: {{ . }}
+  {{- end }}
+{{- end }}
+{{- end -}}
+
+{{/*
+The image to use for kube-state-metrics
+*/}}
+{{- define "kube-state-metrics.image" -}}
+{{- $registry := (include "monitoring_registry" .) }}
+{{- if .Values.image.sha }}
+{{- if $registry }}
+{{- printf "%s/%s:%s@%s" $registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.sha }}
+{{- else }}
+{{- printf "%s/%s:%s@%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.sha }}
+{{- end }}
+{{- else }}
+{{- if $registry }}
+{{- printf "%s/%s:%s" $registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }}
+{{- else }}
+{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+The image to use for kubeRBACProxy
+*/}}
+{{- define "kubeRBACProxy.image" -}}
+{{- $registry := (include "monitoring_registry" .) }}
+{{- if .Values.kubeRBACProxy.image.sha }}
+{{- if $registry }}
+{{- printf "%s/%s:%s@%s" $registry .Values.kubeRBACProxy.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.kubeRBACProxy.image.tag) .Values.kubeRBACProxy.image.sha }}
+{{- else }}
+{{- printf "%s/%s:%s@%s" .Values.kubeRBACProxy.image.registry .Values.kubeRBACProxy.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.kubeRBACProxy.image.tag) .Values.kubeRBACProxy.image.sha }}
+{{- end }}
+{{- else }}
+{{- if $registry }}
+{{- printf "%s/%s:%s" $registry .Values.kubeRBACProxy.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.kubeRBACProxy.image.tag) }}
+{{- else }}
+{{- printf "%s/%s:%s" .Values.kubeRBACProxy.image.registry .Values.kubeRBACProxy.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.kubeRBACProxy.image.tag) }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/ciliumnetworkpolicy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/ciliumnetworkpolicy.yaml
new file mode 100644
index 0000000000..025cd47a88
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/ciliumnetworkpolicy.yaml
@@ -0,0 +1,33 @@
+{{- if and .Values.networkPolicy.enabled (eq .Values.networkPolicy.flavor "cilium") }}
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  {{- if .Values.annotations }}
+  annotations:
+    {{ toYaml .Values.annotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  name: {{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+spec:
+  endpointSelector:
+    matchLabels:
+      {{- include "kube-state-metrics.selectorLabels" . | indent 6 }}
+  egress:
+    {{- if and .Values.networkPolicy.cilium .Values.networkPolicy.cilium.kubeApiServerSelector }}
+      {{ toYaml .Values.networkPolicy.cilium.kubeApiServerSelector | nindent 6 }}
+    {{- else }}
+    - toEntities:
+      - kube-apiserver
+    {{- end }}
+  ingress:
+  - toPorts:
+    - ports:
+      - port: {{ .Values.service.port | quote }}
+        protocol: TCP
+      {{- if .Values.selfMonitor.enabled }}
+      - port: {{ .Values.selfMonitor.telemetryPort | default 8081 | quote }}
+        protocol: TCP
+      {{ end }}
+{{ end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/clusterrolebinding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000000..cf9f628d04
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/clusterrolebinding.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.rbac.create .Values.rbac.useClusterRole -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  name: {{ template "kube-state-metrics.fullname" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+{{- if .Values.rbac.useExistingRole }}
+  name: {{ .Values.rbac.useExistingRole }}
+{{- else }}
+  name: {{ template "kube-state-metrics.fullname" . }}
+{{- end }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "kube-state-metrics.serviceAccountName" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/crs-configmap.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/crs-configmap.yaml
new file mode 100644
index 0000000000..d38a75a51d
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/crs-configmap.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.customResourceState.enabled}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}-customresourcestate-config
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  {{- if .Values.annotations }}
+  annotations:
+    {{ toYaml .Values.annotations | nindent 4 }}
+  {{- end }}
+data:
+  config.yaml: |
+    {{- toYaml .Values.customResourceState.config | nindent 4 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/deployment.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/deployment.yaml
new file mode 100644
index 0000000000..03158eb948
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/deployment.yaml
@@ -0,0 +1,314 @@
+apiVersion: apps/v1
+{{- if .Values.autosharding.enabled }}
+kind: StatefulSet
+{{- else }}
+kind: Deployment
+{{- end }}
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  {{- if .Values.annotations }}
+  annotations:
+{{ toYaml .Values.annotations | indent 4 }}
+  {{- end }}
+spec:
+  selector:
+    matchLabels:
+      {{- include "kube-state-metrics.selectorLabels" . | indent 6 }}
+  replicas: {{ .Values.replicas }}
+  {{- if not .Values.autosharding.enabled }}
+  strategy:
+    type: {{ .Values.updateStrategy | default "RollingUpdate" }}
+  {{- end }}
+  revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
+  {{- if .Values.autosharding.enabled }}
+  serviceName: {{ template "kube-state-metrics.fullname" . }}
+  volumeClaimTemplates: []
+  {{- end }}
+  template:
+    metadata:
+      labels:
+        {{- include "kube-state-metrics.labels" . | indent 8 }}
+      {{- if .Values.podAnnotations }}
+      annotations:
+{{ toYaml .Values.podAnnotations | indent 8 }}
+      {{- end }}
+    spec:
+      hostNetwork: {{ .Values.hostNetwork }}
+      serviceAccountName: {{ template "kube-state-metrics.serviceAccountName" . }}
+      {{- if .Values.securityContext.enabled }}
+      securityContext: {{- omit .Values.securityContext "enabled" | toYaml | nindent 8 }}
+      {{- end }}
+    {{- if .Values.priorityClassName }}
+      priorityClassName: {{ .Values.priorityClassName }}
+    {{- end }}
+      {{- with .Values.initContainers }}
+      initContainers:
+      {{- toYaml . | nindent 6 }}
+      {{- end }}
+      containers:
+      {{- $servicePort := ternary 9090 (.Values.service.port | default 8080) .Values.kubeRBACProxy.enabled}}
+      {{- $telemetryPort := ternary 9091 (.Values.selfMonitor.telemetryPort | default 8081) .Values.kubeRBACProxy.enabled}}
+      - name: {{ template "kube-state-metrics.name" . }}
+        {{- if  .Values.autosharding.enabled }}
+        env:
+        - name: POD_NAME
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.name
+        - name: POD_NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        {{- end }}
+        args:
+        {{-  if .Values.extraArgs  }}
+        {{- .Values.extraArgs | toYaml | nindent 8 }}
+        {{-  end  }}
+        - --port={{ $servicePort }}
+        {{-  if .Values.collectors  }}
+        - --resources={{ .Values.collectors | join "," }}
+        {{-  end  }}
+        {{- if .Values.metricLabelsAllowlist }}
+        - --metric-labels-allowlist={{ .Values.metricLabelsAllowlist | join "," }}
+        {{- end }}
+        {{- if .Values.metricAnnotationsAllowList }}
+        - --metric-annotations-allowlist={{ .Values.metricAnnotationsAllowList | join "," }}
+        {{- end }}
+        {{- if .Values.metricAllowlist }}
+        - --metric-allowlist={{ .Values.metricAllowlist | join "," }}
+        {{- end }}
+        {{- if .Values.metricDenylist }}
+        - --metric-denylist={{ .Values.metricDenylist | join "," }}
+        {{- end }}
+        {{- $namespaces := list }}
+        {{- if .Values.namespaces }}
+        {{- range $ns := join "," .Values.namespaces | split "," }}
+        {{- $namespaces = append $namespaces (tpl $ns $) }}
+        {{- end }}
+        {{- end }}
+        {{- if .Values.releaseNamespace }}
+        {{- $namespaces = append $namespaces ( include "kube-state-metrics.namespace" . ) }}
+        {{- end }}
+        {{- if $namespaces }}
+        - --namespaces={{ $namespaces | mustUniq | join "," }}
+        {{- end }}
+        {{- if .Values.namespacesDenylist }}
+        - --namespaces-denylist={{ tpl (.Values.namespacesDenylist | join ",") $ }}
+        {{- end }}
+        {{- if .Values.autosharding.enabled }}
+        - --pod=$(POD_NAME)
+        - --pod-namespace=$(POD_NAMESPACE)
+        {{- end }}
+        {{- if .Values.kubeconfig.enabled }}
+        - --kubeconfig=/opt/k8s/.kube/config
+        {{- end }}
+        {{- if .Values.kubeRBACProxy.enabled }}
+        - --telemetry-host=127.0.0.1
+        - --telemetry-port={{ $telemetryPort }}
+        {{- else }}
+        {{- if .Values.selfMonitor.telemetryHost }}
+        - --telemetry-host={{ .Values.selfMonitor.telemetryHost }}
+        {{- end }}
+        {{- if .Values.selfMonitor.telemetryPort }}
+        - --telemetry-port={{ $telemetryPort }}
+        {{- end }}
+        {{- end }}
+        {{- if .Values.customResourceState.enabled }}
+        - --custom-resource-state-config-file=/etc/customresourcestate/config.yaml
+        {{- end }}
+        {{- if or (.Values.kubeconfig.enabled) (.Values.customResourceState.enabled) (.Values.volumeMounts) }}
+        volumeMounts:
+        {{- if .Values.kubeconfig.enabled }}
+        - name: kubeconfig
+          mountPath: /opt/k8s/.kube/
+          readOnly: true
+        {{- end }}
+        {{- if .Values.customResourceState.enabled }}
+        - name: customresourcestate-config
+          mountPath: /etc/customresourcestate
+          readOnly: true
+        {{- end }}
+        {{- if .Values.volumeMounts }}
+{{ toYaml .Values.volumeMounts | indent 8 }}
+        {{- end }}
+        {{- end }}
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        image: {{ include "kube-state-metrics.image" . }}
+        {{- if eq .Values.kubeRBACProxy.enabled false }}
+        ports:
+        - containerPort: {{ .Values.service.port | default 8080}}
+          name: "http"
+        {{- if .Values.selfMonitor.enabled }}
+        - containerPort: {{ $telemetryPort }}
+          name: "metrics"
+        {{- end }}
+        {{- end }}
+        livenessProbe:
+          failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+          httpGet:
+            {{- if .Values.hostNetwork }}
+            host: 127.0.0.1
+            {{- end }}
+            httpHeaders:
+            {{- range $_, $header := .Values.livenessProbe.httpGet.httpHeaders }}
+            - name: {{ $header.name }}
+              value: {{ $header.value }}
+            {{- end }}
+            path: /healthz
+            port: {{ $servicePort }}
+            scheme: {{ upper .Values.livenessProbe.httpGet.scheme }}
+          initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+          successThreshold: {{ .Values.livenessProbe.successThreshold }}
+          timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
+        readinessProbe:
+          failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+          httpGet:
+            {{- if .Values.hostNetwork }}
+            host: 127.0.0.1
+            {{- end }}
+            httpHeaders:
+            {{- range $_, $header := .Values.readinessProbe.httpGet.httpHeaders }}
+            - name: {{ $header.name }}
+              value: {{ $header.value }}
+            {{- end }}
+            path: /
+            port: {{ $servicePort }}
+            scheme: {{ upper .Values.readinessProbe.httpGet.scheme }}
+          initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+          successThreshold: {{ .Values.readinessProbe.successThreshold }}
+          timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
+        {{- if .Values.resources }}
+        resources:
+{{ toYaml .Values.resources | indent 10 }}
+{{- end }}
+{{- if .Values.containerSecurityContext }}
+        securityContext:
+{{ toYaml .Values.containerSecurityContext | indent 10 }}
+{{- end }}
+        {{-  if .Values.kubeRBACProxy.enabled  }}
+      - name: kube-rbac-proxy-http
+        args:
+        {{-  if .Values.kubeRBACProxy.extraArgs  }}
+        {{- .Values.kubeRBACProxy.extraArgs | toYaml | nindent 8 }}
+        {{-  end  }}
+        - --secure-listen-address=:{{ .Values.service.port | default 8080}}
+        - --upstream=http://127.0.0.1:{{ $servicePort }}/
+        - --proxy-endpoints-port=8888
+        - --config-file=/etc/kube-rbac-proxy-config/config-file.yaml
+        volumeMounts:
+          - name: kube-rbac-proxy-config
+            mountPath: /etc/kube-rbac-proxy-config
+          {{- with .Values.kubeRBACProxy.volumeMounts }}
+          {{- toYaml . | nindent 10 }}
+          {{- end }}
+        imagePullPolicy: {{ .Values.kubeRBACProxy.image.pullPolicy }}
+        image: {{ include "kubeRBACProxy.image" . }}
+        ports:
+          - containerPort: {{ .Values.service.port | default 8080}}
+            name: "http"
+          - containerPort: 8888
+            name: "http-healthz"
+        readinessProbe:
+          httpGet:
+            scheme: HTTPS
+            port: 8888
+            path: healthz
+          initialDelaySeconds: 5
+          timeoutSeconds: 5
+        {{- if .Values.kubeRBACProxy.resources }}
+        resources:
+{{ toYaml .Values.kubeRBACProxy.resources | indent 10 }}
+{{- end }}
+{{- if .Values.kubeRBACProxy.containerSecurityContext }}
+        securityContext:
+{{ toYaml .Values.kubeRBACProxy.containerSecurityContext | indent 10 }}
+{{- end }}
+      {{-  if .Values.selfMonitor.enabled  }}
+      - name: kube-rbac-proxy-telemetry
+        args:
+        {{-  if .Values.kubeRBACProxy.extraArgs  }}
+        {{- .Values.kubeRBACProxy.extraArgs | toYaml | nindent 8 }}
+        {{-  end  }}
+        - --secure-listen-address=:{{ .Values.selfMonitor.telemetryPort | default 8081 }}
+        - --upstream=http://127.0.0.1:{{ $telemetryPort }}/
+        - --proxy-endpoints-port=8889
+        - --config-file=/etc/kube-rbac-proxy-config/config-file.yaml
+        volumeMounts:
+          - name: kube-rbac-proxy-config
+            mountPath: /etc/kube-rbac-proxy-config
+          {{- with .Values.kubeRBACProxy.volumeMounts }}
+          {{- toYaml . | nindent 10 }}
+          {{- end }}
+        imagePullPolicy: {{ .Values.kubeRBACProxy.image.pullPolicy }}
+        image: {{ include "kubeRBACProxy.image" . }}
+        ports:
+          - containerPort: {{ .Values.selfMonitor.telemetryPort | default 8081 }}
+            name: "metrics"
+          - containerPort: 8889
+            name: "metrics-healthz"
+        readinessProbe:
+          httpGet:
+            scheme: HTTPS
+            port: 8889
+            path: healthz
+          initialDelaySeconds: 5
+          timeoutSeconds: 5
+        {{- if .Values.kubeRBACProxy.resources }}
+        resources:
+{{ toYaml .Values.kubeRBACProxy.resources | indent 10 }}
+{{- end }}
+{{- if .Values.kubeRBACProxy.containerSecurityContext }}
+        securityContext:
+{{ toYaml .Values.kubeRBACProxy.containerSecurityContext | indent 10 }}
+{{- end }}
+      {{- end }}
+      {{- end }}
+      {{- with .Values.containers }}
+      {{- toYaml . | nindent 6 }}
+      {{- end }}
+{{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }}
+      imagePullSecrets:
+        {{- include "kube-state-metrics.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.imagePullSecrets) | indent 8 }}
+      {{- end }}
+      {{- if .Values.affinity }}
+      affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      {{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+      {{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+      {{- end }}
+      {{- if .Values.topologySpreadConstraints }}
+      topologySpreadConstraints:
+{{ toYaml .Values.topologySpreadConstraints | indent 8 }}
+      {{- end }}
+      {{- if or (.Values.kubeconfig.enabled) (.Values.customResourceState.enabled) (.Values.volumes) (.Values.kubeRBACProxy.enabled) }}
+      volumes:
+      {{- if .Values.kubeconfig.enabled}}
+        - name: kubeconfig
+          secret:
+            secretName: {{ template "kube-state-metrics.fullname" . }}-kubeconfig
+      {{- end }}
+      {{- if .Values.kubeRBACProxy.enabled}}
+        - name: kube-rbac-proxy-config
+          configMap:
+            name: {{ template "kube-state-metrics.fullname" . }}-rbac-config
+      {{- end }}
+      {{- if .Values.customResourceState.enabled}}
+        - name: customresourcestate-config
+          configMap:
+            name: {{ template "kube-state-metrics.fullname" . }}-customresourcestate-config
+      {{- end }}
+      {{- if .Values.volumes }}
+{{ toYaml .Values.volumes | indent 8 }}
+      {{- end }}
+      {{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/extra-manifests.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/extra-manifests.yaml
new file mode 100644
index 0000000000..567f7bf329
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/extra-manifests.yaml
@@ -0,0 +1,4 @@
+{{ range .Values.extraManifests }}
+---
+{{ tpl (toYaml .) $ }}
+{{ end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/kubeconfig-secret.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/kubeconfig-secret.yaml
new file mode 100644
index 0000000000..6af0084502
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/kubeconfig-secret.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.kubeconfig.enabled -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}-kubeconfig
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+type: Opaque
+data:
+  config: '{{ .Values.kubeconfig.secret }}'
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/networkpolicy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/networkpolicy.yaml
new file mode 100644
index 0000000000..309b38ec54
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/networkpolicy.yaml
@@ -0,0 +1,43 @@
+{{- if and .Values.networkPolicy.enabled (eq .Values.networkPolicy.flavor "kubernetes") }}
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  {{- if .Values.annotations }}
+  annotations:
+    {{ toYaml .Values.annotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  name: {{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+spec:
+  {{- if .Values.networkPolicy.egress }}
+  ## Deny all egress by default
+  egress:
+    {{- toYaml .Values.networkPolicy.egress | nindent 4 }}
+  {{- end }}
+  ingress:
+  {{- if .Values.networkPolicy.ingress }}
+    {{- toYaml .Values.networkPolicy.ingress | nindent 4 }}
+  {{- else }}
+    ## Allow ingress on default ports by default
+  - ports:
+    - port: {{ .Values.service.port | default 8080 }}
+      protocol: TCP
+    {{- if .Values.selfMonitor.enabled }}
+    {{- $telemetryPort := ternary 9091 (.Values.selfMonitor.telemetryPort | default 8081) .Values.kubeRBACProxy.enabled}}
+    - port: {{ $telemetryPort }}
+      protocol: TCP
+    {{- end }}
+  {{- end }}
+  podSelector:
+    {{- if .Values.networkPolicy.podSelector }}
+    {{- toYaml .Values.networkPolicy.podSelector | nindent 4 }}
+    {{- else }}
+    matchLabels:
+      {{- include "kube-state-metrics.selectorLabels" . | indent 6 }}
+    {{- end }}
+  policyTypes:
+    - Ingress
+    - Egress
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/pdb.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/pdb.yaml
new file mode 100644
index 0000000000..3771b511de
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/pdb.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.podDisruptionBudget -}}
+{{ if $.Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" -}}
+apiVersion: policy/v1
+{{- else -}}
+apiVersion: policy/v1beta1
+{{- end }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }}
+{{ toYaml .Values.podDisruptionBudget | indent 2 }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/podsecuritypolicy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/podsecuritypolicy.yaml
new file mode 100644
index 0000000000..d9d944d740
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/podsecuritypolicy.yaml
@@ -0,0 +1,39 @@
+{{- if and .Values.rbac.create (and (or .Values.global.cattle.psp.enabled .Values.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy")) }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+{{- if .Values.podSecurityPolicy.annotations }}
+  annotations:
+{{ toYaml .Values.podSecurityPolicy.annotations | indent 4 }}
+{{- end }}
+spec:
+  privileged: false
+  volumes:
+    - 'secret'
+{{- if .Values.podSecurityPolicy.additionalVolumes }}
+{{ toYaml .Values.podSecurityPolicy.additionalVolumes | indent 4 }}
+{{- end }}
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      # Forbid adding the root group.
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      # Forbid adding the root group.
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/psp-clusterrole.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/psp-clusterrole.yaml
new file mode 100644
index 0000000000..c69e01a716
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/psp-clusterrole.yaml
@@ -0,0 +1,19 @@
+{{- if and .Values.rbac.create (and (or .Values.global.cattle.psp.enabled .Values.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy")) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  name: psp-{{ template "kube-state-metrics.fullname" . }}
+rules:
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }}
+- apiGroups: ['policy']
+{{- else }}
+- apiGroups: ['extensions']
+{{- end }}
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "kube-state-metrics.fullname" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/psp-clusterrolebinding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/psp-clusterrolebinding.yaml
new file mode 100644
index 0000000000..df81c49028
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/psp-clusterrolebinding.yaml
@@ -0,0 +1,16 @@
+{{- if and .Values.rbac.create (and (or .Values.global.cattle.psp.enabled .Values.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy")) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  name: psp-{{ template "kube-state-metrics.fullname" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: psp-{{ template "kube-state-metrics.fullname" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-state-metrics.serviceAccountName" . }}
+    namespace: {{ template "kube-state-metrics.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/rbac-configmap.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/rbac-configmap.yaml
new file mode 100644
index 0000000000..671dc9d660
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/rbac-configmap.yaml
@@ -0,0 +1,22 @@
+{{- if .Values.kubeRBACProxy.enabled}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}-rbac-config
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  {{- if .Values.annotations }}
+  annotations:
+    {{ toYaml .Values.annotations | nindent 4 }}
+  {{- end }}
+data:
+  config-file.yaml: |+
+    authorization:
+      resourceAttributes:
+        namespace: {{ template "kube-state-metrics.namespace" . }}
+        apiVersion: v1
+        resource: services
+        subresource: {{ template "kube-state-metrics.fullname" . }}
+        name: {{ template "kube-state-metrics.fullname" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/role.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/role.yaml
new file mode 100644
index 0000000000..0170878376
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/role.yaml
@@ -0,0 +1,215 @@
+{{- if not (kindIs "slice" .Values.collectors) }}
+{{- fail "Collectors need to be a List since kube-state-metrics chart 3.2.2. Please check README for more information."}}
+{{- end }}
+{{- if and (eq .Values.rbac.create true) (not .Values.rbac.useExistingRole) -}}
+{{- range (ternary (join "," .Values.namespaces | split "," ) (list "") (eq $.Values.rbac.useClusterRole false)) }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+{{- if eq $.Values.rbac.useClusterRole false }}
+kind: Role
+{{- else }}
+kind: ClusterRole
+{{- end }}
+metadata:
+  labels:
+    {{- include "kube-state-metrics.labels" $ | indent 4 }}
+  name: {{ template "kube-state-metrics.fullname" $ }}
+{{- if eq $.Values.rbac.useClusterRole false }}
+  namespace: {{ . }}
+{{- end }}
+rules:
+{{ if has "certificatesigningrequests" $.Values.collectors }}
+- apiGroups: ["certificates.k8s.io"]
+  resources:
+  - certificatesigningrequests
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "configmaps" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - configmaps
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "cronjobs" $.Values.collectors }}
+- apiGroups: ["batch"]
+  resources:
+  - cronjobs
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "daemonsets" $.Values.collectors }}
+- apiGroups: ["extensions", "apps"]
+  resources:
+  - daemonsets
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "deployments" $.Values.collectors }}
+- apiGroups: ["extensions", "apps"]
+  resources:
+  - deployments
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "endpoints" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - endpoints
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "endpointslices" $.Values.collectors }}
+- apiGroups: ["discovery.k8s.io"]
+  resources:
+  - endpointslices
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "horizontalpodautoscalers" $.Values.collectors }}
+- apiGroups: ["autoscaling"]
+  resources:
+  - horizontalpodautoscalers
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "ingresses" $.Values.collectors }}
+- apiGroups: ["extensions", "networking.k8s.io"]
+  resources:
+  - ingresses
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "jobs" $.Values.collectors }}
+- apiGroups: ["batch"]
+  resources:
+  - jobs
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "leases" $.Values.collectors }}
+- apiGroups: ["coordination.k8s.io"]
+  resources:
+  - leases
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "limitranges" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - limitranges
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "mutatingwebhookconfigurations" $.Values.collectors }}
+- apiGroups: ["admissionregistration.k8s.io"]
+  resources:
+    - mutatingwebhookconfigurations
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "namespaces" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - namespaces
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "networkpolicies" $.Values.collectors }}
+- apiGroups: ["networking.k8s.io"]
+  resources:
+  - networkpolicies
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "nodes" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - nodes
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "persistentvolumeclaims" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - persistentvolumeclaims
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "persistentvolumes" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - persistentvolumes
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "poddisruptionbudgets" $.Values.collectors }}
+- apiGroups: ["policy"]
+  resources:
+    - poddisruptionbudgets
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "pods" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - pods
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "replicasets" $.Values.collectors }}
+- apiGroups: ["extensions", "apps"]
+  resources:
+  - replicasets
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "replicationcontrollers" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - replicationcontrollers
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "resourcequotas" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - resourcequotas
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "secrets" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - secrets
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "services" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - services
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "statefulsets" $.Values.collectors }}
+- apiGroups: ["apps"]
+  resources:
+  - statefulsets
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "storageclasses" $.Values.collectors }}
+- apiGroups: ["storage.k8s.io"]
+  resources:
+    - storageclasses
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "validatingwebhookconfigurations" $.Values.collectors }}
+- apiGroups: ["admissionregistration.k8s.io"]
+  resources:
+    - validatingwebhookconfigurations
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "volumeattachments" $.Values.collectors }}
+- apiGroups: ["storage.k8s.io"]
+  resources:
+    - volumeattachments
+  verbs: ["list", "watch"]
+{{ end -}}
+{{-  if $.Values.kubeRBACProxy.enabled  }}
+- apiGroups: ["authentication.k8s.io"]
+  resources:
+    - tokenreviews
+  verbs: ["create"]
+- apiGroups: ["authorization.k8s.io"]
+  resources:
+    - subjectaccessreviews
+  verbs: ["create"]
+{{- end }}
+{{- if $.Values.customResourceState.enabled }}
+- apiGroups: ["apiextensions.k8s.io"]
+  resources:
+    - customresourcedefinitions
+  verbs: ["list", "watch"]
+{{- end }}
+{{ if $.Values.rbac.extraRules }}
+{{ toYaml $.Values.rbac.extraRules }}
+{{ end }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/rolebinding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/rolebinding.yaml
new file mode 100644
index 0000000000..330651b73f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/rolebinding.yaml
@@ -0,0 +1,24 @@
+{{- if and (eq  .Values.rbac.create true) (eq .Values.rbac.useClusterRole false) -}}
+{{- range (join "," $.Values.namespaces) | split "," }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  labels:
+    {{- include "kube-state-metrics.labels" $ | indent 4 }}
+  name: {{ template "kube-state-metrics.fullname" $ }}
+  namespace: {{ . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+{{- if (not $.Values.rbac.useExistingRole) }}
+  name: {{ template "kube-state-metrics.fullname" $ }}
+{{- else }}
+  name: {{ $.Values.rbac.useExistingRole }}
+{{- end }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "kube-state-metrics.serviceAccountName" $ }}
+  namespace: {{ template "kube-state-metrics.namespace" $ }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/service.yaml
new file mode 100644
index 0000000000..6c486a662a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/service.yaml
@@ -0,0 +1,49 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  annotations:
+    {{- if .Values.prometheusScrape }}
+    prometheus.io/scrape: '{{ .Values.prometheusScrape }}'
+    {{- end }}
+    {{- if .Values.service.annotations }}
+    {{- toYaml .Values.service.annotations | nindent 4 }}
+    {{- end }}
+spec:
+  type: "{{ .Values.service.type }}"
+  ports:
+  - name: "http"
+    protocol: TCP
+    port: {{ .Values.service.port | default 8080}}
+  {{- if .Values.service.nodePort }}
+    nodePort: {{ .Values.service.nodePort }}
+  {{- end }}
+    targetPort: {{ .Values.service.port | default 8080}}
+  {{ if .Values.selfMonitor.enabled }}
+  - name: "metrics"
+    protocol: TCP
+    port: {{ .Values.selfMonitor.telemetryPort | default 8081 }}
+    targetPort: {{ .Values.selfMonitor.telemetryPort | default 8081 }}
+  {{- if .Values.selfMonitor.telemetryNodePort }}
+    nodePort: {{ .Values.selfMonitor.telemetryNodePort }}
+  {{- end }}
+  {{ end }}
+{{- if .Values.service.loadBalancerIP }}
+  loadBalancerIP: "{{ .Values.service.loadBalancerIP }}"
+{{- end }}
+{{- if .Values.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range $cidr := .Values.service.loadBalancerSourceRanges }}
+    - {{ $cidr }}
+  {{- end }}
+{{- end }}
+{{- if .Values.autosharding.enabled }}
+  clusterIP: None
+{{- else if .Values.service.clusterIP }}
+  clusterIP: "{{ .Values.service.clusterIP }}"
+{{- end }}
+  selector:
+    {{- include "kube-state-metrics.selectorLabels" . | indent 4 }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/serviceaccount.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..38a93b31d1
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/serviceaccount.yaml
@@ -0,0 +1,17 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  name: {{ template "kube-state-metrics.serviceAccountName" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+{{- if .Values.serviceAccount.annotations }}
+  annotations:
+{{ toYaml .Values.serviceAccount.annotations | indent 4 }}
+{{- end }}
+{{- if or .Values.serviceAccount.imagePullSecrets .Values.global.imagePullSecrets }}
+imagePullSecrets:
+  {{- include "kube-state-metrics.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.serviceAccount.imagePullSecrets) | indent 2 }}
+{{- end }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/servicemonitor.yaml
new file mode 100644
index 0000000000..01ec44e067
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/servicemonitor.yaml
@@ -0,0 +1,126 @@
+{{- if .Values.prometheus.monitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  {{- with .Values.prometheus.monitor.additionalLabels }}
+    {{- tpl (toYaml . | nindent 4) $ }}
+  {{- end }}
+  {{- with .Values.prometheus.monitor.annotations }}
+  annotations:
+    {{- tpl (toYaml . | nindent 4) $ }}
+  {{- end }}
+spec:
+  jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.monitor.jobLabel }}
+  {{- with .Values.prometheus.monitor.targetLabels }}
+  targetLabels:
+    {{- toYaml . | trim | nindent 4 }}
+  {{- end }}
+  {{- with .Values.prometheus.monitor.podTargetLabels }}
+  podTargetLabels:
+    {{- toYaml . | trim | nindent 4 }}
+  {{- end }}
+  {{- include "servicemonitor.scrapeLimits" .Values.prometheus.monitor | indent 2 }}
+  {{- if .Values.prometheus.monitor.namespaceSelector }}
+  namespaceSelector:
+    matchNames:
+    {{- with .Values.prometheus.monitor.namespaceSelector }}
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+  {{- end }}
+  selector:
+    matchLabels:
+    {{- with .Values.prometheus.monitor.selectorOverride }}
+      {{- toYaml . | nindent 6 }}
+    {{- else }}
+      {{- include "kube-state-metrics.selectorLabels" . | indent 6 }}
+    {{- end }}
+  endpoints:
+    - port: http
+    {{- if .Values.prometheus.monitor.interval }}
+      interval: {{ .Values.prometheus.monitor.interval }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.scrapeTimeout }}
+      scrapeTimeout: {{ .Values.prometheus.monitor.scrapeTimeout }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.proxyUrl }}
+      proxyUrl: {{ .Values.prometheus.monitor.proxyUrl}}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.enableHttp2 }}
+      enableHttp2: {{ .Values.prometheus.monitor.enableHttp2}}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.honorLabels }}
+      honorLabels: true
+    {{- end }}
+      metricRelabelings:
+      {{- if .Values.prometheus.monitor.metricRelabelings }}
+        {{- toYaml .Values.prometheus.monitor.metricRelabelings | nindent 6 }}
+      {{- end }}
+      {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+      {{- end }}
+      {{ if .Values.global.cattle.clusterName }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.relabelings }}
+      relabelings:
+        {{- toYaml .Values.prometheus.monitor.relabelings | nindent 8 }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.scheme }}
+      scheme: {{ .Values.prometheus.monitor.scheme }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.tlsConfig }}
+      tlsConfig:
+        {{- toYaml .Values.prometheus.monitor.tlsConfig | nindent 8 }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.bearerTokenFile }}
+      bearerTokenFile: {{ .Values.prometheus.monitor.bearerTokenFile }}
+    {{- end }}
+    {{- with .Values.prometheus.monitor.bearerTokenSecret }}
+      bearerTokenSecret:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+  {{- if .Values.selfMonitor.enabled }}
+    - port: metrics
+    {{- if .Values.prometheus.monitor.interval }}
+      interval: {{ .Values.prometheus.monitor.interval }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.scrapeTimeout }}
+      scrapeTimeout: {{ .Values.prometheus.monitor.scrapeTimeout }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.proxyUrl }}
+      proxyUrl: {{ .Values.prometheus.monitor.proxyUrl}}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.enableHttp2 }}
+      enableHttp2: {{ .Values.prometheus.monitor.enableHttp2}}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.honorLabels }}
+      honorLabels: true
+    {{- end }}
+    {{- if .Values.prometheus.monitor.relabelings }}
+      relabelings:
+        {{- toYaml .Values.prometheus.monitor.relabelings | nindent 8 }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.scheme }}
+      scheme: {{ .Values.prometheus.monitor.scheme }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.tlsConfig }}
+      tlsConfig:
+        {{- toYaml .Values.prometheus.monitor.tlsConfig | nindent 8 }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.bearerTokenFile }}
+      bearerTokenFile: {{ .Values.prometheus.monitor.bearerTokenFile }}
+    {{- end }}
+    {{- with .Values.prometheus.monitor.bearerTokenSecret }}
+      bearerTokenSecret:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/stsdiscovery-role.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/stsdiscovery-role.yaml
new file mode 100644
index 0000000000..489de147c1
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/stsdiscovery-role.yaml
@@ -0,0 +1,26 @@
+{{- if and .Values.autosharding.enabled .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: stsdiscovery-{{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - get
+- apiGroups:
+  - apps
+  resourceNames:
+  - {{ template "kube-state-metrics.fullname" . }}
+  resources:
+  - statefulsets
+  verbs:
+  - get
+  - list
+  - watch
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml
new file mode 100644
index 0000000000..73b37a4f64
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.autosharding.enabled .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: stsdiscovery-{{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: stsdiscovery-{{ template "kube-state-metrics.fullname" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-state-metrics.serviceAccountName" . }}
+    namespace: {{ template "kube-state-metrics.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/verticalpodautoscaler.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/verticalpodautoscaler.yaml
new file mode 100644
index 0000000000..f46305b517
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/templates/verticalpodautoscaler.yaml
@@ -0,0 +1,44 @@
+{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1") (.Values.verticalPodAutoscaler.enabled) }}
+apiVersion: autoscaling.k8s.io/v1
+kind: VerticalPodAutoscaler
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+spec:
+  {{- with .Values.verticalPodAutoscaler.recommenders }}
+  recommenders:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  resourcePolicy:
+    containerPolicies:
+    - containerName: {{ template "kube-state-metrics.name" . }}
+      {{- with .Values.verticalPodAutoscaler.controlledResources }}
+      controlledResources:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- if .Values.verticalPodAutoscaler.controlledValues }}
+      controlledValues: {{ .Values.verticalPodAutoscaler.controlledValues }}
+      {{- end }}
+      {{- if .Values.verticalPodAutoscaler.maxAllowed }}
+      maxAllowed:
+        {{ toYaml .Values.verticalPodAutoscaler.maxAllowed | nindent 8 }}
+      {{- end }}
+      {{- if .Values.verticalPodAutoscaler.minAllowed }}
+      minAllowed:
+        {{ toYaml .Values.verticalPodAutoscaler.minAllowed | nindent 8 }}
+      {{- end }}
+  targetRef:
+    apiVersion: apps/v1
+    {{- if .Values.autosharding.enabled }}
+    kind: StatefulSet
+    {{- else }}
+    kind: Deployment
+    {{- end }}
+    name:  {{ template "kube-state-metrics.fullname" . }}
+  {{- with .Values.verticalPodAutoscaler.updatePolicy }}
+  updatePolicy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/values.yaml
new file mode 100644
index 0000000000..bc8ee28fda
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kube-state-metrics/values.yaml
@@ -0,0 +1,491 @@
+# Default values for kube-state-metrics.
+prometheusScrape: true
+image:
+  registry: docker.io
+  repository: rancher/mirrored-kube-state-metrics-kube-state-metrics
+  tag: v2.10.1
+  sha: ""
+  pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+# - name: "image-pull-secret"
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+
+  # To help compatibility with other charts which use global.imagePullSecrets.
+  # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style).
+  # global:
+  #   imagePullSecrets:
+  #   - name: pullSecret1
+  #   - name: pullSecret2
+  # or
+  # global:
+  #   imagePullSecrets:
+  #   - pullSecret1
+  #   - pullSecret2
+  imagePullSecrets: []
+  #
+  # Allow parent charts to override registry hostname
+  imageRegistry: ""
+
+# If set to true, this will deploy kube-state-metrics as a StatefulSet and the data
+# will be automatically sharded across <.Values.replicas> pods using the built-in
+# autodiscovery feature: https://github.com/kubernetes/kube-state-metrics#automated-sharding
+# This is an experimental feature and there are no stability guarantees.
+autosharding:
+  enabled: false
+
+replicas: 1
+
+# Change the deployment strategy when autosharding is disabled.
+# ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
+# The default is "RollingUpdate" as per Kubernetes defaults.
+# During a release, 'RollingUpdate' can lead to two running instances for a short period of time while 'Recreate' can create a small gap in data.
+# updateStrategy: Recreate
+
+# Number of old history to retain to allow rollback
+# Default Kubernetes value is set to 10
+revisionHistoryLimit: 10
+
+# List of additional cli arguments to configure kube-state-metrics
+# for example: --enable-gzip-encoding, --log-file, etc.
+# all the possible args can be found here: https://github.com/kubernetes/kube-state-metrics/blob/master/docs/cli-arguments.md
+extraArgs: []
+
+service:
+  port: 8080
+  # Default to clusterIP for backward compatibility
+  type: ClusterIP
+  nodePort: 0
+  loadBalancerIP: ""
+  # Only allow access to the loadBalancerIP from these IPs
+  loadBalancerSourceRanges: []
+  clusterIP: ""
+  annotations: {}
+
+## Additional labels to add to all resources
+customLabels: {}
+  # app: kube-state-metrics
+
+## Override selector labels
+selectorOverride: {}
+
+## set to true to add the release label so scraping of the servicemonitor with kube-prometheus-stack works out of the box
+releaseLabel: false
+
+hostNetwork: false
+
+rbac:
+  # If true, create & use RBAC resources
+  create: true
+
+  # Set to a rolename to use existing role - skipping role creating - but still doing serviceaccount and rolebinding to it, rolename set here.
+  # useExistingRole: your-existing-role
+
+  # If set to false - Run without Cluteradmin privs needed - ONLY works if namespace is also set (if useExistingRole is set this name is used as ClusterRole or Role to bind to)
+  useClusterRole: true
+
+  # Add permissions for CustomResources' apiGroups in Role/ClusterRole. Should be used in conjunction with Custom Resource State Metrics configuration
+  # Example:
+  # - apiGroups: ["monitoring.coreos.com"]
+  #   resources: ["prometheuses"]
+  #   verbs: ["list", "watch"]
+  extraRules: []
+
+# Configure kube-rbac-proxy. When enabled, creates one kube-rbac-proxy container per exposed HTTP endpoint (metrics and telemetry if enabled).
+# The requests are served through the same service but requests are then HTTPS.
+kubeRBACProxy:
+  enabled: false
+  image:
+    repository: rancher/mirrored-kube-rbac-proxy
+    tag: v0.14.0
+    sha: ""
+    pullPolicy: IfNotPresent
+
+  # List of additional cli arguments to configure kube-rbac-prxy
+  # for example: --tls-cipher-suites, --log-file, etc.
+  # all the possible args can be found here: https://github.com/brancz/kube-rbac-proxy#usage
+  extraArgs: []
+
+  ## Specify security settings for a Container
+  ## Allows overrides and additional options compared to (Pod) securityContext
+  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
+  containerSecurityContext:
+    readOnlyRootFilesystem: true
+    allowPrivilegeEscalation: false
+    capabilities:
+      drop:
+      - ALL
+
+  resources: {}
+    # We usually recommend not to specify default resources and to leave this as a conscious
+    # choice for the user. This also increases chances charts run on environments with little
+    # resources, such as Minikube. If you do want to specify resources, uncomment the following
+    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+    # limits:
+    #  cpu: 100m
+    #  memory: 64Mi
+    # requests:
+    #  cpu: 10m
+    #  memory: 32Mi
+
+  ## volumeMounts enables mounting custom volumes in rbac-proxy containers
+  ## Useful for TLS certificates and keys
+  volumeMounts: []
+    # - mountPath: /etc/tls
+    #   name: kube-rbac-proxy-tls
+    #   readOnly: true
+
+serviceAccount:
+  # Specifies whether a ServiceAccount should be created, require rbac true
+  create: true
+  # The name of the ServiceAccount to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name:
+  # Reference to one or more secrets to be used when pulling images
+  # ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+  imagePullSecrets: []
+  # ServiceAccount annotations.
+  # Use case: AWS EKS IAM roles for service accounts
+  # ref: https://docs.aws.amazon.com/eks/latest/userguide/specify-service-account-role.html
+  annotations: {}
+
+prometheus:
+  monitor:
+    enabled: false
+    annotations: {}
+    additionalLabels: {}
+    namespace: ""
+    namespaceSelector: []
+    jobLabel: ""
+    targetLabels: []
+    podTargetLabels: []
+    interval: ""
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+    scrapeTimeout: ""
+    proxyUrl: ""
+    ## Whether to enable HTTP2 for servicemonitor
+    # enableHttp2: false
+    selectorOverride: {}
+    honorLabels: false
+    metricRelabelings: []
+    relabelings: []
+    scheme: ""
+    ## File to read bearer token for scraping targets
+    bearerTokenFile: ""
+    ## Secret to mount to read bearer token for scraping targets. The secret needs
+    ## to be in the same namespace as the service monitor and accessible by the
+    ## Prometheus Operator
+    bearerTokenSecret: {}
+      # name: secret-name
+      # key:  key-name
+    tlsConfig: {}
+
+## Specify if a Pod Security Policy for kube-state-metrics must be created
+## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
+##
+podSecurityPolicy:
+  annotations: {}
+    ## Specify pod annotations
+    ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#apparmor
+    ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#seccomp
+    ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#sysctl
+    ##
+    # seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*'
+    # seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default'
+    # apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
+
+  additionalVolumes: []
+
+## Configure network policy for kube-state-metrics
+networkPolicy:
+  enabled: false
+  # networkPolicy.flavor -- Flavor of the network policy to use.
+  # Can be:
+  # * kubernetes for networking.k8s.io/v1/NetworkPolicy
+  # * cilium     for cilium.io/v2/CiliumNetworkPolicy
+  flavor: kubernetes
+
+  ## Configure the cilium network policy kube-apiserver selector
+  # cilium:
+    # kubeApiServerSelector:
+      # - toEntities:
+      #   - kube-apiserver
+
+  # egress:
+  # - {}
+  # ingress:
+  # - {}
+  # podSelector:
+  #   matchLabels:
+  #     app.kubernetes.io/name: kube-state-metrics
+
+securityContext:
+  enabled: true
+  runAsGroup: 65534
+  runAsUser: 65534
+  fsGroup: 65534
+  runAsNonRoot: true
+  seccompProfile:
+    type: RuntimeDefault
+
+## Specify security settings for a Container
+## Allows overrides and additional options compared to (Pod) securityContext
+## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
+containerSecurityContext:
+  readOnlyRootFilesystem: true
+  allowPrivilegeEscalation: false
+  capabilities:
+    drop:
+    - ALL
+
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+nodeSelector: {}
+
+## Affinity settings for pod assignment
+## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+affinity: {}
+
+## Tolerations for pod assignment
+## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+tolerations: []
+
+## Topology spread constraints for pod assignment
+## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
+topologySpreadConstraints: []
+
+# Annotations to be added to the deployment/statefulset
+annotations: {}
+
+# Annotations to be added to the pod
+podAnnotations: {}
+
+## Assign a PriorityClassName to pods if set
+# priorityClassName: ""
+
+# Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
+podDisruptionBudget: {}
+
+# Comma-separated list of metrics to be exposed.
+# This list comprises of exact metric names and/or regex patterns.
+# The allowlist and denylist are mutually exclusive.
+metricAllowlist: []
+
+# Comma-separated list of metrics not to be enabled.
+# This list comprises of exact metric names and/or regex patterns.
+# The allowlist and denylist are mutually exclusive.
+metricDenylist: []
+
+# Comma-separated list of additional Kubernetes label keys that will be used in the resource's
+# labels metric. By default the metric contains only name and namespace labels.
+# To include additional labels, provide a list of resource names in their plural form and Kubernetes
+# label keys you would like to allow for them (Example: '=namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...)'.
+# A single '*' can be provided per resource instead to allow any labels, but that has
+# severe performance implications (Example: '=pods=[*]').
+metricLabelsAllowlist: []
+  # - namespaces=[k8s-label-1,k8s-label-n]
+
+# Comma-separated list of Kubernetes annotations keys that will be used in the resource'
+# labels metric. By default the metric contains only name and namespace labels.
+# To include additional annotations provide a list of resource names in their plural form and Kubernetes
+# annotation keys you would like to allow for them (Example: '=namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...)'.
+# A single '*' can be provided per resource instead to allow any annotations, but that has
+# severe performance implications (Example: '=pods=[*]').
+metricAnnotationsAllowList: []
+  # - pods=[k8s-annotation-1,k8s-annotation-n]
+
+# Available collectors for kube-state-metrics.
+# By default, all available resources are enabled, comment out to disable.
+collectors:
+  - certificatesigningrequests
+  - configmaps
+  - cronjobs
+  - daemonsets
+  - deployments
+  - endpoints
+  - horizontalpodautoscalers
+  - ingresses
+  - jobs
+  - leases
+  - limitranges
+  - mutatingwebhookconfigurations
+  - namespaces
+  - networkpolicies
+  - nodes
+  - persistentvolumeclaims
+  - persistentvolumes
+  - poddisruptionbudgets
+  - pods
+  - replicasets
+  - replicationcontrollers
+  - resourcequotas
+  - secrets
+  - services
+  - statefulsets
+  - storageclasses
+  - validatingwebhookconfigurations
+  - volumeattachments
+
+# Enabling kubeconfig will pass the --kubeconfig argument to the container
+kubeconfig:
+  enabled: false
+  # base64 encoded kube-config file
+  secret:
+
+# Enabling support for customResourceState, will create a configMap including your config that will be read from kube-state-metrics
+customResourceState:
+  enabled: false
+  # Add (Cluster)Role permissions to list/watch the customResources defined in the config to rbac.extraRules
+  config: {}
+
+# Enable only the release namespace for collecting resources. By default all namespaces are collected.
+# If releaseNamespace and namespaces are both set a merged list will be collected.
+releaseNamespace: false
+
+# Comma-separated list(string) or yaml list of namespaces to be enabled for collecting resources. By default all namespaces are collected.
+namespaces: ""
+
+# Comma-separated list of namespaces not to be enabled. If namespaces and namespaces-denylist are both set,
+# only namespaces that are excluded in namespaces-denylist will be used.
+namespacesDenylist: ""
+
+## Override the deployment namespace
+##
+namespaceOverride: ""
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #  cpu: 100m
+  #  memory: 64Mi
+  # requests:
+  #  cpu: 10m
+  #  memory: 32Mi
+
+## Provide a k8s version to define apiGroups for podSecurityPolicy Cluster Role.
+## For example: kubeTargetVersionOverride: 1.14.9
+##
+kubeTargetVersionOverride: ""
+
+# Enable self metrics configuration for service and Service Monitor
+# Default values for telemetry configuration can be overridden
+# If you set telemetryNodePort, you must also set service.type to NodePort
+selfMonitor:
+  enabled: false
+  # telemetryHost: 0.0.0.0
+  # telemetryPort: 8081
+  # telemetryNodePort: 0
+
+# Enable vertical pod autoscaler support for kube-state-metrics
+verticalPodAutoscaler:
+  enabled: false
+
+  # Recommender responsible for generating recommendation for the object.
+  # List should be empty (then the default recommender will generate the recommendation)
+  # or contain exactly one recommender.
+  # recommenders: []
+  # - name: custom-recommender-performance
+
+  # List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
+  controlledResources: []
+  # Specifies which resource values should be controlled: RequestsOnly or RequestsAndLimits.
+  # controlledValues: RequestsAndLimits
+
+  # Define the max allowed resources for the pod
+  maxAllowed: {}
+  # cpu: 200m
+  # memory: 100Mi
+  # Define the min allowed resources for the pod
+  minAllowed: {}
+  # cpu: 200m
+  # memory: 100Mi
+
+  # updatePolicy:
+    # Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction
+    # minReplicas: 1
+    # Specifies whether recommended updates are applied when a Pod is started and whether recommended updates
+    # are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto".
+    # updateMode: Auto
+
+# volumeMounts are used to add custom volume mounts to deployment.
+# See example below
+volumeMounts: []
+#  - mountPath: /etc/config
+#    name: config-volume
+
+# volumes are used to add custom volumes to deployment
+# See example below
+volumes: []
+#  - configMap:
+#      name: cm-for-volume
+#    name: config-volume
+
+# Extra manifests to deploy as an array
+extraManifests: []
+  # - apiVersion: v1
+  #   kind: ConfigMap
+  #   metadata:
+  #   labels:
+  #     name: prometheus-extra
+  #   data:
+  #     extra-data: "value"
+
+## Containers allows injecting additional containers.
+containers: []
+  # - name: crd-init
+  #   image: kiwigrid/k8s-sidecar:latest
+
+## InitContainers allows injecting additional initContainers.
+initContainers: []
+  # - name: crd-sidecar
+  #   image: kiwigrid/k8s-sidecar:latest
+
+## Liveness probe
+##
+livenessProbe:
+  failureThreshold: 3
+  httpGet:
+    httpHeaders: []
+    scheme: http
+  initialDelaySeconds: 5
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 5
+
+## Readiness probe
+##
+readinessProbe:
+  failureThreshold: 3
+  httpGet:
+    httpHeaders: []
+    scheme: http
+  initialDelaySeconds: 5
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 5
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/Chart.yaml
new file mode 100644
index 0000000000..b2b1ac4a4c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: kubeAdmControllerManager
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmControllerManager/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/Chart.yaml
new file mode 100644
index 0000000000..58f834989e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: kubeAdmEtcd
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmEtcd/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/Chart.yaml
new file mode 100644
index 0000000000..d96f71a9a5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: kubeAdmProxy
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmProxy/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/Chart.yaml
new file mode 100644
index 0000000000..42e0049cc5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: kubeAdmScheduler
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/kubeAdmScheduler/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/.helmignore
new file mode 100644
index 0000000000..f0c1319444
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/Chart.yaml
new file mode 100644
index 0000000000..d067725a17
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/Chart.yaml
@@ -0,0 +1,28 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-prometheus-adapter
+apiVersion: v1
+appVersion: v0.10.0
+description: A Helm chart for k8s prometheus adapter
+home: https://github.com/kubernetes-sigs/prometheus-adapter
+keywords:
+- hpa
+- metrics
+- prometheus
+- adapter
+kubeVersion: '>=1.26.0-0'
+maintainers:
+- email: mattias.gees@jetstack.io
+  name: mattiasgees
+- name: steven-sheehy
+- email: hfernandez@mesosphere.com
+  name: hectorj2f
+name: prometheus-adapter
+sources:
+- https://github.com/kubernetes/charts
+- https://github.com/kubernetes-sigs/prometheus-adapter
+version: 4.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/README.md
new file mode 100644
index 0000000000..d77bb0c920
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/README.md
@@ -0,0 +1,160 @@
+# Prometheus Adapter
+
+Installs the [Prometheus Adapter](https://github.com/kubernetes-sigs/prometheus-adapter) for the Custom Metrics API. Custom metrics are used in Kubernetes by [Horizontal Pod Autoscalers](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) to scale workloads based upon your own metric pulled from an external metrics provider like Prometheus. This chart complements the [metrics-server](https://github.com/helm/charts/tree/master/stable/metrics-server) chart that provides resource only metrics.
+
+## Prerequisites
+
+Kubernetes 1.14+
+
+## Get Helm Repositories Info
+
+```console
+helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+helm repo update
+```
+
+_See [`helm repo`](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+
+## Install Helm Chart
+
+```console
+helm install [RELEASE_NAME] prometheus-community/prometheus-adapter
+```
+
+_See [configuration](#configuration) below._
+
+_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
+
+## Uninstall Helm Chart
+
+```console
+helm uninstall [RELEASE_NAME]
+```
+
+This removes all the Kubernetes components associated with the chart and deletes the release.
+
+_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
+
+## Upgrading Helm Chart
+
+```console
+helm upgrade [RELEASE_NAME] [CHART] --install
+```
+
+_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
+
+### To 4.2.0
+
+Readiness and liveness probes are now fully configurable through values `readinessProbe` and `livenessProbe`. The previous values have been kept as defaults.
+
+### To 4.0.0
+
+Previously, security context of the container was set directly in the deployment template. This release makes it configurable through the new configuration variable `securityContext` whilst keeping the previously set values as defaults. Furthermore, previous variable `runAsUser` is now set in `securityContext` and is not used any longer. Please, use `securityContext.runAsUser` instead. In the same security context, `seccompProfile` has been enabled and set to type `RuntimeDefault`.
+
+### To 3.0.0
+
+Due to a change in deployment labels, the upgrade requires `helm upgrade --force` in order to re-create the deployment.
+
+## Configuration
+
+See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands:
+
+```console
+helm show values prometheus-community/prometheus-adapter
+```
+
+### Prometheus Service Endpoint
+
+To use the chart, ensure the `prometheus.url` and `prometheus.port` are configured with the correct Prometheus service endpoint. If Prometheus is exposed under HTTPS the host's CA Bundle must be exposed to the container using `extraVolumes` and `extraVolumeMounts`.
+
+### Adapter Rules
+
+Additionally, the chart comes with a set of default rules out of the box but they may pull in too many metrics or not map them correctly for your needs. Therefore, it is recommended to populate `rules.custom` with a list of rules (see the [config document](https://github.com/kubernetes-sigs/prometheus-adapter/blob/master/docs/config.md) for the proper format).
+
+### Horizontal Pod Autoscaler Metrics
+
+Finally, to configure your Horizontal Pod Autoscaler to use the custom metric, see the custom metrics section of the [HPA walkthrough](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/#autoscaling-on-multiple-metrics-and-custom-metrics).
+
+The Prometheus Adapter can serve three different [metrics APIs](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#support-for-metrics-apis):
+
+### Custom Metrics
+
+Enabling this option will cause custom metrics to be served at `/apis/custom.metrics.k8s.io/v1beta1`. Enabled by default when `rules.default` is true, but can be customized by populating `rules.custom`:
+
+```yaml
+rules:
+  custom:
+  - seriesQuery: '{__name__=~"^some_metric_count$"}'
+    resources:
+      template: <<.Resource>>
+    name:
+      matches: ""
+      as: "my_custom_metric"
+    metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>}) by (<<.GroupBy>>)
+```
+
+### External Metrics
+
+Enabling this option will cause external metrics to be served at `/apis/external.metrics.k8s.io/v1beta1`. Can be enabled by populating `rules.external`:
+
+```yaml
+rules:
+  external:
+  - seriesQuery: '{__name__=~"^some_metric_count$"}'
+    resources:
+      template: <<.Resource>>
+    name:
+      matches: ""
+      as: "my_external_metric"
+    metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>}) by (<<.GroupBy>>)
+```
+
+### Resource Metrics
+
+Enabling this option will cause resource metrics to be served at `/apis/metrics.k8s.io/v1beta1`. Resource metrics will allow pod CPU and Memory metrics to be used in [Horizontal Pod Autoscalers](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) as well as the `kubectl top` command. Can be enabled by populating `rules.resource`:
+
+```yaml
+rules:
+  resource:
+    cpu:
+      containerQuery: |
+        sum by (<<.GroupBy>>) (
+          rate(container_cpu_usage_seconds_total{container!="",<<.LabelMatchers>>}[3m])
+        )
+      nodeQuery: |
+        sum  by (<<.GroupBy>>) (
+          rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal",<<.LabelMatchers>>}[3m])
+        )
+      resources:
+        overrides:
+          node:
+            resource: node
+          namespace:
+            resource: namespace
+          pod:
+            resource: pod
+      containerLabel: container
+    memory:
+      containerQuery: |
+        sum by (<<.GroupBy>>) (
+          avg_over_time(container_memory_working_set_bytes{container!="",<<.LabelMatchers>>}[3m])
+        )
+      nodeQuery: |
+        sum by (<<.GroupBy>>) (
+          avg_over_time(node_memory_MemTotal_bytes{<<.LabelMatchers>>}[3m])
+          -
+          avg_over_time(node_memory_MemAvailable_bytes{<<.LabelMatchers>>}[3m])
+        )
+      resources:
+        overrides:
+          node:
+            resource: node
+          namespace:
+            resource: namespace
+          pod:
+            resource: pod
+      containerLabel: container
+    window: 3m
+```
+
+**NOTE:** Setting a value for `rules.resource` will also deploy the resource metrics API service, providing the same functionality as [metrics-server](https://github.com/helm/charts/tree/master/stable/metrics-server). As such it is not possible to deploy them both in the same cluster.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/NOTES.txt b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/NOTES.txt
new file mode 100644
index 0000000000..b7b9b99322
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/NOTES.txt
@@ -0,0 +1,9 @@
+{{ template "k8s-prometheus-adapter.fullname" .  }} has been deployed.
+In a few minutes you should be able to list metrics using the following command(s):
+{{ if .Values.rules.resource }}
+  kubectl get --raw /apis/metrics.k8s.io/v1beta1
+{{- end }}
+  kubectl get --raw /apis/custom.metrics.k8s.io/v1beta1
+{{ if .Values.rules.external }}
+  kubectl get --raw /apis/external.metrics.k8s.io/v1beta1
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/_helpers.tpl
new file mode 100644
index 0000000000..edbb829b2b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/_helpers.tpl
@@ -0,0 +1,113 @@
+# Rancher
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "k8s-prometheus-adapter.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "k8s-prometheus-adapter.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Allow the release namespace to be overridden for multi-namespace deployments in combined charts
+*/}}
+{{- define "k8s-prometheus-adapter.namespace" -}}
+{{- default .Release.Namespace .Values.namespaceOverride -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "k8s-prometheus-adapter.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Generate basic labels
+*/}}
+{{- define "k8s-prometheus-adapter.labels" }}
+helm.sh/chart: {{ include "k8s-prometheus-adapter.chart" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/component: metrics
+app.kubernetes.io/part-of: {{ template "k8s-prometheus-adapter.name" . }}
+{{- include "k8s-prometheus-adapter.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+{{- if .Values.customLabels }}
+{{ toYaml .Values.customLabels }}
+{{- end }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "k8s-prometheus-adapter.selectorLabels" }}
+app.kubernetes.io/name: {{ include "k8s-prometheus-adapter.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "k8s-prometheus-adapter.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+    {{ default (include "k8s-prometheus-adapter.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/* Get Policy API Version */}}
+{{- define "k8s-prometheus-adapter.pdb.apiVersion" -}}
+{{- if and (.Capabilities.APIVersions.Has "policy/v1") (semverCompare ">= 1.21-0" .Capabilities.KubeVersion.Version) -}}
+    {{- print "policy/v1" -}}
+{{- else -}}
+    {{- print "policy/v1beta1" -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/certmanager.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/certmanager.yaml
new file mode 100644
index 0000000000..4e32c964c6
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/certmanager.yaml
@@ -0,0 +1,76 @@
+{{- if .Values.certManager.enabled -}}
+---
+# Create a selfsigned Issuer, in order to create a root CA certificate for
+# signing webhook serving certificates
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}-self-signed-issuer
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+spec:
+  selfSigned: {}
+---
+# Generate a CA Certificate used to sign certificates for the webhook
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}-root-cert
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+spec:
+  secretName: {{ template "k8s-prometheus-adapter.fullname" . }}-root-cert
+  duration: {{ .Values.certManager.caCertDuration }}
+  issuerRef:
+    name: {{ template "k8s-prometheus-adapter.fullname" . }}-self-signed-issuer
+  commonName: "ca.webhook.prometheus-adapter"
+  isCA: true
+---
+# Create an Issuer that uses the above generated CA certificate to issue certs
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}-root-issuer
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+spec:
+  ca:
+    secretName: {{ template "k8s-prometheus-adapter.fullname" . }}-root-cert
+---
+# Finally, generate a serving certificate for the apiservices to use
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}-cert
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+spec:
+  secretName: {{ template "k8s-prometheus-adapter.fullname" . }}
+  duration: {{ .Values.certManager.certDuration }}
+  issuerRef:
+    name: {{ template "k8s-prometheus-adapter.fullname" . }}-root-issuer
+  dnsNames:
+  - {{ template "k8s-prometheus-adapter.fullname" . }}
+  - {{ template "k8s-prometheus-adapter.fullname" . }}.{{ include "k8s-prometheus-adapter.namespace" . }}
+  - {{ template "k8s-prometheus-adapter.fullname" . }}.{{ include "k8s-prometheus-adapter.namespace" . }}.svc
+{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/cluster-role-binding-auth-delegator.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/cluster-role-binding-auth-delegator.yaml
new file mode 100644
index 0000000000..6701e6ba08
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/cluster-role-binding-auth-delegator.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-system-auth-delegator
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: system:auth-delegator
+subjects:
+- kind: ServiceAccount
+  name: {{ template "k8s-prometheus-adapter.serviceAccountName" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/cluster-role-binding-resource-reader.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/cluster-role-binding-resource-reader.yaml
new file mode 100644
index 0000000000..67efd2aa2f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/cluster-role-binding-resource-reader.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-resource-reader
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "k8s-prometheus-adapter.name" . }}-resource-reader
+subjects:
+- kind: ServiceAccount
+  name: {{ template "k8s-prometheus-adapter.serviceAccountName" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/cluster-role-resource-reader.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/cluster-role-resource-reader.yaml
new file mode 100644
index 0000000000..2c690a03cc
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/cluster-role-resource-reader.yaml
@@ -0,0 +1,24 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-resource-reader
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - namespaces
+  - pods
+  - services
+  - configmaps
+  verbs:
+  - get
+  - list
+  - watch
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/configmap.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/configmap.yaml
new file mode 100644
index 0000000000..17f415d970
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/configmap.yaml
@@ -0,0 +1,97 @@
+{{- if not .Values.rules.existing -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+data:
+  config.yaml: |
+{{- if or .Values.rules.default .Values.rules.custom }}
+    rules:
+{{- if .Values.rules.default }}
+    - seriesQuery: '{__name__=~"^container_.*",container!="POD",namespace!="",pod!=""}'
+      seriesFilters: []
+      resources:
+        overrides:
+          namespace:
+            resource: namespace
+          pod:
+            resource: pod
+      name:
+        matches: ^container_(.*)_seconds_total$
+        as: ""
+      metricsQuery: sum(rate(<<.Series>>{<<.LabelMatchers>>,container!="POD"}[5m]))
+        by (<<.GroupBy>>)
+    - seriesQuery: '{__name__=~"^container_.*",container!="POD",namespace!="",pod!=""}'
+      seriesFilters:
+      - isNot: ^container_.*_seconds_total$
+      resources:
+        overrides:
+          namespace:
+            resource: namespace
+          pod:
+            resource: pod
+      name:
+        matches: ^container_(.*)_total$
+        as: ""
+      metricsQuery: sum(rate(<<.Series>>{<<.LabelMatchers>>,container!="POD"}[5m]))
+        by (<<.GroupBy>>)
+    - seriesQuery: '{__name__=~"^container_.*",container!="POD",namespace!="",pod!=""}'
+      seriesFilters:
+      - isNot: ^container_.*_total$
+      resources:
+        overrides:
+          namespace:
+            resource: namespace
+          pod:
+            resource: pod
+      name:
+        matches: ^container_(.*)$
+        as: ""
+      metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>,container!="POD"}) by (<<.GroupBy>>)
+    - seriesQuery: '{namespace!="",__name__!~"^container_.*"}'
+      seriesFilters:
+      - isNot: .*_total$
+      resources:
+        template: <<.Resource>>
+      name:
+        matches: ""
+        as: ""
+      metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>}) by (<<.GroupBy>>)
+    - seriesQuery: '{namespace!="",__name__!~"^container_.*"}'
+      seriesFilters:
+      - isNot: .*_seconds_total
+      resources:
+        template: <<.Resource>>
+      name:
+        matches: ^(.*)_total$
+        as: ""
+      metricsQuery: sum(rate(<<.Series>>{<<.LabelMatchers>>}[5m])) by (<<.GroupBy>>)
+    - seriesQuery: '{namespace!="",__name__!~"^container_.*"}'
+      seriesFilters: []
+      resources:
+        template: <<.Resource>>
+      name:
+        matches: ^(.*)_seconds_total$
+        as: ""
+      metricsQuery: sum(rate(<<.Series>>{<<.LabelMatchers>>}[5m])) by (<<.GroupBy>>)
+{{- end -}}
+{{- if .Values.rules.custom }}
+{{ toYaml .Values.rules.custom | indent 4 }}
+{{- end -}}
+{{- end -}}
+{{- if .Values.rules.external }}
+    externalRules:
+{{ toYaml .Values.rules.external | indent 4 }}
+{{- end -}}
+{{- if .Values.rules.resource }}
+    resourceRules:
+{{ toYaml .Values.rules.resource | indent 6 }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-apiservice.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-apiservice.yaml
new file mode 100644
index 0000000000..8b7b4e555e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-apiservice.yaml
@@ -0,0 +1,34 @@
+{{- if or .Values.rules.default .Values.rules.custom }}
+{{- if .Capabilities.APIVersions.Has "apiregistration.k8s.io/v1" }}
+apiVersion: apiregistration.k8s.io/v1
+{{- else }}
+apiVersion: apiregistration.k8s.io/v1beta1
+{{- end }}
+kind: APIService
+metadata:
+{{- if or .Values.certManager.enabled .Values.customAnnotations }}
+  annotations:
+    certmanager.k8s.io/inject-ca-from: {{ printf "%s/%s-root-cert" (include "k8s-prometheus-adapter.namespace" .) (include "k8s-prometheus-adapter.fullname" .) | quote }}
+    cert-manager.io/inject-ca-from: {{ printf "%s/%s-root-cert" (include "k8s-prometheus-adapter.namespace" .) (include "k8s-prometheus-adapter.fullname" .) | quote }}
+    {{- if .Values.customAnnotations }}
+    {{- toYaml .Values.customAnnotations | nindent 4 }}
+    {{- end }}
+{{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: v1beta1.custom.metrics.k8s.io
+spec:
+  service:
+    name: {{ template "k8s-prometheus-adapter.fullname" . }}
+    namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+  {{- if .Values.tls.enable }}
+  caBundle: {{ b64enc .Values.tls.ca }}
+  {{- end }}
+  group: custom.metrics.k8s.io
+  version: v1beta1
+  {{- if not (or .Values.tls.enable .Values.certManager.enabled) }}
+  insecureSkipTLSVerify: true
+  {{- end }}
+  groupPriorityMinimum: 100
+  versionPriority: 100
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-cluster-role-binding-hpa.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-cluster-role-binding-hpa.yaml
new file mode 100644
index 0000000000..0cc6920836
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-cluster-role-binding-hpa.yaml
@@ -0,0 +1,24 @@
+{{- /*
+This if must be aligned with custom-metrics-cluster-role.yaml
+as otherwise this binding will point to not existing role.
+*/ -}}
+{{- if and .Values.rbac.create (or .Values.rules.default .Values.rules.custom) -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-hpa-controller
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "k8s-prometheus-adapter.name" . }}-server-resources
+subjects:
+- kind: ServiceAccount
+  name: {{ template "k8s-prometheus-adapter.serviceAccountName" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-cluster-role.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-cluster-role.yaml
new file mode 100644
index 0000000000..4aa15ffe99
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-cluster-role.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.rbac.create (or .Values.rules.default .Values.rules.custom) -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-server-resources
+rules:
+- apiGroups:
+  - custom.metrics.k8s.io
+  resources: ["*"]
+  verbs: ["*"]
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/deployment.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/deployment.yaml
new file mode 100644
index 0000000000..a7ea3310a0
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/deployment.yaml
@@ -0,0 +1,143 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  {{- if or .Values.customAnnotations .Values.deploymentAnnotations }}
+  annotations:
+    {{- with .Values.customAnnotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+    {{- with .Values.deploymentAnnotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+spec:
+  replicas: {{ .Values.replicas }}
+  strategy: {{ toYaml .Values.strategy | nindent 4 }}
+  selector:
+    matchLabels:
+      {{- include "k8s-prometheus-adapter.selectorLabels" . | indent 6 }}
+  template:
+    metadata:
+      labels:
+        {{- include "k8s-prometheus-adapter.labels" . | indent 8 }}
+        {{- with .Values.podLabels }}
+        {{- toYaml . | trim | nindent 8 }}
+        {{- end }}
+      name: {{ template "k8s-prometheus-adapter.name" . }}
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+        {{- with .Values.podAnnotations }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.customAnnotations }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      serviceAccountName: {{ template "k8s-prometheus-adapter.serviceAccountName" . }}
+      {{- if .Values.hostNetwork.enabled }}
+      hostNetwork: true
+      {{- end }}
+      {{- if .Values.dnsPolicy }}
+      dnsPolicy: {{ .Values.dnsPolicy }}
+      {{- end}}
+      containers:
+      - name: {{ .Chart.Name }}
+        image: "{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        {{- with .Values.env }}
+        env:
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+        args:
+        - /adapter
+        - --secure-port={{ .Values.listenPort }}
+        {{- if or .Values.tls.enable .Values.certManager.enabled }}
+        - --tls-cert-file=/var/run/serving-cert/tls.crt
+        - --tls-private-key-file=/var/run/serving-cert/tls.key
+        {{- end }}
+        - --cert-dir=/tmp/cert
+        - --prometheus-url={{ tpl .Values.prometheus.url . }}{{ if .Values.prometheus.port }}:{{ .Values.prometheus.port }}{{end}}{{ .Values.prometheus.path }}
+        - --metrics-relist-interval={{ .Values.metricsRelistInterval }}
+        - --v={{ .Values.logLevel }}
+        - --config=/etc/adapter/config.yaml
+        {{- if .Values.extraArguments }}
+        {{- toYaml .Values.extraArguments | trim | nindent 8 }}
+        {{- end }}
+        ports:
+        - containerPort: {{ .Values.listenPort }}
+          name: https
+        {{- with .Values.livenessProbe }}
+        livenessProbe:
+          {{- toYaml . | nindent 10 }}
+        {{- end }}
+        {{- with .Values.readinessProbe }}
+        readinessProbe:
+          {{- toYaml . | nindent 10 }}
+        {{- end }}
+        {{- if .Values.resources }}
+        resources:
+          {{- toYaml .Values.resources | nindent 10 }}
+        {{- end }}
+        {{- with .Values.dnsConfig }}
+        dnsConfig:
+        {{ toYaml . | indent 8 }}
+        {{- end }}
+        {{- with .Values.securityContext }}
+        securityContext:
+          {{- toYaml . | nindent 10 }}
+        {{- end }}
+        volumeMounts:
+        {{- if .Values.extraVolumeMounts }}
+        {{ toYaml .Values.extraVolumeMounts | trim | nindent 8 }}
+        {{ end }}
+        - mountPath: /etc/adapter/
+          name: config
+          readOnly: true
+        - mountPath: /tmp
+          name: tmp
+        {{- if or .Values.tls.enable .Values.certManager.enabled }}
+        - mountPath: /var/run/serving-cert
+          name: volume-serving-cert
+          readOnly: true
+        {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{- toYaml .Values.nodeSelector | nindent 8 }}
+{{- end }}
+      affinity:
+        {{- toYaml .Values.affinity | nindent 8 }}
+      topologySpreadConstraints:
+        {{- toYaml .Values.topologySpreadConstraints | nindent 8 }}
+      priorityClassName: {{ .Values.priorityClassName }}
+      {{- if .Values.podSecurityContext }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{- toYaml .Values.tolerations | nindent 8 }}
+{{- end }}
+      {{- if .Values.image.pullSecrets }}
+      imagePullSecrets:
+        {{- range .Values.image.pullSecrets }}
+        - name: {{ . }}
+        {{- end }}
+      {{- end }}
+      volumes:
+      {{- if .Values.extraVolumes  }}
+      {{ toYaml .Values.extraVolumes | trim | nindent 6 }}
+      {{ end }}
+      - name: config
+        configMap:
+          name: {{ .Values.rules.existing | default (include "k8s-prometheus-adapter.fullname" . ) }}
+      - name: tmp
+        emptyDir: {}
+      {{- if or .Values.tls.enable .Values.certManager.enabled }}
+      - name: volume-serving-cert
+        secret:
+          secretName: {{ template "k8s-prometheus-adapter.fullname" . }}
+      {{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/external-metrics-apiservice.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/external-metrics-apiservice.yaml
new file mode 100644
index 0000000000..21339af128
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/external-metrics-apiservice.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.rules.external }}
+{{- if .Capabilities.APIVersions.Has "apiregistration.k8s.io/v1" }}
+apiVersion: apiregistration.k8s.io/v1
+{{- else }}
+apiVersion: apiregistration.k8s.io/v1beta1
+{{- end }}
+kind: APIService
+metadata:
+{{- if or .Values.certManager.enabled .Values.customAnnotations }}
+  annotations:
+    certmanager.k8s.io/inject-ca-from: {{ printf "%s/%s-root-cert" (include "k8s-prometheus-adapter.namespace" .) (include "k8s-prometheus-adapter.fullname" .) | quote }}
+    cert-manager.io/inject-ca-from: {{ printf "%s/%s-root-cert" (include "k8s-prometheus-adapter.namespace" .) (include "k8s-prometheus-adapter.fullname" .) | quote }}
+    {{- if .Values.customAnnotations }}
+    {{- toYaml .Values.customAnnotations | nindent 4 }}
+    {{- end }}
+{{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: v1beta1.external.metrics.k8s.io
+spec:
+  service:
+    name: {{ template "k8s-prometheus-adapter.fullname" . }}
+    namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+  {{- if .Values.tls.enable }}
+  caBundle: {{ b64enc .Values.tls.ca }}
+  {{- end }}
+  group: external.metrics.k8s.io
+  version: v1beta1
+  {{- if not (or .Values.tls.enable .Values.certManager.enabled) }}
+  insecureSkipTLSVerify: true
+  {{- end }}
+  groupPriorityMinimum: 100
+  versionPriority: 100
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/external-metrics-cluster-role-binding-hpa.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/external-metrics-cluster-role-binding-hpa.yaml
new file mode 100644
index 0000000000..05547bd323
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/external-metrics-cluster-role-binding-hpa.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.rbac.create .Values.rules.external -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-hpa-controller-external-metrics
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "k8s-prometheus-adapter.name" . }}-external-metrics
+subjects:
+- kind: ServiceAccount
+  name: horizontal-pod-autoscaler
+  namespace: kube-system
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/external-metrics-cluster-role.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/external-metrics-cluster-role.yaml
new file mode 100644
index 0000000000..212ea78b25
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/external-metrics-cluster-role.yaml
@@ -0,0 +1,21 @@
+{{- if and .Values.rbac.create .Values.rules.external -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-external-metrics
+rules:
+- apiGroups:
+  - "external.metrics.k8s.io"
+  resources:
+  - "*"
+  verbs:
+  - list
+  - get
+  - watch
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/pdb.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/pdb.yaml
new file mode 100644
index 0000000000..205761a9f1
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/pdb.yaml
@@ -0,0 +1,23 @@
+{{- if .Values.podDisruptionBudget.enabled }}
+apiVersion: {{ include "k8s-prometheus-adapter.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+spec:
+  {{- if .Values.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.podDisruptionBudget.minAvailable }}
+  {{- end  }}
+  {{- if .Values.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }}
+  {{- end  }}
+  selector:
+    matchLabels:
+      {{- include "k8s-prometheus-adapter.selectorLabels" . | indent 6 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/psp.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/psp.yaml
new file mode 100644
index 0000000000..fded5a7491
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/psp.yaml
@@ -0,0 +1,66 @@
+{{- if and (or .Values.global.cattle.psp.enabled .Values.psp.create) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+---
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+spec:
+  {{- if .Values.hostNetwork.enabled }}
+  hostNetwork: true
+  hostPorts:
+    - min: {{ .Values.listenPort }}
+      max: {{ .Values.listenPort }}
+  {{- end }}
+  fsGroup:
+    rule: RunAsAny
+  runAsGroup:
+    rule: RunAsAny
+  runAsUser:
+    rule: MustRunAs
+    ranges:
+    - min: 1024
+      max: 65535
+  seLinux:
+    rule: RunAsAny
+  supplementalGroups:
+    rule: RunAsAny
+  volumes:
+  - secret
+  - emptyDir
+  - configMap
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-psp
+rules:
+- apiGroups: 
+  - 'policy'
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "k8s-prometheus-adapter.fullname" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-psp
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "k8s-prometheus-adapter.name" . }}-psp
+subjects:
+- kind: ServiceAccount
+  name: {{ template "k8s-prometheus-adapter.serviceAccountName" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-apiservice.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-apiservice.yaml
new file mode 100644
index 0000000000..0cc9fff6a2
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-apiservice.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.rules.resource}}
+{{- if .Capabilities.APIVersions.Has "apiregistration.k8s.io/v1" }}
+apiVersion: apiregistration.k8s.io/v1
+{{- else }}
+apiVersion: apiregistration.k8s.io/v1beta1
+{{- end }}
+kind: APIService
+metadata:
+{{- if or .Values.certManager.enabled .Values.customAnnotations }}
+  annotations:
+    certmanager.k8s.io/inject-ca-from: {{ printf "%s/%s-root-cert" (include "k8s-prometheus-adapter.namespace" .) (include "k8s-prometheus-adapter.fullname" .) | quote }}
+    cert-manager.io/inject-ca-from: {{ printf "%s/%s-root-cert" (include "k8s-prometheus-adapter.namespace" .) (include "k8s-prometheus-adapter.fullname" .) | quote }}
+    {{- if .Values.customAnnotations }}
+    {{- toYaml .Values.customAnnotations | nindent 4 }}
+    {{- end }}
+{{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: v1beta1.metrics.k8s.io
+spec:
+  service:
+    name: {{ template "k8s-prometheus-adapter.fullname" . }}
+    namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+  {{- if .Values.tls.enable }}
+  caBundle: {{ b64enc .Values.tls.ca }}
+  {{- end }}
+  group: metrics.k8s.io
+  version: v1beta1
+  {{- if not (or .Values.tls.enable .Values.certManager.enabled) }}
+  insecureSkipTLSVerify: true
+  {{- end }}
+  groupPriorityMinimum: 100
+  versionPriority: 100
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-cluster-role-binding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-cluster-role-binding.yaml
new file mode 100644
index 0000000000..3c247e48d2
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-cluster-role-binding.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.rbac.create .Values.rules.resource -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-hpa-controller-metrics
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "k8s-prometheus-adapter.name" . }}-metrics
+subjects:
+- kind: ServiceAccount
+  name: {{ template "k8s-prometheus-adapter.serviceAccountName" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-cluster-role.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-cluster-role.yaml
new file mode 100644
index 0000000000..73d8953046
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-cluster-role.yaml
@@ -0,0 +1,23 @@
+{{- if and .Values.rbac.create .Values.rules.resource -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-metrics
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  - nodes
+  - nodes/stats
+  verbs:
+  - get
+  - list
+  - watch
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/role-binding-auth-reader.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/role-binding-auth-reader.yaml
new file mode 100644
index 0000000000..d3c77c1c65
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/role-binding-auth-reader.yaml
@@ -0,0 +1,21 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-auth-reader
+  namespace: kube-system
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: extension-apiserver-authentication-reader
+subjects:
+- kind: ServiceAccount
+  name: {{ template "k8s-prometheus-adapter.serviceAccountName" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/secret.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/secret.yaml
new file mode 100644
index 0000000000..3e7e8887bd
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/secret.yaml
@@ -0,0 +1,17 @@
+{{- if .Values.tls.enable -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+type: kubernetes.io/tls
+data:
+  tls.crt: {{ b64enc .Values.tls.certificate }}
+  tls.key: {{ b64enc .Values.tls.key }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/service.yaml
new file mode 100644
index 0000000000..ddac37cfa1
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/service.yaml
@@ -0,0 +1,27 @@
+apiVersion: v1
+kind: Service
+metadata:
+  {{- if or .Values.service.annotations .Values.customAnnotations }}
+  annotations:
+  {{- if .Values.service.annotations }}
+  {{ toYaml .Values.service.annotations | indent 4 }}
+  {{- end }}
+  {{- if .Values.customAnnotations }}
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+spec:
+  ports:
+  - port: {{ .Values.service.port }}
+    protocol: TCP
+    targetPort: https
+  selector:
+    {{- include "k8s-prometheus-adapter.selectorLabels" . | indent 4 }}
+  type: {{ .Values.service.type }}
+  {{- if .Values.service.clusterIP }}
+  clusterIP: {{ .Values.service.clusterIP }}
+  {{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/serviceaccount.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..30a169ae0e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/templates/serviceaccount.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.serviceAccountName" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+{{- if or .Values.serviceAccount.annotations .Values.customAnnotations }}
+  annotations:
+  {{- if .Values.serviceAccount.annotations }}
+  {{- toYaml .Values.serviceAccount.annotations | nindent 4 }}
+  {{- end }}
+  {{- if .Values.customAnnotations }}
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+{{- end }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/values.yaml
new file mode 100644
index 0000000000..a1445a23f1
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-adapter/values.yaml
@@ -0,0 +1,277 @@
+# Default values for k8s-prometheus-adapter..
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+
+affinity: {}
+
+topologySpreadConstraints: []
+
+image:
+  repository: rancher/mirrored-prometheus-adapter-prometheus-adapter
+  tag: v0.12.0
+  pullPolicy: IfNotPresent
+
+logLevel: 4
+
+metricsRelistInterval: 1m
+
+listenPort: 6443
+
+nodeSelector: {}
+
+priorityClassName: ""
+
+## Override the release namespace (for multi-namespace deployments in combined charts)
+namespaceOverride: ""
+
+## Additional annotations to add to all resources
+customAnnotations: {}
+  # role: custom-metrics
+
+## Additional labels to add to all resources
+customLabels: {}
+  # monitoring: prometheus-adapter
+
+# Url to access prometheus
+prometheus:
+  # Value is templated
+  url: http://prometheus.default.svc
+  port: 9090
+  path: ""
+
+replicas: 1
+
+# k8s 1.21 needs fsGroup to be set for non root deployments
+# ref: https://github.com/kubernetes/kubernetes/issues/70679
+podSecurityContext:
+  fsGroup: 10001
+
+# SecurityContext of the container
+# ref. https://kubernetes.io/docs/tasks/configure-pod-container/security-context
+securityContext:
+  allowPrivilegeEscalation: false
+  capabilities:
+    drop: ["all"]
+  readOnlyRootFilesystem: true
+  runAsNonRoot: true
+  runAsUser: 10001
+  seccompProfile:
+    type: RuntimeDefault
+
+rbac:
+  # Specifies whether RBAC resources should be created
+  create: true
+
+psp:
+  # Specifies whether PSP resources should be created
+  create: false
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name:
+  # ServiceAccount annotations.
+  # Use case: AWS EKS IAM roles for service accounts
+  # ref: https://docs.aws.amazon.com/eks/latest/userguide/specify-service-account-role.html
+  annotations: {}
+
+# Custom DNS configuration to be added to prometheus-adapter pods
+dnsConfig: {}
+  # nameservers:
+  #   - 1.2.3.4
+  # searches:
+  #   - ns1.svc.cluster-domain.example
+  #   - my.dns.search.suffix
+  # options:
+  #   - name: ndots
+  #     value: "2"
+  #   - name: edns0
+
+resources: {}
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+# Configure liveness probe
+# https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#Probe
+livenessProbe:
+  httpGet:
+    path: /healthz
+    port: https
+    scheme: HTTPS
+  initialDelaySeconds: 30
+  timeoutSeconds: 5
+
+# Configure readiness probe
+readinessProbe:
+  httpGet:
+    path: /healthz
+    port: https
+    scheme: HTTPS
+  initialDelaySeconds: 30
+  timeoutSeconds: 5
+
+rules:
+  default: true
+
+  custom: []
+    # - seriesQuery: '{__name__=~"^some_metric_count$"}'
+    #   resources:
+    #     template: <<.Resource>>
+    #   name:
+    #     matches: ""
+    #     as: "my_custom_metric"
+    #   metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>}) by (<<.GroupBy>>)
+
+  # Mounts a configMap with pre-generated rules for use. Overrides the
+  # default, custom, external and resource entries
+  existing:
+
+  external: []
+    # - seriesQuery: '{__name__=~"^some_metric_count$"}'
+    #   resources:
+    #     template: <<.Resource>>
+    #   name:
+    #     matches: ""
+    #     as: "my_external_metric"
+    #   metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>}) by (<<.GroupBy>>)
+
+  # resource:
+  #   cpu:
+  #     containerQuery: |
+  #       sum by (<<.GroupBy>>) (
+  #         rate(container_cpu_usage_seconds_total{container!="",<<.LabelMatchers>>}[3m])
+  #       )
+  #     nodeQuery: |
+  #       sum  by (<<.GroupBy>>) (
+  #         rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal",<<.LabelMatchers>>}[3m])
+  #       )
+  #     resources:
+  #       overrides:
+  #         node:
+  #           resource: node
+  #         namespace:
+  #           resource: namespace
+  #         pod:
+  #           resource: pod
+  #     containerLabel: container
+  #   memory:
+  #     containerQuery: |
+  #       sum by (<<.GroupBy>>) (
+  #         avg_over_time(container_memory_working_set_bytes{container!="",<<.LabelMatchers>>}[3m])
+  #       )
+  #     nodeQuery: |
+  #       sum by (<<.GroupBy>>) (
+  #         avg_over_time(node_memory_MemTotal_bytes{<<.LabelMatchers>>}[3m])
+  #         -
+  #         avg_over_time(node_memory_MemAvailable_bytes{<<.LabelMatchers>>}[3m])
+  #       )
+  #     resources:
+  #       overrides:
+  #         node:
+  #           resource: node
+  #         namespace:
+  #           resource: namespace
+  #         pod:
+  #           resource: pod
+  #     containerLabel: container
+  #   window: 3m
+
+service:
+  annotations: {}
+  port: 443
+  type: ClusterIP
+  # clusterIP: 1.2.3.4
+
+tls:
+  enable: false
+  ca: |-
+    # Public CA file that signed the APIService
+  key: |-
+    # Private key of the APIService
+  certificate: |-
+    # Public key of the APIService
+
+# Set environment variables from secrets, configmaps or by setting them as name/value
+env: []
+  # - name: TMP_DIR
+  #   value: /tmp
+  # - name: PASSWORD
+  #   valueFrom:
+  #     secretKeyRef:
+  #       name: mysecret
+  #       key: password
+  #       optional: false
+
+# Any extra arguments
+extraArguments: []
+  # - --tls-private-key-file=/etc/tls/tls.key
+  # - --tls-cert-file=/etc/tls/tls.crt
+
+# Any extra volumes
+extraVolumes: []
+  # - name: example-name
+  #   hostPath:
+  #     path: /path/on/host
+  #     type: DirectoryOrCreate
+  # - name: ssl-certs
+  #   hostPath:
+  #     path: /etc/ssl/certs/ca-bundle.crt
+  #     type: File
+
+# Any extra volume mounts
+extraVolumeMounts: []
+  #   - name: example-name
+  #     mountPath: /path/in/container
+  #   - name: ssl-certs
+  #     mountPath: /etc/ssl/certs/ca-certificates.crt
+  #     readOnly: true
+
+tolerations: []
+
+# Labels added to the pod
+podLabels: {}
+
+# Annotations added to the pod
+podAnnotations: {}
+
+# Annotations added to the deployment
+deploymentAnnotations: {}
+
+hostNetwork:
+  # Specifies if prometheus-adapter should be started in hostNetwork mode.
+  #
+  # You would require this enabled if you use alternate overlay networking for pods and
+  # API server unable to communicate with metrics-server. As an example, this is required
+  # if you use Weave network on EKS. See also dnsPolicy
+  enabled: false
+
+# When hostNetwork is enabled, you probably want to set this to ClusterFirstWithHostNet
+# dnsPolicy: ClusterFirstWithHostNet
+
+# Deployment strategy type
+strategy:
+  type: RollingUpdate
+  rollingUpdate:
+    maxUnavailable: 25%
+    maxSurge: 25%
+
+podDisruptionBudget:
+  # Specifies if PodDisruptionBudget should be enabled
+  # When enabled, minAvailable or maxUnavailable should also be defined.
+  enabled: false
+  minAvailable:
+  maxUnavailable: 1
+
+certManager:
+  enabled: false
+  caCertDuration: 43800h
+  certDuration: 8760h
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/.helmignore
new file mode 100644
index 0000000000..f0c1319444
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/Chart.yaml
new file mode 100644
index 0000000000..9130cbcc91
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/Chart.yaml
@@ -0,0 +1,25 @@
+annotations:
+  artifacthub.io/license: Apache-2.0
+  artifacthub.io/links: |-
+    - name: Chart Source
+      url: https://github.com/prometheus-community/helm-charts
+apiVersion: v2
+appVersion: 1.7.0
+description: A Helm chart for prometheus node-exporter
+home: https://github.com/prometheus/node_exporter/
+keywords:
+- node-exporter
+- prometheus
+- exporter
+maintainers:
+- email: gianrubio@gmail.com
+  name: gianrubio
+- email: zanhsieh@gmail.com
+  name: zanhsieh
+- email: rootsandtrees@posteo.de
+  name: zeritti
+name: prometheus-node-exporter
+sources:
+- https://github.com/prometheus/node_exporter/
+type: application
+version: 4.30.3
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/README.md
new file mode 100644
index 0000000000..149b982267
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/README.md
@@ -0,0 +1,97 @@
+
+# Prometheus Node Exporter
+
+Prometheus exporter for hardware and OS metrics exposed by *NIX kernels, written in Go with pluggable metric collectors.
+
+This chart bootstraps a Prometheus [Node Exporter](http://github.com/prometheus/node_exporter) daemonset on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
+
+## Get Repository Info
+<!-- textlint-disable terminology -->
+```console
+helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+helm repo update
+```
+
+_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+<!-- textlint-enable -->
+## Install Chart
+
+```console
+helm install [RELEASE_NAME] prometheus-community/prometheus-node-exporter
+```
+
+_See [configuration](#configuring) below._
+
+_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
+
+## Uninstall Chart
+
+```console
+helm uninstall [RELEASE_NAME]
+```
+
+This removes all the Kubernetes components associated with the chart and deletes the release.
+
+_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
+
+## Upgrading Chart
+
+```console
+helm upgrade [RELEASE_NAME] prometheus-community/prometheus-node-exporter --install
+```
+
+_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
+
+### 3.x to 4.x
+
+Starting from version 4.0.0, the `node exporter` chart is using the [Kubernetes recommended labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/). Therefore you have to delete the daemonset before you upgrade.
+
+```console
+kubectl delete daemonset -l app=prometheus-node-exporter
+helm upgrade -i prometheus-node-exporter prometheus-community/prometheus-node-exporter
+```
+
+If you use your own custom [ServiceMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitor) or [PodMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#podmonitor), please ensure to upgrade their `selector` fields accordingly to the new labels.
+
+### From 2.x to 3.x
+
+Change the following:
+
+```yaml
+hostRootFsMount: true
+```
+
+to:
+
+```yaml
+hostRootFsMount:
+  enabled: true
+  mountPropagation: HostToContainer
+```
+
+## Configuring
+
+See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands:
+
+```console
+helm show values prometheus-community/prometheus-node-exporter
+```
+
+### kube-rbac-proxy
+
+You can enable `prometheus-node-exporter` endpoint protection using `kube-rbac-proxy`. By setting `kubeRBACProxy.enabled: true`, this chart will deploy a RBAC proxy container protecting the node-exporter endpoint.
+To authorize access, authenticate your requests (via a `ServiceAccount` for example) with a `ClusterRole` attached such as:
+
+```yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: prometheus-node-exporter-read
+rules:
+  - apiGroups: [ "" ]
+    resources: ["services/node-exporter-prometheus-node-exporter"]
+    verbs:
+      - get
+```
+
+See [kube-rbac-proxy examples](https://github.com/brancz/kube-rbac-proxy/tree/master/examples/resource-attributes) for more details.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/NOTES.txt b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/NOTES.txt
new file mode 100644
index 0000000000..8c5391f1f7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/NOTES.txt
@@ -0,0 +1,29 @@
+1. Get the application URL by running these commands:
+{{- if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ template "prometheus-node-exporter.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "prometheus-node-exporter.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ template "prometheus-node-exporter.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ template "prometheus-node-exporter.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ template "prometheus-node-exporter.namespace" . }} {{ template "prometheus-node-exporter.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ template "prometheus-node-exporter.namespace" . }} -l "app.kubernetes.io/name={{ template "prometheus-node-exporter.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:{{ .Values.service.port }} to use your application"
+  kubectl port-forward --namespace {{ template "prometheus-node-exporter.namespace" . }} $POD_NAME {{ .Values.service.port }}
+{{- end }}
+
+{{- if .Values.kubeRBACProxy.enabled}}
+
+kube-rbac-proxy endpoint protections is enabled:
+- Metrics endpoints is now HTTPS
+- Ensure that the client authenticates the requests (e.g. via service account) with the following role permissions:
+```
+rules:
+  - apiGroups: [ "" ]
+    resources: ["services/{{ template "prometheus-node-exporter.fullname" . }}"]
+    verbs:
+      - get
+```
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/_helpers.tpl
new file mode 100644
index 0000000000..72a6db45a1
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/_helpers.tpl
@@ -0,0 +1,236 @@
+# Rancher
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "prometheus-node-exporter.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "prometheus-node-exporter.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "prometheus-node-exporter.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "prometheus-node-exporter.labels" -}}
+helm.sh/chart: {{ include "prometheus-node-exporter.chart" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/component: metrics
+app.kubernetes.io/part-of: {{ include "prometheus-node-exporter.name" . }}
+{{ include "prometheus-node-exporter.selectorLabels" . }}
+{{- with .Chart.AppVersion }}
+app.kubernetes.io/version: {{ . | quote }}
+{{- end }}
+{{- with .Values.podLabels }}
+{{ toYaml . }}
+{{- end }}
+{{- if .Values.releaseLabel }}
+release: {{ .Release.Name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "prometheus-node-exporter.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "prometheus-node-exporter.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "prometheus-node-exporter.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "prometheus-node-exporter.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+The image to use
+*/}}
+{{- define "prometheus-node-exporter.image" -}}
+{{- $temp_registry := (include "system_default_registry" .) }}
+{{- if .Values.image.sha }}
+{{- fail "image.sha forbidden. Use image.digest instead" }}
+{{- else if .Values.image.digest }}
+{{- if $temp_registry }}
+{{- printf "%s%s:%s@%s" $temp_registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.digest }}
+{{- else if .Values.global.imageRegistry }}
+{{- printf "%s/%s:%s@%s" .Values.global.imageRegistry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.digest }}
+{{- else }}
+{{- printf "%s/%s:%s@%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.digest }}
+{{- end }}
+{{- else }}
+{{- if $temp_registry }}
+{{- printf "%s%s:%s" $temp_registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }}
+{{- else if .Values.global.imageRegistry }}
+{{- printf "%s/%s:%s" .Values.global.imageRegistry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }}
+{{- else }}
+{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Allow the release namespace to be overridden for multi-namespace deployments in combined charts
+*/}}
+{{- define "prometheus-node-exporter.namespace" -}}
+{{- if .Values.namespaceOverride }}
+{{- .Values.namespaceOverride }}
+{{- else }}
+{{- .Release.Namespace }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create the namespace name of the service monitor
+*/}}
+{{- define "prometheus-node-exporter.monitor-namespace" -}}
+{{- if .Values.namespaceOverride }}
+{{- .Values.namespaceOverride }}
+{{- else }}
+{{- if .Values.prometheus.monitor.namespace }}
+{{- .Values.prometheus.monitor.namespace }}
+{{- else }}
+{{- .Release.Namespace }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/* Sets default scrape limits for servicemonitor */}}
+{{- define "servicemonitor.scrapeLimits" -}}
+{{- with .sampleLimit }}
+sampleLimit: {{ . }}
+{{- end }}
+{{- with .targetLimit }}
+targetLimit: {{ . }}
+{{- end }}
+{{- with .labelLimit }}
+labelLimit: {{ . }}
+{{- end }}
+{{- with .labelNameLengthLimit }}
+labelNameLengthLimit: {{ . }}
+{{- end }}
+{{- with .labelValueLengthLimit }}
+labelValueLengthLimit: {{ . }}
+{{- end }}
+{{- end }}
+
+{{/*
+Formats imagePullSecrets. Input is (dict "Values" .Values "imagePullSecrets" .{specific imagePullSecrets})
+*/}}
+{{- define "prometheus-node-exporter.imagePullSecrets" -}}
+{{- range (concat .Values.global.imagePullSecrets .imagePullSecrets) }}
+  {{- if eq (typeOf .) "map[string]interface {}" }}
+- {{ toYaml . | trim }}
+  {{- else }}
+- name: {{ . }}
+  {{- end }}
+{{- end }}
+{{- end -}}
+
+{{/*
+Create the namespace name of the pod monitor
+*/}}
+{{- define "prometheus-node-exporter.podmonitor-namespace" -}}
+{{- if .Values.namespaceOverride }}
+{{- .Values.namespaceOverride }}
+{{- else }}
+{{- if .Values.prometheus.podMonitor.namespace }}
+{{- .Values.prometheus.podMonitor.namespace }}
+{{- else }}
+{{- .Release.Namespace }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/* Sets default scrape limits for podmonitor */}}
+{{- define "podmonitor.scrapeLimits" -}}
+{{- with .sampleLimit }}
+sampleLimit: {{ . }}
+{{- end }}
+{{- with .targetLimit }}
+targetLimit: {{ . }}
+{{- end }}
+{{- with .labelLimit }}
+labelLimit: {{ . }}
+{{- end }}
+{{- with .labelNameLengthLimit }}
+labelNameLengthLimit: {{ . }}
+{{- end }}
+{{- with .labelValueLengthLimit }}
+labelValueLengthLimit: {{ . }}
+{{- end }}
+{{- end }}
+
+{{/* Sets sidecar volumeMounts */}}
+{{- define "prometheus-node-exporter.sidecarVolumeMounts" -}}
+{{- range $_, $mount := $.Values.sidecarVolumeMount }}
+- name: {{ $mount.name }}
+  mountPath: {{ $mount.mountPath }}
+  readOnly: {{ $mount.readOnly }}
+{{- end }}
+{{- range $_, $mount := $.Values.sidecarHostVolumeMounts }}
+- name: {{ $mount.name }}
+  mountPath: {{ $mount.mountPath }}
+  readOnly: {{ $mount.readOnly }}
+{{- if $mount.mountPropagation }}
+  mountPropagation: {{ $mount.mountPropagation }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/clusterrole.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/clusterrole.yaml
new file mode 100644
index 0000000000..c256dba73d
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/clusterrole.yaml
@@ -0,0 +1,19 @@
+{{- if and (eq .Values.rbac.create true) (eq .Values.kubeRBACProxy.enabled true) -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+rules:
+  {{-  if $.Values.kubeRBACProxy.enabled  }}
+  - apiGroups: [ "authentication.k8s.io" ]
+    resources:
+      - tokenreviews
+    verbs: [ "create" ]
+  - apiGroups: [ "authorization.k8s.io" ]
+    resources:
+      - subjectaccessreviews
+    verbs: [ "create" ]
+  {{- end }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/clusterrolebinding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000000..653305ad9e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/clusterrolebinding.yaml
@@ -0,0 +1,20 @@
+{{- if and (eq .Values.rbac.create true) (eq .Values.kubeRBACProxy.enabled true) -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+  name: {{ template "prometheus-node-exporter.fullname" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+{{- if .Values.rbac.useExistingRole }}
+  name: {{ .Values.rbac.useExistingRole }}
+{{- else }}
+  name: {{ template "prometheus-node-exporter.fullname" . }}
+{{- end }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "prometheus-node-exporter.serviceAccountName" . }}
+  namespace: {{ template "prometheus-node-exporter.namespace" . }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/daemonset.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/daemonset.yaml
new file mode 100644
index 0000000000..48d274f1b1
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/daemonset.yaml
@@ -0,0 +1,309 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  namespace: {{ include "prometheus-node-exporter.namespace" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+  {{- with .Values.daemonsetAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  selector:
+    matchLabels:
+      {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }}
+  revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
+  {{- with .Values.updateStrategy }}
+  updateStrategy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "prometheus-node-exporter.labels" . | nindent 8 }}
+    spec:
+      automountServiceAccountToken: {{ ternary true false (or .Values.serviceAccount.automountServiceAccountToken .Values.kubeRBACProxy.enabled) }}
+      {{- with .Values.securityContext }}
+      securityContext:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.priorityClassName }}
+      priorityClassName: {{ . }}
+      {{- end }}
+      {{- with .Values.extraInitContainers }}
+      initContainers:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "prometheus-node-exporter.serviceAccountName" . }}
+      {{- with .Values.terminationGracePeriodSeconds }}
+      terminationGracePeriodSeconds: {{ . }}
+      {{- end }}
+      containers:
+        {{- $servicePort := ternary .Values.kubeRBACProxy.port .Values.service.port .Values.kubeRBACProxy.enabled }}
+        - name: node-exporter
+          image: {{ include "prometheus-node-exporter.image" . }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          args:
+            - --path.procfs=/host/proc
+            - --path.sysfs=/host/sys
+            {{- if .Values.hostRootFsMount.enabled }}
+            - --path.rootfs=/host/root
+            {{- if semverCompare ">=1.4.0-0" (coalesce .Values.version .Values.image.tag .Chart.AppVersion) }}
+            - --path.udev.data=/host/root/run/udev/data
+            {{- end }}
+            {{- end }}
+            - --web.listen-address=[$(HOST_IP)]:{{ $servicePort }}
+            {{- with .Values.extraArgs }}
+            {{- toYaml . | nindent 12 }}
+            {{- end }}
+          {{- with .Values.containerSecurityContext }}
+          securityContext:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          env:
+            - name: HOST_IP
+              {{- if .Values.kubeRBACProxy.enabled }}
+              value: 127.0.0.1
+              {{- else if .Values.service.listenOnAllInterfaces }}
+              value: 0.0.0.0
+              {{- else }}
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.hostIP
+              {{- end }}
+            {{- range $key, $value := .Values.env }}
+            - name: {{ $key }}
+              value: {{ $value | quote }}
+            {{- end }}
+          {{- if eq .Values.kubeRBACProxy.enabled false }}
+          ports:
+            - name: {{ .Values.service.portName }}
+              containerPort: {{ .Values.service.port }}
+              protocol: TCP
+          {{- end }}
+          livenessProbe:
+            failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+            httpGet:
+              {{- if .Values.kubeRBACProxy.enabled }}
+              host: 127.0.0.1
+              {{- end }}
+              httpHeaders:
+              {{- range $_, $header := .Values.livenessProbe.httpGet.httpHeaders }}
+              - name: {{ $header.name }}
+                value: {{ $header.value }}
+              {{- end }}
+              path: /
+              port: {{ $servicePort }}
+              scheme: {{ upper .Values.livenessProbe.httpGet.scheme }}
+            initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+            successThreshold: {{ .Values.livenessProbe.successThreshold }}
+            timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
+          readinessProbe:
+            failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+            httpGet:
+              {{- if .Values.kubeRBACProxy.enabled }}
+              host: 127.0.0.1
+              {{- end }}
+              httpHeaders:
+              {{- range $_, $header := .Values.readinessProbe.httpGet.httpHeaders }}
+              - name: {{ $header.name }}
+                value: {{ $header.value }}
+              {{- end }}
+              path: /
+              port: {{ $servicePort }}
+              scheme: {{ upper .Values.readinessProbe.httpGet.scheme }}
+            initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+            successThreshold: {{ .Values.readinessProbe.successThreshold }}
+            timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
+          {{- with .Values.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- if .Values.terminationMessageParams.enabled }}
+          {{- with .Values.terminationMessageParams }}
+          terminationMessagePath: {{ .terminationMessagePath }}
+          terminationMessagePolicy: {{ .terminationMessagePolicy }}
+          {{- end }}
+          {{- end }}
+          volumeMounts:
+            - name: proc
+              mountPath: /host/proc
+              {{- with .Values.hostProcFsMount.mountPropagation }}
+              mountPropagation: {{ . }}
+              {{- end }}
+              readOnly:  true
+            - name: sys
+              mountPath: /host/sys
+              {{- with .Values.hostSysFsMount.mountPropagation }}
+              mountPropagation: {{ . }}
+              {{- end }}
+              readOnly: true
+            {{- if .Values.hostRootFsMount.enabled }}
+            - name: root
+              mountPath: /host/root
+              {{- with .Values.hostRootFsMount.mountPropagation }}
+              mountPropagation: {{ . }}
+              {{- end }}
+              readOnly: true
+            {{- end }}
+            {{- range $_, $mount := .Values.extraHostVolumeMounts }}
+            - name: {{ $mount.name }}
+              mountPath: {{ $mount.mountPath }}
+              readOnly: {{ $mount.readOnly }}
+              {{- with $mount.mountPropagation }}
+              mountPropagation: {{ . }}
+              {{- end }}
+            {{- end }}
+            {{- range $_, $mount := .Values.sidecarVolumeMount }}
+            - name: {{ $mount.name }}
+              mountPath: {{ $mount.mountPath }}
+              readOnly: true
+            {{- end }}
+            {{- range $_, $mount := .Values.configmaps }}
+            - name: {{ $mount.name }}
+              mountPath: {{ $mount.mountPath }}
+            {{- end }}
+            {{- range $_, $mount := .Values.secrets }}
+            - name: {{ .name }}
+              mountPath: {{ .mountPath }}
+            {{- end }}
+        {{- range .Values.sidecars }}
+          {{- $overwrites := dict "volumeMounts" (concat (include "prometheus-node-exporter.sidecarVolumeMounts" $ | fromYamlArray) (.volumeMounts | default list) | default list) }}
+          {{- $defaults := dict "image" (include "prometheus-node-exporter.image" $) "securityContext" $.Values.containerSecurityContext "imagePullPolicy" $.Values.image.pullPolicy }}
+        - {{- toYaml (merge $overwrites . $defaults) | nindent 10 }}
+        {{- end }}
+        {{-  if .Values.kubeRBACProxy.enabled  }}
+        - name: kube-rbac-proxy
+          args:
+            {{-  if .Values.kubeRBACProxy.extraArgs  }}
+            {{- .Values.kubeRBACProxy.extraArgs | toYaml | nindent 12 }}
+            {{-  end  }}
+            - --secure-listen-address=:{{ .Values.service.port}}
+            - --upstream=http://127.0.0.1:{{ $servicePort }}/
+            - --proxy-endpoints-port=8888
+            - --config-file=/etc/kube-rbac-proxy-config/config-file.yaml
+          volumeMounts:
+            - name: kube-rbac-proxy-config
+              mountPath: /etc/kube-rbac-proxy-config
+          imagePullPolicy: {{ .Values.kubeRBACProxy.image.pullPolicy }}
+          {{- $base_registry := (include "monitoring_registry" .) }}
+          {{- if .Values.kubeRBACProxy.image.sha }}
+          image: "{{ $base_registry | default .Values.kubeRBACProxy.image.registry}}/{{ .Values.kubeRBACProxy.image.repository }}:{{ .Values.kubeRBACProxy.image.tag }}@sha256:{{ .Values.kubeRBACProxy.image.sha }}"
+          {{- else }}
+          image: "{{ $base_registry | default .Values.kubeRBACProxy.image.registry}}/{{ .Values.kubeRBACProxy.image.repository }}:{{ .Values.kubeRBACProxy.image.tag }}"
+          {{- end }}
+          ports:
+            - containerPort: {{ .Values.service.port}}
+              name: {{ .Values.kubeRBACProxy.portName }}
+              {{- if .Values.kubeRBACProxy.enableHostPort }}
+              hostPort: {{ .Values.service.port }}
+              {{- end }}
+            - containerPort: 8888
+              name: "http-healthz"
+          readinessProbe:
+            httpGet:
+              scheme: HTTPS
+              port: 8888
+              path: healthz
+            initialDelaySeconds: 5
+            timeoutSeconds: 5
+          {{- if .Values.kubeRBACProxy.resources }}
+          resources:
+          {{- toYaml .Values.kubeRBACProxy.resources | nindent 12 }}
+          {{- end }}
+          {{- if .Values.terminationMessageParams.enabled }}
+          {{- with .Values.terminationMessageParams }}
+          terminationMessagePath: {{ .terminationMessagePath }}
+          terminationMessagePolicy: {{ .terminationMessagePolicy }}
+          {{- end }}
+          {{- end }}
+          {{- with .Values.kubeRBACProxy.env }}
+          env:
+            {{- range $key, $value := $.Values.kubeRBACProxy.env }}
+            - name: {{ $key }}
+              value: {{ $value | quote }}
+            {{- end }}
+          {{- end }}
+          {{- if .Values.kubeRBACProxy.containerSecurityContext }}
+          securityContext:
+          {{ toYaml .Values.kubeRBACProxy.containerSecurityContext | nindent 12 }}
+        {{- end }}
+        {{- end }}
+      {{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }}
+      imagePullSecrets:
+        {{- include "prometheus-node-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.imagePullSecrets) | indent 8 }}
+      {{- end }}
+      hostNetwork: {{ .Values.hostNetwork }}
+      hostPID: {{ .Values.hostPID }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.dnsConfig }}
+      dnsConfig:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.restartPolicy }}
+      restartPolicy: {{ . }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      volumes:
+        - name: proc
+          hostPath:
+            path: /proc
+        - name: sys
+          hostPath:
+            path: /sys
+        {{- if .Values.hostRootFsMount.enabled }}
+        - name: root
+          hostPath:
+            path: /
+        {{- end }}
+        {{- range $_, $mount := .Values.extraHostVolumeMounts }}
+        - name: {{ $mount.name }}
+          hostPath:
+            path: {{ $mount.hostPath }}
+            {{- with $mount.type }}
+            type: {{ . }}
+            {{- end }}
+        {{- end }}
+        {{- range $_, $mount := .Values.sidecarVolumeMount }}
+        - name: {{ $mount.name }}
+          emptyDir:
+            medium: Memory
+        {{- end }}
+        {{- range $_, $mount := .Values.sidecarHostVolumeMounts }}
+        - name: {{ $mount.name }}
+          hostPath:
+            path: {{ $mount.hostPath }}
+        {{- end }}
+        {{- range $_, $mount := .Values.configmaps }}
+        - name: {{ $mount.name }}
+          configMap:
+            name: {{ $mount.name }}
+        {{- end }}
+        {{- range $_, $mount := .Values.secrets }}
+        - name: {{ $mount.name }}
+          secret:
+            secretName: {{ $mount.name }}
+        {{- end }}
+        {{- if .Values.kubeRBACProxy.enabled }}
+        - name: kube-rbac-proxy-config
+          configMap:
+            name: {{ template "prometheus-node-exporter.fullname" . }}-rbac-config
+        {{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/endpoints.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/endpoints.yaml
new file mode 100644
index 0000000000..56b695203a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/endpoints.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.endpoints }}
+apiVersion: v1
+kind: Endpoints
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  namespace: {{ include "prometheus-node-exporter.namespace" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+subsets:
+  - addresses:
+      {{- range .Values.endpoints }}
+      - ip: {{ . }}
+      {{- end }}
+    ports:
+      - name: {{ .Values.service.portName }}
+        port: {{ .Values.service.port }}
+        protocol: TCP
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/extra-manifests.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/extra-manifests.yaml
new file mode 100644
index 0000000000..2b21b71062
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/extra-manifests.yaml
@@ -0,0 +1,4 @@
+{{ range .Values.extraManifests }}
+---
+{{ tpl . $ }}
+{{ end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/networkpolicy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/networkpolicy.yaml
new file mode 100644
index 0000000000..825722729d
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/networkpolicy.yaml
@@ -0,0 +1,23 @@
+{{- if .Values.networkPolicy.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  namespace: {{ include "prometheus-node-exporter.namespace" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" $ | nindent 4 }}
+  {{- with .Values.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  ingress:
+    - ports:
+      - port: {{ .Values.service.port }}
+  policyTypes:
+    - Egress
+    - Ingress
+  podSelector:
+    matchLabels:
+      {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/podmonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/podmonitor.yaml
new file mode 100644
index 0000000000..f88da6a34e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/podmonitor.yaml
@@ -0,0 +1,91 @@
+{{- if .Values.prometheus.podMonitor.enabled }}
+apiVersion: {{ .Values.prometheus.podMonitor.apiVersion | default "monitoring.coreos.com/v1" }}
+kind: PodMonitor
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  namespace: {{ include "prometheus-node-exporter.podmonitor-namespace" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+    {{- with .Values.prometheus.podMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.podMonitor.jobLabel }}
+  {{- include "podmonitor.scrapeLimits" .Values.prometheus.podMonitor | nindent 2 }}
+  selector:
+    matchLabels:
+    {{- with .Values.prometheus.podMonitor.selectorOverride }}
+      {{- toYaml . | nindent 6 }}
+    {{- else }}
+      {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - {{ include "prometheus-node-exporter.namespace" . }}
+  {{- with .Values.prometheus.podMonitor.attachMetadata }}
+  attachMetadata:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.prometheus.podMonitor.podTargetLabels }}
+  podTargetLabels:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  podMetricsEndpoints:
+    - port: {{ .Values.service.portName }}
+      {{- with .Values.prometheus.podMonitor.scheme }}
+      scheme: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.path }}
+      path: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.basicAuth }}
+      basicAuth:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.bearerTokenSecret }}
+      bearerTokenSecret:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.tlsConfig }}
+      tlsConfig:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.authorization }}
+      authorization:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.oauth2 }}
+      oauth2:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.proxyUrl }}
+      proxyUrl: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.interval }}
+      interval: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.honorTimestamps }}
+      honorTimestamps: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.honorLabels }}
+      honorLabels: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.scrapeTimeout }}
+      scrapeTimeout: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.relabelings }}
+      relabelings:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.metricRelabelings }}
+      metricRelabelings:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      enableHttp2: {{ default false .Values.prometheus.podMonitor.enableHttp2 }}
+      filterRunning: {{ default true .Values.prometheus.podMonitor.filterRunning }}
+      followRedirects: {{ default false .Values.prometheus.podMonitor.followRedirects }}
+      {{- with .Values.prometheus.podMonitor.params }}
+      params:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml
new file mode 100644
index 0000000000..ee5bbba4a5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml
@@ -0,0 +1,14 @@
+{{- if and (or .Values.global.cattle.psp.enable (and .Values.rbac.create .Values.rbac.pspEnabled)) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: psp-{{ include "prometheus-node-exporter.fullname" . }}
+  labels: 
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+rules:
+- apiGroups: ['extensions']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+    - {{ include "prometheus-node-exporter.fullname" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml
new file mode 100644
index 0000000000..160f2bbf7a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml
@@ -0,0 +1,16 @@
+{{- if and (or .Values.global.cattle.psp.enable (and .Values.rbac.create .Values.rbac.pspEnabled)) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: psp-{{ include "prometheus-node-exporter.fullname" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: psp-{{ include "prometheus-node-exporter.fullname" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "prometheus-node-exporter.fullname" . }}
+    namespace: {{ include "prometheus-node-exporter.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/psp.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/psp.yaml
new file mode 100644
index 0000000000..f3b52e1120
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/psp.yaml
@@ -0,0 +1,49 @@
+{{- if and (or .Values.global.cattle.psp.enable (and .Values.rbac.create .Values.rbac.pspEnabled)) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  namespace: {{ include "prometheus-node-exporter.namespace" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+  {{- with .Values.rbac.pspAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  privileged: false
+  # Allow core volume types.
+  volumes:
+    - 'configMap'
+    - 'emptyDir'
+    - 'projected'
+    - 'secret'
+    - 'downwardAPI'
+    - 'persistentVolumeClaim'
+    - 'hostPath'
+  hostNetwork: true
+  hostIPC: false
+  hostPID: true
+  hostPorts:
+    - min: 0
+      max: 65535
+  runAsUser:
+    # Permits the container to run with root privileges as well.
+    rule: 'RunAsAny'
+  seLinux:
+    # This policy assumes the nodes are using AppArmor rather than SELinux.
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/rbac-configmap.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/rbac-configmap.yaml
new file mode 100644
index 0000000000..814e110337
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/rbac-configmap.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.kubeRBACProxy.enabled}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "prometheus-node-exporter.fullname" . }}-rbac-config
+  namespace: {{ include "prometheus-node-exporter.namespace" . }}
+data:
+  config-file.yaml: |+
+    authorization:
+      resourceAttributes:
+        namespace: {{ template "prometheus-node-exporter.namespace" . }}
+        apiVersion: v1
+        resource: services
+        subresource: {{ template "prometheus-node-exporter.fullname" . }}
+        name: {{ template "prometheus-node-exporter.fullname" . }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/service.yaml
new file mode 100644
index 0000000000..a065e46e39
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/service.yaml
@@ -0,0 +1,29 @@
+{{- if .Values.service.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  namespace: {{ include "prometheus-node-exporter.namespace" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" $ | nindent 4 }}
+  {{- with .Values.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+{{- if .Values.service.ipDualStack.enabled }}
+  ipFamilies: {{ toYaml .Values.service.ipDualStack.ipFamilies | nindent 4 }}
+  ipFamilyPolicy: {{ .Values.service.ipDualStack.ipFamilyPolicy }}
+{{- end }}
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      {{- if ( and (eq .Values.service.type "NodePort" ) (not (empty .Values.service.nodePort)) ) }}
+      nodePort: {{ .Values.service.nodePort }}
+      {{- end }}
+      targetPort: {{ .Values.service.targetPort }}
+      protocol: TCP
+      name: {{ .Values.service.portName }}
+  selector:
+    {{- include "prometheus-node-exporter.selectorLabels" . | nindent 4 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/serviceaccount.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..5c3348c09b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/serviceaccount.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.rbac.create .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "prometheus-node-exporter.serviceAccountName" . }}
+  namespace: {{ include "prometheus-node-exporter.namespace" . }}
+  labels: 
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- if or .Values.serviceAccount.imagePullSecrets .Values.global.imagePullSecrets }}
+imagePullSecrets:
+  {{- include "prometheus-node-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.serviceAccount.imagePullSecrets) | indent 2 }}
+{{- end }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/servicemonitor.yaml
new file mode 100644
index 0000000000..6d6e440473
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/servicemonitor.yaml
@@ -0,0 +1,71 @@
+{{- if .Values.prometheus.monitor.enabled }}
+apiVersion: {{ .Values.prometheus.monitor.apiVersion | default "monitoring.coreos.com/v1" }}
+kind: ServiceMonitor
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  namespace: {{ include "prometheus-node-exporter.monitor-namespace" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+    {{- with .Values.prometheus.monitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.monitor.jobLabel }}
+  {{- include "servicemonitor.scrapeLimits" .Values.prometheus.monitor | nindent 2 }}
+  {{- with .Values.prometheus.monitor.podTargetLabels }}
+  podTargetLabels:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  selector:
+    matchLabels:
+    {{- with .Values.prometheus.monitor.selectorOverride }}
+      {{- toYaml . | nindent 6 }}
+    {{- else }}
+      {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }}
+    {{- end }}
+  {{- with .Values.prometheus.monitor.attachMetadata }}
+  attachMetadata:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  endpoints:
+    - port: {{ .Values.service.portName }}
+      scheme: {{ .Values.prometheus.monitor.scheme }}
+      {{- with .Values.prometheus.monitor.basicAuth }}
+      basicAuth:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.bearerTokenFile }}
+      bearerTokenFile: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.tlsConfig }}
+      tlsConfig:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.proxyUrl }}
+      proxyUrl: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.interval }}
+      interval: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.scrapeTimeout }}
+      scrapeTimeout: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.relabelings }}
+      relabelings:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+      metricRelabelings:
+        {{- with .Values.prometheus.monitor.metricRelabelings }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{ if .Values.global.cattle.clusterId }}
+        - sourceLabels: [__address__]
+          targetLabel: cluster_id
+          replacement: {{ .Values.global.cattle.clusterId }}
+        {{- end }}
+        {{ if .Values.global.cattle.clusterName }}
+        - sourceLabels: [__address__]
+          targetLabel: cluster_name
+          replacement: {{ .Values.global.cattle.clusterName }}
+      {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/verticalpodautoscaler.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/verticalpodautoscaler.yaml
new file mode 100644
index 0000000000..2c2705f872
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/templates/verticalpodautoscaler.yaml
@@ -0,0 +1,40 @@
+{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1") (.Values.verticalPodAutoscaler.enabled) }}
+apiVersion: autoscaling.k8s.io/v1
+kind: VerticalPodAutoscaler
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  namespace: {{ include "prometheus-node-exporter.namespace" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+spec:
+  {{- with .Values.verticalPodAutoscaler.recommenders }}
+  recommenders:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  resourcePolicy:
+    containerPolicies:
+    - containerName: node-exporter
+      {{- with .Values.verticalPodAutoscaler.controlledResources }}
+      controlledResources:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.verticalPodAutoscaler.controlledValues }}
+      controlledValues: {{ . }}
+      {{- end }}
+      {{- with .Values.verticalPodAutoscaler.maxAllowed }}
+      maxAllowed:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.verticalPodAutoscaler.minAllowed }}
+      minAllowed:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+  targetRef:
+    apiVersion: apps/v1
+    kind: DaemonSet
+    name: {{ include "prometheus-node-exporter.fullname" . }}
+  {{- with .Values.verticalPodAutoscaler.updatePolicy }}
+  updatePolicy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/values.yaml
new file mode 100644
index 0000000000..b9f2f7ab87
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/prometheus-node-exporter/values.yaml
@@ -0,0 +1,530 @@
+# Default values for prometheus-node-exporter.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+image:
+  registry: docker.io
+  repository: rancher/mirrored-prometheus-node-exporter
+  # Overrides the image tag whose default is {{ printf "v%s" .Chart.AppVersion }}
+  tag: v1.7.0
+  pullPolicy: IfNotPresent
+  digest: ""
+
+imagePullSecrets: []
+# - name: "image-pull-secret"
+nameOverride: ""
+fullnameOverride: ""
+
+# Number of old history to retain to allow rollback
+# Default Kubernetes value is set to 10
+revisionHistoryLimit: 10
+
+global:
+  cattle:
+    psp:
+      enable: true
+    systemDefaultRegistry: ""
+
+  # To help compatibility with other charts which use global.imagePullSecrets.
+  # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style).
+  # global:
+  #   imagePullSecrets:
+  #   - name: pullSecret1
+  #   - name: pullSecret2
+  # or
+  # global:
+  #   imagePullSecrets:
+  #   - pullSecret1
+  #   - pullSecret2
+  imagePullSecrets: []
+  #
+  # Allow parent charts to override registry hostname
+  imageRegistry: "docker.io"
+
+# Configure kube-rbac-proxy. When enabled, creates a kube-rbac-proxy to protect the node-exporter http endpoint.
+# The requests are served through the same service but requests are HTTPS.
+kubeRBACProxy:
+  enabled: false
+  ## Set environment variables as name/value pairs
+  env: {}
+    # VARIABLE: value
+  image:
+    registry: docker.io
+    repository: rancher/mirrored-kube-rbac-proxy
+    tag: v0.15.0
+    sha: ""
+    pullPolicy: IfNotPresent
+
+  # List of additional cli arguments to configure kube-rbac-proxy
+  # for example: --tls-cipher-suites, --log-file, etc.
+  # all the possible args can be found here: https://github.com/brancz/kube-rbac-proxy#usage
+  extraArgs: []
+
+  ## Specify security settings for a Container
+  ## Allows overrides and additional options compared to (Pod) securityContext
+  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
+  containerSecurityContext: {}
+
+  # Specify the port used for the Node exporter container (upstream port)
+  port: 8100
+  # Specify the name of the container port
+  portName: http
+  # Configure a hostPort. If true, hostPort will be enabled in the container and set to service.port.
+  enableHostPort: false
+
+  resources: {}
+    # We usually recommend not to specify default resources and to leave this as a conscious
+    # choice for the user. This also increases chances charts run on environments with little
+    # resources, such as Minikube. If you do want to specify resources, uncomment the following
+    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+    # limits:
+    #  cpu: 100m
+    #  memory: 64Mi
+  # requests:
+  #  cpu: 10m
+  #  memory: 32Mi
+
+service:
+  enabled: true
+  type: ClusterIP
+  port: 9796
+  targetPort: 9796
+  nodePort:
+  portName: metrics
+  listenOnAllInterfaces: true
+  annotations:
+    prometheus.io/scrape: "true"
+  ipDualStack:
+    enabled: false
+    ipFamilies: ["IPv6", "IPv4"]
+    ipFamilyPolicy: "PreferDualStack"
+
+# Set a NetworkPolicy with:
+# ingress only on service.port
+# no egress permitted
+networkPolicy:
+  enabled: false
+
+# Additional environment variables that will be passed to the daemonset
+env: {}
+##  env:
+##    VARIABLE: value
+
+prometheus:
+  monitor:
+    enabled: false
+    additionalLabels: {}
+    namespace: ""
+
+    jobLabel: ""
+
+    # List of pod labels to add to node exporter metrics
+    # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitor
+    podTargetLabels: []
+
+    scheme: http
+    basicAuth: {}
+    bearerTokenFile:
+    tlsConfig: {}
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## Override serviceMonitor selector
+    ##
+    selectorOverride: {}
+
+    ## Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above.
+    ##
+    attachMetadata:
+      node: false
+
+    relabelings: []
+    metricRelabelings: []
+    interval: ""
+    scrapeTimeout: 10s
+    ## prometheus.monitor.apiVersion ApiVersion for the serviceMonitor Resource(defaults to "monitoring.coreos.com/v1")
+    apiVersion: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+  # PodMonitor defines monitoring for a set of pods.
+  # ref. https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.PodMonitor
+  # Using a PodMonitor may be preferred in some environments where there is very large number
+  # of Node Exporter endpoints (1000+) behind a single service.
+  # The PodMonitor is disabled by default. When switching from ServiceMonitor to PodMonitor,
+  # the time series resulting from the configuration through PodMonitor may have different labels.
+  # For instance, there will not be the service label any longer which might
+  # affect PromQL queries selecting that label.
+  podMonitor:
+    enabled: false
+    # Namespace in which to deploy the pod monitor. Defaults to the release namespace.
+    namespace: ""
+    # Additional labels, e.g. setting a label for pod monitor selector as set in prometheus
+    additionalLabels: {}
+    #  release: kube-prometheus-stack
+    # PodTargetLabels transfers labels of the Kubernetes Pod onto the target.
+    podTargetLabels: []
+    # apiVersion defaults to monitoring.coreos.com/v1.
+    apiVersion: ""
+    # Override pod selector to select pod objects.
+    selectorOverride: {}
+    # Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above.
+    attachMetadata:
+      node: false
+    # The label to use to retrieve the job name from. Defaults to label app.kubernetes.io/name.
+    jobLabel: ""
+
+    # Scheme/protocol to use for scraping.
+    scheme: "http"
+    # Path to scrape metrics at.
+    path: "/metrics"
+
+    # BasicAuth allow an endpoint to authenticate over basic authentication.
+    # More info: https://prometheus.io/docs/operating/configuration/#endpoint
+    basicAuth: {}
+    # Secret to mount to read bearer token for scraping targets.
+    # The secret needs to be in the same namespace as the pod monitor and accessible by the Prometheus Operator.
+    # https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#secretkeyselector-v1-core
+    bearerTokenSecret: {}
+    # TLS configuration to use when scraping the endpoint.
+    tlsConfig: {}
+    # Authorization section for this endpoint.
+    # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.SafeAuthorization
+    authorization: {}
+    # OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
+    # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.OAuth2
+    oauth2: {}
+
+    # ProxyURL eg http://proxyserver:2195. Directs scrapes through proxy to this endpoint.
+    proxyUrl: ""
+    # Interval at which endpoints should be scraped. If not specified Prometheus’ global scrape interval is used.
+    interval: ""
+    # Timeout after which the scrape is ended. If not specified, the Prometheus global scrape interval is used.
+    scrapeTimeout: ""
+    # HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data.
+    honorTimestamps: true
+    # HonorLabels chooses the metric’s labels on collisions with target labels.
+    honorLabels: true
+    # Whether to enable HTTP2. Default false.
+    enableHttp2: ""
+    # Drop pods that are not running. (Failed, Succeeded).
+    # Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase
+    filterRunning: ""
+    # FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. Default false.
+    followRedirects: ""
+    # Optional HTTP URL parameters
+    params: {}
+
+    # RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds
+    # relabelings for a few standard Kubernetes fields. The original scrape job’s name
+    # is available via the __tmp_prometheus_job_name label.
+    # More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
+    relabelings: []
+    # MetricRelabelConfigs to apply to samples before ingestion.
+    metricRelabelings: []
+
+    # SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    sampleLimit: 0
+    # TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    targetLimit: 0
+    # Per-scrape limit on number of labels that will be accepted for a sample.
+    # Only valid in Prometheus versions 2.27.0 and newer.
+    labelLimit: 0
+    # Per-scrape limit on length of labels name that will be accepted for a sample.
+    # Only valid in Prometheus versions 2.27.0 and newer.
+    labelNameLengthLimit: 0
+    # Per-scrape limit on length of labels value that will be accepted for a sample.
+    # Only valid in Prometheus versions 2.27.0 and newer.
+    labelValueLengthLimit: 0
+
+## Customize the updateStrategy if set
+updateStrategy:
+  type: RollingUpdate
+  rollingUpdate:
+    maxUnavailable: 1
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 200m
+  #   memory: 50Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 30Mi
+
+# Specify the container restart policy passed to the Node Export container
+# Possible Values: Always (default)|OnFailure|Never
+restartPolicy: null
+
+serviceAccount:
+  # Specifies whether a ServiceAccount should be created
+  create: true
+  # The name of the ServiceAccount to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name:
+  annotations: {}
+  imagePullSecrets: []
+  automountServiceAccountToken: false
+
+securityContext:
+  fsGroup: 65534
+  runAsGroup: 65534
+  runAsNonRoot: true
+  runAsUser: 65534
+
+containerSecurityContext:
+  readOnlyRootFilesystem: true
+  # capabilities:
+  #   add:
+  #   - SYS_TIME
+
+rbac:
+  ## If true, create & use RBAC resources
+  ##
+  create: true
+  pspAnnotations: {}
+
+# for deployments that have node_exporter deployed outside of the cluster, list
+# their addresses here
+endpoints: []
+
+# Expose the service to the host network
+hostNetwork: true
+
+# Share the host process ID namespace
+hostPID: true
+
+# Mount the node's root file system (/) at /host/root in the container
+hostRootFsMount:
+  enabled: true
+  # Defines how new mounts in existing mounts on the node or in the container
+  # are propagated to the container or node, respectively. Possible values are
+  # None, HostToContainer, and Bidirectional. If this field is omitted, then
+  # None is used. More information on:
+  # https://kubernetes.io/docs/concepts/storage/volumes/#mount-propagation
+  mountPropagation: HostToContainer
+
+# Mount the node's proc file system (/proc) at /host/proc in the container
+hostProcFsMount:
+  # Possible values are None, HostToContainer, and Bidirectional
+  mountPropagation: ""
+
+# Mount the node's sys file system (/sys) at /host/sys in the container
+hostSysFsMount:
+  # Possible values are None, HostToContainer, and Bidirectional
+  mountPropagation: ""
+
+## Assign a group of affinity scheduling rules
+##
+affinity: {}
+#   nodeAffinity:
+#     requiredDuringSchedulingIgnoredDuringExecution:
+#       nodeSelectorTerms:
+#         - matchFields:
+#             - key: metadata.name
+#               operator: In
+#               values:
+#                 - target-host-name
+
+# Annotations to be added to node exporter pods
+podAnnotations:
+  # Fix for very slow GKE cluster upgrades
+  cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
+
+# Extra labels to be added to node exporter pods
+podLabels: {}
+
+# Annotations to be added to node exporter daemonset
+daemonsetAnnotations: {}
+
+## set to true to add the release label so scraping of the servicemonitor with kube-prometheus-stack works out of the box
+releaseLabel: false
+
+# Custom DNS configuration to be added to prometheus-node-exporter pods
+dnsConfig: {}
+# nameservers:
+#   - 1.2.3.4
+# searches:
+#   - ns1.svc.cluster-domain.example
+#   - my.dns.search.suffix
+# options:
+#   - name: ndots
+#     value: "2"
+#   - name: edns0
+
+## Assign a nodeSelector if operating a hybrid cluster
+##
+nodeSelector:
+  kubernetes.io/os: linux
+  #  kubernetes.io/arch: amd64
+
+# Specify grace period for graceful termination of pods. Defaults to 30 if null or not specified
+terminationGracePeriodSeconds: null
+
+tolerations:
+  - effect: NoSchedule
+    operator: Exists
+  - effect: NoExecute
+    operator: Exists
+
+# Enable or disable container termination message settings
+# https://kubernetes.io/docs/tasks/debug/debug-application/determine-reason-pod-failure/
+terminationMessageParams:
+  enabled: false
+  # If enabled, specify the path for termination messages
+  terminationMessagePath: /dev/termination-log
+  # If enabled, specify the policy for termination messages
+  terminationMessagePolicy: File
+
+
+## Assign a PriorityClassName to pods if set
+# priorityClassName: ""
+
+## Additional container arguments
+##
+extraArgs: []
+#   - --collector.diskstats.ignored-devices=^(ram|loop|fd|(h|s|v)d[a-z]|nvme\\d+n\\d+p)\\d+$
+#   - --collector.textfile.directory=/run/prometheus
+
+## Additional mounts from the host to node-exporter container
+##
+extraHostVolumeMounts: []
+#  - name: <mountName>
+#    hostPath: <hostPath>
+#    https://kubernetes.io/docs/concepts/storage/volumes/#hostpath-volume-types
+#    type: "" (Default)|DirectoryOrCreate|Directory|FileOrCreate|File|Socket|CharDevice|BlockDevice
+#    mountPath: <mountPath>
+#    readOnly: true|false
+#    mountPropagation: None|HostToContainer|Bidirectional
+
+## Additional configmaps to be mounted.
+##
+configmaps: []
+# - name: <configMapName>
+#   mountPath: <mountPath>
+secrets: []
+# - name: <secretName>
+#   mountPath: <mountPatch>
+## Override the deployment namespace
+##
+namespaceOverride: ""
+
+## Additional containers for export metrics to text file; fields image,imagePullPolicy,securityContext take default value from main container
+##
+sidecars: []
+#  - name: nvidia-dcgm-exporter
+#    image: nvidia/dcgm-exporter:1.4.3
+#    volumeMounts:
+#     - name: tmp
+#       mountPath: /tmp
+
+## Volume for sidecar containers
+##
+sidecarVolumeMount: []
+#  - name: collector-textfiles
+#    mountPath: /run/prometheus
+#    readOnly: false
+
+## Additional mounts from the host to sidecar containers
+##
+sidecarHostVolumeMounts: []
+#  - name: <mountName>
+#    hostPath: <hostPath>
+#    mountPath: <mountPath>
+#    readOnly: true|false
+#    mountPropagation: None|HostToContainer|Bidirectional
+
+## Additional InitContainers to initialize the pod
+##
+extraInitContainers: []
+
+## Liveness probe
+##
+livenessProbe:
+  failureThreshold: 3
+  httpGet:
+    httpHeaders: []
+    scheme: http
+  initialDelaySeconds: 0
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 1
+
+## Readiness probe
+##
+readinessProbe:
+  failureThreshold: 3
+  httpGet:
+    httpHeaders: []
+    scheme: http
+  initialDelaySeconds: 0
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 1
+
+# Enable vertical pod autoscaler support for prometheus-node-exporter
+verticalPodAutoscaler:
+  enabled: false
+
+  # Recommender responsible for generating recommendation for the object.
+  # List should be empty (then the default recommender will generate the recommendation)
+  # or contain exactly one recommender.
+  # recommenders:
+  # - name: custom-recommender-performance
+
+  # List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
+  controlledResources: []
+  # Specifies which resource values should be controlled: RequestsOnly or RequestsAndLimits.
+  # controlledValues: RequestsAndLimits
+
+  # Define the max allowed resources for the pod
+  maxAllowed: {}
+  # cpu: 200m
+  # memory: 100Mi
+  # Define the min allowed resources for the pod
+  minAllowed: {}
+  # cpu: 200m
+  # memory: 100Mi
+
+  # updatePolicy:
+    # Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction
+    # minReplicas: 1
+    # Specifies whether recommended updates are applied when a Pod is started and whether recommended updates
+    # are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto".
+    # updateMode: Auto
+
+# Extra manifests to deploy as an array
+extraManifests: []
+  # - |
+  #   apiVersion: v1
+  #   kind: ConfigMap
+  #   metadata:
+  #     name: prometheus-extra
+  #   data:
+  #     extra-data: "value"
+
+# Override version of app, required if image.tag is defined and does not follow semver
+version: ""
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/Chart.yaml
new file mode 100644
index 0000000000..29f844722b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rke2ControllerManager
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2ControllerManager/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/Chart.yaml
new file mode 100644
index 0000000000..b3f7e373c0
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rke2Etcd
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Etcd/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/Chart.yaml
new file mode 100644
index 0000000000..515ee6f46c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rke2IngressNginx
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2IngressNginx/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/Chart.yaml
new file mode 100644
index 0000000000..9e649a4ac1
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rke2Proxy
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Proxy/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/Chart.yaml
new file mode 100644
index 0000000000..fa2a8497d5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rke2Scheduler
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rke2Scheduler/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/Chart.yaml
new file mode 100644
index 0000000000..f0607ed45e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rkeControllerManager
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeControllerManager/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/Chart.yaml
new file mode 100644
index 0000000000..eeef424a32
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rkeEtcd
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeEtcd/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/Chart.yaml
new file mode 100644
index 0000000000..02345baf58
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rkeIngressNginx
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeIngressNginx/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/Chart.yaml
new file mode 100644
index 0000000000..7b7807944a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rkeProxy
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeProxy/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/Chart.yaml
new file mode 100644
index 0000000000..0f09aad1d8
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rkeScheduler
+type: application
+version: 0.2.0
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-clients.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/rkeScheduler/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/.helmignore b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/.helmignore
new file mode 100644
index 0000000000..f0c1319444
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/Chart.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/Chart.yaml
new file mode 100644
index 0000000000..e3999c6ff2
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/Chart.yaml
@@ -0,0 +1,24 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: windows
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-windows-exporter
+apiVersion: v2
+appVersion: 0.25.1
+description: A Helm chart for prometheus windows-exporter
+home: https://github.com/prometheus-community/windows_exporter/
+keywords:
+- windows-exporter
+- windows
+- prometheus
+- exporter
+maintainers:
+- email: github@jkroepke.de
+  name: jkroepke
+name: windowsExporter
+sources:
+- https://github.com/prometheus-community/windows_exporter/
+type: application
+version: 0.3.1
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/README.md b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/README.md
new file mode 100644
index 0000000000..1da1c64e12
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/README.md
@@ -0,0 +1,42 @@
+# Prometheus `Windows Exporter`
+
+Prometheus exporter for hardware and OS metrics exposed by Windows kernels, written in Go with pluggable metric collectors.
+
+This chart bootstraps a prometheus [`Windows Exporter`](http://github.com/prometheus-community/windows_exporter) daemonset on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
+
+## Get Repository Info
+
+```console
+helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+helm repo update
+```
+
+_See [`helm repo`](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+
+## Install Chart
+
+```console
+helm install [RELEASE_NAME] prometheus-community/prometheus-windows-exporter
+```
+
+_See [configuration](#configuring) below._
+
+_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
+
+## Uninstall Chart
+
+```console
+helm uninstall [RELEASE_NAME]
+```
+
+This removes all the Kubernetes components associated with the chart and deletes the release.
+
+_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
+
+## Configuring
+
+See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands:
+
+```console
+helm show values prometheus-community/prometheus-windows-exporter
+```
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/scripts/configure-firewall.ps1 b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/scripts/configure-firewall.ps1
new file mode 100644
index 0000000000..9cbed7112d
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/scripts/configure-firewall.ps1
@@ -0,0 +1,31 @@
+$ErrorActionPreference = 'Continue'
+
+function CheckFirewallRuleError {
+    # We hit an error. This can happen for a number of reasons, including if the rule already exists
+    if ($error[0]) {
+        if (($error[0].Exception.NativeErrorCode) -and ($error[0].Exception.NativeErrorCode.ToString() -eq "AlreadyExists")) {
+            # Previous versions of monitoring may have already created this Firewall Rule
+            # Because of this, if the rule alreadys exists there is no need to delete and recreate it.
+            Write-Host "Detected Existing Firewall Rule, Nothing To Do"
+        } else {
+            Write-Host "Error Encountered Setting Up Required Firewall Rule"
+            $error[0].Exception
+            exit 1
+        }
+    }
+}
+
+Write-Host "Attempting To Configure Firewall Rules For Ports 9796, 10250"
+
+# This is the exact same firewall rule that has historically been created by rancher-wins
+# https://github.com/rancher/wins/blob/91f670c47f19c6d9fe97d8f66a695d3081ad994f/pkg/apis/process_service_mgmt.go#L149
+New-NetFirewallRule -DisplayName rancher-wins-windows-exporter-TCP-9796 -Name rancher-wins-windows-exporter-TCP-9796 -Action Allow -Protocol TCP -LocalPort 9796 -Enabled True -PolicyStore ActiveStore
+CheckFirewallRuleError
+Write-Host "Windows Node Exporter Firewall Rule Successfully Created"
+
+# This rule is required in order to have the Rancher UI display node metrics in the 'Nodes' tab of the cluster explorer
+New-NetFirewallRule -DisplayName rancher-wins-windows-exporter-TCP-10250 -Name rancher-wins-windows-exporter-TCP-10250 -Action Allow -Protocol TCP -LocalPort 10250 -Enabled True -PolicyStore ActiveStore
+CheckFirewallRuleError
+Write-Host "Windows Prometheus Metrics Firewall Rule Successfully Created"
+
+Write-Host "All Firewall Rules Successfully Configured"
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/_helpers.tpl
new file mode 100644
index 0000000000..c9a5d6db8c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/_helpers.tpl
@@ -0,0 +1,216 @@
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+The components in this chart create additional resources that expand the longest created name strings.
+The longest name that gets created adds and extra 37 characters, so truncation should be 63-35=26.
+*/}}
+{{- define "prometheus-windows-exporter.fullname" -}}
+{{ printf "%s-windows-exporter" .Release.Name }}
+{{- end -}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "windowsExporter.renamedMetricsRelabeling" -}}
+{{- range $original, $new := (include "windowsExporter.renamedMetrics" . | fromJson) -}}
+- sourceLabels: [__name__]
+  regex: {{ $original }}
+  replacement: '{{ $new }}'
+  targetLabel: __name__
+{{ end -}}
+{{- end -}}
+
+{{- define "windowsExporter.labels" -}}
+k8s-app: {{ template "prometheus-windows-exporter.fullname" . }}
+release: {{ .Release.Name }}
+component: "windows-exporter"
+provider: kubernetes
+{{- end -}}
+
+{{- define "windowsExporter.renamedMetrics" -}}
+{{- $renamed := dict -}}
+{{/* v0.15.0 */}}
+{{- $_ := set $renamed "windows_mssql_transactions_active_total" "windows_mssql_transactions_active" -}}
+{{/* v0.16.0 */}}
+{{- $_ := set $renamed "windows_adfs_ad_login_connection_failures" "windows_adfs_ad_login_connection_failures_total" -}}
+{{- $_ := set $renamed "windows_adfs_certificate_authentications" "windows_adfs_certificate_authentications_total" -}}
+{{- $_ := set $renamed "windows_adfs_device_authentications" "windows_adfs_device_authentications_total" -}}
+{{- $_ := set $renamed "windows_adfs_extranet_account_lockouts" "windows_adfs_extranet_account_lockouts_total" -}}
+{{- $_ := set $renamed "windows_adfs_federated_authentications" "windows_adfs_federated_authentications_total" -}}
+{{- $_ := set $renamed "windows_adfs_passport_authentications" "windows_adfs_passport_authentications_total" -}}
+{{- $_ := set $renamed "windows_adfs_password_change_failed" "windows_adfs_password_change_failed_total" -}}
+{{- $_ := set $renamed "windows_adfs_password_change_succeeded" "windows_adfs_password_change_succeeded_total" -}}
+{{- $_ := set $renamed "windows_adfs_token_requests" "windows_adfs_token_requests_total" -}}
+{{- $_ := set $renamed "windows_adfs_windows_integrated_authentications" "windows_adfs_windows_integrated_authentications_total" -}}
+{{- $_ := set $renamed "windows_net_packets_outbound_errors" "windows_net_packets_outbound_errors_total" -}}
+{{- $_ := set $renamed "windows_net_packets_received_discarded" "windows_net_packets_received_discarded_total" -}}
+{{- $_ := set $renamed "windows_net_packets_received_errors" "windows_net_packets_received_errors_total" -}}
+{{- $_ := set $renamed "windows_net_packets_received_total" "windows_net_packets_received_total_total" -}}
+{{- $_ := set $renamed "windows_net_packets_received_unknown" "windows_net_packets_received_unknown_total" -}}
+{{- $_ := set $renamed "windows_dns_memory_used_bytes_total" "windows_dns_memory_used_bytes" -}}
+{{- $renamed | toJson -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "prometheus-windows-exporter.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "prometheus-windows-exporter.labels" -}}
+helm.sh/chart: {{ include "prometheus-windows-exporter.chart" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/component: metrics
+app.kubernetes.io/part-of: {{ include "prometheus-windows-exporter.name" . }}
+{{ include "prometheus-windows-exporter.selectorLabels" . }}
+{{- with .Chart.AppVersion }}
+app.kubernetes.io/version: {{ . | quote }}
+{{- end }}
+{{- with .Values.podLabels }}
+{{ toYaml . }}
+{{- end }}
+{{- if .Values.releaseLabel }}
+release: {{ .Release.Name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "prometheus-windows-exporter.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "prometheus-windows-exporter.fullname" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "prometheus-windows-exporter.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "prometheus-windows-exporter.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+The image to use
+*/}}
+{{- define "prometheus-windows-exporter.image" -}}
+{{- if .Values.image.sha }}
+{{- fail "image.sha forbidden. Use image.digest instead" }}
+{{- else if .Values.image.digest }}
+{{- if .Values.global.cattle.systemDefaultRegistry }}
+{{- printf "%s/%s:%s@%s" .Values.global.cattle.systemDefaultRegistry .Values.image.repository (default .Chart.AppVersion .Values.image.tag) .Values.image.digest }}
+{{- else }}
+{{- printf "%s/%s:%s@%s" .Values.image.registry .Values.image.repository (default .Chart.AppVersion .Values.image.tag) .Values.image.digest }}
+{{- end }}
+{{- else }}
+{{- if .Values.global.cattle.systemDefaultRegistry }}
+{{- printf "%s/%s:%s" .Values.global.cattle.systemDefaultRegistry .Values.image.repository (default .Chart.AppVersion .Values.image.tag) }}
+{{- else }}
+{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository (default .Chart.AppVersion .Values.image.tag) }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Allow the release namespace to be overridden for multi-namespace deployments in combined charts
+*/}}
+{{- define "prometheus-windows-exporter.namespace" -}}
+{{- if .Values.namespaceOverride }}
+{{- .Values.namespaceOverride }}
+{{- else }}
+{{- .Release.Namespace }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create the namespace name of the service monitor
+*/}}
+{{- define "prometheus-windows-exporter.monitor-namespace" -}}
+{{- if .Values.namespaceOverride }}
+{{- .Values.namespaceOverride }}
+{{- else }}
+{{- if .Values.prometheus.monitor.namespace }}
+{{- .Values.prometheus.monitor.namespace }}
+{{- else }}
+{{- .Release.Namespace }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/* Sets default scrape limits for servicemonitor */}}
+{{- define "servicemonitor.scrapeLimits" -}}
+{{- with .sampleLimit }}
+sampleLimit: {{ . }}
+{{- end }}
+{{- with .targetLimit }}
+targetLimit: {{ . }}
+{{- end }}
+{{- with .labelLimit }}
+labelLimit: {{ . }}
+{{- end }}
+{{- with .labelNameLengthLimit }}
+labelNameLengthLimit: {{ . }}
+{{- end }}
+{{- with .labelValueLengthLimit }}
+labelValueLengthLimit: {{ . }}
+{{- end }}
+{{- end }}
+
+{{/*
+Formats imagePullSecrets. Input is (dict "Values" .Values "imagePullSecrets" .{specific imagePullSecrets})
+*/}}
+{{- define "prometheus-windows-exporter.imagePullSecrets" -}}
+{{- range (concat .Values.global.imagePullSecrets .imagePullSecrets) }}
+  {{- if eq (typeOf .) "map[string]interface {}" }}
+- {{ toYaml . | trim }}
+  {{- else }}
+- name: {{ . }}
+  {{- end }}
+{{- end }}
+{{- end -}}
+
+{{/*
+Create the namespace name of the pod monitor
+*/}}
+{{- define "prometheus-windows-exporter.podmonitor-namespace" -}}
+{{- if .Values.namespaceOverride }}
+{{- .Values.namespaceOverride }}
+{{- else }}
+{{- if .Values.prometheus.podMonitor.namespace }}
+{{- .Values.prometheus.podMonitor.namespace }}
+{{- else }}
+{{- .Release.Namespace }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/* Sets default scrape limits for podmonitor */}}
+{{- define "podmonitor.scrapeLimits" -}}
+{{- with .sampleLimit }}
+sampleLimit: {{ . }}
+{{- end }}
+{{- with .targetLimit }}
+targetLimit: {{ . }}
+{{- end }}
+{{- with .labelLimit }}
+labelLimit: {{ . }}
+{{- end }}
+{{- with .labelNameLengthLimit }}
+labelNameLengthLimit: {{ . }}
+{{- end }}
+{{- with .labelValueLengthLimit }}
+labelValueLengthLimit: {{ . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/config.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/config.yaml
new file mode 100644
index 0000000000..25f1fa69c2
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/config.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "prometheus-windows-exporter.fullname" . }}
+  namespace: {{ include "prometheus-windows-exporter.namespace" . }}
+  labels:
+    {{- include "windowsExporter.labels" $ | nindent 4 }}
+  {{- with .Values.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+data:
+  config.yml: |
+    {{- .Values.config | nindent 4 }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/daemonset.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/daemonset.yaml
new file mode 100644
index 0000000000..be7feb3ed1
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/daemonset.yaml
@@ -0,0 +1,200 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: {{ include "prometheus-windows-exporter.fullname" . }}
+  namespace: {{ include "prometheus-windows-exporter.namespace" . }}
+  labels:
+    {{- include "windowsExporter.labels" . | nindent 4 }}
+  {{- with .Values.daemonsetAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  selector:
+    matchLabels:
+      {{- include "windowsExporter.labels" . | nindent 6 }}
+  {{- with .Values.updateStrategy }}
+  updateStrategy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "windowsExporter.labels" . | nindent 8 }}
+    spec:
+      automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
+      {{- with .Values.securityContext }}
+      securityContext:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.priorityClassName }}
+      priorityClassName: {{ . }}
+      {{- end }}
+      initContainers:
+        - name: configure-firewall
+          image: {{ include "prometheus-windows-exporter.image" . }}
+          command:
+          - C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe
+          args: ["-f", "scripts/configure-firewall.ps1"]
+          volumeMounts:
+            - mountPath: /scripts
+              name: exporter-scripts
+        {{- with .Values.extraInitContainers }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+      serviceAccountName: {{ include "prometheus-windows-exporter.fullname" . }}
+      containers:
+        - name: windows-exporter
+          image: {{ include "prometheus-windows-exporter.image" . }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          args:
+            - --config.file=%CONTAINER_SANDBOX_MOUNT_POINT%/config.yml
+            - --collector.textfile.directories=%CONTAINER_SANDBOX_MOUNT_POINT%
+            - --web.listen-address=:{{ .Values.service.port }}
+            {{- with .Values.extraArgs }}
+            {{- toYaml . | nindent 12 }}
+            {{- end }}
+          {{- with .Values.securityContext }}
+          securityContext:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          env:
+            {{- range $key, $value := .Values.env }}
+            - name: {{ $key }}
+              value: {{ $value | quote }}
+            {{- end }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.service.port }}
+              hostPort: {{ .Values.service.port }}
+              protocol: TCP
+          livenessProbe:
+            failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+            httpGet:
+              httpHeaders:
+              {{- range $_, $header := .Values.livenessProbe.httpGet.httpHeaders }}
+              - name: {{ $header.name }}
+                value: {{ $header.value }}
+              {{- end }}
+              path: /
+              port: {{ .Values.service.port }}
+              scheme: {{ upper .Values.livenessProbe.httpGet.scheme }}
+            initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+            successThreshold: {{ .Values.livenessProbe.successThreshold }}
+            timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
+          readinessProbe:
+            failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+            httpGet:
+              httpHeaders:
+              {{- range $_, $header := .Values.readinessProbe.httpGet.httpHeaders }}
+              - name: {{ $header.name }}
+                value: {{ $header.value }}
+              {{- end }}
+              path: /
+              port: {{ .Values.service.port }}
+              scheme: {{ upper .Values.readinessProbe.httpGet.scheme }}
+            initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+            successThreshold: {{ .Values.readinessProbe.successThreshold }}
+            timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
+          {{- with .Values.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          volumeMounts:
+            - name: config
+              mountPath: /config.yml
+              subPath: config.yml
+            {{- range $_, $mount := .Values.extraHostVolumeMounts }}
+            - name: {{ $mount.name }}
+              mountPath: {{ $mount.mountPath }}
+              readOnly: {{ $mount.readOnly }}
+            {{- end }}
+            {{- range $_, $mount := .Values.sidecarVolumeMount }}
+            - name: {{ $mount.name }}
+              mountPath: {{ $mount.mountPath }}
+              readOnly: true
+            {{- end }}
+            {{- range $_, $mount := .Values.configmaps }}
+            - name: {{ $mount.name }}
+              mountPath: {{ $mount.mountPath }}
+            {{- end }}
+            {{- range $_, $mount := .Values.secrets }}
+            - name: {{ .name }}
+              mountPath: {{ .mountPath }}
+            {{- end }}
+        {{- with .Values.sidecars }}
+        {{- toYaml . | nindent 8 }}
+          {{- if or .Values.sidecarVolumeMount .Values.sidecarHostVolumeMounts }}
+          volumeMounts:
+            {{- range $_, $mount := .Values.sidecarVolumeMount }}
+            - name: {{ $mount.name }}
+              mountPath: {{ $mount.mountPath }}
+              readOnly: {{ $mount.readOnly }}
+            {{- end }}
+            {{- range $_, $mount := .Values.sidecarHostVolumeMounts }}
+            - name: {{ $mount.name }}
+              mountPath: {{ $mount.mountPath }}
+              readOnly: {{ $mount.readOnly }}
+            {{- end }}
+          {{- end }}
+        {{- end }}
+      {{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }}
+      imagePullSecrets:
+        {{- include "prometheus-windows-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.imagePullSecrets) | indent 8 }}
+      {{- end }}
+      hostNetwork: {{ .Values.hostNetwork }}
+      hostPID: {{ .Values.hostPID }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.dnsConfig }}
+      dnsConfig:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      volumes:
+        - name: exporter-scripts
+          configMap:
+            name: {{ include "prometheus-windows-exporter.fullname" . }}-scripts
+        - name: config
+          configMap:
+            name: {{ include "prometheus-windows-exporter.fullname" . }}
+        {{- range $_, $mount := .Values.extraHostVolumeMounts }}
+        - name: {{ $mount.name }}
+          hostPath:
+            path: {{ $mount.hostPath }}
+        {{- end }}
+        {{- range $_, $mount := .Values.sidecarVolumeMount }}
+        - name: {{ $mount.name }}
+          emptyDir:
+            medium: Memory
+        {{- end }}
+        {{- range $_, $mount := .Values.sidecarHostVolumeMounts }}
+        - name: {{ $mount.name }}
+          hostPath:
+            path: {{ $mount.hostPath }}
+        {{- end }}
+        {{- range $_, $mount := .Values.configmaps }}
+        - name: {{ $mount.name }}
+          configMap:
+            name: {{ $mount.name }}
+        {{- end }}
+        {{- range $_, $mount := .Values.secrets }}
+        - name: {{ $mount.name }}
+          secret:
+            secretName: {{ $mount.name }}
+        {{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/podmonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/podmonitor.yaml
new file mode 100644
index 0000000000..bbb6c39340
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/podmonitor.yaml
@@ -0,0 +1,91 @@
+{{- if .Values.prometheus.podMonitor.enabled }}
+apiVersion: {{ .Values.prometheus.podMonitor.apiVersion | default "monitoring.coreos.com/v1" }}
+kind: PodMonitor
+metadata:
+  name: {{ include "prometheus-windows-exporter.fullname" . }}
+  namespace: {{ include "prometheus-windows-exporter.podmonitor-namespace" . }}
+  labels:
+    {{- include "windowsExporter.labels" . | nindent 4 }}
+    {{- with .Values.prometheus.podMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.podMonitor.jobLabel }}
+  {{- include "podmonitor.scrapeLimits" .Values.prometheus.podMonitor | nindent 2 }}
+  selector:
+    matchLabels:
+    {{- with .Values.prometheus.podMonitor.selectorOverride }}
+      {{- toYaml . | nindent 6 }}
+    {{- else }}
+      {{- include "prometheus-windows-exporter.selectorLabels" . | nindent 6 }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - {{ include "prometheus-windows-exporter.namespace" . }}
+  {{- with .Values.prometheus.podMonitor.attachMetadata }}
+  attachMetadata:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.prometheus.podMonitor.podTargetLabels }}
+  podTargetLabels:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  podMetricsEndpoints:
+    - port: {{ .Values.service.portName }}
+      {{- with .Values.prometheus.podMonitor.scheme }}
+      scheme: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.path }}
+      path: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.basicAuth }}
+      basicAuth:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.bearerTokenSecret }}
+      bearerTokenSecret:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.tlsConfig }}
+      tlsConfig:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.authorization }}
+      authorization:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.oauth2 }}
+      oauth2:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.proxyUrl }}
+      proxyUrl: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.interval }}
+      interval: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.honorTimestamps }}
+      honorTimestamps: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.honorLabels }}
+      honorLabels: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.scrapeTimeout }}
+      scrapeTimeout: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.relabelings }}
+      relabelings:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.metricRelabelings }}
+      metricRelabelings:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      enableHttp2: {{ default false .Values.prometheus.podMonitor.enableHttp2 }}
+      filterRunning: {{ default true .Values.prometheus.podMonitor.filterRunning }}
+      followRedirects: {{ default false .Values.prometheus.podMonitor.followRedirects }}
+      {{- with .Values.prometheus.podMonitor.params }}
+      params:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/scriptConfig.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/scriptConfig.yaml
new file mode 100644
index 0000000000..f514c8161a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/scriptConfig.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "prometheus-windows-exporter.fullname" . }}-scripts
+  namespace: {{ include "prometheus-windows-exporter.namespace" . }}
+  labels:
+    {{- include "windowsExporter.labels" $ | nindent 4 }}
+  {{- with .Values.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+data:
+{{ (.Files.Glob "scripts/*").AsConfig | indent 2 }}
+
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/service.yaml
new file mode 100644
index 0000000000..267b796f63
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/service.yaml
@@ -0,0 +1,32 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "prometheus-windows-exporter.fullname" . }}
+  namespace: {{ include "prometheus-windows-exporter.namespace" . }}
+  labels:
+    {{- include "windowsExporter.labels" $ | nindent 4 }}
+  {{- if or .Values.prometheus.monitor.enabled .Values.prometheus.podMonitor.enabled }}
+  {{- with .Values.service.annotations }}
+  annotations:
+    {{- unset . "prometheus.io/scrape" | toYaml | nindent 4 }}
+  {{- end }}
+  {{- else }}
+  annotations:
+    prometheus.io/scrape: "true"
+  {{- with .Values.service.annotations }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- end }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      {{- if ( and (eq .Values.service.type "NodePort" ) (not (empty .Values.service.nodePort)) ) }}
+      nodePort: {{ .Values.service.nodePort }}
+      {{- end }}
+      targetPort: {{ .Values.service.port }}
+      protocol: TCP
+      appProtocol: http
+      name: {{ .Values.service.portName }}
+  selector:
+    {{- include "windowsExporter.labels" . | nindent 4 }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/serviceaccount.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..14c1c46807
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/serviceaccount.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.rbac.create .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "prometheus-windows-exporter.serviceAccountName" . }}
+  namespace: {{ include "prometheus-windows-exporter.namespace" . }}
+  labels:
+    {{- include "windowsExporter.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- if or .Values.serviceAccount.imagePullSecrets .Values.global.imagePullSecrets }}
+imagePullSecrets:
+  {{- include "prometheus-windows-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.serviceAccount.imagePullSecrets) | indent 2 }}
+{{- end }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/servicemonitor.yaml
new file mode 100644
index 0000000000..2effc07758
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/templates/servicemonitor.yaml
@@ -0,0 +1,75 @@
+{{- if .Values.prometheus.monitor.enabled }}
+apiVersion: {{ .Values.prometheus.monitor.apiVersion | default "monitoring.coreos.com/v1" }}
+kind: ServiceMonitor
+metadata:
+  name: {{ include "prometheus-windows-exporter.fullname" . }}
+  namespace: {{ include "prometheus-windows-exporter.monitor-namespace" . }}
+  labels:
+    {{- include "windowsExporter.labels" . | nindent 4 }}
+    {{- with .Values.prometheus.monitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.monitor.jobLabel }}
+  {{- include "servicemonitor.scrapeLimits" .Values.prometheus.monitor | nindent 2 }}
+  {{- with .Values.prometheus.monitor.podTargetLabels }}
+  podTargetLabels:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  selector:
+    matchLabels:
+    {{- with .Values.prometheus.monitor.selectorOverride }}
+      {{- toYaml . | nindent 6 }}
+    {{- else }}
+      {{- include "windowsExporter.labels" . | nindent 6 }}
+    {{- end }}
+  {{- with .Values.prometheus.monitor.attachMetadata }}
+  attachMetadata:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  endpoints:
+    - port: {{ .Values.service.portName }}
+      scheme: {{ .Values.prometheus.monitor.scheme }}
+      {{- with .Values.prometheus.monitor.basicAuth }}
+      basicAuth:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.bearerTokenFile }}
+      bearerTokenFile: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.tlsConfig }}
+      tlsConfig:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.proxyUrl }}
+      proxyUrl: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.interval }}
+      interval: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.scrapeTimeout }}
+      scrapeTimeout: {{ . }}
+      {{- end }}
+      metricRelabelings:
+{{- include "windowsExporter.renamedMetricsRelabeling" . | nindent 6 -}}
+      - sourceLabels: [__name__]
+        regex: 'wmi_(.*)'
+        replacement: 'windows_$1'
+        targetLabel: __name__
+      - sourceLabels: [volume, nic]
+        regex: (.*);(.*)
+        separator: ''
+        targetLabel: device
+        action: replace
+        replacement: $1$2
+      - sourceLabels: [__name__]
+        regex: windows_cs_logical_processors
+        replacement: 'system'
+        targetLabel: mode
+      relabelings:
+      - separator: ':'
+        sourceLabels:
+        - __meta_kubernetes_pod_host_ip
+        - __meta_kubernetes_pod_container_port_number
+        targetLabel: instance
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/values.yaml
new file mode 100644
index 0000000000..9b4a35a543
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/charts/windowsExporter/values.yaml
@@ -0,0 +1,367 @@
+# Default values for prometheus-windows-exporter.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+image:
+  registry: docker.io
+  repository: rancher/mirrored-prometheus-windows-exporter
+  os: "windows"
+  # Overrides the image tag whose default is {{ printf "v%s" .Chart.AppVersion }}
+  tag: "0.25.1"
+  pullPolicy: IfNotPresent
+  digest: ""
+
+config: |-
+  collectors:
+    enabled: '[defaults],tcp,memory,container'
+
+imagePullSecrets: []
+# - name: "image-pull-secret"
+nameOverride: ""
+fullnameOverride: ""
+
+global:
+  # To help compatibility with other charts which use global.imagePullSecrets.
+  # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style).
+  # global:
+  #   imagePullSecrets:
+  #   - name: pullSecret1
+  #   - name: pullSecret2
+  # or
+  # global:
+  #   imagePullSecrets:
+  #   - pullSecret1
+  #   - pullSecret2
+  imagePullSecrets: []
+  cattle:
+    systemDefaultRegistry: ""
+
+service:
+  type: ClusterIP
+  port: 9796
+  nodePort:
+  portName: windows-metrics
+  annotations: {}
+
+# Additional environment variables that will be passed to the daemonset
+env: {}
+##  env:
+##    VARIABLE: value
+
+prometheus:
+  monitor:
+    enabled: true
+    additionalLabels: {}
+    namespace: ""
+
+    jobLabel: "component"
+
+    # List of pod labels to add to windows exporter metrics
+    # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitor
+    podTargetLabels: ["component"]
+
+    scheme: http
+    basicAuth: {}
+    bearerTokenFile:
+    tlsConfig: {}
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## Override serviceMonitor selector
+    ##
+    selectorOverride: {}
+
+    ## Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above.
+    ##
+    attachMetadata:
+      node: false
+
+    relabelings: []
+    metricRelabelings: []
+    interval: ""
+    scrapeTimeout: 10s
+    ## prometheus.monitor.apiVersion ApiVersion for the serviceMonitor Resource(defaults to "monitoring.coreos.com/v1")
+    apiVersion: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+  # PodMonitor defines monitoring for a set of pods.
+  # ref. https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.PodMonitor
+  # Using a PodMonitor may be preferred in some environments where there is very large number
+  # of Windows Exporter endpoints (1000+) behind a single service.
+  # The PodMonitor is disabled by default. When switching from ServiceMonitor to PodMonitor,
+  # the time series resulting from the configuration through PodMonitor may have different labels.
+  # For instance, there will not be the service label any longer which might
+  # affect PromQL queries selecting that label.
+  podMonitor:
+    enabled: false
+    # Namespace in which to deploy the pod monitor. Defaults to the release namespace.
+    namespace: ""
+    # Additional labels, e.g. setting a label for pod monitor selector as set in prometheus
+    additionalLabels: {}
+    #  release: kube-prometheus-stack
+    # PodTargetLabels transfers labels of the Kubernetes Pod onto the target.
+    podTargetLabels: []
+    # apiVersion defaults to monitoring.coreos.com/v1.
+    apiVersion: ""
+    # Override pod selector to select pod objects.
+    selectorOverride: {}
+    # Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above.
+    attachMetadata:
+      node: false
+    # The label to use to retrieve the job name from. Defaults to label app.kubernetes.io/name.
+    jobLabel: ""
+
+    # Scheme/protocol to use for scraping.
+    scheme: "http"
+    # Path to scrape metrics at.
+    path: "/metrics"
+
+    # BasicAuth allow an endpoint to authenticate over basic authentication.
+    # More info: https://prometheus.io/docs/operating/configuration/#endpoint
+    basicAuth: {}
+    # Secret to mount to read bearer token for scraping targets.
+    # The secret needs to be in the same namespace as the pod monitor and accessible by the Prometheus Operator.
+    # https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#secretkeyselector-v1-core
+    bearerTokenSecret: {}
+    # TLS configuration to use when scraping the endpoint.
+    tlsConfig: {}
+    # Authorization section for this endpoint.
+    # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.SafeAuthorization
+    authorization: {}
+    # OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
+    # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.OAuth2
+    oauth2: {}
+
+    # ProxyURL eg http://proxyserver:2195. Directs scrapes through proxy to this endpoint.
+    proxyUrl: ""
+    # Interval at which endpoints should be scraped. If not specified Prometheus’ global scrape interval is used.
+    interval: ""
+    # Timeout after which the scrape is ended. If not specified, the Prometheus global scrape interval is used.
+    scrapeTimeout: ""
+    # HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data.
+    honorTimestamps: true
+    # HonorLabels chooses the metric’s labels on collisions with target labels.
+    honorLabels: true
+    # Whether to enable HTTP2. Default false.
+    enableHttp2: ""
+    # Drop pods that are not running. (Failed, Succeeded).
+    # Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase
+    filterRunning: ""
+    # FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. Default false.
+    followRedirects: ""
+    # Optional HTTP URL parameters
+    params: {}
+
+    # RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds
+    # relabelings for a few standard Kubernetes fields. The original scrape job’s name
+    # is available via the __tmp_prometheus_job_name label.
+    # More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
+    relabelings: []
+    # MetricRelabelConfigs to apply to samples before ingestion.
+    metricRelabelings: []
+
+    # SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    sampleLimit: 0
+    # TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    targetLimit: 0
+    # Per-scrape limit on number of labels that will be accepted for a sample.
+    # Only valid in Prometheus versions 2.27.0 and newer.
+    labelLimit: 0
+    # Per-scrape limit on length of labels name that will be accepted for a sample.
+    # Only valid in Prometheus versions 2.27.0 and newer.
+    labelNameLengthLimit: 0
+    # Per-scrape limit on length of labels value that will be accepted for a sample.
+    # Only valid in Prometheus versions 2.27.0 and newer.
+    labelValueLengthLimit: 0
+
+## Customize the updateStrategy if set
+updateStrategy:
+  type: RollingUpdate
+  rollingUpdate:
+    maxUnavailable: 1
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 200m
+  #   memory: 50Mi
+  # requests:
+  #   cpu: 100m
+#   memory: 30Mi
+
+serviceAccount:
+  # Specifies whether a ServiceAccount should be created
+  create: true
+  # The name of the ServiceAccount to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name:
+  annotations: {}
+  imagePullSecrets: []
+  automountServiceAccountToken: false
+
+securityContext:
+  windowsOptions:
+    hostProcess: true
+    runAsUserName: "NT AUTHORITY\\system"
+
+rbac:
+  ## If true, create & use RBAC resources
+  ##
+  create: true
+
+# Expose the service to the host network
+hostNetwork: true
+
+# Share the host process ID namespace
+hostPID: true
+
+## Assign a group of affinity scheduling rules
+##
+affinity: {}
+#   nodeAffinity:
+#     requiredDuringSchedulingIgnoredDuringExecution:
+#       nodeSelectorTerms:
+#         - matchFields:
+#             - key: metadata.name
+#               operator: In
+#               values:
+#                 - target-host-name
+
+# Annotations to be added to windows exporter pods
+podAnnotations:
+  # Fix for very slow GKE cluster upgrades
+  cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
+
+# Extra labels to be added to windows exporter pods
+podLabels: {}
+
+# Annotations to be added to windows exporter daemonset
+daemonsetAnnotations: {}
+
+## set to true to add the release label so scraping of the servicemonitor with kube-prometheus-stack works out of the box
+releaseLabel: false
+
+# Custom DNS configuration to be added to prometheus-windows-exporter pods
+dnsConfig: {}
+# nameservers:
+#   - 1.2.3.4
+# searches:
+#   - ns1.svc.cluster-domain.example
+#   - my.dns.search.suffix
+# options:
+#   - name: ndots
+#     value: "2"
+#   - name: edns0
+
+## Assign a nodeSelector if operating a hybrid cluster
+##
+nodeSelector:
+  kubernetes.io/os: windows
+  #  kubernetes.io/arch: amd64
+
+tolerations:
+  - effect: NoSchedule
+    operator: Exists
+
+## Assign a PriorityClassName to pods if set
+# priorityClassName: ""
+
+## Additional container arguments
+##
+extraArgs: []
+#   - --collector.service.services-where
+#   - "Name LIKE 'sql%'"
+
+## Additional mounts from the host to windows-exporter container
+##
+extraHostVolumeMounts: []
+#  - name: <mountName>
+#    hostPath: <hostPath>
+#    mountPath: <mountPath>
+#    readOnly: true|false
+
+## Additional configmaps to be mounted.
+##
+configmaps: []
+# - name: <configMapName>
+#   mountPath: <mountPath>
+secrets: []
+# - name: <secretName>
+#   mountPath: <mountPatch>
+## Override the deployment namespace
+##
+namespaceOverride: ""
+
+## Additional containers for export metrics to text file
+##
+sidecars: []
+##  - name: nvidia-dcgm-exporter
+##    image: nvidia/dcgm-exporter:1.4.3
+
+## Volume for sidecar containers
+##
+sidecarVolumeMount: []
+##  - name: collector-textfiles
+##    mountPath: /run/prometheus
+##    readOnly: false
+
+## Additional mounts from the host to sidecar containers
+##
+sidecarHostVolumeMounts: []
+#  - name: <mountName>
+#    hostPath: <hostPath>
+#    mountPath: <mountPath>
+#    readOnly: true|false
+#    mountPropagation: None|HostToContainer|Bidirectional
+
+## Additional InitContainers to initialize the pod
+##
+extraInitContainers: []
+
+## Liveness probe
+##
+livenessProbe:
+  failureThreshold: 3
+  httpGet:
+    httpHeaders: []
+    scheme: http
+  initialDelaySeconds: 0
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 1
+
+## Readiness probe
+##
+readinessProbe:
+  failureThreshold: 3
+  httpGet:
+    httpHeaders: []
+    scheme: http
+  initialDelaySeconds: 0
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 1
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/ingress-nginx/nginx.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/ingress-nginx/nginx.json
new file mode 100644
index 0000000000..565352235a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/ingress-nginx/nginx.json
@@ -0,0 +1,1445 @@
+{
+  "__inputs": [
+
+  ],
+  "__requires": [
+
+  ],
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      },
+      {
+        "datasource": "$datasource",
+        "enable": true,
+        "expr": "sum(changes(nginx_ingress_controller_config_last_reload_successful_timestamp_seconds{instance!=\"unknown\",controller_class=~\"$controller_class\",namespace=~\"$namespace\"}[30s])) by (controller_class)",
+        "hide": false,
+        "iconColor": "rgba(255, 96, 96, 1)",
+        "limit": 100,
+        "name": "Config Reloads",
+        "showIn": 0,
+        "step": "30s",
+        "tagKeys": "controller_class",
+        "tags": [],
+        "titleFormat": "Config Reloaded",
+        "type": "tags"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "iteration": 1534359654832,
+  "links": [],
+  "panels": [
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(245, 54, 54, 0.9)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(50, 172, 45, 0.97)"
+      ],
+      "datasource": "$datasource",
+      "format": "ops",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 6,
+        "x": 0,
+        "y": 0
+      },
+      "id": 20,
+      "interval": null,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": true,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": true
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "round(sum(irate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",namespace=~\"$namespace\"}[2m])), 0.001)",
+          "format": "time_series",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 4
+        }
+      ],
+      "thresholds": "",
+      "title": "Controller Request Volume",
+      "transparent": false,
+      "type": "singlestat",
+      "valueFontSize": "80%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "N/A",
+          "value": "null"
+        }
+      ],
+      "valueName": "avg"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(245, 54, 54, 0.9)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(50, 172, 45, 0.97)"
+      ],
+      "datasource": "$datasource",
+      "format": "none",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 6,
+        "x": 6,
+        "y": 0
+      },
+      "id": 82,
+      "interval": null,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": true,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": true
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "sum(avg_over_time(nginx_ingress_controller_nginx_process_connections{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",state=\"active\"}[2m]))",
+          "format": "time_series",
+          "instant": false,
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 4
+        }
+      ],
+      "thresholds": "",
+      "title": "Controller Connections",
+      "transparent": false,
+      "type": "singlestat",
+      "valueFontSize": "80%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "N/A",
+          "value": "null"
+        }
+      ],
+      "valueName": "avg"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(245, 54, 54, 0.9)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(50, 172, 45, 0.97)"
+      ],
+      "datasource": "$datasource",
+      "format": "percentunit",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 80,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": false
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 6,
+        "x": 12,
+        "y": 0
+      },
+      "id": 21,
+      "interval": null,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": true,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": true
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "sum(rate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",namespace=~\"$namespace\",status!~\"[4-5].*\"}[2m])) / sum(rate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",namespace=~\"$namespace\"}[2m]))",
+          "format": "time_series",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 4
+        }
+      ],
+      "thresholds": "95, 99, 99.5",
+      "title": "Controller Success Rate (non-4|5xx responses)",
+      "transparent": false,
+      "type": "singlestat",
+      "valueFontSize": "80%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "N/A",
+          "value": "null"
+        }
+      ],
+      "valueName": "avg"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(245, 54, 54, 0.9)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(50, 172, 45, 0.97)"
+      ],
+      "datasource": "$datasource",
+      "decimals": 0,
+      "format": "none",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 3,
+        "x": 18,
+        "y": 0
+      },
+      "id": 81,
+      "interval": null,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": true,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": true
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "avg(irate(nginx_ingress_controller_success{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\"}[1m])) * 60",
+          "format": "time_series",
+          "instant": false,
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 4
+        }
+      ],
+      "thresholds": "",
+      "title": "Config Reloads",
+      "transparent": false,
+      "type": "singlestat",
+      "valueFontSize": "80%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "N/A",
+          "value": "null"
+        }
+      ],
+      "valueName": "total"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(245, 54, 54, 0.9)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(50, 172, 45, 0.97)"
+      ],
+      "datasource": "$datasource",
+      "decimals": 0,
+      "format": "none",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 3,
+        "x": 21,
+        "y": 0
+      },
+      "id": 83,
+      "interval": null,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": true,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": true
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "count(nginx_ingress_controller_config_last_reload_successful{controller_pod=~\"$controller\",controller_namespace=~\"$namespace\"} == 0)",
+          "format": "time_series",
+          "instant": true,
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 4
+        }
+      ],
+      "thresholds": "",
+      "title": "Last Config Failed",
+      "transparent": false,
+      "type": "singlestat",
+      "valueFontSize": "80%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "N/A",
+          "value": "null"
+        }
+      ],
+      "valueName": "avg"
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fill": 1,
+      "grid": {},
+      "gridPos": {
+        "h": 7,
+        "w": 12,
+        "x": 0,
+        "y": 3
+      },
+      "height": "200px",
+      "id": 86,
+      "isNew": true,
+      "legend": {
+        "alignAsTable": true,
+        "avg": true,
+        "current": false,
+        "hideEmpty": false,
+        "hideZero": true,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "sideWidth": 300,
+        "sort": "current",
+        "sortDesc": true,
+        "total": false,
+        "values": true
+      },
+      "lines": true,
+      "linewidth": 2,
+      "links": [],
+      "nullPointMode": "connected",
+      "percentage": false,
+      "pointradius": 5,
+      "points": false,
+      "renderer": "flot",
+      "repeat": null,
+      "repeatDirection": "h",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "round(sum(irate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (ingress), 0.001)",
+          "format": "time_series",
+          "hide": false,
+          "instant": false,
+          "interval": "",
+          "intervalFactor": 1,
+          "legendFormat": "{{ ingress }}",
+          "metric": "network",
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeShift": null,
+      "title": "Ingress Request Volume",
+      "tooltip": {
+        "msResolution": false,
+        "shared": true,
+        "sort": 2,
+        "value_type": "cumulative"
+      },
+      "transparent": false,
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "reqps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": false
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "max - istio-proxy": "#890f02",
+        "max - master": "#bf1b00",
+        "max - prometheus": "#bf1b00"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "decimals": 2,
+      "editable": false,
+      "error": false,
+      "fill": 0,
+      "grid": {},
+      "gridPos": {
+        "h": 7,
+        "w": 12,
+        "x": 12,
+        "y": 3
+      },
+      "id": 87,
+      "isNew": true,
+      "legend": {
+        "alignAsTable": true,
+        "avg": true,
+        "current": false,
+        "hideEmpty": true,
+        "hideZero": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "sideWidth": 300,
+        "sort": "avg",
+        "sortDesc": true,
+        "total": false,
+        "values": true
+      },
+      "lines": true,
+      "linewidth": 2,
+      "links": [],
+      "nullPointMode": "connected",
+      "percentage": false,
+      "pointradius": 5,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",namespace=~\"$namespace\",ingress=~\"$ingress\",status!~\"[4-5].*\"}[2m])) by (ingress) / sum(rate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (ingress)",
+          "format": "time_series",
+          "instant": false,
+          "interval": "10s",
+          "intervalFactor": 1,
+          "legendFormat": "{{ ingress }}",
+          "metric": "container_memory_usage:sort_desc",
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeShift": null,
+      "title": "Ingress Success Rate (non-4|5xx responses)",
+      "tooltip": {
+        "msResolution": false,
+        "shared": true,
+        "sort": 1,
+        "value_type": "cumulative"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": false
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fill": 1,
+      "grid": {},
+      "gridPos": {
+        "h": 6,
+        "w": 8,
+        "x": 0,
+        "y": 10
+      },
+      "height": "200px",
+      "id": 32,
+      "isNew": true,
+      "legend": {
+        "alignAsTable": false,
+        "avg": true,
+        "current": true,
+        "max": false,
+        "min": false,
+        "rightSide": false,
+        "show": false,
+        "sideWidth": 200,
+        "sort": "current",
+        "sortDesc": true,
+        "total": false,
+        "values": true
+      },
+      "lines": true,
+      "linewidth": 2,
+      "links": [],
+      "nullPointMode": "connected",
+      "percentage": false,
+      "pointradius": 5,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum (irate (nginx_ingress_controller_request_size_sum{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\"}[2m]))",
+          "format": "time_series",
+          "instant": false,
+          "interval": "10s",
+          "intervalFactor": 1,
+          "legendFormat": "Received",
+          "metric": "network",
+          "refId": "A",
+          "step": 10
+        },
+        {
+          "expr": "- sum (irate (nginx_ingress_controller_response_size_sum{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\"}[2m]))",
+          "format": "time_series",
+          "hide": false,
+          "interval": "10s",
+          "intervalFactor": 1,
+          "legendFormat": "Sent",
+          "metric": "network",
+          "refId": "B",
+          "step": 10
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeShift": null,
+      "title": "Network I/O pressure",
+      "tooltip": {
+        "msResolution": false,
+        "shared": true,
+        "sort": 0,
+        "value_type": "cumulative"
+      },
+      "transparent": false,
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": false
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "max - istio-proxy": "#890f02",
+        "max - master": "#bf1b00",
+        "max - prometheus": "#bf1b00"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "decimals": 2,
+      "editable": false,
+      "error": false,
+      "fill": 0,
+      "grid": {},
+      "gridPos": {
+        "h": 6,
+        "w": 8,
+        "x": 8,
+        "y": 10
+      },
+      "id": 77,
+      "isNew": true,
+      "legend": {
+        "alignAsTable": true,
+        "avg": true,
+        "current": true,
+        "max": false,
+        "min": false,
+        "rightSide": false,
+        "show": false,
+        "sideWidth": 200,
+        "sort": "current",
+        "sortDesc": true,
+        "total": false,
+        "values": true
+      },
+      "lines": true,
+      "linewidth": 2,
+      "links": [],
+      "nullPointMode": "connected",
+      "percentage": false,
+      "pointradius": 5,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "avg(nginx_ingress_controller_nginx_process_resident_memory_bytes{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\"}) ",
+          "format": "time_series",
+          "instant": false,
+          "interval": "10s",
+          "intervalFactor": 1,
+          "legendFormat": "nginx",
+          "metric": "container_memory_usage:sort_desc",
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeShift": null,
+      "title": "Average Memory Usage",
+      "tooltip": {
+        "msResolution": false,
+        "shared": true,
+        "sort": 2,
+        "value_type": "cumulative"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "bytes",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": false
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "max - istio-proxy": "#890f02",
+        "max - master": "#bf1b00"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "decimals": 3,
+      "editable": false,
+      "error": false,
+      "fill": 0,
+      "grid": {},
+      "gridPos": {
+        "h": 6,
+        "w": 8,
+        "x": 16,
+        "y": 10
+      },
+      "height": "",
+      "id": 79,
+      "isNew": true,
+      "legend": {
+        "alignAsTable": true,
+        "avg": true,
+        "current": true,
+        "max": false,
+        "min": false,
+        "rightSide": false,
+        "show": false,
+        "sort": null,
+        "sortDesc": null,
+        "total": false,
+        "values": true
+      },
+      "lines": true,
+      "linewidth": 2,
+      "links": [],
+      "nullPointMode": "connected",
+      "percentage": false,
+      "pointradius": 5,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "avg (rate (nginx_ingress_controller_nginx_process_cpu_seconds_total{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\"}[2m])) ",
+          "format": "time_series",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "legendFormat": "nginx",
+          "metric": "container_cpu",
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": [
+        {
+          "colorMode": "critical",
+          "fill": true,
+          "line": true,
+          "op": "gt"
+        }
+      ],
+      "timeFrom": null,
+      "timeShift": null,
+      "title": "Average CPU Usage",
+      "tooltip": {
+        "msResolution": true,
+        "shared": true,
+        "sort": 2,
+        "value_type": "cumulative"
+      },
+      "transparent": false,
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "none",
+          "label": "cores",
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "columns": [],
+      "datasource": "$datasource",
+      "fontSize": "100%",
+      "gridPos": {
+        "h": 8,
+        "w": 24,
+        "x": 0,
+        "y": 16
+      },
+      "hideTimeOverride": false,
+      "id": 75,
+      "links": [],
+      "pageSize": 7,
+      "repeat": null,
+      "repeatDirection": "h",
+      "scroll": true,
+      "showHeader": true,
+      "sort": {
+        "col": 1,
+        "desc": true
+      },
+      "styles": [
+        {
+          "alias": "Ingress",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 2,
+          "pattern": "ingress",
+          "preserveFormat": false,
+          "sanitize": false,
+          "thresholds": [],
+          "type": "string",
+          "unit": "short"
+        },
+        {
+          "alias": "Requests",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 2,
+          "pattern": "Value #A",
+          "thresholds": [
+            ""
+          ],
+          "type": "number",
+          "unit": "ops"
+        },
+        {
+          "alias": "Errors",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 2,
+          "pattern": "Value #B",
+          "thresholds": [],
+          "type": "number",
+          "unit": "ops"
+        },
+        {
+          "alias": "P50 Latency",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 0,
+          "link": false,
+          "pattern": "Value #C",
+          "thresholds": [],
+          "type": "number",
+          "unit": "dtdurations"
+        },
+        {
+          "alias": "P90 Latency",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 0,
+          "pattern": "Value #D",
+          "thresholds": [],
+          "type": "number",
+          "unit": "dtdurations"
+        },
+        {
+          "alias": "P99 Latency",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 0,
+          "pattern": "Value #E",
+          "thresholds": [],
+          "type": "number",
+          "unit": "dtdurations"
+        },
+        {
+          "alias": "IN",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 2,
+          "pattern": "Value #F",
+          "thresholds": [
+            ""
+          ],
+          "type": "number",
+          "unit": "Bps"
+        },
+        {
+          "alias": "",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 2,
+          "pattern": "Time",
+          "thresholds": [],
+          "type": "hidden",
+          "unit": "short"
+        },
+        {
+          "alias": "OUT",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 2,
+          "mappingType": 1,
+          "pattern": "Value #G",
+          "thresholds": [],
+          "type": "number",
+          "unit": "Bps"
+        }
+      ],
+      "targets": [
+        {
+          "expr": "histogram_quantile(0.50, sum(rate(nginx_ingress_controller_request_duration_seconds_bucket{ingress!=\"\",controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (le, ingress))",
+          "format": "table",
+          "hide": false,
+          "instant": true,
+          "intervalFactor": 1,
+          "legendFormat": "{{ ingress }}",
+          "refId": "C"
+        },
+        {
+          "expr": "histogram_quantile(0.90, sum(rate(nginx_ingress_controller_request_duration_seconds_bucket{ingress!=\"\",controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (le, ingress))",
+          "format": "table",
+          "hide": false,
+          "instant": true,
+          "intervalFactor": 1,
+          "legendFormat": "{{ ingress }}",
+          "refId": "D"
+        },
+        {
+          "expr": "histogram_quantile(0.99, sum(rate(nginx_ingress_controller_request_duration_seconds_bucket{ingress!=\"\",controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (le, ingress))",
+          "format": "table",
+          "hide": false,
+          "instant": true,
+          "intervalFactor": 1,
+          "legendFormat": "{{ destination_service }}",
+          "refId": "E"
+        },
+        {
+          "expr": "sum(irate(nginx_ingress_controller_request_size_sum{ingress!=\"\",controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (ingress)",
+          "format": "table",
+          "hide": false,
+          "instant": true,
+          "interval": "",
+          "intervalFactor": 1,
+          "legendFormat": "{{ ingress }}",
+          "refId": "F"
+        },
+        {
+          "expr": "sum(irate(nginx_ingress_controller_response_size_sum{ingress!=\"\",controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (ingress)",
+          "format": "table",
+          "instant": true,
+          "intervalFactor": 1,
+          "legendFormat": "{{ ingress }}",
+          "refId": "G"
+        }
+      ],
+      "timeFrom": null,
+      "title": "Ingress Percentile Response Times and Transfer Rates",
+      "transform": "table",
+      "transparent": false,
+      "type": "table"
+    },
+    {
+      "columns": [
+        {
+          "text": "Current",
+          "value": "current"
+        }
+      ],
+      "datasource": "$datasource",
+      "fontSize": "100%",
+      "gridPos": {
+        "h": 8,
+        "w": 24,
+        "x": 0,
+        "y": 24
+      },
+      "height": "1024",
+      "id": 85,
+      "links": [],
+      "pageSize": 7,
+      "scroll": true,
+      "showHeader": true,
+      "sort": {
+        "col": 1,
+        "desc": false
+      },
+      "styles": [
+        {
+          "alias": "Time",
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "pattern": "Time",
+          "type": "date"
+        },
+        {
+          "alias": "TTL",
+          "colorMode": "cell",
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 0,
+          "pattern": "Current",
+          "thresholds": [
+            "0",
+            "691200"
+          ],
+          "type": "number",
+          "unit": "s"
+        },
+        {
+          "alias": "",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "decimals": 2,
+          "pattern": "/.*/",
+          "thresholds": [],
+          "type": "number",
+          "unit": "short"
+        }
+      ],
+      "targets": [
+        {
+          "expr": "avg(nginx_ingress_controller_ssl_expire_time_seconds{kubernetes_pod_name=~\"$controller\",namespace=~\"$namespace\",ingress=~\"$ingress\"}) by (host) - time()",
+          "format": "time_series",
+          "intervalFactor": 1,
+          "legendFormat": "{{ host }}",
+          "metric": "gke_letsencrypt_cert_expiration",
+          "refId": "A",
+          "step": 1
+        }
+      ],
+      "title": "Ingress Certificate Expiry",
+      "transform": "timeseries_aggregations",
+      "type": "table"
+    }
+  ],
+  "refresh": "5s",
+  "schemaVersion": 16,
+  "style": "dark",
+  "tags": [
+    "nginx"
+  ],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      },
+      {
+        "allValue": ".*",
+        "current": {
+          "text": "All",
+          "value": "$__all"
+        },
+        "datasource": "$datasource",
+        "hide": 0,
+        "includeAll": true,
+        "label": "Namespace",
+        "multi": false,
+        "name": "namespace",
+        "options": [],
+        "query": "label_values(nginx_ingress_controller_config_hash, controller_namespace)",
+        "refresh": 1,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tags": [],
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": ".*",
+        "current": {
+          "text": "All",
+          "value": "$__all"
+        },
+        "datasource": "$datasource",
+        "hide": 0,
+        "includeAll": true,
+        "label": "Controller Class",
+        "multi": false,
+        "name": "controller_class",
+        "options": [],
+        "query": "label_values(nginx_ingress_controller_config_hash{namespace=~\"$namespace\"}, controller_class) ",
+        "refresh": 1,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tags": [],
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": ".*",
+        "current": {
+          "text": "All",
+          "value": "$__all"
+        },
+        "datasource": "$datasource",
+        "hide": 0,
+        "includeAll": true,
+        "label": "Controller",
+        "multi": false,
+        "name": "controller",
+        "options": [],
+        "query": "label_values(nginx_ingress_controller_config_hash{namespace=~\"$namespace\",controller_class=~\"$controller_class\"}, controller_pod) ",
+        "refresh": 1,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tags": [],
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": ".*",
+        "current": {
+          "tags": [],
+          "text": "All",
+          "value": "$__all"
+        },
+        "datasource": "$datasource",
+        "hide": 0,
+        "includeAll": true,
+        "label": "Ingress",
+        "multi": false,
+        "name": "ingress",
+        "options": [],
+        "query": "label_values(nginx_ingress_controller_requests{namespace=~\"$namespace\",controller_class=~\"$controller_class\",controller_pod=~\"$controller\"}, ingress) ",
+        "refresh": 1,
+        "regex": "",
+        "sort": 2,
+        "tagValuesQuery": "",
+        "tags": [],
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "2m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ],
+    "time_options": [
+      "5m",
+      "15m",
+      "1h",
+      "6h",
+      "12h",
+      "24h",
+      "2d",
+      "7d",
+      "30d"
+    ]
+  },
+  "timezone": "browser",
+  "title": "NGINX / Ingress Controller",
+  "uid": "nginx",
+  "version": 1
+}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/ingress-nginx/request-handling-performance.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/ingress-nginx/request-handling-performance.json
new file mode 100644
index 0000000000..156e33123d
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/ingress-nginx/request-handling-performance.json
@@ -0,0 +1,963 @@
+{
+    "__inputs": [
+
+    ],
+    "__requires": [
+
+    ],
+    "annotations": {
+      "list": [
+        {
+          "builtIn": 1,
+          "datasource": "-- Grafana --",
+          "enable": true,
+          "hide": true,
+          "iconColor": "rgba(0, 211, 255, 1)",
+          "name": "Annotations & Alerts",
+          "type": "dashboard"
+        }
+      ]
+    },
+    "description": "",
+    "editable": true,
+    "gnetId": 9614,
+    "graphTooltip": 1,
+    "id": null,
+    "iteration": 1582146566338,
+    "links": [],
+    "panels": [
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "description": "Total time taken for nginx and upstream servers to process a request and send a response",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 0,
+          "y": 0
+        },
+        "hiddenSeries": false,
+        "id": 91,
+        "legend": {
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "histogram_quantile(\n  0.5,\n  sum by (le)(\n    rate(\n      nginx_ingress_controller_request_duration_seconds_bucket{\n        ingress =~ \"$ingress\"\n      }[1m]\n    )\n  )\n)",
+            "interval": "",
+            "legendFormat": ".5",
+            "refId": "D"
+          },
+          {
+            "expr": "histogram_quantile(\n  0.95,\n  sum by (le)(\n    rate(\n    nginx_ingress_controller_request_duration_seconds_bucket{\n        ingress =~ \"$ingress\"\n      }[1m]\n    )\n  )\n)",
+            "interval": "",
+            "legendFormat": ".95",
+            "refId": "B"
+          },
+          {
+            "expr": "histogram_quantile(\n  0.99,\n  sum by (le)(\n    rate(\n      nginx_ingress_controller_request_duration_seconds_bucket{\n        ingress =~ \"$ingress\"\n      }[1m]\n    )\n  )\n)",
+            "interval": "",
+            "legendFormat": ".99",
+            "refId": "A"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Total request handling time",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "s",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      },
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "description": "The time spent on receiving the response from the upstream server",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 12,
+          "y": 0
+        },
+        "hiddenSeries": false,
+        "id": 94,
+        "legend": {
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "histogram_quantile(\n  0.5,\n  sum by (le)(\n    rate(\n      nginx_ingress_controller_response_duration_seconds_bucket{\n        ingress =~ \"$ingress\"\n      }[1m]\n    )\n  )\n)",
+            "instant": false,
+            "interval": "",
+            "intervalFactor": 1,
+            "legendFormat": ".5",
+            "refId": "D"
+          },
+          {
+            "expr": "histogram_quantile(\n  0.95,\n  sum by (le)(\n    rate(\n    nginx_ingress_controller_response_duration_seconds_bucket{\n        ingress =~ \"$ingress\"\n      }[1m]\n    )\n  )\n)",
+            "interval": "",
+            "legendFormat": ".95",
+            "refId": "B"
+          },
+          {
+            "expr": "histogram_quantile(\n  0.99,\n  sum by (le)(\n    rate(\n      nginx_ingress_controller_response_duration_seconds_bucket{\n        ingress =~ \"$ingress\"\n      }[1m]\n    )\n  )\n)",
+            "interval": "",
+            "legendFormat": ".99",
+            "refId": "A"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Upstream response time",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "s",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      },
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 0,
+          "y": 8
+        },
+        "hiddenSeries": false,
+        "id": 93,
+        "legend": {
+          "alignAsTable": true,
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "rightSide": true,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "  sum by (path)(\n    rate(\n      nginx_ingress_controller_request_duration_seconds_count{\n        ingress =~ \"$ingress\"\n      }[1m]\n    )\n  )\n",
+            "interval": "",
+            "intervalFactor": 1,
+            "legendFormat": "{{ path }}",
+            "refId": "A"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Request volume by Path",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "reqps",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      },
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "description": "For each path observed, its median upstream response time",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 12,
+          "y": 8
+        },
+        "hiddenSeries": false,
+        "id": 98,
+        "legend": {
+          "alignAsTable": true,
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "rightSide": true,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "histogram_quantile(\n  .5,\n  sum by (le, path)(\n    rate(\n      nginx_ingress_controller_response_duration_seconds_bucket{\n        ingress =~ \"$ingress\"\n      }[1m]\n    )\n  )\n)",
+            "interval": "",
+            "intervalFactor": 1,
+            "legendFormat": "{{ path }}",
+            "refId": "A"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Median upstream response time by Path",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "s",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      },
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "description": "Percentage of 4xx and 5xx responses among all responses.",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 0,
+          "y": 16
+        },
+        "hiddenSeries": false,
+        "id": 100,
+        "legend": {
+          "alignAsTable": true,
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "rightSide": true,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null as zero",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "sum by (path) (rate(nginx_ingress_controller_request_duration_seconds_count{\n  ingress =~ \"$ingress\",\n  status =~ \"[4-5].*\"\n}[1m])) / sum by (path) (rate(nginx_ingress_controller_request_duration_seconds_count{\n  ingress =~ \"$ingress\",\n}[1m]))",
+            "interval": "",
+            "intervalFactor": 1,
+            "legendFormat": "{{ path }}",
+            "refId": "A"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Response error rate by Path",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "percentunit",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      },
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "description": "For each path observed, the sum of upstream request time",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 12,
+          "y": 16
+        },
+        "hiddenSeries": false,
+        "id": 102,
+        "legend": {
+          "alignAsTable": true,
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "rightSide": true,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "sum by (path) (rate(nginx_ingress_controller_response_duration_seconds_sum{ingress =~ \"$ingress\"}[1m]))",
+            "interval": "",
+            "intervalFactor": 1,
+            "legendFormat": "{{ path }}",
+            "refId": "A"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Upstream time consumed by Path",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "s",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      },
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 0,
+          "y": 24
+        },
+        "hiddenSeries": false,
+        "id": 101,
+        "legend": {
+          "alignAsTable": true,
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "rightSide": true,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "  sum (\n    rate(\n      nginx_ingress_controller_request_duration_seconds_count{\n        ingress =~ \"$ingress\",\n        status =~\"[4-5].*\",\n      }[1m]\n    )\n  ) by(path, status)\n",
+            "interval": "",
+            "intervalFactor": 1,
+            "legendFormat": "{{ path }} {{ status }}",
+            "refId": "A"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Response error volume by Path",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "reqps",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      },
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 12,
+          "y": 24
+        },
+        "hiddenSeries": false,
+        "id": 99,
+        "legend": {
+          "alignAsTable": true,
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "rightSide": true,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "sum (\n  rate (\n      nginx_ingress_controller_response_size_sum {\n        ingress =~ \"$ingress\",\n      }[1m]\n  )\n)  by (path) / sum (\n  rate(\n      nginx_ingress_controller_response_size_count {\n        ingress =~ \"$ingress\",\n      }[1m]\n  )\n) by (path)\n",
+            "hide": false,
+            "instant": false,
+            "interval": "",
+            "intervalFactor": 1,
+            "legendFormat": "{{ path }}",
+            "refId": "D"
+          },
+          {
+            "expr": "    sum (rate(nginx_ingress_controller_response_size_bucket{\n        ingress =~ \"$ingress\",\n    }[1m])) by (le)\n",
+            "hide": true,
+            "legendFormat": "{{le}}",
+            "refId": "A"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Average response size by Path",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "decbytes",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      },
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 0,
+          "y": 32
+        },
+        "hiddenSeries": false,
+        "id": 96,
+        "legend": {
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "sum (\n  rate(\n      nginx_ingress_controller_ingress_upstream_latency_seconds_sum {\n        ingress =~ \"$ingress\",\n      }[1m]\n)) / sum (\n  rate(\n      nginx_ingress_controller_ingress_upstream_latency_seconds_count {\n        ingress =~ \"$ingress\",\n      }[1m]\n  )\n)\n",
+            "hide": false,
+            "instant": false,
+            "interval": "",
+            "intervalFactor": 1,
+            "legendFormat": "average",
+            "refId": "B"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Upstream service latency",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "s",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      }
+    ],
+    "refresh": "30s",
+    "schemaVersion": 22,
+    "style": "dark",
+    "tags": [
+      "nginx"
+    ],
+    "templating": {
+      "list": [
+        {
+          "current": {
+            "text": "Prometheus",
+            "value": "Prometheus"
+          },
+          "hide": 0,
+          "label": "Data Source",
+          "name": "datasource",
+          "options": [
+  
+          ],
+          "query": "prometheus",
+          "refresh": 1,
+          "regex": "",
+          "type": "datasource"
+        },
+        {
+          "allValue": ".*",
+          "current": {},
+          "datasource": "$datasource",
+          "definition": "label_values(nginx_ingress_controller_requests, ingress) ",
+          "hide": 0,
+          "includeAll": true,
+          "label": "Service Ingress",
+          "multi": false,
+          "name": "ingress",
+          "options": [],
+          "query": "label_values(nginx_ingress_controller_requests, ingress) ",
+          "refresh": 1,
+          "regex": "",
+          "skipUrlSync": false,
+          "sort": 2,
+          "tagValuesQuery": "",
+          "tags": [],
+          "tagsQuery": "",
+          "type": "query",
+          "useTags": false
+        }
+      ]
+    },
+    "time": {
+      "from": "now-15m",
+      "to": "now"
+    },
+    "timepicker": {
+      "refresh_intervals": [
+        "5s",
+        "10s",
+        "30s",
+        "2m",
+        "5m",
+        "15m",
+        "30m",
+        "1h",
+        "2h",
+        "1d"
+      ],
+      "time_options": [
+        "5m",
+        "15m",
+        "1h",
+        "6h",
+        "12h",
+        "24h",
+        "2d",
+        "7d",
+        "30d"
+      ]
+    },
+    "timezone": "browser",
+    "title": "NGINX / Request Handling Performance",
+    "uid": "4GFbkOsZk",
+    "version": 1
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/cluster/rancher-cluster-nodes.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/cluster/rancher-cluster-nodes.json
new file mode 100644
index 0000000000..1d4943501b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/cluster/rancher-cluster-nodes.json
@@ -0,0 +1,793 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 28,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - avg(irate({__name__=~\"node_cpu_seconds_total|windows_cpu_time_total\",mode=\"idle\"}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "{{instance}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "Load[5m] ({{instance}})"
+            },
+            "properties": []
+          }
+        ]
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 3,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(node_load5 OR avg_over_time(windows_system_processor_queue_length[5m])) by (instance)",
+          "interval": "",
+          "legendFormat": "Load[5m] ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(node_load1 OR avg_over_time(windows_system_processor_queue_length[1m])) by (instance)",
+          "interval": "",
+          "legendFormat": "Load[1m] ({{instance}})",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(node_load15 OR avg_over_time(windows_system_processor_queue_length[15m])) by (instance)",
+          "interval": "",
+          "legendFormat": "Load[15m] ({{instance}})",
+          "refId": "C"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Load Average",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - sum(node_memory_MemAvailable_bytes OR windows_os_physical_memory_free_bytes) by (instance) / sum(node_memory_MemTotal_bytes OR windows_cs_physical_memory_bytes) by (instance) ",
+          "interval": "",
+          "legendFormat": "{{instance}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 5,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - (sum(node_filesystem_free_bytes{device!~\"rootfs|HarddiskVolume.+\"} OR windows_logical_disk_free_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) by (instance) / sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\"} OR windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) by (instance))",
+          "interval": "",
+          "legendFormat": "{{instance}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_disk_read_bytes_total[$__rate_interval]) OR rate(windows_logical_disk_read_bytes_total[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Read ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_disk_written_bytes_total[$__rate_interval]) OR rate(windows_logical_disk_write_bytes_total[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Write ({{instance}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_network_receive_errs_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) by (instance) OR sum(rate(windows_net_packets_received_errors_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Receive Errors ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_network_receive_packets_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) by (instance) OR sum(rate(windows_net_packets_received_total_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Receive Total ({{instance}})",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(rate(node_network_transmit_errs_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) by (instance) OR sum(rate(windows_net_packets_outbound_errors_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Transmit Errors ({{instance}})",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(rate(node_network_receive_drop_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) by (instance) OR sum(rate(windows_net_packets_received_discarded_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Receive Dropped ({{instance}})",
+          "refId": "D"
+        },
+        {
+          "expr": "sum(rate(node_network_transmit_drop_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) by (instance) OR sum(rate(windows_net_packets_outbound_discarded{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Transmit Dropped ({{instance}})",
+          "refId": "E"
+        },
+        {
+          "expr": "sum(rate(node_network_transmit_packets_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) by (instance) OR sum(rate(windows_net_packets_sent_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Transmit Total ({{instance}})",
+          "refId": "F"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "pps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 14
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_network_transmit_bytes_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval]) OR rate(windows_net_packets_sent_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Transmit Total ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_network_receive_bytes_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval]) OR rate(windows_net_packets_received_total_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Receive Total ({{instance}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Cluster (Nodes)",
+  "uid": "rancher-cluster-nodes-1",
+  "version": 3
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/cluster/rancher-cluster.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/cluster/rancher-cluster.json
new file mode 100644
index 0000000000..24385a237a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/cluster/rancher-cluster.json
@@ -0,0 +1,776 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 28,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - avg(irate({__name__=~\"node_cpu_seconds_total|windows_cpu_time_total\",mode=\"idle\"}[$__rate_interval]))",
+          "legendFormat": "Total",
+          "interval": "",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "Load[5m]"
+            },
+            "properties": []
+          }
+        ]
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 3,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(node_load5 OR avg_over_time(windows_system_processor_queue_length[5m]))",
+          "interval": "",
+          "legendFormat": "Load[5m]",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(node_load1 OR avg_over_time(windows_system_processor_queue_length[1m]))",
+          "interval": "",
+          "legendFormat": "Load[1m]",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(node_load15 OR avg_over_time(windows_system_processor_queue_length[15m]))",
+          "interval": "",
+          "legendFormat": "Load[15m]",
+          "refId": "C"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Load Average",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - sum(node_memory_MemAvailable_bytes OR windows_os_physical_memory_free_bytes) / sum(node_memory_MemTotal_bytes OR windows_cs_physical_memory_bytes)",
+          "legendFormat": "Total",
+          "interval": "",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 5,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - (sum(node_filesystem_free_bytes{device!~\"rootfs|HarddiskVolume.+\"} OR windows_logical_disk_free_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) / sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\"} OR windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}))",
+          "legendFormat": "Total",
+          "interval": "",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_disk_read_bytes_total[$__rate_interval]) OR rate(windows_logical_disk_read_bytes_total[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Read",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_disk_written_bytes_total[$__rate_interval]) OR rate(windows_logical_disk_write_bytes_total[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Write",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "(sum(rate(node_network_receive_errs_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_received_errors_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Receive Errors",
+          "refId": "A"
+        },
+        {
+          "expr": "(sum(rate(node_network_receive_packets_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_received_total_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Receive Total",
+          "refId": "B"
+        },
+        {
+          "expr": "(sum(rate(node_network_transmit_errs_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_outbound_errors_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Transmit Errors",
+          "refId": "C"
+        },
+        {
+          "expr": "(sum(rate(node_network_receive_drop_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_received_discarded_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Receive Dropped",
+          "refId": "D"
+        },
+        {
+          "expr": "(sum(rate(node_network_transmit_drop_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_outbound_discarded{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Transmit Dropped",
+          "refId": "E"
+        },
+        {
+          "expr": "(sum(rate(node_network_transmit_packets_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_sent_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Transmit Total",
+          "refId": "F"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "pps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 14
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_network_transmit_bytes_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval]) OR rate(windows_net_packets_sent_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Transmit Total",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_network_receive_bytes_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval]) OR rate(windows_net_packets_received_total_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Receive Total",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Cluster",
+  "uid": "rancher-cluster-1",
+  "version": 3
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/bundle.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/bundle.json
new file mode 100644
index 0000000000..698f48aeed
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/bundle.json
@@ -0,0 +1,246 @@
+{
+   "description": "Bundle",
+   "graphTooltip": 1,
+   "panels": [
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 0
+         },
+         "id": 1,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_ready{exported_namespace=\"$namespace\",name=~\"$name\"}) / sum(fleet_bundle_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Bundles",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 0
+         },
+         "id": 2,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_not_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_out_of_sync{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Out of Sync"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_err_applied{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Err Applied"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_modified{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Modified"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_pending{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Pending"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_wait_applied{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Wait Applied"
+            }
+         ],
+         "title": "Bundles",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 8
+         },
+         "id": 3,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_not_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_out_of_sync{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Out of Sync"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_err_applied{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Err Applied"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_modified{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Modified"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_pending{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Pending"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_wait_applied{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Wait Applied"
+            }
+         ],
+         "title": "Bundles",
+         "type": "timeseries"
+      }
+   ],
+   "schemaVersion": 39,
+   "templating": {
+      "list": [
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "name": "namespace",
+            "query": "label_values(fleet_bundle_desired_ready, exported_namespace)",
+            "refresh": 2,
+            "type": "query"
+         },
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "includeAll": true,
+            "name": "name",
+            "query": "label_values(fleet_bundle_desired_ready{exported_namespace=~\"$namespace\"}, name)",
+            "refresh": 2,
+            "type": "query"
+         }
+      ]
+   },
+   "time": {
+      "from": "now-1h",
+      "to": "now"
+   },
+   "timezone": "utc",
+   "title": "Fleet / Bundle",
+   "uid": "fleet-bundle"
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/bundledeployment.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/bundledeployment.json
new file mode 100644
index 0000000000..c81f7a6212
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/bundledeployment.json
@@ -0,0 +1,219 @@
+{
+   "description": "BundleDeployment",
+   "graphTooltip": 1,
+   "panels": [
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 0
+         },
+         "id": 1,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"Ready\"}) / sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\"})"
+            }
+         ],
+         "title": "Ready BundleDeployments",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 0
+         },
+         "id": 2,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"Ready\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"NotReady\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"WaitApplied\"})",
+               "legendFormat": "Wait Applied"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"ErrApplied\"})",
+               "legendFormat": "Err Applied"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"OutOfSync\"})",
+               "legendFormat": "OutOfSync"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"Pending\"})",
+               "legendFormat": "Pending"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"Modified\"})",
+               "legendFormat": "Modified"
+            }
+         ],
+         "title": "BundleDeployments",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 8
+         },
+         "id": 3,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"Ready\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"NotReady\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"WaitApplied\"})",
+               "legendFormat": "Wait Applied"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"ErrApplied\"})",
+               "legendFormat": "Err Applied"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"OutOfSync\"})",
+               "legendFormat": "OutOfSync"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"Pending\"})",
+               "legendFormat": "Pending"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"Modified\"})",
+               "legendFormat": "Modified"
+            }
+         ],
+         "title": "BundleDeployments",
+         "type": "timeseries"
+      }
+   ],
+   "schemaVersion": 39,
+   "templating": {
+      "list": [
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "name": "namespace",
+            "query": "label_values(fleet_bundledeployment_state, cluster_namespace)",
+            "refresh": 2,
+            "type": "query"
+         }
+      ]
+   },
+   "time": {
+      "from": "now-1h",
+      "to": "now"
+   },
+   "timezone": "utc",
+   "title": "Fleet / BundleDeployment",
+   "uid": "fleet-bundledeployment"
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/cluster.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/cluster.json
new file mode 100644
index 0000000000..73bdea4834
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/cluster.json
@@ -0,0 +1,484 @@
+{
+   "description": "Cluster",
+   "graphTooltip": 1,
+   "panels": [
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 0
+         },
+         "id": 1,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_ready_git_repos{exported_namespace=\"$namespace\",name=~\"$name\"}) / sum(fleet_cluster_desired_ready_git_repos{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Git Repos",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 0
+         },
+         "id": 2,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_desired_ready_git_repos{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_ready_git_repos{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            }
+         ],
+         "title": "Git Repos",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 8
+         },
+         "id": 3,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_desired_ready_git_repos{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_ready_git_repos{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            }
+         ],
+         "title": "Git Repos",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 13
+         },
+         "id": 4,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_ready{exported_namespace=\"$namespace\",name=~\"$name\"}) / sum(fleet_cluster_resources_count_desiredready{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Resources",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 13
+         },
+         "id": 5,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_desiredready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_notready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_missing{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Missing"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_modified{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Modified"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_unknown{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Unknown"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_orphaned{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Orphaned"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_waitapplied{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Wait Applied"
+            }
+         ],
+         "title": "Resources",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 21
+         },
+         "id": 6,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_desiredready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_notready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_missing{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Missing"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_modified{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Modified"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_unknown{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Unknown"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_orphaned{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Orphaned"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_waitapplied{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Wait Applied"
+            }
+         ],
+         "title": "Resources",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 26
+         },
+         "id": 7,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_state{exported_namespace=\"$namespace\",name=~\"$name\",state=\"Ready\"}) / sum(fleet_cluster_state{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Clusters",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 26
+         },
+         "id": 8,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_state{exported_namespace=\"$namespace\",name=~\"$name\",state=\"Ready\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_state{exported_namespace=\"$namespace\",name=~\"$name\",state=\"NotReady\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_state{exported_namespace=\"$namespace\",name=~\"$name\",state=\"WaitCheckIn\"})",
+               "legendFormat": "Wait Check In"
+            }
+         ],
+         "title": "Clusters",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 34
+         },
+         "id": 9,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_state{exported_namespace=\"$namespace\",name=~\"$name\",state=\"Ready\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_state{exported_namespace=\"$namespace\",name=~\"$name\",state=\"NotReady\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_state{exported_namespace=\"$namespace\",name=~\"$name\",state=\"WaitCheckIn\"})",
+               "legendFormat": "Wait Check In"
+            }
+         ],
+         "title": "Clusters",
+         "type": "timeseries"
+      }
+   ],
+   "schemaVersion": 39,
+   "templating": {
+      "list": [
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "name": "namespace",
+            "query": "label_values(fleet_cluster_desired_ready_git_repos, exported_namespace)",
+            "refresh": 2,
+            "type": "query"
+         },
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "includeAll": true,
+            "name": "name",
+            "query": "label_values(fleet_cluster_desired_ready_git_repos{exported_namespace=~\"$namespace\"}, name)",
+            "refresh": 2,
+            "type": "query"
+         }
+      ]
+   },
+   "time": {
+      "from": "now-1h",
+      "to": "now"
+   },
+   "timezone": "utc",
+   "title": "Fleet / Cluster",
+   "uid": "fleet-cluster"
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/clustergroup.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/clustergroup.json
new file mode 100644
index 0000000000..ce3df87b21
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/clustergroup.json
@@ -0,0 +1,468 @@
+{
+   "description": "ClusterGroup",
+   "graphTooltip": 1,
+   "panels": [
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 0
+         },
+         "id": 1,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_bundle_ready{exported_namespace=\"$namespace\",name=~\"$name\"}) / sum(fleet_cluster_group_bundle_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Bundles",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 0
+         },
+         "id": 2,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_bundle_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_bundle_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            }
+         ],
+         "title": "Bundles",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 8
+         },
+         "id": 3,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_bundle_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_bundle_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            }
+         ],
+         "title": "Bundles",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 13
+         },
+         "id": 4,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "(sum(fleet_cluster_group_cluster_count{exported_namespace=\"$namespace\",name=~\"$name\"}) - sum(fleet_cluster_group_non_ready_cluster_count{exported_namespace=\"$namespace\",name=~\"$name\"})) / sum(fleet_cluster_group_cluster_count{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Clusters",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 13
+         },
+         "id": 5,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_cluster_count{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Total"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_non_ready_cluster_count{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Non Ready"
+            }
+         ],
+         "title": "Clusters",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 21
+         },
+         "id": 6,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_cluster_count{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Total"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_non_ready_cluster_count{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Non Ready"
+            }
+         ],
+         "title": "Clusters",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 26
+         },
+         "id": 7,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_ready{exported_namespace=\"$namespace\",name=~\"$name\"}) / sum(fleet_cluster_group_resource_count_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Resources",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 26
+         },
+         "id": 8,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_notready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_missing{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Missing"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_modified{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Modified"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_orphaned{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Orphaned"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_unknown{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Unknown"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_waitapplied{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Wait Applied"
+            }
+         ],
+         "title": "Resources",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 34
+         },
+         "id": 9,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_notready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_missing{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Missing"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_modified{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Modified"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_orphaned{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Orphaned"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_unknown{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Unknown"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_waitapplied{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Wait Applied"
+            }
+         ],
+         "title": "Resources",
+         "type": "timeseries"
+      }
+   ],
+   "schemaVersion": 39,
+   "templating": {
+      "list": [
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "name": "namespace",
+            "query": "label_values(fleet_cluster_group_bundle_desired_ready, exported_namespace)",
+            "refresh": 2,
+            "type": "query"
+         },
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "includeAll": true,
+            "name": "name",
+            "query": "label_values(fleet_cluster_group_bundle_desired_ready{exported_namespace=~\"$namespace\"}, name)",
+            "refresh": 2,
+            "type": "query"
+         }
+      ]
+   },
+   "time": {
+      "from": "now-1h",
+      "to": "now"
+   },
+   "timezone": "utc",
+   "title": "Fleet / ClusterGroup",
+   "uid": "fleet-cluster-group"
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/controller-runtime.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/controller-runtime.json
new file mode 100644
index 0000000000..23a81f2a8c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/controller-runtime.json
@@ -0,0 +1,454 @@
+{
+   "description": "Controller Runtime",
+   "graphTooltip": 1,
+   "panels": [
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 0
+         },
+         "id": 1,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "controller_runtime_active_workers{job=\"$job\", namespace=\"$namespace\"}",
+               "legendFormat": "{{controller}} {{instance}}"
+            }
+         ],
+         "title": "Number of Workers in Use",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 8
+         },
+         "id": 2,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(rate(controller_runtime_reconcile_errors_total{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, pod)",
+               "legendFormat": "{{instance}} {{pod}}"
+            }
+         ],
+         "title": "Reconciliation Error Count per Controller",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 16
+         },
+         "id": 3,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(rate(controller_runtime_reconcile_total{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, pod)",
+               "legendFormat": "{{instance}} {{pod}}"
+            }
+         ],
+         "title": "Total Reconciliation Count per Controller",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 24
+         },
+         "id": 4,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "workqueue_depth{job=\"$job\", namespace=\"$namespace\"}",
+               "legendFormat": "{{instance}} {{pod}}"
+            }
+         ],
+         "title": "WorkQueue Depth",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 32
+         },
+         "id": 5,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "histogram_quantile(0.50, sum(rate(workqueue_queue_duration_seconds_bucket{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, name, le))",
+               "legendFormat": "P50 {{name}}"
+            }
+         ],
+         "title": "Seconds for Items Stay in Queue (before being requested) P50",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 40
+         },
+         "id": 6,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "histogram_quantile(0.90, sum(rate(workqueue_queue_duration_seconds_bucket{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, name, le))",
+               "legendFormat": "P90 {{name}}"
+            }
+         ],
+         "title": "Seconds for Items Stay in Queue (before being requested) P90",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 48
+         },
+         "id": 7,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "histogram_quantile(0.99, sum(rate(workqueue_queue_duration_seconds_bucket{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, name, le))",
+               "legendFormat": "P99 {{name}}"
+            }
+         ],
+         "title": "Seconds for Items Stay in Queue (before being requested) P99",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 56
+         },
+         "id": 8,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(rate(workqueue_adds_total{job=\"$job\", namespace=\"$namespace\"}[2m])) by (instance, name)",
+               "legendFormat": "{{name}} {{instance}}"
+            }
+         ],
+         "title": "Work Queue Add Rate",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 64
+         },
+         "id": 9,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "rate(workqueue_unfinished_work_seconds{job=\"$job\", namespace=\"$namespace\"}[5m])",
+               "legendFormat": "{{name}} {{instance}}"
+            }
+         ],
+         "title": "Unfinished Seconds",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 72
+         },
+         "id": 10,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "histogram_quantile(0.50, sum(rate(workqueue_work_duration_seconds_bucket{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, name, le))",
+               "legendFormat": "P50 {{name}}"
+            }
+         ],
+         "title": "Seconds Processing Items from WorkQueue - 50th Percentile",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 80
+         },
+         "id": 11,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "histogram_quantile(0.90, sum(rate(workqueue_work_duration_seconds_bucket{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, name, le))",
+               "legendFormat": "P90 {{name}}"
+            }
+         ],
+         "title": "Seconds Processing Items from WorkQueue - 90th Percentile",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 88
+         },
+         "id": 12,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "histogram_quantile(0.99, sum(rate(workqueue_work_duration_seconds_bucket{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, name, le))",
+               "legendFormat": "P99 {{name}}"
+            }
+         ],
+         "title": "Seconds Processing Items from WorkQueue - 99th Percentile",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 96
+         },
+         "id": 13,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(rate(workqueue_retries_total{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, name)",
+               "legendFormat": "{{name}} {{instance}}"
+            }
+         ],
+         "title": "Work Queue Retries Rate",
+         "type": "timeseries"
+      }
+   ],
+   "schemaVersion": 39,
+   "templating": {
+      "list": [
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "name": "namespace",
+            "query": "label_values(controller_runtime_reconcile_total, namespace)",
+            "refresh": 2,
+            "type": "query"
+         },
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "name": "job",
+            "query": "label_values(controller_runtime_reconcile_total{namespace=~\"$namespace\"}, job)",
+            "refresh": 2,
+            "type": "query"
+         }
+      ]
+   },
+   "time": {
+      "from": "now-1h",
+      "to": "now"
+   },
+   "timezone": "utc",
+   "title": "Fleet / Controller-Runtime",
+   "uid": "fleet-controller-runtime"
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/gitrepo.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/gitrepo.json
new file mode 100644
index 0000000000..1a50c2937d
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/fleet/gitrepo.json
@@ -0,0 +1,325 @@
+{
+   "description": "GitRepo",
+   "graphTooltip": 1,
+   "panels": [
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 0
+         },
+         "id": 1,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_ready_clusters{exported_namespace=\"$namespace\",name=~\"$name\"}) / sum(fleet_gitrepo_desired_ready_clusters{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Clusters",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 0
+         },
+         "id": 2,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_desired_ready_clusters{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_ready_clusters{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            }
+         ],
+         "title": "Clusters",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 8
+         },
+         "id": 3,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_desired_ready_clusters{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_ready_clusters{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            }
+         ],
+         "title": "Clusters",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 13
+         },
+         "id": 4,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_ready{exported_namespace=\"$namespace\",name=~\"$name\"}) / sum(fleet_gitrepo_resources_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Resources",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 13
+         },
+         "id": 5,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_not_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_missing{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Missing"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_modified{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Modified"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_unknown{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Unknown"
+            }
+         ],
+         "title": "Resources",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 21
+         },
+         "id": 6,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_not_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_missing{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Missing"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_modified{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Modified"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_unknown{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Unknown"
+            }
+         ],
+         "title": "Resources",
+         "type": "timeseries"
+      }
+   ],
+   "schemaVersion": 39,
+   "templating": {
+      "list": [
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "name": "namespace",
+            "query": "label_values(fleet_gitrepo_desired_ready_clusters, exported_namespace)",
+            "refresh": 2,
+            "type": "query"
+         },
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "includeAll": true,
+            "name": "name",
+            "query": "label_values(fleet_gitrepo_desired_ready_clusters{exported_namespace=~\"$namespace\"}, name)",
+            "refresh": 2,
+            "type": "query"
+         }
+      ]
+   },
+   "time": {
+      "from": "now-1h",
+      "to": "now"
+   },
+   "timezone": "utc",
+   "title": "Fleet / GitRepo",
+   "uid": "fleet-gitrepo"
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/home/rancher-default-home.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/home/rancher-default-home.json
new file mode 100644
index 0000000000..3fce207561
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/home/rancher-default-home.json
@@ -0,0 +1,1290 @@
+{
+  "annotations": {
+    "list": []
+  },
+  "editable": false,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": null,
+  "links": [],
+  "panels": [
+    {
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 24,
+        "x": 0,
+        "y": 0
+      },
+      "id": 1,
+      "title": "",
+      "type": "welcome"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": true,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "percent",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": true,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 5,
+        "w": 8,
+        "x": 0,
+        "y": 4
+      },
+      "height": "180px",
+      "id": 6,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "(1 - (avg(irate({__name__=~\"node_cpu_seconds_total|windows_cpu_time_total\",mode=\"idle\"}[5m])))) * 100",
+          "format": "time_series",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "65, 90",
+      "title": "CPU Utilization",
+      "type": "singlestat",
+      "valueFontSize": "80%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": true,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "percent",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": true,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 5,
+        "w": 8,
+        "x": 8,
+        "y": 4
+      },
+      "height": "180px",
+      "id": 4,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "(1 - sum({__name__=~\"node_memory_MemAvailable_bytes|windows_os_physical_memory_free_bytes\"}) / sum({__name__=~\"node_memory_MemTotal_bytes|windows_cs_physical_memory_bytes\"})) * 100",
+          "format": "time_series",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "65, 90",
+      "title": "Memory Utilization",
+      "type": "singlestat",
+      "valueFontSize": "80%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": true,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "percent",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": true,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 5,
+        "w": 8,
+        "x": 16,
+        "y": 4
+      },
+      "height": "180px",
+      "id": 7,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "(1 - (((sum(node_filesystem_free_bytes{device!~\"rootfs|HarddiskVolume.+\"}) OR on() vector(0)) + (sum(windows_logical_disk_free_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) OR on() vector(0))) / ((sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\"}) OR on() vector(0)) + (sum(windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) OR on() vector(0))))) * 100",
+          "format": "time_series",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "metric": "",
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "65, 90",
+      "title": "Disk Utilization",
+      "type": "singlestat",
+      "valueFontSize": "80%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "none",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 4,
+        "x": 0,
+        "y": 9
+      },
+      "height": "1px",
+      "id": 11,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": " cores",
+      "postfixFontSize": "30%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "sum(irate({__name__=~\"node_cpu_seconds_total|windows_cpu_time_total\",mode!=\"idle\"}[5m]))",
+          "format": "time_series",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "",
+      "title": "CPU Used",
+      "type": "singlestat",
+      "valueFontSize": "50%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "none",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 4,
+        "x": 4,
+        "y": 9
+      },
+      "height": "1px",
+      "id": 12,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": " cores",
+      "postfixFontSize": "30%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "sum(kube_node_status_allocatable_cpu_cores{}) OR sum(kube_node_status_allocatable{resource=\"cpu\",unit=\"core\"})",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "",
+      "title": "CPU Total",
+      "type": "singlestat",
+      "valueFontSize": "50%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "bytes",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 4,
+        "x": 8,
+        "y": 9
+      },
+      "height": "1px",
+      "id": 9,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "20%",
+      "prefix": "",
+      "prefixFontSize": "20%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "sum({__name__=~\"node_memory_MemTotal_bytes|windows_cs_physical_memory_bytes\"}) - sum({__name__=~\"node_memory_MemAvailable_bytes|windows_os_physical_memory_free_bytes\"})",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "",
+      "title": "Memory Used",
+      "type": "singlestat",
+      "valueFontSize": "50%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "bytes",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 4,
+        "x": 12,
+        "y": 9
+      },
+      "height": "1px",
+      "id": 10,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "sum(kube_node_status_allocatable_memory_bytes{}) OR sum(kube_node_status_allocatable{resource=\"memory\", unit=\"byte\"})",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "",
+      "title": "Memory Total",
+      "type": "singlestat",
+      "valueFontSize": "50%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "bytes",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 4,
+        "x": 16,
+        "y": 9
+      },
+      "height": "1px",
+      "id": 13,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "(sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\"}) - sum(node_filesystem_free_bytes{device!~\"rootfs|HarddiskVolume.+\"}) OR on() vector(0)) + (sum(windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) - sum(windows_logical_disk_free_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) OR on() vector(0))",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "",
+      "title": "Disk Used",
+      "type": "singlestat",
+      "valueFontSize": "50%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "bytes",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 4,
+        "x": 20,
+        "y": 9
+      },
+      "height": "1px",
+      "id": 14,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "(sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\"}) OR on() vector(0)) + (sum(windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) OR on() vector(0))",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "",
+      "title": "Disk Total",
+      "type": "singlestat",
+      "valueFontSize": "50%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "Prometheus",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {},
+          "links": []
+        },
+        "overrides": []
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 6,
+        "w": 8,
+        "x": 0,
+        "y": 12
+      },
+      "hiddenSeries": false,
+      "id": 2051,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "links": [],
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 5,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - (avg(irate({__name__=~\"node_cpu_seconds_total|windows_cpu_time_total\",mode=\"idle\"}[$__rate_interval])))",
+          "format": "time_series",
+          "hide": false,
+          "instant": false,
+          "intervalFactor": 1,
+          "legendFormat": "Cluster",
+          "refId": "A"
+        },
+        {
+          "expr": "1 - avg(irate({__name__=~\"node_cpu_seconds_total|windows_cpu_time_total\", mode=\"idle\"}[$__rate_interval])) by (instance)",
+          "format": "time_series",
+          "hide": false,
+          "intervalFactor": 1,
+          "legendFormat": "{{ instance }}",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Usage",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "percentunit",
+          "label": "",
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": "",
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "Prometheus",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {},
+          "links": []
+        },
+        "overrides": []
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 6,
+        "w": 8,
+        "x": 8,
+        "y": 12
+      },
+      "hiddenSeries": false,
+      "id": 2052,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "links": [],
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 5,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "100 * (1 - sum({__name__=~\"node_memory_MemAvailable_bytes|windows_os_physical_memory_free_bytes\"}) / sum({__name__=~\"node_memory_MemTotal_bytes|windows_cs_physical_memory_bytes\"}))",
+          "format": "time_series",
+          "hide": false,
+          "instant": false,
+          "intervalFactor": 1,
+          "legendFormat": "Cluster",
+          "refId": "A"
+        },
+        {
+          "expr": "100 * (1- sum({__name__=~\"node_memory_MemAvailable_bytes|windows_os_physical_memory_free_bytes\"}) by (instance) / sum({__name__=~\"node_memory_MemTotal_bytes|windows_cs_physical_memory_bytes\"}) by (instance))",
+          "format": "time_series",
+          "hide": false,
+          "intervalFactor": 1,
+          "legendFormat": "{{ instance }}",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Usage",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "percent",
+          "label": "",
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": "",
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "Prometheus",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {},
+          "links": []
+        },
+        "overrides": []
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 6,
+        "w": 8,
+        "x": 16,
+        "y": 12
+      },
+      "hiddenSeries": false,
+      "id": 2053,
+      "legend": {
+        "alignAsTable": false,
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": false,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "links": [],
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 5,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "(1 - ((sum(node_filesystem_free_bytes{device!~\"rootfs|HarddiskVolume.+\"}) OR on() vector(0)) + (sum(windows_logical_disk_free_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"} OR on() vector(0)))) / ((sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\"}) OR on() vector(0)) + (sum(windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) OR on() vector(0)))) * 100",
+          "legendFormat": "Cluster",
+          "refId": "A"
+        },
+        {
+          "expr": "(1 - (sum(node_filesystem_free_bytes{device!~\"rootfs|HarddiskVolume.+\"}) by (instance)) / sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\"}) by (instance)) * 100",
+          "hide": false,
+          "legendFormat": "{{ instance }}",
+          "refId": "B"
+        },
+        {
+          "expr": "(1 - (sum(windows_logical_disk_free_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) by (instance)) / sum(windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) by (instance)) * 100",
+          "hide": false,
+          "legendFormat": "{{ instance }}",
+          "refId": "C"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk Usage",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "percent",
+          "label": "",
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": "",
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "folderId": 0,
+      "gridPos": {
+        "h": 15,
+        "w": 12,
+        "x": 0,
+        "y": 18
+      },
+      "headings": true,
+      "id": 3,
+      "limit": 30,
+      "links": [],
+      "query": "",
+      "recent": true,
+      "search": true,
+      "starred": false,
+      "tags": [],
+      "title": "Dashboards",
+      "type": "dashlist"
+    },
+    {
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 8,
+        "w": 12,
+        "x": 12,
+        "y": 18
+      },
+      "id": 2055,
+      "options": {
+        "content": "## About Rancher Monitoring\n\nRancher Monitoring is a Helm chart developed by Rancher that is powered by [Prometheus Operator](https://github.com/prometheus-operator/prometheus-operator). It is based on the upstream [kube-prometheus-stack](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack) Helm chart maintained by the Prometheus community.\n\nBy default, the chart deploys Grafana alongside a set of Grafana dashboards curated by the [kube-prometheus](https://github.com/prometheus-operator/kube-prometheus) project.\n\nFor more information on how Rancher Monitoring differs from [kube-prometheus-stack](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack), please view the CHANGELOG.md of the rancher-monitoring chart located in the [rancher/charts](https://github.com/rancher/charts) repository.\n\nFor more information about how to configure Rancher Monitoring, please view the [Rancher docs](https://rancher.com/docs/rancher/v2.x/en/).\n\n",
+        "mode": "markdown"
+      },
+      "pluginVersion": "7.1.0",
+      "timeFrom": null,
+      "timeShift": null,
+      "title": "",
+      "type": "text"
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "hidden": true,
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ],
+    "time_options": [
+      "5m",
+      "15m",
+      "1h",
+      "6h",
+      "12h",
+      "24h",
+      "2d",
+      "7d",
+      "30d"
+    ],
+    "type": "timepicker"
+  },
+  "timezone": "browser",
+  "title": "Home",
+  "uid": "rancher-home-1",
+  "version": 5
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/k8s/rancher-etcd-nodes.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/k8s/rancher-etcd-nodes.json
new file mode 100644
index 0000000000..8af4b81ce0
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/k8s/rancher-etcd-nodes.json
@@ -0,0 +1,687 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 32,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "Prometheus",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(etcd_network_client_grpc_received_bytes_total{job=\"kube-etcd\"}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Client Traffic In ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(etcd_network_client_grpc_sent_bytes_total{job=\"kube-etcd\"}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Client Traffic Out ({{instance}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "GRPC Client Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "Load[5m]({{instance}})"
+            },
+            "properties": []
+          }
+        ]
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 3,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(etcd_mvcc_db_total_size_in_bytes) by (instance)",
+          "interval": "",
+          "legendFormat": "DB Size ({{instance}})",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "DB Size",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "bytes",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(grpc_server_started_total{grpc_service=\"etcdserverpb.Watch\",grpc_type=\"bidi_stream\"}) by (instance) - sum(grpc_server_handled_total{grpc_service=\"etcdserverpb.Watch\",grpc_type=\"bidi_stream\"}) by (instance)",
+          "interval": "",
+          "legendFormat": "Watch Streams ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(grpc_server_started_total{grpc_service=\"etcdserverpb.Lease\",grpc_type=\"bidi_stream\"}) by (instance) - sum(grpc_server_handled_total{grpc_service=\"etcdserverpb.Lease\",grpc_type=\"bidi_stream\"}) by (instance)",
+          "interval": "",
+          "legendFormat": "Lease Watch Stream ({{instance}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Active Streams",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 5,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(etcd_server_proposals_committed_total[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Proposal Committed ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(etcd_server_proposals_applied_total[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Proposal Applied ({{instance}})",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(rate(etcd_server_proposals_failed_total[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Proposal Failed ({{instance}})",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(etcd_server_proposals_pending) by (instance)",
+          "interval": "",
+          "legendFormat": "Proposal Pending ({{instance}})",
+          "refId": "D"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Raft Proposals",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(grpc_server_started_total{grpc_type=\"unary\"}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "RPC Rate ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(grpc_server_handled_total{grpc_type=\"unary\",grpc_code!=\"OK\"}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "RPC Failure Rate ({{instance}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "RPC Rate",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 0,
+          "format": "ops",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "decimals": null,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "histogram_quantile(0.99, sum(rate(etcd_disk_wal_fsync_duration_seconds_bucket[$__rate_interval])) by (instance, le))",
+          "interval": "",
+          "legendFormat": "WAL fsync ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "histogram_quantile(0.99, sum(rate(etcd_disk_backend_commit_duration_seconds_bucket[$__rate_interval])) by (instance, le))",
+          "interval": "",
+          "legendFormat": "DB fsync ({{instance}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk Sync Duration",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 2,
+          "format": "s",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / etcd (Nodes)",
+  "uid": "rancher-etcd-nodes-1",
+  "version": 5
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/k8s/rancher-etcd.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/k8s/rancher-etcd.json
new file mode 100644
index 0000000000..0c058cafb9
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/k8s/rancher-etcd.json
@@ -0,0 +1,669 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 33,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "Prometheus",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(etcd_network_client_grpc_received_bytes_total{job=\"kube-etcd\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Client Traffic In",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(etcd_network_client_grpc_sent_bytes_total{job=\"kube-etcd\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Client Traffic Out",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "GRPC Client Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": [
+          {
+            "properties": []
+          }
+        ]
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 3,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(etcd_mvcc_db_total_size_in_bytes)",
+          "interval": "",
+          "legendFormat": "DB Size",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "DB Size",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "bytes",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(grpc_server_started_total{grpc_service=\"etcdserverpb.Watch\",grpc_type=\"bidi_stream\"}) - sum(grpc_server_handled_total{grpc_service=\"etcdserverpb.Watch\",grpc_type=\"bidi_stream\"})",
+          "interval": "",
+          "legendFormat": "Watch Streams",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(grpc_server_started_total{grpc_service=\"etcdserverpb.Lease\",grpc_type=\"bidi_stream\"}) - sum(grpc_server_handled_total{grpc_service=\"etcdserverpb.Lease\",grpc_type=\"bidi_stream\"})",
+          "interval": "",
+          "legendFormat": "Lease Watch Stream",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Active Streams",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 5,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(etcd_server_proposals_committed_total[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Proposal Committed",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(etcd_server_proposals_applied_total[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Proposal Applied",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(rate(etcd_server_proposals_failed_total[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Proposal Failed",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(etcd_server_proposals_pending)",
+          "interval": "",
+          "legendFormat": "Proposal Pending",
+          "refId": "D"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Raft Proposals",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(grpc_server_started_total{grpc_type=\"unary\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "RPC Rate",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(grpc_server_handled_total{grpc_type=\"unary\",grpc_code!=\"OK\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "RPC Failure Rate",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "RPC Rate",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 0,
+          "format": "ops",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "decimals": null,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "histogram_quantile(0.99, sum(rate(etcd_disk_wal_fsync_duration_seconds_bucket[$__rate_interval])) by (instance, le))",
+          "interval": "",
+          "legendFormat": "WAL fsync",
+          "refId": "A"
+        },
+        {
+          "expr": "histogram_quantile(0.99, sum(rate(etcd_disk_backend_commit_duration_seconds_bucket[$__rate_interval])) by (instance, le))",
+          "interval": "",
+          "legendFormat": "DB fsync",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk Sync Duration",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 2,
+          "format": "s",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / etcd",
+  "uid": "rancher-etcd-1",
+  "version": 4
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/k8s/rancher-k8s-components-nodes.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/k8s/rancher-k8s-components-nodes.json
new file mode 100644
index 0000000000..b31358eaaf
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/k8s/rancher-k8s-components-nodes.json
@@ -0,0 +1,527 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 30,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(apiserver_request_total[$__rate_interval])) by (instance, code)",
+          "interval": "",
+          "legendFormat": "{{code}}({{instance}})",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "API Server Request Rate",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 0,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "Load[5m]({{instance}})"
+            },
+            "properties": []
+          }
+        ]
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 3,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"deployment\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "Deployment Depth ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"volumes\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "Volumes Depth ({{instance}})",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"replicaset\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "ReplicaSet Depth ({{instance}})",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"service\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "Service Depth ({{instance}})",
+          "refId": "D"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"serviceaccount\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "ServiceAccount Depth ({{instance}})",
+          "refId": "E"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"endpoint\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "Endpoint Depth ({{instance}})",
+          "refId": "F"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"daemonset\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "DaemonSet Depth ({{instance}})",
+          "refId": "G"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"statefulset\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "StatefulSet Depth ({{instance}})",
+          "refId": "H"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"replicationmanager\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "ReplicationManager Depth ({{instance}})",
+          "refId": "I"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Controller Manager Queue Depth",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(kube_pod_status_scheduled{condition=\"false\"})",
+          "interval": "",
+          "legendFormat": "Failed To Schedule",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Pod Scheduling Status",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 5,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(nginx_ingress_controller_nginx_process_connections{state=\"reading\"}) by (instance)",
+          "interval": "",
+          "legendFormat": "Reading ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(nginx_ingress_controller_nginx_process_connections{state=\"waiting\"}) by (instance)",
+          "interval": "",
+          "legendFormat": "Waiting ({{instance}})",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(nginx_ingress_controller_nginx_process_connections{state=\"writing\"}) by (instance)",
+          "interval": "",
+          "legendFormat": "Writing ({{instance}})",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(ceil(increase(nginx_ingress_controller_nginx_process_connections_total{state=\"accepted\"}[$__rate_interval]))) by (instance)",
+          "interval": "",
+          "legendFormat": "Accepted ({{instance}})",
+          "refId": "D"
+        },
+        {
+          "expr": "sum(ceil(increase(nginx_ingress_controller_nginx_process_connections_total{state=\"handled\"}[$__rate_interval]))) by (instance)",
+          "interval": "",
+          "legendFormat": "Handled ({{instance}})",
+          "refId": "E"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Ingress Controller Connections",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Kubernetes Components (Nodes)",
+  "uid": "rancher-k8s-components-nodes-1",
+  "version": 5
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/k8s/rancher-k8s-components.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/k8s/rancher-k8s-components.json
new file mode 100644
index 0000000000..44cf97f9fd
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/k8s/rancher-k8s-components.json
@@ -0,0 +1,519 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 31,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(apiserver_request_total[$__rate_interval])) by (code)",
+          "interval": "",
+          "legendFormat": "{{code}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "API Server Request Rate",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 0,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "Load[5m]({{instance}})"
+            },
+            "properties": []
+          }
+        ]
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 3,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"deployment\"}) by (name)",
+          "interval": "",
+          "legendFormat": "Deployment Depth",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"volumes\"}) by (name)",
+          "interval": "",
+          "legendFormat": "Volumes Depth",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"replicaset\"}) by (name)",
+          "interval": "",
+          "legendFormat": "Replicaset Depth",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"service\"}) by (name)",
+          "interval": "",
+          "legendFormat": "Service Depth",
+          "refId": "D"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"serviceaccount\"}) by (name)",
+          "interval": "",
+          "legendFormat": "ServiceAccount Depth",
+          "refId": "E"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"endpoint\"}) by (name)",
+          "interval": "",
+          "legendFormat": "Endpoint Depth",
+          "refId": "F"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"daemonset\"}) by (name)",
+          "interval": "",
+          "legendFormat": "DaemonSet Depth",
+          "refId": "G"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"statefulset\"}) by (name)",
+          "interval": "",
+          "legendFormat": "StatefulSet Depth",
+          "refId": "H"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"replicationmanager\"}) by (name)",
+          "interval": "",
+          "legendFormat": "ReplicationManager Depth",
+          "refId": "I"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Controller Manager Queue Depth",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(kube_pod_status_scheduled{condition=\"false\"})",
+          "interval": "",
+          "legendFormat": "Failed To Schedule",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Pod Scheduling Status",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 5,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(nginx_ingress_controller_nginx_process_connections{state=\"reading\"})",
+          "interval": "",
+          "legendFormat": "Reading",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(nginx_ingress_controller_nginx_process_connections{state=\"waiting\"})",
+          "interval": "",
+          "legendFormat": "Waiting",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(nginx_ingress_controller_nginx_process_connections{state=\"writing\"})",
+          "interval": "",
+          "legendFormat": "Writing",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(ceil(increase(nginx_ingress_controller_nginx_process_connections_total{state=\"accepted\"}[$__rate_interval])))",
+          "interval": "",
+          "legendFormat": "Accepted",
+          "refId": "D"
+        },
+        {
+          "expr": "sum(ceil(increase(nginx_ingress_controller_nginx_process_connections_total{state=\"handled\"}[$__rate_interval])))",
+          "interval": "",
+          "legendFormat": "Handled",
+          "refId": "E"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Ingress Controller Connections",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Kubernetes Components",
+  "uid": "rancher-k8s-components-1",
+  "version": 5
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/nodes/rancher-node-detail.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/nodes/rancher-node-detail.json
new file mode 100644
index 0000000000..920fb94cf7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/nodes/rancher-node-detail.json
@@ -0,0 +1,805 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 28,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {
+        "{{mode}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "avg(irate({__name__=~\"node_cpu_seconds_total|windows_cpu_time_total\", instance=\"$instance\"}[$__rate_interval])) by (mode)",
+          "interval": "",
+          "legendFormat": "{{mode}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "Load[5m]"
+            },
+            "properties": []
+          }
+        ]
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 3,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(node_load5{instance=~\"$instance\"} OR avg_over_time(windows_system_processor_queue_length{instance=~\"$instance\"}[5m]))",
+          "interval": "",
+          "legendFormat": "Load[5m]",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(node_load1{instance=~\"$instance\"} OR avg_over_time(windows_system_processor_queue_length{instance=~\"$instance\"}[1m]))",
+          "interval": "",
+          "legendFormat": "Load[1m]",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(node_load15{instance=~\"$instance\"} OR avg_over_time(windows_system_processor_queue_length{instance=~\"$instance\"}[15m]))",
+          "interval": "",
+          "legendFormat": "Load[15m]",
+          "refId": "C"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Load Average",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - (node_memory_MemAvailable_bytes{instance=~\"$instance\"} OR windows_os_physical_memory_free_bytes{instance=~\"$instance\"}) / (node_memory_MemTotal_bytes{instance=~\"$instance\"} OR windows_cs_physical_memory_bytes{instance=~\"$instance\"})",
+          "interval": "",
+          "legendFormat": "Total",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{device}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 5,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - (sum(node_filesystem_free_bytes{device!~\"rootfs|HarddiskVolume.+\", instance=~\"$instance\"} OR windows_logical_disk_free_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\", instance=~\"$instance\"}) by (device) / sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\", instance=~\"$instance\"} OR windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\", instance=~\"$instance\"}) by (device))",
+          "interval": "",
+          "legendFormat": "{{device}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{device}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_disk_read_bytes_total{instance=~\"$instance\"}[$__rate_interval]) OR rate(windows_logical_disk_read_bytes_total{instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Read ({{device}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_disk_written_bytes_total{instance=~\"$instance\"}[$__rate_interval]) OR rate(windows_logical_disk_write_bytes_total{instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Write ({{device}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{device}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_network_receive_errs_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) by (device) OR sum(rate(windows_net_packets_received_errors_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Receive Errors ({{device}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_network_receive_packets_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) by (device) OR sum(rate(windows_net_packets_received_total_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Receive Total ({{device}})",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(rate(node_network_transmit_errs_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) by (device) OR sum(rate(windows_net_packets_outbound_errors_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Transmit Errors ({{device}})",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(rate(node_network_receive_drop_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) by (device) OR sum(rate(windows_net_packets_received_discarded_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Receive Dropped ({{device}})",
+          "refId": "D"
+        },
+        {
+          "expr": "sum(rate(node_network_transmit_drop_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) by (device) OR sum(rate(windows_net_packets_outbound_discarded{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Transmit Dropped ({{device}})",
+          "refId": "E"
+        },
+        {
+          "expr": "sum(rate(node_network_transmit_packets_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) by (device) OR sum(rate(windows_net_packets_sent_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Transmit Total ({{device}})",
+          "refId": "F"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "pps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{device}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 14
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_network_transmit_bytes_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval]) OR rate(windows_net_packets_sent_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Transmit Total ({{device}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_network_receive_bytes_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval]) OR rate(windows_net_packets_received_total_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Receive Total ({{device}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "instance",
+        "query": "label_values({__name__=~\"node_exporter_build_info|windows_exporter_build_info\"}, instance)",
+        "refresh": 2,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Node (Detail)",
+  "uid": "rancher-node-detail-1",
+  "version": 3
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/nodes/rancher-node.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/nodes/rancher-node.json
new file mode 100644
index 0000000000..367df3cc9d
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/nodes/rancher-node.json
@@ -0,0 +1,792 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 28,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - avg(irate({__name__=~\"node_cpu_seconds_total|windows_cpu_time_total\", instance=\"$instance\", mode=\"idle\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Total",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "Load[5m]"
+            },
+            "properties": []
+          }
+        ]
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 3,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(node_load5{instance=~\"$instance\"} OR avg_over_time(windows_system_processor_queue_length{instance=~\"$instance\"}[5m]))",
+          "interval": "",
+          "legendFormat": "Load[5m]",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(node_load1{instance=~\"$instance\"} OR avg_over_time(windows_system_processor_queue_length{instance=~\"$instance\"}[1m]))",
+          "interval": "",
+          "legendFormat": "Load[1m]",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(node_load15{instance=~\"$instance\"} OR avg_over_time(windows_system_processor_queue_length{instance=~\"$instance\"}[15m]))",
+          "interval": "",
+          "legendFormat": "Load[15m]",
+          "refId": "C"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Load Average",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - sum(node_memory_MemAvailable_bytes{instance=~\"$instance\"} OR windows_os_physical_memory_free_bytes{instance=~\"$instance\"}) / sum(node_memory_MemTotal_bytes{instance=~\"$instance\"} OR windows_cs_physical_memory_bytes{instance=~\"$instance\"})",
+          "interval": "",
+          "legendFormat": "Total",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 5,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - (sum(node_filesystem_free_bytes{device!~\"rootfs|HarddiskVolume.+\", instance=~\"$instance\"} OR windows_logical_disk_free_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\", instance=~\"$instance\"}) / sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\", instance=~\"$instance\"} OR windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\", instance=~\"$instance\"}))",
+          "interval": "",
+          "legendFormat": "Total",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_disk_read_bytes_total{instance=~\"$instance\"}[$__rate_interval]) OR rate(windows_logical_disk_read_bytes_total{instance=~\"$instance\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Read",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_disk_written_bytes_total{instance=~\"$instance\"}[$__rate_interval]) OR rate(windows_logical_disk_write_bytes_total{instance=~\"$instance\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Write",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "(sum(rate(node_network_receive_errs_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_received_errors_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Receive Errors",
+          "refId": "A"
+        },
+        {
+          "expr": "(sum(rate(node_network_receive_packets_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_received_total_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Receive Total",
+          "refId": "B"
+        },
+        {
+          "expr": "(sum(rate(node_network_transmit_errs_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_outbound_errors_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Transmit Errors",
+          "refId": "C"
+        },
+        {
+          "expr": "(sum(rate(node_network_receive_drop_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_received_discarded_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Receive Dropped",
+          "refId": "D"
+        },
+        {
+          "expr": "(sum(rate(node_network_transmit_drop_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_outbound_discarded{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Transmit Dropped",
+          "refId": "E"
+        },
+        {
+          "expr": "(sum(rate(node_network_transmit_packets_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_sent_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Transmit Total",
+          "refId": "F"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "pps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 14
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_network_transmit_bytes_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval]) OR rate(windows_net_packets_sent_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Transmit Total",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_network_receive_bytes_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval]) OR rate(windows_net_packets_received_total_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Receive Total",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "instance",
+        "query": "label_values({__name__=~\"node_exporter_build_info|windows_exporter_build_info\"}, instance)",
+        "refresh": 2,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Node",
+  "uid": "rancher-node-1",
+  "version": 3
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/performance/performance-debugging.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/performance/performance-debugging.json
new file mode 100644
index 0000000000..454bc39390
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/performance/performance-debugging.json
@@ -0,0 +1,1652 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": {
+          "type": "datasource",
+          "uid": "grafana"
+        },
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "target": {
+          "limit": 100,
+          "matchAny": false,
+          "tags": [],
+          "type": "dashboard"
+        },
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "fiscalYearStartMonth": 0,
+  "graphTooltip": 0,
+  "links": [],
+  "liveNow": false,
+  "panels": [
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 22,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": true,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (handler_name) (rate(lasso_controller_reconcile_time_seconds_sum[5m]))\n/\nsum by (handler_name) (rate(lasso_controller_reconcile_time_seconds_count[5m])))",
+          "interval": "",
+          "legendFormat": "{{handler_name}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Handler Average Execution Times Over Last 5 Minutes (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:1390",
+          "format": "short",
+          "label": "Execution Time in Seconds",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:1391",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "description": "",
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 8
+      },
+      "hiddenSeries": false,
+      "id": 28,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (resource, method, code) (rate(steve_api_request_time_sum{resource!=\"subscribe\"}[5m]))\n/\nsum by (resource, method, code) (rate(steve_api_request_time_count{resource!=\"subscribe\"}[5m])))",
+          "interval": "",
+          "legendFormat": "{{resource}} {{method}} {{code}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Rancher API Average Request Times Over Last 5 Minutes (Top 20) (Subscribes Omitted)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:178",
+          "format": "ms",
+          "label": "",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:179",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 16
+      },
+      "hiddenSeries": false,
+      "id": 30,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "rate(steve_api_request_time_sum{resource=\"subscribe\"}[5m])\n/\nrate(steve_api_request_time_count{resource=\"subscribe\"}[5m])",
+          "interval": "",
+          "legendFormat": "{{resource}} {{method}} {{code}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Subscribe Average Request Times Over Last 5 Minutes",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:368",
+          "format": "ms",
+          "label": "",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:369",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 24
+      },
+      "hiddenSeries": false,
+      "id": 14,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,workqueue_depth)",
+          "interval": "",
+          "legendFormat": "{{name}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Lasso Controller Work Queue Depth (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:1553",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:1554",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 13,
+        "w": 16,
+        "x": 0,
+        "y": 32
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "alignAsTable": false,
+        "avg": false,
+        "current": false,
+        "hideEmpty": false,
+        "hideZero": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (id, resource, method, code) (steve_api_total_requests))",
+          "instant": false,
+          "interval": "",
+          "legendFormat": "{{id}} {{resource}} {{method}} {{code}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Number of Rancher Requests (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:290",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:291",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 9,
+        "w": 16,
+        "x": 0,
+        "y": 45
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (id, resource, method) (steve_api_total_requests{code!=\"200\",code!=\"201\"}))",
+          "interval": "",
+          "legendFormat": "{{id}} {{resource}} {{method}} {{code}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Number of Failed Rancher API Requests (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:428",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:429",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 54
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "alignAsTable": false,
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (resource, method, code) (rate(k8s_proxy_store_request_time_sum[5m]))\n/\nsum by (resource, method, code) (rate(k8s_proxy_store_request_time_count[5m])))",
+          "interval": "",
+          "legendFormat": "{{resource}} {{method}} {{code}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "K8s Proxy Store Average Request Times Over Last 5 Minutes (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:662",
+          "format": "ms",
+          "label": "",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:663",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 62
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": true,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (resource, method, code) (rate(k8s_proxy_client_request_time_sum[5m]))\n/\nsum by (resource, method, code) (rate(k8s_proxy_client_request_time_count[5m])))",
+          "interval": "",
+          "legendFormat": "{{resource}} {{method}} {{code}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "K8s Proxy Client Average Request Times Over Last 5 Minutes (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:1710",
+          "format": "ms",
+          "label": "",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:1711",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 70
+      },
+      "hiddenSeries": false,
+      "id": 10,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,lasso_controller_total_cached_object)",
+          "interval": "",
+          "legendFormat": "{{kind}} {{version}} {{group}} {{pod}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Cached Objects by GroupVersionKind (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:744",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:745",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "description": "",
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 78
+      },
+      "hiddenSeries": false,
+      "id": 12,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (handler_name) (\nlasso_controller_total_handler_execution\n))",
+          "interval": "",
+          "legendFormat": "{{handler_name}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Lasso Handler Executions (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:824",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:825",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 86
+      },
+      "hiddenSeries": false,
+      "id": 32,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20, sum by (handler_name,controller_name) (\nincrease(lasso_controller_total_handler_execution[2m])\n))",
+          "interval": "",
+          "legendFormat": "{{controller_name}}.{{handler_name}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Handler Executions Over Last 2 Minutes (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 94
+      },
+      "hiddenSeries": false,
+      "id": 20,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (handler_name) (\nlasso_controller_total_handler_execution{has_error=\"true\"}\n))",
+          "interval": "",
+          "legendFormat": "{{handler_name}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Total Handler Executions with Error (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:1230",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:1231",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 102
+      },
+      "hiddenSeries": false,
+      "id": 34,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (handler_name,controller_name) (\nincrease(lasso_controller_total_handler_execution{has_error=\"true\"}[2m])\n))",
+          "interval": "",
+          "legendFormat": "{{controller_name}}.{{handler_name}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Handler Executions Over Last 2 Minutes (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 110
+      },
+      "hiddenSeries": false,
+      "id": 16,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,session_server_total_transmit_bytes)",
+          "interval": "",
+          "legendFormat": "{{clientkey}} {{pod}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Data Transmitted by Remote Dialer Sessions (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:1953",
+          "format": "decbytes",
+          "label": "",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:1954",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "description": "",
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 118
+      },
+      "hiddenSeries": false,
+      "id": 18,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "session_server_total_transmit_error_bytes",
+          "interval": "",
+          "legendFormat": "{{clientkey}} {{pod}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Errors for Remote Dialer Sessions (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:2045",
+          "format": "ms",
+          "label": "Error Data",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:2046",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 126
+      },
+      "hiddenSeries": false,
+      "id": 26,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "editorMode": "code",
+          "exemplar": true,
+          "expr": "session_server_total_add_websocket_session - (session_server_total_remove_websocket_session or (0 * session_server_total_add_websocket_session))",
+          "interval": "",
+          "legendFormat": "{{clientkey}} {{pod}}",
+          "range": true,
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Remote Dialer Active Connections (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:2199",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:2200",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 134
+      },
+      "hiddenSeries": false,
+      "id": 35,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "editorMode": "code",
+          "exemplar": true,
+          "expr": "rate(session_server_total_remove_connections[$__rate_interval])",
+          "interval": "",
+          "legendFormat": "{{clientkey}} {{pod}}",
+          "range": true,
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Remote Dialer Removed Connections Rate (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:2199",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:2200",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 142
+      },
+      "hiddenSeries": false,
+      "id": 24,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "editorMode": "code",
+          "exemplar": true,
+          "expr": "rate(session_server_total_add_connections[$__rate_interval])",
+          "interval": "",
+          "legendFormat": "{{clientkey}} {{pod}}",
+          "range": true,
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Remote Dialer Added Connections Rate (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:2117",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:2118",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    }
+  ],
+  "schemaVersion": 37,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "selected": false,
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "includeAll": false,
+        "label": "Data Source",
+        "multi": false,
+        "name": "datasource",
+        "options": [],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "skipUrlSync": false,
+        "type": "datasource"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-15m",
+    "to": "now"
+  },
+  "timepicker": {},
+  "timezone": "",
+  "title": "Rancher Performance Debugging",
+  "uid": "tfrfU0a7k",
+  "version": 1,
+  "weekStart": ""
+}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/pods/rancher-pod-containers.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/pods/rancher-pod-containers.json
new file mode 100644
index 0000000000..cf78a2204c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/pods/rancher-pod-containers.json
@@ -0,0 +1,636 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 28,
+  "iteration": 1618265214337,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {
+        "{{container}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(container_cpu_cfs_throttled_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\", container!=\"\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "CFS throttled ({{container}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(container_cpu_system_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) by (container) OR sum(rate(windows_container_cpu_usage_seconds_kernelmode{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "System ({{container}})",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(rate(container_cpu_usage_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) by (container) OR sum(rate(windows_container_cpu_usage_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Total ({{container}})",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(rate(container_cpu_user_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) by (container) OR sum(rate(windows_container_cpu_usage_seconds_usermode{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "User ({{container}})",
+          "refId": "D"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "cpu",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{container}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(container_memory_working_set_bytes{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\", container!=\"\"} OR windows_container_memory_usage_commit_bytes{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\", container!=\"\"}) by (container)",
+          "interval": "",
+          "legendFormat": "({{container}})",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "bytes",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{container}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(irate(container_network_receive_packets_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container) OR sum(irate(windows_container_network_receive_packets_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Receive Total ({{container}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(irate(container_network_transmit_packets_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container) OR sum(irate(windows_container_network_transmit_packets_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Transmit Total ({{container}})",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(irate(container_network_receive_packets_dropped_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container) OR sum(irate(windows_container_network_receive_packets_dropped_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Receive Dropped ({{container}})",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(irate(container_network_receive_errors_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Receive Errors ({{container}})",
+          "refId": "D"
+        },
+        {
+          "expr": "sum(irate(container_network_transmit_errors_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Transmit Errors ({{container}})",
+          "refId": "E"
+        },
+        {
+          "expr": "sum(irate(container_network_transmit_packets_dropped_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container) OR sum(irate(windows_container_network_transmit_packets_dropped_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Transmit Dropped ({{container}})",
+          "refId": "F"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "pps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{container}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(irate(container_network_receive_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container) OR sum(irate(windows_container_network_receive_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Receive Total ({{container}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(irate(container_network_transmit_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container) OR sum(irate(windows_container_network_transmit_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Transmit Total ({{container}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{container}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(container_fs_writes_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Write ({{container}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(container_fs_reads_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Read ({{container}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "refresh": false,
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "namespace",
+        "query": "label_values(kube_pod_info{}, namespace)",
+        "refresh": 2,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "pod",
+        "query": "label_values(kube_pod_info{namespace=\"$namespace\"}, pod)",
+        "refresh": 2,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Pod (Containers)",
+  "uid": "rancher-pod-containers-1",
+  "version": 8
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/pods/rancher-pod.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/pods/rancher-pod.json
new file mode 100644
index 0000000000..4859eccc74
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/pods/rancher-pod.json
@@ -0,0 +1,636 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 28,
+  "iteration": 1618265214337,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {
+        "": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(container_cpu_cfs_throttled_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\", container!=\"\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "CFS throttled",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(container_cpu_system_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) OR sum(rate(windows_container_cpu_usage_seconds_kernelmode{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "System",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(rate(container_cpu_usage_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) OR sum(rate(windows_container_cpu_usage_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Total",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(rate(container_cpu_user_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) OR sum(rate(windows_container_cpu_usage_seconds_usermode{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "User",
+          "refId": "D"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "cpu",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(container_memory_working_set_bytes{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\", container!=\"\"} OR windows_container_memory_usage_commit_bytes{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\", container!=\"\"})",
+          "interval": "",
+          "legendFormat": "Total",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "bytes",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(irate(container_network_receive_packets_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) OR sum(irate(windows_container_network_receive_packets_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Receive Total",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(irate(container_network_transmit_packets_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) OR sum(irate(windows_container_network_transmit_packets_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Transmit Total",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(irate(container_network_receive_packets_dropped_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) OR sum(irate(windows_container_network_receive_packets_dropped_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Receive Dropped",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(irate(container_network_receive_errors_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Receive Errors",
+          "refId": "D"
+        },
+        {
+          "expr": "sum(irate(container_network_transmit_errors_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Transmit Errors",
+          "refId": "E"
+        },
+        {
+          "expr": "sum(irate(container_network_transmit_packets_dropped_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) OR sum(irate(windows_container_network_transmit_packets_dropped_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Transmit Dropped",
+          "refId": "F"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "pps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(irate(container_network_receive_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) OR sum(irate(windows_container_network_receive_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Receive Total",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(irate(container_network_transmit_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) OR sum(irate(windows_container_network_transmit_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Transmit Total",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(container_fs_writes_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Write",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(container_fs_reads_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Read",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "refresh": false,
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "namespace",
+        "query": "label_values(kube_pod_info{}, namespace)",
+        "refresh": 2,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "pod",
+        "query": "label_values(kube_pod_info{namespace=\"$namespace\"}, pod)",
+        "refresh": 2,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Pod",
+  "uid": "rancher-pod-1",
+  "version": 8
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/workloads/rancher-workload-pods.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/workloads/rancher-workload-pods.json
new file mode 100644
index 0000000000..92c0d24a6e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/workloads/rancher-workload-pods.json
@@ -0,0 +1,652 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 28,
+  "iteration": 1618265214337,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "(sum(rate(container_cpu_cfs_throttled_seconds_total{namespace=~\"$namespace\",container=\"\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "CFS throttled ({{pod}})",
+          "refId": "A"
+        },
+        {
+          "expr": "(sum(rate(container_cpu_system_seconds_total{namespace=~\"$namespace\",container=\"\"}[$__rate_interval])) by (pod) OR sum(rate(windows_container_cpu_usage_seconds_kernelmode{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "System ({{pod}})",
+          "refId": "B"
+        },
+        {
+          "expr": "(sum(rate(container_cpu_usage_seconds_total{namespace=~\"$namespace\",container=\"\"}[$__rate_interval])) by (pod) OR sum(rate(windows_container_cpu_usage_seconds_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Total ({{pod}})",
+          "refId": "C"
+        },
+        {
+          "expr": "(sum(rate(container_cpu_user_seconds_total{namespace=~\"$namespace\",container=\"\"}[$__rate_interval])) by (pod) OR sum(rate(windows_container_cpu_usage_seconds_usermode{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "User ({{pod}})",
+          "refId": "D"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "cpu",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "(sum(container_memory_working_set_bytes{namespace=~\"$namespace\",container=\"\"} OR windows_container_memory_usage_commit_bytes{namespace=~\"$namespace\"}) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "({{pod}})",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "bytes",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "(sum(irate(container_network_receive_packets_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_receive_packets_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Receive Total ({{pod}})",
+          "refId": "A"
+        },
+        {
+          "expr": "(sum(irate(container_network_transmit_packets_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_transmit_packets_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Transmit Total ({{pod}})",
+          "refId": "B"
+        },
+        {
+          "expr": "(sum(irate(container_network_receive_packets_dropped_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_receive_packets_dropped_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Receive Dropped ({{pod}})",
+          "refId": "C"
+        },
+        {
+          "expr": "(sum(irate(container_network_receive_errors_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Receive Errors ({{pod}})",
+          "refId": "D"
+        },
+        {
+          "expr": "(sum(irate(container_network_transmit_errors_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Transmit Errors ({{pod}})",
+          "refId": "E"
+        },
+        {
+          "expr": "(sum(irate(container_network_transmit_packets_dropped_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_transmit_packets_dropped_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Transmit Dropped ({{pod}})",
+          "refId": "F"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "pps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "(sum(irate(container_network_receive_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_receive_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Receive Total ({{pod}})",
+          "refId": "A"
+        },
+        {
+          "expr": "(sum(irate(container_network_transmit_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_transmit_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Transmit Total ({{pod}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "(sum(rate(container_fs_writes_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Write ({{pod}})",
+          "refId": "A"
+        },
+        {
+          "expr": "(sum(rate(container_fs_reads_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Read ({{pod}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "refresh": false,
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "namespace",
+        "query": "query_result(kube_pod_info{namespace!=\"\"} * on(pod) group_right(namespace, created_by_kind, created_by_name) count({__name__=~\"container_.*|windows_container_.*\", pod!=\"\"}) by (pod))",
+        "refresh": 2,
+        "regex": "/.*namespace=\"([^\"]*)\"/",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "kind",
+        "query": "query_result(kube_pod_info{namespace=\"$namespace\", created_by_kind!=\"\"} * on(pod) group_right(namespace, created_by_kind, created_by_name) count({__name__=~\"container_.*|windows_container_.*\", pod!=\"\"}) by (pod))",
+        "refresh": 2,
+        "regex": "/.*created_by_kind=\"([^\"]*)\"/",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "workload",
+        "query": "query_result(kube_pod_info{namespace=\"$namespace\", created_by_kind=\"$kind\", created_by_name!=\"\"} * on(pod) group_right(namespace, created_by_kind, created_by_name) count({__name__=~\"container_.*|windows_container_.*\", pod!=\"\"}) by (pod))",
+        "refresh": 2,
+        "regex": "/.*created_by_name=\"([^\"]*)\"/",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Workload (Pods)",
+  "uid": "rancher-workload-pods-1",
+  "version": 8
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/workloads/rancher-workload.json b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/workloads/rancher-workload.json
new file mode 100644
index 0000000000..9f5317c2f0
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/rancher/workloads/rancher-workload.json
@@ -0,0 +1,652 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 28,
+  "iteration": 1618265214337,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum((sum(rate(container_cpu_cfs_throttled_seconds_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "CFS throttled",
+          "refId": "A"
+        },
+        {
+          "expr": "sum((sum(rate(container_cpu_system_seconds_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(rate(windows_container_cpu_usage_seconds_kernelmode{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "System",
+          "refId": "B"
+        },
+        {
+          "expr": "sum((sum(rate(container_cpu_usage_seconds_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(rate(windows_container_cpu_usage_seconds_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Total",
+          "refId": "C"
+        },
+        {
+          "expr": "sum((sum(rate(container_cpu_user_seconds_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(rate(windows_container_cpu_usage_seconds_usermode{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "User",
+          "refId": "D"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "cpu",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum((sum(container_memory_working_set_bytes{namespace=~\"$namespace\"} OR windows_container_memory_usage_commit_bytes{namespace=~\"$namespace\"}) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Total",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "bytes",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum((sum(irate(container_network_receive_packets_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_receive_packets_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Receive Total",
+          "refId": "A"
+        },
+        {
+          "expr": "sum((sum(irate(container_network_transmit_packets_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_transmit_packets_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Transmit Total",
+          "refId": "B"
+        },
+        {
+          "expr": "sum((sum(irate(container_network_receive_packets_dropped_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_receive_packets_dropped_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Receive Dropped",
+          "refId": "C"
+        },
+        {
+          "expr": "sum((sum(irate(container_network_receive_errors_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Receive Errors",
+          "refId": "D"
+        },
+        {
+          "expr": "sum((sum(irate(container_network_transmit_errors_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Transmit Errors",
+          "refId": "E"
+        },
+        {
+          "expr": "sum((sum(irate(container_network_transmit_packets_dropped_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_transmit_packets_dropped_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Transmit Dropped",
+          "refId": "F"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "pps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum((sum(irate(container_network_receive_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_receive_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Receive Total",
+          "refId": "A"
+        },
+        {
+          "expr": "sum((sum(irate(container_network_transmit_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_transmit_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Transmit Total",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum((sum(rate(container_fs_writes_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Write",
+          "refId": "A"
+        },
+        {
+          "expr": "sum((sum(rate(container_fs_reads_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Read",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "refresh": false,
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "namespace",
+        "query": "query_result(kube_pod_info{namespace!=\"\"} * on(pod) group_right(namespace, created_by_kind, created_by_name) count({__name__=~\"container_.*|windows_container_.*\", pod!=\"\"}) by (pod))",
+        "refresh": 2,
+        "regex": "/.*namespace=\"([^\"]*)\"/",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "kind",
+        "query": "query_result(kube_pod_info{namespace=\"$namespace\", created_by_kind!=\"\"} * on(pod) group_right(namespace, created_by_kind, created_by_name) count({__name__=~\"container_.*|windows_container_.*\", pod!=\"\"}) by (pod))",
+        "refresh": 2,
+        "regex": "/.*created_by_kind=\"([^\"]*)\"/",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "workload",
+        "query": "query_result(kube_pod_info{namespace=\"$namespace\", created_by_kind=\"$kind\", created_by_name!=\"\"} * on(pod) group_right(namespace, created_by_kind, created_by_name) count({__name__=~\"container_.*|windows_container_.*\", pod!=\"\"}) by (pod))",
+        "refresh": 2,
+        "regex": "/.*created_by_name=\"([^\"]*)\"/",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Workload",
+  "uid": "rancher-workload-1",
+  "version": 8
+}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/files/upgrade/scripts/delete-workloads-with-old-labels.sh b/charts/rancher-monitoring/104.1.4+up57.0.3/files/upgrade/scripts/delete-workloads-with-old-labels.sh
new file mode 100644
index 0000000000..89431e7132
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/files/upgrade/scripts/delete-workloads-with-old-labels.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+set -e
+set -x
+
+# node-exporter
+kubectl delete daemonset -l app=prometheus-node-exporter,release=rancher-monitoring --ignore-not-found=true
+
+# prometheus-adapter
+kubectl delete deployments -l app=prometheus-adapter,release=rancher-monitoring --ignore-not-found=true
+
+# kube-state-metrics
+kubectl delete deployments -l app.kubernetes.io/instance=rancher-monitoring,app.kubernetes.io/name=kube-state-metrics --cascade=orphan --ignore-not-found=true
+kubectl delete statefulsets -l app.kubernetes.io/instance=rancher-monitoring,app.kubernetes.io/name=kube-state-metrics --cascade=orphan --ignore-not-found=true
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/NOTES.txt b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/NOTES.txt
new file mode 100644
index 0000000000..371f3ae398
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/NOTES.txt
@@ -0,0 +1,4 @@
+{{ $.Chart.Name }} has been installed. Check its status by running:
+  kubectl --namespace {{ template "kube-prometheus-stack.namespace" . }} get pods -l "release={{ $.Release.Name }}"
+
+Visit https://github.com/prometheus-operator/kube-prometheus for instructions on how to create & configure Alertmanager and Prometheus instances using the Operator.
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/_helpers.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/_helpers.tpl
new file mode 100644
index 0000000000..2827e81196
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/_helpers.tpl
@@ -0,0 +1,467 @@
+# Rancher
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "monitoring_registry" -}}
+  {{- $temp_registry := (include "system_default_registry" .) -}}
+  {{- if $temp_registry -}}
+    {{- trimSuffix "/" $temp_registry -}}
+  {{- else -}}
+    {{- .Values.global.imageRegistry -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+https://github.com/helm/helm/issues/4535#issuecomment-477778391
+Usage: {{ include "call-nested" (list . "SUBCHART_NAME" "TEMPLATE") }}
+e.g. {{ include "call-nested" (list . "grafana" "grafana.fullname") }}
+*/}}
+{{- define "call-nested" }}
+{{- $dot := index . 0 }}
+{{- $subchart := index . 1 | splitList "." }}
+{{- $template := index . 2 }}
+{{- $values := $dot.Values }}
+{{- range $subchart }}
+{{- $values = index $values . }}
+{{- end }}
+{{- include $template (dict "Chart" (dict "Name" (last $subchart)) "Values" $values "Release" $dot.Release "Capabilities" $dot.Capabilities) }}
+{{- end }}
+
+# Special Exporters
+{{- define "exporter.kubeEtcd.enabled" -}}
+{{- if or .Values.kubeEtcd.enabled .Values.rkeEtcd.enabled .Values.kubeAdmEtcd.enabled .Values.rke2Etcd.enabled -}}
+"true"
+{{- end -}}
+{{- end }}
+
+{{- define "exporter.kubeControllerManager.enabled" -}}
+{{- if or .Values.kubeControllerManager.enabled .Values.rkeControllerManager.enabled .Values.k3sServer.enabled .Values.kubeAdmControllerManager.enabled .Values.rke2ControllerManager.enabled -}}
+"true"
+{{- end -}}
+{{- end }}
+
+{{- define "exporter.kubeScheduler.enabled" -}}
+{{- if or .Values.kubeScheduler.enabled .Values.rkeScheduler.enabled .Values.k3sServer.enabled .Values.kubeAdmScheduler.enabled .Values.rke2Scheduler.enabled -}}
+"true"
+{{- end -}}
+{{- end }}
+
+{{- define "exporter.kubeProxy.enabled" -}}
+{{- if or .Values.kubeProxy.enabled .Values.rkeProxy.enabled .Values.k3sServer.enabled .Values.kubeAdmProxy.enabled .Values.rke2Proxy.enabled -}}
+"true"
+{{- end -}}
+{{- end }}
+
+{{- define "exporter.kubelet.enabled" -}}
+{{- if or .Values.kubelet.enabled .Values.hardenedKubelet.enabled .Values.k3sServer.enabled -}}
+"true"
+{{- end -}}
+{{- end }}
+
+{{- define "exporter.kubeControllerManager.jobName" -}}
+{{- if .Values.k3sServer.enabled -}}
+k3s-server
+{{- else -}}
+kube-controller-manager
+{{- end -}}
+{{- end }}
+
+{{- define "exporter.kubeScheduler.jobName" -}}
+{{- if .Values.k3sServer.enabled -}}
+k3s-server
+{{- else -}}
+kube-scheduler
+{{- end -}}
+{{- end }}
+
+{{- define "exporter.kubeProxy.jobName" -}}
+{{- if .Values.k3sServer.enabled -}}
+k3s-server
+{{- else -}}
+kube-proxy
+{{- end -}}
+{{- end }}
+
+{{- define "exporter.kubelet.jobName" -}}
+{{- if .Values.k3sServer.enabled -}}
+k3s-server
+{{- else -}}
+kubelet
+{{- end -}}
+{{- end }}
+
+{{- define "kubelet.serviceMonitor.resourcePath" -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if not (eq .Values.kubelet.serviceMonitor.resourcePath "/metrics/resource/v1alpha1") -}}
+{{ .Values.kubelet.serviceMonitor.resourcePath }}
+{{- else if semverCompare ">=1.20.0-0" $kubeTargetVersion -}}
+/metrics/resource
+{{- else -}}
+/metrics/resource/v1alpha1
+{{- end -}}
+{{- end }}
+
+{{- define "rancher.serviceMonitor.selector" -}}
+{{- if .Values.rancherMonitoring.selector }}
+{{ .Values.rancherMonitoring.selector | toYaml }}
+{{- else }}
+{{- $rancherDeployment := (lookup "apps/v1" "Deployment" "cattle-system" "rancher") }}
+{{- if $rancherDeployment }}
+matchLabels:
+  app: rancher
+  chart: {{ index $rancherDeployment.metadata.labels "chart" }}
+  release: rancher
+{{- end }}
+{{- end }}
+{{- end }}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# Prometheus Operator
+
+{{/* vim: set filetype=mustache: */}}
+{{/* Expand the name of the chart. This is suffixed with -alertmanager, which means subtract 13 from longest 63 available */}}
+{{- define "kube-prometheus-stack.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 50 | trimSuffix "-" -}}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+The components in this chart create additional resources that expand the longest created name strings.
+The longest name that gets created adds and extra 37 characters, so truncation should be 63-35=26.
+*/}}
+{{- define "kube-prometheus-stack.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 26 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 26 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 26 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/* Fullname suffixed with -operator */}}
+{{/* Adding 9 to 26 truncation of kube-prometheus-stack.fullname */}}
+{{- define "kube-prometheus-stack.operator.fullname" -}}
+{{- if .Values.prometheusOperator.fullnameOverride -}}
+{{- .Values.prometheusOperator.fullnameOverride | trunc 35 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-operator" (include "kube-prometheus-stack.fullname" .) -}}
+{{- end }}
+{{- end }}
+
+{{/* Prometheus custom resource instance name */}}
+{{- define "kube-prometheus-stack.prometheus.crname" -}}
+{{- if .Values.cleanPrometheusOperatorObjectNames }}
+{{- include "kube-prometheus-stack.fullname" . }}
+{{- else }}
+{{- print (include "kube-prometheus-stack.fullname" .) "-prometheus" }}
+{{- end }}
+{{- end }}
+
+{{/* Prometheus apiVersion for networkpolicy */}}
+{{- define "kube-prometheus-stack.prometheus.networkPolicy.apiVersion" -}}
+{{- print "networking.k8s.io/v1" -}}
+{{- end }}
+
+{{/* Alertmanager custom resource instance name */}}
+{{- define "kube-prometheus-stack.alertmanager.crname" -}}
+{{- if .Values.cleanPrometheusOperatorObjectNames }}
+{{- include "kube-prometheus-stack.fullname" . }}
+{{- else }}
+{{- print (include "kube-prometheus-stack.fullname" .) "-alertmanager" -}}
+{{- end }}
+{{- end }}
+
+{{/* Fullname suffixed with thanos-ruler */}}
+{{- define "kube-prometheus-stack.thanosRuler.fullname" -}}
+{{- printf "%s-thanos-ruler" (include "kube-prometheus-stack.fullname" .) -}}
+{{- end }}
+
+{{/* Shortened name suffixed with thanos-ruler */}}
+{{- define "kube-prometheus-stack.thanosRuler.name" -}}
+{{- default (printf "%s-thanos-ruler" (include "kube-prometheus-stack.name" .)) .Values.thanosRuler.name -}}
+{{- end }}
+
+
+{{/* Create chart name and version as used by the chart label. */}}
+{{- define "kube-prometheus-stack.chartref" -}}
+{{- replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name -}}
+{{- end }}
+
+{{/* Generate basic labels */}}
+{{- define "kube-prometheus-stack.labels" }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/version: "{{ replace "+" "_" .Chart.Version }}"
+app.kubernetes.io/part-of: {{ template "kube-prometheus-stack.name" . }}
+chart: {{ template "kube-prometheus-stack.chartref" . }}
+release: {{ $.Release.Name | quote }}
+heritage: {{ $.Release.Service | quote }}
+{{- if .Values.commonLabels}}
+{{ toYaml .Values.commonLabels }}
+{{- end }}
+{{- end }}
+
+{{/* Create the name of kube-prometheus-stack service account to use */}}
+{{- define "kube-prometheus-stack.operator.serviceAccountName" -}}
+{{- if .Values.prometheusOperator.serviceAccount.create -}}
+    {{ default (include "kube-prometheus-stack.operator.fullname" .) .Values.prometheusOperator.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.prometheusOperator.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/* Create the name of kube-prometheus-stack service account to use */}}
+{{- define "kube-prometheus-stack.operator.admissionWebhooks.serviceAccountName" -}}
+{{- if .Values.prometheusOperator.serviceAccount.create -}}
+    {{ default (printf "%s-webhook" (include "kube-prometheus-stack.operator.fullname" .)) .Values.prometheusOperator.admissionWebhooks.deployment.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.prometheusOperator.admissionWebhooks.deployment.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/* Create the name of prometheus service account to use */}}
+{{- define "kube-prometheus-stack.prometheus.serviceAccountName" -}}
+{{- if .Values.prometheus.serviceAccount.create -}}
+    {{ default (print (include "kube-prometheus-stack.fullname" .) "-prometheus") .Values.prometheus.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.prometheus.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/* Create the name of alertmanager service account to use */}}
+{{- define "kube-prometheus-stack.alertmanager.serviceAccountName" -}}
+{{- if .Values.alertmanager.serviceAccount.create -}}
+    {{ default (print (include "kube-prometheus-stack.fullname" .) "-alertmanager") .Values.alertmanager.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.alertmanager.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/* Create the name of thanosRuler service account to use */}}
+{{- define "kube-prometheus-stack.thanosRuler.serviceAccountName" -}}
+{{- if .Values.thanosRuler.serviceAccount.create -}}
+    {{ default (include "kube-prometheus-stack.thanosRuler.name" .) .Values.thanosRuler.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.thanosRuler.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Allow the release namespace to be overridden for multi-namespace deployments in combined charts
+*/}}
+{{- define "kube-prometheus-stack.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Use the grafana namespace override for multi-namespace deployments in combined charts
+*/}}
+{{- define "kube-prometheus-stack-grafana.namespace" -}}
+  {{- if .Values.grafana.namespaceOverride -}}
+    {{- .Values.grafana.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Allow kube-state-metrics job name to be overridden
+*/}}
+{{- define "kube-prometheus-stack-kube-state-metrics.name" -}}
+  {{- if index .Values "kube-state-metrics" "nameOverride" -}}
+    {{- index .Values "kube-state-metrics" "nameOverride" -}}
+  {{- else -}}
+    {{- print "kube-state-metrics" -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Use the kube-state-metrics namespace override for multi-namespace deployments in combined charts
+*/}}
+{{- define "kube-prometheus-stack-kube-state-metrics.namespace" -}}
+  {{- if index .Values "kube-state-metrics" "namespaceOverride" -}}
+    {{- index .Values "kube-state-metrics" "namespaceOverride" -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Use the prometheus-node-exporter namespace override for multi-namespace deployments in combined charts
+*/}}
+{{- define "kube-prometheus-stack-prometheus-node-exporter.namespace" -}}
+  {{- if index .Values "prometheus-node-exporter" "namespaceOverride" -}}
+    {{- index .Values "prometheus-node-exporter" "namespaceOverride" -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{/* Allow KubeVersion to be overridden. */}}
+{{- define "kube-prometheus-stack.kubeVersion" -}}
+  {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride -}}
+{{- end -}}
+
+{{/* Get Ingress API Version */}}
+{{- define "kube-prometheus-stack.ingress.apiVersion" -}}
+  {{- if and (.Capabilities.APIVersions.Has "networking.k8s.io/v1") (semverCompare ">= 1.19-0" (include "kube-prometheus-stack.kubeVersion" .)) -}}
+      {{- print "networking.k8s.io/v1" -}}
+  {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" -}}
+    {{- print "networking.k8s.io/v1beta1" -}}
+  {{- else -}}
+    {{- print "extensions/v1beta1" -}}
+  {{- end -}}
+{{- end -}}
+
+{{/* Check Ingress stability */}}
+{{- define "kube-prometheus-stack.ingress.isStable" -}}
+  {{- eq (include "kube-prometheus-stack.ingress.apiVersion" .) "networking.k8s.io/v1" -}}
+{{- end -}}
+
+{{/* Check Ingress supports pathType */}}
+{{/* pathType was added to networking.k8s.io/v1beta1 in Kubernetes 1.18 */}}
+{{- define "kube-prometheus-stack.ingress.supportsPathType" -}}
+  {{- or (eq (include "kube-prometheus-stack.ingress.isStable" .) "true") (and (eq (include "kube-prometheus-stack.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" (include "kube-prometheus-stack.kubeVersion" .))) -}}
+{{- end -}}
+
+{{/* Get Policy API Version */}}
+{{- define "kube-prometheus-stack.pdb.apiVersion" -}}
+  {{- if and (.Capabilities.APIVersions.Has "policy/v1") (semverCompare ">= 1.21-0" (include "kube-prometheus-stack.kubeVersion" .)) -}}
+      {{- print "policy/v1" -}}
+  {{- else -}}
+    {{- print "policy/v1beta1" -}}
+  {{- end -}}
+  {{- end -}}
+
+{{/* Get value based on current Kubernetes version */}}
+{{- define "kube-prometheus-stack.kubeVersionDefaultValue" -}}
+  {{- $values := index . 0 -}}
+  {{- $kubeVersion := index . 1 -}}
+  {{- $old := index . 2 -}}
+  {{- $new := index . 3 -}}
+  {{- $default := index . 4 -}}
+  {{- if kindIs "invalid" $default -}}
+    {{- if semverCompare $kubeVersion (include "kube-prometheus-stack.kubeVersion" $values) -}}
+      {{- print $new -}}
+    {{- else -}}
+      {{- print $old -}}
+    {{- end -}}
+  {{- else -}}
+    {{- print $default }}
+  {{- end -}}
+{{- end -}}
+
+{{/* Get value for kube-controller-manager depending on insecure scraping availability */}}
+{{- define "kube-prometheus-stack.kubeControllerManager.insecureScrape" -}}
+  {{- $values := index . 0 -}}
+  {{- $insecure := index . 1 -}}
+  {{- $secure := index . 2 -}}
+  {{- $userValue := index . 3 -}}
+  {{- include "kube-prometheus-stack.kubeVersionDefaultValue" (list $values ">= 1.22-0" $insecure $secure $userValue) -}}
+{{- end -}}
+
+{{/* Get value for kube-scheduler depending on insecure scraping availability */}}
+{{- define "kube-prometheus-stack.kubeScheduler.insecureScrape" -}}
+  {{- $values := index . 0 -}}
+  {{- $insecure := index . 1 -}}
+  {{- $secure := index . 2 -}}
+  {{- $userValue := index . 3 -}}
+  {{- include "kube-prometheus-stack.kubeVersionDefaultValue" (list $values ">= 1.23-0" $insecure $secure $userValue) -}}
+{{- end -}}
+
+{{/* Sets default scrape limits for servicemonitor */}}
+{{- define "servicemonitor.scrapeLimits" -}}
+{{- with .sampleLimit }}
+sampleLimit: {{ . }}
+{{- end }}
+{{- with .targetLimit }}
+targetLimit: {{ . }}
+{{- end }}
+{{- with .labelLimit }}
+labelLimit: {{ . }}
+{{- end }}
+{{- with .labelNameLengthLimit }}
+labelNameLengthLimit: {{ . }}
+{{- end }}
+{{- with .labelValueLengthLimit }}
+labelValueLengthLimit: {{ . }}
+{{- end }}
+{{- end -}}
+
+{{/*
+To help compatibility with other charts which use global.imagePullSecrets.
+Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style).
+global:
+  imagePullSecrets:
+  - name: pullSecret1
+  - name: pullSecret2
+
+or
+
+global:
+  imagePullSecrets:
+  - pullSecret1
+  - pullSecret2
+*/}}
+{{- define "kube-prometheus-stack.imagePullSecrets" -}}
+{{- range .Values.global.imagePullSecrets }}
+  {{- if eq (typeOf .) "map[string]interface {}" }}
+- {{ toYaml . | trim }}
+  {{- else }}
+- name: {{ . }}
+  {{- end }}
+{{- end }}
+{{- end -}}
+
+{{- define "kube-prometheus-stack.operator.admission-webhook.dnsNames" }}
+{{- $fullname := include "kube-prometheus-stack.operator.fullname" . }}
+{{- $namespace := include "kube-prometheus-stack.namespace" . }}
+{{- $fullname }}
+{{ $fullname }}.{{ $namespace }}.svc
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.enabled }}
+{{ $fullname }}-webhook
+{{ $fullname }}-webhook.{{ $namespace }}.svc
+{{- end }}
+{{- end }}
+
+{{- define "rke2-ingress-nginx.namespace" -}}
+  {{- if .Values.rke2IngressNginx.namespaceOverride -}}
+    {{- .Values.rke2IngressNginx.namespaceOverride -}}
+  {{- else -}}
+    {{- print "kube-system" -}}
+  {{- end -}}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/alertmanager.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/alertmanager.yaml
new file mode 100644
index 0000000000..19044054ac
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/alertmanager.yaml
@@ -0,0 +1,191 @@
+{{- if .Values.alertmanager.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: Alertmanager
+metadata:
+  name: {{ template "kube-prometheus-stack.alertmanager.crname" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.alertmanager.annotations }}
+  annotations:
+{{ toYaml .Values.alertmanager.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.alertmanager.alertmanagerSpec.image }}
+  {{- $registry := include "monitoring_registry" . | default .Values.alertmanager.alertmanagerSpec.image.registry }}
+  {{- if and .Values.alertmanager.alertmanagerSpec.image.tag .Values.alertmanager.alertmanagerSpec.image.sha }}
+  image: "{{ $registry }}/{{ .Values.alertmanager.alertmanagerSpec.image.repository }}:{{ .Values.alertmanager.alertmanagerSpec.image.tag }}@sha256:{{ .Values.alertmanager.alertmanagerSpec.image.sha }}"
+  {{- else if .Values.alertmanager.alertmanagerSpec.image.sha }}
+  image: "{{ $registry }}/{{ .Values.alertmanager.alertmanagerSpec.image.repository }}@sha256:{{ .Values.alertmanager.alertmanagerSpec.image.sha }}"
+  {{- else if .Values.alertmanager.alertmanagerSpec.image.tag }}
+  image: "{{ $registry }}/{{ .Values.alertmanager.alertmanagerSpec.image.repository }}:{{ .Values.alertmanager.alertmanagerSpec.image.tag }}"
+  {{- else }}
+  image: "{{ $registry }}/{{ .Values.alertmanager.alertmanagerSpec.image.repository }}"
+  {{- end }}
+  version: {{ .Values.alertmanager.alertmanagerSpec.image.tag }}
+  {{- if .Values.alertmanager.alertmanagerSpec.image.sha }}
+  sha: {{ .Values.alertmanager.alertmanagerSpec.image.sha }}
+  {{- end }}
+{{- end }}
+  replicas: {{ .Values.alertmanager.alertmanagerSpec.replicas }}
+  listenLocal: {{ .Values.alertmanager.alertmanagerSpec.listenLocal }}
+  serviceAccountName: {{ template "kube-prometheus-stack.alertmanager.serviceAccountName" . }}
+  automountServiceAccountToken: {{ .Values.alertmanager.alertmanagerSpec.automountServiceAccountToken }}
+{{- if .Values.alertmanager.alertmanagerSpec.externalUrl }}
+  externalUrl: "{{ tpl .Values.alertmanager.alertmanagerSpec.externalUrl . }}"
+{{- else if and .Values.alertmanager.ingress.enabled .Values.alertmanager.ingress.hosts }}
+  externalUrl: "http://{{ tpl (index .Values.alertmanager.ingress.hosts 0) . }}{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}"
+{{- else if not (or (kindIs "invalid" .Values.global.cattle.url) (kindIs "invalid" .Values.global.cattle.clusterId)) }}
+  externalUrl: "{{ .Values.global.cattle.url }}/k8s/clusters/{{ .Values.global.cattle.clusterId }}/api/v1/namespaces/{{ .Values.namespaceOverride }}/services/http:{{ template "kube-prometheus-stack.fullname" . }}-alertmanager:{{ .Values.alertmanager.service.port }}/proxy"
+{{- else }}
+  externalUrl: http://{{ template "kube-prometheus-stack.fullname" . }}-alertmanager.{{ template "kube-prometheus-stack.namespace" . }}:{{ .Values.alertmanager.service.port }}
+{{- end }}
+  nodeSelector: {{ include "linux-node-selector" . | nindent 4 }}
+{{- if .Values.alertmanager.alertmanagerSpec.nodeSelector }}
+{{ toYaml .Values.alertmanager.alertmanagerSpec.nodeSelector | indent 4 }}
+{{- end }}
+  paused: {{ .Values.alertmanager.alertmanagerSpec.paused }}
+  logFormat: {{ .Values.alertmanager.alertmanagerSpec.logFormat | quote  }}
+  logLevel:  {{ .Values.alertmanager.alertmanagerSpec.logLevel | quote  }}
+  retention: {{ .Values.alertmanager.alertmanagerSpec.retention | quote  }}
+{{- if .Values.alertmanager.alertmanagerSpec.secrets }}
+  secrets:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.secrets | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.configSecret }}
+  configSecret: {{ .Values.alertmanager.alertmanagerSpec.configSecret }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.configMaps }}
+  configMaps:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.configMaps | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.alertmanagerConfigSelector }}
+  alertmanagerConfigSelector:
+{{ tpl (toYaml .Values.alertmanager.alertmanagerSpec.alertmanagerConfigSelector | indent 4) . }}
+{{ else }}
+  alertmanagerConfigSelector: {}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.alertmanagerConfigNamespaceSelector }}
+  alertmanagerConfigNamespaceSelector:
+{{ tpl (toYaml .Values.alertmanager.alertmanagerSpec.alertmanagerConfigNamespaceSelector | indent 4) . }}
+{{ else }}
+  alertmanagerConfigNamespaceSelector: {}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.web }}
+  web:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.web | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.alertmanagerConfiguration }}
+  alertmanagerConfiguration:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.alertmanagerConfiguration | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.alertmanagerConfigMatcherStrategy }}
+  alertmanagerConfigMatcherStrategy:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.alertmanagerConfigMatcherStrategy | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.resources }}
+  resources:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.resources | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.routePrefix }}
+  routePrefix: "{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}"
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.securityContext }}
+  securityContext:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.securityContext | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.storage }}
+  storage:
+{{ tpl (toYaml .Values.alertmanager.alertmanagerSpec.storage | indent 4) . }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.podMetadata }}
+  podMetadata:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.podMetadata | indent 4 }}
+{{- end }}
+{{- if or .Values.alertmanager.alertmanagerSpec.podAntiAffinity .Values.alertmanager.alertmanagerSpec.affinity }}
+  affinity:
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.affinity }}
+{{ toYaml .Values.alertmanager.alertmanagerSpec.affinity | indent 4 }}
+{{- end }}
+{{- if eq .Values.alertmanager.alertmanagerSpec.podAntiAffinity "hard" }}
+    podAntiAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+      - topologyKey: {{ .Values.alertmanager.alertmanagerSpec.podAntiAffinityTopologyKey }}
+        labelSelector:
+          matchExpressions:
+            - {key: app.kubernetes.io/name, operator: In, values: [alertmanager]}
+            - {key: alertmanager, operator: In, values: [{{ template "kube-prometheus-stack.alertmanager.crname" . }}]}
+{{- else if eq .Values.alertmanager.alertmanagerSpec.podAntiAffinity "soft" }}
+    podAntiAffinity:
+      preferredDuringSchedulingIgnoredDuringExecution:
+      - weight: 100
+        podAffinityTerm:
+          topologyKey: {{ .Values.alertmanager.alertmanagerSpec.podAntiAffinityTopologyKey }}
+          labelSelector:
+            matchExpressions:
+              - {key: app.kubernetes.io/name, operator: In, values: [alertmanager]}
+              - {key: alertmanager, operator: In, values: [{{ template "kube-prometheus-stack.alertmanager.crname" . }}]}
+{{- end }}
+  tolerations: {{ include "linux-node-tolerations" . | nindent 4 }}
+{{- if .Values.alertmanager.alertmanagerSpec.tolerations }}
+{{ toYaml .Values.alertmanager.alertmanagerSpec.tolerations | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.topologySpreadConstraints }}
+  topologySpreadConstraints:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.topologySpreadConstraints | indent 4 }}
+{{- end }}
+{{- if .Values.global.imagePullSecrets }}
+  imagePullSecrets:
+{{ include "kube-prometheus-stack.imagePullSecrets" . | trim | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.containers }}
+  containers:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.containers | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.initContainers }}
+  initContainers:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.initContainers | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.priorityClassName }}
+  priorityClassName: {{.Values.alertmanager.alertmanagerSpec.priorityClassName }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.additionalPeers }}
+  additionalPeers:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.additionalPeers | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.volumes }}
+  volumes:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.volumes | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.volumeMounts }}
+  volumeMounts:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.volumeMounts | indent 4 }}
+{{- end }}
+  portName: {{ .Values.alertmanager.alertmanagerSpec.portName }}
+{{- if .Values.alertmanager.alertmanagerSpec.clusterAdvertiseAddress }}
+  clusterAdvertiseAddress: {{ .Values.alertmanager.alertmanagerSpec.clusterAdvertiseAddress }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.clusterGossipInterval }}
+  clusterGossipInterval: {{ .Values.alertmanager.alertmanagerSpec.clusterGossipInterval }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.clusterPeerTimeout }}
+  clusterPeerTimeout: {{ .Values.alertmanager.alertmanagerSpec.clusterPeerTimeout }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.clusterPushpullInterval }}
+  clusterPushpullInterval: {{ .Values.alertmanager.alertmanagerSpec.clusterPushpullInterval }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.forceEnableClusterMode }}
+  forceEnableClusterMode: {{ .Values.alertmanager.alertmanagerSpec.forceEnableClusterMode }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.minReadySeconds }}
+  minReadySeconds: {{ .Values.alertmanager.alertmanagerSpec.minReadySeconds }}
+{{- end }}
+{{- with .Values.alertmanager.alertmanagerSpec.additionalConfig }}
+  {{- tpl (toYaml .) $ | nindent 2 }}
+{{- end }}
+{{- with .Values.alertmanager.alertmanagerSpec.additionalConfigString }}
+  {{- tpl . $ | nindent 2 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/extrasecret.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/extrasecret.yaml
new file mode 100644
index 0000000000..ecd8f47021
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/extrasecret.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.alertmanager.extraSecret.data -}}
+{{- $secretName := printf "alertmanager-%s-extra" (include "kube-prometheus-stack.fullname" . ) -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ default $secretName .Values.alertmanager.extraSecret.name }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- if .Values.alertmanager.extraSecret.annotations }}
+  annotations:
+{{ toYaml .Values.alertmanager.extraSecret.annotations | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+    app.kubernetes.io/component: alertmanager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+{{- range $key, $val := .Values.alertmanager.extraSecret.data }}
+  {{ $key }}: {{ $val | b64enc | quote }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/ingress.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/ingress.yaml
new file mode 100644
index 0000000000..be9f5aa279
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/ingress.yaml
@@ -0,0 +1,78 @@
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.ingress.enabled }}
+{{- $pathType := .Values.alertmanager.ingress.pathType | default "ImplementationSpecific" }}
+{{- $serviceName := printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "alertmanager" }}
+{{- $backendServiceName := .Values.alertmanager.ingress.serviceName | default (printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "alertmanager") }}
+{{- $servicePort := .Values.alertmanager.ingress.servicePort | default .Values.alertmanager.service.port -}}
+{{- $routePrefix := list .Values.alertmanager.alertmanagerSpec.routePrefix }}
+{{- $paths := .Values.alertmanager.ingress.paths | default $routePrefix -}}
+{{- $apiIsStable := eq (include "kube-prometheus-stack.ingress.isStable" .) "true" -}}
+{{- $ingressSupportsPathType := eq (include "kube-prometheus-stack.ingress.supportsPathType" .) "true" -}}
+apiVersion: {{ include "kube-prometheus-stack.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+  name: {{ $serviceName }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- if .Values.alertmanager.ingress.annotations }}
+  annotations:
+    {{- tpl (toYaml .Values.alertmanager.ingress.annotations) . | nindent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+{{- if .Values.alertmanager.ingress.labels }}
+{{ toYaml .Values.alertmanager.ingress.labels | indent 4 }}
+{{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  {{- if $apiIsStable }}
+  {{- if .Values.alertmanager.ingress.ingressClassName }}
+  ingressClassName: {{ .Values.alertmanager.ingress.ingressClassName }}
+  {{- end }}
+  {{- end }}
+  rules:
+  {{- if .Values.alertmanager.ingress.hosts }}
+  {{- range $host := .Values.alertmanager.ingress.hosts }}
+    - host: {{ tpl $host $ | quote }}
+      http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ tpl $p $ }}
+            {{- if and $pathType $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $backendServiceName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $backendServiceName }}
+              servicePort: {{ $servicePort }}
+    {{- end }}
+    {{- end -}}
+  {{- end -}}
+  {{- else }}
+    - http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ tpl $p $ }}
+            {{- if and $pathType $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $backendServiceName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $backendServiceName }}
+              servicePort: {{ $servicePort }}
+  {{- end }}
+  {{- end -}}
+  {{- end -}}
+  {{- if .Values.alertmanager.ingress.tls }}
+  tls:
+{{ tpl (toYaml .Values.alertmanager.ingress.tls | indent 4) . }}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/ingressperreplica.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/ingressperreplica.yaml
new file mode 100644
index 0000000000..b2e00a4162
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/ingressperreplica.yaml
@@ -0,0 +1,67 @@
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.servicePerReplica.enabled .Values.alertmanager.ingressPerReplica.enabled }}
+{{- $pathType := .Values.alertmanager.ingressPerReplica.pathType | default "" }}
+{{- $count := .Values.alertmanager.alertmanagerSpec.replicas | int -}}
+{{- $servicePort := .Values.alertmanager.service.port -}}
+{{- $ingressValues := .Values.alertmanager.ingressPerReplica -}}
+{{- $apiIsStable := eq (include "kube-prometheus-stack.ingress.isStable" .) "true" -}}
+{{- $ingressSupportsPathType := eq (include "kube-prometheus-stack.ingress.supportsPathType" .) "true" -}}
+apiVersion: v1
+kind: List
+metadata:
+  name: {{ include "kube-prometheus-stack.fullname" $ }}-alertmanager-ingressperreplica
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+items:
+{{ range $i, $e := until $count }}
+  - kind: Ingress
+    apiVersion: {{ include "kube-prometheus-stack.ingress.apiVersion" $ }}
+    metadata:
+      name: {{ include "kube-prometheus-stack.fullname" $ }}-alertmanager-{{ $i }}
+      namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+      labels:
+        app: {{ include "kube-prometheus-stack.name" $ }}-alertmanager
+      {{ include "kube-prometheus-stack.labels" $ | indent 8 }}
+      {{- if $ingressValues.labels }}
+{{ toYaml $ingressValues.labels | indent 8 }}
+      {{- end }}
+      {{- if $ingressValues.annotations }}
+      annotations:
+        {{- tpl (toYaml $ingressValues.annotations) $ | nindent 8 }}
+      {{- end }}
+    spec:
+      {{- if $apiIsStable }}
+      {{- if $ingressValues.ingressClassName }}
+      ingressClassName: {{ $ingressValues.ingressClassName }}
+      {{- end }}
+      {{- end }}
+      rules:
+        - host: {{ $ingressValues.hostPrefix }}-{{ $i }}.{{ $ingressValues.hostDomain }}
+          http:
+            paths:
+      {{- range $p := $ingressValues.paths }}
+              - path: {{ tpl $p $ }}
+                {{- if and $pathType $ingressSupportsPathType }}
+                pathType: {{ $pathType }}
+                {{- end }}
+                backend:
+                  {{- if $apiIsStable }}
+                  service:
+                    name: {{ include "kube-prometheus-stack.fullname" $ }}-alertmanager-{{ $i }}
+                    port:
+                      number: {{ $servicePort }}
+                  {{- else }}
+                  serviceName: {{ include "kube-prometheus-stack.fullname" $ }}-alertmanager-{{ $i }}
+                  servicePort: {{ $servicePort }}
+      {{- end }}
+      {{- end -}}
+      {{- if or $ingressValues.tlsSecretName $ingressValues.tlsSecretPerReplica.enabled }}
+      tls:
+        - hosts:
+            - {{ $ingressValues.hostPrefix }}-{{ $i }}.{{ $ingressValues.hostDomain }}
+          {{- if $ingressValues.tlsSecretPerReplica.enabled }}
+          secretName: {{ $ingressValues.tlsSecretPerReplica.prefix }}-{{ $i }}
+          {{- else }}
+          secretName: {{ $ingressValues.tlsSecretName }}
+          {{- end }}
+      {{- end }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/podDisruptionBudget.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/podDisruptionBudget.yaml
new file mode 100644
index 0000000000..b183403125
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/podDisruptionBudget.yaml
@@ -0,0 +1,21 @@
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.podDisruptionBudget.enabled }}
+apiVersion: {{ include "kube-prometheus-stack.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  {{- if .Values.alertmanager.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.alertmanager.podDisruptionBudget.minAvailable }}
+  {{- end }}
+  {{- if .Values.alertmanager.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.alertmanager.podDisruptionBudget.maxUnavailable }}
+  {{- end }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: alertmanager
+      alertmanager: {{ template "kube-prometheus-stack.alertmanager.crname" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/psp-role.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/psp-role.yaml
new file mode 100644
index 0000000000..8810e93ded
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/psp-role.yaml
@@ -0,0 +1,23 @@
+{{- if and .Values.alertmanager.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+rules:
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }}
+- apiGroups: ['policy']
+{{- else }}
+- apiGroups: ['extensions']
+{{- end }}
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/psp-rolebinding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/psp-rolebinding.yaml
new file mode 100644
index 0000000000..794f4ad178
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/psp-rolebinding.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.alertmanager.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-prometheus-stack.alertmanager.serviceAccountName" . }}
+    namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/psp.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/psp.yaml
new file mode 100644
index 0000000000..07b616b5cb
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/psp.yaml
@@ -0,0 +1,47 @@
+{{- if and .Values.alertmanager.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+{{- if .Values.global.rbac.pspAnnotations }}
+  annotations:
+{{ toYaml .Values.global.rbac.pspAnnotations | indent 4 }}
+{{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  privileged: false
+  # Allow core volume types.
+  volumes:
+    - 'configMap'
+    - 'emptyDir'
+    - 'projected'
+    - 'secret'
+    - 'downwardAPI'
+    - 'persistentVolumeClaim'
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    # Permits the container to run with root privileges as well.
+    rule: 'RunAsAny'
+  seLinux:
+    # This policy assumes the nodes are using AppArmor rather than SELinux.
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/secret.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/secret.yaml
new file mode 100644
index 0000000000..d2fe84a7bf
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/secret.yaml
@@ -0,0 +1,35 @@
+{{- if and (.Values.alertmanager.enabled) (not .Values.alertmanager.alertmanagerSpec.useExistingSecret) }}
+{{/* This file is applied when the operation is helm install and the target secret does not exist. */}}
+{{- $secretName := (printf "alertmanager-%s" (include "kube-prometheus-stack.alertmanager.crname" .)) }}
+{{- if or (not (lookup "v1" "Secret" (include "kube-prometheus-stack.namespace" .) $secretName)) (eq .Values.alertmanager.secret.recreateIfExists true) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ $secretName }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": pre-install, pre-upgrade
+    "helm.sh/hook-weight": "3"
+    "helm.sh/resource-policy": keep
+{{- if .Values.alertmanager.secret.annotations }}
+{{ toYaml .Values.alertmanager.secret.annotations | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+{{- if .Values.alertmanager.tplConfig }}
+{{- if .Values.alertmanager.stringConfig }}
+  alertmanager.yaml: {{ tpl (.Values.alertmanager.stringConfig) . | b64enc | quote }}
+{{- else if eq (typeOf .Values.alertmanager.config) "string" }}
+  alertmanager.yaml: {{ tpl (.Values.alertmanager.config) . | b64enc | quote }}
+{{- else }}
+  alertmanager.yaml: {{ tpl (toYaml .Values.alertmanager.config) . | b64enc | quote }}
+{{- end }}
+{{- else }}
+  alertmanager.yaml: {{ toYaml .Values.alertmanager.config | b64enc | quote }}
+{{- end }}
+{{- range $key, $val := .Values.alertmanager.templateFiles }}
+  {{ $key }}: {{ $val | b64enc | quote }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/service.yaml
new file mode 100644
index 0000000000..373de328a5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/service.yaml
@@ -0,0 +1,68 @@
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if .Values.alertmanager.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+    self-monitor: {{ .Values.alertmanager.serviceMonitor.selfMonitor | quote }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.alertmanager.service.labels }}
+{{ toYaml .Values.alertmanager.service.labels | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.service.annotations }}
+  annotations:
+{{ toYaml .Values.alertmanager.service.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.alertmanager.service.clusterIP }}
+  clusterIP: {{ .Values.alertmanager.service.clusterIP }}
+{{- end }}
+{{- if .Values.alertmanager.service.externalIPs }}
+  externalIPs:
+{{ toYaml .Values.alertmanager.service.externalIPs | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.service.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.alertmanager.service.loadBalancerIP }}
+{{- end }}
+{{- if .Values.alertmanager.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range $cidr := .Values.alertmanager.service.loadBalancerSourceRanges }}
+    - {{ $cidr }}
+  {{- end }}
+{{- end }}
+{{- if ne .Values.alertmanager.service.type "ClusterIP" }}
+  externalTrafficPolicy: {{ .Values.alertmanager.service.externalTrafficPolicy }}
+{{- end }}
+  ports:
+  - name: {{ .Values.alertmanager.alertmanagerSpec.portName }}
+  {{- if eq .Values.alertmanager.service.type "NodePort" }}
+    nodePort: {{ .Values.alertmanager.service.nodePort }}
+  {{- end }}
+    port: {{ .Values.alertmanager.service.port }}
+    targetPort: {{ .Values.alertmanager.service.targetPort }}
+    protocol: TCP
+  - name: reloader-web
+    {{- if semverCompare ">=1.20.0-0" $kubeTargetVersion }}
+    appProtocol: http
+    {{- end }}
+    port: 8080
+    targetPort: reloader-web
+{{- if .Values.alertmanager.service.additionalPorts }}
+{{ toYaml .Values.alertmanager.service.additionalPorts | indent 2 }}
+{{- end }}
+  selector:
+    app.kubernetes.io/name: alertmanager
+    alertmanager: {{ template "kube-prometheus-stack.alertmanager.crname" . }}
+{{- if .Values.alertmanager.service.sessionAffinity }}
+  sessionAffinity: {{ .Values.alertmanager.service.sessionAffinity }}
+{{- end }}
+{{- if eq .Values.alertmanager.service.sessionAffinity "ClientIP" }}
+  sessionAffinityConfig:
+    clientIP:
+      timeoutSeconds: {{ .Values.alertmanager.service.sessionAffinityConfig.clientIP.timeoutSeconds }}
+{{- end }}
+  type: "{{ .Values.alertmanager.service.type }}"
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/serviceaccount.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/serviceaccount.yaml
new file mode 100644
index 0000000000..745ced8bde
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/serviceaccount.yaml
@@ -0,0 +1,21 @@
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "kube-prometheus-stack.alertmanager.serviceAccountName" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+    app.kubernetes.io/name: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+    app.kubernetes.io/component: alertmanager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.alertmanager.serviceAccount.annotations }}
+  annotations:
+{{ toYaml .Values.alertmanager.serviceAccount.annotations | indent 4 }}
+{{- end }}
+automountServiceAccountToken: {{ .Values.alertmanager.serviceAccount.automountServiceAccountToken }}
+{{- if .Values.global.imagePullSecrets }}
+imagePullSecrets:
+{{ include "kube-prometheus-stack.imagePullSecrets" . | trim | indent 2}}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/servicemonitor.yaml
new file mode 100644
index 0000000000..6233690019
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/servicemonitor.yaml
@@ -0,0 +1,84 @@
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceMonitor.selfMonitor }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- with .Values.alertmanager.serviceMonitor.additionalLabels }}
+{{- toYaml . | nindent 4 }}
+{{- end }}
+spec:
+  {{- include "servicemonitor.scrapeLimits" .Values.alertmanager.serviceMonitor | nindent 2 }}
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+      release: {{ $.Release.Name | quote }}
+      self-monitor: "true"
+  namespaceSelector:
+    matchNames:
+      - {{ printf "%s" (include "kube-prometheus-stack.namespace" .) | quote }}
+  endpoints:
+  - port: {{ .Values.alertmanager.alertmanagerSpec.portName }}
+    enableHttp2: {{ .Values.alertmanager.serviceMonitor.enableHttp2 }}
+    {{- if .Values.alertmanager.serviceMonitor.interval }}
+    interval: {{ .Values.alertmanager.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.alertmanager.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.alertmanager.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.alertmanager.serviceMonitor.scheme }}
+    scheme: {{ .Values.alertmanager.serviceMonitor.scheme }}
+    {{- end }}
+    {{- if .Values.alertmanager.serviceMonitor.bearerTokenFile }}
+    bearerTokenFile: {{ .Values.alertmanager.serviceMonitor.bearerTokenFile }}
+    {{- end }}
+    {{- if .Values.alertmanager.serviceMonitor.tlsConfig }}
+    tlsConfig: {{- toYaml .Values.alertmanager.serviceMonitor.tlsConfig | nindent 6 }}
+    {{- end }}
+    path: "{{ trimSuffix "/" .Values.alertmanager.alertmanagerSpec.routePrefix }}/metrics"
+    metricRelabelings:
+    {{- if .Values.alertmanager.serviceMonitor.metricRelabelings }}
+    {{- tpl (toYaml .Values.alertmanager.serviceMonitor.metricRelabelings | nindent 6) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+    - sourceLabels: [__address__]
+      targetLabel: cluster_id
+      replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName }}
+    - sourceLabels: [__address__]
+      targetLabel: cluster_name
+      replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+    {{- if .Values.alertmanager.serviceMonitor.relabelings }}
+    relabelings: {{- toYaml .Values.alertmanager.serviceMonitor.relabelings | nindent 6 }}
+    {{- end }}
+  {{- range .Values.alertmanager.serviceMonitor.additionalEndpoints }}
+  - port: {{ .port }}
+    {{- if or $.Values.alertmanager.serviceMonitor.interval .interval }}
+    interval: {{ default $.Values.alertmanager.serviceMonitor.interval .interval }}
+    {{- end }}
+    {{- if or $.Values.alertmanager.serviceMonitor.proxyUrl .proxyUrl }}
+    proxyUrl: {{ default $.Values.alertmanager.serviceMonitor.proxyUrl .proxyUrl }}
+    {{- end }}
+    {{- if or $.Values.alertmanager.serviceMonitor.scheme .scheme }}
+    scheme: {{ default $.Values.alertmanager.serviceMonitor.scheme .scheme }}
+    {{- end }}
+    {{- if or $.Values.alertmanager.serviceMonitor.bearerTokenFile .bearerTokenFile }}
+    bearerTokenFile: {{ default $.Values.alertmanager.serviceMonitor.bearerTokenFile .bearerTokenFile }}
+    {{- end }}
+    {{- if or $.Values.alertmanager.serviceMonitor.tlsConfig .tlsConfig }}
+    tlsConfig: {{- default $.Values.alertmanager.serviceMonitor.tlsConfig .tlsConfig | toYaml | nindent 6 }}
+    {{- end }}
+    path: {{ .path }}
+    {{- if or $.Values.alertmanager.serviceMonitor.metricRelabelings .metricRelabelings }}
+    metricRelabelings: {{- tpl (default $.Values.alertmanager.serviceMonitor.metricRelabelings .metricRelabelings | toYaml | nindent 6) . }}
+    {{- end }}
+    {{- if or $.Values.alertmanager.serviceMonitor.relabelings .relabelings }}
+    relabelings: {{- default $.Values.alertmanager.serviceMonitor.relabelings .relabelings | toYaml | nindent 6 }}
+    {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/serviceperreplica.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/serviceperreplica.yaml
new file mode 100644
index 0000000000..75a13bdf97
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/alertmanager/serviceperreplica.yaml
@@ -0,0 +1,49 @@
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.servicePerReplica.enabled }}
+{{- $count := .Values.alertmanager.alertmanagerSpec.replicas | int -}}
+{{- $serviceValues := .Values.alertmanager.servicePerReplica -}}
+apiVersion: v1
+kind: List
+metadata:
+  name: {{ include "kube-prometheus-stack.fullname" $ }}-alertmanager-serviceperreplica
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+items:
+{{- range $i, $e := until $count }}
+  - apiVersion: v1
+    kind: Service
+    metadata:
+      name: {{ include "kube-prometheus-stack.fullname" $ }}-alertmanager-{{ $i }}
+      namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+      labels:
+        app: {{ include "kube-prometheus-stack.name" $ }}-alertmanager
+{{ include "kube-prometheus-stack.labels" $ | indent 8 }}
+      {{- if $serviceValues.annotations }}
+      annotations:
+{{ toYaml $serviceValues.annotations | indent 8 }}
+      {{- end }}
+    spec:
+      {{- if $serviceValues.clusterIP }}
+      clusterIP: {{ $serviceValues.clusterIP }}
+      {{- end }}
+      {{- if $serviceValues.loadBalancerSourceRanges }}
+      loadBalancerSourceRanges:
+      {{- range $cidr := $serviceValues.loadBalancerSourceRanges }}
+        - {{ $cidr }}
+      {{- end }}
+      {{- end }}
+      {{- if ne $serviceValues.type "ClusterIP" }}
+      externalTrafficPolicy: {{ $serviceValues.externalTrafficPolicy }}
+      {{- end }}
+      ports:
+        - name: {{ $.Values.alertmanager.alertmanagerSpec.portName }}
+          {{- if eq $serviceValues.type "NodePort" }}
+          nodePort: {{ $serviceValues.nodePort }}
+          {{- end }}
+          port: {{ $serviceValues.port }}
+          targetPort: {{ $serviceValues.targetPort }}
+      selector:
+        app.kubernetes.io/name: alertmanager
+        alertmanager: {{ template "kube-prometheus-stack.alertmanager.crname" $ }}
+        statefulset.kubernetes.io/pod-name: alertmanager-{{ include "kube-prometheus-stack.alertmanager.crname" $ }}-{{ $i }}
+      type: "{{ $serviceValues.type }}"
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/core-dns/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/core-dns/service.yaml
new file mode 100644
index 0000000000..b8618f7558
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/core-dns/service.yaml
@@ -0,0 +1,24 @@
+{{- if and .Values.coreDns.enabled .Values.coreDns.service.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-coredns
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-coredns
+    jobLabel: coredns
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+spec:
+  clusterIP: None
+  ports:
+    - name: {{ .Values.coreDns.serviceMonitor.port }}
+      port: {{ .Values.coreDns.service.port }}
+      protocol: TCP
+      targetPort: {{ .Values.coreDns.service.targetPort }}
+  selector:
+    {{- if .Values.coreDns.service.selector }}
+{{ toYaml .Values.coreDns.service.selector | indent 4 }}
+    {{- else}}
+    k8s-app: kube-dns
+    {{- end}}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/core-dns/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/core-dns/servicemonitor.yaml
new file mode 100644
index 0000000000..dc15a06937
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/core-dns/servicemonitor.yaml
@@ -0,0 +1,58 @@
+{{- if and .Values.coreDns.enabled .Values.coreDns.serviceMonitor.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-coredns
+  {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  namespace: kube-system
+  {{- else }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-coredns
+  {{- with .Values.coreDns.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  jobLabel: {{ .Values.coreDns.serviceMonitor.jobLabel }}
+  {{- include "servicemonitor.scrapeLimits" .Values.coreDns.serviceMonitor | nindent 2 }}
+  selector:
+    {{- if .Values.coreDns.serviceMonitor.selector }}
+    {{ tpl (toYaml .Values.coreDns.serviceMonitor.selector | nindent 4) . }}
+    {{- else }}
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-coredns
+      release: {{ $.Release.Name | quote }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - "kube-system"
+  endpoints:
+  - port: {{ .Values.coreDns.serviceMonitor.port }}
+    {{- if .Values.coreDns.serviceMonitor.interval}}
+    interval: {{ .Values.coreDns.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.coreDns.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.coreDns.serviceMonitor.proxyUrl}}
+    {{- end }}
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    metricRelabelings:
+    {{- if .Values.coreDns.serviceMonitor.metricRelabelings }}
+    {{ tpl (toYaml .Values.coreDns.serviceMonitor.metricRelabelings | indent 4) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+    - sourceLabels: [__address__]
+      targetLabel: cluster_id
+      replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName }}
+    - sourceLabels: [__address__]
+      targetLabel: cluster_name
+      replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.coreDns.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.coreDns.serviceMonitor.relabelings | indent 4) . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-api-server/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-api-server/servicemonitor.yaml
new file mode 100644
index 0000000000..66e777632e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-api-server/servicemonitor.yaml
@@ -0,0 +1,57 @@
+{{- if and .Values.kubeApiServer.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-apiserver
+  {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  namespace: default
+  {{- else }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-apiserver
+  {{- with .Values.kubeApiServer.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  {{- include "servicemonitor.scrapeLimits" .Values.kubeApiServer.serviceMonitor | nindent 2 }}
+  endpoints:
+  - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    {{- if .Values.kubeApiServer.serviceMonitor.interval }}
+    interval: {{ .Values.kubeApiServer.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubeApiServer.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubeApiServer.serviceMonitor.proxyUrl }}
+    {{- end }}
+    port: https
+    scheme: https
+    metricRelabelings:
+    {{- if .Values.kubeApiServer.serviceMonitor.metricRelabelings }}
+{{ tpl (toYaml .Values.kubeApiServer.serviceMonitor.metricRelabelings | indent 6) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.kubeApiServer.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubeApiServer.serviceMonitor.relabelings | indent 6) . }}
+{{- end }}
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      serverName: {{ .Values.kubeApiServer.tlsConfig.serverName }}
+      insecureSkipVerify: {{ .Values.kubeApiServer.tlsConfig.insecureSkipVerify }}
+  jobLabel: {{ .Values.kubeApiServer.serviceMonitor.jobLabel }}
+  namespaceSelector:
+    matchNames:
+    - default
+  selector:
+{{ toYaml .Values.kubeApiServer.serviceMonitor.selector | indent 4 }}
+{{- end}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-controller-manager/endpoints.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-controller-manager/endpoints.yaml
new file mode 100644
index 0000000000..6a6afa6412
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-controller-manager/endpoints.yaml
@@ -0,0 +1,22 @@
+{{- if and .Values.kubeControllerManager.enabled .Values.kubeControllerManager.endpoints .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Endpoints
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-controller-manager
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-controller-manager
+    k8s-app: kube-controller-manager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+subsets:
+  - addresses:
+      {{- range .Values.kubeControllerManager.endpoints }}
+      - ip: {{ . }}
+      {{- end }}
+    ports:
+      - name: {{ .Values.kubeControllerManager.serviceMonitor.port }}
+        {{- $kubeControllerManagerDefaultInsecurePort := 10252 }}
+        {{- $kubeControllerManagerDefaultSecurePort := 10257 }}
+        port: {{ include "kube-prometheus-stack.kubeControllerManager.insecureScrape" (list . $kubeControllerManagerDefaultInsecurePort $kubeControllerManagerDefaultSecurePort .Values.kubeControllerManager.service.port) }}
+        protocol: TCP
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-controller-manager/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-controller-manager/service.yaml
new file mode 100644
index 0000000000..43b1a976d5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-controller-manager/service.yaml
@@ -0,0 +1,29 @@
+{{- if and .Values.kubeControllerManager.enabled .Values.kubeControllerManager.service.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-controller-manager
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-controller-manager
+    jobLabel: kube-controller-manager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+spec:
+  clusterIP: None
+  ports:
+    - name: {{ .Values.kubeControllerManager.serviceMonitor.port }}
+      {{- $kubeControllerManagerDefaultInsecurePort := 10252 }}
+      {{- $kubeControllerManagerDefaultSecurePort := 10257 }}
+      port: {{ include "kube-prometheus-stack.kubeControllerManager.insecureScrape" (list . $kubeControllerManagerDefaultInsecurePort $kubeControllerManagerDefaultSecurePort .Values.kubeControllerManager.service.port) }}
+      protocol: TCP
+      targetPort: {{ include "kube-prometheus-stack.kubeControllerManager.insecureScrape" (list . $kubeControllerManagerDefaultInsecurePort $kubeControllerManagerDefaultSecurePort .Values.kubeControllerManager.service.targetPort) }}
+{{- if .Values.kubeControllerManager.endpoints }}{{- else }}
+  selector:
+    {{- if .Values.kubeControllerManager.service.selector }}
+{{ toYaml .Values.kubeControllerManager.service.selector | indent 4 }}
+    {{- else}}
+    component: kube-controller-manager
+    {{- end}}
+{{- end }}
+  type: ClusterIP
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-controller-manager/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-controller-manager/servicemonitor.yaml
new file mode 100644
index 0000000000..7ed3baa65f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-controller-manager/servicemonitor.yaml
@@ -0,0 +1,69 @@
+{{- if and .Values.kubeControllerManager.enabled .Values.kubeControllerManager.serviceMonitor.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-controller-manager
+  {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  namespace: kube-system
+  {{- else }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-controller-manager
+  {{- with .Values.kubeControllerManager.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  jobLabel: {{ .Values.kubeControllerManager.serviceMonitor.jobLabel }}
+  {{- include "servicemonitor.scrapeLimits" .Values.kubeControllerManager.serviceMonitor | nindent 2 }}
+  selector:
+    {{- if .Values.kubeControllerManager.serviceMonitor.selector }}
+    {{ tpl (toYaml .Values.kubeControllerManager.serviceMonitor.selector | nindent 4) . }}
+    {{- else }}
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-kube-controller-manager
+      release: {{ $.Release.Name | quote }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - "kube-system"
+  endpoints:
+  - port: {{ .Values.kubeControllerManager.serviceMonitor.port }}
+    {{- if .Values.kubeControllerManager.serviceMonitor.interval }}
+    interval: {{ .Values.kubeControllerManager.serviceMonitor.interval }}
+    {{- end }}
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    {{- if .Values.kubeControllerManager.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubeControllerManager.serviceMonitor.proxyUrl}}
+    {{- end }}
+    {{- if eq (include "kube-prometheus-stack.kubeControllerManager.insecureScrape" (list . false true .Values.kubeControllerManager.serviceMonitor.https )) "true" }}
+    scheme: https
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      {{- if eq (include "kube-prometheus-stack.kubeControllerManager.insecureScrape" (list . nil true .Values.kubeControllerManager.serviceMonitor.insecureSkipVerify)) "true" }}
+      insecureSkipVerify: true
+      {{- end }}
+      {{- if .Values.kubeControllerManager.serviceMonitor.serverName }}
+      serverName: {{ .Values.kubeControllerManager.serviceMonitor.serverName }}
+      {{- end }}
+    {{- end }}
+    metricRelabelings:
+    {{- if.Values.kubeControllerManager.serviceMonitor.metricRelabelings }}
+    {{ tpl (toYaml .Values.kubeControllerManager.serviceMonitor.metricRelabelings | indent 4) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.kubeControllerManager.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubeControllerManager.serviceMonitor.relabelings | indent 4) . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-dns/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-dns/service.yaml
new file mode 100644
index 0000000000..81b2c9930c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-dns/service.yaml
@@ -0,0 +1,28 @@
+{{- if and .Values.kubeDns.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-dns
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-dns
+    jobLabel: kube-dns
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+spec:
+  clusterIP: None
+  ports:
+    - name: http-metrics-dnsmasq
+      port: {{ .Values.kubeDns.service.dnsmasq.port }}
+      protocol: TCP
+      targetPort: {{ .Values.kubeDns.service.dnsmasq.targetPort }}
+    - name: http-metrics-skydns
+      port: {{ .Values.kubeDns.service.skydns.port }}
+      protocol: TCP
+      targetPort: {{ .Values.kubeDns.service.skydns.targetPort }}
+  selector:
+    {{- if .Values.kubeDns.service.selector }}
+{{ toYaml .Values.kubeDns.service.selector | indent 4 }}
+    {{- else}}
+    k8s-app: kube-dns
+    {{- end}}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-dns/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-dns/servicemonitor.yaml
new file mode 100644
index 0000000000..9fa41b575f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-dns/servicemonitor.yaml
@@ -0,0 +1,71 @@
+{{- if and .Values.kubeDns.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-dns
+  {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  namespace: kube-system
+  {{- else }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-dns
+  {{- with .Values.kubeDns.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  jobLabel: {{ .Values.kubeDns.serviceMonitor.jobLabel }}
+  {{- include "servicemonitor.scrapeLimits" .Values.kubeDns.serviceMonitor | nindent 2 }}
+  selector:
+    {{- if .Values.kubeDns.serviceMonitor.selector }}
+    {{ tpl (toYaml .Values.kubeDns.serviceMonitor.selector | nindent 4) . }}
+    {{- else }}
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-kube-dns
+      release: {{ $.Release.Name | quote }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - "kube-system"
+  endpoints:
+  - port: http-metrics-dnsmasq
+    {{- if .Values.kubeDns.serviceMonitor.interval }}
+    interval: {{ .Values.kubeDns.serviceMonitor.interval }}
+    {{- end }}
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    {{- if .Values.kubeDns.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubeDns.serviceMonitor.proxyUrl}}
+    {{- end }}
+    metricRelabelings:
+    {{- if .Values.kubeDns.serviceMonitor.dnsmasqMetricRelabelings }}
+    {{ tpl (toYaml .Values.kubeDns.serviceMonitor.dnsmasqMetricRelabelings | indent 4) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.kubeDns.serviceMonitor.dnsmasqRelabelings }}
+    relabelings:
+{{ toYaml .Values.kubeDns.serviceMonitor.dnsmasqRelabelings | indent 4 }}
+{{- end }}
+  - port: http-metrics-skydns
+    {{- if .Values.kubeDns.serviceMonitor.interval }}
+    interval: {{ .Values.kubeDns.serviceMonitor.interval }}
+    {{- end }}
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+{{- if .Values.kubeDns.serviceMonitor.metricRelabelings }}
+    metricRelabelings:
+{{ tpl (toYaml .Values.kubeDns.serviceMonitor.metricRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubeDns.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubeDns.serviceMonitor.relabelings | indent 4) . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-etcd/endpoints.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-etcd/endpoints.yaml
new file mode 100644
index 0000000000..e366447577
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-etcd/endpoints.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.kubeEtcd.enabled .Values.kubeEtcd.endpoints .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Endpoints
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-etcd
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-etcd
+    k8s-app: etcd-server
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+subsets:
+  - addresses:
+      {{- range .Values.kubeEtcd.endpoints }}
+      - ip: {{ . }}
+      {{- end }}
+    ports:
+      - name: {{ .Values.kubeEtcd.serviceMonitor.port }}
+        port: {{ .Values.kubeEtcd.service.port }}
+        protocol: TCP
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-etcd/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-etcd/service.yaml
new file mode 100644
index 0000000000..d07d4f35e3
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-etcd/service.yaml
@@ -0,0 +1,27 @@
+{{- if and .Values.kubeEtcd.enabled .Values.kubeEtcd.service.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-etcd
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-etcd
+    jobLabel: kube-etcd
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+spec:
+  clusterIP: None
+  ports:
+    - name: {{ .Values.kubeEtcd.serviceMonitor.port }}
+      port: {{ .Values.kubeEtcd.service.port }}
+      protocol: TCP
+      targetPort: {{ .Values.kubeEtcd.service.targetPort }}
+{{- if .Values.kubeEtcd.endpoints }}{{- else }}
+  selector:
+    {{- if .Values.kubeEtcd.service.selector }}
+{{ toYaml .Values.kubeEtcd.service.selector | indent 4 }}
+    {{- else}}
+    component: etcd
+    {{- end}}
+{{- end }}
+  type: ClusterIP
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-etcd/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-etcd/servicemonitor.yaml
new file mode 100644
index 0000000000..26fdbdbed3
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-etcd/servicemonitor.yaml
@@ -0,0 +1,75 @@
+{{- if and .Values.kubeEtcd.enabled .Values.kubeEtcd.serviceMonitor.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-etcd
+  {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  namespace: kube-system
+  {{- else }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-etcd
+  {{- with .Values.kubeEtcd.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  jobLabel: {{ .Values.kubeEtcd.serviceMonitor.jobLabel }}
+  {{- include "servicemonitor.scrapeLimits" .Values.kubeEtcd.serviceMonitor | nindent 4 }}
+  selector:
+    {{- if .Values.kubeEtcd.serviceMonitor.selector }}
+    {{ tpl (toYaml .Values.kubeEtcd.serviceMonitor.selector | nindent 4) . }}
+    {{- else }}
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-kube-etcd
+      release: {{ $.Release.Name | quote }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - "kube-system"
+  endpoints:
+  - port: {{ .Values.kubeEtcd.serviceMonitor.port }}
+    {{- if .Values.kubeEtcd.serviceMonitor.interval }}
+    interval: {{ .Values.kubeEtcd.serviceMonitor.interval }}
+    {{- end }}
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    {{- if .Values.kubeEtcd.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubeEtcd.serviceMonitor.proxyUrl}}
+    {{- end }}
+    {{- if eq .Values.kubeEtcd.serviceMonitor.scheme "https" }}
+    scheme: https
+    tlsConfig:
+      {{- if .Values.kubeEtcd.serviceMonitor.serverName }}
+      serverName: {{ .Values.kubeEtcd.serviceMonitor.serverName }}
+      {{- end }}
+      {{- if .Values.kubeEtcd.serviceMonitor.caFile }}
+      caFile: {{ .Values.kubeEtcd.serviceMonitor.caFile }}
+      {{- end }}
+      {{- if  .Values.kubeEtcd.serviceMonitor.certFile }}
+      certFile: {{ .Values.kubeEtcd.serviceMonitor.certFile }}
+      {{- end }}
+      {{- if .Values.kubeEtcd.serviceMonitor.keyFile }}
+      keyFile: {{ .Values.kubeEtcd.serviceMonitor.keyFile }}
+      {{- end}}
+      insecureSkipVerify: {{ .Values.kubeEtcd.serviceMonitor.insecureSkipVerify }}
+    {{- end }}
+    metricRelabelings:
+    {{- if .Values.kubeEtcd.serviceMonitor.metricRelabelings }}
+    {{ tpl (toYaml .Values.kubeEtcd.serviceMonitor.metricRelabelings | indent 4) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.kubeEtcd.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubeEtcd.serviceMonitor.relabelings | indent 4) . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-proxy/endpoints.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-proxy/endpoints.yaml
new file mode 100644
index 0000000000..8613e62425
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-proxy/endpoints.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.kubeProxy.enabled .Values.kubeProxy.endpoints .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Endpoints
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-proxy
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-proxy
+    k8s-app: kube-proxy
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+subsets:
+  - addresses:
+      {{- range .Values.kubeProxy.endpoints }}
+      - ip: {{ . }}
+      {{- end }}
+    ports:
+      - name: {{ .Values.kubeProxy.serviceMonitor.port }}
+        port: {{ .Values.kubeProxy.service.port }}
+        protocol: TCP
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-proxy/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-proxy/service.yaml
new file mode 100644
index 0000000000..8ccb2210d7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-proxy/service.yaml
@@ -0,0 +1,27 @@
+{{- if and .Values.kubeProxy.enabled .Values.kubeProxy.service.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-proxy
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-proxy
+    jobLabel: kube-proxy
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+spec:
+  clusterIP: None
+  ports:
+    - name: {{ .Values.kubeProxy.serviceMonitor.port }}
+      port: {{ .Values.kubeProxy.service.port }}
+      protocol: TCP
+      targetPort: {{ .Values.kubeProxy.service.targetPort }}
+{{- if .Values.kubeProxy.endpoints }}{{- else }}
+  selector:
+    {{- if .Values.kubeProxy.service.selector }}
+{{ toYaml .Values.kubeProxy.service.selector | indent 4 }}
+    {{- else}}
+    k8s-app: kube-proxy
+    {{- end}}
+{{- end }}
+  type: ClusterIP
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-proxy/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-proxy/servicemonitor.yaml
new file mode 100644
index 0000000000..24b0ab2001
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-proxy/servicemonitor.yaml
@@ -0,0 +1,63 @@
+{{- if and .Values.kubeProxy.enabled .Values.kubeProxy.serviceMonitor.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-proxy
+  {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  namespace: kube-system
+  {{- else }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-proxy
+  {{- with .Values.kubeProxy.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  jobLabel: {{ .Values.kubeProxy.serviceMonitor.jobLabel }}
+  {{- include "servicemonitor.scrapeLimits" .Values.kubeProxy.serviceMonitor | nindent 2 }}
+  selector:
+    {{- if .Values.kubeProxy.serviceMonitor.selector }}
+    {{ tpl (toYaml .Values.kubeProxy.serviceMonitor.selector | nindent 4) . }}
+    {{- else }}
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-kube-proxy
+      release: {{ $.Release.Name | quote }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - "kube-system"
+  endpoints:
+  - port: {{ .Values.kubeProxy.serviceMonitor.port }}
+    {{- if .Values.kubeProxy.serviceMonitor.interval }}
+    interval: {{ .Values.kubeProxy.serviceMonitor.interval }}
+    {{- end }}
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    {{- if .Values.kubeProxy.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubeProxy.serviceMonitor.proxyUrl}}
+    {{- end }}
+    {{- if .Values.kubeProxy.serviceMonitor.https }}
+    scheme: https
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+    {{- end}}
+    metricRelabelings:
+    {{- if .Values.kubeProxy.serviceMonitor.metricRelabelings }}
+    {{ tpl (toYaml .Values.kubeProxy.serviceMonitor.metricRelabelings | indent 4) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.kubeProxy.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubeProxy.serviceMonitor.relabelings | indent 4) . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-scheduler/endpoints.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-scheduler/endpoints.yaml
new file mode 100644
index 0000000000..6236b42f10
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-scheduler/endpoints.yaml
@@ -0,0 +1,22 @@
+{{- if and .Values.kubeScheduler.enabled .Values.kubeScheduler.endpoints .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Endpoints
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-scheduler
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-scheduler
+    k8s-app: kube-scheduler
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+subsets:
+  - addresses:
+      {{- range .Values.kubeScheduler.endpoints }}
+      - ip: {{ . }}
+      {{- end }}
+    ports:
+      - name: {{ .Values.kubeScheduler.serviceMonitor.port }}
+        {{- $kubeSchedulerDefaultInsecurePort := 10251 }}
+        {{- $kubeSchedulerDefaultSecurePort := 10259 }}
+        port: {{ include "kube-prometheus-stack.kubeScheduler.insecureScrape" (list . $kubeSchedulerDefaultInsecurePort $kubeSchedulerDefaultSecurePort .Values.kubeScheduler.service.port)  }}
+        protocol: TCP
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-scheduler/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-scheduler/service.yaml
new file mode 100644
index 0000000000..90b3a800a4
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-scheduler/service.yaml
@@ -0,0 +1,29 @@
+{{- if and .Values.kubeScheduler.enabled .Values.kubeScheduler.service.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-scheduler
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-scheduler
+    jobLabel: kube-scheduler
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+spec:
+  clusterIP: None
+  ports:
+    - name: {{ .Values.kubeScheduler.serviceMonitor.port }}
+      {{- $kubeSchedulerDefaultInsecurePort := 10251 }}
+      {{- $kubeSchedulerDefaultSecurePort := 10259 }}
+      port: {{ include "kube-prometheus-stack.kubeScheduler.insecureScrape" (list . $kubeSchedulerDefaultInsecurePort $kubeSchedulerDefaultSecurePort .Values.kubeScheduler.service.port)  }}
+      protocol: TCP
+      targetPort: {{ include "kube-prometheus-stack.kubeScheduler.insecureScrape" (list . $kubeSchedulerDefaultInsecurePort $kubeSchedulerDefaultSecurePort .Values.kubeScheduler.service.targetPort)  }}
+{{- if .Values.kubeScheduler.endpoints }}{{- else }}
+  selector:
+    {{- if .Values.kubeScheduler.service.selector }}
+{{ toYaml .Values.kubeScheduler.service.selector | indent 4 }}
+    {{- else}}
+    component: kube-scheduler
+    {{- end}}
+{{- end }}
+  type: ClusterIP
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-scheduler/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-scheduler/servicemonitor.yaml
new file mode 100644
index 0000000000..b17c4f1d47
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-scheduler/servicemonitor.yaml
@@ -0,0 +1,69 @@
+{{- if and .Values.kubeScheduler.enabled .Values.kubeScheduler.serviceMonitor.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-scheduler
+  {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  namespace: kube-system
+  {{- else }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-scheduler
+  {{- with .Values.kubeScheduler.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  jobLabel: {{ .Values.kubeScheduler.serviceMonitor.jobLabel }}
+  {{- include "servicemonitor.scrapeLimits" .Values.kubeScheduler.serviceMonitor | nindent 2 }}
+  selector:
+    {{- if .Values.kubeScheduler.serviceMonitor.selector }}
+    {{ tpl (toYaml .Values.kubeScheduler.serviceMonitor.selector | nindent 4) . }}
+    {{- else }}
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-kube-scheduler
+      release: {{ $.Release.Name | quote }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - "kube-system"
+  endpoints:
+  - port: {{ .Values.kubeScheduler.serviceMonitor.port }}
+    {{- if .Values.kubeScheduler.serviceMonitor.interval }}
+    interval: {{ .Values.kubeScheduler.serviceMonitor.interval }}
+    {{- end }}
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    {{- if .Values.kubeScheduler.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubeScheduler.serviceMonitor.proxyUrl}}
+    {{- end }}
+    {{- if eq (include "kube-prometheus-stack.kubeScheduler.insecureScrape" (list . false true .Values.kubeScheduler.serviceMonitor.https )) "true" }}
+    scheme: https
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      {{- if eq (include "kube-prometheus-stack.kubeScheduler.insecureScrape" (list . nil true .Values.kubeScheduler.serviceMonitor.insecureSkipVerify)) "true" }}
+      insecureSkipVerify: true
+      {{- end }}
+      {{- if .Values.kubeScheduler.serviceMonitor.serverName }}
+      serverName: {{ .Values.kubeScheduler.serviceMonitor.serverName }}
+      {{- end}}
+    {{- end}}
+    metricRelabelings:
+    {{- if .Values.kubeScheduler.serviceMonitor.metricRelabelings }}
+    {{ tpl (toYaml .Values.kubeScheduler.serviceMonitor.metricRelabelings | indent 4) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.kubeScheduler.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubeScheduler.serviceMonitor.relabelings | indent 4) . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-state-metrics/validate.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-state-metrics/validate.yaml
new file mode 100644
index 0000000000..9211b3d771
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kube-state-metrics/validate.yaml
@@ -0,0 +1,7 @@
+{{- if .Values.kubeStateMetrics.enabled }}
+{{- if not (kindIs "invalid" .Values.kubeStateMetrics.serviceMonitor) }}
+{{- if .Values.kubeStateMetrics.serviceMonitor.namespaceOverride }}
+{{- fail "kubeStateMetrics.serviceMonitor.namespaceOverride was removed. Please use kube-state-metrics.namespaceOverride instead." }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kubelet/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kubelet/servicemonitor.yaml
new file mode 100644
index 0000000000..f570fbfdbc
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/kubelet/servicemonitor.yaml
@@ -0,0 +1,246 @@
+{{- if (and (not .Values.kubelet.enabled) .Values.hardenedKubelet.enabled) }}
+{{ required "Cannot set .Values.hardenedKubelet.enabled=true when .Values.kubelet.enabled=false" "" }}
+{{- end }}
+{{- if (and .Values.kubelet.enabled .Values.kubernetesServiceMonitors.enabled (not .Values.hardenedKubelet.enabled) (not .Values.k3sServer.enabled)) }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kubelet
+  {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  namespace: {{ .Values.kubelet.namespace }}
+  {{- else }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kubelet
+  {{- with .Values.kubelet.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  {{- include "servicemonitor.scrapeLimits" .Values.kubelet.serviceMonitor | nindent 2 }}
+  {{- with .Values.kubelet.serviceMonitor.attachMetadata }}
+  attachMetadata:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  endpoints:
+  {{- if .Values.kubelet.serviceMonitor.https }}
+  - port: https-metrics
+    scheme: https
+    {{- if .Values.kubelet.serviceMonitor.interval }}
+    interval: {{ .Values.kubelet.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    {{- end }}
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      insecureSkipVerify: true
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
+    honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
+    metricRelabelings:
+    {{- if .Values.kubelet.serviceMonitor.metricRelabelings }}
+    {{- tpl (toYaml .Values.kubelet.serviceMonitor.metricRelabelings | nindent 6) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.kubelet.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.relabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.cAdvisor }}
+  - port: https-metrics
+    scheme: https
+    path: /metrics/cadvisor
+    {{- if .Values.kubelet.serviceMonitor.interval }}
+    interval: {{ .Values.kubelet.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    {{- end }}
+    honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
+    honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      insecureSkipVerify: true
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+{{- if .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings }}
+    metricRelabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.cAdvisorRelabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.cAdvisorRelabelings | indent 4) . }}
+{{- end }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.probes }}
+  - port: https-metrics
+    scheme: https
+    path: /metrics/probes
+    {{- if .Values.kubelet.serviceMonitor.interval }}
+    interval: {{ .Values.kubelet.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    {{- end }}
+    honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
+    honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      insecureSkipVerify: true
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+{{- if .Values.kubelet.serviceMonitor.probesMetricRelabelings }}
+    metricRelabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.probesMetricRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.probesRelabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.probesRelabelings | indent 4) . }}
+{{- end }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.resource }}
+  - port: https-metrics
+    scheme: https
+    path: {{ include "kubelet.serviceMonitor.resourcePath" . }}
+    {{- if .Values.kubelet.serviceMonitor.interval }}
+    interval: {{ .Values.kubelet.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    {{- end }}
+    honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
+    honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      insecureSkipVerify: true
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+{{- if .Values.kubelet.serviceMonitor.resourceMetricRelabelings }}
+    metricRelabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.resourceMetricRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.resourceRelabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.resourceRelabelings | indent 4) . }}
+{{- end }}
+{{- end }}
+  {{- else }}
+  - port: http-metrics
+    {{- if .Values.kubelet.serviceMonitor.interval }}
+    interval: {{ .Values.kubelet.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    {{- end }}
+    honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
+    honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
+{{- if .Values.kubelet.serviceMonitor.metricRelabelings }}
+    metricRelabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.metricRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.relabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.cAdvisor }}
+  - port: http-metrics
+    path: /metrics/cadvisor
+    {{- if .Values.kubelet.serviceMonitor.interval }}
+    interval: {{ .Values.kubelet.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    {{- end }}
+    honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
+    honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
+{{- if .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings }}
+    metricRelabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.cAdvisorRelabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.cAdvisorRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.probes }}
+  - port: http-metrics
+    path: /metrics/probes
+    {{- if .Values.kubelet.serviceMonitor.interval }}
+    interval: {{ .Values.kubelet.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    {{- end }}
+    honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
+    honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
+{{- if .Values.kubelet.serviceMonitor.probesMetricRelabelings }}
+    metricRelabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.probesMetricRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.probesRelabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.probesRelabelings | indent 4) . }}
+{{- end }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.resource }}
+  - port: http-metrics
+    path: {{ include "kubelet.serviceMonitor.resourcePath" . }}
+    {{- if .Values.kubelet.serviceMonitor.interval }}
+    interval: {{ .Values.kubelet.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    {{- end }}
+    honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
+    honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
+{{- if .Values.kubelet.serviceMonitor.resourceMetricRelabelings }}
+    metricRelabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.resourceMetricRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.resourceRelabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.resourceRelabelings | indent 4) . }}
+{{- end }}
+{{- end }}
+{{- end }}
+  {{- end }}
+  jobLabel: k8s-app
+  namespaceSelector:
+    matchNames:
+    - {{ .Values.kubelet.namespace }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: kubelet
+      k8s-app: kubelet
+{{- end}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/node-exporter/validate.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/node-exporter/validate.yaml
new file mode 100644
index 0000000000..bdc73d6165
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/exporters/node-exporter/validate.yaml
@@ -0,0 +1,3 @@
+{{- if (and (not .Values.nodeExporter.enabled) .Values.hardenedNodeExporter.enabled) }}
+{{ required "Cannot set .Values.hardenedNodeExporter.enabled=true when .Values.nodeExporter.enabled=false" "" }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/extra-objects.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/extra-objects.yaml
new file mode 100644
index 0000000000..567f7bf329
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/extra-objects.yaml
@@ -0,0 +1,4 @@
+{{ range .Values.extraManifests }}
+---
+{{ tpl (toYaml .) $ }}
+{{ end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/configmap-dashboards.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/configmap-dashboards.yaml
new file mode 100644
index 0000000000..e719009ffe
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/configmap-dashboards.yaml
@@ -0,0 +1,24 @@
+{{- if or (and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled) .Values.grafana.forceDeployDashboards }}
+{{- $files := .Files.Glob "dashboards-1.14/*.json" }}
+{{- if $files }}
+apiVersion: v1
+kind: ConfigMapList
+items:
+{{- range $path, $fileContents := $files }}
+{{- $dashboardName := regexReplaceAll "(^.*/)(.*)\\.json$" $path "${2}" }}
+- apiVersion: v1
+  kind: ConfigMap
+  metadata:
+    name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) $dashboardName | trunc 63 | trimSuffix "-" }}
+    namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+    labels:
+      {{- if $.Values.grafana.sidecar.dashboards.label }}
+      {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+      {{- end }}
+      app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 6 }}
+  data:
+    {{ $dashboardName }}.json: {{ $.Files.Get $path | toJson }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/configmaps-datasources.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/configmaps-datasources.yaml
new file mode 100644
index 0000000000..718020d4f6
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/configmaps-datasources.yaml
@@ -0,0 +1,81 @@
+{{- if or (and .Values.grafana.enabled .Values.grafana.sidecar.datasources.enabled) .Values.grafana.forceDeployDatasources }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-grafana-datasource
+  namespace: {{ default .Values.grafana.sidecar.datasources.searchNamespace (include "kube-prometheus-stack.namespace" .) }}
+{{- if .Values.grafana.sidecar.datasources.annotations }}
+  annotations:
+    {{- toYaml .Values.grafana.sidecar.datasources.annotations | nindent 4 }}
+{{- end }}
+  labels:
+    {{ $.Values.grafana.sidecar.datasources.label }}: {{ $.Values.grafana.sidecar.datasources.labelValue | quote }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  datasource.yaml: |-
+    apiVersion: 1
+{{- if .Values.grafana.deleteDatasources }}
+    deleteDatasources:
+{{ tpl (toYaml .Values.grafana.deleteDatasources | indent 6) . }}
+{{- end }}
+    datasources:
+{{- $scrapeInterval := .Values.grafana.sidecar.datasources.defaultDatasourceScrapeInterval | default .Values.prometheus.prometheusSpec.scrapeInterval | default "30s" }}
+{{- if .Values.grafana.sidecar.datasources.defaultDatasourceEnabled }}
+    - name: Prometheus
+      type: prometheus
+      uid: {{ .Values.grafana.sidecar.datasources.uid }}
+      {{- if .Values.grafana.sidecar.datasources.url }}
+      url: {{ .Values.grafana.sidecar.datasources.url }}
+      {{- else }}
+      url: http://{{ template "kube-prometheus-stack.fullname" . }}-prometheus.{{ template "kube-prometheus-stack.namespace" . }}:{{ .Values.prometheus.service.port }}/{{ trimPrefix "/" .Values.prometheus.prometheusSpec.routePrefix }}
+      {{- end }}
+      access: proxy
+      isDefault: {{ .Values.grafana.sidecar.datasources.isDefaultDatasource }}
+      jsonData:
+        httpMethod: {{ .Values.grafana.sidecar.datasources.httpMethod }}
+        timeInterval: {{ $scrapeInterval }}
+        {{- if .Values.grafana.sidecar.datasources.timeout }}
+        timeout: {{ .Values.grafana.sidecar.datasources.timeout }}
+        {{- end }}
+{{- if .Values.grafana.sidecar.datasources.exemplarTraceIdDestinations }}
+        exemplarTraceIdDestinations:
+        - datasourceUid: {{ .Values.grafana.sidecar.datasources.exemplarTraceIdDestinations.datasourceUid }}
+          name: {{ .Values.grafana.sidecar.datasources.exemplarTraceIdDestinations.traceIdLabelName }}
+{{- end }}
+{{- if .Values.grafana.sidecar.datasources.createPrometheusReplicasDatasources }}
+{{- range until (int .Values.prometheus.prometheusSpec.replicas) }}
+    - name: Prometheus-{{ . }}
+      type: prometheus
+      uid: {{ $.Values.grafana.sidecar.datasources.uid }}-replica-{{ . }}
+      url: http://prometheus-{{ template "kube-prometheus-stack.prometheus.crname" $ }}-{{ . }}.prometheus-operated:9090/{{ trimPrefix "/" $.Values.prometheus.prometheusSpec.routePrefix }}
+      access: proxy
+      isDefault: false
+      jsonData:
+        timeInterval: {{ $scrapeInterval }}
+{{- if $.Values.grafana.sidecar.datasources.exemplarTraceIdDestinations }}
+        exemplarTraceIdDestinations:
+        - datasourceUid: {{ $.Values.grafana.sidecar.datasources.exemplarTraceIdDestinations.datasourceUid }}
+          name: {{ $.Values.grafana.sidecar.datasources.exemplarTraceIdDestinations.traceIdLabelName }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- if .Values.grafana.sidecar.datasources.alertmanager.enabled }}
+    - name: Alertmanager
+      type: alertmanager
+      uid: {{ .Values.grafana.sidecar.datasources.alertmanager.uid }}
+      {{- if .Values.grafana.sidecar.datasources.alertmanager.url }}
+      url: {{ .Values.grafana.sidecar.datasources.alertmanager.url }}
+      {{- else }}
+      url: http://{{ template "kube-prometheus-stack.fullname" . }}-alertmanager.{{ template "kube-prometheus-stack.namespace" . }}:{{ .Values.alertmanager.service.port }}/{{ trimPrefix "/" .Values.alertmanager.alertmanagerSpec.routePrefix }}
+      {{- end }}
+      access: proxy
+      jsonData:
+        handleGrafanaManagedAlerts: {{ .Values.grafana.sidecar.datasources.alertmanager.handleGrafanaManagedAlerts }}
+        implementation: {{ .Values.grafana.sidecar.datasources.alertmanager.implementation }}
+{{- end }}
+{{- end }}
+{{- if .Values.grafana.additionalDataSources }}
+{{ tpl (toYaml .Values.grafana.additionalDataSources | indent 4) . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/alertmanager-overview.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/alertmanager-overview.yaml
new file mode 100644
index 0000000000..dfc26d7ecd
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/alertmanager-overview.yaml
@@ -0,0 +1,616 @@
+{{- /*
+Generated from 'alertmanager-overview' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceMonitor.selfMonitor }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "alertmanager-overview" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  alertmanager-overview.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 1,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "30s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "current set of alerts stored in the Alertmanager",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(alertmanager_alerts{namespace=~\"$namespace\",service=~\"$service\"}) by (namespace,service,instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Alerts",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "none",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "none",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "rate of successful and invalid alerts received by the Alertmanager",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(alertmanager_alerts_received_total{namespace=~\"$namespace\",service=~\"$service\"}[$__rate_interval])) by (namespace,service,instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Received",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "sum(rate(alertmanager_alerts_invalid_total{namespace=~\"$namespace\",service=~\"$service\"}[$__rate_interval])) by (namespace,service,instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Invalid",
+                                "refId": "B"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Alerts receive rate",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Alerts",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "rate of successful and invalid notifications sent by the Alertmanager",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": "integration",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(alertmanager_notifications_total{namespace=~\"$namespace\",service=~\"$service\", integration=\"$integration\"}[$__rate_interval])) by (integration,namespace,service,instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Total",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "sum(rate(alertmanager_notifications_failed_total{namespace=~\"$namespace\",service=~\"$service\", integration=\"$integration\"}[$__rate_interval])) by (integration,namespace,service,instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Failed",
+                                "refId": "B"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "$integration: Notifications Send Rate",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "latency of notifications sent by the Alertmanager",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": "integration",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99,\n  sum(rate(alertmanager_notification_latency_seconds_bucket{namespace=~\"$namespace\",service=~\"$service\", integration=\"$integration\"}[$__rate_interval])) by (le,namespace,service,instance)\n) \n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} 99th Percentile",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "histogram_quantile(0.50,\n  sum(rate(alertmanager_notification_latency_seconds_bucket{namespace=~\"$namespace\",service=~\"$service\", integration=\"$integration\"}[$__rate_interval])) by (le,namespace,service,instance)\n) \n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Median",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "sum(rate(alertmanager_notification_latency_seconds_sum{namespace=~\"$namespace\",service=~\"$service\", integration=\"$integration\"}[$__rate_interval])) by (namespace,service,instance)\n/\nsum(rate(alertmanager_notification_latency_seconds_count{namespace=~\"$namespace\",service=~\"$service\", integration=\"$integration\"}[$__rate_interval])) by (namespace,service,instance)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Average",
+                                "refId": "C"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "$integration: Notification Duration",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Notifications",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "alertmanager-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": "namespace",
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(alertmanager_alerts, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": "service",
+                    "multi": false,
+                    "name": "service",
+                    "options": [
+
+                    ],
+                    "query": "label_values(alertmanager_alerts, service)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "all",
+                        "value": "$__all"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 2,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "integration",
+                    "options": [
+
+                    ],
+                    "query": "label_values(alertmanager_notifications_total{integration=~\".*\"}, integration)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Alertmanager / Overview",
+        "uid": "alertmanager-overview",
+        "version": 0
+    }
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/apiserver.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/apiserver.yaml
new file mode 100644
index 0000000000..bd1048b567
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/apiserver.yaml
@@ -0,0 +1,1772 @@
+{{- /*
+Generated from 'apiserver' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled .Values.kubeApiServer.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "apiserver" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  apiserver.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "panels": [
+            {
+                "content": "The SLO (service level objective) and other metrics displayed on this dashboard are for informational purposes only.",
+                "datasource": null,
+                "description": "The SLO (service level objective) and other metrics displayed on this dashboard are for informational purposes only.",
+                "gridPos": {
+                    "h": 2,
+                    "w": 24,
+                    "x": 0,
+                    "y": 0
+                },
+                "id": 2,
+                "mode": "markdown",
+                "span": 12,
+                "title": "Notice",
+                "type": "text"
+            }
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "#299c46",
+                            "rgba(237, 129, 40, 0.89)",
+                            "#d44a3a"
+                        ],
+                        "datasource": "$datasource",
+                        "decimals": 3,
+                        "description": "How many percent of requests (both read and write) in 30 days have been answered successfully and fast enough?",
+                        "format": "percentunit",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": false,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "rightSide": true
+                        },
+                        "links": [
+
+                        ],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 4,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "tableColumn": "",
+                        "targets": [
+                            {
+                                "expr": "apiserver_request:availability30d{verb=\"all\", cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "",
+                        "title": "Availability (30d) > 99.000%",
+                        "tooltip": {
+                            "shared": false
+                        },
+                        "type": "singlestat",
+                        "valueFontSize": "80%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "avg"
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "decimals": 3,
+                        "description": "How much error budget is left looking at our 0.990% availability guarantees?",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 8,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "100 * (apiserver_request:availability30d{verb=\"all\", cluster=\"$cluster\"} - 0.990000)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "errorbudget",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "ErrorBudget (30d) > 99.000%",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "decimals": 3,
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "decimals": 3,
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "#299c46",
+                            "rgba(237, 129, 40, 0.89)",
+                            "#d44a3a"
+                        ],
+                        "datasource": "$datasource",
+                        "decimals": 3,
+                        "description": "How many percent of read requests (LIST,GET) in 30 days have been answered successfully and fast enough?",
+                        "format": "percentunit",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": false,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "rightSide": true
+                        },
+                        "links": [
+
+                        ],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 3,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "tableColumn": "",
+                        "targets": [
+                            {
+                                "expr": "apiserver_request:availability30d{verb=\"read\", cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "",
+                        "title": "Read Availability (30d)",
+                        "tooltip": {
+                            "shared": false
+                        },
+                        "type": "singlestat",
+                        "valueFontSize": "80%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "avg"
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "How many read requests (LIST,GET) per second do the apiservers get by code?",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+                            {
+                                "alias": "/2../i",
+                                "color": "#56A64B"
+                            },
+                            {
+                                "alias": "/3../i",
+                                "color": "#F2CC0C"
+                            },
+                            {
+                                "alias": "/4../i",
+                                "color": "#3274D9"
+                            },
+                            {
+                                "alias": "/5../i",
+                                "color": "#E02F44"
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by (code) (code_resource:apiserver_request_total:rate5m{verb=\"read\", cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}} code {{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Read SLI - Requests",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "reqps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "reqps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "How many percent of read requests (LIST,GET) per second are returned with errors (5xx)?",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by (resource) (code_resource:apiserver_request_total:rate5m{verb=\"read\",code=~\"5..\", cluster=\"$cluster\"}) / sum by (resource) (code_resource:apiserver_request_total:rate5m{verb=\"read\", cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}} resource {{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Read SLI - Errors",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "How many seconds is the 99th percentile for reading (LIST|GET) a given resource?",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "cluster_quantile:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds:histogram_quantile{verb=\"read\", cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}} resource {{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Read SLI - Duration",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "#299c46",
+                            "rgba(237, 129, 40, 0.89)",
+                            "#d44a3a"
+                        ],
+                        "datasource": "$datasource",
+                        "decimals": 3,
+                        "description": "How many percent of write requests (POST|PUT|PATCH|DELETE) in 30 days have been answered successfully and fast enough?",
+                        "format": "percentunit",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": false,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "rightSide": true
+                        },
+                        "links": [
+
+                        ],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 3,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "tableColumn": "",
+                        "targets": [
+                            {
+                                "expr": "apiserver_request:availability30d{verb=\"write\", cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "",
+                        "title": "Write Availability (30d)",
+                        "tooltip": {
+                            "shared": false
+                        },
+                        "type": "singlestat",
+                        "valueFontSize": "80%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "avg"
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "How many write requests (POST|PUT|PATCH|DELETE) per second do the apiservers get by code?",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+                            {
+                                "alias": "/2../i",
+                                "color": "#56A64B"
+                            },
+                            {
+                                "alias": "/3../i",
+                                "color": "#F2CC0C"
+                            },
+                            {
+                                "alias": "/4../i",
+                                "color": "#3274D9"
+                            },
+                            {
+                                "alias": "/5../i",
+                                "color": "#E02F44"
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by (code) (code_resource:apiserver_request_total:rate5m{verb=\"write\", cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}} code {{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Write SLI - Requests",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "reqps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "reqps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "How many percent of write requests (POST|PUT|PATCH|DELETE) per second are returned with errors (5xx)?",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 11,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by (resource) (code_resource:apiserver_request_total:rate5m{verb=\"write\",code=~\"5..\", cluster=\"$cluster\"}) / sum by (resource) (code_resource:apiserver_request_total:rate5m{verb=\"write\", cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}} resource {{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Write SLI - Errors",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "How many seconds is the 99th percentile for writing (POST|PUT|PATCH|DELETE) a given resource?",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 12,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "cluster_quantile:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds:histogram_quantile{verb=\"write\", cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}} resource {{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Write SLI - Duration",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 13,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(workqueue_adds_total{job=\"apiserver\", instance=~\"$instance\", cluster=\"$cluster\"}[$__rate_interval])) by (instance, name)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}name{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Work Queue Add Rate",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 14,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(workqueue_depth{job=\"apiserver\", instance=~\"$instance\", cluster=\"$cluster\"}[$__rate_interval])) by (instance, name)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}name{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Work Queue Depth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 15,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(workqueue_queue_duration_seconds_bucket{job=\"apiserver\", instance=~\"$instance\", cluster=\"$cluster\"}[$__rate_interval])) by (instance, name, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}name{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Work Queue Latency",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 16,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "process_resident_memory_bytes{job=\"apiserver\",instance=~\"$instance\", cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 17,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(process_cpu_seconds_total{job=\"apiserver\",instance=~\"$instance\", cluster=\"$cluster\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 18,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "go_goroutines{job=\"apiserver\",instance=~\"$instance\", cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Goroutines",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": "cluster",
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"apiserver\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"apiserver\", cluster=\"$cluster\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / API server",
+        "uid": "09ec8aa1e996d6ffcd6817bbaff4db1b",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/cluster-total.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/cluster-total.yaml
new file mode 100644
index 0000000000..f4be0bbd45
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/cluster-total.yaml
@@ -0,0 +1,1882 @@
+{{- /*
+Generated from 'cluster-total' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "cluster-total" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  cluster-total.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+                {
+                    "builtIn": 1,
+                    "datasource": "-- Grafana --",
+                    "enable": true,
+                    "hide": true,
+                    "iconColor": "rgba(0, 211, 255, 1)",
+                    "name": "Annotations & Alerts",
+                    "type": "dashboard"
+                }
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "panels": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 0
+                },
+                "id": 2,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": true,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 1
+                },
+                "id": 3,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "sort": "current",
+                    "sortDesc": true,
+                    "total": false,
+                    "values": true
+                },
+                "lines": false,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 24,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Received",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "series",
+                    "name": null,
+                    "show": false,
+                    "values": [
+                        "current"
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": true,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 1
+                },
+                "id": 4,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "sort": "current",
+                    "sortDesc": true,
+                    "total": false,
+                    "values": true
+                },
+                "lines": false,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 24,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Transmitted",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "series",
+                    "name": null,
+                    "show": false,
+                    "values": [
+                        "current"
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "columns": [
+                    {
+                        "text": "Time",
+                        "value": "Time"
+                    },
+                    {
+                        "text": "Value #A",
+                        "value": "Value #A"
+                    },
+                    {
+                        "text": "Value #B",
+                        "value": "Value #B"
+                    },
+                    {
+                        "text": "Value #C",
+                        "value": "Value #C"
+                    },
+                    {
+                        "text": "Value #D",
+                        "value": "Value #D"
+                    },
+                    {
+                        "text": "Value #E",
+                        "value": "Value #E"
+                    },
+                    {
+                        "text": "Value #F",
+                        "value": "Value #F"
+                    },
+                    {
+                        "text": "Value #G",
+                        "value": "Value #G"
+                    },
+                    {
+                        "text": "Value #H",
+                        "value": "Value #H"
+                    },
+                    {
+                        "text": "namespace",
+                        "value": "namespace"
+                    }
+                ],
+                "datasource": "$datasource",
+                "fill": 1,
+                "fontSize": "90%",
+                "gridPos": {
+                    "h": 9,
+                    "w": 24,
+                    "x": 0,
+                    "y": 10
+                },
+                "id": 5,
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null as zero",
+                "renderer": "flot",
+                "scroll": true,
+                "showHeader": true,
+                "sort": {
+                    "col": 0,
+                    "desc": false
+                },
+                "spaceLength": 10,
+                "span": 24,
+                "styles": [
+                    {
+                        "alias": "Time",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Time",
+                        "thresholds": [
+
+                        ],
+                        "type": "hidden",
+                        "unit": "short"
+                    },
+                    {
+                        "alias": "Current Bandwidth Received",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #A",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Current Bandwidth Transmitted",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #B",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Average Bandwidth Received",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #C",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Average Bandwidth Transmitted",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #D",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Rate of Received Packets",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #E",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Transmitted Packets",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #F",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Received Packets Dropped",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #G",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Transmitted Packets Dropped",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #H",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Namespace",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": true,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "d/8b7a8b326d7a6f1f04244066368c67af/kubernetes-networking-namespace-pods?orgId=1&refresh=30s&var-namespace=$__cell",
+                        "pattern": "namespace",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "short"
+                    }
+                ],
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "A",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "B",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(avg(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "C",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(avg(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "D",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_packets_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "E",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_packets_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "F",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_packets_dropped_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "G",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_packets_dropped_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "H",
+                        "step": 10
+                    }
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Status",
+                "type": "table"
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 10
+                },
+                "id": 6,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": true,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 0,
+                            "y": 11
+                        },
+                        "id": 7,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "sort": "current",
+                            "sortDesc": true,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": false,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "null",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(avg(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Rate of Bytes Received",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "series",
+                            "name": null,
+                            "show": false,
+                            "values": [
+                                "current"
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": true,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 12,
+                            "y": 11
+                        },
+                        "id": 8,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "sort": "current",
+                            "sortDesc": true,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": false,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "null",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(avg(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Rate of Bytes Transmitted",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "series",
+                            "name": null,
+                            "show": false,
+                            "values": [
+                                "current"
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Average Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 11
+                },
+                "id": 9,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth History",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 24,
+                    "x": 0,
+                    "y": 12
+                },
+                "id": 10,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": true,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": true,
+                    "min": true,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 24,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Receive Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 24,
+                    "x": 0,
+                    "y": 21
+                },
+                "id": 11,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": true,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": true,
+                    "min": true,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 24,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Transmit Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 30
+                },
+                "id": 12,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 24,
+                            "x": 0,
+                            "y": 31
+                        },
+                        "id": 13,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": true,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": true,
+                            "min": true,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_receive_packets_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 24,
+                            "x": 0,
+                            "y": 40
+                        },
+                        "id": 14,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": true,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": true,
+                            "min": true,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_transmit_packets_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Packets",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 31
+                },
+                "id": 15,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 24,
+                            "x": 0,
+                            "y": 50
+                        },
+                        "id": 16,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": true,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": true,
+                            "min": true,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_receive_packets_dropped_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 24,
+                            "x": 0,
+                            "y": 59
+                        },
+                        "id": 17,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": true,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": true,
+                            "min": true,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_transmit_packets_dropped_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 24,
+                            "x": 0,
+                            "y": 59
+                        },
+                        "id": 18,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": true,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": true,
+                            "min": true,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+                            {
+                                "targetBlank": true,
+                                "title": "What is TCP Retransmit?",
+                                "url": "https://accedian.com/enterprises/blog/network-packet-loss-retransmissions-and-duplicate-acknowledgements/"
+                            }
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(rate(node_netstat_Tcp_RetransSegs{cluster=\"$cluster\"}[$interval:$resolution]) / rate(node_netstat_Tcp_OutSegs{cluster=\"$cluster\"}[$interval:$resolution])) by (instance))",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of TCP Retransmits out of all sent segments",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 24,
+                            "x": 0,
+                            "y": 59
+                        },
+                        "id": 19,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": true,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": true,
+                            "min": true,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+                            {
+                                "targetBlank": true,
+                                "title": "Why monitor SYN retransmits?",
+                                "url": "https://github.com/prometheus/node_exporter/issues/1023#issuecomment-408128365"
+                            }
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(rate(node_netstat_TcpExt_TCPSynRetrans{cluster=\"$cluster\"}[$interval:$resolution]) / rate(node_netstat_Tcp_RetransSegs{cluster=\"$cluster\"}[$interval:$resolution])) by (instance))",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of TCP SYN Retransmits out of all retransmits",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Errors",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "refresh": "10s",
+        "rows": [
+
+        ],
+        "schemaVersion": 18,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "resolution",
+                    "options": [
+                        {
+                            "selected": false,
+                            "text": "30s",
+                            "value": "30s"
+                        },
+                        {
+                            "selected": true,
+                            "text": "5m",
+                            "value": "5m"
+                        },
+                        {
+                            "selected": false,
+                            "text": "1h",
+                            "value": "1h"
+                        }
+                    ],
+                    "query": "30s,5m,1h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 2,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "interval",
+                    "options": [
+                        {
+                            "selected": true,
+                            "text": "4h",
+                            "value": "4h"
+                        }
+                    ],
+                    "query": "4h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                },
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Networking / Cluster",
+        "uid": "ff635a025bcfea7bc3dd4f508990a3e9",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/controller-manager.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/controller-manager.yaml
new file mode 100644
index 0000000000..8d420d7a4f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/controller-manager.yaml
@@ -0,0 +1,1196 @@
+{{- /*
+Generated from 'controller-manager' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+{{- if (include "exporter.kubeControllerManager.enabled" .)}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "controller-manager" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  controller-manager.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "#299c46",
+                            "rgba(237, 129, 40, 0.89)",
+                            "#d44a3a"
+                        ],
+                        "datasource": "$datasource",
+                        "format": "none",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": false,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "rightSide": true
+                        },
+                        "links": [
+
+                        ],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 2,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "tableColumn": "",
+                        "targets": [
+                            {
+                                {{- if .Values.k3sServer.enabled  }}
+                                "expr": "sum(up{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", metrics_path=\"/metrics\"})",
+                                {{- else }}
+                                "expr": "sum(up{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\"})",
+                                {{- end }}
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "",
+                        "title": "Up",
+                        "tooltip": {
+                            "shared": false
+                        },
+                        "type": "singlestat",
+                        "valueFontSize": "80%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "min"
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 10,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(workqueue_adds_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance, name)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} {{`{{`}}name{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Work Queue Add Rate",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(workqueue_depth{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance, name)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} {{`{{`}}name{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Work Queue Depth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(workqueue_queue_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance, name, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} {{`{{`}}name{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Work Queue Latency",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\",code=~\"2..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "2xx",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\",code=~\"3..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "3xx",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\",code=~\"4..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "4xx",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\",code=~\"5..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "5xx",
+                                "refId": "D"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Kube API Request Rate",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 8,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\", verb=\"POST\"}[$__rate_interval])) by (verb, url, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}verb{{`}}`}} {{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Post Request Latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\", verb=\"GET\"}[$__rate_interval])) by (verb, url, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}verb{{`}}`}} {{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Get Request Latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "process_resident_memory_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\",instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(process_cpu_seconds_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\",instance=~\"$instance\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 11,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "go_goroutines{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\",instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Goroutines",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": "cluster",
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Controller Manager",
+        "uid": "72e0e05bef5099e5f049b05fdc429ed4",
+        "version": 0
+    }
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/etcd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/etcd.yaml
new file mode 100644
index 0000000000..0eeedc6299
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/etcd.yaml
@@ -0,0 +1,1229 @@
+{{- /*
+Generated from 'etcd' from https://github.com/etcd-io/etcd.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+{{- if (include "exporter.kubeEtcd.enabled" .)}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "etcd" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  etcd.json: |-
+    {
+        "annotations": {
+            "list": []
+        },
+        "description": "etcd sample Grafana dashboard with Prometheus",
+        "editable": true,
+        "gnetId": null,
+        "hideControls": false,
+        "links": [],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "editable": true,
+                "height": "250px",
+                "panels": [
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "rgba(245, 54, 54, 0.9)",
+                            "rgba(237, 129, 40, 0.89)",
+                            "rgba(50, 172, 45, 0.97)"
+                        ],
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "format": "none",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": false,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "id": 28,
+                        "interval": null,
+                        "isNew": true,
+                        "links": [],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 3,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "targets": [
+                            {
+                                "expr": "sum(etcd_server_has_leader{job=\"$cluster\"})",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "metric": "etcd_server_has_leader",
+                                "refId": "A",
+                                "step": 20
+                            }
+                        ],
+                        "thresholds": "",
+                        "title": "Up",
+                        "type": "singlestat",
+                        "valueFontSize": "200%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "avg"
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "id": 23,
+                        "isNew": true,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 5,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(grpc_server_started_total{job=\"$cluster\",grpc_type=\"unary\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "RPC Rate",
+                                "metric": "grpc_server_started_total",
+                                "refId": "A",
+                                "step": 2
+                            },
+                            {
+                                "expr": "sum(rate(grpc_server_handled_total{job=\"$cluster\",grpc_type=\"unary\",grpc_code=~\"Unknown|FailedPrecondition|ResourceExhausted|Internal|Unavailable|DataLoss|DeadlineExceeded\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "RPC Failed Rate",
+                                "metric": "grpc_server_handled_total",
+                                "refId": "B",
+                                "step": 2
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "RPC Rate",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "id": 41,
+                        "isNew": true,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 4,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(grpc_server_started_total{job=\"$cluster\",grpc_service=\"etcdserverpb.Watch\",grpc_type=\"bidi_stream\"}) - sum(grpc_server_handled_total{job=\"$cluster\",grpc_service=\"etcdserverpb.Watch\",grpc_type=\"bidi_stream\"})",
+                                "intervalFactor": 2,
+                                "legendFormat": "Watch Streams",
+                                "metric": "grpc_server_handled_total",
+                                "refId": "A",
+                                "step": 4
+                            },
+                            {
+                                "expr": "sum(grpc_server_started_total{job=\"$cluster\",grpc_service=\"etcdserverpb.Lease\",grpc_type=\"bidi_stream\"}) - sum(grpc_server_handled_total{job=\"$cluster\",grpc_service=\"etcdserverpb.Lease\",grpc_type=\"bidi_stream\"})",
+                                "intervalFactor": 2,
+                                "legendFormat": "Lease Streams",
+                                "metric": "grpc_server_handled_total",
+                                "refId": "B",
+                                "step": 4
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Active Streams",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": "",
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "showTitle": false,
+                "title": "Row"
+            },
+            {
+                "collapse": false,
+                "editable": true,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "decimals": null,
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "grid": {},
+                        "id": 1,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "etcd_mvcc_db_total_size_in_bytes{job=\"$cluster\"}",
+                                "hide": false,
+                                "interval": "",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} DB Size",
+                                "metric": "",
+                                "refId": "A",
+                                "step": 4
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "DB Size",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "cumulative"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "grid": {},
+                        "id": 3,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 1,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": true,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(etcd_disk_wal_fsync_duration_seconds_bucket{job=\"$cluster\"}[$__rate_interval])) by (instance, le))",
+                                "hide": false,
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} WAL fsync",
+                                "metric": "etcd_disk_wal_fsync_duration_seconds_bucket",
+                                "refId": "A",
+                                "step": 4
+                            },
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(etcd_disk_backend_commit_duration_seconds_bucket{job=\"$cluster\"}[$__rate_interval])) by (instance, le))",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} DB fsync",
+                                "metric": "etcd_disk_backend_commit_duration_seconds_bucket",
+                                "refId": "B",
+                                "step": 4
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk Sync Duration",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "cumulative"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "id": 29,
+                        "isNew": true,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "process_resident_memory_bytes{job=\"$cluster\"}",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Resident Memory",
+                                "metric": "process_resident_memory_bytes",
+                                "refId": "A",
+                                "step": 4
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "title": "New row"
+            },
+            {
+                "collapse": false,
+                "editable": true,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "fill": 5,
+                        "id": 22,
+                        "isNew": true,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 3,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(etcd_network_client_grpc_received_bytes_total{job=\"$cluster\"}[$__rate_interval])",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Client Traffic In",
+                                "metric": "etcd_network_client_grpc_received_bytes_total",
+                                "refId": "A",
+                                "step": 4
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Client Traffic In",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "fill": 5,
+                        "id": 21,
+                        "isNew": true,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 3,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(etcd_network_client_grpc_sent_bytes_total{job=\"$cluster\"}[$__rate_interval])",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Client Traffic Out",
+                                "metric": "etcd_network_client_grpc_sent_bytes_total",
+                                "refId": "A",
+                                "step": 4
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Client Traffic Out",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "id": 20,
+                        "isNew": true,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(etcd_network_peer_received_bytes_total{job=\"$cluster\"}[$__rate_interval])) by (instance)",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Peer Traffic In",
+                                "metric": "etcd_network_peer_received_bytes_total",
+                                "refId": "A",
+                                "step": 4
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Peer Traffic In",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "decimals": null,
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "grid": {},
+                        "id": 16,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(etcd_network_peer_sent_bytes_total{job=\"$cluster\"}[$__rate_interval])) by (instance)",
+                                "hide": false,
+                                "interval": "",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Peer Traffic Out",
+                                "metric": "etcd_network_peer_sent_bytes_total",
+                                "refId": "A",
+                                "step": 4
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Peer Traffic Out",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "cumulative"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "title": "New row"
+            },
+            {
+                "collapse": false,
+                "editable": true,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "id": 40,
+                        "isNew": true,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(etcd_server_proposals_failed_total{job=\"$cluster\"}[$__rate_interval]))",
+                                "intervalFactor": 2,
+                                "legendFormat": "Proposal Failure Rate",
+                                "metric": "etcd_server_proposals_failed_total",
+                                "refId": "A",
+                                "step": 2
+                            },
+                            {
+                                "expr": "sum(etcd_server_proposals_pending{job=\"$cluster\"})",
+                                "intervalFactor": 2,
+                                "legendFormat": "Proposal Pending Total",
+                                "metric": "etcd_server_proposals_pending",
+                                "refId": "B",
+                                "step": 2
+                            },
+                            {
+                                "expr": "sum(rate(etcd_server_proposals_committed_total{job=\"$cluster\"}[$__rate_interval]))",
+                                "intervalFactor": 2,
+                                "legendFormat": "Proposal Commit Rate",
+                                "metric": "etcd_server_proposals_committed_total",
+                                "refId": "C",
+                                "step": 2
+                            },
+                            {
+                                "expr": "sum(rate(etcd_server_proposals_applied_total{job=\"$cluster\"}[$__rate_interval]))",
+                                "intervalFactor": 2,
+                                "legendFormat": "Proposal Apply Rate",
+                                "refId": "D",
+                                "step": 2
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Raft Proposals",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": "",
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "decimals": 0,
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "id": 19,
+                        "isNew": true,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "changes(etcd_server_leader_changes_seen_total{job=\"$cluster\"}[1d])",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Total Leader Elections Per Day",
+                                "metric": "etcd_server_leader_changes_seen_total",
+                                "refId": "A",
+                                "step": 2
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Total Leader Elections Per Day",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "decimals": 0,
+                        "editable": true,
+                        "error": false,
+                        "fieldConfig": {
+                            "defaults": {
+                                "custom": {}
+                            },
+                            "overrides": []
+                        },
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 7,
+                            "w": 12,
+                            "x": 0,
+                            "y": 28
+                        },
+                        "hiddenSeries": false,
+                        "id": 42,
+                        "isNew": true,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "options": {
+                            "alertThreshold": true
+                        },
+                        "percentage": false,
+                        "pluginVersion": "7.4.3",
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "spaceLength": 10,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum by (instance, le) (rate(etcd_network_peer_round_trip_time_seconds_bucket{job=\"$cluster\"}[$__rate_interval])))",
+                                "interval": "",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Peer round trip time",
+                                "metric": "etcd_network_peer_round_trip_time_seconds_bucket",
+                                "refId": "A",
+                                "step": 2
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeRegions": [],
+                        "timeShift": null,
+                        "title": "Peer round trip time",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "$$hashKey": "object:925",
+                                "decimals": null,
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "$$hashKey": "object:926",
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ],
+                        "yaxis": {
+                            "align": false,
+                            "alignLevel": null
+                        }
+                    }
+                ],
+                "title": "New row"
+            }
+        ],
+        "schemaVersion": 13,
+        "sharedCrosshair": false,
+        "style": "dark",
+        "tags": [
+            "etcd-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "prod",
+                        "value": "prod"
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if (or .Values.grafana.sidecar.dashboards.multicluster.global.enabled .Values.grafana.sidecar.dashboards.multicluster.etcd.enabled) }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": "cluster",
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [],
+                    "query": "label_values(etcd_server_has_leader, job)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 2,
+                    "tagValuesQuery": "",
+                    "tags": [],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-15m",
+            "to": "now"
+        },
+        "timepicker": {
+            "now": true,
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "etcd",
+        "uid": "c2f4e12cdf69feb95caa41a5a1b423d9",
+        "version": 215
+    }
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/grafana-overview.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/grafana-overview.yaml
new file mode 100644
index 0000000000..d2609140cf
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/grafana-overview.yaml
@@ -0,0 +1,635 @@
+{{- /*
+Generated from 'grafana-overview' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "grafana-overview" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  grafana-overview.json: |-
+    {
+        "annotations": {
+            "list": [
+                {
+                    "builtIn": 1,
+                    "datasource": "-- Grafana --",
+                    "enable": true,
+                    "hide": true,
+                    "iconColor": "rgba(0, 211, 255, 1)",
+                    "name": "Annotations & Alerts",
+                    "target": {
+                        "limit": 100,
+                        "matchAny": false,
+                        "tags": [
+
+                        ],
+                        "type": "dashboard"
+                    },
+                    "type": "dashboard"
+                }
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "id": 3085,
+        "iteration": 1631554945276,
+        "links": [
+
+        ],
+        "panels": [
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "mappings": [
+
+                        ],
+                        "noValue": "0",
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+                                {
+                                    "color": "green",
+                                    "value": null
+                                },
+                                {
+                                    "color": "red",
+                                    "value": 80
+                                }
+                            ]
+                        }
+                    },
+                    "overrides": [
+
+                    ]
+                },
+                "gridPos": {
+                    "h": 5,
+                    "w": 6,
+                    "x": 0,
+                    "y": 0
+                },
+                "id": 6,
+                "options": {
+                    "colorMode": "value",
+                    "graphMode": "area",
+                    "justifyMode": "auto",
+                    "orientation": "auto",
+                    "reduceOptions": {
+                        "calcs": [
+                            "mean"
+                        ],
+                        "fields": "",
+                        "values": false
+                    },
+                    "text": {
+
+                    },
+                    "textMode": "auto"
+                },
+                "pluginVersion": "8.1.3",
+                "targets": [
+                    {
+                        "expr": "grafana_alerting_result_total{job=~\"$job\", instance=~\"$instance\", state=\"alerting\"}",
+                        "instant": true,
+                        "interval": "",
+                        "legendFormat": "",
+                        "refId": "A"
+                    }
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Firing Alerts",
+                "type": "stat"
+            },
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "mappings": [
+
+                        ],
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+                                {
+                                    "color": "green",
+                                    "value": null
+                                },
+                                {
+                                    "color": "red",
+                                    "value": 80
+                                }
+                            ]
+                        }
+                    },
+                    "overrides": [
+
+                    ]
+                },
+                "gridPos": {
+                    "h": 5,
+                    "w": 6,
+                    "x": 6,
+                    "y": 0
+                },
+                "id": 8,
+                "options": {
+                    "colorMode": "value",
+                    "graphMode": "area",
+                    "justifyMode": "auto",
+                    "orientation": "auto",
+                    "reduceOptions": {
+                        "calcs": [
+                            "mean"
+                        ],
+                        "fields": "",
+                        "values": false
+                    },
+                    "text": {
+
+                    },
+                    "textMode": "auto"
+                },
+                "pluginVersion": "8.1.3",
+                "targets": [
+                    {
+                        "expr": "sum(grafana_stat_totals_dashboard{job=~\"$job\", instance=~\"$instance\"})",
+                        "interval": "",
+                        "legendFormat": "",
+                        "refId": "A"
+                    }
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Dashboards",
+                "type": "stat"
+            },
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "custom": {
+                            "align": null,
+                            "displayMode": "auto"
+                        },
+                        "mappings": [
+
+                        ],
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+                                {
+                                    "color": "green",
+                                    "value": null
+                                },
+                                {
+                                    "color": "red",
+                                    "value": 80
+                                }
+                            ]
+                        }
+                    },
+                    "overrides": [
+
+                    ]
+                },
+                "gridPos": {
+                    "h": 5,
+                    "w": 12,
+                    "x": 12,
+                    "y": 0
+                },
+                "id": 10,
+                "options": {
+                    "showHeader": true
+                },
+                "pluginVersion": "8.1.3",
+                "targets": [
+                    {
+                        "expr": "grafana_build_info{job=~\"$job\", instance=~\"$instance\"}",
+                        "instant": true,
+                        "interval": "",
+                        "legendFormat": "",
+                        "refId": "A"
+                    }
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Build Info",
+                "transformations": [
+                    {
+                        "id": "labelsToFields",
+                        "options": {
+
+                        }
+                    },
+                    {
+                        "id": "organize",
+                        "options": {
+                            "excludeByName": {
+                                "Time": true,
+                                "Value": true,
+                                "branch": true,
+                                "container": true,
+                                "goversion": true,
+                                "namespace": true,
+                                "pod": true,
+                                "revision": true
+                            },
+                            "indexByName": {
+                                "Time": 7,
+                                "Value": 11,
+                                "branch": 4,
+                                "container": 8,
+                                "edition": 2,
+                                "goversion": 6,
+                                "instance": 1,
+                                "job": 0,
+                                "namespace": 9,
+                                "pod": 10,
+                                "revision": 5,
+                                "version": 3
+                            },
+                            "renameByName": {
+
+                            }
+                        }
+                    }
+                ],
+                "type": "table"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "links": [
+
+                        ]
+                    },
+                    "overrides": [
+
+                    ]
+                },
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 8,
+                    "w": 12,
+                    "x": 0,
+                    "y": 5
+                },
+                "hiddenSeries": false,
+                "id": 2,
+                "legend": {
+                    "avg": false,
+                    "current": false,
+                    "max": false,
+                    "min": false,
+                    "show": true,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 1,
+                "nullPointMode": "null",
+                "options": {
+                    "alertThreshold": true
+                },
+                "percentage": false,
+                "pluginVersion": "8.1.3",
+                "pointradius": 2,
+                "points": false,
+                "renderer": "flot",
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum by (status_code) (irate(grafana_http_request_duration_seconds_count{job=~\"$job\", instance=~\"$instance\"}[1m])) ",
+                        "interval": "",
+                        "legendFormat": "{{`{{`}}status_code{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeRegions": [
+
+                ],
+                "timeShift": null,
+                "title": "RPS",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "$$hashKey": "object:157",
+                        "format": "reqps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "$$hashKey": "object:158",
+                        "format": "short",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": false
+                    }
+                ],
+                "yaxis": {
+                    "align": false,
+                    "alignLevel": null
+                }
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "links": [
+
+                        ]
+                    },
+                    "overrides": [
+
+                    ]
+                },
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 8,
+                    "w": 12,
+                    "x": 12,
+                    "y": 5
+                },
+                "hiddenSeries": false,
+                "id": 4,
+                "legend": {
+                    "avg": false,
+                    "current": false,
+                    "max": false,
+                    "min": false,
+                    "show": true,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 1,
+                "nullPointMode": "null",
+                "options": {
+                    "alertThreshold": true
+                },
+                "percentage": false,
+                "pluginVersion": "8.1.3",
+                "pointradius": 2,
+                "points": false,
+                "renderer": "flot",
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "exemplar": true,
+                        "expr": "histogram_quantile(0.99, sum(irate(grafana_http_request_duration_seconds_bucket{instance=~\"$instance\", job=~\"$job\"}[$__rate_interval])) by (le)) * 1",
+                        "interval": "",
+                        "legendFormat": "99th Percentile",
+                        "refId": "A"
+                    },
+                    {
+                        "exemplar": true,
+                        "expr": "histogram_quantile(0.50, sum(irate(grafana_http_request_duration_seconds_bucket{instance=~\"$instance\", job=~\"$job\"}[$__rate_interval])) by (le)) * 1",
+                        "interval": "",
+                        "legendFormat": "50th Percentile",
+                        "refId": "B"
+                    },
+                    {
+                        "exemplar": true,
+                        "expr": "sum(irate(grafana_http_request_duration_seconds_sum{instance=~\"$instance\", job=~\"$job\"}[$__rate_interval])) * 1 / sum(irate(grafana_http_request_duration_seconds_count{instance=~\"$instance\", job=~\"$job\"}[$__rate_interval]))",
+                        "interval": "",
+                        "legendFormat": "Average",
+                        "refId": "C"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeRegions": [
+
+                ],
+                "timeShift": null,
+                "title": "Request Latency",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "$$hashKey": "object:210",
+                        "format": "ms",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "$$hashKey": "object:211",
+                        "format": "short",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ],
+                "yaxis": {
+                    "align": false,
+                    "alignLevel": null
+                }
+            }
+        ],
+        "schemaVersion": 30,
+        "style": "dark",
+        "tags": [
+
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "description": null,
+                    "error": null,
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": "Data Source",
+                    "multi": false,
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "queryValue": "",
+                    "refresh": 1,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "type": "datasource"
+                },
+                {
+                    "allValue": ".*",
+                    "current": {
+                        "selected": false,
+                        "text": [
+                            "default/grafana"
+                        ],
+                        "value": [
+                            "default/grafana"
+                        ]
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(grafana_build_info, job)",
+                    "description": null,
+                    "error": null,
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": true,
+                    "name": "job",
+                    "options": [
+
+                    ],
+                    "query": {
+                        "query": "label_values(grafana_build_info, job)",
+                        "refId": "Billing Admin-job-Variable-Query"
+                    },
+                    "refresh": 1,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": ".*",
+                    "current": {
+                        "selected": false,
+                        "text": "All",
+                        "value": "$__all"
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(grafana_build_info, instance)",
+                    "description": null,
+                    "error": null,
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": true,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": {
+                        "query": "label_values(grafana_build_info, instance)",
+                        "refId": "Billing Admin-instance-Variable-Query"
+                    },
+                    "refresh": 1,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-6h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Grafana Overview",
+        "uid": "6be0s85Mk",
+        "version": 2
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-coredns.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-coredns.yaml
new file mode 100644
index 0000000000..7ecca76f23
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-coredns.yaml
@@ -0,0 +1,1534 @@
+{{- /*
+Generated from 'k8s-coredns' from ../files/dashboards/k8s-coredns.json
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled .Values.coreDns.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-coredns" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-coredns.json: |-
+    {
+      "annotations": {
+        "list": [
+          {
+            "builtIn": 1,
+            "datasource": "-- Grafana --",
+            "enable": true,
+            "hide": true,
+            "iconColor": "rgba(0, 211, 255, 1)",
+            "name": "Annotations & Alerts",
+            "type": "dashboard"
+          }
+        ]
+      },
+      "description": "A dashboard for the CoreDNS DNS server with updated metrics for version 1.7.0+.  Based on the CoreDNS dashboard by buhay.",
+      "editable": true,
+      "gnetId": 12539,
+      "graphTooltip": 0,
+      "iteration": 1603798405693,
+      "links": [
+        {
+          "icon": "external link",
+          "tags": [],
+          "targetBlank": true,
+          "title": "CoreDNS.io",
+          "type": "link",
+          "url": "https://coredns.io"
+        }
+      ],
+      "panels": [
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": [],
+              "mappings": [],
+              "thresholds": {
+                "mode": "absolute",
+                "steps": [
+                  {
+                    "color": "green",
+                    "value": null
+                  },
+                  {
+                    "color": "red",
+                    "value": 80
+                  }
+                ]
+              }
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 8,
+            "x": 0,
+            "y": 0
+          },
+          "hiddenSeries": false,
+          "id": 2,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "total",
+              "yaxis": 2
+            }
+          ],
+          "spaceLength": 10,
+          "stack": true,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "sum(rate(coredns_dns_request_count_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (proto) or\nsum(rate(coredns_dns_requests_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (proto)",
+              "format": "time_series",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}",
+              "refId": "A",
+              "step": 60
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Requests (total)",
+          "tooltip": {
+            "shared": true,
+            "sort": 2,
+            "value_type": "individual"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 8,
+            "x": 8,
+            "y": 0
+          },
+          "hiddenSeries": false,
+          "id": 4,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "total",
+              "yaxis": 2
+            },
+            {
+              "alias": "other",
+              "yaxis": 2
+            }
+          ],
+          "spaceLength": 10,
+          "stack": true,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "sum(rate(coredns_dns_request_type_count_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (type) or \nsum(rate(coredns_dns_requests_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (type)",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{type}}"}}",
+              "refId": "A",
+              "step": 60
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Requests (by qtype)",
+          "tooltip": {
+            "shared": true,
+            "sort": 2,
+            "value_type": "individual"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 8,
+            "x": 16,
+            "y": 0
+          },
+          "hiddenSeries": false,
+          "id": 6,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "total",
+              "yaxis": 2
+            }
+          ],
+          "spaceLength": 10,
+          "stack": true,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "sum(rate(coredns_dns_request_count_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (zone) or\nsum(rate(coredns_dns_requests_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (zone)",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{zone}}"}}",
+              "refId": "A",
+              "step": 60
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Requests (by zone)",
+          "tooltip": {
+            "shared": true,
+            "sort": 2,
+            "value_type": "individual"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 12,
+            "x": 0,
+            "y": 7
+          },
+          "hiddenSeries": false,
+          "id": 8,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "total",
+              "yaxis": 2
+            }
+          ],
+          "spaceLength": 10,
+          "stack": false,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "sum(rate(coredns_dns_request_do_count_total{job=\"coredns\",instance=~\"$instance\"}[5m])) or\nsum(rate(coredns_dns_do_requests_total{job=\"coredns\",instance=~\"$instance\"}[5m]))",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "DO",
+              "refId": "A",
+              "step": 40
+            },
+            {
+              "expr": "sum(rate(coredns_dns_request_count_total{job=\"coredns\",instance=~\"$instance\"}[5m])) or\nsum(rate(coredns_dns_requests_total{job=\"coredns\",instance=~\"$instance\"}[5m]))",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "total",
+              "refId": "B",
+              "step": 40
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Requests (DO bit)",
+          "tooltip": {
+            "shared": true,
+            "sort": 2,
+            "value_type": "cumulative"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": null,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 6,
+            "x": 12,
+            "y": 7
+          },
+          "hiddenSeries": false,
+          "id": 10,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "tcp:90",
+              "yaxis": 2
+            },
+            {
+              "alias": "tcp:99 ",
+              "yaxis": 2
+            },
+            {
+              "alias": "tcp:50",
+              "yaxis": 2
+            }
+          ],
+          "spaceLength": 10,
+          "stack": false,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "histogram_quantile(0.99, sum(rate(coredns_dns_request_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto))",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:99 ",
+              "refId": "A",
+              "step": 60
+            },
+            {
+              "expr": "histogram_quantile(0.90, sum(rate(coredns_dns_request_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto))",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:90",
+              "refId": "B",
+              "step": 60
+            },
+            {
+              "expr": "histogram_quantile(0.50, sum(rate(coredns_dns_request_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto))",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:50",
+              "refId": "C",
+              "step": 60
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Requests (size, udp)",
+          "tooltip": {
+            "shared": true,
+            "sort": 0,
+            "value_type": "cumulative"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "bytes",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "short",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 6,
+            "x": 18,
+            "y": 7
+          },
+          "hiddenSeries": false,
+          "id": 12,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "tcp:90",
+              "yaxis": 1
+            },
+            {
+              "alias": "tcp:99 ",
+              "yaxis": 1
+            },
+            {
+              "alias": "tcp:50",
+              "yaxis": 1
+            }
+          ],
+          "spaceLength": 10,
+          "stack": false,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "histogram_quantile(0.99, sum(rate(coredns_dns_request_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le,proto))",
+              "format": "time_series",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:99 ",
+              "refId": "A",
+              "step": 60
+            },
+            {
+              "expr": "histogram_quantile(0.90, sum(rate(coredns_dns_request_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le,proto))",
+              "format": "time_series",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:90",
+              "refId": "B",
+              "step": 60
+            },
+            {
+              "expr": "histogram_quantile(0.50, sum(rate(coredns_dns_request_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le,proto))",
+              "format": "time_series",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:50",
+              "refId": "C",
+              "step": 60
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Requests (size,tcp)",
+          "tooltip": {
+            "shared": true,
+            "sort": 0,
+            "value_type": "cumulative"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "bytes",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "short",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 12,
+            "x": 0,
+            "y": 14
+          },
+          "hiddenSeries": false,
+          "id": 14,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [],
+          "spaceLength": 10,
+          "stack": true,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "sum(rate(coredns_dns_response_rcode_count_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (rcode) or\nsum(rate(coredns_dns_responses_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (rcode)",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{rcode}}"}}",
+              "refId": "A",
+              "step": 40
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Responses (by rcode)",
+          "tooltip": {
+            "shared": true,
+            "sort": 2,
+            "value_type": "individual"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "short",
+              "logBase": 1,
+              "max": null,
+              "min": null,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 12,
+            "x": 12,
+            "y": 14
+          },
+          "hiddenSeries": false,
+          "id": 32,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [],
+          "spaceLength": 10,
+          "stack": false,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "histogram_quantile(0.99, sum(rate(coredns_dns_request_duration_seconds_bucket{job=\"coredns\",instance=~\"$instance\"}[5m])) by (le, job))",
+              "format": "time_series",
+              "intervalFactor": 2,
+              "legendFormat": "99%",
+              "refId": "A",
+              "step": 40
+            },
+            {
+              "expr": "histogram_quantile(0.90, sum(rate(coredns_dns_request_duration_seconds_bucket{job=\"coredns\",instance=~\"$instance\"}[5m])) by (le))",
+              "format": "time_series",
+              "intervalFactor": 2,
+              "legendFormat": "90%",
+              "refId": "B",
+              "step": 40
+            },
+            {
+              "expr": "histogram_quantile(0.50, sum(rate(coredns_dns_request_duration_seconds_bucket{job=\"coredns\",instance=~\"$instance\"}[5m])) by (le))",
+              "format": "time_series",
+              "intervalFactor": 2,
+              "legendFormat": "50%",
+              "refId": "C",
+              "step": 40
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Responses (duration)",
+          "tooltip": {
+            "shared": true,
+            "sort": 0,
+            "value_type": "cumulative"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "s",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "short",
+              "logBase": 1,
+              "max": null,
+              "min": null,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 12,
+            "x": 0,
+            "y": 21
+          },
+          "hiddenSeries": false,
+          "id": 18,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "udp:50%",
+              "yaxis": 1
+            },
+            {
+              "alias": "tcp:50%",
+              "yaxis": 2
+            },
+            {
+              "alias": "tcp:90%",
+              "yaxis": 2
+            },
+            {
+              "alias": "tcp:99%",
+              "yaxis": 2
+            }
+          ],
+          "spaceLength": 10,
+          "stack": false,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "histogram_quantile(0.99, sum(rate(coredns_dns_response_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto)) ",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:99%",
+              "refId": "A",
+              "step": 40
+            },
+            {
+              "expr": "histogram_quantile(0.90, sum(rate(coredns_dns_response_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto)) ",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:90%",
+              "refId": "B",
+              "step": 40
+            },
+            {
+              "expr": "histogram_quantile(0.50, sum(rate(coredns_dns_response_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto)) ",
+              "hide": false,
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:50%",
+              "metric": "",
+              "refId": "C",
+              "step": 40
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Responses (size, udp)",
+          "tooltip": {
+            "shared": true,
+            "sort": 0,
+            "value_type": "cumulative"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "bytes",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "short",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 12,
+            "x": 12,
+            "y": 21
+          },
+          "hiddenSeries": false,
+          "id": 20,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "udp:50%",
+              "yaxis": 1
+            },
+            {
+              "alias": "tcp:50%",
+              "yaxis": 1
+            },
+            {
+              "alias": "tcp:90%",
+              "yaxis": 1
+            },
+            {
+              "alias": "tcp:99%",
+              "yaxis": 1
+            }
+          ],
+          "spaceLength": 10,
+          "stack": false,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "histogram_quantile(0.99, sum(rate(coredns_dns_response_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le,proto)) ",
+              "format": "time_series",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:99%",
+              "refId": "A",
+              "step": 40
+            },
+            {
+              "expr": "histogram_quantile(0.90, sum(rate(coredns_dns_response_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le,proto)) ",
+              "format": "time_series",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:90%",
+              "refId": "B",
+              "step": 40
+            },
+            {
+              "expr": "histogram_quantile(0.50, sum(rate(coredns_dns_response_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le, proto)) ",
+              "format": "time_series",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:50%",
+              "metric": "",
+              "refId": "C",
+              "step": 40
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Responses (size, tcp)",
+          "tooltip": {
+            "shared": true,
+            "sort": 0,
+            "value_type": "cumulative"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "bytes",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "short",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 12,
+            "x": 0,
+            "y": 28
+          },
+          "hiddenSeries": false,
+          "id": 22,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [],
+          "spaceLength": 10,
+          "stack": true,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "sum(coredns_cache_size{job=\"coredns\",instance=~\"$instance\"}) by (type) or\nsum(coredns_cache_entries{job=\"coredns\",instance=~\"$instance\"}) by (type)",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{type}}"}}",
+              "refId": "A",
+              "step": 40
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Cache (size)",
+          "tooltip": {
+            "shared": true,
+            "sort": 2,
+            "value_type": "cumulative"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "decbytes",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "short",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 12,
+            "x": 12,
+            "y": 28
+          },
+          "hiddenSeries": false,
+          "id": 24,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "misses",
+              "yaxis": 2
+            }
+          ],
+          "spaceLength": 10,
+          "stack": true,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "sum(rate(coredns_cache_hits_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (type)",
+              "hide": false,
+              "intervalFactor": 2,
+              "legendFormat": "hits:{{"{{type}}"}}",
+              "refId": "A",
+              "step": 40
+            },
+            {
+              "expr": "sum(rate(coredns_cache_misses_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (type)",
+              "hide": false,
+              "intervalFactor": 2,
+              "legendFormat": "misses",
+              "refId": "B",
+              "step": 40
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Cache (hitrate)",
+          "tooltip": {
+            "shared": true,
+            "sort": 2,
+            "value_type": "individual"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        }
+      ],
+      "refresh": "10s",
+      "schemaVersion": 26,
+      "style": "dark",
+      "tags": [
+        "dns",
+        "coredns"
+      ],
+      "templating": {
+        "list": [
+          {
+            "current": {
+              "text": "Prometheus",
+              "value": "Prometheus"
+            },
+            "hide": 0,
+            "includeAll": false,
+            "label": "Data Source",
+            "multi": false,
+            "name": "datasource",
+            "options": [],
+            "query": "prometheus",
+            "queryValue": "",
+            "refresh": 1,
+            "regex": "",
+            "skipUrlSync": false,
+            "type": "datasource"
+          },
+          {
+            "allValue": ".*",
+            "current": {
+              "selected": true,
+              "text": "All",
+              "value": "$__all"
+            },
+            "datasource": "$datasource",
+            "definition": "label_values(up{job=\"coredns\"}, instance)",
+            "hide": 0,
+            "includeAll": true,
+            "label": "Instance",
+            "multi": false,
+            "name": "instance",
+            "options": [],
+            "query": "label_values(up{job=\"coredns\"}, instance)",
+            "refresh": 1,
+            "regex": "",
+            "skipUrlSync": false,
+            "sort": 3,
+            "tagValuesQuery": "",
+            "tags": [],
+            "tagsQuery": "",
+            "type": "query",
+            "useTags": false
+          }
+        ]
+      },
+      "time": {
+        "from": "now-3h",
+        "to": "now"
+      },
+      "timepicker": {
+        "refresh_intervals": [
+          "10s",
+          "30s",
+          "1m",
+          "5m",
+          "15m",
+          "30m",
+          "1h",
+          "2h",
+          "1d"
+        ]
+      },
+      "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+      "title": "CoreDNS",
+      "uid": "vkQ0UHxik",
+      "version": 2
+    }
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-cluster.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-cluster.yaml
new file mode 100644
index 0000000000..93ee57db93
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-cluster.yaml
@@ -0,0 +1,3088 @@
+{{- /*
+Generated from 'k8s-resources-cluster' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-cluster" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-cluster.json: |-
+    {
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "height": "100px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 1,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 2,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "cluster:node_cpu:ratio_rate5m{cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Utilisation",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 2,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(namespace_cpu:kube_pod_container_resource_requests:sum{cluster=\"$cluster\"}) / sum(kube_node_status_allocatable{job=\"kube-state-metrics\",resource=\"cpu\",cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Requests Commitment",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 2,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(namespace_cpu:kube_pod_container_resource_limits:sum{cluster=\"$cluster\"}) / sum(kube_node_status_allocatable{job=\"kube-state-metrics\",resource=\"cpu\",cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Limits Commitment",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 2,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "1 - sum(:node_memory_MemAvailable_bytes:sum{cluster=\"$cluster\"}) / sum(node_memory_MemTotal_bytes{job=\"node-exporter\",cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Utilisation",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 2,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(namespace_memory:kube_pod_container_resource_requests:sum{cluster=\"$cluster\"}) / sum(kube_node_status_allocatable{job=\"kube-state-metrics\",resource=\"memory\",cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Requests Commitment",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 2,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(namespace_memory:kube_pod_container_resource_limits:sum{cluster=\"$cluster\"}) / sum(kube_node_status_allocatable{job=\"kube-state-metrics\",resource=\"memory\",cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Limits Commitment",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Headlines",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Pods",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 0,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/85a562078cdf77779eaa1add43ccec1e/k8s-resources-namespace?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$__cell_1",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Workloads",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 0,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to workloads",
+                                "linkUrl": "d/a87fb0d919ec0ea5f6543124e16c42a5/k8s-resources-workloads-namespace?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$__cell_1",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "CPU Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #G",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Namespace",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/85a562078cdf77779eaa1add43ccec1e/k8s-resources-namespace?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$__cell",
+                                "pattern": "namespace",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(kube_pod_owner{job=\"kube-state-metrics\", cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "count(avg(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\"}) by (workload, namespace)) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(namespace_cpu:kube_pod_container_resource_requests:sum{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\"}) by (namespace) / sum(namespace_cpu:kube_pod_container_resource_requests:sum{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(namespace_cpu:kube_pod_container_resource_limits:sum{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\"}) by (namespace) / sum(namespace_cpu:kube_pod_container_resource_limits:sum{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "G",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(container_memory_rss{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", container!=\"\"}) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Usage (w/o cache)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Pods",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 0,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/85a562078cdf77779eaa1add43ccec1e/k8s-resources-namespace?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$__cell_1",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Workloads",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 0,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to workloads",
+                                "linkUrl": "d/a87fb0d919ec0ea5f6543124e16c42a5/k8s-resources-workloads-namespace?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$__cell_1",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Memory Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #G",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Namespace",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/85a562078cdf77779eaa1add43ccec1e/k8s-resources-namespace?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$__cell",
+                                "pattern": "namespace",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(kube_pod_owner{job=\"kube-state-metrics\", cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "count(avg(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\"}) by (workload, namespace)) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_rss{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", container!=\"\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(namespace_memory:kube_pod_container_resource_requests:sum{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_rss{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", container!=\"\"}) by (namespace) / sum(namespace_memory:kube_pod_container_resource_requests:sum{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(namespace_memory:kube_pod_container_resource_limits:sum{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_rss{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", container!=\"\"}) by (namespace) / sum(namespace_memory:kube_pod_container_resource_limits:sum{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "G",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Requests by Namespace",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Requests",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 11,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Current Receive Bandwidth",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Current Transmit Bandwidth",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Rate of Received Packets",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Transmitted Packets",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Received Packets Dropped",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Transmitted Packets Dropped",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Namespace",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/85a562078cdf77779eaa1add43ccec1e/k8s-resources-namespace?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$__cell",
+                                "pattern": "namespace",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Current Network Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Network Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 12,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Receive Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 13,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Transmit Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 14,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "avg(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Container Bandwidth by Namespace: Received",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 15,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "avg(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Container Bandwidth by Namespace: Transmitted",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Average Container Bandwidth by Namespace",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 16,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 17,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 18,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 19,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets Dropped",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "decimals": -1,
+                        "fill": 10,
+                        "id": 20,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "ceil(sum by(namespace) (rate(container_fs_reads_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", container!=\"\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]) + rate(container_fs_writes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval])))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "IOPS(Reads+Writes)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 21,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by(namespace) (rate(container_fs_reads_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", container!=\"\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]) + rate(container_fs_writes_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "ThroughPut(Read+Write)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Storage IO",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 22,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "sort": {
+                            "col": 4,
+                            "desc": true
+                        },
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "IOPS(Reads)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "IOPS(Writes)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "IOPS(Reads + Writes)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Throughput(Read)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Throughput(Write)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Throughput(Read + Write)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Namespace",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/85a562078cdf77779eaa1add43ccec1e/k8s-resources-namespace?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$__cell",
+                                "pattern": "namespace",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum by(namespace) (rate(container_fs_reads_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(namespace) (rate(container_fs_writes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(namespace) (rate(container_fs_reads_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]) + rate(container_fs_writes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(namespace) (rate(container_fs_reads_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(namespace) (rate(container_fs_writes_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(namespace) (rate(container_fs_reads_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]) + rate(container_fs_writes_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Current Storage IO",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Storage IO - Distribution",
+                "titleSize": "h6"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Compute Resources / Cluster",
+        "uid": "efa86fd1d0c121a26444b636a3f509a8",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-multicluster.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-multicluster.yaml
new file mode 100644
index 0000000000..9c295831a5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-multicluster.yaml
@@ -0,0 +1,24 @@
+{{- /*
+Generated from 'k8s-resources-multicluster' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ template "kube-prometheus-stack-grafana.namespace" . }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-multicluster" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-multicluster.json: |-
+    {{`{"annotations":{"list":[]},"editable":`}}{{ .Values.grafana.defaultDashboardsEditable }}{{`,"gnetId":null,"graphTooltip":0,"hideControls":false,"links":[],"refresh":"10s","rows":[{"collapse":false,"height":"100px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":1,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"cluster:node_cpu:ratio_rate5m","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"CPU Utilisation","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":2,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(kube_pod_container_resource_requests{job=\"kube-state-metrics\", resource=\"cpu\"}) / sum(kube_node_status_allocatable{job=\"kube-state-metrics\", resource=\"cpu\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"CPU Requests Commitment","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":3,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(kube_pod_container_resource_limits{job=\"kube-state-metrics\", resource=\"cpu\"}) / sum(kube_node_status_allocatable{job=\"kube-state-metrics\", resource=\"cpu\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"CPU Limits Commitment","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":4,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"1 - sum(:node_memory_MemAvailable_bytes:sum) / sum(node_memory_MemTotal_bytes{job=\"node-exporter\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"Memory Utilisation","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":5,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(kube_pod_container_resource_requests{job=\"kube-state-metrics\", resource=\"memory\"}) / sum(kube_node_status_allocatable{job=\"kube-state-metrics\", resource=\"memory\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"Memory Requests Commitment","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":6,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(kube_pod_container_resource_limits{job=\"kube-state-metrics\", resource=\"memory\"}) / sum(kube_node_status_allocatable{job=\"kube-state-metrics\", resource=\"memory\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"Memory Limits Commitment","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":false,"title":"Headlines","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":0,"id":7,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":2,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate) by (cluster)","format":"time_series","legendFormat":"{{cluster}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Usage","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":8,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"CPU Usage","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Requests","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Requests %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #C","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"CPU Limits","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #D","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Limits %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #E","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Cluster","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":true,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"/d/efa86fd1d0c121a26444b636a3f509a8/k8s-resources-cluster?var-datasource=$datasource&var-cluster=`}}{{ if .Values.grafana.sidecar.dashboards.enableNewTablePanelSyntax }}${__value.text}{{ else }}$__cell{{ end }}{{`","pattern":"cluster","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"sum(kube_pod_container_resource_requests{job=\"kube-state-metrics\", resource=\"cpu\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"B"},{"expr":"sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate) by (cluster) / sum(kube_pod_container_resource_requests{job=\"kube-state-metrics\", resource=\"cpu\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"C"},{"expr":"sum(kube_pod_container_resource_limits{job=\"kube-state-metrics\", resource=\"cpu\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"D"},{"expr":"sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate) by (cluster) / sum(kube_pod_container_resource_limits{job=\"kube-state-metrics\", resource=\"cpu\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"E"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Quota","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU Quota","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":0,"id":9,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":2,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(container_memory_rss{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", container!=\"\"}) by (cluster)","format":"time_series","legendFormat":"{{cluster}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Usage (w/o cache)","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"bytes","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":10,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"Memory Usage","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"number","unit":"bytes"},{"alias":"Memory Requests","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"bytes"},{"alias":"Memory Requests %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #C","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Memory Limits","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #D","thresholds":[],"type":"number","unit":"bytes"},{"alias":"Memory Limits %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #E","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Cluster","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":true,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"/d/efa86fd1d0c121a26444b636a3f509a8/k8s-resources-cluster?var-datasource=$datasource&var-cluster=`}}{{ if .Values.grafana.sidecar.dashboards.enableNewTablePanelSyntax }}${__value.text}{{ else }}$__cell{{ end }}{{`","pattern":"cluster","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"sum(container_memory_rss{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", container!=\"\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"sum(kube_pod_container_resource_requests{job=\"kube-state-metrics\", resource=\"memory\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"B"},{"expr":"sum(container_memory_rss{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", container!=\"\"}) by (cluster) / sum(kube_pod_container_resource_requests{job=\"kube-state-metrics\", resource=\"memory\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"C"},{"expr":"sum(kube_pod_container_resource_limits{job=\"kube-state-metrics\", resource=\"memory\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"D"},{"expr":"sum(container_memory_rss{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", container!=\"\"}) by (cluster) / sum(kube_pod_container_resource_limits{job=\"kube-state-metrics\", resource=\"memory\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"E"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Requests by Cluster","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory Requests","titleSize":"h6"}],"schemaVersion":14,"style":"dark","tags":["kubernetes-mixin"],"templating":{"list":[{"current":{"text":"default","value":"default"},"hide":0,"label":"Data source","name":"datasource","options":[],"query":"prometheus","refresh":1,"regex":"","type":"datasource"}]},"time":{"from":"now-1h","to":"now"},"timepicker":{"refresh_intervals":["5s","10s","30s","1m","5m","15m","30m","1h","2h","1d"],"time_options":["5m","15m","1h","6h","12h","24h","2d","7d","30d"]},"timezone": "`}}{{ .Values.grafana.defaultDashboardsTimezone }}{{`","title":"Kubernetes / Compute Resources /  Multi-Cluster","uid":"b59e6c9f2fcbe2e16d77fc492374cc4f","version":0}`}}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-namespace.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-namespace.yaml
new file mode 100644
index 0000000000..1c32c9c02e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-namespace.yaml
@@ -0,0 +1,2797 @@
+{{- /*
+Generated from 'k8s-resources-namespace' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-namespace" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-namespace.json: |-
+    {
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "height": "100px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 1,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}) / sum(kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Utilisation (from requests)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}) / sum(kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Utilisation (from limits)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\",container!=\"\", image!=\"\"}) / sum(kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Utilisation (from requests)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\",container!=\"\", image!=\"\"}) / sum(kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Utilisation (from limits)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Headlines",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+                            {
+                                "alias": "quota - requests",
+                                "color": "#F2495C",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            },
+                            {
+                                "alias": "quota - limits",
+                                "color": "#FF9830",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "scalar(kube_resourcequota{cluster=\"$cluster\", namespace=\"$namespace\", type=\"hard\",resource=\"requests.cpu\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "quota - requests",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "scalar(kube_resourcequota{cluster=\"$cluster\", namespace=\"$namespace\", type=\"hard\",resource=\"limits.cpu\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "quota - limits",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "CPU Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "CPU Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "d/6581e46e4e5c7ba40a07646395ef7b23/k8s-resources-pod?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-pod=$__cell",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod) / sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod) / sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+                            {
+                                "alias": "quota - requests",
+                                "color": "#F2495C",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            },
+                            {
+                                "alias": "quota - limits",
+                                "color": "#FF9830",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "scalar(kube_resourcequota{cluster=\"$cluster\", namespace=\"$namespace\", type=\"hard\",resource=\"requests.memory\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "quota - requests",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "scalar(kube_resourcequota{cluster=\"$cluster\", namespace=\"$namespace\", type=\"hard\",resource=\"limits.memory\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "quota - limits",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Usage (w/o cache)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Memory Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Usage (RSS)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Usage (Cache)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #G",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Usage (Swap)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #H",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "d/6581e46e4e5c7ba40a07646395ef7b23/k8s-resources-pod?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-pod=$__cell",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\",container!=\"\", image!=\"\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_requests{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\",container!=\"\", image!=\"\"}) by (pod) / sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_requests{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_limits{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\",container!=\"\", image!=\"\"}) by (pod) / sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_limits{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_rss{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\",container!=\"\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_cache{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\",container!=\"\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "G",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_swap{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\",container!=\"\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "H",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Current Receive Bandwidth",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Current Transmit Bandwidth",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Rate of Received Packets",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Transmitted Packets",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Received Packets Dropped",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Transmitted Packets Dropped",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/6581e46e4e5c7ba40a07646395ef7b23/k8s-resources-pod?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-pod=$__cell",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Current Network Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Network Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Receive Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 11,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Transmit Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 12,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_total{cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 13,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_total{cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 14,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_dropped_total{cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 15,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_dropped_total{cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets Dropped",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "decimals": -1,
+                        "fill": 10,
+                        "id": 16,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "ceil(sum by(pod) (rate(container_fs_reads_total{container!=\"\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]) + rate(container_fs_writes_total{container!=\"\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "IOPS(Reads+Writes)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 17,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_reads_bytes_total{container!=\"\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]) + rate(container_fs_writes_bytes_total{container!=\"\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "ThroughPut(Read+Write)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Storage IO",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 18,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "sort": {
+                            "col": 4,
+                            "desc": true
+                        },
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "IOPS(Reads)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "IOPS(Writes)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "IOPS(Reads + Writes)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Throughput(Read)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Throughput(Write)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Throughput(Read + Write)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/6581e46e4e5c7ba40a07646395ef7b23/k8s-resources-pod?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-pod=$__cell",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_reads_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_writes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_reads_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]) + rate(container_fs_writes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_reads_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_writes_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_reads_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]) + rate(container_fs_writes_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Current Storage IO",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Storage IO - Distribution",
+                "titleSize": "h6"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"kube-state-metrics\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kube_namespace_status_phase{job=\"kube-state-metrics\", cluster=\"$cluster\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Compute Resources / Namespace (Pods)",
+        "uid": "85a562078cdf77779eaa1add43ccec1e",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-node.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-node.yaml
new file mode 100644
index 0000000000..e60a42d747
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-node.yaml
@@ -0,0 +1,1026 @@
+{{- /*
+Generated from 'k8s-resources-node' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-node" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-node.json: |-
+    {
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 1,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+                            {
+                                "alias": "max capacity",
+                                "color": "#F2495C",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(kube_node_status_capacity{cluster=\"$cluster\", node=~\"$node\", resource=\"cpu\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "max capacity",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "CPU Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "CPU Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", node=~\"$node\"}) by (pod) / sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", node=~\"$node\"}) by (pod) / sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+                            {
+                                "alias": "max capacity",
+                                "color": "#F2495C",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(kube_node_status_capacity{cluster=\"$cluster\", node=~\"$node\", resource=\"memory\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "max capacity",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_memory_working_set_bytes{cluster=\"$cluster\", node=~\"$node\", container!=\"\"}) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Usage (w/o cache)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Memory Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Usage (RSS)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Usage (Cache)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #G",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Usage (Swap)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #H",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_memory_working_set_bytes{cluster=\"$cluster\", node=~\"$node\",container!=\"\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_requests{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_memory_working_set_bytes{cluster=\"$cluster\", node=~\"$node\",container!=\"\"}) by (pod) / sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_requests{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_limits{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_memory_working_set_bytes{cluster=\"$cluster\", node=~\"$node\",container!=\"\"}) by (pod) / sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_limits{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_memory_rss{cluster=\"$cluster\", node=~\"$node\",container!=\"\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_memory_cache{cluster=\"$cluster\", node=~\"$node\",container!=\"\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "G",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_memory_swap{cluster=\"$cluster\", node=~\"$node\",container!=\"\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "H",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Quota",
+                "titleSize": "h6"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"kube-state-metrics\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": true,
+                    "name": "node",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kube_node_info{cluster=\"$cluster\"}, node)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Compute Resources / Node (Pods)",
+        "uid": "200ac8fdbfbb74b39aff88118e4d1c2c",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-pod.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-pod.yaml
new file mode 100644
index 0000000000..80fab51c00
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-pod.yaml
@@ -0,0 +1,2469 @@
+{{- /*
+Generated from 'k8s-resources-pod' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-pod" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-pod.json: |-
+    {
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 1,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+                            {
+                                "alias": "requests",
+                                "color": "#F2495C",
+                                "fill": 0,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            },
+                            {
+                                "alias": "limits",
+                                "color": "#FF9830",
+                                "fill": 0,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{namespace=\"$namespace\", pod=\"$pod\", cluster=\"$cluster\"}) by (container)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}container{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", resource=\"cpu\"}\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "requests",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", resource=\"cpu\"}\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "limits",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": true,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(increase(container_cpu_cfs_throttled_periods_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", namespace=\"$namespace\", pod=\"$pod\", container!=\"\", cluster=\"$cluster\"}[$__rate_interval])) by (container) /sum(increase(container_cpu_cfs_periods_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", namespace=\"$namespace\", pod=\"$pod\", container!=\"\", cluster=\"$cluster\"}[$__rate_interval])) by (container)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}container{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+                            {
+                                "colorMode": "critical",
+                                "fill": true,
+                                "line": true,
+                                "op": "gt",
+                                "value": 0.25,
+                                "yaxis": "left"
+                            }
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Throttling",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": 1,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Throttling",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "CPU Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "CPU Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Container",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "container",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container) / sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container) / sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+                            {
+                                "alias": "requests",
+                                "color": "#F2495C",
+                                "dashes": true,
+                                "fill": 0,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            },
+                            {
+                                "alias": "limits",
+                                "color": "#FF9830",
+                                "dashes": true,
+                                "fill": 0,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", container!=\"\", image!=\"\"}) by (container)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}container{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", resource=\"memory\"}\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "requests",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", resource=\"memory\"}\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "limits",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Usage (WSS)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Memory Usage (WSS)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Usage (RSS)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Usage (Cache)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #G",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Usage (Swap)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #H",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Container",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "container",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", container!=\"\", image!=\"\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_requests{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", image!=\"\"}) by (container) / sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_requests{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_limits{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", container!=\"\", image!=\"\"}) by (container) / sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_limits{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_rss{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", container != \"\", container != \"POD\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_cache{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", container != \"\", container != \"POD\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "G",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_swap{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", container != \"\", container != \"POD\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "H",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Receive Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Transmit Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 11,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets Dropped",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "decimals": -1,
+                        "fill": 10,
+                        "id": 12,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "ceil(sum by(pod) (rate(container_fs_reads_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval])))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Reads",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "ceil(sum by(pod) (rate(container_fs_writes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\",namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval])))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Writes",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "IOPS",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 13,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_reads_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Reads",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_writes_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Writes",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "ThroughPut",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Storage IO - Distribution(Pod - Read & Writes)",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "decimals": -1,
+                        "fill": 10,
+                        "id": 14,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "ceil(sum by(container) (rate(container_fs_reads_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]) + rate(container_fs_writes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval])))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}container{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "IOPS(Reads+Writes)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 15,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by(container) (rate(container_fs_reads_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]) + rate(container_fs_writes_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}container{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "ThroughPut(Read+Write)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Storage IO - Distribution(Containers)",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 16,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "sort": {
+                            "col": 4,
+                            "desc": true
+                        },
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "IOPS(Reads)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "IOPS(Writes)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "IOPS(Reads + Writes)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Throughput(Read)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Throughput(Write)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Throughput(Read + Write)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Container",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "container",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum by(container) (rate(container_fs_reads_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(container) (rate(container_fs_writes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\",device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(container) (rate(container_fs_reads_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]) + rate(container_fs_writes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(container) (rate(container_fs_reads_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(container) (rate(container_fs_writes_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(container) (rate(container_fs_reads_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]) + rate(container_fs_writes_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Current Storage IO",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Storage IO - Distribution",
+                "titleSize": "h6"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"kube-state-metrics\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kube_namespace_status_phase{job=\"kube-state-metrics\", cluster=\"$cluster\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "pod",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kube_pod_info{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\"}, pod)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Compute Resources / Pod",
+        "uid": "6581e46e4e5c7ba40a07646395ef7b23",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-cluster.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-cluster.yaml
new file mode 100644
index 0000000000..d77170afd8
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-cluster.yaml
@@ -0,0 +1,24 @@
+{{- /*
+Generated from 'k8s-resources-windows-cluster' from https://github.com/kubernetes-monitoring/kubernetes-mixin.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled .Values.windowsMonitoring.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ template "kube-prometheus-stack-grafana.namespace" . }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-windows-cluster" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-windows-cluster.json: |-
+    {{`{"__inputs":[],"__requires":[],"annotations":{"list":[]},"editable":`}}{{ .Values.grafana.defaultDashboardsEditable }}{{`,"gnetId":null,"graphTooltip":0,"hideControls":false,"id":null,"links":[],"refresh":"","rows":[{"collapse":false,"height":"100px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":2,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"1 - avg(rate(windows_cpu_time_total{cluster=\"$cluster\", job=\"windows-exporter\", mode=\"idle\"}[1m]))","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"CPU Utilisation","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":3,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(kube_pod_windows_container_resource_cpu_cores_request{cluster=\"$cluster\"}) / sum(node:windows_node_num_cpu:sum{cluster=\"$cluster\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"CPU Requests Commitment","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":4,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(kube_pod_windows_container_resource_cpu_cores_limit{cluster=\"$cluster\"}) / sum(node:windows_node_num_cpu:sum{cluster=\"$cluster\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"CPU Limits Commitment","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":5,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"1 - sum(:windows_node_memory_MemFreeCached_bytes:sum{cluster=\"$cluster\"}) / sum(:windows_node_memory_MemTotal_bytes:sum{cluster=\"$cluster\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"Memory Utilisation","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":6,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(kube_pod_windows_container_resource_memory_request{cluster=\"$cluster\"}) / sum(:windows_node_memory_MemTotal_bytes:sum{cluster=\"$cluster\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"Memory Requests Commitment","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":7,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(kube_pod_windows_container_resource_memory_limit{cluster=\"$cluster\"}) / sum(:windows_node_memory_MemTotal_bytes:sum{cluster=\"$cluster\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"Memory Limits Commitment","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":false,"title":"Headlines","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":8,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\"}) by (namespace)","format":"time_series","legendFormat":"{{namespace}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Usage","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":9,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"CPU Usage","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Requests","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Requests %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #C","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"CPU Limits","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #D","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Limits %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #E","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Namespace","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":true,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"/d/490b402361724ab1d4c45666c1fa9b6f/k8s-resources-windows-namespace?var-datasource=$datasource&var-namespace=`}}{{ if .Values.grafana.sidecar.dashboards.enableNewTablePanelSyntax }}${__value.text}{{ else }}$__cell{{ end }}{{`","pattern":"namespace","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"sum(kube_pod_windows_container_resource_cpu_cores_request{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"B"},{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\"}) by (namespace) / sum(kube_pod_windows_container_resource_cpu_cores_request{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"C"},{"expr":"sum(kube_pod_windows_container_resource_cpu_cores_limit{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"D"},{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\"}) by (namespace) / sum(kube_pod_windows_container_resource_cpu_cores_limit{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"E"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Quota","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU Quota","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":10,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\"}) by (namespace)","format":"time_series","legendFormat":"{{namespace}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Usage (Private Working Set)","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"decbytes","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":11,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"Memory Usage","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Requests","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Requests %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #C","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Memory Limits","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #D","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Limits %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #E","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Namespace","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":true,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"/d/490b402361724ab1d4c45666c1fa9b6f/k8s-resources-windows-namespace?var-datasource=$datasource&var-namespace=`}}{{ if .Values.grafana.sidecar.dashboards.enableNewTablePanelSyntax }}${__value.text}{{ else }}$__cell{{ end }}{{`","pattern":"namespace","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"sum(kube_pod_windows_container_resource_memory_request{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"B"},{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\"}) by (namespace) / sum(kube_pod_windows_container_resource_memory_request{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"C"},{"expr":"sum(kube_pod_windows_container_resource_memory_limit{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"D"},{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\"}) by (namespace) / sum(kube_pod_windows_container_resource_memory_limit{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"E"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Requests by Namespace","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory Requests","titleSize":"h6"}],"schemaVersion":14,"style":"dark","tags":["kubernetes-mixin"],"templating":{"list":[{"current":{"text":"default","value":"default"},"hide":0,"label":null,"name":"datasource","options":[],"query":"prometheus","refresh":1,"regex":"","type":"datasource"},{"allValue":null,"current":{},"datasource":"$datasource","hide":`}}{{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }}{{`,"includeAll":false,"label":"cluster","multi":false,"name":"cluster","options":[],"query":"label_values(up{job=\"windows-exporter\"}, cluster)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false}]},"time":{"from":"now-6h","to":"now"},"timepicker":{"refresh_intervals":["5s","10s","30s","1m","5m","15m","30m","1h","2h","1d"],"time_options":["5m","15m","1h","6h","12h","24h","2d","7d","30d"]},"timezone": "`}}{{ .Values.grafana.defaultDashboardsTimezone }}{{`","title":"Kubernetes / Compute Resources / Cluster(Windows)","uid":"4d08557fd9391b100730f2494bccac68","version":0}`}}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-namespace.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-namespace.yaml
new file mode 100644
index 0000000000..13a1fc3abd
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-namespace.yaml
@@ -0,0 +1,24 @@
+{{- /*
+Generated from 'k8s-resources-windows-namespace' from https://github.com/kubernetes-monitoring/kubernetes-mixin.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled .Values.windowsMonitoring.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ template "kube-prometheus-stack-grafana.namespace" . }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-windows-namespace" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-windows-namespace.json: |-
+    {{`{"__inputs":[],"__requires":[],"annotations":{"list":[]},"editable":`}}{{ .Values.grafana.defaultDashboardsEditable }}{{`,"gnetId":null,"graphTooltip":0,"hideControls":false,"id":null,"links":[],"refresh":"","rows":[{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":2,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"time_series","legendFormat":"{{pod}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Usage","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU Usage","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":3,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"CPU Usage","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Requests","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Requests %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #C","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"CPU Limits","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #D","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Limits %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #E","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Pod","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":true,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"/d/40597a704a610e936dc6ed374a7ce023/k8s-resources-windows-pod?var-datasource=$datasource&var-namespace=$namespace&var-pod=`}}{{ if .Values.grafana.sidecar.dashboards.enableNewTablePanelSyntax }}${__value.text}{{ else }}$__cell{{ end }}{{`","pattern":"pod","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"sum(kube_pod_windows_container_resource_cpu_cores_request{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"B"},{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod) / sum(kube_pod_windows_container_resource_cpu_cores_request{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"C"},{"expr":"sum(kube_pod_windows_container_resource_cpu_cores_limit{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"D"},{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod) / sum(kube_pod_windows_container_resource_cpu_cores_limit{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"E"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Quota","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU Quota","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":4,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"time_series","legendFormat":"{{pod}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Usage","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"decbytes","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory Usage","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":5,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"Memory Usage","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Requests","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Requests %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #C","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Memory Limits","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #D","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Limits %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #E","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Pod","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":true,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"/d/40597a704a610e936dc6ed374a7ce023/k8s-resources-windows-pod?var-datasource=$datasource&var-namespace=$namespace&var-pod=`}}{{ if .Values.grafana.sidecar.dashboards.enableNewTablePanelSyntax }}${__value.text}{{ else }}$__cell{{ end }}{{`","pattern":"pod","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"sum(kube_pod_windows_container_resource_memory_request{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"B"},{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod) / sum(kube_pod_windows_container_resource_memory_request{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"C"},{"expr":"sum(kube_pod_windows_container_resource_memory_limit{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"D"},{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod) / sum(kube_pod_windows_container_resource_memory_limit{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"E"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Quota","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory Quota","titleSize":"h6"}],"schemaVersion":14,"style":"dark","tags":["kubernetes-mixin"],"templating":{"list":[{"current":{"selected":true,"text":"default","value":"default"},"hide":0,"label":null,"name":"datasource","options":[],"query":"prometheus","refresh":1,"regex":"","type":"datasource"},{"allValue":null,"current":{},"datasource":"$datasource","hide":`}}{{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }}{{`,"includeAll":false,"label":"cluster","multi":false,"name":"cluster","options":[],"query":"label_values(up{job=\"windows-exporter\"}, cluster)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false},{"allValue":null,"current":{},"datasource":"$datasource","hide":0,"includeAll":false,"label":"Namespace","multi":false,"name":"namespace","options":[],"query":"label_values(windows_pod_container_available{cluster=\"$cluster\"}, namespace)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false}]},"time":{"from":"now-6h","to":"now"},"timepicker":{"refresh_intervals":["5s","10s","30s","1m","5m","15m","30m","1h","2h","1d"],"time_options":["5m","15m","1h","6h","12h","24h","2d","7d","30d"]},"timezone": "`}}{{ .Values.grafana.defaultDashboardsTimezone }}{{`","title":"Kubernetes / Compute Resources / Namespace(Windows)","uid":"490b402361724ab1d4c45666c1fa9b6f","version":0}`}}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-pod.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-pod.yaml
new file mode 100644
index 0000000000..6686e54053
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-pod.yaml
@@ -0,0 +1,24 @@
+{{- /*
+Generated from 'k8s-resources-windows-pod' from https://github.com/kubernetes-monitoring/kubernetes-mixin.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled .Values.windowsMonitoring.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ template "kube-prometheus-stack-grafana.namespace" . }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-windows-pod" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-windows-pod.json: |-
+    {{`{"__inputs":[],"__requires":[],"annotations":{"list":[]},"editable":`}}{{ .Values.grafana.defaultDashboardsEditable }}{{`,"gnetId":null,"graphTooltip":0,"hideControls":false,"id":null,"links":[],"refresh":"","rows":[{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":2,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"time_series","legendFormat":"{{container}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Usage","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU Usage","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":3,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"CPU Usage","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Requests","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Requests %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #C","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"CPU Limits","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #D","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Limits %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #E","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Container","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"container","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"sum(kube_pod_windows_container_resource_cpu_cores_request{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"B"},{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container) / sum(kube_pod_windows_container_resource_cpu_cores_request{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"C"},{"expr":"sum(kube_pod_windows_container_resource_cpu_cores_limit{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"D"},{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container) / sum(kube_pod_windows_container_resource_cpu_cores_limit{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"E"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Quota","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU Quota","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":4,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"time_series","legendFormat":"{{container}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Usage","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory Usage","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":5,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"Memory Usage","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Requests","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Requests %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #C","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Memory Limits","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #D","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Limits %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #E","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Container","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"container","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"sum(kube_pod_windows_container_resource_memory_request{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"B"},{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container) / sum(kube_pod_windows_container_resource_memory_request{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"C"},{"expr":"sum(kube_pod_windows_container_resource_memory_limit{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"D"},{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container) / sum(kube_pod_windows_container_resource_memory_limit{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"E"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Quota","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory Quota","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"fillGradient":0,"id":6,"legend":{"alignAsTable":true,"avg":true,"current":true,"max":false,"min":false,"rightSide":true,"show":true,"sideWidth":null,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null","percentage":false,"pointradius":5,"points":false,"renderer":"flot","repeat":null,"seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"targets":[{"expr":"sort_desc(sum by (container) (rate(windows_container_network_received_bytes_total{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[1m])))","format":"time_series","intervalFactor":2,"legendFormat":"Received : {{ container }}","refId":"A"},{"expr":"sort_desc(sum by (container) (rate(windows_container_network_transmitted_bytes_total{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[1m])))","format":"time_series","intervalFactor":2,"legendFormat":"Transmitted : {{ container }}","refId":"B"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Network I/O","tooltip":{"shared":true,"sort":0,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"bytes","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"bytes","label":null,"logBase":1,"max":null,"min":0,"show":true}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Network I/O","titleSize":"h6"}],"schemaVersion":14,"style":"dark","tags":["kubernetes-mixin"],"templating":{"list":[{"current":{"text":"default","value":"default"},"hide":0,"label":null,"name":"datasource","options":[],"query":"prometheus","refresh":1,"regex":"","type":"datasource"},{"allValue":null,"current":{},"datasource":"$datasource","hide":`}}{{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }}{{`,"includeAll":false,"label":"cluster","multi":false,"name":"cluster","options":[],"query":"label_values(up{job=\"windows-exporter\"}, cluster)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false},{"allValue":null,"current":{},"datasource":"$datasource","hide":0,"includeAll":false,"label":"Namespace","multi":false,"name":"namespace","options":[],"query":"label_values(windows_pod_container_available{cluster=\"$cluster\"}, namespace)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false},{"allValue":null,"current":{},"datasource":"$datasource","hide":0,"includeAll":false,"label":"Pod","multi":false,"name":"pod","options":[],"query":"label_values(windows_pod_container_available{cluster=\"$cluster\",namespace=\"$namespace\"}, pod)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false}]},"time":{"from":"now-6h","to":"now"},"timepicker":{"refresh_intervals":["5s","10s","30s","1m","5m","15m","30m","1h","2h","1d"],"time_options":["5m","15m","1h","6h","12h","24h","2d","7d","30d"]},"timezone": "`}}{{ .Values.grafana.defaultDashboardsTimezone }}{{`","title":"Kubernetes / Compute Resources / Pod(Windows)","uid":"40597a704a610e936dc6ed374a7ce023","version":0}`}}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-workload.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-workload.yaml
new file mode 100644
index 0000000000..e2a63ae208
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-workload.yaml
@@ -0,0 +1,2024 @@
+{{- /*
+Generated from 'k8s-resources-workload' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-workload" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-workload.json: |-
+    {
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 1,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(\n    node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "CPU Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "CPU Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "d/6581e46e4e5c7ba40a07646395ef7b23/k8s-resources-pod?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-pod=$__cell",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(\n    node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n/sum(\n    kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n/sum(\n    kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(\n    container_memory_working_set_bytes{cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Memory Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "d/6581e46e4e5c7ba40a07646395ef7b23/k8s-resources-pod?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-pod=$__cell",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(\n    container_memory_working_set_bytes{cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    container_memory_working_set_bytes{cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n/sum(\n    kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    container_memory_working_set_bytes{cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n/sum(\n    kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Current Receive Bandwidth",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Current Transmit Bandwidth",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Rate of Received Packets",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Transmitted Packets",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Received Packets Dropped",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Transmitted Packets Dropped",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "d/6581e46e4e5c7ba40a07646395ef7b23/k8s-resources-pod?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-pod=$__cell",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Current Network Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Network Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Receive Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Transmit Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(avg(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Container Bandwidth by Pod: Received",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(avg(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Container Bandwidth by Pod: Transmitted",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Average Container Bandwidth by Pod",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 11,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 12,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 13,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets Dropped",
+                "titleSize": "h6"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"kube-state-metrics\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kube_namespace_status_phase{job=\"kube-state-metrics\", cluster=\"$cluster\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "type",
+                    "options": [
+
+                    ],
+                    "query": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\"}, workload_type)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "workload",
+                    "options": [
+
+                    ],
+                    "query": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}, workload)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Compute Resources / Workload",
+        "uid": "a164a7f0339f99e89cea5cb47e9be617",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-workloads-namespace.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-workloads-namespace.yaml
new file mode 100644
index 0000000000..95d758ea2d
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-workloads-namespace.yaml
@@ -0,0 +1,2189 @@
+{{- /*
+Generated from 'k8s-resources-workloads-namespace' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-workloads-namespace" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-workloads-namespace.json: |-
+    {
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 1,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+                            {
+                                "alias": "quota - requests",
+                                "color": "#F2495C",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            },
+                            {
+                                "alias": "quota - limits",
+                                "color": "#FF9830",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(\n  node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}} - {{`{{`}}workload_type{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "scalar(kube_resourcequota{cluster=\"$cluster\", namespace=\"$namespace\", type=\"hard\",resource=\"requests.cpu\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "quota - requests",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "scalar(kube_resourcequota{cluster=\"$cluster\", namespace=\"$namespace\", type=\"hard\",resource=\"limits.cpu\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "quota - limits",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Running Pods",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 0,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "CPU Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Workload",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "d/a164a7f0339f99e89cea5cb47e9be617/k8s-resources-workload?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-workload=$__cell&var-type=$__cell_2",
+                                "pattern": "workload",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Workload Type",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "workload_type",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "count(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}) by (workload, workload_type)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n  node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n  kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n  node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n/sum(\n  kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n  kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n  node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n/sum(\n  kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+                            {
+                                "alias": "quota - requests",
+                                "color": "#F2495C",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            },
+                            {
+                                "alias": "quota - limits",
+                                "color": "#FF9830",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(\n    container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}} - {{`{{`}}workload_type{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "scalar(kube_resourcequota{cluster=\"$cluster\", namespace=\"$namespace\", type=\"hard\",resource=\"requests.memory\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "quota - requests",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "scalar(kube_resourcequota{cluster=\"$cluster\", namespace=\"$namespace\", type=\"hard\",resource=\"limits.memory\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "quota - limits",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Running Pods",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 0,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Memory Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Workload",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "d/a164a7f0339f99e89cea5cb47e9be617/k8s-resources-workload?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-workload=$__cell&var-type=$__cell_2",
+                                "pattern": "workload",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Workload Type",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "workload_type",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "count(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}) by (workload, workload_type)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n  kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n/sum(\n  kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n  kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n/sum(\n  kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Current Receive Bandwidth",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Current Transmit Bandwidth",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Rate of Received Packets",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Transmitted Packets",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Received Packets Dropped",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Transmitted Packets Dropped",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Workload",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/a164a7f0339f99e89cea5cb47e9be617/k8s-resources-workload?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-workload=$__cell&var-type=$type",
+                                "pattern": "workload",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Workload Type",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "workload_type",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Current Network Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Network Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Receive Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Transmit Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(avg(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Container Bandwidth by Workload: Received",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(avg(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Container Bandwidth by Workload: Transmitted",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Average Container Bandwidth by Workload",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 11,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 12,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 13,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets Dropped",
+                "titleSize": "h6"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"kube-state-metrics\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kube_pod_info{job=\"kube-state-metrics\", cluster=\"$cluster\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "deployment",
+                        "value": "deployment"
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\"}, workload_type)",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "type",
+                    "options": [
+
+                    ],
+                    "query": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\"}, workload_type)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Compute Resources / Namespace (Workloads)",
+        "uid": "a87fb0d919ec0ea5f6543124e16c42a5",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-windows-cluster-rsrc-use.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-windows-cluster-rsrc-use.yaml
new file mode 100644
index 0000000000..d9ce9d738c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-windows-cluster-rsrc-use.yaml
@@ -0,0 +1,24 @@
+{{- /*
+Generated from 'k8s-windows-cluster-rsrc-use' from https://github.com/kubernetes-monitoring/kubernetes-mixin.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled .Values.windowsMonitoring.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ template "kube-prometheus-stack-grafana.namespace" . }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-windows-cluster-rsrc-use" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-windows-cluster-rsrc-use.json: |-
+    {{`{"__inputs":[],"__requires":[],"annotations":{"list":[]},"editable":`}}{{ .Values.grafana.defaultDashboardsEditable }}{{`,"gnetId":null,"graphTooltip":0,"hideControls":false,"id":null,"links":[],"refresh":"","rows":[{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":2,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"node:windows_node_cpu_utilisation:avg1m{cluster=\"$cluster\"} * node:windows_node_num_cpu:sum{cluster=\"$cluster\"} / scalar(sum(node:windows_node_num_cpu:sum{cluster=\"$cluster\"}))","format":"time_series","legendFormat":"{{instance}}","legendLink":"/d/96e7484b0bb53b74fbc2bcb7723cd40b/k8s-windows-node-rsrc-use"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Utilisation","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":1,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":3,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":true,"steppedLine":false,"targets":[{"expr":"node:windows_node_memory_utilisation:ratio{cluster=\"$cluster\"}","format":"time_series","legendFormat":"{{instance}}","legendLink":"/d/96e7484b0bb53b74fbc2bcb7723cd40b/k8s-windows-node-rsrc-use"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Utilisation","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":1,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":4,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":true,"steppedLine":false,"targets":[{"expr":"node:windows_node_memory_swap_io_pages:irate{cluster=\"$cluster\"}","format":"time_series","legendFormat":"{{instance}}","legendLink":"/d/96e7484b0bb53b74fbc2bcb7723cd40b/k8s-windows-node-rsrc-use"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Saturation (Swap I/O Pages)","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":5,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"node:windows_node_disk_utilisation:avg_irate{cluster=\"$cluster\"} / scalar(node:windows_node:sum{cluster=\"$cluster\"})","format":"time_series","legendFormat":"{{instance}}","legendLink":"/d/96e7484b0bb53b74fbc2bcb7723cd40b/k8s-windows-node-rsrc-use"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Disk IO Utilisation","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":1,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Disk","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":6,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":true,"steppedLine":false,"targets":[{"expr":"node:windows_node_net_utilisation:sum_irate{cluster=\"$cluster\"}","format":"time_series","legendFormat":"{{instance}}","legendLink":"/d/96e7484b0bb53b74fbc2bcb7723cd40b/k8s-windows-node-rsrc-use"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Net Utilisation (Transmitted)","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"Bps","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":7,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":true,"steppedLine":false,"targets":[{"expr":"node:windows_node_net_saturation:sum_irate{cluster=\"$cluster\"}","format":"time_series","legendFormat":"{{instance}}","legendLink":"/d/96e7484b0bb53b74fbc2bcb7723cd40b/k8s-windows-node-rsrc-use"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Net Saturation (Dropped)","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"Bps","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Network","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":8,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"sum by (instance)(node:windows_node_filesystem_usage:{cluster=\"$cluster\"})\n","format":"time_series","legendFormat":"{{instance}}","legendLink":"/d/96e7484b0bb53b74fbc2bcb7723cd40b/k8s-windows-node-rsrc-use"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Disk Capacity","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":1,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Storage","titleSize":"h6"}],"schemaVersion":14,"style":"dark","tags":["kubernetes-mixin"],"templating":{"list":[{"current":{"text":"default","value":"default"},"hide":0,"label":null,"name":"datasource","options":[],"query":"prometheus","refresh":1,"regex":"","type":"datasource"},{"allValue":null,"current":{},"datasource":"$datasource","hide":`}}{{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }}{{`,"includeAll":false,"label":"cluster","multi":false,"name":"cluster","options":[],"query":"label_values(up{job=\"windows-exporter\"}, cluster)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false}]},"time":{"from":"now-6h","to":"now"},"timepicker":{"refresh_intervals":["5s","10s","30s","1m","5m","15m","30m","1h","2h","1d"],"time_options":["5m","15m","1h","6h","12h","24h","2d","7d","30d"]},"timezone": "`}}{{ .Values.grafana.defaultDashboardsTimezone }}{{`","title":"Kubernetes / USE Method / Cluster(Windows)","uid":"53a43377ec9aaf2ff64dfc7a1f539334","version":0}`}}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-windows-node-rsrc-use.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-windows-node-rsrc-use.yaml
new file mode 100644
index 0000000000..a7608496a3
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/k8s-windows-node-rsrc-use.yaml
@@ -0,0 +1,24 @@
+{{- /*
+Generated from 'k8s-windows-node-rsrc-use' from https://github.com/kubernetes-monitoring/kubernetes-mixin.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled .Values.windowsMonitoring.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ template "kube-prometheus-stack-grafana.namespace" . }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-windows-node-rsrc-use" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-windows-node-rsrc-use.json: |-
+    {{`{"__inputs":[],"__requires":[],"annotations":{"list":[]},"editable":`}}{{ .Values.grafana.defaultDashboardsEditable }}{{`,"gnetId":null,"graphTooltip":0,"hideControls":false,"id":null,"links":[],"refresh":"","rows":[{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":2,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":false,"steppedLine":false,"targets":[{"expr":"node:windows_node_cpu_utilisation:avg1m{cluster=\"$cluster\", instance=\"$instance\"}","format":"time_series","legendFormat":"Utilisation","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Utilisation","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":3,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":false,"steppedLine":false,"targets":[{"expr":"sum by (core) (irate(windows_cpu_time_total{cluster=\"$cluster\", job=\"windows-exporter\", mode!=\"idle\", instance=\"$instance\"}[$__rate_interval]))","format":"time_series","legendFormat":"{{core}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Usage Per Core","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":4,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":4,"stack":false,"steppedLine":false,"targets":[{"expr":"node:windows_node_memory_utilisation:{cluster=\"$cluster\", instance=\"$instance\"}","format":"time_series","legendFormat":"Memory","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Utilisation %","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"fillGradient":0,"id":5,"legend":{"alignAsTable":false,"avg":false,"current":false,"max":false,"min":false,"rightSide":false,"show":true,"sideWidth":null,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null","percentage":false,"pointradius":5,"points":false,"renderer":"flot","repeat":null,"seriesOverrides":[],"spaceLength":10,"span":4,"stack":false,"steppedLine":false,"targets":[{"expr":"max(\n  windows_os_visible_memory_bytes{cluster=\"$cluster\", job=\"windows-exporter\", instance=\"$instance\"}\n  - windows_memory_available_bytes{cluster=\"$cluster\", job=\"windows-exporter\", instance=\"$instance\"}\n)\n","format":"time_series","intervalFactor":2,"legendFormat":"memory used","refId":"A"},{"expr":"max(node:windows_node_memory_totalCached_bytes:sum{cluster=\"$cluster\", instance=\"$instance\"})","format":"time_series","intervalFactor":2,"legendFormat":"memory cached","refId":"B"},{"expr":"max(windows_memory_available_bytes{cluster=\"$cluster\", job=\"windows-exporter\", instance=\"$instance\"})","format":"time_series","intervalFactor":2,"legendFormat":"memory free","refId":"C"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Usage","tooltip":{"shared":true,"sort":0,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"bytes","label":null,"logBase":1,"max":null,"min":null,"show":true},{"format":"bytes","label":null,"logBase":1,"max":null,"min":null,"show":true}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":6,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":4,"stack":false,"steppedLine":false,"targets":[{"expr":"node:windows_node_memory_swap_io_pages:irate{cluster=\"$cluster\", instance=\"$instance\"}","format":"time_series","legendFormat":"Swap IO","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Saturation (Swap I/O) Pages","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":7,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":false,"steppedLine":false,"targets":[{"expr":"node:windows_node_disk_utilisation:avg_irate{cluster=\"$cluster\", instance=\"$instance\"}","format":"time_series","legendFormat":"Utilisation","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Disk IO Utilisation","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"fillGradient":0,"id":8,"legend":{"alignAsTable":false,"avg":false,"current":false,"max":false,"min":false,"rightSide":false,"show":true,"sideWidth":null,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null","percentage":false,"pointradius":5,"points":false,"renderer":"flot","repeat":null,"seriesOverrides":[{"alias":"read","yaxis":1},{"alias":"io time","yaxis":2}],"spaceLength":10,"span":6,"stack":false,"steppedLine":false,"targets":[{"expr":"max(rate(windows_logical_disk_read_bytes_total{cluster=\"$cluster\", job=\"windows-exporter\", instance=\"$instance\"}[2m]))","format":"time_series","intervalFactor":2,"legendFormat":"read","refId":"A"},{"expr":"max(rate(windows_logical_disk_write_bytes_total{cluster=\"$cluster\", job=\"windows-exporter\", instance=\"$instance\"}[2m]))","format":"time_series","intervalFactor":2,"legendFormat":"written","refId":"B"},{"expr":"max(rate(windows_logical_disk_read_seconds_total{cluster=\"$cluster\", job=\"windows-exporter\",  instance=\"$instance\"}[2m]) + rate(windows_logical_disk_write_seconds_total{cluster=\"$cluster\", job=\"windows-exporter\", instance=\"$instance\"}[2m]))","format":"time_series","intervalFactor":2,"legendFormat":"io time","refId":"C"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Disk I/O","tooltip":{"shared":true,"sort":0,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"bytes","label":null,"logBase":1,"max":null,"min":null,"show":true},{"format":"ms","label":null,"logBase":1,"max":null,"min":null,"show":true}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Disk","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":9,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":false,"steppedLine":false,"targets":[{"expr":"node:windows_node_net_utilisation:sum_irate{cluster=\"$cluster\", instance=\"$instance\"}","format":"time_series","legendFormat":"Utilisation","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Net Utilisation (Transmitted)","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"Bps","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":10,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":false,"steppedLine":false,"targets":[{"expr":"node:windows_node_net_saturation:sum_irate{cluster=\"$cluster\", instance=\"$instance\"}","format":"time_series","legendFormat":"Saturation","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Net Saturation (Dropped)","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"Bps","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Net","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":11,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"targets":[{"expr":"node:windows_node_filesystem_usage:{cluster=\"$cluster\", instance=\"$instance\"}\n","format":"time_series","legendFormat":"{{volume}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Disk Utilisation","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Disk","titleSize":"h6"}],"schemaVersion":14,"style":"dark","tags":["kubernetes-mixin"],"templating":{"list":[{"current":{"text":"default","value":"default"},"hide":0,"label":null,"name":"datasource","options":[],"query":"prometheus","refresh":1,"regex":"","type":"datasource"},{"allValue":null,"current":{},"datasource":"$datasource","hide":`}}{{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }}{{`,"includeAll":false,"label":"cluster","multi":false,"name":"cluster","options":[],"query":"label_values(up{job=\"windows-exporter\"}, cluster)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false},{"allValue":null,"current":{},"datasource":"$datasource","hide":0,"includeAll":false,"label":"Instance","multi":false,"name":"instance","options":[],"query":"label_values(windows_system_system_up_time{cluster=\"$cluster\"}, instance)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false}]},"time":{"from":"now-6h","to":"now"},"timepicker":{"refresh_intervals":["5s","10s","30s","1m","5m","15m","30m","1h","2h","1d"],"time_options":["5m","15m","1h","6h","12h","24h","2d","7d","30d"]},"timezone": "`}}{{ .Values.grafana.defaultDashboardsTimezone }}{{`","title":"Kubernetes / USE Method / Node(Windows)","uid":"96e7484b0bb53b74fbc2bcb7723cd40b","version":0}`}}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/kubelet.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/kubelet.yaml
new file mode 100644
index 0000000000..74a5303f8f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/kubelet.yaml
@@ -0,0 +1,2256 @@
+{{- /*
+Generated from 'kubelet' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+{{- if (include "exporter.kubelet.enabled" .) }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "kubelet" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  kubelet.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "panels": [
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "links": [
+
+                        ],
+                        "mappings": [
+
+                        ],
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+
+                            ]
+                        },
+                        "unit": "none"
+                    }
+                },
+                "gridPos": {
+                    "h": 7,
+                    "w": 4,
+                    "x": 0,
+                    "y": 0
+                },
+                "id": 2,
+                "links": [
+
+                ],
+                "options": {
+                    "colorMode": "value",
+                    "graphMode": "area",
+                    "justifyMode": "auto",
+                    "orientation": "auto",
+                    "reduceOptions": {
+                        "calcs": [
+                            "lastNotNull"
+                        ],
+                        "fields": "",
+                        "values": false
+                    },
+                    "textMode": "auto"
+                },
+                "pluginVersion": "7",
+                "targets": [
+                    {
+                        "expr": "sum(kubelet_node_name{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\"})",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "A"
+                    }
+                ],
+                "title": "Running Kubelets",
+                "transparent": false,
+                "type": "stat"
+            },
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "links": [
+
+                        ],
+                        "mappings": [
+
+                        ],
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+
+                            ]
+                        },
+                        "unit": "none"
+                    }
+                },
+                "gridPos": {
+                    "h": 7,
+                    "w": 4,
+                    "x": 4,
+                    "y": 0
+                },
+                "id": 3,
+                "links": [
+
+                ],
+                "options": {
+                    "colorMode": "value",
+                    "graphMode": "area",
+                    "justifyMode": "auto",
+                    "orientation": "auto",
+                    "reduceOptions": {
+                        "calcs": [
+                            "lastNotNull"
+                        ],
+                        "fields": "",
+                        "values": false
+                    },
+                    "textMode": "auto"
+                },
+                "pluginVersion": "7",
+                "targets": [
+                    {
+                        "expr": "sum(kubelet_running_pods{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"}) OR sum(kubelet_running_pod_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"})",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "title": "Running Pods",
+                "transparent": false,
+                "type": "stat"
+            },
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "links": [
+
+                        ],
+                        "mappings": [
+
+                        ],
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+
+                            ]
+                        },
+                        "unit": "none"
+                    }
+                },
+                "gridPos": {
+                    "h": 7,
+                    "w": 4,
+                    "x": 8,
+                    "y": 0
+                },
+                "id": 4,
+                "links": [
+
+                ],
+                "options": {
+                    "colorMode": "value",
+                    "graphMode": "area",
+                    "justifyMode": "auto",
+                    "orientation": "auto",
+                    "reduceOptions": {
+                        "calcs": [
+                            "lastNotNull"
+                        ],
+                        "fields": "",
+                        "values": false
+                    },
+                    "textMode": "auto"
+                },
+                "pluginVersion": "7",
+                "targets": [
+                    {
+                        "expr": "sum(kubelet_running_containers{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"}) OR sum(kubelet_running_container_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"})",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "title": "Running Containers",
+                "transparent": false,
+                "type": "stat"
+            },
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "links": [
+
+                        ],
+                        "mappings": [
+
+                        ],
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+
+                            ]
+                        },
+                        "unit": "none"
+                    }
+                },
+                "gridPos": {
+                    "h": 7,
+                    "w": 4,
+                    "x": 12,
+                    "y": 0
+                },
+                "id": 5,
+                "links": [
+
+                ],
+                "options": {
+                    "colorMode": "value",
+                    "graphMode": "area",
+                    "justifyMode": "auto",
+                    "orientation": "auto",
+                    "reduceOptions": {
+                        "calcs": [
+                            "lastNotNull"
+                        ],
+                        "fields": "",
+                        "values": false
+                    },
+                    "textMode": "auto"
+                },
+                "pluginVersion": "7",
+                "targets": [
+                    {
+                        "expr": "sum(volume_manager_total_volumes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\", state=\"actual_state_of_world\"})",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "title": "Actual Volume Count",
+                "transparent": false,
+                "type": "stat"
+            },
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "links": [
+
+                        ],
+                        "mappings": [
+
+                        ],
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+
+                            ]
+                        },
+                        "unit": "none"
+                    }
+                },
+                "gridPos": {
+                    "h": 7,
+                    "w": 4,
+                    "x": 16,
+                    "y": 0
+                },
+                "id": 6,
+                "links": [
+
+                ],
+                "options": {
+                    "colorMode": "value",
+                    "graphMode": "area",
+                    "justifyMode": "auto",
+                    "orientation": "auto",
+                    "reduceOptions": {
+                        "calcs": [
+                            "lastNotNull"
+                        ],
+                        "fields": "",
+                        "values": false
+                    },
+                    "textMode": "auto"
+                },
+                "pluginVersion": "7",
+                "targets": [
+                    {
+                        "expr": "sum(volume_manager_total_volumes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\",state=\"desired_state_of_world\"})",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "title": "Desired Volume Count",
+                "transparent": false,
+                "type": "stat"
+            },
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "links": [
+
+                        ],
+                        "mappings": [
+
+                        ],
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+
+                            ]
+                        },
+                        "unit": "none"
+                    }
+                },
+                "gridPos": {
+                    "h": 7,
+                    "w": 4,
+                    "x": 20,
+                    "y": 0
+                },
+                "id": 7,
+                "links": [
+
+                ],
+                "options": {
+                    "colorMode": "value",
+                    "graphMode": "area",
+                    "justifyMode": "auto",
+                    "orientation": "auto",
+                    "reduceOptions": {
+                        "calcs": [
+                            "lastNotNull"
+                        ],
+                        "fields": "",
+                        "values": false
+                    },
+                    "textMode": "auto"
+                },
+                "pluginVersion": "7",
+                "targets": [
+                    {
+                        "expr": "sum(rate(kubelet_node_config_error{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"}[$__rate_interval]))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "title": "Config Error Count",
+                "transparent": false,
+                "type": "stat"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 0,
+                    "y": 7
+                },
+                "id": 8,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(rate(kubelet_runtime_operations_total{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (operation_type, instance)",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}operation_type{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Operation Rate",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 12,
+                    "y": 7
+                },
+                "id": 9,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(rate(kubelet_runtime_operations_errors_total{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance, operation_type)",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}operation_type{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Operation Error Rate",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 24,
+                    "x": 0,
+                    "y": 14
+                },
+                "id": 10,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "histogram_quantile(0.99, sum(rate(kubelet_runtime_operations_duration_seconds_bucket{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance, operation_type, le))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}operation_type{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Operation duration 99th quantile",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 0,
+                    "y": 21
+                },
+                "id": 11,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(rate(kubelet_pod_start_duration_seconds_count{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance)",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} pod",
+                        "refId": "A"
+                    },
+                    {
+                        "expr": "sum(rate(kubelet_pod_worker_duration_seconds_count{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance)",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} worker",
+                        "refId": "B"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Pod Start Rate",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 12,
+                    "y": 21
+                },
+                "id": 12,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "histogram_quantile(0.99, sum(rate(kubelet_pod_start_duration_seconds_bucket{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance, le))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} pod",
+                        "refId": "A"
+                    },
+                    {
+                        "expr": "histogram_quantile(0.99, sum(rate(kubelet_pod_worker_duration_seconds_bucket{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance, le))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} worker",
+                        "refId": "B"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Pod Start Duration",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 0,
+                    "y": 28
+                },
+                "id": 13,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(rate(storage_operation_duration_seconds_count{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance, operation_name, volume_plugin)",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}operation_name{{`}}`}} {{`{{`}}volume_plugin{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Storage Operation Rate",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 12,
+                    "y": 28
+                },
+                "id": 14,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(rate(storage_operation_errors_total{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance, operation_name, volume_plugin)",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}operation_name{{`}}`}} {{`{{`}}volume_plugin{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Storage Operation Error Rate",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 24,
+                    "x": 0,
+                    "y": 35
+                },
+                "id": 15,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "histogram_quantile(0.99, sum(rate(storage_operation_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"}[$__rate_interval])) by (instance, operation_name, volume_plugin, le))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}operation_name{{`}}`}} {{`{{`}}volume_plugin{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Storage Operation Duration 99th quantile",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 0,
+                    "y": 42
+                },
+                "id": 16,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(rate(kubelet_cgroup_manager_duration_seconds_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"}[$__rate_interval])) by (instance, operation_type)",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}operation_type{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Cgroup manager operation rate",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 12,
+                    "y": 42
+                },
+                "id": 17,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "histogram_quantile(0.99, sum(rate(kubelet_cgroup_manager_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"}[$__rate_interval])) by (instance, operation_type, le))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}operation_type{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Cgroup manager 99th quantile",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "description": "Pod lifecycle event generator",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 0,
+                    "y": 49
+                },
+                "id": 18,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(rate(kubelet_pleg_relist_duration_seconds_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"}[$__rate_interval])) by (instance)",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "PLEG relist rate",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 12,
+                    "y": 49
+                },
+                "id": 19,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "histogram_quantile(0.99, sum(rate(kubelet_pleg_relist_interval_seconds_bucket{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance, le))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "PLEG relist interval",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 24,
+                    "x": 0,
+                    "y": 56
+                },
+                "id": 20,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "histogram_quantile(0.99, sum(rate(kubelet_pleg_relist_duration_seconds_bucket{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance, le))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "PLEG relist duration",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 24,
+                    "x": 0,
+                    "y": 63
+                },
+                "id": 21,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\",code=~\"2..\"}[$__rate_interval]))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "2xx",
+                        "refId": "A"
+                    },
+                    {
+                        "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\",code=~\"3..\"}[$__rate_interval]))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "3xx",
+                        "refId": "B"
+                    },
+                    {
+                        "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\",code=~\"4..\"}[$__rate_interval]))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "4xx",
+                        "refId": "C"
+                    },
+                    {
+                        "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\",code=~\"5..\"}[$__rate_interval]))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "5xx",
+                        "refId": "D"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "RPC Rate",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 24,
+                    "x": 0,
+                    "y": 70
+                },
+                "id": 22,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"}[$__rate_interval])) by (instance, verb, url, le))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}verb{{`}}`}} {{`{{`}}url{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Request duration 99th quantile",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 8,
+                    "x": 0,
+                    "y": 77
+                },
+                "id": 23,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "process_resident_memory_bytes{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Memory",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "bytes",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "bytes",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 8,
+                    "x": 8,
+                    "y": 77
+                },
+                "id": 24,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "rate(process_cpu_seconds_total{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "CPU usage",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "short",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "short",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 8,
+                    "x": 16,
+                    "y": 77
+                },
+                "id": 25,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "go_goroutines{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Goroutines",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "short",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "short",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            }
+        ],
+        "refresh": "10s",
+        "rows": [
+
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": "cluster",
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": "instance",
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",cluster=\"$cluster\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Kubelet",
+        "uid": "3138fa155d5915769fbded898ac09fd9",
+        "version": 0
+    }
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/namespace-by-pod.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/namespace-by-pod.yaml
new file mode 100644
index 0000000000..f5c72844fb
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/namespace-by-pod.yaml
@@ -0,0 +1,1464 @@
+{{- /*
+Generated from 'namespace-by-pod' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "namespace-by-pod" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  namespace-by-pod.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+                {
+                    "builtIn": 1,
+                    "datasource": "-- Grafana --",
+                    "enable": true,
+                    "hide": true,
+                    "iconColor": "rgba(0, 211, 255, 1)",
+                    "name": "Annotations & Alerts",
+                    "type": "dashboard"
+                }
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "panels": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 0
+                },
+                "id": 2,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "cacheTimeout": null,
+                "colorBackground": false,
+                "colorValue": false,
+                "colors": [
+                    "#299c46",
+                    "rgba(237, 129, 40, 0.89)",
+                    "#d44a3a"
+                ],
+                "datasource": "$datasource",
+                "decimals": 0,
+                "format": "time_series",
+                "gauge": {
+                    "maxValue": 100,
+                    "minValue": 0,
+                    "show": false,
+                    "thresholdLabels": false,
+                    "thresholdMarkers": true
+                },
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 1
+                },
+                "height": 9,
+                "id": 3,
+                "interval": null,
+                "links": [
+
+                ],
+                "mappingType": 1,
+                "mappingTypes": [
+                    {
+                        "name": "value to text",
+                        "value": 1
+                    },
+                    {
+                        "name": "range to text",
+                        "value": 2
+                    }
+                ],
+                "maxDataPoints": 100,
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "nullText": null,
+                "options": {
+                    "fieldOptions": {
+                        "calcs": [
+                            "last"
+                        ],
+                        "defaults": {
+                            "max": 10000000000,
+                            "min": 0,
+                            "title": "$namespace",
+                            "unit": "Bps"
+                        },
+                        "mappings": [
+
+                        ],
+                        "override": {
+
+                        },
+                        "thresholds": [
+                            {
+                                "color": "dark-green",
+                                "index": 0,
+                                "value": null
+                            },
+                            {
+                                "color": "dark-yellow",
+                                "index": 1,
+                                "value": 5000000000
+                            },
+                            {
+                                "color": "dark-red",
+                                "index": 2,
+                                "value": 7000000000
+                            }
+                        ],
+                        "values": false
+                    }
+                },
+                "postfix": "",
+                "postfixFontSize": "50%",
+                "prefix": "",
+                "prefixFontSize": "50%",
+                "rangeMaps": [
+                    {
+                        "from": "null",
+                        "text": "N/A",
+                        "to": "null"
+                    }
+                ],
+                "span": 12,
+                "sparkline": {
+                    "fillColor": "rgba(31, 118, 189, 0.18)",
+                    "full": false,
+                    "lineColor": "rgb(31, 120, 193)",
+                    "show": false
+                },
+                "tableColumn": "",
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution]))",
+                        "format": "time_series",
+                        "instant": null,
+                        "intervalFactor": 1,
+                        "legendFormat": "",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": "",
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Received",
+                "type": "gauge",
+                "valueFontSize": "80%",
+                "valueMaps": [
+                    {
+                        "op": "=",
+                        "text": "N/A",
+                        "value": "null"
+                    }
+                ],
+                "valueName": "current"
+            },
+            {
+                "cacheTimeout": null,
+                "colorBackground": false,
+                "colorValue": false,
+                "colors": [
+                    "#299c46",
+                    "rgba(237, 129, 40, 0.89)",
+                    "#d44a3a"
+                ],
+                "datasource": "$datasource",
+                "decimals": 0,
+                "format": "time_series",
+                "gauge": {
+                    "maxValue": 100,
+                    "minValue": 0,
+                    "show": false,
+                    "thresholdLabels": false,
+                    "thresholdMarkers": true
+                },
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 1
+                },
+                "height": 9,
+                "id": 4,
+                "interval": null,
+                "links": [
+
+                ],
+                "mappingType": 1,
+                "mappingTypes": [
+                    {
+                        "name": "value to text",
+                        "value": 1
+                    },
+                    {
+                        "name": "range to text",
+                        "value": 2
+                    }
+                ],
+                "maxDataPoints": 100,
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "nullText": null,
+                "options": {
+                    "fieldOptions": {
+                        "calcs": [
+                            "last"
+                        ],
+                        "defaults": {
+                            "max": 10000000000,
+                            "min": 0,
+                            "title": "$namespace",
+                            "unit": "Bps"
+                        },
+                        "mappings": [
+
+                        ],
+                        "override": {
+
+                        },
+                        "thresholds": [
+                            {
+                                "color": "dark-green",
+                                "index": 0,
+                                "value": null
+                            },
+                            {
+                                "color": "dark-yellow",
+                                "index": 1,
+                                "value": 5000000000
+                            },
+                            {
+                                "color": "dark-red",
+                                "index": 2,
+                                "value": 7000000000
+                            }
+                        ],
+                        "values": false
+                    }
+                },
+                "postfix": "",
+                "postfixFontSize": "50%",
+                "prefix": "",
+                "prefixFontSize": "50%",
+                "rangeMaps": [
+                    {
+                        "from": "null",
+                        "text": "N/A",
+                        "to": "null"
+                    }
+                ],
+                "span": 12,
+                "sparkline": {
+                    "fillColor": "rgba(31, 118, 189, 0.18)",
+                    "full": false,
+                    "lineColor": "rgb(31, 120, 193)",
+                    "show": false
+                },
+                "tableColumn": "",
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution]))",
+                        "format": "time_series",
+                        "instant": null,
+                        "intervalFactor": 1,
+                        "legendFormat": "",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": "",
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Transmitted",
+                "type": "gauge",
+                "valueFontSize": "80%",
+                "valueMaps": [
+                    {
+                        "op": "=",
+                        "text": "N/A",
+                        "value": "null"
+                    }
+                ],
+                "valueName": "current"
+            },
+            {
+                "columns": [
+                    {
+                        "text": "Time",
+                        "value": "Time"
+                    },
+                    {
+                        "text": "Value #A",
+                        "value": "Value #A"
+                    },
+                    {
+                        "text": "Value #B",
+                        "value": "Value #B"
+                    },
+                    {
+                        "text": "Value #C",
+                        "value": "Value #C"
+                    },
+                    {
+                        "text": "Value #D",
+                        "value": "Value #D"
+                    },
+                    {
+                        "text": "Value #E",
+                        "value": "Value #E"
+                    },
+                    {
+                        "text": "Value #F",
+                        "value": "Value #F"
+                    },
+                    {
+                        "text": "pod",
+                        "value": "pod"
+                    }
+                ],
+                "datasource": "$datasource",
+                "fill": 1,
+                "fontSize": "100%",
+                "gridPos": {
+                    "h": 9,
+                    "w": 24,
+                    "x": 0,
+                    "y": 10
+                },
+                "id": 5,
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null as zero",
+                "renderer": "flot",
+                "scroll": true,
+                "showHeader": true,
+                "sort": {
+                    "col": 0,
+                    "desc": false
+                },
+                "spaceLength": 10,
+                "span": 24,
+                "styles": [
+                    {
+                        "alias": "Time",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Time",
+                        "thresholds": [
+
+                        ],
+                        "type": "hidden",
+                        "unit": "short"
+                    },
+                    {
+                        "alias": "Bandwidth Received",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #A",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Bandwidth Transmitted",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #B",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Rate of Received Packets",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #C",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Transmitted Packets",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #D",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Received Packets Dropped",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #E",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Transmitted Packets Dropped",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #F",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Pod",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": true,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "d/7a18067ce943a40ae25454675c19ff5c/kubernetes-networking-pod?orgId=1&refresh=30s&var-namespace=$namespace&var-pod=$__cell",
+                        "pattern": "pod",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "short"
+                    }
+                ],
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "A",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "B",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sum(irate(container_network_receive_packets_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "C",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sum(irate(container_network_transmit_packets_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "D",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sum(irate(container_network_receive_packets_dropped_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "E",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sum(irate(container_network_transmit_packets_dropped_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "F",
+                        "step": 10
+                    }
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Status",
+                "type": "table"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 19
+                },
+                "id": 6,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 20
+                },
+                "id": 7,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 12,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Receive Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 20
+                },
+                "id": 8,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 12,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Transmit Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 29
+                },
+                "id": 9,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 10,
+                            "w": 12,
+                            "x": 0,
+                            "y": 30
+                        },
+                        "id": 10,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 10,
+                            "w": 12,
+                            "x": 12,
+                            "y": 30
+                        },
+                        "id": 11,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Packets",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 30
+                },
+                "id": 12,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 10,
+                            "w": 12,
+                            "x": 0,
+                            "y": 40
+                        },
+                        "id": 13,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_dropped_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 10,
+                            "w": 12,
+                            "x": 12,
+                            "y": 40
+                        },
+                        "id": 14,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_dropped_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Errors",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "refresh": "10s",
+        "rows": [
+
+        ],
+        "schemaVersion": 18,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": ".+",
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "kube-system",
+                        "value": "kube-system"
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(container_network_receive_packets_total{cluster=\"$cluster\"}, namespace)",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(container_network_receive_packets_total{cluster=\"$cluster\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "resolution",
+                    "options": [
+                        {
+                            "selected": false,
+                            "text": "30s",
+                            "value": "30s"
+                        },
+                        {
+                            "selected": true,
+                            "text": "5m",
+                            "value": "5m"
+                        },
+                        {
+                            "selected": false,
+                            "text": "1h",
+                            "value": "1h"
+                        }
+                    ],
+                    "query": "30s,5m,1h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 2,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "interval",
+                    "options": [
+                        {
+                            "selected": true,
+                            "text": "4h",
+                            "value": "4h"
+                        }
+                    ],
+                    "query": "4h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Networking / Namespace (Pods)",
+        "uid": "8b7a8b326d7a6f1f04244066368c67af",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/namespace-by-workload.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/namespace-by-workload.yaml
new file mode 100644
index 0000000000..801b09c265
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/namespace-by-workload.yaml
@@ -0,0 +1,1736 @@
+{{- /*
+Generated from 'namespace-by-workload' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "namespace-by-workload" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  namespace-by-workload.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+                {
+                    "builtIn": 1,
+                    "datasource": "-- Grafana --",
+                    "enable": true,
+                    "hide": true,
+                    "iconColor": "rgba(0, 211, 255, 1)",
+                    "name": "Annotations & Alerts",
+                    "type": "dashboard"
+                }
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "panels": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 0
+                },
+                "id": 2,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": true,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 1
+                },
+                "id": 3,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "sort": "current",
+                    "sortDesc": true,
+                    "total": false,
+                    "values": true
+                },
+                "lines": false,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 24,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}} workload {{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Received",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "series",
+                    "name": null,
+                    "show": false,
+                    "values": [
+                        "current"
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": true,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 1
+                },
+                "id": 4,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "sort": "current",
+                    "sortDesc": true,
+                    "total": false,
+                    "values": true
+                },
+                "lines": false,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 24,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}} workload {{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Transmitted",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "series",
+                    "name": null,
+                    "show": false,
+                    "values": [
+                        "current"
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "columns": [
+                    {
+                        "text": "Time",
+                        "value": "Time"
+                    },
+                    {
+                        "text": "Value #A",
+                        "value": "Value #A"
+                    },
+                    {
+                        "text": "Value #B",
+                        "value": "Value #B"
+                    },
+                    {
+                        "text": "Value #C",
+                        "value": "Value #C"
+                    },
+                    {
+                        "text": "Value #D",
+                        "value": "Value #D"
+                    },
+                    {
+                        "text": "Value #E",
+                        "value": "Value #E"
+                    },
+                    {
+                        "text": "Value #F",
+                        "value": "Value #F"
+                    },
+                    {
+                        "text": "Value #G",
+                        "value": "Value #G"
+                    },
+                    {
+                        "text": "Value #H",
+                        "value": "Value #H"
+                    },
+                    {
+                        "text": "workload",
+                        "value": "workload"
+                    }
+                ],
+                "datasource": "$datasource",
+                "fill": 1,
+                "fontSize": "90%",
+                "gridPos": {
+                    "h": 9,
+                    "w": 24,
+                    "x": 0,
+                    "y": 10
+                },
+                "id": 5,
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null as zero",
+                "renderer": "flot",
+                "scroll": true,
+                "showHeader": true,
+                "sort": {
+                    "col": 0,
+                    "desc": false
+                },
+                "spaceLength": 10,
+                "span": 24,
+                "styles": [
+                    {
+                        "alias": "Time",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Time",
+                        "thresholds": [
+
+                        ],
+                        "type": "hidden",
+                        "unit": "short"
+                    },
+                    {
+                        "alias": "Current Bandwidth Received",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #A",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Current Bandwidth Transmitted",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #B",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Average Bandwidth Received",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #C",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Average Bandwidth Transmitted",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #D",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Rate of Received Packets",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #E",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Transmitted Packets",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #F",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Received Packets Dropped",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #G",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Transmitted Packets Dropped",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #H",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Workload",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": true,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "d/728bf77cc1166d2f3133bf25846876cc/kubernetes-networking-workload?orgId=1&refresh=30s&var-namespace=$namespace&var-type=$type&var-workload=$__cell",
+                        "pattern": "workload",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "short"
+                    }
+                ],
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "A",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "B",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(avg(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "C",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(avg(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "D",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_packets_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "E",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_packets_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "F",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_packets_dropped_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "G",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_packets_dropped_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "H",
+                        "step": 10
+                    }
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Status",
+                "type": "table"
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 19
+                },
+                "id": 6,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": true,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 0,
+                            "y": 20
+                        },
+                        "id": 7,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "sort": "current",
+                            "sortDesc": true,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": false,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "null",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(avg(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}} workload {{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Rate of Bytes Received",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "series",
+                            "name": null,
+                            "show": false,
+                            "values": [
+                                "current"
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": true,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 12,
+                            "y": 20
+                        },
+                        "id": 8,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "sort": "current",
+                            "sortDesc": true,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": false,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "null",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(avg(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}} workload {{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Rate of Bytes Transmitted",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "series",
+                            "name": null,
+                            "show": false,
+                            "values": [
+                                "current"
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Average Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 29
+                },
+                "id": 9,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth HIstory",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 38
+                },
+                "id": 10,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 12,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Receive Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 38
+                },
+                "id": 11,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 12,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Transmit Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 39
+                },
+                "id": 12,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 0,
+                            "y": 40
+                        },
+                        "id": 13,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_receive_packets_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 12,
+                            "y": 40
+                        },
+                        "id": 14,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_transmit_packets_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Packets",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 40
+                },
+                "id": 15,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 0,
+                            "y": 41
+                        },
+                        "id": 16,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_receive_packets_dropped_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 12,
+                            "y": 41
+                        },
+                        "id": 17,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_transmit_packets_dropped_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Errors",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "refresh": "10s",
+        "rows": [
+
+        ],
+        "schemaVersion": 18,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "kube-system",
+                        "value": "kube-system"
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(container_network_receive_packets_total{cluster=\"$cluster\"}, namespace)",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(container_network_receive_packets_total{cluster=\"$cluster\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "deployment",
+                        "value": "deployment"
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\"}, workload_type)",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "type",
+                    "options": [
+
+                    ],
+                    "query": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\"}, workload_type)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "resolution",
+                    "options": [
+                        {
+                            "selected": false,
+                            "text": "30s",
+                            "value": "30s"
+                        },
+                        {
+                            "selected": true,
+                            "text": "5m",
+                            "value": "5m"
+                        },
+                        {
+                            "selected": false,
+                            "text": "1h",
+                            "value": "1h"
+                        }
+                    ],
+                    "query": "30s,5m,1h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 2,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "interval",
+                    "options": [
+                        {
+                            "selected": true,
+                            "text": "4h",
+                            "value": "4h"
+                        }
+                    ],
+                    "query": "4h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Networking / Namespace (Workload)",
+        "uid": "bbb2a765a623ae38130206c7d94a160f",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/node-cluster-rsrc-use.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/node-cluster-rsrc-use.yaml
new file mode 100644
index 0000000000..9869a3d3e0
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/node-cluster-rsrc-use.yaml
@@ -0,0 +1,1063 @@
+{{- /*
+Generated from 'node-cluster-rsrc-use' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled (or .Values.nodeExporter.enabled .Values.nodeExporter.forceDeployDashboards) }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "node-cluster-rsrc-use" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  node-cluster-rsrc-use.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 1,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "30s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "((\n  instance:node_cpu_utilisation:rate5m{job=\"node-exporter\", cluster=\"$cluster\"}\n  *\n  instance:node_num_cpu:sum{job=\"node-exporter\", cluster=\"$cluster\"}\n) != 0 )\n/ scalar(sum(instance:node_num_cpu:sum{job=\"node-exporter\", cluster=\"$cluster\"}))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}} instance {{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Utilisation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  instance:node_load1_per_cpu:ratio{job=\"node-exporter\", cluster=\"$cluster\"}\n  / scalar(count(instance:node_load1_per_cpu:ratio{job=\"node-exporter\", cluster=\"$cluster\"}))\n)  != 0\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Saturation (Load1 per CPU)",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  instance:node_memory_utilisation:ratio{job=\"node-exporter\", cluster=\"$cluster\"}\n  / scalar(count(instance:node_memory_utilisation:ratio{job=\"node-exporter\", cluster=\"$cluster\"}))\n) != 0\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Utilisation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_vmstat_pgmajfault:rate5m{job=\"node-exporter\", cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Saturation (Major Page Faults)",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "rds",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "rds",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+                            {
+                                "alias": "/Receive/",
+                                "stack": "A"
+                            },
+                            {
+                                "alias": "/Transmit/",
+                                "stack": "B",
+                                "transform": "negative-Y"
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_network_receive_bytes_excluding_lo:rate5m{job=\"node-exporter\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Receive",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "instance:node_network_transmit_bytes_excluding_lo:rate5m{job=\"node-exporter\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Transmit",
+                                "refId": "B"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Utilisation (Bytes Receive/Transmit)",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+                            {
+                                "alias": "/ Receive/",
+                                "stack": "A"
+                            },
+                            {
+                                "alias": "/ Transmit/",
+                                "stack": "B",
+                                "transform": "negative-Y"
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_network_receive_drop_excluding_lo:rate5m{job=\"node-exporter\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Receive",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "instance:node_network_transmit_drop_excluding_lo:rate5m{job=\"node-exporter\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Transmit",
+                                "refId": "B"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Saturation (Drops Receive/Transmit)",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Network",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  instance_device:node_disk_io_time_seconds:rate5m{job=\"node-exporter\", cluster=\"$cluster\"}\n  / scalar(count(instance_device:node_disk_io_time_seconds:rate5m{job=\"node-exporter\", cluster=\"$cluster\"}))\n) != 0\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk IO Utilisation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  instance_device:node_disk_io_time_weighted_seconds:rate5m{job=\"node-exporter\", cluster=\"$cluster\"}\n  / scalar(count(instance_device:node_disk_io_time_weighted_seconds:rate5m{job=\"node-exporter\", cluster=\"$cluster\"}))\n) != 0\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk IO Saturation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Disk IO",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 10,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum without (device) (\n  max without (fstype, mountpoint) ((\n    node_filesystem_size_bytes{job=\"node-exporter\", fstype!=\"\", mountpoint!=\"\", cluster=\"$cluster\"}\n    -\n    node_filesystem_avail_bytes{job=\"node-exporter\", fstype!=\"\", mountpoint!=\"\", cluster=\"$cluster\"}\n  ) != 0)\n)\n/ scalar(sum(max without (fstype, mountpoint) (node_filesystem_size_bytes{job=\"node-exporter\", fstype!=\"\", mountpoint!=\"\", cluster=\"$cluster\"})))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk Space Utilisation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Disk Space",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "node-exporter-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(node_time_seconds, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Node Exporter / USE Method / Cluster",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/node-rsrc-use.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/node-rsrc-use.yaml
new file mode 100644
index 0000000000..75e69afa22
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/node-rsrc-use.yaml
@@ -0,0 +1,1089 @@
+{{- /*
+Generated from 'node-rsrc-use' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled (or .Values.nodeExporter.enabled .Values.nodeExporter.forceDeployDashboards) }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "node-rsrc-use" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  node-rsrc-use.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 1,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "30s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_cpu_utilisation:rate5m{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Utilisation",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Utilisation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_load1_per_cpu:ratio{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Saturation",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Saturation (Load1 per CPU)",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_memory_utilisation:ratio{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Utilisation",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Utilisation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_vmstat_pgmajfault:rate5m{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Major page Faults",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Saturation (Major Page Faults)",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "rds",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "rds",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+                            {
+                                "alias": "/Receive/",
+                                "stack": "A"
+                            },
+                            {
+                                "alias": "/Transmit/",
+                                "stack": "B",
+                                "transform": "negative-Y"
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_network_receive_bytes_excluding_lo:rate5m{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Receive",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "instance:node_network_transmit_bytes_excluding_lo:rate5m{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Transmit",
+                                "refId": "B"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Utilisation (Bytes Receive/Transmit)",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+                            {
+                                "alias": "/ Receive/",
+                                "stack": "A"
+                            },
+                            {
+                                "alias": "/ Transmit/",
+                                "stack": "B",
+                                "transform": "negative-Y"
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_network_receive_drop_excluding_lo:rate5m{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Receive",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "instance:node_network_transmit_drop_excluding_lo:rate5m{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Transmit",
+                                "refId": "B"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Saturation (Drops Receive/Transmit)",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Network",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance_device:node_disk_io_time_seconds:rate5m{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk IO Utilisation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance_device:node_disk_io_time_weighted_seconds:rate5m{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk IO Saturation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Disk IO",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 10,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(1 -\n  (\n   max without (mountpoint, fstype) (node_filesystem_avail_bytes{job=\"node-exporter\", fstype!=\"\", instance=\"$instance\", cluster=\"$cluster\"})\n   /\n   max without (mountpoint, fstype) (node_filesystem_size_bytes{job=\"node-exporter\", fstype!=\"\", instance=\"$instance\", cluster=\"$cluster\"})\n  ) != 0\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk Space Utilisation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Disk Space",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "node-exporter-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(node_time_seconds, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(node_exporter_build_info{job=\"node-exporter\", cluster=\"$cluster\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Node Exporter / USE Method / Node",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/nodes-darwin.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/nodes-darwin.yaml
new file mode 100644
index 0000000000..fe11875324
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/nodes-darwin.yaml
@@ -0,0 +1,1073 @@
+{{- /*
+Generated from 'nodes-darwin' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled (and (or .Values.nodeExporter.enabled .Values.nodeExporter.forceDeployDashboards) .Values.nodeExporter.operatingSystems.darwin.enabled) }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "nodes-darwin" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  nodes-darwin.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 1,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "30s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  (1 - sum without (mode) (rate(node_cpu_seconds_total{job=\"node-exporter\", mode=~\"idle|iowait|steal\", instance=\"$instance\"}[$__rate_interval])))\n/ ignoring(cpu) group_left\n  count without (cpu, mode) (node_cpu_seconds_total{job=\"node-exporter\", mode=\"idle\", instance=\"$instance\"})\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 5,
+                                "legendFormat": "{{`{{`}}cpu{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Usage",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": 1,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": 1,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "node_load1{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "1m load average",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "node_load5{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "5m load average",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "node_load15{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "15m load average",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "count(node_cpu_seconds_total{job=\"node-exporter\", instance=\"$instance\", mode=\"idle\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "logical cores",
+                                "refId": "D"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Load Average",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 9,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "node_memory_total_bytes{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Physical Memory",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "(\n    node_memory_internal_bytes{job=\"node-exporter\", instance=\"$instance\"} -\n    node_memory_purgeable_bytes{job=\"node-exporter\", instance=\"$instance\"} +\n    node_memory_wired_bytes{job=\"node-exporter\", instance=\"$instance\"} +\n    node_memory_compressed_bytes{job=\"node-exporter\", instance=\"$instance\"}\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Memory Used",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "(\n    node_memory_internal_bytes{job=\"node-exporter\", instance=\"$instance\"} -\n    node_memory_purgeable_bytes{job=\"node-exporter\", instance=\"$instance\"}\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "App Memory",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "node_memory_wired_bytes{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Wired Memory",
+                                "refId": "D"
+                            },
+                            {
+                                "expr": "node_memory_compressed_bytes{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Compressed",
+                                "refId": "E"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Usage",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "datasource": "$datasource",
+                        "fieldConfig": {
+                            "defaults": {
+                                "max": 100,
+                                "min": 0,
+                                "thresholds": {
+                                    "mode": "absolute",
+                                    "steps": [
+                                        {
+                                            "color": "rgba(50, 172, 45, 0.97)"
+                                        },
+                                        {
+                                            "color": "rgba(237, 129, 40, 0.89)",
+                                            "value": 80
+                                        },
+                                        {
+                                            "color": "rgba(245, 54, 54, 0.9)",
+                                            "value": 90
+                                        }
+                                    ]
+                                },
+                                "unit": "percent"
+                            }
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "span": 3,
+                        "targets": [
+                            {
+                                "expr": "(\n    (\n      avg(node_memory_internal_bytes{job=\"node-exporter\", instance=\"$instance\"}) -\n      avg(node_memory_purgeable_bytes{job=\"node-exporter\", instance=\"$instance\"}) +\n      avg(node_memory_wired_bytes{job=\"node-exporter\", instance=\"$instance\"}) +\n      avg(node_memory_compressed_bytes{job=\"node-exporter\", instance=\"$instance\"})\n    ) /\n    avg(node_memory_total_bytes{job=\"node-exporter\", instance=\"$instance\"})\n)\n*\n100\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": ""
+                            }
+                        ],
+                        "title": "Memory Usage",
+                        "transparent": false,
+                        "type": "gauge"
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+                            {
+                                "alias": "/ read| written/",
+                                "yaxis": 1
+                            },
+                            {
+                                "alias": "/ io time/",
+                                "yaxis": 2
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(node_disk_read_bytes_total{job=\"node-exporter\", instance=\"$instance\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}} read",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "rate(node_disk_written_bytes_total{job=\"node-exporter\", instance=\"$instance\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}} written",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "rate(node_disk_io_time_seconds_total{job=\"node-exporter\", instance=\"$instance\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}} io time",
+                                "refId": "C"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk I/O",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "datasource": "$datasource",
+                        "fieldConfig": {
+                            "defaults": {
+                                "custom": {
+
+                                },
+                                "thresholds": {
+                                    "mode": "absolute",
+                                    "steps": [
+                                        {
+                                            "color": "green"
+                                        },
+                                        {
+                                            "color": "yellow",
+                                            "value": 0.8
+                                        },
+                                        {
+                                            "color": "red",
+                                            "value": 0.9
+                                        }
+                                    ]
+                                },
+                                "unit": "decbytes"
+                            },
+                            "overrides": [
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Mounted on"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "custom.width",
+                                            "value": 260
+                                        }
+                                    ]
+                                },
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Size"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "custom.width",
+                                            "value": 93
+                                        }
+                                    ]
+                                },
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Used"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "custom.width",
+                                            "value": 72
+                                        }
+                                    ]
+                                },
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Available"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "custom.width",
+                                            "value": 88
+                                        }
+                                    ]
+                                },
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Used, %"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "unit",
+                                            "value": "percentunit"
+                                        },
+                                        {
+                                            "id": "custom.displayMode",
+                                            "value": "gradient-gauge"
+                                        },
+                                        {
+                                            "id": "max",
+                                            "value": 1
+                                        },
+                                        {
+                                            "id": "min",
+                                            "value": 0
+                                        }
+                                    ]
+                                }
+                            ]
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "span": 6,
+                        "targets": [
+                            {
+                                "expr": "max by (mountpoint) (node_filesystem_size_bytes{job=\"node-exporter\", instance=\"$instance\", fstype!=\"\", mountpoint!=\"\"})\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": ""
+                            },
+                            {
+                                "expr": "max by (mountpoint) (node_filesystem_avail_bytes{job=\"node-exporter\", instance=\"$instance\", fstype!=\"\", mountpoint!=\"\"})\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": ""
+                            }
+                        ],
+                        "title": "Disk Space Usage",
+                        "transformations": [
+                            {
+                                "id": "groupBy",
+                                "options": {
+                                    "fields": {
+                                        "Value #A": {
+                                            "aggregations": [
+                                                "lastNotNull"
+                                            ],
+                                            "operation": "aggregate"
+                                        },
+                                        "Value #B": {
+                                            "aggregations": [
+                                                "lastNotNull"
+                                            ],
+                                            "operation": "aggregate"
+                                        },
+                                        "mountpoint": {
+                                            "aggregations": [
+
+                                            ],
+                                            "operation": "groupby"
+                                        }
+                                    }
+                                }
+                            },
+                            {
+                                "id": "merge",
+                                "options": {
+
+                                }
+                            },
+                            {
+                                "id": "calculateField",
+                                "options": {
+                                    "alias": "Used",
+                                    "binary": {
+                                        "left": "Value #A (lastNotNull)",
+                                        "operator": "-",
+                                        "reducer": "sum",
+                                        "right": "Value #B (lastNotNull)"
+                                    },
+                                    "mode": "binary",
+                                    "reduce": {
+                                        "reducer": "sum"
+                                    }
+                                }
+                            },
+                            {
+                                "id": "calculateField",
+                                "options": {
+                                    "alias": "Used, %",
+                                    "binary": {
+                                        "left": "Used",
+                                        "operator": "/",
+                                        "reducer": "sum",
+                                        "right": "Value #A (lastNotNull)"
+                                    },
+                                    "mode": "binary",
+                                    "reduce": {
+                                        "reducer": "sum"
+                                    }
+                                }
+                            },
+                            {
+                                "id": "organize",
+                                "options": {
+                                    "excludeByName": {
+
+                                    },
+                                    "indexByName": {
+
+                                    },
+                                    "renameByName": {
+                                        "Value #A (lastNotNull)": "Size",
+                                        "Value #B (lastNotNull)": "Available",
+                                        "mountpoint": "Mounted on"
+                                    }
+                                }
+                            },
+                            {
+                                "id": "sortBy",
+                                "options": {
+                                    "fields": {
+
+                                    },
+                                    "sort": [
+                                        {
+                                            "field": "Mounted on"
+                                        }
+                                    ]
+                                }
+                            }
+                        ],
+                        "transparent": false,
+                        "type": "table"
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Disk",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "Network received (bits/s)",
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(node_network_receive_bytes_total{job=\"node-exporter\", instance=\"$instance\", device!=\"lo\"}[$__rate_interval]) * 8",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Received",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "Network transmitted (bits/s)",
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(node_network_transmit_bytes_total{job=\"node-exporter\", instance=\"$instance\", device!=\"lo\"}[$__rate_interval]) * 8",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Transmitted",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Network",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "node-exporter-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": "Instance",
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(node_uname_info{job=\"node-exporter\", sysname=\"Darwin\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Node Exporter / MacOS",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/nodes.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/nodes.yaml
new file mode 100644
index 0000000000..0da40a7b99
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/nodes.yaml
@@ -0,0 +1,1066 @@
+{{- /*
+Generated from 'nodes' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled (and (or .Values.nodeExporter.enabled .Values.nodeExporter.forceDeployDashboards) .Values.nodeExporter.operatingSystems.linux.enabled) }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "nodes" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  nodes.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 1,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "30s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  (1 - sum without (mode) (rate(node_cpu_seconds_total{job=\"node-exporter\", mode=~\"idle|iowait|steal\", instance=\"$instance\"}[$__rate_interval])))\n/ ignoring(cpu) group_left\n  count without (cpu, mode) (node_cpu_seconds_total{job=\"node-exporter\", mode=\"idle\", instance=\"$instance\"})\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 5,
+                                "legendFormat": "{{`{{`}}cpu{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Usage",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": 1,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": 1,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "node_load1{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "1m load average",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "node_load5{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "5m load average",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "node_load15{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "15m load average",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "count(node_cpu_seconds_total{job=\"node-exporter\", instance=\"$instance\", mode=\"idle\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "logical cores",
+                                "refId": "D"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Load Average",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 9,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  node_memory_MemTotal_bytes{job=\"node-exporter\", instance=\"$instance\"}\n-\n  node_memory_MemFree_bytes{job=\"node-exporter\", instance=\"$instance\"}\n-\n  node_memory_Buffers_bytes{job=\"node-exporter\", instance=\"$instance\"}\n-\n  node_memory_Cached_bytes{job=\"node-exporter\", instance=\"$instance\"}\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "memory used",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "node_memory_Buffers_bytes{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "memory buffers",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "node_memory_Cached_bytes{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "memory cached",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "node_memory_MemFree_bytes{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "memory free",
+                                "refId": "D"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Usage",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "datasource": "$datasource",
+                        "fieldConfig": {
+                            "defaults": {
+                                "max": 100,
+                                "min": 0,
+                                "thresholds": {
+                                    "mode": "absolute",
+                                    "steps": [
+                                        {
+                                            "color": "rgba(50, 172, 45, 0.97)"
+                                        },
+                                        {
+                                            "color": "rgba(237, 129, 40, 0.89)",
+                                            "value": 80
+                                        },
+                                        {
+                                            "color": "rgba(245, 54, 54, 0.9)",
+                                            "value": 90
+                                        }
+                                    ]
+                                },
+                                "unit": "percent"
+                            }
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "span": 3,
+                        "targets": [
+                            {
+                                "expr": "100 -\n(\n  avg(node_memory_MemAvailable_bytes{job=\"node-exporter\", instance=\"$instance\"}) /\n  avg(node_memory_MemTotal_bytes{job=\"node-exporter\", instance=\"$instance\"})\n* 100\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": ""
+                            }
+                        ],
+                        "title": "Memory Usage",
+                        "transparent": false,
+                        "type": "gauge"
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+                            {
+                                "alias": "/ read| written/",
+                                "yaxis": 1
+                            },
+                            {
+                                "alias": "/ io time/",
+                                "yaxis": 2
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(node_disk_read_bytes_total{job=\"node-exporter\", instance=\"$instance\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}} read",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "rate(node_disk_written_bytes_total{job=\"node-exporter\", instance=\"$instance\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}} written",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "rate(node_disk_io_time_seconds_total{job=\"node-exporter\", instance=\"$instance\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}} io time",
+                                "refId": "C"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk I/O",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "datasource": "$datasource",
+                        "fieldConfig": {
+                            "defaults": {
+                                "custom": {
+
+                                },
+                                "thresholds": {
+                                    "mode": "absolute",
+                                    "steps": [
+                                        {
+                                            "color": "green"
+                                        },
+                                        {
+                                            "color": "yellow",
+                                            "value": 0.8
+                                        },
+                                        {
+                                            "color": "red",
+                                            "value": 0.9
+                                        }
+                                    ]
+                                },
+                                "unit": "decbytes"
+                            },
+                            "overrides": [
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Mounted on"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "custom.width",
+                                            "value": 260
+                                        }
+                                    ]
+                                },
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Size"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "custom.width",
+                                            "value": 93
+                                        }
+                                    ]
+                                },
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Used"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "custom.width",
+                                            "value": 72
+                                        }
+                                    ]
+                                },
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Available"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "custom.width",
+                                            "value": 88
+                                        }
+                                    ]
+                                },
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Used, %"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "unit",
+                                            "value": "percentunit"
+                                        },
+                                        {
+                                            "id": "custom.displayMode",
+                                            "value": "gradient-gauge"
+                                        },
+                                        {
+                                            "id": "max",
+                                            "value": 1
+                                        },
+                                        {
+                                            "id": "min",
+                                            "value": 0
+                                        }
+                                    ]
+                                }
+                            ]
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "span": 6,
+                        "targets": [
+                            {
+                                "expr": "max by (mountpoint) (node_filesystem_size_bytes{job=\"node-exporter\", instance=\"$instance\", fstype!=\"\", mountpoint!=\"\"})\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": ""
+                            },
+                            {
+                                "expr": "max by (mountpoint) (node_filesystem_avail_bytes{job=\"node-exporter\", instance=\"$instance\", fstype!=\"\", mountpoint!=\"\"})\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": ""
+                            }
+                        ],
+                        "title": "Disk Space Usage",
+                        "transformations": [
+                            {
+                                "id": "groupBy",
+                                "options": {
+                                    "fields": {
+                                        "Value #A": {
+                                            "aggregations": [
+                                                "lastNotNull"
+                                            ],
+                                            "operation": "aggregate"
+                                        },
+                                        "Value #B": {
+                                            "aggregations": [
+                                                "lastNotNull"
+                                            ],
+                                            "operation": "aggregate"
+                                        },
+                                        "mountpoint": {
+                                            "aggregations": [
+
+                                            ],
+                                            "operation": "groupby"
+                                        }
+                                    }
+                                }
+                            },
+                            {
+                                "id": "merge",
+                                "options": {
+
+                                }
+                            },
+                            {
+                                "id": "calculateField",
+                                "options": {
+                                    "alias": "Used",
+                                    "binary": {
+                                        "left": "Value #A (lastNotNull)",
+                                        "operator": "-",
+                                        "reducer": "sum",
+                                        "right": "Value #B (lastNotNull)"
+                                    },
+                                    "mode": "binary",
+                                    "reduce": {
+                                        "reducer": "sum"
+                                    }
+                                }
+                            },
+                            {
+                                "id": "calculateField",
+                                "options": {
+                                    "alias": "Used, %",
+                                    "binary": {
+                                        "left": "Used",
+                                        "operator": "/",
+                                        "reducer": "sum",
+                                        "right": "Value #A (lastNotNull)"
+                                    },
+                                    "mode": "binary",
+                                    "reduce": {
+                                        "reducer": "sum"
+                                    }
+                                }
+                            },
+                            {
+                                "id": "organize",
+                                "options": {
+                                    "excludeByName": {
+
+                                    },
+                                    "indexByName": {
+
+                                    },
+                                    "renameByName": {
+                                        "Value #A (lastNotNull)": "Size",
+                                        "Value #B (lastNotNull)": "Available",
+                                        "mountpoint": "Mounted on"
+                                    }
+                                }
+                            },
+                            {
+                                "id": "sortBy",
+                                "options": {
+                                    "fields": {
+
+                                    },
+                                    "sort": [
+                                        {
+                                            "field": "Mounted on"
+                                        }
+                                    ]
+                                }
+                            }
+                        ],
+                        "transparent": false,
+                        "type": "table"
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Disk",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "Network received (bits/s)",
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(node_network_receive_bytes_total{job=\"node-exporter\", instance=\"$instance\", device!=\"lo\"}[$__rate_interval]) * 8",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Received",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "Network transmitted (bits/s)",
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(node_network_transmit_bytes_total{job=\"node-exporter\", instance=\"$instance\", device!=\"lo\"}[$__rate_interval]) * 8",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Transmitted",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Network",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "node-exporter-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": "Instance",
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(node_uname_info{job=\"node-exporter\", sysname!=\"Darwin\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Node Exporter / Nodes",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/persistentvolumesusage.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/persistentvolumesusage.yaml
new file mode 100644
index 0000000000..4d1e33208b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/persistentvolumesusage.yaml
@@ -0,0 +1,587 @@
+{{- /*
+Generated from 'persistentvolumesusage' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "persistentvolumesusage" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  persistentvolumesusage.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": true,
+                            "current": true,
+                            "max": true,
+                            "min": true,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 9,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  sum without(instance, node) (topk(1, (kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n  -\n  sum without(instance, node) (topk(1, (kubelet_volume_stats_available_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "Used Space",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "sum without(instance, node) (topk(1, (kubelet_volume_stats_available_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "Free Space",
+                                "refId": "B"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Volume Space Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "rgba(50, 172, 45, 0.97)",
+                            "rgba(237, 129, 40, 0.89)",
+                            "rgba(245, 54, 54, 0.9)"
+                        ],
+                        "datasource": "$datasource",
+                        "format": "percent",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": true,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "rightSide": true
+                        },
+                        "links": [
+
+                        ],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 3,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "tableColumn": "",
+                        "targets": [
+                            {
+                                "expr": "max without(instance,node) (\n(\n  topk(1, kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n  -\n  topk(1, kubelet_volume_stats_available_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n)\n/\ntopk(1, kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n* 100)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "80, 90",
+                        "title": "Volume Space Usage",
+                        "tooltip": {
+                            "shared": false
+                        },
+                        "type": "singlestat",
+                        "valueFontSize": "80%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "current"
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": true,
+                            "current": true,
+                            "max": true,
+                            "min": true,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 9,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum without(instance, node) (topk(1, (kubelet_volume_stats_inodes_used{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "Used inodes",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "(\n  sum without(instance, node) (topk(1, (kubelet_volume_stats_inodes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n  -\n  sum without(instance, node) (topk(1, (kubelet_volume_stats_inodes_used{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": " Free inodes",
+                                "refId": "B"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Volume inodes Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "none",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "none",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "rgba(50, 172, 45, 0.97)",
+                            "rgba(237, 129, 40, 0.89)",
+                            "rgba(245, 54, 54, 0.9)"
+                        ],
+                        "datasource": "$datasource",
+                        "format": "percent",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": true,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "rightSide": true
+                        },
+                        "links": [
+
+                        ],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 3,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "tableColumn": "",
+                        "targets": [
+                            {
+                                "expr": "max without(instance,node) (\ntopk(1, kubelet_volume_stats_inodes_used{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n/\ntopk(1, kubelet_volume_stats_inodes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n* 100)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "80, 90",
+                        "title": "Volume inodes Usage",
+                        "tooltip": {
+                            "shared": false
+                        },
+                        "type": "singlestat",
+                        "valueFontSize": "80%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "current"
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": "cluster",
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kubelet_volume_stats_capacity_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": "Namespace",
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": "PersistentVolumeClaim",
+                    "multi": false,
+                    "name": "volume",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\"}, persistentvolumeclaim)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-7d",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Persistent Volumes",
+        "uid": "919b92a8e8041bd567af9edab12c840c",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/pod-total.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/pod-total.yaml
new file mode 100644
index 0000000000..9a7e7d0603
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/pod-total.yaml
@@ -0,0 +1,1228 @@
+{{- /*
+Generated from 'pod-total' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "pod-total" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  pod-total.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+                {
+                    "builtIn": 1,
+                    "datasource": "-- Grafana --",
+                    "enable": true,
+                    "hide": true,
+                    "iconColor": "rgba(0, 211, 255, 1)",
+                    "name": "Annotations & Alerts",
+                    "type": "dashboard"
+                }
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "panels": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 0
+                },
+                "id": 2,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "cacheTimeout": null,
+                "colorBackground": false,
+                "colorValue": false,
+                "colors": [
+                    "#299c46",
+                    "rgba(237, 129, 40, 0.89)",
+                    "#d44a3a"
+                ],
+                "datasource": "$datasource",
+                "decimals": 0,
+                "format": "time_series",
+                "gauge": {
+                    "maxValue": 100,
+                    "minValue": 0,
+                    "show": false,
+                    "thresholdLabels": false,
+                    "thresholdMarkers": true
+                },
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 1
+                },
+                "height": 9,
+                "id": 3,
+                "interval": null,
+                "links": [
+
+                ],
+                "mappingType": 1,
+                "mappingTypes": [
+                    {
+                        "name": "value to text",
+                        "value": 1
+                    },
+                    {
+                        "name": "range to text",
+                        "value": 2
+                    }
+                ],
+                "maxDataPoints": 100,
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "nullText": null,
+                "options": {
+                    "fieldOptions": {
+                        "calcs": [
+                            "last"
+                        ],
+                        "defaults": {
+                            "max": 10000000000,
+                            "min": 0,
+                            "title": "$namespace: $pod",
+                            "unit": "Bps"
+                        },
+                        "mappings": [
+
+                        ],
+                        "override": {
+
+                        },
+                        "thresholds": [
+                            {
+                                "color": "dark-green",
+                                "index": 0,
+                                "value": null
+                            },
+                            {
+                                "color": "dark-yellow",
+                                "index": 1,
+                                "value": 5000000000
+                            },
+                            {
+                                "color": "dark-red",
+                                "index": 2,
+                                "value": 7000000000
+                            }
+                        ],
+                        "values": false
+                    }
+                },
+                "postfix": "",
+                "postfixFontSize": "50%",
+                "prefix": "",
+                "prefixFontSize": "50%",
+                "rangeMaps": [
+                    {
+                        "from": "null",
+                        "text": "N/A",
+                        "to": "null"
+                    }
+                ],
+                "span": 12,
+                "sparkline": {
+                    "fillColor": "rgba(31, 118, 189, 0.18)",
+                    "full": false,
+                    "lineColor": "rgb(31, 120, 193)",
+                    "show": false
+                },
+                "tableColumn": "",
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\", pod=~\"$pod\"}[$interval:$resolution]))",
+                        "format": "time_series",
+                        "instant": null,
+                        "intervalFactor": 1,
+                        "legendFormat": "",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": "",
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Received",
+                "type": "gauge",
+                "valueFontSize": "80%",
+                "valueMaps": [
+                    {
+                        "op": "=",
+                        "text": "N/A",
+                        "value": "null"
+                    }
+                ],
+                "valueName": "current"
+            },
+            {
+                "cacheTimeout": null,
+                "colorBackground": false,
+                "colorValue": false,
+                "colors": [
+                    "#299c46",
+                    "rgba(237, 129, 40, 0.89)",
+                    "#d44a3a"
+                ],
+                "datasource": "$datasource",
+                "decimals": 0,
+                "format": "time_series",
+                "gauge": {
+                    "maxValue": 100,
+                    "minValue": 0,
+                    "show": false,
+                    "thresholdLabels": false,
+                    "thresholdMarkers": true
+                },
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 1
+                },
+                "height": 9,
+                "id": 4,
+                "interval": null,
+                "links": [
+
+                ],
+                "mappingType": 1,
+                "mappingTypes": [
+                    {
+                        "name": "value to text",
+                        "value": 1
+                    },
+                    {
+                        "name": "range to text",
+                        "value": 2
+                    }
+                ],
+                "maxDataPoints": 100,
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "nullText": null,
+                "options": {
+                    "fieldOptions": {
+                        "calcs": [
+                            "last"
+                        ],
+                        "defaults": {
+                            "max": 10000000000,
+                            "min": 0,
+                            "title": "$namespace: $pod",
+                            "unit": "Bps"
+                        },
+                        "mappings": [
+
+                        ],
+                        "override": {
+
+                        },
+                        "thresholds": [
+                            {
+                                "color": "dark-green",
+                                "index": 0,
+                                "value": null
+                            },
+                            {
+                                "color": "dark-yellow",
+                                "index": 1,
+                                "value": 5000000000
+                            },
+                            {
+                                "color": "dark-red",
+                                "index": 2,
+                                "value": 7000000000
+                            }
+                        ],
+                        "values": false
+                    }
+                },
+                "postfix": "",
+                "postfixFontSize": "50%",
+                "prefix": "",
+                "prefixFontSize": "50%",
+                "rangeMaps": [
+                    {
+                        "from": "null",
+                        "text": "N/A",
+                        "to": "null"
+                    }
+                ],
+                "span": 12,
+                "sparkline": {
+                    "fillColor": "rgba(31, 118, 189, 0.18)",
+                    "full": false,
+                    "lineColor": "rgb(31, 120, 193)",
+                    "show": false
+                },
+                "tableColumn": "",
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\", pod=~\"$pod\"}[$interval:$resolution]))",
+                        "format": "time_series",
+                        "instant": null,
+                        "intervalFactor": 1,
+                        "legendFormat": "",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": "",
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Transmitted",
+                "type": "gauge",
+                "valueFontSize": "80%",
+                "valueMaps": [
+                    {
+                        "op": "=",
+                        "text": "N/A",
+                        "value": "null"
+                    }
+                ],
+                "valueName": "current"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 10
+                },
+                "id": 5,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 11
+                },
+                "id": 6,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 12,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\", pod=~\"$pod\"}[$interval:$resolution])) by (pod)",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Receive Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 11
+                },
+                "id": 7,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 12,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\", pod=~\"$pod\"}[$interval:$resolution])) by (pod)",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Transmit Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 20
+                },
+                "id": 8,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 10,
+                            "w": 12,
+                            "x": 0,
+                            "y": 21
+                        },
+                        "id": 9,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_total{cluster=\"$cluster\",namespace=~\"$namespace\", pod=~\"$pod\"}[$interval:$resolution])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 10,
+                            "w": 12,
+                            "x": 12,
+                            "y": 21
+                        },
+                        "id": 10,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_total{cluster=\"$cluster\",namespace=~\"$namespace\", pod=~\"$pod\"}[$interval:$resolution])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Packets",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 21
+                },
+                "id": 11,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 10,
+                            "w": 12,
+                            "x": 0,
+                            "y": 32
+                        },
+                        "id": 12,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_dropped_total{cluster=\"$cluster\",namespace=~\"$namespace\", pod=~\"$pod\"}[$interval:$resolution])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 10,
+                            "w": 12,
+                            "x": 12,
+                            "y": 32
+                        },
+                        "id": 13,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_dropped_total{cluster=\"$cluster\",namespace=~\"$namespace\", pod=~\"$pod\"}[$interval:$resolution])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Errors",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "refresh": "10s",
+        "rows": [
+
+        ],
+        "schemaVersion": 18,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": ".+",
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "kube-system",
+                        "value": "kube-system"
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(container_network_receive_packets_total{cluster=\"$cluster\"}, namespace)",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(container_network_receive_packets_total{cluster=\"$cluster\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": ".+",
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(container_network_receive_packets_total{cluster=\"$cluster\",namespace=~\"$namespace\"}, pod)",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "pod",
+                    "options": [
+
+                    ],
+                    "query": "label_values(container_network_receive_packets_total{cluster=\"$cluster\",namespace=~\"$namespace\"}, pod)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "resolution",
+                    "options": [
+                        {
+                            "selected": false,
+                            "text": "30s",
+                            "value": "30s"
+                        },
+                        {
+                            "selected": true,
+                            "text": "5m",
+                            "value": "5m"
+                        },
+                        {
+                            "selected": false,
+                            "text": "1h",
+                            "value": "1h"
+                        }
+                    ],
+                    "query": "30s,5m,1h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 2,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "interval",
+                    "options": [
+                        {
+                            "selected": true,
+                            "text": "4h",
+                            "value": "4h"
+                        }
+                    ],
+                    "query": "4h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Networking / Pod",
+        "uid": "7a18067ce943a40ae25454675c19ff5c",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/prometheus-remote-write.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/prometheus-remote-write.yaml
new file mode 100644
index 0000000000..5c11900e69
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/prometheus-remote-write.yaml
@@ -0,0 +1,1674 @@
+{{- /*
+Generated from 'prometheus-remote-write' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled .Values.prometheus.prometheusSpec.remoteWriteDashboards }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "prometheus-remote-write" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  prometheus-remote-write.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "60s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  prometheus_remote_storage_highest_timestamp_in_seconds{cluster=~\"$cluster\", instance=~\"$instance\"} \n-  \n  ignoring(remote_name, url) group_right(instance) (prometheus_remote_storage_queue_highest_sent_timestamp_seconds{cluster=~\"$cluster\", instance=~\"$instance\"} != 0)\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Highest Timestamp In vs. Highest Timestamp Sent",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "clamp_min(\n  rate(prometheus_remote_storage_highest_timestamp_in_seconds{cluster=~\"$cluster\", instance=~\"$instance\"}[5m])  \n- \n  ignoring (remote_name, url) group_right(instance) rate(prometheus_remote_storage_queue_highest_sent_timestamp_seconds{cluster=~\"$cluster\", instance=~\"$instance\"}[5m])\n, 0)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate[5m]",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Timestamps",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(\n  prometheus_remote_storage_samples_in_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m])\n- \n  ignoring(remote_name, url) group_right(instance) (rate(prometheus_remote_storage_succeeded_samples_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m]) or rate(prometheus_remote_storage_samples_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m]))\n- \n  (rate(prometheus_remote_storage_dropped_samples_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m]) or rate(prometheus_remote_storage_samples_dropped_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m]))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate, in vs. succeeded or dropped [5m]",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Samples",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "minSpan": 6,
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_remote_storage_shards{cluster=~\"$cluster\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Current Shards",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_remote_storage_shards_max{cluster=~\"$cluster\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Max Shards",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_remote_storage_shards_min{cluster=~\"$cluster\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Min Shards",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_remote_storage_shards_desired{cluster=~\"$cluster\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Desired Shards",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Shards",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_remote_storage_shard_capacity{cluster=~\"$cluster\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Shard Capacity",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 10,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_remote_storage_pending_samples{cluster=~\"$cluster\", instance=~\"$instance\"} or prometheus_remote_storage_samples_pending{cluster=~\"$cluster\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Pending Samples",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Shard Details",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 11,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_tsdb_wal_segment_current{cluster=~\"$cluster\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "TSDB Current Segment",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "none",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 12,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_wal_watcher_current_segment{cluster=~\"$cluster\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}consumer{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Remote Write Current Segment",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "none",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Segments",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 13,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(prometheus_remote_storage_dropped_samples_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m]) or rate(prometheus_remote_storage_samples_dropped_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Dropped Samples",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 14,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(prometheus_remote_storage_failed_samples_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m]) or rate(prometheus_remote_storage_samples_failed_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Failed Samples",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 15,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(prometheus_remote_storage_retried_samples_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m]) or rate(prometheus_remote_storage_samples_retried_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Retried Samples",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 16,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(prometheus_remote_storage_enqueue_retries_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Enqueue Retries",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Misc. Rates",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "prometheus-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": {
+                            "selected": true,
+                            "text": "All",
+                            "value": "$__all"
+                        },
+                        "value": {
+                            "selected": true,
+                            "text": "All",
+                            "value": "$__all"
+                        }
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kube_pod_container_info{image=~\".*prometheus.*\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": {
+                            "selected": true,
+                            "text": "All",
+                            "value": "$__all"
+                        },
+                        "value": {
+                            "selected": true,
+                            "text": "All",
+                            "value": "$__all"
+                        }
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(prometheus_build_info{cluster=~\"$cluster\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "url",
+                    "options": [
+
+                    ],
+                    "query": "label_values(prometheus_remote_storage_shards{cluster=~\"$cluster\", instance=~\"$instance\"}, url)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-6h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Prometheus / Remote Write",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/prometheus.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/prometheus.yaml
new file mode 100644
index 0000000000..27f7c44e2c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/prometheus.yaml
@@ -0,0 +1,1235 @@
+{{- /*
+Generated from 'prometheus' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "prometheus" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  prometheus.json: |-
+    {
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "links": [
+
+        ],
+        "refresh": "60s",
+        "rows": [
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 1,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Count",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "hidden",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Uptime",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "s"
+                            },
+                            {
+                                "alias": "Instance",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "instance",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Job",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "job",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Version",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "version",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "count by (job, instance, version) (prometheus_build_info{job=~\"$job\", instance=~\"$instance\"})",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "max by (job, instance) (time() - process_start_time_seconds{job=~\"$job\", instance=~\"$instance\"})",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Prometheus Stats",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Prometheus Stats",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 2,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(prometheus_target_sync_length_seconds_sum{job=~\"$job\",instance=~\"$instance\"}[5m])) by (scrape_job) * 1e3",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}scrape_job{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Target Sync",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ms",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 3,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(prometheus_sd_discovered_targets{job=~\"$job\",instance=~\"$instance\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Targets",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Targets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Discovery",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 4,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(prometheus_target_interval_length_seconds_sum{job=~\"$job\",instance=~\"$instance\"}[5m]) / rate(prometheus_target_interval_length_seconds_count{job=~\"$job\",instance=~\"$instance\"}[5m]) * 1e3",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}interval{{`}}`}} configured",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Scrape Interval Duration",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ms",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 5,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by (job) (rate(prometheus_target_scrapes_exceeded_body_size_limit_total[1m]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "exceeded body size limit: {{`{{`}}job{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by (job) (rate(prometheus_target_scrapes_exceeded_sample_limit_total[1m]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "exceeded sample limit: {{`{{`}}job{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by (job) (rate(prometheus_target_scrapes_sample_duplicate_timestamp_total[1m]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "duplicate timestamp: {{`{{`}}job{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by (job) (rate(prometheus_target_scrapes_sample_out_of_bounds_total[1m]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "out of bounds: {{`{{`}}job{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by (job) (rate(prometheus_target_scrapes_sample_out_of_order_total[1m]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "out of order: {{`{{`}}job{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Scrape failures",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 6,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(prometheus_tsdb_head_samples_appended_total{job=~\"$job\",instance=~\"$instance\"}[5m])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}job{{`}}`}} {{`{{`}}instance{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Appended Samples",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Retrieval",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 7,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_tsdb_head_series{job=~\"$job\",instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}job{{`}}`}} {{`{{`}}instance{{`}}`}} head series",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Head Series",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 8,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_tsdb_head_chunks{job=~\"$job\",instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}job{{`}}`}} {{`{{`}}instance{{`}}`}} head chunks",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Head Chunks",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Storage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 9,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(prometheus_engine_query_duration_seconds_count{job=~\"$job\",instance=~\"$instance\",slice=\"inner_eval\"}[5m])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}job{{`}}`}} {{`{{`}}instance{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Query Rate",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 10,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "max by (slice) (prometheus_engine_query_duration_seconds{quantile=\"0.9\",job=~\"$job\",instance=~\"$instance\"}) * 1e3",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}slice{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Stage Duration",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ms",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Query",
+                "titleSize": "h6"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "prometheus-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": ".+",
+                    "current": {
+                        "selected": true,
+                        "text": "All",
+                        "value": "$__all"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": "job",
+                    "multi": true,
+                    "name": "job",
+                    "options": [
+
+                    ],
+                    "query": "label_values(prometheus_build_info{job=\"prometheus-k8s\",namespace=\"monitoring\"}, job)",
+                    "refresh": 1,
+                    "regex": "",
+                    "sort": 2,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": ".+",
+                    "current": {
+                        "selected": true,
+                        "text": "All",
+                        "value": "$__all"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": "instance",
+                    "multi": true,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(prometheus_build_info{job=~\"$job\"}, instance)",
+                    "refresh": 1,
+                    "regex": "",
+                    "sort": 2,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Prometheus / Overview",
+        "uid": "",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/proxy.yaml
new file mode 100644
index 0000000000..410812451e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/proxy.yaml
@@ -0,0 +1,1276 @@
+{{- /*
+Generated from 'proxy' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+{{- if (include "exporter.kubeProxy.enabled" .)}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "proxy" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  proxy.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "#299c46",
+                            "rgba(237, 129, 40, 0.89)",
+                            "#d44a3a"
+                        ],
+                        "datasource": "$datasource",
+                        "format": "none",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": false,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "rightSide": true
+                        },
+                        "links": [
+
+                        ],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 2,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "tableColumn": "",
+                        "targets": [
+                            {
+                                {{- if .Values.k3sServer.enabled }}
+                                "expr": "sum(up{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", metrics_path=\"/metrics\"})",
+                                {{- else }}
+                                "expr": "sum(up{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\"})",
+                                {{- end }}
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "",
+                        "title": "Up",
+                        "tooltip": {
+                            "shared": false
+                        },
+                        "type": "singlestat",
+                        "valueFontSize": "80%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "min"
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 5,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(kubeproxy_sync_proxy_rules_duration_seconds_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "rate",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rules Sync Rate",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 5,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99,rate(kubeproxy_sync_proxy_rules_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rule Sync Latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(kubeproxy_network_programming_duration_seconds_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "rate",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Programming Rate",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(kubeproxy_network_programming_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])) by (instance, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Programming Latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\",code=~\"2..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "2xx",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\",code=~\"3..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "3xx",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\",code=~\"4..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "4xx",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\",code=~\"5..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "5xx",
+                                "refId": "D"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Kube API Request Rate",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 8,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\",instance=~\"$instance\",verb=\"POST\"}[$__rate_interval])) by (verb, url, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}verb{{`}}`}} {{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Post Request Latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\", verb=\"GET\"}[$__rate_interval])) by (verb, url, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}verb{{`}}`}} {{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Get Request Latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "process_resident_memory_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\",instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 11,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(process_cpu_seconds_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\",instance=~\"$instance\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 12,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "go_goroutines{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\",instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Goroutines",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": "cluster",
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubeProxy.jobName" . }}\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubeProxy.jobName" . }}\", cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Proxy",
+        "uid": "632e265de029684c40b21cb76bca4f94",
+        "version": 0
+    }
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/scheduler.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/scheduler.yaml
new file mode 100644
index 0000000000..ee0cf08b2f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/scheduler.yaml
@@ -0,0 +1,1118 @@
+{{- /*
+Generated from 'scheduler' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+{{- if (include "exporter.kubeScheduler.enabled" .)}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "scheduler" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  scheduler.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "#299c46",
+                            "rgba(237, 129, 40, 0.89)",
+                            "#d44a3a"
+                        ],
+                        "datasource": "$datasource",
+                        "format": "none",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": false,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "rightSide": true
+                        },
+                        "links": [
+
+                        ],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 2,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "tableColumn": "",
+                        "targets": [
+                            {
+                                {{- if .Values.k3sServer.enabled }}
+                                "expr": "sum(up{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", metrics_path=\"/metrics\"})",
+                                {{- else }}
+                                "expr": "sum(up{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\"})",
+                                {{- end }}
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "",
+                        "title": "Up",
+                        "tooltip": {
+                            "shared": false
+                        },
+                        "type": "singlestat",
+                        "valueFontSize": "80%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "min"
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 5,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(scheduler_e2e_scheduling_duration_seconds_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} e2e",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "sum(rate(scheduler_binding_duration_seconds_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} binding",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "sum(rate(scheduler_scheduling_algorithm_duration_seconds_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} scheduling algorithm",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "sum(rate(scheduler_volume_scheduling_duration_seconds_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} volume",
+                                "refId": "D"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Scheduling Rate",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 5,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(scheduler_e2e_scheduling_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\",instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} e2e",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(scheduler_binding_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\",instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} binding",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(scheduler_scheduling_algorithm_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\",instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} scheduling algorithm",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(scheduler_volume_scheduling_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\",instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} volume",
+                                "refId": "D"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Scheduling latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\",code=~\"2..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "2xx",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\",code=~\"3..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "3xx",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\",code=~\"4..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "4xx",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\",code=~\"5..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "5xx",
+                                "refId": "D"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Kube API Request Rate",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 8,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\", verb=\"POST\"}[$__rate_interval])) by (verb, url, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}verb{{`}}`}} {{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Post Request Latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\", verb=\"GET\"}[$__rate_interval])) by (verb, url, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}verb{{`}}`}} {{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Get Request Latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "process_resident_memory_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(process_cpu_seconds_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "go_goroutines{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\",instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Goroutines",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": "cluster",
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubeScheduler.jobName" . }}\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", cluster=\"$cluster\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Scheduler",
+        "uid": "2e6b6a3b4bddf1427b3a55aa1311c656",
+        "version": 0
+    }
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/workload-total.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/workload-total.yaml
new file mode 100644
index 0000000000..5aafccdebe
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/dashboards-1.14/workload-total.yaml
@@ -0,0 +1,1438 @@
+{{- /*
+Generated from 'workload-total' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "workload-total" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  workload-total.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+                {
+                    "builtIn": 1,
+                    "datasource": "-- Grafana --",
+                    "enable": true,
+                    "hide": true,
+                    "iconColor": "rgba(0, 211, 255, 1)",
+                    "name": "Annotations & Alerts",
+                    "type": "dashboard"
+                }
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "panels": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 0
+                },
+                "id": 2,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": true,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 1
+                },
+                "id": 3,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "sort": "current",
+                    "sortDesc": true,
+                    "total": false,
+                    "values": true
+                },
+                "lines": false,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 24,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}} pod {{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Received",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "series",
+                    "name": null,
+                    "show": false,
+                    "values": [
+                        "current"
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": true,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 1
+                },
+                "id": 4,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "sort": "current",
+                    "sortDesc": true,
+                    "total": false,
+                    "values": true
+                },
+                "lines": false,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 24,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}} pod {{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Transmitted",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "series",
+                    "name": null,
+                    "show": false,
+                    "values": [
+                        "current"
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 10
+                },
+                "id": 5,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": true,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 0,
+                            "y": 11
+                        },
+                        "id": 6,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "sort": "current",
+                            "sortDesc": true,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": false,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "null",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(avg(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}} pod {{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Rate of Bytes Received",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "series",
+                            "name": null,
+                            "show": false,
+                            "values": [
+                                "current"
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": true,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 12,
+                            "y": 11
+                        },
+                        "id": 7,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "sort": "current",
+                            "sortDesc": true,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": false,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "null",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(avg(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}} pod {{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Rate of Bytes Transmitted",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "series",
+                            "name": null,
+                            "show": false,
+                            "values": [
+                                "current"
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Average Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 11
+                },
+                "id": 8,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth HIstory",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 12
+                },
+                "id": 9,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 12,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Receive Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 12
+                },
+                "id": 10,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 12,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Transmit Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 21
+                },
+                "id": 11,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 0,
+                            "y": 22
+                        },
+                        "id": 12,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 12,
+                            "y": 22
+                        },
+                        "id": 13,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Packets",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 22
+                },
+                "id": 14,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 0,
+                            "y": 23
+                        },
+                        "id": 15,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 12,
+                            "y": 23
+                        },
+                        "id": 16,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Errors",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "refresh": "10s",
+        "rows": [
+
+        ],
+        "schemaVersion": 18,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kube_pod_info{job=\"kube-state-metrics\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": ".+",
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "kube-system",
+                        "value": "kube-system"
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\"}, namespace)",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\"}, workload)",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "workload",
+                    "options": [
+
+                    ],
+                    "query": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\"}, workload)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "deployment",
+                        "value": "deployment"
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\"}, workload_type)",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "type",
+                    "options": [
+
+                    ],
+                    "query": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\"}, workload_type)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "resolution",
+                    "options": [
+                        {
+                            "selected": false,
+                            "text": "30s",
+                            "value": "30s"
+                        },
+                        {
+                            "selected": true,
+                            "text": "5m",
+                            "value": "5m"
+                        },
+                        {
+                            "selected": false,
+                            "text": "1h",
+                            "value": "1h"
+                        }
+                    ],
+                    "query": "30s,5m,1h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 2,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "interval",
+                    "options": [
+                        {
+                            "selected": true,
+                            "text": "4h",
+                            "value": "4h"
+                        }
+                    ],
+                    "query": "4h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Networking / Workload",
+        "uid": "728bf77cc1166d2f3133bf25846876cc",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/namespaces.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/namespaces.yaml
new file mode 100644
index 0000000000..39ed210ed4
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/grafana/namespaces.yaml
@@ -0,0 +1,13 @@
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled (not .Values.grafana.defaultDashboards.useExistingNamespace) }}
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: {{ .Values.grafana.defaultDashboards.namespace }}
+  labels:
+    name: {{ .Values.grafana.defaultDashboards.namespace }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  annotations:
+{{- if not .Values.grafana.defaultDashboards.cleanupOnUninstall }}
+    helm.sh/resource-policy: "keep"
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/_prometheus-operator.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/_prometheus-operator.tpl
new file mode 100644
index 0000000000..6ae9dc72e6
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/_prometheus-operator.tpl
@@ -0,0 +1,7 @@
+{{/* Generate basic labels for prometheus-operator */}}
+{{- define "kube-prometheus-stack.prometheus-operator.labels" }}
+{{- include "kube-prometheus-stack.labels" . }}
+app: {{ template "kube-prometheus-stack.name" . }}-operator
+app.kubernetes.io/name: {{ template "kube-prometheus-stack.name" . }}-prometheus-operator
+app.kubernetes.io/component: prometheus-operator
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/_prometheus-operator-webhook.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/_prometheus-operator-webhook.tpl
new file mode 100644
index 0000000000..f419caf54b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/_prometheus-operator-webhook.tpl
@@ -0,0 +1,6 @@
+{{/* Generate basic labels for prometheus-operator-webhook */}}
+{{- define "kube-prometheus-stack.prometheus-operator-webhook.labels" }}
+{{- include "kube-prometheus-stack.labels" . }}
+app.kubernetes.io/name: {{ template "kube-prometheus-stack.name" . }}-prometheus-operator
+app.kubernetes.io/component: prometheus-operator-webhook
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/deployment.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/deployment.yaml
new file mode 100644
index 0000000000..054eac4a77
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/deployment.yaml
@@ -0,0 +1,143 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.deployment.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}-webhook
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-operator-webhook
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" . | nindent 4 }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.labels }}
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.labels | indent 4 }}
+{{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.annotations }}
+  annotations:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.annotations | indent 4 }}
+{{- end }}
+spec:
+  replicas: {{ .Values.prometheusOperator.admissionWebhooks.deployment.replicas }}
+  revisionHistoryLimit: {{ .Values.prometheusOperator.admissionWebhooks.deployment.revisionHistoryLimit }}
+  {{- with .Values.prometheusOperator.admissionWebhooks.deployment.strategy }}
+  strategy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-operator-webhook
+      release: {{ $.Release.Name | quote }}
+  template:
+    metadata:
+      labels:
+        app: {{ template "kube-prometheus-stack.name" . }}-operator-webhook
+        {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" . | nindent 8 }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.podLabels }}
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.podLabels | indent 8 }}
+{{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.podAnnotations }}
+      annotations:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.podAnnotations | indent 8 }}
+{{- end }}
+    spec:
+    {{- if .Values.prometheusOperator.admissionWebhooks.deployment.priorityClassName }}
+      priorityClassName: {{ .Values.prometheusOperator.admissionWebhooks.deployment.priorityClassName }}
+    {{- end }}
+    {{- if .Values.global.imagePullSecrets }}
+      imagePullSecrets:
+      {{- include "kube-prometheus-stack.imagePullSecrets" . | indent 8 }}
+    {{- end }}
+      containers:
+        - name: prometheus-operator-admission-webhook
+          {{- $operatorRegistry := .Values.global.imageRegistry | default .Values.prometheusOperator.admissionWebhooks.deployment.image.registry -}}
+          {{- if .Values.prometheusOperator.admissionWebhooks.deployment.image.sha }}
+          image: "{{ $operatorRegistry }}/{{ .Values.prometheusOperator.admissionWebhooks.deployment.image.repository }}:{{ .Values.prometheusOperator.admissionWebhooks.deployment.image.tag | default .Chart.AppVersion }}@sha256:{{ .Values.prometheusOperator.admissionWebhooks.deployment.image.sha }}"
+          {{- else }}
+          image: "{{ $operatorRegistry }}/{{ .Values.prometheusOperator.admissionWebhooks.deployment.image.repository }}:{{ .Values.prometheusOperator.admissionWebhooks.deployment.image.tag | default .Chart.AppVersion }}"
+          {{- end }}
+          imagePullPolicy: "{{ .Values.prometheusOperator.admissionWebhooks.deployment.image.pullPolicy }}"
+          args:
+            {{- if .Values.prometheusOperator.admissionWebhooks.deployment.logFormat }}
+            - --log-format={{ .Values.prometheusOperator.admissionWebhooks.deployment.logFormat }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.admissionWebhooks.deployment.logLevel }}
+            - --log-level={{ .Values.prometheusOperator.admissionWebhooks.deployment.logLevel }}
+            {{- end }}
+          {{- if .Values.prometheusOperator.admissionWebhooks.deployment.tls.enabled }}
+            - "--web.enable-tls=true"
+            - "--web.cert-file=/cert/{{ if .Values.prometheusOperator.admissionWebhooks.certManager.enabled }}tls.crt{{ else }}cert{{ end }}"
+            - "--web.key-file=/cert/{{ if .Values.prometheusOperator.admissionWebhooks.certManager.enabled }}tls.key{{ else }}key{{ end }}"
+            - "--web.listen-address=:{{ .Values.prometheusOperator.admissionWebhooks.deployment.tls.internalPort }}"
+            - "--web.tls-min-version={{ .Values.prometheusOperator.admissionWebhooks.deployment.tls.tlsMinVersion }}"
+          ports:
+            - containerPort: {{ .Values.prometheusOperator.admissionWebhooks.deployment.tls.internalPort }}
+              name: https
+          {{- else }}
+          ports:
+            - containerPort: 8080
+              name: http
+          {{- end }}
+          {{- if .Values.prometheusOperator.admissionWebhooks.deployment.readinessProbe.enabled }}
+          readinessProbe:
+            httpGet:
+              path: /healthz
+              port: {{ .Values.prometheusOperator.admissionWebhooks.deployment.tls.enabled | ternary "https" "http" }}
+              scheme: {{ .Values.prometheusOperator.admissionWebhooks.deployment.tls.enabled | ternary "HTTPS" "HTTP" }}
+            initialDelaySeconds: {{ .Values.prometheusOperator.admissionWebhooks.deployment.readinessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.prometheusOperator.admissionWebhooks.deployment.readinessProbe.periodSeconds }}
+            timeoutSeconds: {{ .Values.prometheusOperator.admissionWebhooks.deployment.readinessProbe.timeoutSeconds }}
+            successThreshold: {{ .Values.prometheusOperator.admissionWebhooks.deployment.readinessProbe.successThreshold }}
+            failureThreshold: {{ .Values.prometheusOperator.admissionWebhooks.deployment.readinessProbe.failureThreshold }}
+          {{- end }}
+          {{- if .Values.prometheusOperator.admissionWebhooks.deployment.livenessProbe.enabled }}
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: {{ .Values.prometheusOperator.admissionWebhooks.deployment.tls.enabled | ternary "https" "http" }}
+              scheme: {{ .Values.prometheusOperator.admissionWebhooks.deployment.tls.enabled | ternary "HTTPS" "HTTP" }}
+            initialDelaySeconds: {{ .Values.prometheusOperator.admissionWebhooks.deployment.livenessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.prometheusOperator.admissionWebhooks.deployment.livenessProbe.periodSeconds }}
+            timeoutSeconds: {{ .Values.prometheusOperator.admissionWebhooks.deployment.livenessProbe.timeoutSeconds }}
+            successThreshold: {{ .Values.prometheusOperator.admissionWebhooks.deployment.livenessProbe.successThreshold }}
+            failureThreshold: {{ .Values.prometheusOperator.admissionWebhooks.deployment.livenessProbe.failureThreshold }}
+          {{- end }}
+          resources:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.resources | indent 12 }}
+          securityContext:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.containerSecurityContext | indent 12 }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.tls.enabled }}
+          volumeMounts:
+            - name: tls-secret
+              mountPath: /cert
+              readOnly: true
+      volumes:
+        - name: tls-secret
+          secret:
+            defaultMode: 420
+            secretName: {{ template "kube-prometheus-stack.fullname" . }}-admission
+{{- end }}
+    {{- with .Values.prometheusOperator.admissionWebhooks.deployment.dnsConfig }}
+      dnsConfig:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.securityContext }}
+      securityContext:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.securityContext | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "kube-prometheus-stack.operator.serviceAccountName" . }}-webhook
+      automountServiceAccountToken: {{ .Values.prometheusOperator.admissionWebhooks.deployment.automountServiceAccountToken }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.hostNetwork }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+{{- end }}
+    {{- with .Values.prometheusOperator.admissionWebhooks.deployment.nodeSelector }}
+      nodeSelector:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+    {{- with .Values.prometheusOperator.admissionWebhooks.deployment.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+    {{- with .Values.prometheusOperator.admissionWebhooks.deployment.tolerations }}
+      tolerations:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/pdb.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/pdb.yaml
new file mode 100644
index 0000000000..52dd78f624
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/pdb.yaml
@@ -0,0 +1,15 @@
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.podDisruptionBudget -}}
+apiVersion: policy/v1{{ ternary "" "beta1" ($.Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget") }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}-webhook
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" . | nindent 4 }}
+spec:
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-operator-webhook
+      release: {{ $.Release.Name | quote }}
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.podDisruptionBudget | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/service.yaml
new file mode 100644
index 0000000000..b06c129123
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/service.yaml
@@ -0,0 +1,58 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.deployment.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}-webhook
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-operator-webhook
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" . | nindent 4 }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.labels }}
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.service.labels | indent 4 }}
+{{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.annotations }}
+  annotations:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.service.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.clusterIP }}
+  clusterIP: {{ .Values.prometheusOperator.admissionWebhooks.deployment.service.clusterIP }}
+{{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.externalIPs }}
+  externalIPs:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.service.externalIPs | indent 4 }}
+{{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.prometheusOperator.admissionWebhooks.deployment.service.loadBalancerIP }}
+{{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range $cidr := .Values.prometheusOperator.admissionWebhooks.deployment.service.loadBalancerSourceRanges }}
+    - {{ $cidr }}
+  {{- end }}
+{{- end }}
+{{- if ne .Values.prometheusOperator.admissionWebhooks.deployment.service.type "ClusterIP" }}
+  externalTrafficPolicy: {{ .Values.prometheusOperator.admissionWebhooks.deployment.service.externalTrafficPolicy }}
+{{- end }}
+  ports:
+  {{- if not .Values.prometheusOperator.admissionWebhooks.deployment.tls.enabled }}
+  - name: http
+    {{- if eq .Values.prometheusOperator.admissionWebhooks.deployment.service.type "NodePort" }}
+    nodePort: {{ .Values.prometheusOperator.admissionWebhooks.deployment.service.nodePort }}
+    {{- end }}
+    port: 8080
+    targetPort: http
+  {{- end }}
+  {{- if .Values.prometheusOperator.admissionWebhooks.deployment.tls.enabled }}
+  - name: https
+    {{- if eq .Values.prometheusOperator.admissionWebhooks.deployment.service.type "NodePort"}}
+    nodePort: {{ .Values.prometheusOperator.admissionWebhooks.deployment.service.nodePortTls }}
+    {{- end }}
+    port: 443
+    targetPort: https
+  {{- end }}
+  selector:
+    app: {{ template "kube-prometheus-stack.name" . }}-operator-webhook
+    release: {{ $.Release.Name | quote }}
+  type: "{{ .Values.prometheusOperator.admissionWebhooks.deployment.service.type }}"
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/serviceaccount.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/serviceaccount.yaml
new file mode 100644
index 0000000000..55511da36b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/serviceaccount.yaml
@@ -0,0 +1,15 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.deployment.enabled }}
+apiVersion: v1
+kind: ServiceAccount
+automountServiceAccountToken: {{ .Values.prometheusOperator.admissionWebhooks.deployment.serviceAccount.automountServiceAccountToken }}
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.admissionWebhooks.serviceAccountName" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-operator
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" . | indent 4 }}
+{{- if .Values.global.imagePullSecrets }}
+imagePullSecrets:
+{{ include "kube-prometheus-stack.imagePullSecrets" . | trim | indent 2 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/ciliumnetworkpolicy-createSecret.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/ciliumnetworkpolicy-createSecret.yaml
new file mode 100644
index 0000000000..f7543b0f1a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/ciliumnetworkpolicy-createSecret.yaml
@@ -0,0 +1,36 @@
+{{- if and .Values.prometheusOperator.networkPolicy.enabled (eq .Values.prometheusOperator.networkPolicy.flavor "cilium") }}
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission-create
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    helm.sh/hook: pre-install,pre-upgrade
+    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
+    ## Ensure this is run before the job
+    helm.sh/hook-weight: "-5"
+    {{- with .Values.prometheusOperator.admissionWebhooks.annotations }}
+    {{ toYaml . | nindent 4 }}
+    {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission-create
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+spec:
+  endpointSelector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" $ }}-admission-create
+      {{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
+      {{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
+      {{- else }}
+      {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 6 }}
+      {{- end }}
+  egress:
+    {{- if and .Values.prometheusOperator.networkPolicy.cilium .Values.prometheusOperator.networkPolicy.cilium.egress }}
+      {{ toYaml .Values.prometheusOperator.networkPolicy.cilium.egress | nindent 6 }}
+    {{- else }}
+    - toEntities:
+      - kube-apiserver
+    {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/ciliumnetworkpolicy-patchWebhook.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/ciliumnetworkpolicy-patchWebhook.yaml
new file mode 100644
index 0000000000..4e3b0d9225
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/ciliumnetworkpolicy-patchWebhook.yaml
@@ -0,0 +1,36 @@
+{{- if and .Values.prometheusOperator.networkPolicy.enabled (eq .Values.prometheusOperator.networkPolicy.flavor "cilium") }}
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission-patch
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    helm.sh/hook: post-install,post-upgrade
+    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
+    ## Ensure this is run before the job
+    helm.sh/hook-weight: "-5"
+    {{- with .Values.prometheusOperator.admissionWebhooks.patch.annotations }}
+    {{ toYaml . | nindent 4 }}
+    {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+spec:
+  endpointSelector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch
+      {{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
+      {{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
+      {{- else }}
+      {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 6 }}
+      {{- end }}
+  egress:
+    {{- if and .Values.prometheusOperator.networkPolicy.cilium .Values.prometheusOperator.networkPolicy.cilium.egress }}
+      {{ toYaml .Values.prometheusOperator.networkPolicy.cilium.egress | nindent 6 }}
+    {{- else }}
+    - toEntities:
+      - kube-apiserver
+    {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/clusterrole.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/clusterrole.yaml
new file mode 100644
index 0000000000..b81257c168
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/clusterrole.yaml
@@ -0,0 +1,33 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled .Values.global.rbac.create (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission
+  annotations:
+    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+rules:
+  - apiGroups:
+      - admissionregistration.k8s.io
+    resources:
+      - validatingwebhookconfigurations
+      - mutatingwebhookconfigurations
+    verbs:
+      - get
+      - update
+{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") (or .Values.global.cattle.psp.enabled .Values.global.rbac.pspEnabled) }}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }}
+  - apiGroups: ['policy']
+{{- else }}
+  - apiGroups: ['extensions']
+{{- end }}
+    resources: ['podsecuritypolicies']
+    verbs:     ['use']
+    resourceNames:
+    - {{ template "kube-prometheus-stack.fullname" . }}-admission
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/clusterrolebinding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/clusterrolebinding.yaml
new file mode 100644
index 0000000000..4cf1335b22
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/clusterrolebinding.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled .Values.global.rbac.create (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission
+  annotations:
+    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "kube-prometheus-stack.fullname" . }}-admission
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-prometheus-stack.fullname" . }}-admission
+    namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/job-createSecret.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/job-createSecret.yaml
new file mode 100644
index 0000000000..baed83db48
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/job-createSecret.yaml
@@ -0,0 +1,73 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission-create
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": pre-install,pre-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+{{- with .Values.prometheusOperator.admissionWebhooks.annotations }}
+{{ toYaml . | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission-create
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+spec:
+  {{- if .Capabilities.APIVersions.Has "batch/v1alpha1" }}
+  # Alpha feature since k8s 1.12
+  ttlSecondsAfterFinished: 0
+  {{- end }}
+  template:
+    metadata:
+      name:  {{ template "kube-prometheus-stack.fullname" . }}-admission-create
+{{- with .Values.prometheusOperator.admissionWebhooks.patch.podAnnotations }}
+      annotations:
+{{ toYaml .  | indent 8 }}
+{{- end }}
+      labels:
+        app: {{ template "kube-prometheus-stack.name" $ }}-admission-create
+        {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 8 }}
+    spec:
+      {{- if .Values.prometheusOperator.admissionWebhooks.patch.priorityClassName }}
+      priorityClassName: {{ .Values.prometheusOperator.admissionWebhooks.patch.priorityClassName }}
+      {{- end }}
+      containers:
+        - name: create
+          {{- $registry := include "monitoring_registry" . | default .Values.prometheusOperator.admissionWebhooks.patch.image.registry -}}
+          {{- if .Values.prometheusOperator.admissionWebhooks.patch.image.sha }}
+          image: {{ $registry }}/{{ .Values.prometheusOperator.admissionWebhooks.patch.image.repository }}:{{ .Values.prometheusOperator.admissionWebhooks.patch.image.tag }}@sha256:{{ .Values.prometheusOperator.admissionWebhooks.patch.image.sha }}
+          {{- else }}
+          image: {{ $registry }}/{{ .Values.prometheusOperator.admissionWebhooks.patch.image.repository }}:{{ .Values.prometheusOperator.admissionWebhooks.patch.image.tag }}
+          {{- end }}
+          imagePullPolicy: {{ .Values.prometheusOperator.admissionWebhooks.patch.image.pullPolicy }}
+          args:
+            - create
+            - --host={{- include "kube-prometheus-stack.operator.admission-webhook.dnsNames" . | replace "\n" "," }}
+            - --namespace={{ template "kube-prometheus-stack.namespace" . }}
+            - --secret-name={{ template "kube-prometheus-stack.fullname" . }}-admission
+          {{- with .Values.prometheusOperator.admissionWebhooks.createSecretJob }}
+          securityContext:
+          {{ toYaml .securityContext | nindent 12 }}
+          {{- end }}
+          resources:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.patch.resources | indent 12 }}
+      restartPolicy: OnFailure
+      serviceAccountName: {{ template "kube-prometheus-stack.fullname" . }}-admission
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} 
+{{- with .Values.prometheusOperator.admissionWebhooks.patch.nodeSelector }}
+{{ toYaml . | indent 8 }}
+{{- end }}
+      {{- with .Values.prometheusOperator.admissionWebhooks.patch.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} 
+{{- with .Values.prometheusOperator.admissionWebhooks.patch.tolerations }}
+{{ toYaml . | indent 8 }}
+      {{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.patch.securityContext }}
+      securityContext:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.patch.securityContext | indent 8 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/job-patchWebhook.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/job-patchWebhook.yaml
new file mode 100644
index 0000000000..5639cc9e80
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/job-patchWebhook.yaml
@@ -0,0 +1,74 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission-patch
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+{{- with .Values.prometheusOperator.admissionWebhooks.patch.annotations }}
+{{ toYaml . | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+spec:
+  {{- if .Capabilities.APIVersions.Has "batch/v1alpha1" }}
+  # Alpha feature since k8s 1.12
+  ttlSecondsAfterFinished: 0
+  {{- end }}
+  template:
+    metadata:
+      name:  {{ template "kube-prometheus-stack.fullname" . }}-admission-patch
+{{- with .Values.prometheusOperator.admissionWebhooks.patch.podAnnotations }}
+      annotations:
+{{ toYaml . | indent 8 }}
+{{- end }}
+      labels:
+        app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch
+        {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 8 }}
+    spec:
+      {{- if .Values.prometheusOperator.admissionWebhooks.patch.priorityClassName }}
+      priorityClassName: {{ .Values.prometheusOperator.admissionWebhooks.patch.priorityClassName }}
+      {{- end }}
+      containers:
+        - name: patch
+          {{- $registry := include "monitoring_registry" . | default .Values.prometheusOperator.admissionWebhooks.patch.image.registry -}}
+          {{- if .Values.prometheusOperator.admissionWebhooks.patch.image.sha }}
+          image: {{ $registry }}/{{ .Values.prometheusOperator.admissionWebhooks.patch.image.repository }}:{{ .Values.prometheusOperator.admissionWebhooks.patch.image.tag }}@sha256:{{ .Values.prometheusOperator.admissionWebhooks.patch.image.sha }}
+          {{- else }}
+          image: {{ $registry }}/{{ .Values.prometheusOperator.admissionWebhooks.patch.image.repository }}:{{ .Values.prometheusOperator.admissionWebhooks.patch.image.tag }}
+          {{- end }}
+          imagePullPolicy: {{ .Values.prometheusOperator.admissionWebhooks.patch.image.pullPolicy }}
+          args:
+            - patch
+            - --webhook-name={{ template "kube-prometheus-stack.fullname" . }}-admission
+            - --namespace={{ template "kube-prometheus-stack.namespace" . }}
+            - --secret-name={{ template "kube-prometheus-stack.fullname" . }}-admission
+            - --patch-failure-policy={{ .Values.prometheusOperator.admissionWebhooks.failurePolicy }}
+          {{- with .Values.prometheusOperator.admissionWebhooks.patchWebhookJob }}
+          securityContext:
+          {{ toYaml .securityContext | nindent 12 }}
+          {{- end }}
+          resources:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.patch.resources | indent 12 }}
+      restartPolicy: OnFailure
+      serviceAccountName: {{ template "kube-prometheus-stack.fullname" . }}-admission
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} 
+{{- with .Values.prometheusOperator.admissionWebhooks.patch.nodeSelector }}
+{{ toYaml . | indent 8 }}
+{{- end }}
+      {{- with .Values.prometheusOperator.admissionWebhooks.patch.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} 
+{{- with .Values.prometheusOperator.admissionWebhooks.patch.tolerations }}
+{{ toYaml . | indent 8 }}
+      {{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.patch.securityContext }}
+      securityContext:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.patch.securityContext | indent 8 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/networkpolicy-createSecret.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/networkpolicy-createSecret.yaml
new file mode 100644
index 0000000000..864deb52a0
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/networkpolicy-createSecret.yaml
@@ -0,0 +1,33 @@
+{{- if and .Values.prometheusOperator.networkPolicy.enabled (eq .Values.prometheusOperator.networkPolicy.flavor "kubernetes") }}
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission-create
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": pre-install,pre-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+    ## Ensure this is run before the job
+    "helm.sh/hook-weight": "-5"
+    {{- with .Values.prometheusOperator.admissionWebhooks.annotations }}
+    {{ toYaml . | nindent 4 }}
+    {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission-create
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+spec:
+  podSelector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" $ }}-admission-create
+      {{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
+      {{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
+      {{- else }}
+      {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 6 }}
+      {{- end }}
+  egress:
+  - {}
+  policyTypes:
+  - Egress
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/networkpolicy-patchWebhook.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/networkpolicy-patchWebhook.yaml
new file mode 100644
index 0000000000..076c467004
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/networkpolicy-patchWebhook.yaml
@@ -0,0 +1,33 @@
+{{- if and .Values.prometheusOperator.networkPolicy.enabled (eq .Values.prometheusOperator.networkPolicy.flavor "kubernetes") }}
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission-patch
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+    ## Ensure this is run before the job
+    "helm.sh/hook-weight": "-5"
+    {{- with .Values.prometheusOperator.admissionWebhooks.patch.annotations }}
+    {{ toYaml . | nindent 4 }}
+    {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+spec:
+  podSelector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch
+      {{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
+      {{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
+      {{- else }}
+      {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 6 }}
+      {{- end }}
+  egress:
+  - {}
+  policyTypes:
+  - Egress
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/psp.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/psp.yaml
new file mode 100644
index 0000000000..0113b6a5d8
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/psp.yaml
@@ -0,0 +1,47 @@
+{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-admission
+  annotations:
+    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+{{- if .Values.global.rbac.pspAnnotations }}
+{{ toYaml .Values.global.rbac.pspAnnotations | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-admission
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  # Allow core volume types.
+  volumes:
+    - 'configMap'
+    - 'emptyDir'
+    - 'projected'
+    - 'secret'
+    - 'downwardAPI'
+    - 'persistentVolumeClaim'
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    # Permits the container to run with root privileges as well.
+    rule: 'RunAsAny'
+  seLinux:
+    # This policy assumes the nodes are using AppArmor rather than SELinux.
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/role.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/role.yaml
new file mode 100644
index 0000000000..f15abf4395
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/role.yaml
@@ -0,0 +1,21 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled .Values.global.rbac.create (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - secrets
+    verbs:
+      - get
+      - create
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/rolebinding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/rolebinding.yaml
new file mode 100644
index 0000000000..30bde920b6
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/rolebinding.yaml
@@ -0,0 +1,21 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled .Values.global.rbac.create (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "kube-prometheus-stack.fullname" . }}-admission
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-prometheus-stack.fullname" . }}-admission
+    namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/serviceaccount.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/serviceaccount.yaml
new file mode 100644
index 0000000000..02594547d1
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/serviceaccount.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled .Values.global.rbac.create (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+{{- if .Values.global.imagePullSecrets }}
+imagePullSecrets:
+{{ include "kube-prometheus-stack.imagePullSecrets" . | trim | indent 2 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/mutatingWebhookConfiguration.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/mutatingWebhookConfiguration.yaml
new file mode 100644
index 0000000000..da01f3b57e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/mutatingWebhookConfiguration.yaml
@@ -0,0 +1,77 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled }}
+apiVersion: admissionregistration.k8s.io/v1
+kind: MutatingWebhookConfiguration
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission
+{{- if .Values.prometheusOperator.admissionWebhooks.certManager.enabled }}
+  annotations:
+    certmanager.k8s.io/inject-ca-from: {{ printf "%s/%s-admission" (include "kube-prometheus-stack.namespace" .) (include "kube-prometheus-stack.fullname" .) | quote }}
+    cert-manager.io/inject-ca-from: {{ printf "%s/%s-admission" (include "kube-prometheus-stack.namespace" .) (include "kube-prometheus-stack.fullname" .) | quote }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+webhooks:
+  - name: prometheusrulemutate.monitoring.coreos.com
+    {{- if eq .Values.prometheusOperator.admissionWebhooks.failurePolicy "IgnoreOnInstallOnly" }}
+    failurePolicy: {{ .Release.IsInstall | ternary "Ignore" "Fail" }}
+    {{- else if .Values.prometheusOperator.admissionWebhooks.failurePolicy  }}
+    failurePolicy: {{ .Values.prometheusOperator.admissionWebhooks.failurePolicy }}
+    {{- else if .Values.prometheusOperator.admissionWebhooks.patch.enabled }}
+    failurePolicy: Ignore
+    {{- else }}
+    failurePolicy: Fail
+    {{- end }}
+    rules:
+      - apiGroups:
+          - monitoring.coreos.com
+        apiVersions:
+          - "*"
+        resources:
+          - prometheusrules
+        operations:
+          - CREATE
+          - UPDATE
+    clientConfig:
+      service:
+        namespace: {{ template "kube-prometheus-stack.namespace" . }}
+        name: {{ template "kube-prometheus-stack.operator.fullname" $ }}{{ if .Values.prometheusOperator.admissionWebhooks.deployment.enabled }}-webhook{{ end }}
+        path: /admission-prometheusrules/mutate
+      {{- if and .Values.prometheusOperator.admissionWebhooks.caBundle (not .Values.prometheusOperator.admissionWebhooks.patch.enabled) (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+      caBundle: {{ .Values.prometheusOperator.admissionWebhooks.caBundle }}
+      {{- end }}
+    timeoutSeconds: {{ .Values.prometheusOperator.admissionWebhooks.timeoutSeconds }}
+    admissionReviewVersions: ["v1", "v1beta1"]
+    sideEffects: None
+    {{- if or .Values.prometheusOperator.denyNamespaces .Values.prometheusOperator.namespaces .Values.prometheusOperator.admissionWebhooks.namespaceSelector }}
+    namespaceSelector:
+      {{- with (omit .Values.prometheusOperator.admissionWebhooks.namespaceSelector "matchExpressions") }}
+      {{- toYaml . | nindent 6 }}
+      {{- end }}
+      {{- if or .Values.prometheusOperator.denyNamespaces .Values.prometheusOperator.namespaces .Values.prometheusOperator.admissionWebhooks.namespaceSelector.matchExpressions }}
+      matchExpressions:
+        {{- with (.Values.prometheusOperator.admissionWebhooks.namespaceSelector.matchExpressions) }}
+        {{- toYaml . | nindent 6 }}
+        {{- end }}
+        {{- if .Values.prometheusOperator.denyNamespaces }}
+      - key: kubernetes.io/metadata.name
+        operator: NotIn
+        values:
+        {{- range $namespace := mustUniq .Values.prometheusOperator.denyNamespaces }}
+        - {{ $namespace }}
+        {{- end }}
+        {{- else if and .Values.prometheusOperator.namespaces .Values.prometheusOperator.namespaces.additional }}
+      - key: kubernetes.io/metadata.name
+        operator: In
+        values:
+        {{- if and .Values.prometheusOperator.namespaces.releaseNamespace (default .Values.prometheusOperator.namespaces.releaseNamespace true) }}
+        {{- $namespace := printf "%s" (include "kube-prometheus-stack.namespace" .) }}
+        - {{ $namespace }}
+        {{- end }}
+        {{- range $namespace := mustUniq .Values.prometheusOperator.namespaces.additional }}
+        - {{ $namespace }}
+        {{- end }}
+        {{- end }}
+      {{- end }}
+    {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/validatingWebhookConfiguration.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/validatingWebhookConfiguration.yaml
new file mode 100644
index 0000000000..4827871cca
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/admission-webhooks/validatingWebhookConfiguration.yaml
@@ -0,0 +1,77 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled }}
+apiVersion: admissionregistration.k8s.io/v1
+kind: ValidatingWebhookConfiguration
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission
+{{- if .Values.prometheusOperator.admissionWebhooks.certManager.enabled }}
+  annotations:
+    certmanager.k8s.io/inject-ca-from: {{ printf "%s/%s-admission" (include "kube-prometheus-stack.namespace" .) (include "kube-prometheus-stack.fullname" .) | quote }}
+    cert-manager.io/inject-ca-from: {{ printf "%s/%s-admission" (include "kube-prometheus-stack.namespace" .) (include "kube-prometheus-stack.fullname" .) | quote }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+webhooks:
+  - name: prometheusrulemutate.monitoring.coreos.com
+    {{- if eq .Values.prometheusOperator.admissionWebhooks.failurePolicy "IgnoreOnInstallOnly" }}
+    failurePolicy: {{ .Release.IsInstall | ternary "Ignore" "Fail" }}
+    {{- else if .Values.prometheusOperator.admissionWebhooks.failurePolicy  }}
+    failurePolicy: {{ .Values.prometheusOperator.admissionWebhooks.failurePolicy }}
+    {{- else if .Values.prometheusOperator.admissionWebhooks.patch.enabled }}
+    failurePolicy: Ignore
+    {{- else }}
+    failurePolicy: Fail
+    {{- end }}
+    rules:
+      - apiGroups:
+          - monitoring.coreos.com
+        apiVersions:
+          - "*"
+        resources:
+          - prometheusrules
+        operations:
+          - CREATE
+          - UPDATE
+    clientConfig:
+      service:
+        namespace: {{ template "kube-prometheus-stack.namespace" . }}
+        name: {{ template "kube-prometheus-stack.operator.fullname" $ }}{{ if .Values.prometheusOperator.admissionWebhooks.deployment.enabled }}-webhook{{ end }}
+        path: /admission-prometheusrules/validate
+      {{- if and .Values.prometheusOperator.admissionWebhooks.caBundle (not .Values.prometheusOperator.admissionWebhooks.patch.enabled) (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+      caBundle: {{ .Values.prometheusOperator.admissionWebhooks.caBundle }}
+      {{- end }}
+    timeoutSeconds: {{ .Values.prometheusOperator.admissionWebhooks.timeoutSeconds }}
+    admissionReviewVersions: ["v1", "v1beta1"]
+    sideEffects: None
+    {{- if or .Values.prometheusOperator.denyNamespaces .Values.prometheusOperator.namespaces .Values.prometheusOperator.admissionWebhooks.namespaceSelector }}
+    namespaceSelector:
+      {{- with (omit .Values.prometheusOperator.admissionWebhooks.namespaceSelector "matchExpressions") }}
+      {{- toYaml . | nindent 6 }}
+      {{- end }}
+      {{- if or .Values.prometheusOperator.denyNamespaces .Values.prometheusOperator.namespaces .Values.prometheusOperator.admissionWebhooks.namespaceSelector.matchExpressions }}
+      matchExpressions:
+        {{- with (.Values.prometheusOperator.admissionWebhooks.namespaceSelector.matchExpressions) }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- if .Values.prometheusOperator.denyNamespaces }}
+        - key: kubernetes.io/metadata.name
+          operator: NotIn
+          values:
+        {{- range $namespace := mustUniq .Values.prometheusOperator.denyNamespaces }}
+            - {{ $namespace }}
+        {{- end }}
+        {{- else if and .Values.prometheusOperator.namespaces .Values.prometheusOperator.namespaces.additional }}
+        - key: kubernetes.io/metadata.name
+          operator: In
+          values:
+        {{- if and .Values.prometheusOperator.namespaces.releaseNamespace (default .Values.prometheusOperator.namespaces.releaseNamespace true) }}
+        {{- $namespace := printf "%s" (include "kube-prometheus-stack.namespace" .) }}
+            - {{ $namespace }}
+        {{- end }}
+        {{- range $namespace := mustUniq .Values.prometheusOperator.namespaces.additional }}
+            - {{ $namespace }}
+        {{- end }}
+        {{- end }}
+      {{- end }}
+    {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/certmanager.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/certmanager.yaml
new file mode 100644
index 0000000000..cb27e49f48
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/certmanager.yaml
@@ -0,0 +1,55 @@
+{{- if .Values.prometheusOperator.admissionWebhooks.certManager.enabled -}}
+{{- if not .Values.prometheusOperator.admissionWebhooks.certManager.issuerRef -}}
+# Create a selfsigned Issuer, in order to create a root CA certificate for
+# signing webhook serving certificates
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-self-signed-issuer
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+spec:
+  selfSigned: {}
+---
+# Generate a CA Certificate used to sign certificates for the webhook
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-root-cert
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+spec:
+  secretName: {{ template "kube-prometheus-stack.fullname" . }}-root-cert
+  duration: {{ .Values.prometheusOperator.admissionWebhooks.certManager.rootCert.duration | default "43800h0m0s" | quote }}
+  issuerRef:
+    name: {{ template "kube-prometheus-stack.fullname" . }}-self-signed-issuer
+  commonName: "ca.webhook.kube-prometheus-stack"
+  isCA: true
+---
+# Create an Issuer that uses the above generated CA certificate to issue certs
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-root-issuer
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+spec:
+  ca:
+    secretName: {{ template "kube-prometheus-stack.fullname" . }}-root-cert
+{{- end }}
+---
+# generate a server certificate for the apiservices to use
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-admission
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+spec:
+  secretName: {{ template "kube-prometheus-stack.fullname" . }}-admission
+  duration: {{ .Values.prometheusOperator.admissionWebhooks.certManager.admissionCert.duration | default "8760h0m0s" | quote }}
+  issuerRef:
+    {{- if .Values.prometheusOperator.admissionWebhooks.certManager.issuerRef }}
+    {{- toYaml .Values.prometheusOperator.admissionWebhooks.certManager.issuerRef | nindent 4 }}
+    {{- else }}
+    name: {{ template "kube-prometheus-stack.fullname" . }}-root-issuer
+    {{- end }}
+  dnsNames:
+    {{- include "kube-prometheus-stack.operator.admission-webhook.dnsNames" . | splitList "\n" | toYaml | nindent 4 }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/ciliumnetworkpolicy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/ciliumnetworkpolicy.yaml
new file mode 100644
index 0000000000..07e2e99967
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/ciliumnetworkpolicy.yaml
@@ -0,0 +1,40 @@
+{{- if and .Values.prometheusOperator.networkPolicy.enabled (eq .Values.prometheusOperator.networkPolicy.flavor "cilium") }}
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+spec:
+  endpointSelector:
+    matchLabels:
+      {{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
+      app: {{ template "kube-prometheus-stack.name" . }}-operator
+      {{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
+      {{- else }}
+      {{- include "kube-prometheus-stack.prometheus-operator.labels" $ | nindent 6 }}
+      {{- end }}
+  egress:
+    {{- if and .Values.prometheusOperator.networkPolicy.cilium .Values.prometheusOperator.networkPolicy.cilium.egress }}
+    {{ toYaml .Values.prometheusOperator.networkPolicy.cilium.egress | nindent 6 }}
+    {{- else }}
+  - toEntities:
+    - kube-apiserver
+  {{- end }}
+  ingress:
+  - toPorts:
+    - ports:
+      {{- if .Values.prometheusOperator.tls.enabled }}
+      - port: {{ .Values.prometheusOperator.tls.internalPort | quote }}
+      {{- else }}
+      - port: "8080"
+      {{- end }}
+        protocol: "TCP"
+      {{- if not .Values.prometheusOperator.tls.enabled }}
+      rules:
+        http:
+        - method: "GET"
+          path: "/metrics"
+      {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/clusterrole.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/clusterrole.yaml
new file mode 100644
index 0000000000..fd11b69eed
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/clusterrole.yaml
@@ -0,0 +1,109 @@
+{{- if and .Values.prometheusOperator.enabled .Values.global.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - alertmanagers
+  - alertmanagers/finalizers
+  - alertmanagers/status
+  - alertmanagerconfigs
+  - prometheuses
+  - prometheuses/finalizers
+  - prometheuses/status
+  - prometheusagents
+  - prometheusagents/finalizers
+  - prometheusagents/status
+  - thanosrulers
+  - thanosrulers/finalizers
+  - thanosrulers/status
+  - scrapeconfigs
+  - servicemonitors
+  - podmonitors
+  - probes
+  - prometheusrules
+  verbs:
+  - '*'
+- apiGroups:
+  - apps
+  resources:
+  - statefulsets
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - secrets
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - list
+  - delete
+- apiGroups:
+  - ""
+  resources:
+  - services
+  - services/finalizers
+  - endpoints
+  verbs:
+  - get
+  - create
+  - update
+  - delete
+- apiGroups:
+  - ""
+  resources:
+  - nodes
+  verbs:
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - namespaces
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - patch
+  - create
+- apiGroups:
+  - networking.k8s.io
+  resources:
+  - ingresses
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - storageclasses
+  verbs:
+  - get
+{{- if .Capabilities.APIVersions.Has "discovery.k8s.io/v1/EndpointSlice" }}
+- apiGroups:
+  - discovery.k8s.io
+  resources:
+  - endpointslices
+  verbs:
+  - get
+  - list
+  - watch
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/clusterrolebinding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/clusterrolebinding.yaml
new file mode 100644
index 0000000000..ad9e3ef6c5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/clusterrolebinding.yaml
@@ -0,0 +1,16 @@
+{{- if and .Values.prometheusOperator.enabled .Values.global.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "kube-prometheus-stack.operator.serviceAccountName" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/deployment.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/deployment.yaml
new file mode 100644
index 0000000000..8a01b2912a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/deployment.yaml
@@ -0,0 +1,204 @@
+{{- $namespace := printf "%s" (include "kube-prometheus-stack.namespace" .) }}
+{{- $defaultKubeletSvcName := printf "%s-kubelet" (include "kube-prometheus-stack.fullname" .) }}
+{{- if .Values.prometheusOperator.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+{{- if .Values.prometheusOperator.labels }}
+{{ toYaml .Values.prometheusOperator.labels | indent 4 }}
+{{- end }}
+{{- if .Values.prometheusOperator.annotations }}
+  annotations:
+{{ toYaml .Values.prometheusOperator.annotations | indent 4 }}
+{{- end }}
+spec:
+  replicas: 1
+  revisionHistoryLimit: {{ .Values.prometheusOperator.revisionHistoryLimit }}
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-operator
+      release: {{ $.Release.Name | quote }}
+  {{- with .Values.prometheusOperator.strategy }}
+  strategy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  template:
+    metadata:
+      labels:
+        {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 8 }}
+{{- if .Values.prometheusOperator.podLabels }}
+{{ toYaml .Values.prometheusOperator.podLabels | indent 8 }}
+{{- end }}
+{{- if .Values.prometheusOperator.podAnnotations }}
+      annotations:
+{{ toYaml .Values.prometheusOperator.podAnnotations | indent 8 }}
+{{- end }}
+    spec:
+    {{- if .Values.prometheusOperator.priorityClassName }}
+      priorityClassName: {{ .Values.prometheusOperator.priorityClassName }}
+    {{- end }}
+    {{- if .Values.global.imagePullSecrets }}
+      imagePullSecrets:
+      {{- include "kube-prometheus-stack.imagePullSecrets" . | indent 8 }}
+    {{- end }}
+      containers:
+        - name: {{ template "kube-prometheus-stack.name" . }}
+          {{- $base_registry := (include "monitoring_registry" .) }}
+          {{- $configReloaderRegistry := $base_registry | default .Values.prometheusOperator.prometheusConfigReloader.image.registry -}}
+          {{- $operatorRegistry := $base_registry | default .Values.prometheusOperator.image.registry -}}
+          {{- $thanosRegistry := $base_registry | default .Values.prometheusOperator.thanosImage.registry -}}
+          {{- if .Values.prometheusOperator.image.sha }}
+          image: "{{ $operatorRegistry }}/{{ .Values.prometheusOperator.image.repository }}:{{ .Values.prometheusOperator.image.tag | default .Chart.AppVersion }}@sha256:{{ .Values.prometheusOperator.image.sha }}"
+          {{- else }}
+          image: "{{ $operatorRegistry }}/{{ .Values.prometheusOperator.image.repository }}:{{ .Values.prometheusOperator.image.tag | default .Chart.AppVersion }}"
+          {{- end }}
+          imagePullPolicy: "{{ .Values.prometheusOperator.image.pullPolicy }}"
+          args:
+            {{- if .Values.prometheusOperator.kubeletService.enabled }}
+            - --kubelet-service={{ .Values.prometheusOperator.kubeletService.namespace }}/{{ default $defaultKubeletSvcName .Values.prometheusOperator.kubeletService.name  }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.logFormat }}
+            - --log-format={{ .Values.prometheusOperator.logFormat }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.logLevel }}
+            - --log-level={{ .Values.prometheusOperator.logLevel }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.denyNamespaces }}
+            - --deny-namespaces={{ tpl (.Values.prometheusOperator.denyNamespaces | join ",") $ }}
+            {{- end }}
+            {{- with $.Values.prometheusOperator.namespaces }}
+            {{- $namespaces := list }}
+            {{- if .releaseNamespace }}
+            {{- $namespaces = append $namespaces $namespace }}
+            {{- end }}
+            {{- if .additional }}
+            {{- range $ns := .additional }}
+            {{- $namespaces = append $namespaces (tpl $ns $) }}
+            {{- end }}
+            {{- end }}
+            - --namespaces={{ $namespaces | mustUniq | join "," }}
+            {{- end }}
+            - --localhost=127.0.0.1
+            {{- if .Values.prometheusOperator.prometheusDefaultBaseImage }}
+            - --prometheus-default-base-image={{ $base_registry | default .Values.prometheusOperator.prometheusDefaultBaseImageRegistry }}/{{ .Values.prometheusOperator.prometheusDefaultBaseImage }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.alertmanagerDefaultBaseImage }}
+            - --alertmanager-default-base-image={{ $base_registry | default .Values.prometheusOperator.alertmanagerDefaultBaseImageRegistry }}/{{ .Values.prometheusOperator.alertmanagerDefaultBaseImage }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.prometheusConfigReloader.image.sha }}
+            - --prometheus-config-reloader={{ $configReloaderRegistry }}/{{ .Values.prometheusOperator.prometheusConfigReloader.image.repository }}:{{ .Values.prometheusOperator.prometheusConfigReloader.image.tag | default .Chart.AppVersion }}@sha256:{{ .Values.prometheusOperator.prometheusConfigReloader.image.sha }}
+            {{- else }}
+            - --prometheus-config-reloader={{ $configReloaderRegistry }}/{{ .Values.prometheusOperator.prometheusConfigReloader.image.repository }}:{{ .Values.prometheusOperator.prometheusConfigReloader.image.tag | default .Chart.AppVersion }}
+            {{- end }}
+            - --config-reloader-cpu-request={{ (((.Values.prometheusOperator.prometheusConfigReloader.resources).requests).cpu) | default 0 }}
+            - --config-reloader-cpu-limit={{ (((.Values.prometheusOperator.prometheusConfigReloader.resources).limits).cpu) | default 0 }}
+            - --config-reloader-memory-request={{ (((.Values.prometheusOperator.prometheusConfigReloader.resources).requests).memory) | default 0 }}
+            - --config-reloader-memory-limit={{ (((.Values.prometheusOperator.prometheusConfigReloader.resources).limits).memory) | default 0 }}
+            {{- if .Values.prometheusOperator.prometheusConfigReloader.enableProbe }}
+            - --enable-config-reloader-probes=true
+            {{- end }}
+            {{- if .Values.prometheusOperator.alertmanagerInstanceNamespaces }}
+            - --alertmanager-instance-namespaces={{ .Values.prometheusOperator.alertmanagerInstanceNamespaces | join "," }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.alertmanagerInstanceSelector }}
+            - --alertmanager-instance-selector={{ .Values.prometheusOperator.alertmanagerInstanceSelector }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.alertmanagerConfigNamespaces }}
+            - --alertmanager-config-namespaces={{ .Values.prometheusOperator.alertmanagerConfigNamespaces | join "," }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.prometheusInstanceNamespaces }}
+            - --prometheus-instance-namespaces={{ .Values.prometheusOperator.prometheusInstanceNamespaces | join "," }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.prometheusInstanceSelector }}
+            - --prometheus-instance-selector={{ .Values.prometheusOperator.prometheusInstanceSelector }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.thanosImage.sha }}
+            - --thanos-default-base-image={{ $thanosRegistry }}/{{ .Values.prometheusOperator.thanosImage.repository }}:{{ .Values.prometheusOperator.thanosImage.tag }}@sha256:{{ .Values.prometheusOperator.thanosImage.sha }}
+            {{- else }}
+            - --thanos-default-base-image={{ $thanosRegistry }}/{{ .Values.prometheusOperator.thanosImage.repository }}:{{ .Values.prometheusOperator.thanosImage.tag }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.thanosRulerInstanceNamespaces }}
+            - --thanos-ruler-instance-namespaces={{ .Values.prometheusOperator.thanosRulerInstanceNamespaces | join "," }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.thanosRulerInstanceSelector }}
+            - --thanos-ruler-instance-selector={{ .Values.prometheusOperator.thanosRulerInstanceSelector }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.secretFieldSelector }}
+            - --secret-field-selector={{ tpl (.Values.prometheusOperator.secretFieldSelector) $ }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.clusterDomain }}
+            - --cluster-domain={{ .Values.prometheusOperator.clusterDomain }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.tls.enabled }}
+            - --web.enable-tls=true
+            - --web.cert-file=/cert/{{ if .Values.prometheusOperator.admissionWebhooks.certManager.enabled }}tls.crt{{ else }}cert{{ end }}
+            - --web.key-file=/cert/{{ if .Values.prometheusOperator.admissionWebhooks.certManager.enabled }}tls.key{{ else }}key{{ end }}
+            - --web.listen-address=:{{ .Values.prometheusOperator.tls.internalPort }}
+            - --web.tls-min-version={{ .Values.prometheusOperator.tls.tlsMinVersion }}
+          ports:
+            - containerPort: {{ .Values.prometheusOperator.tls.internalPort }}
+              name: https
+          {{- else }}
+          ports:
+            - containerPort: 8080
+              name: http
+          {{- end }}
+          env:
+          {{- range $key, $value := .Values.prometheusOperator.env }}
+          - name: {{ $key }}
+            value: {{ $value | quote }}
+          {{- end }}
+          resources:
+{{ toYaml .Values.prometheusOperator.resources | indent 12 }}
+          securityContext:
+{{ toYaml .Values.prometheusOperator.containerSecurityContext | indent 12 }}
+          volumeMounts:
+          {{- if .Values.prometheusOperator.tls.enabled }}
+            - name: tls-secret
+              mountPath: /cert
+              readOnly: true
+          {{- end }}
+          {{- with .Values.prometheusOperator.extraVolumeMounts }}
+          {{- toYaml . | nindent 12 }}
+          {{- end }}
+      volumes:
+        {{- if .Values.prometheusOperator.tls.enabled }}
+        - name: tls-secret
+          secret:
+            defaultMode: 420
+            secretName: {{ template "kube-prometheus-stack.fullname" . }}-admission
+        {{- end }}
+        {{- with .Values.prometheusOperator.extraVolumes }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    {{- with .Values.prometheusOperator.dnsConfig }}
+      dnsConfig:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+{{- if .Values.prometheusOperator.securityContext }}
+      securityContext:
+{{ toYaml .Values.prometheusOperator.securityContext | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "kube-prometheus-stack.operator.serviceAccountName" . }}
+      automountServiceAccountToken: {{ .Values.prometheusOperator.automountServiceAccountToken }}
+{{- if .Values.prometheusOperator.hostNetwork }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+{{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} 
+{{- with .Values.prometheusOperator.nodeSelector }}
+{{ toYaml . | indent 8 }}
+{{- end }}
+    {{- with .Values.prometheusOperator.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} 
+{{- with .Values.prometheusOperator.tolerations }}
+{{ toYaml . | indent 8 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/networkpolicy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/networkpolicy.yaml
new file mode 100644
index 0000000000..cfd5b0b8c7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/networkpolicy.yaml
@@ -0,0 +1,29 @@
+{{- if and .Values.prometheusOperator.networkPolicy.enabled (eq .Values.prometheusOperator.networkPolicy.flavor "kubernetes") }}
+apiVersion: {{ template "kube-prometheus-stack.prometheus.networkPolicy.apiVersion" . }}
+kind: NetworkPolicy
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+spec:
+  egress:
+    - {}
+  ingress:
+    - ports:
+      {{- if .Values.prometheusOperator.tls.enabled }}
+      - port: {{ .Values.prometheusOperator.tls.internalPort }}
+      {{- else }}
+      - port: 8080
+      {{- end }}
+  policyTypes:
+    - Egress
+    - Ingress
+  podSelector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-operator
+      release: {{ $.Release.Name | quote }}
+      {{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
+      {{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
+      {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/psp-clusterrole.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/psp-clusterrole.yaml
new file mode 100644
index 0000000000..61bc3d9040
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/psp-clusterrole.yaml
@@ -0,0 +1,21 @@
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+{{- if and .Values.prometheusOperator.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}-psp
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+rules:
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }}
+- apiGroups: ['policy']
+{{- else }}
+- apiGroups: ['extensions']
+{{- end }}
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "kube-prometheus-stack.operator.fullname" . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/psp-clusterrolebinding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/psp-clusterrolebinding.yaml
new file mode 100644
index 0000000000..40e0fc5c15
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/psp-clusterrolebinding.yaml
@@ -0,0 +1,18 @@
+{{- if and .Values.prometheusOperator.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}-psp
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}-psp
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-prometheus-stack.operator.serviceAccountName" . }}
+    namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/psp.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/psp.yaml
new file mode 100644
index 0000000000..28a9075d3e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/psp.yaml
@@ -0,0 +1,46 @@
+{{- if and .Values.prometheusOperator.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+{{- if .Values.global.rbac.pspAnnotations }}
+  annotations:
+{{ toYaml .Values.global.rbac.pspAnnotations | indent 4 }}
+{{- end }}
+spec:
+  privileged: false
+  # Allow core volume types.
+  volumes:
+    - 'configMap'
+    - 'emptyDir'
+    - 'projected'
+    - 'secret'
+    - 'downwardAPI'
+    - 'persistentVolumeClaim'
+  hostNetwork: {{ .Values.prometheusOperator.hostNetwork }}
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    # Permits the container to run with root privileges as well.
+    rule: 'RunAsAny'
+  seLinux:
+    # This policy assumes the nodes are using AppArmor rather than SELinux.
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/service.yaml
new file mode 100644
index 0000000000..d45ab22d08
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/service.yaml
@@ -0,0 +1,57 @@
+{{- if .Values.prometheusOperator.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+{{- if .Values.prometheusOperator.service.labels }}
+{{ toYaml .Values.prometheusOperator.service.labels | indent 4 }}
+{{- end }}
+{{- if .Values.prometheusOperator.service.annotations }}
+  annotations:
+{{ toYaml .Values.prometheusOperator.service.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.prometheusOperator.service.clusterIP }}
+  clusterIP: {{ .Values.prometheusOperator.service.clusterIP }}
+{{- end }}
+{{- if .Values.prometheusOperator.service.externalIPs }}
+  externalIPs:
+{{ toYaml .Values.prometheusOperator.service.externalIPs | indent 4 }}
+{{- end }}
+{{- if .Values.prometheusOperator.service.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.prometheusOperator.service.loadBalancerIP }}
+{{- end }}
+{{- if .Values.prometheusOperator.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range $cidr := .Values.prometheusOperator.service.loadBalancerSourceRanges }}
+    - {{ $cidr }}
+  {{- end }}
+{{- end }}
+{{- if ne .Values.prometheusOperator.service.type "ClusterIP" }}
+  externalTrafficPolicy: {{ .Values.prometheusOperator.service.externalTrafficPolicy }}
+{{- end }}
+  ports:
+  {{- if not .Values.prometheusOperator.tls.enabled }}
+  - name: http
+    {{- if eq .Values.prometheusOperator.service.type "NodePort" }}
+    nodePort: {{ .Values.prometheusOperator.service.nodePort }}
+    {{- end }}
+    port: 8080
+    targetPort: http
+  {{- end }}
+  {{- if .Values.prometheusOperator.tls.enabled }}
+  - name: https
+    {{- if eq .Values.prometheusOperator.service.type "NodePort"}}
+    nodePort: {{ .Values.prometheusOperator.service.nodePortTls }}
+    {{- end }}
+    port: 443
+    targetPort: https
+  {{- end }}
+  selector:
+    app: {{ template "kube-prometheus-stack.name" . }}-operator
+    release: {{ $.Release.Name | quote }}
+  type: "{{ .Values.prometheusOperator.service.type }}"
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/serviceaccount.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/serviceaccount.yaml
new file mode 100644
index 0000000000..4f84974f9b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/serviceaccount.yaml
@@ -0,0 +1,14 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.serviceAccountName" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+automountServiceAccountToken: {{ .Values.prometheusOperator.serviceAccount.automountServiceAccountToken }}
+{{- if .Values.global.imagePullSecrets }}
+imagePullSecrets:
+{{ include "kube-prometheus-stack.imagePullSecrets" . | trim | indent 2 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/servicemonitor.yaml
new file mode 100644
index 0000000000..cbe79e1253
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/servicemonitor.yaml
@@ -0,0 +1,57 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.serviceMonitor.selfMonitor }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+{{- with .Values.prometheusOperator.serviceMonitor.additionalLabels }}
+{{ toYaml . | indent 4 }}
+{{- end }}
+spec:
+  {{- include "servicemonitor.scrapeLimits" .Values.prometheusOperator.serviceMonitor | nindent 2 }}
+  endpoints:
+  {{- if .Values.prometheusOperator.tls.enabled }}
+  - port: https
+    scheme: https
+    tlsConfig:
+      serverName: {{ template "kube-prometheus-stack.operator.fullname" . }}
+      ca:
+        secret:
+          name: {{ template "kube-prometheus-stack.fullname" . }}-admission
+          key: {{ if .Values.prometheusOperator.admissionWebhooks.certManager.enabled }}ca.crt{{ else }}ca{{ end }}
+          optional: false
+  {{- else }}
+  - port: http
+  {{- end }}
+    honorLabels: true
+    {{- if .Values.prometheusOperator.serviceMonitor.interval }}
+    interval: {{ .Values.prometheusOperator.serviceMonitor.interval }}
+    {{- end }}
+    metricRelabelings:
+    {{- if .Values.prometheusOperator.serviceMonitor.metricRelabelings }}
+    {{ tpl (toYaml .Values.prometheusOperator.serviceMonitor.metricRelabelings | indent 6) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.prometheusOperator.serviceMonitor.relabelings }}
+    relabelings:
+{{ toYaml .Values.prometheusOperator.serviceMonitor.relabelings | indent 6 }}
+{{- end }}
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-operator
+      release: {{ $.Release.Name | quote }}
+  namespaceSelector:
+    matchNames:
+      - {{ printf "%s" (include "kube-prometheus-stack.namespace" .) | quote }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/verticalpodautoscaler.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/verticalpodautoscaler.yaml
new file mode 100644
index 0000000000..f225d16dde
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus-operator/verticalpodautoscaler.yaml
@@ -0,0 +1,40 @@
+{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1") (.Values.prometheusOperator.verticalPodAutoscaler.enabled) }}
+apiVersion: autoscaling.k8s.io/v1
+kind: VerticalPodAutoscaler
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+spec:
+  {{- with .Values.prometheusOperator.verticalPodAutoscaler.recommenders }}
+  recommenders:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  resourcePolicy:
+    containerPolicies:
+    - containerName: {{ template "kube-prometheus-stack.name" . }}
+      {{- with .Values.prometheusOperator.verticalPodAutoscaler.controlledResources }}
+      controlledResources:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- if .Values.prometheusOperator.verticalPodAutoscaler.controlledValues }}
+      controlledValues: {{ .Values.prometheusOperator.verticalPodAutoscaler.controlledValues }}
+      {{- end }}
+      {{- if .Values.prometheusOperator.verticalPodAutoscaler.maxAllowed }}
+      maxAllowed:
+        {{- toYaml .Values.prometheusOperator.verticalPodAutoscaler.maxAllowed | nindent 8 }}
+      {{- end }}
+      {{- if .Values.prometheusOperator.verticalPodAutoscaler.minAllowed }}
+      minAllowed:
+        {{- toYaml .Values.prometheusOperator.verticalPodAutoscaler.minAllowed | nindent 8 }}
+      {{- end }}
+  targetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  {{- with .Values.prometheusOperator.verticalPodAutoscaler.updatePolicy }}
+  updatePolicy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/_rules.tpl b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/_rules.tpl
new file mode 100644
index 0000000000..4a8213d089
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/_rules.tpl
@@ -0,0 +1,44 @@
+{{- /*
+Generated file. Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- define "rules.names" }}
+rules:
+  - "alertmanager.rules"
+  - "config-reloaders"
+  - "etcd"
+  - "general.rules"
+  - "k8s.rules.container-cpu-usage-seconds-total"
+  - "k8s.rules.container-memory-cache"
+  - "k8s.rules.container-memory-rss"
+  - "k8s.rules.container-memory-swap"
+  - "k8s.rules.container-memory-working-set-bytes"
+  - "k8s.rules.container-resource"
+  - "k8s.rules.pod-owner"
+  - "kube-apiserver-availability.rules"
+  - "kube-apiserver-burnrate.rules"
+  - "kube-apiserver-histogram.rules"
+  - "kube-apiserver-slos"
+  - "kube-prometheus-general.rules"
+  - "kube-prometheus-node-recording.rules"
+  - "kube-scheduler.rules"
+  - "kube-state-metrics"
+  - "kubelet.rules"
+  - "kubernetes-apps"
+  - "kubernetes-resources"
+  - "kubernetes-storage"
+  - "kubernetes-system"
+  - "kubernetes-system-kube-proxy"
+  - "kubernetes-system-apiserver"
+  - "kubernetes-system-kubelet"
+  - "kubernetes-system-controller-manager"
+  - "kubernetes-system-scheduler"
+  - "node-exporter.rules"
+  - "node-exporter"
+  - "node.rules"
+  - "node-network"
+  - "prometheus-operator"
+  - "prometheus"
+  - "windows.node.rules"
+  - "windows.pod.rules"
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/additionalAlertRelabelConfigs.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/additionalAlertRelabelConfigs.yaml
new file mode 100644
index 0000000000..bff930981a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/additionalAlertRelabelConfigs.yaml
@@ -0,0 +1,16 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigs }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-am-relabel-confg
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- if .Values.prometheus.prometheusSpec.additionalPrometheusSecretsAnnotations }}
+  annotations:
+{{ toYaml .Values.prometheus.prometheusSpec.additionalPrometheusSecretsAnnotations | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus-am-relabel-confg
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+  additional-alert-relabel-configs.yaml: {{ toYaml .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigs | b64enc | quote }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/additionalAlertmanagerConfigs.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/additionalAlertmanagerConfigs.yaml
new file mode 100644
index 0000000000..2fe8fdb816
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/additionalAlertmanagerConfigs.yaml
@@ -0,0 +1,16 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-am-confg
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- if .Values.prometheus.prometheusSpec.additionalPrometheusSecretsAnnotations }}
+  annotations:
+{{ toYaml .Values.prometheus.prometheusSpec.additionalPrometheusSecretsAnnotations | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus-am-confg
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+  additional-alertmanager-configs.yaml: {{ tpl (toYaml .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs) . | b64enc | quote }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/additionalPrometheusRules.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/additionalPrometheusRules.yaml
new file mode 100644
index 0000000000..cb4aabaa7b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/additionalPrometheusRules.yaml
@@ -0,0 +1,43 @@
+{{- if or .Values.additionalPrometheusRules .Values.additionalPrometheusRulesMap}}
+apiVersion: v1
+kind: List
+metadata:
+  name: {{ include "kube-prometheus-stack.fullname" $ }}-additional-prometheus-rules
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+items:
+{{- if .Values.additionalPrometheusRulesMap }}
+{{- range $prometheusRuleName, $prometheusRule := .Values.additionalPrometheusRulesMap }}
+  - apiVersion: monitoring.coreos.com/v1
+    kind: PrometheusRule
+    metadata:
+      name: {{ template "kube-prometheus-stack.name" $ }}-{{ $prometheusRuleName }}
+      namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+      labels:
+        app: {{ template "kube-prometheus-stack.name" $ }}
+{{ include "kube-prometheus-stack.labels" $ | indent 8 }}
+    {{- if $prometheusRule.additionalLabels }}
+{{ toYaml $prometheusRule.additionalLabels | indent 8 }}
+    {{- end }}
+    spec:
+      groups:
+{{ toYaml $prometheusRule.groups| indent 8 }}
+{{- end }}
+{{- else }}
+{{- range .Values.additionalPrometheusRules }}
+  - apiVersion: monitoring.coreos.com/v1
+    kind: PrometheusRule
+    metadata:
+      name: {{ template "kube-prometheus-stack.name" $ }}-{{ .name }}
+      namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+      labels:
+        app: {{ template "kube-prometheus-stack.name" $ }}
+{{ include "kube-prometheus-stack.labels" $ | indent 8 }}
+    {{- if .additionalLabels }}
+{{ toYaml .additionalLabels | indent 8 }}
+    {{- end }}
+    spec:
+      groups:
+{{ toYaml .groups| indent 8 }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/additionalScrapeConfigs.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/additionalScrapeConfigs.yaml
new file mode 100644
index 0000000000..ebdf766fde
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/additionalScrapeConfigs.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.prometheusSpec.additionalScrapeConfigs }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-scrape-confg
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- if .Values.prometheus.prometheusSpec.additionalPrometheusSecretsAnnotations }}
+  annotations:
+{{ toYaml .Values.prometheus.prometheusSpec.additionalPrometheusSecretsAnnotations | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus-scrape-confg
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+{{- if  eq ( typeOf .Values.prometheus.prometheusSpec.additionalScrapeConfigs ) "string" }}
+  additional-scrape-configs.yaml: {{ tpl .Values.prometheus.prometheusSpec.additionalScrapeConfigs $ | b64enc | quote }}
+{{- else }}
+  additional-scrape-configs.yaml: {{ tpl (toYaml .Values.prometheus.prometheusSpec.additionalScrapeConfigs) $ | b64enc | quote }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/ciliumnetworkpolicy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/ciliumnetworkpolicy.yaml
new file mode 100644
index 0000000000..74d61d7c13
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/ciliumnetworkpolicy.yaml
@@ -0,0 +1,27 @@
+{{- if and .Values.prometheus.networkPolicy.enabled (eq .Values.prometheus.networkPolicy.flavor "cilium") }}
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+    {{- include "kube-prometheus-stack.labels" . | nindent 4 }}
+spec:
+  endpointSelector:
+    {{- if .Values.prometheus.networkPolicy.cilium.endpointSelector }}
+    {{- toYaml .Values.prometheus.networkPolicy.cilium.endpointSelector | nindent 4 }}
+    {{- else }}
+    matchExpressions:
+      - {key: app.kubernetes.io/name, operator: In, values: [prometheus]}
+      - {key: prometheus, operator: In, values: [{{ template "kube-prometheus-stack.prometheus.crname" . }}]}
+    {{- end }}
+  {{- if and .Values.prometheus.networkPolicy.cilium .Values.prometheus.networkPolicy.cilium.egress }}  
+  egress:
+    {{ toYaml .Values.prometheus.networkPolicy.cilium.egress | nindent 4 }}
+  {{- end }}
+  {{- if and .Values.prometheus.networkPolicy.cilium .Values.prometheus.networkPolicy.cilium.ingress }}  
+  ingress:
+    {{ toYaml .Values.prometheus.networkPolicy.cilium.ingress | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/clusterrole.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/clusterrole.yaml
new file mode 100644
index 0000000000..3585b5db11
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/clusterrole.yaml
@@ -0,0 +1,30 @@
+{{- if and .Values.prometheus.enabled .Values.global.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+rules:
+# This permission are not in the kube-prometheus repo
+# they're grabbed from https://github.com/prometheus/prometheus/blob/master/documentation/examples/rbac-setup.yml
+- apiGroups: [""]
+  resources:
+  - nodes
+  - nodes/metrics
+  - services
+  - endpoints
+  - pods
+  verbs: ["get", "list", "watch"]
+- apiGroups:
+  - "networking.k8s.io"
+  resources:
+  - ingresses
+  verbs: ["get", "list", "watch"]
+- nonResourceURLs: ["/metrics", "/metrics/cadvisor"]
+  verbs: ["get"]
+{{- if .Values.prometheus.additionalRulesForClusterRole }}
+{{ toYaml .Values.prometheus.additionalRulesForClusterRole | indent 0 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/clusterrolebinding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/clusterrolebinding.yaml
new file mode 100644
index 0000000000..9fc4f65da4
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/clusterrolebinding.yaml
@@ -0,0 +1,18 @@
+{{- if and .Values.prometheus.enabled .Values.global.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-prometheus-stack.prometheus.serviceAccountName" . }}
+    namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- end }}
+
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/csi-secret.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/csi-secret.yaml
new file mode 100644
index 0000000000..e05382f633
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/csi-secret.yaml
@@ -0,0 +1,12 @@
+{{- if and .Values.prometheus.prometheusSpec.thanos .Values.prometheus.prometheusSpec.thanos.secretProviderClass }}
+---
+apiVersion: secrets-store.csi.x-k8s.io/v1alpha1
+kind: SecretProviderClass
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+spec:
+{{ toYaml .Values.prometheus.prometheusSpec.thanos.secretProviderClass | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/extrasecret.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/extrasecret.yaml
new file mode 100644
index 0000000000..17f3478a46
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/extrasecret.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.prometheus.extraSecret.data -}}
+{{- $secretName := printf "prometheus-%s-extra" (include "kube-prometheus-stack.fullname" . ) -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ default $secretName .Values.prometheus.extraSecret.name }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- if .Values.prometheus.extraSecret.annotations }}
+  annotations:
+{{ toYaml .Values.prometheus.extraSecret.annotations | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+    app.kubernetes.io/component: prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+{{- range $key, $val := .Values.prometheus.extraSecret.data }}
+  {{ $key }}: {{ $val | b64enc | quote }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/ingress.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/ingress.yaml
new file mode 100644
index 0000000000..d2f6af5dd1
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/ingress.yaml
@@ -0,0 +1,77 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.ingress.enabled -}}
+  {{- $pathType := .Values.prometheus.ingress.pathType | default "ImplementationSpecific" -}}
+  {{- $serviceName := printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "prometheus" -}}
+  {{- $servicePort := .Values.prometheus.ingress.servicePort | default .Values.prometheus.service.port -}}
+  {{- $routePrefix := list .Values.prometheus.prometheusSpec.routePrefix -}}
+  {{- $paths := .Values.prometheus.ingress.paths | default $routePrefix -}}
+  {{- $apiIsStable := eq (include "kube-prometheus-stack.ingress.isStable" .) "true" -}}
+  {{- $ingressSupportsPathType := eq (include "kube-prometheus-stack.ingress.supportsPathType" .) "true" -}}
+apiVersion: {{ include "kube-prometheus-stack.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+{{- if .Values.prometheus.ingress.annotations }}
+  annotations:
+    {{- tpl (toYaml .Values.prometheus.ingress.annotations) . | nindent 4 }}
+{{- end }}
+  name: {{ $serviceName }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.prometheus.ingress.labels }}
+{{ toYaml .Values.prometheus.ingress.labels | indent 4 }}
+{{- end }}
+spec:
+  {{- if $apiIsStable }}
+  {{- if .Values.prometheus.ingress.ingressClassName }}
+  ingressClassName: {{ .Values.prometheus.ingress.ingressClassName }}
+  {{- end }}
+  {{- end }}
+  rules:
+  {{- if .Values.prometheus.ingress.hosts }}
+  {{- range $host := .Values.prometheus.ingress.hosts }}
+    - host: {{ tpl $host $ }}
+      http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ tpl $p $ }}
+            {{- if and $pathType $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+    {{- end }}
+    {{- end -}}
+  {{- end -}}
+  {{- else }}
+    - http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ tpl $p $ }}
+            {{- if and $pathType $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+  {{- end }}
+  {{- end -}}
+  {{- end -}}
+  {{- if .Values.prometheus.ingress.tls }}
+  tls:
+{{ tpl (toYaml .Values.prometheus.ingress.tls | indent 4) . }}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/ingressThanosSidecar.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/ingressThanosSidecar.yaml
new file mode 100644
index 0000000000..3f507cfa9f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/ingressThanosSidecar.yaml
@@ -0,0 +1,77 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.thanosIngress.enabled }}
+{{- $pathType := .Values.prometheus.thanosIngress.pathType | default "" }}
+{{- $serviceName := printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "thanos-discovery" }}
+{{- $thanosPort := .Values.prometheus.thanosIngress.servicePort -}}
+{{- $routePrefix := list .Values.prometheus.prometheusSpec.routePrefix }}
+{{- $paths := .Values.prometheus.thanosIngress.paths | default $routePrefix -}}
+{{- $apiIsStable := eq (include "kube-prometheus-stack.ingress.isStable" .) "true" -}}
+{{- $ingressSupportsPathType := eq (include "kube-prometheus-stack.ingress.supportsPathType" .) "true" -}}
+apiVersion: {{ include "kube-prometheus-stack.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+{{- if .Values.prometheus.thanosIngress.annotations }}
+  annotations:
+    {{- tpl (toYaml .Values.prometheus.thanosIngress.annotations) . | nindent 4 }}
+{{- end }}
+  name: {{ template "kube-prometheus-stack.fullname" . }}-thanos-gateway
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.prometheus.thanosIngress.labels }}
+{{ toYaml .Values.prometheus.thanosIngress.labels | indent 4 }}
+{{- end }}
+spec:
+  {{- if $apiIsStable }}
+  {{- if .Values.prometheus.thanosIngress.ingressClassName }}
+  ingressClassName: {{ .Values.prometheus.thanosIngress.ingressClassName }}
+  {{- end }}
+  {{- end }}
+  rules:
+  {{- if .Values.prometheus.thanosIngress.hosts }}
+  {{- range $host := .Values.prometheus.thanosIngress.hosts }}
+    - host: {{ tpl $host $ }}
+      http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ tpl $p $ }}
+            {{- if and $pathType $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  number: {{ $thanosPort }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $thanosPort }}
+    {{- end }}
+    {{- end -}}
+  {{- end -}}
+  {{- else }}
+    - http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ tpl $p $ }}
+            {{- if and $pathType $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  number: {{ $thanosPort }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $thanosPort }}
+  {{- end }}
+  {{- end -}}
+  {{- end -}}
+  {{- if .Values.prometheus.thanosIngress.tls }}
+  tls:
+{{ tpl (toYaml .Values.prometheus.thanosIngress.tls | indent 4) . }}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/ingressperreplica.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/ingressperreplica.yaml
new file mode 100644
index 0000000000..1d76d135c8
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/ingressperreplica.yaml
@@ -0,0 +1,67 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.servicePerReplica.enabled .Values.prometheus.ingressPerReplica.enabled }}
+{{- $pathType := .Values.prometheus.ingressPerReplica.pathType | default "" }}
+{{- $count := .Values.prometheus.prometheusSpec.replicas | int -}}
+{{- $servicePort := .Values.prometheus.servicePerReplica.port -}}
+{{- $ingressValues := .Values.prometheus.ingressPerReplica -}}
+{{- $apiIsStable := eq (include "kube-prometheus-stack.ingress.isStable" .) "true" -}}
+{{- $ingressSupportsPathType := eq (include "kube-prometheus-stack.ingress.supportsPathType" .) "true" -}}
+apiVersion: v1
+kind: List
+metadata:
+  name: {{ include "kube-prometheus-stack.fullname" $ }}-prometheus-ingressperreplica
+  namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+items:
+{{ range $i, $e := until $count }}
+  - kind: Ingress
+    apiVersion: {{ include "kube-prometheus-stack.ingress.apiVersion" $ }}
+    metadata:
+      name: {{ include "kube-prometheus-stack.fullname" $ }}-prometheus-{{ $i }}
+      namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+      labels:
+        app: {{ include "kube-prometheus-stack.name" $ }}-prometheus
+      {{ include "kube-prometheus-stack.labels" $ | indent 8 }}
+      {{- if $ingressValues.labels }}
+{{ toYaml $ingressValues.labels | indent 8 }}
+      {{- end }}
+      {{- if $ingressValues.annotations }}
+      annotations:
+        {{- tpl (toYaml $ingressValues.annotations) $ | nindent 8 }}
+      {{- end }}
+    spec:
+      {{- if $apiIsStable }}
+      {{- if $ingressValues.ingressClassName }}
+      ingressClassName: {{ $ingressValues.ingressClassName }}
+      {{- end }}
+      {{- end }}
+      rules:
+        - host: {{ $ingressValues.hostPrefix }}-{{ $i }}.{{ $ingressValues.hostDomain }}
+          http:
+            paths:
+      {{- range $p := $ingressValues.paths }}
+              - path: {{ tpl $p $ }}
+                {{- if and $pathType $ingressSupportsPathType }}
+                pathType: {{ $pathType }}
+                {{- end }}
+                backend:
+                  {{- if $apiIsStable }}
+                  service:
+                    name: {{ include "kube-prometheus-stack.fullname" $ }}-prometheus-{{ $i }}
+                    port:
+                      number: {{ $servicePort }}
+                  {{- else }}
+                  serviceName: {{ include "kube-prometheus-stack.fullname" $ }}-prometheus-{{ $i }}
+                  servicePort: {{ $servicePort }}
+      {{- end }}
+      {{- end -}}
+      {{- if or $ingressValues.tlsSecretName $ingressValues.tlsSecretPerReplica.enabled }}
+      tls:
+        - hosts:
+            - {{ $ingressValues.hostPrefix }}-{{ $i }}.{{ $ingressValues.hostDomain }}
+          {{- if $ingressValues.tlsSecretPerReplica.enabled }}
+          secretName: {{ $ingressValues.tlsSecretPerReplica.prefix }}-{{ $i }}
+          {{- else }}
+          secretName: {{ $ingressValues.tlsSecretName }}
+          {{- end }}
+      {{- end }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/networkpolicy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/networkpolicy.yaml
new file mode 100644
index 0000000000..1296a79063
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/networkpolicy.yaml
@@ -0,0 +1,34 @@
+{{- if and .Values.prometheus.networkPolicy.enabled (eq .Values.prometheus.networkPolicy.flavor "kubernetes") }}
+apiVersion: {{ template "kube-prometheus-stack.prometheus.networkPolicy.apiVersion" . }}
+kind: NetworkPolicy
+metadata:
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+    {{- include "kube-prometheus-stack.labels" . | nindent 4 }}
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+spec:
+  {{- if .Values.prometheus.networkPolicy.egress }}
+  egress:
+    {{- toYaml .Values.prometheus.networkPolicy.egress | nindent 4 }}
+  {{- end }}
+  {{- if .Values.prometheus.networkPolicy.ingress }}
+  ingress:
+    {{- toYaml .Values.prometheus.networkPolicy.ingress | nindent 4 }}
+  {{- end }}
+  policyTypes:
+    - Egress
+    - Ingress
+  podSelector:
+    {{- if .Values.prometheus.networkPolicy.podSelector }}
+    {{- toYaml .Values.prometheus.networkPolicy.podSelector | nindent 4 }}
+    {{- else }}
+    matchLabels:
+      {{- if .Values.prometheus.agentMode }}
+      app.kubernetes.io/name: prometheus-agent
+      {{- else }}
+      app.kubernetes.io/name: prometheus
+      {{- end }}
+      operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
+    {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/nginx-config.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/nginx-config.yaml
new file mode 100644
index 0000000000..e4d91f9a9e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/nginx-config.yaml
@@ -0,0 +1,68 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: prometheus-nginx-proxy-config
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.prometheus.annotations }}
+  annotations:
+{{ toYaml .Values.prometheus.annotations | indent 4 }}
+{{- end }}
+data:
+  nginx.conf: |-
+    worker_processes      auto;
+    error_log             /dev/stdout warn;
+    pid                   /var/cache/nginx/nginx.pid;
+
+    events {
+       worker_connections 1024;
+    }
+
+    http {
+      include       /etc/nginx/mime.types;
+      log_format    main '[$time_local - $status] $remote_addr - $remote_user $request ($http_referer)';
+
+      proxy_connect_timeout       10;
+      proxy_read_timeout          180;
+      proxy_send_timeout          5;
+      proxy_buffering             off;
+      proxy_cache_path            /var/cache/nginx/cache levels=1:2 keys_zone=my_zone:100m inactive=1d max_size=10g;
+
+      server {
+        listen          8081;
+        access_log      off;
+
+        gzip            on;
+        gzip_min_length 1k;
+        gzip_comp_level 2;
+        gzip_types      text/plain application/javascript application/x-javascript text/css application/xml text/javascript image/jpeg image/gif image/png;
+        gzip_vary       on;
+        gzip_disable    "MSIE [1-6]\.";
+
+        proxy_set_header Host $host;
+
+        location / {
+          proxy_cache         my_zone;
+          proxy_cache_valid   200 302 1d;
+          proxy_cache_valid   301 30d;
+          proxy_cache_valid   any 5m;
+          proxy_cache_bypass  $http_cache_control;
+          add_header          X-Proxy-Cache $upstream_cache_status;
+          add_header          Cache-Control "public";
+          
+          proxy_pass     http://localhost:9090/;
+
+          sub_filter_once off;
+          sub_filter          'var PATH_PREFIX = "";' 'var PATH_PREFIX = ".";';
+
+          if ($request_filename ~ .*\.(?:js|css|jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm)$) {
+            expires             90d;
+          }
+
+          rewrite ^/k8s/clusters/.*/proxy(.*) /$1 break;
+
+        }
+      }
+    }
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/podDisruptionBudget.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/podDisruptionBudget.yaml
new file mode 100644
index 0000000000..48f3f1f5a6
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/podDisruptionBudget.yaml
@@ -0,0 +1,25 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.podDisruptionBudget.enabled }}
+apiVersion: {{ include "kube-prometheus-stack.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  {{- if .Values.prometheus.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.prometheus.podDisruptionBudget.minAvailable }}
+  {{- end  }}
+  {{- if .Values.prometheus.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.prometheus.podDisruptionBudget.maxUnavailable }}
+  {{- end  }}
+  selector:
+    matchLabels:
+      {{- if .Values.prometheus.agentMode }}
+      app.kubernetes.io/name: prometheus-agent
+      {{- else }}
+      app.kubernetes.io/name: prometheus
+      {{- end }}
+      operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/podmonitors.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/podmonitors.yaml
new file mode 100644
index 0000000000..4e748c23b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/podmonitors.yaml
@@ -0,0 +1,38 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.additionalPodMonitors }}
+apiVersion: v1
+kind: List
+items:
+{{- range .Values.prometheus.additionalPodMonitors }}
+  - apiVersion: monitoring.coreos.com/v1
+    kind: PodMonitor
+    metadata:
+      name: {{ .name }}
+      namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+      labels:
+        app: {{ template "kube-prometheus-stack.name" $ }}-prometheus
+{{ include "kube-prometheus-stack.labels" $ | indent 8 }}
+        {{- if .additionalLabels }}
+{{ toYaml .additionalLabels | indent 8 }}
+        {{- end }}
+    spec:
+      {{- include "servicemonitor.scrapeLimits" . | nindent 6 }}
+      podMetricsEndpoints:
+{{ toYaml .podMetricsEndpoints | indent 8 }}
+    {{- if .jobLabel }}
+      jobLabel: {{ .jobLabel }}
+    {{- end }}
+    {{- if .namespaceSelector }}
+      namespaceSelector:
+{{ toYaml .namespaceSelector | indent 8 }}
+    {{- end }}
+      selector:
+{{ toYaml .selector | indent 8 }}
+    {{- if .podTargetLabels }}
+      podTargetLabels:
+{{ toYaml .podTargetLabels | indent 8 }}
+    {{- end }}
+    {{- if .sampleLimit }}
+      sampleLimit: {{ .sampleLimit }}
+    {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/prometheus.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/prometheus.yaml
new file mode 100644
index 0000000000..5c3c8d4d1f
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/prometheus.yaml
@@ -0,0 +1,472 @@
+{{- if .Values.prometheus.enabled }}
+{{- if .Values.prometheus.agentMode }}
+apiVersion: monitoring.coreos.com/v1alpha1
+kind: PrometheusAgent
+{{- else }}
+apiVersion: monitoring.coreos.com/v1
+kind: Prometheus
+{{- end }}
+metadata:
+  name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.prometheus.annotations }}
+  annotations:
+{{ toYaml .Values.prometheus.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if and (not .Values.prometheus.agentMode) (or .Values.prometheus.prometheusSpec.alertingEndpoints .Values.alertmanager.enabled) }}
+  alerting:
+    alertmanagers:
+{{- if .Values.prometheus.prometheusSpec.alertingEndpoints }}
+{{ toYaml .Values.prometheus.prometheusSpec.alertingEndpoints | indent 6 }}
+{{- else if .Values.alertmanager.enabled }}
+      - namespace: {{ template "kube-prometheus-stack.namespace" . }}
+        name: {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+        port: {{ .Values.alertmanager.alertmanagerSpec.portName }}
+        {{- if .Values.alertmanager.alertmanagerSpec.routePrefix }}
+        pathPrefix: "{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}"
+        {{- end }}
+        {{- if .Values.alertmanager.alertmanagerSpec.scheme }}
+        scheme: {{ .Values.alertmanager.alertmanagerSpec.scheme }}
+        {{- end }}
+        {{- if .Values.alertmanager.alertmanagerSpec.tlsConfig }}
+        tlsConfig:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.tlsConfig | indent 10 }}
+        {{- end }}
+        apiVersion: {{ .Values.alertmanager.apiVersion }}
+{{- end }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.apiserverConfig }}
+  apiserverConfig:
+{{ toYaml .Values.prometheus.prometheusSpec.apiserverConfig | indent 4}}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.image }}
+  {{- $registry := include "monitoring_registry" . | default .Values.prometheus.prometheusSpec.image.registry -}}
+  {{- if and .Values.prometheus.prometheusSpec.image.tag .Values.prometheus.prometheusSpec.image.sha }}
+  image: "{{ $registry }}/{{ .Values.prometheus.prometheusSpec.image.repository }}:{{ .Values.prometheus.prometheusSpec.image.tag }}@sha256:{{ .Values.prometheus.prometheusSpec.image.sha }}"
+  {{- else if .Values.prometheus.prometheusSpec.image.sha }}
+  image: "{{ $registry }}/{{ .Values.prometheus.prometheusSpec.image.repository }}@sha256:{{ .Values.prometheus.prometheusSpec.image.sha }}"
+  {{- else if .Values.prometheus.prometheusSpec.image.tag }}
+  image: "{{ $registry }}/{{ .Values.prometheus.prometheusSpec.image.repository }}:{{ .Values.prometheus.prometheusSpec.image.tag }}"
+  {{- else }}
+  image: "{{ $registry }}/{{ .Values.prometheus.prometheusSpec.image.repository }}"
+  {{- end }}
+  version: {{ default .Values.prometheus.prometheusSpec.image.tag .Values.prometheus.prometheusSpec.version }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.additionalArgs }}
+  additionalArgs:
+{{ toYaml .Values.prometheus.prometheusSpec.additionalArgs | indent 4}}
+{{- end -}}
+{{- if .Values.prometheus.prometheusSpec.externalLabels }}
+  externalLabels:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.externalLabels | indent 4) . }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.prometheusExternalLabelNameClear }}
+  prometheusExternalLabelName: ""
+{{- else if .Values.prometheus.prometheusSpec.prometheusExternalLabelName }}
+  prometheusExternalLabelName: "{{ .Values.prometheus.prometheusSpec.prometheusExternalLabelName }}"
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.replicaExternalLabelNameClear }}
+  replicaExternalLabelName: ""
+{{- else if .Values.prometheus.prometheusSpec.replicaExternalLabelName }}
+  replicaExternalLabelName: "{{ .Values.prometheus.prometheusSpec.replicaExternalLabelName }}"
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enableRemoteWriteReceiver }}
+  enableRemoteWriteReceiver: {{ .Values.prometheus.prometheusSpec.enableRemoteWriteReceiver }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.externalUrl }}
+  externalUrl: "{{ tpl .Values.prometheus.prometheusSpec.externalUrl . }}"
+{{- else if and .Values.prometheus.ingress.enabled .Values.prometheus.ingress.hosts }}
+  externalUrl: "http://{{ tpl (index .Values.prometheus.ingress.hosts 0) . }}{{ .Values.prometheus.prometheusSpec.routePrefix }}"
+{{- else if not (or (kindIs "invalid" .Values.global.cattle.url) (kindIs "invalid" .Values.global.cattle.clusterId)) }}
+  externalUrl: "{{ .Values.global.cattle.url }}/k8s/clusters/{{ .Values.global.cattle.clusterId }}/api/v1/namespaces/{{ template "kube-prometheus-stack.namespace" . }}/services/http:{{ template "kube-prometheus-stack.fullname" . }}-prometheus:{{ .Values.prometheus.service.port }}/proxy"
+{{- else }}
+  externalUrl: http://{{ template "kube-prometheus-stack.fullname" . }}-prometheus.{{ template "kube-prometheus-stack.namespace" . }}:{{ .Values.prometheus.service.port }}
+{{- end }}
+  nodeSelector: {{ include "linux-node-selector" . | nindent 4 }}
+{{- if .Values.prometheus.prometheusSpec.nodeSelector }}
+{{ toYaml .Values.prometheus.prometheusSpec.nodeSelector | indent 4 }}
+{{- end }}
+  paused: {{ .Values.prometheus.prometheusSpec.paused }}
+  replicas: {{ .Values.prometheus.prometheusSpec.replicas }}
+  shards: {{ .Values.prometheus.prometheusSpec.shards }}
+  logLevel:  {{ .Values.prometheus.prometheusSpec.logLevel }}
+  logFormat:  {{ .Values.prometheus.prometheusSpec.logFormat }}
+  listenLocal: {{ .Values.prometheus.prometheusSpec.listenLocal }}
+{{- if not .Values.prometheus.agentMode }}
+  enableAdminAPI: {{ .Values.prometheus.prometheusSpec.enableAdminAPI }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.web }}
+  web:
+{{ toYaml .Values.prometheus.prometheusSpec.web | indent 4 }}
+{{- end }}
+{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.exemplars }}
+  exemplars:
+  {{ toYaml .Values.prometheus.prometheusSpec.exemplars | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enableFeatures }}
+  enableFeatures:
+{{- range $enableFeatures := .Values.prometheus.prometheusSpec.enableFeatures }}
+  - {{ tpl $enableFeatures $ }}
+{{- end }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.scrapeInterval }}
+  scrapeInterval: {{ .Values.prometheus.prometheusSpec.scrapeInterval }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.scrapeTimeout }}
+  scrapeTimeout: {{ .Values.prometheus.prometheusSpec.scrapeTimeout }}
+{{- end }}
+{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.evaluationInterval }}
+  evaluationInterval: {{ .Values.prometheus.prometheusSpec.evaluationInterval }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.resources }}
+  resources:
+{{ toYaml .Values.prometheus.prometheusSpec.resources | indent 4 }}
+{{- end }}
+{{- if not .Values.prometheus.agentMode }}
+  retention: {{ .Values.prometheus.prometheusSpec.retention | quote  }}
+{{- if .Values.prometheus.prometheusSpec.retentionSize }}
+  retentionSize: {{ .Values.prometheus.prometheusSpec.retentionSize | quote }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.tsdb }}
+  tsdb:
+    {{- if .Values.prometheus.prometheusSpec.tsdb.outOfOrderTimeWindow }}
+    outOfOrderTimeWindow: {{ .Values.prometheus.prometheusSpec.tsdb.outOfOrderTimeWindow }}
+    {{- end }}
+{{- end }}
+{{- end }}
+{{- if eq .Values.prometheus.prometheusSpec.walCompression false }}
+  walCompression: false
+{{ else }}
+  walCompression: true
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.routePrefix }}
+  routePrefix: {{ .Values.prometheus.prometheusSpec.routePrefix | quote  }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.secrets }}
+  secrets:
+{{ toYaml .Values.prometheus.prometheusSpec.secrets | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.configMaps }}
+  configMaps:
+{{ toYaml .Values.prometheus.prometheusSpec.configMaps | indent 4 }}
+{{- end }}
+  serviceAccountName: {{ template "kube-prometheus-stack.prometheus.serviceAccountName" . }}
+{{- if .Values.prometheus.prometheusSpec.serviceMonitorSelector }}
+  serviceMonitorSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.serviceMonitorSelector | indent 4) . }}
+{{ else if .Values.prometheus.prometheusSpec.serviceMonitorSelectorNilUsesHelmValues  }}
+  serviceMonitorSelector:
+    matchLabels:
+      release: {{ $.Release.Name | quote }}
+{{ else }}
+  serviceMonitorSelector: {}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.serviceMonitorNamespaceSelector }}
+  serviceMonitorNamespaceSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.serviceMonitorNamespaceSelector | indent 4) . }}
+{{ else }}
+  serviceMonitorNamespaceSelector: {}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.podMonitorSelector }}
+  podMonitorSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.podMonitorSelector | indent 4) . }}
+{{ else if .Values.prometheus.prometheusSpec.podMonitorSelectorNilUsesHelmValues  }}
+  podMonitorSelector:
+    matchLabels:
+      release: {{ $.Release.Name | quote }}
+{{ else }}
+  podMonitorSelector: {}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.podMonitorNamespaceSelector }}
+  podMonitorNamespaceSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.podMonitorNamespaceSelector | indent 4) . }}
+{{ else }}
+  podMonitorNamespaceSelector: {}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.probeSelector }}
+  probeSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.probeSelector | indent 4) . }}
+{{ else if .Values.prometheus.prometheusSpec.probeSelectorNilUsesHelmValues  }}
+  probeSelector:
+    matchLabels:
+      release: {{ $.Release.Name | quote }}
+{{ else }}
+  probeSelector: {}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.probeNamespaceSelector }}
+  probeNamespaceSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.probeNamespaceSelector | indent 4) . }}
+{{ else }}
+  probeNamespaceSelector: {}
+{{- end }}
+{{- if and (not .Values.prometheus.agentMode) (or .Values.prometheus.prometheusSpec.remoteRead .Values.prometheus.prometheusSpec.additionalRemoteRead) }}
+  remoteRead:
+{{- if .Values.prometheus.prometheusSpec.remoteRead }}
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.remoteRead | indent 4) . }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.additionalRemoteRead }}
+{{ toYaml .Values.prometheus.prometheusSpec.additionalRemoteRead | indent 4 }}
+{{- end }}
+{{- end }}
+{{- if (or .Values.prometheus.prometheusSpec.remoteWrite .Values.prometheus.prometheusSpec.additionalRemoteWrite) }}
+  remoteWrite:
+{{- if .Values.prometheus.prometheusSpec.remoteWrite }}
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.remoteWrite | indent 4) . }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.additionalRemoteWrite }}
+{{ toYaml .Values.prometheus.prometheusSpec.additionalRemoteWrite | indent 4 }}
+{{- end }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.securityContext }}
+  securityContext:
+{{ toYaml .Values.prometheus.prometheusSpec.securityContext | indent 4 }}
+{{- end }}
+{{- if not .Values.prometheus.agentMode }}
+{{- if .Values.prometheus.prometheusSpec.ruleNamespaceSelector }}
+  ruleNamespaceSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.ruleNamespaceSelector | indent 4) . }}
+{{ else }}
+  ruleNamespaceSelector: {}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.ruleSelector }}
+  ruleSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.ruleSelector | indent 4) . }}
+{{- else if .Values.prometheus.prometheusSpec.ruleSelectorNilUsesHelmValues }}
+  ruleSelector:
+    matchLabels:
+      release: {{ $.Release.Name | quote }}
+{{ else }}
+  ruleSelector: {}
+{{- end }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.scrapeConfigSelector }}
+  scrapeConfigSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.scrapeConfigSelector | indent 4) . }}
+{{ else if .Values.prometheus.prometheusSpec.scrapeConfigSelectorNilUsesHelmValues  }}
+  scrapeConfigSelector:
+    matchLabels:
+      release: {{ $.Release.Name | quote }}
+{{ else }}
+  scrapeConfigSelector: {}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.scrapeConfigNamespaceSelector }}
+  scrapeConfigNamespaceSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.scrapeConfigNamespaceSelector | indent 4) . }}
+{{ else }}
+  scrapeConfigNamespaceSelector: {}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.storageSpec }}
+  storage:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.storageSpec | indent 4) . }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.podMetadata }}
+  podMetadata:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.podMetadata | indent 4) . }}
+{{- end }}
+{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.query }}
+  query:
+{{ toYaml .Values.prometheus.prometheusSpec.query | indent 4}}
+{{- end }}
+{{- if or .Values.prometheus.prometheusSpec.podAntiAffinity .Values.prometheus.prometheusSpec.affinity }}
+  affinity:
+{{- if .Values.prometheus.prometheusSpec.affinity }}
+{{ toYaml .Values.prometheus.prometheusSpec.affinity | indent 4 }}
+{{- end }}
+{{- if eq .Values.prometheus.prometheusSpec.podAntiAffinity "hard" }}
+    podAntiAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+      - topologyKey: {{ .Values.prometheus.prometheusSpec.podAntiAffinityTopologyKey }}
+        labelSelector:
+          matchExpressions:
+            - {key: app.kubernetes.io/name, operator: In, values: [prometheus]}
+            - {key: prometheus, operator: In, values: [{{ template "kube-prometheus-stack.prometheus.crname" . }}]}
+{{- else if eq .Values.prometheus.prometheusSpec.podAntiAffinity "soft" }}
+    podAntiAffinity:
+      preferredDuringSchedulingIgnoredDuringExecution:
+      - weight: 100
+        podAffinityTerm:
+          topologyKey: {{ .Values.prometheus.prometheusSpec.podAntiAffinityTopologyKey }}
+          labelSelector:
+            matchExpressions:
+              - {key: app.kubernetes.io/name, operator: In, values: [prometheus]}
+              - {key: prometheus, operator: In, values: [{{ template "kube-prometheus-stack.prometheus.crname" . }}]}
+{{- end }}
+{{- end }}
+  tolerations: {{ include "linux-node-tolerations" . | nindent 4 }}
+{{- if .Values.prometheus.prometheusSpec.tolerations }}
+{{ toYaml .Values.prometheus.prometheusSpec.tolerations | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.topologySpreadConstraints }}
+  topologySpreadConstraints:
+{{ toYaml .Values.prometheus.prometheusSpec.topologySpreadConstraints | indent 4 }}
+{{- end }}
+{{- if .Values.global.imagePullSecrets }}
+  imagePullSecrets:
+{{ include "kube-prometheus-stack.imagePullSecrets" . | trim | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.additionalScrapeConfigs }}
+  additionalScrapeConfigs:
+    name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-scrape-confg
+    key: additional-scrape-configs.yaml
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.additionalScrapeConfigsSecret.enabled }}
+  additionalScrapeConfigs:
+    name: {{ .Values.prometheus.prometheusSpec.additionalScrapeConfigsSecret.name }}
+    key: {{ .Values.prometheus.prometheusSpec.additionalScrapeConfigsSecret.key }}
+{{- end }}
+{{- if not .Values.prometheus.agentMode }}
+{{- if or .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret }}
+  additionalAlertManagerConfigs:
+{{- if .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs }}
+    name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-am-confg
+    key: additional-alertmanager-configs.yaml
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret }}
+    name: {{ .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret.name }}
+    key: {{ .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret.key }}
+    {{- if hasKey .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret "optional" }}
+    optional: {{ .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret.optional }}
+    {{- end }}
+{{- end }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigs }}
+  additionalAlertRelabelConfigs:
+    name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-am-relabel-confg
+    key: additional-alert-relabel-configs.yaml
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigsSecret }}
+  additionalAlertRelabelConfigs:
+    name: {{ .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigsSecret.name }}
+    key: {{ .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigsSecret.key }}
+{{- end }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.containers }}
+  containers:
+{{ tpl .Values.prometheus.prometheusSpec.containers $ | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.initContainers }}
+  initContainers:
+{{ toYaml .Values.prometheus.prometheusSpec.initContainers | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.priorityClassName }}
+  priorityClassName: {{ .Values.prometheus.prometheusSpec.priorityClassName }}
+{{- end }}
+{{- if not .Values.prometheus.agentMode }}
+{{- if .Values.prometheus.prometheusSpec.thanos }}
+  thanos:
+{{- with (omit .Values.prometheus.prometheusSpec.thanos "objectStorageConfig")}}
+{{ toYaml . | indent 4 }}
+{{- end }}
+{{- if ((.Values.prometheus.prometheusSpec.thanos.objectStorageConfig).existingSecret) }}
+    objectStorageConfig:
+      key: "{{.Values.prometheus.prometheusSpec.thanos.objectStorageConfig.existingSecret.key }}"
+      name: "{{.Values.prometheus.prometheusSpec.thanos.objectStorageConfig.existingSecret.name }}"
+{{- else if ((.Values.prometheus.prometheusSpec.thanos.objectStorageConfig).secret) }}
+    objectStorageConfig:
+      key: object-storage-configs.yaml
+      name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+{{- end }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.disableCompaction }}
+  disableCompaction: {{ .Values.prometheus.prometheusSpec.disableCompaction }}
+{{- end }}
+{{- end }}
+  portName: {{ .Values.prometheus.prometheusSpec.portName }}
+{{- if .Values.prometheus.prometheusSpec.volumes }}
+  volumes:
+{{ toYaml .Values.prometheus.prometheusSpec.volumes | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.volumeMounts }}
+  volumeMounts:
+{{ toYaml .Values.prometheus.prometheusSpec.volumeMounts | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.arbitraryFSAccessThroughSMs }}
+  arbitraryFSAccessThroughSMs:
+{{ toYaml .Values.prometheus.prometheusSpec.arbitraryFSAccessThroughSMs | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.overrideHonorLabels }}
+  overrideHonorLabels: {{ .Values.prometheus.prometheusSpec.overrideHonorLabels }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.overrideHonorTimestamps }}
+  overrideHonorTimestamps: {{ .Values.prometheus.prometheusSpec.overrideHonorTimestamps }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  ignoreNamespaceSelectors: {{ .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enforcedNamespaceLabel }}
+  enforcedNamespaceLabel: {{ .Values.prometheus.prometheusSpec.enforcedNamespaceLabel }}
+{{- $prometheusDefaultRulesExcludedFromEnforce := (include "rules.names" .) | fromYaml }}
+{{- if not .Values.prometheus.agentMode }}
+  prometheusRulesExcludedFromEnforce:
+{{- range $prometheusDefaultRulesExcludedFromEnforce.rules }}
+    - ruleNamespace: "{{ template "kube-prometheus-stack.namespace" $ }}"
+      ruleName: "{{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) . | trunc 63 | trimSuffix "-" }}"
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.prometheusRulesExcludedFromEnforce }}
+{{ toYaml .Values.prometheus.prometheusSpec.prometheusRulesExcludedFromEnforce | indent 4 }}
+{{- end }}
+{{- end }}
+  excludedFromEnforcement:
+{{- range $prometheusDefaultRulesExcludedFromEnforce.rules }}
+    - group: monitoring.coreos.com
+      resource: prometheusrules
+      namespace: "{{ template "kube-prometheus-stack.namespace" $ }}"
+      name: "{{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) . | trunc 63 | trimSuffix "-" }}"
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.excludedFromEnforcement }}
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.excludedFromEnforcement | indent 4) . }}
+{{- end }}
+{{- end }}
+{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.queryLogFile }}
+  queryLogFile: {{ .Values.prometheus.prometheusSpec.queryLogFile }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.sampleLimit }}
+  sampleLimit: {{ .Values.prometheus.prometheusSpec.sampleLimit }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enforcedKeepDroppedTargets }}
+  enforcedKeepDroppedTargets: {{ .Values.prometheus.prometheusSpec.enforcedKeepDroppedTargets }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enforcedSampleLimit }}
+  enforcedSampleLimit: {{ .Values.prometheus.prometheusSpec.enforcedSampleLimit }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enforcedTargetLimit }}
+  enforcedTargetLimit: {{ .Values.prometheus.prometheusSpec.enforcedTargetLimit }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enforcedLabelLimit	}}
+  enforcedLabelLimit: {{ .Values.prometheus.prometheusSpec.enforcedLabelLimit	}}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enforcedLabelNameLengthLimit	}}
+  enforcedLabelNameLengthLimit: {{ .Values.prometheus.prometheusSpec.enforcedLabelNameLengthLimit	}}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enforcedLabelValueLengthLimit}}
+  enforcedLabelValueLengthLimit: {{ .Values.prometheus.prometheusSpec.enforcedLabelValueLengthLimit	}}
+{{- end }}
+{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.allowOverlappingBlocks }}
+  allowOverlappingBlocks: {{ .Values.prometheus.prometheusSpec.allowOverlappingBlocks }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.minReadySeconds }}
+  minReadySeconds: {{ .Values.prometheus.prometheusSpec.minReadySeconds }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.maximumStartupDurationSeconds }}
+  maximumStartupDurationSeconds: {{ .Values.prometheus.prometheusSpec.maximumStartupDurationSeconds }}
+{{- end }}
+  hostNetwork: {{ .Values.prometheus.prometheusSpec.hostNetwork }}
+{{- if .Values.prometheus.prometheusSpec.hostAliases }}
+  hostAliases:
+{{ toYaml .Values.prometheus.prometheusSpec.hostAliases | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.tracingConfig }}
+  tracingConfig:
+{{ toYaml .Values.prometheus.prometheusSpec.tracingConfig | indent 4 }}
+{{- end }}
+{{- with .Values.prometheus.prometheusSpec.additionalConfig }}
+  {{- tpl (toYaml .) $ | nindent 2 }}
+{{- end }}
+{{- with .Values.prometheus.prometheusSpec.additionalConfigString }}
+  {{- tpl . $ | nindent 2 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/psp-clusterrole.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/psp-clusterrole.yaml
new file mode 100644
index 0000000000..71476cd18b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/psp-clusterrole.yaml
@@ -0,0 +1,22 @@
+{{- if and .Values.prometheus.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-psp
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+rules:
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }}
+- apiGroups: ['policy']
+{{- else }}
+- apiGroups: ['extensions']
+{{- end }}
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/psp-clusterrolebinding.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/psp-clusterrolebinding.yaml
new file mode 100644
index 0000000000..a393928c78
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/psp-clusterrolebinding.yaml
@@ -0,0 +1,19 @@
+{{- if and .Values.prometheus.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-psp
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-psp
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-prometheus-stack.prometheus.serviceAccountName" . }}
+    namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/psp.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/psp.yaml
new file mode 100644
index 0000000000..62d3854151
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/psp.yaml
@@ -0,0 +1,58 @@
+{{- if and .Values.prometheus.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{- if .Values.global.rbac.pspAnnotations }}
+  annotations:
+{{ toYaml .Values.global.rbac.pspAnnotations | indent 4 }}
+{{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  privileged: false
+  # Allow core volume types.
+  volumes:
+    - 'configMap'
+    - 'emptyDir'
+    - 'projected'
+    - 'secret'
+    - 'downwardAPI'
+    - 'persistentVolumeClaim'
+{{- if .Values.prometheus.podSecurityPolicy.volumes }}
+{{ toYaml .Values.prometheus.podSecurityPolicy.volumes | indent 4 }}
+{{- end }}
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    # Permits the container to run with root privileges as well.
+    rule: 'RunAsAny'
+  seLinux:
+    # This policy assumes the nodes are using AppArmor rather than SELinux.
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+{{- if .Values.prometheus.podSecurityPolicy.allowedCapabilities }}
+  allowedCapabilities:
+{{ toYaml .Values.prometheus.podSecurityPolicy.allowedCapabilities | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.podSecurityPolicy.allowedHostPaths }}
+  allowedHostPaths:
+{{ toYaml .Values.prometheus.podSecurityPolicy.allowedHostPaths | indent 4 }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/alertmanager.rules.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/alertmanager.rules.yaml
new file mode 100644
index 0000000000..b66f052ade
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/alertmanager.rules.yaml
@@ -0,0 +1,305 @@
+{{- /*
+Generated from 'alertmanager.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/alertmanager-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.alertmanager }}
+{{- $alertmanagerJob := printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "alertmanager" }}
+{{- $namespace := printf "%s" (include "kube-prometheus-stack.namespace" .) }}
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceMonitor.selfMonitor }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "alertmanager.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: alertmanager.rules
+    rules:
+{{- if not (.Values.defaultRules.disabled.AlertmanagerFailedReload | default false) }}
+    - alert: AlertmanagerFailedReload
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager | indent 8 }}
+{{- end }}
+        description: Configuration has failed to load for {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod{{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/alertmanager/alertmanagerfailedreload
+        summary: Reloading an Alertmanager configuration has failed.
+      expr: |-
+        # Without max_over_time, failed scrapes could create false negatives, see
+        # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details.
+        max_over_time(alertmanager_config_last_reload_successful{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[5m]) == 0
+      for: {{ dig "AlertmanagerFailedReload" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "AlertmanagerFailedReload" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.AlertmanagerMembersInconsistent | default false) }}
+    - alert: AlertmanagerMembersInconsistent
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager | indent 8 }}
+{{- end }}
+        description: Alertmanager {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod{{`}}`}} has only found {{`{{`}} $value {{`}}`}} members of the {{`{{`}}$labels.job{{`}}`}} cluster.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/alertmanager/alertmanagermembersinconsistent
+        summary: A member of an Alertmanager cluster has not found all other cluster members.
+      expr: |-
+        # Without max_over_time, failed scrapes could create false negatives, see
+        # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details.
+          max_over_time(alertmanager_cluster_members{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[5m])
+        < on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) group_left
+          count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) (max_over_time(alertmanager_cluster_members{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[5m]))
+      for: {{ dig "AlertmanagerMembersInconsistent" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "AlertmanagerMembersInconsistent" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.AlertmanagerFailedToSendAlerts | default false) }}
+    - alert: AlertmanagerFailedToSendAlerts
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager | indent 8 }}
+{{- end }}
+        description: Alertmanager {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod{{`}}`}} failed to send {{`{{`}} $value | humanizePercentage {{`}}`}} of notifications to {{`{{`}} $labels.integration {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/alertmanager/alertmanagerfailedtosendalerts
+        summary: An Alertmanager instance failed to send notifications.
+      expr: |-
+        (
+          rate(alertmanager_notifications_failed_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[5m])
+        /
+          ignoring (reason) group_left rate(alertmanager_notifications_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[5m])
+        )
+        > 0.01
+      for: {{ dig "AlertmanagerFailedToSendAlerts" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "AlertmanagerFailedToSendAlerts" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.AlertmanagerClusterFailedToSendAlerts | default false) }}
+    - alert: AlertmanagerClusterFailedToSendAlerts
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager | indent 8 }}
+{{- end }}
+        description: The minimum notification failure rate to {{`{{`}} $labels.integration {{`}}`}} sent from any instance in the {{`{{`}}$labels.job{{`}}`}} cluster is {{`{{`}} $value | humanizePercentage {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/alertmanager/alertmanagerclusterfailedtosendalerts
+        summary: All Alertmanager instances in a cluster failed to send notifications to a critical integration.
+      expr: |-
+        min by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service, integration) (
+          rate(alertmanager_notifications_failed_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}", integration=~`.*`}[5m])
+        /
+          ignoring (reason) group_left rate(alertmanager_notifications_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}", integration=~`.*`}[5m])
+        )
+        > 0.01
+      for: {{ dig "AlertmanagerClusterFailedToSendAlerts" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "AlertmanagerClusterFailedToSendAlerts" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.AlertmanagerClusterFailedToSendAlerts | default false) }}
+    - alert: AlertmanagerClusterFailedToSendAlerts
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager | indent 8 }}
+{{- end }}
+        description: The minimum notification failure rate to {{`{{`}} $labels.integration {{`}}`}} sent from any instance in the {{`{{`}}$labels.job{{`}}`}} cluster is {{`{{`}} $value | humanizePercentage {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/alertmanager/alertmanagerclusterfailedtosendalerts
+        summary: All Alertmanager instances in a cluster failed to send notifications to a non-critical integration.
+      expr: |-
+        min by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service, integration) (
+          rate(alertmanager_notifications_failed_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}", integration!~`.*`}[5m])
+        /
+          ignoring (reason) group_left rate(alertmanager_notifications_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}", integration!~`.*`}[5m])
+        )
+        > 0.01
+      for: {{ dig "AlertmanagerClusterFailedToSendAlerts" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "AlertmanagerClusterFailedToSendAlerts" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.AlertmanagerConfigInconsistent | default false) }}
+    - alert: AlertmanagerConfigInconsistent
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager | indent 8 }}
+{{- end }}
+        description: Alertmanager instances within the {{`{{`}}$labels.job{{`}}`}} cluster have different configurations.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/alertmanager/alertmanagerconfiginconsistent
+        summary: Alertmanager instances within the same cluster have different configurations.
+      expr: |-
+        count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) (
+          count_values by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) ("config_hash", alertmanager_config_hash{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"})
+        )
+        != 1
+      for: {{ dig "AlertmanagerConfigInconsistent" "for" "20m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "AlertmanagerConfigInconsistent" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.AlertmanagerClusterDown | default false) }}
+    - alert: AlertmanagerClusterDown
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $value | humanizePercentage {{`}}`}} of Alertmanager instances within the {{`{{`}}$labels.job{{`}}`}} cluster have been up for less than half of the last 5m.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/alertmanager/alertmanagerclusterdown
+        summary: Half or more of the Alertmanager instances within the same cluster are down.
+      expr: |-
+        (
+          count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) (
+            avg_over_time(up{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[5m]) < 0.5
+          )
+        /
+          count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) (
+            up{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}
+          )
+        )
+        >= 0.5
+      for: {{ dig "AlertmanagerClusterDown" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "AlertmanagerClusterDown" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.AlertmanagerClusterCrashlooping | default false) }}
+    - alert: AlertmanagerClusterCrashlooping
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $value | humanizePercentage {{`}}`}} of Alertmanager instances within the {{`{{`}}$labels.job{{`}}`}} cluster have restarted at least 5 times in the last 10m.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/alertmanager/alertmanagerclustercrashlooping
+        summary: Half or more of the Alertmanager instances within the same cluster are crashlooping.
+      expr: |-
+        (
+          count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) (
+            changes(process_start_time_seconds{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[10m]) > 4
+          )
+        /
+          count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) (
+            up{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}
+          )
+        )
+        >= 0.5
+      for: {{ dig "AlertmanagerClusterCrashlooping" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "AlertmanagerClusterCrashlooping" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/config-reloaders.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/config-reloaders.yaml
new file mode 100644
index 0000000000..8416d6df40
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/config-reloaders.yaml
@@ -0,0 +1,57 @@
+{{- /*
+Generated from 'config-reloaders' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/prometheusOperator-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.configReloaders }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "config-reloaders" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: config-reloaders
+    rules:
+{{- if not (.Values.defaultRules.disabled.ConfigReloaderSidecarErrors | default false) }}
+    - alert: ConfigReloaderSidecarErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.configReloaders }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.configReloaders | indent 8 }}
+{{- end }}
+        description: 'Errors encountered while the {{`{{`}}$labels.pod{{`}}`}} config-reloader sidecar attempts to sync config in {{`{{`}}$labels.namespace{{`}}`}} namespace.
+
+          As a result, configuration for service running in {{`{{`}}$labels.pod{{`}}`}} may be stale and cannot be updated anymore.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/configreloadersidecarerrors
+        summary: config-reloader sidecar has not had a successful reload for 10m
+      expr: max_over_time(reloader_last_reload_successful{namespace=~".+"}[5m]) == 0
+      for: {{ dig "ConfigReloaderSidecarErrors" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "ConfigReloaderSidecarErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.configReloaders }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.configReloaders }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/etcd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/etcd.yaml
new file mode 100644
index 0000000000..a1d7a508f8
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/etcd.yaml
@@ -0,0 +1,461 @@
+{{- /*
+Generated from 'etcd' group from https://github.com/etcd-io/etcd.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.etcd }}
+{{- if (include "exporter.kubeEtcd.enabled" .)}}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "etcd" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: etcd
+    rules:
+{{- if not (.Values.defaultRules.disabled.etcdMembersDown | default false) }}
+    - alert: etcdMembersDown
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": members are down ({{`{{`}} $value {{`}}`}}).'
+        summary: etcd cluster members are down.
+      expr: |-
+        max without (endpoint) (
+          sum without (instance) (up{job=~".*etcd.*"} == bool 0)
+        or
+          count without (To) (
+            sum without (instance) (rate(etcd_network_peer_sent_failures_total{job=~".*etcd.*"}[120s])) > 0.01
+          )
+        )
+        > 0
+      for: {{ dig "etcdMembersDown" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdMembersDown" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdInsufficientMembers | default false) }}
+    - alert: etcdInsufficientMembers
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": insufficient members ({{`{{`}} $value {{`}}`}}).'
+        summary: etcd cluster has insufficient number of members.
+      expr: sum(up{job=~".*etcd.*"} == bool 1) without (instance) < ((count(up{job=~".*etcd.*"}) without (instance) + 1) / 2)
+      for: {{ dig "etcdInsufficientMembers" "for" "3m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdInsufficientMembers" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdNoLeader | default false) }}
+    - alert: etcdNoLeader
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": member {{`{{`}} $labels.instance {{`}}`}} has no leader.'
+        summary: etcd cluster has no leader.
+      expr: etcd_server_has_leader{job=~".*etcd.*"} == 0
+      for: {{ dig "etcdNoLeader" "for" "1m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdNoLeader" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdHighNumberOfLeaderChanges | default false) }}
+    - alert: etcdHighNumberOfLeaderChanges
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": {{`{{`}} $value {{`}}`}} leader changes within the last 15 minutes. Frequent elections may be a sign of insufficient resources, high network latency, or disruptions by other components and should be investigated.'
+        summary: etcd cluster has high number of leader changes.
+      expr: increase((max without (instance) (etcd_server_leader_changes_seen_total{job=~".*etcd.*"}) or 0*absent(etcd_server_leader_changes_seen_total{job=~".*etcd.*"}))[15m:1m]) >= 4
+      for: {{ dig "etcdHighNumberOfLeaderChanges" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdHighNumberOfLeaderChanges" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdHighNumberOfFailedGRPCRequests | default false) }}
+    - alert: etcdHighNumberOfFailedGRPCRequests
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": {{`{{`}} $value {{`}}`}}% of requests for {{`{{`}} $labels.grpc_method {{`}}`}} failed on etcd instance {{`{{`}} $labels.instance {{`}}`}}.'
+        summary: etcd cluster has high number of failed grpc requests.
+      expr: |-
+        100 * sum(rate(grpc_server_handled_total{job=~".*etcd.*", grpc_code=~"Unknown|FailedPrecondition|ResourceExhausted|Internal|Unavailable|DataLoss|DeadlineExceeded"}[5m])) without (grpc_type, grpc_code)
+          /
+        sum(rate(grpc_server_handled_total{job=~".*etcd.*"}[5m])) without (grpc_type, grpc_code)
+          > 1
+      for: {{ dig "etcdHighNumberOfFailedGRPCRequests" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdHighNumberOfFailedGRPCRequests" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdHighNumberOfFailedGRPCRequests | default false) }}
+    - alert: etcdHighNumberOfFailedGRPCRequests
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": {{`{{`}} $value {{`}}`}}% of requests for {{`{{`}} $labels.grpc_method {{`}}`}} failed on etcd instance {{`{{`}} $labels.instance {{`}}`}}.'
+        summary: etcd cluster has high number of failed grpc requests.
+      expr: |-
+        100 * sum(rate(grpc_server_handled_total{job=~".*etcd.*", grpc_code=~"Unknown|FailedPrecondition|ResourceExhausted|Internal|Unavailable|DataLoss|DeadlineExceeded"}[5m])) without (grpc_type, grpc_code)
+          /
+        sum(rate(grpc_server_handled_total{job=~".*etcd.*"}[5m])) without (grpc_type, grpc_code)
+          > 5
+      for: {{ dig "etcdHighNumberOfFailedGRPCRequests" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdHighNumberOfFailedGRPCRequests" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdGRPCRequestsSlow | default false) }}
+    - alert: etcdGRPCRequestsSlow
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": 99th percentile of gRPC requests is {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}} for {{`{{`}} $labels.grpc_method {{`}}`}} method.'
+        summary: etcd grpc requests are slow
+      expr: |-
+        histogram_quantile(0.99, sum(rate(grpc_server_handling_seconds_bucket{job=~".*etcd.*", grpc_method!="Defragment", grpc_type="unary"}[5m])) without(grpc_type))
+        > 0.15
+      for: {{ dig "etcdGRPCRequestsSlow" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdGRPCRequestsSlow" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdMemberCommunicationSlow | default false) }}
+    - alert: etcdMemberCommunicationSlow
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": member communication with {{`{{`}} $labels.To {{`}}`}} is taking {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}}.'
+        summary: etcd cluster member communication is slow.
+      expr: |-
+        histogram_quantile(0.99, rate(etcd_network_peer_round_trip_time_seconds_bucket{job=~".*etcd.*"}[5m]))
+        > 0.15
+      for: {{ dig "etcdMemberCommunicationSlow" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdMemberCommunicationSlow" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdHighNumberOfFailedProposals | default false) }}
+    - alert: etcdHighNumberOfFailedProposals
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": {{`{{`}} $value {{`}}`}} proposal failures within the last 30 minutes on etcd instance {{`{{`}} $labels.instance {{`}}`}}.'
+        summary: etcd cluster has high number of proposal failures.
+      expr: rate(etcd_server_proposals_failed_total{job=~".*etcd.*"}[15m]) > 5
+      for: {{ dig "etcdHighNumberOfFailedProposals" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdHighNumberOfFailedProposals" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdHighFsyncDurations | default false) }}
+    - alert: etcdHighFsyncDurations
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": 99th percentile fsync durations are {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}}.'
+        summary: etcd cluster 99th percentile fsync durations are too high.
+      expr: |-
+        histogram_quantile(0.99, rate(etcd_disk_wal_fsync_duration_seconds_bucket{job=~".*etcd.*"}[5m]))
+        > 0.5
+      for: {{ dig "etcdHighFsyncDurations" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdHighFsyncDurations" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdHighFsyncDurations | default false) }}
+    - alert: etcdHighFsyncDurations
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": 99th percentile fsync durations are {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}}.'
+        summary: etcd cluster 99th percentile fsync durations are too high.
+      expr: |-
+        histogram_quantile(0.99, rate(etcd_disk_wal_fsync_duration_seconds_bucket{job=~".*etcd.*"}[5m]))
+        > 1
+      for: {{ dig "etcdHighFsyncDurations" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdHighFsyncDurations" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdHighCommitDurations | default false) }}
+    - alert: etcdHighCommitDurations
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": 99th percentile commit durations {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}}.'
+        summary: etcd cluster 99th percentile commit durations are too high.
+      expr: |-
+        histogram_quantile(0.99, rate(etcd_disk_backend_commit_duration_seconds_bucket{job=~".*etcd.*"}[5m]))
+        > 0.25
+      for: {{ dig "etcdHighCommitDurations" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdHighCommitDurations" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdDatabaseQuotaLowSpace | default false) }}
+    - alert: etcdDatabaseQuotaLowSpace
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": database size exceeds the defined quota on etcd instance {{`{{`}} $labels.instance {{`}}`}}, please defrag or increase the quota as the writes to etcd will be disabled when it is full.'
+        summary: etcd cluster database is running full.
+      expr: (last_over_time(etcd_mvcc_db_total_size_in_bytes{job=~".*etcd.*"}[5m]) / last_over_time(etcd_server_quota_backend_bytes{job=~".*etcd.*"}[5m]))*100 > 95
+      for: {{ dig "etcdDatabaseQuotaLowSpace" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdDatabaseQuotaLowSpace" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdExcessiveDatabaseGrowth | default false) }}
+    - alert: etcdExcessiveDatabaseGrowth
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": Predicting running out of disk space in the next four hours, based on write observations within the past four hours on etcd instance {{`{{`}} $labels.instance {{`}}`}}, please check as it might be disruptive.'
+        summary: etcd cluster database growing very fast.
+      expr: predict_linear(etcd_mvcc_db_total_size_in_bytes{job=~".*etcd.*"}[4h], 4*60*60) > etcd_server_quota_backend_bytes{job=~".*etcd.*"}
+      for: {{ dig "etcdExcessiveDatabaseGrowth" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdExcessiveDatabaseGrowth" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdDatabaseHighFragmentationRatio | default false) }}
+    - alert: etcdDatabaseHighFragmentationRatio
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": database size in use on instance {{`{{`}} $labels.instance {{`}}`}} is {{`{{`}} $value | humanizePercentage {{`}}`}} of the actual allocated disk space, please run defragmentation (e.g. etcdctl defrag) to retrieve the unused fragmented disk space.'
+        runbook_url: https://etcd.io/docs/v3.5/op-guide/maintenance/#defragmentation
+        summary: etcd database size in use is less than 50% of the actual allocated storage.
+      expr: (last_over_time(etcd_mvcc_db_total_size_in_use_in_bytes{job=~".*etcd.*"}[5m]) / last_over_time(etcd_mvcc_db_total_size_in_bytes{job=~".*etcd.*"}[5m])) < 0.5 and etcd_mvcc_db_total_size_in_use_in_bytes{job=~".*etcd.*"} > 104857600
+      for: {{ dig "etcdDatabaseHighFragmentationRatio" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdDatabaseHighFragmentationRatio" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/general.rules.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/general.rules.yaml
new file mode 100644
index 0000000000..8aca0b85f5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/general.rules.yaml
@@ -0,0 +1,125 @@
+{{- /*
+Generated from 'general.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubePrometheus-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.general }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "general.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: general.rules
+    rules:
+{{- if not (.Values.defaultRules.disabled.TargetDown | default false) }}
+    - alert: TargetDown
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.general }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.general | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} printf "%.4g" $value {{`}}`}}% of the {{`{{`}} $labels.job {{`}}`}}/{{`{{`}} $labels.service {{`}}`}} targets in {{`{{`}} $labels.namespace {{`}}`}} namespace are down.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/general/targetdown
+        summary: One or more targets are unreachable.
+      expr: 100 * (count(up == 0) BY (cluster, job, namespace, service) / count(up) BY (cluster, job, namespace, service)) > 10
+      for: {{ dig "TargetDown" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "TargetDown" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.general }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.general }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.Watchdog | default false) }}
+    - alert: Watchdog
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.general }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.general | indent 8 }}
+{{- end }}
+        description: 'This is an alert meant to ensure that the entire alerting pipeline is functional.
+
+          This alert is always firing, therefore it should always be firing in Alertmanager
+
+          and always fire against a receiver. There are integrations with various notification
+
+          mechanisms that send a notification when this alert is not firing. For example the
+
+          "DeadMansSnitch" integration in PagerDuty.
+
+          '
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/general/watchdog
+        summary: An alert that should always be firing to certify that Alertmanager is working properly.
+      expr: vector(1)
+      labels:
+        severity: {{ dig "Watchdog" "severity" "none" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.general }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.general }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.InfoInhibitor | default false) }}
+    - alert: InfoInhibitor
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.general }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.general | indent 8 }}
+{{- end }}
+        description: 'This is an alert that is used to inhibit info alerts.
+
+          By themselves, the info-level alerts are sometimes very noisy, but they are relevant when combined with
+
+          other alerts.
+
+          This alert fires whenever there''s a severity="info" alert, and stops firing when another alert with a
+
+          severity of ''warning'' or ''critical'' starts firing on the same namespace.
+
+          This alert should be routed to a null receiver and configured to inhibit alerts with severity="info".
+
+          '
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/general/infoinhibitor
+        summary: Info-level alert inhibition.
+      expr: ALERTS{severity = "info"} == 1 unless on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace) ALERTS{alertname != "InfoInhibitor", severity =~ "warning|critical", alertstate="firing"} == 1
+      labels:
+        severity: {{ dig "InfoInhibitor" "severity" "none" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.general }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.general }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_cpu_usage_seconds_total.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_cpu_usage_seconds_total.yaml
new file mode 100644
index 0000000000..9de5f5bc9c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_cpu_usage_seconds_total.yaml
@@ -0,0 +1,43 @@
+{{- /*
+Generated from 'k8s.rules.container-cpu-usage-seconds-total' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8sContainerCpuUsageSecondsTotal }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "k8s.rules.container-cpu-usage-seconds-total" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: k8s.rules.container_cpu_usage_seconds_total
+    rules:
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, container) (
+          irate(container_cpu_usage_seconds_total{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}[5m])
+        ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) group_left(node) topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) (
+          1, max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerCpuUsageSecondsTotal }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerCpuUsageSecondsTotal }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_cache.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_cache.yaml
new file mode 100644
index 0000000000..323f41f9cb
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_cache.yaml
@@ -0,0 +1,42 @@
+{{- /*
+Generated from 'k8s.rules.container-memory-cache' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8sContainerMemoryCache }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "k8s.rules.container-memory-cache" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: k8s.rules.container_memory_cache
+    rules:
+    - expr: |-
+        container_memory_cache{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}
+        * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) group_left(node) topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) (1,
+          max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_memory_cache
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerMemoryCache }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerMemoryCache }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_rss.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_rss.yaml
new file mode 100644
index 0000000000..312d73c889
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_rss.yaml
@@ -0,0 +1,42 @@
+{{- /*
+Generated from 'k8s.rules.container-memory-rss' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8sContainerMemoryRss }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "k8s.rules.container-memory-rss" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: k8s.rules.container_memory_rss
+    rules:
+    - expr: |-
+        container_memory_rss{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}
+        * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) group_left(node) topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) (1,
+          max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_memory_rss
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerMemoryRss }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerMemoryRss }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_swap.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_swap.yaml
new file mode 100644
index 0000000000..136595e801
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_swap.yaml
@@ -0,0 +1,42 @@
+{{- /*
+Generated from 'k8s.rules.container-memory-swap' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8sContainerMemorySwap }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "k8s.rules.container-memory-swap" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: k8s.rules.container_memory_swap
+    rules:
+    - expr: |-
+        container_memory_swap{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}
+        * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) group_left(node) topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) (1,
+          max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_memory_swap
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerMemorySwap }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerMemorySwap }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_working_set_bytes.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_working_set_bytes.yaml
new file mode 100644
index 0000000000..d308b7473a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_working_set_bytes.yaml
@@ -0,0 +1,42 @@
+{{- /*
+Generated from 'k8s.rules.container-memory-working-set-bytes' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8sContainerMemoryWorkingSetBytes }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "k8s.rules.container-memory-working-set-bytes" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: k8s.rules.container_memory_working_set_bytes
+    rules:
+    - expr: |-
+        container_memory_working_set_bytes{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}
+        * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) group_left(node) topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) (1,
+          max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_memory_working_set_bytes
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerMemoryWorkingSetBytes }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerMemoryWorkingSetBytes }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_resource.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_resource.yaml
new file mode 100644
index 0000000000..2d896e59e4
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_resource.yaml
@@ -0,0 +1,168 @@
+{{- /*
+Generated from 'k8s.rules.container-resource' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8sContainerResource }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "k8s.rules.container-resource" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: k8s.rules.container_resource
+    rules:
+    - expr: |-
+        kube_pod_container_resource_requests{resource="memory",job="{{ $kubeStateMetricsJob }}"}  * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster)
+        group_left() max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+          (kube_pod_status_phase{phase=~"Pending|Running"} == 1)
+        )
+      record: cluster:namespace:pod_memory:active:kube_pod_container_resource_requests
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, cluster) (
+            sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+                max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, container, cluster) (
+                  kube_pod_container_resource_requests{resource="memory",job="{{ $kubeStateMetricsJob }}"}
+                ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) group_left() max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+                  kube_pod_status_phase{phase=~"Pending|Running"} == 1
+                )
+            )
+        )
+      record: namespace_memory:kube_pod_container_resource_requests:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        kube_pod_container_resource_requests{resource="cpu",job="{{ $kubeStateMetricsJob }}"}  * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster)
+        group_left() max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+          (kube_pod_status_phase{phase=~"Pending|Running"} == 1)
+        )
+      record: cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, cluster) (
+            sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+                max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, container, cluster) (
+                  kube_pod_container_resource_requests{resource="cpu",job="{{ $kubeStateMetricsJob }}"}
+                ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) group_left() max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+                  kube_pod_status_phase{phase=~"Pending|Running"} == 1
+                )
+            )
+        )
+      record: namespace_cpu:kube_pod_container_resource_requests:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        kube_pod_container_resource_limits{resource="memory",job="{{ $kubeStateMetricsJob }}"}  * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster)
+        group_left() max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+          (kube_pod_status_phase{phase=~"Pending|Running"} == 1)
+        )
+      record: cluster:namespace:pod_memory:active:kube_pod_container_resource_limits
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, cluster) (
+            sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+                max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, container, cluster) (
+                  kube_pod_container_resource_limits{resource="memory",job="{{ $kubeStateMetricsJob }}"}
+                ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) group_left() max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+                  kube_pod_status_phase{phase=~"Pending|Running"} == 1
+                )
+            )
+        )
+      record: namespace_memory:kube_pod_container_resource_limits:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        kube_pod_container_resource_limits{resource="cpu",job="{{ $kubeStateMetricsJob }}"}  * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster)
+        group_left() max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+         (kube_pod_status_phase{phase=~"Pending|Running"} == 1)
+         )
+      record: cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, cluster) (
+            sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+                max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, container, cluster) (
+                  kube_pod_container_resource_limits{resource="cpu",job="{{ $kubeStateMetricsJob }}"}
+                ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) group_left() max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+                  kube_pod_status_phase{phase=~"Pending|Running"} == 1
+                )
+            )
+        )
+      record: namespace_cpu:kube_pod_container_resource_limits:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.pod_owner.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.pod_owner.yaml
new file mode 100644
index 0000000000..4915b25e73
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.pod_owner.yaml
@@ -0,0 +1,107 @@
+{{- /*
+Generated from 'k8s.rules.pod-owner' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8sPodOwner }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "k8s.rules.pod-owner" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: k8s.rules.pod_owner
+    rules:
+    - expr: |-
+        max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, workload, pod) (
+          label_replace(
+            label_replace(
+              kube_pod_owner{job="{{ $kubeStateMetricsJob }}", owner_kind="ReplicaSet"},
+              "replicaset", "$1", "owner_name", "(.*)"
+            ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}replicaset, namespace) group_left(owner_name) topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}replicaset, namespace) (
+              1, max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}replicaset, namespace, owner_name) (
+                kube_replicaset_owner{job="{{ $kubeStateMetricsJob }}"}
+              )
+            ),
+            "workload", "$1", "owner_name", "(.*)"
+          )
+        )
+      labels:
+        workload_type: deployment
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sPodOwner }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sPodOwner }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: namespace_workload_pod:kube_pod_owner:relabel
+    - expr: |-
+        max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, workload, pod) (
+          label_replace(
+            kube_pod_owner{job="{{ $kubeStateMetricsJob }}", owner_kind="DaemonSet"},
+            "workload", "$1", "owner_name", "(.*)"
+          )
+        )
+      labels:
+        workload_type: daemonset
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sPodOwner }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sPodOwner }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: namespace_workload_pod:kube_pod_owner:relabel
+    - expr: |-
+        max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, workload, pod) (
+          label_replace(
+            kube_pod_owner{job="{{ $kubeStateMetricsJob }}", owner_kind="StatefulSet"},
+            "workload", "$1", "owner_name", "(.*)"
+          )
+        )
+      labels:
+        workload_type: statefulset
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sPodOwner }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sPodOwner }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: namespace_workload_pod:kube_pod_owner:relabel
+    - expr: |-
+        max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, workload, pod) (
+          label_replace(
+            kube_pod_owner{job="{{ $kubeStateMetricsJob }}", owner_kind="Job"},
+            "workload", "$1", "owner_name", "(.*)"
+          )
+        )
+      labels:
+        workload_type: job
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sPodOwner }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sPodOwner }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: namespace_workload_pod:kube_pod_owner:relabel
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.yaml
new file mode 100644
index 0000000000..c61bd222ab
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.yaml
@@ -0,0 +1,237 @@
+{{- /*
+Generated from 'k8s.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/main/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8s }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "k8s.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: k8s.rules
+    rules:
+    - expr: |-
+        sum by (cluster, namespace, pod, container) (
+          irate(container_cpu_usage_seconds_total{job="{{ include "exporter.kubelet.jobName" . }}", metrics_path="/metrics/cadvisor", image!=""}[5m])
+        ) * on (cluster, namespace, pod) group_left(node) topk by (cluster, namespace, pod) (
+          1, max by(cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        container_memory_working_set_bytes{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}
+        * on (cluster, namespace, pod) group_left(node) topk by(cluster, namespace, pod) (1,
+          max by(cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_memory_working_set_bytes
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        container_memory_rss{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}
+        * on (cluster, namespace, pod) group_left(node) topk by(cluster, namespace, pod) (1,
+          max by(cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_memory_rss
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        container_memory_cache{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}
+        * on (cluster, namespace, pod) group_left(node) topk by(cluster, namespace, pod) (1,
+          max by(cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_memory_cache
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        container_memory_swap{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}
+        * on (cluster, namespace, pod) group_left(node) topk by(cluster, namespace, pod) (1,
+          max by(cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_memory_swap
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        kube_pod_container_resource_requests{resource="memory",job="kube-state-metrics"}  * on (namespace, pod, cluster)
+        group_left() max by (namespace, pod, cluster) (
+          (kube_pod_status_phase{phase=~"Pending|Running"} == 1)
+        )
+      record: cluster:namespace:pod_memory:active:kube_pod_container_resource_requests
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        sum by (namespace, cluster) (
+            sum by (namespace, pod, cluster) (
+                max by (namespace, pod, container, cluster) (
+                  kube_pod_container_resource_requests{resource="memory",job="kube-state-metrics"}
+                ) * on(namespace, pod, cluster) group_left() max by (namespace, pod, cluster) (
+                  kube_pod_status_phase{phase=~"Pending|Running"} == 1
+                )
+            )
+        )
+      record: namespace_memory:kube_pod_container_resource_requests:sum
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        kube_pod_container_resource_requests{resource="cpu",job="kube-state-metrics"}  * on (namespace, pod, cluster)
+        group_left() max by (namespace, pod, cluster) (
+          (kube_pod_status_phase{phase=~"Pending|Running"} == 1)
+        )
+      record: cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        sum by (namespace, cluster) (
+            sum by (namespace, pod, cluster) (
+                max by (namespace, pod, container, cluster) (
+                  kube_pod_container_resource_requests{resource="cpu",job="kube-state-metrics"}
+                ) * on(namespace, pod, cluster) group_left() max by (namespace, pod, cluster) (
+                  kube_pod_status_phase{phase=~"Pending|Running"} == 1
+                )
+            )
+        )
+      record: namespace_cpu:kube_pod_container_resource_requests:sum
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        kube_pod_container_resource_limits{resource="memory",job="kube-state-metrics"}  * on (namespace, pod, cluster)
+        group_left() max by (namespace, pod, cluster) (
+          (kube_pod_status_phase{phase=~"Pending|Running"} == 1)
+        )
+      record: cluster:namespace:pod_memory:active:kube_pod_container_resource_limits
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        sum by (namespace, cluster) (
+            sum by (namespace, pod, cluster) (
+                max by (namespace, pod, container, cluster) (
+                  kube_pod_container_resource_limits{resource="memory",job="kube-state-metrics"}
+                ) * on(namespace, pod, cluster) group_left() max by (namespace, pod, cluster) (
+                  kube_pod_status_phase{phase=~"Pending|Running"} == 1
+                )
+            )
+        )
+      record: namespace_memory:kube_pod_container_resource_limits:sum
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        kube_pod_container_resource_limits{resource="cpu",job="kube-state-metrics"}  * on (namespace, pod, cluster)
+        group_left() max by (namespace, pod, cluster) (
+         (kube_pod_status_phase{phase=~"Pending|Running"} == 1)
+         )
+      record: cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        sum by (namespace, cluster) (
+            sum by (namespace, pod, cluster) (
+                max by (namespace, pod, container, cluster) (
+                  kube_pod_container_resource_limits{resource="cpu",job="kube-state-metrics"}
+                ) * on(namespace, pod, cluster) group_left() max by (namespace, pod, cluster) (
+                  kube_pod_status_phase{phase=~"Pending|Running"} == 1
+                )
+            )
+        )
+      record: namespace_cpu:kube_pod_container_resource_limits:sum
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        max by (cluster, namespace, workload, pod) (
+          label_replace(
+            label_replace(
+              kube_pod_owner{job="kube-state-metrics", owner_kind="ReplicaSet"},
+              "replicaset", "$1", "owner_name", "(.*)"
+            ) * on(replicaset, namespace) group_left(owner_name) topk by(replicaset, namespace) (
+              1, max by (replicaset, namespace, owner_name) (
+                kube_replicaset_owner{job="kube-state-metrics"}
+              )
+            ),
+            "workload", "$1", "owner_name", "(.*)"
+          )
+        )
+      labels:
+        workload_type: deployment
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+      record: namespace_workload_pod:kube_pod_owner:relabel
+    - expr: |-
+        max by (cluster, namespace, workload, pod) (
+          label_replace(
+            kube_pod_owner{job="kube-state-metrics", owner_kind="DaemonSet"},
+            "workload", "$1", "owner_name", "(.*)"
+          )
+        )
+      labels:
+        workload_type: daemonset
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+      record: namespace_workload_pod:kube_pod_owner:relabel
+    - expr: |-
+        max by (cluster, namespace, workload, pod) (
+          label_replace(
+            kube_pod_owner{job="kube-state-metrics", owner_kind="StatefulSet"},
+            "workload", "$1", "owner_name", "(.*)"
+          )
+        )
+      labels:
+        workload_type: statefulset
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+      record: namespace_workload_pod:kube_pod_owner:relabel
+    - expr: |-
+        max by (cluster, namespace, workload, pod) (
+          label_replace(
+            kube_pod_owner{job="kube-state-metrics", owner_kind="Job"},
+            "workload", "$1", "owner_name", "(.*)"
+          )
+        )
+      labels:
+        workload_type: job
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+      record: namespace_workload_pod:kube_pod_owner:relabel
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-availability.rules.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-availability.rules.yaml
new file mode 100644
index 0000000000..6194e9c614
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-availability.rules.yaml
@@ -0,0 +1,273 @@
+{{- /*
+Generated from 'kube-apiserver-availability.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.kubeApiServer.enabled .Values.defaultRules.rules.kubeApiserverAvailability }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kube-apiserver-availability.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - interval: 3m
+    name: kube-apiserver-availability.rules
+    rules:
+    - expr: avg_over_time(code_verb:apiserver_request_total:increase1h[30d]) * 24 * 30
+      record: code_verb:apiserver_request_total:increase30d
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, code) (code_verb:apiserver_request_total:increase30d{verb=~"LIST|GET"})
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: code:apiserver_request_total:increase30d
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, code) (code_verb:apiserver_request_total:increase30d{verb=~"POST|PUT|PATCH|DELETE"})
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: code:apiserver_request_total:increase30d
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, verb, scope) (increase(apiserver_request_sli_duration_seconds_count{job="apiserver"}[1h]))
+      record: cluster_verb_scope:apiserver_request_sli_duration_seconds_count:increase1h
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, verb, scope) (avg_over_time(cluster_verb_scope:apiserver_request_sli_duration_seconds_count:increase1h[30d]) * 24 * 30)
+      record: cluster_verb_scope:apiserver_request_sli_duration_seconds_count:increase30d
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, verb, scope, le) (increase(apiserver_request_sli_duration_seconds_bucket[1h]))
+      record: cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase1h
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, verb, scope, le) (avg_over_time(cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase1h[30d]) * 24 * 30)
+      record: cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase30d
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        1 - (
+          (
+            # write too slow
+            sum by (cluster) (cluster_verb_scope:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count:increase30d{verb=~"POST|PUT|PATCH|DELETE"})
+            -
+            sum by (cluster) (cluster_verb_scope_le:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket:increase30d{verb=~"POST|PUT|PATCH|DELETE",le="1"})
+          ) +
+          (
+            # read too slow
+            sum by (cluster) (cluster_verb_scope:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count:increase30d{verb=~"LIST|GET"})
+            -
+            (
+              (
+                sum by (cluster) (cluster_verb_scope_le:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope=~"resource|",le="1"})
+                or
+                vector(0)
+              )
+              +
+              sum by (cluster) (cluster_verb_scope_le:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope="namespace",le="5"})
+              +
+              sum by (cluster) (cluster_verb_scope_le:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope="cluster",le="30"})
+            )
+          ) +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (code:apiserver_request_total:increase30d{code=~"5.."} or vector(0))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (code:apiserver_request_total:increase30d)
+      labels:
+        verb: all
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:availability30d
+    - expr: |-
+        1 - (
+          sum by (cluster) (cluster_verb_scope:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count:increase30d{verb=~"LIST|GET"})
+          -
+          (
+            # too slow
+            (
+              sum by (cluster) (cluster_verb_scope_le:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope=~"resource|",le="1"})
+              or
+              vector(0)
+            )
+            +
+            sum by (cluster) (cluster_verb_scope_le:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope="namespace",le="5"})
+            +
+            sum by (cluster) (cluster_verb_scope_le:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope="cluster",le="30"})
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (code:apiserver_request_total:increase30d{verb="read",code=~"5.."} or vector(0))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (code:apiserver_request_total:increase30d{verb="read"})
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:availability30d
+    - expr: |-
+        1 - (
+          (
+            # too slow
+            sum by (cluster) (cluster_verb_scope:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count:increase30d{verb=~"POST|PUT|PATCH|DELETE"})
+            -
+            sum by (cluster) (cluster_verb_scope_le:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket:increase30d{verb=~"POST|PUT|PATCH|DELETE",le="1"})
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (code:apiserver_request_total:increase30d{verb="write",code=~"5.."} or vector(0))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (code:apiserver_request_total:increase30d{verb="write"})
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:availability30d
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,code,resource) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[5m]))
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: code_resource:apiserver_request_total:rate5m
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,code,resource) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[5m]))
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: code_resource:apiserver_request_total:rate5m
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, code, verb) (increase(apiserver_request_total{job="apiserver",verb=~"LIST|GET|POST|PUT|PATCH|DELETE",code=~"2.."}[1h]))
+      record: code_verb:apiserver_request_total:increase1h
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, code, verb) (increase(apiserver_request_total{job="apiserver",verb=~"LIST|GET|POST|PUT|PATCH|DELETE",code=~"3.."}[1h]))
+      record: code_verb:apiserver_request_total:increase1h
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, code, verb) (increase(apiserver_request_total{job="apiserver",verb=~"LIST|GET|POST|PUT|PATCH|DELETE",code=~"4.."}[1h]))
+      record: code_verb:apiserver_request_total:increase1h
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, code, verb) (increase(apiserver_request_total{job="apiserver",verb=~"LIST|GET|POST|PUT|PATCH|DELETE",code=~"5.."}[1h]))
+      record: code_verb:apiserver_request_total:increase1h
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-burnrate.rules.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-burnrate.rules.yaml
new file mode 100644
index 0000000000..e6666a6f41
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-burnrate.rules.yaml
@@ -0,0 +1,440 @@
+{{- /*
+Generated from 'kube-apiserver-burnrate.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.kubeApiServer.enabled .Values.defaultRules.rules.kubeApiserverBurnrate }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kube-apiserver-burnrate.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kube-apiserver-burnrate.rules
+    rules:
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[1d]))
+            -
+            (
+              (
+                sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le="1"}[1d]))
+                or
+                vector(0)
+              )
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le="5"}[1d]))
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le="30"}[1d]))
+            )
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[1d]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[1d]))
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate1d
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[1h]))
+            -
+            (
+              (
+                sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le="1"}[1h]))
+                or
+                vector(0)
+              )
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le="5"}[1h]))
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le="30"}[1h]))
+            )
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[1h]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[1h]))
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate1h
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[2h]))
+            -
+            (
+              (
+                sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le="1"}[2h]))
+                or
+                vector(0)
+              )
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le="5"}[2h]))
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le="30"}[2h]))
+            )
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[2h]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[2h]))
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate2h
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[30m]))
+            -
+            (
+              (
+                sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le="1"}[30m]))
+                or
+                vector(0)
+              )
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le="5"}[30m]))
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le="30"}[30m]))
+            )
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[30m]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[30m]))
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate30m
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[3d]))
+            -
+            (
+              (
+                sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le="1"}[3d]))
+                or
+                vector(0)
+              )
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le="5"}[3d]))
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le="30"}[3d]))
+            )
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[3d]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[3d]))
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate3d
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[5m]))
+            -
+            (
+              (
+                sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le="1"}[5m]))
+                or
+                vector(0)
+              )
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le="5"}[5m]))
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le="30"}[5m]))
+            )
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[5m]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[5m]))
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate5m
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[6h]))
+            -
+            (
+              (
+                sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le="1"}[6h]))
+                or
+                vector(0)
+              )
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le="5"}[6h]))
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le="30"}[6h]))
+            )
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[6h]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[6h]))
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate6h
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[1d]))
+            -
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le="1"}[1d]))
+          )
+          +
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[1d]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[1d]))
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate1d
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[1h]))
+            -
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le="1"}[1h]))
+          )
+          +
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[1h]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[1h]))
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate1h
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[2h]))
+            -
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le="1"}[2h]))
+          )
+          +
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[2h]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[2h]))
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate2h
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[30m]))
+            -
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le="1"}[30m]))
+          )
+          +
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[30m]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[30m]))
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate30m
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[3d]))
+            -
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le="1"}[3d]))
+          )
+          +
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[3d]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[3d]))
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate3d
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[5m]))
+            -
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le="1"}[5m]))
+          )
+          +
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[5m]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[5m]))
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate5m
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[6h]))
+            -
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le="1"}[6h]))
+          )
+          +
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[6h]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[6h]))
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate6h
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-histogram.rules.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-histogram.rules.yaml
new file mode 100644
index 0000000000..d145341952
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-histogram.rules.yaml
@@ -0,0 +1,53 @@
+{{- /*
+Generated from 'kube-apiserver-histogram.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.kubeApiServer.enabled .Values.defaultRules.rules.kubeApiserverHistogram }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kube-apiserver-histogram.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kube-apiserver-histogram.rules
+    rules:
+    - expr: histogram_quantile(0.99, sum by (cluster, le, resource) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[5m]))) > 0
+      labels:
+        quantile: '0.99'
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverHistogram }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverHistogram }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:apiserver_request_sli_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.99, sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, le, resource) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[5m]))) > 0
+      labels:
+        quantile: '0.99'
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverHistogram }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverHistogram }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:apiserver_request_sli_duration_seconds:histogram_quantile
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml
new file mode 100644
index 0000000000..30ef9a4293
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml
@@ -0,0 +1,159 @@
+{{- /*
+Generated from 'kube-apiserver-slos' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.kubeApiServer.enabled .Values.defaultRules.rules.kubeApiserverSlos }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kube-apiserver-slos" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kube-apiserver-slos
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubeAPIErrorBudgetBurn | default false) }}
+    - alert: KubeAPIErrorBudgetBurn
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeApiserverSlos }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeApiserverSlos | indent 8 }}
+{{- end }}
+        description: The API server is burning too much error budget.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeapierrorbudgetburn
+        summary: The API server is burning too much error budget.
+      expr: |-
+        sum(apiserver_request:burnrate1h) > (14.40 * 0.01000)
+        and
+        sum(apiserver_request:burnrate5m) > (14.40 * 0.01000)
+      for: {{ dig "KubeAPIErrorBudgetBurn" "for" "2m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        long: 1h
+        severity: {{ dig "KubeAPIErrorBudgetBurn" "severity" "critical" .Values.customRules }}
+        short: 5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverSlos }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverSlos }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeAPIErrorBudgetBurn | default false) }}
+    - alert: KubeAPIErrorBudgetBurn
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeApiserverSlos }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeApiserverSlos | indent 8 }}
+{{- end }}
+        description: The API server is burning too much error budget.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeapierrorbudgetburn
+        summary: The API server is burning too much error budget.
+      expr: |-
+        sum(apiserver_request:burnrate6h) > (6.00 * 0.01000)
+        and
+        sum(apiserver_request:burnrate30m) > (6.00 * 0.01000)
+      for: {{ dig "KubeAPIErrorBudgetBurn" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        long: 6h
+        severity: {{ dig "KubeAPIErrorBudgetBurn" "severity" "critical" .Values.customRules }}
+        short: 30m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverSlos }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverSlos }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeAPIErrorBudgetBurn | default false) }}
+    - alert: KubeAPIErrorBudgetBurn
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeApiserverSlos }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeApiserverSlos | indent 8 }}
+{{- end }}
+        description: The API server is burning too much error budget.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeapierrorbudgetburn
+        summary: The API server is burning too much error budget.
+      expr: |-
+        sum(apiserver_request:burnrate1d) > (3.00 * 0.01000)
+        and
+        sum(apiserver_request:burnrate2h) > (3.00 * 0.01000)
+      for: {{ dig "KubeAPIErrorBudgetBurn" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        long: 1d
+        severity: {{ dig "KubeAPIErrorBudgetBurn" "severity" "warning" .Values.customRules }}
+        short: 2h
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverSlos }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverSlos }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeAPIErrorBudgetBurn | default false) }}
+    - alert: KubeAPIErrorBudgetBurn
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeApiserverSlos }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeApiserverSlos | indent 8 }}
+{{- end }}
+        description: The API server is burning too much error budget.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeapierrorbudgetburn
+        summary: The API server is burning too much error budget.
+      expr: |-
+        sum(apiserver_request:burnrate3d) > (1.00 * 0.01000)
+        and
+        sum(apiserver_request:burnrate6h) > (1.00 * 0.01000)
+      for: {{ dig "KubeAPIErrorBudgetBurn" "for" "3h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        long: 3d
+        severity: {{ dig "KubeAPIErrorBudgetBurn" "severity" "warning" .Values.customRules }}
+        short: 6h
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverSlos }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverSlos }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml
new file mode 100644
index 0000000000..fcf35f389b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml
@@ -0,0 +1,49 @@
+{{- /*
+Generated from 'kube-prometheus-general.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubePrometheus-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubePrometheusGeneral }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kube-prometheus-general.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kube-prometheus-general.rules
+    rules:
+    - expr: count without(instance, pod, node) (up == 1)
+      record: count:up1
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusGeneral }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusGeneral }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: count without(instance, pod, node) (up == 0)
+      record: count:up0
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusGeneral }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusGeneral }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml
new file mode 100644
index 0000000000..7a0d202324
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml
@@ -0,0 +1,93 @@
+{{- /*
+Generated from 'kube-prometheus-node-recording.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubePrometheus-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubePrometheusNodeRecording }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kube-prometheus-node-recording.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kube-prometheus-node-recording.rules
+    rules:
+    - expr: sum(rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal"}[3m])) BY (instance)
+      record: instance:node_cpu:rate:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum(rate(node_network_receive_bytes_total[3m])) BY (instance)
+      record: instance:node_network_receive_bytes:rate:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum(rate(node_network_transmit_bytes_total[3m])) BY (instance)
+      record: instance:node_network_transmit_bytes:rate:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum(rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal"}[5m])) WITHOUT (cpu, mode) / ON(instance) GROUP_LEFT() count(sum(node_cpu_seconds_total) BY (instance, cpu)) BY (instance)
+      record: instance:node_cpu:ratio
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum(rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal"}[5m]))
+      record: cluster:node_cpu:sum_rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: cluster:node_cpu:sum_rate5m / count(sum(node_cpu_seconds_total) BY (instance, cpu))
+      record: cluster:node_cpu:ratio
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml
new file mode 100644
index 0000000000..c9d61ce37b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml
@@ -0,0 +1,135 @@
+{{- /*
+Generated from 'kube-scheduler.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.kubeScheduler.enabled .Values.defaultRules.rules.kubeSchedulerRecording }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kube-scheduler.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kube-scheduler.rules
+    rules:
+    - expr: histogram_quantile(0.99, sum(rate(scheduler_e2e_scheduling_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.99'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_e2e_scheduling_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.99, sum(rate(scheduler_scheduling_algorithm_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.99'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_scheduling_algorithm_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.99, sum(rate(scheduler_binding_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.99'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_binding_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.9, sum(rate(scheduler_e2e_scheduling_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.9'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_e2e_scheduling_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.9, sum(rate(scheduler_scheduling_algorithm_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.9'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_scheduling_algorithm_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.9, sum(rate(scheduler_binding_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.9'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_binding_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.5, sum(rate(scheduler_e2e_scheduling_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.5'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_e2e_scheduling_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.5, sum(rate(scheduler_scheduling_algorithm_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.5'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_scheduling_algorithm_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.5, sum(rate(scheduler_binding_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.5'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_binding_duration_seconds:histogram_quantile
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-state-metrics.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-state-metrics.yaml
new file mode 100644
index 0000000000..d1ad3cae5e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kube-state-metrics.yaml
@@ -0,0 +1,152 @@
+{{- /*
+Generated from 'kube-state-metrics' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubeStateMetrics-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubeStateMetrics }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kube-state-metrics" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kube-state-metrics
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubeStateMetricsListErrors | default false) }}
+    - alert: KubeStateMetricsListErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeStateMetrics }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeStateMetrics | indent 8 }}
+{{- end }}
+        description: kube-state-metrics is experiencing errors at an elevated rate in list operations. This is likely causing it to not be able to expose metrics about Kubernetes objects correctly or at all.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kube-state-metrics/kubestatemetricslisterrors
+        summary: kube-state-metrics is experiencing errors in list operations.
+      expr: |-
+        (sum(rate(kube_state_metrics_list_total{job="{{ $kubeStateMetricsJob }}",result="error"}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)
+          /
+        sum(rate(kube_state_metrics_list_total{job="{{ $kubeStateMetricsJob }}"}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster))
+        > 0.01
+      for: {{ dig "KubeStateMetricsListErrors" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeStateMetricsListErrors" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeStateMetrics }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeStateMetrics }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeStateMetricsWatchErrors | default false) }}
+    - alert: KubeStateMetricsWatchErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeStateMetrics }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeStateMetrics | indent 8 }}
+{{- end }}
+        description: kube-state-metrics is experiencing errors at an elevated rate in watch operations. This is likely causing it to not be able to expose metrics about Kubernetes objects correctly or at all.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kube-state-metrics/kubestatemetricswatcherrors
+        summary: kube-state-metrics is experiencing errors in watch operations.
+      expr: |-
+        (sum(rate(kube_state_metrics_watch_total{job="{{ $kubeStateMetricsJob }}",result="error"}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)
+          /
+        sum(rate(kube_state_metrics_watch_total{job="{{ $kubeStateMetricsJob }}"}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster))
+        > 0.01
+      for: {{ dig "KubeStateMetricsWatchErrors" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeStateMetricsWatchErrors" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeStateMetrics }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeStateMetrics }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeStateMetricsShardingMismatch | default false) }}
+    - alert: KubeStateMetricsShardingMismatch
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeStateMetrics }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeStateMetrics | indent 8 }}
+{{- end }}
+        description: kube-state-metrics pods are running with different --total-shards configuration, some Kubernetes objects may be exposed multiple times or not exposed at all.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kube-state-metrics/kubestatemetricsshardingmismatch
+        summary: kube-state-metrics sharding is misconfigured.
+      expr: stdvar (kube_state_metrics_total_shards{job="{{ $kubeStateMetricsJob }}"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) != 0
+      for: {{ dig "KubeStateMetricsShardingMismatch" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeStateMetricsShardingMismatch" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeStateMetrics }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeStateMetrics }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeStateMetricsShardsMissing | default false) }}
+    - alert: KubeStateMetricsShardsMissing
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeStateMetrics }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeStateMetrics | indent 8 }}
+{{- end }}
+        description: kube-state-metrics shards are missing, some Kubernetes objects are not being exposed.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kube-state-metrics/kubestatemetricsshardsmissing
+        summary: kube-state-metrics shards are missing.
+      expr: |-
+        2^max(kube_state_metrics_total_shards{job="{{ $kubeStateMetricsJob }}"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) - 1
+          -
+        sum( 2 ^ max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, shard_ordinal) (kube_state_metrics_shard_ordinal{job="{{ $kubeStateMetricsJob }}"}) ) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)
+        != 0
+      for: {{ dig "KubeStateMetricsShardsMissing" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeStateMetricsShardsMissing" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeStateMetrics }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeStateMetrics }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubelet.rules.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubelet.rules.yaml
new file mode 100644
index 0000000000..39fdddf3fe
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubelet.rules.yaml
@@ -0,0 +1,65 @@
+{{- /*
+Generated from 'kubelet.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubelet }}
+{{- if (include "exporter.kubelet.enabled" .)}}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubelet.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubelet.rules
+    rules:
+    - expr: histogram_quantile(0.99, sum(rate(kubelet_pleg_relist_duration_seconds_bucket{job="kubelet", metrics_path="/metrics"}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance, le) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) group_left(node) kubelet_node_name{job="kubelet", metrics_path="/metrics"})
+      labels:
+        quantile: '0.99'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubelet }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubelet }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: node_quantile:kubelet_pleg_relist_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.9, sum(rate(kubelet_pleg_relist_duration_seconds_bucket{job="kubelet", metrics_path="/metrics"}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance, le) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) group_left(node) kubelet_node_name{job="kubelet", metrics_path="/metrics"})
+      labels:
+        quantile: '0.9'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubelet }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubelet }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: node_quantile:kubelet_pleg_relist_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.5, sum(rate(kubelet_pleg_relist_duration_seconds_bucket{job="kubelet", metrics_path="/metrics"}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance, le) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) group_left(node) kubelet_node_name{job="kubelet", metrics_path="/metrics"})
+      labels:
+        quantile: '0.5'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubelet }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubelet }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: node_quantile:kubelet_pleg_relist_duration_seconds:histogram_quantile
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-apps.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-apps.yaml
new file mode 100644
index 0000000000..2a861a522c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-apps.yaml
@@ -0,0 +1,568 @@
+{{- /*
+Generated from 'kubernetes-apps' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubernetesApps }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+{{- $targetNamespace := .Values.defaultRules.appNamespacesTarget }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-apps" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-apps
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubePodCrashLooping | default false) }}
+    - alert: KubePodCrashLooping
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: 'Pod {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}} ({{`{{`}} $labels.container {{`}}`}}) is in waiting state (reason: "CrashLoopBackOff").'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubepodcrashlooping
+        summary: Pod is crash looping.
+      expr: max_over_time(kube_pod_container_status_waiting_reason{reason="CrashLoopBackOff", job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}[5m]) >= 1
+      for: {{ dig "KubePodCrashLooping" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubePodCrashLooping" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubePodNotReady | default false) }}
+    - alert: KubePodNotReady
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: Pod {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}} has been in a non-ready state for longer than 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubepodnotready
+        summary: Pod has been in a non-ready state for more than 15 minutes.
+      expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+          max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+            kube_pod_status_phase{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}", phase=~"Pending|Unknown|Failed"}
+          ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) group_left(owner_kind) topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+            1, max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, owner_kind, cluster) (kube_pod_owner{owner_kind!="Job"})
+          )
+        ) > 0
+      for: {{ dig "KubePodNotReady" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubePodNotReady" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeDeploymentGenerationMismatch | default false) }}
+    - alert: KubeDeploymentGenerationMismatch
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: Deployment generation for {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.deployment {{`}}`}} does not match, this indicates that the Deployment has failed but has not been rolled back.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubedeploymentgenerationmismatch
+        summary: Deployment generation mismatch due to possible roll-back
+      expr: |-
+        kube_deployment_status_observed_generation{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          !=
+        kube_deployment_metadata_generation{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+      for: {{ dig "KubeDeploymentGenerationMismatch" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeDeploymentGenerationMismatch" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeDeploymentReplicasMismatch | default false) }}
+    - alert: KubeDeploymentReplicasMismatch
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: Deployment {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.deployment {{`}}`}} has not matched the expected number of replicas for longer than 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubedeploymentreplicasmismatch
+        summary: Deployment has not matched the expected number of replicas.
+      expr: |-
+        (
+          kube_deployment_spec_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+            >
+          kube_deployment_status_replicas_available{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+        ) and (
+          changes(kube_deployment_status_replicas_updated{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}[10m])
+            ==
+          0
+        )
+      for: {{ dig "KubeDeploymentReplicasMismatch" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeDeploymentReplicasMismatch" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeDeploymentRolloutStuck | default false) }}
+    - alert: KubeDeploymentRolloutStuck
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: Rollout of deployment {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.deployment {{`}}`}} is not progressing for longer than 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubedeploymentrolloutstuck
+        summary: Deployment rollout is not progressing.
+      expr: |-
+        kube_deployment_status_condition{condition="Progressing", status="false",job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+        != 0
+      for: {{ dig "KubeDeploymentRolloutStuck" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeDeploymentRolloutStuck" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeStatefulSetReplicasMismatch | default false) }}
+    - alert: KubeStatefulSetReplicasMismatch
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: StatefulSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.statefulset {{`}}`}} has not matched the expected number of replicas for longer than 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubestatefulsetreplicasmismatch
+        summary: StatefulSet has not matched the expected number of replicas.
+      expr: |-
+        (
+          kube_statefulset_status_replicas_ready{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+            !=
+          kube_statefulset_status_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+        ) and (
+          changes(kube_statefulset_status_replicas_updated{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}[10m])
+            ==
+          0
+        )
+      for: {{ dig "KubeStatefulSetReplicasMismatch" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeStatefulSetReplicasMismatch" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeStatefulSetGenerationMismatch | default false) }}
+    - alert: KubeStatefulSetGenerationMismatch
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: StatefulSet generation for {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.statefulset {{`}}`}} does not match, this indicates that the StatefulSet has failed but has not been rolled back.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubestatefulsetgenerationmismatch
+        summary: StatefulSet generation mismatch due to possible roll-back
+      expr: |-
+        kube_statefulset_status_observed_generation{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          !=
+        kube_statefulset_metadata_generation{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+      for: {{ dig "KubeStatefulSetGenerationMismatch" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeStatefulSetGenerationMismatch" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeStatefulSetUpdateNotRolledOut | default false) }}
+    - alert: KubeStatefulSetUpdateNotRolledOut
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: StatefulSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.statefulset {{`}}`}} update has not been rolled out.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubestatefulsetupdatenotrolledout
+        summary: StatefulSet update has not been rolled out.
+      expr: |-
+        (
+          max without (revision) (
+            kube_statefulset_status_current_revision{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+              unless
+            kube_statefulset_status_update_revision{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          )
+            *
+          (
+            kube_statefulset_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+              !=
+            kube_statefulset_status_replicas_updated{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          )
+        )  and (
+          changes(kube_statefulset_status_replicas_updated{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}[5m])
+            ==
+          0
+        )
+      for: {{ dig "KubeStatefulSetUpdateNotRolledOut" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeStatefulSetUpdateNotRolledOut" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeDaemonSetRolloutStuck | default false) }}
+    - alert: KubeDaemonSetRolloutStuck
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: DaemonSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.daemonset {{`}}`}} has not finished or progressed for at least 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubedaemonsetrolloutstuck
+        summary: DaemonSet rollout is stuck.
+      expr: |-
+        (
+          (
+            kube_daemonset_status_current_number_scheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+             !=
+            kube_daemonset_status_desired_number_scheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          ) or (
+            kube_daemonset_status_number_misscheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+             !=
+            0
+          ) or (
+            kube_daemonset_status_updated_number_scheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+             !=
+            kube_daemonset_status_desired_number_scheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          ) or (
+            kube_daemonset_status_number_available{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+             !=
+            kube_daemonset_status_desired_number_scheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          )
+        ) and (
+          changes(kube_daemonset_status_updated_number_scheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}[5m])
+            ==
+          0
+        )
+      for: {{ dig "KubeDaemonSetRolloutStuck" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeDaemonSetRolloutStuck" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeContainerWaiting | default false) }}
+    - alert: KubeContainerWaiting
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: pod/{{`{{`}} $labels.pod {{`}}`}} in namespace {{`{{`}} $labels.namespace {{`}}`}} on container {{`{{`}} $labels.container{{`}}`}} has been in waiting state for longer than 1 hour.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubecontainerwaiting
+        summary: Pod container waiting longer than 1 hour
+      expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, container, cluster) (kube_pod_container_status_waiting_reason{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}) > 0
+      for: {{ dig "KubeContainerWaiting" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeContainerWaiting" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeDaemonSetNotScheduled | default false) }}
+    - alert: KubeDaemonSetNotScheduled
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $value {{`}}`}} Pods of DaemonSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.daemonset {{`}}`}} are not scheduled.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubedaemonsetnotscheduled
+        summary: DaemonSet pods are not scheduled.
+      expr: |-
+        kube_daemonset_status_desired_number_scheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          -
+        kube_daemonset_status_current_number_scheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"} > 0
+      for: {{ dig "KubeDaemonSetNotScheduled" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeDaemonSetNotScheduled" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeDaemonSetMisScheduled | default false) }}
+    - alert: KubeDaemonSetMisScheduled
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $value {{`}}`}} Pods of DaemonSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.daemonset {{`}}`}} are running where they are not supposed to run.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubedaemonsetmisscheduled
+        summary: DaemonSet pods are misscheduled.
+      expr: kube_daemonset_status_number_misscheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"} > 0
+      for: {{ dig "KubeDaemonSetMisScheduled" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeDaemonSetMisScheduled" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeJobNotCompleted | default false) }}
+    - alert: KubeJobNotCompleted
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: Job {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.job_name {{`}}`}} is taking more than {{`{{`}} "43200" | humanizeDuration {{`}}`}} to complete.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubejobnotcompleted
+        summary: Job did not complete in time
+      expr: |-
+        time() - max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, job_name, cluster) (kube_job_status_start_time{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          and
+        kube_job_status_active{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"} > 0) > 43200
+      labels:
+        severity: {{ dig "KubeJobNotCompleted" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeJobFailed | default false) }}
+    - alert: KubeJobFailed
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: Job {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.job_name {{`}}`}} failed to complete. Removing failed job after investigation should clear this alert.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubejobfailed
+        summary: Job failed to complete.
+      expr: kube_job_failed{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}  > 0
+      for: {{ dig "KubeJobFailed" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeJobFailed" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeHpaReplicasMismatch | default false) }}
+    - alert: KubeHpaReplicasMismatch
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: HPA {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.horizontalpodautoscaler  {{`}}`}} has not matched the desired number of replicas for longer than 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubehpareplicasmismatch
+        summary: HPA has not matched desired number of replicas.
+      expr: |-
+        (kube_horizontalpodautoscaler_status_desired_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          !=
+        kube_horizontalpodautoscaler_status_current_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"})
+          and
+        (kube_horizontalpodautoscaler_status_current_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          >
+        kube_horizontalpodautoscaler_spec_min_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"})
+          and
+        (kube_horizontalpodautoscaler_status_current_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          <
+        kube_horizontalpodautoscaler_spec_max_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"})
+          and
+        changes(kube_horizontalpodautoscaler_status_current_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}[15m]) == 0
+      for: {{ dig "KubeHpaReplicasMismatch" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeHpaReplicasMismatch" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeHpaMaxedOut | default false) }}
+    - alert: KubeHpaMaxedOut
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: HPA {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.horizontalpodautoscaler  {{`}}`}} has been running at max replicas for longer than 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubehpamaxedout
+        summary: HPA is running at max replicas
+      expr: |-
+        kube_horizontalpodautoscaler_status_current_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          ==
+        kube_horizontalpodautoscaler_spec_max_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+      for: {{ dig "KubeHpaMaxedOut" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeHpaMaxedOut" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-resources.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-resources.yaml
new file mode 100644
index 0000000000..1d32f9bbad
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-resources.yaml
@@ -0,0 +1,282 @@
+{{- /*
+Generated from 'kubernetes-resources' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubernetesResources }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-resources" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-resources
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubeCPUOvercommit | default false) }}
+    - alert: KubeCPUOvercommit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources | indent 8 }}
+{{- end }}
+        description: Cluster {{`{{`}} $labels.cluster {{`}}`}} has overcommitted CPU resource requests for Pods by {{`{{`}} $value {{`}}`}} CPU shares and cannot tolerate node failure.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubecpuovercommit
+        summary: Cluster has overcommitted CPU resource requests.
+      expr: |-
+        sum(namespace_cpu:kube_pod_container_resource_requests:sum{job="{{ $kubeStateMetricsJob }}",}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) - (sum(kube_node_status_allocatable{job="{{ $kubeStateMetricsJob }}",resource="cpu"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) - max(kube_node_status_allocatable{job="{{ $kubeStateMetricsJob }}",resource="cpu"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)) > 0
+        and
+        (sum(kube_node_status_allocatable{job="{{ $kubeStateMetricsJob }}",resource="cpu"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) - max(kube_node_status_allocatable{job="{{ $kubeStateMetricsJob }}",resource="cpu"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)) > 0
+      for: {{ dig "KubeCPUOvercommit" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeCPUOvercommit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeMemoryOvercommit | default false) }}
+    - alert: KubeMemoryOvercommit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources | indent 8 }}
+{{- end }}
+        description: Cluster {{`{{`}} $labels.cluster {{`}}`}} has overcommitted memory resource requests for Pods by {{`{{`}} $value | humanize {{`}}`}} bytes and cannot tolerate node failure.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubememoryovercommit
+        summary: Cluster has overcommitted memory resource requests.
+      expr: |-
+        sum(namespace_memory:kube_pod_container_resource_requests:sum{}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) - (sum(kube_node_status_allocatable{resource="memory", job="{{ $kubeStateMetricsJob }}"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) - max(kube_node_status_allocatable{resource="memory", job="{{ $kubeStateMetricsJob }}"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)) > 0
+        and
+        (sum(kube_node_status_allocatable{resource="memory", job="{{ $kubeStateMetricsJob }}"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) - max(kube_node_status_allocatable{resource="memory", job="{{ $kubeStateMetricsJob }}"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)) > 0
+      for: {{ dig "KubeMemoryOvercommit" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeMemoryOvercommit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeCPUQuotaOvercommit | default false) }}
+    - alert: KubeCPUQuotaOvercommit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources | indent 8 }}
+{{- end }}
+        description: Cluster {{`{{`}} $labels.cluster {{`}}`}}  has overcommitted CPU resource requests for Namespaces.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubecpuquotaovercommit
+        summary: Cluster has overcommitted CPU resource requests.
+      expr: |-
+        sum(min without(resource) (kube_resourcequota{job="{{ $kubeStateMetricsJob }}", type="hard", resource=~"(cpu|requests.cpu)"})) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)
+          /
+        sum(kube_node_status_allocatable{resource="cpu", job="{{ $kubeStateMetricsJob }}"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)
+          > 1.5
+      for: {{ dig "KubeCPUQuotaOvercommit" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeCPUQuotaOvercommit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeMemoryQuotaOvercommit | default false) }}
+    - alert: KubeMemoryQuotaOvercommit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources | indent 8 }}
+{{- end }}
+        description: Cluster {{`{{`}} $labels.cluster {{`}}`}}  has overcommitted memory resource requests for Namespaces.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubememoryquotaovercommit
+        summary: Cluster has overcommitted memory resource requests.
+      expr: |-
+        sum(min without(resource) (kube_resourcequota{job="{{ $kubeStateMetricsJob }}", type="hard", resource=~"(memory|requests.memory)"})) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)
+          /
+        sum(kube_node_status_allocatable{resource="memory", job="{{ $kubeStateMetricsJob }}"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)
+          > 1.5
+      for: {{ dig "KubeMemoryQuotaOvercommit" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeMemoryQuotaOvercommit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeQuotaAlmostFull | default false) }}
+    - alert: KubeQuotaAlmostFull
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources | indent 8 }}
+{{- end }}
+        description: Namespace {{`{{`}} $labels.namespace {{`}}`}} is using {{`{{`}} $value | humanizePercentage {{`}}`}} of its {{`{{`}} $labels.resource {{`}}`}} quota.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubequotaalmostfull
+        summary: Namespace quota is going to be full.
+      expr: |-
+        kube_resourcequota{job="{{ $kubeStateMetricsJob }}", type="used"}
+          / ignoring(instance, job, type)
+        (kube_resourcequota{job="{{ $kubeStateMetricsJob }}", type="hard"} > 0)
+          > 0.9 < 1
+      for: {{ dig "KubeQuotaAlmostFull" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeQuotaAlmostFull" "severity" "info" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeQuotaFullyUsed | default false) }}
+    - alert: KubeQuotaFullyUsed
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources | indent 8 }}
+{{- end }}
+        description: Namespace {{`{{`}} $labels.namespace {{`}}`}} is using {{`{{`}} $value | humanizePercentage {{`}}`}} of its {{`{{`}} $labels.resource {{`}}`}} quota.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubequotafullyused
+        summary: Namespace quota is fully used.
+      expr: |-
+        kube_resourcequota{job="{{ $kubeStateMetricsJob }}", type="used"}
+          / ignoring(instance, job, type)
+        (kube_resourcequota{job="{{ $kubeStateMetricsJob }}", type="hard"} > 0)
+          == 1
+      for: {{ dig "KubeQuotaFullyUsed" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeQuotaFullyUsed" "severity" "info" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeQuotaExceeded | default false) }}
+    - alert: KubeQuotaExceeded
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources | indent 8 }}
+{{- end }}
+        description: Namespace {{`{{`}} $labels.namespace {{`}}`}} is using {{`{{`}} $value | humanizePercentage {{`}}`}} of its {{`{{`}} $labels.resource {{`}}`}} quota.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubequotaexceeded
+        summary: Namespace quota has exceeded the limits.
+      expr: |-
+        kube_resourcequota{job="{{ $kubeStateMetricsJob }}", type="used"}
+          / ignoring(instance, job, type)
+        (kube_resourcequota{job="{{ $kubeStateMetricsJob }}", type="hard"} > 0)
+          > 1
+      for: {{ dig "KubeQuotaExceeded" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeQuotaExceeded" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.CPUThrottlingHigh | default false) }}
+    - alert: CPUThrottlingHigh
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $value | humanizePercentage {{`}}`}} throttling of CPU in namespace {{`{{`}} $labels.namespace {{`}}`}} for container {{`{{`}} $labels.container {{`}}`}} in pod {{`{{`}} $labels.pod {{`}}`}}.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/cputhrottlinghigh
+        summary: Processes experience elevated CPU throttling.
+      expr: |-
+        sum(increase(container_cpu_cfs_throttled_periods_total{container!="", }[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, container, pod, namespace)
+          /
+        sum(increase(container_cpu_cfs_periods_total{}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, container, pod, namespace)
+          > ( 25 / 100 )
+      for: {{ dig "CPUThrottlingHigh" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "CPUThrottlingHigh" "severity" "info" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-storage.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-storage.yaml
new file mode 100644
index 0000000000..b988445653
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-storage.yaml
@@ -0,0 +1,216 @@
+{{- /*
+Generated from 'kubernetes-storage' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubernetesStorage }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+{{- $targetNamespace := .Values.defaultRules.appNamespacesTarget }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-storage" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-storage
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubePersistentVolumeFillingUp | default false) }}
+    - alert: KubePersistentVolumeFillingUp
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage | indent 8 }}
+{{- end }}
+        description: The PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} {{`{{`}} with $labels.cluster -{{`}}`}} on Cluster {{`{{`}} . {{`}}`}} {{`{{`}}- end {{`}}`}} is only {{`{{`}} $value | humanizePercentage {{`}}`}} free.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubepersistentvolumefillingup
+        summary: PersistentVolume is filling up.
+      expr: |-
+        kubelet_volume_stats_available_bytes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}
+          /
+        kubelet_volume_stats_capacity_bytes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}
+          < 0.03
+        and
+        kubelet_volume_stats_used_bytes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"} > 0
+        unless on(namespace, persistentvolumeclaim)
+        kube_persistentvolumeclaim_access_mode{ access_mode="ReadOnlyMany"} == 1
+        unless on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, persistentvolumeclaim)
+        kube_persistentvolumeclaim_labels{label_excluded_from_alerts="true"} == 1
+      for: {{ dig "KubePersistentVolumeFillingUp" "for" "1m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubePersistentVolumeFillingUp" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubePersistentVolumeFillingUp | default false) }}
+    - alert: KubePersistentVolumeFillingUp
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage | indent 8 }}
+{{- end }}
+        description: Based on recent sampling, the PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} {{`{{`}} with $labels.cluster -{{`}}`}} on Cluster {{`{{`}} . {{`}}`}} {{`{{`}}- end {{`}}`}} is expected to fill up within four days. Currently {{`{{`}} $value | humanizePercentage {{`}}`}} is available.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubepersistentvolumefillingup
+        summary: PersistentVolume is filling up.
+      expr: |-
+        (
+          kubelet_volume_stats_available_bytes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}
+            /
+          kubelet_volume_stats_capacity_bytes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}
+        ) < 0.15
+        and
+        kubelet_volume_stats_used_bytes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"} > 0
+        and
+        predict_linear(kubelet_volume_stats_available_bytes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}[6h], 4 * 24 * 3600) < 0
+        unless on(namespace, persistentvolumeclaim)
+        kube_persistentvolumeclaim_access_mode{ access_mode="ReadOnlyMany"} == 1
+        unless on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, persistentvolumeclaim)
+        kube_persistentvolumeclaim_labels{label_excluded_from_alerts="true"} == 1
+      for: {{ dig "KubePersistentVolumeFillingUp" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubePersistentVolumeFillingUp" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubePersistentVolumeInodesFillingUp | default false) }}
+    - alert: KubePersistentVolumeInodesFillingUp
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage | indent 8 }}
+{{- end }}
+        description: The PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} {{`{{`}} with $labels.cluster -{{`}}`}} on Cluster {{`{{`}} . {{`}}`}} {{`{{`}}- end {{`}}`}} only has {{`{{`}} $value | humanizePercentage {{`}}`}} free inodes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubepersistentvolumeinodesfillingup
+        summary: PersistentVolumeInodes are filling up.
+      expr: |-
+        (
+          kubelet_volume_stats_inodes_free{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}
+            /
+          kubelet_volume_stats_inodes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}
+        ) < 0.03
+        and
+        kubelet_volume_stats_inodes_used{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"} > 0
+        unless on(namespace, persistentvolumeclaim)
+        kube_persistentvolumeclaim_access_mode{ access_mode="ReadOnlyMany"} == 1
+        unless on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, persistentvolumeclaim)
+        kube_persistentvolumeclaim_labels{label_excluded_from_alerts="true"} == 1
+      for: {{ dig "KubePersistentVolumeInodesFillingUp" "for" "1m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubePersistentVolumeInodesFillingUp" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubePersistentVolumeInodesFillingUp | default false) }}
+    - alert: KubePersistentVolumeInodesFillingUp
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage | indent 8 }}
+{{- end }}
+        description: Based on recent sampling, the PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} {{`{{`}} with $labels.cluster -{{`}}`}} on Cluster {{`{{`}} . {{`}}`}} {{`{{`}}- end {{`}}`}} is expected to run out of inodes within four days. Currently {{`{{`}} $value | humanizePercentage {{`}}`}} of its inodes are free.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubepersistentvolumeinodesfillingup
+        summary: PersistentVolumeInodes are filling up.
+      expr: |-
+        (
+          kubelet_volume_stats_inodes_free{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}
+            /
+          kubelet_volume_stats_inodes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}
+        ) < 0.15
+        and
+        kubelet_volume_stats_inodes_used{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"} > 0
+        and
+        predict_linear(kubelet_volume_stats_inodes_free{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}[6h], 4 * 24 * 3600) < 0
+        unless on(namespace, persistentvolumeclaim)
+        kube_persistentvolumeclaim_access_mode{ access_mode="ReadOnlyMany"} == 1
+        unless on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, persistentvolumeclaim)
+        kube_persistentvolumeclaim_labels{label_excluded_from_alerts="true"} == 1
+      for: {{ dig "KubePersistentVolumeInodesFillingUp" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubePersistentVolumeInodesFillingUp" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubePersistentVolumeErrors | default false) }}
+    - alert: KubePersistentVolumeErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage | indent 8 }}
+{{- end }}
+        description: The persistent volume {{`{{`}} $labels.persistentvolume {{`}}`}} {{`{{`}} with $labels.cluster -{{`}}`}} on Cluster {{`{{`}} . {{`}}`}} {{`{{`}}- end {{`}}`}} has status {{`{{`}} $labels.phase {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubepersistentvolumeerrors
+        summary: PersistentVolume is having issues with provisioning.
+      expr: kube_persistentvolume_status_phase{phase=~"Failed|Pending",job="{{ $kubeStateMetricsJob }}"} > 0
+      for: {{ dig "KubePersistentVolumeErrors" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubePersistentVolumeErrors" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml
new file mode 100644
index 0000000000..af34a23f88
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml
@@ -0,0 +1,193 @@
+{{- /*
+Generated from 'kubernetes-system-apiserver' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubernetesSystem }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-system-apiserver" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-system-apiserver
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubeClientCertificateExpiration | default false) }}
+    - alert: KubeClientCertificateExpiration
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: A client certificate used to authenticate to kubernetes apiserver is expiring in less than 7.0 days.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeclientcertificateexpiration
+        summary: Client certificate is about to expire.
+      expr: apiserver_client_certificate_expiration_seconds_count{job="apiserver"} > 0 and on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}job) histogram_quantile(0.01, sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}job, le) (rate(apiserver_client_certificate_expiration_seconds_bucket{job="apiserver"}[5m]))) < 604800
+      for: {{ dig "KubeClientCertificateExpiration" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeClientCertificateExpiration" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeClientCertificateExpiration | default false) }}
+    - alert: KubeClientCertificateExpiration
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: A client certificate used to authenticate to kubernetes apiserver is expiring in less than 24.0 hours.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeclientcertificateexpiration
+        summary: Client certificate is about to expire.
+      expr: apiserver_client_certificate_expiration_seconds_count{job="apiserver"} > 0 and on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}job) histogram_quantile(0.01, sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}job, le) (rate(apiserver_client_certificate_expiration_seconds_bucket{job="apiserver"}[5m]))) < 86400
+      for: {{ dig "KubeClientCertificateExpiration" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeClientCertificateExpiration" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeAggregatedAPIErrors | default false) }}
+    - alert: KubeAggregatedAPIErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Kubernetes aggregated API {{`{{`}} $labels.name {{`}}`}}/{{`{{`}} $labels.namespace {{`}}`}} has reported errors. It has appeared unavailable {{`{{`}} $value | humanize {{`}}`}} times averaged over the past 10m.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeaggregatedapierrors
+        summary: Kubernetes aggregated API has reported errors.
+      expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}name, namespace, cluster)(increase(aggregator_unavailable_apiservice_total{job="apiserver"}[10m])) > 4
+      labels:
+        severity: {{ dig "KubeAggregatedAPIErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeAggregatedAPIDown | default false) }}
+    - alert: KubeAggregatedAPIDown
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Kubernetes aggregated API {{`{{`}} $labels.name {{`}}`}}/{{`{{`}} $labels.namespace {{`}}`}} has been only {{`{{`}} $value | humanize {{`}}`}}% available over the last 10m.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeaggregatedapidown
+        summary: Kubernetes aggregated API is down.
+      expr: (1 - max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}name, namespace, cluster)(avg_over_time(aggregator_unavailable_apiservice{job="apiserver"}[10m]))) * 100 < 85
+      for: {{ dig "KubeAggregatedAPIDown" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeAggregatedAPIDown" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if .Values.kubeApiServer.enabled }}
+{{- if not (.Values.defaultRules.disabled.KubeAPIDown | default false) }}
+    - alert: KubeAPIDown
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: KubeAPI has disappeared from Prometheus target discovery.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeapidown
+        summary: Target disappeared from Prometheus target discovery.
+      expr: absent(up{job="apiserver"} == 1)
+      for: {{ dig "KubeAPIDown" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeAPIDown" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeAPITerminatedRequests | default false) }}
+    - alert: KubeAPITerminatedRequests
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: The kubernetes apiserver has terminated {{`{{`}} $value | humanizePercentage {{`}}`}} of its incoming requests.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeapiterminatedrequests
+        summary: The kubernetes apiserver has terminated {{`{{`}} $value | humanizePercentage {{`}}`}} of its incoming requests.
+      expr: sum(rate(apiserver_request_terminations_total{job="apiserver"}[10m]))  / (  sum(rate(apiserver_request_total{job="apiserver"}[10m])) + sum(rate(apiserver_request_terminations_total{job="apiserver"}[10m])) ) > 0.20
+      for: {{ dig "KubeAPITerminatedRequests" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeAPITerminatedRequests" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml
new file mode 100644
index 0000000000..205bd59800
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml
@@ -0,0 +1,55 @@
+{{- /*
+Generated from 'kubernetes-system-controller-manager' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubeControllerManager }}
+{{- if (include "exporter.kubeControllerManager.enabled" .)}}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-system-controller-manager" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-system-controller-manager
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubeControllerManagerDown | default false) }}
+    - alert: KubeControllerManagerDown
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeControllerManager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeControllerManager | indent 8 }}
+{{- end }}
+        description: KubeControllerManager has disappeared from Prometheus target discovery.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubecontrollermanagerdown
+        summary: Target disappeared from Prometheus target discovery.
+      expr: absent(up{job="{{ include "exporter.kubeControllerManager.jobName" . }}"} == 1)
+      for: 15m
+      labels:
+        severity: {{ dig "KubeControllerManagerDown" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeControllerManager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeControllerManager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-kube-proxy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-kube-proxy.yaml
new file mode 100644
index 0000000000..66b1d62001
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-kube-proxy.yaml
@@ -0,0 +1,56 @@
+{{- /*
+Generated from 'kubernetes-system-kube-proxy' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/main/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubeProxy }}
+{{- if (include "exporter.kubeProxy.enabled" .)}}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-system-kube-proxy" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-system-kube-proxy
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubeProxyDown | default false) }}
+    - alert: KubeProxyDown
+      annotations:
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupAnnotations.kubeProxy }}
+        {{- with .Values.defaultRules.additionalRuleAnnotations }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupAnnotations.kubeProxy }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+        description: KubeProxy has disappeared from Prometheus target discovery.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeproxydown
+        summary: Target disappeared from Prometheus target discovery.
+      expr: absent(up{job="{{ include "exporter.kubeProxy.jobName" . }}"} == 1)
+      for: 15m
+      labels:
+        severity: {{ dig "KubeProxyDown" "labelsSeverity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeProxy }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeProxy }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml
new file mode 100644
index 0000000000..2a55676735
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml
@@ -0,0 +1,379 @@
+{{- /*
+Generated from 'kubernetes-system-kubelet' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubernetesSystem }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-system-kubelet" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-system-kubelet
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubeNodeNotReady | default false) }}
+    - alert: KubeNodeNotReady
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $labels.node {{`}}`}} has been unready for more than 15 minutes.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubenodenotready
+        summary: Node is not ready.
+      expr: kube_node_status_condition{job="{{ $kubeStateMetricsJob }}",condition="Ready",status="true"} == 0
+      for: {{ dig "KubeNodeNotReady" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeNodeNotReady" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeNodeUnreachable | default false) }}
+    - alert: KubeNodeUnreachable
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $labels.node {{`}}`}} is unreachable and some workloads may be rescheduled.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubenodeunreachable
+        summary: Node is unreachable.
+      expr: (kube_node_spec_taint{job="{{ $kubeStateMetricsJob }}",key="node.kubernetes.io/unreachable",effect="NoSchedule"} unless ignoring(key,value) kube_node_spec_taint{job="{{ $kubeStateMetricsJob }}",key=~"ToBeDeletedByClusterAutoscaler|cloud.google.com/impending-node-termination|aws-node-termination-handler/spot-itn"}) == 1
+      for: {{ dig "KubeNodeUnreachable" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeNodeUnreachable" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletTooManyPods | default false) }}
+    - alert: KubeletTooManyPods
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Kubelet '{{`{{`}} $labels.node {{`}}`}}' is running at {{`{{`}} $value | humanizePercentage {{`}}`}} of its Pod capacity.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubelettoomanypods
+        summary: Kubelet is running at capacity.
+      expr: |-
+        count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, node) (
+          (kube_pod_status_phase{job="{{ $kubeStateMetricsJob }}",phase="Running"} == 1) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}instance,pod,namespace,cluster) group_left(node) topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}instance,pod,namespace,cluster) (1, kube_pod_info{job="{{ $kubeStateMetricsJob }}"})
+        )
+        /
+        max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, node) (
+          kube_node_status_capacity{job="{{ $kubeStateMetricsJob }}",resource="pods"} != 1
+        ) > 0.95
+      for: {{ dig "KubeletTooManyPods" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeletTooManyPods" "severity" "info" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeNodeReadinessFlapping | default false) }}
+    - alert: KubeNodeReadinessFlapping
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: The readiness status of node {{`{{`}} $labels.node {{`}}`}} has changed {{`{{`}} $value {{`}}`}} times in the last 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubenodereadinessflapping
+        summary: Node readiness status is flapping.
+      expr: sum(changes(kube_node_status_condition{job="{{ $kubeStateMetricsJob }}",status="true",condition="Ready"}[15m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, node) > 2
+      for: {{ dig "KubeNodeReadinessFlapping" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeNodeReadinessFlapping" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletPlegDurationHigh | default false) }}
+    - alert: KubeletPlegDurationHigh
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: The Kubelet Pod Lifecycle Event Generator has a 99th percentile duration of {{`{{`}} $value {{`}}`}} seconds on node {{`{{`}} $labels.node {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletplegdurationhigh
+        summary: Kubelet Pod Lifecycle Event Generator is taking too long to relist.
+      expr: node_quantile:kubelet_pleg_relist_duration_seconds:histogram_quantile{quantile="0.99"} >= 10
+      for: {{ dig "KubeletPlegDurationHigh" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeletPlegDurationHigh" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletPodStartUpLatencyHigh | default false) }}
+    - alert: KubeletPodStartUpLatencyHigh
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Kubelet Pod startup 99th percentile latency is {{`{{`}} $value {{`}}`}} seconds on node {{`{{`}} $labels.node {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletpodstartuplatencyhigh
+        summary: Kubelet Pod startup latency is too high.
+      expr: histogram_quantile(0.99, sum(rate(kubelet_pod_worker_duration_seconds_bucket{job="{{ include "exporter.kubelet.jobName" . }}", metrics_path="/metrics"}[5m])) by (cluster, instance, le)) * on(cluster, instance) group_left(node) kubelet_node_name{job="{{ include "exporter.kubelet.jobName" . }}", metrics_path="/metrics"} > 60
+      for: 15m
+      labels:
+        severity: {{ dig "KubeletPodStartUpLatencyHigh" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletClientCertificateExpiration | default false) }}
+    - alert: KubeletClientCertificateExpiration
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Client certificate for Kubelet on node {{`{{`}} $labels.node {{`}}`}} expires in {{`{{`}} $value | humanizeDuration {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletclientcertificateexpiration
+        summary: Kubelet client certificate is about to expire.
+      expr: kubelet_certificate_manager_client_ttl_seconds < 604800
+      labels:
+        severity: {{ dig "KubeletClientCertificateExpiration" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletClientCertificateExpiration | default false) }}
+    - alert: KubeletClientCertificateExpiration
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Client certificate for Kubelet on node {{`{{`}} $labels.node {{`}}`}} expires in {{`{{`}} $value | humanizeDuration {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletclientcertificateexpiration
+        summary: Kubelet client certificate is about to expire.
+      expr: kubelet_certificate_manager_client_ttl_seconds < 86400
+      labels:
+        severity: {{ dig "KubeletClientCertificateExpiration" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletServerCertificateExpiration | default false) }}
+    - alert: KubeletServerCertificateExpiration
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Server certificate for Kubelet on node {{`{{`}} $labels.node {{`}}`}} expires in {{`{{`}} $value | humanizeDuration {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletservercertificateexpiration
+        summary: Kubelet server certificate is about to expire.
+      expr: kubelet_certificate_manager_server_ttl_seconds < 604800
+      labels:
+        severity: {{ dig "KubeletServerCertificateExpiration" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletServerCertificateExpiration | default false) }}
+    - alert: KubeletServerCertificateExpiration
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Server certificate for Kubelet on node {{`{{`}} $labels.node {{`}}`}} expires in {{`{{`}} $value | humanizeDuration {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletservercertificateexpiration
+        summary: Kubelet server certificate is about to expire.
+      expr: kubelet_certificate_manager_server_ttl_seconds < 86400
+      labels:
+        severity: {{ dig "KubeletServerCertificateExpiration" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletClientCertificateRenewalErrors | default false) }}
+    - alert: KubeletClientCertificateRenewalErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Kubelet on node {{`{{`}} $labels.node {{`}}`}} has failed to renew its client certificate ({{`{{`}} $value | humanize {{`}}`}} errors in the last 5 minutes).
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletclientcertificaterenewalerrors
+        summary: Kubelet has failed to renew its client certificate.
+      expr: increase(kubelet_certificate_manager_client_expiration_renew_errors[5m]) > 0
+      for: {{ dig "KubeletClientCertificateRenewalErrors" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeletClientCertificateRenewalErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletServerCertificateRenewalErrors | default false) }}
+    - alert: KubeletServerCertificateRenewalErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Kubelet on node {{`{{`}} $labels.node {{`}}`}} has failed to renew its server certificate ({{`{{`}} $value | humanize {{`}}`}} errors in the last 5 minutes).
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletservercertificaterenewalerrors
+        summary: Kubelet has failed to renew its server certificate.
+      expr: increase(kubelet_server_expiration_renew_errors[5m]) > 0
+      for: {{ dig "KubeletServerCertificateRenewalErrors" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeletServerCertificateRenewalErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if (include "exporter.kubelet.enabled" .)}}
+{{- if not (.Values.defaultRules.disabled.KubeletDown | default false) }}
+    - alert: KubeletDown
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Kubelet has disappeared from Prometheus target discovery.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletdown
+        summary: Target disappeared from Prometheus target discovery.
+      expr: absent(up{job="{{ include "exporter.kubelet.jobName" . }}", metrics_path="/metrics"} == 1)
+      for: 15m
+      labels:
+        severity: {{ dig "KubeletDown" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml
new file mode 100644
index 0000000000..9890b1c959
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml
@@ -0,0 +1,54 @@
+{{- /*
+Generated from 'kubernetes-system-scheduler' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.kubeScheduler.enabled .Values.defaultRules.rules.kubeSchedulerAlerting }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-system-scheduler" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-system-scheduler
+    rules:
+{{- if .Values.kubeScheduler.enabled }}
+{{- if not (.Values.defaultRules.disabled.KubeSchedulerDown | default false) }}
+    - alert: KubeSchedulerDown
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeSchedulerAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeSchedulerAlerting | indent 8 }}
+{{- end }}
+        description: KubeScheduler has disappeared from Prometheus target discovery.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeschedulerdown
+        summary: Target disappeared from Prometheus target discovery.
+      expr: absent(up{job="{{ include "exporter.kubeScheduler.jobName" . }}"} == 1)
+      for: 15m
+      labels:
+        severity: {{ dig "KubeSchedulerDown" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system.yaml
new file mode 100644
index 0000000000..621326d0ad
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system.yaml
@@ -0,0 +1,87 @@
+{{- /*
+Generated from 'kubernetes-system' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubernetesSystem }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-system" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-system
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubeVersionMismatch | default false) }}
+    - alert: KubeVersionMismatch
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: There are {{`{{`}} $value {{`}}`}} different semantic versions of Kubernetes components running.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeversionmismatch
+        summary: Different semantic versions of Kubernetes components running.
+      expr: count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}git_version, cluster) (label_replace(kubernetes_build_info{job!~"kube-dns|coredns"},"git_version","$1","git_version","(v[0-9]*.[0-9]*).*"))) > 1
+      for: {{ dig "KubeVersionMismatch" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeVersionMismatch" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeClientErrors | default false) }}
+    - alert: KubeClientErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Kubernetes API server client '{{`{{`}} $labels.job {{`}}`}}/{{`{{`}} $labels.instance {{`}}`}}' is experiencing {{`{{`}} $value | humanizePercentage {{`}}`}} errors.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeclienterrors
+        summary: Kubernetes API server client is experiencing errors.
+      expr: |-
+        (sum(rate(rest_client_requests_total{job="apiserver",code=~"5.."}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance, job, namespace)
+          /
+        sum(rate(rest_client_requests_total{job="apiserver"}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance, job, namespace))
+        > 0.01
+      for: {{ dig "KubeClientErrors" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeClientErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/node-exporter.rules.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/node-exporter.rules.yaml
new file mode 100644
index 0000000000..5d4711ae08
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/node-exporter.rules.yaml
@@ -0,0 +1,188 @@
+{{- /*
+Generated from 'node-exporter.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/nodeExporter-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.nodeExporterRecording }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "node-exporter.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: node-exporter.rules
+    rules:
+    - expr: |-
+        count without (cpu, mode) (
+          node_cpu_seconds_total{job="node-exporter",mode="idle"}
+        )
+      record: instance:node_num_cpu:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        1 - avg without (cpu) (
+          sum without (mode) (rate(node_cpu_seconds_total{job="node-exporter", mode=~"idle|iowait|steal"}[5m]))
+        )
+      record: instance:node_cpu_utilisation:rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        (
+          node_load1{job="node-exporter"}
+        /
+          instance:node_num_cpu:sum{job="node-exporter"}
+        )
+      record: instance:node_load1_per_cpu:ratio
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        1 - (
+          (
+            node_memory_MemAvailable_bytes{job="node-exporter"}
+            or
+            (
+              node_memory_Buffers_bytes{job="node-exporter"}
+              +
+              node_memory_Cached_bytes{job="node-exporter"}
+              +
+              node_memory_MemFree_bytes{job="node-exporter"}
+              +
+              node_memory_Slab_bytes{job="node-exporter"}
+            )
+          )
+        /
+          node_memory_MemTotal_bytes{job="node-exporter"}
+        )
+      record: instance:node_memory_utilisation:ratio
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: rate(node_vmstat_pgmajfault{job="node-exporter"}[5m])
+      record: instance:node_vmstat_pgmajfault:rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: rate(node_disk_io_time_seconds_total{job="node-exporter", device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"}[5m])
+      record: instance_device:node_disk_io_time_seconds:rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: rate(node_disk_io_time_weighted_seconds_total{job="node-exporter", device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"}[5m])
+      record: instance_device:node_disk_io_time_weighted_seconds:rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum without (device) (
+          rate(node_network_receive_bytes_total{job="node-exporter", device!="lo"}[5m])
+        )
+      record: instance:node_network_receive_bytes_excluding_lo:rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum without (device) (
+          rate(node_network_transmit_bytes_total{job="node-exporter", device!="lo"}[5m])
+        )
+      record: instance:node_network_transmit_bytes_excluding_lo:rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum without (device) (
+          rate(node_network_receive_drop_total{job="node-exporter", device!="lo"}[5m])
+        )
+      record: instance:node_network_receive_drop_excluding_lo:rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum without (device) (
+          rate(node_network_transmit_drop_total{job="node-exporter", device!="lo"}[5m])
+        )
+      record: instance:node_network_transmit_drop_excluding_lo:rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/node-exporter.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/node-exporter.yaml
new file mode 100644
index 0000000000..14738cedfa
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/node-exporter.yaml
@@ -0,0 +1,801 @@
+{{- /*
+Generated from 'node-exporter' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/nodeExporter-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.nodeExporterAlerting }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "node-exporter" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: node-exporter
+    rules:
+{{- if not (.Values.defaultRules.disabled.NodeFilesystemSpaceFillingUp | default false) }}
+    - alert: NodeFilesystemSpaceFillingUp
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available space left and is filling up.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefilesystemspacefillingup
+        summary: Filesystem is predicted to run out of space within the next 24 hours.
+      expr: |-
+        (
+          node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_size_bytes{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 15
+        and
+          predict_linear(node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""}[6h], 24*60*60) < 0
+        and
+          node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0
+        )
+      for: {{ dig "NodeFilesystemSpaceFillingUp" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFilesystemSpaceFillingUp" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFilesystemSpaceFillingUp | default false) }}
+    - alert: NodeFilesystemSpaceFillingUp
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available space left and is filling up fast.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefilesystemspacefillingup
+        summary: Filesystem is predicted to run out of space within the next 4 hours.
+      expr: |-
+        (
+          node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_size_bytes{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 10
+        and
+          predict_linear(node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""}[6h], 4*60*60) < 0
+        and
+          node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0
+        )
+      for: {{ dig "NodeFilesystemSpaceFillingUp" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFilesystemSpaceFillingUp" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFilesystemAlmostOutOfSpace | default false) }}
+    - alert: NodeFilesystemAlmostOutOfSpace
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available space left.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefilesystemalmostoutofspace
+        summary: Filesystem has less than 5% space left.
+      expr: |-
+        (
+          node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_size_bytes{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 5
+        and
+          node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0
+        )
+      for: {{ dig "NodeFilesystemAlmostOutOfSpace" "for" "30m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFilesystemAlmostOutOfSpace" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFilesystemAlmostOutOfSpace | default false) }}
+    - alert: NodeFilesystemAlmostOutOfSpace
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available space left.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefilesystemalmostoutofspace
+        summary: Filesystem has less than 3% space left.
+      expr: |-
+        (
+          node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_size_bytes{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 3
+        and
+          node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0
+        )
+      for: {{ dig "NodeFilesystemAlmostOutOfSpace" "for" "30m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFilesystemAlmostOutOfSpace" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFilesystemFilesFillingUp | default false) }}
+    - alert: NodeFilesystemFilesFillingUp
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available inodes left and is filling up.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefilesystemfilesfillingup
+        summary: Filesystem is predicted to run out of inodes within the next 24 hours.
+      expr: |-
+        (
+          node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_files{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 40
+        and
+          predict_linear(node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""}[6h], 24*60*60) < 0
+        and
+          node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0
+        )
+      for: {{ dig "NodeFilesystemFilesFillingUp" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFilesystemFilesFillingUp" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFilesystemFilesFillingUp | default false) }}
+    - alert: NodeFilesystemFilesFillingUp
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available inodes left and is filling up fast.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefilesystemfilesfillingup
+        summary: Filesystem is predicted to run out of inodes within the next 4 hours.
+      expr: |-
+        (
+          node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_files{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 20
+        and
+          predict_linear(node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""}[6h], 4*60*60) < 0
+        and
+          node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0
+        )
+      for: {{ dig "NodeFilesystemFilesFillingUp" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFilesystemFilesFillingUp" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFilesystemAlmostOutOfFiles | default false) }}
+    - alert: NodeFilesystemAlmostOutOfFiles
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available inodes left.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefilesystemalmostoutoffiles
+        summary: Filesystem has less than 5% inodes left.
+      expr: |-
+        (
+          node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_files{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 5
+        and
+          node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0
+        )
+      for: {{ dig "NodeFilesystemAlmostOutOfFiles" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFilesystemAlmostOutOfFiles" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFilesystemAlmostOutOfFiles | default false) }}
+    - alert: NodeFilesystemAlmostOutOfFiles
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available inodes left.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefilesystemalmostoutoffiles
+        summary: Filesystem has less than 3% inodes left.
+      expr: |-
+        (
+          node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_files{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 3
+        and
+          node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0
+        )
+      for: {{ dig "NodeFilesystemAlmostOutOfFiles" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFilesystemAlmostOutOfFiles" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeNetworkReceiveErrs | default false) }}
+    - alert: NodeNetworkReceiveErrs
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $labels.instance {{`}}`}} interface {{`{{`}} $labels.device {{`}}`}} has encountered {{`{{`}} printf "%.0f" $value {{`}}`}} receive errors in the last two minutes.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodenetworkreceiveerrs
+        summary: Network interface is reporting many receive errors.
+      expr: rate(node_network_receive_errs_total{job="node-exporter"}[2m]) / rate(node_network_receive_packets_total{job="node-exporter"}[2m]) > 0.01
+      for: {{ dig "NodeNetworkReceiveErrs" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeNetworkReceiveErrs" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeNetworkTransmitErrs | default false) }}
+    - alert: NodeNetworkTransmitErrs
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $labels.instance {{`}}`}} interface {{`{{`}} $labels.device {{`}}`}} has encountered {{`{{`}} printf "%.0f" $value {{`}}`}} transmit errors in the last two minutes.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodenetworktransmiterrs
+        summary: Network interface is reporting many transmit errors.
+      expr: rate(node_network_transmit_errs_total{job="node-exporter"}[2m]) / rate(node_network_transmit_packets_total{job="node-exporter"}[2m]) > 0.01
+      for: {{ dig "NodeNetworkTransmitErrs" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeNetworkTransmitErrs" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeHighNumberConntrackEntriesUsed | default false) }}
+    - alert: NodeHighNumberConntrackEntriesUsed
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $value | humanizePercentage {{`}}`}} of conntrack entries are used.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodehighnumberconntrackentriesused
+        summary: Number of conntrack are getting close to the limit.
+      expr: (node_nf_conntrack_entries{job="node-exporter"} / node_nf_conntrack_entries_limit) > 0.75
+      labels:
+        severity: {{ dig "NodeHighNumberConntrackEntriesUsed" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeTextFileCollectorScrapeError | default false) }}
+    - alert: NodeTextFileCollectorScrapeError
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Node Exporter text file collector on {{`{{`}} $labels.instance {{`}}`}} failed to scrape.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodetextfilecollectorscrapeerror
+        summary: Node Exporter text file collector failed to scrape.
+      expr: node_textfile_scrape_error{job="node-exporter"} == 1
+      labels:
+        severity: {{ dig "NodeTextFileCollectorScrapeError" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeClockSkewDetected | default false) }}
+    - alert: NodeClockSkewDetected
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Clock at {{`{{`}} $labels.instance {{`}}`}} is out of sync by more than 0.05s. Ensure NTP is configured correctly on this host.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodeclockskewdetected
+        summary: Clock skew detected.
+      expr: |-
+        (
+          node_timex_offset_seconds{job="node-exporter"} > 0.05
+        and
+          deriv(node_timex_offset_seconds{job="node-exporter"}[5m]) >= 0
+        )
+        or
+        (
+          node_timex_offset_seconds{job="node-exporter"} < -0.05
+        and
+          deriv(node_timex_offset_seconds{job="node-exporter"}[5m]) <= 0
+        )
+      for: {{ dig "NodeClockSkewDetected" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeClockSkewDetected" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeClockNotSynchronising | default false) }}
+    - alert: NodeClockNotSynchronising
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Clock at {{`{{`}} $labels.instance {{`}}`}} is not synchronising. Ensure NTP is configured on this host.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodeclocknotsynchronising
+        summary: Clock not synchronising.
+      expr: |-
+        min_over_time(node_timex_sync_status{job="node-exporter"}[5m]) == 0
+        and
+        node_timex_maxerror_seconds{job="node-exporter"} >= 16
+      for: {{ dig "NodeClockNotSynchronising" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeClockNotSynchronising" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeRAIDDegraded | default false) }}
+    - alert: NodeRAIDDegraded
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: RAID array '{{`{{`}} $labels.device {{`}}`}}' at {{`{{`}} $labels.instance {{`}}`}} is in degraded state due to one or more disks failures. Number of spare drives is insufficient to fix issue automatically.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/noderaiddegraded
+        summary: RAID Array is degraded.
+      expr: node_md_disks_required{job="node-exporter",device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"} - ignoring (state) (node_md_disks{state="active",job="node-exporter",device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"}) > 0
+      for: {{ dig "NodeRAIDDegraded" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeRAIDDegraded" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeRAIDDiskFailure | default false) }}
+    - alert: NodeRAIDDiskFailure
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: At least one device in RAID array at {{`{{`}} $labels.instance {{`}}`}} failed. Array '{{`{{`}} $labels.device {{`}}`}}' needs attention and possibly a disk swap.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/noderaiddiskfailure
+        summary: Failed device in RAID array.
+      expr: node_md_disks{state="failed",job="node-exporter",device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"} > 0
+      labels:
+        severity: {{ dig "NodeRAIDDiskFailure" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFileDescriptorLimit | default false) }}
+    - alert: NodeFileDescriptorLimit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: File descriptors limit at {{`{{`}} $labels.instance {{`}}`}} is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}%.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefiledescriptorlimit
+        summary: Kernel is predicted to exhaust file descriptors limit soon.
+      expr: |-
+        (
+          node_filefd_allocated{job="node-exporter"} * 100 / node_filefd_maximum{job="node-exporter"} > 70
+        )
+      for: {{ dig "NodeFileDescriptorLimit" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFileDescriptorLimit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFileDescriptorLimit | default false) }}
+    - alert: NodeFileDescriptorLimit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: File descriptors limit at {{`{{`}} $labels.instance {{`}}`}} is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}%.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefiledescriptorlimit
+        summary: Kernel is predicted to exhaust file descriptors limit soon.
+      expr: |-
+        (
+          node_filefd_allocated{job="node-exporter"} * 100 / node_filefd_maximum{job="node-exporter"} > 90
+        )
+      for: {{ dig "NodeFileDescriptorLimit" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFileDescriptorLimit" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeCPUHighUsage | default false) }}
+    - alert: NodeCPUHighUsage
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: 'CPU usage at {{`{{`}} $labels.instance {{`}}`}} has been above 90% for the last 15 minutes, is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}%.
+
+          '
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodecpuhighusage
+        summary: High CPU usage.
+      expr: sum without(mode) (avg without (cpu) (rate(node_cpu_seconds_total{job="node-exporter", mode!="idle"}[2m]))) * 100 > 90
+      for: {{ dig "NodeCPUHighUsage" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeCPUHighUsage" "severity" "info" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeSystemSaturation | default false) }}
+    - alert: NodeSystemSaturation
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: 'System load per core at {{`{{`}} $labels.instance {{`}}`}} has been above 2 for the last 15 minutes, is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}.
+
+          This might indicate this instance resources saturation and can cause it becoming unresponsive.
+
+          '
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodesystemsaturation
+        summary: System saturated, load per core is very high.
+      expr: |-
+        node_load1{job="node-exporter"}
+        / count without (cpu, mode) (node_cpu_seconds_total{job="node-exporter", mode="idle"}) > 2
+      for: {{ dig "NodeSystemSaturation" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeSystemSaturation" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeMemoryMajorPagesFaults | default false) }}
+    - alert: NodeMemoryMajorPagesFaults
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: 'Memory major pages are occurring at very high rate at {{`{{`}} $labels.instance {{`}}`}}, 500 major page faults per second for the last 15 minutes, is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}.
+
+          Please check that there is enough memory available at this instance.
+
+          '
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodememorymajorpagesfaults
+        summary: Memory major page faults are occurring at very high rate.
+      expr: rate(node_vmstat_pgmajfault{job="node-exporter"}[5m]) > 500
+      for: {{ dig "NodeMemoryMajorPagesFaults" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeMemoryMajorPagesFaults" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeMemoryHighUtilization | default false) }}
+    - alert: NodeMemoryHighUtilization
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: 'Memory is filling up at {{`{{`}} $labels.instance {{`}}`}}, has been above 90% for the last 15 minutes, is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}%.
+
+          '
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodememoryhighutilization
+        summary: Host is running out of memory.
+      expr: 100 - (node_memory_MemAvailable_bytes{job="node-exporter"} / node_memory_MemTotal_bytes{job="node-exporter"} * 100) > 90
+      for: {{ dig "NodeMemoryHighUtilization" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeMemoryHighUtilization" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeDiskIOSaturation | default false) }}
+    - alert: NodeDiskIOSaturation
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: 'Disk IO queue (aqu-sq) is high on {{`{{`}} $labels.device {{`}}`}} at {{`{{`}} $labels.instance {{`}}`}}, has been above 10 for the last 30 minutes, is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}.
+
+          This symptom might indicate disk saturation.
+
+          '
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodediskiosaturation
+        summary: Disk IO queue is high.
+      expr: rate(node_disk_io_time_weighted_seconds_total{job="node-exporter", device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"}[5m]) > 10
+      for: {{ dig "NodeDiskIOSaturation" "for" "30m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeDiskIOSaturation" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeSystemdServiceFailed | default false) }}
+    - alert: NodeSystemdServiceFailed
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Systemd service {{`{{`}} $labels.name {{`}}`}} has entered failed state at {{`{{`}} $labels.instance {{`}}`}}
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodesystemdservicefailed
+        summary: Systemd service has entered failed state.
+      expr: node_systemd_unit_state{job="node-exporter", state="failed"} == 1
+      for: {{ dig "NodeSystemdServiceFailed" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeSystemdServiceFailed" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeBondingDegraded | default false) }}
+    - alert: NodeBondingDegraded
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Bonding interface {{`{{`}} $labels.master {{`}}`}} on {{`{{`}} $labels.instance {{`}}`}} is in degraded state due to one or more slave failures.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodebondingdegraded
+        summary: Bonding interface is degraded
+      expr: (node_bonding_slaves - node_bonding_active) != 0
+      for: {{ dig "NodeBondingDegraded" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeBondingDegraded" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/node-network.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/node-network.yaml
new file mode 100644
index 0000000000..8dc60ef66b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/node-network.yaml
@@ -0,0 +1,55 @@
+{{- /*
+Generated from 'node-network' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubePrometheus-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.network }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "node-network" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: node-network
+    rules:
+{{- if not (.Values.defaultRules.disabled.NodeNetworkInterfaceFlapping | default false) }}
+    - alert: NodeNetworkInterfaceFlapping
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.network }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.network | indent 8 }}
+{{- end }}
+        description: Network interface "{{`{{`}} $labels.device {{`}}`}}" changing its up status often on node-exporter {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}}
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/general/nodenetworkinterfaceflapping
+        summary: Network interface is often changing its status
+      expr: changes(node_network_up{job="node-exporter",device!~"veth.+"}[2m]) > 2
+      for: {{ dig "NodeNetworkInterfaceFlapping" "for" "2m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeNetworkInterfaceFlapping" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.network }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.network }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/node.rules.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/node.rules.yaml
new file mode 100644
index 0000000000..e2911b905e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/node.rules.yaml
@@ -0,0 +1,109 @@
+{{- /*
+Generated from 'node.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.node }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "node.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: node.rules
+    rules:
+    - expr: |-
+        topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) (1,
+          max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, node, namespace, pod) (
+            label_replace(kube_pod_info{job="{{ $kubeStateMetricsJob }}",node!=""}, "pod", "$1", "pod", "(.*)")
+        ))
+      record: 'node_namespace_pod:kube_pod_info:'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.node }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.node }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, node) (
+          node_cpu_seconds_total{mode="idle",job="node-exporter"}
+          * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) group_left(node)
+          topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) (1, node_namespace_pod:kube_pod_info:)
+        )
+      record: node:node_num_cpu:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.node }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.node }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum(
+          node_memory_MemAvailable_bytes{job="node-exporter"} or
+          (
+            node_memory_Buffers_bytes{job="node-exporter"} +
+            node_memory_Cached_bytes{job="node-exporter"} +
+            node_memory_MemFree_bytes{job="node-exporter"} +
+            node_memory_Slab_bytes{job="node-exporter"}
+          )
+        ) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)
+      record: :node_memory_MemAvailable_bytes:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.node }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.node }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        avg by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, node) (
+          sum without (mode) (
+            rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal",job="node-exporter"}[5m])
+          )
+        )
+      record: node:node_cpu_utilization:ratio_rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.node }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.node }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        avg by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (
+          node:node_cpu_utilization:ratio_rate5m
+        )
+      record: cluster:node_cpu:ratio_rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.node }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.node }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/prometheus-operator.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/prometheus-operator.yaml
new file mode 100644
index 0000000000..1f288dffe3
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/prometheus-operator.yaml
@@ -0,0 +1,253 @@
+{{- /*
+Generated from 'prometheus-operator' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/prometheusOperator-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.prometheusOperator }}
+{{- $operatorJob := printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "operator" }}
+{{- $namespace := printf "%s" (include "kube-prometheus-stack.namespace" .) }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "prometheus-operator" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: prometheus-operator
+    rules:
+{{- if not (.Values.defaultRules.disabled.PrometheusOperatorListErrors | default false) }}
+    - alert: PrometheusOperatorListErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator | indent 8 }}
+{{- end }}
+        description: Errors while performing List operations in controller {{`{{`}}$labels.controller{{`}}`}} in {{`{{`}}$labels.namespace{{`}}`}} namespace.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/prometheusoperatorlisterrors
+        summary: Errors while performing list operations in controller.
+      expr: (sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (rate(prometheus_operator_list_operations_failed_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[10m])) / sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (rate(prometheus_operator_list_operations_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[10m]))) > 0.4
+      for: {{ dig "PrometheusOperatorListErrors" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOperatorListErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusOperatorWatchErrors | default false) }}
+    - alert: PrometheusOperatorWatchErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator | indent 8 }}
+{{- end }}
+        description: Errors while performing watch operations in controller {{`{{`}}$labels.controller{{`}}`}} in {{`{{`}}$labels.namespace{{`}}`}} namespace.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/prometheusoperatorwatcherrors
+        summary: Errors while performing watch operations in controller.
+      expr: (sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (rate(prometheus_operator_watch_operations_failed_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m])) / sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (rate(prometheus_operator_watch_operations_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]))) > 0.4
+      for: {{ dig "PrometheusOperatorWatchErrors" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOperatorWatchErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusOperatorSyncFailed | default false) }}
+    - alert: PrometheusOperatorSyncFailed
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator | indent 8 }}
+{{- end }}
+        description: Controller {{`{{`}} $labels.controller {{`}}`}} in {{`{{`}} $labels.namespace {{`}}`}} namespace fails to reconcile {{`{{`}} $value {{`}}`}} objects.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/prometheusoperatorsyncfailed
+        summary: Last controller reconciliation failed
+      expr: min_over_time(prometheus_operator_syncs{status="failed",job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusOperatorSyncFailed" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOperatorSyncFailed" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusOperatorReconcileErrors | default false) }}
+    - alert: PrometheusOperatorReconcileErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $value | humanizePercentage {{`}}`}} of reconciling operations failed for {{`{{`}} $labels.controller {{`}}`}} controller in {{`{{`}} $labels.namespace {{`}}`}} namespace.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/prometheusoperatorreconcileerrors
+        summary: Errors while reconciling objects.
+      expr: (sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (rate(prometheus_operator_reconcile_errors_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]))) / (sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (rate(prometheus_operator_reconcile_operations_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]))) > 0.1
+      for: {{ dig "PrometheusOperatorReconcileErrors" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOperatorReconcileErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusOperatorStatusUpdateErrors | default false) }}
+    - alert: PrometheusOperatorStatusUpdateErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $value | humanizePercentage {{`}}`}} of status update operations failed for {{`{{`}} $labels.controller {{`}}`}} controller in {{`{{`}} $labels.namespace {{`}}`}} namespace.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/prometheusoperatorstatusupdateerrors
+        summary: Errors while updating objects status.
+      expr: (sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (rate(prometheus_operator_status_update_errors_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]))) / (sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (rate(prometheus_operator_status_update_operations_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]))) > 0.1
+      for: {{ dig "PrometheusOperatorStatusUpdateErrors" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOperatorStatusUpdateErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusOperatorNodeLookupErrors | default false) }}
+    - alert: PrometheusOperatorNodeLookupErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator | indent 8 }}
+{{- end }}
+        description: Errors while reconciling Prometheus in {{`{{`}} $labels.namespace {{`}}`}} Namespace.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/prometheusoperatornodelookuperrors
+        summary: Errors while reconciling Prometheus.
+      expr: rate(prometheus_operator_node_address_lookup_errors_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]) > 0.1
+      for: {{ dig "PrometheusOperatorNodeLookupErrors" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOperatorNodeLookupErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusOperatorNotReady | default false) }}
+    - alert: PrometheusOperatorNotReady
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator | indent 8 }}
+{{- end }}
+        description: Prometheus operator in {{`{{`}} $labels.namespace {{`}}`}} namespace isn't ready to reconcile {{`{{`}} $labels.controller {{`}}`}} resources.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/prometheusoperatornotready
+        summary: Prometheus operator not ready
+      expr: min by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (max_over_time(prometheus_operator_ready{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]) == 0)
+      for: {{ dig "PrometheusOperatorNotReady" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOperatorNotReady" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusOperatorRejectedResources | default false) }}
+    - alert: PrometheusOperatorRejectedResources
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator | indent 8 }}
+{{- end }}
+        description: Prometheus operator in {{`{{`}} $labels.namespace {{`}}`}} namespace rejected {{`{{`}} printf "%0.0f" $value {{`}}`}} {{`{{`}} $labels.controller {{`}}`}}/{{`{{`}} $labels.resource {{`}}`}} resources.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/prometheusoperatorrejectedresources
+        summary: Resources rejected by Prometheus operator
+      expr: min_over_time(prometheus_operator_managed_resources{state="rejected",job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusOperatorRejectedResources" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOperatorRejectedResources" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/prometheus.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/prometheus.yaml
new file mode 100644
index 0000000000..9dfeb1f9db
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/prometheus.yaml
@@ -0,0 +1,707 @@
+{{- /*
+Generated from 'prometheus' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/prometheus-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.prometheus }}
+{{- $prometheusJob := printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "prometheus" }}
+{{- $namespace := printf "%s" (include "kube-prometheus-stack.namespace" .) }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "prometheus" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: prometheus
+    rules:
+{{- if not (.Values.defaultRules.disabled.PrometheusBadConfig | default false) }}
+    - alert: PrometheusBadConfig
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has failed to reload its configuration.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusbadconfig
+        summary: Failed Prometheus configuration reload.
+      expr: |-
+        # Without max_over_time, failed scrapes could create false negatives, see
+        # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details.
+        max_over_time(prometheus_config_last_reload_successful{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) == 0
+      for: {{ dig "PrometheusBadConfig" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusBadConfig" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusSDRefreshFailure | default false) }}
+    - alert: PrometheusSDRefreshFailure
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has failed to refresh SD with mechanism {{`{{`}}$labels.mechanism{{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheussdrefreshfailure
+        summary: Failed Prometheus SD refresh.
+      expr: increase(prometheus_sd_refresh_failures_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[10m]) > 0
+      for: {{ dig "PrometheusSDRefreshFailure" "for" "20m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusSDRefreshFailure" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusNotificationQueueRunningFull | default false) }}
+    - alert: PrometheusNotificationQueueRunningFull
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Alert notification queue of Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} is running full.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusnotificationqueuerunningfull
+        summary: Prometheus alert notification queue predicted to run full in less than 30m.
+      expr: |-
+        # Without min_over_time, failed scrapes could create false negatives, see
+        # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details.
+        (
+          predict_linear(prometheus_notifications_queue_length{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m], 60 * 30)
+        >
+          min_over_time(prometheus_notifications_queue_capacity{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m])
+        )
+      for: {{ dig "PrometheusNotificationQueueRunningFull" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusNotificationQueueRunningFull" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusErrorSendingAlertsToSomeAlertmanagers | default false) }}
+    - alert: PrometheusErrorSendingAlertsToSomeAlertmanagers
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} printf "%.1f" $value {{`}}`}}% errors while sending alerts from Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} to Alertmanager {{`{{`}}$labels.alertmanager{{`}}`}}.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheuserrorsendingalertstosomealertmanagers
+        summary: Prometheus has encountered more than 1% errors sending alerts to a specific Alertmanager.
+      expr: |-
+        (
+          rate(prometheus_notifications_errors_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m])
+        /
+          rate(prometheus_notifications_sent_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m])
+        )
+        * 100
+        > 1
+      for: {{ dig "PrometheusErrorSendingAlertsToSomeAlertmanagers" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusErrorSendingAlertsToSomeAlertmanagers" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusNotConnectedToAlertmanagers | default false) }}
+    - alert: PrometheusNotConnectedToAlertmanagers
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} is not connected to any Alertmanagers.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusnotconnectedtoalertmanagers
+        summary: Prometheus is not connected to any Alertmanagers.
+      expr: |-
+        # Without max_over_time, failed scrapes could create false negatives, see
+        # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details.
+        max_over_time(prometheus_notifications_alertmanagers_discovered{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) < 1
+      for: {{ dig "PrometheusNotConnectedToAlertmanagers" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusNotConnectedToAlertmanagers" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusTSDBReloadsFailing | default false) }}
+    - alert: PrometheusTSDBReloadsFailing
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has detected {{`{{`}}$value | humanize{{`}}`}} reload failures over the last 3h.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheustsdbreloadsfailing
+        summary: Prometheus has issues reloading blocks from disk.
+      expr: increase(prometheus_tsdb_reloads_failures_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[3h]) > 0
+      for: {{ dig "PrometheusTSDBReloadsFailing" "for" "4h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusTSDBReloadsFailing" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusTSDBCompactionsFailing | default false) }}
+    - alert: PrometheusTSDBCompactionsFailing
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has detected {{`{{`}}$value | humanize{{`}}`}} compaction failures over the last 3h.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheustsdbcompactionsfailing
+        summary: Prometheus has issues compacting blocks.
+      expr: increase(prometheus_tsdb_compactions_failed_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[3h]) > 0
+      for: {{ dig "PrometheusTSDBCompactionsFailing" "for" "4h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusTSDBCompactionsFailing" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusNotIngestingSamples | default false) }}
+    - alert: PrometheusNotIngestingSamples
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} is not ingesting samples.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusnotingestingsamples
+        summary: Prometheus is not ingesting samples.
+      expr: |-
+        (
+          sum without(type) (rate(prometheus_tsdb_head_samples_appended_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m])) <= 0
+        and
+          (
+            sum without(scrape_job) (prometheus_target_metadata_cache_entries{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}) > 0
+          or
+            sum without(rule_group) (prometheus_rule_group_rules{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}) > 0
+          )
+        )
+      for: {{ dig "PrometheusNotIngestingSamples" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusNotIngestingSamples" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusDuplicateTimestamps | default false) }}
+    - alert: PrometheusDuplicateTimestamps
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} is dropping {{`{{`}} printf "%.4g" $value  {{`}}`}} samples/s with different values but duplicated timestamp.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusduplicatetimestamps
+        summary: Prometheus is dropping samples with duplicate timestamps.
+      expr: rate(prometheus_target_scrapes_sample_duplicate_timestamp_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusDuplicateTimestamps" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusDuplicateTimestamps" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusOutOfOrderTimestamps | default false) }}
+    - alert: PrometheusOutOfOrderTimestamps
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} is dropping {{`{{`}} printf "%.4g" $value  {{`}}`}} samples/s with timestamps arriving out of order.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusoutofordertimestamps
+        summary: Prometheus drops samples with out-of-order timestamps.
+      expr: rate(prometheus_target_scrapes_sample_out_of_order_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusOutOfOrderTimestamps" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOutOfOrderTimestamps" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusRemoteStorageFailures | default false) }}
+    - alert: PrometheusRemoteStorageFailures
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} failed to send {{`{{`}} printf "%.1f" $value {{`}}`}}% of the samples to {{`{{`}} $labels.remote_name{{`}}`}}:{{`{{`}} $labels.url {{`}}`}}
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusremotestoragefailures
+        summary: Prometheus fails to send samples to remote storage.
+      expr: |-
+        (
+          (rate(prometheus_remote_storage_failed_samples_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) or rate(prometheus_remote_storage_samples_failed_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]))
+        /
+          (
+            (rate(prometheus_remote_storage_failed_samples_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) or rate(prometheus_remote_storage_samples_failed_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]))
+          +
+            (rate(prometheus_remote_storage_succeeded_samples_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) or rate(prometheus_remote_storage_samples_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]))
+          )
+        )
+        * 100
+        > 1
+      for: {{ dig "PrometheusRemoteStorageFailures" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusRemoteStorageFailures" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusRemoteWriteBehind | default false) }}
+    - alert: PrometheusRemoteWriteBehind
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} remote write is {{`{{`}} printf "%.1f" $value {{`}}`}}s behind for {{`{{`}} $labels.remote_name{{`}}`}}:{{`{{`}} $labels.url {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusremotewritebehind
+        summary: Prometheus remote write is behind.
+      expr: |-
+        # Without max_over_time, failed scrapes could create false negatives, see
+        # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details.
+        (
+          max_over_time(prometheus_remote_storage_highest_timestamp_in_seconds{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m])
+        - ignoring(remote_name, url) group_right
+          max_over_time(prometheus_remote_storage_queue_highest_sent_timestamp_seconds{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m])
+        )
+        > 120
+      for: {{ dig "PrometheusRemoteWriteBehind" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusRemoteWriteBehind" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusRemoteWriteDesiredShards | default false) }}
+    - alert: PrometheusRemoteWriteDesiredShards
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} remote write desired shards calculation wants to run {{`{{`}} $value {{`}}`}} shards for queue {{`{{`}} $labels.remote_name{{`}}`}}:{{`{{`}} $labels.url {{`}}`}}, which is more than the max of {{`{{`}} printf `prometheus_remote_storage_shards_max{instance="%s",job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}` $labels.instance | query | first | value {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusremotewritedesiredshards
+        summary: Prometheus remote write desired shards calculation wants to run more than configured max shards.
+      expr: |-
+        # Without max_over_time, failed scrapes could create false negatives, see
+        # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details.
+        (
+          max_over_time(prometheus_remote_storage_shards_desired{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m])
+        >
+          max_over_time(prometheus_remote_storage_shards_max{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m])
+        )
+      for: {{ dig "PrometheusRemoteWriteDesiredShards" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusRemoteWriteDesiredShards" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusRuleFailures | default false) }}
+    - alert: PrometheusRuleFailures
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has failed to evaluate {{`{{`}} printf "%.0f" $value {{`}}`}} rules in the last 5m.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusrulefailures
+        summary: Prometheus is failing rule evaluations.
+      expr: increase(prometheus_rule_evaluation_failures_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusRuleFailures" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusRuleFailures" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusMissingRuleEvaluations | default false) }}
+    - alert: PrometheusMissingRuleEvaluations
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has missed {{`{{`}} printf "%.0f" $value {{`}}`}} rule group evaluations in the last 5m.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusmissingruleevaluations
+        summary: Prometheus is missing rule evaluations due to slow rule group evaluation.
+      expr: increase(prometheus_rule_group_iterations_missed_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusMissingRuleEvaluations" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusMissingRuleEvaluations" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusTargetLimitHit | default false) }}
+    - alert: PrometheusTargetLimitHit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has dropped {{`{{`}} printf "%.0f" $value {{`}}`}} targets because the number of targets exceeded the configured target_limit.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheustargetlimithit
+        summary: Prometheus has dropped targets because some scrape configs have exceeded the targets limit.
+      expr: increase(prometheus_target_scrape_pool_exceeded_target_limit_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusTargetLimitHit" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusTargetLimitHit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusLabelLimitHit | default false) }}
+    - alert: PrometheusLabelLimitHit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has dropped {{`{{`}} printf "%.0f" $value {{`}}`}} targets because some samples exceeded the configured label_limit, label_name_length_limit or label_value_length_limit.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheuslabellimithit
+        summary: Prometheus has dropped targets because some scrape configs have exceeded the labels limit.
+      expr: increase(prometheus_target_scrape_pool_exceeded_label_limits_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusLabelLimitHit" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusLabelLimitHit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusScrapeBodySizeLimitHit | default false) }}
+    - alert: PrometheusScrapeBodySizeLimitHit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has failed {{`{{`}} printf "%.0f" $value {{`}}`}} scrapes in the last 5m because some targets exceeded the configured body_size_limit.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusscrapebodysizelimithit
+        summary: Prometheus has dropped some targets that exceeded body size limit.
+      expr: increase(prometheus_target_scrapes_exceeded_body_size_limit_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusScrapeBodySizeLimitHit" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusScrapeBodySizeLimitHit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusScrapeSampleLimitHit | default false) }}
+    - alert: PrometheusScrapeSampleLimitHit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has failed {{`{{`}} printf "%.0f" $value {{`}}`}} scrapes in the last 5m because some targets exceeded the configured sample_limit.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusscrapesamplelimithit
+        summary: Prometheus has failed scrapes that have exceeded the configured sample limit.
+      expr: increase(prometheus_target_scrapes_exceeded_sample_limit_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusScrapeSampleLimitHit" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusScrapeSampleLimitHit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusTargetSyncFailure | default false) }}
+    - alert: PrometheusTargetSyncFailure
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} printf "%.0f" $value {{`}}`}} targets in Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} have failed to sync because invalid configuration was supplied.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheustargetsyncfailure
+        summary: Prometheus has failed to sync targets.
+      expr: increase(prometheus_target_sync_failed_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[30m]) > 0
+      for: {{ dig "PrometheusTargetSyncFailure" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusTargetSyncFailure" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusHighQueryLoad | default false) }}
+    - alert: PrometheusHighQueryLoad
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} query API has less than 20% available capacity in its query engine for the last 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheushighqueryload
+        summary: Prometheus is reaching its maximum capacity serving concurrent requests.
+      expr: avg_over_time(prometheus_engine_queries{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) / max_over_time(prometheus_engine_queries_concurrent_max{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0.8
+      for: {{ dig "PrometheusHighQueryLoad" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusHighQueryLoad" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusErrorSendingAlertsToAnyAlertmanager | default false) }}
+    - alert: PrometheusErrorSendingAlertsToAnyAlertmanager
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} printf "%.1f" $value {{`}}`}}% minimum errors while sending alerts from Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} to any Alertmanager.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheuserrorsendingalertstoanyalertmanager
+        summary: Prometheus encounters more than 3% errors sending alerts to any Alertmanager.
+      expr: |-
+        min without (alertmanager) (
+          rate(prometheus_notifications_errors_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}",alertmanager!~``}[5m])
+        /
+          rate(prometheus_notifications_sent_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}",alertmanager!~``}[5m])
+        )
+        * 100
+        > 3
+      for: {{ dig "PrometheusErrorSendingAlertsToAnyAlertmanager" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusErrorSendingAlertsToAnyAlertmanager" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/windows.node.rules.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/windows.node.rules.yaml
new file mode 100644
index 0000000000..7c25553861
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/windows.node.rules.yaml
@@ -0,0 +1,301 @@
+{{- /*
+Generated from 'windows.node.rules' group from https://github.com/kubernetes-monitoring/kubernetes-mixin.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.windowsMonitoring.enabled .Values.defaultRules.rules.windows }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "windows.node.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: windows.node.rules
+    rules:
+    - expr: |-
+        count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (
+          windows_system_system_up_time{job="windows-exporter"}
+        )
+      record: node:windows_node:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) (sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance, core) (
+          windows_cpu_time_total{job="windows-exporter"}
+        ))
+      record: node:windows_node_num_cpu:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: 1 - avg by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(windows_cpu_time_total{job="windows-exporter",mode="idle"}[1m]))
+      record: :windows_node_cpu_utilisation:avg1m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        1 - avg by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) (
+          rate(windows_cpu_time_total{job="windows-exporter",mode="idle"}[1m])
+        )
+      record: node:windows_node_cpu_utilisation:avg1m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        1 -
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (windows_memory_available_bytes{job="windows-exporter"})
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (windows_os_visible_memory_bytes{job="windows-exporter"})
+      record: ':windows_node_memory_utilisation:'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (windows_memory_available_bytes{job="windows-exporter"} + windows_memory_cache_bytes{job="windows-exporter"})
+      record: :windows_node_memory_MemFreeCached_bytes:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: (windows_memory_cache_bytes{job="windows-exporter"} + windows_memory_modified_page_list_bytes{job="windows-exporter"} + windows_memory_standby_cache_core_bytes{job="windows-exporter"} + windows_memory_standby_cache_normal_priority_bytes{job="windows-exporter"} + windows_memory_standby_cache_reserve_bytes{job="windows-exporter"})
+      record: node:windows_node_memory_totalCached_bytes:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (windows_os_visible_memory_bytes{job="windows-exporter"})
+      record: :windows_node_memory_MemTotal_bytes:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) (
+          (windows_memory_available_bytes{job="windows-exporter"})
+        )
+      record: node:windows_node_memory_bytes_available:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) (
+          windows_os_visible_memory_bytes{job="windows-exporter"}
+        )
+      record: node:windows_node_memory_bytes_total:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        (node:windows_node_memory_bytes_total:sum - node:windows_node_memory_bytes_available:sum)
+        /
+        scalar(sum(node:windows_node_memory_bytes_total:sum))
+      record: node:windows_node_memory_utilisation:ratio
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: 1 - (node:windows_node_memory_bytes_available:sum / node:windows_node_memory_bytes_total:sum)
+      record: 'node:windows_node_memory_utilisation:'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: irate(windows_memory_swap_page_operations_total{job="windows-exporter"}[5m])
+      record: node:windows_node_memory_swap_io_pages:irate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        avg by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (irate(windows_logical_disk_read_seconds_total{job="windows-exporter"}[1m]) +
+            irate(windows_logical_disk_write_seconds_total{job="windows-exporter"}[1m])
+          )
+      record: :windows_node_disk_utilisation:avg_irate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        avg by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) (
+          (irate(windows_logical_disk_read_seconds_total{job="windows-exporter"}[1m]) +
+           irate(windows_logical_disk_write_seconds_total{job="windows-exporter"}[1m]))
+        )
+      record: node:windows_node_disk_utilisation:avg_irate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,instance,volume)(
+          (windows_logical_disk_size_bytes{job="windows-exporter"}
+        - windows_logical_disk_free_bytes{job="windows-exporter"})
+        / windows_logical_disk_size_bytes{job="windows-exporter"}
+        )
+      record: 'node:windows_node_filesystem_usage:'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance, volume) (windows_logical_disk_free_bytes{job="windows-exporter"} / windows_logical_disk_size_bytes{job="windows-exporter"})
+      record: 'node:windows_node_filesystem_avail:'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (irate(windows_net_bytes_total{job="windows-exporter"}[1m]))
+      record: :windows_node_net_utilisation:sum_irate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) (
+          (irate(windows_net_bytes_total{job="windows-exporter"}[1m]))
+        )
+      record: node:windows_node_net_utilisation:sum_irate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (irate(windows_net_packets_received_discarded_total{job="windows-exporter"}[1m])) +
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (irate(windows_net_packets_outbound_discarded_total{job="windows-exporter"}[1m]))
+      record: :windows_node_net_saturation:sum_irate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) (
+          (irate(windows_net_packets_received_discarded_total{job="windows-exporter"}[1m]) +
+          irate(windows_net_packets_outbound_discarded_total{job="windows-exporter"}[1m]))
+        )
+      record: node:windows_node_net_saturation:sum_irate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/windows.pod.rules.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/windows.pod.rules.yaml
new file mode 100644
index 0000000000..86340b5c05
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/rules-1.14/windows.pod.rules.yaml
@@ -0,0 +1,158 @@
+{{- /*
+Generated from 'windows.pod.rules' group from https://github.com/kubernetes-monitoring/kubernetes-mixin.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.windowsMonitoring.enabled .Values.defaultRules.rules.windows }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "windows.pod.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: windows.pod.rules
+    rules:
+    - expr: windows_container_available{job="windows-exporter", container_id != ""} * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container_id, cluster) group_left(container, pod, namespace) max(kube_pod_container_info{job="{{ $kubeStateMetricsJob }}", container_id != ""}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container, container_id, pod, namespace, cluster)
+      record: windows_pod_container_available
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: windows_container_cpu_usage_seconds_total{job="windows-exporter", container_id != ""} * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container_id, cluster) group_left(container, pod, namespace) max(kube_pod_container_info{job="{{ $kubeStateMetricsJob }}", container_id != ""}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container, container_id, pod, namespace, cluster)
+      record: windows_container_total_runtime
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: windows_container_memory_usage_commit_bytes{job="windows-exporter", container_id != ""} * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container_id, cluster) group_left(container, pod, namespace) max(kube_pod_container_info{job="{{ $kubeStateMetricsJob }}", container_id != ""}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container, container_id, pod, namespace, cluster)
+      record: windows_container_memory_usage
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: windows_container_memory_usage_private_working_set_bytes{job="windows-exporter", container_id != ""} * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container_id, cluster) group_left(container, pod, namespace) max(kube_pod_container_info{job="{{ $kubeStateMetricsJob }}", container_id != ""}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container, container_id, pod, namespace, cluster)
+      record: windows_container_private_working_set_usage
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: windows_container_network_receive_bytes_total{job="windows-exporter", container_id != ""} * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container_id, cluster) group_left(container, pod, namespace) max(kube_pod_container_info{job="{{ $kubeStateMetricsJob }}", container_id != ""}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container, container_id, pod, namespace, cluster)
+      record: windows_container_network_received_bytes_total
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: windows_container_network_transmit_bytes_total{job="windows-exporter", container_id != ""} * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container_id, cluster) group_left(container, pod, namespace) max(kube_pod_container_info{job="{{ $kubeStateMetricsJob }}", container_id != ""}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container, container_id, pod, namespace, cluster)
+      record: windows_container_network_transmitted_bytes_total
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, container) (
+          kube_pod_container_resource_requests{resource="memory",job="{{ $kubeStateMetricsJob }}"}
+        ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container,pod,namespace,cluster) (windows_pod_container_available)
+      record: kube_pod_windows_container_resource_memory_request
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: kube_pod_container_resource_limits{resource="memory",job="{{ $kubeStateMetricsJob }}"} * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container,pod,namespace,cluster) (windows_pod_container_available)
+      record: kube_pod_windows_container_resource_memory_limit
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, container) (
+          kube_pod_container_resource_requests{resource="cpu",job="{{ $kubeStateMetricsJob }}"}
+        ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container,pod,namespace,cluster) (windows_pod_container_available)
+      record: kube_pod_windows_container_resource_cpu_cores_request
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: kube_pod_container_resource_limits{resource="cpu",job="{{ $kubeStateMetricsJob }}"} * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container,pod,namespace,cluster) (windows_pod_container_available)
+      record: kube_pod_windows_container_resource_cpu_cores_limit
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, container) (
+          rate(windows_container_total_runtime{}[5m])
+        )
+      record: namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/secret.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/secret.yaml
new file mode 100644
index 0000000000..e4a1e73c7b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/secret.yaml
@@ -0,0 +1,15 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.prometheusSpec.thanos .Values.prometheus.prometheusSpec.thanos.objectStorageConfig}}
+{{- if and .Values.prometheus.prometheusSpec.thanos.objectStorageConfig.secret (not .Values.prometheus.prometheusSpec.thanos.objectStorageConfig.existingSecret) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+    app.kubernetes.io/component: prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+  object-storage-configs.yaml: {{ toYaml .Values.prometheus.prometheusSpec.thanos.objectStorageConfig.secret | b64enc | quote }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/service.yaml
new file mode 100644
index 0000000000..d61b9d6ef3
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/service.yaml
@@ -0,0 +1,80 @@
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if .Values.prometheus.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+    self-monitor: {{ .Values.prometheus.serviceMonitor.selfMonitor | quote }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.prometheus.service.labels }}
+{{ toYaml .Values.prometheus.service.labels | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.service.annotations }}
+  annotations:
+{{ toYaml .Values.prometheus.service.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.prometheus.service.clusterIP }}
+  clusterIP: {{ .Values.prometheus.service.clusterIP }}
+{{- end }}
+{{- if .Values.prometheus.service.externalIPs }}
+  externalIPs:
+{{ toYaml .Values.prometheus.service.externalIPs | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.service.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.prometheus.service.loadBalancerIP }}
+{{- end }}
+{{- if .Values.prometheus.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range $cidr := .Values.prometheus.service.loadBalancerSourceRanges }}
+    - {{ $cidr }}
+  {{- end }}
+{{- end }}
+{{- if ne .Values.prometheus.service.type "ClusterIP" }}
+  externalTrafficPolicy: {{ .Values.prometheus.service.externalTrafficPolicy }}
+{{- end }}
+  ports:
+  - name: {{ .Values.prometheus.prometheusSpec.portName }}
+    {{- if eq .Values.prometheus.service.type "NodePort" }}
+    nodePort: {{ .Values.prometheus.service.nodePort }}
+    {{- end }}
+    port: {{ .Values.prometheus.service.port }}
+    targetPort: {{ .Values.prometheus.service.targetPort }}
+  - name: reloader-web
+    {{- if semverCompare "> 1.20.0-0" $kubeTargetVersion }}
+    appProtocol: http
+    {{- end }}
+    port: {{ .Values.prometheus.service.reloaderWebPort }}
+    targetPort: reloader-web
+  {{- if .Values.prometheus.thanosIngress.enabled }}
+  - name: grpc
+    {{- if eq .Values.prometheus.service.type "NodePort" }}
+    nodePort: {{ .Values.prometheus.thanosIngress.nodePort }}
+    {{- end }}
+    port: {{ .Values.prometheus.thanosIngress.servicePort }}
+    targetPort: {{ .Values.prometheus.thanosIngress.servicePort }}
+  {{- end }}
+{{- if .Values.prometheus.service.additionalPorts }}
+{{ toYaml .Values.prometheus.service.additionalPorts | indent 2 }}
+{{- end }}
+  publishNotReadyAddresses: {{ .Values.prometheus.service.publishNotReadyAddresses }}
+  selector:
+    {{- if .Values.prometheus.agentMode }}
+    app.kubernetes.io/name: prometheus-agent
+    {{- else }}
+    app.kubernetes.io/name: prometheus
+    {{- end }}
+    operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
+{{- if .Values.prometheus.service.sessionAffinity }}
+  sessionAffinity: {{ .Values.prometheus.service.sessionAffinity }}
+{{- end }}
+{{- if eq .Values.prometheus.service.sessionAffinity "ClientIP" }}
+  sessionAffinityConfig:
+    clientIP:
+      timeoutSeconds: {{ .Values.prometheus.service.sessionAffinityConfig.clientIP.timeoutSeconds }}
+{{- end }}
+  type: "{{ .Values.prometheus.service.type }}"
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/serviceThanosSidecar.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/serviceThanosSidecar.yaml
new file mode 100644
index 0000000000..15b89c8c23
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/serviceThanosSidecar.yaml
@@ -0,0 +1,39 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.thanosService.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-thanos-discovery
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-thanos-discovery
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.prometheus.thanosService.labels }}
+{{ toYaml .Values.prometheus.thanosService.labels | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.thanosService.annotations }}
+  annotations:
+{{ toYaml .Values.prometheus.thanosService.annotations | indent 4 }}
+{{- end }}
+spec:
+  type: {{ .Values.prometheus.thanosService.type }}
+  clusterIP: {{ .Values.prometheus.thanosService.clusterIP }}
+{{- if ne .Values.prometheus.thanosService.type "ClusterIP" }}
+  externalTrafficPolicy: {{ .Values.prometheus.thanosService.externalTrafficPolicy }}
+{{- end }}
+  ports:
+  - name: {{ .Values.prometheus.thanosService.portName }}
+    port: {{ .Values.prometheus.thanosService.port }}
+    targetPort: {{ .Values.prometheus.thanosService.targetPort }}
+    {{- if eq .Values.prometheus.thanosService.type "NodePort" }}
+    nodePort: {{ .Values.prometheus.thanosService.nodePort }}
+    {{- end }}
+  - name: {{ .Values.prometheus.thanosService.httpPortName }}
+    port: {{ .Values.prometheus.thanosService.httpPort }}
+    targetPort: {{ .Values.prometheus.thanosService.targetHttpPort }}
+    {{- if eq .Values.prometheus.thanosService.type "NodePort" }}
+    nodePort: {{ .Values.prometheus.thanosService.httpNodePort }}
+    {{- end }}
+  selector:
+    app.kubernetes.io/name: prometheus
+    operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/serviceThanosSidecarExternal.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/serviceThanosSidecarExternal.yaml
new file mode 100644
index 0000000000..453eed7f1b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/serviceThanosSidecarExternal.yaml
@@ -0,0 +1,46 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.thanosServiceExternal.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-thanos-external
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.prometheus.thanosServiceExternal.labels }}
+{{ toYaml .Values.prometheus.thanosServiceExternal.labels | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.thanosServiceExternal.annotations }}
+  annotations:
+{{ toYaml .Values.prometheus.thanosServiceExternal.annotations | indent 4 }}
+{{- end }}
+spec:
+  type: {{ .Values.prometheus.thanosServiceExternal.type }}
+{{- if .Values.prometheus.thanosServiceExternal.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.prometheus.thanosServiceExternal.loadBalancerIP }}
+{{- end }}
+{{- if .Values.prometheus.thanosServiceExternal.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range $cidr := .Values.prometheus.thanosServiceExternal.loadBalancerSourceRanges }}
+    - {{ $cidr }}
+  {{- end }}
+{{- end }}
+{{- if ne .Values.prometheus.thanosServiceExternal.type "ClusterIP" }}
+  externalTrafficPolicy: {{ .Values.prometheus.thanosServiceExternal.externalTrafficPolicy }}
+{{- end }}
+  ports:
+  - name: {{ .Values.prometheus.thanosServiceExternal.portName }}
+    port: {{ .Values.prometheus.thanosServiceExternal.port }}
+    targetPort: {{ .Values.prometheus.thanosServiceExternal.targetPort }}
+    {{- if eq .Values.prometheus.thanosServiceExternal.type "NodePort" }}
+    nodePort: {{ .Values.prometheus.thanosServiceExternal.nodePort }}
+    {{- end }}
+  - name: {{ .Values.prometheus.thanosServiceExternal.httpPortName }}
+    port: {{ .Values.prometheus.thanosServiceExternal.httpPort }}
+    targetPort: {{ .Values.prometheus.thanosServiceExternal.targetHttpPort }}
+    {{- if eq .Values.prometheus.thanosServiceExternal.type "NodePort" }}
+    nodePort: {{ .Values.prometheus.thanosServiceExternal.httpNodePort }}
+    {{- end }}
+  selector:
+    app.kubernetes.io/name: prometheus
+    operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/serviceaccount.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/serviceaccount.yaml
new file mode 100644
index 0000000000..e97b989bbd
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/serviceaccount.yaml
@@ -0,0 +1,21 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "kube-prometheus-stack.prometheus.serviceAccountName" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+    app.kubernetes.io/name: {{ template "kube-prometheus-stack.name" . }}-prometheus
+    app.kubernetes.io/component: prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.prometheus.serviceAccount.annotations }}
+  annotations:
+{{ toYaml .Values.prometheus.serviceAccount.annotations | indent 4 }}
+{{- end }}
+automountServiceAccountToken: {{ .Values.prometheus.serviceAccount.automountServiceAccountToken }}
+{{- if .Values.global.imagePullSecrets }}
+imagePullSecrets:
+{{ include "kube-prometheus-stack.imagePullSecrets" . | trim | indent 2 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/servicemonitor.yaml
new file mode 100644
index 0000000000..a36f3e33ca
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/servicemonitor.yaml
@@ -0,0 +1,97 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.serviceMonitor.selfMonitor }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- with .Values.prometheus.serviceMonitor.additionalLabels }}
+{{- toYaml . | nindent 4 }}
+{{- end }}
+spec:
+  {{- include "servicemonitor.scrapeLimits" .Values.prometheus.serviceMonitor | nindent 2 }}
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+      release: {{ $.Release.Name | quote }}
+      self-monitor: "true"
+  namespaceSelector:
+    matchNames:
+      - {{ printf "%s" (include "kube-prometheus-stack.namespace" .) | quote }}
+  endpoints:
+  - port: {{ .Values.prometheus.prometheusSpec.portName }}
+    {{- if .Values.prometheus.serviceMonitor.interval }}
+    interval: {{ .Values.prometheus.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.prometheus.serviceMonitor.scheme }}
+    scheme: {{ .Values.prometheus.serviceMonitor.scheme }}
+    {{- end }}
+    {{- if .Values.prometheus.serviceMonitor.tlsConfig }}
+    tlsConfig: {{- toYaml .Values.prometheus.serviceMonitor.tlsConfig | nindent 6 }}
+    {{- end }}
+    {{- if .Values.prometheus.serviceMonitor.bearerTokenFile }}
+    bearerTokenFile: {{ .Values.prometheus.serviceMonitor.bearerTokenFile }}
+    {{- end }}
+    path: "{{ trimSuffix "/" .Values.prometheus.prometheusSpec.routePrefix }}/metrics"
+    metricRelabelings: 
+    {{- if .Values.prometheus.serviceMonitor.metricRelabelings }}
+    {{- tpl (toYaml .Values.prometheus.serviceMonitor.metricRelabelings | nindent 6) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+    {{- if .Values.prometheus.serviceMonitor.relabelings }}
+    relabelings: {{- toYaml .Values.prometheus.serviceMonitor.relabelings | nindent 6 }}
+    {{- end }}
+  - port: reloader-web
+    {{- if .Values.prometheus.serviceMonitor.interval }}
+    interval: {{ .Values.prometheus.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.prometheus.serviceMonitor.scheme }}
+    scheme: {{ .Values.prometheus.serviceMonitor.scheme }}
+    {{- end }}
+    {{- if .Values.prometheus.serviceMonitor.tlsConfig }}
+    tlsConfig: {{- toYaml .Values.prometheus.serviceMonitor.tlsConfig | nindent 6 }}
+    {{- end }}
+    path: "/metrics"
+    {{- if .Values.prometheus.serviceMonitor.metricRelabelings }}
+    metricRelabelings: {{- tpl (toYaml .Values.prometheus.serviceMonitor.metricRelabelings | nindent 6) . }}
+    {{- end }}
+    {{- if .Values.prometheus.serviceMonitor.relabelings }}
+    relabelings: {{- toYaml .Values.prometheus.serviceMonitor.relabelings | nindent 6 }}
+    {{- end }}
+  {{- range .Values.prometheus.serviceMonitor.additionalEndpoints }}
+  - port: {{ .port }}
+    {{- if or $.Values.prometheus.serviceMonitor.interval .interval }}
+    interval: {{ default $.Values.prometheus.serviceMonitor.interval .interval }}
+    {{- end }}
+    {{- if or $.Values.prometheus.serviceMonitor.proxyUrl .proxyUrl }}
+    proxyUrl: {{ default $.Values.prometheus.serviceMonitor.proxyUrl .proxyUrl }}
+    {{- end }}
+    {{- if or $.Values.prometheus.serviceMonitor.scheme .scheme }}
+    scheme: {{ default $.Values.prometheus.serviceMonitor.scheme .scheme }}
+    {{- end }}
+    {{- if or $.Values.prometheus.serviceMonitor.bearerTokenFile .bearerTokenFile }}
+    bearerTokenFile: {{ default $.Values.prometheus.serviceMonitor.bearerTokenFile .bearerTokenFile }}
+    {{- end }}
+    {{- if or $.Values.prometheus.serviceMonitor.tlsConfig .tlsConfig }}
+    tlsConfig: {{- default $.Values.prometheus.serviceMonitor.tlsConfig .tlsConfig | toYaml | nindent 6 }}
+    {{- end }}
+    path: {{ .path }}
+    {{- if or $.Values.prometheus.serviceMonitor.metricRelabelings .metricRelabelings }}
+    metricRelabelings: {{- tpl (default $.Values.prometheus.serviceMonitor.metricRelabelings .metricRelabelings | toYaml | nindent 6) . }}
+    {{- end }}
+    {{- if or $.Values.prometheus.serviceMonitor.relabelings .relabelings }}
+    relabelings: {{- default $.Values.prometheus.serviceMonitor.relabelings .relabelings | toYaml | nindent 6 }}
+    {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/servicemonitorThanosSidecar.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/servicemonitorThanosSidecar.yaml
new file mode 100644
index 0000000000..0f70aabb58
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/servicemonitorThanosSidecar.yaml
@@ -0,0 +1,55 @@
+{{- if and .Values.prometheus.thanosService.enabled .Values.prometheus.thanosServiceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-thanos-sidecar
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-thanos-sidecar
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- with .Values.prometheus.thanosServiceMonitor.additionalLabels }}
+{{- toYaml . | nindent 4 }}
+{{- end }}
+spec:
+  {{- include "servicemonitor.scrapeLimits" .Values.prometheus.thanosServiceMonitor | nindent 2 }}
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-thanos-discovery
+      release: {{ $.Release.Name | quote }}
+  namespaceSelector:
+    matchNames:
+      - {{ printf "%s" (include "kube-prometheus-stack.namespace" .) | quote }}
+  endpoints:
+  - port: {{ .Values.prometheus.thanosService.httpPortName }}
+    {{- if .Values.prometheus.thanosServiceMonitor.interval }}
+    interval: {{ .Values.prometheus.thanosServiceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.prometheus.thanosServiceMonitor.scheme }}
+    scheme: {{ .Values.prometheus.thanosServiceMonitor.scheme }}
+    {{- end }}
+    {{- if .Values.prometheus.thanosServiceMonitor.tlsConfig }}
+    tlsConfig: {{ toYaml .Values.prometheus.thanosServiceMonitor.tlsConfig | nindent 6 }}
+    {{- end }}
+    {{- if .Values.prometheus.thanosServiceMonitor.bearerTokenFile }}
+    bearerTokenFile: {{ .Values.prometheus.thanosServiceMonitor.bearerTokenFile }}
+    {{- end }}
+    path: "/metrics"
+    metricRelabelings:
+    {{- if .Values.prometheus.thanosServiceMonitor.metricRelabelings}}
+    {{ tpl (toYaml .Values.prometheus.thanosServiceMonitor.metricRelabelings | indent 6) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.prometheus.thanosServiceMonitor.relabelings }}
+    relabelings:
+{{ toYaml .Values.prometheus.thanosServiceMonitor.relabelings | indent 6 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/servicemonitors.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/servicemonitors.yaml
new file mode 100644
index 0000000000..a7a301babc
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/servicemonitors.yaml
@@ -0,0 +1,47 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.additionalServiceMonitors }}
+apiVersion: v1
+kind: List
+items:
+{{- range .Values.prometheus.additionalServiceMonitors }}
+  - apiVersion: monitoring.coreos.com/v1
+    kind: ServiceMonitor
+    metadata:
+      name: {{ .name }}
+      namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+      labels:
+        app: {{ template "kube-prometheus-stack.name" $ }}-prometheus
+{{ include "kube-prometheus-stack.labels" $ | indent 8 }}
+        {{- if .additionalLabels }}
+{{ toYaml .additionalLabels | indent 8 }}
+        {{- end }}
+    spec:
+      {{- include "servicemonitor.scrapeLimits" . | nindent 6 }}
+      endpoints:
+{{ toYaml .endpoints | indent 8 }}
+    {{- if .jobLabel }}
+      jobLabel: {{ .jobLabel }}
+    {{- end }}
+    {{- if .namespaceSelector }}
+      namespaceSelector:
+{{ toYaml .namespaceSelector | indent 8 }}
+    {{- end }}
+      selector:
+{{ toYaml .selector | indent 8 }}
+    {{- if .targetLabels }}
+      targetLabels:
+{{ toYaml .targetLabels | indent 8 }}
+    {{- end }}
+    {{- if .podTargetLabels }}
+      podTargetLabels:
+{{ toYaml .podTargetLabels | indent 8 }}
+    {{- end }}
+    {{- if .metricRelabelings }}
+      metricRelabelings:
+{{ toYaml .metricRelabelings | indent 8 }}
+    {{- end }}
+    {{- if .relabelings }}
+      relabelings:
+{{ toYaml .relabelings | indent 8 }}
+    {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/serviceperreplica.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/serviceperreplica.yaml
new file mode 100644
index 0000000000..4bc7f7b869
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/prometheus/serviceperreplica.yaml
@@ -0,0 +1,54 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.servicePerReplica.enabled }}
+{{- $count := .Values.prometheus.prometheusSpec.replicas | int -}}
+{{- $serviceValues := .Values.prometheus.servicePerReplica -}}
+apiVersion: v1
+kind: List
+metadata:
+  name: {{ include "kube-prometheus-stack.fullname" $ }}-prometheus-serviceperreplica
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+items:
+{{- range $i, $e := until $count }}
+  - apiVersion: v1
+    kind: Service
+    metadata:
+      name: {{ include "kube-prometheus-stack.fullname" $ }}-prometheus-{{ $i }}
+      namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+      labels:
+        app: {{ include "kube-prometheus-stack.name" $ }}-prometheus
+{{ include "kube-prometheus-stack.labels" $ | indent 8 }}
+      {{- if $serviceValues.annotations }}
+      annotations:
+{{ toYaml $serviceValues.annotations | indent 8 }}
+      {{- end }}
+    spec:
+      {{- if $serviceValues.clusterIP }}
+      clusterIP: {{ $serviceValues.clusterIP }}
+      {{- end }}
+      {{- if $serviceValues.loadBalancerSourceRanges }}
+      loadBalancerSourceRanges:
+      {{- range $cidr := $serviceValues.loadBalancerSourceRanges }}
+        - {{ $cidr }}
+      {{- end }}
+      {{- end }}
+      {{- if ne $serviceValues.type "ClusterIP" }}
+      externalTrafficPolicy: {{ $serviceValues.externalTrafficPolicy }}
+      {{- end }}
+      ports:
+        - name: {{ $.Values.prometheus.prometheusSpec.portName }}
+          {{- if eq $serviceValues.type "NodePort" }}
+          nodePort: {{ $serviceValues.nodePort }}
+          {{- end }}
+          port: {{ $serviceValues.port }}
+          targetPort: {{ $serviceValues.targetPort }}
+      selector:
+        {{- if $.Values.prometheus.agentMode }}
+        app.kubernetes.io/name: prometheus-agent
+        statefulset.kubernetes.io/pod-name: prom-agent-{{ include "kube-prometheus-stack.prometheus.crname" $ }}-{{ $i }}
+        {{- else }}
+        app.kubernetes.io/name: prometheus
+        statefulset.kubernetes.io/pod-name: prometheus-{{ include "kube-prometheus-stack.prometheus.crname" $ }}-{{ $i }}
+        {{- end }}
+        operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" $ }}
+      type: "{{ $serviceValues.type }}"
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/clusterrole.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/clusterrole.yaml
new file mode 100644
index 0000000000..56ca9f5eae
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/clusterrole.yaml
@@ -0,0 +1,135 @@
+{{- if and .Values.global.rbac.create .Values.global.rbac.userRoles.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: monitoring-admin
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+  {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
+    rbac.authorization.k8s.io/aggregate-to-admin: "true"
+  {{- end }}
+rules:
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - alertmanagers
+  - prometheuses
+  - prometheuses/finalizers
+  - alertmanagers/finalizers
+  verbs:
+  - 'get'
+  - 'list'
+  - 'watch'
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - thanosrulers
+  - thanosrulers/finalizers
+  - servicemonitors
+  - podmonitors
+  - prometheusrules
+  - podmonitors
+  - probes
+  - probes/finalizers
+  - alertmanagerconfigs
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: monitoring-edit
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+  {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
+    rbac.authorization.k8s.io/aggregate-to-edit: "true"
+  {{- end }}
+rules:
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - alertmanagers
+  - prometheuses
+  - prometheuses/finalizers
+  - alertmanagers/finalizers
+  verbs:
+  - 'get'
+  - 'list'
+  - 'watch'
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - thanosrulers
+  - thanosrulers/finalizers
+  - servicemonitors
+  - podmonitors
+  - prometheusrules
+  - podmonitors
+  - probes
+  - alertmanagerconfigs
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: monitoring-view
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+  {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
+    rbac.authorization.k8s.io/aggregate-to-view: "true"
+  {{- end }}
+rules:
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - alertmanagers
+  - prometheuses
+  - prometheuses/finalizers
+  - alertmanagers/finalizers
+  - thanosrulers
+  - thanosrulers/finalizers
+  - servicemonitors
+  - podmonitors
+  - prometheusrules
+  - podmonitors
+  - probes
+  - probes/finalizers
+  - alertmanagerconfigs
+  verbs:
+  - 'get'
+  - 'list'
+  - 'watch'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: monitoring-ui-view
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - services/proxy
+  resourceNames:
+  - "http:{{ template "kube-prometheus-stack.fullname" . }}-prometheus:{{ .Values.prometheus.service.port }}"
+  - "https:{{ template "kube-prometheus-stack.fullname" . }}-prometheus:{{ .Values.prometheus.service.port }}"
+  - "http:{{ template "kube-prometheus-stack.fullname" . }}-alertmanager:{{ .Values.alertmanager.service.port }}"
+  - "https:{{ template "kube-prometheus-stack.fullname" . }}-alertmanager:{{ .Values.alertmanager.service.port }}"
+{{- if .Values.grafana.enabled }}
+  - "http:{{ include "call-nested" (list . "grafana" "grafana.fullname") }}:{{ .Values.grafana.service.port }}"
+  - "https:{{ include "call-nested" (list . "grafana" "grafana.fullname") }}:{{ .Values.grafana.service.port }}"
+{{- end }}
+  verbs:
+  - 'get'
+  - 'create'
+- apiGroups:
+  - ""
+  resourceNames:
+  - {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  - {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+{{- if .Values.grafana.enabled }}
+  - {{ include "call-nested" (list . "grafana" "grafana.fullname") }}
+{{- end }}
+  resources:
+  - endpoints
+  verbs:
+  - list
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/config-role.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/config-role.yaml
new file mode 100644
index 0000000000..f48ffc827e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/config-role.yaml
@@ -0,0 +1,48 @@
+{{- if and .Values.global.rbac.create .Values.global.rbac.userRoles.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: monitoring-config-admin
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - secrets
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: monitoring-config-edit
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - secrets
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: monitoring-config-view
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - secrets
+  verbs:
+  - 'get'
+  - 'list'
+  - 'watch'
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboard-role.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboard-role.yaml
new file mode 100644
index 0000000000..d2f81976a2
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboard-role.yaml
@@ -0,0 +1,47 @@
+{{- if and .Values.global.rbac.create .Values.global.rbac.userRoles.create .Values.grafana.enabled }}
+{{- if .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: monitoring-dashboard-admin
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: monitoring-dashboard-edit
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: monitoring-dashboard-view
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - 'get'
+  - 'list'
+  - 'watch'
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/addons/ingress-nginx-dashboard.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/addons/ingress-nginx-dashboard.yaml
new file mode 100644
index 0000000000..7b51a0bf7a
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/addons/ingress-nginx-dashboard.yaml
@@ -0,0 +1,18 @@
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled .Values.ingressNginx.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "ingress-nginx" | trunc 63 | trimSuffix "-" }}
+  {{- if .Values.grafana.sidecar.dashboards.annotations }}
+  annotations: {{ toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ (.Files.Glob "files/ingress-nginx/*").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/cluster-dashboards.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/cluster-dashboards.yaml
new file mode 100644
index 0000000000..d73b257451
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/cluster-dashboards.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: rancher-default-dashboards-cluster
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ (.Files.Glob "files/rancher/cluster/*").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/default-dashboard.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/default-dashboard.yaml
new file mode 100644
index 0000000000..8865efa932
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/default-dashboard.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: rancher-default-dashboards-home
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ (.Files.Glob "files/rancher/home/*").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/fleet-dashboards.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/fleet-dashboards.yaml
new file mode 100644
index 0000000000..9b05cea2e8
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/fleet-dashboards.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: rancher-fleet-dashboards
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ (.Files.Glob "files/rancher/fleet/*").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/k8s-dashboards.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/k8s-dashboards.yaml
new file mode 100644
index 0000000000..2afae10ef7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/k8s-dashboards.yaml
@@ -0,0 +1,31 @@
+{{- $files := (.Files.Glob "files/rancher/k8s/*").AsConfig }}
+{{- $filesDict := (fromYaml $files) }}
+{{- if not (include "exporter.kubeEtcd.enabled" .) }}
+{{- $filesDict = (unset $filesDict "rancher-etcd-nodes.json") -}}
+{{- $filesDict = (unset $filesDict "rancher-etcd.json") -}}
+{{- end }}
+{{- if not (include "exporter.kubeControllerManager.enabled" .) }}
+{{- $filesDict = (unset $filesDict "rancher-k8s-components-nodes.json") -}}
+{{- $filesDict = (unset $filesDict "rancher-k8s-components.json") -}}
+{{- else }}
+{{- $_ := (set $filesDict "rancher-k8s-components-nodes.json" (get $filesDict "rancher-k8s-components-nodes.json" | replace "kube-controller-manager" (include "exporter.kubeControllerManager.jobName" .))) -}}
+{{- $_ := (set $filesDict "rancher-k8s-components.json" (get $filesDict "rancher-k8s-components.json" | replace "kube-controller-manager" (include "exporter.kubeControllerManager.jobName" .))) -}}
+{{- end }}
+{{ $files = (toYaml $filesDict) }}
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: rancher-default-dashboards-k8s
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ $files | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/nodes-dashboards.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/nodes-dashboards.yaml
new file mode 100644
index 0000000000..172c36e9d1
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/nodes-dashboards.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: rancher-default-dashboards-nodes
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ (.Files.Glob "files/rancher/nodes/*").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/performance-dashboards.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/performance-dashboards.yaml
new file mode 100644
index 0000000000..19836ec4e4
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/performance-dashboards.yaml
@@ -0,0 +1,18 @@
+{{- $selector := (include "rancher.serviceMonitor.selector" .) -}}
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled .Values.rancherMonitoring.enabled $selector }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: rancher-default-dashboards-performance-debugging
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ (.Files.Glob "files/rancher/performance/*").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/pods-dashboards.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/pods-dashboards.yaml
new file mode 100644
index 0000000000..940f18869b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/pods-dashboards.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: rancher-default-dashboards-pods
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ (.Files.Glob "files/rancher/pods/*").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/workload-dashboards.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/workload-dashboards.yaml
new file mode 100644
index 0000000000..d146dacdd0
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/dashboards/rancher/workload-dashboards.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: rancher-default-dashboards-workloads
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ (.Files.Glob "files/rancher/workloads/*").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/fleet/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/fleet/servicemonitor.yaml
new file mode 100644
index 0000000000..90d24c2061
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/fleet/servicemonitor.yaml
@@ -0,0 +1,53 @@
+{{- if .Values.rancherMonitoring.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+  name: monitoring-fleet-controller
+  namespace: cattle-fleet-system
+spec:
+  endpoints:
+  - port: metrics
+    metricRelabelings:
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+  jobLabel: fleet
+  selector:
+    matchLabels:
+      app: fleet-controller
+{{- end }}
+---
+{{- if .Values.rancherMonitoring.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+  name: monitoring-gitops-controller
+  namespace: cattle-fleet-system
+spec:
+  endpoints:
+  - port: metrics
+    metricRelabelings:
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+  jobLabel: gitops
+  selector:
+    matchLabels:
+      app: gitjob
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/network-policy.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/network-policy.yaml
new file mode 100644
index 0000000000..3382ad5b61
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/network-policy.yaml
@@ -0,0 +1,19 @@
+{{- if .Values.rke2IngressNginx.networkPolicy.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  annotations:
+    np.rke2.io/ingress: resolved
+  name: rke2-ingress-network-policy
+  namespace: {{ include "rke2-ingress-nginx.namespace" . }}
+spec:
+  ingress:
+    - ports:
+        - port: {{ .Values.rke2IngressNginx.metricsPort }}
+          protocol: TCP
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/name: rke2-ingress-nginx
+  policyTypes:
+    - Ingress
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/service.yaml
new file mode 100644
index 0000000000..53a9ad6897
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/service.yaml
@@ -0,0 +1,27 @@
+{{- if and (not .Values.ingressNginx.enabled) (.Values.rkeIngressNginx.enabled) }}
+{{- fail "Cannot set .Values.rkeIngressNginx.enabled=true when .Values.ingressNginx.enabled=false" }}
+{{- end }}
+{{- if and .Values.ingressNginx.enabled (not .Values.rkeIngressNginx.enabled) }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-ingress-nginx
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-ingress-nginx
+    jobLabel: ingress-nginx
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: {{ .Values.ingressNginx.namespace }}
+spec:
+  clusterIP: None
+  ports:
+    - name: http-metrics
+      port: {{ .Values.ingressNginx.service.port }}
+      protocol: TCP
+      targetPort: {{ .Values.ingressNginx.service.targetPort }}
+  selector:
+    {{- if .Values.ingressNginx.service.selector }}
+{{ toYaml .Values.ingressNginx.service.selector | indent 4 }}
+    {{- else }}
+    app: ingress-nginx
+    {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/servicemonitor.yaml
new file mode 100644
index 0000000000..b0f92e63b5
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/servicemonitor.yaml
@@ -0,0 +1,49 @@
+{{- if and (not .Values.ingressNginx.enabled) (.Values.rkeIngressNginx.enabled) }}
+{{- fail "Cannot set .Values.rkeIngressNginx.enabled=true when .Values.ingressNginx.enabled=false" }}
+{{- end }}
+{{- if and .Values.ingressNginx.enabled (not .Values.rkeIngressNginx.enabled) }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-ingress-nginx
+  namespace: {{ .Values.ingressNginx.namespace }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-ingress-nginx
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  jobLabel: jobLabel
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-ingress-nginx
+      release: {{ $.Release.Name | quote }}
+  namespaceSelector:
+    matchNames:
+      - {{ .Values.ingressNginx.namespace }}
+  endpoints:
+  - port: http-metrics
+    {{- if .Values.ingressNginx.serviceMonitor.interval}}
+    interval: {{ .Values.ingressNginx.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.ingressNginx.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.ingressNginx.serviceMonitor.proxyUrl}}
+    {{- end }}
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    metricRelabelings:
+    {{- if .Values.ingressNginx.serviceMonitor.metricRelabelings }}
+    {{ tpl (toYaml .Values.ingressNginx.serviceMonitor.metricRelabelings | indent 4) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.ingressNginx.serviceMonitor.relabelings }}
+    relabelings:
+{{ toYaml .Values.ingressNginx.serviceMonitor.relabelings | indent 4 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/rancher/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/rancher/servicemonitor.yaml
new file mode 100644
index 0000000000..1fba8f23f7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/exporters/rancher/servicemonitor.yaml
@@ -0,0 +1,58 @@
+{{- $selector := (include "rancher.serviceMonitor.selector" .) -}}
+{{- if and .Values.rancherMonitoring.enabled $selector }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+  name: rancher
+  namespace: cattle-system
+spec:
+  endpoints:
+  - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    port: http
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      insecureSkipVerify: true
+      serverName: rancher
+    metricRelabelings:
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+  jobLabel: rancher
+{{- if .Values.rancherMonitoring.namespaceSelector }}
+  namespaceSelector: {{ .Values.rancherMonitoring.namespaceSelector | toYaml | nindent 4 }}
+{{- end }}
+  selector: {{ include "rancher.serviceMonitor.selector" . | nindent 4 }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-rancher-metrics
+rules:
+- apiGroups:
+  - management.cattle.io
+  resources:
+  - ranchermetrics
+  verbs:
+  - get
+---
+apiVersion: rbac.authorization.k8s.io/v1   
+kind: ClusterRoleBinding                                                                                                                       
+metadata:                                                                                                                                      
+  name: {{ template "kube-prometheus-stack.fullname" . }}-rancher-metrics
+roleRef:                                         
+  apiGroup: rbac.authorization.k8s.io          
+  kind: ClusterRole                           
+  name: {{ template "kube-prometheus-stack.fullname" . }}-rancher-metrics
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+    namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/hardened.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/hardened.yaml
new file mode 100644
index 0000000000..f9a66151ee
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/hardened.yaml
@@ -0,0 +1,147 @@
+{{- $namespaces := dict "_0" .Release.Namespace -}}
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled (not .Values.grafana.defaultDashboards.useExistingNamespace) -}}
+{{- $_ := set $namespaces "_1" .Values.grafana.defaultDashboards.namespace -}}
+{{- end -}}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ .Chart.Name }}-patch-sa
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}-patch-sa
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade
+    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
+spec:
+  template:
+    metadata:
+      name: {{ .Chart.Name }}-patch-sa
+      labels:
+        app: {{ .Chart.Name }}-patch-sa
+    spec:
+      serviceAccountName: {{ .Chart.Name }}-patch-sa
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      restartPolicy: Never
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+      containers:
+      {{- range $_, $ns := $namespaces }}
+      - name: patch-sa-{{ $ns }}
+        image: {{ template "system_default_registry" $ }}{{ $.Values.global.kubectl.repository }}:{{ $.Values.global.kubectl.tag }}
+        imagePullPolicy: {{ $.Values.global.kubectl.pullPolicy }}
+        command: ["kubectl", "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"]
+        args: ["-n", "{{ $ns }}"]
+      {{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ .Chart.Name }}-patch-sa
+  labels:
+    app: {{ .Chart.Name }}-patch-sa
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - serviceaccounts
+  verbs: ['get', 'patch']
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ .Chart.Name }}-patch-sa
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ .Chart.Name }}-patch-sa
+  labels:
+    app: {{ .Chart.Name }}-patch-sa
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Chart.Name }}-patch-sa
+subjects:
+- kind: ServiceAccount
+  name: {{ .Chart.Name }}-patch-sa
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Chart.Name }}-patch-sa
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}-patch-sa
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ .Chart.Name }}-patch-sa
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}-patch-sa
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- range $_, $ns := $namespaces }}
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: default-allow-all
+  namespace: {{ $ns }}
+spec:
+  podSelector: {}
+  ingress:
+  - {}
+  egress:
+  - {}
+  policyTypes:
+  - Ingress
+  - Egress
+{{- end }}
+{{- end }}
+---
+{{- if .Values.hardened.k3s.networkPolicy.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: rancher-monitoring-coredns-allow-all
+  namespace: kube-system
+spec:
+  ingress:
+  - {}
+  egress:
+  - {}
+  policyTypes:
+  - Ingress
+  - Egress 
+  podSelector:
+    matchLabels:
+      k8s-app: kube-dns
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/upgrade/configmap.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/upgrade/configmap.yaml
new file mode 100644
index 0000000000..53cb898214
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/upgrade/configmap.yaml
@@ -0,0 +1,13 @@
+{{- if .Values.upgrade.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": pre-upgrade, pre-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+    "helm.sh/hook-weight": "0"
+data:
+{{ (.Files.Glob "files/upgrade/scripts/*").AsConfig | indent 2 }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/upgrade/job.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/upgrade/job.yaml
new file mode 100644
index 0000000000..8f2771740c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/upgrade/job.yaml
@@ -0,0 +1,46 @@
+{{- if .Values.upgrade.enabled }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  annotations:
+    "helm.sh/hook": pre-upgrade, pre-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+    "helm.sh/hook-weight": "2"
+spec:
+  template:
+    metadata:
+      name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+      labels:
+        app: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+    spec:
+      serviceAccountName: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+      securityContext:
+        runAsNonRoot: false
+        runAsUser: 0
+      restartPolicy: Never
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+      containers:
+        - name: run-scripts
+          image: {{ template "system_default_registry" . }}{{ .Values.upgrade.image.repository }}:{{ .Values.upgrade.image.tag }}
+          imagePullPolicy: {{ $.Values.global.kubectl.pullPolicy }}
+          command:
+          - /bin/sh
+          - -c
+          - >
+            for s in $(find /etc/scripts -type f); do 
+              echo "Running $s...";
+              cat $s | bash
+            done;
+          volumeMounts:
+            - name: upgrade
+              mountPath: /etc/scripts
+      volumes:
+      - name: upgrade
+        configMap:
+          name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/upgrade/rbac.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/upgrade/rbac.yaml
new file mode 100644
index 0000000000..e929a19925
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/rancher-monitoring/upgrade/rbac.yaml
@@ -0,0 +1,131 @@
+{{- if .Values.upgrade.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  annotations:
+    "helm.sh/hook": pre-upgrade, pre-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded
+    "helm.sh/hook-weight": "1"
+rules:
+- apiGroups:
+  - apps
+  resources:
+  - deployments
+  - daemonsets
+  - statefulsets
+  verbs:
+  - 'list'
+  - 'delete'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  annotations:
+    "helm.sh/hook": pre-upgrade, pre-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+    "helm.sh/hook-weight": "1"
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+subjects:
+- kind: ServiceAccount
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  labels:
+    app: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  annotations:
+    "helm.sh/hook": pre-upgrade, pre-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+    "helm.sh/hook-weight": "1"
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  labels:
+    app: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  annotations:
+    "helm.sh/hook": pre-upgrade, pre-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+    "helm.sh/hook-weight": "1"
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+subjects:
+- kind: ServiceAccount
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  annotations:
+    "helm.sh/hook": pre-upgrade, pre-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+    "helm.sh/hook-weight": "1"
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  annotations:
+    "helm.sh/hook": pre-upgrade, pre-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+    "helm.sh/hook-weight": "1"
+spec:
+  privileged: false
+  allowPrivilegeEscalation: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'configMap'
+    - 'secret'
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/extrasecret.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/extrasecret.yaml
new file mode 100644
index 0000000000..587fca2dca
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/extrasecret.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.thanosRuler.extraSecret.data -}}
+{{- $secretName := printf "%s-extra" (include "kube-prometheus-stack.thanosRuler.name" . ) -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ default $secretName .Values.thanosRuler.extraSecret.name }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- if .Values.thanosRuler.extraSecret.annotations }}
+  annotations:
+{{ toYaml .Values.thanosRuler.extraSecret.annotations | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+    app.kubernetes.io/component: thanos-ruler
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+{{- range $key, $val := .Values.thanosRuler.extraSecret.data }}
+  {{ $key }}: {{ $val | b64enc | quote }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/ingress.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/ingress.yaml
new file mode 100644
index 0000000000..e245ad448e
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/ingress.yaml
@@ -0,0 +1,77 @@
+{{- if and .Values.thanosRuler.enabled .Values.thanosRuler.ingress.enabled }}
+{{- $pathType := .Values.thanosRuler.ingress.pathType | default "ImplementationSpecific" }}
+{{- $serviceName := include "kube-prometheus-stack.thanosRuler.name" . }}
+{{- $servicePort := .Values.thanosRuler.service.port -}}
+{{- $routePrefix := list .Values.thanosRuler.thanosRulerSpec.routePrefix }}
+{{- $paths := .Values.thanosRuler.ingress.paths | default $routePrefix -}}
+{{- $apiIsStable := eq (include "kube-prometheus-stack.ingress.isStable" .) "true" -}}
+{{- $ingressSupportsPathType := eq (include "kube-prometheus-stack.ingress.supportsPathType" .) "true" -}}
+apiVersion: {{ include "kube-prometheus-stack.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+  name: {{ $serviceName }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- if .Values.thanosRuler.ingress.annotations }}
+  annotations:
+    {{- tpl (toYaml .Values.thanosRuler.ingress.annotations) . | nindent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+{{- if .Values.thanosRuler.ingress.labels }}
+{{ toYaml .Values.thanosRuler.ingress.labels | indent 4 }}
+{{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  {{- if $apiIsStable }}
+  {{- if .Values.thanosRuler.ingress.ingressClassName }}
+  ingressClassName: {{ .Values.thanosRuler.ingress.ingressClassName }}
+  {{- end }}
+  {{- end }}
+  rules:
+  {{- if .Values.thanosRuler.ingress.hosts }}
+  {{- range $host := .Values.thanosRuler.ingress.hosts }}
+    - host: {{ tpl $host $ }}
+      http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ tpl $p $ }}
+            {{- if and $pathType $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+    {{- end }}
+    {{- end -}}
+  {{- end -}}
+  {{- else }}
+    - http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ tpl $p $ }}
+            {{- if and $pathType $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+  {{- end }}
+  {{- end -}}
+  {{- end -}}
+  {{- if .Values.thanosRuler.ingress.tls }}
+  tls:
+{{ tpl (toYaml .Values.thanosRuler.ingress.tls | indent 4) . }}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/podDisruptionBudget.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/podDisruptionBudget.yaml
new file mode 100644
index 0000000000..83e54edf9b
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/podDisruptionBudget.yaml
@@ -0,0 +1,21 @@
+{{- if and .Values.thanosRuler.enabled .Values.thanosRuler.podDisruptionBudget.enabled }}
+apiVersion: {{ include "kube-prometheus-stack.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  {{- if .Values.thanosRuler.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.thanosRuler.podDisruptionBudget.minAvailable }}
+  {{- end }}
+  {{- if .Values.thanosRuler.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.thanosRuler.podDisruptionBudget.maxUnavailable }}
+  {{- end }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: thanos-ruler
+      thanos-ruler: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/ruler.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/ruler.yaml
new file mode 100644
index 0000000000..b281221563
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/ruler.yaml
@@ -0,0 +1,189 @@
+{{- if .Values.thanosRuler.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ThanosRuler
+metadata:
+  name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ include "kube-prometheus-stack.thanosRuler.name" . }}
+{{- include "kube-prometheus-stack.labels" . | indent 4 -}}
+{{- if .Values.thanosRuler.annotations }}
+  annotations:
+{{ toYaml .Values.thanosRuler.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.thanosRuler.thanosRulerSpec.image }}
+  {{- $registry := include "monitoring_registry" . | default .Values.thanosRuler.thanosRulerSpec.image.registry -}}
+  {{- if and .Values.thanosRuler.thanosRulerSpec.image.tag .Values.thanosRuler.thanosRulerSpec.image.sha }}
+  image: "{{ $registry }}/{{ .Values.thanosRuler.thanosRulerSpec.image.repository }}:{{ .Values.thanosRuler.thanosRulerSpec.image.tag }}@sha256:{{ .Values.thanosRuler.thanosRulerSpec.image.sha }}"
+  {{- else if .Values.thanosRuler.thanosRulerSpec.image.sha }}
+  image: "{{ $registry }}/{{ .Values.thanosRuler.thanosRulerSpec.image.repository }}@sha256:{{ .Values.thanosRuler.thanosRulerSpec.image.sha }}"
+  {{- else if .Values.thanosRuler.thanosRulerSpec.image.tag }}
+  image: "{{ $registry }}/{{ .Values.thanosRuler.thanosRulerSpec.image.repository }}:{{ .Values.thanosRuler.thanosRulerSpec.image.tag }}"
+  {{- else }}
+  image: "{{ $registry }}/{{ .Values.thanosRuler.thanosRulerSpec.image.repository }}"
+  {{- end }}
+  {{- if .Values.thanosRuler.thanosRulerSpec.image.sha }}
+  sha: {{ .Values.thanosRuler.thanosRulerSpec.image.sha }}
+  {{- end }}
+{{- end }}
+  replicas: {{ .Values.thanosRuler.thanosRulerSpec.replicas }}
+  listenLocal: {{ .Values.thanosRuler.thanosRulerSpec.listenLocal }}
+  serviceAccountName: {{ template "kube-prometheus-stack.thanosRuler.serviceAccountName" . }}
+{{- if .Values.thanosRuler.thanosRulerSpec.externalPrefix }}
+  externalPrefix: "{{ tpl .Values.thanosRuler.thanosRulerSpec.externalPrefix . }}"
+{{- else if and .Values.thanosRuler.ingress.enabled .Values.thanosRuler.ingress.hosts }}
+  externalPrefix: "http://{{ tpl (index .Values.thanosRuler.ingress.hosts 0) . }}{{ .Values.thanosRuler.thanosRulerSpec.routePrefix }}"
+{{- else }}
+  externalPrefix: http://{{ template "kube-prometheus-stack.thanosRuler.name" . }}.{{ template "kube-prometheus-stack.namespace" . }}:{{ .Values.thanosRuler.service.port }}
+{{- end }}
+  nodeSelector: {{ include "linux-node-selector" . | nindent 4 }}
+{{- if .Values.thanosRuler.thanosRulerSpec.additionalArgs }}
+  additionalArgs:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.additionalArgs | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.nodeSelector }}
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.nodeSelector | indent 4 }}
+{{- end }}
+  paused: {{ .Values.thanosRuler.thanosRulerSpec.paused }}
+  logFormat: {{ .Values.thanosRuler.thanosRulerSpec.logFormat | quote  }}
+  logLevel:  {{ .Values.thanosRuler.thanosRulerSpec.logLevel | quote  }}
+  retention: {{ .Values.thanosRuler.thanosRulerSpec.retention | quote  }}
+{{- if .Values.thanosRuler.thanosRulerSpec.evaluationInterval }}
+  evaluationInterval: {{ .Values.thanosRuler.thanosRulerSpec.evaluationInterval }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.ruleNamespaceSelector }}
+  ruleNamespaceSelector:
+{{ tpl (toYaml .Values.thanosRuler.thanosRulerSpec.ruleNamespaceSelector | indent 4) . }}
+{{ else }}
+  ruleNamespaceSelector: {}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.ruleSelector }}
+  ruleSelector:
+{{ tpl (toYaml .Values.thanosRuler.thanosRulerSpec.ruleSelector | indent 4) .}}
+{{- else if .Values.thanosRuler.thanosRulerSpec.ruleSelectorNilUsesHelmValues }}
+  ruleSelector:
+    matchLabels:
+      release: {{ $.Release.Name | quote }}
+{{ else }}
+  ruleSelector: {}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.alertQueryUrl }}
+  alertQueryUrl: "{{ .Values.thanosRuler.thanosRulerSpec.alertQueryUrl }}"
+{{- end}}
+{{- if .Values.thanosRuler.thanosRulerSpec.alertmanagersUrl }}
+  alertmanagersUrl:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.alertmanagersUrl | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.alertmanagersConfig.existingSecret }}
+  alertmanagersConfig:
+    key: "{{.Values.thanosRuler.thanosRulerSpec.alertmanagersConfig.existingSecret.key }}"
+    name: "{{.Values.thanosRuler.thanosRulerSpec.alertmanagersConfig.existingSecret.name }}"
+{{- else if .Values.thanosRuler.thanosRulerSpec.alertmanagersConfig.secret }}
+  alertmanagersConfig:
+    key: alertmanager-configs.yaml
+    name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.queryEndpoints }}
+  queryEndpoints:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.queryEndpoints | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.queryConfig.existingSecret }}
+  queryConfig:
+    key: "{{.Values.thanosRuler.thanosRulerSpec.queryConfig.existingSecret.key }}"
+    name: "{{.Values.thanosRuler.thanosRulerSpec.queryConfig.existingSecret.name }}"
+{{- else if .Values.thanosRuler.thanosRulerSpec.queryConfig.secret }}
+  queryConfig:
+    key: query-configs.yaml
+    name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.resources }}
+  resources:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.resources | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.routePrefix }}
+  routePrefix: "{{ .Values.thanosRuler.thanosRulerSpec.routePrefix }}"
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.securityContext }}
+  securityContext:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.securityContext | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.storage }}
+  storage:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.storage | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.objectStorageConfig.existingSecret }}
+  objectStorageConfig:
+    key: "{{.Values.thanosRuler.thanosRulerSpec.objectStorageConfig.existingSecret.key }}"
+    name: "{{.Values.thanosRuler.thanosRulerSpec.objectStorageConfig.existingSecret.name }}"
+{{- else if .Values.thanosRuler.thanosRulerSpec.objectStorageConfig.secret }}
+  objectStorageConfig:
+    key: object-storage-configs.yaml
+    name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.labels }}
+  labels:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.labels | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.podMetadata }}
+  podMetadata:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.podMetadata | indent 4 }}
+{{- end }}
+{{- if or .Values.thanosRuler.thanosRulerSpec.podAntiAffinity .Values.thanosRuler.thanosRulerSpec.affinity }}
+  affinity:
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.affinity }}
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.affinity | indent 4 }}
+{{- end }}
+{{- if eq .Values.thanosRuler.thanosRulerSpec.podAntiAffinity "hard" }}
+    podAntiAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+      - topologyKey: {{ .Values.thanosRuler.thanosRulerSpec.podAntiAffinityTopologyKey }}
+        labelSelector:
+          matchExpressions:
+            - {key: app.kubernetes.io/name, operator: In, values: [thanos-ruler]}
+            - {key: thanos-ruler, operator: In, values: [{{ template "kube-prometheus-stack.thanosRuler.name" . }}]}
+{{- else if eq .Values.thanosRuler.thanosRulerSpec.podAntiAffinity "soft" }}
+    podAntiAffinity:
+      preferredDuringSchedulingIgnoredDuringExecution:
+      - weight: 100
+        podAffinityTerm:
+          topologyKey: {{ .Values.thanosRuler.thanosRulerSpec.podAntiAffinityTopologyKey }}
+          labelSelector:
+            matchExpressions:
+              - {key: app.kubernetes.io/name, operator: In, values: [thanos-ruler]}
+              - {key: thanos-ruler, operator: In, values: [{{ template "kube-prometheus-stack.thanosRuler.name" . }}]}
+{{- end }}
+  tolerations: {{ include "linux-node-tolerations" . | nindent 4 }}
+{{- if .Values.thanosRuler.thanosRulerSpec.tolerations }}
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.tolerations | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.topologySpreadConstraints }}
+  topologySpreadConstraints:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.topologySpreadConstraints | indent 4 }}
+{{- end }}
+{{- if .Values.global.imagePullSecrets }}
+  imagePullSecrets:
+{{ toYaml .Values.global.imagePullSecrets | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.containers }}
+  containers:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.containers | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.initContainers }}
+  initContainers:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.initContainers | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.priorityClassName }}
+  priorityClassName: {{.Values.thanosRuler.thanosRulerSpec.priorityClassName }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.volumes }}
+  volumes:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.volumes | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.volumeMounts }}
+  volumeMounts:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.volumeMounts | indent 4 }}
+{{- end }}
+  portName: {{ .Values.thanosRuler.thanosRulerSpec.portName }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/secret.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/secret.yaml
new file mode 100644
index 0000000000..acab7fd9ae
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/secret.yaml
@@ -0,0 +1,26 @@
+{{- if .Values.thanosRuler.enabled }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ include "kube-prometheus-stack.thanosRuler.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+  {{- with .Values.thanosRuler.thanosRulerSpec.alertmanagersConfig }}
+  {{- if and .secret (not .existingSecret) }}
+  alertmanager-configs.yaml: {{ toYaml .secret | b64enc | quote }}
+  {{- end }}
+  {{- end }}
+  {{- with .Values.thanosRuler.thanosRulerSpec.objectStorageConfig }}
+  {{- if and .secret (not .existingSecret) }}
+  object-storage-configs.yaml: {{ toYaml .secret | b64enc | quote }}
+  {{- end }}
+  {{- end }}
+  {{- with .Values.thanosRuler.thanosRulerSpec.queryConfig }}
+  {{- if and .secret (not .existingSecret) }}
+  query-configs.yaml: {{ toYaml .secret | b64enc | quote }}
+  {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/service.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/service.yaml
new file mode 100644
index 0000000000..be0c844591
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/service.yaml
@@ -0,0 +1,53 @@
+{{- if .Values.thanosRuler.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+    self-monitor: {{ .Values.thanosRuler.serviceMonitor.selfMonitor | quote }}
+{{- include "kube-prometheus-stack.labels" . | indent 4 -}}
+{{- if .Values.thanosRuler.service.labels }}
+{{ toYaml .Values.thanosRuler.service.labels | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.service.annotations }}
+  annotations:
+{{ toYaml .Values.thanosRuler.service.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.thanosRuler.service.clusterIP }}
+  clusterIP: {{ .Values.thanosRuler.service.clusterIP }}
+{{- end }}
+{{- if .Values.thanosRuler.service.externalIPs }}
+  externalIPs:
+{{ toYaml .Values.thanosRuler.service.externalIPs | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.service.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.thanosRuler.service.loadBalancerIP }}
+{{- end }}
+{{- if .Values.thanosRuler.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range $cidr := .Values.thanosRuler.service.loadBalancerSourceRanges }}
+    - {{ $cidr }}
+  {{- end }}
+{{- end }}
+{{- if ne .Values.thanosRuler.service.type "ClusterIP" }}
+  externalTrafficPolicy: {{ .Values.thanosRuler.service.externalTrafficPolicy }}
+{{- end }}
+  ports:
+  - name: {{ .Values.thanosRuler.thanosRulerSpec.portName }}
+  {{- if eq .Values.thanosRuler.service.type "NodePort" }}
+    nodePort: {{ .Values.thanosRuler.service.nodePort }}
+  {{- end }}
+    port: {{ .Values.thanosRuler.service.port }}
+    targetPort: {{ .Values.thanosRuler.service.targetPort }}
+    protocol: TCP
+{{- if .Values.thanosRuler.service.additionalPorts }}
+{{ toYaml .Values.thanosRuler.service.additionalPorts | indent 2 }}
+{{- end }}
+  selector:
+    app.kubernetes.io/name: thanos-ruler
+    thanos-ruler: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+  type: "{{ .Values.thanosRuler.service.type }}"
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/serviceaccount.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/serviceaccount.yaml
new file mode 100644
index 0000000000..b58f1cd4df
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/serviceaccount.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.thanosRuler.enabled .Values.thanosRuler.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "kube-prometheus-stack.thanosRuler.serviceAccountName" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+    app.kubernetes.io/name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+    app.kubernetes.io/component: thanos-ruler
+{{- include "kube-prometheus-stack.labels" . | indent 4 -}}
+{{- if .Values.thanosRuler.serviceAccount.annotations }}
+  annotations:
+{{ toYaml .Values.thanosRuler.serviceAccount.annotations | indent 4 }}
+{{- end }}
+{{- if .Values.global.imagePullSecrets }}
+imagePullSecrets:
+{{ toYaml .Values.global.imagePullSecrets | indent 2 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/servicemonitor.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/servicemonitor.yaml
new file mode 100644
index 0000000000..b2b138b498
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/thanos-ruler/servicemonitor.yaml
@@ -0,0 +1,82 @@
+{{- if and .Values.thanosRuler.enabled .Values.thanosRuler.serviceMonitor.selfMonitor }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- with .Values.thanosRuler.serviceMonitor.additionalLabels }}
+{{- toYaml . | nindent 4 }}
+{{- end }}
+spec:
+  {{- include "servicemonitor.scrapeLimits" .Values.thanosRuler.serviceMonitor | nindent 2 }}
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+      release: {{ $.Release.Name | quote }}
+      self-monitor: {{ .Values.thanosRuler.serviceMonitor.selfMonitor | quote }}
+  namespaceSelector:
+    matchNames:
+      - {{ printf "%s" (include "kube-prometheus-stack.namespace" .) | quote }}
+  endpoints:
+  - port: {{ .Values.thanosRuler.thanosRulerSpec.portName }}
+    {{- if .Values.thanosRuler.serviceMonitor.interval }}
+    interval: {{ .Values.thanosRuler.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.thanosRuler.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.thanosRuler.serviceMonitor.proxyUrl}}
+    {{- end }}
+    {{- if .Values.thanosRuler.serviceMonitor.scheme }}
+    scheme: {{ .Values.thanosRuler.serviceMonitor.scheme }}
+    {{- end }}
+    {{- if .Values.thanosRuler.serviceMonitor.bearerTokenFile }}
+    bearerTokenFile: {{ .Values.thanosRuler.serviceMonitor.bearerTokenFile }}
+    {{- end }}
+    {{- if .Values.thanosRuler.serviceMonitor.tlsConfig }}
+    tlsConfig: {{- toYaml .Values.thanosRuler.serviceMonitor.tlsConfig | nindent 6 }}
+    {{- end }}
+    path: "{{ trimSuffix "/" .Values.thanosRuler.thanosRulerSpec.routePrefix }}/metrics"
+    {{- if .Values.thanosRuler.serviceMonitor.metricRelabelings }}
+    metricRelabelings: {{- tpl (toYaml .Values.thanosRuler.serviceMonitor.metricRelabelings | nindent 6) . }}
+    {{- end }}
+        {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+    {{- if .Values.thanosRuler.serviceMonitor.relabelings }}
+    relabelings: {{- toYaml .Values.thanosRuler.serviceMonitor.relabelings | nindent 6 }}
+    {{- end }}
+  {{- range .Values.thanosRuler.serviceMonitor.additionalEndpoints }}
+  - port: {{ .port }}
+    {{- if or $.Values.thanosRuler.serviceMonitor.interval .interval }}
+    interval: {{ default $.Values.thanosRuler.serviceMonitor.interval .interval }}
+    {{- end }}
+    {{- if or $.Values.thanosRuler.serviceMonitor.proxyUrl .proxyUrl }}
+    proxyUrl: {{ default $.Values.thanosRuler.serviceMonitor.proxyUrl .proxyUrl }}
+    {{- end }}
+    {{- if or $.Values.thanosRuler.serviceMonitor.scheme .scheme }}
+    scheme: {{ default $.Values.thanosRuler.serviceMonitor.scheme .scheme }}
+    {{- end }}
+    {{- if or $.Values.thanosRuler.serviceMonitor.bearerTokenFile .bearerTokenFile }}
+    bearerTokenFile: {{ default $.Values.thanosRuler.serviceMonitor.bearerTokenFile .bearerTokenFile }}
+    {{- end }}
+    {{- if or $.Values.thanosRuler.serviceMonitor.tlsConfig .tlsConfig }}
+    tlsConfig: {{- default $.Values.thanosRuler.serviceMonitor.tlsConfig .tlsConfig | toYaml | nindent 6 }}
+    {{- end }}
+    path: {{ .path }}
+    {{- if or $.Values.thanosRuler.serviceMonitor.metricRelabelings .metricRelabelings }}
+    metricRelabelings: {{- tpl (default $.Values.thanosRuler.serviceMonitor.metricRelabelings .metricRelabelings | toYaml | nindent 6) . }}
+    {{- end }}
+    {{- if or $.Values.thanosRuler.serviceMonitor.relabelings .relabelings }}
+    relabelings: {{- default $.Values.thanosRuler.serviceMonitor.relabelings .relabelings | toYaml | nindent 6 }}
+    {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/validate-install-crd.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..6fcb8b3a69
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/validate-install-crd.yaml
@@ -0,0 +1,23 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1alpha1/AlertmanagerConfig" false -}}
+# {{- set $found "monitoring.coreos.com/v1/Alertmanager" false -}}
+# {{- set $found "monitoring.coreos.com/v1/PodMonitor" false -}}
+# {{- set $found "monitoring.coreos.com/v1/Probe" false -}}
+# {{- set $found "monitoring.coreos.com/v1alpha1/PrometheusAgent" false -}}
+# {{- set $found "monitoring.coreos.com/v1/Prometheus" false -}}
+# {{- set $found "monitoring.coreos.com/v1/PrometheusRule" false -}}
+# {{- set $found "monitoring.coreos.com/v1alpha1/ScrapeConfig" false -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- set $found "monitoring.coreos.com/v1/ThanosRuler" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/templates/validate-psp-install.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/104.1.4+up57.0.3/values.yaml b/charts/rancher-monitoring/104.1.4+up57.0.3/values.yaml
new file mode 100644
index 0000000000..97019d626c
--- /dev/null
+++ b/charts/rancher-monitoring/104.1.4+up57.0.3/values.yaml
@@ -0,0 +1,5433 @@
+# Default values for kube-prometheus-stack.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Rancher Monitoring Configuration
+
+## Configuration for prometheus-adapter
+## ref: https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-adapter
+##
+prometheus-adapter:
+  enabled: true
+  prometheus:
+    # Change this if you change the namespaceOverride or nameOverride of prometheus-operator
+    url: http://rancher-monitoring-prometheus.cattle-monitoring-system.svc
+    port: 9090
+
+## RKE PushProx Monitoring
+## ref: https://github.com/rancher/charts/tree/dev-v2.9/packages/rancher-monitoring/rancher-pushprox
+##
+rkeControllerManager:
+  enabled: false
+  metricsPort: 10257 # default to secure port as of k8s >= 1.22
+  component: kube-controller-manager
+  clients:
+    https:
+      enabled: true
+      insecureSkipVerify: true
+      useServiceAccountCredentials: true
+    port: 10011
+    useLocalhost: true
+    nodeSelector:
+      node-role.kubernetes.io/controlplane: "true"
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+  kubeVersionOverrides:
+  - constraint: "< 1.22"
+    values:
+      metricsPort: 10252 # default to insecure port in k8s < 1.22
+      clients:
+        https:
+          enabled: false
+          insecureSkipVerify: false
+          useServiceAccountCredentials: false
+
+rkeScheduler:
+  enabled: false
+  metricsPort: 10259
+  component: kube-scheduler
+  clients:
+    https:
+      enabled: true
+      insecureSkipVerify: true
+      useServiceAccountCredentials: true
+    port: 10012
+    useLocalhost: true
+    nodeSelector:
+      node-role.kubernetes.io/controlplane: "true"
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+  kubeVersionOverrides:
+  - constraint: "< 1.23"
+    values:
+      metricsPort: 10251 # default to insecure port in k8s < 1.23
+      clients:
+        https:
+          enabled: false
+          insecureSkipVerify: false
+          useServiceAccountCredentials: false
+
+rkeProxy:
+  enabled: false
+  metricsPort: 10249
+  component: kube-proxy
+  clients:
+    port: 10013
+    useLocalhost: true
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+
+rkeEtcd:
+  enabled: false
+  metricsPort: 2379
+  component: kube-etcd
+  clients:
+    port: 10014
+    https:
+      enabled: true
+      certDir: /etc/kubernetes/ssl
+      certFile: kube-etcd-*.pem
+      keyFile: kube-etcd-*-key.pem
+      caCertFile: kube-ca.pem
+      seLinuxOptions:
+        # Gives rkeEtcd permissions to read files in /etc/kubernetes/*
+        # Type is defined in https://github.com/rancher/rancher-selinux
+        type: rke_kubereader_t
+    nodeSelector:
+      node-role.kubernetes.io/etcd: "true"
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+
+rkeIngressNginx:
+  enabled: false
+  metricsPort: 10254
+  component: ingress-nginx
+  clients:
+    port: 10015
+    useLocalhost: true
+    tolerations:
+      - effect: "NoExecute"
+        operator: "Exists"
+      - effect: "NoSchedule"
+        operator: "Exists"
+    nodeSelector:
+      node-role.kubernetes.io/worker: "true"
+
+## k3s PushProx Monitoring
+## ref: https://github.com/rancher/charts/tree/dev-v2.9/packages/rancher-monitoring/rancher-pushprox
+##
+k3sServer:
+  enabled: false
+  metricsPort: 10250
+  component: k3s-server
+  clients:
+    port: 10013
+    useLocalhost: true
+    https:
+      enabled: true
+      useServiceAccountCredentials: true
+      insecureSkipVerify: true
+    rbac:
+      additionalRules:
+      - nonResourceURLs: ["/metrics/cadvisor"]
+        verbs: ["get"]
+      - apiGroups: [""]
+        resources: ["nodes/metrics"]
+        verbs: ["get"]
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+  serviceMonitor:
+    endpoints:
+    - port: metrics
+      honorLabels: true
+      relabelings:
+      - sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+    - port: metrics
+      path: /metrics/cadvisor
+      honorLabels: true
+      relabelings:
+      - sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+    - port: metrics
+      path: /metrics/probes
+      honorLabels: true
+      relabelings:
+      - sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+
+hardened:
+  k3s:  
+    networkPolicy:
+      enabled: true
+
+## KubeADM PushProx Monitoring
+## ref: https://github.com/rancher/charts/tree/dev-v2.9/packages/rancher-monitoring/rancher-pushprox
+##
+kubeAdmControllerManager:
+  enabled: false
+  metricsPort: 10257
+  component: kube-controller-manager
+  clients:
+    port: 10011
+    useLocalhost: true
+    https:
+      enabled: true
+      useServiceAccountCredentials: true
+      insecureSkipVerify: true
+    nodeSelector:
+      node-role.kubernetes.io/master: ""
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+
+kubeAdmScheduler:
+  enabled: false
+  metricsPort: 10259
+  component: kube-scheduler
+  clients:
+    port: 10012
+    useLocalhost: true
+    https:
+      enabled: true
+      useServiceAccountCredentials: true
+      insecureSkipVerify: true
+    nodeSelector:
+      node-role.kubernetes.io/master: ""
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+
+kubeAdmProxy:
+  enabled: false
+  metricsPort: 10249
+  component: kube-proxy
+  clients:
+    port: 10013
+    useLocalhost: true
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+
+kubeAdmEtcd:
+  enabled: false
+  metricsPort: 2381
+  component: kube-etcd
+  clients:
+    port: 10014
+    useLocalhost: true
+    nodeSelector:
+      node-role.kubernetes.io/master: ""
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+
+## rke2 PushProx Monitoring
+## ref: https://github.com/rancher/charts/tree/dev-v2.9/packages/rancher-monitoring/rancher-pushprox
+##
+rke2ControllerManager:
+  enabled: false
+  metricsPort: 10257 # default to secure port as of k8s >= 1.22
+  component: kube-controller-manager
+  clients:
+    https:
+      enabled: true
+      insecureSkipVerify: true
+      useServiceAccountCredentials: true
+    port: 10011
+    useLocalhost: true
+    nodeSelector:
+      node-role.kubernetes.io/master: "true"
+    tolerations:
+      - effect: "NoExecute"
+        operator: "Exists"
+      - effect: "NoSchedule"
+        operator: "Exists"
+  kubeVersionOverrides:
+  - constraint: "< 1.22"
+    values:
+      metricsPort: 10252 # default to insecure port in k8s < 1.22
+      clients:
+        https:
+          enabled: false
+          insecureSkipVerify: false
+          useServiceAccountCredentials: false
+
+rke2Scheduler:
+  enabled: false
+  metricsPort: 10259 # default to secure port as of k8s >= 1.22
+  component: kube-scheduler
+  clients:
+    https:
+      enabled: true
+      insecureSkipVerify: true
+      useServiceAccountCredentials: true
+    port: 10012
+    useLocalhost: true
+    nodeSelector:
+      node-role.kubernetes.io/master: "true"
+    tolerations:
+      - effect: "NoExecute"
+        operator: "Exists"
+      - effect: "NoSchedule"
+        operator: "Exists"
+  kubeVersionOverrides:
+  - constraint: "< 1.22"
+    values:
+      metricsPort: 10251 # default to insecure port in k8s < 1.22
+      clients:
+        https:
+          enabled: false
+          insecureSkipVerify: false
+          useServiceAccountCredentials: false
+
+rke2Proxy:
+  enabled: false
+  metricsPort: 10249
+  component: kube-proxy
+  clients:
+    port: 10013
+    useLocalhost: true
+    tolerations:
+      - effect: "NoExecute"
+        operator: "Exists"
+      - effect: "NoSchedule"
+        operator: "Exists"
+
+rke2Etcd:
+  enabled: false
+  metricsPort: 2381
+  component: kube-etcd
+  clients:
+    port: 10014
+    useLocalhost: true
+    nodeSelector:
+      node-role.kubernetes.io/etcd: "true"
+    tolerations:
+      - effect: "NoExecute"
+        operator: "Exists"
+      - effect: "NoSchedule"
+        operator: "Exists"
+
+rke2IngressNginx:
+  enabled: false
+  networkPolicy:
+    enabled: false
+  metricsPort: 10254
+  component: ingress-nginx
+  # in the RKE2 cluster, the ingress-nginx-controller is deployed
+  # as a non-hostNetwork workload starting at the following versions
+  # - >= v1.22.12+rke2r1 < 1.23.0-0
+  # - >= v1.23.9+rke2r1 < 1.24.0-0
+  # - >= v1.24.3+rke2r1 < 1.25.0-0
+  # - >= v1.25.0+rke2r1
+  # As a result we do not need clients and proxies as we can directly create
+  # a service that targets the workload with the given app name
+  namespaceOverride: kube-system
+  clients:
+    enabled: false
+  proxy:
+    enabled: false
+  service:
+    selector:
+      app.kubernetes.io/name: rke2-ingress-nginx
+  kubeVersionOverrides:
+  - constraint: "< 1.21.0-0"
+    values:
+      namespaceOverride: ""
+      clients:
+        enabled: true
+        port: 10015
+        useLocalhost: true
+        tolerations:
+          - effect: "NoExecute"
+            operator: "Exists"
+          - effect: "NoSchedule"
+            operator: "Exists"
+        affinity:
+          podAffinity:
+            requiredDuringSchedulingIgnoredDuringExecution:
+              - labelSelector:
+                  matchExpressions:
+                    - key: "app.kubernetes.io/component"
+                      operator: "In"
+                      values:
+                        - "controller"
+                topologyKey: "kubernetes.io/hostname"
+                namespaces:
+                  - "kube-system"
+        # in the RKE2 cluster, the ingress-nginx-controller is deployed as
+        # a DaemonSet with 1 pod when RKE2 version is < 1.21.0-0
+        deployment:
+          enabled: false
+      proxy:
+        enabled: true
+      service:
+        selector: false
+  - constraint: ">= 1.21.0-0 < 1.22.12-0"
+    values:
+      namespaceOverride: ""
+      clients:
+        enabled: true
+        port: 10015
+        useLocalhost: true
+        tolerations:
+          - effect: "NoExecute"
+            operator: "Exists"
+          - effect: "NoSchedule"
+            operator: "Exists"
+        affinity:
+          podAffinity:
+            requiredDuringSchedulingIgnoredDuringExecution:
+              - labelSelector:
+                  matchExpressions:
+                    - key: "app.kubernetes.io/component"
+                      operator: "In"
+                      values:
+                        - "controller"
+                topologyKey: "kubernetes.io/hostname"
+                namespaces:
+                  - "kube-system"
+        # in the RKE2 cluster, the ingress-nginx-controller is deployed as
+        # a hostNetwork Deployment with 1 pod when RKE2 version is >= 1.21.0-0
+        deployment:
+          enabled: true
+          replicas: 1
+      proxy:
+        enabled: true
+      service:
+        selector: false
+  - constraint: ">= 1.23.0-0 < v1.23.9-0"
+    values:
+      namespaceOverride: ""
+      clients:
+        enabled: true
+        port: 10015
+        useLocalhost: true
+        tolerations:
+          - effect: "NoExecute"
+            operator: "Exists"
+          - effect: "NoSchedule"
+            operator: "Exists"
+        affinity:
+          podAffinity:
+            requiredDuringSchedulingIgnoredDuringExecution:
+              - labelSelector:
+                  matchExpressions:
+                    - key: "app.kubernetes.io/component"
+                      operator: "In"
+                      values:
+                        - "controller"
+                topologyKey: "kubernetes.io/hostname"
+                namespaces:
+                  - "kube-system"
+        # in the RKE2 cluster, the ingress-nginx-controller is deployed as
+        # a hostNetwork Deployment with 1 pod when RKE2 version is >= 1.20.0-0
+        deployment:
+          enabled: true
+          replicas: 1
+      proxy:
+        enabled: true
+      service:
+        selector: false
+  - constraint: ">= 1.24.0-0 < v1.24.3-0"
+    values:
+      namespaceOverride: ""
+      clients:
+        enabled: true
+        port: 10015
+        useLocalhost: true
+        tolerations:
+          - effect: "NoExecute"
+            operator: "Exists"
+          - effect: "NoSchedule"
+            operator: "Exists"
+        affinity:
+          podAffinity:
+            requiredDuringSchedulingIgnoredDuringExecution:
+              - labelSelector:
+                  matchExpressions:
+                    - key: "app.kubernetes.io/component"
+                      operator: "In"
+                      values:
+                        - "controller"
+                topologyKey: "kubernetes.io/hostname"
+                namespaces:
+                  - "kube-system"
+        # in the RKE2 cluster, the ingress-nginx-controller is deployed as
+        # a hostNetwork Deployment with 1 pod when RKE2 version is >= 1.20.0-0
+        deployment:
+          enabled: true
+          replicas: 1
+      proxy:
+        enabled: true
+      service:
+        selector: false
+
+
+
+## Additional PushProx Monitoring
+## ref: https://github.com/rancher/charts/tree/dev-v2.9/packages/rancher-monitoring/rancher-pushprox
+##
+
+# hardenedKubelet can only be deployed if kubelet.enabled=true
+# If enabled, it replaces the ServiceMonitor deployed by the default kubelet option with a 
+# PushProx-based exporter that does not require a host port to be open to scrape metrics.
+hardenedKubelet:
+  enabled: false
+  metricsPort: 10250
+  component: kubelet
+  clients:
+    port: 10015
+    useLocalhost: true
+    https:
+      enabled: true
+      useServiceAccountCredentials: true
+      insecureSkipVerify: true
+    rbac:
+      additionalRules:
+      - nonResourceURLs: ["/metrics/cadvisor"]
+        verbs: ["get"]
+      - apiGroups: [""]
+        resources: ["nodes/metrics"]
+        verbs: ["get"]
+    tolerations:
+      - effect: "NoExecute"
+        operator: "Exists"
+      - effect: "NoSchedule"
+        operator: "Exists"
+  serviceMonitor:
+    endpoints:
+    - port: metrics
+      honorLabels: true
+      relabelings:
+      - sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+    - port: metrics
+      path: /metrics/cadvisor
+      honorLabels: true
+      relabelings:
+      - sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+    - port: metrics
+      path: /metrics/probes
+      honorLabels: true
+      relabelings:
+      - sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+
+# hardenedNodeExporter can only be deployed if nodeExporter.enabled=true
+# If enabled, it replaces the ServiceMonitor deployed by the default nodeExporter with a 
+# PushProx-based exporter that does not require a host port to be open to scrape metrics.
+hardenedNodeExporter:
+  enabled: false
+  metricsPort: 9796
+  component: node-exporter
+  clients:
+    port: 10016
+    useLocalhost: true
+    tolerations:
+      - effect: "NoExecute"
+        operator: "Exists"
+      - effect: "NoSchedule"
+        operator: "Exists"
+
+## Upgrades
+upgrade:
+  ## Run upgrade scripts before an upgrade or rollback via a Job hook
+  enabled: true
+  ## Image to use to run the scripts
+  image:
+    repository: rancher/shell
+    tag: v0.2.1
+
+## Rancher Monitoring
+##
+
+rancherMonitoring:
+  enabled: true
+
+  ## A namespaceSelector to identify the namespace to find the Rancher deployment
+  ##
+  namespaceSelector:
+    matchNames:
+    - cattle-system
+
+  ## A selector to identify the Rancher deployment
+  ## If not set, the chart will try to search for the Rancher deployment in the cattle-system namespace and infer the selector values from it
+  ## If the Rancher deployment does not exist, no resources will be deployed.
+  ##
+  selector: {}
+
+## Component scraping nginx-ingress-controller
+##
+ingressNginx:
+  enabled: false
+
+  ## The namespace to search for your nginx-ingress-controller
+  ##
+  namespace: ingress-nginx
+  
+  service:
+    port: 9913
+    targetPort: 10254
+    # selector:
+    #   app: ingress-nginx
+  serviceMonitor:
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: "30s"
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## 	metric relabel configs to apply to samples before ingestion.
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    # 	relabel configs to apply to samples before ingestion.
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+# Prometheus Operator Configuration
+
+## Provide a name in place of kube-prometheus-stack for `app:` labels
+## NOTE: If you change this value, you must update the prometheus-adapter.prometheus.url
+##
+nameOverride: "rancher-monitoring"
+
+## Override the deployment namespace
+## NOTE: If you change this value, you must update the prometheus-adapter.prometheus.url
+##
+namespaceOverride: "cattle-monitoring-system"
+
+## Provide a k8s version to auto dashboard import script example: kubeTargetVersionOverride: 1.26.6
+##
+kubeTargetVersionOverride: ""
+
+## Allow kubeVersion to be overridden while creating the ingress
+##
+kubeVersionOverride: ""
+
+## Provide a name to substitute for the full names of resources
+##
+fullnameOverride: ""
+
+## Labels to apply to all resources
+##
+commonLabels: {}
+# scmhash: abc123
+# myLabel: aakkmd
+
+## Install Prometheus Operator CRDs
+##
+crds:
+  enabled: true
+
+## custom Rules to override "for" and "severity" in defaultRules
+##
+customRules: {}
+  # AlertmanagerFailedReload:
+  #   for: 3m
+  # AlertmanagerMembersInconsistent:
+  #   for: 5m
+  #   severity: "warning"
+
+## Create default rules for monitoring the cluster
+##
+defaultRules:
+  create: true
+  rules:
+    alertmanager: true
+    etcd: true
+    configReloaders: true
+    general: true
+    k8sContainerCpuUsageSecondsTotal: true
+    k8sContainerMemoryCache: true
+    k8sContainerMemoryRss: true
+    k8sContainerMemorySwap: true
+    k8sContainerResource: true
+    k8sContainerMemoryWorkingSetBytes: true
+    k8sPodOwner: true
+    kubeApiserverAvailability: true
+    kubeApiserverBurnrate: true
+    kubeApiserverHistogram: true
+    kubeApiserverSlos: true
+    kubeControllerManager: true
+    kubelet: true
+    kubeProxy: true
+    kubePrometheusGeneral: true
+    kubePrometheusNodeRecording: true
+    kubernetesApps: true
+    kubernetesResources: true
+    kubernetesStorage: true
+    kubernetesSystem: true
+    kubeSchedulerAlerting: true
+    kubeSchedulerRecording: true
+    kubeStateMetrics: true
+    network: true
+    node: true
+    nodeExporterAlerting: true
+    nodeExporterRecording: true
+    prometheus: true
+    prometheusOperator: true
+    windows: true
+
+  ## Reduce app namespace alert scope
+  appNamespacesTarget: ".*"
+
+  ## Set keep_firing_for for all alerts
+  keepFiringFor: ""
+
+  ## Labels for default rules
+  labels: {}
+  ## Annotations for default rules
+  annotations: {}
+
+  ## Additional labels for PrometheusRule alerts
+  additionalRuleLabels: {}
+
+  ## Additional annotations for PrometheusRule alerts
+  additionalRuleAnnotations: {}
+
+  ## Additional labels for specific PrometheusRule alert groups
+  additionalRuleGroupLabels:
+    alertmanager: {}
+    etcd: {}
+    configReloaders: {}
+    general: {}
+    k8sContainerCpuUsageSecondsTotal: {}
+    k8sContainerMemoryCache: {}
+    k8sContainerMemoryRss: {}
+    k8sContainerMemorySwap: {}
+    k8sContainerResource: {}
+    k8sPodOwner: {}
+    kubeApiserverAvailability: {}
+    kubeApiserverBurnrate: {}
+    kubeApiserverHistogram: {}
+    kubeApiserverSlos: {}
+    kubeControllerManager: {}
+    kubelet: {}
+    kubeProxy: {}
+    kubePrometheusGeneral: {}
+    kubePrometheusNodeRecording: {}
+    kubernetesApps: {}
+    kubernetesResources: {}
+    kubernetesStorage: {}
+    kubernetesSystem: {}
+    kubeSchedulerAlerting: {}
+    kubeSchedulerRecording: {}
+    kubeStateMetrics: {}
+    network: {}
+    node: {}
+    nodeExporterAlerting: {}
+    nodeExporterRecording: {}
+    prometheus: {}
+    prometheusOperator: {}
+
+  ## Additional annotations for specific PrometheusRule alerts groups
+  additionalRuleGroupAnnotations:
+    alertmanager: {}
+    etcd: {}
+    configReloaders: {}
+    general: {}
+    k8sContainerCpuUsageSecondsTotal: {}
+    k8sContainerMemoryCache: {}
+    k8sContainerMemoryRss: {}
+    k8sContainerMemorySwap: {}
+    k8sContainerResource: {}
+    k8sPodOwner: {}
+    kubeApiserverAvailability: {}
+    kubeApiserverBurnrate: {}
+    kubeApiserverHistogram: {}
+    kubeApiserverSlos: {}
+    kubeControllerManager: {}
+    kubelet: {}
+    kubeProxy: {}
+    kubePrometheusGeneral: {}
+    kubePrometheusNodeRecording: {}
+    kubernetesApps: {}
+    kubernetesResources: {}
+    kubernetesStorage: {}
+    kubernetesSystem: {}
+    kubeSchedulerAlerting: {}
+    kubeSchedulerRecording: {}
+    kubeStateMetrics: {}
+    network: {}
+    node: {}
+    nodeExporterAlerting: {}
+    nodeExporterRecording: {}
+    prometheus: {}
+    prometheusOperator: {}
+
+  additionalAggregationLabels: []
+
+  ## Prefix for runbook URLs. Use this to override the first part of the runbookURLs that is common to all rules.
+  runbookUrl: "https://runbooks.prometheus-operator.dev/runbooks"
+
+  ## Disabled PrometheusRule alerts
+  disabled: {}
+  # KubeAPIDown: true
+  # NodeRAIDDegraded: true
+
+## Deprecated way to provide custom recording or alerting rules to be deployed into the cluster.
+##
+# additionalPrometheusRules: []
+#  - name: my-rule-file
+#    groups:
+#      - name: my_group
+#        rules:
+#        - record: my_record
+#          expr: 100 * my_record
+
+## Provide custom recording or alerting rules to be deployed into the cluster.
+##
+additionalPrometheusRulesMap: {}
+#  rule-name:
+#    groups:
+#    - name: my_group
+#      rules:
+#      - record: my_record
+#        expr: 100 * my_record
+
+##
+global:
+  cattle:
+    psp:
+      enabled: false
+
+    systemDefaultRegistry: ""
+    ## Windows Monitoring
+    ## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-windows-exporter
+    ##
+    ## Deploys a DaemonSet of Prometheus exporters based on https://github.com/prometheus-community/windows_exporter.
+    ## Every Windows host must have a wins version of 0.1.0+ to use this chart (default as of Rancher 2.5.8).
+    ## To upgrade wins versions on Windows hosts, see https://github.com/rancher/wins/tree/master/charts/rancher-wins-upgrader.
+    ##
+    windows:
+      enabled: false
+  seLinux:
+    enabled: false
+  kubectl:
+     repository: rancher/kubectl
+     tag: v1.20.2
+     pullPolicy: IfNotPresent
+  rbac:
+    ## Create RBAC resources for ServiceAccounts and users
+    ##
+    create: true
+
+    userRoles:
+      ## Create default user ClusterRoles to allow users to interact with Prometheus CRs, ConfigMaps, and Secrets
+      create: true
+      ## Aggregate default user ClusterRoles into default k8s ClusterRoles
+      aggregateToDefaultRoles: true
+
+    pspAnnotations: {}
+      ## Specify pod annotations
+      ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#apparmor
+      ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#seccomp
+      ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#sysctl
+      ##
+      # seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*'
+      # seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default'
+      # apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
+
+  ## Global image registry to use if it needs to be overriden for some specific use cases (e.g local registries, custom images, ...)
+  ##
+  imageRegistry: docker.io
+
+  ## Reference to one or more secrets to be used when pulling images
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+  ##
+  imagePullSecrets: []
+  # - name: "image-pull-secret"
+  # or
+  # - "image-pull-secret"
+
+windowsMonitoring:
+  ## Deploys the windows-exporter and Windows-specific dashboards and rules (job name must be 'windows-exporter')
+  enabled: false
+
+## Configuration for prometheus-windows-exporter
+## ref: https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-windows-exporter
+##
+prometheus-windows-exporter:
+  ## Enable ServiceMonitor and set Kubernetes label to use as a job label
+  ##
+  prometheus:
+    monitor:
+      enabled: true
+      jobLabel: jobLabel
+
+  releaseLabel: true
+
+  ## Set job label to 'windows-exporter' as required by the default Prometheus rules and Grafana dashboards
+  ##
+  podLabels:
+    jobLabel: windows-exporter
+
+  ## Enable memory and container metrics as required by the default Prometheus rules and Grafana dashboards
+  ##
+  config: |-
+    collectors:
+      enabled: '[defaults],memory,container'
+
+## Configuration for alertmanager
+## ref: https://prometheus.io/docs/alerting/alertmanager/
+##
+alertmanager:
+
+  ## Deploy alertmanager
+  ##
+  enabled: true
+
+  ## Annotations for Alertmanager
+  ##
+  annotations: {}
+
+  ## Api that prometheus will use to communicate with alertmanager. Possible values are v1, v2
+  ##
+  apiVersion: v2
+
+  ## Service account for Alertmanager to use.
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+  ##
+  serviceAccount:
+    create: true
+    name: ""
+    annotations: {}
+    automountServiceAccountToken: true
+
+  ## Configure pod disruption budgets for Alertmanager
+  ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
+  ## This configuration is immutable once created and will require the PDB to be deleted to be changed
+  ## https://github.com/kubernetes/kubernetes/issues/45398
+  ##
+  podDisruptionBudget:
+    enabled: false
+    minAvailable: 1
+    maxUnavailable: ""
+
+  ## Alertmanager configuration directives
+  ## ref: https://prometheus.io/docs/alerting/configuration/#configuration-file
+  ##      https://prometheus.io/webtools/alerting/routing-tree-editor/
+  ##
+  config:
+    global:
+      resolve_timeout: 5m
+    inhibit_rules:
+      - source_matchers:
+          - 'severity = critical'
+        target_matchers:
+          - 'severity =~ warning|info'
+        equal:
+          - 'namespace'
+          - 'alertname'
+      - source_matchers:
+          - 'severity = warning'
+        target_matchers:
+          - 'severity = info'
+        equal:
+          - 'namespace'
+          - 'alertname'
+      - source_matchers:
+          - 'alertname = InfoInhibitor'
+        target_matchers:
+          - 'severity = info'
+        equal:
+          - 'namespace'
+      - target_matchers:
+          - 'alertname = InfoInhibitor'
+    route:
+      group_by: ['namespace']
+      group_wait: 30s
+      group_interval: 5m
+      repeat_interval: 12h
+      receiver: 'null'
+      routes:
+      - receiver: 'null'
+        matchers:
+          - alertname = "Watchdog"
+    receivers:
+    - name: 'null'
+    templates:
+    - '/etc/alertmanager/config/*.tmpl'
+
+  ## Alertmanager configuration directives (as string type, preferred over the config hash map)
+  ## stringConfig will be used only, if tplConfig is true
+  ## ref: https://prometheus.io/docs/alerting/configuration/#configuration-file
+  ##      https://prometheus.io/webtools/alerting/routing-tree-editor/
+  ##
+  stringConfig: ""
+
+  ## Pass the Alertmanager configuration directives through Helm's templating
+  ## engine. If the Alertmanager configuration contains Alertmanager templates,
+  ## they'll need to be properly escaped so that they are not interpreted by
+  ## Helm
+  ## ref: https://helm.sh/docs/developing_charts/#using-the-tpl-function
+  ##      https://prometheus.io/docs/alerting/configuration/#tmpl_string
+  ##      https://prometheus.io/docs/alerting/notifications/
+  ##      https://prometheus.io/docs/alerting/notification_examples/
+  tplConfig: false
+
+  ## Alertmanager template files to format alerts
+  ## By default, templateFiles are placed in /etc/alertmanager/config/ and if
+  ## they have a .tmpl file suffix will be loaded. See config.templates above
+  ## to change, add other suffixes. If adding other suffixes, be sure to update
+  ## config.templates above to include those suffixes.
+  ## ref: https://prometheus.io/docs/alerting/notifications/
+  ##      https://prometheus.io/docs/alerting/notification_examples/
+  ##
+
+  templateFiles:
+    rancher_defaults.tmpl: |-
+        {{- define "slack.rancher.text" -}}
+        {{ template "rancher.text_multiple" . }}
+        {{- end -}}
+
+        {{- define "rancher.text_multiple" -}}
+        *[GROUP - Details]*
+        One or more alarms in this group have triggered a notification.
+
+        {{- if gt (len .GroupLabels.Values) 0 }}
+        *Group Labels:*
+          {{- range .GroupLabels.SortedPairs }}
+          • *{{ .Name }}:* `{{ .Value }}`
+          {{- end }}
+        {{- end }}
+        {{- if .ExternalURL }}
+        *Link to AlertManager:* {{ .ExternalURL }}
+        {{- end }}
+
+        {{- range .Alerts }}
+        {{ template "rancher.text_single" . }}
+        {{- end }}
+        {{- end -}}
+
+        {{- define "rancher.text_single" -}}
+        {{- if .Labels.alertname }}
+        *[ALERT - {{ .Labels.alertname }}]*
+        {{- else }}
+        *[ALERT]*
+        {{- end }}
+        {{- if .Labels.severity }}
+        *Severity:* `{{ .Labels.severity }}`
+        {{- end }}
+        {{- if .Labels.cluster }}
+        *Cluster:*  {{ .Labels.cluster }}
+        {{- end }}
+        {{- if .Annotations.summary }}
+        *Summary:* {{ .Annotations.summary }}
+        {{- end }}
+        {{- if .Annotations.message }}
+        *Message:* {{ .Annotations.message }}
+        {{- end }}
+        {{- if .Annotations.description }}
+        *Description:* {{ .Annotations.description }}
+        {{- end }}
+        {{- if .Annotations.runbook_url }}
+        *Runbook URL:* <{{ .Annotations.runbook_url }}|:spiral_note_pad:>
+        {{- end }}
+        {{- with .Labels }}
+        {{- with .Remove (stringSlice "alertname" "severity" "cluster") }}
+        {{- if gt (len .) 0 }}
+        *Additional Labels:*
+          {{- range .SortedPairs }}
+          • *{{ .Name }}:* `{{ .Value }}`
+          {{- end }}
+        {{- end }}
+        {{- end }}
+        {{- end }}
+        {{- with .Annotations }}
+        {{- with .Remove (stringSlice "summary" "message" "description" "runbook_url") }}
+        {{- if gt (len .) 0 }}
+        *Additional Annotations:*
+          {{- range .SortedPairs }}
+          • *{{ .Name }}:* `{{ .Value }}`
+          {{- end }}
+        {{- end }}
+        {{- end }}
+        {{- end }}
+        {{- end -}}
+
+  ingress:
+    enabled: false
+
+    # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+    # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+    # ingressClassName: nginx
+
+    annotations: {}
+
+    labels: {}
+
+    ## Override ingress to a different defined port on the service
+    # servicePort: 8081
+    ## Override ingress to a different service then the default, this is useful if you need to
+    ## point to a specific instance of the alertmanager (eg kube-prometheus-stack-alertmanager-0)
+    # serviceName: kube-prometheus-stack-alertmanager-0
+
+    ## Hosts must be provided if Ingress is enabled.
+    ##
+    hosts: []
+      # - alertmanager.domain.com
+
+    ## Paths to use for ingress rules - one path should match the alertmanagerSpec.routePrefix
+    ##
+    paths: []
+    # - /
+
+    ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
+    ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
+    # pathType: ImplementationSpecific
+
+    ## TLS configuration for Alertmanager Ingress
+    ## Secret must be manually created in the namespace
+    ##
+    tls: []
+    # - secretName: alertmanager-general-tls
+    #   hosts:
+    #   - alertmanager.example.com
+
+  ## Configuration for Alertmanager secret
+  ##
+  secret:
+    annotations: {}
+
+  # by default the alertmanager secret is not overwritten if it already exists
+    recreateIfExists: false
+
+  ## Configuration for creating an Ingress that will map to each Alertmanager replica service
+  ## alertmanager.servicePerReplica must be enabled
+  ##
+  ingressPerReplica:
+    enabled: false
+
+    # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+    # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+    # ingressClassName: nginx
+
+    annotations: {}
+    labels: {}
+
+    ## Final form of the hostname for each per replica ingress is
+    ## {{ ingressPerReplica.hostPrefix }}-{{ $replicaNumber }}.{{ ingressPerReplica.hostDomain }}
+    ##
+    ## Prefix for the per replica ingress that will have `-$replicaNumber`
+    ## appended to the end
+    hostPrefix: ""
+    ## Domain that will be used for the per replica ingress
+    hostDomain: ""
+
+    ## Paths to use for ingress rules
+    ##
+    paths: []
+    # - /
+
+    ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
+    ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
+    # pathType: ImplementationSpecific
+
+    ## Secret name containing the TLS certificate for alertmanager per replica ingress
+    ## Secret must be manually created in the namespace
+    tlsSecretName: ""
+
+    ## Separated secret for each per replica Ingress. Can be used together with cert-manager
+    ##
+    tlsSecretPerReplica:
+      enabled: false
+      ## Final form of the secret for each per replica ingress is
+      ## {{ tlsSecretPerReplica.prefix }}-{{ $replicaNumber }}
+      ##
+      prefix: "alertmanager"
+
+  ## Configuration for Alertmanager service
+  ##
+  service:
+    annotations: {}
+    labels: {}
+    clusterIP: ""
+
+    ## Port for Alertmanager Service to listen on
+    ##
+    port: 9093
+    ## To be used with a proxy extraContainer port
+    ##
+    targetPort: 9093
+    ## Port to expose on each node
+    ## Only used if service.type is 'NodePort'
+    ##
+    nodePort: 30903
+    ## List of IP addresses at which the Prometheus server service is available
+    ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
+    ##
+
+    ## Additional ports to open for Alertmanager service
+    ##
+    additionalPorts: []
+    # - name: oauth-proxy
+    #   port: 8081
+    #   targetPort: 8081
+    # - name: oauth-metrics
+    #   port: 8082
+    #   targetPort: 8082
+
+    externalIPs: []
+    loadBalancerIP: ""
+    loadBalancerSourceRanges: []
+
+    ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+    ##
+    externalTrafficPolicy: Cluster
+
+    ## If you want to make sure that connections from a particular client are passed to the same Pod each time
+    ## Accepts 'ClientIP' or 'None'
+    ##
+    sessionAffinity: None
+
+    ## If you want to modify the ClientIP sessionAffinity timeout
+    ## The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP"
+    ##
+    sessionAffinityConfig:
+      clientIP:
+        timeoutSeconds: 10800
+
+    ## Service type
+    ##
+    type: ClusterIP
+
+  ## Configuration for creating a separate Service for each statefulset Alertmanager replica
+  ##
+  servicePerReplica:
+    enabled: false
+    annotations: {}
+
+    ## Port for Alertmanager Service per replica to listen on
+    ##
+    port: 9093
+
+    ## To be used with a proxy extraContainer port
+    targetPort: 9093
+
+    ## Port to expose on each node
+    ## Only used if servicePerReplica.type is 'NodePort'
+    ##
+    nodePort: 30904
+
+    ## Loadbalancer source IP ranges
+    ## Only used if servicePerReplica.type is "LoadBalancer"
+    loadBalancerSourceRanges: []
+
+    ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+    ##
+    externalTrafficPolicy: Cluster
+
+    ## Service type
+    ##
+    type: ClusterIP
+
+  ## Configuration for creating a ServiceMonitor for AlertManager
+  ##
+  serviceMonitor:
+    ## If true, a ServiceMonitor will be created for the AlertManager service.
+    ##
+    selfMonitor: true
+
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS.
+    scheme: ""
+
+    ## enableHttp2: Whether to enable HTTP2.
+    ## See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint
+    enableHttp2: true
+
+    ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS.
+    ## Of type: https://github.com/coreos/prometheus-operator/blob/main/Documentation/api.md#tlsconfig
+    tlsConfig: {}
+
+    bearerTokenFile:
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional Endpoints
+    ##
+    additionalEndpoints: []
+    # - port: oauth-metrics
+    #   path: /metrics
+
+  ## Settings affecting alertmanagerSpec
+  ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#alertmanagerspec
+  ##
+  alertmanagerSpec:
+    ## Standard object's metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata
+    ## Metadata Labels and Annotations gets propagated to the Alertmanager pods.
+    ##
+    podMetadata: {}
+
+    ## Image of Alertmanager
+    ##
+    image:
+      repository: rancher/mirrored-prometheus-alertmanager
+      tag: v0.27.0
+      sha: ""
+
+    ## If true then the user will be responsible to provide a secret with alertmanager configuration
+    ## So when true the config part will be ignored (including templateFiles) and the one in the secret will be used
+    ##
+    useExistingSecret: false
+
+    ## Secrets is a list of Secrets in the same namespace as the Alertmanager object, which shall be mounted into the
+    ## Alertmanager Pods. The Secrets are mounted into /etc/alertmanager/secrets/.
+    ##
+    secrets: []
+
+    ## If false then the user will opt out of automounting API credentials.
+    ##
+    automountServiceAccountToken: true
+
+    ## ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods.
+    ## The ConfigMaps are mounted into /etc/alertmanager/configmaps/.
+    ##
+    configMaps: []
+
+    ## ConfigSecret is the name of a Kubernetes Secret in the same namespace as the Alertmanager object, which contains configuration for
+    ## this Alertmanager instance. Defaults to 'alertmanager-' The secret is mounted into /etc/alertmanager/config.
+    ##
+    # configSecret:
+
+    ## WebTLSConfig defines the TLS parameters for HTTPS
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#alertmanagerwebspec
+    web: {}
+
+    ## AlertmanagerConfigs to be selected to merge and configure Alertmanager with.
+    ##
+    alertmanagerConfigSelector: {}
+    ## Example which selects all alertmanagerConfig resources
+    ## with label "alertconfig" with values any of "example-config" or "example-config-2"
+    # alertmanagerConfigSelector:
+    #   matchExpressions:
+    #     - key: alertconfig
+    #       operator: In
+    #       values:
+    #         - example-config
+    #         - example-config-2
+    #
+    ## Example which selects all alertmanagerConfig resources with label "role" set to "example-config"
+    # alertmanagerConfigSelector:
+    #   matchLabels:
+    #     role: example-config
+
+    ## Namespaces to be selected for AlertmanagerConfig discovery. If nil, only check own namespace.
+    ##
+    alertmanagerConfigNamespaceSelector: {}
+    ## Example which selects all namespaces
+    ## with label "alertmanagerconfig" with values any of "example-namespace" or "example-namespace-2"
+    # alertmanagerConfigNamespaceSelector:
+    #   matchExpressions:
+    #     - key: alertmanagerconfig
+    #       operator: In
+    #       values:
+    #         - example-namespace
+    #         - example-namespace-2
+
+    ## Example which selects all namespaces with label "alertmanagerconfig" set to "enabled"
+    # alertmanagerConfigNamespaceSelector:
+    #   matchLabels:
+    #     alertmanagerconfig: enabled
+
+    ## AlermanagerConfig to be used as top level configuration
+    ##
+    alertmanagerConfiguration: {}
+    ## Example with select a global alertmanagerconfig
+    # alertmanagerConfiguration:
+    #   name: global-alertmanager-Configuration
+
+    ## Defines the strategy used by AlertmanagerConfig objects to match alerts. eg:
+    ##
+    alertmanagerConfigMatcherStrategy: {}
+    ## Example with use OnNamespace strategy
+    # alertmanagerConfigMatcherStrategy:
+    #   type: OnNamespace
+
+    ## Define Log Format
+    # Use logfmt (default) or json logging
+    logFormat: logfmt
+
+    ## Log level for Alertmanager to be configured with.
+    ##
+    logLevel: info
+
+    ## Size is the expected size of the alertmanager cluster. The controller will eventually make the size of the
+    ## running cluster equal to the expected size.
+    replicas: 1
+
+    ## Time duration Alertmanager shall retain data for. Default is '120h', and must match the regular expression
+    ## [0-9]+(ms|s|m|h) (milliseconds seconds minutes hours).
+    ##
+    retention: 120h
+
+    ## Storage is the definition of how storage will be used by the Alertmanager instances.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/storage.md
+    ##
+    storage: {}
+    # volumeClaimTemplate:
+    #   spec:
+    #     storageClassName: gluster
+    #     accessModes: ["ReadWriteOnce"]
+    #     resources:
+    #       requests:
+    #         storage: 50Gi
+    #     selector: {}
+
+
+    ## The external URL the Alertmanager instances will be available under. This is necessary to generate correct URLs. This is necessary if Alertmanager is not served from root of a DNS name. string  false
+    ##
+    externalUrl:
+
+    ## The route prefix Alertmanager registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true,
+    ## but the server serves requests under a different route prefix. For example for use with kubectl proxy.
+    ##
+    routePrefix: /
+
+    ## scheme: HTTP scheme to use. Can be used with `tlsConfig` for example if using istio mTLS.
+    scheme: ""
+
+    ## tlsConfig: TLS configuration to use when connect to the endpoint. For example if using istio mTLS.
+    ## Of type: https://github.com/coreos/prometheus-operator/blob/main/Documentation/api.md#tlsconfig
+    tlsConfig: {}
+
+    ## If set to true all actions on the underlying managed objects are not going to be performed, except for delete actions.
+    ##
+    paused: false
+
+    ## Define which Nodes the Pods are scheduled on.
+    ## ref: https://kubernetes.io/docs/user-guide/node-selection/
+    ##
+    nodeSelector: {}
+
+    ## Define resources requests and limits for single Pods.
+    ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
+    ##
+    resources:
+      limits:
+        memory: 500Mi
+        cpu: 1000m
+      requests:
+        memory: 100Mi
+        cpu: 100m
+
+    ## Pod anti-affinity can prevent the scheduler from placing Prometheus replicas on the same node.
+    ## The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided.
+    ## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node.
+    ## The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured.
+    ##
+    podAntiAffinity: ""
+
+    ## If anti-affinity is enabled sets the topologyKey to use for anti-affinity.
+    ## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone
+    ##
+    podAntiAffinityTopologyKey: kubernetes.io/hostname
+
+    ## Assign custom affinity rules to the alertmanager instance
+    ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+    ##
+    affinity: {}
+    # nodeAffinity:
+    #   requiredDuringSchedulingIgnoredDuringExecution:
+    #     nodeSelectorTerms:
+    #     - matchExpressions:
+    #       - key: kubernetes.io/e2e-az-name
+    #         operator: In
+    #         values:
+    #         - e2e-az1
+    #         - e2e-az2
+
+    ## If specified, the pod's tolerations.
+    ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+    ##
+    tolerations: []
+    # - key: "key"
+    #   operator: "Equal"
+    #   value: "value"
+    #   effect: "NoSchedule"
+
+    ## If specified, the pod's topology spread constraints.
+    ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
+    ##
+    topologySpreadConstraints: []
+    # - maxSkew: 1
+    #   topologyKey: topology.kubernetes.io/zone
+    #   whenUnsatisfiable: DoNotSchedule
+    #   labelSelector:
+    #     matchLabels:
+    #       app: alertmanager
+
+    ## SecurityContext holds pod-level security attributes and common container settings.
+    ## This defaults to non root user with uid 1000 and gid 2000. *v1.PodSecurityContext  false
+    ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+    ##
+    securityContext:
+      runAsGroup: 2000
+      runAsNonRoot: true
+      runAsUser: 1000
+      fsGroup: 2000
+      seccompProfile:
+        type: RuntimeDefault
+
+    ## ListenLocal makes the Alertmanager server listen on loopback, so that it does not bind against the Pod IP.
+    ## Note this is only for the Alertmanager UI, not the gossip communication.
+    ##
+    listenLocal: false
+
+    ## Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an Alertmanager pod.
+    ##
+    containers: []
+    # containers:
+    # - name: oauth-proxy
+    #   image: quay.io/oauth2-proxy/oauth2-proxy:v7.5.1
+    #   args:
+    #   - --upstream=http://127.0.0.1:9093
+    #   - --http-address=0.0.0.0:8081
+    #   - --metrics-address=0.0.0.0:8082
+    #   - ...
+    #   ports:
+    #   - containerPort: 8081
+    #     name: oauth-proxy
+    #     protocol: TCP
+    #   - containerPort: 8082
+    #     name: oauth-metrics
+    #     protocol: TCP
+    #   resources: {}
+
+    # Additional volumes on the output StatefulSet definition.
+    volumes: []
+
+    # Additional VolumeMounts on the output StatefulSet definition.
+    volumeMounts: []
+
+    ## InitContainers allows injecting additional initContainers. This is meant to allow doing some changes
+    ## (permissions, dir tree) on mounted volumes before starting prometheus
+    initContainers: []
+
+    ## Priority class assigned to the Pods
+    ##
+    priorityClassName: ""
+
+    ## AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster.
+    ##
+    additionalPeers: []
+
+    ## PortName to use for Alert Manager.
+    ##
+    portName: "http-web"
+
+    ## ClusterAdvertiseAddress is the explicit address to advertise in cluster. Needs to be provided for non RFC1918 [1] (public) addresses. [1] RFC1918: https://tools.ietf.org/html/rfc1918
+    ##
+    clusterAdvertiseAddress: false
+
+    ## clusterGossipInterval determines interval between gossip attempts.
+    ## Needs to be specified as GoDuration, a time duration that can be parsed by Go’s time.ParseDuration() (e.g. 45ms, 30s, 1m, 1h20m15s)
+    clusterGossipInterval: ""
+
+    ## clusterPeerTimeout determines timeout for cluster peering.
+    ## Needs to be specified as GoDuration, a time duration that can be parsed by Go’s time.ParseDuration() (e.g. 45ms, 30s, 1m, 1h20m15s)
+    clusterPeerTimeout: ""
+
+    ## clusterPushpullInterval determines interval between pushpull attempts.
+    ## Needs to be specified as GoDuration, a time duration that can be parsed by Go’s time.ParseDuration() (e.g. 45ms, 30s, 1m, 1h20m15s)
+    clusterPushpullInterval: ""
+
+    ## ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica.
+    ## Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each.
+    forceEnableClusterMode: false
+
+    ## Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to
+    ## be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).
+    minReadySeconds: 0
+
+    ## Additional configuration which is not covered by the properties above. (passed through tpl)
+    additionalConfig: {}
+
+    ## Additional configuration which is not covered by the properties above.
+    ## Useful, if you need advanced templating inside alertmanagerSpec.
+    ## Otherwise, use alertmanager.alertmanagerSpec.additionalConfig (passed through tpl)
+    additionalConfigString: ""
+
+  ## ExtraSecret can be used to store various data in an extra secret
+  ## (use it for example to store hashed basic auth credentials)
+  extraSecret:
+    ## if not set, name will be auto generated
+    # name: ""
+    annotations: {}
+    data: {}
+  #   auth: |
+  #     foo:$apr1$OFG3Xybp$ckL0FHDAkoXYIlH9.cysT0
+  #     someoneelse:$apr1$DMZX2Z4q$6SbQIfyuLQd.xmo/P0m2c.
+
+## Using default values from https://github.com/grafana/helm-charts/blob/main/charts/grafana/values.yaml
+##
+grafana:
+  enabled: true
+  namespaceOverride: ""
+
+  ## Grafana's primary configuration
+  ## NOTE: values in map will be converted to ini format
+  ## ref: http://docs.grafana.org/installation/configuration/
+  ##
+  grafana.ini:
+    users:
+      auto_assign_org_role: Viewer
+    auth:
+      disable_login_form: false
+    auth.anonymous:
+      enabled: true
+      org_role: Viewer
+    auth.basic:
+      enabled: false
+    dashboards:
+      # Modify this value to change the default dashboard shown on the main Grafana page
+      default_home_dashboard_path: /tmp/dashboards/rancher-default-home.json
+    security:
+      # Required to embed dashboards in Rancher Cluster Overview Dashboard on Cluster Explorer
+      allow_embedding: true
+
+  deploymentStrategy:
+    type: Recreate
+
+  ## ForceDeployDatasources Create datasource configmap even if grafana deployment has been disabled
+  ##
+  forceDeployDatasources: false
+
+  ## ForceDeployDashboard Create dashboard configmap even if grafana deployment has been disabled
+  ##
+  forceDeployDashboards: false
+
+  ## Deploy default dashboards
+  ##
+  defaultDashboardsEnabled: true
+
+  # Additional options for defaultDashboards
+  defaultDashboards:
+    # The default namespace to place defaultDashboards within
+    namespace: cattle-dashboards
+    # Whether to create the default namespace as a Helm managed namespace or use an existing namespace
+    # If false, the defaultDashboards.namespace will be created as a Helm managed namespace
+    useExistingNamespace: false
+    # Whether the Helm managed namespace created by this chart should be left behind on a Helm uninstall
+    # If you place other dashboards in this namespace, then they will be deleted on a helm uninstall
+    # Ignore if useExistingNamespace is true
+    cleanupOnUninstall: false
+
+  ## Timezone for the default dashboards
+  ## Other options are: browser or a specific timezone, i.e. Europe/Luxembourg
+  ##
+  defaultDashboardsTimezone: utc
+
+  ## Editable flag for the default dashboards
+  ##
+  defaultDashboardsEditable: true
+
+  adminPassword: prom-operator
+
+  ingress:
+    ## If true, Grafana Ingress will be created
+    ##
+    enabled: false
+
+    ## IngressClassName for Grafana Ingress.
+    ## Should be provided if Ingress is enable.
+    ##
+    # ingressClassName: nginx
+
+    ## Annotations for Grafana Ingress
+    ##
+    annotations: {}
+      # kubernetes.io/ingress.class: nginx
+      # kubernetes.io/tls-acme: "true"
+
+    ## Labels to be added to the Ingress
+    ##
+    labels: {}
+
+    ## Hostnames.
+    ## Must be provided if Ingress is enable.
+    ##
+    # hosts:
+    #   - grafana.domain.com
+    hosts: []
+
+    ## Path for grafana ingress
+    path: /
+
+    ## TLS configuration for grafana Ingress
+    ## Secret must be manually created in the namespace
+    ##
+    tls: []
+    # - secretName: grafana-general-tls
+    #   hosts:
+    #   - grafana.example.com
+
+  # # To make Grafana persistent (Using Statefulset)
+  # #
+  # persistence:
+  #   enabled: true
+  #   type: sts
+  #   storageClassName: "storageClassName"
+  #   accessModes:
+  #     - ReadWriteOnce
+  #   size: 20Gi
+  #   finalizers:
+  #     - kubernetes.io/pvc-protection
+
+  serviceAccount:
+    create: true
+    autoMount: true
+
+  sidecar:
+    dashboards:
+      enabled: true
+      label: grafana_dashboard
+      searchNamespace: cattle-dashboards
+      labelValue: "1"
+
+      # Support for new table panels, when enabled grafana auto migrates the old table panels to newer table panels
+      enableNewTablePanelSyntax: false
+
+      ## Annotations for Grafana dashboard configmaps
+      ##
+      annotations: {}
+      multicluster:
+        global:
+          enabled: false
+        etcd:
+          enabled: false
+      provider:
+        allowUiUpdates: false
+    datasources:
+      enabled: true
+      defaultDatasourceEnabled: true
+      isDefaultDatasource: true
+
+      uid: prometheus
+
+      ## URL of prometheus datasource
+      ##
+      # url: http://prometheus-stack-prometheus:9090/
+
+      ## Prometheus request timeout in seconds
+      # timeout: 30
+
+      # If not defined, will use prometheus.prometheusSpec.scrapeInterval or its default
+      # defaultDatasourceScrapeInterval: 15s
+
+      ## Annotations for Grafana datasource configmaps
+      ##
+      annotations: {}
+
+      ## Set method for HTTP to send query to datasource
+      httpMethod: POST
+
+      ## Create datasource for each Pod of Prometheus StatefulSet;
+      ## this uses headless service `prometheus-operated` which is
+      ## created by Prometheus Operator
+      ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/0fee93e12dc7c2ea1218f19ae25ec6b893460590/pkg/prometheus/statefulset.go#L255-L286
+      createPrometheusReplicasDatasources: false
+      label: grafana_datasource
+      labelValue: "1"
+
+      ## Field with internal link pointing to existing data source in Grafana.
+      ## Can be provisioned via additionalDataSources
+      exemplarTraceIdDestinations: {}
+        # datasourceUid: Jaeger
+        # traceIdLabelName: trace_id
+      alertmanager:
+        enabled: true
+        uid: alertmanager
+        handleGrafanaManagedAlerts: false
+        implementation: prometheus
+
+  extraConfigmapMounts: []
+  # - name: certs-configmap
+  #   mountPath: /etc/grafana/ssl/
+  #   configMap: certs-configmap
+  #   readOnly: true
+
+  deleteDatasources: []
+  # - name: example-datasource
+  #   orgId: 1
+
+  ## Configure additional grafana datasources (passed through tpl)
+  ## ref: http://docs.grafana.org/administration/provisioning/#datasources
+  additionalDataSources: []
+  # - name: prometheus-sample
+  #   access: proxy
+  #   basicAuth: true
+  #   basicAuthPassword: pass
+  #   basicAuthUser: daco
+  #   editable: false
+  #   jsonData:
+  #       tlsSkipVerify: true
+  #   orgId: 1
+  #   type: prometheus
+  #   url: https://{{ printf "%s-prometheus.svc" .Release.Name }}:9090
+  #   version: 1
+
+  ## Passed to grafana subchart and used by servicemonitor below
+  ##
+  service:
+    portName: nginx-http
+    ## Port for Grafana Service to listen on
+    ##
+    port: 80
+    ## To be used with a proxy extraContainer port
+    ##
+    targetPort: 8080
+    ## Port to expose on each node
+    ## Only used if service.type is 'NodePort'
+    ##
+    nodePort: 30950
+    ## Service type
+    ##
+    type: ClusterIP
+
+  proxy:
+    image:
+      repository: rancher/mirrored-library-nginx
+      tag: 1.24.0-alpine
+
+  ## Enable an Specify container in extraContainers. This is meant to allow adding an authentication proxy to a grafana pod
+  extraContainers: |
+    - name: grafana-proxy
+      args:
+      - nginx
+      - -g
+      - daemon off;
+      - -c
+      - /nginx/nginx.conf
+      image: "{{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}"
+      ports:
+      - containerPort: 8080
+        name: nginx-http
+        protocol: TCP
+      volumeMounts:
+      - mountPath: /nginx
+        name: grafana-nginx
+      - mountPath: /var/cache/nginx
+        name: nginx-home
+      securityContext:
+        runAsUser: 101
+        runAsGroup: 101
+
+  ## Volumes that can be used in containers
+  extraContainerVolumes:
+    - name: nginx-home
+      emptyDir: {}
+    - name: grafana-nginx
+      configMap:
+        name: grafana-nginx-proxy-config
+        items:
+        - key: nginx.conf
+          mode: 438
+          path: nginx.conf
+
+  ## If true, create a serviceMonitor for grafana
+  ##
+  serviceMonitor:
+    # If true, a ServiceMonitor CRD is created for a prometheus operator
+    # https://github.com/coreos/prometheus-operator
+    #
+    enabled: true
+
+    # Path to use for scraping metrics. Might be different if server.root_url is set
+    # in grafana.ini
+    path: "/metrics"
+
+    #  namespace: monitoring  (defaults to use the namespace this chart is deployed to)
+
+    # labels for the ServiceMonitor
+    labels: {}
+
+    # Scrape interval. If not set, the Prometheus default scrape interval is used.
+    #
+    interval: ""
+    scheme: http
+    tlsConfig: {}
+    scrapeTimeout: 30s
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+  resources:
+    limits:
+      memory: 200Mi
+      cpu: 200m
+    requests:
+      memory: 100Mi
+      cpu: 100m
+
+  testFramework:
+    enabled: false
+
+## Flag to disable all the kubernetes component scrapers
+##
+kubernetesServiceMonitors:
+  enabled: true
+
+## Component scraping the kube api server
+##
+kubeApiServer:
+  enabled: true
+  tlsConfig:
+    serverName: kubernetes
+    insecureSkipVerify: false
+  serviceMonitor:
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    jobLabel: component
+    selector:
+      matchLabels:
+        component: apiserver
+        provider: kubernetes
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings:
+      # Drop excessively noisy apiserver buckets.
+      - action: drop
+        regex: apiserver_request_duration_seconds_bucket;(0.15|0.2|0.3|0.35|0.4|0.45|0.6|0.7|0.8|0.9|1.25|1.5|1.75|2|3|3.5|4|4.5|6|7|8|9|15|25|40|50)
+        sourceLabels:
+          - __name__
+          - le
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels:
+    #     - __meta_kubernetes_namespace
+    #     - __meta_kubernetes_service_name
+    #     - __meta_kubernetes_endpoint_port_name
+    #   action: keep
+    #   regex: default;kubernetes;https
+    # - targetLabel: __address__
+    #   replacement: kubernetes.default.svc:443
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+    #  foo: bar
+
+## Component scraping the kubelet and kubelet-hosted cAdvisor
+##
+kubelet:
+  enabled: true
+  namespace: kube-system
+
+  serviceMonitor:
+    ## Attach metadata to discovered targets. Requires Prometheus v2.45 for endpoints created by the operator.
+    ##
+    attachMetadata:
+      node: false
+
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## If true, Prometheus use (respect) labels provided by exporter.
+    ##
+    honorLabels: true
+
+    ## If true, Prometheus ingests metrics with timestamp provided by exporter. If false, Prometheus ingests metrics with timestamp of scrape.
+    ##
+    honorTimestamps: true
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## Enable scraping the kubelet over https. For requirements to enable this see
+    ## https://github.com/prometheus-operator/prometheus-operator/issues/926
+    ##
+    https: true
+
+    ## Enable scraping /metrics/cadvisor from kubelet's service
+    ##
+    cAdvisor: true
+
+    ## Enable scraping /metrics/probes from kubelet's service
+    ##
+    probes: true
+
+    ## Enable scraping /metrics/resource from kubelet's service
+    ## This is disabled by default because container metrics are already exposed by cAdvisor
+    ##
+    resource: false
+    # From kubernetes 1.18, /metrics/resource/v1alpha1 renamed to /metrics/resource
+    resourcePath: "/metrics/resource/v1alpha1"
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    cAdvisorMetricRelabelings:
+      # Drop less useful container CPU metrics.
+      - sourceLabels: [__name__]
+        action: drop
+        regex: 'container_cpu_(cfs_throttled_seconds_total|load_average_10s|system_seconds_total|user_seconds_total)'
+      # Drop less useful container / always zero filesystem metrics.
+      - sourceLabels: [__name__]
+        action: drop
+        regex: 'container_fs_(io_current|io_time_seconds_total|io_time_weighted_seconds_total|reads_merged_total|sector_reads_total|sector_writes_total|writes_merged_total)'
+      # Drop less useful / always zero container memory metrics.
+      - sourceLabels: [__name__]
+        action: drop
+        regex: 'container_memory_(mapped_file|swap)'
+      # Drop less useful container process metrics.
+      - sourceLabels: [__name__]
+        action: drop
+        regex: 'container_(file_descriptors|tasks_state|threads_max)'
+      # Drop container spec metrics that overlap with kube-state-metrics.
+      - sourceLabels: [__name__]
+        action: drop
+        regex: 'container_spec.*'
+      # Drop cgroup metrics with no pod.
+      - sourceLabels: [id, pod]
+        action: drop
+        regex: '.+;'
+    # - sourceLabels: [__name__, image]
+    #   separator: ;
+    #   regex: container_([a-z_]+);
+    #   replacement: $1
+    #   action: drop
+    # - sourceLabels: [__name__]
+    #   separator: ;
+    #   regex: container_(network_tcp_usage_total|network_udp_usage_total|tasks_state|cpu_load_average_10s)
+    #   replacement: $1
+    #   action: drop
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    probesMetricRelabelings: []
+    # - sourceLabels: [__name__, image]
+    #   separator: ;
+    #   regex: container_([a-z_]+);
+    #   replacement: $1
+    #   action: drop
+    # - sourceLabels: [__name__]
+    #   separator: ;
+    #   regex: container_(network_tcp_usage_total|network_udp_usage_total|tasks_state|cpu_load_average_10s)
+    #   replacement: $1
+    #   action: drop
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    ## metrics_path is required to match upstream rules and charts
+    cAdvisorRelabelings:
+      - action: replace
+        sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    probesRelabelings:
+      - action: replace
+        sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    resourceRelabelings:
+      - action: replace
+        sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - sourceLabels: [__name__, image]
+    #   separator: ;
+    #   regex: container_([a-z_]+);
+    #   replacement: $1
+    #   action: drop
+    # - sourceLabels: [__name__]
+    #   separator: ;
+    #   regex: container_(network_tcp_usage_total|network_udp_usage_total|tasks_state|cpu_load_average_10s)
+    #   replacement: $1
+    #   action: drop
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    ## metrics_path is required to match upstream rules and charts
+    relabelings:
+      - action: replace
+        sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+    #  foo: bar
+
+## Component scraping the kube controller manager
+##
+kubeControllerManager:
+  enabled: false
+
+  ## If your kube controller manager is not deployed as a pod, specify IPs it can be found on
+  ##
+  endpoints: []
+  # - 10.141.4.22
+  # - 10.141.4.23
+  # - 10.141.4.24
+
+  ## If using kubeControllerManager.endpoints only the port and targetPort are used
+  ##
+  service:
+    enabled: true
+    ## If null or unset, the value is determined dynamically based on target Kubernetes version due to change
+    ## of default port in Kubernetes 1.22.
+    ##
+    port: null
+    targetPort: null
+    # selector:
+    #   component: kube-controller-manager
+
+  serviceMonitor:
+    enabled: true
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## port: Name of the port the metrics will be scraped from
+    ##
+    port: http-metrics
+
+    jobLabel: jobLabel
+    selector: {}
+    #  matchLabels:
+    #    component: kube-controller-manager
+
+    ## Enable scraping kube-controller-manager over https.
+    ## Requires proper certs (not self-signed) and delegated authentication/authorization checks.
+    ## If null or unset, the value is determined dynamically based on target Kubernetes version.
+    ##
+    https: null
+
+    # Skip TLS certificate validation when scraping
+    insecureSkipVerify: null
+
+    # Name of the server to use when validating TLS certificate
+    serverName: null
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+    #  foo: bar
+
+## Component scraping coreDns. Use either this or kubeDns
+##
+coreDns:
+  enabled: true
+  service:
+    enabled: true
+    port: 9153
+    targetPort: 9153
+    # selector:
+    #   k8s-app: kube-dns
+  serviceMonitor:
+    enabled: true
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## port: Name of the port the metrics will be scraped from
+    ##
+    port: http-metrics
+
+    jobLabel: jobLabel
+    selector: {}
+    #  matchLabels:
+    #    k8s-app: kube-dns
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+    #  foo: bar
+
+## Component scraping kubeDns. Use either this or coreDns
+##
+kubeDns:
+  enabled: false
+  service:
+    dnsmasq:
+      port: 10054
+      targetPort: 10054
+    skydns:
+      port: 10055
+      targetPort: 10055
+    # selector:
+    #   k8s-app: kube-dns
+  serviceMonitor:
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    jobLabel: jobLabel
+    selector: {}
+    #  matchLabels:
+    #    k8s-app: kube-dns
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    dnsmasqMetricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    dnsmasqRelabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+    #  foo: bar
+
+## Component scraping etcd
+##
+kubeEtcd:
+  enabled: false
+
+  ## If your etcd is not deployed as a pod, specify IPs it can be found on
+  ##
+  endpoints: []
+  # - 10.141.4.22
+  # - 10.141.4.23
+  # - 10.141.4.24
+
+  ## Etcd service. If using kubeEtcd.endpoints only the port and targetPort are used
+  ##
+  service:
+    enabled: true
+    port: 2381
+    targetPort: 2381
+    # selector:
+    #   component: etcd
+
+  ## Configure secure access to the etcd cluster by loading a secret into prometheus and
+  ## specifying security configuration below. For example, with a secret named etcd-client-cert
+  ##
+  ## serviceMonitor:
+  ##   scheme: https
+  ##   insecureSkipVerify: false
+  ##   serverName: localhost
+  ##   caFile: /etc/prometheus/secrets/etcd-client-cert/etcd-ca
+  ##   certFile: /etc/prometheus/secrets/etcd-client-cert/etcd-client
+  ##   keyFile: /etc/prometheus/secrets/etcd-client-cert/etcd-client-key
+  ##
+  serviceMonitor:
+    enabled: true
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+    scheme: http
+    insecureSkipVerify: false
+    serverName: ""
+    caFile: ""
+    certFile: ""
+    keyFile: ""
+
+    ## port: Name of the port the metrics will be scraped from
+    ##
+    port: http-metrics
+
+    jobLabel: jobLabel
+    selector: {}
+    #  matchLabels:
+    #    component: etcd
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+    #  foo: bar
+
+## Component scraping kube scheduler
+##
+kubeScheduler:
+  enabled: false
+
+  ## If your kube scheduler is not deployed as a pod, specify IPs it can be found on
+  ##
+  endpoints: []
+  # - 10.141.4.22
+  # - 10.141.4.23
+  # - 10.141.4.24
+
+  ## If using kubeScheduler.endpoints only the port and targetPort are used
+  ##
+  service:
+    enabled: true
+    ## If null or unset, the value is determined dynamically based on target Kubernetes version due to change
+    ## of default port in Kubernetes 1.23.
+    ##
+    port: null
+    targetPort: null
+    # selector:
+    #   component: kube-scheduler
+
+  serviceMonitor:
+    enabled: true
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+    ## Enable scraping kube-scheduler over https.
+    ## Requires proper certs (not self-signed) and delegated authentication/authorization checks.
+    ## If null or unset, the value is determined dynamically based on target Kubernetes version.
+    ##
+    https: null
+
+    ## port: Name of the port the metrics will be scraped from
+    ##
+    port: http-metrics
+
+    jobLabel: jobLabel
+    selector: {}
+    #  matchLabels:
+    #    component: kube-scheduler
+
+    ## Skip TLS certificate validation when scraping
+    insecureSkipVerify: null
+
+    ## Name of the server to use when validating TLS certificate
+    serverName: null
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+    #  foo: bar
+
+## Component scraping kube proxy
+##
+kubeProxy:
+  enabled: false
+
+  ## If your kube proxy is not deployed as a pod, specify IPs it can be found on
+  ##
+  endpoints: []
+  # - 10.141.4.22
+  # - 10.141.4.23
+  # - 10.141.4.24
+
+  service:
+    enabled: true
+    port: 10249
+    targetPort: 10249
+    # selector:
+    #   k8s-app: kube-proxy
+
+  serviceMonitor:
+    enabled: true
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## port: Name of the port the metrics will be scraped from
+    ##
+    port: http-metrics
+
+    jobLabel: jobLabel
+    selector: {}
+    #  matchLabels:
+    #    k8s-app: kube-proxy
+
+    ## Enable scraping kube-proxy over https.
+    ## Requires proper certs (not self-signed) and delegated authentication/authorization checks
+    ##
+    https: false
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+    #  foo: bar
+
+## Component scraping kube state metrics
+##
+kubeStateMetrics:
+  enabled: true
+
+## Configuration for kube-state-metrics subchart
+##
+kube-state-metrics:
+  namespaceOverride: ""
+  rbac:
+    create: true
+  releaseLabel: true
+  prometheus:
+    monitor:
+      enabled: true
+
+      ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+      ##
+      interval: ""
+
+      ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+      ##
+      sampleLimit: 0
+
+      ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+      ##
+      targetLimit: 0
+
+      ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+      ##
+      labelLimit: 0
+
+      ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+      ##
+      labelNameLengthLimit: 0
+
+      ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+      ##
+      labelValueLengthLimit: 0
+
+      ## Scrape Timeout. If not set, the Prometheus default scrape timeout is used.
+      ##
+      scrapeTimeout: ""
+
+      ## proxyUrl: URL of a proxy that should be used for scraping.
+      ##
+      proxyUrl: ""
+
+      # Keep labels from scraped data, overriding server-side labels
+      ##
+      honorLabels: true
+
+      ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+      ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+      ##
+      metricRelabelings: []
+      # - action: keep
+      #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+      #   sourceLabels: [__name__]
+
+      ## RelabelConfigs to apply to samples before scraping
+      ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+      ##
+      relabelings: []
+      # - sourceLabels: [__meta_kubernetes_pod_node_name]
+      #   separator: ;
+      #   regex: ^(.*)$
+      #   targetLabel: nodename
+      #   replacement: $1
+      #   action: replace
+
+  selfMonitor:
+    enabled: false
+
+## Deploy node exporter as a daemonset to all nodes
+##
+nodeExporter:
+  enabled: true
+  operatingSystems:
+    linux:
+      enabled: true
+    darwin:
+      enabled: true
+
+  ## ForceDeployDashboard Create dashboard configmap even if nodeExporter deployment has been disabled
+  ##
+  forceDeployDashboards: false
+
+## Configuration for prometheus-node-exporter subchart
+##
+prometheus-node-exporter:
+  namespaceOverride: ""
+  podLabels:
+    ## Add the 'node-exporter' label to be used by serviceMonitor to match standard common usage in rules and grafana dashboards
+    ##
+    jobLabel: node-exporter
+  releaseLabel: true
+  extraArgs:
+    - --collector.filesystem.mount-points-exclude=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/.+)($|/)
+    - --collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$
+  service:
+    portName: http-metrics
+  prometheus:
+    monitor:
+      enabled: true
+
+      jobLabel: jobLabel
+
+      ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+      ##
+      interval: ""
+
+      ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+      ##
+      sampleLimit: 0
+
+      ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+      ##
+      targetLimit: 0
+
+      ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+      ##
+      labelLimit: 0
+
+      ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+      ##
+      labelNameLengthLimit: 0
+
+      ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+      ##
+      labelValueLengthLimit: 0
+
+      ## How long until a scrape request times out. If not set, the Prometheus default scape timeout is used.
+      ##
+      scrapeTimeout: ""
+
+      ## proxyUrl: URL of a proxy that should be used for scraping.
+      ##
+      proxyUrl: ""
+
+      ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+      ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+      ##
+      metricRelabelings: []
+      # - sourceLabels: [__name__]
+      #   separator: ;
+      #   regex: ^node_mountstats_nfs_(event|operations|transport)_.+
+      #   replacement: $1
+      #   action: drop
+
+      ## RelabelConfigs to apply to samples before scraping
+      ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+      ##
+      relabelings: []
+      # - sourceLabels: [__meta_kubernetes_pod_node_name]
+      #   separator: ;
+      #   regex: ^(.*)$
+      #   targetLabel: nodename
+      #   replacement: $1
+      #   action: replace
+
+## Manages Prometheus and Alertmanager components
+##
+prometheusOperator:
+  enabled: true
+
+  ## Use '{{ template "kube-prometheus-stack.fullname" . }}-operator' by default
+  fullnameOverride: ""
+
+  ## Number of old replicasets to retain ##
+  ## The default value is 10, 0 will garbage-collect old replicasets ##
+  revisionHistoryLimit: 10
+
+  ## Strategy of the deployment
+  ##
+  strategy: {}
+
+  ## Prometheus-Operator v0.39.0 and later support TLS natively.
+  ##
+  tls:
+    enabled: true
+    # Value must match version names from https://golang.org/pkg/crypto/tls/#pkg-constants
+    tlsMinVersion: VersionTLS13
+    # Users who are deploying this chart in GKE private clusters will need to add firewall rules to expose this port for admissions webhooks
+    internalPort: 8443
+
+  ## Admission webhook support for PrometheusRules resources added in Prometheus Operator 0.30 can be enabled to prevent incorrectly formatted
+  ## rules from making their way into prometheus and potentially preventing the container from starting
+  admissionWebhooks:
+    ## Valid values: Fail, Ignore, IgnoreOnInstallOnly
+    ## IgnoreOnInstallOnly - If Release.IsInstall returns "true", set "Ignore" otherwise "Fail"
+    failurePolicy: ""
+    ## The default timeoutSeconds is 10 and the maximum value is 30.
+    timeoutSeconds: 10
+    enabled: true
+    ## A PEM encoded CA bundle which will be used to validate the webhook's server certificate.
+    ## If unspecified, system trust roots on the apiserver are used.
+    caBundle: ""
+    ## If enabled, generate a self-signed certificate, then patch the webhook configurations with the generated data.
+    ## On chart upgrades (or if the secret exists) the cert will not be re-generated. You can use this to provide your own
+    ## certs ahead of time if you wish.
+    ##
+    annotations: {}
+    #   argocd.argoproj.io/hook: PreSync
+    #   argocd.argoproj.io/hook-delete-policy: HookSucceeded
+
+    namespaceSelector: {}
+
+    deployment:
+      enabled: false
+
+      ## Number of replicas
+      ##
+      replicas: 1
+
+      ## Strategy of the deployment
+      ##
+      strategy: {}
+
+      # Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
+      podDisruptionBudget: {}
+        # maxUnavailable: 1
+        # minAvailable: 1
+
+      ## Number of old replicasets to retain ##
+      ## The default value is 10, 0 will garbage-collect old replicasets ##
+      revisionHistoryLimit: 10
+
+      ## Prometheus-Operator v0.39.0 and later support TLS natively.
+      ##
+      tls:
+        enabled: true
+        # Value must match version names from https://golang.org/pkg/crypto/tls/#pkg-constants
+        tlsMinVersion: VersionTLS13
+        # The default webhook port is 10250 in order to work out-of-the-box in GKE private clusters and avoid adding firewall rules.
+        internalPort: 10250
+
+      ## Service account for Prometheus Operator Webhook to use.
+      ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+      ##
+      serviceAccount:
+        automountServiceAccountToken: false
+        create: true
+        name: ""
+
+      ## Configuration for Prometheus operator Webhook service
+      ##
+      service:
+        annotations: {}
+        labels: {}
+        clusterIP: ""
+
+        ## Port to expose on each node
+        ## Only used if service.type is 'NodePort'
+        ##
+        nodePort: 31080
+
+        nodePortTls: 31443
+
+        ## Additional ports to open for Prometheus operator Webhook service
+        ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#multi-port-services
+        ##
+        additionalPorts: []
+
+        ## Loadbalancer IP
+        ## Only use if service.type is "LoadBalancer"
+        ##
+        loadBalancerIP: ""
+        loadBalancerSourceRanges: []
+
+        ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+        ##
+        externalTrafficPolicy: Cluster
+
+        ## Service type
+        ## NodePort, ClusterIP, LoadBalancer
+        ##
+        type: ClusterIP
+
+        ## List of IP addresses at which the Prometheus server service is available
+        ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
+        ##
+        externalIPs: []
+
+      # ## Labels to add to the operator webhook deployment
+      # ##
+      labels: {}
+
+      ## Annotations to add to the operator webhook deployment
+      ##
+      annotations: {}
+
+      ## Labels to add to the operator webhook pod
+      ##
+      podLabels: {}
+
+      ## Annotations to add to the operator webhook pod
+      ##
+      podAnnotations: {}
+
+      ## Assign a PriorityClassName to pods if set
+      # priorityClassName: ""
+
+      ## Define Log Format
+      # Use logfmt (default) or json logging
+      # logFormat: logfmt
+
+      ## Decrease log verbosity to errors only
+      # logLevel: error
+
+      ## Prometheus-operator webhook image
+      ##
+      image:
+        registry: quay.io
+        repository: rancher/mirrored-prometheus-operator-admission-webhook
+        # if not set appVersion field from Chart.yaml is used
+        tag: v0.72.0
+        sha: ""
+        pullPolicy: IfNotPresent
+
+      ## Define Log Format
+      # Use logfmt (default) or json logging
+      # logFormat: logfmt
+
+      ## Decrease log verbosity to errors only
+      # logLevel: error
+
+
+      ## Liveness probe
+      ##
+      livenessProbe:
+        enabled: true
+        failureThreshold: 3
+        initialDelaySeconds: 30
+        periodSeconds: 10
+        successThreshold: 1
+        timeoutSeconds: 1
+
+      ## Readiness probe
+      ##
+      readinessProbe:
+        enabled: true
+        failureThreshold: 3
+        initialDelaySeconds: 5
+        periodSeconds: 10
+        successThreshold: 1
+        timeoutSeconds: 1
+
+      ## Resource limits & requests
+      ##
+      resources: {}
+      # limits:
+      #   cpu: 200m
+      #   memory: 200Mi
+      # requests:
+      #   cpu: 100m
+      #   memory: 100Mi
+
+      # Required for use in managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico),
+      # because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working
+      ##
+      hostNetwork: false
+
+      ## Define which Nodes the Pods are scheduled on.
+      ## ref: https://kubernetes.io/docs/user-guide/node-selection/
+      ##
+      nodeSelector: {}
+
+      ## Tolerations for use with node taints
+      ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+      ##
+      tolerations: []
+      # - key: "key"
+      #   operator: "Equal"
+      #   value: "value"
+      #   effect: "NoSchedule"
+
+      ## Assign custom affinity rules to the prometheus operator
+      ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+      ##
+      affinity: {}
+        # nodeAffinity:
+        #   requiredDuringSchedulingIgnoredDuringExecution:
+        #     nodeSelectorTerms:
+        #     - matchExpressions:
+        #       - key: kubernetes.io/e2e-az-name
+        #         operator: In
+        #         values:
+        #         - e2e-az1
+      #         - e2e-az2
+      dnsConfig: {}
+        # nameservers:
+        #   - 1.2.3.4
+        # searches:
+        #   - ns1.svc.cluster-domain.example
+        #   - my.dns.search.suffix
+        # options:
+        #   - name: ndots
+        #     value: "2"
+        #   - name: edns0
+      securityContext:
+        fsGroup: 65534
+        runAsGroup: 65534
+        runAsNonRoot: true
+        runAsUser: 65534
+        seccompProfile:
+          type: RuntimeDefault
+
+      ## Container-specific security context configuration
+      ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+      ##
+      containerSecurityContext:
+        allowPrivilegeEscalation: false
+        readOnlyRootFilesystem: true
+        capabilities:
+          drop:
+            - ALL
+
+      ## If false then the user will opt out of automounting API credentials.
+      ##
+      automountServiceAccountToken: true
+
+    patch:
+      enabled: true
+      image:
+        repository: rancher/mirrored-ingress-nginx-kube-webhook-certgen
+        tag: v1.4.3
+        sha: ""
+        pullPolicy: IfNotPresent
+      resources: {}
+      ## Provide a priority class name to the webhook patching job
+      ##
+      priorityClassName: ""
+      annotations: {}
+      #   argocd.argoproj.io/hook: PreSync
+      #   argocd.argoproj.io/hook-delete-policy: HookSucceeded
+      podAnnotations: {}
+      nodeSelector: {}
+      affinity: {}
+      tolerations: []
+
+      ## SecurityContext holds pod-level security attributes and common container settings.
+      ## This defaults to non root user with uid 2000 and gid 2000. *v1.PodSecurityContext  false
+      ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+      ##
+      securityContext:
+        runAsGroup: 2000
+        runAsNonRoot: true
+        runAsUser: 2000
+        seccompProfile:
+          type: RuntimeDefault
+
+    # Security context for create job container
+    createSecretJob:
+      securityContext:
+        allowPrivilegeEscalation: false
+        readOnlyRootFilesystem: true
+        capabilities:
+          drop:
+          - ALL
+
+      # Security context for patch job container
+    patchWebhookJob:
+      securityContext:
+        allowPrivilegeEscalation: false
+        readOnlyRootFilesystem: true
+        capabilities:
+          drop:
+          - ALL
+
+    # Use certmanager to generate webhook certs
+    certManager:
+      enabled: false
+      # self-signed root certificate
+      rootCert:
+        duration: ""  # default to be 5y
+      admissionCert:
+        duration: ""  # default to be 1y
+      # issuerRef:
+      #   name: "issuer"
+      #   kind: "ClusterIssuer"
+
+  ## Namespaces to scope the interaction of the Prometheus Operator and the apiserver (allow list).
+  ## This is mutually exclusive with denyNamespaces. Setting this to an empty object will disable the configuration
+  ##
+  namespaces: {}
+    # releaseNamespace: true
+    # additional:
+    # - kube-system
+
+  ## Namespaces not to scope the interaction of the Prometheus Operator (deny list).
+  ##
+  denyNamespaces: []
+
+  ## Filter namespaces to look for prometheus-operator custom resources
+  ##
+  alertmanagerInstanceNamespaces: []
+  alertmanagerConfigNamespaces: []
+  prometheusInstanceNamespaces: []
+  thanosRulerInstanceNamespaces: []
+
+  ## The clusterDomain value will be added to the cluster.peer option of the alertmanager.
+  ## Without this specified option cluster.peer will have value alertmanager-monitoring-alertmanager-0.alertmanager-operated:9094 (default value)
+  ## With this specified option cluster.peer will have value alertmanager-monitoring-alertmanager-0.alertmanager-operated.namespace.svc.cluster-domain:9094
+  ##
+  # clusterDomain: "cluster.local"
+
+  networkPolicy:
+    ## Enable creation of NetworkPolicy resources.
+    ##
+    enabled: false
+
+    ## Flavor of the network policy to use.
+    #  Can be:
+    #  * kubernetes for networking.k8s.io/v1/NetworkPolicy
+    #  * cilium     for cilium.io/v2/CiliumNetworkPolicy
+    flavor: kubernetes
+
+    # cilium:
+    #   egress:
+
+    ## match labels used in selector
+    # matchLabels: {}
+
+  ## Service account for Prometheus Operator to use.
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+  ##
+  serviceAccount:
+    create: true
+    name: ""
+    automountServiceAccountToken: true
+
+  ## Configuration for Prometheus operator service
+  ##
+  service:
+    annotations: {}
+    labels: {}
+    clusterIP: ""
+
+  ## Port to expose on each node
+  ## Only used if service.type is 'NodePort'
+  ##
+    nodePort: 30080
+
+    nodePortTls: 30443
+
+  ## Additional ports to open for Prometheus operator service
+  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#multi-port-services
+  ##
+    additionalPorts: []
+
+  ## Loadbalancer IP
+  ## Only use if service.type is "LoadBalancer"
+  ##
+    loadBalancerIP: ""
+    loadBalancerSourceRanges: []
+
+    ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+    ##
+    externalTrafficPolicy: Cluster
+
+  ## Service type
+  ## NodePort, ClusterIP, LoadBalancer
+  ##
+    type: ClusterIP
+
+    ## List of IP addresses at which the Prometheus server service is available
+    ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
+    ##
+    externalIPs: []
+
+  # ## Labels to add to the operator deployment
+  # ##
+  labels: {}
+
+  ## Annotations to add to the operator deployment
+  ##
+  annotations: {}
+
+  ## Labels to add to the operator pod
+  ##
+  podLabels: {}
+
+  ## Annotations to add to the operator pod
+  ##
+  podAnnotations: {}
+
+  ## Assign a PriorityClassName to pods if set
+  # priorityClassName: ""
+
+  ## Define Log Format
+  # Use logfmt (default) or json logging
+  # logFormat: logfmt
+
+  ## Decrease log verbosity to errors only
+  # logLevel: error
+
+  kubeletService:
+    ## If true, the operator will create and maintain a service for scraping kubelets
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/helm/prometheus-operator/README.md
+    ##
+    enabled: true
+    namespace: kube-system
+    ## Use '{{ template "kube-prometheus-stack.fullname" . }}-kubelet' by default
+    name: ""
+
+  ## Create a servicemonitor for the operator
+  ##
+  serviceMonitor:
+    ## If true, create a serviceMonitor for prometheus operator
+    ##
+    selfMonitor: true
+
+    ## Labels for ServiceMonitor
+    additionalLabels: {}
+
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## Scrape timeout. If not set, the Prometheus default scrape timeout is used.
+    scrapeTimeout: ""
+
+    ## Metric relabel configs to apply to samples before ingestion.
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    #   relabel configs to apply to samples before ingestion.
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+  ## Resource limits & requests
+  ##
+  resources:
+    limits:
+      cpu: 200m
+      memory: 500Mi
+    requests:
+      cpu: 100m
+      memory: 100Mi
+
+  ## Operator Environment
+  ##  env:
+  ##    VARIABLE: value
+  env:
+    GOGC: "30"
+
+  # Required for use in managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico),
+  # because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working
+  ##
+  hostNetwork: false
+
+  ## Define which Nodes the Pods are scheduled on.
+  ## ref: https://kubernetes.io/docs/user-guide/node-selection/
+  ##
+  nodeSelector: {}
+
+  ## Tolerations for use with node taints
+  ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+  ##
+  tolerations: []
+  # - key: "key"
+  #   operator: "Equal"
+  #   value: "value"
+  #   effect: "NoSchedule"
+
+  ## Assign custom affinity rules to the prometheus operator
+  ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+  ##
+  affinity: {}
+    # nodeAffinity:
+    #   requiredDuringSchedulingIgnoredDuringExecution:
+    #     nodeSelectorTerms:
+    #     - matchExpressions:
+    #       - key: kubernetes.io/e2e-az-name
+    #         operator: In
+    #         values:
+    #         - e2e-az1
+    #         - e2e-az2
+  dnsConfig: {}
+    # nameservers:
+    #   - 1.2.3.4
+    # searches:
+    #   - ns1.svc.cluster-domain.example
+    #   - my.dns.search.suffix
+    # options:
+    #   - name: ndots
+    #     value: "2"
+  #   - name: edns0
+  securityContext:
+    fsGroup: 65534
+    runAsGroup: 65534
+    runAsNonRoot: true
+    runAsUser: 65534
+    seccompProfile:
+      type: RuntimeDefault
+
+  ## Container-specific security context configuration
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+  ##
+  containerSecurityContext:
+    allowPrivilegeEscalation: false
+    readOnlyRootFilesystem: true
+    capabilities:
+      drop:
+      - ALL
+
+  # Enable vertical pod autoscaler support for prometheus-operator
+  verticalPodAutoscaler:
+    enabled: false
+
+    # Recommender responsible for generating recommendation for the object.
+    # List should be empty (then the default recommender will generate the recommendation)
+    # or contain exactly one recommender.
+    # recommenders:
+    # - name: custom-recommender-performance
+
+    # List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
+    controlledResources: []
+    # Specifies which resource values should be controlled: RequestsOnly or RequestsAndLimits.
+    # controlledValues: RequestsAndLimits
+
+    # Define the max allowed resources for the pod
+    maxAllowed: {}
+    # cpu: 200m
+    # memory: 100Mi
+    # Define the min allowed resources for the pod
+    minAllowed: {}
+    # cpu: 200m
+    # memory: 100Mi
+
+    updatePolicy:
+      # Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction
+      # minReplicas: 1
+      # Specifies whether recommended updates are applied when a Pod is started and whether recommended updates
+      # are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto".
+      updateMode: Auto
+
+  ## Prometheus-operator image
+  ##
+  image:
+    repository: rancher/mirrored-prometheus-operator-prometheus-operator
+    tag: v0.72.0
+    sha: ""
+    pullPolicy: IfNotPresent
+
+  ## Prometheus image to use for prometheuses managed by the operator
+  ##
+  # prometheusDefaultBaseImage: prometheus/prometheus
+
+  ## Prometheus image registry to use for prometheuses managed by the operator
+  ##
+  # prometheusDefaultBaseImageRegistry: quay.io
+
+  ## Alertmanager image to use for alertmanagers managed by the operator
+  ##
+  # alertmanagerDefaultBaseImage: prometheus/alertmanager
+
+  ## Alertmanager image registry to use for alertmanagers managed by the operator
+  ##
+  # alertmanagerDefaultBaseImageRegistry: quay.io
+
+  ## Prometheus-config-reloader
+  ##
+  prometheusConfigReloader:
+    image:
+      repository: rancher/mirrored-prometheus-operator-prometheus-config-reloader
+      tag: v0.72.0
+      sha: ""
+
+    # add prometheus config reloader liveness and readiness probe. Default: false
+    enableProbe: false
+
+    # resource config for prometheusConfigReloader
+    resources: {}
+      # requests:
+      #   cpu: 200m
+      #   memory: 50Mi
+      # limits:
+      #   cpu: 200m
+      #   memory: 50Mi
+
+  ## Thanos side-car image when configured
+  ##
+  thanosImage:
+    repository: rancher/mirrored-thanos-thanos
+    tag: v0.34.1
+    sha: ""
+
+  ## Set a Label Selector to filter watched prometheus and prometheusAgent
+  ##
+  prometheusInstanceSelector: ""
+
+  ## Set a Label Selector to filter watched alertmanager
+  ##
+  alertmanagerInstanceSelector: ""
+
+  ## Set a Label Selector to filter watched thanosRuler
+  thanosRulerInstanceSelector: ""
+
+  ## Set a Field Selector to filter watched secrets
+  ##
+  secretFieldSelector: "type!=kubernetes.io/dockercfg,type!=kubernetes.io/service-account-token,type!=helm.sh/release.v1"
+
+  ## If false then the user will opt out of automounting API credentials.
+  ##
+  automountServiceAccountToken: true
+
+  ## Additional volumes
+  ##
+  extraVolumes: []
+
+  ## Additional volume mounts
+  ##
+  extraVolumeMounts: []
+
+## Deploy a Prometheus instance
+##
+prometheus:
+  enabled: true
+
+  ## Toggle prometheus into agent mode
+  ## Note many of features described below (e.g. rules, query, alerting, remote read, thanos) will not work in agent mode.
+  ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/designs/prometheus-agent.md
+  ##
+  agentMode: false
+
+  ## Annotations for Prometheus
+  ##
+  annotations: {}
+
+  ## Configure network policy for the prometheus
+  networkPolicy:
+    enabled: false
+
+    ## Flavor of the network policy to use.
+    #  Can be:
+    #  * kubernetes for networking.k8s.io/v1/NetworkPolicy
+    #  * cilium     for cilium.io/v2/CiliumNetworkPolicy
+    flavor: kubernetes
+
+    # cilium:
+    #   endpointSelector:
+    #   egress:
+    #   ingress:
+
+    # egress:
+    # - {}
+    # ingress:
+    # - {}
+    # podSelector:
+    #   matchLabels:
+    #     app: prometheus
+
+  ## Service account for Prometheuses to use.
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+  ##
+  serviceAccount:
+    create: true
+    name: ""
+    annotations: {}
+    automountServiceAccountToken: true
+
+  # Service for thanos service discovery on sidecar
+  # Enable this can make Thanos Query can use
+  # `--store=dnssrv+_grpc._tcp.${kube-prometheus-stack.fullname}-thanos-discovery.${namespace}.svc.cluster.local` to discovery
+  # Thanos sidecar on prometheus nodes
+  # (Please remember to change ${kube-prometheus-stack.fullname} and ${namespace}. Not just copy and paste!)
+  thanosService:
+    enabled: false
+    annotations: {}
+    labels: {}
+
+    ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+    ##
+    externalTrafficPolicy: Cluster
+
+    ## Service type
+    ##
+    type: ClusterIP
+
+    ## gRPC port config
+    portName: grpc
+    port: 10901
+    targetPort: "grpc"
+
+    ## HTTP port config (for metrics)
+    httpPortName: http
+    httpPort: 10902
+    targetHttpPort: "http"
+
+    ## ClusterIP to assign
+    # Default is to make this a headless service ("None")
+    clusterIP: "None"
+
+    ## Port to expose on each node, if service type is NodePort
+    ##
+    nodePort: 30901
+    httpNodePort: 30902
+
+  # ServiceMonitor to scrape Sidecar metrics
+  # Needs thanosService to be enabled as well
+  thanosServiceMonitor:
+    enabled: false
+    interval: ""
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+
+    ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS.
+    scheme: ""
+
+    ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS.
+    ## Of type: https://github.com/coreos/prometheus-operator/blob/main/Documentation/api.md#tlsconfig
+    tlsConfig: {}
+
+    bearerTokenFile:
+
+    ## Metric relabel configs to apply to samples before ingestion.
+    metricRelabelings: []
+
+    ## relabel configs to apply to samples before ingestion.
+    relabelings: []
+
+  # Service for external access to sidecar
+  # Enabling this creates a service to expose thanos-sidecar outside the cluster.
+  thanosServiceExternal:
+    enabled: false
+    annotations: {}
+    labels: {}
+    loadBalancerIP: ""
+    loadBalancerSourceRanges: []
+
+    ## gRPC port config
+    portName: grpc
+    port: 10901
+    targetPort: "grpc"
+
+    ## HTTP port config (for metrics)
+    httpPortName: http
+    httpPort: 10902
+    targetHttpPort: "http"
+
+    ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+    ##
+    externalTrafficPolicy: Cluster
+
+    ## Service type
+    ##
+    type: LoadBalancer
+
+    ## Port to expose on each node
+    ##
+    nodePort: 30901
+    httpNodePort: 30902
+
+  ## Configuration for Prometheus service
+  ##
+  service:
+    annotations: {}
+    labels: {}
+    clusterIP: ""
+
+    ## Port for Prometheus Service to listen on
+    ##
+    port: 9090
+
+    ## To be used with a proxy extraContainer port
+    targetPort: 8081
+
+    ## Port for Prometheus Reloader to listen on
+    ##
+    reloaderWebPort: 8080
+
+    ## List of IP addresses at which the Prometheus server service is available
+    ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
+    ##
+    externalIPs: []
+
+    ## Port to expose on each node
+    ## Only used if service.type is 'NodePort'
+    ##
+    nodePort: 30090
+
+    ## Loadbalancer IP
+    ## Only use if service.type is "LoadBalancer"
+    loadBalancerIP: ""
+    loadBalancerSourceRanges: []
+
+    ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+    ##
+    externalTrafficPolicy: Cluster
+
+    ## Service type
+    ##
+    type: ClusterIP
+
+    ## Additional ports to open for Prometheus service
+    ##
+    additionalPorts: []
+    # additionalPorts:
+    # - name: oauth-proxy
+    #   port: 8081
+    #   targetPort: 8081
+    # - name: oauth-metrics
+    #   port: 8082
+    #   targetPort: 8082
+
+    ## Consider that all endpoints are considered "ready" even if the Pods themselves are not
+    ## Ref: https://kubernetes.io/docs/reference/kubernetes-api/service-resources/service-v1/#ServiceSpec
+    publishNotReadyAddresses: false
+
+    ## If you want to make sure that connections from a particular client are passed to the same Pod each time
+    ## Accepts 'ClientIP' or 'None'
+    ##
+    sessionAffinity: None
+
+    ## If you want to modify the ClientIP sessionAffinity timeout
+    ## The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP"
+    ##
+    sessionAffinityConfig:
+      clientIP:
+        timeoutSeconds: 10800
+
+  ## Configuration for creating a separate Service for each statefulset Prometheus replica
+  ##
+  servicePerReplica:
+    enabled: false
+    annotations: {}
+
+    ## Port for Prometheus Service per replica to listen on
+    ##
+    port: 9090
+
+    ## To be used with a proxy extraContainer port
+    targetPort: 9090
+
+    ## Port to expose on each node
+    ## Only used if servicePerReplica.type is 'NodePort'
+    ##
+    nodePort: 30091
+
+    ## Loadbalancer source IP ranges
+    ## Only used if servicePerReplica.type is "LoadBalancer"
+    loadBalancerSourceRanges: []
+
+    ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+    ##
+    externalTrafficPolicy: Cluster
+
+    ## Service type
+    ##
+    type: ClusterIP
+
+  ## Configure pod disruption budgets for Prometheus
+  ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
+  ## This configuration is immutable once created and will require the PDB to be deleted to be changed
+  ## https://github.com/kubernetes/kubernetes/issues/45398
+  ##
+  podDisruptionBudget:
+    enabled: false
+    minAvailable: 1
+    maxUnavailable: ""
+
+  # Ingress exposes thanos sidecar outside the cluster
+  thanosIngress:
+    enabled: false
+
+    # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+    # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+    # ingressClassName: nginx
+
+    annotations: {}
+    labels: {}
+    servicePort: 10901
+
+    ## Port to expose on each node
+    ## Only used if service.type is 'NodePort'
+    ##
+    nodePort: 30901
+
+    ## Hosts must be provided if Ingress is enabled.
+    ##
+    hosts: []
+      # - thanos-gateway.domain.com
+
+    ## Paths to use for ingress rules
+    ##
+    paths: []
+    # - /
+
+    ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
+    ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
+    # pathType: ImplementationSpecific
+
+    ## TLS configuration for Thanos Ingress
+    ## Secret must be manually created in the namespace
+    ##
+    tls: []
+    # - secretName: thanos-gateway-tls
+    #   hosts:
+    #   - thanos-gateway.domain.com
+    #
+
+  ## ExtraSecret can be used to store various data in an extra secret
+  ## (use it for example to store hashed basic auth credentials)
+  extraSecret:
+    ## if not set, name will be auto generated
+    # name: ""
+    annotations: {}
+    data: {}
+  #   auth: |
+  #     foo:$apr1$OFG3Xybp$ckL0FHDAkoXYIlH9.cysT0
+  #     someoneelse:$apr1$DMZX2Z4q$6SbQIfyuLQd.xmo/P0m2c.
+
+  ingress:
+    enabled: false
+
+    # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+    # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+    # ingressClassName: nginx
+
+    annotations: {}
+    labels: {}
+
+    ## Redirect ingress to an additional defined port on the service
+    # servicePort: 8081
+
+    ## Hostnames.
+    ## Must be provided if Ingress is enabled.
+    ##
+    # hosts:
+    #   - prometheus.domain.com
+    hosts: []
+
+    ## Paths to use for ingress rules - one path should match the prometheusSpec.routePrefix
+    ##
+    paths: []
+    # - /
+
+    ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
+    ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
+    # pathType: ImplementationSpecific
+
+    ## TLS configuration for Prometheus Ingress
+    ## Secret must be manually created in the namespace
+    ##
+    tls: []
+      # - secretName: prometheus-general-tls
+      #   hosts:
+      #     - prometheus.example.com
+
+  ## Configuration for creating an Ingress that will map to each Prometheus replica service
+  ## prometheus.servicePerReplica must be enabled
+  ##
+  ingressPerReplica:
+    enabled: false
+
+    # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+    # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+    # ingressClassName: nginx
+
+    annotations: {}
+    labels: {}
+
+    ## Final form of the hostname for each per replica ingress is
+    ## {{ ingressPerReplica.hostPrefix }}-{{ $replicaNumber }}.{{ ingressPerReplica.hostDomain }}
+    ##
+    ## Prefix for the per replica ingress that will have `-$replicaNumber`
+    ## appended to the end
+    hostPrefix: ""
+    ## Domain that will be used for the per replica ingress
+    hostDomain: ""
+
+    ## Paths to use for ingress rules
+    ##
+    paths: []
+    # - /
+
+    ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
+    ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
+    # pathType: ImplementationSpecific
+
+    ## Secret name containing the TLS certificate for Prometheus per replica ingress
+    ## Secret must be manually created in the namespace
+    tlsSecretName: ""
+
+    ## Separated secret for each per replica Ingress. Can be used together with cert-manager
+    ##
+    tlsSecretPerReplica:
+      enabled: false
+      ## Final form of the secret for each per replica ingress is
+      ## {{ tlsSecretPerReplica.prefix }}-{{ $replicaNumber }}
+      ##
+      prefix: "prometheus"
+
+  ## Configure additional options for default pod security policy for Prometheus
+  ## ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
+  podSecurityPolicy:
+    allowedCapabilities: []
+    allowedHostPaths: []
+    volumes: []
+
+  serviceMonitor:
+    ## If true, create a serviceMonitor for prometheus
+    ##
+    selfMonitor: true
+
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS.
+    scheme: ""
+
+    ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS.
+    ## Of type: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#tlsconfig
+    tlsConfig: {}
+
+    bearerTokenFile:
+
+    ## Metric relabel configs to apply to samples before ingestion.
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    #   relabel configs to apply to samples before ingestion.
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional Endpoints
+    ##
+    additionalEndpoints: []
+    # - port: oauth-metrics
+    #   path: /metrics
+
+  ## Settings affecting prometheusSpec
+  ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#prometheusspec
+  ##
+  prometheusSpec:
+    ## If true, pass --storage.tsdb.max-block-duration=2h to prometheus. This is already done if using Thanos
+    ##
+    disableCompaction: false
+    ## APIServerConfig
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#apiserverconfig
+    ##
+    apiserverConfig: {}
+
+    ## Allows setting additional arguments for the Prometheus container
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.Prometheus
+    additionalArgs: []
+
+    ## Interval between consecutive scrapes.
+    ## Defaults to 30s.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/release-0.44/pkg/prometheus/promcfg.go#L180-L183
+    ##
+    scrapeInterval: "30s"
+
+    ## Number of seconds to wait for target to respond before erroring
+    ##
+    # scrapeTimeout: "30s"
+
+    ## Interval between consecutive evaluations.
+    ##
+    evaluationInterval: "30s"
+
+    ## ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP.
+    ##
+    listenLocal: false
+
+    ## EnableAdminAPI enables Prometheus the administrative HTTP API which includes functionality such as deleting time series.
+    ## This is disabled by default.
+    ## ref: https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis
+    ##
+    enableAdminAPI: false
+
+    ## Sets version of Prometheus overriding the Prometheus version as derived
+    ## from the image tag. Useful in cases where the tag does not follow semver v2.
+    version: ""
+
+    ## WebTLSConfig defines the TLS parameters for HTTPS
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#webtlsconfig
+    web: {}
+
+    ## Exemplars related settings that are runtime reloadable.
+    ## It requires to enable the exemplar storage feature to be effective.
+    exemplars: ""
+      ## Maximum number of exemplars stored in memory for all series.
+      ## If not set, Prometheus uses its default value.
+      ## A value of zero or less than zero disables the storage.
+      # maxSize: 100000
+
+    # EnableFeatures API enables access to Prometheus disabled features.
+    # ref: https://prometheus.io/docs/prometheus/latest/disabled_features/
+    enableFeatures: []
+    # - exemplar-storage
+
+    ## Image of Prometheus.
+    ##
+    image:
+      repository: rancher/mirrored-prometheus-prometheus
+      tag: v2.50.1
+      sha: ""
+
+    ## Tolerations for use with node taints
+    ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+    ##
+    tolerations: []
+    #  - key: "key"
+    #    operator: "Equal"
+    #    value: "value"
+    #    effect: "NoSchedule"
+
+    ## If specified, the pod's topology spread constraints.
+    ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
+    ##
+    topologySpreadConstraints: []
+    # - maxSkew: 1
+    #   topologyKey: topology.kubernetes.io/zone
+    #   whenUnsatisfiable: DoNotSchedule
+    #   labelSelector:
+    #     matchLabels:
+    #       app: prometheus
+
+    ## Alertmanagers to which alerts will be sent
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#alertmanagerendpoints
+    ##
+    ## Default configuration will connect to the alertmanager deployed as part of this release
+    ##
+    alertingEndpoints: []
+    # - name: ""
+    #   namespace: ""
+    #   port: http
+    #   scheme: http
+    #   pathPrefix: ""
+    #   tlsConfig: {}
+    #   bearerTokenFile: ""
+    #   apiVersion: v2
+
+    ## External labels to add to any time series or alerts when communicating with external systems
+    ##
+    externalLabels: {}
+
+    ## enable --web.enable-remote-write-receiver flag on prometheus-server
+    ##
+    enableRemoteWriteReceiver: false
+
+    ## Name of the external label used to denote replica name
+    ##
+    replicaExternalLabelName: ""
+
+    ## If true, the Operator won't add the external label used to denote replica name
+    ##
+    replicaExternalLabelNameClear: false
+
+    ## Name of the external label used to denote Prometheus instance name
+    ##
+    prometheusExternalLabelName: ""
+
+    ## If true, the Operator won't add the external label used to denote Prometheus instance name
+    ##
+    prometheusExternalLabelNameClear: false
+
+    ## External URL at which Prometheus will be reachable.
+    ##
+    externalUrl: ""
+
+    ## Define which Nodes the Pods are scheduled on.
+    ## ref: https://kubernetes.io/docs/user-guide/node-selection/
+    ##
+    nodeSelector: {}
+
+    ## Secrets is a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods.
+    ## The Secrets are mounted into /etc/prometheus/secrets/. Secrets changes after initial creation of a Prometheus object are not
+    ## reflected in the running Pods. To change the secrets mounted into the Prometheus Pods, the object must be deleted and recreated
+    ## with the new list of secrets.
+    ##
+    secrets: []
+
+    ## ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods.
+    ## The ConfigMaps are mounted into /etc/prometheus/configmaps/.
+    ##
+    configMaps: []
+
+    ## QuerySpec defines the query command line flags when starting Prometheus.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#queryspec
+    ##
+    query: {}
+
+    ## If nil, select own namespace. Namespaces to be selected for PrometheusRules discovery.
+    ruleNamespaceSelector: {}
+    ## Example which selects PrometheusRules in namespaces with label "prometheus" set to "somelabel"
+    # ruleNamespaceSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## If true, a nil or {} value for prometheus.prometheusSpec.ruleSelector will cause the
+    ## prometheus resource to be created with selectors based on values in the helm deployment,
+    ## which will also match the PrometheusRule resources created
+    ##
+    ruleSelectorNilUsesHelmValues: false
+
+    ## PrometheusRules to be selected for target discovery.
+    ## If {}, select all PrometheusRules
+    ##
+    ruleSelector: {}
+    ## Example which select all PrometheusRules resources
+    ## with label "prometheus" with values any of "example-rules" or "example-rules-2"
+    # ruleSelector:
+    #   matchExpressions:
+    #     - key: prometheus
+    #       operator: In
+    #       values:
+    #         - example-rules
+    #         - example-rules-2
+    #
+    ## Example which select all PrometheusRules resources with label "role" set to "example-rules"
+    # ruleSelector:
+    #   matchLabels:
+    #     role: example-rules
+
+    ## If true, a nil or {} value for prometheus.prometheusSpec.serviceMonitorSelector will cause the
+    ## prometheus resource to be created with selectors based on values in the helm deployment,
+    ## which will also match the servicemonitors created
+    ##
+    serviceMonitorSelectorNilUsesHelmValues: false
+
+    ## ServiceMonitors to be selected for target discovery.
+    ## If {}, select all ServiceMonitors
+    ##
+    serviceMonitorSelector: {}
+    ## Example which selects ServiceMonitors with label "prometheus" set to "somelabel"
+    # serviceMonitorSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## Namespaces to be selected for ServiceMonitor discovery.
+    ##
+    serviceMonitorNamespaceSelector: {}
+    ## Example which selects ServiceMonitors in namespaces with label "prometheus" set to "somelabel"
+    # serviceMonitorNamespaceSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## If true, a nil or {} value for prometheus.prometheusSpec.podMonitorSelector will cause the
+    ## prometheus resource to be created with selectors based on values in the helm deployment,
+    ## which will also match the podmonitors created
+    ##
+    podMonitorSelectorNilUsesHelmValues: false
+
+    ## PodMonitors to be selected for target discovery.
+    ## If {}, select all PodMonitors
+    ##
+    podMonitorSelector: {}
+    ## Example which selects PodMonitors with label "prometheus" set to "somelabel"
+    # podMonitorSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## If nil, select own namespace. Namespaces to be selected for PodMonitor discovery.
+    podMonitorNamespaceSelector: {}
+    ## Example which selects PodMonitor in namespaces with label "prometheus" set to "somelabel"
+    # podMonitorNamespaceSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## If true, a nil or {} value for prometheus.prometheusSpec.probeSelector will cause the
+    ## prometheus resource to be created with selectors based on values in the helm deployment,
+    ## which will also match the probes created
+    ##
+    probeSelectorNilUsesHelmValues: true
+
+    ## Probes to be selected for target discovery.
+    ## If {}, select all Probes
+    ##
+    probeSelector: {}
+    ## Example which selects Probes with label "prometheus" set to "somelabel"
+    # probeSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## If nil, select own namespace. Namespaces to be selected for Probe discovery.
+    probeNamespaceSelector: {}
+    ## Example which selects Probe in namespaces with label "prometheus" set to "somelabel"
+    # probeNamespaceSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## If true, a nil or {} value for prometheus.prometheusSpec.scrapeConfigSelector will cause the
+    ## prometheus resource to be created with selectors based on values in the helm deployment,
+    ## which will also match the scrapeConfigs created
+    ##
+    scrapeConfigSelectorNilUsesHelmValues: true
+
+    ## scrapeConfigs to be selected for target discovery.
+    ## If {}, select all scrapeConfigs
+    ##
+    scrapeConfigSelector: {}
+    ## Example which selects scrapeConfigs with label "prometheus" set to "somelabel"
+    # scrapeConfigSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## If nil, select own namespace. Namespaces to be selected for scrapeConfig discovery.
+    scrapeConfigNamespaceSelector: {}
+    ## Example which selects scrapeConfig in namespaces with label "prometheus" set to "somelabel"
+    # scrapeConfigNamespaceSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## How long to retain metrics
+    ##
+    retention: 10d
+
+    ## Maximum size of metrics
+    ##
+    retentionSize: ""
+
+    ## Allow out-of-order/out-of-bounds samples ingested into Prometheus for a specified duration
+    ## See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#tsdb
+    tsdb:
+      outOfOrderTimeWindow: 0s
+
+    ## Enable compression of the write-ahead log using Snappy.
+    ##
+    walCompression: true
+
+    ## If true, the Operator won't process any Prometheus configuration changes
+    ##
+    paused: false
+
+    ## Number of replicas of each shard to deploy for a Prometheus deployment.
+    ## Number of replicas multiplied by shards is the total number of Pods created.
+    ##
+    replicas: 1
+
+    ## EXPERIMENTAL: Number of shards to distribute targets onto.
+    ## Number of replicas multiplied by shards is the total number of Pods created.
+    ## Note that scaling down shards will not reshard data onto remaining instances, it must be manually moved.
+    ## Increasing shards will not reshard data either but it will continue to be available from the same instances.
+    ## To query globally use Thanos sidecar and Thanos querier or remote write data to a central location.
+    ## Sharding is done on the content of the `__address__` target meta-label.
+    ##
+    shards: 1
+
+    ## Log level for Prometheus be configured in
+    ##
+    logLevel: info
+
+    ## Log format for Prometheus be configured in
+    ##
+    logFormat: logfmt
+
+    ## Prefix used to register routes, overriding externalUrl route.
+    ## Useful for proxies that rewrite URLs.
+    ##
+    routePrefix: /
+
+    ## Standard object's metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata
+    ## Metadata Labels and Annotations gets propagated to the prometheus pods.
+    ##
+    podMetadata: {}
+    # labels:
+    #   app: prometheus
+    #   k8s-app: prometheus
+
+    ## Pod anti-affinity can prevent the scheduler from placing Prometheus replicas on the same node.
+    ## The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided.
+    ## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node.
+    ## The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured.
+    podAntiAffinity: ""
+
+    ## If anti-affinity is enabled sets the topologyKey to use for anti-affinity.
+    ## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone
+    ##
+    podAntiAffinityTopologyKey: kubernetes.io/hostname
+
+    ## Assign custom affinity rules to the prometheus instance
+    ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+    ##
+    affinity: {}
+    # nodeAffinity:
+    #   requiredDuringSchedulingIgnoredDuringExecution:
+    #     nodeSelectorTerms:
+    #     - matchExpressions:
+    #       - key: kubernetes.io/e2e-az-name
+    #         operator: In
+    #         values:
+    #         - e2e-az1
+    #         - e2e-az2
+
+    ## The remote_read spec configuration for Prometheus.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#remotereadspec
+    remoteRead: []
+    # - url: http://remote1/read
+    ## additionalRemoteRead is appended to remoteRead
+    additionalRemoteRead: []
+
+    ## The remote_write spec configuration for Prometheus.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#remotewritespec
+    remoteWrite: []
+    # - url: http://remote1/push
+    ## additionalRemoteWrite is appended to remoteWrite
+    additionalRemoteWrite: []
+
+    ## Enable/Disable Grafana dashboards provisioning for prometheus remote write feature
+    remoteWriteDashboards: false
+
+    ## Resource limits & requests
+    ##
+    resources:
+      limits:
+        memory: 3000Mi
+        cpu: 1000m
+      requests:
+        memory: 750Mi
+        cpu: 750m
+
+    ## Prometheus StorageSpec for persistent data
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/storage.md
+    ##
+    storageSpec: {}
+    ## Using PersistentVolumeClaim
+    ##
+    #  volumeClaimTemplate:
+    #    spec:
+    #      storageClassName: gluster
+    #      accessModes: ["ReadWriteOnce"]
+    #      resources:
+    #        requests:
+    #          storage: 50Gi
+    #    selector: {}
+
+    ## Using tmpfs volume
+    ##
+    #  emptyDir:
+    #    medium: Memory
+
+    # Additional volumes on the output StatefulSet definition.
+    volumes:
+      - name: nginx-home
+        emptyDir: {}
+      - name: prometheus-nginx
+        configMap:
+          name: prometheus-nginx-proxy-config
+          defaultMode: 438
+
+    # Additional VolumeMounts on the output StatefulSet definition.
+    volumeMounts: []
+
+    ## AdditionalScrapeConfigs allows specifying additional Prometheus scrape configurations. Scrape configurations
+    ## are appended to the configurations generated by the Prometheus Operator. Job configurations must have the form
+    ## as specified in the official Prometheus documentation:
+    ## https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. As scrape configs are
+    ## appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility
+    ## to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible
+    ## scrape configs are going to break Prometheus after the upgrade.
+    ## AdditionalScrapeConfigs can be defined as a list or as a templated string.
+    ##
+    ## The scrape configuration example below will find master nodes, provided they have the name .*mst.*, relabel the
+    ## port to 2379 and allow etcd scraping provided it is running on all Kubernetes master nodes
+    ##
+    additionalScrapeConfigs: []
+    # - job_name: kube-etcd
+    #   kubernetes_sd_configs:
+    #     - role: node
+    #   scheme: https
+    #   tls_config:
+    #     ca_file:   /etc/prometheus/secrets/etcd-client-cert/etcd-ca
+    #     cert_file: /etc/prometheus/secrets/etcd-client-cert/etcd-client
+    #     key_file:  /etc/prometheus/secrets/etcd-client-cert/etcd-client-key
+    #   relabel_configs:
+    #   - action: labelmap
+    #     regex: __meta_kubernetes_node_label_(.+)
+    #   - source_labels: [__address__]
+    #     action: replace
+    #     targetLabel: __address__
+    #     regex: ([^:;]+):(\d+)
+    #     replacement: ${1}:2379
+    #   - source_labels: [__meta_kubernetes_node_name]
+    #     action: keep
+    #     regex: .*mst.*
+    #   - source_labels: [__meta_kubernetes_node_name]
+    #     action: replace
+    #     targetLabel: node
+    #     regex: (.*)
+    #     replacement: ${1}
+    #   metric_relabel_configs:
+    #   - regex: (kubernetes_io_hostname|failure_domain_beta_kubernetes_io_region|beta_kubernetes_io_os|beta_kubernetes_io_arch|beta_kubernetes_io_instance_type|failure_domain_beta_kubernetes_io_zone)
+    #     action: labeldrop
+    #
+    ## If scrape config contains a repetitive section, you may want to use a template.
+    ## In the following example, you can see how to define `gce_sd_configs` for multiple zones
+    # additionalScrapeConfigs: |
+    #  - job_name: "node-exporter"
+    #    gce_sd_configs:
+    #    {{range $zone := .Values.gcp_zones}}
+    #    - project: "project1"
+    #      zone: "{{$zone}}"
+    #      port: 9100
+    #    {{end}}
+    #    relabel_configs:
+    #    ...
+
+
+    ## If additional scrape configurations are already deployed in a single secret file you can use this section.
+    ## Expected values are the secret name and key
+    ## Cannot be used with additionalScrapeConfigs
+    additionalScrapeConfigsSecret: {}
+      # enabled: false
+      # name:
+      # key:
+
+    ## additionalPrometheusSecretsAnnotations allows to add annotations to the kubernetes secret. This can be useful
+    ## when deploying via spinnaker to disable versioning on the secret, strategy.spinnaker.io/versioned: 'false'
+    additionalPrometheusSecretsAnnotations: {}
+
+    ## AdditionalAlertManagerConfigs allows for manual configuration of alertmanager jobs in the form as specified
+    ## in the official Prometheus documentation https://prometheus.io/docs/prometheus/latest/configuration/configuration/#<alertmanager_config>.
+    ## AlertManager configurations specified are appended to the configurations generated by the Prometheus Operator.
+    ## As AlertManager configs are appended, the user is responsible to make sure it is valid. Note that using this
+    ## feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release
+    ## notes to ensure that no incompatible AlertManager configs are going to break Prometheus after the upgrade.
+    ##
+    additionalAlertManagerConfigs: []
+    # - consul_sd_configs:
+    #   - server: consul.dev.test:8500
+    #     scheme: http
+    #     datacenter: dev
+    #     tag_separator: ','
+    #     services:
+    #       - metrics-prometheus-alertmanager
+
+    ## If additional alertmanager configurations are already deployed in a single secret, or you want to manage
+    ## them separately from the helm deployment, you can use this section.
+    ## Expected values are the secret name and key
+    ## Cannot be used with additionalAlertManagerConfigs
+    additionalAlertManagerConfigsSecret: {}
+      # name:
+      # key:
+      # optional: false
+
+    ## AdditionalAlertRelabelConfigs allows specifying Prometheus alert relabel configurations. Alert relabel configurations specified are appended
+    ## to the configurations generated by the Prometheus Operator. Alert relabel configurations specified must have the form as specified in the
+    ## official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs.
+    ## As alert relabel configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the
+    ## possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible alert relabel
+    ## configs are going to break Prometheus after the upgrade.
+    ##
+    additionalAlertRelabelConfigs: []
+    # - separator: ;
+    #   regex: prometheus_replica
+    #   replacement: $1
+    #   action: labeldrop
+
+    ## If additional alert relabel configurations are already deployed in a single secret, or you want to manage
+    ## them separately from the helm deployment, you can use this section.
+    ## Expected values are the secret name and key
+    ## Cannot be used with additionalAlertRelabelConfigs
+    additionalAlertRelabelConfigsSecret: {}
+      # name:
+      # key:
+
+    ## SecurityContext holds pod-level security attributes and common container settings.
+    ## This defaults to non root user with uid 1000 and gid 2000.
+    ## https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md
+    ##
+    securityContext:
+      runAsGroup: 2000
+      runAsNonRoot: true
+      runAsUser: 1000
+      fsGroup: 2000
+      seccompProfile:
+        type: RuntimeDefault
+
+    ## Priority class assigned to the Pods
+    ##
+    priorityClassName: ""
+
+    ## Thanos configuration allows configuring various aspects of a Prometheus server in a Thanos environment.
+    ## This section is experimental, it may change significantly without deprecation notice in any release.
+    ## This is experimental and may change significantly without backward compatibility in any release.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#thanosspec
+    ##
+    thanos: {}
+      # secretProviderClass:
+      #   provider: gcp
+      #   parameters:
+      #     secrets: |
+      #       - resourceName: "projects/$PROJECT_ID/secrets/testsecret/versions/latest"
+      #         fileName: "objstore.yaml"
+      ## ObjectStorageConfig configures object storage in Thanos.
+      # objectStorageConfig:
+      #   # use existing secret, if configured, objectStorageConfig.secret will not be used
+      #   existingSecret: {}
+      #     # name: ""
+      #     # key: ""
+      #   # will render objectStorageConfig secret data and configure it to be used by Thanos custom resource,
+      #   # ignored when prometheusspec.thanos.objectStorageConfig.existingSecret is set
+      #   # https://thanos.io/tip/thanos/storage.md/#s3
+      #   secret: {}
+      #     # type: S3
+      #     # config:
+      #     #   bucket: ""
+      #     #   endpoint: ""
+      #     #   region: ""
+      #     #   access_key: ""
+      #     #   secret_key: ""
+
+    proxy:
+      image:
+        repository: rancher/mirrored-library-nginx
+        tag: 1.24.0-alpine
+
+    ## Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to a Prometheus pod.
+    ## if using proxy extraContainer update targetPort with proxy container port
+    containers:  |
+      - name: prometheus-proxy
+        args:
+        - nginx
+        - -g
+        - daemon off;
+        - -c
+        - /nginx/nginx.conf
+        image: "{{ template "system_default_registry" . }}{{ .Values.prometheus.prometheusSpec.proxy.image.repository }}:{{ .Values.prometheus.prometheusSpec.proxy.image.tag }}"
+        ports:
+        - containerPort: 8081
+          name: nginx-http
+          protocol: TCP
+        volumeMounts:
+        - mountPath: /nginx
+          name: prometheus-nginx
+        - mountPath: /var/cache/nginx
+          name: nginx-home
+        securityContext:
+          runAsUser: 101
+          runAsGroup: 101
+
+    ## InitContainers allows injecting additional initContainers. This is meant to allow doing some changes
+    ## (permissions, dir tree) on mounted volumes before starting prometheus
+    initContainers: []
+
+    ## PortName to use for Prometheus.
+    ##
+    portName: "http-web"
+
+    ## ArbitraryFSAccessThroughSMs configures whether configuration based on a service monitor can access arbitrary files
+    ## on the file system of the Prometheus container e.g. bearer token files.
+    arbitraryFSAccessThroughSMs: false
+
+    ## OverrideHonorLabels if set to true overrides all user configured honor_labels. If HonorLabels is set in ServiceMonitor
+    ## or PodMonitor to true, this overrides honor_labels to false.
+    overrideHonorLabels: false
+
+    ## OverrideHonorTimestamps allows to globally enforce honoring timestamps in all scrape configs.
+    overrideHonorTimestamps: false
+
+    ## When ignoreNamespaceSelectors is set to true, namespaceSelector from all PodMonitor, ServiceMonitor and Probe objects will be ignored,
+    ## they will only discover targets within the namespace of the PodMonitor, ServiceMonitor and Probe object,
+    ## and servicemonitors will be installed in the default service namespace.
+    ## Defaults to false.
+    ignoreNamespaceSelectors: false
+
+    ## EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert and metric that is user created.
+    ## The label value will always be the namespace of the object that is being created.
+    ## Disabled by default
+    enforcedNamespaceLabel: ""
+
+    ## PrometheusRulesExcludedFromEnforce - list of prometheus rules to be excluded from enforcing of adding namespace labels.
+    ## Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair
+    ## Deprecated, use `excludedFromEnforcement` instead
+    prometheusRulesExcludedFromEnforce: []
+
+    ## ExcludedFromEnforcement - list of object references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects
+    ## to be excluded from enforcing a namespace label of origin.
+    ## Works only if enforcedNamespaceLabel set to true.
+    ## See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#objectreference
+    excludedFromEnforcement: []
+
+    ## QueryLogFile specifies the file to which PromQL queries are logged. Note that this location must be writable,
+    ## and can be persisted using an attached volume. Alternatively, the location can be set to a stdout location such
+    ## as /dev/stdout to log querie information to the default Prometheus log stream. This is only available in versions
+    ## of Prometheus >= 2.16.0. For more details, see the Prometheus docs (https://prometheus.io/docs/guides/query-log/)
+    queryLogFile: false
+
+    # Use to set global sample_limit for Prometheus. This act as default SampleLimit for ServiceMonitor or/and PodMonitor.
+    # Set to 'false' to disable global sample_limit. or set to a number to override the default value.
+    sampleLimit: false
+
+    # EnforcedKeepDroppedTargetsLimit defines on the number of targets dropped by relabeling that will be kept in memory.
+    # The value overrides any spec.keepDroppedTargets set by ServiceMonitor, PodMonitor, Probe objects unless spec.keepDroppedTargets
+    # is greater than zero and less than spec.enforcedKeepDroppedTargets. 0 means no limit.
+    enforcedKeepDroppedTargets: 0
+
+    ## EnforcedSampleLimit defines global limit on number of scraped samples that will be accepted. This overrides any SampleLimit
+    ## set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the SampleLimit to keep overall
+    ## number of samples/series under the desired limit. Note that if SampleLimit is lower that value will be taken instead.
+    enforcedSampleLimit: false
+
+    ## EnforcedTargetLimit defines a global limit on the number of scraped targets. This overrides any TargetLimit set
+    ## per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the TargetLimit to keep the overall
+    ## number of targets under the desired limit. Note that if TargetLimit is lower, that value will be taken instead, except
+    ## if either value is zero, in which case the non-zero value will be used. If both values are zero, no limit is enforced.
+    enforcedTargetLimit: false
+
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. If more than this number of labels are present
+    ## post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions
+    ## 2.27.0 and newer.
+    enforcedLabelLimit: false
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. If a label name is longer than this number
+    ## post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions
+    ## 2.27.0 and newer.
+    enforcedLabelNameLengthLimit: false
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. If a label value is longer than this
+    ## number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus
+    ## versions 2.27.0 and newer.
+    enforcedLabelValueLengthLimit: false
+
+    ## AllowOverlappingBlocks enables vertical compaction and vertical query merge in Prometheus. This is still experimental
+    ## in Prometheus so it may change in any upcoming release.
+    allowOverlappingBlocks: false
+
+    ## Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to
+    ## be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).
+    minReadySeconds: 0
+
+    # Required for use in managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico),
+    # because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working
+    # Use the host's network namespace if true. Make sure to understand the security implications if you want to enable it.
+    # When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically.
+    hostNetwork: false
+
+    # HostAlias holds the mapping between IP and hostnames that will be injected
+    # as an entry in the pod’s hosts file.
+    hostAliases: []
+    #  - ip: 10.10.0.100
+    #    hostnames:
+    #      - a1.app.local
+    #      - b1.app.local
+
+    ## TracingConfig configures tracing in Prometheus.
+    ## See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#prometheustracingconfig
+    tracingConfig: {}
+
+    ## Additional configuration which is not covered by the properties above. (passed through tpl)
+    additionalConfig: {}
+
+    ## Additional configuration which is not covered by the properties above.
+    ## Useful, if you need advanced templating inside alertmanagerSpec.
+    ## Otherwise, use prometheus.prometheusSpec.additionalConfig (passed through tpl)
+    additionalConfigString: ""
+
+    ## Defines the maximum time that the `prometheus` container's startup probe
+    ## will wait before being considered failed. The startup probe will return
+    ## success after the WAL replay is complete. If set, the value should be
+    ## greater than 60 (seconds). Otherwise it will be equal to 600 seconds (15
+    ## minutes).
+    maximumStartupDurationSeconds: 0
+
+  additionalRulesForClusterRole: []
+  #  - apiGroups: [ "" ]
+  #    resources:
+  #      - nodes/proxy
+  #    verbs: [ "get", "list", "watch" ]
+
+  additionalServiceMonitors: []
+  ## Name of the ServiceMonitor to create
+  ##
+  # - name: ""
+
+    ## Additional labels to set used for the ServiceMonitorSelector. Together with standard labels from
+    ## the chart
+    ##
+    # additionalLabels: {}
+
+    ## Service label for use in assembling a job name of the form <label value>-<port>
+    ## If no label is specified, the service name is used.
+    ##
+    # jobLabel: ""
+
+    ## labels to transfer from the kubernetes service to the target
+    ##
+    # targetLabels: []
+
+    ## labels to transfer from the kubernetes pods to the target
+    ##
+    # podTargetLabels: []
+
+    ## Label selector for services to which this ServiceMonitor applies
+    ##
+    # selector: {}
+
+    ## Namespaces from which services are selected
+    ##
+    # namespaceSelector:
+      ## Match any namespace
+      ##
+      # any: false
+
+      ## Explicit list of namespace names to select
+      ##
+      # matchNames: []
+
+    ## Endpoints of the selected service to be monitored
+    ##
+    # endpoints: []
+      ## Name of the endpoint's service port
+      ## Mutually exclusive with targetPort
+      # - port: ""
+
+      ## Name or number of the endpoint's target port
+      ## Mutually exclusive with port
+      # - targetPort: ""
+
+      ## File containing bearer token to be used when scraping targets
+      ##
+      #   bearerTokenFile: ""
+
+      ## Interval at which metrics should be scraped
+      ##
+      #   interval: 30s
+
+      ## HTTP path to scrape for metrics
+      ##
+      #   path: /metrics
+
+      ## HTTP scheme to use for scraping
+      ##
+      #   scheme: http
+
+      ## TLS configuration to use when scraping the endpoint
+      ##
+      #   tlsConfig:
+
+          ## Path to the CA file
+          ##
+          # caFile: ""
+
+          ## Path to client certificate file
+          ##
+          # certFile: ""
+
+          ## Skip certificate verification
+          ##
+          # insecureSkipVerify: false
+
+          ## Path to client key file
+          ##
+          # keyFile: ""
+
+          ## Server name used to verify host name
+          ##
+          # serverName: ""
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    # metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    # relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+  additionalPodMonitors: []
+  ## Name of the PodMonitor to create
+  ##
+  # - name: ""
+
+    ## Additional labels to set used for the PodMonitorSelector. Together with standard labels from
+    ## the chart
+    ##
+    # additionalLabels: {}
+
+    ## Pod label for use in assembling a job name of the form <label value>-<port>
+    ## If no label is specified, the pod endpoint name is used.
+    ##
+    # jobLabel: ""
+
+    ## Label selector for pods to which this PodMonitor applies
+    ##
+    # selector: {}
+
+    ## PodTargetLabels transfers labels on the Kubernetes Pod onto the target.
+    ##
+    # podTargetLabels: {}
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    # sampleLimit: 0
+
+    ## Namespaces from which pods are selected
+    ##
+    # namespaceSelector:
+      ## Match any namespace
+      ##
+      # any: false
+
+      ## Explicit list of namespace names to select
+      ##
+      # matchNames: []
+
+    ## Endpoints of the selected pods to be monitored
+    ## https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#podmetricsendpoint
+    ##
+    # podMetricsEndpoints: []
+
+## Configuration for thanosRuler
+## ref: https://thanos.io/tip/components/rule.md/
+##
+thanosRuler:
+
+  ## Deploy thanosRuler
+  ##
+  enabled: false
+
+  ## Annotations for ThanosRuler
+  ##
+  annotations: {}
+
+  ## Service account for ThanosRuler to use.
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+  ##
+  serviceAccount:
+    create: true
+    name: ""
+    annotations: {}
+
+  ## Configure pod disruption budgets for ThanosRuler
+  ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
+  ## This configuration is immutable once created and will require the PDB to be deleted to be changed
+  ## https://github.com/kubernetes/kubernetes/issues/45398
+  ##
+  podDisruptionBudget:
+    enabled: false
+    minAvailable: 1
+    maxUnavailable: ""
+
+  ingress:
+    enabled: false
+
+    # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+    # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+    # ingressClassName: nginx
+
+    annotations: {}
+
+    labels: {}
+
+    ## Hosts must be provided if Ingress is enabled.
+    ##
+    hosts: []
+      # - thanosruler.domain.com
+
+    ## Paths to use for ingress rules - one path should match the thanosruler.routePrefix
+    ##
+    paths: []
+    # - /
+
+    ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
+    ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
+    # pathType: ImplementationSpecific
+
+    ## TLS configuration for ThanosRuler Ingress
+    ## Secret must be manually created in the namespace
+    ##
+    tls: []
+    # - secretName: thanosruler-general-tls
+    #   hosts:
+    #   - thanosruler.example.com
+
+  ## Configuration for ThanosRuler service
+  ##
+  service:
+    annotations: {}
+    labels: {}
+    clusterIP: ""
+
+    ## Port for ThanosRuler Service to listen on
+    ##
+    port: 10902
+    ## To be used with a proxy extraContainer port
+    ##
+    targetPort: 10902
+    ## Port to expose on each node
+    ## Only used if service.type is 'NodePort'
+    ##
+    nodePort: 30905
+    ## List of IP addresses at which the Prometheus server service is available
+    ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
+    ##
+
+    ## Additional ports to open for ThanosRuler service
+    additionalPorts: []
+
+    externalIPs: []
+    loadBalancerIP: ""
+    loadBalancerSourceRanges: []
+
+    ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+    ##
+    externalTrafficPolicy: Cluster
+
+    ## Service type
+    ##
+    type: ClusterIP
+
+  ## Configuration for creating a ServiceMonitor for the ThanosRuler service
+  ##
+  serviceMonitor:
+    ## If true, create a serviceMonitor for thanosRuler
+    ##
+    selfMonitor: true
+
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS.
+    scheme: ""
+
+    ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS.
+    ## Of type: https://github.com/coreos/prometheus-operator/blob/main/Documentation/api.md#tlsconfig
+    tlsConfig: {}
+
+    bearerTokenFile:
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional Endpoints
+    ##
+    additionalEndpoints: []
+    # - port: oauth-metrics
+    #   path: /metrics
+
+  ## Settings affecting thanosRulerpec
+  ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#thanosrulerspec
+  ##
+  thanosRulerSpec:
+    ## Standard object's metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata
+    ## Metadata Labels and Annotations gets propagated to the ThanosRuler pods.
+    ##
+    podMetadata: {}
+
+    ## Image of ThanosRuler
+    ##
+    image:
+      repository: rancher/mirrored-thanos-thanos
+      tag: v0.34.1
+
+    ## Namespaces to be selected for PrometheusRules discovery.
+    ## If nil, select own namespace. Namespaces to be selected for ServiceMonitor discovery.
+    ## See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#namespaceselector for usage
+    ##
+    ruleNamespaceSelector: {}
+
+    ## If true, a nil or {} value for thanosRuler.thanosRulerSpec.ruleSelector will cause the
+    ## prometheus resource to be created with selectors based on values in the helm deployment,
+    ## which will also match the PrometheusRule resources created
+    ##
+    ruleSelectorNilUsesHelmValues: true
+
+    ## PrometheusRules to be selected for target discovery.
+    ## If {}, select all PrometheusRules
+    ##
+    ruleSelector: {}
+    ## Example which select all PrometheusRules resources
+    ## with label "prometheus" with values any of "example-rules" or "example-rules-2"
+    # ruleSelector:
+    #   matchExpressions:
+    #     - key: prometheus
+    #       operator: In
+    #       values:
+    #         - example-rules
+    #         - example-rules-2
+    #
+    ## Example which select all PrometheusRules resources with label "role" set to "example-rules"
+    # ruleSelector:
+    #   matchLabels:
+    #     role: example-rules
+
+    ## Define Log Format
+    # Use logfmt (default) or json logging
+    logFormat: logfmt
+
+    ## Log level for ThanosRuler to be configured with.
+    ##
+    logLevel: info
+
+    ## Size is the expected size of the thanosRuler cluster. The controller will eventually make the size of the
+    ## running cluster equal to the expected size.
+    replicas: 1
+
+    ## Time duration ThanosRuler shall retain data for. Default is '24h', and must match the regular expression
+    ## [0-9]+(ms|s|m|h) (milliseconds seconds minutes hours).
+    ##
+    retention: 24h
+
+    ## Interval between consecutive evaluations.
+    ##
+    evaluationInterval: ""
+
+    ## Storage is the definition of how storage will be used by the ThanosRuler instances.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/storage.md
+    ##
+    storage: {}
+    # volumeClaimTemplate:
+    #   spec:
+    #     storageClassName: gluster
+    #     accessModes: ["ReadWriteOnce"]
+    #     resources:
+    #       requests:
+    #         storage: 50Gi
+    #   selector: {}
+
+    ## AlertmanagerConfig define configuration for connecting to alertmanager.
+    ## Only available with Thanos v0.10.0 and higher. Maps to the alertmanagers.config Thanos Ruler arg.
+    alertmanagersConfig:
+      # use existing secret, if configured, alertmanagersConfig.secret will not be used
+      existingSecret: {}
+        # name: ""
+        # key: ""
+      # will render render alertmanagersConfig secret data and configure it to be used by Thanos Ruler custom resource, ignored when alertmanagersConfig.existingSecret is set
+      # https://thanos.io/tip/components/rule.md/#alertmanager
+      secret: {}
+        # alertmanagers:
+        # - api_version: v2
+        #   http_config:
+        #     basic_auth:
+        #       username: some_user
+        #       password: some_pass
+        #   static_configs:
+        #     - alertmanager.thanos.io
+        #   scheme: http
+        #   timeout: 10s
+
+    ## DEPRECATED. Define URLs to send alerts to Alertmanager. For Thanos v0.10.0 and higher, alertmanagersConfig should be used instead.
+    ## Note: this field will be ignored if alertmanagersConfig is specified. Maps to the alertmanagers.url Thanos Ruler arg.
+    # alertmanagersUrl:
+
+    ## The external URL the Thanos Ruler instances will be available under. This is necessary to generate correct URLs. This is necessary if Thanos Ruler is not served from root of a DNS name. string false
+    ##
+    externalPrefix:
+
+    ## The route prefix ThanosRuler registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true,
+    ## but the server serves requests under a different route prefix. For example for use with kubectl proxy.
+    ##
+    routePrefix: /
+
+    ## ObjectStorageConfig configures object storage in Thanos
+    objectStorageConfig:
+      # use existing secret, if configured, objectStorageConfig.secret will not be used
+      existingSecret: {}
+        # name: ""
+        # key: ""
+      # will render objectStorageConfig secret data and configure it to be used by Thanos Ruler custom resource, ignored when objectStorageConfig.existingSecret is set
+      # https://thanos.io/tip/thanos/storage.md/#s3
+      secret: {}
+        # type: S3
+        # config:
+        #   bucket: ""
+        #   endpoint: ""
+        #   region: ""
+        #   access_key: ""
+        #   secret_key: ""
+
+    ## QueryEndpoints defines Thanos querier endpoints from which to query metrics.
+    ## Maps to the --query flag of thanos ruler.
+    queryEndpoints: []
+
+    ## Define configuration for connecting to thanos query instances. If this is defined, the queryEndpoints field will be ignored.
+    ## Maps to the query.config CLI argument. Only available with thanos v0.11.0 and higher.
+    queryConfig:
+      # use existing secret, if configured, queryConfig.secret will not be used
+      existingSecret: {}
+        # name: ""
+        # key: ""
+      # render queryConfig secret data and configure it to be used by Thanos Ruler custom resource, ignored when queryConfig.existingSecret is set
+      # https://thanos.io/tip/components/rule.md/#query-api
+      secret: {}
+        # - http_config:
+        #     basic_auth:
+        #       username: some_user
+        #       password: some_pass
+        #   static_configs:
+        #     - URL
+        #   scheme: http
+        #   timeout: 10s
+
+    ## Labels configure the external label pairs to ThanosRuler. A default replica
+    ## label `thanos_ruler_replica` will be always added as a label with the value
+    ## of the pod's name and it will be dropped in the alerts.
+    labels: {}
+
+    ## If set to true all actions on the underlying managed objects are not going to be performed, except for delete actions.
+    ##
+    paused: false
+
+    ## Allows setting additional arguments for the ThanosRuler container
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#thanosruler
+    ##
+    additionalArgs: []
+      # - name: remote-write.config
+      #   value: |-
+      #     "remote_write":
+      #     - "name": "receiver-0"
+      #       "remote_timeout": "30s"
+      #       "url": "http://thanos-receiver-0.thanos-receiver:8081/api/v1/receive"
+
+    ## Define which Nodes the Pods are scheduled on.
+    ## ref: https://kubernetes.io/docs/user-guide/node-selection/
+    ##
+    nodeSelector: {}
+
+    ## Define resources requests and limits for single Pods.
+    ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
+    ##
+    resources: {}
+    # requests:
+    #   memory: 400Mi
+
+    ## Pod anti-affinity can prevent the scheduler from placing Prometheus replicas on the same node.
+    ## The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided.
+    ## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node.
+    ## The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured.
+    ##
+    podAntiAffinity: ""
+
+    ## If anti-affinity is enabled sets the topologyKey to use for anti-affinity.
+    ## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone
+    ##
+    podAntiAffinityTopologyKey: kubernetes.io/hostname
+
+    ## Assign custom affinity rules to the thanosRuler instance
+    ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+    ##
+    affinity: {}
+    # nodeAffinity:
+    #   requiredDuringSchedulingIgnoredDuringExecution:
+    #     nodeSelectorTerms:
+    #     - matchExpressions:
+    #       - key: kubernetes.io/e2e-az-name
+    #         operator: In
+    #         values:
+    #         - e2e-az1
+    #         - e2e-az2
+
+    ## If specified, the pod's tolerations.
+    ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+    ##
+    tolerations: []
+    # - key: "key"
+    #   operator: "Equal"
+    #   value: "value"
+    #   effect: "NoSchedule"
+
+    ## If specified, the pod's topology spread constraints.
+    ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
+    ##
+    topologySpreadConstraints: []
+    # - maxSkew: 1
+    #   topologyKey: topology.kubernetes.io/zone
+    #   whenUnsatisfiable: DoNotSchedule
+    #   labelSelector:
+    #     matchLabels:
+    #       app: thanos-ruler
+
+    ## SecurityContext holds pod-level security attributes and common container settings.
+    ## This defaults to non root user with uid 1000 and gid 2000. *v1.PodSecurityContext  false
+    ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+    ##
+    securityContext:
+      runAsGroup: 2000
+      runAsNonRoot: true
+      runAsUser: 1000
+      fsGroup: 2000
+      seccompProfile:
+        type: RuntimeDefault
+
+    ## ListenLocal makes the ThanosRuler server listen on loopback, so that it does not bind against the Pod IP.
+    ## Note this is only for the ThanosRuler UI, not the gossip communication.
+    ##
+    listenLocal: false
+
+    ## Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an ThanosRuler pod.
+    ##
+    containers: []
+
+    # Additional volumes on the output StatefulSet definition.
+    volumes: []
+
+    # Additional VolumeMounts on the output StatefulSet definition.
+    volumeMounts: []
+
+    ## InitContainers allows injecting additional initContainers. This is meant to allow doing some changes
+    ## (permissions, dir tree) on mounted volumes before starting prometheus
+    initContainers: []
+
+    ## Priority class assigned to the Pods
+    ##
+    priorityClassName: ""
+
+    ## PortName to use for ThanosRuler.
+    ##
+    portName: "web"
+
+  ## ExtraSecret can be used to store various data in an extra secret
+  ## (use it for example to store hashed basic auth credentials)
+  extraSecret:
+    ## if not set, name will be auto generated
+    # name: ""
+    annotations: {}
+    data: {}
+  #   auth: |
+  #     foo:$apr1$OFG3Xybp$ckL0FHDAkoXYIlH9.cysT0
+  #     someoneelse:$apr1$DMZX2Z4q$6SbQIfyuLQd.xmo/P0m2c.
+
+## Setting to true produces cleaner resource names, but requires a data migration because the name of the persistent volume changes. Therefore this should only be set once on initial installation.
+##
+cleanPrometheusOperatorObjectNames: false
+
+## Extra manifests to deploy as an array
+extraManifests: []
+  # - apiVersion: v1
+  #   kind: ConfigMap
+  #   metadata:
+  #   labels:
+  #     name: prometheus-extra
+  #   data:
+  #     extra-data: "value"
diff --git a/index.yaml b/index.yaml
index 833ac271fd..39ca79ed74 100755
--- a/index.yaml
+++ b/index.yaml
@@ -18658,6 +18658,136 @@ entries:
     urls:
     - assets/rancher-monitoring/rancher-monitoring-105.0.0+up57.0.3.tgz
     version: 105.0.0+up57.0.3
+  - annotations:
+      artifacthub.io/license: Apache-2.0
+      artifacthub.io/links: |
+        - name: Chart Source
+          url: https://github.com/prometheus-community/helm-charts
+        - name: Upstream Project
+           url: https://github.com/prometheus-operator/kube-prometheus
+      artifacthub.io/operator: "true"
+      catalog.cattle.io/auto-install: rancher-monitoring-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/deploys-on-os: windows
+      catalog.cattle.io/display-name: Monitoring
+      catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+      catalog.cattle.io/namespace: cattle-monitoring-system
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/provides-gvr: monitoring.coreos.com.prometheus/v1
+      catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
+      catalog.cattle.io/release-name: rancher-monitoring
+      catalog.cattle.io/requests-cpu: 4500m
+      catalog.cattle.io/requests-memory: 4000Mi
+      catalog.cattle.io/type: cluster-tool
+      catalog.cattle.io/ui-component: monitoring
+      catalog.cattle.io/upstream-version: 57.0.3
+    apiVersion: v2
+    appVersion: v0.72.0
+    created: "2025-02-25T21:45:53.978114473-03:00"
+    dependencies:
+    - condition: grafana.enabled
+      name: grafana
+      repository: file://./charts/grafana
+    - condition: hardenedKubelet.enabled
+      name: hardenedKubelet
+      repository: file://./charts/hardenedKubelet
+    - condition: hardenedNodeExporter.enabled
+      name: hardenedNodeExporter
+      repository: file://./charts/hardenedNodeExporter
+    - condition: k3sServer.enabled
+      name: k3sServer
+      repository: file://./charts/k3sServer
+    - condition: kubeStateMetrics.enabled
+      name: kube-state-metrics
+      repository: file://./charts/kube-state-metrics
+    - condition: kubeAdmControllerManager.enabled
+      name: kubeAdmControllerManager
+      repository: file://./charts/kubeAdmControllerManager
+    - condition: kubeAdmEtcd.enabled
+      name: kubeAdmEtcd
+      repository: file://./charts/kubeAdmEtcd
+    - condition: kubeAdmProxy.enabled
+      name: kubeAdmProxy
+      repository: file://./charts/kubeAdmProxy
+    - condition: kubeAdmScheduler.enabled
+      name: kubeAdmScheduler
+      repository: file://./charts/kubeAdmScheduler
+    - condition: prometheus-adapter.enabled
+      name: prometheus-adapter
+      repository: file://./charts/prometheus-adapter
+    - condition: nodeExporter.enabled
+      name: prometheus-node-exporter
+      repository: file://./charts/prometheus-node-exporter
+    - condition: rke2ControllerManager.enabled
+      name: rke2ControllerManager
+      repository: file://./charts/rke2ControllerManager
+    - condition: rke2Etcd.enabled
+      name: rke2Etcd
+      repository: file://./charts/rke2Etcd
+    - condition: rke2IngressNginx.enabled
+      name: rke2IngressNginx
+      repository: file://./charts/rke2IngressNginx
+    - condition: rke2Proxy.enabled
+      name: rke2Proxy
+      repository: file://./charts/rke2Proxy
+    - condition: rke2Scheduler.enabled
+      name: rke2Scheduler
+      repository: file://./charts/rke2Scheduler
+    - condition: rkeControllerManager.enabled
+      name: rkeControllerManager
+      repository: file://./charts/rkeControllerManager
+    - condition: rkeEtcd.enabled
+      name: rkeEtcd
+      repository: file://./charts/rkeEtcd
+    - condition: rkeIngressNginx.enabled
+      name: rkeIngressNginx
+      repository: file://./charts/rkeIngressNginx
+    - condition: rkeProxy.enabled
+      name: rkeProxy
+      repository: file://./charts/rkeProxy
+    - condition: rkeScheduler.enabled
+      name: rkeScheduler
+      repository: file://./charts/rkeScheduler
+    - condition: windowsExporter.enabled
+      name: windowsExporter
+      repository: file://./charts/windowsExporter
+    description: kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards,
+      and Prometheus rules combined with documentation and scripts to provide easy
+      to operate end-to-end Kubernetes cluster monitoring with Prometheus using the
+      Prometheus Operator.
+    digest: af0e01e0ff169efd62cc55cba6545e3dc727b081052ab377528a3efe578e1704
+    home: https://github.com/prometheus-operator/kube-prometheus
+    icon: file://assets/logos/rancher-monitoring.png
+    keywords:
+    - operator
+    - prometheus
+    - kube-prometheus
+    kubeVersion: '>=1.19.0-0'
+    maintainers:
+    - email: andrew@quadcorps.co.uk
+      name: andrewgkew
+    - email: gianrubio@gmail.com
+      name: gianrubio
+    - email: github.gkarthiks@gmail.com
+      name: gkarthiks
+    - email: kube-prometheus-stack@sisti.pt
+      name: GMartinez-Sisti
+    - email: github@jkroepke.de
+      name: jkroepke
+    - email: scott@r6by.com
+      name: scottrigby
+    - email: miroslav.hadzhiev@gmail.com
+      name: Xtigyro
+    - email: quentin.bisson@gmail.com
+      name: QuentinBisson
+    name: rancher-monitoring
+    sources:
+    - https://github.com/prometheus-community/helm-charts
+    - https://github.com/prometheus-operator/kube-prometheus
+    type: application
+    urls:
+    - assets/rancher-monitoring/rancher-monitoring-104.1.4+up57.0.3.tgz
+    version: 104.1.4+up57.0.3
   - annotations:
       artifacthub.io/license: Apache-2.0
       artifacthub.io/links: |
diff --git a/release.yaml b/release.yaml
index a8f4962ab4..cdf2216f5d 100644
--- a/release.yaml
+++ b/release.yaml
@@ -10,3 +10,5 @@ fleet-crd:
   - 104.1.5+up0.10.9
 fleet-agent:
   - 104.1.5+up0.10.9
+rancher-monitoring:
+  - 104.1.4+up57.0.3

From a6e0dace621265981e1d67638aed303c1ddf47ea Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:46:54 -0300
Subject: [PATCH 09/19] fp: rancher-monitoring-crd 104.1.4+up57.0.3

---
 ...ancher-monitoring-crd-104.1.4+up57.0.3.tgz | Bin 0 -> 299452 bytes
 .../104.1.4+up57.0.3/Chart.yaml               |  10 ++
 .../104.1.4+up57.0.3/README.md                |  24 +++++
 .../104.1.4+up57.0.3/files/crd-manifest.tgz   | Bin 0 -> 308608 bytes
 .../104.1.4+up57.0.3/templates/_helpers.tpl   |  30 ++++++
 .../104.1.4+up57.0.3/templates/jobs.yaml      | 102 ++++++++++++++++++
 .../104.1.4+up57.0.3/templates/manifest.yaml  |   8 ++
 .../104.1.4+up57.0.3/templates/rbac.yaml      |  76 +++++++++++++
 .../templates/validate-psp-install.yaml       |   7 ++
 .../104.1.4+up57.0.3/values.yaml              |  17 +++
 index.yaml                                    |  14 +++
 release.yaml                                  |   2 +
 12 files changed, 290 insertions(+)
 create mode 100644 assets/rancher-monitoring-crd/rancher-monitoring-crd-104.1.4+up57.0.3.tgz
 create mode 100644 charts/rancher-monitoring-crd/104.1.4+up57.0.3/Chart.yaml
 create mode 100644 charts/rancher-monitoring-crd/104.1.4+up57.0.3/README.md
 create mode 100644 charts/rancher-monitoring-crd/104.1.4+up57.0.3/files/crd-manifest.tgz
 create mode 100644 charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/jobs.yaml
 create mode 100644 charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/manifest.yaml
 create mode 100644 charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/rbac.yaml
 create mode 100644 charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring-crd/104.1.4+up57.0.3/values.yaml

diff --git a/assets/rancher-monitoring-crd/rancher-monitoring-crd-104.1.4+up57.0.3.tgz b/assets/rancher-monitoring-crd/rancher-monitoring-crd-104.1.4+up57.0.3.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..5d2aa89033767d26c5478441d43148092ba68760
GIT binary patch
literal 299452
zcmV)QK(xOfiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PMR3TvXroC=N&tD4~FW;Gv{D1(g(O5RjA@m;($9Gvfr^BCXOW
zA}uKfA{~l|NGM3CG=hjUQi=-y&kR`K`>p$X_uc#6|K0uZgXiqM&f06QwO8&v7%0-o
z6~u^nppbAJ3Ij*Fh&f?k5*n^h3{Kn!>VY8nUvH9<l9KYWvc&%-B_)6RzoeYB0*REY
zf~>rhl&qw@EQzF)oSd8j2_X3|nENjq9*cuwNF@K4=lbp9{x4}zBoc*#;@~JGRtW+C
zPEZ^afpQUdg5q!pP#lhuZ~`$nxHBAtDFM5C<#)kc;V>A8R04Q#7(B@HyC6uY2Z%*O
zoj@gEr}O7chxNhYK#$-34g(@UC>9hWeE*$@-)vY26b&~AF<3YXsRVdRLtr4*2?Iyt
zi0?W`EDnl5U;&&f2xypSVgY9q=64W@L;iFMoDUjQ0-$I#0`5fQ7{v42j8c-a;!@(W
zB6zf%g1Dr(4CFs8*1z5UK>t0V2t0`W7a4%R(tlYw$=~R|yrh)mfA#<0(Rcw(&>4zH
z;D8;G|AA@{HibBZ7cg^$V*xl8fC5%(2Kr*oD2xXbhXY}NGaLaD05m}-1QY`To=^-N
z>WBcb01gE>f&dzd#ey&Zj>Mq=9~2$~;6M*F0*V8%;t+@n0_6xr?Ajk30wg>E02+(l
zc>n+qNx%hD0-T`;EJ*C!F&MkVn}9BGEDqzN1n}@cAaD<;3lRqfM5C~T75IEtY6+|>
zh(JI900(tZ0z4(frNyNn5F`o)nt}+>35UWc0e%4x2o8k+F}rpVu(AEWN1^}8_6Pd^
zT{;r>t{?&pVzA;k^#9Zp{DuBYNh`?ws{hiGQgTxN)&GA-;{{B1y*k9tPYi&8&Tu3M
z@a$-pJ#0t4>@mCg#RG^11P}q?&Vac2j+5BY-fs^3clGl7XJ`x@iE{>c_^}c^|04t-
z67~<z5MICnj)bASuz)EZjYeT`gvCe*L%#JoA@EonhylFd2m}Cy!GPU$0XQfei6fdk
z1RRO?1_*WlD+(ciID!b2*KYSu#(-eXyigc-1PThn0!}DAf&dC&om@c}9s$A#<2Y9o
z7W^3_L|B4A=Fbc!j*1aR#eTxR!(TDL9VD2tA0ZG5O9-im7FucdTS5ou><l{LlmH$>
zl<6)3gl-g?fRA9wcut<fLlHc`a_bMs!0y_=Uu290Jv>2-2Fe3XFzP(Vq{O9U#UyzE
zaSbRM>Ig@`ac~eTu7`I7ccU-yQ*hkwBN2}yh=Yo|;~hZ^5+oRV;$oC`n6pC`0t*r$
z{}kx=r2d~)o&R67zqJ2uD98WRIPfp*zr2i`^l#!n1z9<n|Jwh5NBcQ%a)jcXTqQiE
zAntG^ObO6MIYK-@925q{K?%{+PIBbu2Z--f2MnPeAP^8B=7a&EIB*wWH^C!7ne60k
zL^xtM5D)+X00h(#L|}I!J183cI~XAV@SC(00C-$MgoilRRl*g8a_3P3&?qcU48D`t
ziSE4N(JmM$4BUOgpb!X0sFV9Yek}$A5g-l}L!%IICm$Xqz!7vtVL&nB7;!Oh6jBr*
zzGCrCP9O*aVY~0nP&fjFL9l4hi9pvkHQAx@XJ!%FUowo)erCs?vIGFW%}RU*F`jTI
zP|e8+g-7BH|6nE$C=%*I%-DCnal&KZI3EoZ5(j$Ye$0u%Bh|2mD5MDrh5I?i{yugF
z3u2T2$=yyT6q4XLLCjBNi|wv<XKe%<g8e=Q06P&mfxvGZ`;!nu90&*?EM+%3Abu<U
zBa{aM0+jw?7zcIv#-*QTG{z$k#zZMA0XoixD4a0{#DYlNPjF5s4-Y63ru0*n7$D&Y
zM@nE_f9Vr*`sMY+Pj3JKI=P|%9yK%?;R8py5NizL;^I8YzW{l-!{8V|3=K$tI421w
z4D8ooM<^DQmj%RNyW=RNGu(v$Mvx-h8N}kmaW1~%j`FgAKY)W`05NZ0Pe4rL56}_Z
zsS^%C$bk?9-4io${tgNF`+pzb5!f%o%D=NVO%xL3=J{#B6NSKgfChx!hgJIJgCASr
z2kE~65E3&e%m|6_Q37xnJouYI4+2hOD9%;sXHG!AeMzv_xNlN5LTW+b2t4K+j^8A5
zegGWlguui8DAExJ`~f5!2?LQhK=H>0`b~iQGtysya40LN2jceu{}3}Ffcf6>OP=`$
z^!^ec{yma^j#&SU;-BIE9>F_u|1R=B750wg44~+rH^?7Z#qVE>iHSk}1#W4_%Ky9F
z5(fM+@&9Rl=O@Dcf9H30dHesQ-_azj{r@z-vm+2dObqUVB<yk|3Mb}_!XshF2`2v!
z{mp;f%75L;{~ovUpU$-Y&uo90|9>|E|MMEaU!DKRNK5^;{wpIT{onlm-_d?KH~ki3
zX?#<#zZGcxq@RB$)cS_*_dE=tpI{oqwcrR4D}D;Z0X)ux$A9ogJb*voC@%{lodADe
z*S^RS(Eq0y`hQvbOZ~?<LY@Bi*8gOrrG9(=LqS&hzxw}gX+P^fQPfa8&J~4$`x3pk
zxVs{;8vnyG?3|>Spb+5SwGF$8z+dNA-+?iB1R)X-1E6U5DGUmaCVobI1-)?~l0YqX
zmo(xjFBXNzIDxxRPIxR1<?*ePc+deSMj{XZ@B}fASS7$lV5jOKAPNY$fH=Z`XhM=n
zc-V<s2~T)5Y!?Or$KnKR|NPtwjYW&^9#aFvGn^m912zIXIiG;-FXR&YVc)VNA_yGB
z5`lIJB{UlWJQn=rOQJd5S?nJ(@uvvuw+Zz>Cuemy5(Y=Q{BIOD3IUpc&IH(RJo^(G
zApr1?Tk)?c!r~p>Kqnk=TkU*r`b#GJw-)tx+}m%N{hg)1neU%t=fA3k@f{_B%ztJ-
z|GcD~%`D+5<p|=S-<D^Lf|>5_<ee<)KfS_lRSPr*?g>YLE<ax%fg%tnFXL|mC$UaY
z1a#-F*f$7Q6c%R);=E88_g_18j5U7kFxJuh(ea~dK_ro2$&>&A6GE>V(nkOS09a6;
zkb?d3I3A5gfF2+c2Sxlae&0b2@K_uXTwtdcigfuoYx002l>n*lX^{uiTM3YtlarBy
z0Dv=gN4Ne(=)NV}CMXn+7_JfPDnD59OGYOK2z<}l1itlPK_?7|6ZqLw{iogG|8wmx
z<3CR*0#5LQVrVS-+kx9Z84vzd{wFW_oBMy#(sHu@z5nxXX}r5mzy${gB0wY{h(Mv-
z@o0eO&w>OVfafRg%LDKb{s{>IlEjM{y#I_}`38(c;Q+y3Z<VMS>+HH5thhE53-J8v
zcO?G7<M0T5$LI`&BLE&VR}jEKF)kqP`xPJ<3d9m8bA@_>#0$ayfCf-A*7+W5i37$&
zM+Cs&SOU?2v8gc@fFl8%D;x_r5j@Xs9UnkrP);C7h?T^7elTL!u>H~Ve_H;3p#LT(
z)ie!GihIER6?6QB{>w`L<NbfB|JHy0J&pH|Zo8{}yBN5;$#Jew9031^oAh`r2m>5_
ze)l##gqIi4MtSY%+)w&K2&z;d5VIdW9#9O{m53OMKmaJ`Z}^GVim?Fk1RJ)abs*sI
zb1ldLfWa}u%DB(Y<zncM>eVjI*l%QmFaWg!^357R5h$b!77hae42S?dp-3EHqOPU^
z2>u$Zi~deN^h=*807b(7(UJ&>Lm);-ryV=<eFhka26qZp-;4~11)v!4Co&~~-ODV5
zM+}PC=LmIj7yX%ypf~7*#}U5$<u(i;@ym6XZ?E6(!vMM{M<QbgnUFCd>m^`7`T(Fe
z97{Y!+Wl1n_9r=Dzn{Iq053Ss_4g%#+UfnqTpS9(f;hl|5QvMTF(4Mic!Fn;?nsmu
zQVR|uVA$itSkXawXH{4nh$cu21D?afF(3@U!jVp(DDi-bAUVKB@B0-&0ETkH+6ubj
zaA>TOgv76R2MJ>mI4IT~D?zLmz{GxxOYD>f#J*?YzwHqFsbV0(>r9|i42{7f;Yb%D
zqLiV44RHy?Z4AYr@JQGXLR{cDSG=RR6UyT!n#8bh7pw$<gG5nc#BeAS0xJQ>V(}nW
zLRLYZm-y&}@*sr$V)93&<fM)sm5~<`1+aK0*IfY+&z=EC@W<9bqA(s%1i}Y!#-Ka^
zhu<rYd~=o#1Zn&cgo8Ll3^2hX2|LN*+xZ<7jYjx<mno41qB;>a>hErbpZCJgI*9s4
z@D39AFPns*9{>~y5cs=$m+SX;I2J@hF;E=1vzd1f7ym_D`R{GxZ|SVKGaLy;z<ogs
z_PC9$!|$+ehq`|a@0<`Ifj#J-e!D~v_Ae|nMBzXsK*#x4GeZQ1A_!^PE=PWt(C_vS
zM|{P>JwO7BeoqEFccvY&D2yY3@<M_btScP-jh_g(Gw9^wgaCIsP}m(B2?`Bjh*6O!
zfeTQ;!4*V!{E)JP=ugnQQy{R!ABtc=50obe`-f%zWUGHrx8q|hTzv@YA%FwCK)?-;
z#qBtZA1vEl^^c_HC#SKy5)UXGxr0*$0?|PN+5~!WC>Yd76!1aezo{Q=_vbB8qIV*g
zgC9NLEXWQ@C{Y3eSYow_NWqWU36e+QaR7)Ux)+e(E&(VpXvJed0>>}}4}sZPo(+)}
z8QZ_TPA3fPFPBINjd$=8w?9_mXGe-cB7BI22owgl<Lh_jM$7{U_z2U90*-jxkAQj?
zo(TR;;|UBR3KWX?@f9A4fV+c$mn(7iecx!#P$y#KPy9{Le>yDsf2RFG{QvuhZvVqM
z{w)5Nl9G}B$NXPXQbz8-@&CW09gd;idDxz-clVm8xGy>M{1dbH5vz8Yl9aitXMJa|
z19c1DFE*c^twRX-)TYUYYip|;Fo}}1<z}R>3}#;7IH}7=+WMmT+1yv|<yVtaEgqwH
zy`-O<jm`}#c%$$+bYfy+VwCgnwe6s_8(Z7UF%liyd%sM5Vr~5VrsUo8M#Zg}n9)Nj
z+iyO`NCcg47~(j&w=k^vi^7v9Rj^nI^deUM&3hclWsb<t+q@wyn<d+^XsxP_b0IEa
z0ynR`xO!0HT*mM_4&UL%FJ;)TnT;Pmd|HucbiKVD^UnVG_Asi8>T2_4|F0@1u|j(1
zFu3OBVQ;Osb!lemx9j;X91;*!5kA@;m7b^@YpJ7{66>{vJa=qsIA(d7(dY7tG_URR
zSf&iFw>PsA&RKV~&`gBUtR-h|dX5O>c2Dm=`(lxXHHle(IyI>-HP3jPX<~4j!Kv*M
z%X5|L8z+53?abB7z9dkaFNdYa3yBrx-TcTWz*J!QCeetY>EuH`^G24LOzNU>ObQrw
z**WjvsQG^BBG(kATk*9<5|^GlS2=um)?z5Gr36}$A(yyJqfYVcDa{PK-8)Tx9^C}N
zV(0WTZ)s)%TeI-JPCCx9rW=clGgo}SvdWw)*lTU)X1#h?MtHLFIDK8d`b<RI%{Pj(
zhc0i`UXc+Wz2(Zmoi1RyLaG*Hl?)wOTNj{?3QL|Of1j$C9=EzbY!2rJ<5f<Md8a7y
z?ql`Cs~tL*IxAOm4ivDy8x0EV+murmVx%d!(W`gw=rLGip(3O9Gn$&hcemG;xJ_a-
z3iPZy+<K`yUted7H-2=x?0`X})rkZy9_x<xVY&%CXY&dj5)6fO;$hkzPIhB-Q8(iF
zSSQ$Bp7xbJ^*y;))=+Jt(*3-$@q~g=wwXteGM{oH-+j~YR|lRRWsXct*slh`0@ji7
zzSOLd23tBzN3|@%L}ZakG$Jfvdd)gb&J<t0F4`1!7hQI?WU4)9u1c#sNAXM;Q&_<N
zM6Wq&6H**adE#s2!CZyd{hBdC%0+DbvASNH`%~VXQG5GA`!GzYh;QPJAU|yaCyf#Z
zG^3-4FY2b^(I$RQ_zT)j(iWdhp~^4nhss@(_3m?Dn4DkhFK~6B=;c;70}%Fdxt0dy
zo5^X{+bt|!wgy;Bv~14J`q<YCn(Jj9iDfZu>f|vz+Ae2klE<HWp?6zbS~q&_J!>Cd
zfl2A-Mq!>j>k=v7BCDK%$}?9TbzVp*Np$I@C(iM+z!qt<oULPfo5RJ_60hA>K{%H#
zQ$0ED*YBRlc{Z8vE^Xm+WrNk%lBdE8D}`Rp718XMenQ(;<yRb4F(twN{NPtO{8>JW
zK?KL;+fZbEtYy3yqj-BPQ@}IPcUPq^ElkN?bw?;%n8;BOe6&BIG*d04wNW^|`n<Ku
z$jSP*@yLQpHdQrN$y?!2|I{-TpDOS38^1Xj@VX%<{Ar)N6YjXc)G6GldkDFY{0WFX
z0+_^jr>h;qQdr#K$Uey@9E&E8LlmB#<z4lc%TKF)<9Hp(_s)_h9h^gc)#iw!dz;L6
zX{h$75JMuiX&5DG5j06&peK97dNWr<edgXvb0w3MNZzkU#GFrszvsH|+1Xu?(wuo9
zfKzr&BA2w@re?dmA;qnhMux(NpD%5K;&dWRK7IT`d6%9OOFosziv%^t6TB}vVn!xs
z>RbFv_Qs-UczTKwP9LxGwRm~!ltSuje{$@l)ayo9vg=NBNVul0CPpXT-X|_X?Re;I
z>`P^h=hw}dr^64~h6Gu!9>o*`Jdcxv;03HjK_*ivblCKpT#TM+bl%SO?k8qUZzKuh
z^?PqKiqP>>HKAp?H%@MA$!B%jmGE<V7sjY7N4Z5Wll9OUNrx^JrgL2Sl%E)K`_bX;
zEd3}}iIyjxF{4Z&x`s>%3F^yZ6ywtg9j$(=vS*s?;UC}2(3>lrq!7{KlXzPe6nG#m
zr!9i&ggVvsJ9?^&Q(I%7KX3asE;l|JrB+OZl-n{i#HDHUU32#?##q-Kd944;sB6VG
zuC1?FtIK!kQM&8Hu4A-mi6+&WMg@xdC)peuIG;pS)M-uDoABR1w`BGq`WQ#<J>T=!
zUA4;kPMpwGSc|WLTdE}kLOB=W$O|Uo?q^7*FxDZ%Wz}foru*a_1rVL*Q%s7U>(b5@
zG`}k0x_U4BCi27!32ZE4NPWt6d=AzgmIY5XfTz5_Z@v5#IZVO!6;v;WB<_n!F<_Jy
zM5vYryWYJV>>4G&tl7Rq9_sqqJI|<`j%PaP3{9AOTH=a2Q^NzR!q?l*^Y!7^`d+nI
zE8Wp$dgnKnRn4MpleT_b)7X6@Da<qlA_l+>Wo@rx-H+9^IKk>!E|rVTEpTu3@NA1c
zbANa7NZi0VI%IIjb-@VMvh!j6FF3ZXoGq$86>w^=_A6a&)Q>ET5M9;m3fa$eq|LPM
zz+yhilG|^sWZ#=-=BWDu<8%`9ixTIgW(C9@<ZDz0n{TPu0@i$1{L`Vpt)TXNu5{;K
zq`+I>1N)_OPi7nPrf^v?E8VATt>HcHkbXP5_jILv6^Z`QK%*656}8OI;UTeM@<x|K
zxfD+6dZ;)0YiMhCfUDEDdu<v+m#HEPr_O(skGo+uZ~8pk9qad1{j>kVyenn8t}@x8
z=wPxvQwPVB1eWRTH#trI?<rHp)T1~B9@S_XaU9VTbMG>h&dA;qGe359D<FBl;r?_h
zPX{iaz_EMm433A!pOIEJU_MZ;zyi^c`!X{91JToueV2wB#(A@vO_=P`vx1HVY{~_!
z8?97l7QmX;=&PGP$cP{941Biy;a!k9#ivi1XDYt1S=`fY&7=_Ge<~2R-NE#<cbm3C
zvQb;dG4SKyO7{wDP|*77Y+`|t(famvm(1gzKgo<f*drF+)pJ7=-Z5_Srdosa)sybx
z<y%cs;rHBDQU&*WYtt91oXujj@2D;_`9PXl6{1a3pgpA3X6r6ySas)C&rDj_J`RqQ
zffjD>&B}>)LED4N(;GoS>nlC1LCRbKTN^IV4YxdxZNAuAzn7W0HSw5L;K`E_v2e!<
zHp~ZPNp%$lRr6Ysb}0QaNz!z8=j%)0Bqw*JZe@&OtI8{j0hiZXo`;`QN7dMy3n!@a
z-(bgUn3R#(o;ewvYHiSX`-*JgzKp%JN{y<1j}Bxcq7?h4-!!KcMrUHpzle(P1UB%(
z)taAU?9MH(B=uxcq%a4iyt%<_9AdQ1<ftViCsn(0d*;)6zggqJlZKni>nL4=fTgzj
zk5XS3pKrf=|589;s(}93>&B#r$i%QNiucx2hR=<^eyOm#t{0PKPM@Z>o?p`PN~~pj
zgl*4~&ex>qu;pI9_OPS+LxRscO6D~)M^rUqb0=@=n8~!?oxfpiJjcb!ba|s)_3r*v
z(=y$o^P!USkkr-M_LovhMK3tCo1%^}Os9w%1PeniG?z=dUARvA{Ae9-;!&r{>Du;}
z6O`s=3<(epHtc&bU6bByQF=SkO{Uuj_AC?Ea|sOG(|o+TOi!!n;k@x{*Yzy9{Q1vT
z*7NH%9;v)b?lx5lt5`Y0#>8j3CmoY=nbFsDZ(hw!2XzK5+Vt*TXbpeH*n#Mt#xHj>
zFLHCq4&O=FrxCa?*O5_IdL)chGokO3j%9qDNi=T-;IH;{xSMmLvi!=$g~Ig99r6sP
zd^I=&inm!Mjb1K38@Zm<BYU6CIT`2?)-csAGmGWWc^sj1w+|J_Yu3FwJ03|JeGQ&p
za9iaeg2Lm`gD{$|>$I>=ni^@pkaL<hPE2zL-qM{Ovf$<YqU+##Oo%V(JWlb+DVIA!
zOM&GBmbr&gc|~IQ+u_nn`2#88!<tLIjc4ucU-3=cr+dk{eDLhkqZ6y6?C{AcMURG<
zDe{6@pQ<*1?(VA@eYeMpMg58^y5@@QDUo$v(OH*zw`pk83MHt<9v{&g$}8_D4e}Ti
z);n2%qlZy=h3vb!)&HE_>DWPP{`9=OI2^FAH+-GDufta8eaeQDm)6B3x~52Wwzg}b
zwQ3GyX*{*ny*4@zQt%84=LF64l_D8aA8MaAy@M2y=hUqBrwfZZO?B>#tRvHjsxdr+
zcrb6A+i6b0NKV9E&+*XLYE{9P4wf>%?G7DKt9szcaHNX!BZc?11QN9c2b++QO^0JI
z12O$o%KcMG?4aNiWBrc&FSJPxYFgzCc?@PRDA;lj)2>eJ7n2S0XNrt>n_!0W6_>%z
z*4Q|*zh=AoMmSLbBJwbO>2PM)_(dfS#u&wO5VgE@6A>mnCMXlaBv~iNf8z$*#qLiB
z46dZlDhsSTTtMeAUzpViukBaS6>a962ywY9rivVDSGee(ku1zq^-lD8nQla_<)rZ}
zzje=%rYh;e{aJ>=N>b!mhUCT{Nc*C68Mp$;UV7j4^P#VMl}%|!S9j3+95snV;82}n
z3w3vXms~CX1*;q}GKGv+S3hY+9xpDu1C<WA@TmE2I!E>SfQV*Ao+dPPMEX*z@mZi{
z8ht35MgO5X{Briu@&NCBk7e$8^u=@1WZ7$eoZ~Kx2;Ji+7<lnbn8DdNiL*9?x~<JL
zSJ2~3M=W!~+5*Vil0dfFT0Wt-Zl+qgk*EQb!s_RivI}8pu?Ox{exWls((&=r=Z#3^
zFWJzoJ7=79$Lb;vE!Uc^nQ(qZXl9k0CDIv0>4&}vHb0_tDzmzeQ?jL1Fe87}Us)o}
z&xbXIW1>~NN1^Jh!i4obUo?Yn#q;Ou&XfF?dd1czpJnG;zF8pC3NWT&YE(Pae3|`m
zT4kY8ZXrGrjp_EJ+#4;gtq{r8MUxYkV=w%=fW}YCuselPcp%VVV(*y)IU2oGGMLqp
zj+{~t^YY~3=o}A=17Ks02g0&^Pi77oqid>?rJj_P7mYP#$+~~6%)FHJD}16DMj6HK
zeJ$TcG$?XeiN|66!JNe%0q3CmohK*_8~1IzTaC|@3s)`dVOnDor&LQ_W>Ulr?f0~<
zv=Dt17H4`;wUtKQ@H`230g3JjhmWJltc?#2eZFnX{s6AqS!1ucQaf!>(XutTI&!n`
z6Fr~$=fipzLbPp<$8(=e+0<<)%JBH&HEP?iZ}M||dp-v*BGESp?POOE$CKTWZvP@A
zD+y@VNMBw>dwl))fSby;8qZKa1Ko(3EnxmSy6h3kNTo3Kw*BR-pN?2i)!L1KM;D*=
zO3NXRoNuR8icIUg^6>%|LZ!l9c;WI4^8o0bH#zt9g`dj-kB^^9JERw9HMq3TSYC|K
z4?9~s0L*T#^-Y2K&KXO$a;dyydOnzpzpRXns%_&>4Nsje3#4sQNGqZX>FSg)E>q{2
z&Lyo3`Y7;lo<1YX@FU(k^uhe79&^>#!;I%CDuWbB?rm#dJzn*-w#au08N_7H?q&PF
z;;H4{dm7TPYwy-9<`y2bCCN&q^iDtOr6D=bd+@=SC24Dxfw!eJHQgn<;s;~insh95
zm(V26+wszVl8QA&zSERcV&po)hPROLPxY5{5zxT&)7g4euT$<D$Y^4#sXudjilLrj
zX8DR1I*$0=<@YZtkR5!13ziksJ|8Mu$Q>+ONDvZx5{+i#@WPvAul2yJsKD8`*JQY7
zXZXjXbWWf3RAGKbcDN&o!JDPW=CqWX&If7JH$8Y>8Owd-X?J=b+3$%E(T=xcdRTS=
zWmECl?A5&|RpMF#SA_~2G`*XIi<Dmr$5vcMQs3CZ@)dP>Dx7B@q;fNdN8jH#ap$~Y
zE8i2@!Ti-Nk+nBmki|x8M%lBT_A1_^8IP(GR<Hr2R=x*vFLJ8SyZ6U1+6MD3r3)po
zs^Pylid?P|_UFpzSE<{Y;XaXMd;es(NQAefXUfM2o-GcNlV7qUx0O^GgF0WS50Tsz
zU4Q%b{k86E_au&E-4;)%nI51gQK1Ngd|8cO>RAkhWFQZ{ui<(h*yr|`Gsh<&p6L=g
z4Z{<vZz{o@U#+V@+kg_jrBD#i^9prKr(Mj7>uTCEf4*($=)e+EO|d|Tk(#xg-RbGm
z&@x?^9$zG`7}vA)A?t?E)%f%S(hm3Ea6kg}QbuRFZw>UHsON9jFm2yrOE~jh=J~{-
zcOl{{cplEdeK}N*?Tw;8=)SLx;<|A4-K%q&3@kJKbmv?zbpQb=?~uxmp6R6c3~g~B
z@;t3{odc+QZq(BItW9k;ZEAZxvWG3ihjL7QeY@G|KF^P%MJej9d|3>WtzCb4`!)|v
zFBbQ8vklsM-*7cWXK-x#Io*wplJ*1oH75=h3TwwNfkIIWd{%MI-dFiF(kCHzxAJS5
zYI$!@@?x^04`GYe=jHWojP&$}XSg4IcQdWCdpP|F_FkpG-i7LvdQ7a{MHeT{5hs3!
z7MgY=J31Tl5S!Bp8+Un4Z~I4@GI_V3`xriPNxwYqTC88~<Ep;BEv?tm&P6pp)M;is
zioAS;)*&Vj8ri3DGmv3DfuZjFfxDNL&NklbEu@r*b(Q-hc!fJpll0nf@RN3DZvGjl
zJTFb{Agj;q=R>b(yDwGN_D~6XD+ELKm5npDQ5ru~qu3xV9DCp#(z%bcaEvtRm?pFT
zwL#?Ps`o7S%o!Dia*&np{oG00@4Z{l@2a?cILjlGD$8T^h(DjlXGdht;}Lb*cld{c
z!e~1fLOwdmW-wj;5lIYgzTzTGITBnPyJaHI_ptiaRK<&HCGKl8n*sbd@!@?erDxxd
zK))>0PkVoPQ?k4)zMy1Ptd3N!&!%w+HHcub=bb&An7MBJx<peIXB{d|xma^TJ{4*q
zG%5dhj1Y8WpYUjyeIcaKrb)H*T#FlyJ6=F`I^@G{$YE5b+eM+K%ax-7RolPzmZYvq
zn_1W#rWeL~#o7Ae0VZsbnaqvbVIE`5qL-dX*nRPQCq8sW<9TU1%T?t08n^iOu*_<5
zMyTO6Kk%BDbQ<TWNA<wr{1i?_^#_b(ml)7t<$|ArpE-Z^CdLZW2`|3K3Pbi;Wc-$K
zjAG<M<jFX-mgy&CUq5Qnb{@_ocg(X+Re$w%GojaCl~<Y9^ep&66Uu*O|JFpJWZmZ?
z>X5ExA@cYEy;AL)8)dJI)yTpt^YhAObET9rb7&H=*OT1o&8Y>fPYW)Kb*Jhx@rNe{
z*E0%ewP)3S*w^pdTb1h7UFz3)Zpzrp)-^QWOO0fPym0?{k{L}B{=>%C3qx-OD_KrF
zUU++a>CNUPp(V$$#}8umka#aoOg)y;ij==_>$R9rMKlLh(n+aI>bs}#mrt2eoE+u2
zSJ_?4akN4{IOK}32r)#^6$v?*TT%*8XZVqZzGFB>PePqR-}J{`p8;zQ7TtIn#-<Xq
z&2=s!sPes;K217nJa5JIT-()qj3LDc`H%(oLrhe-fXf@#&b(DRfC8(lQ@x<oQX>I(
zbGt7O`Y((DtBB0Z`Oen!c4iMr>I=<D=5^%9q4xzs?9A%T)Fg^eH9KUpp4s&pt2s0I
zGuazC(%}#K=hM^29T{+J5+NE-jzbIZevkVC!sARCe&cqTJL(=B`dsqmAKk931T3r|
z!+qPSNRmOPYM=Oc8Q;knw>tLiVXxHNdp-qDmPLgnXPZ{Y2d>N**jiO{-|NU!-?Jw)
zPh>@#-eMlkqkhuX_>3!6cL|sIKxLqH_crI~k%Q;ZPIe9c^$n@LA0lk*2NZ^`=!=;?
za+WSD#7!bvnkCXr6+d>Xius$}?h=2*%kQ$7I%?Z+X>G;kDmd~o;#gd9790Id%38I4
zt&^|Tj*Z)%q9+r6jAW>8cf0F47=4#|Xlrc!@DcW7YTQe+OXMMgjj6)u&ni5Ww8-sU
zkBI*4Wx6&tyrqUeciP`$=mGaEq-L=H$w>!v@Ixtm+14zEkN8$VQqi}F?ED0yl%=F%
z6X}(&r`qNoj!oy!WOE!EG$YmWD<+SvuxyWve!v0yTuc@bE(@=?@ty>397jn3H`XA5
z8<QsackSaEPY&;9=?mZU5{PbJC}^@8JHIg(`$f%~=hQk~phnmO8AoeMy@XV@l#CZH
z*_@$89mhCI5}Ce^Aa$yVdD#f8=oWkH0vPm6zlw~3@8gE$YX?2G!{^qU$o<k)x0f7!
z>DOqQnla7#5i#RczT_c}BIa}9F@us)v#hrtsyis3n-ReFj;Yks&u2ltc3pKZ4fveJ
zA0|$H_~jARGhIPv$j8HExEY>p!uwy}$#1GuPd?qvQ9-S}vAW=69?d2s_&UF1tJdU;
zRei0UOC!}O{Zju3r98_9KhMaQc8n(2nzCEvrdXv?kuFEiyu94FQ>CPw0W(M53#@z|
zSq!5QNp~IK&70Cod3TV;#PJfp&RTv~A2ZWn8T1l=P41rBwqT~ycsU=J%d>YEHF+QK
zf9)3tbBZ}t{dg^QZuQOCn88Af5m&lpbBZsd>v?Ybu@JIyGUH%hk^@=xSIP3O7Hw!X
zwLs-r4fHKCt(8PZTv3yAg|$YX+sFAbO1H)@@rf~|`AYDUoAOJo;d$U*p=zNAPqzt}
zVLDRX-d@(X+GH|CUT}Z<IyC>p)QQrnk@fI>vvJgi!LE~qET2Xb-fpCsc}3CY7F5D~
zT-!!eG|Gf!P@QWB5Bp_#1zgvz98g=$`gl$M^ghw!3f;MqD~FUXQ8%d{&*E-)9?zEd
zu1MP`V{sp+5MQ#?jD0|mZp?|2FXK7l+eM0383i*!hC1QWr-a(2#9~jx6so4ftZhaZ
z+t15e){}VL$=aK;C-RkgGYe0J1_|RJiEh?jmhy)KB(CTCHe|~m7L)eU7z?OgC&A~O
zq$z(GDsTB9CWLj5#6F)1i>8?Dz5S4^z2<wnC`%4!?M<P|+S`9bmE$HdSl+UWl6JrW
zPnuK^@<G=4uETyV^T%X@Mm>7WNd-QdbS!N>VS6M$Uru_h;gg0e=JNGncRk-nNqtm}
zU^5snZl}pS?wIe8w*hxO-$%QPul(T$vZ}Adh}OW{G6O(=-Y}s+Zl7v)csPG}--9_7
z6K8tlHnNzjZt(Dc!v$j+N~(j0fb;TW(5HW<XhiI4><9AHh<_*?g5@pa>8J8dP4(y9
zY^Ti=Hkd%!g8W`F->pwlx>HvsG?}=1x7w7)LZ1rO%pl}#Vl3(#_p9p~;zKpbrC8UQ
zlj13!uG;DkFOu0x+N7zbwya2*chJ;$2S$q99m<J$PT&2QHKL~Z;p0?gwu1sWu#>vp
z`tz8V;ow@?*X~$7&Ls1DNw%zqQ5&w+I5Szd_?JnajP`3(Stje8T7-xNp<I2jkx2cM
zd@bF@ClXjE4%M==rnoPb(JAe9>?(b&q+%m<z|-9Gtm?6|Z`oYWmP@=)k3m$N=>~PI
zm5+sqnwa^trfO+3rBkUK%<;X5i!aThiqb~sKL@)ec&;Xvx2ZReoX~ssq*vZ1bvpm!
zs|*EeZ^nQNy(?XpW+z7Pb>D!#JDfjy!-3hz5w?|y#$4-u)Bo15<gRd9r<=m#F64m2
zn=NyYvv+Onxrr-73R6kXTd!BQ=s|^nGiUNGnMykz#};*O_d1~2^ZNDJFZ)u0sjZ#{
zg61Ah(+5sRp<8GSQzPpN)FG<{H<${l+VY;eApqt=fEEmKQ|g(r*w>ktpnR(Svh^?|
zOO$3xef(im9&PE!-Pht3Tl<tKQ@pjjt)IS?7h4nWZFfmNyO3RAcTqX3Xyk!eziZ3J
zT(N~wFLGdppN&O|YTCMX=?=rG7sYIDA_<Rgr7^N?IMAg^Z)uj2E~ePBo4gs&S;MYg
z$F79E<rjH#WY*dub*jeP@M~aaN4{x-pdoLHI#cGQ0=>1<AxF}O6NY1_Eqb^_3Pn<8
z{ocxPWs9)j9!K-db$dNdJ7?}A-QTbDg5Qci@ASvD_VO!5Z1PH<kT}C>u#dK@9pY<s
zH2984m@W655;=qC-YjxoD>aFdy}@?o0Y(}UCF}$xBqL~}b&{%t$TUb%chFmE=}nwM
zAb;IKU#n6QU#mWn`kR}izE(aYzE&P&t7S8k(;!9t&8*Zjtg08;3Z?ddRPy7{WX@oA
znR+v|i&qIQy+wc5rT1QWpFflR@=A!Exkqr^{;+gllAODMg}<xaje<y?PiDBCc|FN4
zJ_!+t;K9Q~TVpf>VG(a>$SQ**&Wx=GY0|L_ZH<$3Z1IBYW9y6gGY@OOW~ZK^P9``#
zQfb#cTq$&9=W|nqB^9|C&r_V|Jrw*pD6fNy?h>+?tL7mo0Xy@q8mh6Ikx)*9%%2?I
z>o#Y;^VT|sU)p=K?*X2Zy-<A&VlitbI$WB4CU8LJm`!?(ZD7r7gzM7Rk25{2oaem^
zj)bwrQA-uF^Z906j4xEAHDT{(zxaN0+HF?JIe&@4&OwJ&vl5^kNHVnVO1!heqJcHc
z?{+HLAJ|aq|20$a<^6d#CPwq<)0mRgx-3%X@~YuaRpdrF5%|Z6HDPsJPs0SyNYuTI
zx^eIHjeyEW1Lu<G(<bWjAI}FIyoB^wQvB5EHZ9`mRJ(_zGSH)BICP%X`RL1N<ni}Y
zFZcV2wnwMx$90t)nqijn?YSxO@T6@7Wz6PfD(5sVN|jAo0n;al##;aReRpS@v-Roy
z!Vj<dOx{c=zY;KeZ^)6BzVF(w%pq%S>3c;9kRH?PA(k|c$?e6oxha(D6;H*mK5v<3
zz8@{O#>wP?nm!Sx%b!Q{DMb`zEf;zA_QMv-V~QHW2iJN9J~%9t*p=IQ<Sgw!47;^>
zm#aHv%BLAhBlBdUV~HMhb}_ry_=*&#RL^(|_AGO@s*_B=<vxXkN3l+grw?^hR?3AQ
zHhtNYCbTWB{v<F+V@&o!{DRy%>~TQmv6XZA;off4S;@ikEUH|2@%*b~bq5&VuJn_~
zQAtG#>;*DZkCpC;6yR$O)vO3>EW15-<B8qdTGy(FRviZFVlKmCdXF!8sdkE|T{U;S
zWw>TuuRmY=*%ch%alexY|2o$dHgYe%=xY;l^Gd#^5M%tc*0uhY^)=s9r5mE_)uiEH
zLqj5h>m-COvo+bj;%u{&($F(sW~raP<b2iqiR(COxFGqUAz#51*$Q`YbS(90){CbU
ztHoZ~YQ3=Py0NrmSHPc=u=Ixf>%{w>M$XHD+Z&@NY)*Wx+4^*A89VUNXXN8i)ECjT
zM%L#ITL{)!=~N#&FN~7E`|-1>aN#cdTcdU6WF;MvYe>=C5n^VFYKu*F!6O&CYP(4D
zUaO|<&3jEpn)jOAn5>>Q+iRRsb+M_TAlnPNH_I?siIk94i0Ni|aj%M#?-UwaIU1Sl
z=;~=LNa|_bgGVlWC8?)9PEt>+K<dltxo1^8jDY$MZC3ul-UH{QWv(sVY3oomxNBFO
zmH&#@@s6>n=&q8vMdMA^y4<7H7MtW%cRX!qoM{Zxv~3mHv@LZ#ZM~7kH&XA=W_e|^
zKA5LR1}%|$G(Gz8ry*`vtz?+4q~e1y61H+udOgaJhuwP22M=A2d>HzWan~<Xo>DkN
zKRian&hR1&*b5>25hmHQDjw_K)n9qBQ0#L>?y&_!x2V+gvetnq*7al!zBK+)TbjAh
zR^GEOj5w!kjh{wMO7U%780MBwZZ<ns7!!8wqOg9wiyCC~y<M`Nt6`%7wuF3qBKbk0
zAnz+1`mq%!ekQAU--`E6g{xn#)KuIlj?BJmwUEwy-#4o}Qmg1Bs)*J`Xt?mQl7)$f
zrlG0HV)mYF*xp;x@FhRVBUr6OXv)E=z=Sr0J6E3l2o2SX*B-SV`H!B)LUgJu{3psf
z<|6m$SIQf70xlx;OjA<w4d=vy^|jtzT-eSH`V#IuNqPEoiAWbOmG7kL<#ZO+%ZJQX
zqO}c?`y1f>XP$1cPECx9GG5o)pdXEQE5oclQJFqMVSn**P)Lhvfpz>-Z9_;@wc(VO
z<Ff@wn2dQxn5l^;9BFo}_L7;h;l*3o7a#5orQd5>lRFaGqteHQSJ+=D$vgZsj(l7h
zMb)aKt~aw7k6_jw_SA~HO)|`@>gwa$<T=a5Rk!CjboRV+!HYw3pXmc$9jj7PK1VV@
z<0>#qGC<?Dl%RcLUeUcVx{N<}{ll?I59X1gz`4^8U#Z<zi65WzyrvaoG4uF1?o+Kb
zqwLTdBbBPgtw3K#&z>QAfwUPxW)XLTdygF|l&5sBFq?R_FU@I(Ci-Zq)MmNgxz>&^
ze(EmHsujv|FSdMoLq<vN*bPWcH@<7s+WhQ`yLN@=nlSfnnjhtY3Z0X-NGtl->%S$y
zd%n(0P)vAiPol2w{Uh9*^%#LTAFc!7WtyY2R_}bY^9tT&S>-fz2juHL%X@L@z&qL)
z?-@h15MzQxR35F#qIt{dsOmhOWN3!iY26D-XlCY>2a0yOOv19ao-#qtx#w<Izj!lO
z)z>I=%2_Tn?g*O!@;<ATL`>e%<pp7D?WVh2Bds1J_1CrTMdwfU<Vju5{!I7UtoBuB
zNJXoTc2R2)!^_D4GzN;ByfVDNTpz2-6+jcf;rqpTrT>)^PdD#z8B%(!3)vd`6>}($
zOiCl#-h@63;o!xXHdEyVLD}n`<%^+b`a$Iu_L}PR^6T0`uUCv=HNm%ysl<yajWuot
z>F7B<mt1ItJ$qFu{(*tH=fhF=i7&eS*hw|^VLg(wY9b^S#`M7=(-!X_y66-GG-g)h
zD_2$F(?hHjQ8cxJQx2mhF$KrfZzTq{&yOWaBLo<)hJmq*FyVYpXRq`6nFD?wCFw#V
zW||~hP>oa?ri~m_Eh1|o7mW^YGwiW{PeaX-IMF2tMpz3guP2MqGww6=l;cG4Ym{qu
zQjoY!hG(~tPgH5<IrJg8FjsZ&N(#5pN$5mFKG@M(JX)KtDbVb)3gOpDZpdE#d~%AV
zAwzY-kK>VY%XI%9I*W7-3-MReLj~E4hy!z%BdIymJFjdA9nYh8KdH}_2vdl)<BX4!
z_Lxr^nw^cQQPJ<&s27prRQRlTYR00JtIO38t^3hgtvc?wTvwWJ{W5M?T8ZSgV}lv6
zTansyOOCUAav;{I9BxdJb@tF@`?`<w&qO9lt+x^QPr^NW6U{qu>1pnCovIrzg(ILn
zA3WBNKx|B53NN=x>>ivHuWF@WtsdjCh)JOLju+`It*gKoJ!4->8ca9IrF(lYI*QFE
z1oDSRSTouU(zj+rI5zjNzrI?HKbLc7Ca_fH1kIz`%vvXEgLHL<qWa$GX5YTSz07<L
z-tM}(dNS;}D?(|KM_;nsKW@pL?s_u2xl%JLAyG4GoX-K(9M#Q4d+y0c&w#H(?S9j(
z3&t9!JPBDEHL0-xSFO@%nx;yRQvnlpBYPw~3km5OrQIR22Qh~gBrZv*mkZ%Kkvfdl
z8bb1)n*Dj2x%yJ~801GSBtj(^trRd+pZBS<`zR}Sz2}JUWQvqh%B46-o9~ca{$!4&
zJRqDl+QoUWm{*xewJ~z(wT2xX<k>~FW%mODh&LZ#P51AYhUupVN4*zk=K0IRs^65Y
zRAf!X5q(#f6eW004b8+1M5~^u*i2psW?`bju}(RO&}wNdBP8yXiYjb;5EoTwsnx6Y
z!e86l>>pU6z)N4;PqoLa)SmQ!^hj95nbw2F{Tn6}XJ!vGp1)AMwi}Nc-*3299AS6A
z;q{qMT;VZlU0@ygKF*D>>;3c0?ULM+2Pg^tum@0W6$(zEKe#1u(puWOmA2#V_N64!
z^!(nNpHIp*#*Dz+=Nb(b4OTqOy=SV|RZ<{(;=^Xgn8fu=@@^rjmPZ4;J}Jd5o)W*N
zZOL}_M(**zm6?mfZ*qiwr)t%8U5RS>f^6um_Ff~A%|==g{2i&>-P59%S#%W*<)|vD
ztJeA9oiH3Uq40HVl)YjBdMP)=`eUJ8wr%(+-De{b^(R@o!ZSzPL{}P4Ooo_IbXIj}
zw%#w<TXxId-owt>ZHi`5$v3!CQA~p4Yxdk3@oL$+Nu(iU@G#%mAjx{JG>?My{vev6
zt%oGYZRTJB*Zo{60@OoW^=2W1+l*3{=+6;5srvcB#%sk?i|Yc=WTXCM<h9s7No76_
zeu4Ze&(gzgY5c3sir6Yfq%~wyW9}SweEA_ow9+tP<{6@l)ut)cTETQcw`?~x=w(o4
zHzVOcEV;LhJZBW?wfs@pPo+z<aqUCr)j0fG!cuddpm=R2#3h9OMHusK%(_ucqT_wY
zHHAdp0~VKDU>2>?)<ea%<BYIu0fBdw?`_X56!~)`Su@vdLW|7!1-3GdhKwG_)0T*G
zc-{1b&HBkSRr}V#mun>aGIB3csf{f887mLQBVW8b%9~A_qlXFFZ`^X?!1%Kxr=OMh
zmz8)NGUho(+2d|Kmmi{Pxm-lwzfs0ugRl3mO{wlHSl7H?=kLe-V(G(bgvi=7myI1u
zlYHHr#T1#c9kPd8r*r=O<LdWRCyq?`^5rm0=*CjBU{)Ptv0qT;W6Dy7mJ5j)?@T-G
zhx+1Iy9Cc(lz6W@ypU?)GMb~D_Q{0RW9{1Y^3M-UFiJ&vMstY7NKR3O{>of;snINP
z*d03qGDzPB*@5B+^|gHu3dl|{FBQ>|el#N!3{hV*E)3k0WgIZtV_eukxl{Nd>y2XJ
zH!kFY^bza`U7h0OMSB{FaP>8jVD&XQ)$Gl{VD&YwVD+_YBo}6CNg;h2*}j5iqZH_n
z1LAQ_*K-WKExn@0$lwxZ&>^dgQkGS!?7IOWt9EUX?=-7+ws8OlA=wn5KC0GQbdu&k
zu{|k~ype)z;{XZO9el=xBeY}dRFx{;q4MKUpFcg!6f`@m&VTTb13H*)AUJ~m{DZOS
z8xXonr<xrej!{!NtREJ-M|D2;T5$vtO~g*WTTYFmWDX{U^qo54TGFr8&*^y|ne1xP
z)cWCONu@<8Pls~Ry3I2ywGs1AVN2A)61_HsUAMWFN`>;tZt&&OHt9sO^m=K0nCWEB
zq41Rp-0EX>qo1^#sX^$OXD2aJ-7+j25Hq{t>vf_ff28l!V12X)_X&aA+g3V>J?)jc
z+jafQ?^i#}8%}+YO3o;__n4JYw&5&)!1XOO9_V7e&TMI(4wNd?ut(W@o1f~sYJOk$
z850lAFncq(y?7;7JSVj5mdUb5WJB+*jJXk08!OgFA0L`cnMYp~8{upc9DG}^b2lrU
zxmu}%wxh^A6=fJywfTPaZM%hqg-XEZncFJYGl#=m=XkPSD1?4svkU&fW_*H|B+I`A
zNJ<ylqnOZccct>s<uf*led+x<J)+_cY5eXi1`xpq?02^nuRdlSZS0kh10&R&iaVXF
zs*cn3VmtjxoEeIWmIjNf;ya|o$R4Y8v|4Ey`mA<!+R*zNT-1(w3Ar`oH)|bIzg|K0
zcx<Mxz1`yF-mfG{dyMy~9(5%Vq~ci0N;?1Gd8DoiBQ(bDs)Df=t)sYEYj{uI`_QFW
zLupNn{=H3K`?z!SizZX)ka*<bq<c|JNnrTfq~*FJwAbw#JiM)r<yvn%R4gyuvh`4i
zF+w1fpmj)=#okoePc$p)oK-Q&^ll2Y4#$s4`OVBH`xtbtWxrp);Bzi?u{lbxS!Z~D
zcCuu2`$_8apzSvs_FG$@77a&4PYqn3WGj7sqfhD@SFA^>xf7Y!eBXeYi?WWi^n~JQ
ze*N(M0I$*~wxbUm(}rv-TiF+I?=pt%OOzFKDn@M=z1CkX+{&1Jmf=;E=X7fF%CePz
zuChy$;;NTyyXQbPvMEn|okMCtU@c2vV9i%Asq{##-*q3Yo7ZB86nPr5*{a#7lBU-j
zJXn@43O}EH=srvDl{|G)g=Lz#FYWa4bdI37(&IR}3x-%WdWBq?O07`Q_~X{xHr4=R
zn#Yy5j4pV8Z$C%+3e78=j8Z-0>l*3v3<n!7-sfoY2$%GGh!P<mq!}EbHV9;Vbgyq^
zh8i1cy8p$X!<(tIpEb?sGwmlP6($Uj(}OntksQKXzT(4;C-p1aRkqX=YQMPo&y5#_
zP;p;%@(HXc&B+?kdgt<J1@WdvAd=-n$@o%M_EnYyIwMUtre`DaedUqdy`S8W2gL$V
z0^?^~MFwfR%vlE7l!EEBTZ6;sTDgPiT1j-XN=3_)he=#T1~+8OlS_XoN+(~aDEp--
zT{;KJDn;y#+Z>>e+ngcQ4j2x*%(KQk(57zldh4#bjg{cWK@#JIa}>s;i2YpV6q14)
zuk@Ic{QNcPSlW(<@7ATOpCF65e5+5niVXf*mj*3JJizSIn;Y=&)OwPZC$Ihex^!Fk
z->yp&u&e)Em#!#_r*ElD4sfc?)lNudOL=6<G@!(SRU5e@8-9s)ZC{&}8|#zgvAu8)
z^=RRZzVg8HpFG+Yq8IJSPfYvFNxVeaEjr#>c+I}PXEkhCE%!2o0pG;U1B1BDk9Lh;
zZXNJ*T{}IoZ+cBiGFdKd`S`Vf-u?IQArFsac;02!Mm)Encb92k9}J^$sk9!Jvq~>n
zJ65lVT7S5dMOUQw!qlkweD&>tR?qvIS@6e@Eci)!)t+d3+aAbS6I9ts3lu4(5!CPQ
zx)QFdof4G0;X<xfu(p>h<{|Q2X}sLqamjeKqtm7IL3$~pvu_@Y2XXD3hY0W6IS;8G
zJh-8i<>Yi-`$<aZwA!-H<mrm@8P}#yU-7xbdCJUhQgTA3dG63vwN2bbMcy{AfRF<T
zZEx9_!SK|;LF{qm2d=s~ZP<?4y}5lS5{i#2J&i2b)*pkR`gApy)3uc2_mJ*AnU$@*
zx62qtG4`2qRN-U8!;Rq_a`tFdjrhI6;XDCG8XEDx)L}IkT?NU0uEVlN-y~s=?j_lK
za+8!j+M9$u8bKy|;60_QAQ=%k>w}X)RnzodDhlJ!;jdvaTlHoSPZGAtc+NK;c6N0!
ze<s_0H6onn*E*~*jH1h!oITn*Gd!H9o@57~ss`iVuft|*|Lr;~0Xy~2by!zHrcYTO
zjpydYv|h3lZXVwMMwhN*IaGQ?I6Nk!q3&4Yi6EcN0j~fyK*_(ZAjNurzpeG>5z}Ah
z6&5q*^Ki&#5aFx7(`k2KB@CCO#=}Hq-e?Ph4-HvzPJ|bp>=LJJvf_tJ#khY!7gtBr
z&ZkY3-4#yYj^%q;%e|P<X`tV?Oy500ewEpO|L}<d@sH_u9m88cOFz1xGYhu}Tt`F>
z_gxrKt4vXr=3cCP-}~Xb?>Tx~>p)A!-j~@FVuD%{McUy*9N`V0@vhy8_wFr-j+9sI
zU2tka8=&nf=~Qw0Eo*VIAys*f>36=kE`Mpo@E<m+8AGU<hE5;2fpbgJGi|r_nCR_&
zM>lI?>?lMdVc4Z2d)hwp5a-39&#%P~w%NI5<TjS+ikN1wF`cn;)><%<wW;BE9xWOj
zx~a`kS)4ig5f<{oKYPKK#ICS*AO7V_lC$JvJk)#8jKMJ^Gq*H`@rAVw`;5Kni4hm|
z9>U+?n%Nzrwm>oVm^4Xs7*GG&*o$-K7X6-H+YPc_+lZRkYb5xW?!h&)vn2SJ<0trr
zA`Ts4zttM{;Pyl`-B85b4akDV2_8z?4em!fR%QGIOyLau*Aslbwx~Tj`$~ZN=zYPE
znpu(HnptD7;m@+Ywu=-*B5O%zZuyZ8ZH=u{8Fd{wCThe`_0_M4ta6*z@y^&f{caFd
z8KiKAeq^2=|5Brn{QMreeQ|0WOLt%l2M^Vog*;r2JSckb(C#jDK;ul;y7ulPV&~o|
z{y|=3kx8l!ueDOGOzZYmc*-U4Nyvys6!2BmDYid<&J(Gqg7q)6DzMBxU2u6nuOejh
z>S^k;uiuP6h8Qk<l4NdIQ7yu#7#)0#pAB$OkZXDuJB&2tA8M${R2mn_*%ZD&Yg^_s
z4Oxgi5Y|I}E`gy27-BZWrDbraMy0YndjD~Y`7v|NaPNW9VpY#v#dT}=oZ2DdlmWVZ
zZ6+F4GxEU{6f9;334aeH-3Tx1HBRy6%o4>D>$HrN#A+>Aw3A;C(LRXTBN$TF%T<;w
zDwlMFi&9W;o<dM>FIc2N+Gg^S1T1<<+Gg?yFI6QjuP-|UP>0w**-KU>-mk}emeo&_
zj^$R&g&o)P2!9t@%(aP^64V?1#r1$i79?O%w&?v0xS-xJt#Jx_n~4``(v9`M?Rwfw
zBL1%HA!66~+4Yq5#?w!ItZy(_9ABDm>iu}Uv*Zx-nG@V+?PYrf=iUa+_lVGVf%xN2
zWnlJ`>4>93UCZ1}R#Oa)ou3kJ>gp&RyK35k6*XcIn|vohnb`r)E>ux_Lb`H_RwrDf
zZscBr>_m<02$i7BMdP>aHwPG6kKlDLck>O}*45T{(m1=-Kbg*dbG7r$y6CE}oKoK8
z<-l#{*b!#y4{~?7=SqcdjpDr$EMlc$6?IQakMLpIj=fcEde+=hw_)(9CC``PbAf-Y
z&c$1+j1TmAi~Vo*EiD22N|qRJeW4Vp_q#cB_eKH-w^virfFij5sHD)Zu#+)AL8}8-
z1!1>{;WY+h&K!Morc;u+=e9Mai0WWbg7W*kxQ@F+`SDHklQ)<TDlg_Pl^uasT@3ZX
zMEVR>Dukw`50`5_kTKD=S4eztFG8<|{v0a5M_^j~ncS003E5ofT1_o&#`G_yg{=S$
z3liyaD%J3<Hdx_Q{s=86N5pGgmB)MQQ;(8)X*7AW^)2XjXWOZl-}C+`?i%|4G4f79
znl|myXirbuwr$(CZQC}c?VdKDwr$(CZF`#Yw06AjxBh>x6?-47ll#81>WYjy$f(GQ
zimY&f9uRo{{DR*<Bl(4|p-mJ;K^n?HWbz9T*`78)tj?ES+1Q>c{<}+JdkP8{_#ZB*
zU=Aj~KoNd^zKk%x;5TG`!5oE<Xr9BbaDn-GNF1Qs546o+BDhYkKBxq%JGNBK3$o~F
zoBtf*VeJ3U)qO$SKNhI~-s*hmf9Mq6U*kW^d$qPYUxNKFKDMWa|FuqWfT90ui}Vk>
z(0|uyxIiM}rUwsli@74>tbTN2Lu0)Y?{X>}6uoJ0GH8bf*xIg(PtY5Ias<Hy15-Ld
z6fT$DL~R4*8adXIXYf6Key68v7;!7dVp8W3Vu<0*H-Tm9_4+Sd9)%{4Fz*QffzBDs
zhJ^-q+C;anPiz2@)(EN#kp?=O+l0`Sx}ca^A#aws4y25#3Z?k0lrUFX4rqzEK5rZ}
zZ0JIY3$Y}&cEU7LUq@m@ssuo)lW2{N@+^$ZZ$Y=Sea4kzPeg4Yc|!xsk!AzvI_I&#
zYOVq}2Eg!sSDlK7cis+hXHZ@2%njkHSG+Zs`(SBxeH9<TL}FAR_@OoF?DdCj@Hz+~
z*doq2gb*vshnk#+i3KaLJXZymh{Y~+?1*r64apW*NL|DNO06A-CG1%YYT)AI@S8RQ
zp&JI0XayX&j;d+CmxsW4am&oSL|Aeds`tc`Pq2D8`j&XoP4-dUhh-LB70~!<V1RYe
z=lpMWcFlqS?BnwZFTQ}_+{2C7WNeP2QSERU3z?;-eYO;SUNJR%v(|iSX+&FbCHd@H
z83mT4s*^@{H#Bg<fThb0S4ak<7sRi@Tcyzy?5TPDQX45%^DU~VDh_-GCG}F9QQaI1
zpjipW{S!qioU?{`2I(IIXCZUr?T`P()m(L*>rT}x7bB}naIRmb;01>opK5K{6QrDP
zH@Nds1%>z&I)MM>@5hIh9cO_LS7^j|#?LYQZQjz1G=`??_RE1Fr`VzUHR4tti9NQz
zgf{nmqOP&@Q=))lJ7KWF5tPJNwef(s$d9T)>{MC(ljvk@Z$lmvWLCg_=_<Gb9qA%^
z!(#JX=vbVl!hGNci_UZ1m)BA6d@`8exY6q7FC3YjxCrhpRo*o_E(>u@{xSb-wqf!T
zW#Dy?{N{C*m44YR(CCtdc5xSs&G+qyP_8WEp&|G679%a)=45^;rCgB8;nfa_GN&*Y
zoir)kW!_ahnuZYP9t!^>PY|v{QQ{nNDDcw|@#PzTkf8YC9bjp1UHjU$B_gVd>cvVL
zDdvA0Y|ZCnVeDGAcJ_9GW*N*Ungws=z^miDH6Z_>cA+&ldS1ONMyYdTbGtn1z$eD}
zT!3}k)wvk<Y!9LXCGEuH^^;;+XQgDHbZvFH3{m^wSIOhwb{}{VG?QqADw)4o-Y8_h
zcUhzrVsnz}^{#x|=~!h#n~s}RTZ{!>9^RmJk=QDp-oac;#x1XBxvcKWi6+$m$kdmo
z6ABG@Ea=bePQqnk<IFzZ-r-^_l-v^3q=j5u3AKnIC}i3306|@AQkzB~*rFP*((SzJ
zf)yTDk&A)+DD)IA!p-S#waDnmqB?_*u{#64t1T))B(^bFlO@pD4l-!QdKMs?@}(m5
ziF7LCvK#IWPnnC7ql$+A<SmS_>W*B225xT+g;>`VO7+>$XjUvioxUY%qgjuA%rnf9
z7*41fPRtq@>(|{%SKFijb8GJnX1xR0tNcU$iJiUKr@Z}pMbB1!ny-^h_GUTE#Q{d;
zAiq5_xyeQ0+|@FV<_%Gd_l!=JL+s}7!dM}Cw|7u<HIDX@tl5>04(G^`IPPN6H2b^!
zxX%t)*eN3y3E}X#xc3bDV8+ueY%m{x(e=A2?irQ$H;h(y+Ju7N)P@Pl>f0FCwOE-}
z>rpQ$Vs|eF+RJ|<<Qq5_S2zSN{AH7~I3iJ#ocTy!IQxEhIVDUpryo)sRD8`rac;Mp
zbPs!bd^_S15)yvjPBG4W_py8n20Vm)eLvRq0(TzH4F5l&`aZ6&!<e%^;ju2Pd_)>z
z=I@yYW(Mpd*zI>ff)@{dzpGvT*Eea9qOE+?QCGu48jY~mAdECj1$vqK<4K~cfZP9@
zhG*_>y~<P`Tq**ftFeq&jQv*>p2PFsD15T|`Zw4?QqpS@nn+t!?<ZnTX1&+f1U>yC
z>Qf_1(n&f;r*rF~y(>wBN){UFkoZ9Csws9o4wa?0#G92wbi-j!a<m2Y0ZzyJ)1lYL
z$KyjoK#2!WTbIh(T$c6QFiuH1fBo!0VBuS3p=8&Cg3_xf2aNH>Xwo!R-3~VCGV>0Q
z(ZYjcQ-P-EXe&;zr?eH%D^nfM(smiQRKQZNS6`V$go`sUKMdpXCS9Omg(3E<*k4q}
zv8AcRIaUW;yj(@sps{)~1_+Bg!1Ug!GRA{r^QBsU2ufS!Uv1%Gm)9D|KJ~}{$`g06
z?<iY5RS`-vPcBL+N!eNwTmJI$@hVUMz3K0*`Fr~5kj-@b#{i>i@Y2b=CwW>b)|x~4
zlmm)WC*Io^MQ<p&MbPkGZvgN+u4UvgLNGr>HmRPZ09zU{_j5;}`-S>d=vyoz@OBx#
z>df|eFGS$<ZIJ6gtO?9~1}f^YG0tsOq71H~HVjyh*nMPDJ*hB%R5r>l1y0lO@;k#S
z@D4PqOvg=+El}O1QkJp$LnV6_?QwIE&q&U$Y^ovY|K|6feeRpFm)HX{ts)+EnmMaN
z$>Ol|+NxRxCUhq)w~&<8Hkx*-olF&(q;u+owu~pQZ895eX&AF<Oya_MBs6(OB-w%i
zu!AKAh1$a3`bV`rWY}qDMZCclir}pRrJ^^rGYve+n?DTD;r)Qf3ma1Y5+%t-&{L0<
z`7YkYVaPdZNzTqGN#GOlU^#J2il=HxVj2LvgQR%2i!cGABfih&8xH6Bf)z(BHXQ=E
z>R%`@ql=t%I+i;83$s|=e(vr)o98yntCoAAV3(L9HqgtV3nntvH`TbLw1C=nRZ>HD
z_=<80?$kkYl!_LdqI8{V+r1*_pYaRcK?a8aGsXrYUqg_aG@Obkc-`PqiN>${aPL#M
zkltsOiICdlvS&puXm(=P?)=!UJw&%WkFj>kMxJe}D(`GFJC_vG=dV`R@^J1!aUK@D
zdj8*^1KHuHLOet6_VKF$I0tm5o}ddNGad0{q{7Xfwqb2U(+;zRrx@hK+hTrXqN<~=
zp$mZ7(;9(&T)#!(Izgj(@&(6>ql#63UKCuNWM_ezD$7!eR;|V-AuEOq4W4XL<FEw0
zr9#>VJFY^F`V_zmN~7?!Hod`e%rjEf@I4LbV6viiBf;-X!4FLvNmj}W?UK{?%CGys
z)ke>ChCP(h<dD8=jvP8H<xdzBEbqiQ1rFc&;}}Dj^=<}n&b2Uf74_Do&wMp{wpAMV
z7f!gOLq60Ki=sD2Wh##+X0sVYP}yPghI&e+=ENr8*t1fz=y&zqrNWEr<qhm2G)l9f
zdNY4PWN7Sw(Qy@*_rZ(nkqJ_29l&k;f~F3%h{*T}El1>FNM849sR`)BEaYWOC>-9|
z_I?-g?s-+pD~NfW3O6m@xz$&dvtW4gX4K5sJp97Y6La#Y+eARogvtZlEnX8qot2f5
zqel`heL$bS8}<(^pW-x`fb-^WAQHQ3q2<)uc?1ivW!?gSs?3rsUAX7nf^!kLdY&6?
z`Rsy_uO_!#!+J^qvbf9rIl%82G}vlI6}uD=*3p4VcHrF)N7R%!Ee^#hkVOj{E7K*p
z!0c1WNu3HQLfD8*>-$p?LP1%1#n1E?lUhA+3rHHGl^UH6jUgs_?w`8|afRZD;qQAp
zgTRXEffh)~Cn%-`m8O)lf?lr**W8wu>0-#@KW$#}43F=kZDe205U@(%lDq=8FBT0+
z1-ILsP9c_Zji;9f(cps%ZY&n}Y|oC%rm<K+y>Aa!xxW?f&XFQ95rwR}XaKERUJZ{C
zdM9eA%NnKO{x0t7KQpb&q_P}&bN3vOm3>J+=Bu3@WKn<^s?FdYeacpv5^P4xzN5Xq
zceUS2s!XMg9Q4r5CFYo^_U-$e3sWKmU?$mRsrcrW2u$-al*sqPS8g$j8DTowb)i;(
zHRULWw%dF&iJcXlIwPgMyZR{=*4TmViCWRafnz(Zv1-;)eWL!7)u^6j7$YPdrmrfl
z>#Ckj27!s=u`hK^q3HiKm+1Lw;E7}=P^79@?@{+!8t56M4uQC^1E6>W%0ze=r2?or
zqQ$wY#8>~alj>DGE-zRCoUj$7qE%{cAz;CZO^5MhS&E=1q4SW{fGn-6RM8b8aji8B
zNSbjzfomj^&Xh!dFwCc^T1cMaCM3K-coKTZ;dqeFh4Oy}AuL1x^9AEU0>vNy_8O-m
zMRGI*40_cU0;~nG1dlpjt9zTf4oaS9qgDKBtL1uEYq_&)rk$Bd&;OqPeQ0oOQ^1~U
zSk9!#>x0VLuuzcU485*b9-`!a%gDSSzVjIOd2drRG}|{&rkL`*+83d9T7ZLeAGydj
zDgp(Z)4c$sLd~ak<Xlz8VBmS#6JLJ-7$#FmG}hOHH<gcsDj}J+9<(Y^gTs0wnTgp?
z=rmInMR;1P$0-~<Ae98kk2bJMPBE1I``$9KyR=}WUGV8m^}ZD~Z}+DTun4phME*_p
z&{>gOc`yG(RLfeo{Fa7Momo??l4Pl-F1K)v_qAuMU;-j^EnYo`_)zwA;YBazEB$D7
zh*Q@twb%o*=ZJ!fUM1o;WUw+ROsUbgG6|-5aRa`{%}l!sVI5|r(wR1yyW&st6KAC}
zNJPkgf>{e5iUU3DjfrayK<t3VAlU&R{iTrE0dWrX7Xzh`*}XplZaDad*@Yl0f4JrU
z0Kunn63YLn4T2BlMl>H3p6iFjGY=VM8=7#GcfL^Cv~-mD3P&3tM9@qw+tvxD+UT~A
z5bLZ!X_wLf_NuYEQ0p8vE@2Bc8+Z1J^qGx*th7h3WGCV~A;0jMRH8W2l&j~|F1o}&
z<`e;OJ0H4Jka<KLCw*r`I=>SaKSRq7A76;I8|WhfdF5#@upfuhqJLAm$VsEQHI(+=
zSYVT6&^*RQ#T_eNEzLPHAv-8(LCeBcBEHE?!U-$tO6W6GB5$KMUx}@6%l!8I&S2ne
zP<PsU*JVY!3cYTRN3sd?r78ZlxXe^j(*<1g(c;Clfvuy|!qTWiclD2|EN{G?|6sQu
z<#v*kpR*o7iziAKsTMWPM#9y}TW}}4N%He)4ME>i_*RpIV;kM&U|#GWBYl3Ktyy7@
z<bp+s_*-j2r+;(u=e>?ZY1FH8o^e@2C2o=i$No$cO=j68)&2xT^wpXK>k3NrYH6No
zzULM_1`t__ShL595!HMmx%Ct;ek%)3@3|SFRjdVxtz$@X6;aTcHj~vw=W<VbwwXU=
z7eiWqL1)u3L&EGazjnm4g<i4h@4*jnS_S{?ElZW8Mmf>=qHK;sgt70dJMvdP|JnQ=
z`y^X%!xK6huSY9V`YdzapDliRSaO76+gZ`EVZf|&HSS!|J{w4TB0`w|4V`|Q;Zjfy
zb;Rj#=ro%<dKSDu6J0K3BS`O5dZl%>ExE=v+S2ZYZsE~(;4mAy;1|0h2kzq{o2H1c
z_E&{zl=5r@6;)+>U$_OKEPI!4A<!2k;J!<3pKHZ~_RjA9=+)MveG_Ld$=omHUH;0w
zO!#W2Aa>IU_gJIH;MKY%9`WdB!vS2BqjZoJab~TUnCg}VsU5nVsaBIus{KL+vxjb~
zL)&uLm{npu-;>$e5Sq>7raeE4`J!DB=Cd@t>tG7Cz3*<f1I`vF6s%j3`z0v<%6Q(6
zSZfQrgMfy$#F5W1+m77K2Ex#K6N&p817~7sn%cdaz(`o}oXziXtc#u!__7pq$VH{!
zR$4-~IY@0Z?itfwMR7IRNz}EC_0a6L)n3J_4%NCln*yq%l$~RlI#lv5<*ufK$9|ty
z)T^tTsHSdN&={kxYfj|uQGD(i?hBt7mrOiiIxxb;@F+UqJhW%+2e2&wR=Wr3Ao-(q
zj-E5|q12F4u&HQNwjq80pS<UAnwumeK7g#n!zFBVmLz3WXG4RY_#f-fyBqEUX4$5Y
z1<g%3vkf8j2y`$`*EvqtaX&o-OM8M4-aI(@%zE`X2e!=jhrPt*Jt~F>Th-jZ3VJbC
zoXS^Uo1enx`w));IXbn`<D#2r3+WhPJ007DR|J|9Z5mc_${vD(X1T8N>!ND9C&W7g
zobAHcVfjC}2f~CD^#a7368|JWR3;dyb)GGKf8|-aQ^8njhcH1&2s6P1D+l~CN`d&V
z8Y$KVWPs`)PzjF|ySa1p3M)}F4X`5Zuy)?GvtMd~kj)C!b(Ih4+!$(|GeKxd*wSbj
zGeHp9Xb#uy7;EX-uJ0PMJ8~Bs@q!$6wl{G!B5chjjPsS+++^4b-=MUmUU-oit^9WM
zk0BLT%wctJuj~7{BvKuhpWvous$Bw|P6xkbRzqW4bG!${koIRbY2h8jy4wNVuX<I~
z^Y=cPvm2m?0a<9Td!mGjqmywN>-aTCcb81pB=&522Fv=Hf9wcPr(v3eJr7jvwZ|a5
zjE8m3w6wR7;umQGQ`n)@0@ZCR-%-Mt-y(AeDgkjMr*v9ccFGgC4ri&?tBtRO+QeP^
z#~$StmLQcI+E$uPy5Q@4<~I;bwJ^J3X)U6H(-TN>Dlw4wQ8g^mQ+Dp?QwizVhy%;J
zN3i^VqebjU%4Uv=`ik#lVP^(zdN={*rEWVQ5@%{m=};H94stmg@#!;AJwl49`7>!8
z9yjfKL{}RryQBVXL<*=m3*gimBp(%C9Mx`Gsa$gY8*1_p&Yl(Y5kZ%OM29-5P)ev@
zRm6{9T#@WT!t=>$RZuQ(GzZ}(O!s!>wEUO5s{*%nH)p-89G)!#R@lS(VZ$VY#s|H>
zZe+opBiiyM=F^ymc0tsY=;zV5X}O*cWWnLViV2)%h<cJ+Vd?$PL4|l>C~pK((2yh=
z4Yx?dE~&xM`0u~&mGP0H`?-;Lf+x9%6$N4^xfX(QZ$kJIuUgXgX9+-gePJ)bAl>Bh
zDb|zmv8JKpVeRU=#jh_BRR*XTSowhvi3;F|_ak@Y`2LI)=gQXSn}ZL9v7O9lWRM|_
zu<RCVF>GXa-K=HXF&&I&eoT4WF)fsPeoX1xj!2#-SrL054~J{gr@Vd7sOj7WmSMgR
zw=}kVO32YjWe1o2{Efp!jxX0I8gl}UPkbI2oz5|k?dPQXh5BvI-CSJ`S8oo7UWpEW
zbOafnNp6l?M7x(`9!U3F7TTO&Tu~`6G2-JEy%NKB`?V)7L3oB7_L?16!R&Vijtgh5
zi5O=GbU9x;lz$TcghXPw2MLAy03rSfg)KA=A_9RALL9>WD`5afXnbE2l?AHr3fX(E
z$UHhM6P~v=dcPua-rbXQ-0ZS*i`mI>D5h!a>Ceu_ec{fn!WiS3Qe^v3L*6@Xq9^BI
zqkyvI>Dhb_e6kt#z7Jea(}G;{lVb2)@2F3ud4D2wdsTxo;!w;>?<*Uqr_(z7ulg=*
z-ibRzD+g7nPXCbX)A+j!mnBhN1E#FP#-vt%NwKnQf>=W5@9b3;H;w^pq0K)`qih4%
z{T0UuYy%H$0~fmN=b=k|D)Z2gJO_5nYG64|;ULk!-9gX@Lk>-q{NSR0hy6e!y!t^U
z05LKqvKMq{8kG0z(3IfUp(#ed&d69k>g<tC4M>iYKvplzKP)uWAUp?r5+3k5P68D1
z@HtMu9P56%4F)N2%|k=}v#qfFyRE?gM*0T?8>L_pVSx{nLj?T;)S&o|jnMv2H_w3(
zCEj`H&m1R++`mw~2hF#@r`92C95YcRiRK~f{&N%NUJtIGV#NL3^9R%gR7(*1DqRIN
zMZk~ZDhF<5erE{FRrjf=n<&;_&Hnrpm6Wp}tDU+CPs2gET=S@7Kj%>)VYZ(UU|_a|
zgLtW&)?k(P8L;yE^|6G4c;}9k_8ora_v53rUqPNnJv!m?2ysS8uFd@LITTU^{P>m2
z1?6)Hf*JM?6{OE$HON2Xc#udeP@>TPR~SevSP)RyUIY;d0}%fXe1h;h=Tj=6=2QM>
z8MIz{{LT<xk*tH}@vwZPALO*9Zl(Syp@!J_tw;0rPYGPl2lekt`P^MsUY({w;Tpaf
za-+RI@|kp}v2wIGaO|I2Z1f_OU5a*VQ8VrY9N*7q?z7eI;d%L<BU{1)Edk;p*fmK7
z*`vOkS2(i9;Zcw|lBZS=FFjc+sZzcc9B1xcit^ZNy&N>)ht)~L>jTXhOHr$~@_j|j
zo!(P0E~bY>K(Z2lQ01KcRE_I%jMk_`z)>MFxh;idy8+_ljB?yUCcL83Lhkl$lYDe#
z8SMCYS25{RYaRJKQBfq1ljEns-Ri1OmkRWBPI8uRCHc)d1T{LeF48WxAx~amutkK#
zk^CuHhxm1^^A6DqQ5d(j=}sj-!&0t1>Xj7!vcn;u#GccNk(bcpHv+GKZz2%CkeET~
z_Y&*&Ovgd@)48{3A-5D=1Q%nQizd)UES!sqb0>a?ic~L2IQhtv7lIdOZ95|5=-icl
zx64Z2D=KTWEWB*{3T?Y{SS}xzseck?S#gLl{Kem4Jm}1Q!&`mR7}y=(j<uHUIcl<F
zdsW+%dxyZg>^Iv;P^{0;EcB{{C~?LX;~p8Nm-QUEV{f0vHMUwhh+b}KZ=;d}lWz9n
zRRt~g<f>j)usd94Z>3Zt)N+}Fpj5;5%Vq^OUx!$!#^mDX3XED6f2Bt1g!hY;24vmW
zcZ_EGnWI5ZkAT1b;_p&qv1^NP=__jv`wOkCs7<JG;zAWmCs;L?q=XbS=mqXV{oZ|U
zVa_OZbX0}oIN9QE19Gb@jl)hlWO@K^R&uP7@bDXvN=vr6U2s#r#`9=$Eo{hnx>6MP
zY}9i6s=TJt+?VytcB}u%nM#_)04OZv=Lrx9N{+2=$?_|hi3V+7W){2b`*y>>2P}tU
zPt-M7b#ToiReq0fIO;lI<Koc!<nsF87Y@R1Zoeq$tO|Q^5)NeP9s6PBSotQPP*7a`
zrG*X0t+3Hzjvit#`|vTY53m!UH6_JV@RDGbvXo8rw9OUQ^n_25?29RV9|~L4RP+_>
z#51Cd)Ld%6a=;8cqGUng6+m_(qc#R`_4N@0-5JH{cd-gM)s03Z{DptgUI?p3+@yhF
zxW`Ykt5h|OBp~h{cE^id)ZPNwx{W(smQunjnyBMR6yoDGSghnWlqXS~Q|d{GOVA{v
zZ5gRLcsor$(lDA5d9+AznfVsCuFh3I`}%(y^zr(71}iKrLsZfTm#SOfZu~}OxOfev
z4ckZBStNm%kEyl-K9}O12amI}Jj@C>Hz3?BRe)cj?94>PO(1*nr54^b05tMj+f>hL
zBIB?wLK|Yi%z`4y@WM-QB~B1_%j_Hi**c(WQoR>buI+0}7s4zGRy<o#=*A;4g3*Fy
zI*Cl5OoIaa3c=@pD_%B7f}|AE$c~aXFd)U9Pm7NP`u(8{<~|S<@J8YK{_)P|R6wDS
zAtCjV3gYql2PoEN$z>bdQzC7(qPpj*>f=)rvby(TpT{oluBp;9EV9i^;FP;L{W;p>
zwIp+;i+cZqcOu#)eQ1B)L)t~~3`|)7j%ZRi1rj9kk8nBIfib0ZoMk7b=QJz6&VFV;
zYmg=Ihu7)m+UqQ<XsV|@hhCGeN(OnP(qWx#uM3ez&_Y_#c>XK(=H(Sfc^z%ux$N64
z*||x>4~-0SWpLsOSuCfh&uH0d6wd~z=T#o2WE+tUX_3(U<XEmkMy{!q)><$h%b%!S
zEO^0S0|a6HX`n>G4R)l5{&L?#O^^Kbf0#H3n3oQ&dE?z74Y=aWw+`rdWA)#)-I=m?
z)5I0E(;B*DlT>Osw88d1OFu0{o9r244srz;tZU7&b>xiBA7Af~J=-G`J<ltdMtTj!
zV()h<d<x=~*$d%oSyofV&2FEwu_q4o<WL^5AL6J<c#0}`f4?5JW8T>&GsSO<=eg_%
zS<mbb1PPs4@^Z?dygtyo^(zdj(lzL8%Y<s6M(XH55;lTGCHJ>X@7SuxI1O2c%<E$-
zo~N_qE2SLA300cAg%XFg(gRUUl?sq1^avXx7ix#!G+NQ4TkGZts&vFS*?SDrB`n?T
zOi^*kE3>g_I54^1e+Of~WRN0vH5<2Yk1>Y*ngPvz7H<E6#;mj7p!;V%at`~1bGRl9
znBtc1y<Sod3Fnbq<#~A;ZZEuVgi7SJ4-SPVv~PrZJ7gxEcv+f>nQ@fhBf6Dl6tl@?
zd)*;_G;=wb_i*}s0tAx$3YJ)GHG@hgr@o{(9`$_MIk^Jq#cN<AF*YB6s*YRh_E24O
zvK~i%q`bj~#d5h}UKmpKO^HNWK-EKFwoxB~{b}RVchrDz6@vSCcyblT|7YjqYBL#&
zrPgP$8SH6JOCe^hIAh{3v`;VZntyrV7B_YX0jv{u{3ZH&*jD%P_2-|isWoN+V_MGX
zE}#*F(qW%e8uZ>t6ue5Up`p8>qLX%P*B_>%@trS~gPcV$*+T}?@sfwkD<BYd@WKt7
zq73{1c2K!d1bbf@1k#1`*H3Id+~4y}KM>5Eh~7c)#{cum3|GQWD(?gYvq4k*F-H4I
z8ByePxQ#<v31~&_bqm(kVXHn*TVe1!Fr@)u4nDXI5E`!XeE|@3ymh+z4Pp><zF$cZ
z<-toL3B`xUmuYExws-EuA^{R%44bA{HnPlX9~4Se@!D0ojoUOA#k{)16a(3pmOUfu
zSx7ZXqB;{yLORgJsbC<*sc^y2RK0P1hp#z3kEVs`KHjHt<G?R}w7M<(=j>k*TGU^1
zFft0VJnQ_nA-bJkcXxE4Za&WOz4#{1#(vvVeXql9ZTo9MF(+qph<_)o=*r;t3xXao
zMp=&-f7vjc@4*xEvBYu$y$_if;drjL?t4cM2&eU7ct1k88J*rj!oec;K=Hm-HD8?G
zWcf(>YK~pHiUJP|2nAk$OwB|YZ3OEr0qSk~Y3vhSHhd=Bg`I{oK_hB)AQ5PDh0Cfa
zf~m}h(FBXdlhmn&>!Q^FlcJ$zDtGkH;#t{1w~(_)nUsCd60!*<$~Z-%gYeu+N7bm)
zbw5{;@q|+SRO+<h)GQ80;;eM8#7_6J+hD87@7ha$JQ6;!5&$Z@vZojIYB*p2QbS58
zCgnMy;_tu!;FIH6(cbrG+g#dQZ*5?&?FWD(AeS>>7FRIl^lqf7F3;a1FOHlAu<by<
zRlB@Jv<?IT+wypX2(Ecf<%i-(oC@*_ipTqr<LU@|V%XEsYo*t{E<W?uRi8j?lnF#W
zj6p~jT4#EG<Z9`$t!v#sIyWXCrY_{EJK*)~v8{7Br4&v^N*J1&ig*Q-inzpE-fgAV
zUE%T1pQoAgnT_;*lV2ksG1foov1UwqVQG5thRqO;&~SIa6*((;?Or#ev5`lD>{h|a
zZx3sM9!gX;lp0wk3W?#C_TQD#!0@K+7Cx5G8V}(WfLSJG@3yQ4zHTy{a*eiPdf)W+
zrmD*)@KS))?-N+LF=ZdS%hIA9-kFZ`#;VI*VfPBJhF&c7)|evJmPs!~;x4H<fkerj
z-1`A1pV-yiTl6QIWK8cXENXqTr$&2GYIza2Y&XT3OezuR%{IY2<DsGEe2YIis+2{q
zyL<%+dcbxf7Abm$0|+giF>-r(k%9FjCuf>0C&RNm{}?=Yv_*dJc#KQf^nK042rFTx
z6ehRZraRv;RQnt1#L9n)$@TgqF5LGf@5SylM`}a&n%)#7FYHTrp5A~f*=ALqoQ>bu
zvetD7E$r#Ksk{BFwz6VYO1K@P!1iqw__NTJ`xsoeLgt{Q^~Md(y|Y$#e|LdyX*&Z=
zwKP0pK|bzd)Wb>x5Yr^{LNg%qnm+<ia9cnbuByJX=<?k2d8s7xuHe;$tiGI*kxHvt
z$b1spah~i6+^gM{`0GEW$?4&g*1${O8mgY=Udw~=1=>8**kt+?*NW*DQ8MEY^J=|>
z@5V}fDWD?Ps8l`-Q}1!-nNF2~AFfq`xJ9ueI!<KrC1O8wkITzEY5}OguEY+Hl*&uQ
zwlZ<BGy>jj4)4@^Q;qpz)>hZxY4<Y_;C8Lk%wpkLf2`a`3!QX!rL6Z)wI|V8suR~O
zkIIc(CzS_Y#B*h<E(jo({k$X5DK529>DknJm$0&&Gq*EnK_9i#4TokvHkL-M(Yp9u
z(|naw(m7`CX=?Z0fb)z8>&D8ZN9HZ=fRL!fSA|-3(aC__nRzIefcs2JOKy_7%&v^@
zF_NXoIGbIA%R^HNZ$AT#am+W?gg~)k5GrUajHIrZ^(6}5L_uyonr4$VTyTq6IiBLR
zIwCeFH4&v#_ap|J9P%^naUWzsL@Id60LYsert*vYpzJ~<3R_qq4sw7qBYmf?<C^wQ
z@3fUjiL2CkW!UXTyzs&xGK+*GZcc*CECySPLvAqo`Je3cxxnua!TG)1Z+w3GDrt#i
z%UjZ&(+Ho%-j>6Uqz1WI>cl1Hqo$&c=_XPE`DM|q>D|0cq-H)wvV#}~g{>^!SF9`~
zZ%L^j3!r^y2}@Dua?tH{rLUR7U&$w(%<|kIHhj+2Z<&_reiU`^PfhX0lS@S5ovKUu
zdrb}Q)57e{s$>Ow{b>2Ez3!97l}<93D{prtr$noGNz^6x^lnYnSk@z<(!$U1M^!ib
z`bW@IJjx`B<N4#Kj+^t81f18)q03|kSI>PtrRu$IY}zW%Z7Mw(C`?X&1h4PT%2(ed
z+AW;InKCuXIe91PNRdw>k8^SIQ}a~wt=!JV-fyMZ9M)04>bBNRwx$uPB9WNp)4MJ|
z9sS1cwJCQi#qf+HIeBf-{4J1}Ga^H#lFi=1iEd*Hm79AC_mfT9s1lX1x=1#jLT5MQ
zg^PRr`s&7?G7E8;j3vpRYnPJGZGyY!wZ1cd=LHB^e<^GfEr*hlBo|ru+$+av;Mw~P
z%0CD{#xbPs=={=mE;XoI&$rpD<Hx~yU!>dIIWpwPb!XY?uwe$aYWU<VI)-nRbcF%s
zcj9f__3gOryPCO1c{3W03Xde_Q)Mv87b}P4UG*itSAgj|WcYdS4fDKZdv)8(o|qXH
zz(Ei7;!%;y{`ErB?qP3_qBv7?c%As#FMHMIl@ulgOSMm(CvMIa2L&x@&9iau5!-iM
z%!|{go1H^Wd_rdX6)eNfoL!s=c~iqGZPhCwThWGem#dfaOtc-jJQ(4a%*3J=UVT^@
zb0SY^k60I-c|1$et5V<Frr?a5U@mDWeWdu@q>B`?BnBzVpWi7>jcOFZ(o2rO?vbX4
zWT`I)is?F?HAS8?PWol&MYrnK8JL2Jue(D#&=W9Q)0zCmJ6g68ogx+8DlLA^H?1y?
zQyejzOG+|v*FtQ2nKIe1GK0RAuj;7VLJyl-g2;|8JY`nQu7ahN>nqiSN_6!~6b;vS
z@=SM~6Yc}n!ccD(&O+h}uC<XlJofMqY5?UGE<UC{%TRP4G9~s9^#P~plY=l<nU9aA
zY*Cuf42xzZQ&n+3^~F&!G%fpgk1DVUCm`NBPEs;O&(3gW)Xe&_iFg2EAxV9wl!v-x
zVT>I!CxP2QNy9nih&;<F*b!OdJna-TripJwKv60Je}lGBhxZMwf)#)qDr*j&1>c%w
zD?gW{em?6UZ{XhLi^knNkGwr=hMMPy_NcA3e6gQ0R|!Cq@UV*ON${&sCA^NWsAwDY
z=v%ux$!^+gUenFG)K_BCru{H|;y+b`MZC&WqZqJM>=W$yxVX8<)|~T6#FZ@>4qGgg
z8%?rH@^s37*$Q^i$UsYatazEps(X&8cQR(cU0F*&$lhHlc952fX-rBRxZvN2aVZ2d
zWf>chi+hb#w`tDvFO}?<)*+YhGj7uqaD@pz@b2+Sl@SsPmgRgIZ6<D@BMS%&KF^3<
zNS?z9^kI>+pU5PcaKdNhNmsltjxvumsBlbfZgA?6l1Iy+;%3#R-y%LV3-``KCZ2XS
z?9l3g72j1Q249>-;+9~%a<5_x4(sS3$7nkoA5T?|CMRH@y-a*qi$_U2YnPH-&y82^
znTZ!TQCFTf;TU{YZN@rC%t)rYa@F_cVFmMQ_SeUvqc@KDQuiN)m&kDp8~068lTlmQ
zmi%2I2w0dQn6GMEOAqYv^89+)oPzgJ_H7q~;ymAz?$H~ZgZD{%agIWAnD1i*c8DQy
zo|m;o$cDOx7%XS&k;LOZDN2OMiaCcE#1ayw6OE8Wigvf=rj9CCob8$wFQ+{u<lGs#
zdbef=VZ_x%kGy7(D%hPE6rkNP1nXPx1zDw^dN6+egpQGxq%h$OY1M!Ft^X;mh=yF0
zE|`<o<Kyf9HS@P>D#z^glJ=MxQ_u9R)sl<0*1)CE%`=hyYP;n&PTIdDQ|DbB7j+WU
zNx5C2_{YW_GidQ%-g4+pG&1iCeOMG^jpD;K5;Z~Wz@?>Vy_b>%O@T(YR|3z0>*{?k
zzxUw<54!7pZ&X*ClldQM{b>0$2LU9ACP!6HtXB0sIcDgpK5NazSsp5G$LBUPZ|Twn
zaBSA3aShim_0uBEm5Ay}EbT13OG2Lm(z?KPITJX%P5;S*05Wo<=i8_=QAk<|GZd%m
zOd4&U!|rtAcOFU<T3^#@ghAu?Jf3;CNQX<qOFN&3wvdo-;LD2Px0loXYjy&EuaBXt
z_mR2-@dEVOQE-V^Lj)242);0>xmZU++)zF2H5<y;SN^Tt`1C;n<#_bB_NmxC()64b
zp<yJk*>Tmocmi-t;Vyi(WoU%G*ocy8G=g8Iav94;20fQ*;j#{M#jnjr$kdsQG?7vo
zzfNB&)N?v&SeCQFwn@al7Id|fa~azlmbt+X#~Ds5AENmX@<5Ru^ElJvt>*teUTa{F
z7IqDqlXlDmm9hY^x#D&2u>tq73E)<kq&d#mDsxR@?d5a(COZKfPoiN#PjKZX4gr4_
zL|&c2Ut%O?zxlT!xG-Cxich7*Hzn6D54lI)0!=l@s&N=E5leA)>UZBag_y9(Nz}+)
zvSOIgV!~Lch7H_`Qy9vPgtw5Wk3RMLiG@lzYbio8lHfG^xBMszAA}<oPyc*tk;^8l
zrI}jK>F+;%3%-1XamR11<3{ws$Vl^(ncm9$=};?_;b$O_Zq;reOQYhQqu!z%oi*}w
z=7N=jz*5Q9yz~6V?EC>|;R(^7AZwU3Qo+;E&dT4;0sM32@Y0Y5qh{!P>Tw%>_Wt!&
zfbpv{;O%;;`lo%)7gNOd+t3E4W!|=+052~u|K}H@V=vI@87LX>a^bt+;Bar4r_g6v
z7dTDk;_))#1=>~r%teanLy?WGz+af#6wj+L?>{@`>&fXhy|8ETyMCoiPrO#NFE<-1
zh#_KeT^*{0g~WB(cc}%dw{9<f1oiO7itjC*l>je>60Y_AakzT!xHyI_o9p0bYykNX
zBo-?jBJf8}c^!F$`HqI#Z!g(V{@Jcskuj#!*9*7$pWXhP&~<C^eKC4!=m((K6i6QN
z$>9aD2=_L^>-N*w=SOs)W+5apOA@XPS;>7_dk?pb3RVo`r8R7Ir03|2Z3Wo{HrNF+
z6TzyG?Y|6ZDw}Zyo(z_<oeSNEU^H0ze+F7wdAN3fU>({z$23z@>$({>oo7DmT`vUC
zz1D1muUaE}IUl?{O;#Wyn2fbTeh237t@@HAiOlTI>}{C5bAAQ+k&U@|klw5TW^1=l
zsTD9#_}y^2BozfUIqfD$wMZKwlhAYciQ#fXaHiQ&jl|8|*r?-eK>(Pa6}gZtG>Gxx
zLezdduI&Vi;PC)rt8Wv)fJ5Zil>XoGh%XQoD#Cc&F%FCIVI&tRD-QQAk05Bppvkw|
zP#=`@nf=NmHGu@P8BGg(T8}9jS{9_(%=O`8nMn6Bvw%io6j6$o`z9j!EL3&rXlBy5
zYMRwp&$dI(*zRB|V4V0ss<GEW`x;%xYk{Puy}JHHG-i=R;+KuE2ngsw341pO<sDdk
zHY`=Ov%+qp?kXU8>O{AqPU#ZYa*nwDbWr0|D+x2f1r`PTm)q^O<e7zo=wOjs(A>5&
zJJqg$m+L126?Sdpcke5Tn%_jUz48fuDs1{iV@#3rds2DLqTSKpTcHm)X0dT)nn)0I
z^HyOmXSrwvbfxfYoQ7;kU0h*mj@|k3WRFR!uy9p$YN#VeHCwcLOG}uI6&sKStDQuA
z$O+bH7NN1Uuv$wrEk#qq|B5<1iyfEY+{w>=ZT=2Sr+7g$MuY>2v4q@+<yvtkDyWJi
zqzXwb2)Lu8*4VCGjGm>*(N^3|9JalTer>qE`w-PWxBB|c{rGNX(OaGSRr?P8h18Yq
zDo*&4h@On{-u*QWGe@m7Qw)B3pX@}SQo2H|aV*9)YDH;y=*z&gkwlD+>4at<DUr4k
z2aD;lW)HvJuVDg9qVEd37vaz1Z&$p0{B(RVv5^}@ITfmyZ@|(>f$4BcDfA!@p9!Pw
ztRez<G%7y}V8yGj4$J<5JLaO0Le^Oz5R3K&L%bp%6U!O{yqG9Ub{%wcmbfkET42g?
z{qqAA@b|a9xh&XJOM*-uXXz#=VTc<)Qj%m#+z@e{po={+v$onv5?@G8C|{hCI8DG*
zZY_4r6Hd;7Nc4uF7OCr5EBea~o}}0y0a|O+>V1k=$GcfLm0kOe=0)&+&k^uB0#VbD
zxo1cNjy!?|q$Q1AcEb)~!tjp^)7^^(jU1$%qr0)2GQIEYu^orfRFa;7ac5R%B5Y@Q
zt3a(fvwUvG9KW>bpPOIJwSD1eSCf{mle>_aTNH1jZlkdshHI@cpGa6;tKPlbO_q4K
zy~gYW^0Ke}5jKu>hv)v=oh(VpT=jC2NEYQHR_*;iGU*d8e6vsE$df;k&Bnh_N^jdX
zNvXUS+Sfl@f88TcdkNEiA!;PGrVS4A?7L8xo3J{Ck&(52E>sXr4%vaxn_s9z3o(G;
ziS8nhF8!sRfPI11^~(xcKYHfala^XkX!$Do%b$0w4REpip+*Ut(1AF%jM7L*B~Hdd
z$(75EPB>^_!60rh`wlHsbHP+IK~xj8-Zg4D<C%XW;fb0_X?ydRbB{#Y^4L`q9KEW0
z=Xv{SU-0`#@asnKbX{ID3dY6z;pNbAZLcSEzZ{_M&(sRDKcl@};P@H3HhA4vO9DyL
z*MY@FdiO+HGu<k1A24f9gFOO8!33$!j3J+|@ItZD-EhT1uRlm=`7trCoHNjm6P8bD
zHjvh6Y&KvN)$M(huvldhhIZmce2ugBXx;Tu&;sUqqKRcSdn#N{QD5}^@p?UzHrD;e
zGaG-WfCIpAX{)_0r{>;yT;=-b-~?TTiT2@TCjtQ?2S8eGa39x%=x<+RD}mZ$-10II
z1FN&Wy-*5Pg}&l9K${E0O_q^VX#8sd1Es;$i>g>&C}<EmOU;gu#f{$E^rVUW1U*Ai
zH^@2!gid97R}KrODA3ve?l{L)JFYSy(?)E}<L3$^<mn3|h5Xwlukk~A5nIDjK$I`X
zRYRxon$D>vD|g2rrUU@-g(7F)|GZXLrFELTq^t93l?>Yl97T#_NlmvpXGf8#BsVy(
zphnpcGGLYCdOH?iZ=`nSZRN^JMsW{b3d^<&p{FEuQ)V_Mh+MX%)MAma5$1oaLwrE1
zoeOYVGUWnR7J!qo+qTE<@gT)&P4Wt3*o}m_Oql?WR}t~Z^!}nrJ&4}-rVI6tdZ0D(
zK6nt!QpV!eVrnT?&mDONhlpPeSVu0xl|=$tL4EWZqaBcm+mAu%u;X}q&C-*#72fC>
zGO9PuQ9{~+7EC^wUauD<S6YgGU!E870L$YAD*r7vttAOp79?9ZJO70+TMLrzPs*Rs
z)iRQV>g(|Wl|dd)%J}|j|8}i7ew!=~FGxP)z9^FuI>+bI7G0f++vx`d<zTK-lBM@V
z5|Ux2@Z;bMr8^9abZE^fp4sBWVns(39cTa5UkCW;$bJOoBnsBw7NHx(G9NQ_r)YmW
zQGDvXWLr-L!m)mdp$3#Lr(5?T%0F_yI!wCtnWibq!faT)_mkxnXPGwMWgjiEW^t_D
zWgWT>7iUxm?7`(((*vBYPBNJr*Bjjv1GPBiYRu93O?w`n!(n@^IW4+qTvOg^UfXCH
zML}7kWe1JM*u=ahi2O-U&}r?>j<R+|$eUZKutI=33g2?bpKTp?1#>rFe61=$xetzc
zl$Pw|v(;HVc@Y86Uzg_nq7_bbDKWa*18_=y<9eeJM&;Zl279&UVCB7G7T`UjfN=#b
z8HYc_2h?b>C}1v_QF1C^H$)Wj<EXkl0d1o+6k|hqENTaxh5GOu84Gnm72SGGho?Qy
zhB-8&-I4W&K06GjVcUG{*>K-`g-J1GxRq?SvCBr@tJO?u?OHROC)z;J0hc^u;wqwh
zylY&J{yhy`xjK$Jb32wHT&kK4$4osY$pHDuT5UL%A<Dm8U*p?NfTDDT7h#JD=D%NK
z^LOc_E+=mUO?Ok!0%I3n5?Xi7bk2f?rlrUCSOTN(@0ewOG43+6AB6-)#_lNzw$r&5
z@K^>Syr{kpip(Kq|6rd2VJY8WTt7p(1qO$JkWFPglEYJthw@GP@{POlFF%vO$WpE`
zgkyAWD4=qWjWN0)wXgns1gQE4oX^Q3_*VAaX;St%53rZ5&}uB)xNlyxB+EF=^@RCY
z6XJK5KIkrNz}D!_VdLL~!PKH$n>&~*CS|Gvi6}%}oKCQa=TtF|Y`rCqRak`;I-IVY
zF`$-mMu>Z*Z_+p%1p-f@J{wO#nVhKHv1nt-Uzk{9$s6sedZ{61SpRxtoas+ap3M{X
zy;o30!LO}neo)Qic^Wt3wfHkn@>-~3<RCI0MGqCk@+YGY!<Ch+p)ajHkVTvbHh3i;
zWPD(vIR*#_6G8R-tt<fV>Rh8gj+cOZxnLmeTL3qOu8!nJ7XX6+4N9|Dw^#nY2Cp-g
zgWy9EL=uQEhZKkLS&L$DCw&NyRB2}K4e2B&s-&V|E9jA;7}2zlfs<6+hy$ILSVzw9
zPLUtLTuH08K6xBfbxB@4dw6tpnPJOfe1NGd)*ARl9T4kZt!;dcfnHQtv-HXKx}wn<
zcXhUnE7j%G(9JVPcZIU^D`!9`^XfTgY7aXi0?gl;T2nnCq|f1)o^b(qnT8~TEfFPB
z>puq@ipDyifhGn!Mdqw{$T^QsAv4~amlR^Y6GPN<qNO}vUB4w(CV~R3RI1_BBagkX
z(z#Nc;(0i&6WC6YLYGncV}6_kTRbB_hGwMwhwi<xQ^R<Y@(xFAb-6`y2?pT(jbndu
zjm#m;MEM61CQdr_<vo0IjX*|xD0(~Zuh0U*J;KJF9~lB|WRPKxfj;8Y-c=)ZWkuv~
zKgTQTWS}GaH681|UuH%Ed%i6Erg}<8c%~6)p}=!NyG`UBu?vdPKkjOtBXWGQkY80j
z;&+OV!Nsj8(F1}w=~jhkATqCB$>_KlRQJ&wlyf1q5&D1E?e_FSC|T?XO|zPy?0dd}
zg7`{CZMt~5x)8U%p%9SQN{ysiI8p0P6}V3Ddvip5<9gODG}^^RUXZeMxw~m1!W8%^
zgQF5>KopNs?Qk|Wvx1}}ugg80YIGK4)p!YWRBJP<sOncwggZzRXP4HH7G_~%ued4n
zroeBsyE??DA#>J7>=f+$K>SXoU152C`r9NJ@I{Es{iYn<@1=y@KKHYk%l$F>$`(N-
zRGW%HL%p4HjGne5%&5~rp6X@Z*{7^^-IO$B(&L!r1fhv{VRy~otiEOc62aO@AvaMl
z`S<Z${_uyTp3OuA#POxC*0T5D$Hxl5<q@N!8#D$+GAN_|cNV)ud&8qgf(!nsD5QZ9
z+(Ww_1x7t2?6}?_n6#b|sX-upYJe@Gq~NRnYfan%8FX|{lVvD)NmpE*6!njTUs_G<
zitQ$deI1JdbGwuJ3}cr5lG=(m;xe9+kQJOZ+OrQnocOf7t!4qzN_ZWg^y3>_M8;#8
zs48St$MkjwX%IobVroK`$<nAFkC)??8xx{bC|_*+6PuTw@%_>`V!K9bEC6OenZGeF
zw=^}+!m-qx+XFIRN<s_olMxx~P|z2fB=S@X>pTTx4HpsXk{V69Sr*~dtUHXi7GUY>
zd|CU(HwZ^(9nS0Z^NpL2A;ofeV>8Ndk>y{&TEgv*>1mZ^TvIZrY$xK}kPjCnD@GqK
zCG~*F=>fwfgw7ZLv#f((a~m%C{dylMD|op0y7}+a*nfUo9{+Y7&EYv;Fc<b|w~rvF
z_wL2FKan!{*Wo)~B))8+I>xs@6?pvr5cjht>ed)Xe~0{Y?Af9#p7zyElHJghhQIUS
zCyw&#!K8ZipPxYjT)~8H%np<7MD0wc#_1#OD*S}b4dn_HgrWaTJEN%sVsB_e>a3w#
z+9=fOCmC<wUxHI#z5wjjB{;T1k#g*Vew@(u`a(c_6YRO_b2QrOYwC6{bty$mKe)D`
z%eL!!0^;>v{Zt%F0vtz1@}LVa9TMJ5cl6>}*T;VR+3;-MzBh@L->;YxUFu26?p&!J
zqjM@%iruF<0};Tx(~xR7rllPd7>Raa6-?7sin}2;YAY<{yEVP)`ZOGTL?T+`{`#SJ
z+~si#*maHqQJmWD2@jn^?lmhmM*2xH%_WT4ix~`7pxzT7EzI;wQ&*U?+iA*QS-nvT
z6Z{%h<hJXLeko|Cbj3}%fx82Yj3tpI=tzg@zD~!qMSqLRfM|%H$Ln)Ijr30@bkjhI
zQ7H6|-Atw4#Gg$%xx0(dDvrIg%(J^~&saCF4}$ICSH2;|G4TF5NROPZsaiAZH!ii7
zX_}<dHQbgo*`*O&CE@a02MHfpZ*vY&4NA|U(#6&oyJWfCE9RjaE^1WI$v7_j?3|UU
zig8;|>po6DzUJRXN{Qk@2IjYa;b^zfaJRu=_2gSD;=F{v&YmLX1ZHM?x%fZ7Hm(%~
z13Z93cwa||mWBX-m+!ah>+7ed_rC7GmqRO8gnu{6?!>z~1_J$gK687%n3KmhHZc2s
zdtCikZTyn|gs;{Bd1SKm5)}+C72|9~#~HYHDxg#d@4Eg``6otijqKG(`+CMX?@QvP
zVubnjMy+aT&$Eoj0U;~o8$wgep`D{M8JRpdhRi``Yk~cGBNz#>vZ1`GPG_@%%Go!Z
z^>71b+fP+f2@QL8d|H@PcqIEBSxg#(N~7sFxM|7FaoubAsTR|s%=xVaj6p+Et4kJ_
zRVhNQ%(2%ma!m5R6LZ-rCaneV!x>R)579QFZk-?QDa9N1diPAghwaSa#9!t$ImlNN
z;_i}dG$@WQC3gLwU7{J|qu2|g6<u`#ziA6alUK$rA<PG}a|Z=wmgAa3#4}bPi@H53
zB?51(IDafivpc?w{T_9J3S$#wD9O}%L~hk<6zPkMsS|CU|69}1-*};agG`<O%dha7
ztA=K=UR`%V$-9C7`Z7Avb1-r!1o8JG1W7HJk2gZyode{3$`gXBkIhbd5BSclkK-E|
zxgi6*J5(TQ<A&15pLUj==Wz*QVk1&GmM}al#n=SH`BUlmj6mg!7CX(=`qm~NnUK4F
zI6ZDf_3uRG&PgUcWu|6U>F~3&c$XeWYq3|(+Mtn#VY}bqypT$?0|J*h1~U`ngMhhr
z#p1J7L=LB7uC?8-53$*xokJvw7_jnn9w`Ve;qk0W5NH+qE`KhYP&pa?XmtCb=a&++
zEPp)r!`F^4_wN#dJx{QxYGw@j(~#{duy!LPWJ?7kD3oYxJ(T^*e4IN!zm!(jfr7S&
zJNmv7bX1;vH}Lq}gmuv=4C_jVPTZUs8*LBFH&ssdd&(DO!ErT+wKer2NALfKU3==$
zg#p?H-L|>fwyo8+ZQIsr+qP|+PusR_+wRGHduEcIIojuMQYTfZ+&`e|8dke%p|$`=
z5$UNqGYST&mLj1srDr2y9R_zjjRglRL^=gjNLz_(6wI!U*|XVB!EpZCCeu6gh9sxJ
zp9f#teVPjUgnVTgxcjl_E177{t76;OO=|&6XSmZI){2Y2BE-Nb(9*q66%Y}BU?0BV
zUf5NK7UOWp`1ylKejg4l>{ow%zT2YI?df+D+mu+;trn$mLfUReOo$h|j1B0Qaj(?;
z=P^sVloiz>oKTtwX%olu^VvcYBcQ?U5ijw3pfHs+`RH&ojl=NXh!{o1#NVyT9P*=5
z0$cQ7_*<>Yf&N--S*_~JYlk`JYQ(lTWuLz}4S73sSh;Y~$$b{mYOZJHB~PB=3o<d_
zz4rl2*6!%)|MXJnle;P7&k$x1SQ@yU6npsCJ7eOSzw8Sx{FseHp7hv@@&{>)2icg6
zpBz!c1~2=upw;7uO<f8(D`<jvkN{@{B!hO#h!8z$El9;UWZ+H)ci-Ghnm+vN>EPKN
zQ#&eh`o<|X5wfD;%B&MiEfvE6t5JyPaNbAb-Kj=GJl5b-w-c({Qb)xkWmpMq#5Q}+
z(Vg(_Fl?6jSg@*GEf2CS?=&R)>8Jj;0}mzDb9oT9bnlGMkK~2KfZ!`qv?_K}jJtnk
z2p~H@Ej#8>wB41i=zV%;ZFHZ}S0vtc91Khs33!3C;W<$lE~}G1-X}qtQi&mG%d-Vh
z9<8w)4*94|uziBqK&|iT^frBoNDvStLg`!=I?3)v%b?n&hMCySL~V2?=g!9U5N-=r
zlR6nIUYQ0|MQVP}es#rr=G43)TmNp9dEn<W@i@R?CP`S|Rjk0%XpD;_Bm;k^hQkIe
zwoMuWht=2YNEsrSy^M6aNGR)n@pC5ck+xyW)6SCsXHjnj)qrSEp)679)buvPs%2mu
zsUE{rHIde5*q=orSAHWbCo&dnjL@rC7&q#Ey*#KUAF()Def)#)g1u<4j(Ew?)wMq#
zqiBK|FeGXe9C4NlCat7fF$DH7|I=)!N>#r+(=qv1TQL!^k_&B4<9g*Td7D!+=rC!I
zZcWZKX^%KXE1WQMb<g+OKiz4VnW{1>55ugXf95yfM4>v5%#NddLpjZwg=bg-&GvWL
z%+Euua*ac$nShDYG!yISgRM&nhC{f%F<gW$hm8a^+IfAG=9J`s_6{?WktKC+5gxr{
z>&kTjYM?re)N99BgiHID66kL(a=B3(ZNiH)hjP2e;L`vdTRb7UZvBK2F*0rrJF?71
zqw<__V<tw(ubvv*q2g9PT!j8|`d&YkF|(DCpG>~UZ|2An`OQu@Q^sT`KY2ToAFuHQ
zvl5jWnv=3V+d_F}(hbn3)v3T>7cy%9XdlmKumvhufntozvS{IVo=gS=Xa9}qLC@S{
z2Ug`v*gtia^;7z&=qyKsF+Nj4nlYYSJ()&8K7hf!-{XucsP~v~30i6jO$KwufYM|f
zWR>c`m){^h&4XTYei%J-bIOBm65o~1)=43YlTb2o0E`is{x$RBnaffm1Uc$OWG7$F
z9VBbrmsN80+Kj^z;m>XfE0CsP1Z_Oc!x0Y0YXsUtDR4~NEnje-J9TR~w(#8)!^m;o
zUijCDAnGwZW=YH=>?s+SlKv}5$OP9r!on(~%mMhjAQHcaNovCp4-Z$1auS*&MXxy4
zGS-=yW0Xx|`Q_0~z`I%>JL`8Y7JApOPNEHC8oxE)aBvj)WoDzz17GEY{=F)NIOfTk
z1-%-zin_%B0fE+a*b{mijgM)nPX?bOe6Zt|qmPk{xkP8kZPEG96{eA?NQJOYSXE3R
z0}cz^w56-==web*_fw~REyG7$P^<Bw&Yv$ii;jJ%5(CWA?S^5k2^=SEx)>H^?~>e&
zX+9Pb35t=E!iRkFIhT-^0<O97fjAHh5NnCzj^P#MGkMUJ7)EKI`YbcQiiL)j@ncVG
z^rf7?fbjst8LWxcFlqY8K(+p*=A%M=_uGU-BC%xPneZFKC8rxu^Jj93_{PyhK4^GS
zOjT2}Sde;-nn|#pliG)Hd4mWEZ4yIp63GRT9@h=BBKLR;I$hHw_+JZ8u8<3aD-{VQ
z*s`|IcN;nS5JdQhCe6Us+4y)+UCTk}!4ED*{${0f@7dHe?22Yf7I(vmJsF{*$D>1t
z5%bT&4)HBA9*bzXSo^xS?R>$FzY82vr<BA#MXnQ!Il_)(U~fRMgdRFHgjkJWKQ<7d
zM<hfJoTy7ULNV_>#<x<bUQkE#f@^={_)-K2SD-CZDhc-sYkn2U{l8a!0`gCN<vUFT
zbbH8MZ@BRj{B&)x;(CAd4G8c}E|`yWJsPLPilb5J%J0rITU^L7VfWgAG>V)TL+z$a
zi^6jbz_lHLxMLGvI7TFqupMF-2v<!8)veLkp+lmjhq(A@BuCAG<?3z5@NC&nMv8{9
zyXsWp8*TGXg3Ow?W|B)cppM~+Qbt~R1hgZKQ*u6^LvgFFaI3CJ&7U+(&95qqQ*w+`
za=uSvRow#JsvAMCHB8OR@v5$(U+*+bPc=-<>+t?(e`up&Vy0mt)^?PdXOx=faQ6S6
zh5wi(i4#;^UA6tMm~OY~MpVmQ-usjPCk6NaS8#t(huKoRSx0r{Dv@A+Zi)5A3w7y9
zyoMM>-Y)Pp3MN5XFNKXha2pe%>v(}S#K$(`b;ih68Nnmiz&yThq<fV|*!<E4Nx6HO
z;7Fd%bN;x)$I3h?7=-3r7A8{XHUd)=YA6$>EBCZRw66y;37Sk-3&)@g4_6umTggT}
zb5_0403A67@)VbUM=ih?;bfnM+ER|nBWbZRgE($Cr<}C>aw@_JT>KONhyW#(f~4Uc
z)i;th3!@me)0=meaP6*m#z=5vM>i{CrJ|l8e(|^>I#~$1{k$3-h}Bppib5g1*P=m@
z<)3o};+K`Gt#&J(fnJV%?;ikogq0AC=In`vboYx7&VsF@^7!ZS+Z>8l71H=2&3HlG
z$h|bOF<Ddu7I8|UutyrSnb|i5Vm0``$QS?abtCFIi1!#u&7%V%H8w_*)frpeqkuO{
zE>Z?3#zs7y3OyTdAU+R|TL7Wf(*^-V^6Dlb9cwWIyywPUV>senBvv<2ielx3=VtQ`
zt)$WjceFr%bBsUGB2OSoG(f-GtU_?agDuy9FG|tDmvhjd_pQAp)qsi{L0)?KKNtNH
zhgY_0i_l``%1cU9@`fTKQZz{n*y8y+)3~vDfJ*oeQ18ATvqbe>{%JLCmi2c|Q+H${
zF8Ox4H|_<{W#-ZB9K#S>dxX93K)7je3)QE(Y8NcONjEhaj%W?P9J)ZvD%*(Ro#WjY
zH@MVBEf~$$w9MVrJE|Q$tut7v(pfk@3i^_$U*!DTW^Fuw?Jf+hs?&Bvl}_1ptxBZ1
zY;jdME`T0RH};AUd3W%eyCS(=QWQ)-XQ&j|cOT8D-|jQh;`e*G^&2u4G7<iHgS#ug
zz{NtjQ*k!5vrxsNqp>tuM#1p4Fy8gjzwDyRrc?5LyW17B!#$1EYOwN%MMlw6<_VBK
z8*<`+l3bUUbHDvOR#UqU?KW!r+xDh&3vX^((H=-E5haDeQQXXbVUe3w`)?zlN-LE2
zN|2wuxwb=tNUx{BeQmqk7m{_#H*D=VNVP>|prOj!KxbRpZo~S`9?VRBLQu353V~m&
z%XkX6ADUO-eFRrQ+CG?ANh~HYlP!{FaH2N|J#@e#!qANz5Qa!mhHcs=mJn8G5DS`|
zKLiRyCHy$^ltOzg?O?$)ec>OU8a6m<)~}54?7p4;VZQM-Okm|r-MAFSKQR{&L4h?>
ze=YSJdJTQvRxyuM|Jl(6u6B{T*@bQfPiyG(aBxI;iUqkjmRXzV3hp-2^=b7-$vT+-
z4R2~U0(dnQf(8Hv6rTu!=WIu;tD0w010r;DmO3ZaT9{oF(wAkubLH|;gEqCQB%^Sx
zz6mBwi+S|^_1>f(*dk=_rg5n~t98GHTdYr?b{pK&-5-Nfd~r;_PVqHP8Bk5LoRa>k
zj1&>Af;E(z3vW6%^T&?6UcDs>GS~O-NqYuhkicPk$p88iG@20iA&KG$E$?r?K@}Jh
zpL56coxWc+Ds;D7;IWmJi$}77k#ho?@yF}po6Z-e_M$e#zCl-^EOV-qv{Q^RNt7BY
zxt#~ea457a5CouHLnH6ywQN_n3zEQ*`UX~5`}$4$7{)%N2#PNinvsY^`f9{r1@d1Z
zPSW{s>9T?}jbMfkZKc}%rtn=DF4n|ud2c?HsWG<x{k$%(j>NCXb(k<hvMj;vNBsDg
z$a{Fw9G6v!Y4j~#Nw@`h+K{#Uo`3lFV8wL9GoEhCnP*HL+Gn{YiN&)mOZ=!4;{0_k
z`EJiI#K~TvQOw9hBz&-z0_PYXs#-BIv%xwKN0kA%awNNgmESO!b@YJ#*oY0#BQM+C
z6_94n)_JlsE?b-2TK@pj$%OCo3wFZ~2@89>i1a$z6<adcKg|}Yrjr<2$f59^D<7`6
z#Odss4_&wSCP*=LW-SZfOIb?^7;4+6%Xf|DAlGx&>e_#TVK0Ymk%BrP>5V5<T#9U>
zC@N2YV?ML%D!+UDIpE3{O|~sW=fJi6I4W|+KkrY42P*LAD1gdzZs<IUZl!!LhPVp_
zuLL=PxN1|?PU;~Gcuhv1(R9KzbqB$8dEujxdPN&q9`d2#U*cFW*~^~40Pz4ICKc?k
z6^0Un_ga(ty}Ip1{A)?fht&S|iN=T}4C%81EKKbS?)@TDtdA9kT~+fL;9-cV7Dhna
zK#DO9ABi^<zKeV;Z%zEiUfZK|>ELuKr)^q%T_|LQL|^w7nLRKovZliD-n?_+`5YK%
zu)C}z5eKZbjk>cFyhxke0KhZ`gfz2}jLFztP$Lsas?R1}uSqSzJ>FcH{YY$#NAzYY
zz$MxA7X+)*D4N_Vs#G(>U;!K?$#Yq4IX%wY!1J=T(#BHDk5%4cZZ^r;X#jkc<!Y(g
zFr}ExI#fr=tW@4D@6r^m3&AKDl`K^k-t<q3=LgT*ZpQhoO>=TB7Vr`?ZANJqwgI(F
zGiZyo+0nS~*ln}{^jZMHPUB_(dUnG92!r~_)o!($Omui0X1EvY9_TEy1ht(`f^r@t
zP#727LG{5#JjT>ajP5_UEQ9e-t(z<UoM+Jd_2j~^Ku$>7jw~`obL-FedN*nfX028p
z<5$$ba_`DqLA~iSYYkJy>GSLH4V<@`Ay4JE{xm)A&c`pM^B4Id^qAo>151oSaNS1O
zDE=C&$f4_6o+YLLLm`at;wKiLyef7x*$u%C@O;}%DqgOTxc$nu>}}qbiG`^#Ef(B#
zPZ$!94}c@pP&4AKUU$$!FuS8l)mmeX4bduB0oyM^#{n1VFfRoiLvMRo5>J7`%MGb>
z-a3xLBs>GTPFyIYr!2FpfIPjIJYdX9D-}xh=6h`zAI@%{Ohi|bl7UXJ{N}h4WZiR|
z)j#WQ&X~-Vg<$ZVv->fhAvCOz7T=^Ub$#K**@>w2OcP(rE6W2$aSG`)XcZs*o2V#S
zizyP?98bx@zi@j({h>did<*@=E+ruDx;n$zBpHl3$IfItO`8SdoZh2MHq|(#Y;fU?
zF|h_&BonX4-}MB}Blf)k*<4SGX{gDbi_J5Roj~tC&_<&P#N4<+%-(OFJ-*SVEWTx$
zlV?cW7rS%UFEhy<YQ;^vl>>K>iOpW4g{*Oz#3R!nJ!FVDz<s8oqo6A;SCNje!Vn)r
zTS;oHlq3v}DfFKBg>J0Xn#HFXetnKklQnt=sgek*oi4p_wGq4wmSGJjo%|N0<4#}%
zyIEG>V_l7t<D2Q*xq~dzZH@JMTc-uL`KY)Sbffwqxi%@vY}pP-*BH?|En?v&rKjSY
z)M&={{X`Y&6QREep^u+pcYE<IlNE5Yq05jK?5TW9xlW&>JD6N;ryKca7f^fPvu))y
zJjB8x&=_naI}Bs<*2q@${e5c)22Zm&U^egOb^JPm6t3P!sarl)1fvCLfLs(?QnUED
z2j6#Qr;zt0_<ADU+3ZXxmBtW<EvjlagRdD&il4~tV&8?}h|_LYECg<Lny1_BK>oB)
zR#Ow~fpr)e4>2O>SO8*2Q9{J}%hJKG<~$0pS5uNT@7MH+)burD|K5t;SVUg(`psc;
zo-X%`#Hm0<X^9!9h_f${Fu}MY_*m6FXUT^ej_vf$$^A5V=x{`~i|37Bwde2py{&Rj
zv*#!6=%+jfOB>sVIOMTRmM-q-r<`Y^PZ)$Bc^&3V8#{nF?8e(idEYWfe&S0@AAv8d
zMekKmZttfY_T#1RAF{;=dmGV$3+*ZeKo>K|bH)WydeYhT7RjokY;V*<Zgo9}w~)Qn
z?z=G{f>UKeT|==w6#Sg3ofjM(@6zjc`+n{}Oir%eA_gLiN%SxEYL?zz4>@qx>Tyhs
z-BfOT(0UKzu%KKShHXPyN1(6*rJXp$TfmUB-h(uhkqbW6uZH7&@-ifWttansIh2r6
znnmUH4<{0GDMGcZN(Yt$ygw*&M9jjeAa5td#G=Y?PozL#qdDdguTM~MOma4sfCpO-
zv@t2{NQY%>P}c(=lTHg1_u*@P2U>46nWu+u@->HH20zE)Hw(?bOGwh?Fqr6ucj2Y;
z4<NiOicJ<d+Sz2y3CJ{ecoz}Lr~5TYAB~a_4Onm5D#(vy8kvNhdu4S<PUAa9xi!^I
z;<Vp=<d~V)j1IN>^<21+ovhIkB~z5fhK|BHXmkGf2+a&uKz#cKZL{Pc=D0*dF%9xD
z$h{9}GC04qRCR+K_s)F&g5Az>y^sGQPn1>O%FF$HrLF#c`^n4seo>jnx!;1OiF-N4
zL7liGHJXI-9?b<~R^z%VqBWvp>$Nz#J+`QPJWTvHr5+!vVr=huq{wu#rWCm29^i{V
z0A?)X#ID#j4KU&vrXj*X2tQ-0=;hP|`tlNFJ}jg2w)kc#|4Ejzl$2av@s<L`m%Dwn
zUw)INQJi+J^mEYH(&OPCAcyjV(9kuh-<u!Gij^@k@1!A~D8?@6t!d8C1BLe%<ug*N
zynnIESc=Ns$2}I>ImdSRcn-2RuIB>$8a=1k#n98K=y3dR+YygYUS>(o^(bD?%cOnt
z2?jo9D{Bs~65cLrWe;V2MV%&M3@;g8CUf;~Lv}y&3D+zdbP~pdB?T1G+QbUNOXJQr
zMBG#!v};XP*r%qV!fdtNx_)@pa|qBjbWXf+^kViBwmu@))<&@xEZ$h!oH_o=qm%Th
zDc5L{=*9nXeeXBPH#ITH$@luPe=f%5{T~y_+osOf{H=ktEwJs=t}b_X;ZfXg+ZQNp
zp9$3??x)L+2qbYQ${4(g=lszOYKHKkUTU`8G`RpG*N3^r1RR`=437&;INB(52D}!W
z)av=*Ym2`Ut$vP&z=aYKHc+z*($M(PMaO%BdE?M|URQIR<aWlP$AbL%sLzAm+(A2u
zj&YB*O><0BwT()UJbjz)Nq3&tZ-D$aX3R0h00(tQG*cJMQzsl}h>zsjZW&X5z9S=3
z(5e6BB)t(j6f5=YE}b%!N=$$&9+;HI%U~M^!*;AaQO7fvmdl5A%DSmlRpM6<Rzw9;
z=sN2(pQhgIUo7}jKUZvoFPovd+8w++kCVw^;3rMZA@O#7JV5+kMMy(3yR&+mhF|Qz
zK;I=E=+E>i<^a}l4#y|DZK$;yU)FAcK77ODLWLfyRzE43KHuA~7gac|N66L45h0~_
ziO{w#M-WleO_|U`)r%%KK!btTEejoA-U*@N0>b%dd^ub?i02^UGf2&TOfv=?Ln@jd
z>dt3~gdwpa?nXE)CIix~LOVm(otSi--0i+Q1hW;*BK2^Zk13j?k=u<Ek#Jz3ChSZd
zO44~?LhO9w-}Js1#gdq5ApGo&l}5wlG`@plG-~QjfCkF;L>=qOY3NQf&n@fJt<Q0T
z`GVz*D6E_$_dr97OT6t$=jiCax8OptO{YjYL10k&iI`%bikTKNFu2L?DYAbD7TEG)
z&VUsj?x&x5@{fek#AT1i$?nECo5+6$Rv1@xabq^qz?ynGrnnWm17Q~!Riz6w_^Hxv
z;V%@d0<Gemi<Xtnt&1#<Pp^8N>IC$xv{b9F(9Qa)4_R4i3JU^6mu-ct#8y<2(X9#3
zt5kPABMTUOQOtMG+?}2mEfmK}o5`-)Un1%OsG#bi5b8v_U^=UG5>XX_#hcbt_7X%K
zuHc`Tt?u5$H%-rg2N2)9sj0N(#ry}LFCsUF(@4H6k|+#vichX8jRxhZwUx#Nlo{cP
zX71t0Y^c#c*GJOcvt&>$CWIaI62pHA6HHxU52C)G4k30X9nfU0aa!x;<NI`_WaZ>@
zbF;6p{x!<H6{oR&2@B*1m)3P|45Z6XI1dz6L=2j7DlNirfU?JePwZWUrf%(=-Kme^
zE;WyFHkIe)dUJD8$Y7cu$wi{VFLF^3F#g@~v!T(Z%uD8|Gqb#m#MDvO-ZK_y)v)QS
zcZ&Ys*yA8Kv_^FXHKmq$RAmv1js(--1cwK!w&CuKqlihW5BXxveut|qMfd>L^Za<x
zvIGU{yR;lt*Y}RulJu+@=sVkDlLSP|wDV<YQpKj3(6@_I9rlGLNeK4%Yju%aDPHAh
zd6^u(igJ$3%SfW+kK}{I^YS>!vIa$*qIr(YX_<*ux2scM=H=^!ZBJ7C(W*WLs#Seb
zMeZ<_yP6)ao6}w9mC1$D5gG%TvcJ}%p;nThR+4qg>A05H&$NW#B5kDL{9+h78(CPN
z+VQd-#cTO)E(N|s3#w&`@?eh4=4^)yndV4}j3Gj$kqv8izV){xoBdU%j8B2e|M)<6
zs~iD&9Y=Q=memXn1gh>z7t4|T0QVNMg61K;{t=mXbcoC*4<}gVPWBLw<6Cx~PGQ^j
zYNb6B_Z$6;YqfmaY8v<%bdS#)VaOo48Duu*Q;r$Fr<RslEZL{f<qb#%dJ9Kq@hp^T
zHI+y3x_{J1@di?np}=C=5<@eJ*FmgZx&*S+t%z8isa*{Z>xmCAQ$?*9#DSub8(Gl8
z#!n2jx2DPbvnnLqtyPcG`AL4fmc&J@ABvf8qBrZ+qZgsN)>z%q?pug&1L2STJH@D7
zh}*8x6Bskp=twBX)soClFr@J|U=utB$3v03%>BupFutL!H)&@493<vAf0jM)H?}a2
zgD}(S=l<b12$t&^mzhYJRuvXl#fToSiPxf|^duhJy-QJ&+D8pjcy7Sx{(tx{(8I&=
zyH9W+MLqzHAMDl(8qCH<oCttwf4c8I(7x{(@En|oAgK7A-#PNbDq<O`EFz~3%uBB+
z+7^x!Oq}&aP_1YlcjYu-MV~o3O$Rte@cIsOYG~HrpW^j;Qgprk-|!#zN4eX^|A4>i
zn4AA;2mY7#>m{yQm={NHEsC?s|9|nH>yzU1W^X#H<CEfdsE^9Hcy`h0#95~YvbMT`
z!D+}d^tdU*0p$2J;OeXh^lX8yofGr&{oGqN2wC{vA=xX<xzcnU>mBrxPYZbDk1)cZ
zbjCBH`NFJeZ$|0YDC40#>%O^^PsYjT9BZEQZK=#FkJ)>3alCCSqRfM2B^UW;4;LSA
zk)`u@Eft@*Ok~Ez<Mds|$^dkmUM?0%6rDEadzkCsl9t*$%L<RaefwUPn{jJZpp<*t
z&hAbMCxjVVT5t&+usu6zv3+ruQAv!A&Z2gC@CpXFv4Z~Oc^*~aFZ(O+Q^$7Rs2cSg
z%g^=WQFZB1hN|-E<6Pa2emC4dO7z$eCr28Zbl^zDjLA17I5zRA&5F<MGd$R77|$54
zgdB(Dts~(9Wy(KfP)GDA8O2Z=f-;%$6sxV3p~}IamW$|HV+tXck#1~j24cMsr4LTi
zky)=Rey){)nf)}itJg+)W7En_<9EMw)E)mi3#6JxB;Zrcr(uLcqL#gtb4wWF3Bbg_
z-9xGa`<(0T*MR)AZ5g{ay3!iP;p}szjx)x=osU+FuQG=TS-cbD4&$bHC%HV&O$ba<
zag%QS;J$sih}C0nnLc~6_nfnD?1P`>CQ)7=+03L6;`WWZdi@+T?eB9txDbz&z2W>0
z`h6l$r-@L#!^0j3__WOSX!8tfdmRGn7+2-f4@v%3`!RY|I*WAC((JIp?vP$?oA47#
z3J8tcAvc#V+Xe1P;+r*i#kbJU-f}FThW&IM)t7yI`no>gEXDpu|Nf(Y|Ixqy=-+?z
z??3wYAN~7}{{2V){-b~Y(ZB!b-+%P)Kl=9{{rivp{YU@)qksR=zyIjpfAsG^`uBfI
z|5U&yfQpMZes%brO<#-ae5b}lhp}Ty&~ae7TUjH}iW3|4<_^p(YLd6)|8(yalDdd?
zDCk;z9jDBKM#d7hZ->SJdFg(<Jm69aizKT=t|F~$!01JTX^q}gOV##><mnjI9!+rH
z_Kh!JCP0pMT!WEyyqq!3Baq(aB~W}a$+Ilh9h>>Bn;-ct13^(Xep7dRm~ob!@4PWO
zp3gFOCDLtt2Qh=XU-#wRS~T&WVQFoY%8Z0Yy+)@V3hWBr6|X%SFqAy%D-*Bjwvd5~
z!N-*^2@bPAdZY`kTTNxQ1$*k_-BMv!uK1TE@2%sAa6Zka_sDtZw|j`mS!;&662I#G
zA(TZ|R1#9ckA?~3%Zph)g)As`&P_UfoDKWCc~<4g_xrVbJq5q|)Vre6WU8&p@?F}i
z0m|xS5!JnW*z=MeraP9X+XQn{@y(m4ozLY-@x;DC0~Of(_@KreKa)a>{8k*vMzaaC
zm1}%udzV{Y(SeM*xpflLK(BGvsDRUAe<)8VQL&N9CREDUJlX)dW;mFq9uJD25hg$8
zhXC$xZBj@URG9o?y!hruH_5@CCuj6ezP3}GhrX0il71k1KedeWi0OWVJlK`Hl?~+i
zk13rr8wEcU<F|W>ZhtO|P=levATeCUB(PDx78xqT7{M5#yv1DxL9W3nq`d(kmIrvW
zTQ4&!U5MH)UuX4^?_v1+XHbEX-uInww}Hp9b<NECJdDDXghQrIv&t-8S(KgsFIJH)
zcZz5We}nOnon}!xS_aEP7WgN%61xhl?zKXjkd6A6(;d$?KHlxmkC&sdZvAc8@jF$^
zSyJSToapr4)PBjrhBpzR@m75exU;Q=Y;x+Mr9B<oQVOs*mW#0Nx^?3k%8O!?*j%Iq
z6;0G*Jbcs}2~H`_j2%|Nbl_zuyLMhLtd5uV?CH-=qZzCxg9z==!;ayDf!6`>QD*{~
zK8SJ4l{3TjEF*J`YIR19mR@67KQRJN6{;t}Lw}yn_wF1vDfPb{T8>5|4QE)c^V3l5
z_i7t8l{-JiNkKO4@sY1b74*hdYY_E!O~zrDsFxn(%!!@vJsf)tUCreIRn;1u0lutp
zK~sPDrWKUc1HDO3ySJ?X<4}PgwY%Q7018B-Bx|emmlB3HcF&tB2#Ai=>ioI^Ke=)m
zubQJ!SN^_?V2RiH1uP7@64Nx;ehUwoHBv2uRP^AL&^oqkE3e-<wMqEpu6$LtO#4x?
z!)lzK0{FUCe4ZfWct#W|D2DaY)J(x)XGPBpBDGD71q}z8hHiV-bnj9w(jOhCmGa&G
z%%Rqyv4p6IkjDAJbBt@<r@*ZSQJw06Xa+N>eeVwi=6Fp}Nj0(1fH$B#P;#Tj#l$a{
zQ4IbV=zt*OY8-kZa6{1)Y#jMD)6c(DQ?S9*!|H`e$I<P)$B(H@#m!^ZgE7_S8)1Ja
zAH`|dLee;?D%H*nUpFDG3xptoweSF@AT=ol{eo*|0-KniVvV3G>$}?Rn6IDi5-}4j
z0YfI5vgL<Zsfc^IAo*}syBO<MD>l7(jumC)lmyQ8FKmzwB{cQEuA1IgC3_vZX(K*Y
z>=l|!?hJ(E&f3{UhQK>T>UAK?;fix}J=lDIMuBpCThLtwqh4DfF;l7_7=-`?g9e}T
z9anE=i&o8SItO_0D*%fdB^<+>g)~Hp_lS>fcWN-mB&<%H;(9K9-B=Zt=k7A`{V*=O
z>tts~e*JzZtD@Cet<=W=UX*9*wL>2=={$tLIwV;Gx?WB6K>rdvlWW^xxxQpDNC_t=
z6CNBzx-lhpMJJr+VFg(sJzEQ&r^0gvzayT^^3Z&}g~NnK;>~$=x?&-!PQWY7z{^%t
zaCFbX-}4p;_&!;AJ`bLrKFyo>zu(r+5uM-S__KW+U&g-=o0^&y7jJ(bPO1>q>->()
z^Lj9^PauAu&!4<rK1OAT&CT_{e2ax&VeqdfyLR`w=YdV8*4O9a47N+cFB7E4Qa3O5
zUa+)bWWIU1gstV{n_uEGel^N|tIA#%fVNaUwyb-P^t^7tQggP=e4xDmw#nL|DDnGQ
zdkoJ@9mGz9Ev<#_eWjya<vOn@?dvSS4i+$GKlFK4>1zxj4D$;T#NNv4HiKZ;#Ab5j
zAhy0c&l_5t>!X1U3vPy2TJLOlwPSJci(=|HAU+<Z7w@ODFS77HxF|~}j)Lnxm{*xX
zN9cqrec|27vb3EsG)_i6{{jtVc!(ti)oev^nl|7=O%n31Jl4zQFBVT0Kd#DvE6Z^7
zRJXYLwtnr}E!YH>H^krt%mYz>u9A4t%`b1_b8Q2E)%JIn*D=jMPgzUj#?_jtLh0T|
zgHsJzss3dy-Tm_$z-c{zQHl}XsbNDmWy?-;h~V_Q8E{Iobwx<%0Mhrcjfvgu`Gx3)
z6C3$z7meG{9eidq4vrJLO%5?RJiiyT48{;UzMMaeq_jm7>I;K^ht<Azj^pn2&DRYG
z3!5Xn_2lGtemKsz&-E!j*#d>MLf=RjlV6#LDat9Gr%_|IIfJ;gUV1|db>fNc{w+Fd
zJo9kIz?$l7Hm@E9y#XTqcgJ0?0{IQEkDU)IMdcwI)pCvg)J)5xEWCFNCnK%_VT!f`
z!{$6D&ne!-zxm7N_ub2H*dCDuD!>$y^K(wMIJ`JFcef<>yvUbB<Q9nPiPGbPvIryg
z+z#iw91m3YkwU(ZRirL!MOUSS9KHteFQ`bYd<9;=j|s;O6wRsWJS=0QQ1@l(wpjSt
zpg3Ry7nKf8`dO7^lY3OeF~FUzCfv%}9a7!IbmvwTC`SDc?7&4Il8uX!6CDS>r$wr`
z=4B0n)O6g&aTME8I&l4c4pG+$TV;)kSK%HmJAW7z<p|g;0hmYZr_N4*;$_vOI{v1?
z&i4a$X^b~tTZ`axWSU7oNxyoer4#iU9`PG*WDz33W%mxRg#bH<^(U)_W*l2PWAX`D
z{uuB|!LCr<k;UfTv~FYeNG;4B#<VVbi}A{#g!U2ZX12D4ydAdu?;kF@Hc!u0=2SPf
z)nO==x}3|}M3S6Tf)c~k`9EkJS`3wS%qd8{rdFO~7PTN9JN!SZnj@tf875b`4IN(?
zQ#L9u4Y9#)+R~FL%`Hk-UxVC1mebjLHC(jaO@9V~ar6jru1h0n%Z*G|pBHm<ogi9?
z-}W+hV(Dt)Tiq}c0_#1e*{cgwdzIOX-$J^_XKNl!gfA6MwUYlhXg-WAuQtmGI2+`4
zq287(*|&orzd--}Jpw`Di%zB922K6o;6BtanT_+ZPjY>{-7jk(t9Rn+*{2P?hga*s
zt}|j|F11fd0QqbY1Z*(_QYs)W_ymvNp`3Fx_#36=(3nci)nl9Ws45r5ro2)UqF3d7
zIqQOI?$rjc#@2AtK1<3wYk(s2>sl#_)7hL{n%W}S()mC@<X-6WwVf4ozc^MniZ-r`
z9hHGmD{a^KWY*j+Hz(DPu(-hE`D_x%j?o9$&MZRP@Qz*<kaIt+Q^rP2+mTQ_lCOW;
zF^6<N@H<m|u!()+z4Ag$x;wm96=lJn-afoDy3RL)?n{xzH|jdlYAZO*lqdB2BV3>G
zOFZ=u_`Qmwt`godjCLL7eWO<tb~cq(>-Nc}H16jOr9M-VgkKNZRqEAQJopilWGRmq
zQCU@zooI7C+sw^;(&s;ep1Jf25dk8LvFlcxJ^d}d*`R-b+aILE)PRBXt}iB;{LJOt
zLjSgvR}=Fc_iSn#`J!C#*z5g(f8y88?DCH)r1D?!pk4ePf9%BSS$g?!wCVTWI^caP
z`N+2eqtn22RMgco`jJPqFuY?wv@-YE;iFjV;jxwZub<VUuM<q*m<ZBnUwC@+y_}f5
zw&ah|q~Gt`uS}wAI@Oo-H?b#zI2pUn3zSFt_Ti@AWs91LSzym>4I72Hv^1-t>WaC-
z1Q``ZL(;6O)Xho`Qp+4zO=oaW-sF`tK22VuZf-*<LNZ@?f^w{*%<`%qjdR$==B=6U
z^n4-_bQS>Z$ThUMI>I;PMTPM8=YGcc>jmP_OW|Ora<RxY)q_N{c(xab<GciZ5r*gC
zGhe>w1lxoOPp&)PDsD+0kAaE*<Yym6gWDb6coPcUYXjp<Jh_@ZHTb~TnT<sClc}@E
zvJ1Hkbhld@m_jDW#v*y`cdHnrsTW*rm{v4j#Aoa~lGQQj<_=nEn?Pbo$OLJe(!F0i
zs7|$BT?Lo@rR4Vs#TR!Wvsp6>7!ghp`-?E7<mK-$IVn-|tjN?((E*Fqr}>r5UhUk7
zg}@}J6BFZT!<x`AIuZ`-vsWc*P2FpH>VHV)ZF9#R&9PrtzOmpML-P08TotrPU^=^a
z(Go}zcc!eha?Y5E#>bwJ4_dFUPxA_Iu%zf%@hZU-{2U^Xxj$$T#@Y<AJo`pUCRRW8
zJ+dCAgT-038GV>rJ2<l3Jxp^dpyP=TRmx6-L}Pi`tS$1r{r%FBu{9kWUeewcYb5<o
zZc;pnCTU$>2rSDLK^FmH;MB<E4lj~|b=wjv&y4;(nfoBxPJ!<q?O4?Om!yoGa+x6Q
z-Z7yqBu+D*2*&tkB8OcI*e-+Q6BA`=)2G!>YUTgAh(h#BHh0!)7Kgg_20mw9M*T$f
zrO`U&^xp=jt`J})<*Xag9m8|sQM%&_aG>i~l)1&t$kZ9Hhqe2YR((o3>W;$fI;YFQ
z4rz*5S8cj~20^%iOFt9lnEGLb2Ic8U(}qMvZN{9i%Zr7!^Uzo@|C{Tp9<UuMo|^aG
z?nXA7Ih@p^ezZ`a7gQYM8Ij8`O(DYu$r%$>B}(c|JeEYNMulAl^6{0m*9?<-G}5no
z9mA1hIvi=A6XX8s$Z*V;84vYi<%K;5XU7>V4@PU+J6-Giz??lfYE)(bTL0rqM2Swg
z7uF`TJ5HX;g<(e09I{!ATA_<N%W<l!f*K3lUU@|miU<H$&bgvv&9_rOT0!EkxEl_~
zh&i6F#ETO_x~#N(ZrjWUza8ndZIWmTlJIX>EJYQ@*ZheIyatAG*Z*Ub`dtR$X+u}p
z|I_(^MJG1!$5>$9mHK*o{CO3#)S1`+vKBiE#B2OQ$}TL19RPS+iRk2CpTgju9%nm2
z06UMd=;VI2IJ~S2vx_I31LCh?4DK62zbP~PMBoSid;rDUKvW=cB{K;sNtjw|Xbk5H
zGwW5Hp1`aJp`Z|WJ{rPI<d`z>Czn$kSC@I$0o%SQouK5~sft1L`~1lQhElM>Yq2?_
z?f}21((kGfhMOcaiD)tLe7NijuXf^2FEw@gV>_OrNjIkCi8uMOzMH!5v__jze62cV
zu_m_TDQs4?Ilt8gU-d_oHnJ1DmmA2HJ#(Ud_j2_`a|+7K7B$9&?e2OCqWvcP1m%p*
zyKk4;UQ^ij0SJ(1u=(q<N%s2F$L=c1hSRrVob`v>*nL(x>+<9L78l?CpWdS9Kxm3L
zCDzv6*1=-2VLZ+-)UJE}s*QChmXL$}p)u2~e+$9l0Ypk6;qp-!P~J4U$HNd=go(;f
zFwtmB4c0g57+1tMbT-|98i5pf7;g*dOt{S$PHO-@pUpIiwAjOu{qS!;A*HqVISQMy
zb5)7iisZFD+Ai-XRD*^LrV^wcPn#hz?A{gi3gtAq<LRbwA%D9FOv-0Ia=Vd`2mCrA
z20N}9=;Q^*co^YcvulasT}FC)G{vC%%?y{sK)6s>0;bF^lQ!Gq#<cQP{aX}VvIC}8
z@kUIB#HLr4egD~C-YS`iL(NI2+c9Xp5c674O0|ewr)W74=dW1@8DCeXiq~i<**|Yz
z&xx*|9bp8%-|#DYM}b>k$jst=VL5NhA=A*m1V|oY(Vdsd6%|adI0hme8U?QS(0sqB
zTMdH|Og%<{Y+Y+u+v)m6`s<Irn{%@tQ@brRS3@?pWuJOIpn*cQL7#O2Z&0qFgt(y!
zEG>oE^HMNkwLM-~qa6aOn(?cEe^9Va@%1b8S%7_jFb~ZP+?rW`-!x|EkAOwcY~=m+
zr1QY3&CL&Z+{iS4delO+XNYT*0jftGq6`1h>qGg^lR4$949C^)%#RHy8ROgxHoxD-
zJB^+Va^W1L{@y-C+96n({C6;f7pv}6gTExqnN0RJ!0;D#d2?IHV=^>h1$;=9i>5Ii
z8(Q4LNTV~OOxa)5sQQd+UP<Wum}QL4nF#803_V*rdr>0L+4_FO^O4<Z+r^Y45N`Al
zlIWR$ctc@L@wHIV(4Nd4>x_to2*_CDoW!fuWH2RR!x$sgdNlgWg_<>4(6L1CdgKOH
zeYZRM)~5=)z#2rzHu`|k+0fbyq$3bk4f2YsRs1_U=hL>kH2inq$h4;#3!f>^hJv0I
zpojx;_6rPKb8=K;!yexVqv4Ofc}PABP7;VNL$zTu-__?6D-PGy`i@r7XQKg>IN+V=
zXqcTSN@AaWm(ljZg6|5>IhSZ<jALx1pw3YljQ5yE&)+!7{<1y!eNf}*%yW|XDJZ}P
zPSTrOB)I(H4OT}So-x(PTg2r$xH6k4%e!PmTSlL~4Aw?UU*S4Es9?PZ-7OM?+lPSh
z3vQiU2@E`jWX-~%dkF{s8?`<&fsv@-R?S>iEZiIq(m?!Dti-z0Wzr<eJ>tTqvQMLH
z4oSP#buUL(&J?w{39~iu9U-S6QVh4Kn_k@=24~%r7^<4xl}FRT%D(f@A>3_0c_;-~
zmW=PJOBR73G%(rTB*WK59UDQ<6=!$-7|kN(O(2n)2q*6Xpr3ClYk$jN?Do8uP5RDr
zH3!GX;e}r%A4{hgP;H&D>@W~Es_f!A?LdeIUREpnYIcf(NT&7IpyD=bq}`B_VT{0&
zI1*hMyk>a=3cn9@tfJ8`eN!}j_X}CA{P$laSgfVrT2i<i<m?Dms+*ju4{^a?JJKVF
zD;0V?r+B#qndD)XW7;q7=8&Ky7?x}QPH?yt8pObDQw5g=bTR5EL3{7tC@hf%`BrbN
z^qyf1ihI?1MUZLwAo4b?;tt=S>yyt7Rqb*QT1Uq<ZtmN46vMP`{%ghA{PSLd7nIrs
z{PT{{f#aBNObuJu=&%g6_6e%9MYitMBKko=&ZvHtBGC*$svj~^{r0`Y+q2!JuvZ;D
zGPkvCVmPTQhr8O$aIIl05QEX-Q>gwJZQ7FkchV!~jgt_aMwp##`a8l4ADL$Rizz`w
z?};o|6_vqmE1UAE;Vg^fhmN`CtbC^r6yfu2!vLe<%$|)83g7DAYK@n@txmp?vxN{u
z-A!?Yo3|!E*COdOac5hIs_c7>W+koOBuPO6?O7>6LCZ9ZRLj;KvG$(FEb$Kd?_2nk
zae5igd3&*%08^mnNTbH!mYl159=Ld2LD4Bx9g5P_LCONaOj2NhG-MpE;ep)hu1~Zx
zH?}kkG3(cRw0*3?-&-~Yhl6uXEIBG#o)DRVH<&!2FXR#oGZ&`mq3H@0AfV}eB5NB9
zc*1f!c_B$ZjH8<BM6~;^yqHpRlO!ASCo2ukCI5S4US_GGt7yHa*;?4=50~3QcE$M$
z=2nllCc^9;@m5T$ny4YWYai_#o%KgxZ@oErQ1aSsGZ2Hry_pK#<f=H6p&jdhYeK1D
zk3>$+1!G{6joyu{*P#7~H9d<rf>AupA<;r1s}#q#*DNr@ipuE-O{WcB>tOo+G6hYH
zXqX--H+u?Tt?!AOo_mw0IY3Q6c6SC!1;vvkcn|s^1>C&FDE2l|F0Epb$I;+#qI4FS
zv$Wm~&YpRyzlvnGVGGJCq?Xb($p!x*=ceH`HA|XS3p4Q^JC`H7%xK*-1f0jqLGco+
zn)1FI=BUj^fXyKUKr@J~CPH);F`eV3!_iz_LF?t(#A~A&10BDnUB(^97CNkFgf>AM
zG7A33cH_n(4}{QM`L;kZL*yqFmbQUua|p7!gf}psAGK5cgSq$=?QISF{NdH_r6t~c
z4YyFhXV?8lZ9g|@F{)Azau=R;7I$J!v|}qHPA^ZN9VIFPXnxS`x4aGid8KG)!~S>5
z)0%L7%Q;++`T}P?uz%+<9D=BnaCAX3Iys+?aW0VZ4#3ly0~-ypZ**L}ce}0LYh}Tj
zPHdw_aHI?3?S64h_;iGC>_S9ZU(&xxG4atleG9HaG0jq)<nTE)&L)gr#IK_?QTUv3
z&r)IJsv_%A(#dl>ct@8d$?RJv%NB^5J+o)`nb!OvGNE<d+A~c~d%I^iOH|3C8dSWx
zj|@q?6h(PN*Hr(!N?=VLP5(=Fyv$k2XJe=BB8M1mti+r5LE4*XzToD;;da)Fiy`#=
zlnFzUvFo&cGUY$q*NROBCR0~$U^1<4Enb_?M%ON8A)$OieMT5!QK`Kg5l86dkNV>;
zr`3B9mWpDG9`3f8OwHtVJ5sR!oeGOa;7jxQL)I%NV&A(By9?MPSN}WF9R_(p{B49D
z@3u(_>QgDSV8@di;uqT#ubOa9RAyK$q)b1Zz%4h3p5;{Xc-1NA0R;|{<*AiZCe!$B
zrO->2%Diu=uIyP@e5ThlY)5!Zs)9SpC`j}72r6R1hHhATrBANur?PpAPj(H6V#!)x
zn>xwxCA3SrQ2!LNl+fAyeH_+QHkk6ISU!^sHp}h)MYXmz3BHg7^!&geC#*AXRt>5E
zFND#r&PmNqV!xR;PNkn9pDKJEVF^|Aio0<MrxiZ3{dD87)RxhP!>0IT)ZtRL?!2U>
zeD7}-f4f67v`EnR^0D7E9&3i3^uUSP@6O=sB&J1fJ+j<`J4XMWb+CJ#M@+$Qyrti{
z8o{EL9PxQ)=*4jfCxv|p`|l$*F{FWgccM&p3ii*#SyGH}$E(UFH+icDi^z$9z+*9=
z%lDlHPj9eJg0!HC@u?+>Y~HlsdM($X=Uy+K>?o%k^Hr8E`}&jGwZL|>E?AWYLV5dc
zUoF%bIO1=anQ6Hhjb1#wwc3=#<gn)idDhV5_1jGoLz#bt?j%Q<VHQ?y{CBnXi_Ydg
z>#*&`Kf&NPh(JYr{nf0lz|RE)H+1kE_z-T(Uw&t{!I9rz^GmlbMQ5jdt3yb%Y$BRB
z4RXaroFd_`?&G#*qd)3m;D+T80`+gPU8!C@w<}5oQ+tN0@^))4<L~$c9!^xbM@p^^
z$@sH(iHQH^^ZM+ImW$jr<J&n!k-TYR4h-Xkts}fO6<uIuS`2P`_~X&2jNNKMsdI`(
z$rO2;BU%{q#-aT)9EuZOLKw(BZlUqW(1y59!j;qip^@JKh!O>d_|)BES;k%-SAdib
zJ`$7RdqWJ)>Gy=$*<D;RPX|V|Azis%6B#++m0PC3wGa??rQoc`o>x-<HJhcWMWVHz
zKBY#tPyP)fBiJ2t+|f5vJdpKpNcpD&e;Gc`O{$}cCUX)Fy;Dhe3@AXmLq<*AQ3vhi
z<&aj9{{=*IBa@R(Z`O1h3iUCP>jYfsev8y)R9;xjk&>foj;XEj>X1L~0x<F<S?n;S
zulfIKjl0`x0T^j%^-qXPYPtyCrc$ddo!0w|c&2hX8?Enh9yLVc>fz<j5hjuoX=pit
z^_u#%mH;u>E4|f>7^^eH7#uD4&H<m-xS*#j<r_-L3IdyQd08ui+mvs;c$0xR<VDT^
z&Q`;(t-ai=y_RlFFx!XiSFu!O2EdJIo?KVjBhBa0onl4*>CsQ3x{PfK#FP`lI6Sjx
zu=_3PmN*2IWC|jG!fQNsCuYu<>2)U_BiU>Z{}40q$IYvGX>mO71+64UP4kQao0#9s
z07XE$zmzlIhkzS<&Q4=jW7dW#qXTrJ`vaLPmVo#N0jWx(o3$9axl|HQr|bB6IYU3J
zm|hyFcd!Y;%WjA}q1v3{7L&lDRAkD*@gK!Jw?T8_^>wM&+FcQAyC%PrQq->YPM3F~
zNdqjK7fLl0)#~-o!dR4Js2u?*-C9{{Z-qHFYdFcUcB<lb(-;Vcaj82$kz0$a0C{i_
z2p9Mp{qPA0MZ_Zim^1swhi2laRu*)GEk~MKJkq-OELocN9X{~&K^=xhMR{qr$;z_G
zI<sb~6`iJmEfRUlX>&#aV2IuK(ka0z6Nf;~=9b=CgjuOilm>lLNGQMGj}KuN#TrH+
zndw3}9_4>+^=20x8pI-;t+L+i<m6J-E|IH99G)RonEpc!bD)LC*<CUn;_!KWPdxE~
zpJdzh7i6k~l0*m{)&Bmu8Kxd<1Er5+PZ+N))9244rd=-(IC-D|Lv+A!msmnX(ZHgo
zJ*MZ^#Dw!-@CciOv_~JC@b$K1ggDs5%Y65OmhsqpsZIDzu_(Xx)&e$*M!reqf86Er
z^(HAeX>7!7q*OE^Y*{7KwCjx94sMfBwir4bXeh=9odY$g%;%j8;(KqQXj!3F>I_rE
zcNzuou3^nf$0V_C2+Q@{bJQzSYIF?iiw4p|$LBKEdMSn#KUnUoIL!ju>|TSd)OQ!2
zR3tee17x}h(~+6hu;pkfO(`~0{PL<q)__z(%j|bDNd;fwHVd~G;z%Kxzeffko1Kdl
zDc>NZ7V=5C?U)YN2#xRy1xVknLWlXTVJ(5b-KM(tIEeQ0@Ndit1s@r$UwD3U7A32V
zx;0GgoS4~N1?(m<3ho4fDNwaSa6AK0opN1;E&CJj@|%eLb6ZJfr+n04lRNiTutF)6
zbe%BbsUrK2iMCc1f*yf%I6~2ZSC==$vz*X3%z2#v&SVYE|9Qtnp4c=G1<bC++%K5|
zptpI5Hck7eSDFh#%;42CG1CP(YnC=+0zQyUkl8N*snbMs?0^$41#6PUOe)f&QdF;K
z6{Fq}RwK>ayNK4n<k#0<<J)V%VQa(R{dWLAc&z74!cq<Ox?HE%$gIq(qD`4L&gQ(9
zR3pGqKA2ch)uI6^l#ooF{c}4n$O{<BBmqc+A(n;iB)eTjRPW&Vpy$Vq)@F@}aL^aH
zy}m)gkUmvdf;ln(+M2=wf)avg-~*@+g!TK*Kygn$fTJ0%BB4*eU(6mv3tXTV1dRh|
z^abpV4dV(nzl%7vf5*Q^ET315LW+P~((@O3Axt6`Kj{xI@v%oR-e3A<50lKtbhKS$
z+Zbsb{ETMr_|_3oUr|y;F;WGw(K;I(05b^nB@&}1WWX3UY#h4m8{wP=r2jBC80pGC
z&T5P`Rew)bv=#C>Rf!X*K7;1~osiH0$N)Ad2lOpyy|*f0hpP0Mu>3l1B1j@K5;(6G
zU@LSK3XphpP!uJJorgYMcz?~1w+WynRor-0|2Og}RormZZ~!N#xG_+*ka8#*BCwt-
z)Ltd1zgi4fwbRj0K0Y=?)rRFlXh0>qVR>P?HB_+`9JbhBfs|pyKP4pBh}l+`<@w^g
zmx{BVOHD?b*wC*of6B{{8Rd%-HV%n$4^X`d_i{G+WRX=s=j3?vWsyaE>gBrqWszAS
z33Cu&gx+>HYLTGFTnHIUL4lcKzzidgG3S9~;JcKfbFm<MmO|Ac6E}Pf_e%azQDQh)
zZWa$(IAq-SF&7D%@>vRG<n)^$09QVZgHXo|bVq?JdFmYY*0S|5)E6rXNJ4;6iPcAd
zNILDs5nF@;Cx#Zp5s$qFk-!h)i^hMMXbRg{4pA}|)A`5$UjPX}_P@gB;PD_x@dy8S
z@T0N7M|Kz@7D*WNC^m~d8rEVAjFAIR6hWB;A&fSliK3|P246H5x@ZJ!Q9NYPxM3t<
zrW*@aG#cY#EKE@>L{STND7wRg@I;%CL(w$%15Gq~V8=lcMZ*z|#Oxv=C?W@gBYs&9
z!w_}f6-{#hf~X%>D4J>?{7^5XP&CDzpod1n4s8KBG!A}e4Af98%+M%^p)DX+V)`};
zR%lzzXVmPBg%Z*rK@rV}gb~^V2#V=q5JIR64islf_Q41B0s}>m?S~H9Nu1iZG`)Q=
z)i@BK(Eva#c%L|H<Sz{V6S?`e1pV0p@F%R$j0XD&qxy{m`iXF$90ufP{{TPZ!F_O0
z17ybl`wYVN1m4jP>JxzM32w?Zpicx`Pk>?v%qI@2C&KNbZ9vg5Jpq#4ETL$Kp5TBY
zfX^6so?!3!K-|(GG*4*z18~ncSf1dtS3LW4A$bl5$Fp_N&8U+o48gMn{7zWS8U?*$
zfOSG_Y!}#_QG+(}ypDs~iQp|e!|d!W%M&(me4b}fvP7L>&pT1yIa8v6;{Tso8YNAt
znr50T=1Io8@SABt5T7O8E1&w*vniF30Ml)NG?3qiW@a0;w>6vJVVsh4;Fc_5{GQ42
z(0a%>w3G_MCmf9J9%-Labd(i3ma68MwzxbJbKumEI{pLWf8$8%W-6&DW0j5$bYTpZ
zG*2@nZiQ6L?QkEC24@_hJY-z3MqjL*<Ui>Yd<gI4_bgXiYD&IhI-WOlj0%YVk`>KU
zTBhVHyXTCPVVzg>gR$yH86K6!-lXk*lTV70&G`q!Pm#~b#3%w}f~T8~VF~xYVIouV
zJMyBIm2iTH(85_uww+7Swi3q8%2e-<*axcUO%t&?U#%wzyw-aB-X8_%UKF%62}Uz<
zZw)0AL;$e?LUnFi5VXZX&Pj_u>gEF_<BDS`u>dY%fX^kIv`R(RnWIX@os#!?@7|6A
zD$#-EVy@SjMX!Wa@WO7vcd(Ez^Q%%UN+yGR4dB~A`Ua^6_kqjVWJOB=hm!m!ebmG$
z(%b@^Op1)=Y}(V#FDcK|VGXT_Fe12ZRNC_#o>#BhY`Eg3q3uN~R<3wXGt4wlO?)d-
zhK<vj$n(w^h4s-+L!hBN=W>aw$d02u#e-36^ST69YoB%{V3ISI+JtnHi&TwufMU~4
zXRUNsgW48~&*K`1>3F+m?eT0)_Nd`hRNK>STBb3fI@1`Sc~jC{0@MrKuC&=)CoXkc
zi|J>YZH4v{pA+_>peS)u5XjVdvQqMxjV_$Hl4(Li{hu)>`>S{F7x&2&Prd2D>G-`d
zgdYDr@V5UX?~jIg$@`;^@H!m#gS={EYajS62OhcZT77@im+uPcB&<3kJQy0=vhQg=
zhE57Da!`+Rr6fU*jHDEx>Bv#<b8_LbMO~Un%gt)DL}9YSjyGYy*_zb(T`nGSE4zU9
zE6To;Hgv$a@-S>SE$$kjP}^q#8-!va^db*?QydOLCT+C=#sIuF;F*<$5;ta9Fxpx;
zM}g%mEvfFT)19ktUxe&m&{+eX1~z0Z;NOG5>O_J{DH2Y@(Qq(VX7a)0tsVPWv7}BG
zu{B|V-6?GS^G2#0d)Cx1P44QrT9h=eGwKsBH+J~}^wOvx)Nui*qk>OA*}&7Cf=&ZU
zrzBNLlRMcms|R&CLq*%UzkQ+YhiVgZ2)e|L{HSt1s+{{&Ih(weLX>L#L1z6b7+Nr6
zB%|fR<i|M1N_*t!ggvc_FvE#MYr&N%ETSHY+GcV6Sc{6D>2Sg_%(T!&iSx9%UDY9@
z&LJ?*$8K0I^&no(`)Ind)o9u@Q&PQt1Dxm3VUo}+sWEyG-#d0}oh&AVu;dc+rC544
z&<iDh1gL5X8uCQrGUTFZRWqk8DKU6>Sriq$vWzR!^a8_nXr?4OXhe*2ywZU$2-MiH
zRj&jZ@`zaZG)@9V=_|CtMvIzij|7O06gAZ=V|DOoQPT*M;n|87H5*|vKy;+2xsSBR
z{fL@obRUJpU!job@ZDB^uI6j8=Yrl?b)K>^TSM#(N=$oMU?Ru0Gsbh-JY;;zNnJv?
z(hKv8YIWoHin9*eI4`%a4H3t>2@aYlqic$;Er<uRZR-S>9HYhLx}r)HI`)riluxrY
zTD?IoO=FDbH|TBCiTX<BtSdD3!6@H{Y9@|J_sFQMu1YauH#`QvqSMvZ(-w9^eSQEO
z*I88N8PO4SdW2%ae&?cG(ds!-C(J~>Fyfg}5zDG)Xd_ll+In!>Bw8aBTgBUsi&8i>
zF(of5F;@wYXimgnWjH`TiSb)8Dd}STpy}t#NG<CX%_k+JDb!QYzebH4&r<-|&ljDY
zq~^sL%b4LB)%B85>8k@Y&~tnYBjOPyA1mH91tg-nP1XHnbw*Y+S@K+;BWNB_L#QJn
zLF`&Y2)%j$K%9mK0z$o6lgDynIAg1E^Ga)@k{q=d@{z9Up-s{5Nf<?V_yjR$#NMYo
z6r!{xS-5%ZI`SVsH|rvD`>1tz-`I@Q(c>pQjifzd2x2pICUG$zD6mFFr9`JagyNI5
zq|_UfIWn{_M5-g41^VeGK=g+rn}{+nQ3Ugk33{ID9IPQ|A^`hHmpT&H@!z4z5Wc|S
zejP8u;IOFy_K$$k?IPAea6NCvB#)T-H=6;?9VH_!=n3I@#oUR)a7i~N90xZy!bG+?
z=lxVQ8&;~|s;I(@c$5;qL)`PeGV5c{fo_TtOel9J((KIsd5Yk&&P-m~v=C1OQ3T0}
zt(j~7)iRdx7!GDhL=d+HA#tNXd4w85mFs-Ps#X@;8QAtCh*H@>M(p3_Hi;pE$>BgW
zZhiM-&v1+>5sRC{bbku3nKOzeI_IN(P0V3y8e(k0OR8Q3AyogsoC&HLjwk&rCe^T=
zYc(Y|5GWurjoS?IG-p<L*tR%u&R8mSDuPqn;jO6HbMlrw=zYQ>W9JB(&6)(Rc?}z1
zZ7^A{+!C2fmfS^HL<!`JpxM{9MRBG%<(XR`DqHWjoN-0V1>07jAYJYgpr*M}%!EbD
z6IwnAdK`#@6q$%T;n^=yZXn`djT9M+C6#03J-EMn&Kt`c{x~F*e~iow?+u<GE4tVm
zg!YMeLm|BJB4cHRkU(VvrbPIPE=-nE%8E>^`z48&4&ahasaAAvb(P)QDKRy8m7D>t
z3-Cs%_xB1ukUi+8nADPy<6~&i@iE}{Gn!)FwQeR|nA6vXuudfbFSFi2`0O|DUiYvL
z&+JtqGcLHm5MR!_>9d7MkEKgtb4Ukmp)JxkNDKw{8%q!5xT>PbQfGbQFTgbWIf0t)
z%9QxTDhXgcD|wMI@*g(g|BTJ&EUEsCT1u1pKeW1S(*1v!Pk-)PJ|VFW-#WCP+l6D{
z)|Pz0boY>o8W3pnl)UmH`=eC^i%QZgYY~xJXm=(y63v~KjJy@sYHI3?oslcZ6>GkM
zbM38o^?@aIH7G3y*@_2Os14%W;0R&=S~x<@5;X`x!#qsr@f;YpJGO3eV>Nma)~gsK
zX%~+HfI;Y%|4*mIiPenf*f?##63tr&i5jqnJcY(Vv$h@N5TsFSq`!`YFbbs%YVf!|
zup$R}=+%!k&898Bj9(4X)epCjJJe$jJWCT=V%UT(L@tF6#Zla6kfP$nhV?WnLDzm%
zESM*CMoUuwcD?mHG|Ti_NiXT3iq&SG-KV<ef5A#F5M|b9w(o3|6D$a1)~uKtzGFAF
zgCyu7>P8jo^YYZ;<aWnS$ro#r?CuRab|YwX8}+u)Q`9hlxhNrn^CT6-SC^dK^Q1bR
zlK;a>0n09D3tI6eZp*j>E5tfbXYUho0*?*1bG2eAO7o{Cj~H`?hZcx&vGBb5<LBN*
z<ny*elcQG7x27USGh!(4be4iXO1(U@2Q>?KqJv1~6t)hrObb!@54HX%DcJ({819}e
zcUXk@*=L)rL?JS<SYH<<qp8yVsuDQB)&djKBN7Ng=$@vywE#8HM5h|qQam7(HoVg-
z?Gz%Fgsy~^j4&GCw0ax42f|9P1JIbQ4!w4tun}*SAaf{Gp<53vosuh&dKRY@29X(c
zpc^rEvd(pcZOSky$nR{;>(z{v;96Hhh4uknwjo}cc}~TO@<Fd*jID4C{^ntjH}`?L
z84(z97@W<~2%82yGe~zFwr0FpI0{emFi4tXFf>QlpyF{e4~3XH0xMHvJw_1S8YOeY
z(8VHS9s(0H9t|@ZcrFSDv%$BFpcsLG*+I69*$0Ezm)l}mMx$Adclk#Qesocj0BU6<
zUS*_(Gp6;C=#=AQTqDQ%5LlFlL7^OvKN-S88jU;|7p=Gt%*luq7IDjXgvn-lzGCY*
z9sTG{>lq`wR9b{=PHeDn;9>1m)Ish9e0WrWQLI<o$rer5IU!8jmKAZYHP1-cnGkn%
zVdfNq2Eo3ZCt{^#Zfq~8c0T06JGP#n;)nM)(~4pFEw!NOxL5SX3VLF0y|1H&VvwxK
zpm2MM;|3L0wQw~T<&38(XhYZl!iQ69ptNmg;?<66={D2u9q82_Ch7n!bd@9xM*x|C
z+M$dX1<=%CLq$F`!FB|-;buxMNM2`<SK}`y3mOL6WnimogXTgphN?aB?KEFc$E)68
z4%PJb5MJh2B5iBL!}C6fVn<HQhnclYoerjK1djHIgC=|swm6j<;22i*;rfm}MDeKO
zH+XZWKuXFMC4;fS?FHM-mj*avq|VtrQ`4SusU5nh_B7n8mHSODX~pH7s{#Jcm*TCc
zjNjmPSm;JHPPa5sp>*|1sqRg6Ut7KxP)$HlA2u`1+olAw70|=oDDdW-TV!HJGgC8W
z_-wk_xYxE^|Jhg&S`F~+Q8?K70^&K)qM)|nPplLs8?GVRxzR&cl8k|)o#x~X&tKyG
zEdY}<csu!Q@{`CJNwQj2tQ?*uvy2cqRV|#SC@H`QTcBLvt1U(_NKxCYs3gzMpPfH_
zt~3zzolwcndS*tw`{|VYJV;UX<SF?X{(YwZ{fzufekSCKToLzQ^$+=(Ow=IjuK7mu
z=~<hRCNxJ5s2I0i<8aL4D}m)C!ef?KU4HienP)NUn}}RfczOa|I3*8YSzXaPwBBAo
z0+DL$$!C+N!xbAv-X?R;1=Rl6Jw17PI&F1bb@5r##X-8J>#bfxt7*Q5R}S+7!wN3)
z^#ff88G?~p7X03p<||5;u+$<~;y&gk$_igL%)xjyC6|CHOdBLnIC`uns;MUZ6xQ|=
z?Uoppuyh@?p|~E$_W#+lt!@7+yMrUeQhUGSX{J3~$}p6{{-uU-e79`z-ac-GOu%b`
zCXU@5<>D5nYWjIbu0(3>-z0F{ga1a7_eX7h@%{)rI#!|4fZa`2wXe3d*%k#W)g&Sk
zc8U_(mRz|tKAmxZ#Ac}bu>faOxiKPsXB;lvC54z<?a~vu!(XQ4LIW9tC(etu6`1G2
zIWs(AnCCwrxR!|~SYgJqBBL46l}L4%j?!oC^7EvU*e#p$?93#P8Ar*CEh&_phZ1Y<
zzR*MNS*Gf&aj`N$&(Ygdwx{Wd-XL&e$i)fm{I1I%tvRbDH-QxGOY`;~<~@h@vomKD
zd@a@Y{~_v(Z_aZ6f%jY=%8`dO{_B;;nq}I%I{$Fe^!5}Y0}PWGHcMINp@cifGd#5d
zisV%d4CIXD>;X<iFTmiypf!=s_AotDas#a;Gt~%(nVwV=Yc#pfPCg?O^5j&l@*KAj
zOrk5A=zwpZ8eT1xQlMr;LJ<KV-w__#ik+jt4Ih#lik+R49;L3Oy!p20wo2W8&g5LA
z>|#FWIj`1NBI8M1L=ynDwV!j&=%sid4-AJLmfm3hufXT*HsW0UVb>O%Q}(FSQmZ*~
zLL#|@Y5uyvOmAAU=VU_uCUQ|eN2xal=xTeE4K~ATnQ{TsI|s9bn0K&FJl~eOwQXdX
zZg2Rd?}yJs@MYM8);(_EjNxcNZ3ic*Ut!oh0<~HJ)6RaHWbB@0b|aWt5zZp_ZDO^;
zE>$-r7db95-!_|PbTPPBf))-nvNsUqFm@BTPx-b0ykeLSV9=I#x%Vz>-{NtWJFXnX
z-9=sLx19lE&q5!F>MNGwjb1|}8d^4Na#;AKiOV@_t<zy^M0<mnfrwc8!zAD5+b;9r
zZG$i{+pP0pQxryBebjYs*3wszk*hb&{l-Xi$Kd>h*+N6?6#5|j)jt6s%v6xoG8mUO
zK!K+$uXsW;S4wSQ!vY7WscNr;6B`OdzH2BDMw2CmSmO)+JiKw#v>wgs<c?Lwi&U=F
zi;B7;Gn&ynQ5&TjW#g&p120F4&?<y~Bh*;R;FV6SCeLN1-r`g2sMFDlOo}tbZVcf~
zV;q)cg3rTR4Ja%6P-Lvhv$CEqJ@1`^--qPZWvo-erVDVXcb3*syPm^R$SS8Rb~LOo
z!l<g1hda?&9d!w6XLR!P43Z$47y2}YBl~2#MM|7JI>WdAq>;{?w|a!pR%<S+KFiIv
z`+37Y6=zJ}RNLAo7sQ%Ty-$a|9*XZ{S*BDlnI9ip>y=JZ>_iYMaj2yi4pKfb;xDOK
zmg%fVqn3mES&2sf=0Le^nH!#u9)d10?Z7m-rGPF6=a~=Ee8KMl&^yM!hsMw)%L-Dm
zwDy#~fJVY;f8kmKATHkmDju~a@(9an3~%z*q0Q&O-w;A=PS`yw*Q5{<^D=?OQz`i(
zU-^9da}$>a8YJ}2C|gHb+d2X(j%cyxecA&YBfj5m6;k}kXXj7PpKd7lgG61${|f$V
ztn%jH%XyET#1q+|`_$Sgk%oJ(PvIHZ(LXzF?E2)h^JnKzPgI|uovPkDmicFsr>De&
z&Df%-d&XqTHh-CG2)qYTraIPIPvRii1S$a<&+f{cx3K-39s3}F-GEDhSLAmqQL^6+
zFM3O7&~`p#`VO#QU)<8fm;-x%tGvh2WRtb`+_h!QxK0-gM2MSILTA>T82LV+A<tNu
z+Glk*GW}cUR`g5&znk+#T^f706He8-zh{he4@6xl`3(v+%<Jr$RVXcKke}8|oBVpE
zzxB|>dXFqm(Ikb7yhTDwq_j8Vvrne6sJjc6L#9Y-OZF*cLd;E7*Xx2Mddjzs$ak9R
zIMgXwsc&>G4yx}0zBwQ@(xy+_MBc;eu4uK4l3LV_x-rH+t`lh0p=z~Kjgb@pD+OEz
z2&|tH@}`y*2o;(nIetEfq8Aj&uv4Wd=mJ)2RNuM}HKG0}kgfD?C;^5J?()S8nXo7&
zMXLqs43!QR(0rM$2`xpP>i`Ik7_W1h-gFxJ*1`PMda+HYQo6A(X5i`c>65L8Irl&V
zbkcXZ2I4k(7L2^rx&3C1Z`}$dHGG|Camw@?oynmdni!d@Dr<IzUp<t(Vi9R;Cv%!f
zECk$?bv<q8A;K;GZq0<q*np%c>)F=(Qg1+5gw3|JOYnGD@M&$`))sZUc63Be@XljN
zN+GJ#t*1|S^VNqUF7XGTbQRMtV){HR<1}O8>GK!b=_mP$XSB@LKKbq%dje7t%kOz9
zKxQZRv_yH+R?C#+Ur)Zhc=yBGi#M-M6-V(1;kvg?9=h9d=QZ648eY1ci8Jk1GXT8F
z^h0sFRjq{4Y)#k)Fpu4DyH5i`nmL7fe^q>DkCGQwp^TD%qJ$q!uwPJ*mV3G)k1OEx
z(KRBEdHXLQytGqp)GVb=l{Tso8z8%`-xi>{2(>`b6`^!}2a+Q<c7Sc<8u}n#WmHx?
z`63g^o$7m}VW#iNR!?(s@!d6f$>m+Rawb;HY@<|AQ)WylK_DI&TumEY!afv2`c1B8
zY__e-YKyTxNQT{=sqR9(%OOQ9COvH~ZvqgL?cv7zjb(e@)J--enIj>uV5HZgCJz*S
z3BXgP<c1f|$*Ww}7#~t~UgM{!TPEv5*SOFQ1DG`phn6o));4*CCX+x?$r1ZdeSUOC
zjy}w#`X{gE@@PsfS4GAXUMZO*cWR|G{eYJypSyy{K^BGg{Wo8~{Q5bF$*Dk~W_IsX
z!ZQF_&FrdU+DkDJtD+Pu?%=P$Ch_53MWyS2k>95kkc~BJA2G|+`JyF!c-=4R>RF(d
zb0RQE`Ao-Cqwk7Kdy|)>Ev63~*ja=SqN{&8PucysOzG1zXacSje;QZ2pHz~gr$<wA
zZ6u*Hx8L?YFU7eiZ9~A!|Ky0Ah!R?q(41t9YQQ(mXx5lSaOwp+iwVLYQGpmFLYp8P
zi^Du&pb^Si`<&;ZOqhW=hFiR&BUx1;0AkCG@lhE(iPB7nm7*?R#*dSE0?|GBk2NEg
zFAalt0G3lO@4N$LYb<j-iBB$8^e2&%S6^J~W}W^*gXZNtq4dg$9aFD_?a5W6Kh-5u
za!Hh+WAE+?H|l%xl2#OD9N<7cE3`cjmH09P_yu^x5mI)LClX-$i#H-2AyhaI8J7Jw
z)xsC}J=DX0PTq=~`BS*xF`5#!bI<VOcO|cwmm5VLL28MIa1~n}G7p%}ymf#PQ#DiS
z27MO!4~tC9Ofjr|^x~U$m!mrI&AUs}2lY|RH<}Mk^fSu+G=HR^+Q_M2c4XA%D1U>2
zx8By%4H-95y7W?g^<nxk<jP&g{Ep||^z!yDR(C5^2r*@ypp@$+Rg9FZ>a5~Lpspz_
zd9}bG0^e4GqY0q85b~0t+dX}5GOmLw5SD8%u{YpnNHupQ=yph9k%uXspg}UXkI{R|
zGdklLuhvRFIGq~l5YvER7<T4HqeUJo@oZQ-$%*>y9IU9PQ{b6Fxd#xwI|7q=a8M}P
zQGN-Z#fIa0Z}{fj<xXd{;w15BwYt0atcD-1S$WSB7El<pC+={^_4bP?{k1M8CAudi
zt45vZ%_HVKv}nipQyY`W+i6?{+Pp_DG%o_$YL0!uR*@_MIL)~JnI}y5kRig?#Ivy?
zn-t!_%>WPIV%oUvCQewfoX2I-sawCiZd*)WuwqHRytWdy<1h5t5un);?W@O<WPHv%
zxQ$WhVIt?1DC1GXj?EKlcHfz~Aa9&+DM>_@u_R~}5OW*|OR`6G)3Hc$diQUjylFM<
z94FxX-K&e2Z(dDT>2H_fVN!`nE!l)uzLPNmY9|u>B?h3T@Hp~FkGZK@sv*Sqa+*CS
z-$*p)gB{GcFomf6+Dl2nLtu-S&g(40v93zS&Rk2=`Nx+c8pBDes{xrJsICFUeIEnl
z<1ETCr;Sf`*c|KTnf7R3x4sW)kFYQ+0TJVXbTt>HTAO8iEwL(rK{&4^E2sGCPi1gJ
z2OTu_9rKno?Hk&6Y~DAr`fKa?^)nolz-V19F%lmvuUZ`F9clzD`{l<r7PrtBG15P}
zuBAhdVl~>jC+?MS%pT4kM0v;a#pHok%Zc`Zo<nK(^WVl)#y5_Ri!{~l*IKf9ongR@
zoDy1a9kX`^%I+DddHR=7t&UMAO%O3{JYbc&)LxBW^y+RX^6ef`rIGbYnhJ<VDq+U`
zr<AjtX}aS1C&LZGGNut(ww51xo(_+C$D|4OwgpK2op!=lAG0qR#7GY!H(uzr54v}6
zb%%eomOo|_eEXzGoALj29LH^=oZmpi4rY`yp14t_xlm(~Sd7be=XoO^LHhe7_5P@H
zbBE!Klkv8fLmIwZ2*~Et*tS7YOqcW1b_d9Hpe0?gij@tLP9pMLR~Y%aVEJ`LlRK|h
z<WWBO)yoGvIDE~r!30yCnbrh~;RgC8cjGVYx5ePXH?)YeB$>NAvVi>>A*?W%wGagW
zTMiBZrfB=Zt77)9=HcU<w9Z3qmbFsf%y?xPj^7=~D#ZEI0QMp$iN;!iL)}60upT;J
zcAmOKQkgVp3m5q0$&)7t<@KjO{fUT@P?EBQuevvS2_uC+JbgMP|NG+2YY2ZVDv3~_
z_*Qj8i?9c<NnQWr`s=q1C`$WD&>HP<wnBvc&HUr%pHIn4UP5Xf*SG~HBGUv1=b|DM
z0HRp1&Lg7T;6bdD6jpq(taR$QTD=)hD$Ec>)+qw;3dE-D=z3RL41^A!k&NFlGM9fX
zMO`#V#260irKw@*uo2B#l&t!QaY#Y?WNR<M-5rTg=Sephy9MQ?4~~}TSPlsNzzmZ1
z!J4p?ys&J>1SuD#z^b2qM{;f|=4oX`YN6YtygRM}14y8RkPx7?enc0G+N`LOaj8}(
zAfs*B;wCOzt$c}Vsm?bjBLb7(fQI}U8cGdluoL$UX$u<MOWzwaV|G$nL3xr@wVoyj
z!&GgClCo6@(|bkBJEbFPjy#3@5@~V8u&ly8dY4vo?dEL-+j=~m9wQ48C6N^^^`2MX
z@3S_@8(K(2;#Wc})VdG=@z7+AP(4zgL`@FeLcKQkS{`B*IF@@FcD&N3^4D9Q%6Rph
z&AQ-M#@xf$J#Zt)?)6B<>i`EcUSp2u%efaK)EU<{lhYgC6{rlagQUO+iepaXaF{b*
zdp?)(+VXV9EB1`WEAFJmE9BwBt6hs%yZNyDnx!IVoZCT*7!fE3SvX8&O5SLujGK$j
zq{!+DiN`F4H*KEYNPVVo1TbrR8*uRmvJLtJGUX7<*WKH9_2qE=lA=Eot=p!()Gi5`
zJU(4>$KFjHQ8R7T#Mm)2516C}@~~vuFYZWA>h$2f;04VEqMi|g5a-D!LdID74pM(4
zkvz_lAUQdCVH5650MTV$v2somcIsLfSg~X)R(jx0O)#X%d0Wyv)gXfjD}j-)4;3rb
zTr|c0B{})Rm!z&i*9JZRQRWGFQ+%K@+-_L2TZF!8Hue&`7*bKKg=MPN8>C|bD_o1Z
z)IKj$UIYpRCe={NYjaUaO14lcNa;XOB1Fi}VY=IeMmH{(;b>%UpHTc!GkVWcBin$B
zy8#g_sMOX(aFt6b67B_JP?s}psA7S1)GFm@-H@@VfdcB_d7bZ3W1WkXUDdOU%jNZG
zqkrGS7<^?__7JQhvEGIr+rMPF<RF)*(?!WnfJP%=8bagK-7o@j`ZA^~@T#BQHtqj5
zoZ^WU!&CN6UbxSYgl3uSB3~G`@0ZaPNl;-;^*4Y$7G^{sbOWUdTZ3-26Gb}U<RUi&
zppd$GPlF8LZ*9r+2JkJrM`z2g-r2H!6m?V2mpULPE%*X&|II;U4y^6N@y6s4UR1gY
z&?iv8uiGM!Yn18^Y;2+jIB~XFgoWB}+)c*V2n8Sy;FlhR7HF_YYNd!FKUQ<r#4ChL
zcSbDThy)2}=eA;PDjxC&TBa9QgZX1^k*vAj6-v$5M14<Z0IZBT3?7Hqrg!X@^n&#n
z*ean|*@h>}yCizOTt4$1k%3ce3#S@d%Dhw`oobIxwO@x*?Gl}8ZawrCzcGMQek<Kr
zzs1Xj)1i3VP5W{r@sK1V^rmfQ(UI*9$gaQQ1{vi60a^hCrl-%xO$rIZ!J>1}@jw<L
zVAjJ6gdM1bf^`_qY$4LzWJ7^uS<r-eakrYw9;^}O<@kXjP)FT}r!jXAAcN}hk;#&+
zD17`<joSd0R^P=XQNmos5X^*?D@nxstQD7cbpJG<yPIoNWoo@(d@y(IYZLU&n#$E;
zX)44<q{25><A8;2jU#)2?#3CY35Zwo=vj<ZMDW^99l>iGH)25kaAl0B?cKN!&#Wc3
z?LKUY7BRapEPQkYj2Nm>B1l`zh#(u|K6IReG0vk1_n{+ML^)?;+=q^Q5yd8=B#@Sr
z5kdA>?LKr4%`5Fm+;k;I41#OlhH*x42rceU8)RO!)wCxuX0Mhl_u=vJbb5?|AC1CL
zSM$lg5tb*yTTG_8ZlH~&tU#=4Oi`}$bY<E*$}NfQ3on5Y4By}seYvGj)QCbB@kn>r
zf+R-EM23PS8DH^A+Dd9nR+60Hm(!%EV|a$Xd&O3wT%TDo>hTs`eaCQd+2(>$Gj&<A
zyvo)Gl)3E4g_7But34@=y9~^y4uri0TZ;+{A&x5(o@Mzxxu>NJ_n3?qvr>M~rHEQC
z>O@?B9kEymLg<fRa_wiL8{e6NYir?juvL*Whl&!mFAcKU?2V4h`_vDOW3GZ$6)W@S
z<iAed|NiI6>0eGxzJD_L_rL%C<oy&r{O<HGr$3uNet&v;a`OFGZ~l67_3H2Z^ylyM
zdUc0?{e1F0d-eB7BB!T+`PZoCwIn{CR})cAaOj@{R$T-UGeFzym*$YNOw3B@2UzN3
zMC>4VYr6#pm#|~wS3X{JN{|q^%wF=y6h?D*J8_|6t3s5tT$5Cr#?~Y7FB|}jok9Pg
zeJL+@$zoiwl-H{fKpJqrJ0cGNQmeslO-u#e=6B+1_;Q-up_XKaa|&{klV^K$r2XJ4
zMnkqhG(|%ogh-hhZ$k*%)H45~3pHY|HpQhxN#1~%aPa9P(I5c)C-z#&I9_K|=#-2<
z8>3IePQssQrioOk1n8L>PG$~uv$6=dJkpk8VDY>%d(}7s)e=%~MClLAqM7s?ylGKn
zJOSu?&{ScX?XtN6Oy3VsN4}P7k&9g4<E5&1jBVh9LG1@{6kV9Ut-pt4f@?dHjVTB+
zN{xCcYfv_H4^aN~QWSG=?^|(GT151X&6x8nem5EbYdZ;bt^?6N%J%srWt}Z0obcgh
zBHrRE(c0VF$D4x;?F7XQc4xLGv?=wZxxaA~-&kXfKK7DzqLEv86k0qs16K?rf=p~}
z?ndP&Gd9P7mEm2ZXn}sM(_vDUu?jL+n1$`f=$VzcSBvv~PQH=oXdQOX%%2l_+R6@<
zx=J)-DdxvG)d9;omuF;lYC;5u2}8}ya^=)&04q|-)BppHO(|AH=CqJYQGw}#7Bu0N
zr-WfilRNb&`0Sv0XCyh*;mz)}wNremWhv^#u>3~t(@9398QosGT1%EBUFS5Mx{Gmj
zk_+wqfp!o|t}OI2`kP*4l&{E%WQ@ErOB#Q<_KVACjV#--V!{@R$`K39Vag$&y9VG_
zBhcH(Q@gBse;!^ACB$Kw+5#+3g%j6tadjzOZC=+^#5Z_5pNV|o;%zlMR2>I76!^U7
zX-zXc2(a;kBwt)#B3ZszR+9$?o?SfC8(w1?$-4on!@EqvK~rfvA6ny~C?;J4Zk~>Z
zY=xKv6l=XA`&IyS^TJk4RKg?}#nseGU(wdhK0<lP1}NNqjYlF@9#(q5klr36zu!0O
z=Z39{j8^fn97o?dR&&Sus`fO^(+SPgvb*~BMJQ6h?$lN&)=g6t)zmjqg4(D(N^k+N
z)r_U7Q)vcFDGxbTQ&xXmef#2!@F|;`zq}+38FLI&Vu3OCHsu2rJaoaaH+yNSaWZso
z|3h_LJ^AO!e>l|+{(P%WoKoEoQ6fY?;l_2_GHth4BE2qHGS$_1Zc#BNEU(G{!q%05
zpevr@R)IE`>>nn2LKk_}Tri;(%Yy;SCL1;v6_Uo1vM?qmU@bJoSt}uc?*K3K(!9tC
z`@kh2q2SoU)KCmIw*rcKrCJFF_{P6bg<e9x%SH7&yYx*EA(qZ3^j>gN!Ah}!91Qk>
zA<(ltTay)+6}@9qa;*doH*^7KGADr1&r(w7757IUsVD9GVHjK?<#JABov1^xDA~k_
zL!rgr$51tBP$6^_yL!`-Vq{m520M>MpL4w>yRqERcabNJC<GH50JM1v5>U3*QA21g
z(0-kqB}__MuCc}|uS`rdM%4P-s%BtCbF33qGOUtZCoof#%t~>`a+{i<PJ<ht5J*f^
z0M3kwV1>{PL6RlS7pzI;UeOfR$X8Ya2w5}CY|y!quz3a3GE)MH^?1F{Ev6}Ynf-fJ
z4<XM64<0hYPqAVZO=(3(MP|RDwsMw^c!2?PB4OfkHmxQg3Jz%{&Va!@!x#aUQZ*%S
zMWm+{1F}I>hI(p<QD)zU%#x)ftw9=Zm}$r-7;TwV(%q;Ly=fBvlP1a*#-dNw3_C9s
zL6%p%WCqs&i-^NO*Eufi_K=4S(~4&=SS6d_OgzsNW7N`%w%ovB2h$LwO0}_~UopT*
zltQ0N>hukDevFF_>%qMdX`DZ=Q@X8rxJkai<Q@s;ExaMh?XUtWRkxZgS<?IMEzOPe
zI<b{zph**W-Q;PEOC%zq&|D)uZ87<(=2ATBI@&GNLH@DNYF4k~Hf&^2M0qN6F|Jt9
zbMm{EfTM+BtI=aZ&WTa+r+PvRc2xWJ7>70KybvU_el1le4#hbWjpVN+@e)kxCS_7B
z=u%`EE3rU3YX5P|poL-r6<5&pb!N>!R#nM+Yo%{qMn0nw(Iib=0+_u_RHAujoa3-*
z7nVW>8W;H*2lJ(~XwcvjMRlRNrBt4r&N6kNJB!b@w|(x#jj3=by<>B2sd2w*(~qLs
zoV_jjc=)!6Pi-J;6k#pdJ9v>govn$7b?sDfAq>?<t6U_U-kwB6bc~JZfJj=12aCJA
z!;LPkF5zLL7cSrrbJ|BciOn@*iXAkFNifjvJ4T1-;nm*5UqRgt?Rc}r*h{9~6ipI(
zI)yTUG+*l=y=uwJbW+f=TBD8T%(gz7u$wj+`OxT?kWeWh_iD{I44v_qX*a8lO@P^p
z?q@U0hw5caj;6U<y>v@&7>mm%+RONu4M6YU9&}^(#$XD)+t|q9j@<&NNt;*hA~z{k
zE8Brku{|KI66wNCg0r$N*dNr}&Ilj2(7G2TxyUCvS>HNuwA^hXh|#7%^Ek;)3vJL^
zm;A-mrDoD6xyX_2;k|K!8(PwOl^Y~ur4N%&9(%$%uuMig;(4mh12`7JkRj_NVUb%&
zn+@Gc$juR;hi65rWXU9vB5Ju4!gE>CENg0Y>jfY{;?%w*R}hV3;ZF9wwtyBH)h4QW
zohKOT$gB03AiWJm0jwGlt#o{jo`lA_5XVx@LITU&8c)%ssXPmcvPKj9Qp80x&S-M?
zK+9ADzyYl|R%|;%sm&Fz^5f&UE!s>o&%1J_+v$_$x43QEl~GTv>?@hA0oDvc9MQTG
zD_ZdcEP#COc-L08N`;A~h})tdih!`BCrj_ierYvw-FFAlSzS0a&KShak{u_6Le%n@
zZtx9;kboz>WRaV5rIb1fWpL*P6T-Sood$1AWSo@nJMta)&>c!>Ud=M`AW8Kgtknyp
zzqsj|Yi=aZI_iL?tHet+l}V_MxTOf>&eUFiU|FXA^>OTg>D$wLzQ{4VpG#w!)X6m`
zX(@^#R!~xF{j}SA2m>kanS@{<ll0>&&){AQma~#p;P})Co_tQ|MpIi`Ve5f#mjODN
z&6JMh)XubP3SdrDE5K~t$ms%Ls8jNdE&*@P7n_$oU>}GRg3yM5_5t+VXcNJdoLpqZ
z(s^^_!D4xnO<iq|ireleiZ4nb<y%8`$P8k-5NlvC-F(!<A2sp5?mcSaeb+yOChqXC
zt-ETav$k>3>Gakcn7kF04pacinv!ugP_m(=QQ(~qbUn>krSYhYPvD(-?_WzA03mlT
zt(G|(&u|5Un6*W#D}hI96R!c!A4?q}pnivp<55h^j_j0NGgC9i?Q}Z`ESk3B*eR<h
z&t!9!-t?c}(L_g_g=2=*IS>Eoty?w`ZoFlx$uD(+pWT3bdqcFts?Y6uIVbN}BJNp<
z3*gm<g65Ko{7cHSSdWldDveVJO4YUF6GnO=EkoDSz0w1qvA+~e9T-}a?4FA{ZX9$P
zLtUYSAuFw`FZse&b~T~O5PDOl@!Bwk6w|7fZLF090vh({;<j^t2#FJuF=CIa@ep#Y
zr{gnY$(Gr%WV;Mm@~I|gw68rRqmm8Y^BObS@ynT33r%Jb_1DAiUSbY5yt-me%Dm<Y
zqqjs0b@6;fbGl#?OLo#E2YIV6yVpo(1+l64kNe}FcYnMyFb|y_f+utQ<l4N#%^lJL
z$u;jABa@32uPSE3obAql_>?pfU(dZXPXGrB#x=7Kw$`Sj0Dz|bz&%+Q-AjquIpM1U
zOCiACp6DDr<2V>S0trNF680fsEY*$w^|6~#w<82V9419;J(~wLG9R6>jQm)$a!r(6
zXtF|LV|WsgOP=c7745By(FDedDd47i^+CzTfOfT&e%&R~1}B7}h+cAb7+r}KgGF01
zY^+;NT^Da(#_Lfd!WhYhrBKg%Unim|5*$8D12}~Z8@1MYa>v&3#zCS3uXU+lLl!d*
zTIJ0~kPJimwy&{^6R)W9Rqi!Z$_nQOYSF|M3UV)mSl3em8RTl%M11GTHg+$(%$)5o
z40hUENx*k(9YA#6yb#q&<Z{UiQ@$7Wxn2$ATbl7PtH|vkD!Z5Y8F?!z_0KEFAQ`zX
z)%8*^`Bqf${70E2?EVf@r2Tsw{A!rx1xOns+tIYe#!}kJ=aO9JM3j1Tx7Y%@k=Q)r
zUTD1GBPsT@PfxfgTQj(~rdl6(Ak}B{LONhSg$NRx76QfmXvG#0fmZEn#mWVs!zEGW
zubOM*8HLxD>v~-Hy}8Di7x4-gz-r%Z7EQc_JXT2^-*XUzUPGeO$I)!JnA1(k4I7M7
z$BGt;>-=9OT)+nUe<So*Udk!CAd=^cjJY(7S<iW0G+EUmr6>JZ^Lv^x%x9#zt@$SA
z8}es7x4<H=N+htkeMfg}eRS64OVJdMF7u-X|Fgw|tPBS+4M*@>Bz!T^nOa>Dc${c^
zNWE#-5L9iaeUVXgr;NAtcPaD~%8DANYllwbEYq2@8%F3Tk~<oz0dgZQ32PKX=#~`O
zVekh@IT^dr2`muqwq!b6szcOCWRBdHdd@bBFuV1)nq;FWnxfPR(;MN*Q2(o`(h{!6
z*IZ4QM#*F$FhsX^5JpHaODJh=!uBds)MX*0uKU#8GjW`gTSQ}%9*SAZc7s3)sZLvt
zqIl89XwwcR0G`smWzjznQPfQ+DXML@)(til6U&c}G44j&)MHnwQl%<42CNe8jzBtm
zxU#jmB*P-yPQ7${mW%_FaWBB*nu$8s>)xPz?LMNa_XbnIHc#({CNVIsk#jXp8Zp3V
z29E!7&dL(!Zno~{Tv4w{1;d$!H=W_!^~Z3I$&S+zx|Cco+_ti!6+6Rvi1W;pO^H5)
zRwCtd9YJ{QI7816OhV&9xFF0?WX<sI&xwlvHViL`o{4TWV}Bgw_G{D=NqL}?G*n^9
zTs?KY0NvgIptYbjBLHN~#Ruh;Z-JkRIr%cKjHE-6uaIeC(txN4&y%c9F@6YHsNz*I
ze13}|-AWp19yKzc$#=1#MX?ONkMTlcg<Z2r9L~b1-bYH_F-rCXX2)|w#JhsG%m+a%
z+67sYw)yc(J}Vh{v7~v<G6#qmU1Ni7rd36gC7uP8D87}k>R6JckQG_cWXW?2k(paK
z?LhuSAqGX27_;@r(zM6AHmzQsO>tM;_D#v!HzAl8D5utazNxyW*#Ha;s<Uu7!M*-P
zJ6tT6T&}FolIPC3%=80Zy1XUbOm(r$rFbBzAP)=zk(8VYnFTVYVvf^$NXkpZswl;Z
zn<#m+CUyqk&1!E+r1lJFb*`qjsWkKD3sTW?!74?E<n?OCyr8E0tuZ#bbmy_H-P!8J
z_JubId1oj>1`^1Sb5SNH#M6`t#lmrF=D*cvW1UyhduYcM^~B--?z^|~#nz6SXNG3;
zL6lkgz|%0un<OWS(5bH{5vJWym0<nG%ZCS^ju;HMy*&s<^;LsF)F=?1vb<88yY$Ox
zCqV6#yy6JS2ehF)%WB5+2H&xnfRGnR?JHyGm#jk2FaUiJ)sjfQs<VpbOw=-4dzaJ4
zoP_Y<nz0YK5#kP6dwct^g|sc6m<bE24JJUP$+%6=?a6CF^VkQLXt0$cs~3C_8tbFh
z!*5D^*AhU!{Zr{w!r%3X*setVuTu=T=`BxBQdY1$fafK0@@2D5aX@w+dtJxtmoL?P
zY$}SiP7FuGU5YG~gng(=>V0`4Rx2gQT6%Lrb3f~fQXTds45YteVE{|q2Qrj99tQJB
zdlXt<$7z@*p&iTYx9jr5&SbgdP&+KPtZF5olDCE81ZJ#vmTUuEpn;OlN$w9^Y`3nJ
z&1>v)y&dpx{S{)k(;U+Ak-!-wBI9S-Q<WTh<8Q3)skcl(<erboscWx{x6a{X@~K8!
z*~C37?>T!o*BM`v2VN~FI$8M~1jzH>!aqT411eP)X{vKJ5ieDvGfbTluV;|jb4F^O
z{v~7;8zu4tjThUv3lClXeGY)Vab<(_y&a2&{!$BBj-_JQnlWI((0f*&rUuH+yg(b*
zJ>0Fl=O&Sply#mDPg;~{Mk^{=6*9-Q<+J7)#Xa0TqJIMa6H5sVundhoOD2ETVqV^&
zG8d&C7*lS@&wovLExcQeamkVZ`f=3i*Dd<yo6DDDhe<tS1VQ-R9;yhBAGmq=kF~3U
z0mQ!@98GJtUIus3B4Lfm^d*;fab>tR9&2x{zrJ`y^tX|kOTV2kWGEaaD;mW39c$Vw
z64tm<QZDayDebkr>9MOXn937PX&CQ%TZ@`JXn=98r`+)3IeC@Kx@1jJpw4STYdBJC
zA+Hc?UOqSaiI?z56K2;;>7~8z)!=<ul)bcT6Aft@hq0Fyw5&kgieH@e5yJ|dFY;Yi
z=jGfa^tAopT-uxbO18z2Q>T!-0>89%S;%?H?$2dPpPoSzVzPDH{iKo{Jw2L|Yrf(c
zEi(iJv#4n1KEFv^l(r!d)b`|voQM)yl+c`H%m9mN4zotBAfU5-EVf7XZvHOPQKHK+
z-tQc#u6gO|W#g<0s3m`W@oGxG(W;C-mXWKe{;M?&cYMr&joP|9SO{YDdH)&E(e*cd
z4!^{J`Rxf|%>-A})-n~Z-mzjZ+^{1_;msZUFR#=WLUJf&N-IK<nIv^aeSRaf{!You
zS6A;|y|}n}_3}CSt9}D_h36@`5skUnqwv_2KV4A7w(Sg=Frj%<M-eIy(41W6ys}lU
z{jy(@iCl+|D5~08z2Fe;!*cx+^>gbj9-@p~VNqAx^g%;Ils08bpvEf+wg#;MCPL>^
z^F1C(K|^sateu945{u>OQuEX4@f310j;F^)5X(%kq?f2Zo0`VB^_$uYZ%WA5Cb`uw
zvGI*~O&ey}l(6i1Lx{J4-Kw6sjn!eB3x2P$9Cx-wH_eHjVrO$2HSpc*-P?h?aYQS0
zi7(xTM66a=jb>>f&*A_sE$7&+4`I$4ocb_##VSDa!7bb2ujclShHAgoDe3;u1yE~%
zUyZ69txIf4g9oLLv~%02^LMW<UcPxXU8TFQD3+&%;JF{7p;JfOJYv?4`NFB>rSX^i
zGLs$0N)#d!i~btSBL?EP7>qoj6E(uSt2Nbfj7C!}&44sLv(kLEjLs(b#XG)dp|Cp|
zA^*mV;l_gcfYs8e!d0+x#WDA%B`x}Oq(MpYa09%n5NWsAu$Vbqg+Is!6-T=AEbjK)
zn!DRfuqfHYR-c*ki~)MLIctY~w|QggF_t-F$HS+ybtjb1k;Mkdf(e~Vjai#z>!uK(
zwvNyRR)#6Hr=%$PJ<r&}X9!&KeBq#Ix!7D9udZ##f200ta4rT3!~S^t^$is61%L6*
zijHcCXGst;nM}Z>bn*`+GpE@p`Ht!LLwZA1@}wdUOJU2TLf^tO3R@NHz3HdV6$K@K
z;_=v`!`1nRh4s*Typw#r1&21)b}JP+D{>lBD#`G9O5}Q#@%*kSVl)>TB#{yIgIT{N
zqyGGY?&+}83fP(ZSEH=VU{F^3>~Drm=wJ_5nLj#$-UTG~U%2NHs{IZ;m&-)*IED+i
zwzzFhF0Wr)U$*@sTgFdE1W<bw<RQPv&|wO_*^jK6ENO93SId`N0tjQgfU@zVlY@bk
zg0(k-a5d20h1$?~@wbaBLTfd8l`hk`qh!$Z@fvfSNB2-aw?qF7g+ugizv1&OKUTo<
zPOB~aSbmziWuyIAe*e`+2*uy=q=6m%-^F*ub6#;;iE@<Rp!JkBq13VxE8JmV#^gcV
zinn0QyPR(lZ1O@u2ZAxb%#~IW0&Z@{KcA7DJ?J)Z^E~+vZB~S8AK9OuN0%>eN)?)l
zui93Wh&*RWsAz87l>8Xa_V|x^$5M)2{ht6iK*ql{&2aeM?!(O29{%{&wH`AKZKmO^
zwU^W~5bZ^C-LtBsxm5Gk_Lm%MC+9IasglC$-`jf*OjhTvxPtAx!RdHyb6|W;+Orc7
zR&~5ZOW$wj$8G-={6=1L386Wmdh~EJm%1!0NN!h3>Ey)^G)>Frcm~h4Bvl3z#!V>(
znp-dSNwqF?t)rV4S3pIQfBWMTkmNpl_QxmQ$^W={C!;M%AJx0Kvp6$8wzw5T4A>M(
z%DTqzTE$ECCWplrU<he*YQ)QFkFl}8^4M6D-iC}Rdf~YbLAv)Qlfz68{OsRaqxhS{
z!@N}Y!{7Fz=<^?knmSR3-QaKTAa83Z@NK;IhI2zzbXpVmg)vF!<=g8YUSE9i>NSiT
zMz?q@lGRd6<=ezP#_!sp{S}<HJl1KKcieS3dHdyc%Tu@EksG$4bUk&us!sWQa0Cuy
z?{x5|TS}@L6etc?P7i6D^K_W}LhdNla~zG3=V-hmDlAy+99$PQqG7?M9Fu{0jQ1Ov
zMeQGCKBZ#+it#fkW3bn{tL_(FSvwhgC%PZoviYJ9iYSi5^**X0gba#O!~Z<nN@uVc
zK%+ivBojwNS57sp;q|>gyrC}46u__S#5{q*xad&(NH_U-V7NjG$>vZJD$S{@!`Iv_
z<wJ1hoyVFSjBi`E{ar9i)H^7>df$F@zA(?QYi4WCuoRWZx5%vNd$8@azk)kngaO-{
z6@l@~)|CWxhV_{!a^qBLyOeg=qyJ24_4_pG@48isbVMSXy4j5R<x4GLnoKmQ7a56I
zWn^=u9sER3FJErGF-2KDh;j@_NBfaZ1daZ!n?yRSjeJ^r?;7@Ar{3Ps9`sAZR%so%
z1^s>y>v!vH!B1=JZGTDzP#Ns8>Fv!{s0=&nAGqX4@Er4iHe{%YYd8)Cqm{Fl4$VbO
zYqsVjrT7Oxg~l-vb2l3Au}D>xsaX-ZTLw!5D-4I*V~M5}EwBtcNyS6{K+DuqEIKO9
z0T*Hj7PFn`&^!adb>P!gf6RELv7a?Uw4-bLT_t(rlvHd)u?+nd$1au=kyJD@r7c<Y
zz?ff}eDdT8+8&?$=}&(mP#`R2314-I5WMRTPoGZ7|Gs$R3+X4iT&_gKDr^x<h)Y<W
zk^gc1_1gv~RsZTGtdZ!|8nMGUB`=-uJJ;4nt7Wjl62K+T=MJ<jmxePKz!AP!ngZl%
zjb%K5BoF2kv<n-|8w|6A_t=vJx^PA^e#gjMLg{gTE{VZVE}2v!zecad7d5L(GA{_x
zew~pKHEr7-BE6YSF(X}F%LI}mF9>Xg2q$0bomZABPJ;%JX&4X9M81Go3;0Kb8*Ic<
zo5i~>0v?<Ano$WxXWx{ytiGu8G>ZU^ZT0r(#Rdh8?bWFnrkr&Y{;-;(+bJO9Rt>$|
zrljrW%Oa?1)4AGDG$*vK!~|gIO|bQpyw3^XDxU%FaSV{TmY_D<<IKK`r5uBG`#$fX
zXIrnfpLP_@OjWJersj0T&J?#b0LN{#K*<+5E72YkS2T)tYPP`;euXl$I%CwXmxL}B
zP+jCcW|nfrC^G(2gJHO2<m%NMhye$YSczg4%Q3kz4ij80z(x$767oul3K0DiWj#UC
z0)s;^$z+y^#1AKcS0YxrrbwO=c!(?+O-=P_B^DJ0OQ(dqP@8ei6Iw+TGgMEfEUlGX
zt#d?|jEFL22#-G}i9=AIL6O@FP6Do4IOA1G%QXrwX6_WT!ukY}BMhy=YK@S6<rnwK
z=z?~z&aOw)e7e(fC1Ag;+etd;I33%zZFP)}ZQD-AwrzVxGv<tK+qQ9Pec#!8-R-L9
z;(f>X3!eIow2K=`A2hMf$w~5IwC12dZVv-@OhMsqn3UkY3|y&%tQzzE1r2sp939np
zI&Fm&Xi)Aee-t;}L<n_FI{|prl!Fo`c@=W&G0b}c+{g%5pf;(L=x$)U$U+ct|3z+!
zwH$Bc)eCso`qDPu-vHK3vfJdki;6z(z^fBwaqR^zUNQ2i5v}YZsx9Wpa-T)6VdbBJ
z#^;W9+6m54nc2{lV{K*a*}Q1O>$M!meU;7x<pRgVG%i=lMb2Tr)=TA&cWGP+D%FmO
zD_sfd^^S#U+z5)zjuBOPTdUXG2DG+o-HtgHd54#-H!1^<)!6x3v4iN(Jg&4xoyRo=
zG}xzu7Vr5S#HU3U9-`~cxI>F;zuUsvbG0v`W|1z`Hdz_$@apt(mg)Lys?C1NN#c}f
zS*Ji$Rum0MD63T!maGlSt&dzXz;C>~FsqcgX*RMZMt%V2j&ekbVZKx_Z)v(w`|A+r
zCr7yw%B)_Gh8s3Aw*KbMYMMRxz_^Ow5|R;S?NoNBfm*b+f<twF)PecHK8H+Z53}H`
z1NGkbwQc=u>Y{EhYl1lzKL({|%^$EE7eu<3k6=SkIn}Lmx*#U^^*ZA6(UOAJRAEtc
z-L(G&pyl|po}3ClsjzD1MY2yZ>nl7P^L5M$QHMLREDOE26PYRukXB^5O!L@BCbwL4
zzUS3>6fEH8ulss0V22~#aW-L{Dg&n5T=8IXBHCG28(zEz9l*f7$fKWar-x2aDy4W+
z&_$5e8W_!kXH6=^>VLs-Cs<4W%9a55RPb2)nr=Fq50;~tH}HU=u3Z}$R~I9)M3%s?
zm|cnez{SnpvOcmt@vp{f)hyuIS7v{XtvNJfG@3@8U#4)?u|>i^Q#zjF9g3!0SPVq-
z8)XBsu)Fb7O8Jf^X~cpWnCeO`)B<xZ8Z{KdjuNXY;cOU$;LEpIs2hk_HD~W)OVj|7
zIVH609!q>mnW9LAHz)0o_1N|!{JHXRw;LB=htY-1V=Xgl{q`2bvm}Kk#Px%)Kf-EK
zZxOjWEyVEYpVx-I_~xGYOx%|~7dkAX$<1lSebF^>fvu~<$VGEBJSIhI64=2|du2>u
z^6Eda%opyU6<3KWl-P>ED<zbg`qTq{RMFFoLiB0K_byTu$~!C_;-yP5!dy{h+R5gi
zZ;<iq=TOx+`ZZ7#(jqsrM^-cTSD}K~BWo%5XiKqxZAPNK9PQ}nzn8l99+^7VW(yFn
zELP_xBs_z2sKIQT9MX@IJ7=M{MnIw|@O0v8>KNdz=SirHC+W;YB#F($tJ$SR9W`--
zFQOWPJYWB?tQ`rBZR1qJZr0`!v8;8s=isq^CWK#XN`_|kTGQ=_k*#8Bz;+7cR?PBQ
zjpb^jx22L1t_myt1{DdvGVgKpFN5&E_9yg;FuoX;98h)q9bLKSGI#j64HO)%UKX{`
z7-kE1eljJb$+dRllYWU=KdjR#;L5!#<EO~sNj@~}%3F}TjEOkEaDasOb3}Ojv9Kn=
z&{^^cfAF5^*<O83W&5pFMlPklsO^)(cgnuuWjh8RwUskr9l^`p7U4w<hN5(Mu9hVE
za!9*va4c1F6S~1_&9Y5Ujhc+Axin>$)G{tk=vdwYB1|aIY1I?MUte~RIE^n)zAR0e
zOr34<iI_QcS1m2-@P1e}X$D5-#Hjj(2SFLoTSTsI?{D}P8?G|E4Imy`2z#1v4PSLz
zbh<T;JZKn2yP7W0z0xt8OI%=A>Acc054E$z9uX+7b67}}w8xNO0|t9_VhXWZ27yZ{
zO2z!C=_fvIa+yl6&PDXfelqY<g&Sj&kJF|Rj)S<)RxQ;m`v~|9{aMVDY%3ioK#WZp
zUgv5hiR2n^?cw41)7$jbhGw{?HMReL07JsgE##~hYg7Dt4j1>I^(;7tr7i!yJN%Qq
zEOaZ6mYl>>8ZX>LOuCKIH>qMvdm6n|;o%{LG2cFIZDSuAuc=dU-tNy|vPp#k^Mj?d
zEx!-nCVs03#`3LXE?HP1+lnQ&(`o9Np2yK;tlvf<5nI+i1+R^TS`as~tXRA{+R@IA
zH4fnwb^mt-gV|GYy`}|}f8|fxXC<}h{_<K_A_{M4LpQb;>{1PP<)!%(1!Lik>8iSr
zB2XovP-5m<`W3pFW3Hx;Bd2_-t}x&kb6J(I3L5+1eyvM-?)mm~dP_@6y3UjR`n>KD
z^b`z1>f!wyKb<~`+s@0)&Gz|T%<9?F>3ZW8{Cs`y)Z5(E7tHgS*8Aj7963GJ|8g}E
z)%F6Lu8N?d<SLma26sZ^X5HwxJU=?IA8U;Miwr~cD{|AnIHn`#4YPVoaG_gY>>c;o
z?o~yHiZq<`V*C#-s{osU-jZNxQ>2vV#{u1Vk61O12vAbl7hdHZ9lCN?wpA7a*`K4d
z21UsV%O69EjYAqiXJc08n^~IPhhL)Nzr+;0VwF7oA26K%n_d!2Bc!zCYBY~boxbVF
z<*)gdaj{omX!J8AiY<7$l3r<u{g56`trrH9mUXp-V{Z9bFJP0%YXgH@^S5^4g?=gB
zbAkRUy^O9|P>g|jQjTVEow|*PT*jl1T^1a4?YL;Uv#;SdPCE+VmKJBTH%O9^q+S}^
zMU<0pgy9;4NQ)jRDQ`?pz93v9#2>$D_~w+i)>0B>8f<~v$B~AswVuWcRA@kgWHfBh
zZxlN?<p`}pz=;|8c~x(LDx;Ogq57F?#&@{5CK0^*q}(ovoYB=b(Vsk-jjDxKl0TX#
zRd#4jYNjo^qV2F=t#^Z$0-j%8JZK{)tu#yH1!?OxtE+mHaz>tjresnz#-41B(#}1_
z<zP-an3XD)nmL#I{UmnU6R~x979C(@oI<4Ov+<87=g6)~tIp$zTQjmfc|L95M>>T_
zVONTc8vC=I1iJ`8qL3GlK7CGuQP``b`StP|Zi`h{ZS%`&hlc8A)rxv{q~<4@S@RZb
zpCgT~tvI3Xews7^obxlSRAXExGu;^UuTPDr)%Hl*#e!>F(fdz@&qImV-aa>8Q%Kj>
z-cqlfUQuSiSRq<7W^(=_CUD(iWT@yz_|looU*umC>suM%JblzW8Uaz=YiMQ?Mv-4p
z^fWJ?)K?WY4x<=4YKQ44eb8%Be?`e7692RHH<KJ*k8lr77a-TYhH;g>Mxz}!kXjCO
z61?Ycur=_6bcG@c%tdc1c6&i>&{Fb@l*bZD>ZLBWE~;>DDAr_!mA@FTjcPRFp6u$L
zcSF|&=7fjg$uu(qcAn|3tEGP%vb+USxYH?&a?Ziaw@;l)V|LR^J5Dd|nOKIo5h-KH
z&4-WM<j*TruelamaTgjCw{s8rlVyI%_~q4OX{yX_G^0Lm&B@_zGR>b}z#{BaeRhY#
zXHvK9Ef33@CQgaW3Oz$JTG+Hq?I7s6;qaM{YwD0^?K`Emc&_kf!b)}jC<mm$2fIC2
z<Kv~-{o0;X?&^Y+ScPt<VWB8<|AuPe=qj5U*Yx_jS_F-A)|FPdq>&_%Mp@v$)2=i}
z^1e^=u%lTkB|%4WMYZ2;A~5DAskc=Z3?kO>)cqQ>?3La-+euLOa`^mxC|MrbYHhjd
zbhO+!8{CeDM23C<CW3gCas{R5YgtV_WilnROL!($9jROmWE+lTIBs!9knb*xLK#P~
zYn6ar$$CkVpowa9h+DJm(Txm~BBy9JLA{FcjXJx**A^u*a7lZFpx><fZEz5Bol<{$
z6_vI<62CcuQZ=oal1*8yk!yXn&RWEeG%bD5`P<ZoyU_UlXKrA`2#YSQ#Kb6^8Xf)U
ztZLo!#&>vp(jQ3fp$HY2T~{d=X%4uA=2mo{ppG$3u0y(i<<AjxMf_<d*BE#YtnZyY
zy>);6KZ_9l0;jx`0W|U8bM(!%gkYZ=j%;)7T7b^IUs`UaTst$Sx(80NTH<5M<-ULK
zlBJAZ|2D#OkvZr3M$g8$ZVz%f47b?{w)}Og=H(ch<%yhzL~vZ^#*{pb8qQ~G!6Nf%
z>?5*l-wXISQ3w<dRb`2<g7Rk%J8QwokhK_M=!u;hd+4$SU1<5AE|?>h6N|F<_W+{8
z4oL9b(D;_1?XAV8Du)4}4uUl}tp;cuf3x%V$s6Hoi_BD6=>g$Knp?Nqy|cs*bg4_d
zvQ9Mg$UH_+q?3KVNNcFwx$r#o^S_wWiIfsiwt_Y){P1n9(;BV34@enN`*5+I+_{;3
z@lpvRrwb<v&<|4g1u~E<BOVV&V!)qN8AN#@%2e^Rn_a*tl2F5#eTFYR#s(Vr-*IT@
zR3}D)%Obpos<fcu3B5y?)K~tROGsNnVtq3gVXP0wT&IdJ^5x~az9i*iEzFx(@D~iW
z?`G_h5j3~$s*w{3^e?wuVm<{qVMS;``E3+<wK9%RsGu0L=nXngC-*}x1+j|m@tnHC
z7%tM>C@u4LZFOUK=qc8tL6*SPW&-k;7-{O?1av>)t--2wCYe+FnOnTCg;pZ2vBs46
z%jz?HeW4#45sw!R+px28c!SPqk}tRSX}r$Kb~5BwO?ieCOq?bkOmG{VrIg?R^Z2o3
zVM${)Xn!{Ofvr+-u|YlS5Z*6{dF~|DA0DVi?-TU+!#sXvn=-xHuu2OVj4+efM>(HJ
zFJHPFit@2?orqTyM-S%i;>7xoCe9hE2sp`esSj19^8Kl4X7DqMih-$V4$v!Bga)cg
zJ1RUCG#obvqlALrKGJ%3zhU7WwS_wzHD?k7m?Aah^OHhX12Oja%T@SSRSX49phK*d
zFDmF8ON<(e_Q2tTwnB2@A7t#I+DGY;qRmydUPp8;`fTnU2-@;$vy8i!FK$t|_w6`<
zX=bveFJ_1y4(*|L0}vV8eqYN|u-gi%iMG}WVq9wyW-gLuR>PF8Vy33ow3yyvE4DgY
zt}ZQ)Fl5s9v5!JqE<abh2!=fHcm51nPxM8vPBHJ}^heqpb4e=VIb#f`=B?jHL@&#0
zPV76S4U>TllK&7hr;G!ee>ftuKf;z&yciWjG{cmPZw~#Z#0{E_W?*O~%4Ww)@T_k&
z2?WZ{C%l%(9hK|1W9xqzL^Jy)6Ym2(OPBeK9f|_?LSlz)h!$xJJaz(_jeobw4{-eS
zslq~If4gwe*LTk@f3haEuqHgMM}3@iZ%5ib6)2MO=VsJ<n?404(c8!wM?)Ne8D*w}
zR7QSWSwC-s7RjZgp)v;8k~GlTgUpM<)@4*>q9jU-R6%Ou`G{9VsMqS(gX>YE2AXvi
z0!qAC8y-^?XZQhE#4O}qb$he0se*qjtDL`#Cyj*WESzbsXVt+UTCfO{5qUZUP{bEb
zPJ&d|Q7$wx5U#=rYaJ;ExfN%+11}~+MR03i(b=hX8G<HVket}BEB$$Le1=9M(@LnC
zIfpMp(<sDpsrVC8%5hS71a>o3y&`(=s(u!5Q{aTyKvFQFwcGoESX+vpbr#5#YkzXj
z3F22YI?;dJYz?t&E_{T|Ci6R+sfz|DaH9_~aR%^w;~reNU;{rOWTKw|isqNCTWF0>
z7!G+BGO^FgH}fq{MH1Y-@bXErcQPZfer?Pq1)pW9xHZ>;`=f7nhcD@1K2zBOb3<_D
z*Q1y!P%AsQne&i1*z&b?-5$=BYOoq{4Ek>TGqp`2j2<1{TE^xu5;@(t3IqmNPw{P*
zQ+0}#mAOgxm2esXePB?yk~kQ@oxQf|<~lZcej~zKXm#NSJ$4y_JI~$+r5)AFodisB
z=+84i!$9HSeL`~#Og!<CV^3pen7e=x%W>lzpc%K1XlT|L&_5m|yn5aQsxpejE;1&9
z@dNf9UwhRbBM%;}hNQ_QJ|7ojYAOo0Qkkf+xgKqlVhT#&jpRwj5=X(ABAO_tE@vCa
zT9Za0vg9zUGs)zP?V-afiO>8ESD5fvplC~=t>Y!&Q!+++HaBz<0#jW;G-`!{LUPqe
z%rrhu4A^oRjO(?Fsmtx~rGBvPO)Y?VHc%rBPNXxjZ#l1{R@u{;USlzXXR|~tSAQ!s
zIPsE?stZNvjM%;Uh4hN};wkzoMOw8o<r!VkYtA=coC@+Hf|TpuIUO35{w9~GDLsgi
z2y#>JnhsoL3r>oLbzP?vW*ThGSzhwHpXtD)PhFW%JO1Ex#X`=177mtX;P^5Iu&~HE
zDSN{GENEn?Y~<=C8Vy#XR+hfv<wx@(QgUo~_<^49RE7P9)re;BLO&A$xx4zm*-)@b
z&*Sy`SGbhjrdgVg%4ly<r&)N=5BIVUlk96}_ipjCa%dxu{Rci>1-RngHS7o<QWX=K
z+U<s4CMK2N^-&ue(Q+avn(A!D8G2jC=AbyqFj<c8Uw5IpdL*}&8#<pPQfa_;Mi{dc
zMzkGkcv{jbK9%uNJ7j5)SF$H9j$+gNIc8as0eJiF3wo&J`oVL@ZdvPU!-#?vjG6>@
zM0!;ffqvJfXWz?@u1OG0iyPl{=jRbg5(}~dlYq-(zceZ9R*PrDNG4F_kw6q$6cZ-+
z)6grcF<5$HYvEiv#TzC=AL1D*SoPzNso|{U<-d11zvu1s^os^9_PR2GcdT+-qDxqr
zE`bt}Vyj(GV5Ii8iwN?mZ2B)nYE;zXsnm-F49Z&UOT(21QINF07@_rX6inji`pim5
z!HTUE$57WlJvE&fb=&O!IAU42_V5(oI(aLG6pS5M_zF)RPM)9Fj_o99^n-i$OCzCa
zR$;ft8q6a;(&dSA#K=j(7i>yY!8mt&h<4osWlav4XL~(i46MG~_Lpa((_>Ct$MV^z
z?8u=ahBvQ1;UHi^3w~R6d?12T5kgZ48WrygA9z>twUBycmc%&Rplq%}F$oaR`RVtm
z&A!yE2Tl$zRGg2<?z}xW#w&zLHIWw6jsJM4qmH0og5PENw`xnZ$!x#Jrx#~)+{3xP
zN+pako9FM9iz+Oz3rb8`X0Q8rb-6NQa$A$g5uy<T$KH{Zrsx=kJkg$nnXk6<<MD+u
zJho9)IcL37H~hS|-IK0B3Q5%8_?sIr*Ys*bljsF<q8xQ0zDQ#$Ud*)ZM#i4R%-6<n
zkGe0`!A#+*WAXf2-?L+u5@VpvRL><@=%Y(SsVrrz<s9W2uOj^29%J&kXCzuL;dQkv
zKwcZOYAQ@kaOm{xl{`*}G=e-U+4iBt;GaBBxH@(7NR{?&<sl!fgJ`rQu1o)!5O#U#
zfRKnz&GgcXvb+|!g65Ry3n(LEw1Hq!i)Q5}*B42p0xr^wvG%rDT%j7q83ccP6fWNH
zx)L^QCAD{&t0T~8T`+Zzu{?4MgYzJRV*Ds}>M85=IzQHF_3bTl$H=>k&Cde*IfBDk
zOb-_p|K5n(LV`p+|F}lr7(CXFr}cDNISnr@2Q+dzT;ZJe@Eko^KOzydLi1R)a+#50
z`@eX6CdVy76fcRzYHt{Ff8_@oGj-w^A&#y9WC{jm{h1{2BiHf5Y2Snu^vFn=ZgXN2
zD*B*;h>$@lxE{pcQttO}Z>Q$O<^cDMY7YSb1mCtZbnfK>7+<EMmk09}$&1K=Dm4Hx
zns|(41k9D3mTN7}cT@A1=IK!~{=go#rQ?h7YTK$gt<wmRpQUCa#q8*Bo7fXpk%CI|
zUjhBQNm%kOAO?0Ouw-G!m@0ECyU)<^8;&RY-Cr7qP=0_g+v{tTfIWUe#1A4`t;L+?
zc>(RM@(5aNwU6w+o3b}%=L6s^GTEq=rY*tQwJdkXma}DFl_`G~h0!6N(lHKqlUCj|
z3p202lDG!GhU%!fE4g$8v)FMWBSn*JYNwHuYT89MhEHPnhu-KcN!q;Xo3>`XiO9W6
zpsjr#=RhD7yVEu=R6-H|do{gYc%+#;TZeBh8c9kzdJK3xy=?nl8%|C$L$UW7>$ycf
zQ-zq01cE2k)*z;Jp;kY%N-%<>^zh+8r9oE|`0}P11T<)wVY+_^7-61Hyx&=G5{^wR
zid@72S03?O;GC_Mj8i5P?zMJG!;<>BAt*jPQz;@~V<rHXAj7`(HC-w{z^S8s{EPwL
znSG*SCjNR#iC(S|8l>9jgmxNHMr3i*tHn&s@0z2P^QFyut|4fZ@80JD-Chm9_H}v3
zpUU+o1%JGN0NUFqeOq6%HlU%1=kamKcvF>6w;{5$sc=4|%iM!U&XjFk{7%RfLA-Kd
zvmKe+>KhMF`^@LS*=hYbwICVu-*Dq9$H8eMD@)aFbL(Fn;rUQepYP|>qZJRS?|02I
zIGx{0K}E{LNFrb=AVAd=I04!E9%Six!Qo}qB_5O$4R%UG)eio~8OhDHukRE7Aw*4^
z9sYI;vvyDW-AdP5S;$|S`ixKPzup}tCk0yo^snL$Ilnb;+*reFg|kOr%6m6UZ~RNz
zeE>N6MQn|Csl(1?7THY*?OIK+jw1OKRP3EQf;P(-*yM6Bg(}3r@SmKr>WTbbK7usg
zu<90^e+lsBtp+7)E_6A+5wMaPA~p9gjOMpEn9@H<+}m;-Qlos78=OGSe~_Sl)zDf!
zKGaG!5mPQE-X@y346#V5HA%BsVV|fJ@@<y6s2z7imLP_F*|qX;a}9W3qKz=0rsA*d
ztMsFE6hA|0iO{qdx%#_OUDmCC>R1CR++6&I5jI}|7d@@!%`Vp#NWL158#Yfrp^i9%
z6bgK9@R~e7z#G>$?awk&b`cDH%M-rezy0nR<Cgv3X*K5niN{hI{ofQJe{3hG*mX_c
zJ%*Dg6>>jLk^Fo8zr();JfFC~-XBg0^FB|JzV9CH1%1DU%M=9t?}n$p4@Vm*6~13y
zd*UhIJv>h;O~uFkJ@0}sM3SFfZUi)EUpGXLf9XAK>yJKaTcgmN4xrVDG@F!6eL_Jf
z88$!t3akhRJa@cP&I|Hq2{5BSzFlRInR?Y?VohVtizUlaEt)-wx*vX;v1ELdI_mOK
zHtk%9f}CKonik)3zm8&$Po3`yQ&Tj$<}ct`9EI*aVrKi%f{HvDX0Xd&bpwZ1qf?R~
z$IGPKvljVeG=B|FR$b@G=J|2>g2$!T%4S_PUx9>QVxFi`TD80IzhjK{E7_xz7eLN)
z{-}wpHKpj<KNbYP_=)*N5qfr3bRr%QltUO(cHUHv!<Kd4wIiz;ESIb}bJ1m#z;Dd&
zr&5+O$)_=0C1jopwvmHRy|#8ZDhB4ox@d4v`9+=;5~Kkpw7B8au&Mewx_<AguIJ~m
zvU5%P9f8HHJ{I>7;<^*U0+z+$ex!+wYkW_di*)pv#q#}WS2!}R3X11@0A_)QRqR1L
zhi0V~(i4;T(s~#y6&WU|DDf$OKok9xgamENF4bQng$&%6GuEhYJ(l>EvyFnV)m~8w
zqsDQZj+@jL16nh@=Wrfe9ExhKY4~zb6nPoD7_*tuS^&q^wR>HyeKmc90@31~xiNuN
zsSpBIFP|mVgL3shit%}on@%Sm4*WtuZjA>y?w=HC*-<zHeq@q>!tG?8qXS6Yh6_mi
zAKjbBKg$zRQQ7Mq|L!<VUQK2RAWZf_9l`N;Q%q@2)CBvJE7#OI8drir1{Uj3?B%BD
zlKZu|$&Soxgn{oAb)8<$NNC5|t+#Hk@yq{Z%bl4(jHQQ|Ejrea#Za_#@n7KNxl8Dr
z9yMJQn&SO|<Nu}L^lkIDnpdh&n#FzPckeEsA)3D^Gh&^J6;jX?!20}%9AMVmunt)j
zDjOv?`NOyh=u4|iVIRX?xD7aPKlHrd{YGwFmfl2~+(mF0!XB4hu_XU9TA9eYS>Yd!
zEka;)F<L{sv8=Q#86`%~=<sg}4}N%^HX#$G7ky5&8J$Tyq1|ez#xsnkgGIxNT*0Bu
zhg!POw2C0o=jtKI0E}?)cD)U`6(iZSJg3VVE7R!r9(vBPiNyFis|#XBJfr2B%dX%y
z;iSduSGhgYWp#P?txw;NThQgfVP_U5(w_i2nfLYbzeer*WpcThPH^<A`KdvQbFI$z
zO(9lSFxW#6gQZc_ZJ$UohttP5uhXq%{JcxX5?#jC9-5Jb2B!#jAv1H`Mu%b)<n&mh
zFOlkI`|NJmlLmhxUEZzvQ{Y2?AxTsEUB{yT+wL}^RjMsJ_@&95DU%52lVhemu(U%U
z@#HB;dhh+y$BowF&3ZB0R-y`<+Lp%#;m0BqH9!Bt9@#|?)4QKrydJIL8~ZrsqSN`8
z`3-R1f6$LTXlCBgTtgs2_(knD)He>CC0l=#Nn^;lCT25$n5mUpDUGU~E4+ihEa<{`
zx3;V=!Fq=bpSos-532qK4h`)gjTO{b-AXpT!B9?N_zYE)SZ^Y)8VIL|3_Dgohw|e}
zh87V5tDyjy>_(W22GFWbq0l58FEMx}uVceVY!C00eeKXId4$ppo6y}i|B#{<AQF~x
zTBwvkMs1<FD%!=Z-iq+IZOuZNwB|UbltR<9&a7oMt!v-N1aj~}JT&1=1(Ba2zynQ7
zT}J6HZw~@1)=qnRgX5nlP=;|sU$j0@-VlNmf%K*PEKey}$?S)O8Tz7dq;%~9G0MML
z=v!u$#C7ZxKBbtB5Q{<Wg7({smauzJj856>EEaHC%czXvB0KYkF@D@h(pM%N3dd%&
zzB}FSPYcRek8)5cK%5MKPZwibMb>gMSUC)i(GjC>qqSyebXin%xsN($G&d_UY5`qy
zz8lp*jLWwU`Z_avs)OSQsllnu9wC=1H$lynfofoVrqb^gd=qh8ewKs^j^%+t)%d$8
z^XzN4cbG@36`fk`a~-0%A-M|SO(K@-J^5>n|33fO;f@{RojTj|GRe#TSWmdb2f4)E
zy=nEZ#`9o_It}3YljE0Bz(Cw8$3u>*K=+f!3O|8cN6hxVA?Hgi1io9diK)e++e?h6
ziT%eAvd;nMo7Vwn+(&7hWRI60Dh8ggP#20j-LrY0JLJffv)&OKolr~TNdip;nx=t#
z43TAL8)vF8{O?I@nHbjyUUozrxcnywJFaXfsX0D!4sS`!E~n~g{VYXtwC|`y@+PBG
z=jIM5OSc#WzBKfrQ~5cYfA<8z=dnjXr46GE>{n{X)h_3i@>?8TPHzPrS9@2$0H`Xo
z&Eh9C{xm-}(bo55Si&~SLN=wH+$d2vZ+UP)3AD|fc|JMPc`yIk{mdIo+(ouII_>si
z+aADi1HVv>Ne6P_Z-VsY5Q{093|ScBTVE^_B5l<1fy@|dYGsJ4F6A%dim4{EvXiYj
zhKD8w*PgH#@tj_A)N#e*L{)Q~P5nnK8X6h?sET&m_@h4p1uLQy7Btg~Bjw+6ECS}E
zJfkbG_KSI-L}`w}VbW4rlMD}!VP!p<CDgVz9tCzVReHXkF4LLuZM*E@0SSLltzmth
zb|I({9`P{_ln)AnPcneH+*P+ro=>SlbOoUjEGSe28qk;iels3$)`{VC`_$HeQb$|i
zy~6gzyjskQJp_Gb%~@3x-hiAkJGmJb)*!H99ARVxb43~%g!f4SG!YJ0UUxGFWH4_*
zpR=adv6AjA#eEES6DpmID;-4lIjB(X77$ePGO?D7oMS=+_T+;M)M@4w{J23=rACGz
z<+tnI!SVmz;dJx9Kz@D>0%cRjCHJ0(KB-sFcMptZ-)A}S_5$rVP3{~!RBo%be65D4
zc7f?olC{;W4;Ax;BTE>@n0p*#84cWk704t#TG1a5RbAOGNv@Mvx)40N$1WgLWk6V>
zXtr>@A3GF4N{u_A;Vyb6I^|4%Kc6E<Sl58OGkxIfu;sg6z#B2c%?JXIWm5eZ%gN8~
z2)rqHO2223^&Y~H|H3r9abu?3OM0zM2|xnp>9&6F8n8Q@!qisJQ>QPvlw#8-U|<71
z&94lpckS%-E~iw_Qjlo4a(HQdYw*3a+NxC<y_@ZEn!Y0_pC>zdIj)RW=T~i6s(*uS
z{B->U2d=_t{Fqyb*_0!G?I8BKRS3+~WlmxxzAn6KH?Gcd+3Y&3x}ldIgxk1d@flAX
zJCuHj;Y7XTq)D?6bnly5m8H7gf|?u3+OZX)FH90*C@d3VG&%{;8+<W0vkyKI-%`)&
z!USGtjl8R<XRK+V$Xu!p`dZN#ovhMdwPp@ubE%WmG#VDecCN|ZA_#y}Qgk&+z&Fp-
zm_p52f#X3TF(;Wm2uRX_>!PVp=So~HW>*Q0tasTxa^O7G?V$&81*&7Y|77I)B>}(3
z3uWmDMJ@Lj%Rn_<g2GCicOt5)tk7H7W`iQn74bn%P>30NG)$Ws7x2PC3BJHT?AH7)
zUZlZgS=uRFK(wJT&M}0@OF-xMBA^a2Ef61!p{mO=Q8l=un3YPX!P}r3q$%9j%L7ZO
zD>#pq1D(|yt%?*a>|!NCn~D@@$-c~P)4Qx!;-KS?7f1@G=Ng-%X4YJxmWBh_9PYaV
zfGx7OMpvIbD5(%aP-30}#%tm5s{D;&X47!nV8;K=k)YdZt8DfN`G>=LUhqwL!~lT8
zZEf_)JdRSc5?ddt<C<UV``(Y=R%l)BZ^?&yu=fT!Bp*$m!#&K9k5pU}Ur~MT1w<=G
z0NGejOg$7h-cFxg?&d)U-yb*bpSz<6+x{=_*P+QW&f>gx{lKw7oO3AU(T%FfC%vqL
zl2Gq7*(L09XD?jmUp#7u4Mlq(XA#{mYXHo@f#V9Tif}EDD$i3}7=&$tX!F`J$D=b+
zb6Z_vB-_l?(tu3R!#?v0%)O^YH!~XToM-udOS@TU9pl2XG>ST^Ey);^_GJtkt~~0j
zCP|RVCR4NHu7#Z9rd`5H{J9S|1<54eUK}!tpTN3y>PQA=OqMs@=;3%*aD>>BJdf;S
z@yMH$ab%HLs^n@{<XkxmZUecTfN5G~8=~S8Sxf!s2y+~xol|<H^!lPI&fi0_mMJOO
zk|dO7`IfqRG<D-s2h~&o0@_uDnv$9-dVWBeKf_a#++)e@W7?PYeQCLR{tpZqHC7_L
ztKTJ(9HfsNCL$)tak~Rs+JpmP?zla}H@kiA_*A-m2X6YaiEp;n2sZPo2Lf@~PccNi
zt>U;6KVej97VN8yO8kY5f#BoxK4?$`{`XhSX>sBRT>tJsWy*xxdl0Sk<-Eoy0eMWx
z4g@oMS#~E_jP~jzbfpQ6XvWCFZoYqqhRX@I_eihx>?iIyul1@lvse)%@zX6}sML@D
z*|VwfNj4=NA6V8`ZK3>vZp2BF+kv_s<!c~4YhLqIv)bKU+HZLnrderCh>7s|@f^cX
z5|2`@I>!_wl%M6EZS>cg{ktOdBxV-F#t@t_W#}Z|0Rb^cFmn>EL^3a5Vw7ju#k-+l
z!_UhsAKBCdYGj?m0h7=2@)6m+N?2IP3j1gvh3RQ6a*LVDFQp#s{O?v{;zpsJFZr0&
zN;S@vI<-JGe|A|%>CO{DEkvVtiC;*`A(Fp<G5|Z&(^tdTweEO2_v@W7R(>&1qnxx1
z?a`>sa+H9eCjFn>G*>cd5k#EbcsWog`ukoM5CP{>WJBLxbSvIHEu6}^$`-toqA?pu
z$u=IUfZjXkoLRwKbaW9g5_v>TuU#G>q4H?cjZ0NBgvr-RTy#Ka<W^1G33Rd2-*k>l
z_YnM0tcfJdeCZ<mA~q8gT07eD&L8b@ao8~)IsCuO(8m#{bv+P>GH_mb!?*eThlS<;
zl%~gC|M_lo5{NPoiZbxG!cTLmlt<9YN2*Er^v38ib5NeV)XXJ(l0vtRXk#Jr?ZEZ^
z<JhR5Vx=J0jMBn|NN<SQ>F|FcHh>3nmNp)b_;ay1c1xtmH_%`ognB%GO<}-$^Tjo&
z-XCJyH|02>F1wK6rtZsHa37hHrMVC>LayF9KKk^WacCAj0hVQG&%Kahm#+th*TU~p
zoyumf{iE4-vRD_IBH<X(eeB;Q&04bw!A!OSmtjYP4HA#R-Q)88ZU{E%hJw+HQl4dx
zi;V7ylqhe{7c6WRynJTuF0-*rt#zSJ<6SN#hH7!O4RU;hbl-2PAhO3_)6za`sb1Fs
zx+KGAsry8g%H#A?_f{lhzhYDV_B48{W{9C$EaY~1`pRiZ3=*lG%^1Z-5L{Dtvdz?D
zMq(sK8A0)NX%(emYq?EJ3xqk1oOIsgdP#{+(6aDDg+bR2@7xTZ$Q*mYBl^Q5ZUYH|
z2D)^8O%yiInYlK){7gHk8Mv|$s!&WsWdm1O)Xm<%SH17AfwpvpP5x8*0YwLVQk#{D
z*~MwMoZAP~Es0A}nEWzQJpxh`A_?U*O&UL-f5_DO<bHqR>-^Y={MoBK+CV9mH{U>Z
z_j??)iRplnwN)+gBGXoCP61;J`2M0T^5BegC;h|&@v=p_uN$LXcgo<8{`HRD)AjW+
zX`((uO_oYT3)I=3{eZ3?7l-qnwmr18?yZ6Ib?6CV(cReEPMGXn7_@!UYJP*(;waP1
z{(~tTG<-0?{CZ>f&PhS|<aeHsh!nHFyBIHzyuI%9KICq=_XbokZ7uo}VN1yWn%q08
zt2*_rwHwVuVvNf8rng;tPJm*8&`Xwx_@~2Gu*pDok3GPz+x|Y9LPd3Pz<ZY`3Cz@V
zqB}LA?Bp8DYc=Ur2UVCyQhRaoT{B0_IeRqRZCn4Vrg78#)91}T;Q8atn9(VBONE%D
zU}_?)wdOeMHOExSYgt?P*Tg|~_*Hrx;DS3fkrJ&Rq?I#hpR=CAnl*0~X_wR_%ezhy
z-X*NFWj)g)NdZk-YWlHjd%0?5&osuXH7Y7;cq8R5n=;)BkQgJle~i7uAK&ic?|j{B
zgm>ROyW|pS%oP*VD;2Z-OKgu(c`OG1LfeO~;DOAFWT!pN$;|5BvxI7D(w8F98tdCi
z&s+cbfyVOsCsm4eq`6OZQUw>GhnMJYDDaQm4-q?1TyQ=q5R%sJZOr_qjOjPsAFmA?
z=sB=v{FOpY2hyB51vefdE0G8LoM5Wjwzpl^eWG}x)XIK-haP&9!PEk?`D&KghxXMz
zjJ?&|LczlIWp2Zk#&-nIs;N@*dCJXX&-Y!*`Nq@LnlDjyN)54dcf^~tR^37k{gcI?
z&G~Ku^X%X0(1uq5b*cATgoZZ1M6grFq(z))N7qk~bZ?i}cbg6e*g>ND9Rx=+#BVQ)
zq%hRoRHA|2V(CMjYjx=s`dvo8d5uTam%7@P#n-6gcB#d;csJws>eKIYkevymF%`Mq
zrN*VYw%5O*vsR_NN9AQha!_H$hTt93mSBCPkpFN58{b8&yqRVh&D~FQzxP{)1TP(+
z?iXmZv!vV65>1omH&K7>2sqd+7nbSUIS0jVB}^8K{to@KO+KkaDOCX#`k*4fi0b3_
z1GEvq`Qkn*KSNvl;Lot7tS?G#GJVHQd55lk^AN;2EKBcYO?SIYH3{zv-Y_cW-eIa2
z>f~O<IvdZxp62GAuXFBd*~cqNxNifVP~vAD`sxPJy{h&Z^ES08c({Ex#5RF8Gnv@_
zOZgOhaXyo(=%<<q$_-U@xCU~vHP5m3;yYc#T|9wTlGD1onn%|?MCi_V54N%`8PIsW
zbHrzD<{o{D{pg!eE*C7~3->S`mRtPzk8;b%+fC0`s4cw~bnUKk!~=D8b14Ez<x)AT
z0R_L%t51}6ZvH!Y+Mt%ORH{`yw7ZG3!yJ&9ANg@0?V`6nw?;<uj(Q}M`(F>fY%7)x
z(#4PU7{w~@FRnoelSZ9Fwu!YySA<5<nri9<U6wp%T>f^gRo@6o^5ai3V9`1<1+w9%
z)U~#OrHnPow6bFW=HS;6(!R&ZpHvMh&&+VNFZ)C|0aB;-zA790Z7yD3-uLsoZ=0`o
z%=_)e=^nOk-@AkH9-r4`LB7|!I{mN1(Im#{ue(FSsoamp(bZ#rA#?An0CO~D!`rY%
z)@)~nCEzo6#f{HZfU}vz>vo)pj~0*2&+a^iaxIKTk>7^%LS?`77ikh?@dB<tHs5UC
zmZ!_i%MR!@+S_w8$Vm8gGme&$=}UiM2FrY==v$>fkD9Q&7CU9}iF1`5)R4fZ&pce&
z?@Vh7z8=H^9;m(4{(#i&!==J~Yo(|iE);ag3FRE}-MSM12%inQbgU#4aQ&s3Bh#>%
zC1O7uo=+cFA4W0NsNJj5ImVllr!yb@jeNC6YRjG5@+|txD8Vy)6qKGtp%Sy|F}{FQ
zptxUWD+Vu7tEse~o-dkJt=p<S-oiE7l+&;Qtei@s25CCw>Wh+(l4eJY$-<$vz8|RC
zGB?y-hi_@tS0>NkTe&N~8o2Aw2Wu&oM0}JNA7^)AjJ3Eub`4VL_M`Y!asW_rH4WKg
z9|bw(!fzgJi;R-m9Jli#cDncCJk9fn%rcy%KOGv0Yt7itAqkr?vCuHfMgSi~D^7<t
zYBE9;VqNp~;6`>7EhL4Pz*&8nl{xevHqbvUCSuhXL+z*CK?)uFcp?K=Mh%4A`Enk-
zQn<>EOX(LYRi;XgG6$uT>Y24eOX(#t-V_(+J`zo3@!zU2PLa+$0TrxC4eio`=uZM;
z1BjyrGGb84kJ<ku^sOJtPeT?ZcsW0_qRw#-1Q5bzw|w`*%A0P^U>-u1IH29BQc|>w
zs<G8UU`;VbARF-%x_3;`S74>CWI~w+oUs<IZ>Tz%cPP2%1H=q3J*AiNer&!x{W_BU
z=uoWBV|Lmt<9e@7%q?|-)`Mu;k&#w~(sx5;ld9{qovr;q_eS#ddyQ<28Wou3N9Pw^
z;$y~Q6ci$x0!3i)8=pg-)haCSEbrVR5y;AAVpfy%jMue70eumuCD)5Q5$<tXzdB{z
zw9XC#IqB1qL%d6gq6X(bG8%?s12|?%3ipK#OTEBS*%Q1}<dWiwAGCKk<K%?2l@f)J
z*qPq#@W1J#P-U~H{>P*i4<JwqB+pQ!XcnqI$$Zca&BJ;--La;#yqgd3Q)ndBaduUU
z1!-Nj)&0T{dq~NRx?ys)(_amyF~NLY<F^>&3e2cH=;`d{Zuw0sbd_!$wIZ&j%jU#p
z8s+9I&KYqDcUYFroqCrWMWC`lgJVPR#5qw(g38~t9dJhSu_<O){6Tu?Ze09v$(($L
zsZ49)yRy{&e6`EJ;SFuo`TWSd^?tk66X$)M^iQa^eb+tsk(|t>gqSK;t&^!gj)<$-
zLFYQ$ODBc$-%DwGbacGR8jg%wV=zHsidV$=4iKAJi9|}IxVTaNdw(LBb-905r{JMr
zm#@p@2#gGBm!LS3lrex7Rc1#JJ`o`4^m_$U5PLNz*yC47-k%55aJ#*F&b<065)9x~
z+7ol|xN`GSc1%cD)T}tyt|b^VtJYyvrG{$SL%k+PO}43Ko6Y;x7Y6w_pT`rUz`1<i
zN+HJg9_u_Yn2Z$WgozQb+$PP6X&vaXep%ve<|z5+OXr4<k|S3DYscphff$;`5J`aD
zVYWKTbum+ijqlr?3_5BzvKqJ|JBzJ_GC_0>CSblF&P)76!S>P28td`=!!_MYHeGDl
zOcmGk9*u{TkO#xUS7IkSJF{{n6i!i1ztP!nHFcvG47-gI|KlQnH~)5daN)Wg6T4G)
z9j^EOE!0I*;sWCmNUV!YXdC6%tJ!eP&*IkPl+<p5bJt*#NUU$~^XZI(`vCarq~0U4
z_I2>cC}AOWCe5V_zj(qJEJ1-kpEQasPwKj!Nhw+ME<wGpUydU$c7OM-7jx71Ozx(A
zzXk$~>ry;scwIGbm$x77eag!sTeBit<04ywB3s?1%dMr$^`-0oO4mzD19_!^jM6|-
zX&|OF5KbESEd{)n0v<~N*QJ2dQosQzV5`&&8`_CEz?c#hsZG+9K-dH+DV%|v`BSPN
z6xGEqMNot*WkZ-4&f(p+Mat`j-!MGW5ghO-(E_{m3{Ic|BdGJjx1eis+)bjCBier-
zb%Fu#&O=`QRqWmv<_=TwRE}xkV;>)WMJU=1HRS%mv~ty;k96|LT%9(2rOQ_+BmO{n
zCH8RPk!*+0`*2$Bx_1JJyID}w2py(?<tJnx+sk~ZfdCG49bt1Tj|lPv=<zXN`am6<
z!Z*I<$@tmBI^M~9i`0nlwKFwrBi42dI^2aCPP1fhOulIQX0<66CoL`Q5vPHw(L?;s
zgg*9!vZq)Ccy$dczHJAl%d%8kY&)MWIEO>D{0LUq*55W3ZC<}7qhPXxhQS9~N`!0*
zF6Z$N_1uu&H^+5URPnv*n^jTA?Lxu)J*Z|6?{j=7P*T+0E8B1ws!-JfX*K?x6Qiq;
zveFNf00hKZlW^k{DQKOx_oPh_YCUn3%IyD$_W|EDcF#1v)-;q-8r&+P&?`;eu-Ih@
z@6QA}owg8N?<GWTn2`f>XbwLK%7uPZqoDa5a`8f9-uDw2?YA7DJJSyXf$8KvLSiP-
zQPvY5q~TGbrpVvu7{F<<dyf(hMEk7mo|*}nAs6TzD(6qm!tfKhN^nVP!wQ)pHYE=&
zxCfBbqaCTq%n(@^{#K@B*5VBvKdV1W$;yXm#H5RDs?l_E7e$l9y-=OpukP=z@CZ2G
zPIjao&jweu?H<p9XMg!*c9y;*Uk-mc%?|am8Vf9)8piwy>Wwacmcjh}X}d5lc+8x1
zlm0G|-Qt*NSxUn!^^OU_00U)Qqtdv-PWDo(gw+&kz^)<{^}K;CGH#B0@5G2sL9ViF
z!OyJPViFbiguExs+O=6y4f;ntGCqjf3!?#e_m*5^2kT9o_*P!=n4`d+&B4vU<<#qZ
zT94z&s2qV4>(TWWoq9t1#pq@B&C52ocYDzKX81F)t_Lo^2XEdf(vO>_?ML=)1Uwa#
z5Hv;^Qed~A8c8FjQ;$nEmPGg-+=ZUHLMmQORg0Z07@5EBW)0>Lpxsz=v!VJ*L+u%Y
zw(8uzZL64}CB<|3R9#iZD*R%@M0cYghty%tuPuXeXRX|y%@X{U{MD|KlCX|on_x8|
za*Wf#$fLQ?Y?h2chlybdAg37!>R~&FBcQ2Vuare0iS-5a73-X0S<}&&7nCT)&DNz-
z&BDw=uHG(P1m0e3h!FjuXlv|v0R3*-Qht$-VhkiBTa>k4?x!(@+H$pzxtyAOlhF4>
zby5n9XWuun-X}Pd@3RT#J+wB?2K4+~oYMq3q%Kn6G38l@^jC-d%fgQ&F(k!U0pAL=
zfQ<)gDOO>r%K-5a1}PS43dL*QLg=aV$W{A$)-d!Ld&6P7Al80{R6R&|LRPMuBtaY1
z4Cf{XRTj4r%jLSN==HG(3lrx{r4nUHQ|rt?E?PB~kP6ty{{`Z`opo5?&#=^JRjR!*
zs-BE8V(c(JHGjD=s~JN6;_ibV`?pFV^lO2(xF=ECQAUnT%J+(3Bo*^JY8nyAc1+>m
z;TvS$BUBJ@)446GCe|Y*5dO}4l>Sop2Lj31S+0|a_g>L&ARCp_XnpF{S+Q~;d`!H8
zz&|(}jq@olYi}r)n?@M8ewx~GPzl@}*K{OJ?oj4Go;Iw=y(cqPLGrv~t_<U=AYK&B
zy@)>}_OF$B%oaQ@@nVR7SLVkW39uB7)^ebtEQMq};}YR!VNVZ`O~;uyp%iUnT}&##
z%RC!ZWRQC_p(-o&VoBEi%a1+Q;7F=v0(Y<hY%so(i)YXbdXLA;CYo@Fjm2ed<FN~N
zcH6i)x&q!}ar4;?9^J8}VFb{jwDIShM@`@Us;!X*;Uu1;4$KlF8(d2~NI*IN+gRbo
zqyp}x>lEysM~>j1>8$1B6>?RQl<^+?4r#673wp^eB${!UO2Acmdt>1KBOG6zT7s4n
zg$Cwo(UOSUVNT!1obT)tZ3qD}Wo>JaQTyv4#c^(#c2Vll;`KZ45DjWA0rJr=!cisJ
z>gD5I8>4+zDcrltayPf8+_4Lemy)YE%y5SY2OkmonZ<=P^6qkFok^DF3^Zfxg$G64
z;zcC!z~e%?R2{g-^H#L!MI<34UaMe~k6DNdapI_BKR9&=dioQsMf3s*^(Y+;ZjJkm
zaGIepWidh#>P^+o3`{dx;NkTm@badS0NcFkIJvCBf^4k&HZqR`QH9U?V#(EksM7oV
zqV2?_6D+6%KycE`tK?=c&axY<0j2*YPa)I!BlRTf>xyti1E;e709`<$zlN{8;=l7l
z30$`eBVN5@X{mM5n%H~~|Corqicjz*g828TOJXdZ21au9K9yPtjXn5tVmZ(Lr~Jwv
zBuXN!GPP-uGbMDCTht{&tx)*~Ay+W;zL|(&$LNeWt)7*sQ$5XpneZiKN-8GnIz+gx
zvW}@K4f<2Or$)U#+lVDgezFZe0GwC`E=F<k7qbz%xJ9TP-)*xIy50`|6WL5-<*XE;
zdjF^XV&-X(q<lIVB=}DzC~w1Lh(N`8FySl1&_%6n_tV~Q!7GT}bO2J0_q&{B)%=%j
z?FYzpUiS11>tD8dvvgInE1`}Ts-%W--s$sksa(yaSS<$y#7{E-ML&jm%8YNfxo8rs
zEYc_rt+m9;^KhUSp__151K>zQ)495u`*&ai;HWl*JtDlK{1ra3X`uv`6icK!1w~dF
zF;~ySVeX8OAC{=-#~inSS3B$fyjWm~NQto^<MAPp$H=5$g=?=Zz93dONCp#*RRWQw
z)E>&C$Q@ewlqD?~uSY1_r(QTf;H(`9DYE6p7*cIRnY)BEt~l1AoMvB23-Fw!vsVn)
z<z4>U>t{Se0INMnpvsO)WP1mS>KD(_(refyezs6Zmx9-JU`eS$!tW4noeE$toRR;1
z*f7rMZ#Z%V)P(+Txk>~6&VR-A2zsVSA499FtE>9oALjSlJ?Y=MzF*`Y&-aw(=6T<*
zqlCFWugi?zcL$?s=KimDNalHho_EWX|Kp`vMehGEFI6@OxGpQ*)FO_k7r0bAZjON4
z{a+=m1=C(;O%f|Eqn#?>d&`tVWq?V0qwR4q+M-MvJxGe=5L|T0>{JaF=IMX9vhQVB
zQV^JBd#Cn-N@?Cg-aqxPr6v|L@duE=TC<Dk|0$QWa~hra3|4mH8xK#XgUPbOVW+i7
z{SDT;S+;CGPpQAcQ)tIOZ`Nu3TD=;fK-VayZGFBGsK6F6^B3Ix;P1j`d=08aSuDDy
zgVGo->O#Zm4Q8Woiu#w&?wv3T&7!-mzprr3L6&()@9Gl^e1Vozfz{*f1e(JyJ!L3i
zSnWE0qjy3+@j9IpzR6~tc|HW&x$ufIS(Mvob5LZ;_F7{4#ktl=c?glpyzq&BVk2#J
zs=};_{mVkP;kOmyMcB}F3zz7yd(~V%b;80=bD{W*i&vZT>7$P6$&Q%oCDHy)LX4kf
zxZCFFY9ZOF1XrB8tR6)H9^E|%jJp%r2_LsrMc>|)`Xb-&{zU_vVlobFq^G;L(@(og
zWg8Hm?|9#B&aKtCbt(RFZ|S61^J2*P=$tO%#r;*Czg%X2rnLiBYl7Y+<;qc0`G^gd
z6&$ghLi<D~AdNcVbSDwh%W&?2mESa&Xd9EN;<vUL)157TfsH;9lg5hwdLC@=v+M7x
z#tFNDb|3AV%mq@+R;p&}X-Fkx(=Skg;?f$MXUZ{KoMJVlRt1#i*IxXqqg!T)YmZo$
z0|$;cyqp(qGQIoGe^8-4Z6a%huaYyH&^0Sx2QpzGkDCo1mVdWYv#6o10)GE!Gg^_z
z%U$tc@D+YkSM0O8(fMZ;X4aHHcH0(Qrv_PM<qS&~H3bU_;gcK9G$~7DpwJ+bsr*w2
zD=hCQPs!wJ)~}~_T88*|U>FA9LH-Ipev|#r42MIrCskj^wrRe2TSsSGMWYU>sO!D{
zy1DxLzsem}C2GA`qkAJEr)m$D0<tM-rdYp(V%eN+1Yk=goOfi(&ytHy-$a^B*I&pB
zt{;P)<fNi@H8@HtrfIJs*;A9s`<(FBnZaRIrSRIZlgf0K>HxQ&kCJ<BuhyxSt6Tp+
zD*Y)q6X)v!g=0=;;^c{K+s4GUZQGbQPi)(^ZQHhOfA#+Ur@m9?ruSMKtGl{(?TfCS
zf3WmYwVUra_&y_*Wso8dL1lZX-Fa1%Ksw2%mZ?gbTyS4EF_g#$DWFz|i4--cmpREg
zoASi}LtS<<o0b|@Iy7Oy)Tg-79xjcc6sDwgkS(xCDx=gt%QFCf7MKCa$hvtkg+94f
ztS=*#L8yQ$A5|rkkDx%7(yW;tl5JG>hMbI|Ip2vDK%cS%+7@vl%@QM|EJ+~`qTUR8
znh5wvH1N`zI0b3XwVGeDShJ=UhD{!vcWyyk4Fr<G;hxD{gJ}A#PGUJ~Mk$kqJ9cOm
zF;Yv^ztv^GeAPFAs?fcr7yGkTY8QWuh9^N`34x#jbBxlTMA!{O!Vupho9n%YG2r8`
zH>3AAt1zw3gely<wA=_TC>@aM-QKN(qdXQ7f|sEBTsUgG#I!Bmr$l0b2hL!>T%#KP
z@j02+_NfKo{&Ck_L>{kd{KO;s8A^kwR!YwGx2kS2>DO4c8>+d+&!tY6t`sycH|EM<
z;u~{!WG?}5Zrhmf5$`~dt%}aNT8Zn$NiTdBvg@>x?z!}+A|I9u`YiovG@9Qy{=$N-
znL}KuEs>>aA_42U_TTWXJ<m1h56hDwpu~o3#?wVC4*y${wj7_fKB>!X1^({$TKUtV
zkFC4!q8H;kDmC=PZaoFVm$MMW=0<!3OF(cvk+o&y%6C~iF@5v8=y73hY!r!rOIv6q
zK<+e60@;HsPVK$Ygj>(Bwy%t}Gm6@^KO6C@g2_fWG6O=`yVX?h&}O=bc5S+-kU3pp
zY3mSi3Zl=gbQA-uM1;)-NonH6p}lz7n07Qh-pdcGh5#_99pzy14uc34=}*ZVO(FG4
zH3Em;-KC`?jY{M*zP60k+*aRSt|KHq2El)H^W@0eJFw)@7DqUTv|R<ldwHUapD%6|
zvt8NS{o1A8;Z@t|OVtxIzEW2`!G3h4DeSH2{u}D(_o8iklhtt;b@uqcy=X0VAtb62
zlBnt7ZamH(84-OR(vvQw^Hg+aeL`g2$H}oBVYU<Aw`_wQx3$(Q&cyk4I)3jq{m##)
zA+31S?+66ksb>(>I>)*<M0w;7XkHr`HZQ^St45m)5>;hQa>F*cLRE)4!#rla%v1xS
zcg5^njXahSP#N<vR_eZEg55}~ahW;6>9C&rHOT}lDSt~PCQB{ISjh#}noXxae>1Mi
z_^V)%K5G#n)Y;>QB>k?lXNMHWP((_MEuB>|X}~uuitC9)0v1(~-?4_5tk`fliQ}Lv
zSx+((m2;z{vY?MA_=u^}@Nx*I_~47=L~Goe=im~1m%~Wi>uNRT)3U5{*`m1Jl>(U{
zNpE|t_XAMio<gl{884Hk$e#O`v~@5Eq4k@koWE+2H{*EdViv$1B`~DirmL;2P@M2$
znU|GgQ&j>aM_r`lMJkD0K>#B4yuJE9&Pir0dE@&OT*Bi1h03^+t;Q(X_#gisrje*6
z+xOB^lN&c%_K0;$tFzQ6aSS8Zl)D(A(X}CeQD0P@i)Infkjhc0hY>Lh0m<IeXm`wX
z77c<OxKqv*@iU~V6VhQ)bHglPLg$aX#5-AYy$fEv*PrYQ2=dq8LMryf0<9OPeFSW@
znM3pg0dX#lQ>)W~KKg0e%pqtKtVa4SvMjas)qpB0{6976RwsCB+-@L)<>S?~H=gq}
zIg#Be<O;A`OYTT2&MS20uLgq{yQ~FM=bjNa`BHvg&C8t!lDEGFkHl0qzlA!%1(v0r
zp~mli`>)e%Zm5vIYN2TnuL3c;o&r+b5d!g*Rd7M(;Qo;>>+M?K>!(gbD(o_clQ)fe
zMq!9Z3#)`d`&%zjN7sm2o1xCkPp<COBb3Qni&;k*G8<B%b&x}E`Ja{#J&hcw!UoQ=
z>(9L*8WUJ)VVUGAK>fFz;}ra285bz{6(k0r_;jD7f(F?pty=qK)Q4p({SjKn++1Z=
z-Tly<#MVl!dF$X)V%y7Nrt<*S04XR(CO17Tw5mzX_C9o?z>Q7EhV{=NAzfzvBX!Lp
z$Hj}kX#SlC{Lej;#<~_423B-rJ9jB{ZxdgoTJP{>RhW=E>*SQPsH}CWpyg;8tj1HX
zvu-u2gQ*WZRzY!G!?Qs1MO}j|0feA~%<k6Yo8(L))6r;sHk(7o1*i>J#(dyvH!&H}
z%W9>LZ6Oi060~Bk-y<1C-QCCSXgY(+F3ko(eQ~o>Mm8eEZzU7&oIh1uv)xs~=`CG#
zqnuYubBQ6C?U$O>q0pcSx;-91bemn|y?!p6W^%w$m0+!&$x7#y80|25YdNd++zf=l
z_HCw_cU@Ty_$-t?bQ>ANUvy^bfst1>-KO8Jk5;XW=a1iv=a1Qp=Z^)lJLxZ_3o%?@
zr3-GrpEItn(-lmUTt^^NtQn9={xDDsFdF^;-2Of9o585S%}@;zb5^Qmg4Xb~zsa|c
zTK1$zyArbWw36I!AfqgKtm%biyR)>+juFDBrxl4VVB!PzJ&D;7tPL{OaZGKn*z$;n
zH-3b-ZrA9y%nM!&CyUW<8SURw$R8wRz4~hL{l?DLC5wv`5oGQ^)Vo~fC+nRfK&+^0
z^fH2vE}=gw9Mi4k5}r%i2`NsPQLBgQC6p2hvV()UMB+}CAN}lVhpv4sFLeOAsj}aW
znoC_)2w*$YZm{<c_bm9_JCKd)Bl>QPVgBf!dXPxigDWD+>pB`&l*KZ5OgunIB_2^d
zRK!Wb@CY;wSHo{Eh`3FAHH7Cxhrba~aSEYWsICrmdC$?!0jY3m)0e0l6SF|s59QE5
z&SBj)-i2{7e-dxF6)LQd23Y>$m~~*~p9LmSTlZjrIEEF$Um0Hs3DfG9`jB|4sLq;W
z^*{xPASkWLLNPQ}P_;%9{%UH;<8iGsLBnoEa>3T@F|j6?4Z*e9;9^6he=<*9*d8H7
zV2#atM$+I0c7JLe*9Sz_0IhTr)_$w$Z>TRaWFQ2sGWOsttaTS#PMNWP`!`h2*?E=I
zNP-Jq8~X`$tme*MyYp_M2SaTX%o1dvV%eq$4cI7|hbH|aKwYuii1KVY-rIBtW!_5O
zoD7Outm|(p=K2wb$FL9h=FaXgqAFY_0&cbb9sqb*=0rkOn2C_izcvm74917~G^5mK
znrZ!pl_Eb#QwG^+<}{g;PIsfNf6J~rQ)2D+k#aN84bfsLkK4}{e}H^1YlYc)IfwTS
zh-_q4Hq6D`*t&^ERXpIX{d#fivF^MkG4K6dwK#l1;P(Dho}J9-jfoxRVn*Q&ebtG!
zLQZ8N8B}s1>$M7|d;AEeHAQpqSv`s!^~Cxt5KzCGp+l!+dDvvm%lH&*^W*y^vCHYu
zk9wNjLVrH~OxusV6(~J5iv+^oUDZrIEneHWHSn~DIJH#;DdBqQiZhsvLYa};8nu{9
z45{0dC7w#@sjVqe3}X+ET9VixY+@Q?o+(_xi{wUClrgDZ5LKNK&q-I`ioj}CX;Fw`
zTdA>i&gVpDS`1OWZ#rH#90gFDcwU+>tO`I;a?X~(6L-?8jjwNR?5>!VZUE)7%~r$@
zW-)QMpcF8BLte4YOLiQ_<uh=H65BfVrq`HCR8r;A)<>hTG&%v$HzF8c3=AehWlfhV
zgTt~W{V7_qfgx`5b#|O;wN$*Mh;>yvpmar5p2-8EdeNhLT?Fz1&FuoP&s<+#W6#)}
zaQ{7@aWJYXpy-_Mj^L^Q{9r5;SpQk3l|aIP_QVwUEq7?tYF30;Dkdk39$~8%^b22<
zvAJwjaLqRT>1}Y(hMXUyvSO0j2sc7oq<OxtfiXqKZGDXp))3@ORSkxK4)((P%K71=
z(^24<utdSmQYc`ybQTL9IRyqXautY~EuI3gvJ`BA)1`9&R<43{BWJOzo4ZiX0xDLs
z+Ia014x7eii<dAonf<1=b|IVZqm|SHmcwFI+}YFuf#s$>u}g<C`jy9Pj;&UklGJNK
zPCAuK+Ed@Iw*tmLlv*1{9UNbUXvj87Ox6#}fU<fHMdw3cS+~HE<!W>g0*LgS1Z)u;
z%CrYosBsjPLDcRJQ)Hnuu(Xyq`gWT>+`KYHa>WeVAY7y`_Xl9cW=DivT6{P>ZgrD1
z_o9E5`>1k))&m(0Bak7cr5nb)G9SOxE|f-%VZ{dRYNf^{ieW!tiL&UoWCka5xDWFQ
zA{~P^O$Po<ldf?oKX&bVlXR&$_kpiL*m1i1T$i2&Fk<EAPG7pDg4W8d%z`#lxut8a
z#C;cc!`5U+t%bfFL{H22P%Sb{J2M#;VrcR3u4C7mLByW1_<CPG?v8+gMcq8^+M{7E
zy5K>~Qs^T=a(xzaGEyI2e5e=nIm$~p{mZ;=ZRE2O{q7+#!}h{<+`;M)UuvPKU4KjL
zaf!iI`4@-0+d7g=cU8x5LZYyB7g9R{8OgA}XT^Qn&pl5J2Bub`C@lB0EJ!Ob;ABl*
z={>izYGicHGt;|D$FXVK3NYx?HVD-^ux|s}kpgq>W*5a8==unF<|@s%3{X7~oGyFO
zqZ&PkefPJ50wudT*7V$g^nX5-UGJf$?2j_;Y5o_<A`fSN+yAj8UL<S|A{}#KUI|2b
zI1E()nAH}TxslKGK6s*@OcQgs;!TyIT+K2@r<+T;7BZ8s)7N&~vVm0WNI{ku#GU<P
z4kJM2=|}&e*gK6uj^LyCh0BsjFe(TTR`6!v(kgB45X@zCILTr>5*+nmJlS@?Cs@pO
zce11LP$#^OV2zpigzXO{c<3_w`W1;oU(o;0{soN{j}it!zvOPe7d(Fu+U%J}Qgz12
z^wIm0#F;wMtS}!R6zyt!7`Fd%d>PhcA0ohZVV!{%0qm-<iBA(N=#@LS>0g5b9yyAc
zJbLugJVd~->8^4omtnTU8vE2_I>q7>6o!pBG^BxNgDqaX0(1MXO-voA0LJ!T{YK6J
zAl<(?6NdI*T*IeK=23GdvseWayMDk40=^X^{cLezv`8iFXKge>d89mQH)2VX^YN?O
zLmLPK*9zUd%qW7@Ek`b2?tlIMIME|xJD8~*NElDyT*Ul79@u1~O#P3T84U`58h_ad
zQRo%mS^^wQh#Xm)?->I1@zYC?!uuR7KpfftUg0+}=C%W<TU~uJxCdVCn~#&YHJmaE
zx)dATMgk=ncws#U-|SIFr`CZ7pzE~^zbyg}0?OW|S0Tt}Axdr*hh;gw$XQ+c0o;3+
zwaP56{dZAyuj(V1kugz2Bg6YfMt60sjOh3m0HeFQx>xl}Zlk-pQ90ny2$&HKpXtcY
z<-U;-d1g#SQ~xULiQ9sj!DSG$t8(e^D(s07$%+wq<_^jb9`_#5xr29DmcxiVvkqnY
zzwu)F-*`FF+xw3dFjH~-H+afr?48A;rb|=r2)PUX{}rpSX8))Af2VZMe#3R`w>W%%
zY#z9ytska<ZXCE1aPCf(=g!<N^U}9_dIij)jDR=K(VEH2;ry8`*P71F=Ge}1*>Vhd
z9=rpwDIWQC9)1v@={f=M+6VGF3}<r$Fg_0g;5VP>ENSf7(Oa?MH=m;GdUYN#;Wvk(
z>Uwo{@9KKDmNDTsqad%}M^;fz25e3lT%BG|+d2Oykj?l!C}<>?85a@#A2*WAwESPh
z7D)GxBeq~d|NrfmPa|gl1RlN)l-B>6===Y6_u5|^Sw%6s3}=2GEE^tKLK%4w&s35a
zOb;{5oH{e~;*FAWarbrc(DB;5EGK@(CjO#pD^hBemue)kT+7-l4E{$#IA1!p16raO
z^w-(fC490_z>Gn#R4vd-zL3E%CUK}dVU@Z%4pO1Em)l#iUWke)o2VSf%U{GqNgK5E
zQkc!GXJH%MP-#{2)DCCS?x=nDcq^Z8c0w^Xzms|H1uZuTgFXv=63xI;0uWTsTVO>m
z$=5H5CkdqR&}2NJJSy>oVj<*^aPM0@d$hl}@C6UqwxK(%Y2}YAa7czedBTV#kr>cY
z;19~d^n@aN!h39#m6|B(6V5%2@DDW&A(eS7v6Y*xT1&z1qHQ5huV40iK$sf6ddz*m
zHrS9M`YV~5ze?W8&ej{NW0mWFYVV9d-eB?<VTqJ-NUXQXlBhQAUHfrHq8As#EE_Jp
zu$ilKbqG)oH&MZ3?9`{G6r_vZw>bw8RDXa==b~^U*{z8nDe_E#ra8M!5~J@RIK>xE
zP0vrkaTGcJq|~HJnkXr$x=6Yg$tKGrB~iOq-uYrBeJOd--c)E#HP2>aL{-f0@5}Lp
z`+>cjn7TNr$;p3UY07GclQ<SN&DfP@_4o>asXEWh<sP3$QJ#IQxT@$H=)T*e$N_)8
zUXQh)mFzWsLf1@OnGcQkr>UT@uFV%6lr+sW8#H=Acu?$NB#iL8&WBsFtuK~|GZy8C
z(+=B3l}@Scc`we&RoSbr*|tm;S>YR-K&`8k*>C>o7Tx{DgWM7Xp0Wi|=7{hPsSn&g
z>Kx$f4<k*JCxcB;o?``7y<g~CNhkkwmX9#~i|#QUjQ$Ez8dLo_IO}wf?ORR=`tf>}
zn_(q#B@N;u`HeQ9*yH-gDw&}qG9L}BmcDp>_elrX1bzIyY7<@5dD8D>k)iyt+-1K}
z`>T<&=BUtj9J)Lia%ITyW9(wos34i;UY%PEZ{u~G_;ytYd2eJI9oK>WGCZ2Yo){N!
zHu_hbPn8Qfevhh*TrA?_fWLOO@W6tXU?MecjnExPDCsJOY%L?`L&U!72h0RMWa<+l
znNW<upreRxms7Sg;U>UKtmV_L$o#B=V;JvhBi25wYqT?{2&#J9;9z1-!NUMhNr=_s
z@eJtw2WaCMO~J9L<QLG3%V;padR0$>F+PK3iE#%q(zJ7}(DoCL&fK`|CA{`qvL7=p
zB~I#&Yf4!qb#FUKYS4`cnZ<#BErjA_{F!eh5D;E<YpU%%RJwUihTWr0v6aeK<(Ugz
z*ajn(DsLdbr4-XHnYrz%E{=y->&485`XDy)l&>tg2jlif8rri~GRxL6EkP6pt%xcC
zo6@5tSZcXEcUBI8Aqs4I``#da9>?2dW0Dj@a4pU3hxC1hg31J7^nCYpRQuIR)>M#1
zwK3-YDNHoC)-tEyD4w&w1LYt_Yt4f~uADQ&f(!=>;hLffQR{HXrG_M>C^QX)=JJ&G
zV#`ivV|2jzf$a<;k~S4uIwXe!gvftZs%CB9(Xhs*f86UEin2s2Pu%33h<eH0{a=pY
zDvIFm>Z3hQrmI8|)jf~UW<%y{VG0)-!jo8-B~vXS&?%y=<-3sBl&a5c!2ZZSUzp%Q
zjw|FoM(qGh@c$3tK#s><0>O?#<(v#5B#9QIiA)s3O~|U9q?#Y4RK(6VE9528NF)eH
zpKz!AKt7BP+q0Fz&C)VNgcl(+QDaGr7*3+C@tWtzPEP)<o^aQ<{kCraA-~X6Q>XYn
z?c*#aPJ0G^U{=7))fykO2#BhDI8pIdpLl6LkH5q3drtn{{x!#N<N3kv1m?8%-b7y}
zGFghOZr$C+2W@sUrFd&t*Xg?^n2&{Runr#<n3-#p@aHa`xxAG_P>rYQCj>Q;y3efe
z=eCw$>R$MHn7l9@S6)B7)qqwYT1GGU`jhl))<BmjcOYVBwHc<B^+Y%vMoI=Fj7h!B
zs(QmAjm^B5<)1+4fTDQslCS$F>9=8HKR||p-gxYVQTV-w4kNTB$^@OOewVwV3-jh1
zJ%LYz35kQ<L?%pG$yo-KBhT(BMEV2isQH2TRQ_O?ust-fTU&r19;K)fRrb30oecKO
z@tYzcLjQ|EZ(-V3^ePD9pk}3q6{RvOGS98Wr>p8qn}f76^y^(B>m+{4y}hltCmzFD
zl-oFdxaqz9yRxVk`A9_i^36U(8vnNh2t)ki$~42}3eASPtE>jD)N+WH#N*rJ1i##j
zbUszvjpO)<IwjGnlJjGZ*-f-BPsZoQjNhlj`@@~u?F>IIuFuQ$QHR~mR%eI1n~QW0
z*Z29w!HlPCal(4i@&sZN<rP<zB;V6c1J&+eN(<2BV?9-vyKXGXF<gdbOmc@XjC8Ht
z0#`rJ3aq_%tll(e-brSm++wS#UlRV$%3wBaBI&HsdHGhuv4#OgLcUgmT6)cw*OS~=
z%TFt-!go`bf1r=)JFdNfV2KE630f2nt-<&Ln|Di-OZ+-$Gf};k-=&P?vt$3a^!U9J
zVJD}%D&H9s0p&sof}o6vMi^G_HA4oPoK5RrjRAeZ)Nc$4EBcLjl63i*a=575JvwRW
zyp-RjSCdiNw=Eg*-4Cb{Wfalzq%14*Jy~(2x(m~7LNBN{JSC;gw5C0#B%-s}!<CIz
z&AzE&ft}rRFXFMsDwkz(P&xHhY#bSmVzcS{+v7B+<WQ~K<Sh>#UleMod%@JJs?_`e
zkRB1=VYbxX-AnvfjX5y!4w=YvL#y9mwoAy&bmZ~HBz^m;GpA4KFoJswR(d6xrSi(L
z*8kk|jQRBvU}psP+T5N{R8y1f37V&lw^B2gqMj%uwn;gy-9d?jsx1*hXu460=N6?A
zy+dmQrESBe7siq3Q4>$4+xP!?)!0{vq|qvZvEtEisd0ck%sq6B6d#9Cv?oFF;)d-_
zc$g8n|4kS+oU1Tuxi1{bXD|`C^dXiGM+gfHsa$684#qf~RT92gn>cx2+}j>-VSuCr
zsL9q!l$=7-P^ddea;oLeMEi31Jxo+Qq+ooh{C@l*uydMZ;V&!9ar6u&7_2VawT67Z
zKf-zRcxckCRe_WhB$-(z;Vrw^f-SR5J`S!gT-U2qPT(^&SK$(!@yJvASTm~y6Pzci
zGoITUH;aD4g4=>uyHFD$<8ZU8vB8eVF23C;nYI6g>#h2+5a8F`w(BW*Oq9N4qKp*4
z>?|M3B#QCAK~jaQO)uZt0IUr6uUC0qm5n8Ur<s?Iys_V+CgpXPFQlm$YE56xw~^^+
zV_6o+ukB1I34xbYth_CBRg;Sv<dk@|4A$W4dv=wUWa0i=RCQ0?y{8-}b0<n6nRuVX
z3n(Y4lZeZ%hjXQKNcqn1Jb>Cq?b;u2er^zr4tVcPe}8(lz4xcn-RgWhS-O}|V;8iX
zh366=H7ph6Cwo#1XJ9>rTo?b3>OLxkQ&`UOZ{SfO$su?O+9`z_Eav(#TPhnOvYrON
zeiR@FRTWSS!dK`mS4+0NG<SLdst)J8Hdpzww_I}>N8p>kLD}Km>!)Em^hsg}F-o@@
zZiV)FFu||BT%7z?K1+7H1RCT8ki}+v+q`}6&X4aiCL-Cr?zH_K?7}V#VYYtLl;oec
z5oo%mtQA+HEJdZVDA%+E)HDy?6gOhKf+2{q|1u_cUWV|$PKjD=x*3%Q(-#gjgO-97
z0HX6-0ZA{X07OBW&&VL>sWDaeAkKHYy$QfbDBVsw2t9;5A3^-3d4z@FsZb{E7BE)W
zX0)C0-|+7*#lNdC#Jr`IEFiw3t+!*}X6+NN*8dg}GT@}LRL;9PCtZbxSmf^&sU7SW
zH<MvJvWf>hMkvOh7zE>ykHd+IYv%2lq2fCPhd_CW(N$f8;3InnLqY2235up3z%l$O
zFYff>)G)3!<G|&rgo%?FXm+DIIa4z00`^^?DX3pyEBPSFrt=3%oj`0Q_pnqs`SS35
zzTD7#zu||5^1l=#t%yJI$$J?2*@A$Q-zMHAn%^UWqv+N;F19)J^jF9$w8SourkvlG
ze=?q&9jTyhu0JsKYR>5g>MDfcRu}p-0C^;njf3}ccFZAK`;oHpCv%av;L8(Tq*3bT
z<Hy1;Y>gozpAz)1w3wlgi`p_Se`|p_*t>o~T~zc|P;jn9mB(JbEfqb?^7T80$`^S&
zQg*YiA9^17J?LW{5hS^YXDOoogOqpbyxfRkYR_+G501)?JstgYOg|KzWNneF8I6dX
z3jc^Zl&YUE?-ik<yA8}t#1Dhi=Cc!ECu>9C*EU*vC5#s`=cL?Fe%gJO%@{|y6E|BD
zf2fsm3W-CI+JuJedtD~3SXYaWR6t$Rq(;q>y}e>=3<l9r0&FZpHcVZFN%>1h8KuIQ
zM9>7j8$M)#eo=7+u~|-_+zVM0`A!eP!O8t0h&i;GCN1rLo^Em<Ncb)fd{PK$_&k}D
z^Ydiq{60S&g{uE#VeO+G(ZlU=;{QB*eLX!LxzY9Ya&oz2=JkCcrdD-3E^!m*kB`hD
z4#2_pYr;icV8u#|V`AMiG;IE+6j>M5acdCl*i2!MW>+4pJ2Z{)KNnVy%a{!v2$y!>
z>1J_VD>cPgDMdgyoxbH;`url%%-c$+nl<MM1N1l@2oh89IocE)?dIi#OF+#2#kmFb
z>_OfGe*`3RfBDNUs^J{*&@)wfc9MSKoisPpo*!R&bE&Kb>~&Z8uT&h}2%TtzP%uNF
zfT*d=Sx=c-dk0zNFe6f-vwVpt6P4A<C(@3Cc=}*eqNFo5QZb1-$vsL^wj^a`A|}U^
zqjvbiZ#0WgwRop?^}BruI0+)hBPS!CvZ%*e(#w1`z&EqiGD^Z9bU(L<(DkhOf2m(<
zMTIO|C_L<gz0f2n;hX|DVFG<~cbXqXAcE6rr}fqhGjROm_~IF<+s(X3HRjM{gD5m`
zPrDoP@Vgv^=teU=4WnjNW38(gh=YTYIfL6Xu#{yn)sbLjg+kcPbtclabcQ8)#8`sj
z`a@AdFX(ji3x74;aTokTC&a6P=(p2rCm;zHYBbkwJZ~@!qs;x(cdkN4kp-3HSKU@F
zN-V3SNRl!Zlxm+nNsVJ2s~pv5rd8!@Q*<zESdheEr$o`ZYaoz0$4+vvu9t$CVIq1j
z$(Z8~%ue7rz}}cnD0&j9@U786d@&GH6HV5+1Cn)##T{Gd^aGAWlk;$NGxAq{jZS&E
z#<1T*bP-t*$<7{qqN%BgonMg8JndqEgUoSy!XYf9DY}Esw>jYpR#bEC>b44)U6);=
z+TjDWbHGSs(57a%@dd?BNY+Tck|@(NSsB|z%Et>F+|Q6hZ2HU8YI2)!q=u|0G^dA8
z<sJPk5eMcR>6V&Q8@)-I!)?^A(I7m`G{h7|)TrYvhp09Pc+^A)a8$(q;M9c^KtWoM
z+>x4Eh(V+qrE5G@<zZ40sV44SOAlCL_Mn)@Y5tKxrX$dkbO;-(^((jiRT}|Q9$227
zveak_kh><KO3hD`nLBZ#*sI_H|Ac&ewi~1?)%$i*+#eJ1)5!MK{DSq}JD8};|KlMQ
zk4SAxm1!rTXf*`dwpyH!yKj##RJ=r}dMLmpc0-br_5#wdD?JqhFtJCoi4aR%nqo_~
z&J7XNr>@IOgfl;B7kpUFK5pU^Y*Cs<<Kp7s<=JMs6-m2|E3*bE94pF5!X`MQ3jJ+N
z!YM6>s8Y9e%_>^nwA|=HL;lyX5P~j2cdsSZlO9f(qaYU_x0{<sP=s{kG`m3<a)VQp
zz4%t^tqy@6k+=?B(WlWv45hptVU}?a-bC@fw%&u|be~p*jff16DyM+Cmqd60F`1&k
z%CVh<LrLo3mszHaFKOV&wN2mU24i&CsOhA6D=Sa8mTx0PW!Y9s9<qPc#rsP}MulCt
zWgHs9m?*$sQ))0Xa*6Lu$}a|T$GT0KjBw4~rPxJb2z&a_oGJDJRYzB5j^88CjBlX9
zTIsk+GJiJUdsC2uY=`b|+2;*JNi3&zxxrvdL5xVoI(rDpu@F_akQDcjDIAa*3%N-#
zika?OH+EB72HtHZ#S&g^>U<*8t&Ftby`KnIFhVVFZ<6M3fk5GnO)5J&!o6HR-AANG
z#?l$^+5MosSVS1o&pHrb#?lA)N-8WJ<!ms(?bXf=CutP|L*95kH>RBsCJx-^aVg@;
zjrP|N#tF&Wdqf=~{a6h3%Q$Fny5ZSyCntpCUP_M{p7D+~bAXu%l+P;lpPa4_Y8Hs6
z#eiH{*y%F&N{$ncbLy!-7IV&BzGbND6V$|QbL)SGDi3T9E@xwsU0%Pp>t-Uzikqo}
zn?!e5eG-}3rT6=O!0^jXx8VAlnm6&FcG9E$bNeg4z)<$7uTBMV8%Gp3eOb=EN*8Ty
z99Q)%Dk@;%UY2=5vfwHEjx)Jb8bt7!)NLFXEAaOITzt;HPPeewbn7yl1B1H+_*JO@
zV;X2`JPj$x3?{Ce&i+i<B^hs@{2Qacddf?dyPB>F5|g^8U&ttS1i}i8^L-*^ZWLX-
zbH8q?+Ex#yB>pp<+znhMtNdgWb&IEi3Gq>))6+*OSP=RJ#wzV0xZ%&&mgY($nWwm;
z3K{*hy`x)<D4Z&F<tfmVCDAcVS^`dxKrG`<(?MT&RjQ+#v22x7<W%!>dfd!OnwcR6
zeKHXtP(O}@ek#bt=+UnF2DjUlu0nT-UNNe4)K=yx64vP>O9CaCAT9PoA^jB41DO-$
zNrQ2y=|InH+lD_0&pQo0Apz}<Pvsgp4|Yvu8jE~XDbab21|w2`Mi^;)cIgZJ>jCE*
zLd5>gHQOK*i_+y-AE=TwD4KCWie#!wK*cz`frVzQouoB?FZa3!N0S0U)e+mGECK!+
zQ4$)u^lTo{jmSYrK_2MHzY<_Pn7G5tLJU7%$c?TvKc9)u@wb#lir|gDFGCCzG-D&~
z_I!B5hXYV+t50vA4LMye6AVj7qv&G$55v?aa#o>Ff0%OYc31>vni5<pBz7d`(s6zS
z*6#tHOlsb1aMy-_LxXRUm;1f6obkO>41ejg0Lw?YAja}hp=tO(tW|;ie~xm#|AO!S
zm6HD>DkGTxPhu2b`SEL(1WG~7Iq|asB)&s5-YFMmN}UTNlxw<rj(k_BJZ$wcQ<)p6
zN*iR#i6Jk4QcW4N(P&OIvfZ(ph0{ID$?*>rvENj?T_uQ55Mjt}@Z|dk^VvxJ&R?Z(
zqtrX-^jqSh?!ON{TP*kkZo<VM$r^k#lp+~dR%CAki<k*M3pn`ObG2>VHW4vM3Esu;
z?#$kWP4*xwk<3OSaV8f;JsNOCDLfC`b;Dnt5&#`E>Zoc(J<@i%udDh*!T`)SQiEC}
zO9B>B`EH~IU?E$BL-@)pY}H?6q1>M21%6?Hp44P!8mkWeyDVjynb-Y?-Rh9RwBXSL
zi_;dn>g*+R3e)Hy#pYwcB?#Le3)9X&fmp=HtXG<v{+62N=nPg$C~L6df+RP{+2?@@
zAOe?!d4dtSI)k|goVBzeQlhP7HtiwUNagm~d*#sBm!~@cr94{khu2Y0dbkool1K)E
zOZBNTDBWC3e@(yblJC~e;G{%@lCfx}(n+x3Od`*ycz-j;=A@3nRby!^A<y)68=!ph
zZc%3ZW20g_J925nvyT2tg-P54WwJs62G~pR#_==0)QO&xg8m>VI81f_G1|JpAa)#j
z#VdF_0?9eB_an}9Q%_!<TEV2`<Ozv!aQoS3*x8S6;(R$&^8V$wzwHwaK1B%b9rkgL
z&!=g!OOazx*<<ft!>}xec|g2b<Hz7xVI<N?LA}iYzfEwlrO!_Q7ZjB5io#N}Wb3~h
zj%Qlu728BNeZ#(ZV)p6LXY%Li#mD|0+j(zf%_)9w%4PLziHfx4Xq(B?f|<)b{7ZXo
z4Zcci27pT|45=2LW@2q7hpM6CNlzx+=ytRk#Pf$2*z@2ucoM<jERx0@bCAxUqk;4J
z*HS^V=k0J3^xb9(QhztrkzW-P{?fn{6W&<YSVjrRI5W6mkgZHgozv?rc{xHO%BEA$
z^roA7^P-=R(<H-K?mQVn!^J-H88Ofe<o$;>2vcHGMjf(tM-Y1Sqkl)%&-liTYPX$3
zATQPRrn(!XeKi=oxl|hHLuIN=#6?VkNS$vdng#|LF7QA!!6x=&O;VGV`OAIKk8qqP
zUyMT0#x?0Q9^RHC2qXXMPUk`kEI)!ons9T}INmw0MMUW_cB>S<K_Lf5AloT!R-;)^
zDl^IDfUzC^?BV!9$yp|mQ4b3}+o9PX(&&Nlo{c;_B*Pe@f#}bS(nAFTeNe_pBTKC6
zm!X9#^4juHq<>PMfaUZ1`qIr~Xz1eczGU^dCc?M&Evrn_(-JOWBhw>Tu;vFTt$wBq
zriMNuElnH?hefx+rU6ax`3E6q>PghEc~(|j$R}8C5-vj=2N)A7OqGmSBpo{VU`5}V
z=&Gks$)GtPg*H4(y@(i5|1AwXl5H4m>lqIX3%NR4U@oMpaqXhv^L7lBax!l?JXyFJ
zNEkv?B&y44#I4Ykj5rf+YXt}_!cGi+r#WOQUmXE=@Wantgko&Pn{`PS?W+}GiHVwI
z7>xJ#`Fje+iJo5PsdyWFCe6i@0ia(%$zPS`E}Z}fC-zfO`(0arTs-oHs$;}X;US2!
zE*Pb^i-2v_OByi#q=k%rlR`O(ZVTl3Q;!3|&*$gkfFPLG=AUVXk^tftN-v;qM=!te
z+b&{yZMf688aaugKoLoQeA)3-+Y#DK=~b`C3!$WJmdG?MP9v+ph*u1zsG+hM2}lvP
zcpCf>U*Zbw4+xlAw6`sTP&F1rX(Tcfl#f=a7oqMHgvH1o<;_pm1*p15bnk&xZSt<D
zNkw9>Y+cWu2d?}`6w!q7_&7ed%=}!&{lhPUl?Et7T|a0xa=3n2POIsW{Hcpgq^;+Y
zeb!Pn#O_mGz?!|x%YT%$sapwI;o8WXh~=I%%s*Nwnl|w2J5nj^gXI$biQdllgC;$u
z_bnskV<Ax8VV22)zMSEIq+PMgo1m^Ol_y3dzE?%c3&!rS^RigU<8M3xXQ9MPdFTaY
z>jxu>VE~!OsYS2(nJ)4)p%-s>_IavGDkcF9i|Qx|hAg8ROrbbJ+|xIlN@m%O*y48#
z{>qL@=*WDz@s!f|gC(jsQeaiY?wBo$;I)DxMO|O`gY3UL@MRP0WbqFIxWG;V>pGUP
zHcZ<O0XEG>S4d_r9mh_Np?wzwt(m31{LW%tV#W1JW3BFHD?fv`_%c%?%ffKFZ~sMe
zDODEP56wPP4Td{kpo+hcU(<*Gp7uD<QP@Z$uGt<yN9$(1FwwhT%ue}-^L@ayo_f;;
z0}-OcIVSFePOLKM0!gMBf>lt}TSk$%i1Tky5od{Jd+A8gi_p_ZMU2Clk@h=g3g2+i
z{}<wGYA;}>Z1WE=()j?TcCh{nU1R@eY)Agfdf{gtF8c8IZQMgQ(tdx&JeVJ8eXL>}
zF7g^4A>Rf%oaq<=rSSjr{wMN37;VO*ErTfGN2<nCFh)kDcpPOjMtW625$YzzONjZ_
zt|Wh*vCeYQ*H$f<ngx`b$K{w(Ut68pU8*JM8}Q8ZYl9n-N-SZj{s35JflogGkvT<I
zsz+-D-QQ42Jsbj6jfaNF2t>rS^abATjpRo5cT!(A6Pqs6Pu7NSAE}lI9lsXy4B<MP
zj+_h2_YypZmawVmx=UcXxB_4CE1v6fdii7ta(u+^&}806gW8@P=A36<spwHH5aAn?
z#DKX>$6$Os+q8SuvKXq-ysWrKWJj80O}5s5U|pq{q`&x@i#L7%Jbz$`k`C|#Bgf0K
zI7(Xdh!|Q-&UKmn<)mNZlS2f5Vb&guw%$q+h7o2SN!4INz`J)FxQn8=ZJuZhC)g|X
z784wHTXh$a*J`4{%`h>ErXYp`Ip7B!reI#xs_NFWtJrl3`gzyKzV$0)4w((G`Z$Th
z7)aUPm8;!7tNs+<Irpky-#h>x+-$kU%H2Q3S|vCiVEA!O5Pi1;T%uES?vxiCPAvgT
zBvm|i1x?!Ll-mJtfht3QJFEq1V&O%S4GSfM4beskvgs$xJy#s%aPC7f9J~x%)``5h
z6_|0~8goBOd?pD|Hn>MB<P+jbdtqyPa2k6~)d-kp)UW^d<>PduVXWutv!o!W_%?<g
z&(Gy^`s=pj;Gm!YzsKwCYHDd{=J9narc!+?EoU3|>o1*eG=!t~=aSjB1#hqB^5G)=
zZlk3E-uv&GTdmo|+XxKlG<|pd(}0Y<RNkQSPqIs_Azd15FXsI-@xT(cXa{(uD%l?D
zVlK<y>B4UaR7iRXMK0vDl8cz(JBiElte0DXsDCP@l}_rdEQ<19uK?3wX597*D%pZc
z#;wFC7+A1W+l|@*7{-Q!miKIgBuxpQ_BED3NaD(%=D4!wh@{4%g+W1Pm%XyE7jkvQ
z<at&Z_{^mQG##StM!Ko$Tc{v4>fGnR#Z@stl^K6FM?x#8zJ!&@AQ#8X^_`gK{Z#iJ
z7)>p0Zy3CpNR8B%%u|~l($#vUX{BwIOshG?XP3a1WJN8E&%1u2n(UH!Hf}XrZ%5ht
z)bV>%9gZU56aI;|UFA1S+Kfbg_WRHZo%--w6$P`+Ld7<5rXcv6z=lJn$=_JfxV`p!
zLo@X!G~t>w^iXd6>tF-{ZTQDW2wl4ZaCb?p6w1yf+pQwVEkhrRR}spr8CK`Nen#4r
zwQr6+OgdAeri5w!QJ(RXi@hAPLcW1Rg1}V2>@re%^yS)RF5a?Uw_FUmtdjD#zx3K=
zuyj&kb<7Ti*E77umK*ctn>)w9tZ`yyo=eM|Xcr^mTFO}~DBD>Krpc$s`@OX2nvefF
zRCir{-ED$L?#Gf@f#^3o5CV1~1f^)K;t1A?`v-K1jpfhdNGKsxGR!h5@0(Y`cM9KE
zrc$t+cR)pW*xStc@DEkVdjSDJ4xfJlv9Tg)#GvJH<qj7IUA0;8)9%<m6}eWKNX3@1
z)xC2{(9g5YqHq%(5d{en(+d#+Iqg*edT}l1g2hbwdTN2y7Gmg!LS!7^uteJ`&fDOi
zvZA-rmc_-vWIegpn|1nXn)>6?XYre$$-^fVM=dz;K48;+7s2q0cEcW~N?f2@SDn`7
z^ani*jz5v#@gfhu===MQmn)ZSomATrKiEhQ<raxJ`UMWDLp{It`9<ZTL0jrXNWFU$
z?jMX=?`NiKeA~WHp6E|z^mMz0YFde^mrN;bNQ!(`$WhJ|xS)!)W&3O)8Q*D+Ugj^x
z84^YCVeXWf{@O?9nHUQ6ZA7@#^uPcqW#p9loR|$TKINH3J=NYimpEpRB>UE8GVrxv
zCJFEs?V7BzORfeu5O6|wG-MNhIK25<)mgc4lS_QEi%D!Q<wi{!g%u~6p}UX$Mbv6)
z=zn?$^~BIAU(8~GGc2>IoaTBvtLu;l(|kM<?T0jX0d010%ayyTeFD_k@s#ZmaQ&9u
z8W^>Zg6}TH6s0t*9>j=D;H1!4Nnz)MR?*CB!X}0^D9Kw_k|z7+-N#w<9)0@-juY(i
zl9+0$j*EK#sAK}kN7eJdyiVpRu^Khf-6_QH%bc-2kGiq+V_7sTN9!{V)m$mROa$$*
z9*d6DX`_BO_uoes9%HEXQE&O@9(GV}2UX`hyaucq?GN?Els;+xk&8fz#tWep<mZ>w
zYp{L@ae9)`kR!%&`Zge$PsT<cB>7cKuD>ytGT!5(LK(vZE@-Fn<Kkt9joEISuYYo{
z)dx=xy^dVl-Q`_<CnA-bi^xdICeLYBA!0h(VhM3{^Mqir6;37lyK4|Th<VJ&Sn=Z6
zrovG5XTdMqp$Vw^8QbJ%Gr&_OYNXo7n1}#Y)mxGdA0L}oOF{vjOtFUn6<RRi3;r9l
zO4p&7-ju~qr~U6j{hQyFVqn6iB~Q0d42*SoFEl)Cb1G-4(s5%qwJFI0_uqy|R#o!8
zUeoq|_`q5!Mr8+)RGJ{(()Oq^*}IR46Wv&|)4wx!nD+4Rb=0<(%r-i9*S*jcaQ!BN
z+L--Lftcd;f0Lh}?xz{d7s`eDRI9u&JX$&lHkPwN-Kd?fHga38mwii*UgE<92k$?4
zQ6}2|mN;}u`24D`4(q2>{mw9iv0gj%>ve!unZskc;I^foWJtRrECOZa5i#}iQluJ#
zACG7u<1|SH9KM6;iiU3xa%iB0r*m0}88b|qfUC)R4r=7muLh;Xfn=el7I`<ZO3=b2
zh{au6{6ied-KGHH$ws0ewnC=(SgS^@-kEK%7e^qF4>2QYV2mT<;Ibyd45}B-A8}`+
zf&W362^$l4h@2<jD`oBbC%jy^G<cjY5dIyztPJ6Pvz*S-U|S8#aU9xEOhKGPBGIq*
zmb9z6gfj?!S&;-jwHSqo>HVv*0Tw1w6B$c2q_kbS@rPQm7*ulBl<XQFAtxim@@F^4
zlH|=g;cpMXEaotQoa0~n!QOz#6}U~0Ht7jq2JlHoCWH$J2mCwh2mAuaNldv|?)%zF
z$EWzx!OR_@S=t_VCR>2F?>BRl(&8XOgd2dvfTwsxFWp1H#-{;Ay@+psvTiV=*8EsO
z7qx3P>F~fBNi6?L26mEIN$1=CE1%q;Mm&&%rHc&DU2aos6jswfGhb#ZKYdkYqG(2i
zZH44@o}Tw^2sO>;E(W0^)Gv^u3oDU*%J=X*$A?*x{ZXw{oc=`uk$+=$K;Zc=XOtdM
zHkd`3dLM&sGyf3JZIr4&_8j=Ys;eWfsuE25IgvU_DKa+&m2U%G7f0v(ny7qh!i#gb
z->(N3svmSdLk1>mX(n35e`*6f@mln9P8R@ywtG4(TQAdy%(RkM|8VJ4k@-<P0TKI`
zTrVl);#x;8db&C6deAl_$8CtO-2G<}k^s1l*@NuK<jkEsVmqtM@IrVG%Q&BWHAFg~
zjD{){Ye4aYa#}igg7mmbuV5-3vVmnCB_T^o-(%FQco(~DgOBpw=K8KfS3R6%#k8&c
zUY3`s@x~V#25X?I&|&R<zF*C@FeM{nKEyuoRu!oEi{D<=&KZW(i{^BoJ>ZaM;&Ivl
z<`Ut8iB->O$)k`)--5`dDM&?20<kzxOI(G~69c)b^}@P7-|mSfRKO-Ui)otd>8k46
zn@2RIQX1hdLBrTO$3=kdRMJ9H{U!(e;~z7i`o-F!ELl<%DLk0)A9Fc&7PKBa1K$P)
zE53tt^8zNW_Kxa9hwQ&b-$IMTXa$jUv5Qy(E-1qk*jrF^fyY)=fkhKoZ#$@vUE-(S
zz0url&r-%M*Gru{XKJuEH>BoiBMr%1vSmiwq;kzZ(TyKs1c+y?k5E`o+v!3oDCH%q
zcyil)ytkF7WXgk@AIQUkUra7&_tlcMgQkU#U@{EU6RgzN(sXS8J5arrS=jKM^OIsk
z9Yf6ZxrnE$@a>0~p-qeaD8vYg!K%)6Ed6Bt@(!?^CuYMAKXkna$6#AVb@MoX$fa((
z4MXOI1ZJQ`?c3A-1}CA9hmWbAkGR3uNDR|)cT7P=>9`Klarfckc3eL4vbwGTIxemG
z*<IJlqUt7o1M4PaS1>y+A7|_@>zQ5G*079Hvg#(H?STJPx&F_5%>Z>=y#@H!_vegK
zvaT5aClXaR5pCw}y+5^TQeySL#Q%z?S53_R6FYMs#$HLB-^OxdEE2N5^-H>oFdg!~
z?n9D6+^f*)gHu7PZT=Hpic%^z@Ar&2yA8fvd?-ZADM*64tbe-y#7<iLX!Ttk67J^b
z!w6(3S*hG%U2PcC2?w~=BmkxS#-JLI#*mrCGVevvf-<IH48l$ZxfU7X6KR<OYZW;(
zo)aSc1pGVKcBvE>zs0BoZ^x}038<x~$Pr~BUV>VyBc$g#KRMzd0v8ctXxM)fDU{dF
zqdZ{j#H}4UELT%|f)!P(wXLU)a%jOR{SA%>BFFe_PtGpR|GP<9ib>O{Ym_pj{JY;4
zKdR-Mo9_R{B3ahB9>*i7&bbc_ee;YP-OYbJ$Uw!6{b2sZ+;kqU;;-wm_FkhJf^j6u
zVIg9#R-bYe9-ySr5z$2es(`6swMhm$X9#M$J$nC-Tdxx<##^Fr5Z>{quJMJkM&G*T
zH~1{6RpUTJ>9D6e1$O=Q_+&}q$~B})L@%gt7TpZ2((-gaul2BdUdnHGNaY8ZWY1iz
zg(+!yCUGaYJq^TLXT$LleIwu4c$m~473xhc9+3e$`S3tebrnUD!kRfwO#y-=wAvn?
zkCvX?H8H0Z-7rmaW$nGn%|T#oFds1it2}?Z0@u1Uh^F5w`|j9@TSM`weR}+p#nmPm
zKu?<6lmAMarWIWDz-p*NQ_y_uMy9Lf_b+%em}4G#CL`8wF(Uw8K%u|3OLf9A*KFAn
zpZlv)@U474w&ZD<xD9n@E80bt${bWqpJ(h$6Xwj#ty>IlLcIof!dCNX-huRTdU)3p
z>LfiG>I3+TCYQW%9c)X-Xj+uJ`Mu-(F)huqf?r6ydIexhJsWaCv|txDU!Ru~J!w{f
ztpa}B|J;>53}KLGm8TfgI3^mC(OBxKenamBuW}zWMF{Vi$K4+v=V;nqmPAO#Tl*R^
zkx0s1A*Rme71_qd*Xv~3ntj(FYt#|VjHM5=<ydv@Rnh>G<RLAR?+$+#J;#h|ofKJS
zH=k4|KLOZ;_*FS(D78}EJpyi~oV(s}duLyNw@r9mSXzL5sC$gGm#1ttpWND^r1F+R
zp_ManjI(0l6}-UMp5m>u4?{GusE+d3EHaFT$0}PYeuHN+u!zCaG%&64dUG;vQB*MB
z^Bf`^uL{FUI)UaIn{Q@y@0a<&(p6D5tP>Uv4eg01>=LHDhg!-^aaZ{%=~_M{o|L}$
zB^iK$+c9k#a3_(4+Q6J$%vvI@era!kQM<_5Y{B_Jp)+uKd$y*0Sff+BM`QGLgH^G%
z=v9?0TJHV%{(XGY8|Vc8uTTXPghIjq$H|shM=eLc1}y0M4$7bpK3O&@IG1Im(^}>o
z&8+aU2-AQ4vKcl+eS9|IETLg1u(97-v+zkpLUXEXZK6|~b_dkS%L1`QwLGQWFz1%K
z3L?H-MNNMvMu22q(S-Kpv9%)5b<lAjysJKy_x3r%$~LyG{gbsETfNq&=O5x?inqOg
z^khOP*%}oh48F&v>l=pMgMeU-YQ1)J6P+Ci=8i7JP%4?<`A%fb7;+74;lH_Gk@|E=
z`={%b2vcyuFj`7|YY_~=1ixI9<2?P=|NA}!&bKeWog!h=bU|Ne)v2N<dSw&`N>+Lj
zwuSZh1|s8ZHQ%6)2Ipx3Ns!PYq58Ld8`>u<E>AN09Xmpvt>ljLYUuo0>^;<x8@Il|
z#`9;fL;5(hev+e%TfC~?`rgZnFx{L?ZO}?;*B|)xRW{ZAaK+1d<MEV}NNMvE<sjlZ
zYCgqM1n<5+ltK|*4WVZ-)fF4n{^l6bz1{kC%|$W1^}r^xrLy`Ho(I3u)ZyKa6X#1;
zgp79y!nv`?je=NQO0WiXCzQn5!n9Y6)ZeAFshaAEwE&tw3idf-fA_@Bafs-cpksOY
z(G(%XmQjXizT`n|8o0|%n`hWuw+F9G>j9cicG&$jn2WtX{zg1B9wNFp-+b@5A$4Q)
zRI%`jnrNwPt6OhZK(<Ax$deVC-ZMo03_-&|^gFL8ihVeD$Kiv!t~^Al$s1|IuUCM|
z2(iM9`z9tEj0steu5}-FM&Ibi;rn>$sKPEMdD@41r-MUu5;1MYV*UVRo{27pcpP0M
zu$$zLY9_2~EvA%7tP28Tm~C2ArJwrXB|%rEFc!j5n4}Tit$I38$joB{fq2G#e>F1;
z#0>F)043nTRuT-%n~>nPxVbAg$uJSaku%MpYl1o-LWV@rJsAl_d$lI-8k+Z~g1}IC
zZ6EdI@lnaiR7^6f_2ByTSx(wc!D6+7_MHElUDJ>6Yd`W#LtHag4w2Lo4OXJ(`0P0S
zTQYaU8pcd;sO~I`e2d_mFvC3V4sZ>}1LjmMwH5oQmMaG-^-6^yA{l#XGMz?ZKD-b`
z$ZAp~NWkxNSi7D{+1_U;nAq5x8(4@C23DH(?F85=Y{Hr38pFWM*n5C=eRdHLFjNM!
zq|>|sxb$lK@qK;TWtFJ10r}o%8r+Jf9`OA#zr8<`u3o(#w>na8x_#UpuJ^Z=7{AV6
zD{5j|w0ONr)3}>&V8;G`RNQlWCcv^N`eb6;$;5nP+qRudY}>YN+Y{TiZ6_1kZ*rf#
z*1pd<=b!GX>Z<Nf@aufIyfd<v&*rUr`=QDs!LdaIbymlMv<4%?637yMWuXG?zr^6}
z$>Lhe?Mpt9%*`YK<oqh^YMNG=#{wN_($1}{cUveMsg%4BId#7Y95vmX0zjVnPuMv=
zX_%yHy(}E8NUxCT5(YGip`taIC?XI5R_DKD-xZ-A;o$SWCXfCkA@=^ue)~)R9LyU;
zu5x!Tut0Sj+=Em}KIBBZhiU<I>B>WW_SlV)#>KIR+iBSlNj%Uh+Ku~Tj_~>X&jE%f
zXx_hY5+OL{P(;0)zT{R-B+pR9eeCn$NW=`i5Yo#GO+q)9fEY4@oj?Cvl5PUHZ2Jj+
zBMKp3E0Qe=lK~p9hLNV8v3Cg~Z9MKo8Y=i2B!r8v=dR%5TZ#M?BT5={PdSMh*DT<J
z?!wSQY_kKDA41&9qAs6#nb<gL5f{ig0s<`b5ZY#ry7`3KR_+HBK0xdZyX^lS%$OT^
z|4YKWVp3Q*i{&bSFcek2K@dWv7d*!h6E~^NaKmb<o;{XJOx(I4{gV;D9|PU;jPPa~
zFI4`lG)LLXny(qW0w<L;AkfL4ItS|cy@wUi4WR}~V=m@<Oj%}ck$$C^%cM#dDzf@f
z-X&k!u<A3g9oQzNUP1;Gzgr0vYQ-?@Sw~8w|KJHv0|pT8c6cJvab>dSIR|d)jly2;
zLN2=@ere)g!jt{mXw$D<tk%{A6Y~K%`wQxk@O5@mz^3JLnb>oJ)fLfNV}?nJ<d%5t
zr@RBQONs1O+e<c2pxW7*-X<@%(n;T-X2uO>s~dqJud)0DzYrC3A6*yO|52yfW#jg$
zidq;CbK&a3yqY3OBWWdnsdV0>6!ts7lMTdsfVX-Uag9fnEfEO#jj$ig7Qgx1v)vbM
zjGM8Fu(A`TuL&N+kB^?+73~#Syr;gwhV3lxFji!fyFahSiHdcbXq<eYe#Y|}9s!FT
z%2>HbrgeVm-y6Q85LU`c1?bys;ezn5Qw?tWTu+sRi>BoE#Wk?2o0(-r&11Ya|L5G{
z-q<S_t_?imPWMJQM-fLJxIfvtm*JjK>SoIS{Z@6#a`3ZgCQA&S&0}oldQpw9zNCuW
zoHfJ1<kI#`w^JSo6ot-9hf)EO4sgEkJW}A2()@1^wMd@mTn~8yF41H0s0OSFHM>7C
zR;|%Tu)-dOj=tegO~<S{jkP|dfg;0N`bMF4$-_xu#mOjg*piFRa}z7KuV~uBR$(Do
zPve%I&+6X(YDh<B4+amg278XvGq)j}gz5R2Kjn$*H>%NNYoyidnEA^0Y(VKjXqlf9
zzHqsPe?#G49bv!;mb52?s`nQnN6!<c+<id@V!6gw%n^a``zU8rz4v&Kx;Ozm|8Awq
zfOUY+i^{`iTe&7!p{STk%68)(?TjZi3a*=o@?1Cgk6{>=s0$=dCPAgfDeJZ}@_qr<
zbL^7)F3roGY-q<;ysPc+UecC45F%=v6{cdnm2zJ5YxV<gl*W*4!MeVk#@oH_dS(p_
zWA&!}@y00Yu`2>(I=vdEnPvwi(@d5mWa@_Xb7QwOh!h86$)YFsF2UcHD>=-SjARnC
zc>Ma7L#!2;MrI~bIB#tX8^RWbt2>EtBF{wsl4M--lxTw+NK7r^(pL-qu(^8C|JA;r
zH2n$EhSj?v!V*N7(WOOB_ENd@t?vorB)+`0<Fc4w(Qz6g=bVn{qzoyX0%SCQGb`rG
zJFRx$XVXF1idhLg#hPA`c&DmF8nOGkE2Iygd5o@sucnsaV!6T7#Yd>YiA5;ILu)BG
z0Lm{oDTZmlaQkogr3+GThbbf6)V|geyPB<b&+%Ba4t$&>*a<%O-mh&zPMrbUer{T9
zPcW8_dpb~kekY1cR7;Q*NqDvqOcn|ZY_4fy=I0%UbuN`~)ak9n@I`=qw6Yt4ToKjO
z>JMv@DCFx0XTp()FnSB5evP2RhCBx-*@RN-Pvc(`MEh66jJRkh;<9(^j~Z)K;jD6s
zjCrP^s-iw3p{hRxR+c=Ju8z#QRK0^y6j=oD@EV11qY%_1XV&H<i1-vWGsD4nr&F8A
zcDV#Ra2eNGxaCXp)@j{I$b+hKN6WGAwX1bq70juThG(mdN^s`8jW;jWeZZGst-i*~
zohuA|m+_|=>xUW~Xsepd$FSBNyOpKL#p^N&`F`S;VKdDn8DQvE@}fse#gvLuWLG@`
z{N?DCKZ44-#kZNh78)_Nxxq)$B-zm#8Oq>?or}tYCqk@syP$i_URQt|+?FQ|&47t`
z=RZdbW1g1hBb>qnEGr7QE$?V-EFGT3<VR&(Hn}Moo(XlgdJ^SAlD1L+xA{(}rhJ4m
zUs%>iMOC~ZosB8@)GT}1Z%l}(9-77)2CVK0GSJrtk|}&8r?2n&q$VVVd16ylxoLF;
z@Ci=&$aCdbHhqHDeCsESp1P4Qi1B*gGxSw51%c2X`6nAnvsOKi%R_jTBE}i+;}p9Q
zk08X>SI?l?!W)?}LjA-#%^{f1oW8>gY2*zI1YBpkH8PX~gGOhw?1t5lld_%VK}Y72
zt2mIq=O(qve|HV3x*$Jqx(nf|DCMmr)_sFQ$&4DQETpdnd}(BUF$eBhye-Pw4{m@f
zbT*0}g*cu^Z?k)AFE99HU`3mf9yga~Xo#arqOhBHn;A$+T6GBaprNHGGH}>q1@dl&
zxUbs|ZS@UYJ}vp_iN$BH&HWJ&JF~Rn8O2DNj;=XI=PVb%X7>2CQ?H;XwDi}l#tvni
z%u=#W`=Z6E@eq&&k6gs21>kaI40vq3Z?>*9VC7ILtG|EU{f()?%O)F^759%r2613J
zmfzK+GlPVc5|#!pv&%;H)j!j~`tPAm!)zF*HISf`ZEW4A{5;22Rw=S>sZH)o7F2}l
z-kOuZYz6}lGZV#TTE0$FF`i>`+yv=b=<F@Y7=wV&IyY;|P#%SqOaDG)mcxsV{IS-E
zmG#LkaY%@zg`ZuLzQIBXaz7NLS5=J&FSLn1M^h!Hz86U|5khW0Dgt5|M>386W$?u{
zz~onzRi!B32H)r}jWjQ+H7LH5p9s4yk4{I&K6d)mo9d0P_OA*wb2r!K+;rEu2W7Nc
z0_f@bx|FCQp5&J4s5#GaH1c85dd*=R7sR=dB26Kt-!ddsqb(|1?SBgs@Vy%U<oEdK
z|3%gM+j4f{E5Crmb7}?I#JXjfmF^reH9fCiul6b<L^ii7-^*Zr22MWtAgncdY=8W#
zM=gom3{LX>Bvk*}JbwTdTq=5)eaF51A#)0kHKrJ=uIxdSA|W44rRx8O1QGHR=>NAQ
zXubMfLth*Pol_XhokHC?zZZs&>h91ZXq~!lw$hMmVTlsW+BDkssjW4*FO=A(N^_^o
zSl9VLO3D>B_#poXHA6>9t?r@RRb4JVmc4G5ie_UkF(NH5&@vKE+3pi%rG@dq{UXH{
zZx4iLC9&22h<=E}i%@xrs;=s>m-3bUJLxy@H<`B}T7$#>+w=M3VMQ(h_bCWbF%sKq
zK3=Lvl|&Z7EAU0>KPeVal_U!HX|6R~dRQe`e|}5V2%GJEF9tUiTNJ^I`1`v8-0+eL
z_CUC<Gm5tPb4CpP#xv!YD3%QnEX+pTSgql^A+8G9Gk&A=MNjTJ@4EWeLccVlD_^hm
zw`o2qgJg-u-PFlrv<64|p00lPh740;M4YYMEOUq*RGNy?vo12-%#@8v7^DknSvh-+
zo?BBZnnwdiX>|{pMMc%TAf%DK9LTxfMugsH+%y>oJDG=DeG161#eLJL<}V^B*uu0P
z@Br@9CE5!#3o@4DLtj!4`-(K2nN=$a#A&UIuKJGY2x!_`@%q{~^_ElzPhLOl`yTe#
z(gX6@KGJLsvUQB|9t#If>5v72jf_pLIsASH`%FUup<Bs<2=z1gmXw+^NL`jon8cmm
zVBXd@>$R*FqH(`))+P;*%1%$QtvuquFIf~g#`;;D@-hi#CqA_CmaB#zZ<dSegi^tE
zUFcM4c?jy)9e`{sVNc3Eq=iu$!P+H=u3)TC26GPFE}AGLDn|7-#i{(Rt5ewB`Y53-
zy`aPxlrw|_<t{;XQ-88DW(kpyet=!k{@-H<2Xk#qoccXTs=Mn2c!IJ#*rO`Y2$6x7
z!jLieu6bnL2C(`qrXA%n^eZQ7@5ZxBQ`J=MEoY|n5?hM@H3i2=srGvrE$JqvS&+WP
zDE&GNwOkc7lNT%%NOk1NW^0eZ&uH<BdW2w+i`#N;;dB9mu5LicOBo6*%Ck--@uq^u
zY8foHd*~?w;ndTG^0!@!<me{g=>V&Ab0eg5DHS9fQFY}sJX54mqm8*(Nz(s?39>(!
zDQ_f_7$&5ve<d@AZ2J;nI=pv-?qnRZe<jof*AS9WhomJp#ui`Yxgo4zi)T-wdA1ar
zyw)5*`Dh>VQ$e@3yVOXkj-~_@jjw7K-nnI0jS4!YEV8BY!Xl7vS!6NQWSTwZo=>>L
z+Ag#AHtk@`jz{*mCvGY1o^Gq(GP~D};N{tT0=mSteq9R0`+Y2RP26ipNVLAKD5$6)
zU%pizx!;5f5D*d)0N-||?CtC5{mRB}{Y*wKX1|_p&Ly1goyii8j{dg7S-QqTwUBU-
zrf{v`&wM_N-iJkTrfpxLDEdMJ9*&7zXZHCVNYFeR8De(?txMQMtGazXb!P7QS9~ZD
zv&hvR=5_B<YrzRUFU`SeqjBU2nt4#`JKLFXk%Erg?RXgt3nJh|i=UKD=tnKMJm$@f
zs%!<^$ZZE#`G=g!3Fjj}o?mowca!|$owu~kq0Lfnv_c86Z@OSTdbGdkD_li0i8Daf
zx#Yo_m^-Hmbv|<fP3L`!8;C_|m0Rn%9>UzUC|ONSrzZ3(O1ITp1V@!0LJk}KH8%97
z=?TsL-sP50XlL#)vDGHxRW@Z5!nL}kYAp@6|BZZ|P1&>Q_oIES6&JZ|uJCjW^iG?s
z#6<L2OPd4mSO~m~z<`uel29$%IDSuJZXLgQKO_z_og=aEcH_qPI~}cGgQ(-pnL(|e
ziKNsZvc}bpHZ5Dcv;i)sATm`HYET|dD&|udOI=MsyTuZ67|~ASf@{TDVOniUo!&b%
zBgZ1b7?s}~4jpz%;bKw>+5OB@21te#wLXG7p1c!;y^{=Q&RI;<sT+b9TmiQA?v69;
zhUBHn+u&0L<a+1M)8knt>L&Hn7=V1;N{<cYkmyEDJsv;I5~=j5U;gO4Q=Mp})8pp^
zLUU4i_cN2?1EuHMhNbrNY)U}=CZZcCXYnq1Yk;duls*d)2Zi~=aEW9dD>KRGgfn0J
zD2Sj-T;8Urj;U9~T2f)hUAcCr5<7#pAeE<plP_$-<nXAzisv0PGdJY~#l&IVq^HqC
zq-v_x(cPl@xnpd5w-<z|T7HB$QlAsMcz6<+YA|+Onsa4cOVP>gvi4Xj;1#yHVeJ0}
z1B%Oxb#T>TpyYUZKVCs;8KpQV^Ra_f_6Q^MuFi-F_DAlGGxsR+x-f<##1uo{m7Pre
zG$a+URgI@rmO@y1T9*rb$6tu#KB?vbeF3}QvFi}eQ~vVOyqV_=Q%eff0s{;_K3wWg
z#P(9CMkBSD?qroKze5k%B4>c1pUBL$hz%rAi%edW@6+99A22$M^U-)EM#)7ermoed
z<mp@X$R5?iS#5A`zRPDNXH=XT=jV4%cOFyyXr_Y_&)+TV`6b&RQW~DEfoz0Xn=yIv
zr_Y7dNmLnIpxI+iL1Yrr1{%6EUzpPRk%P#yROb@mw}=YJN)t?-XIF{?Zt@GU6Uht$
ztp^ZBWUIne@$7RJ!fLIc++iMu7k*aCb`K8oBRW+!qO$0!{1WB?QekDpv`XS@$1YM1
zWoe^0vz*z2rkmqEbQ!)pqbMl#P%C4C)*h1GHUc=ru+~<u*FST+U7QkjI^Kgnu+r|A
z$;TDmza1MVd^WO`%|_!UALlueu6r);<L1da@laqG!Ko^Hc7K3?9Iylf4ygd;so#{x
zwVn4B6Tz<op5KUg-QMGfzgJIA-q&R98!$xvqYb7eOKG8CS&vx4`f5sHUtHSSlr3e2
zMs@VC^;D<QSh%tf(3#22&zv9rH2wmY=p1Kv)vq?n!p}HG9AtWT6V%4?H)jo<HY{W<
z9`NclxoW-N#GcCll$y$~wnks0V|T4O_Hs3u>u&o_!189L-Q*#y%<7LUv|YGTe)p3Q
z2>pIy#o{awLY{kJnZ=V4f2Wj62SSXQxpFW6W*`93U{#~tmI_7ZEyVeWEG?lasW&8W
z=pa*V!1<3ixH(TrKLK4gQ~uRgmk8zn@5mDqb5>49zcJ<?R^IW~Xe!SO@0N_ruw46d
z<t;D%fi|wAiAa@_hRB%%Uqwbkc_rv<=w7v^J93M^IISpQXfn&Y2&`o^+%gt%@nXCO
z02KCgXiM$P9Ou-s9_xEYl;S4M@1m*D9J#JDFN5;`8Y1-j3FmTKQYs3{$?fF<y4>%`
zNXA8Jtw4>b3wb!ByIbf89Iz0IPX4bqV0n<|S(>!D<hwo7EMpEvXk_S6F^zc^PVX$|
zt2~XiO}D%#@X5KS6qay>1hYmD%1eOInM@+C%QN3yFMq1iBoX7*hwkdX&2hU*g=i2E
zo&3u<pE1LtdujBFGt_<Po=vdR%bp`21(&HCuj;Cwd7V~Zd-ZU_rOXJpzX6(}K@#MU
zQVo2KZiIi^)mn?Ag_0E0dpZgwU+QR=8MG8-F?fuMP=|vPQ%lnd5s{6~D(O*LF1z`%
zR<84lo@+mBPMXV1vM|OQ5qRLyCZV@v&U1+WTzu>n4$a(X07+IN!mhol{>Wx*^<}ae
z;-H3YD=do6Jz8%!DgDJD@0xeIW8QTV*oWeqh4N00yW?kFqmu%Jso@flPiiHX++skB
zHfBnwO>Axe!Bs9`-f*gZJ-hCkt4+vHk8A0-HzJ@coSI3>?nB8^T690R6QK{asWhJC
zW0&bDw~Sh$U&VF7{yAgj<FzRpb9hpdLZd>T<Pj9!;;RjjKdB{xYdsY1Fcsnz)fI3^
za8MH=LLdx6q5}cV-bx%l9p3Wf#9^{)*Eiq;P+cnCf)n<5x#L1weyE7X*_1Y>n7Ra`
z1j*3%Cn;4ONw{%ko`md$K_s(X>KWa!Gs3Ec{@%~a^--N+d9R=#Tsbbz@=;BWw|Y>r
z<@?We9b@;PB*#zllledO3zkNj|4j(y{!ed9zCVkl(Ss5&%vW_lBc~W@QgzhSCO0@R
zmvWVoEWI{{kc`8Ae!&}RzMrn07whuf(nl^AM`Y+9)hj)y+ITb5gZHX$^RFkSFzhfa
z=F8i;62d7zQn~kd!%;%Z!T6L9l9|_DOa9Ycgv^_^=?6n8;!T^|%;R8HW7!v5XCDvo
zq0<jr6`z<4R+FlDjv)zcIEig9N3$5JRvW$J^vk5mmTAa2%}bx2lb|y-yVmNU3lEN#
zz8>m)#AypnR7jpO;z1S2yVw+S+Lp{%YcH_W`6@C)_zP<;AdBeJ>tkm)TkB_2Vd}$E
z%$@+!td(SrR;m~;67XZ_T_!$U`9PBji-S2Br{FEABj$BL(RjGKRc{Jf(H3q7)+;t+
zT%Hrw?t%Vb0xRYhxDi%lj57E&k+|G=U~QQmU@))wAFQ2d#h{pYHm(h0u|HJVgVRjX
zCDN+DYf1Ov0HAJd#VBw5D{{l+?FTbcmv^Fav4&MS_(ZE|Sn<G!ZEor44kF031SqVo
zf5^4YVH4C>D}b$UyDMzNJakFLx9&&MVG#3$o1#~YZ4#pJ;P{o;V9q7ZKyV!#lVp4d
zjPKoJ5I>H(=M&#cC-sRt0>;+w8fqQ-^^QtT95DIByuLETJ<{!>WjibIkBr?>-t44v
zF5)u}hPN~P9266SNxZ`w14BuDLL2-Bu?Y|SfWZqY1f+*zTKA(`cj8*N;-8>WL}V#8
zSVDNso3Y5e6GOCaNR6u_@4(TIulal|{1;9CJ#)%Fp$^Zi9wVF`-H=>;9YrUe8@gqg
zt%U(=ZXW=*ccJSgS8;KV;(%IEPfYEV6p2#ls}VDqw?-V(vFDZ1m)<UF$Fgh!DgCw=
zzW1Puu_N|wiJMF|Lq4Bth@YM_C^l!xW<16ys&@v?D5{pa))sp3X{HCybQ5Ib1I|<V
zE>N{(xXju{?we@lkDFl;ev2(rmD_X}Eq6LYI7YZHj<+}<0!4mGTLb>jSTTOu&)}h4
zi1EXoV)y$AI4HyO>17hd)t7!-0uQcSy@E5&3Z5P#W&{RPd69fzkZ6Hvswv*GfX;+<
zMl$GMc)|$o_zH}u<L5dQy(r~F1SZLa)wh?6w1A4DjQNmO=1lZInbb`9d?p+ZM(kg4
zASb1?Xuad?CUQ-<9C=BX3H<Rha}y9t7QMp&-ee;Pu(EaRE`X-dIR#E}5zQcw^>syD
zz4Y>|n>~U3*~rrkRcqDM0gN3I%(QOp6|v8mlXv(sI#^fjH>AJPBwk+8^9mht3Nt<#
ztmY>h1G4foxQ-Gs9c}V3U!-jTk8DXmFJV%!>B1yY&w-}Wd`<n9sDv;oOrdP*z84yE
zQMGHS6pj5zL(8{=7?l>IT#q2>lnJ_F5Pc)^QP_IW)a(d}jJT^Bb7N6fY?`*iO?Vrq
zhO6A6G!;7)$Z*)GSQIy}dE=t@QeyotcQhiybEI1&EnA2T{w6Y>&_{nyF=~%$gbjIb
znLBUda#uC!2xy<@o5Q8-rM@1&rM?sWC6nu;Az0zSa*)58OL*c`mEb?-ra(gpwi(b@
z71mKZ#fKo0=3>~sek}G?K^n;MXCBnFt8{7ySPrVWU|Ohw_`kb-y#WQ&MIkxnF;W40
zg%HqJ*W^}H2Qw3u>-!QODeWXU8d(FSHgw^$<nDJah(Bw$`o)&oxF}7t<2I`cdVEwN
z4`QcsAqKc4Y+nC*Q!8^p+hh98qBz<X$yaPf(2|;*MkIw?8!5PU5=7HX)!-wn%uH05
zxZb7H$lTAi@##qIbX~ecvcYbCC^f2#E+(4F{k^`!LAl<PqWYJGO!xU;i$*H5HFW<t
zCqQO|9vY>-dpGViqUu1G{acMNLP98aw~FRtU#zx~m=(TZ>_WTt)w{%R#nfF8#mz}5
zKV~?N`+`Wx5I~fnyDtQ7`1p<K`kP5$FI&Z~m&E+cK<R)A8O^O+%Q6Iy$KIQI%@B9<
z@t0B5*amZbKy7`%I5~X6Fa-PI^IqxV?bU&W@g9fmNmw#CRqJdX3TBEOdoM|42sBg-
zo6chZ!0jg+aP?|ayS>rqzuK1aT%bhe>fQ|1qcrXkx7PJfbF-fOQ6|7>?%F;$#~P39
ziqly*$sn~mlx|zuh-lyFNZ9Jv6uPHVl(JRkxL_rkcS|qy=D$ruei^(`z5UfDxaaHY
zM>G-mDo)*Q_)ldYrMLZu6VC!+ujO-N>8F;P@Nb!q12yGVS_$#aKpMI=n<ekS5m$S4
z1}B%H^^F|2EeL6GmEN&&XDm|nB?4qQH}ICElZUWUs!}d#*^<y>@y@%WMej<)v1$d!
ze=52k=;{0;rT=f3ucNz!p1!*`L{0A-C9~&Q*8W6I?|YtkxLDrq@+td2y<R^&D!L!Y
z3wt*0Bk1Y9|1EyZvW%1>@%HiEn?=dodi{4SN+$n*=KdSrdYJF412PW<8k{rlP0%o?
z9|zKom0whp``cRbkYjv$G!$>3{$~3*)B%vqcv#5(#a)@z*j#zt+36<i7ZRTRi5H&o
znsUa_0LIwVg3(3Au&_~LA(~)wbbARU6>$@DO__GUKrbv{Vk`EBxhstA3+%hsO^LhF
zMcD+qdnI2WbNSu08o|0>rY$92rYT(HE)&+Yzrl%}zvG#_wV2U=;#?hpKWx}HPkSzo
zQQR$$i7oY{cq&=08ewv(P>DNWID-)WzD<*CI0gX5_y?k#n!IRP{^D+l1nnfnJQxz{
zY+e7L?uLUWj@}~;h`FxG=PY?^lJqYzyXO-hpuzuPUSx~_B{j<_fa}8y0x#5R_>CTH
z0P>eT=#<xS$~ViD83qf&22Qw6&t}SnXbvEUg_E7k5+O>V41U;-3IA2Ss%g9C#`qs;
z;0YX1H9lrRGYgg(fJW=w&QRk@{}-y2vAPASVcR{&GP~DtiEVj!uX8}*I!F5DqAU33
zIacTFzR@9zKp0+?rX;p_@ho0@GVOAYtBPEeot?O=n3p+&yfSg!Tv>ljvPp(^<`v_>
z6DNF#*nu)OW+w6MWOK|0x_+DUTK<9}OVg-SaF*!JKM2b)3du3}OGB|%i&{V7$M@;p
zU0^Qm$IInuXlWzg|7&MqjO%L*Ys{bTdjojnJ~k#HA>i})ayj+5Ch%~S?~knJ7yI+^
zeh&5WF(yeeHs%ks58m+#XsPj4=?h$W804MCnf*s#A<deeI*$#Hgypqw(mwTDSj{i>
zGHduZEuJ^a_0rxre~V)b56{ZQ)9X%UTz2rOV%q>lBG;O@J9ANpdm?=HVyg>+cPr6I
zuodlvt_Gd0YKozE7|Y=X>^3h0GgTD4xyh+8snAIF8YwneW`X9+4eF@!*2LUv#i%CZ
zp!E5R*#mz=Qma!Ir$re(Z|e9rxD36r-_TN&nO|d(%y9PSqK!NUQMWc|OM1zMt*(Q>
z=lyWzaAJUIZ7j;=K5JJg9$SL_ODgTauP(8S@kN{k-^#99{#QVeUh+!Z%JXDMI$daA
zdIg>(8m6H-Va&s3CGK@g@eDY;eARm+pC4<Q2u;bmBlXO1miW5U1S-%-)91P<bk=?b
zB2CWTDqa#4;uy?y%rY%8skSQSV>0^MP(>rA8%rGj#-}5l9odn5ehKZ($D1dhyu>wQ
zP~~z|PiOwR?k_?<*~wICA>u!K;WVz1w9nLkWfJUgFktLoWGemroQ%SL!c)Q6Oh2qk
z)>^eShPKwvDUf@CIPFe(RWE=ZmsG=c5<?5~B>1^Gx)ZOp#fTewT`;^c787sQ?G3mV
z)GK-WXDj(x#_9JGpty(K<$zZl`q}1IZhoM%K^teu1PLe&J3Sd#4v~pmDi%zVZI<u4
zbqKsPUlh68#Pew>de+V}_x+acPZ3Zl`j#h16f+~5{Wy5L61?3Y0mWP%85%XpQWtf<
zssPuXZC7TiV}E|@Z7ynWJ_hDmi5p5HUg4_HG@4ayZ6<csEL1id?kh4I_YJLU35hv%
z;MrCG0WYrs!@CwWD-ayzmWKPf5TsgpQZ`d&23l??sMC2YNY7HNL-0Il5Jmm`k?lc8
zNT%u6tUr$=R{Ngt<aC+Kpj#WTv9ed#5B2IL*-|ReR9xf0z}b3rliqo?J>`>v{8)jN
zgtM^!7%#lj|L#wM`B;5hB?%kQu=x1VnDc=_VNO8rYi*=_NyC0_H_=_0MZ>BojXi0z
zmxl~3v)m1Sx-=_z2iE9GjK+SY0071nsfElQV3IH&Bs?)35Y&ctdE*a_rIN)jC8K2!
zu6Gw~9)*v8Qe8V3NUs6A>bGHMqoxdcUofQJ_2RY39rM`l1kW>-`CC7Zm{7L{H#cr-
ziC<17t@V`hn7LCzd0Iwd*I6*>@fFMb$60o2*lrStLw3Z1Fg=UU_Lq>>ZGg22Ng=7u
zKJBf48!6R-w4IGrl3s<K@=Qrc^P0gIw991Jhn^KGbtIYN7cmP6*Ss*vL*`nNSylMd
zuqMTotNR~%w6VvTop*J05`LPt@1PP{Nn3J>CENnmRAyp}P}u2QnR1JJv(S6RxD)3S
zil^-s+;$?*M)njnjw$;q<+78c1=e#JK!tuWVw#HUjPh5o+MN{#5!HKLbb8^@8LuDF
zi$OQ%8%nG`j|1fhv;@)?osfWl++MWJqmVREEw&t`$GKM`(q#$(&IlD^lcoMTLxhdj
z7a>I=H_)K0>ZcuOgoe#+XG$)=vQ}CHX<tA9dU@HTVU~{#gN{y8IE6rTb|q*M=2J~Y
z<!>!NzM5%qcs#DtNzAIkEKbp4w`;35ec^w47P@?CF%qx&xkf*O#(>)d6L(;QZi&FZ
zQe*-nlPMX*Y|uj<7CLahW!eWCUSGQ_Wr%3@G|KIqSmt`~f2;T(Y#<^S4{lTCfTRv<
z!z80v?$FX(iAl@CGTt<ep>96VZ<e=&L8`jOqbf5PQYGD`*c&_HcE8o65loh!M7lI)
zyso1duP4(yXLIQ#Bf%d*105bZj*2q}gOXH1qxA`KoNG8=rWP7h+d8Xvyn##BVSA0^
z*eX2cm;E%mv5D07rQYC#-t^@*H@%4UZ~C{rGvRg(*Ai=~*INlua4j4#Uh}4aW^>3a
zJk2}7EMw-SelY;|w^36cKS1pY0c(YTqCAErShqV&LF&*9S{;*ANyU670)CXs`Z_iF
zw<G2o+z2BJ=Kc~nM&-0Sw<WmY>aU5sHf*Ko)ok#9F_vGZS78ta0&R(dGgxI<c9ntP
z6X!vu>=dZM#X}T9N;+<`PZ`srrU(8BI72?@98@BQO}J>?oMy7(ayIcWDd%&RvTFM`
zJ2=T5HCx6(c#n@bDk+K54P=R)j{4HYR&kwRSLLx_2#%!Ukc42jHfTkq=^^55%xdY8
zFF&G_to<;p3}|b@Q)gxsn}lIqxD)(sTF3P`=J8i56s%y|_jg7~*AP43?NYNMb2wjg
z6vDX$!?FV|2k>FSWz){NM%%aK6rP!{LFjt=g&i|FYs|JvYl}g_+WP@SQm|<K;O*OR
zRcn+bCOBran`oY~+&jcJW?L2sbz3ubi@F9rV3r__gQ!|W8pr#w*`FXG&7J|HU9ahW
z`#czUF}OqfnSWxZ2=^l{VuL9rt?8As&(7v#97<ew;LvH#j(Gz9zGe)=Jt!r3J&e;D
zO|-c=S(HOkAIg6RFjuk6&xFx63Ki8QZ$X{vfNsq{d7G);y?6^X?&^LQc|?I?$t|;)
zZXElnrrzGGP)bmqu3ONnPikmb^b_9dTz5TTv;i(BX}g$x_i^tY+rytD`E!ZSF?-|7
zKBNCcWTKS5I1<!3iTz14!_Hc|D#8w<q~y8lv}cgt$`5Wee$>VOlDEimE)_P!I_)rx
zZb?}?wy0;FmAy~(GUE80jv<1NnGsWmVhbz-xa4Mm<;q?t^$QyyL^8ImFQacR1-Oz<
zE8kw1ZRk}w*x5RC>}o-{!kKe$-pz7}Y`FRF7g1S|%f^CX0lgmyq;N(fm?Kz<c$lo1
zUIUxFl0^cp8cL9S!6q!zGBb;j*YQ?OdH*=8c$Prc4@>Hh8hVn#EQ<EJE(a`hC0Nku
znI`A#W$MQjc4D~Elw`awZGHLhQkoaZBjA`df!pTu6JxoQB2YeEp7npt%ZA?P(J`<o
zTWX2j3?>X@zKNeLj3LC#y@)u+x68CHVH4o*$=`R$2RD0`+NQ)QiEjRf8if5XHF#)O
z7hE)j`5J+TAJF*fKNv627g)}?<$jqp?L-UQ=7ElW)D(g7Fv?9(uY3T(vIWMoBCp$D
z6JkGY-$;Q$F7LBdqOIM7zOSvMRUZBQ0lg|lWOjx2JY&-`V^Q{sq)=UUn9=4=jz-vT
z1FaW7D<hwoF)fbBJ%rG4gm$?i*W1Gm*SG42kq*{P&iT7aWrGSEAv4S+z#{c&4k}+y
zJ3&Y1?0mFfg0QPWBdMLL_$b7ZWoIU>VjJQVwjmAtBoNj~s+^n!dWn?L@TjEb?#IZh
zxqa+rRb9!dxw-9SS6z9`shUFNRZhyUv8ZkQyFE}fHLq%HdX!ajE2H5Nnfp&_oL@OP
zt7=;QlUq4Ci@dN$>+z&&YW|w}-&^u3CujQ~x6tg%Xn6GgJHVp0@!!M$z8dEad6cER
z8|{b%hG7)^lO3bcSdlgr$Y+F2(%gwwGhYy3`<alz56YVK-4Y(~^1G3p9IO6Vx(q~9
zBw_8gugYDz@AQ^Y7V^xUDh%c0N&l$}(wm|Kz%(@Lnk2;rzY&0zSW}5SP5nn#q<tfZ
zNyucNMkE$>WQ4{z#7ZvNRiOIq_pf8eplnH{PpncIap#=#q>~h5v=E9?d}zm+YT3sk
zyBsP=p$iX*RWztXDml%6FyGA0CT<?eHb+r;Aj_`$=Lq7XT2#}@mPsZ#2<vAJ;Sr@!
z*K6lvgK?T0#L?(v_rd^XXn}bbkZcNS4Rs!6$`GruFN1@f?xDrkvD|&J(4GMepc(Je
zFoob>ejA_!pt$;jD5sgE9dBc5b-1ANA<l?FYMm-*C!=Qu)ol3JCV!%9@GHN^F2Q>m
zwV1}0Pyga>d3R7lj~4toy;e28Iymm-L7~+|C)Z1P+M1nA9a}I2WKLZm#;Fkx+-p6-
zk=QQxA%c>#M1)HKO_m)dxw%Z^F>)RRr~)N)zVO0V0Xm@YN4?hJ2-^VHEugbTRM?eN
zO!x!$PZ9>WvKHv)RJs2*sg}+3^`^`MbgZ^j)=F{)Qv<U#cn#!TvCjO$Iw%#8i5GM(
z?+?Rf(NJ>A4)6V{ZQ8_2ck#<o&p;4Qs|Bxm_Yf?JwP&=4Jpm7G4zcEV(d4|<SL((F
zqj9QHmnV1bnWcp|!9ThiW8;6iSf#OIZL7jVLmyg+OXht=TCD{W&!s-38W%ktdTEU|
zuYAQ})qeqweBh~jE`Vgff29Fh6xY}bD$eoHwNMk!Zbfkr<I*41z%RGY%=(>vGwpl<
z;DdsPYy|B@ex5LI6}M0rIPZ#X2G<O8u_;7sjrQQ6yX}?ttu;YgXtCJj)YK2Nld*ut
za+K*5+H^t%TZ>402qK+(a7v1vL#Ov10|#@p(@WIO-TI+(EkjN!`4OyQ0%oRcos^aT
zaxf=@+<h~jM$41;IxKM9QpurV(BnO6*T@~}nWw<;h3A<5wzi5K^>^na&*+NJaam8m
z&uIUZ61Hl|#D2wCgnLXTDQBTK)gCt5@*-{_HdV2>)PVFzs^Q7r0IY~%b3Y?q^3G5=
zno4Y=R&iiDWH8r@Vh}14h+x=g?my?u&G`L!l4+~(1Wc@O!kM5k{EOQxrk1(pcNyP`
z``W<L-5;ee#2DTQhcH`>O%59w$v&9auz;Pp15C|IZ#zf8G_L00@!iOQ{wxb(YYK!O
z#3igvtmmhSK<O&9{~b?89~c-tEkYVQ2ndK&U>p}mVqKL&y*emyn~R7AH6U?zL0B={
zde_eNBNx4<t`xgqv#u2;Op|`R>Ak7E57Ihx*QR0Boy~g0xhdU`i*^si*E<?-E%@RD
z@e1wRBt>vF<pOs46D2}ayz0qGA-)T_nKTSf{z`4-FtD63p3Cm^^v+wCgVEsA7mD;Q
z+{ZyM?rugzwiOn9P=daV;QO+R1mwIWl~zNsc&Zqjg%wMPsmxd4d2VEHJ!_Xy66y$t
zF1SNgI|&XSPfIn6(Q!zI+KGZSka1mX^y{Pf=lZ;B32C1c@x<5As+z#RRQG_+A6?%#
z5tO3DJaPwn`U6D4#hAHg9DvZ${3~TcFG($G?<!becwF&0_5<)AXn=9Mv$7NVgtTJE
zZ6dMp^j+tkIgO;2>v+f`QQH{v-qVB5lr<6PaSe^1(9kE);%VXQtzqlX^PzE()o`dr
z9oy?9HHC4B>b6xWeO8lGSyB?(Qo6#aDpx{>8l?SO><=(K3G{|2Pj{1ck`2&Lo!o?<
z2Be<A!H9y6oDo8~X{sx&Y5_hfpUVE#DjoO#Msj-e`9AT_7q}kBz<u#R<XS1XR7_=N
z)X_^`kws5Xy1p+SD_9bYbmhmGiH@0xOhiJS#U=Wk#k7Zwp#UqEH`n(y^hI5k)wo4Z
z4Gd&4Fv;gIaOt_#)l9Z!!NMjum6IIfZKv)$3vp5MX{HXk3+J0d>8!n!y1<Tai|2op
z`eh6*cnDDjnGyxrvwO*X%B`vFiYrQC+E9>NMx9kg4zgolm+=Sl`|3-vW6ynzi)_x!
z=@~<Q=#F!DJT;d=6ZcVJ7=-=jLHtB3F5QO>phe-`SZk9wv2(+$<cbcGnHa36&&dM(
zbK2$OD*j!_{R;-Fu3olo*X4-hc6uly@YXVeT1T}j{RUoGfcx7=W@=|(Zr)13OxdQx
z2@c|M5_0)DY^>SrB2@!?F_ll^3B}yMo95zQ7c3PYyX0or0!VVGashj;!GH~0yBj1Q
zH`P@efhwOB`H~tnE~PvH<s0xHo^m5eG2UU|%<>3Tmq`|+Y{jaWw%?!tKe+_G+a8=V
zsZRt;qrW=3wCvZtB|*JHTplp+SXVWx5;50~6L}2t%}?mNeTqHY<In5}l=#xOXj1F`
zNm1Ice8jSHCkV9_r%Nlb6a#Ijp_9Ip;u8OPT;n42RA)#~QmjLEifS#f=AX2ZCWlM;
zc7dKkUY1Ec9dAGBIM~dO(1>d&J=)DgB2^S}@`7ICE9j^9^@u>%h&&=zz$(4u991s?
zS#|>5gU$C>M{KwUyZ?7-Zg*}!|9SvcmQ`y_BV5^DD^`t+=p*R|B>8NdFKe?#i0lT$
zlpxOL4i(}>tl3%c%c{^waq^j@A>~=F%R<2!^9Zy~YK@k*sh-zt0Q;e^%nyAi?OuQ=
zn*XEsn&?Ezv|UEy+sSF`xJMC&mW|{D_)J$Szy&%O-}IR?rA>L*YB34FzDqbQt2F;R
zs3Z^qcm^u1oU1!x$@{Xt(T@eUZE(ZVbn8sro>uyRgK=!lj<(QJY#?KAC^WuUer~We
zHUX%0Z9nEx$vPbYt_J-LaY<cuk+ZTGoQ_7yXhuxZIr8X^1Xz@IrabO=7JcKF){GxR
z+WgVgA_>?Kr#naKVnOwe-%W3fan+!6dZ0fJGskl{>hHkgsiB|Shcf%_FFl8o*pT{Y
zP3Y7YGHgn*_LQ0J^N#cZ8#O}IT`>j`vTp~>A&$Dn!?jf-e}n=p(}VzeuTqxuJnf5%
z@AD%Ku5w?!Se&;TU+;uWqjN~eP^hQnTwF^Bcqh$^4;Zpz@9qpDuM@MkL$fVgY-o~Q
zW6JGKhSyvAbsM#bjBCwQ*l98WY*$$H5z&3mVUpd~E)x$VO_G=FmP7tc92X-u884Gq
z_2e@z?H?cjZ!uKZ6Y|1z?W6(a0rUhtCZECE5FX3*b&T1GRBHsC^QOz%QX|*PXs>ej
zEl@CZK^74#n3*CCq(9$Zm<on{%ASCmh5$ZMteTd9<yPgkg&w;Is)`iZw|+9g%R1S>
zgGuR39TAky1Wdg3b0*$GvW5{=!q#=LMP=fpHcS|Hiws+R+nSY07@q#hkc6y5+odz?
z#!}fF_w_IakJpUMNG|EU7+TY`37zrFMcUg(-gJ0b)(rk70}X8$GSfqd_aGl$i<I?v
zsP$_!yqg_oiMNh;eI!ScGr?rck?!2;fzU-&vMXaO57p|G&$dJrAr0DGI(C%WH?Vx-
zUlp_hzn>P^32>!a@-tdKRvvdu87)qY)^sCW^vciVl1aUAxu*DHE7<6k#?|+C=p+;J
zR;O9Xxwo?Dr#j49+_pCyoToq3jbEz|s<(OCchZGwen}en#9Twasl;0rjH_x@$UB7T
zHO00p95)k5Pkl$Ru!Aj8*{Nk}KB~!cAkz65w%3}Kf;`3~{w5v~PO~9GZ#U^Yz6wLp
zrf;XW?5HekI-pnwkzm0;%f|q4SSTa^V?5?vy>5_&v+L3=^VvYHYeRAGN*<&cncS#4
zr1n0fGjh-I=s(GNKA${xT>GJ;>t6-G%|03J0$<(!sN1Zc=9`&x5`*}O+>jA$N~N6<
zh*u?n>!L8&=X@#4uwz^<Q)sToM1huRb7!`YQvVspSMOc<Q5DVmv#fony={&2X&l$e
zObo>TkiPR**GH!755izIbaqnL;J)Q^Hv<daHdmh~5O5W?C|hgPu8mCMvi1vLfgy74
zQ3Kc(C8Z(2A7mwBpkemmrm!16T`FUiqO>NAEJ;u0Smn*rUWRtMx-v#3oi!hCl*#J|
z-4SC)qKA~zGL)DNZo=ivgY~^wp~?u3F=?#T_4z$zo+>&UPiR$sgRPoa$ZRWoh^UP4
zwCw}M`w6}P9)!V4#JUJyv}|IbmS!9^+tU-3=QGBFco{sFl2L_qdbh%Cl;xtTTC0z4
z@n31G<OQv3E)nQ@TSjkAA?*5lIAOIP_Tz5&C##ehXV<^(+C~i&G-gH9r6BTU;117s
zgJsU1cB=VZ4H&K3R#uh*Zw%Tl|G+cc5NnmUY2G$)eTAjxYxV?i{+lelHEk6IWwC!o
zwWSa0jf{-^=`jlqjH~^}co;U79^lF3Uja0DRvkuf#7CTqj~aGr!rTFRWywJPg0#V4
z2@^53ewQj-?S=-$P(;o+UYzmMvqGFW`sP8SJkDJ{_1E8X#E9@?v3{3kewMfL_#8+M
z){D-=1t@A(>uN2=Qo6Mp=7j=CR#c`jxX?t?>=3Q&iyDu86=C=N20HVR;jb6QEZJ<|
zSk5@ucu#8W46x?eBl`lH-~@AX8<uIi>0|GPlZ6(!02&Ef%qbHDp)fpE&6CLErc^eL
z?EO||&&^1%Eno*xL%?9T!Z{qV-)j9YS>k?q#r;5kc<(T|Cx0m+PZ)RFvh&yGOMgRO
z9eziVbbyiiL717kPjOH^Jbf~MgKvkkPF{izqYLh;&e$oTZqv+w)Mdz%A}d3FWH7gF
zuP@c5H>}Y*(tca;`z*wk`7%MT8)*=kx1UX*@=0^X2C&4m*BKSBl1^EZ=k4%WZ$R2k
zT)c@vTR5vVG>^I2^%pcD=PWnmI`KS0q<u@)$&_6#W<hOys7<d}&MN?<xIue$b^mW?
zjr7~VjjUd7d%ko>Md%J-9ngy6u+|H%)%V>qmS7pyf=0ipj8^{=*0OfMZmoY^pzZ8`
zH^fv}wHQ70&-z3$5iTtyH+pm*kt-0y6W&1(tcj*X(Px0Aj$>96Vq~~`P-4g3P|AMd
zf)cTzt>*~R{lM*R-bduoruU=Ln*VQRSB_8m7FH#S2~qJ6oMuVcjS9VemVxDh-ZP;5
zC!v&uV)b8o1ik)Nq)+bkbXWix^W0|wJgp*~U3!?~9}heUy_NnuV_V1MPNqt{|12+=
z%LvSsc*dU`|5IpCa0OFoD+;2X+p-@*CK4sH?FP0u-1KdbqpdQzA$zL9J!X(?C_{c2
zFM4?jhb(ko`d~CJ@2mvYzP><om_{E+aSy|qvbM?B;(p*435rUqi_iSx-Rd;UjCHxe
zofx3g!N2l?goM;g(G~95j-grM!1Y(V{v=}}M6N>r1H<4WQr5E&z;`_bfp_W5xvgyM
z?Teg1J5N<jz=B!a3)zF@8?%<0cl*MBRku`vB>T}{g7h|5g7n0n%r8jcYhd$3;cKu6
z^-_-XmiE|?2SrP=a_QpHzP$R+B?4t*l$!uj7asT>p(G#P8eJHC-jjo9izSjiWKgqY
zI5jda<W#d%I5sjb<QcP6I5aZ9v&JMJPJktnUdFZh5BbdK{Nn4_<^24j#6(tl^oE5R
zr)RFjBtdEdd#g`sA|oZnmj*}O$J<uLZI@HDK4J0zS%t5oMgDW(bCx10AqA%Lvq;zH
z4K#aEW6jol3tdR?i>%}uJhRx+eP1$nP5W<qI&WB3?8%CR1|bsvZ(V|58fJrc`!nBb
zX<x80XvcW^1hg>bTi*zxDPE3eR+3U7y+UiiH3+>|g=`*)@qMNb_AF%+<=Yx!m11sA
zWOIV9%XXiyru=DBoIt+uMkZXv3%i}0bLGY>`C1|HLZLP}@7_8nqq7zV=V;%G?XmFR
zyx0KhvOrFG5!;!z(NJzVq2sR2KLYy}1U#3Wn|xqBtqh<ijr_+Fxuer}R{^LHVWio$
z+OgaVyc-qfUbTSf;kZMrKYA3H%^zHoqlxEgkXMGJ70P2_R#g6!zF(P1*PuMM62efB
zHJ=eE!8w1dMk9UIUC6IW$}Q6%u+rJC$)u#lA%k1!y=*hSnO`;-F^3BYr0H35$i21F
z><%R3bN|;LXT=?yd6TN2?N8aWZ7{7UrFpP{b3tBZh+qH*uOd@@+aK0iaRu54jc6c*
zNSAAkiR>eR4u=>V=3e%&5vbK}+>>mLSw%x-ujx6oag7!o%K%P5vA@%G;>FiQ!8G2Y
zuD}RI$0?A0`=`fWNPY?ZzJErnp@zBpc{yi3$Upov3C(Fn%uARi@7vXWB&`%s$!3Pg
zu#dT!0qCTUHjn?+pG3XR>v?=5c*?CiOY*yix9;LDA(puD{Eic)*0X!*8)FWV!`^za
zuMuKaT3khO%&>Pxinr47FP_Qez(&aSE#NPy2GVNJLFsxS{@a>I_7*7dU+C+7&UO+Q
zHJi~;BVorGdu&}nLZolAy7+jgI%RV5DjH-7_zA>ELWLOCW^6jG4RXe~tm6H$Ml79U
zK17B-+|G`0+krPt$y0&h-R<Kla%UIq+k2e$f%_!?bzts<)m_A`t~sOOap}9Aos4hs
z!UeJ)*I!H=1;lV`=A&wcHQjj;Y}oGu>j(j6?Lz~(Bs<GaPqPwYLcdx|)-QU*n?i~0
zPRZE-%cpcyQl1gU&ApZoOWjm^41hVktd#=<E!`kpgXeTw=nTjBq0tG|bh7~7wkOX~
zpN&=IL%R-r5t-C9`I*<}d^X}KLtaN8M|f|`q+madJk?K-1~pkWXX-{5vF30P(qi}K
z=7<KE?vmq}fa|YSj=AESydl8nMm69p+`%OW9WI=T$}*Qi@eG&>I1HeNbHDtEM(szm
z%v&7{5narI3(@x%%Da~F8p#w~c+_u-%GdYgwB^~<bHJ>j*GT6ZD7HIc@sD&%BjOz>
zB*$$7Z@^0(u8cWmS`l~pvyvFIAxNeix{Y&TUM`;GU6G_DYP>AR>^5t>BJaeo!eXU6
z3x`?mmxMw?71>=V6+$C@xT54_pNfua7_@uj)R@nfj`kgx)ANzulM7qL1{i^R==1mB
z{$$Aox^RE~X?l<E`?Sx`wBfMUiw|b#9P!U6!S*RthdFZD?(0}<v$@&gW{?i)@g-D7
zu=0LP)84YE0V?13+AKh*U8twsUtAreewrvc+=C|v2xYDKo;M005#&yQ@Zl5?vim24
zcDB_@Fbir#r55USjo5EfdLMDb?GM{uvD{}z?zzOCbIjQf3KO?$(4VkH!yCRGdc$t?
zGDO(HDw77)b1t*JTnB+p`}B=XQUS`;qBCTpgBDO>7szmmPh^{T_$bdDOl){((lR)I
ziqg5;6LfXEuPr4Ec*&<=t)x?Eja6M!sUON64g9^AIFHqB6v*Gufy^_jJrToKPj81W
zyJOa8?)!}wS+Cx6s43qD{(arN{=eBo_PW3ruFH`>pM2WWuI4lKSh5-$Ute(1o^eK=
zHZOswk2FMAQ!gd*45(T2vQZdb;Wz{psyk8bjTuAE4;<p>bgmPOY@UxuREiJ<hdr!7
zXyIDTRx+5Dv5jrMGP;>zpl{CH52L{d5;JwUQQQWZlFpg!C0ZXexHL8i1jr+~QVsqj
zzJpxXyadm?^i)!v7r_QoP|`n<X5@3-mmApWOnT47C&WV*F$Ld<(+z^a4x!MPh;Jml
zP%}<*;id<(H@92-Rqfp*avRgaCb_-yuyA%WU&*Nim#3$*;$p(Q+3&BT+c=If|Jt9=
z)z91I&)b&Qy^hzt$)7In@5}oHIV(aYIFUt*>}Op&j5Le;1b_7!BgznK^VI7;BxLVg
zhHOR67)%t*a{L=VDlJ=eWKdz|4sC>qP+erLvhh=uUQrYrhs8qUi*MaCt&B@}T9D0x
z!&9v8x;e14#?KMg?^nK2*PHc?FUCY*sJpm_c2`dgXtK6_94P<z<=&#v7WKJ06fPI9
z>haZz{?qm_8>e*czpJt?W15leUKkpdRx1O^4q)k5TuU$iJG6JczY3vY(}|K{JZ_rG
z1to_eu;RV}lV^2+Uj4D7A&EM~&`4ou4t>xde=g+zW8<8fI{_3WAKSKV+njh}+qP}n
zb|%(8wr$(CjjeO`VfR+ur~V3E{p)T{adu=}rWdMyBjQXX?4hIIj4#6E-$VV8U*QY5
zS!b;U!>eG&6@8T6EA6Z5?cyriO|pz|*hk#OYB<9zjXo{&ACdh2R>B>)hlX<KaIKL0
z_snqhw|-UHmn|pFuL_6+_zfyYteF;mwiJDo`5=Sd9{NN0oN)EG@o-Mw%dhKjPP64S
zS<1_T4trnW69TNP*fFk-2yEzLcQB*9qJv$t=a`*UFs+maJJx!Vnq?3Bc1G^-x(|M<
zerS-%BPjQw-_@@8V>0yl)Ov;pyI`B!5B9Eo;+t^r<?)Z8$S3q-%Mo!Op^4p=UYGuV
z+}($ssoLHp)4haSD|^LVrFcngn9EM%6OgAO6io%=8E_TpFQA+;WmJu#NOKErb`DJ7
zw6>bZ;MzFvCuzu~mK9Q36Ginw<^%*pm{~OtIFskwyB1FL>66Hs1~<vq!!(%;oMfih
z_$er)&Pz7}LhuJ~)`zy=<8Gr}8%uoQ;#fJpc#y-sawR}99k^;in;EI4SAq;CQ&akT
zd0ghl!&s0zo7arq;k-6Ljl3u?IH>$>oW|iM9M|RKgNz^QaB+b+9Ef+^*{E5Q(n5K0
ziO;~He35J6{lbpSA0bQmZHB-n#M4@oAwJU}E0Zc}(NiFyjks!dcc0<;^b8}l$)81f
zlnep@*PsedMuET6J9jywxZnbPSt{Up&Lj3nbk~!o{v34bpk)eC{p`YqsC7HodfhXQ
zF>N+F$R~jVN#w;mDGI{k(oQ{E)=AYB8qDDeL4}-%u1%2OBzV*0vzgUirvO{uK6k@W
ztwe3x_C-g#us)};x=Tew0^&hB{oRJHF$@1Mh0TATI3jT=gmeRV;1N-l)AGLqJ)(OI
zm6x;T3~vJ?8%qfRb48GZ%QC3*YWLrD4$69(hagUQ9mO1dP;(l}1D~#*V4pOp6hOjQ
zGgIKRPxbD;7L3`JzLM;{hW@A0lgkNS1Ugv2A!8k7E+Q6XWbGIaE&gLF$f|Qn?}TpE
zSKo>Fc>*?JZx<(%ZPe{dbt_q+Pp;F8w~Pqrz#2>u-=A@*K9<GZ-k-mwWKH6nZz{bD
z$cVP{poa4@UiR~_Y*HCYyD>l&{I2?K(JxP*uufinVMH^$YmWV}k&(E1(n9G(oJ~hW
z1A4iB{`cok$CIm=nE5@P-}?DB3;LxWeTavWvJ}bBCXF|~6v?jk+VLih4ASj*!E&x~
zx2rF(SpYPT1o9<#^}D~JB_>tCTZ6gsegUh#2$5g`!VD}lwF*~(+VHxvCxHo`kF_;M
zD?xWMD=E=L+A+9=Q)`yoMiFm6j9mz0ETdcMm^abapA#KIuU@9QU4HNT&!z6pa;qyY
zwsNa0FA;u^t7=$@{K}+w6zTR1HcNYM<r@K;6f|6!BfJoB^nX(`KtGo;q;d8d>|-dJ
z9a9-WcLGa@IV>XbjN(CO(Y*P<Up@aL!vwc{%2)S$e<@#@zGWLme;#oU<s2JEUC?%3
zxtFa^!Mr_T7P6g>nqkASW-ySxM;<%dgfP`ccxClT7|JL^jqpXOq{9wuXyC&~%4^nt
zs)%GkF3IZUIS0t<lcWr`eJKK69m-L?H~c69m;L>WyQt+2OiO!O$FkTC2!wa{TCQ-C
zmjBjncg{_O8cC@(MqBF%kx6%LUZAV*sWl$2`YK|ysr^-o-Bet)d7QHxmCnqcuhs`l
zk5x}@XV+W%Fb}v7VNuxc9$kB{eaY?g?6eS2{{h$4+ZMOW{>Q$%yKx8kl-=)ASGvHC
za{a@l=WwKIGO|`Gw*-Kk78fE#M6O6DcDYqyiD3TjE8t?R^m8<<PxlqqkSRf@8;MdN
z3T(tT+qfu$<&@(LI^iQGXT9d+wgr`mz*m6_p1ID-N6Kng_^OLma|6hTTZMB8EsoqC
zQX<7{^uuMN46(D?{5+8rXHkEbusdr1ejxI8=HJbJhejUUu)&}kgtx0*MD4F1+y$m<
zyI$1yRi~9094n=9YyNeHDs^a3yF$41b#8#sH6sLX|7fAo$oxB8YoJ)WGq(A$JD28^
zL#uY?*s#zWj&x9^UP`C;3n<F8-NPNZ@NdP1`nyd}_B=I0<vk28xEF(<jtRFK$6C#0
z=4f^#x}?1tgC3~f1KpdH#_}{#bw_Jmxzdi;vto91t5UNIu^W_}y!bcyufVtM9eV)=
z^B*EiW~Bm5=4T;BqaRjx4v{C4-Kwp1*sfRGBX6_vDZHA9nirk}egGQt(*>zOHOEk-
zU%PBoHOv{jZP^=!AaHK1-l|B``dM=sQ5B1W^fo!f-Ll7S7pA5z_b64RE4=TKPDnV{
zek#AjH#FQEmb^TB$?Et0WP~PM={|B7w1n&dWJ@KB7K)pCiY#_R-W>X|h-J8`ZAmGw
z?t&PksgW4aDU5y5e%~B&s87J+i7c3G-zJLuccv(XeQdNugTn${d#9(Sblc*J+X(_B
zK@*ifn%TiRzLW)UJ71NO8aRehDQAkg*(Ugl{LvG&+FX*AW?V)W>}zZ^?TFe~(7E;q
zSV^4HG#I>nBrI1zpCu>&g_j_HFM?QiWeO<1)2R%U?*%Jr=B91Ike3bxs7psL$P_#(
zsdA-@t=(S^LEWM8!ZUnJnNRGw$2QrilToN~J$n#92;AGqUR)1$OQ%y0DEAn^aZ)Wt
zg-EsIOXS{0vgE33R!v-tPB%9vGu8qq<*wP77wd+^VztsuLaCOZP}8cCOx|TaT_hSZ
zH!28j{Ce<wKK>)@T~pR=<nqBWw+)se7<}0SbtdK5>NKgG5XuFNX3!cr?tzL1NrMvn
zy1obZ?Tbqn4&*3))zUHI|G6Ce*Mp_tlX^I`Dk;Cw5d?*wl~xv*HT;!sTtEN3^|9hT
zCcs9jN?9;tQ2afenR*26>udhPJ$(V%wdvxmzztjK-j-QvsL(zcE|uAbcV5eCpADH7
zU~s6d0wi{lobZ8)Wx2RCY;G*UI@!?zA~a!b-fHey$Z3~PsO!u3=HcMlRYS)S7NpRk
zpzC$m_pn*V^LD&4wEPBl13Sk5Z+zomvM&Wab4Xb%T-DYGb(Xj+mbX%!jFYl!j7w(R
z$k<<8HlnPkWGOev3zWo>L0LR0Df6<5-+b2X-zciC|8JN1L&xxP(!MxeR*yQtm&Ugo
zs0~oW6W^&8x8ZNS<{E>y%XR8{H*}aSpOl2>?s1zc7T6A$wO%q$nFHt=a1Pg}lRr$a
zuJ#v@R300+P(95og!LesG0UZE`^~cK6h1xFbQF7YsoxxiIch&}K;JlR-5kPO|H~fR
z<dH#IJNP0It(Ef?V|I{;4szaUDukc)O<V{}*D-TwS9}Rwc0&b$1V0tP#*%x-goiPD
zT~3K<AcTSQq?R}RJT&uTWfO7W1V@z+VU4bBRrsOmHGW;7#t(xf*ZnHduos3P(HWW!
zy>jx+8qCti%+twh+NK#>(l^1*Hxq>cO#!=5^t9UZB}j*pNGA-C0ivWanQ4T;=Alx%
zUS{47=>?F1!M)`uAXd1vGl6R)N6&ukE|&sO1rN}fW%AW$#P@!Bt^jr8`Q{Az`#65B
z9_DWg`nmh~xI7JV+V}SG`G1oN{=7pf9<RRD<;VLO)cMDdIr)683IuksZ|j_8(wTDw
zVTz^md-&MqU*UGC-^IhONQ^!Zr#uub>|8IkqG?jtPXptgFWY+4InkU&O<#<d!3X;+
zT>Hc0fw-s2dta|^Srg_60h%}IMpkF+E|1fCLQLK$O8i%s+DTYArSs|Kx9ZOYa$~Je
z8$eL2_)!f$2Y3#yW+L)+%yAh9@rohrJnNRVWJn|Ly2gb5g>>^fvmk32pUBmrR;LdB
zx2_!8V}0z*qXR0K*0^xhWg@d<_-~v31*|R^WapK=KB=Z{p<1N{4j<ieC6=WtCDz5_
z_QN!_(9HA_gaj&ed8Ft2?&Jb&NHnUvdRt5VkUR`QNDw`!O?xCrta`hv2-|bJX|8zO
zvKS;Q*jWT46&y3@4eX0h;R|vSp-`@{f&t=mdOODl+(BzkEsXRpb(r`^?G%TUOIY!B
z<2qtJ#gp=Dz)o{b<#aZClT-f$HqZF|4yDptx!;+<EtV#JtwCH7Es_)}05IJT2??Qf
z6r;0wm4yqpeZE04d#e9q_=A=vTffP0Zo8(<Japtp#K>By^7q>NTX0t2pUeC6WBd3V
z_hDp2e2rT=0c0t$i?$?aD_sYs*7S6RGq|6MLK5hZB}@?*_o$b_lnDm5UY#A<5}rYV
zNTQ0n{)2m;WZ1`L3(>*Kp=)nw0J>PSH-Dzb_HZ~snr67r4sIsQk~eHuD^B?MpW{Dl
z_>o^YG+{{6vaL2kphgT`(OJZ{NAD%~Ixz!BNb&Uf3}_A($%c|Jkf9!dKZLnVsAXtP
z)T4*HRHMey!jJjX;5BssWtfejyfQR44?p8B%K=%ac=G|-w=TO(DFb-H-?IN$kB?ch
z`WII>6b;H3Ht6cRuMv;MkW3~+3Ku?9vw@IIB;Kak8;KkyREnvP?bF90SuA<3GiakO
z^O62Grir|j!$C^h4B+wvGe;F+R5#$OTH0URQChg$U;rMe!*qv^2b<Ic`Vz_Z)Obao
zNpRe_QvuXk?IbiA+n@`Tjj6nRWO-xt>2)nTlRJ`%&C>Jl$`etUmyH2$({slRQZ%&V
z?hjaUFP_ivipG`NWaioK64K#OHzf1TzgxX$)A$ic-+TlY$WGngqE#0m3~^?mb(MZp
z5%|jnWTl`C=(0E{12+rY0nVX<sZox@w$og!b|NCwrn18hYSiFIkhC@)y&<{KSS;u@
z7ecy}cFpJ;KmKWQK$vzYtYf*u!nB>vBZ-P$hR9H)&dU4FZlK2D*#D#)Orn|1KIEBR
zl<ZyKd*l7J;tH{HhRxIjVeq13XcWTjhIyd{I$7+@DKjC+pjUVq@J6`85AucRN>c%_
z2$Ml;ZqWkrRhEPK+`Se1)b_5RodL|cZ?Hp@BGN|E3zb7fjne5V0M$OHG=S6aAH%n;
zxpEQ|Gg9z22LTH%)S~?5sSC^A{5GTuLLDg4^EKmxv0&B~Z%o6*u~}!WjNIS<A9vIo
z7%giL?fec@*8D%-0cTiTP6Q{K;T<t?JY(xAVz;WqTqU}(l^tx|!p&uwn?MkCa?I*D
zH?-V>VCt(N?6nO1<;JwzZs2VJS-bry!5g1k?+eVJWXJn<(2P0oE-s^26@3Cijr$%a
z;x<ae8`4RvI71U<%Uv6MH8U#0vFnEx#=YSqR~$!iMIQ#}*mo~eIfM+Ab=PwfOm$L}
z>A?tu#y!v2uZqK%a$_3gIluehFnmOkXJB#@7_Q;4xT&xQg3>e-Q6;xFN$62SNL`lY
zr2;Vt9<Xq%%?(gyQT<c+7G$ooN|7Lq&99C#ei8Ps+j8P5t=jKEyno@x(fFyI*z1@$
z(bghwT3yg}no=bp6xOPL<tglt{!QE}Bs0V+%?~*GNTgjRZ4!43d6-SeZI%5k=SMV+
zp=>jjr6MKGGZ!(alG|ageR`WwljJccvPs#n^@m`K0shf0w~BTkbRnh;|Gp!6g1G`O
zd17BMd1C%kmIg9YC9dH+TP05FcnvV&NWn&H-=RarZgF{=e-l?+6Ujv)AfII<Rr(HJ
z1#oYvxA6N_aSfdHh@4UIcY7Zn&8AR)fBRo@8$0R8ziFgTKV2zW6pfc_*A%rFH>Ln*
zaBZpS3Nr$0uq2{nt29&HY%u;>Dj~Kb6;-sxrHG&dsk5yuLTWR44E7O8$aPX6@5$02
z(NyNjrtboi^9JP!n!*f$d))Gr_6MF;0Ih-DV>&WLm4y0wX#Mx&mu2|b*5uyi&TRCG
zQBx@@ryRSiY~QyYWm=~AcqW5q(aBL!-oZy30P_ge>AA<?fWF6d{N`!#eeoT@;2Q4I
z^=0$p^7AzDHTMJ!(eTVE`8HX_fM`h=avNi#c<uAA>X(^OWEZq%<@@G2|9Ok$@XI`H
zDUKuN^gQWQR;^Iw2qHteK`aVw=8XP0OGV_dS|FEUJIi9{8X{da{Oo<5nURSgBm*N0
ztEFl3Bi=)lHj8!kbOl<h&2+qv_G0MZzJgsGobWHcP=D(@Yw+olPMMXw-lEC1&r?}C
zP=c9Y@0<$2G*y@B+VU#|gsph0QogPhTS~gt!OzUU;n(`-BVXMky7NA}s$=<>QkGKS
zpd<H?lAZ)#ZX@!kup<m8*o*ss9}#Ux-?7`1I@HX)Kj!;o(}W(Nk|<IJh}jOvitk0O
zbREY83Yde}$Qa{GAAogIlC@^IkaZ!n7@UglRG2aCSdMHE*eU(!NKsYT>Bku38}OKe
ztJQ#=O(b?H8YYaEqO?z7MG|UEIM2};%UO?wnk+^_gM|2$Yc{|hqIgyu%JD{0w}&?@
zc9DS<JBSD>UH!6|pU<#tQ@Hr08e`qsf4~6g>Jji(#oe81)z|H7N<4i_Gx8c%ZUjO#
zMwBZ)B7}B>oi}7p$lJVc$*zs<C~he{Bq-_~eSuXw!6OdC+{zn$B}7mLtEaLzKfbo%
z$Zi%(7YH5Ac07ws$U0(iRivJV!%gh9)Ie^(LOmKDiL<wRdfh0|CXLa=!py!wgyuBR
zOR*9N*dIo3KPE|S^#yV;e7iz=NZ`k3Gz`w2jG^RTsc8XQxz~h0SKM?zM&Y#UrP<+J
zo=LHOoeH8iwfq^iQ5ot!i*9NpvN>hR{iO1#pIIo(5(SaJq#HP1YOPVka8W*nQE00r
zw7pI;PB<&<XYW4O)*^=1X3zu)psdya<fO7$yGyH%XZ?L1*x99A0n1-3QZGcK#xYaU
z<Du0i?Mn)NJqS+upjR&-BkcQx{I^cOT^=kjIJu635CQ3M)MMfB2=U^BxZIPxcl%Df
zR;cGKt{J&#5oga8ZRn$wb!%gYr)yWw7WYWG<gTVT5%PR!;$yv3ya1Kp=^W@d8GCX>
zzm1edeLgZX{PNAi3E=P3X(xiMSmj-9)EwE4USPd?o_Dd{n8z%qDu~g_s9!ou<oFYR
z!PK+wt5MK<7e91qVBMAM071ery3SB83qbFKvwDGp$`Fatr1s|YF4c%!F#vMgXb-Rf
z;??Wo`$sEL?#5eji;+zKO1w&zx~E;!`Fy=j`;dZ{>4!gvp{ay0wkEyUh*{OnF5Tl2
za{AmXZ6cM%rhGNT#Jr~{2jqvS>VCe84pyWv2qbpVtsn}x{iF_;A50jo73{%u+iQ(_
zZZmL$b-Rw`?0z`1b^vXi5x8m3v4p|49|LT`b~`xV)2_9ufv##C!MHVTv;s)q)=70u
z;)iC@ya&ZyUkNy5V@R>lHdgPD)oj}q)og{jDVn`v<N3B2(LJ<}OsrWuWRPa~#otUM
zsHiLcnC^%=b()*`0?}+~=bxkau94%oIRqOKYKq^&V*$5SrX$pVoL%fJq=)A?{_LE;
z{tgpSOcpNHaFDc2+3X{%dOqIQt+{)U*WRXQ8&%z&9O^gRs@|ryEV?^?Hh&_l&etu!
z22iT~-&MzislD2sT_*n5SQ&Xc?JBnE#tQLvyau9KvA0v89`}`DmoNpJwoEDHsj<0y
zi{RrPPQN~=KP=_nKzjI{W^uw$S!_jXP1A}@SQYV_Q}`V~0}Ln|yty3>%)3i7S!-ig
zo~R$u$#14Gb0UHy2AWEpf{n`*yz|MFHQFm;s(#<tHR|Rza8d1#&?0Wzc$&veI|-!y
z79Qc6`%ZT+9zjQyru6U##Wl83FB&XwU*0M%a5w0xPRR;2DmN?p6D<sroCPugzr&_4
zT1g%Oi}lME(0ZAe_*C9!z(HJU1LW9@*AbaHodd3WRUmNGF3j5BvO3n{_-iEx)<ykG
z%C^SA1|}#SKgOF2&Gmj0RMMfml^$yKh4Mt*26=ht8=Jr3Q*f`ep0?)?U}~EZGfUjt
zH>;wgBlkIJxDU_kRm7W(091l|Q&KzvV<6}b6eoz#u9dF8`$kmSINTOi4El`+mc0~f
zj1aA4?!?^=g=(2pr+Tb-Mj>rHY$HAMa526XF>?w-QxeuRy@r$_+f2e9yL-=BwoDz`
zIHpA7l}oO%#>ZLuD)4wQmeJJl*tPUbc(P?2H1ocJCbsrOJ<xhWv*J3P!OD`b#*AU<
z=q0#RZD0gB(rk+KaTD_`Lq~6>`E^i4Ro1NP610ic#p30_&vt^*>&)rRvmr^=YA|Vu
zL1}E}IEPP=v|#-5@Av_AttIsG>vN$Pgj%@UvA2DFfL}kp@~jz~Ik3Av2l>v@k#)zO
z(fBR+<RygX?=`0!AX5ZNDB&M*EOQ6vqD=Z4HVddLKo1;KLOrp=ss(IULHdb>vW(f&
z>L-nImCk&6>3PNpTPKwU3N?@a_sc=kH}M_0_EJ>;ZAjS)AvYN>U|4Iy+UclIL`|oz
zYM3vvJsg)s*{3vbjh~0L`^LBztfaEKR?{4IaOL>Cz*uVAIYS;d2!JKlSijo>34aBX
zb|K6&dBXx%tOb@fupInso!<U~2<PanHfM5I5U3ft86lNe{O<h-E;WsxGN|-W>i<<^
z#>|ukZjEOg9!Ak1_ANx|lw~@0G;8X0W>|r6OcWr{TgF)(DPA?)qjsCfiDxLF(>o`T
zwV+})639Z%-OI}Vc<#x8ONB@>JoV{mp?irKe|l7{$S6Nm{Xw5WudK$z1T5HP{Gpb%
zTDX2^yDwo%UA0$>9hP6At3nzF+*Wx-8HU)|S+VHK&Q#>5da|tMp|KgtZo`J-X6NdO
zW)w7&b?V2dO~iU8(7H*gDGce?gx&d1iiEb1RQg=+%4cqvZqwfNX-!L|`}-I?N2J<f
zmdb0u_`B<{d;f$;HNCKU<9r!E7=}UzvcZ`rqT|;0DhHbNUvHH%$Yn}j$EPfGb@yya
zpL7}6O2c<HipD>%m2dKTw}Fum7B)sLeR!Z_4=3$WqFeYBRMMtc@CodI;d6^)0U>T%
zjU0rcSC9$I!2_4b5#vCo76V6~KXKp_=YhlL1$+=x|3ESRb=DaNIJp@(cCeK<2yr{s
zbLr;h2RQL`@SI~O=QVuFdP&@}o@1LVu#UXgFR)VZ8~b~WWTjamy${#z><nZE)J<=c
z=&YM~hP&@FQ&BhNXd6y4!RGyS6@Q>v#OwZyj!j++yi4sAXkKCikUw>vF)*KvP?!hn
z&4Z1VhnW3+mEM6_J>(JZFu6-dDB4qJ=I2-_r^hlH5}-jLO>)p>9n6V}GFuM|nB$=|
zA8-+K%`eYGFmR3$ovIA&4so9%I4p9ixO)nFh+*KFMF-kjk{{}*b9SO07o=6Q8>2~v
zU0g&>@M2t5`6G^|peZs*5Ci&|^q!Y3&M3^a8nczA1L(-WB8NupD9OZJ`BY4RWo@~M
z+^ZbVaSkkBX}@7ht5V3f$jU1II$um()Nw95uSQH;wrD$TbX3SN?yNxz=6E|t1ta$r
zDGKBBv3eSjf1ew5_iCYi_GY&2_1|&U>MUMQNh8+<*Oh%!!`A|@viWU^hGtv&Of<qS
zYHdXMDALMN?v5Kz_gA&HXN(w_{ZlHN&hx}2ot9cV(eqhgf?XU1Uncqb=^>2gIc&^=
zgs8vi-Wy!~1iOTC@6evP6{Lp^#ryyg;~{C3(q%~AUdg&&Lk{w|uWy!enoh?U^Wn6d
z9nV$!5xb45P!IilB&c)X^V${0o|jYFg_~7jZFg_0Z`cOzYOc(Lmf$#gU=0eA1^ZMs
z&Mv`N+68868Qf}}8(urs9|#Ya#YPt;sdld0@OT{@#K|9i8J&!Bc&RHO^E8pd!yS1`
zJDwX1uhBFZ|C5tZ^`>wIKl?7^Nk_wRoBl00OA_Sp{R-l|yhG*sy1~f@&PGyiJr-hS
zHwZ@;fVyP+)Hd&Y^<LW`L*yO#JM`xSrz8_cNmH0up@1p7Fl(@JCHn|PY?(Jtz5Uot
zY0VwNVk246{bt3KCE#chJYnz+Dx4KcXKZ?L&amQ;nn-I#s<LuIm}q2YaE;ia248@?
z#D1AcP+L;|Zc5NOR*Dq%32myB!|n%@i-N#teRTJm&w6eoPGDwVu!rmC@_zP)u$Nar
zfahaByH#I5ulFaB@b@dY{K5KbbyiZaepOHcg<Ig~k|8eBTdRm0(~Dvfn;-`h>4Z%W
zl?Z-Ldg=O9&+qLSazfA|5Vovhu@<cTCz)jSWH!HF{_A7u>wNudo$%y{Rx?R<r*R{y
z>O;g3c&Z<23rQj#EdLw(W(~(L5xQec2fep0(|}x|MPgOdcf34NY%I#k?bcRf_M^JT
zT74~YeMaH6+lLn{bWOJDwwuco&{d8TC>0jvBEd?H#r=D8Tz`+C18!h%9}sQBQ54cF
z!4croYHbeB3Yx}<b#(ZKr5hl8#1`;)tCxo)VD9`{Ctx1sU0|g<!WQEdDt>2xx_pj3
z=PSrW8+Wm+Ka~IsWdDL0Z4r{;#UcG}by?@p0FN|G;wW$4$&-E_s_5(Zv6R}(EEGdb
zmKuUA6#@H~F>@c?ZYn`Jaw9cy1so`&-NC*%7-SzfD?t(Z(FN=c+?|b)#Z9Csg)G@9
z^sMq92)@dR>_N_jz!UX>$YLR8#B-4DdYISXy$^B8&w%ZzkmPo_1a)^JA9*T>aS2hX
zkiM{%sDtgFnbgFM@T)k?IPB%c3Z^30#POr7QVd;G9UE8J)7@^ooliCP0X&etA(p7Y
zsr|`J=pz^gjq8TfLVm5;b*b)}RW#J*Xtam{;er8z24bdduS64mt3jYk{{l)U`5o+T
z&Pk3jkm@x7yzDLmvHB2d@ku$|ebRrpyhEm`hI%5ls)06UrIR%Cg9BXT(Mo!(!b#Oi
zS*i83{9SAru30lkEbt<E^icZ=SVtbp^2%$>yG!Z8+4!uBE)|-V5=Lb{{a&nfP$R>u
zW|fF)e*D7LNpdqte7JvXW2@*dje^7JPinLeZH*Vj;!_(LIEmStEq_m{A==3MRpm|k
zwKdAaC^J$+?}NGF8&PbFIMP(%6GGACakqBduzo>B@v1M0YrULY_!ZeR#u{1U3mn(b
zC|ojlM_lZ{2um~PcG=y%%a3lz!?GS5nG+n3%UV&|LN`(I3nHj%WH~+3UI<vKr=@Y!
z94k?kf@F*Xg?Ym*Fy*DR?bo(41_$Hl3uK|>;5a>L7w@Vz7wTUvji)3_)WEgKdyq<`
z{~)mOc}Pyeu0Eaou$U<-lqQq?g7UHjpP0=Km_C!{n7zeR_7J)iw2wLvp@EOq$~~GU
zcb>>JdGr}cKNqWhgTEJ%7ilo7&WY5-?g8@!;8A~ux9f(yKj#~SZqy-~Mz^0v<42yA
zKic4pdPLn<96L4*DU0rwx1p(iD4Ai?8W!0cI8F`JeW$?HpBkS{NgW0|OavRWBBSNH
zgeDXfvD(&d8-XcaE#~<2wv;6*H}p&S9NVHP0HO=VYcMQp_3b;CeO+6lO`8L`AboIn
z2-i@)!)gSt|Hc<+w%)#?)GlD0d**^7bG~4JR7R`cp-{IyTx~k?T2@KMW>4me-{ul{
z_x=v)gMrz&`v6h8ep*U0=H?TRgtAMK90hl_>k4V2=^7dOS|j8BTeUBQ7sQon_I2vn
zC#lIzV22YQm*rjiOfcEctJ_H6w$>{H1c@Yllo?zM-FlKqnP<da4wP?(1C`A1t6@=0
zVdvB+6d|C6phpwrXs?c9=|b%lc)ArLw4lribk2u@SZA3-RN>uk01foJQ3eMI2pEG<
zwd7;`cJ@vgXZ+(mZ!1v~Vh-{eYSb9aAq%Ceoa(<@ad`HE$LH_oJL4&*`*8}tfFL5>
zq++V-2gS7Xk~XS+>39!wOe6&kMVIEZbEto&!bFxMO4RbYlLN_vU4>@g3kg@7b&Bn)
ztt2z7=4j@=Suk5m+^maCRbK#iGSM_{X_TQ6hLGh93Uep7gpKcHdf;$FY{;WYH2A`b
z-#~H8;RWGcL!dk0)i)w>Orep|snBX=mPgtvCso}^GyACI44U-EU~BIQy~`Fm0bk}2
z`T;Yg*1tmz59gsl-{jY^k@4Gc7*FKn<V7)zVb~{AOh?|u5hzSe<6h<i_Quvnp*A`~
z(`m({zdw27UL}qKCMs#OQ0C%JbYHD~T4Uy)7Ay`?)k(OS_g4BVW<e*AenuPm6`jO9
z;9Sh0SSU4-{_>&ROzWm%?vAl$k+)k1jM%siVG%OL;)&~w^HgIa<XE2&q|?Edl}umA
zn^kGJViw6S;B6#-ML)^%*o%1BVzt9=*Mrh%lE8HX=ZQQ&`i56pN(W;dH5=bL3NK7~
z94q&?u^luK7NUn&>=rE~wUqAOYU{=<2k6RDbx<bW5#e5WqkHK_ovAOA-PY;C*zDO}
zcG38uW+1ZWHgscgqu5q5;pN%!a=0GmH3u)(Y<R<Zb&=1QN)+?h$yz|m*H2Tr)QT+l
z+s%JLo3h(=L3?wyw{hn}isKc}h#tK;)@H}x)>EweuX}>=IhBO;9LAZYFxuNT{q_|2
z0J~#@liD3(?Q)$APlVTzpc*0AYgOzD;NK2{Nc;`+0FX#2_l2)-dA0rKR~}jQTw<8(
zfqg!AyFs~8Q@D&$rV7v%Zbbhb;b6FO8TG7+^Qo@eZet=@_-%88ghSBc`L^wEni`=y
zl;kJUCE|CzxnL#0k9Yxl@mPpYI|&gE<;AgGe-~W^OZSI%0`ODr_3OA<<me?N(Ps6&
zB>BE<MX^0WG2#SC4k+~Vk_%0ovTwVhR@?HkfwM7Pv_^vT>>tajTZz*Vfz5J=EhIL@
zsVXpD09#JA8j?)l?}P4@q_pim_)J4#j^exl!AS;hd%SkA@c4{`N4x!@`S>BvHy5-2
zY*+WWeOWwVv}ba{{cWqSjD-~%4R~Mk_JDS)ljhV4bfWZsda(x<;S+|7(Ufyr5z7#S
zCIn$w5mL~BzC5S<(#{P<bX#s!2=2Bd^uw{bMzq)2)M|R5a<0XnL$F0RoU1XK^C&Ye
zeKf@<p1g^Qq0}+Q)i;2=eoX^)GkGeb;Bz;nnL3)$;Rdz-TQ@48L1gf0=)MQmzyIB$
zF%glj%80Z0vbfRBz6S}?21Ei?b}W)rfKFf(B4*i=c0f&Q_)pVcRl|;u(q_nT84iIP
zq?5wQ+?908#b{kj3GYw$u3u5`+1MYkoIgn>xZLJY#FTkvKvI+-%;ulit^Ie<L>D%K
z_fWi~5lQ%Lc|Zp<FV69wya<WrpONBc*z9lgZ21I3d5UD9X9C4YJ}vp)a&B1r=AV%g
zU)b!-wk`#FU<Hb7q;o+ZmlV&*F+zwN3Y_k9ArguB5(H7=m>Y#WVW*q-+vfUl&}D84
zUEJ{b#7#xp?w|==o3nq0ZLd6nEhIN*MP0h*X}K`)skK_I4XMEAl1L&Um{NJ>lS!mT
z4e6FGr01oj*-n(mh8yO>H)oA4(GX#|o6^S8vBg{aG+<v|Uh$V<Nz6_MiWj)NbeaLa
z*&3*eva%pk5u~wA3eDh+O0RiydLnvx#xY!>=mQ2Iy_Y2CrdQ6Ur(8icxUCQ*<P0-^
zv>tHPT2KT`ER`ikJsB>1thL<TTeXZLiJB7w({cw}Q3i3M9@^^Z<)SL-N}?`V(Ru$t
z#;|j&j+L$$x|wfr2bczc@u#17ZiFQ_FvLOdl8(I7dAs$gRcPQ6U~bFF_VV)$wIR&H
znk+&0I%#a#*}|iugdsbKGxP6Oj$u?(zEH@KWQ>WZ4czRrX_T+<53*X0Tsu`<hS`VR
zk!dY%lo;NZVs}rbv^?~jvT8Rr#+ZUe%W=AsRG756O%-}dXrg!gbD^C`Nph}+gV$rl
zK$kYx_+1!?-PD{iok-{Kx*Blq%{4gi0aKld=ls`|C%{?r*{OKvkDCV0DJyo`a=6xU
zc*^s-1yy(5Eixyu>uYby^U`Q7P~Cs7m7zaR8U88_?|MH~=P|M*VHu$rN1REjJal(c
zGto8%1Z?Z{i|UD3QTRSLuD?>d305|={@STQ5z@2z$*QCjLExHFf~%%wUXRl)C^>NQ
z(t{LRwy2e+PH=GW?#_5A9j5Ie6}<NjrYMG2kkqWrTFIrHwY3ln`mb0%M1-`Cc4b|(
z5&vbk#ND8}pt#L6pez%Oc6d>si2X_;R;;l()hnjoaFLPz%{}514VKcw%g?OW0$5+`
zi7E{xwOUhNQ4;$IsyPsCAL|IEdY6OxEGRXsB)Uziq|LB2Y%eKwPY`}*ek~XW1`O^D
zXR9|M6~2hT3>bHQ_uxT=B&vlK-EGT}wpRC#9?4@DijI9=z?ESwre-B2b*JGv>aaSi
z7KL@KrqN9zWz!xjRsm4(EuVsMktzvSzk`Lfx2`T9t*y+^Gf8{E9bz3L10?1$3~1ky
zO^Ts0j6KGREI+0U95TTM1v?HZD)o|U(<&0DS7;>$Qslk}Vnmwr1IrNsyAQ~|dx6@C
zOcvmZTy?tu=~G87A|Nl*)N^eh%+W+E`g6m`tJ}4d+B#THx4O{;yHi-FI54ufsO-6)
z!R0p<{nX<jz$T3G^m7fV*nX0p;56{Ez`d~1Kr%Hkq;}n`Ub@xWNh^RtyO{6&U+@Z$
zj9R;6IdUPfR3@-B=tSSJbeYVI9aiCS&}9+`6GbiUmKAX_L)o*Xix22fS>eT<o@VZ#
zaVW<U{(zEtu49vHdB<{~bc0h%rN=~`hqjSMUR=|ODRSC{zJq(WIBb(CVAZCWug;F%
zG(?dK?<|T=eMv`Kh`cbX#>Dc+vjjzRtr<+}uuU%s=(yFz_%fOYS=>;T&!B$5cKd8;
zq6H{m$8dr46{L1suSJ*(y{KE>0<Y<&Ui!{ot-3-<KfE;@!sn#ouWd=qN1Pz>e_z2?
zGIa28b8?ik8zss+5&NaV)QQXR4Iy+%_2vg0j+4T#!woF#qyUdRv?WxY@-lh0Lghh4
zax$75iQvU|o)ZruR)6yhCR-*n-kS^cAVO?km(t(YwucKbK9T@R-;mW7QxdRvZxP#E
zaJnt<XFE{q2*9+Oi%Aq&sXCT<L_rQ36|K0S&!j@g9G9JG#{%>mn<w0Vts%?UmHtG8
zqI$zoHOwMQ&`qEUET|zp{EQ5Q@k5xb)d690V9-pBIzdTEFf$omgG~bs6NzbH0%-)C
zF!5=iy{Q+3rV+EFywR?m>k3r?ov8;LAndK>0ridq`2we?4{@yF&aFZ<jh=~}k4h!&
z_y;{1lS#%)#SkPu@C_gkq+jr{Onb^k-A43`kTb-~YWbz~jEMV*lPOA&{goK4+v0RH
z1yflu?la+s5nIvlsJ0l02Z?=#s@I4Ij$|i5r~-FGFCc&qZH9G0PvQn)($FPRFRZ`{
z>bn4MgUJgKeybvIsLJRMFQ{t~K@gFaz<RNQT%sY92P3NUA}dMgVh3_x1~o%JpymIo
z?kJ=Ne9+0H?ntCYd~>jm7YkeuLyxWG19w+B3RLR_HdmP#pqjTuxFkAgpo*x~<X2Fs
zi&aT=f&)^46C8$&_*eB1GG-z11ybJiw!A=UHtVTcYBuWHnrv(FP>4S^z!N8Si2(5)
zEq@Ia{B{Y#E~)@0!0iIaHj0P`>~aZu4NVvTxp1y14E0-j4U-rk8xJ<}^hZdRR5-)v
zU7QU_8MF?q*nA|AvAHm{sH8<7+k;vUCJJ1q!+yb#t!>J~AalNeC7-=uD!AW-09551
z0Iq@)>Wv9o!ghVXyF##wsj)y+Kn59zM!F^zNalGbiOe<#B=tQfiG0-ApZH-IPx8mF
zrJA^f%?J%^fj=N&;AHQf=+8aoug6_+L!aa`o0v@!)0v_ThBsUFFcuamVjfix3$zH<
zwGgVfqA!-uyvA7(a=rL{g7{%sVnC)HozA>POmqX2cmt9+{aWD}@aq8TwFrXv;ua#?
z{8=PEq!b#wBpV7KI;0?i4=(P_b{$c)X<LnLngFWEPNUGGQuj_YH$h|`jS!5V4aMz@
zAVKtS&wWG)es};bHVCT&@<@7WO`;!WTm2Ecna8*=gznE@F-{W05I5i;qcE%xqzwqj
zC{}XBen?jkQ1OK8Fa)mzu4a47kDq>(L!kf(P@v{L--GJJUY0k7qy0|Gvsr#1{{fh3
zi~4+~%H2N&`B0D(hXG$#gnQ<EZHV$#0asWC`Fd-4Lb%%n0>EQ=dxbWjA7XvaU{rR2
z??b}RVr{zB@KiWultNCtGE_K4lw5^Sd#n(7lw4jrsI5z|)2KW@KwGQ`X_ReOS?2kS
zWV46;_glPYW=nEtVSDY6U-BB$IN;rf0j?r8SH$(a#T2$jzW9*MsQuamZ~#CnodQ?i
zy=R{IIEr(4_gd5k##97E*ss5xWeVFo`ZS&9RC0{_KIdc*k$`oFy1;Y0xiSthaM~uY
zB~dS8&6Mxb&We>^yrc9^sCHw>J#N{E=q2%Py%G&nz5{cMq=~QeyrSBf#=<na?%@N~
zR3NM1#v5YHZ!D>0r)5b|j3qAq*&tSR#UEBuyHJ&>&wT;Br&=x%&+;~d*jf$VVgE+z
zH>90$`wS*YEBPKnjyz76Sm}sgrL3rwH0t*<0q2?VdgQDf?kc;K{dtQkxs97vBefKp
z@mnN8@opm4e^3e7J9Zpl<a|G2kyGQCN2aAsPeBoL1De!sg6T%vG8wH}Wgi}WH|2$#
z3MM~fyHh9@EiZ4rd{A@z^cLqRF&GbJ94S*sz$FMsm15h$1@s6`@>*Z>ZiH0a>Uc6z
z@Ovl_Z#si=)+#31+*T@E-0xI8vu<dABjM@NWjbfAo}|~n881oSfH@vAxfqWtO=!ke
zfqLLe>=Uf+@ZNIdEVV$mQVs;yt0?3XPuTm$tH;U>9^?G{#68Uztk1+lko#|o=kwC<
zx-G3*55v;K;xOl{r`ij!&2TapdXlLJXEf!GhF9=HpXY1hge2SdtYSOM^F}`~5G88p
zt57s-znd9>QTsKtC`(X@m04GTqo$d<yBoW4ry7`i2wsJz`Zh_eXU(k}B<21UZs^&q
zvPMHUH^%^HrIVw>6zJ`_7Ei-uw>52R%L)Q)XkF6YlIlByiiYHbiCABy?2a0EIvh@9
z%Anz6{rkJF>Sh4?TV&2%&nNt?hln#sUT?+)&A-9|1W%7i@sPbj&Rn<g3rjQeen)Bq
zo+mA@7o)+oKI(rc4L?He3@mIWd(7Xlc&OXZ3J73}$@(L5O3(_<#}x^|xu4gI=%-DN
z&73ugnAZ1)I_r0BL}?u9k7~+IG3WeD*IgIG7_jsS!Vb-bbt%!bKIsgC|H_8wMb>i;
z9}=0YsNotQ^jU-EX{us58YhAm*Oa=WFXfbyFX!68pMG_w6MtgDtpxrHgkOhw<0Pv0
zN-U5b4_S0z!>dl!_F?kW9`#eJu1FWx$*%9aL2LPem#F0RUh&b$@+m*GQdLqkb@|h^
z#eE!KkS+mU7zZnakM8ra4v{B7b;efULQ^D@rBjur$zMLnO|vrdy)9!c$QGU<I!8`$
zBz2slGUHpBBc~@rECcu@0tg_6VbEcXTeLg9Gv_rl_Bh!L<f)2h91azB?@gky7ZF5l
z*g1a#lCtvF90pjXn&!kKFPpq|rpb+Oh?!<b2{dZ2$nxkrEj}8TEjHL#mAY+#Z=A81
zq%6`@u=pdc<8rkbqoIlE+6R27)AF8T2F3`1E7O8P`5M~bL^!&wR+`AkAsFj$#D{O_
zPA6Q7`|9ztup<$8kPq=zIqtv%ad2CBr~<?INSb|cC<BY0&^HW=#pRqOK*S`YvdYFa
z@cFcsTn0=$nv2AzB{JZU@TskCNUt3Qi^{UMrT%=u!$cD7+8&>3^<a22t_7<`rlhVz
z7}@_d+L(k$26>&qnl*h)e59sSh2EED+-59Wjoqc4;n5lOd^fg@@K}*^m=nX+Rd%rz
z=F`}2tpQ3FZOYKGuo5dA-1m%quxv4_VjU|zk9qup=(goh+#SnFl`tlpdXOtOJIHW}
zkD>9^n*i@TVtzx{7Pa-&9kk2%?E%MI6<0aIZa{W*3o{z<OK+U2@DrYbXJv(#@L{Df
zT91LV9V(M~&CB74T!9-_yRSVRrpignNW_fIum=0XMrl;fqEnDR{B<l#-GL)$`NGSo
zd`a`qNR1^+gdhCVda27X5oD}K!#0-;z_6n;BD-2%m>yGE$Ros0Iy%clLZJB2aG<L!
zL}InJ)TMucnzU##9oj89$7fJBCm|NJ)*OZ8bqyB41&<FF;?+utxIE)BqIP()VO1Q3
z*M#*DSaV@0H~%AtCEoT6;pjfJlg@`$<f71c_ps*6=JTy%7d3Wh{IV}+%*vuZ%XIEZ
zc8#ozlwHUg9sMp8$WB8;&T~zSmTy8{I#V!}Sm;Zvq&=W%kmCm;=FZg^O$CZ7&h(p6
za9V+4056ORye8RFLF$P6i?0R8jmEWAb1065=f>W5gYD3vJ0t*gbGn^zge>#x##!Jg
zGado!CE}si{#3-|vk(hCIyfE6lz3h1$*DRS7E6<X$ukupNqvtP;k~17=6l6opIZb5
zJMkUrLJ9EBC26Z}O)_`Y8WRFj1RK}XWnKNQOKr#*t>=^>3G&cILP3N{kt`=tX-DB+
ztf6Z`t-qE;Dz$>eZurbtm4ZW-MW8Hly!`xKXT~>{9y-`}7|a)Cm64biJN-7_mYp)a
z<T<eEx3<CwLaOvPm;qzQAI<hdPPST`Y0gTPfkI2j9JUSf$V%4oXtQ@T=+~&Up$Sso
z+|OOQ0{0xXyXH1bY;XpfHj@KcZ43&wN64sj>J>Z5B40(uPy~4=v3RNZG~!xJdYEEF
zO0|8_p3zuz8or_Zn_zo`T42_$G!-O1iK-?5?S&T+j+Xf+@$PDsiWAAPK_V(<IIEKR
zfuO6`cb0b&_h*eV<rgIrJD3sfD}omRDAbLzm>oEMI@=WjNqnn=XQ5#Nvl=WQqNGIp
z6rvx3Ub*%W5!igOKIN5UQ^RaHRQ+mg`QTdX^YoGNm&qSyRJVSUAv+pS?@;*rW;*-i
zlD*zMl|x9+Bv|t?&7vCq(;C7U-q+xLopp__!Aj)-A@XJ_hiAf4W7*h(o%06E)OVv?
zL#>t*>XfT-4@753&d4J1qeOX|Uw@oL{voJ%XtD72>1LHH^o#kb|GVD&DoTRavf<9L
zDQ>X8yrMgMb(av8iFEdu(?uY5E(r^X5mBPKLQ+%>baTulNdj0*N_2l1pp#2&Ky^a!
z)SuQjSnNrzyVX!S*Bj>?BY|KF+6b6}r$CCU3x!^~QV)MwoQ*HZoz3&?G|Q%#T_!;`
zypGgMdOmS9V1OEY_}xI`%w%lqo6$5*vC+CFzX-q;gUJoH+jdV9y%Vd+^dp3pM3epn
z2s!BXi4sK3UHYrBW#eL~1aIu;d!28@Yg6H!0JQT;q3M~y1~Aao7s8gYZWd+c|M<l{
zv+?$?IMP{Ecq*ATxeV)YzUqaWW$R%{kzK2%Z%jFVR$X^?8IY$(VDXv+?eb7bYHW>O
zYqq=i{1aFrpxFab6coYQemQR#9lu27rS#uy8+z_XG7`iYd6_4`?G%GY)tEqOWR6#o
z3bTp<;O3nja=+_Wr@XZ2Do$r((YfbZYtQG?Jfz_Dn}2^#Ij0qw_+2>#G5@yO2gB)~
zxQPVkIiEQ#&AiX3wpy6M#nx+U_v@7g^8rACVHJwP8II8_5E`a%>>dcseifA(fAhQj
z{o`<3QHJlox&6VV+f|bqFVe0v<z7C_lIsp6i(;?mo7q^st<8Ixv&7s<jX>dqrEk`+
zet)QQKm&-f!TRmSjm;x!HXOB%hzTH1zcu>t2R8wy@X<)*ombVRQ>GN^o0nY%Y|B|X
znn2)K#GJ=0{Avg&ia;<RcW~9d$K}L{#RvxhDB`OvqAqAbT~Cku{E5r=Ky)RUS$W&t
zqni1=G^3?MoL4s08QZOkzNgb-&F9)<F+QX_;Q)<i(p77%r^FxOpluDYr8o|Re(~ef
zB)Y=PutZ_@j&g3OP2dTuP#v<y0DnM$znX_6tX)lLRPY=YSsfVO5Nmcxg}yZ=k9j&#
zWn)Jg&XiX#4&$p#W2+DWdDpq{a#$SXu6wR#AxU-MW^@6_{kW=MZ2OM5%J+A!Wr5M9
zcRWMN=(_874OM>0rAM}BD$;-(-Errkm0`78pO}u^dvxC7=tJ@4i)w2J389$sh4soF
zY-dETOXnMHch-)BlehYii0OE{E|$NVtc_)6CFmSxFNx@Eqoey0H;=|klRi1pnTOUU
z2+P(uy7;UNMGwRmMiK@ZL!^gQ1}meF<}I<xNO3zHI}HOemSSUB#=*xBnXYp{z)qA)
z^^(g3=;U&_I>zqFtwFwl`$L0j(zJ%=N;_)p{K`-^OZrD7iMXWBxcm~u;^jOC^qVt(
z3x`iHjfa;4%j^y@2++D4Ci8W85bw)t&cLk!d|#>uJ;In8q&oDb4SSXoU@2@%s6<_Y
z-;f)(EeLwM8DVy;_JV<VuYLu3%n>a~Cejo_Ek*Zr2Ke9^R=vOyPx$ql!o~?%$*?4q
za8CXM^!CDoLf)u4uEyoMmIHq|5PLGC@H9Nuu^o#3?Q9LmIFc`Bhed7q-*l(Gj75Hr
z4y<p=doM~uXn2DaW1EG*OP6wTg{k;<^_adYvR%B<3v5{(BsHq`8`$4@^}E8B(lB6E
zfOQ&wtSQ&VEON6Gq#)ur_o7Fo>Cm_D?D>0B?~X5ghzdNxZfh_v+2^NN>vk_ydT$4=
zHDlF&Cw`v*OczrO>OeZEtig94+Epnq*#N$_AD)ZTGXT4j6aN*AkP$EucQh<sec>r+
zEwm^0uSE0(v#VtxZA6GYnj~f@h=QQ5;{$SmU8+VW2z^TZX}^@9M6xQC@u(l;MvIVT
zUG@V$aVcQ8HS|aDjtwHPZ!_j55GC=vTtQy{4;^cwGt{D}T-ThKpO;1McW*|q?xcT5
zw|BedC%yWKy~(|(PU5u@zxv;V5AH0B**0ky8`J;H<wUan2BQ5%wF^G%GrLa~azep&
z;5;K2{1klAosy+g!h%vzFo6DdL_img>lLkb4*SPxA({W(>ZPf-ssv4r$z8`v!cyJq
z;mKu3qeJfi;1${JaJ_(A6{e}&5UTL92r2`^F!YjV2MHaNs;%}l(~LL;n^wQ1x;o@N
zWlM(TSDhbp?<CJqc*9&%l?rm{NYK)8_^jM_O*yi?z-XAMXY1P_nWu1AW$yjS#&H87
z8C81YIU6j`Tb@Er)qN>LzyIbpz0p8qYZW3!g!M;=&mUxB7+zYn?lDGZJVnD!0b-5+
ztrYEjzg&vZj|)U0RoOyT@t)_AcgcTKFFFVP1F1pFJql$bPo=#<u*Nsw$ofpK5rk5^
z0YGX<NlJ2)C8AUBs4BfbpU&ORG@RByh*b^6;V{!}Ze}SWINdu6V!$D76s)<96GJSf
zjsl7z3|=wMm~eAYTfMiQDd)tRhuUah4O4U9KX|kY3pfU5TkaaEI|cTNYcH$xlvS7l
z4}=WYX=R$d-F%wQ1mHNK{+TaSc_L!HHQ1P)>C%OoUgG;@ROIV9IW`P?-C{caLlOH6
zKVi(C<z{r+o3m8K9~uEEL-sMP6z5^FKlA7@n;TH%p$QDkO&YWfst$)Ce6`-hgR{xJ
z$V$&SC(XRc+>n1p?OU&w{CROi%R;Ik&z=U`CE*a!V__7uAZq2&z9JncfD9gs0OTX%
zVL{`T2eLX#=8neePJu72E9wcWJL{X;5xzezQg&t3eiW3xNt=03#-IcnHO{{K=<%er
zlk6R~iBP`U`9phG{+Z0R`a8IfaYsFR5wm2aIg{|Gb}yrMoOvh_<BB^oQBaCF`jqM!
zhN|xR{{S^W%D-4y?=*szDZi+Di!m#R%LnVk^L?Q^+eVg|`3`^dhkl+2z6{4`eRcyp
zhNA(s8FZ!p3fmSCs5J)6TlZ;}u{)Nzi(va%ct{?)#2Ujc^)eNg0#Ph<&6XKm_1=|1
z3y0p>8wlYTdkOrvLRSDj(N703d?bkOooF3G9uM6Sb2N3ARcXF<233Vth9T;oSc(q@
z4UuSQ*|EuCbDBEd=&XUK{nm))1+g0uf%^R*e-QhkdH=P+QZ@VFdA}(Nqscxgo?Be{
zb7VyBP5rzz65TT3zi?V;h@Hb4RJcPa6fv`1ZjB7al?zbdDHA16Xy!|)b!oE!25LL+
zYvIH$aZbLkArMBBHHMDk2Y%OoarChsEvn>}mDY<?Z1soosw4}VQIY72(vGqTbRL3_
zBSe@L<|hzpEoJaYF9wwhRqC&V6g%oI^deL8Op_Z6c-I(*t)t-I{aOtuD~2gDR_B5_
z&zCv(7UK_9n`;x+Ibrh^xYS#yb=2%Rv6iY7bi<DN6-L-qjd^$zt<}-A$@X?fq-R>7
z^gbBU7>?YV%^7KN^5_h|`lG4F=6y9Fj5cO-S$0`&_Px(L_Nh2y`mWm6<XjMIM$J9#
z_j+i$kFBFp$&@%gcGfGCO4*8!)Z$P>FYJYUV#QxlvMe*1nN}?a^|O?<{>=e$(=yk8
z9vuLEV8(%I^IxF?9`LhJ+4U8_gQDXx20k=~u346of~8fUJqJt@xc!B14S;+DSM>3y
zagayY`lJ7nH<&hG0)4|WZ%e}NSg|F!RG2#oB%Uh8S7H<L?JsRy8fcKPI;(6Q8Exwb
ztT?hko*&X4;2H75cB>)9pL})x^!(|Lg5L|&SNyNw|7xqe{qN<n!%h;2Y%ptT+>}Ve
zebA@y4D9G%oz`}J^40mX^QR|z&CgEt>OIT+v)R*A5~v^9fM{06RKqrZDNLEZds(C=
zhTI%tFW3aS6<W{k#`0UZe%_6}mq2d7rNB$_tBow!ulkYR!RfV~_nE#2NN^}_X=crV
zoqsEX>}a-2+B=@wHx|C22^XsuQY`suApZUM)qh;QdVl%$)w`REH_yq9|EeZKOTMZK
zQ{foX{Jj|SF23f~X<#37R&XfY>%?a;*lg(5)_F8!xXKOo7c676Gpqwh#iC#oT3p@J
zu2kx9jBAo{Cd!-MN;-{=c>xbQ2M_z0%fck86*OULPOhumRL~8k;b}?t!@4Z<4@4H^
z!>Y)W58VPmf28~jT6gvQNki<`2Ew?V$c+unirJ6)X$;`fWYz6}2Ma#i8-RARW=Ppo
zbN4jLd|3U+^F8)PzqZc?Fp=hxi=JH1W~Qfk6a$5fM;;LYGHb3~@<d+9JD&EcG+Y?V
z9{H`7fq(b>w|W;k6IH>;`-X{CxqeQb?z6x(qbci4BN-F1I4G#L^E^%H6~rPMB@S*9
zRd!OtZ3BRzuijt1(D&v~H#b+da77Pt4aD1Vp;%HCF?auRNm8yry|-Kqhyj>;D#ajv
zPQ%g^Qm~}Ib{x)WA!Wuog*K(-ATCy~3kpzrj;g<4YfPEeh~lh`<zF+Klvv0GUGR*T
zTS86q4nX?4j3&r&y$a4-<1M0OnMrC2r#~U(x{%dsO`dkY_nFm)-J>dO$u~?^F@)u<
zi6*jjAPu9jjjQh|hYU$$W1wYkts8uAa6_N`-R{Hbw%(J|d+*<=_wTj$?~V6w<^Qfu
ze}CG&bwjy+nd%c#b~ftf%{4J%Nh#qHf;Cl{@<WCxcQ1dCz9lrWr|1g}X9=n_p;ft-
zg}xg=+F&|&tl&#1UJIrALs9BU4Jr_>9hbF(g4$b}k4SKOVc)Sq(@-9hmelTVTuUEQ
zQRAn}Ju>mdbqMc+roV{sWps|;dF5|Rr`>XNA69wCiaXBk&+lcSCEl54hco1E>Kxiy
zoc}VWD~KL9-@N?hIk`wvqp($qEvpPwBQ+;9=igz0lQVM5hufFyQStQm4_eDe<|vJf
z-0f?~$A#V#uryOC&7ig{2p?=!M-cB^Y(rd&kzwXukB3TsIkZbrAX*oPVoAYzi=W_V
z$qM>~0TS~05D9ZDahYD!zZOj9D6d2y3rI9rCdfd#WxW+8>M@a>e{8a2?gG-B!Mlv(
zXHRn?z$f%I54GED);y-=+D0|JxBw~3`VYP02!>t-1+=j=ECT8DY+@x%R5?8<5qy-G
zhK#~yDxnJtJUG+RDEe5#mCPrBa%dfsKshwKpB-hN1j<REoCL~=>`VgX=TCED1WHzv
zdy14vEtZib&)BYP8J4P0>U>b4(mFP-Z+ZS5*dHU;^%8v?HsjP6HGvilNRly_bIZ1e
zZ8X-3_$>DMmTj*GxY+<F>sr^aP&_#II6gPX;~t5>?ZMk3sqHXN`<(gNSY8&vsUr6+
zjzf*-PQZJHu_1;t#c`!!juhrbQJiQWE`-jXa0&j#{(fu1OwfM>+iOE)ACQIx*W16D
zGZ!hb^QQnrQ!;%Z{^-acIh3!j?K4>GKV^9)x3-9kD*;rg&dUV>=lUWS8_b(6C0Q|1
z*PHd=UzfDh*X^2><ey!f6TH>|Srcl=yCIiLtZQ4B;%*ctqDoa8W((n!OqHa{Rar3F
z)%WDCbLsSs@(lR0EsPCK6m3Rt{Zi)^c$2xO%7#;=9VrC?Y{5<?Z)G)HKlSK4?^#SV
zS2n%1-cu;U?BY#2ChkLljc$N-h5GZH2~(RCiKhQp2UsIC9OrI(k89!JtZvtC(Imw{
zdQ3m=-r{TQNUjN@!F$!Qxp5`+z1e$(Pbk^wU-Sil>eZ%mlIAl#(fzbu)IJsO;d5H{
zii$1=Aq^*E584P@wDhuvOuxN>#@Eo}2MVAXVFIp~0ZERZ_jY6*q;<HcLgsWu`y*@G
z_0?K0)g@UmaDHRZynxskcq&xa$(FCuq+H{yw^b&D%*4;qEun?1geg?h3(?ioe%qSp
zJFkDd$zO5>y%((PkMZY%Je@y%viCNJWU!V%$rUQ6wjM4cRv@!DzV|E&M$>OZ7MJw&
z)>PcpFU@Rhd|6cN41c;Wc*!Elrk^ZnrkIw0D&ZKyX|oPKJQ7}3NXSvuV()utE+8Ob
zeJvdd9{0<qjjP+ZqW;p3j>ri<d8|kwWqG>y@tI}5`k2QRXoj}znh)eLYwlgAw-<pm
z|G^YzP<+EPT4dW$9R4+~1ftoQxZ{O{+zN6>3(N~JdPl+(`CljBUA+IxyNkE4PBlg8
zg~{w{>pm#{%)QUF52zn?TL)+7txo`GlU;|VbepQIXqIgW`v_@_cl+Mcfna*eg*yML
z=}ecvvtNWfE`Lb2L825Z)mWe%vow{{WmV=?*^oU!7c$Lq?dR$ibw=*#fVe9OnXeDa
zG`<AWHCH3k93;{-3nuHcOI-tAft@^TZS-#K%yeZ^3KPkx*m}&<T=rac#+?op+rL+@
zGO9|R{2`Oct=^5uw7RZ08!Hv$;`?jzlB-+S;lE#5)5~x5PNGDsni+!>77!Y2=Vn(M
zh<(hZ3Mb6ky%}rSP>2`j29thC?-j%4F7$HspIM*%A;tu?RQ;(JUE7V%+q`7Z!Jsn-
z+-qyciD;?_JH3?^xu+Pw50qw3Zg~Ejyb`Ly>ON)bGlTXC$WL=w42xQ8w+%PN%Jvc=
zuQ1_lz!7!CK9*k}ospxDOQruK%B4D*lgmw>@r0LJQV~m56o@SgW?l%w<V#;Xc@(4w
zejm+TT6j(+xz}<tyVD#IdPBORhu-OG<{g9xxh8VMy{=$zNkX=<D9ae6XoqwKvV)`U
z6^o|c4-Jtdm^`mX2ZCNMiNq3<XQmn^RvzHWJro4F*xIja3hW^v6j(HWI#1c%xk~BN
zGnfKm%76o>u}-SU(bJ<jxwi7rnZIuLToB??7H%Str2XWGoX7%Zlu$u3MomjmLuj^G
z0`@f6PBW&24v8wGLn3qxvV$D<4coA%s7&I-QWgm_W@vmQxI2oKrOCZ(+DSekfhW;M
zS%iN1GJc=z8`wXZ|E*%=@}(v4UJL(}tJ~m4S*ELZN^|0qiw*rz3i9d?*JfI$KhdTI
zDbJ7@d*=2uD0c_!*!0J$U|KGT5_H_tZQ(}$PF~WIqKpF+D3n9&7@`(m7SKEgUh#yK
z1LTPW$o}fBOh*V6-b<Eb|4GmA1^!Mp8X9>g1q%lcyk|6pcA;nZ&+iLfvLH2zVnG_k
zhdTE*7Gz(ri}8J25ICbBFuW+tEHb$u2H78C72m$U9JPpV-(T7_=zq%P&h%l5VM6&Z
z(;q3Q)^h6WmW*1na+3%boITx<aU-S6Ak<eM=bu8ZJao@*xd;Z9G;gtf8q&*?I{g}y
z-s?5hgp_QmtmJv10tvAwuMrIDr&{dMiYHJh@{(cEl=QjnmobQefUcdu-eMOvLtR}{
zHjU)N5KqudDcozuNrb7Hij}8xD;;7J2iS&#snKYW$4NXpHc)b+|8@?x)zdl9%t5(l
z&59j?$-dYt6dfqP4D(`3af1(h`~LDEUL6XW+2z&x=}uk^f4FAF9Z%SR!eDGvkH@a}
zN2c^kMJ5~mI*Oy$uULNQ`sv#!9KWMnaM6eb#^6UT3@rlK`iw)RvLZ<YP?~Y;vv1ht
zAwh(nN#J5dPHFf8*Bjjbh@IoUmpEbhdKp&-T|fHzx@j?e!SXeEeeEP{&x;tcBfzv3
z+E<Si$@r25x(P@1ew2cTI+5<I=GeZWPxrk&3-Z?cm6Ake8CFdQVy|4{MmUfis+*}K
zrRKN)3d);N)6Ve#&fmYfc=`6#e3SliE$?TgoK=d=cp2i15slI!<E&!Zi{%0L9_cVQ
zm216)-`EH)3>>1SzlU{fN?C@rmx7uoE^5qgRhHpimjz>IzNP8>(@PPx;iR$D0hwY@
zT?2>@%?8M)LCP`QCLD0v-s}3E=5Aj%ejm~va}&9H%eDmi6fR|<akFUR5-Stfg!4+V
zVve8wTsC)z(ZOWjvz|IE{agE<ExUHs{OtU}VS<AaSTo1ZiUXZnjqN6X`n`?K!HLOF
z`JAJ9A0?i5B&Qinsn{=}Lf_SRq}NYt1e89DDy*zm&{RT{QUNC(=29Ly({#hdXG0B!
zWlSrw>@7cXk@oL;%cKd<HU&uYn{mQ8A9JXbuazF8uwLk<54!ViwYPt>Re#H7`1M(y
z*8BhYIF6e}xv+tVJ(^L@dg4Zz=7uJVz+zm!2cH}H1k&GUsrN_m%>%YGPR83`4yoxf
zMD#1$nS4+bLu%!xGv&0P8&<NS?t^CP;pu;VlQVH$(&RSi6`ACNFJ3-4z~O7r2HOLe
z#Fsiy3@^}6c^iLXzwKZdj;1BaRVir70`6yQK!_o(xy+$0aqkvjgN;ylRm|NrG<=+s
z)_bW*vNrmc1uq@J3A+PXiCtQ;{kWEF64NOQn7Y@8X<nDA9I#0xrEOy2n!P@G^5h9N
zV*Jf-enVtIC`nnuH|+<5fDyvKJbgMR|L@}M8wh{QONEV`@vHiQ2H-%uJw5*Y`kQxk
zORMIapf$SfYy=L6r}^uzzn+tqynw>$+;p9>5t%k*Sjdu4XzvGNQdqZLW1aUB+W%pi
z0AH<3)A&PUZ^n}n%fTY)lmpFih>iNgIXE#87JNoBe#^*G{jrc$UiXp50NEf+(^M2E
zQRAXw<tL0o8njO~?h-uRk_b(gi`zz--cU1fVq!TU^aJxsnv6AJsaGS#rfcPe{41b9
z*pV!Zb;Bwv$_U-IVTtD|u<c~D5E5!xK(N;bK-DXRSh`lyUdENiPUvg7=Zxz}ZH@T~
zaj6nJkg<PW*no!g8YW6@%Xcpl9FiGKYeriHD&oZ4p)`W>6e}xpOb~{t=ggGCp0+`l
z8(Q3I9nnzaIb@wES9GFa87=u8dY3kI>t}Nf&h>acKSmNF3!+L|m^-h356J)#2K!dY
z-CUy>vUXePi8gXcsM)EXuD;A|vm+Cf{sP>5(5f(-0k+&RvEz;5%HQnCm2q_N<`T2k
zGUhX5pW#M;eNdK+;}IA$jxp>R^NwTowMpd6h4%$2OY0z2FaqKjjyxRZjN^g%GLAjD
zGmcmujU$dz;~4Vr;b`13>*mAd8<L8Yap^WKVn<3zHX!y}A~Gj$4N=C+MHfnDRf)i3
zkl}5Urq@y*%b<rC5^MJuQ1J+`b?+V|%0ndIEH9SOJyhkQ8LTzJH9V+k$GC=vOdg-F
zx#Pi29Z@G8Q`V%hXZ8h~^ss-)KM?ieD{sYE`XUf%ytyV(JkFA!I5~OY67FmO(WNL^
zv7`w*^(_o6U$YG>0?n#zFr>|STT_vm7O@E{fRM0{B`fq<ytuw3X~FMUp~%S}LaFPf
zqfoEsKgv7-Uy2V@hQ}>w7T%Ssr;V$`B@U^m&cZU+_y!4@Knl0ADvZy|R)0xkp>^)Q
zMA&*j)sK}{K?<*dFt+77I81lH(CFIb(jSc+T$3rgVtebLYy&Rtx_eMgm9Zv*t9+=t
z3=Z$uP{ji2$W?u4q+P|P21-KnJPSJCqxM?JlwDPejH~taXrq7E%NTs+RQ92!xWsuI
zI&A-n3B^G!X;s|O$1t=%?F%Czr!QlsPLKZ6yL$fL4X1c&Sy8|7t;qd%NJ6trwd-M6
zvLBYwHAqll7Z%gFMnbzI5W0a<#T?rav++(8MK%(XPX&>}0yrZy%j|dRdI90t7R+3L
z5ZX=7mM`AfvVRn{)eMma*wQCMrLXE?8IfgJ`-kI=$s@cd%YrYeGK{igdYSoi7(C0y
zR<>sZa*bBqfsD<}1}EM%i?C3;i@Qr0YoP$-0sJvgw*@9FlL|U60zGav=|j`P@W}*G
zHzGj-=DDv}o637}PmA>8syBbEDU#LC`$DPxndsl?0@~tZ4nx4<wd)=GDZOA_1~yX$
zyY0yeqC}^cD`dVSYJiLF;Z#FQSrF>vRGXY?Uxrid5}j(AlV)5&QJn_8v1O>jR=Tl%
zi<dQ}L-Dqq_T@?9Lz0X%m$p8|R+-{ln$F1&<N*O#0}4#Xnvd%g5^Uy;&Oy%unacsQ
z9u5$8s1Oo4qdLP5;pz;vc#W?hS>`lh!D?LfaEvv=yd1w#1gbk(@igY?b_J%os%UAt
z;BP4W^R?c$o(fxCgDawixsqWq6IN^#k;}72T;9>$(*fPxjuCDtVi6`({H{56OW`?F
zxki?{aCJl~d_8IhEL>~c*+*DzoPnBvc(sf^#ppu&<bVbrWKTEZfc)Xh7*W@|b|0QO
zOKj79*bpsZZsD--(H1abphk%xO)(<^Y>fNRa}LHhk0RWMo@5c_oQ-iGdh$gSnTV1=
z8d63C*e}|B=rPSJ<4N3gB}Qz5Z{LP}#^Ml0+@II=di7N^p2V2DS~T2;$H(*eF$R9r
z3PV*cXa7o=NMsu8rPgySR0(2LZHn@pryD!pQEo|`--EV@v2}`G?<o}3qL8b2WESj-
zBu2|b7J?!f-*6}%kh(_e<OF}5CwUb^GtAQ)wvom5tnSyI<W&Q%dEzvNUKWfbRZ%ce
zX4^-Ux!leTC9~I~c__8J49usFrvoiEX-P4ANIX|2w*D4(<c=0<c*SJAn3eK7u4ELt
z1pCmpM@(P(zIUQ0-`S*soBI2v+A30Jb3Y=t-xS%b??y}JeHt!}W5;LK$G$!G=xg5|
zc7yi0FEx{LM9fL)kAUi9MC`%ht<4!cx`Z7Yzw+s#Qw9Nn%j_kOOkuQ7Hxn01w#j8d
zi!DiwX>2>9{)JZn<KUuyFu#-+hh#BsSjwx-h(a3hyuTy&P^8urzqK(H_*mG9Yl@oF
z<QBCgx1HEn#mlojIx>Fn4WmQ0Kr}@|AcRbr-fs&C=hQI&q6;<RuAUemr&>;Y3u3~f
zA0LS>0>FP{Z?udPbVdzv$#~uv%@JD(e|DNSQl*rjXPR;{OOnZiW)bD`NK=Xd<auT9
zs&xcv6w+Tr=?~1JnF<@cX`W|1fr9v;slqWkw7G$rz90Ff+K@_VB$vWG6NGARjGN%S
zt>q8JQMdqrP5pgHCb)JxS(}0&qtvRGssd%htN`WTAVj$Y_r4Q1m8*!pa~TEC;%}oZ
zVC@c}5+)GslU$$AQr6j1!Wm|6HsURcyB)d5o9xZ24DAKQ^)6?zCDg`oIqGj6#W&7a
zW7uA@O-$t$9#t(Kr-2v)i6Arm|E#gcdiWM>i2*D9w?@MP{o16%q%314WUw$-wjZNs
zHu6p*=MRE>tI*Nf@19vcC-k(D9jZ`$6^x~rACoZ$zNmycBa2fTBG?aDE{V_zg6rOZ
zR-}UI4Td^4h1?J&Xs*^0dfg>7rwK0uP2~!j-0D}sX9v?eBgv@=Z}yL^nc`Ef3t6rD
z<u~fyPBN<O?smd8TCyVPR?y+pU5u+!TpI5W%!5#J<w`H3zv)Fr`G%Y*#>gv+()gF_
zu(*uY$f6l5CSCg|fwjOqqCDhtHwF0h4s=fP)S*@9pZn3FfH*AMTY!mFdT|{WSC`7y
z=JC#$0@cCAXHu;EdRz4k)$BkJF0>w=Ry0FKfRpb9`QrK#!SdC*oZU0<>>^LEX^ovE
zZwILM-!cV^rZjdww8rZt-qS7A%`@?kjS!Oo#oAzG7Y4vGFW|x^RDduEMsa<#s=N6b
zj@>nCMDPlQyPuIID!RcgdL510aKy;(cQyXpuuY!PGCr2$=zGs<?s;GJou(q4(M+S=
z)psw3A_d${ZG>XoSh6Zy*CQ>cjk==*5rAzLEKTd)GiXY=7p$<i;_AB>XN1q$-2Sg1
zNDIcYfl{t8#@?lT0K&r(JbQBxrrswD_rq`X!u6ZKoBh`7cJR9on&TAufru6%<_$lt
z+cj_da3$00oF#M9pXUQA#)OHo7^tvyB~!1HGS0bRf3?vQaAeMIo6wSp!GL9(4J%}6
zn(8jWJ*D^L1gwQv{NRj~QUcupS{Q_RAqe}(6;wjOy@jKp7;NqY6#Yq!3AXS}7*VA`
zp<fAE{>q`g4I%`ILlSx?x$SGENq_)@{lFHOQ(kPzhO3g^vN^fd0*4>EfF~&k)aYj^
zsYJ=c(MS4C_kGv~Ur4!J5>+LdDdq*6S#f9x`MU_JDH@bZ6UDB-w5Ax@m8XM?hqIx=
zT*-DUH>_QXq!xwXU<V4?yaNd++nT5$v=$h@j$jE>iWb{5=xN4F8xxHYwc)wy6WCCJ
z-NOo&NTJH2O5mg@Srqb?3749nxxr0H2qZQt08hq7utMmDB*~hJ6{}OZH#7wt`Loji
zhO8O(H0V-G*t~>eS!jX8dAxoQuBPePaJOT-g*@wJJY<BQV#7+B(vpsf%zjH<=PVQP
z0vqN<!o=llI!!?49MVd>4TE!rJ%U<F<(#~ek)Boz$Ocgvx~yT1GWRtkmMkS{1=4s-
zTY4PPmRT*`joQ(hI`KcLqikU>x@65^=cNY7M9B+g>l$bTHyd3EMC|644;!X6&0eum
z)xnv_&op5)(u=X&0JDQ*7=%iVv7%csz(Z8h@FmTChZaA^MTh<1-pVx2pVw;LR=->)
zUtn^N0`nF=5ao8*0F<)b<Cd)H-Ts#5T6&$iPBSp28GLT`G{z+o5m9KzNKac#zN#IX
zMqNj{g<6$=+`ER<o45@Z85Gf;$_~ag33^U`)evxuFzhsXOvpL0D*oIYh^-yfd_2Zs
zO<ErW$*fyTHHkxU&O|HuYe~ESle$fr)CgV3EMo<1m(l*?(4bMp1Ujyu>+8&!f1Ii!
z*nJdCE1yw?)g*0P0+_vQRHFT6oa3;b7dA)+7#CuToB7g18Z`JsL0#!(X_ZINMWz|L
zhkS0nO}-bmr_zJ;o-K`~#{a1aKMHEidmHeP`8I&hT_9@|U?bUk^&(9=TOAMU+o|G0
z7|NYl`IT@wR}vA?F*c?HB55HWEbi$RHM+REgqN*exPt#-xqY;g*p3C$<e;vY1RL#t
zV|0ifj^-WyGxY5+jyKn$y<qxF(I8=^b7&Jt#nuGrm1|z4vz!*?7Hu?VZuZfD{j|x*
zmqy2g47C#SN8`L<>#WDjxLI9n0-Rp-I_pz@tX0P3Xxh<OrQdqPT3kNURmR6`K=lqD
zsBY{(IG953Pc|~R<FEi~(xjD#$W5Bms%9Wm><UPuak})A;GC=r_6Pm7Gs62VwEmz(
zNHH_X`p$V{<Zc^5j5Y--;v_pGw83nB@E2E?hDe_XDUj^pvvGnOTGBd|8wBH|51UUO
z%VE8;OjbPNBGvo=*diD*RFxzw@+uj#q2CF)W&vh<HndFEOc5oc(47!2R7ta}?$vD&
zK!U_+d`Z3_8b`vt?0aJY%`<9DRLe>v80yH&?U*3F9Yq1G8Vap+e2Jcf+PV-&QY|8Z
zWp0aHbZtA&f}(7y3BHzb5seF)+}_h7RZ!r7mK-~_ouSm`3s~a#IPQwp$IL}r&h!_3
zQvWUPnzm)sQz!c>=6ZnDn-B-ID&>ZjJOK+JUwYoPjq6fjV=3aUD2O5;ESbYHcd}br
zjl}!*MtazVN8{~5+$p(z!cvGv9y1fZ!4MMgq!%pma&ELzN1+Yw($<7<E>my9I|msj
zCH#tf4?c7c5}H@DOx`O}-b-ioLg_E=xR!<*sk4?kVBl);QXge9)JNPw1aN2iuHUmP
z)Bg=o>;cnvVD)?@FuR{CYnn94H798y^E_5i(zt%wUOj|?6n9KPFpy393AJbN$BGG7
z&=MS<rh+G561p?h##PvRBYZSKC$l}$k(Amyb^`&-i5dg!<&8WpC=7K<zBMi29e;6o
z***4wI3Wma2xuQb&y6t=%*n|`man}pM=};in_TK@b65O%M?rj1NTuFcuzh9_yM$N+
zgI(sNiBFn%*YYM!ylea%G;xoH?Y&edoi&Y%-lF%uz~r4QO`rlu)|8C1fs!39jRNhw
zr`x$;rKv|{eFE?8cmG(>fg<GoFlw21@hnxa6|?r3bt#dh*6|wf{;@I<0{ZWeaXgBM
zxt*PpYi4`q_=|1^fkngC6gy=l<(aB^=}kBPjs`k{7mnFhk01W*ty?Y;ZoFlx&M)<X
zpZ$P*_dvA6s>|(qxg_sdBJWs%2=MA-PKDx9yrw*h^$1y1shvX5s;(KIFwzU@2)a4$
zjoAQG`%A+#fuVW9?zpVt_Q9kvR3%Cnsx-R#ny*}ER~xDfp*KYuuMJ~JF)b_AthJIr
zK*IyNxZT-5hQx`<7_sbXd<nV6+wqyPWY6qavR{TQ`COATn&SbIQOOSNd4n14_~XK;
zg*LN@hWp{Shg^aUuPT|BGH+<Y=qu5vx_G{!g09%ift}UKLBa0J{ut@3ATAYux*tE^
z`|;kEd1&1b<jnDh>+%YBZ%Cs^uKnH^nOtsoSuz{u>~03cr=*ef_55LI0yt1Gu9<yw
zy*51s05t7;9>~II4=rj7!Z$g#LV&wHGdXzHaWHxZ5{T3!>|?@MY9{~Xk(*JEV+nw`
zniLIuwlA8>e00Gw^0$f=TcYJcn-vlp!;?s%cxrN2jJGaE6BsL|fSc~sM=cvewX41K
z>o$;PaYERNXq0o?=u4~^EZUG^W8G?cT)cZ3uSbmtV<bD4LUZn2i-?9uaQhq#pcF1_
z)LHAvE!)N$2Z;&1Hm!m!Sj;$Rv^N_8a=4^#bBsk!98vA7{L$CS3eN_5(Zn?h@&}e!
zH%9^)<a*m={Nl+zb}t<E%nsNFckGQM;9IsGsOY>qu&R|5YRz-oz8CJf!3Odj&G;BB
z@>ht;?xi>*?_{a}^9nLZM&hL&FC|m&WC`zol0(AfA8<s*zsJF^hFM-vX=CI(>bbaB
zN_Y5NkxM~jVRm<qD_|yx)3fe{+8aI+V#oZ<fy<(Cf)6%T=K~)|_1PT=2kfU1LE_Rv
zpqU>n*(xH?syQ~SSV48TB&z*YJx1~<9DCyRxbS;B#+Vmz3^%}PK5daEUP2zLq>f)X
z2tscl(dpA@wtJlEuH=RjMyX>%b4_*rTMHL(f&OQN9?J_gCl^F<vC5ba!<zNH&qagP
zGtzp}-zt7bGluz$RJfjRa=9aa##0My@~TAwm)m!A%eF^nZMqZ<@#s<<)%8CcG|0(t
z5Yuo3e~T<%OiZR$TLc~_+CHY<bZ7{wvD3cDD7sU|+xpuOIvQm~?bEdfr*@W^%-J0y
zbQH(~4b@O`BQ6PR6hUaW6ggn?dqH^_yU__O5bm~SCR?fn)JtTJyq4z7cAGH!{kQ65
zqbQiNFbUH;;mOedtM1Y=+>fswb(luMR4y?@w{sIlNHA+?X>G&yN|IMaE|ux~)V?!u
zl#{!P#x^|^vzFZjffQ1cwj2fVqFJNOIGCXDl<_Ug?v03oZbL~?ZF9YDaH^PCete8^
zH^!zOi>X?bD*YI+QZ^R?>F~pyt?f_@n{a#m(j6}uS4_qqP>*XND`D{7R{1)7NA>D$
zO#wGOa~tZ!z_>{+^*))30ai2c{Fh5s6nJ)vZ8znL`b;Vro-};v49~7RhI34IoQcq-
z<ci_7RV6Li8TLb5X0~lgG!xp$lrK#L;kD-sJ;P!WrXGY}ggFYV-QI_DqT+vRf|o>}
zL_3<XJC1UH91TQLJ`yJ#>ab)-M_(_fZf^^qHA-zp6p*ol_sT2Z0X>yV@;a`Kqz932
zkZ5AkfGi0YNmiv8KZGPy)2bLczsHvDC5_atS{cyhySUJzSOVWgcp<UE;cOCDXJORp
zBPH(`C3^;^6L=uvTZ4}*dy7~!8?q)%^W$s2C>VLMrb4jHE5wYhvEDh;vZToxc>yJw
zZe^@IR%9(zNj5ZDbKy#43Rg~hAb%p4y`oBt*?MGa+GEq3)}UwI+!e2V-Lm%WP?;BK
zr`CSI?z(5l0BjAav%s9-*)Y=fH_IiL8|Sm+!sE-#yby%T8`90(G|ODedy-0W&ma&<
z%c+oApkg}ac&mq`yhLvDLT<Q?lD9Z<Z~@+|3bsUQo^VzPeY|z2nb$8!NsARLH5?+U
z&4LAsnm%lgvC*wNk6rK1#wzx2yh+G=3lTDqK!#k(BC#Q!wpA!Lj?*Xqo#Bm@C{>VY
z$2IlD?f?G!ck#{Ej_Y^&PV-(CS$faY;UaH}oM=F&p_N3Kc1LxB4I3}-?|C|6GvM*&
zCRo*1ZvxS~KzPbTsV{dCmeWoE+9`R(u_PbBhW0F*1s8RF$NB(<yg>S1Swp{KB^C{X
zq7SlM6U8@GR#L%arLt`hoj&Cu3^Uh^eZ-3p$7J2(O=b&eTRgD`HmEk(0F^r9Ha&No
z*A>lUA6a6Gt>js?;=QG@K50Mvy0v$upvZUlD7{Yjhq8$MTGW4;V!%yjdwP<xoQZ*Y
zUQ&?PHJ;*z9K83YkJnG%s`=P<6l-t{Ps3fyELDVkEDIX^cp^6&Eyy}}OF~7MbVaES
z4<!twU$8KME$#<0lv^GK`$}^c8b8Nrm^Psu+w3>{^25z!LUHIF7TZ>}l+elBmEr_q
zY;Kln7P>$KC0`N|4qR-`u93}a?Q@+A2w(jT)^Mi+((w_%86+a(zg0(9a$HS#vSy{h
zHUW`$J|?HGi5c%a=411zMqAnB9V_lQyFWJ>U$c8&u4g7$`5Xku^IyV$2CWUKR9&R0
z$=Squsir!^+-vcA2B|$~q~huChpb|wM4mz8#Xj!B$8P_=go3?sZG+6SEsKWv(Fj?d
zrJ~=O(PP0dch+!ITguLUz!=v9)UCMVHj$GQl@R@h7A2a|k}6gXnd6%BS^bWt9{wFM
ze**s#O9>qy8K(9unf=a)d7=SjDGRqTw%t&e{@U<b__p5Tf+YjhkE5{P%;?*1FJF$`
zCjE{T1mWM!t%~sYft!c_t@2ecDDm$$$G|#lm4mlvm9W}m`jV^LxHeonuQjjMA78v8
z=GREgrQ1$8WGL(hE9;8!2lljCC9HO(q+Hz|(%Nf((_>p-u$?FB)-XYQ+scaEn*!rT
zPr2dwbMi{4s$g|fpw?%Ga5z$HA+NC3yn1f+lOW)cCd{^(G6?&ju_5@eD0^w!COV{L
zJdV9Ir$q_sRy=aLS1c*?eh`OZ=jGBS^fdk8T)BtBO17&Zr@4@ifv;U(7IL1lyK|M&
zr)MyQm~7qVI;kQ@Pmkv0ns0bUiwp~bxvFUPxv)uG7H%RC)b`|voX7%Zlu$u3W($iM
z3bRG6U_fX4RAi4lxcNIzM~N=S_`Jtbee=@Q%i38rpqBjc#j82_)~GUuEhAOa>(@99
zPkhRajk>xASO{YD`7jS?>H51qho54@!uEt=%>*%OZ<&gh?^)g(ZrGBf@ZpyImzVkn
zsW`MUr6r+AOp+?2A-@q?f9K@otE=~~UR>O~dik9E(R_jX!t<Qm$l6>SP<UL*pJ^!K
z=5~fem{3voQH0I|RFF%-OV{N(Ec+#y6efH`Lp9dw6^C#iCd^0lpBrBZ0A=I~o4UHG
z_Zk|av?<#HHC{<@J!oxVB6L30zavW;G!zTz>@-9c*euVqnxD^)=a7?eJU_OASZ0GI
zgFp>$swd<3Z)zgmoRDv9a%)&(<2&)1F3hrSVcGG8A=(0Vt7_p-)`V@Y_?@Zcc(5(H
zo=)@;dzaIyf$!fOJ`cQ&BW7V*e3>~Ua<jp1G;3G#EUv(%qa25=VVJTG9{n(N#V$b0
z-YeUpulDhlhU$JcDe2+R1yE~%UXAJ;ZCY$8TMx>xv~xG9^Y^bVUcP-b-=v3-C??We
zauF`k(CVXYU$MAjfABhanfgm%naS;ADRY_0Rd)~O5gYMK3`U;Oncm^U)tYiWMx!a$
zc0=lwIcdIJM`siK<O_dbp|HIhL;j5g!;1y|0n4@5g)3*phGXteLs|^$NWGHe<8APv
zLZrK5{bFW+7ydyqs43D_0J)oIYoBfs!MtEI*L`NmGX~YWEwAnO-HO`OV=Z&mj)!k&
z+g2!_CyVuh1rs_~re<xHZR<vW#yUb**cqlUo|3%acRXXOkRfo*#mcLq<=5si_3E02
z{I~jl)pag<0mJ=x_stD7?gfAG!HSNaNB|`WnayTkQabsomYLJ+lzh+3_aVKZEO=6q
z`?Yj!QekbwCkj^;`@NaB&ou-se<FKqz~P$zVPie?9v>uM??IuhwcSaD9!Ab%S|wRJ
zPl?)YGA?fGCPqtXiX<|k|6uXAU^JXx(B=*YVZg!EzZ_*{27|J`XMeI}!UTKx%KXt0
ztZqPJ|A|)~q1qonbGb?sk0ZG7XoK1ca(VsY`m*U4*)x7RB7i!mAoux2`j{!K=3!*j
zWKHvns$9S13W_ks3n)8pdN~-_DcE=;2-h1OMARC_i$7gl5nAcpD@~im10{ocjn|mt
zJbH!Zy#v-~Aw0(F9yWZw;l~=Vywh?IKUNr~nb~MRR@i^_2}1D?<TP-j|51EbT=0_9
zQWm592939z38hk{+~5rZGbSIbTk#Hzd6&ywfOTFd=s>XNmqKeLLxr20@y};OuzNEn
zZr>-rHD*QV_L2SWd35{ox>cd=_-brLi4=k*Lrrtzj^uCgWRL$%v@E5#)c;%247cyy
zLzwxR+aEu>#%p$>^)bA2_L52sM0-(TR#p~ND1B~Cf61|NavqbDGRcGfy$8>M$tvNC
zD>%;^JdQUm2PQP72X+DiR>xbk%=7Mi{P|zO-^d%TAT(#FA3Z$Gm1zqLlG~M5I(hyV
znx@5b<iSfLNfm<$<F*w870!!&Qf_n8>*(gi6+ltsUw{1sB)PAi{rXAp@IP(d$!JT`
zC-p8KEY6INEpEgRLv0EzWnE)<t)`{sk^}M$5QMbm8u4=46dU`6$Hv<9HY7~Zi08iq
z>E63U4l_OQ-{Gq@ioSU?EC}^s=-Y!R`uuNwQ=MsM*ZVhrllL_ggf3q5!ug>pCanql
z!k8rV^4;}c-dz0Q)f?D1jBW{7B+Ipt%J+$TjK8&g_iOOjM6A<JwA^)qynB7!@YL;i
z<oYcrZBN~ys*_mu?!Y72JH7hT4JB1?3N(i+=8tKc3oMxYMD8fPa@>s}&(U~C)UaT2
zaByAJjt&bh#h47tV|?DqEc*T+@hLR<*My%b6;peyjdedMW*ubkotbs)OXl;gQbchS
zuJct>LdaH8s_9?gTA2(sThOShHj<5_p&PH8RzH3}T)m-onJFm0auD$Z2;-td-7D?n
z<DTsrQb=~Ul2B#2t_ffBvy>l$G9SFx<k9H1Bir8(W{CzjrBm;F7@cpJW;mSLn=-6r
zDa9U{HC-<@o%UDo#EapAZ8b(<{IYW;L7!p66Q!_DrKU^ifIIqgN~?cJlm4MsHBUz*
zvgwEIo?pH+5~j^WQwGUM1eTFqOnY>Wo?gD(`(nzXyqCq8A|1_FS`jqnZ|x+~er@FQ
zx_j4f_gek-`tD#@B6dpa$SWB3gE+ri>k58eS8snVIZ&0svCZIW_NvNou>OH4KZ54i
z7mOi8A6!jwC>X80yY$#p#Li}KN>a$bLaER=B4VFL<2^R1$})W_QuuAKOksuoaC>ag
zw4ph+fhVcF7x%PC1I?nN(i{*Ghst6$6CLVzAh-^Ey83@Ccxh@sn+nmMt{rxjh}tQs
z$%rNy<}03EOc0rrG_$QOS$WS`SektD<O$jypZw-Gzah{dEM*Dbw1E(O>R+Bdos<7}
z@ir9FPfWX9g%zuCMsOfLV0A|R{ra1Cb)8i6*C1e1iC*J~+s-+8>4o3<wmw>}2Rkf5
zx#Z>2D{ae_r3|*<2w$yj19FXH86T)559SoK3)`AE7-k9IahwE}a7HqI%g9ne>+x_d
ziLIerFr`I)Q@t8LRAZN7!6HNt>x_)(Y1{M=nagaO8JX@{Hjo@?!N6sRaPl?2dF7zu
zF_;1}HQ}L|6e~Ej0sn~fgN<0~vUs=ofX61jXH<gG**8U{%0E;h%_0iNHdcG|Vg~}o
z_L|fT+s-<w{;)oy4|AxDTh{PC)GcjyKNbPin9lWmqJq$>lrtzpZ-cGp<Oe~ZuJRew
zJ&q}4ZX~GP`FN-A*HVtDb^C+pfahkfub*)gEo@h<*r^J-VP~4!+5*STYJrNc1S`-U
z6W26~wtBX~7XBG!Xw75vtyhGuR?uDKF6NYkCKMU}v94jbX5{MCTZjP%kywjjB@>w3
z7*`WqBVa8C&k1>@WC<1hG-Pu?$`uBOV3OG)lS#Oo0FFd%OivM!5_pNM8BJ~XX)PAz
zIZNk+ywI0%$rD;eH8a$2r!1|sTy1hh*Nn&_Wmq16NfHmB;X#qt3pfGSGhFbppv4x2
z7khS^SYdyH$Q_1RVYf!ez6y)`WOPG2z_aTS{UuxU310;fZ})PkF-`5DVGc6vHu4kn
zk5EMz@Z3m<++IBwr^d>;*5JyDX4!VeK5FvJ?^q18ume+CO+N%yo*`1_1uL;`&k?Re
zNXW=If=44kL*s&~#Ht5<fY}`@wgz?--0=+#_wBzqrUPd*ND^pY+0lb@1l-ZBiuUMn
z_86TwBYSa<f_Tdep$c{5919Tuj_t>}Z%58OdU8HeSI!6O%XvU^y#0D}K3aFqN9xb{
z7#%tf>Ct(>f$h_$^YJ=$K31>J$LQAii2XVrrDNx#^z1yKYv-PQI}gD1{d#xq)4g+S
z|IWQSc<$B1bDurfqmSpIojmtE<wxu0`Dpz-AGxFFWAyZl@9H@Qr0M_p0DV38xEG^e
zIIO#8T--R0PMy~x;a*lVf~F%=rP^qfJ*ugv#zsQcSkX}J<Bo0Qb(gl>`1n24T)U{)
z8A+u$E{%C7mnjy1s`7Xh-wWZ_%yjoKPSmMJUvV5uo#`Fr8C_&n&xcSawDCdmu??>3
z`dI9|m8;MoB+weDPvL*CKJ!>Y<0jW>e|%@mk4?N7Ki^UsQ_YX8kX=TfF{n1=d#%S%
zIB`81c=jGNk2~W&f>umk)viLy=(gJu45aA%Tfj;m<xbUy^|@H%JoEMZVT@-trcer2
zIa!)Q`=%jf$HXI{+jP%L)J;kocHW0SuXv#}7@*t!dK3>t2l-o?k8~-y_xwH%gf3)N
z+U!{Td&G7@1@ux{@7n_#r$?wJ%~VzhJ!r<hoDoKowHCo<Aml{ilomLxWcgAr*7?fX
zd}qY25f53tfC=MwaWPiP1R2Fb1Q}C!5x~|4XYQK)8P*>w$L)5g&bZRky=7aqyNXzT
zV%J)yj_d1TLOm+sePhgiLSHRN;aAKQSEkmk=OwAHc@j&pI5y@r5G^LS!#;~G>QE2G
z$|}d{LWu#rTBZ~>WF{M0+_Kb3R<Wmar8m!+Cko5-APSFe8wEDw4Y|kj`7!d%j-s4V
zFh<!H8dvx&%@tZiv@8UcSP8{p%XPd%4hN0sqvel%?9U@@&wX}hvrcoH##nOpQq(t*
zy@5NYeGD-wjiy5`YGsr`s3(336W~lofN@5xZ~&DHk{SgwDxhi<L>GKD5MZ^3CAlXU
z%L}*~1=I`9x?BP==`4af3Z@@Z=L9!}&Ui0MYn)%Kj_4YQ+8PBm6yep1;u-}v5b+h$
z4BU>`5U`zPMTLa5N4y?}qZu9Q)g3Jwn%O9iuy-V&jpiQloRhbP;f+Kds%2m$v#N9@
zQ1|AXIACGcfQXf>Ey$Xij$XE5iSbO>ygHsijJ3Frv9?F5Lpb)dB*t3T_cQ|z7LkZt
z-6t+Jfn#jJiAb<9WhrocI#Z*4)wVrxW#$@^eB=UUK{Sm9<;RNKSiUZf`HwSujY9lG
ztl>7e{^II#q&2~Nv&Wv`J@Lg_6fV)C-~}*|m-Vu~8zcTiYxMgoPdih4tyyIq#}Umo
z`~xkeNm;0wZ`~X;-YI1Ahk?*MqCy7n2Z|lFN0Yk0x7^QIRnZy~KWiM)mX}GNgENj$
zA!LccFlT6rALU3SE{xdE%Pzd^vr)3+zOhy{e>f;;#lWz;q>?q;(9v?19<TMuTp97Q
zj$|e!D>jPA<@n$aKV$9a?rCJSWj*!|kXYKK9JIApUIA&eS%Qk4ja7b#R}H{f&@{2X
z!?XKD+p=Huhug~0g7V04j>CP?I1aPObXa1nb!F5kg)A{=R_qz8T!kz#*19qd<^!a*
z?ZAvmbsGh8$Pxo*H45UeCC0a|i~=37#6;)I?ZS-8pBrtF3R_}G66IE|$Ir_W<B2zx
zYc{Mh;|(2tg*R)OscY{>)U{|2<IHhJ8Cf(MY#krZ=f`7C$Mr5SYFkw<Xa7o=NMver
zfR?-%IY}*~*ERs(q6K8q*?Pv`7+l|&1@6UKZASL%g9YYVOm<cOBdTn*hige<<mEbJ
zJmVW~vcWVtWoo3K;RFH9le{`Jz~&pak;V4R0n~pS$=K@I7-$e}M3Sl~m?*RDCzj0J
z{>6uo)T4QzuCpOp$eau|T7F!*PPFQ*Hpl2+nYbf&v<TL3>Kc0s*D1f_YJ6q{729t{
zT@8XYHuoaz&A0aov2I2M84&^P?y@TLsx-W6^idj8XZvrs+j-{nrO_a@e)V)Xudz9D
zT9&L3&&mJ)<cEL$`|R}hCnx{;WcI)R>z_}4n8QDQb^80$zuW)u&!?v+C;$29w|~63
zdi7uY^zZ*Es?9C_ufL!CCwui@kw8vQfB(NmPPCyHa8b@=F~cK$4iS)}z}f9S>|WQb
zzi!VmPC+1`BxrK~i7xJb>fc~j{=WJBB--D2cgyGELKy)Z%f5`XG2=@;=4JE8l$J3m
zkDr}o`KO3g!xHY1P^Un(FE~&QPr6|mfcUd9bB%~n!}zmEps`VE;Np%({V7UqcuY}h
zQ<T~ir8WlU6s0yrsZCL8Q<PfFn4;9CD76QOQbVP!BUUYPai%|49jNw?6sM*%f+g%C
zNn|C;8+pqj0#I7EgdGUbVybOhh_NMr^<fv><A$)&D&<;@-vh_&tA2Awk+RhNAri$5
zH7WIK=j4JEEa5pfWfCa<j#y_3AIH*LUMiL?Q7WRME}L9<O0iK6512BFLqJjPxne}E
zWtF9*V1G6K=vab}>%Z}4(})^^Ep|&7H&L2%(|hJI=oI^y^8%3lnk7=C`xvfvVALWL
zxWl4NENNA^RP{TW@syWa7ZHZnOY0tkmD%fI5mVJ?PH3JNk|t}WyqTYkIBiqH-W9ja
z0A4_$zp51%s1yKXEhT1KQpl2)(HOM5L?5f{C-p}nA)?4u7F%e~BF%KXec;|jh&L_C
zEVZpY|MiL1e-m@tHIIR2W2GcneB6NMPD_7QjZZxLnyh72sQJrrKBZEUr|>44l&pST
zl8jMRlBZ9|hKs6<Em7d9EWiGG#5IgpR`x7v;43KbZ>Ob1S8gSsFl&6vCC8)mwH3p<
z#-oaeEpzvUq}fM4I4sH!0{UAe7uzzfRfl=DS(@+vnjd%C2lmd}Yb$8l2iDyKdtQo>
zRaS+pf<*}$Yk{Y&hHO0wP|;fdXd5Ddc{_Mg0B7)s9<9MeS8ob?A~8+><sKdUf)F35
zZE(R>T$RO`9l;lx$Z1L?$%1UEtmJv-b|<)q_ZFDplD>C@dZu@Zon^44YfgEX_@1~q
zFi}FE0f?YyIW4H${zPszRGp#|hR|ey3z^<%nlBbKt9QYReK{04OD3oY`c9i&bm4I#
z?*+DMV`Rnem}p@oi7*-cfhM<1q~u#=Hz(Z+x-pG!^FrQnjhrlP!5)Z|Mbk9aWwxc$
zQLH+2rz$m~VWfU|i2f)v{TKW$VKK6(hI!~B?t-nGc9vm})4LU>fUoiUVr9@wla;VO
zW;>I#5XBU_fAogN_UiOL5G1FAe70D`b+S1w7HN})y{D;E<PT7)>?H%C-RHHv`_gXV
zyW6U_v%x6)NH=-L)cp2e!PaK()OoQ;&)>hgc=`6#e3Ks1WO8H^t>bV9yGC>8Ft5{F
zv6U6Mr&wpvbiTXc`E&A0s0v!_(6aTJK{*XbNn9U1^2%&(Sfcy{-S7@=En6(YdN!I+
z*YcjElH5bc!JXFKz^kvUHN`v3Wg){`oybjI$PHJPt(bOh2lwFQ8@d{Sj_|lMI>6n;
zpG>8)I1Bfv+xE+~yq}eFRw*{)!PvK`1>dqQ1Oi4c*}Txu{YnW&Uie)L8}I+{@>?}z
zH}b^lb5<tj3Cq{#2KxTQ=z+IqBLy#I5#NsJ*uH^WFp*hidd0{kdBO6v139|u^#iXz
zBIG1eL5^`E<x&P+60MfaQfAF-1;5~}@(`z33{=$nOwj0oTe7zs4u*-n=x*@q^<V#F
z+cex~Jt<f@kOI<fwQgPk{oHdj(yClDQSt;WyJ|S#&?jBwa*0|+%2MckQ}C22;^<S2
zgh7ykXP;tsW8F6~4%~6B+fVJ39qW#ba<q=3bAyJs{hW)V^u=RP7#jo<e%T?AG~Mul
z{OHeuL=LNDAXoMN)iTw6H8PdZj9q>crIndyn~K@B`O)joJfMd3^$7p7Lmnbz+V3cs
z`hzz$A`k1aZSkQ@dqqojPvd#EdERaxtd6E>!IZKT)L=<)i5FLw<c|pI@IK{*EK&S?
zDL0e{0~OjmbQ>?)MfnUiW-(U|4l#h1vhYg$R$6a0`s7d88hS@0`f^%Bj~AJ0iOI9e
z*%Ske+|h>=bG*QGTqFZgOehXcKrfcXwD94o&JRGbDr}j3BUjuu0@LV&8%uex9_=It
zeerUTQrRm(7g^ZT+C*sg3VEH;6=Co{&Qq@Rf64Xr8}Ou5!sr6QT>#&Lp}#Jp6p6y&
zcNGcUsK(#kJA{kWHU#zR$C)PvgVm`^zrkRm1tT|Wp4?t}&J$Va--P#5v=L{-dr^31
zmUT78aNxaTIhGa7uFWpN->6bD;e(BU0T;l^RkN`a*x2E#17RnAVJJs+aAAA;<_Q`m
z9Uj-^!tTw%i$S~^%J%PY6}|HkM7&dQFI>~b89O;~PHfw@ZQHhO+qP|+|Jb%|<0P4S
zpKogBW>@$Ab#?W{s&%>UuZwW9;vP^obeNsj)vk4vmxHz)|A;4nmN#L5E4kzEY?*)o
zcKf-*c78?1xfyHzfuR_6Pt(!@xPHvGr3JK|GSxLHpk}sCgTMd0e+zFb=*7wQAl#Cl
zx|q9*s`g!upEha0W2LO7O_!hQ4XGiT$rM)ifz=Z1s~J{@Q>dY-=1h{PjzZ+|e7vmb
z&rL|{2?P_~a#^g=!D=xeiZM<>yDS<u8HBtGs8+?<R2lM{RKu(kZYX=3NspR|kAnY2
z@WS9?nx_xOJZEe7G2kzLoE1McdNa%ZbCwu>@X2}lCySSl$b5Sa;?Gdb1nS-lFg{OR
z-@p67={tsRYqL;(8TBMz??e%fO))bUaWg9bxvPk&DZdKcYed6VN6*!{%@tBAMKI?o
zujdky0e%YRkq1~>j4_<?n9W&+FK!ju#<XKx07n=Gpe^6qATH*pfacV(bILdg=nxsG
zs5u#cx&(Jha(9X;E^s|Af;UYU2XqAoT<jE846UnUH|VhHAaXhwOo}pMniV%qU&|~$
zyg2jz3TYg3Q4EI(c;U`H#nfiEQs`lL$Z(Z>QL@5%AKzq*99}ZS2JusUjl$A(>$0!Y
zmQ#6aMr(<UZ`q6F`jEpPa{o+NDB;h=p#S#tdQd5DD`Oo4egI;Wr8D9(0eW$LyF0v0
zA^{JcHq4^5f!V1tH*VvGT9JrWD=RjgVEYij-=2tk8|8k$8zF3{V^f)ahKFF!1E>ab
z&zliB8{JYhsWto)l+q@B-=jiTCW&3u`2hAM1+tI-7Q85My+X+pzlk%f8H?M0oz!!X
z|92nDEt~=henUOJTSLfFty)+FLA$-O&*CdqH>X=aSCUNscjLY&A@t$&eF|zQWE`cI
zya`0LcxZ%Nr+Kjesz9F-8ZE<u#e}*cu&}}BidwIMwfCrr3ekyjBJpD>@ibK%lkU!z
zcFA?le_eLP(F_5bC}z5{C9D(k`C||GEN&`o%HJgNLGC1L%@0F{(OM7qH@589!yVp#
zQ{9e56@ejmi7fdaYLl^s9Zu8yPtA$g+1H#$Q?CyvpBd0z^R{@W2k<xd2dFBj$vrKa
zOQ={_@>Ml|5AR9_$ZGLay6vA9dfNlYUEI9Y_01r~ZTGVo@%1ps@$Hs>))lO(kY_zs
z7&Qa?K-$>in#jn*ymxFDH-@m72rw1qz4(FfzJ?Iy3lHH0(|+0Wyfb>^v1EXqn{_OJ
z<MYs10mbyuaC?mo!sKR59j2@#nfmeZS2TM$uCnN>2dzb({n;_3U|+w-QUD+o8cdq^
z4;K`$dgyk8(@Ygz+ef!Q@!aWL-gLf2#$D}8w_oTsZ#KU#mv}X|?l?Ew9;q{7>0KTz
zgxfi(MzadB%xWq*h+uWz46k-VAC;`3T&XKAPm~?Wb<SeGon4)T9Bh{%DfK)&V%E?-
zivd+k8BL1GTE-Oi()VIdD8|O$HOnj_*q}&snG>Z7g~nVC(<Kh)dQBy?o^2vVoP$MB
zPDJfqD-LE@3$t-5I@5LL6)m(6H3~H=v99ro4*2E=iCzW%gcNpgG%0BWw=!><S1f`V
z9Ex_U=50b=w==}8DN=RJ;;2OU-j$?TpqtmEKI+l=>~K}KmJ#??=8h)vz#ozZAb22M
z)JHvFEU6^Ptk3kNt_X$h@=o-$a|Z>eva4bf7#@u$;}~wRgetB5U!{V80XE$~oy0Yk
z#HQ{vOC0=r<M^Iw3!OA-XEM`$y<)<EHyg(~!n|MTyEV@{PCl?MUlw&C*n#s#+#{;?
zidTGQ?`D>qOyFmQwJ4nc>C{r!PDH}g{i%~9Td%jMpnT&Z7>E?BK7Um73G?IJo>f@y
zgks;?jS<3d7$7%!=B$n*sC+W45G67O8}U6>&HELF)onxbEsgaf{7Y%FFr4tU&kBQ`
zKTglTj=s9(Ki96WzmC4VPfg*M!{wT7zZ>{Y7BiT*eX>aC8oWE^iAG3e0s}i7{$^;u
zoSx*;%9A7iLa7=2!$g40S%7{#o=&~w`t+F#e?yUr;h(C8C+6VZfi$f3nLIHmK}_Ap
zUZPuC7w9-Nl^bCos}+>SX_l%4Qp;OvV&hB))v47&;9!UAG6RV>6=wRth(!KGUZq~M
zKNIh%U=vl%1fh8yMA=u>lmtykRf{1w%z@C2$JZp7?Xksd4t?hVB}tWyI9eJ74b)7C
z60v_<X!^H#?}Z&Hu<4w;@{-GgXm8?YB`u+KADFHhcU#z;!Izo6cP04crhI<ie*D><
zW>PM8CGyQ+x3Al>QWT)VR^vie1FNcGEi=?2S$&$ndn6@+>9m<D6zW^Bnop|VT{JKq
z-MKj6)~ohY&)e*x2!{<zYtd+ID1UJT#k0SZ5VzreD+r8pOnu?Ew?8djo{X<f<~J%o
zx;k=aX|REyUa5#py(La-mZ$yq&h`EWO&nb}%WaSAlacma%ZX5gHAHg!Oqe8VP(RK@
zz_6J!@<tdwQ9vPXTd2!)Fbjx-tm!FU*3GTUTBPRe{}L5=^qUX64ox{!=lkJS(RHh3
zph78tKvN{AOxz;^2yMn-mOl^5pUe>z=h!?ud5Qf~X1y1{<f0EKKBBoNnHAvN_he0#
zY%}g3&D9sbCBj+Uy=T;!ijBZOo&CDG<fCl$CZCv;&-$nB)tg0NRFxDVKCS<djmIdI
z3lmOBj%8B(Ce8bjTw!2v2eA%4`6EzP%{ZCV?T(S8e;FrDkwb8Txg<@IclsnvkvA>z
zlXd=!F63l%;*8M5Q0+v3RAs9lW|dGQ0RX|u>sZ4WIZL!7Oyni?IG_wLaLg{}^n`(F
zIN+wGm@Bju`^h1A^AaDQVZ^4s9r=Rwk*hia>Mn!q8@Jx6rk?vzzzlfc{0!Iw3&0*P
zN2mCEVQSN&RBA71xtHjV?TAFsDXCBU@`CWKs3?HPeXFFGA+GFo`~F?1CTq9#;_df>
z`mAaFvSxd0RR0om`;w@2LuSX4{2RW0aW<=sPhdsuw0E3#;wc7W<A{N0lwoQsUPg3=
zV;-X@>-ZzQJs*F1PXs-veI)uCBjdWkeE(@xq@^wg<J^_az9!#~<&*)rU@|;94qnjx
z4vcYsT>wsCEp%}(>JhyUOF1cIRtpnL5lsNj;@CT|881AwA)%Uefl51kh-s<tZoJ~f
zVM6^lU|_jgWaNsF4yw_7&MZ`DXgR3D@xJF^w11wZla&QKe=y2kmv_+&k4+a|@AwWg
zH$b)aL=Ldw{>4KA-FpD!@mD0JslvKv^_<l5bp#nQFM-?mTj^avy~#C6rE2MU*>gX&
zzBL3>*Lrl;p+AY(@j$rRNfo7SJ&BTGoMBf1Tf3>E`zWS1Df}gMt$Vi;i#C~&PD@c8
zoVA=ak3@CXib@ljVZWePolU|-yMQy_J!bnhf@oFR^M+__#BHyk)EQ4Q(;JEL&Oc^S
z&A5#{jKAvWIuN>BS#^QBl_C{*3YkefjJ5bpImz6%V%Zg4b)b=<m=~1~eY1e#UQ|&+
z)7l3rF~H?O$}+0|w@IeOfy-Zs(CptMj}CWbSXKB~NjF@XcZ}INuAyj0z*#ZC)T|=$
z(l@DbK;XU*Oo+)^3{$*f2+YpIl<x4xnvDZi8#0shqD<CMldn=py2oECwPE=-S&i<_
za;{mhaX|psWGDsUt;UM}QD!dQ?6I1H34TFH(PXvw=MLpl<B%-Xp6*MHrxRJ~=WjBE
z`W>gW%+6ik+UU_|NGfY7c}D#v^Xs@-XKxpIoR{^JpmNo%N(Wx`i^HRxCHP4CG5?bK
z=R2yj>2I>_#FDwWiQ<7d|1?tYDQoQe+;7(1tt{g6FP}ASAT<&7y-F5=q{VGjrQ3$k
zzFq^omO(mS$ZlcZ%CKk^jF>73dQZ6c_bteuxP0B79&@%e_@5iH=C|^xfP?A@`X083
zmkaugzAbQJjF-G-D00->#idz*!yoS768^o>oHuDnn@W95b<%T#cAG875MKQ~@Id_S
zdAIbl94k+^fXx2-iKG>Tign~D#Xh#Ja%4(sCX2lI>!#=ltY%=1iF+4kwR35}A}8ah
z1CtsP<aX*G*Z3D3v-WA-Yw~<(N;6VwHXVUWW++Qr%W7lS+#z^Q%C#5_l4962%BDh7
zBdexBEz;<v@RWI)d8m(RKC5bJFXb)c!S5!8eZMMJS|t)LU8lv_6jr)q))kI$_=>_o
z_MpsUbr#Jn{YG{1wH!*t6*J-J&E@hvHg=y75-yT`(Q_!>YMffiXQsY3h{kIA{XY2S
zq20+?#+v(pQTL*Q@(fm=qJDH?<Hd9~w0;YM<z1d;<Uhfjcsb`^*R?;6?0;R8p9{bd
z5HA8sY!abDPg#4LLmg1V`{X#K@ti*lBTdepx$~)n{8`SoKH3qUFa7E~h4^zrmfABs
z2q6jJ8q=*k#;KOFH@i}8t-sRJpTOezNzUTB-okg@9l#?2jF|Ad&+_CEu6u6QJ$HRC
zUvxcRaesDhGm*x%`Q7wh52|tcMsnBO-8Y%nGxVSPLfMZvGmai0YkH1;m1uL|XF<Zu
zQeM;rIQrN?C{-p1SMv-;Ro-gy;&l^!Rq}E5CO#QGdcO+-FZivVjUV@ZpQ8P<#*AZ3
zWTTaG$wgs)?bXism{|7~WnY2zJRXlHlK1{i_3!)p$Nu_0UR%H4HP`ojUS8?*f0UQ&
z|DImy^ZS0jB<uTs%gg8Seq2_U|BB@C475Xvmr7~<TS_KpNpI>X?wzYlqDu$nkay_#
z^&>n=pDk6M|KjX&r5c4%&V%6LVU?S1n9io*^6&O$`kiV1K-s!#zsl59Dmg1_ro*WA
zB!VSN{h8EvW4Oa;-nhnaJs)%ya-QW&lM&bqwkG-ajM1)BGB*(|mFo1gtH3;70zSMz
zUxTEY%t941Vt^-ni|kToR+CYikzw6ws`x--3J%ns-{;Nb|G9#*6n~?2`VxaZcS!ed
zXe1<ItcxrC2UeE&#YHW&=JBlLi!j8zTvoa*h)v|Z-@L@Q`GCHIllDSr%EaI9`v9ID
z#yU?Gd?pJ;+^jJTT!qx$2laPkv})4gp#KFnh*cziO_Y@Nt;LfXYb<6S6+Vikn~J5G
zPH((s6Y4D#mpeEW`q)X`<g+?y$ejCB^GTg2?hdQ}rosnTzeW^~I=v;s@2k0%|Hxhc
zusindb5Zhs*g^}+2i?;=e>#xa<F2*u>hp(=XHNhAEBSX1XOjPCt3UDRjV6)k08=_%
z{?~e!VPI2!1M>5Y^T(Mkq5jPJ_D&JsnGcOZ%8F*HswBGy+GPdo49BfD_;VL_vY{wN
zP2S);M@t<VCSC+xPdRx9*CHZ=BcA%Vyk{R-$~>_=cH#qF&F2OIUtuE4R>vu6I<upr
z>)&nl)z}=ZU_W7@F)s+$G0tsUhv!H);U3#C+H=fwsa)?T<msbTDZW`W8BU#*x=#9<
zEL~wR0@R>$5F`6!8)67lFi4AdC-OgW$SqdtS&Ip`Yd3-P5L*@JQ!ZXK8UIj~q2O@v
z050MWwVoE4YJ`+^W{x4~8vt(9a2z<Shrm7<3w6Lg#a0X$Y(PhB+hD<+zV6<##BSmK
zL7(^R;wRK|n4qBg(sM-ucEE&4mNcCdeMqG(aRoZI9+g5sMv&G&=SL6@P7%0bB3APB
zpq>KkwB7<<S~|Q(pl7-2%-!`4;``8q*WqqLJ~6y=Zu*#j7Ek}N7R$`!N;KW;FxQsX
z74RP)%?DmNgMj-#HSpR7eya)4N9RP(P3pfnn;yneUc+5I0vBF#e7QCu<t$NlRh_4I
zxD2560s3*LoG4{DCw7$bC?xY2JIt+Fy%)a5qZ+*FT&nQ3RHV|-vdEex8brNQV;yE9
zbm=??Gp6lAr~Zftm06EWAxvxhxx^Q|_B53*{eF_Y-yg6)wZ>-rP>A^j$vpS471yH}
zm}T*{=d{a}bug<?Gxu!WpcT7*F*v`19%u~>W;97GVytzbrN;Qql^Krfl%p6tS9Nw8
zQcV<pdr4LMs4ON`lpAuBrQx(??>Zd8(XZp0zZ!ZQ3^c}+#*wifm=)>OC2H1FmXKdZ
z`eDrQKiLdOZAX1Fn)TD2G_eTBX-bMiY}aYmvQZlB>3~GO-rj)^oq!;4guWSn^NnkM
zLC4<zTuXD5`Oj(m6k2>cc-Z&rmvd9`p9^53gzg!s-(hAbzZt8~q~mAl0^5e}dc&rP
zK330jqYO8}UD2Bb|18Sukf*UmnYteAj5Oc7kma#H)Ic6-j#7}R*66U4ZLQ88v9@Ta
zX7n^)+l*DdJ#>`S1JX<_(Ow`8D_}54nNVfXH+)#b9Y(mJSnmQlPc0|GG|gN}Ww;%;
z;4I7IWhV*Da!X|=H=}8yY&4;#$F;M<@{~)V@l}~`;iUbBVs+IZO>&CJ0MNCl#5$Ex
zltTwZcEDU15>WFg9nCQa1=M~3k>WitJ*;gtL1bC?1qU+>C3haah3sunt=@3me7CH^
zQY@h@NA+4}A$_<sTKSiryR}@~3PvWx2C)v)&G;NlrDcX1BW2OaLVVXZlE$s>Sk;+h
ztI<USF8uTrCqs1^v<XW^EtriiP)zk)*5I&1WMRpXSkL$6&Rv2I1aT@#i`i33^~kdR
zEzLnD$t6q;#ybnQWeon-gF|?fYA0Ro^etlsAq2Q^MQI0Z%a|&LkNP|chMSAxASF|W
znU}WdAn>xQFUWH#GiH=a271-53|P)76Q}ND%qywYD2<JB8(-z*X={#24%378qAynQ
zghcDX8>dSlK#BVlkV`degc-LNh+nt%?|mxhT8XuWtb+Fy^e-L8_Z~PzZ<%{8dAnGz
z(B9K0e0B_1g|G`_5u`Gu!%-~Vf@?axR`}BLNJ5+&B^IKY-&QLwL4@;uzd*{_ug2!c
zt(`050+Q889T-<7QZm*<vodiSV$f3HW-seqy-8KvPV|0`EVad`f(qv3VBl@sfi#)P
zB%N3JG9&FbKYH1Xw}IS2&#KOA$kiW=NykzQJvFSYx}9)(b)l|&eP0tvv`L#ADS9D=
z>G9Eb!UB@hKV(_#%g0bz2gJOpEyq@oKI=EhmACUoU4iTVDBpk5k)72&BeUkUtki@a
z2==4hbwH{^Op4`97ZEDTO`#IlNmaJ20(?X|VNt^C_-_^$)#vxsEM0Ai`Q7K<t#qrH
zht6!`x~OD7H|aKSMk;OoQVUu+hwKh>^h}8@x8}VAX&f>0JF67LO6NkNQ)L4tP5itd
zY>}#y3@6jjhdeB?2hy&D)Tp;H)a!-AKKWN5<7p9<6+q%0P~vqAx2%j&4Yz5>BVp6n
zgcO?u2+2pE0Zf|xRqCJqI2|aimvPKMPBZG(-m@(Ru3|yMIX^HY!KwXOFi8wl3cB^9
z!y!p%*%7z|5fWsrD60V3VBO&2V`xrbl9Q9hAZfN_Px0Mie!7SXoE<0`8ELK8t@}g*
zl?HqYOxE!A$voGI%tEV}nO<=?XUhyPMRQ$TcgTPw^v{E|KPxXW^x9Hxh+glpxus@h
z`yS2{e3g*_&`}v-KpPLRY4EQLM2zf3?u)(2;4D!=5<O3$e)(-|>|+kOg?TXtdZ4L{
zR|nI&KureYWm3dl)(T`oG%&k=Wd@K`$5-QaNc8T@1#YabOgASU{^HH2A}`l<s3tkS
zsNOVa_nvv}ea-CJZ@g+8I9_PCoZg7E?r*csD8bPs#{PaG*tVEO`AV7Yb)cGSjjsNB
zz9dr9O7x`2^d^)3o8$a2_FOf7yvDXCs><jFkL8EcdCL=bB%DWt*znc^D_Z>-_9fPS
zvRlta>qON`Wx~F|8X8Sx#^Io?4uPgL8%S=P%zSG_BIsl?uR1%;ui_syFrBM2EMMp4
z{a)ZtGnDM)-F1<vV9T<MIWtO)9ke2b%fs{!Y@G-;<f13APpI-xl9sW!jS`dqYIhz%
zJcuEqA*GDyUVsZUXgAVoLX#g4L!&;w&Z{}Pn}tdXGmf7^SN>_`Jd|SJV$>Px^mAH<
zkEr{1&5zeEg&3k2EPCdg5Ex@?nG{HdY4N|O!dZrCo&;2u2{F^8-~eE(#tCxYH{%o0
zXb{U(<{R%e*7gDi#+I$Q%8(3y8-?y;BN~OxFoU_~BRCqBSl(PNp9g1XEz?TC9TrV?
z5HZ-0X`T$n7sid-WCzH3WB7dbgg|&?!rZ*dfrSTz-XXxGcN48r8yLN^)sVE<WMqGY
z<!%glNXRkLGXO1lbt(~sKG0gkWQosm0d1f^G4`Gkf)%D@4Qypj#pY3Bl#)()ZBF0X
z0kJ@^m7)Qa43+Ta9d53urP_e*GDV>84UwgcvRw}wyUV1Y%{0*(y7N%(@Cmt*(J#Dt
zS~SPM+T!lR(E_6-I`38&r(zw>o31(W@<3%g&wM!qPf0+mu8vjFEOp1rW$#Fed0InV
zr@Lkqq&EeIo}-BDEsb`kdzp7BGizZJIA>0*tnxz^!0#h4HBc(942|D2_Qkr_2Iv06
za+Bfm^^oE6HIU)@E?H_n<-K@LmgB#8#y!H<Ezkdll?-=0Mgj^xMgl5IXOR>*oncZS
z36W(|FrS<s4)-ki4~uar((<9p_!_5Sn%`r14Y;9G=1nSS!W3&fQ1HkF#Io%>_GW;k
z4j9uuwg|hWCqEIt)WAGJ8;CO9X;`L8jcy6WbrS`a?_}QP?jc2(`DA|NWWI)bD|{XJ
zuZ^^lff&F}Dpp*PW$=q1v@Y1KZialiV&U8>0j6os`gvfbbWC+-vHCPCC<m0)Xu45O
zIV~v%jafugGEJuhm%6DNar0{(F8x$RoU_*FPAhnz{Ye+%qmz3EFzasVQoIfz0MWYN
zqf)bp>@gOt-RVr~D$LgYvu~(l_<-uGD8LX-LZxWBk$G{+1d@2&pbr14A|VkKo2UrD
zLVa~?Oni-N3pBtqv~~;Hi9`3{zEQ^In`iuF`;;KY$EVzLFH&108naAbnRR0oTLPzE
zYxuST8)r<TYf5j8j%oEsd`&!8#S|>I{D%de#3EzrjX5yhSGCU<#;~{x;eI_Dr)qO7
z_RiMgH?=NN0METy=W0Wuce%h&?i(eHWlcbQL(Js%*Z0GH+LRbWAA2o`teLlNpsumP
zkPREU(b$i-tT{ZZiZOpD1a!7btpBF6jUpDTGyOaA+Blf#>*&Qp8x_+wo~YPH$)ra&
zDyCgFkyi~NXdXKPF-o^%@5_wGefvnpos>O?K?)Z;%ev}mPpcyU_L=`-JNHq@k{0A<
zj1SKG`hgDvUTrRdy6E8|&TO6>(Fi|Qtj2sRjsK`}^jnK6#Ye&VGzw>@>1IJQn@&`i
zrwdj5Txq*dP%bQ)Xe){MUE7|pZ)brNBp$`~t!Y+_zpsBMm8EVrpBp>&HV%TQ-?qn&
z^nB5U60b0L`*Q8dOUvS206W6bJmonJdPtP=C6X$Ssb&)09i}V*BQNjfI#<$D`vhHE
zM;nzw0o}WKhbdJ|FL;&N=FrG1`$`^UE)u0o;O*c2n0gyOV%0cgLM1pS@P0Y|<xSKR
zQb4A>nt(;d>Froh36~o;g3(;$dXtPDG3&WRpt}7TG#V+tD|#X)@HWUOW$Iza$Oa1D
z*}RqfNM4k4av>|0>rM)-W$LIcMP6fBqFM)|nQQSEjcMZma!2V1B>;;Zy-BCNK8?&4
zJ|`nNT4sVHYbz+V1A_0fZnr+uA}B7qd{Mlx0gm1s#3il1(j1mGh57bAvjCRilI_f!
zl1DkN+NGoDL_iUndCsHImP8w$yzH6PERJ+p2Un_k3z5v}`}|mIyh*aLSRhL`wtQVt
z0W_RR@fxylog3qtp{N(su4rrL$hmB5=vCiW0syTg%Gk9$6wghC;SXi0m?yY$VhJoX
zaOe0u=fO^W@G@LYZfc>a(r3tP#lw<kRdc1c7Wm2sG&kmmCV^62J3(Yi9=D><ygt=$
zs6ydnazq`c3V&juhk=ZPcI)}L_v?JAqsTJV6Dd1eF@ed-SsVs9jtOGqEG9EwK90%C
zQFN2}e?gY9lNj&zQ8;I@6{~qm(zSJtp1qptViNhoW=_4rQU4H@b57Xyaup=YDMdmb
z+ja!6+h<d`JK$o>mV5LcaEfuc(Vf7bs~P<m&kB}S-5;Ft{1%}iS*b9sDJtn!lfxzs
zB`2fU%0ht?uZ*}5c%Y(VX2?<mlvz`(aFbXn!`OZObkRd(Vyo*2;+{8aHI~(>)SG7E
z3L;U`g5OM3GJ7KAin3#i6V^AF7hVl+3f~vcQTsqrkomHO6pW;ywiZ-9b&4LRMl)xF
zcC%9FM;N<IcEN9T-?DiTy10S(foF{a8#bf4qRdge)azUPo+MpruU}Yd6AavKKGo)7
zM%8BKV$GR4w+8r>R#<@=*xk{zR^mPP_QKX;uvehGbt-Dlyp>7~j$SxgFzI9fhWFD8
z9Hp1s_my$hS6YpNz@Y3d_6!q^E=GVwEKG*T`Udt)oFk@k8+-O$q5821^QMip&sy3i
zxa1t&o7mG1ZgUa^8>Jh~Kat$9Py}LRKqP&4ktCv9`nnT3B^?+rw<3{{%zG{1$qyq0
zi;!S|j1#F4t{nLm3L?<lSoWg$u?>&d{L1mM^>t$9v&0k;f0C4K2p8QRcD-Ljq2JrO
z3aO=hu3=3OO%=8U50bN-&$qH5K=_im4ihY+CExl&83V|Rz<qJJJBesp;?&x^LjqC?
zI9AW2|7)BxL~H=ABd%<cgHhfOFV#_u+w0Z+F@~pJ-0_wt$oOm_hid@=*JW8myNNiL
zbHOk0JG321<6Dx7BQ{zFKUWZ}a387dT^w56KSkkL(eS+B04@k8l@WCmvbZ_4X9pJy
z3&njGQ<)E{lm3+FuRI@AEBP+ZUunJ?MEB7wfcX#HP&mO8<lHAF2Ip<j5aa=$%CbiZ
z0ZUNsSTrc4NM!u%wP#9A9$@<XV^Q*44t-8Uv>%9SGc}eOs+n5boC3uh@tm#}x2!Z+
zfZNhGA`L<4ALjh#!UjitawIbqEWpDOB5=%Xf4PUtD9>?&eP%j~Vi_I+<3<b;ehAKN
z2Pa99xfAX>Lk9xX*a;IZe!`TY6OJr>@R;fRZ}L<DD_OdrwG3Ub|KD^$pE|%ePka~^
zdN~`9gK9`%6qIf!wj!0Xx}7+Iy)mL$`z32iGb5B+e@<NfYyksN_>toyyV$ASh^TMU
z?D(9*E(C<8SO%W4GuuCbsRP-+lWP{?T4Fkx5jwHCJTZa|;ir}&Mh-ey0y=hM!6R?t
zEbU07d;Np4@ejPZc3!7)cO>$XdZ}f;fCxEuUPS+~Z+k4j{00~~P>Z1<&Jq|okn&S*
zCG@NSN=~10HrK&({_--k`DI8mKxtwbnw+KV&=}X4ijNHqKRYU3b`)?prs7j$E;9-!
zJ2Y;*lNkjN@iU^~WB*ltU}XMjjE<Mhb?B>Eg;6HY$(Pj+twfn!RxHF*CeNWy)RE71
z@RLLJz6@brxOvUsI*`eAD3jwzX0~z?JIKgUOlGF)8T!v;$jq1b|NEHC-v7^j7>}IY
z#AN>)S0>N--_rk`$m}`<&GW>39kMk3a$y^eqE!N*5N{cV7HH|qD0JiKRsJ)ud-1?r
zL@ozpQ>;B(k;egC;M$&}$m<xyZQXqma}$XIv?&vhxq?CtwBkCI>2)Z>>sXe@0cw01
z$&A)<rMs-MZ%5_8j@EI7s~p&U&WP3#jjbHm9SA4~apyMvKZ36;pEK89IJ`V_5PfyZ
z@G_F=bqF@Lj1n%x>qth$^<OW;>v+ldU$xHI33n(UM;HA63kK?c;<<l6W?IKgo-%O4
ze2%XqpIt@){BQApRXLu%ntaXxzGWFWM&qWggn36ZW5oq~j955&11!9mFt~0b0;Gn<
zQ`v4eFH4za!+oAVsZvCf`f*hPwpyKL>2<9BV-VpzUzLP<*2Y_fw_p+mW8rc%;@Y~+
zx@<q^D3lQ^7!Lz=%K6llf258crA;Lg0c^*=d!Zv5VwSVLMj`NI5v?zyy!P}i#*gS~
zX%e)TPH=m((hSFd$mJR<IXdYig+j@%g`Fj0*~<9aJaA9V<(D$m&NT4f#4u$et!mz`
zdwt?boDU`RnJqy-sO)|{7Mww`N8ozt33j+1J=iLbBL2677#|G=t%gIfU8aXD^J`(m
z4w`YuQFV8H{|tO^ycpJ0QgG=^3QpYB3@q<ZoVoR|eYFJZG}M~yMneGRRqi$druj>W
z!P|@D<!`RYhcG|`n)oJ|Th@KLC^2KG$-4ZcDIuGa(7t-yWfz=Sh1oGrOQW5pY8OC3
zs*(>lFU9L$(y&H{srAdCI6JNlamg$7ky|y*tUfzCYt3Rhd*n%t<dQFu(9o-L{{M3E
z9j8XE%0}Zc7sXr=BAkAt-{qJ6c6^>5v(Ju+WM!>er5a6BGwVd1<EL{Iwdoc)Oq&ib
z?&9&i=1k*OLl?gM;2)3Fq+=RHdcRM-ED4)c7TPea37MTto?$SQ%xvbT@$+xFc=qIr
z(1wGJ&$kol*;y|TfrR1N<iOZ5xtf3Dd)*D=w%V}5eqqLDdXlhiCfyeMYRl!BqiD#p
z)*t=Sl6o>pVjD@^FybWwzz0&>j_`ls5rB}lNud?ANaciG$`VN*5z~X6`xVHblT{X2
z7ka?HpO2+y5d6H9B)cTiL<dD>R+)XU26|Zdelf7{98&W0o*ki3<7X7bl^a_;{Ju)P
zMU#KQb<^~EMEiLz<MTC80Xs%b-zEpX!a*MW_I26@l=huayV+!nes_A_dkr%-jQddF
z%}HW{C#?co9JUceaW!qWF*R-OF*R+SL%&LD+EPSDc0=f~&h<B`W1I!Vu~(SHvDlV6
z7BMV#=j3h2vmOT;{IwGS1RSjj35y1J;ykbLO0oy-_(!}G>lB2c1pB=nhTHaZ?^+2t
z^|9Ir#iEsy0n{Q1F$R)l7G_*Y=}IV1wUsY0M~d#SAl?&eQfPC<@u%MIu^qm+zP`S^
z-gs?VVRnKM6>Me)ON+SCPi;uIgXk+Tiv=H<QU18eKKD5=HELMg=eo}&(?_ZT{e0{|
z%9$JBf})h_z>BN+!x-$IbY9Y~hHakRP#on%*7~wW8#2z-9SW`1^(+76Nr~LS)4%09
zAv{ZEWIHl4DtiQ^p4VkfnutK@M$mZb>`f^nC!jSHQ07c~;Q#P45ja19{gdLi>q*;x
zcVI&xTDW*qheXz0ARQJIddEd_IgpXdSFiZG>0T3XpjXK)MZAdoIQuPldAd0B&*sZT
zI79e0OSYwkZ3qWu;Z|E8lN2h!!BTX%+;vLqE#K1zCbEXc)TJ4CSNpgfPRfH2T+f1;
zCE&4&1qb)L|9SqZ)|Z=`ovp9)`#Aj<u1}}ex0X)>%5FN2P@uR2MeC}<-Ug_!dp~k7
zvjei#0CRzAp?(<Pjytpzkqx}nG@#RG>1fZ}Aj#-Ok2MdX0mb{w1@8@3_kpns00Pc8
z&)69WP04P*9MMQ;y5P=FMk}L<vH{d*m>;Xa=`?ws5%UTQzlJ{^QopUT(X;L2a3j!F
znymr5`MCPM-u~M>n*4S|ALqChOS_3pG>xa>W)Vx{eMZrmIy9|kERaN)ej;-(AuuXx
z&_G^MnWLTGbq$QtNpV6eC&tjABwB}kt{*PPNBHCK!}aksmyc%~*H_`!_u?nlo3Fk*
z*ZJ1`>`x!x$MJbwNYyoYj9Ibq(EafVlc}C_Vi4iU$~BGf$0*Jmi;UuXWR$5Y_TbUM
z!kXyZ2t^o)1j(96K?!u*TBxnjvS)DAAj<i4_u1E#Qf-|(j3NlslGFhduQc{30Paw&
zOt<mEu+{{k1Z0e9GnWz~)0RZxS)0L>C4x~r7z_e$CTGES)*32Vj4`IGPYTq_O*7B$
zk6$drqYVqg3k%!Bv$}1O3E0VjQ)*&im!yu%>yx<5A=h(~h061D`qvei1xYUP#Wvos
zOU`?0oC|ZDotQt>VBtPgi}Cu1)rnHzoSfj0tDQZ4^0d;f-fu;&bubxVamxaA^$EKS
z)Fg%BMEce%s*NIA5mX7!*%29t#j}SbOA-2htO6`1hsG#IO5pb$Ds!U(Y@Lw`nE2uv
zt6zMPlL~n7;fexSqyn-MSdx~B80ER4_Rq+8lbF5-i)a9oWRg-sHMW+3%^pMlhcwk-
zxos|ApBE4+vs70+U;w*m1CW?8sgHjVxt%bhifaDH;ic_mjDi7ll_d<TC6;lyz&)lA
zVg~I;Jq(LO{qAHwWy;>RAL>Xs>`240vdU%RTX{QT2g>#b?AGTF|0`-vhTyyCD1Pwb
zMfLGA@4ZBm%=+xEm$Z+`@5@bABrH0p=_DOf-cE~SK#jF{wcTbiY5A<yB8WNVzGt9p
zS<!pu^HNedeNSbiblUjvrcyr|j(!2AU6F4LNs}g^*x_Ky`uBtX{NuT~Up{{`ZKNlU
zKPwx&Wi5(rDkv$IEvcDwq2TW4C@2ei8BJjE7_YoJn)=Q${mgI(iM=eUp-;R_&#O{R
zf<Cd_w!5%H)*@i)6@J@aG@|7p;ggyS4>{|@t6P+GNGZ*e`au~dGRe|2xeTpXx=D$O
zNROaO#!64hRLNDVqM!UF$20C=znSf`Y)w_lXoNEl4@bg0te!}H-R-a_Euuk)+?qyC
zWI`@RhM=9JCJ$H^N)B0%$#pTQ5SKz6qwWVy`>nc@Qm;z}@}@(6rv43(K-!$kwUkJX
zk_J>P<+anCfq{B;NqFN;d4xuO3^BSTj%;&BxG45G+VJ;_5w<~CbPcMJ#cA(QWZ^)F
z0xHAMCIX572yCule1qObEHd*AiJ>=p+aBJ+#)&u>w|lF|ev@%hTGeVSXgt?U(q+dS
zDBP*_u2-_>uFoEcV@V(Ey6>d_QyT$}?w={F_e%hd)+2QXGw?Gs>U$LZO{;uamui(k
zdZXLGHhwq!+GCeI8vR_|a=GMAx8K^had8^UqXxGa-q!mh@%_3(Z_Ss=WK=ovTXiDq
zVqyhptjkDTVjN3flRFo3(t%YaxmeWK)0+l^az&|~jb+qRGiXDvu-sw}$$C~$mxx`%
z?_W+#4DdlAqDh4$BpR})?Mi{%a(?##Tn)#nDykK_Yj6jSs+6?^BE7M5$TlH!pKBty
zc(qaMsppn<D!o6IduSZtXz93hn`5W`%DTAoYz|p4M5UHDHdvyd`87GXxm`n}HC~>B
zvM9(bdj!)|RuH#fBa=S6u0esM;E(9UOz7<?RbQJ3-jAqv>4g^L%jH<&CuC#LSc!$>
z!NCc{M9)P&CJ#Sf6nEdk!Lg7YK1V*+_|5adcz}MqGhO_KrH8y1LBYYqLEATI>uC3C
z0O!gu-HS!|r|-@MV`1NLun#{TQDZ((zIWJLjLBJl_VqS-&e<P%XQF}drei!xeme^I
zXo0RDn-1@jLHHSGZ1Bl>F0nu+mTrC=Q+)7A#R44g$;9gzkQ0Esvk};&!Pv^tvDOZ8
zIXTEfn2FjAb2$}+bC9P>e3IY`#}`f_y=%WrWq<-s&ewTNoYtcF*qoTTivwxDvbl?n
z+~QAjA|Cq1diqfDS<};1-!v{`xs*Ypr>kj}yiPqBeR_2@d*O5LoqC9%cZ#u#=_BE;
zgBThHz+z1Ki@8K&8Z1Bgc6b=X%}#DfMfmu3jJzZdSHU2%!;n@W?nI0#iMY=KxDua>
zf(pV#;VH8+lYKYqDNtm@?YA;Gb@Oy{QE&td9w+I-DQbSOVHwGx6(6THvj6W1M=|tC
zY0W#InZ)nf$>F`Nab{>7&3o{xP9FA<Tjn!xQse+Q@HLT=>;jtNeu!T^yUAuOg{|o%
znm8mDJHk9IeKRUrPz@_{D1~XMgA?-#yQBnmO`#~UXoFuuz2)YZNjnN#Ouydms?0n$
zhVb1kHcYQK>{q9Qlm_J24Y@0Cx=kEu=lDZY=orgK9{y@U>Ul7z2G+_Q9!`g>RixV$
zA%%0EUER6=xOLVNdSC@(ApN&F?MJ%8&;}8txdfu70~s`sSkg~9E5twADK@n<3z9?2
zu1d{Pk-75xU(-)iC@|u7TO?pr-m_tU-fx3RhTjjs#hkc)M$~k8_@0l)(?Rv0HT+rr
z>9}(Yaebc+rTk8FbE+lFh-FnV(&YItCaP3)`G0%OT$`ozohVZ`+|~@I>urrm)HWcR
zPQHPJ38rUR?E$%tw2?VSCMTK$&pJ!X4b+IBsA^hHokXuTl@paIQ0)OaPc_rJ^x<!2
z^(@NY;@`zTTl{<3sG#=rEQ0Mz_JOdlT!d7dmC(<U;L3S6!|vKwOHb$xtf6}!#Hu9r
zy_dZ<9o&&^pDGN)FEw6^rTR)`^4LUGiz%D?IamhXG4iv@*wsbQ7^^<6k{LgdCA(9f
z1O=ho)gXJQ?D%%WBP^ko4L2=`LigRWqdFc{<lr}hY8kY$Tqij-_gQVTsq`}2if=sS
z<6G#>`p!v2<7KSWw%NA)G9rSS>*rs@5>HfaB=E!K*IDqhWjRPKWq%E0Q8W@sWo?)o
z167-X#+$9vZP)wU?kHr5SVfF3K2(+fK|KQgVt3X)e)YeW^L|7UV~$cH*y`WRUiE4j
zj+}`sq|oShFEP7yk%*`WOJ7_o$gxF1CfFm=q}`cSG9JL2t2dKl*C!cj4g?LeWZxMf
z8?mnDlDlMWHXhKAl7$3lOCo2QK9t~-4-hlpgX~b&4%jGI6|Bs9R3jZllG^viXJ~e9
z^1@nV;{-v>&gVKuP}Aabcj(Nf&GFipy?F>=i0D17?NSo40Hck{eS1>NXwyuTGAhG3
z22wVHaIB_F!ww{nuGE!gc6wdmzs|T7E|%JARZ`{W+-pu{$W5f5$M@Y!?)^G>eVqK4
zV0Cwpozx6V|4Pt%t1fT@z;s*N0&N_0SUWDjvQ-F+gCz25b<=aSz#EqHn~GG@R6yn2
zf|g6-F||_V7NqqqSNtBKYXlNnWN0*9Ivyj9d&7j>hgK$W6QSw0H+yY`orY2SyaUfu
zWEPU;d-!=T@@)w_@{&3u%v>>5MfTx%9|~m_I)B(CdxNjQVBFIZS&_Whw;OSZ1=BQ2
zGFNf;yVlTy_5~BUsn8ri##WYLUudIMk`FbmVul{Y^8V6sNHz|k+|}j%jdV`B=K;{<
z8hCS)p=IU%lT3+GY|Gidq?{!4AW|op>awBBT^^2EkC~2(!h#Y3$&lVI<*&c(2;>k=
z*CBKgPf}uTjrttO>WYQBIR?(v*X#c>e0@E9<dT5r5`?S}fnz-%E0Lo@Duc)s=>ESp
z+KviI6u!%ROOW)iQjq*ymx?h4%f&uSoD@PaST4e!he~jrD@v%R?bB4dp2Je+OSM8J
ze)nkX_F>x|63dy#{OYbjAZT5Hyi)Xe_0;V(5RaNkp}YBB=y01HG#9?FzR>nZS^bgK
zfF5vuogSTjmcE8jPdB@FGinQxHcIH1Oz6Vhkdsw~5oEEUYleM>crGA=Ri&{ypsws5
zVM|qPN<FV&F)9FIWG@SJ?za)4`^B3n31lO2Z(~Ra9I<d%4$v5?D<KrBFr^1Bi2GPa
zMiIcs=ed{w69c8+r5=1DjAPe}DtQHNHGB$$!<Z3}4YD0&S04a9W>3PP+E0)DQ&AOD
zu$M5yy|^{sZ@bVPnn@*Wz(HlD0eycCvj27Nz|e5+>=St_PC5UbopR=vqEzrODgc?k
z(9pCUzc9B?xC0lqavWDbj;kK;t-yL4zI+IAjVTw7U?pVYG;otk<?%VBNpF15MGj-_
zYg|P?<oJ}ozsM<eSFLa6A;<J_G&soL$N77Z4++Wde#-Dw?1x{`)5y;r5CG{l=^@49
z84(Cgufch_{O)(4N`j_Vnp4-Ig3)}L4=zt{rs&XnW*X31GzivPhWOTz^g2UzO{tlP
zGaO&f0y5p8HM%PmX$P)4=`|WT-fH4>UFCu`X!Knpe(?$rC~9#??ggL=Am-`z4}Nl8
zQcKOc7F#JIKyR)Je?d**3Z<eil)qOmkku+%VBW0+Tc!l7pz*p&DZ-&Uq}ftIA)B(4
z7x<Rbxd;~tKTTOGr7*5-^W`SzM9(ySkyEOXtW^z&P|@8d;i%(Bfa~zu3$T-Q!t$3~
z5nP2!NEM!x*eGKZZ*kjJ$&r-lv|`Q-*G*%JvDG->qk<i2r#BKQs*VDqingu7h*qQc
zxWkc%Q|c;D6wf1Co_yPmkP0~D&xlYcn_w<n&H9@QoTZ`{#%^v#^r&c6>N_MFo8IXj
zzb1DFNh|o?<Zd0p&vi*-eGXg8|16c`let<y4Cj}Tb)1|>7yr4%&&R{X#rt`m$*!+6
zKjU92{=?tI)X(_)>F`d>`OAqszOaDdD?4?yP!N++35|i${6bGKO@G;y4c|5A>v`rO
zEQ>>J_X<_P7lPIa?aPxhK7xKLZJZvfGzl*6-NXI@mD*4bsINS|tEL|Z<qD1&3yyez
zWXIbsFJ80Y^f)&+YC`ndbQAF<9fDjp*RXp5<x<plRJkvjZn(TpbMek;&kc<;n4BzE
z4#)j_n+@5cr~O0cl4TmfB+LNppqn&<9y2y3-f`;;A=DXCmLDNSf`%T|WQx{Xe;4E`
zq#X9hq}*~IsaJW-riwN^rt}zMgy8_}KhdCK_rc&DYTp%z9z;SyN<*mpoExTjS4!FE
zHoFSJCT3~5y;kxztFmV^;79XTD<*u^a^KT2z)O9i0t@N8)`kT3Ezoa!5(x#v%AM2S
zHp<5NljlQXEae7x&roi%&Vf>7!awg*Zp81k5hffDdL6+k%q7sQry>cp$pQ~8%EwX>
z{HuWkEhiMlE*nIvU8(D*=e^x4F8r6$hr_YMY6)CyazB>;uW19+gU1Vo-&YqjA!SON
zd2!}~>3B#w&<SL*b#8_Oh(cH6V^`ggjHzs;4iT)@LMb00rbg0C6e8O)@ogeCiaR@3
zt*b*ab3HO2+)`<;BE~pbm&hZnm37#exR@QRmqc`oy)!mQ`dg&hu3i)I%}}hFY08YJ
zSh8HP#8WH5EFy|&N&&cDc0n8B_>`r46x%a~ZXzqf*rl=K*vhP=&+hRWa_uir1l>Gr
zZJ<Obs$P)G?Y8(l`84D<G{*TfZEEe|O>p9sJdmWa=+m7yzMvQe$p*=eDPvX+D`Tff
z)oih&$3;`BZJTwyo?tJI^e8WCt(mb41*ZUO#DN8P`lS@LmM=+Lq%HFsOi)iV4KZbr
zr<_u)hADOkMif*?anyStF&olI!9eIiJoWTq3{=YiOY^0+Fr$jdamvA~%&^zreiVyD
ztv|BJbOicRju8_L{#EvH4N*{4K`}7PIcYZ_noOe1+V}x`0w_~(_Zait{=~PzpDXdn
zF!E%dQ;)~;FZufzzCN64&xGzI(2a*>L!RQu^?#s9g0k7dqK19f&CM?axWvv#=BB*^
zG#$!L^D#{w&}^f`QdVZ%T5Sr#1P!Pg3sYc{DCpP}c{>!*_^nS%&L}w4&+qq-_bmVe
zD5gW=Wi=oPWa)NlwgDxcz&CReP6>F#Ri9tsE5gbo_4Va5#++hF#H0?X&oKR=DQ=2b
zLzv*-_xr<xj6_tNLhU)Y6zj8;U2LjnRq?hSk$)pw6E2HsnX(j8Z3E&6^{A4Q!c%94
z1<%}7HX<@8DtrR-K*%t&!Wu*{b(53P1~auV%{h*29`T7hu6NU>`*4pUpw@%`G0tP*
zA=9_##~_BXwtiU|gn!l7*PH7jwTh~-kYJbsS<xcF(mnbvrr$#R@ohd)$_z0XUddb)
zMYHEfE}jq=RCZy^F2eVyH0J|6*(jg1N)^qce0P!`WcYLwlt$G<%Mm)St7S%v1xvI%
z^fBfzq$@q()Lx@zQ!>;UNiIvV&USQo3&J?F(r)wWSK;cgR@Xc2mZru03l-%GLai4b
z&eTj03zXQ~Vz8&dI?fldeZ^>It6svqdDv{Vi424JSqEdDwFqMV#7`<}+Mf<{1#%8V
zNZW^jmayrrPS#5c7Xushyp(bkzy)p&<A4($zMzbfeti)CWdm&hWZU*6BZlT$&4?eF
z^NlxigqRCf$f*dJS<8xO=T59v1zm0Iaap>jC5kKF`<c$fo(t3-7-|Ivw`e)th1klJ
zo#T=yT#QBAwr$(CZQHhO+qP}nwt3sO-92B`%nQuFJi)2tWM{1kfvusct?c8K7QCC6
z283g>Io2VWa?ZN`iJ6=AFMpZLFLN_ZCrJ|&F?w0ri}e>raC~(WiZ8B>g3yL&>ag_Q
zf^%L;W=nTC<rj7)E{hwjEKAL{Yo;f_1m!}=v9Gujro;qlr!Q}6eq-BZT6%uM&iG^D
zL%IV3HOheu(A@0TU?>jY$m+7jex+v#QqGcLL)cY$&uPc?C3Qg~r59Le%<<S@4PeJU
z{X80(qR1D#wb_;J3*i(}T=C>);Ob)+#+#zc(;0%GccSvGb)CO1juG|}$4h7b+4@?y
z)J8f3YE=bKt}#+`>tza73(TmzMilfih-?W;!9WJPF^_VwA?!7M|F~3)TtYN0egoyR
zWu_UJdkaR&W<k(MGE~MwpSaw+i)%-3or{VSwTpBEO0uh|ei31Ae^BY75=0X+A4;>_
zzZ>xR_?Id{o;0ro<}1zz;{x}CfpWs}-M89}g4CqjiaCT7DN8cvono;V22CWn?2MiF
z-|TmYSNOS=`_0yYo)mz6S0SXjC}@P)J|a=3W#R%OoaMN1!>a0{U5^xhJhA19U?oRl
z7xhGt7YuDExYtKB#MSUgK@~xi=VN_n7EH-aV<W=!JemVBbv>P#!Lx*libNuhMR=!p
zP(VX#az2kp+drp$#tqDc?X$!=#@R8U#YKw7Ey(5RcR_j_Ijk5(Ij)FUkrl-NiD2TG
z@of&uNbwKN()o%+4q+%e_#JjnLyvAg`Z}N-bmNaIlyPld>aj;v+KBe1sDt_(bbG7Y
zZ*afgUwAzvcE!<0#gFlO)lx=3wQu&olWL|XfJ_;(uzsg@y0}y3p$k<9qYCCWC~)`L
zr3vv3{5k+W>)g&A%!O85mXn=~^#0DaoY9UP{BRrpOS_A2jVAw3YtbG1zTrAF0rn6I
zA9|D5pWF`{9z%Vhk7<q{II6F_iW2?D#%Vs_jy=ha`|P4Yd12Zt&)MYTU?W`SO=G~2
z?&gh^o5olmA`;(eKHdypDJ|T9wW7>eQ6$;=h|iaT$Q92zuUO-Ly`hYzCGOD`>Z?T8
zRsS6pawHHVK1o>Ym|6%83DnPoG$W~vEL`FB(?V<0gixr@<+S%u(D&xm4C|V%kNOVE
zle2&Iytpf&@a3rr_!@cDyV;pX!!dHC6f(6>V2ChzNHb%75L6hk&uN!ZgVa+(vjy3k
z8pzJL3Zi(MaAXWd0s%3<0>jjSy9k0Cam6+_t`wp7T6B$e;uIlb!?h1}*b#5SD4eZ`
zvNI0)FV3YQ6$t-<11p_QlOOKsB{F_C&Uk$!#!`_WC5Ov1Cy9o`*>W2u#^DEXle1Yt
zbt5Y;aGmO!w?RIpyXEuHM#Lt)JeSsl%#g_kV`A5#?Ha@&BYKnff$tf6mt*tM!9T_*
zIVRow=llC&MJ|7DF`J){uDOqPw!(P`WeEFu8>1u%NANM;p1-)wHu#TQo%(R8zXm?=
zZ$HI?<`9BDMSOS<pDZ(Pm5;I4p1DC*m}{o~c!~biy_w%vv7ucQ7W^{}*d^`QV%#SW
zfP|#%B5Xcay#j+HdYi)NMb)`EJl|8EnD^%ZmOs<|=dGR5kPkn~UY-tPtj<oOuUvdR
z;w!D4FsFx6@-I(#`X=|zYf@9gK*>>Jb^*uP8&y)}zke1ZqzAS5WL*C&e82fE;!9-+
zN|d~v*O3Ptr$$#EboD5`?;OVTaoP>-Rlp#D0v~2LTbu!AXloP!c3smC|Bd!=jKv~5
z{by74o2LH-3fxrb{vTT4>cr<PFMVfc+p9PIdQQvvSA0yu%>O%V5x=zCL5{@*3y+~p
z3f!k0B^F&%OT&9n&Z_qu)rd`ML6t)$RH2z3+czBcS<LCP5GEKM8%+VMe&+}b-)ps-
z=(^M&Ae{N-c>fON#tUH+5~~*nVn>7S*_oL^WyqX>Ae?Bv1tsbO6ygl346EquqhYL8
zVlu#S-upn+0W~6FoY~caD*?E1|FrN-|DPV8()Tn3VJg7}#&V=9oyBRQXUrxZjAlO(
zK%BrLLGx@w78r}lh66P7k;je4hsa6@BVIJ@E8|Sb%7x}b#Et-IMtel$Qj+M7Gt;xp
z4rN=1bTV+3-9iZ#{J54yH{nX7L6nU3jZ2@o-|ha5g>@WN9?jhXkToq$wUs@=V>0ad
z@pRV9X`t9z@R8)eDL4XY5R!a@n1dL~wAVdS5YOrOy=w{@>ap`x2vmp|!hcp=B$O;d
z#?yG}l*xGQ`Z1QDsgT8TVlbDdLrDxoL?L<Bp_|Z}FI_s=N5L=Z1VM{S$lxeNZ2kV(
z57{*2?HJ^|0)WdW+(YR7GQx{A_nb&{V6KD1(_6l~V5L?7X|u|4mA8H`SJVQWY)^LD
znF8O7xGXvnLPVhRbF2TRZoarZdfVg<v2k*%KbfImQvg=X{}SUE6wH1*bUrXcilq-b
zDS3u&P%*;hGlQCbfSa|Iz{^5Z>(^uJo$XTCEgRUlo+G$N{k!<~d`f~c3c)yz=4F9B
zj-J3ko{pe49bMF%@(p<j9Hi-x#w6lE6s;u?xnv%^9Kt_(U2C_@#TIa?j7)l5oa(Vc
z$J}Qg1~1{@QR35Wo1NNSfF*=AlEZmr5|_~>4A2e)5}-n=qy;iN!HE{(>^X!q{IV;s
z6uhEB<gQ+;D`f>ut2Q=g{K0*nsFY<8XAa)JEqR~0<KPFV!cxT)!MhxbmPYQM4LNE{
zl)shn(nW?t#8)MSRq<>64FRnFiT@#qZ8e**uJasuiFtyoWtjclDc!V|ThRv_8{(%Z
z@28KvK8fw$n+4Z-P{7z+4pfzX&;Nevy06}2w-V6^kb*D+@a9R8VywJZopo!FUzyXN
z%<Cp}v#}t2V1c-Dya5DuD&?E6$c3jygXC%+M$fvnv?&1%EKIx|2^2C<1gIt%ck=rF
zr9dtFy@S>J4!FCS=!AC-&x%VO!IwoGS{S|op;hQuTD+NxFh-9B;gkHW{)4~L@D2u8
znBY_ck~mvznI)_OMA)Z9%OXPZp42Eq5{dl+aA>7zO@$X)CW4M*r?OTh_s!hQkDgr-
zBi6`(bGx}lz>mUvtS^SQUTNmoIgMvg!QaU5yddhqMM{<&FEXlW1{Eh<v%#>^o*#+s
z5aP35nh{=?^Y?i*s;97H2NO=A-SISL^dvb{t_G2bvIG>e!g@UkMd(?<oiO9m&8ML3
z84g`+BM001`+4tnOJH1jbqPj1a<D7;VGRDwSArjwaI6{bv|jNK&8wFY+sgBB?q;(c
zKCk4}A^x*ujdtQV<Mbijj&$N^XZ-Ask!O6enI4dThs<_DmrYTm%R1bWN!U_Q2Ix_J
zK`HU~SVOhwziE0ux35Q(m`<CcJ#3n<u&<cE=C2#R13%5aScTyf$W$28_z7#A1S^Y;
z5jsXttj4THcJK!$LVSpDl5waC56Q?E7frwWsGw)<?9Y8{%3W|Njcj3adYkDBuz%}K
zFbCMZ;Bcd>+K|8I=$a4{e4-B9A4Gm1sP?g)xIRi9oqs{>o+nym#M}6^V7@b$5~L;z
zVP$d1g%DT3TfBwFz9E?`;?&NlAg89>p<2qp>B8}hT(&30v)RJcb^M*V@sAl+KmH`N
zpq}2SaDVhk1>&?!{MQE5T^+untx*6E4&pXCCh$ZGXb54)qEiNR1-{fOn%~F~@nMqZ
zBHj|JB@Fk^DcjB$$n#vuZ9cO6{2rYhZ)qUDG3n;2HAc^`@s$gNbcd>@?{m3{a3)$M
zC}9)@qR>Qx!kno|;zSr<7fPr3AkR8&^{Qp6fWvEojX*h(?$u2W&*d#b>tw~0w}^x}
zOW(36XTxO?wf8VX{}N6HvhY7ntO@BX3T$yg2Wd8BtE4u;@VNpr)S_1gd8g=rn?t*s
zY8fE<E-BUDkZPCiEwflmlN?{UAP;d_AAVOGcv&B~YG{lD=x1XWefm{)*v--YuUiL4
z-__fbi@MZ<tGkv2`tbJY+0DiE^{?B6+4^!~@((rc^cO4J1M8zJX9vFbvny2`Jz3dV
z?|>?79babR%V1J!kXw?!HNNw7J<EV#`rL;9Iy?9b+r&O-;Uiu17}93#+@}#&O9ymj
z^B`Xk@$SsW&2U4_K1;Z+Avyj5U3O2>u1Mc}!hUs2qLQ&gwAOK*ebQiM8L?@oQcrd>
z{>eX}8MYsEvS0@U@?P8jQfYlAm{ZCDDlJhfut^0xUluFUqY+rU0V9~yz0$Q+5oFmY
zbj3JYawXB#{Dp*-V?s{`QgW-DL%Ndm#-DgJ8nIOKtPYm4C`X-$^laKj&;@lBnX3um
z##^s?&nFbkUjPwZa?|*Lwq)O8R@$eXy3m7W%~LH^W~nOKm>=S7^KBcVycz4^enC|$
zNuFqSsMdAO-^QQE#9esWiTjxFvfFi+;6lM#JpykR_O-IQE5&I+7h;oE?HJw&8^Qw9
zgkL5&za&Qn^TCCgpVUzax?ENnX#ZpxX!_Znmyx?}>nPrJk(g_fx>w!6QC-IG$47KS
zjKaG<G<W7Dwl#jbjj4<0t}`eFyZCALIGRfN-g*k`_Z^71hUuG;Qt51417}Z^5f|(N
z?6RHZMj;j3d>JjVSqCR(6hyf7t+hhqR0@Oj$&_<}+vTG(WZc?$QqO0Xq*Nz21sK5b
zwCP4_Wt%^3z60CT&(4aL|J!#L#!w0Ty(A(S`;#PGc99DOf@PjJ*eo{okP<<PRzRsW
z(?E@{J`r+{-c2D>Zp3K=2<@`mkm>ahYc}!41yH!<6a02?9Jmk-KvhJ2r7F?^)3wxi
zujS7XRnvqZ**TJZmACWl#G*L@!;_Mmi$S@|mT{M;rEyb@E9n?Z?W3cSm}8cK9V(Cc
z!8pEuWd(_HKzL6HFpH9*VV#<vM`PkxtQ#dIRg!2y+4w@=;mPV(b#XTJ*00%p1;ks%
zX<AD*^~_zXWSS?_vnXo!d-j4nz561+w${d+rp?xvZXID^PPmttMPPWnzr}uI_tLjC
zyN2+tr8Eubc9YoaBedpIpQTTp@LTn2^8S;9Lu|PTVVy1`VH=s`t92@Y4vk}2y3q{W
zRtS^FLUto-RSABK;CmM>g#-#*U|^9LP~dJ-&Fv3)CY|9yDsWLA<Z>4@OH}6?PhKSk
zY_U>c?t9X=j`}os^W3Y-CC9_=QH=J5lh;W`ME7Cr@z_$$*mOva?qQOGtf4m%kHIyH
zQoa~y$9aEJU!NZC*MKJ*dx-NhII>?FSiBIVpWj^NdS+J-jucg4j_|O|XB}HsXrp0}
zjF((`T1i1jy(4w`TnLm;UxIqX+QAdKj~O7@&zL;;2R`e2q3#(2Lz$4w&aOlTe#%R}
z>2`Yr9vYWw^O$sQRTU@gC78k#XkvW%A)r?djgldYg?W2y1b;H8kt65T@O+4=Ix}|F
z1h1AW$q)N}-GC3RpjuV5pZuZ=a&kvV<(^{metg%KSpAV+zSH+kZ+Q#nE|RuOYiKfz
zVB`;`{OI%`b;F{?Beu<}nub0s-egxC${i;xh)EDwPq40&A4Tux&6PCrA6Z?Cnvc7W
zwsC>m20BI>zv7eJ^&l(a*;nTl6`ok>9TWnFwDt+d+=RI7@H&l<%#FSQOJ{;^gEMd7
zdfz<4_=vQMdACIYi{Hr~ubE0U3vQ^YuXaK1a<PbYK>S3LFe|``7IFj>6&&f&VC5;)
z`(m@vRj=Wia7K4**?Z}9SoamuluF*uJxXw5D}9&0zysoHD)7ESat%iD$z&OwU#bbI
z)c&CyQ+>5rFo2oXNJ$Vz1!f9v=z_JN=h(Yw-1Lt9ugvY}3=QHT2I*xnCw8r6bzV!~
zODOoMs(N5q2p?wP3<I{2JcEVDAl4D~bW%kq&}!4hJ<gR*nA^^d;bt>z#iu#X)Sc}}
zvriovduZLia}JKSAeVW(A$1(8#w5`klkSUh5Jbh;@6WJ*vUmr9;V0%ogjqJ*DOUTx
zXN1(|`lL{T&xnz8E-hh{0o3{oMp>D|Av8f3k&YsBQeYs$DeF#}FT`1ZH`t7of%KFf
zl(jU&m6#TsRf9l&zcG+rKz|761>Y2ii7^e3>A<=as?)@~=${fmn8el@Mtd4vP)y)-
z2*7lI6u0q2U@p!*wkea3!UmNATzqRv=XSJlqd}!Tc`E%rwV@=~&V>z0ZrxN1P?TqX
zeNhGid7?zel~izzVkX-D?bYIOR`NeM_;dV|v#IC$Zt09_V-!6$%J(@`d2r%8b5o}U
zX8&y?wO^PoN_5$bRzaP1Y)x`6{-B)6Zb$#(e1FJ>n^iLI(TvgeB2v_m!H59}F8qOj
z!Gvgz6BEaCT~gfiLt$t>?*Jo1=cQa5pcTi3Aw8kcU<jNlU>LZJ>)U3RNFdB~Jj(Mp
zb7a~RAO^d^U|a{yZlhc<Tusuz6LnQ_aTM|gpN)>!NoczvP!69CyD{%*O?<>SxjpH<
z*sOiyf~o*~S>kr$^rp$lo6;+JwU@%^q%(v~RFAh9)VsqoV}-WCS%fh^aZ=b~^T3RC
z|9v8=V~~GzTcjgEodmXTjOUCG@Gm=pRd6QLp>RHao(k1;qV4(Ub>#^}y|gv=ZOg8X
zE_4;KbPZ+qj)0(lU3Z$diHpt(>kf>%@_gWJx7oZsnxt0_aI?!^N3$K3xq;?Ii9K*b
zg|1N<uxqfi26rXj88S38e&-F<iL*7ZR*YUNVednm=5(qsxCOpe#GWFYrrg!mrkRL(
z6sL9gN4e!e0@##=bucsg`Ye?RIdBOCx@9}V>A%Q=dp%_^`Hhu-gkEYL!Kz(z%7*sV
z&g){@xEqB=V{2~hL&GZ$Kgb{G$^lUWio1q=uaByFN?cJq0l5{>l?bl)@@q_JaDN<h
z&*J#nI%$@laNsfm?SXR>#M4%78lVbL7eQ4ipK&Gxyw_~zt9u`F98ZS0%_B9r&afQ;
za474LuQTnkwR`SQ5?U`NGoYNy?_T-v{x_Y+p(UN$I{WhkWHDLl*3pkBl87-82tfp8
z;pdqJS~Sl)SN)ic*Cp9$iVm!9rFUGZKv_P}GfBnAAxxok#?KrBFUth>01NMVTPp8q
zu>|~S28G@tecrEQkF6eQOLiQ3GMwx~?{+P~)Oe~%3AbS!;Z-N_3N6_D9%%2b-Pk@$
z&T?`kbTFQ{U6DI=673IuTy7UB{P=!=|E7RQS%bJ$1(eo`l1!WlVo|qZ!I{Ow2JG1Y
zRH<)Xd~eEXBCc3CBS{Fqi<_J&im%<H1{fD-4k?h&;>ZS>20y?f;+UHi!`ZohHIxf*
zheN72{3j}Iy<mjVQ9jHEMX$M+Mun3U$%)2P>BV*kY)Hf`I`x<h8M*6=Ty%gtIds?O
zd1>phGIZA0eQoNo;EJ!v4~j0yP1zT@>vPO+{<?z<Q?hjVDZ8V8^XsbreqE1^T=aMW
z{p^d!4&C&0M_1(MYBDo2MK3zM;&!H74PEqDMgQDi^9eEjEU^ktiZXq%3@Poba26Bk
z!pA?Cn6IerE!6$DpvhtTwddC0F9NizKads8RLHvapMdz=fjg9(NF;^{1!8)N{9j#l
zAxl>V56js!j!)k#BkTyQ%NMOw%~LueCtOOU!xBGbgIGzWWLQIQ83N0I?5CyBWD21D
zDfubtHkd#e2|De2XoNSB!S)w7?vzwsacglp+D&&u<`tcSKm^g=v3A^yl#J^3gJ}Ut
z91y9>qCoNFZ;Sl&{^(k<`~9vLii%%D=qjDDniAQ@>Of0L@RATx1HLv>^Yry#`n0tJ
z$5$*Z61hq-*g<5A4BqheAzhjz^m+^^UjytMaN@#uTQA0b9hbvcG}ugeRo{)*ToDfr
z>#v&rDOO`;b<qsjQQP!yC3xW?7P!<g(_o*;<Ef4sWn<Xr!4H_3fA8Ftj^k3V2^V+>
zB>mR(EoPR8?KNS6d87?A84?uPj11#}R}YT8YWS_xkS54j?2+qhd1A>laxxDX^Bv~R
zgPp-ue?ufb4$UhiZRVNd1Vr&HMD)A&rID=jKZeQ&3EZhyZk;}Yz;92=6J-|F6QSa-
z6GxfBVHVVEy*;`1ePMeBvDOZY8f4b*BP>}&j<6&=BA)b*{P~i3+0B7i{PONWb7VJj
zr)n}#5OxZ+Ez=EeB(FXmZy%`jhezS)Mmt$UX2mZ}KlT($%IAs}_^C6XwtlDa81<^v
zXEe;__C9v5XhFP%eCp`m*<g3FDixTf>Kiravbg=zu+C??**|Bgebcz+<wR~$A9#Q=
zR$UbCq$^hcJ*kW=EZ5YAtu^YV%s)5DrIQOcmd<Wut&cQD@_UVoWO}up4qE_HT>bp+
z<M^`H0`>%W_LXH+;V>jYIn)2|Y{XBZx1y4ZU2QP#Cf2kgTD3X|mh_d~(lvFyr<X4|
zNvX)N!;hyfrV~>`AAzS-Sios$t#J5?G1b(Ks5*KB%6Yl_l&__6P(u@;bi$Yfk=io2
z-Y7hI?xZnty!K<#2KLZ<Mo_RX^y3%Mg8k_GWC&K^JmD(hwXLfO!@=4`$Xc}Yt)g_B
zUtR2v6kfU0#;o3Ebcfd}yn=Rb+6Nui(o!&Yf2oK;MUbFFg7M+Njh-W4P?^8i^V`gy
z=}<?7Slv*qq8opET4x{#jR2CY%Q=zKoY>W#Ft{;EOhFlYI~@~gy|Jg=$+gn@A=tJv
zL-iK(>!UnPQOjSREM>aO<)8vCZ2(*x8Lfi3T}itCy{t!z+P@860wo9Tc9hY53nAq;
z&QVr&&&sR$HMmIgiME3MJh$4;-T+`v2pm8_3DK9uTG_`n)20@QK)+gA;D@eIV=|(^
zCTg@Ubj2K}cqbW%Ccbr<EP){OVe<3naz{>JIY71gyfd)j)8uSQq@C<!t-m*$@SEwQ
zsKYGwS~`iUV8RX4^hOneuSoLan*+RE)09qZH?3EX_5{&qeBBZ&&5_l$y@43O<w+Hq
zsNgL^#*S|9s4!jw8pR@?!Y%prtr`sI!%~<jw94*;1IwflRW_i|gs1)JMWD)X0P0*P
z-!p+hwko4Hcv0$HG10(4bdwLX5`?eAKkQ<^_4$jRTi9E~VVv(mx+<4H3YS=mKSj5Z
z$iUK*QKU}IxqM*eX%(qC#Dzj0TH(9I4yh^$mwTV@;Nc^M5nm(mv8MEmWL+4Yz6gIm
z&V~balr67bI(vzH9~SxgZ8NkAtLAQZ^PXuYQU!cg<n^1FpI@4sH-3F*mOCE3=R`7z
zZ=w0N%hD5cyRl6LT{#tmM`EWMQx6Tcm}?7i?p2G{v(dydD8Ce~>FP{9<ayGh++B9=
ztECE>o^(!${L#JeBl@afuAQG>etUd)+=@*{kKJaWl^eFJ3-pc`_<clzGUx#TPu1rl
z!hDi4j4=B-iZy8xUW=S5*?u9e#aO!kc(P-dX;x7bDR04eD3ZejbCQ)*441S<rK9wu
zx}xGMY863BT6#{<FAk_bdRh;S>E$G+uJ$cSPw*Q|R{~Z5EYdyw7U>LnHrsqH5F-f(
za>D_f!h$rDf{Zvh!3bS9m1q`g(r%W28mW-t0bRVC1VRIu(!|!&#4jpl)5+Vq#MYB#
z4<Puq9@#crYi6=WH{O|92&Y$XP!rU}h7nyBWIvo8PfPV@{=yz{+7gNf3}Ld5nTxf;
zF@CYTQ>Zid{mS4iit3^~=8KfWcvZ$r+>&0_j35q0=>QZ!H@e%~5h<C8arP|^k8XCY
z$qVI?8(D)q&|71*6pZ!-XlH8mHbKE+?6=Mn0Y1_q)K$2x+vWA$B=_{`#HT*utSvB&
z*`4F)CZt>KB7YN3ZPwklN)`U~C>ax$>zY9{C8D;EcG7>I;yzMu5vbDXwhBam>R^#7
zo_of%Y@fAa7X5WFjoIPlo?Iy;5F}~i0t1$F^`5$jrsFgE?f@5M0gG&}E;<F`Tmr~|
zg1}I}3EVrnKrbvmh!UfDgVA>4li{>tnXn}rFZD4g`sXg=y600f7zKqaE!H^CQa+TB
zc}7)PChQW+rnAiV42v|ZY>Cmu2F{2pp8W%(OEig>tu^i4Z?M|=<ejgUKTCo`%Sq5;
zdt{Vf;&@{v?_Ge$a`;*?8h|;ur)?kX*CJX@Y?jNS_n@KK0+<x-2gr|td5J<0At{HI
z{aTWkDL*fM#8l-vVeDjyt7?0e;0j|ES=#DyI+`{-2#8kluTA_Pz1w}38or?Q^1t3-
zheg7JBW4k%h5}W7G25P9o;?0nwlfR5X1~3Q$%oR+yw4vFAD+45)}6k)=7SrLeq9*8
zaNb`_l2430@#W!Ovy;AA_Fl~^LJFsH2lWW;F3s<_2jS>Q(6U4$<$QdglICn2gmBb1
zN~q)fHk6=-@+dnBX9^#27DDnP0&xdQrh!fRr;Mi{iVL0p<N_wK@q}lAGdAzArd1Zk
z=%!Pe2gp%V0vLpaD-?jRgd4Ng9O3ZR$n?hGWH4WnU^+K^{kt&gu<dWZ56emwN5-|q
zUs+jwwx_kg`O=^7uR-!dGT;r=Qi}zey$Epvvdp-)EhN35^e7`*zA^YPM}pwJ1s58*
zXHVKx*SLrG0lnkz#7Gjvb3>cQ_r+a?9uzhgF!xn*q}wazvLUsMoGXgz5LPlicE8k?
zs%zuI_F=B<SY#mdlhHVfApCrSv#!W)GnUQK=!Up&q$>8erWn{XTbbQ)VcxTU%3$<{
zD{{8<75dEaa6|*#P>q&Ri9R5dN5M^A7lu-t)se~s#?Sy9^PR23XkYKM`<3D0Z=|8^
zXRU5eRc`J<g>n6wAeXGA&nu$<|3q+5`xxcO_yC|5bs129NjMj$7Cs1jlVc7F&)i3z
zBN9Rr?zVt8yk+f8ua;e+QnD%4SN|T<J$&eEL{BlY_|M+bLKkS`lm5DEX<n_*A=k(d
z&w?mjinsk_p4L5EcNB?Z>0+n(RyRbP1ZnS|QEYY{1Df&f3ce;`<35=Oa6X=+x^E{u
zhJDL2svv`>xZrr|LANN3I{Zfah{n#GBA293=vDRJ^Ly!a{O=w6u{mZ%66JPWWB1D}
zo+Ra!!@zxOUa*%;H+XRgf@h(r3Ty`tZ|&~3Nlz}NMQE#?(rPIeVge9QEJ<fQ!aN12
zhq~~p%(rH2^E?iiiwB_6E-BEGKq^9FMCDE7yGwi=esCOoyI7h}UVP^ppqjw?4}=8n
zx{`maL-}jnz%Lhy=tQV=zU(Lid|Qi$OZXl?zj8kl4`|vZH+<Fk1^DRa>~b@a3LFqH
zCFqn82B^*XL|a7o1$ge%PyWGbSao3#^3&PN2Y<XM@a4(k;Dh4dQRm~#_jTd<lyf&j
z_wVlDhj~JrZ0-@VYpZF*qZb4mbAN|(OthQ!1QZ-;tfYpV&?44uemqDqpkqQOP=u>X
z7T62G0aZ%k$wzF3IXjXB4A5|`Z6}hNUXdZik-+cYmSCcYyBgcI_3Lj6^J!e6W75tD
z$+nMWPdg0Pv*cr=Sy`3XM1rp2FxkFuHA!$&Ok%Ipq5kOL6}NER1)S0?BZY<+h<JC`
zGLNpy-@9JG#t!3;Il~4%c<{ZXv5dCj)()DA9Wp`;!AFhopvl%ae^ji1co(FO&HqaN
zDr9X5P><72X}O?%9?307QA=ubT6;qtu~4NVl0=wH%ZejeRX8<WJgIqkn$>gdX3Lun
z_s06$Rrb5CuXH+nB+~VoD>P?~v-P)rq2Fcrs5nfjOkzH1x*U6KtV;i~O{&7=@%{`9
zrXqD9E;HIy8gaVMxq8oV?9m#D>HNz!;1Zz3^A{lHFws1u>-zU>5P;Y4ZVcj+lf*PC
zF6555XEZBphW<{+pV7zVOaBnpRmuBskYbDPyS00OaaYU7!NMImUzbrIqd`md4=t{o
zlHrqiW3e_9sG25O(>q+CNFTDvmAiDr3ld>x3x<iFti@b~XhB8u4rq>=io|L-!6c>4
zfh%g{-ls}YgobyB_l6}8gd!D6Nt|>xBmot6OH(~my;!Rc1$~RF4G{9{1pL?ma+ifw
zlxZ;BVk~v6!juQSVwtf<@m_n0r7213H!jSiN}gOWI~D|qNobCb3<8Bx`QvlFZV@It
zD3ZJVAbs10O9yp9FY*wTYVa{`XhAe%xTwhqx1zP7E>SR|Jm)t?<2-8`<e%j9O!tAN
zt&=yj>xsiDrXdPdq@7wrq*-no5*D;;xRq0f-0ORforYGYNNb2Mn+nKnM47_ya>ojj
z%-2ypf&wx!1r`vL#%zKZ!BUU}$<KySEaXRtGKml*CrAW>BOGio#nePDR<r>`yu~`|
ze535{cnO3qG)+N?9s_z+Fshs?&BXH3#G96$&4o<sKn1DqGA*K(6$aT?u*|&TFu9u!
z&#>(|gemV1yY-;uKlxG>P9d<VHn;K@bl!3>gI1!_7Myxb?o4^S<m2WNj(t;fQwg%c
zeim<60arMVmxQ%d2Kx5Rc{<h5>b)uOW*ur3|G*t>wFxp1>!SzYdfRA0sy&BYVYH0`
zmVXKz8#LmyO_^jkSX@wzOFp-LI#&QW9FEuTT~!URg4PW$EN9R@B*4=sQpT><r)&xi
zhkqAY`b!d(bn8*qIvb_EirWyaF#H$9$^S-g@7>eYj5kA}tdbzj<CP@V^Nt?tMJb67
zH^pVAnIFGdkW$b&4oqUPFr@@UoPIn!0)!Iz0R{SOYowxJ)R$9!CMqTRPW7-c+v(lo
z1rrTVg~a)hWn+WXXynzhEyc&Yn`Mi)VS2Y8&aLn7?ph-pBnq=Y)5Q^FsvGui4bOS&
zj5NUtaRB$NOjQep8SzWCn*=*8DsygQPVeSs_*g!uIo3t3*l1x~-^HUlrTm&d#gqq|
zmx<sf`J(gfSp>gg>Z0q-ti+}0$pfvZSIp=GA)P@)w+ilgmxo2jIw+_O^s<#Ktw<C#
zK4-m^xtR^sroXL0T88(nNk^2eZOv4GvsNqx*<O*jHJuRfKZ2NSefCSmX)f*A<~}gQ
zUeE&linI^aL}mRtoG@EoJTIces0E>x0^MxlDTmL)5xtTe3nEe1aOtSdP28HsqM}qD
zI2iY>NsdU`f{xbZ^`wsSGdu;5O*1J~J1Mj^4`v)6hEIOc%g^&@S$E02{WE0QHGMO~
zi95S@BXX_^E73H#a}C5LkC9^gHKE&{F+ELk^LKzsA8l60{gt9ENO*xP6_s1d1rKd;
z;xOcNMG+A9Lp)?uHuZwzrQbinaWJB5%%7;{qF3fz?JtrognV{z5=yBiOu8d#K0Z+q
zF<F!{B=uhXA}RwgfZb;I&`NH=)&!5)s4Bt<;H`Oqux)p~MIFk9dA3?LfzmsPU}Zvq
z6JTqsc7(-)qm>HwnhYNWNwawM5XYcQ*#_&i>-rmkPW;lUsONF|^yAnU=Q2!f#L`ib
zMV3^X0v7T*LI#Y^3}xpqDQNk^JgGtjFfkjDsFZoCo2zzAkpV%oC2AEW_Jw?3GMsfR
ziHhW8$on+>-PQtW#Z$myzxtpg9rkJNi#@Glxtk!e?+YmcnYn6H_5C$z7`lnAouTK5
zu+)DmtT{v%F~z6q;t8@foIY&WXo-PCi2B0muxc#Uu}6%b<8^RF^;n<OGg(4<H@ZFI
z*TtK#IC-e7hsOxj!;g~lmCiNzEtT>tB0Dv6bdkeAGqtidMl7*cq75|SF(ivf)d4&;
z%vtZir6EWpKRcxfNC{WLogZW5BQ|Q@BF00Z$jim-#*Q=;x2sdoH9srH3v*}lJ`5%s
zUzj&0H=_OMw7;zWRw#CNbUvTd^h1islJ)ilWM(TRqiU{%&{Pztb}RF+!o<(l#Tj!A
z%|)|HpcB=S2s&{3(zZS9r=o{F)gnw?y>qH9do*a>J?f}=ZJ#s_0#uB&%bi*(kF2XJ
z@&YY7M~k5NHT3a)wYsLJ&{Y!2vnBk+=T90fSzt7TlNdVFt9|2=V@INB7}nC`hbter
zJbJ>oIN$@eep1Kmzm=U#f>Q%jo!Vh(b*ykQk9_Za=^m_McmHx!NI{FTstACXn8QQZ
z19N;W$)A(vR>`u<rJK$VjQ<l6a*A;1y88DDxkir4-cqQ+h=6-(DDDo+^HA0I8UH4)
z`^oUYkgl&@Sf1~oI{pmp{vCFyxVn(6AO1oYk(CQ5Q&zZ(X!|+o=VB9dG1H!uci#Y9
zBS>!RHF{RGv3wqT27i`v!p&@MpL}t7xbpg3BZXh!K#=1H+Hs=OCf3SOz)oZCSKa4R
zZ?!QQl9WB!NGBX8C?#C$ls6G_O>e@<)R4#kYOsCRcRLy6LOVtH`gO!gm`s~DQ#i$|
zBPHBbzOc(tw09>;{mA=Dg_cNceBPVOMpkc{kK$?T3W?oVT)Eth9x<^Ta!#cm{S2=U
zj}JcHdz-UA8XjkUjUl!!WLEQmM?>LGd<(6kR7Y|0ryoowSzVRfL{UKON=F(yQzO(&
zF|J|!sj`v`u;Hrps?uX3m+;e=z`?RY0tBC~BX^+;Ao33?2~!1pSGb2w@G3lORk)>V
z6=+lVj`g(0oB%4iIl|kRmAZ-U0l62<I#`3t9+C{GVhq`xgmInD{R31B4%aA{bA-mC
z$<YAu1qVz^S|3Isn5m{*iyAVgkSOt)j_FzHD7VFzHlEq}VH3vPW|l99_jt|#`Yj~e
zcl}#JYeTrU>G?fdIb<2uRY}`~ysd1MXRRrn>I+{FIxx#4L9hky`!1p3V6Aq$Q$i7Z
z%gFV}JW#~DEL>n4VA;n~M#Gs?y4P6Jd<pY`)LmmH)~Hn$+=asSTNK>x-oXWxJGf%X
zjd`}D;dsB>o>b4kr+ZyTr{6d~u^s?H`)};*5WR@tR^bB#?w!f-_bIe7a;S3gH<f;A
zcye$Q&zhod?Is`I8<589BEZ{Z7%7JttQD5jZ=FxKfTc$q7d_iHQT)T5AF>2YzDZF4
z<k!f0F17Iu<Z|tk4vn)9<8aENJ=*qC_-H@L()G<hC=MpJZG&=FF`tw31})j>q6IRA
z2Fah$lff1bPt(%57$Q_v%QQMR^c6UgM};9>GBjPa{)R9W$${bB90{s;O-7F%5&o*i
zkCaGxFq8Up8f>(65Ef|NoF$j&51HdGgzEs?yC*V{-Gp4r2wNwsi&FfAJ-Kc)#!H$T
zQ|RGNOql2SkI|6fB?O8>S|A}rTb&T3MoWy>5HeJf^+*ir{QR;IOA&n0G^1_UiHG_m
zw6;sAP9_G_l#Yw2-RD--b}8SSO{>EFmYOpNmPdE{r1Q`I)2Y0M-w*S@6t9uj2H$JH
zy}Y@(yL+)4_dhxwo&JjsKKqBsyT!X|!(fl2yXJ>)Mn+!iWzIGY|2dsH(Mjkl4ko?$
zW_UwQoT{z0$Va|?)pR6gb<N;spoFDyB;Wr;>@1O0kSOu><TEwK&nacQaE~k~mcI)D
zGg}Fy@s<yX7uGVF`v37KKIq}a=eviEzc%r~1c0I~j*QXDk+>Km<X*uah-lUDSDYya
z+IJWf+x-B{(s$d|wD|vX>6x7HjGNLL^p6+cHGRCZB`gs^5+f|}e<@((RWu-X50j=>
z!c`5&VbZYZm=KkYvU=#7gDQy`cNXGKCY7}I7y%NJ2Eu6GWY;~CO~3H7jW82Sy5fpM
zl3>DA_b}4#RgR{TdOH@@svWX*_n7bgY5#~(bGeKf?F|zSNV^u{pxzdTiP`_BHhI0I
zM*=9#Y4F+n{8eX`oqqqhLR1V{#L3I-=7zT$c#!xZGeEVTW6{~Q!SMXVKh3yI93y=~
zXYWO2jR@n(^IBx$YD`Enh_WI&=gks0-goh0x4AkoisVABI-T4!l(bVk-G2{cC~1&V
z!~G%3$ZaP8ZRo!jB0Fm&hi(T_SU)VJ2~BpyDiwAps@|0SVIHQ*UaOK!f|FPgteQJ%
zh7nPN#CrH4of7AZBatnRSw65eMc!&FZVsF|i^KA63^c>i3me41*aa~sL5bl#Vw>1X
zWSywOH{gPpUZ+_A?|U|rU6-wkGAcD^8Hf{$D`{j(6o(TLfz8~>|DiDe09}v=F2PRG
zB{<V<DkKN>nTB3Oy(=FGI?8=WcLF#`T2r5y+;4mjU4UGJTwzDm#4Hq}b79YLVI%CQ
zu3EKf^;Bhljy4C>S|&DsjQdTy4}MZ;nVzhY#n;))x2}<EJ)JpxrF@up+A%q)QiW{*
zUMLuU49B%pJAYKCA@qGcwgSY$gb3hUQ^lu#WME1L)9!jD?I3O^$P%R%lCb)>^@k1A
zSz-0Ik^{X+D^W0^F+cDL^d!Raa`&?LG3GR&UG*}n<Yu0;E=~AU{SJD;%bin0|Gq3o
zf*5C%o<+B+%1E;(s<rpeI-XpkNv6Q-nIEPEtR9^u!qF(+379jhhl!b0bGuC4fS$W0
zK>UQmn1P+K+(G_7O#=mE1p>GR9VF7-kN0|*dJ!hWfk+8y04P0eaYt9@9BYk8&%g%S
z4wicoAz(I9!4k`@T=Y(`iIEsv*VFyq2tFSCba9RDkfLzb;rvqt29qgr&3Ey=3lq;4
z6EahWLr!lfa*^;5(D;J<#PgB!%peJ}Ii{v60<$#obufmRgz2KiO)W{RTk&;>0R6ik
zgKVLpaPqo|$PgIQI&a9X?*6)TFfK1AACYtg)|2CwBw#hgT&FzQFxe|<ZtQr}#l)Zb
zH((}>^L%gRwPLQoFUhq#@t|CnG_{_e0cr(Hm~B-=fG;W<widz<Rxkce9*U=xol+MW
zu7Z7-b5`espN9jm6l3d-$={{!tyRCyD)T{7)#Q6Xm>1jwLT8alR98vs>JZ|kAxr$9
zw9V#5_F7FMuQ6V?7I48>P0xGS2mZI=Z&_$os~&i{Jap!N=RL@0{3}b7o_2?W_QNd5
z1=VRVJfWTf@W9$yQgYpVQE$DStv;57>lim-8VcnqKX$*YptpfoZsM?wIDo8epxjkG
zqed%6!)<4jk{yQ*V=iKFt;*V~aRJI>L$tQ0_~lft$-d>LuqNRujm%?phOApxhJ*8x
zDb^uLV$K@wnR(0gZ(j*qU&9kk=Q!f@A!=D#Th%v5U~F{*3ZISbVvvUD$^hifl54I(
zXnXq@Wrx-#E$b_-9IGt`|7=fjg@qzV@Xwg@W+hZs&UNBgX`5}#cPVR2*chV@#LsJN
z#PrFf62LMOA)?q?TE5@?_u=U`5~z8Gj9FcsGs5?!{M!`Yfm1ZF)zjq#UrkI{Z{1>=
zqU%bVQJ!a8&t52hIhn%W(&0J?I<P^^xcjfD33+R$V^9x#^1LW_Yle%FSNbPZt1h2#
zmQRnz?=K)HfMv-)wS}3%s7TPJ>iEQ>UgQp(XYCg!n=35KK09XD5tdvJqo&G&y3hAA
z)AjaQ+v;l3El!H0$Ev0F!hp5;KcNRn4ok%QBujFL-G0nMJ5&g6qI4@U+-^LS7dV*r
zlacmsJ<{s@(UF!c437}vt4Z4Q3I!n6^ABaPaCARJqB{UTLRc1j9p+dl#x7ks#|qW8
zAt2aWE{M+Y15t=D+;~!ta8zu@l)s_wtv+#Nxlj%}=y(FncX)43Zj7YoN`Mk(FiTpA
zf;DGZFq83HgydsLmvY5n=^>c#0tX3`RSBZ~N^Y%C-oNB@BD=kAbsvldsvFh{nr8@X
z9Vklgs8;Q4L(fZoe&<f~xl2d~HYCCCK$+Gsg*|v;7n43rc3VGRv7;Tvirfc-AX?Re
z+cP5%D(}DJ58v^>6o2-bj86~wL&N{V2t6LC(Bz@+#N?r76`zb~{-*sj#_mfQnSD||
z;vUtm5oc$Bw-xZ1+A=P$(#3d$|3xF<#(kRC(abv+PL^A3dN0)RQ2Cl!FopWjQ0>?N
zt6pnv;Pk5b#tF<u7GMjV$Em(Nl71@ni!<Xtg&Mt|2tHEkeVhLKq45;I8#LN!ljg^h
zL9o%<GsFU)$CvD$;_>W`hRpT*N8>4MPLZ!V)(jnMD-^o@<iZe3WZ$sHsa1-^5yf)l
zR_%1Yn~3gfqQhG}bGCKiVWHcr2P5F0hP8mNd&r(X^F&59n9#t;8&WkZz9d5qcluUL
z`2zj&W?IXps_*uq?WjC6*{ScpQw@nLMNh`xz@gmD$~qj1n-`UyuW|5S42YXBBhCvo
zfgS6TYB4b=Ej=(#jHR`a<amo5p1%oGqC^-R6k|wqgeGVMA#gK-*m}~1Htb%DqR~ot
zB3x*=;-Ts){vi~VuMJId!bSVRnedM9BE3q1_jRu03yDn1|Lz5Ylk`X;GNiyzao!-&
zKrBx}^Y}E-C`cb=w}F|DY!dPjlf-xX8*)pZ=HoB-qha*NobNX?-v9I{|Kt7tUH-+N
z0!uS6u`W!VVLZ`Cf+ks;b&?<xQW6Vk>q;ww=0L@Tq6Pry+6bQ9>HB!LchcJ0_CRVx
z@kNb@TxZxvK}sl#fNASFWU_U|W<-UeHxDQuSUE<0{I#C^ZFg%(Ez`Zna!+eVQN}J8
zLY!(@E_)!titH`idQTY45#<kNM|)5aX%X>3>LraP9qYAiwF*UAhfO43eI<L<rC3l}
zc56O^_#NdR7Gtyg?HrjBEI-y{yNTJ8mwYVQGtUpJfp{xe1S8D2pCDqlZZ;~WJYL`a
zs@R7|$fbzaRNIg0>#22KmX55!g;(XkpxqU4pD0)Ys%qWRPl!#inS$Sp51_g`Z+m*C
zT8yn6*)ApBg)4vcIRuB{{wQm~X}oyr@GeHkx}Qo=@C~gh*yeKd`Nmaj4Z$SjiLY&%
z=sRq2pSt-0KI&S-O8S@@1Qf0tYk##@Kg1(g$yZ87Hr~P>v6(d3FRz1N?%f!6R+#QJ
zCb6y`p&e6F(tN1G?2NWPs_2qDtfteN@`R@^swbM|Ya2{zY=oczoB192q%dJNv6RSe
zWVrxx+Z?Cct}yAC0h&U+Topb7C+P9zTOdG<(E;v$K10DI%UF`Klt7)mFYI({b$)#J
zZ`T8B->-)%{<pL%tdQ{I%PLS04L0)w!XX<Cfh8(U_Yb=?^nQNyvPUZOWLHYnGkVSH
zIE<#)*`AirN`T0Iv-l{iDQL1iMrTn1N#wASobvOSH|k1}uAmQOAXNvmfw*b`z4Ta|
z%EF~H-F|n8Wul3*p7MMb84@_@6AjlB(m<^Lc&I#zZ=m*C!j3qXkF*$2f#flKtzOxF
z@T}U?`mPSqI>nmDm)CTJU(5d|uZyo6$Oi~uov0d%Dzh5WP3y4AJS;zwmq*%cv6DVj
zQ6v>l6#HaQ2T5F+C+z>D=a<!K)5w-M<W;C-RwXg!s^S&l>qK*GHXp6sl&w-b8bdMG
ziEdAH97$bZfixvCN}4pjXYVK61&A1nxS$jl#sPr`i5&uO<m2Yu?7CB5?HV3?C^rOp
zVb%i!1#%ujjHrdNewAe=l;2>i2@6{4Cs~N%B|t3UjMrKN9fKOHT}s=J6K;v&oPu1j
z8x<p1KAcpULm1Q$oxho^g&IynEx-Yz--@DA*?(ugo^kZ(w+Tv0b40aJJo?<>@DB>8
zA>kuM&T~<~I+W4|L~xI}4%Dz|aueO7f)Itxf?-_`2aja--fG7@Mij3ew&zn__&iyi
zN{Ye_czW^vawgDJPwsYJ(YCaPBdW>HIx$OqQkJc>{!=e3+E(zKeR{wHMxPXRcg}}`
zZ2dYNGSUvzc2_%KbH9!23Y`((z~_a2p(WA!I=L(Q+F-g?Awjiu3vnk7j&F5j^VyOf
zEbSnGkO$n9N9V%2C1txs=+vVA7|W1{5pE(1R`&}HO~?p0Z|y%z@>`eOU(wGP!+Y0f
zGxOOW%YWj$5>zu<^6p_dt{s2%p{H7Zx7)VvHmra)opr*!{R;nf679}3B>6$RZKD#2
zk0%b{Vp!N4D=Nf#4i}8RX1XYSCoPyyIwKzR3CZr<wk>4(z4jjf2hT|YA>3pP64IkP
zidW+C3kDDPeXw@zn%d@-820>Oug!Y?W+=9lo-7X95Zy0er4!3jd9ds`_prr}53?jr
zi}ZHI!P<vtRH@pUCv^`^pMtvvNMdqIBzsn&8CNBWlT=m`QLRYmGAJxS<%f_YQbhL>
zU6>|2q{WR0p9!Rw;6XM$bv1TtBdmbrYKjnXq&6;x5H4i`+{2n{;o?I|#nq>L^D**x
zMy>$w^8%U6;~X*&kpS8(OFhXY5ERu;>En^nC{<#=f5IUTG`DvH2Ut0eR!Fd+7Ek6}
z?w1_gjUC7emPq=zL*3Nrb#Q)hnh-Tg=F6RgF7<>bNPww{PX}%G6+p&y>Ml$hJleG$
zu^02JFmElx_DvucY!@R1+Bk|%j$_7_X(R4$u8$GJ(VLoO<O+IAC21D?QBDVXt*+T?
zHuXPpGjb|_Cs{#^A_w9;EL})9)2j$zXq1a6PLL*DP`!3hWVEY9C0q4|^d?2}d<wF$
z2CLj|Y}wcnu{#R2MYl(EG)Tzx;pCn$U{bY3$LB1Na*0c_c3Vc7+IPV&C;8%de(KqI
z1Cs)AI-kRcSBIlK@Fv-x?3HQG1EBMRvAIQ5rBu~xRON*(p(u7NKsw!Ix)QN0>o4x^
zd1kc6^W~o2GXJ%LA8kNhkC!s6lTuG~?6W8kqF42YZ^aCih9}ezFm4x6heUGcV%ZEW
zutEa4PcB6PD?{NKmb=1F@R*Ck>VwdSSAu!5PZY1r#DlD_;^Y4j>R9{A_|H#;7-loV
zmp;<QZ;%Kyx_4aly6cN8I;&zG-r#sbkEY=FVH^KY#7i$j9U4uLeHqfurB-*go%E2S
zOz3YMq8|aQg1XE83&KU^ctVNy)xyZ7%yuN72ESM-vi@R!r!Y7<P`=oikW7Wu`7zvT
zmns!;5tzpm&YjJV_h^SLxUfWNKA>-7E!pvOKZhqQHK-r;(JtcM!b_>!_+$FOX4p$b
zN`!=3TCbwbW{mx&Ao8neb&p~-CCHJBM-&glbOdRB7Rqj@|Ht3dgWhKC0fK>J$ya8$
zn?qA2m}PSVPTTk-pD<2`38=^23BPhg<ud-rQ*H!!ZBfsEnvtuw=De5Ne2w|0c{At-
z%+CK$L)YVYC@1)KJ_?*lc2`7BFf7zGa$DjIqA(dpd<90la5=EBa0l0`o0o_wu9Q6p
z9N9OAgiDt1Ma(1&@$&ZDE!5L>;Uu_0*SgH%pYLxt7|GiT4VyoNacx(@kHQ(!QW$AP
z4=TO!e87#Kd!gvQxpX&|hAh@mpS0dh_S0SWxGRl-<$+<v-fZ?S$I4q6F?|K~hv*HT
z)o?n6g;HGCBNPVhsSZMvt(!nJ!2CS*&cOFc3g341q`^*Hy%j%68)Kj04=s}3;#Dr7
z)YYZ(1hLg<1m_JHTdvtyMx6HUnKrbgOK5V6-A{`!xL?kHYI&2)UV+B*mDv9lF!Y)e
zYJ5WBvda3<S#I*i|3k#-^`L)p4b?T!C_K@3#7lpHO-pveiY*R#%4I8RS<!tKbY-wC
zOhU^_e=DxI4d^lT&|N~)e_p8GSf;rVZU(ih*R@fT2Cuzz?T%sy_8rLE(L!&bnrxbG
zmJ1OC$>?3@V;Yyci5@?dxW`^n8>KbsQYSyItY0~)wY*s7gaec{y3kW*hF);r^QPIL
z^ycFUkNCQXS%%CuSmDV{OnAmyv`McP0P2iY^#)HZR7JAy`6tSHM(#LjRTJD!qe-ES
zaJ%LisLHLs4R$OAoxNa@Zkk}VH-wG;ZYj(9AdBtz=N9Y=R6R;@2#!8(6}dzyDTqn@
zd${cW!!fY&?6X1}`mkp_)1|)nvXF?FMaW2)7ly=coNr?PQrny-i0kUUBYW+%v$g7*
zfz`ZGW*Mm-w-<>5bO3|j=}RJ8*9jMwZLnkkOw|jQ{}_cK76#ducn+?pd0cJHT!&x;
z62DC-<_U=AZaXW8ADv?pp9?_vq2||&PE^{a{Ab<Vu5E%%&ImiV`iy_Df(g498r5`5
zc#yoBrJ&$`XzG-1<U+a(q4<9QL_oX00g@4TyjnDUtV9BiNgqz)Nf9K1=wtq8Gl~g|
zHjcWNon8W0%M;xKgDQDpyQ?M3+$lV$Vv%w65_Mmrjb+NY_-TGR_ICa8e2-ZlQ@_nP
z=+fkLSyIjVT4%*BS;U9GJjHuQ-2j{LMHHCx6J3gR)$D#-=?JF}d>r*0WhF2bYGDsp
z_aE8;E6LeEUU)CB77O5{KKcvbS7r;~S+hld;w13?>k)WqPXVKg;MSAx>a)P8@s6B0
zxU|i%oH&NUE%mbCv48uoW6_VD&pOb-FnPw#=Uf<IIABINaXe{514u_Xaj<Da15!rW
zalo`;290nIo!6WgU@S6>vf&(PL-YIPWWxgTWhF<7jIa0-6ZXAHNrI#$N7n9T{wv}x
zNyr~=W#cqCtrh@*F2@FASWeK&Y{ENo<BSh3s)A3Znivkno1^fN*>+vALjW1VgI4&4
zNH09M-xE(<-MDH?<_^t>E?Fj9#f#;|)yWN{JgEP2d+d2B=Iw>l^?S>oN%MBfHFlX;
zsFjTGrBE%vt{_@s8Qp9X5WVR<YqDgnD2a>^Vz-q!YRiHF2YAq+Orws8rHT`CwXx;N
zx=t{;a&6n-p=O1e>u7IsK=0G&xJmxhh+B<b`&G<FD8(FoS(Susj(%Tnz2{07o}D(V
z&DlXjeq|WW1*~ESy=LKP3tC-@s_!LIztc;E)z#F6t4=0b8L_XK-3~RAzK!85`Suaw
zhf`Hu6Pl?=APaJ|5ig;+jDppB2{7@pGjZ!UsZON(W5Q<2O}}|2V9`2DhMkT#xfr$a
zDTaPDH_Q!lkF<afTy*GH?nc{6Ex@wIKE>JL&F1GS{~lI@`R80bnGNZ{R3b5Rl^Scp
zXBUf!5ZV}pghJ0k++fOZ5tTZdqT(im_pQb#(2(4!2yg)TujueGK6O~uPA?)TC$^4=
z57^~r%~AoDSh1$;&SX3FW#C+7xS@G~gfeVDSkG0vndQwvAV+sEi2XQv;Sd+Bo|!?~
zeyhzp2RE~&XL?>ul4x0_KEB~@VI2P^3Xp4W0rw)Px9brc{46)kNrCaSzH_n~b(#rh
z1_H%hs=PMX9Y?X43RZ>@7f0|om-DP(X2GOg%o+j!GBfbhd5rQ?sEY#NIih}j=xA4Q
zazdMK!mroE)oEg4FJI>GIi4T;cJ@#4`}@oXN3-vaI^XHa?7~ks_xI$vAC})UH#4H?
zhiX;tfrh+s^X@f3Rb7Hbz&tHzsrkXL=Ouo)_A1%T5N1`c`6O#J|I|3xWL5r9d-1ZV
z=$c_S{wRHn2<ghG5bISA4u<{49;rS}f@zk0iOgrM$9YY>0F~qSQ%Z^)Q@yXHfplPe
zV1i1vNr!KY^#pKcJ)HOJ65mgDnTrc3IvorD6IkgqzF%wE9{%v%L>gLX(Nuz3xUl)r
z0tqlRderH8+Kg78{kkE_nI)7^l}`9X#c|-Vw1%P(w(NLW@JF&4200;0ugSV?NxTJ;
zT4Y1Xh2}-E@Hq<wjgsTfla`K_Qtd6vQc<D`<;8_($<E9W{AEA%G;|R~WV(gVNZy?~
z87Y$0_PBq*hSMy3!82ksE5Z7}ieyu^*{ZqsTEc2IgRt*Q-9Gpc3OzGmQk4$F-uV~B
zk89p?ua1rmylRnF|6joOSx~M@UaYrgP}Q-n;DMz>RW>w~&pvYqCtLB|!PtFlw^bu)
zV%^fzKhyR=K!#{5ZfUO2*y#z6n6!}S%1cpO-9H8-AuG$GNnd1k>Djc!e2shxtL^EL
z8GCMcJC<MXU>nmGv|B>?e)qTk57+h(-3fqn3p}=M+qP}nX2(g#wryMg*y-4|ZQIT}
z-@G%MSyt_9Q@?woE$`f-c?)hjm@h%^xS5RIvsYzlJc~v=_(_Y%Rz>9RhoAf0Vs(k1
z$;d&`Krb3$5df$kLM{4+q)&x)^X)r)QL>)}WVQff$B>Qwf>s?(+~?aN&(~48)DV7V
zZ`E#*U!`a==tV%t-=RLI<>MldX%d@E3B%Rvt@;3QfekKv)oCjvQ!z!kRpZJRAtsUI
znc*6hyR~gq{btizk5fI}G$1e;0ddEey$?O#&yUUYBRcs8r9>0hY93LS96hAY<K1FH
zcL{rs#2KmS#ojlXig+DCW1H_d?LpZ+ZeDU&j_1y2b)YUY=y1w-K71+pZ?~6&Nt#gD
z;WvI1vRVW<Y-?V7!pl~~=>6+O?WeltcKE5_tbZl;2LS4^#k8&aS_&wy)fJ&y!Yj0p
zbdz#tGnZ?Imf*0t9C!whTfTNO=+r+mu;Vb}sa?=hCx`Qf=(BGgW-@20B$xCcc&1H$
zAExVV>bfy$0K7)Cc%9<CLYp@|yw#s-PhTOhhIbBUgVVKbyi7fJvq;IK9$lK_T&iyO
zX4&StY0A|!n$Fn>c3pU6ex+d7U{SnPNqx#R-iEF4n%yDiTwh<3G+kMZFa^8#oeV{S
z*qsarO0VMl$Q`*S3oD6UPcKxAC!vBa6i&JYp~oXgn8<X-dGz2!9H<i=JWY7G%GQTY
z^QTx9B73dEe%tfElUC5|!bvgn&IS#iHo^>h6IR~FiV%8yPOS(cF1Xb|r1%laWoGK2
zUH;=N630rzSl-zDr<*zw`6SEwGIK>&Q5`ykDz?G!7vu{j%`Tl1T>@4!1fW@#*N6s{
z=(98$e}mEvf>PrBm{ti*d#k&tNTFMz;K*uR3?!%<<eOqsn=JLObdYo9cY3sZ?vIUP
zWxdsXmcRnH1esiG#A?TAQTG=TB$zU7rL-z>hYkIl{BQC6tUI3-dzp&}1g7DOscCZ;
zaZ!P>huu2C?U{#x(nJwU#+#{WL|Byp^921B<yK9;_D?E|V}{s;?n@=1Y&F&XLX{K&
zt8oqLk1~ya#8Ij$D^0%L$?Iq|+N&iy5iNApRjzaD!b-Z!2*UQ013JqetHNm=>Nb0A
zG@3GZ-6G;83{I+7{)JFviWH-P{tFChK~e=#of`7GMiuuE7Rw}|XP&1)FCatYwn2E|
z;`=qdYxGcH)Zsi>`PgKAw(t9J&R9MAeRZrGPq;37F5#Q<1QA+0HJ#!-LG9%^hNB;W
zl)mNdY<XhPLT*Bx8^3QLJFO!WFPD)EFBUuPH_j5VjfxHvgMB<RF(wwL`O873AiI?v
zKaYmH&BR8;BEd_Xh_ka(FThJ5k5_Om&W=+IpVVMWP>r61HC@mDP=O~QKS`Bv4?}`o
zNR}ieo+w5YO=e(B28mk<RS-wR!=<2nt6LN%HGL`}Loj$IhQQ937|HiNGq#wwPh(?%
zYKOB44r7!qOu|8hcVKA%%uELGG#4R5O0My3Y*B1|`DJPSyP$>4XeIqkJ$neJPv*Dj
zeFWewvi-+Ux}nV!YPY<rHOxn$8q`n}p=u41G0*Y69o}ZZgVD056htTRasP%R*nT6{
zYeN(5Z{tY%?P61A4CmQX`IQuT1vdJuf8O2Gt=_LF(6zmJdMnVS{;$<Uy%D<VbK|t&
zEx>`@*`UjOxO1Z&CH<<>OOq_8*+GsY5VI@Ca|du%ST<`%edC^oe||O6mi3VY`*tz7
zIjBmDEiYIfg08?_W*CJ<)%GE0Gn-R1%q_1B$tulM5P#p_g}Tj5ze2G+eI#$Dgp^d9
zY3(WMfGsW7Gp#kOw5uB#;JGe&F)!nDJehwX%l1|~!@N|BC|?ZW%g5kySeGh{?gnue
z)dk8_Yd9I`tidKCp1jxhqpm7cJ@Gu(%&M9Ti)d#n<AZ_jMXnn{T<Bska$|^<N1AMf
z7sadLz}P}x>CktlcS4oiLYn>82(C^|mo{%MD$^`VhVoMA<A<KsO<k=b^}_P6^k&BD
z8;f=c=&V^{o}9o6t9A)x^wSQjc1gEt?wIOtCf&lzBW|(06NWVp&FDpt25#|47Z2$9
zG?}{rT*-9!A5PM9{Us+g)2MXw2D1+GP?8Gz3m~GIG7)8~rQ_51d`})|Kyn|CQ;4(?
zd2(OpuN+9VdljnZg<x`@jbJbH1{!63V<V52nY@nEY=ObE*=hoyY`=g&*XkHNK&)XB
zx96MSs(k*@dzxI|!h#B48KXi&NhOw7ne)%<oVn!M(X7?7!<xMr-HZSwUY23Z9X@k7
z^@c@MtLNH>{5;1@kAQMBd}o&r(O60E&aQO^?^AZavqK0VOYd#8*rPvlHPH!7lgDQ;
zfXtTC>XHH+<p6&;aBu9{sAMRxV)Sh6yYNUI>S{5#$h};^Uk!^NO9@D_4rT3r564~T
zk?tQ}fusVG*XL}@(d8y%ouxh<Kj?9Ahw)Q+r<vtBST(0KMY7q$-g7n?s-+<+Ag>z-
z6|hqtw!9capA<hhS?8O>D^Vvo^L<Qc%Kd84*_xgDkDH6-9n#`&G><@yZZ3ru(}Rp}
z+uVH{)UzL)e@8_+wjxC0>?Wk4Z_7S7e^})nV~@sG!I-u({^!gx6PerRl=P<0TTAQW
z-9N65a04fOlxMsM33LZ6@73>GQn|xgA4+ZRa+L?S2*k5isMT0{lQ=p&0mjJazbKMG
zFjv#RRV{M&Tnv~;n@(~JNLY#{-1q=PKBsWC=oto4P#q_ccg%tx(Z<OB+%_(-=ru=&
z?A2~nAAE_H_lI8Z0G_dO0e*P0;Y(Xp_oZgj60LSIVd+ac<*&pp`$^V6ZQ6rw*YeD;
zgnt^Fn28hFSja<S5)DirxyH*Uj>$gXb3UqU-=}tpy6K@99j&5A?D~%$@VzL~>s~YU
zdbY8D(p}$CR2qT^`f{Eu>0Jg46CPK8%{x@HVP0M>9|h;%6)hisSq;Aq5o^EbAHNnF
z_0<kYd#pHqjgt->khpppIA4{=aAKF~(FN1!y+AT|^AF4d^5Ew3*mL0K?&OFbYb}d7
zQM<AID7+4@Y(X;fg-+bYM}Y%82^;(OAD1sLjWyz7m}X%*r`C3BYZ(selj*fQztEHt
z4e;WO9;!`p2>BVtxFz(y2dGZNKe!A-_FMVIXe`m?t;HpULb@(}79jPL08-227_=n7
zPNUa<7q6d`Y}poOMC&D%unq<{TLeezg~ZexBuB~f3ImKS{2`)(F$S`&uts5)U1y@B
zQrrA)1h{Hq+evA;Cd5;(^_m_P?WTSb3^7$B_*A9_f`NY%!+csJewmmIkE4N>GlhQk
z@7LBp#FGgryIeqiUZ?*~=;Zr^^s*A}r?l7$s;+d})~iAdish9dL3sF?Hd}-IwB?Qe
z-oGbxjQ`$yKlsb_{oXh!_Wgp^$@l%f$@Ts2fP+jPLAek8+U!!YO%COfsq0%|4%G{<
zbokTTc|?2~OIMq@j7L4O7h8`+zXhc9zVx#7mveWYdgj`Cm(29O64>4;?<gZkZ%ul&
zIBWKj&yS_M$|f^otJFO~THuK1GHOHj5XTZJLGyFnnzaJRoJA*7=+<S%Io)H%qSDZ%
zWgE6_`WK<0<`oh!(RICfCeObOt({3Vs*$ygPLh8tQUNsXWaik<GLebgHm`(Q>JV=h
z{zf0kKYbf^N~h9cdb(VQQKwl@!~7`Z96_5IsilsFm@F2@jQ4VS^$*T5ptt(JvZt=!
z5JbKt`+x=#-yG^nQC^$LJJ{E_e)a^vM<By`@WPG?*s(?BMnC;DfE3A$v7<^Cmak}*
z;#9LoKdnO33_P)6Q@}F|`ZJ3tb9lY3#?9Sl_%6Lc%r@ntc#~q++tdqm+R5etXw8~#
z-lIoxALLrHSM+Pny{@=E_4~tcKH7K<kT3V}URFVUB)~lmu*wxTz8p3<(C|r5>p2q@
zWnngKg+5VUATHzFv!h0~K4-GM*JXS*EsB3F9C((DcHZCePOo{cJoGTlKiP)uHu~%8
z+vz}bB(>2`GSv*E%$&RI<Z$Kvi~x3!F?&k!CNjE#B})RqUCMJcQI4uNNiU1>_M_=R
zRoCJKOs&YOgm09R;tE^q*=AonL&az=-ij@+#l?!rx9E4<c}rJq?yE@aH~BMSPQD`W
z%-7Bg&L+koFUu;zN<Ah|e6yummNZ6BU;4e@H$xD2b$4Y<JG9znI6^;O>eVt&7gA%J
z_wDFOH%@Md=_m&UWP4%daQfC86Vi$Wk?%~4e?NzT00nEg7?05{lpG@c9=jW|S<`La
z!xZy!6)x-i*9jp_)42x(DTTslWY!K@>Lx86WR84{o}N3Re$`S?@5kfiVmW(qlCanF
z@%LAm@_RYSGqi8qj6V}V*y@)&zOlYa$)fEb+kgYk5_8M>0-M!@W|d%Xg;l#(2qQhd
zLa;U1E$kPtY6lYu4-}|p(cGSS4%_y^Oz|u<*5$=1o>74iV%S*N1(h`1jvW<~n@U<1
zar-;)89?R&*W1Zv`1GFoH&B3PveW1BVlbOF+C~14t%)w`=Edw8=WJ^kN}X!t>Y$})
z+1ep>d!1+5+TqK)+`;GnjV~S~if?iaqaW{bR*Px}?0or^Lzkz+<`jYKUtbE`17!6Z
zvt;$15WLU;RL?9hjsILQ%{@=52fjxcN?mdr<6oP6e94?H-(E_GU9|)BBE=fG!eG^L
zqLC-i$+IN$ijU#YeuIvv`m{BTdMsLjK(Gn>3~S2_iY>NnbhcAy>dcGYY3s*7#0W|(
za6GHt0;FuFr60YK8XVQK(Q1nGi)C@Uql!dWZUI>KxC&cHgD;wjtUAov{MU4Pw}!uE
zny->yE&rI5@f3@dfL9b-R8-;W%#bqiJvvm&5n!h@g8pcCpqMM9sp*R-XK2y>Rdm)N
z$29<mPF<M_*Y<AOYiBBr*BYzV?neDP*_}&gOQF>`V{TY56oR^czEt_M`&C_*d9#N*
zlI8Et3)S3dD0R^hr`#F^>(__=tceM?8mC&qW#MviB)X)_8Dj@p=Y#4;PA`6zy1K8)
zp=R&AZ)xlDz)8b-8|2VGJ#Jkw*>=(5-oIMV5+N<(g3KEFLXt+X5v}z*wH2%6op`%^
zas$5e$?(9>u3lEFF{JE`dY`uumGP2Ad!vbaAl9o_;-&%l6vm+J6P_P1BjJEUtb_j~
zp^D^&-Ci0N3GBoEknIo+sLUxwQ@^VcN>nEs<P(FgduDg0WZEmH;;td;zS-@K(Hd65
zArMwzGC>xscgvkms{gbbFG0D4)>kzcn=sO*wLb5mu~q>$HxUCmMd3~qWO5ZFCM;;?
zrUjwc>j_!(u}B!_eJoNY%W2lN=VFwF=G@rW+1MWn#yE}-)$#bNh|(FVm*+-(L64zQ
z+LmH@u?9Y)aP%PET1s9c#%*%XFwIF(i{(u$tFg_jA#_1iqa{2jd4R$|q_ojjH8eA7
z<2aO3i(?Y7s*ke>Y~T$iZuzRGVa!X%0p!uq1vUwTMxL7MX6^F3fmgd{!hVU+QSK3$
z<+5ovk<%lTe7*iu=LhyB;~;JfyJOpKWUAZ{!d_A(LkUN-?Lq3&Nh+djU{_6InO-+D
zD?L&bmFis9l$-h&nZsnOfsRxysZ&au8dW*$wnRN1E;{l14e@)h={?`?YcyH1N){tr
z(G*};KV~{c;8Vb5BHJxXaS6A??Hk)ch65?UL|(yWG;f$J2!+-oMXi>h8nxR}R+`r=
z;Da;5)ubMmSrb3i*(rkD$%Zcv${sz;C}~uD+0pT`X-Sxs?1iK>x>@;;w<Vdc(BWp8
zyIk8P@b%wK9<^y<GXv+M-I=cagRzQ+QQXs9?&>zEv{3!M0WA>8qbYF}VZT&%8HE5Y
zYnC>LD;khW56fTgG>7V3?$iH1N?%fkSCsCG2^JG}&er|Dmw~#k==FkUjd}vMT(bVK
z^}x}sbD(-eR~RmjaNZM`Y_wZHXB}OHIk3*CG;W>ul2C~0DyygkCwak=I1#HzCnZt8
zEbBL&eomT3)*5y>((Tl@>#&#&6&`!r^~baCHupgUNX@z!NRwU>w&C)c#oKqWeCG5y
z97?lH=ub6hVu9^|*&1Z?P}~EZK~Kf_uICQay<!OVQCQjmBLOCw1~-_lbC&${?Q*gr
z59YxO*Z+#TRT4H2pNlyH5ivbX*fxXu&5?3Vvg}W@tQz5%$-BjUtLrL7$PPSq)duX)
z>?F>CbnulW{L4Z!=jA*nS~AEiEkD+Zw(g?4V2cbw)=)cExbK8bG^i@Q?fNGAQ>*;E
zA21c<jZfBl@>OxTh<&P25*^5T@LIix-hm{fQrH>OEtxP<-bz`{DW{puT;siImqEQB
zdPGgS<UYG`s+@4iH(<^cO-&T)mP36Z5-fQfc8#}rjXmwBy7pcV3~#;RNNJitZ{6^@
z5}Cyo&q6h2+Byyr{r(o7e@Z_$IX(*hb$9f{ST30D|F!@0baZsP+x7WzaWF0Tc0TLR
zc<}}C`}{b*yPoYY#^LPsftfC}qit`X=At~~1i>h+&U5$HDX`u)rg@hxyCOc?NSyLu
zr?0&=-h!@8akB)Dd%k?_Mdz$D$DYlZJFN@y?z;Ai(+(Dvs$hA&%4bU$BeckChjVCq
z+ss{AN>5DP34OjRf2oI(NL#9iNohacENgj~dao52slE$c?`w?j^tWzE(ZHOSb`Y-^
z;--DkMjx6y^3EqaPyyP~+un?%euQpAnNo{3e48?+)C-EC^?_TTVU|!<qrqfNdkvl9
zm*NIWEh*SJ$O!q|oW7*F2w&LOsDLouz^CKgqvU0p3cl0-I^*)^A?bIhR(J+X-A3r)
zL%pxRYa)aFsV}Q%6O>Euh9=muYYV=%&Kp?a=e8-|X-n~^=WX=dkPV&t{p8eL(Es~!
zdDg+NhwIp%`+L$*QbB47{U6nO6e8BcYjt4%r5Wt)W-#M=)?`$w$|`k<cozJiQk__}
zfR(YMx@Cpe<v?PDO4;)Btw2|IUjKd})Fv+=t<4yW2?(oPEX9A?vmW_ctI}Fxr<tEi
z?K{d6TWJMbdj-cA21M)5Kg|!SOi*M~#!M7%PUj!^JIvh*(G8H589la!Q<sJ-StU!(
zb%N?>TdvzkiWOrUn{m34D*?;MZ6(N^fRce4<Wj`O^|z8`Oo<){+l9UGOjrtQb65rz
z{MC9pRf<y31@%)Ck!49m6X5klsQAR2NfI=`Y`GP*YFq0YN5^LotICw^`iIggm_wPZ
z8{0OlqCGa*vroQp2NcEQ<)>vb61~nl&oeA|(Eg_gt6J4^0Z!T`ei*LW;>=qMsikj;
z4Wv*sb%)IGPv(afuK;1e3B&+5@1)aW(ehrW5X$lh(RgMl(5)?z&OCm#xXE<ef2GxR
zCYQm`na*i`*?Q~F4(d1~Xjuh-)AsnfC&>Ii(mF<@^1sr$kz7VEFVg^Frqeu}Wt|sJ
zGO@w0OrMJ>mSO?F1U#Q>^hkkOh%}5hjP5YF=3f54+WH6W7eo(<kCa;a5~ab;Tzw&`
z22@&+n|4)h9A|ulv)ZunkH{L)AqD%R#kyc@KLl3LEG?fzE`05p0OLSyV&181wZhM@
z>Jc`=ynhn?G5MVqxdL~?(=}srvjb=ChPusauZ^E9D*y#>gCi<GF<+r|?KFwqu?aQq
z`qs+<Ot4+QJr8gZ-D*85emtm1-Qh`Z+*dU^=Kn9YChb}N3#ZXP3@T0?!=SEwCS$>O
z+EoM9w6luUWtYj&L9q0j)JDcwcSSrrZV_SIRd`q@%kM}tO`6@yJYqd%9k(<~njMLA
zNSdX1zfwMKVxA}6w)q)Bx6hPO_Z|&Fw>5y<d;8F)JK`Az3tuC(k@e>eKU@RimwIR*
zvK)?E+Efz-Qpcs>h1VoEtm_BUVWBcS76@P>OY8)pA7B}gNij@kGsXlQ4J2Q#!S1aJ
z)Gqyrg=Pw4Uq+^BMEMz8KTM^HFVum%%xG|#m=8@pP=;*7Br6M4UtJ_=IsDV$Sz%uv
zwnl}tfA><ioHLF=aUDq!Q*cMC?5C^gI$bL^BBMi=*PhrT3kq2t2jl~baecxBZKb{%
zqHKG9%Cce-RB2F?p4}@h?j%*gl&%~Px54PX^yriIE*!|MpA5hGtQeM+tOo5|<|o9M
zPsv2iRVWILSH{X?L+TcMyUCdilcTFK!<>#XC>lX^b)cAG&dsz#QLR3Hi)7GYri5t<
zOYE0$8WgzMRZl%fZ{dN+9Ecgs_}lIQ;ofBAE^2$OXmdXdvL|L>t~NpB>;KrxxZ}g+
z|9bMhysrD8L7V0ki}FX<j`!a#je-tzQgjgQxNk%VCdK+TTfq6hp95vPz=}YMLm3I~
z(m|wQ`E7*V?o^(I9piy$G~;M`Uxd@@7VZR17I&U>zkkfm6&fnac$)OxV4jkr;I6HM
z>r`Q&*#KJQ`WZ_kMysl6Db`!arGxv>qwDa)Og0u<F@^(V<wkZn{Sgt{OECNKq%sq<
zxM$&)AZQ(L5t^KWK0iq%BUF{bZ#k*Z+I|J8P*l&X1epEz*!ePO9bUeCXr0f;1D51I
z96!HuJYy8CYfBU@{oq`%l}J8$5L&)o<_$JsTgABz&{?n=eqq~Dh3lrn2-M~mu$t~)
zpS-yZKRp`AmEpiXwZl0MyzbHBKW9v!O2mY;td9#eP1)&@#^s>V&k0>}k1ulsTArDz
zekXgZ!@vL1O{0FpEu((j1ysKTGY@`8;~b)X^ACOr>3?=H_DGIfizyudNHdi9o_0+7
zsG(PZ(g;xQ#gFWeS=*m$6RTir`oX)!DKL5U?pQN6Wr7i1(S(1*J6{{$RjJcrk8BTt
z;cM=mg%B^eDy*j=x_UGwz|%_@nBI7Xi%-~J+3<iw(zJ<ff#{Z4BC69(E7=zVF@V=~
zNi5*%VggiII?zLpWb^K;m;;wo&O1b;HQM;xiq;o+8-F4l+UVS7aha{uidQxIv+$>z
zhCj*+pSz61gz4AAcASrb6jjKl$eK;gQP;>&C-fWjwm?#-io_c~3&&5N@{8D*w=L47
z>1h)=>y0b2K*0^HB2JUYNoKVZ5ooS9c7sPt$#-(S-Q+!pX(hs)NhwlIRk$fq2mL5g
z2jAsrAT!nC8V<A7;-rr~%u)}#DzrR#k3_6(K7H^1_!H>M53!k~FDBAe()vwiUF8~#
z2QlW27vg~D<6=<8{S=|4N)64mY=+luWu-5V)352M<!DTi#Lkh8m7q^H7K#QDXy$5d
zvr%4NYowrqc<Z3>Xnv6nPmSAwf(y=FK`((#goenbGSkq03y&|T7N;zSnk`S=6r@ER
z!xLEg%D_$0Yp7Zay}i=n|5)Gu5pw;D@>cu$*w}=ve?CN~8tjAP*vlDdZlmg~k;<0{
z>%30q<g&dk`w*h%|Id7w*XJ^7TXPm;7GpMi37_Te;c>WWxXJc8{I48S<j$?!prHYx
zr<8sw!D-3r#U8KdVZ0~u2*FtkcH5%=$sWt$mt|)qza7@?BKmA*g=poN-8afOigHP#
z^gwNNl;!j_TS0X~1%JidDrnKErDRv12NH>nmC2cP`ZQyrsB9MN<SB<%U6tjy5C;3A
zdG=9QQ4k{aUBTYv8TKuIH&Ufu0w>!#7GXCI`O^G+zM)35Nj1+uv((aiR2cLwF%3j7
zw`DmM=h#cu-=?45k86KDQcTWAO+Y8>Q8_^7YM{$2HvcaU_L&M}iT?bsrsjY&GGdn!
zlK*h^Hm$PSl|V+ru5b1qu{4=R^m9Jbwt|zxUFe#sBt~Ee&-Pk%k_SCBjf7+~_2Fm=
z)a?;d%}dj_@lYx6V64kS{qZ_kW!?t_ua*ep>s*UI6ZR<YF!WZ}%&ZL82Mi<p%NRTH
zPNH-Y%MYS~7b!q4Q1W+~K_i?=vL3z341YwmdzEpiD{QQ$0}i-s-G>Y4Tell%nh)KW
z3*Y_$0!UYnfd4ku?oykf{y<|Q=3AQCa#pz+G=+p@w#>L7^%}ldIQw(jROIR)n=c#a
zGJY-(&Ns;CZX?U7R;2Uzv+vi-pi>mn%JFtrSN81bW8B$+iU$Bad>*Zcq(e$xP3GT#
z%#j0cnixPY$fsfPQJ3nwoB5n0)QWARSK&201eb{srsFQfYd>l0o&?>U;VsKCby+D8
z#+TQiANU^<wj$n2O)VJ5oi^zC{F?hP3}US=x;uRf^YI01aiDUV9KPC6x1+euxeh-j
ziT>JfmQj8vwI3`rSMEQksc|=eG6tKh`9*SeVg8fCIJMN%+<w?jXKO1`NR0*^a35;x
zc70AN+a-d`%6OR4yUOEjCP)9N>!li1G#WfBHDhdQ4Z6|zeA_T2ah1DXP?8VWEn%*?
zyDMe9URe4gx*k$BLfCr|ecciFW1NOQXTQK>&jp%-x41T@<vg09GKTmYO<~U<kGHt`
zO>2;?55dsd0-vpJR7i&tOONV>awXVUm${LiYB9K{q<e^kN=C<H(X1h+O$+}}DyA8A
z)ii;w#%B9075!jdwR}@KsA=H9qDo~bv}`ItW$=>~IzzA<6m&D^59&M*7tSsCR$#=S
zQx77|A^|v4a1|>khy`(!Cv{GEcN##<mMO)3%~Xgd03Vxi_B;z&Co}ozz@+F<;0RqB
z{7oa<*w_6hi;tAjMz7paOd~}USe?*J$34x*9LIp|PijOGz=~pB4w<<?*$$|uSbgv*
zTV!#*tzT98c5ibo&)a>naC5I|t>e&pAIy(3a}c~qGP}o{ZR2SpsjeS>tK-w-#92dm
z%tJKG+`v(TJZe{X)xdL2>j(ki>4Ik+`RNLkxlvJUmdtxH`r}8Ji-|eTOv!4uPf}~^
zvuD8u^n$%|#r6s$)xNTihoou8m`x7phJTnQJ4Q)mfdsvyc>HH<=|@Oh+t#0g;)96-
z=dWY131Ot=8%7L}9*1tY2C%E!>yvpt>x=*|Vz3!n&r*&3zFOk>$Bo6^#i60o)t$`N
zTHW8xoweoB-h(w;O4&`^e+Pcs4WPUqEh7YXLo#V(B)bMFCdX4STciyiq`7HkTD8m*
zt~H{m|LU1DVi8I}6u7U9n}x~PHlegVS4|z{Kk~I5WB2L;cSBJt`qCh7Veru?R3wfh
zmb9x@K-875J%e9e0YT;R;+eWadjGa%5_pw&=!gW79)Figg2n*4I(8O3JSQuCn8~<k
zukod^y|y!v1hwVLs%4${@Q#h>JKhZA^SVtVk{`LRy9V#&wK_n1dnV<{FKVW}XwbX^
ziJXwY-JqOZQZ1?!&gM90nrKEFb0l3}d##^Z2^OAXUHmS27Mn6B%$7HxQM@`MFKoQ-
zW6~p9MhNzGpo-DE=#B+TTBkCEn-2YeDNv!D?*=BV-4~(@8}0ReGgQ){JoX;y`bk;c
zzu;mz20^^IOT;Y$_T+W6`ZGptZbx#-i*`R=fFZ8DMQ6z#0sreJdR*RpXv3C)eQJn=
z0$O6rca+$07CqM9^2Ae!M;s6@&x;kXZ4*aHXT}h8h9!XYxXx=<5fbT;`YxV+)BV&o
zrz94o#*COPO|LoYfW5YGyY0hr*fmq9E|oda_{9=jtSpyqZw1a-tTpUqgfTrcnjD2Y
zOQl|*nZ5&2543^Mr1(~Qu<9blh{0PMdPz2HB8gcyPm=stsP%CPBQv(w`2#wznVad!
zgq1#7wiWV3@ecot1p>hQkhSnAEERlmg9cLmB<yl%c!(xE035=&u+m!RFy$Rf$H&U<
ziKzz?boMZw6mRbQerURzA^<YX<${!bChif`&x}iMfoq9yG|d!@%8gqXsu9~br++%a
zf{OGVK9J!uIy@i*KJZgQw*Y*GLo!>3rL>ozO0LF5+A!6|2)%s$IE_59=yCOyVYZVH
zM1P|m1t03-Hl%EW@H{zp-I;U<o}1Z-*w(=A;+O=vBNUe<-G@H^f|W<J_-~>ih>E%e
zW_cwMjbf7nmexWHUYct79$mK-#>eJONuXZ82EUZ$`YwcEmADb@&Sf!hXAt;8(aw`x
zLobaLi^tqh^FYl|$=Lc=&38~q6y$Mzs*ky$e~q@sNuybf>6KQCv}^I-0#xov7P1FS
z68_eDHD7M1f?0<%dRx<ZoQ679uM&9548&864Jb73i6MLyS*y&XoZafg^=oYoTq;D8
zsE%jL-5w6YJccpPYJ;hzstx`MQq>iv29Te-JazY?F6f#tJ6KH`S#3zgSVF%tC*|07
zh`p+Xd@7zl9*YH+6Rf0dG>@H_1S@XF@39horz;7P#1v-$UxdRyfl~#d?VFU1K_521
zMk6=cNfDhDVTy8$1@*uENDWs#>`W$h$}KbL=#DTAMRD3(1E$wqhmwQS{TlLNjaOxw
zh;lR;j`%|}*j7tE4yLDa8QeF83eW&mkjo!d@_L?p>cCVvXn^S`CwaXBG$1~`j|U1D
zbz-jT%I6q(qT#4DP?`WP1(mcp7JTBq?*Q(}8A?e36T`A#J~+U+vz|+|=w7QJhk$NI
zDA_d78LyrTls+DK0y|(Bo8S_wActQohZx?5PDufeZf0(evLGk0P{C`Y#PUioId9*G
zf<IW!Yh>+S{{L2dd3g=kR0P}d(Z1VI){MehJOU8b(0oXvqp?(Aiz~f&V5<AJ6xC%y
z9*1BBNq?-@$$kq=L91eJ%Vj>UwsCdJgrRW%!TCZmf%a&G(;cf=e&g=_1a?Fep}^9!
z(^QS3($q;CSfY<Ig&xmP;mzH(B!bc?&&Qz6-75W~jUiajJ}Dq-Nfcly#74VAaSz3I
zO1{)*d7GXaSd1EoNY$#L&99Iz7B4cRHDFicFBg|@`XedyVUX}B0xyP;3^58+&pSf=
zrg7*#z<benSH!{n{gn0)!vF~lM)c0MGiL#SbtWI{wb8g4<3W{WU%<{8tA?i!AxkQ!
zD=Y;C2=|usoZ2kP&au!)+{hR-l+oajL(^6zS!nn?j0Wjdb-*)%rQ5+2L{=;-gPbTC
z{=SjQtBNQ4ecf+V>~UA0ZG|#ct3AWce`uq9pWD6`to*!@ifMjF#8#c`tCj*G!gO*d
zEkF7`55vrS9)uqLz=t1?%cQvCKc(*L%Ew?`HU4Z1w9jjCDnvb}>_m1}FkBvk*KjaL
z{&IvSzhPIF;w%J+$c$IjUMvi+$)qvUghyaTI%)*#J!g%Us1Wqd-})h*Kc`pR92~RI
zt`8>M56NgJs`wBM%5F6#>2XqjZ<GW@e%G-~Jkq8)q!RqSmIL5vj!5Q5mam2Sd^kV=
z8+qstR_V^D2*fb6H@CjE*1T^8?zC>Qq&(dZ9oP~`FNy&ck01u?RSbew+C=@<$(CfD
zT}vLpoh4xN>FmFTcpQJ<+JUp?4;vPEV~824Q1Z_x6wr-*MxC+t2Vdyw&B+uD(!VHQ
z(oVNjPopvZIcVMp&XN{IUcZ9aF7s1O-*w{UfdEjjti(iEU5xl}jo1+IA?naLe0y<`
zFr)?#1eudE5v(bEJ2|y5P%4<pb*7DVvqhc3Szh^PFZEP;mCxMy>@KqB;cjM1%mSch
zVXY8A`QeO6l!%)YdL|dfLXci8#q70DiPjI#jBk*9S7Sk+spH@cly4`{`I>I^Y_rEf
zNWuTrDFD5J*G7VOzuY4V&g!l;C&$CS?T?=uD)@8!z73wAkB{&6dcHm{4`=(|E$06k
zEWN}3T%IQPHgWz&{5g7hV*CvFb8>!$)m3p)lyf-j34O0~sE)HhG9u<A`1mlmPN>B!
zl&jwug~Q%J#QCeAbQ+C0yHDolTjuxdbN>|&`;bZ{O>v`T8kbg^VIWkh1j2a)Y7{*C
z3&z*lpJ)cIZ&8M~zX~uSSM+LfY3?ymlO{2fr~P}!{71ug=Wc@?!KCN4Tr~4Gpa3ab
z<uw@Hv8EMMowS~Qo+Nis4lPE{=Xb&(6f7T-3qc2rB3Fajs4fwXXd9nL+s~x$fjoGK
z1osbIUrG#w<NbFv_C9PY)338<=oIMjD~m=yU{z}x5kWcG5@fKAbm~B-`==?3h3I|y
z7f_gqgr^j)YxwFH9W%X1rSXrIXY)B!iZS&fdXloPr2#C6oS2sau0}+z#CII6hRG%D
zNNK4yrP%-oB|B1AlZT4!${JNg)HqiGC}KbFWHV-3iX3cQtU)4UtqFwR?n2=pOM?N6
z-o)g}7!67%SoGX<W#1<ct;owH&c&$UM6@(z2PQ8`CrG`8$SqJIzPTS|GciY&yyX+F
zB0UU?eUh4)%{?>nD6ABR0?j8>9uaf5_aWc62FI8MEWn$3*w{YcVF|<;8m_f*tm!s}
z!<NG~?m5h4<eei_VxMGA#E_Yg#<5AdD6@qmU|Mjlw3FyIbtl`Lmke0v&nu)hBQ~|x
zKuO7QEwy^mVs73+)eKXAQA3rGPAg!7r}Arni+oaLt3HTKo1Ru<pt3n&*J#<ANAij@
zVtd6ZN`QH6t}Lg_(WJ*ZBUl^1Wx-XwL1kKu{ym9XbqosPjnkqEQO7U0kX_m`6OHfj
z=xhXioLzXvZ_z*8w#zoQ>C7v6!(A&P%H|8iO%rq}X^(-@WRka_Hj1JmH}pN28-9V-
zZG?Lz9G(rfqk>1K_wxORa>T}pP(}~?>};T7Av>|DEv~@nOposA3wOY^5R6c}q3EOM
z__}bTUlWUUc5+2%q*QySvyXI3|4b-4BYUz6BSZC(SbU?oq!7KFqKTrN9cSOwG0N+(
zWG*xree_9@w-tqrm`!=<C|7E*?xocDa&d(=Frf*hS;mKWjfR-J*?3>gMyI{7EqpR#
z(}Fsd?A?K@fZLVRpP(uW@A!L=va^pR@&PPMQke)1eDp^C(>y!GQnuNnU*x+QvgU$u
zJUK3+Xm}~e{#XK<KnQd!a;aDAOkQj2%YCiz=CY@m^O0{oIYI&AcEmbn5;tFhKvI@Z
z{hAg%y-3C|iq4drE@h@5Zv8FxS_8yeU<7DdhcHB$0Ol{|d{JU85^f9D)bHgB);v|5
zwXols)#8|T!=Sj29X^_DQ?ymGExk&E;bl9!Df^aq@`g|!gn%6{;TjBnL9XF-3&Fg_
zVlTgpQE6@&raX(}))uc)Eydly1l0aQqr+%!$xeh0XL@(k3NM0p@AnWZ2uLgM4Y1F(
z;5HK=+6C-#jzW5<mMLdbY(%_8mQBEk)a3ACgWuK3l~nh7C&$4fkwak&Lb2GaiV)9N
zs*!0{Q~xR-o^kO#O{DePe)4FFz|$;wgb9~3M0qP5h+__z7Y^0}Zf1jWUW{)bPF!*3
z>asjTAF8s@_k|hP3)?k+`$_~^<eD{HKh9$sba{@@OlfY^QjSdO_k6B*(40V=Z(4qo
zei<YRWr?&^9QOolJ<2W@n{OY&y?3Ke$TDMYTWoZg)tzb)h@}z1auJ75De-R!Sy&6_
zc3Vhv4w@2i5!)jKWVUEW#2E;#bqVAqnNf#h?B0NApZzoqr_w{C0?G)EYIY%meh|Lr
z*G7RqwH%RTT8jm3cPWTjpR4BFT_u_Rz7rv$AtW)0mAXC|7Sw2QTu9z&ULQg$D7^lx
zW(G2TsSJv$%PL+BHVHfY(bpx8sv)=N{FSA2ayBniue4ZCX=>b4ej%MXtibTS6MCwu
zJ%Pa!xu9+5(U49ye<YJcI#W`G^!2S={#+*tcZ~<g3ri14QADDu<F0e_Q1zvyUN{v*
zK!VAD#r}!dL#^+*lac3!zXWu3JMmysTS-9#mZ4AWoF+^p8M$f5sf>P+xVTEs!j&RN
z?V57%_NGy(=TAMb(c}wO0W!<vkp7fi#f@0>O)xs~&;%LSw3mpxYju=XHGS*ZmE86k
zZ<_hVFJf`4Gc%h*4};h^5$F!q1Ia+eJ@<c7M5;c18~L1IxhZWti!zkLV)j^XH%MX4
zL;yPRNI-+&6c_N?Le-aUyc5E`EKk?+Nu5!Es`o|^=n&w-P+MGa+#Ln8bssjie7Vq0
zlFjb&a3i`9{RW(yd$JX`+EDf}#u__}N~8PvEaqLEy5tWLHi7$F@(#~=P4do$?+@)|
zO`4g@9vW_Cg{@f=h4&tMi^#TcTxl^BwXkkMDY$ZhySr-}6_R@trmZRXuaVbxXNkcZ
z#pnD7QM;jAb6(H07s~P(GHD)h%2e^n>Zr<R>+)`Lh+VbRAWuX5Y>*y{8gu6&d8L$%
z5Ea6Z(OP`bAaym>tl8vaZCJ-2vt+*>juj{cM{fF^mw(M48M0g(;cGrt;ryG*xzn(T
zGa1B?2k%inMge>Qo8KpXvaqF-{^Fh|aaC=EE_6EOkR`2?af-evhBd?sxy@F9O(hom
z3r#z#Lb69)20ZojfAMjFHEv$;AUurN>vzv1Z0U3K@*bgu#O65F1*QvNH8$%}@kHJM
zs6WWL&C_v$ttk=8T~2UTay*ASZ9j8&H>kK&0$=KEzvTIrVh*p|R6T9KuIH1wF<T>s
z3@tXMAal${0%?eKeK+cwH5x?I(}ccXyki)O$Wx{}Y`hMnQ~6<xz}U70lw}yNu9$wB
z?)$+z&p&o^IWPNdh4ViNhZj3VsgjA06GRa63ha?ps>?XHt^n5_8xphiZ;nIgy2f1k
z`rsGuQD89E4<*#RY%g3Jr_(ZqV2%n-msbs*Gr=o@93rmnT?}dL`$pFRndkhObGrmt
zq)3PYc_w<y1+bPoBvLXMw`MX$ZD>mQ&*}l^PcCCp1lLjCV<@D&v1E3*Wmc#O)b%1r
z(Slzw$oa&?Ie|p^BmuAl#0$!vX&^EsuqVY|Z1=u9Xd%$&e2<C(<k%#BtwJDIrC;s<
z|50Js=X|Y-LgnP!eiZJ4a0zzo0BRg?@g;u*ohv3a<=@CK2Amcq{R~pdl=%t{Qlt1S
z@PaLQi9RC!8KzgGL<#oGaHXhF=?z;qxarkL-Xpy@=rRt)E^c^2!mEX!f53n8e^^zV
zaCvu${;2+XM$~e8L5>daiC_N3XQ}|YQZ*|EcB~M_su(Lf>?^|2s<0v_$Kj)C9B#mh
z`#x2*Mni<<UP>F&#1?Ps(}Ml``x(drhg|Jq-Lk;rCAZ!>%F#ekm7M{WfvkzMDNxOp
zkjm#FoC~k*8OMBpmc|nd{^eI8O>3Gj+dYCj{nyEsNaf%mr-Z!M+?;Y>G=;~_HRrTw
zysd27@pV!lEus|{+lrgZm!A1gL1zN=X4P0LLz~D*Y$k?x8)OVS&+1soit%5|E&c$z
z05JaK6VH{<<avfT3|`WacRD=E0?kK_@KJF@)J2E*c;?!{2M}tv0fs;fcOBlvkPu@q
zy+nY{lgy-eRn<(1G#ILOROg%}7re$6d%QpSa+f@V+v0r<qGC}Kzzzq)uyQ?H&YJ#K
zSD*=<c2bL_ehXfeG6^QkdlZh&Iz`>sL)u%pEJe>K()KQ^p+bpA{6iCmQ@_rHL8WJ5
z-ZVY!(=IIX5xK_1udDNT`XSTYmoF~p*FhS?F(ab?`EV`l@DyTp3##r~nAob=bC)+U
z&iwCnI6Rj=<Rk6JiDUWFoEq?Vl%?E_894JKv;2t^8gth_%>ztmq5^q=9}xl~_GUty
zciBz1&At?_&mW}mkh#|r9|;+l`KGue*Fl*}yuX9*r&3>rr?B%@Jh^tBcEk(@KEGAe
z<7<Pm4;sKk5hNx+sm<G2%Hx@UG5l?8M;;q7Dz=BLs^U0`f5yLdUXUX&Ss30BR#}lI
z^qv<s&4Jri2~u8?<Hm3Z*?#9~{_*XK4UR#Un5Q4n2zR9t@g~%X<6*~WZfK0+R&XUy
zqeL1;-z(C>=>RqPtcYwev^D^MsNGEeF29QpM{-UmFaWq4<dxCPJh&oUyHDn6wVlrm
zdAXGt9pSE>y-rTbfaIZz!K1|+rZL=vu_#4R_3vb3c~aeJvm8g4N#p^k;(6MvaS%9`
z52hy$Y7L4o^jBfcwlDiVpqUn#GusSgK(MQ$>%qPX10tZ}oN90dZO0y<<7EI~5?gbZ
z!(pS)C{Zd<X(FzDg3)FqMi~qtNRXi$t4{D%n}-hB4J^v9vzlqtR6__B;X7#+0ejN3
zn;hieh#_5E-{Qnsyv(g^SjYO4Rh3OXxki70<B1W6A+JmLB=JvMBj<1&r175hRP;~8
z{8ppnA)O=s6T=eDRfR^<9Q>x|WNbENx$c}9ZVKh+-#G{)X<AMQb`mynViqF1ITodc
zBz1DjwwO8R@#-WHCW;$c$Cd<X%*78HS0B)!GMnYS?na7mNm#oI-jLE-io*)`%CO}?
zokr)LTF;3*9mxSkMM<5<Mkv{5Mvu;&LU5hrb==nEG|jd|mH{d>2v_kG+p0B;=A^l(
z8u7{>PZHFIWpC)D5$h)Mz_i`@T!s`IF|<hL`+$C!t<L4j(i>o)?m_u@KG=5mcxSkQ
zN~CRHk;8(&;mhE^n$sK3pYk5wRs*MLFw5c_HXdIwbAXKqukQY%gSEY*oQo885qLo`
zTI6~WIo<)dPK~Z2UGY>|f>y$y!Vc1DhAcqB|8LGiilD3I>qM%|(qV<ps-`)JgHNF1
ztt;>|{2N=Y4yd=w3(Jh>*T;+MtmC3R?(L5o!E5ddjpvH>J8Kju@TN7x1p}Cg%4Vqn
zjv5c3Nua`0y?mLJ1VPY@TY7Po1<HoY9P&V0R+<2bA|iA-YvlnbpLoVYMST0DcHqRf
z4s?Ik$^+m&(f0;ML_*iK5QxXAASeLY1=v>1P{<r$Kp0kwh=>^AKj>$Lrc$wBKQIVh
zgmW}NALv$2h>ll@K)oYDzQ8G(L(Cp*1$D?)@$-=j`4rM0_oyX;;?7SQLubg;v!qvh
zPL(sHi#ekuZ*f?*dIt|<CC7>^EA3--5o8k)U=wF=siLNu5<=#_Fc|<vkVJM20@}`f
zMUdEMXrl%JaIzH-E&#%sdcm_56~MQkI$;VqpdSaM1BN~n5o8kD5xooA;EfitU480E
zbWXE7AvhrkIjnmFv;`&-6?lv`JOnMNjn7dNfvFlv-$_V+7+4z|XE(ef3bX-6858!@
z3NAq1YO;P<5!m3FI-ptr*lJm-k4E+e@uJYUz6#PV3%A0CFpMUuJxr)-q`-IxRE_-&
zxY)I16ttX&i^gi9iGtsDp~++v2m1BNx*$)Yk1tljCO+IFO7SW($o&F@Q@j}`;4co4
zU6j=l<Ru%_8rpmr=)!q&5YkV2E3Fs^i!TXNnIhN_8%hXunt>Q7Q_GzUvzG<ln+m25
zwT#VYYGC?7X@OQ>sc14naliQp=wu8;>N^0~oB)pEky<EKKv$?#x!t`%NM;fH*Dm*d
z6hsyWJjIMC!2~RuDuE34hpK3rNhk^TgR1D=*pZC$N?9y9pWZrxJ{Ai+%oPYpWetyy
z0E{~CJ|0pK2i9kaPIQPEI+$SCqCs*{Cnk`&aW9fYhe8;tnBS_XLW2;(kPV~L3ha+E
zpV@r7Ihj!zF03XS&Y=mNoHCu5GUQ(>uK@**BHyvXGY&$?EUTx1xL~rVFjAbzb#W0T
zF$@UFuLjpar035l`$b@3HaJ?e?F*!@IieCJ*J#8b0vu>wSD>RguD4ufCD8^Z(PE-7
zgaEzB%uOn-LQ(d7<$tUgGE%`{;&7xW5>|vnR2EUfP=x|qN;%Z)kc4bdaA@;aOs;dm
zLzSaxWr&DnIFKN0I6xJkx2Tq}U#b26B#gU(1%i-3KOyK@^G1TkYQ2d<g2)Idil7gV
zZ$N^F{l1RMpwn@{FHQq5U>{fz&(K0IV2tLNbCe*plyfGCQ<Ml*lmpjAc0%(^{DBmo
z+9LBv{QcnKK>5sfeEsV#l3PirS(L8d!0ncJbc&9fw0XWg34Hkoai@C)*~&RoaQ!Yo
zUkX~&IN;r;0d68@SH$(a#Ta&Ey>Y=Ckp=XKVe6jFbc*eL_nvv1N#s%C-B;qim~xR2
zQ9u6n)+ub2Hd*Hu%!({Kp}Y35L2rM~iWe$p`Lk7^q3gFHq(IMott=6gy?Ot=gN{&Z
z!?l?~AGXQGg|CQq7M7|Z2?R3#wJh<KnOD|0)2h<p*xq}PnhI3)U%Ds607XE$zxu^p
zEg>jNiek|?KNG?oF%petQ$5g-8s>w0-5={XggPcZ3}O#6xhDISF5eUNpzJjd?Not%
zfM2}tBIckW`jORWma@)Fa>(Mf%z^t?RP;Jhg=_AihU1;x`l-*noAzh;7Fkfdhs>oI
zDuLUX6MqmT&tFyy;|SVQeNskCSj=i4K+Zc=x)y`7Qj=IIK+xb_wV_K!;-7VU0`0o#
z@g+b2zQMn_ut0`IKWt}8l}QRBg-WD`ISm!m$~DG)J}1fVV>RA>pe2I?l+M(53c*#Q
zlIV6)q2h#jWXkN(RvaMXYSf{1?y^##IY8~Ptk;j|m@pe1tpbpx2zG_v+Z6hMsD!u;
zlwUU!mjwz>`l6h+IY6`C0m_+b!=_&|G0HJi&ZD+~FOFa$Su<7Jc!cTE)W1g5n_rlF
zCPAllF_?p6g<nG2jZWF$Yo>T;Y?CndZRSM6qGD{{+M~8vY1lvLuV_)%2dT8{X(cyO
zVM^nGJ}*J4)VUOjzGkawS`dW4(4pdqw<NMS*v@oYZE9LCPE&2!*tTb7iG^O?91+Ua
zB&R16>h8Og$)<NbQ1Nfh@GBeFIAgd+H-6QPLg54tl)F#X8#k4A-QP-+L&eGZP10UB
z40iYT&ZbMaq{rL3za2sH`id8F_)YfVb6!k}m+TdCZ@<YesqU`+j`V&XqFoiNCX5ez
z&?n9fQD+?pE^NU6%qufJE7>aodTv*eL75tpk_qIX=e{r%p83;QA<Jsrp{<`rCHJ@e
zp5lsgGqJOsdPskMjG^E=$~j^&3@e5nanNn?pcWaX#TTPqn2JKAF1ns`xQNJXM;+G)
zzRwmkPrF0?V1xx$LKij~oh_x5ba~oqvE%JWee4H3nSIaNNOT3{haL)`K~|AMvd@MG
z59w{rK`6Jg(U5P)ximpyFQ;YX4x{_qm3T3d*K#MDjOeCUBdfE7{T!L@-S&lgR;nyq
zaR{O$37+rQ8d#19!vjy1o1{iAZ*MjVAXqw<qurSK{-(7PR7=kgog+6ml0ME+n;BK(
z-t0=Np;~?qp8DX!(y2EiD?Z*h8r2$^2s=It;jf8e5{(qK>`$Y{5#vW|ncn}<q^IFo
z+z&C&uqup3dA0uSq@gH&L&`WcWu!~@LY~zWwcBW1K5MluEAiR}y>rQ6lD0})!s3tk
zj?>qrjfN(s>lpH(PMg7NQhJaqP~Q#;<C|}X3$>D5zOj~+fn%wI5Esv<JDgx^>Z`}k
zqK-s>Kt9B)bKQdlVQ)2CrVR|^BZ>9Fp$sf~Lgz6q7MFLE1c{A9V^>da;PGg#unrl&
zvloxfs$s&maxJNN$Fh!(C$-61&J7vbEl9AM-&XLeEwgR#5jF&LN@-_a6TLu?mq~IP
z74<c-j<~G*nfXje>x;B6&^}_aU##4sTjJXvbX|3{#%is|JI;w=>#Mrj3G->Owi*PC
zGwaAP&{l~Rn*Mf5ytDCEvtu1CAdGnU1@Ca=R@9lzbc&b~0v_xtEDkbU<6|Z+iqK^L
z4x8T5dZ}LfZ1>q$<lh2~x?!h!O1O&U8Wd*K@1|0@=ya1s4Nj?tBk#sUX=$*E;x^zc
z^hYn+6*Y-8sCQ+%DZ`Z8%Z*3NOsRvAWuY=_VPl<HHu!NTC)JKJX8p_nmda+VnHjO=
z3-f}0Y?nIkNx&1nO}76@+ZX~`Vzg_ORT;5Udw7K6G7l}WkmIS|weD-_iICats&*Kw
zvB#|&_d`!etq7E4D@aL%uXH4#y1jsfa>9T?M7p_?N1YwGO{<+AWo(O+@ZA0%03JZ$
zzX<Y?uIiyp(KaWHYS_&|43Bv9Ef0k#9oQ_qJoX&<+0WH(8+m=yIlOIcMvC?Ln_fh=
zJz@!BGj!&0F&`+fMn$DWr#*z?leDBX7?e3Ov@g_DPdE$A(@uaG4o5Z-WniKR<{uOE
zJk<qQL(oJ3_K|+;*tm}W4sC|;1r87Eco7DNeGPDU1&nSNaSnp#c|Rt3#MZyt4`}Ww
z8F4{R2+u24RuqQabZf$~aC0L}WczzQ+^QzSN)^nvRhSTuQsN&F_xxCy^|5@QpP~dC
z%I%FbH*<KOBB-pjljluZh$n(5qRDwvGuQlI%UH%^=**IcXuK&1i5CURBh(P8To*a3
zI$3Npu<b`QN@Wijarl}yNemH04i}<z>)SsLEXSA<v3NPm^cT?0icvJtSwA-2#4uYk
z5MvA8P}LEHQ2i5gCa4-Xa{6UVs$n<RYC*0bP(WlFw;AGTW{vQ0XmQ|zu~h0*1go~g
zdr`5M<UPC7_k=~p&Ji@5wFz9S8ZN%NV6x8b5}6y8+(cMJ3FM2Q*|!;sqD(8wGrK@k
zwtL)i#uY8s>`;M%^r=svHBFUbHY{46(DF&p<3KE=$V3zg&wh<^0}+fhQe@n2s2n5j
z!TWtaZ!B;4N0(6kOJrtvU-0~~qU-%da3^upl9A(M@T~EiuG#T1z~nQUVtTXw<<JgQ
zbZt1FmCh##_;dA9h0o#e4%|}DLgBpuSfs#guG%-7JSK|hdriD%oiAAlFc(Qlw}ZzV
zJJhVD$)W_bP(>KOEwY^^xxBDSHk*pVL+kTm@#P;E&wywZ>~6?%Wb8z|sQ&#+$MOt2
z3#tt*#DG}Q4Xd!LvUTg%2?M5qjt+7K?GedSme4^PmvQ<?mKet}yWg^sLmWW{>9IN8
z8E2E^>w>R%LKP(f&ypC7!A<p9R81D5;z=V$l`Laa4tak35@YMWIV;x=$*T)d)cL^R
zjZ0R6b*pWT&~goEuP$<BT#I@!8*nYWNzK>b+TBtq;kwMZ2d`?VHC=rK)|x^zhm?Tm
z0$aL+*0sdpXjPQxSH}uoXw=tngt{|*s-f<1qA4N3#o!bi?W!Y|@uVUrY_VS0ALubF
zT_Y<QO?OrjZV1wYSCVBbC{+T%5Kx~31AvQ0v@#vdv^0hcjr$5c!X-y(0&$}d3g6uQ
zOsv-~70T<i=$<XJ06n_cJ9C)_EGR}l3c+LV17quPwCe_2c7z0Sk#Y$x+ugimnV{($
z%97vG?8wLZa$dY;#k$(OB+ossMe#?libYSUS!P`|9VYX|GYQ2x8=#(`*r}Frj%5p)
z%Zg`tJ~vhRDw!@9g_vg|xmody`4FBXW*U-{yr{^LLWIkRwxp7s=T1LDNNDKG3&Ub~
zU=5aP9WVJ$&M`nn|4Z^>SRw85yT7W&UK<{#Lo>9J3Zd33a&`Iouh^+nH!H2(;P1<w
z#pscS8-RhPKE?|u1BF$HF~~$#C8I8t+!7oNUL^$0{BZW+{rUT^Uy@gfdzusv7$!;e
zd|X5qQ7LJHis+V=AXS*MwQRNG31>ypgp{zN;w7_&@)U`_qkUOX7z7v#HsTI|9uzg8
z36wjmHY8`cC=oTUVOB6A;YJxcuP{m`5qXZac`HF~7~7&n5*N6EEXeDu;@b>%@cD~p
zuIs>aCdp3JCCNmwR{A*7GsQc~8gzRkW1XavnW7YqCZDM8$p0kIH;xDtEAZmk&n8~t
zbl1jCoZeYKr`FFK>*w71S=zssr++ye4zUQ_t2L`$fy8&NryOy||0eE;SXHdR0?oQy
zJLr||x$Vf2!@K+0ugMk9nWzUei@hazr-7Z(r!2@F<xP$ptWT30-mH*EIQp%wTe(f%
zf)e~zBvB{n2+i9idRbXdy#R5C0h$(up9-;E(&WY^0ICzbf?^fOX$&R15GgsoIF?FA
zw=-tQ`oqO5!isb&c;T)i|FKY1XhXrG&Q>dyR7!}x&f2M7gMp^3UGZnQa7!UFHkfCo
zR_>COx2(L%B%ZyP)qADSidNmO-d-x<k>;#oWp9=czU-1}T2a~HaIv$CbKp2=>3d~t
zMHsiJ-nvfcS3G0aE-;ttgq0P(0TloGhV9^=c4fLowQy0*piG<4NJxrTs+|>BY;~b<
zUhOdG7w+jTEBOjypS(*2eYQ<`(DCB@6?om>(LfcX?o`Y-M%jbt3R+RH(@Pea5vENU
zkL7iVf~)PCWHgL!B{VASqn0f?pcK%tt@4=CGNWNUltOgN+1*oJ_GYexpSi9}_7t)r
zp8i`*Qi*!5zJ2{Im>zUkZY|lW&h#Bx5W3~xqYgfU$|*63v^7uv@~Eb8V;vf~+LyWl
z$=!zO+E&au+M-k%eZ+Ls2{JISu{i4?dfYzIWorVsq@Nz0ktHQ_h$`mkE<bz_AR(U*
zkuY^#anudTfC#(=A@AZ4d6%qliRqSZ*lr>_d(ZET?C86IG$#^c_;*ipBAQ1TF;YUi
zpw-3zQNB6@Da*KtyLu(sw|(}sku)sg(5cbHN}3rUT3AvdlmJKfAqtzRfFvGxajv9M
zR#ZIksC;A+C?n=E36!DH{q89HBv4KQ<s?u}WM>j6KYyANBT#Ci;sGLM(u!qd#WS`q
zTl%Fc9aZs|LM1OGOX`wc-tg`BV1JC9*J~~zjR*(P5jBAp1tiIslcUYGhc7gi<M=Gr
z`G)N-1KcdY$%f_?7K(#okK=Pe9`}j(+X1{SlG=uO+ULyA#`3ZVP8GRsaU5zqcZw-!
z70H?6xKfxS`MFUPCpv@+q4UQd!QENk@38KQ_8(!otdJGNVLu)X3(Qv?|KF77^>0^K
z7oUaal}E-k0XimfrZ!d?rh_X7018$q94E$OMQ@lS+ma<L1*9mbND3ZRh_1$n-9-~~
zbv^6;p`z<+N7LYDwcnK+dfkwvkA<NHilKGh(_x&hcDdAb+6$I2DQO877FNi*+zb2o
z)|Aq^Da4(`cuq&Nx>ty{!qeAe-<Ti>4V-npA_XF$b;k`m;Tm-zO4pKt?^zSGUIj1+
z>#Uune-H($VzO#NxCZ7yZz<0}K+|bIp4|RB1C-GY0cxp0P_xS~9-tT5C{nN&vUlAJ
z<haI@)gv;_(-INp=f01bSbv4l?%{#I6>A+D-w&zw#HSO&iaH-|eNK*s*L$wUwaSO@
z^ql-tI>PQk`y|$H*)5CNBsJGez5D5>nzCg*%!TG4Z8`pQN6X<wm}A8BAq$jq59mi%
zBeGH$03;h&5YHJYA<qC4Jv4})x2jWjU5}*|52HkDAg9Mo<e@=@K!`6{QD@XU42Bov
z!&k4q_~MH{nUf3UB;ao*fKykky#=>{KZ{&_H)|jk=g(8s+>6bZf6NWiWYcI}aGg?+
z%Nda_14}+5n;A)G<ZebBvVLICP)ISw{Gwx-><!%8f^JeuB}l!^1a%3bcI<8?OuDrR
z%vKC#KyxrGMLezeR{zUXWLf0tQ@4mRFkz)RJ2}0<gg!Xt$*T_@stfv)H^=CK5xR_D
z|NC5Zzem>lBGxIa?;WV?`FA^{=Y@4VzkcV|?SgvUSe?#sIUkuKt+*2@ydhS<G+DZ`
z3Na2+qJgD3Ox%P_t@v2!57z4jZXxf)Pn&Fcf5L%QRY78hcxxpYS*nO4b4n8UZ3R)6
zeuQ$T(9<GyYK#F)g9o|C;8;XSJdWiGN8)Cb`!M=?>NLC!no3&<SlacV<SfG8#0%0v
z`^9Ew78-P?q-~RF>1lE-YN;Ch>s>)}o)|FSGer0GV+7m99v8g}3k4AKx>7o1gB${(
z*Iv3US!IC1aGuhGhZ=-b>|I)Gf!iX662R|RQI$JLcowPRL5t4YUSDslr#Hq6x}UuW
ztgg+vGT;dIm;-GRvK8rK;EdTOt~-F-X(hX0n=PQV8s3e8DrrigwFU$Z5afggn~XZ!
zB;M2<<1_Ro9g<ixZ481}hwUq(0lXh@@I4k}@96fM#DU~=>-Yv~sk_6mfWSd8;CLY5
zXb|Af5&-yM@ZYYc@D_O;{&LB>k_F90U4T^}5&5?ER=2TGud(>`Xnmt29zM-!LD#G)
zbs*<0fqoj&54@Mhu=?ptey(TogAvAhr;-;BIF*JrgVUkuflDHCURAn`0c}}=FPaA7
zP$0!vNzD2V0Z0U`G<rwI6JBLI+rI%C@E!No$OkZ7M-dUUpDo(aYveI@pD?e)hXedP
zFJ#~axp5?`jm@AZE#wYK`I<R>w-18dAz@)*5Jc#p83izehzCdLvFB9Mgcs|>ESLJ@
zzImWyviIw=qYMGMy9h%7YBM$xk5NGSh&&orr`{$a_u)~1g9_dz%aT#3etk!=xJPFV
z2aTaFgV$st)z4%iolK;^jEQvbvOW^gvts0aKa?+Ib#?JJdk+q?!s;-Dn9cisFJb}1
zE>gD5#Exlp+yo@l(s}2BRIBYO^Ts!~W`+82FEj+I4X^6#l2zmn-NWK&T^%9WM1Y9O
z7C<{86I9AN*QXJ~GaM~8K^tZl13?>Yc!pkH7ZqAPb_@qX*1l8fL5wN*d+T)rO}7W-
zXJORY@4Hst3U2B&-%4K%0OEGrfb#(1cQn~)M#lvo<Bgsh-%7}m6%VRr^=7GGlz`5q
zYj;!q79bRPtbsIaV2d$jLf03x+C&>(A+j0=XYd(y92zxnd65XmZL9)}LS1tdYt+rs
z&64An-by@C8a+<36kEE6qZd8b{)Z%GSWlcufRxJh@eWi2+v*lfeHIgw3Go!|@)ZbZ
zh=R&ppa>%^MO~yCkG-ij_^vnL_f{>z1@HoIqm8kD$ttSu!}G=SXAfTfQ6PW7uX<*3
zBTkyT@!%1ajHcffnKz2P2ec0d6h1_tJ-*Vxs_?73l2<Is20_Tlie?g^z3QT&T&D~2
z+Om4UE8%H|qMBvBe9+z2g;L<qwpY73vQEtyAN}>fHMggFbVN?@&0|SQA*#~{Z?B&A
zoBM4UJ#{GWr#Qwov<BWe_twX=27hH6ddnn{Jm(oL1F+YXAeT5RvaBn@id$ZaLPJNE
z9K;063HIMkzCZi$<NLFBZ+tM1x}>j}IaKr5n}O9;yK$kh4s5C!zuFa`b!I*g0#;Ww
z%>rw{?vt#R{Pv;uKMY;ja7E`Ep9<X42aqi?Q%E&{pKR+w7b2C%_P2_1waEE<4LPNm
zJtM_dq$qA*HI0LAQ&lwCpy;K$1q6JD@<@46>B>%u-ZvT?peFwLhV5nujf&Cs|6v_c
zc;B_ljo|xd^V5F}otlt{guO-ycW-n$fK}{)>FMcA0Ry<XAaC-mrz|#>xI*?vv#isI
z)EwVZJhV$FRKr_cv-jdsZB3oA8My#*(f$VR<a_bvo+WkVykf!Y<uP=1mg^g~YwF&?
z`~WAx1lqLcRaXRZ&#Mx8Jss<I!*-YqQE9^(mx!wCc0x3V$7I01x#zNy|HA}r<V#-Q
z;B+-I(e~<WR96QF%;qe^VI8{2W`I#E-DE&mB?GAH|5)nCUQx&m-|BQp{{&1JuNeVG
z@Z$Qw+}`}FrdgN6<FB0U>W{IWGry&oVrrF8x?Gyj5}ijHA6W_=Nu#Kbv&DoK4e4o5
zf<zH=OUsHUbw*2~?&(^TPP=G03#vJ$mn;!Q8m9(c^}p&DbJ((yi_`>+yH9@iqMT@a
zb$w>V%FvzWQpb47s&3E^)NM{rElS?p*ai9P&baD4`9-8t4qcB?Uz@D8%iv{QiIUy2
zlANSMedBDB-SR}q6#s{nLKiAnV~D!GX2uXum5l0YHqXcjeC8f!p0gB7vz!`?ce#@l
zbJor9*Fn$=8uU(kA;Y@{1OwmPt{8^>_l|;QrCyqO-m?&Ksc#~hvij)+A(Ckh7Wt<-
zf0UGL4R;K0&w)2AqL#>z7*&a_$i#YgxmC*9D^bX*1PU-hZrY0UST-#Y2~A;21-5ml
z92F8dTASEgx@6fUczr|}M_SAb?i7(6%7Q~jb4oJRw)=osX(XvOqh<DJOdh6drCs~&
z&i_$D^|ytI)APJ?xuK<t^alxcXA)5>+SvqSN&yv}7ilAds^cOTAZ&XmD{YM$T;f=?
zS5K6{M-y#ks6=aN^77=iLW~-KwqWv-B%;JZ{s^LLPH`%7%AGh2QT9SLex<@ODMRJL
zyQZ|>hgeB8;}ZPj-L>#)fp*0=^b6R(fn_{<|Jq+fFrs>Qw@gESv#c(0B2h!vXTX&D
z*1T$l(%8(D^Jplt4#CVKYPuQORyBdG{(5*uH?3rktJab1BNs|NTJl%iD){y&R2{$Y
z?3k8_6r&?12BiTcgOjg!Yf!8{FJ|PusLqQR^dU<Ie=V4NFDm%Wqb?l|cI3ioiA;yD
zD|QVPt+3#9%wff6Kwdd7h$!_6wL*&w7T-0G5tR#3%t5~KNJS*-$l5EvKcuEZ-C58c
zj}LweRVTI?O`rrOEFM*>sB{>fkerokMz&yI2(}qP|L_@KmpWqc9}E3y9;(1(4=V@~
z6*GEZVjvOtV^&ATxJIw@K1apDAP>svR^6=s*BH(IlWZw>momZUj7VOrGuHV|+rI5C
zRO=lbJ!Au>1z{LysYcc3|4J1Ul4<lJR5!gX9^J6r(QNN_9-S9Qv&MJUxow8edYc7j
z&Jlcfbf`EHal#^A8IKOrZqGNK#Di|A#k<ZoMtG^T2-$LM*@m2X4G<uALX;e;_NXX9
z1d3L{6PhKp5@K{1hicqwr8E+DCd5s>HGA54PI-ahFzt9jWfdNy#tqxeQK7~6+ik@{
zKwaIYjkWWM-s@7-aNkUc;89EAY}N!Q*|WrTlQeG(m@82(d75Iy8yJ8ub7(254e4#X
zx-lKyX3>8G1EAfFVwod|N9ij`#W9$B76cjs*)J99moQYf0j6+maI=EiAhjT8q^Pq@
z@qgwurh|ro_9nRM+EBYzgrVwg{Gt=0<(YUjn1H8--d)1;;zFcX9TnNV?^gDmu5Sz(
zeJmv>=7(itZ##A7(FIt01fvNvLRY4emsH(f-mtqU8g={*U+$$Sq-<R>EM^4P3$9!4
z;nqt=>Vn-ewe2aFy6UirnYdOb_q#&Uipv!^Q2*y^@m^HMAL1+|11So<G~un%)gjX%
z<ty!lRR`scF}swj+kCd_ni9-a(0GcC0&n=-IulEpnXC;rZ@Suhw;8$qXKO*|48V6s
zfwA*76dgy4g1Ux3u~O(-o>rs17d`Dtk};?TO$+jl7q9XCUcobnar|QblPDNTvRYQY
zToQAPp!h4e6rQ7`04ofHzcO^SLkQevF|-0wNnSjC@$~sirGcPNh)RuHw!hlX7vyJW
zi)tp%$<Ofr7yAESke|uVgj|pdV*g+LkNiyLYLWHSe5?6<)+MA?#x9Zij02m+E`j7E
z!sBjGQ-1M3%(qbIzapa0Ej&MgDV&l!upH*}2CdR(NmbKK4ff=V`Ez$Pf+)Jp+;X89
zrJ3o;^V3CV>QKb6ouac{Gxg4_VbrwPL6>fNU`WAPvAd(YAVDy4%bMRZvf=9uEA41o
z@Q1@a<|e-uJ9ASoUM<LZb$l$rppIITPDC&swzj0>b2!`2w7bPEVd)G)SCG5q)A-`W
z!9I<=xxtZQY4g72L8k*$$`BOi{8B?We%P>n8SOqb(q$lhfds_zC!k#1p;YZWXOMYq
zxIGE5d+<w1^6{ukFFqcDr>aqCbcm%E8!>9u*`~P`x|AkJNk!U53?D$1JL}V12llU;
zW>S&<H8|PIy%q608S&tD!4ySd(U%1|!-Fru!>H!rRYg4e?A$X$6Wlca4g^>89?1n{
z)~jYTA-Yi91bpX8pKXrcxqG9UD_ihvW&*CX=Y%YETo?rplYKArl6#J+;x%YUY!qQ;
zuBq&9(=&ZR;Kh*Z7RLEQpFTF`td86SQuJ3IChBG815EqH%vuHCNcH=FjN<VvFZVON
zmzpU@GHLw3R~~DR>EP-7<4HT)Q;2vlM8a*BYKRA5kG3A~MI)d{Ue!QAW~5+uz!lZv
zc<<A|qUoeqo0-m(+yM35b;hup=t;G)Mw9#E<O?z<&ra1TFYp?{CfcHjV$oit7&TC(
z6sR4MkUj&=_k@S8VrMCEZYH^>*fo1HpwxAgH{bO<RH=I$o?M8Oovl{9;MMLzWITzB
z)H-^<_npO~H{y=mF<f>ydd~S@fJfaP#8dT;=4=6<YFM3?S`EtyiR2Qt`P(gqIMR~6
zBy;jNQHb&-O1-Kp*|IX{Fuay2UL;wavec+&7Gsu5JUs{N#LGilZ)_V`rpFuZ^rM?6
zf-j?Cv^Ki|9>dXq+6}q_EM&E89)Vh&fJN^<%{3ONz6hq?xOK>Vmsp*!^8%uKMS(}m
zcg<EAb>*Z*SUA+mUO@=Q*h^r4<+}pVg_{mw_=xwo4<2jZ;jxZ8o*YHpMP2FMW`t$}
z43UZ<s$a1bU-TLx+nE23Dyd{PYQ-DPI_K1Fjp$wwvk(zS-`ymp;vI6#-PZ=ja?m+<
zo1!q9>=!-f<}7^^8IgO{zHf{~Iu9Lo3k|Ugm;<V>&e<vfmQd|W&@vd8O@IPVvASGl
zOQ}i%<|!+EDa^n?H5CNm#7uEPerQ`Dj3yfl9mfv-!+mkowjM3(<c3woi-cg}+qxo4
zn$aRr7o{I%Qw?Jds|PyA7GYGFmrba#ltGtP3@QhV-h}xSJ8DhzER$lU$c<@u-xvp7
z;LmQY29y=e6d9{@s=np<()-?H{IqcIPoJ<Z2wSYdrQSPQN8Pl4Q=Z_+tuVr>s*{H|
z(O4ZdD2%l_MLJUgrPZNNV>oKQ?2br@lSeb`^(UP|XZ7k4MmwW9uZAo)hu-Hs`&67U
zeP3<saxRE9qxzn@y&j70^A(`;2quf;<HmZ0*RdZTsl=g<Ug&K3#E8G7Vp*mUvyEB~
z>SrZd{hLF}UCW$%KL#4K8`BO<lW1>15@%#tyQ$ln-zr8JW#B_&=!RumQnIvm1~zJi
z3%LE6Z4E$>NKF~ZQD-BM5LU^3$vaG&uYkUp<VAMN${pDXDS>nViKkNXHDr1P+>^9I
z4H9N&l&vGJZ5@FXM|8;ZW7-2OBfj5m6;k}k7f+u*eZHsQI~%nX{|or9waT0SpRWe&
zB%a6yJ*Uo1i8S1MeF`tYj{e1IYu6`VJbm%>`H7nIi&Hgw%QF9B{`{19z(G4L>X|Xw
zvCW?sCUIGmsg5Dno9Jv-%?t~9D88N>ehb&ny0Lcx$PKs@ctxJ%qGV6phrVgYX*+kB
zzJo}(?zpA7F$WI*t@5&?`95hMc<azuct3hnmsh;`-xqH_oWFbX{_5=QOLAp@+Ll0(
z4ZaF5tQhklzV<M@69ZT=(C|Li$^M@DV_dO#+Lc<j!P78QLD@KX*!@<NRRcA{<bqt*
zTlKq88lIALp>D}F5hd0&xgK9BLp9*|lWK8T8}Og)MC2wkD`q{~w=sZAk=14ethS(A
zX8;<2x+uyfyQ`;;%=P*wzCB=V)Mtk*fT{fyG5a_ARSXo;9(g<nkXdutBu{Kham!Pu
zO2Z3NbmPxT2L6wie^#q7n5YUy-nXpy|JeKf@5XH_-~G9N1<v%HV^3?zp6P7U&e?5_
zV|!9>=Zn{JlI}^m8Hj`=)Fh!0pgqdV``_Qey#NVHBnV3KjHe-fXeSm40vEu&7x&v|
zt`;xJvu!50U^HfJX(W9j7CRNy^*m1#dIhnF<`M@diAp;tt$B!udjg|CpwF+b&h)tf
zur6C_)Q1Vu8gFNTE(2Ekaz<iAw~Vb+17=`>nIL{n_oX>x#-etl%dVOYQtLrHo4?9w
z)Ly2<QxG+z6ly>b)HUcyo0OP~DV_3!s}-T(<HoXjthDIE_}h&&reYnTWR?huh3v=)
zQHxv@^96a<Sr-2>)MDMD3abhRB6w2=9biV#uysrUv@uZCT8jeT`@C=lR3d{*T;9B%
z7$9|v<_*?V&5XfMjY7G3`rWtzEk#i`Msen#+|oiVM6S;Uur?SDA~5O!A&6sZufzq+
z-5H%VvIz4%5}YbjdOupax5of{+3;DAov_r)5Z(d#e53u!kk6~FjrBAGrsGuH{PlvL
z6H_?0547(FOmzbbc|1&FcR*^g9Vj&!*v`K^+u5k$8!(?=J<kc~KBDavfk|UMI}_D#
zb_!b7Ci;I>?aVWyzC0{o)9KNKYMOZEbhJe9QDPc0Dx0x@ipTKaNNc0$V{N~Ul0l&i
zn8%<{c8%^=$Jqyka!@D-g>qm!gF^ZEc}|Ez$#S)&N*PsZ8KO&U=$3x1$`t<Ir&4Jh
z8<ShU{1)twf%7^?ABW92byZE^MID-C$j-TCtKA5VwIUt`op0G{(jm<{Bw5qEx|QP2
zv4_dIP8s(=@@)&*7RYV8W!htwXM2Vz>Or?K3AH6;QTJ{LkxXGysaqoXrBRS1+C~bY
z^XF|ieAYK6%mn>MC0Yc41@DiCdFR_s%uyLBvGJ3ycDanFJ&JGUMFu|5oF#(BAeT0<
zV=N+$WO;LWXnj?fQpw2S&E)*622=q*s}zNLH+z@IEWhC?`;KR^XenQ@1|(j^NiD=Z
z5eXLcE7VBLMnd;@Z2n^^imWw;5uNEabsfSVaweCijyOPAP0qg}Dg6LcfE2gW?Y{%4
zNpmI@<QchNppro92$dDd6-}4zanL62(scWm|HK6tzo8#ACCR9fv`=9M?^@$-#f-qD
z%rI@S`R2efglJM_3SUc~jt%fH|4HtikN@!J@ktxR-=lP!dyZTy{8lUUmP3wh;I|$Q
zdTR&RtrB3Xq1(I0sfWRCHShjDkXxR0^+Ro~tzQGqmdPk@!`f;XxZ4X5y4Gzgs#X_j
zmqpZCmgIHNw2n+E_nej61mROn#(y)3CradW&a@6<_PuN%ZWxNizVNs@u(-NZ@=gq{
z?eVuvA?H>tVQcKIPW2)bb8AbyEeBJpb#i^MwrY4<tv&X@*{Wk{wf5M7vDKZ->QO8A
zhO5;%iY`2@2f@<X8Aq%8UeSS{^+4EJ`^L@cT)qIjtSzy!yw;2@ak6}=FI!?{c@g}!
z!N<Y{YTvrsU}JUTU+tE^;=#OX#k<-vDFvtBrQ0A=3e{?Cr%hKm+?}FO%R<$3PcT0~
z2jlW{8)%{pJ#K13=Ih-$jjO>ljn(KhJE=7F8s&QJVtc|Ma|WTi0FI#9AflDMC}L7#
z?FO2y9N}pW`%*N9dUxVm+{=rEO2wnE5)s{MY6NDoHoaM!X+}=Jn~-xZZ#B7nKoTZZ
zcMYzLlG|d+5(Zggpfsd3T40v7DaXY=EQR#vs9W0fH6}{j7sqBN{g&QKhSQzu>FS?Z
zo5?T4>N}I|*-lO5#^-G*0Jwtz7!I6kYk>)Xc?C+ZL_zK;=F9-68Iv2nd`T`cSztje
zwf31#lOUvomWe~t%1~ymU=VnX@IB-Lb4)vYzfaf)_2S79dGcW<_5WpRCZCMSWx7mw
z#Ff@mvKh;B+$~dPUhwwGXRdnkAe+MbeY7lV<vAAQUhB>5PD@0V=OQobj5@2Ug}1jy
zNbeFUcYyfdkoe5eLB?pPiqH$6_n>^mZd2zEHI>9$uR^zm4SG2v0;{?nnF6#}?1Rhl
zA#az{mHoQrz|JOwnx^Kb<CxtY%a}epf+65e>F}A>=1C=a^6bf&Ossx%<j%W%&fDWm
z<mEu1F2czZawu{bQA9J6FnY&q7LaB%E3CTwv^ABM1XisgL6xh>HkiE!_6>`Xl@}&g
zX(sZB8P5+s;-!vcN||)mx}D@BGI$c~2f^Mi&%^0t-+&8j#(ydpxjeTFe#vslrP3@T
z=JM7{C@XX|rL-hIJWc7(A|n@HP0X;Kej=jnhzDya<kh=9t|R($ku$BA1SvY@)9cEO
z{yRCRilUAK9LSfpUkXI6zDxnH3SM!PlpXYm2-yDojfi_F70yeRW&c%=@C^S>Qr#PQ
zD>CMf*STgiCi>(a;Xl92xnf>!6eNQ57WaGV)+S_Mu#<7!$`GrjA271WFDw!<C1$hl
zV;0|BU-p{BH`kYT4*H*BwlRDdqMuRjXZSr8)k;r&wWgz1qTJ-3dPh$;blgDg(%b9B
zhw;bID|e;&Ezi8MT=i3|p9aTUR8>5HOYdYsH6tZyktn|O6#XG~%j*pWC5!Fu(HBqP
zQskUrouc@qg{bM=fv{a0J9~q`hlabBIEZ?aclUURX3DI5%{YlL8(K2;bZoUl#7zM*
z?97dNt30K~vta`zhx)f;u&q8F1JCT#dloF;P?+qCtxD03`b)Pgwj9^{z&F>IJIQKa
zoZ6<W)=xLeYWQKo@;e@}jthgaQ9Ycv-hMO1pX+9_5$C-mdi9Exhj4uZ%sLbJ=7KnS
zCyl$n82reo;YHB5USnT%x<D2IoTlIW>>GA^$PnSr#B;C$htz$5D+0GaV#m1cA&%H`
zF$;qp(2u^F)GelGY`Gw>CZ&e$coBVe1Q@nN`|5!t37;_!fOinws>rwx{C8tE2lfrU
zy4Q9s$Q$Rcltdy)uuzG2_lg-3qU^Ha>Sl_!$?@%<;PPg!X~(z#$JZC9=Wi~?Y5d!T
zxF0DoDkK|m<&%s7*o1+hjUkABOOJbxG?<&zLX+^F4VuJQJrf$0TF0gk%71&wsR^8<
z#{5<!3DR2Sj2*d_rsI#VMO229+EhDqiq7jA^tf*^Kt9f<>?3XbG4AWMuHLCrds6#*
z*X?m>g5_`7iU2g|OyqiR=JmbAR0KpgE+osx`02+&+%7=}gS}=grH|T4d(CD|lr?`Y
z{lR{QgBn;pt=6gojig3|*H2H|(6qOZl(5GfK>r{i^gSg_XBN|TIZXPjhHrZPwBCTi
z6;Zj>^>P{uh*HX7#r;ys+0HahdG=_yLAQ=+RhF&wN1ny)R9`b`!n1V+()`UhVM-sf
zuX?uC9z<rn&~+bl<Jnp#f4Y)CB_sU$Xc<@Ze>{%kx>3$=AYu<@l(U|=UZ%OO!D442
zF5jKkjeG>{?@`|SgXHE8<P6jCw%0={z6?n;65~z+R59dMZU*6!<}_uB<rVaxDM6|K
z`EJRwiK5Z1*DEsU2cNxuu!F<bZW~18Fu7(`pco#YPk9<YvER0{@=e{6R2BxQ>jLGU
z5%Uv6T$f@ANZ_p`KujB7cvZ;RH9WkZlh%2u&azVdmnl~z!|}TVnL=P>MEuv9O=Q67
zK&U&=XXC0mY==!MQWiI+#8*B!IXOY>(=WdGf{2_@60?Y>>koQ6#vcCt*|RbEpVK$5
zA^dTvBx0xISM>w6jy(vMy8YMW-P;O9uKp(68cTB40*C#>{NsxkV{*=Oz%t+l=*dQ8
z+K}N)C_({I6VxRC-FAV{3JMT6F-?Ha7s_Dm=-r#}NMQ;hvQE)~M@4MZAC93^17X5P
zB;mJ=%;eX(D3&GCsR@wv_GywKaS+vBluUiZIHXSdWbG`$(`y=`0hYO~RmS$=_Y)J#
z0ihq5S5g<O5sRI&L^fS(nTvnI7VtZgZMLVqtVpADTZ|ybRbUaEv=ZV&2_Xot1HI}Q
zLM+`{(q6(L*%Y8;w;XX5sjYXu#JyBx8$BarrQd*t{2B&IVV=Ae2@c5&1`XBLT?<&T
za#3nQd6KEZEE9xb>M=7Z5k}hEXG-&1eMdALc??-6vaIuxvxF*shu)=>uH0;{&aobh
z#|OwlL{6llxjFOt?>-$Mz+k^t<$9^N7>agVT#eRpNvNUJrz`1nTL(ddYJ0FZ_gaW4
z?GVci13O5KRDQRmRL0gIn-ylQCCnAZuD}iGcCR8C+XDz@Y<<Kt<{gL7wa(<sfp--u
z%j+OjFrddi61h9f8QY%aGPW(HGqz9}jV(-4W9#zpVXK`n>*mAh8<vWkaaIy7fFeqe
z6x4ppM8@QeVaj;8=v0cNP}q6MW_VNQ>6O;U5`gVPW?eo8Ts)xL3N8zoau>@t(+g#E
z`zjVTg1H8`hC6TCA+F&rlgHyVckJEN5wy}Fm4s?EvoF}BhwZCuf~pr@>@LL87qF4~
zn`<J;!z>Aslf$zz;m!sSU1o~qGa9j{u7!au7c6DD2Or)BL)x6T1<hiE${evA7zz8J
zSgzONY;sBBoZqorlEbfjsq3cJN~`BT$UFgG3J+9<$1Q8loFi8a8)u1A?7E_s7M8Kz
zZ;+q~tZ*fY-1xj~!KFy#`p(^!2wOF%`Z3p6klexSMkKtQ!*sU`jjmiS?a|2IIhnF6
z7S0NF8*p(~fL%)}jWrQm<z0YI*qmj<D;8)+Wz~mT+Er+3pdfU)OuWwbAX;Z4W>>{D
z;c_wQZS-$?8H2CND|;6XH7UIf4Yq&DGRZ+NS*y6Cm!XS3>jy?aPG7=IogV$u+iLvZ
zcBgo1T~WXBO}2F3ArVayxn2*$vVFgfuDgUQ?9}cwt~a5j2!w8+Rxw5daMs_6B1tMR
z`7|RUvmG1}nk4o+RlNZJXme%`fN$Fk&X&*K*|L2UwY?c453r?Ax=LSF%?ctbu(l7!
z>yt-#s#MOWh4OFNKJbC=7&_OoM#}XOfnKAp?!d-IhQN_?%mOUb<-y%#jFnOV`T+jX
zQ?~^METRHx(E&fM<6@#|p?hV#TQ?v<0>-(mS{sY|?4IWF=~Zj~SY0Kno_Cc}`)8v6
zPN$+!HiyCE@Y?i_eM&D_lYz}to?rK5dACHPm&<3qBeFw^ZQ)cyOPROV!KpSl)jkiW
z+9f*Gv?NWqgrYh%eq+l}`K@$){TAmHr$hC2J?+cU#Je;ZVGeDziffg@m%@OR@5uuK
zeRW)58s>aZrH~+gJ~{^-59CsGnDwxMvO}{>pk$Os2+A*y@D{K4D`=KW8ZmD*uBw%S
zHNd<aPACG^oveBq^7MKIrmCtaTuPz^ODX*Gm8M%ug{`K>CDF>9Vpz<C<*6iMc2tYY
zdvf=z<L+)-54RMt8^%}suHH6F;gzOxy;-VS@d2suRjVAZaIBHC4=~*@12qBlY8JeT
z!PpjL2TUEZr5mwB|8RATpyOS+506SqY~6iWQ!PSHVYl+Ju3&`p8l-~M)r^2{L)?ds
zb1=kt6yQE|G>ahTY>4~N(JzA7M34qj(=r0O{jA-Gj?la^p2SU8VgM0b`!>)Si$fT7
ze_Yk;)kn>E5<|{vUUMHF9E`^Y82C|L7z#BT{fV$F5^<=PT8}Z83e>8~6y-WkQ#;;X
zZb=;9UQwBBouXG;Dn*qlR8~AP6E2G+2J1w&2T2m1awr}U1LI**NpgsP97oF{glCwi
zQ<jQ+byRkvU$6CRo_HF<FLOqsBF|Z-lGOw1TqWhYlG&?PUzEyS2IkXJrUNfFX-Oe8
zB#tW+(e|@Daz}I7J!8^e&5HRQmm+ApXo<Lb7qD3g=qY`eT>YKk!8hW<a8rNZR9i*P
zY|cj@`Aw0{>TIm(ywCilacpxS8-DoxFQW=>;qZqs{Nr~|zkK?O{g2;2eR_EK{omev
zeRFm35B~I*@3SJk#sB){@OyUgkHAizKK-&8$YH(JG(MiGk;q3#`j=3vE}#=jpl!}e
zC8SCwR%+=Fu+{sh*qy~&>mzt@4LdY`<>N)Cban(TvvVGp!f2naCoU+KE=5lB6^V^$
zY}KRwg;M}y=c0cwzL@8`WHF{J=0)10kOn;OQsf?r)SBYAHl_j}^E+`(QF9vI;w`Bp
zCjzTDdA3iU7(aN*XqPPzP0<htA!4TKZ9Bp-)y%)>LJc^pho+OKT2FifYQlpr9|<l3
zz<*}1wT|O;Ms-QaaM>6v5!Vv_>@aPliV|?oH05MwBoPr!0?Or)x)uYQ=fa*<>j>0a
zNPiKvKQN0X(r@sl%VokND2NX?RaoY7+uT4+-w!-3Qc_60$wg+K@%Cy?OgX@NTgxAc
zqwowmtl!_ebb?7q$;uQ28Kw4mDGRu4m>Hn{>+Mm@z`b9po3gBkzHt~co`j!9Tfn+p
zgd#J6XdmVHJW5?>OAV)6xY>xeAnEp`e7r8+oXXHnP+aSDrYk~i99PNxt)uv+G}aig
z7p)>wxrGN+i^pNa1_O^PGSdHJjXl=GH)S&nSZO~sx-Yn2n{=3%B}_pE3oFa^WAsca
z?)2vTAtT>NbhNg+XJ#)6eOk*7m3V#47>hAKCShgwd6CH@GJR@81lv0nGm_~GLW$mh
zR-~M10z(~}T%<&1bSW1C;3Xrvq!Cvh9LJnSxB6A^*}?FRNc7Z%H@nMLPw`QUTom(m
z{f(AyM+uddx{dvsTe2kaDx=-0yBJp|xiH=z7zd%`sw};X{-(2p@{}A(#>j=;()i27
zuP&oCGOx#qi4s04!&+btQ||J)n*#ir0*!-wT5hYxpWC-X4slo(TYzP;aN;^nuP&u~
zo5wR_3RHV1pNMSk*4wI1s1^qq;hDaN#|2GL5a8fjyF8m*Vz+$0P@{VWo?Vpb6|b>_
z<m&;d?WatFpi#!oht_yK#e2Gfx_KrZvKC^}aj`Z#vS|k(WF#Eeh-RQnf>B&At!zhk
zBn@-a8^I|QUj7+HqNFLJ=(RvAhUxEj)&99*=`x`zJeK3hcaGKE@xJOaO|y7J6TR)O
zzCG)T6ev$>Efnj<vem3aJ<^I=uQN(;1F&?;;<&<|K~u_o#&UZquD(4xB7Dro_P@Mc
z+HR~EP-2cT_GQWkY<QT0V{i8Msp(|<eg7YN;`+_MjQ+zxJNV0cEpc-FKmbIDdBctC
zF2UR0Ux|3KWYO5*^SsB4F=3g?J1T5liP!-z$1&&ZpEh~|maMefMpUt^Gho?f!)8Jm
z9P1glr!-9t!CHvL4~~cu0{9N_LT{g^8DSr|gi0t#TUZ*3!RDocqCcs3f-QXG->AZD
zq2Faf{jS{lHi!^34ngRh;1<_Pvw#c?_8lZJt2|wiluJc#*_ceU!r_K4;7Vo$YV@<1
z6q(}w=p+4R`F$XRtE61ch%6#46qh+0S#_vu^EWY6Q#5EPOccBR(t=`S*D~&$Jgg1P
z%#mD=<%YS7EUHu?SlEt&Hg7=#N>(On2(1OiuamKeNlEk75n!5eWn-c-qSilFy#guC
z5Irnsk;tUViwIVVl4&k(SyrYdXlZccQv!*N3c!`I5v&lpAxN~K*_>6W+$oJ=kNmB?
z0d!e2>}t@N*08yPWtnP)r1W_Gkd-w}kGcWIEeUzjDtJf_KSjzEjj5u&BD3Gn5;@C6
zya2(RNSLsk&GIH7mfVGC27a-yG=f@6YE0gWKu;?MWP_><C~H`wto#}>OBR#30ByWt
zrd>Y4V9Tu5?s`%5rb_&eswi8aMU$@C?Yz_-vP|)u*}4XLgBwB@8E))4$-52HnrF|M
zl2vdf$}`OvjrL+JHz4d_89IBV##qsOF~CKX!pJ2peY+;#$3=&DaBoB$=FeM$ZmV9d
zk}oj1M}m0^9|&?gq|l36$G9a6dbho$xzb)oCDIHGX#}4eJqvM(1Vj|t*3;7#lCNr;
z=24Six6oSUpYmP9>P_5685tA+Ph}h9ngzWizpE)YMj0+|^q7!yXs`HVvmmy1RQ>S~
zhc#LIAZTXIw^Wlj6y{8{n!nb>a|E6@DU*6b=ORg14&*Yo|FCUPt6~C(E9m+<D$PIT
zRV8EhL48{Nj7qE~Y2y;W>}8`8?Ki_5ht;?cAQ}2N%~nXvb7#|_!6&HKxt^B3@?><H
zXo2o*zH+>Exfe!L;q-LPX2w$E{;A%7P_LEjt@V$>x7PW%3}g-J*l6}ny-1VJR>i}*
zcB-%t2DLFNw-Qd{OadZ0`o?rXBrU{)g+0B-jZUvF;bnU-oWp-uX&>w)wr$EZJE$rq
z0ioS*^bXO(RzJgk1KbYdcq<{=bEdx(+$GF(3^0K-TbUp|wcvR?TGCvt&_;7qjy||!
zH*GTTrQR_iT~I=9tF1SX&U(y@o3)HhfYl40XSK=?HOr73P1|a-bfGt_#pRLCGCXDj
zs&{Ztbz}Fz&J=oguz|rHy9H2_I<MSCZ_=z*)&rqJXFzJe>B3EdD|KD4Kj^O=5#Da0
zbsHs_$VMhvzjWRhz1v0*qfLQkVVa#$+F-P9_or8vhDjf0B15)^&xR>(Xi00l++a7Q
z_F?nMLnW+JmdUC|Jd3qF0I>*$3|T}G3p`53Z0I5(S0ccWC#5P{FiE5c+U|t#Oe&fr
z6;`*|00J~l<4bZC(J&V7WZxSL=rW<kL^Uh22tysYTJ;Ii+qfuzRYRhcj?d7OP+1qk
zSgPGfV3}K?6kS;4S-2>hYJ#ssSVZHLMz{Agk0lg1po$}6+YxGQu7Z^v9E2UwYMFVq
zu4lTFKCFHVJErS8>eEv9m8`@7tB4TRX`w_)6_3CI$Y+jsEiF+hY%E3C5d~EQlqIuR
z=1ewgtAYD|osiD%!liL&5VlGsov;+5(Z|eyZ!m-eJn1<LJe;Y%)KP%Jo!OcYrOVVA
z@Ww)hX$ik0-+>R^=?TrNNh0ngQTL*>dZG3gwp=sAjpWhVb-?ti)l0pUQ5TMQ*&}p!
zq|f?2OA`J6K91dC`u5D8&oj*K=hB)cO>)g)oQvf$R8i7<{ptGbAq*tHV-kXaY|@Vp
zp22N%ma&{FaD18yo_t2=#!zcVVQWIT+W?)+c1e43YG>I^4`5EzJHQ^^z~zF%P*2G>
z1_Hj6FJ)eKi+vzW2|^nJ+6T~cV@w2Na(J377tWUh1xv}B%GA|5Rorn0^>~&GDc{;|
z+sq(#3ZVuDJI&!HKHS8crZ?Qgo7%78ChqXCt*2UQXLaMEGwH1lFnKGK2~+^hnv#At
zP_l7Lqrf}w>1v!YW$IB`pTM>K?$<f(C_?Twb1icYp5+R*V%8R;Rsuz86|VvBA4n4+
zpnr#q<6caxr0keXn8nO-CtVK$3+`KU?3gLa6Isd9n`ZeP+-VP4*oUl+Jp9#Lx5`Ag
z{+6jKztjnSb_4Ru2Z9||O>WoA8M$VWxMMkPfQt`Hnn^CQSCl8A9wEC`DyI-Y)z#w@
zdU_#ChHjQSH3TrVzjU7_Fm#!-J1&YaI+!$uLZOBsmAR`g_`F1RwV}!odXvZDw_yw^
zrmB$jS}PF*H0;sEU9SB@Xq=dg5h||wmyoNy9iACWw#<$t+hxd-$C{i`Z+l2aB^$iw
zHD<KqAE)M8Xfunb9}j=Mi5b}N3dNk1dBYQWABkGk#p9G_bk0U)x1%aK$cw)0ww}%k
zQl{b$=i}FVKCW$<hqV)ek~w^F%e=zP6H+UZYroe=Cl@JKirFyd@?=1KN*q{U&uxY$
zfCB~Nn%RdEYty*^z)ky}d$KUrn^v_m!qX)}A;8%lnH)UpIOt7*2qHBJ`w%e}o56p6
z?55Y_SOOrdCPi&O+ZRn`K00Ly`Ke&}ifFyiW`%^t@I)e$JT|#2##<M16X>g^fSc~(
zgVv3q+SOL~>-A3R#R-8F!CS5*qpPuEuxL$(4Rx#OcKY@_{2tXKjFD_u3eCDVO(M8Q
zg5)dv08UYcjh5DWa?4iX#zA5NuMJeN?G`f*YVc+~y6i6LTW@_gC$=E?Dz~*kS>f6M
z7EKsXklV1tx>*v)AlGCQ;gcuZ*uAjXHQRv<<+9h3fN$BVqoVU>!>U#ylMBAI@V#)(
z&2Avy(uDWfMeYpovU`~wk+(wW|GR(;lAilgw{yYdTcP0nkFrQO{T-Ib`1d&Y)iBEo
zDsA)}M>Uo*ma<%YF3Dv^L~f|N#St)r#Nk=@Lgfwb*<-`_%z}%&wt{;bYUu;-NcGul
z*bmrGA%dh#3jr`cs@Oar(5l{2md~L&ToeR<RkfZn3fq?Zx?lLcZGFs(*t!9*>QCEE
z6Rsimy`=V^IVeJ}A<^mM+-$d4(@o6{2aH-rN|&1J{9mnHzybPyJ?^nQmt%5DB+upv
zbNjGnJ?C@5-RcqPd(uw@zoQAmd`6m;m~UdXp?`*R3j}%9DnXgs_vDtXo*b?7rQjZ)
zTxL(I`kyr(RO)aL)9?g-3oKtuOs3Yl3fxb%eaL&$t|6$#PJ5P6bf@&U^{@BP0F)I(
zr-{=~<t#Iqvl~X}pe}bbR6_u?Kuf>Ljj$xFUJPL!Qe+3>w|3=Z>;@;WK)Bn2nQW=G
zPMt*Nz+-9FY!igp#owxuje`0Vxk;Gb2u}w5uL`B58;`GQRhUN3<WgXWZX*$TXfO+a
zw6<Y;iY$wKDWt)DT0b*koRgOojcs};W-XTo1X4&%+Hz2jr}Y|b#=!)Ir;Kk|G!r7I
zcN<EI*R~St28W7?<p&2CcVleop*vMyrIZ^3rbK-rkPhFCY;Bul2*T~)rI)g#UojcC
zK|QXiC^EC}ZI!RxDXM30YYLRZGpC_S3=A9OOw-9!46ru?$A39vd5&v0T{UyApwGmD
z;Y!1oj&SXoV>tU{$C(ISO0F0lTdAmGM~H_wODt?kun<Z`%x5NoaN;;akFc18sR!W}
zVGionl6QYjRQ&&n;YGnKu^!FX97nnR9`!_0K9D5sLRhk`0oMzv+uH(YwNje_1!QdF
zt@_Hhz)!`Dyb6Pnbb90|GEGbx5Q^|DN{SfchmeJ8UKPUUw;<_O+DP@P)d6k3OBq@e
z%HW$AFC<o!do~KIv(Rhyftq*7C3^&`<9Q(9Tb+;0T8miJ0a>HE`SBH>=8T*zXqK_W
zDa4GfvDPtDrD(K3SwM;ATM1JKk}QN&B&E@UXJv`ZtSqP9kw38%t*T0h*}5k*?Sa9j
zHQTcScg160LDs(MD)RzxYU}S;sC$MD0BP_#3&IJW^>5mCuv~JPmOe|KIdYkq7rg!Q
znszfbV3`YXPhvst83ZC}JryzwWC&u8GkZwNi$uE2MapfIyxkK!7vN0_FC<cZg_9!F
z%UdDMygDO_=5wZWKO`&CDf1RJ-7m&iZ|Kg061%fDi|v6o3AwgCLIx7(kTa1-HpJ6H
zg(7gAUioj0Y%DS*y+S(-)Dy}7-FI)p!PX9{ciL9-UgSx9&*SbQZ;~A9j-L8v5@6cx
zg#_z2Uf$pHxCb%d@j4Og)mIaNXetmMvrOs3o%{8)L+I@(x!_om5BdgpmUPOqs=i~j
z09{@neXgvbUowS7!=UJcPzxe?S|o~QOcXL%dAHNYT!e1nny?Re5W<9P`FLH}LfRIO
z?1FV(8*G3|m2n#%my)+En#Vq{$P`;yCdHh$md5(1c=#2xcOjw3w|^-eB>Y`P#C8z%
zpQjpd(+E#bVzy*iM?Ei*kyq6|MS|>1dxPWk>7kkrETULVVmLS4g-Bva*awwU@5dvN
zrdp9L`<oG(`B_)c)nQ-CK>Qgi0|;^7k)gciVX&{%sZjfK*bUPrv?I)Z9hV<YCd(uT
z?66Q+RV4t)yDY^C%-EbPSub>f21-67nLlu`KDt^queHxLPQZWkQ>@`mGf2nB4vruZ
z8UHOCP|0yN{=u4=dSL<r&wNNuU43V~b%c-2r|NBG6L&1X<Lv&}WPFY8xmt`&vhpz~
zkjKA;|Le3i;HBy`j!n)c)=M?j8O9F8>k*{(9Fc;@Uv^o=dZ|2}#*1y-g%1t?K7)e2
zVX#5w*)@xX`J+*?97{#JHKWCXVa}|PrnZ!w{eUs9d$?PE$891f$%`y&U$h|Aj4CRb
z>N3aG^|R_7%{|;RVtxYu6N?G$U>T<NEE)a9sCikfmzl^*!dSQ=KmWDiweW3C<D5ku
z)sKUAzZuat-&~&eC6j)~DuVFuI;jFYe&FWeKNap33`+c$#4&yCHp|XaG>=$iGCk+=
zHVlSq<F)$H`ugmGn7;<zT$=5KU53K;Zbelwen(83dBiGLO3dZ$04PA$zb?>T+nXNO
z?+X@rqJoC;?zfdF$h|2rZtf{JeEE`GWU|Ov1q!tGnXWw?cxxdSSZiLswD%Kl$30D$
z>t;%C-}~MT-j4;@OV@3pUAK&fv6n7suHd>AzB$WREGu;WknOrVFK0HPr|t*mvV6#Y
z$u4WiX({CHz*i+M3ptM2-LZ`6vm+QnNVaZ$o>Y=2&z_9Qgr_{Ad4dJO%BpDgIloC<
z<mEshsO{tlITSgJD54ojm@O=3ILr!f1s!*`kHz-L-p$|3xR>g3fX_Q3)ip0&ombAP
zj%&%+XBT7gjk(Ggv5Z_z&tLCpc;aIcHt6W?U?B*(&--P-+FgIs=kO^A=C>zw-%M~v
zZLL#rb<LKo;f8CP6h6FW|K&>mK}Zfzrc@D%%p@uj>hl|+^><9pFRrdH&Q5PG&R>$R
z%@??<JdeqZsLaKl3s0HyX8=XYu^k~3CN!&X6ajgFX5=#CszkZ=>wZxpG7~<cdo|YT
zIfrl`mYI*}pKD+7bjrvTg1VMNZ#6Uo-KH!AYWO9g#Gti>iO~5}{T)S8r=d6#rJaU|
z9KrGo)ckmSFov9rgYkh?#1b1U>Fw0WrfM)Qep7wpjR|>YlUw~78{df6EW<1-2+M{q
zbnzCjTNP7xuqJGC&hJbu$DM7_)o_BB*g2f`8hHJB_i^B9>@f-h@nyyki8MttnnhXi
zEUds~$vJkLLpNvbT>5VAiYP#{)+4*dU+v>-H`MaaCMDe;x&YT2;8(qnqYcECwDq8j
zNINbEb$oqsdj95OoW{GbD3--b!83n}hBX{*`-<H=_74t{m#M$x*O^K>DzOxam^WiE
z_aMY?F&KG7N1DRBUu)E&&y7YcEJ3Q7mD;>o1ZNX`@`>+RDO{&Umw#i*@L&NxpjtR6
zTuYXx9CLqa+M@rC)T&879D#RLBFiJzu4cBQ@OQF7&5^D=o4dZY_USqkT;^<4qR-5D
z!k~J$m9_1@+pIG6Sj(KX<Kf%MYAuw{(ZyQ31rs`#re<xDtSTTtV;!M$M25+Yr(~J)
zJD#w)&k(ra+1#n3<<{mh_3G+|{5Sf)syY{~9mDx}`|bvSd%<74^F>Dw#Iq#`8I49@
zQab#n)|unvDfy0>??ZZn%6X*7{X&#5sW7+h6@{aUcyH$IW8H(+KT$l^`r%ssA+R2L
zk9X3qx8Ts$+Fojf&W;?1KqXl|Pl;Tm3D0gT5TlteMG_g&KiK`7GwRPTSeFhv?SP%R
zzv^XW27|IbXMeS9!UTJ`m-#18V0IlE`zM}xz}0>Sp37w<c^JcmM{C?RBbSr2$z|Oy
zvSs{qKmfJ(g52g8X%nU}oBimj(Sj~d3$-}s5{fW}D<~UpIyo4K6l}Z^glj^3H)_?#
z*<Vku2rV@Al!0m7Q8TFKIKdp}-ZM1s?Jz&v!$Zt&zv1&WKURn3ovJPTSpGiE$a?#+
z{Qj$t5Q@K}q=6Ituj0Gn8CRStk@xZ&)ZQvhD1}ra#S;c*Ox{_y;w>2SE@zt^R(YXt
z2LhU3X8KmrRk*nx|9nI;c5lYS?fc|Ej9C%TK9aw@42CbSpb9PGtFaYDBFk9R1)3YS
zBtM0-J^oX+W+}y~{&ztWB;VV8nEC4D4<B9aH9OF18Qzxml0tSwd(q6yOyx9_dfn>&
zk^|%9JRpZET6+C^d(VMMip*74aGW=|9Iwk97~hcg>;!~e9d6Mw&zI}tj{gdNBd@uH
z(3~zjdU%*i0}Bh9+m*g_^5u^-j`No&gJ(vQ$~zOrEffRIN-y@IS}hIM(aqTv^diZh
z{&)hK+#jC*@x;6MA2;u$w<YPLdKY(AXZpt$*J6mFHig!*CKz6;d8s+%u=zR|LR?9W
za6N5^js47HV{LjHGN#~-=e`8#-kVGgGd=L%{-f24zd1b2+v|S#+g>jE{HL~|j<m3A
z{mmuvwuS=V!K)uQH&n%>HGy9klZ4LSPJVoS`qjm2pc_WFcr21?VYKpX;vU0KZQJ?k
zT(&IKX_u|J>oW58)uiUB+wjP>TTs?Lb-P}jvRNwy9?0J5)Ss?hQZ-Qk94;R}q;1YK
zVe*OGQF`V`jV{koe@9feVzF~@T@XdP6_>nE2Ic`iZ*>-ZevtX(n*D3W&!h~gy|%vV
zKIzWd$>2LO^VpWnFPlmcg>ksXS4{~aTSckjf1YDyGT3ZEqo&$OHjaj-4w_c`{@!1`
zq4hFTP<~}6<_SIYiw-ScSx-K0Ay?OhWRsMHN-K3u_?nxg{1BXZXIhg7<J%?M{;o4i
z)Jv4cd*6QUeBC^w+%sEqhJ{cf+aj~3>BYL!{tBKr>n_+<?FfutE?r50Gi+p{$gEST
z?o!&}jQ*O^>i22V-}R_2;~t4@`e94+%X6b)+DtTQHW>-nWn^=wJ-9@VFVD9=m?BsA
zBJWeAqyEZT1daJ^J&CmaHuAX6-UQCx8s1*p8T4z!<)yXf5%l{(O26CM5qw-nZ+j`(
zQI(+-o8H-MRh41q`v-3M9z4gsU<?_0;VO<p!D!{2rHAGsb~Iaal3e@~N`;0o5&JY6
z?-8UbN%X3S%!R=+g%#Sv?Gd6WrAvf?C$YHC?r9!-z@mfF9B?CcmBp+lI#lmKa2@z`
z^?yvcGPR#gg=pul?RS-Al~Yo)5zR8pR~)-oMnt4&VxcXWx@XL<O`e>bpzZPGi!Z()
z01y_lh^OnF5Pa(2pFJCs|2ci*3+X2YE>~j3DjX3kh}*F|BL6jc_qM8&YJT;0Y%0;~
zJyMc$OwOI~JJ;4n)uIz&3CbnUW=?5aE-h!U1xNUNVFAeX9!q#fC3!HXpk3J3yumO_
z_)aNFU<yYh;kS&;BtVb*b4hFs<(x^a@|)___@QcdN#-p=v|ndr0H$r-Lu3xK1v4_}
zS~idzc|pfv2ypV%zIj#lipyXM$W)AnCL)`|s&)8Bgd1$c;xdbOwe0ZNgkwfU7@d8S
z7gBvyWN{KuIJP$1CubWyU~I2R&9HFRLG_3A8oeJwWn5MD_r8L(-TYWUuf}w)&lAlE
zEtD8R8G0LRJtjY71nMduLEYn!Lgq$;+8mFw`fe@dkXpAtWDWh5qu0mJIEtngRV#F;
z8BN)d=C-!LalKlg<nxT>Xpad4jiPIqZ9u}mp$@HOj6U^}(D@wDMeagYDbtK1;XhY3
z3>S=CUA%!9a8QZ0DyCS5$&Fz(!Sx2L)Zj587g8vw=%;%&3na_J;1EnQnkFLhmlMDi
ziPT_<WHEu4$b!+>qEBnJXt`wZn2<Al7-u}9DhSL_za6u<(0aAW5nV7M@|a<H{27Uy
z4vh>7JYFCPxE|q@tDNR5R9@`bX=a7^1c4NWQ6X9*WMBE!ebO7y4))ok2fpMQf5KNm
z#oIhwvJa>o0Op{;Uf=u#{UcNo1~NCWM{bW^8K=h7Sl{4OL6c-PVjnbn=65VaSlEUs
ztp*Q)sUzIf%bY2!+w%nHkqOAicmj_Gb`8J<g~F-_Z5^{amak0TLH+gzINTP0vkwAi
zaF@gbU)g}c*`wdyP(@o{oIL~*XCM}5uO4riVN^ae&b~cDhkfxlw?*XK0+aKBP&xO6
z%eezM-gelW4~EY9K=_;wfzY`NM&}L-whd0_!y$D(6jtX$pmjbVUgv`#c0LGZ=MJcy
zTjF-^u-CW4?%W2wvoC(<RtTP3VR&vsgDr48cSZ8ta+Mzp&GW(VJRca*^C2)j!%;o^
zbZPKE_kioU#kuJH!fxoEVR7Tw8t=Sz6K-WSBWOA@RjSRcvgK;(Tw?=!*1Mv1wGUgi
zp2uC-a^wAJsHJvZup<(S>_8dw&Qio!{Ha)mU-6v~el1Kl7voSq)!R2a2<6W7j`D;~
z6MN5xP$#tULGrN;u4?*N=(uHBp&=8%YoI=b`@w3>Lm5puxJLWqTVsB#?~DH9Rl=BR
zerCC7GWzt{YF)n9s&$1ESFN_suHoi!XWT~s#pG1&%7qAq-4<XVMd#lXX8Is!s#>ha
zVvTdm*W>*d&u&bi6s&SGGlljIAZ5eA1ADjWo<&xHl-BIL`(LkcrPLdsyZ-ec8Hf(@
zH+0$4rBuG>;y4gG6@{|dvG{ucxu62N64v{+XXA8_t4TeT6+#c{u`fr2(P*Jnun{OZ
zfqP0ToK~|u*OM)MW$SXM2i1tPS)G6h<98`ztfUDt3hfbe%*=@Zwl+9(*6g2Q{-Ju@
zCPH<>r5^4rTglB?gvt{;*D7^f9}g4iQDn|H`p^?_wIGFGGE-ccTDzW;q`u%$D97Rm
z%xikIJE2_cqtK!bRg+8=OB^ng7|^q2QX(KTNojt|;!?8;U8O5cywW_8TcHP0cyv`O
zuo-U1Js6J<P;NF9<qYbhmu;bTgx}DmM2m>lg}@Rkpg62rggfN0(EuDRw{2s8?rD2&
zvpbu4n$y(BlC#xCJq^SLZXEUj#HiFjhsvmxUIw9-_$f?)Gl&5Fj9UHxsxnBbSD!%v
zRlRyFgReRQthTTuw*+H30av{`b%L`lXTVGvi{SR^(~YSs6*q~_cqdA$pI@ws=<0~t
z>ea0;!fP#xt5?6Ch_4VZaN9ydz&5586cV=H!tY_&>d~Q2-O;>uGwbCMc9sNgqf3W*
zj>#J%@Oo|@s&!x~l0uawP`8$x*kEGTfQXf>ZI_ia?LBQH62pbCd9}ZQ=xcHBV{H$-
z4q@BUk{D`T-_i`&Swtdmb|1Oa1h&2fCjz?-DNBLv<Cz-ms}}a8EHhWr<O3%ta-w-O
zTz;&&jpggYgnvJ?SFeq~i#6N^*PmWp_OvEAZ?@PIoF_h8i^3&Z6r2Dia$ZgA+dk?~
z@Qr@^%hSftUTINT#c>3S4R=A6FewX_@U6f>!<|AVe;63e1766W|Bhlu>#fe+udVbm
zR#mjdgpV4Vu;pdqm*9*eG|Pm-V3;E`#rJX~k}{0g&CAZ6?6Y3F<F>I@m3-JKXvOql
zsU)KXOKERCOSe~gWv+~RSw%7v#qv}VG3y`v;byEoxqB8EZCSOg10-g4Dm#(($|)d?
zHcPl-Cw(tJ#Hj{QTF^AJzr(frNMzYA`lBReZ$-IhILGe3Xl%P#WEw0n*1FPbm3)?%
zBdhlGy<GV$G1j`$ug^WCwr%tol<L;2%Pva{tW~cbyDc%Ub){F=9!pGczT9S?LHTpN
zEmD3<42go=%2oSySz;XZ#!AhaRi?k8!>#aUO*2*P-GI6l>&-ZGN~4U(YXDmZ2jlTU
zpVcX`3(U2xP_xmW2+JZ7+Z>=7&wCD1E9sRDz_n-rn=EZT{Z9<eug?Ux60J5P`_;}0
zbEPJiRsRF3Y^}EvlEmoCRmOP2Q*N@sG&^Oor=Q^vI~YgH;>dJ1PFX7Q)lu1@{;{WE
zt43pbgJ>fX6?x7wm8?FpW?s@SJcOib^#v`F4behY>R`R~$61L)D~~F3jQ%Uj?#La@
zz4e=#+SbZ-%<s7DpBX{3)w^CtgJ6x#tr&a#?X5zr>rp{QML@f|DAcl0MppG+O2g_b
z{ziE^kIMT}?=JQI>RESQW4$e@QY_D2lK(yY;rG9co_=|F`2ES~&;R)S;SXc@$M2qg
z`Sch2AHRS4^ziWezrFeT=IY`f{OK>>XGMC8|Mkn^_w3>yft@^k`sM%WIndg@fM;qX
z@)0iSONfB%)tx2xZs)oZ{S`b*zY79^OM+(iAL-z3cm3-`<!>9`C%OIgcegwi7fO%L
zvFuAv8#BJtVqP{s##Du*JU%+h@~4PZ!xHX+y$*qDpK+iXu5`^b0P$yi#u^Z%hVf^C
zorXrKfr~qM>km<C-ED|c8=};PD78L)4pC}Dl-dxbHbkj~v>{4uh*H}_lp0>z8e-J~
zCui`vsz9}Wr8qUIH(10@qev8)x)HZ5AOK~}max$SKuoRM7D8+ZV13x^?qNgNXc2RL
zjo)IA*;id~$1G-X`9t6qGu%Y!*^bF6$yvmg+>}Y6_;=iOrtonnzvW7@WQJN1&8o7=
zxpOHtm%|-~jOq|@lzT22kqc2IG0E9KjXye+;p6;ooYB;xhJeK76#5O6F1f*;c?dqm
zJ}h|-n|;C}k;U5>t~UCpR3>nT1)EsnA}>?b?`Xnfu2yA47#=Tu_voz5UNyThWwqvn
zE|<BW(Sk{5<VQVL+mx^`i`yo}oM(6`fS$FMn5;-H6ji}HXmg70uCkxh9|`OcRW_Bc
z0G>sd;W%{Q&Orz_Er}$y(4K!f(f8lToOUf^0BlSNl7z<%Xz4U_M^*d8^A}_xid>G*
z`}vfVAkW}UG%4BpwIT_lQjupTB;{G5LQ51lSC&7%=y43gFDqLXHE=H|@bB`L5?r~J
zz=c`wx252?l<sZCh_3!yB?~Qc_nD;G2R_)X%6E43Qz51+6$aH|o~@VW`)~8d4fw#;
zaXYYr20pMt4{UiUL|2*TqVN_asLchQwl`$!QGklp`i~Y63C!Exm4bdcm*~L&E}F0@
z?23ed{);UT{JcHx2{t%qb1qfhha&hweRG;pNg^j{ktn`QO6qtgacw&@QquK~P{;I6
z5m^QyU6+*mneSma29_zn8Gs0Swxl^N$sdU{rSd5{VF-;nq>#Zz({eGVNks)G_GQ=2
zsaQrcukW;uq6?1`ai1Yn8zXam$Fj9uNdinpU(x86Wik0iTH?g3jHU+ocA1Mit~V!(
z*ZS^=ltt4t)@8P((^0M3l~RT50T`(t?&3cZP5(K+i&%&*s{7n^5_ewcrj2RX<#bMk
zDd21TzE~MF(QL(kAG63LYa7KBx_@v$V|#R3AMmo%PC1)T!;owa@@ZV>Vb?Skl6(cF
z%FY=m?XIkCrOP^m?<Q1lBfu#8K+|Qy<oNbaU~4mH>Nuaq$JZC9=Wi~?X}k-_WKR&S
z13!XY4cyr;>oh4=q9FGa>ns}NyBofINiH&30K^VeYoF=V(}0zP;oy-ALtMW``4Q0Y
zc7>MBr~Z33not+wp2ULOL&(9MzPo`}Us`L5vzW77_(>g!beW5kODk3koZHSAoIIuT
z9@`NfFO3dxHt|oUQdyXVyVq&^?Lyp-lo%C~jkq`VEoj2GYz2XU!BaLb)b4&tfRPve
zu9c1Jug<@bU3Mc!tv+TdI*!<Kacp|uo*C_#JgLaI5_vcr(SdyfrC=nI#9+mU898Ii
zMcHL<)ayOZKOp2J@PZuTL|O{rbxEv2HVcu|j}`m{PnENA@@Yp!y+^W*_6*6s4mjv%
z_E|H)uY<q-(a6+|vmWJ4b)<l-L#>-v;C}8n8fl>xEK@u}%dYGWICNPTxt!sxB4#mQ
z-{d@Il9c?Z+JxRNGoE}5>V~>+LL9jLT(=+FDcjc_8{}y1#pgN=aoaf;d)*fg;KEpA
zknooc21(<TcjQMu3KrRYB?G;x^;auYx4n_ch$igvUC^z}JX^n*P0Sx1eCCd8NE=4@
z-^$HHG7+~s3I=@e`i;oh^$1(MtI(cP#qMdi%r?(k^1<wA9Oq0*%R$X9@lNsd>XLko
zUG0ujo(qNQ=ebBJ_XaAgW9Zgiw3BiLY{+D;%6^FHXeM%}#BZVRt>!-Y38A4kRHDxZ
z8oIyARB23(UCyQ$VC0Toq>$wWp;JaO5Xmyh!3pTZvKR;-F01?iRIB`!+1FyuEfARA
zK1f)~z4d4ZJ?OL7gQQF@GCEECp4R$?E?*(95;`Xg{^L02QvW}hOkRU0rO3=(z)J=2
zEg1e=W|SgR*!`>`qw59y?Yu*H7F$42r+%DyqBB^XmgzSbY&2!$X2GM|E5~^va{af=
z`BShFr^kCi`^-%1s*mBodB;jDtC&p;mEbojrHFVZ5HRcouyR#mECw;Q`|Lp337;71
zQ4LbquD*GK`dNn~b$MoKv-4zdUv*{sH@J%4Ith4oQsp-7<0rDYW@fRi+PR>33o4hp
zJCYnEl|3ksy8GbXCZjmE{$2{~_9uMaiSEmfHzBsk+_L6a$G;i(67ZI#SQd#d2+bk$
z&i)7d{w{7PC&woI4(=xAG-r1ORlaJ-=CZpQZczHRWIi=^61Kd3h7`JLOVILmyjIw1
zAH}MIic^`Ss?flblRv(AF(&6c2Y?}7B4}4G3z{=fMls6??xfvp!6@;bs#FcxRNa2a
zwJKD*W>0OIEfty_6&7IF>0M~ZK)>{6pxfN?4tfUVo%hVeZp}9D&Lj8t>*kp6HG8~A
z&bXTm?(H)qQ+zWAymPtQ^20kazy18Lo)x|yRFZA6NCF&fJu|ukGquB$I)bvY_mzv?
zBkVRT?>ac!x<@5SZ;o|K-gH2>dlkmm9zY~x>m!&k+c|`;U9}?XInDt+_L0S*@N;{X
z$k=wuV(yo_+$RYjECC=mJGoCWO>a)}W}b0Cj}4i~o!P|!-Ij)cUOC0Vj4mv<pgU_g
zAoE~v$pm4UrakjZtIScqcGDmJppP-Vmm%YzdZ*DmW9vqBsuw06vnr{sgyw+{d^;v#
z`?TAJfL|4@sz#HY?%ia~iCX^ID%!?J+U`Uhe5d>Ho$fQ5^wW9q;$Np1Pu6N{T4NkA
z4^Y#@Gz1|7xNmv>POmOWlrzX2rinyQ=(Tz_hTPs>jkaiYI;s>)mmN5`gA?zwcjE2E
zA+RV?nvL`c1~;A~RlO8g7b0U~&MJylu>3(vTaodf3Kmi%jaE{5kG>M<ZwvaMcCdEp
zBe4vkjuEWJj!@Fd9&ktfaE&`%oC6i@E6CogdZ<^c!iyR}xXaFAx`JG<yPls(C!aEs
z@;n#0@#eVG@b(FjC;Fbqa=aSlCO%=pl-VM%{gfay!$hMlTY(J>h3Q*g@sus-9T!E8
zJu5+;n4g|#S-BGa^4``mU19zMHD$w^mAfIp$Q%o6m>U7k|3-J^a@lhE53DiX$)%RH
z-+EKb>PNtRqpmsLP2i_(^+r?W05dpkGRddV9sPP^mxcCMtv8mw|Aa@Y%k%y*1Nfem
zKC+A#(0?aiQQ5%;-_VTC(a3N(x%%qOQ@vBbdUScd?tyl-E&RaS-P0P^NYG3AZoK&b
zWY|OIrj=h^&{PeQ^J=|d1qKJ$+Bnj(kPzv4m&UidO{6<0pc?gd4A%FB5v)bS58gi8
zZ9?}nITNX7$IWnTwdHtnW@At!=JDZMRxgLk+K4U~jY%Tr<nX)G*H0UUisEsS(dBYA
zCO>54yVKXT{<t)OV6o#t2PNPt7b#N<Ry2vtzx*e8K7M{OKGA(%TkCiA3b}hee)epP
zR(CoTcWk`L=6sjFdp7N$&^cJMWGzg#EKdZARyCS?HYIIUn*5SV-*s>)nm1wNkp6me
zb48Xkrzuk`M>l|P2;IYgp)eXVUy@yIEUyjvrFjbvvN5jHI7Sf!1I?LSicI>7?Sx%6
zjWc(`q9W&Nh0L&rOAquwgnHHejBH0E!&Y%B-JYqnS&?rt$&?nP(}ZTXelZ?+FVqi2
z>L#a|)S81G=@yfnKu@Ext8&(6x?T6!jYV9aF1bn=m5ikHR%<#PyxU3oE+j*59#+}V
z8aLF=;L@%H`jfx{)Y0iQ7xxmjp&*H%v3oeJiwJM`bg7jk+8q>v>H4Udf(+L37~>A1
zOIb|uza(5hfJ~DvcZ4-<#O#hGde4tj@iR{nIu`l-m}R4HCTQsRj!lnskH>$-^L5<1
zj{DedAIy=^3NU(X`?$*OR{Q(No-EzZ$aJ)?V?|EErOM)}Tu3Hl#%HsKBYN|Uyq{xP
z;SDI&a{q~6B_ENuVxlLum!*BB#l$X)3LR{&W-xQd=3h-T2*oVJupNEYM9$}3S#!Is
zZEa!?zo_Rd>v9}U^isjR_p<bVpG>OMpRLyZ?~}>M$sVc}pC-xnYro5))km~DnF1`Z
zdbrO6)gnxRfU|M@++O_0<gHMql!^I;OE7=>RDjZG0P^wX^<+%GTd++33pGX?=2eB0
zADQkw-CFyS$;*hbQ+8)uzsOr_aKX`nW^;eA3MIKn5`7gYmN8Y8(NX1mK4-blu+Z(A
z=~$waYVnofhG=1Nt(tvGKk&3jNmis&mg|X2o)(Fs854!R8kHTlOyHFK%yMDqmNIG!
z_d5zmESSs=l!*xfvnJ0Xk+yHk>a)#s>yAT7d8X&}lAL%*+8&y+q;qz|RnlU+sFCvq
zQ#0JVkba#g{eJWKJ5HubWbZqXUd)@<ll5znM=R^TbVMxoR9UMH!$2ff<IwN&86*mo
z*_K^}e1oq+Gd_Pqy_FR=hllStQ2k|jYU`rxE*Pq4K4*SU>%#^--c*r}2s^jeK*zAk
z`j6Y2`5?9O!|LSspmcbB{00EadazQpwXxEDz;w2$g&$rAe_wHA!KG=pt)m|T!MCOt
zLR5pFg*+Z6Q4jtqSq2m~8<S8RYKR1aa^$wBTjs3^fNfwq|JrP416?CvKEHaN6VQFc
zmkX9p3a<RAg6?6kw&?20guM_6-2i9OI@uj=K;Lf03e@`HXXED(QP0w)S{;$EMd`h$
zcTV%}DEZSn$`iO4ZoV6fs7P7n<j>AU`A6DybGOHQE)tr};r_h5ogYW}YN^DrO62ix
zm$&m#Br>UJrabuCoe45MuG7Ad<tX7SQ$I#@8_oLcbVISm{@g$NE~@o%WM#dLK`(dP
zpqCE<va8cUFCX;sK`$TJPJ0{l^3R6ngy`j<W}Oyl;SZ{;ABPEOR%D3*7LK}BSH#AU
zZtc@O1vx7RfMIZ)$uW5a39#TgRFo%BwxfDZbbCDm^yjnM%-i>Uz<!U4{El5!1>Zu+
zc#$Of-w}3TJPdANH-Vr8a&dP4*9+flX%@=`y=6!Gg=IMqBJ!B!WA~ndAF5waJUzEv
zU4jU#zjb;3>8~cYY&GeSy&ZDbTK~0}+ppEXQ`|m~sNF)$1~UF`@%orW>jPvB1=1}{
zSoRl`AO^d4Lx_+JMU?6ij())yBowz1h$;PG7B7$yyfI#6$H-KbJp-?=W~x=?B)_D)
zc|Cddhc1V?cblX<>p1~*7w>Tb&v%*tiYC+^&iY#f&qStjk*rl{L|p_qpo!}R(SG2Y
zPAa4_!^zhSi$|o!;Sc26!#-P)(+!qp%?noLaFrcaBKn9>04&X!^auYNNemKQvrAKR
z0T5nX<LZ%KTfgD5`xyI=@CdAOEkBjQw(<9X82E-CTYiv=s$y;L)Md*Xy>K~0Fw-fJ
zKQ^y5gnLIxA(hsbt}Qa(It?47(wwVBF&#%Dbp+J0DT%69$J0bik5j5U*5XR#d|D`x
zON^2_mV7><d9>h)MXJczF<tUeB(giLMT<<1)A+Y?$)XX>;t`I#E^XS?3~IH$YX-5g
z4X3QGTnI%ICt{|2pDaZzG2I*0pAvC3<(a0{${++cr4pcd!sbZvTC{)6mWf#DZM?Zz
z{jo5<Ko>m}-f~0O(59jy*9r%03f8bEd_!#2U)Pxy4#!QZ!|WgDlR3kBn6j&UYMJ3w
z4f2SbCM;JeBnRbKW|n3`UKa_=%buI~L6?r2P>Ip%Fo7E$m`k|%noSM@C}A^Y{geqT
zYiCtx$#++&kapOu`l{VKy6ce#?6gy2rA$f>W>sy{f30U!n^$dFVX)r8Wma|?|H}=0
zAdyI_q-EQTJ7;3K-`6ZNMZbe4^={*}^<6wpnW8aObUZJgX<tr@`c_Vn+*5-ON%eiV
zSc(j<{~SD9T0rs{dEfMv_w5%;X?IMrBF~;5k!gXSeLuz>G_H8W_x~7g(#G5MpO4n2
zz$Fm{cq&bhB!IhWuC3NKaBH_UUSOx*wY`0~)!jv^az<s~F1UtAU37uH@6RS#-ZGj=
zO@5by+4|GUWB97e3kL?VTKy^0XFF%;qTX^8{)EC!e%kmL(y;L-{rM*0yj@D-+Vv~p
zQo$YUmaQ6=u;uHUUEl{(x{mU^q*|Zt5a!nvTe7zUnym=MC|{fHQ)DsA69CUgaoHqf
zjoARKWVpIZmg_^u;xRGBa1y3i*?Cz$w0x|En9VwOzMX!SiEN};p7IP*pFv4m*R~pF
z*Qnf(L$zQ$CkdUhM3R)M$kb$mYn8~K?o&gvod)P<_EB41(iz$o6K>aqJm*s`XdWZe
zY0{H6hOGB8Sx~*_5P%v0zOkDzxuDU){uQx0n#N3tEYg(bm8nm^ZBBR(O|(nF3%DaR
z&9e7Rp;hp$-yk;c3rM$aQP^6!F+>#ZF!{!9_%TKepJ=beP#g56O~ub^8)|ErS!Da!
zIZi*p=h>P4!x9+pCh<-a>|oL!P1$ZDRGJs`&KAOv9B`eMEPBZ4`!$k{)o*+%_x)(L
zZ{u$b+pGDx`U-tI4X14~;Ytql&?R0b@Q}Ssr<HXpSylEeC+7(s->2jbI`_Mscz*?n
zhcOv-p7f8Wh&7*fYrJnh_1jLo`HXj+?vYW**Z$ae*t?Ii{}4AG-_2o<fH1#leG5;<
zOEAadAF%R{`<G%`+Td)*07hAT1(f57QAnXm4zczGtEQIE>haha*+=!-;gPH!gV)y|
zG<~{{n)@;NzyI$y|MoA|q6N*BJdW}h{%2Gr9p**C<akBXWY=$;oSd9|@$dhR|Nlq)
z|C8r0@c&Pqy?F8B<lmmX_~OMMpFMkV^2ZndcJln$$%_~NMo#uKMSm-#qWQm_oY18Z
z`5kS2PAWQ^dHTW0oRt6nnY7=QzLcEakI|n}NS2$rFyLCL_QVM5tBJhvZ+9o-FP@K2
zEXZ!tGovVvj}4?P&*tMu<V;BYl^>gS-fu>u(QhiZ|4TxboPAI%gOr03#P`{6Zh02J
zBxi+GBE2@81hQDcX!9Fuz|`!7W|_c18pCQLbZjOpAI(`d);hzq;7QDK=-ht#?qvMz
z4`WRIwbL0_gRVV`g!qk##~|xdYb3yLG>g(Bn&+Zez9h{LVV8E~RIxdr0O5a+NCU~?
z7o<-m^sWn2#$KyMe{1;hH8=OhWm4oc*_Z>e?S;spK6vf>x$Rr>Y+fWZUw`>G1gm<!
ztjauUd1f<7bYCMwxw~iBQ?y`dncN_jEIYlr{Pqu%+Mm}Hh5CF<h=tTDo5*9H&9Tf?
zqA%##oWP{;*4(TES-Wugr{>$evsr7hwC)<!qc=)L?BrS-3g`<4%nYxKTvlfPCJVoq
z0a^zL+%ZA_zO-;<;LXfIQx)@!|6KN60;48Wu?-u6R#@`Pf?^z%s4_XzUm->2^oPYp
z8l#5hT-iffIc2wW#Fh%eL4%UAaa)EB?^yx8=OGZo0v}+pfs)WR@a+0xa#LEanv_YT
zyW^OtmOv8>ibooNm0YCIC(Gic;F)s5CD!jF#Wdwgg0jUV)cqclGvHhhorp@?m|SM$
zjHWC(qb=q1_qhO?(sHB;8@2>4(_MdfGn~LMzn1mFU@MzqBxa><UOT{en9#MfRu8YP
zx3^p7fcbXaK}-Q7Jr38tsYlR=4-)39)@%w8Sa4q^HUUrX0Vr0UtO(QF6fQa?A8R%(
zZt%8kJkY=e?%Jc`>Q*lEFo_x7$CxAwaZkidvCQyS8_}v~*=l{EIjiQ`igQ4f=1?!m
z{~n(Fa(MXt$>`7j`2Ew>(=W?^-#h<~oqsQ!f2YpBrTcgJ^vkFJXIuMR!c!gwI{8{Z
ziO3q2Jy$QA1dN#4-lkc5gpy<c1xOv~2Jb{P(~BGz5gVJ2ap|OV0!oZ8G7{XW&K`#v
zl7Dyx`wQb72nIU*<v+>E`1uRJP19%Z^F^-KXjThZ)suwX)b`<&XRlc{*H^n|+pgzQ
z6Nx52+S*J%N|kHPt2KDIE^4mu^=tF?#Jp_F6`^xwx^m-2+RsK7mkuvJ&!ANJbmgv)
z)l*spvJIG0@VOBe=3h2gif1;wH(iQMOSEH6W-S2>Ax4%Et-z$!;rx<6J)~2St6%PE
zo<03?>q7+$B=Arn<1CMlCR+Vqv?gqIM8($^*65Y`Pg7Puu_9mlVr!R#OjteWsUGY9
zz3uZKhjtO~@9)<x9<X55pN>(dJFb;jJ+>YF2oyMOiWjp@<mCHu{5yZR?8$ujx8)y3
z@CV;W^aJe?-eF<>F!3Id-7bfLcO6(f6Sfc5C~uF%f?tBqT4d1Udz|@u*ply|@AqY<
zlw=(lzJamq8yDQx2V;z)pvhHmhGK96T8*No)sUdjT@2o2KtVMG1}Xt<I|cw(v`)=t
zeZZYrUhKoN!6WWAnyub>L2PWWMHoEYXiHLRPVwKbZPc<!xVP$(pA<EJ2+!0=<RkpN
zV~TBVv!-}~)-j$M6()yJ9m!*s1LiYav_yv3Ln|<}cdYi5Y2A^jBG<QKjDg~kBqE!4
z<lKHb{SaH=>fSQ8{1GYhV?QGQjj`n`c=46UOEZGjxHWZ3X$0y*2bJ}OkY@$6OGIai
ztwo!e=s{b0knpaomIak0N*MLlDI{SU8n(}6NimG)v9R9P7*u4quE?RVGL)j<3*SV6
zwxw`|fMj!bQG$p<EenNUnZ1(eQl@eqAq+#OyzS_AztT7)9ZR$F)}I5G!JmWqG0_tG
zI_?|49_qFKINr%m?Vow*w(kFvQBIc(_4oaF|2q7CFHT;3aq`DC|KG`rKMelAkJ28G
z|8H~W{fl`2>J$4^zP|~K0t*POdH&p=HvE3I(YJX0WHg(vdHmehdinckvRu&Zy?*Xo
zN~PFAIjo^r;2?j*QP#l}w01F{=WGtfb{geEN|F|d;!6YgWU%XaX8dSwE~9Jy7!Mx9
z!DCpX{@^kE7#>515logWGE2AaM|9)-YR7hsz8D#R45RIQ6Msf<p%x<NKey!n)eR`_
zvkpQ;AsG=FVRtNF*}<3<?+cRUU?4YNPS&cjV1hrj6;P<Hbzxk34!ApjR+$2mZC92B
za|eLbtyeE<_QZ5vmc1oiwk_x4N2lyl$|c~^=r7^&Sj)HUxpYeaow`f5Y+0_wzuH};
zT6VAR&{m$M(-hFREK7UtWgXVgg@afx_PScKF&w25Kq{h=jd&&*WK7<*nwfsc$PZ7x
zqLN2HJh7-N)bULl_sI{LEs*k3KhJ2+@*i4ofxNrMLq7U*k+aD;3X87bkJH-2j*e*q
zHsArUEAR*~VIqCPn%1-?NBU%zwGRkks7cOL&e<IR;i8x@l`4U)H4+bp{p}l2M_9=@
zw($4W|LeCv-5+KAV^m!}>a8<TuD0pkFtre^7PUHq{4MOwwN0Bs2S<c)-~{imu3c^b
zUSmwxYA<j=YV^?*8K+!d5X21c%Pboe@))LlOe1{;MlsJJM16H^GG9lC&#LD<f+t6%
zwpudeHumU4&Klu#T7O-eqt~S9VZW$@2IjxLGo0GiDZD&4R$9vmtGXJ#!EaQW#&z5}
zjSffSFHYy32MYYQxwOs#_gk;Ig!s8TirGC#DZAc<?1GHuT}A93s}A%41?+<86;izJ
zAxhT;6|M^@Ti1;l-CnXTz(LZ#Tpi2qcrLP(Wnr8_pC^=`&YN2^CanMke^x&XCl|#$
zy27M6!Iv|GCJib3#WeBMtG&D;G>&s7<q=vRKo{njRE);p5wn2y_Rg0xaCLh9Uqu^S
zSy*cLEN60Y*(VJ3y8ccD<R>kM&_9=<t?jZ#k^2RYYSE7nc?Y7J#<gNGp!<D}p{iEt
zfVks+La;P(fz8@DUm?a+dX-)?GGXnMZZF$cuqmeH7z4EuC~)Dt25QM^a!*&XWJnJg
zRjOD<`>Rm+*5gp2{I2EtlC)hv`#YJZ`pT&1*l|z$%035bK%SQ9BzrWXEvc0Et?>_a
zJ>|W9_<hMqo9t;-;bV{O%y!jeIBQlX2FuxF)fxxOS#9K>h2^Y}EN|a!Yv<lRyoYmd
zyBf~D+lF&LocoV)?mgW_B9lcDYC=A%KiyzM#wR|a5xG7jXGCoy@p?<K?bnQqB;L)A
zoFw9YqG%fg_eL0dBJPRQ&s#F&Ocsff<WM?uyT895<LLC<=#n4L7*+bpc?{w2Qn4&r
zjTb6S8Y=nO_8nd><3e921&y_iieJThd?uMXa&M!BWYP-)X0a8~lj7C!eW$O(aot3?
zCiiu1IUydol3(rYgU+eGWLxwzy#^C6_D6`RwA1(9FsE=2xYuS@^Nw%r2M?br2}2co
zFif$n5XFKc-9ymC9;^Jv_5hG4J?IyT5%w^^C&ADs;pku?*kE1AV1bzrJD`Gv@|+%?
zcQ5^#yz+tmcW=LaeDluq{X4Uh{2l{P0}T&a?Le;lv2vz;-8SS;6VqtWaxfH^XY+M^
z#>Vuu!Uu=2cfSFui5&YfLsewyZ;T3`9~s2gAii4LAii3^^+4jwZ}`IYFy=2axvh*~
z*am(x@SEM}H}IR*Z#@XV>FheDibgC`tTl1I!N^6<%eUY}0LYEjehnl*On67ud?B$w
za3Ug_*j`WPEK^S3Tl=zEMyCn;>&?y8^PpLMXE&BGuM&9IV>N1>82Ik@V>OzIBoX)5
z3?m=ID)*e(SdH?q=$TYGE!Zdi@edz9v`!<pU+u7*?Q5>3=_j~=l}R3>Il~%I)wPRT
zs~@@0yJ(qn*)cNDR?5UxE<S|Sse1C>JpCS1Wg?NLbR^l5<`ip%<rqms6^T4t#Yl2;
zc_oj?+2#2)u^E>~Bo?Xu3Fw7AnWVERBkV(z6tRc3K{nJ<kC12cF~lonalOlkX65%G
zFbd16c}m3mkdaGe`Jh}Yb$0iB{NfMelX2UPHh}&yd&AZfnyS{X3`BsOs&6zAvofbj
zbMa#g(qB@ZLo(ltC%^<njI~eOt*~Uy?^tHN0RH{B=U6<URlG1xSVqZUi0$+7i7!>F
zYC$$*jCk&I)3&epHD3?ebwi%`hA!73v0;wSE!^sXB$wxVQGX-*!CqQU<1k_0nTVS%
z+&$Y&o<f(-8#)^jrqFN9$13%u8s9Y_(npabfy(&CupXU4PPS0WgE|dS+(}=Whbr(S
zM2WAqJnHd5({fzqfx0~Dq0f^*ot^~f^(0)kCtKSS2vlJ4WnkF0=8Ri28Z@z*$Hq$b
zVILsd+6c(No_=NQX~V`4G_Qd-_5DOh8X0L*4)Hawg4m_3d38dQqBfXCeGd+1(cS1b
zm_=K^^+0YI>pQ-pIrY`6-louG;Igl=v-*hMucuvs$!@8CV~XYe4Xp&B%O%TVTW?5-
zTb7Y;u3vlkSP;RX4pn&2*TH*y;eD;>lHs!W6P9oH8Bd7uTj4ZpripJV9aYFl_$v8p
zLz-vwxW385(?<{9<15#%H`e)^>(^jdVg@I;W1%%cKo0n*5m+ELfFj*_rq*QB@qkw{
zk4lPeYbJv_`{B`+amq7tW#4&tt1{SN&qS87Nc|OpJNIMXY`Eh6jjb%^pV1o{G^BP#
zAWXOE)NCF|uh~MY2|V`Q8qH(YXC6SC38Y(?Ci5_QOrRDMro)8P9ro!jLBez!-KFkw
zy4v6*<q~N2RbGlPguH#<!0AJUK{F@)N?d@u>g?Uyw-;wOr4Mnu=J9FmavM+3o;@GH
zXJ6$az35qv;ECfBw!UiUY%K`CYrjobZao8XM{`c636tbd>vKO|UBCPL{~UpCH?jXg
zvzWYnhyUeCcIe}leaIE_og<)_M=x6Qp5o(LCvtT~RD6N<P-)t($pd*Lt6Bq^V;{<=
zU%os(9{+xa`T+eaFx=S6?g%4*RTRt?#P|wy)@n7y^zXw6c$blc=5wgXUMvY$B<1sk
zL1UQ<5fdIWu>JBZ${Cedbh9HYddebdk48ilO~f3_J46eb%^9IdQkJN1jv{F7x?gm`
zW3CPXbzj4R8epG8WnNa!`-$FzZ9COp#7cMP{c*DOoZu9ODb`jw!^j7d%LN!FTKQZE
zsUQwf<mB?o1gH49Da}gx=Ef&HWSI%$vJVTuIdxD6@ilO!m?LZ|$l<w#`f|Q=dpRQ_
z<w~*m2u@SkqkbRDF0{VgaRCm_BJf>&+i(Uv0$I`d1mj`aky<uujNtB>t_&H?JxtL#
zlH#92%V4M@-9BOPX3Y^=WRF2jzValrDUG#Zj;GF^wz~%=2ZoVdqD&yu0=5izC2U|1
zux9-MlX&N=z4KT%QX<iN9JY&IPsmwY&MOIxUug|O+W6j??rUc9Vlb6c8JNQR1<S}C
z%lT{twIzX>`aKj?XI@Y25T4S}hVYcZ|Le3NJY@(^*=R#}ig&65ds=Tpc#7LTGu{*y
zp3;GRTUV2?u(6}Fp-B~RN>KTW1>A+<!O{L}RSfFgpxzDqb5QTdpx$k^LA~=%bzo2H
zZBXyr_L=dfpil5jvZ%<}<d!eL1-o3ZvUkoUWD6ssswsVNzB_fgFxua;RnOq)P5xTJ
z-T^P0@gz*83*f;+`126{yc_+7@aNWVJy7^Fx*gv3sYCOPaYmu<0?1wZZ+mEL`>0<A
z(V^FD)~95}>Dg;?W8Q16SE2WPyQ^!#pqCO;bhCKHfIdV9^r7DL8qkOK8~4|Ns?p|g
z-4abB=5wxS@-AXD3oT!L-t<mG5o`Ckh7os^l-|0Ob<^;=U=bVF4p^nz+kqtKxmYGl
zNpgC1IVLv?E*s|2T4SezVIr4TcP}j95}B@S)W(tix2>_F_c+F*A-+pvpA`zzo(pc9
zts(TxcZP3#6a}Q+wZsLi5V9pxgyLgT^K`{iPp6W+$GRl%hdR{56>7Lb?MT1j3f20p
zp$_$9twX)9I(^>nKmHPXTMvIIPWNex)9tgcT3wN9*PGT9EKsCs>fvts)KH_%H`^gf
zVsJzL%G{7cl!V)cD2cYg4p9;Vdm5r7pnYb%X{gcWw86smc-h=wVf%Gi*oGQyZQ~wl
zv^6|7)M&%@+0<wg?RhmDG8W8zTCAeeIb|y6kwmh32f#DM<}Df4Lm9TA4BJqKZ79Pw
zlws>bub~W^(}pr^t<(7I%dlPJJD@`7m-LKtHp&@|fh0VWie{0&e$HdAPS(GOPW{-?
z<uZXPHuegGc`&e5>{V$eZ{$#MXK*$S*8E?OHGgn6x@~YawheZ0HV*7*a5h5w%y`pK
zac5BP+_4Y*^H;<_2ldWvgL>CC*g?G;*wdiiLHo>j(@=3|sJMe|2xjxQA(-vg70mWI
zSKQgQGDaqY3u3&Tc<W%ioop6~Xc*|8%3oB2!KxS1c<{l0M4`}u8I+rz*hpJMETK6g
zOO|sH^9UjWekxebadqu{oauTORWoTz50*>a#gw7oi4=<sxD1Ukq4Joi=s0ImBzI#?
zo#sCGT=pW9J5{>?YKB$0sO^w?`YDjb(D~uOO;Vm+LMI*gLhZqc{lnle>lK}w93`5b
z=L$Y$6Tm0e-?q-{a-NAC<2m(nBxjMx<2ISq9Y?o=bKSnP9%8u;f7ZT6U9f265^H@m
z1!=UasQ(J!W4;On^_UL;oYR}foFucIgl1YZk*8zwE`uK@*Wb3^_D+w;>FMd|5qa}>
ztq{DOcxms_xV6hFaOS%O;2MEC`gU^U2`za(e(`5dWQiX(t^L@H$Z7j8r>E^dzWICW
zPj9ybVe?nGYLiA=ig6Y_4;AAVXU~0N{Nn8SM-=1EV7iJ|p{zXpu6a51ux+f5#7Z5@
zoZsn7=jBydfr^_T`C28aqIqklbmdm2GT}32U8}NBeZ6qXQ{lHSPv10l>XsjZk$`1l
zLGLhbjz!O3o&$ZR?9$FgAMlh*ea~oSA&!2sMza0t3@m!STZODBVp9IC{lZ(<8|>41
z)u689cN21Yb?LjK4mBKGr}C&S*Fz1*mKl6jH5`cnJq)`C9K6DZZOK1ie@*~)g`w!i
zZMISj<kfU#Hc*sv#d1!^<n)g61niHdH~W+Q?o1R}`$8;O&Z?uJH~*O4%P~#q&mtQ~
zB0WC+ZgO$<+%nA5tIKOVOcB%n@#6;j9xqhdmVZMC5(W5LETST185Zi<X$;sYe7Nn<
zblj@eg|r!_;l%X_Q+-20TKg?pbrIeAV3^^w+qf8LX9MlE!$upB1=qu_7m^7Vl2V~b
z;Q1LR)^Tt4@`L@~id&MyAVObSgFLEO?HA)x^*TZbY*3-}#$ptzSlLXD*w%`yl(Tkv
z7fA<*>_@&^=WB88ts|$(*sq)m7L>{Umx_YV**vtW>Wxtq@s+JVC=zyh{WeTf{cb|8
zMZ(DG_1hytGeR{p%&6jb488YyYdh*|M>#n!&b3KY3>sLO*0`=hOK&RUphdS%WzeDr
zEqc#d^tKisD6V-X(xn!Kjm&W)O)n!enn-rkAS)nYkrY{EI%F})nOusj5p1D^S1<?w
zU_hV0_r~C`o;}x)Pxj~WiGHe~&-N@ml^4u0*)&)Ueak-M2@AE2y>g#zFpfchz{j(W
zxx;Zr<IpE~Kx;$Vvt>vRV<*#)?jZ0Q`Px|v>q4@XFOVK39meFEMIudE7JI9*69}-Q
zQz?={F|7zK<d}T7(4A@J5d=B>m1vHAWE~oYL?b;nsyu}^mbuW!o22xXNs<XNFKA9P
z#q@ekMS%rFjWi%wb5`WQGIKxJ$=X#+kC;m$mB?8<h7Bak=%-W^nPM^OBdxtwyK7v=
zf=bP)oga{W%hqBUeQuYN^H)e`6ArF-ILxD5)Uf?cYAWpa|NFat{O<6F-+lkT$N%`<
z(=UG*AO2H{?3Y!V{Ia5H^2>is-o5?hf8M<Q<$q4!yl&M?KazX#k=`E?VXhC6$P~+z
z)qCLNeSWtHze5HlwLkGZkAj8H*Jl?#ne+A8#YYr5Pn^-Xd#cG7^Yz)49$n*VZ0(C7
zY0Dwm$``X=F*lF=QV#Oz^>iE843AZLsJ<3ro-lHjh$43VLe28gDqJY=OAE&oLyo?F
z_wMW07eAg}UA?|MJH5Gl_x8uL>x=V?w>OukubUlaO|=&4^osPz#&Z}ZSREa`mSuCE
zF(jfYl*skSkKMGLY(7$A1bvK_2~{(Zr)?xVB}=eY{8Vts6$Vb>rP<w$+|(<ln}M8-
z9pg>0jm)|`D-d~Rc2va!8+)t?K>!mYOA(VhPT}qMW4$nAyqn7RcoBml6?)vwzPrxF
zYg{Oh@hxSal)!)@XK$Mk9sdXZW2CQ^e>wgShZ-Zjuk@eCT1@_>(J>#O!>RV_OijLk
z2XzII$tqLy0}3rJZI4`<p-ep&Nn<!PuVAD_Su>7E7S&Dk8z)8Iq6%fsM_$_I4UZ{#
z<FOujn-0~fc?{-PO9<4igK1G?30FonzdUbO@4AY<J!EB*!9W~DVMXT?#K{n0EC|A>
z=$uIVR;iGHVG<!XO!)4+-3})J?INOzWuPQ%JN}<V78VDl$E_bOt*JG|49@aO6eMF1
zT#_ihOxii8?g(aGK3da8+cv`PN5Zd*n*-hWn;!E1)bxeOME+W{r!Fo1uho+zS_mP{
zIYdr+AW4G1!G=f@F0~fkFi=oYO==9jvPos1ISWR7!&4>|O_xEVuAT;!DHn+>jj;|>
z$eCu{jTxUd+SBx66SsL*8USOeXwQi#wG6!?LDetM9SN!#eY{JOI~->;mBtl5pog`~
z>7M>IKn?d^wrT(+^i6fhG8?kYJTx4#%%BaRgr5kMaH_|wB~6&M;Vb(%9Pm7C6hl_r
zc-<|HVyKCCG{|oB67g)l5m#+Gl5K}Ngv&3fl=mX<g9>L~@uR|ZSlL|a*bbY7*Z}<D
zdvK6qyU}luVy)kLASqTzmiG&tdT(FZ8^5s~4*bTnf!_@LrfEi>J-_MfdVpE}v@pv9
zOv?b%GQhM9Ff9X2OCNd-FfC3SU|JqVc0VGRmIn=HFa=Q-thCGlU6-+O<hOGQ<Bk1X
zLmvi&nC9;e2r(UPC?P)7=*2da5U<)JDbqWY5Fbj259|rsP(s|aN5XvgV{j+H_B;-6
zY$uy!v$1X4wr$(VCw8*2ZQHhO+qU^hp1Svbf6vSRn^QG&dU~d&PIXmxCS-7$V7K!q
z-`%V}%Fo{=?pA~g-Ax0iXFCJ=AOO@g^Pw!5(3C%NkZrioLn|Td`6_zIlPB>IvJyBK
zU2nT@G^50swX+y>8v=7lfhf0uxPaT4uWrJ($pVqR6S-YFJz#R}fd_MvG}1nfNY`|=
zMuU%uvjaxHooL|bAEAIm2#K)KRjN#;n|rcI?7Yd|Q<jxjZ}3xNQZbQ!^f-(p_H^C|
zy7!F7#Af-*k?eQDd}dTSTHL>%QA}DEYq`Z*IW3EU(_OY*3yIIFoQC!kgvY9j+AH#R
zXJ?Dw{$&^)d5+qHAeCI)1gn^dI8Ff9_S*_pjAwUg2;B!5hu%A?Dg{e)(7!eTIT9ub
z(#4YC{eTp-7AC&<&SxJpA>}`pJ9AY@es<s_CVk{KD>I*(9V(StaWJXDQkq3$WsgLQ
z6ST3?vcyub<r+6Ix{Oc_LxyD~bTG6@66H)~N-U9;Z#XFUO_x~arL5B$y&NH5R0Tt{
z%)>inM5FF3{4<eNG>=NFK2zg)iX{JJaP4&gDO93`!#E`tGOCr*y)7_1>(7$Y+HuYh
zz_v0BQ=mlbucy%7ul?OoasugHdeJXDt5?u=u8H?EGp@G*H-!_U?l8QHA32Yqy33aZ
za}Zb`vIB?ZeRK&33@~FgVk7*8^An=SvaYh!U)9EOUAfH9J#fxLY{XMLy%>y%x6wSw
z#t(GTY9~8+;{ehFVkg5wr?S%T9y?6BX&?!Cz=Ub3Ra2>myKw{>wjqI2)L(}9(CbEy
zLQS&1U-_63Ml+pDR78O`k`Fyop5A^%?FU}@VP9XsIB<TQqOi!Pm?s>%h3efu341@R
z347Ykd-zg%%On@yCM$8LJ)FaW3J8G{!h?bef;bObn;U)hkiLsskiLr_)$)m_F?IBQ
z-R<oFyrLIQO}{s)qi3F1Z4e(55wt5-;kbVcQ!&h$*Q$0f5_ApksU`AXhxmNn7R8o!
zy&b?i=}VEdF=;rn_nb&Nr~fma6hkW(yGhCHv=bpo!DKT~Zp`!_2Jh@<=J_fW_QVI_
zJG8GVqHxF@oQVZv-D%O_i|qXkF>cC^x!uj(J>)uOP*#g~(7R`Q0nI4LIS{Ck!ToHI
zOasVcV(ugT)DG!_l+c>3S?88&HLL#FqIrKkWY(Z+W)mfk8ts@!8U=SsClM>IhqJhn
z4&R!NIqnL!V~4xJF8dzuCASs1YV=>U$<b}V%i!0!*J}tVE*oNT`+5#mCwUp<I#?mU
zE+fF+b21%q|4KM{_Fx`+k4a-apoaGC64D32d%|Sej!EDB&s>g4J8YVdWDYFI34&Z=
zzu6}XdrwyqxKUc`WzYSxM-tQC4GNlfWB))9+g!2djY}L8gVCGM`jC|aR_G_(nd%#x
zKcjT()3=3?j?olk`w3GEo;g`cod@7S?U(NA^u9dQ69i65(0F0dAnhE&Jp-&lClBOF
zZ5&F~5lRh(alMt_+d@UKQcFkvt{1`fH~|61*}d()2p0cj@)_%m^9idoCPDC7K_9p!
zutYoJ->Sz;4nb;7@RHHDS28%!TXFwwA`aVz9kd8LZt^|-`M1esOJVoPkW<%<*@_{F
zg?QO4Aq8`AMA#tXNb9?r6?IJ|kUq93Mv#JG*%|nxHe{O}OJG~}JSu5DLh`+nqZrYv
zAK_MQbN*gEbz|uh=*nmKnMTrsvf|XLmD@3O!kKuzd$6<1&7Q=vp`+0yS^lYdkvv^)
z<=K5`rzEcnTpaSv8(4B@vwweXY#~v!G1MX}qxWiO6}))V13ci`+hm4iNl#JGJnM_N
z9;XX)^`c&K53F@Tt@9ml&b*-f<hRJb$F}%X0R1<~H)7j;3NGt5Pdj410De6|z4PXM
zjlN_Cxetw?Hi9^eBHGJdc9^csn@bAHbEtF}7M86x%Ydrx!i_7$u($=&L!8bP+Fd$#
z(=v@6&SF9rle_8f4(~?cv+&K(x%ifT#C&2fuRlWK|MRvQd}Z!8Yf#_s)CajifYTPi
zZfl&Yyd8uqONHD2hftvzWeX<z+(gd!x`dVe&Z18Fg!5``D`=^@Lf|`D<vB*^Y8A^a
z3EWX-v_BJDv36OM$UPXLg@W)2FFI#3Y_2HhaRxKIxs#B3@c#OWyoUkDHNEO7C%J!7
z?Jzt86dJhPwlqoX*@peDv)2h^nd?umkPc*delsBXNFf{Uu>=p$$B6%Pa(GoJE?1OP
zo+Z9&+W%3bb!)$MYFqCv!zD3S1%{SvGGRu+b}GYmscnd{mAlkqTG={U8CAkV#MwF9
zUaf#=%JS404KKqK0*{iukCG2F`TTPT7(E_i&2~=t_cOcG>n?7G^Eu$~{ZiVO(5NRF
z(NTO)DtB_#2(+4wvZb9B6;H?}kG*CVN<6a@vGK?GrM<|>w+qyy_|?S<<6phvK}Ob~
zRuw-+RHGVFp|46A$l`eLJvYtgXQunnKZw@9`3IB@!W*-IE)9(DzEr%0lL2D9@f*Bv
zx|u^hi<zHX$exR3Q0sebY9WwjjJs)oN>i!jE)d$@Z_Jqpl_p|(8<?=0`V(3!L9PgC
z0{JufWb@B17cQsw?H1HL<>@sz>1QYT2~(cs-0WtKn%NmRE)28~_!*L)Q{B6D4|XwT
zeZud31u|lE{lw1t_~{t6>v-M;?i#jxAHQ>7o%2OS`0f?^?j@gs<n7`9io1&eweToK
zvhX-%aQ<x06}yWV$PU;c_l4%m4-<Skd9e$@+#!E*`LIk9pQywEERABwM^=Ros^WDq
zAqhj{^ibQI03MT9<;EC~4PQF~^4RhKah+Nc^WZjMdk+Ed!=c5B5q8%n-PgnPpTjmj
zWE~;ZmVKm$29qX=CK?0}beP}|pTu2#Ns_9Q9HKjv0f~0e&1?vOVCt)C2=ozcoEY@j
zr``&^x^9aXd~P!H)coB)B-ulRlm$0|J*?bj{$|6q0$8LR>LF+BB{bmlPRf)pwT#nG
zCu_WkiPJ&DhZ8kAou$ur2FjU7n#=_^Fadv6Vbp>JjjFBJ?)p+ev7fzxl_(Kl56v+d
zE^2trO)@RC5+)_wIi6l&EUZ+0U&ZX;$<rvm8=At~+s2wQ3iS%KhBl*hZ)$$WUuQQU
z`M*fJLolb$MJeeoo*A-Dg}}OXp1yPs;0&>bIa!X+)aL5y<V8`42J<+=OvoXpoaLCL
zf7|yf5t$5xAo*&D>U;&0|8V7g_1gQ@^JmF^zr3XKKZoeSGeAEDsYRCn7s8<I8{j<9
zAFxxlWRW#Z>e{dN^H7_dM0utH33X0Y>BOKo2&A9wHqt<uQa-nGRHk}&<rS3`<u5)i
zC6x!4{+R26vHmGl$F{4h=x!*&y{0}<qo8+G@A-)NB;YweSi)F>YiPCLole<kn&Mh#
z9le&I?tY7wpmq@{iKOIeUg8>P<#C?RJh&qqN7%N!#+t6NM9@Bm<EBKCuvo*dSr%N!
z={ru>&Osx?kh?Lu9PS>6>9p&bQ>3f$KI2u3+`LF*WPe)y7j%5Vldk%z|Hvw)MP-;`
zv24=&d@wQYr_tU<(@6;5IELQuSG)eA8!X%W+f98?=zykjWM>kzUnIq}BeR7hd4Gif
z6=Hns53{OPBNA@Eu-{q;<&K&_ot-DBL&ri`5lz~&|JBe7TYl-0rY2%J|EOsrp6Y4m
zto!mMSLcB<u}$jF<qh&d!KZw!kL#~!KUk8qM_7yEZ3>UH<xcHNk`VM;{YltZ@shKQ
zS^^UfS>>{Is4$m7I9hj9K^c&q4|TvfThGoLEb7{gqijVLQG=IgPmSi&XKd^5apA!!
z&fwm4>|6C%Beep~L*6DMohgvlhr+fLsLtd<oq|DFX>W;|qwdc5!V~HdpD(PMLyA_%
zs7a2j`;uMNFA7S`D_4Irm0{CMzS{0Rw!+9Ja5KvUZGvHUIE!8yGtF9VuRy1t+}UQD
z8zA+|_jBO6SM{ioBoGPQy-u-?K1Y1|(fRXkkncBb-7JQdV>KDG0b@(0<+ahTt<k`l
zk7zKlz!ei`%}%jLY!{FN0o%FQT={t%AClX067p~bpmT54?;@U0?nr5?-fN@q!jt2I
zXC+#3>GbP@jc@5I!CX}*^eYsdt#r<LmkCeK-Y$ny*i$Vm*ng@&-rAVAGtQ_LB`Z%R
ztCKmb0N|l{oucoT&a1xMJoAi6{PQeCl-D4fVuenaLA!FGImPHyn$3jO#9a}s!4+j%
zR*=HdV`VKjPe_ucq9SJD$~<?H;w4sd43Hdf01QymhJu-rPkx{Mb9sf`k+vH3rFZ;m
z8FoCEpt-2!uDRy}4W5j7bW>S<QX`2VMX#V>3_#CpIGW8WFLD8%dUKw=-c87G_UD!_
zqa)!WMhGZ(6BE9QxA+_TG!^qZvQ;zI_l(5OWt6t)Sk<)mn*A@I@yK#RZpe2bX_D5m
znRCv(2%MktO)dqIS`tdr(JRm{mNfp@M3HS4b|AqGcN2<3;WTiJl%n?17jM}KbdXyt
zUpI5Iod7N0TwXrAF*KmRTHP$gH?Oc!KQ_jfEA#6*l^@?erkBpIrxuvC;;XmftGDc%
z^1M5FSR3m;dm#F|-gN8vcP&k&`km2k95GYw4Sl~xqcI(rqP%ZC)G115o%Bun7dYOV
zU7|HMy%(?otqGnNHLE-9Bnm`^FdR-Vh>?ByjnR1uON%G;cWk|v1w3tyk2^dq-6odS
z74F4Y&W0^KZB1)z6nk{KvDkCX&TG8icg)*q+0OE2+0L`8o64=&3rmIj93RsTi&+dd
z^Jp5IS<HPaqw`c6r&*^@TDmdv-i*cHnsX@0p&LF|D2K>z^u~LiO^%lq=PvhuG(A?B
ze^u$HQT0`0EdJ4H;MSiS0Nm_QOb8|4ti;msQD;vv;Ojuq^?rr?X+wq!#3Ho3MS-gl
zCD27~bL;$RT9py<lt)=x+lb5YpD&y1x;YzHQ%N`vcl7>tcwSJ4Tj53!){vILo?esO
zFh8G)b2?Cza#I!a#@g^8B^k>scwc}jw7F6phn|s_C|^@dho*)jB<-J_=tvIqm-t%(
z&QoSnOfA2@Jl+pMoe2TLEfGp2^E%uf7($7!l+d6GXs}KTid1y_oqd(}S3Q)egQ3vg
z{xvntTf<TE$=Q7D39&ntj^f;qj)?1Z-H`e^9p@@x7e^sS5>xGbIxPFmJyT+kOad&A
z#x&B>XU^Wq2sLO==pI9jC7>~KQDx<GQ*g^9Gc(bP1jCH-w`I3k-r<zio1-A6N+rhc
zicfjI%bQx|fJqZ@3t7gfhnH*Z=80W3!b$s|adZ3U$5yi>F$&jm+1LzPTkWB!_LC7E
zXXBc7##Noefd7;T#?`GfYr82{_LB@8=jmr{um1tWaGa-`zj@X`?d^CN$Jc8s$tOGA
zZ)ET6YqfE+T`}uswthZk>gW<l&l@h?{8`})Y02C7{*m)E(r0oIcSle)ZVq=DE0DGC
zs8R7U3{A1!{AuCsxak}O*SmUuenv)%)C@JpP9a2t8~fFm72(?@L)*J;Y45FH#|$J)
zo2Fg$SR0>VLT@DFC6$B~U9I`V4ZCBH=!cgZD&DrvPv&eZx0TVr6#K2CSQXBUXe^Do
z&`OzLs*9-`q-lBM9AOfFszYI{Reh~Lfs9$sIo0m!>Y}F{E5PkvMe(mN%AmXg9c?s}
z+8s+n+S#hq(jqP3**=?Wf@5-V-_@A0NrVyFnf6-R?U#2RqhNNHmNTrmT2+F*UaGRq
zGbPQK@)NnsCmH!v$$b~$?b7;_&Bswo;@!)je2MvDqc$+CLY^Uf<@WDBy<O)PzfVgf
zjFsZGcS+?BBa+ZAm_F_2HuWuFC|_RRl7pFvD*4$=Vj(5-glBsWV_#H(YbDn;tAY$x
zazGOn>J?8p1h&Lt)piBfh}=4^fSL$}p6h4?YIGi5jU_@_2%ziNLi|&fuS)g-eg}DT
zVD8;~Fh#Z3FlmlE3UUD~cP$+;vx)uFvT3Jk-%BYr?YqX?ZgJ8LI${JZ6WK;-vztjW
zptJzN>_DDnYN~~59s{+%FDwV?pb(qjKJ3eU!S%Rsv%y49yVrUaC(C>#1TaQ!K;Sf0
zZ2Z`4w!Iv`ILF#L)P;BNN?hAC8OlB?0W|cBT&Wff2YJ;J+il|kxemt1k;g_1bPux#
zjTXMxhK5>f?s86gmf&LJT?n)62;n_q!uvNVKj`4=qQH!y^4E|eiX(%8p@NI}WdFvS
z#DB?%&uIVE0608piwup#ttD_2xnPlBi%W_d7P$*bgc)t%5ocU8#@-AXQ@DlaVPW@=
z_CdS-OMl~a2>7-B-SjIq2iZVHK&<C+{xMq-1REnx5d<5%zs&!t%zp^7=9b!omnAiT
z;dvWu37ADa)!g;>lChvGbjVXQn~gv0L!o^!hf{foCxmn1Mo~W}Ae2Kf4ep&&f&Uf8
zDJNft9387?H|`EP*Wz?7sc(E6K^LX`jw*E();u_#L8s`n*$He3i2R}H5T0hv^<j^c
z{)iaB=o_)BARE;+$(*5ZiL{(cee0d%N%N`Ym|1XJClW=>lxtlhe0t_Kj*Y3hntyQg
z*L)$598%Th>+-3p7Rzk)_q9&wHIOSnp<f=b8yKC;Cn|-0LLoT}p@;mL$$zz#K>AxM
zhm0uXCvy!ph<c{%KuC_=Bl%ixyQ#6Uv9Y%2YvJpa{-oDD*T?Yt^Qf_rezxapFp<9J
z<A7d1$J_BGmHyk|Wj(QRHuno8oA+suu{sVml0PeZKg+p(q<dB}<kT4{n|X2K$Cu=K
zQ7I3`n_pL<nZ_)HWWdO?6h?npXARBH_?XMDl`qrxdHv}ssSB)2f0a2=q^Q)*S+OOJ
zOb40nS$)Utx=WrcahyE4$g83l&$ASod70$)8+O1Qc!Wj^l3QRNqT=l;3Sal$o<hBM
z^KBxEzS1R#&oQNwtTB0KqZS?&J|0+Ce)85BXhw-5u;l~rVe@%tAFgZLm&ru@dC+7=
z$<<f}YYtoC1j)5P%<}?gm@h5+BotnF{!87kSD>;(R%Sf0PjBX1Bg?OcJ#iNnCH3qx
zim$Ka6*1N*v}a=t9|}X;?hlK0{CYfL1SB>6HEq}X1|!6@pV8Ux#VO|>znKokg~n}d
z4Mqd1VRqhs#A$e%iplTmyZ!c@5~zbOeNJ6dvJ`43Wwb|ra-WfQtrls`eV?eu=vmfj
zo?|6)wn3P%6f*`bFy>}ts;ypu%(wb5ClN>)6$yP_fkTp29We(=vkxcsqq>kn7ug$-
z)nw6OWeb_<W)$#(LlXWCOQjK=6WMe==Z~q<j+S<}Tw$PME4R-uubKZkW+}Bo!kz5G
z*iWRXB#NpE?ex!?E1-rsC{M3A7uL({*f8vAYr(;Q-Ahft-Xdtbb<GK_KuNBtlTo+3
ztw-=?u@38cJ<PKfgua4w4oz%5OXDmIta(W~r=40evW&)zx*C_;n^DR8Uk-@&0_G!;
zd_56mQJQC{I*C_kbI!vUT%Ng>+|$qqtzdRx3;vE07q0oGCcSgKLx{<n&QEd%7K-xC
z+7|vZekI3l1*DTT04Hv`q+-QyeOPMW<h{aKK^w^1X3M81dZ7MR;S^{yHn_4P1Q}ym
z^Gm_6yGmKf3Mhzmb*k?we&I#`997D=n%GMZ0|r_CNzRg6=7VSFnpZ7s@ex>NhfH0e
z>gR@>y}8Om`mkb$cDr42yKvgR)%J+lG0lOj{?0Q|uRyA7Cl#mb7;0)e<P=o*PtbqK
zFmj|RV^ZNY%7J3YRL~_y*Y1=TUBr%o?`Pm!<Kd*Gw%1u3!U!A0UGJw-)?>k|y!HZL
z+T0S#UJs_Y#;(@^Ug~>ITG3wBX02vP-NMIJM5AC6JB4LFyOUQ?Cr`U3>|WE4!9s;K
zv*HtMLF&as&xv(8Z87{yOw&iPrG%gP{<%FXljpbB%s)P|+%II>;F9QZazFiX^8I{`
z9Ot_(H!w@ptHod$w?7K8-H+m=QgtL~6Gc7V)E#VsT>SW7sV6o3_-EuSK_ks)L}-(T
z#hX)|_xj*)L?4TGdAz25G^9dBTa_dd+9&;If)A=_pM+ywB}F^ATX3qPI~iSr+OHF~
zv^X0r&{f`=Ap7DId@kc$`1&{@+Z0!LY<`7xm%tTbm`(*)!=`EbEo!ercGJL}_}w(N
zhs^k0m*}&?Q+C5)6!aw=U-30|mIkf+0N;h8s$i{)3{a&E5oWiplCNh(xTRyAIB@C&
zJ_v*c+obyD9(Q?H6`aCeJ27oZyWUgNKA@Bn+R{-vy*WuYWx4^qqF8vuNDhj*4Tw*B
zQ=3Kc`ro9`LyEdd86n9mP%@hq$KmD82+>m9%N1$oGr)*Mx__`I`Z<$EgNWm>VMkvW
ziR=rVWWfowSRha6Q+UE(MkQhrM(>3KMbKfG#Zn-5@x$!F!|3kHPMau<+1^p(TI~|3
zRBvZ{`xkr_2+$pfD7Y_wdy~1&IgO5@4zZZU7Bd(mJmwL&_h&}=ya5OUI)ZOFmQT#|
zOcK#t%tRr)Ymk9b=IW?R0<+ZWj|FgoCsFQy%qpTgl;toLI7YKM&YK6a61Sv}Ol1`D
zuGh=rjFGc=jd92wm*-#u{Su>QBpW1|oIc9G&3lFt-i{mG$30T+KdBRx@-^j;Zmhdi
z->ELiyRh|kX2)o5`sP^5Yxw+L5n;rEAULQ505DXn6}Lm%>uqf?baZR$JZ8M+8I{eF
z^{X&C+cQW~o=FQS8Po(VfFt%;AQtBkYzS7nzxJAFr255x?#t%&pG2hss_VA#&a6!v
zaW6x<CiY$RQD~%zVEr{yr0P>cMwp%ph4~%96s)KWglD6j)G}HAwz0P=nTZ|gRfJM~
zs83p@$0f|c)Lcxm>xoqNUSmZ>`_`S!1|RkIdoOc2^thMVl4NHIs8qx`vg1-4!J^d+
zCKC0Dx~2!b>mnH@7MAv|Ff-=sFZ(p3ohA;rWd7|g?ZC34$D4g|310h+Z?w707UMr3
zzm~6?+&W1L*{4$zcA6B70Ix~>yxm?CiKg4U2a=69c=tzM?y(-IJ)PoT<CojY-{>zl
z<pM-ruNnl|K0#VT1j6OlI8Q_+d`TxgMVJz%`U{cXbV+YJyqHpcw>fa6{qD0NO8cFs
zLNNE+&iPGmC8B?vz$hPNHyIUu{RgoK*(h{<{f#)%dn_3#pJn05SJ<aB^>&*^B^vCt
zY$|{sae+9*MAyEfZ3l_BP$Md;5?Bd={4@dhanFFcCy2xccbT2IrLTba5t18xww!R1
zZ(QL&NfZ2``dFDCeZk-P<5Z`-eARybCLHIzmI0eVmfXL8L3hkeMf_EOB#?2GNdL9y
zM*rJDt7(u)g`<xTgAU(dqYxd1!8S|@v_9~jq$f`x+(f)R;C0l1c<MC&nJunS0;*uR
zw0Rode&)IMSyYF<NqFY@Wh1ie5~<|P=3`x5H@>@OdEaBuz#YTm&M@2=nzREeu*<pj
zEuJ9<mSzlnX=lb(RU7j$eo#1qF6R~k5iQ=k(zvOfvMun6wE+4vZa$C0e|E(KlI*&{
zC-!)e0yV2~xf*Gr_+mq0)e3zcivZ~l*J-^!UXwIzU76u9rqK?b3D#~95hEW3=xNYF
zJ)ecSH{m~t-)0-eMexkmKJ^Jcdl2(AX@V>brMuW(8$!_{(bh+@!u*El4E!oc&y-<E
zf*1L=O*<)a7Fa{ji7$Ly14a03e#9~zuiCNbDf>oi^!0tdn;Uiim??bMTLs*n@oceC
zepMu0_M(Ue`w8Q;ff|~cL4xsp?_U(B#)`^v9Q8yXVe@yf(r>XbjdMgof0b9MpW!QW
z!bjdeAd(Ik{b`qCgcLkmMIyp01bA5MwFBClXZUrxmnzxFCp4hJ;1KehXra6t_p5!@
z@G9KJ1`O298(?_$lBW`##JbhEXXU25M*(Z`h&RO`EfTwYR#(W(zq~A@-VNIPcZe{^
z*V@NaVvGmFXm1sz4<qVVtZxKTKUy?a5T5!Jff6lZKoPJ$(bm$Go9p|VeFDx~>7`vf
zb6rZubg!q);%+>LR<?H-3tFJJhNF3{>RXIN5?n%DQe7}XbxWSMb8F9$&~v8hpfTFl
z_Q;^;M*P&B2h?f+M$eL8$o6p<KfcBGRA1MQt<1n&X)f>kW-8PuK$)g#45dqhrj>Rb
z*oXnP_LSm>ABxD+hN0Ld5cKm%(=Z6JqS#`3Kyn)Sl^#HMTVRPyhpulZik4*xRDvii
zuR@wK^ZtJhmhz)V#YakY+4+|%d0QUbgwz<t2YD{8lrn7A!~`&K1wB(o+<v!0^}A)@
zwi`&E+Z}SZv~w$v>Syh+2i^XcFqQboDOl%)mr00@`#d^sviekP?D)Tpmgu-i6sL8o
z{{rk<QJgr1=y+qFYS~HrW2a=m+^8Rga61od<QVR>eZ*g8|MC#o8*)YY&q^wh`7e!<
z5i1oS&{r|~b8LpczihUG7(=HiQ)$bI7}R$EeNA9x+KQ@n-}ip)gjqxE^1C{u?$0*3
z`pfPj>VabE)r>^Uqb_12u1KCGS>dTpyRmDYl8M3+wgvAMnXlFo<VLT+@p4zFWwg@t
zOKUR&t`m`l$dvUa31oA*2~Ltn(wT41|9YZf`_kVqll}2K8oO{y-snxyI1>A^r_O0{
zJKSamf#Gpee_QXN>4#_YA1rf25lwX`tPCDG!4ZQ1Vp4(-UFdhUDGN63Q3OX)XlQfe
zb0EtfU;Bxr;K+#dD6RP7YI@U!HI72W<LOE3r8-o|#GaSy6)X=A@%g|UU*1Yp+9rS3
zW=1=cv-EOtNL0KoG`)H?>VUK52(c&kyy&xA6g^FA;twwoKl^4B;PwAvArZgTP4SV;
zgSp+c)bQWUsTZh~#X+om+)&rkq$0L@n9*$4trqYn?uwg=uatVJtgN+{A#E7+*295Z
znNHLB2zGW2KMNd%16)*9g(6rOYAjS$o3<(%-NLx*%AL`$*4;iPU6gW$q(awK4P?n3
zVJ9ran;q5?>db)aon*BM5=mIWnp=x+;x+lg(buh#U#%ri9aL~S)Me!(*Ja!do@Y(g
zHD7|$AGquAQC{0A!McZ$iao?53}P)Y@zqF~y^Iab{}G9GD;>Ssuq5pF{uL(%UuLjB
z$4behgD<1^fyC;d<nF39Z`L8q1L0B87w29+ofZP%mrzEilHx<zRyc`f7g)kDj_}xL
z%oz%*#U;1Jmr>kF$smLuY|Ns&h7nleCVZ<haWnI37hk^jwDW(>6N0I0{O(t0{#`yl
zpYucPJYPb+d?n5T;<T%uoso95BnfEAjKmtKIQdc%$k7EtRKJwP&F!m=cQCA4DI&cx
zOidxsv{@zn-d23V;DQ^g;4QE6zL<q~9RkL<p(g^8D*$rE)Leetr(3~ZXZG-y)Xm|7
zk+{FK<mcfdwJ9J6F5n^;n<7ha)_%U;4MK-!q3rzs4Zg{&01{S=+2=#n4}6|obR9k8
z@DxH#k}DA$jy-M5mE=gcRUiel8sZ>y-G#2M=Hy${3S4(+NTj%mW3VMRnIC3!m8P9X
zQSR<)xrH81OVTEz4TJNmy(Nc+2K<>i3MN9xmgmSr6*NiAR!Etw^27V=wobZ<IT_+G
zG#%^H3z(aT(m+1_XEpieB<oX|y_d(azw*5C)u1}QmE6r!*DK5>h>~#7{L!i@UH`eF
zkz0bE41C=+ieopY^pc(Up5B|^0c^kOb|)pzusm$F_`)UM6rJOJW&``Dd`K1*QcgP|
z9ak`1=Q_62N3GlmiJPQ^8c3z*uHkUvcgk_ssDsMIOs%EQE$1<-sz-sVyi))=&uEmd
z)Op-1dh-lN&SYu0><tc=)F~{lWakN)Y62R;9HS&lPonUX`G|(p-I#zpXjRAom?y^T
zdD_f9U!X2uZL)T7?uPn`oY0O!AVb<hP|AyiF=uOF1wB(yHg?{-H?yv^rr|`glrktY
zCwT#P@L+8jwnwqDGe_fqw=~XrPvDDOkvr-q`J6)t){KjXwpU9APLxw^(ydzFhTvYd
zQMK_~r!(Q>usQZkhq!GRMEX6+$34?v|I5k?S@L~VIH4b9+W`#H%~a6l%Hwo)dZ+$n
z3{%6NlznTAXDh~A9q<bs)j5tPam8hYj69O(R46^cXs46NG(2*Nf~uYMjRYLGpHjnd
zu$`$uGwr>R;M}pXLmz6HO)i^ieJbt%(+n5AIq<br?taCqCc}KMqaIlT*()~0dCymS
zESyq!nyc*?c-WEUg5w?l;rZ`7*lzbIxSL6SJI?*W2EgXC;Dfp2`!@b$18}SSQFw-d
zod3us{u;JTy|1KCFbdRC;m$q3@S6&nd+k%7^u3K`Y>|=II@8)r+?rS?IYiG)Wn&yk
z0W8)|b8MTI<$wkPMX^sYiFY<@(~x_nV1ZTZ?p_CKfXmnPLA#Wq`@a&?kE^qvM*iJg
zLWPy5IX7u`>WN)L{Zz|pxhdpiwkI$e)C|H~#}y#wMfUj<4LZ4&%Dpy+BVIY{?)9hK
z4UU5CW_rH{8(rG3w^ao00DT%YZ$aCfb}I#)`f|=enLF{*`I11eeJ|;ZLb(woR(LXU
zKKjBJKk%?{V*8g}2yVgJ_JtqM`<Rc4BBIWeS<d*{_P|nn9?lZ$d1Yf!|DA;?2TFw;
znXwX_6Hy96`DU_=g^-kGJ47k&)TX0s>MTb#kj|9dNE2C8*AFwTXZ8zb^`9ia37l;P
zT>*CK3oeP`NIqF>*l1LZc+p?ZjYLL*3N`Op_A0l`_6NeS#_|)EyX*6N*Z9!j`U=1}
z^uT`X%@om-#n9YZhZ^_qpZP0nw)r1X&JrQHdCr6++J+vWzTY5M*X0naE>*l<2<uGK
z+uQ`7FbSC9f^gDoYtb=GhrW|!)$977P^6o&lf5EGp%1!uR9v09pu`1*9gd{ptU!e~
zu(!>A7wNv2ImGa7Xm_z${IIu^rMSp8fPU*;%b?*U*^VpC&gS-(obb|i*NY9%ZpYZI
zb@jHUMl0ycSbwY&d$(vwjc=W7aU*0CoebIfL-JO84@1s6K3~Z(0CVX31PR|>Iz@xR
zGb0@R+rA(r&5`n76g21do@z^&eO7jMw$Jl%>PfF3;}7rW72MlxB7HB{=LLQ4&;B^3
zzR!IsxqJ`D=Om^d$LH16BYn>Y7}w@tYta8!=7p+2d<S$9Ty99iNPx}^Gt0PBrNuZH
zf+?KYt)4B>_hIAZZjRZmF(-?VkXO%A9A=fy{J+f0?*B3`jJ^}f0Z!6ebVCBRQg=Uy
zquGyfa`&WS`T0g6s-6xaGWuEP=`n%Pw;@vW<xyNIk94m9PGC!#uh@`@;F?Ngv8G^S
z5;VaLUpHSS-}}}dv@MO2>8kkSMzi01^=ITuSn8*9{PR=d?obQ=ctp36G~L6mThz4L
zDV9rMF4An?BGa>Q&W4h2z`xY=XL{{_j!B#2@_4AhXEJozZS2QGDl~!Qar?`0OA{*b
zhVvfRXqgXNM@YXmdsA@TYWydP@)3j<!pwQ7)vCTmQlgi8YL4U2`6|Rh=lDs@Q#ELF
z3(9lW%6&GzmuV(qqjzm3*JJF}h!{u{GLj_Y7Gz(%Tb|7yw<}NRTZ^+^Cj<9f4nJ!K
zD&iKINT*fZF&#SYz5O!v2GTVN-WONJe}2k+VSuwg5s0-C1DZn233zxvM)-C<6TEZ$
z^Y^*j?t>TaTJNuAv79vwvfv=04vRu~ngx+$?Mv8W+HlXWf7awQ@PdPJ`G-wc*x||a
z=#UR9+(D+5qkVN&{F32dC2^>B`&&9^x?0$f1ah*Ogu!QFxO=<a?jJ8lYFo3gNsY_O
zL#B66uy+NhN)tp{Ln=mwaV|8KF_wKA$UAG=Hy@>yxT8?Tl(l>e0NPX}xj}@8E^U<l
zCgE`z0T`MU?cW*D5O7TfPx_?SsJO;X-z^rP&PHoy?mYFL%TE!(+yebpPg&8$U>zNK
z6Oy&TwQ3NBR?e`2;WMzqAw06<878F(bYvPN(iIW~u!3@qa^!QaW~j>53-a4~iD9^a
z+m&vR-~e-oCW$(;xs2kn3=62V9)P2dvaNGB*7Z7jYrzDaI&DA>!^DY$T3HpHmZ{Yn
zZ2UG`3T7jQ>Oyi|TpVdn#f0Y3heL_7OaB~m7tuO1&3GZbe~u;RJQ_|bxT|du@NUI+
zof6XL(loD!En^v^C(An{o>Wg+@8rVr@|UV~gAf(b$BC8ZlmJrI%~i8yrm44E$G`_r
zw^Sk4DNvJ(@v4?H8c234Wy^u78*!N#`ZF>}C*Dp=rA-`Cr-43lKBuc(%$lg`GPrco
zuqYE){F?{N70aRE?9X6W3X3eaqW2>_{lyAQcPWmZN@D{hcxX{|mk=b`j_L3^vS}6X
zavjU_Uum%2tht0kSHy}SlVm-{c_tV|%KioTOdGHxN@f%Yu_@c=!XOHN930&`9eg?G
zK+<~n?PxGFg2IT4>J|mRwI@yHmZ>v^1Pb=@WC$(Egy~q<+S}CZ$RxO)5=t8^HN=Lm
za1<ay1d>@CXGyv%yz3l^&>51Jm*fa$B%QN%R^t1XD}=Rdq15>D#+PO+KhcrygQ&C1
z5iIkr+oH44%s_xBG6&1D8Ii<@BbVd)4&n#=6^f}xV2Kg3xnqnFd$QV+@F_okB7uX{
z4``MnFD=@PcQeJrpgC-#4B3h=iz-vLEOxF5PkZKK)Zbe+rd(!&g;Z8oaTcze!Rd~{
z@wK$RNYCWnX{-k493iJ(Qb{=fBeE<>Qikg%@K1K)LrTuu>oGO+92^eZ_&X!cV1Rj^
ziX_1U^(k-4U7dalcr6dq?4s-Yek8=<ajkwAvE)8Ia1Mk6RB4C_<&jWXf9y-pUHd~f
z51>|ctY#!yj9^T88nKl1sjAi^H`Z*8F$V;nh7BoWVlp0YCxOlk@u#n$WdC-Y3Ge;$
zE>%gMQoGb)LZTxYCl&OU>U2wZ0nqzgN~rKF?&U*FqUg5{HL%@F2veF=9yvRq9OaVZ
zd{#W%N>>x5Kwy(1=-G<9CdProX`?BuYS~ME;&5k2Ivef;ZjOv99WOU8xb{KlTy>r}
z$F`{rWzFid1PevR(~Nr)n{`i%b^s(;4;J*XPv#(Ck?kqWW)5sBMb`DESXyBqgn;Q3
z-lB!q@~4o*og{Yh_$f|jVR)gsQCe?vixarBlULhHDVK(UMSA=pryx>AWcDjP+JteO
zfv=;%QP~VIkIfY*E47>-EX=n5UcZat7o(y0fFM7Le0bctPpnswXDx}h9Ja=>4vWu0
zf%mX=RR_B!JakcXvl_WZS;E?yoBrTaG8sOo=NWdPpgv6~{szdjZ2^G|TPQA#^`NFY
z_cAZ_;)dI#_(x;~+6wxsS|ULYOC4ONay|44e359eG_9o=%L7?=UL=0d7vfHLnvEhd
z%#v}f*323M?;f-dG71xvbiknw1ijVYm|WHb>q9MD#H6IQHC6Gw`N}_(UJT26#l}`~
zHI^Nx0h!iC1L?zNOzoz>yt&>2OhPPwC2$#gqdLU!(tpCI@+-rsv-|2S?ma4^??pJj
zBSRHZUdyoGA$k@<k&KHYW0}ZWPahct{2GBkbKuj6(7PIMIFe=2jl-s%l&9i%=I^nl
zv?GC=aY1qe0Wm@rhon4cA23cfK5*PIvrjD7JVmHK|0x$Xg@`N{0)>ddVz?Av9#a&%
z(o~wp{eMhkK0E7~TdK`#G@e?L**K`R?j0j=?D|;D3u(d4-~w}Ga<Z~R+^i9#zu(Oj
znQ@dqS;$m1O%tE^%*-~-w_`MK-^%j30qHciwApY7qoUimOCjJD?3WmIccB=H(3PR>
z=`|AP)GSv^23|ZY*{RgkLJUta8DcLR!s{`kFI<EgsM<Kw&snuD@|4Okw3l{h?45WE
zBM4c)haeHK&lc*jJGUf6)k^$}{eR9R6^ssF_v2X&EBZ8B1WjaZZR&22398DNdS<^9
z(MvO0<uBtZ%GKSR<-Be!q?F-t-KtjygX$7@bV8`Wkm$v%bcu8{N~hh(3%gjMPb%Su
zb`Y)E`1)08XQcSiiaZCMbMA*rdJy|?`f!hgO5$nE)WTx#ZM*Dfug+E-Y`YdeH$6&U
zo9^ZKch0qec(+f7*}h$i?oEEL+`zL{EZ4k-Xs)=@XfA~#e=*##mjC<t2i|wXGlART
zT9n1?I}!Po=xmTlZv%}%D0G6%N0(B9w5-w`EG*+JIRc7uZd@8C20z&`fHjF8_T(qb
z2d4QExDgyn<}d1Y%ACZ<Ckeb)gZ@#hj2lioV~Y{2j5e$c(icmax**-VnuxPC#PV`S
z^y#~A@jlnNm}bvd6jngzhAc#W|MCk%p>%a+Mp5cCqbF%tJBskCV@3kHQc`C1*nHLo
zy4N&HyXM`rk4><2V`Wg5n(M7rP=D*8Zs0?g&h%)Edw{l$pKVy5zb@VG4_){gK@V9$
z$9A$M<H1B?AbjBhc*bQA=s!+y#d@MixhefH8<N#6#UM^ooyBk_N_bX^s{<opZW5;$
zHSbO|KKBy0n3D5x(e`b~i`RL}g0O7@$E<6sF<Ew^;U|H_L1bynjq#0;P^~Tnmx>EP
z5=C>POF>A6rb|@^Oku1)aSwn!ktS4=SB()!RD_}_yf%8*NZEq!Z8x2wd`Ko1lINGc
zes(n1*NiDQ4p1b??e6V^M9<sG%I2pXFiAcR>^HZ~@$X=_dcpkd*JlT9^glMSLP0i4
z7Hzt)2(7aDxMFxR20h!MMJ%_MdwHz58819~9qfyRP^kIhi3lVzw=&UqvOIJlTz~p#
zAjwr@OL&?(#@#l@xp07QH*V@n99+AJ(+>2nl_QsOL806E^v(C~aoj*aCt_ZGfQEbM
zfO|0E1bUc^2n#8ZhIOx13v{Pu_dtsO3`Z}uQ>*sGQfLyXH-=Zkq@h%|=XFa?nn)B|
zME5tzSQdxrgi4=}X0OdI5zRd9*%CZ1$o=7_RmXuhxWUOG1jC;)Rcl&_2IH1PikB)0
zO|VtjqH$6T-fZzSN`Q`*ND1`IZ=Eb9J=Kk3N5pD3@reb{8CkQc`I8#!${0};HtVYi
z(9GBVD!W@gXF9Vueg%4T7tWP7#zU)hKCO&q)|VmlZ1aTC`>o&AMKS~BvlqaGI<oUN
zU!i$pOQzooN&zzuq&4e8y2C9L3Bmi=Sgx7CZUa_j#0<15Siw2aN&zLD%~_9P+dK{Y
zl9DG?>`2ok6}}|(R?4WWkNI`h!;10xLWz}%;bF%sii#XjY|a-wj+Ye>FRaBKBKC*t
zn-{{z>+piLP1++4Mzwjf_>;C`s{1hH->S@IDUMoognO@!U$X#qIJHSjU25;^e|q9W
zIBL}!VJphE4SNZwJqn+{cyP#731q4o$Qqk)In)%VjgWr+8Ia8f466T~_&3qtBt^mj
zedGD$_kHVl{?F<+Dt@+NA+wc>SjgsCR3IByp_uv7S=66w#hU1uvUzM)uEGpk7qRQx
z`!LSJ3hS9YX(!-_<@`no-ETFPh~DXC`lS={pJ>jT(5)_2D7z^|lFQb8$d|S*`qi6l
zNB6^)Y@?2_Nk`A&or0TQc0ZOALR05XZ+v%tOThwLiO^~%c4Ad@@qaN{jLT3eH5t|0
zO9XxB*-0u?X$~`sZL%w4s4KsIQWQx{4Mdu`53p{53E?9i<xQ&Kgc`EwQRno|W`|@%
z5ms_`Rb4MS>7RH}xO6_tfMNLnV^D>Ki4x3%Db*jNOs2VhympO7&Twt+1xf%&Y1N7#
zP`$fE;fp4wA8GBpeq!CEFH00I5|?Rx`<6FR7q0s!p0ptnvNd-7N(QHKeSKxhOr3KL
z)bg4Ky)xLn-tu~Gw^RD1y+nY=pS)!ZeY%kfebR-V`FCJ@^kF3Ldq>!shur1pXo{eU
zh{WC=+YN$wx}@%D{#g_(S$NzHz0rlI=1}XyoU}_3gl$WGkM$_9tIAv(fb+PW!6Cbp
z<V+*_7SHoSjjKi)qpaVeibj7;*L+N(q<e=-ry2pxy3cRLbj#nZLW~ZcR-`1V@U1XF
zJKXnZQ$^{cu(e`5WWy`hwL({~b<2uy(4%7nwq<zV;=ip7{@mF*@>h`i1KtZ)MX_C=
z@`d1Z=~Eu#$Wg+lk2A=C{Q5)-unXh=awNCWOHDZtZPMEk6v+|?YjM~2xh-BSZ1GDr
z_R?Z13hnVIEFRmuuF%|_e75fyfPOkd%;APNU5<7=#~71gA?;SgOuj*1*ZII^px&Db
zFE<!>9z-1e3l`5X(hr^EqflTTs()@j6pe(F!iYi&QA`|e*^FI+1=4*df)YvTW-!a^
z{z$Nb*Tb1Ug~yxlW*}o!{2TlnY|Q&sk$*7mkd%r?!d<`YUP9EupCeiw3eO)E|L^)E
zg(7b(_WWag<6JdGPJE;<xK0!GA99ICYAtf~2sDz8Y3so*7Kx_B)ejHLxPx2&Rm7MP
z&n$^7K}C)gX*7~QI04Gz7va7mqPr}_)&(s!m^w|-h_DM!V%t0<1!gYTZEPLzptdg9
z!JB7HSh|pflLju>E=}{Mb5@0udCOv{{k_qX1bi#T23g{VRKMMA*PPXY1;m1D)}qU(
zmDO#+$nA(F8b2>E{;fkNY}1w;wlY(|hwpo2y+sGq<2aVdFGYMk4clVHnFgOTvY8bk
zHo?maQRo#SG)HkTq16A;cEl2FK#E=r-|BZX{N-4W?bZJ(j^1kc??!L0r03A9V(aM%
zx0X{@QIA5q$5@~^6YpQ|;Rk!P=^0JnA>l?H10rSMVSf4Xj0QNl0(hzY@`w}%keXF(
z0GoRMia~`%ZQ#C{@m)h4Cowj9e01c<*!ZEojg1Wd($e^$p7CAdire_1eoQ`Ud=%7H
zhR<xX*ZrZs9(86^Rm-p{__4FRlHos8R4TSr!H<j$m-VPKw-Ls%$qr&Y+jhpJS@ozh
z8ZhQAV$m}ci~kjwhggUItjgxGF>L-TLCahm|Ir^6na{Xv#sB|_s$k~-J~1lUfoJv$
zk$RuS$OkaF{|2dvmIOAj??J((FH`nc&VH4*snzNWzAWO9aI-9hxr{6(%tDpcTtW8l
z?No;qr?B;bM>yM{G34^ly#j6JaTKfLNCt<oY?c6y^+6QO4FHOjtPKZkD;nkou$i_;
z*AWeKbFh)NM|by@wr5uv4RbRB?hdrAig?`r?SfUw>Fu)o_rC;x<#DVJ^6JTE#zaT|
zOIS}PxBS1(s#vPv-|=}<h7NeK)c*et&G&z1C^nWZsG99Rn}UA-xt-PV!nP`cd1VOO
z`atFSup;8{op>f(VHRTc^C_pKI`6$HCDplu!X_EEksE%NP1<TkPdv;Vyg2Z*eZPra
zdaA7}kc(+9e*r7OoTWeIt~zjZ2Nt-c{n@&ScwkUJy3V^Zwh~5jU+oT9&vfU0s)g}B
z^}`Uc@kQ1&kh9NAiXsZ!hwtY;3#&|J$T!oQQ&lw(*AGTWJv+PFXBF^8s!lPH2DHKW
zggBoE@9vv`_T~guyC{WUA@h29&I_VN#t5ILV-R?W8Vu+3-@JvIk(g=QcB?28`nMZ3
zyL^H4EX->gT3GO%wv;^g&rLzl`-j1qXVH?#+D>O*Bf40XYzKkO#)-5Oz(~SKb5%VC
zk<qw7BXI+?vqdZ^R!R#z2Rb<RJb}q4OY2zwNcA#>`A)T<D#hPi%;LaoE%-`dhOs-)
zy+xN2&{2zdD4TqvrZrNejvvm?E%o>qi@#WoBdUNG=vTfMP4l%Yy?h~xz0JZN*57Nz
z2-)TiOFI6duPe-MQnU=<2SlWx$AM0Q%VvN!(M5apt7bwwMi5#>>GxFV0;`&-_Pt6<
zq1vk9f?2Xo$iXz9&zL6;bTB44=DTn@{GO3YCLu7`cjS_iGmJ2UY|h%>tsTKhk(mxD
zaXRD5J!D3*<G^!XO!p*OvJW1)sIr7o0%<w^ke?^`_mk;IcKLbFj148r5RyltM%C~V
z=+h^0q9@%)@NLDEoV>sieS3PNp{~2Ftry~xlRt=~VwW~^l)R#=W~xmYr6e>hjr^Ll
z(~G6pr`YEVnXi?E+b@{4DGWy~(51E^*m}r>)9o-0v}g>=W|KN+y9@~wI6tc7Jfdd^
zlO0dET_Y@mja4-1kWNlMY(7qGyg`j{s!c2*9c!JoE?!n23&nyiQr-7iv8P||J~M+I
zSNXih{5suD4x}ks5KZVU%lqG<aFuB;GUG3Xe2llfRu0)4&v@wE6GcQE*+fqnl{446
z07yW$zs?P<39Ce0w_o7ZmfX7J(}PB^@!O#6>pKyjJ<b}Nq$q;Gd(HQvb_{8eb$(j7
zny3xd!0nR?4Eb|!Fg6JD0A1t~KO)O((@PCW25L;0H}8?#PLA60#c=F_5G~Xa3nLLx
zy0^~gd&rgANaSu94Dm!#v&b6jc)b*C%>&ls0q_6-H;-uZyQHn@T8%KAV67Rd5Q}Z}
zI6{K7`hw!YOh#=6#6S+zfZN?jT9%X8T*iSOlyYn~7iF;7dh<>iHP`Q>@=g``JtZGF
z{T@~)M<R(4N2wv()f~S@GNHMpou(}p#fYZ_m;_s7dUTySnQ6tGAo%uM_kdak+Viwd
zyZBQbti)5BAf+09vUiw`JJ5ZR$z-jnM&11a=h6d&44A-MWHkdbB^Of_C_RckBr=mR
z7~6gFDkuo}Ik#3dX9V6Q-k#ABLZW|mZ$USRrep-|)+54q5HuZjF}S#VJeZLKZxl3(
zL^2TwCe#dWsT)1I`w*N@zr1t00X6E|cRTHxu-1-~5c-QrMaoaaztNjmEBQ!73i$DW
z9=^{n&+nC(Kr)T)%kj>?jY&miajH@%o85!L-McF)4lSU?M@BIWTAQ`c3DtW6ff6~@
zk^m)jJ5(hQsz)JBxhructC<maD5=sjPWmT{pEq%=00PT+jhfS!34Hmic{D5sdR>ZV
zYP77*`qdJIaRlYJZDnQjx4qbAe%v>&Ot_j(lb8~0UC3rPW*3E0CQ<sQR!J@GHoXD|
zGi*&X5I)yV8*+&_h~JiCMJ(`n3rT@+qEfm1hgSb`k}u7i42$Zu$_5_fa{dsqOV$r0
zZfNqdTCJ1pS7Ml*gKsV}Qns$2m#%#A^dBoH$=-?3Nv617rU|A>2Iq5{JU078a6i#c
zFxyecH3ynJ#%O@EIpAX{_a=8`^5$XI+ShzLzMmXC%f{h6B_KLPVA;*}CIZ?;(r}(o
zuMbffxAOe-pPVBo?B;ei@#s)y5df0*&Jl)Nd45b*I!4IsXT@)yhp55Tg&afDm)W(r
z$xb)drZrJ4Wl6`r!v@x#ZkYjM`1*Cvv277_CfT@RFCej-2yNSqcLE0ng}{-dnSdo*
zDqUbM7n(w!Zp3_JE9R_zS5N!f$-!{)Zaen*26)(=fBs*@{mp=V6&+qo5$i{$%_O<2
zn`rDR{l&G~-+o<!3E`}=9pwDs<aiVUAG~hQE&7Z`qdkQTFmVW!Ik-fm0*qR~DwvdC
z;{j4-81x_oa&J8BC`x^pNQhiFG0$vAdp^W(R(<=-c)LtPRo3kITJXLW%Bxr{s=E_+
z^uW(>o`?HiUdDzVA&<A?C;z4f`wC9-`qk{>j}7JpXaDvy2$^VL3AjKDl&1HxT#W|!
zK^+JUGL<$u3kLb3OV&~~^Edi+BDjKyBwV}yZrbc)ec(phpgq%}c=d!2oNFS~3wL|;
zBHf_HBg6|s#0P)&l}K@3;~jjTGaL?=8j219;d5P?O!Mg`g1!74QNa&RJmCicx(C`#
z>Swg=<RT*d9DZW{yv+^{>f0H=cs%ntcp9tPA%kF!Cfz4lydVps>D2+2JQMB$DLpXu
zdP1`Pe}w#FlP?Vy^b59a+qP}nwtKg2?Y3<jyKURH{%zZKPdwLsCMIU)M4VT(R%WiO
z4^Y1-h7L8%^kYGnJOe$6g&KZF&?0nri!=1_^?j)gPT5zxMlxDBLH}aTe)2ddQ_ff!
zSH=nzBo+JQ)Q9&-*dC6kkq>Dz?4Uq7s~euKAvC>JBQ1+H&7Dgs{<RhuAy<E|z*P$i
zLgRMP_C-E#^j%yB=SaRjFQ$0sl&y=@^r8%XAYf#373Gu#^p-#uZ~sU&6#Ps>h2-uC
z?vs~ubZw^wZl_<e_oV74bt4jVOiy8jNyK3khJ4Nv+}y1)!sJOq!}e-S`c1A`g~gu7
zGG}pv+X?``P5WD3nhzlZluaIb)w&K)>WK+Mlx+<o+JmxdNlNX%m{{%++eeB6BqGrM
zxar&8@7cdbod~5f#u{FQPo+C0C2gk+&L0z9IkN2^onpQ6fV(52D5bbmk|2KZ-_NsC
z!CxNkpO3S%@}`Mh|M$m*In}p)#W6#|-;1C7)5F8!;{4u#=j)l{Xv4GnI>81LH_M;r
z%LT=w5ynKZxcI&wQ?*x|oJ1D(eG`+iA8Hj65~f0vgsz-)T1s4+6D^r0$@L3SvBb;y
zaMDP)En7oQcUXfah~xFe)%!xz+s7=zz>{dcXI7B35iD23uGrCFqt9GiM4a*A@rKy6
z;BbEmzE)_w(Z7iEpQ%uU1#|UV=a8<Iy$4jMUWvvlhxF&KTy43b>XqE5OaF`@B|d6F
z4C>PQU~?_8i>8_6h_3J`gRt=NjSornK63(JTPvjT0Yr&vT2xe^;7+0v?%I@W=H}<g
z29>2d8ey3Z>M|_KE-D@SqPOV1my|luEFywg^KP8!tbd7njci15i<_BlYyx^)AF|;$
z;*Wb*Hs^Whtqt@N@{W(uAQxNjz04u6cm14Tgw7+OXxMd=`Wi<#$ba&D$(%qwL_;pt
zHc2D4xSV)}mPexjz%TDelvSv)s8#nQ>^fi9G#}2wC(FU?BDzG{8UWNkG8u~=W`FHY
zgN{N<YhP52Fl;A}M%5In95cU*iDNJXa=7(8w!tN4m2CQ0XN@?AmGnP?xu1OIMS$sX
z!ZrL>Lox=_2)p&G`a@I;7W-%&Dl>>^XcdkR)NFxJCdWJB;w30XEsvLI(HT|Goq@5X
z!R6cTnhNAEP*a_3O(ekPSV%s)vKM%R@{;)uakFhAO3!qROBLtYmA?&|_IAPv^f9#E
zCs?zdaKy8!+<<LTFtx*+J?)})n2b126GHdFdMIp26y`_1*frB7E-x+T+#F+x|DNIT
zvn%gO?OTYgM&@nu>>G6UTi*P;Qga~e?hpW%$)e2)xa|hR&P_H;b~Tqj%lLX67K2Ka
zPO9{?suJr&;=b((VljhZ&XP%6!Jzjsy-{-RUm=nxI@YVS@mq+h?e_FMHxNeBNHZrB
zcWoj0*Q;fY8*&Omv!7~u=PW8Oiqr&d%QH-FVI={UWts)J)IBt*h|p5Ts80R!rQjI7
z{5nszKd9bOBGW0TP6;6<4yGxrE|6EL+Z03Tfr2i#Fbx;<$eVJfo;UCldVQTAq2KEN
zeps?aiTZ8s^<ni)`4+0kFjgsWgf9(29_W1^M^?i|f;9^(Ca~W{L}ed=&W#keusLCQ
z!k^B#nk0;EK71q}jucB(g==m;uFw5#0je7dU#ccl`wu>Aj6$#a8Cr$esdj#0|9t;G
zEs%0DB%TO6+E|`pt2zfrTGOjFkeRTIGNN)_EhmdKGN=Q)-ieM<%DDuL!Bl6z4T+2n
zW{9h}f)M}5+cPLaCT@ZMXnSpmTbxtRre<Y~qgyCuSV!u4@dR7GVv?hO42dxXdSYmD
zbiV-ewxTg2gR0UuZq|qrJ1?wW3|l{WiF_ba2gj1@(Ds3m#PezkW4gEJlx-QbX8-;l
zU$MIJ%ylpMP*h%khl|TQy)u1k5jA%Tu%1n1hD*Z+Wq`Ib_SLz&Lx&ng#k!OmL@2Z8
zP$u3CgmYd|^c3|6B%|w`rDvMmWV?nm8qa(_FO=!S_1~1qK2omGabw&z!X8ADHu-DZ
zA#4|7bi=~ZYZF$m(OS102ZdYg@GeX;PRXT3zv-=;k1mTRbF!}GEM-5V#5f|=ovjls
zCeTG)qQzGZzE|(=02DWX;q>}d?(7!9eiEiSVyQJN)a_mj1y}Je2{n!LEL}Bdh-?sf
z=3iQ}f(E;Ih1DXyCkdq-&^~tn@D&z;AohE288<`f(QFTX*58dwH5&n(-A73|!CXlY
zmbU$jC{Y10YGlr7=(ut+6Z|$m2zv3^?{xOHqClM?W1V1O9sC9lkOmWW(jpK$Sao@`
zoZ6P-U0*vX9@2bNbpA-`)=kvy;6C5?<5NQgc}{%t>G_fO%g44gL4n}CiVSr>rdF7}
z8Re})tM8DtC#h!V?%V@f4AAoDT#J&_omHQmxdu6N5L`1u@A7G=2}rBlwU5}=DK<B+
z<s#Z>H3(1}w4l5K>`WKo`Ivr`)RS00>$)VeoYJAxdYi|*E_}`KRg{<&L*oMG?6JS>
zf%xCY(PuLlW8DWH+4$SN962%%HhEj{-4}dooAk`B4cV6IVL=9wYYz4_Sgww7^{d>5
zJfHI(tDR*IMIL0D=645hlpe2IB}OfSQL}$A)KPCCP?(K{kq#kvEfK);+hDBKTc;zs
zF#4K40C-Dq)5YMdR>44YNk^rbOeqA_I|Sdo9&e)^)!udfiE9y2*Q>Su%uH>&nH<L0
zNr7AO8)Ax|^hdVKrX56UQ9hwgQ{P4gXHEiI(meg2N|CxL7{h6D+<o0tHPYQT=ukue
z*JSZVS9d{)5<YN2(ZuXep1UTI1XO<K#vtX~;li2c1SnQUq*Sa!yI5F}OfX(@`rnZJ
z+J0wgq9#}`N&Sac**pRQjiqAl50Sl)f*h#HZxzTOWL5vU`4~E?WP5Gb{H>3`;E+ic
z@T6ZPJ$4kR_4T+AP0F3wp^3jv!JdK7bdG6umAQLHiIpxm-E5btA#pGe{0h=xoDjrZ
z<#2S^A_RhsQ__r-Uo&+X>o5%ZvT!>PLCMEMTTR9BmDa`a)=$c@0+kDr>>m{pgz8oQ
z%`NPm{|Og%|Cxy6m2Cf8+?xNd;L2ICb?a^>2lGdTfC-`c9rEc}$Fj$Edqj;aQ~lEL
zN61?@^1bQ!3JmcxLV--%-hp2AY54=Yn*`kZkn+LI7lW-r-pSUNq4`mr_G>J9K|J#?
zQ+I-PKmf(J)(fuHWB?rNj}WSV$ttE*Z(a6@>5=`o>n_VwID6=yCchan!V(<QMu)7!
zAyyoYwKn;CX6vLmHA085_+|`*1aBvc7^+rV{Uc6U;iDwW9oAJY!#b+sDwEQ-s%6Q@
zTG@auIyWgJ34eL4tBfotdFT>{VK&l#v9@{#>}n#kNg+rTb;mdP#6|gvQv_)p+xc%A
zmF{zIUrl?}Vau7J<A+{nZJOzG)_iEJV<ObLk8l=1+2PGhJCLHW%8yy@^ff~4^lY$a
zEfbMfDaCsfw<>uTQObXXu1E@nF@<>}gi)Ox?W(NXqaEcpUBNj?Y6rc-s&H(Xig$rk
zy;{j8wo{)C@ufv%(2a#x8Z+ckdwEu}r@waT4x5(H)1shi*tPQ5rP<IYF_zT5@i2%4
zSy9pT&>Jhk^Md_`Al|xQl8yHP<Lf2iobaU&F-JknA2v!Ju_g(~0uy8RlB0RY89wJm
zgk~uOsJ8*tpWh~GwOG5R&E0r=E_gQ%A<qbxC|&P3r0n5icg#08hIl8sTg;rNdA?Ec
z`-)p#j7|mIW`7Z#41b0sr{M68S!13t5$@1OKcG#0Lq4AoB^2FaqA<-za4iOK&3bUJ
zAjN>CsH`!CA9b!FsPfK?F}fhNFAu)_Mg9Co^D*&Wlmd1k%lnii&_@6+N&7Qy>*p&n
z<ZZ`0EU$|cJf4x?DhmME8r?Z;{2C!}&B$|eTXRLUOm%NY3eo1*sfIv4ME#iCH~s?`
zaV(yq>6$So`OI26gdch9wr2mwiA>U`%`Djde&S>QYNoXHp=qYH@$T`gGAz@)$hINA
ze<~URfj=o-giUAw$Jo^)AFJNo&`9THj+Kf<X57ZJExt!XychE;Y+vCRN1Zf}k$NtI
zqxvsS4F?ju<UY~olW%H}micT4aE0+>1(k99SePqS=wjz$RuK>_WIvioBq}JdEKKcI
z=GQriyR68Gzmi{&MKPq-LW$NrRch&aj-<rhXm+u;I@>5p>SV?+`x0cyC9wSDS;gU3
z6716wJ)}Zjv*IF_00?>~jg#21GX~du&iwo$o1&Qa#fZC@CU7{c?D#|vZfUk{GSUom
zul9T$13OP*J;CzQz~)L!*{0<2Mur`DEo`_Fj5-Is9|b|al2y!fXZ2O*yVIaLE9>ey
zd+5TH!gQ*m4Ms2EL)*b|kYH=$%o0HI3GOKVsLFUR;bO4YP6Uy@s;aV5UHzt*WDF^S
zQdy943pDn^aibE|@$1#PPC$hi)=b18dqJW(3kq_WrFMi9XzN~?OT&DQkvdcmhF0Q$
zPIRWvFGoRRwX`0SbT^C;9UFtnN+InaY)cz&(!YLvU@|tp-=95kSfh{Oq${=A-)lx0
z;eRJhxi4vZb;1f$l_`Ire1ASZuBRS<z3&?Xrh57(8uJL#h~fCaJx5ULpa(0Ap88-f
z5qW8>ytfn=xZQ)ZFwqL})!x8&>a{=_pv`J`7wbLy6pYIpO`p8xkAc44zGk9rfXq)o
zO!D9<fPWASfs7m&m30vuqGkc3-DYtpsZ_-($Vii`&S!egkd~@%hJ8Np<^SesEU*)`
zYl>0%C7?^2syUEjsD!Ma7X3z4c|nO{`Yo)<+SEX38w;RykQ<1o#%Q#Q(02+#V3m&u
z)aB#hX!*o<9RoFPaxRNYS7I;iJ^r}$Uka*F!;&cG=X^gmG4gxg6{7`G3!Co=)D@02
zWNS9{eh_(OgqGMQuDqJ{nUl97$*t4?j}Xu(+}6^+tl#OF^SUBChXZo|9J_g)*0=0E
zz*sp3&CUlDc$^9Dp*&*tt)d{pNA%og7R`d5oZfz<T(-@RkZY+`C`TZBl}F4^#^$#5
zq+HGuZajiyA;m{~83E(g{~afXOJIYoUb(z&SF5|;|8vq?*W0p~LnhSV^wQi&q~3B*
zF2hZP2e)b~4O+YY?ND34+tlEU`S_#lpuZX{k+?i@rgIUSQ?5$7<2JS!MStE0M)e{U
z0PD<Pmr#HB1T7t;{$SDS7|kTq4;U4;2AM+ha&{g-SM)4cjzq6f40i7<3!YmHb2_!S
z1cZL<zaK|ZK&a!@=7;)GyQ#nJodC=WM7)>JOl6+fk3{<t{5?}s(vGEUIF(9|<7~ab
zwe(&oj!7f~)?M90yRJck_EK(;y>6IH$o1o`8%ryo8xL%faOh{0N$6&{S2o1)(|2T7
z;x!4K&Pf^khD+nypODi94i+W#J|biZoz4kyYORJ#Utb;nvuZg0kJDKf`+rjQoBt)g
z=VIDj2^Zoq?3oW1+y1BN+6|ZbY>buf#I!%va{PbV{@<^Nv*c5eN0R;(XYi6pmPb=L
znM^xMdQndq>N@5pj_}=vPVrH{w7}1~gb4x6zOiiwZpW;|>LVH;f<hClI{h3|p)t1c
zr8=$5DcRsV=2@nUQ+K*chs}hgD=H^pQvMOw(6a@Racu^NU@-jIUSfWueayRTT-AT%
z+r-K=2;~ur%kQko2(q=~#{XyiR$}1dX1+4=8Zuwyfb?s+qW8kOJ_h^%@IW(MD2bQP
zP$dj6^BL9jDwGP=&d6l321{jzyxaF|3u)rk*W!O!R!hlFG0j}AY~TmGN;Av&@UxX~
z`(^bc01=}Z6Z{)JS)0pM-eyS3RBnD@z#5_m=PPY9Q~&{&;bf-wR*Eu=H2YAh2_FQ^
zx69OB6sddjNOvgRPGzKu?7YjqyNIt<0~2bAomm7cL_#_X!c~h6{9DPcvDxx`08X-1
zoO^&+wn3B+y@Z>?8U&?kQmlELRKDhIjH3vt*K#i~#}#neYFaXQ$hk*hK1cfHngaaQ
zZMw#-?LMJ8Ggeq>u9n#B+%r>iEaGvGP)nqxo`hV-Jo97`abd=5OJmy=!7(x1K|s0{
z7tG=mz7;Xl08sA1i|Uq0c<~Yc6#YzqrfH;_pBm>UG!Dfz3C1-FoN7=Jt1mwbApHJ1
zHKZIfB*g!A<#^v@3=sJ6f)V^Wf4e+1+!p-t_4RdqT6(SP?dkBnhvolyrqrmuneOxF
z|A_2<BTpK?zh4V@a=!##Z7eJChpti&_Bvzj9=zQv3(@R0n*6&jTmY#MhWY}e{w_bv
z9>uSP;lp~f6mOQVgLk;9(Bko-?@@Vp;^;!vCro}oTlustU4_Cfe85@Sa)a|?D;xo-
zQC8ui-O}7y^mdIs8(~T7xTKyZtZc?biV7JULc7z97np8lvTXgpKup$>`{fvK9Rp74
z3vK66wn3}0ly*abz^MwUDBdmDpVXLAYo)VSO;CLXa$n|V=N`&g(5(aBl3uc7m$Kmf
zbQsARi3^g}q9IWo{CGv+P(rzLh0D+nvPlxt?kMrpxw_pg@M<X5MNt*GQj-de84DZ0
zsLZ(tgHfnS81pcx&z@xyUIl%pQ0d>q?QcpKt|aw6#=VAGB`9*@l2lRd|J)Lt=HyR1
zDF=9}e1Wo55)x2y$FsynF;g~c_xEbxufB*X<dmx#%0+x#gdnK}^Y#X*Yik4bl)(w7
z=4-LvDh1!Z`B=P*RN=|Dxj_0EZPzk>JpP$-T_ME{H3PzZCQ=;_bSg;w0*emDV*lk+
zl{KKNHm+&$RtdZnLe%3?RDVn~=u~0VOG7fXJQ&W&_mNv^EnR5uo59h-i=TU`=x~9z
z9vSCdxmZEd$I5t=evG`^N(-*xR>`q(@bTw6?YDP=N@fRR+T@ag;1ZrknZiLK+f@6k
zUxUJ4_9l~t5negLwv6h&bUWbe_;GtIh1m4~L!OhT%bJ7iP=|JuAR<x7CsHCKQ?`))
zTQ#`S{(Nt+F$-?l9s8?4&pr#K$}W?>clHm}=MR7+^jM#KVS?<`io9QOd%3@EocEbX
z6+5C%R(Oq#6!t-cf(sO$WJld~M-*5?{7%lguq>6Lujpp0!AMibXj1MXX$v`R^t9@^
z4G*>lWH#Wk6n4vD)XPGY$GB_LAE0D7y36AHs}Uew<Q0Z#T;IWN(=wH#&T!l-4gHSV
z0u#r?^gdZ=Ao!-ZkZiiXsa2HJyG!*BV8(m5JWY3~`*r$$`FgL4UOQvg98TS!Yl$ss
zzWs0|*_IjWPnn`#uK_BaQ}Ji)sf8PoehNZTqzDE(#gd_bVDQw{di{td%2<42L+9hf
zci#)oqF&^kJgpfFWYB<F_22ng7cqkHRO(x)?Z|6IIAp8G^S9(y{yDyT-!rLOIIrir
zeq<xJGW8c>D8>&m$>V-tha~Itb@99Zg?ndd%ytfdn0S){?O}zSxlEnWXPUhl3NDeI
zKtY`Dq0wRu))fb>@sue$V}S`-@olO#f(?4Qlv8eRTz-lLGJ{Y-U}HgE$y~#;Yz&_o
z)}p9x-%OnvzW1f)HM|cRDR!RXRFc8c)Nolg45pJ0q8!&M1aUbXq{ivi#^FmbeOK#*
z?r}AQhmy*oV>buPJkWNf{4^4A!GA0|SErpIv<^PRm7HL{1Zj2x?<d`MdZP09&mKZr
z#}7mY6Dsf8@Uu`$aC@)YLw~$GeT123)6TANnhV69<vw~8C$?_Y7f=`%@B?qg38?*?
zSE+cVAVYaqe#CG3WcSZIp@Q?K@4^^(lFz3FJztNw^e8q%z+jS;4MVV;+Ln&Py=%l4
zeFX~;*RU$@AI;Nt3v(s&Nl>=f@4To_@BBXHTk6plGy0Ej^tD>$Ezf75bA>eum!Q9?
zxd@{qp`?Mi^*hVHr4H<Gn)m$`UDv4NUV>!xHr3}UvC{tPbEg`Rws+v`6^n<mtt5hk
zg>KE@)+?X3_A{K8Dzi+m$fT`S2<o@!9E1(3r}3ybh+xu&>QZvUO};)r#GLCPo10I(
zIb^<~uNbRsZ<uSo^>&dI$WTW@fIS#w%0nIIN)m6Z#!T=C6UNm*2hnYr)jt9}B-!fv
zK;+cSH#j8k@aTT-rwK}tKrl}czD(0y(&X+O%HNoBTt-plm>dgIhYh5K{y@@s+|g_d
zS@=y|mttEq@mI4s!Xq{ScJoqY9+Dala-kKlEg(Alf$NHfXOOC^g^S8&vyh=jJN{gy
zCKI?}yuorXv7+oPfi$JmwetK!H(r!V;<sZe%BbO_0gAT-n;g#qTl8;b4ZY-aW!zE$
zg-+SWo}i;x{98Ok5hSeZ4&@zVIaG94=P4n_7loTbaW5PTO@PNj;U{k!2hFfRxR??3
z_i7s_8Dn*ZIdJ&PaTLwGB#BJ=jiwJx&yXE*0_fBFScuh&6e1`-(1QcoSQ%DiXp%`C
zGxFs(dfDnPYIA7hr^wK0*}o0Jw=SFsflazahfx6O=MnTQ(XFQ^v$BuyCZpzn*Qg6b
zU$k%qX)&`YlRj54@geoU4h8s|*HJL9^V1+SeZ9goi&>jYjtW})<lv2AVBsVzioZ;b
z9j99KiU~xSky_1^53^h62*#|N@et>o+gB7bz=u^S5Cyc;@USH)_}#89gi^#cxbvRh
zCuIn}W45MBrVxCO*-r1EtVPa;Sg6PN=Ko?JtL9`KOU$=ni`5hs;uCs%N6GSv^08?s
z5#>qJx?7S(dD*2Fu8wGni+Mn|haD2(QQUHE2{Q<>Y(=+kBYT55^I?-}W{!Pk%CQ_5
z#3HGuC_FkUzqY$Cp3cMwam4{5t97(od+~L;*IhTX_L^y_+O2LMf3YgYoIY<+{XD`7
zbUo9vZ+tK#GBrwHh!HSpBlDs8;l!QXb3d1oi))@b>uTq+>xS&cMmvz+cn8m;WUzzu
z&)gL)WM^;Z6WiEk#TG;PTC)9$B#{(i<h3<|vi8cR)UdNabLA$L`$aNvP>k&xsHxe?
z2bN>!WqUZKn|jpt*EjZ@ds;D<HS)Ii`gu>M&ssla8LZK2LdK0J#QUmtM5&pvltH*i
zyF-<u6Cr0WViAbV<H`NBI1_R#GxNCN`giX1%T8=+Y2s6$>EIVNY_wVu!K`q4-PFj7
zJre$m=$j{_`<44}hgie9PjY21m$!X9-lOT)v#<@%StK_2twM9pr!MBy8wf(4Kw7fo
z+yWj{YEq*}oH4`TW-IJn34FKu-)s$+orj?T3Z|}(zPcl~Jn)MjiDk+>CnSq(I^l3j
z%xGP5e-Z0}ipE+%iWp?~d{~*l2>*eGlM45^RWNV6U+F)%!Uk^fLS>&e$dN0lUShSS
zSLzIk>;96$1AW$f5B<%{=Kq%jtp1*L6nWV$`RmqVF7x#)80eQmq?%5A+ejvBD<;FZ
z0M^8!-*hm0WCHw!0aSInrL~ue!GQvx&PxObFEC|1S24j`6#-R<;gCYtSr}QQ%7zjh
zB|pl^#~%A`0;0@-b&Vg9k>$&w8~BXEmVpIkCqx@Kw;(~+(4nTJ(D@h82ii=IU3GP}
zip!<}z^=LivvjR)TzXyBGPkU5Z2I2PGA~~prQw|)rQy}Lt8QG{9cq}I)iSrNidA<X
zrQz-6`0r}{e~%|YRt>;C^7o%)$#`}5*3JKwtc=p|=Dpni<1|gpt^Hpx=D%ap)ZG8d
z$`7#_YpF|nxNl5ULbdJ!(C?!xMtpAoq*=s+nr;0s>KOH{h>;bj;}VN~FF=28iETuk
ziPLk4P*7}`o(^U>j}^}Q-n;N9cHW<ju?iI(wEAr7Et9%HSg-UbvD1H2;4Mg!$Sq>p
zr!dulIJ1!lk>(=ZDvZgfb<MzxOC1}pEYSlX|8{5Y!BATVkfsuOnp5Z`pqHJXLQw|!
z5Y<+ZsIoB%#*qOhbS5Sq4+Eo=2Bqd@^u47`Bg8kk8!Vtox%Eu0j1nE%(#R2`%dp7s
zy?8B&Cd(rB8d?ZixDPKPWR@00p30Cod<0g4o-9$7F7Ct~K@Uzc3u<|C-qt^Tx1*9)
z$T>_GKhG^UQfdJ8Jk&oE*1$1N20JbaIcj#M*F*-YYV$_*kQo;<HLm((lZjP<w|kLH
zA>R1jS+hK#C!#QpmyRv&czA)E`m|ux>o-bpS4Y@Zhle*7Ue?M5$oO3wD3wCdF&&*h
zR5O`hQ*8}VjKcOf57QRuNYpQju4LF-1SN52ss6PD-a8*IQ5+ckA|gkg5AdmRJiKFq
z=M^G{Ni$NnN<`|FIQ;`GL{nuH;PlegR{)TZT{DQ%u~O69ug)2csSh<EHDXT?>`dg@
za0QYHc%$5#u=HpuyKu}(dbYCLroc9o<FyvN&Y^2JjUGLX^5_VfPuk7)b-?GP!z0dk
z>>iI<dBg2#G9HDIZasA6nM-z%z(2=$ZP4Ob6Sr?TTh*!X(h{U~eg!x<rp-7ydkh&q
zg!&E{Kn;jD-D0om`Dxel8diQ)>S7ye)zt*kc*s{oa<_^MPlaa(Q{4V>!#9sO`^lnJ
z`tJIcTemmjugTB#yVrD)L&7|(v-~TWN*P8BthfT=651rU+ZZIFF=D*m#ql!xsWW1?
z|0ng~<b+Vi;p#L>Cdt;{goJD|dxIFNP;_dWh|HXqdwcf5e5T1nJTI9&mR?}Zb4Xj8
zg@zb*k?wE;U*?)Hm2*y3ozHGgo&J*FR!C5TYmQnMtGm1ZwXAFB6MugG6W=8LRbyol
z=_T?Z&PkoI!)k8d5_Fm%B^X8>8SfY?HfF&EjM5eH7}r#YJ{Flp5t}{6nS?AgEA<zO
z7A|xFWT;xs9g$E$j(yTPmJiWu0MCa?*a`ut1TL0$DV?u{aiEahN`p70nG4UK4VJ*U
zBA|M7nQ!TX^SF>h(JRgSR}!0t>5gm&yH(#xW<4ya7a<lRaC`2UzFy~b`J`sv#t6E2
zs65<<d(NUh=+qOrnsy$?<#WYbsz&2y@7CxC0gkJUO-hFx=x++zDDx@BqWUxRDvi(?
zfddjox6%2s7L<(3OqE8tp^L<%P84wEjCHnAL@6A9rU3URy%z0L*@%u|di6?9cF)t)
z@dN&Ro2JF#s>-uU`W32wDPv#>%?f(PE2&asvxaswKmW~S0Y3AVqfs551tQ<~Nk;aJ
z9{vx`8a&*3@9qH9g{T0RkmSjPD5@<w(4Ztk8~#tUhZj+yCao63*aw3H8`iEK*h)s3
z??ry}FNth71rmY;D_u~7T2!$OD+e1b8i}nuxFzi%8VJ@E9qIE&a{%AR{TGbyaA7+m
z>W1~0p_Ha)l|a<S7zr>%g=OS6*3$=&qO0j*j}|(NwG}v3vWK*WROb$4K*U0!Oymb{
zr4mQkJ@@tY%68}z;;}oInIz!pr`98L8qplvNyQ^>W2!Oo_PX@Xyc|R1TG}8m^5<t4
z$LDIB$4d9*N}o!|Oox<I<w(Y~lZe5Awx-M!#p${4#6nVn7l@GbG`~?2oV#oG95SY>
zuy*Ptnx$AqiZE>vnEd2qN`eeAGjRH<$)e~A*UQCD9yT?jNSWwMr6oo6*KmvwGu~%x
zp4XKgS5Y7I#|*ftShdqB*&u{(RGx3gOr#D4zo=*x-)l%c1X<mOTDVuUhS~F#rY7#Q
zr|OC{|NqTTSlg!leVmB1_NJ8VLiIL&N;DnyBluX^5wq_XaQ$CY<3r{6)`qlZ$$)=_
zDeqr0wyq`@Lya!Ss9AX!xg)iT8_>mjWQX459bFw%1TfG}XVcnv0%z3jgBThHg#>s^
z*WVj6R*D)B%<ZPtkt`99me4vjk&ZUaGSw9NGHA?@DXYOxI=GpBb@`oKSzcH5J~_4f
z;1-fr0h<#$OGA4f1LEp4`gCS&w(0`3*KJ;&L9CB*vE4ekTzTD<)k6krW+5emC-xKI
zlkFs(9M)^M>`x6*oQ&R}x@Tyj*K!Tzj6csFCfI{kfSRAlUfM~6psq7&@5als?Gj1&
zpGkpk_NQETQ-eG!WwV|t0jGf>_s18(^hdU@7)BF^ATtt2dzai7{%4~RNR5`qI(z1q
z3Y?y$AT-PLpy~6jzx|!SQUzYX-;U2Ht8W&O*y&PD`oMt|Se{;)l&-N>Ww%23eqmC5
zFd?H-A|=Bn#ej_<CX)I^oQnC2hM&AE&(>hN+%}$LBX*N(IpH$fRXpRTujiJ?5ImAw
zOcKRf;<qb`<T)cwu(F%G&8jKOm(=vNlT?}Qw3#O$F(F3YFpDQo-p*fjB;m+<E-+yf
zh9`MtLX3WsjOho(g(i_R(TvQ+HGLmT>G`Hdhd&Yu^Q<H(@6xp8yUFnF(snDVKus7x
z>}=Yd&VX2sWi&)YN>qMjRMwKn$)h91@bELh6l};yQI$c7As1zPwk8{+*2i~;6Z)YD
zJ-1piI3|kGpEa@hcL)_Tp*C*>CzZr=r@8RhUJEZnW5v?am+g7JTYG&+?qQg<;>CW|
z=#d~QL|dX+B0tHn^_{2vK2luN<=p2#n(97yheyV3we<l5-XGLolx7`%k6-X=J<Z$`
zFw!UD7K&47`#C>SAtgDvLcPbRYV%Jv0YZ{T-A<5z$owuFC3?<Ux;pOX<FrE%>#Lo_
zgv7DJ9Mi@)Nen<F)AQR0I{MT+RJ+!`uZell0d3Y(H@P&4uan%&d1$!cS+OpKZeU&-
zBz8!w8w5CpA*`#a!K88rX`rnFDd`&)R^WCII_6&&f*ttZ7d;{&j)C2$Ro62)QzKXU
zdB!cbmPY;M>6#v4yoD{Y`aoAilPBun)tYlr3hGj71UMS?$$>m5M1|&A@r<HK%8|ng
zo>;uc;?s=c3${vy;tMvGAZ51=b+^W}vcO4I6>2h!yq!AnXE+PO3si8;Qld2vwqImh
z8RSDx1@eC3>2O>bb@isTwcMXvM@u@lF8Q*Z=DvNsoy3_INdqu5@ind@Z}c=w1MP;Y
zoIA{V91>EJw;V$b-wJ2rITm7*yun5zN$x$v>jXHc#{j|G+tW|sJi(M*To><vi6r+_
z1*jY5)i;z(SfrnD7qq$cC(T*bDD$;K2hr_g<L~!HeNa8`%VVymA&)o$ormcYL8k=@
z1PB)==w3`t;%!Lqe!kfW34ow{9s+776uW^nGJH5n1h&!-LqS9%t+K)1?bgz<$^o_^
zDwbvz42h518_=xa0bcl?_j2%cg=q3*El(I!zf%G|Q&)VD_hZc)*h1|SEpMlv?ig>e
z$^dpBX?EQE?bizj@M8zMy&&xPK!FXmUKV{j@yGtfG0_-Zx0|+^wxOAoOX@zZSE4yp
z_~{h9Pep-XIOSOaOC`n0nIhN(mqO$j3j4=6L2JH^8dZ1gG1+V6{6(%RRy^M~+7Isn
ze{M#eyQ|QvUumeD3|g7?81ZG8uH5{9d(=HN52T#&7@<KjL)$r+{<NWsn-yFzZ%rn0
z0dcSItc<a~1S$uztAtxp9Pp$)ofSArB>?*g4mTI2wK&rs7MlpR@>7w_dE&Thtsy~7
z4g*|1QomObzQU%sh4?M@C+hkrqzO9DRXlfO0=1%PBWxJ}PljyVtwks7gGy^_GwteJ
z8$(q=W@4&jLt`YO0!dV(?jD#jeT;TPqFS_XOc-O(saeBDL<MpIU^=cgMEG-}A+jh+
zd3#rM-z>XeA2=_s(n1!NtLuqyuFIWWlue#qqW=^nhpEa&3Da1Tu~Z#jzTnac>yxG&
zA(4W0rYLIOgrp5=)MzwF&0~p+TDa5l)EbmJ5eBhmHVec(oJGpfsU=ZQt#`>1=c?4q
z`<^7&UXY3^ub|`Vdj$z-;Hc$s14d<xq*aCIc9^DzIO!dGD14793NphThE;C}2|0CC
zxYZxNgITh$hKa_%NX%=Bbt9LypTx-=W@%ArZH<v2o`-RmmqYRmuU|Ah=MhQZjIShT
zBpOYmC;@dw8?%_3>K69O)85tC)-Ly{@VS!Vjwt$U)sRR%=|)Y!G0D=RJ8-=la%rH_
zNSGcZh_1XlT*m0NuFwh3J8Q74%Uf%zUU5<H@byxCI*e;j7@#V5&sZA4iy=F)=`pLi
za0-&jtI-!vYxGdyFQ8*gF(3XBfl|sQ(l%-Ro4{>ww(xTw&jcd8NYWr)wQcZT9Nonn
z)0oZx7CH`gYJb&YCF(qc=KqSeK%H3>EV%mPx_4{G(0-F7uM1v0RY3w`c~+oc9%XRm
zAgWfX+ip<QA}7&g4Nz!y4iV1+e5!2Ipy*LO#9dTTV|oj^jbMtiNQWNhT14uI$f;D{
zmAGpt#ul2JRQ1T$^W&qx@_jE;+~({(P*=LKRz$B-ju8G1;!qu}@%@i01_5cNiPv@}
zRK2V*TsSvFJR7;pt_slW?eO$NJ%Z>d0o5Z3!+p9fF<?MGf#?zYY!`#$Jln<m)+33+
zeR^#TmmPKqHdx%$Gr{6K%a6fH#~OzBrvCY92Q$8;Lf99X?F>rUe9j_4G31j0iO014
zCdH6Kf@Nu>n2D>n=pI{F`m8;1pL<CiFfAzV@prhs_+=Z!59ud=y1E{D#H@2*=<V=y
zYQY>A5*sNlGs7Ni10DL;?#&RfdSc#69lhh`Ag5?A&U<BHkCrz0J*tj=MTRpu$*lBu
zT@{t6^Z$_~W=l2!gJFi__S}Wq!F{pNSpxhqxyZ5WwBaP&$T=yL*Ee0)@T*#Ew2^m8
ztpcK;?$ywb-2ck6t(B^;98Sv@3~sl)+PY{L*$TB`g{!K-3<+_2aU`l-Y6)yPcdvfI
zWXqCBjFAQJ<)q565rwZwG#lz?UW2Gr#!HxP5guP0FKj`AR9<IUGkL_!<S4-~#zN+;
z7~Zp&Qd={6g*z1uM<->W?wn*{J6E-wivg_B7BPXDUj#cYeo?+DDa_lw%Sx>i1@Q2F
z#oro!9SR~M26V&%4p%<=kL4d?AdpoR0{{OQ;+3+N-2Wehco!Xd!+r?MdxY4XE9qqh
zWipj+ViIlpO~L`lp|{YYxKT!ShN!Q0RW3_C7;#mRFa5?FcRb~!wux5`SP1O;ZKk#^
z!B*M3*2bI%_WuqbcKY7s%aDxJfCzg~L2H5~!k5c5A0jhOGv~%4NfnbkNnavkG>Pl*
z^A^|8vsKs<l<p;?^+V5)8UZ&D`Ve>w)EYc~40A0`-h2}Ez&HCwlE$Vs6z{mr=1iqs
zL`=15J2BB@ker8~>OsT=%g$lfAg4)0b5u67@hiO3u=%$k<esv~p2}y9E0I>nYNy5A
zdBVGpd#kpgSLmHRvn51#)e)WJ|G*GliGG}EGZ98vxba)IvS|F@7c+I5s^a|eyP^EJ
zK7pT=@58yVF-b{5zu$|^>?zE?`9s41laY(rugkUK{PAc*l1MzlfSz2ksw)19lsc<I
zI<}crK1NLi4z=lq6pQ%!mGB4>MS=8Mf^JA@v#sCH&IVm3Vf;uOujA{fz$M$;$E@Ew
zD5f>{2rw5rHUhBC+bz%e2$2Z9%|G0pXO<=;cLcns^u{*%#vMzDXKLTx?^y~C(tTqc
z*L1FMs%ZkbFz!Yr4peky$G0M<+F?|zaHvqcW06D>k{-s0Hu<de)dd?=a1ccNlNcPk
z1&R8r(DK^ajWy}k|JwdFc2lM$Q7UEbEca1YJ+A*p2S1`wqmU6(8$)MiEf%fl&2lL5
z#MJ2jTWe;zu{q#pJ?6x1CY<uCYAbZpS?+Ep;-8xOr-9%*mNrMr`{(y2S`|n}QB3I{
zAn7ZWzLom^^@ubQb)Jv{uhTl7$oX*i8b}$J(E@V)bO_iVeSxb1hf$??WVg16@m3ld
zfTy8o1|biv`VmKG+nJHW6nr&0p!S^wuG^r}@r9>xz&wv60ZTZGSKD<1LTXvjvWsn5
zk84uF@I8R{@f+Xsx*xYW`T*Vs6X!iEb5TpPDgD|_(C5D-X~%12H`co9oRk~;>83<h
z2}6p}Pa!pt`t1M8-;N0+i~;?ZoZ87Eikp%_Ju&^w$LaUy22`q$bi&^=7Mq0`fM}#u
z&al>F*0C__Hg(0Npe_rSMvU9L`lwZ}tAUjmX#20grr(*6koDY}VSI8W<#uc?h|Ow=
zb8k!r0~}YJgra1RGp5_joY+Gb6+AupGHcZvQoqT2%LYULbAfK65U?SerkBtLvJP(n
zGt0#6xH<ufXF2EZ2#-SKE1qWqFSb%LiqlPi(^)+T9rofp5^#eoBhcIK51OJ!vRm<w
zj|aR~!+UYhP-rpP+UCCHGRY{BU3Z+KLeo*0rc8z!?Q*r>xkeaYMqUYCMWI=x@<WGK
zhZtj1-%j%dnF>@sI_NmWp^a`WO1*(qyw}PET~vN3ZMmK8eM{{KysBWdQhAprs<0*u
z$9VV5gJq-?dWJ<?m_v`Am}2N_`38%N2BjUw3Uy?|LKt1<c%^+u%1e}`gC16^ufBT-
z)M<Rtq3XTMjb+V2L$O=r_fGswPXXO;T{3MX?!X|DDvetq(3)aKu9o&HJj2Q@3Y|MC
zj(KAo^DU=l%xYYSUN<3%S)6p@;>3KvbAJrHTT_WjOMJEOi$l1_mD<MH{p0A#cdkF#
zY>+Y+XZx1_0uRO}bp+wVH_D9xB=zsNtV>BHvOAa@!Bh;D^hMOkR?gWSz0iUtJj*QE
zg=KlZf@R1GfV(64pgC+`FX1%<|Hhy-86KH#MWnL4mCkeY(ge~sW*kDc;*Un07uV5>
zq(OE>23e)Ec;29lNS;Im33#8mB1a6yGeqvbNYuMxb<#i6O{hoLC{hv=#D}`b)w>K&
zKp(3x+UnNLB@za)fj(67>up`Hg<E{h9~q8Gpk*D68Z&e%$EY>5pT<O*jm7U(8FkZl
zUA`4?HJ>DWOJ^2bDsu&fI*cPhGtd>Lv&Qv~ZjBLZ=ORN7l=ulw{L0IRx|ow{m3ngQ
z*wrC2)%4icxbv6}<(93aSSu4w@X=|vEC+=;Y+Mh+29&n4!q5I}Ylj+>Ti$1T);`n7
zI3hZh(87HXUNpLh#hx-R(+RR)GVI1aqum&V@C{NbuYvCMZyV@ye3iQxj4#Tx<g%2(
z5V!vQB;}ElJ(x%-+s__VgS2o1sFsxeI{Yw*7h=26#PhF|67tVCP0x(L^}`m9ZE2|k
zg_fI|bNc)v?Hp$d;R*#6p%Wq#(is*hd*KtXO;qJIf}G+smg;H%Ew_@5cgE@wQBB}h
zS5$;Wmzg?lv;NApP}ziz&(92})FRINm9p>%kDVL;68+nn;Me|?AYFZC8VdT+!@<mm
zU~Qid@PsmTllSd94U~hz0fPP|CEtlCC3eRURo_2mN1dH>3!QWG@BT~f)PK_xP&^Yq
zKByVNG+3~EYlkcNYTshJ=2^N=I5uC>^U5^?{aB#|<Yp5ZjV5IumNq+{Qs?Roa#6mW
zNba$7+Sl#d&0$8BUoiOc+I(2m&{t=M0r}nQiy4|9)~r1~72ukd$1T(L6qP)T&(2eF
z9RN&CDdD-{?6%uYrn56FWqKEX(`(TH_Eq+p$esE|_laoPtnIA@8pta2n)f73zBFek
zq@<!j=Qt5>t%>pVTzx`$nlgCk&a`gk2SC&V$aJxmBmgYhtdte?WAw~WZ<p84Mqi`2
z(y$0;p;2G)Sr*#m(}6-BD=dWgRnp4j=!1L~P_j80rN74FiS@dL_|_lsIFM6<+KqVa
zB>MpILW7=wVqPP?_zELN0(dITvNgT-52Ahs`+}2?{NTB3Dl=i-c4-YYm{}~EaZAtW
zht$d~yk9*G5?QsE^8Sfr+K#G(2Q|ZdNnC@0Hk|l+YQ`s+Sy)4#!J^h4fh+|5PU9$=
zJ<cVPZ9NeISP299<On(@I35!v3})}?LkjgDxtld^-&^2WpnkxQ!A@I>Mw_hFg5hFl
zBO-_<lnII*RU^+I<e<BTBL~qk^d~9*dz5tNK0goH9SoWXi&bFu#Kj7QnR#`bBk)tZ
zc6(CB_fwN3Tv?F(-`I0`R?PEJ@#5|A-}>`EH9t}P{H*w)t~lO$kLRNzPN1?l{^G3o
z!r*tNB(gaELi4IPYR3ehUsGpIermlF1eA9!Mp3Gk2U}3eexay1-n}4Hx893k^l|AU
z3xYLl@SF-#lb^<X2j`vtQa}fI6iXClC_3|*aJD3W(jQg+J>GaU|IeUe$_L8KYp<2S
z@m6f+jgQ59dr5+A>#N*@awRpzXDzpYK#`M+-!57{2}P*f^SQ;Fn9Y8OD&tH{;&57Q
z^w)Qpi8X2T9>L{R-J0H=UDL{xy0CD&?x}+V?G6YljO?J%*s_@CEKqOaL(nlrlar`J
zA&O42d5o|heO16{gnx%4z3ckToCxdjIkurcGX6>iS5xhzE5XNeR~04!V(DO`5`(=t
zFsaZzg&&q6n5aDRqqliMRi|a4wrCYHDgZ`uL0o{0?>$I4MCgJnQ97#Ne7FRdyMsfW
zy_)1oI=gjGB8Wy0qq$}Pg7ibvh=!4auFK2vOVe_aHnZ#GxlEgZrNgfX6Z^+Od;B<=
zUY)(FdD+Nwm2XL{U5l~x-RleJorsCHo!;!2JTKU9i0m!<BlsS0f<H{L-6IY+$(jgT
zHeRO;V2>20cq1bmBh2hfSAANX5Ev)prr7>H`}|fBt3}&2eemKQIOW>jg?hwKCr5Z>
zr;tI2-#6vk>f@Se^CaRp1${>&9Lj&&>m80fNq`m@4u2pNz+rJrnqyiq<QmY-xS*7~
zM;53KVDhR^73(IW-C={>A-mi*6C{cZ2}$xtZZ24{589Kyv25r{Z(*3Z<y<)p|LOkI
zR{rrR!21qQQ@wORPJ4F4bMtf|JaOI8ro?zH0qOAPO|AJw<Z!h~Leixms0vIsQwNYt
zRwN@BF_FO6?i@orr%HKP_YgO(J_E*mI5<1jK`GaU5q?L)E~_K>e)W(1X(|i0zrS#K
zNXr<m;WN`1E>T_8Ri61zo^;y~pA9i>zOc{MML7v2g?=&Tn{bxk?Jya)b(cws%k(H6
z&#hqydU!a?i<|}$YEGJhW(?t2GG5wm=twr$*inG!{mCgRSod;v9c@-aRj>ka7yE`$
z{tJ^ctUeP)B>F<vV5yKW$$TYs6#hki?h*U+#9!S(+`(gHH<85d)s`YzZD~H@AT;?{
zhdO)c2%4zKta$~B<O3UivaI5<D+z<?uwA5r?j-fm^pQB*Kl_e{)E$xMk8dB~9Tx0a
zjQ3ECC0e54)V(o&blPR-7U0E2)Q8v0rz;8^sdlG>*ixI`4c!^!X>QOA{i{X=Pxl|I
z2OeQVqTQ`p<Lbx8cj>9!$J{!G*JvWtLqy8`8y?+4Qp}jP^1{tbawuzLy`bC1B#=+v
z8F+M43J~Y?V^KlgVb>%)s7X>#=GI_!9?Ybj8*J<o$GKdbtAw>s<gyy7jPv76*y0%l
zQzWD9#I1YZduEB~#crz1jb-fFbS-=9;pxDdwG>XIXs|Fq{|cQVix75M0LzGFq{iSk
z96};Xh;@j7ClI-O?4;nq_W&<(YVXQW+wx-ax1I!5%~TW;5X0V%pD|9%0I%nnw<I6&
zrr3ByS}5>5kZu!E2kgQU<gfhL`|w=uEZ|pFmQj1Phai&XWSG8wREkw08i?^{ACxq_
zbZSQ^530FfI>>=|#@*h|u!8Bvpd8B>>A$=C@JQ>tGRrALx(ToiL*b6JPU0}N))3*1
z4R|`~TN6v*Uz|4v#a;$h$V=vCt&e}=3D88|8}A@Q>TyWeCC+=(I<SGcV)`wjDBCJ&
zb(+}c#?#boBxH0faT`l{lO`&yC;wKI`AFDw5*bcJ*<K5*>B>gqt_|JHy9a*~cBsIs
zD(3NjA7TbTjSs}DfQ^Eu27YcuW0bq=Ir%?Jz%ap%jC9_u9krX2w;;)FRzr^v=qNa>
zU^Lm4XaeH&Mz@SD$g>_d&hg4H^Z*h#)8ncSln;qt&?y-K@Uryhg~0zl2r%68m;`n&
z^=tD<(lw2g_o<LjUm7e@G3=+?`K3A#zKbC9gyinq^~5RaQ85y@LXnfW26VcAs??rw
zo47mIU$47bvy#QA++XrAFx0jge8ruikrA+LTKADPuZ9?F+jpB-UDB)Wm2aspm5Zh9
z=l&pi7pJ^~#CvSlcbm(8q(hA)F71MG^Wu_KbM=Te{z>gFrQT98Cfakh6tyN<N@;hQ
zlv!m-PE?^h`Qt~>vgC&E8^-a}HC$>*aj}`M$tn+5$)(p9@u}jg{C4ymT_qLzRI*c^
za(0=6co_clT~+c#C#lmJNJGzQ%jx~Ml-=Qmf&iL8WxxA<WPP0;zZF(3=Hv^Qbj~g&
zqZk)S{spWh%I=tcN?E2UC1YH6qQ!N8tTbK)eyob{a53KLe60P+RPTeC;TtR6KSow?
zw3P60QLwGO%vA5g6ZU_8&*gs}qW*u`&W^bM)O(*er*q<>z75A{Q@xKLxBrfB|4*j>
z`4ZJ3&gooq?f<*>e{F$2AmutEXupyA6G4_;B~qClWn}3r@kuCoZr&nn56=Y!TOJ0i
z-+OwxMAK{(WakRD7L~TPx_1^j348wtPj9`IW!sKAWUBlnydQ<88u#Sr$6LU$N5Sjz
zlB;bk%%)l!H^f8E%wXZD4EI-9=ifcva_kz@^rsrv_cM3Oc*tJzH%l{y02?km51og}
z-lUfv5_(^mBu`)9D7`iKQ%(?{T!FqPnL74f9HSJDYvtlgJqeqQ|Fpxk_oNE32Gl1Z
zx&yj(DMq5|V(~t~XeVd%4NnZ%TR*|N%)yV133b=5e?e}-!4g;R5eLL;tynLg5M;sH
zbunI;$@qru$m!vOv6zg9p*!z#k;tIvC*_skf)Kj5pgWH<b8n)H612Oij5LuNZ$~`N
zA#B^^<<r4+6J#UAC{)A_+SA~^sz$Z!PB^d_6ZQ!3`F@Nlm>)8sd-_X_LLxgi&b2#|
z-dplAX19?w?K<aJXLdVov8)d7dG{%5kD>i}7>K@njaC3nS28DA@uKQeB_vk%y~;Kn
z%ktg8=pn1u6H*S;j87&~)@FisH1=Im91|rS1gKka$qDVI_QU550O^_>94~pG7oVvy
z)lVo2^h~Pxs$uqgqtI-V;B2EnS}Xk~89vJ2&#R$Zftk5qU-y@xrT4z?Zx2gCjJy4|
z(*S{Av){Mv_jdpQF~H~h`Ljwh;Pf=#A8F<V;`hV#1=Q#HRgC2HG~g%QsOiR-{xWZQ
zx8K&wn7|v+;aqY)<xGR4Xw=A)Yo3&Mh~NdO@*x^;jm*t7b3OZz=R37p6?Lq=O(j+#
z;7q1v3y%%*6`?j_>p|yIK_}%7A*r6arrai@2b`Lqd9-M@*4nD7DC8P@HNuj{@zG9O
zNZD+i)CCs@nr3J4nMjI7v?0rH8f!|PRB*Q@%VZ#ew(xu8h~I?F&Yaz8Ue3;wCh-tD
zP4DO{?G&E=%S=2wqV28}K))S$XAQQjoaEi&H1K^jmdPGT3OuBvOS(EC?j-3!li=`@
zTHOz_Nh)V%9(&fiyse%;hQ3fZa4~w}Z9Z5PHz+8x{L%~`J>P^V@xD=sv)xgA4Fm?M
zE(o|5#F-*SSNUyE@-}*wUAG=-{P5E9#V-n-z0HE9%idWfNCbfymz<1SDk4JH<ph6D
z#atR}t;O=9ZRX<he5A4?GLbDfW%cat!|PXF1jyYNwtTx|xHetn?k6Alwk$3af6I?s
z%ihl%PP%TAB!`9o<N7C28yV&NAr>rNk&em;P+rCbRL2_EaQak2>;~SnH|AB|&=<R=
zTC|gx{;^Dgd!55Se(o(r-rnVcq==(5^I6^kz_y@VnQq&x1nHS%JXZTi`r7JS@=Hd!
zU0=s58WCoYBUm*`{f)|np8%qS0w^7e2cdPj<Hz9;7pugZXsh0Pzlua<`Qf=8cy#=@
zy%r+uwt+>`F=Nsn1#eY>wVNd%mwO;Vq5Qu9FhI}0iq$wJz*Rvt?!A1JwspawxAC71
zzoi8ewMXd+96dg<`<5-Lsk&)TbT%(#-X7pj?9jkh>|=c|QyCmzR~5hI1zWRMDx(ER
z5b3U>ixCPiE0rviKGd|(6c*I2I~MFpYsv*emz0*ULZ7de-%48P8L<A_AYI^oODPMJ
z(h1Amw9BOW3i%Jg?*5_Qq{ynE>v*uaF>Ce9oV70Hu|bLX6SW9VC@}ffq3&<|=j7Qr
ztZk}@qaQX(esK<4{>8=BKd%4d`X3iBUthi<Z)DAEsZA$sWX`@Dl8N-?90Lof7GSr6
z7=4k;I~8<gAScli!U9MJ87(Q4OpGXad$I2RgK#kA`IEeoB{tXwKX|6dU@u?x3J2O;
zDVY0J_hsvf3Wx^{TkX2@Y3eX8BGVCema{rM9U&iFsv4b7%hSHdbC!3;C+0FbASvdB
zCGR;P$<^EI%l~`In~7PJ4`+}}&ot00bJDoJGuQ>kk-dMCv^!bS19RUsqKn|x(jZ%z
zvjw?I3c~6>=?mBuBl>Ysb5L14c_R`s1CRq9BqE=At!SY}xJ-&=!W?&pa+x%qug}ic
zvJvS~x$X&)Ga+juIqJ6oN>e2>f>x-=*x7W74sTW%4`o?CS9U<J>{}xTB+oXQvKnUj
ztzAmLxneYr`qD~TZ%_x@Qgy>}{K6=B&J74kzHQ?B*!Hs?KM;E`UL5?0TCWY9Nh!k7
z{Z>oV&rkEWqS(EYvi{29X(X?l?@=P{xnV&}qCk5NwjI5x!o$}>dAJM&Jyhe{?PnXn
z*mkQLaiPAhWD`7r_5`f2FJJ0)q9ssJh(ulO06Aw5A~WV&MM3#ny+e9?qK%Uyuj!7^
zLdg`F)VO*3s+iIL^v_FKZ;};1V(ef0G-qBkW*Z#C#U#=-_*Bb^Wh`eRi^_m*NrZ*L
z>C5F|0}f$Xy^%t1%;bf2X(LTt@qceqf|J~6JRzV*0yb4R2O9;pm=&l~I9q>fmaNbt
z$cw@jR%g+`X1=9sMriF;Xe|j7s;SIG`8Fog#BVQO21!08XS$8&u(qHcdo9sE)7SM@
zmV6Xd5H<^u6*8U~5t67T+xP|KtzpolRmFm>diySMZv{#AtvwU=R&3k%N$>5ghvAmr
zDppNmmft=wv-Cwey~exT2N&y>)ikGdc&8wPb%p*XOm|cj9bvPf=?>D2v)K_=8d1Yz
zZ1$IDrHXySMe`ApQ>K|gu3y2UB(oy~GmDX^xwU2_2IE|I*2-)|oCW?uG0cob_;f`@
zF1LG))PgYUfMhQ^j3{O49R+~LGXfRtmPKGc`$*yX3Ec`i)j)z2bjb=66N$mmaTCF$
zB|9a0Ocv9!@ZZUTVLpoOlqT_6^$BjA(kHDZcKZZM^yk#4CUW-f^+_Mr-9EvI`T6uI
z$w;MGmdR~-RY|RCPC5h3qpbrCaU&)M9|P~~5~7utghp#*sx}kt|45W+fD`l&6Z?ja
z&rMS`KZKi_$UgflGHk|qK=vs!S^(~Nd@@OYLi-Q5$$98GgYQxz)Co$=6igS^U?^nH
zJl844{l3Q}FMVH>qRlJRr<wIy<{j#_G~l2HI3P-r!T>M<F87kwn;EHCff<WtN8X@L
zcM6NyyfjMJu4X%EHZZ=0Gyqv)g)EROa`KHG`v`=zzJSJ?x9|PHcPe%mHHN`6zZjQ4
z!5+DVgC@!wE^?FS=Z{OYr>^b=3Y81;9l+OnOyW8DAcz}0GEbQD-b#+G)F?$<$?s4`
zwFbI**diMxY8%<#Fy9JThPvHzt%7&&i<0%m@@K_UjJRl$jw!<?4^dUV$49Lko#|~;
zbFo&wx<VuVc;9M2q_5aj=_<4A%k+_Bz|Z3j>l0%-L)0yNh^G6qABcq(r5@rqTyGV9
zQR!~foEFz*7@nN$!Rx-hzUV#<+K$O{VemVl`Iajc3%k(Q9b0asydh`7(l~R)*XoH`
z>~r0NI50LBg$rr|O;^+|H3u4*xn96TU=4{lx7axf-C@AG5qhd0?4;SBs(5Z~bh_Rc
z1+|B>8}0bun4xU@aNwdSXk|=I0~h^k`y9y`#)vYAGopJjYANS|wR)3Nfb21(PkjT)
zMN#OHqY&5|*JV6kb6a`D0a#+Bt(LI7o<wOP-#Tl-=xs=JEp26!E&r%nIfZI3>{LiG
z_lLLr`Fuexg-Z<yvsr?+PoIztx~erN^y}xq_|QVd@tzGY)lzBIB(B1k!I}6*=gHd*
zjL+sleU8{ecF-6d?cZMUyFr7rzNKrFPEka<M(dbiI)&np3Gf~kK=Qa&Kr&<r{Mif)
z(Odk$;l!X`Kh&7-JNB+*z88T!+6ja6=%55Vu}(;%RC$1lrv67B3G6ra4-9(lwxk6E
zYVn%X%r-nA|JvFzF8=yIfql3jQ;U#y<;XIVkupj&qr$;8*V39?OaQ+LfYmxTt>{)C
zHj0=bUa~cZK*v$i?!-9tQUhiv4f2|7`FexGCZT}1M6C0(kaT<$U<b>J+|g>QPdu7!
z!23!C$(sslKGclnySb`qt%Y)i*-GQ<9YR~OW0jr5T0@Ric8*ncq9b~&vNLwqvC7V|
z%Fh0M$0|GCb*!=j*RjgZ&~>b`Gv2~um7QaioxST=W#?FBCv+XF>>R7?nCn<&=U8QD
z{GMZ#oe<GqEqL^?%Fh0Etg>^gva@#`tLy}>U!Qn$tg<t79jojdtLz-B>>R7?9INac
ztLz-B><ru!jBCpID8^k1REP=wZ!=!WvRSPHYeX|dc<WxULW=^{_aU)*252PXa}NRS
zBV<iVE?~)3OaZWlAg|tj<yOkL=5H}fg5w*CVT3ll72~eKkwG3x%rIk}6;g#E8*m`9
z4Hbe}<%`!4Znk7h5Lq(gP@_a~u`U>)bxpI)IIH*`0_1Uk+elIKjjAg~w>Z!h+ft6N
zAT+CFAjEas6g4m1%ZXwTq>g8#8#stWX~Rlq_)BQYO!uVd<BHAz>Uvw&JB*AoP?(jf
zNmg(cu+L))5lau=@6eBh>9I0h7CA`bWvxgMexPjtzMAA*8SO~T2(2yigNe7}4pToK
zcY+5MwgzwYU*n-CwgGx>vyE@9g09_0m~|q!TiMIh#GtwIw&EyBSSW(s>b1=>ro{r<
z-I4Bv2X8#@jC{?MqHA^)u(XdUuV8F%Cj*vC(J6<OfW~@ysyedn7Te?GwY!SfHG>HT
zoUXtObJ5SjJ?+MLk=K@ZOH`i`A`ehS)6KHtY(-Wa!m}XYX@>AA6wMDxu?pI6)C${=
z0MjrXtgA+3v~HzHNMGYCvW7q^BVhmj>A(FeS?=`dI!aLsjkT<4;Rdl_Vy)*0SPkGu
zcc7!O0Z{rQJOIzWxLI~ZhbK9^ed5jAypZd~K<%f4!GZ^tXgXHB#R?)Dd53s!11l_^
zAy~??DbQ;Cm0sB}VvS<^c{+ppDKw&%bdUR(SUTH8X=2fhwNUf0aaLsY*{^6(ENOQ0
zUVbCj>aBQHRkG@~y`Y+_ZyIqEg3523RmipR+S*X%p#jC5V{?cE`Ea+>>?3d0Q9+n)
zFRDQPd&iluS-^T&zj*rlKjJnavLb(c3h}6Fh71XKsy;Bcv?#Qe6*aQf5+;6VVIRD%
z>$D}DEK<II{~uaz9OsI)V#R8P84^xYJB35&)NnUQN!bUdJNSILl|{2<FWD_mEk4(I
z!dh7ht^fsTS;*{$<mSgZi1X4GPkZ31mVOI6p&wgXmRzhcUcRDt*xaCg2Q>70huq}{
zt7?gaLr3{QzuJfFu$S-|1G6V#P?0u+!}Sr*7(GU?Lm!}gV@gm<r-vd?Mvan^Rf;Rk
z%D;mdhQer(Znh@7`*$a$8f802ft!NC91l=}5;p)qhNkW5E18>zVACSZ>VS}z7KfkA
zf~Rci@7g|f_q6`TZECzLFx3ygm7xI>cQWi@)0FNB+Y!=lW4$3@_p`VKM(SP|+zLGh
zhA=sOe)=H$89Q6alCGn51$uq%KkBE{YT*xl2lIEN!=<6Y@)iI9ASuu>X9v<&^@-Lh
zAmonj2(4rz@&#H5oVn(8uhDO$V6K*8glf0iCKzJ5AkP-hp8gW76<X6{t#2G_#eMT2
z?Xp<D6WaC~7p@1@%PrU^e5I8@)|TpujQbggL|Ur!a!=2P5VRAz8&B+2&GMeRAGbL!
z=63UYTsP8T^ZWoK@Vk6+LeB8cQ%tss1i~jyx9R??k7WeVtCuWSQmxCQ1QQyIs2I~d
zpT@`HFKk0^8Ki^pf>zO7s#=n3>>F7&HDThGS5j=5s0oC@E(_+@r~Q|+?=Iefk2se1
zg{iHk|BbSRxBOmsFG~zCAtO_4`=I9sc%to-ZpF5#p_W#JGW(bnjpDZt!5>m&D0ia%
zf+Cd3X?)2?SM_iq{ZqA{4mnUZeZ1*ICi7F}GERKws8N<Nzju@(Ml)FuuRVbSGWH)%
zZ4S-v=&S|jYkZ~v{BJ-uORXy!>`E8;65iB~qw%8GtP<1$V3w3)Zp8Zy6;i!xiecIE
z!p&vH%7SOqJpW@2&;6s)5B|ga_G1gog`OV@rC7*doTa4%=9$*_?E-A_Q-#_TB*wOD
zDX*l~`35MO)j|ta)dS|tz`PZpr~zEq{?K>Fw!PC;re<ak2@HlIMx-Exl;x6UH$xjp
z$$b>>B^NoNYs!Uc@d_>nVs}HQeIeIhp*J(q6S+2SPjC-<>!6J)wEGZhneCBdq8X@q
zFefMb$zpTetkrgZzs$*hs)6XKz+x}t`kP@e*uCx{;_J`RyPPeX{arZ+H}}BTceL8?
z^BgUdQ^sP;#XCmx@c`+;pi{Bu`Cm!v_oqa#yJAN&%(fmeMR=9&^y^^+Wm6;C;0o%b
zwLCkksM<gbssxYdU}Q))iq+M3?+S%a$yq6LzrN<)14E2P5hW#n8DTa(wE4UZI}wBy
z<;Dh{fH2nv9gt^>FNPul(8u>|@x|}W$n6EIzz)8yY0Xwman0)2-N_oD*@;rw`#l_^
z5Q<C?GH2JUfb;$5IDlS4@~9b?H_`?-UCA5+##FXpc~gM9coLt+FRyD^(KUMkJ2<lD
z-|j!rZhd745{19(69hTM;89q>32H$=2Pl8V3x+=GLf%2pXbuirE-PLS;0=ULHaBcU
zE8R=~x?#IEhdHa5N#xWM4$IlvSeE19=uoY}K7GSRz!4(i)VPx03qA58X^m1+PsUY|
zx2(G5?Cyz?VCR|%&2d826UgR!@*DVPq|5K$zI+SS;tZBgqx42KwKW%nmi#+bDK5nf
za7t&S;rXA3{f?1wk=C^xADe3sx_7p0CGrrQ72uu<Cff%2g+O=17J+fecdp+sWmERz
zh_|$y8!5P!Tb{+Y@K=L?#IbD*p3`o&HmK)jU5)BfcCUA8mV>3(nA5=1LklU^;Hd!l
zbm09%Lfu$1;~-ms6;x8)qR0S2%V|f>$yr&*9hd;PGE@M%iW=+}_EGPop>s&;rwcY*
zyv1feLW*p$18X+!x@m%HDf8C`dM(nqldJYtpL?T9h2cM1A*9%^F-wfW4!7o5<1g@s
ztdx4^e-OY`+alm#`5&?MRtyqAF<`Yti!x!oITO#xZ^?%fT9%70H`A=?!w{?j^lE0q
zuRffhrZorU;={>egd7&#&*#fs64A1fTg_n_HAg5c8KAB85h}8j=Jqi){L!^!@HO3T
zJs@G-_N*>?eK2ZlTgrIwo$WFjpMd@6!socRG=~p>Q~`{nn5}yCk-cq!qHbf*pFs1`
zX9=p^TUr8V9F5m8LH!j|vZ*oy?YpHr3qZNtwI+sI%ECnL=`(#ix};)t#n~+*v|94I
zqSel!F+!lm4)(0xQvYmNwF4_A<e!C5Oc4s+>`F*k*vg!*I*h6>Yz)g9jbhb&-SC_}
z@g^}O0*szIW7Z$?xby#-mZ0as{d&5QTf&^10KzWP-^goawWfmq#0;0K*;-cm&oh<D
z(##3So9EsT(;a$mMrbOdkwB!Au^`o6?e4<DuNqt)l@L0fG?zFR2TkK73D-(#jo|-m
zytoVyN=vHw)uk(*IlAxk0tRhd&!F9YYDQ?Gb?)_sD7j_r53nZzw`5e-H?gm^Y>{m?
zjI5b3kci-96NHwUuT`AZhV#;<mRnl$j26WxdYXk+E-SvJ6)$!!5)$*-p(j!hp0jN!
zYb_1oqVmPDQ6u&W60W5fG67HC(;Q%&SDaM}6@>$Y`@niBWmOM@=bE$VIk{uYu;hdI
zU3y4if4anA(4<99)>_VhY%hoC6>z}RlKgnbmOoAtKaKkOqM%BR^~Z0rxu0bE0Ya7H
zYtf2ZS8~Ag5q!NBRP<S|UVY4pCTICqmE67(D_IQ%`FHo?Rg?mmyO6N<<{?>6KW{75
z8Zu}vVnE0ScH~eu#BFoK{D*eT_p-WC#5$3Y3d`TvC&7~6!FMLF=?x=L1ahS4p>Cuj
zfYIsZ8<Pg;6+0^_ugFWL6%)OMp6gXMK$7hb8LAZq@o9hGjK<3JmWn?!W@3zy1}gzW
z>;gI}oZLUSN!@gGX&O`?6JEiqc2ev-^0gS1dhRw_d28pkH=|f!1-uPd8Cgp++2B0K
zf^+N?CAsf>^T}Ahks}=(P1;#R$&JFXdCZoD9d@?W!5^WKqvp-YZaol8lT4AuD%!I<
z3}C!~FA3;6&1P^>c^O;A5QHhM|CfIBmB;~L-3IkoHQuau%}C0TGeXn&5#GPR#{NiN
zd~-=?wQkVI|5o!WXL7e5JZSdq)5WuAi>HHXP);^{y&3W|9u1*KL+F1uL+C#{yEMW(
zdRrR1tE}Hylj5u*tljgK9EvqI@mkVw7kgj<FR(j*KF1#+1r63_>)YPn45J5qg48_3
zPK_QI8;>_0*qG;fckEJk2JN2@=|^))R-|?BoHAx73OBehotP!Jg)ARP&4qN(fkC_i
zd!&iSv8VuG!!??ldICu*ZPL|Hor*Ab%?irL;+nfwScqU(AS$=uxkh_;YH3?NZA|Si
zS+=kbAjz4jiCHl(&7xB#5^b`hxjOq^+(GyNX!OgSpj)2VIl3rp5xx=HUFZPQjy6)3
zZ?{d2uIfuPrhqgbEE!@BeOonb7+W_OZa%o&U@-kCKPgP96<eA_4}ItE(X79eX!2N0
z@4nDFk}T0_XDRc=z#0j>#}$dWlDVtG<<F6+oL0Mt9mtzS>Os1#jAPPPk|Obwf(v7z
zg~6b~XvknJV6byg=?x91)eYN?On0C)`=s#YTRMc)g6!)4cF-V3R2nu^5++nh>zY;K
zIr-mbAAa{~e*WjPvmc($|LyO;JNvMJ55GPC^Z6(H$M4S1&(41M+v~62U%mP}KmYWD
zXtp=_*Qc`|*sH%M5;;Hr^S_KV=pf9duGIMr9vN+3irzb0`VoSID5lfM6%?syYR|Md
zHWgTLYqH$hQG|^DYVKavI%?FDgG{ydggmabUvjM(Ed0IIW<t^SR@*4Iv=Wu&n;;fB
z>Rb`I<#larq#m0d3tr}R2RGg93CKdG;4p8?nD}`5v9yj_YDt7|%L3#(%we}O5x89z
zZL5vDn0?F`%S{u;j+M`8a|M2^Sk1(6u9dTTfARZ$yJc6Ehl;q?MB;mT)rJDx38aZZ
zIKWC)AxIgn$mtiq-<)DtR!{z@*t#ibrKh?=7!>lO*(_W2NqyRW+I-4C-F@1f|2RPU
zY|D#++Yn0o@0N?Eh9t43QY5E4MeZ28QDnzxr3SKCyj}nFlijT6yLRKA-+7;N@AJm{
zy!AdS|9f@*=kxvj9pFZlY-)B@u@(OqQFGqwA=G!15^nFzRK?a@L18dJ$=*<r7sFKq
zR+yE~m4(|kD&4o2#zbpexl#~HRI{9ybSPdo)Ft2aHy#K%Y|m7#6$Qf3X$AwH1VoRy
zWhQ6BFZ?@X`_O8E1Cnn|$yDvdGnlAEKoJ?w-wTWAu*zS#g`J|{^&de@HtQKFj4uL5
zucO3{@vQfop0cYoyo)z4$MQAORi2ALbFkU&7tPN{MRmgm4H%!A5lU{@Ze~J?hz*Ug
zDnnt)39>=ckiA+D`+c;lQLE>`aNMw+!#03%(O<Znc{dbT)H;T6c~8ZLxKT@Pz8mI>
zLF5K372StZW$Nxrp*FmXfeKRaZpoD$eODG9$>aLF6f^Qh*7~1UAGwNTs_D6WDVcgB
zYq<N~gM&>=9vTy=VGJBvpY!55Y&S3C)r;K_b44x%k(C_-mwBTMc^^O$5Ld!^beAUF
z(xZ>Vs^8&{od2rukawDaO)%#J`~ngDP=G17r5&jr5n8kLo|UzGZCSO3Fwqd|T2lR%
zNo7z&1u5cofN@qccf<ZTb^<sMzWGHWm%LXaKi^^`)Bmg4Gc2P24|CWS<YL@@sxSWu
zlOg64*L1bC|Idcs(!#{WP(c_9@FPU!YVWk1k-Lpl=!0^Wr;{7DJDGKM$hZmf<WihC
zh`a8lbmtUE5hw85$ztz-9aCV#$L^uB{xpAw7Qzx`uf5Z~_2QuiqZiWQP(X&IOZ3qL
zp8%_HCaau_^--caN>ro6ag?awI!aWd*HNM(M~P}``;HRTQKEV<iAu4ofyi7bYW6Xf
z?|<FBn`~r}D*}+|kS1@b5n9(3UxE>HICCSD+ie%;nblgnQiiGY>XAAGi7SB1_Zu-)
z1Y4=EE7_DO!3q~>wWkG9O=+$11zGFoO}GJ`-LN`GD^+;7wh+5t%6vht<<?>U==m|0
zOX%$1nk6gPNR~TL+(3~RSipChus(*R@jF<eU~$wx`!yiO_`nB2p5e-scMuEy_2o+!
z5Tc*`>KcZPe1Uf<R<C(ZmOOxds*n9M!R`=3&%pt7agXdfTtm%^#xRAx#P^r1+Hy3v
zFS(In-@ZFFNUhb~yt<pu=W|oo7|JP(d2##^M}TWtn{=Pv2x}(LzF3Xp(^9cB{aff0
zomr{R1r)SNetM7~KLg?wq*?@A_E6wd<nnGT-XmTWBIal`yW<5cun?+o*F`t*n2TGo
zC8NPZr*9ZPoX3XR24|QxV~Xi5nO>;uV;R6!H!&Aiddqo1H!#n@we=3(>CMvFiy<H`
z%?o5z+o2*$s#xAO{j9f2&LL_9UbvyRV^b?6VXKwaPNg8M+^{XHXwhwy!SsG^B1>l`
z40t;ngiDN^45C`jD=T-q6O56Qx8j|Y^=q!+*gS#zPc8s==VVM2+e3D8Pqbk&fi*uu
zb!;d2YyO~c(W(&_$sAvE7R~r-sh`6TbWvA3h=|<7n{}muM*8%vV#?Kkum_kc?gF`O
z0DNrv&PD%xUFgvcFjsCMxckSlp2q!y(i8Q^Xxcd)Xv<#yxk)6Vbv&Hu5Ekf9{3G!?
zSQ>96?16;EVS(FKtHZZT0Td&>W~dg6wU$=N(Z${<R-t|fh>v>*5X6sL0Cs>YBeb?F
zY3vk}gb9U6T|G!B)2weVUy`Tf3{di5iL59uFvFIPmRRdSr>!jEg*#TYMrle+2#Gw(
zw0}Gvat{w6c{c<iA`jjT?YbYQ9NP^c8Gam56IS52ij5d$_IT5`55}8(NF==+yL%tk
zoK2%PJj>oN8eNh;gJW|QIK~oZaNw<DD?5RoJ<>t;Nc>E(Z@6eaViA-S)3RPt*RS9q
zEE(~!HfjUvHM!Ai{6OPzslbn27%7BgDmuCP02LMaV3L8p`Ym%Ahu-`g57GM_qH&XV
zF^rREuP$C57y-C)Q-@XoG=BH=<&b$Ur947ffV3P!1sZJoJBbBCsB64__!n$D+>+Mz
z_q(#!cKz@#*!E`hNZV_>KK;6FhvVp%YJ0>st5}xFZFyD6)ga*1UiZ*e0uPzYHGAal
z6#`Lc85uRFfZ6CkE-)&G-H$iOj20WI>fm_njY<EpwuC65`mOL?C>swiu%*Gh222Wy
zQ?;;?sEWSFB9w5S@m>UIYR=q(dir#02{6ZPNplLFVj>Uw8cJGkX2xHJpnu?~L~;LA
z`52;hotWkZh}v|cwl#2)t#IFSMNYo4V|-%ndGq#txa&5lAMiIZU2<0j0I(mHg`Hr_
z-9kVg{S6nn!5B>(83!JW0!-^{#H~jw_MChW#0?Lbw`(rw{j(WqDQoT>iaW6)l@QWD
zC?{ECfnB)07X&DND_}wCw$8Oawok#1%&-NKBxUvoy<?cCa1eL(tn6U2NfBZ%Tr33G
z<&`hHwq+uXI;2N<T*>Q7mou1c<4Yq0m0=K`W=Fohd>OJWTRY(yU$w&FIl7e4m9S;o
zB^nP^Joj+`%-mtRG&~>I1johTj^r++=RkC0S}_B}4Su-Y6md1w$Fbf7`X1^dqLb8`
z2cR{T-?ABDw@eT|*7@3p2;;&4PMD(@*4EFe1_r&{DOI22sYGG-vf8Pv9&;^sy@7Zq
zcmchTBo~&RTUriyC@`%c-2l2TcyJnF%<LYOv%bV+`Q@0e2+9OFGgm<yk!_MisDOI+
zFq1hjmd<BF$qlOnVC+|P%W4NXK5qVcoNQYxLx!Yx7(*92(9(l#lAH0Jh4g>mcHAp@
zb{;eV+%v$#EU9UBobT}=d%|SSq5d$o94kQWR}(u`i3T^nkjElo2pqG%1Q<x%5V&u&
z1zs>pbF!(W(E974%G7$R=!=R0o*XT%OO_>y&R@U2zUV#(e97dnGx(j*-1s9yvNKz5
zq`V<#HaT$3>rJy<WOD1}3C<N?t0!iS&ULFp<$t&+9C$^iDy?l;=2{NJ37ak_%TR?L
z`)s$<z^-7b?xnNrPeTY(D>@Yx%CHYTtM3eSu|FzkGPqaAjKZzOq{QC*wSB@bUB_3Q
zTH-+*Rf3|BbBvv8n#2%2^)0y<MS)EI3aYlWTq-~r^!W|FWo=HJ6Z<-?N8WITr5nbD
zHqvII>k$Xalx+D&-7=q^XS30aN=PyHeh$s6d+>ZgE?f0trbpF(gIB9xzz=U&eJ86>
z=~fsG-xhB1{vxX;T=31gs3vR!a8;Q{G#|ES)1d1r(4%ox=4CHDtn0!G8;!!wts##>
zO3+z*9d@!sVucSm-5$vb8u-xwh+brwY{V#VX(ynt|G*Hl?A|rdVq;PD)|WxG!dzH@
zKpN@C;3yb;|5)Qq6#&bjm4O@E$U9dd0F%u}4L4!2Am@rM3oHS99V)um4aV}pI8Cua
z(m)k-D}q&QD{q}StEtBjF}0LjFsfKE_GX-cK<v?IMY(RPUzvNcFz2;F2$v35+9-cs
zF`R(>>PfGB!0RS&Sw((yVOBrFru^}?t+D)`ZOekzYyjpKuZd6!W;r}DC5NB<#ztig
zk8507+_Ibx)s`9_TfEy(<hTRrc2_b?T)@SOw}ouP#)?R@8x)Pbihu9DC|$0|$%(Di
z$EXM$iFWTAW9q3_`VZUVncM}gsCb0`nIUmbWJO-HEwu1{a~7F0k|u>I{u2X`j`67r
zLdB$l#U#ST^cRY2o@K+etZCsvtbp&vE||asSnb-FCb=SZf4jg~aE<Yw7~(mB53o=n
zA0H^P89-@is#};=w@BW507S^`q%ik{geKe>u5owPOztDh;NiPu^&Mk)yj<IH3T+m5
zSc58NGYC|(g+v8xy@B4-l5a;hkNLeyneS~m!3%%SwP9*Sq@`RzAr>&o{tVmXv%@Gl
z5Tz($=5fbM(&=Y!zW?#(YSLi^Zj<#Q$ju+25ZyCaiC<rs(%gSokgsHAijCbOMyndL
zvp}RE7i+Z9BEe_>250OrP~z82u!?8B-i=weJ1B_<E<-o!b9dIRu@UpVpAJ2I2Ly#w
zH|O`B5eyK?At?e<<*3N#w2*?4tM6Wfqa6Uo69VJgsCeV*mN3`0sJ7<2Ln|xH4A^$b
zz}e#`fIxt|LrMJZ#f<O;TiCzg*02!(szE`o*9gb!s<r|%gXa5Ee;U;v|D?ODpZoXu
zpG>$s{Pm+Tf&JL~77w-nQD}p!v;U*Tyu{&CKbqVxP+-Ah5f67I*7{j70OhIeL^=Id
zOX~u%W2`Mv$QlU;Xd+CR9;Y)1j{8WrWx-~omXZ`wtj_^!^g<B!kt^7@IHrL*)5h)z
zt*|I&x+(oUBJ9s^g{*&Tmvf|{_Q6^bdMmjt1P<kdFo!#L`5im5<w{HKAwB!rG9x#f
z3e6?ULS{ECH{~_4%$R+{)psw#Yu~6wXrP9K3#~ZJZSs;HK(63`tv&V}TBB~vW^P$;
zC`JKc)e%z{Nti9>z*oaUv+cEJfbI{NXtf}3WVNM5VK8uw*d8`~Eg2CkV@lC#H-iH3
z+!bdsXx>-|i3%v84j>4o5L8$gr({{l8zx9rG^+NHc-xH3iqU+I`8Z%tGZ}6nG05_!
zEzM!Y{H-mwYRiOt_kz$>&7fke9`Yp{b?Xr{x?&NS4+8M@wEQ|lvzoE|3tj}`CQ>|b
z#2KE#natgyyKS!NSiL&fs}XKVY>nI!ElA!lbt?pMaCw_3AcSy_kcIdFV>#7LYYh$m
ziGXJ&CA?*oDV6nu_3Vieu_ufpXdK2r)|O6yG0=jKs+p+2YtQy@6Y;=eqUM!zZ4dyQ
zhT&}lF5&J#M<`;v1gqO*NplWq)@CFPqc}NlM|5gT*6Cmu&BQ5bY8L1dGu-X8MGh~{
zG&gxI^Z2cOY1n(TO|r%`U<Fzw-Vmiq$ktU3HfM|Bg&TT%xQto4p|q0ZZ?Hjgc-{Qj
zxb9=G1TX`<5+M!zn?t|`_R<^(MZu|a(>~ccMtzCaSV0rI#<*rM&&h8)B8m}H1ufM^
z3m%ALc&5x33o{9en?J$~b#D*3BJK6tJ&EXSaBrNaAb8;A<Z&q240bA8$FMC#2LolI
zT2dx{<J<eeRe{K>pl$(!b;^TacL@}&bcOk<V$dhsePaSqY?CQ_t0`QF9S-74Z=raa
zT>?#Rv`BsYddtnVwJqLW@=(P=|7z*HV=D~4>wL9GJ%Ofszu!tYN;{+%B2Y4DpzodZ
zT8ks&p?z{if+(T=tKMr-o9FJ2qIb`Tz2Cpm4*~+VJ03{F?O)vh&#Oxepfn~)j3=}w
zcM=AFdtuJF6R~l4{Wo-Tn-i&ach29qg$Z7=Hpa1H`aRhCm}FtEue$Nr8(!t}l0pR3
zu4HQFw>*)g!@f?sf70ngAYS``8HNF~24~}waFtGA#*#Z{=k+mq7mJ>2ul+c>o>%j;
z>s>4wuD#|k%L%sy!sq&pj0*aAO#!y)UmgB;xXh!OXSZOy5l}{|CG{^?J*kvsQ`j7D
zhlNsaprJDivT<Nv>4!T&=O_fX2Nm0B@W4gdmX4M#^Dp=MmT{3Y0jNEd?Ke2sMwE+$
zSC~S6R(kMF0-g)k3NAdBY~x1R!F#AC17Lh(YO~y>%diudpMl<D3d`j}p{Sy0%~obg
zCCGp|mI#_AJnmzZ7)&)xBxpp2Vfj31Ntk}_3G84yFmNJ#g;6R=sw6R*zFQbGjGiBe
z!!l(Gz8a1B_OB()ZtiH6E2!W=Yrf>Vi!+p^e8ESYp4LfmKKA0GFZp@hC1>8)>`8<v
zx`bCU%UYe<?stnF>!Fq+MNYwa+oC02Z$IlgL@@w_6pI1~J16n%+Ls;&hNt~ANm#`R
z8ScF&1tmZh;`JVVr4YJWF-G`St4mbWB<Cwvl*+ndCpC6&g0<%PJ(OqlmH`?ep@=|=
zXniN!h-*aYkt<uieAW}Xlc{QEt*6-IvopP8?^sdjfA7a_)ncgMSkn{g5m-ZB0xBe4
zXL%*d(wO46=ly=$O8NkCW-(n8C(Kk72OK%Vs!CRPH1?aBCIEX{Re0(#&LMqBho{>9
z3I;emr>-7E%2qi03#;il`Bve;x^uyKT1T|)1k%1fZfjAa!o4787e%@8-s@?eDU_j!
za@8A;PMcp;603j%(T8pRQExr!tw+7Jd;M3|TRq9<z%DwesB2{NI(y(2^%4z1j-`_r
zDM4GHrv*{qcXxER5SR<V#oAiI-`Tf*UD04jy??bOf?Two+4Z)L^yC&}jv2t1Qt#<g
zWqjNE_bg*&ooHAm{_<InYlbRDx4R^lS>r0DB~sOVIA=BGg=){d_rs@bBFXT%Hq{7D
za5%lQ?Z2hfCr~fBe|2p(ez`vv_UuP>#%fY_8a(1ag!+L{zYC}P)yI+wt;>H!c`+VU
z?_YLVv`!DmW>FoV`Xs;FaFJ+N9vMUZ>J1fIGQZ`rNf`kX1KZRnAz+gIl9_V+NG_u#
z&3L^t^)XTvbdW-7S~sc{A3^p2C;S6CY2A!Jw3HaCNZY@rptJ8i8x9TcUa5iN!%roj
zzvT0b=<Qwy#rO8F$rW%@&*6bOxxZLN-2OGmKp(4^+rN%`;lIXSNUG3#pWQH4u{V|G
zNL}CI3cjh*d2*fKv<L+Pi+Wn!-$b(A>cGD$mNMaHHCh?0e|1)`E5w9_wE%eVpAD;a
zm?mh1hZG@E>ZPT4&MH`G#$Oee+ouT|X*I-xT~4SembkKpD~}D<7)zuWD2dX)l7r~T
z#7bp}BuT%bS*UVZI?YIhvxG`!{cG9+!z)thtbe6fKAS+4>{UsNR6^@t2b|w&mD2iG
zYUQ*^o$pmy8>yr=iDabe+N8>A{p+B?j#pmmU&)o&CJjutYTIaKwn;SWconyCP`+`J
z302)5rkQ(H-X@U^SA<Kg`nE@P3ePwFJ7ir>38uDJx;YK6P!+lTdn2XF`qxCoZEAm`
zRp|QHeRRFaGdQ(sU9xW1scjdjVwXrXQtNK8s$C-KwAy#B%3ZROl3WWfk>b>nwEgR`
zG>ZF$92!gHi-MwCV5$YX|NH<nPQvJ1dsJFSkA>2FXcKFuUz3smGhs_3?F&~@@ZbR*
zCFJEfrifDrKM4c)-4IDHW1lNC#tCG*xHS+daeYbhir+%Aber%YE0a1p&2!=Mt-b1u
zdr-Vp#Z)O%11$%;ZzP5dAimkKt(ufgRZ5lCW-9h}4;X7qu8~cx!|cwqeE`z{33@io
z^P&qUV_Y09c1DWxS&poL9uBz)k4tVQrr(~PVqAyk1=8w-4@;T0T07l@gkc0+fjVSe
zxX(mYbu?)b!9<p_5oQhNQ51B0g-25N+vZZc7vF~PBs#;|reR?bE1M~8<bBU)wqjM4
z$_AFZVeZrx-(t4Pa*|bHcu0Furj%S^*#YpHv7}Hs&H7gb=Hi-B#1fY#f6jBi%`kC3
zfvPD;NN78Jc32<oM8SVsmIWtFLgV^zY{T($gKKVr*Y=<gw8>}RYne|y?Aiw%sB{PO
zD|zSeQK`WpGk?Vkrgo}^nB^3bTV#qD-ra*;M+OMcx(`2)2S^R=gI4}BcHK5GCC$D+
z#4;iD-L20=Ng=t{Ns?|{X`RDtjQ*U6c0GDSGMY|jT3(t(Z4nGC2xAW~>8g@jR&Us7
zjDrWLWbD?AD$Z0*?&!{f(@|H56^y(V33`NNH|)Pn@4#3=OR;BwriB!1#q%+u4tB#K
zk@S|*!Bu={$-hI~r&Kt>i>piXgyStBX5x1&Co0>pEkzwA$Pt`@6yX@;3asBIDd?J2
znxu`m$)vbtRSm%<Yr%gCp3&F>2L%EK^cvj1kd+Oh9%cb+(cj?mG$M(%H5Cq=acf@N
zki1N8w~gTS?g_{q`goC*dXlqSRy<LBJ*QQ+;Wf+jIr4;-d=4EHVDMdR^OR_n1WphR
zZSBshjc27@iP%k&4G4et>iT_fQjIVGOwB|Ywx;lQV)f8-vBD7H&@ypoOibih?-Gw8
zuJsDlEFluZh8~bwF35|RdsOoYgx>)m<`;C!iWgK3gF-yyv_b^*Tu;mWCN_>E)0x~?
z2Gi@c#XWWg8;68kv4Y(qu2Ep%sBpC2nTZ}hveFz+9*|A=a6ZI_n0#9Hc$^2WgWiS4
zfE_`tt{b)smVmI=mX@H&I+Q1WcTfkgWRx3=8WHP~l!d~|z0x2{R;;c#yJdt{OI}wL
zfH84i;Z%#6bZr3~aC`&Arl#6fjj}mBMrcFbAue^fjHBMB8de7y#j5$b;W>NaEs3x^
zooLM~5-im}<LY{i7HGp}Z`e+GUR@_;#8D_L=!&e?R3BSFC8IT4%S!)wrZQQYxdch$
z+)YV@@@u+7v$GRX6vo5@1}mJ_txm1X8vv#|PI}^6z`1*nWe`t==*|-w2aP+d5&WMG
zYfGTG@b*}TFFh5ii?rp=_!*%^y^+m&gUQ9I!O2@{Qq~By=OI{$;3&kjBg~*{#VcBB
zu3YiB{SXYz9cgyqvO=)<883DqREgX~S7FbhQTRM(+fvq`Ji(InLyS<U<XGVFMMT)P
zmpja-t}YIRHddTf>NhZ>DGM#K;S*M47`m(v=-vw176B{U(28a?tGKFph6uuOrQR$I
z)Q<o~SkLc9Ru5^h>6_<3tqlxoqL7dZC-xXnVxJ?7Sdu4vqOBn2{Y`}pdko01UjQy_
zDpZ({<q(sMQeeWm37Qd#QHZc10I&$nFg#ci_*di&9Ybm&@K?0a`+!yv(60!^J;1RC
z0{of^_61O03CrNYfW9W6JtikgKTeYL!zV~TMsoC&#OMhr&lBw6X{pW=)10TI_)chR
zTH^A=q~%9xYg*)2LK0;{0%dai%Av6<6QHsl119THAhM>yV<i)Q6lknRfW>+YNUZ5_
zSRJsd2=!zrtbL%Xn9LD@!5RX&iVZ~w0&5iDD!LPb@K+<?Rw<p2L0|Pk4q{419QJAt
z)G8)UL?Ew5B&3+U6@a@M0kewnl@X|`G$5-8@qL)9G!Uy8ckytJrT|#QrVJ@Q26)wD
z09QQ%Xw^i(Do^f@>Y;J4s(Ve^I8fC-3{?_yje%56LBmJ~sB-uLlXRqq1E)GTD(I+Z
z9rdiEo|W3xM7XENfqI$%^E4T$JssjHJ+UVV-l+@Rlt48C?KA+|lt45D>of@1lt6O?
z(&<q_2>(ml6%qlN9tn);k${*cf-t4>i(~+%7G5bu&rAbf>Ow0eNo~I{@KU-IlnS_X
zXwqRaxXg55naQ9spEaP&y}@K2161j=1yq`ZdzT8NbX?=Vt~LHpU`dmJk}L#LieQrj
zlH|c3CD4omB#lEKC6FHmM;eDcN+9{!vWC>sh)G~b2LK_(&B4<_kkSwS>EK6GfsfoU
zBrK9R=uv7GdorxW6c{59o+yDbi9#6dK@%lWy&rthROq4!utn*RMbn0nfSGP8T+w8V
zi>WY0sSrgS*rDVOkHQn}Lk=a=d>Ck=$pbqLk|-IDXd-48i9r#07#!)#avX-J|E^@3
zBM?NxutLdHhv0_>A%&7D-V1tYBJ9uskVDhpccwrMrNRtNf*3jgawVm2lVF7o)qEz+
z&QvHN0}_<bj6@ireSn~pE=D1Q`rtrmrsNQO&>%2S0@-2cpnHi^4=qg}9!xb21ZXk<
zPzT;8%^LX&ga0IMz5_vj4gma#D>ReAe&VQp6M=pb94L<i^7HTjKhwc|a8M&;rvUqm
z!uCYoF%0Sxf$WKH$}XT!0$fjoVh_wG4XP)>?P6>|$uK<;lKm{9WQd;VfFgj;6nLI!
z@A*jF(kL`fZ2JRn&oo$`=(N|o_<SLG9uJP^;GmmHCs7=N=K%PfxSBNyddC9m#Msz<
zV0R`B+QjoZ4QeNWx7-_M=fSc(VFRb<d6pH+^cnWN7xgWe77aB2|J>3jX;wG1Fk~@L
zGTnvWP78wgZ0LjXsn0!|QVR(%-4;j#`F(6=4pDnMv-v&7DR~EO#WKcknVJr*hkV0G
zsUUp9!PxDQ@hK%oS)pU8ZjWh)%cC#{PXB1)KQR6`jihO&mWm2io9I9v#$ZE5UTASE
zreYq3`*1Qk;|S%U(t<UHV(k?F$)w;zcqhMQLT{-B`5QCwys=|cLj0GismN)SlfSt=
zXPpc?QPYpss+(kZ)Eax6w)?G^mla#_kBFb5o|Cy%1jrmuHxt7W?|;ig7UZ|&MWbrz
z1reczvr+6Ym!fMWjGL3GKAf<RRMT5za{FYvn`iJ^=kfb+5}|uh(#j?nE#<8<l*|zU
z#03a7!nGi3i-Vk#4u3Sw2TIlz$8zETT;c$q8#rmTifl4RwTinSAH?9^P68@1f#q^#
z)|o@EgjMjuZNYc2kT1nmCD#>GQN9N7Z6JMvRD=7#=WME`6@Wu2{*yUs(iCa#08Zv*
zK?Pe3wDT*<3w>BaD-w(dejBy+yn^TTtM(hNd1-8Wk(yOoE@*+72D*uFWX`a0MiY77
z8>6^B+G_|jlnbslxQg63x>GzFwYF+1V72aPUjinAvD_u36Craw))9(rH@&seUk!R&
zXg-f?Af@Boo^{8wGue}dQ&a6uw{4lhgz8OWgy#E-3I$LvaJ$xKg-KlMw-(dS4BLwB
zCB7o;V@XlsrXY~%^JJ^#F&AAp_a)Pe#`?cxUiR1E-Y;*n1)h3~k<;-9YY094d*p5Z
zi+ng4=OrIbeumfKxIfCP_O|vTzvYofuD@14oDAi=LOKbnXM{&XV>|Xe!^hA`!KDE8
zSZE~)dSoS~2u)9p`XI=K&lXK-CL=fN&60%44m;k4{T4gYh#MjAgp*xB`<2zuNgF$0
ze0dnQn-O=dP-yJ4fDJ-15qd4+-V~36ka<^afH45C4R~f%sl|<D5skK%-cjH<OGm1k
z^}2KQ-HVw03p#7T)4+yo1pHeNSiMM4rDVowJQ@z>%1%C*yp3bOC^yv0B6cP$usg-A
zf5Av~YtLGQrOEp`uGSS5O+iEA<=!rT1idsV2z6Qj>ZIV)&o=P%UO}f3rBji*qS=k=
znAM}YoTXyy+~2)0_CvjiIRsteMn0;XN0sv-Rn9iArIeLke~?+fjfNI187XMBw)ruh
zvC<tmCSlL0BFu8)*jn&q3WunNqPAUJ|7>JUXC|DmiZd;AQQ|!9Z&!WD=yM3n^Qjw_
zD>I0ft09`cY&DrSEwof`-T>!0beLqc$Qq0u#P?1eTQ7?VAuPGVd?}XCMtY&;j|f#m
z!9boETm~WAR<(25krJbamqSr8E6chvZ7(ovhZb6*gGQt{$7>V#f<TQeTMbH}F^`Co
zPtzn&l)hpsY_h1S_eg~3L{U?}GF1mp7B#If8K13WQL_~$BSa^Pnh%lo_%NcT9o?gl
z_$w3=J-*w?&oz84^;|F;s}VV?iXFt>pv3eb3rq@JJ5xND?L*e5oHZ4ME4{G4=vKFW
zuQcnhi}UjP+7j`so8X{HGP>sI+Jbm6*S21O$thY)u4}4Aq0{iVCiyfwqcs@h(l*9=
zexu$tlc=v{&Zb6VAB^&CtY+erbdQ3n`l^yk_MWHUSM<8tdD_8l=+Ae6<GM`BJR>He
z&Wun>*zZbKTUtLS`h=P57bZM2DPmdo3~j`^Ne2&3mqcfTQmc5oanTB=A*SU;E#_(g
z63vMitPBU}XEA<TrW9RIA2jov9jQ&TrD9$&nnOJW^J~($aghVazF7BmlAafDEK`PS
zQr9a+Rj3ZoNYC*xjEF~+e5`oa7LZ8lHr4l6^^9z3w&B8@BWNDbLueu*LF`&52)$+i
zK%9mK0z$oAlc#ELI8&=}^V(>mikx&9@`<VHVNB8fNti@<`~<OQ#Dh<HEJW!*vT*a%
zbre2+-tWr9?W5P>ZEG{qM^BjaB9ZolAxO>8nWx2kpun0Gm6DwH5Q|STlG0#M=ETsx
z7^$9c7U`#-05KenY$M9RL=nwDCg^!;1Xx4RL;&`YK6NB+;=f~)Awz+~!#ZAq!C_wm
z93BCy+a;`n=z89dNuDtEulEC*drC%H&=bP*%9R&|;gfDnI38|pf{AQ@&WEWQHmp^_
zZCS?|@gybw9&yhPm06#94)jx$U_!Y+k#=Ve&r<@I^=9(YrG*3{h!RN7UCmtkuaU8=
z$8a=DB7wLo2#Fg7$|E!os@#Yzt2<e2GqCL^5T&Yzj5xf_T@phAlf!{%-TMB=f#H}^
zA{IA??fwE@vtkrYblykznv}!VHpJS3H&nj}La6=|b0(;6IG*&&lvKlRuGNCPhd=>Y
z7~E!vr<pn7;n3p1g0WngR0OZK!y8$%=j08$Gy8-k#?BEmo3#mCs|Gf{-e9WP`Xw?q
zEW1gth!V&bL9?%Gi{?x#$_u|hRIz*5a>g~S*6dJ$g7mphgqq<>DHE0~PZ;?m>Tw_*
zQe-AY#*1H~+(5#?nkX`s8>*(rdvJgMoVS)Y{BcYu|2Z-<f;R+ytYu;SMEir$8Gy@G
zKgY9_`Kj_L?00n3VAmo29*LoJ`QFh3VWX~TwlS%R_zUdp;pJLWETsx{C=tpZOgt4Y
z3r7CrveIX4wPIQQ?<h*Q`RQX*;4;JiWIz4;(4@v>6MXB~05w3$zoP3_H-%d}hZr;6
zLn?Yepv?>NDhNN1sykLbq(#voqKsteO>83MIIS3YBd_(;GzFWHD@bT+zX9g^M!x#U
zvZfvt>7r{t0DjX&8g9XEuzww}n|6s>7@P5pCe3(`jN1*{wF#UCVh4*VjFNPV$D))V
zzR3SHxm$9(<N_OKtSqv9>nKr+NFZ`(95n0DL5|_>bVmAZBF;`MugxHw4I%1y@Hnsj
z+0bG^UV3P4_|+&~^Kb`VLO*uLi#($h`u0t=Y$Z*+h~_?{6tzfWSx>tXOo76ZRyEI>
zf>yRl>F(fpXqV}=K4SAxJ)p}x`%m=`sghM(A{1)Kw%pq&XIQnyu35RVe8+8S5AH5N
z)DL|{e{_ECadNj~7vwKHn~@!ijrGGkOdHL%F;mnsft9Qv&G0OjBvd?`-SVtHUy%QY
zRT7q+U~5|QHn_<8tZGxLo+|Q`oWWz`?c8ozjw0u|O?Jh^*0BX*{Qz9l|N8sjA_}>L
zp~*=r=Q~@rp&c=_F7}p!IZA^(a{$^2ccKTI<W*meu}p`f_@8?HQBtur>@nOu2kx*0
z8EMFXSj$ota=p7QD@JpzqSO^|fP)1lq(>AGg!nQ;@n8XJq={b1s*Suuyk~f4P}(VF
zt_a;qBN<`HxNY?zau38lUPtg7J01GQf5L@j)sn2Bnu2LPv~)qPWFA<YP8dXH)Wa9V
z0KZ0<FwmS~=1SNjD4Ok(Rp9^CLxoB#uevxS?L6mlOZlj4E5)ES1tjuu;2|FZ7&5_o
z|2SZflVKn&#AB51GyuqS+hr2y<Kw_RP62wHU?@okcYG{Z#|eOr29Pj;=)q8q6NWAo
zzVR`D8`B{hlhM(Vz#3Z+#srE9FpWL<#gu(83eb2c@M1FL;&i`s!r&)Y-iSaeCW0y^
zn&DDfp9rBiJrFZ-oF4-)@o}IMr-LNM0DC6GBc_GaJp?df!U{{cWjYLEJ3W76yEGmB
z<aOs6E4<W3gltc2uyEjE9aPjo?gS8XRDn^f*WAff_BM$NSQr*&JZ#Og5_TcwO;g%A
zg~&GjMlLeBH8MB07gW0tJl+l4%~A2g``c;7*zt~9&~`j1dSjV4xoV5pPZ^3)vNp`$
z?<I~KlmRuu)k;=Np68$qVFL&s&;Nk>tG$WWJEo)CEc$n#>vf!{hX&ABl1$D#q^lXP
zCnnNEQ^ySzVr+ul2pYr9f?N>M6p;K8u6YU?2HIs{s~dynS~G^aJMrCI)Ii7U!H5Ih
z^zIN|iYu9SHRADkAB9>YXZFL=*`>}$^9mwId%{5zKL|UVN)K=ftNM6-!|sxJ)ah%y
zxmU#_XX}c=*x>ep?H0;aTQbrJcFXj%=Uf@DV{SYRKkAkHtx&Y)YQ^;c|F4(wjjXNT
z;Ky;H8zCe8`Z=Z6)oZP~w<Ty@jah)+07ZS=%(Uv766{t$H*BlG+jDMR$R#aoVUzK*
z>HXfluI1*>)`HM!KxmJ`!OqtZbbuBGy$ye2m9!~aEz#bM0j%89awQ6Yh2hw?ZQJaQ
zZ9CbqZ5tiiwy|T|w%JL?cBbZB%o9x2_YCW9{hiSm2;Bo}32S=Y!yo)K`0SqiZ_eMz
z7_nyJ#nu{eiplyCFgKOhv+OAtMxlgR^tUTW<T$04wi;@Q%z3_d#~UuSK?OIVbX@ou
zxL?;6@b^|JMb{JT_pskzgP$LiZ(>5I&f;~EKlR@czGN<f<7GC53%*?c*cM~qjsvrt
zvN@5)7<$pP6sW+>y>?ERzsvowRFk7H!Uvn#{|@qYfKOed?G`*egEi^7n$Gp+2;(!;
z(}<@}Go~vQ>^?qTZoCyOx$TTFZ!-N^Y}LPc#M6-<K{DW-MP{IHN9p44jA4VI2iCmR
zRugM#Fqn3PXb$^L+tHx(+UA7Zd5bcEzNWP~raC_ID5~k+zv9+hm5(yAG8t!@=$j5u
z=Ux3wF(b8oIqV=QV94%#<&|e5InqukNqnU1j^2Hh4f#a0qp}4Rz-D>6d!)qh=Tu#t
z#p+FLZ}dqYw?qHLkr69&ejX0Ndb;NPGF2+wTHaFvHSc1S(KweDYd<BRYyt0Zw(#{n
z0@(m6<(MGOR#-cT4bJlDwd2DD6^@othm9Fx9S;^<1yeJ@z+z^eE$}uA80Vbrk%Fbf
zQLUTk)KQt@ETj%cawv&zo?wrAIO=NLnwU4|)D)XdaA8;%|0ZM!Fw7uDW>EE8eGNn^
zILolB>RftUwnb@YJv|I{_uo5<pUqiG%od48Iw6BbehB*g5tGRcSD2Rd@sr>>3bgQg
z?f0=qIvM_r_k%cTdc{Vlmm9!i<Ku&r2%07xn_WuqFh7`khHJnBDt^}q3dKeqyfaXV
zBQ}7K+rmY#Mp(wq$UQH?s>|k(b51MRsFD0}e<{mGtvL5Yhut1$gyy#}EJhizeCu7D
z3MNPnmv9~AtLXWc&OHx|+h6LM*4<tKDy6d}`r}3Eg6LEZi_HSN8WX#FSAQbd!U|PB
zkZRR$mcN+${?9fmfxDJ>@mC*Me)C==^*b`KZ9m6ZGB;7@DiIxh0#oi`3vDUUY9ue2
z_pKVE$@`B=J%}&BBPEWD+%ofCxyJ{(Ik?}pK|w$`rL)-%Bh1R-vy^yrPV5%Y9<nNI
zzaM*GDRKoxeQs#H4hGh002;IFpM`yyhG|c}9t^chhHPijGsxt|jhPOXu4S2B3)e}s
zL$3@ULA3FLa?Ij}{;C+(2GVVkgKRXf;n;!9^l$#~E{(sAU}guPnhl%*(J;3|68plO
zx*IJZMMGrt;o_}PSR6f>=KJTmjkmBv;!c8=_RTYad^isf>a|0uK2C5GvX36DsLprG
z-D-UV4v(+ATz#!dxeo1rhHd=%eF^qnFi1%UIx?BY%gKhL$s`hVCbuk59L8MQwyu!~
zzMN*THW&pDNwx>XfGOU9`dxDe`6JZp^w^TekbN1xvKpgy^%yf*MkTAGlz1Mu7~ce&
zk{6UtE^diwl7ec@2)LDD)<}j|{|5}k;J<KtEK+hV+lZs=c8DF?6utG*s|E#(5Jbne
zPKeAt08V>6ZX@<b-(%fG*G&+ao^}`c&anvBrPSd&0n|ru<grx-UhU|$D+|lg&k~Zy
z?2Jm@%m`Kp)YlXCF)ch^Y(v0rv;FpNAXMmrf(_F@(y5uk53f0)RCBpK&8<#q?BOis
zX2r1{qO2R!s{%bXN(IH-r^(~RCo-5;p5+C2N!onvyY%H68aeAc^(oP>8bEb`OTl*Q
zbllt+h-iL>lhG!GRG>)614C$6&nYmFFV|%Mx9Q(-Ov*~FU5E>I5%PnUzS~+*l=K^=
z9|b;iui#eVQEsoZ`BVCRhscLkvdc7eeifOpiID!oN)=zmHqyQC$<fjvDA=Cn$<?TZ
zHiiCZa{kLV(kswBRAF0SH0}5C6!l!5z?SN*WYl}~59a5Z&dF6@dNnA&G)dFIV`Z}{
z8sdv+{vfuI<j;L~>%U~?{QsTV%<Bj2v(A@1z<11BvkMvs%B2#AplOw9b{_^*`IUl3
zM^r0UGLH;bh_l;jb64vbqph&R*sin@_rA(L=i8Nr#wGA5W_JO%H8(!9mz;qI1IPh9
z?H|~?*mvUCv$z8HAjD%gScr{zg0CnijzSN(*^{+}^$)R%iP|~-3Wuu{X!NvPX^5w+
z<^gHt)5fh~*X?Ys@DD%ZD%HNgq{mTz{Q{W)jL=|kbQXgr?j3lpF5s;8Yzvd$niN=T
z9Gr3tkW|aqV~2KgNz64CqdjELEOFaXz*09Y4_l7fzc>aQ0oJm989W`cDc+~419Nr+
zJCak04m(csT=c9iU<*!#-sE9iU%$4}9rBZ71h^Rrlx<fq+BcSi=aT})=pdp0A+Dk6
z3_S=VI}DDukE0!3ppBm5p&@}pV&RoW{Kc~nw+ZFEAYTn73`QH}Vk~7?@3$sCgBwDP
z9q<#NgsN$7?mPT_Z)D^Fe8VAuSnxJoOWe71{|S-eU}2#*(AuN*6dD*Tpu`mL<FC(l
z`&q6fG;w+ir&TQ4+~W&6af*>;V1qFyz33&QX4e7CPX4+MXFx2}%#sO}7l1tDztM0V
zsJaIEjg}vSf3+>#f~*9aCSQxGPLtha9c`m=^ouJ&H#fb_65GR<B^SNAo-MKXiV)}=
z5vtrn&yy<eTAH@Nu>1tFz=@s!pWZc@DGxdjUe?~UTWZcukmGXPx&V(`WLDkBO6gS5
z0l#`0X&|>HM3|%tQQuYcL?z9<#GN&&g-p_$W!XBgv4fzd4Z)7HuT0`LPNbw`$3`)6
z{-De<Rk0YATV*D_)*zSsz8X*=Z~iOQ#imUZ(lWtOlZI>&%HO^u_+cHN4jl<Vq1Z{@
zk`%{6Y5@8>Y+}=Q$L23SviDXb4->$3;=<`F1ODFj?(%$KNWg#h29|bv|6ogwO`-<H
zXzg{NcHVnISGgn;-Y{E_^J{+FI@N8Z0oUJ6^Dc{$;xw<;vao^3Ls$Q;JKG8o7}~|@
zF7Qv5b1LMebR)0<X3Oq8ZU4O8dTpaKm+`{m>Nqs#Ah$ePO=a~AS~36pv^pN3V@*z?
zV`Fbv_UNS-V>3oJf7X}L05t;aE>LfTw`y2hN1q4JY(GhbsD|h$#k5|ov#cfiaem$z
z=?duX@cg>)Jw_Oe+1PE9!uOx*S$m|m^gVy3nr+ja1G%NzLY_Hqi_-wc5E>H?fI9m8
z6^g4Ue8#~0RDZ~fSYniCU8h)}mcC$xh>%B}08=zvy`#(~?bKLpbnr;!_ZK=S%~q?h
zpnZv^R0)v=e;XQFRoD@ynTVOysMQ9Jm29k*5^xBO9pibI8(^xf2z<zrHskNSh%G(L
zC+FtDIp2M8dQGgzcLy?J)m<IlD(PO`JgOCX8Xef_e-eCX$zZzEZ8Y+>2sBkk`Ih6j
zdsKG811!em<Y{5s>7RsxA2$i@yZ7F&HSFG;b#Vnzy^tilsqvj97j)qS0HV7O_q<+|
zY9XkOZa199S!IAKTKP)cBeXDW_KHvwJ15$4dJZ_r#Z!g#vG*5hcISJi(nsMUgUV#c
zj_owaInP=ETBC`2ST$f`8eBBX_XM6SzKJIIM$$AIE7>K=^Zas^UdqbpVsm3<%r(J;
z3J9PCZvV~*mPZTDmz9x%;5L_{C-Jda7Boq(d=Zy?h2hJ1;%pFM))X_r8=W?bE%3;r
z_fSnZcDC57<81)KkirgpK2lf!71b2-X9{53RR*J~cKlVu74mW!##>WE&Hej!{6wSa
zwL8KC$sf*Pd6O|)Xo`a|V)3@chb-MQsN9H#3FKhe$)yX;DMYhLd}4-#j0X&>M#WZY
z%u-oRkB4=Gi;K1N@m*RS`d+nh1*8|{B9n`l49nt^{lG-s--Picm<)BGZVqzJ^mZVi
zCsX;(Jkj#?ZO;`|5;OxkxMui%!k`$(y-Z+_UAW6cVfho{WCN_}%1)9fM8|e^u<ajT
zjwx$tCwcmVe))5GkXYXVU_sb#BdJTaf9H({Uey~;`35T;2%2d>8@j<8?!TB-S0-|+
zG_XjG@JqN9d0Zn1`y1Y6L3SuFqL!q4BJ8#-k$wbT#omZcJjtEoPitccF~D`SaGnzt
zVej>J<t#@z?CEa`{f&2SUGudx$xs%Od!UA^s?B*<SCp`ecRm8Zx8+?=v_~xh5-zIa
zWAcC3b>C#{Iif<$|GhTx<MsrAZf?MLb?qw6NKLfSS{q1A!Ve{_!6P`w>WNBZf!bq|
zGUGyFoy;+oiMc`!IulYnXTf!@mIQVsF@D3w2q@ekASMk8N;uFm|4qW~-nDw$_cbp4
z4Z#;^+|JFN#c<CPWihuYJ^SdO*dOiP3zCPM>H}igN6oSUEg4qiGs%3{yzacckGR*{
z)xD-Ic=<DI^Ha0xft<H;JH%OS?=?yW7veM^xa;KiYBCv68xxh$9wklf{ShgMO!&7w
z?%-B=EjV{n-Duk9c<`32p!SRhLm_LNEO1HgU%ua<J2EbruRIt&eWUap;x^LlD`Q(+
zg#BS`YPPygT|@6v^}o82M@V|^<7yjfW1sKA1VYfP+WB7ZDyacYhCsRO(0CfidO+%*
z7*Ff``R0$=SxB!dKUrz2m|%c%b)epX2u~7tRd!UHT1>WZ@V)tR3pEd@;%-l;=iB>=
zN%oI9`ORr-4tMm77a<=mdjBxmL9Gf&`(z+_JVHkHMI6x}kjp;Ow|YJY*`4LzU`i8`
z4KpSutJrc{6b&4~zfKd|Q{Ak*&rcOG8=iAlPBK-o70!a!`7w|;FRYW4B`OO3%XqgB
zIggfl{=KmlNv(|5P#li_d)*0{`kAV(G_BkL5&<iWYOL3bIe?=nG$F?`A-o1Q5#FYU
zEhk6Qsm<9NB0E7!zon`J%Nh(ry#xUcfpw_a=gAlsW+o>FE1N)PzGRK1kD$@ArH?$H
zRZ&L566xDx>5KJy(VEBaTECyjs+t<j1-)MaDv<0%LZ#g&au1By`H0++QyCg&yjuRp
zWW>ZzdD7_DS8xfZ{70cqLZ?cd*{MV&4F-Sfki8upo+1LeRDT#wU!T1)fk!`YJb$_*
zIvRo^1+$cAy$`7}Pfg;)O=y|+eCF`qa7+5;RBjacxNlf<tk`xBoTaAHWntegpnCY}
zqBE<qMz29O^jeB^HJYnN;HFAY%EA}7lA``)nRAQQk1Gqku1rC{IKFNILTDeUUfK{b
zh7ccRuSX5n9byK;>a8-(rJFon%s^i_gCC7qY-nWzuL%jkAPQl^G)ph_hla{|t$HFl
z8EmTiwC^`ra~k*)RwB);Wn861*+QrwBRV70TPz>;$+#+O+C-3%P@c}0$`w&-ZUa8!
ze?-m1X(qHsfnWF`p^1aUd4jqLKkc4hh@rx1t-l&feXDy5fAfGym)HM1ykBKwJy(8E
zSjO4&@RJT6n1BDf3FsqX_JW)k+a_sVkCekFU@()X5!r9F>`)(m7z|mbptXJTR>gNj
z=<$ZnTgeCut5KBzF^i0QFD@&}M+Gk&VpqAvm(aNQC&LAZY5jB1Aesf`iH^TeCq8nK
z&x%BAoqu^r+1^EsiboNNCEi`q4F_tEjy?riNSq<MD5%ArmW=&pW}W1uDM`zh`%(&P
zw9_~h6A)?-e{s+O$8a2t^~)sT>l9TL$)V3&Z6MVkH}K2TC}ykOw&xzRu2kYuSt7Qh
z0Tl6#lOsh(%a!>We-R78x3Gg7FuGmh8hnpYjn6KR5?;B5ked5XYbBVm*1qMBCC@$B
zy=;ms|HvRK@UQ;nVs1VV)9&B7iIX)OH+_+{PNraeU%>c<WW7~o!)hd!Nnutz1WGoS
zO=wo)J3|#xCRSGKTLGkFTcW8~fpNL63tgY!t=g!~zAYCeBK#@w=yy=I$g^m?SvS#v
z(WuSjoo@$RFp1C6CcxQz=mRYE#4Q0ML&Rw^iU8SV^k2{%pc_db_fAHz_)dnu@-Euz
z_4Xodn9E-1ve&rMU*W@==fJl<6K!(4Mb1pr0KY6YJBBHhAqy|6oFRNoKW|sYuZ;tV
z#l{2Q@eZPiu@{l;1ZRqS$LBBE-#a+@6GtkYK6zx7Tw3${SKk>zWcv%LtaFx((f*7L
zXxqi#(7MH#7N`c~>&7TgDh=G9*P)Dl@hZl&ssb}f1w6by2WZ!}APc1x+O0*n{4b0M
z|DEc<0%y5!7EinFD#j6Gtw-sMC@xKB=mfEu>zJht?sPS1ouAW{k~%>Tai2b^GpYCG
z&x0l%y8ttTTh4aPjp^$n8POLE4Dda>B!uW%2MS!NcU~J{GD={a)nh6KTQPJhjjbA@
zbjW7dh1J)DWj<P#uK%2I<0X)uVMmAsi-7{bCdBr3-HhcVI#YQF%?=f|BT*74Kd+^5
zIxH#4T$9#W#LO%_n!-hk`L{fd)nBKVRoYm3c6HSFUlBy3`}E~aV}Yho4_pZA-<asp
zA$moM*o^#6uq$1U9K)mKeZ~~WkC@ZTIBUW^R$D*%0wbzZ(eF_X;^)G@*>o_f;(d)b
z{Iw+3C`7|rpBO>c^*2$2<`Glq^ipRg6fjOw4HE{@GDI1DAM&tpNwznmGZ9gA+$Alh
z>UTGsJu%#362t`)l5yxXd^SSHiL@djj^roEyDQ{#o97CCS@nsNtXZxQuCH$+IG)-y
zL%_FgwSUAmV#0|K^)rLRFwPrga)PMAd}_^U<JY4wE95k|qN7n1<VHldc66hAv`jMB
zNj!{ol4<+&F{f<SM}6lpf$|Z#;D903``xTFpF`raHLR#KHwh|gI7%aUcl<i#FCr^n
z2UXx~Nr9{+%C(j(->e_1bdOTt^h^3Bs8Qi}e1{LugW0wy|D@Y(%S#vy{AyuVM2nYZ
zTeRJD#}eGw9gK{yflHJoLMgyhHiCNh-7HHW+2`bg7DP6qB{vuB7FiFnR@AaGKb2vG
z&qjny0!XuC4ewYpdo)mGq%T3s7}k1bIlu5wRES6Ksl2|X5&=;eY71lNi^4jxNHbuo
z+oH!;YS7a?oIe<fy0&aouKb#fezAD$*bqO?W==ktSQ*Eos~l`qyY&yYjVAhqUYFrk
zz(#6TA8X60iQV$a5f1!A;WiQbz6HdVT<vrsTg;+uxe>dI#iZ!tU<<v2Nx-d8pq9{^
zQzXbc5qr-LV4Nujf6ON{B;_>IUjJ6?l`=t>Mw619lp^`4b|?0ZI8D8yxb8wjhZ+Dn
z4DpcjgrdG+GqTn1T8}1YG-+1<`M7;_ZR8p0kJm7^yjb~+4~>$8ngX=0`B<8kTBB6!
zsHWTq>})<OILn%R9LgGj4FP$?4GC#5T8k2X3$PKolSEChC6*RQ4FC!H!5cIvR9nd`
zUQfvAvoZ3FuXmejYuwo-C4_eiZLV>c^LGrC<f<#_s4h%iBH7aMJG9t*eB7u@-O_{J
zmgyG{`d5<%e?^{6hFWB{QvzF5?ue4lO*Cd5I+CQP#PcJ&fUq&CMu`cqa&;ea&PUL)
z6zg~(P`a4BE;X0dFKi^)SG#{Fy5|Pxd7kP1AFISAr*0HNOcxzBr#z2ypw&!4k%R@m
zpJjcdc&ScH9woIdRK+f7JZ*rG@l3|$qxGM@3$)6=_St+U&{c7+c6Nrtvg~BF7px_n
zP4Twm`}=M|SgsM@p|7UA-0~Sl8K=COb3sZ#Up~m4p-EbyK37N8_U(+R>w=ieHxR9*
z?Rl_CxV^mEsHsPhdjTBg@M5YQ5WmKA&hOen8{`Qem^+owpRIL;6g7@HBVpr({3viC
z0)K{k7uXc$aWVNRm*z%~(HqlmEwZi1)vaN@%Yu@%MFIU}piJ?ur8rsw^_K>%e?)ph
zAMusn!J91$2caBv(jezR-ibKWGt7auyWnLvlD&3qCCc83vc}i2DxCbIoVT+@&)__8
zSgAMXH>{can{j3~aKW)E)dp2iDTqtpDFGoECve*z3fpQ(sD2LYa0Vqe67WV>RE4Ni
zC|4F6LiwdNE(M|J!rQjPx;nLX9zHLg4+(`m1?>yh3?8AIJWOL>wZ*SJ?5i23%v%7c
zjxg%N5mR=@5fQR+y`MQepPC4V2@RYEwq6?!#`$`AKDk*qjo(o4E)8Eeg3YNwZzq40
zW8JVnt4=S|7rcdMxtB_Si+%PqQ~y}apBC%Tti+QJL{tK51ofcmTFq+E8Y#>ra0DK%
z)NM3M%StXZx>`U>32r^OxDI`mC_wmjL-fI%f}i_f=DWpB)%QZ4GW)6hQ(|XHTQrq$
zN3>HyR)b;>7Ef_!q@8c1^zK`PABIvB$s6}eo*8Zucr3>%VX#3N*QXaT0%(!Y*wJD=
zhZBb#27AbGo<6e&d3}OG;JV*ttRBc8OaBe&q}A32g5L3X$j4O2lv+QNJ=ypgZgd7u
zyDGG+(e?YuiR3%rx%Y?n&(`FF|85^xsUBu!D0_-?2Sv3ErFcxrPz<Gu_+}kFKXBC5
z)Ewm*<O(Wl`O^I7g}xiQU_nrDr{6cRhVw3_*7(K7*UxiL7{vIq{~-&@6V>PpnB?o{
z6KD2jQb`?;AkgJm&fPugmgE7h2Fz!J#Exro7it*=zhu_`y(55+yaC6Gt6X#S=W+{_
zWg0#n)+SV%B|5uQ{ddE1wkZV2PMK2s4{p8Kum-nxKUa^SgnxkL^BkdWD&)#tBf(rR
ze9dXl%Sw(F-90ShbX(Wk^OIIdpm1faQcV}s%f<mdt|;SqEZR1REvKm$5y?y-?TIpp
zLHFC(46uF<CcmljV~s>wa#SB&hlyo$x7@csJc1PB`BXH^Jda?9_{R*&e)sd?SP^t{
zAU}YETLC~683@zp5bCr;RCYCnpShRDkgda!N36_BCHL35WN<ZZ8dVrG9`3Qj<i~LV
z9cy&cc_7xBN&-AhpQ|Qe^H(#NCD-%>trk4tXG<E|E7I+tXcl&G1G1hdB}R^}7GCtg
zseuS<J_r8*W-sn;#iD(oA$(=P6|fhc3?k|`+B-?d?*=vok-!0eGq_8-xmB}~)Up>_
z8T+_?)NrPK88|S`cWnjh!Z*jqM6aa);xbYUmAW&rmCO!|sc88e9*(xR51cASJT)2o
z5&Pbj5}Xb7)8Y_GEg$1}Gww9}Q6}-#$X^W&<dAl|K@e&+cFQO_@HK{#4Y9Q1)tp6I
zy3?iv)7?aQDkyInY9tC;BPh_lvqq&fnd<j>u=!a=_90!QqzUa6AbPmi18{}-i-RoO
zmD}`LLqu=cYapXFxb~cXx24wghMJ~hMGgfGgkcPqFnXqkELIdqncEBmC<YW8O|nka
zmP*Dify?9;8<E%<4J2q(OcqNvU`@vf8fbDjHSE)<%PNbi_X-l;I;<r4Vt{_tAw0mh
z%{YU$!aZKeU3li7H;7`!W{FPOtc5PBJ7Jq5TVtkovl*weQqu9zQ%n~(#AzrXx<35&
z`V}oPw;X<6kC6`NK&EFt?x<xcwoOOS6jGXT3SH}HwEqYQwz9MjbLN(Z?JX@6-*AWz
z{R2;c0d!}rSBG?O|1lBdDWfmR<W&P0U1yBBY}%u-hpY>EkAlD=f~yr+es*`PQ<Rt(
zMrYbztC$H*x0&0DElZ$M`F(uAT9Y?E@PIsoY`;>^bi1KI^LULBbPR6Dpm;1aN45M=
z@hZ4|Q~7Gllwh^wK{R3dy;Uun2jfi6HK{Lgn4YDwD@D4wkX{=kniEsuBYq32mX0d0
zJ-Du(-QoMLD%vPsnIqR%0#hT|)d|+<*;zU2I@{^bP?;fC;m&+JicQY+l+jYb0Cn`m
zAi`9IK=3S_OCfaj+zZg}W@M%kfu_g8#ikNAz<MdZXmh)V@!j*SEmF~s#0JBdegpc6
z%#KeN9T|VK^6(eVqeT6n3{MYvRODZ&xbr|Mok-{ypU$B;Ci}VrKsh$kKJj&1ygOPK
zmuWa52WGNS(U1d0#9w2Z{DVGF`v|vgFP7)%OlI-q&_o4Ls)XoP#Kk39gOlVW4evOv
zEcU$*%R%E!vt!u_R#H=?U&c1I+;X`O8QR>{@$!KyF+>*4lVf-Qxj$t#waVf1__K%i
z?1TW{X(+XueejjIA!td}zeBSUP#%}qBJ!Kv&cq!P4LU1Gq0xk(R-z?SEU>dvokjsH
zhWzBdU140dDKNBDT-tm54mI0XWRVMHBH}q_7GYd}?WDdBPdC}lRY@V61bw*_9DmE|
z)H{cmbw3{5PnbHa7ceBF$G4Bq_<^jE;jpRY0vPUTw4041L$~!n-Mux`EM&_fla#k|
zQJ7N7#21X*wh&1~4_kUmlu+VK4@94PS_9J{TdAtN7}*fqj=giyN`Qqlf$F~tQ~%5@
zB+qMMA8J)?Nf~A89x-;hjyD(3Y*`08nCXcf#hSmww@hMU@DyZ`n{46A*cAp+DkvQO
zv232!b3K`MoG+i*JN#p%DdBewFdPwp(qe~o60>2{RC_>R2=pcLT+<*b9UM^^CR9cd
z7tv~p0nC~8wcvH!bfM#3GU;U*AsuQ=%%P|KYPrw2x+M%x2&C>YNsMp-r0~J9w7Y1c
z4|d6gAUQCY<)qx&+!MaegUeVNFv7i6MEa-fUW6?gZadE~a;sPny7ez|9+qlP+9F79
zt3o(ioYn|86|wvf9<Gy@-2^Q>g!Nzg*X39(Qmy5jrZP-viB4QTo$W0A#*upJ$AAFu
zD9I=F3~yk}Fv48fe{I1Oc*~iOt84o+IE#*I5AMp=MJa#0JkX>IXQaTv-%q$ZeiA&W
zG&jMG1-84#EX3>+<42+Z^9vtr6MEjoR31Xr*;_efYJVybJLXJY$gNe7-ng%rrnjy{
z<%VFx&K!k1R0})=|1_EEyCmub@kSc`#-<NKUSQvtA9+RA!tTg~<!>%Bix+h(q8i9V
zRuTt3&Bpv9&F!pYXC7Rcogm#Ay5~*r2S8jhIw4}F3NSF>qBo#Ey;-=XbC|k0Y}5Zi
zJt+Z`(f51Q2@U;$ou3joZG0LUVh<f8zQjeqZ;^HXi__y=|L2QPp5uT?E^~EX=yOCD
z=u4*838<Q2Mhwm$3iSOEX&I`TyYd#KzR{*4)(XSlzxXX3cBs-_*d6%<(^0#~69!UM
zN0^`RH|!B%hv{WfA+YufV7b{p-(-TUx9ap@w1i_FhZer5p=o#@Ch6{0IEmt|dUChP
z5{{v&U+rF-iU5X(^!M=DCIBG{J(<;{zWNc(xfXcDZaVR2qtOhApndNmKWhmDrzlQB
z+<m|_Z#jx*ug2<}CgY2Z*t2s+;_B9ECIRf;haQtJRCRjx76mh{4=3kxOo)d3oidhn
z)j-LQ{&5xZ?>IZ^p?{d?CG}(<W3HQ{-xeUPCF{8Mp=ImPbE?gRcX_4;KUBRRfA=<S
z762un!C9LY@~oK=0R@r&NJKU>cFjg@g*>Q6D@571RkTIQb0MIZ6M;(13iTVunX)?*
z7Isg5<VgdGtd?HboVym+&5WPb67{drZl#i7a@8hnWEIH7h(6=;81epR!V#p#3c2m7
zNgQj7uu|u~Sl=bKIRa};R|L$-A5}6LF<MAN!2hSges#D5=q5@<8I|H<2y@^0fI^i|
z+<)}K>!<ZyuK=zl`?USxMnc2)v?~lI)Sl+C9LT0jAYeY<vaifW*TwKvUvCrDKG+1o
zk|$77T5lNc)JGd9;a;LTf>v~I^f7j^X&d8s1vpTG?lnJ2iJ#4ctJjt&$r|vz8t|OC
zb0;`h4XC;+^ZZhCuOGqnqHcYg!!%2vxRzaFqEx*p34aluBs;i$(IWe|ceJlL#K2t9
zlDHmU#w?V!$SkCJtb?Mxv9WUiv#wzBlH*f&7f!8md7iKDsNJe@Yoz}qbepJ_KNIfS
z?+=GcA;bvL|5;%k6Dd;duG?r0x^mD&^IBa-xvRYHzP)C3@KRTrf!!DfZq%CZo=s)&
zOF>;_NfIe|UNhnEqZ7v#;i{{u^AJ+;a$`~H0pE{RC_InIPin!~y^Q<>q_Q3Z9M+<v
zdC$Jff|-1LY~G{l46)?^OMW6;{2SF7{=J0&P$WT<9PM?x*W$(Y>#}Aly@*z*3u`Xx
zJ)e>27{C*0<p~uK!(b?9Tc)82p@41|U&(!iA8dWqQV$<}o#Lt+kp2r<Nn=@H2g()C
zB6B8Zhvk=K;`WjfA|>}>QbQ8XFKiXF_=!Cky7Bcm1*0HGAZ7E03Sp5bnagowi%lEs
zAi<#n=Y)hZ2LOOx#yyw}`co}xg*$d+qk~?i%&IPfuyB<d3IS^lo3P4ctC-wWCsWCA
zt@<)O?4)o_kJt66G_CUt4WS}sx9N;A65}4n_0K4HP<0i^@Ig%$-3d=A-a2EtW2DL2
z_<0O*WM3mM=w6PeE)&6Oq|*isc7A&_zFJ2cPO=SZ(Ag)u7(Ee+c;Pf-#(3H5q2BwP
zugvbPsoL)`mlsaO%2Jo?!mik661ao__H&Y>j#;;3yEE5OB$O;0PLF8FH`Mws{y=Wx
zPcv#~$~KEYn~dtrEDExd0nd8MUs+2^7a<^OC@_fq5g|r;-5bRi^^~T`-W&N$Y~+Uv
zfjPz?%AUhCfZ*iX$CV`MUW)r1XE4b|u-!muXBSh%CUrBGhU5rukFMSq{!?vsBAW+i
zB9P3GbZNK*v=SCuTlow}IFw=ewhBk6Zz$!OB95b;4|o2g>vg_J3u<r7leBU0W`m(_
z_SfQHa>^SVN*}Ol_FIu*pagNI1Ea|Tl-bPY=@_@K2J5}IbeNI2QY5avsqTkdYuN_c
z4VVnV9$kizvKehE6@3<C$1NpW7<0K`lCbh*ZIMju1|MqH^RUU%=G8`E*I}ariOt@h
zR4-7T*6R<%i#z~03undb;0eSWlEdbeQOB|OiC>x?#0y(9Gs5Bt<GH!@09*Qf;&GAy
z8;ls6Go2Y$1<r7e(PKhN`h>dn1g3}by}jb4eju;{nly2fUT=Aj!6Ag>;goZsMTf=i
zFN$)#xotzmxiRZ#QX#*hfV+haMi;mP+WoF_C;~+S=~>gHUSxR)ocKOZ^ZnjtS0k1V
zqQRz9K_1W7p5F@-k?mE9m&KN~&}7v(v6qm+v3#QH@4s*JQe<*n(ozjWqf=v&dDL=H
z0=sz-<?mV2B<5H!bD8s}j+#Txo3u(k3Uxeb$KabFb4^)J3(Fq1SVq(EX0xg6kMw1Y
zmN*!G3Et8ehAUxZ!4o=|{|2reS+R{jof+4m1z?=gYXZ9cHhyhl&20zARUtBoluoqI
z%ze%Li#csXW@sMKm@G25tu1X7q9gJLztX3txfkqC0Y&@n)f~1*dCD)xaa@B}RCLy0
zV^x`xg}X1?DCZ&dnd=$3dw*1#p+-`!aWjR$yH>&KAiE5y`@28J-l2mly1JB&P8Y7N
znR4MsV@&cB8wMKMPCTJ>?TNEZf2D2tMNn?s8R{Oo;c#?6G-3A3sUImOOnn6{q1%sE
z!D#f^tkS&@o<r%L7j-Bo=4!XK$t%~d&I4pfG9Zj|yE4$#m%<S$YW(%53ObcQl6_m7
ze^E3eaGaeuS#@m}_a=C1>_nAPcjFkmnuy0o0ElatELoS1o?YXM1a|yZzb{<83Z+)X
zbiaLSYto~pn`?|G(w!%2J%?NA^_|XIt(7#+Zr!~;qVH+@`ofEG85e@sH0REM_bf?o
z2ALLpwHnKah2Ud;Wp^R7(SfXW^bX=tP1G)XOrg#={45@WHd9d+ea`Blrz>Q$%eqZ2
zK>n<_A7H{;NX{^{nn#%|tjns{QZWrUp&lJTM0_yBHh|yba?xwFEqQlZz6J`upJxA?
zTDD@l;Sojo?h{l;B@%XgxXr&%f($|X@popZ{gUAIj>f{Zkt<8r+Zh{hwCi3K(lPAq
zC3{|znkn5=;4!D!R?y(WJbD>!(Kf4bDm~WQxdFdw?K*F)X68ALg2FR*?5hRH6WIkh
zRhMty-D7s3Rn=*M!!5r}uM_=Q))~iK&C;yT@n@6bSqR<WR7F}8dbG#+)Jo}Tu|X$X
zV*6vt%xG0Ax)Z&Z^Nl$M7eYMT+x6gmjpn`S?^yTwdq}3Op47s=&=I=#uASjnzykS<
zuAF(U0G@TD^U6s@Jg>)>ixTKN0<VLqg)*%v?lOm%Jq$SE2NShp&P!C)7L8}4lN!)7
zW}Px#t-y@^YfBt+l^BxUHzgqL$~$ltLeI&;yrai8TZP(sJhi5&dLO3_xNMEpn~B}K
zwDLSORj^%N*ctkTQap#e2TG_Puyl4yOJ%#B$5NNM|7TOX?C@QX9vF`APC@J2Zu)bw
z`ALEaO`}=`D{h{&0!es}U-;x9!&Gm-YuMA<-qq<V-rHihUwA7(>CwcBjZ7mTbTS7P
z{o0#LicY1*!4n-QAOhKerRS6K&v=8GzNF!RJiMw^gPAAvgT+|b<a_&l5=2?T9%XsO
z!>_uKR3_UQrQ%K|c&xxJENcF3`SXwFVnv~rltVdb)2{{rcuwKmJULS8BQx(qh{i!k
zStPVp57nhil)lQIyRuN<t0dhBO0Hhi`tu<Me3+>`=GZ%|2HlnBhGs5XmjPm1#<3o|
z1$mF6bRM1@1w`MUmG7_qrHpxa_&dNy!o&*Pf@NCov9?~2>>Tei{t%A^q5iwmbu^90
zL#<@nkm1e|A>zu9t?FXLZ)}lTQ2*3W0z1;Slxk=|eT&Op<-?06cDh4-S+y@Q)`*ya
z3{$u)hpS`D4!!+NJ24mqvu=Qumihfd1%MX5<L{V}LPn&aG0T0Z!ZgB7{pw#pv_x^b
z{jaP<FDnD);$~Q(w|-;>40j9D={{Cd&jt`;C1!Apx+Hb_KOMr1R!&-yn{?7d4#6*&
zWM8OTOy>5I2gHDoaPl1l+w14e&hjm}hMM)^;<;(BfdX$}mksd4UflG;DUH`+YzP?R
zMxDZ(Fw&L;iO#3lW^SikgHIx2Ls$qe7G7CXUQ+W4&b)3ij?#W?f~vLvXXCQr?PmA;
zTlb;9Y<5Ir&{1gD&kwr4XP<djcY&1<cO5NMjtZTHHurmIeA??S$9L@Vg|tUhQ()=X
ziB?dKF4oRh{GfttH{0)HTZ!eK+8~~hZ+klcrY2(dsOR_}Ax}$ln@=Undg2mJ1;yAI
zt@1zhfe}A&6OQyYDKhd?WcweDSfn#-SBHom_x{~&Lu&2Jfdbpv4MW20h5@2Nwx3Jf
zSbH&(pJDQNrK^|y4n08h7^|LV%ZMFhN3Wls&(3qqC5|v5s)%3(iNiyTZI_%eM?|7}
zGbJOlbx-#(Tr|rlJPp1B6faIBhHVdOXm%9Qb_HVGT0l=bX$x0#IiuWBUXm#LsP43r
z0#Tu#L;M{t+!)S|@z9yBe+}vs{|f(WW4P639_2@4_?IRzDMr9tHk86+0QMdxww_BB
zAoZBrvgbserghOdj2dA&!?(qLgrDV9e~ufL%d4;ed?3dVzBn}&)82keI3IO@$S%L#
zC;xLI3lsFJ`1PUM^7S67YM!)LM^~9D%xDA0(tbPX6JzfARk6sFcBJrIR~|m6*CT@E
zp|xDN*Q0h#Pcj?ed3HtFiWl`<H26nOQ;nwC-Y#Gw%FQ`1K{You<hv*2tRJHlW(4!{
zjF4$eQwZ9;LKfN`Y_RSR&~oGK>pk?VFQ_lEzCCz8hgHDaGlL!;9zJO+PMOc^?S^Bn
zTGJDHu9iYQjw+U)28ym5`$Mf>Hpb2M<sGVm=6-Ci4@CMp;OqH?84CO7=ror?H%X|<
z!^y#kO0caR^EW~(ZET8L%t32-`sQz>Y==<N<C$7i=5oQ2QUBA%My4J_T-C=>c*9`V
z8+odTOrqDHAxZkEK1c!EgbU->El~`=@1?dng=qlr$>D(F#+n9)&+`f#JG^SWh3XdG
zG->{%Yb)UA;xMMV-e{Ml6VOjqnXW;%M|sWqy=>2KSUg2#lIvb{REK`Nlf9KzZa+j0
z+zDQMTE430i+Wqd<w@#cuMpl*QJE<L;nCw1EVHvW>OV&BD4rg7;u;l@JpWVSG+=VG
z-&ui6h^<$Zf-sHlyF0;f`bqLoiSWT4n@@|W>QmeGPw0Ghb84Tz@n}7DCf%<z@{mXG
zrn)UOp}J`KwlByOz`m|0THL!S#q=k<4veGr>f^)lDZCR<R`5A#FpW-AA|COs**P($
zTV^9ix{)LEE49nb?o}tF)E8m4`$aFg_|9&wtq*?&jW8$0py!5#Z;xm0*2mmpwjo6)
znvl)r-N2Ur%3(ih?Fe!!i!kVJYBv>vXXsfWWso;@lc`j2_AfJS?RNszmtVYfCN)J<
zX2ed8p`i}!5}=5-YeH(6i9DPC>MysqzhB40KuW5Ain>hVpJ)197`zXlJ=(du-SL^*
zv;D!P+wF5(?tpRBI(==Fq~kjB;g@|b`RfCpch_DLxjOD=D=$x0ZWY^QZNPq-;y&*+
zq|G=B{F);HoJ93L17UVd`|jnmG~F9A4JO{0*!GfTw`4+95lc0hI7|otp57K2C>dFX
z$%qP-cYLobut-M?67xsKr9X~G1FJdr?|e7-fZP5O=TC-{osIAo+(J;D;3XYuoa$l&
z>JZzdCRkSn3ENVO<9wQ&FdG+xe6Qynm|Z;c_icnQ3JA=U_Nb;l8ASg39<!ms#7~bW
zKgOaWgI?WWwE8-^RzgApANkMO^FI&yT(yri(ZM#fo(*z;zVc%>m_B$rKQ(4a)U*P<
zdtaiIwv$OGC{4#u<}{?h?aRjCc(o*G7r4zZ{TY0O=FpqhY>0422{`|`aXrw-S4XC(
z>OwtMfSA8-51#PyCDRC03<}{YE^d(3)-%e+&}DxtLuVR1g`@$CGY(mfZ>__wXH`2w
zTcF&KrzPnKn1<c3Fxik1dD;iVt{d-RW7JseBn#h1T~+FL5tbLKGEW=lrbRtBjgf7=
z{EVaHs`69B4Bi({*kpTW;fpD_Ro7c1Ox3EZ{VY0W=&FuF0YVRaTV4_|L{R6Xh0+U8
zSwcr@0oMn5jlY&GZ`tY<a#2LyO%JdCsxpU5g-)YBrt8Qo0?-Ze&(;bUrXh?*p&%6!
zN3=W3mJ!@fI9p4H>2#%LC=*s7(>+SF%pgm2@Q<YGkmJPo%!+O#D0Jd_q)8U6oPBIH
ztUZ?zIg}!7hl<K?apB(^ObPd41Ed*dZ1iSadI})ARGL_-V#g2$WU>-25khvuMNMXJ
zDG6(*EVEt`ZWtMbUi=nbcE{G)<eg?>8oWdIuP#ZD5Lbj4Ufugt`(+XAb@V#5%AQU(
z78#g_=wh=hk8lfkq#xE=+td?*?hSMH=(m*opRk6Is16T~l^9C=AkzczU0rXm?~)Z{
z2-n+E(c6TA#O0%p%a)FvW#Wx_4anhw571aH+U?=AwOGhO=j_|dfDw+>E3fb)6f`!r
zyn*7x643U7Rjnr@eB<Z-s@76Mac;tWN6pU}42W6FBr}lSCg>3MAbU2o1tc7cF_FXA
z;X}D1&pC!-ykAFhr7#excRU{A$J?OE4^kC5(1R!2-~<lbwzI{BE<~{T4>&NnA4aa%
zjYeJju0+U{4_aEeV<P_q$PCVuQTXG7H#(rL&;GRM`dmKkH1K<f-pGyIY{L$?P$SIg
zpBh0E%=sk>c<7xJ7kUvP&OMAr=8g3~#!5cPky_meBM1KL80wJnHx_oCYj1b5?cuB6
z3gy?Hfyw$~n`&LHZm%p4&dHV3w1LUEB4odT7T@K1GP-m&zrCqGGb_b364iE^t8%LK
zS;=&y{z($Lr&pF8<5ZQGeMPTe(!uUm&|T0xc>acR5y~YbCFDM!?nfMR1-!?^3xzNM
zf1({k=CUE0vh+RkzKXx8d28%pUi_#o<y`rMt~SeGpaxXOy%}V4VJU34tP1%cXN`rp
z5rbl=Dz#Q8vEjMv1_xo}2C(CtE6=JmYYAi9=o$6q5siAfTfmnZr6zYUwm5*&`tT7+
z@09wi7J<^*ZFnK~8QlFkHwv_W`KRnb!Z*IR$hJ^=ya(?@0FyhR({-u!=`-vq3hBz2
z`*PJkdJeHtk~;}k2z|Al&OT__#zD3Y5t=hD2!K$a);7o*@HW(b*_F=VM6+EbF&cc=
z_l-?$5|wDg5FN!3g=lCV*l0fW55F6mbjpTVfz&MPda<qLl0@~%Z*SzPJUaDUSBlqx
z*ptds>|Y7S@E@^t0$f~rizdA%Su_&Fkh9d6{&f#Fylh@CLXuaNTcdQxmO;o^U@JvQ
z$gHt+n{#H?9;sW5%M@_PtJp4uR`zt=p=-c(7#GY`P`ur}q@BbSC!c7W=Nojes+=b?
zF(YjlmZ3qaPQOFqwdDYlq_^!_&queL+q#@}&w1u3)pB-MS=LNk@9)_W3c^Xn`kN51
zBh3b57nMH<!4m_MV7`opRB$h<BF#|@R+U8azF(aPQccJ(p&Q&799T_JB<i^OM35ov
zfVxeQWh|GAy^X<l6hc$W(WiyJz=_tHD&|fzSdBiCD&|3QNDqau-MWs_5N9kN7V4(k
zO%z^BNQk#gSgVtzog~Slg*GoS73iffq3d%%X-{NrW<(jI^MO{uzn8OaWHcKXnOZ|Q
zampo6)YgM`#BBUw{SKLE?WEY)CRz1+-MxikRA<eD1N;wGVkE(iBok*4W9z;c#YRRG
z#=1~m<wDPek)m&AM;Zk&uZTA4P_gKn(;-({eN5Nq(zJmzegLseJA7SVdxt^`6@-I*
zBQ=DgZyQ#aO$!YKsN8WA?kbS>P_ad#uj{^Lp_Tiz%Jz__s6Nh7w6%p6e&%E=Fl3ZJ
z%=VjwC5xQSOeCOWT^ZQg@!{j~p<PX<V|wTlC*OI`_D1hGib@x{jDz43UiL~MNp@#E
zY;53;X_ikp@uzE4hx28~K$Jc$Jex9=aU+^)O1rFwmEOg4WQr;&(^8`rBk|#JKc2<(
zYGY_>+;XbyihzXG<M)P*wL>u2qGdA#W|x$@zmyVUzwSIjb3lLVhtyJ&?qfv$q?sr$
zYmRAvAxGO61DjwPj)lIoPARGEbSAowN@_K!Y;1E~$%250^%m4jg&L3|$utc|tC}ME
zC@o{YGfB+59}PX187R$87r?YZ#%UWxs-2?SVb#YVD@U^1uG<VqmF9L0#oW!YDy!_l
zS6(aHs$n0)2bisZt@H6_Dk!RGjG1C<wbrgaOc2AOXHM%Q&F5%F<#PP;HU)=a)aj?{
zsipoJ-hWkrYF}EpU~AgDWMttsX{vuGRt8jW2~b3(rf0|A1=qLFK(Sw@REh}?(V}IT
z1N_XR<TY(6tDiEdEx$878##L#mq|7w&D_*k3uB%n)26>ZM<Nn9YI_QZHc%MN44`Dw
zh|h?kG;%plaUST=k&lBkLY}hUH)jXkW{KNn=3)y>zT6fUNVH5{s7H7Geacb(xvM2$
zqRwA4+32rs?y677T50DF?cJ6?O#hReposH-au%p>+>xo`tRAMn|4|5doe`#<`*HSu
z|B9LD`~KoC7nVB+@c;T`p8GlfzRNzFQ&jBx+1g^hv9J4{&Hs7uQLewfGyD<w%G3W6
zOd5YU3wX<qBD6b))cYG%L)BhVPXfjkm6Lt_HS6Z`#C^+P1qTL7IneMC@9OBG`XizI
z27J0nwhTDGPRoyhrwrmr^OJ62J(AU(o_dbwU16n-7v`V3FOO6oLc2~>%LiK#Iuha3
zJ5RF$Ih<2@$3ra*zq3dbGc8{3A0g~{$}d_T-BL~2{ErUYOgT;K|H*j9D1F8#bq}QB
zRNM46Ss{bAxa-IgY5h@fvYxbUh}AdCtO@H)eqkU3DK(W{F91PN)!+IR%LrP7oPGQU
ze^BCI4nC)Ugy5+G;sBxetn*LAIHP$-6jyO>61+-dZ2ESZbiphCHJ|P)PuiYytrn|f
zWn^@jturRghz9R=@e~absHE3%G-_*#TVitb*U)>hDX!3;AEv+Z^wuzC>&T?F#VyBJ
zKBqXo(S9^ukl9~p0F~n|oH{N`4l?xip(1$(Fa0;QCup79oPVwHFhfTG*Z76WOL-T3
zRZbfPOKpuLbJ?=synM=<Hb&!{m@TZQV0bmSz@|jB7|zO)GCpr;J0#X^_3PwQ@<a?}
zv!xZheeIGf1r}rh9+<l_O6_B$&4+mA*zfF(CHrd}5d5Vij5{arQ}?Wh9&5itU>~`x
zwx+dr=BespQg<l#Ldo%?jXa!0DiyO~0w#9rA4X-A3WmNP{Xy1PO$~PjYZN+~+aCkj
zsJd+#5o4~8+7yCxwq=dWmDFB!G26_pIf@yf`vE6q|CD*f)|^^50<{RgHvO!dy~}v~
z+aTQ!!hSfN*M2BL$0=FXrpcnDCnM$HRjqxia#H?yFtrvgVLlNG76;@yjClb=3%vAP
z{i0$}y+>o!cFZWyuXKKrS40&76kEp;EWL9&fW&Rs^Jz<Il9{-MTcMZs>jo~tu#e>Q
zZc?E~C{&q8^f(*LxsHm^w6CHcamIWgI|%AyO$p}HQvSqBbk*74P*M*3jxYwUtPX5?
z9gb#{;oi$GUQTp1gm;B4n$BCE#CWj6O&sl8Xez$0B(aRx-hvH5blx|Kj){r2;5vp|
zJM9T*doJoJ{uW6xzye2{Tc-ZGD@OHmZlw+-h(uPz*lYZ+rGOD)HZ1ZOysQtTLt~Uq
zD^nbM-Vjw|_*b1iW(_Dt1YO+KF#<Mei{kZPFOtw4?vfV&z(X!wAM<L>ous&^R~Q@~
z8eTZkqkTb3Cz)_zt`79O+zdKVdb5>!dO(UV!Sz!iRhK@5gKKB<Dj%%V^85Na+kJgF
z^-n$m<*0%!a}mhbTl;e(Zur<SZM2gmqusC=?{^594HM}LtpnE!J0CKYc@edw36O|7
znv(e$l>H$%y8Q|P)f)|Yaa7Btz7!o4@hHx>My}kq7xWhLuvjhz69<*E$5l1Q(exg*
zT0FoWR-U(LCbTwkf$KOVN3J_+-Aabp!Cco(|JIavbVlk{6LcY*4=m1opSEz3{=cMK
z*gBp0X-3CkdvOhS-!W4T%NaW~DAjYBv$O0POmmD+JDCeX<rb8XYfaG+<a|yJ`-~YA
zMGac4&I$(2&garp#RkNlpQxnNiEz%b=#?qX^OOrgwrNe4#PqL_is}tcRU1;`J^2${
zd@K|`*p7}F8!`TYdmsT{#qvu$v)&r4f=OVDVLHJ2Kz|}0JgeGtIm^64fMy&tL3mA!
z-kfsvxHi%{H|AU>S)MRwwqruc{>WIyj@FBOEI9X!+ec$=Q|0wKjie1)K0fF0)v2D`
zBDSK4u`R3AD<DL4(RW1hzBmAj!C8+Iyu<pR;ZA91wL}@4PQ$<Y;uf|KTV2+!R$-{u
zX>#jvuGrhYx0&Ce(?EW>yxV~-JmrResBNBmvOc1mJ|%Y^ZGOA*#Ib))y+%@;36`&u
z21pII^^%zrm%n*VQkQA`4JI*9LW1D*5q4H%?3E56@!2!*6(h8MxoAUD`r8x(b^Pwp
zfBkld6w62EaP1slmXZt7pDo2PI{u?wl5r9yJ0{77G7@^Y4}oB!%@B&LDen&wtv-~t
zQGXoFPr}md=V(GpTqF5G0qytfoS-t2TF`8=zO=bJ|BZQHRscV^PkhF!dD?gU{7ipa
zvOIVJ7SasT3po|wCqc^=_BBVx)=9B{vrjlEehnfT^6vB;wP56SvE;zAZaF%>lVtJ2
z9rPfkamtPQiD5S^?a6GNzhS&nf`b(7u^o2;(X7iad&^ywGW|+}!g2}O;LN$Eg|xQ*
zT?}qa?QcXQ`LsP~|8#}!n&AckWWu($e<nh>u5PsbA<|svA_1L4oOD>i5Kf%pY>v4a
zo~0CL9A|#<q~P6FyDkv9xL)Xy*Kpi^_Xsd{2rwDvXRZ50pc;P8)aCo*_Bqp;9{4}(
z!1+HD3<Ci0c^va9dO9Q>FP?Hu4KX7(&u4RtFh?_TevGY_b7Z2DoR35~N=%shcwBkV
z$e1~DEgo|`lVkGChQ=myynn{~OWzN#nrhQalv{k?2nFVgLSdM-q>;h)t(g3LM)88Y
z+mCAXx5HfQI4Pqo&>SLrrcEk@cCKSKmjtnCN6!5FYk&3oG$gaEdZs5wq5F7Ylf07c
z0nq6)eM(qvBFT&Uoog<%P``pX;hv&YX*ZSQ0O2KXxR%U9iP(XARWlov?EtFtrqyk!
z{as(Fj^P_h1!I+6{64RZIwpJh;R-d9dYPXX^g?|lBbm9Fs2^~%9~#jE&%>eP_iWfg
zonss(NlEH;pvU!WX*k*+79B_?#JRv--32A#f1d5dFMqEuZLT{Da+YJ?c`*1kQ<*qE
zd|~c%ec(M!1-&5Sff3G~IyxaULZbgwr{Vc{UJvwU+sCGSMtB}F8?bZ+@V+?*nHD0)
zzV?8v2zS~T{QbY5!I{b&SutCq{)r4Q_=B$r&hR(>qVJ$YSOGcpN4W$0TVrI7Ttb#V
z;`YtJLjBF1HyE#lO6TofT7ZG-RI9$p7JXJXb*^IBK;oc!9)#Utu2U#nL+8UW$MH6^
zNv`7;b=JB{Tt#w*+F|6~u7kYweq`P3o6!rv5%E5KqjXC;fX5kQ^?!y8f}{$lEl$!h
z3ssna3Sw6E>+|mr@YbN3a0#GrFjdGj-j-YX_0F^wNR2I#cuBk64TvETQxU1AH8HJE
zS5LXjVm~ERqYy9kXXl52JFfvBudspTiKA6xfr=1gfqyGO!rX)R7`Oxvo>yGHtP#wz
z5CmD5c-P6uLmr2ElrEgq4sYfK#TmSdqtVkmUf0$_)i2YO9a2nmV}Gl0f>hs&>%GAs
zr1uCI*-lSVVF7KwC|r=CMpKp)(UU+hM@AE8Tf{Us)r(&Bl*<zma@VE!N<qlo+5(pB
zX&Bq<7Ij`C^ax7-u^PVm{l#@%v&zZ&R+bz&zx9R19t<5G*Pdj~1wm&)!2D0^*|ug$
z8-~}RnW*4|iSSb4p@Iq8$A>&{a*@arIGf$=IdG(qu+L;E<xj!m^w3x$zkhBmsN(VN
zxBVv06S?vm2R)sKjEly|tVj{Q>*2EyLkl*!vztb$ip7t<#eb4HDHqxr_9{R{_rn?$
z)XjRJylg4v&=4KaXzi2V<GFL-m&G=CJD!{Oirm55qPH0yO>ezV^ShF#_~qgd7w2f#
zjdoF)5_R~>52kspf39s3*263tu5~ZQqQ=MtUXoUaf5`$F96m|~v!;cWzI58hBhDR%
zs^S-#HZFN>_dj!IX5(_#JN(yLR&o$&z~=j9P7JprEo!ft>&n@UShN`{9z6~mI&qar
z!8}i$EaH?wyrW$hPg7zc0rGu=?Lu44h@@&TdtZdr(*lod)ZULOTYIGCSR=_7ia!g3
z=oK|LW#J-np<~=e%UC+#{(i5YfClT@xuDi~ql-syZnSH7JmE@MzE23PnXB9V<L`RC
z5|bwx+Izl<0KGFt>;jR4ss}<FRX2KTq0SSzp&`_z>Drc(>{xE+{PE@O%P;-EuyL8%
zR`ROGf&6n-!*Mz(z(*rrFHQ|b5pg>mb4Jg10!gF88kf9v%cUlx(1}MlbU{l)M~dB5
znN<Yxu7(1M5;Yz#D$*#t#$5}aOM%0e+F5ysnV7Xo%SRu#J);$FdmtEv*jwIvm^SSS
z`xv41wHIG<X*xo)D*ICK$Ct1Kmp5q{?-Vt81C)k?_FX+MN&4^F2}D@XdDzzhO&%$P
zszNyyMMmJIY>zo8jI`Hjly#J5^H(qLOVpMqjQA<Ko0xW}wbI-_)~cPf!wC6OP`E-@
zGMw6%mbf`a>5Q{~fJX~IY>tc;Pm8CyirS<>7Wy^j0qlDoBfUP{>2yC7Hm6u%_B>)n
zq|X0gZ5vRAYtd?-^!=+7!zogo|Gw*RX7AIK6yl*RZVC!{XZkNQJ3{FEr<y*)AyV>c
zD;?!#v0%{!7J*T?5J}_z)Z+(15#R2ZsZO7A()nx>rew6LG<UP$5VntnZX;}TCu%*z
z#5|Sg!QOr~n8?E=1*0i@n%0SFgu5$dT1i&grYSbwMy&3<XoxJ9bo4TLc|(38QzhoT
ze$J*LnF`jJZ?)fFL?jPwDFA~{KL4BgM_2J92LnjfC~G?~I=*(ln9I~#P@io!ueZVz
zh`*fWYol3KmMQ>9^K|-FUMxH5A$;Z^{EGQ8$LDAONyOgfRuu@2#Q}ihV_>ptC_own
Z`01yge)@m;UjP6A|Nko6O9}w^1OSSS$<+V=

literal 0
HcmV?d00001

diff --git a/charts/rancher-monitoring-crd/104.1.4+up57.0.3/Chart.yaml b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/Chart.yaml
new file mode 100644
index 0000000000..c6a8d273e0
--- /dev/null
+++ b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/Chart.yaml
@@ -0,0 +1,10 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cattle-monitoring-system
+  catalog.cattle.io/release-name: rancher-monitoring-crd
+apiVersion: v2
+description: Installs the CRDs for rancher-monitoring.
+name: rancher-monitoring-crd
+type: application
+version: 104.1.4+up57.0.3
diff --git a/charts/rancher-monitoring-crd/104.1.4+up57.0.3/README.md b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/README.md
new file mode 100644
index 0000000000..e0b63e0268
--- /dev/null
+++ b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/README.md
@@ -0,0 +1,24 @@
+# rancher-monitoring-crd
+A Rancher chart that installs the CRDs used by rancher-monitoring.
+
+## How does this chart work?
+
+This chart marshalls all of the CRD files placed in the `crd-manifest` directory into a ConfigMap that is installed onto a cluster alongside relevant RBAC (ServiceAccount, ClusterRoleBinding, ClusterRole, and PodSecurityPolicy).
+
+Once the relevant dependent resourcees are installed / upgraded / rolled back, this chart executes a post-install / post-upgrade / post-rollback Job that:
+- Patches any existing versions of the CRDs contained within the `crd-manifest` on the cluster to set `spec.preserveUnknownFields=false`; this step is required since, based on [Kubernetes docs](https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#field-pruning) and a [known workaround](https://github.com/kubernetes-sigs/controller-tools/issues/476#issuecomment-691519936), such CRDs cannot be upgraded normally from `apiextensions.k8s.io/v1beta1` to `apiextensions.k8s.io/v1`.
+- Runs a `kubectl apply` on the CRDs that are contained within the crd-manifest ConfigMap to upgrade CRDs in the cluster
+
+On an uninstall, this chart executes a separate post-delete Job that:
+- Patches any existing versions of the CRDs contained within `crd-manifest` on the cluster to set `metadata.finalizers=[]`
+- Runs a `kubectl delete` on the CRDs that are contained within the crd-manifest ConfigMap to clean up the CRDs from the cluster
+
+Note: If the relevant CRDs already existed in the cluster at the time of install, this chart will absorb ownership of the lifecycle of those CRDs; therefore, on a `helm uninstall`, those CRDs will also be removed from the cluster alongside this chart.
+
+## Why can't we just place the CRDs in the templates/ directory of the main chart?
+
+In Helm today, you cannot declare a CRD and declare a resource of that CRD's kind in templates/ without encountering a failure on render.
+
+## [Helm 3] Why can't we just place the CRDs in the crds/ directory of the main chart?
+
+The Helm 3 `crds/` directory only supports the installation of CRDs, but does not support the upgrade and removal of CRDs, unlike what this chart facilitiates.
\ No newline at end of file
diff --git a/charts/rancher-monitoring-crd/104.1.4+up57.0.3/files/crd-manifest.tgz b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/files/crd-manifest.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..13fc35d213ce510ffa700fdd9e51e031434f5c15
GIT binary patch
literal 308608
zcmb@tW0Ymf*5{qJZB*JurES})%&fF++pI*TZQHg{Y1@@{?>gr^{odRC_S5%6?=kjT
zYmBwVjJfuXi2t0w89^8c1@zbF^Ssm2b+4(Baeew3-HlvxoTWVFJWa>r)N!@r(rxZ#
zRHws=!o5A6Jw!r6NEU?_Xe>V~^L8ye7*|w^6nJEAVCwvx_~zIC;gI!Ktt<1ePDFlC
z@h-<}z#ibUg-@9A>3d)J@p%);F!2fhcKD3h{kmIzG~LblaT>XW$N#ze6v^Nl*tL!;
z3SSa5@WwGb++rNXV0Yyxw0q(N6pI`7`bpwH^iuvAWhd4$VekJvh@#@hTpAXGeb&Yi
zuE$3ATb<*3cK6fo=Uawuv+B>tBYob_4ci&Ww1HT!cYaYvDrtKMr-7RdH?f0`bQPiM
zPSRjJ3R-^ZujApFiBeG-lAI|~t{*n`JRcj8H#f-cvA4`5y3<i8Sp)|aISKY!6GPB@
zLD2Wf*)J}e6#28qs5*03(3nZ+6i}&29jOHhpD254pGe=vVlbxpTMI=!0`$~`>fREd
z)NX<@<EiLM3M!sRDNu?vb`#~1`b2w4)w(fGv!P0N98yezVoeLMw$xCWOU+VHs^Z(_
z8DfT~`3VWn)Ys#N$_<;c*b;A`g}|pqp-*x2jzqk^NF`8~nP#dUK%e@I<Tx*UlQfM|
ze!N0H{o(PB$s%41ucc?9bw|iTz2D4>*ij^O8ah_7%Xx+u`_cY`g?_8b43{{QLirY0
zFj6zwaP$6w0xCQxc^~W~RXQ{74mIf9$-<a~J2~=*lji8DwKr`-GG?;*E)T63^JvT0
zXYqwihzc3HxNt$b{wt4hSP3Vx#1wQ}$x-$FHL+5paIv)3gvA2X<jPO%c!mDzIyBiZ
zO}+$zFIp2PK~f1{bP7rg66B~P<BcV(zv*qmg%`$=V(#I5A6={)^$>+;l@r`+whZJ}
z*yE7TRk8NvCgn~fZB!2Vg*N&XJuEQ+RS?FJNGmMf0}3-t_CpfotC)Ha4XaHOGz~_O
z^nhfaDfqi<w06mCX{@ORO1r(904(=8_!PB6Nio^5^g#FvOj!g3-+LHVK1UR)NF)_^
zDfUv7l<Ny>%8{zz!EXsdW3E!ty<JK&*aUoNE?mQ`iBi(=3eK;6WccQDu#><;?k`l$
zZ$fwtX35fx#KHR)_e;fQ2H*?CLMlX7`fT|cvJEfE=|9KS)t5)SwHSt8&d=QSJ1Nzq
zbI7AGl=~*X$bB7WlT#`n%MV`olwg*MxIe*MBrR5|eC?+GQlM4N<WZ`bx7w_lW+XYs
z#KkZpotbz}hGBdKn`5dKwJ;DuCzzN~&2ME|c>_7D=(%K>h_91OS_@k;%`JPk!YCe6
z(oD5{UJ8xMJPbS5;#n5nbjW}+jrDGBK2?Mv8;ToSZD`XOr4dhuOg|ol;yp!sl*Sx$
zdB~b(X~hw|m&ZZbkD5@KE$BbeO`X{qsKvi2+IbLfQyin+(x#dG5n||-s@nA2+(@Rd
zE9$+{l@~I)X!*^Fm*P;|Nxa^Q?TIYG3Y5YjG5%ZH#0Hb26JgjQ<1p@((x5-bs1C`U
z7h6$!`>xSX8`2|<FPSFiHt!O+ac~F8q%rI5U#XB19s4$H8P$FF!HT6>3$<SIX@pMe
zm({qGQo=~y$>~hRLrw@9T_$IXQwFlpyzyD@8S;TUwc9=$x>79Kp;^G)$w<@pz!ejX
z*)w;78)l@xVH82q%q0jK@sZ3;L~ib%b`E)!!$;Xdf0-{$P~>g#P+zVR=SW@g0&|Q>
z{VD$=w?h$^!7TkQF(R=Vfu07+2=5?jnOk`JryBZk2%fILuh!jHhccosgGp58#h9hO
zN{1<Mj+qq%$S&z{Zl;}<e5cBVNz~3V3)RRpaAc5ub}X}xqMu^yIkS4@WcY3+kwV<z
z77;ff^KkOa0hcA2xG~Q~iT>67gr7Mw;g}3V!!D6qDE?A%C<zHdH{0Ml#|aZ7o_DOO
zefs84CoG6+T%zDKVx$ZQb-q4mad~5*kbFXrpGSz0S>hktudkmT-8bF+TTq;-Fb%p$
zU2*Bciy4+~We!>$<byI(@-w%(abt^RVly7s{h4OHGd!^AiAt>^^2MB}``AWZ_`~5%
z9b)^PN@R`p*DAjwcyROUJpzB4iPbIg@riKU$G4el2qqIz<psxq74OA0W-+E9ci4om
z3c|)6FR~j^SWO0|D3wl2!JZcn{3<6%tIw^l;hSS{jIvr6IyBokHy#hlF;A8?PdRDS
zx_P(R0LOke5o&-*L<mojMP{b75@_%<tBv(D3#ULA8NUV#Fk5jekZ*wda_p-L9b}oF
zcq@d`)uUOm@@aa}8IrO1Ye<W$MhfM~^E{^&Lqa?KfmcMq@-Zn$IR%D}$Xt$9_ot&J
zPsh+V<4%m22D<Z0;*a?+pLA1}N73YQtM+g<e*QlxLow?DgO=uSKQ&F&Tb_&YCGM8E
z(z<2BN<wMxL}vU^QOL)XJJ7C*Y&D2I@5>Q(r_^j4DR$r(F0L5tna(Ka4cOcG*9NNi
zb&0e{HOY<xh^l<YiwH7J7i=gFJkU^?^F?#zNKyzi(YYESM%qYt4Kk}E78IM=TYzM~
z`pDl>^9yFbhWJMXvCGE>5O9b~SqpW02}?*!nA{y#FKBlM+(3qv90tC##}%qvC{Kr2
zI(ohfy?R|<m_cMpaf4jZt|jZEOyCYDU>tw$=Jk1<K%{I7h2vB7w~5H(l1tNB&L}fy
z<$^|DY^QyAC!@-tW@@?^5V-qn*W(}=;q6QTH+MPwhPXBMu?s`U%J%ZHJ0A47Uhmo=
z$r(^W(aX&7<?()D^L~)OZOtw=?z=~9?fcC_|8>%5>gM;6uNwICbGB;J8@77A)JQfs
z71=07(B}lo=)xy#6Jxi8q><0l+U@KurmyeA-C1I>y!^xG&+pm1ug@%7J)m?UGxLQa
z<`X+gyRE{&zlLYaZmRm2Lh3DUQz=p1BoIsZb#gHECtB;2egmhr_)9<+ORS5H=~~js
zwbWG2pQZ;P;NqsN4iUS(H18exey-gdKLXmhoyYX$Ch-1v{5~!B;llGW_wi7lo&B*l
zh)FR#yh#^g)P(Ku+ors=#lg01g%Nf=GZrZ6cy@9n#$+F#xLK+>l5>Rrm-_1Wl@Axf
z;nwgreKqO?A+kaoXJMr}5M5Q#h*T}v?&=?`B?wvYuw2~&p8aT9iME`J$GZdRB@x+<
zYHzeOUwpbq%moLg9rWyPZj<J-!BfzEQ+5l{75wEtQH;c>*qGXHt52UFmQ=b|hr23n
z9&Dv#y|2eQpP1gSrazBPmMJI>ixGKNx|2e~5`$*IPqYr@rWM}bn)H53N9L#@rVBn4
zl@I-*8~WVD2ECSiPl^b-Ss)z``YN+dIXzK+A(Fi*AQF|oUm>Z&GG2R8sHJdDfR7UU
zI4)3&dZ%0`_4Oiv@d76Gu6=x&iK}!DSE4VR2kAJ4R@RT&FnFMW(IWUK@buRXlEkmy
znvVew?LnxiASJ-yVmqGDNhvMl(jw~7zMxcF;p8Zp*(V?oACr<up^Ua7nv=xe|CH7s
z@FLS`?j)1$CU33<vpB3YZn`DMMj=%O&2&hKMfOmJFKDYU5JD1z&755@Y$MCsMvIv5
zeyh!nCMICrsL7OprU*Wt$m*yh55g2lSbUb$h>uf>AZa4<5**!_#oudg_z?}5He)B)
zk;FZO@x9AFF&X8TuckJC=FGD;Vw)xt%~K02OVz1F;YtpMa@8){`jDv1-kt4)!A4}5
z7Zq3Y_gaBl_xA)r&-{cno`h~=_Vl+GDdamQ_NkIOURNg}d6P0Q<Dnu=3UuNe7XMyD
zb?wuzs*#VEN<tG!Hg3**U9_4KvLSN4(5<7d|BH055pEg(21{r3>)zcKj`{u}r*&84
zAz1O5d&?LRT<xz@8H>TI(k0GYDK*aVl&}uhh@6;(PiWZm5(dcaL2~K!f`%nvU+Xn$
zY0+XQL}PGQe}uG;rD?ElJXla<nFR%LPDBU`ArHih6S`C<DUaV=#iEno`oeIq$1(!i
z1r4^-zqGe5XiN5_I3sb`Q>w^tg(0W*N+>GV*wC=!i?n*d1%)d@+V8R&q42eAJ0sEi
zk;GXj;!}p<Th+Sk1gr?Q_{CsVq94o#tO~aDxFC_Y;6H)8Wh4LzUK(ioZ@w7tEc-Yt
zwQw&TCgGS+4lBq^6urSF83>9sAQd2~%z<O)6T;r@q0+JXdZC2HTkN45l9tsO>$GVb
z;jCb%?NTRFz|iz&UK3^q?L>3oB1dxC!w42UDAAxeJNRb9pfGl@krftVN6$W^$^OVZ
z<ED5p2)4^Z4?dF&X<y=(q8-5B^Z#B;Ct$Na&JpdEl}wG&azr~_Cl%VRv9EAOrZrFA
z*TP(anj`1O#RQfk2d3~FcrjcGiNFVB*{#;o9kJtAE`%Oj2bP;X6cB^YdI#qa)NIiV
zTRT~>W*!{~N7k>jXOS@8vXUA@X7Awsf!a*m)<Eyj0nRUdc2J?2*CPr#L_^1Rco7&f
zy+Y=(xnCQ+-4F&@>a7>!@u73{MV`)yOF{!cJt=*ncY|bg;uv(a*Q7=Upnuryppa|i
z1&w)wjU}02x3`m09at!fNrl<2+H%~z4%Gz*rAMLFG{3>gl21H6zdnX>zvUW!)Tn-w
z+U^L$yJ=UxSHgd{63J;$NraOPmkHSQQzPdR&u(4BXB--#%qqI`;$}$qbjM7=-5ZgZ
z=V;O4*wd=_utV}_nx1|z-6xA#pu69n$}Q5^y#x{SR)9w77Q`Ef#TiU*E|JeKaSpR{
zn00}Gk6@SJ2qTz*&Wp>_r(P+B_GFTqO@W|Z^^x6!S4GPcUVvnAxGSH?tF%^YNZyFZ
zvsOnl>CUsZ(r5t9&I3U<OXbp#X3}(p)`BR1@QPx&U}FB|oJi-uZHwcUQKU`l8+OC>
z#o(dmT)l?E)VFbx4??aR;qmA$KASB>pkyB99-AIQF!ct7(`g;mMXOnzwm&FN8B1UU
zT1YMsh`1O?iqGI_D;cx92k*670jI}YYO+mV<hK1-wrS{N?QXMT@fnd+=#@}9*k3}I
zH=bB0<wdHiG|T$UbxXGkVgEILya<=XD$&E&?wekxxid%&^Y|MTD<hFa8*}WPo%Q=u
z4>6=}t20vPso`VfSuy(i){S)lG9<_0!T9o-rzD+k%YC7DfAr`AGn*B8;5Y<VSo-9T
zr(j1INPe7>;Mi02RTH;@{qy%Z&+ll~PtTPT%vWc^1QMzm(V;RyI_;}OXD|1QhbBd)
zS=UwhkZzIlzm;~Do1?<p$H-DcQjhC=VEZ`IOX2)yCK(j!gm91Zft!7wD0(jtvvTB~
zoZSL?F1Do6Tiywg1HqepIf3dwCDM3X-rGw(u5El#)NovNPnt$G;Om8%jWdq!)z2?`
z#*$c>QWlQ;7odRxNw9jhHGoHQWZg8Fq2OZl%6hilMBp&sV(frSKjWD_89CcZJ&qwD
z>A)nZ<*IDVpF3lutPFiJ6?3IqR#F;eSwtLLp<any=xj$F&PYoyC&)c($-GL7S=Z*A
z{8%X^0s~k}i2Ybg{`^TeNzfwQ8<)E`t`9yr;XY>v87#zSr(`?fl8QPm{OD64gcIRN
zZW#00icA)gznPVH=bcGdG!VejYZm(TK|^UI;`LB^>w;~yn_g9Z)epDOi&3Oem2`=?
z^--5{uTV!d#o9m>emIhrPPlLc;;cbhsF_DJKJwKB%8if?v#u50ebC(R62M$_Yaz4h
zxajk{ZDsYhB-}cB18aJq<wxTSU05zfBJ28*TxU`xVG26G8PUYHP<s(%E%A4JoD%aT
z={Aan(1f}%x}-dXe)+%!5`D`J`{WWp_MQACv<_5D`*3h@k};c6&%o<wam6R7jD`rr
z5AFl=b{Bs=e-!|eWrKIpMsVV@XfcSN=k6Vk5@VO{@FhS-nE}11RZ8Zp%a*!|qu6`?
zmu;2gIGrXzTKWxHk#6PI>a~p^XE7Br6y`Y2x6#pnIw@mm(lDnor}>ZHIfd?N@tJ7M
z293M8Fh0^LTW7>ot4n;HWaGlh;~&@wswXVddw56w^taAm@YfLXAP4p3BYsPrw1yJ|
zryc#W7eT@}U4pYWi<uzuPC2sS?w^uOabN$ywJLDYlrr^(nlEfebiY4*>3flI?bkQH
zj1R!we?NGcw7ej5g0<z8xqZ6|Vr_p|uCD$9z2NBd{xW7b(kOSABDuDGJPlVkQ9h0)
z)5eEYLM;)0Z9)}(Nvat);Fd-zoVgEE`%%=6(oRynPvVdhf#+EIaKSEJxH-QRl4bez
zs3LuGb|aJAvA)?$I=D5Z(;-SP`ujJL&2MA|L(t>$dT`om{@RKOkF_Mq)m~xBC~o8S
zPa%6TG7WJVQJ(FCEsO9&BN^%T;RC&r1IS-(V##3*A`1+|7KJN(kRB3{Is(yZW4Uy?
z>laEOSfb3>o+*D27l;67Z1@e2n-Y_q8nTl>x36KkS5L41f}M?NZl8ywcH{7aL8#k7
z9)nQm6$F0-F4^ue^`ArloPm>gM9{r5)@)u|PB7}#kU7@#Y?@CzErG}Dk1l0qnyLwN
ztg|6=thdO$NUdLuZ1M&-g<y}Id)KJ#^o*_8Bf_=UGTHlqBAqUpqK&!3Os=-8l;}x&
zTYnuk&1IBZ-k-jBlR43EAYfGLoNOAt-5?&jz3rCY+|XZgX_g7uaChcHe-Dri#n2}?
zBTUSGP*^D!5pdE9poh3><6}=XRHxc!AKd;Ebma0`cb&~qag2#TUQde=n>+CqgDCp{
z{wL&+ualYq7nCB%<2MvUy*~izXpumtRx_3k!u(;X6^(}CSgOKOSRG`&jZPag%%Jz?
zazwwbDm-18iIHX#*k%!bVw~LyhHNO8;c1fL%AAfb-rq??Sd@a#Db#}u5`$zH)Ij;{
zH)Z<n_E)TMoG|x4V}*7791t>%IAl67DzIcH!J*?}koPAM*h#`{FrxykRH0u7F9{1?
z0wmld$~q>$MGVP)pnmKnGIqR{Lix`OP=Up-N>@r$Jl6eE5CjQnE-GkX&1d4u&Vx>L
z{F!8ls0Kx$rAT>0H=8PhLKc$f*NIFaHlEY|8)3;~p(WLIw$gLb{!qbH*DRpORS@VD
ztOPX>=u`xVj8NfcNkEk!m&V@U<pJ;Y?n?~SwbAxqPb4Ui+s)qLAd^@advMhX9aU2V
zE@YA@Q#MqsxO1$yGPvj#ZhiA?CGOWIc0d0g)HHvE2vRiuSo!6ZL{M3tzyU`{JcvM0
zS%`iAXVph?R5K|p91X(e_x&WW5A|(6QIUbp#Ed6t`kAkLSC8ypX2tG*X^Dpd>Es>z
zn4x;Wg=TBg+M4QW*vho&U7J4}yXJMdO>}3KoqaJm5~!!r3)ESn26Q3GzGK)(;jgFC
zsUpZwCO%-0i>dmLYTV_W7M<ok<}ru#EL~(~?ie9CVKev(5AzxpJ9`c;dWXa*BmFP3
zi$2i-klpgP|6O)j8H|I9vn)Tql`<kpwjj{&)RBswT6ExiZn&magFgH0*8wPEu5uH*
z&+VzKu4XH7{Y179C}=<d&8-BY`i1!yAyHigRWr!hassv0W*@EDPy8)%EPH@RcX@So
zr7rvq)z)9-SpOkIr`&JKTvy_>Z#6W)kg3f1G%G;orBXdZ-%mpJ{VEk8@-g?f+G!@6
z%b`4RWjWZ06%g%$OJbtG?s;}}#SuZM2W^mA$1Q5j)*@=5)<3o%2+47H1c|TDuEG4*
zx>Kp`UirU3z}kHNqlk8|uFCh@8y|ws_KIHC>pjG0Fl}o~!=eUue!WaGtRp!{PtGGm
zjGP{&Ac1?xOd5=weZW87#mCNjw~qn8E-v1h3b2@G8CX=4#&}pn53ccR8Axadt9eu5
z36Qx$90a(zf-v9$ILT`UfnX;&WENvF1az4wV*IkWPjfr)@jU8HQ0t5M1Dua=P!Efd
z7KC&{Dt1cN-1l7kfYJ#b-10<}_e~qg*1z(yP2<ukoRLct-zk|E5G2y4M~xK&X+c8!
zhdwaROo7j9BM-!T=)M7m0h!RqofZ!;e<K>T^N`3jMy4~&>RurOZu?UT$AxYFPQ;5G
znD?19%S!Lp9I_yKD8glO0o55_Rj{2P7Gk8S7xSf+nxejDp=8Bb+$JcA$Gb~+wFqn~
z%9Wytk9MUu&CYhc@7<8%GL>GTTm>3ko-Sd_ddNzSZFN-*%8p!>G&4pn1qJzW;+4So
z-lyaz6t}ONS3%G;nP#gb1&7ipM_ABGMlocP_eC>{=qPJ-hB0Jq`JnA%ekh90Z0_G<
z&uXtkNP5WLmnee1MT)l$-bbC^?dn9Xl{m-~WNHkgc)-j|=a2LFgEW9B_;~=K<>;q@
z6r`0tiuDZ{vSZ51sAp?&(QKO8?w^;m%fF8AkY-hW?8K1Lp`?2-kbx<aG2J_VF?S6R
z48T$xqfl{}NVPbKmC<}bQML)T99;=0;ydK4Y}tGWK{$(pA~cy1Ex~x+N;r5-S8)x8
z%`a{?b~hW_<QJ}^X0e^T$0GF1arOQw(Yz{nm-Cb%qliGu%Q2hJc#Fp!1Jx(Qn?u|+
z9gkgbR4O5#b%lUWMVicXs_*S970Flrwv$KyS<0D)Oqu1sK55P@PBqR%7sVG@B9LjU
zrM-zf9>}iI31nT91D^sK_Dg60<4cn;5b_$3R1Q2wL+>h(S>WO$YeR1t@B*{~g}_fB
z=R8s9hTZ^njh;w<Oi%^{_dWH#$Xxg(m>hUD_!)?DLVzL29QY-20o)23KX#272-sBv
zXW*n_|KF?%wFamJYJ(t@^7GQ@NyYAfsBvsQ2$b<PHfcrJJ>8~^z{4E}&>#fVSHVA_
zI+BBhB8YX3+TZRyngedZ{$sD9_cut(`(F_)AP&tUvU`100=M}D%uT%)ga|$7{7R;X
zHlF~C9czTE2Ehu@5Rh1SM1kzvhNJ)8K>N$OAP!oA;9m!D1Hc=^BOVqhE6ZG1=pL&j
zJffJe78fnhd3-!GNge*!6G0(Z_!#5f4j83uJGElhj#TgLMir8ha}E#zW5RquPl^X0
zz0;N1xB}5-)J_*j9lB*wn}BX}^9iHZ!^?}DMw}hQ3~d|e9ZcoM#-hkG7L{_7xo}tx
zF}bgMpN*2nPg1K-(#0gSeKc!zQem}-Uru_KM-^_-NR|}8f}!)ZHS=%`vyl-c9hxoU
zOTgU2YsbM%vAn8-<AOJusa)aW*QP>qQFGA|;L$n2Hq&Wfm=lV$YEqpwk<{Ym38Ga}
zaUV$)lR(LY<j2bMh<1vv%z+G-uq&E2nc4f2me?>RG_c7heKfqluAO>Z^z<u>L(2`>
zJ9y!CCgyB!tA4i7@QAQztIz;l-pKeP+s+|lc6aH(v%Ho%ebRzsaK>iUVE04K1b^ZF
zep<;4DFvl`{=oHD6`~2ps;X*{21@0`U{vYs=YoM9PQj8iPOJxnN$QA;ETx+Dw_`NL
zaJwOBxzw<ZVj-Bj;zE?-ma&3q3o9b@5+Ya=e+#bpLv@77f&^~y&RDGtm>gQ@L!q7C
z@B-M%&Ds_ErVj)zh!i(5H?7eFcDj4|h4JsnI+wY{dePiDrJFq}OJ+ll=Vj{h3pT5#
zWY`!?kjGl>*ELAub7j~TGzo)M>B!iR25_m&A0m~&S1GzUO1rC)_l|cz9dCmU$Y^%S
z&$QH258Kq_-hCz~ij)&50U%ZgB|D~A`d-nWJaZ#qBkEXvo`9x=CgsfYfQ=xR2E%DE
zg7kdWbuist&7FB^iEEBbldM4T>3+Q7M=3Tt*Rze2+_4Fudym6-Xnyspp$XC@KIZ~M
za)HkQ^UxGzD2MmcQ}dP=W+=z`GYCQcj7F^_0S2056L0{7V7lIo<M1Kt!1B<n1oF^a
z1nR7K0rt>z2V7f&+|`{z03PeC$VpYj6o|$yVFERQ1W0-^z8?+?K+>br{z&?e%s-O8
z@Z$s^I?F%&_0+8W;!uM!iT1&Wi!sP%#x21Aa?d?GL{F^~(8OQ%7-$&$)(8P22)!B<
zdH@a5?8~6K{oo52+v^`YKocJ%CJ);WS4F42?eDp%s!+*)L=TwR43r=R4kR!?m70;0
z0FZ_TlHmER_!dkMz{LOtZCfw!AM5D<3`0R26(GPHpg$X&NDX8kxry;OU&B`{_Bi9?
zln8CZsGq6OZdB%~`mD0>XlJ(R`n0WBnO(m>oz7$82fE6V2VuuSF_qwudSpe%mvF)=
z;Vj`qpS&DfoN<{JT_fokNMedK6Tz+~$?4A|*4$zUJIWQ!ek(`y>1y|S&!${%ys$t)
zR*O({D8K8-0XA)D*?4XNlg|rv9!zWt>L3^mqEuz*SPn0&S1j~y?q9V}zDVEeC>p%*
z#)`3Vzvg_Nv^b`5`PL4K(d=Vgz7cSNY5H|J!iM+ca2eH;c03|gCT^x2?-ZTQW4?l+
zS5!9?BJw2`(lng_g8v1ULV4J#yWQ&oq4sPbR|e5Dgz(ONzapXGhxb|ix)ChmV#Wpw
zo|Xi2eQ5&Byz)<f4d_8IeL4wZaIQ{H@kq?+p=0#M2)28C6l>dKz91>G0_f)yT3ao)
zFrDh&Aq^f*VQQ@V1&ZGWm*sj5y4HEusD#E<SG5GQDTnR@hR`g-dlT1)wmMh2WePu-
z@R{a!h8%U!a|OP!ENLKcB=kpp>sG{@Xl`Z;AXHxNOQ-r|78>^P72akIj=yAkFdp>I
z=DD>m3URZ5%1QRSzz`rPh$p)P=|Dq1xLpE^gJcS$fG5fl;Hd-+qaYm#5NQhPuB$#T
z9M(H%H*4wDoRAfw`@TUZJs9IEFiD@Dre;(ncdyndbJ6~4X0rOlvL?~|{d^{9vp&A`
zz0c<5N0A5>a(u?f{nF6Gy@z<^Bke;gaL9Xrf2dyv163?`pZ+iWF%2eRX|)@S&f^%<
zG__%~9ovoKWGp$-;zN*I;<AV+C`HU@an4q{U%Fy*nlpvh*LuZdDGArRVDEb;^WFHd
zKA(?UeA;}kZ6D87H;$`M?we0vZQp3qyD_J`KCCd$m{Z;1TphT)EO~WO&8cVftF}7S
zK*}c=?`>$SL+MmF1+V(_{5FGU+Gl_ZRs_=F3s&F&7hnn?ov^vCI}id_eO<-5u7>b`
zpd;{~tb$G|$Cdbw9_(+>ID*@aq6gOrs}9r&YYDLP4mk4yz8t_Fm@c4q^g(}2*TCi!
zVJ)BqGP7h{*NjaF$kytW<rMuQF{)8eru}D-SwuK1-_KY^0Q_P9D>_GV2#8aTL^;-N
z0Xf!%>V)l-7yd6-0rp&TF?%i$ZG5l6to!<Z|F<FTOgm$c6eDNPHV}3LFrqYsfA6d`
zIu>4RSZ_ct@;|x^A<m(SxUv1$4}mn7Lj(`==Rgevc!MafnWg6F61vx>e4a}=i}2LU
zx{=jG%!g!Q(sZ&)UFh?G5fYs_dHh3Nh0*YRCen}K4Py4>0TrH-$e@g9YMIXOf-qYr
zddbpea^13y<zPE|$vugbB)_x~w{O3Zp=ic?G@X1axqJK3)>Km#mRqZNnTg)$kuw`6
zRw`;+3ad@EQ4-6gu4FADr>u093z};TU&U;G?a4^)D3)lLg4N=aFlJ>*P@umF4LP@B
z-ELjfKN<xi*`n^XS2uAUh9J|-E;~u|ou(7zkcqv^p3YB3>?r#3GvD_u#B?7*QL&t6
zh6K`MUm!LULm(DU<u*b>&IYy1d`Wfm1M_fihZgy#^dsU{yhWYE-7x<#Ik<jwtgru&
zK(SW*sDvC$c&pr@n9<ZFOc0COM3AzQi@A*oPkW3Cw_J2pZgekv03y6{TmEL)JpUrL
zGY4u3Bgw{S9M}%GE#!!#ko4(QycN2{hKpEuHP8l$fSJ2TpUW8mK?f+W;aQ+*@f;r8
zE28%=o)$rFd!SWlGm107(c(Hmg71RUvOA)VEdSv*&%QPKW~tA)V(%}(YX110eU}U|
zU-i>LUZ>}F03ci6mFI8i{_ycIa+zO8q)0!dM5nQotsgXK;y#r6fv)5_etj+xkmxSL
z-=1SxlQHgGHfl+aDHecHAJuUD$il_OQwY;G>pZiirKU4it5;&*=TKjv_Labp%AQ$0
zz4U3p>w|(MutSBCj(Qt3QA(<joEX2;fg;YG0L>&8`s<nIk-J1e@llRuUe~O5k@Qr-
zTnyR~Y^2+%oE;T%f;u2JP`XkZQVee`kW4nrqEnO#=CVUazwP1FlR}|ptr|r!w71Ov
zY@ORZZ&~c75;tWFh$F|AwQ0oEWQZ*IdUHvwCDB()usLE4)cI4aKB8!UzJMt<_Z4nM
zrTy2Wf76JhMCnK=((=Byor9s%{*R4I^v);&0&i$<T#q-?+ofOMzRZ&FvH&BB1?LK*
za^^vh?=xGC?FRJv<B~Wi4?q_98sc<J717z9E}3u-;k2~|vOh@puG}gZxA|2oK+=~s
zD+pKkN=kp5X1p9Rp88cu{~HN?{`XhQy*H^P$9+MZ4QU`9K^h=+1w=oZWA!5#DZ3O|
zJBKrxcY>CZQ9MlWaOif*LxU})$YNfhszjghi|s^aD+=VaAd{#oW9lLoQ`bP5>{ZVv
zM!0~`(>}%_+ipl<<!)TaA)0%dXnDd<BvAbmXeivoy%|cAP%Ucihh#cLWCS@EHhfz$
z;RcCGa3G8QklZn_y%v!IgGDO>hcu~LM(Qy*2FVDR-+Hj>{r4Ab#UeAB{$!HLUAZ@}
zqK6n=Sps{Wxc%Hi$4j7a>Y2jo^uLbRi*u2!(9UDSpm2pIe>_t079d)R%3voNb42Ok
z$Hy^SUnH%cokh0s%gjG^(y-xkymE@4s#g-sn912mJ(&u&#__Vvq<eJUIBhU<0aY7y
zsSy1`q+TqN<1~iRqU0OQ6~J?J@M85lo-U?n_A0eLt(>2!=iw98CY>_VE#W2w9+#;@
z4d;JbKaj&{D;skxf0XO>h|;%=fMd39e^HN2Ky-_zS*Yx2a*&_GxldZlRLX}tz={aR
z*7k?_KbEjgCAyfaPHAvoKyg;mTAl6lYEFGB`T3yx+q2uhLCIzcA(eJ6L=1Q=uEC>|
z8n{_XNlCNd<lj=IGk#shXynx(&NLIv9cUKGNk|k4-yt=y9SEOAfwdoga`Ap&ANM>S
zxl|Aqclnd0K>;gJ5VUhCLiaUWi+k_sZGtkml>AB8AoTD+dLjuq7-E=&8mOEmZ6uMk
zgsIq{2fV%v5G<yG$`*xRCK@szYjQY1z9I<VxN~#QoZ!Y!qJ%MV<%5gD78&F=44-2(
zc!$77d^cSyBjH97=nlJH5!Qo)nTi&?u|%V=+Wl?Z*VtGYB$MeEenOA_<^Ni&`d_dW
zKdUmm)#48nPKGby>!*>c5dx}BFUgmF7yxXAdH9V6R!r>1ilM%emgDg^JuSyjyL79o
za|Zl?mroN131Zn2B&bTIJ}?^dW>Bc=2v*q=ATd-u1C%;~%kKY)M->{oGRi{r8oO3h
zp9w-D1!qh;z!2~sgMKbuppP>W@1sHd(ZhKnfe|Xd1VpS43Q;X)tr6IX+RvCI;LM_h
zidRwA?#NAJ%kys8E7@BYHMi5&2mTZo(D<OUZ4`QGrGhG}mYXea*JrM{D{=Y^2@PzW
z!hBu;wTj-@&7=DNp;j|Lxgc+XSp%xZ7vyPPx?yRYYnbx?sTM8gz%_L>*tRgGX%&S`
z8ao*#l&nOB>vI;{UFZ92J(cL?>V}9*O>HuCiek=$WN(ep-gfcr`>TLYwoHhOG?v5H
zRq5+n>zP^{LSJ!t_%(CVG2p)Eo~zQgvUcp-$ib`;lIr*}b`qpp7e6fdLa%@H0@-|`
z`%##o5~NT7=vJqS|Jo;jO4+@J{++4^u61XWL0&yj7$(avCEH{~Ei!VG3X@S3{g}!O
zsuKQxRV%`7+GG}HO^vJ}G+O?hLfb5ta5`mGhpF9{s>PwaDpmJSn!bP}07wtW2pQqW
z!1A_iTyLJZJ^5!uy6=Baro}nmCtME{P|~+&!+iHgoC`v)c6g9)OEhYP$>2yNK~s<U
zZmd4SthHXIyMt_;OF?nee4=ZAS?YzGq=nw`Vpys|M)8sL)qe}EK!PFMV5M&uTWk0j
za{L2p`5uUjg>5bsN?wBuxfv_oX71=KNiJ-jw1Y3I!Vn+Y&J?-gRJm7Oxiy}`7aoXt
zORe)Fe*uk~QpBalIwWo9POtWq*2Urnk;V=$PxQI#-*=%j_s0a<dKi7|9p~zYAl!O3
z^Td*q7bk<QCy;#Pdmf~DNPALIP#6w(Mp2G$wrbnlOmZ5RiCIU=lltq6@pm(nI?)U#
zQX7}4>fg8WxYM7NFs<)1em1=JC^>MI7RaAlC5GYCax69HTQY6s&>Pq2$%4QvK7yc?
zg$msx^b~{ep<kE60Y9mLQ2GnqE0p+v<|ue?%`232LHrGVKo-I=$P`KlU>5((BXAv@
z`_cN)3?V}IG=4(&Yy!D2K7ca;;F|#yeA*5SvnZVFL8-C@Zs(6iAJ_LY55Q?$Bep@z
z8C323?*RR&MF8iYfDlsxP<lMZl*m=^#{H9QQvBgRrJ~SiWq@(~$Gy#Bz%2%WzwIfM
zY{G6oKsNKc1pty*_y4w-NvT38M23Y2$T{Iw{X)qCd$x}YVc=r^V4`g(NP`DLs(Q%4
ze86O2WA~SJ#D8#V90a-_;0?t2%*vO<mhfE~ZIaED`bK_NlsBtaewpAdebAoL6x>vM
z4!VY-W?0ZJnW-k`s-!9cDJ0E@?URhaSa22oeL9Jr2kyb<^Rb9&fw-@6+GZuKmYakQ
zStVDuN~iL}!<BESXme3~tuw-!n2#dAT2nG{e!N-gvtx<-<nH%{+~IGg<gDWQK}=-U
zE*&!OpC5M4L^J3=(KXaEi7GkTaKiQ7)Wm1f)EcFxP`)_H<-R13m)%Cu=LOVNDcx9y
zbuCn7oo^~@Yhw04^{O1IMMTqW;`dRm9dt_8=47I`a!tTal&YoL%K5guoZKA%R+Osq
zd%vDm^Z(4=2r@hWk~7B<@Ecpt?>Dvr9|=&7*AP)sCKV`W!nod#X1rKcZO+BarM!7s
zdV_Q_OAJ{U${w8BPtLSK%&qPP1~!vW!Ea@grY$YJa0`x;p5>-UrKQ(vWi9a&OmrZF
zf)gW}Vsh?xGn3kg9<tFA;ma^p>z-#?{+$m^kb~Q&i{s<!%kb|&NuUY{0$<I5C?RpL
zbCLpkro*K8kqsmD(l`{vV2$WiMndKbP6Do@<d{VqWa?i$^yBO=u9OZlVd8BFlj_4!
zl1xGll5RT4VSnm%S-WZS<ZC_layC?c=vs3`%3IlR8FtuUTrH%sK11IM;kQI4BU*64
z8u0Qkd7fS*yUR}A=bk(SyW0m`4TMt;NN!x5?U!$T4yR80e(pZ%e|$V&$!*e#um0S}
zuADAhWXd3jvQAa|2I6|LxGMOaTauZ1k8`W2bEDDQwQ^W@tH&sPUAK7z=hEpYYeT=B
zn?tf`OZUq4;n!tV*4b2+YfHg5@%<k+nqK+b-}^Z4Tv^9mR$FcQ3g{njnJy{rb0}8t
zJ*1N=$=f}Dx{Fn0M6Gjv>B_}!#fD5ezBjPOxQ?ctKI^qSLv&3(6y?V_Mqf-<<jutO
zjjQB!VhfgY#75-Ehi(=NppEC%BG%R-LQc2-ae(~Y*~`t-2(d}z2R<?&y?+qSyg<V0
zif+X1vkqbO?6su<TZ3L(g_89_?yq0GJ%w@%P)40wGuS=Uc@<GX%+}xA=h&0AIbPHD
z3d5!T@Sxx57L{op=l>AoXn(WtI^QYvha^t>=I+x}nU}LEcJ#gf)@rwnA`Ihq`ObAt
zZW=}coV<ty%G4(NVnZ15!n1`97M-^(#g3{O%^K{C8pi4vmmi$Oh+h!g2(cgB2mne~
z(gK!?00C|TpmcKOzd`Bb;HJ8NgVL4fFgcZ0@NqAzh;c8cz!KgYL9t)%(O1WWv{ycA
zg|sy(AF+TGF73e;fUN*r8k~{x@fUzgdwTuh(!3%6aOu|JKU}(19MI;!b7>QGAZwG{
z$_fCN{x5G`fE$wU|8p)q7V;l+=|8`P(7$r&rn-2<q2^@oZ|(UKf2ukC$|$Q`7><IQ
zHLM{qu=faKniiPD$=mSe)<O}~kBbdHfzQ@sml0R`V0_2!=M2lXdRInOmn%3Apm#wV
zg88xFvZQ+zXlqU{PkP;NRcM}O_lkQ6$M;N($!zI2ycymLsEzeDgqv9|wdfL7)7prZ
zEL}KjLD1iuwKmu^Gt2LJIyr40darZfN;&70<p%;=t5-){8bxx<2Vru|MG*z&BlLCW
zVRV#i>u!e(ZJ308mn_Y0L!=~9eDfc_g9#Sj!-GWj+SpgdvmNX(#tVKuu0-_xvo>LO
zklvTz?|KL|!r%3f)-|k0v7B$;eo73d1RM+ANbV~(1!iR&EB<hg!53HY+-KZl892vF
z6MS)s<|G+&_4Y?g7(2j5Hwj7gS##v&?lF_f8*`jEgU?^&ODN;z8VxJ{l-V}6U6c~J
z$rR&`2L*-~&B>L3pHVOd-+qPI;&|%necZ?c!-)_Oj)(UP`2ygu!twvcVTF;+C_(;}
z!{S6#0O3R|0KtpC0OLfs0j{k;SkX=(0FV7;9J5E%x8)eom7inBaN|8F5)fteivB5I
z?BxB|f*hSY05#3kzY7id^6wlL;MR-+z#F&hkdQB(fF=OWVhRW&|K}VwSK>eBuz##W
z{VRtxqeOYmvF^6Npc7lhD0v}7-IaoyxCvn1qz;M9>gwR>=JR!bS#_Q9<?QtG{CJoS
zJ$}33xXQXHaI%?#p-%HSPOtryuu+~GZ%oUwD?x42D~FNC7g8cRLl4oXNoLLzY5Ci(
ztTnV9KvC;zsS}8!NPF9fud*g(WfpG`XZOI;(7jMM_=@SDGHZ=OMqZiwgC)<*)qNhU
z!ZsFzHwBwhxS5Hsnokyf2YT2e>T3CDATKQEg40ooF_cP#tmB4sy*iuCCf3(q(rz|1
z!C!tGvXiybYlahWk{P;>WA$$-Fv_fXGrM^kaUdg<Z`-yKR1P>sD|E6*l2#tqvff)*
zID$J<QZS-|W{{iVXI0eC#>0>HeO;l)8q>4L%I~g|qEXJmMp4x?6}yyY)ovp*-74K$
zuaLlPF3a9}GWMVI%Dwae(kp34a9&;p(gEB40tIS^>=y}iS|z;UT+-f!py1m1SHuMc
z`X}!4YdiaUQo97-9t2Jj*l<Q%QE<gStwID{(0v41&<$-n%K&m-wgfzQ1~~8Vk*<g0
zk>ga21oc$!MZm3xo)^Mg3iAQ#(T~Laf0vba_>2Jr?wyZxLDv@aZ@v!*xf&_`+s<eJ
zW)xgEURf7(ufYFuvK`==C-9#lH>CUwIS;KoQp>w%DM<4tfGBQ1ApR3XHTwcAZeAcd
zFAJA|1%kpM#0lbF*BB#V;Q`Wz-kUHiS}eSOvM&QWCjfkeNBGM+@!#+dKmb7)1vc(S
zAa9SQ7Mfhx5=a?XXhVxhTRJ$$r>DP!aq>HQ)oB)M<SG`&qLOgJY^5ne>8$MT48q7=
zJ~N_^^9z(Z@XKSZIG=eNaIp0qMQzw9ldX5PWpnM&<h@V_!|K+#AH!Tmp#{x@0ag~b
z5v`-kIi+Xe3WTR(_n$m{pbw(AZ7iT|l?k}yb3SO9p9|tCq^!arj426gp0fLagJY;*
z{W+o~6^7I;D5QAc=g>O;#c7ct{-U)erGMww>#%^u9+dud3j}q!v}{R*1Q3+c7vPlA
z@Ft}kz++0wKqjTjfOEeyQwu%24C^`(l)wHkJV*=uk~F#wrYAspsv?8`mY#m+T7dMt
zI5Sa7Z~U9|n3Spm%;eHGKAHn=!78NSj48PSClx;Y$I>&V6#Ab^&tKMs|5bYG762vD
zr_L_ftDWnMzJ({=$#Oh&RX$=Jebxoa^8=rYc^YU}6KCFUbtbvP$Dv=TW^Rc4G!K!C
zCZ7{3q$Ig`(v*iB0sV+>|A+x1d%`@ogkNwN_*NWNGK8jMv%ZUUugz=|l9DA_;b6RC
z6={UrSt@pxbWOLTz0C#M)S`3vxM(+Ra`%Du&V!AsU>`u`O`|r^wSKeJ5T934S8X}F
zCa6a-8#i?fSCW%DjPV?B_Du~8bv(*G4;6SIy%u}5OGa1SA@|6TlzCMwUSAU-lwTuP
zy+KfQdRCm)7AD{lyY?lma+*B!mzQ{!Od=O0h)p=Pz~HDyk|>x&s($TPon%CxuhxQ~
z5m+lt;65pco2Xqcitj_*FGR=UzRJI@BR6k}4sdq}b6;=f2uRP|Xb|gRQIgQ-NbIQ(
zm2N|{w=J5dIHsRs8;(iHCCCJ<C>T>foI9r0BobB!Vs3yG2>BQ@E;%gPgvG}VU6JA+
zgzrrK3gRl<=Z3v_DK(p`C)7~y_C#+M5W)wT{=IW@V?o1s1<#?4<b{E10gGF6auHeY
zR)EZo=O0;F?@IqQN@Bh958?Z_C@FUuCMQ=OerBea5MT&0CwH1$KsejRFNAMq1`_AR
z2^ekFPYBoU(F2uWX~UAT0l@RoR{t#cgt7jw(tU39pAab*9?;;w^;39nwZGj1gh<Ep
zu>aU&y}S93`zg*#(0|%b|FSOdul+QHFCKB#g$udSM4n+vHzK~auEvggAsG&e?ps$P
zNUICj@}`4_{}X{?D8VQ_V=6&7E~nLKRV~Fb8P>dOz%_nOo2z3maTEJoLfal<p#H@t
z!T03zUw*h;a`i63?xUFmT1PM|rfOePMmsz`qI`%n22mY|)X-U-Mg`7P`9)L!Nw|p?
zq?ED}h3J%oAZN-?kU~*i?r3P(pxGn`VsUKExCx~0*7(q5u}q0JqGeW!qhM06S?#u#
zNk{fAA(h$06*Vkd>XjGAX_r|R6Q#`kOc?IZ@<Y*(w#)vnKPXQ&ru%VKOP?A_Jg_v{
zKMHnW!Z1n^ywK{kwt9kBxNQUwED<Md0*Mu6gN%-YMFQlQ@5=)UMWSX~H-tFb`=xVD
zB~GF;i_C2Y#H^Y1D&b<H@#|N7p=)~+X!vY6_bRAA7y7}uaf^-JgqVNQS8RzU9$<B{
zch7UB8f~LG4@k{9%AxU8!n{;R9P>U|SvBxyV(%Z1y7Bk~WbLj*C1SJZ4{3%-nM%#y
zZL=ova*L?o8#m=pNdjQ5f^0^WlpJ$H`9Ynt6B;<7&-`htBP6}S1L8;DrNU4W_V^5b
zk%fe^$r@#NIXgbRf@+b)koHg07vn<q>pSu$ID0jdA0)r^>;+5=*Wdnw(p*Kg<3{--
zCj*N^K$ce;{|UPak8)M<9i)tB2e|!wDY@u4dM59~^V^$-6-TZIXHe+K571%!b?%}c
zDfIOfEvLQyc2WJ;%fwAwVq2`wgcjG`!j4gN<A5cpR)S!CgDCNjDkDD8VQ=Mq*vZnm
z2N8+b?)qFt$Sj%LMN8l|v?O!rwQ~*ALBrANax=aw%v$%=A8vbHGl^jQBL+*WemGJa
z(V<`4mARL#I88;>d566-SO>@o6<^N%WmnJB&2)<|Ukpx}Y34S;SUsQi2xW>xZ)&q1
zFELU8i;8CElS=q0Z62+VD1PPzppzt|I?OnVMo<&tTtnf%W%I+e%8MN%_WQo;BR+iM
z_YoA_yk>s4Hm`bYUK0{lMs;H$2@~<Y3^3=hGc|N9UOsv{LHi!SBb*LzX2Y#zzt$^z
zqjI7FC?r>Gico0nSzIm*+3)~1?B!xzwztg%-&+G|K}p(ixq*^TXe}0QlPoVS6eDWx
z_!Zthw|Kw{p&3OWluJFQyQ7fCZZb>CMg2^u(K+*Mp=FT@s^4!=ZZzb3xOsxsMq(|!
zdj)eW9Ql4e#c6g`LNun5iA;5RI4W0*$Bcg8VkcNEGQ#BH?j9n-Oz~BWiX@MdGp-5|
z2!%8wCX-*=oW!E;1#C`*Tj6p>dDaY%Gv7f^7O?6U7vbVCRwXPVEWcXsZTL!$=WLCV
zABlAs)@U9is+AO)p@#W|Rq<3F`am+7VZjM^gR9s<!B$Dld+ZWMP<cZpR}HtTl3b*H
z9Hru@e<(eQpj!7kYMpVXb>uzFo(N8m3QpuQ7|X}iVtex#A5&A;1!j#6*rV)C&ViM+
z@w=?`YiZ|NO^T<TMaF6g%*hT$Ss$-8GMUjy-t^f5m-+=!r2C{+xlPn+Y+jTAozp7_
zx(a(sVfxf!YpZ?OVD#4l;S}quoapyfSlDp`2Qk5r=;+rUbO8*9YuI2O-on4G#=lM~
zy*^<yIn%`D#!~6WDXOkxoL6C`nf(fXND{ev(9>La4wbFtm|JA$JMorIOlJ>6O|a)7
zdEn><cC(9{U`pMk+$sH-hT>RnG3pp_clor%BP1mJyc}nk{Oo4_<oCG={`kDD?t0m{
zInw{%Hq`_6*6&6hbqfx+W91-H6El5I-Z0T)@4>FWX2!X3;rBRN<$M4()yrGThVQl4
z&ZbZcy7j?G!jz&HtKJ^OJMuaGf4kwCI-1VX6#M4$GtpI;2Th0n*$U6@`qx(YMAcuP
zU^@v3j|pf(&E;M1h(FV6+&)I>=;l!G>QE96QrX+=o93(?ztk$FqmlHB_C_sz!>+-h
z{H`hXWF{6-yW5!<VM?`w)B1Y1>-P3`dsFLE=)%?9uCzRzZvHfYQ&_@VGu7*x_f(cA
z-hLye@F>g<V|X%@Fo9LQflac&wDH1V>cYM%N8P!%7R}#T)P(1jri%C7asju9@4HTy
zt|GG#Cx>rNFvjggDqrm)ebh&Rx3H9LV|}50loq&XiITQnUBy`B3oLFg<7=DJFc*%+
zhjPs>2u-<ng{g~Gc9SpL_;2qsSKPkty$sQ0c_{U4nQ(;!MRRd%+0)b8vuxeh`sYiN
z*VMy)i;0-GUIxd2`GXl(vXo@3Wt)<58x*@Xyr&QHt{`+%|ADP8pO??*#=+ZA{+vMR
zgqkn8*pi4@?;Cs_4^)o=pCX~YmkaRaN0#?nfqaKgeVjWY^<XBGP~o?A(N0TZ#c;J%
z!7sV-9eYL<V{$Wl#Y4Oj;MBDbu|LdwuRzj^wVZTVeN`RGq!}vSlrpB!Zddzw3}mc|
z$7>V*=l=bBkLw2Pc{blPv(Q_u29EL|(r7H5=JLkgQSGtsYe<SJEA<-{cHiU~C4W{6
ztQn4-Tcp)lQZr;w8%2k3iK%l9in9h}!uA#F<!K6j>h4u_l47SA=W_>`%7ZuY6$xKd
zP1bTHt^(_!!+X6T&#p*#ixnmsK#$*+<v6$(1S9`cNwBw1N&p{?0s9%vD1WGuAflFu
zx04XVdJ@b>w8!(laKUarle=h(#i~UBSK)^OGc?Cht@T}tcXkS^!^_#ZbM@GQY3ch`
z5ZEc^pat|o(5#VE#YF`!2~B2Ii!zD6Gkj?Y`Pbw=GL+IrocvU+3d^m0XwaBhcYnRz
zOk;*xB2RswixiyFaCq&2BC)!U>k#)tr@*dz=Fz~a#NvB-PG~k_$Bvw+_ANxGY?tAd
z?{!@3X65b~##RnV-|jz}97{sJ_K9*a<JIuSzV~K?913vtJ6p#r`QYr(escwx6`E{~
zAte!PaJ39>?w_!k$~(j$BVHHrA{7Qi)<LtGQ-_s&+qhnHfGWMg4B4#h$zJJ_H#Z8d
zR-!#$W%>6a@+OVCI{`ELA8K3~B!<Cpc=LHQH&&c^YBfoj4=8nl6Pk2-3z7Fo=>yl)
zBz=kUnso%RY5Z^M7UC=vCz^$auVo+C&lLvu)%u+jl4Ovc%eL%V%q4diqs*_wKXYw9
zb4D=wF>9RkqV20-XiIC%i|%<Ubu7!(@K5Y;N%}pgM(2bt_KKBm4~(aN5J6=G&*<wY
z6qyhkfn!feOrc-ZbQB5B{VJ(t6QWj_3euT;29lz-dWncGJ-rT?`xO=^q0;)Yj-OlK
ziWV9cGpb>W901AfTp=+E9iNW8fC+`eJ=N0VK-Mv%OmPM=qgCpp!95MA0v-jxlQp2G
zMP=jX1s#}>g<r;J=8r1fz+K|iXR5NWFtB%u!=?7>(sjW8rs0vFAmy`PjeS94Q_lN7
z{&XD5{L(mMnu)5&oG6*M<=%*M;=6R574iMv0U<|4W}%YhkQ``k^Xq#rudRPylNn{y
zyiagzD=O)Zdk-8@ef)$d6boNE4Q!NDyZ9`VM;QlIGNce;9Wsq4s62$6qT-_0H$O&|
znwPZ~l0c2*h*W3{5#eL+tT~7?6k7~$&&x>!7EBj3UkV<65e=vmg`bP)HOg=e&Dm)V
z`pn)FCWZI#_zs!|)+O{lO9T#yi(uO#5s;K{n;og-B1z|XI@u7l9=PC!BGLEOY`Cmy
zbGcO8)^KIpYcbC3Nn)en$jWni(8?th@EAc?!ur}Q;cCvWqK@8^6N-#V3t<;m_de+v
zr*y-fni>A4xrjlU^#6mZcL0(l*rG+pwt2?3ZQHhO`;0wjY}>YN+qP}|x%a;R<G+aP
z?A+PAcU44ZWk>D3)+(2XW9H(-0AnhaEsfQki``}-1#%5U|GQ3hVY@WtAFrous3P%9
z2EuK|vL6mnzhqB6(Ohp_g(l<3A^L-DM+#YJBi2$#>-AT|sA-{z6C$dc3t;i!`Zi2A
z<gzYSEUQV?W#hKWBbDd$dX;p&NPdZ69VHPhCzT9hFmx=}UGYm&IiJUwIJXyFHw0te
z0wuXx*P54NKR16BF!=v)fF9l@LtXWgGRfN_MA$1tmfu*2w96hA=gc$hF=fRg6sxYm
zpg{_a263bq3n0fKa}br^8Jm~MBgzD$o2zIM)S^B8RtUu$$nfvcOeV>j2p^-zMBM>6
zW4lOTI1x_ybAkQg79s!BgK#1M;g0^ekCGE1*y&~VyVvGtTJT};9kjnxb~kqH6+KNy
zD0){{N_Q_;b7WLaIxrBOzMa0^)!DVkV$Reprjh3KK%}pk%1W{YUDhfLka4`GrkxSo
zxQ=>$w8-fh@9HX$PIz7H3R2n6!GOCAon`130A-$1KWB;unM`a+J1LGp!E&+0y#Qv?
zjwcbSuC4~GD;)5bgVS%^sh1-M1b2rq5U?Ckt0m40ayD0vlG?h0%kz;OtYH)#qbd0G
zyryAxs6$CO;?fvt|H!Fb?@sJt{LzRN{4b%H+MMvhWAP1MIepdaM*>P|YDKO>jIolU
z)YK`)%Z9m({vEDk{^BXnldP))Ct^NV9<bRqT1BJSbO*$SH5?{l8J|aw*4!{Zu}a6>
zFo5*g`TbdXYSM)tV?RBK+Ni<A33rl*AU%avG*spb#DZ^M<lWWAfS`I0!1~<)Aj21+
zw-`LbH`=!LtnYWw4eWcx$}`Bq4_*%FoC^qmOK$)BJ7@slLOA2k`iEqDV{p!bhg${3
z9^{<P6*nv#q`kmU`SSm1B#~-q2T`hb-i3>DkR`KDtOI#bU7o9U2p$!+0-26J`9k>0
zKs}V-p^>*1^cs_y`-(4;8*0ebwr>?$;2E(G1-qUN+R95iAc&T@(I=YSijJA0Vu6jx
z$JqAs6a>F;v*F#1#%j{JDxPPfRNELx{;1EhjMr@(VJ7E@5~-A68yb`97c-?|WG)g}
zXCP#Q7IMP#94L~pRGuxz)UjfCefpr)_0X+3?!M_Tr&@+wwZS1=hx%3%d7WRRud3>J
zpZ8SfLbrsjAydattwDA22`?|LznuMKF(u-#7n7N>=tGIYPZ6vXGRQ!{*36l6A-;<D
z_G}JB-I4uK7K33P-ezT(?;Rm}`k1a-VhLl1MhbnaHl)_MI=cU;A(S6>Z=a=GR8@=~
zr^K>3QA3ejbWE~20uXw!AjG(U5V}~HC7<oOMvcr2D~7MyVL}UUJQCY@j1jq(0;O?V
z4^=Nz2glUZBfJRBYfqj^@1S<Pr8-&9ov@B1sy(B&Y?~rvaGhN_;M_p{{R494$+TYv
z{pv1B5~DymQvD`tjE0A@>8UyJQ8)!|{D^v#%DdtW8jjJX5-fg_JnhX8Io>ZiK(lHu
zYg^N0(7YIRC~KYeqdF4A%l&~&xlVP=tAsdUv)#9!&K^Dqn4^p+<+tRcu`j+*zt|L8
zVIFR3bw@RIZP~M(4x00hT9O9!bd*Y#gIjr1q#q_b8A3)@+}sstf-A|`=AQHOLh`-s
zP~K%<a;3VlzCC!ca&2A5+KD&uPW+I$a48YE*vgAqx5qwI?b3a*Xo`V90Iu7E3AdB*
zHz!D|78X|8FeS1^wKh_3@JzCqOJ#7?O0sQP3?4C$tL1()UKv2Kd|0>PVKkYyE<k^h
zpmFL?q_FYY?zF|)V1s~mE^s*q;#nHa*%EGUVzK2_wGch<9Aw^-o?3$&SZyG5S)pZ%
zD^6Cvb><xk{sqDR8^t*5DuONfttHRP|1($Tx5`3jp>#=|bT5dm%7~|^uCIk;v8r@0
zRI;tq+FIvT8YXKWNz){kaV&K*>Ob`UGN)KxUPm@^PKQJrc3QC~aS7*kQFWR7LOZAD
z4A%Um(ZeEXf^t%wwC+JSWinacN%+egw6b=chzukJ7K2PgATtl>_yBXA!l<ni4tZv#
z&+ji_qB6!SC^_iqcEtd$K5ehL^ciOuf#)?gU`^Kr*1}Ok*<WVaUq%DF@)dXa!@at)
zaT|B*u=Q=2><+q%$hejb;593|eCKteE!meYzcfCE%=W+^__4NYphibDP~}t8LATqr
z1}yP5##z=aW0l<b`%kl9<ko~&b&iR&`#M+$vq1BFa`XlB%W3<HG{oH}+?B`bE4QC4
z{Cww_xsXGdX#~<khzig{1t|Fb)lUTbKVyU_M}R)^{}|=42vO@>2QSc~Rg;<KL~Rxh
z>((|4O<+>#L0V2Sf$eJp%`=8@4Y3=lO(TYIf@_T-T5TguU7NKX1J(yFd_(Tw!wxov
zcKUeD8F<lN;_K_QJ0WXiRups3lEdXcc0Q3rB63+wF0C~^zzc$v(YdkC%0?PRkSWx#
z8^%?X233bU?`RS}42Dfy{TMe}nYYXCWwkurk0va-sKM`yRF_@h{Dlz-*mN~KYQx(L
zMk}H_mR<cNy$pa`0+Y$;hQUvL6+5kwaL=Q`?Nd#yO+>f_YVV0G5XyckR^=Z^!3?iq
zS%1niqY00x)zz&P#;$Eok}j9)U+^>tI(83TOHIuH%GWf^)f%)wSGi5D!04-?wu6(K
zg!m@M5TX?$!EwW@7$qjGT~H@tQ!wHC7Pk+edEO!ftqDt}4hnh-Z=|57`mVazGEIt|
zw*W*>l<89-&aQ2xv({o#rXafb<&tuzl387^T6gd-))KdeeOmBkk+bGNDO3qR%iLKj
zoz;`rrG3_vWxyQV%4kCU&-?NBHIpFZk-sYl9=_SbSoj5I6O=0;9A7E-LJa9|txKtR
z&bOC&udT06x|dnqnt07I2X%r63HuH9y8m8Dfjot_<ciKFGYo74sL0dIqHa>LKkZ3@
z!h#h3v7f^4N@#|r@i_(J=Yk@;;!Q+B5UtnSAQV2Q07c=s{k~PeMTqF-K;R4*XD5*3
zjT&d4^UuBt<c_;&O4*(M1H|P8eGUTdES*cbnt+Qj2^j-zUDGLYc@D4GM?uTP^9~j#
z3krWbbVGvcLsxdHU~#(Mf0rNC&VWJ;9%u*6V!9H^OnlSHRI(Y_Mt9;(pR*a+M7HBi
zpR#F(;C7TAy7PIrzanwW)$@d$!l7#x?DY#hwc?gXj6f*aJMZPGA1ttYzC2Q$;kA3@
zc13G<hy-svCECr`X>sUe@36giwcU4*v%S~kqkAH}I&2c^T#URU+HIO^ad>t@COb!q
ziJo_l3)$|~7&`~x9I)MKv|9$T+3GvYpSr}So9@$MdudYuCIALUV7vtgg82j>0EWQi
z9|aHu!v!D+WceH0hs8g-tA@-7(Q|?5F;id?5u66gRUNTg7B=hRMl@=C-oC+LZ#NLx
zu<>}mwRW4obuBwWcOoCwI#8GMfgR_@)?d%7V0L^m+Xb6ojJfLx)73C1-S{XMaML~P
zS#HuB2iaOt=Kwzt`P}`&4CH3N%JR3i1Cwj)2HxCONxa=BFylDp=FD+Hh)b6~J-<G_
z*+)#c<QIH_=kSxU%;?P8hsnQwPe07uhuK?p2*=!a$J}?O#c~?7(4#mD3C_7^&7cgD
zWgh|%@y`VS1ut;lNZuPJ;$JWz3f=`EIWO4Ih~SR@zL9^<-+iM$zb`c3t)Y=z<mm&;
zDu66|-t=y$|3smz1mN7`7IlUFog$6-?f=@<06X{l%d-D|8lZp>#rWTC1@<4pe~bYA
zM09)%(7sYI|Nj`u5Zs6QDF3fF=N>;9&S?;EmOWVZ8wA&0<MsPv^8hB6v5>rI;{ayw
zsUbtRD|=TV{O<PY9r7Hq8GucNmaMW|CSYNOEr$Y+1DM&e%S8B9IMd%oA0E<jvT1<j
zb}hKaLH}&_S>zGmS!8gi%_lf0s7(QXE^_-7X!%`QjND!w41RyEnFIM<Tj1PYT$I)e
z@YC=Idu&dAwotK^DL~JC{@)|~&1Q%2+y_7p{!b`y&;3e(|IFk3t_=tw$p3F)ATVNp
zL14Q7361Ro`|nEm0^o7TC6h(YCHvoLP`PXWp5}KLQ@=?JG&j*F301Lku}@-<9wu({
z!K}?=?C-T%`yrpp(Q)D4Zp0s=>Xj-z-0dloMtvM5O?3ss@}<s9BS_XEXT1_W<?@I1
z=LyASy3!>iC)aIgL!ht8S40rADn2h`*o*A~OUfW596U?x*!=FfD}5<R+{={p#Km1s
z26LsGl@fHnGJbHiuQ7EYeA!B-r+}f|V*<+2XdnNbxX1@cA!|2D_3{+0IXo`&AfJH5
ziqx!C7k+$7A$l$iR!)8{d-J+MCZfCqdUUj-km#|whGZ7MAdJ)A?o0P(dD*i=5ppss
zAziDS<Z2a+0`)hmxs9p!ODYdA4HZ3*IVNrsxvX~B!hgmO=Fl+OD(9hH$d*CA5XW7#
z-OnttVKb-W!gKux$HnUv_l}!SKr8=mfoXH9ZLjn3)I%trL!3I4ovy`E?cGv1gq@si
zD`tS4NIPC2;lPaxj0<aJGc@qv)QM)h!(7HaJbkz%q-65~WwU)yIv1P1cN}U_Zh$W2
z*~fO&|HNg@LuK9Iy)&j2V<p3F*l^40qPpRiH_El>Jzf8&P=~gW|3w{M^n^LmB`jDw
z{V8nA#wMA4WVyH>wbabUQZWlE#rWC10#f?XNu?xjd$7dDT)v9G={yTgzKZ#;<q~wR
zCV_mF;TiA}lyU`6xoXmw$FsRAc+K}uq*}^}oo-hbuaD3CzhXq;OVg0w;ytU)nR<Ho
zI>abJzM`2uw6bG-Y$6Ke97n!R_b!J3Teu1;vg~2BRAHwsiFvx}emgZHO(s`*LX^J1
z;48jjQ-+CkKtrzT({MsHbl_=<d^pE+_+remjGFz-x5d<Ev(M3qVzOx;5H$F&3dK7R
z38sn}<KF;!N|as6Y0Q$J>ouP)kSx|6p<irM|B7pp%nsgQ_+_r@*}lio`DN#S6b^!~
zuD{8s&GWmlV)vwI?0TW4nYhOwkdT~wBn0$E%`s6T5AGt-dvMV%_b_82)x?AqaenDo
z=?X^L8YXfp+5*Q2Hicwfclk}qiaN5^BB|l}%8u3FSs=Qu;Zi`bvH)9Q;cI=^Iy&%v
zE_5O^+ZcIlD*8jBJ_5j0X97y0SIHn~E-{lViWLn*vGCjboiV~^)z|OLod)fW3yHy|
z4HPkivN18LjONm73gbu)iM50TMJQqsR&?ZTT<u1m$!HC6oa#i_4BYb@7pF>JJ-z>Q
zd$_#Z0%R8!!OAHGid9Up*Zv{Wp1lN71@9tk%@e}PL{^%=KNaJg28^;W-c9p5)WKaX
zl!2ZjZB2zok0H8oC*|MNWvb>jw<w)dg+*hW1=U4?82g8o;Di)miypykmss2SF}Fch
zC3(yzUfNU_&jp+2Ex9!#QICe91)u~-w&NQ;8u|Nr=Y!7vlRIw=14zuLlo}?fqeX~5
zofH}J^S&nw;Mn8i^+00(0sP>$&m)yh6&3$X0&sn~e-~~sW48+EDv~f?QrdA+^7O0<
zT;6%M$zc(3QB&+16x?L^W1qb~`8C|-z94y_g?tOhH5TERGO#=AD&fd?0;0eRgFh~i
z2o4Z-FHj1yXFz5VZPt$NHpzsmxtrF@<Zt#4=zhGu@-odNl;mc^s@<Tam`V~Rzh7h3
z{afGjpGz(n&3&O*Kfhott)a>}m3o~fJ~gZZR82Ke03|4s!mtnjijb;Aa;t-QTIQrr
zuoPUA5Ddyqh+@yDW1m=Rt_JZm14iy(#0dcD`xD%o41^z0XHB&4BmFbb@W4}hPtW@2
z7m9bu72^V~%N}jAu}94nrSqZTLZ7jnEF!0oT-PBLuUO5h0kZQ|{ADWCU_%?Zm(5FS
zQEh^$DXo9{@GH~m)*343c3Mt9)U78Rb-PvOnHQtLlK;zPT234_zJAKU9NX8HMtZ=!
zi>4stEGXmp_j1sReq)tDAG0Zv<G96dF}2(0&wpaZ#U_pPa!2FbE8DL`U8lJz8KjCF
zrl|>zR}T`N(AzY*Wu+2nKVT6!tAi<bn!=bXpLiI}UvA<YL=fCe^NwUBpNBA}jaMHw
zS3UTu+Kd{}Tr>NpLQ|NHrAseG)Xc@&2pOBCJOh)G6`lR#UjXKFDiLBwqe1KD2wm{s
zDWHrefmT2i2F=|%t^3um8O$TL!K&c*MCTNb)uK{x7}tafxAWr=8-ZPYWPJNwPzW6U
z-_iAeu|(W?aT<E+L9D0HMzVh7I=j_no6Nz~`FPIV@z3uTK=?O6biUabB87zFob+(m
z?Q!eq0-zhGj+xNFWc0BzdZp7<X~o`R6!C%V3KJT`@rq$?K*=jH3}Fsg8;-$JWdIu3
z(zEBF4(=il`(gj+BAVy^H^O=X24l77d?U!?jJj;(N@42Q8>DA9*NRW6-v$R};2&sv
zj+k@Q)!>cJUty>F|0v|~8c?xKcD(C@$?x}wCqwQWg~KZTLiJtr<m@$~I_~KYMz_8d
z_p;_er1oizMvLy!F5cgv`_G&)NlQTYp!*f-1u=IO0KgsD{sLoiWB;3N0E9EP$NvDp
z8U3Hi40|jvxkoIValaAn2%XKiq!3~X%-TMcD5RXmswq?Rpm~p*l>q1s$gegHD>uv<
z0400rE-wHo&MI~78UX+*_uu%?(triQ*uwq8^W@|ms~eX>L0{2e+I1rgODTqxPg41c
z7>x?8`c2BSLN2XA(!Pvyv#z1lbc8B-A<Z#*eoe^2BoKhYB$xn5^6u!K{g<q+2c!HH
zPmg2i(f4m3l$woSfcoE1b&79kC`nl<&Q%_(K&|%gn;U8%XHSQiZd^kL1Mkg=o|nOv
zmfaQq$fJ`P__uL$>Jr%9JpTu@VWtDRzm~M8JFo=Yj8Saw9{cokFq{_~x81{gc#}F%
zT%Um)boQ@-At0eUKsevaYR~qsQrtw`Rfmop1%7+Fc)Txw6H~va{s8TT%v#G{N}D*x
zHP0~@0sFx;pwMbfa5$=LfszW+0CJN-6uv@{cohnPnh530aiO3R#T%L@k@Spr=fION
z$;91X*!LJcS+tz~UPyMiol^Mms<)HiXl$`g5=HW0QaUT$Z<>oeuHB{NI>3DVr~2Fn
zhmc#iC=;1Q!OfjwIfT1+p)N59o$M4(?w_CU`=i}R!OqWD%S`f2ceP)))n_KFZ#J9n
zG&W!4@y$>}O^%OiPBaN)=B6#pM)l$b{^~mb$cF0!SU}ZN5)TAx+=Rcke+&*_mXjUy
zkzQ9@x4Cxbs>sxvlg=OEVR`_WU|N1HNX^OFp^JrwmX1}Qi0sH*sG7jXPT!Z4hnDui
z#9|mpaREpQa)Kowa)Kfc8Rw;L7ukpV`^Tx%skM||!@olSkrsfp7*mGb(3IUcgT`<N
zDA-$|a%|;X)-P)kn21CE*2|zI*ZbA)uJYuTWUA?gvT-41Hb3PO?;#DFP27xMRjvX{
znZ{{k-J4RXxLOG?3RN0%DLs>$>q?Ga@8`Ts-e2$KYZEq6+l);bA?+zxuS{ATW!5jS
z%BY3nul0$-Eon63gf3!gV+dp%3EjV1cX1t^-39j%gd^JD!QrdxT~!+M;*0axCEJM(
z#Nu)99?WA5Q?9DY4%fKD!}94gT8kIpKzqzb!eK%uSeZeEQ~J)&&yvt?Bqa3XrNlU9
zr=R_M4_1gDZ4c40>s~K8Xu(AcWCA4Co7AUUddhD>_Dnp-=<F|#A_6_HGVUzyGenlu
zFDVWFG6G(Brzv&VVlC#S2^qNcO)DMykOFQ_>sp(CtINxNVIZw&c~-B>@4)#^9EYG<
zWs-YM%~#GaF74G?yW4Zr3!AAZO2r|eb28DN!>;D4nUM{W&y;<VFS$dRvd(izgB6uG
zrX6lOp3mjP9%Wow;FaeSzZlwzxwJ>&Er;<gzn$uB(KnwFH8xlK<T@^z<{*`1mugP5
zZ=lAh`Ua!N=w@{1(4r~Z$QO$RTxTYVb6!R1dil~ps9M(>w-oYJ+z|C5_zlu6p;3Ip
zZ$X=>TWl_dVbjbq%yP_-F!7u?Omjn9GyV6Q^}(%L5AqQ&^y<ng9F1PuKiD0sl+zeE
z7N1ME5&TE(9f_;G6Rq*oW-0_Vi^I~R7V)KiXEE#<N^`u3CBQd?nuW!die2mKAEM@F
zGbYx$O{l}xS|N}OhXxYJRqAK|sv0lii`qv_+>ES0>ad=0pq-i6wTV4MY~kYMxhs%M
z&e~})+tc=?W3iuzs7MTx7FiT<U5C<taXuMU*qoHbur^bWXouV*4REAOx<S9<R0t|^
z>EA-I4WuL{!^xKEgL&8R<)ex2%R|C5;$z{OHIKs334y@T54!+!g5m)Sy6;?R!HR!L
z_DaqK!!ZS9qrv;wQd72S+AgW?yC=;Bi=4zy%Y(1iVg%;;5gA48u(M(%r_q?3Y_kJU
zPwzASLlOAoo88I&!R4W;kPuBUyC&K?4)vVxZrcBhual0Vh+AMdXeel#Y#`#5Srpos
z+|EfuXym3N-ixG_-ALzp!AM8&5EJ(|eYXiJVk~H1^uN9=_cE4!6MNK5E6w(2#${Xn
zk!-5$MN$F%QWL2^I)@k7syLUqRa50S&d*q{NRYMBiICaY={%}mYA1HQ@Nkj0k28-E
zLtb!6=~PpSVmjb2&i@K|P;$1ZeE>?rA&VzHoIQMOyE;vb#d<j(I8U&3a@*CGuiWXx
zq^fY+B-fUNKxgxTbN^{CfALzN+Q7=6Dp4kzk+GKu6a2z=JryB2Hc2ws$ZntS{*j-~
zVjA|YY-wI+ZWtmj5R7a*zUlDR)T!@WnQ$?e3rRhYmeCN(-2jL@!PlcNTJP>3>ohP`
zyt*ZIIa;R*FH#Jy31jBWcW^eCJG<4Xt*i%@oQqDQD@yoUITw3s;oCl~_L_Q|<;7$A
zE4x;(7(_&vP+;nLs}QY<W8>W~b0_c+O`Ei(`B%rGShr?1*K((Z2Mg<Cp87Yvr^lM@
z!no09$?)E+>X|if7qU^*5&SN*6=Uh5W6fdH(a1i`m0EX@e;_)WB#BNkUp^q?q$B#X
z^q#UsjGOaOH_KJBQ?t3~_N#C9-tVeXI4pSHyP9wGALv9uw2=v{W=!?BjZ))MBE77c
z^4G7RH`|h}th$8S$*9MW)dx2E*>U*Q);=399)ryihF*KtHrAMokzR#{(gnYjP+f}S
z#q((z%9eBvlt5%!TtO3;4z#2RzMF(=l%wV>j+xL!vDbA&K<ZThy99&|LQHo2St4;f
zt+*NRPhvy8GHHOsg57)PP{Un<__r<TWR2#E9Onre%_8Kyb7k`sRNmP4&Av6z5r~!1
zRPOu@74wj0fudH0I*;0`dI#$<mN3>i8L@~{KBkRiiBxcjZqL$pW%zZzt7Y|{u(l2y
z1t#>4yoII93#Hg{RF!fhRi_w|G#AYyjy<OQAP+{ie1bCem7y6NmXJV-OtK4XTy!1A
zfruPLGRy&rJvO7q|40&gda6kkB=b)(s+H4M6y{Q#9TY-RvHWx?y*FU_##ls)i6v@V
z>rD+CTbwr#^uf)=t85i>QWVXNu%Ktfa_GvdIwT&Dq}vDBA*!Ax9|J`;a4+%7iHG8@
zQPpd5y`q#cWg-SinSiFlHm6(3%*3mlPTR`px^#G<a5T;$ZcZB`=h&e<Xs9oq?IzBY
zXQGI@nn!oVdY38TUB;A^wG6xVtlS)BG^{tSXr-U)$kS_3eHuOT94kY^U*ss0_L<4`
z@O6EjU7cm9&3MLPOBD?U&*w`I$6Lp{+2=lQ1URauqQpOxJx`_AJcZWU8_;4et;E7*
zY%dhrN=Qf6$0zrl@vKEU=7Sh9jtoghzeK56Hs<&gi}gxql8Aa6w5ahqK?Ur2bh#%<
z@(Tw@u{{qr64X%>`}zf(rbf*r%wYL>GD_Qwr4f$V<1%rk$lVr(n?&iB*(EgA*>{P{
zprn#>Flo?i5bPU=c%&l|OgiYbsdqt(Y%39f&QBw7h|*oSRL}+d7N$wiTJ}drlN2II
z{;*7+$K9>OASIu)ii@pg$0&47#qb`fD9jqN_CF~#V(i7GCQx5E>3DH6fw(vN=wMLO
z7=(VS_zc5}X4wUgdc`YCDlct{{VU_koSXVHThX$T;@9Qw_Wis*0qd#Y)hZ0ZcDf_c
zrQJUR>lyd#5RPCw+e7!>CXB##TGAXU7337CyO^O(7=!&NCmJXv>=39Mg@>1dKSUTN
z)Y+V!G^|i|vTa<rn0yzTb))a((VXFr7F`oD^pZ*>Ykj1fhjK$3pkuM)Z=Q1OO7{f}
z87Uz~YRDGYtn>I!=SxHm1+gIIm(bSb>E-i1^;R*FW&CnZb;y9OZS>k~#!gkO>zMEC
z7Dscj*>oK(;Zu~R`JsZ1JPu^9&?;L9xOT$;RJfC~7_=3E$n{JU91dP3cXx?E@h7V9
z+)Sv}U0#$jPqouMmUGW(`L>(KWB-g3)#<i7yrae5<X+-;|6Q@=MF4BCQ)0ttR@sqe
zfUM}TP@A9TB<HYu`W5(+D4qkwWQreEb^2C0E<j%jtt`jTNXI$H^V}n<@mrNPguz+&
z8Q=3ICP8?*4nGkBrxG<rvcF8D)bQNzOd<H-BtxR|GOC2@H~7fmoOKSfJ=Z(8_PlEe
z4E%Y2Uefz<x4(VKh~??_)N}GUP_ZSLgFHF-1%TFtB4oaU&W)?h*ANoaRSvpO2XXh5
z{%F)ceiB019lTXP7P^EPol?Qo4aNQDhCK?$G7m{z1Wq>e^fBk_k<#>sa7z@=qnL>y
zXOc`ESD`L=G`R8T+cOZx5{qM2X^Q!~j)(P1veuZ_@p)GKFSfGIqZ)(L)_7ppLa1Z{
z)$RiCNK+yorn)?oeLhC3b!||BFM+a>59uKi=Q1rXxLmp{K|L*fIb_Ev4^uZvoZ^|f
zxt)KAk1`L(Q7|CK*t6pX-huPNE>2+2(c&^*eVXAM8O)JICX!<s5~>#mT*9v3jZ}#%
zvFOg>i?Oz9w?EeT=`l$Nl}Q}aBN<R4gBi&Ob)5?nX-oA5HV`NdzI1vC_>0-9NrQgL
zXllJ1-emcA0-^KA_dn_+QVGh*Miw(VyN^G7&)>luF&nGcp*>KN5<J94*OK>b%K4H!
zw0|U;HR_0y$+>1IHpqsj_1zrUp{2nv6f@Lr+<ws80bxwtz<Oh)^x}ugIO|%Ocv@NC
z?=Nhh>yn|A^}LQ<uR~5gzF+gu{<izRUM^Gu+hl#yhyJ_{tf8CbZ1VAPadGi{ebd=>
zzuP~(i}^mEdCl3{-s<JZ_L$Z9O%gl0J`cGAb<{qw6QO&OW?;(l<Yza;aLLa4Oiy^Z
zu{lr9?U??nT`JKQsTS(V&VcZz4V_<AfoNhRbQ<(pXu{~O*@+oK-oG;EeobNegA+*x
z)BN!;SUGc87|EQ$z6TuTOELhC!9)%J4wzM1LsDk4rK<eTU22$Tx?@^!gg)uz%()i0
z(}xYRW+kR4Qd=2y4+xVK!8Il!Brgi?)>2^AW)k!CfEvg+kWg|#)Tu5#p(lOk?z&#q
zoOZOhin)g96qT+eFC)(qGf#3XKnc9{uO4N2BR21&?m~t`zRLiVDq}COpP9L<QyT!r
zzLi5{BL#()vtGk#+TG6OoG<lD)mq511){sd-t*&l86uqFNHh44U+&Jb7h$~M)b`ZQ
zn&AiAx4$>>h_frv)k@}c^#(G9EE*DzGggO~9G@DS^%#*lQ9XD(Y8DRxOm-mFBnz^>
zh_N#>MT`|dCi+)dHh2>yd`t*Gg*T^D>z{ehm`nomAH&Q(+pv)doww1@ZvaJdycp~e
zR@2cz1V?dmR+kP}e@Hq1@z?4gPo&eS-SPuv-dN))HB($F*9l50Mue!e)xkr_FqaWy
z-+BThA=2mD27H-xWEF`B2BPRn%H=4xmVLIU&H(cFXpz1o1NXhw73#K^JTWyJ6`ipN
z^a9biZ%Y9|0HD1hmQGf(8<5%zX!1%2+3k9*<;;YMBdxL;`EzWu8G_d1e$`|3c=T9D
zXe7|T&exk_C#JSS{RPhcGn)=9<lDUNPG4~3nAKrF-7iSW-eVCq3P-p}&?#s2kp&JP
z@ugMs)(8Es`JSNYg$Cuxg8q<=8~NRAr9x$p<pR^us!~NY(fLVP)~AQ#U53p90u>QS
zL3XT_%n>S0O~IDt%<q&Kt%M>2_R#v%aP`IcmFhytiE64o7Zf4sEZDTC_TDxtvo|1`
zg>yoYf~*L1MI`!+mvUR-{uP9Q6$r}y?^~M6^{onpsOf5~Erp!~!JCVymwKz)cj2wS
zSgs$AhYw@Z?#k@%>JP|ogpL#^5xnO()C8oD&hJsE84CHSLeS&e1p7aV#Y+^bhr;Z`
z=45*NUbOUU@dT*o_9!-CqRC6q(CCgUHn5w$s)o>nI!@3#p+1a0)`g3QkB4VtYuWx}
z6G3vhx{URt=(fjX{C6_2X;2ytih`LB`lTnnOgLp0!5M(qBaX6(#O-;!Q7GR~1WPiJ
zQB0BVXJaM5kD76I5WOyBpQF!mx(7tgeEVl(A_X$h6f2p-R=f^`7wF7`5HHpgJwQ;y
z=V*h-prL#e&mEW*#2qa!Lg_n^U5#1wh?TV`7_r8uPULjbjQV_qBPQJc2c<cD`8LtL
z?ZY^P+`4s3?JQuo>)`z<6kbh_p=&@Dh9r~`pedO}YRwvMOz+;2{^nVgQX1Ua&c(o4
zfyQh4(3(|#B3@h9pgp}k4!XUxnYUVnK_)wOhDXBa{_1aIbx#P&#kiT%_%?Xj2I=dt
z^Kev~-b!=i7Xn7dvPU;ZgBi|sw*ku^8L5}vP)oa-{ZpUK_TR!kd#$t>f@!Isd226V
z8cpn(SH^KPNy2A>@#r^F@pa2O5xK`)>*`nY-&;5ecLAzzc-8pk<o<rnT}O&iLnixR
zV&dknxib9m0c#K%lQYE#ep&z=p=~&#g*S>Z=x0bR?{xpwgD2J<3GsQ^rtg9`o}5FC
zOh+?7Wisg4Hu#Z6q<TDZ5n@I%_G}JRynbC%S`ppp4@my1Gy1AA{3`#|j$yMYx7;gH
zH{>)jtE)G*9YP7SLnk#*)QZlnr_IM*zMliW?<>CJRT;5xC`XUG=Y6}CovxtW(o7W}
z`evxzDUHoMyRV>?{>z?fLU78SHVk&6n@6Im$!6YL-)R#{%pnL;dT<p6G?`r4XVRt4
zx(h}coqjyC&#_sBtiE2X;9N4}zT|oX<39cHPLG4w`3l2elp|+?ORSv-i;mB{CJ?71
zH4O9VV}V-I+Jc|Ym&>W-k<NR!4BV|e)=b)SD~(NQWtaBD3a9(MBUD9ts=Mc{P&lxx
zOrlcV+vo;(ADb#GQRFUzrsuv$XwA*dxnhtC)Ftmes%$6@;?($jgTHfVNOex`<b^W)
z{{4{Y%GP*{&NLoIM-3!LsHtLF{uY4%)QXGS(im6;ehxl2hgnV<(dE8rmck>hz)N)C
z$Io=6GOz1g26rh1%ykRC;a;p4b?pW#n#XEP9BuvRqM7i|q*=Q@r`1}D&66ZW9qo_H
z#F(C-NaCyu%376KTXOV8*#S9uRSJ6GzRRqan^BoI`pPFB=1xq+q_?2O(9GLl+VbL8
zCB`Fsh$S2HO{TGH!9ItY1bb8(*_qA@M(pq9d7wlrR;^JxoCs0s<6Hu0)<eOL6Nc}H
z%kVhF+HWZ0cS5(_Dg3>|t|;|fcdmb?$)d2U(beTDXAax~0!7aIEW+ktO2RUmfjqVA
zBWw`~S`UG!F{3%Xj8hUcWM64$Q!Cd_kpf%%=M2B-UoPjwmYNFwou3wPzL&=Emj8FS
zZXt%ZG$+=?*8X1;YGY2!<x$})qEb=}Pi6Jj%ir};0oO<Qzg|mrKZf&zb7D`}&k7`X
z4l&tO1sBI6);j+FS?J4T#3@~2c*N+5JXpB=DYkt>ZR#^}CstTd7!jcbhZ%1=tC^mf
zQlEZVaeTGc1*rN_42Sfci5frlq+i<485ZMyFihXV$iBskDHh%EG7lUtw&Tt{M#*wg
zzl5ZZUgDg>bffy4jDrQHbk>!d^nItn!qhU}9he*onoRqPqcn#4)q0mWKXo?gDic&5
zqppXi5a@0THq#DDr^MH)mli5IAt0s*seb(tW?}a+d>^7CR4N<egY<1dlE!9ojKFtI
z*&k`dua>r(yqT+S?q)^*>^r+0GBXyE>B@A@oKWAV?{kx0p)z~w#7HfTJ{WoLQSISS
z{ZbA?-JNO^kkam8Q_!yA%u!i(N!xpZJqna4BoIgRaA`%5D|}L!QDm(y-<DxY(vg82
zM&-Tsd>vTU)VUh}vQF)W{o}4Dy)4S%&am2j&n?>H;7x9p449vt{P@Tc>~dzSs6~B`
z<w|<xR`n^iBaL^UKF1sbf(rawoJ(xh-W^qJ=^EA>6Klo+Z1So#yEJWjF<+VSY7H31
z0kSvt@6pYM%z_lzX93eOhPUsL*_#w1$D`Lj4L1{zyd!7dqUtw|)DC=lM#YD>7`($D
zALu1-Xg6sY5B$7CBe!IKHdEN=a2WeS-N}FU3QWMJ?=g>m6&zoooW6oMc>4$5!5d0A
z#Rezp_hlM(W$L$Oo`K^*h!Zc-1R^!BNFlNh4bVEkH7@QyeU*HCPiLgyyvloS)W~`q
z`dCVqs8r{!T-MK;5+rSBx`I6|@Nhee@3iLDpsTcIFmbPfp{kKCO>9l%;?q>#@kxao
z?T;`BW|YtmtUSaH6`2HN+w3nK&>$AFh6uVPu98{pc>RtczUq&G=<Uf}FsPzPp6QvQ
zNb0RCx+%b>nBH7dPjtq|PiFCYKFY|$VOLhuKFOzY+zje*ntT|>xlEPNvf$|sA_nrJ
zcoI+tVM>ZtP#0G2h(nL~>f96dQa{mA?0k6z@FBY1ey`e&_7$4L7*X)&Gg_jaIZz|W
z$}kR8UJxiC|705#8-<@s&>912Fm5D11m2iZa1kiam2g@YqPvhV#YUFyz;+V+a&l7U
zye@IlAvIG;7%{oEXrM{aRm9xRM43MHrQ}MBqlaN7$AtNly9X!7Ddu##JE)pM^}fFp
zzEM7v8V09ms0H~|3t!AHORCM$7blz8;vJrKot!h&7f4%wv-<ecE}pU`b}&OjL3|u2
z)Kp>vdu$JB=;q$flMy5_MZ*QFeP*D8P?-8uQG}r<h#lni*=BJ`B}cn+;sZ^#BJsP9
z)D>ncYd3^T1d$-+i&gErWH9HJ+LsCw-S#In{aOhVsZ)yqXGa+^MN)GkDTi7CwQddU
z>qg@hwpgPoOHC7s&@w+>S$D@*h;4%n6#((ku~I0`Z($RvcvEA7P+PhF2Ib-H;MH#d
zrt-EBg9ktOd5TbYR18^{6p*|EkCxR)LWcFK+130!PYwBXeVckubQKSAPQp_`fMx@A
z8p_yV<`trT-c&t>W_hL~z9_lIY!x1YikOq3`uej`FY{A^rCq!bQ*+QN?V{K!WP@wK
z_5Q2b?)p{zG2P;yWHLnBb$bN@@DdAOcXW4hBxrs``a@DJK9po?PoXuD=QPIS!5aF5
z?N&2aZygnOM#R|R;;aS_mFKMhicF9SRya()#a7?Q1dxKbDt&jX+MbtQ<u1TlsllMA
zq*FN-Vk<$AQCvlopN@&S<Sg5r2)owmWE+!=$W|S?mA3^5|C2zq#Q601*1+fcjfcqb
zsu0oZE|1wd1Kh~&@(^)h1*aIKK~Afx(n>Z$L)8|n-)<{I{ygj8S<<{}L=-sgddPSL
z*T6Nmy`p<k+q8QQXJId!9mkjO?{Fq}@Y77&ax4_=@Z3v%(WC$Kb1BpD0j;eQC=yD{
zKehH>I*Vv)-GghaBkr*fxGq1;U8^=JS}i#AsCGYygtk7Bt{+X3uNAx)-;2*nRrDS)
zWJFhkSrBMZM|6!i1>oLa^#&HXRzvunwt3%~?QtF25i=h#4LK|kNjEX@GB!(%={rw0
zTq>?+V_yk*oVG8T(X|bHgON03MdFG>8tc7eF#o@iRe_7d$rKNVi_weqvEhnj&z3%M
zjSEk>-pQ;{9m7>-=;s@1Y9}EW$_}l*Y0pJL`L_x1bTvq*^9`aoO8GTzd{KJy@HO%E
zMjVXuu*w!~1{-tG)HPmAJ)>)Q!_&5>wK};5jfddE*<4YnCD@2E&mc`9HitA+3X)EV
zspM8;(awnb^I~Pgcjsc-?}#bBgGG1_XaD!G26n}Hu;|~*ZI~3_{`|}Of4xTj_qO5s
z-!B}@;5eKy<o9T_4k4y=@5Hn|64Cn9;5wYeJ#Qe}{hE3I^ZUO8_cFz4RT)J51peo?
zXM?(M(n~8|YE4Z7_QsQkAl$nPo&3dTb_yZ$0xD>2dXRW4d}}f(S_ghx78o)+h~1A5
zismc%gtF!xb4>$Wa|PARQnp$r-eB|g9F*exIn#PolyxHrA<M=e@QAA03k>Y%&yJH0
zYrU0@npWpRhkWSdol^^{RI8R-W{mcWx1wE<uiem44rCs>ZS1SjmUax&>ImTdnp@-M
ztzneRZrO~`LRVr&`%>iywSBRC)Gp--058sss(9TY71apuP=q5BU$TaL^c8`AOMX80
zwb4b#mtOw^0{%S5H=y=mhwF9bwnI38+{9*ANYD&ow{f8X!Y`$gT>!lsJpd$6r7I>v
zfc~$VmH=C){e+K#O1(Hb=q0q^b;m2sg8x+UlCwe`M;iz+V;rIXfhPTJjiynP&IY+I
z{s0fB`&XYb(R~_ZLtl}85agEiRJr!p{W`Vu%~?<d>&{8q$<3x)l(YNipUuG+?g6<G
z(B2tv*Q}0-YGaF6cIBo?%J}0I?51R?g&}NtfzoSRQBNrk6ILNrGPi-^`Q}LL1nKMx
zhJh<~3S_tOXm;F;tfh&vQ7a&e9yV|8#((<qaU%Y@Cf9E;RGTQ+n;_8IGEJt@?gHN@
zkD)WXQ`6n-zxj=|OF2GY*Y^RO?*n)<y-Xj+pV!OF%g4u$p3b-Pfu#$)x3!WRk&d=L
zKOfGo?5=NygweG%^qzmN7l6z4-!fmYm8t*_^k(itd;!J6Z1t#EeYf^`WU?V0mw@H>
zk=iT7FZvpnQw}-bqR(YR4A)o66$?9VC7iZ!>486BYQnaytnCSiBmt4cwvrojESGBm
z2=L`~r42Qj>t*B)ULj2TYfzisN^0^bnA4+^0z?8s86Swk5@_VA4gWxmimnc8UP_PE
z>E|U+uT7zJ>*AXo)7j07;j$$U-T#uHlk^;!NLA3Q&w=hw30b%bwcvMZ0=gs?uGwhc
z(!bwrrVYmZHL1!%yciR45o@7DvU@JF?gi=)N*x`>oD(YRsNwxbl`oXAG;$7R(w~vt
z&nLMU-54m6x&&U(=~^!8cV*57I48kk_dN1%*byR_nUA(8P5l9}S-W1aCoHl?sB!kK
zs;#&FOy>%bBKNO%{v~@A<$SG*)||XY9na-?M4VfH*gzoszj-jiUucR4T+NLw_-*1N
zoRX*IR%;jN*0rbID=~>4EvyTKA9DSg{O5fu<F8VOC;@>!5e#E64u)J*tlsRgL`<rm
z!da8G+H!4kgQsNRO)rc#hn&h!oI?9Jy|w~<Ba=kP$w`c3mz{<13tP4S(A}W*zYs2P
zd8$6%^DNz|F_QkwnGd<blVx~T`$G1W?e9<FY5%Q#1ky;5(p64zFm{2_^l|`5MVk&E
zcFQ1XNuCH)n}Mh2B9wF=9GCr<wr`i8qCY!sAmNn^Xf(%xn-w6f`Ur?-vIr1J5f<7=
zyXCo9H{RZf%}#xJEq6CGJw>R<oVm`RG1;-JLKA2f<+knESyPr8uIR5yY%I5A&kB5_
z%3v!iDg$;NL#mfel;)sF!rc|8hCx7;l0;M{v@Ar-L!d4vF`ymu5sv<4QkG)sc{3}c
zb}TlNQ0zZ8iL~}T!HG$*XF*rCA0|RR!JirWZhlO9ipCmqDp=OGQ<@zn)0`>ytA&N1
z;i4d9D5>5j^6>EA(D$D(&#Wqg3;(c5`1k^ee(v|r?N)w#zFH#H>}Yr5TNIhpEElA(
zgIjKfjR_Yzjr3`ka4uE<&Y>4|Dk-ReIU+USQ^$|x=CTCGheLwe!C(C8hCo-+;HAOV
zFbc(eC7>4(6??NRvCoZ63TV=M=4-Yr1>iQ{v|Q1X(+YLSR*z|I$UJ*>9Q3wtvvlU5
zk^RW0)>zBPNt`(SBfvn1`_>C6QN69B_uWIGN9wBdXBs~Z&qCkzxX{DL&IujI?0HXM
z{@Zj6{J7grgfCD_EYR9`?D&upI%vs{38fZWbn-&bNnQiUg9tFqKM}Y~TA1KLb6zsq
zJ`HCgsO$QA!sOn)yNzpSRQ0gH@e8}qSkRJ+BfUl-xmXkpq)I-#&1nyXXS)&s{z#oy
z%~r5xQw<rNm~J_w9?SGCOK04>&7e{GecrNsr8Ll{wB3N@yN}X+8x}&c`(i(I@y_WF
zAA%PG9h|Rl!OCxX250Zopo8S>q~wT8!DdIQtmpBKx!!GBPl0gDVIUw?*#8;En(J78
zsH8^fXpabCQaKv0CC3IxX{5?xDEPfR&gKzp9l5r<-P`0jJdR(00I7XV@Hn#zC5>W-
z5^8)W9l73#lrs~@L#QQ4Rq}YWaCxeuB0}S9=Cd=_Gpp(q(duWt#N$sc1D8DvdV;vs
zZP_v`mHL=)Tq59Cau{^rLd%2!U}$aCwxj`^>GN>Av$&GpCm(y_E^!N%9Q7O#U<T!8
zU=@(oB+?><c2!R!v}zjWp~?|dMFVkdn%!vxV)+-`QapX$`Y^4sxlz5&=kvWv;vtix
z<-0rBFND3$D*QQ3N5}4Ll&k@&-+-WAVAx4Eh`5|)*#OYP45QINg`#$8x^05{_o-PO
z%h`}-R4$ip5;s{@1NIYks8*y56L#>E)IxF7mv_7`eN*iQ>B-6?a!`!wdZ&K<j$|rx
zh^*LJ*W^>o8Mp>TkSyForhXo(<*RJkjd%>~Ch3@m?<}2?P;5fA^<ly^Su8}zQBG?c
zR3}9H)VJsn^i0XS3$Um~o0l&05dD=Y#9rG*!W>#R<N(~+h^2-t)N#*FY)Y*j1CRYQ
zEV1~gI<@15gorp<tccR<^-8lw_33EAKf0<g2MU|HFyVSjsk?m?MvRt*e$u(ZKk37Z
zq}SVB3~3YXe59=memq9wjEWShD2_^cEc2!53D*E0mM8oJoruVNBfVT7LFULHc?!|e
zOCtGSInrrh?0wfJ``xn-ZJ6cHq3&u-YbUgkQ5g<!qr4^pRHIzky3+L>xgB(FeIBPA
zfjvj~i;$9&DAMTD`sBuAKr0mczI^(zDIT;Eb3>@<8<QS16MtN2Y#ik?*zqOe`$6ad
zX<yRMpExYkgApU2g|~BM-GDOIe3>Oyu1wi1;4pTIm;p2l!l`4a?hmoqUcyo4ivgos
zZg_)w-6)&Gu!L?W>4uMTcEdi01(1(m(Tk!Vpif9R6!l(!g2y@D;O1ArrT0PK1Q7T<
zjFamQxwtr*loC)J$a=&umoQIF9U`scOD_(u{oho3S((4GF;P2zwBxPmQ~0cShk_zW
zFVgF+?|I9|_3l*2#L$md&1qFBmDSAq@$fXSLLX6EsC-P4ebRUxV1pbs9efO>&BWV-
zZwk)7FVPK6gv*4qLo1^5>9Cn#rYu}^Mivqhx*pr@s_EWq0-KEvv@t$q&D-`Qi}cZp
zx9Wy8$FUu;Xrh^vyo<8er+Ar&#L0$_^Y3#>XPtwe^EhV5`u_o;0a=L`whb*Soyq|(
zN7GCB)Ml9amCe^RjU9Pfp)O`|cZ~VNPh*b%RvKv|0#y4J8xQmK+-~CH2}BbCr^Bud
z79FpF&7MffV(UlZc_Cqm(N#=LV}NSeswP0XkE`#)<n+VEwTKKri6rKQyIs~v3fyAN
zX>?2yV1LX#IfBpOE|tX@pi5dl-mGP5gW+Mr8#Dr%XJTW4bu0!T2i`g8`5G0^yl0YA
zu*w=OnA{A;ccldj9u5z{hRr_m+r&0WxXhzuW9({Pw{iv6x#!s=Psj;<3S7qNvxFQ*
zL0$o%@jbMu@G<K_zOBJR4v7ft*^w8q1*6}(jcz29y&w+f1Xj8K@h0)(FGE@+mE-T_
zSN$lE{{341_Rl@>m1{TV*Xbs8x#s*6=ci+X`LE|&Pap4(@j2t6jz|5ZXkio*P3i4f
zdXqCLI`nP}fO>(`LWu38NkLfFKB$%h0B216GuyBP0+xNuJpPLDfSMHwD`aq#)F1~R
zmBfe{plq%6D6S3b@o>QqR%eZJY`snHaiD4A=5%85I>Zr7LDKLG7r$17QBu~&QwUDQ
z<!>W4dsH_uyDa;i`)yw*F)FSBuD<|}tKZpD+=|Pnms@p{lV79e*ZB1xT(29St{acB
z8KLC*ZNGOCzjI;VrU_zr6_=MS{|nRg8v)s(hv)A2|3vxUvHt%(3^(!+OOiM9h>mPI
z0`&I{q3&3|4lR+_AiePG`5*PX383Z+A;Wi^`naeX9)NYR(e+sEQIZvU&~O$IkFRT~
z9;IOxzmx%D&K?FBqQ|o=3^&*q>3ezokgSXRc*^X0K(c&wC4y9??pCnYwEzYI<Ecua
zXr!T`a>F1?naC&hidQOtLx%va!qTtEdDsH%%+nAX@)0=%O=d<Qhpon><E9^W1sMKw
zcd_?yU}8ydDxMKNLn+fxvLRdDIVW+KuCgbzI0sf#(*kA+%4x!9k4u8%`M{fx%aQ&V
z^)-S>B;q?wDkK@cSr-648OiEO*TQMYrI@$A{tl1OBD|5TU6J6fKCyurkTqnkzuA1&
z2VxcZRDKB4UJ%!^&-E+}=4Al|?2<^V5&A8rb`1fTb$_4b3V(LH;C1cAx(y`fP&*>j
z*GCf7=$qXl0XK@ylLp2|hdmwhJ?pQ*J`RqWIzp_b^!*9s)Qp4MR-^lQ&Wt)ovBf%x
zEUzIHL`(C}Oy}&IiKXCfsR6jNjNVZqj=_u6fxlWTgR#YeELH)}i%~(BvQQxRth^;u
z0SfDZo_qK{7X0FemN%;lP@-o`i;9zS1|!0gG>G(BV)@!rII*|@ium@CZ$BS0MD(29
zHS0G@`r4-`+tT3|ecRpYcl~M7bEvkDpa`uzLf^K*T-7-RYm;5H@|Iqu8X63SHHV%L
zoWW+4tVMCpaIcN(oU0?}4d<$wW^Zd9R1Y85=qyxd%pD#Ce2LV~v)s3s>(5@g@<S?W
zv>cG7l6G7w;;Am0T;z}PAcs<oyuyXw?EPjhiEb7Z1X9oF%K7))M$&4xdQCO?{GM<8
z28{%bg}z^5ZcEQ`Fp+MRoeXTvRWNC&ER2_s(0t8}cD(d1I%zU#6n$TBcSLP*P9ikx
zEIncnk#v=~{H0C@9oZlx*5qW}Za$7wRj)$23|qKcUbSyv%}mN#1E|F#CDGUl8~M)7
zvs0?w*ZnIrLwGI)_*fgO+tdkkyYt*uw@Q7%nJ0ZiSC0Z!nuPo7D!lczx1?;>tzPXw
zOy$M}MA{+X_(VI6CUN>8dHCOkapa}!f(R8wqvO+ABB%z&dje5I`pv@)TuD1Z;mJy{
zOj<<aLi6=wfD>~EfdMFl9;P3YsIR2#%^9Z7|HdYV4$PSLDZxFtZKb}Ot$z;TS$b2}
zFNX4s&-#axVNTaxN&bXfL7ugg%^}o&v~_~2o@Z}#qME`|8#vzYAL5^2f^UqbSI4`6
zx(;`KSYjwz1@XP&PVR&Qt|Ws|b$|fG#slFx*%Iog<QP{030|Kj&x$tZXBGtaW>{@s
zI=@$;Os*(O%U`K&fCy2eAHIFQHRuI23EH`;Uuex}-fiL(>d~g$1a)`yMPnD9AJMLn
zeU6d)S5hq{rM@U3ghwf34rXV=n#@jP*mBmYHARAF`*I(*rgaS9*>4U0z4`!-!pFH!
zAUj0K;qKF~072k&YP-7C^Q%OL>~ak_vb1#eNYpoUibFAae_43d{zTVW&;r}j@64BB
zOqP^#j5Z>QR7EDW^&lDwfs_IGf7rXH?$ElZOVqJ#+ctM>+je$r+qP}nwr$(Cvy)Wn
zt9DLnby@fC<!b8>%sJ*WdI#$)Q&-P@c`e=5=>o^Mr@Da_(z<@rI)<_hE`;Dsfn*>g
zmbx0zUjcV3z)n0LE?JhBq83Q^rm0Z9-xRtF#lf7|E$hvLFfqc?yPwzL(H8#^z77?F
zOOnCA{fHa?C;T3kILB#`{9EvVTO4LimO5l9x91o3HCR4f|BS2CeC82di}G2fL2UkP
z%^WxC06%}7L$=%V19q}kU>H3z5dj;dDbF#+i>z8i#H7E@&0eVwsuaN{Z{a%(Vi`4{
zH#TAg@W{h@cLku)vvr>2h{M_{yVgH|a5CZZ{DM{gP0Y;JCM>m%a>bei;-=9o*?1C7
z13nbCbLGwXmN1=F{h{OX-Uu$L#-wTPb1Cyz9E!^N>GEB@DbV?xrK-kFAoS(1H9|le
zD6Qe7l2d_I1WEa+^O)E4y3+R^Zw|2HMT2z<-Z5Y;FP4&w0ptCt;6NGn9I3M+jSDiD
zyjwBPlRoxB-ZNg7Keoz5rGsk799DzDdo+z8Rn1NyO-|@&q)x#~hMR0?_=hM4MCP*R
zPp6na0HZQi=n8$Y{(Ft_{a)?%BHpzG`a?>8+eAb75}MRmJ|?=>1=sI<AM<0yZdb)@
z25=Z`s+plPb|Be^nwQuM0?$b<hNn92W3Tm5s$_6Fg~K{Et~La`T)eM)i_{j71yMtO
zcyHdZ;Cv1QILK8-f{-2B(n`(I0amzGcA(QF8i*vLft1n6RX{xhK(fy&O}9}s-Zjol
zi0w#pj9cVp%HJu;<Oc||!!U}>BC<pyU4H=-DA8kCbvZ58OyA?OrNZj3rZ0<}`P^)x
zqr(8`D)ZG+l|gb5sbz?^qG^eoOYWr!Oc$JC5He|s4y*}Avd0Ja+iv>#tyNP}4JP0c
z6HR(a7nVMibQ5s1rRmYQ&)990KIED|{!YWDKWbL|{|JM+h}CY@n+#M~Y$li&%O1!~
z(|FaL4*W811Yjs9oI$n023&@e476?x9Ol6|h?dP2KaMj<zB)1?XaENUEqi9^!nyTl
zJlz}BdeasQ_wg&LAK7=M-=lKc%v$|aQQG`^Ts_BaM(|VFtsixdtK;!Y$^1p0FdceW
z^uQ8BAWXL*7LuR(Dq_gGrbn?!r-2|^SkV)+cWxz{smz8zJ7}KuCM6GNaO{3XYt}YT
z^Tfi`m?kq$ng<lI`$wle<xms+t!{VVLJ*t1a^+e>wH4tiXFlr>T>Akh$uJK&Eq!lW
zX(D&N{L2lAW9~Y({3I+rnRaXlxQ7grGrt_2r(EZlg=Pwb%FWl>FdmG}KB=&d1O+|q
z?`-V20_b;xfW<HKZqA6*nHhiZoum6Pk3J-{fCkUFHf4R`<$q7m&ouBfJu}^*6s8bP
z16T1-zX%JXG#Mix&2SaX{R*}x)E@f7%eGKYY?A$BudC7>jgvr_vTcmVQ?;1U&gtAs
zWm1fiO9vO;7!s-xg)?w_{G3l<++*JB5zTZZ8HXBeIaxho+3<Dm1FX~=fy|8RMQwfO
z+2R_kO5>WRIk<<!e6TupeKQhWAy!<pTG(+08Ch-Bn@Jm%iQO~w(|%W|{at6u+w;3(
za};O^$_?<)v=k-BN{B;Y7(?!fUTDW!ESbHVVAtnpHCUo{5Gn{U+i24YRvSP|q3PEE
z(#URs+VA*Bu$pA_+}Bk(*uNOR9NS4VT-I2wx3!ybnvRNUfH$fhl4=qoO_yx|bd2D=
zQo|Q+l6%U}NepLv-cM8@KH>Ts;rjT<cefYcGFUoqHgxDygFKXODc0$-bq15FY;+<p
zb~|ehytgephliM%`5S@^Wrm@w-Wpg7zrJn_Kwzmi2TbQ(Jda;z5W>{@D0Irk3ZXPR
z>%kXAmsHI^?m_n**~sO5@c%uL>}+<#mq?+BK^IoGnZj0&CB{u;b+PS&vBzq)DHH%U
zIn2{;wj+L;E2*jq^g!E<j0YRyw=V#&At}OR{$XzCQ*|8ev{hA<G3(dxj?nNiW&7HS
z+E_$f^8CqWb(}8qjleEPMrw{8Cy%ww7dJ+`!v9#+IcLs;7>?=i%Fg-Je`vQyw29-1
zTeaou`nj!iO||7CY44{v2T2{<2Rr2cn<Q2A`#H}@7e5F)@;c0sI(7hd*p0i7^uDE^
z^u(K*HUe8vgW4;v)YeZi?8`&fKV*#-`Zl5o6Vg@E30cGx#}OMq;X!NDTPUN3w7pRW
zzSZ>{)=c_Vv+qI=4@#K<aSg%xkpF$EdY*rDyi2Fo?en?+Fgdw;3m*VCCf>i)t5I@y
zJ!HpKqsu-uc2lwOLE|-u&5U$q5V{R+8IHsPka}VlXAVWiat~BrN+$4Bw;G1~$wQwA
zvYxcZX;(}_VH%m+Kb%0osQ}TuDiu)H>GeU8Eo>S_34S{%DjHdKdm;%09mPHme|>_C
zZJfQa1UT4opoLCuLozH=jl3T4n0T76un$}PGthFY!8AR5lczBZHTXFWyIElNRZN^F
zi^fPhybCLpcL3&TUSzz;-o`3phEJ-o!?OraHr=m5@@SX{ug`MRT26K(-M}d1*ejz=
zd>Yq2%B7)Z9IN&2Ez88TW_YOCuj|B#=wOMGAd##%HgpumPLqw{EjTk+4))~}xXqjm
zpY0R{!8piEFZ({ALGSp|T-gnD+&lC619CgZ`9A)GI8j=0D<}K?FLm|j%U4d;=O3k6
ztm`dss+gxkEX0W`LW6M#&(T~EdKHed0?O}%TDRHW<*`}$<6+{bG3EGJ1#NrJJz2Vg
zB{|;}=KxRap>yVMtmqZ%raoF6{WMq@5W#13C7rA)e_w9A^vB<*+%4W&3O9)o=HlYZ
zE1nX7xH6Z2ZI@r9spO{}EB)+rHFUT*2Z$lu!PK;kYWHS`GNPpnOgpLYCkinOx@#IU
zbO2$!g?S8A%J2VJr2mS@-p4)`*f_?tdwUGBHLT}!`Zjn>vx%anQPN`j-L}CWA-&8J
zpX-vpo|j7b<lzr|%vMw%Ud6v%*2o;n_=q@6L>pYvzf9)n-3IS|<`Jx!*K5a*2}$rP
zptOqShn2*hZwR|6KWNn$udq!`MTS~yx^#VWuV>?<Y-pc&Ve3Zk#czE?tgVe=EttPC
zw>q-_kwYc!Q&p<gAl8lh;r!Zflxu9HmzC@FW&2!=&HaBSlDCZ=uX$SoYg-`Or(IpH
zu0o?YU)C=WTHX^XM_f;r?coSw4iwS2<<EJe=~VP#L%me2yQ#ANgw79h4e{968|m&B
z=rA;qsPwqa*eO->LBC#7yv5i45U@Zz+zMiLK?)Kts_=MEAa@)x*Yj$QgUrS#<XC_&
z5BYh}iz{#^!9Mn}rg4sOs-{5^oV#z+HSx~l`mHnXjR}2>!QV~|9L2;5{nP>55$q$W
zrd!&?kN3#X1bFKII7u(Kc7+OEn@fib#bRT?@&`u6@lxo9!O$H`59INTrRB0=?b2>4
z73H|qgB1~hWZI5eji;$M+ZS`bl+P6_q01(St~NVQkK-gVDA-98GjQBpZ+9TSS7DOi
zjPA_d#^D#+f57kJ4|HdG<a3>tv3AENI<3ex8~-d_0=#*L#{~=AS1rDiGrYgHUoR@L
zTaFN`5W|B@?h+uaosPgFsTwmNhpHBhZvX}ZuA3Ly|9QoSi17>Mq3~vNYQvuciOnE1
z`7+Mvvkxh2e5g5|!4m|>2)i0$GaC;`wFvGEU3Z|<a&Wcz?BLIqHwo9lXgnrsj7DrX
zOhmwd02{M0wkt~If(Wwlj(^elpcP4=rvmY@HB=Z5lTrH&j!~<sIds-jv?XX;R!l>7
zn0jnkrfhwV>(A#eZ$x5dC%Oh0m|x;<S2#vR{ka7djA=YY&<+HF&`UrU1y;x~mxjVg
za!r=`GqAv#8+`^S|8PJ3%$;{6gd!$$JWhHyzS&6jGqA$2s)G}~nF`X_(>}$e&>aB1
zz@Q?Pug*uAdJB6YZxLV-=UBL`cy3u}etde>>rl(DYoV!9b%ko$S9Qq3TwRdwFS2Yc
zXd$|yoP=sga9*jh>k*Mp?}KEvd*<r!ylAd4R?<Xz)%Frz*NF_QCIY5Lr~{(CN-G{&
z9#FJtNogxi$nFgKiQeMsMRe2n-1z|HlRGt)y1bb80Pv5{h5j^x_lh_Yjg0)0vr@fY
zX=-hyVF77IXrhU0I3f#T6yy3x%4?PsqS=_BolblhqafbI8Tugd>*)||XVMNu#uB@w
zPA;xbM^Z*sE+;4J8q=*o`mHFH<)09LwoplJ$HqXK+=SymVR`tVDTm@B6gx0m4Cut(
zMM%ol&e@&X7|v4D7)N7SZjKihC%H7b*^z7nGVCHJIX=Um9bYSIEsESE_FB`wml5dN
zYFc|n!Y%4neRU2|{}+24<bqVMN~faGG>fb#WY!jE9GqZxXVEg)ov{}-PVpvNtln>T
zwk8i7z<iz`FI*NUM}C)*rR@6JF<p|HH3fcWU2GHwYo2zzEJ-ZiG!^`Ea;U|+&>#-R
z8h@=Slr6!n7%eN6#Zy+wmVOyYkocB(5Px1CCtg-3k5w?smOd>t*6en6=*zf#y|C^{
zj5}J@BS*HVODxYBrgT-+<#BPi%eXSWP&`7RCsp#(Tr|*36wpkxY(5>=^!%O{7g(f;
z5SU*KMP(%o?NdEowjqBl+sz@z6K_WTo2)dLExkG0E={U2k}PciS7B(y(w%4d_4`<N
z)gkSjulzqg(A6UQH?+v!RhoG<ogI#{yTa-3$iBa8GiiR)kZ%8o^gAk8Mx(m}v{DCK
zu>0{X8+V70bz7C<p0VqVUi!6ao^=&9><p^==Zz3}pzI7HE7K|a4DVBOa}B1<Q^@iL
zI6a-Yy`xwrQkAOmBWSG~)lr<jWJCy{sFwK9jKXywOP3D53{?v}W=Bd_{lj{~1JqPu
z3mQ>?NW?}aq>#}Qea)>&65p&cF;`3Fqf}m^FVA11LY5DOj5m>+^{UZ}5FJa*?kLwS
z__u+u$Nrrn<SzJaXQ>Ia87fo+q~j_HrY9(pI4h6|ZvEq-h+U@sBo8Q`kd~WNQ$BWL
zGi;1ycf5@)wBtbZG`cxAY&(H6U87QCNt4Qge2Zw2<2A7wRHUASW1DwL3KHAMVRDZR
zD4qWw{{^_a+kf>53?$3>qws;;dP0I&S&0#LBHNzsdkwVhd-y*GCBO+NeC2hFe6tAu
z4N(%7)dJ+9(-3J5LkJ?u{D)tqU>1AjFknHKF*;4#c?{?I73xsmq|P_R<N2iEeEomn
zzh4LFvhhFQ?>hSCfBp>oAMMvmRJkxOhT2jXYmxW=;lE!N_`KPh#$x}=14F!($HlS=
zPbbbg+!3|Z^z~1JpCQLh=nufhr#r9C3W3iSXxli@FW=9-WC9U|?(LF1QynWz)-m6K
zFL^ZqM=*ro2Bp%U;msCiO?uNy{*5vm%CYR5NqVQBe9p1tI^LE@zjB+tHx<QMx4=t3
zNK|l=efDtj@)Z7c{Hmek6_bugzj&O!OJ5m)Y}L)dB#xxjLVpi+9$eB?oo8O**0XKf
z%XBensSJ>GZQa@3N#+1EMM(`RrUkTRBPp^i>M|^jw$fhIDhpac12vM@n>^2@Ecju2
z<#}q~&K*^ynq&UHemtrw8A?}CI(?k0-O=lYaic(u33jljrcMKlfKQ)%Lx5owo7yb@
z+&;sFo`&*>=8Vs_OWHaT8c?FZAcZ)hLrO1#*btD;h$CNZsR&UD0{***x-}*rd>P@w
zx~4DM3s&;rFddQky5j3x5s=YOU9);^s5>^T)Hr_kLrc}}){!sSI3f<4Vm1vW6dbwi
zrIb@lABPVj3hEkM70~BcXS)XAt7Xm5z0s9gKMrG?BYB)Y4(fQcT6C2$Ou+1w5PKLq
z#WTt2ac+!noPv{h>kISc!%3tTbIbVIleOoVbz>X!EIWzx`p9Z32^YI>)Ya>2pJ98S
z)6NNhq~rzTd(iJ4jyz3>>=hRJfX}OGx<`|1P}6G{P|L6?mv%_}r^=VXv%*ohi-vlK
z1$u|%a@&}XK!RUz+y=3!Y}qDYPXf=h-ZQS5ZuXXa`84#q>!_~u<I~6a0edOtKl=9{
z{rivp{YU@)qksR=zyIjpfAsG^`u89G`;Y$pNB{n#fB(_H|LEU;^zT3V_aFWHkN*8f
z|Nf(Y|IxqySNf+6Iss5rwDF_O=V<a;RO>S}CNhi_U5tti&DFvZj#8A+pgVV9YF?eR
zC5O?yS3u$<(k`!K{_i+>7C0h?plv%O8o*QM<K+Q|LP$7CIbs!IWdlk#3Pf}Crb@D=
zM>tp8u;yrj>$Y!v`7$1SwEY@{wEg9baUPE3HaDL9lTnU&vG&;1cirsBcNqYJqT!3G
z{lk=_^nB-y!Tx-fsVjkY<13H}*!8+E_tw0T?+jCOqeOZnB=R*X<&b|@;I3%xQJ=o}
zQBR3zO{bX@R1`M0Y)N34?a@6=VBKOWqczAw5BHW5t765kIB9PkTbSc%KCMUAU9Zhu
zRMt`>#F^+-7lS|sRY6fu5ibfVls7ke`4l|A$T27J^l>)y&*oXB2k+0n-RmjX)u-MS
z<wg@N9p<l+UUgs=PxHv`-NT-jv{0R~1f52xoANK71g$(y5Ar9r4QhyhrpE_WuDF?G
z8pOAv2v+J%sI45ME9<+QvhsFB<jt*<=z2Q!y9RmeX4^wK0`c;V3|7GshNjVa;5CE6
zT(vl0y!24HF<&@PKTG2R(!heG7o){D7urd7wp>|5H@TV)F>bmN1_`=>sQr{ujw8nV
z4YD9-t`=6HXABcsDOPem2!=1$Vx9gRX2E&`yFntD@<~9$eoazj`Z4@5cscXCbo?Cs
zRd8GV&KPdM(Qe(0%rrqNn>_8+N8X3wukS&53Ob*6g57%Vzb$K~Ugx3Y&cy7}wHlSC
zX-Xn&e19+tt+|p#n)&LDj%+jv+fdS(7cxOVsTA3ip>?k1TLrDu{yE%nZ{y+Ket&z~
z8|l>Dh919DHlHO%%*cvN?@jF&FKl=b5*TgORf9TOo697n9R9VXg;`1l6vK29(pk4`
zSVMYIXcV1`FsG!Be2jyQd?Us#!Je_f%%2Xp3}MsC?S<C%)S5m0-f1v}_MjK08G6_;
zc+mGe06gl5C)EQoYQA!$zn*1as#d8=uh!IUDD5YL<E}*Zz<=n^_5RwO!y@@z3Zr3f
zFjRMh<~%<Q!FsQ<QdPe5WtbFT)fyl9_o$58&|(Rs_O8J&?DX41ftWF|^R<U<tFEK5
zJfNadtv$e-IWA!02iv%Uw0fXB$zk)h<!=<i|E+r0+v-maZ<uIlk@iwd-^%83GX)0L
zzFL)6JK!r@M(tUB6ynU+mmVbkI=_I4Mq6x>3f*t+F1<#gsh@%xv=UOwnq}enGp9NU
zyWEwh!kS?_N_tp@-IEVn+k(d(h#1F!L<vE^UXqd_Fzl${kxr<(iMF6_Ctcrd%aZ0*
z!b$S2?XXg|+n+JiGBg$+86Mm)KX{IIt@9MHRWG7lH4sH_D!K3VA<q=2AtIqF8sh&3
zkPA#^*sz%J&uJ8mFB;N6(5MQVju6y9BpC}^Zq4NL59Jhe5Y@0+LE>>#8_)4$3S&{z
znB`z}mDxrp2F0ToHEVDx2W5roxxwouxMjW|Sdb=erwLGXvVOn7nkoM#I<RO1u=4t@
zRvY^3r>l7M1hfB;v4%|9A!Z8vUJg(mjKwb6y2XlBZ?1iLX&D8+W8DiYxLq-IosYAI
z*H!UeyH4te_Z3^Y2BRxI!MLMVR-pmlPN7;Y&~li<+*}V9FUBZ9wofyv(_rLl3pjdm
zB^ZNXC;p)R=Y0Fso9UuO6RY+CF6>ID`HdpB!OcP{Jo$V0N4F~#2zVl92X;{%r=CuX
zGV^nHsn~ufr_FVe<8Q!6KZHf$>a1qUqdyPQGu7ImH>p%E+#hY?%mE$GMmhkuc#ou-
zR%p(D(r6?Elauie_QKuh61yT3j`Pq0EZ`n3`Oi~f*@Iu<Po}vjK3+nhf+KNeJlb6`
zV3jAJ<))yeE6Uh9=b-Poi}<{sEZm<5zl+XhjeK8k>*w%}Z?Sw?-u5r!Ux$s2jf;!7
zKMyCB@M^WbM`pP_=+`G;KhNh+o-ZGx(nMxvdjEWigkGWWt|z;8_qyi+ji=Vv=VJA@
zi^DGCrN&Y=FZNzAwV<TGcsPYD<>H!NV$*-rOMfa$Ul#zjRNS{LdyjNIZ$VPBw@tkv
zJv*(Fv_g>L_A~eBpO@N+90r?P3S9e2M!U+iUy<6@nE~z0p-jK&axK!<=!5C!7sQEv
zH=?ZuL9mESWyyf7eRiHVG&$Bs1L_xC46ZcaS#fK|Vqq6W)v$rQ-AyjuPiJ3bV7+mW
zmQL&i*1gfMG6auM30C^Tx|3vRI-;o^413%H45Yb<#0OQaMX(z;U_*@KbFbXj%j7N=
zPZmF}N&zcMv2|6pIQzDKY}(9O`Ik3DVfoDhkiV}Ixzo%pZ{l*S1AbKZcb9*Y^FB{m
zN@B-V8!JO--$#Q|3|J`LGM4V#d<U>w4xkjHg?6f0QB7F0QtiSyd~XIEQmvig;@biA
z+^wTy{<nVbh7le4*CrCXp)>f*U=$Q9c$*Y#e0Y8@@HYre^!RfAG=jn!MX)av_8nU5
z+A)@^*C$WMKQwfX;MRkK&+*|n&o;-q=wu5R+yZqYeoSs<BDyfUWS&};#p(>~(sJny
zCB%U{s{5z#tl`Yv5e;*yugR=x6!->!#O;o&P8s|QRu3x=T9VRTCbIb&^{I)5TS;i|
z7)Dx59n1t}2a45kOpZgWk#F;d)%UBH&!8<l6PTYdIQ#pYa&dTZZtiYL_IZ&vo6scy
z*#oJ^8)*?r^tlbjaXAj4_9K~WA+u0T#)7s|5ix8H%q_4`v}^@dua6Pi1sKJl@jNtr
zqd@0n>b6MeS-;4C0|%KFMe13Fc#~^X*xuijwK~kg(iL3I*ktEc1t3}t1A5@155dYw
z(Sep7&%-=LOyjZ|PI5YS<2aJ_C=IagKAW)Xgtekt*|T5|hm9|kl41m879Yet=2Lse
zU*WQHQVnlYf9LA~t0dZsx3yW|IU?1#pSWKw;;#eM8ZOZrPedVnr_=5oZZkesAj@}V
zHT5`_R{G=<pxkliD><8dReL6@Yva0==_8d8TPWkY%q`k0yCTX*jEm{o7UFj3vYQ(Y
zsup+8RmM~|mc?NRrJAhM+C-wPWV|B%)wvraHVvBcI{Fm2Zet7gF|%r*whbP}s>Vpk
zM!NA;PJR17v?(j)m-?6>7cHsD<fdlDtAB%Bfq$p7_NqB)x*IVD0kL%nu&+xZXvz#t
zR-YHMbsWH2h~D-xc4BC&<62zM;sfe_6=hYvO0N=I(OYo$_-yr~vCyT0iDnXpoyNn+
z@@kVTzoULm7xHcKl5HCh;tS-TpCce7-l!C+ZQzs-cCJHp<JnkG+eGKb+x^md(mDsu
zo_(5-dsx+WtXe}>rV`uac%aW_fzB<a&g62i3toZacL>L9b-o5ESro<+Gqso|UCN3@
z(J9ZA_^4G`ACB6<>U-4z%&|3`)X(Cwj%t92yxJD>qBK?qr^eO@)-+xqAlVnXJS|6g
zoqy~r?1dZGMfOU7$Q9OWywYnfmz$GnN0^+TalBUXzqw%ptY_vSt++=o3y3+NmdRry
zCT$2v?n&1_ZRkTfA9x)p-dIFFah|y$#@+3ns|qrpPj4Sy>0RfWf%hc{;~TZ@sWs*7
zrb-if{o&3}c*P#NaD1Lck-w@m-Eh}#-Y05BerHp0wRWF$O8tJ`K=Ly=QRwxcO}S2u
z*_{tQQHJ7p5t&6f$$=)vqt(pRJ8k|m@R?J$0KQXrF=pL@qvy94C<_<^u<b!AR22|F
z_xfUz(br7YCFD<QSrrlQanGifp%2mpx2^6s=qFz7%r4)kd<x$cH_F9tN5oEy?q5%D
z_Ex>#TRYq@MQ^z_KvZg|_VU^~24AwsX8L!mhZd$j8$2XSU0l{uzxA^^)OGv`Y-0gx
ztqTt?-j@^O*XF!2>a_cP+m%UF4Trko{zkS0AO|DodH%8ppFW(lyDSk?QFE-BtzpAp
zr{*RVWF1jws6fMlC~)dk<=R<^K`QA3i|KTBiksXrhNsDE<jrje1#qSd4`B9nq*)%d
zqj7ednA|n9ot{qw{EmEp9ohP3XM5QC+{j>_{+!QfKivRqI!SD-6i#N@#yX%VW{<W)
zG3=Lse*|H<cubcs+Cf&KLX+!`w+dSl$73L3-+5U_QJ^-5H(msS_gaA16Hm^jPxanV
zHl`zy{iJGaF>HcP1Kn+w`X=CsGBF6A``ya=scQLG8z$vV7jfzP_N2A+Iyr+DTE^g*
z;?jZYr?l@E4=PhFS64x$e<=98L-53$NUhdP{YQk7MgPDJDSG<ZO-_neKPxb{k+(x*
z_G$dq98@_rV8Ss9Xh%oeTd~B~kB)=^dhb<=SW@+xocbM-dRg6ZMX~P}lx-|HM-%^f
zHd6sE<e$zeTKo&3fHPCtQZZ-5NbPM)zzeC{*QarXJ6K$JtZ)@?0(uS>z|<eO2xVys
zUzT+vDIKF1^Bz$L)z0jw(u6w9r4<xW<{GLo<=_6qi!5oQPOQGXY}y*}-u8ZJ&(M+v
z3M*l2jX9Erk&_rltU*$n8w|~Sh2Mn_A22mCxx<4XZ`r!U!abvRPwF~|vXk$Fp%sIi
z_mY^NT_zo<)jKA*g}`Cz9nKKfL}<5b4&9}nbYiR|W%9K8Nu~5Z%g|u`5=|X78bu+_
zy#ddemyzF*eW^4K+5NXcDJ%GxiP`Ihw8yZVxD>89{OqWD<)tpMGt#w2>!EFaB$b~M
z_Bx|byN+qH&_f!+mX({XpMhX5pi<8S*(Sc2A%VHtQZ&Jlk(<#cY;vL@ZQRu6Om1_1
zRRh*TMN{)$+uew!Gl!G9RFCHJbOH)v+#|AiCCQ{%K-ps=Duju>3C9u$RmjlG0Ny?_
zwi=<5kA`}+uVdJ<jE5s_bD~`T+SBdxq{l;iS$Lq&LD{ee%YslE_fFS3KG0`RjvAEc
z0oE~m2q{nr_Ci~wcgM+6IMGarn}Roskjr(DXW376l#ycq+bXW8L*P3*|IRt1V$Qcw
zJz9X{t+*NtM~m8@uEdEEf;+7=e{NgN2fZEXwr&z@2oUpam@h>Z#8qQN2V4U}x$0pU
zrhJuxd05d_^nZ6eVA6^XU>NbQJ5ybck3X-XmpJnHUDjYl0(p*KNZN!(vvqd9t%P^*
ztxuuxO^>slz=51cn|E-%njc=)hT6mt%mMIKGX(XGpx%@ke8Ta8em(%>ZotbEJChm*
z7ROJm)i;E3hMM*&Oi!TK0g;pQKOYUDC$LZH`;o~ijH^k%YlCdxluS_Y?o>v@`+k0B
z0z$}J;Wk^HQMH5KQ|fh93&Bj18izL<dpunBg;hClrInaCU|5eQYtW7<df-mJtna4m
zJFL;97hS7NnXifNcnFzRZq9GD!d7Ca&_r}#^>P6?vt>-w?Ov|FXiPzPS|dk0vEE%z
zfwkR)ogkgjdiCv6*=h*+JOFg&>TmuyZIZrz_pv#PuwwVE7-eE`8M)3XWnO-q-{Roe
zy6G-@41^?mQDAP}Z5=EY8N^`^L+rZdty)=zU<%sV9vU&;`ZeP(9)Kkm5G)^s0_0Ak
zx<3q&h8rsn1rd%mS7UyWjB$p4L1xhosNzeKh4M6$%!FBuVYm3>@mftINr^rj*$)5o
z6Hr)sog=X-IaU^%u1H+lqU`dFLe#5Eqbq{za<>`~LGN8rtx!y(+MjL;74WqQLnVLa
zA+{L`y2Gv$pt0eY0#9DBkB1WMH8~e6+@+_rMUfA>-pp`{4}=MJ#iL8_GHS6tZcHm(
z)xAZ+B-x>B7HveQi*I^n+V-FQ;i;6KIMkSQxE+Jk4K}L*rce#fafp%ya{M=IC+*|R
zSpFI%DTDF$?>WKwvpp2w=L>da?<ipFA0m?&Z)o=0a_}_d4?cpsXjI3gQh7NeG`7BQ
zyL!Ge9whG%@>cy|IAf1t0BhG8=60H1q2BtV&*t3h$JA~!_0^EoZRw|O4{(5BP2gv(
z{~LreFab`8JacnF*1RN?XibkN=4d;=ibmXOryB&cLtNboU1sNgrw}*w49uEof8R8E
z$Tz=v;B3VG_N3#$snyLlXza)|Us~islt-|0q&~8HExZ%o((6On_mdgLt2F!7&&;<K
zFe$^_3>Kg7#yhpH6=K00xZd7AdFmlZsoYl(m?w+QRK1@B)R}bFcBjD)^z!Dmp!;M<
z{0iuh2q$$z92TUQxuJSTda071h+)+k=e(le`7!etts^1C=NM|1R@S0;fTQL8h{q$F
z#kP|PdjQPnBRJtRKGBB!n!;;=f`KimE9My?H6ehJ`Z=*@i}7G`{Du))isfk3KPM`d
zBmw(k-RqGXXtmw$s9Wz!tb9u#LF=dk21f%+Q=s+$XjSkl&K9w+tn5$g?vk*dfg_Wi
zDoi}aTq|-qmQDq1u(KaP=<1WBYOCLMHYjyJ)XhV(Sy18tRB6f$tNE@z?-((du9kO{
z@;)ndfP?|B1bc(51QBA}w7c}y7iK(XP>#6-3nOeJLwPm!iXhy_R64$fNw$~m$*+TI
zdq?h*giir}UQpuRoI-)+4=<2fqOkO-2A)Dr=fRcP1R0(sLz+^$tYwf^61sBd=|OqR
zJ;-k1K%71}v>#B*qzXX5F$7CycAZNY*q_MtnF+K6d6z1t(juXzIG}o>mm)=$oi5`>
z8Lkm0R^@$a9W!v6wXS<v+A_w-#oqzZz*o4eyl@fBqE1>>cPNZyV?u~ZR#z@{I}6*6
zn_Za8e$r4fpbRPRRhJALen>!)t#P`KlNuJBt~2)T`Z0=m@*95w6(M%+MW<e#iHz+n
zy^+iFUKYta_thK>FS{pRrCbcHf`64|`m)_X=%|vD^RyiS3TSDK%&X}s5<IEqAN}&%
z%#k(&hTj>H2T=s75@_}E1_WN;Z^B@MZ`!6v+U`F@)v_PA3Xqt;zH5nLvf#5Lm?<u@
zD&9o-e{4vOz^;_(a2?`g7o?MhnU87yaWw@8CPFb^`*ncAtWd)TY@5hCEue~0MGDw@
z{X}94*UPndVW#yAqmkdM)F}W>(*=^XY8JKo1YVzfZm4LLxzpI&uW@nRt|J+wcJo~;
z%;uf<;=dr(Ea08Dj}9D1ccZIYLq~<CtF}#0o-ML=uNKk`3UEaBGZ%`acc%CvBGhf)
zi@!bFTnc&C(jjtL$|Qu5IJ3K|&J5QWv;fc>9zKQWjnSko*?uKHqTe_O(yE8rSf{<i
zz3`H1w7r<%hxeYya8^?4@3yciof^zCOMGaXY0S!Xcta38-_{Q>7|iThc_Z<z{;5)b
z+1u*i9XVSFhS%8?lfQXu^mQ(jN)>ao2CK}vS8r0(>`jyqz}K3U?96YThLUXFx+Bus
zbDt&JLH&6Pn=(o(<vwpKQsrk1@EB=OAKa34cFhG9tIaPwg{VbRoH|He=ron!Umyt{
zhpB%cv$*RM>BxyG35C!6@fvL#EBEt~iN<E<SQAZ(jFKZjq~{4D^Y0731VPV%YJ6zC
zLhj_(@H&yPj_G{DbUAq;PCJaHoa%tL`Kq{>Qgx9a9rGhC3Cbb+b7NNeS6xTJa!;eB
zpwAB`r<wGM;}yiE4tGtM$t(P=h(;wrU1rxd$}uVvgMV+mDQQsR+GR5Ujor1064m&s
zD1*KY^MG?gF@KL(R@Mn^V3L*2g|t_{?T95UlP8=(EY&W-Tt2e|+o#twAl-t};Rr>$
z6;|_L`u;K*MU-%u4j?CMs?$=>11Bx#CRbyCif-)g444vvJ5%5u_(Kw~X^TPhZKO;}
z**urM-p^R^EFybpy&IG*<5X`I!F0nKm_<-ExoeUW_CwZ1-E(S|B((-=;yq?ATV|QT
zvT+D7mxrDFB}OIreK*uzixnS>U9b~HKc<Qh-ci_Oj^{TTYjp*smva-hm3j<#{F-JN
zXB<oLu#N%J7-7gT$c^>Jg;@>&uBqZ}fp~_{S28qp1KsKnXmts9U_LK$r|KJh@hQs7
z68ibWv)@xwtmztNA)nW#8$)$JCvh>dLKl1&mSq-aVos!eD?L^>SC0)TG8|xj(B-GB
z74LbaaA(8zXUfBpV13ImOqc2cdp)3k=P?Y7u!LZAK_V(CkCtIBfa0!`yCWMq3TWT(
zxN7fqTdnsuWIc_@N)`V|2gu9y;+o*;2+zogkmUEOu}MDh(K3Ats!Tr3T$O0|IW^8I
zgj&d_tvFHeoPN(-Zs@Em<6hjseLHwZn<>HMQ!B$7fSfh6XY-lb^dUT<dEL@8O-6IO
zXD~}x!K@Nkw7QQ7PP7zBaYWl#_q>X4Nfkx+LwdZ-QNe3vqva$EA7-S;llwu^n_;%#
z;?C}J)`Ej3`1O<lMV!9tuzoV-H{92PMG7KaTc`gUgl{QUlgCQiCTcFObV7AT5Nuwd
zwHzKx;OU3_?I)|*dk~s}WP}>#vYAB1=y^MmzyFm2je_q({rOGWD=Tc<yA8eDxk;w>
zXQDe4{DSDq5H-$alLXkiLU6%`J15vTrZG+>{+zJXph{4QZaSVzb`Ukwq4@EtL)IMv
z6e!a}GrLr};mbn4mokNE-#|^tqoC+aw{h5p;Fv@iXOuyJ`p*$W_<|Mfu+&PQY~y!D
z(-yDH8UXo{rJfd5qQOf@msEk?DR>EiquKj7w24d*#Y>S~1}Su=%l(T=O-&+f0Wt9T
zfqr&qNA9dDL_TgXgKw>as*U)56HlyiKYku%*gD)2vd9%z!xDB2Y((4X#$kyygB80~
z(aEUYrA+O4adX+;pG>|syCz8Cz^~<F-)UTybQ`IG6Vsoa!PiN2^PD<F*#}p&{yobe
z*IM`J{GYhLzUQj=i<+`T=N%yz$Hg4vw#95ek61+D`nKH((%s2e-w$Vr(L(L7%9~td
zE$Ym|C;a@6MZ8X5cjnx^LE7<B0>(zCf01Nzrv=t)I1fGcdU0h&Ib@lxGIiM2pH#2;
zx0`f8D%Ii2+IIVDAkIMHe@abF%1o(s<6tdSr^F|RJtoL9haRurZW`%J{mOMF*-H&F
zF>~U+s<d9TH}_eFtuNdJg5JOa6!7#`GrIyl7vNk_L9=0lx&Hp}IkFCp{QQ_*x^yWx
zI_z5<f}>;+QopH_DJ)_a3jOOoZf!EeP!k0;C<EiKdyDBx@$9)>QOuv(Gf<JUS$i3O
z$HRAbpv*Z^bhb;vo4rebcbm`cvn^aMblHq+;}AjcqKQ5*h!e65_tH>sf|hR9zwP0R
zL!mTssR5?SE*vFQ;AskPX82v(^h>uZihl{FCv(4r#3e-;;yejcN^?UYyXz!O5E$ZB
zbBSRddwE;|P(1iZNP_JR)<37)6Jld?a>_Uz7}WxI=6p?HV24#|o&wc`gWHvau^f9|
zP42ATEJ-O8srmFSF}!{9s~;J`YM<kZx|!kzuY*CzJ018#|8Z_y6<Ii$9e?PRLd>mC
z4%{95+j@pPXe%d+u!`vBAH{`8Ml!uw-EAP)$3Uj-f2H#!T$^5TVLnGfhO9BBy2hhT
z_PE=LmMg(*gD!Q=_eXQw)mF2Ufrdu!gs8Z>3;%8EHzC<!z0Z()D!Ze>@-F*PT_m;+
zR_+{bA}N8Ih67Nyv0rnkGa759w~7I6b%qFyz4_kJ|MMCL_>{S9LorF7e^WL$b7gRw
z;;k2VG60*b(6N)F#o*u8UQXs-b2mDO^~3h7Xo?bj=Z#3NY**?d_2<!@LV5q`(RYHH
zv~@Drlmpy2ER#r(>n+Ka7#M^^GCW`WYaCVwdiFn)>keE7(%BxqAtu0&n^&`vqBx!l
z8VUC5rWt)!QQw&<N8S&97q;x3hOUOp4HE`C$OP91QfEwlu@8I_<pvi^QB*U@MD7mf
z@$)kJerQqMRA8?lWBixhU{?awIfX4o{zb`%<bz`jg<O|GGotl%$=8})VN07v-;)yL
zuC@-Rcfm=0Osf|PRV0<F^^k%Xq+^I3eo37g87eRNIaW&;iO@F6qBfIgFuQTdJ73{j
z^DBQjP#`cT*c-jD2`~ltLci!U+sB6{qR19zRJbjB>Ka^<+PF*^>b4zT(DgxW`UV9#
zDVNEL(ui8qCdw7<#(^zjxxdq94E%s#yYD4a0+q&g0US-uy)|&NlAlQRdL-ZwzCRxy
zLQV?R3;@#81u)!7Zmo5u7wzgq!W=C!UTkD!l2uN>Pp#}8!4~L#Lw0k(1;<%k((Pif
zxqVOEaRHyC+jSSDDuWV)aP3uoemUtT?rQ@jk7G}0ug%lv&m$&XFJRcYz?}xDox@$C
z@!^F7iypS<9{(mL9RGlZTOFi6dRv99w;sdALML42x#l;I$K*+F!fuL2`nI*?vzj;X
zPAa)^mC4l^Cu66w60wp{QU|kU7EjZxGi=+rOhQ<rX|tms869*CRHrbVcPxnQy@jA;
zhFGZ4PYvIx=fgUOHZ2_!$GE^P*Ky5JtxT!X(yuS-OAQ^LOIzwD8<c-zx~^h3@oTYp
z4z^I;U3gFuX9o|E>cme+WLQF%p(r;dTTSuFsSsLrrV#widMA~T_YrC}cX=U-5S0FH
zRS(|mSS(Ne0wOV&OU!9Qx4VXGfL+K(_;MCJ%ySNH4*2Od(YeQlx0Qo^W0KGRNN@Rv
z>nm$syxO2s&G@^7m(`WeW*jZ=iXV^+Q6mV$Jpj=m+f~rKKLIPZ3Ew}rm1ug(O9e8y
zb8i7Hm`p+20VS3qy#JVBZBZ`Z9zcsN7!`1Jc|$bI0eQoe+tJC9q^|Kl&v6kaR!u|x
zvun}!OD3I=+uVekCVf;ZP5Hs5uxc6TX#yP8OPkUDABe_?Y?qxW(}c8aohO{~mc)x0
zlq5$b$evNkhP@*!h8j6{;Vl74udhEwx7VGAE%kr)-#ht0V?1W!m#V4OWjj1aW~E;h
ztV*@8H|I4a8#?Xff`}AU%<CaS2!2O+pWC^Co`49(@c`=dG0e0lS#8Q9x(Ck(J>NDo
zR%?U=gFb+5b@lQFbSXmOOcDN&mgMGO6kvn{9{_zoEMIr}3VV9~>`gG`@qK#zqP9Sq
zp!~f+DC_{EFCcHMXjjmAT|_DUJAOT)c|4-zlK5m29zT!^q2e)ki5NUY$L>M6f9RIo
zjWZt8P<9cmqouU*(wn^ET1G^CL`W1wN#sRGYpt+5nSiJ+5g0VU{l~DNV^L+^2<Ftm
z{f4<fNLJi9s?gR{{5)7tR><a5#7`jl^q>8;gF^<u{aGRGP`4m;-zov^D$`~{^J=*W
z!3jx;VLY1wEl`ojf#TGFkrc&u9{O}({WOB#CIFUHaN<<_-pHm@aKco=IypGRi~xQQ
z3?V4+fV$2QdlkTbs?i`-4oBa4cvxVS8-Eu<{43ZD$_mmfA&M+uutfjxClAA86cb;=
z|29^Y<%#iJD$IH;H5zVWLB2X+l$9bf$Q8zK91`XnApbsnWN-AzASwgT$@1jMAPRfe
z$#(n6AhLiHWWzxTzU^+*AV7{e5ipbh12RT~7(^VS&jU!qb}2^XV1oB7g{Vd(Z1@=L
z6}wSVpxOQ1EE+VoOTX`9Diko`{mY-8-ERyBSn)ItL=`>I9SN%Fp?%m}!`ee%SERr%
z0R}`VS{Du^;jkA=WF7*T5RxBDH1--u3_FM?68FzoL&)my5CuaKtzX>0$=*GI_&xZK
z+g)LOpO^~<5t;<X69ro&57vqyOjJCu9Ew0X2w@akUU)&-4VWGaT8BA^mBJt6`8ER*
z{Ss_wH5RNxLmFuX8es)!7mAL-z&qj0IH7r#S6~?y5B*UAB#}YH=%FhjLJA`AKw=*a
zxIqNxT~rxIfPgZ5Rf-G?{D1QFMe;1e*?FO&18~-WoGfrYW-v?gG*fdFVfnNKYK9+d
zP^#uy(`HLoQNc(H1OkZDVL^x+AP^Dfh6sXX&~PYbk}v(>&p^N;ao3@68xmO?tt{Q%
z49gq{dGi4Lv~IZ^mPhn3-^lInEg)a(KzHO-b5UTQkcA)7ARpm&c{pH4W<LOYhyC7m
z^1#NU0G}`eFCaVf@E6E_SCBRnY<Y4Z+H!t|;8Wyq732fg1=jrY3_O4d+cf#+VL5w#
zM1HdvZaMn5@BCW}1i#@+pTKsr9O^lHO=^EWoe16Gz(*UM=cdaNDPZ~=LI26BPh)|0
z8~Hg4T3Mm5Wh(@-J#@tcZiMgAat~fz(M}?>*?HxdDKrRY8_aSm>~bm<_#gb_YGRSf
zRAiWD(40t&blzqD6+p-(-KNg{SZbt9jssY<_G5|L4K+2zZf<4G-2EMVIPRs;82rl_
zzn}9MV{b}=8X(7sy2ksPtLT)3%9T=alGf7p2gz}7DVFOS_|W%I{KAx~oWdwM2F}R<
zCWS?gnbam&dFt8@KL*SUC;yMJcAcnRRrV3zIf@s=?a?cZnwEuRk0DnMyHgZY*iQoL
zw324Y5q0NjRH8w)+EZZtg(xOo^2konwNIj4M8fnt_>f%u?D!A`ka0k1W{d&kYp(&3
z(gXKHK}xb+K-k=XhEz+o)O-ul$n=ErZR{F&#hDCpJ(pfJIb_$0$G;tX&@)|>CKgCh
zW_w#$Qe<I(dO$&E8!d#UVSyQmNWO~`VA8_~Bg%RJIs?C1(yS&)k(Km9$>HpTSNGeU
z7$B;7|6{|N)pU{CAeFlTn|{~2IQqv*MH)%6Krh(6P5uwCa<Etb$#r89DS*&~f8^dv
zLzD|!Kv~ieQ72X#i!=0;vr7iB)nN=oZPv;gk2pDMwHsD#2gUi<B2=n1ZnDf%Eb=m5
z)QTa|iy32&GZ?|o^RhyD`F~Cw!YjvO3VDVD6)Yb+KvXSrT}bs4m{T@_oDw3Hqn-T>
z7iG+<ozwz1&?06JvBJ*XI?b-{tz=%x_LY@47p*l*81uOnG4kA%7PNtuptow8*0ss$
zoV6m)%`&WmUyyQ<U-I)P?3ED4mfRZ@AJU@fvf2{<3JQJYGLnB*y56F{j-$wRpZA@=
zbu$Lx{qWqi{E*znhPaP^7RKIj;k*WRSr}R3ztMu@wcluZ`!1#4LY<RTaS{K)z}jrM
z{mUC73q|K3AM035A`lx@gpzkYrf~avP;U^?$&i?wwrCVKXc&xPH|Sl@SbEo?!*ihS
z^n0P6=t*RA>T7%Wz1Yy+VCBningL=584^7a!Fwv<zzLFBHv^6Ubg}KFCkG?3n`$up
z!T~Y=V;b7>o2td^N?X04E4?`l;2bbEW7@slz`hIN07*(D*}-``1~t=%{-bK#PmTH_
zS+sgq1OIJGtFK4V3T)4nC3=~gi#E+9mRjZuWO{a&cfhBGGJ++0z_P*sIllG2#q0oC
zV98Pv6^TUdb*9SSBfF5uW_z!9{&lDYvLi&tQ1rht2i}UTPi4-`t`xx}i!TAwFDeX8
z1|yQf<AI}5juA=Eqq88M>IjCxa3Rb7WJ;O>yoe1``!Ds#h@5k~0j8;@Ig#+krgoiW
z!onFshS^aYb-HJQ-y$mWj)rCP4HhNEZXe*R(>a5LIht}t4}@KA7prU<vY@&nq{m`)
z54JgIQeTiV3n;7y;X|gQg1;)vrL>fcZf+VVsND@w)Qe9*gD&PJBwXggQI1^;{`3$_
zYjrBMAXpD!>hCPFKqBYVO#`Bl85Xf1VKFGI%hX2BcjgL<5Q+Qi5ooN~22A`;MP===
zO`~678KzG7!9#laac6hisy;O*mi4CrJL=9k4NO`>SFn=Oo*Mc@qs`1Cj_ZGny(T1d
z1lty%A0sWC4__l1;WjzwTWetvM>`<lGAIfyBWh^Fz#FYELDFyvhmSf6BvH6tVl9*8
z8d){F1?XgqqE6Y*tQW&SBu}cSSzh`nc0(=5VkBP2%BpH48I9Qgfb|wEF0U-2xd?gt
z0N|`@D4$@?BRYEo84mcI7HH33a4L{b33oFbq$?m!R+yO+tIBM6*lmz#5~FAhZ^lF_
za<DRz(o-?2LB^TO4(Xe4@biV=YcW!u8~)2XKb;b%y+oZRCoQC0Qkv@(jmDl;0$86#
z&(1D78OEGU+s9gdPEa_n1ZJ6Y^nxKiKqSSd-eCnLDd><{{xWeERb|n5(9R_`$CDQ-
zBPJ5K(iDd1_5k3|3IPKW?AAyebui*Es<eNUv@A@(X~uYnuer#VnZJ?15OI40VKf`s
zDgA>|(DXY`bid+yz~^JXBy#vHb9UQZi&~mLB<G1P;xU9UWOgF6XT+zd6BQ{IF69Y2
zNNg%v!cO93YN8jeAkG5)I49$O3MI}AV`5MMd5neh$hp9&A~Yug_!Lj&LR!7w%^yeT
z>D%|gr61U<D+hdu^_#yYS`o10u^l0aP5WTa1f0etC8j%r+;<<|3LmhOU?;-?XJ;P}
zZs9!rQf9?gt=Ow58;EjCLh2RTdhB7kG@A9di9nL3a3x>3n)-H+*lU=P*4=1AkONTw
z84s^cxBOmaO1Z~?GnEiVXayy-FXVR*!V*lr^ct>EMcc$&dm#=}To(|%+C5<lCkz<h
z=V!6;el?o4i=sq~%p7#`g{n<wjv(VYE%cU|GO)xlwCb0t&;=n>{^`qttiXyP|DqvV
zuFJM$C1ppTAYh8#gt=!iQ*~Qw;jo)gr*ftWP}<zDE?aYaNZ~p29w0J0g~*uB0I6|@
z#n!WC(5T%)N|#F65>Xe1Jc`U)Uu_YwFX22+*CL?Ox^2y}7nuazRLvvMxk1h=X;+*I
z5}8ES<c0LW2@6C?5BsyfPOo4?aG)QJf*DDgY;?ra*6TTgJ&FCzL6YPfH3f4En}bi?
zv4#`$67D8M*mX~2WD*?5ZvtE*{1!ncouW7qAzk%J8lDQbmmpKF>SXJjyuC@u$m*7y
z1y}=pCtCjc3dI}8b5@eJln{StWIlh-xcADOVYt(5L#C6qxEfj~OA1KexWoT;#eS>%
zS_e0Kr9#9^*Vc!iH`96E7%U!JEM?#*4sM-KyTC3E1Nw?B1%K35Q82D(=6yil$MVVP
zpK&vh^fp8Vsn0|09?$rI&$j;)HGN7`{vD+$nfSri)M35w<(nqwd!xlmSP#F;)s(v#
zY_z|U;??K$8W(|uVE&lY^+5Dlr~(oxxj<uy7_VvWO2&pXot+ZZg}Q2CaS@drPd$ce
z+2ikcUG4VlPwLD{K?}Yf0j^dCd$6?!Veq5LAvlf13L!A~NBZm@2cwm{#m2#i)dO**
z5`*L~dMu!yz*)+VT<LK5a@6S>hjky)v=(?cR$b_y;1Pkw7ThC*A_dE$-k2Z;sA3q4
zyEfiBB5?P!<yh9~655_9J=le1_|`b?B_sGhQplQyYe96vbir`L3R`Az1qZ_+&n(me
zt3Jv!Y2?nLQc3_W-OqnmCZ9AV=+E;amQ8cEOFK?|`z7fROjgWVZmp7#X&{VOs?xA~
zjM$q4NzMo_L{TpvAC~ryTt;Qb(Jd3NZeY1xh|Qg_pIhdYmKgloDF_1}Nl=H>QnR)n
zi@35Aeg-80C+W<fHSfu6Cfk6ihq&a;Zjl{;Vqseyn++)?A4|z%F&sle(ZcNO@47w?
zPj^I)9$SPG3sq-YONd074Jq!NQUZ7-yZ<zTvqHNT1d1P{w7}I%Lo2+)H-A%5t^>Vb
z+~m-@st3KTn`KrD6EfAS>!FhtmM?r)AaV4q03k0BBS8qB<&?BF1F+5smtw6c{vk+W
z>sq9~Mj=WLstHPoV!+yM^1yBfACRmCo=dBS>vqYlL$pmMaHLSq*Mg_bPN0tWKr2NB
zi^p`%!)A18m~jrWo?xIHyS19WT#icK(^L}*egV{NA=J%qmmQ9H5U4eXs<wmqJ~4=6
zfAw$2M8vSi$eNyq$OPkI7I(#IG40aefRcM;5YI4TU=dr(JFsVl4^HC*qE<5E5k=U>
zB6S>^8zwTs143rTgJs5Yqk{r(>~D?A!|?Z87ifuE2M=6J-89q`E!2o{eHVlAaZ*SG
zurMLfHThoven5f0q=hr4^^xe5<6~SS$N3Ogl!rl~9FIR4!a^F2JQ)|QxDU+9h!qxb
z%XoyzW_rG2>o^_#=uPVxBfL~vgltZ1uyEjE?N!u4?gV^zRDn^fSKP@KP1iXgOxu<f
zaj!McNZ6SWcXeUr6oLl9zMLmwrDbkxFQ|4t<iR_(o}l7~_czmuVfih!py{|*^u`K$
zVs5>!qlRLTtjVBodx_%)6;`!yH5cWKrzvPd*Z{(ZQ){5KZD-=uj%n#O)9xMU)gC75
z04;QtBn?LZnSk1%j2H#b)L}zKJ~Y901hwI2N-juVXOLIpFDDBc2HIs{t80ViLNSJ_
zJ@M@{Ur)!Y-e3;Z^!5;5=2s$ZYsACzK8RvRPRxgywM(52rfdX`_K1Tfd=R!cl^Wm}
zR`ucfjy**2sN*+ybEiN`$`&PqvBB*H+s&5-IAf&F**#O!o^q)jx~cXw+^UuPO)hE0
z<(#Vl{?C`<t*DIO;C5K(Ml?>hG*O{+^-8JkO?6*ez86qUKv5qyGtJwk1hW;;!`&$G
z=A2t(Vn#DlGiLZ~y4kqbwp{<&SP)tb@a<7J*!cqDInbh@w&72#6eb(4A=<goLsycF
zfuo(~<PFbX;{7cElQVcb`E2r&$QenpT2`zao+h)55II#XoTn%$zzAEQT;QuMMleWG
z+pMT0&(5EnKYgw=5cHi;$<BIaM!oy#l>9tMQT600`5FFwrvLqn{7il(<ceGo_h0o7
z`I$`AAnUIAM)T=en~^3oM-HeMw_f9L%;GD7<s`ymmRDVV_Wzk@G3%R%TvK>@0$n&I
z4`5kc(L1!>UO)noYV65plc&QK8%5qGbI%3T{?|P{d3ri+bzODwS<}Tqx~A)`UPG&C
zzJ^y0^8>>QF7ovQT?ZM0ky{r0-j?PoN|vzHB3I%*<|fJtUpCCacr_)LfGJEHBv3ed
ztS73eCjAuF_7m-v7?!Yf9kiji9>@0o*|V)}|0}zLBgImCzvF49JzUB#l)?U`hH-qi
zZ1LVcZiGz0Yl0?@-5urP7N=_Zc}A{8YVF@7aNL9cMw0hOZGQ3o2s}Dgq0xZdO;)w9
zwzb(71uNAgA`*6r655trxivnWae%~TsQa-1XH>Z{B7SEaF5D%Bm|N}A6S>1*rsP5c
z8G|Rzi?$V*=fOEMJYksUKOnf4i6&TK#<L=$8PSzUb(oIQXYKOyq>|VzoAd0<B#;?L
z$&4*2l%0nXYwo_#L+)9o>a20GGC<GK+f=rv>51MTaAU~D3GMu@%O9;dt0gyq6zxm%
z_8#UvhxW5GXB2!b)%X7)>WpvBa{qz%Tp!Ajhcy1{mB*T8+PgacaMJYl6e0r*lNdHj
zS>~aHJI6CTwE~LdRSgW}jO6SAPDL-k;J~0Yk<RuoJyUW6ttB(n2#1-TR1<47xzA2M
zBNOuERITzHw-HRDE1KwlZ=V`oEtOKBW<){}0U+NI9@>hXqreRxk{gPhos%A=uBE*B
zw&%7=-G0vGT%_z`KIb{F)>k6qNnAt|0JXKBbI$0ccpwi9haHyQVE?bc=j=A(T>W9!
z7MxS|sMAubIdVcGxrAx{y1-0tTC(S4LjERlQ9ehhHwWlydz1|}!)uvx0n<ANvxJy;
zuueSRmb$fVWSMSn_@(cM&qVNL*n`$RZs3gJXh3ZTC#hdy*gOKYS^?9}ewt+Lo@I6;
zm|79eBKK`#wZbk{HzgN2E-~LWn`d+}xL1M}4mGkj5acj+6Sz<Lwg9|hm=9pkmUp@L
zE^FW7ah5x-9L3#5UFo--0b<WWABgHJmg0?GLnInnHf(ZO_@#-<Icu%cVQWNtgP4Jc
zSo*^x-{;#d^WklSFfiM!^I=mIMqPc>b#B(uSCNscH_iRVNOZ^G{Ds*<L+lj#ApO-p
z0U*p&kkv96mo`9wr!22{LNixNZD7L!2dJrPuY?mD3PiqZC=f=IC5Bkz3;sO3an!UP
z&FbWiRmO`{uGNc*x*{{0(L7Nbr5k1Asp<nSM~cuYgnuK{Sjym)POK)+Wu@NYQ|zeI
z(ThxqGsSKU;Z0*4mSuv^!&(g}EBa7mtjV*oo-aM`orB+p<kn@ZQ^KYTaH)5e)=|5j
z!&1m9rz>_etT4i;s+EU3(O4aI32J9_^7IUnAetBYG=?MlWV=O5oIE<ixBjG&&YZV;
zgwa-OE~`Gv&9?h_!#)*fOy5-7+9wypno+$^hrJ$(?_*h}R4|zzA6x5{PE+he5Grw~
zr56rTJ~84isaTfjtVg4kgZf#CM*rqOxow#no{t`aE-~%EG`XdKE(hnC57K<W?*Y&|
z#=wWh&?U<XQnIx6l)ivQ!fAiuS_2?1-vTNgwI=ci%W4d7^46iv=fK|(LTygiJuBCw
z5EAn;fyGlP`66HWeEV|~mj)Un^v)<-M_SuD0xOPavFCl-0~{m1-)<FB{K;qMPtTuj
zDENa!UB&+j{%frA=HJVCkDbI5*`WK>+9{ESd#_L78Q9T3J8kUx<g@c<=TA>mpP!wo
z-aD50XOpL=#DmS)qNsbuWXm>xnQI8V2T`Uv)>=>EAlU>e0UFQl%AB{b{hS^9Ab{O~
zOMzG9cPmk{-wiK%OJ~q_K4kh1uwY-@(!`hpdw;9E$I)bywfEe$Wz4uv7Ysy*n^Zz)
z)|?pmKA<7bSee>qbvQEpTjy5vOaQ-|^F>`6d$$u#)w;iDjC2n~T`Bnu3N_5@?3z_5
zEoqRS)=QiGdZoYh(8PL=EKkuSg^RpJLQAByH{-KUrm?8I3zkEsNNP*=DP=;;O;y+H
zf+c#&w~oknn(8>zDOss+bS)05?*hI#AT`paPuoP^!|SeSwTzNl)Q!3^#y+kSXw{)=
zwNj0d6aXs)Tm}fNpAzz>mK6vUnj|@XK8T_h6v?ntr6}kER%=w>x(_v>{wR>G^lm5t
zh7RuX#S59RC?!R!1?miy4i?aSnXU;fMV;#a2#*-AbDG|C8v543{MCA~O{h}3u`g!e
z>GbK7t%o`HKm&Brcew`QHhC6|yw$n=W{q#%3MDmsoo8{%^c$VYp&ptTnX4*mc7|U)
zl)PdQX=^8Qnn^4K+>~`aZRa7vE&guJgvi){q$umz*85U#Kv;y$wzNy|cv$dhZQa%u
zb-Q+SL{9L|V@XOOs?)8fPj~axhaxWV2cUEn(=THBJS^ihW8vxZ7uxA3`HE+>%+@~n
z?izanQWDGWc_~0<C-<~OdDB+Ql;mGezP)(&!`q8DuTB+5@d)9%w@n_p+j8eM-3c0A
zx}AwL?N&1Yyvg)Kak^ElgwbqG*at9=-EX^3145cPg?fKgd}fc57gnK+l7OOwA5E}d
zP>+^-x+0G&;PlZoB9D3dFCe_MQ*P8OrB0PLsu3F?yRP3Bpt=aPK+zSUbbSYsBR6({
zZR8sIAYWxvRy_G46Um+Gd!%8e@5xqAb8_+BHF?S9UAS^4R?KXpR8Ui9OesMi9vECr
z8(qRa6hit<u4Zhut;=eQu|7zK-JPlKLcPl&MJy&gZ7y#D5R>iU#`}$Bd*0MdHYJ%O
zA+KPh*P<p56nzQ6Q>NsG7thJ7T-F#LQgvSAr>R>e>q6JK&<+EbH4TTBFHF`pd4(pE
zKvKyO`%ry;bViOo%%%D#ujcY-N-kGL#uHvCnIv~=r8E72mnNUPg2+J@h4=k8U%&kN
zIf%)rK%i!J?^MDw09noKs$<$qF%hex6f5rFufQhp;a)|h>wuBprxlQmHEJI*%hdUz
zC46|@FY4-9pqFzZFi81K$5W&4ic5Qwm!vJG4;<K8gb<>ue>zXu{kcr((=%uSt`vV7
zSG%87lB1_bQ*v!2p)<GN_C7DgxhQQzz|8;Th@6NLT9nY7WQ=OSH_d3)m_%^u1v`rg
z!XQzB7$icQARCLrJYk>_%3AxJ=b}uQfjNd-yrUyoRUrUk%Z%|+89a&7Oo)}DE?>rv
zlX(KsJ^7C{BbP4?gLeRyQ!ekk17&M0b3BPpE>`p>k&{<nT<d0?{z8N1<vgME%84CQ
zuY~Q%Rii)EB~x-ql%Qkp?g}^Rd-9T26lEOXKt3z9JrI@nG6VPpc*GG>c916$VEc<V
zA{`-AI1d??{WsOZ7x+EY!+%cRik$gVxZg3F618*B@Z)zSub7t`MIAwEiHC3%TOBeF
zn9jU)fDuzQQ|bnN7Wog0Ow3F%tbO$2n|GI^I`PfBOVbDSQOq}*4^8wl%KbEdq@dc!
zsb6+v)aEFEgMqi+*3%6cH&VLvQhoJd`Z46nUB~>6=ic=4_AXX;D^&<FWu2gu>m^l;
zl&tEk;zgjYDJ*%lz#szOR)V7mpt=z9lA+r@eQq+YgDVi0YcH`k;AcoRcO~d{NMVtO
zDW0G~GPjS>d&)C9;~B5kN<KK98tD+zfMFPR=0>AM9xL%|SUbsy`t2O7sHaolnL)V+
z5WYJClX-AZDB4ke37^G=<9cuS=H2B^XSL!a@n^NVyZ5YyAFf$>&l46<7_=wuaL4ub
ziz)rJE+!?qCnc*!o#@RY<~+1$$M{nllgQg?Tm{;^M=mrk0@`YheZf|dECM*qxc-?Z
zO!tr>!q>#Ju_Buk-oVWO58q<ixa}rRSh1YPWzwlzzr1c+Okc2KNxr<c61L+n^w|-h
z*%Ixm$C6}x&OEq{QRrbJ=aneqQNxbS6KZzfnYkcuoNp;fM3%86XcZ8190*IYM|IP&
zNOF4jZ=k$sHSHWH;QZaIi<fU+O;_n}m*QbkiAgQlgjc?kF#>8Q68t3wpr-IR@<@-l
zsamQb#Q1WWJtyBtH0OgI%(yUxsQlVXNx?&4i<i#pEW@#`O2*DyOVjzsmm(U&Nvo>?
znIfpJ0mXeE1LWf@$}y*nPj=WG>*ksEXkWL!4{49EFe?EO<A8KE7o}R8WqU2LDuF>b
zuO%y|`07t(a6<<jH1-|ymNo4g+IMW;H?sO`>-qIF9F)LlT`e&ZA1tq09OxZt1T6dI
z$2JzX&=)b%Kf11^LyuxL+PWw1m2k`+&L2d1$MePHfmh3k_JN*5Y4`Kr##F{Pj*g2o
z)$Z3?vU#0hz>S;|T5uh+cLvJt8L4^tmr$*aQ726hF>O3xmAcekjbHTYZYc8Y9#N%{
z^-7uwh({`6#{H+1vz%$V;`t}T4Z<>}5m~mDA9<b*k9x<X3HP=INd295!dM@(FB!y0
z4<a{S=(Z2KcW-rvf3=oBW)pn-q)40b|8yM3ZKIsuK*SDalrx^VQKq?2W06>l%XjB_
zBOgKf`y}=LsB?3N;f#~<wwFU1zFY{%=G54>K~YSX^V4<*$aSD4U9pOl4U$eG@?2LK
z`MO~Fbw!gquUF(zKKRwk2Rk@?&9cD+Q=OUC1d8DX`XzVcFYLF);KDbwh_fV_yF0Rg
z{Td;xFqpLv1pr$P4gscU`@*YY_O9mP<D9h4Lv5C|Qs2yYWf_j&9mp!g`O^UQA}5K)
zT7g5|LGrL3I$w64x<pc$G-wMK_~glxCkW;Br$7CPh>}o}vV^a?H+l&pg+DxfIwk-6
z;>~Lae=I7AP@wo$bwi7=2e3(9|Ks}Ww+$#t`$^Cm?Qph2g#FF@<L94G$xB{BY980P
z1tucX1PAA$A`}3kSg_6`qTS#@tdkU0e6g%_>bP3H8BZ$A5Jc7~0`LmNrtIi?S6U2&
z4xf>X-!U?me=S8_G)Tl44(p|<Vd=0D&03VK`iOBzLHlHDFTvd%iBRWBHyFDG<)sgf
zmgrax2>rkelJ>!xu#~*8Y{mpB7p1_epMFPjZYt(!WkqVC+oZfZt^xx{poEYRptXKP
z7mM1gsFHE1Rwp2%ZQ0@`E?cd9iEF9OHz*?lliz@b{2Cfc4QQ|v_YG+a8r)0Y8#7~e
zQd&WIl2x^yCJ4h+ZHAJvRS462Maw&-BWjL3h5Qm}amBE#!aaJIR&?#=Z3WwUJe?jR
z3lSxe6)p9iSKsfmHpm-VNJQdSLM+s}5CHMeWQ|ZgQlCUk4&6e%HuqW{Vih=+dm47U
z(x>v*Tb{~z^_<PR;8(`n!`MA=BgpRcNXF{`2Qyw{j_1p{7b4Ud*EW;W8{QSD46lQv
zzzB+CPULWyGhTZ>m+{*2bjB<8jK(YOq{b`c;lrz4i&wk(u=|>&B4?c2L5mm>C<j?M
zOk_&lXr_#ti_WCT>I#X+EQU92p591(rf>u>YkM1T@d&aF`U5iM5X;xy+jsTlaQ%{^
zKNGFnroGfI37I@TU316YO&w7)ZPmosF*6UCqzCe_WZEz8NKWeX;Jx4l%>|;K5rPos
z$tOa_So#i9e<YDS&XOQGIeB3d?o0sDWnQszP7`+OS{PWdWGhyB;7(02q{(?((md55
zg9$5vk+2UHE7e>y#r`EZ`NEf^u0huZJ^xYW33yX{pfcQUShHJ%zG*i061x~uQLTk#
zs@5B%V*)E&i@MZ4FH>Fw3IrzAP|9m_QAtX+P%232Ku{t?$j)K9+l59qE|=kGWN)8P
z{82M{&r>7YfQ!2U5iF?G)<kfXODPiW1!7Q_Gi|71fppX=<!IfIv8jOq>fm{u?@?o&
zi<Di}vy98-^=PAi-@_PuWmWbNtRk`Ah929$WVz%Zm#EW4$xeVqBVZar<I~+R0&@B?
zrYrEOpWZg@|2CZBi50_B_Dx>6&ya*>nd~B87`E@1(G^KhVNLZnfISvwL?Cnnr3zbv
zZnP6cI^g6YHw2)Nx_M874B&5V$@B*BExSi&%dg(qvV9bFQ_q(=ASW&O0&oA#L1YfB
z?ZffL<Ply}x(d)IP`|I+B9Lp8>JDsdq6au}wpoOQ+HTxU#@Gl2AP?Y|9)uQXut;j9
zh#@~#bJoNwgiCiuEZv9%325iGVr?oO@&{U`7gvM%V{MVFx!)B^&DTVIPiFwEj5!P*
zhu5Ze?3eU{^%>YIp;+05C(FAedc9me^Bs|aQ)~;T8d}P{R3Dvck508;hg0nmooa49
z^cKG{fKz@e-B`cH%ZAgTc-u|;awPGPBqQ{uZD!Gt?G4DTzv2cN<pBX&0R^U~&&N#)
z3BtjmbI|cX79wEQ!wZBRsD*-c7|v`V(%fW2fn-_Ggn4ndn#&%n5$5Iifg(^x-H4|#
zcMl+g>hY1ulC3Cw{8EkE0G3wY#U)X~T*VN~gq15v#Qdxkmv?mkG@!eiYgA=wy<mJW
zckOEv^v;^f)naKX#73mTH&^3;g>8)^dw}l78K?<}SM%suj8sJM+D;w8Ya2IWK>l!L
zjHvD1xDU^)CARH8Y>5^zyD%(#bOnqUs!<|HTg-?c8{<B7oP#mWqX_q*BUwZ_XJg!l
zj(ictCZZ&emXr}e_E+sbbPmlc?Md8pB}NQ_Yu|=(MsNr%?oS(JUbWS<CoyKPmM!<;
z@$qzejDa7G!cbT9$-fbnC&F7yrnzpQjiszWtZGbAuJd$d+B?cEiR}w7fe{Sf;1qqi
zrBKv}LKg8zci4g?M$1Hof+QJV@k-iCYD`v=oZy$!q^M(fhQ52nR-#;=Su*PJ7F~VE
zaB<n@f>JYeS+cy!)(4ci?8t?Z*_*39DUG`f%%={7y#-r~3JW2QD-)h&`8~O(r409&
zj2E*~e$S<dS}y8DTz?(0SP4Stk6?1`XQCV5nSyI;;dHQ7ku!&i61Fc5vf1p7j?DYi
z4~=84f>sqP^XKHhPTv3i=gH|`PENjmGWqwv|Ni9t6h8d!^e?ABn?HVkdU|s5{a0`P
zdUN&a@BH-V@AG<fhkyNi@;!U?_edhAr+@j^sOGgKKAu+-QBH8^p95B11Q9bp+w7O-
zkg`n7O6dn!>SILgAb4xL1qYX~W8+soUUW*35V*`<^2iiMb9Xy&p<=5-l(bxvRGY@u
zBk(UA0F0eM|Db&-FL%jeT(Okbs}VpNaKAeu4**iD!Ea4W1>WX&;%fMEn%tq5WQTJK
za+8y1dvv7z;44N$wm>vRLm-4mnHq0H2;0;$|Dp>uVy`yEr9?^IfS7Rb=_An~0Q@KR
zTFE$GXH@8vj6WNrPsC2bpJ}FvRH+2$nHo-J4t2A#2)I1bmSSM>yfS;$I0DrYQg1}*
z56q&O^c%csQDi&;=zGvqVVdo-xdBYy4^T(GmTHlUT;JoRs&|ZS;DbT!2XGW!n7*yQ
zhh&0lJCcnl2r^2IdMRsAHgpeA{`FE6b8zolaZ_4E^o`A!^DKTh8USlM33aXm(LT!d
z`6OkXEhU`r;btP<;wsVF+uO&RgADBi#SM06wkEVG^`yDKaTMQJV~sxcl69hyTX+;&
zJT?PY3?za~Y;EpF<tH;X$AFdLU887$ey!7CQkJm_GFX^}?Z@bumAF@n^L<Xfk?3e0
zcF)Y86MEXp4wbq}G-D~|$2ipi%Q}~5WOiyo1cwPj&CGJ;)M@}LQpwZ+1CC88Rz&8s
zkV{d4>4FwC;gzR^VM&ua^(gr4pm}E`Io09K?zFX2e5z$B>cz19M(xu{Mx`0uUb<RK
zmLy&0G@QDNadnal?frpv5K68r^fLOJUSyQ7$cbc(yfRA~f4TOH%V>=(+p%K87K+Ld
z3(R54A)mVj;8!Ei+sIS9ta^VQUJfP1VVT+jEKh|K*Ku)mDP3(|*Hy$fcsrkoeBt74
zH9J%t2RRh@yyt06Gdu{e@q;8^TwfwtzF1b12L_&9JkuLqV;af30jk5hOu|7^X*(ZU
z<Dn=fT?1~Oj)!c8m;@ASy(0To0Ce-hR!mgFBpAij)Jk8`*3CXbdC3MS+<uKmB32$&
zdcct09wWcsH|ytyt%{6R@v$67-#J!u$NQ@GG|kfq&D65H`u0UAQo!!iRw&j@Qx(<J
zH&TMys69$>0kGAKrKwYC223drIaX6ve_Vb0;*9Vqo0`A8Bn=sJ3{+x)G4?j)0~S1V
z!Lc`cX{vEDbZ`GdbzD99=gEIK)eioAt4^F!-4IbCL_guib=xv+w^t&)E?6?v)p%}E
zF(xdp$^gRFm4Kitp5j)4Hka%lCVD~_dDUDnp%u%60m~*EHWw9=#*(ryCMRGmG{spf
zA%O1yFZ9y9$O-$vB_N^T*uvCM3^um{ih8A52?qGazfgr<LchyJ^*g)tO%NfL&L{L<
za8tobv49*5_JJYLvpidq6_*vgV^eai1P(WJ0cSENfYHxVQs))-M<1yt?fYRETp{Ih
zPGp^^L$N5?#E3(o#oxzJHE2*FbQHUK(~@FjSCIxgk42wzy(PP`+|YNCCygis6B_`u
zc?%Lyw$@QYXf4owot!01N?NY5#w)K(Of*K+`rE2zU`2DR6IL>;l3XV+Q<Tg~amR9-
znxIaD8=nwJOjH2QjEP`{&<#P7CCwMCN#$PA6xPUBRs#rGGt6wzxstGX1=BK90*Uo_
zz0WPCDSDaxdsPo1&jt@3GQv->ViiqkMMp(uzoE8rmX3IV0dpc@;&L{vCLjt9X(i5p
z!92ql0hUrVC2vKfrxgRTK~#o%YKT#0--gVRr6jFE8gH0s$R`+WnN`x=s1dzs691DX
z$`;0=Pu2`OFBL(SSG;5f*8q!%!$8+LF6{P@hYiz;XD?VKo8U}5&lF?S(u=m-z+nf|
z5Tr`Av7%owz)6%spG)fW4RwBuiw^6-y%A}gKd)1|t$DafzQE)j3Fa-lA<FHr0xDIv
znk`w<`|T~wjr2OPm1dwx6L{U^X^cxGBBIb-BRy>~`KsnpJnA~yE!08&vCnE&uj4js
zWKcwTDswTeSkQCwyOw~Xg<-4FV?xe}QSqmGLJW3P`}P=zHR-$%B(r`kRVNO`ITMZK
zuO#sjOzI|OQZ49GWEm^5Ks##xam%2EVgeOc(Dij@%|BLE$$M+1Z(c?|qY}|1O<V$)
zy-ZZ1d1svCuxS^TLIxTa`5FiFrL$<z;1fl4p}M71o}A7yb)Y+o&$hRH?!}F%a45ZF
zb8V?{ziQKuqS~CjE&6!)wunz{AZrw1E!jJGkvg5NiHCLVRB<5;)kdpaB%I!!L_~Cq
zjp=|$T8IaWySu}UF0L-&VWSr=;16@!M>~nlHDih$G>Azs(C#}%hv?ze-osx(-45+|
zv&Gm;rrs1y5_&p?GJ!N->ma>q$;)(7(6U;ijpod@KANzbHW~TQ=$MdDDIxc2%{L64
z@tA2htBp;7*^BOHGs}nSWlWByxmvw+OK%v9%O~2)_?Qhq@8BMEWB0~j3ccId$l#9M
z0;oxwSMDM=DOM}nfl#qMAgvPV!cBs+vM$&k)Z5MoAGXlC7bUsKCpuZ*I&ZYxZ6b)#
zra<#J$xaJx&{~)L#nq)|(kHpdk?rBVae^CK(t4E}Bx9uylTRLd!aA@_Mm*wqs?GyA
z7Qv7q>m*^3TS=P@-Ac&K5uk@>MXO}VB#|O&xf8;3S<x(OYIW-cAVA{Oz9d%=jbq_X
z_Pw@%78%ths(GC!80yHY^_U>N4MhR08WOE^e2$)k#<~#4Qq4jF%iJ1I(WR+83yQKv
z6Z}%dMKsQ6a`!;XR06;OtvFU}J430>6|nN-<G3x_Of%2Ba;DqqljgU$ZQ7MlPp#}L
znXLiV3_={yx)Li|@dPY@eC~MHR<=roiKU3!q9BTZu%stT@5z2?HFDi|2hv$xI5o}~
z#Lbc&Cxk-O@|bS$4Tg|_C%t5mn{%a<ItpcQ=LQqPx=fu0Z%kyIl<+(99r(~4N@!lq
zGVvfu^&qU(3#Grf>6&Y9B+okPfTpX&OEr~AsE)X$2;|PxUVmU&rvCMD?11Up(|f+i
zF}t5jW17^-H798)iXv7}QfvLR+j|HDDeswtU?7w9<15eLUJI79l2+jO)Cit@PUuEc
zTU%l4fpC`rI+@Lsj^xzNv}+1rPE;$vY~IM}0$`|9@{KM5Z_gK-mpxz~h!cX)hJf|~
z^xS9@!IYd_WW~~XbL7Edd6P|DZI6oE?kI{cN+IQ2Lw3jvV!9A(U@+Z$)Wjb(@xJao
zYT|v@KZ7Rj@UX4BYNfNbanb4Y)*G0-6_pND0Lhw?aW+u0p`}saoey+9%~_@KsEkkG
zoq6wHOBw(ncQ37$IUCP#1%sHiMXM`;M`{zV0nZ;x9U-88hm7M<Ow5k#lw31YGso?8
zI|wYAw&K_+t0>Q8bC%xppWo3$N1TOYhSfO_|LLt;HW6;TWva<9b%LMWfP8yHw8N^;
z?Rq&U?^q)4S&0ka)rW%Sl8gLH%ClIHkXb5?QwU1cwc`^;dLb=C*VDby1E8_L6ipo%
zT9oXbi#l!`bQ(ilp@bnTt*bBj!d7-Qp~?_?Q>O9SFoqP<s+Mi6l>`DB_UPiabAJel
z6O%DwkE`(za;>N1Gh@k?*|B813|aE2CTFy-JtU)&4c_w_GurXXnN|x;W)bz*!|z^V
z4mP~HVou7u<_V*>L<@ECd_{A*U=vGr(j*6Yt1r9PNM{AHsrZlk<DYkbyfZKlogIQF
zbNuAmyu!^L(gMjf?;9hNixsabX2P89&VcxoG!kFWy);h%2MWeDvk$h`rlSCWrv1P@
zSs2|*iP|~gs{%_Qz}}wd96aMV7(D_BL~0WDAz>`ljsNwrn^CtT1V9`nMQc5q2Q@Mu
zow1DkShI3Xlw4@CLSkch5|K-u>f9CWt&7nF#)>K6rhD~4$;N<owUvI|CDH~bgrSID
za&{P9i4}uITQY2{TTNXTZ(qjiQ6s__$%ds+&wF1dqA3y_K1%~Qg$*0E)_QWs*73$c
zq64pWsbE7EGY(qi%|?(6L;AL_v5OP0sPa|rHB`z9=LTxg#1#s1FN9dvQvw;}YS=`4
z=gBs9FTBj0?Jx{>+FMD$cWfO%bl$uW)k@@Y$qQ4y7xuYc4dh#z@iD8&?I9|=m-!ia
zD=PKRE65-jxh~c9QZV^eRPg*qnI!D~4pXH4dmQ{~nB@gX8zbA%w8h3!+R5jVT;@cS
zdUUtg0=kjdJmX$yyx}7$_Owq=xF}mQxVNTSA9x_uXY)cjU_XTj5}OtR#r$Z+77>9~
z?Q6x#1)#$vQRT0iYvdV)*Ou#gT=>1Y#+VoJ3Kzg?-)$C6yo5YfNgdyF5QJVsqSMFG
zY`2)xP00-#j8eyn7K-cqUnN|?2Ks*^^jKcXDY+n$=ZlQFG>lo#d0jMF)gq-Q{aEvR
znla30q`9s6CgvORXFRvSBCkp$u(^FlcWixh*5yml6pt?RqXz%8#e=L22Qdvt@LME&
zG0~Y?T@iSkXnRP#Y1a@`ZKr*aQFNz_xAk`^^c2d98mDWAPU9@onX?;4=qQpq8ma+u
zBQ6PR6hr8i6xm_$2T3^@yU__O5bm~QI$Nqk)JbHH+?IOIHj6O3^|zX2qbQo9)CtoY
z;mJ_{tEtiwuE*D0O_)Z>WFas_w|5XmNH9w%X>G#xDpJ&CA*8PR)ZH_2oReEbW0M|=
zS<7~VKnkf&TaKc5(Z*=g4kiGe(!OQUKM+yWO(-d<ZMN18HWd@gkB>3#M%&b5SE^E_
zDmMnK677yaI()dYwYen2BHT{BbbFSJ1Cwztz~h>UI@jyopnUB<qN?`>Q@}P)?}jEZ
zFs_kvHBK5az-R`J|8maC66bEV?&n-luSo^NnT9u=;oSAdaE{52(-FFqTru3XvZ56`
z!+MDG%#=-uK7>{x<#QcDc<net&k#&P<3YF}%u!^`@b1rvivKnYFNvOsZZu<m9Od?F
z)Dua0pp!IIVaZ%Qb-e)H-T<Jrpf)1_WX#0}<&|%NpNcv8GOmoILy@nLX=2iVs0h!K
ztWGh02wAA&RWW>iiy_@g8fhLiGN8$Kv7tq=48D)?LSltovq>Dz!l>RyO5QO__5^0f
zb3??tg15{EK`hz@S(CQ;@k>4{8F{g!dCoEih#6gDgKef&MUy3-1(Ybhm9gqrlBJLp
zS<z(4a|@A~TR81N{zM@LMU@z{^~ln+$GSGHUY<>HSKRhZ$=Wv|m=`Fg)_uOIx~JIy
z3=OKYa5%xe{zW@nESFratk06?&biF=175nkCEZMQvCO4-AgLe^3<8mqoC=u*GNxjV
z(|btDOT?-u#fqCKd9x;V2H?$VZ%L%~3}<z&rnjjy^W_Ut(Q?5mMTg||YR0^vru(fi
zHoA1@v8~<N>c#ejHwk%XC_)Aj$dGeUCMLwwlnTYdacbtj)n{X!SJHcE#})O&;s5Tt
zxADc+j+<wOX7fRmS^B`!Fvy!ECyLOiuO|_v-BFcb{l?3O2cC`?47j~L2uAf)gFw_M
z5T3HUQk%Q<%V{S-?UcOY2+0Sup*+iK#`6Z>v6+C77f9_ZW9XNxLeMY(eGt`>NWQAG
zisnqzGFy9>)5n~I@Zp-V54aKH4q1D9`>=(yEuNSO3#tt!K&8pJP0#JgYeDna2bO5C
zl_IMbd=MJzqt?T3N_*E5K)(G`=~Tks^@!N6ME$Q*47lknPft=-usne0C35m*vrch9
zb{>0O$Lp6b)qHF!inUG*N5fr;ER}?Ps7mU6c_LOTCCFNOb3$`J>xxnx_9YCYzhYqk
zOWX%Clsg^<^GJIXT3^R$m?ohe%j~!7^25$#x#UngEVis_C7_bGh2jKetap}d16`nj
zlFv!*4_s`wu9eMe>~p;x@NfMUVz|>B((#eN86+a(XW3Jg9DCz$tnR6|OhDwGkIAWP
zuZ*|O;bZctMqAm$JuB}ydpOq_Uy}!3Ehjoz`5Xku^WVZhL2CmlRTpWhb2bq#RiiUZ
zof5BSklJ%bYM%ZjWEC4F@&t_++qer4UH*LzfW2{LgY>-}i-!JE3t5h(V%VB7V8PIP
zR-dK@%Fet%8`nMDt-R+Zk&~2lo)1r2lxRjPDp?gW$F=3N<{8C3+&!Xy0{;_B2@S9e
zjXg^yf7W7N-l8%Wr5zYkZphDnO?WN5Ta9tak^uT~)autQ`sSO<mt%)XJ!1qx_}m_<
z2#+7QdH9dDtAYW<za1P+YqwqochMqYjmh*Smv?bxxHcYZZ>_(+ct!NLk(x`toiJo5
z940Fo#P}U++AI>*xKdIs?{+EewY}-Ft1p<!6HRFt?|NH{nmlNLajmD^@ZvdnmCL$h
zO;MoEYeH){Qfncv5NlpOH~NW}@JJJ8*G%c9z3<iFeOZ*fv}+R$X&HyHmlm|FK;4R8
zoc0mJ3Y{<VU03Jj+$8k0{oq{MoBT?)#gJ2{kh=oEv~^j?dCKn3WlEo(K@(!Kb=&=<
zk{mrfnv!e2;u$S71O&6FXy!h@NnDh+ArRE|<cOSz5?YkdoMg-Zi)jwCMy(*AvwbYK
zNA_<1F49q=%Q4>X9I38(>FQ<UtO}?le|_<4O1{ymj6Rl;tEv90H4S%s%z=&Cx;t11
zV)S|c8PL)7H+>Gj#DMwj31Q6ySJc)r6|dg0VldpWBT3=S9s4h@)E7c>C}m13LXnvy
zbw+)DBeecb$;($)?_RyQxOw&RIr*!819yezDY+4ix!9xd*pxqAP{g+F44E*Yc~eIb
zDi6?{T;{y8Rj&QAUy_MjhmR<#+FHHf5bncr{Sx(a>n$Flj9g(+SKIVKLqn7{WlEsN
zD+#s+tpO%N=Tq}N9!Wt%aW1T#hKLf2<>^xM)9LXPax#vm$3_s#Ot7Svs6LyT#<=yH
z+6!+=$k!&h)i1H}jd)EPX4#am?0G|ow}9QMp1F<HVVetnudy6=wnaD1iJoF-a~d`9
z-Rs@kfxB@;D|Cr3-G)T0R#=T@X(7+z04^=(*sTv?&KjKhFn7f&K=Z*Z+u^U~_Kt>X
zzt$<~{?G+bYk*&ksvNCLY)OL$rH{08+o<z*uP$D`c{N?7yRayhr-k6TAEKdCN83DN
z){gnYspO^cm;5r59mh%(A`^@L8q6aG;<p%#JfRac!n><A)pCqRQ!UMaG(EG@e6@_u
zCiulWzGtDZI~pPX#*E>{g8G2f(y78#uyVyQ_opQ-`gNp1N%C+5ysHptx7e_lIb4N5
z$OaWhy7DaU_S~Ag+f1-1*~C_#ne&VRdbc@ihkdtsW9l)MIb+Aer?Yh@l+TgH2FZd6
zolA{bn`P^!5TLe>&;?e8DYd7hDEU3l*urNBT=IP3plG?+TpF*gZODJ4{%UY81_{Id
zc>DDY6z&Co@y?2lYKUh^5Hguez@&8Y4<$3F*(v#s>Gwl=LsjymA`eSp%cMfz!ZQk6
z73;m}r_U7yC4b`a*rLPL`G<w|(0ja-e7yySHr9446*?<&8dECC@Oet)dX@3~t|?+P
z7aAmy5%q&vza^vo{DSW3u+s|Infq6xtju6gR{QL4hE3>T4_BE#I)dH>B=%pp=Mk#?
z4m_93MDjR>3%9noZB8z)UtC|d{UTe&Pe%k$dllp%zsS&G3ccBntePxoaZy*xms|n}
zW4wT}@uZW3ft7-_H-d0A(B6gG(0K8;iz`BFHF}jU)3~E#(Dd;dbDT%_P(Qar{|tpg
z^lrc5^DRGC!17M3E&N!1n!079{aAkg)kg@$-|?h@9sS?Mcg1sFaaxITl;5EBlr^E$
zvJxxYVPMAOLEMVBV9dLmZxU?sLO}<DF~7`}RuTekZpS~Lk(@o~HgWSj`44SYglZqz
zpPxsUFK<c}nu@R5R+NZ5XGy4NZrqgo7|-_jk9o&Zie3GmHO+AN-tNQ9*B<`(*0mlp
z4Q;03t+kibG7#-WbKSG5q`6e{*7lbiYbWP1IjNGu>)+dZ4op_(uDF8jyus;sZF69J
zP1>^)5LR`(MN8jr=f`dT75qkCa|xk2p?dUiGncw7EJ$uwO6laq4>V27=XeIswIo#r
z6UI#`2AW$h_DQuabgiSC7gs<<l7IW-6OiOSd-lgC-pT*Cc_*VSNgvg_xU)DjKDM|O
zLk!pyO3J#%@LI)7^(KeK7hni!b85uPX^*k7zw+2vlir4mDSF|#4?(*3CX>TV5B%)k
zTBG=z!^6B(_ru@zqUiG<hnhN3huz?B?jUb#DDZ8(_J(sqRdiYt_=Pb^=;hn%A6{R4
z@#-~<8%DQyERxkyOXb_dJ;v|aq5Tz{wmjBpmv`KCIeGi#b<0z?;gK7*pmaTTyQ)t4
zd~gH~WbbtFr&~&@8WboFS56OUoAY#-{6g+1)pHz;kmqQ;BPuLd>>OMdHKJj`r5uxi
zd5rfPnMLg%WIm;0|BCT5DPyqLx~uLNU0FLBd?&ge+p_th4~i&`!}UI@A%qNyQp5i|
z+e&A!89<{xY$Ov$Lsw2Ut>N{(KfIwX%oM<{?8H2Q!no*A`$#wWcwo3f3d!bB5-QE9
ztHamaEagLR=AFly9E@*Uw*6f&OVm3ky?Wn%biOdpuxn;(&af1f$hXL>>3gv4w7-Ho
zUW5VLniYZZ%hr_yb%ynsD01UeYP*zn*rWeUY4!Uw>F>H#i*!UHo4VPI`Q=M3VVX=d
zsTUcESY>2$r5*f4PcL6?y)i{uJ&1A)NJsmTP6Unqt(!zTtc`qHd+!?dUZ>vP&>r+l
z#8zn?xdr`x5bJmAY{5@!>urBZ22dI7vFYv2R;Ua+>mRt}NAMi;fHq{PiEB6x1*4U-
zmk!NEOl!90B&GNVK!wIJ5py>h@3BZ#mZ@10xmyNH11k)N+hd8Q6)ms~JW0hv{y@vr
zQ!F|v%>fr;2o|%Q=+Ha^!FAx%Re#KQrLmtiLbRi6`&}h@<CIivM6nG07RN4@6OmLj
zGo>wA^}v{4ntbx)3ECc?{OM1BB2XYKWeHz(i4eT&4^N*?$^X81;|u90x?HYA#42nN
zOo&TZo{|4?{q@@hCsqIIC9IL?)f%zGIVCTh@H^MmN2_J9!V<tG&*u)bEtiHf7{C#}
zSegRlYK>()fFuv*6toK)%o_}|g!kB!1iElWGJeO%Ttew_e=do^P%fENBELqj#uqiK
zOENDA(SDtg5jAbw9wNP&O)(=~UCRWLBQFSSh6pEL>z!AYDo%q2kZBkX%|yO{Squ0_
zgd1$cQk%uQE&?8#_?l4(MrYrYwXD9V^E8V9j&1e!=*0#FjP2E_8K#_d6#lT9quVJU
z<5ms5+oq)L=F1|eYSX#ePc$dAuEYdj=uNQol)TRg;3}U1?r{u|xt5?d+vCi>i=`Zc
zb^AW=p=VpKwx4zs%}iCT*rw)m#m*GBH2}wLv_Q!hIV;f~6IV2fc51f45PpR+v^rzd
zu9t)^7EoQ}K4zA3#V9iVQ-fi+WaR4A8;Ai1kywdh70WTXF%A=4Ex<+$o)Yp(iV6_@
z6lFa@(gK4+Fv(<=iNp^lfL9_`x~52;5_pI#8BI;~X(bjF1xu%dyil8Q&J$Wi6*E*%
zr!1|NT&;6NmyC!qWeATyCy7H)pFxq^3r+&AS~%lXNy{|~FJ|r(v%>lWks}PP!fK6>
zedQPT$>@T1u+FYW)R*k=Cwvq{yv@xe#}u`Lf;o6#cNafF{|J?Y!I>LLk(;e&<J4F+
zRT^AX(=1z0*ayX)`8|s{EX;)|t-2lptIlvy7bU9@x914^kqgMkID%UvNkid+x<b^0
zA;RpQm1|8qithLVhuhZQ98-Zank4a*uk5M8IfCx!Qbk+TI6Fio&d6GvqbS}n&8U3U
zILA^1f@AA(Zd;Lai<+DVs>->ix|}-{$J?$p=fSFT9;iO&Au4q4QloQ+3EQSl=iw@K
z9;#O7A*yvAuwLguDs~>EX6Fu7JGZRcxx-rDu6E}()jP-5@7$__=T<d5w;6*i>Ui#2
z$#ctDK3Fx+gVpmqa7E8U)bxz6>N$p_uK&4*x}IC?i_s74R^2l$ZXB;(o!2bFt*mAQ
zO-CA~T5FX9s;Q&KMp9O*qNUo$P20%rE)3lG_%T$cc3HDCl8XGe(&n8)qzL|07x5~-
z6T+_!)6K~^k*8|;=Et$znch>L(OG8nd<b<y8y_Seo8YRxm&LYQT7-sN0Ivaj3ipN0
zoX0X6+qho)<6CWhY_E&)?X841)%?Ut(P#7-v(!Sq*X9a^6E|0DoxKCi<6gUupcIpX
z+Eoe>U3Oc5ffSv8GwA6-_Ea-jpNcikF<(#jV?4XjKq-iFGS@)+x*%mw!y~Dibk90(
zij=nOy!)T8c%jrApxb?W)ES5l@;9^?=~A-Kxpf=}or$_K*|GS0#Bc!udL@kaZO_K(
z5voZ$l@&q{+OaQZgwbTFM6d}6Igx8h37kf<e5pEXeP!KqXT+!xXR$f~6WZ@$W2~eO
zGK!@LGG^{X02>>e-fQM-=zpvnw^^Y&<5D&Ej;-ZpFJjLV)7K_-Tx|~>>QU#;JI0JB
z)YXC%e#tbrGBtKRCrN$DlUR<$u`sWuXjX!q?6X)<hvt&3star`Kn$qfGAXejGg;B{
zj-^(zik+n^HF(xMQJO;!qVVXt1+W=!$UUA;kMZ2>0p*OMG0L{k+QM&WA<-hDWFfG`
z3IK<#mhlcbyl6xnE%(~S{yft5JY;v){nWc@j3s9)MST@n8@RXG#}K2^DmrANRz?|w
z2I8kM0Zvy07-!V-2T<7{sZlhe0;)z)w82+_0IMx5$pgVyPQcYDqE2wu<s6tvF9_}^
znr=*;72G5`<DDq2aelETqAL)!HHxe+!mAU-HHxk$;wz>YxVd6Oz&5%S6%y9H;`K1R
z+R>p7?r7Q4%tm>Hohborv~ZZ`l)TXg-pIv6l?*IJR#z4Rb?cK8FX)&tAR>~rA=#X!
zqr0t-#P~y4KRW(^7;AAKV{MOAhw$3ck{D}U-_i^i1d)jB-A9I+z-uhvL?qc5SPHy8
zo~hA1YRaBin7NiDAK5`s62+rI`7z=)!q>$e{^QJEqZa-y)^HPCe{pp=(wg8rIbct4
z?)cSO6fV)C-~=#{mrb|69V7lkYxLVIPa949QXQ2|97puA;ZA5Jbjm_=_%_8s<DEh}
ze;63e0TnW!9{@Y*UTyCF&YXVQs*2W__*Ua347^PG9Gr24=DDaa80HL3@uM7x#D)>O
zdD*3teKtyV+&0##IUjZkTG2GjD9L2WR&=zSrLHg4%v@>lvWa9S6)RVgi23;74>x1&
z=>BPBv}JQ`9Uw6`UD;`9uN(krv{{0RosCs~h=T@TEoh3_-{ahUq+!`E`oj+8XhC^o
zILGe3XuNi_$n;oZjCEzyEcq-kXGZK9t6cdkF~+(wj^-Xx+cs!MrMitG8M4H{T#cd_
zw#2yBl~JTUmYC>#xlNi;`E#Q!QhrMeNuu1!&GpY^iE+dmb85D%GUE*$F2b8J%{17%
z5x5rJOFMI{QAU)l0$az&)9LY;*|D_?wAxlz^U1#vmM0=LIY4t>j%=h7(i<CqYtaHW
zX>C2@cMSG#Ob53*T1`gwmpcp0jhJjv|07Vgx|c0UqUGf#V?5(4uCu`uJ7sdDpWy@v
zOp~HM)5NALwi4y~%o0>Tjy%|!)@W)FZA6l~ELmP<>yIp%+wqGJA!)Amgxbo6Xd$yQ
z*l782ZY$Bsv&I~wzGeA6xu>NUzp3xqTDVU6J(uG%BWS+<deqh+h_Sg9V{bpbRfu&v
zDoBe6Xm=NNRn(O}t42?yW_70ihTWZKR$m%TQt4Mu!+DMEtDsfI%KSO`uaoz`|9Nuy
zmy?t4pG^M!@4r8JKZOs!JN?V)&*qQcpPrtaeE-#(zusKE`a3`U`TM+H-Qiz9pM1|=
z{XLS%>FHnob!0<ZdI8U?i6|#HrOzP(auhi;+`H}T=IC$Avy4*^2q+1P-G8KwyPf(M
ztja&szF$Q98}DxUR9q+{h$HOFNE<UgG+<uVKc=*bNqPL_EX%({tQtbNM^b$ZRQnYN
zs^LtxOal;qHm0o+QEC`}7D+TVN)24x(M$g^N-canMyWkUsXa!ijiLD%rS=%5_86u1
z7^N0-Jw~ZLMyc%~N)45^o>;ZW&guGGO`zI;r#LmK7FfbAl0?*bbtCRrL;y<1mastq
zN=$Wa3o*6?us&>(J8TFWty8Yl_$}6$dDJcLn5QhYKSVAu%}pxR+bOvqB};h0HB17<
z?{U>>;Nw_+%PYyUIZ8z|Z(x&4M=93I;SNnkaR@ld1DA}*rKq!%l<XhcA05l^vHv$t
zYg$o5FvPYC;~Gi}u4~U6f={sz1utQ-U$aEy={AO|4H}Ke1n#hC6H8i`HdXzeW<2H9
z+D3%o_ENe>5ShKX%)*q-oD*6UrJ%`@NvGv!BW7De*jsShtX}XOl>(rwq{M7ZN>R}&
zdIfEE(Op&MmFgvt6j5ZW$~BZ{5xP0fIB;hp#G95xmYUL@|Mo=bzlq-M>WqP6W0fFT
zeB6LKo#t+<TCaHaIa!Ljl+%~vd`gudPvJ>4DH;8`A{nEyB2S-?70>G`7NWpWS^oI>
zh;10JtZWHt;3_Ea*=i}#$gKnvX0_f5!Eq{GZABkl<CjVv3v>4?Nwbf<F)Ydl3H?}$
z*}94=)uHcgL-YMl{pCjaz`=GqWd(Klz@~cOz(X;z%Aypt7nGpY7r5JK$i|}ph}P;$
zQxFNv+uoT1I>9MASb>Ya+7xC+Vv7EYEh_kVDekFkaLE>2R^^xx!3WxlQ$r<*lC0{i
z;zedh$J>c_hL}DjUGE5WOz#vc%V0^@f^t9eJ+W<Ic?ER_AcCG1w4`?U6R}!Rd5TUL
zLX*HLq-&$8bFrjZGYU@Z%dU&FVmZydzSDLUUAUcyha5|_F|y$IEbpvJ5@9m>f+lw?
zPsumZ3{JYv=}H&AElP3E)#7Anhjt)R7ERNL%WR<2QLNf^q-r^$V5GV^#D653{!4zJ
zuoziX(cHBY_ukS?8{II|>Ff#(;H&+<hzy!3w&K^vOl6YJLeW6?2QO%Bw$9)UUUnKh
zXUkb!C7a`NmbQ7=JDLhfz5uAQmkfk<_pBWpmu?B)%~HL+1xDEix+*dzr+5Dbwl=+|
z&dXVP{_fSq%Qvs4t8|wllOv009s4WTwTe6Y&pI^}Yf+O2ia3k9^4$$Do|9L(tf9mX
ztvas>%4xt#;_Bd$S9);$66HszhPP{J*>dLBv(bdQ6b~d7<N-ns?v?HaUVUk-Db8fh
zOW_~tM68NZthhACiZ182a}7?uqKgsB5pK6e2iTkVl}0Lyvv7~vZNFWLhe;(SwPX|S
zjeU#i@Eu!2AYgQt^#d*4uM%M7h3}QH@$QS4-^h^N$Pug0S(Th8tXQ6F>f1A;JrB=H
z<h&APd^w_H^8}uPiO4ctD@M%83sx*G$<bA>_uT)8kdsISImU@p2;p@}bV@c0k+ruK
ze1p5nSvch^fT;J0ETcV_WbYOn^fUXszre3kfBmBkQ@GB0QnD(L0@5wDt{(yY+;KG0
zx>~Zl;t5)IWjNr_WnJWQj#@>^QmB1X@{~zp`BSq9y(Dv<eT>nKb>GA|aL2iBKekhL
ztUET!(K?FH1r2fAITuIii^rfawiqOQv%w%~y5fQS=ud)0hE+0<s|J5Hhw8Q(nM`QL
zF29b_%JjW$#q3&t>C|Tqs3Ai&!oRYMhvXt1b`(6;2XAXc&Z@_<#k(Hb3tF)U8h>W%
z`_1q{?`WEqOiIH+^(ygp@#5-|{1r*<UZ=bi6^frP#foxophCBXZtFqQDffVl>CBa-
zLo}heC>@C3TIsD?pZo<&LvM&gzn;?2<3*-MVsh+qCdB|Fchn@sOfMWdHj;rzmP-y!
zKqr<(m+;}T$qzuW%5Rx{Ef(Aq0#nNe2bOX#9_^zX^sASHq|9FBbe8!&t?dPEA0c06
zbU_&Wah`Ii{w3Gfufda2=UNx=jso}=H2<|3rN|U^->b;zMiu^co*_I>O+ioxKTh8f
z3|6N${RV@LW{lh{d2)B<I8Q{WzRR7jqK!Bso{L&%x?5Lc3<rFDQ*<uT(rvJV9h*CL
zvSZt}ZQHhO+qS>hwrx8*cK)1m@3{Zl?Xgz(s#Q<D9(wewsyS<#@pzCSV67RK<R$t?
zj0pGdFBnVUDy=E{lz#da&l|qg@EeSAdG6A>bZ>8n$40o5#iKUN%xuoU3(BOcodZgb
z3*y~$nKfgMVOb-GsRtwMdPi}2=!ONH7~;^xaVr$DEp9-oICM;4&jzUH3tX-%VbzBl
zvcdZ#HO>f!PwAFquO^iIVmdA46y|aEC;ZEo_NJUnjC3d5HR<t#sjD!7?xT@ox-u+Q
z(tOH8Wr<9GN~#IW?2=qSN~#^iss)~&viz<RM>!?S?co?6@3)tP&K(jIjJ+m*hrRl2
zf<Ik^x=dbT$XWo}K6jZC_nMMEuMtGB#mZ$lbz`wXW8ppsOyG8K4$On3EqMDFHGGt*
z()R19)@7g7y&Y~_ZcV0P_sZozMD_z47C@?rRLP48oSR*H$lU;F`i{@n$~4rDta5_2
zWxNpEx`>IBsENf0nX{0w@eLKar_idk*0!@#%OfPQgl)_t-?r1QwJzLYH=JFuVav(B
zsI_VO1FZfCs}nX+xj&9*BPqEX_u)UyY}6+Y98yP!fd@%|giOg|ffpW*iEWQDMddEX
zgy2ljMdO-7{N&k(=Avk5TJf`(|HQl3wHgHgq!!{|i=~gtblWj?zx1N$y^{zI0PZC#
zT!waq0sFx*BUboJRQYbZ{>_F+tug~Fzq~3jP?+B?opg0wv&x<<iOekV&gzgK=Um(2
zcg}bU#eLanb>3#qh7zf*e#DMIkAV#`(uR~qfvzo|cZQZo#3jJf2bdDoP}&1c3qv;~
zl_euZN(z;SRD|>3t_zWGRBr}1A_eu-Yt4A%IWacfrpwQ9{I3ZZNIYuy=b%z}#mp-m
zzYM1g_~y+VDR1UfK^|H#@RHy-I(QI;7f(+El{XMC)zV?F!|-bC$p+cwX1fC}r$Pj<
ztD#Vt$@gdir<~v&m~Se4IkLTmM<Y^;$(vb6u0m2tg>uNb<CDv<k~w(xGL${Sd+#cL
z<+GDw1zUlU(xJ55dJQqQ6g_J#k|@;tVxQ;5DQ|S3{<z&9X4qQ%2%Ssfb~I5H42ow*
z9j0UT=lI4xymZ0@e1J+uJvYdiUbSwcG(Mr(<(f&xJg?j?v^W%su=m2qBud>$j>h=3
z(HrG|mZo4=-|!xcz1<zXqyc+PXYtGrLzmr*p(}x}?qX*wfMH?E)YNvnIaa7Zsm0Rh
zx^U0dGzHVTb$DtRnnH?XcVo-q>R~*^wV6-X%9&T>B;Hp*tNHf<gJX+gp&>bXY}d|r
zY;hpLL78cE;RHT*>4P}V-3O)~*GZrHPqFAO&_F<fWBvJrU>TTv;v&JE!Av)G0w$1V
z$2vqYY#&uquhye}JdA&JzYS2P6^dD+O#tR@IIw^1Reg;3Pfk~YMC9{vDZ08me>;Va
z0+a30N<KQj7{)+`a6DlQgf6^^Z2D@hp13t}3^Y?3y()uP+Rzpvtb*X&SAUi64+A(=
zF@$BD2uyPNXwTNBR(wE;(-5Uf0WY6)6+Atqmjex^bUN)u%~HxrJ4}fWlxtH<!vfP#
zBP3RYBY}4rr@cn$)45J#5siDZNDW(mD+CC^vX`<GX~?Y5z3QdJs_@bo>MLn#l>*uM
z-@@1IZ?0G+ge6#U=N}O{O2qyqr^sm?(Bg0sW6$aiYy~q`()tZ;hh%z6O!Ya=pB!cy
zAn{XMGQ@^EXhW`m)z8e%+yn$iQV$9WAv<}Wzn=kx7@3JgwOFm*V$8zaTe$3aK|oxZ
z=?_kT`#X6-zkU^*2@Kz_god0wT_h$%jFO8u-TqZJ1(z9y=HpVTf5<Zo9H>Y8Sx1Ss
zHFNv_a5A&0B2Ih<KAm~kV&Bzl@E%g+66o4(MqVbT6y9}_8yiuw!%3TJt%YfNTgT_Y
zS&7jZPVQg#z`J@xw^!;rpF~n9fp<q~Gi66L?W;LjQp-OTaF9EsC=ph(rp%6GQhizG
z7?K+P9Jns(Ad~0@&7ZhrZm5jF@s`u7<KE%xRF(($+!&vKuRJ;@f;KH}e%D@HgeQtD
zO7ToJT%Gu&id(jtJ?lr%4OJZTM508}p@TdPzcLyErzNx&%%_pQq0{uiog)KRJpxUS
zWUj0z-en^#*y`vO4w~(EWdQCNrMCr_F*2M2L?VRNx}JcEY^|4IWm1@QUkX*oDTGrf
zmhx#7G?<r1Dh?yTsJzia>S9Uhgi&?r<>7<mT1ij9Z+^L}JJM>m*^1d?m^t@w<YPN{
z$_3|-ADVgdPaRENT-1#3#;f&%xc5uIqo`M6w#Vo#z&-xW6=aE)7Kh2-5~+lA>~<6E
zx(&>n8ZgcBctRUkd->O2mVru*K6w+vWu>$$jSLsoy!M0zivhv=ZQk(#2SSbqLCR}T
zbijY;S;5sp<dIPvZFh^fwFXYdgZtM<w@+p6rFtV^YGkqeVpMAP?YS{dHdMTcsOawm
z&_gXnIQ25j9)sVSHTf33?LL=Itkp>m>&6;6KjK`juSX6tKhNG!Lh=f8?Z>OrwF#Ze
zx=1!3r4R__u9O66#|YS|<`m>Ym5mRFH@N<Zm9o+W<DIJh=Z*EgL^*tLg6^hbj{khq
zs}*H}$B+Zrm=nQeDpS!?hIKar<`jCKCYo#HeUTP=GFvT!``5<44ZXM!4ONC}4&h?o
z-vq>p651NpF}8_HJf!w$qtAT<!8#F->lGf7n&>rSehS<phi8wZ2|V~wggMc+4|y8j
zA7gF$_K`gG+rmvIN(;_lSy-F;Gd}d{$__RGm4fc27jb1hU=_t7!MmXppVkVLP9=(w
zokUk4g&eR%InLPIVs?$JAFCJi@lmjJzvqlszn$3LX{riKsc}iyJ<jmR&JV(YFcj@W
zx?4w9tJC?hL8WVJo-<C;WoUZt-_H{C6UaSUTvEIhwgwv#bQg0D$I^SOnMm#FwD>7A
zTk&sXwY$c;=;1hivV4TcZH3^lXk{}Y!t{M{`%H>m1}$0^iqYKEXaC9zGNkLoGJqRf
zZIH|#nDeC*!HL-T6GrvMFRMdLME5T{CceB6JP;pYND14G;9K1F{_X9|l)$vXHNDD>
zrva2}#}OjuY7v+#L(apEew*+`;82;O0WOMQoNyG_nS_dMJ=S|m{kQtraT3nJKBl?-
zi{V<^nkkjTD87%mdL!xF7?M@YDWgDsh3Rkq{=GyD8K)r{W;)=XmN3zkrWQ7zArrSO
zPqur%)sDb@8bYmaZV>(Vxq0C}@ToMGvYQupG`GvbsW4SOvifdI-{>6=0sjz)$1K#X
zanEn0*gLiz&HE~ixid)(j{eA>V6iu8<jyeAbLz?qtKq0AkC{4?NQBc1og~nbHc6#)
z8i*^WUS^?rC4_zGjLi|IE-1fgs@E9_+&cwW+vc(k1b{O;>~Mm|7jnN>QR{?7n8+}7
zc<1~mYNeq@gTzrwwePoKWjE6ld9E{FnB~!x3u%eKx|44YqFWYd^g}2G!P-lV91T?H
zbwz@#Y?**U46V@2^bZ5VP16VtI_r$WFewBP3R$4b!jX6`m|BThB{QI3Yo^uADW2;C
z<H9oJ!~HjB{jqV=ZChW{#Pj?eI@%}BX>c5wC(CE!Zl>j_r5hoJlp7sT&caLa&2D=&
z=qb3Jvo*56G&wKScrEf=``jSft6<i@uI{)~*u;`?Ch~D1JPp!zbk%G8>kBy^ABPRM
zl(~Kgxg|{n3&CBcZXD9aOdG;?e9o}K6^mQ#2<#T$fBtBmdmTDDY&@srC!za|G_J86
zo;5NuRQ_vjRn+2N2od!9em*;1brb)7S1*OuLXr<GR2YF509G1msGJ7DCEnNvE4j!&
zx~jbT1MWbHnH*oai?ex7czfgR{e*J_THR)Yv(rMa+0%Zv+O=L9tVmgx{)wsR*<o~=
zzukcPRn#Hvv+ju<qkkiN{^(71?_%zWb47K~0D^iMQ|(z|w|kXId>c%)ULB+*M=}i_
zbLR@H$uJH)wGu?C3_36(mR(vknb*sOo9Z1})q>?04`bS@SG?}@Hya5SBe6b0eILzW
zVVi|6?UT^8E!!?7(o3P<VaQPo9{hJTmBr&jjc5}A*;2y41S6+m262@p2__57Q>6l~
ztx_kIla7dDxZp3FRt|Qy0naOxQTnqKob>~xe#DNVXK)Px$`%7>UuW{G+Ko>w%Z73n
zC!Z16t=ERjo>tRlryDbPZ#DZ(tEXS!$E<;}`Chkwn%qA?8aK9V&(o9lVD-Jr;=kX&
zeeP*vSA5^8)aM%#PQ=suze$6|tf!`#wT<81MiR+nb3V@CeS3Ys!@hakpV+_NAI|V{
zKhNO5?;h@Xy}w3EWqEz?MrOW`#u~|Fzh7Q^;>h0J+)pcvg(rO7?}E?-lAfJzdDQ1#
zHw90A>pbn~jy-BxB2u0Wpi~Pq8x>D~f`iKIH$VLjC=Y9R?sz9#;N{Nbp+|juyG|!I
z_NYO}m_c6<N|GX9GI<nqJ^D0ZNdG9Y*XAN?+PxGUa)8WiT6)X*I*vIxbNr9KuUgl_
zB@BZ--`z*_Tt7-+p*zhiX4$KD!0=jBaw6D7sYH9`5|^a<@4>0cpHN_~4~sWQY+8*}
z=5_P+5dTZ`69r<cW*5$Pw823IbELxJkmI~Basp#@392U0BJUSB0k<G*&+e*L_yep$
zFm3YgoAOEMiq^YkL=}zsvIT1ns-!%~t?B)A@^S{r4Em2W;B)>CLeQDV_AX2Lz=BX0
zB^ENbz_V<;M1v6(b{GXzimsNn&-<G5#YK$Ne3NcRKoO&t**&PR_9Q=#c~O`TQ9|Q7
z*OU6vU+Rn^nf}ykEJ<fsxr_Y<dY*?h%)vi)&GIcor$%ulb&wcJl62sa!qdJDP1MsO
zB2+DV<cbEe>DVvljFI0u3~?>zoB5$@y@I3$jT2ZMw<#@pR3?9(!#J?9NUJnvV9JIf
zNlKZ8=uPC;{aLneTx)A=tElT`@t5vQ4RI|>_+T-5xy;EQ6sr74Cl&;5I~}}Oa0(i7
zs@+Ji#gZkY#-R1M5eWSYc9OJ?55ctSFTrqty0=b#mBptZGuPQG?mA3ePi6AJPW6Ew
zLvweNPODE=2l<jHRM*%WRse$q6lsy}=Ok;B__Vl4jV`E#g6tM{on6g}XvW%XwC=2P
z%P2DC%ud3^P=n4Do~TKo$(cL(F0yjm#dpq(887ioa{^)ce#ts~TfMF2mdKW5vS0h$
zyYi?B<}FE%TBcwG=QsH?K0hM(n>5#NfK`S_MM_Tr8CC+ksT4?UquC2~8V+5L+%Gx5
z5gJz{w&17sVC{x6C!|)*NyNq~5*WA2eZw#Xa1AcUstGn%<X1!^g{W!m{HFiFjBHTF
zXCU^X&I>l9(h0}6TMSpbhjMf<s9BK6+O>I6NE8@X;zoE~KLqLl<1PK$XhUd4OENCY
z?y|(lFhJTz%|0;_nb=@-g6oK*HD7ny<K4lVGJE|hv!%PLD(n8|)d%!%=<4vOGZP(N
z%>S?C`$n0fLHj|ebWVl?H1%3uN}$|)tK)rBu*Eeb=J3N{NhC$vC%oj*%*pNROlv7O
z=dz(lmtmEgdPITV8SGu~?0mPukq{{fHOAOWgsRB_vkT^wo>+v_yCrurOvrC|2{NCX
z7*xNVZUZX$n$pAH>hu|s3D92ICYl4wySO4x?z}|zp1-_YsLb9hm$IxyDlsXnIjmrT
zmgp$Bxfl0|FMH_TeO%&nsPx~MC(xH1F1}1}0Smr^KFoo$3-+dJJmLH=D*r;fV?h|Q
zbjRq_h8?S;xBLm{TG{1O$=lh&I=D*%FAeu<O8eq1cZqQ*s%N>t>u#Y@P##hlhZ?I|
zi6=H`%1HH}!3z`WjAWDppyd#t#_Q%0fvzQ~;6O3z^AU(|`PnENT2)D9oA~2I2Crqb
ztY`^rVH~n<?0Q9y5xb${yZaU%l2!Z#LX*!5<kN{M%+%KeyVzA*VHMlf%@l~LPohgm
z)!l1NTGmp#4h)RI1|Nh&;@_0uxM}=<D4D8~@^`uWpcpYWnlqa$eu4l=+D%=-x&Rq{
zP$F2Om$LI*`6PK0AQ2PPCH@GBnneOczd4A1^hyaEn8{r7(H+5NgPQs6|1MiX?}wtb
zN?+$N04o{>rKFcx89;_Ov8Rb&8PJF<TT!~MfA@Zwk;S-`4V5$q6F1=ejkc~NZaE#S
z7y&`+h}N~zSl2hWDlEJ@K%O_4pA#4}gQ&jPi>xQW=GqwgIyZT$g=Pt^#;VC0B@r((
zLe7x{uV;KF*X`zg6R=--76lKA;ebR|Q(TgK_O{tS%B9kXN~!X?36|RwT?6$b6w2|O
z`aREmpZ9Ec#|-*Tk>!4s=;3>!!(Z%$Q0(g3w02bOez;7L+Ti|+<+p+VK<paJL$)(d
z_mkTyH?B)Z^v;1k>q`wNj!UzVvDuQ#OSHR@?Z+^J*CFeh$02L%M@g+{kB1L3+8=(t
zE=1SA&!&B@V58TLI>$_Z`C1xJ<0;Eg)b(Vd@y$EiSX206kftytqn*P!nc=XY^PWI$
z*s{RI=ebB&JVnvF9I9q?Gv!E7z9SPznheeyn>)bGU7}^VQc(-fWah2>?s0=IVvYgw
zn+BVhuN3xcU5=|||FE=KJ!Q3=ZJiqihAKna%zi=O%y47kZ+}mP#_u35W|7%QkKu=L
zmIe72Ls;FJ=8?c(^m4D?&%Qy%US^r1Qtd3Y?KjwO;uNURX@M;&#!FlcGZ+&~5{JUQ
z^~KP^QAM5{N{%z8R0KO~ll?X<pKdZKJ>8zCd1#_>?g@<+&h8~ao{&39P&UQd(tX6B
zq?F{2EN{1tI~L=~Ulk-Zqnue9E&G;c;4vNJ7+Za{UCJFwkYE`cAu5qFN_TS`QP81W
zMs9oKkYxr|rsn$PG?Nk6w#OXiA1{V%3FY;)2TB3^h=X>ha99v@nhwZeul%>{{*=P^
zH$Oy#0g)V64dTkzXVwkcG9m2m0fl8liM=)denI<EZVme7KCCXi`kXQ%r+;>-jr6P&
zV<7Md7C!>4sT`#w?EBP@j1`MBr>hAK0<b5q*Ll<HcyV{8+yR=a5xG|SwHBP~Ja`Cu
z%Mf_;3W0{Cw0(Ry=G22E_*up^%!FQ3g<3i<*|+oE;mQBz;k0wVhJ1YNcuJ>FitpWz
zyi%^8?|x|N-{;vdwmj`vO|C4v<SuL0T&?=ZHUVkiqBT{F59JF5qswT9==&_h>GkXl
zt6+&bRDwVcm0ej*iOy3P+MpcTCr(4i3JswNf?51^KFr_^;wtR%^><OTQOW1J2YD>n
z{MvdXooNH-M=jrVJf3jrE(V}~7^YNDFdTerjzOA&rgeLk81F%SxG#;v8aHRlJS5iJ
z<QoW~-CZ{Bo&EPllIhy&IBIo8my@mfc=W6wX1Eo=bbi$8-=*d281fVJSC6hN|LJ`%
zueEAaMD1m{ou%#a%H&FoT}>#U)cRDJm+0Q28a~}TL4zo<8b0P!pf_a;-`EL#ZWjPD
zwCNKW32q9m+YPHSowmA;DsQPJ2BA0a7`!GD#*ZXkqFIseSSeF&16=#2*QCgAw!!Cz
zGk2}|s0$MLXbMXCXbn#Nbp~HdO>Bcsg|}5RyU+nQnWOJYs_E+*h>};zgWeXD2B&M(
z*R2^Nm~5(q)s6Z^P@U^i|6qAQ$Vj^yMPQm|tBt|uEkOQ&!_y}kKk$hD1<^)PqR0`s
zUdpQE9o^`%d1S$Qs@+EoWD8KmaQ#Kg_FDvIpA+2N9-Kn@F@}bGrWlctAoo;ISwXh9
zpv?+VhAsSq1h)V^<amTCCD#9ig$!hod&H&rUARz<&Ag<OKOcWnZGvSOj`IiezwoGn
z&hW$qp($%KOjZu=%4MeDsd3gT2deY;^>RSrY4a|iWJ6^3Mk&Kb@jF=vP^G{Jm@}_1
zTlKE!6x(U}{s|!ZX{{2Itzyz#u9Auc)*R-&+W=K)Yl*5lcUWA`2P;oM4T#gg;#5+M
zq-Rod*`&uoVu{yowN@~B1QTPiT;P4<AJuC>WVbZ<q@O^nUX7^>(Q?kK@qX{eX)CZS
z^EKzfKHPsBIwBcMo5wy%mx+*D7hY9<?rn&Y3kNVUAR4>Lvb>!=JKZe|9e#h@x_<7B
z9q#zPyx)W*NjeI1-t_~<2eB@|6~;Czr=D~&4~s)QQ>B(M%N#wh9e;DE9Mu=@4><~G
ze_1v_`VE|vYm|p+xK+BJSwq6^;6|C&jN2cd6Pa3T6Tn+%q?Gt)3_TpsuR`9tn|0Hp
zP|drS9kjHYgw)b5u1FxNB3l!VgKJ(zGhxdh&#4mz8g0=v+wYl4%Wc`juf|<?v6B)`
zaqY(<Ao}oZXr_#&qeo|Y{vA7-=n4uKT9)CEdMp}!6E}<~6iN|Y>x!5!W5BK_k>)W@
zt!RUjTPAL)8ylsMrL}QLtB}}OQpQp|B5s)$mnu#~Y?f)MtwT{YJhM|y;lZU^ldUeU
zuB7H}DD|azYLb2|{`Z*rrFmacrkV$YMybMx|K}R1Sd@k6k;O>B2qAWFU|SP!Ak-DR
zXXJLT&lQJUyYJ9NcP`=0+7i}kLHUp;HtQ)GpR-jMTjUp{GUcLel|ivDzaao*g4zoO
z9M|{$x;Zsg7?#cNZm3iNZ)YF0mAZ`65Ya!EF3Apec0beR6ob}QmGEy#d?Sh>LXeBM
z;_yfr?#@2ZjgIZ)J?o85rFteKtSC;J86>&tiJvW#3YTb8;>n?TUFA07Z-_>$MCo1d
zn=!6>qVwi;cNL4ht>uH3hY`xv*7)dfFQDgWZo)XkGUa)?K)$?8*DM1?OXlzLl+)-r
zG%I}&+T`KWJUdvpK;Dcglw#4`JdrVu6(`U7`b{4XlRN}tBk<7;7CUq<^Q%V$*GhhV
zJ`2p_fn>U;^@weHa-ZZnlnce}#)QoR8*h?vi`6QuYgG!KD(<Y(j*{Ic+#1kE&tjk8
z;v;xp9)$+X5O;4iL+9F)nVhe8ycn6K0JSorQj|x7HuEuD-0Czx=^3^pqC(JEn~5?2
zU)1-#R6{tlQ=t`gd*MIf?iv0R)-|S}<z%(F2r{OL5LwjTLC1`8`oiN&|IvtJ3Tn+V
ze-Wiet8Q%a;$d{IR)WGqJOh_1f=+;wh3=MPM4B7#hg@|8UdBro-WP!hFW>s{u4mp@
zkCWZ5;pox-8?)501gTvQxPmmS*PbwKUjH47EC2NypLqP&-0b{u;|bDmx5CV@D*Z%f
zWFl0=y?Udy=~>85U#jQhKZzh(M>R3vxOSm?{a7~ZrWr{|)FU;pLDTA^cRPGv2=rip
z9VHAW!o@C^#{c1~a}Ctn1|pv<+>q*V-hQzSs`dw4_f6Xms7fuyyQq3I=HEvoXR0rT
zkCLc%PK-T0ryrR_O#)}?+p;ev+vMp$|7qd&s!Cz9)dXs`o+{FYAdNqPa~=1)qFiq_
z!kx{MWz+Adw}R);yL()@-wVbh+LSeTk<T^nagx+t6&K{}`GSJVgptXp*`qg<tg$T6
zYP`!KLsKrQvO<Upm*_(x4<vs4JtN_@p5k%iuT3~|o^pU+p)f%`eQ!ZH{yQdFv8T~f
zIb8_ZY%!<H-CJ5iWDsBFeAXZ)9QTHzlWDdFJpwH$(g2*ROQSFqQ^RFOf+y5r^tAIf
z$3t9jl8S*FJQSj4WcPODRPyJ5;e27>b^y4616|tQMzUKM^lY15KE|CCG;CS0m54@y
zQUR+BswVH>Yo7Nv0PDZ{O}^8*{)LBJ;#(C7Sw*S;Sa%L7S`wBc(YYnXdw9f21>(yn
zo78|HfFx_Ya=t%tw174ve)TGh)sqS3F4Pm>Ax#Wzq1z#5ZdZxCNVb)jl0sTHe1B0D
zy0J#M5`F#|;$(_&-7rMC>6FA7Q}m45*Y@@@YN9wtP7+T*3DDY^`+%sM5Qg@gu|6`l
z?5&3Ow(ALG(B9nMiJ$6S9JGGZXnupxU@2A45<}+?9621If4$XzXC=jZ^0|mlfREnT
zTZ)rG*x7J+A9mH>e*-8Pw-$<pTjO!RCiRYKD^I^`>_yQL8Y0ua>Fm^8;3AsA_7W$+
ziFH`>HtA{aGyD5=+ulc!Dk(1wc<yl|0vj7ocBjObp59=1tR=o`A@g&HYA#K^t7i*2
zW{rip?C5?~H*UFpdcE2DKYzR#(mLd9D-p2dPfv!nR-a_PW*duptZ4H8o;=J7yH2ZZ
zxMWXBAVcXN(#RgP&E806%v`XDut{u^;@lt&>*Ckiww&z|C50d=G5*-IzFM=er5oqe
z7!wrLzZG|tN}g$L5E;k4e~h`qnb_&#?tI;EgmK+EzhV<;%n{<%DG{<(B(O!RI1z$*
zq3T1Gbwgl;|3NXV^o*`O%gDw?eaRxNG2X4zoOPccC=9P+DdJS4&3(#KO4zVHocM|%
z05NGG0h^)NpgbY~7?sW2xaluR<L|#>9-CGW^T5qGs|D(IMA`GQE*$t40uQ#?LF6@U
zZ+p%M_;L6t75&_HJ=8{nDfuP~RSa_v?Q4B#`)fG`yagL8?D{Q@@38Kb(<P=0WLrt@
z?|Wnmjc04sUxLhJYC;#TaJQ+g+68L5r%S(@^IUiqn7`8?^soJEQ|`C%^sRmiU?z`C
z2sluUZJfeu|6AGEYdRWW9um~;z&)NNczanQf~4ps7Yy(eN*nH6uT3-4?K1GrZ9J~J
z($+LDx<Q_>Nh$jG=XT;=b>@8@tTTQrx;)3T#IQu$`UVLib4}cHOhzg=8yRwZ7{)$z
z8Olo>L5wBH@GgAy%{bFw{(iFiz27`IX!#KNAYZMWA<c#ge}*KliQ;RQ$IfP@pj6k!
zF)(I3eky+qDMW0CWJ;b)yc|5_L5YVJ*~<rLXw#qd#dS<(ma68#mu6c*SCGVL=8m20
z4psH`A&_-MirT~S@4prDDHv~%`Y|Eb4r84V2iHo*xi}i;R2R=YtqW)KK2AZr11pgD
zVjs(pR~OLkHI>ikx9KI`qn*29rb(39sf7053TGfo3qKuneyJEC-jY{^sUaj;a-3)`
zz5lJhi^KIubl7lJaqGGV4cVRO!Bns&1{iL1j(V-n-lI-4AAjRX=KzO)VIQSIu?wGw
zDYT5f-S&KiSW|02)a)sQKTuRPm%tKMESE9rk#h6BdPQpH<h_%m4r=g=r&!cMxEeXy
z%>xLy5grFpFMI29swLI$C`L2b{d#buS~0BPFM&3q<tjaYKEfhKjamgvlk1Jnu#JM%
zRTS~s47v2!-0d1`-r-~<C!fTC!VLsc1pQC(8%;fPNlU~T1$%$=!LMWZ1GiJL6g6`9
zj4+fh+XQGHB8T?AN-NtPHcn2?_lw+btFL$T`<=#_9;R>ayTgeduh$h`uGhO--LIpu
zMB16JyCb~moR7z`wG&@HQ_oC)QxpaLf1!<xS&lTzfM@pdTd!+>M-!3Pome9;4Gzg)
z-MKVn8fc9INcszWrN4ETDC4F6_}_eNy;;4j%#@mz9#X5dx96l26LM>(A1^0Sm;6Q#
zlKf28wMcs&Gh%oxa>(QoW-C3cCWJ|weYm#Wol)m~J&b91pzu%;8&b6m6A$yQ5vQ=b
zl+_}^leWuq>5gxJ{jAsi%ScEH-CvS1Is=taECgiteD=8ZFov!|;aZu-GSQqglkw<l
z;H@!QQ|8!~Yt~;%29oY2EB`DAo{(9G_5~mxiv4}Qs`nDPmO}OE{-R#lx})6V$zQEW
zHUs6)$SN<Wm#S5!x+MB2YI01Q#2-@Q{ei40c}wAO^p<LQZS)MXowMq#hP?rCxSni|
z&qa3maefy{TZ7$WQ!k!oJBCv!-7u6?MM?bFM@mArh{U03mR?+w?Q&7b{P(>mSN$S9
zqZDgdtV1nfy&3a4IDRWS1_E-$pur2yg4M2#f*22xK-+X9sF4{_177weU`|(Zbsja4
zX~<85jzBqDU-M~ikW|Yy4qwliRt+|1p^W2C33SEgmBfpMGF=5rsh#|3)$IC_xx_Lt
zXR;H0AECN}Fp@H)LxdxTe>r1feY*rN>J!iS0Nj|Kq!4)0W0s$YuH{47S@4nwC+lZs
z<OTL24{Ye%w)a73S<~$~<U@!&3xq3qa<XP&6{hMCa8tCwkd<)q-*<GuS3rffXnd&}
zw4nx-cZe#nX9$V=1L!O#HJOLuK}?<u^#;7{*l>*3V^-=v+Kr!*-G3DE8V`c0#|9eZ
z^569pP0G$QHrBQS-J3}_@6}S#D&)ZCADv%+6CTr-BEjL9WJv>x-ni^?E!Lno=Q!t=
z@P{m%Cg;?N&N-dSWl@&^8q&Q8lVNUWb!*d>O&iRRU{hW#*#vuJh$_&&qhq01Rt+a~
ziDBMQp(&RbO8dN5a%|#kaf7yY=d7$?*5ZPoBD*tt9lp1nq{>XT6n=CnaSgcg0VL^i
zq|JO)rx_30A-NcDXS<ev&F>ccePkPnv>csPVum!X+G>BJ2|Xm|MBdUl+vu(ZQ5vDY
zu5+7>vjwDA9QJf}v$r5o@m;4`My?90Xfru58ArN!3$y+x=pB`&v8UYSMB*xKQes)*
zKCw<#5F&Fo?f9P)eryTp7kv;Nxf&LIT+t`pp({`sd9N<FKVR>0Z+b#lbUr`QZ@>TB
z?uqrhN%Z5ZY2R}VdL$usDkdP0QR$@XkHu$ew$r)^^Uz8r^Lr_2kBW*@TE~)9X$-<G
zNcISy*acwH%M*$V6cshfd>>2(F|PE_Y2`oU?{Re*9Rm}C@8K3j5YhTmAxrM^!Xz|^
zIv}m0^J1=L2f6(Y&J}w=4zt;>W6iCrBt!#Tr#{gKO(--kXGI5hMa~Jc?U@79Gin@F
zR;VebKGdnRRA(8hw^_Ykf1!~~aJfCv@?6ODtrnnt?=vnC085IaPZ}8j%B)f?=r#au
z8&}1iCibFYUs|_ZWGp#67`t9aumlj4`tUr=c5_vc&Py3uOkCft#1N5t5mkUysX0sy
z#7X=MU>?(hFiwIeQl^h)#u&F}Am=m>sWhP#6J>1UdlU{LJPtH7Z;{=stc;4)5NJ6S
z-9|_KwUo_XV9Yi$oR3R?&b)ssgNrxq=$M__8_>P?Zy`?VB9~}a00M0UJnKlGUiJDL
zZU&bohs1Uxth;)v1Oi=KuTMuT?1zT0PKteeOK&^3^kN1gN1~j+VV6&6gT;t27gGi?
zWr<xkv&qFvp2f(QwkxqDMXv9jbwVz>?n&KL?>B%3!`fuGSx#s5e=9qWwq9kW5v`dK
zt+5fUff22)5@nVWWx5h|iV}6A5&%vK0IdXoNCJQ^0f3eOe2W9_#Q`VcfDLiLj5uIG
z{HJ(rmI>w5w84-J8NN-_7?<A&J~51jg#J^!e<-qxTO79#TigmSA&kYdZ<~nI1*d*w
zwj;>@Q=|oI`xyjR36fXqg=<mU=%kxaK3lN=KJpZ;!7~?O<#&;5W2h@+`BNFXnU`%`
z*fpMDJNU5c2i@v*y)OLeBYjos$h9_Cfu!&Q*|pHarCX8>4(G#Jne+ZB81`0vVIxGS
zEQSxCZA>ryl^QGvz<HF(r7S$qy+MbI2Hgw%#2BXWEmzXV7Rvrk##5kLfUBLZeh03m
zW6<s{M1O`MYjf&F(>t?Gt|)PNd7mJ4s0uaM=bZ0jpYKOGi-%KNzx>;JV5T%vx#fp!
zdC58wtl@*Z%Czyexn%YFH5Cb&$u|Nr&{E82m4CH>bEM+}|GqV$rKF7GS=X%m^Oq9>
z?CVB8cXXfaJ&BmC>RQo;MN^5a8bGDycR_%vM8rrvP~5;H)S8GLD@RJ@u(K~=1Y6^d
zC0}YQCfo;jQ`<XN`&w6%Pp)?<k3_97dc$Cr!n;4`>2%nJbG{c5xTQx3$fi8{#4Y0k
zszOBZI%4AlL%;9GH8^NFM0KPd0RYlSy!eESq9QFPKZwF21&tBDQPBW1LicXPEO54&
zJ3ZBtlEY3A+2oF&tOa4G(iI@06#C_o!%XsS8qg0z;*T~&Mzh1jp*Y(aqM1v#f4Lcb
z8H!gwjKim#tWykTlDbHn?C$w$rGIyScZG#Rb9OSr_qf+PtL*f+=Rf<(Br!Ae{m?ml
zrPVuB&#TQaw5n<ICMh<%d>IDw4rXjZJz&tY(~SDN1on!eqom06GgUh#dHwYiunkIL
z3p$xgEaKOaDH`_V$SD@|tP!xYU3(`-weoWmr1F1d))WycxyI){sn@K}5vfr>>JW2*
z)?6A4z__;L7}{BGVa2s_3P&FY^lS}o1+1jp<WaeuOhsn%oLY`;ylB<o*)Bz`FmGM8
zxxCvBZES@-6KK0(bN|R6p1}j%Htjqz@4)_1LJUTsl_Uam`=}5$qC50BRbhyP?L%Mc
zsLH1Nsjh6Xkpd?6)!wQ`A8u$jRNtzvx>i$p2BoUJux;BeqG?HXUpZ4%mb3`F+%(eO
z%+DsWoA+r;C)-^w^JOvz`A70<Q$dDTi@Srn79TOrYG>fqTwpRsOru3dGu<Gq9x&9y
zbODV^S+P+eg-96V-OyL0b%tU2m(uh{k1BSqHidi+at>_m-|}U^zspSld@<6t#*T*}
zq^50!7nw-f0Ak`LDa)09N@MVCXWQtj>8UpnU3X*$`G7d)0|Uzg+;f>et1!+ZOT(;&
zo?lDz>O*!ZOQe73axH`Vt3v%UaUuxyiO^O-wgb$d;s6?Ql^Cj$036ss(k03Q;p(?w
zYH}SC<^G;^G+o->FsLrj^<Tl24<hbh6&ps05C+vFIZ1&PMXdzVInGKteGL5k1bN~q
z_?Z$ETC-qF7LCP3JXSJ_fIn~N9cDPQ4AmMHDzCK4r(?8eyR=WuUoP}2`e47=`(VcX
z)=2q&FH#ltBuLmxN)wBFU*nFZpnpfsz`<LO%N{;_51IDx<@?`u?g**~^@#I?y>lL?
zz0`_<!W%kDcj9y2%lQmsA+s86OustHRSblU3zy^i24$hJKILZa567@m@&h)`QaTPR
z0DBYa_C!e?3fw0%`sF$I#D+@n?sxPRp<LwzOM*F<apwfSHIk26yeGvTG;!|=+!&+&
z=KN6_cI0FwV2tN%0_+UTY5r1aSd*t@f^CdTiTQsr&d20vq#upQOG`W$k~9^$F~{re
zi8PF$4>tkzhS$<@H0puxaeuP#C+%Wlu<6@4Y=RtJHgAuw0sk=AxoifH@0e22{Qn}h
zac5sd&iwmbQ!O!sm2iPPFo%brcO&v30`BOyxyp`C4%koA%HO+)7{xi)TF?7az*a$6
z%6W(s+*-{Q_>xtCKWjG~k1hZ9M#C<~A6J%AjFKIR0_<$ol7QV|O5H}E=jaus4?1Mb
z*j6v8qG%`1a$%l&S>o2>fs}iM0=^y(_UIFCuaso*^6{>T);=d6=2>aJms4G4-v!M{
z##R)nzl)EB0|)WU;6xO0ceT1fCq;QaG;8Sb2b`eA17GBU!-;6QDqx@Et#Iqd<P)xu
zHONCRzy>|F*Rma)J{o!wi_*Y<0Rw-Ohyt<1{)RnESDQ8)B@OW;Z>I;O8Z2^fdf<9^
zQi=d?U3Z*bRbzlP)_xn9#txB(&3R);*A9`V_4!2E2uZ}7k@E~eOVF>8n7lYjZ8G|o
z_)VRGrEy2-h}P8>VhaXLXDWuRzT&)dgY(?9^TS=gV`!*!Q5ji%j{r@^T*t+G<AeHr
zY7-g?rveimzfY%BKwu93nq0}X{Ux(122X~sQK~W{a4wIE_z!s*Pa{O;fzKHjwQn|j
z#6BuLR-<Qi`b<aNF9W8SSYF9!Lkl0<S;{^oxn6gg^UR>vYX`1)*+;4#sDTwj&&eQG
z=5j7v8@mv><Gbx=;c54uEvp%f?A1bK&;Po==sD^|$(~LJasRu=D`Q2c4@=H^IO#1(
z(?y|a^UKy}(Ib%AcmPbA^Sg{;&Gff*&Bu`Qg4EeLhF_LyvqWXHGoF?QvZ$J2?%DH6
ziFEaqPz?(y=r5B7(tb46<XP`-Q^7<iDflrgDoc^o=aB#pJQx11`i5gQb;qhIcBFux
zWlb`3cvyMaD@;VwVlfmEhCo#^qLcz$j*gq%{5c*s6n-JlJUfp^JL7*=3{dz)1Q=j(
zIA93l#Ntr=H8*BopsOr|gYhRy0r1l*4`q=gcCB0rqGq%=qonQAKRiJY#*X-8sWL+}
z@wVZNJv>ThEXxp9lP~#27}k=xYnq#~F5jJvbB^H#i+wPF(ymfOdk3QO7svAQYv>hD
z7GH3etjA73afxg^QZTz#IiMHX!1q3M1ZxZlnnV^kzW-agLXW%Cuc!`I#~A)&c<txX
z{r)h$-|0#F&hh>t`FOr3Gd0cqejUTh`2nZ2-*<;&siwZKckrgUyzX}^WdFgX8ilU^
zKU}Jy=YLaLvZX-~UdMB#a?%_Qz4yP6v<6sng)vd6sFZ5DZ2v7o8kq(%^^K~>$zYo-
zaqKWLf`xa<DWg+4h@YeX2axvCEX(rDF}+iGfG0O^BOILh)=&@#8TmF4LRm5k>57$!
z+Bl3&eg-Kxa7~1z{e{f5z+$E{OF;te-6~!AiQ?$4aunEbFPL;%zE-V;%l>T?(zLwT
z43K3CpH&2LJycx$jH^aAD~&-_x04^oMqaExyG3v0Pgec%+PmXtpj>j*_VwnkKFl-?
z?p=FgfXUZz$hUa>H;H2RTSoz$A4;><*WewGOSo1mnQN+9Yk>>adOobYR0{E5l<81J
z^3Hlf+U14DX<0D7(gOdfZbBnfRf_DKlI_c4xBj;U+-2zSO$(dgh->A19!31(FH^p_
z^vhSPi<#q&nW>KGn`OcNPCT?<rPw>Bs4Br(DY)0H+Kg_6{%+kpu(W%VS@9qLDht0o
zD|7|E-+c=QScN3*n265y{>?n?EthVBe!l<tZgXs{%BfBEjeSca!dMVO$U|jy5-#em
z?ELLC_bau%VXZpwO;oxJIfaWre?`_F(;=i!a1zX*6Iy!;F0B;n9#HX3iH@>4r7Zl<
zI(??I#V4TAD}2gO&adae`aY}fzH$Pu8({O%zD1uePH&-XvXKg3Og!@f9w02Cwso!$
zz0E3AU1E_>W_shny*9ROlCb`WaW!ygkHyJ)=_1*C;3$R+;cgXC!+)KW(S)jA@j8$J
z33k$~_ppNWLmO2=S!+N7YBN|B$<0}Hqw(f{RF&(qxYhEr2sLTS8~@i9RI373XyFL;
zH*y+kD40unEW@ZYfreC#Sh7N_0E%D6UWSa$*`!}b<*XF$@lZb$ri0`aWa2i<&jgD_
zz2~Rs$+~HwXh%zHM@g*~zOd`P?xwlw=KnzM&`LqerE2Y45ou*x;N&5z;%3r~D{zLb
zxyA-e@%W3544F9+!I|3#qnWx(8QzT(;M43B<gR*qQMpvjb$D9}A{nn!&RP>_jLKwA
z8)hQO&Jr!a&hv3nul4l?`ASvm{Jn*zitT*I!Pgmy44oud2nx${-Oh`GIO0hGm2`FT
z<bvC}v4MC2P$88XWTdcugY-%E*^~z!JXQJ0Y<gN)+0cYJL!ZJ%d$<(3Vwj@lK@Q&{
ziL_$>EY|?^SwJQjJ@e+p6x!rkiJr7%CV@PTTy(WS0jxY}YKuljNRDCoD^d!w#(XE1
zKW*v~a9hNQ6jQ8#k_5RNkXj4yX%gmplD?<r#3@jFp5^?K`I;4#;O~^dd8bx{)qp5c
zD4a9tYak8Z)k!P|jc6s3aEA_!VtOj^hS&O>=g)>lU}c(@j1oWQDy@?D(ePw&ECC>t
zs9eL0M<G^&kT8U|$d(4LVRYz(>&=+`&1wwGGeL6KPfb_+3krM02G=*M;Ar<n*x)7b
zK4-SNE)gyBw<)2xr~@Yu7?<eAKpsbvx<1t)9C$a4MWpfSrVm`w@1gWxHHs;DewH<@
z#{KHcwnMeoczIMAQdRtB6-FGH3_N3Q4y>h^?AzAHJVZOcNLPhtT`Wa)<E0ipideM)
zBzw+1DoBSF{N79OO@{Lu$DdfgYv&MF>PlrOn~6bsuKhN=>dy1@`@{03@hPyuT5xp`
zO2WlT)0Y#{*C%y2EkWOWU#h-4^ssgIopob<MkR+HS*@lZd2$zmSX_yYe&gd`Ph@Wy
zy6{}qO-$dsEV^IV85u^x;!qb^@{u`C6NB|2iBfs3G~+bTt?ese?Tn&y?axNQR5Dl#
zMrQsJ^a7aZ9$HTqQ?E@I7cpkYFKrznO#SL}EgMA#DHUR|MpT@5wr?+4HliNQNbvN<
zs>R2g(~7n?euG2+kMyHpj3JkNp&Wri>+aIjmO>%)9$#BVZE0(0uh13{9s9+5bo1!I
z-8-=4-WE?Vhqzr0#C>_9gjXPH8M|H8+x^m|*5O&#=|kBQJHAq1Gr@Xvq#@{~;06bN
z1h;6@-fVdsMwK%@a3@@cT?B@rh$w7wxSQ|?URp?xi{zwB@jMO9Nsj<Y=V5YeN08-&
z`!z>@$8`;G#hx_ZPQ&Zfrq}uLIHZ|?@)ZG#GxY?7QtwdziXeyd4#90L&Em<Qan)p<
zNvxuzL1xe<Tcl!NZ;;QZo0X<d_@<DPr=HI=0xWGd#!S_BjK3RcIW9fNKONR{w<eK@
zCFy6O$Y7xf7ALX5T)XKAFP3>#&RhK(@uLpmml|urkc97b&g_uF7_v~Qk%g0T)?d&K
z^O6QaA^$}cq&KYLB}*0@cA|KQD&~`{B&ED)$!v(@2_7QKblhD0DIVxzS>al@mN}@T
z-sLb7xB5Eu`Sfh7JeFuqH^l%3Fp}F|t9^fDsK-z%8~V$XDblC@B`s|X0tmepNvF?R
zq|JCPn%D(U2XS;s*XbHdOJqmfIL2kAxHM&diBV@MIiV^-7a&Zb2JT)xZ>MBaru^}J
zat=XJzak|Z3BXSg72bQ`{WKz#MEhQPT1wMq>mHF#SxvUu<R62`HKi_k2sAA)7^;iv
zbKz|Kza+BcYGH(QLs6t}>C`)>+Kc+Z_MEBb3V4~4HHjIJX?bDhkfHNOo}!)1d0vIj
zUh9u`h4=;QuOXHDA^}#5)82g6T8trj0hsa54pXbs0p5D)KQ`(Fv!R}|3{#z54Q4eZ
z9{i6!>ItqYrz_B4#dr<%jmP}o+{kWaGWp+IOKynDPAfEKFZzS%yUc}C=N=I^1(Lp>
zEz6w;61Q;tM<U9bUjm(=e9Mwg;N$<`{MP?&ZYYzzXrgKotwy1DJ^H7*!3N;{1Q3Ac
zpaRL3b$6}q^wOrm<aZgv$(lz!qS1w<1eL=e{H&I!Vrqr0Oi^a$Cs+3xV9RB!M699>
z7!4><JIElm{7x%|9!CyTeh195>dn0(7~xxLVj1Vjga7w-{-+RzX`HVRCP)O6{KIXM
z5&~$Oq<Rg;un)^f>OHicv8CFyru)7nnFT<lacl2gYSYVPs(laA2*xi<Dmy(bu&P1D
z@-}oL&xuXLf)%Krm?1s?p0;M5>+H!}JpaZ83V+9-zOKoEjujKx&RIs)+ssp?+B<w%
z9VVd0JUQhgEMt|%Z!uc_`$wP1Nv8(I-ozUktMI2T;EAv0qP|fE{};c#^zPQ=tHewa
z!_jC%4vT%q1+X<p=6t|vHxVh}^J<m0O%WlLB7{P(?*l1${lE9y(F{7}-M<_74J9p(
znK=l*;1rF$a^b5vX1l8eGg`aqN7=8I=8{4%+AlR~LLq<?b$Z;R(5!cn_WC)jTgWhv
zs`=}5jaNFaM5u?!02Rzub2Gp6w{Npdz3R(zL1)43AlgXj#LyV221Z_3beiE@9xMU$
z=MP^$Gv{X(%Isu3mo3C{e3mV^Mtz@ge4egg80R@eF~pfhF~}VTh+vM!{NK~R<9^j2
z<+~ZGMP$rQ(@4}Dp7t~T@>b26bZ=KglA2bOg^Qw>A&WD)uxNLZlHM_d9rdsz*1?>3
z|NWNC=m63N7UwXgI#^<H#KoO3!d<^>2q*oF8_Ul0^VEWyLV71A?bTCF=r?k*DqUP8
zk05pXrrPB&J6Z1>iNcDmK`Y09?-GDtVVee2h<hw)C8j!JM6VvIl~Rby%M1?Y5sErm
zy#Mr!Idti3eXhr(nJR~K&{*oSgaz4|cKv;Kf5(K!xdYauHlpWBALfVlp$mqHJ-8yI
zw63jwMNuM+%fJ;Sp~xkyi-Iso5FUZ5?qcx8@hg7QP8Iek$zCiXI$k~$3&q90KL07E
z#Xk*7b@~!zV`4T+=3OZi-YKlx+N&r&7Cz~QQ@+v?aeztek7);1!C62ul~oTGkV9B8
z^p(+-fFQL_nK!YAvdXL(Ru8zp5Uk>w3^-j=B_$w|0H(P$pUb7*7!@0U=!~t=V{C;#
z8-ioK!NGz+`)HQ7usuQm%N&>ggs9FL)%~G)+~6Ns8)d1JxCW=Hx1qL3mkArRO5cOK
zu-08-F=fj7<=0p<XX{z<R|1s(+Q?U+V>NH~+Kqb?Ef{>Ga27uk1<NK?V8B|@EHpU~
zA7#a2Bif_+cyH4_lyNI%b22D;vA(~pgyUNj8r{zSi!-Ogkg{l*Flq|`H-PDBksAqK
zX(~iA|I##!sXso<qY<q((?ab#tQh&9OdiYMISt0-)7=;=IGJ@P3atG;5>7grA!;n8
zal6@)cc8Cj%`jU}r|{kZp^faS#<|!V8&~1z%6ptOm}iF`tIlg;vtGFB#o-Hl*SE)t
zoD_O54D2vxQ*tket4`DvGD>rapwbH&&s7ke;|D0sslNvwHKW+kkIYYe{tc^{+BAw5
zhs|c(^pC;T-#(w>yX^M;D5p8CwCCeb)cr_X0a8=5h(NsE)h$%hqIFGM1CM(MQ(M(w
z;x3mie+F}qDKgUl(TjORU^-pdqG=Q!S{gznkao~0KfUS%jZI?BvIHx+5nU;ZGbhyw
zqiZq~*l8L7u*{}a=0(UhRq9*kJdQLbCBJI+O~&hoqcK${o|fi|s{N4_opQu+MIANk
z5*k{Xx+`a;8i6@%auo1_nT*}cDfmoZkyfnoQyhkIc=X-CMYfK;Xw|2Z6jeC1^iaty
z3{Nm=n_!JD1_qPBv!~0HKz}nQ!xt}ELlU+5I5|uKEEF!u<6Kk^C|ppKX7Zy@JZVup
zF9Nuu%xwL!&s?5g;?7tcaRQ&t*yvT{k+sivM{txeeId=|nFB4-OTi$4dtwWHmpjz!
zG%7<Z6jD-zkFZq=`vot`S)8{jIcA&TdmHVwz~%=jEg2*?!VOUu|32N-LYg4q0A3;l
z)%n@eRDyp&1bgCs=6>_gXv?!rSRi9(%NH_QIEe(0oJIxEa}<i0E}lkVWy{+{O_$AK
zGIJDW7&?hu-TVt>FQjBPtxM2aVY6;(F@Fw2mELb|YZtKoI$B9PU^*;O!I@1f<Xdju
z6S=f6r(JotX4?W-m!@6wv(qSFQlI*Cy%y5LQ)q4+b+COFp(0r;GFaU&W0p6tDL5TQ
zm3Q+US**qc!2(ImiT^H!LY{WV3N?zR)Q{fXVTde}iYlukin-mU4L7Swl~^%_&<_{t
z%lpPOWw9khDl0i09=E(no_p52%6m{gLG1yHf#k~+(bNfJT$xW;Y8ObSLbqgraIsY7
z5JtEAdFMsnB~vKr!+ppPAgNf?X;RRqzZvS6a%0y%H_4Y8bMJWS1RbZlPxTqun1;-p
zoEb}(ln|PERoM^*%C|HvRXA^=uGku^D0L9GgJ|gm?kdFw>1W2n0(7nJUiGZHGYHr-
z=AUn?$K4T-zfm@iyY~Jv7GH27WXtyvBf30^I2x)AFWxusdmrVeo{BN9TN!$<#JstS
z&#*kR9Ct9=CzP2hXf@mtxnH7lREhl|>$Zv{)mhaxm=G@l?1E`UAR!v`_pG>W`?}?e
zKtk4u7l-A2lm}@B_@At)DZb@(R*#IXd1QH2YdbV=TVf7+w+(^=2KKFiJ5nLfU2UV8
z16&?3pE$}2Ec{gt_@~RCbty*=;@<o$!GTGyjx{`X!2F&LW!8JBDEgy~dRhV_ndG3%
zZu{T2M2iK@e$MN{tSSom{xDP?)3mP8)Rk<e_uk`wsQSk6&X(ZKSid+E+qP}nwrz7V
zv2EM7lZi92ZQIUl?!CMF-~H58UEOv1oTs1qaH`(7ejHB`bGYG6mZMzGFvet9NV^p=
zldsX&b>6T6Rc=dzmm0>O{$dUz_`x%P_LpM!Bo;Y>j{+8#C5vEG5K~yuhk;AGtff;h
zkJ0fsoAFR^)R*yi%j1q<A;-hnp2kyy@G62ecKQQ)Ae7*~+x!zY5{JHU;FrTQDk~l(
z6r4fn?Oq>f!62mh6OWYIwDC6=+69RVb)<Pw0X{J5<@hl4z{U6ywCNt$PrLaw23k0f
z%c5pJEv%py?!4w-jgENaDCP=iF^_X#KZnhBRJyo~avWFLC;wznEIdM>+loVi8+tX`
z;Uy?Ccff97=tBHt?0_9GcEOCI`!#FI&;iRee8OZAJ!?9HRXDNZA2mV1w`^>XBQA^@
zsf_)kgG#7?luzwWEM<B&etC0X3ufq6sh6J>O|Y`*#O25RYajq8W@Ky|Bdrq&{V|-2
znBUhEn{1S6-~l7EQ4ygD)?SE0zYy07)6ta3iM8d9A<zInqZBE;-_a7tu^rPp{5sac
z?)Q()?tWR^eeaHqhd;QroU)2~6ze_40;QRFVZHlb?9s+2Hi7%VYjq6pmVx^}%U`Ef
zz{qF7O0O4&<v2dcS=|OOxpyz>R9M^wZlmj8G)6EYW21*ghWCt(Z|mC_(eTePzlCqZ
z1^4$jDjzj80%A<VXEyTp;(G~sR%~VSzzX!S`@Fj0MG&)_O4;zYW=yjDZQ4c|!sFhJ
za_Qv#e$=;Kk23Xdcrp7oyd3K9{;L%-Q*rzocq(KaT*RWM%F=ELxeNdAjumM0fBgP)
zN{^gZT(<$sgSUs4-?y|4!xWHBzi$OxdeRiQv$o2;4eTFZFlSIkKwD;M%@yQv5N0a0
zr}A<*wz6F}okE@lZ-Hz}Mqtmv_kU`+O<;QOMe#Zg=Wu*CaT>$~Y&_Cg(KxW9wPAmY
zG4*}A4;X-rq3Ca6=eE9YbLm@)2ETe6SwT7eZF|Dt=KONf!TFzqoNot$#`0P55i$Qd
z{1&bLv)Fy#5{|gS34{N+FCX7`2MiBi7ef2LOZ4^6)4lf=z8#xigfl-4mJg3CqKw>&
zXDLe#W`vn%O`aNg^F~X%dic3|>UwWnR1iO56MxdR7b~|ZNH-B#t!8f&1^*%;oGTmK
z1};?!l5p{J4gXUlV9p>|rXFamP{d#qn>19BxI$eM53X3($L%B4AVfu!LsSvP%U{ey
zNgK5IT$IDCZ)q3YSY=)M*a2hN;iPl>aHCLQeoQetx1Dw74JrQz3T+1RIEI0x6jM+m
zf1VYsw7{S=fh3T^Q;YGK^03qkf`yPn(xZRj^ugi$+z&Kl%a-n>wv9i&&@lz__z^vh
zMDn+`B7aaWh8G0cBi=)kob*I-zi{43L_nxn2&wEtsh#{x^=c}1H*G6<M#GZ-J>2Bz
z<wM>*w&A)gk%UxQ!3ud7J6m6zu616(iGvFqd84TW+#)IEkXT={6;WOKo6f_uWFIcN
zc@9iQQ43es$`ED)%tR%RiF3cYa*!Tc|Hkb1$?st@xG3C7c4{L?ioH@HX-;pF#ppW;
zPVj}(G73_0oJ5X3D7C1PCrV4J&y(*&a>%ksN!0IDwm(@(pG%*0HWXXZEOOWwe<<Y)
z^ym7){Dr=lm^?qO%`LcRY0mC|kvtML`)&!v>iPK-s`@M|k9&L$MP=rp^0Kn~chBtx
zMK0*m)moe-tyG`MBbrvy@?2;_08J%@O<jTLpp;pb`JnMV+`UpSBVmO9RRPSRT|<d%
zyoo43j853j51G`u-nWwMJk{NX+AXUTk!8NIi68Y<vU@Fmdqj6&d5~L!KvOrt%AMfe
zzzw4I4!eHy4TSwu{sEn+GRq3Ab~oR@oI(EKq7Y#wf#x|CjP?Rl7F+W%IODvZ<5xil
z{Qh#9muW3>DFfsy^@aLdsn-p`I)$M$vH%sNj=p4V=TSGR8S?0B#Wtq6>v+J~GE?P!
zsoP<_4z`K2_OQrr9I_$>e0j*|ee8VHxG;s~PJ>$vZ~bMQ_+~{2d3R(A4cC$WB0Pq}
zffyI_bW}o|PmK#XVVA0$TrA>!pTBOVXy1~TU?MGkmCz%KP|8gV*+y2-mxz7EKPoHg
zKFfd*$&_LY3JpbctAetF2{#cSxmrNGEc<r_6y0P;2eIycO|yeRRZz{x7U!E55CDbw
zgM?Tk0nd;=;5ThNqZueRmBKt)NjVM1XP??hRIKk{c~bnotPJgJ8>GX;g9|rqM=7tv
zrri6qYpJt_)2ecIY5nVVvN~iFTvkb-gr!h|Yyk6(Bplp}UTuwor)m$+@vujX8Mbo8
ziUM<yE8AeiV%0SmsI*f01v9sO_4&~dYlE2iP(RpuzRIN)_h9_qNMlF#a#r~oh82+F
zpfyny=7!8@DVBO3&#kp%;CE4y{+<tzzvt0b`Ir>N5KL<e`vHBwk)R3z2tD5&9o1fq
zvJDk@ab2uMKq?c>jg9OHD2mq%e4sqoXq`n+$fZkGSdh_R5lnM*(T{o@a_J!{X$mbP
zq1k-p-MI3TnOI#={-_QH5h>eBZC#Rs--O5r%hfY>Z>U&fQ-3`g8jG_<tB&2}or(I$
zJp!H&VJeFOw+%6#$5Yj!h#Fpps52pRbx=j~jp4~G%u;DqU}zLEHVWNHY|1sKwjc;{
zPv@q1;NyyU57FD0ruhFzIN;;)7f~RGq4Lf~U{XX2F+`?H;ihCY&eAOp(yC%-8<h%@
z=_HbbqmQ_g{y^`>2OT-e;pXX?BEkz`T0i1Qj2Vt&Z17rU$&QbItsHYVw8J|z0+F9<
zscTTcPx-otiPN5f?wc1fbG0SJE?`Di-5;y^XiPk}oF&}i_dlh;cYMw=TzkE<JA*i{
zzBSXAi~K1=*0AYm=YurAo>aOqs_*h!6)eEQHe3UQ1!m=0CnDS?Fjus32&(fm{|)&O
zN!@Q=^!KKYVDe7*X_&ky16RQyyv>kSAVyX{`09i7bH-4QDerg0^hyg<8|$%fIFz(3
zdKi;NxpmFDV>+8fAImR+(BDepeT#k`8>C-GO#_&+6!a!z&y2!vy>#fIt<k1vTn#(i
zmE9QEUucPZB1}je?546|D#|XhKREL3A46o`kq%q#iBA;vhY34ElX`Rn_yH)zRX^me
zO5VtzPo2If5+e*g3H0Zu{6sH<;Pz{mds$JcvLo}|TYbB$KXo`rt3p5DB(skbCOtaZ
zOL`N~T|~J}5{8@KI=-rk`;ZSsWG-GELS*paC4m?c9+syVE|zK5HQeMhaiy0+v?U*2
zA13(ar)3JL+OM6)k2NTXR+L>Ha?P(}{CF}y)~EeH9N+G5)o-TxadCa0uMRuyw>P^w
zJ=|Sodbz&N&iALi+)5JHl9whBn<+23s-^fIw;QQ;22)$3OyAeigt_a-qMgEJX~v|s
z3ByQNJ1lVx@~uHS`o<c}g65oM=PN8Xn+K!-2+M;xv`M5h%4ZdujYpb>=!pf|jp`Y-
zpWcu1pRIq}SQWpTy8{A!&E9Yw3<XO?NJ~+pd1wvC=h=K(n_UyufLn+fwEZt+rJkGy
zzGTMllnJ{yJ=FM4nFuK7OW_1%O*O-?`mPu<QRQvhBs6~;2&R3ZOIp*f&yi#(Ojp1}
z-|W)K$mFNOn_d2i*12iTOz64)5m8PNlR(O{JlC5YPpUUR)h_h><C>?mtcBLB*NjAT
z279=w$-2caEiACBXZBe<?nw2bJRTyq!J3UD(@AV5V{dDm=7b!gZHv71-t&_}J#9Cb
zdPR+z|0lR-#8;RdwNK9?KUPyNRDxp`^6b#c_tYXXGaY$C2}%E++Vsg|29)3~gSCFC
zR+)lIoXszfd=q~CMCfV3-FEj!6t%Pz2ZEN#qs_Fe#pp*0$t_Y&8xLS2p&Bc=5SpGJ
zC9?}Mh(4ipfiiYsQ}g3U^gohLzR4&MylWjQMbc@NKv?l;xYRj7?q}~iM@o*uC_0iM
zcyYsaCp^uGJR}l_jb<y2Tknd73K&cUE_{h)!r{UKL#mb-e1g#rW|W1mS0|3&7IwFO
zyE1@NVyes4NtT{K(okqPOL3|fOvm_f_}@=d-lw8}s=_~f64*QcVc{<?%60MzB^azJ
z-?0JzrgFl0@Vsx<t5XG+6C{~lBH=AR--Ir=N;wK{C|c96Qc2`9vry#{o%YOEe_u7P
z0}-4fsyCV49XF48#DdubsGqBgka4(M*V<wyV3*vim(DoA;`*q)&;RsqY2WdZIwHzg
zG*v<R$?T#K$|Q>ZwoX!wt3$8Q))-Y49?+orv?3Qr0HB$ZiM)2$q$cI{P$;6Q9BRv0
zDzKI9Y-d>#D5&d7EDZt3DOKGRxv9%X4{}PrSOsfx^*_1ENU?B#E~t5=?c7n0lX(!O
zl1#k)!TVW3QZE^w(*WZ}=a~9c(6tY-_nnLwZ+U7IjrsZ3m+|)aVs{rnr?=Vldc1f(
zq0TO7H3Q%hAT=rz<R^Pn3TI$F0bdjUSJit^4yUl1;a|t2LXwB`60}ziH(bc`XSPx?
zLS#J&et9oM4yrDs7z9-6FV#r3Keu#wV^$x`dT*@o<!rj;F^&LQzJS>Q9t~5_odzVa
zgy?0PjW<GjJQ$#tpRUgS%O9mX-2#mY0?1<1e(gSfw`WIpnG=!h-nTjdj`m^aMo^pZ
zG^GV+?F3qGsjDSbD2vf)EGo6FKWkeCuS=S+-9X?(*<noxo|eD@u2Q2{ny*J?Kn#Qf
z%^{_s1)|XSt)oaUCNYVEw4RWG&eCG5?|@uxclr{eA|dp;?7{TmZhZyu7w6#SgC|3o
zbXq}Jp<7V5$Ke5Q&n58H=wd!H%9dcCF*aLquQLuwmunKmgbX-oELC%EF3FdnA(jQZ
z#p?TeB`sv=53J%pA0m`uQ4E9e$j4zs#kKNx&41uK28Td+i_ukI0pTP21Vexu<O_<X
z?ZYr2RFrgib84E@nRDQBRYAo|{%&!nIzCl4?~dv}M^)4~$5!@5lFQ%^ls*RAOzCB*
zcJ|}p`FOsj`+CI>4ds6>L0T4n<Wul8_O}B9CcjC#O|rN{1Vz!Sb6RM3>>a37P;8Bx
zCrv%OtN36%K0Q?Zv9Wf~)TcFT5U8gZhFeqQ+Ze?om0}XSo4aiR);55YUGOIlc@t2P
z<SK(wKbJ5Ter{(17WtTHaH-7<fn404c>%8t<mlk`32|Q8S4qLS99<E2@w!-iKf^cR
z6sl0{`9RsjzINbs=znj3bx4rxDxR(M;}^JsbJxXsEK^583wv;MPTa}phf~IZ=pWWr
z`P$Kl$jR{c_yg&Nxr#m!D!QA%tR(y}a2-B-0d}%>IDQ@D)fd79Aq!5*b(P1RC%MdV
zlv{E0Me+MOY3Go5xbN;t;QcR4#FcC636Y9FR<)>qWXs)LGByPR=_+HcFM&5so`*>X
z$V3~bL77I-1il&FX9IsyaRsqiO`zNfSr+?E4Z*<3BM`)X=j2GsdY-15J$@&CRRlgN
zhBSU0&&vCIv2%W%os2>>e6X<g(~jul_B!)_oW8uAoQz!S`FT6L-ZJz0Jrh%_xgV9f
zi}NQ$<`VzJ!S`>*{V~sql@!m!x@%<A@<l1KCaUY+DA>7?${xe6GFX3L78`ITtP!6%
z6Z$(`#$&sO#cj3B3}?9v4(?>?hHvrXlSC_jGqHNcf+q~K*Lh!%n1avAw(xK#KQ~+w
zY(@g-2H2|?c^C8nGllyzKyE=D=a7e<smiO1^b_y6rLpep=)#9fb>-)7Pi4Sz<>9r^
zv1SMbGZ+exy6UXWq?wIRkaaFIA{83Tr-%wsd7VNM?KqH^FM1V922&Filc=-&gA`?J
za&{KtKiHwp0Kj^S2vw_3TK9nar+~8{asqM+;t7jJoE5$7XCt76t&UL&u;264Dni%0
z8t|!cr5zozWT|++2l7mltc-IKwE-3Am$%*WAOaSgK|7_tYLtoNFVC02NZn!XGpad@
zDi=hdiF?x1n2+D>Bt$ow<z*B-qZVgV%|IL+l)@R@k%^@uhoON4EhiMhZlODop{+YC
z#UsWN6h9D(5_(RjYfuE+e9K)3i$;i73pQY{-$6hUEYxJ7({$Eo7Dk!(Vc=4Yj3Ngt
z#jm!dQk+y?MUgCRA}HN4bDS2>I#xAmz)Y*g*RJGf-Z(FX&Q6J<ecMPNdxo9tXwx7K
zHqAuzR+>4>9hj5IvyZ(#m00{JQt4N#iTG?NrY@SIdmBa8Ef#-dsXKsqD4LRwqnBB*
z3_CjM=@!d=2i8qwO(ZvS_<^dfE_QZKKK;0Z1qw9F=>-F~gsS8LJlF1wFIZW_wWHT2
zV18A8@xvZJN+%bDL>6^&nj2qG?3iSg<TIHvBa4->U8G{X(9z=*ImC9LT)j508Ap1^
znnG)8_(Z`ezzXsAtP|a0vs#l6NlUn``V}ger@5w>l88EWg4Gb!IsuQm2my|&I08<6
zH~|E>&B!gOnWY$5hH-}GV|6|T6_Hxf?v>1MD~w(gi+C*rS!6l_eJRJVu{!?>JJ`Ai
zsEWXfl+?v0Gfep_5~{R<blKTscZ%Ig9?%c)hbQ|%x-$JQXQjO{5r54bKdnz_zuo<b
z`T_(`=>$Y-JE|;uNhRwc;P#c0#JoKRe4&y>LbU?{F0pHp-1KLl#vPf-SWHs~RNDx#
zq{T_L6q~#dK?Cag{3IBQ<BsocZ8=BHoPw>&Q>a{AJiI(xOgAFwH}T~*Kt*H4naS7$
zr&OWvCM29P@`$SSn^&x&70pXco;2hVPDNmJiF&)OabEN=!W@Np__#gXJc1&mBPThH
z!r<$iqU<F%+OPF+^oYduXiC0Ko?<8!4RAAzg8);dySfHXj*~rFRW>3r7^>Vt<~|bP
zdBhZoLTjfE5)NhQeOU7>SwGUikt^H&i*?4Buu-!=7HzCNJ=%Uv6jkM$t@+3S)#q=|
znVFUL;a2geaATsF0b0_7S&@r;r_%nh;M+FsDrAJK4z4AxibL2_2Nq0m_dj&?WM}z3
z^Ue8wH`*v4HA@xD{QTMw<RIIolPLeV1}lx@w5c#0Y%Pox$y{R(K{*nl>JgIW9x{W8
zqQ*jQR*Gh(yV8r>(2)hWPp4V|)F;m-vfRr_3*QEaa0MgO^LPKyNE8YbUE8Lyqru(D
z7tp;&YGy8;Mm>4#ca(?-gZtYAVw$t`V}2$Vm5p*X8shfp<b{*834tK5Kb@J-P6!hR
z?(w)5bLGVZXbR(m<nKQG7$SXN2=&k0?`Xc}S@$3(gyCMyh#j8xi8FVEnhsRRE(`cG
z)ezJokU)zLzC6F(ZQ-2~FCOpQ+i)c2lDBljP~9)6h1>2v@B~p2*b-d9#w542c4yzi
zM35anT@UjI&2i;XWO|3*|LY#zKPSVIOCl}*8&r4PtMm5;Hlff+?y<jK6>$qk6gOi@
z-lJL%b#)w9?KL|3=lq=<^So5yW6mvSN|_9h;1j9)cvPIg>)TVw8T%UD{6h1M>u@d<
z?jj~^l_Hc`pqa@OxF9o#xJm~56J@tlf<p>C`asR3w;Xp3T{Socb?<<Xaoh-)H3;Y1
zMC$A)nt0b<{bY@uK2&MKM+Uh&sA_h_@y3r$o=zsj2gxokU*%vy$Y&_)^!wmOgwIW_
z<t8#OaVJ$W`Y8t|_gGOFHR`I9C^MEMr!blCN<sp$%v&u-1K}0v&K}0{6;6>8t&gd3
zb7vW5hFG*eNpOJ%@g($<L9WIR_BGeIJ#KWBdW-Z*(Pg7{vX7C_&hOchC@BQ#aqo&5
zCz!q9xzS!U=m%Pk^vrhc_<sPrQ;-vqkRJF{Zjo~!S5#(k$cI&uU00}3A`Pd6ktU}X
zeo+#hFn%FK>~CB%jY4rK-A)aGs@a30ndhWPW_kovjKk|#s3tne+H-gEFS{@_sbEx{
zajhznpf3@np`nXU77;y&9E23)-@M?<KTQUcwwYOo0pms7Xv%YQS@;|hWi-+Ruk`(y
zV!*(e>+v^d!|T2rn00mr^bR@T-<9CO&~!9Pu6DoB&3q$g6#ET^DaUSxMWCiAL8U|D
zMq)3V=0>3X?*U}ebKZkHwgeoSe1CYk-^wZ&-^#@B7f%YYd{qi#tsWGchyRteE3yBX
zsNnn8_!dwl^`D|Tg7Lo>M)Or1y?lSN!q_w7Cq;04#~8d5E{xQAS8xco42@ic?ob8j
znkA-kcVN|a@YG`?UjF3Ta%SVv+!$p0BX>*ZJC@_4zf{EjlO6U|K)ykQAv?i;-rku{
zM-sLrl)sGAZXq*nh>Lq9?tM2|@PE4tm%OKF^3hO=WL{d6y%H>7B>K+d;BU>=wfERY
z#3Cj7l)QN``xG@h04+x{8;iu7o)h(I!VsnM+;7zne|kw`>Y`Fd*C^?ecF=uZHY5@L
z#CRn&tTVPEU?ElLL7I;$Vrz5^U!H-kmOvKD>rI*G7Z&JEOJSz5?&QDCR*{{4*}LDV
z2^mZe9^JP*X|=D(S+t-qiwRO{Il{aEVneVr>p}>`B0gfh)Y1yD(y~BfuvSJ{g%%ei
zxkk=83seLWxFF0IjL6d+%!A{sqYaT3Z6mYo2*F0GaLC!MfW*Ey+5TC^qn&VY75%7>
zD=8#}WGJ}UkS2@L!?h@3_GO=PyLt*EEgF=9MKhT}f(2t5c}m3#&m5PVHU?9JrMZYa
z-QQz~^1-`FnfZ&2itY5!wF%EAMuG~1xEI27nF0iJH_->j-{e9!W>y;VouKd_&Ev1}
z<~2I8)6ffE;p-t#?!JRRahAJA%F5(21|=s?NUWp#-#v!yy_jas=L2OQSpU5(-*C`L
zLQtQu_d9$(Ez=!}T*Infhk#m!C3%c};*DB=2CqtEkuD1AEe60A!TF{EKLJcoP=Ol?
zOYNdvz)m=xS-p2$Gu_lR`@*sLhiAVj!sD~A!yUHE?#QZh!tSK&%IP8%Y3tz@lb0nk
zmq+-g&g?3nT6-E3msS{DJv`mi#$5h~rm7b`nQ)W);Ytt>0&i6Bz4zd81cQr6I(O`T
z27|69&WD7RqE_$g!5`o^+evVPoj50cH4MOop&16iM9)N4If`+5aNRIRg_JtC&qwNF
zghrH2x3KwDFYWr-pa7>?ma)R+PY4Yc`}9Y|@17{$U#NpnrKaW7A*;6pp@)ABZpj81
zU%7wSZ{-pwNO!-g?F8vu4hC;5mIeA!nW+$Q5tATN7ubuYgMfz%+!IZ(iT$-9sZGy<
z^%(Rg9Oo$zqfoMSOFl^e*l`4*7hK-zo@;{?M3Bf3Zj72Fxa7BrC_lt)mZ3E&=0XYN
zILFUuwg^gRCA;o3b^uQAkM6&JEG04OW1;0ZwgiA1-!tB^k%xz5nt(MDAxtaZSHjT;
zWga)N#HoE6S-K&wE)7KnB=-wgJ-w|hUO$9}E*$Mi)r@PweZ$&VWuqS#aS5B49zcS%
z-brZ<vScwd4G?K*;#oK>dki-WX@bw*2|3e_qhaS*S#iN1p}9%8jBp&GOsOzbGvknS
z=>Wk>e$z44kD*dQvr!Z}0G0+3F`|JR8UT`A7;W1r4-E^s25Mj)xSC1bg3;4fEQCr5
zZ#aM~TpcJ3E;{mu>q*3o(50+66K-225H#F&EPj^-cp6_l0eA5I-`fbKxXM?X(r(%p
zYr;}fb*V5YpRcpGRP<wg{jL-7c0d-*`J*A`fPiv<8qIA6K@^PG-^#kLx<cfVk<TBx
z#_SZHf+%Z((fT`Z*w%fdKgS=nk<qSGDgU6^Me!gs;DGV-`TIJ;38uFPWSOHR0{Ms1
z3mDkbE3CuYM@+2_cbU{6CsPzEAsLJ>Ii2V@L7FSS==XZVm6p#CnWe{TW)~Xsia`}O
zR<$5SQG_j=1ivSgx<LkD{+wKJuq*$@aSNg}5g7?8#HcoiP<IJJqZf?w7G&sQs(D28
z?1EHp@Gh%MM`AB;Ud@~ZF8`G*rU~Qmb$V)@{(BMs3%?jz22%y%>Rzjf!|mN_N?o4>
zp*}8&wt-9TNn6bbyI*A<Yvv-q;6cu|emP{BYdwD=j{A>M!Qpc8l%aS3p=wb-G?(z-
zn5_bTNYW#Ezj9JO76P?xX4!1Wi)sD`+GYFv3F^8s1!6?vJ2j;IVC+tNZ_DL;{-$G4
z7D~L-`#xZ{0T7~C2B0~dI<(rqQ^j7U^x}<AzK_+(B_zOM(VeBi;N?_<sT7BZy9P#+
zDJ(k?oBU3}pE=QqomtP<UecNfSfWZJh1SLFPC0UL-peS`)D1;{kpotKf7-@5TmAxz
znrA10b{orF9i|-s1DRr@D<X4{iDxHA*SQUX)XLUadSkIDwdQ)EvC(k1Q<%nEc%H76
zV_`VibNHmWkS>oLfMlPp0l}RsRKuSysO`spOMm#?S=2-$uGR6Aj@I2|exh%$gq;$B
z^X<1;1NDY2IwDx9OKkixomf@SIg)G(80&X_K~{;lm{TICn6p%?qim%3S?F=3GS>0b
zSmzBRm2bHC{}=JKbmlQqxA=cE()mV7Z)5$t>I(bc!EWT=4bS|{!^Q6beoeb*-_uVR
z`*S0057msr#ooi;Z62c>Pj!u>r1Afq{nyEVVvISDjx3_2KdCxT;TRc}(owYS80lpt
zMX0+pFCoTjhqA&|<{Ha+e|wE!T6UED94^PC#_G!C&SD)w|8K7>|8|%m>7-Jons-dA
zY|yFuC}d92<(kntL66rTq@Ip}Y9>QNWCSAO+6DrzcgFG~d)sNx8%fO<8ON)`HxE>c
zgifCe`9?5Z&4(^U6}yRELyOqdbUmd|-CTh$_?1r$xqW<c1i8NAx2Upjqe1PDj<YV)
zFI4nDED-^X%3@J@Oh+JmJX^H8Hgf1{F}$p}hh&FZWX*Oq2+(fQOfsK*EhX!JF?kT6
ziIVs610%=FvpGsz^@$i-P0#e01LS315>i40VKM6VN84_s3Bw4p4y9``zyKaSh906Q
z?i<IN!-)>ceI*13J=Q(N<aJu8Fw;y-qN#}CQ5=9l$4RIc_3HYyoN9JGf&t#Ou`h#4
z*#l-ntbR`7Fa}b#H<cO>uWE#nTbDjn?Cbledv`l-u?mk5u{KH0dnkTfQ$)Y5pRO^f
zy0<Fxjwe=_izL-N_Jz$lXOvq%VFFc$FmJKuWr&3rNY*Wt4cA4RB*~^8F?QW>RKmFr
z#BlI3aakww<Cmev{c0`zt?-#7McH5;sF06|s~m)F96)ItIMpJco_>7(&!3Nzk;bv!
z&yUi=+>)DEemsBIkEzd_(*6CyLi}Fu*UQPpq3MU0&Dbi9&Gg(Y+)oKQzZftlpN~cJ
zElb`$t)+tn`kf{#L%cWm+8gbeq?-tInREjWgOi_`yJ@^Z6(3|5SVMX=*xt;0r{aO7
zY%z`i<!ZTJ>Jlz1_zdA!I4UH4#bQ@-TB!w$@a?3fIo6BKz#j-zGRnsd)|SNuFPE58
zVdmTp^Qt+5$|h~ZDCk(wR9j6tKhaH$2CeSc2uYd~KOAbUqQHr(f?DFspCXc*isuIf
znO%3w!=A}Clv3tcWdT`>iKx0nTTOJ6H8&7J>eP8pfeR~QnAPU|IUI>?zy^}mrh{A@
z(^t1*UU!q<k&vd2wl54|E>bJKDf`&2k94_KWmaWZE!$>6@zE`?DOFhq<@;ukq%OB;
zk%L>q*4J77HhJ_GU5}$g_=tb3V_)?Jl|C(5kn{FUtgJEoT1~-hJ72j)oFxeQDzNUD
zWhxOT8o%3dXJoGNh$>v0juy&|e-#WTpaXb#0MoNC1oe=@N~P>-w%aTQ-!$^Id=a6{
zo@RBC@Hf_}s(W?nWzwA-H6u(9i1tdLT<GJN5%LQh5{ydo&nYLRM_Z~};^HmubI(Jk
z%Py^Wm7v!tho+Mbt7mpJx|-%Kv09(A*w{XTwZVy<ekv<>rd^1LZ>?ahr0ifZoFbnj
zAMn<uYdMl|tm(e|yxjne+>0Z#1~O=IB*feS6O^X0jwe_x8ThS7Y@%=$PeKW%nrWUz
zdDpTWzFqXTJei8+vJEW4!`^Pehku|(-iP@!io^GpKwO+iIx%nsOoik5es^6qV9Epg
zZ)Ki!7E*~-TutAsGUU@tizv)QXGCG5<kWn`&)kmcpZf8wXM!b62KwrOHI`y%2SQ{V
zpwL8HsxDigz;dEDGFBxe!DPL8R~z*P>RJZlGN%a}z$wGWm4~f30AG+P|MOtLg8i_k
znKBpf=4F>n1^s?6gVW#0uLO~MSo(qfqot}vJ7=}_q<1#b1Nj9ajsbxK>QJxGJ$_O7
z7~s}=5mKLC#k+gsw!7)6TEF(M<45}AX??vOq1ra0nng28TasemWpb2LMJ|XE9l3rx
zaK<;9!{@p4afT!je5hL$CJBd_d{ZNV{`Cmg+FqzAN?Cd3erIMw^bZAQQ7`q^u0@WS
zL#h7N=}dfWs6PaF3--;{Ii;7sIpA<Yw>9OG{&M*6wP~<&;ii=O=9G}wUdWG{HVG^J
zVTSBE3J_7Rt)>6lOQ<h~M)_<W7d6c?lg4SGzrC^szCXpsBiV64bNjR19%iX(N3CCg
zIwyg$BLZf?sz(#O4qWifwS=OKhSif8kqML(5-U0EY|uJ}c~#idhz2EP^HR!m&!Xoj
zo8Gg3uh40NT|o*%UCn7h{}+{PAo-|9K8W}693@thW`+la_+7aRw%1_~mO&hgrqyUe
z=7G8!<)^8j1J*<Fp$2U<e9ORHOwkd#T0iw>K;A(o<yKHl?)}Tp73003{@Aj|Z@!KQ
zq!_#qT0wq(IsHbP`w-_xSxtFjEaxvnlDQOYv_TTsI&y>c+0^k~UscLjCQw0p)xWOZ
z_ShI5b_E8<ciQ~`ddM~8x}I*Inp+X+ygWokQZ@xn^GXr3(N-(4Z=eL6<z_gQ9DMg6
zb`bNJv5C_8k!_`s+TVHq9LMG;wU4-Ff7{<Y<)X%F{ftR)Ak}@P8GwYiq&gA`&=iVY
zbcoQx2|rMH;A%a`5_&ThBi#;(`G!~jOQpcX4J)1=p;#!JiatmHbW0j%netIn549P|
zJhw#SA67N;{ywvg0YG3K6{CuyNE%HLZ&^q5nB49A#IatS`H95zErtW&t)ANMg4tHr
z{;ChM5@x_uPzPhcIS@m<K_cZ5;%<t;V!lGCU#;33-LtieV0|eE*qz$tay_s0YRRwc
z@Hrt&aPaP(7iFSDqSUcV(igU&CTxIG?JLs=%4YS%zt0g;brz55oZF864@3GTVKFc(
zkBFJSw-VJDU_7FgjMFp?^WY6cPc(d;kV6wCJcG+x%!Fae6jWW#Yfv+fekCY99w-|v
zt=OlTRgxAeQ7rz#@)zPz-WCNAPYx0Vu{AQq`)bXPn(diJ2XQz8g%ER+M#gwD4lWxa
zjGzYLf)Nik8o*z;>98?z$H+MXzB1PSU&2d8i-SiQ0^whAODbR<*Gm~JjdnHA97myz
zB^1QTB$5N_ugN=Fi#UUz7nRANlMB%p7(TE~jnGh$TF6*xA!QvhO@FDCN`R$i%*d_)
zaJiWwR)2SLtw>&N5+!;u&0`M|$vJ*??C<^-xdgTC)ge9p?wayJM<#@e8IJkubN~|;
zQ(kh?)oRbrUM3;cj}B_~5Y@`=s4K-1v}3P@ql^{@5iHyg6bdxeJ7)0?3_2k_O4OV9
zI!ewRYSe}wE9ks#)iwhVRV#%RP{qJb5+~(yGjQpf7u19Yw7+<s>9xachK<5%7HICr
zOyzH&ra~0MsJNw=vc}W<)&r)l_0-KEbok>F=<wWHWRLPKJm2YlhGcJ4I}K-Gfk5Qf
zn0-{#8LSIRuP7VTf^37YVUKx0h}RZMbs&2#Ah7!K(7U=6!(mpWo>H33T~YPRP|wxL
zrJy#tz=rVr3<myX|6J{z&UeVrbT!>ny9A-`rx#wUe(uRUW}w}!F3aZg6e2UN)a5T+
zIyGc|6few(y$i1ARC00cLsxyhTy}j(+mWMo#24;?(+DX{n9iB~oIfd9+xf)y)>+|2
z08guU-vV_+x+qyqH3-(9B@-&?8K8+W<EnjvX?VznR`ryGEUo<y(KF)R>~f91D!UtN
zJC5BAFjkdQb`HDQ-exB2pQz}pfoehrb$bQ=wOhiJjEn_fdr>!PQChJ44r=x;P^8{8
zC%-#>9`H;&Oc_F5z@0O(>N_ub7SR}364^EfscK6imgH-Tt1^0_BUiVb+cXr|KhlH>
z*al}aO_4obR)6{Mh^AJ_z}+Tln%LyJ3ecTMSxRYK=YqcfV#cg_wy`WvkrG7;4<`J@
zT!Ebpsn5>9w~o$=?<mtUkAbVRt#;oj_p8aT$TBHLQ6xj`JkF2{!YCE`1{h7?p-oL-
z!4%rZ9wKCi__1$yG;hnRjB(TLLig5%8l>GFsb$JoQ!0;aiP0{(LaSeN{Vy>b*pv2q
zD72T|R1p<~%A$1wx!oS#>+)j?<$mp7@Pk5FCRfzE8mYQLv!VwOSqAC}R_ZGmI<|mq
zh(4=qY(Up{7geIpA?AiW#FG_3#{ouY^Fja$@i%?EnoB*)0NH?oBQ)o+`LN?(x<0rg
zkWJ(IIUEFX>6;#-kU1fNX-H9rj&zCOWVG?{F}1T1cPLxQVLI;4Nr-4&w{M{z7q|1`
zftS^76|?ighM(PSwLH3h0zRsKLT(x3+cNEN(ZKAsx{76-nq5B;V;}YJF1P=N&*|^c
zM}U8AZ}!`K$@rg>@BK06K0bSsE2gE^|1JD?^VEu|`M=IiJ%+KDljgRt+!>37Y;OFM
zZzIfxe6ISDWD$2OwfkXIQR`X|!pl&~#OC~;5NEbPmr4$VXgLK*ek>WB>^-uRmONO0
z)r5q*`};CRF_bP>ZL_X4j_HPDy45B|N&AmMG$M^5GmB;2iJ}H&PC^-m9S?FXFeD_=
zG6mKtacDjzM)(T^bgk}CDJ^`7Q3>9R+cXhS%S@6Z%7Hxxwbew(%yxZnB!C4jz{S$A
z!xJf1)XkyXqi@Hr9y%`7P<w$C*QmFzrHyiE!zfDxCqyB~`fmN1S(y8Eow^vCu3O(E
zZAK}v*Pbw{?U$Dk@X8`p-n16aBdEc-2MKxogd5Yte>KQJ#f*J#@yXnL7Oong=ehb;
zs}_QOD9T|e;-KD;dKvyxS+g^un*dl5L(_VL40_fG*lug|?iaUy7gnr~WYHkN>9D@(
znX=ZvrWPJ_hSa+0cSPB+mj?xQ!`1ko(xl}paMg%DVBu`KX=vr8sR3S_VUO?H5)W{d
zd#DtzJgoUi83iVBXP8}0#2Xi*@lpe0zqkabv|d%}4K5y$-*gJ$futI$N+d<Kvz%H2
z1j(p%y*%%&y?Lu*&dYjXS{5ogyHy*5QFXz5#00Dg{2hv1Yck)k(iirfv19kfk`srF
zgh$KE4Khr98E!BBOC6dvP|<zsp-wG9i?M6j?pAnMfH~CBcMj8-^-Ii{?Lvca%q>Um
z*!S+T40N-Ak1b_NHhx{h#hP}3r7HIar|%PXmML@A#^w#W521b|fUwPCiuZR$1wFv+
zm^xWsmU<s>-t3w`u8VEu6hn)0JGXmOFs7|lUI>fCt6vDR*t;$tL<@3m`}uJ((VK1^
z*e2l5{mVne(+CQAMrD#gonxXY1(l_N3LbJhc!hhvIYM~XBL42^C|AqwqBKG(!N$*s
zi9|~F5;1Kizt}D=p+Psx&it$4NVA@3dMsm@E!Vnhw~7WcSpnQK<@Nx+_$hW=`?%OD
zr{%aN<q?xjh+mCkno>K>!}I6$q)Yc3Zr{uceEWp=xs@f*yN2gTM@8yJ%khmpN*Zq&
z1Zo8n$2cn%Ug0y8-3i_r`!HBDi`poU?E=Gic$|ur(idnJ1B)1drjcot*N2mFlcJLO
zj^_aGXhj$x<qVu>VzH6kvsdm5O;=6XxJFnsG_)(8xI>uw7HTCs$zAQQtY>wfbX@lA
zpKJ&MYR|M`$em0UY72FGK4XQr@~N{4LhUMVy9wh9fyTh)<JFe>Zi7bc5rf{}15(Y}
zs$X5YV6}_z1%Gti7w8Q5Rip|GL?LO2<7`K)tDb963lem73t`v~NRf*U&SP2bvXOm5
zH7~j-#t2xuXn_vV7@tWzO>Eo_Y#Ol9Dtc6v)SB#Go#@h`-3E5{wnS`It4QrI%Dthk
z21}?=RX5m<6(E^YGNpZfXsZl#8+7^|-rbPKd-IfOZ5P+x@xfYwtx@OO`wMX))yE+q
z=1*cM*(wzx6u#$%+bg>Ly?|h?T7ynZGo3vN#<m{VP#T&4*>+^@7;-Ii(XUz9NCUd$
zy_2;nxJj5`C~f8b)d+@Q0$8_{crX98f6IqJ`SujHQYCGh&*_V-yHxc>FOB1Y$;yty
zHnARFfn;5*=NdIoVZ1EC2@+c+)g(H$AbrE)^QB_mup<=MN^dzYht96V-a?(YaT^M4
zz5XtA${d9@{NX6)7O!rwx%2iW%&;I+AGDU<35fdqET8PTzvN}T_I%7uqO|=R?I_|l
zYB9-D4DeVRN~MUY0n@jf?2e1>cy)^C*=qZ|;-VPdyl0c$R9*QSo)1`V?(`YJiT9%`
zM#j4U;#^<gMnNnoBUpvF6-wr8W!f!48t7KuP)qZ|ng=cz1^F0pxP4^jI6!nt)U~>J
zZ;lXR%PdE<SoEYe3*6zR%{OYP-vy}9dIA@a9rSz-=3(!RzY-6PhlnoBwcI(aOJ5s5
zR?fpx6D^i+_UP{j$h9gLd$B^&dxa>R!f85+e&rWOvk&KOJHB(*SA<A6`yj3R_X$uL
zBUYMoU&rQvFd@s+we3Mq8yNp}{5o1ZthCQfnewIH?&J{tgP1;TIkyiq$3&M)JdP$3
z*h6wlH62#I8e7IB)(wU}%r+&eIzYYuoT#T-6bI%cOwxqrUNaRaWbU~RM?CGYx000&
zWR7@Gfb#R+P6`CXhmhc=q@_DA*(eF!i8I}>dxE+EOqN8-BLxXXXQej(3X=D4C4rIf
z>fVpzhX>_vf<~$Aw*9M@CwUorMaz{++B5zyb}fIt&%MY~O>wO}c|=k#RA|ZGqtl~|
zFR8qB8z^(Zq59J>@=by>!c2?!Tg)pM9uVgm>CLzY^*nj-Z}2v{h*aE(=~Oz2#qfMI
zA**SzAOXMcLETywWyg2TZBkQTUSJVi7)V+Amow&OQ8UgTt}%3s%-wrvw<lKt0V5R<
zD>|)fOxHf0?^Ar(XP2t6Me)5&H@cTh-sAgceffMOU%vP}Y<8wz_xQTsU+rx!GJc-D
zRMy6}YV&%RrE|AjLyhGEa*j!w-<#HN?SGf=3yjRcsj)cbrPLc47C{v8DGBCj)e?fW
zC5mY-w9Wg3Gc^%WBj#3MR8qA_-{)yV5qGR-yxKzANG9b3$*TE{VXEq6<x%IT{S7(6
zAr6sHsgnV~2=@q@&Z9yh87f$ViokzTgVy-Z+joYkg*kk4k;wgc5Ep#~vETU6I|20u
zk}cob{+XvT3g$tqC>M07)lD%AJb&S#Hg({}K;`1t&E>RUh#>aUD$<SXZ5sdaM1L36
z6FBEIlt>Vu6b!GM)tlI&f#4Yozk_iy7!IGN8$^7brh)I~5)eg#yQzQbl5iEkY1@a7
z2QP?tsX#I(L_*zgF^Dknh_QtmZsTzyTwlgpFD_JgIeh_$Z6WYi2rH`BIpQE>Shj!-
zya_=Gvds)ox(jkEi8z1cVPs{mhMy&64+yZ(g=?MM@8T6~UA*m=e*>~N?6j}loisP_
zK21QoV3eOdj^@k*HxyC1f)hlh6F5N?6*H+$b3<>eoH~$=k6%9{)=!JwiGpf=gnO}#
z6)b&JoF?yK$<_F^2#`$Z=kH)ko(A^(+C~rS0#^m5G8gqdATP1ENWD<VW>ldK7G8QQ
z?UXC7U-IeS`1u`fiby`iZWe<DTTl(VR}kXq-nc_kJ_GQ#+CAZEIn&v4oPVzA4#S*p
zK`gkze`w&G!;+k?w(3>SRch&giuwQ@*8+RQeH>rqv1+=U$9Es1cZRi8nV}IQxW!-k
zDQyC6kt4cQ_mIrss&urZw#vyacF@(UnsI^J>V(0`sV_Xh&PGJtM%IM)z1666+PFQd
zAm@J*gSxsfEhR}%Nm$99E1q;KhTsKwvI2Sc^Hfg3FLSG~#(z@d!R`EFja|d@Z1Y7K
z;bN%3FYkcvZG;8#<E3MBMR`UP>#nP}VLi^-ixytv>dUEeqF~t|7$xnmoAkVdg+ph9
zG*&8*Zkd@leZg@QL{C~Q1AdvxpA`Z*Qs=VI_Ee5LYfNmLTL!(jnp{xOIKXc8f6N~2
ziN0{*T*W5raBl!O3OjNG^fPtNLp>wZ%#{A4Rh_ULcrTdD5QSy+7@54BQ{}BIsvtFI
zNi#4xw>{SBkV61QqV>`ymxrLGKAC+S%5zC-I^9MtkRv$JMH~afd(7=ufi@y%_Qgl5
zHuwmX*+bLP)$gfln^mT;)FsuErCCc|$yd*NILR+M8HEp8a?*OPp=b9N{IRf=pH0+N
zzh>jLy0yRftu4I`jZM7_bAs7Dy(*M|=J}pG;fduptln*Fq}k(`{>=MmK<<HWnVS?k
zd%liyMdn`_X21cOuq}wJTMM40>j_=zKC2DBP~|J?2#5c*pEa!3b1*<z7zdVnvshuk
z($DKf;o-BPRP{@~ppaA2cJ&tJm^(QF&_zIgqVr4NFa%x11%f*rw_N>*WkU&ZClCEG
zdft7D>gh%%xP3j=)fTUZxH$)ifD&_&u~2uhl*jy%ZPy#AA!tLOrgyX9db_KRNgdT#
zt#N0xA;Nm(0vC~1w~BGH$wARHojC!KvVP^n*ewM-$$?O!;K9990MBwUi>aJ}M0^UH
zPtWo<OBtGxnTaIkODp}VkcHvWW_*nBBf)8cv}=wc&98bQQ%gYVQl37ms~26Z))~3!
z-#{%G-75lg0k}yW8pK2|<#XS<?hp>b^J_a!i!o+xr{AO;f5JM*gT6CKX-!{D3fXc_
zOYJzBw2-!<R)P=FrWZus$;#nIZ2s=@sr@J(!^>bx$t76mZm_hmVX6SpFvVCXO?e0E
z(lZXSK`PMi(rrGeyyWXa@-R2mkCph&CabLzY-Y_}A184(-1qI*OIx5LXX*_<H%-<D
zXiLX!ZOC4~Lxp*Yd5E$EY}+tK3we50*A!9nllHwDmvR7QY6~H30rd__$rXRLuu5{}
zn>A4c;^mz){!my5odrUldf;Atjsv7jT(R}LF~}If&cz@D77CJ>%+1QZ`Z7f*i>v}e
zj%l!ph>viv%HKRIOKx&kM<yMLo`DFm3|v@P^?blEIOWi>wK)+y4q4UY;4kc>i8VyK
zY+P<Y+GPe->HLg!N>>8nfQsz?LiB6(QcY(WQ*yZB@lt~#z<jIW>dCtI^XZpnZ^QZK
z1*)FQ=)<J-T@@yjRn^*kNXw?(;(YkrWr?_4AK}xWnMQ*2XYhLBoJVungtAk3XB`~u
z`S685obrmrmzka>3L&Mr!CS&O$^J44(!iUYi}IZ(T(otYfP2(-XMikV-II!{-$bnA
z)DhK~yZLb+Gd~X9iVU#s9f^Ui%{`ZRuY|=aJ0Z<Irsh^hq?Aw8T1?Glz8S0`7v{_x
zk}*_P5o<_mV+uAg#a4oc20qbE)lfx`-Ze%7{Cr0=furd3@l}`5h#)^hXsROnM@=4V
zj6*K`L@An854R=P`T@1OX6OTaw9fbV#}bJ=fAC+q2ODy;7G00?Jy_)ehDol2B)cJx
zK=_tt&%mktE9nt@z4#i9-_RXdy?bX;h^we@Sk89eFScvY;B1yzzZ7&>vbiwe$W(L@
z15|rrQms_GWk}Hp@qX2n52zrQvl3tN4GbnRYM`)?y6E?%k_KV=xoz<>Cu2Xb3MSvt
zAhI9icoMn6=B>3b>yw5aX-a(1RGOwP_Co@R&AiLZKvKf0U7#BUB}svv-5&iX&svcC
zitX?9-v0B4c|Tpz*v#c=eSXnnODpbS)Pz5gRR=#fO8GIEJU}+<<P`+xYu&2skVZ)?
zC2F+Jnw=W<s54*@3s^O&IUN}S?i+5Ktji5p*p*A_ZlAaC(A0TYWkNDyPT8g5`!}Nb
zTunOCh*-#BsIb#JZB(B9(+#X^_q6M$LO85Haf?|;R(wiNvTS7(!)xYSWshZmg(+^W
zIdIJ;QL)j|k!=3R)krABvX76NAY2L_za$u=;^JFpXG|E%A+d1k-6l=3d(o2KR~xag
zJlMtm7G!SbW0Rn(w@`%G2?pv>Q6<0*Zluf7P>!nWLC}Z?mz{|S17E<DNTGWgcybLe
z0jaPm7vWvy9R^WP@uFCU<URZwX4mP_;po`QMz?fTx%$!eQHEmf=Gv5<>N<U=gi?(Q
z^{1{TDWZTovH4HLv}Y*_>7YoR#vrB({Pa+Ph9D!JG*QKHv+{adZGIe%SA%|Tw~t;e
zvSw}b@tLpOECTnD6+|P;x@AVHbI`<}nQt7yv-CeW0=XV~^J6g5@jD^S;RE{vkZ#ok
zQZs<W>tV3orFm{Y447o(Als&U+g<tuHcM0?dQHil2w7Y%sB*>s0TP7Cjs5t4kpwLl
zcvW<T5l~tAzqpbpJ7%^+aFE>{x&^G0SIidcvn?!<B3T-TTi>-b2X+MGTUDrTlo)C{
z?udywLk8~T?ja{>$tl%5lsYR*#YQq$?2=Jz?8S$q<oKJ1Ldn~FBCIq~-?*M6S!3-#
zVOfZ5_1+@yVz9%MA0jF%y6q)>WopO$`fC$;@*>sQ?Y}%9-|iM=<FFnA;T6I$tY%^*
zyH$u};Jki5DgLXXf2t5gU_DH?gh~x6|I(XTS24n1J=u=JO2!a@^CJBEDg!e-r-0cN
zs_BTJX?mX&{c+`)1R{cN^9dSaqh_pH|5YDTf#?~#TKuFddzo`t2{PL!#o)@@WBp~C
zi%c(3q<%ATc>jHr)NLKTu2pHq_^=pT*(s(VJIEAe#YY`P+Q|tU<q!xL;*wIfDqXk6
z78H+q_TtKJ6pONo8370*ds(0pztu3^_n1E<Kx`x)ZgojOgBG`q!x|t2kTCfv-CzM+
zNAomiC>A8l2YbH69`<D^n3GFZWbl79&pPYc|Aax&REyPBzo<1QJ9zT=Vcd4JMHlaq
zPW2LJvXiW!mUde>aC}#r;I5{vX-?zxIoPKg;tF0%<b|mn!!{>X9Yg3apF_uQ;(>Zw
zU#(QLSct@cU@ngvAe0;(VOV*@fSohTvyb#KJLRO~PK~{3VJ}n+-d`;g)(9qp>A29U
z&~W3{tvGzLGKV}Ubra`DsQ=O`f_DXFfi#$Q;BwJGB2qT0vnfpGb6uLi=+Z+9Ztejl
zL?xfZ?=N);w42b+NSne(K=}LF8R`Euvb#Io%E+PDji9o%l7}rI!;LYl3<Ved(^3c`
z3dc2vq{{$Cui3P{RGMz_Q1#V#YJQ@UqOJMZv`&0o;Xh2l0Yb9<c3N|)iD?FeZy{2j
zHhnc`S=IO%a~VPnX`<Qk{jW!q*g0K%(D1npS+`KyfC1Nk-~`fS=;X&8ieim<_m$G<
zthZ1TxI)QCv!yRv7KxFKpGW;HQcVpIQpFSy0D{W$Kd_A9Mh!ORqD2Y+511hHjfwn9
zJb`{psuCoTDQLr&0L|gG3wSf_fbAo$=2sOy5oJ(HVncM{MUETXB8J#EmcX;Q(B!#l
z7t%*-kB<VXrOl;ELS;B9;JX)?R{o7!X2r08Q_>u3G7k(K@w!C@V^zA@efG(iJB;lD
zTTkOAhRkSqw|o4${MONi+BK7V%@B5u%{z6cm?p?Mf2`lzeCOD$y101D%c8upGUEA5
z<-Yq>C_gSfKJMqs=7ha{4V_=f$hDuz(Am_-!_|qn)2%Z}-2Q%T3&7Gf8nT&)oj8ee
z5ohxKZumANf+J<)0!hIaiu&$=z;$wm*MSJdvw=Q(Q^2~2RivWJ*He4)mT%FA96p0o
z^=?MzCb=36-}BrYj3yFO7PpBTxvry)5ep%3-`$Rf!7wijAX50CWI{J=!Raw$Zd75*
z??!4nu*CP<sT6-E{O$2cJ9{g^FV=Zo^90H)`ARbw7vq0Xb&k=Q1<l${CbpeSY}?kv
zHYT=hd!mVLYhv5B?POy6NzOCxd)E5C^QU|7?ylay_F7$Cb=`H<0qfDF{mD?~Dwa;1
z2C~X656;ZeK9R5Uo)u_1>sweyEJml?T+4kI=B`D_W@<Vyre9XPsoo?s40N9M>-{y>
z^d=by&HmhEmyT(tZ!xo1|HdnCNXv(7c1zY;=x_ZK`8=JpW7F$L_gpO@dfr&(=@{sp
zGG2~}=(CbCL(6L+_%s9qQcOugwP@q`IgYt;_~L!{dyx4QiIop{2iog&uzCrijyGcl
zwR$3&RE5YETRq&cXz|oSdp-e?uA)$da(7fVo5WP?Y699R9-qa8b{rdAEx`uUY*Xy?
z+NK#f5)sCv{Nk|huvH8fos`evXP(qYGN`Ea7TosW9WUaYU^sQkYNAeE7d+=mYg_B?
zIK^Q|UaY(cK9NVRcj`PjnqdOW8l%Rb&DAaUSW^!9Rj;YX>xWq+l{)dwADwTa9gTEy
z^prq&Mk?oaYFwhP_*C1l*nXB>383FVbOq%s(IIb5>*^Av&q~BeVSYDQ^dpCjh2(wA
znZI=yM93vJXI)Ik)GJ~oA;0YgnE#{1!RReS<tgao3mZQ^IIOSYc>~SDLpeq<wqG;u
zX>=E<nyhtjGp~N?7}MJ61!1a|8zF(z<HR8mo&csAj2)ZeTwc>uaCE(>J<?434BJ>Y
z@_&H=#YLtXxXLh4ay-2+ub`B)VjPs&nEncTgrQkiXT*5>1NZu=TNHU+7{eiAih<Aa
zcII9hk}}we`r`^qVJtnZ^SPeG4@7dGWb=TYfbGwiRfxw4e|c%X^i#%(1%*n%K1LrO
zZuJLZdnr_-p=wNbvht<xq5JHSQ-IKSWR_~gIufXPW-rRu$<C8E7#*hBUwB1Ei3KR8
zu9c?bsT=ml9+kuyEpTqWizh`VR9qUTr#BBb9uvK2ru~wSpG_ROMVlZ}8lKI8?1UNX
z(K+(RkNMOIRB0QanIld?WRlVb8oE;-n9}-@{m9c)r;_2<hziI`W6bR*7m9su@^dl3
zA|8Uxdk{us%OVwV95WUoYR#ZLVIGEOepbqMcMh{dIu$lzvgoP;lI8(YVI{<LN)juF
zE>aF9DZ@C^T$w_q>!V%tX}-L}C@8g1OCv(o9zQy51aXLAt*xFfzh<^OxFqd#y!*dk
zrQOdH56is2JJyf+tYs>j4abh(&vGVQcAekG&XTp`p};VKQ<ZmZe*tK-z~T)!r2>>E
zzEd7nx8IhH1wZ$Bej?&^dXFN0Up_i|U6Hk~!w~%sZ7?xjOa}$acEB3eQ&kN6<kHfj
zY$+=|tfPmmr#g|s%AJ9L&O&Z};(YhB{u{Vt`zVL2ex*?ce%di2FjLe`NE^%FoGo<H
zFrTfk&#T+yqWN|mdnS#x*i?SG`PU^ncE_?~H+O@%?xyb;EMG>-RSwe9wEoas%b6?X
zXD<*q`2N6##g!+FJoCgljVB}VN-32JfEY1z<yrjBNC2Y2rbf3Z6^hQ6kMk8-Ttrh;
zYe?YGMy6Va^B>;e>NF|!2z1p<`CCuTZ!iaVN8ae@lTtE<wGscY(zZWF6FFXZ*JNad
zrP}XHFFA2{bg^v>M5>fDM9!S}Dl!_%OF<_Cx2jd0ksAVqDFyKZ;~CxsU`@l}mNAI)
zXQN%T01;1zmgM&IQ7$d(k)BsXDIU_?4w^E}q01Wc5-9(V0Ybm8aBjB+rGlWW>~3Cw
z%k7rTkJu=!C8!Z~VGn0?cMBcCJyt@o@&DxwSnuR{7shSQ`L9njOIU&t>KWTqOrsw~
zQh{85`SCB?RLiqGpR8L-5lL4_Fl+RnoOlSG@dV<U9P{nf(uWF75^)}V=#Jj&EVqkf
zh&n;B@jpznX;ZAa=SI&s1D*TsnFL$i99i;FaOt{ns;>I!mnnI+7k5Y8%1pGkR{&Eq
zNP;X<sy?6waQLTPwY3CVC`loMr=xJ<xsG;;K~q5nqsOo)bvQUNwKSbD5!vvxk{+ey
zqMI*U`KkbrHn>|KHwTs$Wr{N*@W7)>KyON)<&^k3d)v+*n7YyckSs-nU3yjglug^{
zNoO;}K@Hnfm=~M5x87_}`h!8<G3#{0vh5_e3k75iyc1(@1lU&SrD(&{aEZvrwGxZ2
z|FH(?l4@h?YXESSGnf~gif@muyXI<R@{^-l`mOZ{D09bVKV)~IWGO8=A6tpg2U=9>
zk8-g~bd;Nht<W!GJ79mFu<-NQl#Dn$s7awwp^x(liEQv!hsYmQ6Tvm_i?o>v^NHyS
zI>bAui4q|Y1|iXd{DTcfj|VqAxp0{6TJ;V1X{pW?ufYksyxegiE#FkcVr`1+lT2NL
zQG#R`dJ~i?4kX>U(~m-S!XOga&-ILMIGAA7Lcj0kWc#R2vA&j35H1}SX85Qk##!Ad
z+4BFVyNtHGQ<4*)`AYvce#Tl)^S>_yGyiXGQ?5U&rO}-dAk0^_Pa~@kYFu^L)FwMP
zFq?9jk}S14nvjgses<0qYPOfYl@IIu)zU{U8%K2DFV!;xsM=^F^PTsyZ{xQI<}mCq
zESB@@nIggoKT^5ZIKyE=%l^2eH<GF6ZcBmVZG`lzmdQIqDdKgT>-585Rb$yFTW22+
ziGkxcTNR(^G&YlpIL-k{Z8*tIFGsUzs%9I#!_@PH@}^118O?K_uA`t6HM{1@pfeB7
zrk*b9T*OHWO;kwU65@Up$eWlXbGoMV7;7)E<k<=`L-;dmZUC#;!}EQ6ID7MZLw@qz
zL-dXy(zMl&EUjd5J|w`~z^hDLxbmJR6&5E;Fize}LR<86pQ7<#XS3b}w4yEC6s%WF
z+NeAitlb^M-WXQ&H*h1Y$Y^EoOCkxm(ZK2wJ=*@9#=o$3VrBi}5}CL*OojeXC3j9!
z3Fk=5{;oxx`+c-ED@#T>qaTrLCNE!@>AHMl<?~f+%E3ok4TFk%M(i^S2R9HwrbPe|
zb^U$rRZg3ro@zmCecNpj8<v4{D*jbJk~V|r58NcZLTr-|g*(TO-*x8P5{v|w!O;oE
z`+&Ia9Y%@6s9S!Com5hv*aJXJ?Y5!TzF+t7kFh;wpXldj#@KuMZL~~h1%aWF8_KJ#
zRIYh^mj3Wo#;?6XVlc^9cw;~)sZVH~Uq3eCo*y81PKAJUUtH^USnEbY>ssO+REmf!
z$p%XpuW>yFnQv@>&JC%4dFT}|{Pr=Mi-rHB>Az!6*(2QMnbBp0v!xr7t*@i##Ct`*
zD6=uwXU*e7%j2Ezdd^)~*rnK~7St78eIZ4nRQwE#OnPg?G9P+g7=7q%qqZ%|#*;E^
zdf|KbyBIrSZx^}AWHRRRyN3AbIfG(zC9TI{45NCd;S8f{scUVZ2Op<<@J=>B*5Bbg
zlx_o5iv~-qZR9?Qrhd8^0zm^?<_foepg}5QI7YZHj<*DD1d9BGwg&vqkwW~Gul{{G
zU?sC1#m?6wa8Sm_<MRZHix2&lcwSt&S_NmEB|JSQ%m@tT(gOLwAhA5tWK+CFL7g${
zv_#N9@PrXOab*}$hmSQVdQr;z2+Tj`mS3LEQUb~f(q==NS<=yerc*QH^P6zq8F75X
zf*cjop>>aPn8-EYa^@tQ#|y+w&5S`TSac84@+BHUfR(IbchG7Yol@Ww7SQwq*q)ap
z)QitgIyvGw9*sQRP_>p#9l$ss!Axsbo)LSTx%dXpe+BEReTVc13W(<vJTB1_C$Zp@
z!D_y<Ga@Tbg6k*&L4(9W{z%(AUfH66Zo-6M)46e?u02hq*{a$NF-Z|rn0(pfT`x42
zf=bt7DH{8sx~5MDaVjk)xh^5n2@`a~AclJ6gRs@0iRmE{83|W4mimH>m=tY?tMC?3
z4Oh8+X(|pXkioEF@hBcX^ZI%3h2OQ`+|h^(Pm!*Xv}}Q(K?4~OH1PKnr}n5sSd;gb
zx$!10byfQZ8a!U@FJvzCbonjx9O*BZTpkR-iUgK|{Lx&%lb|XG|1viP7)r8Ffj+CS
z4cjT+1(7rs!uIrHaV!hbK#o50qNZG=QaiwMQq2U@LG{J`+3x8M$eSz($uf_Y3fReq
zfWEjSx0=|S8Y^GjmGnqzCBf0i=qt9N51%G?zi~nQTDjIQwA98$X_y|hS)SA5rwX|f
zKb8wIz$Ib#`rDmco(<X>-D?)b*)mVQWHW@8(BL%mL)f*Rf_p1oEX7m}KEle(M0J7t
zRXT;t{bUoLp43j)r9(6m?COhBqr&KHtfAE3>oXjb`$Z|LcTw1MSKzr|s610c_os6_
zWLoIHQSz&I{Z2iq4s^-i<p?7rgi?2_U;G^Nl{S*oB3DcuXqUcv=lIQ-x^rT<S@ETZ
zjEAuw5J_o*h%)rI`Ji=g-!WakGYjrys@Qdtn4cIZ?NK44xs_^JhT!qqdsD9%;;!F+
zGm08nW2p_Ot_>I^hmRkG;MjlMDW1Q+*t0O+;j}#pO9ZECp3XtROtRzXCMgerhKgp_
zxeuUq`^u!fc($qDT&wqAZb^E~QzCP9Z-nYn8g+?X>G-R;UQ2#26JRuRX&;<rjYoFD
z<t&n5klYzczo~3Qv}<%AV)bnT-P0*b*(!Zhs2t6^sT+Fz?>eG@4BoKb?s5a%<7MSN
znkak)mu@HgyRwhc%kJHgXP$`H;;FIpL(^6Gr_9@)nsPIpq(pll4gHGEf_LDMtGzm-
zlgq&BT9(@egtUZ8_sFO-7ODCI0kWJMcvHgBU05+yF}JjAQRtyW`^~|;cRAunrGn#M
z72P-VRDq%5|NEG$qq~5fy1g?%&EOj)v*TIP`T%@7P2Zm{ZFPB<{b%O&#S64Wp4+i$
z9YRm-{_o)1H0w|?5?>Ghtyz@Jwby^mqGWRa+5OuAIOt)%t4^D~FIeZCertk;L4Dts
za;W^IqTJikl!F}Y)1{$!1@$M>&!L7E*^HN!>~HLaS(VL&*NvTS{BAzs$<H{E39kuf
z3=KfEO*I&OR5U9)B^IIyHfN`oa6$nOG53UN8w~W^945A6cbL1v$gbe7d(DJ|8-0{b
zu)9~{88WxuRkIPS`+3U3@ADLev+PB}s@4}c@zYm4lb0qlhIgEc1Ms^w`^HJn`4Nhn
z#S!s^t|U(-%Vi@>E)^;X2MlKr!td89Kk5!?X-5S5qMRDM=ve>YZiohLB}CsD66$PR
zexYuMga01BMd}lGU6IdP@YW>hU0`v~CEi1W|H(4X6ah+VmX!zBgBb*#uT}RQJ=g%`
z4@b~3pW}pYhA9gS7K9C)NR6J&gbUFOtsE9kW+H2Z7=<$Uek&&YN9D4n?TQ=Ie@FvQ
zK%c7dAuF0$uuLB`TKi_28h7g7P_4A(4Nwi+&KcI}owjpq%l%uOJqp(u(hnD1p%>4Q
z8fW*lHdzG1@QM^A@%ghyiRz<Cms?y_<ciG9-`k2g=~Ku{W0#HPwU;F8WN0T|(GI+^
zBKwGKC?g|gl8;U{hwPxM*ICb{Pbji9^-6gszr6+eVL68(Is3n9C{}Ax>&JijKHRzs
z&cuFsxjYOktmXQDY|V{ue~e&_`160R0S??pMkFN#eeR#mC+=4S?+$YPk=6WSzTRF>
zp`PAGevpie_yg>Nx4Z(Hs(e*?0+;Uk`6h9u{}Nb8v!y1_V#6b0dF`6CPJ9<p^GiO@
z82tW^HMm^Z85L-9jOOKCI(vBDDv!+!K2~h$!}!g;BH_+b5aRwDK6Ad=1;M+SXeii<
z?o3yM-c}VTq94Y(zXrPr%u%9>f;Trg79kZL%3LAECQHxLoVr3CR^Aw!c`h5)Wa^hb
zeKNZfs7q*e%HXmnVc<(1{REd`Q1%;Gh%)o5FOV6`e4n?G=OpUX25m|$TC>%45PZKK
zOdtFmU|Jo6a=y#fQH;kPZ~v4`*Y~YMJZ*FyXU@00qgvpZwm>g&DR${`JS3Gqv?sL;
z&k_yOP@ORPZoM4$vZ-(i9A3WSwVvOPEk%^3=+%*WYA{1$)oBbBV5I4DSr9sHKLwE@
zXKxkv0~F#A%yh&u<#$4LMfBVFuS-J}jp$A+3H&Rcwp0#eNAlSPv=<+5-hk2~*R+0>
z^I<)m*~^+g2)SfO6UF(6f9*w5xQ9~SlmC`Ta=^iWaeR=e^!9QwiTH_31Y<LQu`O6@
zRaY6>T0bU1?gZkrI^|S6(RR5c8@7@dT9_xm&&<#td9BPxT-ob_;f=7Gc(ZM;!8M^?
z$lE_!$xky)z7_!_JnYW<ykgN$);F?q1Dy?8xQfO|KxsG_$iT9QOyrWWU=nOId{?bQ
z;HCMa$koOkkBiYWwjOzIH*~)W07}2Ed4t3-(|&Or25**ww;IHwn9CzWqefZkqV87Y
z;o7rr%WSmm&ThQSMD5H*!(1xyKuN|aT;!YnVpCh0ikUVGmCc0vh|I)&LF-sRVoC0M
zbk)DZ%c;Zgu13uW1V_21;knEQsZ<`9O_!O1mKz9acOD7SvlMR=I!)+DQ9r$Bzta(x
zX#lbYyg#s7cSOb~OI-ThS^)Ls-6DRd7f*?nQol_lH1-Uft(VssoR?dZ-YI~r0UHTd
ze(xb(c)S12&v^5Z+Lm$>c7S2w;k_}}9izgGpx(#IQ0an({mk}ncV$)$tA-Sgg!OJ-
zGPLwkH~7iojNmO;qX%&s`=vZuFz!e#WR3un_}L(lvB7|#7PRv#e`qX~3;`(_ErW2q
zn_%-OeEg%z>i$3m4cKMBH9H$MWzgHa0rie2uXUd2`(7t_-ih?@`mw}>x>dN@u@egd
zaw;j!$CQUG?UKrqGLqZQLJ9ZJSms~OvJ-=L;{Y7816G8|X?*rSgmi9wY`_3pLXCaO
zOYbI9vIS`?JKGNi6%NW1C1K4=MqkhllR+N_HmKyGM9y!-tRUR8A|!X|D+y*5;S+<J
z6c?`UKN)~Rlv7);>gpr{G%cS&MY2C^$t4$X^VpJEh%G{4C$nWrEpE+1Zxv&YoR26T
zHk)u;i9G8$lGHdS>@So{juPhBPGxAz^a~MFR9vT&KZ4b6tT>6NUTc1(<{zB!`4K%C
zbaK6*#OU)nP!2&$B5nL*4dixy+1v|D1Jq(lQM#PFB_mxX5a5hZA=X)IFVjTX`Fs(Q
zB(nnzN-Dlu0Y+%pJa(q!@=GhlRgm_11fb{V4H{;-*f8kmB>58vL?;(QCSg96R8;=f
z@}tY?7W;>zI_<=4Dl8H}+-%!cZSu_j_#|}k++rwB^L>S33XKuB0Va0O2;CAvV5z_a
zMkf775Q{+<d01%Q?S^R&Xn1Y)wv-{F*~2i8^Y0SZTmNgt|G);KLUG_W6%I)1ur|yx
zilq)s-Q}2ctgNFAlNjpeK-eH>0fST(m~bJ}A5tORq1YWW=61W$pb<=#n?SlSV!W!O
z7^f%GIAe3}B_k;iK?5BgI*N)j1A~%KMx*r(ahPp5TcQ>kRNXwScesX2)@FN&<Jc@R
z;+Od_y|#|j@}XYmgx>JsHZwVo^>^~Sy))rv754&LvDZrxQE)XJAWritk7j+qEIh?K
z-YjkEsdhd9_q$O;j{vRO1p?L*0YzyvYp`x-n1a;48MHbksgjEMR0RAmxAkRm;&(^P
z7q}rNR?OW6a*XmxcOFY{!{u*dIW5>qlgpXl0VAy6OfSM93<O(#_fKJ!VA+)if{&dB
znQ~B|1{V%c1S#pb$v&h_4x8@z$Kwq6pmS1*?l<6~b#j@>O32y7!6co|SjwvHUTxtd
zwpDEy2jSh{<ESM4maZfF?dhm5U1$~C4t7x*1BT#8Dgj9dc5Q=JP@Ebf!Oo(V8u|1k
zHqO=y)69srA~JDeR<=$U)`2@F(4uu%3#1J$R4CZMHg9i?5-uUOK3k=xMS-*dJ%vbi
z-k@xs%N~4~NXevgw$bJ_IfZBXa}ZGcBfo7bYlX#DX=OerSbH~sND3CM7rb>7u409<
z$OOlXZXL}thG&b|#%#kPzGh>}ZeG{G2h0+rz8_VKNaJufCi5L6q|q~AxZ^q1Z<iMX
zFB*4XH~nYK1mSMPSxhj+xHW@v=E=#7j6;#@792Xw$supRpXanexI3kIue(t?qp=n@
zCyP=@>V5go0G0~Y*{Lx4df|ea#0{up9ng*02X8agn<sDK`fc6M0*@$AEV)H?)3rli
z)#U426-r6U<5dd=^>Gaii(bNOoy(2~4B)-{I9&&e?=J4meQWq*q(C<DDQ0(E$@{OL
z5$Pz!PmTmNPU1gP%&;>SE();2C@Fbw+U*(TH*$lUjqi1_KjbYkoQp*av5wnJe>Eko
z99q<}P0QXUdl_-QPev2LM^A~XLjhp}T9@n$ux!~grCt#Ogh-~A)kXC6g#cI5N#*Oy
zk~O^w2RmDbwrwp4S2%M{uA6CY(KR>!-2y5La@iO#EP(etffUYg1WN>K0WY%^^K)Q>
zSE6XZMO_h+FW8u6N_u)B@+#i4Dc?_L70)8b+QA<>q=ufPF!N&Fu8RS49q|_QdZvk4
zJL&qd`Ry2PG(~Bz3mYFke3a$|@(4I)4dAx90>oG@#R!xS=O?`%v$CPLIrNO|%9dK<
zSN-vQ=`Ru|b0Y}RGf$$<aji1{Py_rO`P+Y}foHMpKh$9TKd3?2|DpzWK-6H~6y{?H
z9==cG;~#3EFSwX?&GR&E+Kv{u$qW7KUQ-mt!zepmz5EUY%N7vFhP-NjNr?Thc_jq~
zxwy+-j<#|O`ns}|QVt{yKradrSzMt#PuR80Se3mZDO497rnGqye<AF)fYwT!l#owN
znHEN5??dP~Lc3g$>+N8N>s$50NC)dCX8l>FvO$H7kQw9_WR-e12bHg-8>6Rpc0QOh
zLD<%y`JtVxcrVPFVP__-VjJQVwk8dDClJv|C?B5&c!`$K@Tw$d??%h3xxH;?R9wia
zxw-9RR$O?@sG36Ml#k1=u&S;7z1~wbHLs{|xCc%HEkuEnz*pm3;2x@`rC-^=9_Uff
zc{~8epVR-l3($DF_kIJ-9%!KVUjyJ)|DF8rS7Y5F4>FXue>q}-VHgE}Wkze%m!(Vu
z@*823G`6Ev&E^HzzQ?BtfU+fgHiZW~eXr*r$ErP)E&<ULjbFL$sc@I>Ilg9+g#;=f
zg`vDX=s$EodQ-H~G7n6<CP=ZvuLYp}t|~{Kr2eTZ+PW6RENs$OB^rY|G(=+@VkMX8
zDp>jQ{oA2qQ05P%cdTL=3FoZSgrg*5v=EA7d}zn1O4<7YyDTb5;WH1(Wi+VYRC1bs
zVLn+JP24<`Z4RPxKo(u~PZ1=BwWubQEfY+#5LQp>!Xt{IE>})R`eQZMh<~Az-HOn%
zKnu>gfMiloYpC-oQ-)ZLd>HI)bq>rwk7VzPhj#U80L=Iv1}TL82-pB5X$vdgh_V_<
zTJhE<mIw37?_!M@rB<new$i$$P|XIvtqc5i4Sp8z*d};Qp%&M;@adi3F6|7e>(YW>
zWzed`R|m&E-^;feYv+C{O<A#%sbLR>fXu21#5gwMg?p|gI1u0F*+)=vmW*%-pvkbq
zBsZ6-KSa)f09Bxb&J~&a$U~>i|5C4ZIKVc*bqi>(5)*MH6&HEK{h5FPuB-+6K2hrb
zNvdTtdATk#2OXnrm9dnV#$3l@4PFI#Q>ZgLw+c!HVCDmz$@$5+UNDfDw8eM3Y@0H+
z)LHnn(A5{j+ibz7-Z=nEV(t0M!=8YbE{j-mv|xPJ>LYn=jmbFKsKb*d`^3^hg5WRx
zm9g<(U9935@s?$gfq^%z-wWnF1zOE{V~@o?q#9>k9(pPDHqZQpVU>Sq9r?kNcU))_
zY5z+apha<yJfY$o4qOU1@NSnC1~D!CR1N%adrz<3>NV5O6$IQVc*sW3jpgQu@Kx{#
zhk^4g>85c{u@ss@#8heb_q*F(cwbu+w1gIlk55c|u{aqEYAi;XPM}T3m$5gAwuT_m
zy9XyF={dA}?=W(*R60FHZQZQyJ6AJiC6gb(D#l}`%hpI)`7Z`@G0NRG@@q6bc(1|&
zMlF>b>iRui6Sj@qp&ohj44-%p8Lq1<$WgzykMj;M`5cyX1$+(nUMOL!7LDzejYPOd
zr;~E!dsFRTqb<(k=3`S8N=Wrd4<#EO?exKl8aDPa;U#Vjgrlj%)N2(6ra}gDKPd*G
zB7q2n4QKy#PG67Poh6yH3XjLc3MZTj8o@ui&R}kuX?&IOExWA_EZ+W73PX(M8*>P=
z)mZ1Wk@?XB6B8D&HM57QS?+D;NIQwE*?)L5w5LDKirAb4p$BmeYZK%7t|C~x4DElz
zo7Mvc#z2RV!T|yTA{7|R&H1~gLZMb2l(@x3)PkD!_w<~IVy5-Bo$FgRdR0v^cHVl;
zKhl6<wBfa(v<K2UblawG*`3{b$hjfakDG1>#n&6CY7u;Pgm{7WX_6$goOA{|`Hm7H
zCQ<R=q!8DE+(;URCx4-~v>#YX7{_gQe0<}r%gJQ$?h8eF6Yk?66nirzD%%VT-Y?0}
zLhyOsK>~8xluW0gSU6D#&dP=*%v|Ct_&77PvzoEZ^aJVuhd#JXRXYI=A5Tj)gUN9~
zhT4gOEs$wdeE8$7@$2#w=x*$iA|Ck~T2&JG7whiP`=jgs0}YDIBe$?8-#`>xj9I!y
zX%U(lza_2dC8$O1Tm%aajw(LJywUy#G{CstTG|SIKw7fnF_Bz*_^feHpF~p2cHI95
z8brT#b)hq7j0JjJLgUBR^$0e3TKIZv*gAB*X`E#M(^RQrx}BsZFwRlkHp-<>s<O(9
zib9);m$+2ris(^;w7-l01f(W_UJ>Q!uG5XP)Amv)HsGfKsK;<HqM#$Egi)><YKkkG
z0QbtrvVXLSNBuvMobG)-kNk55FGn$OpF9w`m-5aPlUbN_fUc}8dc4x*ZQ)4Xf>5NZ
z0LIj>=&8uxNXXN;MBg)*cd#)OV8wH0dOij|s7o^HHyEe^fvg55xts<rUDvvriMFg*
z*aXLNKSuaksoPINT$Fqose^99`DakttIws*u;W_d1fHe78G{S$LzF-!ML~9LpYt5^
zXeztnicy%><z<&pXOxhGY#G?4{lxsd_)u)yaUbC(n=x~G#E>7j;o2Te&Suoay;m3n
z;rP0fIMRwu^<k&gqVTS-w)s7_b;Y9OiVl+gJ6KPjixu$mxWmU);xnJ;8w^xUt!&M<
z%K^#t<Um^BwPhN$j%r8h6}*Tb&!>;f#8%(Ttd*ddvQ3*49K`)N<l<x4NTb<VvIh8k
zGQZ>lin)I$&Dq}$SSo&wAM0UrAc>*Mc^ugWeKzc^Zjk&uR2MA-s{B^u3u@H3l=1|W
zFMz*z%Jn3Lc>6#hmm#VSlMG1NvSo2?zkWdha!Cfa9XMxFp9t1^e|2<e*^gUGf?9>x
z96;cqu4+a(VzwO@@(AXOpYUhv1V^~X&*>p3iG@$Ggy!9&f|Nn|h(+ag5Nazfmu6xq
zM!HZ#Cw(c!1%cDp`g!Py_K={27>CRx)oNnRpD9HR4(IZ%f?fH1tmAq*-hR@tu<381
z5tmSUbnCx~R8h#u^SX&IpdVgWBLZC`a){Vyml=M{P<0cKWyaIr*?fMq#e{os_<t5>
zcV_nrtOj6ZST$GG!<FnbV^ztB-IKmSl26C_vNdXi$gV+52;r=6Q6Zkin4JVaEej77
zCZ7B-q&&%Xnaew28G_bHuF}#r)$^JT;Mf<D`C<sA+X)au^S}3A5gSXIv`edhIXZ40
z^(es5viUIvKGl&->jE8&Z~DlU)S^6SHJ^ZA+aZ#YQJf3(IRha8C!o^G*}6lPd{3)u
zy;yLY23M>N*Ur?fDaCg<7>CvzXmd@41~T@B!lU!0rv@7%W3<(-t%uwy8OK9_<)A+y
zF3HO-a#j}olfRJC8W9t84m>&|X)TJ|lkT@X3qJ9St40qYZGP%%kp!$s(4V4ou%dd$
zZKu{pyK2xo-7y@7nd3Pe^tR#gRx!-%LYaN`7N5dNu1UQ$$G7VX8#W|ad&*4rct`qx
z4I3fqE*XOe+qcrrAP&36!L?K(zl8!UQ-o>to~0}qcw6V^UuTEvT;)ExvAC|+K3)l#
zhi8zGp-_)Yxw#ki@Qxbi?=WOXUfmf*pU0-J2d0}g*wKD;j3~D@7+!AZ*Q{0lW?E^a
z!cLJ1V86g(i1^j>81|#{(q-(9q~XUohvk5O1LxV$Roc@yRxSC|Q|lWDt+zNT>=Ai>
zs&+!3avyrU9<xvXbqKHJ>MF+cSh6*O&S}GWb+M7_`7f_h_YF`mbs<(!ESRYR4Wyr+
zAD9Y;J<6W6S9JmWVpvs80gKJbEpuIV5maSKvM;@4LgzKIfqUc9={lk)?eUm+tEbF-
z`DArNs)Ws}VDrkv3oV#192RM|`nFX|<1oCv<stDI`?d=w*!9J-S?;T0j2_Qv>5<&h
zJJEEeDPuaL=ks*e_k5}FvTSJr3qaKf7&6m+h}R$=K8vK)IH=W2G`y=VXUUhgIDI5X
zk`tjs%%RTg%D&KfRk90XEDzPnrT3QKD#99c+4LMJ)h}SV#NW#31iwGbaS-52HRYx?
zy)E5unKD@%8?ER@xagIh$R(0`;c`##$CR<tFN~`1ZqfgU&sm;iBj?%3V3=q#YjWFM
zb8wz~Q#XFD+^gK=ZQV*0uKM=F$S3*|`b8zqGH+B>t4!V@Os^rPY3{I*NP6Nkij@Ow
zfyz!TUGrW|o)eMY$FQ~9tQh1z`uBI@A(0dtBJ@_1_QQ)X6m5o92Ftec{DwV>RS-#5
z{F7V^T22dP<iAXZe9M=0vT$}Cx+Okqs5LDp?j4E!G(+QS75miQ`}9WcSsuMd8IPyq
zhmI>>^z^;U;MbW)!yVwun{PGiwUhi)<4)obUy*AvLJi4uQ-X1-Byb%R2D@BOC24j{
zizNz;wU{W-GA-^b7E<b8qxkCGOJAyDIX@S*_q8{zao&w%n^}kf_;1oT{_6V3^u0kC
zY=+KG>KZ)P{O)F8!JFplvjl>!A{Hep_1e{u3Eb9x0jw}Y&RuG>wgm|(2=IFuzcJ7-
zdvKFD3?I&wF^f@}<A)ZcC$g+^X6epD+g)9mq7qIT57$cMb%bw-u_Mt#O6eGj%=*{i
zvSz`0o~%%1ghrS(R%&|u9@38$osGw|%0I!DO)O+K72ZTuhIm_c0TR6gAG98X!Aius
z2p@Fp;-QvioK>5XW96q)#zJ^$yp}(r@@w?2Mc64z#Z<MH@7>})QdG(Fnpa#R(DgQq
zUYtTW^mlN=s^9EK-SCf=Dbr3azumM98z^W@i=|3I<jTP9pKb@soIGq*3b-0DS+y)J
zEd*W}w4DEhXS^cTDs9ocuH*g)OU>2n3gG%XUVLrZEC$MI|A=bK5Y!zR8Tr*^791E`
z{g-J!Y$7$lli9xvVDP9qh+dD6I1?8&=+uC@1@Ov{f&2z(gTWdmYHIx|mA~8x4T_<N
zoOU=r<)>$bICk*Ki$-~vy?E@ezvGAz;m2zID$VjJZ{_jcml&+~D+iZWQL|E4Yd(h3
zt<^9m6bSyQOk!}OiKW;fTG<!WANnf7?)vq$=OV*j&W%{I+rF@#aI*6qRofY0&2mKc
z1T?@2WoOqd(seS#+zciP&vVmi#BZ=9jS+;x@K!XABafO=**J3aTA4jIBEdF+?L`d$
zg5mOKaKyi>^*&`t_~jJ#0{r2<!{i?PrG!0U-04bApBvBp4SjV497R)UjnwzT%+!4f
zgKFU!5(Vmf+njZB;&qr@aF=yPjtO-eruwALLmm{_7;__od2G9Vsm{G&jaHF%TY_Jw
zAvVkxfg+ovL1f;3Hi61VjcIFuBGYbXRJ?L}Wli3f{YSk%X*&st21ad>jONfBmPXfa
z(1cvmJdmrzvj~y)O&LcMcG;MD)p4OV-Qro#v>=6b+RMwkf7+|0U;3_O^|D)YrQ6Cv
zw`f;sn^7EAy1})2KD$QZEyJ477?zdMYM;WIR`xio^)K_Zo&9eHnDZ;<e+~S#K2rP*
zmy(qIYj_utI}pSZ-a!bgfu=~&r;oLUb6OK(Xt1+ia?9ON%6{yO60xqO>j2Vy&+TT`
zNA%vN`>ots;7@u-mQU&iRym3ZQQ;SyW>LwN3WI%yf#sauBW>wdd@(D<^54`52K|jl
zpX|%YumCcanfG{jIz@WB)G)`N9(a;^OT9P7wvLJI%;k9hX`a#-5m?IcjNdu`4b&;P
zf~m9=1X0gy*bg8RiILfM0-7AIde+F%mYLm<J=Ngu)5zA8A>WMWy*x!i<~q-PFzOe#
zmIAAvpCEu&JbO|+gRrJ-E%Md4Z}<g5V$$joQ{VVD+Rf5qT&{4(`sj7=FT5ZjAvKe9
zMY=YlX_h!~{nakt$(RX|E6{(!F#3p=bj=0uUrs>aojY@FDjR$IBFEFsQdJVLVitBo
zb|LvjuO#POKM7paEEFNhzV#L%z04FLJqRQU2vPVN*n9z-d8nsSq?eTYx*RAvlBIJO
zkJiQIzb+9dYr{MQkh<`I&j=;?@aA9n!KYnWh_+awsRIU83x*Rzv%*eQ3;83!-ZOe3
ze_&{KYlT@poB+6>gnRif@`=&u*~g*F>FHUKiLCVS6)QE6=qfUamm0&~=#d&rON#cT
z!BO||wpDT4<`S!oAKyb(;csh_fA4#rrT|LLz?8oi==!{XX3lG@*qU#k3k!Xa6@7xI
z7h1aS{>Wa@{?nSu7nTuov?QrPh$Qe`mmrvi#o*Qc#P?F#7i<LDF^(Y~EsW*bH-cz_
zkMog@q*z!l-<tLkgu$y!HiyLcHr)q%nzDiNWd*T9F*_@=F<#eYv&UCc{<tAlFxPl3
z9j@$&!_LjQeC?ThB_D96P@R}_YaNu<UX6ouuxrJBpZ|AOybpCzFsrnH{Y2YnAiI>%
zaogrEfqfGKp3Bx%E})i9hPEq({L2!#t=)H90iY0Jq}j3Dw%85085ZGLwt(s4yg{rz
zxEGwx?O&0jiQ}%5SB9h$&S7OyRDPGfU7AYOpggn^#!!$opAsy>IlZq$BYoDL%dJSr
zF3}*c(%Gy^r=-RqgPZF<Z!x}_T{IXnhYJa$=~{5ezP8fr3?$=s|JxgD#S@%<m8_rX
zPuaC;FsUe|xwnRMMqXivU;qcNB2#(Y8`fNQ0a_1@XdsM8pKXna>?4T|hZr2@UUIh<
zsMTuRm1vDwK|^J)={c}=iS{dox8ul*zkz~zv`Jlo35uReF!lOpm%p(50{U(5lz3eg
zOXuTa)@+b}_;CW7)0DWE2u;qXtNl<)F>N`!86x8@=6V`!JHs#YxNp4))T?}+hgU+!
zJi5~)-@Eu~&Tiski0e;pxKOG+I~P7NW*|B3t>=5{A*O-Rdc_gL?kOq0a>qY-Cg*)?
zA)D8<e@Hcumb><fSM%{-Ry;B{K#BiAU+!|XlEA3h42K$tI8NDP>k1JfeVWz8#X;35
zlap7_AWOoJA>I=zM6)$w(`&7fGsR{U?v~VJ=^XMSGWOuMw}spGy=eY8798B(Jggvh
zcG14R#cA!kP4Hg@WRF?hL|p5dGZ`KhzuMW!_!iEcA^UOv!NgHO47X-EsAOExofXA~
z{oJ#T5M<HbH;_xPvuyV?D<UTJtF~nOU_iXem)vasF&$v}kcvvmJH)iU(-dN<n{1Ck
zYtA5R<p4oP-%nrXIhhhV#W}ifbVN1TD2TV|$$QXaV-<PVs>4t~CN)WZ;`Kh8iFnMI
z)7HZo-rY1V)Jr2z^%bN+O_s@(yw*XiIT(aA-?_d%qyeV8;5Z`a`fZtWrtm6ffcAZ@
zlJ+Fr!6geFE}V+WGMhs21dvR-AHV?Te*X3gwHMJcXSqK_Y(5JvMBiUH=TgRNC|zjo
zUcVtKSKpJ%mUmsx0keuhBbC3e(C&!UKhiCQh_5f79Jd9$4ljAIJo=D%Ny6#p((mXs
zAu{FAO`J3HQi%lbvIHeD<3%|Zw`t=gc_+ptRx90UILuPN1QZ&o$j*GJ5E|+IB_${O
zWOQ7^pzQ;v`ds!@w9mk-uD8^#Y}g8R+99~R9)Ay>ch+ox3(xz{hS#{Bcl+FQ8%}Gz
zxM0TiA^)@@Y@cFvm;>M++_utUbG5<4C>_$}OQ?)s<$a%`y<t%WP`>T9nS)R}Q%|`)
zyVy&9H&JxB1y2kR&RFt2trtWh$Q}dX$H^n)@J|G7Z>g4K5z>fC&e!W0vfrfiKH!Yq
z9kjn-z0Hi=afvzQoU!j0A#T-RIAZ?=Z}_tB4ZGIO7-0viOd3?nwaET-83a1%(=#$o
zMO&iwD^2!S&>Sl492rjGk!%AmKjn#oi4EUWN*dQ!K`KvcysmENrKKdW)c6Ffm2?uF
zv8rn_^<Al>fxq_x*P*(N0{II%fMsgAD`N2C;bs46d&K(0eYgHB<Jo%#HR;p9zo(PW
z|2w<rP6rs{WhwIegHLP9#caABYes$j^Aj%GBhJvn`Z)mgo`&dR;;BfU5jA60HVVTl
z9EYGxbt|g1K5fAHj#J{4-gS(L-SZxaN)aM&zl#k3EmE!7Oa{|5vbM=zLO(SK@Xea}
zVlo&)VxbN<id`d9(mAm`N9%zGm&PW60J$eus=^<~caZCtmE?Vuo=B+iB3NS%O86_<
zh<vL1bOk$^&fq!!fVj^puHYMSyhae%CL9_a@rk4tYQ|+Q(r{<?;&zR{ti7E;ZeyC?
zAh&ZG7S3Vj`(q;B<>BE3sJfUl{rPcl9m_f5U;XvI{C>Uoe%<uE)AqbG{?)<rd43x&
zXGO>iCpvGD`KW7$kz#Qh@2_5EL>Xdjo_yJZgzTNon5n24jfsL;iht!trDdy*3@XCX
zrj0Nbs*9{uGJ34iErx>QFrROH_NjZKm39tK2eO{Ge~i^xGXs`V|32jU`OH7;dbPUt
z!Sovt>Mr4--O*JAny76b3o0;rzB6yML4B$Yh0D#SdU&y<|FAj8&Ly4w_o4(?9C&E6
z8-|9p*~;KY8=&|jwy9g-71}%3Uxm=H;Yi6a4mU;RjFQt3P<C5~$-CUgpnl(0mp~n2
zXrwSOgWhkDI}^ew&W?h|^hDKXM4XO{GkExw_Cc8Vb?|feOZW_a##wvb@FLi8`6p`6
zh0aCQR$-;>23cA-+&$hx6}(}FX0NvSr$}yJ3*k2WU0oSWxOT|xYkIiGOP?C;)25Tw
zM>%9X!a9{B_H;8pThdR|xgdj{Zu$d+EZ~x{a8BOykIQgQv!xVS%JaN-dtc$>@7NhJ
zqg?F~I536o;6}Rz`#WZj(c3HF+DUhIthFT7OCI)ZjNIXW-uSKhV7^TpLc0%st#rm6
zkzvdw*D^%d1>0P|v3KqfUxh;~jlBg$K427D4vYH;jqfz~xb&5BcO7^p>v$JU^$>0@
z?-q6z<0rIYEjf*iL!F3FH0F(^!I!5#fpJEcP}Pef&(6EqIWR%c+G-s^=-|E{r=S#D
zmP=`m7t{usfB#N|l~E0eJMnjG$HIv|bpl1p;41NQh$fwZlgt!{APJS!dGSg>2x0%l
z`oI=2<~Gu~zQ`9Yj-BO;4>jZ~R|FE>j;9{9k(OM1A;@4dIr(!phs*qE2pej9<C4)k
zoYw}Vo);DPhw-;^8i$*3T$Yg!FurNP#|GkZAl-0hqGe1-3+2TAegqBWi(C!w6Lw^N
z3t7x<H3U5-p3<fa@tOLzJfW)oYw}xYJ)XMV&3kw*J;QKK;(LKUC4)eNYf!l-qk!TR
zuwMBH9)v(|hAKpk^RPWK-Q~oIKL?!#ScyVZAG@$2+MjJ4{jO=p=vEtDl;gnu1oA?j
zBn4q{X{T;&>x8OuP3CZgpnOgw*G4D^68tIhne-~JlLlMgUU$P0?cX}KZ3~WeVZBbH
zf6kSVz7r47{oJYR9JTQOP}nGa#}$c9BBblbhlq%>oRa_Q?-t!<s5qZ7XL#u!USEt4
zm@R-JT#`YXQ@;iLaZu6MI{4<4(_YBY3q7l;(*N%23I0x#OaUT{Jv|9A^HA&VYr&Xl
z=_|?JW9WY(J+Tz;^<5VmG-R~B#0BWulC@#pHT#dMqNvR(zY@AtT>yR)<OtY=y__9S
zv{JV*{aMZkeQ=#xxMoDe0M%rQ0KCU0`&brsdB1;|k~NBRzNq%hqafMNff>%pc-hav
zu}P&V??i)?^Sl0R{q^+l4(H_M7e+MAyXx2n7a57CFD;Zx#MyXA)UTiI=YRY6;b>w7
z3oEzV6Yw+FX8vdKTQAaqq%1|^qe=ahFGZrOy-u7-J%e-`ez2Tt?DfhMTt)-BM?Co=
zg2s(vXpu=J=;lDSykEeIFJdHkfG`6KO^w1upbmnb>~Ubc=Y37J(Q?p@%yQB%BAsZw
z{K-{IZlj2oPsUEfQI?TS4XmqQm+#~4LeE~NdYyi+dymEL&T=cuF1EntDZ=l5MIHM$
zzX~ZnMXEi6&El?G*?PbR1r1mFFfSxLy<&12*!vQuH12MleKbXrV=^Pyc3=@Phebq=
zQ5@I|x;G!hv**8V==(LF%Ej%jBIQ#fK(=n=^B(U&&arO91%3OOd&&9)+}jg&KGXTI
z2`(Ia8WR~XeBaS3grz>rEBlj#p@cHjh(MG|I&9yD1|fX7ta|OUl1TR3Ia#edXFpkO
zf|S9QFGZlMLm8U)x*tX0lE0sEC$+qRX>oVUXa?K<cj2Ag<_p|}CB>Spj@j{0BPq4|
zU)K6UWYV1*XBZm0>h(t}zDk&_>Wa!S8%irS_p_EG(&@Q#RX-c1Myn>aGHb1UnETxa
zu_^3#4llh|KjgN%x0}CH|A5fb-x9aWEM?!>S-*jL$n10ZQ#{X(dilwv?{KJQGQ3(W
zx7YwRB`!pYgi@YL>~gKj62T1U&EsOM@N+b*P4yMmlqtfX8;(*S3alqETR$s-<CNnB
zCK?ixvtDv?+k(kN5U9cjPhV!_B4^aifBgBS?$#h9ZWYcYv@m>qK#3f^-UpwFI>^py
z^Z7tlm_ZFFVt3T}dPCyv$i0~XghuXPvB6>(gtw`mMeVKa-vp-WxSrMaR;3gf94V)8
zYbiQI7dzCcUm%|QI@iJKnGr&?y){#5rYjEB7%0_jk8Zr}%%(VH(E@q4y7``P<o!yG
zVmke=hJtk4UA*Bl{}w!G#VvZW$H`$T?;!}m-DpG&EclgJ)+#PDN3%oGMV*ysj6jWU
zn4W|bmWT1m8(QlMp!!4ivf1IaYV{7}PEcavf?}eg0KoQ!Jr9%l2N4#tavm1*qY$If
zC#yS$$OFkvB``^?^V#;$+pKI7zdEA&iD#d`0iF5bj8veCV=&UMO}4TM_7uUk<ONd@
zG&@FrMWk`<w5f!slEp!KiyZQ1$z!JzOG}S?gsQ?7!S_%%B%Et6nO_0`1OI|8FV9}I
z0=S)s(1I`CL+ON(kllxBu3*tdb<;?a#i`4g#W)hN3^%ncD(2Oj7lSf25(7DbwJ+G~
zoka=t30OFm1()sJK$Qoii&EIf{F111n5S#&@YIrSU08NIMuhs_Nac@iw!cOoWdYj8
zSE;NHfvH@~nPhIZ0r4b%_&}{bn_#6Co7M^U9P^8ISba3;ug)-dQLOS5ID&m799KZE
zB~a0X_j}xK1hL-oBuHF`QwbQ~6L!?}RqMPVFC8jKr>=gGDMVC4#d0TGo4*{QhC}_C
zXZWTHpV(u!ZK6{Lqfq@?=0F1>Xiq(RVJ-MIoo;PInMXgalUgAfWU?LKZ|*H*ORhgn
zYQGnLrJ9?Q8EZEvXRq3r7wUz?V7JgsK&us@Qq!uDOx&bDoc%Uru2&FT{{kL_?@I}L
zR#o)sxqNWVZG)x04?OLHIg@g1c9>L*3uQNqq|q8V?t+O1NrQd=a(xZ%-4mD2@6S^D
zsG(yd_;Ef^+KsK?lYB6^A}PP#9t2I0kx~+vG4zpYTs!x;`L^smD!@jnMwvHlPzabx
zPd<e4^)-Luo;m~T+;H($;D#%9Z%r>YRA`$BmrC!&|69Xqp9z%`U~r(L3L<u#82^Tb
zZMm>GWNs|MI?>+zO=#TOyv5uzpVKavP|ug|#lyk1vzm@0EJ&eQLC@=;_ip14&&$#B
z;L;2H72GI)>Dc=IL~jyC`k;zfxSFjG+6-|?3~z-787F1uD3{Ebk+HwHY(z;x(PDOj
z7Z`~ngNk@ULi%|nzxj+?=?I#h|5vB^UHi~d!k##OMz_ZI4^4m^m<>q81K)`@x8YZ<
z)+&Ry%VqLf7fhHfpOl2>&QYrxHuyHUwSFQ`i38XwXcpJIlRs>ap3Vn|R1O=2P%X_2
zr1b!sG0VAY+trfnBmq72R1|wtvEMAFIa(iRK<^mspIOA0zNcNbi9>^wHi!ixS}W%Z
z#>^lQU6h=YWJo{jtJo0O&Lif~&bT7F%)0XL68uyRHkRDmCOnM4*5s6#`a>8vk85~=
znaSyI%Nt1j$GB>Qh^ut1E5dh`&v9!4)qa>P+3pv=4SQg}|8|C<!>E{eu?DyFG4pit
znzCuak@StX^G!!(Kv%%Y7d@%+d<xR#B+?CQNc*O&IgxIJ$mXG1vsPl>2IbWt1B-Xf
zkw>fmtZ@flPmYoK+*KykKo#6iXO_-an+Ei&JeNVb@O`re{CylhRt|Ev1pVB7e1KWX
zoc2B4eEtAZ!OvGHrK6RXKe=&!27mmc$$+}&D*}O?>|460>2&5?L0Dp`{2o5Gxfghy
z8aHup%Mv4Z#7TDr^V^q;E$CVl_EVsEf0t~%>6~azqo&S=%@Bfp<}dvb@V~hy%X?q0
zY+4g$2{klr&<(Fl+npb!bcdL{P!##EEVhxba7yRW%Wu~H708aUKB@bLR>_ZM@ZQg}
ze=!}At80$OIDlUWY3KQ8Nn3_A@}_fCs5GRD-<btP)A(5K4_a07z<<(}L%XeyoOyJ?
z1XJqgFFH+Rwhc?S=%2v<B!1g|X0J`CZk?}EZH6bnuw0H|=}d}ovABLSP0lwnJ^w}m
zoxC&*yuCR-10NKPDy!Pk);J&!LlhFk2x`?C4ic-{>MX$V+-jUH9J4I^mJ#eMf|(3~
z74!oBL8$NnHG!BfmtW2Rc`~(?<pbfMy{jHZsz@Cs{#G-|A>|TQcv-)OR7>%o@*J?;
zR9!KZ$=>MHH;%(IcDqff{8Hw3DsYXhMNnf9TR@8}h1LMP&V_=4)IN;X-MGlWgWvkQ
zPBC-x^V9GXJw>*5gW<33st)tup(7C^YlW)fr8huu=BGcG_xsz{(O<l~;bHMrZt3`M
zi@!T*i-I;&bzy5vPnJ1@`=}@+K@M2LltA$gdl*caVBu;t*kLRY7$k@!D!FUlxc5kg
zd|Wn>9IPBVcL)1n3blH2r@L(rhT^4ZhVt#;r^76H!*;Y|g^x-dOK}i}zu?h@p-4+M
zTM0qxG4(`ekXrA(7v2Ae88||Tr_QCpaIi?$6@`5p>=yVzn9YP%g5F3ya<D@+Vk|9u
zpGyr<{ii_%c6~6X1f9(Tc%HEAmxYcq@0We)v`d#VKoI;Y`FHeqn<1-xa&<%1q<mt7
zsk-?X_E-o>XELO4;X^a)4@pPnZJfE10AlYHlObCt_k*(7@?57dMxExveXUI6Im-tF
zl(uQ0W$|W?s={b)pcgf?U$!H(@Ylf&_@oX~?YbUpQsWqlBwN5xN3Th6?3hy?^lHrn
z3>n*i3zdzjynJL?ebvcj4Lg%NvZ~GE<Ja;7QHht00dM1D`!w<|7{{GY@WdW`pP^;V
z3-yWg)15`+gTpQ;=Bv_c{YTTdVJP2RL>H(Iy|0257a>e>W}!9JJ~R=8^Ewpepfs40
zSZD(`3%q{L!Mw>4j)T^dZ0t57BDBVmgLZ1P;QMbWtvvdJa-lKUFsm+vbV+SmzpniF
zr^p+^bVA`A%N*vX>~!x*RQ1zD1|xNsUx9LSng^r*H_E{zn%?9?p6*4--U-+p>#Gr0
zh><gFqW&I+AUcXpA>0OxbL8n}urnu3hoFF6;HM!N;R)Z#=VK^O2EZXs1g*OL5|FR7
z9LVMFDc_^EcLnPRVAgwq8>AGGHj<vN7%ZrlPE~DC>vc-`M?M+8Y|fUEpqi0Fv^oe_
zaG@3CE=`_U_T;uApAqUpi~a?wppOQ#HhW_kE{p>G+O+Ji|3BPOy>GOnGx$FMl|X90
z-v7d?tv+!>mn&jc;f7`mVWX%Z3`3ZEh|1;8ZFxd&*HSU7L)zS%gKM@qIBA`b9*XAW
zGjY(w)wT|0eNRDp)dBo=FyFagduRu)-TOv6kCU){0WMN*JNV+Y7sB~POJ1vs<^m}j
z`Hn(%#~?d|yCG4|DvE76u7m8($3iyWeiVi|+I&r;jwb9ahO@ficcxV12Zc;`UUol~
za#2gZ7J&&H>6qcGjuy;zFvB|O@cK4k^AJuhFm^u0tu|=xsc!%XS!P02C2M4mzE%#E
z)l54m0%U{2XmPHcfKxJ6NTK+GXI$4NkV+XnR~pIchNr!0%Ji13e&R*J(*AK{^tmB=
z<sp%6Xr9eiKXuI~RFH)WYQfg@hT|>xMQVhZgld+40gL29xl5MI8^{sGG(dLOHTazV
zLzXV4+l?}*l$Lp&4}z*WaNxPk-7i@p^PGvaQ(?FM9^5Vs^KPB1E5e1+jHVs&x|7N=
zsT`Ba;Xjkg(fdp)2bolkvHhD=j!EU%v&wNMG%IhqTqreY>+hfLj-#!KI3hkynqo<%
z`3<YHceb!-e*aW;fzNn}&QE`K`N_wdCRh3R*8A_&`|q{)-?{hS%Ky7M{_F8>O7l>b
zBlP~flv*aT>)7okt`_cPvvUPoNzJKd9%}@WAd_mAWnG&DJ+3G~G~`rO6tdKag5pW&
z+}s~2W=<A0#zzO)BLI8LrGi71F{-rvpk(Q>Q_3o#m_G3vsFb<#I=8bcU~co55hklf
zSJ{QI{qy{3hv?kP;M?BMi`HVar4u(zHB3yv{az=QnMKK&E_tHn<f5M9`na<f<O_23
zzF^`lzIDm&^was%`Lix{hjhIBZ2olq^ve9u^a%#B^*2ZO%d0LAX&;2|jBHWue5b4b
zF)u>j1FhEm?)9Jb+%n_*XO`5CHjL-#lIKiTp;Y7sm`brkiWJW1E#;b2Li4OXoi5#)
zXx{AxmsN-8`PnfqFdl@M7Md8gw9ERBctb0iGtcMN2}HPM$-pb>#NzR(HAMv<P#r+Q
zx6w0$=k#2rYEE9$WbJ(Prk4PaW<S5sRI_E3T`=uw{DcBDqs*#KudW$MO0IBzW`D8&
zYySG5S9puN@tdo<)#WElCqCl3o#Q7hA{|ZIiS(hmh5&<lIpRGJ6vSU~y?H5xW_Q7i
z{r1~rEwfaSLZ-8f-GG{pzZ0r;$rk{C&<$9a$UK+A3vyCSYcA?cbRTHL%#XWI&SkpQ
ziLpN3rTV&*RZrf*7RWrpc+d>4SPRdQA#|d}AB#yRZ;&$(K(dhOoLtD9*^LOxqYxAa
z2K!C5U>U?F^-;u}dk|M|4Pm2nOAAEeh=Qfp{A|(Dm}$6A>i;OnGu+|w76QD!K6_Og
z-^{mPUBI-F=lGUldc{++025;mO{3%=33dz7VKtDR+wr!Wu8q2*wxQ!5qQA%X3s&YF
zA%+*+p2zne4pRiMC~s%w?QAxiwM3Ubg~yw5=#7w?<T7<pDa{NUk-uqJ5xMLW<i*C0
zZ*KJW+N4_}j9C~Lo9+(@H(*|rYCeGB#TB{bB9*s&0B~XW>=5#hJsmG$gPqHaCq34!
zwglGkSq<q?+jr#>H*UWw-Z$0Glxz3Qf-Plf{>N-o#J%W?w6Y*<=Q5r9D15Na(xI9|
z0#55J!sXPrtx*<qQ{@UzxUL^<?UG}V=%K+iz3E$8AqiV9SptA3tXQ+0l{9O2N>$04
zQ1!yz-zU}tpVOjOp%f_^W>Q`{D_bMLl7si+gOvI$SD+*x!21WM*)83ugFeH{*%A(j
z2XN%RXmIle_IwZ3zLVhZ`61Y$UVBAZiPLC~Z#au#d|I0CY+)Q-Zm=|t^C#4IR#D1?
z_2XoGYt*CC2#|SmfpN=?=HxBi5Sl6J#?Hm|{W>?ZJ-}SKAPcG2JJ+&V#@&n3Gwk)z
zbZgqt7pN$pj9Qqm)aa2mNRR3;zTtgXpug~s#Oq*dypwPSA~wg_E~rei6~GK?_6!J^
zLW)@_dpCQfSc%qP0Cw8BfNTIeUc5Y~D@LexJE`v$lP&il*CdtTTdlkG?b$2xlpL9U
z9m5t`QVz)2O4G6ztGP8wzI24=^|eZ5NtQHI?8GoJ;89Hgeh*c5>DLtmqEEvBMC!dy
zL$mMuDThwOkj1V)z87}jw~F<+V0H_3?Tt6R^5ko91GmmT?zx<43K?(6v)l{4aC7l1
z*tb>#*I48VcC^~Jvm^M~BVA;V#LpCa!$o!X9yUyjBN-Ih*YFWmZMf4`Z9u&ywR(+@
zJlro8cw6LTYcsk_5Y9bC_+&;XDXB<h-a~S`XJ&l>D%@M2=@Na|B^q{cgJK_9Mehw5
z0l2D{4y^*{>fX|qhn#W#-s$)M#ULijq13H5BDTzI;SSe%^YO3PcX%bP@0XimtMBIH
zU$O61@0GUGcXRu-`wrL9uhsW}Cswf}k$G`m%4Kg>;BJ{6{K%#yxhvNhW!lyu-H%ug
zW}|y@fnGW6VZ1>mG+Rrh2j^pFPPRYu;2ObS1AhxAP=PHC-nB&^g-jVyYguKfnF~}!
zt>+Eiv#|;TG!18NDhl~@wIsK)yq-gTAm;y>K{1gIM-~)RuTN}r%nftq%xe_)50ziQ
z$n6u`-2tMm{y@_kxXG4y?ztidZ`>Ro*mvH&zZ@RAt656L#wP6<V!sp%JHVdT8v(ro
z*IcC5DHAy}HS{YAFimI?9zAf|eH5gg9x`k8+yL38L`BS=`+(w(m9YoN&U)k|XDo0V
zcdLN`ir)&@P^PalqmS)Ua5K|i>nFIf!?7?3Tz)U^>RH*rWD_IAp4Pr8SJJ4FU9nD1
z3GQrAhs+H3D|v0{@&s1fM$XhZ-R{>zBgXNZmK*Z**{dPjva=H&@ns_%9%BFrx)O2*
zg}m0hP~l=ITN*iNYA#>0;%UDo*e?dRBzGabaG_S2DCb@?9AbpHIyA<<(F}}zXpGQL
z#LPx(D!*YTgxxSfc;Ddlnr$$;TN-5`$*R<Kjbr7SUsMeojA@H0j~T8lFdR&#HY(A5
zfn;rOAifD+K+i>7yMt3l3u7;amldQND7XY3oJurNEso03w#4N4WuLDIAggOLS4Jz5
ztfNJ!0rhS_i`g-kwa<i-YgP)Dk%E>qXBy-52P*_UPWc^xueYQvPTA0f79Uz0-Hq?S
zz_b5;JgAz^Y|sSoz;I5xrN-HDzQ>Q;4U^Ok_5Ij#oB(AGCkR3QMHpvrbE26otu$x|
z?6bZMFp#hzaMx%Hyr7rnXj4mO^w;|;Q>$Fjm!;{L<}|w~SQ05ZfBp92wEZFQC0o>r
z!S95o)*m?}JF~@F%4>4uz(Q7BudBs8k-3K(GE;n|p4dG)GrjI(zXYVJtgcyS3&Yms
z>7Zjt-E){u8-lYKM6$5owg(OD3YO|YI?L`d45L~EmcrG8^=p^8{tpasdsfh7@SuTN
zh1-Zpk)!#0^94!G9hAdT@}+<Lt!6PWmIZ4ZV~2(&u|)kqCvuu)$mGvudgx)P4&@+#
zKEI|ntcgXd#lBYWkvAM+K3u=hMw-%8X2yXsB{{z{J@e^#HXA4pBE`)6d1zhh50B^M
ztWhsc%&ht?m@QLQFfai>ykq)Sme--#@NMBnWhtxRt{H}(sa;efjsdu;>?ei~ySu5=
zbu}=eepTkxR(M$3g*9w68g_1Vc@$!T&YI_bH(MYx=svgGBUwQQezY08r%56!p(9G^
zUhI6(#Vp%zb@bR;RK5M>1)M^xXwN8m!ejls<GtbLAXS&4tlH_-9fJxcTnDjpI*7XO
zee9eGGpE0+Qv&Ohz`FZP39P-(l)y@+1lF<rn-W;31lIi}uy(@6gfcWQT3-zS<#=*i
z#~|+wloKPgjRndXfW_%(<vu_;ZCIQRqW1#IX~W`liN<4ra<*V`I!KNM%ISf{>7YCY
zD5nD!r@OCXfO2+Vak@09u|PR-usB_vpMY{Yx;p6@lb*5rOnOG|GwB&*(lf^PZ_+a+
zJ!5}*#+sIC5c$Qg-rmBQfUnKkq+Ho#d53r3F(@gtoLgbbFbkegbw%<j(;U6~i;a`h
zf$){PKDE>|vnBMq=q@qn#wKTjUeN@|sDx%v_e$Oh*W)@xx@7Q|4x->!F+DcYs4W;`
z#6Bt#Ba(1kGsB#Uie}k{fY3T8XTo$ub)Tr74q$VPL(Hm$y@Yqn9^;~NsqplM@{BGz
z&lLdR)K0{@uXA!K$v-PrZpbQ=3)9mRka{oIR7gb>Pgz3C9*hI~lKGySMK3`(*Nohj
zT(i2E7$pf4x}=#G*85SA3p2LviQuZqoO6Mw*17I9ma9*nXquX%{OQw`(_C|=>8uZy
z)o8fqvT;wCW4o;sgEsi-69grFLZXH|d}{Q@PWjNscY3xf^?NaGzkl9yTDzm!l$Ir3
z1zk+|RvlUet8D+aiwQK=`;lT9qPMaV`l4E#Q@xJKmw#1jZ!d_#&q$?Ampb$~N|u$b
z%D(%cWErE14W>u;`*=YddBtNg5D#D5cfW(I^b6Dy@o>4B+=5;i2r=>kjCe<4l)Paj
zxvDeattA5U;a_Hy=a(!mjQVobn~ylI`i<QaPp}E~<Ud^EeD}PDHJ+TMyc?RSYi{vv
zUtzcfb!SsB6p(Sp;%fr}nhW%%$u&kVrMv`XX@j?GorkW-!GR64&lwd%BCK<-+IaWF
z!y2E(_Q%VLaQ3gDBza^>92>^?mgUgHhpky)$w-`-tN2gs4bS;Nc`Pb6@0a~Q&mw|w
z{r3WM)!ry|_u4l+1vDbCYsiFVZo>>LfD_bh^tjP;?D?*-OCWoR|HMe<8l;&TQdvPE
zPoOZHp_;?8)|=!KMAbW<SGnbOQrLF}Xxfueckb3@GJxdE1(3t|2!}HWT*%GS&|#_L
zDIi+TNvf*KK_JH7!`LBctsOo&q;J(QKU+sm@XSARjY%U5^c2jcHg5hGI3^xq*~j1g
zJZsR#jy}%eKfXBr>+#R-AHO?3K05m0o3~$Ip1=N)AOHM=sPb$4*Uv{ku-89E5;;Ep
z>n@I&ds?D77kVbk86KP$5au*q6Ce%HO4RM=UVixX2g*NafeWUo)2;-${*xll=FgwO
zPW<}R{OQ^J*&pWQD_N3E-m=<?tNKD=0nEV&+z>{O1fTsG?${cBkqNrUTou2snP4SP
zwno=OeaWbiM97M2cJFOi&-$#sYggEb+0IY*y?i?ah1g8A@4Yx>v%IJpfk}pnbVf5N
z7&-s$<*@M%Tm@inZ-9$zHll>JMmB(aw`*q&GXs_{806#l7+rut<TQZu?_Qn|K4)|H
zuRdprd!TAv#x#t2g+=gS6V>S%(0xBJD~{^bU(ApJ0B`mei)e(HdNxY=YU{6fu?-N#
zB5_V<yE>QYg;9NR`qY)RF+hwVB$b2_Nr($jFPY&LZp@HViQ1Ks)&&5Vxo~fzg970J
znvhWm^K=CG1$Q(rGIm0=lq8d4h3KlM0v%N5OyZpCKJ+Q#Lerrai1mV9*@k+<@q8hq
z{=#kNKu6t&Mk&3KJSCL^W27LJKwm*xLvU?K&XtkchwP3Qjv3X{sW75-k;&wmr50Ti
zTx@j<=ij{?-uqTH!W;s?#4?J*%;C$K3FHbcSnaXrp*>p9*-5>v*Ax@Aixh~$L7>7O
zu^}+sdXZ#3YQq5Qf1oFFPTm>4H_JB20<73R9GkpgM6iS@MaxZH;UlLTJH%y`VO~OQ
zRe@|~rOPVO!@@Wvi&9=QL6WRenw79CJ-jrSb(+o)G7UnWEePR|802_UPE*)1-_)0b
zn;kRLbg5ZsMq;LX!Fn^V2*$<NW~vWXemy~Jl1<JKJR3-DjjJu|VuOb*=B-=fZDZ3!
zkCn16Hz75(Y5(S|2Dl}`RZe8VTUe-uCzzFm@q;-HvJ!2gHkMTlkcAXZ8{FP@82<x9
z9IWdhu6lBGJyA87$g(q!pmEp~CUlrP#&m83AElYl-!*r8sO0V?hMM!TF_3ZPrneHf
zh1(Mypol50OgDIz_8u~<%}N?pajFwif=gq8K|6<N7fwlAZ`j<J!^4g(piBr&3^#cz
z)9|a?(y;ewW6VdSRs~umz7V8JNDeeSct^_%*YxK8GG<XvrIRH813NT>=4Q{rW%VPR
zX84S%z8`j=xyNuI6a~kwP4i`wyXH%@c)(&x^`lk&1^J>SqF6Ci&_b<^-~l{<94Y&U
zxm|?$^`Bsc+OH2~i@E2E9f|0u^K2Z)c#83<<#DvcQ$ydVxD-|TQf3(|VWMo}am>Q6
z{ge!_=VR#1N#lcX%7b9H5fq(tg^;46Gi|QjVgym_)0}+2wx*F&vB61v<!uyCvx}g~
ztrlsnUvInBeRa2sWwn7g2YebjAJ`K8hOIyCP>-Nlx9|57uF@9id7T3hH})0+s*6|f
z5-GUy?AviWX{$$#o6Da?@0}idzyHKv1O#k%d;lkP`)Nlnou47bg*8bc<b%7pT|ikB
zU1DK<YY`i#*KeT>KO0H4eR96xBCVZ}H4H_`Ogq^7kYwSWuiB6~YhI?af<lt|reNyC
z?|CFiXPAxa!l>Ja0Hn@6Rv0GC8Jw+8q7D><6^kC6Ti3@JT?pWyd3K==wi3@iyU~RL
zYno>Us~qv#0K&m`Cxe1MK4StXwx1UNyT8n1n5R4GxTID<F@k!;vRK2MB!w)h%)#*1
zaP@i(9X-K3=sKt@{&I)v1|TEbC@`zR0~cv}N@A||y7`82ks|?x6-qa5aIp0#7ZFV$
zky?82O#+?^*9k5>gojqoa*e>Qsw82oHnlnK(q`C^+pme0SJDM?WLaajvP&vK223}C
zhIb`t3y-@n@-}u4v7RcCVEh=5+7fo0I|4h{4lLq3Ut%J0lqyMFsam%&P7vUzBURp(
zX8Ni(g3EsvG`YTo@S8;D1=Th{{sd(yU+@u!hdL@1+dW)tOMc#P$&oiVI}%}xF5x6m
zml59@KB1MCIn_J?dl_F6DPrUlT(=x8@#gqB*CC1lAf&ixQ#d)1ch|1;*fBlLKcj?I
zT#)Y3ds0wDXe>UL=qrW%i;^+IbE7U%p-IY@_WDz`D|S?8cNW-ap5Lzl53<<?XoSo%
zc^h*Y^sQ__aj=krT)I4(lP#e;nyO*eW{EvMdty%PEz2_VzYpWKYTh+&z7n!zkT~uP
zc@fda_#CCBEDCFi&yTmq4M8X6jZILpxdV|42EIE)?-YcUr7ZDk-0o(a0PJa1!%L5G
z4)Igkz0~ekFu<8LZF1^kX7z7O(_`|j!ilZ#h1%2Fqisi!_Vsb=#jpzZoE)8I#oBAv
z(>!A+Ll@<8Yd%_iepyPTY9xdGc7M`aC%tvjTiegSvfk=RHuoH2EfuwmY~En+c|^TX
zcaUT0C`L-q7U*d~6!_gO-OL5THF2?WR`3t5)vrrBh<fBdRv!fStBuyPr``@ikM1$T
z079iX>V18vtZ&==o+PZ$k%o2RZ=X52V5nlWhf7kKQ~>N7h{5n5!-rF*DbG}M=UsN+
zvXLZ*@3pZ;aDvn6-EIGtRv&i=NBa=#5B;!bKdQ5SA<`Ms<v=`Jk`D|L_Hnsi-xX9C
zUH&V|v;L@h|8d)*ae6>TxN7;-NBPxiCf&*=#&QQGv!Q-^O@)!nZ@BC!R@{DU3~Xi7
zYY+!{!N{7g){b043z~3^p&?}&tDs}j1l5&l#7B@lzzM%cCvCmr`<4<hiZ|{88j}UM
z^X+hGc>9SB6z~2j`u-)KXGCxNxmSGe_S5DsZ!mHj|G2QKjSE1>fce;acnNl|N;g`8
zawmWE_HO|~JV6YMSxt7<M3_Gb9|AJgKu=r=>**}~Tb+ducGb5}gS}}Vei~}+4{u!C
zTD0;gbFLlG4s8`-(5+(7c&1~e^JN_&%kGMdCtPP6UtkCA_m%^8Wb~#cJa=U(%;e5o
zIRk4@ug5-EAYl7pci;rU;r+H)%7~X$FB;SK)7rf?;0FS@03ryc<wBaE6&_-QL}|8`
z;wdX(r&)hhSZ*IDY{X&J3=TO0yC!mHbtBw#V%bDe97w(2exifu$Vfz-NRnh5IcEqV
zC!S^iNhbm^XZsnq!SD$n>TEyp2s<N)k{vXj0OHQ}bC3Hw4v}a3iACrcHTW$wpB}`X
zQ6vNCKBEwPwx4@Vb{OGj`-w*U88tC&bf8`Ypiwj<(1QBwCiRnyKo8naH+Rs4Mv)yx
z9*RX5+Mzmz=iBk!XJ3v9rgl%fISrp7w4&X21CTh|&q&2>?0AD{N88UsbiL6lI2Ii#
zTDNOqC<V}xB8dhtl{(RrB1y+#EY)aA(Mn1*=29fZvCxOx&tqv64+}Z8mdKYGMYq6M
z3-<Q+9n}jWX6M4A(l~ltwX=PjSQFDsOajb^BaO6AwFR<L_ny#RLSCL@j5viA!e9cw
z>muo8>~m%3ID%{&w+135F3w0=@*7sR5<X;UQ%A>nF6w-1T6cH1T4ISHwUL3Aox`^h
z!y1b6xUelvimEK6it95KJEsSXH8$7CrPg6~XWTh}Wq<@dm*#oehLf=_js`m;#`!FJ
zcEDDtSQ{P}-AzotJv_v?4$li@)Cs?GSln)H4HFWE5pYE@J>ROx7OATCCQTxk$U;`a
z?%_08sMbBhGik={a;fWvZ-($BTGQI3VezFIy~~ug^1kOYTe7l@Wdn;%H+LebWVm+B
zp?OAG6}qQ%E6S9TbF2&vUNaUIN@rOA(!!0~S<Ge1mo|Fr!gIf!VB&lPRm_h!r@Wp%
zH?8}-QSg5omIXIVMCZ2S*t+BAI``ZNukF1;&_>^VZ)H06vTHu9!RcC<U(qLr_eu?Q
z@yxGy#?(e>h*^#ynIlug@b0b3xX1tjZF2t;c@L?f`OwK<)~?$Gro`FzyI3ZKzSsLR
zQc{Q>b(EwVR$6DU8ofV9!shnA5RInOT9#KH;^O&tFY8K%TX;!>;Q0hmL>!=!wOcc)
zI8&P3(v1VBqfUfEBd;sg*+a4&_TQv;V632{xMhH*nG`F<(>|g#>_&}5vbB|ZjKN{k
zFD>|Yi2D=^CwO{(X1{0wUt07imJ*e$Sx!+$8RQ7HffV5w<PxmkHYw<Wm4>8?xJjhA
zVWo!Pl9k{;4c^h%gBl714Cor%zmSy;q8?@e8`0n5@>C*<wlfuW+;J<eT}WOc^SlyV
zZ=QhcVXhZhswXMCVc8SKS2J2BYpz*h?vW?7;4>JY0E6#5Ph+B0A~?ZtXlr|2T|6so
zOT_gexq$EwuP-hK7u5;_z|?G%VPgt!7S>EX7fTEg9@-`~8WR&K)OEDi5I1^-sumE5
z;X)6HmUHql<Q_GA0^xU{R_05Zv+N~R-JlTrTvmvHo|$EN*usW!WLk^++G2XWb)_k5
zgH2tmvSb;%L0qGOiKC*X^}#N5|CJTzc=CX3hA-#)*bt*{%Pk(~f$N}mp|W5{m63$5
z*=Ddxw|jD0fF@g`Jo%@C)&NUZxpAlwp&?0`0c!)wz{N_YOU`Z>q2+?>k^(R$t}EPX
zA(Jkq^=Wi`1H`7G>hNA!ox@{=Hq;%$QdgaEv~{Su)qzT}a<-~?%AR;zVpyJzwB}_I
zmg-+{cfCamv}Lo`Y@<A{ZY^bmQ79bfiY!;uTw6dTp_;8^Y5sYn5?R=_1WDt#UXlRi
zw{&Cci#icSVN5(=u)=NK=+w%#0D#_M(j)f*uH9a?K{yqny-sKxwC=D<@PAgUsZw8u
zw}%FN=BZF^q^<gnKOr>JYgw(<m|PqioSajevPP)855Y<VS0SbyVFq0zUeUsE<&uZ(
zhhS)KNwf1hE2JoSPD`F`K&XPEO-otYkp-jhdCKxaYEYhF%eKl``L&^5283<*)R+0#
z-Nm66`jWF!{RgaQ%ti|w_=w#&3|+Pj=-vp~4go7!(~>5dm0W3_AcAmMska*g^&>zL
zHtV~V<vuMo+vYh?YX_z^Qb>q}6MGCOvCk1kEXor;(pC`i{>H+FJqBdhuK*V|7Anlg
zatKLAF)(561kC`&AVgRf09b(LFg#ck_*bBXmLW9~_$%1yT|lb<=vRQ^4&d0H0Kdk9
zeF2nL#5UL)(ANmG$LK`q$4Qdje}eR5Bu9@)j2@BlJi-nhm+Cw+&3R0U?})y}B`%Ll
zT7Hzi#zlTbBvD2rP)5hE+&6Y*1XR{zz+^oNMAle%tZ2fI0*&<uuvm`)i8US$s|9uy
zpdJl{wF`6=k~sn}SY04jp{W>x!0H9K3Z8^P_^TdptC+!ups%(<4nj&s81`xh)G8!S
z1R$?^B&3kMH2`<j17;QCD?LzGaX?l9;=3?caUfP9?&9GbjRCL<Eg4dL4DhPQ0Iqrj
z(5jJuRi4}*)I-ByRS#OUexRyd7^*1d8Um>rgN6|gP*vjxjM9<z2TpbGsGv#Dn)Iwm
z&x-A9B;3>EKs}9sc^Zw>9uM&ppV$)x@6-lvil7>RcIp6aiXb`!>(mL@6hX5G(&<q_
z2>+$+3Xy<Jj|9f_NI*;@L6~CsMKl0Y1FsaLXU2gqwV{=wq_$rfcqv{AiUnM{Z_;5j
zxXgH9nbDv!pEaP&gTZ7T161j=1ymY^dlw6&H0|-<)*jy%Skfq<BnN>MBiKZNBzf>h
z5j4X9N&V1A5#+nUk@{heB1nF=tRc2EViXwCJ%EtH=HT%lNbwi{c<`gKz(@5oL~N2U
z=uvDIdo--Y7#JfDo+yGc2|^g{Kodn#eHeVvSm>e=uto8ZMdPNCfSGPAT+wKZi?J|8
zu@FTq*rDhF_reqHLJmdK+z&L-=!qQ%NfZr7G!nCmgrJB#437A1*$+ds-BvWs9tfgt
zSfOaDUGPJlkV4TE9|S!#5_aewkVE6(cg8>s#lj4Yf*867<VwugM!^c*SMwRQI%A=P
zEJ#p9HzHw#b^(H7h8Tnp+6D)TGbInf2Xz7iMUd@=4tkI{wQp(q{=rn^K!8RA0JY$K
z;;fOsGWbvA;kzg3&piNt!V1l3u%9rh-$<aJ2nWjJfc)$q;AcFz4^C=;>=<C5Uf7;M
z8{MEj0mz=<p=<;CM8Nd~C~krI#6k5$xLvFbC>o|GKyo`vC>o+CIH3sOGX|a~IC|a_
zx6}*G6FU9?+%pcAC%EjIXP+-5&*Q=I+&k!I)J+tI;JF9<PFT$v1-;{dbwX_HA+S56
zCT-+>9S5}&!CM{-v$MA>PdLEwd7eed5_5;W*oyiV%!met|9@_2lr+&5%`92WlZ<!a
zH_L(`K5M#HKJ~e0QyL)wmfHboAioc-%zf0})@pu_aZ28WTe5`l8>YrX>mlE;QYr|a
za51(=WPM7}QC8?!(#<tp<MJrXfipka_z#T#jU#EhX{4fzX&W8r!x*foNHZgDg;dP@
z;XWMnt~f$@sJLK_u2?(8f3hj~5Z=jem@r3bPQGC_o;P%jN{Ihbnu?T`Dfy;8bI!@I
z5t`mPt8SFx(P->V+U~bvR+MbX?+`yly&yBE2#^`xZZ?J`JpP7>%*hwzWu>(Af{4(<
zSt)iumtx&Zn73M{`gp+ZsG&DcWd0=I%o1p}_V|4~2+%z(Xz3D+7V@Sxl*|wTqz(|O
zMBRg+Ee>){TKv&=A1FCj97{<J;1UM-T*FOkRAieuYE;}g`6xQib`(&F4J?;SyU%L$
zO4tQ2>m&F9Hu9M`FXgIaD#+IWz73>rkZSN8_?%5?S^_wf;y>A|CQgy&HNeTN$f#iR
zj(&bcd1fwa=tYDP!SAEdo|o{wX==CQhL?tp7tyTDxu6+l8kjD=lPSZ_Sxw}{)*OZP
z(XEa^N4el?jk~Cx$NClzMy)NY5?F2hwJ!k^!B|=+q!S@iGuHu%%`m;avb`J3u`qld
z_dv|R+aqhwXKS%XO{bySUT)VjiwU*0i~*XLB^3&wUf^}3%?g{iwB1`wKeKErbe8y%
zu)Bhy#7#jUGxteu<gq%saOO*<2@Q>Z!MyCR&a+?KBy+s=<~_IL56%#J_+y~8|3N+;
z^z)LB2fsjbIPZ_r)Xvd<<W?Se=C=3h$AhkXS4bye`h@UcXl%>AXZaX9DYz7%9t)!+
z!HArs6rkzJQ6B|4_1U5=&1B_fb6BD<+2O>yu-|M$Dse63t*B)e(0*mvb<>6}7+)TS
z<7UNOClp%yEMS9BOoU#Eus6lyAY|578(<E=YXhEHRTyz&kp-izrFRw7oTVkzooo%~
z{JWPS`xgw>fv15D*$VhKAh3Fopi0Sv({MB#td(1QFnL?YepalhmqlEgu)yvVw*C!9
zsylnud{~-%sN-r?Qc-1eNW9!R<&U73Mg^gc3qTzeeEQi2o<1n(G@x`UqDz`wtCm?k
zsLMGj*3SLiOKU$ghnPdqB_8BS<(yQ`eX5*IUP~cMv;QEoJ`aW#EEvgXxpMh2p0TpN
za%{q$RYjQN#G$?5%M>-D9*Wv-bN#cDnx5Ej!ZOUX&_#*sw0m65C1dU(Fwe&xSg!0O
zo-Mm*`m)t%+B7p#y=?*Ra~Lp5XqHqMJ&5g&om(%92_Y=G!h9)~p7e~u$R7c!mV$*m
zvA7IEHoa=rv?V15FRvO!#qKQU%5<Z^upOEii4Hmu;~dvE@CAVy8@4(qfrdOHwR{>U
zfui&k+F_$bO>;&9L`RC6rpZ_xJX+Lr!en^0qD9R{m<$jdDQfN`?QuV%rkmYKNc;^7
zi5}l=<>y+y7JDz)gH?%?mDvVjZ%|^|%LbDI_s$s4W%H5qDJNA4;Yu&vFQ(Ux-z&~K
zT*rC&V{M3d)=hBGL>XOEbZtRASlzd+0Fy(sm|SRTM4`jsd5!XEwq~m{$ffCw^ZW+A
zZ8lNg$efi%V;{`&O{iw#m~@YfDt%tc1-s-i_!V12ZGBzCZkYeR1svB!ROT765p{Nk
zV#0oxvdpP|LCg&^GYv+3Gb&=)j0|nWrc3vpoHmKp48>OQuII%loR*l87mb)}1V}U|
zVz4q?pr6J3<xDBM8b4|FJ2zA7DyL#rGMYj?1^a8%ym65N$i7%@og}j^-dx5^*QlYF
zjH;nJKs_VJ&oCk$QS!0kT~k0JYS`4gU+NQ*(`3zsy+_bIV5ZPUM1t70iV%A31b{dV
z9R!4Ww<izP&UD6B<L26Gqlz4~81jLw>S0aM{!JJ~xc>%mcf{V8JQSjIPqOgx*nKp7
z{akK}$m3)7;Z0*RGFQ(q>3JmW5mOMGp)-q%`9Og+Dk>#9?I9GOWF@7}pv;k>eIZg?
z!dYOPegZ^yII@c<0~19s|CpfXsS;ofK@$PkN4BXWaU1^~S`0Z9INYt{MHn1*HNfr}
zaJpT@J_zpT-I(MNOaFE^pm|Hlhzoi`cwV{mqA+~YjS0uY&5baT?XGz@Rm+BrDwr2K
z%!o%R@ehc5-dARQ>^-oZq67=d{e^TVvwNK)xU9F5XLVZ0Km<_)$yr@9*Zr@Rv7E=S
zH%lUdcwG<@4+@k=s326i5;@bYEVdJ{?MD!$Y6}^$`<T~B3=vEYC!%rd`~TT79b-zw
z;^A<^pF=ZCM$ts){b$`w%w_93;%vcdY8rwNs()b41T`JUn|=|KYS_-Tnv+Wi6p)$4
zZH9Q7lUjJVZ*gG3SgLF)f>+z&oz(0FdB<+;Ibo5pa|F$1O#;`lf`e}kn5uHWMCO_$
z*AW&`0{J3n_O1J3IMb5y%r6j?ZT4HvSkrRF?kiA`ZSE7GX1P+#f<?;{Rz3-O9EgV$
znMjfF?AIta5OJ|aij2jYsxk5&yuW?VJIfpX*e8_#5}6r;FAV&MI}QMab|<4X0hi62
zbp{Yc+`2l_vC0>$1b~R7q($cj!3Hf;uJaE8XVb8h_afU^X2pe9?AX=f?OOZi^DqA}
ze+tK4u-h)1i?gtBq5t@0&-8Sg*|p4^A1yFHt@_O}Rfqn!gfEA{v3u>B?G;!vC~yWs
z_+?ETWHPO3vbGtV_zN(=?o+KPR-A=$omlYzEMX-tGDiMVC-0xI<&q`(KT+do()jy!
zYMns;7x!QP*|qmWA{@5bcQ)HaVByu)UC-?BkcycQ=<}Ss9z^L!3kMd6q*>M?qO1V!
z<v2$ov(u81ck;q4O_i||at?W4&0k>CzLT%-SW@X;$v4O%1~7u!fXodh5RR{f3DoRY
zhxXIYkEET?o_V`wn<mfIA`xNjiC&WR=5b&y2*dLK+7vgLFSx+YS!0xJTJ0t3fEz>#
zor7-OcalT!M6H>A9|=bkO8>J!a9zMd9*WTGe^xY`8x~Z9+Tovi>DrH5C>-XqTb`u}
zEinYb78O_0hSeDE(@W7vevb7tJHgg*ENH2DQf0Js#auV{UWaCzUKmLv?NyiB%yavz
z?Yq2SC6|a8J7j|2Iw(h2+{f)%xpaJ|KGYs6-~drSLKxll>9NPj>k~UCf7`gk^}!Hg
zKN`mN(H<MSL=6*I$`Z0Mk5Wm7YK*fRp6KH_`CqJ*_O@M7&6^l3cb#in(Vr^vlpMil
z{r${ymZD^S>~exJ|F>_03}5DULW7=j=yKG~`Oa0hXl4wJuv=TfUZsOPvjYJOPojq|
z<rS$8vCJB7@*igZQBt!1pS^#7jvKcU#qs?)e+5dpRg$vmmhG8M_WEX%ui{6djqTC3
zG&6f^XTLF;M0X=%0}Me*?%C}B{wbUTfFPR$!EVW8XNaxZaa!ad9tY?BSiv2`+q35l
zix4Hd?5w5CWhPhK>%3qz)tX#c00kH!H{~)tRt^$T015)|46J?Ss3DP~4&s0kMc1}N
zbQFTT^z-38k=5}4EToy5p5492S)V&9$ECzK>};%<-M7<y=gma5>08K*d?Vh6vsm>b
z*K1nzk^Vt~-B?7_jy4X#Mdg)}ETNf(kwG=Os5uDR0m^EHTqLrs@{$<eSqT#boH9&Y
z3Oj^rHAhdt*f4m}EJIUcaVj^I_j)#C?3rU~gg#Dn(1)lC8WFtlIJH1WR{^yZJ_q5B
ztN$5qx{j*(`8d@+$JF^8VJC~P?fF<$JxA2@H1#MWfbLz%bHvugR_}a_x}EVAJEM!^
zMb+x8Yj8$DjHuGts=gU>4|?l!?pt>=y5i>eu!M-sk8Zp&P+2pwre>rSHfHvb6*R}k
z;YRNBW7NxhoJyJFYh(`9YZ_f0GcKa?A?jjAU|7T><EvoS$Ma{ljZ+Yg-ZtK`!b@pH
z$eLq=<p!B`&;S8)C)BV<)gBckO`Tk0cayh*eSzV`!&XWwVP{g_R=GV>2yE0}<RXz9
zBXb))Mx#ZjI^r$c&QPJn=j&s|)PbgM;}#wiy|K%mTsjZ&sIBM)YqLE3RpP!u7g!@)
zEoHIbY03nYG}IFyyg&U1+V8dwUf-C8ZZmH`fu8q%pk6VEwvuE@CP22L@vmSV1(<5T
z0Y>y4u-idnkeZVVBB~5>f5I(qLBl|M6I^v;s9kBoP&N;~nTi}(c-a|nqNm>6!b@=_
z)0>8h+<)%9mG;Pq{l~)D+fIAaN(NYa1fv;dgbhliH#mk=eZ0P9_fa(J_$@x%YT}Zz
zRl#6y@Or^@3#BS97^wuiWBS-ru8h+;H6D}?8gsuDik4h0x!&M^dnw<^()vR_^b6fs
zG1PCLlxtnR)T(>kf!MVeuKkhy=Cftflwhv{x+rS}-txIsCKoibeQo-A)6LGaZsz8H
z))s`u1VVQd7&~7<%n4c)^fmmE71Czx)j(Sh2H+}^F$e~rg1qJ8B|hIMvT_DrCtuBe
zl!B2Yt5nH~{$sLegw<U&;ygu30e09G^98!vAO!tpF|-0wMV_5MJAe9IYar+oqKch$
zoQ(eV(>eKjFGRhPr{wSO-)H8(Uy;9)zY}sru899%{U7poGSi!EmKNI0r)Nz<noxlh
zP!n#0<G^O|lR$D38E`k~B|rN=_Fc?OCsG&)PfuV8r{o?ihZ}l}R_O~!a?+DM`D*sG
zzpJDaO)z&{YDQ^Sdh+yi-dMU`;<I{*y>RW)8>@y{Q?Z3l_R|AP3NFO<o^A&Tf|XlV
z{LZxx%nO#V)K%BSd(3Sl7=Emug7I=rE}`x*t*ey+>v0~oy5sdz!0ji--O?{%nO<#u
zu}7Xy<Ev+T`!qK021kme?s?CHPCKZSB`Ce?OD*B}e$CpkAZ==dL?9SQKs<i}%Eb*z
zRj>1mT*;JJZchf-J@};*`QfNZFMc=zPnA<>Oi}SV^E=dk+g^*D75WgdT6c;P+MZOo
zu|KVSfaGiFO|k+fTd}hvVJ9OZ?wUeeuyIvN;n9~lxiH0+!NVA=2sUuey=P`=LO;#F
z#{ytBN@9aq*&2)?L{}065<vy2(Jzqh;;yXV*_lmpGoBN&U~3Ak@xjC7-wU(l0W{UT
z#;@lAdXBlKs(DOL%msl5hg`QX&+psx(V4RvauZ0=p;YuBGw)#9&(6GE2+h<y|1VKI
zzUJj&hWFes<wz!t{|(AxHJWx}=f9lPt38E?2TLUS%~FndXyMNDc+Z`HqIg*W0XZXr
z-2+z)7D4RUv^pBwG1D_GH_%Ek+cB}9=qY`$R+Ibc<SQ~GPfj(K3%o{fh`wlIg3?23
zc)8X}fj$uhjSc{OOL%B1cAf&)&m?ygJ9j1>N?k*F3ti8BmAZ%F$wH>=V!7mkm)k3u
z@gy!%3yR4#-}89%THcd;hT9IP*Sr2J@TmKfIM@Hf;TG^I$LfsKYFW;ZNUq?RzsWJg
zkrwPZnUOz9A&ciI^$IAj?O0jwG=i2Xzo>hQF)N762kXT1eW5$sMwXfR4uABAex3-v
z4994Fb^|<yqXD%Ubfy0a+ZGV0H3rOE_i2`~JC?bNVEb8kNFKVx8pAI2G8LBsQ7m-L
zmKk03-jzWMhu+y62;mre3H-N0R{%cIPX{o3B#7>vXdOZx58V-SG<BC%X})#_RfSfD
zA?lx4iVp@2k!WbyvB_a`nmXR-tbwQf)`;c>u^SPA`u!k(5c{He|FywVHT&RszbOi%
z$v!EbTU`2cWJK;w{k%02-7?_6a9U`Hox>VbxI-xvF|%E6jSR+>3sB%G6D3b*=1Zw{
zX|n+aYCG?1;lwU+PQI@p5Jr<VhK}P0e%F6-^syc-s^pfH){9hZ^@sARBnz5Rk?4!k
zj<N}K9)gb}M3@!kClG2aW$;Na29*m{>aT<pJL)a;B2)5AlN$?o*BFPbqu}5DS`8>G
zhAA>u=Yl!UmpS(q;}2DvYZKNvVe=KZ)LW=^)a*I2mZ}tV!;bnDM%Y!2d3Y18)zP%c
z_I5|4XIh~2J{Zy%j@+Bg8EJ9y=nTL5qp8N`eKjDAHfD2Kc3E!rz0W)LsW@Z$uG-e*
zTo7wU%{}e+dT6?jt)o)OlsG<i)+>`r*@}<U;!r~`?1g+{#a~jgEHjyzRxJnhvy`>|
z%>i=LGS`0|9RPh`#(`<`U!ejX@Uu|a^%cK^qT?|JJ~W1|S(cN6rB$Fk2TT&U{e^E0
zfP4d2^zo>1kVn}1qyLgOm^NPmeZw+uOTzA0u_d`wm^%t2o+`yxViWT1FKt{JXppcv
zt85(^ZR-fEII=;WAJQJ+8S%q*t0Bdoe0Bcx{OOK@-wV`N{IB5uYOB2c@8z<?P7;W0
zFl%bult{yU(5LVW?C4*e)^>gJ)%mmYrzd*N&rbE~J<I&F+0#=Js2|yYXjaBl!!~~@
zOqsrWS)?Y0+#F&r*aW&2TF>sr@>{rm-i^JNKyJXLz)SM0jV#!&`jOtj>9w8rnZ5@|
za42qRX3c?}e=CFRXtqn*JD%D%7QUbf7poUiEct36{{8sXe_XwKfBE*+yPJzQ&&iGd
zswP8AzN!jS;TY5Wy%_T@zUI|wU>|c<a46mD#Ah(rZ0Oe3c{F6W$_@4xEMv4YtOH2J
zqF@wST;0>IRO)byYm#v$%A4LwI*pBa0S`L|5Br$Q!X&B{G+}B^uB+Ts&<&>HX-W6P
zx-9b#L>A=3s>qWM-2y>>r2Gt8clG>9L+sWD!nmEtjSbC;*^l~Z4B*ma)$M=>3qIQ$
zfOfNHNZC|#_cY3USpCTJJ@!Vww$BDIk>-+%o?Opnrl)xn1BHx79uWaDYpz}LL|(`{
zp7yFVTo}t9`K^|LfA{>idKWqqRl&&nhKW_Veomh5v%oc@DeFrk856NMD5$pcJWc2o
z#3C9c4sH@vc2dJ_1Aw8g-e0}Y_vTMGH&?cBMGtZf#M^P9SW*=+cmHxpQm#O~w_FW~
z0hoI##UOr8!_pK|u%y3s9L{MWWyU&%Hl^htE>^D#3Q&5Es=r`sOqte*;;fD3Uo)GO
zSjYuk@QjyRLQV4yK>E6jCdhHU3eH>OEuv(ZNooqGKOyD1kkx8Uo_4?Ynbn8gqbh94
zH%wMBgypS?CbD%P4WqG*tM4g?3`t{Spk;5Z8+>nYL!bQJ?!)P}-jmaN@87BS@3r^u
zjrVWm|E^Adf7-ouL%DvL>Jw6SHtOchH8EmIDd7@=HC37NLxw4LFMp7}B{Z_9=nD;J
z392-qRk@ahz8gT=U^;iK;7cf83#Ix)QR+zzDiE$6m$id}+FP2BNN{>#-?2f{P#%+(
z)b4LwOCM8F<EP6#GV#TA2=9ZYzliZ=bdKM7<!?-<-EwpvR(Z#YJI?OU?`5GS-kD~H
zGvsdS9NJo(|1zd4h#oiJy!_@lxkyu^uvLmJs|-~mH77LZ-(i81Gjhv^+n4K6@$~l(
zTFXf0D2<HV?Q6)#h29geG*c<fptdXsA8b`e5bs=ULtKlIVdh?shf04rv`bMSS{H|6
zNx^!HpWtZ83i^cs67u;F33DrPnO@Yt7EI<SuS6gVNHka`$UwSfy%i<uF_E2rY_enS
z0@9qpyNu&!Pje!`C-gNBwcBjgJf`K^Mm4;+04dA*553|DhF%2)w6QcS0_pT@VkJ#f
zIXx*6e3Y1mjKXFrp$iK<IMdQ7`dGu2%qM|zXdRP4IW)VU9c7;c%1NM{1j>o*OakTS
zPjg}fN>-G6ij+w$mXRgT*sg3Dma0(dd{Cj%IySCvdHx;PA0yZG5`7#t<J1>5fffx&
zk};Tb%eIGYG}emvEcW@9ZLbHo*#IZ&TGy~pJUI6_J~znY9*Mv0!P_FK?J!UKocY;U
zUKYWrBKIwhLyhN7z<Y+VA%-)>aiw976y`=zoM;~|gwCIE3I4|Zerv)^(0>HmYeQro
zkcI`<+rODJ7b&sxrvOA#GJPQa=*S>Bl&`PtGg#|CWqBsIwup=?0aU5Z%LM`F`XUz_
z%$qGGSus)9oAuydm$cN^?V6S3pIw|2yw(9(6Kcr2A(u<6Yg?D%ZWJe?N>v+X3*nVa
zm88m5Suonw_vEf~>GY2B4EVAwj15f`ZANeXQs)+UlewqLhEt^-DFp#+!A>P_Wi?zs
z_2@hASxhunHodjpQz*mi;!Qdx?n8l%Zh&=#`tzI#Q=1ftrvF$6SR*tX=WctCYvJIm
zZr5(nB*j2_Oh4}4;%n?kt_h;Sd)2YIaV7P=*?WagDB0*=^aX(G)uwZj<}*Ff{j^@x
zJ{9lbb6WO_iY^Bs4JTs{+6Y^;^s<LczrBIR*U;k!3ZNQc0<M<<NsgcQc4Qr-b-1WP
z=5$5-BWv3A)mksrC0Q|Weq+$QfY=y#Dpc3Wmao#JT;r^_RVIYY#Lv<#p@po3DOA%7
z(bd#`+nVS*uYbJBUvdS#7p&}$@#lg(oj-lD_cn)Qu$Dl{6)LB;9xfwRAhS5W_bduV
z({Dr;m-O`3RNU1s&1`IZSyb!{f4VPt$s)?8pDbynn3jJk;TXbcvkpEy5?)qF$Whf|
z?|W%3ARu9VEgcFT_sge^tJ}Du{?d+)$O%4qtVkhcdAj%UnPtBEn8y`phPLdQ59Bdx
z?p>$17lAeZ!4zjue8V$ZWZO_2{xz-yqS=|a<AsFW3UWsa%nLAjN5T~OUnk#Py#LF)
zi?^>%HAU%#$?R(DJ}Caoz0b4{s2_D(2WRK4PXK6>U5BQ0o2sm6mTd|92x*LW``*)m
zV0z1iI{&KaOqam3UxYj^e@M1Lq7*CDSfCxVG?mk3RpwRMkUc>cGR<=B=js-9M(*i=
zxGM>nuMf*Kz68@XS0mFLB+@hsChN0HT?1Z$ojh!9^lt6UbY)Ts6UnLAdd$;Y_FQ(x
zoemb;zgMp^s!E>xA(P3i-i^q#x~?}HD;4D8`)l%&t6SIMzh7C?%Ww5gqC~5j8G{rS
z5E^XfW>*`Ceaxi_C(PQt8Ee^4h!^JulYU9>6~pB&^m6r|S)ctO#ssxg{izpS+l|lL
zykyY9pfd;DYiq}eXsQT1y_FTYrx?Hwlx9wDc>bKc5~{-LK4t4OgZ2r?Pjguei&|^9
z4L8Ng_7WklFyU>$5p~2qmR}#8k)w}GrT-(!r8=6E%T1o~gqK=U5ldDSh%F0dUI@bE
zOJ6*B6r>1#AI)4^cupm`*K#wv(;N|cL%O1e-sx)Q9fSzECUV2Qu3&IULbkCe%NV3+
zhjaz9gQM;hi>BTW4Ur_6Jg-Lwf?h6(#1fNdrWz(z9^lG76a=~0+OKO0>>(i(STuh+
zPubnMO6k)xm;z$TfCHzoPO8Y!)1x`Lw(`-Lzi#(j5aLo6ZX%GR{p5(8$O2}RP(d<A
zO-oTjXtr1a_B7Z|Gp2+Ni7KN*B6JM0gB<n^+pwpoOya~+76~(EXnZ8NJBpR1$-QgZ
zNj@QgC(%Y(gns!lexK|c*gu;8tzzWzr6urQ3;&d>+u%l7rmJ^KbK;YW4gFCH^6C%Q
zW?H8|(WV6{&yX2==JqrwcL(g)^v9}TS}utabllTz;YR;XUec1Hi~|%Xltb(oq848k
z&^!lT@r0BE<cS2x{_3qvM+g<(OO|B+Nzd>F{!TU;8hIxL3kMIpXEcR&p=bEd?+aeC
zAT^3&K^nz}I`=jfWM8n0@qJtnIHMmhyeP~pGPxiI*&kvR-@d;bwTN%uU)nY3f6C>~
z^kIr&LisS$A1SETa_Z}rj9RmDlL!}_J>8LUBc;nA)K?$ppF*xYbkA?O2nLokZ?S$F
z(#w-N{Th_s>owJclx(W3<awY139%@z5e(|5TI|t^Cr~N!l3~%5^ttVqF^GYHuARW%
zViz_;U0qW)jpV}+PtZ&$+-t^3gsGW|m8Wwn9byv)*oK3t(P)v!Njy6?P;#RGb`G}H
z(>c)0LAhtmiXDN;zSt`i9VovH^I}VJgAaWB{_-GR9SWM+<<<J>PF@XvxMsy2PuPIM
zU~E*6$FBEBru0iiCL8`bilf)BSbpgG>DwqAzoT4m(TD}c;72YDEdtp3j6<ceB1r^L
znsMv1Z`kD_L4==4;9^BiY4`%y8{Geho#VcjIAQsE8CM5gKl=K*X)%4l@-=yV?Idi^
zix{#az_b<GSC19R_>u*>2}kvQl!Avkk?ySK*uJ4p_q{y}^49y6l0;@1R!s<EuUz6r
zIFKExo2ewF=C}U}%9~Ns&hY@w-@m$e`S#U(lm2oo?`Nf)Rf^4c8RCo)jnX3HtYX@W
z<pK8|=`c5yYrTcv*a$8R9HOSbhjna9S%$Tjf|@8UYRqp{mf>EP1!HHvrRn_BOA)o<
zq_NZinPN~~1BegJ2FRyD$}!v~9B|v->-wGMZeKTkAJQIk6S;fKwgmbVE@h!{vuNTH
zD-+m+^GdN|j-UQqHg|~8!DQdFo;oc3Tl=0ZyLQ(6?EJxDf`bxRGsn-01D#uq?IwTv
zy^YPmiOEm-oTGUkC7yRArx{GC*e{_%-_>}e*H3E%ls=0ptgKhiR6>+e0Vf{jQXV?f
zbi>7GLk)&yOe?bNEkAOR_V0SjqzTV91xWLoal$wsbEuTBl^&$9Ug)L|y7O+ew|}!$
zf6He0^;w?Q`~Uekj+;iguz`p@no-Vr;zpU~h9--^VqCrlpBwoE(%)yP_eb%~0|2=|
zM!&W*PR83`4yoxfMD#1$nS4+bLu%!xGv&0P8&<NS?t^CP;pu;VlQVH$(&RSi6`ACN
zFJ3-4z~O7r2HOLe#Fsiy3@^}6c^iLXzwKZdj;1BaRVir70`6yQK!_o(xy+$0aqkvj
zgN;ylRm|NrG<=+s)_bW*vNrmc1uq@J3A+PXiCtQ;{kWEF64NOQn7Y@8X<nDA9I#0x
zrEOy2n!P@G^5h9NV*Jf-enVtIC`nnuH|+<5fDyvKJbgMR|L@}M8wh{QONEV`@vHiQ
z2H-%uJw5*Y`kQxkORMIapf$SfYy=L6r}^uzzn+tqynw>$+;p9>5t%k*Sjdu4XzvGN
zQdqZLW1aUB+W%pi0AH<3)A&PUZ^n}n%fTY)lmpFih>iNgIXE#87JNoBe#^*G{jrc$
zUiXp50NEf+(^M2EQRAXw<tL0o8njO~?h-uRk_b(gi`zz--cU1fVq!TU^aJxsnv6AJ
zsaGS#rfcPe{41b9*pV!Zb;Bwv$_U-IVTtD|u<c~D5E5!xK(N;bK-DXRSh`lyUdENi
zPUvg7=Zxz}ZH@T~aj6nJkg<PW*no!g8YW6@%Xcpl9FiGKYeriHD&oZ4p)`W>6e}xp
zOb~{t=ggGCp0+`l8(Q3I9nnzaIb@wES9GFa87=u8dY3kI>t}Nf&h>acKSmNF3!+L|
zm^-h356J)#2K!dY-CUy>vUXePi8gXcsM)EXuD;A|vm+Cf{sP>5(5f(-0k+&RvEz;5
z%HQnCm2q_N<`T2kGUhX5pW#M;eNdK+;}IA$jxp>R^NwTowMpd6h4%$2OY0z2FaqKj
zjyxRZjN^g%GLAjDGmcmujU$dz;~4Vr;b`13>*mAd8<L8Yap^WKVn<3zHX!y}A~Gj$
z4N=C+MHfnDRf)i3kl}5Urq@y*%b<rC5^MJuQ1J+`b?+V|%0ndIEH9SOJyhkQ8LTzJ
zH9V+k$GC=vOdg-Fx#Pi29Z@G8Q`V%hXZ8h~^ss-)KM?ieD{sYE`XUf%ytyV(JkFA!
zI5~OY67FmO(WNL^v7`w*^(_o6U$YG>0?n#zFr>|STT_vm7O@E{fRM0{B`fq<ytuw3
zX~FMUp~%S}LaFPfqfoEsKgv7-Uy2V@hQ}>w7T%Ssr;V$`B@U^m&cZU+_y!4@Knl0A
zDvZy|R)0xkp>^)QMA&*j)sK}{K?<*dFt+77I81lH(CFIb(jSc+T$3rgVtebLYy&Rt
zx_eMgm9Zv*t9+=t3=Z$uP{ji2$W?u4q+P|P21-KnJPSJCqxM?JlwDPejH~taXrq7E
z%NTs+RQ92!xWsuII&A-n3B^G!X;s|O$1t=%?F%Czr!QlsPLKZ6yL$fL4X1c&Sy8|7
zt;qd%NJ6trwd-M6vLBYwHAqll7Z%gFMnbzI5W0a<#T?rav++(8MK%(XPX&>}0yrZy
z%j|dRdI90t7R+3L5ZX=7mM`AfvVRn{)eMma*wQCMrLXE?8IfgJ`-kI=$s@cd%YrYe
zGK{igdYSoi7(C0yR<>sZa*bBqfsD<}1}EM%i?C3;i@Qr0YoP$-0sJvgw*@9FlL|U6
z0zGav=|j`P@W}*GHzGj-=DDv}o637}PmA>8syBbEDU#LC`$DPxndsl?0@~tZ4nx4<
zwd)=GDZOA_1~yX$yY0yeqC}^cD`dVSYJiLF;Z#FQSrF>vRGXY?Uxrid5}j(AlV)5&
zQJn_8v1O>jR=Tl%i<dQ}L-Dqq_T@?9Lz0X%m$p8|R+-{ln$F1&<N*O#0}4#Xnvd%g
z5^Uy;&Oy%unacsQ9u5$8s1Oo4qdLP5;pz;vc#W?hS>`lh!D?LfaEvv=yd1w#1gbk(
z@igY?b_J%os%UAt;BP4W^R?c$o(fxCgDawixsqWq6IN^#k;}72T;9>$(*fPxjuCDt
zVi6`({H{56OW`?Fxki?{aCJl~d_8IhEL>~c*+*DzoPnBvc(sf^#ppu&<bVbrWKTEZ
zfc)Xh7*W@|b|0QOOKj79*bpsZZsD--(H1abphk%xO)(<^Y>fNRa}LHhk0RWMo@5c_
zoQ-iGdh$gSnTV1=8d63C*e}|B=rPSJ<4N3gB}Qz5Z{LP}#^Ml0+@II=di7N^p2V2D
zS~T2;$H(*eF$R9r3PV*cXa7o=NMsu8rPgySR0(2LZHn@pryD!pQEo|`--EV@v2}`G
z?<o}3qL8b2WESj-Bu2|b7J?!f-*6}%kh(_e<OF}5CwUb^GtAQ)wvom5tnSyI<W&Q%
zdEzvNUKWfbRZ%ceX4^-Ux!leTC9~I~c__8J49usFrvoiEX-P4ANIX|2w*D4(<c=0<
zc*SJAn3eK7u4ELt1pCmpM@(P(zIUQ0-`S*soBI2v+A30Jb3Y=t-xS%b??y}JeHt!}
zW5;LK$G$!G=xg5|c7yi0FEx{LM9fL)kAUi9MC`%ht<4!cx`Z7Yzw+s#Qw9Nn%j_kO
zOkuQ7Hxn01w#j8di!DiwX>2>9{)JZn<KUuyFu#-+hh#BsSjwx-h(a3hyuTy&P^8ur
zzqK(H_*mG9Yl@oF<QBCgx1HEn#mlojIx>Fn4WmQ0Kr}@|AcRbr-fs&C=hQI&q6;<R
zuAUemr&>;Y3u3~fA0LS>0>FP{Z?udPbVdzv$#~uv%@JD(e|DNSQl*rjXPR;{OOnZi
zW)bD`NK=Xd<auT9s&xcv6w+Tr=?~1JnF<@cX`W|1fr9v;slqWkw7G$rz90Ff+K@_V
zB$vWG6NGARjGN%St>q8JQMdqrP5pgHCb)JxS(}0&qtvRGssd%htN`WTAVj$Y_r4Q1
zm8*!pa~TEC;%}oZVC@c}5+)GslU$$AQr6j1!Wm|6HsURcyB)d5o9xZ24DAKQ^)6?z
zCDg`oIqGj6#W&7aW7uA@O-$t$9#t(Kr-2v)i6Arm|E#gcdiWM>i2*D9w?@MP{o16%
zq%314WUw$-wjZNsHu6p*=MRE>tI*Nf@19vcC-k(D9jZ`$6^x~rACoZ$zNmycBa2fT
zBG?aDE{V_zg6rOZR-}UI4Td^4h1?J&Xs*^0dfg>7rwK0uP2~!j-0D}sX9v?eBgv@=
zZ}yL^nc`Ef3t6rD<u~fyPBN<O?smd8TCyVPR?y+pU5u+!TpI5W%!5#J<w`H3zv)Fr
z`G%Y*#>gv+()gF_u(*uY$f6l5CSCg|fwjOqqCDhtHwF0h4s=fP)S*@9pZn3FfH*AM
zTY!mFdT|{WSC`7y=JC#$0@cCAXHu;EdRz4k)$BkJF0>w=Ry0FKfRpb9`QrK#!SdC*
zoZU0<>>^LEX^ovEZwILM-!cV^rZjdww8rZt-qS7A%`@?kjS!Oo#oAzG7Y4vGFW|x^
zRDduEMsa<#s=N6bj@>nCMDPlQyPuIID!RcgdL510aKy;(cQyXpuuY!PGCr2$=zGs<
z?s;GJou(q4(M+S=)psw3A_d${ZG>XoSh6Zy*CQ>cjk==*5rAzLEKTd)GiXY=7p$<i
z;_AB>XN1q$-2Sg1NDIcYfl{t8#@?lT0K&r(JbQBxrrswD_rq`X!u6ZKoBh`7cJR9o
zn&TAufru6%<_$lt+cj_da3$00oF#M9pXUQA#)OHo7^tvyB~!1HGS0bRf3?vQaAeMI
zo6wSp!GL9(4J%}6n(8jWJ*D^L1gwQv{NRj~QUcupS{Q_RAqe}(6;wjOy@jKp7;NqY
z6#Yq!3AXS}7*VA`p<fAE{>q`g4I%`ILlSx?x$SGENq_)@{lFHOQ(kPzhO3g^vN^fd
z0*4>EfF~&k)aYj^sYJ=c(MS4C_kGv~Ur4!J5>+LdDdq*6S#f9x`MU_JDH@bZ6UDB-
zw5Ax@m8XM?hqIx=T*-DUH>_QXq!xwXU<V4?yaNd++nT5$v=$h@j$jE>iWb{5=xN4F
z8xxHYwc)wy6WCCJ-NOo&NTJH2O5mg@Srqb?3749nxxr0H2qZQt08hq7utMmDB*~hJ
z6{}OZH#7wt`LojihO8O(H0V-G*t~>eS!jX8dAxoQuBPePaJOT-g*@wJJY<BQV#7+B
z(vpsf%zjH<=PVQP0vqN<!o=llI!!?49MVd>4TE!rJ%U<F<(#~ek)Boz$Ocgvx~yT1
zGWRtkmMkS{1=4s-TY4PPmRT*`joQ(hI`KcLqikU>x@65^=cNY7M9B+g>l$bTHyd3E
zMC|644;!X6&0eum)xnv_&op5)(u=X&0JDQ*7=%iVv7%csz(Z8h@FmTChZaA^MTh<1
z-pVx2pVw;LR=->)Utn^N0`nF=5ao8*0F<)b<Cd)H-Ts#5T6&$iPBSp28GLT`G{z+o
z5m9KzNKac#zN#IXMqNj{g<6$=+`ER<o45@Z85Gf;$_~ag33^U`)evxuFzhsXOvpL0
zD*oIYh^-yfd_2ZsO<ErW$*fyTHHkxU&O|HuYe~ESle$fr)CgV3EMo<1m(l*?(4bMp
z1Ujyu>+8&!f1Ii!*nJdCE1yw?)g*0P0+_vQRHFT6oa3;b7dA)+7#CuToB7g18Z`Js
zL0#!(X_ZINMWz|LhkS0nO}-bmr_zJ;o-K`~#{a1aKMHEidmHeP`8I&hT_9@|U?bUk
z^&(9=TOAMU+o|G07|NYl`IT@wR}vA?F*c?HB55HWEbi$RHM+REgqN*exPt#-xqY;g
z*p3C$<e;vY1RL#tV|0ifj^-WyGxY5+jyKn$y<qxF(I8=^b7&Jt#nuGrm1|z4vz!*?
z7Hu?VZuZfD{j|x*mqy2g47C#SN8`L<>#WDjxLI9n0-Rp-I_pz@tX0P3Xxh<OrQdqP
zT3kNURmR6`K=lqDsBY{(IG953Pc|~R<FEi~(xjD#$W5Bms%9Wm><UPuak})A;GC=r
z_6Pm7Gs62VwEmz(NHH_X`p$V{<Zc^5j5Y--;v_pGw83nB@E2E?hDe_XDUj^pvvGnO
zTGBd|8wBH|51UUO%VE8;OjbPNBGvo=*diD*RFxzw@+uj#q2CF)W&vh<HndFEOc5oc
z(47!2R7ta}?$vD&K!U_+d`Z3_8b`vt?0aJY%`<9DRLe>v80yH&?U*3F9Yq1G8Vap+
ze2Jcf+PV-&QY|8ZWp0aHbZtA&f}(7y3BHzb5seF)+}_h7RZ!r7mK-~_ouSm`3s~a#
zIPQwp$IL}r&h!_3QvWUPnzm)sQz!c>=6ZnDn-B-ID&>ZjJOK+JUwYoPjq6fjV=3aU
zD2O5;ESbYHcd}brjl}!*MtazVN8{~5+$p(z!cvGv9y1fZ!4MMgq!%pma&ELzN1+Yw
z($<7<E>my9I|msjCH#tf4?c7c5}H@DOx`O}-b-ioLg_E=xR!<*sk4?kVBl);QXge9
z)JNPw1aN2iuHUmP)Bg=o>;cnvVD)?@FuR{CYnn94H798y^E_5i(zt%wUOj|?6n9KP
zFpy393AJbN$BGG7&=MS<rh+G561p?h##PvRBYZSKC$l}$k(Amyb^`&-i5dg!<&8Wp
zC=7K<zBMi29e;6o***4wI3Wma2xuQb&y6t=%*n|`man}pM=};in_TK@b65O%M?rj1
zNTuFcuzh9_yM$N+gI(sNiBFn%*YYM!ylea%G;xoH?Y&edoi&Y%-lF%uz~r4QO`rlu
z)|8C1fs!39jRNhwr`x$;rKv|{eFE?8cmG(>fg<GoFlw21@hnxa6|?r3bt#dh*6|wf
z{;@I<0{ZWeaXgBMxt*PpYi4`q_=|1^fkngC6gy=l<(aB^=}kBPjs`k{7mnFhk01W*
zty?Y;ZoFlx&M)<XpZ$P*_dvA6s>|(qxg_sdBJWs%2=MA-PKDx9yrw*h^$1y1shvX5
zs;(KIFwzU@2)a4$joAQG`%A+#fuVW9?zpVt_Q9kvR3%Cnsx-R#ny*}ER~xDfp*KYu
zuMJ~JF)b_AthJIrK*IyNxZT-5hQx`<7_sbXd<nV6+wqyPWY6qavR{TQ`COATn&SbI
zQOOSNd4n14_~XK;g*LN@hWp{Shg^aUuPT|BGH+<Y=qu5vx_G{!g09%ift}UKLBa0J
z{ut@3ATAYux*tE^`|;kEd1&1b<jnDh>+%YBZ%Cs^uKnH^nOtsoSuz{u>~03cr=*ef
z_55LI0yt1Gu9<ywy*51s05t7;9>~II4=rj7!Z$g#LV&wHGdXzHaWHxZ5{T3!>|?@M
zY9{~Xk(*JEV+nw`niLIuwlA8>e00Gw^0$f=TcYJcn-vlp!;?s%cxrN2jJGaE6BsL|
zfSc~sM=cvewX41K>o$;PaYERNXq0o?=u4~^EZUG^W8G?cT)cZ3uSbmtV<bD4LUZn2
zi-?9uaQhq#pcF1_)LHAvE!)N$2Z;&1Hm!m!Sj;$Rv^N_8a=4^#bBsk!98vA7{L$CS
z3eN_5(Zn?h@&}e!H%9^)<a*m={Nl+zb}t<E%nsNFckGQM;9IsGsOY>qu&R|5YRz-o
zz8CJf!3Odj&G;BB@>ht;?xi>*?_{a}^9nLZM&hL&FC|m&WC`zol0(AfA8<s*zsJF^
zhFM-vX=CI(>bbaBN_Y5NkxM~jVRm<qD_|yx)3fe{+8aI+V#oZ<fy<(Cf)6%T=K~)|
z_1PT=2kfU1LE_RvpqU>n*(xH?syQ~SSV48TB&z*YJx1~<9DCyRxbS;B#+Vmz3^%}P
zK5daEUP2zLq>f)X2tscl(dpA@wtJlEuH=RjMyX>%b4_*rTMHL(f&OQN9?J_gCl^F<
zvC5ba!<zNH&qagPGtzp}-zt7bGluz$RJfjRa=9aa##0My@~TAwm)m!A%eF^nZMqZ<
z@#s<<)%8CcG|0(t5Yuo3e~T<%OiZR$TLc~_+CHY<bZ7{wvD3cDD7sU|+xpuOIvQm~
z?bEdfr*@W^%-J0ybQH(~4b@O`BQ6PR6hUaW6ggn?dqH^_yU__O5bm~SCR?fn)JtTJ
zyq4z7cAGH!{kQ65qbQiNFbUH;;mOedtM1Y=+>fswb(luMR4y?@w{sIlNHA+?X>G&y
zN|IMaE|ux~)V?!ul#{!P#x^|^vzFZjffQ1cwj2fVqFJNOIGCXDl<_Ug?v03oZbL~?
zZF9YDaH^PCete8^H^!zOi>X?bD*YI+QZ^R?>F~pyt?f_@n{a#m(j6}uS4_qqP>*XN
zD`D{7R{1)7NA>D$O#wGOa~tZ!z_>{+^*))30ai2c{Fh5s6nJ)vZ8znL`b;Vro-};v
z49~7RhI34IoQcq-<ci_7RV6Li8TLb5X0~lgG!xp$lrK#L;kD-sJ;P!WrXGY}ggFYV
z-QI_DqT+vRf|o>}L_3<XJC1UH91TQLJ`yJ#>ab)-M_(_fZf^^qHA-zp6p*ol_sT2Z
z0X>yV@;a`Kqz932kZ5AkfGi0YNmiv8KZGPy)2bLczsHvDC5_atS{cyhySUJzSOVWg
zcp<UE;cOCDXJORpBPH(`C3^;^6L=uvTZ4}*dy7~!8?q)%^W$s2C>VLMrb4jHE5wYh
zvEDh;vZToxc>yJwZe^@IR%9(zNj5ZDbKy#43Rg~hAb%p4y`oBt*?MGa+GEq3)}UwI
z+!e2V-Lm%WP?;BKr`CSI?z(5l0BjAav%s9-*)Y=fH_IiL8|Sm+!sE-#yby%T8`90(
zG|ODedy-0W&ma&<%c+oApkg}ac&mq`yhLvDLT<Q?lD9Z<Z~@+|3bsUQo^VzPeY|z2
znb$8!NsARLH5?+U&4LAsnm%lgvC*wNk6rK1#wzx2yh+G=3lTDqK!#k(BC#Q!wpA!L
zj?*Xqo#Bm@C{>VY$2IlD?f?G!ck#{Ej_Y^&PV-(CS$faY;UaH}oM=F&p_N3Kc1LxB
z4I3}-?|C|6GvM*&CRo*1ZvxS~KzPbTsV{dCmeWoE+9`R(u_PbBhW0F*1s8RF$NB(<
zyg>S1Swp{KB^C{Xq7SlM6U8@GR#L%arLt`hoj&Cu3^Uh^eZ-3p$7J2(O=b&eTRgD`
zHmEk(0F^r9Ha&No*A>lUA6a6Gt>js?;=QG@K50Mvy0v$upvZUlD7{Yjhq8$MTGW4;
zV!%yjdwP<xoQZ*YUQ&?PHJ;*z9K83YkJnG%s`=P<6l-t{Ps3fyELDVkEDIX^cp^6&
zEyy}}OF~7MbVaES4<!twU$8KME$#<0lv^GK`$}^c8b8Nrm^Psu+w3>{^25z!LUHIF
z7TZ>}l+elBmEr_qY;Kln7P>$KC0`N|4qR-`u93}a?Q@+A2w(jT)^Mi+((w_%86+a(
zzg0(9a$HS#vSy{hHUW`$J|?HGi5c%a=411zMqAnB9V_lQyFWJ>U$c8&u4g7$`5Xku
z^IyV$2CWUKR9&R0$=Squsir!^+-vcA2B|$~q~huChpb|wM4mz8#Xj!B$8P_=go3?s
zZG+6SEsKWv(Fj?drJ~=O(PP0dch+!ITguLUz!=v9)UCMVHj$GQl@R@h7A2a|k}6gX
znd6%BS^bWt9{wFMe**s#O9>qy8K(9unf=a)d7=SjDGRqTw%t&e{@U<b__p5Tf+Yjh
zkE5{P%;?*1FJF$`CjE{T1mWM!t%~sYft!c_t@2ecDDm$$$G|#lm4mlvm9W}m`jV^L
zxHeonuQjjMA78v8=GREgrQ1$8WGL(hE9;8!2lljCC9HO(q+Hz|(%Nf((_>p-u$?FB
z)-XYQ+scaEn*!rTPr2dwbMi{4s$g|fpw?%Ga5z$HA+NC3yn1f+lOW)cCd{^(G6?&j
zu_5@eD0^w!COV{LJdV9Ir$q_sRy=aLS1c*?eh`OZ=jGBS^fdk8T)BtBO17&Zr@4@i
zfv;U(7IL1lyK|M&r)MyQm~7qVI;kQ@Pmkv0ns0bUiwp~bxvFUPxv)uG7H%RC)b`|v
zoX7%Zlu$u3W($iM3bRG6U_fX4RAi4lxcNIzM~N=S_`Jtbee=@Q%i38rpqBjc#j82_
z)~GUuEhAOa>(@99PkhRajk>xASO{YD`7jS?>H51qho54@!uEt=%>*%OZ<&gh?^)g(
zZrGBf@ZpyImzVknsW`MUr6r+AOp+?2A-@q?f9K@otE=~~UR>O~dik9E(R_jX!t<Qm
z$l6>SP<UL*pJ^!K=5~fem{3voQH0I|RFF%-OV{N(Ec+#y6efH`Lp9dw6^C#iCd^0l
zpBrBZ0A=I~o4UHG_Zk|av?<#HHC{<@J!oxVB6L30zavW;G!zTz>@-9c*euVqnxD^)
z=a7?eJU_OASZ0GIgFp>$swd<3Z)zgmoRDv9a%)&(<2&)1F3hrSVcGG8A=(0Vt7_p-
z)`V@Y_?@Zcc(5(Ho=)@;dzaIyf$!fOJ`cQ&BW7V*e3>~Ua<jp1G;3G#EUv(%qa25=
zVVJTG9{n(N#V$b0-YeUpulDhlhU$JcDe2+R1yE~%UXAJ;ZCY$8TMx>xv~xG9^Y^bV
zUcP-b-=v3-C??WeauF`k(CVXYU$MAjfABhanfgm%naS;ADRY_0Rd)~O5gYMK3`U;O
zncm^U)tYiWMx!a$c0=lwIcdIJM`siK<O_dbp|HIhL;j5g!;1y|0n4@5g)3*phGXte
zLs|^$NWGHe<8APvLZrK5{bFW+7ydyqs43D_0J)oIYoBfs!MtEI*L`NmGX~YWEwAnO
z-HO`OV=Z&mj)!k&+g2!_CyVuh1rs_~re<xHZR<vW#yUb**cqlUo|3%acRXXOkRfo*
z#mcLq<=5si_3E02{I~jl)pag<0mJ=x_stD7?gfAG!HSNaNB|`WnayTkQabsomYLJ+
zlzh+3_aVKZEO=6q`?Yj!QekbwCkj^;`@NaB&ou-se<FKqz~P$zVPie?9v>uM??Iuh
zwcSaD9!Ab%S|wRJPl?)YGA?fGCPqtXiX<|k|6uXAU^JXx(B=*YVZg!EzZ_*{27|J`
zXMeI}!UTKx%KXt0tZqPJ|A|)~q1qonbGb?sk0ZG7XoK1ca(VsY`m*U4*)x7RB7i!m
zAoux2`j{!K=3!*jWKHvns$9S13W_ks3n)8pdN~-_DcE=;2-h1OMARC_i$7gl5nAcp
zD@~im10{ocjn|mtJbH!Zy#v-~Aw0(F9yWZw;l~=Vywh?IKUNr~nb~MRR@i^_2}1D?
z<TP-j|51EbT=0_9QWm592939z38hk{+~5rZGbSIbTk#Hzd6&ywfOTFd=s>XNmqKeL
zLxr20@y};OuzNEnZr>-rHD*QV_L2SWd35{ox>cd=_-brLi4=k*Lrrtzj^uCgWRL$%
zv@E5#)c;%247cyyLzwxR+aEu>#%p$>^)bA2_L52sM0-(TR#p~ND1B~Cf61|NavqbD
zGRcGfy$8>M$tvNCD>%;^JdQUm2PQP72X+DiR>xbk%=7Mi{P|zO-^d%TAT(#FA3Z$G
zm1zqLlG~M5I(hyVnx@5b<iSfLNfm<$<F*w870!!&Qf_n8>*(gi6+ltsUw{1sB)PAi
z{rXAp@IP(d$!JT`C-p8KEY6INEpEgRLv0EzWnE)<t)`{sk^}M$5QMbm8u4=46dU`6
z$Hv<9HY7~Zi08iq>E63U4l_OQ-{Gq@ioSU?EC}^s=-Y!R`uuNwQ=MsM*ZVhrllL_g
zgf3q5!ug>pCanql!k8rV^4;}c-dz0Q)f?D1jBW{7B+Ipt%J+$TjK8&g_iOOjM6A<J
zwA^)qynB7!@YL;i<oYcrZBN~ys*_mu?!Y72JH7hT4JB1?3N(i+=8tKc3oMxYMD8fP
za@>s}&(U~C)UaT2aByAJjt&bh#h47tV|?DqEc*T+@hLR<*My%b6;peyjdedMW*ubk
zotbs)OXl;gQbchSuJct>LdaH8s_9?gTA2(sThOShHj<5_p&PH8RzH3}T)m-onJFm0
zauD$Z2;-td-7D?n<DTsrQb=~Ul2B#2t_ffBvy>l$G9SFx<k9H1Bir8(W{CzjrBm;F
z7@cpJW;mSLn=-6rDa9U{HC-<@o%UDo#EapAZ8b(<{IYW;L7!p66Q!_DrKU^ifIIqg
zN~?cJlm4MsHBUz*vgwEIo?pH+5~j^WQwGUM1eTFqOnY>Wo?gD(`(nzXyqCq8A|1_F
zS`jqnZ|x+~er@FQx_j4f_gek-`tD#@B6dpa$SWB3gE+ri>k58eS8snVIZ&0svCZIW
z_NvNou>OH4KZ54i7mOi8A6!jwC>X80yY$#p#Li}KN>a$bLaER=B4VFL<2^R1$})W_
zQuuAKOksuoaC>agw4ph+fhVcF7x%PC1I?nN(i{*Ghst6$6CLVzAh-^Ey83@Ccxh@s
zn+nmMt{rxjh}tQs$%rNy<}03EOc0rrG_$QOS$WS`SektD<O$jypZw-Gzah{dEM*Db
zw1E(O>R+Bdos<7}@ir9FPfWX9g%zuCMsOfLV0A|R{ra1Cb)8i6*C1e1iC*J~+s-+8
z>4o3<wmw>}2Rkf5x#Z>2D{ae_r3|*<2w$yj19FXH86T)559SoK3)`AE7-k9IahwE}
za7HqI%g9ne>+x_diLIerFr`I)Q@t8LRAZN7!6HNt>x_)(Y1{M=nagaO8JX@{Hjo@?
z!N6sRaPl?2dF7zuF_;1}HQ}L|6e~Ej0sn~fgN<0~vUs=ofX61jXH<gG**8U{%0E;h
z%_0iNHdcG|Vg~}o_L|fT+s-<w{;)oy4|AxDTh{PC)GcjyKNbPin9lWmqJq$>lrtzp
zZ-cGp<Oe~ZuJRewJ&q}4ZX~GP`FN-A*HVtDb^C+pfahkfub*)gEo@h<*r^J-VP~4!
z+5*STYJrNc1S`-U6W26~wtBX~7XBG!Xw75vtyhGuR?uDKF6NYkCKMU}v94jbX5{MC
zTZjP%kywjjB@>w37*`WqBVa8C&k1>@WC<1hG-Pu?$`uBOV3OG)lS#Oo0FFd%OivM!
z5_pNM8BJ~XX)PAzIZNk+ywI0%$rD;eH8a$2r!1|sTy1hh*Nn&_Wmq16NfHmB;X#qt
z3pfGSGhFbppv4x27khS^SYdyH$Q_1RVYf!ez6y)`WOPG2z_aTS{UuxU310;fZ})Pk
zF-`5DVGc6vHu4knk5EMz@Z3m<++IBwr^d>;*5JyDX4!VeK5FvJ?^q18ume+CO+N%y
zo*`1_1uL;`&k?ReNXW=If=44kL*s&~#Ht5<fY}`@wgz?--0=+#_wBzqrUPd*ND^pY
z+0lb@1l-ZBiuUMn_86TwBYSa<f_Tdep$c{5919Tuj_t>}Z%58OdU8HeSI!6O%XvU^
zy#0D}K3aFqN9xb{7#%tf>Ct(>f$h_$^YJ=$K31>J$LQAii2XVrrDNx#^z1yKYv-PQ
zI}gD1{d#xq)4g+S|IWQSc<$B1bDurfqmSpIojmtE<wxu0`Dpz-AGxFFWAyZl@9H@Q
zr0M_p0DV38xEG^eIIO#8T--R0PMy~x;a*lVf~F%=rP^qfJ*ugv#zsQcSkX}J<Bo0Q
zb(gl>`1n24T)U{)8A+u$E{%C7mnjy1s`7Xh-wWZ_%yjoKPSmMJUvV5uo#`Fr8C_&n
z&xcSawDCdmu??>3`dI9|m8;MoB+weDPvL*CKJ!>Y<0jW>e|%@mk4?N7Ki^UsQ_YX8
zkX=TfF{n1=d#%S%IB`81c=jGNk2~W&f>umk)viLy=(gJu45aA%Tfj;m<xbUy^|@H%
zJoEMZVT@-trcer2Ia!)Q`=%jf$HXI{+jP%L)J;kocHW0SuXv#}7@*t!dK3>t2l-o?
zk8~-y_xwH%gf3)N+U!{Td&G7@1@ux{@7n_#r$?wJ%~VzhJ!r<hoDoKowHCo<Aml{i
zlomLxWcgAr*7?fXd}qY25f53tfC=MwaWPiP1R2Fb1Q}C!5x~|4XYQK)8P*>w$L)5g
z&bZRky=7aqyNXzTV%J)yj_d1TLOm+sePhgiLSHRN;aAKQSEkmk=OwAHc@j&pI5y@r
z5G^LS!#;~G>QE2G$|}d{LWu#rTBZ~>WF{M0+_Kb3R<Wmar8m!+Cko5-APSFe8wEDw
z4Y|kj`7!d%j-s4VFh<!H8dvx&%@tZiv@8UcSP8{p%XPd%4hN0sqvel%?9U@@&wX}h
zvrcoH##nOpQq(t*y@5NYeGD-wjiy5`YGsr`s3(336W~lofN@5xZ~&DHk{SgwDxhi<
zL>GKD5MZ^3CAlXU%L}*~1=I`9x?BP==`4af3Z@@Z=L9!}&Ui0MYn)%Kj_4YQ+8PBm
z6yep1;u-}v5b+h$4BU>`5U`zPMTLa5N4y?}qZu9Q)g3Jwn%O9iuy-V&jpiQloRhbP
z;f+Kds%2m$v#N9@Q1|AXIACGcfQXf>Ey$Xij$XE5iSbO>ygHsijJ3Frv9?F5Lpb)d
zB*t3T_cQ|z7LkZt-6t+Jfn#jJiAb<9WhrocI#Z*4)wVrxW#$@^eB=UUK{Sm9<;RNK
zSiUZf`HwSujY9lGtl>7e{^II#q&2~Nv&Wv`J@Lg_6fV)C-~}*|m-Vu~8zcTiYxMgo
zPdih4tyyIq#}Umo`~xkeNm;0wZ`~X;-YI1Ahk?*MqCy7n2Z|lFN0Yk0x7^QIRnZy~
zKWiM)mX}GNgENj$A!LccFlT6rALU3SE{xdE%Pzd^vr)3+zOhy{e>f;;#lWz;q>?q;
z(9v?19<TMuTp97Qj$|e!D>jPA<@n$aKV$9a?rCJSWj*!|kXYKK9JIApUIA&eS%Qk4
zja7b#R}H{f&@{2X!?XKD+p=Huhug~0g7V04j>CP?I1aPObXa1nb!F5kg)A{=R_qz8
zT!kz#*19qd<^!a*?ZAvmbsGh8$Pxo*H45UeCC0a|i~=37#6;)I?ZS-8pBrtF3R_}G
z66IE|$Ir_W<B2zxYc{Mh;|(2tg*R)OscY{>)U{|2<IHhJ8Cf(MY#krZ=f`7C$Mr5S
zYFkw<Xa7o=NMverfR?-%IY}*~*ERs(q6K8q*?Pv`7+l|&1@6UKZASL%g9YYVOm<cO
zBdTn*hige<<mEbJJmVW~vcWVtWoo3K;RFH9le{`Jz~&pak;V4R0n~pS$=K@I7-$e}
zM3Sl~m?*RDCzj0J{>6uo)T4QzuCpOp$eau|T7F!*PPFQ*Hpl2+nYbf&v<TL3>Kc0s
z*D1f_YJ6q{729t{T@8XYHuoaz&A0aov2I2M84&^P?y@TLsx-W6^idj8XZvrs+j-{n
zrO_a@e)V)Xudz9DT9&L3&&mJ)<cEL$`|R}hCnx{;WcI)R>z_}4n8QDQb^80$zuW)u
z&!?v+C;$29w|~63di7uY^zZ*Es?9C_ufL!CCwui@kw8vQfB(NmPPCyHa8b@=F~cK$
z4iS)}z}f9S>|WQbzi!VmPC+1`BxrK~i7xJb>fc~j{=WJBB--D2cgyGELKy)Z%f5`X
zG2=@;=4JE8l$J3mkDr}o`KO3g!xHY1P^Un(FE~&QPr6|mfcUd9bB%~n!}zmEps`VE
z;Np%({V7UqcuY}hQ<T~ir8WlU6s0yrsZCL8Q<PfFn4;9CD76QOQbVP!BUUYPai%|4
z9jNw?6sM*%f+g%CNn|C;8+pqj0#I7EgdGUbVybOhh_NMr^<fv><A$)&D&<;@-vh_&
ztA2Awk+RhNAri$5H7WIK=j4JEEa5pfWfCa<j#y_3AIH*LUMiL?Q7WRME}L9<O0iK6
z512BFLqJjPxne}EWtF9*V1G6K=vab}>%Z}4(})^^Ep|&7H&L2%(|hJI=oI^y^8%3l
znk7=C`xvfvVALWLxWl4NENNA^RP{TW@syWa7ZHZnOY0tkmD%fI5mVJ?PH3JNk|t}W
zyqTYkIBiqH-W9jasudTg6aZu`C1zVv$dZ=P7__@YAFJ#q^+zHhqR3VjTWHTB&2+qd
z;NC@uH!aC5wXHq>^@-Mh6LZ@&kAY@mr6gH=+<@jzOMh04PdxjYtYuZG`O9%WrBafo
z@Ftp+tbSdRj8RpRr%%X+i>iz*QQ)a8zy5l}HH=qQ_AF}PD=6@9r=>(!ZY7{FYkbQk
z$D{PM6~ns5ql$<vbN7X$*+)J&EXof8`dcLz+cK_Ihk3SHn(zObA9vaZ_RiaDD`?sW
z*4+bpUW$=bR)wsBMF|>ffv2s8Y&{B4(OUm#8zO;uJ9tt6XYhy~t-(cCZwh-NF-`yF
z9v%FG5Fe;*aKTnwmBpAH!55myX-Xx@f^4d+<ay?HC%B0B7MS6ZzITLrrgw^+Ww51d
zPI;L4p13(MQ9_>qh@fXVEvVc6L~b@zouU(l&}4uMncircFBUYbcfpH&ITSfdCa4Jd
zPMckH;c+7G1-5EqWX128XkjIZFd6-UCbvwa<XdGoC*2CVF^zBYLf&zWoGfj@9*C4h
z(=^s)wx!citU7e3Dm9{Eq<(ma{wOs47yK?^F|w$JdFUeUf~}i&mSK<6yA`H@ukrh0
zWzbBMm9Rc$JCn2!#T2@K^oGXv>hwMkB&UOXwphe<vN<jmX_JP%r>Rur4^XP?B?F<|
z=e522(r)3q+p4#-!6^GkH+ja?{PthL)@JV1d9g^(-@m$e`S#U(lOED!a%2;&<8TMN
zMsw#duhUzxl@+<CSZC36zPsW1bMi{43R>*Yvh|rkISoijTpv90%4}{}qWlEi@D6P)
zTP(tQHkwe^@}8uU+(XF0oz~sJtFNpz#XHPpA;Vjp$W30z4Of<}n09Ul_u%9kx*CCw
z@VGNNz}>{3Or^3o3-_qo_RF=rpOtb}DK_K5*te(!-?A+P0!A;{ywK47N(n|@_+1Md
z@Bi@fTQy`i^2F+MRwm~O%h%@y`u@b|fwyNP1utb0-;U_mzJXjYky&PX#mFUj!Sb~O
zIlAlh1Ft_K<Rnr-j&UO8QU+ZTt(MJFX3c8_zu>L%5T{rSRMh)S(CC3%vbP%!hKarC
zZt&~%U;kv=G~8!BDOfp>0@7}^Ze9WX+;cS2s$4Ts@&qlrYB=D~Ctc)niCRU<Qs{kC
z@RTXy=u?e^L6CxHpJI1o-8V4~+;OhkPwkW)>yC|bw2q>4gNC^MoQtFM#bZzy8w3)5
z*&&cL-SC0@=+A;g4y$A!SM~nYGSz)GGL_JbU49d#m6>OoirKaK(d*AVpoaAI2>-J~
z9wKDg?<ko1gEuuI59_gQ@u5t6MN4*1<9W7u-fkbPj;3kBl(H1mU`cR^7gv|$j|l4U
zKIMfhQT%)<H<Skh71}*?8!y^L`3yE@F;@-_F@Tn`@JjqvT5mP_<WJZddPgMsa#}-=
z7ny2_$+OGZ6a$Rh(T5asyufr^Bm+@QC=O0QFP6o$@ZqY?4?wXhY?*x{SKKxN)98a6
zOL?#!?IZ_%@p6z-*(*U8S=iIsL}>R4d7aS}VemiBQ?B%X$@TRc@T642=mNoA0N;Y4
zzb>N`iNfJ`6$#y_#^2sMgp1TR1oi62nI{H=)u~Ir!C<2WBR6ZF++KOk6Itlrg!fal
z5og4EQFvySbv4Ft;JsrxmKDsd%`U;;s8TZFgN=Xz7r@F@v#}J|*x{=KVJCiJC`Wa0
zVSD=K2^uCH9@pi<?#;oALA)Bu_U~{Nz4H?A?4lf+j`0)OTr+dnR_t6;)Pme`4@Z&%
zr?M9XQg<KS+hhdC-oHDB-Ty?$J29;M1QTMr%q=a)I{s$dOF&z4nO9jT2+iB(gZ&Tq
z{X^VPUXD$?4(=!BbZ2)(Rle%T=CW7~8kE+S%%|pF!d4JwOrfj31g#+8R$;4$C{`6!
zoXR9s#Ri@{`SsUd&&f+(K!YLfI%wA}3tBJ`Mls6?bkbq6V1)QURjQ6`s$oB5s|wYj
z*;9LFOT}hK#RV7+dKWq}&@Y1-=r*@}U_Ybs&PV2A_hy?9=aGlu`Z?wgnms-uXWY*Q
z55kPe6yMDOA3UzU{P2Oy?=byqW`#dYSCV~ukwiG!MrL$JW@^VLbwp)lKU6OEh_KtZ
zyzA&}>k*YGgE`hcdD9VKACwv6cm$S=V+>=)Z0DGL9jX=C%yEu@IEEL;wx4@oj*R1=
zEaq{!%VUxN;t~L&vy;aZ(+uV$@8%gtK<vmw9?UL|0P73^qjHL)30+)n!En}aMCQSR
zB@@JDnvTpbtusf%(#`nx2V;!sqYN3x^*f#B8Cy4MP`ohlm~~0@QfeCb$l5W9!_#3K
z0)AEYiW*&Zx^J#qPE_}^6|{|ywBLz3`A#3gclwagq(7Y(Fa3FX@l>O>rZvU^@c=PR
zE@C=l0QGhE@8ar`Bn5-aVVWsy3f-z_W41d8)kuq0rlV!aHu*pw+{uae#XIpH#38V*
zHdM^?4F)%!$5n$n&}JfYV(u!kR<Qg*N?RrP-zpYUB#qWw`2l?;0B?`|LFu4%>l2wr
z?T%rr#*X0j%3g3!{P2xCLzDvr?JLOMtRXb3RiUB=E!@@MG<`;{&t0$2q?0cg+3=!}
zh4JS2%Lu}R$P=w6vI143!o(+Bv(lglpkFBo6_{u=WGk?Np|E`GD_*cQz2mYf5OOKW
zk@?e+=9OC+F7ItE({;~(*iF@OW)2%7jLfODhPfH^`QHKOj?0$Ie`JaAPUV`{eiuwJ
zYhD5Wji%&ycMX5qS8g;_4lsk$CX@UWvSV0o9J0{<tmQ`M`_Fi?y?i-7W&q!_+()^1
z0sTAq162cL@GTW|g+_*x>#IM!J=K^3)}zapZ4b0BZQ%#r9iG<M+JaHscjwJV*oFtl
z+_d~_s5Mmw=e%kctia#^TN_7N5)#8b?>6b}VG9`!3aDqjAAt>hVFqW>@rNMHew)xe
z&0ffjCdb|F*c!)i^uorVD9q!-x2#+a%G!*s8BIwhSLEdTi#MkoQ$_Z8Eoh!^=i~=L
zzQ1_WfX9^y1WP>+ItT$*h1{@m&8jZ8`MZB3&*smb%%5nO@2&N_eudmUn?HRzN2@zs
z$U8RQC37LA@189NcIYKovs5EY)|Dp$L93q4JzJ2zDotTdrF9)Vif$zAoYJ3eZmvj9
z3%X$?E6@!Pn!@ljU@DBJER<x|n9Cc}{nEUJ7ugusX__Jnf{7MP<x;3nv7I<&(>Qal
zSyC0e+#)d?;nD*+5L>-!I5P`qX2>coW!N*-S{3<LC{}7ly2z-w4YTn`y-+`pls5$x
zN=puQrh6>*8X(OaD7R{}+#x-7=MdY=C07}vijfVy)soHt?e>zsE5*>8hgCMT#0|AG
zxUwgK{v@yf4FFvf@?HTNN|H&M`j^wXh)}zyxfYh_a8L-Q>!V}}JXrH%j5`F7s#@Ux
zQlNmqHeC<7Bdlp7Wp^yoI6vRWA9<G1xhz)aOw7K$MnlK<Y;mq3p8pB&*Lm+bJ_Ndb
zG*?0k!053Z<0`kP_8&8QvoxHU0rXJUid=w8m8EsL5FwS|%jM&3diRQgpJSp529#>P
ze-swUXXKr{)(d-(qkXN}#36?Y0CrC^nz-W#pC%fFQYJ8LN8dGB@YPV(++k<iSlHtq
z>Pseu9EaEXs9@a>a`gXkeO;&i>~;44aeY1WvWM!!r&+fD*&lLf%^4lOO%WDYJ>6%K
zViBf5z}+~1W)=TAc_&L#%EbJID=>eCL;z<r0RDLM=6X)PUo)Zqg%YC;^Qyzi&kXng
zSZiN0c^N4JWp~E)i?p@TE;w0Ju?h#PP*TV&)2cv~r?jk%j%C4DD^`RI3&XCNfg{>b
z&AtR8L=TDUmFze4Bi~dTBC5@T6?)-{Z>p@Mg2_s&Mh<Y#0xrmptdM5kHjLWB{hk1l
zN~XkdX<~xFtjR?pH~nZ?f3|zyhT~8+T<CQ@Cr<)f+8>&d(-phnW!7W6Xl&;Vre^rM
zkba$%`u*<t58TW$Q=@eveV8|IuG?x+Kq?znIucd{s;o7pVOk{C^U&||B_s;DY|EiS
zzR_yXlCR#<U}eSK>ESzGtA1CW+PWx*3x<}oSh29D^>G6pZ|X=#Y&-X$fsS#N^*?WK
z=A+cgkE@eEVyENl<99T$Yz8aUsEw8GBbKvIE&TX8_zx9F7G0Wl-#Yp+E%;h;Aw)HV
zNyz6zB$~lrj$}Y#vpI?FLk*EYP>$R}x@Ezd05~SH^N&q-cDidstmkJ>b0WYeJYTco
zy5eOxRnWf-))rl>ObCT200Wds%Vc+mfFW$g3e@`Hr}JkJQO`DcxjiF)l+Jt61Wt?L
zDEW&!$}><5ci&BAQf-*<@@H4l{YZy2cYDoOGNWPz`g4A}I!}siUdr<_Q|G_TZ&$NK
z3RO~32Ks9cCdiCXr$ZsjNyeEd|B}#sB<mL!JAyUB^M4L0s?Bm_uHMEZm-}Oq%O?go
z1ay+iC%Jr*%O|qaKPI{Si=jC&ayf`u7gf0q2URw&!!<}&B*y>?Ph4vXVsl8h4#}R9
zyl@l1FgVWCoV<nvSa2PdlxI-3qkc{fdp#rM=NFBY_v3v8z9&_2$FAyvZ?W6>D$Df0
z69iy941QoYfuIEP>cz`Hy$Y?Cid3!XEj!aM<ZdEF7AY&{zMg^~YAPrJ$bG6y)CTKs
zUB3M3Rg+t`y&mAb1ANz7|23O?SgZdayL}{9y9b+%B>cnd^>b#ekB~JKxo>gIay+91
zHaLt8F-$VHqtp;{3^T?krnnD7+|ZBa@FEGpTjNFcj7)XeGw}LqqFPr@3Uj)fH`h<U
z8giHi(PYEL$OWLg_yHI2?4Si8YeMPa#dwS03n|J%W~~a1D2pHkG;zJa+K)ra*+^BI
z=@c!);u&dB_+!<2IAkmGz+h?CqGELpmjhU{=rcm0VQIlsIQZXiV&LeST$-8-(BZ{5
zuAb?$4I3_puW|Sa&%i3z^C!n_JO3UL1K;t-o<FFPmQ@RPn!M$$KDdHmGt&iZe`;Rq
z2=`91N|jn(dT%@PwfC@tE3J6Bt`_q|ZafBcZc3t-+w(;x7v~$Q0c&<u7JN~avQQW$
zb*}hoMvG+4OO}*X!Om&UXNeSdT8frJ%{S>URnC$b73mCT-sCp@Vg|KR-+KnJu^qRp
zDO|{sW?saMd!OVoRhaIL;*aaNy5U0a)z)+f?n)&<^MuWj;*Dtkl;xS+YBb(O)^IFL
zD9}Yuh4*L(JJM8A6<Xi`q+lI55t?GJ{Msg3I2}K!4zqu}PZkX8VXC3>sV>8*p5z(1
z$XHQsAUUYOGP6`j^}fnj;UIU>gCQ9;qY9(dVF5QhGM8}oHJcm+t%S{z^;0IWte;e&
zCEq`#O4(`m%BvQ4H0W8N+36t1+AyU8J*ygv{!=rf+PrGZ3WN0ylvy=s{C5a^tZ<V`
zx0ih@9$bl~et%@b6#b4`)Hge?wXt}<VI@szN#`r~O#gA(u5WIM<er-TkW}ltRW1dp
z{~SD9nnCg<`Ox*15B-XzvKW(X$<t?NWKrQ~Kg<z><~5D@&;Oe5?oAN%|2}Iifh!^_
z@Kl;0Noek>sdm{y;9jr|T40wxgx;aP)x$-q3Px2V7QBZ?{q6z}j-Oq;yk|Do4gT#W
zv-hXVfZ?mjFT6I0_31B|zS{*u7xkXA2qzTo($mhza1T5Gq(9%qocBvfY^h%vS0(6R
zw`|*Sggsy11%V&j&~}&SoN9S?fSJFq$&%F$sMr#UQNA|YrxGbEGH9NU?6Ql=8nXdd
z$?$Y@R_IH|(m653a57dh2i%npb&vIIX1B~;>?fZIDP|=rHe5jJGYDyIX{%#(ox%+{
zDc6h_B%=$KDYBtuVrsI1S|y9qhm_DP&<Od=K5DB=dQ;nD!TqvO;C`w#Em9;pU2@XS
zlr=7sHPtwW4XB~PH-edyS2S7MU$Iw5*PJO))n-GB+SI4tHaC2PBswJEMd%1!s~oK<
z^fJD-2C=Iz;JyvB!rsb_F|6=_#do6Nr<gT-qQ4eHW73y46~Aa8)ZRR^5)Xqp9-Qd=
z?5+NBHyCx3^q>U}5b1!VY>^0s<~6;ug>V#yzD_wy9&`C&iDc*WJD(~-e>CXZ`L_=A
z>VB?yLO-2^)3=y-AqOA~v6pLj$STvD+Pal(Yx|a$^8}ASB<GI0_lMp1a0Q9SF&Pcs
z^iL;<b>DVtyzjpC`!2lujt|}LnGwiaKXzXB;j0|J#GTi7ciJ=9m|yh1g*W3lnB(yW
zti0p@QZ1Yf&H{#Jl=W9YIKDOlDOAZJ)}CO+RQIf&k6n>{RG%GQ$@(#Pz5Sqp=|5`p
zWAfks^NW9)#$$|RO^Z^UCq)YXZ&v3%GBw}QP4)oac=F`Qli&Qyzu<p=jsJb}>}&Y%
zv#-AT>g!)W`KPB}|K{soKYjZ3lV5-RPfwmb`Rc2u|3scVz_$lSrAk`-(~~DOm$JB{
zz0awVE|&o~PjI;Zej($R&ZSe(`#HLGD#Z#@o(4QTHBQX1%$qDaf4h4!|IM@c6Wi;z
z>zP?nr01ryE*GnLA`2#!{>oo=Fz*+$+3Xi}=)rSBbIv}NOhDR$Yb5;i7q?ub&&i8Q
zm2&gmP&3G+1;f!VtPxd{G%AF|U>-y65_GO+teCBsm}|LZQSmHg1pv37zI!r%`qdoM
zkL_CK^^6<O;x7Ec#DtK>x;mHs3r!>SbXJ9|^5>-cA%thAO-r_dHbnTpXQX4Z;V-y3
zE$KqbWPfh`;SDzmYo1jF&6*QOX0et9R3&eG6#vA<s>*2Lzx4}(HAJ7+MI|-&w0SEU
z#*EMu4T?0oDm1e$UdXK42=|2@JA;)8<Z@SJ`m2({XFKLu^H)5M?;5}DsC*q?tVJFx
zm$aCE`?IY-<9A=;yN&Pq(n;{cXj%w-7I|l%%z-m_@3p?``u;9F&tLHSlmFiw%0K?w
zzmenjERiDN8B32(|7+ebz}ipQ2m1Fp{&Oynujgy-?@=FfJ{2fRYAnmDq?^16bkzjs
z9CodP`rZr5u%eV!PhkC=T2~1Qk3<$;Q<L2tXo#3Nk1PMDyx<Z_XOX9k$@vymeC-Y&
zP|2EYTym1knYg&R{O+sk#?LK5zagPxJpwx99PYNbdBnSHeRFVbLGxzp<i@sb+qP}n
zwv!v%c5-9eZ*1GPag)3GzTehvZPorUXL_dlbe($NQ&VTAyPt<>mwgEBDQ2ovzUKq-
z<iWa>!2CBkZmqS3Zu+VmePIX!)PPGc6URg=VklGyNV7x-@?QzaO*Wbt%W?NBcfs^f
zJ5`qxZay^GfH2j;kO=TVZjyKP?q=C)gp@TF&OzvF0ABP^95}3};2sz&P2e8oW(*i?
zV0&!qK*6nn-tLm*PT}5uug}cF2h>xzkdVgWQ$+$!;J9d(481f%Xr&!V1v-vCwPIjK
zu=Zb<2M|s!QMh7aHj4D%?gE^&o&r8Pdi)2VC;95kowat7yRd|pp)MkRar`qLhM2%+
zuYl2JtIXs|G`*{Ex8|2+@NZwOdp>!?9~PV%cpXFkl?3R+GvcR4jej{Co+i@XL!I4%
z=ic)CxwfI@tkL#W9VfSVjG%Ra25~1`C}p_E_EZWeq;u!nEG=0*=YA$5ntbWpYVd!k
z$z-7AkhMxQiF+nT+s#Gk(|Px&&Dw-d0uT`@vmTg3nO6mJNzVBkXe*!l{H1!n-eJH0
zn3xMdA?6n(^WMQ$T#aC0mBrhg(JfWh!mL0|-?4XrR_yr4;QkZxM60hir%hrNXR8G*
zH6d`R%y3$x8o}VbthLvaZluKQAyez6wwzE^sn1Q8fzy$@ZFd4kzlv-6tnaBe)EreF
zL&mvhQDV@LtXWH0M1C3WgE1%gU^gVQ8}ZF(GDvsU!X_G{Eh!GQTccaeMyYq82NL~!
zeFHvl27<s9{$l!<Z&LFQboA}ll?-QDz^vwXq2-sOr$e7XIS;kKnIINQ*sih0Emnrg
ztBJ;RIzg5muwB@W4{Vy)L-iaF%1|TRC4+g$_kw~hMH*YQncM#MaMPVDc^=z+4dkKL
z2qn2%jV=fI=E}?=TeGHGMt9Sd?P%reeS29QAkEAQ?HSUj0tSPO8C4E_-Ip!GahL~+
z?KZIE<Ok+f%iOh8md9xm&Z<0KZi3J}w^VLo<2P-ztrqmum`+xBo=Pb+ff~yVoQ(fq
zte!fgX-*M20QwIqiEd>y)!;s{Juo+hB-C6=ds7TT0gXREw0IXxAA3t(2wBc!-q9RG
z*@KsVK6^_{yC*^~-#x3a6kB-HN#hTTumM~eox*eX?P{)F1rsx3y?DFXMtlyI@)Bc>
zv5MG4A%WW~X~Sk$tlIRE^~eGOH$nQcvyp}@+PIaHHq3e_D3(SpTS)i;vWV1htk>I8
z$IegUiv%^5<;)3{MpRkfrq%$n)FPH9)2*fZ5{5v_{sBBnwX>d1`lbn^FalhJl8mE{
zRZJD*dtDwS<MnxQu(Fxs^mFS}FnHPJC*+y5ISa}KBZFFJ1}xX4sdLv6)}{1HwB~xb
zt)EKrlnv(ur`i5n(I=ZkLZZ#Uwey8Apu}Sm$h8_a(wxT|#J@}D-(4!`YKe`eoTASq
z^gnuxuU&A6o-&VIiZ<~c;oZj%`0N<&3K3VPB1jb~$HQ3qdAD>1?TE#t;e<GMDr`h^
z|IHRW!bq3BKEagJf0`S^H}-B!^GMdiwP4(pNXgjuO)4a5h{20NKV)*Zb*5Eu+rRg6
z<Y+8M6jiY%27+$l_GQRTC+NM)mze0j1klT_eGKLIyH|8yLN9+|OgNQd=&NII)^0~I
zXb5-a8~B+@p-tFcOEU;7PK}Mc5fzZ0{36fdSUQ5r+9%;tYd*4$@?E=5uDqEu?hINB
zK>7NWj_ji06_quoZLKbRPq_EnLl>kv)U;UMYyqL7+zcv#gG_bPI?z|N0~RHsR^WPJ
zL1S)D-OA0jSiocU&04RDW$@HCu9I5sV}pL<dbrXSlSateC3I(qvwQL<Dw_ARWj<sP
za8WIYmC1!fr_KgUnEHD|*dbLX8BL_24|-bR^ru}4tJ7>@Xw->>e+Vo?#?v9HD1yX0
zqQvVOZCab48g0>yMZu=A3oA7W5>bpi0hqP=sx&?VaNAMbF5*~#oToKxd}f+|GMa*i
za=u|mLsI*)V3HWA74_;yhC-9jvLk<feo68clofznh+atX5i}Pt>G5$xunc>$m&8u7
z0DWWy?lzRHtc>={=3OG8YCQoZ7F)#HM4sDtW}$V=bdLm_i&ciVl7$|g2V`Ip`p16S
zujS_$1|4blAFhzt+*0$hJx`Z${>rF8=;(}ap!Iv$H29Z!VkV9vkA<FOaMtKx$?nH6
z|NK^Vj#0<l!n~M$eb7{<%l#=mphm;7GHH@d8%1(qT9_S7*?uIov6Z-OQvJJf!E2jK
zvyJh4O#Hc2<fYnnwIru!wd;DFo>TAL&*>e9^%u>3r*oa=lWWnIy)CwBWjOl8*ngi0
zcFpF|e$r;U?Wh*oBP;*Bo)c;4B)d~&dy>ii&T_q*c&(T`T;VtnS7mg8#|psdzUE0d
z5zQe&to!JL6|H;^`H|>6+OK7!b)ageGUJ?M4~`_V;BwMchyHx{_9r(?WWKf_5q2<J
zRGpsWR|$+5n$6Z4m9O#fea#D`8A)~U?YPQTuxDAtoEoRb4p@`G<zWQ`wTy=taWfD)
zBvg4S%g9>ZL<>m*wYdx<?#GbRl2Ju=&BFy5wi#<TqWy#g(P+-D@@fumXQ0x;P2wlf
zRlZxe4x~9YnREv`{GFHJBWwR&3E;O$BZlgSh@HA51jX1{B?XaVS^noz;UddCM+z#(
zjF@R!un#a%=K{Iwo%W4vFpOm`^NV*MZGDCVW6#!FVN8a<iAMLe6^q7UoW@%96&i_7
zEN?1T$b&Pok!>O53I9#LA30E;X^{-aAI^i<Xb;GFW&C*Zf<Sm+#@e{dfrSTz-6FuG
zcM-497#hE@*N`^bW@NvI=dKTWO3E`aFaj-lcPJBw-P2jdWJ%0$1FfS!GWDDgffc4?
z^>1cQ#^zCBl#)$)Z%p0T1F=G|m!bic43_Za9c(PCr`m$<Fh`>A4w9#guwM<Cc*v%p
zO*hgRdGJzg^9#F^Gt9qwSvJML*x~KL(E+0+y6jXJr(z$>nXNkW@j_)hO@BIuOiDtm
ztc+ICE_TJs|InC-d)Yu;rMqPnq&EhIouP>CE{=4ids}p>uxR5D{^V>guLwXE!0#b2
z*Z=H22FLE0dSgBQgyjCkc9-S$^ZaRsvfN)Ki)|--=TFJ<0_RV7hXi`%`G2vK;f_X0
zLBW5T82!&bFqL6iAO(?SS}>QK9|89y^%t9IG0N(`)8q=beoDY|Xcf4=L-tiVc-#zo
zEJ*0k6~wCbEB3mdwH6r5A+`voxjR3Rpw!SJK?jH`-FZm1N}YZY#ccxxmj8Ip_4YnR
zgync{_;{{{XES0A7}Hip*-#u{FC8nP#5(XP09qU3UOP=ORWW~NodDCgYxC5<Tso>Y
zy-<CU6`TXgW<1p(uacIOgT^8%CY7dJf=AQXg}Cv#2A6)KD#7)~_f|WkzwJ>E;=O}s
z8ZhHw<yyQ3AOz9A+oe{wjp{ZL`?KAV)LEFV^J~vY*XSPAPf3t5f|OdxY(4Y*f*B<7
zs$K*BMO9KVIyO-WfQ|a%)R6cR*BWGqWn|+Xyd8(`%X6)Q$3MsP!TuphLO?*Z>rte>
zN<3<nz&hj3CcX$xvs(XU4K~J<M&Fp;@;j!*Gw~(yObtt@*y=AfcoM6unGaU~SZ~!H
ze>mg9&QEdSNSvDOk@y>Xv;X9pWC1+SMy;DIss6=0W4T|n2(}F&$u$YHJEq^e$CMcf
zh5^oMFnJSSZGUY;g%LXrbc2aMUs+Sc4}C}eb|~mfr+D9WWh-SYSV#I-)RjpH@#o>Q
zrw%HXT|9BIt+HviUUW>GT;dNALhu|;Bx1B)`|hVXugBJ*tOprK4x=<4PL@s8<F0ml
zAncRC{Z{USuoWH1^(a4_&DA|W2E6)gBu&x%d7Swi1)?!Qtay#ZW}3iZ<;a&db&9W|
z%}F%wcH{NDRyMtu2yZ8<#F_F|p^$udGVx{-$(xP?QSbIV8Av>e-D~5FxIk~;b}DP_
zOg;}z>`fd5ai3kcJ=xiUD;0iW$kxT`rMI@_n;=f4lSRr?8uXwT)pHbe9&^nEx(7^I
zAVyx^^;NEvm(DS|j;;<Wr6Rgd(>8OexPHhAi|v82clM<M$ZQl!nc(Z+yHSl+0mP~?
z$b?F8F5ta#f{W|uN2I_^1$9BojFX$u;1X_k9t7jrsI^8}dlI%Y$si4fQ)o0Y0XOtS
zF5oSY5vtUK_ThCD{L?vWh2gwtm*he=Y`5(cI;+$XJIcI<vPAWECUdvqPg=8ve&qJj
zVJZMN2YRD!TU{Et9ehqk@^9I3&aBPg)OHB|kJ_EOOv~W7?D7SP!g@Fc4-nV1x=IUJ
zwiK3|yUYSu#tZgSA1YpzxN6t-qGLfN9F|$nLOW6&0*bOHHuE^LC0#t}>P<v)=dZIP
z?XgCwhGM}iz1Z?KB}LE(W~D30!ZjX@E5@Q8Q2V0I?L(Kc&A}G~KS=<zwir|A(qKFf
zHAVoGl~SJ2^05`LaR05-)2t^4&HnRHHHDd_mTIpNpEWOQo^{Qo{%X(*KhW%`6PhGS
z^`CKKJBqkv#iq5%J|k61XVXKPI5qfVOMMJvT(ldnpB=o*g{~6oWOtO@OvN}B8&`2S
z;3y`TiL030V(BO*D@Vy)_J1p~Oq|8}whkk>imll!nv<?<a`YY4)fSQ{?l*Gk6c76b
zv0ZY)x0b3PSx+bvdfB%k`P@Gm%RK<+qjo$ae}Pj>%8hRYe_c)+#CTP(w&;E1mghGM
z7s*M7Yfn<kw3r?=aw<C;$5s{!9(!lRg~9_B9kD=`BB0EeVMmz8QX9qo;M9s8Ad^^M
zMUr&C+NiUxOr~BpiBu4akrn*=srhjrMy@D3vOH#cg?Z-F<e~I?_8M^rA_JK#n@_<=
z8f<Mw)z_fxc5X0tF>Et0b$NiX&*TvL((o&r6Qz&qkMDod+_z;no-N88!B4%qA?Qxh
zqw)R+OJj<Gx5cm4G{mIV#8Rv^UF%*CpV9&=SOdE=lGZ}9>(N%&QVjM2l($Ar<CV8u
zsma*`M+YX848ZVte1@a)mjAjm$@)yIQ4}1I+rgP;rq#m;w2Xzx5M5ixnT~V9QfcML
zzAe-^5@p%2weej|`v8}krGFKF+{SB4qGYFXr~NCM8y<#0f((da=qi#zbWdM%MyH|&
z1Ljd87M6Yc19<eu2*oBM>?h|!DugRXzJY=WvM`Z5FMepnC$YG6dT4nWU;ZdDLnN3W
zV;{srcYs~%6IJZ<v8h68E}yMm6+%;kZN`V>D(CmBEC>|2V5!9d%V^HGIak2|@+S0H
z80tzQ-jY1A@oATYlm?E~_w4%|;|dk;hii{3o8V+p@W)Se66f)L@py>&K_+#&;SDx9
zozLN(N5FGk64hxW$>o~&5BdsgL(=?`qUMbKElZFq1Xj3*)cPg?EfJ8S_@rcXR<I8j
zjGM}YIs#eT6xO|s2ZoK}v4f?;57ohN!i%ZE57k1k!;2}yUxVl|k_E8%h8v6^e1x3+
zz{23VDH?>_=T}|wEFokK&K>;?3Mm>DKXc`kQj-UmI(uJ`I+I7A6&33PqTWc2Wr1p<
z(XpUJu|Pbd|ASXn8Y0MJWfz%-Ap93=ZexC(Gd?+rg&G#%X$289YQDGB&260Lw9YX-
zl|{J(4}ozl4hcU9XTFV_q{Pwzca@<F0czrm1s6YV#@GQzo<4BIe1@4kS-?h~E@UH1
z9}<9>F63Ja7~_o(r$#Sl=XF#I4T^@+>%dW>R?)DRAapQ6G;h0LOKD<)a_`HD%bzJ=
zB#t<Adf*U0u^$%mOPU#*RosDq&=SwUH*sPAD>%6?hdHro8KEt%n;EGao68#`R3C9-
zC2H)bi!G>YKN>RpD#6-@M7G;E5F3Bbr)TedB7aM&Af=yL<_CzB=ioyO82xg<2F$I4
zQ2;d?8R0Je^eT_JmC!SSC^@|<+1&e2`AbXC78jvS0Oj!|XbRS{0~0(GYJPS!g6!yc
zxe>s@sH$&`h3p96N6~Qm(-R9Yp%LI<s@yZNd^h}#m&<kRtyzIlp~%UXGYG3hnORaQ
z#QzyFB<d>UI{M3_`doyv%wNA`aPQ0JI+n?ECbL*Oi|=RTC?&H{cMtw|_4!$K_WnCD
zk-hid<%j9e#a;Zz^N;zDtN%Ft&m*$94MOuivRs8Ojy<2-MWASx04ODzhoA+Udov2%
zIeS!o_3xbDvlLOt1KAeq%v9uY0vEWo<tXtv1@qW+9miZpp#W{j#$zp`Pyj8vO=fx@
z$nrUr<#B?VTtu;;wO{HjsqWcRJ97Mpcq&0%XH01Azj1zqAV4{Y2an1BXb4mka%S5K
zhnA-Ie_x(3J`ex60UKRHiTLqFPR;$_@sD`H^j~R>sRQmnP@X>I|GqF#|9N@t-j0~p
zu#zVYow1(cD=B7{PyqjN{9maY-#}d<r=P&83>>3jLr>D8y@{#foFhg&0=*s<-dqG+
zuK@v4Q}eNGr;CrZ%&Pt_FMv!rvQguxDgj5mR;%<X*5DzS=#IZiQX^~qwZcaz34^I{
z={Mr)n(dlgAJ+(!F&h{!BTdTL<YhpVu0EA*B@!WQ``<g^Lt2s_NcRR|@MKZ#Pvg9{
z^iHPt-_<gtXwMzs4(6p9PJvNNHP-U<GD(VsQlCHYbtH0?@i%$kURq1fWj~Pg;QtcC
zRgAT(`8w|mNG5RKmC>g+h5Vti`}A3H2gDzM>tx0`;JWo;t2~PYUiV{sH5s+*55#wv
z@3SnfL=f9)#~?>EJPZOd2*B}U*iy;BWilzb@K!RgeZp{O*TVPI6Kv8@YqlDU09co~
zTL@Sd&n1Sh&rTQraz)=o0GiMw*C9M|9#ch$8H0^B<;RT)*<3^p)nl$Z;3TRnPI=mz
zZM0Q807^2|e85>Le&3>|4LZyp{|w60qd%dpd8NMcD`uJ1r>CbaS<I&oys1&#3MG=7
z`c*Ff2N&OIa>Tl9Bpz!)+zlbp`CH~qVab2n_wgb7^oUqa&Zb4W!7MeiR?H=SDmPJw
zeu2}h@u#jip1^z7EN&%i{?i}+;ZR*Bre3t?>%`lNs7ZCc70ZT*#o6=;21D80c5aFw
z|Aw1)SD^@PD8%G!E0KYN?HmzE1fE?Uj020i>0f-0hf&;SD|Yxln9=F(B<$-6_l4d+
z<q9m(v=muu5B_OM-I=7Z4W#ZE@sfey{i&^o1pnX>fRMMypcS>r<V9S|63HGA(?eYP
z6v?5JRp;5}yTQJmj%210{JoW>IwjM@2E=4nSbVYjyIJ}FVPNAsrsU^6IYFVuPb*2N
zG&Fnqf0p`)CI180OVjTb>*KwM&(}l+Y#TRzneO|E1bg=VWcC<R{eUFzWRo-b-|GA9
z)=%3q?LmPzC5a0iw+L=>+C>t_)wJ5h)U<m1w2r}l%IZ4O#K!i6=&>$!*Quji1thVT
zSR}DHR=SoktoCOVtw%GS`<eoO#sdjCTND!(4Dls+U*MJH_S*;!`Nr2MiNXl?dOVG`
z9O&P)6LRWebr6chDklPIL=$2RrOGVLxs%eBQ6B$PKEoU;dBB4BjIT<g%@)U>_;|#&
z`{DWd`SJPSw`zym3q@A2o9{0!;QfAVMY<V4UxryIc+ZRuz)SYM%Yms;$L2ZHdn%ba
zR1@su=Kxa4Tn85tqtXCgSRoj~;P9gNmT@y`_3DD+EGM=xkTYJFb*XMwY_X|Z{;NPn
z>;azsCEo$zRVpjjo{>@6Ehzo8CTH463`#$Y##`%PMin&<t*MAIYt{|_i;tPm<sR&>
zw19ng+TNQZI|A|i`Ktybvfez|kdW{j9+K<6tbD#k#piX`s-Po-YHlgwdDQ#qzk=t-
z^V5KA{#=ApgfH`CI~v&f2w+wo^|etc;SyYICC7^$=fs}!T?1fZ8)z&&+Wt57_nV=l
zJP4t+ESMQWUh7zJaR0mSr_X8w`PrG7x?2DDlfMxLKSjr@`Lv)MW@88iO50F$ZmJxu
zfC~G!Lyt0hAUjPkSEy#1`+lCd11nLvpc^eidIQ$>w!C%Hj2`q@i(pz%{EuAlo)8UR
z82dmV;CzdW?cuPL?6!+x&2;8-p8RCAvY+!&KwXB#kt&>Sqt_`3pNPmy#KQs2>k2yq
z`yMV20)3_VDzLk+oBzwr-;KkGFDLXd&MWb>>)1rIcv>D-@ie|C6z$0avpS{%DTJv<
za*q;1<Dz;^<Ym=ay15;<plIC`XS8w>3{5KHHQ1-Rp>hI*Uje?{@1L{z_;zu<75=@?
z{_;Kf8auNcuT4(@4Dr33A4i4MofAh`73=q1?;kLk8ac;?kzQ=vQwYC|<1DbrDZhqC
zn5$y<AAX4JiO-BtM36|4Y={+=LAPvv(A%xL2SyB|T~2nM{M@M2*LcDygF&sx96|9*
zV-Ex24%Ex^8qSUWm_n3*j52TJQbA<ekt#mvFq*MOGD(DhLEum4%=^vQKqZSa#dP*c
zgL=Db<@x{ekA--!Wo3M3Wxs#Yuq!eJJKlFrO)Tt`(sg}#l#o5(eoC@beR@j&yd<|I
z{W;j*!XI+Yc}tCRWr?#F51<|>+=FU1SsS)KRt}n#7aDZ4cVI}KQr^-3SCMNILJnBi
zv_xHb#3=(cO<_Eix$%x}rTnb~s*LaAgbc*$)lHhE1bsJJ0Tz=(YaAmj`0ouWbG-s=
zjfonV<opV|Phx?K8hGITk`h?70<scVijJ8C<*EM9ui>#qaRX0Qu|Q_2B;|x^9Bo0{
zUB<q58R~&@yIlTWZy;0_>CSjSKThL1ATeXYfZ#l8D`8p<)#8`qbL;acB_rqxYdCgu
zEYnhfM@%8aG}^aDI5wxo?eSd7q=Q`_)S*iFp{7%1mFxJI%2wnyl-)PjjqfeNXY{Nr
z;aAaN{J{CM+QUWOTZtCA&FO6qSueByr@NeJ`0wDx<8&+qdu`5sb++P_Hrt7$rPDu_
z!7M3v-Th@tN<Pyc7g8$eyQ;&bQzi%3l?K1z80KNxl=w%Hv}gm19rrhF{=EyFy+1Ye
zDdcaY4R_}WWMzXluST;^1}DX`CpD4H7u<dy24~?cp$RS=;g>i4rnz-WKQ$Ue;wX!*
z@0BRi_pVfzWJoNx>nd!QvkaVkf!_)ci)_A6_@E)jN6vcp?h+##R8I4vxmUrBO0x1w
zE<-DpX;h{r)+elzwbqw5Q+Cs?=%aYf@rv8uYhwQ>TUC=b9_Gr!$Cb1QuOrr2b3Z6b
zi>w!>u%VR~9hZ-hC2ZrY$pe;yl1J8Oc3Vg)#G{nJsQpIMd9CiC((jaoylz*Ru6qR}
zkTvCUFD6o;qyZI6dv7;oV4z-J5MBFF9imYjL5yrlAlu#&Er>si)MI`!!Pbk2twJ@h
zI`1Bc&hHCTLS-1)Mj{Cug3Z>Ctuxq)M`gYuG4^C{Ilx=mI+KLpb!`?oY%op8s9BE&
zkL8+6xo%qkML4(I_DKB%tR0Xz7Y)F!dXM`)bP(X^|C+)2JO|=xKhU(Z06#&azC|-!
zw<wf#s#O`LH@Nq25p=<?K6EOeG0fI3l}l}R`LB+d6sNI1X!3~TZ@x{C+^sqG)O@N=
zM3<AiRwuG8Bvz2cx(>%B#<BJ`dT=8r?ORt;h(~`uzG^b6RFvA=T17uLf!6nk$S>rO
zu4M&xirUxz!{oxk03Q%0o={9eq9u>ssuavE7x3uE({!q;qF$!I0(a!BN?A=H)*n5C
zY!$Zfy&{&6S0AyNd}?l^*8f$xi^ds&mX24uF?tf9qK7xf?wAEbTxxY~i!BD4Uz3BE
z+c`K=<Lxydhl0$yOE^Vs4RHfDJmI_J792zd{(w%xjNX<~^|^uI^MHDrUT8_NRE{li
zOg;*Yome;)5|Thd{8Z#?djI`NdHW?25)0|+d+2*b&@>l<59q@`)g!21yw7_U5*kPx
zuzQ8J`R!2+;9CBnNVAOi@Y_CTD(oE!@fE-)Zpa79_X&TEF+J_ezS^S5IsNq?KAnih
zBYY|WdrJ7<f}P*C?LNl?@Y60h;1hG);z7);T>`jf1mF`&1-Rf7iB~Zo$AJHE<V+Zj
zE*~CgZ<CZ$fZT_hs$a8|Q$x4}d#T1J2|aUu;wCb<^~qKSD&ppRp2fszFG!5eid(ok
zlJ%)rxa!I;d^aWHqo1#(4;G&`K3?`t;W3p<8#Z{knPn;H)`2mkS66csKIPtOgbMkj
zn7Eof5bZdMqhSCnM^!#qN;Idy@{@0dhCtly<rh^&j&4RNO7id&4WrtP=mg`A#i^4>
zdM$w~3Aib#AzT$7Gb=MWcCsFWM2Fq~RfeQ)oNO!z4THhsCY?J+&kfWsAvv}X;I>5d
zVIFf9Lm!vcyz!e${#!jhxU)0K42z?E3whDa!x?nXd;(62>IVnDB3720M^oAh^{?YF
z-H4^MGn+t@fW+oNn4@E8LPZO%VPgrSG%Iy<W?ANtlEkSg6eAI<_fM#^+88x$Lt&5U
z)Bm?3JI8||a=U{A)8hmC+2JUy3Hf<V;l`J48%NeLcHbB_%KDy1uu_nE76Ph?y?l$0
z+b(Av<$g&->5^w(dloQeleLH*RKXO)@MS^wo~}5!P7G-wiKyjB4h<xp^j*#d@t1Cr
zT|Lc`^uVgKQma&Swmkoz*#{~V7)hHQ60jQI=}-XQm*E8Czjwg-tb{>E^i)K|uCM3g
ze)X?af*FCSxHAk11K)M!{0<8X>P4%_B{gxf<hgKW>Qr=vzq?J`8>I{#D3jMbHjF20
ztqn;uwjf&0enCVDW~W(gfw@j}Q8|aE$6EbQx{FKoG>D+6>e|j7#4om$<CQ5;ZGpOv
zHB)*F5wGTTtSVm;U&Y^>0=wC$pbiYILT!r<L9npgMATfB&`(m}DtWd;9y*tckLdMm
zKb7(%YNQT57d^J^JW;J5s*FR=HQo!Q2Fhg$KRKQYDI0q^*oHna3NtD=)kV-4E52@0
z8Q)PQJCh%T1z|kZAiJm>1olJ2tYKF5*UgE-cU^KLx}H@O;MW7{8FX^o$2m23S*<gv
z46<8Fue{}Bo9ImjE=j~=Wo$Hd*>(c5qC#40XP+dJkJRp@@I&QSS@1JuIY>Xiutu>c
znu%m`w#-gJYK_5TO*ZLvYrXEblybyuqQ>X%s*8Z&ZovTYTN_{hx_?%4{=|}_PST<{
z8ec5lb?O;TT#2k?(CD|%F*~(Uh^PpQpWMsHu|>hAIKwhzU71y~p1>O`*At^x#~JF5
zg!MDzUm2n6v2GSpJLIjlp3o0cg@kB}qNiHERNxc$5YylT98flnI4IZ^Y%KcJ!|g><
zI(H_gX!fl?FfZg|guyH>XS#<_Qxdbc=qzSU@j6&Nc?e*L=-n-C(vq<N<Mqlt2QsVQ
zW|=5u)JAcPWbA|y*o_xP?MNV<smo0q40<A%E_fBLRyyic(&cA7tIlP}jbtB3cU_Af
zeY$zQTmlzhwYQKRG>nUXOVE3&&hY}l^jcbjY#nvk+RwqVRf&p&CG-C1rRQja*DvKa
z7OAGGg37xGFO|e&X{XB1%jjP$`#(U}2qrYk(rUT3KSY`IgbRBNE>GYkLep<;^w^0w
z525z@1f8YG&L=B$3-F!i+Yz<rC3QrayJ4w`?!oc>RNTyWe6vgSgj|Bbc%&t=A$fCb
zHQ<p5rD>LAuHfx;uA&F;2_^DSqd9_%E-%48)BRRWKG3|38GI1W!=&ewY8XVh{ek6<
za!I=51<>Xi`tXpWW##^rN{LZw&Dp!4njrTi)*zkiw588o8j4wqnTm_Xh7twIkl88~
zsJm$o;uK5QC32QXQf6t1{^-x@jD@;B0?swi@B1`*c{zCCmW1aPf~*jQV>=ryk*7u~
zgUA)^`k&!%duk*x_)d#WA+m!?A&N6SYNi-$SBG#3G6<y*`N#lXYN0jmXyNYG4>O%Q
zPAl0@wF=evox{<a`z;4ZY!_aO%iDUv;59*tO0lPv6Ze-Od>UrOuBJQTgDncsT=?F)
zLc4DjjR!VE2Ef@>`tS79^i_;H`kCG95j&8y5hDL&B3GXJoUAI0V9RwqbDUGeGeKGG
zD$SLC4Hb__JL+OHnmI+w5kUxJ2RWcK|Mf_{PrghkAX~{hTO%sq$oYeEfaYLr36XGx
z83S-Z-1{0biXcWl@A){GI4Hvo&A=m39EW~%$qR6c(PI!C#<ZYZu-yoUMnC8gM-m40
zUV7}WimI4`-GphLh0VD>yZNrLOllEBPHJmS=({tJz0Wg8#`-fC->4f2s=2T1lvDo{
z<%0VWLCF01`o^vJ`Pn_9ZMg8|qqw>;JdJoCMYfxWr2~j7EcploYhhF8{_9+7&yPVZ
z29rB(3K$zdlPZQmr^o!g1upU1Y6EjmdFJ=SfdPSDu7CUakdOi%CybxP{sa}>4FVj2
zfso!4p3<ydkwMT5np_u4Z~psgq-g4;IkoMo7)=-X;0g@pN{&6JW`Qk517JO6h_CHQ
zFVoalR9cC+L-BR2AXD|)BRkSj_TXw0-Xl?CEvC*_Rj$|r#$PoO=Pv-kqGreB9ss%^
zVxC^#zz6pQjr5FLv9%Hc^u~(FC)6aKa4PzI`CIio`5zTatlQ-ftCSE`G(I<JB{+1)
zG&^c2WHZ+C0>5&4SCJx-$4M*Y6sFa!9~hFH-_s4B6jbV@t5yA?)bw{rxEchJ;JSPc
zf*j->umUBQgqIPL(uKz*wkjCKn>=<^@}y<DEm+e-wNqH)>@|)As9=XW=?%n6Y9qj?
zVy!DMV$~?V9&n@*RC+4o#dC;O$6t2CWP*<Q)1s6rrdacrGXWNYr>W?Lu^Sta-KyG^
z29Aj)X197rFUeiOGKzlJxtj;@vz;>7A44_@-;3o0<Zd?iL-}Ro?Z;=oi+|k^<m2Pv
z;eWqPXV=wQoC+)!{}O0q?qmA*;rK?v^^XgAY<?cYPj2#Zz91&05*h=g>6w9Wis7O&
z8@_Ya&+F7vL=Kn6{spRnKNPJ4+K)G9Y#9AU#w0yfc>-L)r<>y$Dz&~2P*-_!Tg@;A
z${i9j8WMRA$$`IBUc73_<#}dd+=%GC;V$Y&HVC<9p=tjN%B^JJq<U90Rey1p=IWEv
zmKzplI5APK5`l+#lMUIeuk%gsnq?NrEW!xvsFyU29y2;B(SG9sA>0vKmLDliiiRHD
zXol8PcN^>`tP=jftkQfIrC)i(u7)-=s{9aYjNu3zFkY`}|IX+W=Fl009!yF~MoXmf
zlpC&fTT0dIKC=SBE^cMDwOaBzqq=L`?@#;sM_lBx`L4UYpO5BP6&BKOwG|2MOR&%G
zI0_1ejVGtCb%dSkJI|NYMA{wjmZ8#UlLMv1OmNn#(m>E-D?&6D{4$JPm`kWtM@<@L
zn*|<Ll#i_{gsF)HEiW9-As0-iQ>o{#@3Yk-A%aQe%jwi^y$CKou@@_VX;u$)@A-`3
z|JeymM3vHNQJgt%HWr!=bPQQ+lbhiPqS)E+&{=yZYbIBzOAM<$U&;@NsgW`lgUGf@
zd>v1X=E=@g?`)UKT#L#Fw^H7%h%rglBlb*dVH<KGDdqs{Ar%|t=!gxL`4X+RuhT+&
zH4<-Po;2qzmMT{&@zPE(kBnxXR0OV*o7aIjI$`Y^!SRZrAJ2+3acyWnvNkX2wSTyR
zT*U;6q@RQR6C@disvqonvn4S{F$K8=jd3<bm-^@6IwbK@0Z2+k?D5uzKu8>ebe(kD
zj43OJjj2PlYNpu9^Sm+DuGOYaU#JIHW`qy*kGY8}C6^#u<h~_%`h_%&wjXJ0lpV_}
zOmKG-EeTbTm%Q>HO*5QOjA*FP;^?;^5_Y8Fg8s1mc$%q&7^voc)}{*`5hhj9qm=y@
z*&%PtJ`~GD?O$@p^n?b|PLbpF0aXrg_0dpO!7(sPIce7*TFhcBIs}2cf+&-4cNlX&
z<xw{wAItH{Fbd=!lMhD<&-r^8e!g7lPedN1&<zJ=gI*HIb-$oUgR|Mgqlf&~EG*6i
zxy4UOXQzAuwH(V%^0CYu(d?qdQ<kUQTWkx$g$!vL3R7T`DCyai_}Z1w1Z+-9PANGx
z&hGY(_ACMYC}x8aWi=oP<mvY6c7Y{cz}K^q&I$M=RUe-b%OWbIb#>*_CS2l4BxH`M
zPcVI9Deg+xgIM5ScY8wvOvKb&!fiQtlxs6ooj;hkRq=M7QJ7IJ2^Yn5%vp-5c7bt3
z`qaru5vkKdLZ=?8>ya6h6}~}vAmmtC;q{_eddbOX1DV=b7MzE+4+O-XS37A_y?BR_
zP-`K7ndY$Zkr~?ZV-UmGT0X4}BR=cu>MRV9TEx^@NiocTtm%+o=^y+S(r+Ms`86FY
zXNH;%EoZKXp*e6S7mo`LsJJp^7ZG??TJQrNZB>q2q>JWIzB(xOGkm)UOQY+c<%xa@
zOEV)!LnNE;dzo?=)0OXW|6HMFQ!&;WOD##W&9t}s2*J3p(QWY=RN?8eRo6N1l%~b}
z4HM%IMy(SW%G62_50c#7WOSg#KFSxhd%<X8uU^EuzTarEjS7ePUISy9`8jU*AV?}|
z+?xt_19AyMNZW&fmbC4vPS#J05C<Fax{!7g!~<>$=Y$g(I;V=3dAXPP#|~N#$hPZF
zMhwffo|ZVY;2&$^47CudkXIEnw~-Uo$sJ#*3cg(5<+l3y&XG{M^EaE0Jrn%1Z=@X(
z(yZ-#8)_%33TX$c=3tsr({i}m%}SV?INJa-mFBeeEIYeb7w|r55s;Z>#Vwgp_<M13
z(V(`MC*-IiL&eY07A=%RLMfu`8Abn5hFPa$h`O(V$x(a9%3Ry3d547`fSd|VIM#b4
zpNWKAk=xf(`4MZEZguei$#bX>8g~H)u|f&PBIMGz7hJ#<L{c?{^O>SgCdDZe0c)gj
z!dH&Bn!W-OlWJg8$TVgW%oc?E_55gQ`kO@me$8B?jUiM;%4sAyJE%%t56eEfcGess
zm_KT=ZPg9a)iJ(4jmv=Nb8dB|vy5#XN4bL9%PB57TZdM;UfW3Ql(o1pMZ{EE8484H
zBgQ8+3f`#h>SMIT_!P0w<{pP8pN?_5pI4h%g&itbEUAbY<zw`0S9h1k^HNtmx5}Ud
zTPayj;rTbT%V&rbN*ZBi!lzQ!8D<}Neyn#5;*s>dzIpetKO=)HCjl)5-kx8@I-Rsk
zdv%78bV?Js(=H8Sr0Jqa+W5r!7iQuE*k3p^qbIili&8>>_c3XN8XiC_`;rXFT%VAd
zX;dd3hPk$iZv8>wX$VcT7E0Bf$U{{M)N^z(B*fc?Rm=b;2T>JK$V*@~$aFYmmzkA9
zW}<`#U1eb*hk#SEqDGqV*&x^>76gR7jb#5hw(ZlA*KoUEe~(ut$1EEgMOU-LdOKV{
z;~TwjC}|)@C22o43Q<=PA`Olx9)JC~Bp&5^g(0Ix@)RkgEojg5nep}NthfqrR*dbZ
zS{(m_K@!VfH80V^CQh(?R=lCL{a?j5=6{qIB#qRu{L}$4{8ed89~J+#__=HP9x|Ey
zXK=eFf#y5R<y~-Wq&vC-2Y1EVz)#c{p$I->leyFp*tr!v>C%vwzp=WM#k7<khwO0T
zVde5rvUl>&nxxNSn?pU2eh^XQPT2hGEAz=@+@XZ(AJfzusN7qkvO&rF4#za$Zad-J
zf0C9U4Yg?cB~OYUifz<%mlY7<!D?H(%RT~#l=3V4@MQ5VX>kNv{mo(`nrL=O+@}vs
ztigNPV-oxM9L}7T-XX40S%<8r@$IfPo*)?WL1t8MVok_Orr3+L7*oRD<P^3#2mMDD
zS-7AtZBal(P#{~KrN+8T;F5<*VfO9H%TYt*U`iSFp7p8PqlqOx-1tP2(#$4r0KxDv
z!F=?Su!6~0f3da{yrL}39J+~}Eiu;-RrG;<e;gwQ1jzUoG`up{H8F(U7|P~uyK*R>
z)gs$gq+-}_xK+M2Ly10!BIj1(@oApRKJJuIRpP;<DmAWra$bRXN%L=qy!&^lxKd(a
z8Td4FIb`^-#$#56_(8ZM3iHO`OL2Am1Fkg=+u#5NkBO6l*l0O#FS<XF*(6CYqhobK
z>uk}2;%}q`00JzZbd#rr0sb*cF7lm!XP;ljqP3X2Cait9doH*)4xx_-lgO`+Y~s=g
z@%tv-eF07x4)=L2T(3tezHk8tJAP51(?p=Yk)IC){Mu%Fl=((AeU5>3j4KM5ha_8d
z0gT?&CZgSxG&_v2JA{|ph602zp`k_B<d!|^UBJN<-Wek|LMxq|eY=YJ`S+*b>3mDO
zuk+&$b72G)3{v478b;-->Qo(guW9o#+4BQ5TeE1nJ#(GUIrH<(s*b4{TBGhSqKRsy
zug1)xJ{oayV~=w~Z&|y<y^5iQA`@F)xL$*<c1~v!%D)#rrY#ik3U*g?fglj5UQNOp
z`ti-f8wAnKR#-<cA7#7oPPFtIAF!s%2mPm%O&8f(+50d~>U<cL;x@`K)ws+>&~q=F
z{6~xoM)L+>j6)Y27tn^TJQIc<`ZT+v9A&?ON3snR5bu;7dXYJantYsyJlHM_^Ruwj
zB4?nWhojGQlu8AKi06u?8e``LaK>%ODM0bh`w-Rel}J#>v-RjYQG;<1=3(bw-d;Y^
z0xO82RiHSSGfDL>=;l%Re&95W+5biX9f4y&=UU)24{E7#;1_2n@H_Aeh-rvoJ(e2n
zV_C>(GO`npcz{c>Zjq8?q>6dwWf|CcQf={;rv^3OV8}Ebj<wSFKxyK@m6+E#=zYz6
z-yu5C*B(_pS>Is<*I8ND)ZIW8rW!FQR<sz*gN&|+CXzwS4<bv2B%k1n;*Ba-^b#b6
zc+HOy>ZvR$DdyMzY&1rZA{5J#lv<#%=8vmXDUaK(#<T+}L@}qM2K5UP$(WIm!cVm#
z9Yt&h+%Am@!3U~P!RQ)@LrT$`UcW2_&6bnfO_QErfEo&&5{nR~p&6EUTuB#$x)2iP
z?mq8B(sh8#W@*RN_y6|kE5SIo@NZgK!1^;BHD5?WBLy)q)cJe)eH_1E+NbaU#wUIl
zhY=yNK$?xiR>6!^nLln9K86rzGWc%F&#=3M#$mJO5Ul@#IIL-c(nG7(?k3iIw#gc`
zI+`4LB^(pJ-5+m0(m+knf*tW@XMnx&_yU9Y@C0qRd#boju%D2*q*jPxrA7m(w5Exi
zCiy(L!u-2*uiIxu(;lv2X1;WBtpPw4y5@P|3`7P?#>%%lcv^b^WgxA|!k?x|8;Yf|
z3UMLH1jE!Mq5T}tkm*J?o*^wiP1FynJVnE%botcQrJ-}wZfqAmgTDrpD5w2YM)`cS
zod%pIh7goO%c7}5+_*4k<97M6omMj_|7u7`p<^MS=%S-(h&8;hg13B8RPiovU9%bL
znQ=cOK0;{9uzYtbby?GQ6vMM}jL9nsDByYerD*)U!O$`s0Wo~xQ&#yH`1P*8>->e@
znGqxwh8={N$RietZhzH#U8)!HJ(u@uuEbN976ft)3O15=5J=LcU%UG|OUBKLL89r!
z@9U4QN)piU==S1ZuqxYuOp0@)BV&U(4YuRR4ME4C|Lo|v9&M+GpN!ToY%yg(anAw{
zxI%e&&t+68o7O@AwBXg=H~UyeqY%jGIZhH-*U_}yA-WL=@F@<4G74weShfmOt>+-<
zA9-3EKcwbGHauT+_L?rn3X5MCo9Rs^@Nk`+y18L~RK1jck3MYC&l2!kJ~Gh#;J@dl
zO9*zz%qE>nN^#B>oJH7k;b`r>lP?mA1#HQ)58b<dg36^nF}xm3#%Npk^QIDtD5R%0
zN!V1=Ld3LmoXZPg1nE1_Edu&}F){>)3xM_~Ci?$Z{I_<HHQN4kgB9m=Zle1!gZW>p
zUZ&B~c&BssnEy<Azq0&X2<CR}+D9<cdwG7$f4o@y==cs_DRzE(JCpy9`!oyh_AJ7r
z?}#Z+@nkvGk}00eB$*8jCE#0iZ(+uVXMLfL+it6mfsR_Cj9l6L5+28_hQ@~Mf#Z6@
z0Z@UNKJBmrv<Vfg)h{@^Tu}Px7-TLnjoPt#A<uUZGBK|h=OmW~XsG#lbWFwGkA`xy
z``alW`w4A#x@cPyPw(6d#18)pMJDi_&STe-s{Q27ql;WLjDS)oJ_4Z+g6h}C?0$ZE
z!hAo8`y6sT)4{EecFRtdJd9Fecw-~?iAW^XQQiIsKo?mK-PyuK14UW!R*ClH@a5=B
zf?*r!Q1dQe#q~3P;4y(vndh6Ry&`L)!NvPk2JEC&cH0Kxt^wL$VSzCc7}OmX3&Wob
zj48Cqc$o%b07Ty&bH?f*?vr)W6WJbS4K;MjW4i4L?4euLGcS><Gf>iWSc@>uM!vt#
zI(GTR*5?qMc&qr&)vwkKQGS#%q#TxDC>7&k1+&pb8b8L^a?sih&wPuVK9^M{WxyfF
zpj=g^#M?P#$lW7)jZ3%fsEQn*u-Z&Dx%r|ycE!1{+!K@<N}bJO*hZEm7EUR7OFkQB
zlfFof*{K!))pl4Qy+y=vaJP0<p@k6JEw1>&Q@&m4H%5xKPC2JVIwPUEAHKE+p}7ZB
zgNk$o{;|5Rknf*?>*wV8cDOjc8}R*fS5Ec!?zEU8j=w#?*W1<gN5SFH+nJa9Pd1+a
z@7ToO(Z82N`|(GAPbCR|m?L}_c>X|YPG;qNu;rv-oD|+V#@!044017KG7sGK&w+9b
zG5J8Lz00k!MfYg3znBj%?n38naE{{1ws3#>F)b^(%;8o!C`Nh8r>^8SQ|>b*`KxTC
z)f(NRmv|bQWpQih$=INk?&j^sc(#IaO#g<<A|AraY@d@<yf0gZ@fIQ%uOat<CaTOm
z0{Ezz&|(^qx#DDYYt)p`<&q<0Rl+KWb@L1)HKx>BX&+1}sJljasu*NV-$R6I&=mX}
z@vezuJvR}==Spn>)t9ue8}o5Z+uw`79A)<$fY8?K1R`O~MBd13%RP7KAlYr!nAg;<
zlIyafe#;lwm%3?&^7}DP(3D%V&LXVh%ym_MOrLzjHsC4~JriK)I@EkaY0*j+=|BCh
zv#XDJ)KN0uC|m83;0%Fy2x>j#oJ=5`WFG2$Ft*TqMH6wzM32xRxCw<9)P;R|!qndt
zhrCN+rC0H^+3uu)?Hu`-xQkNm)U-TH_#SN^Yj}5VW7eA;GbhRngcle`wKn9P7xoVx
zNycRQ$Erf3Pyffr?((SwWH(5^-8HZ3ge2Fol)RmmXmn;cszabHqe@Sv*eM{JrQV6x
zuT?@Ww?~mi{AOvTrtEAml#75PAL`bwMRPXsK-Z`1bJ67&ZL~;M4RGN4Xqagr3fQ0e
zCt{&Sx!8zY@v(v>5-DYvDt3z;D(BVnVF%@}>Ju6G&RZa2{S4h^eu5);ihi!37*4+s
z!Gr|SOcLNKn5z2~0FMz5M$SF^cUOr`4pJGfB#YzITR;9rtE7>aii;~Vm8Uk#9ZDP9
z9gTB2z9}{63mb~797`kVDf0l9B;tK-(INtrBXzKaG7B3W>oe@d3?8g|DOuT63OyCB
zp_Om1wm(h%9L3(>wjRfzk7=%1TWN}duH1CFXS2T;;`Raa21%BQ`(~VLTUjlwn>ow$
z$F*|M?<g%$ag2!X8-+Ipe=*M1k@ncrDuQ<%QhfcvG`_D~UnZA-Y4qjv`notp(RUEn
zE}N6tk*4~!DUdG|JHyF#<OFZS7(Z!EIGEMZ3@IY}5tfuE2?fK#(V>9C?8w)2{Uc^9
zW95?qXP64ry9=?1zS29M{4*LvuK_dTKmT`4*%0Es;7h&h#A|~;X0hMtiDxqELLiQx
zK(_`v7h!UdUrr^7{e|L)xl=-UDiidUi*WwxdU@m@&V!k0qH_Sm_?s+fY-Y&IbM7BK
z#+$35<Pw@0WP*&(TGMG5dp5X~$Dh~)Ej3j2dl`cvZ1B^itdgP@uNMg-GbkA(c50;W
zK}&z;RRJ?o8uaANjf~lWW$#I@gXj1`v2!(tqBN$4y7Q7j2(?@=#h7Lxh|lQ)6?U^$
zmM5jeL!~PYw~GNhqhwYMtLeJ@gH2b;cOxMu{Kvvi!jd@TWJ5Pm<$IXg9W@6b<-2|K
zYT@N6uRq~ShNsgViFHqF1jPuH#IK>Wf_#E<2d!2wK!>;5@?zv@&TXt{=W#eV6Ex@*
z^qTuq>BVkuXNp8>P(fSOXXlqS4rZr)k!kq@&A_BSLNke>pWD6iVN{x+5RtL8ZGrQQ
zeAHBe!!p#w?gdVx8^r}D*As*T;tXkgqST*k4;{3okNoe)oNBe^gNT|h8;p|%j94v5
zfFe6oGf2KQk)*KlU{V2`W}#>wBPXuj3yvd{<xd@0Z^nG2+di>e^~t}TQZR~+WzP>7
zKH~aH5CU4VHDmMw`OL+SvYceuTf%APRn1&5&}^%?bTA_|ql$w_MlBd0#opL)`TNb^
z={<z`MIw9vl76}~Ky7=&tnH;YEF{0C8X`UH!60Iu$uMV<S>prF7|&3FTr~{1j@@?G
zSl2SF^X3N2o_$#D7yDUmR||pl`yWzc#D>4_v%?D*=d5uYmGMF=Ig~lZ%K<8IL4UBn
zesSIuP;UsCf5vrTm}gA6CoBYF;}bXa@lmB7v6&s`O37oHLv(OQXeb@HL&>j*7M0Cp
zAz{V1%=f1rA~>O+!Ll2flM0rDn^VntkXM2mEl?)$*&!BTF5!R&0$4!IOyxk#1lnlA
zE;*iPx0FDkQuevVZDmWK;}Ei;APTP%&Y1GxCkF!nEXEH?TScsq@z!#8dkJh-Yz-ac
zibVotY^lIIT}|ZEHQ6>GaqssvR1=b9Qb~8+8PK(A(?Y!cz1lo;vfGhC0{}su?7;fF
zq`7)#(PguuuYAc&2+9F=7AFJCw=GuH&xr3z@uXQh<aLM9b&~fZ=$V2W&o{>TmmvEe
zhR0K^S**YG<idDZQCK18gII7_3Q?!rY)*Zv<l`~|7@=nmFl-zy`jgGTdQLjHOXvtt
z!Nc{yp+S>9{nl<VVB@l*MLmfe;^jO*rmY0<gKleA?9<?*t7Pzk>YA9yl4RZw8`pjX
zq0RU}hY!~+1aEQcqoT2ydzrg269P;$RfvELN(V|AyS)59hJjRdKZY1ZF0oyqckg(~
zZb1PiRXhAFQQUWQ@(4yYsCmN&9+F~i(Cw04VjQpw@(w?vUbDb(?;Vss!5sOp!Ot%b
z8h^?$9p^<GsAR}*i>rJc^xd3Yi|S&FY^nU*z#;$M_b&I!88~TbxtXu0o`c%<&mP{a
zQgph87wEk4XWi7zAhOU&Ux(n)yF|@~>W3F`c2R#!CKu;E{NSO<XV-<anmp=4{l(j7
zEmsa7q<?BBdqg|sIIC}Cn-N_o<!u<_pQnMs7%ii%4$cx>G^>)H4w52Yrrslz{T0R7
zvZjidwQ2YvepbALQ@+ku<!Enr*G~T@xKqu7qy27$kEQYYJNh@a5Dk&Drqg`g<*TB!
zYz$=(CrLL-G5XN2oMjw5!Et=pkA9AX9P`W_F1Vl`BfZf_w$)sTDv&ht1$7zC9qC|3
z_-*c*-}7AwmLqx=$vHdcS_na%Xzml7*>9UV|K2U5=`~Za7Zl7B8~i>3b>~tSQs!>+
zK|e!Suxejztt!)`#jv8nh(cH%VrN3?a4_?)e`m#Wl5bkaAk;dPzw1>CX$vf{N&_f~
z<%-?L81X<GrorBTU<ti-X$Y;Gz`m^^!uLr0_Z&?X>j<o6J@9;3@@_;4J?IBlylSMO
zJ&o}W)hi!h=r_IztO)COHw0woTwKWAm<l@elX=}yZW9Ca95SiDKLUb$RfWoGg?DN|
zWNgKyDdxbMs&tzUW{!+O-|T>DRyrE`JIvXU*Xi<-$-)Ey@^fea&O2q$xL8(6w25<P
zvrxIv!UJUInc0}b8@)iBDe%q_;#J&V6f}3e#^DRfg0qlfj-8p3VX5d7QRC_tqaILp
zQls=dui5a}T~{%B?!i3V?(65?)>n-z?(6G*_E(LEu?>?5F%6UQo0wf!uCtE+qroys
z&;6O({h9l@>*{~H&U~z{t0&;EZS;8juB)rKhRK;VGYg9!1MkuQ#oj%}*b=t=f^WNf
z_io#^ZQHhOTf1$$d$(=dwr$(y^z)qaPBJ<3X}(Rezf|R}TB%AUwN`4?ef_TgwQR@F
z&W4|Z{b$>M5Arkq+4XaF>gk6e=E8>hA#JHrc+3x7(~dm%R<(znP?FG_#Voy`HmH@R
zUtuMNB_ea)Pw+EafJ;RO0@UpML`X||Cm)yPP>OBLzN-BNuD<UEX!<g?>dlrlh6(Ek
zj2Akj=qaDXm=hvIloM$7W2nmTHY}up_&V_Ca{XcoO%o7(61zr=(iB}G0Pgj@&IKi(
zQAz<j8&(Z?>_tb25TpUmfh|YIMP~BeSmHqZXThQ>nBZ|_&T6N%uaetwtB3YY+Nuv|
z657W>YpEk_nox>jLGh9CIPV>4xuu2R+tp>bjO_;IDH95@1JK0swy*vkKu7arg>x37
zcWC;Dp}1Hb>#l5XS1pMBB@<Q?`Cq0TXJO8MI?k(Y)hfX$i^6O+LUzk_DVJgXil^Fx
zGO>PSkrm7~34vy{0Iaq~kG-C{Trr|u_zHW(X^(1a?TM;%P0JyGC-KZ{`oc<v+-$M1
z>a48yr3a0g{7D3MJ#xk6$ARSQQ++?J+}(0n;oM-A?je$&_?U|_T62v2QIPuT@pevE
z5@mabKJbWt)A^RGv^YP&!?yDgOC;+lOUA`^iJ+Q6`YWmQe0`j5e}^AoPHJ=FTja{y
z2i033GWI3EMfxr9eV&M%nlS>Jea?0RPG@gVWaRaWODvIYwMsK|Wi~zdw7J&qpddw6
zBVSv9<|219KW=HzQDx$*{mfoQF1{oUS*_G6#BXwCExj)^=fgdqJl57a*@SNl<!M^x
z7U^#mjGWe2+a*uhJ2+12-WPg}PX+Ddu|LCDmUU6AO6!(>cxa&OYE)N3E8DEgB{*88
ziP2))(4=q7YG50Op1fipk9^y({%(S(XnuU1pZ+$fg4_f8yd)pUA2Sq;^((RnPTQxN
z*HD=mDPzO(!Zg^%tX9T?5{*b)UgkAxt<9jI5U(4o9gY0~W59X>;K^<L5@R;@ZJzfj
z%+q6;9YmHG>t0p2!S!`UN&?6Q?n4QfiEF%NTO72`_YK^xjSr?P5T7IV@^Vc~w|79>
z>8DR;t^k7joCh@5mF0zi8^dFoOUm5`O`U#!rS+b2FqBHBc1o7a+#<IKTXH?kw$Tt5
z=G5@d&GUoh`2!0S67H^d0(0p#^wJtfuXe}7PDRxJ%1;Y+_F{RO@te~CB*H|s&ogGP
zrR>b5Gn7*cXlP;iFhSxtly;XdFLcbmu`U*}$Ub5{epNF_>Fr1db6OS89n`?$dt+<B
z0=54w*VHS#Dy`Jao$dh=0jGs~a`-!G07`qqu%fDGIk{f_M&79L@~8XHD`(A4Umu>i
zHUNNx0@`rqy4dm}=}I|3u4V_n+D&|+q9K0C1hZ`uiT5aasRub&4okar0DdyVgVo!`
zsV%>TK8t3-V;w=|(bk2rPF3<x+lo&5(DS6T!m1V04+%>D0-HtTm1jZtum+{m!)%;J
z<(X(T8@5{2<a_WfAIC{phUJv){5F5k^=C~8|Ly})*_mATyB;D<P@rAHn01=(k17bH
zhc$_0%9^FaD3JMPRDSxR(Z6lady;j1mO!U^O#K9@l7(z-43>iT3iy3XN_NSJMeu>W
zQ;d7h#h?GJ8QLL)JM>OlP-*{CXdBY}qUeYb220I}CUmi!IR<8$trVXophbR|gW@A`
z6<3jH+XD9vjmxEoe!~oxV=2BRz8pAv5_to6V8yO0{Ap>pur753UN^>eo0YGk&hpxs
z1uxB%K)KgQXva77^|f%+b$`j#xOIQVQ<^B@4L$9qlbVya8Dm3vHc^hxjmWi}?rB~(
ztgRLAWT)Ab6GNIR@Lp^#vwC_#K$k>%eAD2xOQSOPROBRiBzF^>JHHC*bp7@9uz5Im
zsA|pWdBqA{y;Y~9llR)yhew2%ED#6bUcsA&aFUd45VTIGP$iLcr+Fkj{sQelGqUha
zmV`4X-56OQ?g2d_lz>f|o>Wz2*jB_siBnv<jDoVOPzj;9u;BE^*Ma|ge$mrhy0(<V
zrTJFE^ADeX2VxzNe!|VUoA~Km<NAqJ0J;QwJQmy@GHOu<vhmP3r07{kxp1R;l56AF
zqIfWJ+}Xi4@o&trWYU%#QeOpzEZLnEl9n9mPk?^6=dqT3O{OH4j{BJ@LH2IXz|1^a
z*66baeDM7%cg>34$F!HQ#Z-B2eTXEVDeWqh*!!sMzk+|;@m9fZ6_nGC8Fq`XM=BY0
z4^p2ROhFvTB}4N7I_9@`V#UX$qZ@A>+?^Y(WOT{pw#G1z0(LMfi}jmo`MH!T-5{Y*
zjr?44Anp=S^J@ldwrTC~NZZY3OL?CWPHh4#rf#rDTM4!;)84b}EgNroR4VT5M#t0Z
zwAo+^C=i-`nvx<;$nglDQ3EKmZz}jf%HdJV58KSNC*ako%;t8%7SnNb@y3#cfcO*H
zXc-JRRPo9p%{hAuZ{h9bQR~KEE(;X#X^H(|$RS~$viiFVpq>UF0?8RN*)Xh0d(da7
z(jc@N?iF*A3jJ;vZ9RKg{>aOZEgD5X(i{sxrkklG8xPdf*>Fz!%+!kyOr)V}Tkl1;
zAFlJ#cM2!DuWK&weuG#3mF0c6dTStNZ~6;D(;_DJMl8#!`oIg~K@(z!QUI8d=(z#c
z_e)D;JaXDz^97rYSqmtk;2ZEwiGf-Xf`Is>v2I5Sf$8{kC^o%pizN0hjf0x)6q2@K
zEs=zVo}B1nFeuQ1)OTz6?R*=LN#y~w7R}8o2q!Hf9v*!-Ju_<MedOB9)&1#xcVo83
zBFpEEt}Jh=$+7R3{oDO4YSZ=WE-UVq*UMS|W61rldcwECSyWw|OBSx{T$8JnF8l&F
zayR+dg{%3`XkXOm7+`8iR<+pyKw8`JJ~3D^?}7lnNee*;JIbiK68rpD1Y<H%cCz2j
z1^U>#CGInx5Jl~)X|L}ranWSlkQsH~!Hi`sY$A-=OT2=S>A#1FDb$NVgYdU=>Q3Q9
zTEt4&fC)mrk^q-GPp{WQRYL8&zI-+1Yj{~|Xg?+<uN!%4z-NA1ZF<5dVx$4s7W{<O
zFP{m8p`@A&*ISTWgXariF5k!Xhj62To>8|g&+_^%<aZCSyTjh1{}K+M7GvgUu>Vq7
zGuRihZ~}N%qm*gru_DA$A0KF|$p<weIyL*2uq^4}rZdI784eMIm*7DPYk(geqvE^@
zIpnb3#tpNI{Sd4*^E8MF6lwpvii&f|_f-NfZrDm?C!kj~iw45aGYqkAf}V5$DeaBC
zeC}>SF|C1}Cv5`&ILooI#Ts+}N$;VHi~AvoyW_cX^{jexgsz6SUI6Mjq4>~258gl&
z8M-z~D%J-I(U~_9`XDjZOyB+{wUvbKuIqcic>g=|cdknpVD}}RrHyyPG2-70*^1t$
z2%^!QkS6IvXuj<4Yi0u1916bAmXer{fd^RY1ne`$;I&S>5sh!B<x&UrRN7QdyA&g1
zi8<AP<72Q@hdz#4+`Y~RS2(J7e>0@x3$B_2qcyjwLdphoN~>7#oF-_)u)*3TyRvBS
z^92e|<p|20&|f<rIDX)xzE^M>3Bv6-tLlLbQD);FCiHiDn5$PLi?BP|K>F)vlt7yT
zg`J&V*9%IO=LnjXrOX=>py~cW$Wn?LarCo*mIO6jl#etSo7{0iCx!uK%$1SM#PLw^
z>GK{)9=3_O;Ck8MdbFvgi>tdHA!Vd>zJvLIUNuL%m-4@wZTHlmMVtwhId@%?0eh;4
z2T8o;^mg0z!b6#DlCXL%zJR=+oLt*8#6jU8(h;2{A%K@oybEXuzks-3FG{`YFjaNX
zgT9<!9{O`@p}ajB*x&NrUYFk4AANM(d5^cI=e|3+-VAbnmu7tiU2Rxm-k*U2l5O$r
zV<TOc@Bo62Vp5e8ls1JmXXVBz!knegK_c&8B!a#G+4H9)x<4Rj8O+2I0|GN^TWy9H
zm8=?zI}qQ2yOE@mAJmMv+I)Xx4R~X&o~1W22{v3CtuMk2K2yK1nX9UjuqNbLu}in$
zX~`gNAt$X-xs>&Cx)0N6zXF;$Pm1U7gA(p+H%}E_KET(c)zuHa8O_uM#Nm3^T2L2O
zw>1Zr7>Y&z7P?a);x=z!naM?=!ruWcH+u9-^n=pS0$Mt3QqrU~*Bf=5R9H&f$X?lr
zAEj0<4<kk(U2HfIS4EMPNt?CQ%`tt}?p%K;8SJkAbxrlDv!cfNmk;sWYYHW^ab*2d
zt9Sl}(OVgZRE3Nomswkun@z1KqCvK-|K#Bd4zBp8B#D+`Lj}{ReWufW%IRhvBkcUv
z7{eY);qVPA-agX;XWr$i3mtTi*$>_S?U;lyE*!dp=o)htGAqw#@y_Jg@pFM^*!Ac4
z5xZpb;NA8H+h}L`&c4x6Y<kITX~=Ru;W~dbRi43*-j;U71Xy{I)XFOe6752OwbL;<
z#*-ia+Pa@<KE5@*{5N%l)i&U)f_#D&3~_pK6NiIvH21qIdDy}|+{0G=k-uWG099n-
zR1j%FzpYh8XeElpQ(?Z1Lkp0QZ?1nfr{GmXLpURRkVb5Av}*ceo*FIv3OSzzbv+A-
z#P@JehT3EzwCPX)0R!apeLR1G5~Yt{^$PW1FqoKA3tp-9y8T5S&4mbVz9KBoFbr*&
z87vA5=bma4%L*xkSn~1LkhzYTbij?2^sFnc<vN#_U`IAbjv;!!qR4s~t4QW?Gl7v{
zXRrpl%XpXf^O}XFb7WJ<dtF(;mPj%cJhgK*{iGk>5<V3XzJdWDzvUE37y=E5c;c50
z=7^wo8hHYgpuN8^A;-WVvVyeiv5_#k(2!P5;SB4<ZFI8WCI1|9${AC>8d&~B*_<2=
zwOqHw*@pH+6O3x&C+z}(g}OnKAIRhk6?{V5*(2PVwqWMnZKEcf#_dFMg#%=OOmk;y
zZ^2`VKV~yxa?|08m804CA#pBqvOR8ALApdD{8OW68&rFrV;4zH71Lsi-Sk35sM@t$
zAoHbs<p;>EMVU-|pcXD4@XDqrq|z1VEo7cGa{U##v-M)+JgZ6kzQNC&9rgS6+od+Z
zkt6$-kBc(v0JJ)5S7R>!TN1Ezz7%Gs#@{+}4!mC-vkU6Um8F{D?Q`2SSE_5l7NJKy
zq*B{hZGLW2s?6I^e;TAi*&^lBv}QQ{s*y_wxpz@ga|}J+4F%-*k2qK&hX&#i5MAEx
z?x2w6jsTFZ>njq&Lsd0o-m=S*F1c2QM(s-7qLHPUIML8fL{cK56-tv-r&^J4Uu;ro
z*Mo1i+<WT$db`cT?2{>{!R3Anq?Va;b<uYpRxmGuPz(WZHnYgnVw(-qE?6U<HI+}c
zNAY!LWbGSA2+VYlm`(~o?f=qbs*qc+ywZ^OXgAM6w9Dk<9gf#Jq3z(Un%I)m&5ozs
z2)5pdXT%snmeS9E&2TrC4lKy@pVgvJoES<Fl6vu4*UE^W)-?MV0&Ua(SPJscT$vhH
zhbD2HlZiRUN|NZuLpq~K9qoJS5{-<=!af~AuiU`bOK?rtD67g1RVtyfIxSvOZ^lnX
z+|!EbGNB)SGek=?3NW_Byum>M9nVTqUs9GV93=vL{wcl0l6Uy{%1N&O6+H`RtRy|5
zA{%KVBa|^Jw!hf><QUbpp{mnh=LfUyDx)X;Q>u8g9hQALFwq2Ss~zYdfmEa(kvV5W
zm!3n~{?5f;EXP`T_$#G=TEabm1|>yn5+u&r{(%12MffL#T9DgVh4ne`u!y&}&z_;c
zYC5Ovv_SP#=bA2&I>_7A9!au{RHlQ_inmt*fnGhCiTG*fi-;14!GGKAWlqYrZxuv#
zt&C~_a=+R=px)ZmPZ)bL#JyFEIbe}9T;D{<A4%V`$}M;}upk-wB?~4ORJ_ss`S(b^
z^g8%u)8!{-fb7>oW%-Hy=hNXj>Isvy_3)xXyl|RwCJ^caryy9&EUfV<J%#z(Aa}VS
zC<8rae0j1*WoCt&Oah=l1BoRvDO|9RE>pG(by(z)$=C<W*VZbq#gJmZQO`#{F*ckz
zUKCHYQClWK10ECwaC*Cy((^a7IYwuA_20acu==H6YU+-Wv_|1Ft3yb}7M$Me4U0$s
z!3eLx^ZH9#wfb@By+aoV;TMg36~=WTPj=2;qqX5IhW7VLTClN5m7#cK$K={p4;mCl
znxd}eCzk{ve@rZltz)(HYlYFRh72W8lgfbHtuh;T1I76hC4Ak)5fc$>139=y$Aqm{
zyToFHg_2Uj*W<7)sqB<X3oN|VVo^_~PrNZ@S$pYirR_xC7p;7>zN!?juFm~<D$jyZ
zl1R?5Atq*2C4^UXAoI#76mL|H4MM~8Y9kp>urkAq(*#M%iGMrqKbKm2t;>nQd6bD}
zcDkRcsy|sSwt1{7K5TMZVuO@pS*5VIsNrcTtDJyny2hXg-C128yj!@)$mLa#B^gV7
zM$P1~s@L^dK@u~%m8!mvk`BcP&oR`Nj>4((*t<Um+dK7v+D1s>)&D9wu*QtXEV|i*
z7AiIh&-U8;JQe@8g6@4xtdImzNs$)@nVLbw9Ye}Gw-tO!<7|=1(IK99_qH0=&=???
zthl{gqCCgsB6AQe1fm7qFRSe0BN~=d+cNvgX+0zwgp%!O_b_nk2)lgZ>V0xqs5m%~
zZF2htQI(aaE*H=}pea4Nt^DgRvNb8`tFvhjY#&b3TDHEgx-k6UafR}sF$&Dl-Qn}x
ze{nf@=p2jT6aXg|hGsDnC7z{3AO*|e?;`)-A?l_QK{$rfbkiS+0mVNuGwn(SXv`;D
zFfkG^d0<)a-)>3)HO@#ucDbR}!r@KtjUqoNCK1Tz*y<BIn9I#jx%R6zxlBShWOeYp
zs>sFky=;fICO*A-xOuYs?0yj%;S~A9;r8z1?rm>z@U^`YX+QkLZS8<c@We%romrU{
zWOlA&f<@VkkJI33L8W=zW=RBu_NmCBu^9+f`4Dr2@1hbCV3QWJ*0P(F5z-G9GMk!;
z7=T{m;{i<);D8T*p)LhLZrCeb_!cN?C0MINHNZ8PE`8QY+G39|tFQ|;qg<=3XO8Q~
ze>AsICyWDJg#6wvUsJ=_+S$Xba~BQJK5RmTg%b^<Ys1G>^t_t@gn2f>T#|ne1__sI
znv#<o^|0w-u8*F%-K4K!edKQU29Fw%$J^HcyzE`rz!HR=j?;Uen4hG-iOe)T!Z|kb
zu7tHv-gWn!Gg!}&0HSHblN*--r()6SUWml+9I+KEF*wLU*%#adm;_v5%!I>U2pmZ~
zsa%sQqRo6{0IPP)t65^jE7)s!mAxUy&VOE{m6ke=0SEtn`7!gpI9MMaJYd7;&;DbW
zm`=c<=EXy9P`UW@bkZY!arrU{fhkhG<xQ1?PJ@MQsmk9}ZXWaz0q5Mbf4F5r5FXM6
zHufcaRNtSX)IEhA=AEvSMEtfq@+bL?H<N?;ePOB77P9pCYt(qp<=Z~#W67vDjIL`z
z<z5!6w)MOR5B3hUSj)^%oH*L;<Pl?PHt?0qe|v{_V^}-bH&x?E<qxQ^NEadv>H!+P
zE2Art3@WKy;)N+8V5jTKB;-Z59zB^S?Au*@iH9SPHd4@)3XE)m8vv?KuRlQg#<$-H
zw!zi;gccxa$c(W>*F86ImJQRbDP@fuauc`L2jkud2fgRutsKGp7!hPepl||B%b>hw
zO+#+5`257G(gS%jwAJ9XNd3u@jB6p;E@iWPmhAx-Mh1M+r!8R{-d4(%%6HSN4HR3q
zrR@GX?hdZgzdWCGrH+}ueACkvJVbS|yzRbU9!^efZia2Qyqvi?zteEMU*eKpqh6Oo
z`f*2Jr{nmdqq|lnvu!Ycoj6~Lkmc8~r#~NN?ZYzLSG24W=DfkHEF@$sv;5KZM@$<@
z@HW2y(;%$GS2(;JGqsA=Rh)F)%TZUL{zVNkZB3f=(>$A0PkqAdEN3&;Z*eec)(sxZ
z*KXe*5?ELZ52G-Jz>!{Ly!Q_e;(X;^EvGzu(-k9C^BZ7R$#rwJ)#LwdM3zpoomc#K
zyWD%u8xOAoD9jVl10emf_J!aH^V_l7oc}V`K(*O2fdz*Ok0m#`1nz1tK}xGH*0my9
z5I2{W&HYY}Cq+{Iq%FV7bos9h@kmcpS;bZaNdm(xtxwH$Y;s}FnxAW_7QfCa?OOHw
zRJ+oQ3SKhbb+`BTR2eHpfqSc>)?IL!vAKvq1fY-=k}Fx={b;0a8ohl!APh5{!8LVr
z<Hqqn9I9OhtYFEWgsYhjAxrzk6kRz~zhL&{s=K5LQJ2GAD^fx$8dMZWUP%bOLmhw=
zm`3M{Wwlr+USmwzI6gfn!6m{J7}pnq7*funtyciE_3}p^ECOE8_%!Bd?wTL!QY@G`
ze>_&bcmPghIjf;}YLI!|N+nUk9+B#gic{${J)vd1dR%Xj(t)=Fal<gfWN1stn3m1(
zbO6(-gZfTPfT_BtK_EJMC;kaBIYZZ|HIi0%6_UyunD+0*OJ?XjA3D>9%LW$((c%+o
zU<X47k{Idm1A9Wkx(u%OUS=?WJm`l$k~NABkkbyC;G;a=#kr`m*JEIT(f0p9kWvY&
z3#KIS7`%Mwc&m7-tFp}WU_)oxD-2reAe?2DO4aI|iYvPLpX9O0p%Xa=KMVN&Sty#t
zB$b9Y&aC$p7RPEcCNaC@IHXxF(o&U*I@msF&_lWXwp2?rxeMl?9y>BsfA#d=fZkRW
zZ%cA8(&PFYI(9`kL)Rc01xtd6s$N?E4+L^n(dwZw6Qq+DPoBP-j`;!Rfneg-?YH%b
zX^*>5?USkG#xSd!OzK<q4bpwGKVF;nlMEvsifo&bCfQLoDAz$!+uCi1D^RqEuX6A|
z45SLT8}tvu*bc=SQWRNvMoN;FbvOS`R&XA-@?m=a--PV^9j)B{KM8;Gv4Le1A#q<n
zx2<`^8v)~wgq!@CaZ}R^D;sNELW;!ljBLQIaK`E5vB>?)O=52}$=r#@revbp_y14)
z;eNL`%+etgIiMl-IE#WVT{6bPHw;fJ&8;OpCXEBf(VaggG9bi%2>pOWH#)-<NIZ6u
zo>>7gwJ^rkk8X-s5{25@Ok8g}%tiq8gy##>5F9cveo0Cwq%VEhMbOy+e!0-!)|Kro
zynv!U8>^M*zl`kk_rZA3*siGkKllUb{}q2gCQ09Ntt+`##*;k=`Cf^$k!;h5mF`&v
zD2`y6DE!8{2#E>Ki+YaQ4Qx#eKQ=QiUXk*zHN`&8m}lGHy8<PjSZuI+_9}I;Tde3B
zb57A<xI;xbg}4h}QZzwX(A;QZ4|X@4#rr0*sP9f~RL`0+i&?G$P-Rk@f5G@K{xEyd
zM9EyOfzzXbOf~|liuD_4YUemLcIUHZobuOEO#+_4*rS7iEiNXbSsljxT;EtcH<zuC
zaz)6iQLKD5`<MWCM+v#1f>;cL8rgsyR@z`TY_ewE@sJ=`vOi%wA%ohgu4w&@UBb*I
zWoZ|yB6*c{qiF?Xi&(Zb!lrIH-0g18$3ghl5IL24zvetGyI1%7E@k?QfqC93mQE10
zIHkB-%i9%fRGz;0ZD)l7!Ztb&PWqg*;|Mjb&LKqE$Ix)6p<{lcVa}}6)GL~p0+BD)
zdo+uIu%O<l6mwE~(blS6N>O!e7~Pk^Ny(J1Mg%_<GCctlbzouf{{O%qp0Gg|xCDo)
zYGyEZf#rUz!|;2^G1e~5?*eQ|NUB_|=p|<z3n$5F>no3|6MQqI_ODNEaDU*gelywn
zUS0_5YM!Sr3FUIvO6p|p9~_}XAXTWS&9YCLksZRP#Uu4K9O-QgOzA5Vn=83^8!FT~
zhR!s;L?uoCyf4(lX}pAxsu5FAG7;ED`^-4^1h2AjX+A?O6<IJ^R{S*R+xXI(3nUgJ
zIq*p&;TW>*HO<GN1Zh?1NI|!4#hrl0o&p~i2Y17@aEX|UPo;s4ML4Vw-*|=sAy|Eg
zHLi1T;T0+10^}7`NAt!$Q70d%)nOlnUT(rCSks~nqq_%^52N4mP>QuzwjNFP&BLwg
zaWHO^kL5h`0G@L5u#>ZmDLRq#M>M0C(hLt|G1XxBnKKAJG7?X78a6n?PrnBShfGq2
zEclYVsgmdGIdUQD=(=^mjRvp4T!GFsg|x<|kh&>Xy|xjgmGX_4$-T5sjfb(73fu``
zs4;?Ye;A=5_0GI$_USbe=7>S-fCUk3t^{u}6~$HN{vXBhKlY>Yf60!iv;Xe6`(H2w
zH%{67LH^b7LB26^R+RaF+YgIq-c+WakNXVsl<g2s%>r9f>@zf(=;;-QJwo0J6YdZD
zWh^bua-zzmXxh2cEZr-<r)w|<zs<{EZ330;m|Gt_SG*5F%?P6zK>TDLbn_<oP`ySm
z9r6aF`{qFMDx5_yZNC@2qIF?1Y}%$B_Qwk}tZp%mg69sUUSu4-+(ZXYKCTzNpwX93
zE8*G($26e8?ReOmM3U86X&)?8@*jkocDh#BcW=pw+%qhnP~>uMwcRx@U(WlZJxccJ
z4KMJSN#uAD7NLt<o9shX=OSvP5e4%3QWyIM`}wd`ny4+h_%69BWM|*5-tSZe52O{6
z?U|pbUYnTWzz$Bt$&D>>{lV@z!k>(M=9e=Z=qS>bgqD+ro<uOQwjki#B?~>U?)!<5
z0|gksLBJ@0SQCa>izRK!a4CfFoGY?y`JD@eieBYe(;MvrD|Bcj9G~I3<m*h<dDJUe
zrgG?&e)AzjnD*N3K6FgVo*WKA&8(KrEY5^9mORhJ4aEpQFS2H9bV!{2$Ge~8W&P{V
z?tIbz@63k{&Oh_<&wTtdAOFn9KlAa=eEc&X|IEif^YPDo{4*c_%*Q|T@y~qxGavuV
z$3OG&&wTtdAOFn9KlAa=eEfejAD9B+DFK$=hZqsW=7=sCr4oz;Bn-b>YML6#;FPh=
zEdlsxWAe(sBk<&0XEwC7aK~WDd&m<Ku%bW7#~@7*=xunwrCVs%qRZx<OaqRED#gfW
z|96%DclUfTb*sQ9&NNRkh7@+20+>s=b^Tcs5M5oX&py2wvs^mQUxZ^}ks`5i@S;rS
zM7NUVjwK2lQv~k6K3^%PiU}4HHtPis;8%Xh-a3C~AG<vDrJEjgQcvh?1vQ>}t!KGe
z3t;#1t$zpdUbx3ZuD7ifBtN>jJ=EGFpb_Q}>F8PVm6nt*dn&TF!l5W7fyLSDOxTy3
zLlu|$39yo|PS`^G(sRaMUALcKB$zUGc^Nn5`eIkV&RwBmMST^Q0#<w<R*uzU(VjT`
z^d{!4tF%fO-8@B5X<`CM`>EJ#u**B{9&tTA1Np4Bf+V`o*GJdwvZ;>fsQ)F1(p79+
zWTbP&un8IH)9~?z60tcb8@cE+Qncc7*n~78i7B^?jx)bfnxca!w*0iAglqpa{4Ct)
zeGM!T0~_C@&%|exi(Dd2nu@p%Tb0Idi-q*GiBf{Y#IHoI_7iWq2hz>!9R)(p(7~@$
zn^uNyoFS!%idg0p7yS38T6Q)!V)MCg1O75U@<+G?qagZvYk*$l_nZ3ivl|x@)Cm`#
z{~D-;?b6NZzKWmZSxZrTir#79j4L2_Yb_yeLL_M1q2YtFgvzp(n^R8~KxD5bF8Sg)
ziSAG;qB;k{kXY)oCaBTkui-&0X|z9=Y2no|OgBHQD&^)C4gr<@6d8C5VnMj%!=s8j
zz$)uXt0Sa4CZq;a!S{gKtx#*l<F0&Z@~aSRnyEj%KW4$%TYY#vcDZ)}dItckMp7}7
zH&GSpG{;fP2t5*gc$CPbc3TLcj4VC~H_CyzBnYQ`4F2|g`fB8~!CXfS>4r+4svsWK
zR_-G5&Ni2wJ}qp@YEZEfH6$P9n!gH@BPxTUjxQk*6Hgj_z4{L71Vk|UjhcKgz>a@U
zP$#q(?Y-TdrR{cEsWWI8dlV`_JLRdL$4@I1{=11`wWeVz_yH@1#Xvyvn*>U}3p9)*
z`(D#3&q%?jS<2$WVUU_3TPdE(wZI5;G9-!83E~e{;UimOv%-Ky83?<<v!=WX)#vT>
z3R7&(H=BUCMQj;bl&CHz_Dh~WCK9jWF%K$ewGg?r0O)J_r2tG88QUB;6@>g6HO9)5
z{hfp<Zk5}Vk?{SczGv@p5M9zzSrPemKq)G2jTx}?)6wlIijAZtdqL)PHDcp3nen>R
zMbFb<p$!P#dI=b}!Lx*c>xnn{_=?>k0pYcP&3{^#z-_eG&STuc_~@OXY9UqGC3Y6r
z!j@VhBdKV%{&qdsdsh`>)uTD<TZ99K@aUIzccH7&RBF)-nxVOnt%vbI-y<zFaOs(w
z3yQISSQ$W-+37frK>d!U_i^!KW6J$%z&ln>&Cgs+a)TYWzx^zS=Usho-)?nj)(366
ztU<cMR{Ly9vUDjXnt<K3K~I+S<932Z9T?cwP$XKiZ!>shnHM|fFz@%7M}N$dm2y39
zwj)}+ZTSM=^pr+`IwaOlOv2kz=tYXvruXW@32ZfAS!J#oZ9Ikbv|D{-5vVJAHg=o~
zx%301%+bgl4>Xx=525w-$so1YDs7>JTj3MUmt0!qEAupeL)&5%LP}I1+Ng(^X(w0A
zDXB{gw-ggd5ikU%<PIiHBx*}N>t|Ufq_!4*lOgN{gRQ?TuWZ!7&<7_|mJbalXtrk$
zb|OdI$6nfnM!{92tmQk+h)Wt_um^Y7MjqGBK92Vf1DiM1xR9XsFQ{-6&yI}|tweag
zg$UuE-`#@4(Ld(VARGwN;>&Pq*LHGbcEhLCAiCIxcT*}}?tdRK=U=AEqILb<xq|qY
z5U7NV7pHYi1sG$stexKa(Q?UiL~o{Qu&Wh*o%xSWgLX8U`2htdM;xX`QCw$FJGU6T
zsI5g>JjFS6N|DyR2q(@(OQ%WI=F0cj^jKvC=LC!aG9SXe;e|-gUv(j1;UWz|=K#iw
z;LC<6l44B)%H1lqd`7yYJ(ZL&7TrT9)0w`M@HLeRsvfTV0#UJAc;fp&pp*&<_IBgI
zWJ#T*h7IPK)gDL}zFDNfSJlZe>~y5?g<tG3&Yn!OKsG56iPao^&baojY~&Tm6`9qR
z*>%NBByhuF;96B_f~q8cUB0(xsaMi>yc;)1B=x2nugjpvFHTevEj4cbrkVgDYep!1
z-V2c!ls|*OU==SR%wq?ywFp65|MstOnoQuAoO=^Bskv+XA|<^0$a_L~-pjFe8pe8L
zz`w+LYuouQtHjgr16`jBq#kisJl$}=UH}AZmA%aQ3Gfv$Q?VB6+=3@}So#9IBJ!JH
zFIPDeDwJrT3&a#zs+f6M%xOTD=%yKLQtCsAchgWMC`OhwOJ>itk;aa+9(B~Xvsx~w
z#Cw6C5JCzprrHh<M_$v>3&eRTS4>a?<cK!Ve*b!#bxjwXj6yao{9s){+>T?DdJ|L}
z^sL{tA>6_FLhgv^ErG8B^GPle4l_4tuJ{R<R^Od4<ikw;xw(-9wcFW)9Qdci<W1A|
ztwTPN7l?D3STEt_VX&cj9Rqo`HYfwAH?it4MOWWJ?mMIbd~D&~Tn;PH7)o~>3;D4o
zJ$sy{wz^$PfwxLFr{t!&`g`?RedQZgW{ncI@;Zml?kF{Q<~;!E=aR&?$DP7}inbhB
z));`6`vwNSx9Dth3{BY+TlDXU^|TjgF?iMLk?4b{K6hW`<J3$R^Fp?%97p+j{POdT
z?5LcndF4l7w}btl$RMN)j8(eHnL{S`UpZ+_4mwK~zPC0U(L;R{Jzq8GUUigip8lYM
zhoE#aY2?hPwAK}HN?y>-bNx~kvPe#qbkKp9PiHpk2vcCS{i6Wz2)*<fsApF0t);RU
z(&^x$`bB&V103SlB>n--)()_+iYB=@q*{oO?Y3vlVS0$+py`#iA)i{4FH!!&M<b{o
z;rQz(<YN2^*@AmF{OcA_(2hNSgcP}^vMMh7n9S~*S2%kY{*!c7K?f*i5XoD#`w4Ze
z+4!gH++lo)c1vLz%C;H58rZ}DaZ~kE%VFe(f39NO775GuN$_Q~NfzdwnS7_04i>Zd
z{ifvV4SA?OZ$LLT^%Gjfc*(hG`)~gEXkHh-Qiryz^LwQ*uWOPf1<isQmxqJN&*UVn
z$w(7f4grlqXl`S(a}anQyG&RqJHDLzFx#kf<8hlmC^=ihL1x{;na`F0`Lh}-ws*^d
zD#RapzJ*n$N3w-#EPYqZnaG=vEtb0e726-1`Xfs7YtX3YC6H>Kg6rousg2ce4Qq0~
zH~qB&ONGcG`)7x0@si1je=>&rLMHI|aDcI9dZ?Q7V!cKgbuJ@op~Az|gJOc+^~JA8
z-bmqUo2T6WwAbKr{oF8Iniakn8q=62sR@@3p79j?U<_}6dq^6c|2o*OgGr+HD|b7*
z$;x9G8YK9Ho$N(rjV!HBIYWpM+-(FI<@j6NwloC3&vCHbwE+g>T1I3nM2T;v{%0{W
zU0@R{zKO=!_1_J{O00CwloY9VdG9PzfC55uOY7SZ$4?o84El(M;Bl%^bTQ)b*v38B
z2}cExzeVnI-y4yQnYFOhJZ*L3Ih!76=jc_)@>^Xjm}idRK@|#&Di^4F>a8u3PsNUN
z)37#c4`;hfdl-AIM?n|HCrc8mR#)1~wn@X@{N%`A+iLn)h0Y?uoE~VCttzH>TZ)G`
zyy0W1W+=*mDN*vfz&d}?^jS(w|MJ9rdN!W}C-K&s1HUkx1J9f;_!TRT`=5)zO?~hm
zo(H!Ye^r|XMu~Iaz{a6zgyq0C5NfKG0gs93y^KLSbUJB61H<4RIh}E)hhc{q;=uNx
z3HB!$=D^1KStk#(VS{PG^c!ODJFPg<!<eTVX2IFh1n2h3%7pmm%18_q7+vrt#P52M
z5dV>q7+SfN{?8_^qWIjwW>ya4<4S%I=u#{&`o(z7j0W5TSB|*Af(rN~%CW&<+!=Cj
z=}ng<+utAqxX|*S5NY|Rb~|DT%WD@cNnF9{QALZS%eXN-INE;$DE4YUT<^P{3VFIA
zb$nlPr&7Hf{~9@u%~eapb(5>)VU-asFb}V{@QYlvpEOu7l@*1D39{KpAGBn`fCJpA
zQ>0Qw$56(Kx>(zAXI{n|U%0faaZ|BC&9t>P*rWBRw_PQ@tH&-!t$ZtF{Vv8Bep;4*
zZH#(dZNBA96PlhhsLtL(KzgPh{0mq?AAHHo-tuR8A+olcQ0+!H0aiyt2d*-SaB0Y{
zYI-x+RO&jKqv+FHkPl8pWkqnRES~g_gSA)@^?4+$?vuZ<r>(JT+fii#?Jr|i6E3>-
z6MpmNX;Q2--0}IywRcgpgPB1tm|Mg-Jm7+T-%?kaW-5N>6}AbEHZN9R7rEDvDvV#J
zVo9usdnV#PCDT-xW8T}Cj0Dg|$i(Ej=3@F22J<LXS>$C`K|C*2h5-g-mIZ))ND(4~
zhj>&WnOofmpd47*!rox#?^O$Vn4*OmGF#)VRObOR;h_d*{^Cloy<lAzt)>=Ndjag7
z-5_?OX!!%2u)3!Dsk_bAuk2h*79MFiRf!@c<$8Dq+xfA4>&QSZ-FaN|pk6KqaPZSy
z)JJ(nlX^}`s#K}Q9O=KwZ&Kv6z;4(JMU^qr4LR8ZM>(CQ1v2u+ZKGFy10XR0Pn<?8
zJp?<;1D+!2)dmlD6eh*D=)`|}-d!9gBy{s;e4pa_vTbI46~4Ysy|Fj?Y^m`cFHO&V
zb#i@<pZa3@K5{W3n7pY}bnmIl88vQS0#ww*oBPkwfEJtWeS4hag=#I6P7PpGbeoN{
zMDb0Gf{j<?4zw07nux3zbm9%uMGKQG4GXedWMiY-t?iKLQOBEP+7(H^SG%89#qm=*
zd_E*6%QDvbSm;Xy#0A7FXBoHoL|cskXVk)ZJumQnWtBKPgQC$g^F4qSPvZGDm+asT
z-i)Q91{X}ktA+}h9n28}Q=vs3pQcV}_Smf&AfH%3307!_j+Gq-97?Gx2x7^MmIS^f
znWB>sAa@(D+7!i^BdUhi6`g6E6$+g)lT#}?d_8DtYbsV>GcOb*C{vuBc@%9;4ZxrG
zLQg^$kcX$4dk^K@sF9K&T5gW|`L8)n!{<FBM6uwn_AN;?WSK6Td9B1RSJDglJk{)i
zA0X2)0VY;x)9;*qkbk-4EOu*aYs0G)X!b?`zD|R3mh)h~Jc6o>bOiP-?5nV%BER>T
zK{(ooZTH9QV!19GN)hQ4r~I0<0|GKYU2;uzfyPRUzsI0~L{nOb-01w$Ck|R#6iNIb
zwN1;SDder^m0xa63s2v1#oe;_cm-RVG^g1R%=Nv!jxfD(j^NC>YNbC1zG0`+cg<Lq
zq;St0a^oh<BU%=az8!q*agNf&e<UIXMgl&ogNCa>eB*1>)+Kz%t)6Y!;tH31&mpp`
z(6<X*>&<D>P{n+_9&mpimP!ibruS6r6!?~lAcCB)2y_|fv0psQ1DYhTNE6XrzTBws
z6XscC!&aO$gEthCm0H#>ed41NIGh@+RJd8$RMc)Tta3Zn(o6;bk>C-wi`;qB@_v6?
zPdT8Hu9b^3fG+0{bj;L(Z#&%1$8{C4af_Q0o1E`{p(u&b;MKSIj8^ZL++pV=hGuze
zdsGJKFoFyrjp4!;lm2vm+8d_`f*yR~Mj)z!gF!dvw81@Z`W3NzIj{au-OvI%@h82#
zz-F(4d}Ka(<F<+f!ee=fuL}19DKN#L*ulv0lBV%b@JuEw4bU}L3lU_J)fDt7)M!!%
z<iyebtS<8Oi<^<ei6X%{H4v6zz0aHBYO}ItWO4;ool%TN{!XsNix$@MSGl`4A4u&h
zi-XSb$|hEtma9>i=s}kz#bFj%r)z^`L-i!-axz8RbSSeX>~C(lKTdxHv6e-(Ns~Ei
zH$p162OP4zy$O;vB~^lDtYfxPWpSdmQo%?)^8bcyNj;dDiFCVrAfi0*<#ZshQqA$*
zAAm!JrO?hI|B1tZIMTpUg@q|?x@$9jh*H3_QOoVMJarj2gJkB9kDPVTseQNLr`Z`Z
z^VF9G)8evkf)jAWEC(RO4wWx5QU>nu9c2(Xlp93zMCU$U*AV$ju&6CDlXnr`s*$T;
z`3Lrlc+Q}~u}!3d$7~7*INkK}mrg12G=+*wK=NKdVvG;nGOl5Fc_$emWMeoCQKh4f
z2zjk^eN<AtsrH4&?=0!9E;X;)L%k?TPi3zK5dRHcI;TpZsu4=W-MLs1x-?5MwNlJM
zT_1bjYb+o0wny1+`aB$-N!WaH%B*=zL_qXG=QdCq`aytX!CwWV4dfI8jPez;IK3ss
zX7%1S4+^v+y6CyC3k5+;mF2#Cr6hjK(Y4C=5_ML>2xX<E2A{6P)f6f%<)UrBOf;1h
zE;Flx3p$H%f_D@A+KTVXLMUyk*SjrL>eIHJLt{jAj>?zX14+^Z@{xes{R0}|6@e5d
z20Shih28jt(g>*OXDN_#h<>qKz&){XeH-4?xyjIKu<k9rtusE_^t?HwE+2e9+f|Ro
zUKTwTa80-a@vR&iPOu&!c5@uUP!EBNUvsuKKG3NBu1B01y{#oWuErHEmXHd`7dr0M
zPZzKZj|dimzCSV0#}}q>VIh){+{lQTMZ(;qW5Qz);lz)_*xIV$;iQhi$~hHg#>j__
zueHP}M~+9Etl_>Z!4i=kCyTv>B0$e2iWd`(6C#Ts($OaZ$1H`&iKgISlaasH%nKHq
zJQk6_=|2&IW9Etr<NBN$na|#(u+TxY##jf1(o5kdU?IcWGt~j4C#rBa79fI8sPwLD
zlx=$YW@vJmQ~OP8CjLo2y$_>J<g@O1P{EmJ*-lfqrcM`Ry|}G5$VH+UP@5O3XbzM*
z%ksGy(yYUQ(zqiRK*jTR`+~vSawXJlK@s6=VMqAsXi=mO<K9*J5g&E|GW@80+S%2q
z+$+n|vAKSH&C{XW-ejO$2l<l<c%1X%XUpuM(_uW=w$_4>a#8A`N|f1PE5+iE+L7tL
zRdJGAG;K|O<(iFsdNI_T{uU4Y)7WFZUy%}BnztqpS%$qxHyn+u`Ay1VIx}yOU0NQT
zQJgL(=C-#3ag&~UiDYx~K-x$SKE5i=++ENXU0kSZQf*LfTQkhheO2^qR>JFW{O_40
z(@WJ9{X*3*>3lG6E*i)E>Lh+-XRw>_4q&<}-En^h6(#}Ugq@x*WktU7vB#MPM#U`X
zU)GiqUMR>O#F~NlxsE17SGs7~gb8L?;hZYAw2joIwmmmmM`Q_&gc&Y+Fx5($l-V=k
zX-44^r00BZU(}S&%1R|kXQnRV>#55x4C)2I(?)UGQanqH>II|`4_iO0PQ|Pd#qTt#
zxu<)~d}(_Wa}J8(vj7#${GkpG;L}MWR~?vw$q*}6!c*-9dnLp06ysW>R^lLn66!Mm
zys07qd9#JX<Cwqh9FP?WJskFd;(EjhJ#F7oK;^Dwi0)^+2|X6P-Slfnq&0PQ9BM|=
z8ursUI*&%nu@yzTIXIeThoF8!wd0swpEwuAv-h5p#M&k%WZ3d3B`R_XQJnIuR?joW
zqALf}W{b8fHbzuaJfv9Zx{){7^daPHCgDx)D{s=XEK^-P@(r+U9bR}N1>IZQ=Bb<y
z8NCj+ffeamFT?q6y=lvF_8_VpUj2SVmZWCqB%la;*n|E%BaeCo1O6q$CnKM^2g(o^
z^MCSOi+OyN(74g$07R=1R&IANT>0*)+Ocv(W#B#DryCE>*J-OwwW+v)5C634KNPna
znVy1_vx<`>7~SnWW)LBo>LONTcVZw`Y!wGD&PP(m$Mla^duMWrREti19^x9ZKkKwL
zWhAw;voXAao47=9@KkDMk*Lw#Nq9HU+%`iz`oQ?Mmi*+cg2hd*gX?-X?t*d$m+sJZ
zschtosLNx&Pc70BIloVcuY0{THqGC(v$clk*lQy^Vugwz+oE|ce^wDn?N@n`s<Rg>
z+&PE-I%$Gfj-ob*ro!T(4U2F=5Cwp`nEWnll)7c3K|NTvm!g43lQm$+uF&PO4^fJk
zq7ekvuorkm&G{0n3+v5lW&?>>v9rxs?o{-`7HNFF>-O~H7%ArAh9w$2w^VdpXfP~L
zYZ2lXKc|xai0iN!XS8Zo?{~hGriaG0s;j5Rk7HsW4vdV`F}!CREgm~0dVkG)E3<r^
z_<6TL4MA&X7BOVqdvJ&CL6TDaoTk;aiT;)1^opQR8-UZ3`Cv-z*rywNzx-|7s+a-w
z^lW<1JNqhYdjHL+`?3G4>Vx|JW3EnHY40bnlI2@Je$N)3t*e&xS$+f~YLOb5H<{W4
zC~f=io{?WR%uF_OCd|x@6yAN6X&x(LC%O-b$Nq&SP}*O<Bj?d!KtFffy58OU#q)E0
zl^7_xX{fe|mF=o3n!TC?YBl!{B)K>ptZ2Qva)V4<ZkiEx5v|WYvg439Hr>G8CT<}L
zQ)Fp#VNt%oj&rX$aP9aCvBgmoN&-Op;Y*kK%Lh42rnxD>8j%IGz5ew^-r*WPAthVU
zVdCsuKYbHlu<$=9eHmtG!%&M(QxV}w%|2H=Y?V<hgp_P!!bz7}_4l&Y6JN2qsEVOn
z3KM;Q0DofRy_!P5>F9J1BLEiD_`Y^;S61JI6L3j89D%-`Ctb!g{(1#=Gve+hHrnti
zF11<KC_?lLWf#GNx%n72m;-$^XODj0zQ(uyEIsdhrFy=v>}7ktfvcr^zF&SuTcAMW
z2N13U-xk}XOydJtM9SJ`r~@_pORc`t)^4Hi`r_qAj-%lZ%=zX+5ifp;-A~<2y~XUE
z$L?8{o&{6g&p4Jh@>}w7;v3^0jSi~a#IqwQPLc`q=nB;j;3gQtS+weqUHDOWa**6?
z*G5ehL=J-EiBzi+qpYrxBjL%&;*zzS7QOR79oJ=IQIR!0ImS;vb<G_JRmy*>>m4P0
znIu(ExDpwoKT3qfv0FUjswsoLnE2|wC4BX)S<4-Z2Wx4v{R%%$hZy8WAZ7_zPfaSc
z(?w-4Ii$Un(yF<0hy=dY{+2v;`UJ!CCfKd0CGgH9FBRmp7{7sjj_zfS^|=SotpUw#
zErA}Hm#_2DPOcCmn9{dX=s@!pOqZQ#aO<U%sh@(y*RA(^WI%po5Tp;O(Nwv*c@Np9
z)`{FCy%(;R?Rc4Zf=oVI-vh2((agSg%kKeSN$`kx&b-wW)+T?w8~lqjS_$CIKDd*f
zQxjI<8eOr>7CpKc+}~IGPEF}P6&`M4G-!rAR-7X&;n20EM6^0%u({Kre=;eEeaY{C
zl7MvD+xSYYdMZC~H_1KTjP5-A?d08Ni+3Ql)=Mza03c7FwP<g9;rR#$vX?r2O!6Wy
zyoM%80LEU(aWPhms5MS4iSqKL>PA-GXb(s(%P5Dfmzd}TUFF_vlRrg9Yb@M^F0IDK
zh{`qZbKQ1LRc`DpOX)NIHDpY@#Pi72LJ!I$#3C)pD8NWQB8`8wp;#0@LQP%xx!W^^
z6Mb=Wp-(xm+^jo9JzD6|I7<~+X_@_L=T0?Btcz+V1p#1rW@dZ*(j6Jtga-E4ffD<6
z=BJ%4wCQ{dN+(}Jp!jRlcHnwtr*Riu<kLlnq=Sn+T(YV|7Z7|RiQdq(^>4AO<P@M8
z;-3?;ht@2c@@jp#J)JFPjF01XyWf9*%aeXC#=8ggj2dyLRp2)HB#f@DE|W5-+e+4A
zfHFj0vpzwm*CUz5+L)nL?c_p<k1pYC^mp?6_$^yQg~0;&Yne2(q@6-HKhcvs@{M$O
zunMP^zy<2o<#s^C54NC(M`k4v7KL7a_r3cOIl^?eG3h?MCb{_YP>i>E-JkVmP)0aP
zTUi=tBCelJpRi6h6(LkBhAsD-3Kp&Glebj6|E!)~rS{(cGkkI*kbRM=9e#V2GMiW0
zW9Ir>I&gkGXiVbI{P7{f-bYlkHceF12F3|lf#{wNqVnHwFvTrLk{h<$&v6r)X<aP-
zVvA;Wcz2W9ZY%8}=gC&W<o;0{#T$A69zTgUE_oXa>eXotuSs4}sX?RU@dp{RNi{c3
zCD~xwL}ogMBu_i*o;1I=!iSS%fZ<s7<RN4-EPU$@Q(-BWj8KxDoiB>s9+t&JbM`~C
z!Ias6?|)L2Wz?Wo=f0%Uy4L+JQhgTvXl$pG$CAyL16-1AR8WMeHiA#Xc578EhJ&6^
z39wRcMKG30R?-%bPgSFIk#*1@#?+}0oVYOLuj*d6QBRW_t<qPl+753&+MY>aN~Bad
zp|73O<%76=JXf&V{wOa>yV}7VO80f;glK5f6+3H<mTwA&_US=>R7HhZj#eySGjTjR
z5M0n?jkE@?_CoX_rWQU)THaM<QL=H^HMMlSW2Iod4zTT=95pW)Z$4{u?Oo1k3>6n}
z{LL8jM39WL7NPb%u@NQb8F#&SbOpNgPIJf2tXx#3G9d4Xc$>Wzp8Awdd8LZEC)BM~
z;H(1v5KJTQ74p|_O2ifeUjzF=L=oN@y`?ZX4A6`DF2gpWqBJufN%^LXFHV`LpGyd`
z`jOdzlx`=VjJ*=C^J=?0^5^Lg1BYLR&fqt1jdRv)e9gP{XaT}Gq_(2Y$e5lwrTJ+W
zg}DN#v4If4F#>zs&p#d^eB7J{c1j?Uovy%nFO%3&&ig$1pNCjY8#Y==NY=Hrt+m~O
zKPZPWK^kr@vIuQKTG`IzXVfSPh0TekXDgsnG6#3!O@+jjLhJ^&G?T0(RcN00k}8|@
zDtu>Tm1_L`qI*BddU9($Wdl>g7Ip)PRTu_-%i0+8fI6Nq!lut!D*BvMEC6n;9U$XS
zNW@85&gPEaYgkn~2F&Mht;KF(>5l8xW0_ri374x6)jl8}61Kwn&|8)*dWQ0~fy@PE
z5~MH`n{I@TZG-~yI@aX`rYY4^)8a#A;Ykif^;t<SzgY}6YN-g7;@ia3$r0s)uM3o8
zU?So^Uw(b|*T4St`4~<REt5nEku|Kat{E{L!STvrGmz|*Bsqs!VE2w{CBgvbp(8F~
z(wo&y;Dtcy5+heiRSe&5EGo=y;PJv3Vyjn<POFTWXloPr-NuA14a^)dNGqzBf8N^q
zv~G%<p5Os5H@sfj&e@p2m1}#o_<wPAPF;dT%eF4twr$(!vTfVyvTfV8ZQHhOyQ}Kd
zKKJgIGje1;#1B}xBIY+|aF%K~`M-AF<WL&rH_@>#+MH?GJ{Tyf>c>3IWv^}nO9<56
z>rw*{JsJ^K;P;DXmXPsbGiPY9Iimn5_AveROtGuX<~;rHp!6kqct!rM5N|PV=WN~Q
zYZ;*XidH*tR=>w@%PGT}r3Z#)oekM7vP^Gzg#8}RaHGxQIpgRe#EyAJv0>}HmxxS6
zOF>aNFu?<w$bnE%A|ZkDWm%{3^mEcEyhg9fo@S@6O_RxZDF4{grazW-x2X@zPkh!%
zSAzHozZIL?IM%j{=`*X(?ofhhLT9R84FhBc#7Z}li|iiY400;Udp&!g_7#o4kIc*l
z5TR<Kad3m-I%~;C$0jQy{9qn5fBmnpOF4ei@VSUR00G0pgjEx;&m1wwB-8$HfV@7I
zv5ZU1mx`8rnAE^ySB>8e)lU2zP&-daTxSM~2{-#W!IExzap|#oq(v9a1xt7UqN?(-
z?0pAxylzGDZPyopb&bOFzTZ@UCoW0v$-lD0Ma)yxqDcSWq|?eh)OG{`#r%$_Zn3zL
z(iZYkc4@Ut#%j+^n>5P(;3G=nCD+-FQ-!!oo&gh%NJ@fWmn_N)p+K?YkZYXHYs_gM
zrM34uKv;_ndvc>VT8sM6mGBIfSSE@oqn2@?$oIF<+*8`Q$?;Lpe|JYu^rifnzW?^0
zo{o-gce_46E)J&o-_B=!=`a3){X9R8@2+S1im*9)e4wWa>}c5PDmy96IDpYhsBqoA
zb?~jXj;Y<HO09^FHV`H~*yw0%jW?reklieSVxKQxd(b#)&aq~)XHRPZy*sb{V6}mS
zB+Hszuku*oM+q!)+h849-8ONS7t<0_c0iu*%3NwA#Zwo{p_AK=H%XZtCf}?3hpX&D
z)_EJ?I{d92lG8QerXIv81iNWlwA6tl4Zris^p}M+^RzW4svDu%P#{;Q4&5e?D)xY&
zYkA<*p_|2*Qmr>!(^x|#`yso5P)-PR4A4hBH=!+RD!>)=*3ZL_)%9wBcPo0Crhx76
zy-vIQen|Kksu7$4QLz+w_)zKV@0v(sed^2T*#zd$zM%><>)L{?sr3Yu{l0C?b=Z>o
z?s*$M*JDBDd_OsL<@f!1T%NV_>ESr`<@}n|6O$ERLhYnjkATN`c&+sBzchxv-3+8(
z&zOuzR$Qel63u`el&=-3<TE$0S1~K|xEzQNQ!H72{_W(ubNcu5AvU?IQd$i_7yvLz
zMUs4{-Rlsq)ypmZ>@@LmD1SwmVal&yYOG*+LjkGZ`KI_ll<*5}N*W8}%xQLlzC+!u
z5ZnNm8`EN{I&`Tzlaw=MUB@Ynwr0DGB$?B<vKXZ5JL55p+?E5~@yY8dgD-_`Tz|=%
zMHOiSv0T^+&V(c}H-)5Oz+SDlQ6$L+Tu?qW5||a0HCDa82o#=pGKc~D885d0S8S_)
zVQG3TVpJHhTz`|B2eK)!bYohDl(j`Cy7$R6>;NOV{W2+&;i$EqIqo5WgSOuV7?nz9
z3osIvvBNNxre~h&2+e&<EI|3f$vY%^*6APW+<f?XCtw4d+>;KA1<QLK0!Ygv1mo$&
z0Jl~In)A4oqK4D0|5aL@XR_(^9BCZpmo2vLY#@%)0+to4uv#Bq_xKtAkJ36up!k24
z){VpxS{ccDFk{W8;S7tMP@;(qUIp50bde-e*d@UEZ2d<v^n8S2oMBYE!8O;?|EsoI
zqx=AABk&MYN?an<+nA^<L{tMy$Z=AyN{?fWkFZzjHCPL+5gd}SKANucNB4ta1k6(N
z{K<x`S>vN0_>a=+Tq*ngqjZD`H}9K3drW$#PAbb;|8z~?)MWRowW?UI_FDQ#F;^i~
z-CzmJOw5<5Upq`<wr@g=JHPd^0pe}fZO>OZ32(I=6+Rx6CGT*hHtZ|uAM^fKY)#lR
z>kOsRISeRF9z&xne<oqVb=Xw~R<kjW)?$@R(}Xkgnbbf;TX%*(JZ=_Z*_C}*C&_J3
zF-n--OFv>hWga&(PM95uu}hdGd%sdRZe*M%-nRT6LA6bnRPh`QLbcL`*?arYpgH0i
z1_@mwwv_Va3_V-};1z$UComh1S=v+<22jB!<Azlu)vN6X(PW~~JLdCaAc^k)q8(rw
zkxbG{WiddnIvPm4T!Y?Q<*Qk;j)r6iVO>U~YC!rPTR%*uh|Sl8xlF5fnwSqxJWv2{
zMJFloS6N*oYCg2CcQ3Q83t6K;*uQ(JUCtUuBfAbKi^{vBR`AhMbDpjd8IjZ^$!Ux4
zkpc!UjREk2M!P;?fHYTG4N|Z=KV@1m3@F#FPR;BU6?G6VV@Oqqh1sBYU3&D&co+2N
z)JcThe3lEzNK}S&Eb$Sb&n0Id<;WL?#3^CsvLtp1yxnBagv!!VoncHx8WawrxH^za
zGvQ>|A*)mwzeUh(H<m{?f+qBdI}PyP?5d-jqcwGdXY@ypr2lDi19NTEcNMlem$SSd
z2HF$RHBp`*@b-P|rQh-5@O?e`T3*+BP^C`sh(@v&wBhdDrIOWzOo$Ai9`_ClLML0_
zX7M}k{60{y@h|fyJCyvxSv-g^EVB)_+nvm{uwyU~iDD2*>kW5W*~}TI#^lPC>eI>S
zSf;9|fTKp+4dN~~3hLZ4xK0rQoLNP!P&Z?SKyO|#EzW!kzI1ROd~_Xpn9jmvB|>+A
zsL;SFturEIbqQiSo={?l67wwh5&)^`DMXc(*XJW9uaB&l|0OLRT+=Tr9{hV#kAvEO
zkDf1q)a2&Lh1C3fJYY)f!}9Sd#W6rqzcxcs*9pu9SqbNn0ix#losY2yTFK3A0MCL{
z^9ovx%3e1fh9Nh-fK+$?c;(D(_-IpsuMGS5DId<U;dGA{TAwih%M;>LGe0g^HfE-V
z8<YY^KF4)QKfcW2sk^5u`JC)A5C3$g8b$nsnnnD$@+tk}Pe1q>jj@aP$vybNr~TeV
z+ao$|DI~Y6LYN`Pb+=*AK@Pt1mw<zCEqr7J&)EK4n^*-|(+S)yOoGa(bH$jkEa4C9
zio~}T?Raf?SE5XbKC(Ilgsr}N7J$FtD6^Ob>*`UR08K5TV|e2lE<9m<Wx)XuO3@&+
z0-#x93ad;tDra5vM+02fA~J=kjq+1sYDWz|lFGTSVDw*7JZ~40P;KRLDOg|NZukzj
zYo&3S#bz{DE?iaZ&%mAjjchH=f9^5}5u{xY*>OAykW(a`B55)_M_waAp3rH~-U3RZ
zC=hM<%pX5}$}M1F+%`>-prwvyuQMpi00z}H4?9gDC7RWUhoidM*bN*lCf&*QbdmW5
zs{VvJ5|bqxDRPn}5BmJR@6uG@>B=$nhndPT631@F$%kEK>h9b}LKc>v-uKqNcsepe
zEQYCz@igVXy>P}=w(fWUea?737HBRu8hOlj0ZOv?&|LFoXzf-;>hd`4nx=A=>J(A*
z9LZP_>SRN{Z~&fKw)!>;`Q^205-O0VCK8w0KjPu3aT{Pz{<$m2C6I~WAgN?VD(Wx6
z@dc&Aq~&1a<*A#zl!#+kJTq@em?>ISB@2PKS8CjEi+gJU=f6mAHLs5ijhH&;Lo`Z(
zURd_M?BOPsN{*_@Jn_(u>og8d+v`#fLE65ZCd1rbml4})vuM9h=n^i|-NWN><8Y(Z
zbLd}bhVY$R=|MeRcz1D~WW3X&)r&oD;lo&W#1Xu+X3W+_-;+J2!+&NS<-9f+w~MH=
z>1D#@V>Vw%<46ic4H5%2kr8Io*DQIJab>(^bF07wr)FYZeQpRun&yUQ7OB(p@xoFW
z%#){V>a`VS;{s@`izb;zAq4^Oly`Z1muHx_yxj=p+HveG>lpamSfoqy^SOGeO@@_R
zoyN(<_sCGFT_URR9xlt$ijL8j%s-9ay&u=U+QjJWk7`vN%txhFl2-#=9?`jfu`tgR
z>5Fvcht<>uBoN`d<Pm&_E4Qf?l&|>G>UX^}twmBK8&J=Aj9T+f4tF7|D-!4d!Q9(w
zREQq5QB>m+ja7yt$&j~4jMOfT-o}H)Jp(Z=4|T?Cr4+ay;5?ec5U;aM`wUqlJVQ`h
zoYOPXoFCBiaWA86L^}vliOfC-242LgvH=pmN^~1w3=_3!4QF`6ekb7u#m>;tYIazl
zQnepWz;E3yz$sodV@^E#2XH`LJ$$~~7`scYdO8CQ@#t?U#>*L{#*k!x#4;tv`6<_M
zMM7DhQ>K3B2Q1z!z{|MVTv%T~pSulAr|RL3<ImpzUIrZ^7*>wAySg%GPak8>4iw$0
zP($ZY3W(apWt1g52PBW|xKl)`v;(~A7az4KzPcID*@DekHhN`WLxZpx=%L#0l05bk
zw(f~gUFqI3?30(}{h_?Mb^8H35isR&R;p`2*zPod&*#@%hoRtWv`}4Xn;DNUm<#<C
zQlxQ}hq~=WHP1D9(TQ}{hBNeYgDHKWAvv-;A*RM%sua*zq)aXnGxKwwWXCDRpXT;M
zb~;*G5Q3^zX#o3>Tej=6l36a{Bv-~m<lhw^Z`0ZOPn|E7DI!r|nJMX`ldDnn$LCvz
z!3ir|wF45oKyLA~O<bMHW3@w4A5patD&a!j3utSPI3HtFb=dp)9(yiOWIaVS(9Pyi
z^c2uU->C9?2Dv;%Rc=}Wti14s))siIe#3#<9hiEQE)>c^#=1=OwUr7%-NjskOcm4G
z9}8yn&@G#Jhmz5aDJ!P&v{X0SW+`X~b1G#TOM#922No5}gCV7o@yY|A%u(qAT_7Nv
z*uRnIxj3+HLAU(F1|53fsTT1-83HSqfq_g3Bit#oLc3F{M64K+T-S^QxcqQ2>1WR~
z5H-^ij}8nA4*8ByB|zU)GY!05zcYA<$t|@@?L}0RgaK9XjWu0UyiBlkS*(-85~|F}
z)};{{^Av0VdJ0trpE89O=Ue-gByRUM=W;w<C-XP=8rRwnJ@-L;$kPWw8^tnvJXtoL
zHWF(4VYk{p-A)`;6~^3zGfZ^tRY@au1y^<5*VK>T;GQnH))AkskQp1~L}p1mCnG<;
zwKy0UV~pj^cl*TDw?2CoEP*dr%U7(ffRb&?`?!c2cMMph5pH;gsWPMF6&Hw5+Y86P
z$CkbYL^Z5@$;dt!$guv}2O8pso4uh$0cf*ng{lHNySzS`<TB6jal;21qx39Q+wLpJ
zpMTt#-d!B(Ib7XIZmre+-P~DQ9_>9?vm%$;#O^%s*{%oX{%9V-yBm^BAtBn;O)@;5
zg4!ak{~*pzF;=f(oN%rdPVTH@OpAsq0+QvtGH4PcVcCSxa9=gDlljQiu#euW_1_If
zF6&DHyM@9<AyfQw^k+$<Vg*P=;o3d$)wwF5R7NyiOF+AGTQZJYVTXo*AK~$5sVHEq
zN=wtml#A<Rr4Kz38|5{&IJ(zrCLFJ(R6(hv0~gl50d>cdZhT&=aYXDR`*m0My|hLX
zU~kW`H1S2*s22s2dmx@29IzXhy-U1ViOkUi>r4$re`AiQ%VV$QQ$5bqeXNVuDaUkE
z@`Tas1~`ISbL54E+jUH0L|q@wwiZ|}au?M;Z%O@B5`WXKziJ9tAnU81L4Egy;KEX4
zz26v_cqoUphq7)`O6xDEh^B4;H}(=?^MEaBEw#>!eyhuobmF4Tw@1|wN6w<7*zfsr
z-AIegy$`9^Jg`p*7MDj&X!ed29m=H5+*=xd3igNv<l%m?0<vvrFXl)egi5zmWihV#
zno)p2JfyOVqtkdlwaqSuL9RL@Vnx+!!aQKBA=qa1upDyD(4j?PLNI=@1QRXAq19W4
zbrx*_eHmsz%ZMUP=E_vA?Qg7ON6-VQD=;a#)fT9<h&H18){0t`2^~*l+|89BGZt)d
zTtv@^>2dym3TW(NbTVPCLy~EZI8nI6J7Wr0Wpc=ze-x4oI=MjwE^`ucIW#;(73v2H
zW{_WQp?R3}j-lygZu7*@0}ecU7)y*ZcYZ%K-A(2P9^!OC%sLbE2<&6bA-%w{gg=^M
z1VZ7$DG1SkX^_=F9cD^F{0{3+cNrP#7X<77`9~`cbcRhVQ<JH<7q3FP+DSq$*-{_1
zbp1GmG``?*^_Fh710P6dqYeod;^H=_WCQ;^F?-#ScnFr0QJ>IC*XH7w2(djFn<>?c
zHur*=ORey4ydIFEiYa<&IRTYiqaB9&LKIGlQs^E{w>a9z=1q~mcE2jGxY_zH7=MMR
zKK0IJAz()U=t9BHlXQJAl{u5!+)&d%^-$5+`oHS0fT9TS<GN%o6FuK*4Y!j9<7%TT
z^=1j@!oPXQoRdr>59ma^Ep^J?oDg}lc4xF!M)O$pwagwxu;gj*r)V1xD4Y{RxQbHd
z=?Pi8mGSG>8f@4U@I(>q&t|(lZ1_2JWA2r@Q%e;ayk*2nD-88O-*-7Gt_59?)gd;}
zYE)7h;BwLUJ|zwc(QROR6$`l(T-I)jd6yH+#I0119q4!~E(Y(>e|%0?;=~Ba&Z@lO
z4z2yC@`T$q$r}PbEPwPzZZs0YI?6)ir0MhOe)<vWuX<P+3~dyeXHrq^q3R1_G&lx~
zuDcG!2B-T~WkMRRO4Q(`snYCmhh{L%m%QwZPNma0Z}Md!tCWB)znMwvxN<4|lcgc6
zj7Hf>>we3zseN1!*vJ!eT~}VmfD`pcE&dXCFiFV7P0^qe_k9O2PmU1svgl}LdGmpO
zjvaLz!Ugy0d0BWgGXjZ5{*E|x9Kf`(fD@R0!<cxN7<pN|>RE)amNfFRI5abJd*pdp
zzeuIWNRinuQknCMRPqK&d;ABf{7;D|C#N2h0&iO;(t8`if?iOaix12Kk_TaQG@1fr
zaitdrL}}lOtg=MF?GPj{!P;V-<R{MvxFYJdRPy6$`<KTTguw2E@djrA?okb;IaW0L
z!ruG#Zx1U#f~IAqsu)G4s+G_+Lmg!ZKAxe#nY(L_2c}Y(k3yNdmG7jE!duWd$s=fv
z=VQvpM7cw94aRgxywqWOo1Pn3j2H+@R<EYcEt4q}Eik6mWmV=a6_shU78Cf;je8V=
z6@g0x8wIH29wB^FJ#-!5zG%2BVB`G7>K>x#z#%~h-dT3$Osk+BNymQqmYXpyWGU7K
z%&f6WSlS?xgi@OPV&E#l-lCpU%SEX<CaOO-lDhRJR9K{t)D;P)s$LJH0ooPqu=F6Q
zHc)xtWy=acC-QnfZ^SZ6qKQ8L?l;QzI4jS#g6S)jpP}bJG*G_ItzPq1zTb#N)V{)^
zD^B*6iUHuEI@siwAHAQ4p=Lf0f)Br8LyyNLlbms%lJ~V_qA;!+zPI_>=GEC{Bc79X
z!aK_7E{{R0*%-rr*n$(^Fw2Xv7W{-H$17?s7KYa(Qy8g2!_dR+RRgu3Ge(OP@p|WP
zec;cZQ_F4+j+v;}2jlLCBsJm{y$A-Swi*(&*(tv^iUPvFYMCY;sZ;Ed@%~;*SK+9Q
zh~<Wtt_6F2*nt7+yXg#8Xw4|{MKQ8AwY;@dzi;{Pv}`gZJ>3r-Sm8-5ic~EgfeqFv
z>IST|3j3^+EJ-;!7d?VH{(;V=vHds1^&8OJ2ADB_Siis>MMzJ9lzT=di)!FC>WHyF
z_(D@>LL#f1`j7l2<#bEwG!m`TPVI(&mbf7N`W47(nU`Yvt^+3rs0s<gTttZ3NuLK>
zp9KyVtQLjMyB8Y)O?>cxpD`gF&VtOlgIygBsf?jibJ{>FQ`ixd>6Lf(Qd@~z;mnoC
z<|1<*=4PhI*bibB+8hp;7e=2*p0H82XL4aI2;s#{#8%^!VEypS;0D2aH5&MtG6q&x
z;dTO*r}0+XDsvo&7__ri7T^uECLFZ;<sP1YR%@*(F&6r5fBale)|c()ZSeeje0;ap
z{q=cyIMerTG51Gz=^gg_@-(rxk^Lvk`snG2{?pI;<opbytL&s8>u}f|@?P^$1#5w5
zM8tvr@nLWsU!74PTc;rci?yDB{YNL^*HJXPPvYZU;`8iv|1TE$A(=vg>_*)vCZ#4#
zSD;uPi2VpyKXCR3gr}uH-WXKJv;=2=wMw5<&ZE((smD-Rg2-5g`tKd1wW{~d-3BY1
zVb5!+aQdxZ9zv$#Yapt9bql%*aUJbEQTC!VN|d(O&xBntNG>=BoF)iawkoB5Z9ELY
zHZGTjk73^fY2XkMwlz#&QWTi|ub&BXAG(F%$I(4_3i$YyNwvRfRec&BP9f0@Xt0%d
z>OiymyD@`_;C=e1DnA_oM?O?b@6{(VYI>1EwUe1^^Ep_YKKUYYlDxLL9wdO2kedvq
zT1dLcdmN>j!71cOeyJv@Nf!VqGh9oJi-P6K0$EYmAX^q7Y(M8@Giq9#6l7ea{!iLk
zBM`66h3r9wDjf!`q2ZMQ3WR2$@VU{-zE=)Pfrnv?lYZWbaB<QOR8E3sfJ!rgi@$7a
zQ$NyXe3lex^CwJMY6u4FBqbw@YkK%mNHG=}idV1<Jo;|$L#}r<mH`uppC{$8fvw-e
z5|AS#OiRO9<82h16`NJebBN){J6rIdeWE!bJw|*g`$ma^^kyQzY5uw54uad{olFyM
z5<pGsS8xq_OiJ~EqN3v(N|l7g?3{y&8HWCX`U(NfmZ}M^@_z#yq?3wUbpa$AwA88t
z<xPIO`pXtvVpr^8+biY~e2imrC0Ql*hCLQ(ff~5Y3(hL_iqj&r?+KhrV-R3(?4}j)
znm*b2tP*DFC_IlxXCtWNtb#K>i@u>&T~^VJXC8?guIgbCmj8fU)PR=~_UOnBC%N-#
zBFM_JgWm%=VHc=fMmSeOVOgNt%eW+aFW<k(M=Z_pCABfn&IZaBGUFRtWAYr%v}vCH
zVGlUxgWzk_7ku;_U*~W1t6?zDPOb=y6l?5s^bv3AoC!pxWlmP0r71lUif%L&<)fC8
zHIlWlV(mNIM|d0-%>^f-jy}n8w;-_)vM4MaWs48iz7!i=F0N4f$2B4~NqP~kQ4w-B
z8SE=tYPRLKhEAq!no>rSyxVc)aXPd6;#Fke9Dfaxcl0rZKY(P2DG;E5j^4<8nq&r<
zN&TV<LSL2O)fe>Ri7{aX!%G3S$A2L41c1lFmwMIDWYo9*xvu5kT=q1vKk}?6hRK56
zj#xxZV(0$B6O-amxu!-<Es)fUpfMt)Nt(%vS$~VZRt56p8v&Ts#1B%ygZhg;Ul3n|
zfZdES^>g`xF;5X=A?UMazBr~)KPc*DgNq{77-^npMXOk^ciF~j#JVM#xFOI7#%IHg
zzXpYym#uf*j5lw(*vl)aUz}ZnF2f|YwZ$!8Lv}YX0kOZ(U^kjwv=gSup4uI;!VTxy
z`!&Q21k}QP1L$?lzs*n;=>&2)M<y{;!;rNpG9ub6#lq)6Y<T#v!RzecOssXilV#@?
z&n7ztCRb=&fsf-Y-oP-crgN1GOTYM@BGmF_J9#vP=Wd)h!hp>lq_7nVz%~cS4Fhco
zGqXWHFTyhrBPus@by=FG15uvu{lbXtf$5yPeI<k_bj=*96XP}wygY|*EI&7DCQTy#
zb3WHQXo4roGc7Ypy9^Y8v_#w@ihTmI9$}M>$+HjU+Pl#wV3szwEiyXH>`Ji+z|;U|
zwur?eAOE+AB&3;ryEP~>3q_u=faMVkJX5$m><kFoq6mDGM8EyFkr@!~vz?}5mw#xG
zMH<0U%FL(J3BYy#w~^;dDNP`j(rilIT?}O0=d3n&S5Bg{?|=`l2Tn+2uA)PN0Wn$_
z6O?nB(+AfA468G%mWGI1EQzG#w2BjjNyG|!^zRZ&Nsm)_{>tpvx4;e2`%5ntC&xVH
z=F^x!^9|oSpe8HX;^{t-@>_Kr4QXcbhBN$0Wk@KKxW1Lno$Em2tabx>Vd^0&2#Z&;
z-*s#ns=PGQ4y6F|i!&TB-9Hg|sPR5`(0AYP{R3IqMmX5mT9g-tq32aIrv?>HLTVIr
zDydT-DyrDCa3#l9v!)QZy{TX9{#^&CKly@@hsZQJq%&nxb|Vsb6NpMUG(iF~?IGmq
zTp6KWN!xOECB41IonmtF17FzU$jD;XLnks$0K9|oKr~Qx&-uR;k&>6sMlL%@c2X<X
zq9nPXh%Lt34MIp0K^2W?cvU_B6bIniLd8F=SO>U!DXy;NlUjX0CC`lj;GwDuJq=O0
zaaSbtmVM~x(&c;`F&3N4!;Q#%)EiJv&dC<+N<FE^C=1LG3f1oCv#56!$|7q5Ogz`O
z#2v2l>cpK5?{DhM>J($AJrwNnGArXoGS5BKW}$7tnBqbRN<po>Vo-%VS6Am&3Ix{(
zbSop!AAOInjw0PRvd{Ssf;K&urktK<52WQYMB*I6q^ZJ{)ltRImgU{VAe&0@L9Y7P
z*#K=OWyX$0(sFT20SdSw{k7PFLCQ*sS>wsanviyD<3yhxwiO6jdrsP&m(He-G%1da
z&^0gfP~J_2>}lxunKVN1gZBt8eLo(*&94(5Dd^%!Us3myn2J_>CmPLC@S>K<7&-4G
zy=uaR>?ZT7O?f8Vi(k1UpX5=C4o4-mGd9M*+QkDFh>IR`{qA{$C3TKg#w|FX&;+Y8
z&u9Up+HyT2mcY{w`5Q62X*!0#B`Hjy%K^q*n(J_<^?UB_1{s@z@1F|G4{5HMh}|nE
zMNjLG^ZBG!)Yga|U9+VT&>W*aUkZF}-;Ih|wJO2%G`{yg?lCku#3`d47H&J@soW5H
zKuoJV@)ERHXLKJm*Zshq=Wm<2te5@P{Q2*=!;77QWU=_i2?DTrS=R6hrDd#J=PKtO
zOCsa-FSbL-+J<b}y1*CDQ9uyp4|(LAOb={Jhtm?eK(;b=r&m?3GyW^QECP=1T{H>I
z`v&I$$>-debDKCRgmADt83tPP1(4=D1Y!~>mnIT94M=jC&&mPEPYwfOIOkFBV+e$t
zu|!swWoC#8<n;n@;k+La@cH=oIlg$A1U`^B_zUu$X#f&=kSDnxOxM0UNCDvIT(`13
z#OMTG^?U$l`5#U{-%&y6=Unx&e1*i@ek9Jk&_Ar0ew0|CqD#JTnpX_U3P0f?bXd&{
zI%&k@N%LiF#QL#Ypm|#|fBFb`XBb}f<NvT;hRR0-OKe!Vz)Y_`avy2OK$ft{b#cPt
z<6kX&cLG}HelsgNU~}&hSS$Uwht;rqfR7IFh+h81Wheu<QZg<Cv@a9HC>tv|>?^=h
zFEb}4#p0p*T{Vjl^L46ZfdUWBxs)=dhAG<Grw;x1=hL4F2C>q~qIrSKLwdbsl&zku
zA~Ovn4N(nildqB`E}6$oFdJ6GJ%;fBC50;x^q)_e1hrAFRQCwt^j`-n0>y)etRm80
z6BF`%;Uq2>=d9C$@z#=Q``1anl&}_TOmj{SZ(2s{ypA}?&5E%Wx>li)=yWvCR`4iR
zuGO)k6@$NKTfBZYejvPwC+;i3iSu+ZXxzjj?=(2%d1{ZUp`)Vk$cuKdv5Yl?4?vVI
z19bjquA1D7K|ux}+VNGIPm+_O6%{i@5+KML5gl`89I&cetg*hN%Uv>bE{pfo@Nxx>
zRW?{?dgbex(iXJ0T6~SD)RXE=bz87X<OxtAo}(}{7D*}wZW5jfB}v-);Z}DU^=0y0
zq91Bl>^ilEbiZfZyisb(r%g!sBVx6oPglqB^h3IdH&0B!kDUaXeOg%m^Wj>^;VIbc
z7DVl}Afb7o`!08UjLF~YP*@Hf@JH&86Z_JoIc30Kxm)_i7?g36QRYM(g|Vws?EoE;
zAWw$xTL_PUwFw{VU24;1voDF`^BZA2XzumI>yISVd}B<4^PuD<&fmfJQ}KU#r_l4}
zT-i46HiUG#UOyF-<7<Ob52}C!VMK-i$xYiC3ghWjW4POx_FR@C6f6%J6@@Wmod!QP
z9^fNT8EBqh<{9CJwC)#{P5#^FapE3g;|4HrnLg(!zOij`_4WZ~=%*i%aCgOjVht(d
z$3u=$Tu|sm&0&flMhR5)zg8p!Q>&C^GQu)NP+F_12-=Kw?sB_$u*BvB{QUsCfnMp2
zO#;h8HToo<R@-=75SLpRQQ_{|SZk%lb%`Fj=-iq;p&CLB=?jwNl>SaOlqS@kHc7K}
z8HOJa%blmp8U%o1c%i#vAy*>_LjKFI-u7m_uWF)3WY07P8sP70?|QJUKm+qDJEs_2
zLD{jb()7@+Vh~w#mBwNrQ!SFuQ*0!xd4kfQCqx<y!i$rn8LN!*RGx<n+VwBUtu>!%
zP*a8r6yiB)5dwMAwwWAcV~ZkQT;F2HTD;6IuV2To&Zx*Fom`_mz;Z{6L6gzKfBMs@
zp_+9#4%BeZd@5`mHow&%c1UB7`$V^dbycRCFbBKoJ{g@!UaB=`jGaXO`F9RXUxJz)
zjFpIml#q$QW{yd|K0$@ltTk%RalA4Ch=J^e+P*nX0)6p=%GnEesKj!4ue*UPR1Dgt
zj60~fhU~D+wLE0mU$eonr^bCEM^kKoUQSH&u>nHrncl5qCm&QZaUHuQF-5I4o@syr
z1<YAA$*N)vttnwHqFS{4+norxe%TW;VZ@@5)IVi+KASGdQUoQO@!qc=YO7<py!ZwX
zpnFgzmIu1cHP#Vkpd4Y_Tj((FZ|E}UkJ|Kx<EM<9r}@BX3e>XbhNauTsJW_*Fpuv3
zql2}*qpXW0Rv}n^5NgCaA!+Ubm=4vh0xi*GDZCc^fc$piX}XN6xc}#z2NyzB&eaT8
zoTb4Co>fY*69t_>##xu;rRyA9uJo(3$q7l1<<-H7=&0qOKJM+08Nq4l3y$T8_Bm_d
z%k!i*#s;Y}{?(n7tBx8DAc-JClRdl{<oSV644Qkf75GYqOYCxhn^zjE;)R50verud
zkUnt?h6;H0iETg$Z|!KTe@if*sCxq=Lc#0maD?L&U}RO9d6?#m5QuCb0BGim@bGA$
z->7H#M&i*R-%xNK_;XYMAE@RI@b*{n0KFpt-hfGJLyT@Ld9{e<vGd^zxnvR__sB*3
zqK;2#LuZJTv&2_>4&^h%i&>*ZZ!s8F+6NC~MaObXD{W)7VI&h_AQNYA$-+ize*{dt
zq0*}4fZ|!v@TfcX<$$7}A@%F|KuK2III7^*RPvt9DXP4G<+mwBzkV#Bb|~6lc%Vs0
zd(<vS-8X9RHkGL(;W@SLxWKps#E|X{;AW_BWWX`%&>)nARvvpbIEG3D9R~rOVL%N~
ztliM|2;h1s1$5|Ba~MAr^U1nlIY8ZKO20}zK=WnsJ}Rjj_=|jlx(aZc4D2#X{1B>$
zwh)1ekvxMTU}e@fz(VJuQQ%T84l477MlxQjg+{|sEXda<i@cmaeLT^BEMr66BIK^Z
z16(hF*hQPL{QhDA*hH8wfnTyftf9=8056;;1|WQ=wor=zF?ka)l*oY$u^<Iers#?Q
zGc?~xGJ2TeyeXn<Qc7BWCi|xz6z8e;6$>ZA751Bq08d7NCBIhzn&82ZJyHrJ^Jxhb
zE3~=R3rH?v{@7&Sj{-?yfhHLf#2JEQQpAx!e^V4pGYBMLe^3;>8`zVuUnz(r=F(b(
z(MDr{hByNtD6Zk~;DJ!)+{c3RV?lc@(FhL_LI&auo7RgBYDW1pHtdBHX_5&-6!MxE
zl&Ru_>9L@7n1fg=@EFgxnULt0U_-01U>zFLNGs5YD1iT^@EDMFEASr6KV!oO&oF-)
zhzTT#2qDG_Ul$dU7eNCP`&aKgi17RwVY>(@$O1!+vVDQ@Z;qfy-Z>IJ01pe2+Zo_!
zj^izxQC_&7LAa101kO)8JbjZwJztnLSD}*`O;S7%L==V?>5n-+0flLVAVfYNhkO?0
zIygQH1Psdj6@&9!;86K!N(nrC2^KgI3l=~b@GY`g^uOeOUn2Tl|2%$hfbSsGjCp;2
z1LfX$0e(cdBst)R$2S1}!+vjj1>orzz!!&s7myDOuxCht7Z7?A^f_{%8uB?q_$hL@
z3i5&L0vmyO23~)%PYt1Y1m1p7QGi^=JD&b^C$X&r<P37>FTgf492z<MP3j!)o;aRd
zxR}$uyiA2G3YdN;fPb>;(^#P0Mt&|r##e-O+=Xa1B)u_#8{v7h@FDB&O*C?CefRD;
zn+c>5q1{)a-ssZdU=iQGwiZb&<(3)eri^k-JHflQ&;f7OXN3#pv%Hy#kdSrTVB)~%
z-sWa-3ZC4Z@4zFJ8ZfQKkcX|(F`+BM9r?w|2z>sGf6a=#CFd1X&(te4*|zr{#Haj~
ze3$O=F@CUDi||SkBA8Uq&jheX^o1i?lnzwIf4$(Z`(y2g5XXdv0jwd0*Cam@rF+6|
z<h>@r9g5Hou#5Lygltp<-%_eg;uh%%b{X7eSumXi1+OC&*d}huSe}_JpE``YDb~Zc
zi2R~GBu<48ah$)q*awkve5FLtjv(DtCMDGcMa=iBNV%tq*P@VCs^iP~@ajD)Hnd2H
zd^2uOAe}ee{_){~Zt!j{ERbN(4%-+}q!R;)BNHg2PeTN>aEx)D&x!GRnUA*}s7qo2
zq%!oKf^k$U#=D%9DLSAZ88N!G7Wzp#>$j_)JFVoY4N$r*Yxl$3$IV7YDppC61v<m-
zZ3=vVm4n^-%d8uVN&$o>{3D;XJV3G70mzza#iU&`)X&mW$e}caEevBIS~F7Kc!cUv
z)47J%o?n=ICPJll(w&20hFwC~jZE6#Ya)ASX#Hd0-NcT7K|$ZPwMS{WQon!DU)HRm
z15|F)(?Y7R$dJMYd0vE2u6ZdCdCgMYxWEs4p-I6NYerytu$}I*+Ss^Wn4;9Yv2DxD
z6b-q&IU<m$MoLQ}(A{?_nMvz>py=C_=2J4RdPaATYVfKRfy55#FMXe=J#Hl9yuXzq
zjf|D?lc2G#7wGEinMo6ONsF^}e>;NU@h?`u?kCZU$8j+sR;*XRwe2RisIt5AE8O#a
zh<cU35<fQNL5DCqNQHSIFuxx6GpEGptZ1(Q;JHm+5@~8oT+*M7mh-|$aK^f!Op4i}
zT|*~@Li%spJ=qoeW_(8*<&e(&7+v01gk#uZ2u2hw{GiL?K@B2Qvo~6uAO)FFZDbw$
zZ~=kwjtaIuY@Zcyjz+u6!3Y!dA1&xeRF<S-;^k?N#rC&vm9cNoMAkhEec=_LZ(4{d
zRg$tKqJ0(|Sa44hHhk%wjrv?0_N56TTWNKDS17HYuK0_QoaQ^JM0gkNYAMYn%;)e_
z&(?p)XT=JFWrslWVxYM`E&iqOP+YJS*$K*|GPcH}Rd`Fs($pI>UtiQV{K~0m!gHj$
zM-s<b$}^+NoSR)K)fCI`fm0tm7@Bp)B!$NtN2BT^6CuZELA=!w48q~UX8kFYSR%YA
z&C~lIYP3{bi~B()Y3BKnNUs(@9aLn6ZwP6pM)WkP9*DDQ!ZsTX%V#YXB}E?Fz;{k*
z3=-xkOBlRiUokpb)RB;cH0?uPlqoYfjq(p-c`DlhAw2VKFu~?x%QqHck}yoQV4|YA
zG=~!`jeT{v8I<90V2Fn}wa$CcK&&ms%hdiMJVeo6Smgc%PpDi5g`zSpVnER`D6A@}
z^;~XEWfno>cebLD8PyD!=FUZB?-&-bvBZ`c%h^FgyLoZu^V_mMH6>Q{UV?g6zfgMm
zHNguQX^9x8enDR&^N7>BkFnQ;gpN?#0`((0>&40~su`~BLDyA#OSJlmjQyMlrjC-c
zjUbOYbBnIuIHRUC9d(6BzR^#|pLZ7SN>+@c1-KD6pTHfq?6O+pnGPW%{Hh0=GSh=J
z=h&!;ivkp>zr#j%)E-LLUfX@PWx2Niqb``q?th#`vUT&*>UNVUoHV;hA_k{aez!kH
zMX0MX3uD(~E%Zk&+7vVj)vI)6x+p-E+DeZ{N=~T&kz^n<s$*iDnbrGnCMML3(r0|n
zR4tXvSTNFK%H-z+d|NGb+!KMueHm_dN?7VuHAiXGC@9fmCiid&#H1gZVIam*ysO{W
z&=MfB+Enb&S7MG^H0%eT5S!!4OO+8530`T6L3Dcn3S@-<0tt0<CXPDVaT--RJW5&>
zCg8Y0JjB;r<o`M~$)haSrUhYQ-JWRSgDG&=Xu5b_aNgHvmu<1#y_Yz<Y;68SJile?
zinQ<=LK-qVpExk$Q`G$tEfy)|4LV3{Dq_J%;$&)~Us9IifSy{E^}~P@V?#92FMv3~
zM}Fd222~fH69IUM_qkkai}``G3AqD>gTHh`1Pk?swRZ!JvPE}*3pjP>CvzWK>D`1k
zzoEo*5R`+MrB+o%3E6hG8mPB-B9=D(^yJ&BARClKooZD{Lx@#8z(;ufr=I>?@0FKZ
z0D?Vn9nHe-<d#cRR@Iz%Dx(=j9zanr?ykhV`cH3CeZ=T&Dk03gixMIn9dv?t386w8
zowJfl!<xD7T8u@~1Rm4jErVSG22lhKy};#ilOK*|G!3cVjdSV=eQr8Jfn{EUpKW`H
zL5mr|2zp0;88Jxy3)zXR42#3@!$i8mfPK|cu!cZhz!<9)^T5J1`p(|mVK1Ow`9c|_
zvSrXyp+5D9w{!6|NOWWdktMSkQo9n1uBSu4Vdfes9Xn-9L|p{(C^B!o6*ICxntFn{
zQ$V@JbIWlAm3H+?-ap`}TrQ7QCfSgUMl)ybL1OMufTn0n1O;-|C)yDhF^W~uc+0j7
zhxoSt)0@wZ#_mllRsLJb*wjt$?q7Yu<(H^Exx-RI{GriZ)qPgY`aNUc5p#y2N8|VL
z9Gr@?4M%SB3_0YR)3ZYG?EW3xmg20?em9_cQJ;0q274wCS;U#AOqc0@{DBPU5)!R}
zqd444RmI~4AWib37`?O&*<|fqb&_nE5d*@PkB0Zh_~^5K=BQV;V~)mGB3)(QUs9tF
zFx=1;u(U&d>hrLbb(IY+m#dJ#CH^sRj-c0w<4P%Wg4n4JAL1z(qfDK<4GF?Hf?((M
zoZFaYiAR?KwQfSFq(HL?7*YK)&l<`yXaxrn#D9`$jFjQref}XCUH1F}&2ZzD&<acM
zeS6VTs{SsOHZgOKu;#UNjwafX9*o%bv|SR@t9u*Uij?~uQ|;ijmSwCu-XJR(LM)+4
zerG^h9f2#&L;L0`NoQ)KP`c(zs}4aO%-$9GH}(aTgnh$%C^**@#3}bhMC8`>x@-7n
zjMO^BzfN>lRU})8g+R3g6KV<-pne4TTwq|o$UjX?xYJE6Au!ROP`m@AVirISg$Pi)
zTVK*ut8}Onm(6E6w2c6~9c$c9>EJXJfB2#Ljc$RBE*+XK!L<GcfjGuHLegz+cNwSW
zo#RX->@Hl5jeh)pt9%#9EN`voy;xm@s9d>*sSYbH+2b%X<S-|8UQXUxd5S}f3G^?%
zZ|2U&uJS>ZPKO?xW=7PmaUb=LkV9;Wm5|s~HWn`wG#S=Xl#qQY%P%Buel`g`Xy~R7
zn_`Je|1LMfDDdY;>cLQ*@cN;%w_-#W8?RKDxhVlEe}&r7<^7{}tz4O%x_W!>b~1bT
zEItI=&%cCk1eyXkSS5^cOhlEmkS=)(2?s`(6lD6J{mcH>`)93Qf?9-U1`0d|nZ&b~
zwg|ccrA0u*SxPd2N?Jp+b@KtFndm}LQeD9TX=BI(N_bD9w}t`+2nICU0h}Km3Tqx@
z5_c6FiCH@ZB5SRIDg)8}A55-V21znR_n2mPYC&6!%>q#*^frH*vCFE1O_;xT?~!IT
zmwirT<FZSnzv`Rn2gd^QF!uzOvnPpBc2Qz_0ZI&6ZrRP)56LWh3<L`G-NE`SneKt}
z>WFOCjs}0}$}INf>DGtFMsI4VFDEWsJ;YWeYo)ILkZVmTj>G7$S0hYarK%5Tx<i}$
zEcv?qdMtjh^K-p+{67>XI7?(Vse7q^_IxSL81Au53{I6?BKA&IoEXPPb&XcL%uWE(
zKUES1@^gskO;QgH4Y_Urhfu%_w2)k=dYy%%5mJB(<gNfi)G-Sf(oO_Q&R&ib$v>^k
zrehz2!_)&2&eU%EHN-#l^2+AI{RK0>Ahxn(SkKHxxo)6;NtMpMS)08SAro7gS&8aR
zLUL<W*91vUciOUN@oa?ZcFm41)qea*m7$4U3PR6Sf~BUy`ksA#W2Dm_hxxguiM1$3
zYuQeR?3o&m(JCE7>Sa(eY7ZdF&qv7hUhZF$jz7)z3e$PgnRDXe5o#6LsOr`(`S!Zk
z3}@&!=d{%CP=>i(QlQ=~GVXKt2mesrws+?RP>XJqr`Z3j2cAJ`D%34Xp`|01$Y91E
zyMzZ+US}AyMA?$EP+b?M&~oLW%+*&vq%ANN8t^0uIZv+t2F$#e)&%9Y*GRpfG!W%{
zYe_4Hd(`xJf6=DlIjh^!u2;-F;cEVGz6=~+-~=UOSQD$<&qG;>y%8=}`$lR9(D-)9
z`G)Eg*G7RdmiLhJ5+oBtT|LJop~n{AyonW1TTw1vc04JmQyA6BIUT<j0s&zzd_04T
zj>8h{xF1B<@6_P{!9BIgA^beWcFmTE+jI6d>guf1kA)n`=*?Bmi6}!1lTlHqGjDkW
zK%s{Vm~yf$ywihpqt*MRDV~MqV6J?ANHPPHKvP|jC<#F9l@Kbk+>Zp$&7r19K~<UO
zzRb%QiGuiq5i%)%{_BR~lSEz?==k?zY=%U^@0)>4EN@wO07zuA5Mg3G%-lk+^-)ZP
zt8$+vL`qL0b&;U6b9eo!?;Dl1YDGsF4FNun$m)*<N;007SUBArO3#vV_(rqx9&$|w
zyhYPD9&&<;77=I^d*~#H_Zt4T3D`xOuo2?EaXK|S^3VVwi`s7MfMdzy8bN7}I-Y*e
zrkF<j-mZW`&J_fm|2T@@zpb%*TXz%jf^X1K6^A-xz>fzDJ*9^Gvzv7KY^SD%o*R6c
zEH=Ul$VKK@!lsH@5=adW0HsQaLq1|8YL`ax+a%I}7EzRmL*c1})r^E~iy}L@@LqoB
z7hGD2E$*2%?<Qk=Y{wPH2IqrD<h$%F8f4Y{ZC`TPfKFkcw17lIQyuHrg8qD4Nm}Tj
z9LgSYlND?1Pz!4rSX?#UO(TGS&2s4>0wv0K8HMHE$8sT*TulhL)j)341!aJ^tjaF-
zMF6cdY_Jq+13MA4qns5GShV2J+4|-NPMU`Uv@92pZ=9sZ%R^tMP^?35aNUMJY8y#h
zCT5yhL_$0{?TJlS_YI!E+4t{7wZg^Pg)e^@Dn%ZM;KH}{mW>Hn^{g3bo(R2t%KE3o
zHE<*JNwQ+MP8+#S!n!Km{dr!R(O|+m6?{Tq!};wjHn}gFW;FCf2%Y2ve<r3z+@Od7
zK!UA~FpEh^I17Nx%MzB`TA}2s6I+Z5UnpWlP&z7elrI=85Js<|V79~!6M}v;s8-wa
zb`Z&*o(O$RvS&x;r=(Wh4ch9@AF1ulZbg80I;*t26*-;iI|aL7ylAdtpRE`-i5X7^
zEX7Bhi78=rWcvrF!AE~qUYv3GUx88j73|h#fUTk=sd)D^hzn%F-z!^E>5gW|DODH~
z0Vf6;QJ(5I)t^aaV~wM8rPeSe27_WwZqDxhAU=+h@k)5S3h0kS_R%wc#EvMvpHFR<
zUa^%=q7}-jTimkCcUSJB(_j~#-d`N;I>2LFJ$uH16F;4(x(%7Ki%_+fMWdquiV;q+
zz`vMNdMik}`c3^De&rI(mhg5+F4NlGcfem&MbI$R&59ILqauvRNfPPJ22>%{C&;mM
zZjs2vG73;S5WIbKPhCWUC*~MR?7%eXli|bTf~5;KLsAP;ed9Urh-P4C2zo*AbJ)}j
z4a>Q-$R^R^+`^H@vK;H*rH-Ie4hF+6v&ieS5y<8+9(p%4G$_Jjha#78AP!Les%{6Z
zhKXOlea=E)C{~d2m5!#B|0YogQs1q*LNd3w8(R5+VC2lEuAW_0Df<X?M{YMnRn2q<
z(;mc28n6x0FWqjq7qw1S!|k_aLE5RGNt@S<wG-`6Wg(g03<d&+a1;cV8O60pva^J9
z$oxcxo1o5Y0~4SYdQDvb*oAL@$BSlsd-jq!<bULR`37cD-Z@zB*C)uZ=SHw+j<7e2
z1n{PRw_8(khvts^?Ks|%06HzI<EKJ^_}=oO+FCDPTmSZK?p;Xy8^QD&QCmgnLU2m!
z?}N1f-<3LA_i--mQ)BiJh&bX=nt%?^ksQJnxR`(LFGb|2tI`n#XrmE8p8>WnPcW=5
zG4%llC=OE1;vqJI{Ofhx>;=TS!+l*D182|{Lqu%KrQMjfI%52r%TPNM3jB|U-gpnR
z-GQVsdODAs_6SbmJ%iJ`6+U2_(7?a|LF6nC6O<t+3|#E2{#1D(2>o)9CiUa6$34%e
z;q|hy5C*WL6G9lkl9>%DRzct+j0a1#bcc-Sbzi|R5Nd~PGC`rt$6KtvP0S1yJUX8)
zaMhS-dDfUHTe_$>D%|<Dfe&fE(eTKJKZ)Mh#pRyO6CSQ{;DRA2ZTi!P-Vkt*PO)Wr
zD8}ON76{4Gg8Qkza^*GE;|P1JY4C?VJqt($Z0*HWg31y6_TYiJ4ld!kh+o(QngBN;
zvhoDiYANC%GY&1AAhszwupqXLTZpbMI;tk`Ul?$qm0yTmFpBcc^U?)arWO3y%wTE#
zwo`Q%%Jza~S5gla;Nb73-y^`jE6cjYpHWc!!{{9BUCFToRQL+hXVY@MB)^$rD_5m2
zGy)X&Dt{Jh{YXX=p;h#z4H0Zz!UimGvpY-|94uCQ_jrg=n<}6vAsr_atEK6M>4d}7
z9Z4PqEMD0L6s?YsLUi8M?@$sGb-64Fzod!hdpKp_%?mVXZ#3jY$a|FQ2UH02uz(4j
zJP2Z1QJo^J*zR(+w;J}nS5?}6&^sWz!svS6ajJ@&!N=i8GkD!^1p?o`S`Sl4V%dz&
z`#r?usFGc@boPjD@FsY06h4tW-kyd2io43r1T~roFu}3$2velI?u&wa?NaE6jRucC
z>V1olf((;xuet4&V8y+;7PU^!2H9y0{IBOe*49!FXA#-EX(I_q!iq(3yV{(W%ugFk
zUKfhnQjQU}Ca@jO*Ok#mFkcgFk4chvo>NR(;JVdhf>aLbhN|Byk(O?Rkg!+^&Jf5X
z<jbyX5C7-g;b)_(ofkuFM^SA$r}E=krvI`^r$c@{oOK0e?*?j~izy!hkg6K%G>}!_
zO=4BbznA=1ei)r~d(l(uT&S%D@Hko~C2>~2T<c3AbfV<Zm(~c!=COBASkB^fUgBZZ
zA_`kQ*62W6B^8$SytCp?P!O-s2XS|W^9k9A9d<07JhJcK->xY{bj1A2j{&Zt+ivq@
z^xmi0<DxH2c1B!SQ1>55S374eKb0&0^Ye3QK;X7^0=tLmQX00DHlY`>#;V1zC7fMF
zo+c>@<v}f-#@7Qy8=35S%yt0B`ERhBBhUMj98#C#F2nxIV@79}luPUutBalfe*onD
zARA4mDrz8(vz165yttQt2mhwQC|C?)rG`~p{{3xvMveP=+D{u2eg;8oj-+(=_MBOn
z=3g$XmDRw(r%q@F4RAZgO#Kw7w~YnVNrB5Qe$+3<bpMkReBmtd10s!4iwXGW?%<<u
zYv(rzLL+tXur}-ZBDOw<xwkmo&@x%RLpx&*DO(H+UjqtPqOdHsaX1JK_S`})Km^fI
zYBGY{<&RXs&ADchY^ON~bOmQgDh;A2Rw<b7bMFPZ(^^A9<Pu0!r<~7gL6*6fi?`|U
z#9a1?;;7qrh3y>tl8vk!t>n(u8tD7wOxp#|yJ(RToKCEQUS?JE<erI6c*1r=LROKG
z_n~#d_Jhbc%1>yr5IU8*QCLTh=?H>+a@2(-+w2&m*9o3kPU9~Nm4y}M+MbB&v@(6S
zDmVv?^(5;_IM@jW0=&CbgAwxe8WUhztefG!(}>_uZby{S@No`8m|y{i_Fl^6o0Mb?
z>k4Bx>(5S8kTMpBp%Pv_Hss;jt}?MstuR&r0>vO?yAkoE&PIy}DPtfB+Tv1%gNnqd
znYpIbVZ2W2<}HFLra1+3gA$K35g;t)B+2wY0Bt~$zty(;fLLiHsWzi!_GnBVrfa2L
z`|ZyEQ9|{%g^APiymGmrrHk|j33g`^Q7hWn1Y=486`dDpBZI2rA{QWRdnhYyjT&6y
zShQD9l)y(5ZDy!MYiaWG<hDYL8i2N7@{%N?#6tcEqH9iZDssx5I1EwtLN$J+!Z9gB
z<-)tBwBCnUNi^dU{N&xW@M?i}#W(Z|*uQ~gJbVAzUqmpXdUv->Lw~cZE^#7JL)T}(
zl={}ZYKGF-%#`zJD6$U0%pz*K8QE4ffvx^}ct$s^WRI)Xk?bQEN<CWgSKKQ2_9#>x
zzwqpsmWULiBPIr=0VIQyuXk%utUfPh<h`iQix~7FO9p=}n0zlP_|2m(9S(Nn!fA<2
zhp#Jk4Hd1h;B?Gk#b-cXIWLGP^$N8@iwqXuHIEUM3sKBLzVS#!B<jf8E5ARarbFFX
z&>oKuehXD6wi!*J1STvVRja6U7@m-vm1{<}U|$Hf8A1Q>8DEz=V(}jf{b?Smz+?|A
z2oe=DdSGH85%^<PN5;5Duk$`f#lavC%IQ|!tpC>-&Hj^YDR-AL!RL%fUaT|L`A*xu
z?JiX79UVPn1EvLG7-*?R)#v|86%>+b^deL@y)7Qyu-(yY?{*%Y7e}+kch<RWhR=GN
z1!v9?e0OxHI1zEeB3>Df4%2SWH=e|UZm7k(&NoJQsk8{$a%|a#oOulpAa_EP9IE!H
zC_w~@R>2dRCAAV_bQp(f+-s#Y5_TrUO}#aH+IUWRf#ERictK?q9;3z$+s#p-#rNB7
z#X>+`-KLGT^NHT;Qq*wYOo`x8OW|zR1Sr|F#C4N2Zw#0#Q7(C!V#OO6fG=}sDXI<W
zZM?cM9o=Tpe**)c-Hl?IBZx=oD@nyMn0pok8Uoob73!BTRJQ@9aBXn2g4!UpAZMhg
zvrO@S<~62+hJp4bxa!(ayH<pu>Tdj^6Qbprcr}=Sr-t5L!t>%nq*omk*}d;p_MNV8
z3>keaB`4;GWn*tUb>`6pSbGGc2{S@hrjnOb-Cy3YyC@oU{0?94r6{CqT{0|Y1lJ3$
zTkhf3OGfH~-7>Z9DVMtHu!)(tRwwtnLeh%M6*y4;=WFp^RK_3TEF=Rd3cWPpt<u#Y
z(;?+6?S)kb<&H7Cl&jl(w(6P^%vI2Mij4wq_}n@ZOPZOi4L5JP+IzPdx&CKsLFf#?
zcSnJ-^EDJ5M~i~GhCi`V=vtmuqrDeB?Mjj{s0K|7@{Sj;@%>)GGl+5gV*ZmT7)i2P
zR=!*kbBv()E4UP%qoe>U41~WjbhSeW+-5Pf0#Zp{Jbm%>`AemNpihWOja#<A+Rqo{
zXJ?CQCeO*w@c$S3|6h=w$<KsbkPBk}U;U5#Oy+8l_0)W;`Fz$Tq*lf*k@}1So5e1H
z<Rrr5ZctNx@juMBQ0KoQqR=foKY=Nnk~^>*=JW=w(q~Ck(@YKa<cs-pcQk@1y3O2j
zp%|r^>B;lcMQ7?z#IT*Bvt2Xw&a7e7wAewHZhBxy!CA4pqq`tMFmlV9-!ih{>kTXI
zXj|}y!#(CEzZN@lQ!rjF$a!^qEWx0TT9ZyhFdnwHq~miq+t0MS#Vuj!3_@3syXDjP
z;>E!}jl8+Rkz#4{zU4uu160Zo6zBX>LpXleuznfsJ~h&1Abo)Z#PTPgT->2l?L23Y
zd2P5o39x(cOG)zas7o(C9)YK-QD}6Cr4}18YS!7NxfZ&VCP+y|+C~f?K$Sb|(_07j
zubO63k^VI}*~+~Y@jDsu;C8_jMPbpG1v$fmFTum8=HXREJp1h2GeZ;HH2)3+SMwgp
z1!UH%W;7wXP}~H3=SrV#j^DX^qnayQ@N8xRuC(WbEOlHM1rL*bFZ7aoj;Z1`Xh>`n
zVP>wW>~7ODeL>*Gkn0x4`9q&RHs-93+yqkeR~{znW#$7+`^C&!1>Z>Z`+tn$@hva+
zGrX6YDMvDC{J&QoYme#R>HOnKJKIx;crZl5ZI)_?2Vjr39`8jXph#ZTKtN`sV0XY3
z)#7;X)4-zXq*$Ao&Xn8$_1tyFu$$;fwXsH%`{LvaGAGYY)hRFV8o?&oqKRVBUZfZ`
zP^A>89g&be1I_n@hpu90DR6Ekxu@7QdorNZb(A;X^*mImdmNrzh?JeJR=nWV?m}cd
ziHp=adcXIb#iKXkj@&U^b~t*@`CouX-5$hK^^fLk0iSAEot9b+%L$3(61Mr<ErvMK
zlD#Bz@;6b4@+C^Wsw>&DGUqV7mMLB&S)H=fsAm>qmP$N52kXSkLtAfb8(F5u8}9U@
zn<s)VqhYi*y8#}<(SX_wx&ka@wQL@NTAhGJ?>@~n7O1`mrrx-9$bFYsov`x)qI*Sw
zN6dH4RvC5Wq(xXb)XH8#2*=n<V1MPi0?>t<4q*6*_qY!pYv19qjys+lMcqYR>E339
zW&#Y6iXp0Bu@qnQ8Y0`6|BfoDWHxHW8_hcB)NPIEUJ$bo5l7$MB&OmWa?IV=2F7yG
zId_|)Fq-TaJ?G{ueG?gxd)2;gj6^yQ9d-*1u?v_3s;|!3Dgl;I?Mu)y7?(|e0#C8J
zTxLtDN&@C7D}5=<z(6$>1mVO?aY24)TOf=k8w?%C4*tV^an!aRE$iflRmO{iVB*`l
zB1@XlB2gEmA7xVwV-BkaI>#1aRG61dsIinmmsSia2aMi?`4l^9P4q02Vy4KAX?Wil
z2VLOLZmkBC70nbGt8}Wq<@wV4-edf<aPLo_ur3H&tih$;J6cEGw0~2c;K;2o!m6s1
zhd0q!9W^M7wK_#QQv#*cp-*EtYQF4_NQsk2Gwk&zokC~z>JdgeqdBjJEH{VV=RNyW
zoH2c0ZR>I_h&7}7p1Qprith6jpz{bOi{s<QdWF}qA0Mg2p^jeYZ2829zocSWrV+D^
zS`O-GC0hNPL(5&uoO?e88nheJ4os71Z$J`fWLdkZ+nV1hMi^z_Lu2TMWm{6Rv~~tI
zYK059{h4hIK#)jH8Oc#+BaaYP$$iN?Oq;KOzM14jcFW2g*$OFvbO4E`Qt~xqdIj8*
zv_cIMW@nVGBdu*6ffYw|$n#^`11uxH-)<FB{K*$jpFe%Rr{FsqwH5yh_^-9foByA$
z2J9rB$Ob*9&P|Cl+<ScrFTjre#c6BTCto~$@$~tLn)8cOHG9i4|6>09lz6~FJ1y#&
zG1;-rpBE-^S(K@cA=jJeY*x(-3wbEMo*RA(*U!4KcLK-_xD<Frp5&rrPuz#TX~$_h
zcbUF}NVx8}rMWQ&4*sq3vZMJvX&-p&&{%jsdQ_KJy!qc3Z$6yAd-MM4?Cnc(Wq;b1
zK#>i;3NNe}^C7<WFuW53STWG>KGw<pp88{4v3S~*TDQT|FjPU=IC$9oR+Lo(HN)hB
zT-IClyHFaQl60YN$u$ur)-|~vUnxU1;P{hjaabGhpY25CCNwK%J=(W1fJ>3pW(BOa
zpj&4E8i2Ye$|k$3r;g0^`X|0UU~SZAhb(}p{S-0#H~Li!6w)4fJP43kbJ-+MY)f&=
zQ>RM93sZFC&q@aVkC%T|t1y_T3P#?ytoZ-f`~L67Z7bjXxqk)D^qpf*YssGJY}3x!
zZH{AmQg7#r*K(5XNxB(`ge24?p%9=w%FFxT-@&~A2}&dgO7e`SA%18l76}3uz`Ymu
z+h?v8FUhlQCb(cUW^HLCeIgb+71i}TPZN3tv54jp2PcV2J1DJrh=_Xvqd=g~udmMZ
zxdE^)TWZvY3DO#GXMrvQR{L^BVnnx$tyBYMV1bz+eoptLIb_D7cBIR$nhjFxK|Gtk
z%4yVIro>YaHKY`3KoQh6=t-NDn2RZ$@`S4uq2S}jvU;qv=)?HijWwoX9ie2F2#SU5
z$O%!4Tom&KdDdAL|1s2J-J%Ms3I-y0QwJSjM$oWzOaZhpP}N$C0^j?*a0XN&gG*fA
zyq*{!b&KW=)>O@m!B34sxq15CxB)FiQ8z|$=AhitLM=qD&jzqI7!D#Z>H#5$V{5O(
z1<c(Uoi(xu^F0!rDpYzuTDrH#0DRf-S&*Hu)XNaw0r`BR{mPKftF4XoGy|sNRNVaa
zf}aypIJOV8?*>eD0}FXPOk#IHYO)<DH5u5>zdYO7sNowhpI<%C3Ftne?G=GZV?8?)
z)o^wSTGl4|e^u?wGo!vdEMU{=(S&N6c;$4oMDS5!8Zs)Iv4D!l@Zd;mqv&I8zm1YX
zp$wSEpip*=?pMdz2ZeG_C<lddU^|0C`S^KGh(gJ7wWUfKRcaZcOKj+teyz$B{@$lj
zX&oDrTfY1j?2m!-I!7Oe%{X;cP2fcxnq<h%xn--}2#vKO9tE9m*=o`u%{nAm)4aNs
z;?A*$$+=D$_dxP(3)vRPZM$XKW0q%ohAHYnw=fB{C1g?eZU~V~VN$7EBKf6JkR;kh
z3Ze7oZ8&_^Hzv#k{YNEQ1b_wakB52Z+fK|;87Z;xldpEUjHf+{Z{|e?KG2*cg2o`1
zHn3wXB93Hvb9rceRhUxA$l=Z8{Hq330Y9r0g?cx8m&Yu>;VJu$XR&B0U$F)xUd2f*
z#61xS7WFICNX$k;_jhdmV=9WQHHHzL={9v8!XI)bm!^(5Kv+%AzalC9091e!x6|#v
z1E@)JCKcovxnH1?K<WsU70DG%m+f)TChpR7`<MU31sK1fA2cP&sFAc!VFvG7<8H-_
zz@*GDZL#_0z%qnrQe_HXOP`Jn@Gt*K?w*hT@aOSK8^qtEbensQTr2!mEA*B_j&0z#
z9u9hI2iUC=V5_0qyT+-9!EQD0{yvafo^|y@ZLO_e1J0JoC~w2sY8bfN3lO^2Z7Zr)
z7iyP9)LNG0b<nhqOey!AmD>d2Q%%NyGl?fk<aExo4r2DbY#?qJip9S0xH_=7x>WK`
z46g0*w@e}DRxM#`?5$4qA{29LOS~-yQ>%4yeXzD_cv`JJ_Q2VyV`;Va*nzRtoy_V{
zEBA)0)j5hTJgo=8(%KnEtNUKjfuHq2*jf9=&FWmf0KBX%v9i3@j4g4pe5o&6Vq|#{
z{I<cz!UbyIy4zr5b>m;{mcQb`ylTa}+A=8xr{AU9AX5s}YHX)XS2^6BqEO31)pSoV
zKR^fL@^c$#q76N6YC`7g-8zk{!8DE4=rlX2H1!(gdhKF+!XR@7p}PQ%pxGdzmAxop
zQey1}nynn+X%72RG=_S2;#=Iyi-bzWqpuPX-D+wCX0kTDS(|A_PQROwb1rW+xqUzq
zCRKM0u8fk~V#*Q*S!19yq%>M!mbEFz#Xc;B^yjEs+VnLhO57L6W+(lY-b;qlo$Bf8
zpIMv9FU0CQlkM3~P2|SsZ7Be_g8>*0oNH@=34nP8O0Psg?kVQX0H+y~8@_x=E;3nQ
zK`piRnNE`+q=c4<L(|GoX0Bimc#ZHq<N|X{JAA)S*a!9E$q{+-VJ7weWojm$jLBuX
zOnAhV)>N_?%X8c<Q)XW9_Q_|idh#Hf!ux%+ENkUC7UW**&FoG~M3(0wFYAmttE+{#
zw?|0t5-E3p_~4NE%+W!{XsC+N3!nF(e8p~4=MOcN#9OaIw}uURIU@qAx*nMVv{>we
z%km*_m(!K~y5_*nCWM-%=BMMB-5txAK0AUT;7;lAnbzh>C3*7f$(T&6estu{yL`^u
z<4ok`K%g$d$rExYau`uWGm<cR$7~jmW;83Ty8N^?m6ilnts+5{tH?H(y$ALUi;<NV
zCRb@D@`xGF4?g0hj$}%ibl19_<Rdb866^=T-Y?I?>15x43v9-JDj2yuw+w#Ca>=FA
zEF<Rf)=MZWbTy^4BtAS%>CYk~7hg@xu%3P*qV0$WYboT_yFIQW`g4&pt(OETI_1;r
z%8mXzIj4%EjsqOXm$qLDM6JF|0j~;Pag>xD^oa=A{``%IdngsoOO|E-Rgdrt|4vff
z8+j`-=8xC8W;7=H<R0NazstE|UTzd5g7g;md+OFEWM8n8aox%gtEL|?vdAwi5-}xa
zv+rXT-&|kzn#4EPmv#>NpJKK#d>EpiQSN8>Jr&hTPkptfqgJBa<eqv*Pd9YjK<(1o
z>&1uh$IvTxrTHz-ys=#MQ>>o`$6HiYJb+8@WI;6}C25f;zVsCRA$H5_4F)BP?e5VR
zPvBDIoMD}!_@#xY>D+;^T^l=lgTRM|yOubJdXsnec!*}otbENli7*>lGWB$9wL`>B
z0W$2&je4s*rN*;i10{$0w_~uaJ{<$k?9_V}EZ<O=?2D~R(T@5{w=A|C*ZaUX*OxoV
zYG0h%rmWUaH_B@GVZ!n|9<h!KgRxOPoVeb8GsU0lX0j3Iy(D_|ij{|OeFMxo6ZqzW
zIC>|IyTBOy$f@B)(6?S=Uv;`b76F{5-~8+wc6!JV;m^c#umXqFeSj+hw?AUXxa}d1
z*m5xogC5Y2zM9l6re|!qAg?B+hV6I}eRc#GwnY2tfg}l^F%N)u5ZtQBxDWhyV>So&
z4ZXV8b}h&o=dYARB1y1NiFfyk84{xGvf=7xinqz}?VsTCX0B<+xB$o37pLcMF2-s6
z+l9CvDKRP}8*$~6i~-n$fuW5dh<;0tdyh1jo76&+@SP2s#8^EO8kJhdrVz@1d&#K@
zoTSG5RwN11TIGx#xt6BmkFP~khLhS<J9LW9>l*a9Z!thV&Zg`mZTvCr>$I-ksZ)DW
z`+L{zacP3(Z`q0fH0Vs^dT-|Sy~I=mL^v)a%g6ZX$3omLK?j4qW-X<U+DUuOW=)he
ze=hyOeuje@SUs)QssoLrMugW-PutM6w~&;u#~eWaAR+WUB~51*({?#b`mBa;di}KC
zfWj3~xz+V@8ViV0%3;O*Qp(xRG){T;Xt+VQj%ihvt@THq#qCsIGik!Jbp_J=%{XC7
zAG5D|w$&a)X1&mLA9Ul{S|@+Hl0PLQ{Q77aSM+~8j^nyf&Tk-M4`!6Jp15A7xvs%t
zXCW@%o!5<g1nuup-ur{(<__cx)A6>~Ln^)uNi-7UP6AXh<W_D5;gaSwWs2n$^q?t0
zssH(I$+C%}(XH1jGUx}Ny?(HR!`E&bMC35JW>ugV9-vQo8b7h$wzKk0-I7!m2C3@;
z<)0Dr6GL2=VhKp#tt3E98((-;$k{bKyq}ZSd8y8_QvH`HS0%&oy91d*U}Qx6*P2aa
z!0AA!JJ4t2syb|kO)63rH>Si_J~=r#LG05nzW9QOoKO<8h^OlhdOOA*{{7jrG5Md<
zH?JZ5aj7I?r{h=k1GSDl2$#D3*W}&X3PrB|CfpiJa@GQe{lom@ix*>Z&U3&r;0EZ)
zMr7KM;Y=t(0Z|jwB>&xZfzS#H5H~SRfX^4oVD0GLoA5|s3L>&j(Sb)rY}6l)p;QB5
z!bc?Gw~Wl>*SRQ`CDN%0koERyk|A*r)n1fLeZ)AVPWxo-EWy)j8leG}xvf>k_Tl#v
z6UzaiADCBC7pxJBow7tWU2B<(f5H~<JCbd-r@gF5qjX!0Ajef;5uCIV;zJ1`2(JUZ
z>KQ^T-CELK!Xeodpk%ikaTTepcfQ2ERAd`HBV?uDfQI}U21;R`ycP)#$qWV!)z)1L
zSg~?ZYC(CDslqH1gkkD2Gbs^9+S_MJ^ILsKG#q&hStqir^OCcKDt?FFrIfDRY_86+
z9*oBa$U;O;q@uYw^ZM^T9U#D9zgFdXska!4c3WJH)^bUxq12}<>2zBML4#_0us8Qw
zh$-z5%MAlNNR3o}x206Z)*zb|X00X66~?Z>4d`~SA{pBQ2xe@3#53j{htRdo<jjG0
z6)MZ?AXPA+$37CdJIoo|p5-#OEu}NIP#KLaOj2X(^6+7+oiXd?!|5BAikxv)5-ort
zN{|%Pe#=D0<c(p<c(~|Pilk83dB|pXQ|IZG*2fZn?L%f=J_cMopxX*A3z>2k%Qw>t
zWpw*07B+&p2DpYhZ`vWQ;VzTM<285e-P94Z(jk?EYBaMi*rbQ;t89X*7hdcx#L^eA
zk@}l!BFV!n36hh;vohh%1`u6lisdsJv8S$ufh`v-Ww{3*-UdV3oVNwdVuQ*Yu^bo)
z`=D5^*Wzq)N#dN}v0ReFuY9TNrq)WU=Re3i0bdFaREEbbYtEb_R}C9yiBs&lqLvnx
zvEFZxpb4ySC5qhmyllaxNaXs?-IfSjHK_VA*H@6-!R$sPyq&{zw+oG~TrTa=$lf`b
zvMUzO3UwQBaaVv{ODc^u5nSb6fKJ$)Wy32LXh&t$hg#ZIXlkG!bh%8t&i5c%XCh`-
z#Wdk^G3jmeZ+aPnugWWX7Y;Qky$ubvf5|e*K`&XWxTBY$i$3cIMnFzq!c3hW{nOiO
z{NHw`cxqiyzwu4Bbl)KnO%l0Y55uy3zmBfEge&aS?li79p`{3fZlG2%Mg(xy--#kg
zDlqvpBO<dM91)r%_B&O*0RL!nW)6UF+YQc^&)(UxeH69586pp`rBAv_UscTtA}g@A
z56A11M|i4K&ZmX)Z`nTZf$kVO*Rn>+^$~$yqp$A3#zuy~k#o!fEY#(}-DHfFQULk@
z{?Svn1qLjl0&39#Kd$3qqG_RfWxQKAAVC7gxvg3oi~H=J=JDxOYyMbWC99ryl~Vg>
zqW?~(qEI%6!Q=4S^p1T>FIba-%~YOW_hfmuM5C9>XTBq{LyB$TR6|Rdx7Wd`HaOKj
z52xBCI@Po!O}K=jIyHV{%TW2Pbbb96=M|?z^>#h&%hANUG#OzIZMBMPmBE+7fR*pb
z0|I?@TwogJd{Cv3AbvhN2OSUOQgoR0uz|8evrM35lt&24FOTpRulFlxmP;BjZ#Ax}
zm4Y?Eyc|v_0@a<YdK&WddIhGcswiAaq6JGS{PUHjTT6wlrp6`F%A8_Y%!K8sBw}_{
zi_3d*_pIaYZd(tx6tNq|SNyKtHcR1^rgFVms#@^@sqj^+9I$Y#k+Kgk-7o_+0rhGY
zyo$lt7GwuZ9kQhxu|xlGb&R0nUAYgBN=t0reOOa1LQY|~^0BU9g!CGug4ETFfNn$F
zhmLbF#Ca6pK6EsTAm?m|`_R!Zg4jfm22#^90=oUI-G`3QyfU7|O;=(75nTH=&>4$E
z7<GSK)$7$q&3F<+&T3wBA08Zx#|IerQC%1cH5>hjuq+aBsFzxgF_#L|s>&4QI!{wO
z-d=7=9N%71nQWb+S6eDYl`2$LJTen5izEi?M79S>5}tA>9uNcLVNywQh<_YM%OZql
zn5R>gihOlccB5af^=qDZ8p1DgMxr9mS*DWJ1L|BQ<+_sDt5#o>%3TKL(^94bFE(jO
zAv7e8D-+T7vpaG}bJ;y((qGMr`5l)cXuD{MxOx|`SqbPVeVAPRo#4SY;=*uKf8SJF
zMb2!_M<Dr4k<IFCtm(YZ{H1Yhb08aj`28=V3U1->hcW!)cTc~3`iuRK-#>kNc=-L_
z-h6#?b@31W^q23mBE7}``sMI@cJYtEPM$vfvKh!>z11{6o~e<@M@agYP^&JW6HB0N
z&PyevN+won=?}2g`>5ER#artmcyJ9nG=AmdMW=Lj1TM349+<*tpROk^D3&foPV*Is
zjcIJvqyB|c0AuH(e=xq7=euMvrYz<~+M|#LJnvHE9*WeO;<q-Y0w41`aZOQk8r|Y8
zsU#-?t2lYKPo5Y*c*<y(Ef7u75C|b+rs-`v!ZFp%zvw~@IID-Ilc!owd;@C2gD)Qm
zE&{-RX0Nr5<8?-LNy%{87%UOj68`KkZKR44aL+X5WM(805lsTh<&nA;1Dof<o>l7z
z)LTe@5w$-sizd=<@TSXU!Xqe%4>wg<=5pKIKuzBdJS|dENWIBLW}fl(YEDc!z<XQE
zABv;!3_7ge-@9~zNlD4d6a*Qi_IfD`xNMjip#JOaQOv--U#gq3tcbpG7&D%PpGI52
zx?F@JGl6Iy<@h{GU1v)Tr(3w$h_@i=_N08gF5aBV&`wZX>vX0oLTwyZ$^EUP_@*@0
z7_k?vB2&4A2UUy5VZ;Ulk1I0L|6`3k*26btGYnX1KQ+29xL=!en3yF@K?Vye%l2dR
zOe*g5=KLWe-$-<{w!3F$FA05G%MO)zea#q)F+V0@W%qfJ$s;m-YC{CuI~FsN=?g-M
z-hfu5oM{3>9h+RFL}qj;7XsiVBf6v!R~{V4oJP0$Rq)xt@Qz6I)Py&?%T`bEQHxv@
z^LG7>mTyN1m6p1V{hC{{B=IVv-Ko16S0}kJ-X9nTq2#J8y^Q{*vxM@L97@K>h27Hl
z%fzoPqct+G$BKy(J}SdnU=CC6^0}J={F(xdgM3<UtHz((w?htbSQcA=WwCJLI!>=H
zrF)ylGh+%=dnccWZ0^?Es!pgD2N~g+zK6#JO;8Zv;9I*qn_ObIe7;bldj_6el<5_(
zv4iC60jlk%OoE_M#?FV<cs<2?x`MiSCLXdDV$yN3HaoIu2Owl59N36vpiF{MTraI`
zM|UI*bJQEbDHLA*8AYO`DWd4LKr4pn?|0Syxnb!tp(;F<<H>i9)!gyE>N8EVctjJu
z?XJE(>xvX8Piid`>&CLxtVBK1idwHTN^k?Pbjsqm!k$4>%6-Oidn&HJJv$<N%*OV=
zyj|LEtQb&YjxqLS$_H$Cn1W+(_V%giWcz*pA9~{Y&A*KP!$CXv%X=+xa{WL6M2LCA
zjq5JK+umP^c(P>C*x>WL$BQvxnaVpVY+Z@i0WZff=j@+0dIFZLwA)5hv8*#-*=ECL
zLKz(E8Mvo3O%B0Yh{X?%h!O($4)8*6pQjmNAGm}{C`ema8j8W@rGlbAsds`ceB<A!
z!fc`6WkUU~-1;_%5Ht=!=$+se*GjX13=H-iBrvNyU6GVaMQ_=dOtiw`hA!YrW&~>V
zvzQc_;{NC({bu=nAcL!<T+WCrA}th`IU8AZsB7~#F;r7DXemq-yZ+LGVr17c?wmZV
z4b9AvT#x03xr;2SR3TW{j)FFCK?6!wCTa++1;($Fv4}}Y^VJbxnsH@gqA{Y@KUTd0
zDa{Z)EN79(q{@p3R*I5oE^b*?rY2}<aN|<~iH!=tm9Y`55V|2qw4m9XRjJ%5jbV@c
zt-JwrSu^Zv(3#e-xq@YxYK5fqc>R!-HBFDY0mdx}dD1F)NDn_n$`p;MqP-%s-_Q~{
z%S5~Y!JJ5#u$;~ECLosFg=hwTv9L6PT1sk6-ikm^D+XkPsthP=Sfi}`8Zt{3lehqF
zyke$ZKEYtitk&*&QS_!t{Ew<ATcAaguG#Ip)E%-+@toPZ26}@VLKhis>^jN24bz%u
z&zX`{a3;z#%@~dLVk|cx>|hx>d!@!$(R?w$MU=wGB`tlsCf~<Jhj?&rL>%VNTZ3+^
zUapcaFu6y9c?%y1ayz8Zi(1FHB@24Dy`{O*UPmR;3=C-mpBp_3aft*(6x!C)(-xAi
zYMbU!lVG>dTIHYeUBl{4+(sE06aY_U8{?V<y(GV@DL6(ME^qXhkaK9S_+zsmwsutg
z@eqeKS^FSpX3e)$lQ<OSOthN6*2HrJo;N9zdPC<TNmvf#GPnP*ZBVOX0*EW<`Z_Aj
zKjl>=WA{OQTK$YltR`vW62R<bqY~{m!yJdzxDX&2`Z&#2NX&C*)1bj8sMookmcH_2
zbed>^?rgqtymh%3MpNPRbj@bQQse%q-hWW9mF%tckHWXs`M3;Z4eHov_D;P>lg?Jf
z!@72=un-2dF)FtbPUB1hB0BoUbU-96#Dj%By~d4BuP)(bdoP^Be^_ZB>?F2r$}~Hu
zDkcG;-EZ^`(Zg0h!+!(Z4&!($A=-1MzZBdh%ybMefizp0AU(C<c|2OuT&>VXb5xE#
zxMMeMGVrC|F(F-0LT;<AH;~SH%#540j7@;m3!Z1S$`3WmkQ`0hYO{2qH>}0wk<Kza
zW&^5sa8Gq(_rcB-dUvpa!5zB=P?I{Z+(mEFtX9?op+aXsYQX8jO@b?RU9dmsuN@KI
zZlQG>C7H-ZCRx99-Wa{xMi8S-fo5Tvol)9gv~KsOSC@uKA7&y$wujG#DQ;*<YrNcG
zH>LJr^T|UctW%cBsz*GFwLAc^2!;$<L=g)-O2%yHA|Y2Iz>p`UDq1i}qzKyXgz!u%
znj{rgx7h#!G*077auv}q7Vc!<8w=<%p~gftE3ybf9l2Wd3DVoRD1cQ%qLq%%(34PE
z7s6Po-AG`WTcH$PSmar_D4S}6uS8fx<CI3X_cV_s6gZ%YBVyYTYHhB9l^q;}9nor;
zdA6=+x|2SvehWLM>pJSwQumdt!~m;^5Y}m-L`oHpzyio;j(06BQ7UXKMc5GqRRokJ
zvsmU#HfyVa`+l8}&hEmcacB^>N+q4J6r$0`%z$q&gakb4ISV|TslL=vfWe*Fnh>SS
z)EV%`LWXGxza!s)58der&8tZw?j=$8qO^LU_7}EXGsBJK(b{#u^sCiNy_8WGj(FK4
zba$lB`aMe${r^6W-C_Fn%%0CP%<kvXnkG$h&0(C2<uX)J(tG{s`s^VLB)?-4f`M$(
zj}M-~ZF82foGNg9nhKtLM(D;+Ye!*gLb%%ioy>Mgdva=L*-Z~%PSiWV9^Sy^g2GTw
z$u|Z9zLYOzUUrLpAWR8D8v@z~&~sx<1Y>e|nk*O2mjeY$$(zd5)jCz&aR>EymJ2E0
z+HTv-Aa)9&1_nFL;U+%Z#G9r!+{ByOui+-{@UX3?T54x?<DxU^tq(AHE0hUT0L_|`
zel}3DaZ97XJMZagoH1qUQCXkBwf*kbIqfJy?lyBRa}J*63bta_7Nb@IMQRnV0q-A3
z6Ct2~hm7N1Osu5rm`s?(%yB1O4+0DBTXXD~DasRB$<mu<`5oM84_VlUtd2bV)myj9
zM7aKzsVcwJ34V41^2-N;9ac?l*UK5XW|6pKIc|W94@;U!F0xmYC!ro8yHzTu5J1({
z;}d#%AxnmCmOC{BFtxvQpC&MLnX@}CiZD8uG=@T<h9Q-?t1tMxM0T~I$`E>!$KkhO
z3@N6nko8(C5d<{s(ZyY^{X=M+n2ZrBuKJgdtGykb8B4azjwRb=$dbpJoKbIkNJb?a
zyyrD$wBsMA=2~boi>MzDf4zwr*zgL)oRoRP6M7$sTGhqllxB3!MrF67DmloDzU;Q1
z&I(ed;t%KJ*Lyy$ZJCF)6M~XCd~wUX!p##>E0Sx!*GDH8DOZZwFz51QKzvFZSYOX=
zh9`gn1>>68hZ1Ykxd6aT`<{EUFxHz^wKKxgB|;&<*&dl3JnJ~<O@Rm^H3|C=F&3M_
ze}3$y*W*|MAgm@uZ9m%=O=UhhWeNGIVEKw@z0hWbgvRhhB9lBexhuw77jhHmtEPaP
z?&5>ijiK7rR`=`mPU^)8ffT`8t|X(Yv0|`jO@|G2tLb+7_B{L^)gz3NY*-4-x;ITC
zxJQEIEBgRWQHG6{)_QWwR^i4$Vgj!XRIu$9GY)F-W<9#>F6moueK#kzAowb`wLw|o
z+5i?!7*LSgu*AAq638IeWE0_&C)?P)u-P@+fehuc*OGv5*{Y+W^Jc@URw9!NzO?YY
zaL&zcAm7r2_t{164DqsinH`b0Lh1jzfDDqJ`%<@a!Q@+^;Qf!XNI3l+mdN<`IQZ2t
z%L^)P^c+VumNJ&ITzoFcWky79sJq1xFoVS5S@%Na4e!}w!}!dCi@dgidmC!$1Mf)n
z*=*Pk*iRvXq)ZC|Fh8o;JRs1j-cpv&p*ma?1b<bvo-zvCmixM2_`Pj?%!}B%0kG;%
z+f5U$A@{wc_MbT@La!mw>EqmNw^-9n%?$^PT1QHkn(O>utz5tX`hPv{u{@V!a!Mr6
z<_UBAux35ybHUx}5$Su<PX)iD3B!Cwnw6MuVz!}whI0!9dDSXGncMf|maU!~t@EYe
z9-mxhPpbN#H6B#za1hh*1bz!FUrbD<*18JZPqlr>d(*BVsK!ovmQZx3^tbh|_s{^8
z6-1|r(@*6rGnum+M(Cg}cQjN($&IiitX>RZ9a3Zm;<t9?Wb6hfut2!mf|+cowN9Nx
z=D=fV)@&1m*~Q<gl8u7;6uC*5-Uv?y{I3e7r5lg0YE_s<&g4>Hh;AbhdT1~UfV8$@
zdx|WJd?}>CeOf;=VVskf6^(6rC}u5}2Lw_`P1<r$kEit-ZN|X_g{O>fSu_(OsCOGm
zir2Oh>jsC4iRA|e7<XfA>Y+PTU!{~A1ExfMB9IQ>jcje3WC+6T;H8(cq+c-^w?RFw
zsVFkD?`@T@-6^VPZ)*ya!!xI$N(>Ae<V@4aR1B~;1IK?kV|k8iH(fPzuAtAvg5gTT
zmyU4lnqxToWXG8ZT}rMP9$TrXVn>LFI7=*SO0W=0Ma*X=f^gzELyxeSgsBJN7GVzR
z){=LBPE`E=is41UE3qEU*c?Z>{T}s1Qa+F*?Lt_xtpV2ys@vNFXth$C0R?1i<E{G2
zx4=)ujJyhik#u_GDKbq=8W4)`EJ}(P<A;!iYF-t>=eHo~R@zAQs?`B)zDpTe6w2V6
z7%wDNlzTP`tFzE+_JNvr$R&FOtK)ef;9H%K%vy_B)B#zey7}=HpXQ95Eohdp#3{s#
zuCdlJQ>AFMKv_VE=35C<2a+s=R3xR*f@fuk%&aV@-H|`B6s@XCh}pU)H0^=GrZwBM
z0(Zq@UqRNs=_>OAaBA!CSEzf24FGBIIt#)Hp7n3qcCcJ>nU+3Fo;h-vnHRkM@|t!t
zHei_xaZh4F?imCkX+0G(3uFjljx&2m%8Nw0%tgv=l)T*&I~U+h3NIv5eT9=E)5}{S
z&Ad7ziso~sbU!33(kb&6HQg`9Sa0aggA%*5HjC|nHwn46JwgT&=#Vp!M>fRMLWLr5
zoL>2FjchD3CA~sB4Ac|J|J`?Q!@<@Ls(0E}^Iqghe9z<VB5#r$>W-fJW)fi9?S%yE
zH(uV~^SB2w;PE;U?A2EjfoLia9<xm8!=3x}v_t6aDY@WSk`MX@c$Rd^v#P#hwE$gS
zAbqZ^p<gnEMZ=)zgHQ`1d0HfjW=s?^S$Vh9$6SPN;hL}yco4#bZ25Ry*h1PCkL-eV
zUK?zHN|kXNAD5E1ESkqYu*ei!StiAtx0c5GsCf7lw09w)$hUtf9VGl+MZ|Ux^`EC2
zaMK7+Phz%YSw}rDk&#!`K1G7;OnZal_35FS4=kcsO=37V+=WPDN!SOKQ}4$kk)~Ra
zE&H1hn)z8*(A8mI%0T=XD+35|-;trb=3%g})TvPWbJz{jCbT2WejS$|PA1DF2kfv=
zSXCte$-6AY3C!4>ELksffd)!GBbh&Nu|B$5Hm|kMHBP{P^i!<iPBTcy#}1Al5gGq2
z8&Jt{HvYkynR;OY0?&L%PF;Oxymf?+&8O;ZWfONSzvJxw*kpW-?zviwOtSJZD3Hg$
zh5zfcHsGb|G>%QqCe}+e)fvVP#Oo2H_8gId$6t0?#d@hcoyLo8+=UMf|2~6)y<xCH
z=GirihWVpWvK&iAyEUW5f?>|Ak*2nko&A6@u6wv!e#dPhC&`N}YhSb=)r=}Cnd&mf
z)%COL9nC%5Gh%)M{}YP|?O++E_AD9w#i)5%t(Td|OTt*VAwU1M;kEE>P2-$J9o3J6
zcE1_XH{V>I_a&2l$0~yG?>eahJbvKj;Xf7b6%0!Jm&7rB?KaEKQ#6lQWimbI@-_^H
zYvZ;0(fa!Af|$Ps-dvjPgk6Th_HIR0F@8r(n|Z`4S4zy~?Jm$>+nXNO?+X@rqJoC;
z?zfdF$h|2rZtf{JeEE`GWU|Ov1q!tGnXWw?cxxdSSZiLswD%Kl$30D$>t;%C-}~MT
z-j4;@OV@3pUAK&fv6n7suHd>AzB$WREGu;WknOrVFK0HPr|t*mvV6#Y$u4WiX({CH
zz*i+M3ptM2-LZ`6vm+QnNVaZ$o>Y=2&z_9Qgr_{Ad4dJO%BpDgIloC<<mEshsO{tl
zITSgJD54ojm@O=3ILr!f1s!*`kHz-L-p$|3xR>g3fX_Q3)ip0&ombAPj%&%+XBT7g
zjk(Ggv5Z_z&tLCpc;aIcHt6W?U?B*(&--P-+FgIs=kO^A=C>zw-%M~vZLL#rb<LKo
z;f8CP6h6FW|K&>mK}Zfzrc@D%%p@uj>hl|+^><9pFRrdH&Q5PG&R>$R%@??<JdeqZ
zsLaKl3s0HyX8=XYu^k~3CN!&X6ajgFX5=#CszkZ=>wZxpG7~<cdo|YTIfrl`mYI*}
zpKD+7bjrvTg1VMNZ#6Uo-KH!AYWO9g#Gti>iO~5}{T)S8r=d6#rJaU|9KrGo)ckmS
zFov9rgYkh?#1b1U>Fw0WrfM)Qep7wpjR|>YlUw~78{df6EW<1-2+M{qbnzCjTNP7x
zuqJGC&hJbu$DM7_)o_BB*g2f`8hHJB_i^B9>@f-h@nyyki8MttnnhXiEUds~$vJkL
zLpNvbT>5VAiYP#{)+4*dU+v>-H`MaaCMDe;x&YT2;8(qnqYcECwDq8jNINbEb$oqs
zdj95OoW{GbD3--b!83n}hBX{*`-<H=_74t{m#M$x*O^K>DzOxam^WiE_aMY?F&KG7
zN1DRBUu)E&&y7YcEJ3Q7mD;>o1ZNX`@`>+RDO{&Umw#i*@L&NxpjtR6TuYXx9CLqa
z+M@rC)T&879D#RLBFiJzu4cBQ@OQF7&5^D=o4dZY_USqkT;^<4qR-5D!k~J$m9_1@
z+pIG6Sj(KX<Kf%MYAuw{(ZyQ31rs`#re<xDtSTTtV;!M$M25+Yr(~J)JD#w)&k(ra
z+1#n3<<{mh_3G+|{5Sf)syY{~9mDx}`|bvSd%<74^F>Dw#Iq#`8I49@Qab#n)|unv
zDfy0>??ZZn%6X*7{X&#5sW7+h6@{aUcyH$IW8H(+KT$l^`r%ssA+R2Lk9X3qx8Ts$
z+Fojf&W;?1KqXl|Pl;Tm3D0gT5TlteMG_g&KiK`7GwRPTSeFhv?SP%Rzv^XW27|Ib
zXMeS9!UTJ`m-#18V0IlE`zM}xz}0>Sp37w<c^JcmM{C?RBbSr2$z|OyvSs{qKmfJ(
zg52g8X%nU}oBimj(Sj~d3$-}s5{fW}D<~UpIyo4K6l}Z^glj^3H)_?#*<Vku2rV@A
zl!0m7Q8TFKIKdp}-ZM1s?Jz&v!$Zt&zv1&WKURn3ovJPTSpGiE$a?#+{Qj$t5Q@K}
zq=6Ituj0Gn8CRStk@xZ&)ZQvhD1}ra#S;c*Ox{_y;w>2SE@zt^R(YXt2LhU3X8Kmr
zRk*nx|9nI;c5lYS?fc|Ej9C%TK9aw@42CbSpb9PGtFaYDBFk9R1)3YSBtM0-J^oX+
zW+}y~{&ztWB;VV8nEC4D4<B9aH9OF18Qzxml0tSwd(q6yOyx9_dfn>&k^|%9JRpZE
zT6+C^d(VMMip*74aGW=|9Iwk97~hcg>;!~e9d6Mw&zI}tj{gdNBd@uH(3~zjdU%*i
z0}Bh9+m*g_^5u^-j`No&gJ(vQ$~zOrEffRIN-y@IS}hIM(aqTv^diZh{&)hK+#jC*
z@x;6MA2;u$w<YPLdKY(AXZpt$*J6mFHig!*CKz6;d8s+%u=zR|LR?9Wa6N5^js47H
zV{LjHGN#~-=e`8#-kVGgGd=L%{-f24zd1b2+v|S#+g>jE{HL~|j<m3A{mmuvwuS=V
z!K)uQH&n%>HGy9klZ4LSPJVoS`qjm2pc_WFcr21?VYKpX;vU0KZQJ?kT(&IKX_u|J
z>oW58)uiUB+wjP>TTs?Lb-P}jvRNwy9?0J5)Ss?hQZ-Qk94;R}q;1YKVe*OGQF`V`
zjV{koe@9feVzF~@T@XdP6_>nE2Ic`iZ*>-ZevtX(n*D3W&!h~gy|%vVKIzWd$>2LO
z^VpWnFPlmcg>ksXS4{~aTSckjf1YDyGT3ZEqo&$OHjaj-4w_c`{@!1`q4hFTP<~}6
z<_SIYiw-ScSx-K0Ay?OhWRsMHN-K3u_?nxg{1BXZXIhg7<J%?M{;o4i)Jv4cd*6QU
zeBC^w+%sEqhJ{cf+aj~3>BYL!{tBKr>n_+<?FfutE?r50Gi+p{$gEST?o!&}jQ*O^
z>i22V-}R_2;~t4@`e94+%X6b)+DtTQHW>-nWn^=wJ-9@VFVD9=m?BsABJWeAqyEZT
z1daJ^J&CmaHuAX6-UQCx8s1*p8T4z!<)yXf5%l{(O26CM5qw-nZ+j`(QI(+-o8H-M
zRh41q`v-3M9z4gsU<?_0;VO<p!D!{2rHAGsb~Iaal3e@~N`;0o5&JY6?-8UbN%X3S
z%!R=+g%#Sv?Gd6WrAvf?C$YHC?r9!-z@mfF9B?CcmBp+lI#lmKa2@z`^?yvcGPR#g
zg=pul?RS-Al~Yo)5zR8pR~)-oMnt4&VxcXWx@XL<O`e>bpzZPGi!Z()01y_lh^OnF
z5Pa(2pFJCs|2ci*3+X2YE>~j3DjX3kh}*F|BL6jc_qM8&YJT;0Y%0;~JyMc$OwOI~
zJJ;4n)uIz&3CbnUW=?5aE-h!U1xNUNVFAeX9!q#fC3!HXpk3J3yumO__)aNFU<yYh
z;kS&;BtVb*b4hFs<(x^a@|)___@QcdN#-p=v|ndr0H$r-Lu3xK1v4_}S~idzc|pfv
z2ypV%zIj#lipyXM$W)AnCL)`|s&)8Bgd1$c;xdbOwe0ZNgkwfU7@d8S7gBvyWN{Ku
zIJP$1CubWyU~I2R&9HFRLG_3A8oeJwWn5MD_r8L(-TYWUuf}w)&lAlEEtD8R8G0LR
zJtjY71nMduLEYn!Lgq$;+8mFw`fe@dkXpAtWDWh5qu0mJIEtngRV#F;8BN)d=C-!L
zalKlg<nxT>Xpad4jiPIqZ9u}mp$@HOj6U^}(D@wDMeagYDbtK1;XhY33>S=CUA%!9
za8QZ0DyCS5$&Fz(!Sx2L)Zj587g8vw=%;%&3na_J;1EnQnkFLhmlMDiiPT_<WHEu4
z$b!+>qEBnJXt`wZn2<Al7-u}9DhSL_za6u<(0aAW5nV7M@|a<H{27Uy4vh>7JYFCP
zxE|q@tDNR5R9@`bX=a7^1c4NWQ6X9*WMBE!ebO7y4))ok2fpMQf5KNm#oIhwvJa>o
z0Op{;Uf=u#{UcNo1~NCWM{bW^8K=h7Sl{4OL6c-PVjnbn=65VaSlEUstp*Q)sUzIf
z%bY2!+w%nHkqOAicmj_Gb`8J<g~F-_Z5^{amak0TLH+gzINTP0vkwAiaF@gbU)g}c
z*`wdyP(@o{oIL~*XCM}5uO4riVN^ae&b~cDhkfxlw?*XK0+aKBP&xO6%eezM-gelW
z4~EY9K=_;wfzY`NM&}L-whd0_!y$D(6jtX$pmjbVUgv`#c0LGZ=MJcyTjF-^u-CW4
z?%W2wvoC(<RtTP3VR&vsgDr48cSZ8ta+Mzp&GW(VJRca*^C2)j!%;o^bZPKE_kioU
z#kuJH!fxoEVR7Tw8t=Sz6K-WSBWOA@RjSRcvgK;(Tw?=!*1Mv1wGUgip2uC-a^wAJ
zsHJvZup<(S>_8dw&Qio!{Ha)mU-6v~el1Kl7voSq)!R2a2<6W7j`D;~6MN5xP$#tU
zLGrN;u4?*N=(uHBp&=8%YoI=b`@w3>Lm5puxJLWqTVsB#?~DH9Rl=BRerCC7GWzt{
zYF)n9s&$1ESFN_suHoi!XWT~s#pG1&%7qAq-4<XVMd#lXX8Is!s#>haVvTdm*W>*d
z&u&bi6s&SGGlljIAZ5eA1ADjWo<&xHl-BIL`(LkcrPLdsyZ-ec8Hf(@H+0$4rBuG>
z;y4gG6@{|dvG{ucxu62N64v{+XXA8_t4TeT6+#c{u`fr2(P*Jnun{OZfqP0ToK~|u
z*OM)MW$SXM2i1tPS)G6h<98`ztfUDt3hfbe%*=@Zwl+9(*6g2Q{-Ju@CPH<>r5^4r
zTglB?gvt{;*D7^f9}g4iQDn|H`p^?_wIGFGGE-ccTDzW;q`u%$D97Rm%xikIJE2_c
zqtK!bRg+8=OB^ng7|^q2QX(KTNojt|;!?8;U8O5cywW_8TcHP0cyv`Ouo-U1Js6J<
zP;NF9<qYbhmu;bTgx}DmM2m>lg}@Rkpg62rggfN0(EuDRw{2s8?rD2&vpbu4n$y(B
zlC#xCJq^SLZXEUj#HiFjhsvmxUIw9-_$f?)Gl&5Fj9UHxsxnBbSD!%vRlRyFgReRQ
zthTTuw*+H30av{`b%L`lXTVGvi{SR^(~YSs6*q~_cqdA$pI@ws=<0~t>ea0;!fP#x
zt5?6Ch_4VZaN9ydz&5586cV=H!tY_&>d~Q2-O;>uGwbCMc9sNgqf3W*j>#J%@Oo|@
zs&!x~l0uawP`8$x*kEGTfQXf>ZI_ia?LBQH62pbCd9}ZQ=xcHBV{H$-4q@BUk{D`T
z-_i`&Swtdmb|1Oa1h&2fCjz?-DNBLv<Cz-ms}}a8EHhWr<O3%ta-w-OTz;&&jpggY
zgnvJ?SFeq~i#6N^*PmWp_OvEAZ?@PIoF_h8i^3&Z6r2Dia$ZgA+dk?~@Qr@^%hSft
zUTINT#c>3S4R=A6FewX_@U6f>!<|AVe;63e1766W|Bhlu>#fe+udVbmR#mjdgpV4V
zu;pdqm*9*eG|Pm-V3;E`#rJX~k}{0g&CAZ6?6Y3F<F>I@m3-JKXvOqlsU)KXOKERC
zOSe~gWv+~RSw%7v#qv}VG3y`v;byEoxqB8EZCSOg10-g4Dm#(($|)d?HcPl-Cw(tJ
z#Hj{QTF^AJzr(frNMzYA`lBReZ$-IhILGe3Xl%P#WEw0n*1FPbm3)?%BdhlGy<GV$
zG1j`$ug^WCwr%tol<L;2%Pva{tW~cbyDc%Ub){F=9!pGczT9S?LHTpNEmD3<42go=
z%2oSySz;XZ#!AhaRi?k8!>#aUO*2*P-GI6l>&-ZGN~4U(YXDmZ2jlTUpVcX`3(U2x
zP_xmW2+JZ7+Z>=7&wCD1E9sRDz_n-rn=EZT{Z9<eug?Ux60J5P`_;}0bEPJiRsRF3
zY^}EvlEmoCRmOP2Q*N@sG&^Oor=Q^vI~YgH;>dJ1PFX7Q)lu1@{;{WEt43pbgJ>fX
z6?x7wm8?FpW?s@SJcOib^#v`F4behY>R`R~$61L)D~~F3jQ%Uj?#La@z4e=#+SbZ-
z%<s7DpBX{3)w^CtgJ6x#tr&a#?X5zr>rp{QML@f|DAcl0MppG+O2g_b{ziE^kIMT}
z?=JQI>RESQW4$e@QY_D2lK(yY;rG9co_=|F`2ES~&;R)S;SXc@$M2qg`Sch2AHRS4
z^ziWezrFeT=IY`f{OK>>XGMC8|Mkn^_w3>yft@^k`sM%WIndg@fM;qX@)0iSONfB%
z)tx2xZs)oZ{S`b*zY79^OM+(iAL-z3cm3-`<!>9`C%OIgcegwi7fO%LvFuAv8#BJt
zVqP{s##Du*JU%+h@~4PZ!xHX+y$*qDpK+iXu5`^b0P$yi#u^Z%hVf^CorXrKfr~qM
z>km<C-ED|c8=};PD78L)4pC}Dl-dxbHbkj~v>{4uh*H}_lp0>z8e-J~Cui`vsz9}W
zr8qUIH(10@qev8)x)HZ5AOK~}max$SKuoRM7D8+ZV13x^?qNgNXc2RLjo)IA*;id~
z$1G-X`9t6qGu%Y!*^bF6$yvmg+>}Y6_;=iOrtonnzvW7@WQJN1&8o7=xpOHtm%|-~
zjOq|@lzT22kqc2IG0E9KjXye+;p6;ooYB;xhJeK76#5O6F1f*;c?djx18^qMwsmG=
zW8zGli6*u)v2EM7ZQHhOJNaVUw(a-b|Gxiqb)V`!wX3VT>h$T}>#Vgl4^YzJhLGXa
zPZT$_j#<s}R;oy98v>r8x<^E-uy}3SZ&0mlB#4Pe>-Bt6IibzmL2uM_6iAcOmOJYY
zbPy8ZR$fo6rHxnz0)i&46u#L_$*Gm1G^k2_oTd)pSJm}73;56%$Vx0pH6YnSsk>~B
zJ5zj6tkhv7%`@3P9J9~cfJ|p<0}x9|==i`9c+*oR2N9+B!Fvot!f?&#>G#*fM1tuZ
zDJF{5_a-9f0{J)-GLl2JJbnpOHkD-F?h`w>0ouPB=*+gX<TuxM$tap_Nxea8*DXam
zt%+AwL!s4Q8h>D^9iGz)S0Q;;s>WQL9~20S|Dr)G>Sb4@9KGAzkHEk5F4=L``a|&4
z@*`ThQ3$G}9p~Sm|0$gW&u(TlJeTtgUwVr{M}nSM-%9fL=14i|1EEQ;rML(W^!<vU
zM*8UFzJg|9GjX6%+6p0h;rDV#mlq=<`wwGZQvA%7%+89FQGV_*T6W|?8d(j3P%9<z
zJ?&bL9U_^c7t0sQy}6K`dK5p5spyV^Lk}v7qcFBlc;24AL`(>r?8#_(vP@N&vF5rl
zIv+OXmt78_A`Y>G_egz{me@~8VV&8NWFz`lVfDSiipXM!7w5DH&T3Y&h~>Ad&_tnm
zrX{21qItQhwIunViyxR}_*Z+pC{o|-JrSy*H0AFbPAD$gC&f`_D~FEKK@>X{AKj{0
zOtY3lKKKm)5(}Im)OH`+e+C|o>i9SH^U~}YG6S)e2zO?h$9l_5=<%N5MPpM~<d@Zz
zRz>3+f!CypHpIQ;@BikF`VU^7WOOYUP0rYIhX0Rw-w6valtHQj<@MKs-&mzRXQEKf
zCwN9Zr@}ty_+LQ`$RL7}Mb7EMyl+zA?oJ%6fM$>IEAq^Zb5QbR$(IL9x-7<C_MrcU
z0H80cyTeaKN8KX4A+<sCMGQC0F)bod;;%AX=K2(7CRfot-a0ZKZ4`nn%dJeYyjp5d
z$FkY`CI3cDA|_gVR4eNfwP}BgCAgn&p8^Z*!j-qUZyd%~byC!M%~VgEmNT(P6^}6`
z2T+w@XX(D3jdhvERR(B9abx>E>*obpq)QS%s5=yj#cnVzv}$CtaLzr=OK?DP<Nte4
zP#tF1Nvx8O1vYLW2JHh}CaJ;h&P+t8OQb&P32w9-f$hZPNsY0$CZOkQ7O)W2fOjbA
zROnkNP?e#w<9)@3ZI*{lrNG5MUVVYU=BS3zmbqI+WK6HSeZXZLpZHO>7Pv*jnC%I7
z7Tj*b|GV{5vju;hVtpAG=fL!G=$HfEZk-*&V-o{$r(e||_9g`$LTo?L<v@fN27T4*
z4`^5Uqsm{!mae$bP|}M#t(mF`E{&d4sR?{s&!cDyQ5@ly?XgJ#2ILk_7zodsw<y5s
zBa}vG#Z0!s(3M&11k1F>UEhW2?_){valT2KTj|?}vv|)at;=YIY}lZ)<2F%>X9&tl
zgOerg#sqtCOMqeZn0M%@DXD$QpiSO&)e+AtbY31S5P*ZkZtodWG?R?hnkvTBJ&4vW
zj6DR;QxIlA0&<S~pic(tF`@8jDn39ID?XA}m-VNpky5vKL{-PS9!(*+Pa2j33MFY6
zIHW$Zm)?SDbO>uuILP3>_Suf)zj@OnwFAhC025lh65uz~m|q&ki9`x3pOr)f=incg
zodT}t8vkTVyffYM8G%ywQ&vn%CZhx6zJm3?BW^_YpDh!w3bn{3BOZM36O!lUF}uBP
zBjQvQsZwxBJFJvNp{`^|bQj>Y_DcFx5cJLO7ynkFb1={3;N@4UyWRZX)Ix}z+>Ff{
z?hS2qoQ&RCTf?_Fpk1Bi4_Pkv$?DsTjq9q`+HzfCDN{N)<A0MRag)ckzwd037O*vc
zX~SGRk$G-~U5&@E5;l)+)E}vi^k6-s+$0yNqKDB!O%mQueL;SF(O8p{jgWpIT#+6z
znYe%}b(;f@>N~KlW#5_&d6=D1nmfIMQQOTWX6~Fjl~>I1hsyoK719dJXL=J7c)MNc
zNsqZ8eF?RROjT%L(-~!j>Bph33O6nL$ZxaD72#JEH@yK(l!_h3GFEBSXz93U=(;PX
zTBd-1JrBmY>l?tD+YpCY&l5w|lPuR$#Lv&?N2%A$9-Sgntr_rFmy9F|o{W&44sC09
z1Dp&!pC2{ZXx;dV@m6)BKYv?sGq!^=HVq_j_}AAzCq--$U$9VJbFi(qi~JF{iFT6M
za{Slgfi}E?_m9NjoH&(!ojtHxtBL5Ged-7IQ`}JAje|!rV8wY%|0<<pgAAI0>IVTE
zXPXSYl#TSAakkyR82B_m*6PrY&E#NTZT6wQNE)h^Tuuu%f_q(?Q82x<V(xp1iV3+M
z=Xw0E+!*?<6vF*n_mWvIgL7f0atu<u2FkMPz#~6IPfk+3_r~>LUmdina^Zxmt4+hn
zF!irh%C%vUwJSkf&yx3>tSiR!hk3W#J)IH^nI&@zb%Wn@h_ds8Okjkdtu}67KthyQ
zA|v2;ahRa&Ns~KE@Wz&QRI{lQM>(oQ3NBk~z_05Dm%Ym&!di0q^r#1D2-a+3r7l!e
z3?c*lDavr=+7CW)jkwz!7<74(C}nxKm~NC48`!s8=UV48;ySqeXynS_XxX_jJX?`Z
z+bB-0Oi;ATzksbu_fnOL{s`=Ut>aUA?f#lI9oaczWH}7+cU%~4w@0n>H&4)UWN+C3
z`%dgbQXakj#8sl&&qM;I0l@+q4L^9epi>Q<+eGRUTnwRT?!SE5sX5uEYHcWAcUwyg
zT6$lg%tiz0Ngaf}fZwndsW?BTzJ*;5?N{wz5i9ApMvIc0w%rvb&O~~>3aZ(+q;^WI
z9)%SSK^WPr7)DEGa6jD*Qi7gTs#ue|zXL@o#_zxAL0__yc<LiDW_-wW<W~D2wr3)z
zW&yTrZEt6j3SA1l?v8HVSANb-)E~X;oAcPqqB9b2)}5~)hARR`#Ys9^Gm7x>_vT%?
z;1G~2Yix7%u}G(GDZ?!tQiYu4x!8}+a7)iY$dy6^h+91CR{YOQ?7zy4M<#78n+{#=
zjSXZ;j&64~lxai8*FtG9qr`}g4sJT;mt}B*!}sjsXAkX}fl$x^u&3#(mB~-HZl4eG
z&kiL9g#xTHQ`ltB2bmj>w>JaNte3XNxyvI=n+K2glVzl`3kRBuW#{OTXG*sR%Vq8i
zyJ~|WwPZ7u4A8@eIo*ThkCjsTN4)s9lPyI$tKNR>m%D?5P%={qg#wibtFH~z=74V=
z9X6v*yp|PJ4g6b?8!Tcyef2z>FfthEWSVBU<Xbp!;f^JW(WO71=-51HqBcYV@!?;f
z`{HM$r3mqWvK{4Sc3G2JoDIWhB6{I`pmB>gJ)SG=0;1p<X-V2bdI0VzdP3GenS%NX
z`z7Oct>={}A<Z0`HgU|P$ifF@3l7}Qb+I=Z5&;`L<<%K%)`h8^xoWVtgx;SEv!_fL
z&nV4#1Yx;#9&A++P&UtwWl4Y5a8dnF-%8W`;g;?&_Yv|W)Ff|vNHqWXN+!^_1TtF<
zUPS+KpN>(uWt2hTK!5#6H7c+nH9dKWmWpwT8SxpqciL!=eqXW1pNN}*p>wx<Zymc-
zet!pKQ*BNI92;v4grxh5#`elJMM({ZO&UUo-R~nia}3mW;mH^6zr%F?;K#M-=aV(3
z6nPa54bnuw;96E2(>aVB=}0j_4N(o$;(9F!P91BhIdoK6S?MG8lpa%^+y9n+knih!
zu7B{!kt|=xsapEFP8bD@;+3Q4kd8iC^o-{(iZpVj{iLdOZ=D8RB$D*=ZLs^;(Eb=X
zsFE#C40{cdp!0cC^qn&Wxw}1jG?eVtsFnPNWfsOcQVL4IPrKsYRDX{j9S^Nja5mBG
z0ccp*_RabmJNVSX{Am+K@j@d{rdLXul{@t0F=?Bwow-auRn1Q{zfIZ=Hr2DMO7{}y
zy=fE`Q!Z3UJ`a<~Mi0x!`W4iTorK#Wxs&)YVXt?R%wP`t%n2h(l{$ft7zX{bfpnTE
zuGwb%tYOmeJX%1^t@!vcKGRin4KKaE(7|~?X->bRH0~ZkfpMcF);o**)BFB~Q@U8(
z@R~DDdm>{w;n5;a<nMX6qaf9@qFM#~z&{e@{h8}KEE1Tc)nu(8&wv^}Mjju5t|T<p
zkdSLO*-s-k^Yi=*8q9K29usew^8pC1EycKKD9)DUe<QVHZ!zl`uLMnZ17`=%xsI-0
z9}pnp?zQqwO?7i#y^hUgLHOE`K00=WeMM$1RR#Dz`&x=I_!R?kg1GQV<q*Fp)gVw=
za1vyHn}>q=+aENSXdG2R`&#L8ey>@YfNBxz^7Oc8|C;d{Oo2_7fvNr|^S{!oZ9X|0
z3+zII-UKn3<5<PD{<m#C472dIYqEcgBsV=*q>dX`BXrtT>LPuAMgBU^Irgg+)4Cfc
zqEuAv=wNzE=v8FR$)RP$lLjSya`&sVGYenj)x2!5PW<53CZ*+Gj)bAiw3zE<Eeo1~
zyL!Gm_K<v+N`Y6{5ohx4!cm}Z_-ljrou>TJ-q5HkijUT1JvRmMXMM#yA1(gF9k5xE
z_P}|#n+`q>JUPrY&O$feMJ%tx4}msSHVpfL9^J02GB_M-eL2q!&i)tDSI;(cl->;-
zx^{;{F_BERxxii8(SsZG;kaRKV*S~x*E=TsBU(!de4BsNHIC$M8`)Wx3(i`X)h`#!
z-p=`J8Ft&!41FBD%Shxc$cP;Y2o4__JZJmkm+Q!Kakpq``9oFqIJteD){wSXGM~nF
z;o2{&e>bJB*DUrZZ1BXEZt_n+Fnn3xzNHGCgBrqv&rwUNK4ByhKy<hWgvP=NC7z)~
zd-q|Iptc}~Qhe&7)5aoq(rX)z02GtBL2GJ^%asmEdI~$-xZR#YXhPatG77oQ*?%}<
zT-*Jec1Z^bCtbjsdeZ=#7A&@pt5h--)B<DA4Lb*)_1?*lrYvL_7+r>o5GfqqMLbv=
z;L(Vihfg-1gjGJYO~O?sdJB~Wp_)v4fc(Z0gG143kWg^=fuyaue-@{$(X(6sj`<#Q
z1665H&70KUeEaN+`4Wt;;T;=Zu5Wd{U^I@?Wy>x=H%}4E%TmJ}=piCTn6#8qP0g^)
z0gqESmsuf1k1Imt1h!B|5mv4|GA}3@qfpMdv?qS(sZJgz5gE^s?8%ew*0>WcR1R3B
z*SeD<spqT`ija(+e`&EF%}1WxLyqpGv07V%GjHm)fT*j3FR857gcABireExtLnTB-
zzlpP$gJQ>gm{z<vMgYcIgp%vle<XUV-sm%t9Ht8NVrx_TtfTAxhrx}yWiPNYQ=Ct<
z3<GHivs6pwDPXy%vz&&GFd|hxaDjiEz&_xfT3_L5p0=w9e;1lbN~J<U0(q!voNUam
zjR8GAo}KZ+mlB;W8#a4J=ZAxrD$)9yE`{)uT#wP{GZC7~!bHh*)J3H%)_JAst$dTS
z{X7oxqESJ=NKzcpSjlS6r^-YzL&Zu>uXd}?NZA?tdmP@AAWpQr&}co9(?q{*dzp$+
zs3(B*(R#n>QHx7DEuUV=k&8CROh-E6O<6i_Lm>cB?9r=5H5{(y`!|<{`oB9Yx9x|d
z=SvI;GZ)EvqUmh>I5WQ-FWzBXrfS#0=Wk4#x#9K4oS3EJ-ap9Tu9Q--B)%Qy)m2L@
zwiYeS+PWoMO<i8Ci<?5__QFOxG_AoRT8@5Q*VCkGTMX%9Qr;;6t8epT1~28~u#gaS
z>Yo(zCY&ZG`CIm=UxEEn-fJ(IbG5f*pRc65om%31Yma|-<@<0ilB=+jYY)#ew00mB
z+N19}3)OQjk&c$pH0oPG)2pC{$aOL<6%6Uee}PPk*sYQnMy-NW8n(7eB%ce6?9tN?
z*`gGyuDYr5G<sGBrA~6VbZ2=dhglY?X5Ycd=kSSXEH`5tFPCn_3N-0*kwF6$zVV6W
zfCa+<izGnKm4ZM+76dRyl+)0f!&*cCWxX84b*w;Ribp(eHkZH>T=~qPCfjw4<ckf`
zU6(-*L}L2C(CRqShb6<P<`R#R%4B-1q+JoE8YTK*TZx$_>z}3aly0iF30SUSMO&=p
zR@B?*1yQf)UWct-=!M~POlyW@aUP1KhNdlW%q`N?4BuDTrFr{~SJOTRP%y7aZ>4`-
z=+5Cuty&W)rei!zq4&rAw#`bWatEBgGsj0Q+IUhvf0{Pi?AySvSG=~p!FX}Nmsm0E
ziX%J#OVp6w#CA!RBsu+6Q+lE%JBG&FE;&Hpc<#t@^#KnHp~rH{euyavWzKQ7=(OQ^
zT$k>AjdaPnijxB@f33K#bi~wuBeCLbPwK_^()E~m!O9Fv(2eZl*WN|Hr|7G%?O2Y0
z2&;L4C+>&IiROtT)IEV!6emxg-L7D*iaf6E##Q14EHC3Td9}x+ztg|=d|$JEKhZAb
zgHI-LMc-k5nJE6jJre3aa21+2T(-#sZl1T--_hUSA|Kxg$Fw)!GTB|Ow|fWM*<C<m
zJNz7O54*b&jBn?=kJZr#jBjD-Cq^NkzlHg)Jz1GEMM$r>R$kJS92stJeWRI)-`{DC
z+sWODnOiZlIr5^(8SQjC>OjkIsPl@j&RZK7vVGd@7#S)6&|I#7JSGOdkb3%PU-Upy
z^fL)R!+Fa_xM0?XvgKQXKPA&kmMS1I0A=ub)yCQly@$jENSf$k$pouc?K8c{vFKg6
z2sBRX{f9kZPUL7wN`*hE#<IjQ(6}QuVSlpW{dQ&eae-(c`Pnp&r4mrh9TE5v6*fX}
zu3$mZYr_;VN1T3~ui8yAiKv(2e4tpzo(r<;6C(;bx{FaL^XH)&R$*AXLdeJB<(8TC
zdDuw)fN3=qwEi*(kjLYC`QCP^ac8Mb!ldK#$_iHD-d#DyW$tFoDCVd`EYQ|rvZBza
zYnHY_kW9td)&B8>n6Q?!j2iUjDH$5HK$!tB$eyg5P|Bx0S<UP%yjj|)1Xb&>eJwd!
z?`lx9sBgT&UMyf07rHo5$ALM4g_wY=iO^Iw{w9U(N&TS?3AI7b_ubuSYqT>t!KZ+B
zANj5Mr1i6aRIv^o$4^=HZo*&xcTy<>`@9aJ(9uK4kT7;Z@R8=KfI7QTi{oH2Og~>h
ze7&7UF#NUJkFH}vq=BFKx^;f>Gb}e3Z~FEM>ecCqVuc<1sb$Ike!+!{VEZO%7S523
z?-lK&+4uihx+WfCIu!S>A0k=!#7kh@(L~A$6<<%)G(LzdreZIkK74p?14*B=FNDTv
z2BVqR@^NL%?4|2Te(cx%o1sr)Tx6}y+3T7*)6}SpSX157qH*N=>b%J(`Gc4nVY$0Z
zWF{05<)~uG5(Y`tR)>`3hs^a4a^>twsQGnN8je5s7A(}(H_cXDGrizfYXy5}$~5<M
zVOU!usU$$o>Y!xZ#ElBhY`Mv*xmO;0#nEcG!@r~>S=!NWyzCGA|3lp87w2imeYQEj
zqqBTyGkr>?dWzm%ULVFwzD+dVHTxCtAUIytdBXtMN!%*58DNpAYg@%?9)a<OAmF07
zrx4eIO!E=HF_3XGV(d-}9e;{P(lVfIluhA<V8{EoLcGK7|AvC#_&DSp9esI)?U9-{
zxxN>wUNTjNRa;C5++29tO*E-dV_8<|Fj=oYmj4w-%Dc8E$t#{@F<HUv+Dc<yee-B>
z|1{WXIgXa+VAO8EFT6G_jGlr(%QKy;_~Lk29lNNY4qgwRDu2_4jB%vHq8e_((#fh7
zE-BGyAZ1Mb1CCHQ8L6tbaB=q|o|n5&A+AE_$}F4v)Baol9FF8hmT;dcCWch~Q@4@S
z(n)Y=8Dr@r=}ksKnYWHe=Uv|-B~Vh8`=ku-{JZP&9zVnx`TF{LnFg;`cQGegu7tBX
zNtL@9_Y(@0%{m;TLF(Y(-Ts5qr}bjg^R?v=U-$-cTl4|+5_wBc?~CphFK&}2#Lop+
zmFrhC;u5({%%H!H|FpW{%)UqFtH(<Gb>8)}QE{RnE>^c+-31QD#uB7KWPa|bl5McQ
z?N9Zn{F24k+!-ynEyI6&%wQ0dKdd+*KvWu~Cyl*&v(&UN2I~8WuUOKnw%qtEEo+4^
zxi(ED<jtjTw`;5x>cv`H&f;@WnSG$97eo(;KROM<t*jf0UHz8mv$4@gLu7GB4U$2R
z7&RLOgI5Ip(lxqNJ|&uM#+4B*x9CUu?ZuN2Ww;z{cyoLrY3!VBF*JW5Q`{Ty5`9P2
z9sYH_O#(<T`Y*LIJBgcto$*5^JqE>^fHz18ng9!zW~80)X}HJUR97a0Cy|I_J}yy^
z=wV|wPaBERM;_PJZY^Uf8n#vg@@g3p^S5EQ1^t?fY=e9a9bDx6L;0y;gLKon;!os@
z?ePfV1WGzDPn>(^*hp|C8t#^IK$H7&0$%B7QQkPNaC-30n!ee#MrAH@+)kRWz7yo6
zQ{Wz-KV82$K744UwLO88H}m)QXaq0ZS5M3wUd*?R!|`W?>-X8Ocg5}==*XY2P*rYU
z8#yc=-c7SDuAhcX88vPn8_Vvm@22&dGnZZ7SDNBQD}3ygd8#`EK7(>geW;Dj^f||t
z2*b|Uhy3F4=wW*jpf85C=dQ*drq(nC7GIc%cmsU~ss&#=^dFdb0wKtf$y5vyEmtCr
z`yb{b&QaZ%SiW!tm!7|Tgl+TCiH><&4!#%R$*&p^_yq~Ekg@b!sB~8QQqitq;}3NS
zSaqbA%IkIgd7IE=ORJppG~E$eIenGWekNF{B!fFZ`Yu$d(3(FDI%+3({n2WsKHd{4
zxlkDUvom)>yL+cP-g43AC;^hyF41hMRz1|Srd6cwTys66oLw}JI@3ZW;c;bzyEGFN
zpi2AHu3k_7y9nhUWqy2=D=C(t<W^I9nl}J|DAS!EFT%@JSNeD1Rto2N6fuoD_D-I6
z+H~p;U)|QPvtw9*2k5-iFv<=SQN0s0zcvsZZ3fD+^P~3f4HTUokyn5EQX{Fzn_+Sj
zB9vaK*p%YbDlW)wekxrOrC${@3S!9TC626!>L`2j&GX{-dCR{|e4`HoMJ=AQDn_~L
z=F=^@CZsC#CXRp)>Wj%HsSJKdkwCj0u<P1tEo%^M1IcA`THAl-53{IPC7L=&gK*d5
zR5)mNn8jX_#9k1>^wWfbUQU(_IwGOd<;Pt9WFke)>I?@gPbUIX*t?GEK3W+C%Y`R;
zJ*5E<M?GDPnQKcFom{NS>f_KA?bzLYHj3%PP8%Fi2qOEm(#KhlFdxlrjZ;6LHGssx
zmp0DuRc=v=j;){z|HvaPp$ohUga;7t3;z=|`OYg~ITCQRYFG-5<tVI8?RuJCzPTPv
z-0>?{n)*Z|y-dCwvc#OJ3=KxoDiClVWnMTkj3KV}{zCS?6vhBjc#8KSrrU*zu1+GR
zXa~|mWOe+17)NP}k;6O44ZcrLQz?wLPVS#NLO7ags^%|LCiZr#WN?q|U((<QWYi%u
zyeWBAm-WJN@8B`!voT0+kooDuP5Sh??_SY)<;thNt^3~mwM=$?lWS}`gu{yNN!pAI
zdY6gTwCgIh6vc;_piL;`w!57W=A&lzGAi|kqKH^Z<*LH(6|yf&`?7f-)rW8Kjat0#
zoM|O*W2MI{b~5i{Jdo!9vXf6pJecyS%MzcfZV{ch54*fxyhg<`F3gm64Pq`QoEHt*
zER@M0##ap%u_4FRtPXO54l84+Y__c|j<<L^LmX^6u&27#gB^G?-(&26Xo?U~f)I*1
zKTiekrmny+8BacP8xM(zpcV10yF}gPa%3dQ)?{=h$)0z<DGu1PFs295RoKF`2E&0Q
zdRY8{EQdo!PY?e7$-~A;JpMGM(%YCD-0rn}9hG_%2Bj1><?HGbt~Sj+zYZCAR8w@g
z&X9*EX&Q&UO+k?19PCfyI<(n@y~SIvl9~a#O~F>uXD2ImLcF$koy&`Wsj_ZEjR(dq
zh+ni%BB5oC^Us@fCANsI%f`z0(KeTmh&hzd0%#s|l66%`L;l2@0yBen6(1u{AhBfJ
zCm7+#PjtOxeKTacC%S|yx>^9B$0Z_Xu7A*7CSJA+?Pq%Do!^&>O^=u7{nW!JXG6jV
z9;hrRJfiyLzv_=V`(m$6mIIkz^QJTQbf_sN_fB5J!w*gUkRi1$JwM9Be!nvaC>fsG
zM8f3YV+}47bgQoekDkYWd*e1Q{ZDj9w2W<4k-94o-i$XHn<uO{8A~?YP(7y?9L3?n
zR0@^McHMmdp{enf9YGL4)RH$m(45ItWXY4T?w>6YQTmFu%rTXM^tQ%(y_#?d^!xeb
z<l=p<nwJS{GF=Ud>#_l}c^2l&)w2O}dKd}v^D-PU{s853=BjGcUF}JlB0Kd8+1D*1
zK2M`Gaf{AnZRVv#b<rtVt8bDRUIF_6w(Me4ghmB^+f0XPn!_qR!?g0)pb`yF;9{Bk
z-4@p;o`MlkT(Kj`YWxwZMbIIpm>^mhm*$YDy}jF?7{Kb`D{~!IiU<jM*%$Ol5O-Q(
z0|oJgKq6{gNE08+f_zM@$vyqxUn9G&@lfN#XF@ud@p3ou!H?KD38U9s&A(30&z>K9
zi2Dh4>rpJeU-TXWOTW^~mulbyeKX5#n2;M7O2i#*4dCW<<g*1Bwj;@U!Gt24WY(){
z4X3VEjk`d;K3k7fx$=}c>7-SKM|DFl?{C9sl`72nSPUXvuN>x^YhIXj5LcZ9vR{H}
zmI>?hqNk}hfR<+|#~yM%#P5CD>eBmkdfREC88jQ*>yp|0DN{HcI4H$4HWMS1k44zq
z%mi~HaU_0YFT=HXS^Uz?vSR@p@NyesI_V*lHza~#HO*XSw|w*Vnn!-^T&H={3IDRP
z!A>4YG+W3t)_*}M>fRdZt~4J-YA|9m)uoRNi$Ce%6RfX60eZ8&jV{avhLM<R{8%49
z1x2y3%oGrAnQQ!4iYncl_!IJ3QiZ$_5sYVnLnc*712~?nG0!=>^VuI4E4GSf40q~l
z>Kficw`xkX{6?+Id<?=5zu>FD^2Yy+>ucDEhG`_n*;MOzys9Gg<sm4!&MfzNc<y>t
zoy70fzx+zJdB&0nz17%dvMdg>0am>Nh`mt0S_q_@JhXO?4$O-nZteeFu3=qz%{X7y
zRn><eYc<GY=KF{6Qi`lfz~W1^=~ldCIDhM_!Vn`KZf!vt!12C2n`}46Xm7Ob=32q9
zqB|{^TqpX8=Fj<Tux;78_Zd}1b(AxUgUwXvEJPsLa=KuNCt9=0Ujfbaw23`wuw;Vw
zF9W(zBbD@?&RsGW{a5io-~#T`DJ@^WBhF^gm3{l#4#^>k>64OnI9*_;*LLrzKoB1z
z*{8UsZ^zli=6VZ;32PCeUFXrQ*`+;>%uF^ney@qnAyL<fTJ%oXK1y@9`H3YpRF6fE
zl!`SsDA0sPx&%7mK=#~$S6i#+{r&s5pEYaUH(x_)r&q}Lp_uc@ezF$;?LLb*H&ujI
z{XTndU!Ba}Nl4Mt?@88dt$GyHjif>yG~EDytVE}qiwE!9JLC=I^Do`T%GebYv9A*9
z1p43$jN_6y^U%Zf0F-M=T;P#IDL|VFT7~5BK8VjC4Ho$q9%Jq29n~0ClB#0^F_rrm
zk$H@;Aez+R?{Q8+*z`%PJTdv?Qk!TZ)5~@p$3BB<gda{i1OC{$IRZx7%2V%QTLD&_
zi#mhiF2|pC^^ci5sKFFV%IpIG$b@llOj7k%O{g*g1i6EQyD_kmmo|z?@z<kaGA_e3
z=>2*`*j{!gS;$*v+u~GWOG?0QThN<*w}S^eG0~xT-3yeo!fJsx{y0rz_om$sgejsM
zEzfmZ2(F)Mv#((LdTVj&EEbVFS83I7Sd-k6v+VJEIsD_grNo;&dN;<C$m)hMd{W(a
zB#jhNO?uHKQ`yZOkfe~oaa#G31oJ<e;avY%>LS(}fBr~tJ+A1wS7ntan)UeI9HA`(
zP}7+D3mv6n2G76tvXypaVSJ}gm!yD|+W!td4!|9MwFGba<CpfvjjCj#EpvgCJvSSC
zlh_B8k`ZzlLCLI|3b=;5l!JPx+W=42c^J1)(X;3Lyfjo2YHRBX8uG-@Y{g|?BfvL;
zcKc?(ER^8RHgmV&KOAJQ0l8aN&3s+=(oVWE=T@@U8&7Gs#kn#!lJ%v4)q`Z(9`Fv$
z+Ip9%KZdZx1?3c8w%wdg?R0C~^-9w_CsJSPeOo_hGj2&Fi(q&91YYiuzB+L}gKv(3
z)4l8qV>|BFQ<=bhl$~(i^-qA-n~jI5<$I|P#BAQO<x+{^(CMm$y}_16l}g^TS4V|K
zUv3JDf@6d0kS~uQ#6#ZJ1NKbF6VCIpU-|5j-6o0@@sUHd=^c$e6D+lk*Vcoy0J6n%
zTQIUqV&YbNqSO3MyDl=$GJ<N+`nn&<ahocsq?o<C6FVs@EDg@lthzyozaCMFiVH2(
z4oX_J<-%~>S4&l0{xjQf0b#d<K@J+sd^W6gMit@1giElECn|X1X44>eB~tw#g}^-n
z`FqD91(}lg&XIPK>ky8G0W|Yg{!7uGU6{qUsyu{8gDQcp8V;|mYu+yu4-G^ga_MKY
zi22KgT6L{B^W}^sR4Um*^Rr#+w*}dPN!E2jaeZ5XuQ4EOml(JnOdi(UhaiUn>Vch4
zlIvyMX;wOW)Y#Ym<hr_{s|Td}tpsCRS?%MQH!^dvESL^FtuC1Ux^!d4VL+eoQm@RP
zXE&lejuWhRhwNn>I-<r}62NNCgIkvkwjv*3Nz^+RsL6xNm=9*KteSth7_ZgZ=gj3l
zNqLBLU>U=T@+09&2se)F@t!iMmR{-!mHu3rJ!J5sWO;%KaHFeLx==DBvpJBpGqGhs
zSo+Y3VfL|QX}7XvX@++O_FS0Rvhcr8xXuFufP<$F@#9`)kQefC$|}HpnPr8q3uk3M
zcMC{<_<s?ltpQe0#`i6Rsh7)W6Hn|a8>`I>!lVJP`kh&>=enI)mgr%om?zm|I*I{(
z<rs6WH+?>Wc{6@ki5b}|q8fr!dF;dz$qvZ(P((kyDOIQJoGv{xPu($;7|kRQlO;BX
z67zP#P$S@5;iBmC?o!K6*i7U}TnwbLj(DCmpNJATl{!GogO%D!FJs-`C}M|ZUUz$?
z<g>N-$#7rzFZ;qi2X^Sr(Xujr|4Gk2hT$>#)l0U#-8^+}pB?slpZ(E+1n66{&yu!?
zE7B6+u-V;!r{9L)v(zoDRcm^HV&TOMZq`^)`VF&V&<z9rn2HFJIiE3-Nz#xNXspf{
zS7LBS6M+Ap8*V>I#{hs;nog13?p>;ofX{ArJ=fYaPHB780ltIn$MNQDe*jGlTnfH5
zkueOzXQ}#Ji3FIv)0UK6@^-&^oXgm>fa%?<w3;UfYlPdOb0ebdW0*{P>3{59yo#Xi
zPwBRYtK?O3eO9}%Kh#=P#te$%j%RM4N*o_5sriLx5WK4YDbIJaC~-VgE@s$eG}5Z5
zm+|Vd9aGqCp_SQYaz0DO_mA^6(&xLTvyK*;*2xC-D!!PT62`wtl<=B1H71Pqt{1NV
zJcFZh@74&a1R5iMReknrEaP0vyD#Qe@4Ng0zIdk{1qjT)HA?PEX_f`xN0PBTm6?Bs
z{osb{fc)LrA7VAitLq~T;vAHBGHlf>4|lNWXv89$=rCk2J#qkKvx8m46tli3d|pYS
zs=f15sZNy_<g$LJZjICb$D$WUgovBx)7swdX@g;6zGB>hOA>kh`*t7V9gkLVE!jr^
z3I+T{ohqNm2n+pe)eLTh!n5^q#&M&3DX0;vcz5s-O2JEjPyL-*-3fW~O*eJ7alIAO
z)CBahX+Rh!7JPZ28Y3PWBVImFZ08k=Y{|~%=`P@NJ6t1vfPh~|J%FoR^%7%W{*i+p
z%2GD(VOSrvTy<44dSxlRGO@wg9YYK<^g^Ut<JiLPvWmE5Y^5d>7CmwFD<#~2dX=lO
z{47ci?KY{3mmI~}{gXvf;nSMGTBsjz`nXQa&&bcrI8nOi0@wBIZozqGA;Qj1JJlqn
z2#2kjw$xh9FJVKupDWZNZ8Vb)N$ozZ{?Lq$PhRatI#+}q6g6Q-EJaJqm@ewPK=7A9
zFAi1Bki(FE6u81)iENn{s6q$zJiJqz&Al8e^K^V0=3SmQ{Y1r`gfT(C%A^YKHO{jS
z4cipeWuIe37tQC}JJJx{Hee^bKSSpF&q83W!AKO*fNVbYir@zObxjTSoWDMaHWu#>
z?(jjn5RsG`x<^I*FR0oA1t5W(z6y%^Al0*FCd=#)8I1iS$u!!_5EnaGkeHjboGXYm
zxou`7qwpbFEFPMH)>N8t=)qlD$PZi~iitqgLHVGU!GU*WbWKSzCRKtc382Om3{NtC
zQlf~OrcZxHT-BxAVWBzfFFsk8g&*rRzNC-kWu206uOe#l3!&PDZK6PPq4rbCobuxN
z`@O^G<LV}4+v~e$<ojiFp4JBw|4SkKA_d5psLwaM8~2gg>iRtN+3Nf{^pW1~v|g0p
zjrX{X+rmfDt453ippGXldh8r{dAC6I2tbfF@!oR9_y<h^b-z4m_m8VXBB<;#nX|1P
z<)awD%OpIleRIpp2tu=Q!qqX11|53Vm=Ae`yVFNUoMpHeCAZRUbp32P`{Ym}=TH90
zyID$2@*4@*5mbTbZtv%-^JNU)Y;CQsZZ6KQHqYm$k%se#`-m3Sl#-eZTw|#w^s|TX
z2f(lcCaEeeZdbCALpD80K4l`{5fHQ4m}SW$uMg%GnGCH2oNcT~IR8l0Dt{>2j-o+G
z?-s3YMr|zoEy?i9jKbZQs*9Rv=lqN0X6&pu1d8KP3C#!ci&z3Vfm3?-^4Xw^&Y&}6
z?AaALfC$ZfW3szrYRE#9Joc8_C?~Pkm&n8>0~z-l^2?yGCfSGm3o!(nxU1$NXGC4{
zt7w)UKX;()=}c0p+ZWOaJa&{);Q<ten#L+dGd)j|8$-;1jj2YrP)Ln2S`>Xz>H&vL
zXgeRqXi7wT?Fc@G!fn3}&n*LCvCIwbNJRo_p*p}!&H!3Pn7N0`M&-Iayqnw5D53A)
zZ$Ukw<6ncLNP1LI{beVaqVLLOvA%jJgshS;SDl*(WFVJB`Qb*nB$k|CIYQ{@ki{ca
z_%u~z%tLTfcjBld21uImKu+x%d&w0P(8g7LUU;3Q|4O94CL#lL^CbiC?rY&82q5^S
z-cUkA{aLe^K%x#sILR(3?M@)(-_sW?ibB(bzC|Z1D<@?R*Ih4Wl*0}y>^Y!73iRve
zE2z$fNTR?9ql&6SPynPEZ$@F|u&m8L=>KYQQ^p1{C^wxBBX5H1BH~-5oyLVO$MWiw
zi0Axm!jv?O#*-V;G=7@>#rzNcS-aUB<j;eY6MzAyeu9hXcl|^zd~RS4RHAM9NaY`?
z)TZ6P?`*$sxU5hGls8;AsiX8u!(5mE)(<GRmfgrIRvhtGAsm6@v_P<g=sEz#MCZ1k
z-$`{<^K1nnBX9-eW7oqrR=;D`CRV>{+ns<ySv2_>Hp|^cXBDTX4j18LxY2JL?xWaD
zIENdUxV!tReKpdJgG!Er%ro>h!qHKKN=o3n!_!eq<LIj62|M!=r6xnd8`FWyp;tCe
z{Lo6NvpZ;UfZ31w)D*yn2uwY?Mu4KnwIV0vSvVPDNkpnyBc_<=Ohm#L4@JCyUYF(H
zXcXzs00#1PIgIe!OzR+j|6bs1fj`q)*M)qv)|ClxhrDFmmjdOV@I?x+3gy3RA%r;v
zuKzr^5f38CgK^OGw0TF-i=J3G2t&2PGZyCyaq5cvb3XCbivKd4BeJn4vreORA723y
z*T(-u*u)ZP87)_<@-VQsL(8-g^&f;2{u2!%5zxO#k<4&*NfL~iHQaf~G#Bm(d}v54
zBGQQ(g%-n_%pFGcoN^soFIzg0`pTcph)nwx8~#0lLCs_#JzpcOZrXpm&9ZGO`d*n`
z-<Ax2UwKw@LH6q4V2bWriq@WMr!nxOf`gM_86yD)_>FA4E@wu2bddnpx`VduxuL9-
zHADUR+tM#v)G%J6NDQpcJ^5EN15aGXqn9zi0`~dVOl6{vH5iFuFPY`i)Vo@{VugAv
zbV{JOS|OnHo@joIIz~c@SRAHI^$J>x9<qK=ue6v3nmSRmjG<JXDWc*92N}Qd9MhzP
zc~Z59E$D+Xe~_ASXseWH#D$4>Dx#9=UVhnYVl-EdBwP~LM$0{!Qm9}Er`S|dsY0Ts
z8G38=QEXBp)&cypwG_?hQ#1zTA-LybcYB14Kw_I#=mXFE`DYu)*z1Wg$4kGn?2&#~
z2wwTOwCiB)`O}=q4;U}fJ=?`yR8ep=Py=ORef+u8Bcl7#&e9Z+DudY09LC3PScgFt
z;)$&uH2Q?=D6S;nFO!7w(N^xL`=32xd%Xht(vq)kYYdvnPZBb}F{2Xm#u7mngRoy%
zdIa{7zv<$FFB{kj)JS_l@-V{mr#coWiTo|a?z$)3Jben=_B`@JK0ZEU!FV+bLn0oc
zA8=^qs<yG?cfOh9cQhP!@Wr(kNzT3umtv2**@yUK;r+)12KZ$8aPBtN*LrOryyrK7
z$6J+5!f|vhtxs25n>$|N6T6zv3+2Hh*R#eCFGIm!7t8{&;dB$xj2V|o*3hCf^{*+#
zG9UZ+Jf5aSX4XCJpEnZcf-3+CSmW312paqUO+3j5mrS=4lUS+8f)WEsry!jfY2S2T
zS&dEd6w7Uh_d>U*pB05*k=WQ1@&R3`QDF0|ef81K3U)bNO<mn&n#Pdk^EXi2Cp&&k
z$Vl1XC=r2uED#L+NC07%;l97NX?zq=YAu<kX3EvezF9)Kzg;C)AgiYn#10y)8AuxV
zwo1kk$}fj9ITH6@8V}iS@;76Kx<Jo+?{CF6<v6N!o;1i%Ex}6RRykLz3CYjvV{m)B
z_m;=G>7?74AwJH-Kwq;n>~MdJ+PigQ9C`vIFz--;d$$Q`{ovf7Gpqm-H~&p80TQ<B
zCc_#1bJBc2&aqx>k_0>_D+rt^EVQ#`Kx`0&HMRo+W}R8z;Dy(L>0@jHKp0wkHuFtN
z`m<ao{>Dhhz~m9RONX{K=nsG@Kg&npFW-s1nfR$69^`Jxwr0=MT^)h{xG0qeCKV9L
zfqis04<6r>`D1BYq5@x{CxGjz@Y)(Ih?!C{{Cl+!rrRFK9nAtx8Stjzl6mxX26=>)
zs^dTKnSb7Kied`2$GudI7VrP4F~mzk-CRm%M{U6kUq=|S3fXHGuv_POzz$#Mup+m9
zr^~MG!e~Jg!$df55*3HuJ0Pr=w4?T3&WyaI{Ferp7bZwXGwbkwP#(0(iXpHneH;<9
z7$*7J%9ac3(Ft>|vOImQnz%Ca@^|9Vdru|lMqaXSQO{|gIATw@+}_*T=44G|TGLeR
z6f1jII!l@?Gk5FSx0aXD`kWv1&h1}tVX=9AY-lEtv(!^3Ev5BnW9B=%*LJ_dwXw_y
z$&{ENr+U;8bUI8E;OId)=j>nUgk0s>W1o6L{?2Qbd5vlID*yCdCtHhY^U6Q3T|aJ*
z{&4r{4(ORR>22^P)y=tU_-V<9LocYY=wXfF)U>`Jt1yE?gJx>hV!7yE*;TN1fe;cq
zXS9#gu|&O1<6=~*y2V~Z=xBH|`PJ^(AaD}89y}8V%x&|Cfw?We$bWNNRi09ps};zv
z*S~u?0q(~@^uYq>0tiQ3n8{xM{|H5@5tcyG_jRQ7k8>EQugt&6@30;%t@+KB7w|ks
z%Up->oh`yy#r|7L^fo8LOBRmvqB(oR)R5p_p@pXmdQIhJTn?amS2v>Kcb*>~5x3A_
zxJDP<WhA#xO6__l?ghGz*UgQhJ60j+wKkgmOf!A)rV{>4k1x6;Z^@)X-DY5ZI%sj&
zNBb8ABGQG4Wtk$&MtyJ9>en_K$5wSNk{qHlm7u?p49ASgS&k)H&NcMVHgXoajVfA3
zfZ`c0BKD5ywklZ!Bc_LjC^$)mAUNc-UF1CI@yG9d_mM*YbCyGL`1kZykBf*k&U?S@
z*HcMve1o=FSbNd!AL*luhEMb9NGs}TA(8kjvY1Oo{)7{2K}%m85RG|up6yRHa*$4D
zXy2+OS5ne?<;pk!QMFP~xsDQrKa<_w*UTi3kFnNU-@vcFb?l!k;GP)yG^wCGw<RLY
z>~!Fx4PRirlTB<gnT)(-{5Bj+1L|KZ6LbDl0M5pKN;UcB8-FMpAAkc93RT$T=4bqN
z%6D*$D486DA;kCigJrmN4s3SM%k@u_<cH_L#P6-72MigeQ{$_dzl;u_qXM6%|Go!h
zW|VfWT>>2qm>=+ao<Hf)I=^G4y?iwF+ce#7{I~VmJP%(vFHU(P!@PHjymyk0f8_4q
zg2diL|1@<iK{RzergM02$`QT^>(BDrBJ+mg$qV6oIC`=U!q_5vaC|dM6d9|)abFlg
zlZmJd9Z<sSWIz;v!s-5NW9WXLv@8vvKh%3}_seC;b&u^(7o7#O1l_swgBuDik_)rG
zJnFg}qJ1B-^dfB!sxs^Sv#&dDC}*fja7TjycK1%)*_$Y)G|ncpMd6oV9o57F?+!Ge
zuL4IM*1(BIjd|!P*RJg{eZuD?HA%_a#wN)cB&5i{^6zHmH1;(fs`-cchfO8ugcazq
zLu;=<0bN5s`EaztoscjYFtk5bt=UoXc%!S3aiGSSe+BLLTM1e@kWatLV&$ec<tNso
z=Vt|S80cM7bh@K5o<pN#GqtE;F=w`$M+g%$W$#B3D_GJbGJ1VuXj?0wF}*-LUwv>r
zO6#f`J?=8A9?|zn!Udc$Z6;D)XZ}QwWg-a1x#Re$s~=~OImF&<bgCvtOEWi;Tquys
z4th))DfuMZFzw5xPoBuIKM2uVRY>zAknEcy=cC8Qr;ayM>g(w#h4(Q?8;%a@AwW5*
z_;W4<(xx8P74;4)c|!_G&9JuZVmBA1(O!sa!k<v{Scyg$l8r#((RwZQCqwf4Mz-Qa
z&$f)5f}G6R+qsy+zyh|37AP}zi3*l=ZFyIHA@1ehBV}@0JC*LY=yw9H)4c_>1=#u)
zQ|`&+wZ;jKRpyaP(Z5|UQKEkx1&bpnIGPqX`dhdhW;6C~2uI;J%`Pz~tIgmwPGLDI
z5JgQ_@T(X3R&ja{(=@Vwk)lao>7NgEjY4-=ch1PsRC}IqD@UxKrP8xLEQbdio^hoq
zJ?q>v3#(J=C7Ui9_B`&5jrypzwNiBu!ZiR;`+RCvpR@vj>6Wv~0RJ9U#qien&pyFq
zqxOtulBC@w0u=C305+qNdIKVEpMcLw5XF}AzglazpSJCDA%#?_kG>a!Pe3=S12r{-
zGTsrR20W$Xj%k<0bB>NZ2V%>V@AE69z5I8X8ZRf1C?6P-)O#4yqD^ww)Wr^s3X&ky
zYn^eJ7?I+W^cn&~S1E<kRmc#>0a$7m6d<3c`%T6Dl%;#?1qNm1%1)}hlBnK8sJmM2
z;XS4WeN<pzf<3Tj73*3hMqfFfeV@BgUvuKe^Ibt}GGs?mfoA>yjD)9X^+8uhT*1-b
zVXqI&>V5JSyU202%-iB^r4Monj0-1UW5pq(bDo;69hQQKMlfTucnyLf7g*CCDr2=8
zP7i<k@0{r-s;kexPhXGzryf-!`eL7mU@o<CwY1qHllKnqHv>HA)V0%S>ULG6jJovA
z6=s+EAR8n8Q*TkA!v0H!4r(33_gIcU_WoJT#N^1#;&_o<18w3%Wj`HyD$xtM-Z>*A
z%zG~NLko@$^B?7@MI_QL^Vhy4F8Fek>`^a}H8;}OXC24f*n2u{OJI)GF=4`$zCATC
zuBRMO%8QpC4422VncYA4O={)5KQy0pq-PnY4C5ZB!6Q8eVCBj+Lv-5|{7uM5CQ>cO
z%*SpDsdX<XQZoZ&7w#)+IJtrn)#T(b3YKO$6Xnh^o1#C--1k2Hlr<osCuEXdr?Jm3
zu-a3XBR{kcK^9>~a|oIWn{S%B-+sZ7GLEb(sEn&75+rNq=L6hn8TCf8m}Ladz*4SG
zvsSwZ=}xe(dD7eC&!YK1rLUqxm+|J&v5r$Pz9L%GV!TgCtQ|+F3lEiydM;Ui^B4>-
z*5?F$75qt5Uo>{eo)v`kQMk$>CsIyCZajGYw2t``cW5ZbG7Zxo?~J<+$tHX35BNh~
zbMB3|X#aD7Q#em6W4w*vSDuNCOjbj%Utg7qak6)AL4!_Av^Ph_$7KpHzD;xwjZb&Y
zXXcW(HgI3`PJY}T->->rncfpZuQS?sM6aQ$P`T0HjwNQuxuWe;Z7`q#m6P$VgFHs=
zsFk>C`vAjxu}-kSqV@PJ|J4WwtVGxqauoSPk}wojJAj^b@rB-D0#ltU7(J%W!xWCX
z+RFuwnr0nS{Q~z4kiBLF>}iRKWQ|HQ5Pq!QdXDq?ihemR-CA5P-FkF#R=gH|Vk&o;
z;bGWfGLFV#97$y{j=pUH-ZGWlxWg+o%>Zd<%Jg^jDWuro6^|37ZNwL9!>!jk+f%bc
zr%O0hw>iddCE7_89i?c~a2i$Ix?^2;XKQ3bLa`Tf;WT`d>0>mw+MlS}AVJuzNU;8x
zgl5;su$4jtT1c(V9p8=1lKgHm$SW&rvDv<}r8AvZC!@-W@u#77o?o_)b1JY)obUpw
z5|UVxD`IOVrxUUEdvfB=O2VF)Yp#Dt02%qObC3m=7fPd0Q!=7uD{^U2e_;v#^i7Yo
zC;9t|{w@aNDzz;7E3>*d+6VqO1N;Z4XfToF^H7_A5Cy(`e7%x;y+vw3gq$;a)<y1b
zm0*T;x&j-U=af`WRXec<2NS>pLRSn8`KcZa5y$hY-rvhKoQwEv9NBC!4CT|wkgOM%
z4AB8nQP5l}qX;vv85?_jlz<)nTQp@RzlMl;#ijRkz74~Sj06u7G-C>Mvo7P@{R#CK
zJ3b7>3N-ZccNw1Zs~QEraYHauDf-B}r%R2dv2A6-ahvZ^6Pw5T7UM)=a;Gw>m~?6@
zjlsyaqhU=4gX%W=WzBuR|1@Fr%NwZ{))UOEN9i~YlaCr6{|yiZUNn7it^BmH<^pQT
zYbwabJ6x`$Zft5aaI>5+YNs~7-z95l68@alpF8_9!|G9!we5tHaW&9pun~8KQ8ug(
zbsET$wrwd>a?=e?uv}p`bGKi041j50ygoi6{fbZvHo;0J`~?dDX~+!o?v$kN*)+59
z)Tw3sBut&8UUpp>onk<3Am#oe1|zgw{f--Q!y48HCp}oSX_1%2-dbiQsfr<tt|?a;
z%7|bffil-Z5pSf0p%tKJcI6Oe7<a5mZlGRusWXOzQN}*e=H%q4tq}8%)3=g5ydYAy
ztQ_^%Nbp}5OjQX7^Aa=DRKG`?EYdNy@%ddR1NufmdMF3#O9^KX&s=)GtW0$W7!&2n
zcpL2$1<OYYDuBWRnd3Vt*+lVeC*k$N>VxImL36^*(|}B|$$W#xXGpmWUFg#F?_FB!
zjtyR~<_KtWxl7ODif?*E{%uel>i5mR*Y1OPGCF2#j0}`XkH(^N$r(pnn=@#;Lb4o7
zIZm17q%dOrYA}$`cnU!<#iq+vOSt-E7P0w%iI8bI4u&B|W>J9}GzorpEuUuM@6tRa
z(l@Xhh^svl&!)Wz%ANXg6Woy>XP;$GCBw#+G1$%P)=D-#6vC6<E8K0SM_oUM^`Rsq
zS}82IGf4X7=fD|l$uf<M)KN^LA$NBLq#<l&W8z(gycy3p?&q%77-*??T25l67%%wU
z4Up>L*^T5H-qxF}&PUHqF*o+L;9NQrR@My%vkr>g>-z*RlnRFeJZgxoH}O6>_C`mM
z0K>Xk`<aCLa~~{&gUyyV*+<<AurYCtgqhZaaIVpzed`o&G;p<%pazh6D~Mr55rLn<
zeDnCE;iHWrAd(_e8oyQDZ67oQfx?)Tc(y`EOtMQ6F%i8&7e3Jt{WUz|^h^4fs{sRY
z=g?eCtiF+6DCh9B7j9cWkkzk7keF;FUB!RG-S@NiS#m$H&|-lNR$r;_Md|<W^-j^U
zHBGeO*|vT5*|u%lwr$(CZQHhO+qP}>{{DNrAG;o^A~JHts>+coM&-=Nn7)Ic)i)G|
zT#PAxv`<?=i(i=(lTDrfF6i<*g9qJ&vY2^7-eubsve^^{IfK~dujO>I{eoHLQlZ}1
zWO-g7?6dPUNs!UIcVchBb4*WG6MM(DV6+g*Zpl+tAWZ_}Xf+E@n(Tkw!oRE8hNhaZ
zzuUm2J;3_Wd55jYN=0@~Fr>>~z%Aua+;}FsQGTe~W#r$~3P%1$Z;NVylT+t03^b*c
zy#2#}CiA%@ph}jX7mt-S=*BCkSDL|BU+jLeeKPJl{!vNXLgL8Bq+&xL+VCG4JeQmC
zM5yA~#P~r!8LN;16w{^q{L(D0NmtTajSauAn(oi}&lj5G9+Mm|z3-31h6b9M?$3b)
zn(p^~8kuZQyXO>|Z`<d!goc@%Pk=10#{s&kSjY&T%&fgkhq~de8L^-f2e>STh4CM6
z!m9=OTnJAdE!ieY;~>I*eYX+_oh8jxBx{2scApmR4DYA4$IHY{piZ3?h6KUF5@!dw
z=2T)$c<LvWZRe{_8RCR7lB7b9@*-@v5^#nk!kcf%ewVL9Br1TM{NGG>PbVSh+PAi3
zirwpPLm}klPCgvgNzEkHiCatM(8$m+|Jt(S*9L!MG6ddDFLy6yulu&4+SWbE4A`H0
zH3ozn)g_>&kYzT298=g_4`AB4lF|=6f%&I@6!p9Lird7c2IG4)#@^LZJlYuJw;_?@
zPhKN9I`ST2qYeDKmKM;#5L9ixkVr=_N8|cmL`Hw6tb1M|`04l3JNi7>q<!Ny(ty~J
zI4mrHC;?TC&-xD8^nU*y@OXP~y*?%TYvM?pQB)T%23w2k?~)wfrKesgM_6#&C1}&R
zm3Ek9n+u+<<HavVkAm}#I_n#0sFcHVuiVdy`jbUQfS;9P5@uF~%>q*HK?(mT%_mbw
z^!Q~qnzox;fo3@C`#ob4hJHhmt43u<G@i}+qA9i^rQR-;>nd7F@6pbw<-LrWi7yj!
zBstRc;j76DAu55}hdZ$QRWk(SY8T}|dKe$+g*<M~+v>7-DD&Ew25hyg+9T!5OE-4V
zX?3-B^Ib30qF=3rxYYpAloQP&39n_Uo`wK5ElOm!QK&_fQW{fKVR3lU$$N%p18B^n
zJ>bjK;gc1nx&^BcdIUFR-;YA&ny5=Z4h~cCWfe5zY|FD_nOvyRIK<fo8NO=%B&DMx
zC|s{@;ymG0u<n$D+FQ6|#!eNNFZ-+wiSHS{l{?64d~vl}acc|htGt%m`&*6<EHCqe
zMjKWCk@e}SRFF6S;zPeY(Qy(v_n>)-ETLOT=%IlC0xkO>VazG@!nStGtr9SO_b;`E
zrzltQafZ*@Sm7kPU$#cN*($!7KWW=+eL!oUVue?E;~cM(B~q{!kJYjZHnJMD52y|2
z^Ig=77;a3TkbQ}?B^@;4bIjJVKH)+Zw5H|$>Hk)}KW?t+anJzK#{h8A{;801o%blK
zImeMOF$1&FhA67G?y-dy|6Y}lvr)2KtzJ|y^>Pwa&ELRCW}M6F;NsKF)u;}+Q}dxU
zRb<L2{{Wg7e>T*%XIe^K2>tv$(jwPf%)@Z^)RvjSiRv*O&P|;22~QPR95qJbqccXb
zm#3QTaNFq&WTtev5Gd*VS2m{W;r9T2Eg{l)VYeqmJ2M|U56)-GaWxOlDG6i1aMLM1
z(!@d0#$?Bx4loq{`+{{Ymr*Yz5r5%k1)-?Mao;K5y%N#~-e_lW;dag@l#<YPdgp+~
z%eWO4=6W-DrKcLep2#@2;}|=R4rb66=_NL^PeJX)*D?V_hb*LC<CM)Ng~tJlk^gqw
zPAc<#M%<2L)M>#9i{20d@*<|U$SMnCz51P>_k3Yxp!#__pnSR@gL7x`=MyZ{;*n-7
zFhx8!2u!_IVqH_Wi;R;ZW<ig&u!fj*&xuj*m$*IB;$a$%31Jsmnl6o;aA??YHiC&I
zfLB{%t7*~Nzr^4J(%K10ez8nIV#{W`p{0#5p%Sc%WeJB<_hHdA-#|CyGkVo}LAxQn
z_TCUesb^}j{9_7Xf6m~?(D;9J@&tr*p7Z;1fI|=qC0`sx_cQzVBRk96twIpSyN3;{
zHH(1aJsoXrpU{;6UoKy;e0wrC*BNVUQ^*J^APbqy(E|YjqptqDf2S4B>c1cWhjH{q
z^9bml2*a9+=t%{3bkh+^o$Ry-Ar@PF(cSH#2^IPtG7G5>q*#r3kB}^na_7F72%6J|
zC({eL*6O4%M@bkxMp>ng%Ca%Od=et3#p=cA?cdA3O}Yo;Uytft#$1!{J}7>-xz%J2
zuPwTi-pDUVIx)1jXGSTnduJKTs=0k$U?D`l05B18-GLC%mz@u+uC_FQkdZAcav89j
zrWH4e*Dgb-txiFSI44ZSB@yG*-R&?&{n6P5A%oD{d^J{uB2>=%wVpSw{wB!hlV7!t
zb!2W>ig@TzH?r)gjDW+92kNXE!Bw5;(Lr>d%g$}{C8I~C!#wG4r<6+Zw2r=3N{(+!
ztiY7$fPGNOKP;jRq~xFxUyY}@^ccv&+O%wM)O)G4-FcWuBga0^6el@|f~COD5+9XV
z@)fS6(-W$U*EZf`UlmHyGcvYyh8QzkecGhzZ#S|+CGl)^YWSBHK3wmKh;rGie<RIi
zG#mVV|Fd+}=-feAz%rE*zuhRS@BWg=!`0<6o?x`awJ+9ijeU3M;S%GD*xe!WId-w7
z@QwU@UB-*=@uG^G<rSblh$~Qbh53kI%$<1LU5F-Xq%$AkNuBt*&4niJbCV54)aNo2
zB)`{j!Vht`<&f9-S}gR}9*FE-YJ*PB+jjsRkC{}<+gG18t=o)_>`4lWWSM0uLwl!j
zM6}*U-Lm}aJ=PzS0RPH+q;)^x25eYSNfbTapNG;9C-%vG_7NoE-bHddcJb3MZkX^I
zhdDcx@Ec3uZ{j#lunv00dvD-(-Wd4_7k8D9uOaJMkD1>_fEfqsAMp0s$*_O2ptzED
zqG^8?oM}*X)f)%s6<K?^QK)fr*9(vlXstrz0qgwl2)lE6Lk&gR{9Z<M2_{eSo|t1B
zM8WchN}8siZKj`Uo`f`M8U?1Gp4THvFW`z_E#H4DPsMdrFYUPw=(?b|-s*)qfD^T&
z`*%9jyvEUHLsE_+FK$m;DQTcR#0?09QD@(Pz#_$YRv0wak+u3?GUbDR#Lnfi`pzu7
zf)ZcVd&L|rkRoO_ELFjc7oD%mu9zdwq2t2+Wk0F&#cq^<tS!|WLet;IHbmbEz^CIT
z1w0AZuj4i~@x%)kMKxYGD1>IX@~VsX+69@bPUT~)FWJHHSm%!tjIubC65!E8rsYwD
zdm;;g<2%o@YTQniHbox<Pk82L?=Qq*_92jLf6<6RPTtdBrK#)n-dL{<XCU=nYvFZ%
z!nVRd_*0&E(Sslq=p%sH3aDpf3<|{ky?0)e5+fwVde|KXhr!dyM6=0EKgJpX{#jP3
za*CtC1|4yC4@=aq|F=z?4wUb71r8s(z}?kCyUo3=X_`l~Yq5fvWLy;-2nr_Go(jyf
zVXw+-6}#L;xL;S<q#lBEH)%4#Ubst{V@7(aYs7su4)(eTpjmW>+x!xq;g5%@_?vF4
z?>0UP$!goEVzj|P2-S_8#6eiyvc)xT%6qfwGR$MI+?Qyx@RuM^uTV=#^7Yl-^&T$U
zjl|*(wuu&*U7E+^Mo|~GZ42`ogele6@A}iEM(H(LG!ZKPmq|Dfx2ic;!=a`7kpC$|
zX}|#Kb8C3OZ9Q)C))j2U52bt2Cur*^ga^lTYqGa<+e)&3wj_t^Z6gJ2#9e{1aTK9b
zm9m9u?W+L=X!SAK2PYVovlT_Il{et$fwF!8WLd7+XrJ&T;xo;U`X=8Do*G$4PY5Z~
z=t~}?q^uHd(%AF=UBQyQcPn~{D=j(vaUyBWg&G$hC4DE!!4g-1%p4#8@?S>I_^p_`
zQ?B&g+<(*cMUvAMbi25H!<*t`VY>_7_75+G;Ltu$^O=jDpPJ(=Dt4mkM0oV*e}?8?
z4Z(iR{C^#+TM+Eo_^G*K9&1<#ePbpift)EG_^~?nEv0F1e~E6NXZ~^G+vu@J`p$^S
z6Z<ZX5EIDf!_ZXH`Lb?=zCCZW02qL$Dv)bP3+mQ%{d<XLqTh_Ha@q5I>3~>;?ew`k
zpy<oez5K`GDCCM@=FtR4z^Ni=DI!ObDOT>LLbbkQlAM9S7_tfN5s|0d9N<hN%ldp<
zpsv5%_(y#s9jXJC65ojFIuT%FsS!$yQ_O*T*Y|3?e(S<lFN5XbI|`#<Q%3()&L9Hg
zqPy09VJp;f8;15_LuX6-zVU~1BOH>UzL2u215y&31ox1Z7dA1TpE~%v%7_tz>M)Eo
zF*vxX;mM!zueZ(kVqipATBLehQ5B8R{3>e!?9tSO#bPZYXhQe%)iS!PtH_*xwl`OW
z5>=zGQxl!F;b~f#2q+?UCz5uZGKJsiQkd|gOK#NZ4T83s1;M+AppQ)x!q?URfrSKp
zRyIV2Gxle9R#QSzn^MjZD~bY`xH-VCricWsw9%rNuUbr@k6q+8<X*_MQ<#`)E`nN7
zXe@^O*)!~?@?fm3>wo513;Nl~D+>hCe<2U@$_*<;)h+?7HHD5SNQ*8n!%i}3JtF?A
z%6j6Y_K;&nf{k_yQ56RFtL-G^aY8XjzUmv(Z-P~sf{~Za;y*3LkL~18niQpF!&jvo
z^=_w)7S*48Q}0-7(2*Wn$$?r25pvxG!?eQ9(Q#F989j9MP5%XnHFHhvnvg_{x4vb2
zT5krRzen;(L<7$wcm4z_fFv$T)vp#o4E>>zQRinKULB^qz!zZph+-mxS>~7t#^>k)
z5O&ZQr@sq2rJ~}SqKin5#3TT`cV-5m9lbDg5ku}3$=K;R<?~PPJF2;VCh>t3)joGC
z)8Q9SPiH(J+fNr@&z}i1?y(wGPY!U~>SDN5#QMVZ<ZRr@@g&H+K}w$rA|^If2HPm+
zEu;}1=|)B%NE%FHKCjDOAy9!0mC$CFxt|OIJGOqK9N^=AN#*X+MHK8l94DKB9;Y_Y
z7ZgpQd=XfG)Me(NBQ!`s`_G{w78)apF;{;+-*khAX27g{!v|g^m)+x+4Or%a*7m)g
z9JTD+VzFg|4U;NhY>(Wm%H*X9ITS&8)$3zHv|RWvFK1<%mGhmpDG9~di=r{aHW==w
zwdAK9Mi6dqYdHAtPl{6~qVxjusyxL82m5{L+w;eRh?izbf@ReRjhBh&&GSNgtv8Rm
z2-s+2QPk|}(()M^@lydld}q|SXT|DL7(AE8Fg|lVag@Q@zvW#_Qr60i$MF*}k$jP=
z$ehBRkVwn`kNZDw8$>Xgl6#1cy-)5;Zr!auYj-BZPSIVh)VV{&UgaF(yk`9SCcOw3
zWRp)iK<$=MoMzj%(nic(@CX{k`Rj=!X0M<y<F?DNRw)9?gpDjD&dlb}Dyv4mR=6hJ
zsokOwK2zqfE@@2C?bwnept9Ck9aARJJ(3*8C97~L`LgvB&D`)qkLSYbQ+A^La>12A
z`yn3buI8vRcD=u}xNDL$0&~_?mZkZ(W&LSW=L3?TO%2#u{L5+R3$rkC-#i(#B-HfA
zlf)GO8Q4hjIRXc2N-<oE6dYI^`aLBu*Sh_mr3+mUKS*Y6gV3iPT{S$K(=j9MYZ7mi
zbJzKHv-GPBUOOD{9)?UXuG>YdLO{~)2;cAM2l}3upNW(1Dns#n$XfRy;I1bFHkKcz
zveG(qE~4q{cg1a5qTO0hUTeQTkr5qYDHE0*mx)OtI8XS~;`O&X@Qp$v7D>t5m|h8i
zvHHkV?FQQD^VL${8gS3-8rpThmYAip$k!%g_tA{8kemEpTBPrmJ*v}9cH8UVMd3YS
zf*f|eHAX|p1g6+qkG>AtGaWHq{6O5ozXPpz4g<UBWwv5n&Mn=Uz2?2pw!L4+9xdIS
zD}H33AVBBdvj{$itWxeOXyWz#)fG8%&dz-%17=@(RVKV|V(6MBWz<jAHxf3-*9Z@g
zGg6r8hLhbFYNlAXj7qZs{lA1TPS6OpH)>MhyC)&PD%V^*_Lbc)UeX4vlMC<uiB3JN
z%zWtkcCqspRGegAr&_BdbPo2BFDd6FlMq`SL#R^F3Tz&g1DqAw<c-&B=9nq;SRM>}
zWUsl@op99K@wFLi{~2g-Y`fZ0<h^z8Rjqyv*kZF@&hOBXb_mGWj+@F8`vThYkVr3(
z9+qc<CMMygDR}k)4hbc&dENox;Hzny|8cvEelIV???|3ui>qn#FTvqtE4G+ZFc9+H
zo}aWOlg*YKEyg?+BE^$wB2J$VN?x*t73WB4Jj|lVv||S7NZyGslrnO9H&%aQIcHG$
zN%R@V+@jUuWsx{%7cGk5ma>41LR5_t`s2`mug@o2{g!E?c*9_`F92yEGj6uCHn)3)
z0}iYs`xT4q--of0EOfjOoKs_4?ehIIcZtC~_anqs%rE_WSR#?CzWYnZXMnx)VvtFT
zJWe}^X}a-scAQ&)5J+!cAaSOp@Cc$^$6l=RW$kY;-1X@3ZlN9jJM|kPmS$~0!o2J@
zYhqERzw9f}>qeiWMDOz~Z0Huai|`Ci$m{W9Y(%TOPRnicfZhf1wiD&{#@42^z~WZt
zv*nldwt;iY%1w2(dcdcF&S(e5PT`_5_ZsoSde8<kF}%gQ*p0?6inK*sp1hqO+Tiyw
z9FC1dvMQ-tdMNU@O@4B!9a(rJINR2)Qget+W>!{~*V9qTagPt(57);f)ay+GO%MCW
zIZe*b-WZyW*If#UOgHPt1ey=)$K~b2FA4_4zA?}e@c)N-A<7cmemU|j)u*DwgJ*;o
zr{5}3q3jPr6in|_%@pf+F>`S=MQ>G`5QmA%sAS3wF-c_nU(Cz;|6*P!y~kwzY(zK6
zdbrFbE<PZKGw)+0E{R1la}E6D-R=0qG&2rUqr4-pgG9(nBUs|DX&!!TU(KoB!h?o<
ztBMgtYJ3fe;JDY^UECSmZ<~LSHdTwKD&vkCj8VDkPDvKgRZeDk<|aj4z~;j_g|^_-
zTtcs!mDSrwmx>|IQ!QU3(lRkm2a~RWKb3W+du)D=h?-(^IVpgr)3sPEZN`Gi)xJn#
z_m*N8#}(uB=3K9kGVV7I;r?v&Bx5;O`;Hgp!SK(Am~c`kSAGsBM=f<%AH|(<mkS5a
z@(`J%s8Z$Rmu0V(d98mhQI5w%?O2JeMcXLj(-Ou1mQ{$ImwNVWelmI3syL=;Daw4A
z@ZWVj_^9qLk6oZAno@E>vu(fg^vTffPgBEvTUZhK`6=^;_?r0%gRK$mSL0`h$HxBA
z$FcSr=lcDLcR3s`1Ltq*Z!e`WY}K?<zyQIv3;ft>`4Plzix{ICP){#^SEW_40|T*m
zhK!b3poz7q;Sb7P0Hze8yfv47lAs{PFv)lNnmeXDo0;Kwv$N<0fM*~$dOBb49xjG!
zS~4++3`)y_rgn}oc6iB4;sslR%7=$A&(#!Amb~goI;z_?9wg*BA`yiZ)V*}wHOL8b
z0`OoRTgiM4Lu1qZP}IuXzSF@$pc-`_b%?GIu?+0Ln@s^7^jD2tIP2V&9>W4Tc>ByB
zGoy-t+S_x-#cBd;ltBv29U%Qfry+-eIHktY4NKywiB$<D%0=@b`K0ZnNoJjl5f!TD
zWwx{vLa^L#mb(A~{Y*d_MQe>`(~C;eO~F#T-R-;-tQ@+2K|Ge0{Bdd(D!**n@nc)%
z(n@M|BlB0txGm;nv<4KV`J~#|SfcLoakayD+hPUBzFCG&{51y3u>u<3Y%{hwB+M3I
zC#%A*+hwaYGElDzqug%h^d*4qOwaT<B5eij<8!l%KS~ny{N(uW$L4C2yl|D*mrZ6F
zMxM^?{qJ8|C9*O0{%Y)Wmo;orU&J@!R;*}RVHX*}Kf?pmB5hRU8U#VLs>s7<vswy8
zObJSk1B=J?3zGgtsGLAf=(hQ%e+NR68KpSnJRhKG&X*y&N-(t*8|uk`gA1!V`9X=d
zjfU3XjVig8Y8jvYNdWC+&c+`&!IlRYCTY{n(L>0Q_02<PSOOiAF(7~lPg+G41d#e-
zVrtcD;z&FA6V*X)MFAP(7KEKwHOu;}KB_S^PoB!gld_a0fvAhcPsKRZ+@xehBtmr;
zlUbrG!`6R>B7DJw!5PQ06{k5tJIxaEpTenohz+AfP&;U3CcJGrfmlcth>tC;f2zgs
z;2&z;3pqF*LNe?)FF5E=_xlOKvobCj<BJa4vD>X}!@fgbA{e>)7wf~D*hTZRBq=Wn
zobd1@;M$7+0A|{8Q6WuxHj$1Gm_Rm25-)o*D$!?2VdNNcwq-0t{<~qO&tcG=PhoNr
zVPwx9m}(ywTTShaa7*f$La%qo=C|)55`*$RB+e8gqP=<q{$L?EAY;3^8dWyQ#$?5c
zyVYk4bT`RW6vMrzIN?gZt<`A;uHgimS#WyWivT$|s?q5r5Zj~qngw75lpmx=c)(N8
z8U5sQ(RkO&byu!DQq~tLf-xXF30utkP*U!e9&NHfnf(Huf($C9r#BdDBLvR~@};RJ
zWBIn54(<8-CSF03T(j72NT?|kD<1HV{A5#L-o59k1W)!)?DM;@Xd$X5#aEjLKbi!Q
z418968NvnY*^Ef2xt1D2KJNx;z>_&gb+j$3{d!|a<&uZY_`&wJL>AOB)GRT18g@=@
zV9h=MnbI6VwpC**!m9a4F*<^zn=!`*2Gg!ORX;$WHYDIfujIbp0`p^t<t)%-vXs+x
zk%Vl25H9@*v}rS!*-rtX3t`N}(POOU{Lp+=gM{|RCfnEcc5Y1znRF@&I?>U)w5(ty
zzVV;5sNW+RwA}6Wb_&Msa~SOYQsPT_fdb5XZ*@BeKGCXj_b@Ue@CQdNdj#6$xfWvB
zOChVQYmhjsq}cbHm$i_q0)yv;*DDdLWW`J^IcfJ^#S@_e+HN7|vMN(}BCqZlR?PsA
zA@fBgF|HKkXC5Xc9vn~`q~ZAHfGvQ3szl?p(N%yoE7pQ9ffw)>N>ZDP&|TrR<^<yg
zyg_cYrkF`1Ld@t^Ym6;Wu<rnSK_k%siTZ780gzjK4M?O6(chJ`1PzO8T2kcRnl62V
zX@t=&mMyL1R$^E%>*1*!RpH((N0qPp%9`p-fkcJ#mi?D7)~kZ_E_}zmDn8TgJGw4U
zW8WgfdY=XI+S8RlWz_ZhY@=pC<cQf>)0glqv~}PSfUjV1)%rj5@jR=rhawmkoLMdF
zh&anpGf+nxQxAEs$M{Hed4=&9Z4-0By@1%5xq-1pjX%(xa^=AO{`YonSpds;&RYN*
zD2zq=={iZeBSEfa(D&C+@}r}Up}ESWTJ^CxiJ6r`{mw27)4G?@q<{+87|K6eGCMOX
z$k_r$;`_}+jsa8QgOONC%_!lK+t_&BWGh<j=Cw4p%RP<qhAImRW<+QUYcUA8oaF+g
z_BI$r4!k0`Ev;JgjDqoUQP+c$F)M|lil6o|I$ijAU0^MG<e42$6;T6o>M66vQHD$*
zn(D$DiKPR3ei$Ybbr2K=<8;0bqhnK4NV(Xz$oJ<|OjiHkWiO6Nue?{Sna@zl%Chzv
z9=EcTzI*070l6f-Mdl*5yiCQ}LE7WSR9pcX%eiW0AfPs3TQi6p2#!YBTnk@QwPebf
zq@a@t{I~*oa2wWwnY&MkYFeBJsnBh}A^UEqxEr<?vlr`-zc`N4SUDu-&Z^Uz>hg5O
z)~a*iW5c!NrSVRhXZuX!3;X8rAj`XR!KKmXh2!gV<#(*>qu66hqS$2*eTA_`oB!{~
z-*dg`o$}rc)gUZn-3rPyM`Zy_c<QPSfFa{%JUEu%re>C8qoW&SO5>82abQu})A~q_
zx?2!xV@!NNyrY>M0_#IDX8fUOBg;;BcofBc(d`>SPrqivHZUDVPj5v}CwexMtPRk*
ztqwa~g)J+yL!P?*7U^}Gjc#&_L11$4SeF9H>sxxJEs&_HNH0v8qH`k(X+scLu}hCf
zmQT#68lB5rNA{RPXj8kL^0Ew+Xs8ItRCc;i59n(-(DJ|U)SMcLcJb4&^sx%*_0^)@
z`JoP7#qB1}Z{JEXquU=(@P{s#2Ts2T01RgXmaD^`ke<{Du_RpClnY=p(p(6oCxd1p
zz1-Iq;2^Y*R`%>b;&v%^jxIhM6KdN6J%5=q%MaPYwadIRAC+RkAA00X7=V{RTOV5w
z3Rdrwbu2&UBa}1Izu*I<ZM;yjMH4{(8+-4*E7*u=_@X)tiU?CUiQP)$6d{%0wdJf?
zm<LMFNci;J+sA_B^pZa5%nAr6w$-(@pWt>=QPK3c4J5|Rit*~aG4>tkT*sHU_3~t^
zf&AAphCjek-n3N<5~f8e4@($ZQn!06xRCMYVmFrwEB%>MyPajB01PotBmss{@<uWW
zTZ)r9i2ZLbB`AqfOfhF;``E8bcFeEWYiE^3R`#8QDO;MCis1|CfZ(k>nx;FKSdK6E
z4%pl}KUJ6DewRSJapVw5K}I5cRf`_;X7CQRuKr}-Y1SSJ`xcGy#o$CDPZW>(2|e*H
zx2xvtRKZB*u&!^y(M(pOam8LQwI0hIe9Aeh(?w`3fV+bY^Y(pDVBO;b5Zb?`N)}Y2
z^#;ucq|cS2YCtPeg=0i0Tv;NiWbT^kg2mv^sG6Db+Dhw1cCb~>BIEOb(^AHjbH~*d
z712Tn%odm9fEh1+mDV@h4%Ei6JhC*%j%>@VbO+{Z-0JB~OwWVJStju#cblkHg_8Yc
zGv{CNwZvzw-u!b0X7s4@@_y6zMAd8jT0_mG@qv37=uR15UAjyPu<1yZkbJX%6}<A8
z8#As&R=KJ;#l??G7!gK`irk4REo70G?{jNR2jydR1)|I4Lqm3#q~+N{7;Mkltk25;
z9_S0(_$>EV*UxwlSE2c<8&rp^bjowaamTGi<aZ(Ps7ef_$#&|sc)KrlpEK?(P|6c#
zS`?mF;o2gDn95b_A<GI@^}F$i-LfBlI5A0-a3y~suZBh}R%N*<eYl@+UE(>v0hNE_
z;p2Uc;)JZ=*KUtK-#2z=;pV7_I9YN94Cao)K^v!${><zJ!X}HSk$<z~s-vb$=P;Pq
z3(~C|g|BYzLf8t*Ev9!R?7xQ1=GKd;QGc^YdZw0W7LQ4OqS&s3H#?QUtS99NFIx6M
zpIbX=R<5_~Tn?JE^xH!w?A(U7^RIhYd>D`Mj2t>Vaa?%J`0}kpgRAUW2$YaT!lN_k
zmcSIN)2p@?aeI-o5*5i)ZKoGnrItq#m;d}E%Mlvs3N~@<qu+eRhYq`zH7Wt)sY)S7
zp3yiM9}we*nM+$&c0OySePBmoQF|@956So$0R9%aE=Jp*RQl1+pr7r-Zc}Yw3)SG5
zCvyiVsa)p!Qt2v|{iKZUgIhhT8(%Z*%@l%)z@lH<y5UODg6jH-BdU)8ZHZaCl*DXU
zTU(wqR$*HOG`r$Nt_XCgGrOAI>5zDCE9T|&C21Z-o@yXRo^YgLK=p5nI*8zUYY$m<
zmA)7mN#;`&6y4orzJ@VL6Vp1$JB@@S4voF0(LZ-n8*I6sm2fNsv1+dCwix;9tTfSZ
z$9&jIXO&t^bf6S^jpKZ#z)~iPR?ulyLZZ2%ZaN~A*SbZdRtf`W+T$^&zv1apBtQmE
zEtD6M{g&;g8tQ$ptR(Z2-CQ;pwB(ZRT&Av5zhQ#e@7B}@+SI#i_T5qde(Go${>R7h
z4()-ZDA&eY@r--2_#uOGXea8`%NC$Za&@fkz60U=d?>x%LqXObW!Tdk5WyG=X?olH
zu_aO@VERWY=E8I`66xVEBo4!*w!p-NWTyAY9r<LMfYlj$stoCBmM%KoRKmHCfn=Sg
zw&R{zSEVNfT6!S%EPx>N4<xo;gby<7djanpSl{ekFcKjfsXnPVtgr~wk}-=YBdE)E
z7#W=W^+2Y_-63B&m#YI!GN&irb$|MZ$T#pA(5UB)9M3@P0TDT;sEbbNov4thFKd(v
z7`87W&cC$>QaP>|jJb!phS@68?6?STV9iE~za*j!6zU|%VMv7SQx*fAjG~PREAOsm
zvHLf^E3nbSZkeK)d~&SI5=ex9G5r+A&O^P2g?1PTEb^PH(KH*QU?Jxpg||2f^Nk%b
zTAACS0j(S{0yj?S(X~JeCUhM!92@71X3YyGa+ict`g)=!aJiQabTdT`$WdLaRvnZB
zd4&V3SEEWP6jUrjNURA&8$Qla!q>p#x2TE_S{O*7L-$-WU!(l$FzrfZ7Q;Rthpf<J
zjRMc;n2ify8=+<RNwo`Lnj%^05$gVG*rD^)!$mEGZuZ&f{jsaV@aTIHL2l6tzt-L@
z?mqA+-+X+;s$r9o(<asEHsCGFzz**@cxQ<+I;HeKz+11Sg(dSp$SXUVRs|-J1un5!
z8Wv~$qF_?)$Dr7|q*Y{8?!RlIds7v`Oo)jZ8yP+{Fu1R4WhTbCF#8pL4VN6hpQAF7
zV<Ui8lHA4{Judfkb%@g=O6q!*fe#&J6}11kB3HEf)#&OkeoZ%F1~Eyt!rfce21J>^
zx+;W;qj1zT>B9el%zcdQf7)-9L9zT_2wGxi{V)C~N`Ay<$^Cy<R0cBq?<+<o*>cW&
z!cy!p>U+6Q?7f1jAteHh@41q)>qwUVleSsmYHTt8gf0y`z}qNIW+)|&4lz}tGLe<~
zcQe^;&L&{7?;6THU;w%_cqdC$aTLj9H=NFDAeG6BX|W#(aqSMqMBIvrv>Ej)Zlvx~
zxBm+J>%YS7YwE6b#jiFD?DAz*8TPP;>WE&!=IOZf?|%;d$^1IVts|Zu6&m@U!#ZN=
zrT=4D5l-RzH#TQP+YbFZJN`FmzW<v;F)`EuRlmZo+2_BzGufU0I%ZfN#IV>`ygDck
zJ9s0Q4wan&nfZ9kF0RUbYfMgYXeYHyf^6V`o?(_SpVk%$F##^}KWW=*WRaL`?eu4-
zpUs;`k2hiLOTMl0AK8Zd+SK@H*?`^Gts7b6+8$jFp}ebdabL@D;drcp@I3KB5w!G%
zSJRcY$xV#J_uqr=<2VheNTJO$)}B>T(iPDOgh@F)z1(Bs^@giTHk5F0h42b;I1Aj_
zGX(6(_OEi3550uv@^G8uLyCwNI7vgn^$^k>%I>><4K^k;*0AbQRKW9X({FP81n8ch
z)6g?D<vwXHe(IZ@1flT_filUYB9yY4%DRGeG%wx?0Gf#vY{P{RgOFgad<Y<>bOeXv
zaM#EZG$UOu$#?5-XWe!CN;+O#Lk}m?&Jf@}Q3tCKd37|71+p^bE`b=rXh-%GT8u|V
zEaD_<^p2cTO%^}8KRYwi=B6w9WIPJ1{5nUz^geH#t6A>h4wCC>5^%NnUM+&jGO=CM
z^c8wpW^fj#q6OZ^Cjvb3x93|jc5fA0uu-{e!n39Wppuh#O99U}ubyn%tsvvCsT|6m
zA?^SjNcH-Neq==kqL*g44W-8E9<HG02ZDTqFD^bs3DM1Bt3hpP4@`{6uuYED98>5f
z)|VRlI^#lfNu(lv=ah~tjW5BKkmd>cd4zsDo_b)BnR82Dmp2O{e86u|3M~ddc@)8a
z)OrBkl1t9c^)J@3q0t}gyxrV<COAI+3p*lwVL402CA4C!)R<mENZH)LqeeBgP=axS
zaYmc*Qh~Sij8>COd)N$KVikm;4Uad~24PEuM7v}>p?SJP8&8V)qeQ|fbP6-k{)p8%
z%s9|cNtp&}Z~vPLXV1(P&;X^>$QabV+F|ABVg5c}#OEm9b(a})^6BC=J<xuc$943(
zW!-2?l&lWYh}^ui_Z<vXk?JTp_N>QEchh5To3;Lgjm$A#h|ijZ|CnAeeWm44-x9xq
z&wld>TxG_gMKU#@{|hAnvaD@~eRMmhZV(~xech?O6}F*B2(Ix^K~+btGx={Fm!rs>
zc>*zmnD}YI7yICwT^U`diqTS_LA-hn-*m9nlr4l}^arUU7Mtn|3Q@myMBRZd*F?Z~
zL7<2v5E(~QTf}K6W2o&j9rXkIxpQy|HNA;h8Ld_eK=IWWBl0s^MUBD4OQ_7t?N6uI
zq=WQlgY`S#4yR_?3(uzSYlA7oWU-S48m~2Nr&6$^9+q_|%IwN}LFsfe+1vex#fT4D
ztz`Q&5cAJ2ZZ~c^%7s0~L&RIb(;#csN>0gT2SB&oxcJr3Qk|uCSpOy!qbHnL2FO?Q
z5WhjJ-vaIlP9&*UHfZhTJCy9hq(k`Mz$@z-%R3q=f@zcX!Vw#eLRjsQRDyv(&pNj#
zJHT))a&?ak<Kc%}zXn{x8WH2RSqux@f>5?wM`K}ebD~A`zmife;7f+V7*fzWr>u8t
z?SZg8{_)K2a<5j|y4`M5gS4=l0MS`UEL3<TKt*n3s^BIR%;&-Wa`k?CetN4w`yy8D
zx)|&D*N|9P8mlCZu+cRj(6zIyXxj`}bf_OqtG-e56koOL=P#OFCFU-#VvQ&dK>on5
zCVeR)Z$3Q?4JKZ4%0}~O`tvG+?uTm@r&@jTJdX2QH313TmPU*8i2^CJqi&@bW(-E*
zbxT13`E@s@i3jV|BLk|s!!WuSLkqOYnZZ%EgkFf|u|-T>qg6ZK))+$#34q(F!;(Za
z76jEyxR4P#cRtY{N=Q71=fFHXJL$sMUazoDy|n*cI{Pmki&$NM!nzt4lldCqUImKr
z8Suse9a+oTS;_JzXWx-RqSUP*wOF##MJiv4SYRHT;X{*G7{?>cID<8*bd$f~L$oR|
zvn>v~LQhg>23IaxjZO8p-P`g0lT<9`V?3;F7`pXrPl9`!U@GP#;?)5n-Da+j&Z9#Z
zsrBs61~xUq42-*&jYF8;Z!^8QranB&Y0>M)0b*cP0qdZ|MOF<~lKu77FXbR(Y2uOh
zkgkQBbB3QVj!x}UOlugmVHTF~GeFD+OzT#|E$_Z=!Pju&wBMo?xz<+>JCba#R@hua
z3)+lMXLsA{@%~WKP8-JAI&jFXZ{9!Hy$!!TMNKX=L5m0ajYR3o>nMy$orTpJRG&`1
z_)sRPb`qXY5^Pf5cP{6rW*s{Hk?sOoh*%i1Y%F{tUOM%!N{Hk?V}9bLC^P{1(yyE>
z2=cvXaIoyx(ND~WyIusZ=Dm9i*gN!tl@=^G>d@Y%3M=T%N;~7XG+!T~ocDKsJPh<)
zgC1_ij>9Jhdh?HS`;@KYj&$evX8!fj@*Aq6^E!g_mZbGCUXJ+rfbH`S(3dng@CA4y
zi`9@f@ih2!z&HU3#$UOhHg5DX-E$zVQ=Mv(zPLgA&o<&|hdMua5Uo>T<6(!u;s8H+
zizYj)at*xA>J5d84@L$3PLJh@RIe_4$cv9*MV!EdW1ionJAdm5o%Gi299X!YgAcTy
z*O`F<9czPU*C%dUHv=VWcmTAK#Jfb(XLtc5?OOLmxA<FsGFOz{?x0NSHbu0QBOZrr
zZB601DlQtJd=wbt-;ln#C%Voe@nTg^NCC~`UBJ>y6b){`5+&|PQz{QHZ=H~I{}u+-
z#T-8LE@p_~?<Z+?&E7G9thubKYP_PdeL>2#(gext=<VjWY;269*DBCD&*_e`gK1+Q
z#@XXW8)Kiid7hM#pQ`l-0KrIJE^!W}$<M*vJ4_J~D@{i_p)-{2`1$O=4R1EPAHuiz
z%10$#d=xZSKIw6|K}6~tmO{*|&0?H{aUGr3N;Iks)@kYau7_fKA?=&eH7<+R*X(2u
z9BOcjY?O*s^*>3+`qbf;RW!)=a*l<G)n$=UY(th0#QX5LK)unEH{D;;zPjzOMN@je
zwCayV+l7TKC)D=uzd3ypt?%uE-BN3}hq&Rg(MkCJTtYt|rzbo=>}=ofr>7+iV>{k&
z4|6jLuX{2hIygV)-*+bm2L%N=-9ArOQ%4axr*}0xb^1;w-%l5FGKWJnae~n?J>Le3
zFMl)R=$ZEP^^3pB<ni%o^YmjoGE*o>Fv*Wq#T!Ic&jkeIE@ndr!k{-Tby%FCv>QN=
zR_B-R@(gYs(sBHbBRHQJ0F#H%9d$aQh68jzvM}NPjt-92MI{G>coTCrL;M@|g`53I
z0>{ansogvSb1d)PCp~eC(_1>AI(uPl$qG^`XFFLa(*+ZLuLjhvN$!ElGQr57q?N?I
z{72%Cj)kRnK%n`N>G#rHDu%U&8>gsBN(uyGCm`&sM#5-hbe5o9UbL+ooMxjWPA}&m
z-?k@kgVKFLq8>rd&yzmu#FE0`i`T7dA%I!XNPBJJ)7^ZZ0ka-+)V;JZ%T8sktr?qr
zbc75x-+bq01a`IKWe3T776wkvq!Hg!Kg3M*o$X0z2ly@!c)qeh5W2}~$HBWe9I*!Q
z{02`_ffR*Qafi>O{&_|IZqIkT7{J7@fvcvxhGZ(9I`3lWYjxs(7+6&Ote}f(Ies{-
zC{tmZ_EmrviOQYHrs=W;B0Mc?(ZevU%Q7gd^&Y_X=rPL=K=n67*=sp4wLclBQ>&sk
zP$74|hr*^j6_=bs`e<L#@(<$pXghR_F!8X-(E<eujl!8d0EQTdRLgBcuGBeFlAWc#
zFz^gL{(DEp9EX2)0_Oo{hDB)6sk&Z~%q)}Kmv+PMb_li>s+#lIFCo@nq4WwT0E<L4
zwP1T!tMF}FU6zyBpgrI&Vheof*`ZG+l@#HN3zHcq+bBHW(|=q{a=W5?#)8XX*&FP8
z+U>n2*JYQAHaMMa+#urV6zM)Uoxm7b35E%dMpCD#pAUnA;7MZf<z8kLg6;5ZH(mbp
zhLCjW;>k;>R2~M`vi7}8xWf5In&lQ=bK%vUuC8a=eDKQ2Mub9+P55Qqsz#WBCy?ZO
zNd~v}0#X9-4Iq~6gG9z=!ocYU>1!7n2l}O<s=wt>l1x9PZ6g+6W(oKDmD&o$+j*2o
zKm~<>Rrr*+v&%IaB1v2jQ6%Rkq5U5?5^t5V`@Vy&u5v=Pn!Vo+3O7lRei?Dz&7MeJ
zgJh^j%DE4*#6XGs-0z|Zs~GXor=bM7_d0M%twT}R;G^d@#!Qa6QfQXr`7n$I52Zrj
zqev?-jf_UM*uIQ`G@@XN6nU%5VA4m3H7lPW<mv3HXXp0L_U@AXNX7$Wa4{nEq^LJ5
zGyjOGxHbFH;S`gEmai&irW1tuw_()UQId$-7XniosPDDF6H-DBuojf!V12v0`iF`~
z&v6}Ytt_w!v1nRUEsZdD@<tA-i$2XCV@Q>bGxv_b(<DNS4U7-(<)Yn`)`zB&mU~7|
z>ylt(2iFQ>XeBHV^`)u*HDNulyr;o;z1&2d?Cv^YTm-7xyDQ@?P|};a>LwZp&-QU~
zaCoDVqiW74V@m|kv<ORes9PuTQM1RmJae{bQzR~36?Fm)qH`Tc`!@w@pPe5uLG}(t
z<2YmDnrt=Rsw{@gKAXb<Zg79)n>gM>z#25FhuMPD1&7}vb%i;A;edytlUH=5&j37J
z?UZRFeS;Cwfkwz8vM}#8xq1EGVf<)B*s+){=cOALjjOP|d8|qcG_Qd>|H91q;@;_l
z=(MIYxq6v3y@|aSkER4yWX=G7vl~gwTJVEUMs7b%SqT&<;ZKz2OF@`hXB8v8oX`0v
zESm|`<GcoNiH^;K@z!0;MxAsx-G!CzyMCc)!TopVK}3=#O9YU<WiK^cfE$<$fn^dR
zx`a?4tHleHN@)5kg=r<<Pklg7J%CRgtIh?mPM?V&AJ7U)Ny;#@y6I@g(@K<`AO{JB
zD@?3;18FOu$MfyzL`PbR1&e5McIfTmp=E`KJ7BjoRmqFC8FF_@ZZps9D{$pew9&pZ
zYo7uYsN^ZjxG-sZ*<*XAPSOYv(@@8~WD<M~%q(l=J*s(v(aCKwpCUpL6vzVEKRXvA
z&4F(=vKKMwILgbsCY~^}XdtQ9;vu^OOC@9(F>*;qFPAQ3#Fxnr>+2}ubP9E(bKfNc
zYpa_%Q~cf{dlRPfoO5M^imtgX!z3lxUps8Y#+n@6(KfnvnN5fNW7cK4z1Sw-g;2%l
zb|0F=<wdnnx2ZpT+7wj@=>`;$PLB`%0F=W779^(y(p;%|GPDD=r{R6=-vabx0SJRx
zz#q!^!=g0WMC{6K?5}Q@*WtEG_ZsiGmC*33<!Wy_+LoO(W<88}zs;C+L75M#L(4^j
zHr$nPk085=FJ0|ZJ8o4m_TCTKFpWgi!DPwb)5oM$Vx8A0;J9m!2}1Rb&OE|}oFF^`
zaTy=%w+;NUNL=>y{&HD^c~eiZ;0!eIN$3YwQBeG8z#K$WKY=;bz4l_b4Nz_(TK6v!
z+1S|13k7WN{JVj<nc(AJ@?ic53f?obk(8tf)@qJ9o9})Bf#dWb@jvjIOo-sCtI>ff
zB-_&iW4?9)u6|FHw#ioIS-ZM%<qm&487~w9qai`Lq{V_+K=D{hpeZr<v3cqz#Arx9
zr)pAHA*r<_ptnK&6OINp8wz5|%?o18ALXLB%jZOx-b;mXlq&uwH!-#Uui@P4e@3{`
za>n=4{}iXj|J!ltw7|Uicg*PCOS$!Nlx`7DPTLk;wpv50Bxq|F2Hyi;I}z>-MwcM*
zo?vsuTXy#~D^E)9nVf{7-v;FNr#`7IrL&JWKXr@_Yt&w%P<|N{2WdNF)qH%2zf_+w
z&BlG88NPXuybG7n%(`nbjtvg2M;&+QCqkHlOdGtW2yqJk8r0jQ9}F=3WnO8Kx}!6X
zpHalI365z*g^hK$Gma!}w$wUgk>ERwH`!)bX4R=7EvV2hYN=Qh39FXy>7aBH)fM)Z
zLcdH+2bY2<v>9Y1D2uYx+-Fkcr-%=PFReMc&cVyik(t0wZrjRvRW5g)dHrnItqfjF
z3mQFeJ8e-(nK9=?W*Ffo(|CY3{*w{XNV^Rt5GD7J?o3t1%S6Qpb=ou*c9~ePOMD}r
zeI737%X^8R$A`wp5z2>TZ);Uy-Wp*mwc!ZDf?wV57F_YylD1$6K*6n<aBM5-Ne4@e
zUmQj6zoZ~3q;B@5jLFX(%7call;m*mDkjxzCNV~oanuDR_kXCkJPb%Enke<<AlU(4
z1E8-RkO_KwYon`$AuKRO_mPMGbnh0jE>Zfi2;5^McOt{tN2wlXx;Tc3*hn`%l^<XF
ziq+^l292Hnb{+m*+XOzrULbb7{Uu-u8M&pqzSjA7tg%VQa+2*C9<wL2*+FBM%Vy{c
zXQ%T$ATj~{?}#Dt2@UoZW%wP!z%%gU2~JqXDKZ?*Xb97|57V#<^Ab!DK$O%RjqgGI
z3Y0YaR1dWSOzmR-(_6sHdpHN}-?OaG4p>Q#oG{AJnnV2Fl+)_jk~mSz(Kh|dJTbd#
z*q8j=8dR0W3<g#eFNjLmnUSTD404*1I}Ncw<I6;yA19nv<jpJBzJm}td;VnAh@Dhg
zH6`q~lzB^|_rq8k!Q*dcbZ;--k#{9+^6J1OZSrX6XnHZaL3UWn0B4!JGPmD%Vh2tG
z@|tbb@}Y-W_fAll{UY;H={y}~{plv>gU-Kaqe~1=zDQg3WS5~@R_w#tPZnhx{C^2O
z0#C<ZWPnYx88#r&qes&6qgYXpmkJOC_5}?5fT{>y<m2$9;K1o<YRz;nGs3s&VPn1`
zpJ4fs1m?VP=3NzvDVnwfc%8^rQ8(&ah_XtAdXRg<gb9UETtw*wA(z5TlfqpDyl&G%
z{3dIlRCdb8Q6s0+jyWtjIr$d(k#F;%w~-AX(C8U4aV~6Pj9Y{RsVHu(IqKS0u6UX}
zB}IOX<!BNO38VGY+c2sa(1oZqHk#kkJe<GJQ;NOPvi<Fee~p=WWsNmNUSeJf>ESw!
z8^D2O|0rO9x!y0yb;2>`FxIgAXgAJ$fZKK`u9kv=oNP_)hM-6!0jzAXzg!ap#@tc8
zEa}n9<*K?*sUZ4PXg^bKoDn@DLa>Qis2x!AZm~n%Y^JUfxIe0DT%USGn#T`wZhfVg
zCaqW}Brhc+wfs^ZML$$i3rBoeuND9yqu0;(t`L;&`(XT~;`GlIjW}P~aYNQ~@@@^E
z^h9~0FSzIT`}@_z!;kx2z0X8f?^t~{PBI=eCy471Vhu!psqSMB)CC*|xtaT>%p99@
zKsp+79+u)O$abwN5H*Bh_0D{)Ymc;Ev8}<Q+w9Sw&)3hX2#Y^P$AJ3TFvI}gusVNq
zZD`~)U~R&u*M>U{qY;xx3*-^t$CvF-HSNJn6kc_DJYY)7X332);?$}Nkhp{)iW(}J
z5h6){IU?r0h7>q}a3gz-%?Vo+0V(QpA=DA-a7jnV)$&oca|5B|4zZP_VxTEFg?{s@
zm9H}|3W}DZF05Tloq8{L<jJ7$WpXmVo*HPl+;0nz{mA%?cDZZvhUzj@8oJ+c-BN=J
zE#sD6410`-n&BmvssM(t$)#_qsh(GF)r~kD5$r?OvP_Sh+)iqncJCq0Z2hNaeR5q+
zd3F&W(0Y~;;b20$Zqo9nfsRjZ-V-lcW`~GW6-(tp5!^~bXUC(mTDlT1W^vXZ0Mp@P
zBHVNVFl&8BiJ)T{p(>XyZdw&<uJ%liyKB0e<}(R->+GHz>v5Hu?uf+MaQ{IsTZ#cy
zuYTE7*X}gb*`qyttJ!ER2MEV4j-9HXM`e~M5Ntb*%!gB*^#GGTi~2y>Q(MK>9y~&b
z`77NUH`_+g^7gI`^O*xqAiLSy_o2wR<}QYzRLKN5w-*P@%m>?@7+<Ufz3;spg%N`)
z{j1Ii@*;Cmdfh!<Gs@+6UpzGse`Goo=!x}qO-f8Y618BFEjo&}bO%w@d?7x<7x7tj
zbPnpc0`%Wayhd=lrqw6XiZQP*Dut-uw}}5sH6@2nImNcLE`*h`EwL1%f@60^K<zbH
z6w~^Mkixw`FQWM#D)HNh^S9b;u;}H*_J5`-=Kn11HBtZdvflV#kFS}?R!5w<7*uPz
z{rQ&v)23lHSmd!jQnDS{`dIzHYyOY7|MwQrCY<t8@M1qg)NaBFQpobh<H?8d&q|2{
z9Y<Vvp`Ke1i5^N9##osbkb!H{uZ&xMTaimqT5#HMKoHo=cHc*&$TTgSNp?#!vKCmj
z*(QmjWbMvk!BfF0GIH@~B&I^jnwEg#j*TFo)H>f=3v{m(57`&>%UTbd8|Z1;LF|Ij
zIqg-c{+3p3SY_s~h1w2IMoU94fwL7h@IMAin$HZYBLMenF337_g)vg83OFIf9>Xeb
zd7=SoscH1)z)5sqw|lNFfemb0s$9>DiisJC25F1sbzH!g$%d)#UY1fVKMbzefP&;B
zJiZa*)mf}1Ejk3WB}V7k41qGxo?;dQxuDRgc7~d-MTmp&)AvOxF#Z6XJG7noVH(#D
zlm}w1q`C?S_B%{F^H{1?kU=IGY57pR_yp5{tkoC*Kjloy8%<C9Ao!aFS^IFs>$o`(
z3z(S<{@@Dw1u94JB`fZFe`UZlo9?)0Sba{K4GQ}YSaykxW(YnV69Il{i&ofvSD6Y^
zBYEXUigAthT~k#@{4RH})wrrk@d*FbZZZx%H{`G+x9kXI9vf`KCfJM)ptlRz3>~Oj
zlk55y-YFdW>>>0a@DU3^UQaqZG0KIb7lf%FfT`;@Q7120TXO1y^YwY6L-LDwV0}3<
zzirU?aKF1j@_e4XUL5Fb@qBxFdOAKXywr66mV3Q};`)9fQLen6?D6J$59@p-iXXkZ
zTk&~xz5rORFD~?ks89-UJ7wtXzu7GgRO!?m_ub>m1(Oa&dj6yICN;<u&ZUa#!En70
zW0<4<?_gQF$>m+krTpO7)`7H#k7%Ew{BcXH0+EStpQWhj`tP$PUnrPzajAn^Q)7Gn
z>lMays0oGbf>Ji0oFOX#5?E9q#dhOAzZ66LMe}=VJi?}|Pum#tNDu-~2rHZ7bqeK$
z<ZEJB76mXFp-!IO`1-_ZGxgm{?8;NXyJ9CR=OC8cPIZu`l)`PR#5woJgD{3LOu*zO
zW#P(zhf8dmLXz!EOzK|14gAPfTj9s{<*iQc7ahS4;)<}Psw4=sD5(F3uy=}%G}z*J
zW81cE+qP}nP9~h#9ZsA~Cbn(cwr%I;oO2(p*1Bue*I!lby=!$p^g~ts_J0R5Ds#@k
zVB~8O#@vnRvuD~yltbSrlm*mt2bj`DC`o+|b1$Qo3yK`MCYAmTcx;RYI0w*<$*n$=
zJwaJ22?;29;8|j${Ahc%1bEl-SDZ!VbIO(X|3Q47gCMB_^YH<xZf*wklEI0f=4*7=
zC<foWdYik6RN=|BJwy5$YSA*jKl~bZTO`E|GXuhXBvKvu<(!xL0TvyC#s1BwDr-Pj
zVO-hhqw?!o2vLtmQT;yApiPBU4}fH9xi^rV>npd|R6N_#J&B`*7eD<}+Ug2#GdRM#
zc(#b9kClEeeII$V0SKw&R>`(?^bO!U?s0I2N@fRRTIZ62;1Zre8OK2(TUUFpS%$)1
z@cB<l(&7=eWmLzx`yOZOm-~G&#I`3G^0Yi%<}_rhI<%7n5s5-BkrEl1vW0X|dEa8o
z<E_Ek6u4za?6>|5`xKNayG+{7$v;$It5uS)Lw)kuQL<xe@*c&_g`VmW-k)EG{kvLL
zc$tk9_D+O?3lyGYOWkct6j($2M$RU`B$cAO;A*4RNK?mXOztdc0~s)MT>jXM2iplU
z6?k3@yWu$GZ6V5I+`b;Ls$@8{&EoQ{5hz{Y9gb;S)5>n!IG(M}aM&dc{fgQM6UW5#
zI+kxB_@X$QY`U_pRgl!RP4&9UjQ47JoaR{l?fm)l@me0ee8R3dkh(_K7+chE{pLop
zDKp%YGETix2~;?(62RD51=lbA5R9Zq5dwCMB|`zh;H9he{1#1=KKH<e&c})Gu@jL=
zJ;ytCT-o=FK?7zfVC!Q=#0bJmse7@iHKz$-pREQjz>-_}>+t4v$E14pw1(^Qo{ikv
zG(d!*5I@)?hx?8llB~_o)&KSz?v<r3%OwzE^hFA^lNECEJatl^Y3iasq)2uY1#zO2
zMvFB>R~)p`OQz(61txUSufEC%Hu&LOPPwIS;UN~t3_=BgjRkozV;Rq~E@FH@i=v`s
zJ#~EG){mao@HTj`&}E!cNd`+(!*#(hgibz~azra1#Pzt38mB`WhcCtSRjm!W)6Ebb
zN-C3%-F$WOj<!AJtB!~Z{%y{s0&s-T)OQzGbcFd7tl0*<n{?ggg~}5!wGU|%-y0o5
zsJv~<&q6K1?X%(l{r2ko7H*zJJGIDZE)aY2=iak0v1y|wkHR>QA9y`ZK<(?aT*W&D
z8Oo>Zr_8c%R?mzxDmZW2HjIH6`3xZV@p90$Q?UU829u;@0D|S%u6P9QRU@|GBSe7s
zr<&I8!3=GOFjq341ZAVc)|2|g*7rlMr5=4DW5CE-cawF_!c00kS9qOp5&Daot1wCu
z3INQ#$3^xfwRd;jygNvAMWdQ~9+K6^RG+KJTKl8hgQ{2B!I7^^EFQ|Pj0h4Ix+$Go
z@9%_-zu|;biDiOC25p5xaF0b>A8c?9jc4iJZzgT1b|rV*<jXxo%;`?D>6yf<edY`L
z(&4I>+UbUCA6H3%baf;I*u6fc9Ml1>B=Ncm%mmMHVO$M#5Z%Tp{e#uJBs*PSi0sOl
zTF2xq9^Lm{fS?o!1oJrI(*)f)&7ZA(`72Y7^C+rplS4u3@LoXJ7bKnM4b57=h5z_v
zF}6iLe+8QpJYwzYc226yT~giNA7}+^3y9VL;Oc^bNu-Jj;ewK>Ol0VxR;!EDWCC}L
z7g!D^R+OE2kouJBCZ2!j#&c3h{Ps)*>6M%`K=GDfV<VYha{*1PVdtD~j2kMT&?&pv
zqjVH=L52Mk!NR&8P(Cr1{RKDGUJ`PAQMf4-x5BZ|1b8eI{_=Kl&<wMLbLmk*7n?ZA
z7)z7PzXm>>hS1E5lE{84-*ltt8L~r;0=?TD3bA^VLIlVE^5lRvR)!VnA7fI-jC}fz
zUa$^AZ3v5e7wJDP`L`zc(vCAKuueDUIJ8RoegHj1bnWHEtn4ei&ZybzJ>&|}9W7i+
zTF7k5q|X&XyifhFRRR9$c?it=^f(wzUoRhEF=d;<QA+EO9I`e5ES!Wz5ya%wdaOmS
zm_U>fsntMvH??t!V9dH64{_SIc|kD=ykDLIkw-fL4_kzS-{Iy;C`DX}JLC0vRD$3)
zY-g%u3c+`u<@^fDTHvyeg?fl@{x9~vd|KA2$b1vFP)%VrKB22?h%Bcd7n_C>QJw_Q
z(U>gC%Puv0aX?#G$OF1L;Ft)H;{L~uFr5&~PIU7+vMZP~7dEMK^3ZqkFP77+SS0m0
zg=cHo$7aXb!-*InuK23RQZ+5tPJFfQW&0JagC-zVyUG162&;71`TZKz-!nW<*DEdS
z$`|u@hDPxdF#;xSWG*y6oVc^cpZEFX!peuX>Z<9i>VEs-p;n|9-oDc)8SG&F6AwiT
z*{SQ9#AdcBvAHn5#w`B=NhF0Bd2Nm0%$<^PHSA2#KXPNrJtFBiD8>%8)YNQ$dlzD7
zWIH*f>pRtUSJrl1I-4*TG;%g~dU%f~PMY3j8EnuhLr089#k<S5M5&pvltH*iJHnKs
z6CtP0ViAbV<H`NCI1{ohGjh1$dbV!#OO9--XySj$Hp9<p*lIN<f?4BqxvP;EdL~#6
z>YFE{`~UUj4z+>x7~{%X_}lz;e~YGH!@@Q&ZIM{(zXZ)alRB4OV;~551Zl~VeZ6|8
zQkfb>;({3tH&yE3M&P&6^I~VX;4%Qcs$lBo<fl7$%>zI8mRO?9b3`)7rV{}-&y3bC
z7lc>?R508KQota)<IBnfM)(gjf>gNEy_9*=<3j(=4ffXtFI3iXtsJ?M>N!?(TA5Ct
zxb8P8JkWdPXMa#m7XQB_VD;C`gUIt1$#3^YbD57v!C(F<M5<}T*L7sFc49J&vtacs
z`t^HL2PVKD7(nIM8(KT57#t|8)H#XZ;CZHurz$3ROCq2OF&t9pI<tdwR9R4>L*xh9
zx!A*>^+1&Aux{~#GO~QxbiMCU*fOxd?1X5&rxqmW8amXJ6gvL`yFnYsvCA(mmT=iL
zR)0ERmTnbw^Un)f=9U$8^`9GB=6{!lXn1FS9)0^C%XWY5*wl})JXYP~XReFmzfmjy
zdp!uUYOLNOe_AC=#;bcYt^aS4#UH<%r`vy=rm26b{^uC;-{7C|e;50^kNuM-QQXOW
zWug+MbrXnw8)Y%*ceP5IN!+K|+ykSIQPYGNS&BL$G1vVBWOYq!E9yd=mQ93$V$1Zf
zH_3UZaN7Oajz_We`e=-mujr`NZChiR)DFUWp+||G_LTx}L6Ssn5z{h`sSd=Mh1`cU
z9qC?bOh&D124-CBRCi&C9tauKk+B0qZ4*eEO5|lup_71Ka)b&+8SG0`RZgPH#wZv^
z2At5An0Pn<j8Yt&nv>rB0+>LEulF#RMU`^z99tYB+P9;TBSx2Dk>Pvto)=A)MeH)P
z5VY_Zm_x`Y&Wk*jA#r^BRR(%APgOj(6?XvLH^wZe<;8hj^YGb%N?I!CI8pdGy--J~
z0n~X{^GH|;$2b<^G$-Vw*_Kur`Ab!sH>#7&xR9xC$v2BktQ@?>n`9jE%J0U8<qka&
zg>j^Kcy7zn8{E{l5vxYOPJ+AQw_Qa<L|y)Qm0X~V|D}OaF%%us!RcKElldjpMnA<6
zY^TcrZGnzN&4TD+x`Rb<5_hI*kR|ZW=|GWU@6ZPkIr2=PZ>7`z4HG=C5IGFMNZmRS
zsY~M63RsAy+$hlbsku9ERYG>zAWFwtO>eg%dmyGJ%z)I0JwdQ7k!Q^fNG9-wa%a@i
zv%ciaDKqKO+J2J)+fa_zM({G5uEjKZ=s3!=HFzdzJIl`zpO+4gIQ_n3Bxdmix3k`O
z2u8YT-;HNF*---j6yv#8i)UHfq4s1+r_@_Zkk;j=4zv?s(#gfM-|#NXuipTwSG@ij
zdr8k<yN1`W?4wK<+fb{zGK9uczBH1%Nn~I=A}fUA+R7c@{P)RMCauzE`={KBgAspa
z?jQeKO;<T2%#&)%Ajwq9aAIJ^MG)7pdb#boU<r*u<K1?Sr>S?HLHk{+)Vrf2LLJA8
z<0zRVy8sgsvazf+VyJx4@l7H!b6)PvsXOz@dK2-SWcFBkfn~3LZEY4BV%Ryl{ZV|G
zOTtvnX<2nX`)PIhbACG^K@F~HYF(_3j-Ka|_N{mPnVENdleA}z#W|#>$h$aab;eff
z>0L|E34)Xm7<FX4L#)`CSywPhH^f6+Qz80TWEMqi_81ouveeAfZzx*0uvw7)3ONr%
zLIpYYF`HOEMDJcaUn*g11fU|gSl;<GzDCC0e0FOM-joI|yZ|;>0+-UjilGI*`8UqP
zd=5o#fX}xiHV@McSwD7@zO~Fscv2TaEX1$P=|lP&o#%z4${AZD=)(TL5x(5h7B#`g
zUdR=+GdQmAi#}478ecotMqdbUT+M7!I^;k>DQH8?#}sqwkI+jrLMH@{NEjVPrwdw8
zGOm;58h;I4CB}53fXgOrvW$Kg!|`VbaKF=Q(LR(6>KLX~EM{kQK8zpU;m<T{TI?^W
zJgTH!pav8({wktbL{EPvRf=rT(2nNkzZ%QKXWno!s;09*<oi5I&zjW3|H4^@hg<2|
z?u9xN72pz*JQ@{6wL=H$lVoVd|BCkXCd${O)nXWaV{l}{+SUVGOfT^}%Z>gfk?o*B
zLXcpk3$9g*Dzs(gV53DNv6Bb4r0qik!MdO$eSB*O<a@jQfbkp1Z(&4Tvl%v&()219
zh*}#a0j4OmjNHU}cmq;&Go9<yLWi-j2B%8)l-7`H+ky=IJ)18R`G#Aj#8Gm~eYv@~
z8TNp9=)q+sx%%)`<(V;oXpZfy;u*I#UKe?NS!^{U#}K&;=mSQ6e{bh_UuyPT>^NWS
zRtcSKm69qOOrLNTG1$}Alo_WuKJ^=&O-k?v5t5$ZH%fx@aLbxT#&i?bPCZAn6iZJL
zrY!)I9~(<akRfIUPFpgW6J6wbI@`*@re+i=5q&DNq^S59h!JAOdymcWzR=?;=!Slq
z1XmTSa6TsMgZR-i^J|@q)S=)P6)op`4y}P8tA109@NUpBd%V!p#C`NqU6khk{}5qq
z9{=}tB+lBEQnU@#RrfAYf6#;AYi&==zMIGOe^QNiWg{DF(warR0i~wAL1b+0^{$2*
z?M_is@-T7-YNc18bGOKjUCCRzI;aR>plvRuRq+Has2zJTGz<y}@R)AjS7txuVL>oA
z>z4*IMLZkBs@X(Zn>9;RQ|L>eF+<0#``+o`CVSN7xBkfTx~X@|sojP&k~9g}9@$$O
zI`|q8SDetNF=Mk;<e@!p^78ayz5Ny2u9o{Fue-Rk&tStWq-5~Gegu59nWU4=dg-3^
zt|5w(-W6Q^2u<|-S3^17>e15#yU%*H@@uS%cFZ8S{e;@5?)+r4ND}^QOrV4P;g5%@
zL5{VuS!cO`b8o-L{gYtYJ=;eNqlsg%8HtmF>z^n7N25VVjmG<G2j-_zoX+`RG|RN$
ziPQF=o;F~qJa6Dnr$>~f7mG;jG^u)h;9sR!Ufvm$Zn4%S*FyOI;Zof&p+iz4MFS><
zt82kbBsFt5r88%>UpW_EO(ArDnt2Y5*iA0wgiGv}@Qfcm9vdS=@kp*QNffJyUoI$;
zr;RwlO0I6!%f~IBQqz`?Qe`#)lMg^*LX5oO77t#$ZQtrh!jUyxV8SR25Aw={7(FKG
z6L<f~$UYHG&zM`*_qCLsslRu$l2DjoB}sXerv1B}4BsMczo-gSj{(HarrqYU8q2YO
zhKNXs%CC&dS`;~UaG)3wak4rN8#-7}Zct>%McI<2$;PPl_Sx!;zAr-0t(FXqiDG26
zEH?8Bp<*V~?1SK}l6dMo9TD4Q;caNFSX}(HIm37Dpzrh}(Y0JS*P|Le7)*s|M>Iv`
zFB!hF^|0Gbii^7N=g~@2-4}2Fz__`pCb0LXT-pbvS*!p32fSKm1NSJ5^pUuQ;yBuF
z_Lo#>QT899u0vF{nFrfIA<2UdXUNsa+;&?fdd@1kYVOBFz&?o0#a3cM;&6VpX<eKo
z#%d(f<I5X5`uGe~i`K56iFv^uZRSG<xipENv)trqScKq7p)Q5)uN(j*c4(|S1UQBv
ztedLAm~t!WFFOTN(ibeOUz?rim_e=tTkzjcdPG7Tz1t5<ZYOf4MsD;oj2rHab@~ev
zm7T(Pvm0bJzuXW_9;ic>Do;fzsEer);AqsxdUK!<6&j|*(+eUg2lq>PV)5<^kJAg!
z*vb@sK3Ia4-PhFJ>i{Lc##B|P$uM%Zs>L7SEC|m~!8MDCmOa_Nk?mxV_q`OzdxR$<
zaAnlh>z9}ReEo5<q;qeVFWGA7-qrh2Z)lV>05cO`<|^<(2Vfd#*Oq7BVAkM}kdnM)
z8*=!Sx)@Kh5S!%m)fq{0?-*Vtz(L&y3SM6yzYFIGrflQ7`UH+9d88^pT`@1cpk%-z
zeMPvUO|Lv?PO(OrFXuaoZXOzczRu}`>iL`>ay|5W#u4b;O&ke2&r%>jxH?03VR900
zLW1}3O^r&d3d-jopteD=8`vPjN1*)1R{CPd`&~z?Y_M~^F@LDChi!<8rI`ss;_Lnb
zG$pu)7qR2B5OP^6nmks;6AsnmoIuai9v|#;U-<$yTlGN8+vcx3%v-3^i``9{7594m
z@x%dq--_-a2s_f7XN#?uN#8>JwtIF+G)&jwu5G4mXlCu2x{K?bXigPzJPz+$nkN`R
zd6K|VMsaka2sX;45P5>a{x(9;lxwR-)lqdw_8d8L_D2;fp6?Uwi+7g)PkN4ro6xg=
zahSUdT8Z{B@p-te+)S@W)Gag*q@3|Ep+Pc3^C_7AgrTduHCza9Wd?E{ahKnejIq81
zDhINggnLpP@R$RgH8@JyD)s{$?jMw<!i)e|Y$DhnxnnYy(ZlxT+5|B<3~>2K{VqlL
zQrp5t;+NR3sLO-UdgvTC@jrv3sHOF5;R~zqWXQ%px>drysI+#r6K*b5F;t~wCZ<ZZ
zG)5vSkVKX09=}p14$-biR10>E31bY}G%MMNs6ftEnGP!q5v-0hMCL>(uWt%&8)Ro4
ze$B|MG?In?(e*+&)#c7A$RbZG(tn7O!&GIXgsCe^pRb7jJL}p8>kCl+Es=tCq9|%!
zkE9K0RA<yj&0~p+n!nZf&=j0H8V<2zHU-2zkV(qXrX^8Bt#{56=cd%a`<f)!l9!4q
zub|`RcLBLt%TdMS4vfkeNvjIa?KnXXanv<@m;V}75Nw7!0IOab8hY%caIHUZ12b=7
z0~3vZmY7o?>rO81Fou&cz|yGF)D$B@JOkr6BZuS{Q8Q<H$|I7%8DB=uNHmm4Q3UFO
zHf%9H-XZLrqrI)Msr}ct)b~P$`**>6lZHg<Q3q-Qj!C8#-JaV`ziTa(M#4lNL3G*8
z{sKmqO{q>q&PlChb<T2q#iFZvtDm>(!+u<?LNC={kM#LLycn`0+fK9cGw1(6#`@xb
zI!^`uJUYe{^MNlBD5WeSZIh;;1a5<q*{|DpCJ^B{l3MZdO@r6M=yv9qx-<r`uo19h
zhaVjQQI~$SfM>K>>WqRA!KE*^oojoBma8OrUGT#3QW6l$lRO3UD1#G6QMKa#aK?>t
z67@E#3Jory;+d=ODw{MYdQ^9DXXVtGK7#IpnBpwbVTXS#B6URMR4Q(YJTw$z^UY1l
zJLPNm@zJ08J{Ksivv=;O%iLK@qn9WL3BUVrs1BC-{>K%AfHcs=Yr7Dto>v;qo|++^
z44!9|2kLdTdikRsKy(&?>XC%wK3o?WFd!d6bc(&Vh{185Y-4`vkwoD>JU2zi4!DLG
z%&qI0U~!)0#^9u34Z!<Qe|@!p8J|-j?21ga1*fb(W|E*7^2vb2W7>U^Vn`vuveZ#b
z#+9CR46i7?R~>mwKc)7X<`s4ZI9{H8v-RPJ_K-hZTn^s<0L~0QU&Of)b3{mNu&~4o
zyRR9v|6hv_!|$ad^Cs%(Eq6ybMF(--3kwG{K;P$(I{F0}&e#~UQqYPjDpA}2FG<Xn
zYyt+u49D%Y4Yh^)WT7*^YGrbkZQu5T5wB$*<;&}vu4wp|&(+z=JExWdQBZej=tu5;
z<k(e7)szhYas@+LEH5_BT0}O&Y+2#TOEE)3-JhI@%H|t?HJ*A@JYlkBN+ia}f_HIJ
zrQ3?aS0<YE_b@L*R4L;nOf(9Q%#GwXB0(yzuq>P0V`gv^VHjf}^Og?mI7q228$H7v
zi$<W6vQW2;v9O)0T29BTF4Gn;ftjEEY#~1=Uz8MP>|bT2R)_+5_&(yV4L|k;5fKAh
zV^{YV-+K<_?_wa3RTX~yzZl}hlEy#(4}^Fd9eT~7AIoQu*n=zSX%b~Dm2PwlZSzIK
z5y-JC-=eTiMs|{@yJ|@;Q#}N6Ns%w@$_IBO<*2HjR}NSR?DA!@sye|=*{90ZoCo&*
z3m|s>+~!M{jMRV#zf(c0hb6+7%P{XJGX|J*W09naNgk!mlQEjawfg(~=blhuLr}Vl
zjMg7LUFt{pS?EpR{+CwY;eEJUVe<Nes3*SJCz3QawV`<HbrxqT?HppNZS#?dCWGV*
z{CFoKCRkQBy9PN;BAS!3nXP~RjfU;NH6f3bIrdaO8(axMKC8VJbK4Q`?4N73HNAYF
ztjP@_x{KE6?0`Flh%)rU4BOFg%KWwOlEpdW|K6CX)07wH{=MnXjq4WpTKwFf9v+sI
z6!iZ-ThAKD?4H>-3^W-$oBB9kF3cT?HYAC}BMj{PLsnkSUz$>FolnO$xx~k)slcH&
zQJZ2BU$YqTn?z9{t%{%nQrhfCWWKFdmq{2u636@Sa{Sl4-47}JeFMd`?C~4S)t-$2
zZ2fw}Yv#AeZ@hIYZm$zd6OtPOUQ~Kx+g#(;dBhX7PoLLJ1xM-b;nqt!H#k**z#kY7
zqasHtx{||dkz?&}DpojDDBj^nA_+-PV?^6r)|!gEH7Ym=BK|Q9j_tfe{UvC5ZSA_s
zG@F0T|LQs@e<azIGPV}Fsmt$I{!0hnqfw)f5mOsOXJpP5Eb2{hDDlKp>i=8*4<Nk9
z&w9v-+dw$(U*4SWuCvh5Lc~8l{!ioQOcXFp%WL(06|D*+qbR2IZ#C&7mA;Ak_W6J`
z5_N`<0<X;`p2%f?;1Wm~m(c=p<+vX>0DYFL7Kc%#aB#b-fbm)ydKFJY(F{T!TJ<fC
z&aN#zn<?aCs8{VX6I{1erS$_(V~=?TNdlH|3a_gD3WU_Mv~l|<+Y{HMl;N`%@9jIj
z^LaOJedrFn8z#<YO6IJJW?lNZgP=QLUecb|+J3lc$tCGe?7O=XSs4r|Mh}J5XzF9Y
zGk*&vkT3>x5IME8MHDwBgL-1xi?8$d*A=K#KIv$HS1dLQ^D3f|)?bF@PP5k8DfjUU
zE(LX2H~=wj*V4UKjjje(;xD^@dA2<+goLc8HVh+Uiz(N`)4^=k^PD@wG8o{v;v^JB
zJDf2cX6D46x~Sl3$>*6%K9KtLJ{z_e`tP%Jqxq|AvH-n=W{?$l3z#V;W~Zf5P&~`&
z04I19B0upQTX?a>q9L3P0-UyrKIrf#m%+d*WEp|3mH^NcJ(BIxe|$XPRT@5XJBC7Y
z$u_pPjps>5iR`)~6s4L@!Zal^)M)2RJua2P_%iZJ@IRv1DrIjvv^vBX>-zSZPsmiD
z^3lPEp^nXT%TemJtm0kPCg`H_{eXoQw$}}{1Mu>^p)%!do~ZoFa2(_96Hk`GV(3X0
zZD9^QdSZ(HkA*8NE*g{;7;DtQH49;MnZw1FEh%qNmR5RLt?rtReo*I;ImhzXc6XL#
zM-9aek?$Mv6FmiV{}oBVVBDTTBo%;L;g=1?q+Av4MMS!_dlWi%QXKQz2<A(6<*@aL
z5WQ|f6tg(#=-H9^ZrkoKc!#DEm6rHY_Xme?ryI4ci^to+gWq&dvRNPHADo{w=`%bS
z+tfjXH@_%%29VUCPg&QZGGq@hIfC&RD(SPRqmAs78+xHxO?Z|mvNOxSxeAt{i>utN
z$$JgqyLt)F>G)R$P08@cbc-Tof1BvMhR#hO{bEKSWJ|3y;=H*I79|a`ey5X_xrpcV
z$%y1gl#+mVn=5j}U_3(n*%gU;Rjf$*XSxn`?-oT$VuE;A9l3Oq?zP&@DvY+YadnP_
zL2RH8mHd2N-DTk(Uuh-7F$T1tqfu#wPURG}jP_NRNV7Kgxg?`*`l`#f2(IRvgm3A>
zf=gwtz)+2GAZP}<$aGS-(%PXhXyZ~~=!p_P%86fgepelHRH0Hsjvc$yPo|m{`y6)~
z)2iIKkrZof!U;Y!;hyQJP>qf2X;_QWT$2CZlV#&rX>!f`=)l@-8W~4K#}bym3&M*=
z_j|6h#M^X~?3)a`uG?rkMj>L2l*+reW98Ep`V?Q~CI;h!5|CVy(iiI9vzw$mc(el(
zDP{NGscHa-Fo0@I>8ZvKhj=2k4@*4#NGT$Jf6??x|FyE;$gwFcwWrW{Re4IEd!U`|
zVj*0rpdxfcWI{U0BIO`_1h$T<yiAZ?2w<tGSf%Awvh_({Iv}e2wb35++oIh}9k)S$
z@lvQ{RLA#gl2d99=k-Eac#y~5oqwMGWm)iJcU+LJCIf(iesH%pIVf1w?F&4rOkMAD
zy+Q-!sIZ5ie@@AFBua_h+E3N}kJ(9Q>(oN$)cmvOoICa3#3&Tc=$9{QdI${`?9TH3
zBEH(E*tU75?gNhPhxCkcWp58wSRT3As79Sh$(yC^mY3A2daYcPUmKD~?6me}%VtBk
zQP~F!zPvUcRt5CMiD6)F$I4u~=9>*`r*A2^rsZMdgabtx596cDxLoThrlyqe^gveg
z^*YnZ36?UwYk=vcXdwF%du8NSO`XSRv~1?)#w-nFIeO)55+)zOMG7gYpwA^v#7Ap%
zWaW=Op*&3qJaikNgZXYX>JDV0P)l+ZEZVG?74>cC#87XW*WXrOqp-}d0B5#NU-3~E
z+V$O$LLMtTl=xZF+T`Gkd}_65eJo0UnZ*n1c?0pK=l6YYb`fd^;-$0f9mEq2dIE}h
zrS#l0j2Ox4Lvf~^>19AL^&{8^oP6Zl4^~`a!n*0&6lO3vS1{?Gmfi!Y^(X&!X+KzG
z$wA8JE0Sq5stg{~4D%^*83x*L^y8rcpI~x!8GRCqT6+*OAM_KzQ80D*he)>RNMzMo
z7|1tU&?&*`kSL)qYeyeasOP}LtZwtx0?z{V4SpDQ!csKaWVs3q7egBnK{TO6Q0$-r
zd1fyg-7Nw+n3ka@N%`NsqzCuuPxfzL@Mw6f0<#w`Rv66Wv(q$zzuKkygEGFqnk3=k
ztmOZ?o#!WoJa45>KA!)zeEn}WH&Olcr0}l#2SeWZvBn9M6~>>P6rLG;PZmY~bTuyu
zqqa=&`89Qx<;PdrKtOq?V-%&Tc(4Vf9A*m&<2~}ibZfjBhVJLzG9g&Q`%bAKHTh}G
zw{Twh&joaVhp<Fp`lB-*38#v3#{y90U*nC3a;^FlQ{GS}pS!FD4mV;mu6!+CTZ$6w
znx5tEl*_0o-mAC;1PYv8{kPF_NhreP9#1V^#B6s%RT(E^5(faW(I1~BCN`weI|Sz!
z)ysM}_VtV7>cYY;y2p-=v|AvoFtU9{!wX_wQ$Ssbcfp4g_0FP>`6xQc<}t$l^yPs=
zzXMvG=-pPXrbSo}Pq7UHkntDOx$3LN+z8$t+siQt5R3cjlo%Y$fk}mKDg3bn!9?Ye
z?|sbk%G)gSwMEO3QCDFkXT=4`_+EpRLxs-B5~ZW^ey$pTxm!8Z*(*pcq_diKB!X%5
zFd8a*AxPgejc6D-=-Rz4KQt}JXfxW69!s<tSbl0gVq$+eYL6Ty)2p+WH!K)=E%D8(
zwP-Omy?TEDy%I6ew$Pg$lK+P(CVR<x3%OlA!XKd6>=cI^V@-rD8L3uYWsel5cp)Pk
zCd_C{Q+=2l6&NAorr7*GdH+-qt3um0z4PYoJ?7fnhPua3BS*Mrr;tI2-!<ji=;oSi
z_9Egq27N^%?9YAK=^BVUN`Mv^h`1vZz+rJpnr2!w<m%N-KckepMHZ+CWb!Um73(0Q
z-C~2?B0JwS6C{cZ4NVF_Zpd472;PytvaD@SYh;+b=3G3E`0B7~{`>YW!21eMQ!&3s
zPJ432bM<g0JbKyMti*UJ0qJP<qSo*vvcFU>A?cbITn?t2p|hGyRv;tzdo+Qs#U+M#
zT9tCY`YvuneG-g&zi(=|l~S%5BjSdHT~<f%_2M7-!}x!g;{1hvEn~Ra_Y7mWM0Hg+
zd1k8|=^v)pmY6nI*mvXXF9{`uej(?JaHin(02#MUyGe@c#1I|NwP7fFL<Gx|oCXqV
zHb6l$hHy9;5AYo}m<2X`5GZ<kbc_ntv5-|wn^{{PqCnivzGjsB#N-02&x8?)KHJ_`
zEF?@aQ$`(yf0p~_fPG>#NVgBS?-1EtB(Y<uu|QT^nvXabO+MD~2kiY#6BU^`qd<|o
zXUk8PSvY(lVK5QCjg;4sq&}237-wg->$FeZ8hLvE@&?{&!Jf%@3&mKZB^p8972{8*
zU2<vxURXfAf4OkHsKAkGf82*HweC~fkxmY9hi2$mGRk|neOub|4DT21Xwn){KQz8c
zOYJ!1)-k+96QS-WQtnyv>=2S-#<Y_cZeWr_StjcO-83eFeE3YqqZ?O%IHezs3ib)V
zB;i3#l7cd~0ju_8CT&||V;?>I!^OEoSOrBctD(v`Gs1)|o}M>OGSoucwDY-RmWW>H
zuF70j!k$IfxU&+G2CP{{;Y^AK3j_2o-#M}XVVh-j0kMSC82pMuNMs(d8gcajL@pOQ
zDWvZ;&|93^r!36wZz1_hXM(C`DhdgRVOQ(dFehf9_v7SClCOAuY&;?@6nG9uhl!{o
zc774^M{ewG#2@ZV;Ad5qAqTa)V3LMpnC>1_iX|Z$h>=HM6aZctwG)&l)pQ6QWN$p<
zc2`??-b7t+wq=ZT(Dp7o(h9H4LQ21G0&H!6gcGf^I82odL_}RJo=)1v=sfrb=aoUB
zw}CbCyt!G^y;VE`n#gP24TQ+gIU&2mX&0as8<^{dDUPCSE~C|{XP+JcsM|`&=vd;`
z74s&Imf4I2m6rHQ*tQWFjz-yC3M}i&M&mB`U(I-gyc4#nz^f|e@PF=O211SW#;br0
zfv5g@--yQe>!Ify@F)Sp1Uop`cC&oYVou(OB)47xJxHLV;JAoUZ(pRj8mBk3VQfL3
zdB1jwSAwCpDuFXGqIySpm-qplk{$>zOMjXV{O^qb!##&dVEbIZDwiZp(@1%j3JLY8
z)*=<dVWNd!sukh005V5N?zTlwoT3I5BY`UnIf<)Rr{k+!?Gd-0yKUw9vb`xYS&Yi#
zDF*{XZIi)I+yxpL0n4^&7g_V7pRuZCyPnlGt^8K`n)+P1P|9K23el%9<rO5}bF-$y
zT=p#uYA|tr8;qM5m#l)TQ?$-1wWFANL&cbA$Hh|AhGaga#dS<(i6uEvh4RSCpP+Hx
z9p5jU<Dq?^*plLGJx!BU9<Gc_ulx7Ail6e!!Dn>2RM<n&*58zq^K8WZh=<Seq6a!j
zowi>z^qh8_K0(Foj#m`iuY)Tq^!QD%YB5J2z@*dmG3kZ4Nb*l$jZyZ8^yA7h^(pBi
zvZIY|yTirtD)7VQg!^;x&ZomI52ku=%nYAcX#p{^f<whW(}K+{B|np1u>Z4np8wZ|
zsQ+Kzw$`}+M&0`Uyon3C*PNn%e81fP8+`pApPt8aRL38q=<@%4+5fHf%NOLY&LG-%
zr2c5IWqXlShGz*`8cTc<N{+ja2;1FbUfzbM0qf_Eo-WY@8wJ^^f}KT~ot^HDg-*iG
zKf>c{A7$C*gI1aH012Oaq4ByMIr@=CaO@%Q>YU^XI}5Y%rn)up&=WIQI4Z;4Mb?>D
z&zEfbI)MIo-O6spRtXQ;Q|@|kdjIO0E6-iqezFhgxu=BQM+V8m2RKSsCH}ZG#5>n7
zzoQHt2XBrc3a912;`5ye>vjLMBeZv<^09i=#~?ZaJ9H@qqpD-^-oa?cCiM-E4A`6A
z!P?Ei4~+?RmoL9Tt|Gt^mu?Yz#jC7Y&mRzE!CG`No|wt_`fteT;X|;Pj0d3GZvG&V
zLD7%NE5QXLbZkJk9cKKwiY`dd?w~T#M5?<U^gM;IYnGQ!1J_NE{VhhJBDU88fcq#P
z(y~9|z+z0;A;9PRGAd=h%Yg3eDK-j?Y+F0kZcTb^%t@cxMAo!#n`WKdZoS5`-oNGD
zrKmcD4&Y%R`tUPaT&=&5Im(O|RUa=Rv3BTEwryRI?*K**UAi2Va-?Q_Fp;t`6SSvs
zXqVy`Eovn|-H1z0XfbsdIIUfkuFS^qmIr$B9UoSGhoV5wpqeQkV9zxQ%Q6YcGWtbp
ztzR$0NBRAJ(SI#4IsNVD@zg*6+Wq<IX-SB2v)g<eDDZ9e{j&M`y1I%O===HjUalE<
ze4HDAH2DPa{pR)r>ihUCMsj={_?2c<e`QR6p0lvsW9My5;DhLRDmjyKqQOxxWaPy)
zL(1Dv@Pt%$7mc?}=5Cs?lC{tCnOdQWI^5E%5~~n+BGb5m#|HU~Q1yG`PUl=fC*=kq
zsfN1puWfoKI5k1TP{CA{jdgiJ=q2{jZ%Z1ddwXpmWwRAhS6m!unytP^A}JQp+D!im
ztZ{i#!R^XSliuI7`JaOa{3c}f=IqWha`s*{iTlt1y@L<HF+BZ;nRwRk=9}VG`psWA
zHed_NNj{Cvy`LAu8SIgy!2LS9q)VgX&XS%q364*x6+e72shpX4>`B+crh4u$`fPsh
z+0dDfd0%;4pP<abQv-bTOg*B+>slGkW^3Uk5E!Jo;OeCy&Nwl;%6ChWkI|#-ip^l%
zo41x9enHsObtWub*47e1A_&Zg<XGH%0TH?`C-`G3=6qjM6_z(`0~epyJ(WF?iEQ36
zt5-)iUXSYBs@!dU<EICPTm9Le-Q)wm#<>OJPx%oW+1tteF}HP+<gid++<+u%Bcp69
zV!^^i>8SKT<ptc;idf@HPTw+!?O#_dbvb2M^o4Gz7A+*ER+dR{&(rvak6p#co7-HF
z6mgVhz6%?xu#G4erkl2l!Fnd?_Z7a9es=nn{E|`bmzVL1Muh3)2-bB{K~aC;M}a7z
zR+SFLgVEYO@Z)fZ3svGxv{i3?o<*WE{qfxQJb&=w=X`|iX0S*)W=#5nkd1P%7PAE8
zzn(}?C{c@C<UQ)b>{p$BDNXLZ`OUYv@ZH7WsEv}RFnIg|weJA>vVU#Xif$Z?=34|i
ziWf6Inir=2jH=jphMMTzhv2&Pnly#rQb?y&1<}YbOth(VDFO=(GiVqKmAn`iGPYyj
zB55gr8j;*;z_yIeDR#}*I+6ZPfGjm^@*MQ|X2W>V8_X+W@6}iScF{;#-nmyzE3@t6
zcy=ShVXbiF4_^$WK*jXBlz-*;aeT1KU14ALyO5AWCcqg%_iJ!)QLyTJ|BVon(a^Aq
z*wJj#?w>rRz1dV3Zc^mKAs#5~KMbShU@ZT{ab9#cb0W%F)IJa?2yA-l6uB5GFW=g$
zuMj7u!`I}FByx@w2tlus5hF&!Cm6^zJ?iv#^=I?*D45@n@Vb|6_ts}j3?%c&9)Nlt
zK73+Ay)v9XisSQLBd!3?A<82b9wO?aF!F0|qS3|m^YL%rv8+h#6hzAexoNf;TGzRj
zF4h(B;l$3sqy}E?IZ)Sa_JZi0r8y$qjC$}^8JNB^fm7HObka9xWmhF_K5tSK7SIGx
zd@_<;?@FtDi59si^FBP!2$u}Doa*VR<vQe3<<=|cBvxWuQtq>6U>Q|%)?kg&k(E`q
zC<I3hEJSl{0Zk8~>I+>`NU~{;%sL#4*Ghev?p71F__sM39Y-a|brtu1mybRwuPJya
znJ)Xi_m!u50zo8SCIh^W-#XRs+0xW~v!5EW3)71C%>^r+$#q|2yVhjY+1JV>m#xOa
zas@)Z2u=8%|N8ouMZ8<!!1&en*Doz`dsaNkah&tJs?1RNem#LzR5Kc$xfhTtDg74H
zzXam8L?mH7(iIne)$J7Z@hyl=Cape=n-LjB%UEdfelJU({eGC1)pkrm7c{vrd}p&X
zV6(u*>mMYWV}DT_k20sTB#9mia*z%U>pdMmGzLX5*6vIcahx~^bGIgy*S`&PR1Hqv
zu;L@mlLX;V=YqrqZ%RimRprtRv;|bmkd8$6VQ5&+_E>Zk+e%nnYFN=jqn7=f5PRjI
zm>+OtG=z{AAh&FbJ+5iWBk-l46_{Us)ByOQsUvZ~CZe<CU?V4$Qmns#A5<F86sZpe
zSNgm&I6Hz%KUMOhK55vkKTBU<Rz~aswrMovO#s^hO!W`qJe@=B8<3difJL^y?p}Y1
zLfpf?DCIoW(D9Ay^G^}xV(M3sHE@*sP3@l2EQ_Q3`^E2(lT}MHgsTjD3(4w9!C0dc
zOIsT)$RPIhJeJ1n#InJ^M3^UH#9!RR#TlA?V;6#%&V$Std19!{Pw~NnhFL+-F9703
zg6~qhZ_t}Cyo*A?Xl|o0sHl;>v(Bi!MdZBXK5`iIbvN6i!Nvknmp^>5_9L`I_8es;
zg~vOX%){}*UkaC}t4C?VrA>j}$k*2g>QSj;Ex@R~x4LwtjRFtoL}4W;yfY~U1R?14
z1xi6`TBwArSs4fF<+oJI4`2L%i25ELH!ZKqE*P4XIU?{*$6`0+E%ZdqssnW8<;Nl&
zDDsZjJnDVI9dfNgvH&eJfhLE!WJF~)#kWj7^w~8`#^`UDQZPxo@HgX8=Lr9-k!>dr
zf{REdsSk(=nBh5TDGU3b)-UX63(2iK1y7jh)ebh9<thtaD-NcvFg74<<1o4eT9><6
z{CB9(hOVHYpOc}_9#0w%EcWnT)^4mc!5@Xlun>wdTn3lq<KuYQhQC!;;4rDMclbTa
zzH)oquSCCb`B)Uw@3v&(Di^54^+vCiBpM;wyjMtY$!%~~x0$wKw8GmqT`Pk<ucMP5
zhwdx~RbyJLlH#cQDG-&_yM`qz@&26JtGd=|bhU|)etB)%2o_bZsGri*UyMH_n)XcZ
zBb=j}@`x_b`~5C?uP6K+hEYtg$ED|p?yr36u#k<hY>t(aebIZ~)zx((fUp)f>S}z$
zoBs-+MTc#lS;p6ODC!`#?49Fs9b7(()V^@t4B=wpzzl=60g=~SU|@&D$!Im`5i^31
z<Z52whS@akX+!oYBfKbD%`NkCuy<?Q!UAuMsK>p0*-6j0dw1F?pt3TTlLy88w0*}L
z#UA?2@|(55m)VB;_*bJ(vTD!;bCIGy=%~2zNn#<=3huHwpP{R+_W-b#Nl_)BrXxqp
znq-^Dw)ezd%8lOMJemHxRF^x<hVep8iupOB`SaCJm?2CS9=cvTxJfZL0luw_o$}%Q
zxaVa?Wbifzo^esddXcQEFTFS8MdEmL9X@9INZ3DaMbu*k3;%N4;I>^jq~Yf;o1&mB
z)+TYDZp;(5mjHc3fFX3(q9Md$2K})L2REzx(X%^{XCSzce$D$-W!8oHi*F4&<o+ZN
zjIUNfs!+{4D7xfJk^uUG^9d2o=c=g)9MtAEb76vmkLY`CjfLUs?FTJxAySP_@H`y(
z*;}y4uod?8vM<kN>d66hLkBJLa8{mZ5OPGN6C2dAM+glo&s`00J*t3OP{H42+P(UO
z^ikvowTM;R*C)97p&3DrM{Ug7lq>RO+V{N6fRARu*a$4d9JRNWSyzU+gs;l%pW}<@
z*8MQP{W_v?>K;F>fYhg=j@4uN2m1YKU;e{1yj$)Sb)f&5nEC0jZuR}R|Fq6?E%Re7
zb4oY-@(aB3i}e2uEkAO8Y)G?)^j;7DiT{ak{b7_nf1JRo40FAH2CV;Q#81%wwZUzm
z#@LR%QVr?DsQrfia%43at<$aqu@z$#^Ex-E5s3y_dM2**fv_UmcSQugBsG(lVK5q1
zmjkW|C#v2GIMf(xIdWu{3*N_#G7jbFMBlIKO%x`OnP4*ggRT-rjO#>H2ag`CeHgur
z<j`a$hosH2uT&`JT+4u!?=D|I$yNSB0CM0Qv@WH5A6rH%(abf2zOE8iO~h7iMl|5Q
zj>gWoIUZ?(R1{}fgv<3?%(`F3@<rBaOzyepWIt*O=*&lVi8m&ORVh8SOj^SUqh{I^
z7FiZ?>v|?W?6j6eAA?(J&%9C!DIm`ts4Me85BpMT5~`B^J|wbvA3;@+z%v*Uy$Qnc
z(QrSXvI*G7p+45JGPr6}BHf*&MR#?4VIZ&du4#`-T8k=p^Q>`_rDPCfZ8PyI4APPB
zI>v7@rNGt$y`~|ay4uLjkrEUjJ4+pr8Z_kNQ^r$wg|WVW(AXZe%pL*_kzLgT=Q=yx
z$A3BGmADM>l2yw^CP7pZpP#JTvlG|A>#HZ)u@1kXMw>*GsfAf{T!2}R2byQXuPB!=
zYj7x*k}}+<tqT{TAvOB`I_>_X)xLT-<&jZ_jcu&3-i4?&GO0X<(t_WS^vo-)1y*_^
z<pY}TYSH!(kD%mk_urdb??^Zw6uSHy(i;p3u;S6^7=$6g^^Wjz1f`|RA=VnJqn@$(
zNHthxGKn>L_vQ(Cr)DbvxW&JxYw@g$S)0tpHY(lMIR8+NtJPM@bk-jC1_7kYXO&*+
z>UC#Loq3t%jyTS!!DEhD>LZP}Yimk}`M`tOrmnxiUY(lfFGw91m4(wC7|Vpde1|h?
zw0nHCy1m}s1@}0J>qr9qU~Wro!r`F3$^@928>kup=<Ib%C=>x!#)KVJ=MCi9bShne
z--J32c*jwVCWAKN*eD9BykVjz3r?I;(yNevd0+fmQ^o7e8CU5QfB0hWJ{@hCDj;xc
z?U9S{gQH=d-}iGEioQE#fB;zDd_r9vfL;Z&L05t2%0^xQB-?{e#Ks|HxlLrKsN}0q
z_gch7P1+4MXg#H|QX)r4|0D7=7QaM|C}EzTsf?2B-v|;ViP)qh^(flOvF;G;@II?V
zhbD^lcTdV<9CKdDUs=Juc!)~DD4ak-;U$-+v>90uM)M>SXF&-7jELNc;J<cf*J}dq
z&kbKg_BI`~OpA!!srkUDo-7x}^C?%*>&SDCrk%t_&-E?f5@!Zj8!-Hk;Y{5A0dGX_
z*u1)<NmYgJ;6DCWf@gmhY<3X?An!ek`it{>?=XOXh^S|nEg|PL9wV1%hz{bepeoHs
z@4$7SvRjYbt7jdHjH&=8p*GEH6j&y$MAI14IbSFh=sNSJm5z9}gZ}qKmvvfQsB2F+
zm{pLA<Mb<(e#NOmOMtVen0M^oVmf6HE{f9;NDZiMxQZ9*lXp4ogw5OxM?b1<dYp5{
z_a8u{H|>5dB2zb0s&Y+HV11Md&8J`G@#bJN<!N-9DwX4fV5m6JrC9U)xkJNyjCMcA
zaYZ4w!5XuAWjaZ=7r5FS?8bWlO%=P0Qs~fL2H2zJzn^LK*9=>~;<*6NVgD*izGLgc
znm-J@7-iv@h)GrL-t&$jy$UXq9R{2J<pVTAS>DspWA~a7dkIy{s5}e4f=N<Ft^GzN
zH6NXbKUEuZ5xA8&{5yWI!F$z176rfKQe^;hw`U581gkbuHUBSAmM205dxXjBlM3)-
zTfY*Z4@V&m*-BcR3mME;l&yuh!rOx73X}y9BS6Z}uKpb!U8U1D%6RpzZ_<2lEZA~^
z@7ol9`m=Bj@vHyi$rN@XEQb)LSZl;6ySNzaC}ZjQ62$IKHEa!yY^ceWy1HoT6@n^r
zQ3O_F5%lP%o+5f)DX`wk*No?IQ|G*TiG>9cG+a2bL=jO~%3+cPrzoz}s6W~@IVN|$
z?O2%2Eer#siKpmaf8u4sd`{Lm)K(4$MJGg`^SoG^hIb^JjLSsR0_;*BCQ8cpQ4`nA
zibapW?upUBvR^0vdQ2D(-m;9DRywbU_s*wh+q3DjKJ~dFIiGu$JsZ}p@A2qUREJE)
z2YDs#Z-GvG^Hgh(Uk#<tpZ|*0w3|q>Of(TNi+iPBJ)9eZnX8hn?ZBKBHS+P6m#zuH
zm4U^d7@0|NMlCLSUc-bbj%ri8c6S|Zfr`dRAd`~^VH<PsH@tSh^CE|091cO`1Tif`
z;3rr{Glr9Z%nU!<-40$)j$DG5_aJmtSx;)nJ5Qc1Z;s;RtwyS>zVqW1B1Op|u~;rw
z1l@lga|IcQ+?8Udan3<->W|`q4yiR6d#eVud!ghGF;?4Z&$9ah^K#W4ZC?q_I{2GI
zp@emxqk?e{?kH>ZK-&llK~e<{!iEc+iEIhaSRo+jGSC_z?!br2b8y;;(Qe9qw;8u{
zL~xg<OCKztB8;!DX#w_kPLwKp1^oLZdXP!>7Fv?FVfpV!tYcMF6o=Fkn=9H5FRmgJ
zjgB*+C!IwWQAdt^?{Hr%i^i|FyZm4m_uv4Eg%1+!jqI4AfDc{`YKB2LCmGA4-PhcR
z&$vYA#HB`j!Yo^)HqRzI@;jt#^qm|Sigk$BFd@%=j9<>9o>kjS=BiJ7zndGfaj9DX
zx;cZ*H<}?q1GV;WIr9!p9Hqw=`mtxK9@U;UfRN&q^!c87QCRAwoqs^DZabf%BAZ&Q
z`$W3G(A88n3r2v1$E_u&Mzys^@Y8`>Sk!>pqHr!SpOmkQ@?E9Q{=#zTbqrbvibUDf
zg4%LiwOI$-P~R^@_|VU_CYL{H<oXuMgzXCI5ErdfGt0*GA~YXq?K9p)RHXPE2O{;T
zuaoQ;y%N?wYQUigF&j0CN3$4ra-&X<I*vx5>Hwk{IOi))`;jU@9&9Z7s|B+2O4uO}
z_xeXoLh&#*r;o?=QD*CsbSI5**d?jxu=6S(k!k8uj-Hs=KV}=vZrC>+_=$`+pDGx9
z{F!X*bjQ4I{#>%)<OY2n_Z_!1vqc~VsR73nrC0hqCU)BYDsV8J$rZYvwS+F))YSp8
z#EV^K7XCz6t^3CUdf8sg3oF#R(MS=lGu9_|dCKa~*H&cWKDbIx+MsjSR<Jmg&n%KR
zgz!|crSfg3)d)&UagZCPB!>*Mbs;0Ay)u?v%@b3`Xa_fr6Kk^Qw|SGze@nqk1`?CQ
zW4c6m*K+@z3CKI{{q$)|)a}d80_tO!+a9qsZ!8J^9)L?LU)9lgn`TWNotuCj$vWOb
zn#cEXl(3>HOcW|gt|eMDxV-A?tH#kINJZkwVN2t}gp}VWgI<=gj@|jT>u7;Pl94TY
zT`Z=};cmNr0D-XAo6g$|u#vFJcfWcJr)o97M696%ZZ=a};;gN1v`e(-h^fe6O8C8F
zh8haUtX9un3csH#0qE-7$6yRn`DBJ^Fwk}tqceIiprG8Z=2NO5<<#3#+tS1D7TgWi
zDw96Jpi~uOu>dP>&EpwmYi6s%pof8mzW4Z0o2w&+9B0;_aJQO{*Bper==(?+2eu6u
z%@m0%Ea^-I*)c|(pgZ*}Bz<@d0|XUN1!Ldd3i4!PABP?5T64|bfJIXGY-gi%HC=ih
zko`K*)gH8~4g4pfC@fz!Q#ZO$Xtm+NUp=4q)Kfq*+7oJ?j)=7t1s!P@aagPvO@u}u
zJPwpN2kc$@KO#IPp6l9_2Y3<_VaB&tD0`E(dp#+tPvJ?Gz+8$>@*RpugJw^UaFZcU
z(0OU8t4Cx@&`~?Xa?aH`gpw{1vCGgQZmk2iV}`~a08xUh7A7%?5VXLe7a%+|*&Bi_
z(wlB>);MZ}s0O{|9x4}nca2!7K35z%-nPe0oP}CO;2l5eJle9Xt2=zd!LAo*<gM3!
z_oG_fiKO^=@@v{+qp^Lp-V=Z@e2=EZUc&su!lTJi2Yw{EWVys4nzbL@Z=;SNM(7is
zNed@sZ*1Kmq)_V0@3er2)Dd8#O^8P=_N@xfNvW|!R+0G^<gM<Wp)V-|KUZn1Mu(Z<
zZ;g9eOP6K>KC7q8`N4Y2=)WO0N(vl)o!ED*1n~Kiq9=izq9=m9?QDHNvfDWA<rUl7
z$$J$f6`S{|cv0*ew>tj^0E9q$ztV6Qdtd=CuseS~#~&dD4c2Ds+uq*{qX&J0)I7va
zjUE^qk2fCJnCE(T>{53I?Vk_nM{`P6q;>C{GG-?VH@GpKm?gJ`EFVbCg>=w?LA(Nc
zq>0C|r~qKYHJY1x0!b=u($!F%iZFN03d+agn!8q5h+tPBD!1UdMtgT^X<I#QOzkgO
zwy+N%$(gB%SurooqEjXkZL*`eI{RMSLHGb@^vj)~Tb|iDx+rWBz7g78=m67>Hd2;v
zw@r<%>Ps}HfHWU08Db87TQzJLTQ?YPKDgXqF#RY$DNLyqTbe`<edq4ctiP0K@>opo
zzR)_7EYWFaDf7j^8VS6|6^Xf$xvRqE&ylH|R=bED$eTs#LAtGsW71ZVBJq=g3uB>$
z!Jxrt$Y3mBuyau94GpK&4cm=Occ3-<r10fiI)v1M?CSn@&>%)s8a7lCCR9o5npNUC
z`QK+Be)nm9{^zr^AD+(t?eD)k`>=oyzdir+`6v6w@6ON9&VKmY>#yHmz4|*p|MY`s
zwm10Kr?Vf}tG_1_IY0mNzl=2KAk3z&)cFk_8EsyQ-aA|R5rTs#rqjq36sc)y&$Ku;
z6<Bd=vfSEHgpB`c?q1e9YSfd1OttoeJg&80a;+IG{Jqs?LechC+bFlR5|!nfAQn05
zToJkDb!}{<9-AHuUgmWNH{I+B$U>&zFmKD4_;~uUw2oS8NrZ390^~c)VYf07xLp=)
ztBt#ueaslkO%ukBmCtE&1%9kp&BSo7m9u((@%w$dWmlDlin!K9;(L14h63CPq=`W|
zz)DsjNExok=@-A>oMKp3PyVRbx+!R-r@BHI6!N3lEL-(SecFE7e9AxFecGM>I6(Sr
z%Zq~B5K8;+mW!r_B(bJaB&Rz??ijmKWXEWw2C`VZUH|lx-K^)kcH^Gkd7pFd^TzwU
z^*$^Adv*Tj^ZorD;6{~fYIaqz75^AfbKdJA)OV8-Ztu)g#nxOwVK6|+-cXSj!&L-U
zn3d0!h1)kO-M5#<L~C5RQV>d1vz(W7C|)<zCExTn9tb&X&s44z1;Ws21_Pc1M31>;
zCTGGg{5xd(&}xALl5b7PRPDtxn5aZR5gE_l3ybKm%3ryKouc6NA3;nu>lrDGF9Jue
zqr{H!toNIqva2<`i#IRF@-@;`o{K<pu-Wbx&Cf?gb;Ab@7@wLEN^aP0W<rXH4UMrX
zLt)AZvO&|3y;=|ZeYC4ltLMOQ+_0U)Hh^)_U$~rkHxyXZI)-q0PsN6~QA=*V8|I2Z
z<OVDi-G@_U>h4RSHoT013R3WH$(0>_R~8=0<NCW4GxA2(`kz-Hxr$_}>A8F<nR+8@
zxclCNgH1~w8WX8u3>;dY^Wr&dH!tJWi`@`&MJ@%Al^p|@d7}(@A3zciSHgL8mnPiO
zqmRR?-{Fs(|Elnicbb7sFy{mO0ulUBfGM}79jP7>TC??@m9=|qS+#~R(GcodQvH@m
zWl%!}DdKj3aaJ>T!~QsS0yq%9`9&g^yjLSX-(n=w|Et+EETaDpbJ!N-V%&bJFaHUX
zA?6d;bhWhq&xYU9!o<Z;K^O|~BShtD@3fqeyNy)ngL0OqlN+`>nRRx^xC!&*Qk*!5
zyY8lR=M+d0C-B?JV()+*Q((i#?xC{&G=GN{!V+b#z0<w*;-Lql7t-NSK!&AD^w9&K
z0IP5&tDKAVQKC9ZRHMUjl&Ii3N>roQQKBM8iE3*5juO>TqIxiiO0leg$XqFE_A!?4
zf8D*CY-Euu0+8vDCU2<`TGtg{f)R5#b0d@6Z5QX6)mpq#hN<-Gkvas4D}c-Q8!=S`
zTdA)r*_0{43KwX#rv*_>X|3@ES?lLbxB;HsusTO8Rd~3z5W8Q>d_k_|)?xqX`7xGD
z=<MH`B`erSmOD_~K#><%z;~LkK8B_7J6NJ%anwKiH6X_Lzz0E|;mVbF5DWhG<x3Y3
zqM!Zh8itL0fp;lZuX#?EJb-?xkNq>j?hr!H!2xt}kL){KL(PlEFonLv_m`~Nax}Lu
zxshStzB@HYt<~MUx|`4Eb5qzD$|;O_ar_ZSfNNQsbf4Y`YbMaXSdHV;Qn54rTj&#=
zS*gzj6tqcxdXOML1L75=S_EA7P~cSL@@_2NBVH9E=4dp#;{`0R5UO$4MK|!6i(9fK
zqrpR`Zx}zE$A;PlXP7l(is>zxUa0J28NgOIF&9^Q%XvXJFwelX^$y<Y&C=P6As{Zz
z3uIN>p(0DFSl%}MthY+eA!-C(xS_XWQ!6B4tCiMHr68=_uq~@-(QTB$^nPw4OJ^nw
zcsm?~ON^WhqFT-?D|fpSjFFSK;+>TBYp&qfJc0X9E&zAuWK0y>Lw0gcv|%!VH9tai
zY$y0@{-AKtsu35-9A9%5&G>4mpTiJzQCB;Nh}^@Qb)|tu`t+@0%GH3d2be4F0=aDf
zd~Ev8MgM$V=+O=^S8gD<`^U1L#{GlR6ZOYv+BqF)%U=GuNhG3mJe=te7U)m>Bk?*|
z8gC@*frQ0jf!kH9!?#NT6eGQ6s1}R0mR8Bp#oj1Zp?(O6k9!9Y#E)A5c7Q7*w6-g0
z>=cuP357^qJxD0itZy%0lBeVhQ1W1jtSB!q!<LSgSnENjtt{b%J65$uX-Z58i9E`*
ze>@&?4-X)DHv}Rg58e&!x*w+;+YKQZejHH~R^YdajTmM2c+<BJ#+!UdB)uHFdmq=F
zO`|qE%ib^=U6MY7V{;Wa#u8_6;H_gTJAt1)(n0n}{7kWLxM)6N5tJ0uvR+cxuizmp
z8S$|;Y6I#uxzTI<K;v<#z>i%RDTHJyI=T7)6&3kll7YVZEpr)%-uxU7(fb{uag%p3
zjFV@tE?yoO0l0EghgJbJe)sg{ka;epJVIK4v>ZYO8f^PJi3LKaYrKB=7i>G+lGgV3
zyRz4I{qQf?_Ga`*+iSZ%{km<3<LH-ad&D-YSeD6cc~!~PAmG$q_s~`X51Gt0d*tpF
z0#Rrg88xSX+2}wnFe-=Lk2lDS78|MR;CSqfN&m67geal<t?*qa8xJqArNO-hObUuq
zwXl+?ioVAplyIN%UIb`r&fJ1}`gCgvFvo34a|)eeA`kl-N?LDb#$Se@f8eM@asO2L
z7@~HanC1qE+H|9~HE@!xaNl!9PQI~Yd}8i-^Y(qX>o%z$@Ha7Ca#scbupgF%onXt|
zLO>t=4Hvn=7)=}*2Of+9OzUjKtw$^NoO}?(4G)>OYcA;hvl(eAYwjJ2JFy~_5Yj&=
zCs|{GUAVm$1SozhU_t4&&b2<aPr;7NumzDMW%dWXW0<FK5O?*g>|nA<5n?Y~ECkr)
zl`p%tWg?9_q(^vM$?Hm&Gnj4TOCtl7VGy2XN4~y%8L}-~JK-5$wZh>!x|GnBuw~mN
z8V^-G_i+Hs++n&jJRjEt$Hm}|<SwM=Ky+hTF$2U6ez@HfaW&M(vEBsw9_k~alhm3A
zpf#1>vKe8wOb|ZS`PzpF<H7(=n4=ih*3YU22EE)VRiERjL}B-`+NrD_b1iqhfp{l)
z0lknU7nYt|S`K(9Fs&fn0J<-Da2jFE>>ib~zQknt<(RJs$^<wwS3w(*ZIVT(fO_{Z
zlQ}S!&Syf&4XXrT>{oQlY6m$!ZvJ|lY+EcthNO2GLl-*G(t~Z1oAI56^nc)X+$(u@
z9y9^mGr+?vscCkc@9`mf!eq{&{xG&2D?sg66FXIj1~<Qu$0A|~9J9Uz7)aa@xNo!t
zUNA~?vZ<xe`s<;})OxGvi;4lB94)R(mL-bLU%$S-=spO1$>gvz_?^()_#;EIGh1$?
zydh^cIdIMEO|x8Na_i*@&J|y)CuWV#b*n?=f4C?dctxiwt!-H5S`Nbrn=U8IP=y}*
zY`4?Eu3)O}rL*i$LkLqVIu#bmun#?}?+kRYKPqT4xL3!F!mY)m#NPb1eZntY$5)+N
z;z1l$f})UfjGbzl#1K98Ex8v(flU4is<yOTDnJ?Z`3=2gZBCpM`#P;h-f)Jc8^(n;
z(q^LT5eLeYZ23psGM}Djv(b!7NHO<*4$Z53@O(ioTlHe5N7a9WSF2yZ4{um~C#z8D
zRu~Q67H;wWBC94`@XfiXCTs(6RhdULAGT-HpzA8oqj6Q{WiLFe>%s~fjl#~YA&){z
z&{=yOcCtlcg%3I19?1$C_|X7}USyeU#3*oSC!nzZz!0<S-Zju-V^Q_imqE3{Tv&iW
z8tKR2C>VVISmR9<0L!73fg9V%J69n9lg&pBH({|L=ZY>1ECG8RD!SMW#`3{9O|e4K
zKoxW=f>mrQZ=E@-smBm8wUk^is#q}gW}JaQ?9pgNxo)dpnR~G?=e0oymkw9jD1Tlt
zoPhl5Nw0js>n3kmMSgT)RzJd~{PDJ}vHYHG%YxQy0Ol62iBJk=IXp2XhoAh$Mr93;
zYg}5~vYZdqmKq*gyxULYxC7~SS29doz{QHUg>1yeib%5?6pg)#fA760U9QN<iLKSg
zs0ba2cJCTv>Zw=y58LCJ+y$<vc!d9%A#qM*MP9QlwD5j&7MU`VCWR^f69bTr@u>?!
z#iWA8B*Mk?7m911Wy7_sY2iVvfbYgGn7{;B?b?_oxgvIdyTDj*jq#rt;yHm2uuvf%
zA1JaJKxt{JTbNe2NZxw@M9A%=F!zLnCfpgWad*~C?jy|L;k#t@9b<UBT-$L9Z5DS}
zgDPe-2voC$L<MZUf!@=SZ$~$e`MpY+?`=833xChGVQNLBrCdQF7BI^G4BO<h!zels
zr6^+NamP#2>1S`g|MBN)(qRQ|ll3CV%^#r<-7{E;UtgHg+<#b*uViJ4jol(fs~WSj
zK%^iSYqZfK!Ds&lXY4Rg;@3>Dif6svjaj!lD2WFyLpSPkch;`45%ayD4n2Ga1cg*L
z=l7lw3=qj7DFRaEsL1EEkb;q`?_PwX9RS7?0^{4Lc;o7pFxR%Iw&uG-D=W+l*mlXl
z+2bdGK!CeLN&N1`jPM0p*uUV`un_>NK|!zA2*>NHwgNMQ=KE5A8r2{Fq`R!2`}g^u
zOt?J!^`kL?{n+~!54HeNXoIV>|D(mc#Nksvn%pl?V8LS%4|gTj`dKjm<*DsNIsH~k
z>jJW4tSwQ<8VLtzB21Ycr!xqS`$)HC!DghEk`z*`&jD-nLJ;<mE7-R<rhz)s#_kEN
zuqbA_Dg8Vm?9Xq7tbc2lbEKj6!CDe}E4eKM4&{U}hdX!q9Xqn+N=xk_J^R`+BR8B1
z%_Yl1W;ZN1<u$R)n0>?5cQ3+g->61tpoWACtvJkW@{%4vuHb;JJ@y=0qi)P*Zdq?A
zMgd{f5mOgQm@VeOSHnWH?X_lr?hlw~wIFX~wWUR2FmR379yWX}84)aFO3`XJg97l}
z6=yPN-dG5U3MiotAPA-qR9G0NWLe1@CP-E^s`ik0+l<VL(R_~iIABjR8Ezpl$nvHw
z&0)p-tu41|%Y=OQg3wjXpkk~Z@+BK}>k%}%ViA}R0`T>;{5nIknz8%~UIgMMQao_P
z8J@zK%-y29ZLaB9y*k*d5pGFrjocC~NZv4YD+F<Hd7CI8gm90Lh4=ttIn_;T4GsT^
zfM+Hpyk(UsmGy)5?1>SvCyXO#9L7J^mQH{%(1MSunW(>O&-QQ=@xWrD=9P185CEKp
z;cWyi;qE|3C}O+>tJ`Era}H_NW+V-xI5}@ebZSi2>0lSl#3^ZN7U&Z*-0ieQ4lm9$
zH+e1d_^o|u*n6~1vc@!E1zIKE5T#1U)>RHRXN%#58+v=Vj9I#&w36g+ut9Tp-Tc|O
z?qjb6Fax|2Ar1VSL%;_1(i{jy!Kri8KG`}(eTmjsK@+;hxMncV$!|L%iV;%<E!9Q~
z9*ARjrpy-$GYN~EKf(-kZx6X5?e*I|iRf%_Z=9zfc;MyaaVXdfb}C!Puq{Lf17)IG
zQYL=m+xx*)fyk?%ZUKXJ%7b8c2^6h#h54#t&?nn{V**iZlPP<vDO`vh4&qC1p?I2I
z0!?nTNPYZz%gwd5E#6-8P{l$2YU#XVD-6Ete6>eCfu?)E-%2=2JERvPP%>zs@168o
zizDNqeR4&DD53qU-fK~t=kAZ9ch88u-@noi0s^)>9!SFNU)=!Dt4j=^G$u)mC$uMb
z5(a;JVa~V{v2l3)H*|BG6RCE0&fmC&30|@`#<61hJ=pq~WMQwby7AZ>Ugh(WLIl*V
zWNPNOJdvcszD~M-(&<AWUi*L<h5@q%XXBG_l}=#Bk~?ST^)Y%Ei=Jz*{W!XwSM#&$
zT`U@|z2-2>3AY8p=lYF|3i^0W0k-L19sYN?%%hoSw_v;xP)4dH^)FXFsgz|?*c@+%
zg;H;zp)(A!abRERhdV&$C<M0$729a=z(v}Yj+QR-FZcSEagj3ts6CbKH#pcvl#7H{
zm_mM5dhksGo(tCsE<BcO<3`!Rd#EM@V0>e0v)rZ2uoIV`f!<;Y%jH6$sG?}iR%S{i
z$bdPP2%085?qie~Of^g-Xheo#`8;V!n11dF>|i@Ea3Xw#Q7TEQBr%%4TNpEpo*#(A
zGGz+B8jbn(uO-cH?r4=OsNg_rzT~=#GnA!#!AG2))=6<b_Tr*1`FY(XXWrQCNrWl7
zgjX`lTAkYNcZ(hCp_U>=PQiKGq9tB$KkGU~F#v=VivkEcC-LmsmmUX(r~NZYSj7n$
z?!6}kB|sM9^&Wkt5V~41M)+2%OH|Y(=POr~%DQ4FHFj@;wdVOflxOvp0U9Bph(L;H
zeJ9(9YeeahD_g#N))TsuscL4er`Y4OGreQ)SW)PI@5gP`VyNF((-Z0uSVLX{DkNTK
zc_quznBuqR{eIg@`T%ieF<lcU%v2Ny967?ON>+F@_M4d|0DD?hc<M3EA$>@Pr`rAs
z1~@&Zt{z0nRyg|$tLZuUR^h<9bHRC9N3`t((!M@!Yf+=Zy&z{7MY-|b>uH`Tl%a`o
z)f<man_pBCtAGR1hi(2*Z$0X*N4>Rs{a4moJ;~<4E;^~GYh?2}d*BxJ5)DC)rIQ#b
zL0h1w1ySI4cXYQ9m<zzg+FHTi*|&aO(O^iuf3+ooT(q9q^|p@m<Q8L&8NirQ@99%z
zeB1i>EMsMzXjmuy@>!5;hAKw4yCj!c<0_>kQq_DoXEo)8YR|m)!>4Q_$?&;0)d)^-
zIK8v&zopeDP%pWEb!|3&xjz^7>_>IRYEpI@JmNrv`hift3#a?l$C3)I%YQ|AF&<U#
zUv^ovP7latQ5~Q9B){5lk!V*Q8AJW*4Ha54zvZ$?837Xm+ter_V3PfknR5I{E~6#Q
zc)c_AF;W$DkV0x&H>wpMLG}PA`~x~^-Hbo9lo+Z=+rOruv+q3{4h`>Kse$6dPbHtf
z<nxT^?Oq4P_x7*J6>w9};ek52zgR`w{x!)!AFG(#zm9w1zs6ojs?d9%-7r?MH<ji{
zUEkpfzNylAa-H9_2n7O*dRpDzM6%uLz`rV%GT~-5S{bZ=bylw{#Ds;l0C@194XbvT
zCTN6*6d_USrKNbzDp+a8Ulo_zrwJQrHN=8lPN*rCxUz;Tj}6usOQaYmiPFE4gXqY_
zN@a;8Nx!05sB&34%}9l_gi2=pYuW<CD^lsKf2CJGn?RK8RY{9fLhD}#oZo4c()w3w
z<+Mqi?^RhFsiZcEWTfiaq{?dj>!87oS6=I1$(7h94NSLc+h}FBNi^$t6}NFvzHyQX
zRoxz@nR`{<CXo$SgiEdZwnude&o})$WL-`PrnXnQISsE+6}kO;Bc;mv*F?o_YJa0u
z==#@vbiK(lIJIhBvToO@Z5OFxmq;{H>u#{BT_WkU+IOzXU9ysrTnjIe;?$C~{p+zb
ziu;8e8cXDhf}&esss+3M`~Wmg!suLkR9Z)mh0=Uz6Kkellac^4VM`<J3s+L`-~k;a
z<mEZ0h*JnZ2?O}u5J@j%pDQ!Q31qvtH4rIreM$0)-$Jr<oA4nklR7%hbK&x>z3Pm6
zP`p*eR4G#fEeE@AB!&$jzS*#?nv_jdN|n}TD)x2{7;8+fkxi|`?9Q}(0Mh^odN$4T
zq6;TuTpTTSMvC)Uj;w$l4!H@BOKv8n-=3agT!-fc(&~f{OPRJ>JKcnYVFX-(I%HkA
z&qP&qG-(pSM3%A<W)0_26m)xqM^g9O=2E*C--hrcI>XwgVPO#~n<;JNea~mMVpWyO
z29~>F?$j3FVz$b1l2u`NNPAJHlw4ui0q~l!q)<A|`d0<!;+j#!5|<`_&U3%bFmXPC
zswqfFXghp%SRd|0!GBwp1t&~G<N9%I!|`*2Yi@$q_Mi~7$!FhdnNL0J+6Nt|bO-Y*
zdFSv^slg#Lf5i)?cB+P$<rI=zWQrKx-Gg061_;o)4?mCxNDb|SR{k<}-8L{K&Avax
zG9mQct<OYBA-UH{l5SjSox^O5{+x(*J$gejnoeh0UYbR15ezH{V-GLss*+n)Z`f#z
zg9oT&?ADAb&QwkA=+1)EQCEl+jJy^JdW2**?7vO#z*s>`v1fp$g%oSW^D&|hcEcf&
z^p?`WReWg4zeC)oR5-zlt4s5Q<1HX&;&&`3D%-FvMI9x`5uAY(;TYr!tluUn=$ciU
zq>Z@Aq_|~O4Z$UA!G8*#(bxh91p)^28r;8-l?|dEW&vx_-{A5zB8j#&6%L$nYhK%s
zyi9Jljo|g}3CJG$c#)NQlCxV@JW+f-r&YG$HOurl@`RRr4jmL=@Lg>4lxUR%P7n@l
z?ar%>XQf?<*iDiR2!HqL`h9RxjW7UA%|sctrto%R_0V&%!VuxmGI3~3OypSa5|1IS
z^$OK2Arixe9*|lt$cvbJRPzah-vJ=z7j(;t7gP;{LOkTOLIm_&Ps{x#HjX3HncP<f
z)9baxJ$42ghlE_Qg54snQDESxaJ1f;i5@?)(i~47kWKh-KE#HYd|LK+oCmIh-i5}1
z9YL+G8@3CUfUwt=mY~TxlqY|8PzSJNlpBj05$lqag~H0c(jZG#tgbk_WrS8sURM-=
zF>zkuREwE(Z2=r`d;`R$rrK7GvN=3PXhYp0E_Jz#qu!<(RtFlzs`<L%IeX$QiLgAK
zXw54UEY&~b>Uxb9Xv1c2*iLy~T_<J4Q7A0vimcXDA6q~rqcvO0O8<GLGFh6r1WDuE
zO-Y3EYq~?TvlCGi#>4{#E1cG?POZ!v0H!-mdg5BZxqFah5Ko2Z&J!93jXSIn{GSbL
zOQ5*$_E?86Jr$~pwB^qD8KFhJk<EI8$;GL`$y;ht)(ExdAy|pvD8#fQ%%E$<D_Ux<
zT=BU55Dd*7X?EeVLa_K5FLoeQiQGh2Vb7vb_&jIZQr4h6!IJeuj8LfLSm5wQMA){M
zJItr9E)In@R-9GpH!!0q3oWwY6INpwx~vcA-U`_k0V~_kie@#dxT<-E2*Pot-Yg8%
zj{rqj&+kT74{5RKo995S4Ge3dkdO)|_83rNpCgP|k|%tktsv(8O@$4649Kuw04{7Q
zRG5$D5R;5jV8Xfynh}aoh_E35un5gCJXjL=SL6*HLuw-MSG3XlfL0OEuL#9Gz_AAc
z{F(~(1yEiI%izI)z9yhOCMQZiPLlM)CrCd=a`cqM=m{y$6YSt=sm>GAoTsGtPH1ad
z;_}3#<wt32TI5$k5@kXHWpez=p|L9ypt2qVChJikvZlggB@=!WXskzo#d-`#tm$xA
z9k8ni^<*fleW0tD%n^aX8UneB4Mhk7YZTxrx)Xx%S0mt7DV>i&U-d!`VoF9F_G%B*
zDke@uAg@Lwq?o)FfV&z2vx@PR5vZ#)Agc)ReVD5>5UUt>@o<i&09eJQ3@JVac-3P7
zS3Lq~)kMH5PwtQEp>eRPdrjInP}M#RRT6WJfmBUF!$=3Ha`*w0bfkv^r#d()=%{BM
z^{k_wmD<)sxTnW~dYS<9G#RNq9pWiHu_p=MsSDhcKs5sGGyvL^Kr{sFGzi#~Kyw7r
z=}|!l|4Z8y5&@YW35@BHfS4wNFs1T~WB{fXUMWS-Oaou)LMtUnZND(^Qo0nB3b=G=
z(qS^V%yeLx$)GZyHK5GB!DJo-ROzz?RGNf)mkOkGT;sp4HU3awNt1w*ECf=DV3P!r
z<iQ^$(2N5ljYA(LkRJv|8izefAo<y{hSbuCNnl6^03pTA!P7yI(hvUW;73z|kK8aM
zERs0rQEC=@GOWcE7$Xm!D1kDGLKy8q6D3i-AAHeN=%NX*Md^@5(}t0NnQkgv(PWH^
zsW3&U5Jer>q2vya!V~R74kgok7-*u&13L|pC>f4uB4!tfK@oWv9O=t)9EPa>u4I}c
z5JbbULdjHz;D-hwg_0@W3wmfG?9c&_L(|}Qra%p)!VFD<7&-uQC8ckZV1*9Vd?wA#
zR45?>5|q%4L>QrcfS{BvMj?dy;6Q1n<Pdz&ATUq@*<t9Qdx=vIElnRDOf?MzXfgm$
z2i_;m8u<%@|0Hg{13`Zd0Q`w7G?T%8;;4QTfqoJkD31g3^Y8#a)4_dkP$Oig0Q-!>
z_C($>4C)hs?1^s5E}%~WTu+2z56mYGswctiVr)RkFg+2H{Vbtmh@R+xB7n~nc%EqQ
z`AFQ-C^S!O`vY*#G+3VKwAZ}&d?9%r502;Hpqoi2Q5=Hj0QjA_nl%Y}#{%ob*w}qw
zcP0(m#Pd20YA1oW+#6=+!LmGI1E=SCmKDqN8TPyv^(~kd4K)A%+|np%RyVXTWHC=N
z-G$#y3xfD;=!5d9&pn$`3kfjY7Dxm6eQah9QF}YH`8~!dc?WLAGRAM2nhvdpe8Who
zAbi5X*zJ+=DJ4f)p<}6Tk7<X?qc8_f|7hYrF#b1<q-my>iV9Yn=s+LFU_(V-XmKm1
zVjhP3a56gM2<4&Df;EO>?G*pXq~Jq%C%<JvZ>a_O8#D2|v13$1{Fkb!$Z3_6zqvhU
zoeVos(~s7wn`C&@8he|z`>mLl6<hI-h@YaKletv{$Q(~M6T=ekf6GJ`<hSHSqiX2|
z5ut^%QS306qH86Lo0F+NoUo5n(_3V6`((SDXYg9*@%wNRp?gu%$|e{s<*hT6%n<>^
z1qe05wIFJXgPfBNe>BYpO4b#}a^e77;sBo;IBB(tY%)i+in|~m#Ngge0xB_q<#J`#
znM1FHRq(=X!FRBbFU3_Q*A-Jyz6S7ZAbo>WgZseeY^tUefI}(%lR0YA6lv}NPUdAn
z1zQZX^DD{=eON;)5{w9b8@2Ylg6H+C_8YEwX>5CunpImaXn~mqx`}UO&aiPt6M5bn
zqqsiWYX~%y3$8Y}irhH5Q#=~AwrVP1weD$O0w#j7+$E$FA#**}5sGa$y|vO`4SHK>
zK96f4rQ_Y6b;q+a*^`D-Q|(T-ZJEJ@>P=&W=KG2Y1yC<=yVhofNnGl;7SqoR+luWa
zz9Q^nNm1gaAdu<vWUJ*d7hO2_CDV+?`oCme_SfLvFK@F2o_dRs)A0vu2tECK<Zb_p
zd^j2BB_B?HhS%Y^Kgz52w)P{x<&j6Ozg9n-4CT8*Iti<1ghxYTJN7-p$IwZ^r2zF<
zXe9}HWF@5tO;3*cAjpN!7ENg;BRA{Kl7z_)JKl!<7CX|28zJw6lU+djmDSKm8#`cp
zc^I~v5qGUnXza6q4MH&ydM)DK6pw?Dc~@<KF#xX(cxF|p#f@bVjkcEFQQ$aBN2;6k
zx^wm2i<tcjI%~nxz=muD{96!My+}}{WX5Sc8V=^lPCl5tjbpzkH`L1_b|x&aJH@Sk
z!ANy$&sv0~$@@C4))f^^K||u@-Y$Oxy)-EZby@)Gq~O!fHt_UbL8lR=Q<1u&*^TO$
z)uXzcrDE*d-@P#QL%oSP1YP1rKB}BYmGdE0&Ni>5l$Bn8kXgTth88RtDQLB}`7xfc
z(j7S_Vb7={%yQz`TJU8Ghp305wq0ERY-CMmCY-Q}Gc9yc;ymqdSAEFna|q1ysT-Cn
zGl-X~A)3ByHJLUov{Y~20OvV$m}Iob8jK#q_f8#KFN+BwEV;sbDVEPhdZFcy2vtMD
zK%N*}1|i#4wR75$5~GKgLs2m+%epdcFEDI}7Fwc%Mx;2$YZLf_K#eV14N9OfkBE~`
z(<D%ozG5qEvZ$%|NQCG_QB%J%RR>QNHLWlipRHt3vlS*IL??=x50UoxFrua%-J_8B
zD-;qvzT3&qHGD1gTreA}5jm@h9mL+C#PlEwObT2(Q#_aLL)NF9H5G&_y|BONR=0ky
zH0!X7^YZ)J67j5?;Gjt|y5{KGf_O03wqAhADOyafYpO+|)9|<^`7}GDH5la5HpY5>
zquw@?sIO(trbc5QjPh-)X5y4|kAkZDs*+3go~Phf^t#%4+QDw<&v$_1x=hMEBPOEG
zj8ID0?@Cr%T0bZHgqiCXCOk7KVp;bLZN$1s2M<n{L}!Fjt9ZL{(F&&_rsYK~=4t^F
z&50PS3<v0EF@9U76kSgrH1nJtsZFz`VqP(tLp=raYtp!JkpsxSSoe04o)>Q{Q-*6&
z*DFR<s1DFb&+##gh)0xsta#TJkVxt_)%RERjBIJP;li9FXdci*Xd)s(>{=%Xy=DMF
zoQ4JhLcLv+r)qCFQ>$_F+GwMSoOBrSiK*&gOws;Hm_&H|1hHqtgHL%ZMCm}XaP!o4
z6h405@5;pOqu1eWYctYEPnh%~k@kckNX^ihr^S4rz?u}5lAQJsi%&9=(qK^L#L&JN
zsh)5a>8GCnF&vI;Bg();5zRj)=y_@cSVPc60QQkSbtG=$zhjdjLxID?I$naoVP69r
z9s#S{C9H$!dftyoo-p;V_XC=HN=91H6T<V#l^2EKlWt8o9&T=eiEMw)hp8GitX08n
zS;raiBqjbHanBExS)Y0i^iz~zLb*SYc4rRHQv#RuX7bXdg#;pq5=hQn&0PDhk+H1D
za5PIIfw(IOi5msVBQy}I+=wl!J6UWqu<a)hrK*RFIK0hW5<>!$!+~hs`u@j(;h0h)
z7B`3O{sLaJViZku-beSEl*86G#M**4RKEy9sQwdkCa7*Wp7hI<RKsqr)q=c-Kml18
z+-8WUnK|L%(Bi;?v0Rx{1h2Nk8(FjG<PEzs`-CON&Ji@5wFz9S1~$IlV5-^rB{DZG
zyGgK!637=pv#)E5=1eQf3%@{Av3uBZ#x<?h>`;M%^tn%jn&C<*6P7Gb82KdXaUdR2
zWF|$%i(jJLK*GVAC^D8Cs;0<$aDV@tx0W~jaZD)xIWjYXHw1pHWnuk9`-9OLfXh`s
z$Fr3Asq!i8cXZTX*CG8LiJ^4)-q8bLqpoSTF{z383+(LS<yuoLr3!T@5y~G-JQXhs
zM*ifo(r0Y7Vp;v~C`z~a>0?viGQ<C5KmGgAq{d_ueCybv>sB{~TRVpsGu=ZfdO)Df
z3-T%mKaZ+ARz9Rf(IKLYWa&+8BIG!&7<nVF_0%*4n~^I>XllO!=KDsz`pB}T9u?`L
zYd-*f(?uF?!EUgB9k82riCP$&@r@?Uc#e$Q4coN|oCabCiz<wgbc@HLlpwyy|1`N<
za=YXL8)vL6vVH3)QHw|*a%dbh>(D`t;qG)s`fVc4PAsp@Ae;>$>Ui)tum0K4VnJSd
zXl?k_C|&b#2VO!ycE^i6qZRu0O|@(#O}vQaKBE-1NMl(~yAn)+!je`s&zgc(wo2*l
z;CX15>9sy$^HDvZ%RKu}^$)3%Ra_zzYRI<S+bCyPwZ^Vlxw3r6ZE6qhE<n@|eMNtC
ze(rH{w__LNFFTu&9gL0j!#qqI&9*U9)G~pUtRT(sESDryJe%F}tUh0m|A$o)mYra0
zTJtuz$oi~mQ>vaS@|2vxW8>}IZdr~Z=ebRG#l+UJ1!DaGT-5*i``{u9xrCv~Nh{|&
zTehJcF|;oBmV!A-gFJHp+6i}}2b<(oUyiX%hoktPdi_ySu{G>5+&u^Guml-t$beYO
zQWkQ(yDlq6bFHG(6>xxq1tz3N6cB{?GDGoT0cxa)UdgJByhFTacxO=BDP^t*-AW@F
zVaT{`^&xT(#6Dg}@EbcF`o@34g=N)}te~2LX+5-bL9S#TSe#B6L}t{(7sLR+Mwl?r
zoMGll*dr*K?UGgC|J6f<N-VFsI3(>n=W<K=sB0_5pfv>~@^RoH9|9OM!F&HWV33nx
zAT7jWl<qVD$aLFf66oXOz&%a@dYoV=Ne6d)ELg`0fQ|-`FoEd7P>vIZE)~A<F@PJ>
zAsds?(UQO#TM)(siU}}{J^00xeJ~2pcqs5<GUVcPzjVUjCs*ExKr1GKDkhrYQd*w~
zp*TGdGjW_B12FM%pc1EpB*p-HCc`79h15L+Fk-?AOSok^3}QPye`C8e9sT5W=NT)!
z)JBACPi(Mo;9(t9)Ish95OY+4QLNY8$yN3?i3?a57G^wb&9f4AA>~a|+Bt>DHvL8}
zGPyM}H?|j4yAV9y4cpC8@x%MuX~o#_j#|)mJSci&nK!v=i`Y*YiczvQ%-`=NjvJH#
zHNw?OR!g4epbcRI2p`Y?fcmSwiPt-(quVU{ccANaoT!He&{vX7&OD^68LuZM(nC|n
z4HaT+g53xj!_9(R5YZHn{1L8s3K|C5WniltgXUT@hPpfP-CWc_$Lqm}1KsrQ5MGKa
znRhkf@p&JGS|exn!_wKM&PVeKB1e0|K@&d+JDf@na0;vXczwg}l6chVYrMHv#Up3y
ziow|6_JZve%2iu3(g=3T^t9((8Lwk*JPkkUmHVwwwB~BX^#K2`m-3CQt>56saiJR_
zBmMe0rPkGJt-7}*XkCq2fZhN_eca5n>Y5VlRzNpwtH9fHZe7SFEo@<v@w4gu-o38n
z=FirG&}l$ukHW#u*AR4o76rWxe`1xiDO)Yk-i-meiWCgI!BmjfT)f2lJ1847csu!W
z{*x4pWJRNDR*g@ST}BA+sTa;OloViu9hxif)ea*VrD$wcRFN;9eDUPjbFG1(?}REg
z8<-jW?q>_~X_TVw$usf^{{6!I`z85AJ`r+7u89Ay{)c=bb3MqWYoXD6HtRCdj0)s{
znsJ*o4#zCM5?D?q17>;M<uCrHeHK%bi4=yyvoq+zIk^MN>XzQ1_4Wd?Ty$g4zMMZB
zFDocTm&`4fP@vxQ^z7OBqSJNV#V^_}j?%SV@AMj4O~npgInEC(E4UE5JGzT91S_|!
z`K_xTS5_=zxr0~4eavkr5WZ}jgYkMnE&=$Kws4hj^f*scTk`lBtnH`9Eio=(nPOdI
z!6%;W|I059w*7D24o(zH-Tj`YnGSF%%TPx9ms`g1{iefvhqw_kfuISRcy@P`i#wdE
z?dObK$=un$N#wW(|BWIaPP+W!!wGnFoI+zzrQ6isPyuGUElO7DNkq8j93`{^xpHTG
zdgB1uw@{p74bG@)Z$!e*I9#|J3W1@<r6+~QUl!!TpzVSuE(i$~ndi|tvpiv(=iea$
zl#M3XVp^^yV;Iqu#E3LdLE7aP$aipCR`6nGvz)A>WXU!ZYNJCPFn?c|ArCB5eb)GZ
z4xs0lZK}G{^wew+xH0D9gm!-4=a0^u)sdS(iVo!>2M_asL;H)FHwvMan*0BdbjG)5
zdHBG4ZVu(dLmK}L%46*^9bBD%IBR=*4v_(tNsODN9P`k^o#z=|H~~fRx&a0<BZA$*
zsTf4T8yU1V9M>JDGc7mJMloA5Z=C5VJ+W4k`||8dGAB>Z^(q&*jbIXe(Zob0ht%+T
zqm=?ZBMOl2fqYMR=qh%e0yln0?kRR|P6m{^w2J%pQ0gA$OcpX{7poN)yxv{Of@f(F
zO@JoWea<_hH}a0$F&uVSdZYcn0-v+rh$s3Fx3=J%az~w!TJ4b&6Uh}!^V<^Bk!i)A
zlR5dT6ta4bQm+7fWp|W~HX~@6@=?8e2eX2}Y_Lu|Ka{$&Z4`xRZ~Ubn#?M6XWw?XZ
zKW^ZR;b=hZ1}EuXVb}r!wO#>>-hP@F?3NX7BiMol-XafeV!gsHbvG540+(25o2?4E
z9^ETZ3x^)r_YmYTbrbkcg|+~^Vw?|P&{lA{4=(G_;_;R{t{lzXWmB8C%>Y(rZ4N~J
z70dC)pdk_sEqgXOtWMI#<;*(kble)z-5_=#5|;ir$q(YtWj?-b5Ub>nbv|y2!l<jC
zb)DO_^tZ&w)%WfF)<|^2;QWQzLPP8V`k=xkDgnjHmN_*t7*{Spf#*!rJfnp#rMB2s
zkptA0Uf05j3k4$Iw-gAY*#<+b@df`rzH#)lo-CW}hSk=KRPFSO%BChuT2PVcjna>@
z36!3Jmm@`J6=IYTYAt2(N-tKE3svj4gcLjKb@ZZ8a;DjhCA@Ep!`eacd0eXjWyKtd
zjJ3%?&husFy?5}3;KurlbwSu-4KDTG(mLrD9oR@!3%X?|;|e2;s$O}x6Rp+J)JgV6
zN8~dtP<k&6X$&Xs$!?3ZIC(O|xBg_{xV*OpgwalGF6$x7&7u2w&pwrAOy5`Ax+fRJ
zno+Y)$Gsk!?_=$tTrwq2Po4G3<kIyb2(>uW(F;c@pIPyj)T}5>YMxcgLH(>{tABH#
z+_lV&&&L2kpO|rA+5|{|K!fuvguA`ww}3jGV&Fq#=!O*~saW0w>N7wi;k3W-tpO01
z?@<3vIum(<wI9YedFRmPE8uU4^R*)EmQ_1aN`=XTz~ZS=d@Z&i-~P(RrGW+sy|c>J
ziP5%Bz=|U~?D-+>0iF>*Y`2Oj{^ZLi&z?NnQ}9QL`ilP*{MTCL?Z20+0Xs<`vcdGJ
zvr`fc_d%b+7hp&K^1QX{lP{lq@#NW=?(-Mty7!)C{)_pua}od$>`*j4W2$4DzZ3?i
z?M_y?iM2M9I7&8ya&^|TyS3*nY(H<u-br9L;8Nf<`R!I#?6>2K-q9JgosXHmBP=)+
zw=}orz`@_@;BhqHXYB)b9U3!U(Tt1r3#g|bi4%YC-%D%>euHU?iQVM=h6<@Xv3O|J
zu#Y9HH~_UeSsAP|Te`ETeun2ZrCI6~D;QPy{Q${j#V8asx}yV;-{E-H(HPdf+&?4m
zVxVeP;pQ~KAgfAl7lgbvM$fUM67!qQ(>H7+2`94D#AwED_i%sXW!IWQUiIWMPx6*k
zx18NQxs#P1;<@IYb6jca383aa`ArCP`2E|LZ=aKkJU1+$QEb%|xY^W#(2{@0Dg_7Y
z4c8J{!}C86Z^Fp9$P(k~62|5l5)J@}78<38=o)85YlJoGBi4i+f)d6yEu}2jz-k}o
z3d0eM!F@a>2CTEQzv4skU|@H*`4}Js(RyRok=^We|AR<0Ffc1#Sl=mlKEcAEB^5k<
zJFlB{|J1D=VsZ3_DNmx>-#UTiaf?eVG6-fN>b@c;Gg@WN%0ljjEDfPono5LCJO$@F
z?^blds_p<o5}%73?c6`K4^Rn~O|2DGD4VisifdNmLN<_FotL&~7k7LxofE6CGLfV0
z9k+6agi*aKIF(IwrIyhw)b#+-H4~5vm%GZDO##7%rns`+rDii6oO9&0(F+-(WUIe1
zC2^>^3)bd{UQF9Q9g<rFue+l4CP^>TH=4#+4<NppXtlxF-3(M&1Tz@mQ6P259#C3s
zG9=0A^HDI%sM3j@s$@ymuuPNs)_<r?W<r&7YqmiJXpnGMC?e7Zer}|K^Vl0I6Aoo0
zPr4(tl8rDSUI9ae$=ZC~Yv>yfdfSLNE@gDd>T&Iu3-WC7?CHV7JbvEq2`Sv*;oD3y
zMywEE*Z9G$(0b8ZQKXp*Uz=Pt{m|TMm37sy8GdzF@tP$h=ANx+p|BozTV46Qn`sTV
zgu69%JnKs}%Y*l&*?_PJ+imHV;OV$(*V($AE$Vme<b<5zou`UaQr71OPoL@LtB++`
zY9k<8Yi?hr^m$y1YsVtc=f9Y+2F16$pjEL8X|UJW6VL;hxaE}us|2~F6>8M3Xssgu
za`xTDyMMg7c>U^p<P5@#+1|ED8-B~Z*Yqc7eChTk&bC|60PrT;56$VejaIjd9bq5A
z0dRZhK8>iM_7ocYRr8sL(=AOg*d);>N$N2KhfNX50#9Go@g<ufx>nY)Z+DeDem>!)
zn^dT0DffycQiDkY`NPB3PTfT)$&1cbty#Cnq}kS`95g=1<QjUXUKLc;Jo`%_vm4#_
zMAP%olbxOla`F8&dCApHynrnhuI=LRP+RTq^i-jEVBu|D{2cpON)>i0*|9maJhH2a
ze5V+8cd5GzWoO4sO(_YuEA>8t^x7S6yx;onR&DumTNynOc@9Q;CmV7{(OU{UWkKHa
z@;P}WRD%(4b?-G{nx<u{DNU&v;}V5gGpK}OZE-2cD>Mp6(&kRs$NKjtGjj5ArSw0d
zUa6A>x!jfo&v>n660u@cg{x)B%mYE1eB}!wkFqF&??+>b7L#*{c<JocD@bW^>e|`W
z$8?ZlCbwlJx7<URf=v>FpG!(e1UF_#D<FGo)IDOCsrN-k_y{_f^);|SFIPlj8ph0I
zjG%X(D|b_n<Z@@<t~s!`2q6i<{PZMew@*|~pUt2NxKhH2s@;B4MNXcbEXcK$gl2xf
z-F-odD_OaQfFtwi2|1G$v?!y36pR|&MZ;)zm?m`|#2icsGb2f%W+XwIAbX3$K4HOM
zs>VdstYnojW8}nJf}^8YT^n<?Z@>6i89YhSOo)@BE?=gPlYIg~cKJUWMlN4k2JhjV
z=Um+c2g;Q?=XesIU2N%3Qjk}Fxi-x@|AhuE$a!K3<a0NsK?ysMjZ1%ODyHR<BtggB
z-4|~3_v9t5Dats&fkJ*ZcOYu<WeET?@Q5d*+(VwofbFke%Y1@R;XPzo_Fr`iU*Pv-
ztErJUQm`;c#XClGqId2LKYm~FngzL0(h;PWcnsdO(;@qS?Tqh1$@NU>8_Zc0J}e5k
zv^D7-q8H!3yPVXCZ{J<oKIo5fwby)TVwh1rO!FrSs;!**RZm83k8<N>3$~u_$+(Hq
zWsvHtkBgr}uDtJ<-*6EG(CF@BeK&Yz0ovIMySv^{%}B|%DQaFu$_vAi*9#1Cj9fuR
zngMPVAukyQ7Uj<^rbKiF!g3uX_L>U1)}(;Dk}duTi#$&83=NXPJw|USFX)mNyxwW~
z;Cx}FLj*d2VYoLpnk@1-iD%E+NzU|dPr!<Lz5t#Xm3shazb7!+2S<gXd&)2Iv)FRn
z;0@otyS&#~J?#I)YyYg)cMqP`@WVB$Zh6Kc3WIUMJ>GGB_+rX`t&546xQR(8di#hy
z4;|>Zjp6W7*MgnKRbb3}<ihYGpsnXP6i%ARB7oCO>z{qXb`KdMd`$uyE3rxO4crd!
z_${`Lhi>AGm77&suCTuKtLv`C^aU$7<g05ZVSE0<kR1V<t<b)Dsz||CEPza#gpVi%
zuVs~vi+F0E(6jr_&INhxeM?Cui-KiQtAJeLKsb^Es+)<nREwKGg7Rk6v?n+LPu{({
zc=`I(Vw?YFBk$(5oHvTic^x_#6Trk0;jL02xXOSdj|`Zb>Wv=4w>EBwe5=r$4|Xu?
z!j!TOYcCZwF+|jsi6{yj>$+lW=3APc{QOcxYdGn2H6l|))it2_(8mDzc^2iA(<UT4
z?2mQ(On0=eJKx8&M_8D(gcvly@>|JDug$8vmROy^AUtUls}}g`&t-692OTu_9Sc?$
z9va$rY&A5p=4<Eq4Ko~+z-Uu%FxLnyuSOgg9BPDQ{N=|s6`3^@F)}>5pGT}{dp%&(
zXnRdMX`+~r(;@lvrT1$3qStprt$qK9s;sP6(Og12QUx;}KBc_nO!F-lpA9#N%a~SV
zIaq$=A|D_1o=Fq#?Fx|QJL80LKITxmo0T4<uwLk{4|;HK^@o4EQ~xaH`1X03x8wi$
zIF7qUxv+tVJ(^L@dg3OT=3<RSVks`)d(RvB8Kl3@QtwYXH}5f=X)@m7a!AXUO9}bv
z2E98fikYgK#_j;wT(qKFR<o+b3d^JrriRknl8Nh@W;a2v$WcD{)yoI>aQNC~gDLbT
z_qGib!wvLH?#5r(Z;Qc&uW6ZPNwRnMWC8azg7jf9Ybi^B?j0Qh1fd9pSEcM-!^5XJ
zX}yQKENiR3S@PO3oUl8P)re$jN_0p;GJ_@shq{MVv}p6-A~vb4wm=UK5cTQPr%w^A
z@PGV||3PF$D9KsIxBVM~gptA@o;_QT|G0Sl4TL|IwL-9Ce5<~pLpT6Qr?3C>`t6$*
z_Nn_MXpL?-J0Zg1X8!B%f4?9vc?HSG+#s{qh)f$CEM!e6K;W@xxmCpT!h_f(DQx+A
zQyXv$y?P6t)tH5atW!n+WQdLWqo$&t5d)#aGg9yyMpo+UN;YMSwT|JiL7E156C2U4
zMaAl$F%BtepX}@<xVtA28YGAoMZBcE3IT2t6UzaiADBVXJy<iAlNXN7*dXPyl308<
z>_`^Ix?z<SWrS`E>fyNxEaZw7LSm5p<`Gj4Z@*?#!IfT}fc<!2i`%$tz48^VrAF*g
zMvS?z0S);zG?ZFcbT953(iRMSp}99@#@wWIg7Orr8#7H1hN;^Om7VKY)q*XpZnTbQ
zIPwDWOO#7H#lkVS=v~^<ou9WAZR_b`acVL*E23&znLV$+f5_@buW6~U)`%8jp_-2b
z5Sun@gqo51EUFHf7MivBpapQYkz;wFVW(SjD!)DORK{!IY&Ing3+5lj{(+l7_Cb$i
zydL3T#%s#)e7OpOAbaE5WpZZ2`vR5ab&wR8Kyk{691nBG>w(W@ybe5_@k%|T@k%?X
z@rrr)@amStHf}!bzG10;PWx&&;e4-|63X1POk_b`8>Wn#i!PNcni`3xEQZ%zp597*
zwloefYj+!P@dUChz6~<v7|S=^d*~wQ@d{1la3)&6O%GC?DQ5Ece9avXZt6&y=`fha
zz?j(wY|=vqTcZ_c5ndzMVG#9Fus8hfge`rKQei1mJk64zI5~Ua67FmO(WR(awW1k2
z_bm*p+^{XH0)Wmo7}DmvZK%i%jB3UzU?l8g%_=<?FRm|1Uh!L2DRTCgP?EX<;u-b)
zCz&VUP3eKkaJyyA!rO9fv$2=h#h8lfEG!GX-XI+lSm91KmGODm0!mN<HLJ%`UfYW*
zQn9sGK`IYq7on@}9j1F&Xmsmx8IMK|_6fxwJ)^fgx3UemxLcUik}6|O1XsCIGUGuY
z27P(chAI|FN1bA|&JCHG8YrRCXVCecG}c1q?5bH7Ty3r=8~ukK#^5Wbvd4g9iSsrL
z*!~q0ii2FDPZupaaS7GC^fbiAr@vt&<n$HH)EL)4y=mM3T|C88%ZmDmZ$;@pLo!+v
zs*ikO*?w3?*CauOwe>9l*j?HYfzS<<DqNM#$xamIm0ys;5|}|PeDj_b86e!+ikS@%
zT6RZg%dg(qa(EPVi;zV<kdqiHR(sil$R1dShvQAjBfO|howLuNLTSH6AlGQs9oX31
z3~=UcvjhvZ+qnCTu@wqH9>6aH2rbZHnKb}Z2>e*jSsSkqFHW4WbQ2OJpq+<`wYj_#
zceKhcu1536x*}P7zb};9uZjMiE&)0oa~J{+uYK>>FX;svGO*QBv$8!;R&YrSdbvX8
zJE9_|*a1#8w3G#@9-V4Or`oT>sdkA@HGPsoJyxiF<nbE|I2E?iP4!#6Y&ji@xBav)
zPZEzwGSY0?b{0L^-ol87YYLG`9uS}vQD6r8eA=dvAmBAR2R#pDDI;b*yg=B2YEM{c
zX68yQ3!4oEl4VIV7R23ZFL$sen3vNBN?)ybnsWCzB&bD--%|Mal^(YdEUlr7E24$D
znysB<b0u7`g=5>cZQHhO+qP}n$%$=SC!RQ&aPm%U=T6-Z_ZQr%{s~>RSNDE;Ez%rV
zKxf?adOdo!x7!CpS>KMm+Erkii5QFbo;~s7V(#pdnXPFuy4vp@famaN=VWSN#B~*J
z4Qz}y;6ztJL*kZCfpFw63b&cW_pN0@#noOfvh^a`jwi8~M0|!J4z|!cm=xSP1!@Jo
z6-A1oE3x0=2*$Z;*vC>jLs~%_?X|e_po|&1ESik;tPIHqz>C-~`YiK~;<^tF9crY@
zd5njgCj#{an~|+)-)=HJr&Sw}^l|&>(ZVw^oUCPP^WXYsazv~G)SP9<FMk{JN;?#Q
zo_fZOz~1(=lAFBQ$C11V*jN{jq%k24Mn_qSxBwfW7fI|4TWV#A%t#l(FnF^Tg?a~>
z_3J4aeLhB!>GghVL%kQfw3P6Esr@w$bMc;$iUOdPj_N<Nml(Ee{2m=Pe}7NvO3&=j
zw>A2e-@_Yeqhc}Vvk}(0-IQJJYIj8G7iL<E&OK?ebCSg|eO<8enI@?zunLVI3U0^H
z@)VnRAW-_4yzcdvb}wus`B(dYX8M7nOFYkX|BtT36=$9lLQMbl)SvM@0zm;xp)rId
z;?MH_GQ3o06_3(7|EWt{()ieSK_)YqR!=s41}xL6iXF1~&!DU0T<z_RN9H-o>n__#
zyP4zdC=L(Zg0Ng8zC&Nl`Fa*JOft^-wiSX@fWCZ?yFrt5Kz(jZY8*P6Qa6S&S8pNO
z$vW|1lW_a`c2ZMMA`e<}SiwuEb3lkq7hK$RMl>rDJ}~#Hpg-H`3n^=zaK^wU3k6c(
zLWKN`4=%GQE#YGFQ?3FhPtaSkZ>{rf$u;d@{i;IKbww?Q$v~NsJt}c@1ez|5I+8>N
zA|CNo-@)5#N=Kob_5MvdAn!yRnmJZo4*TF$H`0TSofWEnsq&`RuxgzAlbpAUWzXO|
za9Ei)7dNcAhueu3_HbbdY5=1;s0_qa@QmPaj8nMX52alVB-B7>b~vMo8!32`E2>gd
zDwHehEurGddiRnDbm3ixaeci8M{oZZpNEvvfs*d!YX<L#Z62nnuZHs10rrg?bLJgO
zsGdmb(g|~RmkANFX@egio_~F`^NbcwGuxm&2jfzcBA>z{oR&BgynFK(j$m76m!E48
z%87nt(uV8H{C~Wq=Y^Llmj4~HXPE~jX#cd^{d*Qqdk|3xs1Y<n0S(#!(0UonRd56z
zuFPFDN}F0PG`a@M_6po4a7jJ-JW)&G+bz)tD++$@-wWUEp6UVrDN^P?b$?3jt?G(q
z67GriO37<c9Khl!?@e^`O;p}}i}1rxY9smKekn4;&32tAuu2(iQ6>%<L{C_@OKI)t
zuwKAP!j6MI<haeBJAu4D!60zm?=k{Lil?&0AzgJkJ3-KU9*_8#8ksVi7V>9XUZYIT
z|5+gk?Q8XkKe>{82R{$~@FwldJ_PL#fmIq{)<&>rxb;u~<R~TMGsfa6-6gjh>G``R
zJ<P38o<Xjl^42b`eqQMNp-Ywp1^0#nQtLVI;u}m~>;nRQ4unBWKZhUkuzXNW&b!hA
z0{s&$-pp#LlMw{^e5$$oCq2`=!8N*y*&wkKJH3S3C&4e74aN5a@R7IRSaDVBuaYiz
zKw0MDlVR;6WLe_!D>cQN*YeFFK=!Isx_@w+B*wM4{f4;)1f_z4ZJvRI`k9dHcP#|K
zLHPQ!(3kZBTe^E##`(^^x92CFiV)%229^3gsF$tZ__(5s7YS&)AP$`7zC<JoA+)Ee
zBu4#jQwv>9K$zmz+K*o(veJ`=;Cf6fll#>H!%@+s5YK0#c~(UPd&EB$P)_@w4=2i?
z+atxn9NbElL@^;SEzS|H|0w#aDg4}nEQWkNjv``JRw{)*b`_%=iSww!n8|RDJ!U^H
z%jj5>+ioKXc2rW}S%zHoDcfRgU^ZOyGqgJJgrDtMXs<}OqoR4(Va><}qLdf~`Z{=V
zBWFe;ti>GsBbbA@`!y?0rN;2J!B<^_@MI9N;%M(AJ>t!53?d;TK^AbAbifUZiOi}O
z2RWz2Vbmz5LpeAw&UalUyV5t8$5h|dVB#uL47J8{iS^tbjJY_)0v?Xew-1~;Mm!BU
z{0XPQ_6nRW&9m}wX&rylWDD*r{7ELsjTo`!W^zc!{ZI&vddD>sJ@|TK>E;AlNdRY=
zj{dwk!F)eaks8XImIjHE&IAhd;G#(-O|IsB5o~duiBotVDQQY~4Tu3Q_6S@l{>mr|
zckM2H-Wbta{x6WpdR!;YKf5xU24k)B2_i>=M#3=0s~7|GW7g|Rq|BX00u&?4EoOOV
z8mkr4mtAY*)>|>yIn5+!R7}>Z_F%0iDOzX>IQ8uFsB3B~>i0@getN7V_!5@G>SK78
z-}ciCx=QzW6?aj&NpBG4jBQfA@_EaBRCmJmWe%oH?-mQL=ar<>5oeh0o`~~MUFe4J
zyPH?E#M}z_MFS>!oFlnD#ki9;mDu(@p>s%CrWte{lW{>4AlRz1{>-^M-VV34Onl?v
z{`3z#!A8)%4Zc0HgTp68kY|hmB(qn|V069lR`OYorrz@I<O50qD+nI8V8!|U39hjc
z5*WQ%e{ADtv^^JYYj$k9RI2ZjgMYR9;dlKe4<|dUH89_8F3~>u#RxhDH)d2m6;YsG
zeWZL9*1fHIHDyk)QSl&}GXLJ8k<Wv1uHcb2lsZn&Qrnjy+g3`i3lhhPsq~S&1JyuB
z71ABn*u?JqeODJ}lB~*67$AkImG0pRYx3--8hf4Znlx5rj8(d~)Qw_aFh6IqS~5Z%
z_unYOT#Z23BAk0EbUyH<EAVDwp%#H=z}nru7B<*!HMwkicYyKT=dCkFIgrF2!<2pt
z`iabuPaho_f4lZb4Chg*X;hA9fIK$lk4)l4h>Ttgbi9A>SR#{C<8RAqY^Fov>&|2^
zv_3BLC_)a*bd$0%XNu@Q|B?rP4}m&Gd-nUXJjdlSOQuJpDuGg^#C0I9tjZgmrl)E7
zC35AlAAH!1nr>U1$j`8nnyZMJ+Ba}36h7qWas!eTL)PPotlMU%@GKRQs_Yw7qn7X&
zkM7wCEd%DEG;R*T*AvH}rPcq8ElNRoUt)_WZuh$p_slfwts_Om5rW!^R?M-$F3$Cu
z1hW|PlLz!gayewc&{A>f9`HNY?_QC`ELVw07FbwEa{cr5{XRO|X1h=)g=`fJ;8JoC
zm)C1@3%BTh{Cz)T?z~yTkdB_*J-rYJ@{0_IO{36~;hsjf%`_%r*8tSZPfNpEzA7e7
zb*B)8DWghq*~D`Pkwo;UeXv3WCDHu1=<`5FNET!VRh=&*8-nMFUm;pWS1C=1rg&*)
z5^y<vNeBB#r*22aBv=2KvDag|t%PRBF3j1&K;k&T>Ls~-788S~B#+!|2UpIqG=x$~
z=_tvjZQj7+blzpDdg0(G$yQq`@Y>RNLI6sK9oALCo>5!l0f8YTfXL^U7E$HsgxWZv
zDvG3tPHVg+&|;_^uji%@9ru#SAkPHpNNWa&o+Z|PpL2Cf7?l!2Jz$m^?QWUD2glOw
zu8lt0rx1?h%wSQFach51___oxXJf<&_f``Vl(GL`<cjgG+X5rEnl+*4@CxTqrS7Z)
zg7mIBgq!tQy>M$8%ManvCVACO=<-A4@MTbAf$a*_uY$8ohB+P4naij1y=8G6nWte4
z2=JbYVp5-|X2u*7%=N?9c1(e{f~Ca9&ZN;rbW|sB54Ju^#gny>R(&`VB@X^!!u{#f
zuu&D@3^x|o{sFTPvwwUbi4u$$KG-(&lKa2GN!`s)HDm5@E)_feTv5ogLy+EdsGMf7
zu|n;JV9U`8g*!qAJRJWlo$9+H_66}q7X8M42trZd(3Br}UEbR9*o@^*Au@|EbqAsb
z$V^@u2R_Z#(hAM(qI7Q&T$Q6B-8s6?&ESWnq;y<L^g^BG$cVeai01ru=`X#b%<Xae
z;ScIrDVUrg@kv)S^apl+%C33Svxsmf=upX3E&_h*yn8WD?+e49FG59*-%JX*8;3%l
z6Z%~NWCp#Kbu-L}VZ~!10Y4(`V|BnQKSAmnT`FRoNc_Y9#APFo)cQ;NW1e7o8di8B
zLFyU_i&OqYJ|gTfz04|wG<;dwY!5HBnjsr(xIUPy;@BmkMXhLQ8{bDtdwG`5qWGzw
z-fgo)VW=Adyc#kQ!0?d%96j3yBgCSovzj#l9?{$yx{le+XOgyBEV>YM@7)y_ZMwiI
z%F__{A26-jkCWK}SiSRPd<oG9j&4X?{d#RAmizY+C*;d@y*`6wVN9Fj>4h9KqTzq$
zOyxbaP>SPzJcNRJ&W{J^AC`DYeb}d%8-et@0;COOJ=gxUY&{094Y}~{&(z>Y>i5&{
zex_{#pae8HzvhK}>K8;nK@>kyku6L;@=-e=e*@4;Q4aqxGDt=41Qb9KsMNfOz-gR0
z$8%v}uk=TrERYz0?D977T2enZc~M6+s7|+oN{Y!tm$ZddAQvO<oXdN{@2?q0s0J(K
zu7@^pf&;>Oqt{APpTzbAtSMbtS3&WlirIw8aux#qUoG~lqdm+1e|ChEGF%LiUV9%<
zsEVnFkG^=rv;mtnT^s5Cok`qCX!t&krD24+^E@^q`IIRH%ojUOwfX4!7y+7_ouazG
zw?VKJ2~<=zo5y<%(WXhbSE-JnmAzX0P5*r(O>w+hI#Yrkv^~j4o-agcHdLs{8}Ypw
z@tk{cr#Rb=sC%jMh-r8=P2m1(!#5zNMGD2W{3;Wr`b|aDi|{Pj@7ot0vcCt%huUKd
z%r)()o5@woLRl-!LfR*KD7sr)d%s~emCRlW{7dhmsMRhniVa<KJG5?144;H<Q#Fbg
zqCAF!;7}=q7$Jr~Ypmj9L;zm;Eq0*mzguZu0acXys+(TBzifZMG*;$dw<Lm_bQF8#
zQyGaVX{xPCBZVz#r~G+z<=7$I@KARfLn>cuDXaX=_hTCY&m;1aSu%Amr#J(tYQO-8
zwc=tmaOl2lp_rUd^r*f-Y%{`AoC=rxMs<#VZ!ORzlA=wH_PRT0{o?R-SwELuMk~~Z
z1<ZRdW+XbX<cYEMfeMaiFjjD=($a=dLU&BA<-WoXv%6|<f{(k-@X!y=7DHCiS`*lV
z^1!psT`1UN5tB~cT~$G(<UUGkPQwwyR<lT+Igq29-b_?733chBY}-;JEE6SjKWS;V
z?}QyCICAEkky7Qbv_!As9!&@R0f^e-P959pp;xK0YRVxjUlm3`z*@nkY%n<}r?)oB
z)iPYGzs!%jDqYj#^*yT0>peq5sL42PyJ1YkdnI!HH3=J4-{@lapeBp!g{PG4STNr+
z(PnM=Jb^fNs#g^Bs>aili)J;^>x2foxILcUXrzrI*#$M~9g<&(n~6aD&vn6q@p8~x
zbMU!XmEBKUeb^gV6h+0#(wOefuH0!BvWfuqb6TK@*|_Jh2ka>mN|%qKM>OUe>-d}e
zTVW=t4YfC8mqnmcPJLk!1=-bzXEWoEybYzhP#0=MS19`<LcHvzABrjJ8BME`AM&}x
z#19t&bG%Wk6Nh;)!RfWX2T9t!4EF`jXqvrXw~@-;KBkC$=5_)N$uZsmT~h%3r^ez;
zJ`c`J2$?bI>c8;5T3Bpd)pH!-2!^%WIvk;)v5aeqM2;pt+@;gL*QGKYsDmjV(w5Pi
zEr!NLv6VmMls7n({$K$1TaocDDdJpbMzduoi-qm8DeeF*)_XtMNE1nw7+gbh{SSqX
zsx7n|Fgb(+x*Q=@3))O7`aH&-TS~S_=4!z-Vb$4&GP#5;KGeMDakJI!tF4f}qZVfp
z`-7xRUr?To>kq{LiY&odIBOP1Pa%Lv&f8ZeJtuyrfmsF+FKlhh2rH+I7gly7Y}xmz
zCuss~FcNHTbQV}OIO7E-k0}}1Gn%?HnBJ=QPRf^tAzd}lq^aBV25X}X&fy#nXPnFJ
zdMu8AP*j_&9GYt`Oj#$>O8J!qysYgp`oNvh?)OzA5GYbe&s%2=VyeU8BoBGo?hm&6
zTCnsGjkaA&ig>;b0$-Sj9Ih&St#|B%X6vSjeT9rp6jRm3|GX{9kSX-Z$~2En&P_=d
zQ7b?R>=!{)zvs!4SYg2cbC=Fsw8z}GX;u7{8hNr#z_&qwt$D7?Yu*l6CiCzXi<#_?
z^i?f3I2eH`ezF+G>ycGqGkTbRN3I@Ou}weS7&oB>U|h57gZl%w#I~`3yJ3lSh)g1t
zGu;couZ6$yXD!GKZ4+9vWk$CRl`TSaL_y$JhV(S|g8dnwXy1d{<4!0~#nm`2zu=XX
z-L%+P)qwJF_f=cfJf!}>fr-2KN0kL?B-MIPa|pa^HLM=8%kaiOhg0l5dbpw+tNG}3
zQM%e0|GChZlKdn@f<|-`&!}Ac;Ox?0>Dqh|RGaojctvbEAK#D7Sctg}BgIE*uA`;&
z2h#pCOL(@Z^(uwuP`T$t9Se=W+V5!fEeve*1{sqMj^x~}4e<z|aDj@Qe*LL~&Log#
z-__+`5zPsiW+zTp|Fw^M6E-(>s!plDbpj3`;_(;g!Zl8pZp=o{uMa>1J9%q56fWO@
z(x_v)-#v3M8_>`%G{qC?FA}u_;@0|pXR`uy(x%z%`Zp&GeH>n2crh*$!x3A7UJQ88
z()1RPS#ehz35-|>{#I9x|H*CjAnP2zgLngoy5&zOG#SUACF9W+YO3NcSltcuh3xlP
zcgY3FpOp`T&3H@68OAn>DAR@YS(V#s<}FXDCr1zwAB?e$;19Um4O$#3-d)$Oy9D3Q
z^8e1Q*|Od6h@yNC32LGe3A;Sp7XPOL8IJZ7<i^nOCB^F(hlOjeP?c@4H#Oqo*uNp9
zXFNDa_WVm`q4Ge9$BJfGNs9~f_+`9Z*P`CF^2A{82K=g{@1h03%ySY8g=gh5)L^Md
z<QVD-sNTK1$Lv9?Yt#XUTYH<|BuZM-o5tM8({3sVVw2%nj@aT<M_Lhjbi(=6$rxz2
zM<-lmOEPC>w5=4~i#sUz#+-r+CmtW{d+@tP^V<$`Y5Wu)lk03EwRS3XfgZf;W;hYB
zMn0#jW(JnPvu^cXxvEJP4Fqseb_Gnp>tX7k%xg=!0}=DbEl>HuL>-xnQq^@uliBEG
zMhr|@=S(+hFcbbb5XWDohUX8>3CMc<3+oK0=j34CGvHdRL+v=3`=zaZpQveh*^ywd
zkZ^Em>vLqT<gm89HztNs4n#fxB{U3PJ-?-;a@Z_lY0N!L+SaW)dKaYcio*Azpbh9Y
z|2f_MB*BEHQLlrQv`SltB)rEjee#xLYI52)9vJNI>kW_`Y&SkEy%nJJZe_(rrV$W2
z1%k!B4i=K4Q)zJU#DxfmK=xo6_-Fhz-D0M%X#PzeRo9`#%oFj!Vk&I*z56~3qAKNt
zvbOFW2q-0$%XdSmxswZ<D)EerU3y#lOwwMdDb<m2t|t9=5-R}DDO^~jKuUdV;dcbl
zG72e=gx2A$zM6|NR6B526%lZirXNkoHHg}DF~)!oGgri%aEH~bzuwl|#^vBXLhQge
zHQ>0c=v|i0!&9Jy81S?H{WZLrvjh)+XZevbvktdxlQnpvYY-|A<bB2;<FO_*e0RN$
zqY-&%knS8a-a95lT>o)UUx^mS7HI$t%8VdzB<;)qKwCDoyC2j(yl7)*J2zDU0*J9D
zB#h*kqU1R|T-x{Ooo>2`!6=yZgKc%J?jLF_Y2kbROqnR<#2A~h+(#(QBiuA?{IQIa
zD$jNj%S-jOHDWGrgB5xkMrOe9vNoR|Vm0?^1|e2q2FGYj)1*)85oWY?)sfz&lO=Kv
zd%-08Lfv7qa+3Z{Y#AO!zK7s&{k+{<y`#`vzd2qGocA3m@$2fd@A`0(H2=>vi`RN;
ztSjD=I)gc7qB9K=olm>d%2Bl*pG3r-uoPY*s<ytmqW%?}dDCnfrTfGTRbv^>-hIo@
z(^33e|DmaBaYAd<MQA@T5PEpvka=H!nUxTC6D>l43Y~?v@Ox}}-uJE`VCwRPbU;*F
zVD-e6R#1U1!7)JccMaKoe&ENh3d=pUQ8FXn?rtzlef0kEz{y`ip7yp*|5}#K)K#1s
zim7v2)xVk}6M^7n9NC>RWaMYaPCr@+Naxrd&d~#2!~46&)VjGNB@T;Q#)SFJBSfWa
zKbN=(P7-E6<K)RIS1*S>29|MCtOh>q6ONEQgMoqmd(ZKgIKqUeB7!v}&JXbpeF~-=
z(W#nkl#I-F1N|p(aV(SYH2BU?yf`r!4g;tW`LRU1HHeA7f(N=u+qv4R85NF;(nQ%O
z_2*rch)M&Ulka%prf~L5$IkVG>QU$T*ZE&tqHMQ|C_h@FzO;!+F@k~lP)d)%*aw){
z2JUs1nJ3&f1E-2K9V>2;)CluA0qsr`{48gNKyFwr-_jEBkpg4*^2`KGC#NalV$=~L
z$Kr1P;?J2pOwg<H*9U;j>pfK666v6xzA9Cu$rg@{({9=)2Jrb+xy+n)qV!u|5x!v1
zJDTO8qgr^-yWy9CbiSp}`4wdcUhH$(Xp(}q22GojWAIF@r(02qdSPbx_dxjhFh&Q=
z1m@*AA=8w$5VTc|JhT_sXk${B&DQzXd&JjJ=um1?ci2(^tAL+R4m~_PeA-T;DxdG$
z4F?dQ?E?*LpwLXDO5mq~qU*>0&}fp6_w;yqhpM5upE?)<k-ZN7dVXPs!u~lvE2Pj*
z6RPueb#|o^?Ci!AN9dqU$ncE+-4T_&Esm7$96@@r(17|+#Y{{Fowc+u4ItvGKTg6M
zhk4v6Qbp$yz5a|z)5i`$3OJ<vXZpG$iV^s|+S#ZyZ`t+a{F~y&js}O%=L#G<s&2EL
z>K5KS?Vr@z3I6%-C?3#cvd_}{Z)0DZtwnc0dCmI0=EQGYK1XF%=v8*yh<>t{zmrw%
zG)CUF7q;@Wb_L*zecQn0NgH6V5#Cc%Tc`lxG2j%ea&$5oK0)s(pPzQ+niP<}NUCui
zF}peJt-&S4HmJ)$m`4xTpJ6!rBzdSs_~1?`ro~kEZ|M6gbg{TScgWvzyqUR>9atIj
zFYW0D&>4{eC|kQ73N^Q6-!u>{AKaE<N{VU(<7l}0_;7iO>b0yY`J6SHN2jTfjDFYd
zote_FvR5G8Dv%S)?DKSd)yt_2Kv?X5F-R}Ja|Ct{;V+;O7GxL=+_3N+@BnZ9t*jTD
zGxXvJ+3eqq9Qd!C4`Y8FL+<1ehThHXXF~9dJu795@@8%`RSGWtVWw^PPNDh=Ot#CV
zrfAKL-YYOR)`MNOETiq4kr`(q&*#7T!|fLo*z+)wkr|YsDVLh`OkW6t_tE8qcH!lC
za_;%;^!w8D_PMig#58u3z9ClHWfS@6%c+q3^?}c??;wp_6Zf-&mnW~Vj_tA`_%KWP
zkoOwWewqdTmkR-$6yT77Fh9O~|8icI?hTm+6K_glch#m}I;F0R1wbYV6K)Al?||GT
z9aDwLhzeD7a<3||LPrb|pCso#oXDev)mHdtsULjA^Kg~(C&$&%UU&y?IkZvmk`6Ud
zeWe+7jO|hztS^UzZMEHHDN8|^jf+8X(B}@!F`4=MHd+`31ZGZmQrnOWqWJxQ*;r}j
zXTXOaV?~+4pm8)#bCX;rC8e2<{OA1nueV~M#>X$w(N461E%G3~>Jv7YA$Z3?4Q6T7
ztP+F!0HTb}(^*$2ZI=k<EToX#%a*WYjWlR?xa~;81$>0Ih@01Zh$t5+xFF!P0qEna
z3sWqh)PU7eB1nG#Pk8N;X#y%9g>VBGH`I3L8D(qiayWsZHw&IZ+K9yshpZr=!Fk`O
zt{b5<L}ARwhI9f<%W+(oY|Ml_>w{t6llQ14b}C_(h3})WF7vw#%NJFZr;~Hrx`~^{
z#Gy%X!Np}m^(lG*?~5mLw!63V#T?wW@2v%<Zo|WA5&d6=sh&~^!oWYUD~%W;w0G88
z<%Opzr6;q5>jS+$NJpNxYU2vIEV}4sfH!DEmBYP8uf-74V`34Z%M&tbXB`aF7)Gm9
zkP3+-&WmNo1nwt_t-Z&5zE(Se2`hx@9;HoglqD|gM_PT%WoCL|T|WjCI(0L~EDu(}
zDFFcM#AQMbr3~AnrY0^aEWX8*avwQDnq$F6Z^31t1fox+jioMe0%1fZFXbLB<Tzf|
zYVnql^6QLc(O1e7Bd64t-`dyl#4ew_*Fr*zckKSvJq;4#iV(xM|B&jiDw@5KUavvb
z$JO3C2lEJBVv*$$ZW)jC!%k<HdM3oH8R&$5OUeHUYYd6%{NPfHp~4R`Kk|=WdxL$K
zt|3FX-j#{lB@`sCo_t)hap|p+Y$<9+juL!;#&Xx~j-qYALJqxP-(9nu;MlnGjXFj_
zV`D2CDNn5c?Jn8Sc{0H_eIBmss3er+COmY}{#?L-ShPvA02yqB4rdQ_V$)bg!m*wb
zIZ7BmQYiBQGL++q9V=AAK&apGcuSt_f~G&n)D%FEp6-GZICDEJmY2E{!4^N@z!ZL%
zcwD!b^c{K-A=f_W=oC(g{1qTGI#)&EPY&DafwntO>Mr!ZeA;W~_ZGcTn7G-69dV~d
z02-c|KobB1Qw6*YPRmPui4cJg(=kO;!;cBlPYR^Acf!aae|yGyWP(hEJ%HWat_}ly
zO*;|%x(hIQNe-EI08J-VMQ~28wAL+5#&sd5Ewto5kJHK3^QGNw&4oo7ris|jvqH5q
zozGgPW6e*Jhy#PF{CL;8qWmj*C9@v(z>@xww$Y0>l>Z{Qgk*%gMl=Ke$<?lVOuPsP
zBk(8MQDiQAqB)y@bHA(PoBFqw0p^ttKqcq;Cp5sKc$wM~koabl&xNJ5+rA;>kDNCZ
z?nw-ap{~*aNMpnE(hm#8C=6!DxlmoyXwwnKwl^>tEFzlp@v?@mG|5cwVQhB>rS<0{
zlHIHH-zWp6b=>kr9x}QUyD$lHdiksBO~N;Qu)?-nd2#^nN&r(hqt|z-^XWhCAqwfi
zSom@^Jb3}JUQsv;R|<W#naw_G)5$@$2@z2+Eocd$M6GL-H{xfk`?4>a!-?jwL1Hrc
zZWxe|*(xg4f+0GIAqvslHnP=r78G?iHS3xWvks|U)%W7iz$K09U)<foReOBqv#FA-
z2XP>it313Oh7mO3;A;8brJrcpdzy6%K|DE2Q{^A8FyqU%%`zlKb%kG)Uf6O7Im>L7
zC@H!1Hl9E?X5ER#mBd^D=c1b3N@!Idk3G6(T<2-QTqWh({Y%<eTuJho&LzH4XWQB(
zGBXR(=5aY1BtZ5Z60ZXXm^8gZ-)1qoBXH+((W~H@qf*DsOKnX%b#r)NPbd^86YEb(
zvYsp(jALx^C<ISDOp4VS9#YA@sG2NCIapm9&HEuB6$C)YFry#V5*7lWC=+$rcp}J=
zbw=H#$TL+a#NNf=I}WF5;26?DU*<&X$dvG+83mwEWJ-9G9MMA|>~?ITG$)!$Mn-t*
z_Y*}m5EA085jN=M>845Z=%6i0&4u_X&FK68rgS2*voN8I*ZV-L;Xf$YG%;BWiOH-d
zoH^rCB<dVMJ7zZhuzQD0wR2T&>6ES$-}GvynAH2_%>kZ-l^R2^C(Xne%GhxzL9vz7
zim@qFRJ%OzpNVonZci2kF|UX&>R7qxo9hu*R#SZ6=jyzXEPgPteK&mLP<M|~I~9bp
zQwueOazH0mq<uRL1gOGEEAB=Y?U8c3)KK4j`*H{OS)IcXPgzr<i)cqXE&RgiPDuD9
zf26}V3rik3orOqn#inXkN6&}9_lGWkPS5<vKT)ywp6!j^WfGMxVhsnuJ*w)JLYnN(
zbllX)3)7;Qawe&7Qjhax%t(|zD=MEdlW{AKYEHLmfR*0ed}59&E!Re?0VDO{@i3Xi
z{Az1#ZrWz9>WYAb)mwba-p)A;Y{jMx0<%v>Ge|}Saaex|p)Gj0<3nb(RsS)%c-BIc
zm$kq=*qEd9i-Aor3&+|}R<Dv&em)o7Uo8_rDxc8SSg|Z1Vz&deP@~aBk!GHSqXVFb
zJI=~k>P?gI8%9GfWbTq>rweA<BI9(3CDqN)@39?XkXInt@78a#%#`K!h``)0u&t^c
zz*qfMwo}hOg>PxG4z|h1`>!e0w5H6lbvhb09%hJP(R1ewk(LUyV+%RN{LKF`PkO^t
z0}a$)<A<+mP~EHR|FN|mTr#q7o3%E*6RTPRb_6J5Gqdv(?!ub77ogZLGioJ-$7s=V
ztSkeqVimO=C;?Bo)HdHaJ}sOBEo&s(F&3Vhtflc!(pmFgpA*q391Q~{L|Z6~7DiC=
zS;Xf=v08<kXE+b^=*TCbTH#Om@7s%`o{PlYa=?TVvoFt;WfC28ck0RgApdHVzg`+C
zn5awFO!kHw+xwa`^0vB#V+Xg@5A%QJXDAYbp4<eQTK44XI057I_diO(uM5J|z#lii
z_pkVwq3<v5YGH-n!9ic2%)p<E@4NhSptADN&(03>jZ@?IV)4&|ziQL<o$-&rSCQeD
zVA}M<dGK3tETQ8Cq`{xqdaCY<CK52V*n<4)uSHMyC+=GYTR1RK%8}-eWDgf_^&ctK
zx2~s~berId>#X8<c*;<otU%dz)?<17`MKw0-gQ>mWMTff`|23YF|_M{>u#`hp<@wF
zgNrO%kRzblJ05Cf)SY#zgn9Ye@C4z&Q*qha<c@mA_Wzb1+(I=?$NyE%Ge+gV@(Q8h
z)Y$ejTPK6IzU#>o>G)A{wVQQlPB65{t&bc`e_<d4sWg}0ECE4LH{20RU<9p4&Ob@Q
zAC>xBfX^8eEqG>xI6^47==Kvm&1lsV%T->O2CvqVkiDBFTk^_(&8Pp$lXc+Mpu;L%
z8xvRM;D$*vp~bsfK1YKDD(!m`huV?hnVKH=HTGU^jw_V(!}Ldy-VUZ}6PdK3y!`~r
z{|qM}E|A6-GXE>fQthM<r;*EsgABcUtW1%?*YHi_30m*A;BQAV%-FG|NAmLQrJ_5&
zI;XvojjmRjm3&oLQ88tGC!^_2{0`Pr7`z5tNNXxuJZEi16`vopBNFSb=5_iRc`Amg
z#p*iVp>D;M5(}~b56oQ^rS1vR_Cqpr!gv1Gs?#+N2>xms#+@tpnO9!)fL-8G*ATh9
zuC|?D?wR^ZT7Lxha>dD`y&{}cCKa=B3MO_(5~C_g4a3ln;V5f@ww4!z9SR-I?T?Xs
zY~!w+h$+`cLk2-M+nUzpdgh>}ghOs0kYYjTe#BKZC}T;vqoBc)KqES^(=hMm;4&Hi
zHdOzEa2QVSbr?#}Wlo;8b+#<+$wW15L+8-8nv_2oOrxDkm`{X)#TmH~V+q%=tQ^$f
z(Nw(~GZyqKo1f$rQB45F!DRx=;DXLl>NfKEti3YLLQ>1K)K~X)3zuNrUwVE&t<*aL
zs>(ZVnhoYcPfch(Ksk^&XDNgo1og4L0`qCLcxFAW?)*;#DF=Q}Bm-Ao4>r9XM;prc
z;AI~#C%Oj0yV4F#?=4SiGFa(0j_xfq6<=SPL{7qB$(A5G@0(Q5%*?N_MuuBQ-5F>n
zF6ue{c4;!pWsXG8T*C_w48U_?tsW(aR9^JdYqHpC@B}d%7I{2g-Urf=DN3)cIgS%=
zxVkC)tKJZ^78E0bKJLa80h_FK`KH*5G&ILQQu8l(_@&2VQG=DM3>Wn}gY!f43rBWb
z0BGeb6E4ivZ^J%Mqh6H3e3gL#kn&4#!%Rr^)eqsYhJ~Wq2fM7|p`qUH0Dn%y(~l4Z
zsxX^E1oF*};lk(}K6Xrd-SmI4?O2TWdxXr!sr03GA)BSW54ozmh&r+aNJKrY>HG|;
zK@c4Mfu)v!t>&Ucs<p}hiXMt&6t`Ow5ANIl=&coDvD}Sje%CIZ)YYHF(R(-O@N^BZ
z^1Q_{p>>iATqh#AaNSYs*D@@Q7J6(4bz~%?Gg5b$p$p-BU~wM$cSeZ}{~_JM*6S_K
zGC7GnNNm3Qj-PX0%h{tr0RVFs7umI#fQ(Ojxyzx|)|8OHTH~V0`COe38FOaJnsr#+
zl#JTkE@Y|7jfj0dQAw#&;oK6?Yct%ID3?PWvRZA3>0cq0HJe@Qwqzs+if6d^SSb9l
zU0iau;)6mCK!U%@6<2u{{j^vG)4*0D^}3ouf{1wVY#Xu_Y>G-PwG*KUqUz%ffU1CL
zU8GHJOkgfqkuYbzOG?Gz#8l3n&WmCKIQN3*M@wOA?e!*&v^`oeKIiz=nSsIzwz7z+
z1FOudWw_`{z=ZUDc`z1(n*k+wkKJG6y~<vIR27?E^WUcOcD4@(eb&AXVW`)6a=U4+
zgxjIF1@VaaE`GS8+mRhS)#ksbojwQh{-T`z6?fj9f%}TY2}x(Z6B%v<Yu9Nbq(-|2
z>CCBX-#n+8YcxSdvzVvhp>T!>dmHgiD!(D|*>mufqjkjGbs;H(?903K0`Jkq#GPX#
zijg@ydZ*W96haLbD{)Ltl5{I_P9x=~q}fm=B90Cr5X^KLB9OHegFxam$FjDXPQv&}
zSlR+z%xH=0r9UX31E1Ye)Fv`Z+RQdrxA&L6G4HEN;71RM&v~`ahEATJ>2E96M*jl~
zZvz>GoC^+=qGgNx0@AVdQXJkK5{^n<gNTN|yFSPMBQE}1b!OSLnVjBBvwq<YeUQ*P
z<3|0&a2%KQVYVyYGTp1dK??KUO+1BY)907J<*v(^f2BcTxrA(X<NT$A^lS6G9Nd&T
z$b?4vX?N7==?dK=#}lH93ERo(nF!$;(Bkkzq`lln0t!T&bza2~PMzayi@zFQq?BZw
zW`6OZ;N8`@E)n_fdU-%m%Vqc7JJ{4Y*le1gweb^yYWz7@pD)StbD=joq${JfKE9Ns
z-6ZejS@`hf#Z?@Vm+OwtCnsmMcn?$at&Tc>?#gbdB%#wnm=h7L6UufHqjx*2gj1$l
zee*w*iMp~l^{tA!&Ea(Hp`X2*s*^Nr5SDSlFt6j*5=?MYjJ5(1YC>yxtr+4Ox%G5K
z&g<w)jnZvyf4eD%+Re+FZjdq68!=_5_a_sm-Z@6%TwqQA!??j^!`9ic@5z|Q7{Noh
zRWkKSLiE;QIEOjg1h@OJbhf>I(5uYZ3(JqabtExVriC^`8jQ5QnUuFhl~;h8w1(Dm
zsap&BsMGO%V|iNxI-M%gnU3>JeiDiQ(j3kXYNLe%EjGIq|J3|norY<zBzK63j6NQ$
zpzC37w$6dpoK?4M^)!$pG?22kboDq}q%#WVGhAtv%NYrx1*RmDzlfl+yc5d_OiW!S
z0`@#)4~Hf*5U#mZv2T@%XMdVK{u!R7m?<c;Srl;GJmy&&?A55=jZT_#QLcAz2;5F@
zv&QaJA9F!`*6q^SJ#JkL4qox7egT!1I)zrQl-8&ZE=U8aqZ6pUJdFB3vo9vp8@BTn
zaiHhH$2oZ8MW;co{{jyt7C2|<pmN9BRbb%uYOT$y{Zr~Pu?iKWJFEb15YR6(u`gTv
zcSuJlIvezKRA&(3_{`m!(ANK)_Y`6U0X`jJr^ssCb|b-cx(cZr+q<*SkC`9?glEu|
z;fu9E3tUeAXR{732x0B(5a=Umn_b*v0vekGk!LIMQo{x~OwJG&?eaYYX1BI$s{pRT
zfXV4N?acamZfb%_62%w+RzEU;3TK@|z$oLYSN!nvYMM%Dtdw~t7&Z>vnD^ijuKo%%
z(_c7Rd)cBbVL^89Q$3{Y7q6@fs0U&z^{4vW14LA*GXuV{T?m(N?&-Hvx6}J%23Db(
zmEDd5q^g{bWRX`XeYb$_NZ~6w?rl2goRNz(S)s^F9tQ3tU7O%#xAK=SYyo{^<Ekly
zL;ve%RUxC{Po=>Uy9mU=$}py-X%|2Lhl!nYtLl)aKku!7Ly;;OKZpCiR`K}NQ#?ML
z`h6p8c|^{t`i3S;YW<uR^PNWE5RhCtTr<o`S-Z~1=!OoQNsdK96`Q=xo5hWDhV>pl
zO;gUe@|Uu*Gpc&8Z>KwXzBg{m;!Fv%ao6x>uk4lNhV<1)*FSnqFlXZQE*9!rUmB%E
zn<$13{d9p<xdxD8Up<J>tA8JKNv+TSsVIC@W9<Mfd)?ZH0>S1ZgS&|ct*tcstczZ=
z^Y)W;g*fOo#|o8I&2Rd#Q7VlS^h-Z|p@Sg(CFogr@~uJZsMwXFzZIN@-fF91F@Bup
znBz0uFS4}mk#$UG?;m#T^i1=Y^^Tqu=YjM}0LX_I@Ca8<_M*1d6npn9Zs1k3sNXb*
z<NK)T^Q2V&BMwzFWB;|6YO`EZ$g+mlv7?s@V5i|J@mC{zsX%A~^Q%cX2s;|@S?-4-
zrM3dIZo?wqUW1<cCCv-#B&%$BiQIuEhM7}k_i?J(+L?V4vlu2Nzr_Pa?OXs$40Pc9
zZ@l$cPk;Nz-W}ekM~jlhIU0OJ)=H=qPyO(3d;Q$@rrsDia=23kbt4+=l0na<ppPP&
z0*b41x1AVi>7(w0Y=upq^BU2>fjd2KY-MeQ)dD*{!&mE0=4yGL7jcT@wX8{&7ol4D
za;AY)sbICdxP(Gn+Uu#orqAvtb_2+13FcsbDJv|g-&3^LCAMRvgFhc0?oLp$KYw+t
zVGK}p#XV`;ej6C#kF|SRgCkFCf-<{^6YuPcQ}#`Mxnq{oxncK5OOK7mh2H=N`vT;h
zo%CP2Zsr$@H^AdGK00COL^uG#=4TGt^P|RB8}X*PcIm~>LQ(FUAJh+T;<Dxy_U-iD
zD<(aC)_;pAckiDR(OyT^p%i>&?bo?E3kCn%N^^fvZK2{=RrG))@0ixr6xkE$XZm2$
zwYP=jhi!D4p>zMEBSg7@tirM&;7ZJUO1#6C`z7^m$9<<D!@69r=L)JvJZ)oW3b6M0
zI>P2%m!G7E-%$962W}7}!pOAx1<8OmV13M1fku9(Mju~dE+>)tlyRir@KlX4(d>4}
zzaJ_@&)#A~+aN^!8cXai4pijgOj$g*v+xe8e=ok;V&9|QZWC@4bMo>BLw{h_KM)fo
x1>tPlh`-JDJB##{-rRRO5&rpW{5_@aZ>M}!oBR9&4g&J?10Aj50s=z^@;^dP_3Z!v

literal 0
HcmV?d00001

diff --git a/charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/_helpers.tpl b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/_helpers.tpl
new file mode 100644
index 0000000000..146bc45a14
--- /dev/null
+++ b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/_helpers.tpl
@@ -0,0 +1,30 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
diff --git a/charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/jobs.yaml b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/jobs.yaml
new file mode 100644
index 0000000000..6955e3b309
--- /dev/null
+++ b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/jobs.yaml
@@ -0,0 +1,102 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ .Chart.Name }}-create
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade, post-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+spec:
+  template:
+    metadata:
+      name: {{ .Chart.Name }}-create
+      labels:
+        app: {{ .Chart.Name }}
+    spec:
+      serviceAccountName: {{ .Chart.Name }}-manager
+      securityContext:
+        runAsNonRoot: false
+        runAsUser: 0
+      containers:
+        - name: create-crds
+          image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}
+          imagePullPolicy: IfNotPresent
+          command:
+          - /bin/sh
+          - -c
+          - >
+            echo "Applying CRDs...";
+            mkdir -p /etc/crd;
+            base64 -d /etc/config/crd-manifest.tgz.b64 | tar -xzv -C /etc/crd;
+            kubectl replace -Rf /etc/crd || kubectl create -Rf /etc/crd;
+            echo "Done!"
+          volumeMounts:
+            - name: crd-manifest
+              readOnly: true
+              mountPath: /etc/config
+      restartPolicy: OnFailure
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      {{- if .Values.nodeSelector }}
+      {{- toYaml .Values.nodeSelector | nindent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+      {{- if .Values.tolerations }}
+      {{- toYaml .Values.tolerations | nindent 8 }}
+      {{- end }}
+      volumes:
+      - name: crd-manifest
+        configMap:
+          name: {{ .Chart.Name }}-manifest
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ .Chart.Name }}-delete
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}
+  annotations:
+    "helm.sh/hook": pre-delete
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+spec:
+  template:
+    metadata:
+      name: {{ .Chart.Name }}-delete
+      labels:
+        app: {{ .Chart.Name }}
+    spec:
+      serviceAccountName: {{ .Chart.Name }}-manager
+      securityContext:
+        runAsNonRoot: false
+        runAsUser: 0
+      containers:
+        - name: delete-crds
+          image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}
+          imagePullPolicy: IfNotPresent
+          command:
+          - /bin/sh
+          - -c
+          - >
+            echo "Deleting CRDs...";
+            mkdir -p /etc/crd;
+            base64 -d /etc/config/crd-manifest.tgz.b64 | tar -xzv -C /etc/crd;
+            kubectl delete --ignore-not-found=true -Rf /etc/crd;
+          volumeMounts:
+            - name: crd-manifest
+              readOnly: true
+              mountPath: /etc/config
+      restartPolicy: OnFailure
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      {{- if .Values.nodeSelector }}
+      {{- toYaml .Values.nodeSelector | nindent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+      {{- if .Values.tolerations }}
+      {{- toYaml .Values.tolerations | nindent 8 }}
+      {{- end }}
+      volumes:
+      - name: crd-manifest
+        configMap:
+          name: {{ .Chart.Name }}-manifest
diff --git a/charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/manifest.yaml b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/manifest.yaml
new file mode 100644
index 0000000000..8dc9dfb447
--- /dev/null
+++ b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/manifest.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Chart.Name }}-manifest
+  namespace: {{ .Release.Namespace }}
+data:
+  crd-manifest.tgz.b64:
+  {{- .Files.Get "files/crd-manifest.tgz" | b64enc | indent 4 }}
diff --git a/charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/rbac.yaml b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/rbac.yaml
new file mode 100644
index 0000000000..a4d498b0fa
--- /dev/null
+++ b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/rbac.yaml
@@ -0,0 +1,76 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ .Chart.Name }}-manager
+  labels:
+    app: {{ .Chart.Name }}-manager
+rules:
+- apiGroups:
+  - apiextensions.k8s.io
+  resources:
+  - customresourcedefinitions
+  verbs: ['create', 'get', 'patch', 'delete', 'update', 'list']
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ .Chart.Name }}-manager
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ .Chart.Name }}-manager
+  labels:
+    app: {{ .Chart.Name }}-manager
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Chart.Name }}-manager
+subjects:
+- kind: ServiceAccount
+  name: {{ .Chart.Name }}-manager
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Chart.Name }}-manager
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}-manager
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ .Chart.Name }}-manager
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}-manager
+spec:
+  privileged: false
+  allowPrivilegeEscalation: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'configMap'
+    - 'secret'
+{{- end }}
diff --git a/charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/validate-psp-install.yaml b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring-crd/104.1.4+up57.0.3/values.yaml b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/values.yaml
new file mode 100644
index 0000000000..99e63600c4
--- /dev/null
+++ b/charts/rancher-monitoring-crd/104.1.4+up57.0.3/values.yaml
@@ -0,0 +1,17 @@
+# Default values for rancher-monitoring-crd.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+
+image:
+  repository: rancher/shell
+  tag: v0.2.1
+
+nodeSelector: {}
+
+tolerations: []
diff --git a/index.yaml b/index.yaml
index 39ca79ed74..2c7c4be85f 100755
--- a/index.yaml
+++ b/index.yaml
@@ -21219,6 +21219,20 @@ entries:
     urls:
     - assets/rancher-monitoring-crd/rancher-monitoring-crd-105.0.0+up57.0.3.tgz
     version: 105.0.0+up57.0.3
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cattle-monitoring-system
+      catalog.cattle.io/release-name: rancher-monitoring-crd
+    apiVersion: v2
+    created: "2025-02-25T21:46:36.555096828-03:00"
+    description: Installs the CRDs for rancher-monitoring.
+    digest: 009515ed4296f6e01eaffae24012e0f2a6b3350a155c22237530c366c3e02ccd
+    name: rancher-monitoring-crd
+    type: application
+    urls:
+    - assets/rancher-monitoring-crd/rancher-monitoring-crd-104.1.4+up57.0.3.tgz
+    version: 104.1.4+up57.0.3
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
diff --git a/release.yaml b/release.yaml
index cdf2216f5d..d4065d7c42 100644
--- a/release.yaml
+++ b/release.yaml
@@ -12,3 +12,5 @@ fleet-agent:
   - 104.1.5+up0.10.9
 rancher-monitoring:
   - 104.1.4+up57.0.3
+rancher-monitoring-crd:
+  - 104.1.4+up57.0.3

From bc746d82f4e9850ef77eba74d4e010ccb761a537 Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:47:41 -0300
Subject: [PATCH 10/19] fp: harvester-csi-driver 104.0.5+up0.1.23

---
 .../harvester-csi-driver-104.0.5+up0.1.23.tgz | Bin 0 -> 4029 bytes
 .../104.0.5+up0.1.23/.helmignore              |  23 +++
 .../104.0.5+up0.1.23/Chart.yaml               |  22 +++
 .../104.0.5+up0.1.23/questions.yml            |  11 ++
 .../104.0.5+up0.1.23/templates/NOTES.txt      |   1 +
 .../104.0.5+up0.1.23/templates/_helpers.tpl   |  62 +++++++
 .../104.0.5+up0.1.23/templates/csidriver.yaml |  10 ++
 .../104.0.5+up0.1.23/templates/daemonset.yaml | 152 ++++++++++++++++++
 .../templates/deployment.yaml                 | 120 ++++++++++++++
 .../104.0.5+up0.1.23/templates/rbac.yaml      |  75 +++++++++
 .../templates/storageclass.yaml               |  10 ++
 .../104.0.5+up0.1.23/values.yaml              |  56 +++++++
 index.yaml                                    |  26 +++
 release.yaml                                  |   2 +
 14 files changed, 570 insertions(+)
 create mode 100644 assets/harvester-csi-driver/harvester-csi-driver-104.0.5+up0.1.23.tgz
 create mode 100644 charts/harvester-csi-driver/104.0.5+up0.1.23/.helmignore
 create mode 100644 charts/harvester-csi-driver/104.0.5+up0.1.23/Chart.yaml
 create mode 100644 charts/harvester-csi-driver/104.0.5+up0.1.23/questions.yml
 create mode 100644 charts/harvester-csi-driver/104.0.5+up0.1.23/templates/NOTES.txt
 create mode 100644 charts/harvester-csi-driver/104.0.5+up0.1.23/templates/_helpers.tpl
 create mode 100644 charts/harvester-csi-driver/104.0.5+up0.1.23/templates/csidriver.yaml
 create mode 100644 charts/harvester-csi-driver/104.0.5+up0.1.23/templates/daemonset.yaml
 create mode 100644 charts/harvester-csi-driver/104.0.5+up0.1.23/templates/deployment.yaml
 create mode 100644 charts/harvester-csi-driver/104.0.5+up0.1.23/templates/rbac.yaml
 create mode 100644 charts/harvester-csi-driver/104.0.5+up0.1.23/templates/storageclass.yaml
 create mode 100644 charts/harvester-csi-driver/104.0.5+up0.1.23/values.yaml

diff --git a/assets/harvester-csi-driver/harvester-csi-driver-104.0.5+up0.1.23.tgz b/assets/harvester-csi-driver/harvester-csi-driver-104.0.5+up0.1.23.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..81171b545ac5ef762eab8eb1ab1fa0c693dc243c
GIT binary patch
literal 4029
zcmV;u4?^%CiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PH+#bK5wQ`OII@r(|n0*(LSxBYUdzRb?&Du4^W?D@tW*>*^{6
zku3>p5a0lyY|SM1+phrdE$ZP%oXL#v!KO%{A3%4b(G6fu<N}pO>4%E?k)#Wh-P1Xd
zI#`mJJ$sDO>-Boahllomuh(n-?;rGEKkFa9KI$C~2FLx^&wBl%!O_7p=sgPdEhSZ&
z$Y;F=<7zVZjTFMU&_q+g)zAY7i6%_Uf{<v<FrcCvqSSOsF&cs-Je;F!trk(0FtYSH
ziE#-3%%uuW$LBDzQq|h*I-Q`uK&hzUL-_N5pFlqt90WbT2mb~A;Gl0F|J>TtU{VPQ
zaR?TQS}KikYgM6!z$i~|TfZhKW2%+ExmLz}o!CL}pBb%#px;|ht3-xGVb(isI@j7P
zrG6;lL~!K#F3l39C6c(LwHKIf^+-ZL<gXS3k0eR?vlk44ffu0)B~7$__XhrnEQZin
z1DFcg7}kt}Yh2z48L6S?1Ladml$L3zQ;D8m((J{Aa!n{lX=^rm!rRa@dYRx5NRlub
zT1oW^zWTkxpcfqdB~3C8zqUGkbEVb(F9=IfJ=z4Y#r_YD`iD*Xf7I{q?f+Ah=P<%4
zNtp&W=vL3$gd*@fiB<*GsYs1II`BLilNp+MqiA7%0ECJ<qwjtKNKAyHTF7NFjda)8
zGgF?!<pQOo5h~Dg1d9hWnZeCmD1<1ZnYz!;LY3w$$iQea8$!pKwvK1Xas+V^p(F4e
z&ZyFoY@{@%QVNNY&jg>%h2&INnhltYa9`$ts<;<};2`LE4z8lVZ0?YCXtJg?!2Mv5
z0Zyb?P{Z~8fLEF~DDMXY`-W&u42b(c&)e2O9|VJ-?*Sw!V^@OFa5;qY>4nf&5*2do
z+1VhMfFX1`-ZW)w<)!x=-p{FmDMc1RNH|OoQiTy{0V=_ePM1zTgp{Zf!6V9NFxEnn
z8J;qt6bNo>%!ServebxU;F(|5S{9peG8pQ2Lg*2dL+CDu>@qs(W*@wei8MMDd`f4g
zs}zP3^@W|+I!5{o)GMOrL+BK3^Zt|9IOw7dyP<9GPbovy?RcIMu`x0XwXg$VkV%dj
zRo$`iv|uPpN6rVFPBGL&xDexTj#0|c4#G7qox`-CQd`eW63Xo-kr)U<4&m&UDy_DH
zvGOkk!=O%9D7cn_`3WN&o1lMA32Q(;yTvfoI{-!<Mr+~OmQ|;3O-*p7ZU`OQbshVv
zg-vh9#DuWSE!GU30ysZ2vznRtSlS`}+P3^YrFH(-7$=NqRNafq_h;ik-|C0p*fRh3
z`h(-f{D1uVXt1CEpQ4P@Fhr${eO*F?2@^|<S{;33RE??p^;Zbqx%EtNk*~qv^Jgd)
zWWhJ734hG8MgKp}ktHZqpp*MA1-9t_!QnyE|9^da)Z6R-Q<PtS?Y@EqjfbF6gK;~|
za{DAU-4f1m2(P-IKYON@cXpc)9$6b;R2{^$biM;GtLGcvoN|Ot>mtH5?0{cZwQhXi
z0*=O-K=8pWKC9jyd;%>~9>Vc~eWdX?olfa3bo>rvu#iXQ(UE#8k!S=`U~u-$H~==5
zW!4IoiNN~_9c)`)8w`da1rrQOst}Zj5q>DV5XZXpI290yz-Uahb2+tfMqf^x&pEmn
zo4Ur~G_L4(fp<QIEDq#=7%z!XuCnEeeMdFiP{s;JmM9>W_>9`!dO7!&%bupwqGOw`
zbl!n$zwgrdOciimSVo2?yN_;3W6>oJNNt`e=&ZfGBXNnOTu-6%C*}W1bsDf7(%ogP
z{jny2m7z7dlLfBKu-f6xWX08DWP)thA+}A*@on-|?Q-{=Esf!mS-&weWq1D4fzHRy
z-IYtkvEYtewIjK%vZHs7EDqGXYgrf?e}eLmrO_5v14qo3$|_qc{g@#PD$<qp#G4{c
zV7`$gX)H2|=%Vp-R+@Z*pHrc6+xX{ew!3vxlX}0EKo=|B+7-?M1no>xt~BAHgVU;K
zHFo}CmqOXvr_k&y=CNGm&Q<)FRs5J&Y&A%3nU%+{TbEZYa^CIS3xG8S`HxOXkKwlY
z{I%!irzl(ezfjRknjR1g-nRZbI5?{Ne}mqjw~zlmNvWoUlnZ$U*MD<%u<u<{9u3VJ
zFiYXZs7XXL8G4Xqa5CvA#AqJUfC|sJJf@P1|GmSXQz|hUnwbVYfT{Y26lszN|K1^q
zev(w<B@gi@s^{O2-!BtWF%i)@pNdQV*2SE&_6xz%7=NTw43{Cpw<1F2qBA~R8FrLL
zuKy4U{J^qB|09C2;0hnK8(_2k_Xqu>epCPZ$47hpe~MDof087s)cTPf`Z4Mjt-p)!
z0Z_@*uL~Y|kU2^QhxHFOf@g(y_X#-V5poTO225^uR3&5%5EC8Fe=OkJ3{{y|U&%gg
z$G_@jmUJ9Dc5)rcD5!LyDXd1!W^x`%(BB+E0D0#)gk?59N8<yLv&wJx&i5B5M=S4a
zawm!;Ds}SW<(tvy-Pw5j-Ac7AH&SHBG!@)Wh@PJqNyz-SdS(Saf3Bnk6PC^>SKan`
z#`q_J65(|PG4e%|1t+u_k+p9{F2F!)gXS`vMsD)~-Qe6Bd9Uzg+Xe<`OTIBE(`fMd
z^Kj>8n#}U?tWbDWNu{lTD)VghmMot?>;08T9BYvb8y$tWrSy~~6md*=wEDsHdv`*4
zSIt|$`C;p88G|pU(5(v0n!z_h)f}#}*a7Xns(f=&uqkJ2io!6JR4-2j*LbU&T|*a?
z;jH4y<i)up)=gPaq1e22sXt3rgJ4IP;RLlGQMsXYwOd-D)D*1>Yn^hN{-Dvxi<cLd
zqqC3aqg5S79wmZuee&Yv>G=HP*~RGU^8Dg`yRy6d<w=p?EXJ&B)1xlk92w(fE7o8%
z)`iV1Y+ZOAN>j(r{8m3SwW@|?8-&U-w|u$Qeq<fgW<S1{B3@Mi8zp>)(>CR(ZN=)h
zRIrWRs2jU&ZGo9FTS=>qOS^qbIlUcryI;=C6$2d<n?JUhxV9$7ynSkh4(kz{2GzeS
z(>Gmfw>IpSfo*1sFeYxUa@%#LLc)mK;@2=@03k`pgfglrswQV7YGKxg@xR6&-;Ca#
zUp$7Xbj&(i(PAP1B$DWovt<kIP&1V)7N`|d85O%P9@JrX4V0Sg-ste;Zcbw#g`%y9
zrAWvu8^OQRh)N92k8F2CS(+?5(b+h`JZO5_%%X^zeS9Bo3>e=w+`>tOi&g-3%4mM9
zH&x3frIn`5kBtdh2t9oaJ`Ju7c#LGnB1+kc;JW6FPW<-ot%7a$CY_IJ?-a@f4e?DF
z8oU?xSolFU$KFsqFH=929ZhAm=02yqsTThtF>7DXv`pYD*ecti%36)RQuoB=%vf#x
zw845coSVvKv7p>3R-dHY`?`g!?kcOO+jel(Ojrr7*ppVb-A!$-g3p^Yohi3Xdt}90
z$mOMUDX=;Lb!W@ph<}r1-G*${_U(xD5v=sxX<M<&52vwk*EW&1LehrS!@UXGbuE9d
zK5Utl9@2NsDQZ_T)=WxU<hwozt(l#+z^KngYo@6!Fj@iZ+PHlpTAhTxcA#@#TFbWh
zzugfSBY#K&U`zbJH#i(L<NpWy`2W+C4e|eC=pU8<@Uz|E45j)y$$<RaO3nJ$4zoC<
zcTF198H3+M=3tekZ#jLSX^bM(C;j-S*Iae^K0^|r^eyepcxcOazYx8X7cZ|aM;|ZV
zygeIVy*WMmZkO=iz0wC|^BTgZk0It_6cnBCsL?;edUi}{m&8V1^%0X9+0tv}xD<S$
z*!=H9+FjFZko~E$n}6|EAMQ2c5j3K5wr&@#s8;_Xnz4G;5BA!zp9{W#<mcx;cM<!d
z?iZ2y#tBsTA_Bh;m2SpGrc=tPUY5OWn0T}D*7)jftKcY=l+UuWn3T`XXIvDo-FZ<X
z>$TyjcFcQ}abs|w!}mhMyC2T_%`rEg{@HC}EKrrvvc@i_UCYC+)zWgNwuPd>7oo_%
zBT0#f-f&IZh9!|WMR~7r@!<yPY_5mU@Ac{tBoXDf%y2cCv@4yapqFJ^9~HgSzJb2Q
zM3x<M-rQUPxn)*E_@6dy{@-=ji}l$95H=QeO<Y<ef{EGkhx}-F$?04uUE#JRW$~Mj
z>wfJB$?v;tiT}w72_Jk9%$EKChpz`K=Rf;{!+rekDN4g{bfLd-&7Jv{_W%06U%TbX
z$}dUvTuAzhbz@dfH@I6r-U)_(r}l=B2Q&OAteAN{bM{F>?Rkj}{CEH>?A(ibl}`SR
zq0TN5X_bf4OyAYV-9-`}HiW;Cu}c|dJ(!Q3na80M3LzuPt88?@&F2!8NM(qwqU{)!
ze_NoOxc4*Eoxeio#yCIbfl*~&L}qqI^OPnLaZjP0TOEuhA@#F9?KFgnX4OKHkkIZ4
zTT4++NI_YKy+%=zf6T~jA+6I{C8d)TXL>RZrgK*+z5o#+BQ$PO^7RPmDou2{LXShz
z0=XdpEqL<5XGE!$E^lYF4G$-YnhPClN0<$6)?g#X$3$dYYvgyux3dnJRobq4)2gfO
zka1yYUV(cDMZ5#HL_`nbfh37)hny$ku#FjmU{|$p{d`|3-BD&-I4RyHF4g{Dr-8c(
z&<fgI&sX}Y7}LA>e_Q<jstLIFI$+!R-^1Q<Gyng(x4-}8Ny;wgf2&6*TKuc(2J6Ok
z!T>b^YFt5}io{cx-Lj`;iXG2xSN~w;-rhN*%B||v%MRC_J(g}l%wxtQJGpvJk1`Mc
zt%z_4=W&b?B^v+0F@{$C59Y{XY9o7(fn%HgA2rYa_m2*b_vingq&$Z!qBTmcKnrkV
z4mWe;Fi9!1_hlv|ye2bLL4Mz+N|QuLtw7C@F_<wianV@HXMY8WjA*(*8$+zTCp_|=
z14p+79$qFAr}P#hmxTC_?*h2wYzczfmWCuqPy(YI11}hjKN>TH-gC(ApZRb)hKNe#
z1v9F<_OBz~3nstFuKk<8n9sWAPySOac((*JA>nnJ*t@Tk_bN~~iT5g)kZbQ%pkwna
zB%OJ${?B_3ABdzPRd7B!Q(llrVV25XKqDkwS6zyKd%;45BEs&sU{+f7|K}8ywc)|?
zF>Zj~I{&ZS|9{-??eG78k`fY)Ga>D1uZ{P&ueol&5EavWK_n#;mLGv=92m%hD?>On
zU%?%auzF{0g$Gc(e!erVT;XetNq*y8rFqct0A?;Y*2ymYF|S;rL1{_(%mTJwhR|u8
jD(F@ZYkZqmxbDlo?90B~tNece00960K!kzi0B8UJ1?BiW

literal 0
HcmV?d00001

diff --git a/charts/harvester-csi-driver/104.0.5+up0.1.23/.helmignore b/charts/harvester-csi-driver/104.0.5+up0.1.23/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/harvester-csi-driver/104.0.5+up0.1.23/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/harvester-csi-driver/104.0.5+up0.1.23/Chart.yaml b/charts/harvester-csi-driver/104.0.5+up0.1.23/Chart.yaml
new file mode 100644
index 0000000000..ffeff3b5d1
--- /dev/null
+++ b/charts/harvester-csi-driver/104.0.5+up0.1.23/Chart.yaml
@@ -0,0 +1,22 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/display-name: Harvester CSI Driver
+  catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.31.0-0'
+  catalog.cattle.io/namespace: kube-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux
+  catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
+  catalog.cattle.io/release-name: harvester-csi-driver
+  catalog.cattle.io/ui-component: harvester-csi-driver
+  catalog.cattle.io/upstream-version: 0.1.23
+apiVersion: v2
+appVersion: v0.2.2
+description: A Helm chart for Harvester CSI driver
+keywords:
+- infrastructure
+- harvester
+maintainers:
+- name: harvester
+name: harvester-csi-driver
+type: application
+version: 104.0.5+up0.1.23
diff --git a/charts/harvester-csi-driver/104.0.5+up0.1.23/questions.yml b/charts/harvester-csi-driver/104.0.5+up0.1.23/questions.yml
new file mode 100644
index 0000000000..0c703a0f29
--- /dev/null
+++ b/charts/harvester-csi-driver/104.0.5+up0.1.23/questions.yml
@@ -0,0 +1,11 @@
+categories:
+- infrastructure
+- harvester
+namespace: kube-system
+questions:
+- variable: cloudConfig.hostPath
+  label: Cloud config file path
+  description: "Specify the path of the cloud config."
+  group: "Default"
+  type: string
+  default: "/etc/kubernetes/cloud-config"
diff --git a/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/NOTES.txt b/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/NOTES.txt
new file mode 100644
index 0000000000..ba09c6d518
--- /dev/null
+++ b/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/NOTES.txt
@@ -0,0 +1 @@
+Successfully deployed Harvester CSI driver to the {{ .Release.Namespace }} namespace.
diff --git a/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/_helpers.tpl b/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/_helpers.tpl
new file mode 100644
index 0000000000..def471b21d
--- /dev/null
+++ b/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/_helpers.tpl
@@ -0,0 +1,62 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "harvester-csi-driver.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "harvester-csi-driver.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "harvester-csi-driver.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "harvester-csi-driver.labels" -}}
+helm.sh/chart: {{ include "harvester-csi-driver.chart" . }}
+{{ include "harvester-csi-driver.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "harvester-csi-driver.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "harvester-csi-driver.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Global system default registry
+*/}}
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/csidriver.yaml b/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/csidriver.yaml
new file mode 100644
index 0000000000..5fc6ec84a2
--- /dev/null
+++ b/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/csidriver.yaml
@@ -0,0 +1,10 @@
+apiVersion: storage.k8s.io/v1
+kind: CSIDriver
+metadata:
+  name: driver.harvesterhci.io
+spec:
+  attachRequired: true
+  fsGroupPolicy: ReadWriteOnceWithFSType
+  podInfoOnMount: true
+  volumeLifecycleModes:
+    - Persistent
diff --git a/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/daemonset.yaml b/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/daemonset.yaml
new file mode 100644
index 0000000000..6ccb3203a0
--- /dev/null
+++ b/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/daemonset.yaml
@@ -0,0 +1,152 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: {{ include "harvester-csi-driver.name" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+  {{- include "harvester-csi-driver.labels" . | nindent 4 }}
+spec:
+  selector:
+    matchLabels:
+      component: csi-driver
+      {{- include "harvester-csi-driver.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        component: csi-driver
+        {{- include "harvester-csi-driver.selectorLabels" . | nindent 8 }}
+    spec:
+      containers:
+        - args:
+            - --v=5
+            - --csi-address=$(ADDRESS)
+            - --kubelet-registration-path={{ .Values.kubeletRootDir }}/harvester-plugins/driver.harvesterhci.io/csi.sock
+          env:
+            - name: ADDRESS
+              value: /csi/csi.sock
+          image: {{ template "system_default_registry" . }}{{ .Values.image.csi.nodeDriverRegistrar.repository }}:{{ .Values.image.csi.nodeDriverRegistrar.tag }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          lifecycle:
+            preStop:
+              exec:
+                command:
+                  - /bin/sh
+                  - -c
+                  - rm -rf /registration/driver.harvesterhci.io-reg.sock
+                    /csi//*
+          name: node-driver-registrar
+          securityContext:
+            privileged: true
+          volumeMounts:
+            - mountPath: /csi/
+              name: socket-dir
+            - mountPath: /registration
+              name: registration-dir
+        - args:
+            - --nodeid=$(NODE_ID)
+            - --endpoint=$(CSI_ENDPOINT)
+            - --kubeconfig=/var/lib/harvester/cloud-provider-config
+            {{- if .Values.hostStorageClass }}
+            - --host-storage-class={{ .Values.hostStorageClass }}
+            {{- end }}
+          env:
+            - name: NODE_ID
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: spec.nodeName
+            - name: CSI_ENDPOINT
+              value: unix:///csi/csi.sock
+          image: {{ template "system_default_registry" . }}{{ .Values.image.harvester.csiDriver.repository }}:{{ .Values.image.harvester.csiDriver.tag | default .Chart.AppVersion }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          lifecycle:
+            preStop:
+              exec:
+                command:
+                  - /bin/sh
+                  - -c
+                  - rm -f /csi//*
+          name: harvester-csi-driver
+          securityContext:
+            allowPrivilegeEscalation: true
+            capabilities:
+              add:
+                - SYS_ADMIN
+            privileged: true
+          volumeMounts:
+            - name: cloud-config
+              readOnly: true
+              mountPath: /var/lib/harvester
+            - name: kubernetes
+              readOnly: true
+              mountPath: /etc/kubernetes
+            - mountPath: {{ .Values.kubeletRootDir }}/plugins/kubernetes.io/csi
+              mountPropagation: Bidirectional
+              name: kubernetes-csi-dir
+            - mountPath: /csi/
+              name: socket-dir
+            - mountPath: {{ .Values.kubeletRootDir }}/pods
+              mountPropagation: Bidirectional
+              name: pods-mount-dir
+            - mountPath: /dev
+              name: host-dev
+            - mountPath: /sys
+              name: host-sys
+            - mountPath: /rootfs
+              mountPropagation: Bidirectional
+              name: host
+            - mountPath: /lib/modules
+              name: lib-modules
+              readOnly: true
+      hostPID: true
+      serviceAccountName: {{ include "harvester-csi-driver.name" . }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
+      volumes:
+        - name: cloud-config
+        {{- if .Values.cloudConfig.secretName }}
+          secret:
+            secretName: {{ .Values.cloudConfig.secretName }}
+        {{- else }}
+          hostPath:
+            path: {{ .Values.cloudConfig.hostPath }}
+            type: DirectoryOrCreate
+        {{- end }}
+        - hostPath:
+            path: /etc/kubernetes
+            type: DirectoryOrCreate
+          name: kubernetes
+        - hostPath:
+            path: {{ .Values.kubeletRootDir }}/plugins/kubernetes.io/csi
+            type: DirectoryOrCreate
+          name: kubernetes-csi-dir
+        - hostPath:
+            path: {{ .Values.kubeletRootDir }}/plugins_registry
+            type: Directory
+          name: registration-dir
+        - hostPath:
+            path: {{ .Values.kubeletRootDir }}/harvester-plugins/driver.harvesterhci.io
+            type: DirectoryOrCreate
+          name: socket-dir
+        - hostPath:
+            path: {{ .Values.kubeletRootDir }}/pods
+            type: DirectoryOrCreate
+          name: pods-mount-dir
+        - hostPath:
+            path: /dev
+          name: host-dev
+        - hostPath:
+            path: /sys
+          name: host-sys
+        - hostPath:
+            path: /
+          name: host
+        - hostPath:
+            path: /lib/modules
+          name: lib-modules
diff --git a/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/deployment.yaml b/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/deployment.yaml
new file mode 100644
index 0000000000..0b592251ce
--- /dev/null
+++ b/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/deployment.yaml
@@ -0,0 +1,120 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "harvester-csi-driver.name" . }}-controllers
+  namespace: {{ .Release.Namespace }}
+  labels:
+  {{- include "harvester-csi-driver.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.replicasCount }}
+  selector:
+    matchLabels:
+      component: csi-controllers
+      {{- include "harvester-csi-driver.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        component: csi-controllers
+        {{- include "harvester-csi-driver.selectorLabels" . | nindent 8 }}
+    spec:
+      containers:
+        - args:
+            - --v=5
+            - --csi-address=$(ADDRESS)
+            - --timeout=1m50s
+            - --leader-election
+            - --leader-election-namespace=$(POD_NAMESPACE)
+          env:
+            - name: ADDRESS
+              value: /csi/csi.sock
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+          image: {{ template "system_default_registry" . }}{{ .Values.image.csi.resizer.repository }}:{{ .Values.image.csi.resizer.tag }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          name: csi-resizer
+          volumeMounts:
+            - mountPath: /csi/
+              name: socket-dir
+        - args:
+            - --v=5
+            - --csi-address=$(ADDRESS)
+            - --timeout=1m50s
+            - --leader-election
+            - --leader-election-namespace=$(POD_NAMESPACE)
+            - --default-fstype=ext4
+          env:
+            - name: ADDRESS
+              value: /csi/csi.sock
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+          image: {{ template "system_default_registry" . }}{{ .Values.image.csi.provisioner.repository }}:{{ .Values.image.csi.provisioner.tag }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          name: csi-provisioner
+          volumeMounts:
+            - mountPath: /csi/
+              name: socket-dir
+        - args:
+            - --v=5
+            - --csi-address=$(ADDRESS)
+            - --timeout=1m50s
+            - --leader-election
+            - --leader-election-namespace=$(POD_NAMESPACE)
+          env:
+            - name: ADDRESS
+              value: /csi/csi.sock
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+          image: {{ template "system_default_registry" . }}{{ .Values.image.csi.attacher.repository }}:{{ .Values.image.csi.attacher.tag }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          name: csi-attacher
+          volumeMounts:
+            - mountPath: /csi/
+              name: socket-dir
+      serviceAccountName: {{ include "harvester-csi-driver.name" . }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            # For RKE1
+            - matchExpressions:
+              - key: node-role.kubernetes.io/controlplane
+                operator: Exists
+            # For RKE2
+            - matchExpressions:
+              - key: node-role.kubernetes.io/control-plane
+                operator: Exists
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+          - weight: 100
+            podAffinityTerm:
+              labelSelector:
+                matchExpressions:
+                - key: app.kubernetes.io/name
+                  operator: In
+                  values: [harvester-csi-driver]
+                - key: component
+                  operator: In
+                  values: [csi-controllers]
+              topologyKey: kubernetes.io/hostname
+      volumes:
+        - hostPath:
+            path: {{ .Values.kubeletRootDir }}/harvester-plugins/driver.harvesterhci.io
+            type: DirectoryOrCreate
+          name: socket-dir
diff --git a/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/rbac.yaml b/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/rbac.yaml
new file mode 100644
index 0000000000..2ba042a26b
--- /dev/null
+++ b/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/rbac.yaml
@@ -0,0 +1,75 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "harvester-csi-driver.name" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+  {{- include "harvester-csi-driver.labels" . | nindent 4 }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "harvester-csi-driver.name" . }}
+  labels:
+  {{- include "harvester-csi-driver.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ include "harvester-csi-driver.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "harvester-csi-driver.name" . }}
+    namespace: {{ .Release.Namespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "harvester-csi-driver.name" . }}
+  labels:
+  {{- include "harvester-csi-driver.labels" . | nindent 4 }}
+rules:
+  - apiGroups: [ "coordination.k8s.io" ]
+    resources: [ "leases" ]
+    verbs: [ "get", "watch", "list", "delete", "update", "create" ]
+  - apiGroups: [ "storage.k8s.io" ]
+    resources: [ "csistoragecapacities" ]
+    verbs: [ "get", "list", "watch", "create", "update", "patch", "delete" ]
+  - apiGroups: [""]
+    resources: ["persistentvolumes"]
+    verbs: [ "get", "list", "watch", "create","update", "patch", "delete" ]
+  - apiGroups: [""]
+    resources: ["persistentvolumeclaims"]
+    verbs: ["get", "list", "watch", "create","update", "patch", "delete" ]
+  - apiGroups: [""]
+    resources: ["persistentvolumeclaims/status"]
+    verbs: ["patch"]
+  - apiGroups: ["storage.k8s.io"]
+    resources: ["storageclasses"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["snapshot.storage.k8s.io"]
+    resources: ["volumesnapshots"]
+    verbs: ["get", "list"]
+  - apiGroups: ["snapshot.storage.k8s.io"]
+    resources: ["volumesnapshotcontents"]
+    verbs: ["get", "list"]
+  - apiGroups: [ "storage.k8s.io" ]
+    resources: [ "csinodes" ]
+    verbs: [ "get", "list", "watch" ]
+  - apiGroups: [ "" ]
+    resources: [ "events" ]
+    verbs: [ "list", "watch", "create", "update", "patch" ]
+  - apiGroups: [ "" ]
+    resources: [ "pods" ]
+    verbs: [ "get", "list", "watch" ]
+  - apiGroups: [ "apps" ]
+    resources: [ "replicasets" ]
+    verbs: [ "get" ]
+  - apiGroups: [""]
+    resources: ["nodes"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["storage.k8s.io"]
+    resources: ["volumeattachments"]
+    verbs: ["get", "list", "watch", "patch"]
+  - apiGroups: [ "storage.k8s.io" ]
+    resources: [ "volumeattachments/status" ]
+    verbs: [ "patch" ]
diff --git a/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/storageclass.yaml b/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/storageclass.yaml
new file mode 100644
index 0000000000..a29c9c7da0
--- /dev/null
+++ b/charts/harvester-csi-driver/104.0.5+up0.1.23/templates/storageclass.yaml
@@ -0,0 +1,10 @@
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: harvester
+  annotations:
+    storageclass.kubernetes.io/is-default-class: "true"
+allowVolumeExpansion: true
+provisioner: driver.harvesterhci.io
+reclaimPolicy: Delete
+volumeBindingMode: Immediate
diff --git a/charts/harvester-csi-driver/104.0.5+up0.1.23/values.yaml b/charts/harvester-csi-driver/104.0.5+up0.1.23/values.yaml
new file mode 100644
index 0000000000..fe6b120cbd
--- /dev/null
+++ b/charts/harvester-csi-driver/104.0.5+up0.1.23/values.yaml
@@ -0,0 +1,56 @@
+# Default values for harvester-csi-driver.
+
+replicasCount: 3
+
+image:
+  harvester:
+    csiDriver:
+      repository: rancher/harvester-csi-driver
+      # Overrides the image tag whose default is the chart appVersion.
+      tag: "v0.2.2"
+  csi:
+    nodeDriverRegistrar:
+      repository: rancher/mirrored-longhornio-csi-node-driver-registrar
+      tag: v2.3.0
+    resizer:
+      repository: rancher/mirrored-longhornio-csi-resizer
+      tag: v1.2.0
+    provisioner:
+      repository: rancher/mirrored-longhornio-csi-provisioner
+      tag: v2.1.2
+    attacher:
+      repository: rancher/mirrored-longhornio-csi-attacher
+      tag: v3.2.1
+  pullPolicy: IfNotPresent
+
+nameOverride: ""
+fullnameOverride: ""
+
+# This field can be used to specify the corresponding StorageClass on the host cluster.
+hostStorageClass: ""
+kubeletRootDir: /var/lib/kubelet
+cloudConfig:
+  secretName: ""
+  hostPath: "/var/lib/rancher/rke2/etc/config-files/"
+
+nodeSelector:
+  kubernetes.io/os: linux
+
+tolerations:
+  - effect: NoSchedule
+    key: kubevirt.io/drain
+    operator: Exists
+  - effect: NoSchedule
+    key: node-role.kubernetes.io/control-plane
+    operator: Equal
+  - effect: NoExecute
+    key: node-role.kubernetes.io/etcd
+    operator: Equal
+  - key: cattle.io/os
+    operator: Equal
+    value: "linux"
+    effect: NoSchedule
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
diff --git a/index.yaml b/index.yaml
index 2c7c4be85f..aca0d3c446 100755
--- a/index.yaml
+++ b/index.yaml
@@ -4049,6 +4049,32 @@ entries:
     urls:
     - assets/harvester-csi-driver/harvester-csi-driver-105.0.0+up0.1.21.tgz
     version: 105.0.0+up0.1.21
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/display-name: Harvester CSI Driver
+      catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.31.0-0'
+      catalog.cattle.io/namespace: kube-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux
+      catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
+      catalog.cattle.io/release-name: harvester-csi-driver
+      catalog.cattle.io/ui-component: harvester-csi-driver
+      catalog.cattle.io/upstream-version: 0.1.23
+    apiVersion: v2
+    appVersion: v0.2.2
+    created: "2025-02-25T21:47:20.718578748-03:00"
+    description: A Helm chart for Harvester CSI driver
+    digest: e1bc2269dbea2acdd61de4c73de6bd60d9e81be6ba53aea744a2ff295b027c84
+    keywords:
+    - infrastructure
+    - harvester
+    maintainers:
+    - name: harvester
+    name: harvester-csi-driver
+    type: application
+    urls:
+    - assets/harvester-csi-driver/harvester-csi-driver-104.0.5+up0.1.23.tgz
+    version: 104.0.5+up0.1.23
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/display-name: Harvester CSI Driver
diff --git a/release.yaml b/release.yaml
index d4065d7c42..5c4897c6b3 100644
--- a/release.yaml
+++ b/release.yaml
@@ -14,3 +14,5 @@ rancher-monitoring:
   - 104.1.4+up57.0.3
 rancher-monitoring-crd:
   - 104.1.4+up57.0.3
+harvester-csi-driver:
+  - 104.0.5+up0.1.23

From e80cb0fcd65f0feb51dd90a61b42b3037cc58298 Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:48:35 -0300
Subject: [PATCH 11/19] fp: rancher-cis-benchmark 6.7.0

---
 .../rancher-cis-benchmark-6.7.0.tgz           | Bin 0 -> 6162 bytes
 charts/rancher-cis-benchmark/6.7.0/Chart.yaml |  22 ++
 charts/rancher-cis-benchmark/6.7.0/README.md  |   9 +
 .../rancher-cis-benchmark/6.7.0/app-readme.md |  34 +++
 .../6.7.0/templates/_helpers.tpl              |  27 +++
 .../6.7.0/templates/alertingrule.yaml         |  14 ++
 .../6.7.0/templates/benchmark-aks-1.0.yaml    |   8 +
 .../6.7.0/templates/benchmark-cis-1.8.yaml    |   9 +
 .../6.7.0/templates/benchmark-cis-1.9.yaml    |   8 +
 .../6.7.0/templates/benchmark-eks-1.2.0.yaml  |   8 +
 .../6.7.0/templates/benchmark-gke-1.2.0.yaml  |   9 +
 .../6.7.0/templates/benchmark-gke-1.6.0.yaml  |   8 +
 .../benchmark-k3s-cis-1.8-hardened.yaml       |   9 +
 .../benchmark-k3s-cis-1.8-permissive.yaml     |   9 +
 .../templates/benchmark-k3s-cis-1.9.yaml      |   8 +
 .../benchmark-rke-cis-1.8-hardened.yaml       |   8 +
 .../benchmark-rke-cis-1.8-permissive.yaml     |   8 +
 .../benchmark-rke2-cis-1.8-hardened.yaml      |   9 +
 .../benchmark-rke2-cis-1.8-permissive.yaml    |   9 +
 .../templates/benchmark-rke2-cis-1.9.yaml     |   8 +
 .../6.7.0/templates/cis-roles.yaml            |  49 ++++
 .../6.7.0/templates/configmap.yaml            |  18 ++
 .../6.7.0/templates/deployment.yaml           |  61 +++++
 .../templates/network_policy_allow_all.yaml   |  15 ++
 .../patch_default_serviceaccount.yaml         |  29 +++
 .../6.7.0/templates/rbac.yaml                 | 211 ++++++++++++++++++
 .../6.7.0/templates/scanprofile-cis-1.8.yaml  |   9 +
 .../6.7.0/templates/scanprofile-cis-1.9.yaml  |   9 +
 .../scanprofile-k3s-cis-1.8-hardened.yml      |   9 +
 .../scanprofile-k3s-cis-1.8-permissive.yml    |   9 +
 .../templates/scanprofile-k3s-cis-1.9.yaml    |   9 +
 .../scanprofile-rke-1.8-hardened.yaml         |   9 +
 .../scanprofile-rke-1.8-permissive.yaml       |   9 +
 .../scanprofile-rke2-cis-1.8-hardened.yml     |   9 +
 .../scanprofile-rke2-cis-1.8-permissive.yml   |   9 +
 .../templates/scanprofile-rke2-cis-1.9.yaml   |   9 +
 .../6.7.0/templates/scanprofileaks.yml        |   9 +
 .../6.7.0/templates/scanprofileeks.yml        |   9 +
 .../6.7.0/templates/scanprofilegke-1.6.0.yml  |   9 +
 .../6.7.0/templates/scanprofilegke.yml        |   9 +
 .../6.7.0/templates/serviceaccount.yaml       |  14 ++
 .../6.7.0/templates/validate-install-crd.yaml |  17 ++
 .../rancher-cis-benchmark/6.7.0/values.yaml   |  53 +++++
 index.yaml                                    |  26 +++
 release.yaml                                  |   2 +
 45 files changed, 845 insertions(+)
 create mode 100644 assets/rancher-cis-benchmark/rancher-cis-benchmark-6.7.0.tgz
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/Chart.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/README.md
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/app-readme.md
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/_helpers.tpl
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/alertingrule.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/benchmark-aks-1.0.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/benchmark-cis-1.8.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/benchmark-cis-1.9.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/benchmark-eks-1.2.0.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/benchmark-gke-1.2.0.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/benchmark-gke-1.6.0.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/benchmark-k3s-cis-1.8-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/benchmark-k3s-cis-1.8-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/benchmark-k3s-cis-1.9.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke-cis-1.8-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke-cis-1.8-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke2-cis-1.8-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke2-cis-1.8-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke2-cis-1.9.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/cis-roles.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/configmap.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/deployment.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/network_policy_allow_all.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/patch_default_serviceaccount.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/rbac.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-cis-1.8.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-cis-1.9.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-k3s-cis-1.8-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-k3s-cis-1.8-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-k3s-cis-1.9.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke-1.8-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke-1.8-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke2-cis-1.8-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke2-cis-1.8-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke2-cis-1.9.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/scanprofileaks.yml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/scanprofileeks.yml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/scanprofilegke-1.6.0.yml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/scanprofilegke.yml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-cis-benchmark/6.7.0/values.yaml

diff --git a/assets/rancher-cis-benchmark/rancher-cis-benchmark-6.7.0.tgz b/assets/rancher-cis-benchmark/rancher-cis-benchmark-6.7.0.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..e462e4ba894191478328ede01c723d7985eea12f
GIT binary patch
literal 6162
zcmV+t813gDiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PKB#Z`(N1|Ni^cs~9-<McchdwrnS9joSmV-8_fv^%s)t9TvSs
zN=vlOvrKA9D&9Oz-}?iSlB{2jV#ik6I}M7)mZ%|zoX^aVqK6z&Z-%+;5n+!p^=1pi
z=iS#c#HDkK7QuHrpkA-nJ01@8-(Ig*{OcZ_48C)RCr8J<zUvO$?|Sahpnvoo^mb8s
z9YsPS{$20UbrpsCMhH>LB$9+tF|q(WBvHVoj)$ZSutQiEMUvTs3W<VX1eNMyd))tF
zfuuL9<ltd0$%J4(eY~=mPed4?TbrT<9>MGLOZYLVptAft8e{tgb3qs#!Lz^q0It(N
zae8(S{sOKuaMj0Wm5-__M2I{*0wo9wF-MYdTignX7nP4NF@k{5=#R>~A?6Drg`Ji<
zToUTDrKm2=*$wfru%|a%w_tV8@q$Q5%!P-j=-#-M&nJVB6Ta`fie>LRZg0Kp90wQ)
z9Cvf&cve0qZ$s5xrg^qxET}9N5!+*nkWozKI`$|e|45pC<60;TS6`2v6Q^hSSa_U-
zQeV58;oL9*rf3{s0X(9V(5cpylsgFQMV!c6(0vGu0s^HgoMMUffEXDp;wkPkDMK;p
zc0FbCgcG+|YrYUzif+KBOmtNPw8rU*9C0(X=J<BWxGzSQomOhy*RAPz86lq<`kJck
z{|yQvEOzApYV3c1IB<*h|LCZ-|BcWA{Ddbc3M7~@hY91=>g!ksa5W<WhyVn?p1yr!
zPZ(byDX|X|5@1!}C+r1?W4J+_7?4T^V+^4JlMjSS2DdEYAn_s$ki^2VEV4jTti2Br
z3CPt~0FFZ@h-CaW#Z)(I3Uncfrpk^uedox66p5D}qU)I?rEFy+GF*Dj&>1K$jIwdW
zZr5{I5Y8FLzMT|JKjhdQoj85V;#jbVdsvL%^A`)?0RD*~5)lf5Tj1DZiv^}WP$pG>
zi4c2aatnSuGU?NRsILkH7~NoyYA}!*43AOa5f%x}+M6-rVLgy?rmDf*F(Zcp!GKVY
zD-R&Rn<46%zg%i_s;niZH-s~~z*GuY5;=o_DC@3yr%gEo5qUFJ{aZqbvWyO#Pt@3g
z&tQpYPLj-H5jE0E-M9%00=6V{s<{V*sv^k$cO>-vg{pvJ4-0|#?V*;R;|0^wWAGv#
z+`^b6-8U17IXqi+^)n}Cs$BC(e+KZvXasJrw}`(l@Inu(+kg3%#3KG4Ve!x>tb+r1
z$9xO{8sosgCuBY#A;?sBqAGELCo500az;ArVV>x!F|wx-@o|?jAKL;4*i+uGYaJX|
z>e8jY!njr-#qtdi64(UPO^}GF(UJ@#3luakJXdlMjs^TZtq*jNbo|1KOX;W&KK^D|
zS=9W@#!7Z}gE=QYzRH%Jpg<^1C^0~j386&Zn)XctHby}lP|5%s7@6=Ywl^1eN`zD$
z+3D!Jv0Hwp9jLyhI?9v5dJM(|@>bxL<GPlG0?f@AnrOjawO!yF%ym<jh*P6`3oJSD
z#0SRZ2wwJHekI;{|5WY&Q|sKlp5Y+GTsSh^Iuxjz{|)-Xg8x4`ar>?RZ-PF5?tTwv
zR74y@IxSKzUSMOP1zKQGh`C+PFvswH_sbXS^JiOmCqglF)chrVvIF)P<=|8S=fX@i
zoOdbTyVR$3Dkfg$VfCnThU#;!B2(x(=5Wnp1G0LGOu+eviCm2VO6Db%h9`Y2<b=uz
zbpF5ScD7=G1A)^oow5`KiMrog|1`71#OA@01OXu5PrFAObnQ&^bW&S+acHR`V;rz$
zd^ux=mGNIPJ`Wi31$Zn9R8bJ#4Es@lb=)9lOyDd>t2CPWrmdY&hPjc+hB;RDIy);?
zc3MY{qxe~M0Z%5_lOyQ7W0!IL>T(*}LFerE2nC(>W1VS+h&`WaL*99=X60E<PmQT>
ziR$dX_M?POc@*Gn=Yuu&zc)N7%>VkmlcPav|C^wK-85m76UR&j^|qZ`u~{&x!Z1Ro
zj>kA=!tvOmd*fPjLj4hZVE$WE!dhU7d?b;I!piF+A@l8+SA0KSlKcEQogJ3EivwT2
zSZY==(t%tY6YBs_FF?N0QMkDP`K7h)%KQ|jkRkKmn)vUG`XN)HwBlexsKY^zh&Vh<
zt;~Opk*UM~YLOSsh3z`MEsQ`N{`<xFukZGchAsY^pdz~SkV#Sf+5{?UdbnDZFXKDb
zkrbhEeDlF9cynDq&9(?#O-j?MJFep%Ilaz*3beindN}@73D<eK5BwjO@qf~5@!tgP
z7XPu1tjE7z*I5hy{;`6;a^-)lE$~NcA9hKb;{VlN{QsbY|KryGH$wZs|EsO>f6}`D
zhUww>$2zv_Z!rU?$NzB=|HFQ}{@V!c7XPV^thWHTodJAJ^l<!7=XhWEKRzkp-)-0b
z8lm0dKh=@-_@B;kJ^t^T0=#Ue06U~j@qgTq|8L*_HbeWs|M4U6-+$Hm|0e0-_@56%
zvIc0+5ce^~{=-Z`9sUQsegXf3qy9;Y|0Za+_^;BD^`>AxxOXbht_C(h+u>jT-a!a*
z^PoKe_4qHY{}0_^yZ^fp+8_Q`I?`Hzua~yL|EBK%YUBSwuNeQI9JlZP8lipR|DJaM
zb)auw0yIbu$3LIrJ;ne1VR8T8;JBUtH$%I{f0d4`Hw3(9Dd4y@1be6L@W0#mzdtO#
z{~xN5pv8X!v_JemB>rzLz*Eyk`0sBQ0Bk=09~_^w`+pjto#Vf(Blp6;-_HM^l(xkG
zMgc%Q{)_MbhJ!Z#Z-(}W{|5#Dtp#{W+6w<0E&$fA{}tc=_1!lAS2MIX{NJ+xSPS}g
z1+X!y!@s)DS@5W2P&N4PyQTQQ=N`E&{+pm8{`nYr4vOTAaq_?V$N$d!rKqw67c9VQ
zegc5}1)&y?0v!L47KP+*oJC>!%UnBeXyObnN#>qap;b1#R5?Y}-H@{h32^1T%8ML_
zj7xLt2J^8P!N-orF_O4*2%RYO<4-;gu=x}s>CHNaohg>;>(YFMPC$h0{I*ukVv4+i
ztnjge!cb@itLr*thPqdY&$w{f?#)^h=i903Zbm0$x<FyJU(&nJzJFHwG5Ai@<%Zzp
zH>fTDWqPol|5MwrmbRx_|DUMB{``OM<hU6B>y!Yk|8Ia|8?8tAEeeadS<41H&QN4m
zo6}9wcqDvRDJV0uj1MtS2r*C7B*lqyImp`(Tc9QqBe=7*k@}14^j)WC-a*7I$}B<H
zuG8=7f`9#?w&Y90yI;vXnc(z$6%UtdNasUIX$t_)#RxihE|P1?5>J&dooS{`dMCBI
zg>-q8FFzlsi<uo4*_-hwjZB`c+|B&>*WusCVZd$|m_8yMcn$uC!&3f_-f-By|7(P@
zcvtbqDsKBJ9r-n3TPB0fCa{M%Ri+6y9+aYI*9m`;2F83c(kTjZEFa7iAZe!ljQI`m
z@Tupqh{|`RPP5|z$P`H0&!|L%Vx9@cDm&beNt_GMa(%uwO`hug&!5v&Px@gelXBNt
zrPzcoUq<&9m1qiIzC6pf<U<q$A6P)V+Yy{k-ZA-sV}VoQK<87+bZkbpB*7A-ly-&5
z$(d<QoTDm}veT%QAxv+|HC&#({^jEQ>euVb*Qf8U&)=T@?JQGOoWJf7y_ij(n(xMk
zH0Ap0^lz2Txu+5{0A=p)-@X6wm-oN!L&iA0ah-g*7Ccn6g!dY;UY}oHpT0S}xVpT4
zdv<kk{`&Iz!~2V?GUsP?dh+Z(-j`?pI8$SDZ;NBLNfz0f=AOMf{qfD&PY>akBwfoS
z$<!%pJ8%cTM@-_%s^0u^d3APi{qFQ_#c*f4BcIVSlWlixue|?oc5!<3{^I(lvmbw{
z7{+J!ng}0{qr8zQ<eDqw9Cj)a4%Y+d=l4HeU%h{$8hZZz-R1p_EY_G!pLqw8{VW)T
zQj_C^Z^@<7d^ss6*{^63q?N6*cHaRd)W=kU+h1`iWOe=wgnB{buS<UEWZ1lfa>mmv
zJ9E3(pj?SNDDujQnal6Irfs?WpmoiY`9UqWE<YCcHcnm8iOEv{#mT2vMbdQCR(X7i
zEiH}oQ^#aYQeFH{v0O4fzYeuuzeYj8mg@gaW&^eF|Bp)he+F&-zh<bopc{`jq0`br
z?mKhKM0oeC3}_uu|8JSrGh}`)+dTlGQ;tQvI;^kY;sv9hSGQrZh<t9I(Vx%E$EWV=
zuaWBTuU~qkA!2^g@=zO4_x`Wv7W01$-4_4NP!a!QHQp=C|IEe}NY_eX3uFNl&JP3V
z%y6)9#H>4GY~C3`$b?MJ4?8s9qHxNQkIThv^Rmr0VD5}SUlft&VeDi75XN}IIJWg=
z{j!cQn%a&0tp4$n@isu)HbCQ8fl4N80q@jQsdj}!tCOL4U8A$rY&D+e#Ak!7U(_g+
zGc(W5`W21xqlF^bNrJ}~3#0(_u@hI2d4mj{yuO*&%vvn<(GJ!Bpa0cCkz@;1;4-Jb
zS8R^yzdG@OCST&0fI8~sQ~jRKrk%rDfBTzd0gRD1XOqbrvLJE<ZtEid+o;a}>lgfw
zJO{4E|DOzt`~Tb%_oUtb(+KToGe>sK9EG8iKc?gUvnH#a&;bKg(}wJMm6fj_k~fiD
zwJF|3QrPcc8v~dw;wvkkTgI`W^SwUFB-!y|E|l3+JsC1zAA@42c0KvJ+D8#z(1)(%
z%f>!H6sw<N85h*MEMkUcgOd3Y?@=;e%$|(6LFRM0^=k*XN-Wi%V?upGr>Q)vo?d?^
zxs-msPpWbo$B7`t_WYZTOYGKlO_=G8s&3lhHl`=geBmK#Q?XvztGX}s{#CkIR^hB#
zmKB@hFd&}pC>79g76h0-Oof+a<%DlUJJ+jcRzHn0GFsBt^?cPGz4@!eSKaXuUN9=K
z84PnNeK)(h7LQ4;oRCQ3Nfaa(Gdue3Z%iba@K8YLw7N}tj8rHegv?J$7geC9lG0LB
zbyaaOJtri%qK0_Xa*Fmyu-~&;F?BoI-!zQ>hc2aUWEry9&Y~gfQZfKufn=?p*~o_1
zRuk{QeV{ZYpPRF79xozcou{wFV+oCQY$^{+Dsv4vTVOfEk<cTTXKXy%BYoD7#v(qo
z>#7RcVq<No&lh;2+LQF+JyKc#Wyf3_ABt%FZ|q5p4fA+@Ze7ixv^=y47I!~x<w&5h
zvE1<(CGFp6SehP<uMs|3+-&F?wj06q@Y)<#j~l?IaQoCV^Jb`S{U@`(ck2_NYTy5s
z^1r&rgZBMTBeePNKjWR*>ra2mY;-QY9V+h{ck(rkBN9kLN6?Wx!kzTxPO6*Pmg=qA
zPu+vxHf@go%};>Z3jgizzZ;?5<NsBo_<z;n|53CF{;M;<?;!uvptS$%WO&@-zX{qU
z{&U%%W1UHpK<(EUR3@H(>c0IJXj}Ye6F@yW|I@IT|9Ln#YR`XYg!Ya9+)pE$vH+P%
zpSpj)cG?dAo6P}g@$Z)MKMmUXe>1cn{5LfR$mW}W>Yn^IX%qZ&eY)4C+20=${}=uL
zVCc5L|89hKiT`Xqg+xc<Yzq4{0+mVUpSoYa71{>>n`M9BX8u3ywfWzhp?%@MluxB8
z3(&^?8_|aNugU=b`19WerTousd;W7Xv}64DpK1ZHI`jNf_wLtETjPI&1;G0CzvBFV
zc+}>9YlilY|Hc*o*X5pn>K^{OX-oWXv;bJY{#T6u`$xU@_g{_Bp77t)0$?uT{8RVk
zw@4e{AI-%>-u9QN4*&g=V*KyAt^aR^c8UK?g3>+1Ue)9}y%zD0rVa3q_l5sKuXO&i
z>$doBgm#I4+!+3`#(%%H0FR~(@IRf$DXBNL0`>SW`TwJK|6en-OZ=B|m+#pMqzc(u
zfvssX{5R+Sd+qzbMrcp?Zv^?R|9?Ey;(x1*k9n%Y|Ix6x{^$1F^Piic!g(*1zpX7I
z{oyA))c+>8Xn%I!hNno-lb7+S$M`;~!~YEmh>s*rQh3@PfAGG)glh2b4vq%J_5c2H
zyZ+w@9mHusrxKnAn8Ndbv3V5UlZ~l+<948v$>`95j{5iF1@yrF^2IvPxzztOVG;FV
z^aJ?BlbIU=%j9OK7;SVjaYo1Fx7^~%^n}{&S;Rrk_6#ociGk(kIigbx&TAB+F$sty
zSU9I2&SU#0G9}3bW=Q-U-zN1vm+Vq<LZ{%oh|B%ILX&buR1lTnhpE5zn`zabt`Ff)
z_zxnaP~#T!%(dt_{yi<CMa#8><KH8~u@9Y#<kRbmp9CO|LBEcrQwKh1qY1G+0Xf6q
zG0w3Fna*dS9szHLxQx^NCPmdfIU~Z{bhO&likJEF)KL2>soMTuoSpvk_RLxMJE@~C
z{u}lS>p$-B_^93g)d(HHh0y?beSQh4<%HJ?W0rNL(3uI}z#LK|fJc;Su%2J8=4X%`
zumbudRbUhltfHs%96v;Tm}06}D)2ADfT)NH;$v1p&X5ETQ5a+J*^&kf`Pg?X>j2J;
zEijqCtxummSu-3gQfpGF&fs*xHu=I$u%-h<uxTMO)d{9G&!--h=BOI~C=6|mk-xyZ
zumShu-|Y{M+yefOP6loK*9fh_zfjOmTx|;a9K1FB*~B>T7}$|=@$gZxdj1+yb!oyl
zoU2b1OSp^~yja-`@!Rv6l%W`PyUXR$@kmmM!}zqjQpuGW>Ar9*>wg%Bg$WKOj4!l3
zQ1)iVmLM5K0_%oNFp?3+hrsa!b9IMB96tKY%hVfVV1X!_V(zG$PJGSr*rGdQOItE~
z8WA6hF7j`bvGVOmV4hq|lbM<Cs)d>Ui>;F|O=3a7ma3nW<zp06DMprM!^f;OTD5LU
z<SZKNhQy8PW(&Rm8%kDshN!OwEI<+UW+rgL@KN=lL3t&6^m~Mo-tVr;z5vNsV2m=4
zr~m{aA`+{?S0gR4iUt|gb?B_J>dvj|=)ae2zXPWer546POb8`nc4%}cD?s8MRAnUx
zvDQD>aH-kaaH=Z+qMldr<nvFN*!<HA!@<WBLa~753{#~Vl9TB)MndYqvg$oX0{h8D
z^Ry4iS|*$(%~Rv9osADj3#*DJ?a|U;X_}j!a;sV#Gg{N=xM;EMCVZw7GL6jP3>t9i
zY9hrUEN8@<DYokJ$}8R^bB-7<$}1y!t541#6XL}KD;bD634u^kbIQPhDiudC!OQdn
zyDAC5i-cs0RSryZm=`tmgxEI~C+*h#wpd`FAc=!pHRh2T2FYUeUX7RP(p3nvnp44P
zS?o34oIYOF(fME}VI-M?MQr<4umL1siGx7>RS)Zxl)_krh@%CTn2UJW9@D?8rk8qH
zb<Amixl~QONc-JRjQ=xH2>(!+CU}MbOQGPbr9>$hv_k6$Pk1xzM*%+6DkRi&%N%KF
zkd=kH6X)hV*9HQXh)UIe#=#^{Nv45~19F4a98z;BRGh#_9BM`s8;!tJL>!xr{J0YC
zZJLHvH!<mok_*sgP}%>~)ZX-+Kf0K9SBYG06hE!*9d%#i`ick$dAeAp3;^|w?Y+Pr
zR`Lja>4HTPmtD{n_2(3-d!TQ|p3FA)Ug-IEQqJ^~9wZjYxXY7aIrV*__@E%T&3CN8
z5<Z#2BfYZl$ruC-=1dg$_4Mr<h1eiBUuPW5X+MR@yJa05XqC%&h?Vw<C{%{jvhLtg
zt18@O3;IMzPR5b$@jIgriScZPa?MHY=$&<E$CQ33(fT`kr0PoVtUEmhS|DZlt3~}7
z@2}k?X6Q<ead&|T?Rt}GH|Fr-5gmTxI{lMB7p`t3z{^Jq@ba+&92c)<1>o~)^}U0S
z)jx2&H%3fk(qXBQCVpShz3Dl_Ziu`&nqn<oHT$)~>ZZE37U<89k|p_})?Oq@nBOyK
z50j+7UXpb4`7R|$nQo|Vrm=PbDO*UhFD0wuzfQ)CFd5WrCComwtjvA=U_C&T`9Q3B
z^kXK+$<74G@Z8j->9!ViYztxbqGQ$U?=fVFELp?6jVwD?u`1^G8nRkR@O-T#>2}&j
zc*vB;wm!1Dg?SghUWE7;0gn(M=I|I7U)8>x0MqquG2PPi2oX{q+mAuaqPM*W$2$<=
kcn2c9`g2Z%r(S4nsil@$`pW440ssL2|1W;gcmU`C0KvnUaR2}S

literal 0
HcmV?d00001

diff --git a/charts/rancher-cis-benchmark/6.7.0/Chart.yaml b/charts/rancher-cis-benchmark/6.7.0/Chart.yaml
new file mode 100644
index 0000000000..49ba52d407
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/Chart.yaml
@@ -0,0 +1,22 @@
+annotations:
+  catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/display-name: CIS Benchmark
+  catalog.cattle.io/kube-version: '>= 1.27.0-0 < 1.31.0-0'
+  catalog.cattle.io/namespace: cis-operator-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
+  catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
+  catalog.cattle.io/release-name: rancher-cis-benchmark
+  catalog.cattle.io/type: cluster-tool
+  catalog.cattle.io/ui-component: rancher-cis-benchmark
+apiVersion: v1
+appVersion: v6.7.0
+description: The cis-operator enables running CIS benchmark security scans on a kubernetes
+  cluster
+icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
+keywords:
+- security
+name: rancher-cis-benchmark
+version: 6.7.0
diff --git a/charts/rancher-cis-benchmark/6.7.0/README.md b/charts/rancher-cis-benchmark/6.7.0/README.md
new file mode 100644
index 0000000000..50beab58ba
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/README.md
@@ -0,0 +1,9 @@
+# Rancher CIS Benchmark Chart
+
+The cis-operator enables running CIS benchmark security scans on a kubernetes cluster and generate compliance reports that can be downloaded.
+
+# Installation
+
+```
+helm install rancher-cis-benchmark ./ --create-namespace -n cis-operator-system
+```
diff --git a/charts/rancher-cis-benchmark/6.7.0/app-readme.md b/charts/rancher-cis-benchmark/6.7.0/app-readme.md
new file mode 100644
index 0000000000..06e5629018
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/app-readme.md
@@ -0,0 +1,34 @@
+# Rancher CIS Benchmarks
+
+This chart enables security scanning of the cluster using [CIS (Center for Internet Security) benchmarks](https://www.cisecurity.org/benchmark/kubernetes/).
+
+For more information on how to use the feature, refer to our [docs](https://ranchermanager.docs.rancher.com/how-to-guides/advanced-user-guides/cis-scan-guides).
+
+This chart installs the following components:
+
+- [cis-operator](https://github.com/rancher/cis-operator) - The cis-operator handles launching the [kube-bench](https://github.com/aquasecurity/kube-bench) tool that runs a suite of CIS tests on the nodes of your Kubernetes cluster. After scans finish, the cis-operator generates a compliance report that can be downloaded.
+- Scans - A scan is a CRD (`ClusterScan`) that defines when to trigger CIS scans on the cluster based on the defined profile. A report is created after the scan is completed.
+- Profiles - A profile is a CRD (`ClusterScanProfile`) that defines the configuration for the CIS scan, which is the benchmark versions to use and any specific tests to skip in that benchmark. This chart installs a few default `ClusterScanProfile` custom resources with no skipped tests, which can immediately be used to launch CIS scans.
+- Benchmark Versions - A benchmark version is a CRD (`ClusterScanBenchmark`) that defines the CIS benchmark version to run using kube-bench as well as the valid configuration parameters for that benchmark. This chart installs a few default `ClusterScanBenchmark` custom resources.
+- Alerting Resources - Rancher's CIS Benchmark application lets you run a cluster scan on a schedule, and send alerts when scans finish.
+    - If you want to enable alerts to be delivered when a cluster scan completes, you need to ensure that [Rancher's Monitoring and Alerting](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/) application is pre-installed and the [Receivers and Routes](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/configuration/#alertmanager-config) are configured to send out alerts.
+    - Additionally, you need to set `alerts: true` in the Values YAML while installing or upgrading this chart.
+
+## CIS Kubernetes Benchmark support
+
+| Source | Kubernetes distribution | scan profile                                                                                                       | Kubernetes versions |
+|--------|-------------------------|--------------------------------------------------------------------------------------------------------------------|---------------------|
+| CIS    | any                     | [cis-1.9](https://github.com/aquasecurity/kube-bench/tree/main/cfg/cis-1.9)                                                         | v1.27+              |
+| CIS    | any                     | [cis-1.8](https://github.com/aquasecurity/kube-bench/tree/main/cfg/cis-1.8)                                                         | v1.26               |
+| CIS    | rke                     | [rke-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke-cis-1.8-permissive)                        | rke1-v1.26+         |
+| CIS    | rke                     | [rke-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke-cis-1.8-hardened)                          | rke1-v1.26+         |
+| CIS    | rke2                    | [rke2-cis-1.9](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke2-cis-1.9)                                              | rke2-v1.27+         |
+| CIS    | rke2                    | [rke2-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke2-cis-1.8-permissive)                       | rke2-v1.26          |
+| CIS    | rke2                    | [rke2-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke2-cis-1.8-hardened)                         | rke2-v1.26          |
+| CIS    | k3s                     | [k3s-cis-1.9](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/k3s-cis-1.9)                                               | k3s-v1.27+          |
+| CIS    | k3s                     | [k3s-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/k3s-cis-1.8-permissive)                        | k3s-v1.26           |
+| CIS    | k3s                     | [k3s-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/k3s-cis-1.8-hardened)                          | k3s-v1.26           |
+| CIS    | eks                     | [eks-1.2.0](https://github.com/aquasecurity/kube-bench/tree/main/cfg/eks-1.2.0)                                                       | eks                 |
+| CIS    | aks                     | [aks-1.0](https://github.com/aquasecurity/kube-bench/tree/main/cfg/aks-1.0)                                                         | aks                 |
+| CIS    | gke                     | [gke-1.2.0](https://github.com/aquasecurity/kube-bench/tree/main/cfg/gke-1.2.0)                                                       | gke-1.20            |
+| CIS    | gke                     | [gke-1.6.0](https://github.com/aquasecurity/kube-bench/tree/main/cfg/gke-1.6.0)                                                       | gke-1.29+           |
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/_helpers.tpl b/charts/rancher-cis-benchmark/6.7.0/templates/_helpers.tpl
new file mode 100644
index 0000000000..b7bb000422
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/_helpers.tpl
@@ -0,0 +1,27 @@
+{{/* Ensure namespace is set the same everywhere */}}
+{{- define "cis.namespace" -}}
+  {{- .Release.Namespace | default "cis-operator-system" -}}
+{{- end -}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/alertingrule.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/alertingrule.yaml
new file mode 100644
index 0000000000..1787c88a07
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/alertingrule.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.alerts.enabled -}}
+---
+apiVersion: monitoring.coreos.com/v1
+kind: PodMonitor
+metadata:
+  name: rancher-cis-pod-monitor
+  namespace: {{ template "cis.namespace" . }}
+spec:
+  selector:
+    matchLabels:
+      cis.cattle.io/operator: cis-operator
+  podMetricsEndpoints:
+  - port: cismetrics
+{{- end }}
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-aks-1.0.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-aks-1.0.yaml
new file mode 100644
index 0000000000..1ac866253f
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-aks-1.0.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: aks-1.0
+spec:
+  clusterProvider: aks
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-cis-1.8.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-cis-1.8.yaml
new file mode 100644
index 0000000000..e1bbc72dd3
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-cis-1.8.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.8
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.26.0"
+  maxKubernetesVersion: "1.26.x"
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-cis-1.9.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-cis-1.9.yaml
new file mode 100644
index 0000000000..480aad292a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-cis-1.9.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.9
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.27.0"
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-eks-1.2.0.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-eks-1.2.0.yaml
new file mode 100644
index 0000000000..c1bdd9ed5e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-eks-1.2.0.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: eks-1.2.0
+spec:
+  clusterProvider: eks
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-gke-1.2.0.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-gke-1.2.0.yaml
new file mode 100644
index 0000000000..426f7ec6a8
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-gke-1.2.0.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: gke-1.2.0
+spec:
+  clusterProvider: gke
+  minKubernetesVersion: "1.15.0"
+  maxKubernetesVersion: "1.28.x"
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-gke-1.6.0.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-gke-1.6.0.yaml
new file mode 100644
index 0000000000..0538240e53
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-gke-1.6.0.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: gke-1.6.0
+spec:
+  clusterProvider: gke
+  minKubernetesVersion: "1.29.0"
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-k3s-cis-1.8-hardened.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-k3s-cis-1.8-hardened.yaml
new file mode 100644
index 0000000000..db52b9baeb
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-k3s-cis-1.8-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.8-hardened
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.26.0"
+  maxKubernetesVersion: "1.26.x"
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-k3s-cis-1.8-permissive.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-k3s-cis-1.8-permissive.yaml
new file mode 100644
index 0000000000..0afe653586
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-k3s-cis-1.8-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.8-permissive
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.26.0"
+  maxKubernetesVersion: "1.26.x"
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-k3s-cis-1.9.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-k3s-cis-1.9.yaml
new file mode 100644
index 0000000000..7b6ef228c8
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-k3s-cis-1.9.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.9
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.27.0"
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke-cis-1.8-hardened.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke-cis-1.8-hardened.yaml
new file mode 100644
index 0000000000..d3d357c023
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke-cis-1.8-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.8-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.26.0"
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke-cis-1.8-permissive.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke-cis-1.8-permissive.yaml
new file mode 100644
index 0000000000..208eb777cd
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke-cis-1.8-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.8-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.26.0"
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke2-cis-1.8-hardened.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke2-cis-1.8-hardened.yaml
new file mode 100644
index 0000000000..1bbb5404f4
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke2-cis-1.8-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.8-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.26.0"
+  maxKubernetesVersion: "1.26.x"
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke2-cis-1.8-permissive.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke2-cis-1.8-permissive.yaml
new file mode 100644
index 0000000000..3947056649
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke2-cis-1.8-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.8-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.26.0"
+  maxKubernetesVersion: "1.26.x"
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke2-cis-1.9.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke2-cis-1.9.yaml
new file mode 100644
index 0000000000..57ce01b449
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/benchmark-rke2-cis-1.9.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.9
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.27.0"
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/cis-roles.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/cis-roles.yaml
new file mode 100644
index 0000000000..23c93dc659
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/cis-roles.yaml
@@ -0,0 +1,49 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cis-admin
+rules:
+  - apiGroups:
+      - cis.cattle.io
+    resources:
+      - clusterscanbenchmarks
+      - clusterscanprofiles
+      - clusterscans
+      - clusterscanreports
+    verbs: ["create", "update", "delete", "patch","get", "watch", "list"]
+  - apiGroups:
+      - catalog.cattle.io
+    resources: ["apps"]
+    resourceNames: ["rancher-cis-benchmark"]
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+    verbs:
+      - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cis-view
+rules:
+  - apiGroups:
+      - cis.cattle.io
+    resources:
+      - clusterscanbenchmarks
+      - clusterscanprofiles
+      - clusterscans
+      - clusterscanreports
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - catalog.cattle.io
+    resources: ["apps"]
+    resourceNames: ["rancher-cis-benchmark"]
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+    verbs: ["get", "watch", "list"]
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/configmap.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/configmap.yaml
new file mode 100644
index 0000000000..ab91549809
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/configmap.yaml
@@ -0,0 +1,18 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: default-clusterscanprofiles
+  namespace: {{ template "cis.namespace" . }}
+data:
+  # Default ClusterScanProfiles per cluster provider type
+  rke: |-
+    <1.21.0: rke-profile-permissive-1.20
+    >=1.21.0: rke-profile-permissive-1.8
+  rke2: |-
+    <1.21.0: rke2-cis-1.20-profile-permissive
+    >=1.21.0: rke2-cis-1.9-profile
+  eks: "eks-profile"
+  gke: "gke-profile-1.6.0"
+  aks: "aks-profile"
+  k3s: "k3s-cis-1.9-profile"
+  default: "cis-1.9-profile"
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/deployment.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/deployment.yaml
new file mode 100644
index 0000000000..8c9f72f5de
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/deployment.yaml
@@ -0,0 +1,61 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cis-operator
+  namespace: {{ template "cis.namespace" . }}
+  labels:
+    cis.cattle.io/operator: cis-operator
+spec:
+  selector:
+    matchLabels:
+      cis.cattle.io/operator: cis-operator
+  template:
+    metadata:
+      labels:
+        cis.cattle.io/operator: cis-operator
+    spec:
+      serviceAccountName: cis-operator-serviceaccount
+      containers:
+      - name: cis-operator
+        image: '{{ template "system_default_registry" . }}{{ .Values.image.cisoperator.repository }}:{{ .Values.image.cisoperator.tag }}'
+        imagePullPolicy: IfNotPresent
+        ports:
+        - name: cismetrics
+          containerPort: {{ .Values.alerts.metricsPort }}
+        env:
+        - name: SECURITY_SCAN_IMAGE
+          value: {{ template "system_default_registry" . }}{{ .Values.image.securityScan.repository }}
+        - name: SECURITY_SCAN_IMAGE_TAG
+          value: {{ .Values.image.securityScan.tag }}
+        - name: SONOBUOY_IMAGE
+          value: {{ template "system_default_registry" . }}{{ .Values.image.sonobuoy.repository }}
+        - name: SONOBUOY_IMAGE_TAG
+          value: {{ .Values.image.sonobuoy.tag }}
+        - name: CIS_ALERTS_METRICS_PORT
+          value: '{{ .Values.alerts.metricsPort }}'
+        - name: CIS_ALERTS_SEVERITY
+          value: {{ .Values.alerts.severity }}
+        - name: CIS_ALERTS_ENABLED
+          value: {{ .Values.alerts.enabled | default "false" | quote }}
+        - name: CLUSTER_NAME
+          value: '{{ .Values.global.cattle.clusterName }}'
+        - name: CIS_OPERATOR_DEBUG
+          value: '{{ .Values.image.cisoperator.debug }}'
+        {{- if .Values.securityScanJob.overrideTolerations }}
+        - name: SECURITY_SCAN_JOB_TOLERATIONS
+          value: '{{ .Values.securityScanJob.tolerations | toJson  }}'
+        {{- end }}
+        resources:
+          {{- toYaml .Values.resources | nindent 12 }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/network_policy_allow_all.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/network_policy_allow_all.yaml
new file mode 100644
index 0000000000..6ed5d645ea
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/network_policy_allow_all.yaml
@@ -0,0 +1,15 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: default-allow-all
+  namespace: {{ template "cis.namespace" . }}
+spec:
+  podSelector: {}
+  ingress:
+  - {}
+  egress:
+  - {}
+  policyTypes:
+  - Ingress
+  - Egress
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/patch_default_serviceaccount.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/patch_default_serviceaccount.yaml
new file mode 100644
index 0000000000..e78a6bd08a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/patch_default_serviceaccount.yaml
@@ -0,0 +1,29 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: patch-sa
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade
+    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
+spec:
+  template:
+    spec:
+      serviceAccountName: cis-operator-serviceaccount
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      restartPolicy: Never
+      containers:
+      - name: sa
+        image: "{{ template "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }}"
+        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
+        command: ["kubectl", "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"]
+        args: ["-n", {{ template "cis.namespace" . }}]
+
+  backoffLimit: 1
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/rbac.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/rbac.yaml
new file mode 100644
index 0000000000..cba20d18c0
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/rbac.yaml
@@ -0,0 +1,211 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-operator-clusterrole
+rules:
+- apiGroups:
+  - "cis.cattle.io"
+  resources:
+  - "*"
+  verbs:
+  - "*"
+- apiGroups:
+  - ""
+  resources:
+  - "pods"
+  - "services"
+  - "configmaps"
+  - "nodes"
+  - "serviceaccounts"
+  verbs:
+  - "get"
+  - "list"
+  - "create"
+  - "update"
+  - "watch"
+  - "patch"
+- apiGroups:
+  - "rbac.authorization.k8s.io"
+  resources:
+  - "rolebindings"
+  - "clusterrolebindings"
+  - "clusterroles"
+  - "roles"
+  verbs:
+  - "get"
+  - "list"
+- apiGroups:
+  - "batch"
+  resources:
+  - "jobs"
+  verbs:
+  - "list"
+  - "create"
+  - "patch"
+  - "update"
+  - "watch"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-scan-ns
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - "namespaces"
+  - "nodes"
+  - "pods"
+  - "serviceaccounts"
+  - "services"
+  - "replicationcontrollers"
+  verbs:
+  - "get"
+  - "list"
+  - "watch"
+- apiGroups: 
+  - "rbac.authorization.k8s.io"
+  resources:
+  - "rolebindings"
+  - "clusterrolebindings"
+  - "clusterroles"
+  - "roles"
+  verbs:
+  - "get"
+  - "list"
+- apiGroups:
+   - "batch"
+  resources:
+   - "jobs"
+   - "cronjobs"
+  verbs:
+   - "list"
+- apiGroups:
+    - "apps"
+  resources:
+    - "daemonsets"
+    - "deployments"
+    - "replicasets"
+    - "statefulsets"
+  verbs:
+    - "list"
+- apiGroups:
+    - "autoscaling"
+  resources:
+    - "horizontalpodautoscalers"
+  verbs:
+    - "list"
+- apiGroups:
+    - "networking.k8s.io"
+  resources:
+    - "networkpolicies"
+  verbs:
+    - "get"
+    - "list"
+    - "watch"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: cis-operator-role
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  namespace: {{ template "cis.namespace" . }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - "services"
+  verbs:
+  - "watch"
+  - "list"
+  - "get"
+  - "patch"
+- apiGroups:
+  - "batch"
+  resources:
+  - "jobs"
+  verbs:
+  - "watch"
+  - "list"
+  - "get"
+  - "delete"
+- apiGroups:
+  - ""
+  resources:
+  - "configmaps"
+  - "pods"
+  - "secrets"
+  verbs:
+  - "*"
+- apiGroups:
+  - "apps"
+  resources:
+  - "daemonsets"
+  verbs:
+  - "*"
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - prometheusrules
+  verbs:
+  - create
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-operator-clusterrolebinding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cis-operator-clusterrole
+subjects:
+- kind: ServiceAccount
+  name: cis-operator-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: cis-scan-ns
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cis-scan-ns
+subjects:
+- kind: ServiceAccount
+  name: cis-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-operator-rolebinding
+  namespace: {{ template "cis.namespace" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: cis-operator-role
+subjects:
+- kind: ServiceAccount
+  name: cis-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+- kind: ServiceAccount
+  name: cis-operator-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-cis-1.8.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-cis-1.8.yaml
new file mode 100644
index 0000000000..40be06c946
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-cis-1.8.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.8-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.8
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-cis-1.9.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-cis-1.9.yaml
new file mode 100644
index 0000000000..9f0c9f58af
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-cis-1.9.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.9-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.9
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-k3s-cis-1.8-hardened.yml b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-k3s-cis-1.8-hardened.yml
new file mode 100644
index 0000000000..03f6695689
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-k3s-cis-1.8-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.8-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.8-hardened
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-k3s-cis-1.8-permissive.yml b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-k3s-cis-1.8-permissive.yml
new file mode 100644
index 0000000000..39932a4e5b
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-k3s-cis-1.8-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.8-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.8-permissive
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-k3s-cis-1.9.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-k3s-cis-1.9.yaml
new file mode 100644
index 0000000000..3d9ea843b0
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-k3s-cis-1.9.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.9-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.9
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke-1.8-hardened.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke-1.8-hardened.yaml
new file mode 100644
index 0000000000..54aa08691e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke-1.8-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.8
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.8-hardened
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke-1.8-permissive.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke-1.8-permissive.yaml
new file mode 100644
index 0000000000..f7d4fdd229
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke-1.8-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.8
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.8-permissive
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke2-cis-1.8-hardened.yml b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke2-cis-1.8-hardened.yml
new file mode 100644
index 0000000000..d0a1180f56
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke2-cis-1.8-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.8-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.8-hardened
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke2-cis-1.8-permissive.yml b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke2-cis-1.8-permissive.yml
new file mode 100644
index 0000000000..0aa72407c0
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke2-cis-1.8-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.8-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.8-permissive
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke2-cis-1.9.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke2-cis-1.9.yaml
new file mode 100644
index 0000000000..047d5e86ed
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofile-rke2-cis-1.9.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.9-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.9
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/scanprofileaks.yml b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofileaks.yml
new file mode 100644
index 0000000000..ac9f47a8fb
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofileaks.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: aks-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: aks-1.0
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/scanprofileeks.yml b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofileeks.yml
new file mode 100644
index 0000000000..7cf7936cbf
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofileeks.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: eks-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: eks-1.2.0
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/scanprofilegke-1.6.0.yml b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofilegke-1.6.0.yml
new file mode 100644
index 0000000000..1fc299fc57
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofilegke-1.6.0.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: gke-profile-1.6.0
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: gke-1.6.0
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/scanprofilegke.yml b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofilegke.yml
new file mode 100644
index 0000000000..42fa4f23a2
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/scanprofilegke.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: gke-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: gke-1.2.0
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/serviceaccount.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..ec48ec6224
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/serviceaccount.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: {{ template "cis.namespace" . }}
+  name: cis-operator-serviceaccount
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: {{ template "cis.namespace" . }}
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-serviceaccount
diff --git a/charts/rancher-cis-benchmark/6.7.0/templates/validate-install-crd.yaml b/charts/rancher-cis-benchmark/6.7.0/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..562295791b
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/templates/validate-install-crd.yaml
@@ -0,0 +1,17 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScan" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanBenchmark" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanProfile" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanReport" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/6.7.0/values.yaml b/charts/rancher-cis-benchmark/6.7.0/values.yaml
new file mode 100644
index 0000000000..3b9f8eebdf
--- /dev/null
+++ b/charts/rancher-cis-benchmark/6.7.0/values.yaml
@@ -0,0 +1,53 @@
+# Default values for rancher-cis-benchmark.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+image:
+  cisoperator:
+    repository: rancher/cis-operator
+    tag: v1.2.5
+  securityScan:
+    repository: rancher/security-scan
+    tag: v0.4.3
+  sonobuoy:
+    repository: rancher/mirrored-sonobuoy-sonobuoy
+    tag: v0.57.2
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+
+securityScanJob:
+  overrideTolerations: false
+  tolerations: []
+
+affinity: {}
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+    clusterName: ""
+  kubectl:
+    repository: rancher/kubectl
+    tag: v1.29.11
+
+alerts:
+  enabled: false
+  severity: warning
+  metricsPort: 8080
diff --git a/index.yaml b/index.yaml
index aca0d3c446..e19caca2d0 100755
--- a/index.yaml
+++ b/index.yaml
@@ -12085,6 +12085,32 @@ entries:
     urls:
     - assets/rancher-cis-benchmark/rancher-cis-benchmark-105.0.0+up7.0.0.tgz
     version: 105.0.0+up7.0.0
+  - annotations:
+      catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/display-name: CIS Benchmark
+      catalog.cattle.io/kube-version: '>= 1.27.0-0 < 1.31.0-0'
+      catalog.cattle.io/namespace: cis-operator-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
+      catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
+      catalog.cattle.io/release-name: rancher-cis-benchmark
+      catalog.cattle.io/type: cluster-tool
+      catalog.cattle.io/ui-component: rancher-cis-benchmark
+    apiVersion: v1
+    appVersion: v6.7.0
+    created: "2025-02-25T21:48:00.990070872-03:00"
+    description: The cis-operator enables running CIS benchmark security scans on
+      a kubernetes cluster
+    digest: 16e0bd6481cec7934f23be0837985c028e0355f7248c0b61bfeddd7567442973
+    icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
+    keywords:
+    - security
+    name: rancher-cis-benchmark
+    urls:
+    - assets/rancher-cis-benchmark/rancher-cis-benchmark-6.7.0.tgz
+    version: 6.7.0
   - annotations:
       catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
       catalog.cattle.io/certified: rancher
diff --git a/release.yaml b/release.yaml
index 5c4897c6b3..0fdd710566 100644
--- a/release.yaml
+++ b/release.yaml
@@ -16,3 +16,5 @@ rancher-monitoring-crd:
   - 104.1.4+up57.0.3
 harvester-csi-driver:
   - 104.0.5+up0.1.23
+rancher-cis-benchmark:
+  - 6.7.0

From 6cdb965c3c22b8b230e75a1c776d036f1f4bab6c Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:49:26 -0300
Subject: [PATCH 12/19] fp: rancher-cis-benchmark-crd 6.7.0

---
 .../rancher-cis-benchmark-crd-6.7.0.tgz       | Bin 0 -> 1475 bytes
 .../6.7.0/Chart.yaml                          |  10 ++
 .../rancher-cis-benchmark-crd/6.7.0/README.md |   2 +
 .../6.7.0/templates/clusterscan.yaml          | 149 ++++++++++++++++++
 .../6.7.0/templates/clusterscanbenchmark.yaml |  55 +++++++
 .../6.7.0/templates/clusterscanprofile.yaml   |  37 +++++
 .../6.7.0/templates/clusterscanreport.yaml    |  40 +++++
 index.yaml                                    |  14 ++
 release.yaml                                  |   2 +
 9 files changed, 309 insertions(+)
 create mode 100644 assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-6.7.0.tgz
 create mode 100644 charts/rancher-cis-benchmark-crd/6.7.0/Chart.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/6.7.0/README.md
 create mode 100644 charts/rancher-cis-benchmark-crd/6.7.0/templates/clusterscan.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/6.7.0/templates/clusterscanbenchmark.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/6.7.0/templates/clusterscanprofile.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/6.7.0/templates/clusterscanreport.yaml

diff --git a/assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-6.7.0.tgz b/assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-6.7.0.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..f0bbe0bd2dd214ac8515d21af15f82b2e7d2fb67
GIT binary patch
literal 1475
zcmV;!1w8s6iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI@PbK1BQ&NF|7roU%g8wmLgZz=8F^zNEwNUrz1$Qw{&OBzYe
zmASe9{YJI{8)U#>XfyS`Flgm(W&7Jt>$MedI!D!|On0Zq={yGY+@&gfJD!6w-U8z2
z>O}K>-yaSJ>96nmo4@{b&%X)=H`hbI7X<y_$`6MAuy;lLQv)Aji8i3F{F7sCp4=-j
z;9M9mOmIEw5JJH~BxW83V<PmJcuP?k_QWt8k(?{eX>%5a$VcRjQ3<|rPT>%vmOybt
zEZc-c1xBc@UTA}{^ALp*g2t{rbQOP_s~wQ+3o6Y7ACZ@!6QZVyNt6En$hCne(!|V>
zj3@6kc@oNv<#qN2G7E_#0#ZhdrdO@=vWz?QZaly9z3*pTtImIev5df=eoLc78&sMC
zKS~dF=YQb$2K{pW_k#Yl-{$`%te80<8GbX!?LX~3|6kh_d<i<wjE5sKPP7s61hq&M
z#rOEcI7>4iMgt)ju=<hZPk}JnqfD<ex}zmhJ8`B&B2ytKIJ4tZAtEG?nn68K;OVH0
z5(QB?MC#Ct&yomK$<-l5Q(;p!$LSD~Cu|y}OCSu>vw-McF>X+eMU=!mUqhFC)q>xH
znU9F44VXlG5oj|>xLwh`5>G6`JBTrzzC8cJqVp-aJChG>6yvkX06K|dPz%op15pY0
zu`p5#N`lrUr2F+iEubf0<t6>H9;gMRpP4KHJ*)?60sRe%mw^6S57YwU!rW%MK8?z^
z^G+DD<vIvE=gK3CQ5%TMXZ(lTxd&Jx^)#Jhm_!&_hK&V(Vl$5_!5{MRG8wlWTOqQU
zFF}?`bdE8M^0`7HzrFwXrT<VGCPXT`gB!NY*UXmry*Br}EKn(hHr<5qB#P`M9}!zs
zY`M2iqX@lqg=)iBFWg%3db|94;rE<@HH8MbRj08?xN%3xAgpxFQhD1ndy#J=RAzF@
zLU&&aYhYu1=3^1d2u($#^@68DL<oF0m=%{qorIOm5Yw+nO$C9RPECbED<zCOn1eit
zw@16AptHr{f@-eqSaMe^I#ZlOQ|}JH8Jiln4ptqXbq`CfF+Q_&YdWi`;Ms2NU?DRY
zJIT3^x>lnf6>yy*TQ#oY+W~p9H>I<9f65RHo<CNMTEpzjK@@@({Jb$->~1<nI^m2F
zc1qDfNdZd1V#60QEhAVoyt|=NLhagcsx@~f=T6@fEfdZLZdN+rlzp=I^mp82_j5y&
z^0--THi<2!8r2JizamGKc0RVzca<V}mEAB+?Z$dsSyZa_kAtwA{gE}<GjrUWLyk<J
z36DF}J}4b?WF@7Yj;+CrHif&ZjZjt}3M0u><!y!41<eJY{PXXtYpJ~|tJ(isw@Pa?
z0{8U)`+g8?^#A(3VA%HmE@9{H|E&nqU?cF|5;Ju>I)dw<nZCGMgVO>?gFQlt)XSsX
zEAhg@m7<nfgB!jBdOk7Zzb8{v91ZIHmX(k{RZlns9=`2?ubyxKJWa{7x^Y=Y<`c-R
z*69HgPYjp7f;u>6arO_=Hrt?AqYv0SuEeF{WUmMt4CbPCqxg=*YYxAyvRXT%)vW(y
z_T*acHSnJLFSs5KHtN6LP5-8?|1M$YuK#kvG+6x=->5ojzh%Jc%1^EU8m{|R`Qxge
z-npGWNKLW1^hV#sJu~@;+SF;<?``GnY~&r;O#K<R+M4>WP>R}L1@6=Tn_#%9|HB|?
z_5TufZvD>))1drMQot(p&%;%VzgiyNu=bznOOJL-x%iuoj3K{0e7^e`9^$I?fAZn>
z{ihFJ9G<K(`@a7U2EC2%zpn?upw<6N*#CBX?0icmnUBypC_~H~3}IWJQzsfjGF?=C
dQvJQpu(j4&Yppex{TBcL|No^QIotp?005;p)?@$x

literal 0
HcmV?d00001

diff --git a/charts/rancher-cis-benchmark-crd/6.7.0/Chart.yaml b/charts/rancher-cis-benchmark-crd/6.7.0/Chart.yaml
new file mode 100644
index 0000000000..dadd057d69
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/6.7.0/Chart.yaml
@@ -0,0 +1,10 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cis-operator-system
+  catalog.cattle.io/release-name: rancher-cis-benchmark-crd
+apiVersion: v1
+description: Installs the CRDs for rancher-cis-benchmark.
+name: rancher-cis-benchmark-crd
+type: application
+version: 6.7.0
diff --git a/charts/rancher-cis-benchmark-crd/6.7.0/README.md b/charts/rancher-cis-benchmark-crd/6.7.0/README.md
new file mode 100644
index 0000000000..f6d9ef621f
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/6.7.0/README.md
@@ -0,0 +1,2 @@
+# rancher-cis-benchmark-crd
+A Rancher chart that installs the CRDs used by rancher-cis-benchmark.
diff --git a/charts/rancher-cis-benchmark-crd/6.7.0/templates/clusterscan.yaml b/charts/rancher-cis-benchmark-crd/6.7.0/templates/clusterscan.yaml
new file mode 100644
index 0000000000..73cf1652b2
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/6.7.0/templates/clusterscan.yaml
@@ -0,0 +1,149 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscans.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScan
+    plural: clusterscans
+    singular: clusterscan
+  scope: Cluster
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .status.lastRunScanProfileName
+      name: ClusterScanProfile
+      type: string
+    - jsonPath: .status.summary.total
+      name: Total
+      type: string
+    - jsonPath: .status.summary.pass
+      name: Pass
+      type: string
+    - jsonPath: .status.summary.fail
+      name: Fail
+      type: string
+    - jsonPath: .status.summary.skip
+      name: Skip
+      type: string
+    - jsonPath: .status.summary.warn
+      name: Warn
+      type: string
+    - jsonPath: .status.summary.notApplicable
+      name: Not Applicable
+      type: string
+    - jsonPath: .status.lastRunTimestamp
+      name: LastRunTimestamp
+      type: string
+    - jsonPath: .spec.scheduledScanConfig.cronSchedule
+      name: CronSchedule
+      type: string
+    name: v1
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              scanProfileName:
+                nullable: true
+                type: string
+              scheduledScanConfig:
+                nullable: true
+                properties:
+                  cronSchedule:
+                    nullable: true
+                    type: string
+                  retentionCount:
+                    type: integer
+                  scanAlertRule:
+                    nullable: true
+                    properties:
+                      alertOnComplete:
+                        type: boolean
+                      alertOnFailure:
+                        type: boolean
+                    type: object
+                type: object
+              scoreWarning:
+                enum:
+                - pass
+                - fail
+                nullable: true
+                type: string
+            type: object
+          status:
+            properties:
+              NextScanAt:
+                nullable: true
+                type: string
+              ScanAlertingRuleName:
+                nullable: true
+                type: string
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      nullable: true
+                      type: string
+                    lastUpdateTime:
+                      nullable: true
+                      type: string
+                    message:
+                      nullable: true
+                      type: string
+                    reason:
+                      nullable: true
+                      type: string
+                    status:
+                      nullable: true
+                      type: string
+                    type:
+                      nullable: true
+                      type: string
+                  type: object
+                nullable: true
+                type: array
+              display:
+                nullable: true
+                properties:
+                  error:
+                    type: boolean
+                  message:
+                    nullable: true
+                    type: string
+                  state:
+                    nullable: true
+                    type: string
+                  transitioning:
+                    type: boolean
+                type: object
+              lastRunScanProfileName:
+                nullable: true
+                type: string
+              lastRunTimestamp:
+                nullable: true
+                type: string
+              observedGeneration:
+                type: integer
+              summary:
+                nullable: true
+                properties:
+                  fail:
+                    type: integer
+                  notApplicable:
+                    type: integer
+                  pass:
+                    type: integer
+                  skip:
+                    type: integer
+                  total:
+                    type: integer
+                  warn:
+                    type: integer
+                type: object
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-cis-benchmark-crd/6.7.0/templates/clusterscanbenchmark.yaml b/charts/rancher-cis-benchmark-crd/6.7.0/templates/clusterscanbenchmark.yaml
new file mode 100644
index 0000000000..261a84efd4
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/6.7.0/templates/clusterscanbenchmark.yaml
@@ -0,0 +1,55 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanbenchmarks.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanBenchmark
+    plural: clusterscanbenchmarks
+    singular: clusterscanbenchmark
+  scope: Cluster
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .spec.clusterProvider
+      name: ClusterProvider
+      type: string
+    - jsonPath: .spec.minKubernetesVersion
+      name: MinKubernetesVersion
+      type: string
+    - jsonPath: .spec.maxKubernetesVersion
+      name: MaxKubernetesVersion
+      type: string
+    - jsonPath: .spec.customBenchmarkConfigMapName
+      name: customBenchmarkConfigMapName
+      type: string
+    - jsonPath: .spec.customBenchmarkConfigMapNamespace
+      name: customBenchmarkConfigMapNamespace
+      type: string
+    name: v1
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              clusterProvider:
+                nullable: true
+                type: string
+              customBenchmarkConfigMapName:
+                nullable: true
+                type: string
+              customBenchmarkConfigMapNamespace:
+                nullable: true
+                type: string
+              maxKubernetesVersion:
+                nullable: true
+                type: string
+              minKubernetesVersion:
+                nullable: true
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-cis-benchmark-crd/6.7.0/templates/clusterscanprofile.yaml b/charts/rancher-cis-benchmark-crd/6.7.0/templates/clusterscanprofile.yaml
new file mode 100644
index 0000000000..b63d842fae
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/6.7.0/templates/clusterscanprofile.yaml
@@ -0,0 +1,37 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanprofiles.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanProfile
+    plural: clusterscanprofiles
+    singular: clusterscanprofile
+  scope: Cluster
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .spec.benchmarkVersion
+      name: BenchmarkVersion
+      type: string
+    name: v1
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              benchmarkVersion:
+                nullable: true
+                type: string
+              skipTests:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-cis-benchmark-crd/6.7.0/templates/clusterscanreport.yaml b/charts/rancher-cis-benchmark-crd/6.7.0/templates/clusterscanreport.yaml
new file mode 100644
index 0000000000..544d825f4b
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/6.7.0/templates/clusterscanreport.yaml
@@ -0,0 +1,40 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanreports.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanReport
+    plural: clusterscanreports
+    singular: clusterscanreport
+  scope: Cluster
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .spec.lastRunTimestamp
+      name: LastRunTimestamp
+      type: string
+    - jsonPath: .spec.benchmarkVersion
+      name: BenchmarkVersion
+      type: string
+    name: v1
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              benchmarkVersion:
+                nullable: true
+                type: string
+              lastRunTimestamp:
+                nullable: true
+                type: string
+              reportJSON:
+                nullable: true
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/index.yaml b/index.yaml
index e19caca2d0..f82de51200 100755
--- a/index.yaml
+++ b/index.yaml
@@ -12959,6 +12959,20 @@ entries:
     urls:
     - assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-105.0.0+up7.0.0.tgz
     version: 105.0.0+up7.0.0
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cis-operator-system
+      catalog.cattle.io/release-name: rancher-cis-benchmark-crd
+    apiVersion: v1
+    created: "2025-02-25T21:49:02.312940685-03:00"
+    description: Installs the CRDs for rancher-cis-benchmark.
+    digest: 68dca8a78b2bd6970dc02f85f904316d1680db159acd3da6555ce23f7867f048
+    name: rancher-cis-benchmark-crd
+    type: application
+    urls:
+    - assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-6.7.0.tgz
+    version: 6.7.0
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
diff --git a/release.yaml b/release.yaml
index 0fdd710566..dc64453c0f 100644
--- a/release.yaml
+++ b/release.yaml
@@ -18,3 +18,5 @@ harvester-csi-driver:
   - 104.0.5+up0.1.23
 rancher-cis-benchmark:
   - 6.7.0
+rancher-cis-benchmark-crd:
+  - 6.7.0

From 2663e9ae3be047c3344a6093df8c44b091af95b2 Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:50:29 -0300
Subject: [PATCH 13/19] fp: fleet 103.1.13+up0.9.15

---
 assets/fleet/fleet-103.1.13+up0.9.15.tgz      | Bin 0 -> 5344 bytes
 charts/fleet/103.1.13+up0.9.15/Chart.yaml     |  22 ++++
 charts/fleet/103.1.13+up0.9.15/README.md      |  30 +++++
 .../charts/gitjob/.helmignore                 |  23 ++++
 .../charts/gitjob/Chart.yaml                  |   5 +
 .../charts/gitjob/templates/_helpers.tpl      |   7 ++
 .../charts/gitjob/templates/clusterrole.yaml  |  38 ++++++
 .../gitjob/templates/clusterrolebinding.yaml  |  12 ++
 .../charts/gitjob/templates/deployment.yaml   |  52 ++++++++
 .../charts/gitjob/templates/leases.yaml       |  23 ++++
 .../charts/gitjob/templates/service.yaml      |  12 ++
 .../gitjob/templates/serviceaccount.yaml      |   4 +
 .../charts/gitjob/values.yaml                 |  27 +++++
 .../103.1.13+up0.9.15/templates/_helpers.tpl  |  22 ++++
 .../templates/configmap.yaml                  |  26 ++++
 .../templates/deployment.yaml                 | 102 ++++++++++++++++
 .../job_cleanup_clusterregistrations.yaml     |  40 ++++++
 .../103.1.13+up0.9.15/templates/rbac.yaml     | 114 ++++++++++++++++++
 .../templates/serviceaccount.yaml             |  12 ++
 charts/fleet/103.1.13+up0.9.15/values.yaml    |  87 +++++++++++++
 index.yaml                                    |  26 ++++
 release.yaml                                  |   1 +
 22 files changed, 685 insertions(+)
 create mode 100644 assets/fleet/fleet-103.1.13+up0.9.15.tgz
 create mode 100644 charts/fleet/103.1.13+up0.9.15/Chart.yaml
 create mode 100644 charts/fleet/103.1.13+up0.9.15/README.md
 create mode 100644 charts/fleet/103.1.13+up0.9.15/charts/gitjob/.helmignore
 create mode 100644 charts/fleet/103.1.13+up0.9.15/charts/gitjob/Chart.yaml
 create mode 100644 charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/_helpers.tpl
 create mode 100644 charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/clusterrole.yaml
 create mode 100644 charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/clusterrolebinding.yaml
 create mode 100644 charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/deployment.yaml
 create mode 100644 charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/leases.yaml
 create mode 100644 charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/service.yaml
 create mode 100644 charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/serviceaccount.yaml
 create mode 100644 charts/fleet/103.1.13+up0.9.15/charts/gitjob/values.yaml
 create mode 100644 charts/fleet/103.1.13+up0.9.15/templates/_helpers.tpl
 create mode 100644 charts/fleet/103.1.13+up0.9.15/templates/configmap.yaml
 create mode 100644 charts/fleet/103.1.13+up0.9.15/templates/deployment.yaml
 create mode 100644 charts/fleet/103.1.13+up0.9.15/templates/job_cleanup_clusterregistrations.yaml
 create mode 100644 charts/fleet/103.1.13+up0.9.15/templates/rbac.yaml
 create mode 100644 charts/fleet/103.1.13+up0.9.15/templates/serviceaccount.yaml
 create mode 100644 charts/fleet/103.1.13+up0.9.15/values.yaml

diff --git a/assets/fleet/fleet-103.1.13+up0.9.15.tgz b/assets/fleet/fleet-103.1.13+up0.9.15.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..889602d22a00662ddcdd2c73a51e42c7518a6172
GIT binary patch
literal 5344
zcmV<66d&s!iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PKBxbK5wQ`25XJ(Lecjm6@DHJ^Y$w&CZ?IcCy)Z5})nN-qzNZ
z2O?V%Vi4c}pd5|Y_t~%TphQxX<=BpLvnxzh#>Au102<wm2D&w5h`Mt$CQ^q}lCp2U
zK<ak8-TmEN`~PmYTmOG=cjw@n-tNKP-u_N+cYpVrZm+-7+x-T*UjmtW%9SSao9>hQ
zst@irk_hKQ6HNtIQ2-DVO_&&kG0~b~NJWR_TC^!wnlKiDC6{(Ali#OA$K%EpF-lE`
z6q5)f;qe${V>SGgp`<BtO;`jiEpu!&RvgnLL4I$Q>wJLi2}(r;kKo0RzlUDf-wC_z
zF8pBr{GIvpMPpM=QdAj<F#?y_c4Jgir7>-6B2)y7^88a{X@)YTTD51jwr?m;#EojM
zEyaW;sM@26j38#Y(kNAEaVS-r^a#twq}K?;&vJDF`r-F}{QdBr;Y(yl6t>MY_~i{q
zMt>?mP5J@Jve{=h{9V}F3lhwbC&*)pDhk>V3!YGIYmBHCnF^7U0mCE!aF9n-e-wiN
zKw>5o)k01q7*d8&rxSK!!+%uAS4vRDl4cIxD}xfeC7g^<LK|LF{XSDbG+e}lVL)S3
zYpivqqK*d?`WdnGs}yS0VPYgy$4#r6jDqrbXY<zU?u5OtxAX6L<_G$<x91m6j{i>x
z%TawP0kDGq@AVh?|K8q)|F0#{l#DQ{?MuIX+;#~7G#N!O@mm7GwmHigI}?n?(+J)S
z-wAytQ6bksKt{;*o0V|ew%%t$--1^{7K{=kj;PYo3NX-Pge)I08pDV4QxHR&^XGhk
zlA}fihi7j<p`4(EG*=o12nscfQDU$KC!a`~F`P3KbQxhR(rABocgHZs3)}p|`Dp~L
z)@p1p1>~_vFaf*A3Z#w>KO4O_Ltr@6fN7?uKs8VWM5#Q*1oW7yI;6|f3sXhW5yu1u
zQy_4IjKMV*Hyn-*!})NI4vWzoqc-A;qk@|;>M=@-q+KddW0A82v^2;a9l{{z2}1=#
zDN<WaWM~G@N8qIA3*{>-EhHL<+=vQ}v8|*9kYEc^%iE12P)uY9moi779Da6y+7`gi
zkctGiVMv(rrCQQhyZq1*-sS1VTajP{t#VU4xI;*Czc{8LAHh&a7>gSaLyg>xQWe8A
zgex@=7$cE-fJD0vj>Z^YQ~ri)loPAE^!8E<|1W;VrXq(M!nGYBW8!8;AbBQujY<Tl
z3}ZT+ni-@L7#Sc_VL(S*NIY^4&r3~CZH36qg6Z~1<OXfK3L~lw-asUR$h9FdHRUnf
zP(AkRb&MGkQ#;*C6OCc81%EP&BvH$$nN|WkPX{P%Yc#UmP@2I{q9G|RU?h=fxFJ(B
z04?dr2xr0pCkCz_6Ag(##b0QMNv;qGFd?$g(J>d=Qg(tvk~2%my}hC<Q^(KO3I8R>
z9FLKaX#~A~SDEpe?fEzLcgUppH1!)M*m9q4^G2P{54l2Vg#3^H`9nsOx)Cz@G5R5w
z?8oQ_v#>uJP_al;0tz!CiN*vNRd&u2krK)k2njR;k|Yw9LgfZ_Lm9I}Fypej-1Ho9
zapo}S^$)_X`LFZ+cCS1C^PnI0_U%Wnzuo(t`TE{{?r(=`5^skE`7;p{76bz!v|07c
z@KLW&MP^4~0I&s@V}zOZT0(7rV3hXQED<I^cw(`%KxdR#)O5s%5)+`@YinK|c3j%w
zve@5^r3M4o*7GdFY^ZxWBYYd^(6KNJ(=skwT+o6ROZ0Ht!Miznt(JvwXg8|eYDr?$
zLVs2PP1EwMB$n(gxz_Ou;nJXCx2m#01xHhJm@_to*)q71ZUfcIu(2T>73{>!vFX#4
zB;tlEEs>-%b>70H+=5kOp+heh{U8*^61D#rSRolfN=(xLAR~IL9Dfc*ObiI~2Q|&C
zfCbNNkKF`%Rx$M)eGA@+1U*-=%ae)3$PGH;h6k7$=Qx}Tz3Z72G1_w?V%0HQsXfYR
zf*mdrY%64jgA3jXwzdM3bzyUajNtapKs@#P$drL5)bJ-W^MV-xf$*)wUvet3BDCzO
zZU4K#*Rn@a_}ky@AkHKelIrOZBT5+}@Ix@NPx!Sp!wG||Ueis4JC-bNq#(gTJ}S7W
z{W!%5vIx3CCPhX@MB}l^zCdlHmbw&&R!$TEwzlBCJ*yA~M`s@(%cK}q=_7<QDa>I<
zS;ia-W~K`hQ%h5xi(Ij(B_c&8m>4c9r(ll9A~Em}`P8TnG=Yg=d5SgaiwQTo%O53^
zZA;-^d4T~M0hAl=H5N*r5j_sJ;w(QiXhy*n_<ka2?RQnnWVlX_%6-_1FoWPf9dSm`
z(P`GP<1X^`G{XpvskCG<eJ_tJHwuE3j%3N)uqfV+7!sames;gMdi+nH-1$#qnlYkL
zb*{$9GL$OR*|Qx5SK0r%`@6OC-|j(oXLJ5rN4mXj8_`QS77Fu~m&8|IPo1`)eRmg_
zigXC!PtH`}BvD~VYLq~;W|^d1525vMs?&ND05tl3@zI*&gFIRIJGi~=ybS*0Om0;T
z#3%?eHNyxcD-W%W&Ppn^9hfSPW4i2;EHZ-TM#yU>NMhu_IU|@8T0F)iXHF35u~1ls
z7`*Iw{EA7og>5TGOTgWj+Hj3VaF<PuMklaG$H=!e88{qbY&3><;==cDvfcU1h~d`B
zFF9eY`ph(<p}g>RI8^2T+|*fu^tEYrlb$ct`M=XFQj$HRF>nR{@AnS6HU7WX?;dRU
z|2k5|*53=RDNiDBs^43Z1u1Hh5KW?)A>ZEs39hA4V`WejJIaaRANEXg8#qO<)yUaf
z5wvb^p&+|^L{A8JcdhLL*xa=Ec@S=I3$ZhY5Y8==cXv@^4NXSPz0b{)9*>5`H9KZ?
z93?}dgD?Y7DrszSbm$rk_IHuTu+Z-4Z~^6-#j4g}LyZLp-l*2l(wCH5tgu|QBACNi
zQTOg{26c7{H|>2UK+B$vt9Z?7hPJST8bHe|`m*Y#tXkWh%$L=7rPUVh_}+@3xrr;T
zHksK}mi05MP;FN=h%9SdtyO|BpV}K7jD@&9#~5i7O)i#~mwQC@I3IjCKRuH;q@Suy
zYlU}rE!*sFbFlkAlIrrmWJ-B91z^?v-@(paUH<Rx>~G}%I#OBwlPpu6nG!I+CwPb!
zpfZdjYs>VOK)cWFBN2aL;rRv0vWDg`ljOc(sYjDo1;%nH00kl@nIb|t%2`WuhMCO4
zwEb}29lkxeI6FK#nU(lM*DEQ~sFVpXq{xzU99DCEzO{|bke@T|g$`exo}64>ot?iw
zJA8e3d2)4p@`n$vuP#n5FW<a-eQ|a9{_61c$-B#oIzC2r!Y{edIFtPMTPfl0ZU&=v
zgm1WHDc7!|dUX2X;_~GD>g3&jeK`4G5I#NpYa@0K1Yevdm*eN|cN#GI<K^X<nY;hK
zAAx(@UpxiCyY~-h?eBv=Z_I^Z_MU|}`*3x3cK-g=)$yD2MFi%i*v=Q~_Uz>R&HLjA
z5M}{1bOz?nn+R)(Z$jtj@bdE1(BDs2Z{Hs;Y}nE>v87$PHxKaQbIuPl#Axm80QT@u
zE7ru|{$keS5~f)}sQl!iwE(f<G%;&#Z!vjNW^1;qhMxQ^bD^Q6qLm(ORj0h&PN*{Z
zZCC373s?p{*Fsl7pH+Msg|yo?b1|pQaDuFqzd)?>o1X<bWeUrA3gg^fFbS^llP=2v
zdxLl;>4Y*I;faa~bGIk{dTCx$B1ztJHa!<YzoHBs_02AKi<A|xl0^_P$;f~*s_h#*
zD5XS-teVq?!_(9I=GI;LytOY0%1zsln!K~wHBSYsBkOYR1Nce<P=9x{2)dfTfVab1
zEz0vMqV~G^n7Z4^2jkf;<6sCzi@%bTEwZ<U>oWKUaLN<p8hYJ1(9!^cf|%rl#&{UV
zW=7uK$0lm`thYdU%<^QJEjKLT@I5RV@XO#_aeaW58vlSgtjbDM?rfLfRxx+4La%Ii
zZ^W)#VFhvvdPV&%c~-OO@_2rjT_~M1;quBhFv1$ITFOFX&JWc)!3|reF#}ulL7|MG
z*X?$z`LCtOGha|b<pKJC{rvY)46b5#1$*T+xbl0YN4*hUW&iE(^sDE;e!sW5|65P0
z?Tz{Me7O8>-jG(i-LAY7ADENg{P6fEF<5?TbWqw&<P`waJQ4s}V`OQl#+|Vc*R2RL
zp>*Mqu<gF`Y$Qp7i`Cl+GSt}43S+I!RCydD+NTl&914kTn{8iAQNd@2*+-vA-Bb7K
zVe~Uty+lKly3hvS;bd0yXx33?5%=?yrc<+9KfiKyMS5L^_~rU?NnQ5$%8UB)^D1zU
z*S?l3fAv0=Yk$i${y8nmQAI7PuG~{q2?yorG9O?-;%hM+p3;=+2zs9>yf*2{sV@KJ
zfW*)32eLx`@9g#Z_4hx$jsM4bQdx%EwI{hA3rT-<4;Qb$SI+&cxEc0JfnfL$tFX+O
za}XmLwF1a8rMCA5o4cXe_pnOjGDctH#mg4~zy#%>l(7J(<|g-8F!teXt>w&itL&$j
z-o#07^+=%Z#?V2Wy|j1;u%%10*hisO3Fc8RWeg}!C?C1}d5v084VeX9@AK&74-W8y
z$VD*pruAa{_w*J3EE47N3yOU35o2ws(KWlMC}hi9RvyLQ-iGJSWil*Xsy=Ftp1O&e
z2<)?nDi%T}l;2NIcC61t73(2~FGUA+6GfwS^J#nK0kcxFl`bO;$Mhb=3D>l<%SeB@
zJznbN(W_iBMX%oXzj=MNuK!i#-1BIHEA+qaPOtv{d%wT8dH=VT)cF3dwpSj&svpH0
zAKzbTm;UB=;MYxV|DT^69=|;a)8vcvvC95?uv35k+uPsW*niiOwtRq%KO#%Ph5-r!
zmqS%4)`p4+!w_aA3C_Lmoc}hYIny*_I1gfCedGQzCborb`X52?vJmBfd_*}$bD(5y
zdMrDI6P}bj{Cu+t24Xlw3AsY4AQjfb&T<OyZunJiR0A&-Txr5Jq=Hi|tTVVCOOcPp
ze$>Taha$Glb6jW;oJ|Xu&iZE^O6}xq!ywl{H4vr*jOYZF$B4j~j>eGSNTLk@P+(^e
znNUUNkUTbkpGd6P6mI<Fd22T&Mel{@s+rG{L-%~vifN4rFBWJ%hjV9fgN`IOWjD;f
z9=<)@cJ$z)scgfabEQQ}f5mMOX8xuSi*(>m4n-gXJ(h?eoa2bdgrQPJfm1`bt%K}L
zDYcG}$&{0n#)Ppc=v;E^gserib2CdegW3sAyeoP^2Q&B28hl!vC^$3=AyMT_Z~KKY
zbA$Y&X}V;Iwk@GhrIE)|hYHCPs*A;UBc!rM^KVS!B)2}YL13MW?PxrvelwW0B;}c(
z;rhl?QBhrq)M91bi%X$*%v7j+;Dg?no)8id=QgO4T^rLgaxDp?zuMWglk&Gj#BhTH
zMK%8Y+rsnL8B<E3bG{3`?=4z)T~k{H!D}0m!mP*8Mmk6Yf1zPaCJ0oAZmD)m#~*X0
zfxyw}n=tUx;yknM=!2m6G#HhbkQ)tr>%t8fGSN2z2I%4l+~CYz-v&51IzM)9&4&A=
zCU?m2liyO|cTo`h{PWMj|92R>&<IK5UDk_%7ejWBmCeYVzG2$5eQ2TrM4LCcr_Y?u
z+wKy{#Zz*Q^6mBwp?V%U%l*}veLoN6GE_6<hw^{dtP+3e*`vX&(*Ju0z54s#?p}8z
z|JRXL#QN&@s?oTPW-7P~tsrv_AH_hyfG8)Oj8L&rKvYnP{57e8{n`WHB%7M{|8qwJ
zTe1Ip-M#(#{@>~KHv4}a$u0S^KwYz_ee)Py{oZ53ko@Ze?Wx?Y2LQ|bsViYltU=cL
zewSUp?W`{PbOSVagwK7#=Pu!9vYs3`r4k?IYg6kcJ$Gv2|IZx_WTpMLU$_4p?Cxyr
zziUbVZ1F$7_I&=<(*66t^mO0}>fkE<uh*^Z|9*F8cccHUB|Yn1wO1GYy|mG3DmT;a
zDPqe$6?QsH<&N4Fzc9y1=Q%aIto9}L2D=&Na&VbQmVh&Q<BR#{2+LnL2Fb_t=b!jI
z;|S(&IzAg{{hig)PJB((TFB`rO?2)HYF)Qpw!Sv~Zqn1zgZaOIANB?OKf1eh{jc9U
z=x*$PYe`??^^YT?wx^iqeDUK2%=~qaJvTSM?^*cef!cc>SbWd}|9bl4{rmrUqJgZ~
z|NVpA1^usgu+jh4k{%iVqu7X_74^fb6s^a3R+U<>cC0FG`X+}a!!{n{yi|6YH;UEL
zFaW;X#Q|uQe0mmmQj@>V{E2)etKIgT)uLW0TJtDYx#BlD<2U-9Lp2@?tcb}1%j2@Z
zJ+WEf!SPvE2O)t~fk@zCu|(={76Xzz0#HL>l4d9k!AX{^&+4UqNNf&R8lR(~Ta#gb
zuwaQZxT{sOpU;~Xj^fQ;YpZ*!d&awJb-VtP`dgnj`YQf^zx;QP|DSpjxJv)u@6~_*
z=b*p8iT|~h^gKQ*4>SBU_?s*@NI244W_Eaf?~`H(&){?Ngj34e*Z=<g?^UZOGJsY4
zzrVkD|FgUC|6EJD?>+u%y+0GOh!<4o0AsDQ_V-0B0aGD@`KJ_G#DYa|d309DaUw^k
z&wNE&wR)VWX#Zb(zW&+LgZBRuy@6Kk|L(zF-Tv3@?``(~I@06(alV$c+N9@BP5VC_
zBTHRm?q}&^)&Aexsr&!!8I@qO|JRVV;EZUE(*3@PTXgqBjf0#rqboy3;%hQO`@?+J
zmqF#375t#a$QX>67&x0B<)dwo$cUyBw7(5i$|pPtwt(Zvc_w_D*@)nnxWo7V`!0m{
z&b`LAG$=ua_UBnJ48r4!s|zjc4`CjOG!-0vI=X;_N)?17syp^yhkg(aew7{jZ;>$`
zb<97-r<(B29MFKo*Lh}tj93LPLv@n{FT(-34qk>jHGd09N5RYg3AW%TBB{s~yg5Em
yL6}Kl6#O8h36hShF2%<noTykN*!kLPyGfh0Nt<+E`riNm0RR8DEg`r7f&c)MY?=}P

literal 0
HcmV?d00001

diff --git a/charts/fleet/103.1.13+up0.9.15/Chart.yaml b/charts/fleet/103.1.13+up0.9.15/Chart.yaml
new file mode 100644
index 0000000000..8e5c189f60
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/Chart.yaml
@@ -0,0 +1,22 @@
+annotations:
+  catalog.cattle.io/auto-install: fleet-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/experimental: "true"
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+  catalog.cattle.io/namespace: cattle-fleet-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: clusters.fleet.cattle.io/v1alpha1
+  catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+  catalog.cattle.io/release-name: fleet
+apiVersion: v2
+appVersion: 0.9.15
+dependencies:
+- condition: gitops.enabled
+  name: gitjob
+  repository: file://./charts/gitjob
+description: Fleet Manager - GitOps at Scale
+icon: https://charts.rancher.io/assets/logos/fleet.svg
+name: fleet
+version: 103.1.13+up0.9.15
diff --git a/charts/fleet/103.1.13+up0.9.15/README.md b/charts/fleet/103.1.13+up0.9.15/README.md
new file mode 100644
index 0000000000..2f2a4c302a
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/README.md
@@ -0,0 +1,30 @@
+# Fleet Helm Chart
+
+Fleet is GitOps at scale. Fleet is designed to manage multiple clusters.
+
+## What is Fleet?
+
+* Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.
+
+* Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters.
+
+## Introduction
+
+This chart deploys Fleet on a Kubernetes cluster. It also deploys some of its dependencies as subcharts.
+
+The documentation is centralized in the [doc website](https://fleet.rancher.io/).
+
+## Prerequisites
+
+Get helm if you don't have it. Helm 3 is just a CLI.
+
+
+## Install Fleet
+
+Install the Fleet Helm charts (there are two because we separate out CRDs for ultimate flexibility.):
+
+```
+$ helm repo add fleet https://rancher.github.io/fleet-helm-charts/
+$ helm -n cattle-fleet-system install --create-namespace --wait fleet-crd fleet/fleet-crd
+$ helm -n cattle-fleet-system install --create-namespace --wait fleet fleet/fleet
+```
\ No newline at end of file
diff --git a/charts/fleet/103.1.13+up0.9.15/charts/gitjob/.helmignore b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/.helmignore
new file mode 100644
index 0000000000..691fa13d6a
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
\ No newline at end of file
diff --git a/charts/fleet/103.1.13+up0.9.15/charts/gitjob/Chart.yaml b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/Chart.yaml
new file mode 100644
index 0000000000..5332562fbf
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/Chart.yaml
@@ -0,0 +1,5 @@
+apiVersion: v2
+appVersion: 0.9.21
+description: Controller that run jobs based on git events
+name: gitjob
+version: 0.9.21
diff --git a/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/_helpers.tpl b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/_helpers.tpl
new file mode 100644
index 0000000000..f652b5643d
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/_helpers.tpl
@@ -0,0 +1,7 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
\ No newline at end of file
diff --git a/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/clusterrole.yaml b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/clusterrole.yaml
new file mode 100644
index 0000000000..bcad90164f
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/clusterrole.yaml
@@ -0,0 +1,38 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: gitjob
+rules:
+  - apiGroups:
+      - "batch"
+    resources:
+      - 'jobs'
+    verbs:
+      - '*'
+  - apiGroups:
+      - ""
+    resources:
+      - 'pods'
+    verbs:
+      - 'list'
+      - 'get'
+      - 'watch'
+  - apiGroups:
+      - ""
+    resources:
+      - 'secrets'
+    verbs:
+      - '*'
+  - apiGroups:
+      - ""
+    resources:
+      - 'configmaps'
+    verbs:
+      - '*'
+  - apiGroups:
+      - "gitjob.cattle.io"
+    resources:
+      - "gitjobs"
+      - "gitjobs/status"
+    verbs:
+      - "*"
\ No newline at end of file
diff --git a/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/clusterrolebinding.yaml b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000000..0bf07c4ef8
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/clusterrolebinding.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: gitjob-binding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: gitjob
+subjects:
+  - kind: ServiceAccount
+    name: gitjob
+    namespace: {{ .Release.Namespace }}
\ No newline at end of file
diff --git a/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/deployment.yaml b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/deployment.yaml
new file mode 100644
index 0000000000..7771db512c
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/deployment.yaml
@@ -0,0 +1,52 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: gitjob
+spec:
+  selector:
+    matchLabels:
+      app: "gitjob"
+  template:
+    metadata:
+      labels:
+        app: "gitjob"
+    spec:
+      serviceAccountName: gitjob
+      containers:
+        - image: "{{ template "system_default_registry" . }}{{ .Values.gitjob.repository }}:{{ .Values.gitjob.tag }}"
+          name: gitjob
+          args:
+          - gitjob
+          - --gitjob-image
+          - "{{ template "system_default_registry" . }}{{ .Values.gitjob.repository }}:{{ .Values.gitjob.tag }}"
+          {{- if .Values.debug }}
+          - --debug
+          {{- end }}
+          env:
+            - name: NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+          {{- if .Values.proxy }}
+            - name: HTTP_PROXY
+              value: {{ .Values.proxy }}
+            - name: HTTPS_PROXY
+              value: {{ .Values.proxy }}
+            - name: NO_PROXY
+              value: {{ .Values.noProxy }}
+          {{- end }}
+          {{- if .Values.debug }}
+            - name: CATTLE_DEV_MODE
+              value: "true"
+          {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- if .Values.priorityClassName }}
+      priorityClassName: "{{.Values.priorityClassName}}"
+      {{- end }}
diff --git a/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/leases.yaml b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/leases.yaml
new file mode 100644
index 0000000000..51f9339509
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/leases.yaml
@@ -0,0 +1,23 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: gitjob
+rules:
+  - apiGroups:
+      - "coordination.k8s.io"
+    resources:
+      - "leases"
+    verbs:
+      - "*"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: gitjob
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: gitjob
+subjects:
+  - kind: ServiceAccount
+    name: gitjob
diff --git a/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/service.yaml b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/service.yaml
new file mode 100644
index 0000000000..bf57c1b55c
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/service.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: gitjob
+spec:
+  ports:
+    - name: http-80
+      port: 80
+      protocol: TCP
+      targetPort: 8080
+  selector:
+    app: "gitjob"
\ No newline at end of file
diff --git a/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/serviceaccount.yaml b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..5f8aecb045
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/templates/serviceaccount.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: gitjob
diff --git a/charts/fleet/103.1.13+up0.9.15/charts/gitjob/values.yaml b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/values.yaml
new file mode 100644
index 0000000000..f7c79214de
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/charts/gitjob/values.yaml
@@ -0,0 +1,27 @@
+gitjob:
+  repository: rancher/gitjob
+  tag: v0.9.21
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+
+# http[s] proxy server
+# proxy: http://<username>@<password>:<url>:<port>
+
+# comma separated list of domains or ip addresses that will not use the proxy
+noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local
+
+nodeSelector:
+  kubernetes.io/os: linux
+
+tolerations:
+  - key: cattle.io/os
+    operator: "Equal"
+    value: "linux"
+    effect: NoSchedule
+
+# PriorityClassName assigned to deployment.
+priorityClassName: ""
+
+debug: false
diff --git a/charts/fleet/103.1.13+up0.9.15/templates/_helpers.tpl b/charts/fleet/103.1.13+up0.9.15/templates/_helpers.tpl
new file mode 100644
index 0000000000..6cd96c3ace
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/templates/_helpers.tpl
@@ -0,0 +1,22 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
\ No newline at end of file
diff --git a/charts/fleet/103.1.13+up0.9.15/templates/configmap.yaml b/charts/fleet/103.1.13+up0.9.15/templates/configmap.yaml
new file mode 100644
index 0000000000..3fd0b15cf8
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/templates/configmap.yaml
@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: fleet-controller
+data:
+  config: |
+    {
+      "systemDefaultRegistry": "{{ template "system_default_registry" . }}",
+      "agentImage": "{{ template "system_default_registry" . }}{{.Values.agentImage.repository}}:{{.Values.agentImage.tag}}",
+      "agentImagePullPolicy": "{{ .Values.agentImage.imagePullPolicy }}",
+      "apiServerURL": "{{.Values.apiServerURL}}",
+      "apiServerCA": "{{b64enc .Values.apiServerCA}}",
+      "agentCheckinInterval": "{{.Values.agentCheckinInterval}}",
+      "agentTLSMode": "{{.Values.agentTLSMode}}",
+      "ignoreClusterRegistrationLabels": {{.Values.ignoreClusterRegistrationLabels}},
+      "bootstrap": {
+        "paths": "{{.Values.bootstrap.paths}}",
+        "repo": "{{.Values.bootstrap.repo}}",
+        "secret": "{{.Values.bootstrap.secret}}",
+        "branch":  "{{.Values.bootstrap.branch}}",
+        "namespace": "{{.Values.bootstrap.namespace}}",
+        "agentNamespace": "{{.Values.bootstrap.agentNamespace}}",
+      },
+      "webhookReceiverURL": "{{.Values.webhookReceiverURL}}",
+      "githubURLPrefix": "{{.Values.githubURLPrefix}}"
+    }
diff --git a/charts/fleet/103.1.13+up0.9.15/templates/deployment.yaml b/charts/fleet/103.1.13+up0.9.15/templates/deployment.yaml
new file mode 100644
index 0000000000..164340c444
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/templates/deployment.yaml
@@ -0,0 +1,102 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: fleet-controller
+spec:
+  selector:
+    matchLabels:
+      app: fleet-controller
+  template:
+    metadata:
+      labels:
+        app: fleet-controller
+    spec:
+      containers:
+      - env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        - name: FLEET_PROPAGATE_DEBUG_SETTINGS_TO_AGENTS
+          value: {{ quote .Values.propagateDebugSettingsToAgents }}
+        {{- if .Values.clusterEnqueueDelay }}
+        - name: FLEET_CLUSTER_ENQUEUE_DELAY
+          value: {{ .Values.clusterEnqueueDelay }}
+        {{- end }}
+        {{- if .Values.proxy }}
+        - name: HTTP_PROXY
+          value: {{ .Values.proxy }}
+        - name: HTTPS_PROXY
+          value: {{ .Values.proxy }}
+        - name: NO_PROXY
+          value: {{ .Values.noProxy }}
+        {{- end }}
+        {{- if .Values.cpuPprof }}
+        - name: FLEET_CPU_PPROF_DIR
+          value: /tmp/pprof/
+        {{- end }}
+        {{- if .Values.cpuPprof }}
+        - name: FLEET_CPU_PPROF_PERIOD
+          value: {{ quote .Values.cpuPprof.period }}
+        {{- end }}
+        {{- if .Values.debug }}
+        - name: CATTLE_DEV_MODE
+          value: "true"
+        {{- end }}
+        image: '{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}'
+        name: fleet-controller
+        imagePullPolicy: "{{ .Values.image.imagePullPolicy }}"
+        command:
+        - fleetcontroller
+        {{- if not .Values.gitops.enabled }}
+        - --disable-gitops
+        {{- end }}
+        {{- if not .Values.bootstrap.enabled }}
+        - --disable-bootstrap
+        {{- end }}
+        {{- if .Values.debug }}
+        - --debug
+        - --debug-level
+        - {{ quote .Values.debugLevel }}
+        {{- else }}
+        securityContext:
+          allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
+          privileged: false
+          capabilities:
+            drop:
+            - ALL
+        {{- end }}
+        volumeMounts:
+          - mountPath: /tmp
+            name: tmp
+        {{- if .Values.cpuPprof }}
+          - mountPath: /tmp/pprof
+            name: pprof
+        {{- end }}
+      volumes:
+        - name: tmp
+          emptyDir: {}
+      {{- if .Values.cpuPprof }}
+        - name: pprof {{ toYaml .Values.cpuPprof.volumeConfiguration | nindent 10 }}
+      {{- end }}
+
+      serviceAccountName: fleet-controller
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      {{- if .Values.priorityClassName }}
+      priorityClassName: "{{.Values.priorityClassName}}"
+      {{- end }}
+
+{{- if not .Values.debug }}
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+        runAsGroup: 1000
+{{- end }}
diff --git a/charts/fleet/103.1.13+up0.9.15/templates/job_cleanup_clusterregistrations.yaml b/charts/fleet/103.1.13+up0.9.15/templates/job_cleanup_clusterregistrations.yaml
new file mode 100644
index 0000000000..17d1ba7864
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/templates/job_cleanup_clusterregistrations.yaml
@@ -0,0 +1,40 @@
+{{- if .Values.migrations.clusterRegistrationCleanup }}
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: fleet-cleanup-clusterregistrations
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade
+    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
+spec:
+  template:
+    metadata:
+      labels:
+        app: fleet-job
+    spec:
+      serviceAccountName: fleet-controller
+      restartPolicy: Never
+      securityContext:
+        runAsNonRoot: true
+        runAsGroup: 1000
+        runAsUser: 1000
+      containers:
+      - name: cleanup
+        image: "{{ template "system_default_registry" . }}{{.Values.agentImage.repository}}:{{.Values.agentImage.tag}}"
+        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
+        securityContext:
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+            - ALL
+          readOnlyRootFilesystem: false
+          privileged: false
+        command:
+        - fleet
+        args:
+        - cleanup
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+  backoffLimit: 1
+{{- end }}
diff --git a/charts/fleet/103.1.13+up0.9.15/templates/rbac.yaml b/charts/fleet/103.1.13+up0.9.15/templates/rbac.yaml
new file mode 100644
index 0000000000..361d68c08b
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/templates/rbac.yaml
@@ -0,0 +1,114 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: fleet-controller
+rules:
+- apiGroups:
+  - gitjob.cattle.io
+  resources:
+  - '*'
+  verbs:
+  - '*'
+- apiGroups:
+  - fleet.cattle.io
+  resources:
+  - '*'
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - namespaces
+  - serviceaccounts
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  - configmaps
+  verbs:
+  - '*'
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - clusterroles
+  - clusterrolebindings
+  - roles
+  - rolebindings
+  verbs:
+  - '*'
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: fleet-controller
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: fleet-controller
+subjects:
+- kind: ServiceAccount
+  name: fleet-controller
+  namespace: {{.Release.Namespace}}
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: fleet-controller
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - '*'
+- apiGroups:
+  - coordination.k8s.io
+  resources:
+  - leases
+  verbs:
+  - '*'
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: fleet-controller
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: fleet-controller
+subjects:
+- kind: ServiceAccount
+  name: fleet-controller
+
+{{- if .Values.bootstrap.enabled }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: fleet-controller-bootstrap
+rules:
+- apiGroups:
+  - '*'
+  resources:
+  - '*'
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: fleet-controller-bootstrap
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: fleet-controller-bootstrap
+subjects:
+- kind: ServiceAccount
+  name: fleet-controller-bootstrap
+  namespace: {{.Release.Namespace}}
+{{- end }}
diff --git a/charts/fleet/103.1.13+up0.9.15/templates/serviceaccount.yaml b/charts/fleet/103.1.13+up0.9.15/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..ba27c748d7
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/templates/serviceaccount.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: fleet-controller
+
+{{- if .Values.bootstrap.enabled }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: fleet-controller-bootstrap
+{{- end }}
diff --git a/charts/fleet/103.1.13+up0.9.15/values.yaml b/charts/fleet/103.1.13+up0.9.15/values.yaml
new file mode 100644
index 0000000000..7da936a818
--- /dev/null
+++ b/charts/fleet/103.1.13+up0.9.15/values.yaml
@@ -0,0 +1,87 @@
+image:
+  repository: rancher/fleet
+  tag: v0.9.15
+  imagePullPolicy: IfNotPresent
+
+agentImage:
+  repository: rancher/fleet-agent
+  tag: v0.9.15
+  imagePullPolicy: IfNotPresent
+
+# For cluster registration the public URL of the Kubernetes API server must be set here
+# Example: https://example.com:6443
+apiServerURL: ""
+
+# For cluster registration the pem encoded value of the CA of the Kubernetes API server must be set here
+# If left empty it is assumed this Kubernetes API TLS is signed by a well known CA.
+apiServerCA: ""
+
+# Determines whether the agent should trust CA bundles from the operating system's trust store when connecting to a
+# management cluster. True in `system-store` mode, false in `strict` mode.
+agentTLSMode: "system-store"
+
+# A duration string for how often agents should report a heartbeat
+agentCheckinInterval: "15m"
+
+# Whether you want to allow cluster upon registration to specify their labels.
+ignoreClusterRegistrationLabels: false
+
+# Counts from gitrepo are out of sync with bundleDeployment state.
+# Just retry in a number of seconds as there is no great way to trigger an event that doesn't cause a loop.
+# If not set default is 15 seconds.
+# clusterEnqueueDelay: 120s
+
+# http[s] proxy server
+# proxy: http://<username>@<password>:<url>:<port>
+
+# comma separated list of domains or ip addresses that will not use the proxy
+noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local
+
+bootstrap:
+  enabled: true
+  # The namespace that will be autocreated and the local cluster will be registered in
+  namespace: fleet-local
+  # The namespace where the fleet agent for the local cluster will be ran, if empty
+  # this will default to cattle-fleet-system
+  agentNamespace: ""
+  # A repo to add at install time that will deploy to the local cluster. This allows
+  # one to fully bootstrap fleet, its configuration and all its downstream clusters
+  # in one shot.
+  repo: ""
+  secret: ""
+  branch: master
+  paths: ""
+
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+
+## PriorityClassName assigned to deployment.
+priorityClassName: ""
+
+gitops:
+  enabled: true
+
+debug: false
+debugLevel: 0
+propagateDebugSettingsToAgents: true
+
+## Optional CPU pprof configuration. Profiles are collected continuously and saved every period
+## Any valid volume configuration can be provided, the example below uses hostPath
+#cpuPprof:
+#  period: "60s"
+#  volumeConfiguration:
+#    hostPath:
+#      path: /tmp/pprof
+#      type: DirectoryOrCreate
+
+migrations:
+  clusterRegistrationCleanup: true
diff --git a/index.yaml b/index.yaml
index f82de51200..78c6f6ee5f 100755
--- a/index.yaml
+++ b/index.yaml
@@ -1292,6 +1292,32 @@ entries:
     urls:
     - assets/fleet/fleet-104.0.0+up0.10.0.tgz
     version: 104.0.0+up0.10.0
+  - annotations:
+      catalog.cattle.io/auto-install: fleet-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/experimental: "true"
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+      catalog.cattle.io/namespace: cattle-fleet-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/provides-gvr: clusters.fleet.cattle.io/v1alpha1
+      catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+      catalog.cattle.io/release-name: fleet
+    apiVersion: v2
+    appVersion: 0.9.15
+    created: "2025-02-25T21:49:59.629911312-03:00"
+    dependencies:
+    - condition: gitops.enabled
+      name: gitjob
+      repository: file://./charts/gitjob
+    description: Fleet Manager - GitOps at Scale
+    digest: ffc5a0eb1db89082a5544cdc8da674861a8afb1a7c769310c7b275062bd6af46
+    icon: https://charts.rancher.io/assets/logos/fleet.svg
+    name: fleet
+    urls:
+    - assets/fleet/fleet-103.1.13+up0.9.15.tgz
+    version: 103.1.13+up0.9.15
   - annotations:
       catalog.cattle.io/auto-install: fleet-crd=match
       catalog.cattle.io/certified: rancher
diff --git a/release.yaml b/release.yaml
index dc64453c0f..f379deb4af 100644
--- a/release.yaml
+++ b/release.yaml
@@ -6,6 +6,7 @@ rancher-logging-crd:
   - 104.2.0+up4.8.0
 fleet:
   - 104.1.5+up0.10.9
+  - 103.1.13+up0.9.15
 fleet-crd:
   - 104.1.5+up0.10.9
 fleet-agent:

From 4755590445095ec1b2e46566476cd4a90aa4a8b6 Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:51:21 -0300
Subject: [PATCH 14/19] fp: fleet-agent 103.1.13+up0.9.15

---
 .../fleet-agent-103.1.13+up0.9.15.tgz         | Bin 0 -> 3204 bytes
 .../fleet-agent/103.1.13+up0.9.15/Chart.yaml  |  15 ++++
 .../fleet-agent/103.1.13+up0.9.15/README.md   |   8 +++
 .../103.1.13+up0.9.15/templates/_helpers.tpl  |  22 ++++++
 .../templates/configmap.yaml                  |  13 ++++
 .../templates/deployment.yaml                 |  51 +++++++++++++
 .../templates/network_policy_allow_all.yaml   |  15 ++++
 .../patch_default_serviceaccount.yaml         |  28 ++++++++
 .../103.1.13+up0.9.15/templates/rbac.yaml     |  28 ++++++++
 .../103.1.13+up0.9.15/templates/secret.yaml   |  10 +++
 .../templates/serviceaccount.yaml             |   4 ++
 .../103.1.13+up0.9.15/templates/validate.yaml |  11 +++
 .../fleet-agent/103.1.13+up0.9.15/values.yaml |  67 ++++++++++++++++++
 index.yaml                                    |  19 +++++
 release.yaml                                  |   1 +
 15 files changed, 292 insertions(+)
 create mode 100644 assets/fleet-agent/fleet-agent-103.1.13+up0.9.15.tgz
 create mode 100644 charts/fleet-agent/103.1.13+up0.9.15/Chart.yaml
 create mode 100644 charts/fleet-agent/103.1.13+up0.9.15/README.md
 create mode 100644 charts/fleet-agent/103.1.13+up0.9.15/templates/_helpers.tpl
 create mode 100644 charts/fleet-agent/103.1.13+up0.9.15/templates/configmap.yaml
 create mode 100644 charts/fleet-agent/103.1.13+up0.9.15/templates/deployment.yaml
 create mode 100644 charts/fleet-agent/103.1.13+up0.9.15/templates/network_policy_allow_all.yaml
 create mode 100644 charts/fleet-agent/103.1.13+up0.9.15/templates/patch_default_serviceaccount.yaml
 create mode 100644 charts/fleet-agent/103.1.13+up0.9.15/templates/rbac.yaml
 create mode 100644 charts/fleet-agent/103.1.13+up0.9.15/templates/secret.yaml
 create mode 100644 charts/fleet-agent/103.1.13+up0.9.15/templates/serviceaccount.yaml
 create mode 100644 charts/fleet-agent/103.1.13+up0.9.15/templates/validate.yaml
 create mode 100644 charts/fleet-agent/103.1.13+up0.9.15/values.yaml

diff --git a/assets/fleet-agent/fleet-agent-103.1.13+up0.9.15.tgz b/assets/fleet-agent/fleet-agent-103.1.13+up0.9.15.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..5beb26afef8ce6f5496c869127da1ff8c1507b1f
GIT binary patch
literal 3204
zcmV-~414n*iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI|CbK5wQ&S(CLF1ofd$(huft<19SuFB^)d)afmDcjkrt86L@
zku3>p5a0lyJX($Z`xRa&k(6vD8IL_PtNvh1Km%xijRy~!fW{0_M`VIrcTT57>Ud6a
z_Uu8W+wFFTM@RO5x7%(1?{$Yq&w59%j*o|f-qG;*S+_Sh>K;FX?!%g~T}q{ieAfNh
zZM8f18xg{}&_q+gRT2QCL=z?^aZ0pi7*o+nQEED-m?a<yPp2ris!eH@Ax|LGvczz!
z%1t@KXogZz!4r7?pZ@{9xIc)yQ5XK*eEg&N_<U<oPI6QQNihMJ7&*UHbEPrgT12P>
z80F=UTXPGPIn^p!X&v5Do{3wvRoi#GX?#Ea-rL@f?=f8>L!vM;T}Yrd-2zh3zg88_
z`T;45)z@zP$GCSKWT;X}3vJWhn4<8Ga56y&C#DLB;7?TlrBFaLT&09zKvSbT)w)ng
zr<0l)tzvJ#F^4FHT6LJ12-UIH#A-GPHmzIrwbvcQy|_2{x3chNJ+;s7<>91`|1-i$
zR1d!Z?7;uQaM*3*|M2M59{(RhXig?*kl!F-=t1z%LZU%&iG@&93proGf2WQT0Gdn^
zn0aIf4&Zu<P?RG^Q}}Rs4q^;?its<>2qj023Qpd?1%+~k5@g9a<rAyXgtxp@8b$~T
zHB3=rZ~$jNlDuHJ1~+sGaVqj;cyu%{fO=&s{&0DoKp0l$nCc760eLDi%)t72W!dS;
zH`*8n2k>?b496NUFZ3L!2C9H4Rpyw1o>JAW^ZNYCs3<z&n89cc1a6TrxZ&cK!|6%9
z?!)Ox)rHrn&1%I_!R-|F6s0xBJ^)ZtQL+rQGy`^e0;7^=3>A!}$gP?vP!er=;1<j0
z$}1}^B$^sIq=Iuyt&$c%f&<8HA9K?}%1WhC#&9i51j^y>uA<0R@OQ{XhKDdFO!-_b
zX{ud%99S!_&#&Hz3=;_JMOV+qw*V3+RB371h<iwZ7B`kvSlx3nLZ+;VS!Vv}TH&$~
zyjg?bY#y5i=0GF@7uuA=49HmfF&vXr$H4)!6(_*~z*vX`MntY{qh=7^zOKBaYR_1q
zlt?Mj2)9&E1E>1-b=~z=#HC&Q7OhdvVDsJ8U^6e)Y-d|dso<K>l~ejcs@ZvksYI;;
zH{h4GtcyFiR8>z!s)7S}Z>bAp!VX?KC4Ay$(+HWkHIvi&OvxE41#?k?M8eqI`ZL^4
ziMENRqnV(55>T#Da>5MYxMuFMX2tBBCuWz9MqO<1lxlcHhF8ci)j|T{#yuFi4l5Xo
z`jpAAU}A23JFpd5DrGD>IDiY0Avkxir3#Um$4n<YcW`%b0GBvkgV4=tf*W>~iBxq;
zg)*9yG{cUuDpJ-gDtO1151?Ue0*j@q_nazi+{EO9dBWQIy6*_WcM^Xnsl*1VSQb5e
zVSsqu;RHT@3XEl`X1}kF1ppD;;5@OF#VHeIR!A|U8Ope6a>*&Dni59;iCF*u9tw?R
z;n@!*VWCa6KvUbe0N{9xsZQWRT%}XYN`^r&VPfR`*12h7HJz8f#xW_G_LFRGXDvW&
z{I{>8Ucu(ORkRoPd+~7)WH>4(iNjR)<s4_o66iiS_pb9ljd{U{M%DQ|MOL6xu`V8f
z3V!|me`vDz{O=KDv4|kUG38h-&Yv^q&Y%5yG7lkIE(4=T#}NP3Z4%sksP?&A=fSF2
zAt~2m2>+lu;Wt%)hFer$!nHlfvyIQeV$pdS{I4Uj>*ba*W?6&poP!~YgqG`CI8ldz
zQE`i#ORldXTEMN4H%yRBL27B2VW=J=JRuPZ>oo>1JKnx(kZopU@v~OB>ywAJupY%Q
zP*OqEik4Rh6|N!5ByR#-Yh<>Xp*&za8=4@xj-u3RdTO8D%frcb{7(fR(@9Q>2MGr3
z!2j-1Z`j8F!9M=`IC4XImcXff-tS1!3`+Kb95u;^CWggq#t5q%=Pn8S6j?H}uzvv-
zi~5S;$>(zEb3>O9CX0m@e^!FGG?&Z6bv*`o)+MW*R+xl~MOCUwTrR_^U|8RMh6&WP
z>p9D%<9*A2!N}(J`M=&GJp=&knE(CbSMB)U@VLL9|BoW|`A&*Lb!NT5VZ!V6Hu-)O
zPz9!TLtkzD>}1M`PN(NSu;Qj8DT-!EfXd~3nOZwWSflvX3IM9+jrh<A%2gplT4w7S
zB5(i2$-A?w_a~=ks~pd=-bj%rwM2k1MV6VZaU<2IzbAT{tn7|gL7J7Wi?71-#bVXh
zdx&-n%jFuQY}t6dbzCl!cBUqi<?{Kewatf9<)k9d3D4>yVbz*iEs}4yo@?ASg`&tN
zZl*-cY*B0Jiv|2p3XRR$>_)a;<%-|e(iEnpq<VfTxW*rKedGya;`Y6yGs<v+XDTI(
zxc6gjx4hPrNV30hHop`?zo87>peJDV`8Bnosw>;9A|(YGQARaI)qMP!6h$*7f|K*}
zX0PgNmO?qBDW0UMD7oGYWBKRTjGruk@|2a?U3@);pMX=IA=mIdY;Mxl;jOq4AG4aE
z#s86<?Nt5=+ATCX)(AV@VR2)l^A$$dcVD|~uIt`uvTuqDeV32l>3Xu{C+b3Q<4!Fn
zvRNM#$^?4dZnv5KCn?IpXVfftYTU16`})sOo2~BWLNJ=nKif%X{(c)9*v0<`!+vx9
z@Ar<5_VJ%bktm89oZmlr$|v#7_cjEuA_NyM>%H}fEu6qFXOZ<5^VjG2@cv@4nse1_
zfVlMzz)Xy4IWI)kiX>A$k*ItO*rs4R!TIa;yg;A&)|IiJ&)mnS9`Rq7Y@h#yA#W>w
z;@2+X)~>I|fL;8*d)%J?{r-ObKaRBL|HwS~^_>5+7;Ty9);+2hbtC|2ogxDWr^xbH
zO*>N|Zo&i#p>#yK(uA=?_pK}@l4Q849%aZ-W8@}tn1D@GWtt*pm>t3h$3kLclT(Sd
z-4$*$cNF!_!Ix1miN+zcLpcL_Gkf9<?$}+p0kMPN#1sDTYY2ZkDDK}3)u=yM?thn_
zCWgU;O&i{qj8(nZEZS13v+ruF03So&KzInDedgvv6Aes?@0R%(73S~aZy_nQ$c@5P
zW7Mz34f4N*o@y_{PwTy%oG8;|#KXfcTq{2PGOW28)!meNtL9_#<&_icBFozp?=f~n
z(i<@zpVOS`1bX{*^LHuR*MB)8>BF4^-1+|Zc+iUf9ryR={~kx`YrlQ!q|{R(=|3$%
zZ0rF}-TTx_!SMd5pg+J9)sv(tB}-<=c?6`Oc5m#N`tz61?Ri5bN||CKafWhKONf9A
ze(4oIT%P-^@MYN4H3@Bc^L1VPFUm8@C*Ri7Xyi+qFFt-)_4yt{0)Wk-{+a<+<>()n
zYCFcRrsfj7HHO>Tsm1=dRlHhme?=jSy*!|7$A5Qv@S#?KUGbmeLBEav!~SrO|BoT9
z_q`R$-Fs{_Tr5VzBjo9dTHd4X_9a_Rwr*6?)^R1P6TlnlHpA((4t{T_*7I8>>@n-R
z3!I)9{R&3Sq}Z_-jD*l;42s_fT;4VRe_q6=DZA!>uiKvguLgVm_c+p;|62*e{jYzY
zx(9ptIkJ8J&j_O#(fBY7VCVjCuyOvkH`vF2A4L`mItGrg$@stMZOvi<V?r5xSDo>_
zo>B$&+Ue>Jmk;}529(=t80)Jne^5Y_P4m}eZC)K-!kuQkaCRWi+!@y`{n@Nz^H#}I
z^=8wOZ5^t;u&$Gty3t`HgDUX1D(t~zca`qY-i*nG(!l5qvN;f@M4b$U^|qhdH}~?(
zOCA3&&rV*yJB#z|f!o-H|Gj=Y{?~ss80_)?G34OD-)eO~DDdCNa<IPx5(H;6lyjFG
zd6a@o+;XKQlDv7fLY5o|_ZRH+lxX`FspK>@e8Rp<s4i@}=2F466pY!6r3PhPQL5k{
z251Qv_M)podvmOIFKk^<t?uS}B;GVG4uUI9ct)7uRm-I^MN5V5hOR^Rv5?M!$Xy!K
zm^JQG#_&c+$c046P!q}&C`9;pUztzeRd?y!?<~}Qg~6K_)zuGLb-joKXE5b(>54)o
zP}#+xY5pOMN)7f^D5|YD9TgN(OeD#3qG?JPo5w+Ly?Pp%NK2#U?v9#jk!$I$&Q+uP
qF%v1=;z&`A_jK(={M0VJm%Z#|FMIg{`Tqa_0RR6#)M<7AOaK6H6JsF&

literal 0
HcmV?d00001

diff --git a/charts/fleet-agent/103.1.13+up0.9.15/Chart.yaml b/charts/fleet-agent/103.1.13+up0.9.15/Chart.yaml
new file mode 100644
index 0000000000..5ebcf31364
--- /dev/null
+++ b/charts/fleet-agent/103.1.13+up0.9.15/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+  catalog.cattle.io/namespace: cattle-fleet-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+  catalog.cattle.io/release-name: fleet-agent
+apiVersion: v2
+appVersion: 0.9.15
+description: Fleet Manager Agent - GitOps at Scale
+icon: https://charts.rancher.io/assets/logos/fleet.svg
+name: fleet-agent
+version: 103.1.13+up0.9.15
diff --git a/charts/fleet-agent/103.1.13+up0.9.15/README.md b/charts/fleet-agent/103.1.13+up0.9.15/README.md
new file mode 100644
index 0000000000..2c5724dcef
--- /dev/null
+++ b/charts/fleet-agent/103.1.13+up0.9.15/README.md
@@ -0,0 +1,8 @@
+## Fleet Agent Helm Chart
+
+Every Fleet-managed downstream cluster will run an agent that communicates back to the Fleet controller. This agent is just another set of Kubernetes controllers running in the downstream cluster.
+
+Standalone Fleet users use this chart for agent-initiated registration. For more details see [agent-initiated registration](https://fleet.rancher.io/cluster-registration#agent-initiated).
+Fleet in Rancher does not use this chart, but creates the agent deployments programmatically.
+
+The Fleet documentation is centralized in the [doc website](https://fleet.rancher.io/).
\ No newline at end of file
diff --git a/charts/fleet-agent/103.1.13+up0.9.15/templates/_helpers.tpl b/charts/fleet-agent/103.1.13+up0.9.15/templates/_helpers.tpl
new file mode 100644
index 0000000000..6cd96c3ace
--- /dev/null
+++ b/charts/fleet-agent/103.1.13+up0.9.15/templates/_helpers.tpl
@@ -0,0 +1,22 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
\ No newline at end of file
diff --git a/charts/fleet-agent/103.1.13+up0.9.15/templates/configmap.yaml b/charts/fleet-agent/103.1.13+up0.9.15/templates/configmap.yaml
new file mode 100644
index 0000000000..f3e83a89cc
--- /dev/null
+++ b/charts/fleet-agent/103.1.13+up0.9.15/templates/configmap.yaml
@@ -0,0 +1,13 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: fleet-agent
+data:
+  config: |-
+    {
+      {{ if .Values.labels }}
+      "labels":{{toJson .Values.labels}},
+      {{ end }}
+      "clientID":"{{.Values.clientID}}",
+      "agentTLSMode": "{{.Values.agentTLSMode}}"
+    }
diff --git a/charts/fleet-agent/103.1.13+up0.9.15/templates/deployment.yaml b/charts/fleet-agent/103.1.13+up0.9.15/templates/deployment.yaml
new file mode 100644
index 0000000000..582eed608d
--- /dev/null
+++ b/charts/fleet-agent/103.1.13+up0.9.15/templates/deployment.yaml
@@ -0,0 +1,51 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: fleet-agent
+spec:
+  selector:
+    matchLabels:
+      app: fleet-agent
+  template:
+    metadata:
+      labels:
+        app: fleet-agent
+    spec:
+      containers:
+      - env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        image: '{{ template "system_default_registry" . }}{{.Values.image.repository}}:{{.Values.image.tag}}'
+        name: fleet-agent
+        command:
+        - fleetagent
+        {{- if .Values.debug }}
+        - --debug
+        - --debug-level
+        - {{ quote .Values.debugLevel }}
+        {{- else }}
+        securityContext:
+          allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
+          privileged: false
+          capabilities:
+            drop:
+            - ALL
+        {{- end }}
+      serviceAccountName: fleet-agent
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.fleetAgent.nodeSelector }}
+{{ toYaml .Values.fleetAgent.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.fleetAgent.tolerations }}
+{{ toYaml .Values.fleetAgent.tolerations | indent 8 }}
+{{- end }}
+{{- if not .Values.debug }}
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+        runAsGroup: 1000
+{{- end }}
diff --git a/charts/fleet-agent/103.1.13+up0.9.15/templates/network_policy_allow_all.yaml b/charts/fleet-agent/103.1.13+up0.9.15/templates/network_policy_allow_all.yaml
new file mode 100644
index 0000000000..a72109a062
--- /dev/null
+++ b/charts/fleet-agent/103.1.13+up0.9.15/templates/network_policy_allow_all.yaml
@@ -0,0 +1,15 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: default-allow-all
+  namespace: {{ .Values.internal.systemNamespace }}
+spec:
+  podSelector: {}
+  ingress:
+  - {}
+  egress:
+  - {}
+  policyTypes:
+  - Ingress
+  - Egress
diff --git a/charts/fleet-agent/103.1.13+up0.9.15/templates/patch_default_serviceaccount.yaml b/charts/fleet-agent/103.1.13+up0.9.15/templates/patch_default_serviceaccount.yaml
new file mode 100644
index 0000000000..aad4eea415
--- /dev/null
+++ b/charts/fleet-agent/103.1.13+up0.9.15/templates/patch_default_serviceaccount.yaml
@@ -0,0 +1,28 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: patch-fleet-sa
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade
+    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
+spec:
+  template:
+    spec:
+      serviceAccountName: fleet-agent
+      restartPolicy: Never
+      containers:
+      - name: sa
+        image: "{{ template "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }}"
+        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
+        command: ["kubectl", "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"]
+        args: ["-n", {{ .Values.internal.systemNamespace }}]
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.kubectl.nodeSelector }}
+{{ toYaml .Values.kubectl.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.kubectl.tolerations }}
+{{ toYaml .Values.kubectl.tolerations | indent 8 }}
+{{- end }}
+  backoffLimit: 1
diff --git a/charts/fleet-agent/103.1.13+up0.9.15/templates/rbac.yaml b/charts/fleet-agent/103.1.13+up0.9.15/templates/rbac.yaml
new file mode 100644
index 0000000000..1a7e8d8841
--- /dev/null
+++ b/charts/fleet-agent/103.1.13+up0.9.15/templates/rbac.yaml
@@ -0,0 +1,28 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: fleet-agent-system-fleet-agent-role
+rules:
+- apiGroups:
+  - '*'
+  resources:
+  - '*'
+  verbs:
+  - '*'
+- nonResourceURLs:
+  - "*"
+  verbs:
+  - "*"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: fleet-agent-system-fleet-agent-role-binding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: fleet-agent-system-fleet-agent-role
+subjects:
+- kind: ServiceAccount
+  name: fleet-agent
+  namespace: {{.Release.Namespace}}
diff --git a/charts/fleet-agent/103.1.13+up0.9.15/templates/secret.yaml b/charts/fleet-agent/103.1.13+up0.9.15/templates/secret.yaml
new file mode 100644
index 0000000000..4715882047
--- /dev/null
+++ b/charts/fleet-agent/103.1.13+up0.9.15/templates/secret.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+data:
+  systemRegistrationNamespace: "{{b64enc .Values.systemRegistrationNamespace}}"
+  clusterNamespace: "{{b64enc .Values.clusterNamespace}}"
+  token: "{{b64enc .Values.token}}"
+  apiServerURL: "{{b64enc .Values.apiServerURL}}"
+  apiServerCA: "{{b64enc .Values.apiServerCA}}"
+kind: Secret
+metadata:
+  name: fleet-agent-bootstrap
diff --git a/charts/fleet-agent/103.1.13+up0.9.15/templates/serviceaccount.yaml b/charts/fleet-agent/103.1.13+up0.9.15/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..73e27f0be9
--- /dev/null
+++ b/charts/fleet-agent/103.1.13+up0.9.15/templates/serviceaccount.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: fleet-agent
diff --git a/charts/fleet-agent/103.1.13+up0.9.15/templates/validate.yaml b/charts/fleet-agent/103.1.13+up0.9.15/templates/validate.yaml
new file mode 100644
index 0000000000..d53ff1c508
--- /dev/null
+++ b/charts/fleet-agent/103.1.13+up0.9.15/templates/validate.yaml
@@ -0,0 +1,11 @@
+{{if ne .Release.Namespace .Values.internal.systemNamespace }}
+{{ fail (printf "This chart must be installed in the namespace %s as the release name fleet-agent" .Values.internal.systemNamespace) }}
+{{end}}
+
+{{if ne .Release.Name .Values.internal.managedReleaseName }}
+{{ fail (printf "This chart must be installed in the namespace %s as the release name fleet-agent" .Values.internal.managedReleaseName) }}
+{{end}}
+
+{{if not .Values.apiServerURL }}
+{{ fail "apiServerURL is required to be set, and most likely also apiServerCA" }}
+{{end}}
diff --git a/charts/fleet-agent/103.1.13+up0.9.15/values.yaml b/charts/fleet-agent/103.1.13+up0.9.15/values.yaml
new file mode 100644
index 0000000000..ae03ceba32
--- /dev/null
+++ b/charts/fleet-agent/103.1.13+up0.9.15/values.yaml
@@ -0,0 +1,67 @@
+image:
+  os: "windows,linux"
+  repository: rancher/fleet-agent
+  tag: v0.9.15
+
+# The public URL of the Kubernetes API server running the Fleet Manager must be set here
+# Example: https://example.com:6443
+apiServerURL: ""
+
+# The the pem encoded value of the CA of the Kubernetes API server running the Fleet Manager.
+# If left empty it is assumed this Kubernetes API TLS is signed by a well known CA.
+apiServerCA: ""
+
+# Determines whether the agent should trust CA bundles from the operating system's trust store when connecting to a
+# management cluster. True in `system-store` mode, false in `strict` mode.
+agentTLSMode: "system-store"
+
+# The cluster registration value
+token: ""
+
+# Labels to add to the cluster upon registration only. They are not added after the fact.
+#labels:
+#  foo: bar
+
+# The client ID of the cluster to associate with
+clientID: ""
+
+# The namespace of the cluster we are register with
+clusterNamespace: ""
+
+# The namespace containing the clusters registration secrets
+systemRegistrationNamespace: cattle-fleet-clusters-system
+
+# Please do not change the below setting unless you really know what you are doing
+internal:
+  systemNamespace: cattle-fleet-system
+  managedReleaseName: fleet-agent
+
+# The nodeSelector and tolerations for the agent deployment
+fleetAgent:
+  ## Node labels for pod assignment
+  ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+  ##
+  nodeSelector: {}
+  ## List of node taints to tolerate (requires Kubernetes >= 1.6)
+  tolerations: []
+kubectl:
+  ## Node labels for pod assignment
+  ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+  ##
+  nodeSelector: {}
+  ## List of node taints to tolerate (requires Kubernetes >= 1.6)
+  tolerations:
+  - key: node.cloudprovider.kubernetes.io/uninitialized
+    operator: "Equal"
+    value: "true"
+    effect: NoSchedule
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+  kubectl:
+    repository: rancher/kubectl
+    tag: v1.21.5
+
+debug: false
+debugLevel: 0
diff --git a/index.yaml b/index.yaml
index 78c6f6ee5f..3382832577 100755
--- a/index.yaml
+++ b/index.yaml
@@ -2230,6 +2230,25 @@ entries:
     urls:
     - assets/fleet-agent/fleet-agent-104.0.0+up0.10.0.tgz
     version: 104.0.0+up0.10.0
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+      catalog.cattle.io/namespace: cattle-fleet-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+      catalog.cattle.io/release-name: fleet-agent
+    apiVersion: v2
+    appVersion: 0.9.15
+    created: "2025-02-25T21:50:58.025196698-03:00"
+    description: Fleet Manager Agent - GitOps at Scale
+    digest: b79e59689ae444b4ae5693db5266bab2437937bfdf60aace8845a653e222a0ec
+    icon: https://charts.rancher.io/assets/logos/fleet.svg
+    name: fleet-agent
+    urls:
+    - assets/fleet-agent/fleet-agent-103.1.13+up0.9.15.tgz
+    version: 103.1.13+up0.9.15
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
diff --git a/release.yaml b/release.yaml
index f379deb4af..e1e3dcb594 100644
--- a/release.yaml
+++ b/release.yaml
@@ -11,6 +11,7 @@ fleet-crd:
   - 104.1.5+up0.10.9
 fleet-agent:
   - 104.1.5+up0.10.9
+  - 103.1.13+up0.9.15
 rancher-monitoring:
   - 104.1.4+up57.0.3
 rancher-monitoring-crd:

From 2781161a5b0da86f14358d9f26bd00e94231371a Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:51:58 -0300
Subject: [PATCH 15/19] fp: fleet-crd 103.1.13+up0.9.15

---
 .../fleet-crd/fleet-crd-103.1.13+up0.9.15.tgz |  Bin 0 -> 50477 bytes
 charts/fleet-crd/103.1.13+up0.9.15/Chart.yaml |   13 +
 charts/fleet-crd/103.1.13+up0.9.15/README.md  |    5 +
 .../103.1.13+up0.9.15/templates/crds.yaml     | 6859 +++++++++++++++
 .../templates/gitjobs-crds.yaml               | 7690 +++++++++++++++++
 .../fleet-crd/103.1.13+up0.9.15/values.yaml   |    1 +
 index.yaml                                    |   17 +
 release.yaml                                  |    1 +
 8 files changed, 14586 insertions(+)
 create mode 100644 assets/fleet-crd/fleet-crd-103.1.13+up0.9.15.tgz
 create mode 100644 charts/fleet-crd/103.1.13+up0.9.15/Chart.yaml
 create mode 100644 charts/fleet-crd/103.1.13+up0.9.15/README.md
 create mode 100644 charts/fleet-crd/103.1.13+up0.9.15/templates/crds.yaml
 create mode 100644 charts/fleet-crd/103.1.13+up0.9.15/templates/gitjobs-crds.yaml
 create mode 100644 charts/fleet-crd/103.1.13+up0.9.15/values.yaml

diff --git a/assets/fleet-crd/fleet-crd-103.1.13+up0.9.15.tgz b/assets/fleet-crd/fleet-crd-103.1.13+up0.9.15.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..d0b7ed5eb4f11130986462e526d31d70f0ec16f9
GIT binary patch
literal 50477
zcmbTdQ<!GK(yd#z(Pi7V?drl;>auOywr$(!vTfV8jniwLfA43XeR<|ZX3ogSc^f&#
ze1jko3JvH#&kq$4jlQH3qoJf6yR17Gn*oa|qmeS3`5$F2_TQ?i>~d;W7Wy_u?f^ww
zK1pLMYoN<6YuC+|W(FUf59Qs8D<y{tthML`((ckywd5>7G@Yl0OT+ukl{F)&34{b`
zFG${@xmwSMuRiGRLL3lhM*LNhTcWy1KrcjHJ%O)hI&y(Yxa9Ad74@<=h?6zn%fEa+
zpRaeex%|OD{63#;A3GyGU+0lOZugIs3_YJ$7{7DApDTadJ`W@RZCv^0jeOus>e3YV
z?+f7Xd}wZsc@x9445O<ivAkU(3qz}N9#pyqB#)0~-7f?|iKQkL&BXQ6YM{=2tY(x@
z>Ceo@qmXf(dk5`hje<}dVln$>rB6|CD8+Zapws8(M>X7g-_(L5bE!C}@;N(5XpG+&
z-7Ewcfypp047i0<c>h3QJVFwa9$jL!e@&5Sp)Cmz%=DxSyxl8G8xfo3@7nI1W6a4+
z-bO$<=|~SfaERV3ksb!nQWXkLO0drTu1%&sY+P6nC7|bOMOz%`Q$iv8&C<Ppk0#EN
z+FB{GHMiAX&+Gm<^f~r9hS5V0%Tv`=<?H=zYp;sp4h4b4{S%vOll{Yx<HeNy6Kd8Y
zXuAR^Ae(|JKv67#TEM|HU4w}4RLK0gY%KTAs^<TRI1~#(k1q|Ed>M!II{6t(WFQdm
z`OKVt^L<}hs4aQ;L9%AgY_<{9Qn=SaF8Lul;n0=wR@>rtcM{Qfx4LcjOhOG-uBuBR
znnZ7*)X0cWLc`iQ45H%VNY!#C5=a1-dVHYio9N$mkIt2oAWSAS;{Sm>eJD6b^`UN1
z+O0YXysa#<QZZ4t`uT>+7e<mAq;ns!!R#^IQA#Mj$NIA`n;-!-7KCw#)$ZUR^A1Ji
zNwA?mg(R<R@p@#LpI*v&qLJRQGsW^l!sQvg^p2Gw6RbjYLX|8Q!r{n*eY(mf(iM3{
zuqciwPA#-XUGb2`QqgvL_GLW7Ft<gKl}<I$^ZDKQ!?JSob?qu)3nkAXk^AGEgGzN5
zVdedRz5VPv%j^CDW;%o|Q16>GmT}ltLcsvV<LUi2fU%NIfMfw}F|xH)aMP-kfJV=y
zZ__q34C9nmELr28UL0n>bc&h}&Qx0rh!Zu=d@Ed@5vYL{S-qC~f^RL8v=35DNLE7j
zXB0`23f2%t(rwX^v`cAT1|iz~7I&p~bZU9xAceX#Eg@C140v?tD_z8<`EaUKo?a*D
zlgyQDFOp(A<*8T>qdxm)tjq<H7yQu&gmQUwkcT8((W|}ZHGhke?bB`$dWC|+)tcgm
zbV;%}e5n&dsgjDx(CgW_a9-s+A>ImoMQg#HCRHDgM4Q6&!B$Try;bo|W&pQ*Z*M7j
zY^0wkRJao`CAIMS7rE487bt7gLMfClumxE6BI$l2N&!rj&s?fC660(%$+Nal^2ZWy
z(F=dd_$i*m7Y_V3G*vcm{6&2mmKaRVo<|%yg#u3F^Agzj^_v5(FmxP*kc?$?Xt-!9
zHlyQjc^R-&G8cka$W99YTB8d|n+cbI`6akWBRO;_0M#fJ{V80@$fV8qf-WF)x9#Cb
zhd+1|eNVglhDzpXyZ70d<*!HbV=gP+4sVZ-=2d@n_`rCEm?bXP%)9x#QVVH+XFD2i
z=nPWIuPkO`SJovSwG`Oud19e&9hCCJ=N0#v)M=qeNO6^-_q<15$FW(iX(^W&GWXY`
z#Y%EhkMMnrCMspC9zE5(r$kiB4C~X;ixj(juJ_<PndUD`)0Zp`e3z&M$);mh%HW>0
zZB|D{ik4D|pzF4_^q0^6aoT~%C|(iiq>apJ0pu;Hg<9KezwN)g95d}i8_=_4ULCeh
zWyBu=4^g|;IwczkkwK#HyP995e-ddW0!-IHC^(L5(x>uJ2ls@WBpTu9-beK_{!U-D
zMU%tUQr6GODk3@B6J{AlTLv?GA42dnhZJm`*@;Nr(Uq(blmoP^3MlWrKk!aPh{;%u
zUs33omSB&=nx`<dSR7f3v@^S1vPXBhSOOWKWR5DUaU3m8Fs`LYN0lB#JT<Z0wF)}e
z<d!KJ$QT*(k4CqF8UAfh?&cqBC+U^!*n_C;h?Wz-^@c-dQ_{pDB($^1RFkH8?o3&Q
zT_T%qH3<!?b4W2KP|_1ax?2-SaH)>{(RDQ`8$mI46JmD1VG1>m5L{Ildw=uvc4bd0
zFQanOWqWZKFP>iv)c^qQo+EZ+iUTl@(7;xYbp@|^JK9foRGlBJ>ins2bDf9RK5LSH
z@0<8V1y$V`$)-2;uS55rhFHl9md=5g2!W{*av3&zKiDRMA4;x{aTtMisZ-T?I=gCa
zo@cs<Kwud*HdB^{iWDb1vw=Sm_<`l!4x+&OkLnt|e=pwyUe89ibX&t3H91-Z3(xGe
z=&VIv0*3_nQ%s1SurwBkBgpe=r9mjn6|QeA1$LuKmRKj}{u)u7M$mlap4^l#f*Mk_
z?~3Z!gZo0;P&nC*XKKWhcDN%>Q;VoWb<VL`TA<^ru3M!Z50@>+OVgD(>Pulr_{<7T
zg-xn&8jo{k`osHfe<=WZ0PV#G1<ejGc&T`(qn5`Q+_ZD7nS^2?s0js4U`m1Hq39ZO
zq&AXV$TR^k-r=IwJ(Slr>!;b=4z<@_zx?|BOS>AjV+_MSxV26h1mABL{+gRdcbSMQ
z(t5D1cjhqxJG!5=&2H}Iz9WQO{V)LZr~`2K;G&kW%)88w-i9TFakPDNq>IENG_%a(
zg&&+lBu&8Jx;Ie@TC7E{Tw0Ikp+IG%nd|a#x8kPepidS3Q!_iSP80C3{u)Jc0EFR8
zHOyM^`!XeT@~3>;C2S9R=b-q}+z2`Gcl0Z~u~RXa&efmlP)q0;vd$Bdgpo=bqS52#
z#ZP$B={iHl&EC37+t`lPj=9ve`NlnDYa$avs#oRmUGXlP-j7idbVQB|s`YQijDmPg
zNYFY`4MiXPpv^6Pc+%q)lAytZC#5t4u?&^&b6iiZu`E^ZEyF{iA!TLmn!;I`tQF05
zO~_fN7twg?3324cP*T$?v>FsoZeI%?QVu*-L^E`jlu&LNf-%t4<;MFIIbY+rZg7Gw
zYA3a;qPs+})J!U=VxSs3oYYxo+#CXxd`3b9*7ak=^Bw6sJa9!^4bdo|Bc!Ot!iZ07
z>9w+Y2`A39WVcqVexqdf{Ec&bB>5H9u=E3hy31I)2#Ic*u+h2~XXAEe@T9Qxbq%qd
zM4xK!STIrCsMMZZLNk2Dm-2unOhco4wOchAZ#S&uJ++rrmsA8rLn>Wj#y_g^>>@zQ
z%TPyH+x&Q%+QqY?_rONtMXZ(0f&>XZ_ExQn5NNnymrG`uu-O~VW+Yohv%Vk|#LmI#
zz+yvJ^Bm1v)P1dgYdC2+fN<3tg@bQ1L2^-(6~%dqwPh25(-0g@MB==GoWUYmXJ;27
zVRlbv@p<;Xl<c{bt?B(-%<qgzCTf;U7J$%B0?<Pj3Nwow(5Exxsg{T;&YzL%*;*Hl
zeA);U`}5;#O5%gIF?mCCo{jMug<UWz!NX8nc9g#9SNCLok8C&s)loUy@_eq-lnUO@
zCQ?=t1Vzmma1|f^h`0z=#%9}t3K&N*6`F`LmoUkZU}C>z;wJ%{Kzi9+-jsbMkS)O0
zGy2Vw<|2XPifk2{ef<3AhQxFHJQ_TrBF8w3Vn5#mx}+n!<PB8Rl1+844Vk}SO-ysn
z6;t679)~OBv^KN{=abm1Wd$e2OCs%v@lH|r>ZJlxXGpG<FsAe>>^7gsLdZt!9sQDR
z?7mFsE8ggDBe&{Z*%Oewg1Bv1@?AZq4v05i4xtdt_G2BvpWuOr6DJx;8@mS6Th4^R
zVYC^O640i}TbQkCXqHE)wi_7Y6s^PEdc!hWRgls>K8yx`VDG|G2e`NDyeJXegn!qN
z*@zicQ7You4h{w+jMJsJVpryXsxp8<;4gJs(JuQ>dL+!!>#bLsNdapkoK;8Wm<7KP
zgF}0GyQ(DVt+k;gXVy3R3bpoUI1FfcJsR8(*8nE03!O=1?)qQws6n>RSP}wfQr|(p
za7=GHdioaS-<k<)!GDKEap-C}?KpW$9V(SP&Mou=*+7q9a{Umt*k>7kBAiaxh9j|(
zg&n(>KWbT2mj3XAgPMTcoq9YNv=9fRZl~^(Cmp;PTCXuwsws#QS**KB?<{mqBGWv8
zBmYT2KTHY8T;O2|x0R~kN@khAxGHsZa<l371YZI!Rs)8wpQ_njWJq`PzmlpPhNLds
z2X;*9PCLJV(&v&$l@S;)=yXvlw(Dc(KgC=b-y9=da*}rI&ZBMm3Y<0=w|R^1ChIOd
zho^eQ?S8#D&(#yUs~^Md@fBK?uFlP8=vjs2p{wi0US)aw`3^AsapV0suFd^2Hu<>`
z*vjSq`7-@+z5e=o`1w5Yc5g{RD{zf1QOz~pi?!Y9?rxE1{*p9%S)C}a_ibuF=RyAH
zDm#Rylg+>gN^=(*p(ECM>AXzKyKbB1nJSufE4SNl^9-g+tPqOjyK@Y-9j)XM57JVu
z4cN%o+c?&w9N`en7+PAe+(`dAk(V00!L;xb+VmA?rRW5#knYh&_gL?==s0?+yOuE2
z@W`S=ZDlZdmI5>_uV;D&6a%c6zXHQ8sp^`DQM5=-Q35<+>B*KjYWAlkFby*Pl|dsB
znOhb`+PR38f^aVV@71mNQ1&vd?%b^;SYk{?(P^!Ot14EFmd0Ya#wVYN$w$qMXu?m#
zC!VXiTe43nd$37bHzUQk39;1`aS2TDYB*288qGTlf7w$3@I6cpD4sD(2y9gvw5d${
zxcwdlebIV?C{nYU=@wH_;f5O+4=pNwZ2B(+Nz=IeJPsDoYUG3$@_dJwX>h4>i{jDh
zi6P#-w=-s%9g4H^@At{z&TM+-ZcgtkTIlchN(KzwlHa-XP~XRy40i!uPeZmjK3|8K
zrMjQTcWSW<N5pdSk(o<W^kqTv$0Z_(KE5z-j=l@Nu0*6X-;o%<dtQeLj(^!|u^G9C
zN8XGb!(%<#AkJ<N?$L!4PPWn2T_F`96Tywd@bpLg!V%z`_hX-)#ZAw-CDiXx%pqe<
zieJ1{+X%xe_buOKiZ4;1tzLjoU8{`e2>B))40rm?H|Qs>?g#I?wqoD7X~AuA#g51J
z`-6ka0`Ug9T+d+NxY8vodX5ggmh~2Lp{+UOi4MbeKN1;cCiY1tjGibM&fs&SU5n_I
zPEP6^qqDag%tL1kZK|pNdc}3O($Y(2HUKH^F(S%Odz=*RM17Of2+~qgc$Fbv7^OjV
z^;5Sdv_eIRR&jU@M&8zPpC8$pL8zXbnQGkA89KJz?frXH6sOXql^ox(S_sL(>B*FL
zWat++ARpO2_&T|zMa{LCqM6V|r<)}xilLIFQUL6}t<WhcmcrV6hl>I6LbRKx2opo$
z)B7R%T4!a8O{+C$OYuOw7vDcE;<@`pehe0EPs`L^|8hqyrv>xpVK+#LTB{{FdxSBw
z!@Qptn4Az(`5HqAe*jVGTrTw5>>EJnHy^M1!Wxr6HlsxBCy8DR>b1kwXI0dF1~jiq
zHw4nsItM1=+1(d-LP<H)EcNj#65ZTHo;H4pwKe`(X&&9uxF0Sv=r8mZfma>^^5Q<I
zc0k~^empR??jM=e!6Ne3)*rha#&xoiHUCC}3a+f?_~eiEwhn#YI-)QCjA-CYxWM6_
zzPMw#>_13Bk^P6H>OrX<TzEd2fg2raSu&r$UP{q@wH8~k1~YCUB8yAh6I;Fqp7zY>
z!`q6Xxnxju8rmL5FP3T8kp`z$wiei(MsptyW)$(bq-NI5UGPWPf4rXW#j-P{Q_GUx
zYtUa2`hHu;k@^pXfaB<>bU`|35e|iF;Pj9Y58$}J|K3{b$?7Ql>y67r=LfRi??(vt
ztdYr#;JeasH=_Gmdx>M+M<A&YFPniW<Q)k4fEi1Tf)7skn?BWSK*mYps2%UK2$3Mq
zZ05J|U&(ULYN)c-Xx&YAq=I+npOur+CBcX2ubu6g^x)P?ymxldhBpB?=BS@|78dU=
zDDy?Z9}_*!fJOiE-o_=p0p_LB>wH*7t(zI}<q^I#72i+n4pCF7-t{60Z-Y}hbOyoC
z^Zv%?Tr#_Ax-jzJH#Z2WD0XJMG@4(kozx@yAw^I!gEE{e4g(Oo+JYo9%W2hNf4P+l
zBnuz{sJ>v*0d8XRkxc3^E1I=dB-Cj(h%kkE{CCtSvU{)XZ*FKM!avcr<SmB<zSe@+
zL^mpq=iZgfee|+*u&9^)U>%JAvlRZFsfR(n8vL6<+ao}`&N@IlO%KB*bLIcaXu;3b
z!{Gk6dusmg`0WGgrEsfU9jrgr?>g8Vs{i++J>Zx9K5K_TPK-o&vXYRf^L;^1vsV8m
zJ>UPX|AiN=rF(MbYXx#1FQCuzEEW_mn$F7P{#UMti7<Cs9D>J2kds0y^qJm&-^hys
zbJ+iLQkYwi0Pl&SDDdA&Q%Tf$e{<A%;EXtge+gl^kiH2pl@5{Q-JlVX#D#m8KOaYD
zA8fue+#wn=A;lgvjES>9n&&LnEtr$Aw8`+?>WLmfk}BEpi*2Y}57muCf5Wd2E#wC4
znDl+`gL9sE1XD1X4q7ci7}_;NjIuMI@lw!Lhd^ZsDU|kAE=PaVkJF~W`ltpG)>Dy<
zsYsa{(51us0TZgQI`5NMCf`da0==@}ee<Sd*LUxy7}Q-oe+mrO@V-Q70Rj?OnBUD@
zu+#ll;ywkjao-o3K!R_-OcP#d2XAE2#zbTh@x!$;<$x3I#x2;o24Y$4ltr0OzB?$3
z8%FJFJ?RI%v$d_m{66AGtB0OvbN!QEMSS`@!suCkJZ{_EZN^%5KO2@*Sp3D}0$`7N
z-7lr^V4|uLg`4Z-jM)Z-u<n$&Vq|+I03--$R*r3kbt->;Bf0oNYr!G(hsAyg>#4Jc
zjY;p6PS={Ud=_I0#0hA)$F490ANqg5FW*S*?C6nX&3}AgUbYSRp2p#3+aJ3L?udTM
zOmKRN*tP!^AZfRFY7*cdY^&&M4Qn8!QT7{)GtN06lFf^a*5qB3`q98w>X;wMjfj*d
z7PhN}rDjLs7tR%`*SIGLH{?uuy+BWO`82V^Z$3Zh>QwN85Lt!RQJUehmeIL^gCh>H
zf$#bAK$~1<^ms$2N0MRIi8|5p+35XpeJ?zX{0=H*M+M#ffPJep9TSW0;rz5e14IX5
zn~TY&ix@$ar3e=SBVu~GCIG^d2!>IC_FV)vj;2peZYI|tEL;JTP+S)@Tj;MF4Zf0>
zo{xS<bpdTU0f*@SC*zq)Yt&9Nx+lUq>g0RMz8}MIZVJXJ9$DikVk*3!N_F*+yL~5`
zAplO#M3o4$t7o5dk2qKoT*vV9FRNha(@HC}L2x|%X+>u0!<+4tm84{u35uY^+v*|w
z1vT#jY2EMsDG9<&+yuliLQ-*~m#;M^P?4KA7ShP#>ey3~8t}5^opCY5%7$N3k2Ah}
z8B->)*dvkzRR0`9h_#i6%-Uk9YIm@YxqYVgM8tB@VW`WPu5Sn{Dx60ZI?ouQM8I_F
zuJP|WC9HJiZ^>U^y>zMpsY5J_Uu)O6EG{fi17Q_$eyJs<Zh529{*8UH11x_m8CYmT
zay)|KWQH467j3Pnw^2;v7=W1Aqw|6u71777Ah{bw+q?rB4We_~mi$=PJ@DLwR@W{j
z2)f&@KW8UAI#}4RHCdpMq^mSkh{us$70;Dd#&s|ass=8bybIZoAeBeS8>MWHZAqIS
zSjDZVn;R?w^6hE|1TAYOudneZR-1L8iRd;Px~*-(XWuRR)uO%&-?N-Ja#LK30#L~@
zr=xn?tZ7H8PN=8uAfO8*0;HE;gJgi$Jod;iz!X~!tDQJp?ND+~$O<hSD;T7NFpBqu
zb4m_Vj7k$~Ow>s&D<lho2b8sDv1DV@lQwz3#GKtaI9>=bSU>hMj7SwXDl|-q<dEPK
zp3QM6fqXwar3N7a5D0C>n?;kaU^m*djnex9{XUNkoZru?5}qDjJak8?lg=;C1Bx7-
zhT&uZu6F1drYT%@OIP+;z@XdTyMnq=YTC|Jm&S+uYehV*d0}m0QL3HdriTHaT}1&v
zm)<>_Mkxh86+#=HVZIxg#dq*5`{x*RqX^K7^6E|&xZ)f}jvyY<#~|z!i%v{tGXW&m
z3Ei1`vK{MxyVg|bxK9z+y*xz_zaZl_`!G)=^#VXTfq*}WIvr#3>S5fPfzTIHOu}Pg
zi-|h7^DY0pDl$>0FpY9vK(wJQ2~N3m{V!jIJV1rv9-QJng64Gsl(I=*Hjw?wio2N&
z-RupSTA>#bmnbhR7=ydv4>0u{nTVFU@T=tNC=<s{u-+xOP*h`j-)19$jkB%f1x}>d
zoL4K;>WxTM+uP76So*JQg+CCqs_M!}Gz|ry!Mw5);p)h>t*}F@h%cEG>=qOV8?cDw
zbF4Mz{OyCGKjM>Yf{oAS7UM{EU59P6Cuh0u-G0%}|M5=_akKpu1mX<ly|#}t+1syo
zl-`vA#NK^d`;&Y3ETYVgTU^Mc_U5^H9c-y~L{Ban$w-{-M45$&dqD}uz<ljS62~^1
z+}cZG;~FhO61N*b9+eV=r#w{g8|GT-+PQp%iLHi2h4zt#%P(;g<Q@;7?^kxez$tN$
zKcZ<S3sud+bD0G(f{cDazR0V?j4_iVP!xKs8UF>EWtNkjAK`k+?tU6^ltlJ>HNe1Y
zd72~>IpL&O<4VGIH=_f!V=?(>c0NUw4EKBq&mfdJ%}H^bHA!)#J0(hSKu_Du%l)yQ
zmm}XYGHXw?VfLs=w7Ivf$n<KTZvNt0*hREH(dcQk5}2+(?gQtT;+h%nq>7%Fg{Q1q
zo|)ZLaIzV=JVAnWu<_Q84rVP{tAOVTL>jLKzsY*+MqK7n^L_g#zD#R&KDKUR@;VA<
zez;qKEj39P=Q6$#ub24Ttd2Jk2FnJdqkQ3m_;JJ#+JL1C{E6Y%Nm@xTwb_wwwSgc-
z3q`p6VIrk~(S(m8vjjXAua6}Xht3#7%0!v_qLBHBGY2W%{*VtEbwVXsZmn3mb#z+)
z1&T!I=%?J%Fqvqw30*zCQ&Cpvd?Mnxo;f_R_A!>SD!O=HNg<P|CnuiHNXBgzx0y&_
z&eXJtfVK;JV7}OYpW<oVDR_v!p(#>NG89i0rFIXnC_@b-(a5L^LN%)QovIk+@(@u~
zH*0skMpH9g4Tj_pheVI(fIDIJAEyhbOM*&+&kJ4rYK81J_XR$mtJc!OF;?26b?gG7
z2JbOcf)03~rYqZ4K^SgyN0;5Ue0+G)`EAng>&lXks-H1sN&=ny$}j4ElRv*LbjE6Q
z37z!N?MroIC)?U8J2rjP@f5tgL$+S+)T)vS!2_Rk6(fijNweY|r?f>f?i5PCuQFpO
z?MP5X>sm+pGJVvRf9cY*<W`6F!Z&WW!;rvR^Z3j+Zi5J_bfx96(Q~Gxgp@L_*0ook
z9llBdA7M)d`ZrA+)aB61xu9@lY04n2-wHz&gIO>{ev;r!8w%&>%YLD&ZA2exwu{^i
z-fay6!hP$W-<)V14xJG77wJQ<u0#wMeLn555F2AKQw_CkZQ0c*_E}SfCZJ)xCZ<ZT
zHKpfzpm>RNLh?j)YuGPaLOA<o_dVitY41(47PZPIwE7IsC4R|T!c+rIj@HAcYNN`=
z(=~7DsxApJmBqojvyd*rfsemlJyp|i{2<#_@k<q<UD2j3%>Ie%u)yPz^U6Tm(K*s_
zeu=JK?<Ej`w|Yf82>6MuA*_1=JM;UfwIM+Cc&)MN?|sQewWkQx-*U0XgJ`e9jl7c|
zY`@x<hjTj1iZ;ZHbl%_q^196*5LTx1oH%wGKcY_sRY9--B2K{W1?iHqQvcIq4d=uz
zC_W88&7>-sBs<rscJsG&igwT4AKcx#;JDzD^`u&DGRHQhc&=j>ZNJqR9|EJb0aT5Q
zRMSl^5R%8v9WJH?f%Oun8V=s|1$adImWgUjlf|mds0vQk^?>z+(5Bry0te-d>-^iE
zt=Dt1&yq#l^lRa%lIA6Y$MJnq+S`IrI&3xz5g(RHT^*eK%dubnu5_f3ZlKB;+kd~}
zr>C);f3*cVb$*?l><K{oO?iy0_*6l#=)Dp4X`c1g?r|Na(Nm%0pavIm01w$_GUH<g
zw=%4mRxy)#8+g3s5Fo7)Q2R3)WkqOIX=510y{TE}u2%(dU&U93XoEEi%jQ8}`*gnU
zt;4|4*7{h*-&qWOcs#cdV9`3I!u<XLnKKotq(Rcn0|McEs<~b3hj_^yrqpmXYTdIi
zh|OxlMrVgG7|9mO1|aj2YuLsfw~n(&I8s!}v}#N5W_(8nlx^%V{w5H<>-~@Mrkd|+
zV0ufLFt{%;WpZr%&v+XLOa}Z_K9hETW#=;auj$sYvIz1n2LJVnD_OlHVmFVK*auPl
zY9*FL4ASNK0Ala2ldVfEqza&B@)G`Mxlwmvg;;}{SnqVX>mMBL=Bk|L(><Lk9=w2>
zWGR*N{B3KGAzl!Ba#KsJiPSwM<4<9?JJ>(>hyyu>%2L<HHh{d^-aDn>E6<%ZIOu%o
z2<2R*>i%`uybB#~KmH*0LbnoIHF1V<jIl#rGO26e^Ak_aIq`}&8@Gc(WG0O?^`Hby
z=u=v@c6%Je$lry`q>0=&Ar#HU>yO(*fU14p;DKw51~M7-cEdL{fm_e4i=<zmZA-O!
z4M9P4M<>NrS`M`T3uiU^`!C#`3t(hJ%l$E(o>u26U~NN1h?|34!49nzqxZI0^9~A*
zN;aq8yc6MFdQaHWYm_N1`7fxPR9VmoY}wDr$NMcLRmYKn%91$G%$`h7%{Mgn2NKT2
z-3LZc_2N6$`+ej`T|0;+`&3T;&kF|c$H>7Nhws-V1Ivf+&)N6m+l|0SkK@fv?#~H>
z>rwGLd(1jIJ!xm<&iCEb#>xu9eBG`ho9~5pesaY?N@oH`6Qj`k?hP(lM+>>v)<c0I
zpk2B5tpRwfbqRGKp$|rxT*dJE<**)RCr-^Z3hHl3AdFVWu*d_vA7iq~-lG$Dip06p
z?SX5RhNkTcR#OGsh+MvQ{MxmI@_q11aa48F`QqD_d+E;7rb(s%=7^+!F*<{vHE2|;
zD0phZ`G%}L2Hy!EK8Fzrj?z6N$pA{Vn|D`cA|vi&eXfB!R9Eg6z#Wk#)s>Y-Zhy|o
zoFx{bN8jX$Zi+bkL*&bg$7M7n;y{uG_ayV)KG{#(B(^T&MU8@n8+yAkKOdMGItP@`
zXh9$HnI<s`<TNM^p2bWGMJU7%WcaUS43Xxv_~d$i+A9TI^R$$y9)E2KR?4#3sApmz
zlf+3t5umx?eC5a>=l0VnJ^3c_5#Z~7{Fz=F8O0z^Kp_**^L;)slzO&M3LDV#b}Z9L
zsOx?A&qWh>J3hncasOO8aQZ8mxUg^H905z6pZND|)(9d;c=T)MaYtM5A>wC$Xn~;{
z>sfyo>j;iYXMf+b!Cl0|I|#IiJ!XjvIS4C|r6t?n6APsGN*z=+BTX+286v~Y&<NnQ
zCi$@lbpcpCjtvo(#L*GB_)2|G9k;{R7aySKLsGR<@U((^$qNdz!^U+$icb+9Kz+6c
z(7KxAC!P_yZ8#y}8z6l^8?U7b?#B|E$&g$z`corv<q=#<+$^;BwrYKbGY}8G5L{p&
zX$y<e1@Shs#R%VOW+XVN%K}@1n-P;Kvo25{)IB2TY943?{0j2p1sH+R;*#4EkL(W@
z%e8k}(OL)R_31E(7$4GzLCYlBw*;WBWSqt!Io1}DqlzIvvT5}j)>bv<3%rk+VGi@#
zTAsoOOnWBs^fSqJpVw#_3e@7;UQju6c%Z-<oG{S_xSBvTz6NrLkr5`xMh|}a#jz7C
z%DIY2BIn*dc|V+8>nv%r;TlIbV2c2I1Yy-SYTk)O1J82==R3L`;Nt8x^<kG0j(4Qa
z`-p_YgEb#qn+n(f^pcoVx*;d@b~eD%=KCh2Vtk~*19<Jt*~ksg*@IX7G11w)B|~b`
zX(b<+MW;2#-Do)rp-{ze(fCugS$2~>)(<^l^N6GU^2r*c=#DG;{%fT{y*Qd9NCkWu
zRSd)eRTx0q$cIV+*Rem%2_Jf^OqTAU-w4=w1j)!Yf*QrD8uC}l6%(KXmQ`ke<ecmd
zc1mvJoqKl+{Mz>Rz^%k1)(Uvd>gzFSIubdX<OGBX8!Dey{p!fI8*@uUdczRq7C<gG
zXxy%K4MXAcz>T|}6~3@d$j}*fgKU8LpQe#6ePIh~5g=>lL|NyF>-t#s$-<Nz1`_Vd
zXLypqar~?+D*XKk5m2Edb4Er$v*16Yj_1oFyxDtw9=$HwU<^f@M}=M(FjbSGEf0xY
zx}&|3+@tS{RqTq=YtS(n-yhZ{Fwkk|Ynlfy-H73*Z8uoVYBs}BXPa`!!jigK_rBag
zpk&<6tIt-25Sd~{_>qDQgdkSaV4a$J6F#5MYSn&jMg8~z&<%ZnclNHUZkrqkU2IYC
z+C#+5A2jI%=p5re#q4V_T@YOeC+0msAL_T0_XH1x<PBo_oI;U4H1K(*XIO~0xcO1^
zFt9=3WWy`!NbyJ|w-K0hdBR`qL#zX^8H!7~Ww+nJp2hpMTXi*%XsOm7*(&vH1x#*o
z`D{I)_T2#9k#V46c$<U>!f0-7nZeh(Nu9k|K&>#VpC$)2%__%lsW+ITBdqtS)SmX#
zx*dlRr4kdZ$;pzJ&Xj|fn>6i>%Wbq;Nj3KuuU_FN*UBnAliDABhrVDVIj-aaW8#sl
zba#I;xh4fNPWfes+G!jd%M3ov9Pm~d9*Nqtp@YhS_KNb8Aj-82T+(CsL|}5QK1O%;
zvXqwNQG-u)JvQpO#F1EEV?$(Rc~Z17mDdo$2CW29qThlMZ!VL^iv(}89gPME@ynaL
z{ML3t1h>2uR@|CA%Y}0t)tl?}$Von*w?_2hsLScB3osBEKr9zA$9{2n=s<y-+_HaM
zZLIo?B+;?S6O-jES>?V`qZKuj3x(O#mO!GAerE;h6X+D8pLb+K(6Ja2lT_f-)X7AV
zQq`HTE*amv#z^Ra@N|m+mG^0f;>W@XGk$qNnhoWgw9h>*-GO8sP%A8s`RyVXHRzDr
zu6)eETFP6Nt%jR=Y$(WHopFQjs2u?LM|tWw4Dw`*<a6hP67%GD<@4k-VG@!k<`8>`
zUL}y%Oa4~m8_5^S{~!|1kB1JT#K(fcL&AfJ77r8dAnJ`8_QMMO6^syt8GIdx9Xw1Z
zA@;(Ftq;SuIzCh=mp?!xpYNS7pRYKoJg04w8oGw;J<iij2Uc-P-zqZ_C6O=8L#UW<
zZw4@1(e4`P?p}EdFZOY2zd<+%Cy-+OgT9VjZxK2dt5rXDs=}n^)d4rnhg>zQuTVAX
z9bYx;##)(%pLyiyBGDw=Ve=72g8r7bq~~?!U($S#b>7;pq2HzyVKKx|hUkrEv8Th<
zFOBgz%bMoYCxwya)K|uS7LZ7PYMDrnIY+KN`*8K&Xy4uMcD=R@DGaM7?~4F?WTKKQ
zGz^q9#n{@d3bFj;Y7w^#bkp-5i~9NDX@hX3X|HcLjy~#dea6qeCgjSN#Mo^g<E#*$
z5NWAFD=JET^A@J_w}@?&W8vllRyj>@tMVH=<zsYj6D2Xb=eL1<4<E2Kp@cBajJQV9
zJ!4-<ixJ*guTAmuwo#K*awGer$&~8A<ZI*&K0yi8n7feE+{C`LSOgQ<7j%j~6RaN4
zqiz5Ezj{MD1q<9rC5jV~<J1LPqD*PXF|^Q2YWA*{o9I>rkqlGpDrjH5>~k*xbO;s`
z0^FTXLfiJ`Nb;;RI|cDNrb0I1l@jHp)`^A({fBaSpR=J;UdAj!y`N{D>6&28Z?b1+
z@Y5fSIt9cHg#{wd7@@rMRwQ~uOsZ6`8#^+@?0#IPta^x%7R%HwshzZqe`4(2@x7OH
zFItRADvLp#hOP2kO?!W-Z!geHGlzcG8gt6I?GV0yNJOb+!|k{#OV#_cC!<wv0F)-1
z%ZpY4O0=7203|DGs(;Z;>4@}y(+5^6S|nWCYR5Hex!i`eQYLw``Tq>qiD`=^Qr6g3
ziT`SW!+(P1wQ?2<{JWL}qPpCqxKZ{t;y?;qraCH1u)HDkF$GtmF0%<=jeDRdVIKiH
zwgs-Bobct{+{)EUYj`b1!ZZ+7H9F^;WiJ7_7H?*X(g|>|#5nQ9H4Sk&ek)?I0LIjW
z6G~^iDuh4F0Q^&KNjjALZ8BqKQsb)$iS<+faP1=62-~_W&BmtV`7iR#10uqL>%9!V
z8~5hwo+Z(`+`CCEv;DuM<nUg3a@cNL<nWu#QlPo4w|1q85d7x5{~b!?uwQ5XfW|s#
zxljW*<_EoDqE*y+7t8`oK7LJ(Dv)-y(p=lsEImA10w<4no<BY_d00?E-Iq%F1(h?(
z)JrPLqjh^Thk|Or8;yy@pldaITV$8o(tGLJxRjV`s=V`^CDftg+<f3quuHlF{Xzbd
z0#cV4TrQwKv7#{IT<*FxDh1)SxTT@$k~~JoOI4hxw7x)IytqML?4%?;5@o3*Eti=z
zFGW?oQIz!EnXE()CbbxxH?a!CbP}ybtt~1%7KZk1^062ZF!u8}c^DI!3F*L%T+(q~
zJ;lnnaB>XKLBzw?9yIrgC|@>PYAHi6JY=sa@~$di3xoBq=D=ocrX@@?VmTR4AO#R(
zuGZ2AuTPC^dgTdG=P!wnhK+?<C+EU$g{N?|Ra|@K&%+Z9wWgW)7Ae^yBh9tK$g*z-
z<&Y`~FGMrsyWvUEDE-r-qdn|=*M<SeCyNDCTEQ1ouH!5&+m;3J83L3wt^V6#Iq6Oj
zuIT}wIy@-1!SMZ0sajLWBUM;xDhLAlE-&v8@pp$1<L<$etkG!hg?yZz8hk0Cb+*N%
zBoSFXe{YvXoM+fouM954Hd00ZkuZn2Ut!>dR!==}EhCIfve09)4j=ruhwu#G%<fmG
za&5$>lfUH8=9T%n`8e9O5YWgV;`@ccz^Ho!O@icb>X7*qMu<6vfa-+{j3TayLP#36
zL1$oTM=cW<7$KmVo(zols;LLe%fY1ALk>kX=l)iZrdCNgfYu>}6ot>VzgV+d#Pmp?
zo#Oebr>;++4X=6H3Hjcp8WCi@tzF2d<!{|DwzFuC(J6U06*;6_Alkma5sa-_B1jS(
zOd<KU`#2xzxKL<5K$cMkDhh)wKES_3<W&mdb+mtVP!2(DDg25vkh6ppPAax3JV$6B
zf*4Ryll_ovF~gi1Yq}zi#A`eHodp4`UuW~R<lH*chahDj*F*p<74?SzvU@XstnysN
zQ=dqSC2x<oS#!V|$#%x7(zgwQrPCcTH%}>LJ0kkZ#pw8gDtz6_a4zbpU{J)x<=AY$
zSf6=`vGBu#^YwR^m`m1yWmm@~RaGkv<&H<oU0Mqwhi0AQ73UU#)|psq#qjy}+>`^_
z`uWT}6ux27u9{YQr=R*&txsXkE7w7Vyv}XK+xsM3{}x;6u9|k=wOyC~m}`(m3^rG)
zZR<{z!aW)XULZA^qTo^#0CuXfkMipu3^SVl9~h<?EJJC~x-zVq!N!S})@wr=7J@=D
zE`US(8nF;yIOLcS)pr?$@mRzB>BP>Woo5`Pc4{M+mM=S7Yf3~`+1^g$4+>6cK$k9f
z!!%lV@(#|J1~`*Vv;IFAm`@Xyt^cLS>xE!xt(iXKQo+P4d-Srfk8@Sd0V?XgJ2ugT
zx$@<Ucsg3zv4lrrPf9D_hYo2_R*1Il&RbEMf-i<KX(G2lvNRnZobOV<pDCJFIXA9+
zWcOUoYr);=+=LG?4Hv{-v{y1k|I0_uNhtrIbW>0@ZtjA<3)Ru-P65k_%_b3MoD_qc
z8X~t?XF!;of%!>4wG3N{fiZyA4$0Gw+>ChA>8LW~M;$LVG~)J@x~Fqco5DKC^r>N|
z<qx)koiFgTMs25f)Q(Kf`O*-fW)<_`X@H)+%6(;Uv90C|S|qi6Th9`j9|lK={0DrQ
zKyq9t5J#7W#&A9;j2Ww*+_E9mN6lfNge8cE`e89{{S@C}*in26LGwb;{c?W#UFX5a
zs=2iC83w)xdc{)u`Cn<hEKyDX&5+k6g)LL|bQLN#A}+Z-yU(qWh%0icF8FJcc*J?;
zB1Yt_2DWPx1s`hmpylrSKl(b5+0&@~f9q?*aX^oCcc_DxNRfsO-&D&PzY|=N=w}Sk
zB&OQ%dqZyeT-L3Uc4APY(<J&^%TvL|Ry&XP#HN0QV9s(U3uE&-S~CGT4l4TUajig_
zWD1B3%?Z$mL@Ls>rX5vzH+f*`!e0mL(`qY95F+|evOjl!S{Nx9(ds*HC@~kSae#!%
z_fsaNT?St9GO<RKZ#_+>cjm1YnLibJmJncd`*YDGdf$m-*dlf#6psf7!1Av6pl0SZ
z?PAv>Ax7!k5S)^y(&$0ed)E?b9JGSM;9s9ekwvezEIqvR8>s!v*Zb1*+$Woog!V6|
zmH_gXg2)(Qog6@4j!yKF(n~B&sugiF^1syp|6hdVdosBH|2M)iz;#sG`dj|#e!S<b
zr-L#N{bwk$RM)F<M!}oqEw$}6$7&nt_iJA-b{b{Ze}wl5O^dd0)jpoe1*J%SBKE;S
zrNjmdqPoDX{(1Kh_k}|30Kz9ua^!S~o|JF<#`8<GE3C{#p1(6<*<mySew6IocV{T}
zGNnk{p6~}xTuP;oUm>5FVq+FU;R(%xJ}%p2tof5T?l591k39~m!cxlGA4O%=8I{fk
zSl&83K}+`?hdYXH%wn4_^`2ud%{b-RWlGpSTXX4oJr~d^=0e*P**Q3Ufwl&l+atDa
zGBY8l(ReZOUMFLV_9Jz_F{y>s_4NMtOhV2rvtp*lCy!o*Na=#8M)a(^U%;QlyW9K4
za=RKu9hWHhE_EhfedX+&cQ$gJ%R19#`~8Y*fJ<x>tNOm;Nm8t6SXyU>=H}^k7QVk?
zbyeJx{A|;W)0f{!X?PJ!(Jqy!?aK8dl&T$pKA(#3C$>;j!^1hgJ6@%pznnthbsI1Y
z^W?Gox<L16uN;xnGIC)zIdiqG$Om7N6B&k?uG7_}gC}4cAMWahGs*dhlcGTfW<>n4
zi&*1&x9VjS{9)wN?e$f^)BbTSAV3&wTc9HaDlLA}E8wIXf6l?HLwS%8z4O}BNd&dC
zaIFi~;M{GrwE!hQ8P<Nw<y4sG>HfbMnY;few!r-DY`><zNVajefeV1<W)|`M*X^Q6
z89&J!8Y)>D9yj`7r-xHtBV%+2Wn~bR<TUhW%$h$H1W|R~x{Mv}{+w|GfXT<a2QFo~
z6`n@=3{+b#66ys~nKOm5kROqB%6MU?%3~dpYIM1U@9kC?W8=H%Xt+ymU3PZ^Lpj!S
zX0MnAAc1AjV(=~uq67=Ngcf5T_1V41PkM^AXVZel(Z5qRf~~43a5^>fIc0-NWxpos
zPXig@2MLlPxM9@3u{fXLOhNv6yF7xWaLzXCR+pyZg7ymCrD!Hk=!Nhjdz43`shj!e
zt9+$H#@ZfT@I6QPInuJ8vOWs4?BmJ1<yH-!In~AK#+UYRe842>?`pVdTH+_P6642u
ze#dr)r^Y8xIpl>AzR{we3rRhV8F%JsnBL7d1)KUG1}3b$RY`Jeo*FC!L6{^hS9M^D
z<Js3!z`P|u`{(wB$cp*VK2BZ)F&j(xluW8H<bwkg9#x1U4TV=5o=e=|`^_ynFzP)H
z9VWzWzpE`DSn?t>A{KEw5VYX?mXzTJHi2&NMmWoc1OKFLb=M{Q*rwy2ZC7hxU)`_p
zYIvfPJ2*EI{B=c$bHywNeOJ|U(aFH$-jNKk1M5?Yx@x={`dvP5M|e|;5|a_`hmuj#
zShR_D5a=1W7EwKdj=BPSRe8Ba?`oGMGAGEm2u|inRgYZ1)7HER`4~K9T>Pn8iqEj9
zVp`IoKbZ4DTiT>tRtZAQk{Dn3ak<e)tw=o{nZ*b8HtDH~=x|H!13?BL9E-0t_a*m#
zksv`&8~-6e2!-qZOM+C!{UbrFZvQt4!pxmN2`2cD1X*xu79DBec@I@D^O0v|{IqoZ
zm4&(z{Rsv`ct_>|tKqY=FN>1<@Q@8X?iF^{M-p$@NTr7|ouMXob9=yBG-yFLxu<#1
z&#Ml)@84G(9~Q7M748!XlhEJeaiX+T27<Qx%_EZH9y2toMYANus1_y^=bRJV{Xyzv
z-n&X0<W|)5R`M1REX<x)!TxRh?}i@ZlbrKS&4<0cUOfSL{}N|2zNpZ7cdkb7g`2I;
za$WA_JKLD`a1QB#LD0XrBS7gE9~I5vgSW&H`?6dG4>`?=whutbA~P<jt?PRe8nY(E
z=D-*y&mwJ!ee?Kj7qg=q-*F4=1w8{y*1%K!;q~SgGky7}*zm8A_v*s#UMuaX{FwE4
zZT0}mN;D(S?LPs9sqUEEp3oh>e({9ZGO-OtrfVO#r@Gc>->EJmK1~-eeRH*wgG$KW
z(jF8y0QVG+EwsJR>Kf)76yK(T+9FJMy5h@OJVwr{jQmPzvfZZ)HggI@+4!{TkrYs<
z%p)WwlC|xa=4OLr${CE>G|qH1oIy-{s<?AX&QP_+_f*aB^qOs(4=ZHeg71|9jmSsO
z9+`<@AVej53PfxYQf$$&N0pN%f>Ne8W%3hY$IUz>a6s;vsI;~g8<=$G&E6hN4cj%+
zep%zlT5U+%s-3$otqWvsDb@2!_k=`MX?F+$J;nXx*W_t#f2s~b#zc*nB!P82$|1Ur
zWYgToH8CLpVGL2|B^Gaxm>M5tuCGW=_Tn{AVDreeQJIhw|5YFz6CYd<7!#ET?eI``
zS~%><w7Id-jNS$h;+%Jm><}T;`x_;*QYwfuPzm2~wj?%J&GyRj{)vp7gZ3``yF_I+
z6JlJL#xp~WT^hUeGe(LGYI;iw0i2mZI<uF^9bXHK7z~5mV0N+@Rk|bh$)2*&Q1zr(
zq-5)39nhELzw(HEdSG*BlbN>JY~W@9)lD9N8S(MK>LCK(j*UIw3J_B2De{vCPMjs4
z4JkVo-&o*gn)bsI1*<Qx)|l=7N0Dd$#c3;Tnx*rX0<~~XK^F13>{l~XUE9|hVNAuF
zm#pP}ET3XYN>}I4O<!PR%v4=i$8Sw{Zc7@A*gl5`T0t3{!(YO^g1Vos+)H<cdLB)U
zz9{bpM#xPvd8|Lu0<4nlSawm0G+5@c6|TM0;Ups#!**jCRF?pkk9o04NT_M``Ebq;
zS||z>lnxL(LRf!0Tgv1vZ|<}<&TV<1MmJiyx?TwSxK*sed*d-StyIfpEnnb$Q3svr
za?JKoA3lW&GVonTb^2$P+F~$}YBxHgcVdsNFf(yfj%NJ(2g?*?8ZL;f1}~kvJFXT|
ztw?z7M;z7y@#)>hzYoiI70|+sFu&OpI)K3D6h@#yyDQT;v~QUCZ09&bwOfJba&I{A
zN#Jl__+U<e*~5Vay!&wjDeOtu`-JEV%mZ&Y0{dF=^!`P^Yb`QKWV<^(is%9yi_#L;
z;g?t?D>bm{Olfu>`_b^J&d_icv!-t+6lvQUy)!kcF+1E@mzm~2T<+wI(^q@mazLHl
zGVo{Xqtei3x!t{x7=d+o&Z(SaR(!0%>?E3931+^!h~(8olgZoFT^}y^y>VG-q7hJ#
zFxL}XaC;=C^1i8MmQ+34;hKu!5Hm|486YDyt34aFicM`gG6K`p?r~>IxenQton|Jl
z`OH<wSz}Re9<hN3WXQY}secSj51{Htik%WqC!Wm9sghEa^n(y<Kud}9XnJ2k*3L-t
zQMN^@j{0qo4)3u6$^F)vxFUf2j@U>(YM<iKtd_guwjzDSaP|r?h<>TZhu5i4o4A0-
zQC{ACP4+wsd<XB~7dkMn$P&nm@nt-m{Db_9x`jYyF`$ms4Xat|eZ8}RA>h2a0qEKM
z?qPt{`R^Ef#C15X!R6ZrCBlxMfa7o0zXO1)-GrZdAM2Y(==dSrsqaQe*GrpjH#rSC
zc<=JyVc5G~8?2WG6l4r#E^gs+3f^)KS}I)P=x6K{r_oVwS3vj8Na`j2?YX{XVTJs<
z6si+pAqVLOTz-HG4saJ93|enEwY@6W+Qq{pR=>)<sJxmbxR}rrT>{EPkEiFM6(=q5
zZXz(<?I6ghdYS#WDn(eC5kLD;mGX`r0l;#$`sJlAgTSx|CaI+B?a#RlF1ukTo{KNC
zt&icdU9}R=eRoDNBGV-w*f0J^yAeOqAvKV%Ce&=+<yQ7er~DMqaQS#we&gX1+fAT9
zM^~n)&etBl(T?fQ<e2hPAz|91;9DOfo%b}^aJAgy>c-<E7Uc7j{s`h+G7*P4oZOBv
zE{PB&c0kG?oap7L;)|<iuTlxl2Ma=|IlOkfz(>F-3veSjoFGZ+Dh?|4#op=10;}~R
z<j3^E-F|>^#UR*P-8tvVQPS7hm&OfqQYblL9;^b169NP$I@M11zvp@iJO31lpozq_
zmJEGNATr({=ZBF5B5eSN0Amk=3tS@6;=yoP4KjmS-@PEP<6@YogCm7N{vy!h9PZ(z
zm*1}=;<+OVI{1vPpZf(F0~Ldag3HmhnimZ^q8SZ6$9btx5crM26@_?OhND*f<dg69
z(Ni-Fb{!43b`f;oo%cbFmgo9&QSpn-1-AVIzz`Q3IQRRrZ9yDtG#Wk{2OW)rU)tP=
zaB~!?4KgZsvnxo&t8Al;ur;*&saaWaW7V3Onv;^*&l+%w-QF3NvHl&fOgymE5;$An
zu|uUm$1X}2Cc2$<6w_xeAn}*EM7{4zQDs2iqysYTY6jOkHm{*hj1yDRB@C%S+l!E7
zU>L+-U%wwLpw9&X^x-B_5m?VqxThcWImGh{^R)R!gps|ChW8@OuVx^~VF<$h3Z?r9
zq$#8v3uZF{ZVhH`Wnvf<_zzzGAVwye$w4#b2_a1On$0_nOEp79ceB%A2DBv=g*fyy
z-m9B$ZZ$o1PYtbP1L(fyUsRnu3>rrKfJ*;C4u@S(oPv`Xi0m5YzcNF?%dvlaX)p{n
z(#?TG=LCM9%-A#eEY#tV=qcT6p%NKC{}G8)>_1RV?oJ4PpVM4WM^Es>j`C>o_5JTS
zc@7-|EhwF|hhET6{wP%d@#7?c`H70$;N0B&>lsx;b`tqIVj6mEi_^(Ypq~a%7Tphd
zS4dy_|8z66z`cqowNSIruJ`Z>msq5?k^RDc)1(x8hoiHHc&f{9P$x;E@CKmoHG^h0
z!w8(A|2pBNc{rZV%>Rkc>KeBAf}5J+o}}Zw?F7%*Q1=m0cp12q8_`;(sfFk<9FMT^
z9sc%ysa@=S{y#~nsFk~ip6TjeJx^N~HPO{4fyZMT6r426ui+c}|Ls_2{69LD+td7_
z=?u}hg-nXUeo;$_qYQyBb_Tq=KxKBV2f<tAToY-I)rr+i_2TpeAy5EV@H+Y=ElSNV
z`vAm3R`Fdvw?y5G9=Us%d_E19T{FQ>_M*_Ht)gZnx&PDmt3Ah1Z6gJ)CBvA7b>+;1
z(9QuyGlD}Jh7V1xae!Lm^|=ho@Rx9R%R6LQ8vTCl>@0$MB<g=SNEi-2?W71;_lyM1
zgly^d4E^}3a^mo1wcqwari^?hm<~DL1qNYTmc|Nq7c9mu<2mc<<1mfuVB@Nlhaf@Q
z|N4G;v>=dGmudfeSr7zo{<rTJtkd|<KqOJWQW=8<kPJ&jvb_eq1I%2rFGKhxau?do
z+dLQGDo~ic#-VSSB^56FAj{}P{W+P9>(=31C6T2|^bU5tv!+G&l;)SgO{K|0x&$65
zbOi27%tBfkQ756s)4kMDB%|*g<T6f}G&Owgc_Qz%Ha`?;+sVz-a8kENQZ?59!`3%O
zS+cC#meFO~=q}r~yKLLGyKLLGxytOaZQHhP?S0O@f8P5O@vVr+%oyX#$Tf1toHJc?
zEyTo{Okpz;ei+0SK@Qj|_T~8?7cMqbMC`O-7x?E+au?KxbhHt8{lG0ZRL*QdD8Q-b
zU}$-l)>Q^k-EezF0>i9@ULePD+p3>>gCN_uH)VyL7WG{p?GF}xMaZr2tGyid7odV7
zKfMldG3E4+k@#JXUUoQaf+dp_IIhI3Jx9#0xy)XB23gbP@&;_mTm@m>{6fYhpsIE9
z#m&}a{b17aAEB!IcH6{cB2RGfA)ILzI*6@wp^>+<<gdo_pD~*b3#W2rS46bb_I<T+
ze|?612qaDDq-Q|lF)Ruor(cD0#V9xY?PfG$Hiis_fQu?7=tOVFDqnXj&A*8xtxAGa
za?H?hBtH#A^7GR_qkdprj>N*J<aS$Kx8(P}jTxKgj1TfpD5n@syMLBl(JU8!34#|3
zPR^u(dl0<4-QiiHSUB-@eADa8gkNVn2hzHn@@_GR(^~ys9HdIw1zas@LqhUv%8FEu
zorlD}xu{ON2&}fZNd;0aP6}kGjlV6Ndxbb+NuDQAq|T7E9_64->~Q$x+__1zvJrM}
zpUk)7dfp$mIvWU3T|dzKkOtm^EnZk8pPLK^q&NuQl)#6q!VkBXOFX<USQpMRP9J0*
zUW+}vHz2<Y&&nlJnJ<#e^~b1?>P0|p4jlTKrWFTAbMbxM{AmUyxesgwqAtS?yBcF1
z**;u?ZuLu+PJ^fozV<6JAJMGPeTphKsdEQzN|U4BUgDpM>=f=%ey!;~H|1QW$6CQ{
z*=Ogo&0mRps8+jpjbf0YYLh(%m*8lS=+ybJdl`#&{eYqft^5x`Gte`?t$4p_)J)@r
zkLgAHs^$kmHw2%S5RYOw=8#?#-8$Z@x`+H9&kY-^?!|{I7XoX)`yR#~BOT~r9j1v4
z@n{yes4R@4FF9|$!T&B2sURI}Z#wmBfR+-l&N=TH6w7R*nc#qpwr~hOL5HIaU^fgO
zcp4LI7W<u<5O7iQaynj%i_(a?krv6%=MNerac)f(!|ES$;w2O5iMZn5E&r0WjWs<|
z68)>L@iNH{=gOO@b7RCzFE3TyFzP9bdw@7zT?ejGc+6KzaOsi09ZJrg4;^jhPxAkS
z7mo~i64G|URX#u2^YKC$dy!=9gi&y3z{KwTL>X@OerIflzOI3ZG4~?DHU4{wTOQ8;
z4vGt*{&(a*eILB!GRG(o#YjdXL@da!?FhUwFn)(J1)9%Ipu%&n)ZDc}VkE2DUi50%
zT(}#Kh9jDK%ng$<NQ4aF5?WKN2(@cZi#Y^P(8aAzNe2T&*+v=ZerJyBC=Ew;jQ5rl
zXr%HhCjOx(k6Z$Or4bnrIx`8#gd_7_4n)|=FV=a@U1Ao_F33T8!A=clm8RUF^POve
z^jfQHs!Nmmkn#}8G$hCL8hxZxiwG&&I`~;zcZ#)Q&!Ut_bGq9*j?p-Xg~lP7HHEU-
zQj54_$l}~r{oT{PY~v+jz6nbrm`I4iGg2W0OG1qJP#_J#(g5UTAb)1t3l!m`hg}z6
zZ1GFtFv3wV&t3-WqnqQkOF~i`t$uIj=n&EtUqQjGC@XuY#>3cae{3;vCZqaW8_dRt
z&ny3L>Yra$Y#cswz^6rz#Pr7PLchllD3IU$?1%zV9m`pscun+cIC@4)l<%JlD6ul#
zI?JhduDjgqrtI2HlvrV@EJtJ;x@loELB!wR!YZGEWJ#l|Y2fJ6E2}E3JDk3C1~Q;K
z1AFzwmS0c_Nq<Aojmm79*gpd_))sG5t7T)i)1n?`zW}*<WydiOw=4O+o3GfFgMNw4
zfVQjHLlX!@m94~!^MDgO6U~QmyQOQzKnPbeZJ1v=6j~8ctp!E)9%n<L{Fn?5ORIao
z)6-BZe`lapO7y-aqEYAkVMgVR+k2ve(lnoZTBGyup{tz@ImCMP^-bGZ;lrQmdO54{
z<@n9JlCfE$gpO{%+2y@+z5tOHToAdr*m_`BmkNd7&-PXX8~u$p6dmIBkHGGG3sj-z
zcPsB~Vx>X)fKSyfF!j!6#u51*c^mccgwMJx3rO;@O*MtWr7>%wwuEfb6J9T-ID$!6
zdN$JGPK_3^qHf%_`r+k0P4rW*{iL?Kly5#qA%i3xih&6D)LXu;s?oY>Ji@tNdh-?7
z?HCTdw9>o|$}!2>%J0_GTEI#^ZOgK}?7&c%;Ou@suf5B<0VdOeB8Hh%0DTJXqQelT
z&kwD<h#IssSWmEyD*?H+r+*{0&OHO*SJkhe0$MGrY~-V{w2{j)3*5_C80azeSFYQ5
zPZf#xwZ>$7B!Fk?>*<o>bHSt>X2nm(8TzS+v6(I|6z@*JAwBWSHcy^_NFZ}6)j73#
zhZ0og%o9|Y%vrvJlRJ`Gi)|HdO@A{q;0C)zFWhM_Fc}(C$$v!ng3BLPN!dDni}llc
zhUUT3HM{dfyejQ^=<x)M#Ab_M+7%iX#fO3U3s|yYF*=&e?WKsT_Z1JnSombdU~}Ci
zz0+QY!AbT4FmdGN(;4iagWCVl^)NVUN8LCKxIG*lT}ddE^LvPkF)Th6o<u<v#HQN{
zaMyhZ$j%T9R<O&>0MqM>960pc$#>S<AZ9V2svj2^*dY*B%R5TZG{4#7Ar^uGWymaM
zj`7>EutvZabQY~E1ptA``#DU2SCKDcrrg}Ua#pn$`thG;N-5WrDGEG1RgJ~xCfU25
zt`RO3w30YAsmy*GUm#{Z)jgP48kw~A9tN6G(2Y?(0PI1qw^uiP_$sO;uM8h0x$N<5
zFOD{8c5;~IN8a!F<^Kd8iIjy(jLp7<Qxey9o`ch=1|Op%X>;yO$V&F`L59vSKMbOr
zx)`Bf50998;4bz;NCD?6C<p$T0}*66)n0%6x)@sKcS-Rf=c{pDO|M?GDbUvpuI&`)
z^m|4MW6x?2PZNZV0-avA4-Z{O>R&7KD`rxyVs6NDkDCdk^i-SPljH0+eeEGE-)<9%
zoN~K)!Oa5R!pGOiRRqLGsunbC&6G&rzDj+*2S2}4Gb!{LAWv&p+M7J;X#0eOzJuvg
zxC=HxK^wujgf+8OY5U3D?k$rxF8fPtQY@7cPn3x{wzbi)PDB1Np%Xt8$h2&h53}45
zlngL@B${&4EZK~&DOd2yaegRj!6n|$?{O_3n71)x!jhNHDt0*&XeFRtV$Rpxm*fJE
zU~5{7K8fTaV;)R)w*c5o{_V8jaXzH)x>al!S@64s!P{7*#0=_EEbbbKkh>{$A*no%
zn!vGPa>7c{*6apKz<r6%8y-$cC&hX>bv4v=V>k>7;o)Xj=vcLu(!wr1W(gO~+SN2X
z^K8=8YO0yhW`zV8UepZRH&ez(oz`;<UM1ph!8p%8PqzTGih{4mEvt`LksH__h(4Tj
zjOu~Vg0TbBlm1v!DvDdL@7B`L6=-DW98?vv1jM<29rGS}525(l!lT51(le6y4Ap(V
z*Fl{u&b`JBALW+I-oB9L$lkVECV26V9Q|7uwq@?$N$?^xN$_5I?(M}*iA4@AUyHS&
z`Y>0gL?iV60;g>z-|RL{PcE;ix_(60LS>Cp)N3X_9yuS`8`8JI2^KQv!zz@&mmH{^
ziWR!=g7@*PQL<T3Y27cb*pQ7Ih11oiI}j#1r^pJh;x2T|oLLY4K;vfNo(`sJ{S|;}
zZ<1Lc@MZi*NOY=|qb5*Kw%1ar_giaAZ(a$jl@xYXZ>1)i-m)N+1FYq#fvg#}CT!(>
ziD51f<cE60Z|9dR0`@MZs1_FW`J<IgIti#lz{Whkyy%Y{Gj=S#-*J~E;VbpuQ~wPn
zKKQ4HC?1(R0Z;!~@8Gmx6|x=q<)@m>XGx3<ba!AIb@);0xiJ&1y*0zA`!Ev1EJyAs
z09B!*EY07xGL{jXfq6rn8C{PtnCzQ{;#NBdz1YK`h^ij(WEcqp8zG!nhlLdwB#@DP
z)o6lOBLKEp!UkoVj7!Cc4a-UudHaG9ApKk=&bnUnpSBuYhI<KK0<#1!{0;IKulT8-
z|5uQ#{ga><f%nk@QDnB@&>Bbr3b!^x5cgh1+0PdHM>4PE8!*rEDStWzSL3WTAl-cM
zFO++P$zf>Hwo??iO%eFqS#VjtgdAVqgB;nHBgM~`MBhvEy!Sg6h(i(@Or=PGJJ%VY
zS8xkC&KG3mIQ?t63QkV?ftDFn+?pRnLKkp^-qIXt3}y0XF0rtb(7@!8TTE(nHaje+
zT1JTSN|D52aBU6?t9ClF#%#l91NIh*qd?;|WS9{0E-Hd-c_I=DBDXt57&A9(m0Z48
zc_1BeJHG^(aAx~@pv;9!++mN#xIIWXm$tKQ1M`^1G8~VH5U2b}!x|8vC3?RWY9Hop
z+(<slatJ?VoEUAuKMsPvA<x5kW;<7I8NM8KYJ!lg-B{p^5e2x;zx;7Rq#0IfeU7(6
zVSyFm%KV)Fc2dV>S>KN3JF{q0(;R1}<}Zd)Kjh%$Ye^s81Qm0sZ2O$7?>62n#)TC)
zLo2G^SfG!2@hw7oVnXySEuh~_jA(}UXAxTspIEHrN_VpsvWu~Ib&6@n36ReeaC;AJ
zrdjl4_~AKZ3D<8cB&n(!Q6Cq5>8vV5u{xm^e(BkEY2WqeP(6exJ3|XG?-}X%4kciN
zUroBWwR;xv00?o8ZF(^@>=Uh@u+OV`^tH%CjXv)l9F9)?QI@25rec1-J6;im5Y3V4
zp{7Jk)3CK0NpGykUU?#l&{}a9dGl+ls+C!xf#FInEZS!H@R-y}(i}kk#{I4Q60P0Z
z_5E##Ima}{dJN^kaVkMy%2MuD?ObEXvI`aC<=5H<^hA$|`=kaNsiWr~xBk;WH8-5o
zuQ0Y)0cpi=%*;>GM9N(=LvQ4l>EtJihmq*qN&19g$brjGQ(=GaKZO$xQ6{9tW5;EJ
zzh$ca)HP-pE4pS5jOBCmO6QXtRnLS=EX>H?FH@q9TX^Ms-09}1ZpX2YVfROHOD5=>
zF~Z6O6KzqG_sj7FkI?U%|JxL_W`v1t@o%VX%?Nv88~ERmdHkOA{nNB*W<zid0TC?B
z55u+jBbZXcb3R6&S0t<mEY_S)jPNWM(wgXP_RV=jQgYT*tFJvek;3+ndh^Dea}rn+
z*$CPDWz_!TPjzh`-&+=ga%&!8Fba@5CC5w{#fJ#_6*w3`dGn|K6r2^WWdTe6M5E4*
zYG!qsO^oa<JZd7Ls&S(apHZEPmy5!Up+ZGfrqJpn`9^ZjsSRdTnK#U@#EgJ63M^Bs
zaE3A<p5AH&+du{*XKKVz3k_VdNh`UE&xjX|b9O2n(7d|Fd@1G(clh%n2CUN9A+$dA
z!K?hMzN{(j{S{tj%IzC%Omun!l})p~UsW}b?DQQVC=T0!xX<#$kf#KlJlMsj+u;3~
zQ`<1nfr$5y$J^kBrC)pLJvXRekCHkj;pol^h0N`QOyoI56VG9gC<}@`BddJD@QQwZ
z{GvsH5!+x6T0K0bdcaj#!?Mc5V)<{hg|7NzvZ{+VErq;u_58(brCkP8>itXBF`-Di
zMT5IOQkgcj`GCL$gJIL#yQwVN+4y0Q4O)LT#~OAF^m)M)Y~{1<4+cRaMt?|g4!_@7
zu&A$YF`@UmaCN)gZ+~<6Q)qU6-Ft7dC<m(;b}tCdbd6#~kI%46`wYUjVvz(jLWY#y
zx2?l%h=vUaxVD>Q$MHnlHEqF&n=TK0A`zWLI#v1li*p84-_NwbJ~<WmTKwVcv~fIx
zAP@n3w2ePq(RQa)c!A8n>~Gt6Y;3o`?Z0Vlqg=~?&KWBK-kkJhf$00U-V%ZJT<m1F
zhG;(MKcj_O^AYxfd2?Yr=q``?Te6?dT{d4*h4BX%_$Bu45a5$N?dXPX1u{q5k8sYv
zJ&?ZKA)clfmR)^%jn-2maT4qeOJxS5Mp_v1zpK-tkrt$_lYe`ZGa_-GaM%8gi)9Ak
zWVu@G4V~)7?cTk#AU1Rij}Q!Ymsw1FrfzN_Ba^yqGrjHyI6RJG3`$5mW4b*=2l@%9
z(S5$`uMG{hhX%Sc=&M3)_CQ+=AUG)Vy@eUJyhR$esN%g5<j=XXVngSiu924HgTPYr
zpD4(uxwSyiz#)$Q*mB6o%TvP8@#dHJ=;bIj`I)RWt@2wc8%n~vwQD6>P;y*1{NkW*
zq$_R%?X)iEqF?_G6gT|zGEU)z0nj=&p13F->(kWaZmk}$C>@z4GS?0$9a=5lm5{Z6
zO2+m<Icx9O_wxK61xCl#I|jb0<hpGLlKg$Vv@>MK_u6${HNs4X75aDm4gf~znWxG7
zr~hs0WyK0M*!u2^`VRWOhkoE-2mj~#o2(0XX1<2yTylW2%N`|Hz3-_l;5`eU!Z+sc
zzWF_OGMfk7`w9*~5|eM<IKOxVoq{QX`<H?AD*5S^^G`1o{{Yjp{to8IV|kazW4nH5
z@V|an(1kTC|5mmjC;w@Ai?aSVl>Yw7{e1+Y*}v!Ub8Sno?{6MynKA!PFr$t1V3f&s
zI{!BwX|eCF`#0<Qt48bBjsJV$+O5r!AOD$&pX+Ll6*$P%l$%JZ$E1yKPkxGJli><B
zLcfgcCY2wOK0wJ1LU4)(T}f6d9dU0H35V3e6QdVMPBJ{w)(OG;kQ71II%*2G%D7U$
zvq0$457=M9dvY>LOIWzukIJflj#@8Oq#42|=nmVi+qA>+e%2xxGwbW(cK2mrZOoP~
zryHxeQ^ckwR2vSL)B%5pj~xUwm0kb!_ve8rUuNga+QQ1%QO=r-qFyp`&AOaqMpT~a
zY4WXtNk%xy;}u)KKaV%LjX<y5xx3sQ!?%T|%&TgDDwkbn2J$%O6W$}ZpW4)Ua-j|i
z=zbvkXsc9EeZCUBI<Nvfx<=qXt{vi>Vi+A-MqOcFw<-Lt0<(-a2^(tUQStX<C_{@Z
zQc1-&{?c|kD#dlx*|Z126z`wvwe<ZnbT}V)tp>PS2rF7uCZAYJ)Wg&AcjmT3QxB;U
ztLt&(wgKzNz=PQB1hTP&RMfMP;wLFfSBqdjaxt|>tw6RAzl~!JwA>**1(I9FQSGKk
za#~uC?mnuv@lkBfB6Wp^8LdKyT%4`6nRu6aI5M%8M-^bW7f~-SZ-7|E_V4#_Y5s8@
z@(BCa-$y-q*p2=+=K=bUTwx8|T-p{Lqu^`k6S~MtX!GfBO!?_iLr(-sg1n|@y7A2$
z0yf*<o_!xb$D2}cZ_Se5u{5ZZhfPaL*be-mL{Z}$M`abWhvxzt0#PNiZ#BJ%V%z7q
zXl;IJPBfzOFbO7cgPVWdV_fI_+IU|Ws4zXIma!%)QiwNBTd}}%41{?FMT&QD@wfQ}
zgZjx(Rd{m6mpL7QNEc~szYn4lFxY7R4GKb;M@tmovU?zK?X{z!zzaoyA7S<Sh$$69
z09EirZ{aS%4q-xEOwzf%!j9DcYLP=e5Z*zh;$C`VXmr&;2pIJ6_bLB`!Y+6pySef8
z{(7JK^7eXP%1Q4AfnoERSR~0K$z9lQUBr7h;bHh{1X)s#zmBJP3+O9Pykki@y>&Jt
ze%$ddNvV<5`1-+dh|m{t#>9OqybMS$Ds_PUdaKg8T~e#s^Z$7XrW{U>NJ7LEODB83
zQwkor_EU@?ev59yOH=_$TyMlMTEN-c8q0wA*y-^Vc>_D&m)%167B+?9@uJf$<ZJ+`
zZZ<O8&z+CHg3=Psn7Jg^sHD15{rd53yn{(L{Pu4b-;~7UK=JEOibc{T!B1&Q+H1<;
zzIA|1$wId@plZhY36GK0Vt|4o2%V}v%CJu0ZB~F?vPn{vYgi(QrC(fKxtVwP2JpR!
z(n2llI)URHyJ3;0>m%MuQUp+nh8OOvUT5A;`jw<om!h>l*lZ3%;D9y2f66?`>gnxp
z4}7u<!QxWT5^phOK`U>+6th`MDM1{%8iH-=;jkppJ6B9_tT=mK4rZPz>n%?UK6M0j
z9*(4mOC1A1bTRR4BSM-^OQ>c)3FonnY1?gDi4v8c&tM!}c#@z9?+pP#028}%r1x_@
z9KGpehm?PCJ7WbSH|o*CPCwK;I0d6hid$hM5uO<L^hOZ<ZKJ2!cfQ%O#%1HOuqTd8
zMnh-s>mWKqN>xN`Kq$^Wcz~9vc6=$$C>;Wd#Mwv0ZE0^+o*K(4D01MP*YAmq>i!gd
zGH(b2BvzkX(+hO&U=qK2@o4s}4MkQvQ=wir7)AM4r9LT?zGE1-bV*MZ11H!qy~UVk
ztOvXX?V7B&92KmpmU!p;k*vWyC1srHlJbKrH7&L*XvATbt1x}HR-YJAWR}8zjnHjw
zq8CdbkfLtJVB9j>;*-Oc=b{%eEJ3Dk$!-b__8kKRzI>wiNyD)Pm|XMPX|rL4Sl&|S
zZeH-HbaC{=8!94s4+q0r8SUZGHNuu*LePc~tlC&Ykw$vq&C9mjXdVvN{z%xH5j9ya
z@g=X5ffn7_ce47?#!LSk<1hxM0`~CvA8G4OW(s-uoQe#=yUoOx_Wj5;EhdE|_L36C
zACj!Y)E%@m<*kf`%zY;_j3_nfsbV{b#28PWtz~%^)x`QN)%g_(ZYhse;f0VgVeS%1
z^?u2{)EvTc4Uo7MuYgWLd9O;szGv@mz{4MSbcKcIiLw;hbw2l9KiEtsHPmQXn8`H;
z2f>=>o*xm^JqIy<RsL(8)s0>Flx8Xv%cwAO*{wJHH#s&mak15{>Ry`92)-P)=8l4?
zCu|C*kEK2J4t6CZsDF|IyZYKyx-LWkD8m|Ir{w6l8ipi$BdVo;A`s@lSNZO>?689b
z^21hCPtK2orf|bAx+mW+9y`-uWAwYUWwYX=Yvz3FB8j9sa}x{B*?B+vS7{=0m6^Y2
zIAxGM*f<-{cV9q(^}NrQ@nr?i&~3Zuwn>?}ON79SzBl)k0|!(#^y(u4U>R-~YSz2H
zx<9M1HNLUAjqLgMg~0*O!?Ne~_8)9Ud%7SQ8zy&VM63sen<<modJdzXfH}ikaASHw
z*&!2d8;suA_4<0$PiRBW(4uccn&zdWq@Qff8CR#8I4Lo^+JCwtRWtfZpda3^$R-b~
zjw$Yb+Uljc`%(oRMVpxW2RTOpxeCT>I<o-LW#}Eo)G%c>ZhFq9X24LR%8bIo6mm?2
zM@$4zdw54yOZ2H@S2*H#Uvw?6L+CO7^w;qEo$k4pu~zcJgyM88XT?KzTeR1QhQMY1
zgU`BZJy*^bzhk_d=wu<SfX^y(`Y_5OcNDx@B42B}kZav#!t!_XK8Qa8pOp7c(7x?&
zz=1cX;420S|A(frkujnj4WxZuz9ix>MGrEMXbx7cQTh>Sky_k%h7GVNmMP%QO1y%J
zM@aYU@nmo4Z3W<yc^4-?!dhRe1A=0;yyCe-8p?mUpl4p2kUqsyue&a?`&e0W^fhw?
zOd_DtLpq-41B7lbzUL4x-#33CBA3g{3y@9cp8lq=q$ms1UmGu<F_THp9GK9<ucsSl
z=~w%bL4zOlfe21j)jRpO@Kg0|69(Ks%~R4QCa7pHc~d#?ku)u4OABY-I0u$Jcpt$5
z?$rCgj62;_y0NvqY3>tY3>q6pJF;%M$XPT;D%_vuX0iCIx_?&G%OHuG*3i|2wUF&@
zWMJ5Z<>Z{KrTi;653Xv4Z|`X_i3;I&rE*I~$}2)(TF1pesKvdRjH_}k!y}6VXY{Q#
zSMr|Q(rA6FnMF>5y`(8G*94VPKP0ubMjyYYlhUcTb}RS$FdTSrWC9u!k0p#Rwi791
zF@{tt0!fK4>?L!L(!OqGp0xj{LJ<Nja|15FAdpNp+0R#K{bm>aqN*kI;E{F?(D5Sc
zwyj0HN2j_CMt%RD=*|oPf9c#pVoQ@I>Cnwswu4vmQVEW|aGG)tCes`%nq&iGyjXI|
z;ittHKKq0|i*|42O_qKwC{Y4lj@Xr_O+;TgWp&KAvr^1+3+}k1+dyz2lE^J_fA~9n
z=+G?us2PvWTF^SMvxSepgBE}O1V4WGf!`oMY1J-BrCnFAdy(+!j)2Pdn{}KNo7+ow
z&O&l07Sz}OG1Jq4f;PJ#-&o|^wHaT>Icsg~(OWH#J46u*#=*S&;PiW?4z{3(_7sAP
z+Q^OQ*8zJTwX#bsS_*!}^Wx#si=?eLo?2*t^}$2&6D$wv{;}dp1@%_QfnlU#<rt_D
zFSdPjWB-)h<To$&U2w@c+=oD9*kGP3^TEtcBK8ff6~rfTws+;dCXbBf_nU9$o9U@k
z4W@pRAwV-NTz>Wk5HDvxMV%l=$`5b-uBHk@58vdlPIjUU7$gAH1WW7!I`v%;x{g**
z4y8ly5xt)=wnlDkIF-vXe^lI)ZBCtLNu5xz>&%qnS*ZP+$=~AEr9mjqa;>^jK7*AE
zwVB@I^DYCW^QO;k^6mwTB+#YfrK*hR4q(kRlre?;Msz*K)Hk+qe316Ya%Y>_LK2D@
z53z*&JPb3Iyx<o4EvSV29AwsS<8|Zv!S#*rdz0uS6AH1XmH)`p(Mbk171NC8M^)y%
zYdM&9Rc==-A(LVDvDQmx;o})8y-dM-tW#j1&*E1$7hc6Hoqz`?pIcT)+^WwN(E>bP
z9XX-sJQC+w2ffoDqa@lHx>{J==>E*86esZF%3;GD{E${-SGPG{Ot-Rukx@d{T*Jjh
zfZwkwvPsgiD8vVs$(_5z1`dy;qTfGdIJkIK%%W@|VMVrq>0N$MYKd+~|I9^}5>v1_
z;~{|dG?ib&x&fjqJHeLevu&ccf?nCO3~2Kt+ds2sjc&Mb#f7O`j1Qja!|Zwm5d4B$
z%LFs{gm)Y)7vDi*vp>U|Qq~d~_9Aw@S;JVObH~;v;j!e_Hf65hx+JunkrfRJ0OP%#
zBRqbR^<WQsg^mv5F#iZNdvf*vl^~fI=4`m?4O*f^>EsiPt_Po(6jljP+yllAL}ALA
zhk@3$j;zCGbBk0ngmw6)6teR%?L@AGCIa*77s2dhP#3YF#y_$9xwp#fz2k%t(g!Hg
z(+66chOBZpN6v>j&byB}#w(FPQ0>z5Y`0RB-o#|)42%#><``seWjm;=+49p^JpO)u
zx3WtP$uJt%wp(|=TG7m%7>zpba6)dn!c}^H>XKT>M%m=niH?R;b2Kbp6<B1y^1azZ
zVTG_M02Rl9HYF!-RrP!Nri04|es5z{^+*eT*_ty?u0<p#0kDY_lub!lFkno(%z%VY
zQMO=aKoNk!N=!fCBPU2q-kS~ASh09rR$bLzGmYP}`F|JwtyqrxsvECkXa*U~@LmBA
zI3<Zk4l*Z?y6b7s_&*l(EF^b*lki~>r|$&KOx=0(ClPx2792CZ*V$rO9`*RJEMZP4
z-HfK)i4RQ2XoL7w<k~4wF=UKz^+fR>iI%g{^v#_i_u=83L~%;-AEI+trL*DM%kCat
zGk1&4P0k`oe{_>U-KK(})&1d@K70LJ>^1l*7}nvpgoVh95=V*qJN>4rpmkD@IGf)r
z3<lk77h+Hhl`jc6q>x1G#~rCz?NUABo&}$9y{5qUB5(MX*&^S~4I8y8;W0QkUzI&x
zEAGvnsr~g9N4K#adFJQsE!5Y>qiqg4ghbzRuij5sp7yICSV31a2<!_Hc3Un2uNAhe
zyb$09<-4Z_W`sO%yMV@zcJO;yoYl%DGcmAQvFXKft=9`rUu+1oI`y|@(SRY2RNj0V
zugAIZSxmaYWi5emP!|S6;C{FnPa0_P4EunoAd4`2QzS&+?feZ=VI4Ms-y<a24nWSQ
zi}CrZlvN|);5Y(*+V!;Qxv3U>p>(7|7|`y3eGRG9l-en~7Y`rrw%yFw;tus~by+X{
zg~8;iIbVnD5S`r}^6_5TokQ}*fkPX217^zf1laPrW7g*G9YOYeSfKtOmq^z2eaYDJ
zd3d-r`zo)+B*Te}h1Pib`tt|zcK-G1jgmsUMtpoZBZf;UU_mk#4VPGzbm4c+$1^R4
zr{Zfk=Y&kJWk!p0JvHKFAOHdXWPk^68|pwwa#Tg0#MeA~1HbX25dWQLuwQX_JOU@y
zn_XO#K8P9$O9f-Y)s=u_kJ1MPS9hi44Fvc61BLvjAj_Zdh+HhM`FrTJX`=uIc!K&g
z2P?yy*hnufr<<U#9+A31YKIq{l@NgWcH7EOH1bRYqZ?@fIte#2&NvnedWFE73#)ND
zVCDA*;PcY3t6wQA&0kD@@3YQ_*NxJf%;mwA2zSfKIs+d8`N&YYy%yHN+L^xqZrQg{
zxF*@`+JzsiEEY&$5c4_#NP(QLv_VfWF{IV?Bd*x9yE^*gDJjj3<d2gYhLx7trjc;>
zHQr{ua3}-U<Fot2`$vhYHnX@*Du7qGsd6w^_h?<|ptD)=_wVUGL!2N5;rJu`S!AM?
z*g-P&pc^*UYo1cx(_LQtu2ulWr7D<Zcso0}tQ{GX`>--aH2G>IioD-2`mDI(+{>9i
z703I=RjGf^4+%6393~_0H=9rkn`BS9t${<2o26;J*!xz+2o2+ftUj~h1HTcSS?UUY
zjY{-WzMt|QkC^M#7L>LYkDQ6=+YDOmJGL>i<C7^hZTSEX3IX*H@xKM>4Y+B{5^RO(
zgUYaNC5E)+a|drehIBaa26#T38mIQdM!~<9cq4+$d0b#T`;6y8cY-YhSvz^!{(}Cb
zC-D2omr%btdlP*RxAU@|*(rK(dAJ;Ie;^-pGt@X+=DzQ^K<|KmPG~OK@~8ujG;0Ra
z)7>-DzOv_oqr4e<(^5JZ{^S~oo-<fBhgQ0?$xBxk`1FZmpju3wN=}=XG^q_3BUgx)
zUp+rVm%D)%D#z(T$|Q_bh(|(zQe~kB2Et-MtK9pREu)#SJ2m|l3QM*B8!&e2BD9k0
zH23XhuHB>8uwi?CzssMCpku+3xb<i!<fnL>7lNei;LhBSuuy^*Ci+9KkY^dn{@mkh
zDJdaTOjlL43L~VZ0&@fo@4D+W@(yT8nZ_dZ?AOR>B6B1G(eSJ61IP<I=EvU{t_j1^
zvt|Y^1dev`^#a2hWz-7Bd78G<R&y?;4>3b?-x#_9RUx*CGmNdhP|@)Y_~nSij%oNc
z($`|K;$z`)_SGMgTp=%oe8v|^+)_pTfBs>YrjOup)M0=aQ{7)~90X;O+(X81D<C^z
zC^vNcQ1bc50rT~i@gs9N)i^>-mLc#^Ba-$bYFWAAPTDR{5=j*w%r7pAqBi$m4mO?G
zHwRnKBk;O{f&-aNszpL|aI}5gu4O;zAExSU9^%~7K@?9RN1MJO`WK()*D5YsG#OO?
z$4a;VP8i%(m;Ot=_8iX)4$fOS*;)}rdu5Z6Ecev7Fl;<`S{OQt9<ZKddGzO%EF$6E
zC=9%t4D^vyk|L=+5N;;U<iRyQ;DH88c46sdf&}J5W!v)RdE1pR<cVPLtIIxy4}UXA
z>8JP#jWh^#eUzJ<vo*erEXGQ6y1z=;Hj%hGfVN?%K-ru@{|)9^wE)jQyge1YVNge_
zyS%g2g%@-Ig)OAu9o7t5(f-TS(Rvfrwq4@IReKAYRp+K8KF9e|t#Rn^PBi|lyNJo&
zt17941<dzrD59aE0fXz&&_t>)03`WCs;l)4Lz}|)<1?uF%s)bjvWv1hj8-6JCpWY6
z7w3(MVQN?OO7QWRmm=&qX<}#Idyq8$-9pf|`EAPf^;GMMQS5{mOU`UJsXe85$4AGf
zyh3qBoQ;o9TpB|$tQtP-Edw1$vEqOZm>;Zrb1_E7aeK#&1@E;wZ^VP=#=?<zU1l5P
zr3;Ze$oc#0=@5Y}{HNUF1LIuO4_P5mygt<Yb^6Lkn>(t{tl)c3RAhPJyznMP{hZ%V
z-@YWT{Kh|x92rb$vDk_>P?0q1C@Dtdjlopfv7?bmBOZH2tU0t@7vCY|XJpj4+Kzuu
z9Nuyscx6*G9s(t50i|k5t5@m_uV4!oLj-#D9$#hbuzqwi@+g!~(C!a3#dK+E9Jz_$
zg95jC7>&9F)0cZgyO2fwLRUgFrP{Ah9xe6os!+$wDhh{rVfAPEYfGk`iG)O3=1;Hq
zcPl<H`{aZnOYYeO?PJcQ0pUfyNHl{W{uOUMPYrn-9}P38u4QJk0Dz|NRGo2|Y^{Yv
zVBf(A$Y^f|1x^mRl1si?(hrr>(NrdQD5$Za6DOln{^MjXdRKRTHT2TZq~UZ>pWNC7
ze_E}8enBRj$~lg+O9vv^<=xU+W%FE!Fkb9qE`Qc>sAhyJwSs#ax+ilFTl;ILSQBEO
zC6>uAPZP;{^%p^uj*8o>Ai!#dx?(t=+v6}C9K#6w20YHVar%y8#6>3CSkuV&w@c9K
z4NR8!$>v{M{A=<aCHv_dOS&*X+}42VQ=r30F68aYGqk0Ar-WgsWZ{F&+RupvI=9Sf
z7pCed|89v%r-Y|%86Al)lbVIENtJY#@pkr1WnL9Y4o}bn8imJh!WdCbwwNqsK2=5~
z0QTt3BKGel-v)a*;dW`UnUr6LByT0_sD(>PaU((2@xq%FIh8IJR;%VDCM(kNk68+f
zO<K<#yG0+*RsMMC{&NTLRGq{b=7@&jC(-QTre_XrLy9{YHrFfj?8Vgk^K~gdhZuxj
z(@Uj+%XMp1kA~>ZYm)webAw6T0P?l-i2U|MsO;_1gD2gqw%>1=aOi9^@|r@u@?ruX
z3RNDqfz}Xrd#NDx0}o?FRFs3Rww27URd5J#25rPbLg=i;WgsAZN1HwhR*v=h4T;yU
z@yqUrD}tGtFm(ywnk9|H7%keWekYlAvber3YE_Tnjy9~~byEA9YG(PeO<g5X53*}S
z@=&-BTdY@>DlCkfFuvI`%NQs8^$;dI{IDV4lM%E<&Q9NJ7MHg%rakQ3b76jDy6dZB
zP&W}!NsTI44tMvw3M5ds-g@-4YKFK&Ho!WVHFUh&y*52VICR$DJV%wJxI#9B;Plu%
zUlX9lH=q=;Zt(r$`}+9$BKN%V{klpaU)lD3Kg!^CJAw+x=$~%O8(+)vCnhZ@-<Z!Q
zcDmAG(~V$_egU0yYTwi2D~$!!XVu+c^T{a8jle+f66M)E+s-AF6a1^sNRk7o)VYW~
znVq8J!S>-Of8KF>-H{YR_>1(Cc0R~-5={R<|H;$oPW2<z#0U$9**1+<Ic;Li+kPPy
zGj1+)WuVo48u8&FgbuhiRt(Yl4DaYkR>ZZ1<Y^Cr$fiS5M2c8{{)=9dD+@{qTWQlF
z8;*5(#!DAZU5`v1$Wv5hLCe)6>Ov`$hFoU_^_$(aR8;Gq1>woW^lS*yJN8lh!bEKD
zCaTcnrT!{I3%?cXV4i(dAWee-BIrzU+|l~9I563t!FtH3cKb#++kK!rR;Vv?k?Ki%
znJHdEQH!ni*rxq=0`ktv&w&@1bIEWi#iKN$e8Kv(67jhdXO)IX2i$+?CNj{KJnZv)
z{JxDT`*Sx_#f!1#Q)e4*-Q<?EX6Mb!23b0JQy?~>m9g}_^bh86-PN2A-X&0cOyD5j
z+&F6k4A7hL7v2XP)~~oK*c?bl!3H=g^a@T0%5L}>sdnZqhb(dHp3=?Y3^8<Kk20+~
zxt>vG`rP`^o7H<Z(hT^JS1jHwggK5rLPcC&`4F3smEC<A%&uM#{B*2~DM(we6$F9Q
zoiS9hy7h!#z%*AbEi0JX(xg|jTBU<9ZoiHiFhUCUlWGA0)_u*+B!`h<Ca1E*&*`FQ
zaV8g-rmWC`nXm3wH{KOL_b!6g>48Pv`66eVo?F#;44s_m0-j7C<08iOtgF2r9ZxKq
zm}s(eXJGdAve)JTfu+Vz4U5_;wt{_;D7}K{CNX&80##hcTaF8P^s&w}39~2he|o()
z_mW2Wg9D9CNc83H=t>oOKxnX0x4g!S<g}V^wY=1jur+UX?=J3Mn}1%>=Y3VV+1E<b
zq@cA{z`XqIjcYf-Xe%={KU8%_r7A9o*>!QzFwWfFclaqc<FHsiJn<<tQ0WBm`(~|K
z+-(Avbx#%b9YK2c2VX5!;}p>j=gwcSxC53&m?ABV<}&;Q;SU$4Dzpn68@r?l0~tw#
zi7q`puL62uvm0C9CHbX9ns7y(@D_Xx8%+Mk7C2C|k&o0sdNeynv4piLHa`AocSrg9
ziVwizE6umHRN#bIK#r|#jV-fdWJNj=stbD8oJ%p;B04_jECaw82C$wniLmPvwTPQ0
zb;1~FinuP2e;aMyb}qC-LkU7N?I=-6dO<~^?)b`xH1S$YsJIrEZ^@3zSA>F?d1T!f
z{`->)?e-C7E2%3-Kd(J%>J~StV+cjKCaRWo!92j%7mGGb?)KvA>cAI!ciKXi11Dxr
zZ*mVRaNgM#G;J~*`qaVorG&D5%ktsM`TF)^Y~nTbY*ax<A>quT*8m$+x}yFyS^G*i
zt@)`Ys*;iB${D?o`bUWI;`C1oh4lMsm0#N2L@+YfNZqF3A67rmrxc3X&4Fj&<I#{@
z4>W60f~W&zG*X17QUZq<jA1N4Jv+a=n%~ky2anPqlIpU_0>A&)jT+NVv<4Ygg?<*E
z|5Z=?@w>%-*8A&G9pJk{83A50FZib(3jdYgL8jsdJ}#jJKI|mG9icTo!yG|ab%a@F
zmhjh=$qc-rI?k|N;FSQXP&T!K{G1$0|Kj!~zIzkF-n>^XU#)f9mA#GzQPO>2>AI*^
zQqG{`V@q0D*Yd_<<HoW1VYum5XtJFA=#!V@9S$G9UhRvXUqKhLCemWagLQI~x>7n~
zLqKfL`@uvIE?X%MW2qfNio9sl{j$(5iZTR3fM^|&mer>!B$(9|M+NGt0=3nt%>JI&
ztUY8B<x`h;``u`sY!)uz?=wnRTrqOfe0|k6*qKsOS8yA`#UDZalBhL@U?L`nkoC_p
zH}7ATDu%W@t5fUM^P!6XUT#v5!phTp6^567)hF56Pmp;ZmT8RCd3HV-zuit<W>2oK
zhx%$?wQUuRt9QEsm%#}--wPAO^Rh7q#Rz{e*X!q1<}>|P>V0Rpu*Vb;-Ptn~d&rnq
zsuwiR6qeh|o^qFo%~9jyeX*@dy+@%Ls~Mje5IotqH01jDkPD&iBCl|`z9sq<tBc3v
zEvqi`eVmNL0;zPhsxXyT(&GdrEG2meKBrn=zeo;F)pO@-D%BNVUhd;^eJmnvhuCh1
zB44b|Q!)7t@a{`@9U+}0GNx4Npl$16Q8=oNpbGbF;e;!aq+YZ!(mHj{_Jbv0UI>za
zG0LRZ!4!L!Vz_CxZyzS_lu?7TmgTk9X14?OlXii-lyryDc0$51iBznhG93#%av@Y|
zGqaG{AAdopseB+>b`{|VQeulzaHsrb>dJ0@P+9nWa_k+#ops>sn^T#{QJHk&ymjcA
zf{41+h{xLpbel4&C4BMu2TpS~&Gxjy$3*F0O{^=dV-<!?H|&(bGA0?w>~;*W>jVFl
zTi?N_ly{z>0@Y3mlq!HtJ*S}zNO8R`)$C+J2do}g)731GEoH=idUog+{8efu+Uk?~
zI2_X`s`_*)7-`utQ{zswTy<6zJP7wuN1Ykm#hO;JXHsmdm+P?JwMMbcNc;nkvFKeR
z-(>CGKCngs-DJIK9zpN0zAdy)cs)Hu&w{HbxKC2}dKB+>(h%lQGQCK2ktv<~C8RV>
zzERkS!L}kroU+DTnJSJ(UHXcXlSCUP?%8s<N$#&f+G&-&0dW76iH)=j&5F5r+NRsu
z$?p_?xtZ8|C@&uZd&sX_fge_Rb5Y!TPu3uanp$C{X!GX|X2`ky-Fu(kXRbV-1}tO~
z%yKH)D1`a4QrUe5h59$r7G`(cROVo^@hWVc{Oy6yZ?GBUZD!{rJT;nZ<#=FBB&AH+
zm#R-FBYi*Z#kSe)PudT{`f8@(8T2#^mwd}R8V@prIs$`&(N=TtS9iV?Vo^ZPyYtM+
zmr6*gH)$QU1j(kLj+S2N$%z>C(;)+}V*0pNpKY=0sDe{>h0TmqgM4sD2etbd-@N?A
zi42q;x!7lclg(G%MMe8u)huboXjGTNa7=yW(5qHa2fNT-BJG4@dlYR7)*3Xc)lsgk
zgN}dRetT3}urrP3;~i|n&!#~l1*l_grXN2Je+H~8?q!=U^#q-938aS}VJ-%i!Kq{f
z*B|J@y7V2m%tw}EIVAwe>m-B9D}NqubQXTC*QPtxm1jPTeW7=L*v7Fsy4+K!+dkkn
z+w)n>S4B{t^rESfZg$DNjO^)bd6P>pGyml<lh;|XXW@IRxw9$HDV6vBrI~od4@r)&
zs@9I+B(i(T@_E+GRY}W3mfzvn{&|9<@48nM_nlu=-U=HKS4{F2cQ;owz^)n<!eQMw
z1O-NqNf@01(VwyucY^?+Dtty8cGagvso>S9ONv^Fz_MA(7^mm>r|=g`9#_{#POjoi
zIicAA<w4Wpb<}U))P<!2*YJ}-6IK6#M>-P+G%Y%Wg^3qMd+@ZBZ|m!6-zPe>uH1Zs
z!3-M4L1lv<S#ns@#3Zf9d3Zx2m;B&<Jb|&P^smH2{5RV&3<@rG5xb%b`d`ZRI=P9d
zs$w7gEP2<SvE`B>6j^h{M<FJ|2U2M?<IRb$bq0Hk>J7aZMMb}3Ox~=oZUROnxZ+JR
z_H?^^Nwv_=ITCnRI&L{yO9k6kOOi5|mAPX)v(EPkjs2U8BZc+iYc1B~*<3BmkImX^
z_|r^d;wJg(MY_Ow-BV1s0&hcbQta1|ir*`Gf4iEgj<;KQG+BFWwPXrhU(`A)H|6Vn
zKihT;XE0>iyFvT#K`&kyj`C&psN$%h8`isOUiybD<-Cev!t1Ykl-x<HSPQTc=H0+6
z?M8T@oD*f#`PFV_My=VnP9vF`6BMmUN&*zkXQWQ(QRb|%n<Op1^(RUfMX~POfC8u0
zqd_>hL)oTeBN`4FHoAtwLbHC(3#ikm@IvoQNa!In)|});kuQvSNjz)}cSrw#`Uq!s
zWw|vSsq}itbnj1AxRfUtR;x4W!;;hY*YaNtW?L8STmVC%xlITHL{DlT=JF4gP+}ih
zWi%g#Sl=R#@Cn`m!qT&?wwxVb^(E!b+9S3!?W?V7{3*f7!^Xi{HnK?*(vAYFyo**e
zeIsDOu936nuDtgHL{D+`VO0s((G~>irTvA4Ps_K-&W=HyOY=(gK(e^rH`f)7%9cM_
z!Ivyo=XNkiu@_vLiVSb%pE@Tc72V@hk@%oN4rYPo+SfU74-2mBTXajYOGop-p<l!g
z6^5BE>&8ndRROARXl1cOp9}p=eB#)otk-&hMa{=AK7l0?RCvHEM!pC%^1RD00l{SH
zn5+lY7QYV$37nw)t6@}QU2rTeg#?moL$Nt6Bkib^?IcYS-T)3U3jNIfjJ(NL#!<TY
zKx_PaUQN~5nkgwF3$_P@QO(LCIE)~-BM-=~i@83D<NM;!D?C(#NSJDk;Y*-6#NM4p
z{_8eNRIROM6_mHlFu#yl^hk_hnHg<B(VmPdR*LgoKl30eOfcXv_GE7K_bQ%oO49sl
zq<qpjSs1kCmGy%!`zpR3EO7JZ>gr32Iu<XJS{H>K(E2<Q@DBBm8nM9;OxJGPOhwoN
z8`h)jSf}2In4{G_8B}`Ytwdfv)Eb5vr>B~2`sFQf^NN@}oZH_l&>YQ4k27D+N#gHP
z57jPzkT*^RNw!KW&I4#N>WFz0XXP;{Hu&Ad<EgA#*0&z(Y0Hleq8-l;&bALAiNbx&
zGbWv?FiDSxqK%#ke9O&P8U_(QmzAaqg^$c_lMG4H!ntO-%gd}($2?X$pq;5Qc4y4y
zMvF&`*n&U8NkOgbbH2a0qiI%6n$!>z9?`s4{f^FN!--&9aHd(#o2A>^S>7GMm973D
zYD0J8uP#Fx*;?e-t?CC?QJ1lu%+i#zd3Y<mbQKt{LIG}N6ni38!)18Q4pBGa$WANp
z$eFtEx834F?pAqX_Hffh8+dxWtW+rN&1^#z&l&5b{FSwSzf?(Q0CJU0rLx7n$Y!D;
zX#%XHjMr0(QAROaXWuFe?0A8i7z5k2-eX<%tuuysG_qn_-qm**Q7U4=H1h;hLvw@q
zSF5_Qm_Aa-Wl%n}w@md$=Ab<ia=fkHg8^z*4y!95Y0l=FAyM|=dDQ^Gr=<Azd62?0
zuqaJCE4+*=>#&2X*tNFg{#ZOS%WRIMS%*$8V$S&JW`Y9>ZQ{2YSIV#z4tt1r8(`*F
zLy(1BRg{MU7%=98y{qxrhsbhdl_<&ZsEizebh}jC)7TIm#Ck2N=a9*<`w^)cUcMU3
zM<)i$!Bza<VzsZ}!Ly~FNg$Wf8oNI~lQPKp+9JAE!|JV=nIAfjeArwmT|rE-`Rt0q
z15>OA%<nwJSt+<l>2hB<35&~}8a}K%MAgU`4M!Q5wPtPdw$8m8kXhZ9-yi}8+e>Ng
zx!QvX8~3hOf7g6=nI5(3l$hEVF`-hb(2jS_VAAz>rQuV@$5?+PZA4TEl88oB=sxLG
zqN}o|Yfcw*aP~An+BYe)M6&<bn`Z{6u%XB<1xkY`czS;ZvhcDG`IFbt^BC?#V6It*
zy}U(@{-+clrA0Xw`dZm2Q>?y*+_2}gz7jMNkx6XB<08gDmORvQgi!pf@3y(tcH4_B
z5BjebD5fu23<*|Y<Y%&=owGShQ@&Ov5>z6M|J7Cv?Lh|NGu3f0aj&<ba|$lcq)w+o
z?~*Rx7hfAp?C0c}j3sa%2(sc_-s*WWe!t7ot$Q%3eA%Bt5O#=Co4it<Us9ncSe3(g
zU~9ZESi!F~=?of^3R1H{H@B0{DHSsjsZm9$t4bYpvQ3rv6&0`vyc;uIye9Uk8MCkG
zff#Vk=PG)0zNXh)vHfodd%jyOLj(v{g2Nzc&PY9nK@xvNn$@*xswes{PKehQ)d$-c
zH%P%K&K8Xy-5M!r$gOhb?<^XH<m@r#3>KG-GF6*a*e6YMJ$4W65_5oQ^eHdDtQ7n#
zY;>KX<?3iA&oui7sXmo%8zj6p4e#8QzCLYFDoK;b>6B64KM3e1Cnt5zmtzFfN&D9x
z-Y{0HVQ8Jih3sXVTA|I|<O=~thGu(IS2dW(<XhtncpfOoMFws{FED9;4lCO@#&rGr
z`Hq4U1lUM_ptqgr_<g3i3w({~HA$E+b(8&r>PGzeR99#gHzaoXye5VUZ)xPFJ~G5l
zV*Ob+o-D`axEkgitpg^)C>=euq7x^)5qRrAbYcPMSXRGg8(CqIAL|CQtsm*;kgj2q
zdbD<&aBqBq^ceZXkU?&tC91R;***TY<k3CtHqX}T{%K!NdIfU|ol;A@7IqD`{PM66
z!?%h1p0{dI`6z>nYPLy^e<Gg7jmxZS73!eHy0V>d+FsbmiI#K5IR5%KaUFBr$dlFx
zNgm0e86xfkj!2jO_05D`-RYPq!ZJOQ5gCW)lRY@17TKngIL7^{hR~QxNNMryqYwPp
zv$`8hstEZd1z?Mzgcic^zZkDO{{IK#om>Ae#;eHp55yZxgv(efiPkb+*3j)O0s_5K
zG2FgUM69&C7Lu`c`bVU*!DP;5lxpc*x4AKK!r2<5EeZ?%j|g;$^a1cbGn14Nr=~oa
z^NnOInV|Shd>k#**nAn5m1P$mkK=$pOuhfJAmEn3gR4P1!E^<E#rBxCo!2L?Qpsqt
z-gSrGUQWu#0doAje^M*u<XmQ0)%M8#6;afd<%tW0o^7Cis=5A6FOXAp-k%Z}8gTj}
z$J7`C<dE=B(BPQPtqNr41WsJ5#>GDMg~ywWqk}v-7-!#9^T<&}|KTV@ZIFhAaGCjL
z7KKzV?7VkTcCm=<!n((?a_V(z@Wf1TP4$B#*T*mlF)AF>hF(DRi%RwNggfrtTRH2j
za>G*64NNm&S3wG6!<tYty#9pkF?mY(4i*(|3~+5$e#AwGDsm`-ogv6r7T5tl@t7w$
zkrDyLtU0wL7AMlKV8r^{gs0RweZHb*Wsj?>_yG+b!vo>I#448UT0)Ejt521)nTn1;
z=}o0BzU_)weRv5tPTvL;2kf$`Sznyw+1FY5aFxykW&MNy<JnV}ujV0MovYXiMrhH!
zh_v#5N_)pBNuO=qx9l$4wr$(hW!tuG8(nsF*|u$V*|yPDeX{>+@3q$*<KA=c8TUg*
zzHhua5+gHzF=IYY%vf2*@l@P^Qxgz83{N(xMJ}~y8wc!wL}##Q-nMRBN0=hj{OdZi
zZiKDCi)vk!p|QX`wv&&~e^Gf$Gm<UB=Syr@c~BKi^LMS+&OUMwnJz60N&a)cQR+>(
z)-l$@TM$E}*OPQ-?>Mo?lG;L?p3a9-?4iof`sZ0>Vc>I|sjSd3xjPF)<TU8W;V@Gh
zZ>%3TXa&}(HKB@vDQC{4+s0F!M$SSd$nm9x8ehv{2DgPgb?`P{wVf^y1yK+B(F&rx
zU7(I?K3~0hC&NIKy=~QYH{@Meagtj(SAnCR45Gr7E~esoz+~?)>@0N3{UrDkvLEn7
zO80d7!5YeK{@%00c&5>fHqf(h<72JsY<JIjQ{Tjo5?b{cdcVjx;|sesm8cDKM@mzA
zeHx8XdskYPF9=KK|6o=76v~={9IZY>T3W1+MU4|HB91ov)YakKMrGhn#nNVOY}DYg
zXLPac5;>~$NKK^3;Dkvctyde7v>AvjA?`qodlPhkc1{|R&cnZIcRUTQ9UGWPX=9tU
zO$r(#CJ{PlGXYARN*xh(zei9DnfF8sXWb)bf+i}9iF4hjhy8;xqFG98bunyJqNj^`
zqY}!YiOK6}Ca#B4m#uO-!I^9R!?l+f3G6muh_(3K|LpZ-wcj60K0W6tV+IT<-d-wO
z5#o>PmzdCFxvI=S(4UFC%YLJBd$HZ<&zoR|=bPxy52HUlYk&4YKS^uPg(rWWPe78T
zw$ctqw8tcyyu;AAk~UYv<Y*eEy8t(|bIqRQgu|MUJTPp{DC@gWE)*8))1|4a$uFqq
zwIbZKoy$g+ZL-oW^iBEdl^`&qXf#GS>6>Z+3J>pdmDPg)C-%s%Y^PuTafiuM_n-Gb
z@K(fRSNBQFs#;d=ur9yQXIGvC6@}}`F}7A;?7VLAdA+z5@bDPP2ZfyxM(S3rlYWf!
zw0=(>zf^xaPOREbGw$+!x!%h2dzbq2veoJC{m1vusKB4cuXz8j!H>KzfaUvlnLy8<
zGX=nT=ZpXQng7=tLVsu6u?DQAndYB8-HUp73U}h$m)<;Z7yPbvLg*j!8D{7!S+*uY
zJ`XI3N5lNvH9Ng<GhcV{enyr~*gnQz+IUjVk1ySd*eq3N)&>5Q#HRPN7dtJ6%vmEo
zbjBu`#3pe?#^@^D<A;tj`477p2&?+~Dv~+(3R7T)Sy3LxB>tanUl+r(Zh1^fY^9ES
z+Y<CWes4~$(QjirQGO)eJ8!GC{@v|-y`O%@Pvvsq&{u=gv0mk4)W1GX-^gpmeCVks
zHqn9k&C*}?-Kht?CO+Xt>w%WPBDgS!Fq6CFzx`AOK{x$IaluDucJe`OgNM8bTh@AW
z;eqBnsCZ;~VT3zD8d4sR#gn<|*YgG(G(%&gn|05`S*a-9*~fz9BS!<+df8vVnC;Wo
zTdor2VcoBH1ZYM>UTR8yah#~2(7Fu_c{rv2o5_mL2F%@ZVjT<e_TAfWmTC*?jW@zo
z!Ws=Qgzj%?>Q$xLzI#gkxJE3}{@#tmv}AYRGBB&t234Hn&^%uyE#MNj(<eInpC6<m
z2p!>=QY*hkc9qzFsPws-GA04`vxE1;8&$q4w3ZESn!caH6n55g6aZ)8`nVNb29M{y
z=8hkCm}a;UQjyt5&j4GCnJ8@hc+JQ-HO1jYq-vior~26C6w3<Hx*!#psqu7C@=k4q
zO{)x?9I)$%TLTYo(l=SK|Ger?Xd}E2!qd<|!TP3I+hSN1BC#X;vmYkIiYf=YMX+TV
zE7MZH73JeL0V<*4YtEG%>L$P5OIYFiT+-1CO9x(7tBKXvK^*5fg`bym)R(Lo;%e1F
z4aszvRVQ4P=uETO7B>FRNb!rIeM+5=ngTY}c9sl#FmCl2$K>vn;vf=tzSCH&{0l5r
z>1`5ov(KRp2G<hUZKWB0=tAu(Mf_zizHBB-H7i&ZaqVa>Q_|92br-PhAhgyzC~$Vi
zx57~QM$gqxF9s`y5d?u%SwY9(SEyW07N*au!rws^e9(DT-`G)PeXK1*zXeXlzwj9u
zX+Bfk_;G$EVTSr4r!=4-u<$ciu$#GK(vDDHnJ72Zg>&b*fx~nXWbCjY?nK#Ko=jDm
zGa=mcm`ytVsPyOCH_=wK&st;wHt`Xgr_)HI_sPU<NKjETZ}rY4Bg*wJy|g=Z#Chqu
zAfj_?tHK>ar~M>&E`R`kG;m37kL$F)y&{Ha!4Qp+aIj<JMFz*kK0cF0hmD|LjA6AK
zAQQEe{k3n^|9X6afPh%qLJXrBg`w^05$#$kwAOpT{ym_>nG({(bRR@#p3T6~S_wWb
zG|?T{)7k?nqw?AqlfeH2_TJc`7!4Fpw)^RjXA|h-e0B6js{`V>0PVPj)B4)zpq(3H
zR>NTzE83iPHng78&>O*}z6xrr8fS#xZW5a9#DHi+4CPi^nnx`NFJXk`cq)mK*wtRh
zK%O&`$m8i3#7H`_-h?OBi%xO2dLGk1&y!pK7;amcYxIm+=pe$IeLLn|l5;z~^Q%U`
zG#a5m`=YP*U8UQ~!nJB$vcCmgXfBSZ6=hclhX~(=>>GCiq%F7?V|jZM(zTE_Fo8=e
zY7VXVD9!=-ZLpiLz^M_s?QN^{)K7?Xj}0eGedlWng6z}2w`IAQtn_%!+j}NR27=bz
zBV#stJ$|n@kAZtf%2CTnRjYc5B9Bru1&=9=_}<-6L&(>{)p32ycpt;fPXCEtnuoG+
zUlVJ952OEOHo9}ko1T@U7G=#LeIZ37eCq4gDQ$hwb$34j(baW-KLP!>g#n$F)+<O`
z-J@;QKpORRz@HD@#>*k6a}=!}U+O{{gCZ#X8Gr9Mz~Mg%*b_CdcQ|`wI<I$lGpKjC
zYGioF=v{jXrDyo@9tl#9|9JQ40KLlx&_5}`K%k((|4vB|?dY4Lfb~k5hjOp*Mwth3
z+geHy)!WPV)LQzyYcHp8y0SD`X?1&lE_(NJKQT$;4LA%rOpU+i!km?OlO>w~tY}Q4
z?%AhO<{(^Q4S8Uk`f{DT$-jVro&Mx!?{0y#hay2&qd;*C$vNxG<i*SKS(^uBc4&-N
z-H+aAVd`8*VfPi!mm3h|zFe}tn^20EH*by;KPx$iM&yz>*`aHV{mQ2ANjSvt_zm&U
zj|%4Qy)d4Jt5hwTlQFGbv^R-TG!!4wXscawz%f73di~84n>F4Vs}<oOF-dRNx-hLQ
zxQT=ct-GH;7hcM?Y3q1p(3BBhRm?@MBwE0ZH-$+~{$+1yCNM-X;J!lin}_NEh`day
zU~h;|fqmt|3h&u+!zLy%<qFf!>JS0{L2t#a869ihdh_YMY%-AJN5d%go<y%)J2sCF
z+Xvy=s@$3}BM{wUHtbbPT>XcPFg0wAUZ`Og_&sCHmqzwAmMn*IJ5;2Vf*SeozR=`8
z5#5cWI7DYL`aWHp%b<9sR$th1Oomixeqd@dZ--1xr$|6W+$5na-&wT>b3&y9@FS)e
z<i{hk8i>WnOm4YD1-e5@M+d}sXCM?ih7?#2&Q2L~LQKj8^OSNH`kARY__j$0=vNk3
zW-NYcSvwDp6YvrKZ0c_AIiUAc(Z1OINcGh2ip{|>J=N{eI}^@4^;D!?RnuDPRbnr%
zig5MR$v)T^X^;B~=JUIZn!v!6)u7qZJ=D?D#bBy8c<!dz0V;1$p;u?&1C_q3?*TgZ
zYhHJE&4TE}Kk&y5-%@0tQwS5taZbho1&m@V``u7z2*Pzt%t<B!hud)!%FvNdENF8y
zFi-O>vo(q=)<i-~*K(**JwPoMXtS9sC?gq&$m2N>ozOKOV7lOB1r_n1_+w-T5sPsJ
z(}l94^}wt!&mQ-SrUa`fNur#dr4kTpbfMNPE%7W8YXZtDP8LJ8gth4kcNm*u);eZD
z-J=HCJ%v^&*WH;|8yfvx`GzC5;TpeA1eQ(CMIDAk;v$CeU|Olf7GVgHp7a{TZ}l1$
z?z+;auE}o5V7t<72FQb6l2ij;lAc0qUXnZ+G`Tz&G_w-B(l3kUYhRL@@gbW-KuACF
zE|b~4U6s+uR2`PB!yXEt5~83?d$k6MIq4*#eo0Tdb#qEX8w+2d*%qsPsVv^%p{}Fb
z%<Cn_o<*&<j|H!Qmxmjp(WSxHi-Gvb2)!?FV3p<VO0k~Yyr@YDXTVh8GjJ;38kCeh
zU6+wNPTkak>n>uV-wK71l0Q!aYR_<$?n+1^GZ!(5p^f29kP;@kmlMQ<KSYQQ@Y^%q
z(rDa4P^+^D+^&T1%yB7zA@l-jGh4qDxvKz0_B6cS;hdb4#0v3CgRi(2Lu&CPHaNdY
z-8Svu>U05DBYmVc+B}uEneC8itTN(RjFbA5()zwu$T-R=><`yLsQA_yb{hn3pe0~K
z@_a6s)XN}+8(Lh>ImruS-m5y%y=Jc`4>^oRgp;lS%X5O|B*NtqPZyT&=Qc#_OqMgR
z4ofG&0wXbsN%<thsq_p)(#JUtuP_pDiuU2QAd=1~tiem!SWd>OF&_<IE;<%%v0LsB
zzFGB$KcvQ;48C3J-S7DXBAjG7&;}!%R00vqtYUQVXU_sI1J12kk`PXK$`>yN-?ZX`
zS=~vjTo2-$DNbkoOx>bbuNQf6zQBt~Ve4$^*X$$2p!HCozZ556pf}m8JhN+dk(sS6
zfBPIs9t2)6a~ZfSkPa%Bp?+Hal+y2wSCH+%_*AhRC#3KYM*nF+rEs&M0b?U9FcV3?
z_)8^{LgH#rB&f~8H}3aoZZyvXdis)8&O7SPN@bAXfE^hzIfDz&$UB)}jP-033p}w<
zRW+`|%0Rw88|<5_x6@%u>+lL}U}_|07{9Cr?nD+Rm~`8B5#PipFyeud=@$Mg5#x3o
zq-1t+?966%d3=rMZXD-dk3SkZ!>R?1=c*b68$!^ako8fUbFm%j3Nhi#iHzo(8*UsH
z5>L9+n?W6`zkJZa*SuVk9V*bj-G8?=7_!lhY89Tjf^c25_>JKq`eb7lSkBXewFx|6
zM`zG=v8~*h>t@Y|=Mu`oF3;f5TbQdHQM8!vnKVa0NIEgC+UHSRjDdLqLcKdwh!<7-
z8DA#yJ!_(L4M-jIKuJ|}RmDjqC?xPsk$&vJ#leji5->-ds6=MlRfUG-q*DbUsAM8S
z5U6Xe_FQl;u{Dm!*BH%jS$LFLZp&?7@i3ar9ORM#n>rgrwe=x+;@z^kb=f!$)zjqD
zO&kW}=CNR{S>()>*3pnXLF5l}8}IEtX(!XEz!AGFl81y{da~VoF%T8WpB|%!MvsfC
zw?EJWnfbWhXd}rVK7;YWdD(l7vOkCe+8O!8?CSd&La{TV%L8tg;(H`qON{~G;)P>(
zh0d-AbM|cI1k`OsgL<kp5+C34VC97AF1R=uucs>3lZWi;u6H|o5W|-mcP_)1*-H|`
z7y9eIJ)pYeL3FQb0K?Y`Mn}(U7T`L3&#QJ;qR(AxGIuxN@WRo-6pFSv!f$Yn*$Aii
zbdj9l6kF_rK1|&0xwfVZbH36W^^yNiIk_@L5DmVQDDAZ~Z7gYk=#uw1cE9(y^yq^g
zb7y*2IxPTP&{<I1GHSrvGJqG`mO1V=Ioj<uu@%49YXH0!pw|m`2^l8g(Os13kKUGw
zm=v1MQzns&%>_i%b0r&X(4tduM)hThkv%4gRjma{^L<%n+)e&mi$U~rl#Q(V(u`Ox
za3rx+6pRkf<zj#?$Y%QgIj+Q?ZY}ChGJ*(*q{d=KP*n-tDU$<4w@dsO@n=Yop+CC%
z`)Un_aenGd|L)U9xfVR(MdDqeONZ!#tuGQw&$Z94jAw;-qeRnKO~kjja>@Ix5LEVg
zyu1I+B6h7d+q9BnnC*kUza#8SP=<Vu#q?}YeS@8bF2Om`gQ*HwmB2=WA!FAKym+Kv
zzL!<=^81h>CN@t~b~0j^PpS?qf7vrB(<akCQKV}C3cQdxX>gfjqeVqq8SVayQ^k~P
zebS+@AegKY@(w9zYOO<Iw6RV-+Y}@`5@R?WSmXmriwLszx>HfAtS8fl%ce!ET;{7o
zkJjy;PszcX1Ak|_52ya_;2SyaB%r143x5C%DF`PIdp<{i^Yxg+!8iHy$9IRGl>@@*
ztq85Hwu4RR_eT96ImEFaO~gjP=O7zxH9N0Sc+|f^z9)gNx$)xS)<%jJQ<{c?#j&sO
z%Bwp-|A6N3Lv}5`>uc`8Wi+u$Vro=|kz!jaHU=4?C{+y``8Tr==>g0FLh#<y;r(FF
zkxTV(S_1e!A~tqT#^SHr+lp))rK(rT74B@isi8<O)reU#XN;vyP)?eRMljj4W3%rP
zYQzFT$w<oE)C-H%i1ZcGF>7lW&N2GZw9N@V&{W*UIzM)wmQCFWKIm~i_fE-LaN0H9
ziXiPstL1_RaJJT*E!<c_tyB(jXeUlrh6udQA~ih7dm$q(zD^n``&NpyLzUUA64HG^
zNz69RyU?8MI6AW+PJ8=ED$-qGWw+|5ci|CBt$`18Me^30+qGpb^J%i{?}7tAmfy04
zadRN1lS96Mh?H_`Kt@Q&y8Ad86oDzwLzPfbUOl);(To_Ho(*{`qE0iV<D@qk8Sy8;
zJ+t9w;!Xsu7MK4MO(M)h6#s=LaEJdv)9L>XO@6gAY9>q_@%|@;#?%FdOgSR2nCoO@
zFS-8de*?k#_%J-$fVI~2onWMIf$Sumq<);#BR$<d(404&_6+d>=w&pwS4ZIoG(FwC
zAU@u2#<w6v$hkh=o>!=CO3!F$03HRXr&f<XRX7D6j63kxQj_#mPUxxDh&?{4Ak<Q)
z2V!8R-X5x&E*&uG2H!AkK=n}So_X|8=4{CTju;iiNc2-?FiJMOCoxI}yH2AQt_a<+
zO{;yBItJ@~l(_X%u2tk~8KhVL0z;nYWeaiR)iv+mVU#RaG?n<{`FHg0S^tXhrO4f=
za9pJ558O%;=>LB)l+tXkI)|##cX0J?voY$8j{2fct8dY}O}JEMG}X`eGE|1LKf4QK
zmnQP8xO;+yH-hNaX&L|uC=Z4w1ZmVyDr$$TIt5U67zcgsA#~_hI`A`fd-H6+Ad30y
z-W_c+XhZ6sUR}Gg{lTfZE1h|nLrlHB=q_@`8hwyhNtnwcMZ>wqFn%GVL@e0KDuJ5?
zvLMKw>F@m>obi&Rmk$u2y+LU9`A%#Pp!RZYpg9ksw~Fq%*gy<Jap<vLJ&rZ}3z&yR
zDh9d|Uir<7pC1CyxzAa_(H!|~M!imH)!V46mz`i2*rlL!KSE|xN)Ys2scO!ox-eG)
zDiGMKFk~G%LB1atl<8;Ex>4;j!o}ig%}7Cs^hno$=P7$9VP0e2B@A)*L5JtFB=sv7
zYqF|tDx=?dbEzJ8Xh=B`5rULbM%pI@PN;Lv4>Q%QVIPBrLuCx22MxVJZxBV&*|yJ1
zmv&|Na@#d+kjnu;L<d0A!krIi-j)o1HUofBC~>BM77c)+cj49Whc|~FC%`#i^w{&E
zaP{)#)W2{{IJOh5w%c^P2K)R~J0+hu;_GET*c*^y0^BkU{_(AzvfrAxpFmoZC~zZ;
zEq)PAN7#%mHm?@flGj0(95O~e)5POErBL7-+u6m-U8H4d0h6j0^B8n)0ywqS#Nr2g
z8c5b$ymR5C3%lz6xDp@<L`bidM<UR1vLDwlOxCPb#y{NpR6&?frwu(q5<LX-SQpzk
zGtwQ1DZIS2vr5K|)vUhq5uz75^6lswi%^UO1Mn3lN780B#=M*93SpWcwhx5D4|ZhW
zx&<OIc5?9-3Ra{P*mV=t{83wW$LK%?BjO{>E=%R>BNQdMN0X8wqo&0K7Lmo)G$JMi
zWqPz9Mi}T)x;Z!ftWhDqIFd%S1iYi8BZ0A~vArO>wKd3?lzv{$63vNHHWcL&Z-ABH
zuUSl>>h@dM=!D5cEUb}Fl(+U%X~z(WmiG0H6nUxO>o8D1Z?Y>4NKLkMl8rgGX&{^3
zlw8YPjGD$jwo$j~AW?{3;z~tKCE%xnW<dstf|q3wHt^$;@_z5xIPrLlkM?!(`O~&`
zV*eNmD-1e#Z22g2EU$?*8#%$qlSM8CM`I8*q}8Ee6Zq7PeEoepQf|Ye;;0Btb@OPb
z4ua&k#vBs|39zh($-7SCdw(hZ)5NI`O6<G2tL;M6`zU;l=wVFKXHJ>O#GFZS$WgGT
zTAwE-I|kHgzhNE6J0(4=qJVQbvz|Y_z}L>CK96|*kF~=js4*%5ZQvgX<d7Bw8pVwf
zwUWw1IxjeL#1r-5)|kV_h(p40F4x^bZ@2?~6Bq@UQ+Tq3H4NJ93m#JZVC33Cf<rCb
zg(j8G+LeI{i;LwR1I9fbT~c5Pr$H>`U<I*zt~q&Y8B>HUuqTXj-ojT=KNZ6T15+|+
ze+x|rYcZ$M!R3)e8}b<Mmtz4jSI?B+_*bH`oq#p3z(!57Igf?o6l4G7pUz_;KZw?X
z;9C`6t9fF$U31NL`!nKPi&R8&@8Asivh@M4o}z1&Weg*Yc7T*Udy=B`#F_e-23MwC
zy)Fx0B>eJj3ZpjgiM$3dU>7>cKQYd#QLt;0i&*y^>iI=Ps<8gHo*L}L86IY(o}4PN
zB`iSU4vb!siBLpM227;~hRgzYodw}?bamw|EtP_Df9Jxq72n$-yI?0dNd4M}jVBkc
zLP~X4hUI6~@crY)Mps-qW_|tB7rfFi`V&4Nl}}*MIW9h}0JhsX?n|>9ki!_xnL-aM
zAobN}W@}PRK^1PueldQ?=L^eL8osg?BI=f;*i))|88fIrmP@YgXaLsk!GIfuVAb0(
z*rw5<ud%avYmiE}7*MIn#V;zMZ4mjRsZ}h(gy1jf&0kDmpBkP$eYOu<Z`CmWp&4r+
zzo7BWB-I#~m-1<H=Nwyu=((N*x4zl)4xAxef2>?DS)M^Qi{cpm*~J&Hpm=e2D5$2a
z#9v-H*_b!z!UbKqz3Yy86_I+C^z%n3xkpV(eq$38xHl}n!_eJb#7?6(ap8k?r8RVI
z=en;S;+CsCQ5<6Sf*@@7WH%|l)F}cYvMO4AfSQmG-N5TTIABQ~tpRN@UejjZ24<>c
zp?f}M@WY+UjM>-^;*>oc87#~j4{;YcGWK;YOthmQUU^7!iZEt5ZJbcFD&(g%^;D%t
zHVRQzyuxP2W02@C_`I_y`3f2qyXa)HD#0}_Zm%6<<M+!{g{*AoE)X%|LZ~p`b{O&j
zOm+717_!=y1_)S81!<RrmY@}&U_#XV^pCU}LFxu!*PR<E+wh|(!Z0^Jaqc04+9f**
z2crxAvY4SqcN3D9KDN}0p;;385}IIeM#M4fOg!StIz_G#c=4W(y-1}uQ*aO9Jz_$&
zkVJ6N^(MUYxz4O+A(>X?Ilu5=w@zGCddj8PX?|H#2!ZYRm|oCs97dI!T~jFX`rqUf
zze5xPWX-Sjk`0iR6_<wV(Pe>N(9O+JOU6r{t|i4lE~Uxjz;*p*1$~0KpbXM%kKFoY
z{3%A5qCGuc*tFj#HzjdB$=m$2I}x2q!Qv0*$;v-a88t0G82QQCpGXnN1HGjcTz)CY
zd7*oyk*wlMFiS<8<WV(BN8l4^Lu%oJDp5?Nt_&M}<J^Heg+J2wV9mgHTFAxcC5VV1
z=8#8Mr*YY^@Fp!t^QDd}XwI-8Bh_h+a;$e-rWhGo*Tl7-1?4UrC4lxP&D_Spv!)Ob
zb*Lz7pL3d*sF*f{qthZz3oe>KZgR^5tDYLk$N8YKu;*{-0X~hGxbxD000aY_Gaun|
z(`4q1z&ss|bPlAzfbEV5Kj~xIVP|TkMME!iG3D%?tAn~>i(tOF$Uo7`ikY>kEpCUN
zO%0dqKhrnmQ-I>piBUw)-;K15KkW`ZA%~xDckT}F&%c63iw%QouCaUZhdFMZkW1nx
z<8g!gD46=<MU>BO9=0#r4m8sGqLr<*I)j!-yy(ZsAk_ms+5dU2tbMk48u{dFMp*Qn
zkqI@HX5#%lr{jw}HLjk~zr=d~BpO5%HT)_Zom}-EeCW*El_hyMA3;f6rZLGQaryCr
zQlr~Gr<t524K6EJ+Bk%2ItGNNm}KE4y3O%2szjr@L%5fmKOX_(+sG)2#J1!|rn5k`
z-&~qew{Ye-!I=s(B&tOK6pg&S$=(7k9*C3dW5)-f$l7%H{g)c*MNUX*tGbnuFhO&x
zihRknO&jUBXGL1NN|?{L=OiHeb~KT#jE(azh|EH9Ni5YA$~fvAc0{XQIqA9MvV$m7
z5L6^vPA>P3VENfl;^)@l*<UCZx^fCb%PN~II@arX3x*PMLv9jt5k(1RDD|ABW%Tg<
zbVEbe>WX05HoV>fEl1!KLbBY1eqL6K#WBMs<7npFJl1F2e1;T0r6k+VOeI-IRM++P
zh}*JKLFTi8svuh|b|(Q-z&OPPpcS#3=;GzrH<(D*xRTrKbOmDHg(>Fus}EN0=&)Pn
z_TY4)T+jpTck4o_Y=kR4KIN?>+lJ0Nj~wFE??E>F>|k?tFTWE^Br+yUr?>2K^?<iE
zORNi1;FkHa>wa*%L6oKjE*Ca0pqH|iq_ykl^(YATwA$`8g^u6GrA_CwFqSl~6h1AY
zm$DVOk;Q$JwG^lOwMS*O9><yWAzAweFR=BsTb%KkJe!!{9=(?h&hAbI(HeWe6Z1Z$
zT-y&)GRqEiMqwcWgr}q?RR{<Hnk|+Aw=>W+qzmW8<si$rx@FPO!Nbz3y$|4tf3{dH
zt$)dC0WV!TQEsnBtIPi`M>j79Ok(rhRw<Y;bur3_+HSop1m*lP`WLI+S{Y`kkh%#I
zQ_A%&lee3eWHo0|)CR|#&vwBc^ht6Q>2v?N0=b5-)dCV5Fd+P`>G85u0fsHy&6Smv
zkOfmmG&?>c(?{a2*P)wTv&qZlG)`vz>SMmF`k>;pDJduAQjDQ6>UJ8cp(x`RlPK?_
z{$|XXeVa;MMgdiAzmV&=$ubd!NqUautFSsSeRjG(v@_H^f^@?%@(~lRH)h%4bN8Y^
zmoRW4SvH*%3w69GX^>Osy02=xQASZ?rJx+RJ`B5jZ0%HKLYGVib&HkMTvzXDgv~Ec
z6MF~LUY?68tN1<yANf=S)n)5aKH`XjuSh);%sO)dGbAzbQ%9|xme!$mHQzcRF`jmb
zENaDc!r;lAhMx*e=?s{q+>Dt>zuF@5ZJlus+i4;#MQy3OhV?45%|N!e11&`A^GI9E
zH>&z))g7zJfv*B_Vg8?bHA2(rWmAq|D8dHr)Uqt53Ch|FCY9LR3!@ONQbSkDi8l1A
z0$TRL&jdQI-cIU0)ocCVIC)ztmw6u&jmD3Azym5mF7sSv<2`;4W5N*=2<0E?Z?fsT
zk^I1*D6`>)Q=w1FNS0@DY86~bINwV`d>@N`Jj0u{KR12IaPwH1W##?ez4_yD_g6Yc
zl!5xIkYn&jg#b%Y@=_Xfbnj+$`X|~``gi&XfQoJR&P}HW|6OeRp636FeB7}_WX_<L
zFDZ&TKC<|%U6+4u??b+m@uvqm@;g)4KWlE?Z-3dACRB&FjiJ(!q|5~QcfY+?uCxbn
z{DS>uz6~YWmK%??w-J5;m=&@Y|33ObNUL+*^|fk$(yRA-^EYs}lYI>4w&&;mMLL6e
zYfG&?{LKu;*VBc*z1^&R?+&Y9vBnlh0nqm`^}oXU+vXdH8-L3DUNrF+1Lt~3*I*+N
zLSt**Uvv4Qz&}fUe~E~wrqC^9MC`9({E!FA#O-b58M*l}6PN4{eN3A6YmNC3iyQ}s
z#Y;&%izlTV2YJEb<nZ5)t`HfG#GuT{l*FJan4jM@j&(wAyZ5ry@)m}f!mE^H;g(a!
z2gNltXdp%IS5w3s%ZqK_jxs=$Ihy51+(;D3iDbbyH|GzZAEpryUG&aRE8MLd-DIRm
zTGtKJp?XS{Ja;8J8KR?Lo@{%ybOpMn(`lZnVp8$4oAdWj6BOs!bU-4FCi2Pew~_a#
zaqPqgc=+@DOG~_D%kp|59EXWLP7N~>YLhUTTU1<?*6u^>dv-?gtDt10e3TdUemMnH
zIQJ4G5J1NgEnMi^#kXXO2!ll$N0ifc$Ju|l;+vvKie2A3VHb|$V_523)!DT5H9vSH
z)wQ2NuNN(y{@K4A1Xac0wQ?FI4r_V2C4M+gj1vrjo$G;h_2*o3i*JF)=+kxNk*j)p
zUR}@zloE@lx8k+zG-w9N@DB5mn4y2v4sM(I#e#~S>}p^1TUXV1IWFn;6o-@v+7Mi}
zIf1-+l5S({p1fk^+n@liNojEvk7Q0n)ksDm{$VOw(Y2or&ausKnxe$&`&#ayW|NhD
z`~{L#J3RVDREGXjtoBx(DK&~g$*Mgan-_Q`DftmrW9)C^(K`(Y_LxA%5j4w`gV*cY
zEduKc1}&*!5_h95mjn?GSuzmgAU|YL_snA6hOse;{kdXkbjcXTKmVxoBEFe<;Nkc=
zBj;QX1Fsr5B>5e>TVm7SruND*BS>pZU;2|x;AjTMKngdDcH#uDuCQgrCcmb%bb}X|
z!z%4*{km?TAuIccM8J#QF=O6&nZ+)3v|=N}Dxh7?{C#9P&Qv^D#X#I?STp1pZCXX{
zy&?8-ri6g3EqHFhxUOiA_qJATpy{2(swiwO_xD9+Qg$6TaYh?OM0Q5v+i2YOUOr><
z7LdvWAkt|}qK6|d(>^5s#!QvA_{&!j-@G@D3}SgaF&P_R)$~9&WNb%&vHc=5sVS<p
z;>%nSS&xDrA>nMr#AM@y0DiC`X95>Zw-g8B*h4O4EwyoMHt>09gtl&?jgObK94=$U
z@^LId-bymF?LIr&RY`7@<I@|}>Y_siRG}jEv+e&nf5IFY-h3W-#>}o{b7wqCOTM<5
z*Ok65Tm*-;$O(=eR&$Os^Pgq%C^ZDlwao8hiA6EMhWFS8)ulz!{pNrq1TV=2QMyK#
z60q}qy*zW>``)Q^2ctf#m5^KwWu&rIZI=uUxvSV~J!zt{b$a&)1TycU$GYqw@GS5|
z5>Z`)AM0M?%bAgH#|GQv<6#e*K3<4Qx{B&Iy13X*T<fxO$Q~h`Xb4B!5J$!znr*Ph
z`8f{o9a=%~=mm?@4oE9PIDvRgqdR!c(Tbl|eG)EdgKZtQ6xKI&H*pMh`?X!!jlc{i
zUD*##HDCw~CsqBE?Mz3Th&5ws0EwL@_{06bM0(k7>wsQX+kk5ZIqxS>E^ag2@frOr
zwcuXhI}Sn-quWP&K`qL3UCK0yiVnEB+s!Sd{UdockM>}226yqkzR4WyTc@(obRArb
z)5h~IczK!|PVC%@99-1uI+3a&mrH+@DH!FY(dyT>)Eb9xzkPFiXCGcXzxWw$|F#H$
zHSya00qM?qGoD=PLE-7nE4xS8@!I9U1g#4(<?-6}pFQ!~zk+%Nsv!LRBf$OrIYA)4
zzUm-;e;UR!ytSpqA+hZq!J~I=VgZ9PxLX0<55E4rBh7~~;9C8@S`|J?`94i9vn!~P
zoCqhv;H7@+Z}<*c_?@L#gT)KCz7|v?L&xK)_|gMEZRC7qSP&d7m^Uji8!tiLr%<4l
zYX_vc62|IxgTvVl3_syIo@!5d#FF?RZOA09f+Him(0}HGQhtG>_KXCgDV<u5@aUV8
z6ZreGG0{{CG2DD0EpE1caXTW^105opOH??E78N8a!R#hQ7*Cl$kErr5MA^k!3*yTJ
z`El@?%6%=$)*x&tDGRNs@BFGA6PoR<Ir&@Um*|O5^SfXi!1TaRQ8t8BfDUPXj(#+q
zT~38=Uv|VA1{gpGYtpSPvQ@3lABi>(A-X5cl~E!wmLV)Ql*dlpFTHJ+J7dFT0krug
zzdG!|3)Z+=PgxOIx^e*(Bku59rkGBBgiTA?HWiL2sL5SvNa9gvNROX(W$Vz=b{626
z;qUaXKabws6)Voammi`K8U;d@#FM2%EotRrwB0zh1POpfV%HqR8QwaOVt_Jbh^x$&
z7x;1qGC{AGaQ{Y<X{#2b+uggQ&j~ch7tB>EooVA_87!<%+e5B9IR<kQRLR)9y`5?N
z+9f?h?mig9KnCWBqR@+N2Cf}pk2zaj8-HL190jQxSNB)en{s-wtsIlpj_?z7T&l;4
z@!|qD`b@ajy8X2#Z{jWIjyQ}{z4Z<k3#73AAG*9#dwnVvK$l0h+~Y*(ffGZNOfGl4
z$6}@gHBaaslxitRTb@r4YNS;MJ$4Cd%7#lzh8Do3l|wMkfOD61sA?q%MX(N$O~FzY
zM<cr<8#=s$5S}5Hp$|wkfQFhV(hE<p#0*N|yTFrVxzdEKLy{+F|AHQhVlJdK&jW+r
z!&WGTpNuT!>Hx{Dz*j&p`gM8e=MVfHOUd;|{{`ZP^}SdP(o(GYYa@%VD_`}`dAKq^
zbH477wZF2w9o`)mnA&2*I;tS?IiFm~E}tBav8RGEn}<U33#)6ycR<G*&-UWd@5~og
zx$WGiT=E;sdyp!muCj9Yag--kXn@XDCpUgEy{C*?*S7?THNrt8NKKq_1@kR@T?H4_
z?4U}^#>j#=2D(|*S4rz$Stdig^2ZGAj9PaLK$CBa4^9Jj4mSjvnKbPt`$v;UyC70T
z81Me*R7ylF4XPN0ok8W*I92NQa*_f#lC6bSS;N465{M!rZF#cLKdkl5h)Dn18;K`;
z;0rR7$2zm-bHgOp%)-F^mY;Ja4tI_uekJija`s2=?qTFMe9>ATenAt?tD_6}9q9NL
zGyM&!8@8{2F37&S(f>^*r;A0hsjx}^O(w53t(<j&O-{ss(kA~`GWk~_l~g4lnf$Ym
zHJd`pA!~tW@SsHh2ccd$TRTD|#&_|5CzCg>2#zxV{#EWvh~P{TuYTo1SyJ$SC6oEY
z+y5h(3@i=FIoHRO)@C&Us^^+Dh#EBXy0)GlPP5xOPgL3-;L9b_L_;d)L-`BoRk0zb
z-iK0??NyPPKzfBpIuL<ua_6qVWV-fEv0)st>Yx5&a19c`Be_WxSW{#xBD6LMjp5ur
z$7`p=+lPJJ%$@&9CA(D*yu%_;_FFtAfS1sQjnaN(j-J8L6E&)hOwq@(LS$S!fDTW~
z(!M%kBZY-oJ*wVkh!*j1Da4z>X$4W31V-$7)}VIBg7lTB8*femq^)>ar(%G#wSo~j
z8$P({>?rYTKS`@fPJe&JiL5HT^@s1!VW?f98i(x#k}a0i2nuOLbLhiF(vO!ikb)i?
z8Hdg5uSKVOPA;?Agb#!<VUL}6aR_C=R-s7=f}(9U+XH1DgjFm2Mh(9Rg_%dgpg|{l
zT#f0~`IX(&J8#G8vru6q)9OHk_M;1t<*!cBT?}U_A~ameEsAF8&kvtVQ8o0T1^z-8
zfBrHv7d)_o6&sPP)2)kc&Z!+?llAPWx--7-ZT;SbUL()z;+il6puCqWv;UI_+rzht
zwVDgFc`P)_rZg`6OV#zqQDwqBIW}>fHWL|}V0Kj0dA3wsBvt|P25_cq5CB!}xC^||
zcA>gp<|tZ%e*&$w1xa~y1y)~8h4Rz<#vTOfM}}zBD%H6jy!wA(YSisNOdXAvi8{j_
z7@Z?mYFx!F4Uuszim)X;AOz0qxw`Y9ZvXiCn&3^Ly4=dQ9dJPZ(J~sl>*EKq^Nh(;
zYVVEv+A_*s3uv@C`8q^zI6J&BHz_x;ZS`WGtZc3_^kQ>(86K=`NIck9u)DCe!-~|6
zZT0T0E*}ae{gyR`2LH-i<r*+Oh$}N1J&0;-ufl)t!YRQ4?N=N_$nx(@h7h(lC!QX}
zG=`9)zrR0W4Ohur3nE&c_8t8I6>$~gw25Db(K;kQacXbP&EL<xw3LcE?mcT8bM=I6
zh}-swTH{`Q_(M&>5+b}5l&L%v7H2fJ7gfG(FCOyA;T58KC@6o$y|A+N9`ng1x0-jC
zjeBQy0a=6HSXPMKi}J|<%t2cnDjxRmd4&PsrTk-xM}A75JK-X>)bKEkjybDX-;9NA
zRrOQSelH=H&RdnTL^rB37<Ux1Umx^64wjK`ePDMpfC7YaUHS_;q+4y6g<1`SKrhMb
zt)18?Kp6-XK0Sxh-G1Tt^W|ij{fr%b47xu8V+lhM>wjkck0?}N*S^3azVe~|c=bBc
z{w`^p5dS^Uw0i@1MaDhli_~LXADwJPahdXSLbJtaQLF3*nU;nHzD^dIUpb9mwwB5l
z&RS4K3411)v`y|TXYX#IRu-{#DRVP?2$rgdG=xZ>43PXTzj{V+mi3S{!gC82nnvp0
zrBWhK0=cG&e(lc2FVd+ZZAU}|R!$k>7zZi=#kJVQl+j^30<P_tHiQu}^0Bd<8$`R^
zI7M94>FdcRT1QJF=TEtW0uX3MgFmGT+lTT80@(#(Nnd!<(G7q!$E$!#hoEZz^gjSb
z2LPh*k|?mH$yG(^>=KwDI=>Fp&5AaS_$wnc0y_HGO3oSB4Z>G?{%TroIg=2>7LQOc
ze<`Hc|1S!$<c`R?0VuS1@hZ^FJ8ucbi(N6#v0;onO)X;J#cDi<45&^aDmd?4a%!s>
zM5pFq-zsaqNRo_Oj(`yP)P4N0$M~YNsnpU|jBdS{-qx%GeX(b2mWM@i!bH}P3+c9A
z&X2=#0Mn!ED@X?tpNrkDtE;~xw;s1)M(_?0)onW8)&Qb92f;f%4)4$ycr#X`)Ch67
z4PmaFay`zLjXmcGlU-;o(+sSsi#0Ps>zpVpuX9UpzTY`4unk|~G8-Q#h-)Ytp|sm{
zpmzR|6HmJ()+J6PLEr<~`I*iO|C9K>5MvplgmRh9Ki-}Jo+a$%{BOTb#fD!MM?_a6
zZK6o8|Hf@Z*XyMu|HGGo|KQ7e!~caZl;KjG|HT);e$)Tvi_g&ihA-OQTca`H>usN-
z2>%Ti+osi+ihsdH=ZJ8xtOxqxUvL2f0>FjC@E^F4PyGunAy@#o4B)<!PXXXUKK0*l
zNy7rbCCc&t1TMD#xX`Ww;6kg;_S&EWxC6k&4stX7XdP5Ptx`tRSCd{pZ8H7n-n2b;
zZT!)+J$poucBAdbMA*-fs+7iYjCOHF4!u2&Bd}65wu)%zNA8O=vLW)nUY?7H*%M`T
zaiGYbFRZCSFRWKFM|^V2fWQV2)&NG(7uKU209+odw-;GGy;lHKDI15a6Ti(Z1q`4|
zi==`JJJmFyFUPl3Fd7Eu!EmZq7|XGKoJ*zq`HVQ`^|PFrQ2)<laXI;KvY`EcCkt#x
zDHH8(Fq~8j<>yUT@3Seoa8d$RELGvu31S6TWLGEFm1RVTt(nHIy6ugp=$Ecv3f;JK
z07^C#{&^e?pRq}|zt~3H|9E&-I`Is;UHmWpdU#BgjJ~PHE&x0{H0;%`@AUl*%m+Y|
zr2lw$9<>ff>mWqYO7?iAf;LjNvG5r_C&2EctH*sMyAqhC|Lrui`@=XI0&p4{a$qju
z&co&+n-Wv){^K+}W19F+r=cQuUm!$W{gA3M{%yquZYd(^$mj|LpAK+uEIiXR_~j&4
zp)Qf-zQ}kS040F$MP$69KRgK#%D^kZ02uNWhd^fSHyxfN$8RwFx1X7z4;%1+Wg^eQ
z0+a7zOZyO5#&s78ex~dbbjOW6Ss(xS46V^t^gRTj#f!peDNUJp&3>)^%d^wWZ02TJ
z%#@)Q{#j0DCQmXjrx@EKjh}3xh6S=%gcY2&3#~~=?2$_&W?uy4aJG#3((oTp5!?U2
zhsvzS5~f2uZk=K2uLurAk)P*0*89dfNFPS+6k|U)Z18G_cf4q|%S{IXYdCG%E!?c@
zA?m@tTZaqq!AOGjN$dM^R6cLzc8Ds{TXeI><JOP+(1vwIM5YYhXUL7mD2OgE#)Q^b
z)RLK@x0SAGS1QJqkxE42=0}gD<jAZ0ToOyQ(4{-3jcgmOk5a%P33LXp(N!g7P>S~G
z?LcW&CXwVIcCx0#X&V03$f0C4{%YiHTmz-)hE&>clfOqz#f%kMiSx>xkKF7qC~oq1
z);)$F<{8pLetB7b%r!A#f$~*@kqh(zgX5G%yRr)^$OJ@xN)QDq;Z%`)&VR=w3${IY
z{}>)%SL@KHwK0DF7#h%`7#Kc&kr;tbd{xLxyL4xgOTtv^Lyc_KvCwgv+(4d6tp_c#
zeV(6?z^Z7gJlln1{@{uEvSk$QTQ|9^&Xoj7mtDY_bdte4OSf#Nh<c31V5S>F!rJKM
zc0nEk^XOVO_T+s9XyhgO?lwL*u{?Eq2<PVXsw0)NN27nd->kz$IFM3wkb${$%^TC8
z%iUq!`24t|U!#^r^;|nQXXYL8^jRqJg9&2+b8>wIz@N%ZzYn~h_S#^nt<I)EauD2Z
zhtq~*oBMel8jB}q^*f!n^q0Ue3jV|JfgEvwC`Psv8I&#5{P`p9hzUf!9AjXh-XfN|
zXef6ZL~+xs?RB?J4qDOLKpj`qvyBNY+*7?cnE;ndt6ie}VTSCI6B5%8q0_FCZEKYC
z<aaJ(yq-<H7p&ur<xg<@&X|>}RmLm21_v>GyX)N^ZG?@e2AS%c_{v8{{Qfr|c`ViV
z0}2|GwM{E<6CWLzt<!YJr^gSnx*J(!v7_vBqTJLlt9yvBMTzn5--syX7O$%r;qDw!
z(e;%!Qzg2LnV`hLdf&-JDXsE~0;WR;#h#51-oLQ{6mnxGB;p_crI4Fw!AZ3h+uVgp
zBomEAOmv=s)nWPc_;+T)a4+uTyDzoy&pMQddXJ2z@ff!EOH@`q>9q^>PH72K=HEdW
z!G0>o^pIr03qwUg6KT$Lwz4LCvCaJ4Z&|ie)XRw6IBoI!_JK{SY#eVFz7ZD=K8R}<
zJI|5v5{9__7ELq2I#0~{>}p>&#7GrwGv_Cswu1=QPav>?Q5C;4zTQP-?%eSzOe=l%
z;sryJk<6+Fy4Lk<haBSc*mXmpzS6k@?beo=w^ryqNWcA9^I3{IG>PJz=i#*-thi9m
zRgr&Dej1{@*nk<o%bhc<LT}$Cy%aCa$~3EAP?SSMc1mk2>A4kzU?s?ld*|(@AnM|0
zyO;U$ZbA{?ahB{1<7hJd1jl(HR&!J@CF~!N5TRvTt@Ld(c=%pyScMe_MYrh~%R}xD
z5Z_@YhN%#L?!YftF69trn}hT;K<Xt<A7IhlFEkkyX(0?#?pp~|m7T5;+Xbx@<$G4z
zL-b69M3Vck>#+296!8zAbrGXjC_-(_8Anzlw8@6*zAj@Dc$OBH8#~kqBt}vi%EfDk
zMh7V5)0P%w3@vqoFqq+st@7G}=N3YUFmp0KGU|kAnnYgG?m>)RiNp~Fa(@D57)PnI
zwU-pks!vi9Grr=iB2e4NF0(Hq2T89@>VP0XR1a!dROTm>52DyBbP*(D#t5nVSiC=0
z|0R(B#NC(d#7+^S374O9lL%(-#73RL8=@QGmj!+yxRDsbm0N{?b1kxcH+UrD;OeB1
zI%Cdh_o4`zPgF;}seut6S$_+Gt2y1pQHx7xvQ^eFgNgX>6mO%|Lldl?8;Jq>!|k<o
z%Vv6eJNrJa!?(58f2re2B?UD1&s<U;jPzS=k0;;6N4ZNVT9?X5fMKV{A~E0@j7f(c
zW>Ykao8qD=GR?xp=L3aHOe1AL<Gx(BYF}XEA?69>m&$_p4v>@%NBX}k1Alg!i6dL7
z{`$hyV*ZVOxh;o-iJ;HHXF%(N7kZX<o>)(ndt2R)(gWT!wA%lSAb-<@?nQaO)<)1;
zS8uAx#Yu%NBx5cH*r^+~qb@Y4MO;Uw*OOu?W;u&F0+82m$>R^9ulXG`FLxuKwq-d9
z{yQz`kw)Ngf~SYFy7KONfYK{Xdw3fll7kU8nz<XoAoo?@-_Xk%qraZ_b?(aYL2v^K
zh5wU_O`Pf<KSw>49s-Et8<_iYjzZ{eS1R#_9xsj1GcB{|xHyYvwN#l7?-Nov+ONBL
zN`VEO&0USyghVYnMiNmG;6MF8TJ?SDx}@8B%UXnrX6-#0Wy!<B2{KvYb6&11{Zv3&
ztphCjR()@WPrU@GPP^}6qO9+3?H)m5kd#E_D<K@?7G7>BH0JFKSWZb(VKOoW**+}C
z19Ew2Nas_=+7!NG3nVLgga$^<SX3<Hy?4ON5j&F|q{>3)GuI*6<Redp%T)-)8G7Jp
zr9G6bCCqg|Fx*~vt#U{##9CKcw9@pXOr?2>$Vu{%J|vG`+1Llkq-K<xyNa0)t?P~s
zHDt;$k4HB9o>|749$6=T7K%EGzLf(fyxS5NGL?PNq(SptShPZOrO$h@VMMKMfAI+@
zl(;WH27I6EtSoISYFk<2ixr8<2-t!rL=q>Q6kmNQD;|291|BlGMnfdcwBa=bh~ujx
zYS=8erNt|<LyR(MI*!M_>C0^r6sK`BtgYVkrH(w@)t`^H9x_BoyxuUh$R)YD(4HzY
z3O8bhNYh0vj2>jxWv_;#`3G*m7c+b3c%ta7G4><qVLQU+Z3i+a=mB&%y`l9OJz~7>
zknO);HSE%}yBwq7ceNB;qv(1@;!v>iGn;MtA8w=_EGrs9;XR}_e9Bu?d*Ea#4o2FE
zCecfof2jT7(c_OV#cZ~GZwQsT4O62tY++1AIof12gI)X~ofT9KQOcaI7IWS7Xh>l*
zt((2N=5&kBf!!tgg6_T(;T7EpMjFBPZI2hub7G0E7c?c6jgx@FQZz6}Jidc4AUq^9
z=|jFdm|JKgl%(T!fJtpF@Nm9XmZIpPHDwmxR;%gB3$nS6!NKGFB^3l+rQ(cKgwh~H
zu6WB3vDk@vo@03Wp0!RW+ky$_L)=qq57I>pJz3}&9>0;IENCW*rJ~I?y6XhfA=`mJ
zF+!E#_a>-xKT!YdVxlF~kg23m+xt1$I6Q4ckT)~dG#!$TPzF{|x{uhYiIW>|);Vs8
z0T4Tx>F+>O4^1^Y3H$8wR1U%H0^e5m;Dx6UlP;eW81hAU0_{+HX^^S=uhU<{E5uE&
z+a%VBFW+ab1u4`CpO4GQ+%)p2SMs<I_vNOEqPkrj#UU$4v&pU5jFRJX(m3fZ`YO9~
zicsP5pXKF-e+@&;@0$x>8vY}U|8S6~tLOMDjFXvO0ac&nfPM5GkK=+&LRR0|uDD{0
zSA8~qcf^-=;8!Q)|1N&iu=#B+!ZC+lJ2J$_q=5dufnRN|f?wmEsXRjZ1ycmA6AGXM
z#7_;bpQ$EEx41Ml9ovNhtIiG@5ieI0%AVVAtFgbg=I273&xpV0ii!&56;%mNOwhDF
z=V1t%sA5Ze)DkGGr0c7v4wPTDTElmNClWYgYYaN31Z+5JI{CS~4(V?8JaO=MQf(2n
z&YD8*4}yl22b~s*z$f~?94Ce%rsA=-+TZ`6S3~v%fgs19N^?bD5w$eQ#bGW#CiYN~
z9(&v^bImP9tJ<;uQ_}h|g-Ljf;CYs20ePiUJ?{VZu`>%|pycoz@89(r9Bw(t3!!LU
z5V7s|;o$dnG?=Bj^oDt}-R=ESmgl$d#}}}eeb0aA^X@b6>-MWm;Ln4=pR@QI|M$hb
zKeyMPe}10<ZX&le&a%>ksZkLEUDkXndx!F1UsSIdN`ek|SIn<i`>GE0q{7`EhJK&I
zn3@4l^xw;0&$V-rU7($H<q}yex1k%|L8w6sJH@{P(-=@^I3xWeJ0!8`{W>0w-k6?6
zLRh@CoStg159v!GWctJ_3}F5Y^pE$z+#Hns4*utDCtaHCp22>{YQdKT3O1c^Tk-4J
fzYEKojnCtDch6<_4=fPSpFbhT4Ddj^FhKtcZyF@)

literal 0
HcmV?d00001

diff --git a/charts/fleet-crd/103.1.13+up0.9.15/Chart.yaml b/charts/fleet-crd/103.1.13+up0.9.15/Chart.yaml
new file mode 100644
index 0000000000..11314116d5
--- /dev/null
+++ b/charts/fleet-crd/103.1.13+up0.9.15/Chart.yaml
@@ -0,0 +1,13 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cattle-fleet-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/release-name: fleet-crd
+apiVersion: v2
+appVersion: 0.9.15
+description: Fleet Manager CustomResourceDefinitions
+icon: https://charts.rancher.io/assets/logos/fleet.svg
+name: fleet-crd
+version: 103.1.13+up0.9.15
diff --git a/charts/fleet-crd/103.1.13+up0.9.15/README.md b/charts/fleet-crd/103.1.13+up0.9.15/README.md
new file mode 100644
index 0000000000..2452ab2f1f
--- /dev/null
+++ b/charts/fleet-crd/103.1.13+up0.9.15/README.md
@@ -0,0 +1,5 @@
+# Fleet CRD Helm Chart
+
+Fleet Manager CustomResourceDefinitions Helm chart is a requirement for the Fleet Helm Chart.
+
+The Fleet documentation is centralized in the [doc website](https://fleet.rancher.io/).
\ No newline at end of file
diff --git a/charts/fleet-crd/103.1.13+up0.9.15/templates/crds.yaml b/charts/fleet-crd/103.1.13+up0.9.15/templates/crds.yaml
new file mode 100644
index 0000000000..d42811945d
--- /dev/null
+++ b/charts/fleet-crd/103.1.13+up0.9.15/templates/crds.yaml
@@ -0,0 +1,6859 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: bundledeployments.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: BundleDeployment
+    plural: bundledeployments
+    singular: bundledeployment
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.display.deployed
+          name: Deployed
+          type: string
+        - jsonPath: .status.display.monitored
+          name: Monitored
+          type: string
+        - jsonPath: .status.conditions[?(@.type=="Ready")].message
+          name: Status
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: 'BundleDeployment is used internally by Fleet and should not
+            be used directly.
+
+            When a Bundle is deployed to a cluster an instance of a Bundle is called
+            a
+
+            BundleDeployment. A BundleDeployment represents the state of that Bundle
+            on
+
+            a specific cluster with its cluster-specific customizations. The Fleet
+            agent
+
+            is only aware of BundleDeployment resources that are created for the cluster
+
+            the agent is managing.'
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                correctDrift:
+                  description: CorrectDrift specifies how drift correction should
+                    work.
+                  nullable: true
+                  properties:
+                    enabled:
+                      description: Enabled correct drift if true.
+                      type: boolean
+                    force:
+                      description: Force helm rollback with --force option will be
+                        used if true. This will try to recreate all resources in the
+                        release.
+                      type: boolean
+                    keepFailHistory:
+                      description: KeepFailHistory keeps track of failed rollbacks
+                        in the helm history.
+                      type: boolean
+                  type: object
+                dependsOn:
+                  description: DependsOn refers to the bundles which must be ready
+                    before this bundle can be deployed.
+                  items:
+                    properties:
+                      name:
+                        description: Name of the bundle.
+                        nullable: true
+                        type: string
+                      selector:
+                        description: Selector matching bundle's labels.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: 'A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+
+                                relates the key and values.'
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  description: 'operator represents a key''s relationship
+                                    to a set of values.
+
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.'
+                                  nullable: true
+                                  type: string
+                                values:
+                                  description: 'values is an array of string values.
+                                    If the operator is In or NotIn,
+
+                                    the values array must be non-empty. If the operator
+                                    is Exists or DoesNotExist,
+
+                                    the values array must be empty. This array is
+                                    replaced during a strategic
+
+                                    merge patch.'
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            description: 'matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels
+
+                              map is equivalent to an element of matchExpressions,
+                              whose key field is "key", the
+
+                              operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.'
+                            nullable: true
+                            type: object
+                        type: object
+                    type: object
+                  nullable: true
+                  type: array
+                deploymentID:
+                  description: DeploymentID is the ID of the currently applied deployment.
+                  nullable: true
+                  type: string
+                options:
+                  description: Options are the deployment options, that are currently
+                    applied.
+                  properties:
+                    correctDrift:
+                      description: CorrectDrift specifies how drift correction should
+                        work.
+                      nullable: true
+                      properties:
+                        enabled:
+                          description: Enabled correct drift if true.
+                          type: boolean
+                        force:
+                          description: Force helm rollback with --force option will
+                            be used if true. This will try to recreate all resources
+                            in the release.
+                          type: boolean
+                        keepFailHistory:
+                          description: KeepFailHistory keeps track of failed rollbacks
+                            in the helm history.
+                          type: boolean
+                      type: object
+                    defaultNamespace:
+                      description: 'DefaultNamespace is the namespace to use for resources
+                        that do not
+
+                        specify a namespace. This field is not used to enforce or
+                        lock down
+
+                        the deployment to a specific namespace.'
+                      nullable: true
+                      type: string
+                    deleteCRDResources:
+                      description: DeleteCRDResources deletes CRDs. Warning! this
+                        will also delete all your Custom Resources.
+                      type: boolean
+                    diff:
+                      description: Diff can be used to ignore the modified state of
+                        objects which are amended at runtime.
+                      nullable: true
+                      properties:
+                        comparePatches:
+                          description: ComparePatches match a resource and remove
+                            fields from the check for modifications.
+                          items:
+                            description: ComparePatch matches a resource and removes
+                              fields from the check for modifications.
+                            properties:
+                              apiVersion:
+                                description: APIVersion is the apiVersion of the resource
+                                  to match.
+                                nullable: true
+                                type: string
+                              jsonPointers:
+                                description: JSONPointers ignore diffs at a certain
+                                  JSON path.
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              kind:
+                                description: Kind is the kind of the resource to match.
+                                nullable: true
+                                type: string
+                              name:
+                                description: Name is the name of the resource to match.
+                                nullable: true
+                                type: string
+                              namespace:
+                                description: Namespace is the namespace of the resource
+                                  to match.
+                                nullable: true
+                                type: string
+                              operations:
+                                description: Operations remove a JSON path from the
+                                  resource.
+                                items:
+                                  description: Operation of a ComparePatch, usually
+                                    "remove".
+                                  properties:
+                                    op:
+                                      description: Op is usually "remove"
+                                      nullable: true
+                                      type: string
+                                    path:
+                                      description: Path is the JSON path to remove.
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      description: Value is usually empty.
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    forceSyncGeneration:
+                      description: ForceSyncGeneration is used to force a redeployment
+                      type: integer
+                    helm:
+                      description: Helm options for the deployment, like the chart
+                        name, repo and values.
+                      nullable: true
+                      properties:
+                        atomic:
+                          description: Atomic sets the --atomic flag when Helm is
+                            performing an upgrade
+                          type: boolean
+                        chart:
+                          description: 'Chart can refer to any go-getter URL or OCI
+                            registry based helm
+
+                            chart URL. The chart will be downloaded.'
+                          nullable: true
+                          type: string
+                        disableDNS:
+                          description: DisableDNS can be used to customize Helm's
+                            EnableDNS option, which Fleet sets to `true` by default.
+                          type: boolean
+                        disablePreProcess:
+                          description: DisablePreProcess disables template processing
+                            in values
+                          type: boolean
+                        force:
+                          description: Force allows to override immutable resources.
+                            This could be dangerous.
+                          type: boolean
+                        maxHistory:
+                          description: MaxHistory limits the maximum number of revisions
+                            saved per release by Helm.
+                          type: integer
+                        releaseName:
+                          description: 'ReleaseName sets a custom release name to
+                            deploy the chart as. If
+
+                            not specified a release name will be generated by combining
+                            the
+
+                            invoking GitRepo.name + GitRepo.path.'
+                          maxLength: 53
+                          nullable: true
+                          pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                          type: string
+                        repo:
+                          description: Repo is the name of the HTTPS helm repo to
+                            download the chart from.
+                          nullable: true
+                          type: string
+                        skipSchemaValidation:
+                          description: SkipSchemaValidation allows skipping schema
+                            validation against the chart values
+                          type: boolean
+                        takeOwnership:
+                          description: TakeOwnership makes helm skip the check for
+                            its own annotations
+                          type: boolean
+                        timeoutSeconds:
+                          description: TimeoutSeconds is the time to wait for Helm
+                            operations.
+                          type: integer
+                        values:
+                          description: 'Values passed to Helm. It is possible to specify
+                            the keys and values
+
+                            as go template strings.'
+                          nullable: true
+                          type: object
+                          x-kubernetes-preserve-unknown-fields: true
+                        valuesFiles:
+                          description: ValuesFiles is a list of files to load values
+                            from.
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        valuesFrom:
+                          description: ValuesFrom loads the values from configmaps
+                            and secrets.
+                          items:
+                            description: 'Define helm values that can come from configmap,
+                              secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439'
+                            properties:
+                              configMapKeyRef:
+                                description: The reference to a config map with release
+                                  values.
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    description: Name of a resource in the same namespace
+                                      as the referent.
+                                    nullable: true
+                                    type: string
+                                  namespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              secretKeyRef:
+                                description: The reference to a secret with release
+                                  values.
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    description: Name of a resource in the same namespace
+                                      as the referent.
+                                    nullable: true
+                                    type: string
+                                  namespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                            type: object
+                          nullable: true
+                          type: array
+                        version:
+                          description: Version of the chart to download
+                          nullable: true
+                          type: string
+                        waitForJobs:
+                          description: 'WaitForJobs if set and timeoutSeconds provided,
+                            will wait until all
+
+                            Jobs have been completed before marking the GitRepo as
+                            ready. It
+
+                            will wait for as long as timeoutSeconds'
+                          type: boolean
+                      type: object
+                    ignore:
+                      description: IgnoreOptions can be used to ignore fields when
+                        monitoring the bundle.
+                      properties:
+                        conditions:
+                          description: Conditions is a list of conditions to be ignored
+                            when monitoring the Bundle.
+                          items:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    keepResources:
+                      description: KeepResources can be used to keep the deployed
+                        resources when removing the bundle
+                      type: boolean
+                    kustomize:
+                      description: 'Kustomize options for the deployment, like the
+                        dir containing the
+
+                        kustomization.yaml file.'
+                      nullable: true
+                      properties:
+                        dir:
+                          description: 'Dir points to a custom folder for kustomize
+                            resources. This folder must contain
+
+                            a kustomization.yaml file.'
+                          nullable: true
+                          type: string
+                      type: object
+                    namespace:
+                      description: 'TargetNamespace if present will assign all resource
+                        to this
+
+                        namespace and if any cluster scoped resource exists the deployment
+
+                        will fail.'
+                      nullable: true
+                      type: string
+                    namespaceAnnotations:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      description: NamespaceAnnotations are annotations that will
+                        be appended to the namespace created by Fleet.
+                      nullable: true
+                      type: object
+                    namespaceLabels:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      description: NamespaceLabels are labels that will be appended
+                        to the namespace created by Fleet.
+                      nullable: true
+                      type: object
+                    serviceAccount:
+                      description: ServiceAccount which will be used to perform this
+                        deployment.
+                      nullable: true
+                      type: string
+                    yaml:
+                      description: 'YAML options, if using raw YAML these are names
+                        that map to
+
+                        overlays/{name} files that will be used to replace or patch
+                        a resource.'
+                      nullable: true
+                      properties:
+                        overlays:
+                          description: 'Overlays is a list of names that maps to folders
+                            in "overlays/".
+
+                            If you wish to customize the file ./subdir/resource.yaml
+                            then a file
+
+                            ./overlays/myoverlay/subdir/resource.yaml will replace
+                            the base
+
+                            file.
+
+                            A file named ./overlays/myoverlay/subdir/resource_patch.yaml
+                            will patch the base file.'
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                      type: object
+                  type: object
+                paused:
+                  description: 'Paused if set to true, will stop any BundleDeployments
+                    from being
+
+                    updated. If true, BundleDeployments will be marked as out of sync
+
+                    when changes are detected.'
+                  type: boolean
+                stagedDeploymentID:
+                  description: StagedDeploymentID is the ID of the staged deployment.
+                  nullable: true
+                  type: string
+                stagedOptions:
+                  description: 'StagedOptions are the deployment options, that are
+                    staged for
+
+                    the next deployment.'
+                  properties:
+                    correctDrift:
+                      description: CorrectDrift specifies how drift correction should
+                        work.
+                      nullable: true
+                      properties:
+                        enabled:
+                          description: Enabled correct drift if true.
+                          type: boolean
+                        force:
+                          description: Force helm rollback with --force option will
+                            be used if true. This will try to recreate all resources
+                            in the release.
+                          type: boolean
+                        keepFailHistory:
+                          description: KeepFailHistory keeps track of failed rollbacks
+                            in the helm history.
+                          type: boolean
+                      type: object
+                    defaultNamespace:
+                      description: 'DefaultNamespace is the namespace to use for resources
+                        that do not
+
+                        specify a namespace. This field is not used to enforce or
+                        lock down
+
+                        the deployment to a specific namespace.'
+                      nullable: true
+                      type: string
+                    deleteCRDResources:
+                      description: DeleteCRDResources deletes CRDs. Warning! this
+                        will also delete all your Custom Resources.
+                      type: boolean
+                    diff:
+                      description: Diff can be used to ignore the modified state of
+                        objects which are amended at runtime.
+                      nullable: true
+                      properties:
+                        comparePatches:
+                          description: ComparePatches match a resource and remove
+                            fields from the check for modifications.
+                          items:
+                            description: ComparePatch matches a resource and removes
+                              fields from the check for modifications.
+                            properties:
+                              apiVersion:
+                                description: APIVersion is the apiVersion of the resource
+                                  to match.
+                                nullable: true
+                                type: string
+                              jsonPointers:
+                                description: JSONPointers ignore diffs at a certain
+                                  JSON path.
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              kind:
+                                description: Kind is the kind of the resource to match.
+                                nullable: true
+                                type: string
+                              name:
+                                description: Name is the name of the resource to match.
+                                nullable: true
+                                type: string
+                              namespace:
+                                description: Namespace is the namespace of the resource
+                                  to match.
+                                nullable: true
+                                type: string
+                              operations:
+                                description: Operations remove a JSON path from the
+                                  resource.
+                                items:
+                                  description: Operation of a ComparePatch, usually
+                                    "remove".
+                                  properties:
+                                    op:
+                                      description: Op is usually "remove"
+                                      nullable: true
+                                      type: string
+                                    path:
+                                      description: Path is the JSON path to remove.
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      description: Value is usually empty.
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    forceSyncGeneration:
+                      description: ForceSyncGeneration is used to force a redeployment
+                      type: integer
+                    helm:
+                      description: Helm options for the deployment, like the chart
+                        name, repo and values.
+                      nullable: true
+                      properties:
+                        atomic:
+                          description: Atomic sets the --atomic flag when Helm is
+                            performing an upgrade
+                          type: boolean
+                        chart:
+                          description: 'Chart can refer to any go-getter URL or OCI
+                            registry based helm
+
+                            chart URL. The chart will be downloaded.'
+                          nullable: true
+                          type: string
+                        disableDNS:
+                          description: DisableDNS can be used to customize Helm's
+                            EnableDNS option, which Fleet sets to `true` by default.
+                          type: boolean
+                        disablePreProcess:
+                          description: DisablePreProcess disables template processing
+                            in values
+                          type: boolean
+                        force:
+                          description: Force allows to override immutable resources.
+                            This could be dangerous.
+                          type: boolean
+                        maxHistory:
+                          description: MaxHistory limits the maximum number of revisions
+                            saved per release by Helm.
+                          type: integer
+                        releaseName:
+                          description: 'ReleaseName sets a custom release name to
+                            deploy the chart as. If
+
+                            not specified a release name will be generated by combining
+                            the
+
+                            invoking GitRepo.name + GitRepo.path.'
+                          nullable: true
+                          type: string
+                        repo:
+                          description: Repo is the name of the HTTPS helm repo to
+                            download the chart from.
+                          nullable: true
+                          type: string
+                        skipSchemaValidation:
+                          description: SkipSchemaValidation allows skipping schema
+                            validation against the chart values
+                          type: boolean
+                        takeOwnership:
+                          description: TakeOwnership makes helm skip the check for
+                            its own annotations
+                          type: boolean
+                        timeoutSeconds:
+                          description: TimeoutSeconds is the time to wait for Helm
+                            operations.
+                          type: integer
+                        values:
+                          description: 'Values passed to Helm. It is possible to specify
+                            the keys and values
+
+                            as go template strings.'
+                          nullable: true
+                          type: object
+                          x-kubernetes-preserve-unknown-fields: true
+                        valuesFiles:
+                          description: ValuesFiles is a list of files to load values
+                            from.
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        valuesFrom:
+                          description: ValuesFrom loads the values from configmaps
+                            and secrets.
+                          items:
+                            description: 'Define helm values that can come from configmap,
+                              secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439'
+                            properties:
+                              configMapKeyRef:
+                                description: The reference to a config map with release
+                                  values.
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    description: Name of a resource in the same namespace
+                                      as the referent.
+                                    nullable: true
+                                    type: string
+                                  namespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              secretKeyRef:
+                                description: The reference to a secret with release
+                                  values.
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    description: Name of a resource in the same namespace
+                                      as the referent.
+                                    nullable: true
+                                    type: string
+                                  namespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                            type: object
+                          nullable: true
+                          type: array
+                        version:
+                          description: Version of the chart to download
+                          nullable: true
+                          type: string
+                        waitForJobs:
+                          description: 'WaitForJobs if set and timeoutSeconds provided,
+                            will wait until all
+
+                            Jobs have been completed before marking the GitRepo as
+                            ready. It
+
+                            will wait for as long as timeoutSeconds'
+                          type: boolean
+                      type: object
+                    ignore:
+                      description: IgnoreOptions can be used to ignore fields when
+                        monitoring the bundle.
+                      properties:
+                        conditions:
+                          description: Conditions is a list of conditions to be ignored
+                            when monitoring the Bundle.
+                          items:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    keepResources:
+                      description: KeepResources can be used to keep the deployed
+                        resources when removing the bundle
+                      type: boolean
+                    kustomize:
+                      description: 'Kustomize options for the deployment, like the
+                        dir containing the
+
+                        kustomization.yaml file.'
+                      nullable: true
+                      properties:
+                        dir:
+                          description: 'Dir points to a custom folder for kustomize
+                            resources. This folder must contain
+
+                            a kustomization.yaml file.'
+                          nullable: true
+                          type: string
+                      type: object
+                    namespace:
+                      description: 'TargetNamespace if present will assign all resource
+                        to this
+
+                        namespace and if any cluster scoped resource exists the deployment
+
+                        will fail.'
+                      nullable: true
+                      type: string
+                    namespaceAnnotations:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      description: NamespaceAnnotations are annotations that will
+                        be appended to the namespace created by Fleet.
+                      nullable: true
+                      type: object
+                    namespaceLabels:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      description: NamespaceLabels are labels that will be appended
+                        to the namespace created by Fleet.
+                      nullable: true
+                      type: object
+                    serviceAccount:
+                      description: ServiceAccount which will be used to perform this
+                        deployment.
+                      nullable: true
+                      type: string
+                    yaml:
+                      description: 'YAML options, if using raw YAML these are names
+                        that map to
+
+                        overlays/{name} files that will be used to replace or patch
+                        a resource.'
+                      nullable: true
+                      properties:
+                        overlays:
+                          description: 'Overlays is a list of names that maps to folders
+                            in "overlays/".
+
+                            If you wish to customize the file ./subdir/resource.yaml
+                            then a file
+
+                            ./overlays/myoverlay/subdir/resource.yaml will replace
+                            the base
+
+                            file.
+
+                            A file named ./overlays/myoverlay/subdir/resource_patch.yaml
+                            will patch the base file.'
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                      type: object
+                  type: object
+              type: object
+            status:
+              properties:
+                appliedDeploymentID:
+                  nullable: true
+                  type: string
+                conditions:
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        nullable: true
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        nullable: true
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        nullable: true
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        nullable: true
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        nullable: true
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                display:
+                  properties:
+                    deployed:
+                      nullable: true
+                      type: string
+                    monitored:
+                      nullable: true
+                      type: string
+                    state:
+                      nullable: true
+                      type: string
+                  type: object
+                modifiedStatus:
+                  items:
+                    description: 'ModifiedStatus is used to report the status of a
+                      resource that is modified.
+
+                      It indicates if the modification was a create, a delete or a
+                      patch.'
+                    properties:
+                      apiVersion:
+                        nullable: true
+                        type: string
+                      delete:
+                        type: boolean
+                      kind:
+                        nullable: true
+                        type: string
+                      missing:
+                        type: boolean
+                      name:
+                        nullable: true
+                        type: string
+                      namespace:
+                        nullable: true
+                        type: string
+                      patch:
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                nonModified:
+                  type: boolean
+                nonReadyStatus:
+                  items:
+                    description: NonReadyStatus is used to report the status of a
+                      resource that is not ready. It includes a summary.
+                    properties:
+                      apiVersion:
+                        nullable: true
+                        type: string
+                      kind:
+                        nullable: true
+                        type: string
+                      name:
+                        nullable: true
+                        type: string
+                      namespace:
+                        nullable: true
+                        type: string
+                      summary:
+                        properties:
+                          error:
+                            type: boolean
+                          message:
+                            items:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: array
+                          state:
+                            nullable: true
+                            type: string
+                          transitioning:
+                            type: boolean
+                        type: object
+                      uid:
+                        description: 'UID is a type that holds unique ID values, including
+                          UUIDs.  Because we
+
+                          don''t ONLY use UUIDs, this is an alias to string.  Being
+                          a type captures
+
+                          intent and helps make sure that UIDs and names do not get
+                          conflated.'
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                ready:
+                  type: boolean
+                release:
+                  nullable: true
+                  type: string
+                resources:
+                  description: 'Resources lists the metadata of resources that were
+                    deployed
+
+                    according to the helm release history.'
+                  items:
+                    description: BundleDeploymentResource contains the metadata of
+                      a deployed resource.
+                    properties:
+                      apiVersion:
+                        nullable: true
+                        type: string
+                      createdAt:
+                        nullable: true
+                        type: string
+                      kind:
+                        nullable: true
+                        type: string
+                      name:
+                        nullable: true
+                        type: string
+                      namespace:
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                syncGeneration:
+                  nullable: true
+                  type: integer
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: bundlenamespacemappings.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: BundleNamespaceMapping
+    plural: bundlenamespacemappings
+    singular: bundlenamespacemapping
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: BundleNamespaceMapping maps bundles to clusters in other namespaces.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            bundleSelector:
+              description: 'A label selector is a label query over a set of resources.
+                The result of matchLabels and
+
+                matchExpressions are ANDed. An empty label selector matches all objects.
+                A null
+
+                label selector matches no objects.'
+              nullable: true
+              properties:
+                matchExpressions:
+                  description: matchExpressions is a list of label selector requirements.
+                    The requirements are ANDed.
+                  items:
+                    description: 'A label selector requirement is a selector that
+                      contains values, a key, and an operator that
+
+                      relates the key and values.'
+                    properties:
+                      key:
+                        description: key is the label key that the selector applies
+                          to.
+                        nullable: true
+                        type: string
+                      operator:
+                        description: 'operator represents a key''s relationship to
+                          a set of values.
+
+                          Valid operators are In, NotIn, Exists and DoesNotExist.'
+                        nullable: true
+                        type: string
+                      values:
+                        description: 'values is an array of string values. If the
+                          operator is In or NotIn,
+
+                          the values array must be non-empty. If the operator is Exists
+                          or DoesNotExist,
+
+                          the values array must be empty. This array is replaced during
+                          a strategic
+
+                          merge patch.'
+                        items:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: array
+                    type: object
+                  nullable: true
+                  type: array
+                matchLabels:
+                  additionalProperties:
+                    nullable: true
+                    type: string
+                  description: 'matchLabels is a map of {key,value} pairs. A single
+                    {key,value} in the matchLabels
+
+                    map is equivalent to an element of matchExpressions, whose key
+                    field is "key", the
+
+                    operator is "In", and the values array contains only "value".
+                    The requirements are ANDed.'
+                  nullable: true
+                  type: object
+              type: object
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            namespaceSelector:
+              description: 'A label selector is a label query over a set of resources.
+                The result of matchLabels and
+
+                matchExpressions are ANDed. An empty label selector matches all objects.
+                A null
+
+                label selector matches no objects.'
+              nullable: true
+              properties:
+                matchExpressions:
+                  description: matchExpressions is a list of label selector requirements.
+                    The requirements are ANDed.
+                  items:
+                    description: 'A label selector requirement is a selector that
+                      contains values, a key, and an operator that
+
+                      relates the key and values.'
+                    properties:
+                      key:
+                        description: key is the label key that the selector applies
+                          to.
+                        nullable: true
+                        type: string
+                      operator:
+                        description: 'operator represents a key''s relationship to
+                          a set of values.
+
+                          Valid operators are In, NotIn, Exists and DoesNotExist.'
+                        nullable: true
+                        type: string
+                      values:
+                        description: 'values is an array of string values. If the
+                          operator is In or NotIn,
+
+                          the values array must be non-empty. If the operator is Exists
+                          or DoesNotExist,
+
+                          the values array must be empty. This array is replaced during
+                          a strategic
+
+                          merge patch.'
+                        items:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: array
+                    type: object
+                  nullable: true
+                  type: array
+                matchLabels:
+                  additionalProperties:
+                    nullable: true
+                    type: string
+                  description: 'matchLabels is a map of {key,value} pairs. A single
+                    {key,value} in the matchLabels
+
+                    map is equivalent to an element of matchExpressions, whose key
+                    field is "key", the
+
+                    operator is "In", and the values array contains only "value".
+                    The requirements are ANDed.'
+                  nullable: true
+                  type: object
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: bundles.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: Bundle
+    plural: bundles
+    singular: bundle
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.display.readyClusters
+          name: BundleDeployments-Ready
+          type: string
+        - jsonPath: .status.conditions[?(@.type=="Ready")].message
+          name: Status
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: 'Bundle contains the resources of an application and its deployment
+            options.
+
+            It will be deployed as a Helm chart to target clusters.
+
+
+
+            When a GitRepo is scanned it will produce one or more bundles. Bundles
+            are
+
+            a collection of resources that get deployed to one or more cluster(s).
+            Bundle is the
+
+            fundamental deployment unit used in Fleet. The contents of a Bundle may
+            be
+
+            Kubernetes manifests, Kustomize configuration, or Helm charts. Regardless
+
+            of the source the contents are dynamically rendered into a Helm chart
+            by
+
+            the agent and installed into the downstream cluster as a Helm release.'
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                correctDrift:
+                  description: CorrectDrift specifies how drift correction should
+                    work.
+                  nullable: true
+                  properties:
+                    enabled:
+                      description: Enabled correct drift if true.
+                      type: boolean
+                    force:
+                      description: Force helm rollback with --force option will be
+                        used if true. This will try to recreate all resources in the
+                        release.
+                      type: boolean
+                    keepFailHistory:
+                      description: KeepFailHistory keeps track of failed rollbacks
+                        in the helm history.
+                      type: boolean
+                  type: object
+                defaultNamespace:
+                  description: 'DefaultNamespace is the namespace to use for resources
+                    that do not
+
+                    specify a namespace. This field is not used to enforce or lock
+                    down
+
+                    the deployment to a specific namespace.'
+                  nullable: true
+                  type: string
+                deleteCRDResources:
+                  description: DeleteCRDResources deletes CRDs. Warning! this will
+                    also delete all your Custom Resources.
+                  type: boolean
+                dependsOn:
+                  description: DependsOn refers to the bundles which must be ready
+                    before this bundle can be deployed.
+                  items:
+                    properties:
+                      name:
+                        description: Name of the bundle.
+                        nullable: true
+                        type: string
+                      selector:
+                        description: Selector matching bundle's labels.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: 'A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+
+                                relates the key and values.'
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  description: 'operator represents a key''s relationship
+                                    to a set of values.
+
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.'
+                                  nullable: true
+                                  type: string
+                                values:
+                                  description: 'values is an array of string values.
+                                    If the operator is In or NotIn,
+
+                                    the values array must be non-empty. If the operator
+                                    is Exists or DoesNotExist,
+
+                                    the values array must be empty. This array is
+                                    replaced during a strategic
+
+                                    merge patch.'
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            description: 'matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels
+
+                              map is equivalent to an element of matchExpressions,
+                              whose key field is "key", the
+
+                              operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.'
+                            nullable: true
+                            type: object
+                        type: object
+                    type: object
+                  nullable: true
+                  type: array
+                diff:
+                  description: Diff can be used to ignore the modified state of objects
+                    which are amended at runtime.
+                  nullable: true
+                  properties:
+                    comparePatches:
+                      description: ComparePatches match a resource and remove fields
+                        from the check for modifications.
+                      items:
+                        description: ComparePatch matches a resource and removes fields
+                          from the check for modifications.
+                        properties:
+                          apiVersion:
+                            description: APIVersion is the apiVersion of the resource
+                              to match.
+                            nullable: true
+                            type: string
+                          jsonPointers:
+                            description: JSONPointers ignore diffs at a certain JSON
+                              path.
+                            items:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: array
+                          kind:
+                            description: Kind is the kind of the resource to match.
+                            nullable: true
+                            type: string
+                          name:
+                            description: Name is the name of the resource to match.
+                            nullable: true
+                            type: string
+                          namespace:
+                            description: Namespace is the namespace of the resource
+                              to match.
+                            nullable: true
+                            type: string
+                          operations:
+                            description: Operations remove a JSON path from the resource.
+                            items:
+                              description: Operation of a ComparePatch, usually "remove".
+                              properties:
+                                op:
+                                  description: Op is usually "remove"
+                                  nullable: true
+                                  type: string
+                                path:
+                                  description: Path is the JSON path to remove.
+                                  nullable: true
+                                  type: string
+                                value:
+                                  description: Value is usually empty.
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                  type: object
+                forceSyncGeneration:
+                  description: ForceSyncGeneration is used to force a redeployment
+                  type: integer
+                helm:
+                  description: Helm options for the deployment, like the chart name,
+                    repo and values.
+                  nullable: true
+                  properties:
+                    atomic:
+                      description: Atomic sets the --atomic flag when Helm is performing
+                        an upgrade
+                      type: boolean
+                    chart:
+                      description: 'Chart can refer to any go-getter URL or OCI registry
+                        based helm
+
+                        chart URL. The chart will be downloaded.'
+                      nullable: true
+                      type: string
+                    disableDNS:
+                      description: DisableDNS can be used to customize Helm's EnableDNS
+                        option, which Fleet sets to `true` by default.
+                      type: boolean
+                    disablePreProcess:
+                      description: DisablePreProcess disables template processing
+                        in values
+                      type: boolean
+                    force:
+                      description: Force allows to override immutable resources. This
+                        could be dangerous.
+                      type: boolean
+                    maxHistory:
+                      description: MaxHistory limits the maximum number of revisions
+                        saved per release by Helm.
+                      type: integer
+                    releaseName:
+                      description: 'ReleaseName sets a custom release name to deploy
+                        the chart as. If
+
+                        not specified a release name will be generated by combining
+                        the
+
+                        invoking GitRepo.name + GitRepo.path.'
+                      maxLength: 53
+                      nullable: true
+                      pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                      type: string
+                    repo:
+                      description: Repo is the name of the HTTPS helm repo to download
+                        the chart from.
+                      nullable: true
+                      type: string
+                    skipSchemaValidation:
+                      description: SkipSchemaValidation allows skipping schema validation
+                        against the chart values
+                      type: boolean
+                    takeOwnership:
+                      description: TakeOwnership makes helm skip the check for its
+                        own annotations
+                      type: boolean
+                    timeoutSeconds:
+                      description: TimeoutSeconds is the time to wait for Helm operations.
+                      type: integer
+                    values:
+                      description: 'Values passed to Helm. It is possible to specify
+                        the keys and values
+
+                        as go template strings.'
+                      nullable: true
+                      type: object
+                      x-kubernetes-preserve-unknown-fields: true
+                    valuesFiles:
+                      description: ValuesFiles is a list of files to load values from.
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                    valuesFrom:
+                      description: ValuesFrom loads the values from configmaps and
+                        secrets.
+                      items:
+                        description: 'Define helm values that can come from configmap,
+                          secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439'
+                        properties:
+                          configMapKeyRef:
+                            description: The reference to a config map with release
+                              values.
+                            nullable: true
+                            properties:
+                              key:
+                                nullable: true
+                                type: string
+                              name:
+                                description: Name of a resource in the same namespace
+                                  as the referent.
+                                nullable: true
+                                type: string
+                              namespace:
+                                nullable: true
+                                type: string
+                            type: object
+                          secretKeyRef:
+                            description: The reference to a secret with release values.
+                            nullable: true
+                            properties:
+                              key:
+                                nullable: true
+                                type: string
+                              name:
+                                description: Name of a resource in the same namespace
+                                  as the referent.
+                                nullable: true
+                                type: string
+                              namespace:
+                                nullable: true
+                                type: string
+                            type: object
+                        type: object
+                      nullable: true
+                      type: array
+                    version:
+                      description: Version of the chart to download
+                      nullable: true
+                      type: string
+                    waitForJobs:
+                      description: 'WaitForJobs if set and timeoutSeconds provided,
+                        will wait until all
+
+                        Jobs have been completed before marking the GitRepo as ready.
+                        It
+
+                        will wait for as long as timeoutSeconds'
+                      type: boolean
+                  type: object
+                ignore:
+                  description: IgnoreOptions can be used to ignore fields when monitoring
+                    the bundle.
+                  properties:
+                    conditions:
+                      description: Conditions is a list of conditions to be ignored
+                        when monitoring the Bundle.
+                      items:
+                        additionalProperties:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: object
+                      nullable: true
+                      type: array
+                  type: object
+                keepResources:
+                  description: KeepResources can be used to keep the deployed resources
+                    when removing the bundle
+                  type: boolean
+                kustomize:
+                  description: 'Kustomize options for the deployment, like the dir
+                    containing the
+
+                    kustomization.yaml file.'
+                  nullable: true
+                  properties:
+                    dir:
+                      description: 'Dir points to a custom folder for kustomize resources.
+                        This folder must contain
+
+                        a kustomization.yaml file.'
+                      nullable: true
+                      type: string
+                  type: object
+                namespace:
+                  description: 'TargetNamespace if present will assign all resource
+                    to this
+
+                    namespace and if any cluster scoped resource exists the deployment
+
+                    will fail.'
+                  nullable: true
+                  type: string
+                namespaceAnnotations:
+                  additionalProperties:
+                    nullable: true
+                    type: string
+                  description: NamespaceAnnotations are annotations that will be appended
+                    to the namespace created by Fleet.
+                  nullable: true
+                  type: object
+                namespaceLabels:
+                  additionalProperties:
+                    nullable: true
+                    type: string
+                  description: NamespaceLabels are labels that will be appended to
+                    the namespace created by Fleet.
+                  nullable: true
+                  type: object
+                paused:
+                  description: Paused if set to true, will stop any BundleDeployments
+                    from being updated. It will be marked as out of sync.
+                  type: boolean
+                resources:
+                  description: 'Resources contains the resources that were read from
+                    the bundle''s
+
+                    path. This includes the content of downloaded helm charts.'
+                  items:
+                    description: BundleResource represents the content of a single
+                      resource from the bundle, like a YAML manifest.
+                    properties:
+                      content:
+                        description: The content of the resource, can be compressed.
+                        nullable: true
+                        type: string
+                      encoding:
+                        description: Encoding is either empty or "base64+gz".
+                        nullable: true
+                        type: string
+                      name:
+                        description: Name of the resource, can include the bundle's
+                          internal path.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                rolloutStrategy:
+                  description: 'RolloutStrategy controls the rollout of bundles, by
+                    defining
+
+                    partitions, canaries and percentages for cluster availability.'
+                  nullable: true
+                  properties:
+                    autoPartitionSize:
+                      description: 'A number or percentage of how to automatically
+                        partition clusters if no
+
+                        specific partitioning strategy is configured.
+
+                        default: 25%'
+                      nullable: true
+                      x-kubernetes-int-or-string: true
+                    maxUnavailable:
+                      description: 'A number or percentage of clusters that can be
+                        unavailable during an update
+
+                        of a bundle. This follows the same basic approach as a deployment
+                        rollout
+
+                        strategy. Once the number of clusters meets unavailable state
+                        update will be
+
+                        paused. Default value is 100% which doesn''t take effect on
+                        update.
+
+                        default: 100%'
+                      nullable: true
+                      x-kubernetes-int-or-string: true
+                    maxUnavailablePartitions:
+                      description: 'A number or percentage of cluster partitions that
+                        can be unavailable during
+
+                        an update of a bundle.
+
+                        default: 0'
+                      nullable: true
+                      x-kubernetes-int-or-string: true
+                    partitions:
+                      description: 'A list of definitions of partitions.  If any target
+                        clusters do not match
+
+                        the configuration they are added to partitions at the end
+                        following the
+
+                        autoPartitionSize.'
+                      items:
+                        description: Partition defines a separate rollout strategy
+                          for a set of clusters.
+                        properties:
+                          clusterGroup:
+                            description: A cluster group name to include in this partition
+                            nullable: true
+                            type: string
+                          clusterGroupSelector:
+                            description: Selector matching cluster group labels to
+                              include in this partition
+                            nullable: true
+                            properties:
+                              matchExpressions:
+                                description: matchExpressions is a list of label selector
+                                  requirements. The requirements are ANDed.
+                                items:
+                                  description: 'A label selector requirement is a
+                                    selector that contains values, a key, and an operator
+                                    that
+
+                                    relates the key and values.'
+                                  properties:
+                                    key:
+                                      description: key is the label key that the selector
+                                        applies to.
+                                      nullable: true
+                                      type: string
+                                    operator:
+                                      description: 'operator represents a key''s relationship
+                                        to a set of values.
+
+                                        Valid operators are In, NotIn, Exists and
+                                        DoesNotExist.'
+                                      nullable: true
+                                      type: string
+                                    values:
+                                      description: 'values is an array of string values.
+                                        If the operator is In or NotIn,
+
+                                        the values array must be non-empty. If the
+                                        operator is Exists or DoesNotExist,
+
+                                        the values array must be empty. This array
+                                        is replaced during a strategic
+
+                                        merge patch.'
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                  type: object
+                                nullable: true
+                                type: array
+                              matchLabels:
+                                additionalProperties:
+                                  nullable: true
+                                  type: string
+                                description: 'matchLabels is a map of {key,value}
+                                  pairs. A single {key,value} in the matchLabels
+
+                                  map is equivalent to an element of matchExpressions,
+                                  whose key field is "key", the
+
+                                  operator is "In", and the values array contains
+                                  only "value". The requirements are ANDed.'
+                                nullable: true
+                                type: object
+                            type: object
+                          clusterName:
+                            description: ClusterName is the name of a cluster to include
+                              in this partition
+                            nullable: true
+                            type: string
+                          clusterSelector:
+                            description: Selector matching cluster labels to include
+                              in this partition
+                            nullable: true
+                            properties:
+                              matchExpressions:
+                                description: matchExpressions is a list of label selector
+                                  requirements. The requirements are ANDed.
+                                items:
+                                  description: 'A label selector requirement is a
+                                    selector that contains values, a key, and an operator
+                                    that
+
+                                    relates the key and values.'
+                                  properties:
+                                    key:
+                                      description: key is the label key that the selector
+                                        applies to.
+                                      nullable: true
+                                      type: string
+                                    operator:
+                                      description: 'operator represents a key''s relationship
+                                        to a set of values.
+
+                                        Valid operators are In, NotIn, Exists and
+                                        DoesNotExist.'
+                                      nullable: true
+                                      type: string
+                                    values:
+                                      description: 'values is an array of string values.
+                                        If the operator is In or NotIn,
+
+                                        the values array must be non-empty. If the
+                                        operator is Exists or DoesNotExist,
+
+                                        the values array must be empty. This array
+                                        is replaced during a strategic
+
+                                        merge patch.'
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                  type: object
+                                nullable: true
+                                type: array
+                              matchLabels:
+                                additionalProperties:
+                                  nullable: true
+                                  type: string
+                                description: 'matchLabels is a map of {key,value}
+                                  pairs. A single {key,value} in the matchLabels
+
+                                  map is equivalent to an element of matchExpressions,
+                                  whose key field is "key", the
+
+                                  operator is "In", and the values array contains
+                                  only "value". The requirements are ANDed.'
+                                nullable: true
+                                type: object
+                            type: object
+                          maxUnavailable:
+                            description: 'A number or percentage of clusters that
+                              can be unavailable in this
+
+                              partition before this partition is treated as done.
+
+                              default: 10%'
+                            nullable: true
+                            x-kubernetes-int-or-string: true
+                          name:
+                            description: A user-friendly name given to the partition
+                              used for Display (optional).
+                            nullable: true
+                            type: string
+                        type: object
+                      nullable: true
+                      type: array
+                  type: object
+                serviceAccount:
+                  description: ServiceAccount which will be used to perform this deployment.
+                  nullable: true
+                  type: string
+                targetRestrictions:
+                  description: TargetRestrictions is an allow list, which controls
+                    if a bundledeployment is created for a target.
+                  items:
+                    description: 'BundleTargetRestriction is used internally by Fleet
+                      and should not be modified.
+
+                      It acts as an allow list, to prevent the creation of BundleDeployments
+                      from
+
+                      Targets created by TargetCustomizations in fleet.yaml.'
+                    properties:
+                      clusterGroup:
+                        nullable: true
+                        type: string
+                      clusterGroupSelector:
+                        description: 'A label selector is a label query over a set
+                          of resources. The result of matchLabels and
+
+                          matchExpressions are ANDed. An empty label selector matches
+                          all objects. A null
+
+                          label selector matches no objects.'
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: 'A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+
+                                relates the key and values.'
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  description: 'operator represents a key''s relationship
+                                    to a set of values.
+
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.'
+                                  nullable: true
+                                  type: string
+                                values:
+                                  description: 'values is an array of string values.
+                                    If the operator is In or NotIn,
+
+                                    the values array must be non-empty. If the operator
+                                    is Exists or DoesNotExist,
+
+                                    the values array must be empty. This array is
+                                    replaced during a strategic
+
+                                    merge patch.'
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            description: 'matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels
+
+                              map is equivalent to an element of matchExpressions,
+                              whose key field is "key", the
+
+                              operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.'
+                            nullable: true
+                            type: object
+                        type: object
+                      clusterName:
+                        nullable: true
+                        type: string
+                      clusterSelector:
+                        description: 'A label selector is a label query over a set
+                          of resources. The result of matchLabels and
+
+                          matchExpressions are ANDed. An empty label selector matches
+                          all objects. A null
+
+                          label selector matches no objects.'
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: 'A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+
+                                relates the key and values.'
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  description: 'operator represents a key''s relationship
+                                    to a set of values.
+
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.'
+                                  nullable: true
+                                  type: string
+                                values:
+                                  description: 'values is an array of string values.
+                                    If the operator is In or NotIn,
+
+                                    the values array must be non-empty. If the operator
+                                    is Exists or DoesNotExist,
+
+                                    the values array must be empty. This array is
+                                    replaced during a strategic
+
+                                    merge patch.'
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            description: 'matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels
+
+                              map is equivalent to an element of matchExpressions,
+                              whose key field is "key", the
+
+                              operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.'
+                            nullable: true
+                            type: object
+                        type: object
+                      name:
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                targets:
+                  description: 'Targets refer to the clusters which will be deployed
+                    to.
+
+                    Targets are evaluated in order and the first one to match is used.'
+                  items:
+                    description: 'BundleTarget declares clusters to deploy to. Fleet
+                      will merge the
+
+                      BundleDeploymentOptions from customizations into this struct.'
+                    properties:
+                      clusterGroup:
+                        description: ClusterGroup to match a specific cluster group
+                          by name.
+                        nullable: true
+                        type: string
+                      clusterGroupSelector:
+                        description: ClusterGroupSelector is a selector to match cluster
+                          groups.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: 'A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+
+                                relates the key and values.'
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  description: 'operator represents a key''s relationship
+                                    to a set of values.
+
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.'
+                                  nullable: true
+                                  type: string
+                                values:
+                                  description: 'values is an array of string values.
+                                    If the operator is In or NotIn,
+
+                                    the values array must be non-empty. If the operator
+                                    is Exists or DoesNotExist,
+
+                                    the values array must be empty. This array is
+                                    replaced during a strategic
+
+                                    merge patch.'
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            description: 'matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels
+
+                              map is equivalent to an element of matchExpressions,
+                              whose key field is "key", the
+
+                              operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.'
+                            nullable: true
+                            type: object
+                        type: object
+                      clusterName:
+                        description: 'ClusterName to match a specific cluster by name
+                          that will be
+
+                          selected'
+                        nullable: true
+                        type: string
+                      clusterSelector:
+                        description: 'ClusterSelector is a selector to match clusters.
+                          The structure is
+
+                          the standard metav1.LabelSelector format. If clusterGroupSelector
+                          or
+
+                          clusterGroup is specified, clusterSelector will be used
+                          only to
+
+                          further refine the selection after clusterGroupSelector
+                          and
+
+                          clusterGroup is evaluated.'
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: 'A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+
+                                relates the key and values.'
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  description: 'operator represents a key''s relationship
+                                    to a set of values.
+
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.'
+                                  nullable: true
+                                  type: string
+                                values:
+                                  description: 'values is an array of string values.
+                                    If the operator is In or NotIn,
+
+                                    the values array must be non-empty. If the operator
+                                    is Exists or DoesNotExist,
+
+                                    the values array must be empty. This array is
+                                    replaced during a strategic
+
+                                    merge patch.'
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            description: 'matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels
+
+                              map is equivalent to an element of matchExpressions,
+                              whose key field is "key", the
+
+                              operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.'
+                            nullable: true
+                            type: object
+                        type: object
+                      correctDrift:
+                        description: CorrectDrift specifies how drift correction should
+                          work.
+                        nullable: true
+                        properties:
+                          enabled:
+                            description: Enabled correct drift if true.
+                            type: boolean
+                          force:
+                            description: Force helm rollback with --force option will
+                              be used if true. This will try to recreate all resources
+                              in the release.
+                            type: boolean
+                          keepFailHistory:
+                            description: KeepFailHistory keeps track of failed rollbacks
+                              in the helm history.
+                            type: boolean
+                        type: object
+                      defaultNamespace:
+                        description: 'DefaultNamespace is the namespace to use for
+                          resources that do not
+
+                          specify a namespace. This field is not used to enforce or
+                          lock down
+
+                          the deployment to a specific namespace.'
+                        nullable: true
+                        type: string
+                      deleteCRDResources:
+                        description: DeleteCRDResources deletes CRDs. Warning! this
+                          will also delete all your Custom Resources.
+                        type: boolean
+                      diff:
+                        description: Diff can be used to ignore the modified state
+                          of objects which are amended at runtime.
+                        nullable: true
+                        properties:
+                          comparePatches:
+                            description: ComparePatches match a resource and remove
+                              fields from the check for modifications.
+                            items:
+                              description: ComparePatch matches a resource and removes
+                                fields from the check for modifications.
+                              properties:
+                                apiVersion:
+                                  description: APIVersion is the apiVersion of the
+                                    resource to match.
+                                  nullable: true
+                                  type: string
+                                jsonPointers:
+                                  description: JSONPointers ignore diffs at a certain
+                                    JSON path.
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                kind:
+                                  description: Kind is the kind of the resource to
+                                    match.
+                                  nullable: true
+                                  type: string
+                                name:
+                                  description: Name is the name of the resource to
+                                    match.
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  description: Namespace is the namespace of the resource
+                                    to match.
+                                  nullable: true
+                                  type: string
+                                operations:
+                                  description: Operations remove a JSON path from
+                                    the resource.
+                                  items:
+                                    description: Operation of a ComparePatch, usually
+                                      "remove".
+                                    properties:
+                                      op:
+                                        description: Op is usually "remove"
+                                        nullable: true
+                                        type: string
+                                      path:
+                                        description: Path is the JSON path to remove.
+                                        nullable: true
+                                        type: string
+                                      value:
+                                        description: Value is usually empty.
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      doNotDeploy:
+                        description: DoNotDeploy if set to true, will not deploy to
+                          this target.
+                        type: boolean
+                      forceSyncGeneration:
+                        description: ForceSyncGeneration is used to force a redeployment
+                        type: integer
+                      helm:
+                        description: Helm options for the deployment, like the chart
+                          name, repo and values.
+                        nullable: true
+                        properties:
+                          atomic:
+                            description: Atomic sets the --atomic flag when Helm is
+                              performing an upgrade
+                            type: boolean
+                          chart:
+                            description: 'Chart can refer to any go-getter URL or
+                              OCI registry based helm
+
+                              chart URL. The chart will be downloaded.'
+                            nullable: true
+                            type: string
+                          disableDNS:
+                            description: DisableDNS can be used to customize Helm's
+                              EnableDNS option, which Fleet sets to `true` by default.
+                            type: boolean
+                          disablePreProcess:
+                            description: DisablePreProcess disables template processing
+                              in values
+                            type: boolean
+                          force:
+                            description: Force allows to override immutable resources.
+                              This could be dangerous.
+                            type: boolean
+                          maxHistory:
+                            description: MaxHistory limits the maximum number of revisions
+                              saved per release by Helm.
+                            type: integer
+                          releaseName:
+                            description: 'ReleaseName sets a custom release name to
+                              deploy the chart as. If
+
+                              not specified a release name will be generated by combining
+                              the
+
+                              invoking GitRepo.name + GitRepo.path.'
+                            nullable: true
+                            type: string
+                          repo:
+                            description: Repo is the name of the HTTPS helm repo to
+                              download the chart from.
+                            nullable: true
+                            type: string
+                          skipSchemaValidation:
+                            description: SkipSchemaValidation allows skipping schema
+                              validation against the chart values
+                            type: boolean
+                          takeOwnership:
+                            description: TakeOwnership makes helm skip the check for
+                              its own annotations
+                            type: boolean
+                          timeoutSeconds:
+                            description: TimeoutSeconds is the time to wait for Helm
+                              operations.
+                            type: integer
+                          values:
+                            description: 'Values passed to Helm. It is possible to
+                              specify the keys and values
+
+                              as go template strings.'
+                            nullable: true
+                            type: object
+                            x-kubernetes-preserve-unknown-fields: true
+                          valuesFiles:
+                            description: ValuesFiles is a list of files to load values
+                              from.
+                            items:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: array
+                          valuesFrom:
+                            description: ValuesFrom loads the values from configmaps
+                              and secrets.
+                            items:
+                              description: 'Define helm values that can come from
+                                configmap, secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439'
+                              properties:
+                                configMapKeyRef:
+                                  description: The reference to a config map with
+                                    release values.
+                                  nullable: true
+                                  properties:
+                                    key:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      description: Name of a resource in the same
+                                        namespace as the referent.
+                                      nullable: true
+                                      type: string
+                                    namespace:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                secretKeyRef:
+                                  description: The reference to a secret with release
+                                    values.
+                                  nullable: true
+                                  properties:
+                                    key:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      description: Name of a resource in the same
+                                        namespace as the referent.
+                                      nullable: true
+                                      type: string
+                                    namespace:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                              type: object
+                            nullable: true
+                            type: array
+                          version:
+                            description: Version of the chart to download
+                            nullable: true
+                            type: string
+                          waitForJobs:
+                            description: 'WaitForJobs if set and timeoutSeconds provided,
+                              will wait until all
+
+                              Jobs have been completed before marking the GitRepo
+                              as ready. It
+
+                              will wait for as long as timeoutSeconds'
+                            type: boolean
+                        type: object
+                      ignore:
+                        description: IgnoreOptions can be used to ignore fields when
+                          monitoring the bundle.
+                        properties:
+                          conditions:
+                            description: Conditions is a list of conditions to be
+                              ignored when monitoring the Bundle.
+                            items:
+                              additionalProperties:
+                                nullable: true
+                                type: string
+                              nullable: true
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      keepResources:
+                        description: KeepResources can be used to keep the deployed
+                          resources when removing the bundle
+                        type: boolean
+                      kustomize:
+                        description: 'Kustomize options for the deployment, like the
+                          dir containing the
+
+                          kustomization.yaml file.'
+                        nullable: true
+                        properties:
+                          dir:
+                            description: 'Dir points to a custom folder for kustomize
+                              resources. This folder must contain
+
+                              a kustomization.yaml file.'
+                            nullable: true
+                            type: string
+                        type: object
+                      name:
+                        description: 'Name of target. This value is largely for display
+                          and logging. If
+
+                          not specified a default name of the format "target000" will
+                          be used'
+                        nullable: true
+                        type: string
+                      namespace:
+                        description: 'TargetNamespace if present will assign all resource
+                          to this
+
+                          namespace and if any cluster scoped resource exists the
+                          deployment
+
+                          will fail.'
+                        nullable: true
+                        type: string
+                      namespaceAnnotations:
+                        additionalProperties:
+                          nullable: true
+                          type: string
+                        description: NamespaceAnnotations are annotations that will
+                          be appended to the namespace created by Fleet.
+                        nullable: true
+                        type: object
+                      namespaceLabels:
+                        additionalProperties:
+                          nullable: true
+                          type: string
+                        description: NamespaceLabels are labels that will be appended
+                          to the namespace created by Fleet.
+                        nullable: true
+                        type: object
+                      serviceAccount:
+                        description: ServiceAccount which will be used to perform
+                          this deployment.
+                        nullable: true
+                        type: string
+                      yaml:
+                        description: 'YAML options, if using raw YAML these are names
+                          that map to
+
+                          overlays/{name} files that will be used to replace or patch
+                          a resource.'
+                        nullable: true
+                        properties:
+                          overlays:
+                            description: 'Overlays is a list of names that maps to
+                              folders in "overlays/".
+
+                              If you wish to customize the file ./subdir/resource.yaml
+                              then a file
+
+                              ./overlays/myoverlay/subdir/resource.yaml will replace
+                              the base
+
+                              file.
+
+                              A file named ./overlays/myoverlay/subdir/resource_patch.yaml
+                              will patch the base file.'
+                            items:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: array
+                        type: object
+                    type: object
+                  nullable: true
+                  type: array
+                yaml:
+                  description: 'YAML options, if using raw YAML these are names that
+                    map to
+
+                    overlays/{name} files that will be used to replace or patch a
+                    resource.'
+                  nullable: true
+                  properties:
+                    overlays:
+                      description: 'Overlays is a list of names that maps to folders
+                        in "overlays/".
+
+                        If you wish to customize the file ./subdir/resource.yaml then
+                        a file
+
+                        ./overlays/myoverlay/subdir/resource.yaml will replace the
+                        base
+
+                        file.
+
+                        A file named ./overlays/myoverlay/subdir/resource_patch.yaml
+                        will patch the base file.'
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                  type: object
+              type: object
+            status:
+              properties:
+                conditions:
+                  description: 'Conditions is a list of Wrangler conditions that describe
+                    the state
+
+                    of the bundle.'
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        nullable: true
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        nullable: true
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        nullable: true
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        nullable: true
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        nullable: true
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                display:
+                  description: 'Display contains the number of ready, desiredready
+                    clusters and a
+
+                    summary state for the bundle''s resources.'
+                  properties:
+                    readyClusters:
+                      description: 'ReadyClusters is a string in the form "%d/%d",
+                        that describes the
+
+                        number of clusters that are ready vs. the number of clusters
+                        desired
+
+                        to be ready.'
+                      nullable: true
+                      type: string
+                    state:
+                      description: State is a summary state for the bundle, calculated
+                        over the non-ready resources.
+                      nullable: true
+                      type: string
+                  type: object
+                maxNew:
+                  description: 'MaxNew is always 50. A bundle change can only stage
+                    50
+
+                    bundledeployments at a time.'
+                  type: integer
+                maxUnavailable:
+                  description: 'MaxUnavailable is the maximum number of unavailable
+                    deployments. See
+
+                    rollout configuration.'
+                  type: integer
+                maxUnavailablePartitions:
+                  description: 'MaxUnavailablePartitions is the maximum number of
+                    unavailable
+
+                    partitions. The rollout configuration defines a maximum number
+                    or
+
+                    percentage of unavailable partitions.'
+                  type: integer
+                newlyCreated:
+                  description: 'NewlyCreated is the number of bundle deployments that
+                    have been created,
+
+                    not updated.'
+                  type: integer
+                observedGeneration:
+                  description: ObservedGeneration is the current generation of the
+                    bundle.
+                  type: integer
+                partitions:
+                  description: PartitionStatus lists the status of each partition.
+                  items:
+                    description: PartitionStatus is the status of a single rollout
+                      partition.
+                    properties:
+                      count:
+                        description: Count is the number of clusters in the partition.
+                        type: integer
+                      maxUnavailable:
+                        description: MaxUnavailable is the maximum number of unavailable
+                          clusters in the partition.
+                        type: integer
+                      name:
+                        description: Name is the name of the partition.
+                        nullable: true
+                        type: string
+                      summary:
+                        description: Summary is a summary state for the partition,
+                          calculated over its non-ready resources.
+                        properties:
+                          desiredReady:
+                            description: 'DesiredReady is the number of bundle deployments
+                              that should be
+
+                              ready.'
+                            type: integer
+                          errApplied:
+                            description: 'ErrApplied is the number of bundle deployments
+                              that have been synced
+
+                              from the Fleet controller and the downstream cluster,
+                              but with some
+
+                              errors when deploying the bundle.'
+                            type: integer
+                          modified:
+                            description: 'Modified is the number of bundle deployments
+                              that have been deployed
+
+                              and for which all resources are ready, but where some
+                              changes from the
+
+                              Git repository have not yet been synced.'
+                            type: integer
+                          nonReadyResources:
+                            description: 'NonReadyClusters is a list of states, which
+                              is filled for a bundle
+
+                              that is not ready.'
+                            items:
+                              description: 'NonReadyResource contains information
+                                about a bundle that is not ready for a
+
+                                given state like "ErrApplied". It contains a list
+                                of non-ready or modified
+
+                                resources and their states.'
+                              properties:
+                                bundleState:
+                                  description: State is the state of the resource,
+                                    like e.g. "NotReady" or "ErrApplied".
+                                  nullable: true
+                                  type: string
+                                message:
+                                  description: Message contains information why the
+                                    bundle is not ready.
+                                  nullable: true
+                                  type: string
+                                modifiedStatus:
+                                  description: ModifiedStatus lists the state for
+                                    each modified resource.
+                                  items:
+                                    description: 'ModifiedStatus is used to report
+                                      the status of a resource that is modified.
+
+                                      It indicates if the modification was a create,
+                                      a delete or a patch.'
+                                    properties:
+                                      apiVersion:
+                                        nullable: true
+                                        type: string
+                                      delete:
+                                        type: boolean
+                                      kind:
+                                        nullable: true
+                                        type: string
+                                      missing:
+                                        type: boolean
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      namespace:
+                                        nullable: true
+                                        type: string
+                                      patch:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                name:
+                                  description: Name is the name of the resource.
+                                  nullable: true
+                                  type: string
+                                nonReadyStatus:
+                                  description: NonReadyStatus lists the state for
+                                    each non-ready resource.
+                                  items:
+                                    description: NonReadyStatus is used to report
+                                      the status of a resource that is not ready.
+                                      It includes a summary.
+                                    properties:
+                                      apiVersion:
+                                        nullable: true
+                                        type: string
+                                      kind:
+                                        nullable: true
+                                        type: string
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      namespace:
+                                        nullable: true
+                                        type: string
+                                      summary:
+                                        properties:
+                                          error:
+                                            type: boolean
+                                          message:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                          state:
+                                            nullable: true
+                                            type: string
+                                          transitioning:
+                                            type: boolean
+                                        type: object
+                                      uid:
+                                        description: 'UID is a type that holds unique
+                                          ID values, including UUIDs.  Because we
+
+                                          don''t ONLY use UUIDs, this is an alias
+                                          to string.  Being a type captures
+
+                                          intent and helps make sure that UIDs and
+                                          names do not get conflated.'
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          notReady:
+                            description: 'NotReady is the number of bundle deployments
+                              that have been deployed
+
+                              where some resources are not ready.'
+                            type: integer
+                          outOfSync:
+                            description: 'OutOfSync is the number of bundle deployments
+                              that have been synced
+
+                              from Fleet controller, but not yet by the downstream
+                              agent.'
+                            type: integer
+                          pending:
+                            description: 'Pending is the number of bundle deployments
+                              that are being processed
+
+                              by Fleet controller.'
+                            type: integer
+                          ready:
+                            description: 'Ready is the number of bundle deployments
+                              that have been deployed
+
+                              where all resources are ready.'
+                            type: integer
+                          waitApplied:
+                            description: 'WaitApplied is the number of bundle deployments
+                              that have been
+
+                              synced from Fleet controller and downstream cluster,
+                              but are waiting
+
+                              to be deployed.'
+                            type: integer
+                        type: object
+                      unavailable:
+                        description: Unavailable is the number of unavailable clusters
+                          in the partition.
+                        type: integer
+                    type: object
+                  nullable: true
+                  type: array
+                resourceKey:
+                  description: 'ResourceKey lists resources, which will likely be
+                    deployed. The
+
+                    actual list of resources on a cluster might differ, depending
+                    on the
+
+                    helm chart, value templating, etc..'
+                  items:
+                    description: ResourceKey lists resources, which will likely be
+                      deployed.
+                    properties:
+                      apiVersion:
+                        description: APIVersion is the k8s api version of the resource.
+                        nullable: true
+                        type: string
+                      kind:
+                        description: Kind is the k8s api kind of the resource.
+                        nullable: true
+                        type: string
+                      name:
+                        description: Name is the name of the resource.
+                        nullable: true
+                        type: string
+                      namespace:
+                        description: Namespace is the namespace of the resource.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                summary:
+                  description: 'Summary contains the number of bundle deployments
+                    in each state and
+
+                    a list of non-ready resources.'
+                  properties:
+                    desiredReady:
+                      description: 'DesiredReady is the number of bundle deployments
+                        that should be
+
+                        ready.'
+                      type: integer
+                    errApplied:
+                      description: 'ErrApplied is the number of bundle deployments
+                        that have been synced
+
+                        from the Fleet controller and the downstream cluster, but
+                        with some
+
+                        errors when deploying the bundle.'
+                      type: integer
+                    modified:
+                      description: 'Modified is the number of bundle deployments that
+                        have been deployed
+
+                        and for which all resources are ready, but where some changes
+                        from the
+
+                        Git repository have not yet been synced.'
+                      type: integer
+                    nonReadyResources:
+                      description: 'NonReadyClusters is a list of states, which is
+                        filled for a bundle
+
+                        that is not ready.'
+                      items:
+                        description: 'NonReadyResource contains information about
+                          a bundle that is not ready for a
+
+                          given state like "ErrApplied". It contains a list of non-ready
+                          or modified
+
+                          resources and their states.'
+                        properties:
+                          bundleState:
+                            description: State is the state of the resource, like
+                              e.g. "NotReady" or "ErrApplied".
+                            nullable: true
+                            type: string
+                          message:
+                            description: Message contains information why the bundle
+                              is not ready.
+                            nullable: true
+                            type: string
+                          modifiedStatus:
+                            description: ModifiedStatus lists the state for each modified
+                              resource.
+                            items:
+                              description: 'ModifiedStatus is used to report the status
+                                of a resource that is modified.
+
+                                It indicates if the modification was a create, a delete
+                                or a patch.'
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                delete:
+                                  type: boolean
+                                kind:
+                                  nullable: true
+                                  type: string
+                                missing:
+                                  type: boolean
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                patch:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          name:
+                            description: Name is the name of the resource.
+                            nullable: true
+                            type: string
+                          nonReadyStatus:
+                            description: NonReadyStatus lists the state for each non-ready
+                              resource.
+                            items:
+                              description: NonReadyStatus is used to report the status
+                                of a resource that is not ready. It includes a summary.
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                kind:
+                                  nullable: true
+                                  type: string
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                summary:
+                                  properties:
+                                    error:
+                                      type: boolean
+                                    message:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    state:
+                                      nullable: true
+                                      type: string
+                                    transitioning:
+                                      type: boolean
+                                  type: object
+                                uid:
+                                  description: 'UID is a type that holds unique ID
+                                    values, including UUIDs.  Because we
+
+                                    don''t ONLY use UUIDs, this is an alias to string.  Being
+                                    a type captures
+
+                                    intent and helps make sure that UIDs and names
+                                    do not get conflated.'
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    notReady:
+                      description: 'NotReady is the number of bundle deployments that
+                        have been deployed
+
+                        where some resources are not ready.'
+                      type: integer
+                    outOfSync:
+                      description: 'OutOfSync is the number of bundle deployments
+                        that have been synced
+
+                        from Fleet controller, but not yet by the downstream agent.'
+                      type: integer
+                    pending:
+                      description: 'Pending is the number of bundle deployments that
+                        are being processed
+
+                        by Fleet controller.'
+                      type: integer
+                    ready:
+                      description: 'Ready is the number of bundle deployments that
+                        have been deployed
+
+                        where all resources are ready.'
+                      type: integer
+                    waitApplied:
+                      description: 'WaitApplied is the number of bundle deployments
+                        that have been
+
+                        synced from Fleet controller and downstream cluster, but are
+                        waiting
+
+                        to be deployed.'
+                      type: integer
+                  type: object
+                unavailable:
+                  description: 'Unavailable is the number of bundle deployments that
+                    are not ready or
+
+                    where the AppliedDeploymentID in the status does not match the
+
+                    DeploymentID from the spec.'
+                  type: integer
+                unavailablePartitions:
+                  description: UnavailablePartitions is the number of unavailable
+                    partitions.
+                  type: integer
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clustergroups.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    categories:
+      - fleet
+    kind: ClusterGroup
+    plural: clustergroups
+    singular: clustergroup
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.display.readyClusters
+          name: Clusters-Ready
+          type: string
+        - jsonPath: .status.display.readyBundles
+          name: Bundles-Ready
+          type: string
+        - jsonPath: .status.conditions[?(@.type=="Ready")].message
+          name: Status
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: ClusterGroup is a re-usable selector to target a group of clusters.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                selector:
+                  description: Selector is a label selector, used to select clusters
+                    for this group.
+                  nullable: true
+                  properties:
+                    matchExpressions:
+                      description: matchExpressions is a list of label selector requirements.
+                        The requirements are ANDed.
+                      items:
+                        description: 'A label selector requirement is a selector that
+                          contains values, a key, and an operator that
+
+                          relates the key and values.'
+                        properties:
+                          key:
+                            description: key is the label key that the selector applies
+                              to.
+                            nullable: true
+                            type: string
+                          operator:
+                            description: 'operator represents a key''s relationship
+                              to a set of values.
+
+                              Valid operators are In, NotIn, Exists and DoesNotExist.'
+                            nullable: true
+                            type: string
+                          values:
+                            description: 'values is an array of string values. If
+                              the operator is In or NotIn,
+
+                              the values array must be non-empty. If the operator
+                              is Exists or DoesNotExist,
+
+                              the values array must be empty. This array is replaced
+                              during a strategic
+
+                              merge patch.'
+                            items:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    matchLabels:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      description: 'matchLabels is a map of {key,value} pairs. A single
+                        {key,value} in the matchLabels
+
+                        map is equivalent to an element of matchExpressions, whose
+                        key field is "key", the
+
+                        operator is "In", and the values array contains only "value".
+                        The requirements are ANDed.'
+                      nullable: true
+                      type: object
+                  type: object
+              type: object
+            status:
+              properties:
+                clusterCount:
+                  description: ClusterCount is the number of clusters in the cluster
+                    group.
+                  type: integer
+                conditions:
+                  description: Conditions is a list of conditions and their statuses
+                    for the cluster group.
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        nullable: true
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        nullable: true
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        nullable: true
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        nullable: true
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        nullable: true
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                display:
+                  description: 'Display contains the number of ready, desiredready
+                    clusters and a
+
+                    summary state for the bundle''s resources.'
+                  properties:
+                    readyBundles:
+                      description: 'ReadyBundles is a string in the form "%d/%d",
+                        that describes the
+
+                        number of bundles that are ready vs. the number of bundles
+                        desired
+
+                        to be ready.'
+                      nullable: true
+                      type: string
+                    readyClusters:
+                      description: 'ReadyClusters is a string in the form "%d/%d",
+                        that describes the
+
+                        number of clusters that are ready vs. the number of clusters
+                        desired
+
+                        to be ready.'
+                      nullable: true
+                      type: string
+                    state:
+                      description: 'State is a summary state for the cluster group,
+                        showing "NotReady" if
+
+                        there are non-ready resources.'
+                      nullable: true
+                      type: string
+                  type: object
+                nonReadyClusterCount:
+                  description: NonReadyClusterCount is the number of clusters that
+                    are not ready.
+                  type: integer
+                nonReadyClusters:
+                  description: NonReadyClusters is a list of cluster names that are
+                    not ready.
+                  items:
+                    nullable: true
+                    type: string
+                  nullable: true
+                  type: array
+                resourceCounts:
+                  description: 'ResourceCounts contains the number of resources in
+                    each state over
+
+                    all bundles in the cluster group.'
+                  properties:
+                    desiredReady:
+                      description: DesiredReady is the number of resources that should
+                        be ready.
+                      type: integer
+                    missing:
+                      description: Missing is the number of missing resources.
+                      type: integer
+                    modified:
+                      description: Modified is the number of resources that have been
+                        modified.
+                      type: integer
+                    notReady:
+                      description: 'NotReady is the number of not ready resources.
+                        Resources are not
+
+                        ready if they do not match any other state.'
+                      type: integer
+                    orphaned:
+                      description: Orphaned is the number of orphaned resources.
+                      type: integer
+                    ready:
+                      description: Ready is the number of ready resources.
+                      type: integer
+                    unknown:
+                      description: Unknown is the number of resources in an unknown
+                        state.
+                      type: integer
+                    waitApplied:
+                      description: WaitApplied is the number of resources that are
+                        waiting to be applied.
+                      type: integer
+                  type: object
+                summary:
+                  description: 'Summary is a summary of the bundle deployments and
+                    their resources
+
+                    in the cluster group.'
+                  properties:
+                    desiredReady:
+                      description: 'DesiredReady is the number of bundle deployments
+                        that should be
+
+                        ready.'
+                      type: integer
+                    errApplied:
+                      description: 'ErrApplied is the number of bundle deployments
+                        that have been synced
+
+                        from the Fleet controller and the downstream cluster, but
+                        with some
+
+                        errors when deploying the bundle.'
+                      type: integer
+                    modified:
+                      description: 'Modified is the number of bundle deployments that
+                        have been deployed
+
+                        and for which all resources are ready, but where some changes
+                        from the
+
+                        Git repository have not yet been synced.'
+                      type: integer
+                    nonReadyResources:
+                      description: 'NonReadyClusters is a list of states, which is
+                        filled for a bundle
+
+                        that is not ready.'
+                      items:
+                        description: 'NonReadyResource contains information about
+                          a bundle that is not ready for a
+
+                          given state like "ErrApplied". It contains a list of non-ready
+                          or modified
+
+                          resources and their states.'
+                        properties:
+                          bundleState:
+                            description: State is the state of the resource, like
+                              e.g. "NotReady" or "ErrApplied".
+                            nullable: true
+                            type: string
+                          message:
+                            description: Message contains information why the bundle
+                              is not ready.
+                            nullable: true
+                            type: string
+                          modifiedStatus:
+                            description: ModifiedStatus lists the state for each modified
+                              resource.
+                            items:
+                              description: 'ModifiedStatus is used to report the status
+                                of a resource that is modified.
+
+                                It indicates if the modification was a create, a delete
+                                or a patch.'
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                delete:
+                                  type: boolean
+                                kind:
+                                  nullable: true
+                                  type: string
+                                missing:
+                                  type: boolean
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                patch:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          name:
+                            description: Name is the name of the resource.
+                            nullable: true
+                            type: string
+                          nonReadyStatus:
+                            description: NonReadyStatus lists the state for each non-ready
+                              resource.
+                            items:
+                              description: NonReadyStatus is used to report the status
+                                of a resource that is not ready. It includes a summary.
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                kind:
+                                  nullable: true
+                                  type: string
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                summary:
+                                  properties:
+                                    error:
+                                      type: boolean
+                                    message:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    state:
+                                      nullable: true
+                                      type: string
+                                    transitioning:
+                                      type: boolean
+                                  type: object
+                                uid:
+                                  description: 'UID is a type that holds unique ID
+                                    values, including UUIDs.  Because we
+
+                                    don''t ONLY use UUIDs, this is an alias to string.  Being
+                                    a type captures
+
+                                    intent and helps make sure that UIDs and names
+                                    do not get conflated.'
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    notReady:
+                      description: 'NotReady is the number of bundle deployments that
+                        have been deployed
+
+                        where some resources are not ready.'
+                      type: integer
+                    outOfSync:
+                      description: 'OutOfSync is the number of bundle deployments
+                        that have been synced
+
+                        from Fleet controller, but not yet by the downstream agent.'
+                      type: integer
+                    pending:
+                      description: 'Pending is the number of bundle deployments that
+                        are being processed
+
+                        by Fleet controller.'
+                      type: integer
+                    ready:
+                      description: 'Ready is the number of bundle deployments that
+                        have been deployed
+
+                        where all resources are ready.'
+                      type: integer
+                    waitApplied:
+                      description: 'WaitApplied is the number of bundle deployments
+                        that have been
+
+                        synced from Fleet controller and downstream cluster, but are
+                        waiting
+
+                        to be deployed.'
+                      type: integer
+                  type: object
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterregistrations.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: ClusterRegistration
+    plural: clusterregistrations
+    singular: clusterregistration
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.clusterName
+          name: Cluster-Name
+          type: string
+        - jsonPath: .spec.clusterLabels
+          name: Labels
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: ClusterRegistration is used internally by Fleet and should
+            not be used directly.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                clientID:
+                  description: 'ClientID is a unique string that will identify the
+                    cluster. The
+
+                    agent either uses the configured ID or the kubeSystem.UID.'
+                  nullable: true
+                  type: string
+                clientRandom:
+                  description: 'ClientRandom is a random string that the agent generates.
+                    When
+
+                    fleet-controller grants a registration, it creates a registration
+
+                    secret with this string in the name.'
+                  nullable: true
+                  type: string
+                clusterLabels:
+                  additionalProperties:
+                    nullable: true
+                    type: string
+                  description: ClusterLabels are copied to the cluster resource during
+                    the registration.
+                  nullable: true
+                  type: object
+              type: object
+            status:
+              properties:
+                clusterName:
+                  description: 'ClusterName is only set after the registration is
+                    being processed by
+
+                    fleet-controller.'
+                  nullable: true
+                  type: string
+                granted:
+                  description: 'Granted is set to true, if the request service account
+                    is present
+
+                    and its token secret exists. This happens directly before creating
+
+                    the registration secret, roles and rolebindings.'
+                  type: boolean
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterregistrationtokens.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: ClusterRegistrationToken
+    plural: clusterregistrationtokens
+    singular: clusterregistrationtoken
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.secretName
+          name: Secret-Name
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: ClusterRegistrationToken is used by agents to register a new
+            cluster.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              properties:
+                name:
+                  maxLength: 63
+                  pattern: ^[-a-z0-9]+$
+                  type: string
+              type: object
+            spec:
+              properties:
+                ttl:
+                  description: 'TTL is the time to live for the token. It is used
+                    to calculate the
+
+                    expiration time. If the token expires, it will be deleted.'
+                  nullable: true
+                  type: string
+              type: object
+            status:
+              properties:
+                expires:
+                  description: Expires is the time when the token expires.
+                  nullable: true
+                  type: string
+                secretName:
+                  description: SecretName is the name of the secret containing the
+                    token.
+                  nullable: true
+                  type: string
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusters.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: Cluster
+    plural: clusters
+    singular: cluster
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .status.display.readyBundles
+          name: Bundles-Ready
+          type: string
+        - jsonPath: .status.display.readyNodes
+          name: Nodes-Ready
+          type: string
+        - jsonPath: .status.display.sampleNode
+          name: Sample-Node
+          type: string
+        - jsonPath: .status.agent.lastSeen
+          name: Last-Seen
+          type: string
+        - jsonPath: .status.conditions[?(@.type=="Ready")].message
+          name: Status
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: 'Cluster corresponds to a Kubernetes cluster. Fleet deploys
+            bundles to targeted clusters.
+
+            Clusters to which Fleet deploys manifests are referred to as downstream
+
+            clusters. In the single cluster use case, the Fleet manager Kubernetes
+
+            cluster is both the manager and downstream cluster at the same time.'
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              properties:
+                name:
+                  maxLength: 63
+                  pattern: ^[-a-z0-9]+$
+                  type: string
+              type: object
+            spec:
+              properties:
+                agentAffinity:
+                  description: 'AgentAffinity overrides the default affinity for the
+                    cluster''s agent
+
+                    deployment. If this value is nil the default affinity is used.'
+                  nullable: true
+                  properties:
+                    nodeAffinity:
+                      description: Describes node affinity scheduling rules for the
+                        pod.
+                      nullable: true
+                      properties:
+                        preferredDuringSchedulingIgnoredDuringExecution:
+                          description: 'The scheduler will prefer to schedule pods
+                            to nodes that satisfy
+
+                            the affinity expressions specified by this field, but
+                            it may choose
+
+                            a node that violates one or more of the expressions. The
+                            node that is
+
+                            most preferred is the one with the greatest sum of weights,
+                            i.e.
+
+                            for each node that meets all of the scheduling requirements
+                            (resource
+
+                            request, requiredDuringScheduling affinity expressions,
+                            etc.),
+
+                            compute a sum by iterating through the elements of this
+                            field and adding
+
+                            "weight" to the sum if the node matches the corresponding
+                            matchExpressions; the
+
+                            node(s) with the highest sum are the most preferred.'
+                          items:
+                            description: 'An empty preferred scheduling term matches
+                              all objects with implicit weight 0
+
+                              (i.e. it''s a no-op). A null preferred scheduling term
+                              matches no objects (i.e. is also a no-op).'
+                            properties:
+                              preference:
+                                description: A node selector term, associated with
+                                  the corresponding weight.
+                                properties:
+                                  matchExpressions:
+                                    description: A list of node selector requirements
+                                      by node's labels.
+                                    items:
+                                      description: 'A node selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator
+
+                                        that relates the key and values.'
+                                      properties:
+                                        key:
+                                          description: The label key that the selector
+                                            applies to.
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          description: 'Represents a key''s relationship
+                                            to a set of values.
+
+                                            Valid operators are In, NotIn, Exists,
+                                            DoesNotExist. Gt, and Lt.'
+                                          enum:
+                                            - In
+                                            - NotIn
+                                            - Exists
+                                            - DoesNotExist
+                                            - Gt
+                                            - Lt
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          description: 'An array of string values.
+                                            If the operator is In or NotIn,
+
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+
+                                            the values array must be empty. If the
+                                            operator is Gt or Lt, the values
+
+                                            array must have a single element, which
+                                            will be interpreted as an integer.
+
+                                            This array is replaced during a strategic
+                                            merge patch.'
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  matchFields:
+                                    description: A list of node selector requirements
+                                      by node's fields.
+                                    items:
+                                      description: 'A node selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator
+
+                                        that relates the key and values.'
+                                      properties:
+                                        key:
+                                          description: The label key that the selector
+                                            applies to.
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          description: 'Represents a key''s relationship
+                                            to a set of values.
+
+                                            Valid operators are In, NotIn, Exists,
+                                            DoesNotExist. Gt, and Lt.'
+                                          enum:
+                                            - In
+                                            - NotIn
+                                            - Exists
+                                            - DoesNotExist
+                                            - Gt
+                                            - Lt
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          description: 'An array of string values.
+                                            If the operator is In or NotIn,
+
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+
+                                            the values array must be empty. If the
+                                            operator is Gt or Lt, the values
+
+                                            array must have a single element, which
+                                            will be interpreted as an integer.
+
+                                            This array is replaced during a strategic
+                                            merge patch.'
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                type: object
+                              weight:
+                                description: Weight associated with matching the corresponding
+                                  nodeSelectorTerm, in the range 1-100.
+                                type: integer
+                            type: object
+                          nullable: true
+                          type: array
+                        requiredDuringSchedulingIgnoredDuringExecution:
+                          description: 'If the affinity requirements specified by
+                            this field are not met at
+
+                            scheduling time, the pod will not be scheduled onto the
+                            node.
+
+                            If the affinity requirements specified by this field cease
+                            to be met
+
+                            at some point during pod execution (e.g. due to an update),
+                            the system
+
+                            may or may not try to eventually evict the pod from its
+                            node.'
+                          nullable: true
+                          properties:
+                            nodeSelectorTerms:
+                              description: Required. A list of node selector terms.
+                                The terms are ORed.
+                              items:
+                                description: 'A null or empty node selector term matches
+                                  no objects. The requirements of
+
+                                  them are ANDed.
+
+                                  The TopologySelectorTerm type implements a subset
+                                  of the NodeSelectorTerm.'
+                                properties:
+                                  matchExpressions:
+                                    description: A list of node selector requirements
+                                      by node's labels.
+                                    items:
+                                      description: 'A node selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator
+
+                                        that relates the key and values.'
+                                      properties:
+                                        key:
+                                          description: The label key that the selector
+                                            applies to.
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          description: 'Represents a key''s relationship
+                                            to a set of values.
+
+                                            Valid operators are In, NotIn, Exists,
+                                            DoesNotExist. Gt, and Lt.'
+                                          enum:
+                                            - In
+                                            - NotIn
+                                            - Exists
+                                            - DoesNotExist
+                                            - Gt
+                                            - Lt
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          description: 'An array of string values.
+                                            If the operator is In or NotIn,
+
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+
+                                            the values array must be empty. If the
+                                            operator is Gt or Lt, the values
+
+                                            array must have a single element, which
+                                            will be interpreted as an integer.
+
+                                            This array is replaced during a strategic
+                                            merge patch.'
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  matchFields:
+                                    description: A list of node selector requirements
+                                      by node's fields.
+                                    items:
+                                      description: 'A node selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator
+
+                                        that relates the key and values.'
+                                      properties:
+                                        key:
+                                          description: The label key that the selector
+                                            applies to.
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          description: 'Represents a key''s relationship
+                                            to a set of values.
+
+                                            Valid operators are In, NotIn, Exists,
+                                            DoesNotExist. Gt, and Lt.'
+                                          enum:
+                                            - In
+                                            - NotIn
+                                            - Exists
+                                            - DoesNotExist
+                                            - Gt
+                                            - Lt
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          description: 'An array of string values.
+                                            If the operator is In or NotIn,
+
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+
+                                            the values array must be empty. If the
+                                            operator is Gt or Lt, the values
+
+                                            array must have a single element, which
+                                            will be interpreted as an integer.
+
+                                            This array is replaced during a strategic
+                                            merge patch.'
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                type: object
+                              nullable: true
+                              type: array
+                          type: object
+                      type: object
+                    podAffinity:
+                      description: Describes pod affinity scheduling rules (e.g. co-locate
+                        this pod in the same node, zone, etc. as some other pod(s)).
+                      nullable: true
+                      properties:
+                        preferredDuringSchedulingIgnoredDuringExecution:
+                          description: 'The scheduler will prefer to schedule pods
+                            to nodes that satisfy
+
+                            the affinity expressions specified by this field, but
+                            it may choose
+
+                            a node that violates one or more of the expressions. The
+                            node that is
+
+                            most preferred is the one with the greatest sum of weights,
+                            i.e.
+
+                            for each node that meets all of the scheduling requirements
+                            (resource
+
+                            request, requiredDuringScheduling affinity expressions,
+                            etc.),
+
+                            compute a sum by iterating through the elements of this
+                            field and adding
+
+                            "weight" to the sum if the node has pods which matches
+                            the corresponding podAffinityTerm; the
+
+                            node(s) with the highest sum are the most preferred.'
+                          items:
+                            description: The weights of all of the matched WeightedPodAffinityTerm
+                              fields are added per-node to find the most preferred
+                              node(s)
+                            properties:
+                              podAffinityTerm:
+                                description: Required. A pod affinity term, associated
+                                  with the corresponding weight.
+                                properties:
+                                  labelSelector:
+                                    description: A label query over a set of resources,
+                                      in this case pods.
+                                    nullable: true
+                                    properties:
+                                      matchExpressions:
+                                        description: matchExpressions is a list of
+                                          label selector requirements. The requirements
+                                          are ANDed.
+                                        items:
+                                          description: 'A label selector requirement
+                                            is a selector that contains values, a
+                                            key, and an operator that
+
+                                            relates the key and values.'
+                                          properties:
+                                            key:
+                                              description: key is the label key that
+                                                the selector applies to.
+                                              nullable: true
+                                              type: string
+                                            operator:
+                                              description: 'operator represents a
+                                                key''s relationship to a set of values.
+
+                                                Valid operators are In, NotIn, Exists
+                                                and DoesNotExist.'
+                                              enum:
+                                                - In
+                                                - NotIn
+                                                - Exists
+                                                - DoesNotExist
+                                              nullable: true
+                                              type: string
+                                            values:
+                                              description: 'values is an array of
+                                                string values. If the operator is
+                                                In or NotIn,
+
+                                                the values array must be non-empty.
+                                                If the operator is Exists or DoesNotExist,
+
+                                                the values array must be empty. This
+                                                array is replaced during a strategic
+
+                                                merge patch.'
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      matchLabels:
+                                        additionalProperties:
+                                          nullable: true
+                                          type: string
+                                        description: 'matchLabels is a map of {key,value}
+                                          pairs. A single {key,value} in the matchLabels
+
+                                          map is equivalent to an element of matchExpressions,
+                                          whose key field is "key", the
+
+                                          operator is "In", and the values array contains
+                                          only "value". The requirements are ANDed.'
+                                        nullable: true
+                                        type: object
+                                    type: object
+                                  namespaceSelector:
+                                    description: 'A label query over the set of namespaces
+                                      that the term applies to.
+
+                                      The term is applied to the union of the namespaces
+                                      selected by this field
+
+                                      and the ones listed in the namespaces field.
+
+                                      null selector and null or empty namespaces list
+                                      means "this pod''s namespace".
+
+                                      An empty selector ({}) matches all namespaces.'
+                                    nullable: true
+                                    properties:
+                                      matchExpressions:
+                                        description: matchExpressions is a list of
+                                          label selector requirements. The requirements
+                                          are ANDed.
+                                        items:
+                                          description: 'A label selector requirement
+                                            is a selector that contains values, a
+                                            key, and an operator that
+
+                                            relates the key and values.'
+                                          properties:
+                                            key:
+                                              description: key is the label key that
+                                                the selector applies to.
+                                              nullable: true
+                                              type: string
+                                            operator:
+                                              description: 'operator represents a
+                                                key''s relationship to a set of values.
+
+                                                Valid operators are In, NotIn, Exists
+                                                and DoesNotExist.'
+                                              enum:
+                                                - In
+                                                - NotIn
+                                                - Exists
+                                                - DoesNotExist
+                                              nullable: true
+                                              type: string
+                                            values:
+                                              description: 'values is an array of
+                                                string values. If the operator is
+                                                In or NotIn,
+
+                                                the values array must be non-empty.
+                                                If the operator is Exists or DoesNotExist,
+
+                                                the values array must be empty. This
+                                                array is replaced during a strategic
+
+                                                merge patch.'
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      matchLabels:
+                                        additionalProperties:
+                                          nullable: true
+                                          type: string
+                                        description: 'matchLabels is a map of {key,value}
+                                          pairs. A single {key,value} in the matchLabels
+
+                                          map is equivalent to an element of matchExpressions,
+                                          whose key field is "key", the
+
+                                          operator is "In", and the values array contains
+                                          only "value". The requirements are ANDed.'
+                                        nullable: true
+                                        type: object
+                                    type: object
+                                  namespaces:
+                                    description: 'namespaces specifies a static list
+                                      of namespace names that the term applies to.
+
+                                      The term is applied to the union of the namespaces
+                                      listed in this field
+
+                                      and the ones selected by namespaceSelector.
+
+                                      null or empty namespaces list and null namespaceSelector
+                                      means "this pod''s namespace".'
+                                    items:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: array
+                                  topologyKey:
+                                    description: 'This pod should be co-located (affinity)
+                                      or not co-located (anti-affinity) with the pods
+                                      matching
+
+                                      the labelSelector in the specified namespaces,
+                                      where co-located is defined as running on a
+                                      node
+
+                                      whose value of the label with key topologyKey
+                                      matches that of any node on which any of the
+
+                                      selected pods is running.
+
+                                      Empty topologyKey is not allowed.'
+                                    nullable: true
+                                    type: string
+                                type: object
+                              weight:
+                                description: 'weight associated with matching the
+                                  corresponding podAffinityTerm,
+
+                                  in the range 1-100.'
+                                type: integer
+                            type: object
+                          nullable: true
+                          type: array
+                        requiredDuringSchedulingIgnoredDuringExecution:
+                          description: 'If the affinity requirements specified by
+                            this field are not met at
+
+                            scheduling time, the pod will not be scheduled onto the
+                            node.
+
+                            If the affinity requirements specified by this field cease
+                            to be met
+
+                            at some point during pod execution (e.g. due to a pod
+                            label update), the
+
+                            system may or may not try to eventually evict the pod
+                            from its node.
+
+                            When there are multiple elements, the lists of nodes corresponding
+                            to each
+
+                            podAffinityTerm are intersected, i.e. all terms must be
+                            satisfied.'
+                          items:
+                            description: 'Defines a set of pods (namely those matching
+                              the labelSelector
+
+                              relative to the given namespace(s)) that this pod should
+                              be
+
+                              co-located (affinity) or not co-located (anti-affinity)
+                              with,
+
+                              where co-located is defined as running on a node whose
+                              value of
+
+                              the label with key <topologyKey> matches that of any
+                              node on which
+
+                              a pod of the set of pods is running'
+                            properties:
+                              labelSelector:
+                                description: A label query over a set of resources,
+                                  in this case pods.
+                                nullable: true
+                                properties:
+                                  matchExpressions:
+                                    description: matchExpressions is a list of label
+                                      selector requirements. The requirements are
+                                      ANDed.
+                                    items:
+                                      description: 'A label selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that
+
+                                        relates the key and values.'
+                                      properties:
+                                        key:
+                                          description: key is the label key that the
+                                            selector applies to.
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          description: 'operator represents a key''s
+                                            relationship to a set of values.
+
+                                            Valid operators are In, NotIn, Exists
+                                            and DoesNotExist.'
+                                          enum:
+                                            - In
+                                            - NotIn
+                                            - Exists
+                                            - DoesNotExist
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          description: 'values is an array of string
+                                            values. If the operator is In or NotIn,
+
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+
+                                            the values array must be empty. This array
+                                            is replaced during a strategic
+
+                                            merge patch.'
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  matchLabels:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    description: 'matchLabels is a map of {key,value}
+                                      pairs. A single {key,value} in the matchLabels
+
+                                      map is equivalent to an element of matchExpressions,
+                                      whose key field is "key", the
+
+                                      operator is "In", and the values array contains
+                                      only "value". The requirements are ANDed.'
+                                    nullable: true
+                                    type: object
+                                type: object
+                              namespaceSelector:
+                                description: 'A label query over the set of namespaces
+                                  that the term applies to.
+
+                                  The term is applied to the union of the namespaces
+                                  selected by this field
+
+                                  and the ones listed in the namespaces field.
+
+                                  null selector and null or empty namespaces list
+                                  means "this pod''s namespace".
+
+                                  An empty selector ({}) matches all namespaces.'
+                                nullable: true
+                                properties:
+                                  matchExpressions:
+                                    description: matchExpressions is a list of label
+                                      selector requirements. The requirements are
+                                      ANDed.
+                                    items:
+                                      description: 'A label selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that
+
+                                        relates the key and values.'
+                                      properties:
+                                        key:
+                                          description: key is the label key that the
+                                            selector applies to.
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          description: 'operator represents a key''s
+                                            relationship to a set of values.
+
+                                            Valid operators are In, NotIn, Exists
+                                            and DoesNotExist.'
+                                          enum:
+                                            - In
+                                            - NotIn
+                                            - Exists
+                                            - DoesNotExist
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          description: 'values is an array of string
+                                            values. If the operator is In or NotIn,
+
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+
+                                            the values array must be empty. This array
+                                            is replaced during a strategic
+
+                                            merge patch.'
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  matchLabels:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    description: 'matchLabels is a map of {key,value}
+                                      pairs. A single {key,value} in the matchLabels
+
+                                      map is equivalent to an element of matchExpressions,
+                                      whose key field is "key", the
+
+                                      operator is "In", and the values array contains
+                                      only "value". The requirements are ANDed.'
+                                    nullable: true
+                                    type: object
+                                type: object
+                              namespaces:
+                                description: 'namespaces specifies a static list of
+                                  namespace names that the term applies to.
+
+                                  The term is applied to the union of the namespaces
+                                  listed in this field
+
+                                  and the ones selected by namespaceSelector.
+
+                                  null or empty namespaces list and null namespaceSelector
+                                  means "this pod''s namespace".'
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              topologyKey:
+                                description: 'This pod should be co-located (affinity)
+                                  or not co-located (anti-affinity) with the pods
+                                  matching
+
+                                  the labelSelector in the specified namespaces, where
+                                  co-located is defined as running on a node
+
+                                  whose value of the label with key topologyKey matches
+                                  that of any node on which any of the
+
+                                  selected pods is running.
+
+                                  Empty topologyKey is not allowed.'
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                    podAntiAffinity:
+                      description: Describes pod anti-affinity scheduling rules (e.g.
+                        avoid putting this pod in the same node, zone, etc. as some
+                        other pod(s)).
+                      nullable: true
+                      properties:
+                        preferredDuringSchedulingIgnoredDuringExecution:
+                          description: 'The scheduler will prefer to schedule pods
+                            to nodes that satisfy
+
+                            the anti-affinity expressions specified by this field,
+                            but it may choose
+
+                            a node that violates one or more of the expressions. The
+                            node that is
+
+                            most preferred is the one with the greatest sum of weights,
+                            i.e.
+
+                            for each node that meets all of the scheduling requirements
+                            (resource
+
+                            request, requiredDuringScheduling anti-affinity expressions,
+                            etc.),
+
+                            compute a sum by iterating through the elements of this
+                            field and adding
+
+                            "weight" to the sum if the node has pods which matches
+                            the corresponding podAffinityTerm; the
+
+                            node(s) with the highest sum are the most preferred.'
+                          items:
+                            description: The weights of all of the matched WeightedPodAffinityTerm
+                              fields are added per-node to find the most preferred
+                              node(s)
+                            properties:
+                              podAffinityTerm:
+                                description: Required. A pod affinity term, associated
+                                  with the corresponding weight.
+                                properties:
+                                  labelSelector:
+                                    description: A label query over a set of resources,
+                                      in this case pods.
+                                    nullable: true
+                                    properties:
+                                      matchExpressions:
+                                        description: matchExpressions is a list of
+                                          label selector requirements. The requirements
+                                          are ANDed.
+                                        items:
+                                          description: 'A label selector requirement
+                                            is a selector that contains values, a
+                                            key, and an operator that
+
+                                            relates the key and values.'
+                                          properties:
+                                            key:
+                                              description: key is the label key that
+                                                the selector applies to.
+                                              nullable: true
+                                              type: string
+                                            operator:
+                                              description: 'operator represents a
+                                                key''s relationship to a set of values.
+
+                                                Valid operators are In, NotIn, Exists
+                                                and DoesNotExist.'
+                                              enum:
+                                                - In
+                                                - NotIn
+                                                - Exists
+                                                - DoesNotExist
+                                              nullable: true
+                                              type: string
+                                            values:
+                                              description: 'values is an array of
+                                                string values. If the operator is
+                                                In or NotIn,
+
+                                                the values array must be non-empty.
+                                                If the operator is Exists or DoesNotExist,
+
+                                                the values array must be empty. This
+                                                array is replaced during a strategic
+
+                                                merge patch.'
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      matchLabels:
+                                        additionalProperties:
+                                          nullable: true
+                                          type: string
+                                        description: 'matchLabels is a map of {key,value}
+                                          pairs. A single {key,value} in the matchLabels
+
+                                          map is equivalent to an element of matchExpressions,
+                                          whose key field is "key", the
+
+                                          operator is "In", and the values array contains
+                                          only "value". The requirements are ANDed.'
+                                        nullable: true
+                                        type: object
+                                    type: object
+                                  namespaceSelector:
+                                    description: 'A label query over the set of namespaces
+                                      that the term applies to.
+
+                                      The term is applied to the union of the namespaces
+                                      selected by this field
+
+                                      and the ones listed in the namespaces field.
+
+                                      null selector and null or empty namespaces list
+                                      means "this pod''s namespace".
+
+                                      An empty selector ({}) matches all namespaces.'
+                                    nullable: true
+                                    properties:
+                                      matchExpressions:
+                                        description: matchExpressions is a list of
+                                          label selector requirements. The requirements
+                                          are ANDed.
+                                        items:
+                                          description: 'A label selector requirement
+                                            is a selector that contains values, a
+                                            key, and an operator that
+
+                                            relates the key and values.'
+                                          properties:
+                                            key:
+                                              description: key is the label key that
+                                                the selector applies to.
+                                              nullable: true
+                                              type: string
+                                            operator:
+                                              description: 'operator represents a
+                                                key''s relationship to a set of values.
+
+                                                Valid operators are In, NotIn, Exists
+                                                and DoesNotExist.'
+                                              enum:
+                                                - In
+                                                - NotIn
+                                                - Exists
+                                                - DoesNotExist
+                                              nullable: true
+                                              type: string
+                                            values:
+                                              description: 'values is an array of
+                                                string values. If the operator is
+                                                In or NotIn,
+
+                                                the values array must be non-empty.
+                                                If the operator is Exists or DoesNotExist,
+
+                                                the values array must be empty. This
+                                                array is replaced during a strategic
+
+                                                merge patch.'
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      matchLabels:
+                                        additionalProperties:
+                                          nullable: true
+                                          type: string
+                                        description: 'matchLabels is a map of {key,value}
+                                          pairs. A single {key,value} in the matchLabels
+
+                                          map is equivalent to an element of matchExpressions,
+                                          whose key field is "key", the
+
+                                          operator is "In", and the values array contains
+                                          only "value". The requirements are ANDed.'
+                                        nullable: true
+                                        type: object
+                                    type: object
+                                  namespaces:
+                                    description: 'namespaces specifies a static list
+                                      of namespace names that the term applies to.
+
+                                      The term is applied to the union of the namespaces
+                                      listed in this field
+
+                                      and the ones selected by namespaceSelector.
+
+                                      null or empty namespaces list and null namespaceSelector
+                                      means "this pod''s namespace".'
+                                    items:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: array
+                                  topologyKey:
+                                    description: 'This pod should be co-located (affinity)
+                                      or not co-located (anti-affinity) with the pods
+                                      matching
+
+                                      the labelSelector in the specified namespaces,
+                                      where co-located is defined as running on a
+                                      node
+
+                                      whose value of the label with key topologyKey
+                                      matches that of any node on which any of the
+
+                                      selected pods is running.
+
+                                      Empty topologyKey is not allowed.'
+                                    nullable: true
+                                    type: string
+                                type: object
+                              weight:
+                                description: 'weight associated with matching the
+                                  corresponding podAffinityTerm,
+
+                                  in the range 1-100.'
+                                type: integer
+                            type: object
+                          nullable: true
+                          type: array
+                        requiredDuringSchedulingIgnoredDuringExecution:
+                          description: 'If the anti-affinity requirements specified
+                            by this field are not met at
+
+                            scheduling time, the pod will not be scheduled onto the
+                            node.
+
+                            If the anti-affinity requirements specified by this field
+                            cease to be met
+
+                            at some point during pod execution (e.g. due to a pod
+                            label update), the
+
+                            system may or may not try to eventually evict the pod
+                            from its node.
+
+                            When there are multiple elements, the lists of nodes corresponding
+                            to each
+
+                            podAffinityTerm are intersected, i.e. all terms must be
+                            satisfied.'
+                          items:
+                            description: 'Defines a set of pods (namely those matching
+                              the labelSelector
+
+                              relative to the given namespace(s)) that this pod should
+                              be
+
+                              co-located (affinity) or not co-located (anti-affinity)
+                              with,
+
+                              where co-located is defined as running on a node whose
+                              value of
+
+                              the label with key <topologyKey> matches that of any
+                              node on which
+
+                              a pod of the set of pods is running'
+                            properties:
+                              labelSelector:
+                                description: A label query over a set of resources,
+                                  in this case pods.
+                                nullable: true
+                                properties:
+                                  matchExpressions:
+                                    description: matchExpressions is a list of label
+                                      selector requirements. The requirements are
+                                      ANDed.
+                                    items:
+                                      description: 'A label selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that
+
+                                        relates the key and values.'
+                                      properties:
+                                        key:
+                                          description: key is the label key that the
+                                            selector applies to.
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          description: 'operator represents a key''s
+                                            relationship to a set of values.
+
+                                            Valid operators are In, NotIn, Exists
+                                            and DoesNotExist.'
+                                          enum:
+                                            - In
+                                            - NotIn
+                                            - Exists
+                                            - DoesNotExist
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          description: 'values is an array of string
+                                            values. If the operator is In or NotIn,
+
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+
+                                            the values array must be empty. This array
+                                            is replaced during a strategic
+
+                                            merge patch.'
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  matchLabels:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    description: 'matchLabels is a map of {key,value}
+                                      pairs. A single {key,value} in the matchLabels
+
+                                      map is equivalent to an element of matchExpressions,
+                                      whose key field is "key", the
+
+                                      operator is "In", and the values array contains
+                                      only "value". The requirements are ANDed.'
+                                    nullable: true
+                                    type: object
+                                type: object
+                              namespaceSelector:
+                                description: 'A label query over the set of namespaces
+                                  that the term applies to.
+
+                                  The term is applied to the union of the namespaces
+                                  selected by this field
+
+                                  and the ones listed in the namespaces field.
+
+                                  null selector and null or empty namespaces list
+                                  means "this pod''s namespace".
+
+                                  An empty selector ({}) matches all namespaces.'
+                                nullable: true
+                                properties:
+                                  matchExpressions:
+                                    description: matchExpressions is a list of label
+                                      selector requirements. The requirements are
+                                      ANDed.
+                                    items:
+                                      description: 'A label selector requirement is
+                                        a selector that contains values, a key, and
+                                        an operator that
+
+                                        relates the key and values.'
+                                      properties:
+                                        key:
+                                          description: key is the label key that the
+                                            selector applies to.
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          description: 'operator represents a key''s
+                                            relationship to a set of values.
+
+                                            Valid operators are In, NotIn, Exists
+                                            and DoesNotExist.'
+                                          enum:
+                                            - In
+                                            - NotIn
+                                            - Exists
+                                            - DoesNotExist
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          description: 'values is an array of string
+                                            values. If the operator is In or NotIn,
+
+                                            the values array must be non-empty. If
+                                            the operator is Exists or DoesNotExist,
+
+                                            the values array must be empty. This array
+                                            is replaced during a strategic
+
+                                            merge patch.'
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  matchLabels:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    description: 'matchLabels is a map of {key,value}
+                                      pairs. A single {key,value} in the matchLabels
+
+                                      map is equivalent to an element of matchExpressions,
+                                      whose key field is "key", the
+
+                                      operator is "In", and the values array contains
+                                      only "value". The requirements are ANDed.'
+                                    nullable: true
+                                    type: object
+                                type: object
+                              namespaces:
+                                description: 'namespaces specifies a static list of
+                                  namespace names that the term applies to.
+
+                                  The term is applied to the union of the namespaces
+                                  listed in this field
+
+                                  and the ones selected by namespaceSelector.
+
+                                  null or empty namespaces list and null namespaceSelector
+                                  means "this pod''s namespace".'
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              topologyKey:
+                                description: 'This pod should be co-located (affinity)
+                                  or not co-located (anti-affinity) with the pods
+                                  matching
+
+                                  the labelSelector in the specified namespaces, where
+                                  co-located is defined as running on a node
+
+                                  whose value of the label with key topologyKey matches
+                                  that of any node on which any of the
+
+                                  selected pods is running.
+
+                                  Empty topologyKey is not allowed.'
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                  type: object
+                agentEnvVars:
+                  description: AgentEnvVars are extra environment variables to be
+                    added to the agent deployment.
+                  items:
+                    description: EnvVar represents an environment variable present
+                      in a Container.
+                    properties:
+                      name:
+                        description: Name of the environment variable. Must be a C_IDENTIFIER.
+                        nullable: true
+                        type: string
+                      value:
+                        description: 'Variable references $(VAR_NAME) are expanded
+
+                          using the previously defined environment variables in the
+                          container and
+
+                          any service environment variables. If a variable cannot
+                          be resolved,
+
+                          the reference in the input string will be unchanged. Double
+                          $$ are reduced
+
+                          to a single $, which allows for escaping the $(VAR_NAME)
+                          syntax: i.e.
+
+                          "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
+
+                          Escaped references will never be expanded, regardless of
+                          whether the variable
+
+                          exists or not.
+
+                          Defaults to "".'
+                        nullable: true
+                        type: string
+                      valueFrom:
+                        description: Source for the environment variable's value.
+                          Cannot be used if value is not empty.
+                        nullable: true
+                        properties:
+                          configMapKeyRef:
+                            description: Selects a key of a ConfigMap.
+                            nullable: true
+                            properties:
+                              key:
+                                description: The key to select.
+                                nullable: true
+                                type: string
+                              name:
+                                description: 'Name of the referent.
+
+                                  More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                nullable: true
+                                type: string
+                              optional:
+                                description: Specify whether the ConfigMap or its
+                                  key must be defined
+                                nullable: true
+                                type: boolean
+                            type: object
+                          fieldRef:
+                            description: 'Selects a field of the pod: supports metadata.name,
+                              metadata.namespace, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`,
+
+                              spec.nodeName, spec.serviceAccountName, status.hostIP,
+                              status.podIP, status.podIPs.'
+                            nullable: true
+                            properties:
+                              apiVersion:
+                                description: Version of the schema the FieldPath is
+                                  written in terms of, defaults to "v1".
+                                nullable: true
+                                type: string
+                              fieldPath:
+                                description: Path of the field to select in the specified
+                                  API version.
+                                nullable: true
+                                type: string
+                            type: object
+                          resourceFieldRef:
+                            description: 'Selects a resource of the container: only
+                              resources limits and requests
+
+                              (limits.cpu, limits.memory, limits.ephemeral-storage,
+                              requests.cpu, requests.memory and requests.ephemeral-storage)
+                              are currently supported.'
+                            nullable: true
+                            properties:
+                              containerName:
+                                description: 'Container name: required for volumes,
+                                  optional for env vars'
+                                nullable: true
+                                type: string
+                              divisor:
+                                description: Specifies the output format of the exposed
+                                  resources, defaults to "1"
+                                nullable: true
+                                type: string
+                              resource:
+                                description: 'Required: resource to select'
+                                nullable: true
+                                type: string
+                            type: object
+                          secretKeyRef:
+                            description: Selects a key of a secret in the pod's namespace
+                            nullable: true
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                nullable: true
+                                type: string
+                              name:
+                                description: 'Name of the referent.
+
+                                  More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                nullable: true
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                nullable: true
+                                type: boolean
+                            type: object
+                        type: object
+                    type: object
+                  nullable: true
+                  type: array
+                agentNamespace:
+                  description: AgentNamespace defaults to the system namespace, e.g.
+                    cattle-fleet-system.
+                  nullable: true
+                  type: string
+                agentResources:
+                  description: AgentResources sets the resources for the cluster's
+                    agent deployment.
+                  nullable: true
+                  properties:
+                    claims:
+                      description: 'Claims lists the names of resources, defined in
+                        spec.resourceClaims,
+
+                        that are used by this container.
+
+
+
+                        This is an alpha field and requires enabling the
+
+                        DynamicResourceAllocation feature gate.
+
+
+
+                        This field is immutable. It can only be set for containers.'
+                      items:
+                        description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+                        properties:
+                          name:
+                            description: 'Name must match the name of one entry in
+                              pod.spec.resourceClaims of
+
+                              the Pod where this field is used. It makes that resource
+                              available
+
+                              inside a container.'
+                            nullable: true
+                            type: string
+                        type: object
+                      nullable: true
+                      type: array
+                    limits:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      description: 'Limits describes the maximum amount of compute
+                        resources allowed.
+
+                        More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                      nullable: true
+                      type: object
+                    requests:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      description: 'Requests describes the minimum amount of compute
+                        resources required.
+
+                        If Requests is omitted for a container, it defaults to Limits
+                        if that is explicitly specified,
+
+                        otherwise to an implementation-defined value. Requests cannot
+                        exceed Limits.
+
+                        More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                      nullable: true
+                      type: object
+                  type: object
+                agentTolerations:
+                  description: AgentTolerations defines an extra set of Tolerations
+                    to be added to the Agent deployment.
+                  items:
+                    description: 'The pod this Toleration is attached to tolerates
+                      any taint that matches
+
+                      the triple <key,value,effect> using the matching operator <operator>.'
+                    properties:
+                      effect:
+                        description: 'Effect indicates the taint effect to match.
+                          Empty means match all taint effects.
+
+                          When specified, allowed values are NoSchedule, PreferNoSchedule
+                          and NoExecute.'
+                        nullable: true
+                        type: string
+                      key:
+                        description: 'Key is the taint key that the toleration applies
+                          to. Empty means match all taint keys.
+
+                          If the key is empty, operator must be Exists; this combination
+                          means to match all values and all keys.'
+                        nullable: true
+                        type: string
+                      operator:
+                        description: 'Operator represents a key''s relationship to
+                          the value.
+
+                          Valid operators are Exists and Equal. Defaults to Equal.
+
+                          Exists is equivalent to wildcard for value, so that a pod
+                          can
+
+                          tolerate all taints of a particular category.'
+                        nullable: true
+                        type: string
+                      tolerationSeconds:
+                        description: 'TolerationSeconds represents the period of time
+                          the toleration (which must be
+
+                          of effect NoExecute, otherwise this field is ignored) tolerates
+                          the taint. By default,
+
+                          it is not set, which means tolerate the taint forever (do
+                          not evict). Zero and
+
+                          negative values will be treated as 0 (evict immediately)
+                          by the system.'
+                        maximum: 86400
+                        nullable: true
+                        type: integer
+                      value:
+                        description: 'Value is the taint value the toleration matches
+                          to.
+
+                          If the operator is Exists, the value should be empty, otherwise
+                          just a regular string.'
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                clientID:
+                  description: 'ClientID is a unique string that will identify the
+                    cluster. It can
+
+                    either be predefined, or generated when importing the cluster.'
+                  nullable: true
+                  type: string
+                kubeConfigSecret:
+                  description: 'KubeConfigSecret is the name of the secret containing
+                    the kubeconfig for the downstream cluster.
+
+                    It can optionally contain a APIServerURL and CA to override the
+
+                    values in the fleet-controller''s configmap.'
+                  nullable: true
+                  type: string
+                kubeConfigSecretNamespace:
+                  description: 'KubeConfigSecretNamespace is the namespace of the
+                    secret containing the kubeconfig for the downstream cluster.
+
+                    If unset, it will be assumed the secret can be found in the namespace
+                    that the Cluster object resides within.'
+                  nullable: true
+                  type: string
+                paused:
+                  description: Paused if set to true, will stop any BundleDeployments
+                    from being updated.
+                  type: boolean
+                privateRepoURL:
+                  description: PrivateRepoURL prefixes the image name and overrides
+                    a global repo URL from the agents config.
+                  nullable: true
+                  type: string
+                redeployAgentGeneration:
+                  description: RedeployAgentGeneration can be used to force redeploying
+                    the agent.
+                  type: integer
+                templateValues:
+                  description: TemplateValues defines a cluster specific mapping of
+                    values to be sent to fleet.yaml values templating.
+                  nullable: true
+                  type: object
+                  x-kubernetes-preserve-unknown-fields: true
+              type: object
+            status:
+              properties:
+                agent:
+                  description: AgentStatus contains information about the agent.
+                  properties:
+                    lastSeen:
+                      description: 'LastSeen is the last time the agent checked in
+                        to update the status
+
+                        of the cluster resource.'
+                      nullable: true
+                      type: string
+                    namespace:
+                      description: Namespace is the namespace of the agent deployment,
+                        e.g. "cattle-fleet-system".
+                      nullable: true
+                      type: string
+                    nonReadyNodeNames:
+                      description: 'NonReadyNode contains the names of non-ready nodes.
+                        The list is
+
+                        limited to at most 3 names.'
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                    nonReadyNodes:
+                      description: NonReadyNodes is the number of nodes that are not
+                        ready.
+                      type: integer
+                    readyNodeNames:
+                      description: 'ReadyNodes contains the names of ready nodes.
+                        The list is limited to
+
+                        at most 3 names.'
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                    readyNodes:
+                      description: ReadyNodes is the number of nodes that are ready.
+                      type: integer
+                  type: object
+                agentAffinityHash:
+                  description: 'AgentAffinityHash is a hash of the agent''s affinity
+                    configuration,
+
+                    used to detect changes.'
+                  nullable: true
+                  type: string
+                agentConfigChanged:
+                  description: 'AgentConfigChanged is set to true if any of the agent
+                    configuration
+
+                    changed, like the API server URL or CA. Setting it to true will
+
+                    trigger a re-import of the cluster.'
+                  type: boolean
+                agentDeployedGeneration:
+                  description: AgentDeployedGeneration is the generation of the agent
+                    that is currently deployed.
+                  nullable: true
+                  type: integer
+                agentEnvVarsHash:
+                  description: AgentEnvVarsHash is a hash of the agent's env vars,
+                    used to detect changes.
+                  nullable: true
+                  type: string
+                agentMigrated:
+                  description: 'AgentMigrated is always set to true after importing
+                    a cluster. If
+
+                    false, it will trigger a migration. Old agents don''t have
+
+                    this in their status.'
+                  type: boolean
+                agentNamespaceMigrated:
+                  description: 'AgentNamespaceMigrated is always set to true after
+                    importing a
+
+                    cluster. If false, it will trigger a migration. Old Fleet agents
+
+                    don''t have this in their status.'
+                  type: boolean
+                agentPrivateRepoURL:
+                  description: AgentPrivateRepoURL is the private repo URL for the
+                    agent that is currently used.
+                  nullable: true
+                  type: string
+                agentResourcesHash:
+                  description: 'AgentResourcesHash is a hash of the agent''s resources
+                    configuration,
+
+                    used to detect changes.'
+                  nullable: true
+                  type: string
+                agentTLSMode:
+                  description: 'AgentTLSMode supports two values: `system-store` and
+                    `strict`. If set to
+
+                    `system-store`, instructs the agent to trust CA bundles from the
+                    operating
+
+                    system''s store. If set to `strict`, then the agent shall only
+                    connect to a
+
+                    server which uses the exact CA configured when creating/updating
+                    the agent.'
+                  nullable: true
+                  type: string
+                agentTolerationsHash:
+                  description: 'AgentTolerationsHash is a hash of the agent''s tolerations
+
+                    configuration, used to detect changes.'
+                  nullable: true
+                  type: string
+                apiServerCAHash:
+                  description: APIServerCAHash is a hash of the upstream API server
+                    CA, used to detect changes.
+                  nullable: true
+                  type: string
+                apiServerURL:
+                  description: 'APIServerURL is the currently used URL of the API
+                    server that the
+
+                    cluster uses to connect to upstream.'
+                  nullable: true
+                  type: string
+                cattleNamespaceMigrated:
+                  description: 'CattleNamespaceMigrated is always set to true after
+                    importing a
+
+                    cluster. If false, it will trigger a migration. Old Fleet agents,
+
+                    don''t have this in their status.'
+                  type: boolean
+                conditions:
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        nullable: true
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        nullable: true
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        nullable: true
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        nullable: true
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        nullable: true
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                desiredReadyGitRepos:
+                  description: 'DesiredReadyGitRepos is the number of gitrepos for
+                    this cluster that
+
+                    are desired to be ready.'
+                  type: integer
+                display:
+                  description: Display contains the number of ready bundles, nodes
+                    and a summary state.
+                  properties:
+                    readyBundles:
+                      description: 'ReadyBundles is a string in the form "%d/%d",
+                        that describes the
+
+                        number of bundles that are ready vs. the number of bundles
+                        desired
+
+                        to be ready.'
+                      nullable: true
+                      type: string
+                    readyNodes:
+                      description: 'ReadyNodes is a string in the form "%d/%d", that
+                        describes the
+
+                        number of nodes that are ready vs. the number of expected
+                        nodes.'
+                      nullable: true
+                      type: string
+                    sampleNode:
+                      description: 'SampleNode is the name of one of the nodes that
+                        are ready. If no
+
+                        node is ready, it''s the name of a node that is not ready.'
+                      nullable: true
+                      type: string
+                    state:
+                      description: State of the cluster, either one of the bundle
+                        states, or "WaitCheckIn".
+                      nullable: true
+                      type: string
+                  type: object
+                namespace:
+                  description: 'Namespace is the cluster namespace, it contains the
+                    clusters service
+
+                    account as well as any bundledeployments. Example:
+
+                    "cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f"'
+                  nullable: true
+                  type: string
+                readyGitRepos:
+                  description: ReadyGitRepos is the number of gitrepos for this cluster
+                    that are ready.
+                  type: integer
+                resourceCounts:
+                  description: ResourceCounts is an aggregate over the GitRepoResourceCounts.
+                  properties:
+                    desiredReady:
+                      description: DesiredReady is the number of resources that should
+                        be ready.
+                      type: integer
+                    missing:
+                      description: Missing is the number of missing resources.
+                      type: integer
+                    modified:
+                      description: Modified is the number of resources that have been
+                        modified.
+                      type: integer
+                    notReady:
+                      description: 'NotReady is the number of not ready resources.
+                        Resources are not
+
+                        ready if they do not match any other state.'
+                      type: integer
+                    orphaned:
+                      description: Orphaned is the number of orphaned resources.
+                      type: integer
+                    ready:
+                      description: Ready is the number of ready resources.
+                      type: integer
+                    unknown:
+                      description: Unknown is the number of resources in an unknown
+                        state.
+                      type: integer
+                    waitApplied:
+                      description: WaitApplied is the number of resources that are
+                        waiting to be applied.
+                      type: integer
+                  type: object
+                summary:
+                  description: 'Summary is a summary of the bundledeployments. The
+                    resource counts
+
+                    are copied from the gitrepo resource.'
+                  properties:
+                    desiredReady:
+                      description: 'DesiredReady is the number of bundle deployments
+                        that should be
+
+                        ready.'
+                      type: integer
+                    errApplied:
+                      description: 'ErrApplied is the number of bundle deployments
+                        that have been synced
+
+                        from the Fleet controller and the downstream cluster, but
+                        with some
+
+                        errors when deploying the bundle.'
+                      type: integer
+                    modified:
+                      description: 'Modified is the number of bundle deployments that
+                        have been deployed
+
+                        and for which all resources are ready, but where some changes
+                        from the
+
+                        Git repository have not yet been synced.'
+                      type: integer
+                    nonReadyResources:
+                      description: 'NonReadyClusters is a list of states, which is
+                        filled for a bundle
+
+                        that is not ready.'
+                      items:
+                        description: 'NonReadyResource contains information about
+                          a bundle that is not ready for a
+
+                          given state like "ErrApplied". It contains a list of non-ready
+                          or modified
+
+                          resources and their states.'
+                        properties:
+                          bundleState:
+                            description: State is the state of the resource, like
+                              e.g. "NotReady" or "ErrApplied".
+                            nullable: true
+                            type: string
+                          message:
+                            description: Message contains information why the bundle
+                              is not ready.
+                            nullable: true
+                            type: string
+                          modifiedStatus:
+                            description: ModifiedStatus lists the state for each modified
+                              resource.
+                            items:
+                              description: 'ModifiedStatus is used to report the status
+                                of a resource that is modified.
+
+                                It indicates if the modification was a create, a delete
+                                or a patch.'
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                delete:
+                                  type: boolean
+                                kind:
+                                  nullable: true
+                                  type: string
+                                missing:
+                                  type: boolean
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                patch:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          name:
+                            description: Name is the name of the resource.
+                            nullable: true
+                            type: string
+                          nonReadyStatus:
+                            description: NonReadyStatus lists the state for each non-ready
+                              resource.
+                            items:
+                              description: NonReadyStatus is used to report the status
+                                of a resource that is not ready. It includes a summary.
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                kind:
+                                  nullable: true
+                                  type: string
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                summary:
+                                  properties:
+                                    error:
+                                      type: boolean
+                                    message:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    state:
+                                      nullable: true
+                                      type: string
+                                    transitioning:
+                                      type: boolean
+                                  type: object
+                                uid:
+                                  description: 'UID is a type that holds unique ID
+                                    values, including UUIDs.  Because we
+
+                                    don''t ONLY use UUIDs, this is an alias to string.  Being
+                                    a type captures
+
+                                    intent and helps make sure that UIDs and names
+                                    do not get conflated.'
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    notReady:
+                      description: 'NotReady is the number of bundle deployments that
+                        have been deployed
+
+                        where some resources are not ready.'
+                      type: integer
+                    outOfSync:
+                      description: 'OutOfSync is the number of bundle deployments
+                        that have been synced
+
+                        from Fleet controller, but not yet by the downstream agent.'
+                      type: integer
+                    pending:
+                      description: 'Pending is the number of bundle deployments that
+                        are being processed
+
+                        by Fleet controller.'
+                      type: integer
+                    ready:
+                      description: 'Ready is the number of bundle deployments that
+                        have been deployed
+
+                        where all resources are ready.'
+                      type: integer
+                    waitApplied:
+                      description: 'WaitApplied is the number of bundle deployments
+                        that have been
+
+                        synced from Fleet controller and downstream cluster, but are
+                        waiting
+
+                        to be deployed.'
+                      type: integer
+                  type: object
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: contents.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: Content
+    plural: contents
+    singular: content
+  preserveUnknownFields: false
+  scope: Cluster
+  versions:
+    - name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: 'Content is used internally by Fleet and should not be used
+            directly. It
+
+            contains the resources from a bundle for a specific target cluster.'
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            content:
+              description: 'Content is a byte array, which contains the manifests
+                of a bundle.
+
+                The bundle resources are copied into the bundledeployment''s content
+
+                resource, so the downstream agent can deploy them.'
+              nullable: true
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+          type: object
+      served: true
+      storage: true
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: gitreporestrictions.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    kind: GitRepoRestriction
+    plural: gitreporestrictions
+    singular: gitreporestriction
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .defaultServiceAccount
+          name: Default-ServiceAccount
+          type: string
+        - jsonPath: .allowedServiceAccounts
+          name: Allowed-ServiceAccounts
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: 'GitRepoRestriction is a resource that can optionally be used
+            to restrict
+
+            the options of GitRepos in the same namespace.'
+          properties:
+            allowedClientSecretNames:
+              description: AllowedClientSecretNames is a list of client secret names
+                that GitRepos are allowed to use.
+              items:
+                nullable: true
+                type: string
+              nullable: true
+              type: array
+            allowedRepoPatterns:
+              description: 'AllowedRepoPatterns is a list of regex patterns that restrict
+                the
+
+                valid values of the Repo field of a GitRepo.'
+              items:
+                nullable: true
+                type: string
+              nullable: true
+              type: array
+            allowedServiceAccounts:
+              description: AllowedServiceAccounts is a list of service accounts that
+                GitRepos are allowed to use.
+              items:
+                nullable: true
+                type: string
+              nullable: true
+              type: array
+            allowedTargetNamespaces:
+              description: 'AllowedTargetNamespaces restricts TargetNamespace to the
+                given
+
+                namespaces. If AllowedTargetNamespaces is set, TargetNamespace must
+
+                be set.'
+              items:
+                nullable: true
+                type: string
+              nullable: true
+              type: array
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            defaultClientSecretName:
+              description: DefaultClientSecretName overrides the GitRepo's default
+                client secret.
+              nullable: true
+              type: string
+            defaultServiceAccount:
+              description: DefaultServiceAccount overrides the GitRepo's default service
+                account.
+              nullable: true
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: gitrepos.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    categories:
+      - fleet
+    kind: GitRepo
+    plural: gitrepos
+    singular: gitrepo
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .spec.repo
+          name: Repo
+          type: string
+        - jsonPath: .status.commit
+          name: Commit
+          type: string
+        - jsonPath: .status.display.readyBundleDeployments
+          name: BundleDeployments-Ready
+          type: string
+        - jsonPath: .status.conditions[?(@.type=="Ready")].message
+          name: Status
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: 'GitRepo describes a git repository that is watched by Fleet.
+
+            The resource contains the necessary information to deploy the repo, or
+            parts
+
+            of it, to target clusters.'
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              properties:
+                branch:
+                  description: Branch The git branch to follow.
+                  nullable: true
+                  type: string
+                caBundle:
+                  description: CABundle is a PEM encoded CA bundle which will be used
+                    to validate the repo's certificate.
+                  nullable: true
+                  type: string
+                clientSecretName:
+                  description: 'ClientSecretName is the name of the client secret
+                    to be used to connect to the repo
+
+                    It is expected the secret be of type "kubernetes.io/basic-auth"
+                    or "kubernetes.io/ssh-auth".'
+                  nullable: true
+                  type: string
+                correctDrift:
+                  description: CorrectDrift specifies how drift correction should
+                    work.
+                  nullable: true
+                  properties:
+                    enabled:
+                      description: Enabled correct drift if true.
+                      type: boolean
+                    force:
+                      description: Force helm rollback with --force option will be
+                        used if true. This will try to recreate all resources in the
+                        release.
+                      type: boolean
+                    keepFailHistory:
+                      description: KeepFailHistory keeps track of failed rollbacks
+                        in the helm history.
+                      type: boolean
+                  type: object
+                forceSyncGeneration:
+                  description: Increment this number to force a redeployment of contents
+                    from Git.
+                  type: integer
+                helmRepoURLRegex:
+                  description: 'HelmRepoURLRegex Helm credentials will be used if
+                    the helm repo matches this regex
+
+                    Credentials will always be used if this is empty or not provided.'
+                  nullable: true
+                  type: string
+                helmSecretName:
+                  description: HelmSecretName contains the auth secret for a private
+                    Helm repository.
+                  nullable: true
+                  type: string
+                helmSecretNameForPaths:
+                  description: HelmSecretNameForPaths contains the auth secret for
+                    private Helm repository for each path.
+                  nullable: true
+                  type: string
+                imageScanCommit:
+                  description: Commit specifies how to commit to the git repo when
+                    a new image is scanned and written back to git repo.
+                  properties:
+                    authorEmail:
+                      description: AuthorEmail gives the email to provide when making
+                        a commit
+                      nullable: true
+                      type: string
+                    authorName:
+                      description: AuthorName gives the name to provide when making
+                        a commit
+                      nullable: true
+                      type: string
+                    messageTemplate:
+                      description: 'MessageTemplate provides a template for the commit
+                        message,
+
+                        into which will be interpolated the details of the change
+                        made.'
+                      nullable: true
+                      type: string
+                  type: object
+                imageScanInterval:
+                  description: ImageScanInterval is the interval of syncing scanned
+                    images and writing back to git repo.
+                  nullable: true
+                  type: string
+                insecureSkipTLSVerify:
+                  description: InsecureSkipTLSverify will use insecure HTTPS to clone
+                    the repo.
+                  type: boolean
+                keepResources:
+                  description: KeepResources specifies if the resources created must
+                    be kept after deleting the GitRepo.
+                  type: boolean
+                paths:
+                  description: 'Paths is the directories relative to the git repo
+                    root that contain resources to be applied.
+
+                    Path globbing is supported, for example ["charts/*"] will match
+                    all folders as a subdirectory of charts/
+
+                    If empty, "/" is the default.'
+                  items:
+                    nullable: true
+                    type: string
+                  nullable: true
+                  type: array
+                paused:
+                  description: 'Paused, when true, causes changes in Git not to be
+                    propagated down to the clusters but instead to mark
+
+                    resources as OutOfSync.'
+                  type: boolean
+                pollingInterval:
+                  description: PollingInterval is how often to check git for new updates.
+                  nullable: true
+                  type: string
+                repo:
+                  description: Repo is a URL to a git repo to clone and index.
+                  nullable: true
+                  type: string
+                revision:
+                  description: Revision A specific commit or tag to operate on.
+                  nullable: true
+                  type: string
+                serviceAccount:
+                  description: ServiceAccount used in the downstream cluster for deployment.
+                  nullable: true
+                  type: string
+                targetNamespace:
+                  description: 'Ensure that all resources are created in this namespace
+
+                    Any cluster scoped resource will be rejected if this is set
+
+                    Additionally this namespace will be created on demand.'
+                  nullable: true
+                  type: string
+                targets:
+                  description: Targets is a list of targets this repo will deploy
+                    to.
+                  items:
+                    description: GitTarget is a cluster or cluster group to deploy
+                      to.
+                    properties:
+                      clusterGroup:
+                        description: ClusterGroup is the name of a cluster group in
+                          the same namespace as the clusters.
+                        nullable: true
+                        type: string
+                      clusterGroupSelector:
+                        description: ClusterGroupSelector is a label selector to select
+                          cluster groups.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: 'A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+
+                                relates the key and values.'
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  description: 'operator represents a key''s relationship
+                                    to a set of values.
+
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.'
+                                  nullable: true
+                                  type: string
+                                values:
+                                  description: 'values is an array of string values.
+                                    If the operator is In or NotIn,
+
+                                    the values array must be non-empty. If the operator
+                                    is Exists or DoesNotExist,
+
+                                    the values array must be empty. This array is
+                                    replaced during a strategic
+
+                                    merge patch.'
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            description: 'matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels
+
+                              map is equivalent to an element of matchExpressions,
+                              whose key field is "key", the
+
+                              operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.'
+                            nullable: true
+                            type: object
+                        type: object
+                      clusterName:
+                        description: ClusterName is the name of a cluster.
+                        nullable: true
+                        type: string
+                      clusterSelector:
+                        description: ClusterSelector is a label selector to select
+                          clusters.
+                        nullable: true
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: 'A label selector requirement is a selector
+                                that contains values, a key, and an operator that
+
+                                relates the key and values.'
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  description: 'operator represents a key''s relationship
+                                    to a set of values.
+
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.'
+                                  nullable: true
+                                  type: string
+                                values:
+                                  description: 'values is an array of string values.
+                                    If the operator is In or NotIn,
+
+                                    the values array must be non-empty. If the operator
+                                    is Exists or DoesNotExist,
+
+                                    the values array must be empty. This array is
+                                    replaced during a strategic
+
+                                    merge patch.'
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                              type: object
+                            nullable: true
+                            type: array
+                          matchLabels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            description: 'matchLabels is a map of {key,value} pairs.
+                              A single {key,value} in the matchLabels
+
+                              map is equivalent to an element of matchExpressions,
+                              whose key field is "key", the
+
+                              operator is "In", and the values array contains only
+                              "value". The requirements are ANDed.'
+                            nullable: true
+                            type: object
+                        type: object
+                      name:
+                        description: Name is the name of this target.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+              type: object
+            status:
+              properties:
+                commit:
+                  description: Commit is the Git commit hash from the last gitjob
+                    run.
+                  nullable: true
+                  type: string
+                conditions:
+                  description: 'Conditions is a list of Wrangler conditions that describe
+                    the state
+
+                    of the GitRepo.'
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        nullable: true
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        nullable: true
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        nullable: true
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        nullable: true
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        nullable: true
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                desiredReadyClusters:
+                  description: "DesiredReadyClusters\tis the number of clusters that\
+                    \ should be ready for bundles of this GitRepo."
+                  type: integer
+                display:
+                  description: Display contains a human readable summary of the status.
+                  properties:
+                    error:
+                      description: Error is true if a message is present.
+                      type: boolean
+                    message:
+                      description: Message contains the relevant message from the
+                        deployment conditions.
+                      nullable: true
+                      type: string
+                    readyBundleDeployments:
+                      description: 'ReadyBundleDeployments is a string in the form
+                        "%d/%d", that describes the
+
+                        number of ready bundledeployments over the total number of
+                        bundledeployments.'
+                      nullable: true
+                      type: string
+                    state:
+                      description: 'State is the state of the GitRepo, e.g. "GitUpdating"
+                        or the maximal
+
+                        BundleState according to StateRank.'
+                      nullable: true
+                      type: string
+                  type: object
+                gitJobStatus:
+                  description: GitJobStatus is the status of the last GitJob run,
+                    e.g. "Current" if there was no error.
+                  nullable: true
+                  type: string
+                lastSyncedImageScanTime:
+                  description: LastSyncedImageScanTime is the time of the last image
+                    scan.
+                  nullable: true
+                  type: string
+                observedGeneration:
+                  description: 'ObservedGeneration is the current generation of the
+                    resource in the cluster. It is copied from k8s
+
+                    metadata.Generation. The value is incremented for all changes,
+                    except for changes to .metadata or .status.'
+                  type: integer
+                readyClusters:
+                  description: 'ReadyClusters is the lowest number of clusters that
+                    are ready over
+
+                    all the bundles of this GitRepo.'
+                  type: integer
+                resourceCounts:
+                  description: ResourceCounts contains the number of resources in
+                    each state over all bundles.
+                  properties:
+                    desiredReady:
+                      description: DesiredReady is the number of resources that should
+                        be ready.
+                      type: integer
+                    missing:
+                      description: Missing is the number of missing resources.
+                      type: integer
+                    modified:
+                      description: Modified is the number of resources that have been
+                        modified.
+                      type: integer
+                    notReady:
+                      description: 'NotReady is the number of not ready resources.
+                        Resources are not
+
+                        ready if they do not match any other state.'
+                      type: integer
+                    orphaned:
+                      description: Orphaned is the number of orphaned resources.
+                      type: integer
+                    ready:
+                      description: Ready is the number of ready resources.
+                      type: integer
+                    unknown:
+                      description: Unknown is the number of resources in an unknown
+                        state.
+                      type: integer
+                    waitApplied:
+                      description: WaitApplied is the number of resources that are
+                        waiting to be applied.
+                      type: integer
+                  type: object
+                resourceErrors:
+                  description: ResourceErrors is a sorted list of errors from the
+                    resources.
+                  items:
+                    nullable: true
+                    type: string
+                  nullable: true
+                  type: array
+                resources:
+                  description: Resources contains metadata about the resources of
+                    each bundle.
+                  items:
+                    description: GitRepoResource contains metadata about the resources
+                      of a bundle.
+                    properties:
+                      apiVersion:
+                        description: APIVersion is the API version of the resource.
+                        nullable: true
+                        type: string
+                      error:
+                        description: Error is true if any Error in the PerClusterState
+                          is true.
+                        type: boolean
+                      id:
+                        description: ID is the name of the resource, e.g. "namespace1/my-config"
+                          or "backingimagemanagers.storage.io".
+                        nullable: true
+                        type: string
+                      incompleteState:
+                        description: 'IncompleteState is true if a bundle summary
+                          has 10 or more non-ready
+
+                          resources or a non-ready resource has more 10 or more non-ready
+                          or
+
+                          modified states.'
+                        type: boolean
+                      kind:
+                        description: Kind is the k8s kind of the resource.
+                        nullable: true
+                        type: string
+                      message:
+                        description: Message is the first message from the PerClusterStates.
+                        nullable: true
+                        type: string
+                      name:
+                        description: Name of the resource.
+                        nullable: true
+                        type: string
+                      namespace:
+                        description: Namespace of the resource.
+                        nullable: true
+                        type: string
+                      perClusterState:
+                        description: PerClusterState is a list of states for each
+                          cluster. Derived from the summaries non-ready resources.
+                        items:
+                          description: ResourcePerClusterState is generated for each
+                            non-ready resource of the bundles.
+                          properties:
+                            clusterId:
+                              description: ClusterID is the id of the cluster.
+                              nullable: true
+                              type: string
+                            error:
+                              description: Error is true if the resource is in an
+                                error state, copied from the bundle's summary for
+                                non-ready resources.
+                              type: boolean
+                            message:
+                              description: Message combines the messages from the
+                                bundle's summary. Messages are joined with the delimiter
+                                ';'.
+                              nullable: true
+                              type: string
+                            patch:
+                              description: Patch for modified resources.
+                              nullable: true
+                              type: object
+                              x-kubernetes-preserve-unknown-fields: true
+                            state:
+                              description: State is the state of the resource.
+                              nullable: true
+                              type: string
+                            transitioning:
+                              description: 'Transitioning is true if the resource
+                                is in a transitioning state,
+
+                                copied from the bundle''s summary for non-ready resources.'
+                              type: boolean
+                          type: object
+                        nullable: true
+                        type: array
+                      state:
+                        description: State is the state of the resource, e.g. "Unknown",
+                          "WaitApplied", "ErrApplied" or "Ready".
+                        nullable: true
+                        type: string
+                      transitioning:
+                        description: Transitioning is true if any Transitioning in
+                          the PerClusterState is true.
+                        type: boolean
+                      type:
+                        description: Type is the type of the resource, e.g. "apiextensions.k8s.io.customresourcedefinition"
+                          or "configmap".
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                summary:
+                  description: Summary contains the number of bundle deployments in
+                    each state and a list of non-ready resources.
+                  properties:
+                    desiredReady:
+                      description: 'DesiredReady is the number of bundle deployments
+                        that should be
+
+                        ready.'
+                      type: integer
+                    errApplied:
+                      description: 'ErrApplied is the number of bundle deployments
+                        that have been synced
+
+                        from the Fleet controller and the downstream cluster, but
+                        with some
+
+                        errors when deploying the bundle.'
+                      type: integer
+                    modified:
+                      description: 'Modified is the number of bundle deployments that
+                        have been deployed
+
+                        and for which all resources are ready, but where some changes
+                        from the
+
+                        Git repository have not yet been synced.'
+                      type: integer
+                    nonReadyResources:
+                      description: 'NonReadyClusters is a list of states, which is
+                        filled for a bundle
+
+                        that is not ready.'
+                      items:
+                        description: 'NonReadyResource contains information about
+                          a bundle that is not ready for a
+
+                          given state like "ErrApplied". It contains a list of non-ready
+                          or modified
+
+                          resources and their states.'
+                        properties:
+                          bundleState:
+                            description: State is the state of the resource, like
+                              e.g. "NotReady" or "ErrApplied".
+                            nullable: true
+                            type: string
+                          message:
+                            description: Message contains information why the bundle
+                              is not ready.
+                            nullable: true
+                            type: string
+                          modifiedStatus:
+                            description: ModifiedStatus lists the state for each modified
+                              resource.
+                            items:
+                              description: 'ModifiedStatus is used to report the status
+                                of a resource that is modified.
+
+                                It indicates if the modification was a create, a delete
+                                or a patch.'
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                delete:
+                                  type: boolean
+                                kind:
+                                  nullable: true
+                                  type: string
+                                missing:
+                                  type: boolean
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                patch:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          name:
+                            description: Name is the name of the resource.
+                            nullable: true
+                            type: string
+                          nonReadyStatus:
+                            description: NonReadyStatus lists the state for each non-ready
+                              resource.
+                            items:
+                              description: NonReadyStatus is used to report the status
+                                of a resource that is not ready. It includes a summary.
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                kind:
+                                  nullable: true
+                                  type: string
+                                name:
+                                  nullable: true
+                                  type: string
+                                namespace:
+                                  nullable: true
+                                  type: string
+                                summary:
+                                  properties:
+                                    error:
+                                      type: boolean
+                                    message:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    state:
+                                      nullable: true
+                                      type: string
+                                    transitioning:
+                                      type: boolean
+                                  type: object
+                                uid:
+                                  description: 'UID is a type that holds unique ID
+                                    values, including UUIDs.  Because we
+
+                                    don''t ONLY use UUIDs, this is an alias to string.  Being
+                                    a type captures
+
+                                    intent and helps make sure that UIDs and names
+                                    do not get conflated.'
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    notReady:
+                      description: 'NotReady is the number of bundle deployments that
+                        have been deployed
+
+                        where some resources are not ready.'
+                      type: integer
+                    outOfSync:
+                      description: 'OutOfSync is the number of bundle deployments
+                        that have been synced
+
+                        from Fleet controller, but not yet by the downstream agent.'
+                      type: integer
+                    pending:
+                      description: 'Pending is the number of bundle deployments that
+                        are being processed
+
+                        by Fleet controller.'
+                      type: integer
+                    ready:
+                      description: 'Ready is the number of bundle deployments that
+                        have been deployed
+
+                        where all resources are ready.'
+                      type: integer
+                    waitApplied:
+                      description: 'WaitApplied is the number of bundle deployments
+                        that have been
+
+                        synced from Fleet controller and downstream cluster, but are
+                        waiting
+
+                        to be deployed.'
+                      type: integer
+                  type: object
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: imagescans.fleet.cattle.io
+spec:
+  group: fleet.cattle.io
+  names:
+    categories:
+      - fleet
+    kind: ImageScan
+    plural: imagescans
+    singular: imagescan
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+    - additionalPrinterColumns:
+        - jsonPath: .spec.image
+          name: Repository
+          type: string
+        - jsonPath: .status.latestTag
+          name: Latest
+          type: string
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation
+                of an object.
+
+                Servers should convert recognized schemas to the latest internal value,
+                and
+
+                may reject unrecognized values.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource
+                this object represents.
+
+                Servers may infer this from the endpoint the client submits requests
+                to.
+
+                Cannot be updated.
+
+                In CamelCase.
+
+                More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              description: API is taken from https://github.com/fluxcd/image-reflector-controller
+              properties:
+                gitrepoName:
+                  description: GitRepo reference name
+                  nullable: true
+                  type: string
+                image:
+                  description: Image is the name of the image repository
+                  nullable: true
+                  type: string
+                interval:
+                  description: 'Interval is the length of time to wait between
+
+                    scans of the image repository.'
+                  nullable: true
+                  type: string
+                policy:
+                  description: 'Policy gives the particulars of the policy to be followed
+                    in
+
+                    selecting the most recent image'
+                  properties:
+                    alphabetical:
+                      description: Alphabetical set of rules to use for alphabetical
+                        ordering of the tags.
+                      nullable: true
+                      properties:
+                        order:
+                          description: 'Order specifies the sorting order of the tags.
+                            Given the letters of the
+
+                            alphabet as tags, ascending order would select Z, and
+                            descending order
+
+                            would select A.'
+                          nullable: true
+                          type: string
+                      type: object
+                    semver:
+                      description: 'SemVer gives a semantic version range to check
+                        against the tags
+
+                        available.'
+                      nullable: true
+                      properties:
+                        range:
+                          description: 'Range gives a semver range for the image tag;
+                            the highest
+
+                            version within the range that''s a tag yields the latest
+                            image.'
+                          nullable: true
+                          type: string
+                      type: object
+                  type: object
+                secretRef:
+                  description: 'SecretRef can be given the name of a secret containing
+
+                    credentials to use for the image registry. The secret should be
+
+                    created with `kubectl create secret docker-registry`, or the
+
+                    equivalent.'
+                  nullable: true
+                  properties:
+                    name:
+                      description: 'Name of the referent.
+
+                        More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+                        TODO: Add other useful fields. apiVersion, kind, uid?'
+                      nullable: true
+                      type: string
+                  type: object
+                suspend:
+                  description: 'This flag tells the controller to suspend subsequent
+                    image scans.
+
+                    It does not apply to already started scans. Defaults to false.'
+                  type: boolean
+                tagName:
+                  description: TagName is the tag ref that needs to be put in manifest
+                    to replace fields
+                  nullable: true
+                  type: string
+              type: object
+            status:
+              properties:
+                canonicalImageName:
+                  description: 'CanonicalName is the name of the image repository
+                    with all the
+
+                    implied bits made explicit; e.g., `docker.io/library/alpine`
+
+                    rather than `alpine`.'
+                  nullable: true
+                  type: string
+                conditions:
+                  items:
+                    properties:
+                      lastTransitionTime:
+                        description: Last time the condition transitioned from one
+                          status to another.
+                        nullable: true
+                        type: string
+                      lastUpdateTime:
+                        description: The last time this condition was updated.
+                        nullable: true
+                        type: string
+                      message:
+                        description: Human-readable message indicating details about
+                          last transition
+                        nullable: true
+                        type: string
+                      reason:
+                        description: The reason for the condition's last transition.
+                        nullable: true
+                        type: string
+                      status:
+                        description: Status of the condition, one of True, False,
+                          Unknown.
+                        nullable: true
+                        type: string
+                      type:
+                        description: Type of cluster condition.
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                lastScanTime:
+                  description: LastScanTime is the last time image was scanned
+                  nullable: true
+                  type: string
+                latestDigest:
+                  description: LatestDigest is the digest of latest tag
+                  nullable: true
+                  type: string
+                latestImage:
+                  description: 'LatestImage gives the first in the list of images
+                    scanned by
+
+                    the image repository, when filtered and ordered according to
+
+                    the policy.'
+                  nullable: true
+                  type: string
+                latestTag:
+                  description: Latest tag is the latest tag filtered by the policy
+                  nullable: true
+                  type: string
+                observedGeneration:
+                  type: integer
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
diff --git a/charts/fleet-crd/103.1.13+up0.9.15/templates/gitjobs-crds.yaml b/charts/fleet-crd/103.1.13+up0.9.15/templates/gitjobs-crds.yaml
new file mode 100644
index 0000000000..b5296dbaf5
--- /dev/null
+++ b/charts/fleet-crd/103.1.13+up0.9.15/templates/gitjobs-crds.yaml
@@ -0,0 +1,7690 @@
+{{- if .Capabilities.APIVersions.Has "apiextensions.k8s.io/v1" -}}
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: gitjobs.gitjob.cattle.io
+spec:
+  group: gitjob.cattle.io
+  names:
+    kind: GitJob
+    plural: gitjobs
+    singular: gitjob
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .spec.git.repo
+      name: REPO
+      type: string
+    - jsonPath: .spec.git.branch
+      name: BRANCH
+      type: string
+    - jsonPath: .status.commit
+      name: COMMIT
+      type: string
+    - jsonPath: .status.jobStatus
+      name: JOBSTATUS
+      type: string
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    name: v1
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              forceUpdateGeneration:
+                type: integer
+              git:
+                properties:
+                  branch:
+                    nullable: true
+                    type: string
+                  caBundle:
+                    nullable: true
+                    type: string
+                  clientSecretName:
+                    nullable: true
+                    type: string
+                  insecureSkipTLSVerify:
+                    type: boolean
+                  onTag:
+                    nullable: true
+                    type: string
+                  provider:
+                    nullable: true
+                    type: string
+                  repo:
+                    nullable: true
+                    type: string
+                  revision:
+                    nullable: true
+                    type: string
+                type: object
+              jobSpec:
+                properties:
+                  activeDeadlineSeconds:
+                    nullable: true
+                    type: integer
+                  backoffLimit:
+                    nullable: true
+                    type: integer
+                  backoffLimitPerIndex:
+                    nullable: true
+                    type: integer
+                  completionMode:
+                    nullable: true
+                    type: string
+                  completions:
+                    nullable: true
+                    type: integer
+                  manualSelector:
+                    nullable: true
+                    type: boolean
+                  maxFailedIndexes:
+                    nullable: true
+                    type: integer
+                  parallelism:
+                    nullable: true
+                    type: integer
+                  podFailurePolicy:
+                    nullable: true
+                    properties:
+                      rules:
+                        items:
+                          properties:
+                            action:
+                              nullable: true
+                              type: string
+                            onExitCodes:
+                              nullable: true
+                              properties:
+                                containerName:
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  nullable: true
+                                  type: string
+                                values:
+                                  items:
+                                    type: integer
+                                  nullable: true
+                                  type: array
+                              type: object
+                            onPodConditions:
+                              items:
+                                properties:
+                                  status:
+                                    nullable: true
+                                    type: string
+                                  type:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              nullable: true
+                              type: array
+                          type: object
+                        nullable: true
+                        type: array
+                    type: object
+                  podReplacementPolicy:
+                    nullable: true
+                    type: string
+                  selector:
+                    nullable: true
+                    properties:
+                      matchExpressions:
+                        items:
+                          properties:
+                            key:
+                              nullable: true
+                              type: string
+                            operator:
+                              nullable: true
+                              type: string
+                            values:
+                              items:
+                                nullable: true
+                                type: string
+                              nullable: true
+                              type: array
+                          type: object
+                        nullable: true
+                        type: array
+                      matchLabels:
+                        additionalProperties:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: object
+                    type: object
+                  suspend:
+                    nullable: true
+                    type: boolean
+                  template:
+                    properties:
+                      metadata:
+                        properties:
+                          annotations:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: object
+                          creationTimestamp:
+                            nullable: true
+                            type: string
+                          deletionGracePeriodSeconds:
+                            nullable: true
+                            type: integer
+                          deletionTimestamp:
+                            nullable: true
+                            type: string
+                          finalizers:
+                            items:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: array
+                          generateName:
+                            nullable: true
+                            type: string
+                          generation:
+                            type: integer
+                          labels:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: object
+                          managedFields:
+                            items:
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                fieldsType:
+                                  nullable: true
+                                  type: string
+                                fieldsV1:
+                                  nullable: true
+                                  type: object
+                                manager:
+                                  nullable: true
+                                  type: string
+                                operation:
+                                  nullable: true
+                                  type: string
+                                subresource:
+                                  nullable: true
+                                  type: string
+                                time:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          name:
+                            nullable: true
+                            type: string
+                          namespace:
+                            nullable: true
+                            type: string
+                          ownerReferences:
+                            items:
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                blockOwnerDeletion:
+                                  nullable: true
+                                  type: boolean
+                                controller:
+                                  nullable: true
+                                  type: boolean
+                                kind:
+                                  nullable: true
+                                  type: string
+                                name:
+                                  nullable: true
+                                  type: string
+                                uid:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          resourceVersion:
+                            nullable: true
+                            type: string
+                          selfLink:
+                            nullable: true
+                            type: string
+                          uid:
+                            nullable: true
+                            type: string
+                        type: object
+                      spec:
+                        properties:
+                          activeDeadlineSeconds:
+                            nullable: true
+                            type: integer
+                          affinity:
+                            nullable: true
+                            properties:
+                              nodeAffinity:
+                                nullable: true
+                                properties:
+                                  preferredDuringSchedulingIgnoredDuringExecution:
+                                    items:
+                                      properties:
+                                        preference:
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  operator:
+                                                    nullable: true
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      nullable: true
+                                                      type: string
+                                                    nullable: true
+                                                    type: array
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            matchFields:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  operator:
+                                                    nullable: true
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      nullable: true
+                                                      type: string
+                                                    nullable: true
+                                                    type: array
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        weight:
+                                          type: integer
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  requiredDuringSchedulingIgnoredDuringExecution:
+                                    nullable: true
+                                    properties:
+                                      nodeSelectorTerms:
+                                        items:
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  operator:
+                                                    nullable: true
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      nullable: true
+                                                      type: string
+                                                    nullable: true
+                                                    type: array
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            matchFields:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  operator:
+                                                    nullable: true
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      nullable: true
+                                                      type: string
+                                                    nullable: true
+                                                    type: array
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                type: object
+                              podAffinity:
+                                nullable: true
+                                properties:
+                                  preferredDuringSchedulingIgnoredDuringExecution:
+                                    items:
+                                      properties:
+                                        podAffinityTerm:
+                                          properties:
+                                            labelSelector:
+                                              nullable: true
+                                              properties:
+                                                matchExpressions:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        nullable: true
+                                                        type: string
+                                                      operator:
+                                                        nullable: true
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          nullable: true
+                                                          type: string
+                                                        nullable: true
+                                                        type: array
+                                                    type: object
+                                                  nullable: true
+                                                  type: array
+                                                matchLabels:
+                                                  additionalProperties:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: object
+                                              type: object
+                                            namespaceSelector:
+                                              nullable: true
+                                              properties:
+                                                matchExpressions:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        nullable: true
+                                                        type: string
+                                                      operator:
+                                                        nullable: true
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          nullable: true
+                                                          type: string
+                                                        nullable: true
+                                                        type: array
+                                                    type: object
+                                                  nullable: true
+                                                  type: array
+                                                matchLabels:
+                                                  additionalProperties:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: object
+                                              type: object
+                                            namespaces:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                            topologyKey:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        weight:
+                                          type: integer
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  requiredDuringSchedulingIgnoredDuringExecution:
+                                    items:
+                                      properties:
+                                        labelSelector:
+                                          nullable: true
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  operator:
+                                                    nullable: true
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      nullable: true
+                                                      type: string
+                                                    nullable: true
+                                                    type: array
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            matchLabels:
+                                              additionalProperties:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: object
+                                          type: object
+                                        namespaceSelector:
+                                          nullable: true
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  operator:
+                                                    nullable: true
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      nullable: true
+                                                      type: string
+                                                    nullable: true
+                                                    type: array
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            matchLabels:
+                                              additionalProperties:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: object
+                                          type: object
+                                        namespaces:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                        topologyKey:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                type: object
+                              podAntiAffinity:
+                                nullable: true
+                                properties:
+                                  preferredDuringSchedulingIgnoredDuringExecution:
+                                    items:
+                                      properties:
+                                        podAffinityTerm:
+                                          properties:
+                                            labelSelector:
+                                              nullable: true
+                                              properties:
+                                                matchExpressions:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        nullable: true
+                                                        type: string
+                                                      operator:
+                                                        nullable: true
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          nullable: true
+                                                          type: string
+                                                        nullable: true
+                                                        type: array
+                                                    type: object
+                                                  nullable: true
+                                                  type: array
+                                                matchLabels:
+                                                  additionalProperties:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: object
+                                              type: object
+                                            namespaceSelector:
+                                              nullable: true
+                                              properties:
+                                                matchExpressions:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        nullable: true
+                                                        type: string
+                                                      operator:
+                                                        nullable: true
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          nullable: true
+                                                          type: string
+                                                        nullable: true
+                                                        type: array
+                                                    type: object
+                                                  nullable: true
+                                                  type: array
+                                                matchLabels:
+                                                  additionalProperties:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: object
+                                              type: object
+                                            namespaces:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                            topologyKey:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        weight:
+                                          type: integer
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  requiredDuringSchedulingIgnoredDuringExecution:
+                                    items:
+                                      properties:
+                                        labelSelector:
+                                          nullable: true
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  operator:
+                                                    nullable: true
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      nullable: true
+                                                      type: string
+                                                    nullable: true
+                                                    type: array
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            matchLabels:
+                                              additionalProperties:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: object
+                                          type: object
+                                        namespaceSelector:
+                                          nullable: true
+                                          properties:
+                                            matchExpressions:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  operator:
+                                                    nullable: true
+                                                    type: string
+                                                  values:
+                                                    items:
+                                                      nullable: true
+                                                      type: string
+                                                    nullable: true
+                                                    type: array
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            matchLabels:
+                                              additionalProperties:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: object
+                                          type: object
+                                        namespaces:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                        topologyKey:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                type: object
+                            type: object
+                          automountServiceAccountToken:
+                            nullable: true
+                            type: boolean
+                          containers:
+                            items:
+                              properties:
+                                args:
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                command:
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                env:
+                                  items:
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      value:
+                                        nullable: true
+                                        type: string
+                                      valueFrom:
+                                        nullable: true
+                                        properties:
+                                          configMapKeyRef:
+                                            nullable: true
+                                            properties:
+                                              key:
+                                                nullable: true
+                                                type: string
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              optional:
+                                                nullable: true
+                                                type: boolean
+                                            type: object
+                                          fieldRef:
+                                            nullable: true
+                                            properties:
+                                              apiVersion:
+                                                nullable: true
+                                                type: string
+                                              fieldPath:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          resourceFieldRef:
+                                            nullable: true
+                                            properties:
+                                              containerName:
+                                                nullable: true
+                                                type: string
+                                              divisor:
+                                                nullable: true
+                                                type: string
+                                              resource:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          secretKeyRef:
+                                            nullable: true
+                                            properties:
+                                              key:
+                                                nullable: true
+                                                type: string
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              optional:
+                                                nullable: true
+                                                type: boolean
+                                            type: object
+                                        type: object
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                envFrom:
+                                  items:
+                                    properties:
+                                      configMapRef:
+                                        nullable: true
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                          optional:
+                                            nullable: true
+                                            type: boolean
+                                        type: object
+                                      prefix:
+                                        nullable: true
+                                        type: string
+                                      secretRef:
+                                        nullable: true
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                          optional:
+                                            nullable: true
+                                            type: boolean
+                                        type: object
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                image:
+                                  nullable: true
+                                  type: string
+                                imagePullPolicy:
+                                  nullable: true
+                                  type: string
+                                lifecycle:
+                                  nullable: true
+                                  properties:
+                                    postStart:
+                                      nullable: true
+                                      properties:
+                                        exec:
+                                          nullable: true
+                                          properties:
+                                            command:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        httpGet:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    nullable: true
+                                                    type: string
+                                                  value:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            path:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        tcpSocket:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    preStop:
+                                      nullable: true
+                                      properties:
+                                        exec:
+                                          nullable: true
+                                          properties:
+                                            command:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        httpGet:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    nullable: true
+                                                    type: string
+                                                  value:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            path:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        tcpSocket:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                  type: object
+                                livenessProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                name:
+                                  nullable: true
+                                  type: string
+                                ports:
+                                  items:
+                                    properties:
+                                      containerPort:
+                                        type: integer
+                                      hostIP:
+                                        nullable: true
+                                        type: string
+                                      hostPort:
+                                        type: integer
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      protocol:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                readinessProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                resizePolicy:
+                                  items:
+                                    properties:
+                                      resourceName:
+                                        nullable: true
+                                        type: string
+                                      restartPolicy:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                resources:
+                                  properties:
+                                    claims:
+                                      items:
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                    limits:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                    requests:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                  type: object
+                                restartPolicy:
+                                  nullable: true
+                                  type: string
+                                securityContext:
+                                  nullable: true
+                                  properties:
+                                    allowPrivilegeEscalation:
+                                      nullable: true
+                                      type: boolean
+                                    capabilities:
+                                      nullable: true
+                                      properties:
+                                        add:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                        drop:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    privileged:
+                                      nullable: true
+                                      type: boolean
+                                    procMount:
+                                      nullable: true
+                                      type: string
+                                    readOnlyRootFilesystem:
+                                      nullable: true
+                                      type: boolean
+                                    runAsGroup:
+                                      nullable: true
+                                      type: integer
+                                    runAsNonRoot:
+                                      nullable: true
+                                      type: boolean
+                                    runAsUser:
+                                      nullable: true
+                                      type: integer
+                                    seLinuxOptions:
+                                      nullable: true
+                                      properties:
+                                        level:
+                                          nullable: true
+                                          type: string
+                                        role:
+                                          nullable: true
+                                          type: string
+                                        type:
+                                          nullable: true
+                                          type: string
+                                        user:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    seccompProfile:
+                                      nullable: true
+                                      properties:
+                                        localhostProfile:
+                                          nullable: true
+                                          type: string
+                                        type:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    windowsOptions:
+                                      nullable: true
+                                      properties:
+                                        gmsaCredentialSpec:
+                                          nullable: true
+                                          type: string
+                                        gmsaCredentialSpecName:
+                                          nullable: true
+                                          type: string
+                                        hostProcess:
+                                          nullable: true
+                                          type: boolean
+                                        runAsUserName:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                  type: object
+                                startupProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                stdin:
+                                  type: boolean
+                                stdinOnce:
+                                  type: boolean
+                                terminationMessagePath:
+                                  nullable: true
+                                  type: string
+                                terminationMessagePolicy:
+                                  nullable: true
+                                  type: string
+                                tty:
+                                  type: boolean
+                                volumeDevices:
+                                  items:
+                                    properties:
+                                      devicePath:
+                                        nullable: true
+                                        type: string
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                volumeMounts:
+                                  items:
+                                    properties:
+                                      mountPath:
+                                        nullable: true
+                                        type: string
+                                      mountPropagation:
+                                        nullable: true
+                                        type: string
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      readOnly:
+                                        type: boolean
+                                      subPath:
+                                        nullable: true
+                                        type: string
+                                      subPathExpr:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                workingDir:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          dnsConfig:
+                            nullable: true
+                            properties:
+                              nameservers:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              options:
+                                items:
+                                  properties:
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              searches:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                            type: object
+                          dnsPolicy:
+                            nullable: true
+                            type: string
+                          enableServiceLinks:
+                            nullable: true
+                            type: boolean
+                          ephemeralContainers:
+                            items:
+                              properties:
+                                args:
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                command:
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                env:
+                                  items:
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      value:
+                                        nullable: true
+                                        type: string
+                                      valueFrom:
+                                        nullable: true
+                                        properties:
+                                          configMapKeyRef:
+                                            nullable: true
+                                            properties:
+                                              key:
+                                                nullable: true
+                                                type: string
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              optional:
+                                                nullable: true
+                                                type: boolean
+                                            type: object
+                                          fieldRef:
+                                            nullable: true
+                                            properties:
+                                              apiVersion:
+                                                nullable: true
+                                                type: string
+                                              fieldPath:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          resourceFieldRef:
+                                            nullable: true
+                                            properties:
+                                              containerName:
+                                                nullable: true
+                                                type: string
+                                              divisor:
+                                                nullable: true
+                                                type: string
+                                              resource:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          secretKeyRef:
+                                            nullable: true
+                                            properties:
+                                              key:
+                                                nullable: true
+                                                type: string
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              optional:
+                                                nullable: true
+                                                type: boolean
+                                            type: object
+                                        type: object
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                envFrom:
+                                  items:
+                                    properties:
+                                      configMapRef:
+                                        nullable: true
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                          optional:
+                                            nullable: true
+                                            type: boolean
+                                        type: object
+                                      prefix:
+                                        nullable: true
+                                        type: string
+                                      secretRef:
+                                        nullable: true
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                          optional:
+                                            nullable: true
+                                            type: boolean
+                                        type: object
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                image:
+                                  nullable: true
+                                  type: string
+                                imagePullPolicy:
+                                  nullable: true
+                                  type: string
+                                lifecycle:
+                                  nullable: true
+                                  properties:
+                                    postStart:
+                                      nullable: true
+                                      properties:
+                                        exec:
+                                          nullable: true
+                                          properties:
+                                            command:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        httpGet:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    nullable: true
+                                                    type: string
+                                                  value:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            path:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        tcpSocket:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    preStop:
+                                      nullable: true
+                                      properties:
+                                        exec:
+                                          nullable: true
+                                          properties:
+                                            command:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        httpGet:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    nullable: true
+                                                    type: string
+                                                  value:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            path:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        tcpSocket:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                  type: object
+                                livenessProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                name:
+                                  nullable: true
+                                  type: string
+                                ports:
+                                  items:
+                                    properties:
+                                      containerPort:
+                                        type: integer
+                                      hostIP:
+                                        nullable: true
+                                        type: string
+                                      hostPort:
+                                        type: integer
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      protocol:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                readinessProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                resizePolicy:
+                                  items:
+                                    properties:
+                                      resourceName:
+                                        nullable: true
+                                        type: string
+                                      restartPolicy:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                resources:
+                                  properties:
+                                    claims:
+                                      items:
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                    limits:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                    requests:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                  type: object
+                                restartPolicy:
+                                  nullable: true
+                                  type: string
+                                securityContext:
+                                  nullable: true
+                                  properties:
+                                    allowPrivilegeEscalation:
+                                      nullable: true
+                                      type: boolean
+                                    capabilities:
+                                      nullable: true
+                                      properties:
+                                        add:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                        drop:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    privileged:
+                                      nullable: true
+                                      type: boolean
+                                    procMount:
+                                      nullable: true
+                                      type: string
+                                    readOnlyRootFilesystem:
+                                      nullable: true
+                                      type: boolean
+                                    runAsGroup:
+                                      nullable: true
+                                      type: integer
+                                    runAsNonRoot:
+                                      nullable: true
+                                      type: boolean
+                                    runAsUser:
+                                      nullable: true
+                                      type: integer
+                                    seLinuxOptions:
+                                      nullable: true
+                                      properties:
+                                        level:
+                                          nullable: true
+                                          type: string
+                                        role:
+                                          nullable: true
+                                          type: string
+                                        type:
+                                          nullable: true
+                                          type: string
+                                        user:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    seccompProfile:
+                                      nullable: true
+                                      properties:
+                                        localhostProfile:
+                                          nullable: true
+                                          type: string
+                                        type:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    windowsOptions:
+                                      nullable: true
+                                      properties:
+                                        gmsaCredentialSpec:
+                                          nullable: true
+                                          type: string
+                                        gmsaCredentialSpecName:
+                                          nullable: true
+                                          type: string
+                                        hostProcess:
+                                          nullable: true
+                                          type: boolean
+                                        runAsUserName:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                  type: object
+                                startupProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                stdin:
+                                  type: boolean
+                                stdinOnce:
+                                  type: boolean
+                                targetContainerName:
+                                  nullable: true
+                                  type: string
+                                terminationMessagePath:
+                                  nullable: true
+                                  type: string
+                                terminationMessagePolicy:
+                                  nullable: true
+                                  type: string
+                                tty:
+                                  type: boolean
+                                volumeDevices:
+                                  items:
+                                    properties:
+                                      devicePath:
+                                        nullable: true
+                                        type: string
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                volumeMounts:
+                                  items:
+                                    properties:
+                                      mountPath:
+                                        nullable: true
+                                        type: string
+                                      mountPropagation:
+                                        nullable: true
+                                        type: string
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      readOnly:
+                                        type: boolean
+                                      subPath:
+                                        nullable: true
+                                        type: string
+                                      subPathExpr:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                workingDir:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          hostAliases:
+                            items:
+                              properties:
+                                hostnames:
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                ip:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          hostIPC:
+                            type: boolean
+                          hostNetwork:
+                            type: boolean
+                          hostPID:
+                            type: boolean
+                          hostUsers:
+                            nullable: true
+                            type: boolean
+                          hostname:
+                            nullable: true
+                            type: string
+                          imagePullSecrets:
+                            items:
+                              properties:
+                                name:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          initContainers:
+                            items:
+                              properties:
+                                args:
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                command:
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                env:
+                                  items:
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      value:
+                                        nullable: true
+                                        type: string
+                                      valueFrom:
+                                        nullable: true
+                                        properties:
+                                          configMapKeyRef:
+                                            nullable: true
+                                            properties:
+                                              key:
+                                                nullable: true
+                                                type: string
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              optional:
+                                                nullable: true
+                                                type: boolean
+                                            type: object
+                                          fieldRef:
+                                            nullable: true
+                                            properties:
+                                              apiVersion:
+                                                nullable: true
+                                                type: string
+                                              fieldPath:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          resourceFieldRef:
+                                            nullable: true
+                                            properties:
+                                              containerName:
+                                                nullable: true
+                                                type: string
+                                              divisor:
+                                                nullable: true
+                                                type: string
+                                              resource:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          secretKeyRef:
+                                            nullable: true
+                                            properties:
+                                              key:
+                                                nullable: true
+                                                type: string
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              optional:
+                                                nullable: true
+                                                type: boolean
+                                            type: object
+                                        type: object
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                envFrom:
+                                  items:
+                                    properties:
+                                      configMapRef:
+                                        nullable: true
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                          optional:
+                                            nullable: true
+                                            type: boolean
+                                        type: object
+                                      prefix:
+                                        nullable: true
+                                        type: string
+                                      secretRef:
+                                        nullable: true
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                          optional:
+                                            nullable: true
+                                            type: boolean
+                                        type: object
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                image:
+                                  nullable: true
+                                  type: string
+                                imagePullPolicy:
+                                  nullable: true
+                                  type: string
+                                lifecycle:
+                                  nullable: true
+                                  properties:
+                                    postStart:
+                                      nullable: true
+                                      properties:
+                                        exec:
+                                          nullable: true
+                                          properties:
+                                            command:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        httpGet:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    nullable: true
+                                                    type: string
+                                                  value:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            path:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        tcpSocket:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    preStop:
+                                      nullable: true
+                                      properties:
+                                        exec:
+                                          nullable: true
+                                          properties:
+                                            command:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        httpGet:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            httpHeaders:
+                                              items:
+                                                properties:
+                                                  name:
+                                                    nullable: true
+                                                    type: string
+                                                  value:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            path:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                            scheme:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        tcpSocket:
+                                          nullable: true
+                                          properties:
+                                            host:
+                                              nullable: true
+                                              type: string
+                                            port:
+                                              x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                  type: object
+                                livenessProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                name:
+                                  nullable: true
+                                  type: string
+                                ports:
+                                  items:
+                                    properties:
+                                      containerPort:
+                                        type: integer
+                                      hostIP:
+                                        nullable: true
+                                        type: string
+                                      hostPort:
+                                        type: integer
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      protocol:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                readinessProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                resizePolicy:
+                                  items:
+                                    properties:
+                                      resourceName:
+                                        nullable: true
+                                        type: string
+                                      restartPolicy:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                resources:
+                                  properties:
+                                    claims:
+                                      items:
+                                        properties:
+                                          name:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                    limits:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                    requests:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                  type: object
+                                restartPolicy:
+                                  nullable: true
+                                  type: string
+                                securityContext:
+                                  nullable: true
+                                  properties:
+                                    allowPrivilegeEscalation:
+                                      nullable: true
+                                      type: boolean
+                                    capabilities:
+                                      nullable: true
+                                      properties:
+                                        add:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                        drop:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    privileged:
+                                      nullable: true
+                                      type: boolean
+                                    procMount:
+                                      nullable: true
+                                      type: string
+                                    readOnlyRootFilesystem:
+                                      nullable: true
+                                      type: boolean
+                                    runAsGroup:
+                                      nullable: true
+                                      type: integer
+                                    runAsNonRoot:
+                                      nullable: true
+                                      type: boolean
+                                    runAsUser:
+                                      nullable: true
+                                      type: integer
+                                    seLinuxOptions:
+                                      nullable: true
+                                      properties:
+                                        level:
+                                          nullable: true
+                                          type: string
+                                        role:
+                                          nullable: true
+                                          type: string
+                                        type:
+                                          nullable: true
+                                          type: string
+                                        user:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    seccompProfile:
+                                      nullable: true
+                                      properties:
+                                        localhostProfile:
+                                          nullable: true
+                                          type: string
+                                        type:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    windowsOptions:
+                                      nullable: true
+                                      properties:
+                                        gmsaCredentialSpec:
+                                          nullable: true
+                                          type: string
+                                        gmsaCredentialSpecName:
+                                          nullable: true
+                                          type: string
+                                        hostProcess:
+                                          nullable: true
+                                          type: boolean
+                                        runAsUserName:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                  type: object
+                                startupProbe:
+                                  nullable: true
+                                  properties:
+                                    exec:
+                                      nullable: true
+                                      properties:
+                                        command:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    failureThreshold:
+                                      type: integer
+                                    grpc:
+                                      nullable: true
+                                      properties:
+                                        port:
+                                          type: integer
+                                        service:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    httpGet:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        httpHeaders:
+                                          items:
+                                            properties:
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              value:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                        scheme:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    initialDelaySeconds:
+                                      type: integer
+                                    periodSeconds:
+                                      type: integer
+                                    successThreshold:
+                                      type: integer
+                                    tcpSocket:
+                                      nullable: true
+                                      properties:
+                                        host:
+                                          nullable: true
+                                          type: string
+                                        port:
+                                          x-kubernetes-int-or-string: true
+                                      type: object
+                                    terminationGracePeriodSeconds:
+                                      nullable: true
+                                      type: integer
+                                    timeoutSeconds:
+                                      type: integer
+                                  type: object
+                                stdin:
+                                  type: boolean
+                                stdinOnce:
+                                  type: boolean
+                                terminationMessagePath:
+                                  nullable: true
+                                  type: string
+                                terminationMessagePolicy:
+                                  nullable: true
+                                  type: string
+                                tty:
+                                  type: boolean
+                                volumeDevices:
+                                  items:
+                                    properties:
+                                      devicePath:
+                                        nullable: true
+                                        type: string
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                volumeMounts:
+                                  items:
+                                    properties:
+                                      mountPath:
+                                        nullable: true
+                                        type: string
+                                      mountPropagation:
+                                        nullable: true
+                                        type: string
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      readOnly:
+                                        type: boolean
+                                      subPath:
+                                        nullable: true
+                                        type: string
+                                      subPathExpr:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                workingDir:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          nodeName:
+                            nullable: true
+                            type: string
+                          nodeSelector:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: object
+                          os:
+                            nullable: true
+                            properties:
+                              name:
+                                nullable: true
+                                type: string
+                            type: object
+                          overhead:
+                            additionalProperties:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: object
+                          preemptionPolicy:
+                            nullable: true
+                            type: string
+                          priority:
+                            nullable: true
+                            type: integer
+                          priorityClassName:
+                            nullable: true
+                            type: string
+                          readinessGates:
+                            items:
+                              properties:
+                                conditionType:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          resourceClaims:
+                            items:
+                              properties:
+                                name:
+                                  nullable: true
+                                  type: string
+                                source:
+                                  properties:
+                                    resourceClaimName:
+                                      nullable: true
+                                      type: string
+                                    resourceClaimTemplateName:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                              type: object
+                            nullable: true
+                            type: array
+                          restartPolicy:
+                            nullable: true
+                            type: string
+                          runtimeClassName:
+                            nullable: true
+                            type: string
+                          schedulerName:
+                            nullable: true
+                            type: string
+                          schedulingGates:
+                            items:
+                              properties:
+                                name:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          securityContext:
+                            nullable: true
+                            properties:
+                              fsGroup:
+                                nullable: true
+                                type: integer
+                              fsGroupChangePolicy:
+                                nullable: true
+                                type: string
+                              runAsGroup:
+                                nullable: true
+                                type: integer
+                              runAsNonRoot:
+                                nullable: true
+                                type: boolean
+                              runAsUser:
+                                nullable: true
+                                type: integer
+                              seLinuxOptions:
+                                nullable: true
+                                properties:
+                                  level:
+                                    nullable: true
+                                    type: string
+                                  role:
+                                    nullable: true
+                                    type: string
+                                  type:
+                                    nullable: true
+                                    type: string
+                                  user:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              seccompProfile:
+                                nullable: true
+                                properties:
+                                  localhostProfile:
+                                    nullable: true
+                                    type: string
+                                  type:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              supplementalGroups:
+                                items:
+                                  type: integer
+                                nullable: true
+                                type: array
+                              sysctls:
+                                items:
+                                  properties:
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              windowsOptions:
+                                nullable: true
+                                properties:
+                                  gmsaCredentialSpec:
+                                    nullable: true
+                                    type: string
+                                  gmsaCredentialSpecName:
+                                    nullable: true
+                                    type: string
+                                  hostProcess:
+                                    nullable: true
+                                    type: boolean
+                                  runAsUserName:
+                                    nullable: true
+                                    type: string
+                                type: object
+                            type: object
+                          serviceAccount:
+                            nullable: true
+                            type: string
+                          serviceAccountName:
+                            nullable: true
+                            type: string
+                          setHostnameAsFQDN:
+                            nullable: true
+                            type: boolean
+                          shareProcessNamespace:
+                            nullable: true
+                            type: boolean
+                          subdomain:
+                            nullable: true
+                            type: string
+                          terminationGracePeriodSeconds:
+                            nullable: true
+                            type: integer
+                          tolerations:
+                            items:
+                              properties:
+                                effect:
+                                  nullable: true
+                                  type: string
+                                key:
+                                  nullable: true
+                                  type: string
+                                operator:
+                                  nullable: true
+                                  type: string
+                                tolerationSeconds:
+                                  nullable: true
+                                  type: integer
+                                value:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          topologySpreadConstraints:
+                            items:
+                              properties:
+                                labelSelector:
+                                  nullable: true
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            nullable: true
+                                            type: string
+                                          operator:
+                                            nullable: true
+                                            type: string
+                                          values:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                    matchLabels:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                  type: object
+                                matchLabelKeys:
+                                  items:
+                                    nullable: true
+                                    type: string
+                                  nullable: true
+                                  type: array
+                                maxSkew:
+                                  type: integer
+                                minDomains:
+                                  nullable: true
+                                  type: integer
+                                nodeAffinityPolicy:
+                                  nullable: true
+                                  type: string
+                                nodeTaintsPolicy:
+                                  nullable: true
+                                  type: string
+                                topologyKey:
+                                  nullable: true
+                                  type: string
+                                whenUnsatisfiable:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                          volumes:
+                            items:
+                              properties:
+                                awsElasticBlockStore:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    partition:
+                                      type: integer
+                                    readOnly:
+                                      type: boolean
+                                    volumeID:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                azureDisk:
+                                  nullable: true
+                                  properties:
+                                    cachingMode:
+                                      nullable: true
+                                      type: string
+                                    diskName:
+                                      nullable: true
+                                      type: string
+                                    diskURI:
+                                      nullable: true
+                                      type: string
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    kind:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      nullable: true
+                                      type: boolean
+                                  type: object
+                                azureFile:
+                                  nullable: true
+                                  properties:
+                                    readOnly:
+                                      type: boolean
+                                    secretName:
+                                      nullable: true
+                                      type: string
+                                    shareName:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                cephfs:
+                                  nullable: true
+                                  properties:
+                                    monitors:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    path:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    secretFile:
+                                      nullable: true
+                                      type: string
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    user:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                cinder:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    volumeID:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                configMap:
+                                  nullable: true
+                                  properties:
+                                    defaultMode:
+                                      nullable: true
+                                      type: integer
+                                    items:
+                                      items:
+                                        properties:
+                                          key:
+                                            nullable: true
+                                            type: string
+                                          mode:
+                                            nullable: true
+                                            type: integer
+                                          path:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    optional:
+                                      nullable: true
+                                      type: boolean
+                                  type: object
+                                csi:
+                                  nullable: true
+                                  properties:
+                                    driver:
+                                      nullable: true
+                                      type: string
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    nodePublishSecretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    readOnly:
+                                      nullable: true
+                                      type: boolean
+                                    volumeAttributes:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                  type: object
+                                downwardAPI:
+                                  nullable: true
+                                  properties:
+                                    defaultMode:
+                                      nullable: true
+                                      type: integer
+                                    items:
+                                      items:
+                                        properties:
+                                          fieldRef:
+                                            nullable: true
+                                            properties:
+                                              apiVersion:
+                                                nullable: true
+                                                type: string
+                                              fieldPath:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          mode:
+                                            nullable: true
+                                            type: integer
+                                          path:
+                                            nullable: true
+                                            type: string
+                                          resourceFieldRef:
+                                            nullable: true
+                                            properties:
+                                              containerName:
+                                                nullable: true
+                                                type: string
+                                              divisor:
+                                                nullable: true
+                                                type: string
+                                              resource:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                  type: object
+                                emptyDir:
+                                  nullable: true
+                                  properties:
+                                    medium:
+                                      nullable: true
+                                      type: string
+                                    sizeLimit:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                ephemeral:
+                                  nullable: true
+                                  properties:
+                                    volumeClaimTemplate:
+                                      nullable: true
+                                      properties:
+                                        metadata:
+                                          properties:
+                                            annotations:
+                                              additionalProperties:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: object
+                                            creationTimestamp:
+                                              nullable: true
+                                              type: string
+                                            deletionGracePeriodSeconds:
+                                              nullable: true
+                                              type: integer
+                                            deletionTimestamp:
+                                              nullable: true
+                                              type: string
+                                            finalizers:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                            generateName:
+                                              nullable: true
+                                              type: string
+                                            generation:
+                                              type: integer
+                                            labels:
+                                              additionalProperties:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: object
+                                            managedFields:
+                                              items:
+                                                properties:
+                                                  apiVersion:
+                                                    nullable: true
+                                                    type: string
+                                                  fieldsType:
+                                                    nullable: true
+                                                    type: string
+                                                  fieldsV1:
+                                                    nullable: true
+                                                    type: object
+                                                  manager:
+                                                    nullable: true
+                                                    type: string
+                                                  operation:
+                                                    nullable: true
+                                                    type: string
+                                                  subresource:
+                                                    nullable: true
+                                                    type: string
+                                                  time:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            namespace:
+                                              nullable: true
+                                              type: string
+                                            ownerReferences:
+                                              items:
+                                                properties:
+                                                  apiVersion:
+                                                    nullable: true
+                                                    type: string
+                                                  blockOwnerDeletion:
+                                                    nullable: true
+                                                    type: boolean
+                                                  controller:
+                                                    nullable: true
+                                                    type: boolean
+                                                  kind:
+                                                    nullable: true
+                                                    type: string
+                                                  name:
+                                                    nullable: true
+                                                    type: string
+                                                  uid:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            resourceVersion:
+                                              nullable: true
+                                              type: string
+                                            selfLink:
+                                              nullable: true
+                                              type: string
+                                            uid:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        spec:
+                                          properties:
+                                            accessModes:
+                                              items:
+                                                nullable: true
+                                                type: string
+                                              nullable: true
+                                              type: array
+                                            dataSource:
+                                              nullable: true
+                                              properties:
+                                                apiGroup:
+                                                  nullable: true
+                                                  type: string
+                                                kind:
+                                                  nullable: true
+                                                  type: string
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            dataSourceRef:
+                                              nullable: true
+                                              properties:
+                                                apiGroup:
+                                                  nullable: true
+                                                  type: string
+                                                kind:
+                                                  nullable: true
+                                                  type: string
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                namespace:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            resources:
+                                              properties:
+                                                claims:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        nullable: true
+                                                        type: string
+                                                    type: object
+                                                  nullable: true
+                                                  type: array
+                                                limits:
+                                                  additionalProperties:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: object
+                                                requests:
+                                                  additionalProperties:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: object
+                                              type: object
+                                            selector:
+                                              nullable: true
+                                              properties:
+                                                matchExpressions:
+                                                  items:
+                                                    properties:
+                                                      key:
+                                                        nullable: true
+                                                        type: string
+                                                      operator:
+                                                        nullable: true
+                                                        type: string
+                                                      values:
+                                                        items:
+                                                          nullable: true
+                                                          type: string
+                                                        nullable: true
+                                                        type: array
+                                                    type: object
+                                                  nullable: true
+                                                  type: array
+                                                matchLabels:
+                                                  additionalProperties:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: object
+                                              type: object
+                                            storageClassName:
+                                              nullable: true
+                                              type: string
+                                            volumeMode:
+                                              nullable: true
+                                              type: string
+                                            volumeName:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                      type: object
+                                  type: object
+                                fc:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    lun:
+                                      nullable: true
+                                      type: integer
+                                    readOnly:
+                                      type: boolean
+                                    targetWWNs:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    wwids:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                  type: object
+                                flexVolume:
+                                  nullable: true
+                                  properties:
+                                    driver:
+                                      nullable: true
+                                      type: string
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    options:
+                                      additionalProperties:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: object
+                                    readOnly:
+                                      type: boolean
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                  type: object
+                                flocker:
+                                  nullable: true
+                                  properties:
+                                    datasetName:
+                                      nullable: true
+                                      type: string
+                                    datasetUUID:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                gcePersistentDisk:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    partition:
+                                      type: integer
+                                    pdName:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                  type: object
+                                gitRepo:
+                                  nullable: true
+                                  properties:
+                                    directory:
+                                      nullable: true
+                                      type: string
+                                    repository:
+                                      nullable: true
+                                      type: string
+                                    revision:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                glusterfs:
+                                  nullable: true
+                                  properties:
+                                    endpoints:
+                                      nullable: true
+                                      type: string
+                                    path:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                  type: object
+                                hostPath:
+                                  nullable: true
+                                  properties:
+                                    path:
+                                      nullable: true
+                                      type: string
+                                    type:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                iscsi:
+                                  nullable: true
+                                  properties:
+                                    chapAuthDiscovery:
+                                      type: boolean
+                                    chapAuthSession:
+                                      type: boolean
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    initiatorName:
+                                      nullable: true
+                                      type: string
+                                    iqn:
+                                      nullable: true
+                                      type: string
+                                    iscsiInterface:
+                                      nullable: true
+                                      type: string
+                                    lun:
+                                      type: integer
+                                    portals:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    readOnly:
+                                      type: boolean
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    targetPortal:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                name:
+                                  nullable: true
+                                  type: string
+                                nfs:
+                                  nullable: true
+                                  properties:
+                                    path:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    server:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                persistentVolumeClaim:
+                                  nullable: true
+                                  properties:
+                                    claimName:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                  type: object
+                                photonPersistentDisk:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    pdID:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                portworxVolume:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    volumeID:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                projected:
+                                  nullable: true
+                                  properties:
+                                    defaultMode:
+                                      nullable: true
+                                      type: integer
+                                    sources:
+                                      items:
+                                        properties:
+                                          configMap:
+                                            nullable: true
+                                            properties:
+                                              items:
+                                                items:
+                                                  properties:
+                                                    key:
+                                                      nullable: true
+                                                      type: string
+                                                    mode:
+                                                      nullable: true
+                                                      type: integer
+                                                    path:
+                                                      nullable: true
+                                                      type: string
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              optional:
+                                                nullable: true
+                                                type: boolean
+                                            type: object
+                                          downwardAPI:
+                                            nullable: true
+                                            properties:
+                                              items:
+                                                items:
+                                                  properties:
+                                                    fieldRef:
+                                                      nullable: true
+                                                      properties:
+                                                        apiVersion:
+                                                          nullable: true
+                                                          type: string
+                                                        fieldPath:
+                                                          nullable: true
+                                                          type: string
+                                                      type: object
+                                                    mode:
+                                                      nullable: true
+                                                      type: integer
+                                                    path:
+                                                      nullable: true
+                                                      type: string
+                                                    resourceFieldRef:
+                                                      nullable: true
+                                                      properties:
+                                                        containerName:
+                                                          nullable: true
+                                                          type: string
+                                                        divisor:
+                                                          nullable: true
+                                                          type: string
+                                                        resource:
+                                                          nullable: true
+                                                          type: string
+                                                      type: object
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                            type: object
+                                          secret:
+                                            nullable: true
+                                            properties:
+                                              items:
+                                                items:
+                                                  properties:
+                                                    key:
+                                                      nullable: true
+                                                      type: string
+                                                    mode:
+                                                      nullable: true
+                                                      type: integer
+                                                    path:
+                                                      nullable: true
+                                                      type: string
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              optional:
+                                                nullable: true
+                                                type: boolean
+                                            type: object
+                                          serviceAccountToken:
+                                            nullable: true
+                                            properties:
+                                              audience:
+                                                nullable: true
+                                                type: string
+                                              expirationSeconds:
+                                                nullable: true
+                                                type: integer
+                                              path:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                  type: object
+                                quobyte:
+                                  nullable: true
+                                  properties:
+                                    group:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    registry:
+                                      nullable: true
+                                      type: string
+                                    tenant:
+                                      nullable: true
+                                      type: string
+                                    user:
+                                      nullable: true
+                                      type: string
+                                    volume:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                rbd:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    image:
+                                      nullable: true
+                                      type: string
+                                    keyring:
+                                      nullable: true
+                                      type: string
+                                    monitors:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    pool:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    user:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                scaleIO:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    gateway:
+                                      nullable: true
+                                      type: string
+                                    protectionDomain:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    sslEnabled:
+                                      type: boolean
+                                    storageMode:
+                                      nullable: true
+                                      type: string
+                                    storagePool:
+                                      nullable: true
+                                      type: string
+                                    system:
+                                      nullable: true
+                                      type: string
+                                    volumeName:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                secret:
+                                  nullable: true
+                                  properties:
+                                    defaultMode:
+                                      nullable: true
+                                      type: integer
+                                    items:
+                                      items:
+                                        properties:
+                                          key:
+                                            nullable: true
+                                            type: string
+                                          mode:
+                                            nullable: true
+                                            type: integer
+                                          path:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                    optional:
+                                      nullable: true
+                                      type: boolean
+                                    secretName:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                storageos:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    volumeName:
+                                      nullable: true
+                                      type: string
+                                    volumeNamespace:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                vsphereVolume:
+                                  nullable: true
+                                  properties:
+                                    fsType:
+                                      nullable: true
+                                      type: string
+                                    storagePolicyID:
+                                      nullable: true
+                                      type: string
+                                    storagePolicyName:
+                                      nullable: true
+                                      type: string
+                                    volumePath:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                    type: object
+                  ttlSecondsAfterFinished:
+                    nullable: true
+                    type: integer
+                type: object
+              syncInterval:
+                type: integer
+            type: object
+          status:
+            properties:
+              commit:
+                nullable: true
+                type: string
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      nullable: true
+                      type: string
+                    lastUpdateTime:
+                      nullable: true
+                      type: string
+                    message:
+                      nullable: true
+                      type: string
+                    reason:
+                      nullable: true
+                      type: string
+                    status:
+                      nullable: true
+                      type: string
+                    type:
+                      nullable: true
+                      type: string
+                  type: object
+                nullable: true
+                type: array
+              event:
+                nullable: true
+                type: string
+              hookId:
+                nullable: true
+                type: string
+              jobStatus:
+                nullable: true
+                type: string
+              lastExecutedCommit:
+                nullable: true
+                type: string
+              lastSyncedTime:
+                nullable: true
+                type: string
+              observedGeneration:
+                type: integer
+              secretToken:
+                nullable: true
+                type: string
+              updateGeneration:
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+{{- else -}}
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: gitjobs.gitjob.cattle.io
+spec:
+  additionalPrinterColumns:
+  - JSONPath: .spec.git.repo
+    name: REPO
+    type: string
+  - JSONPath: .spec.git.branch
+    name: BRANCH
+    type: string
+  - JSONPath: .status.commit
+    name: COMMIT
+    type: string
+  - JSONPath: .status.jobStatus
+    name: JOBSTATUS
+    type: string
+  - JSONPath: .metadata.creationTimestamp
+    name: Age
+    type: date
+  group: gitjob.cattle.io
+  names:
+    kind: GitJob
+    plural: gitjobs
+    singular: gitjob
+  preserveUnknownFields: false
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      properties:
+        spec:
+          properties:
+            forceUpdateGeneration:
+              type: integer
+            git:
+              properties:
+                branch:
+                  nullable: true
+                  type: string
+                caBundle:
+                  nullable: true
+                  type: string
+                clientSecretName:
+                  nullable: true
+                  type: string
+                insecureSkipTLSVerify:
+                  type: boolean
+                onTag:
+                  nullable: true
+                  type: string
+                provider:
+                  nullable: true
+                  type: string
+                repo:
+                  nullable: true
+                  type: string
+                revision:
+                  nullable: true
+                  type: string
+              type: object
+            jobSpec:
+              properties:
+                activeDeadlineSeconds:
+                  nullable: true
+                  type: integer
+                backoffLimit:
+                  nullable: true
+                  type: integer
+                backoffLimitPerIndex:
+                  nullable: true
+                  type: integer
+                completionMode:
+                  nullable: true
+                  type: string
+                completions:
+                  nullable: true
+                  type: integer
+                manualSelector:
+                  nullable: true
+                  type: boolean
+                maxFailedIndexes:
+                  nullable: true
+                  type: integer
+                parallelism:
+                  nullable: true
+                  type: integer
+                podFailurePolicy:
+                  nullable: true
+                  properties:
+                    rules:
+                      items:
+                        properties:
+                          action:
+                            nullable: true
+                            type: string
+                          onExitCodes:
+                            nullable: true
+                            properties:
+                              containerName:
+                                nullable: true
+                                type: string
+                              operator:
+                                nullable: true
+                                type: string
+                              values:
+                                items:
+                                  type: integer
+                                nullable: true
+                                type: array
+                            type: object
+                          onPodConditions:
+                            items:
+                              properties:
+                                status:
+                                  nullable: true
+                                  type: string
+                                type:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                  type: object
+                podReplacementPolicy:
+                  nullable: true
+                  type: string
+                selector:
+                  nullable: true
+                  properties:
+                    matchExpressions:
+                      items:
+                        properties:
+                          key:
+                            nullable: true
+                            type: string
+                          operator:
+                            nullable: true
+                            type: string
+                          values:
+                            items:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    matchLabels:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                  type: object
+                suspend:
+                  nullable: true
+                  type: boolean
+                template:
+                  properties:
+                    metadata:
+                      properties:
+                        annotations:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        creationTimestamp:
+                          nullable: true
+                          type: string
+                        deletionGracePeriodSeconds:
+                          nullable: true
+                          type: integer
+                        deletionTimestamp:
+                          nullable: true
+                          type: string
+                        finalizers:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        generateName:
+                          nullable: true
+                          type: string
+                        generation:
+                          type: integer
+                        labels:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        managedFields:
+                          items:
+                            properties:
+                              apiVersion:
+                                nullable: true
+                                type: string
+                              fieldsType:
+                                nullable: true
+                                type: string
+                              fieldsV1:
+                                nullable: true
+                                type: object
+                              manager:
+                                nullable: true
+                                type: string
+                              operation:
+                                nullable: true
+                                type: string
+                              subresource:
+                                nullable: true
+                                type: string
+                              time:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        name:
+                          nullable: true
+                          type: string
+                        namespace:
+                          nullable: true
+                          type: string
+                        ownerReferences:
+                          items:
+                            properties:
+                              apiVersion:
+                                nullable: true
+                                type: string
+                              blockOwnerDeletion:
+                                nullable: true
+                                type: boolean
+                              controller:
+                                nullable: true
+                                type: boolean
+                              kind:
+                                nullable: true
+                                type: string
+                              name:
+                                nullable: true
+                                type: string
+                              uid:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        resourceVersion:
+                          nullable: true
+                          type: string
+                        selfLink:
+                          nullable: true
+                          type: string
+                        uid:
+                          nullable: true
+                          type: string
+                      type: object
+                    spec:
+                      properties:
+                        activeDeadlineSeconds:
+                          nullable: true
+                          type: integer
+                        affinity:
+                          nullable: true
+                          properties:
+                            nodeAffinity:
+                              nullable: true
+                              properties:
+                                preferredDuringSchedulingIgnoredDuringExecution:
+                                  items:
+                                    properties:
+                                      preference:
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          matchFields:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      weight:
+                                        type: integer
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                requiredDuringSchedulingIgnoredDuringExecution:
+                                  nullable: true
+                                  properties:
+                                    nodeSelectorTerms:
+                                      items:
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          matchFields:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                  type: object
+                              type: object
+                            podAffinity:
+                              nullable: true
+                              properties:
+                                preferredDuringSchedulingIgnoredDuringExecution:
+                                  items:
+                                    properties:
+                                      podAffinityTerm:
+                                        properties:
+                                          labelSelector:
+                                            nullable: true
+                                            properties:
+                                              matchExpressions:
+                                                items:
+                                                  properties:
+                                                    key:
+                                                      nullable: true
+                                                      type: string
+                                                    operator:
+                                                      nullable: true
+                                                      type: string
+                                                    values:
+                                                      items:
+                                                        nullable: true
+                                                        type: string
+                                                      nullable: true
+                                                      type: array
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                              matchLabels:
+                                                additionalProperties:
+                                                  nullable: true
+                                                  type: string
+                                                nullable: true
+                                                type: object
+                                            type: object
+                                          namespaceSelector:
+                                            nullable: true
+                                            properties:
+                                              matchExpressions:
+                                                items:
+                                                  properties:
+                                                    key:
+                                                      nullable: true
+                                                      type: string
+                                                    operator:
+                                                      nullable: true
+                                                      type: string
+                                                    values:
+                                                      items:
+                                                        nullable: true
+                                                        type: string
+                                                      nullable: true
+                                                      type: array
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                              matchLabels:
+                                                additionalProperties:
+                                                  nullable: true
+                                                  type: string
+                                                nullable: true
+                                                type: object
+                                            type: object
+                                          namespaces:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                          topologyKey:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      weight:
+                                        type: integer
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                requiredDuringSchedulingIgnoredDuringExecution:
+                                  items:
+                                    properties:
+                                      labelSelector:
+                                        nullable: true
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          matchLabels:
+                                            additionalProperties:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: object
+                                        type: object
+                                      namespaceSelector:
+                                        nullable: true
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          matchLabels:
+                                            additionalProperties:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: object
+                                        type: object
+                                      namespaces:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                      topologyKey:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                              type: object
+                            podAntiAffinity:
+                              nullable: true
+                              properties:
+                                preferredDuringSchedulingIgnoredDuringExecution:
+                                  items:
+                                    properties:
+                                      podAffinityTerm:
+                                        properties:
+                                          labelSelector:
+                                            nullable: true
+                                            properties:
+                                              matchExpressions:
+                                                items:
+                                                  properties:
+                                                    key:
+                                                      nullable: true
+                                                      type: string
+                                                    operator:
+                                                      nullable: true
+                                                      type: string
+                                                    values:
+                                                      items:
+                                                        nullable: true
+                                                        type: string
+                                                      nullable: true
+                                                      type: array
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                              matchLabels:
+                                                additionalProperties:
+                                                  nullable: true
+                                                  type: string
+                                                nullable: true
+                                                type: object
+                                            type: object
+                                          namespaceSelector:
+                                            nullable: true
+                                            properties:
+                                              matchExpressions:
+                                                items:
+                                                  properties:
+                                                    key:
+                                                      nullable: true
+                                                      type: string
+                                                    operator:
+                                                      nullable: true
+                                                      type: string
+                                                    values:
+                                                      items:
+                                                        nullable: true
+                                                        type: string
+                                                      nullable: true
+                                                      type: array
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                              matchLabels:
+                                                additionalProperties:
+                                                  nullable: true
+                                                  type: string
+                                                nullable: true
+                                                type: object
+                                            type: object
+                                          namespaces:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                          topologyKey:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      weight:
+                                        type: integer
+                                    type: object
+                                  nullable: true
+                                  type: array
+                                requiredDuringSchedulingIgnoredDuringExecution:
+                                  items:
+                                    properties:
+                                      labelSelector:
+                                        nullable: true
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          matchLabels:
+                                            additionalProperties:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: object
+                                        type: object
+                                      namespaceSelector:
+                                        nullable: true
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          matchLabels:
+                                            additionalProperties:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: object
+                                        type: object
+                                      namespaces:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                      topologyKey:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                              type: object
+                          type: object
+                        automountServiceAccountToken:
+                          nullable: true
+                          type: boolean
+                        containers:
+                          items:
+                            properties:
+                              args:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              command:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              env:
+                                items:
+                                  properties:
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      nullable: true
+                                      type: string
+                                    valueFrom:
+                                      nullable: true
+                                      properties:
+                                        configMapKeyRef:
+                                          nullable: true
+                                          properties:
+                                            key:
+                                              nullable: true
+                                              type: string
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            optional:
+                                              nullable: true
+                                              type: boolean
+                                          type: object
+                                        fieldRef:
+                                          nullable: true
+                                          properties:
+                                            apiVersion:
+                                              nullable: true
+                                              type: string
+                                            fieldPath:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        resourceFieldRef:
+                                          nullable: true
+                                          properties:
+                                            containerName:
+                                              nullable: true
+                                              type: string
+                                            divisor:
+                                              nullable: true
+                                              type: string
+                                            resource:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        secretKeyRef:
+                                          nullable: true
+                                          properties:
+                                            key:
+                                              nullable: true
+                                              type: string
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            optional:
+                                              nullable: true
+                                              type: boolean
+                                          type: object
+                                      type: object
+                                  type: object
+                                nullable: true
+                                type: array
+                              envFrom:
+                                items:
+                                  properties:
+                                    configMapRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                        optional:
+                                          nullable: true
+                                          type: boolean
+                                      type: object
+                                    prefix:
+                                      nullable: true
+                                      type: string
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                        optional:
+                                          nullable: true
+                                          type: boolean
+                                      type: object
+                                  type: object
+                                nullable: true
+                                type: array
+                              image:
+                                nullable: true
+                                type: string
+                              imagePullPolicy:
+                                nullable: true
+                                type: string
+                              lifecycle:
+                                nullable: true
+                                properties:
+                                  postStart:
+                                    nullable: true
+                                    properties:
+                                      exec:
+                                        nullable: true
+                                        properties:
+                                          command:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      httpGet:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          httpHeaders:
+                                            items:
+                                              properties:
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                value:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          path:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                          scheme:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      tcpSocket:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                        type: object
+                                    type: object
+                                  preStop:
+                                    nullable: true
+                                    properties:
+                                      exec:
+                                        nullable: true
+                                        properties:
+                                          command:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      httpGet:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          httpHeaders:
+                                            items:
+                                              properties:
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                value:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          path:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                          scheme:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      tcpSocket:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                        type: object
+                                    type: object
+                                type: object
+                              livenessProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              name:
+                                nullable: true
+                                type: string
+                              ports:
+                                items:
+                                  properties:
+                                    containerPort:
+                                      type: integer
+                                    hostIP:
+                                      nullable: true
+                                      type: string
+                                    hostPort:
+                                      type: integer
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    protocol:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              readinessProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              resizePolicy:
+                                items:
+                                  properties:
+                                    resourceName:
+                                      nullable: true
+                                      type: string
+                                    restartPolicy:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              resources:
+                                properties:
+                                  claims:
+                                    items:
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  limits:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                  requests:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                type: object
+                              restartPolicy:
+                                nullable: true
+                                type: string
+                              securityContext:
+                                nullable: true
+                                properties:
+                                  allowPrivilegeEscalation:
+                                    nullable: true
+                                    type: boolean
+                                  capabilities:
+                                    nullable: true
+                                    properties:
+                                      add:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                      drop:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  privileged:
+                                    nullable: true
+                                    type: boolean
+                                  procMount:
+                                    nullable: true
+                                    type: string
+                                  readOnlyRootFilesystem:
+                                    nullable: true
+                                    type: boolean
+                                  runAsGroup:
+                                    nullable: true
+                                    type: integer
+                                  runAsNonRoot:
+                                    nullable: true
+                                    type: boolean
+                                  runAsUser:
+                                    nullable: true
+                                    type: integer
+                                  seLinuxOptions:
+                                    nullable: true
+                                    properties:
+                                      level:
+                                        nullable: true
+                                        type: string
+                                      role:
+                                        nullable: true
+                                        type: string
+                                      type:
+                                        nullable: true
+                                        type: string
+                                      user:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  seccompProfile:
+                                    nullable: true
+                                    properties:
+                                      localhostProfile:
+                                        nullable: true
+                                        type: string
+                                      type:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  windowsOptions:
+                                    nullable: true
+                                    properties:
+                                      gmsaCredentialSpec:
+                                        nullable: true
+                                        type: string
+                                      gmsaCredentialSpecName:
+                                        nullable: true
+                                        type: string
+                                      hostProcess:
+                                        nullable: true
+                                        type: boolean
+                                      runAsUserName:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                type: object
+                              startupProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              stdin:
+                                type: boolean
+                              stdinOnce:
+                                type: boolean
+                              terminationMessagePath:
+                                nullable: true
+                                type: string
+                              terminationMessagePolicy:
+                                nullable: true
+                                type: string
+                              tty:
+                                type: boolean
+                              volumeDevices:
+                                items:
+                                  properties:
+                                    devicePath:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              volumeMounts:
+                                items:
+                                  properties:
+                                    mountPath:
+                                      nullable: true
+                                      type: string
+                                    mountPropagation:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    subPath:
+                                      nullable: true
+                                      type: string
+                                    subPathExpr:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              workingDir:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        dnsConfig:
+                          nullable: true
+                          properties:
+                            nameservers:
+                              items:
+                                nullable: true
+                                type: string
+                              nullable: true
+                              type: array
+                            options:
+                              items:
+                                properties:
+                                  name:
+                                    nullable: true
+                                    type: string
+                                  value:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              nullable: true
+                              type: array
+                            searches:
+                              items:
+                                nullable: true
+                                type: string
+                              nullable: true
+                              type: array
+                          type: object
+                        dnsPolicy:
+                          nullable: true
+                          type: string
+                        enableServiceLinks:
+                          nullable: true
+                          type: boolean
+                        ephemeralContainers:
+                          items:
+                            properties:
+                              args:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              command:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              env:
+                                items:
+                                  properties:
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      nullable: true
+                                      type: string
+                                    valueFrom:
+                                      nullable: true
+                                      properties:
+                                        configMapKeyRef:
+                                          nullable: true
+                                          properties:
+                                            key:
+                                              nullable: true
+                                              type: string
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            optional:
+                                              nullable: true
+                                              type: boolean
+                                          type: object
+                                        fieldRef:
+                                          nullable: true
+                                          properties:
+                                            apiVersion:
+                                              nullable: true
+                                              type: string
+                                            fieldPath:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        resourceFieldRef:
+                                          nullable: true
+                                          properties:
+                                            containerName:
+                                              nullable: true
+                                              type: string
+                                            divisor:
+                                              nullable: true
+                                              type: string
+                                            resource:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        secretKeyRef:
+                                          nullable: true
+                                          properties:
+                                            key:
+                                              nullable: true
+                                              type: string
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            optional:
+                                              nullable: true
+                                              type: boolean
+                                          type: object
+                                      type: object
+                                  type: object
+                                nullable: true
+                                type: array
+                              envFrom:
+                                items:
+                                  properties:
+                                    configMapRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                        optional:
+                                          nullable: true
+                                          type: boolean
+                                      type: object
+                                    prefix:
+                                      nullable: true
+                                      type: string
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                        optional:
+                                          nullable: true
+                                          type: boolean
+                                      type: object
+                                  type: object
+                                nullable: true
+                                type: array
+                              image:
+                                nullable: true
+                                type: string
+                              imagePullPolicy:
+                                nullable: true
+                                type: string
+                              lifecycle:
+                                nullable: true
+                                properties:
+                                  postStart:
+                                    nullable: true
+                                    properties:
+                                      exec:
+                                        nullable: true
+                                        properties:
+                                          command:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      httpGet:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          httpHeaders:
+                                            items:
+                                              properties:
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                value:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          path:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                          scheme:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      tcpSocket:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                        type: object
+                                    type: object
+                                  preStop:
+                                    nullable: true
+                                    properties:
+                                      exec:
+                                        nullable: true
+                                        properties:
+                                          command:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      httpGet:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          httpHeaders:
+                                            items:
+                                              properties:
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                value:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          path:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                          scheme:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      tcpSocket:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                        type: object
+                                    type: object
+                                type: object
+                              livenessProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              name:
+                                nullable: true
+                                type: string
+                              ports:
+                                items:
+                                  properties:
+                                    containerPort:
+                                      type: integer
+                                    hostIP:
+                                      nullable: true
+                                      type: string
+                                    hostPort:
+                                      type: integer
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    protocol:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              readinessProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              resizePolicy:
+                                items:
+                                  properties:
+                                    resourceName:
+                                      nullable: true
+                                      type: string
+                                    restartPolicy:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              resources:
+                                properties:
+                                  claims:
+                                    items:
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  limits:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                  requests:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                type: object
+                              restartPolicy:
+                                nullable: true
+                                type: string
+                              securityContext:
+                                nullable: true
+                                properties:
+                                  allowPrivilegeEscalation:
+                                    nullable: true
+                                    type: boolean
+                                  capabilities:
+                                    nullable: true
+                                    properties:
+                                      add:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                      drop:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  privileged:
+                                    nullable: true
+                                    type: boolean
+                                  procMount:
+                                    nullable: true
+                                    type: string
+                                  readOnlyRootFilesystem:
+                                    nullable: true
+                                    type: boolean
+                                  runAsGroup:
+                                    nullable: true
+                                    type: integer
+                                  runAsNonRoot:
+                                    nullable: true
+                                    type: boolean
+                                  runAsUser:
+                                    nullable: true
+                                    type: integer
+                                  seLinuxOptions:
+                                    nullable: true
+                                    properties:
+                                      level:
+                                        nullable: true
+                                        type: string
+                                      role:
+                                        nullable: true
+                                        type: string
+                                      type:
+                                        nullable: true
+                                        type: string
+                                      user:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  seccompProfile:
+                                    nullable: true
+                                    properties:
+                                      localhostProfile:
+                                        nullable: true
+                                        type: string
+                                      type:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  windowsOptions:
+                                    nullable: true
+                                    properties:
+                                      gmsaCredentialSpec:
+                                        nullable: true
+                                        type: string
+                                      gmsaCredentialSpecName:
+                                        nullable: true
+                                        type: string
+                                      hostProcess:
+                                        nullable: true
+                                        type: boolean
+                                      runAsUserName:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                type: object
+                              startupProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              stdin:
+                                type: boolean
+                              stdinOnce:
+                                type: boolean
+                              targetContainerName:
+                                nullable: true
+                                type: string
+                              terminationMessagePath:
+                                nullable: true
+                                type: string
+                              terminationMessagePolicy:
+                                nullable: true
+                                type: string
+                              tty:
+                                type: boolean
+                              volumeDevices:
+                                items:
+                                  properties:
+                                    devicePath:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              volumeMounts:
+                                items:
+                                  properties:
+                                    mountPath:
+                                      nullable: true
+                                      type: string
+                                    mountPropagation:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    subPath:
+                                      nullable: true
+                                      type: string
+                                    subPathExpr:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              workingDir:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        hostAliases:
+                          items:
+                            properties:
+                              hostnames:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              ip:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        hostIPC:
+                          type: boolean
+                        hostNetwork:
+                          type: boolean
+                        hostPID:
+                          type: boolean
+                        hostUsers:
+                          nullable: true
+                          type: boolean
+                        hostname:
+                          nullable: true
+                          type: string
+                        imagePullSecrets:
+                          items:
+                            properties:
+                              name:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        initContainers:
+                          items:
+                            properties:
+                              args:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              command:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              env:
+                                items:
+                                  properties:
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    value:
+                                      nullable: true
+                                      type: string
+                                    valueFrom:
+                                      nullable: true
+                                      properties:
+                                        configMapKeyRef:
+                                          nullable: true
+                                          properties:
+                                            key:
+                                              nullable: true
+                                              type: string
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            optional:
+                                              nullable: true
+                                              type: boolean
+                                          type: object
+                                        fieldRef:
+                                          nullable: true
+                                          properties:
+                                            apiVersion:
+                                              nullable: true
+                                              type: string
+                                            fieldPath:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        resourceFieldRef:
+                                          nullable: true
+                                          properties:
+                                            containerName:
+                                              nullable: true
+                                              type: string
+                                            divisor:
+                                              nullable: true
+                                              type: string
+                                            resource:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        secretKeyRef:
+                                          nullable: true
+                                          properties:
+                                            key:
+                                              nullable: true
+                                              type: string
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            optional:
+                                              nullable: true
+                                              type: boolean
+                                          type: object
+                                      type: object
+                                  type: object
+                                nullable: true
+                                type: array
+                              envFrom:
+                                items:
+                                  properties:
+                                    configMapRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                        optional:
+                                          nullable: true
+                                          type: boolean
+                                      type: object
+                                    prefix:
+                                      nullable: true
+                                      type: string
+                                    secretRef:
+                                      nullable: true
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                        optional:
+                                          nullable: true
+                                          type: boolean
+                                      type: object
+                                  type: object
+                                nullable: true
+                                type: array
+                              image:
+                                nullable: true
+                                type: string
+                              imagePullPolicy:
+                                nullable: true
+                                type: string
+                              lifecycle:
+                                nullable: true
+                                properties:
+                                  postStart:
+                                    nullable: true
+                                    properties:
+                                      exec:
+                                        nullable: true
+                                        properties:
+                                          command:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      httpGet:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          httpHeaders:
+                                            items:
+                                              properties:
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                value:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          path:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                          scheme:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      tcpSocket:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                        type: object
+                                    type: object
+                                  preStop:
+                                    nullable: true
+                                    properties:
+                                      exec:
+                                        nullable: true
+                                        properties:
+                                          command:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      httpGet:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          httpHeaders:
+                                            items:
+                                              properties:
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                value:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          path:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                          scheme:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      tcpSocket:
+                                        nullable: true
+                                        properties:
+                                          host:
+                                            nullable: true
+                                            type: string
+                                          port:
+                                            x-kubernetes-int-or-string: true
+                                        type: object
+                                    type: object
+                                type: object
+                              livenessProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              name:
+                                nullable: true
+                                type: string
+                              ports:
+                                items:
+                                  properties:
+                                    containerPort:
+                                      type: integer
+                                    hostIP:
+                                      nullable: true
+                                      type: string
+                                    hostPort:
+                                      type: integer
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    protocol:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              readinessProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              resizePolicy:
+                                items:
+                                  properties:
+                                    resourceName:
+                                      nullable: true
+                                      type: string
+                                    restartPolicy:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              resources:
+                                properties:
+                                  claims:
+                                    items:
+                                      properties:
+                                        name:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  limits:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                  requests:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                type: object
+                              restartPolicy:
+                                nullable: true
+                                type: string
+                              securityContext:
+                                nullable: true
+                                properties:
+                                  allowPrivilegeEscalation:
+                                    nullable: true
+                                    type: boolean
+                                  capabilities:
+                                    nullable: true
+                                    properties:
+                                      add:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                      drop:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  privileged:
+                                    nullable: true
+                                    type: boolean
+                                  procMount:
+                                    nullable: true
+                                    type: string
+                                  readOnlyRootFilesystem:
+                                    nullable: true
+                                    type: boolean
+                                  runAsGroup:
+                                    nullable: true
+                                    type: integer
+                                  runAsNonRoot:
+                                    nullable: true
+                                    type: boolean
+                                  runAsUser:
+                                    nullable: true
+                                    type: integer
+                                  seLinuxOptions:
+                                    nullable: true
+                                    properties:
+                                      level:
+                                        nullable: true
+                                        type: string
+                                      role:
+                                        nullable: true
+                                        type: string
+                                      type:
+                                        nullable: true
+                                        type: string
+                                      user:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  seccompProfile:
+                                    nullable: true
+                                    properties:
+                                      localhostProfile:
+                                        nullable: true
+                                        type: string
+                                      type:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  windowsOptions:
+                                    nullable: true
+                                    properties:
+                                      gmsaCredentialSpec:
+                                        nullable: true
+                                        type: string
+                                      gmsaCredentialSpecName:
+                                        nullable: true
+                                        type: string
+                                      hostProcess:
+                                        nullable: true
+                                        type: boolean
+                                      runAsUserName:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                type: object
+                              startupProbe:
+                                nullable: true
+                                properties:
+                                  exec:
+                                    nullable: true
+                                    properties:
+                                      command:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  failureThreshold:
+                                    type: integer
+                                  grpc:
+                                    nullable: true
+                                    properties:
+                                      port:
+                                        type: integer
+                                      service:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  httpGet:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      httpHeaders:
+                                        items:
+                                          properties:
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            value:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      path:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                      scheme:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  initialDelaySeconds:
+                                    type: integer
+                                  periodSeconds:
+                                    type: integer
+                                  successThreshold:
+                                    type: integer
+                                  tcpSocket:
+                                    nullable: true
+                                    properties:
+                                      host:
+                                        nullable: true
+                                        type: string
+                                      port:
+                                        x-kubernetes-int-or-string: true
+                                    type: object
+                                  terminationGracePeriodSeconds:
+                                    nullable: true
+                                    type: integer
+                                  timeoutSeconds:
+                                    type: integer
+                                type: object
+                              stdin:
+                                type: boolean
+                              stdinOnce:
+                                type: boolean
+                              terminationMessagePath:
+                                nullable: true
+                                type: string
+                              terminationMessagePolicy:
+                                nullable: true
+                                type: string
+                              tty:
+                                type: boolean
+                              volumeDevices:
+                                items:
+                                  properties:
+                                    devicePath:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              volumeMounts:
+                                items:
+                                  properties:
+                                    mountPath:
+                                      nullable: true
+                                      type: string
+                                    mountPropagation:
+                                      nullable: true
+                                      type: string
+                                    name:
+                                      nullable: true
+                                      type: string
+                                    readOnly:
+                                      type: boolean
+                                    subPath:
+                                      nullable: true
+                                      type: string
+                                    subPathExpr:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              workingDir:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        nodeName:
+                          nullable: true
+                          type: string
+                        nodeSelector:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        os:
+                          nullable: true
+                          properties:
+                            name:
+                              nullable: true
+                              type: string
+                          type: object
+                        overhead:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        preemptionPolicy:
+                          nullable: true
+                          type: string
+                        priority:
+                          nullable: true
+                          type: integer
+                        priorityClassName:
+                          nullable: true
+                          type: string
+                        readinessGates:
+                          items:
+                            properties:
+                              conditionType:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        resourceClaims:
+                          items:
+                            properties:
+                              name:
+                                nullable: true
+                                type: string
+                              source:
+                                properties:
+                                  resourceClaimName:
+                                    nullable: true
+                                    type: string
+                                  resourceClaimTemplateName:
+                                    nullable: true
+                                    type: string
+                                type: object
+                            type: object
+                          nullable: true
+                          type: array
+                        restartPolicy:
+                          nullable: true
+                          type: string
+                        runtimeClassName:
+                          nullable: true
+                          type: string
+                        schedulerName:
+                          nullable: true
+                          type: string
+                        schedulingGates:
+                          items:
+                            properties:
+                              name:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        securityContext:
+                          nullable: true
+                          properties:
+                            fsGroup:
+                              nullable: true
+                              type: integer
+                            fsGroupChangePolicy:
+                              nullable: true
+                              type: string
+                            runAsGroup:
+                              nullable: true
+                              type: integer
+                            runAsNonRoot:
+                              nullable: true
+                              type: boolean
+                            runAsUser:
+                              nullable: true
+                              type: integer
+                            seLinuxOptions:
+                              nullable: true
+                              properties:
+                                level:
+                                  nullable: true
+                                  type: string
+                                role:
+                                  nullable: true
+                                  type: string
+                                type:
+                                  nullable: true
+                                  type: string
+                                user:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              nullable: true
+                              properties:
+                                localhostProfile:
+                                  nullable: true
+                                  type: string
+                                type:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            supplementalGroups:
+                              items:
+                                type: integer
+                              nullable: true
+                              type: array
+                            sysctls:
+                              items:
+                                properties:
+                                  name:
+                                    nullable: true
+                                    type: string
+                                  value:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              nullable: true
+                              type: array
+                            windowsOptions:
+                              nullable: true
+                              properties:
+                                gmsaCredentialSpec:
+                                  nullable: true
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  nullable: true
+                                  type: string
+                                hostProcess:
+                                  nullable: true
+                                  type: boolean
+                                runAsUserName:
+                                  nullable: true
+                                  type: string
+                              type: object
+                          type: object
+                        serviceAccount:
+                          nullable: true
+                          type: string
+                        serviceAccountName:
+                          nullable: true
+                          type: string
+                        setHostnameAsFQDN:
+                          nullable: true
+                          type: boolean
+                        shareProcessNamespace:
+                          nullable: true
+                          type: boolean
+                        subdomain:
+                          nullable: true
+                          type: string
+                        terminationGracePeriodSeconds:
+                          nullable: true
+                          type: integer
+                        tolerations:
+                          items:
+                            properties:
+                              effect:
+                                nullable: true
+                                type: string
+                              key:
+                                nullable: true
+                                type: string
+                              operator:
+                                nullable: true
+                                type: string
+                              tolerationSeconds:
+                                nullable: true
+                                type: integer
+                              value:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        topologySpreadConstraints:
+                          items:
+                            properties:
+                              labelSelector:
+                                nullable: true
+                                properties:
+                                  matchExpressions:
+                                    items:
+                                      properties:
+                                        key:
+                                          nullable: true
+                                          type: string
+                                        operator:
+                                          nullable: true
+                                          type: string
+                                        values:
+                                          items:
+                                            nullable: true
+                                            type: string
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  matchLabels:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                type: object
+                              matchLabelKeys:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              maxSkew:
+                                type: integer
+                              minDomains:
+                                nullable: true
+                                type: integer
+                              nodeAffinityPolicy:
+                                nullable: true
+                                type: string
+                              nodeTaintsPolicy:
+                                nullable: true
+                                type: string
+                              topologyKey:
+                                nullable: true
+                                type: string
+                              whenUnsatisfiable:
+                                nullable: true
+                                type: string
+                            type: object
+                          nullable: true
+                          type: array
+                        volumes:
+                          items:
+                            properties:
+                              awsElasticBlockStore:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  partition:
+                                    type: integer
+                                  readOnly:
+                                    type: boolean
+                                  volumeID:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              azureDisk:
+                                nullable: true
+                                properties:
+                                  cachingMode:
+                                    nullable: true
+                                    type: string
+                                  diskName:
+                                    nullable: true
+                                    type: string
+                                  diskURI:
+                                    nullable: true
+                                    type: string
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  kind:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    nullable: true
+                                    type: boolean
+                                type: object
+                              azureFile:
+                                nullable: true
+                                properties:
+                                  readOnly:
+                                    type: boolean
+                                  secretName:
+                                    nullable: true
+                                    type: string
+                                  shareName:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              cephfs:
+                                nullable: true
+                                properties:
+                                  monitors:
+                                    items:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: array
+                                  path:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  secretFile:
+                                    nullable: true
+                                    type: string
+                                  secretRef:
+                                    nullable: true
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  user:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              cinder:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  secretRef:
+                                    nullable: true
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  volumeID:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              configMap:
+                                nullable: true
+                                properties:
+                                  defaultMode:
+                                    nullable: true
+                                    type: integer
+                                  items:
+                                    items:
+                                      properties:
+                                        key:
+                                          nullable: true
+                                          type: string
+                                        mode:
+                                          nullable: true
+                                          type: integer
+                                        path:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  name:
+                                    nullable: true
+                                    type: string
+                                  optional:
+                                    nullable: true
+                                    type: boolean
+                                type: object
+                              csi:
+                                nullable: true
+                                properties:
+                                  driver:
+                                    nullable: true
+                                    type: string
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  nodePublishSecretRef:
+                                    nullable: true
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  readOnly:
+                                    nullable: true
+                                    type: boolean
+                                  volumeAttributes:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                type: object
+                              downwardAPI:
+                                nullable: true
+                                properties:
+                                  defaultMode:
+                                    nullable: true
+                                    type: integer
+                                  items:
+                                    items:
+                                      properties:
+                                        fieldRef:
+                                          nullable: true
+                                          properties:
+                                            apiVersion:
+                                              nullable: true
+                                              type: string
+                                            fieldPath:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        mode:
+                                          nullable: true
+                                          type: integer
+                                        path:
+                                          nullable: true
+                                          type: string
+                                        resourceFieldRef:
+                                          nullable: true
+                                          properties:
+                                            containerName:
+                                              nullable: true
+                                              type: string
+                                            divisor:
+                                              nullable: true
+                                              type: string
+                                            resource:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                type: object
+                              emptyDir:
+                                nullable: true
+                                properties:
+                                  medium:
+                                    nullable: true
+                                    type: string
+                                  sizeLimit:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              ephemeral:
+                                nullable: true
+                                properties:
+                                  volumeClaimTemplate:
+                                    nullable: true
+                                    properties:
+                                      metadata:
+                                        properties:
+                                          annotations:
+                                            additionalProperties:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: object
+                                          creationTimestamp:
+                                            nullable: true
+                                            type: string
+                                          deletionGracePeriodSeconds:
+                                            nullable: true
+                                            type: integer
+                                          deletionTimestamp:
+                                            nullable: true
+                                            type: string
+                                          finalizers:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                          generateName:
+                                            nullable: true
+                                            type: string
+                                          generation:
+                                            type: integer
+                                          labels:
+                                            additionalProperties:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: object
+                                          managedFields:
+                                            items:
+                                              properties:
+                                                apiVersion:
+                                                  nullable: true
+                                                  type: string
+                                                fieldsType:
+                                                  nullable: true
+                                                  type: string
+                                                fieldsV1:
+                                                  nullable: true
+                                                  type: object
+                                                manager:
+                                                  nullable: true
+                                                  type: string
+                                                operation:
+                                                  nullable: true
+                                                  type: string
+                                                subresource:
+                                                  nullable: true
+                                                  type: string
+                                                time:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          name:
+                                            nullable: true
+                                            type: string
+                                          namespace:
+                                            nullable: true
+                                            type: string
+                                          ownerReferences:
+                                            items:
+                                              properties:
+                                                apiVersion:
+                                                  nullable: true
+                                                  type: string
+                                                blockOwnerDeletion:
+                                                  nullable: true
+                                                  type: boolean
+                                                controller:
+                                                  nullable: true
+                                                  type: boolean
+                                                kind:
+                                                  nullable: true
+                                                  type: string
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                uid:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          resourceVersion:
+                                            nullable: true
+                                            type: string
+                                          selfLink:
+                                            nullable: true
+                                            type: string
+                                          uid:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      spec:
+                                        properties:
+                                          accessModes:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                          dataSource:
+                                            nullable: true
+                                            properties:
+                                              apiGroup:
+                                                nullable: true
+                                                type: string
+                                              kind:
+                                                nullable: true
+                                                type: string
+                                              name:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          dataSourceRef:
+                                            nullable: true
+                                            properties:
+                                              apiGroup:
+                                                nullable: true
+                                                type: string
+                                              kind:
+                                                nullable: true
+                                                type: string
+                                              name:
+                                                nullable: true
+                                                type: string
+                                              namespace:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          resources:
+                                            properties:
+                                              claims:
+                                                items:
+                                                  properties:
+                                                    name:
+                                                      nullable: true
+                                                      type: string
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                              limits:
+                                                additionalProperties:
+                                                  nullable: true
+                                                  type: string
+                                                nullable: true
+                                                type: object
+                                              requests:
+                                                additionalProperties:
+                                                  nullable: true
+                                                  type: string
+                                                nullable: true
+                                                type: object
+                                            type: object
+                                          selector:
+                                            nullable: true
+                                            properties:
+                                              matchExpressions:
+                                                items:
+                                                  properties:
+                                                    key:
+                                                      nullable: true
+                                                      type: string
+                                                    operator:
+                                                      nullable: true
+                                                      type: string
+                                                    values:
+                                                      items:
+                                                        nullable: true
+                                                        type: string
+                                                      nullable: true
+                                                      type: array
+                                                  type: object
+                                                nullable: true
+                                                type: array
+                                              matchLabels:
+                                                additionalProperties:
+                                                  nullable: true
+                                                  type: string
+                                                nullable: true
+                                                type: object
+                                            type: object
+                                          storageClassName:
+                                            nullable: true
+                                            type: string
+                                          volumeMode:
+                                            nullable: true
+                                            type: string
+                                          volumeName:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                    type: object
+                                type: object
+                              fc:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  lun:
+                                    nullable: true
+                                    type: integer
+                                  readOnly:
+                                    type: boolean
+                                  targetWWNs:
+                                    items:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: array
+                                  wwids:
+                                    items:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: array
+                                type: object
+                              flexVolume:
+                                nullable: true
+                                properties:
+                                  driver:
+                                    nullable: true
+                                    type: string
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  options:
+                                    additionalProperties:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: object
+                                  readOnly:
+                                    type: boolean
+                                  secretRef:
+                                    nullable: true
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                type: object
+                              flocker:
+                                nullable: true
+                                properties:
+                                  datasetName:
+                                    nullable: true
+                                    type: string
+                                  datasetUUID:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              gcePersistentDisk:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  partition:
+                                    type: integer
+                                  pdName:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                type: object
+                              gitRepo:
+                                nullable: true
+                                properties:
+                                  directory:
+                                    nullable: true
+                                    type: string
+                                  repository:
+                                    nullable: true
+                                    type: string
+                                  revision:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              glusterfs:
+                                nullable: true
+                                properties:
+                                  endpoints:
+                                    nullable: true
+                                    type: string
+                                  path:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                type: object
+                              hostPath:
+                                nullable: true
+                                properties:
+                                  path:
+                                    nullable: true
+                                    type: string
+                                  type:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              iscsi:
+                                nullable: true
+                                properties:
+                                  chapAuthDiscovery:
+                                    type: boolean
+                                  chapAuthSession:
+                                    type: boolean
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  initiatorName:
+                                    nullable: true
+                                    type: string
+                                  iqn:
+                                    nullable: true
+                                    type: string
+                                  iscsiInterface:
+                                    nullable: true
+                                    type: string
+                                  lun:
+                                    type: integer
+                                  portals:
+                                    items:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: array
+                                  readOnly:
+                                    type: boolean
+                                  secretRef:
+                                    nullable: true
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  targetPortal:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              name:
+                                nullable: true
+                                type: string
+                              nfs:
+                                nullable: true
+                                properties:
+                                  path:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  server:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              persistentVolumeClaim:
+                                nullable: true
+                                properties:
+                                  claimName:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                type: object
+                              photonPersistentDisk:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  pdID:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              portworxVolume:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  volumeID:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              projected:
+                                nullable: true
+                                properties:
+                                  defaultMode:
+                                    nullable: true
+                                    type: integer
+                                  sources:
+                                    items:
+                                      properties:
+                                        configMap:
+                                          nullable: true
+                                          properties:
+                                            items:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  mode:
+                                                    nullable: true
+                                                    type: integer
+                                                  path:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            optional:
+                                              nullable: true
+                                              type: boolean
+                                          type: object
+                                        downwardAPI:
+                                          nullable: true
+                                          properties:
+                                            items:
+                                              items:
+                                                properties:
+                                                  fieldRef:
+                                                    nullable: true
+                                                    properties:
+                                                      apiVersion:
+                                                        nullable: true
+                                                        type: string
+                                                      fieldPath:
+                                                        nullable: true
+                                                        type: string
+                                                    type: object
+                                                  mode:
+                                                    nullable: true
+                                                    type: integer
+                                                  path:
+                                                    nullable: true
+                                                    type: string
+                                                  resourceFieldRef:
+                                                    nullable: true
+                                                    properties:
+                                                      containerName:
+                                                        nullable: true
+                                                        type: string
+                                                      divisor:
+                                                        nullable: true
+                                                        type: string
+                                                      resource:
+                                                        nullable: true
+                                                        type: string
+                                                    type: object
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                          type: object
+                                        secret:
+                                          nullable: true
+                                          properties:
+                                            items:
+                                              items:
+                                                properties:
+                                                  key:
+                                                    nullable: true
+                                                    type: string
+                                                  mode:
+                                                    nullable: true
+                                                    type: integer
+                                                  path:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              nullable: true
+                                              type: array
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            optional:
+                                              nullable: true
+                                              type: boolean
+                                          type: object
+                                        serviceAccountToken:
+                                          nullable: true
+                                          properties:
+                                            audience:
+                                              nullable: true
+                                              type: string
+                                            expirationSeconds:
+                                              nullable: true
+                                              type: integer
+                                            path:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                type: object
+                              quobyte:
+                                nullable: true
+                                properties:
+                                  group:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  registry:
+                                    nullable: true
+                                    type: string
+                                  tenant:
+                                    nullable: true
+                                    type: string
+                                  user:
+                                    nullable: true
+                                    type: string
+                                  volume:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              rbd:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  image:
+                                    nullable: true
+                                    type: string
+                                  keyring:
+                                    nullable: true
+                                    type: string
+                                  monitors:
+                                    items:
+                                      nullable: true
+                                      type: string
+                                    nullable: true
+                                    type: array
+                                  pool:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  secretRef:
+                                    nullable: true
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  user:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              scaleIO:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  gateway:
+                                    nullable: true
+                                    type: string
+                                  protectionDomain:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  secretRef:
+                                    nullable: true
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  sslEnabled:
+                                    type: boolean
+                                  storageMode:
+                                    nullable: true
+                                    type: string
+                                  storagePool:
+                                    nullable: true
+                                    type: string
+                                  system:
+                                    nullable: true
+                                    type: string
+                                  volumeName:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              secret:
+                                nullable: true
+                                properties:
+                                  defaultMode:
+                                    nullable: true
+                                    type: integer
+                                  items:
+                                    items:
+                                      properties:
+                                        key:
+                                          nullable: true
+                                          type: string
+                                        mode:
+                                          nullable: true
+                                          type: integer
+                                        path:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    nullable: true
+                                    type: array
+                                  optional:
+                                    nullable: true
+                                    type: boolean
+                                  secretName:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              storageos:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  readOnly:
+                                    type: boolean
+                                  secretRef:
+                                    nullable: true
+                                    properties:
+                                      name:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  volumeName:
+                                    nullable: true
+                                    type: string
+                                  volumeNamespace:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              vsphereVolume:
+                                nullable: true
+                                properties:
+                                  fsType:
+                                    nullable: true
+                                    type: string
+                                  storagePolicyID:
+                                    nullable: true
+                                    type: string
+                                  storagePolicyName:
+                                    nullable: true
+                                    type: string
+                                  volumePath:
+                                    nullable: true
+                                    type: string
+                                type: object
+                            type: object
+                          nullable: true
+                          type: array
+                      type: object
+                  type: object
+                ttlSecondsAfterFinished:
+                  nullable: true
+                  type: integer
+              type: object
+            syncInterval:
+              type: integer
+          type: object
+        status:
+          properties:
+            commit:
+              nullable: true
+              type: string
+            conditions:
+              items:
+                properties:
+                  lastTransitionTime:
+                    nullable: true
+                    type: string
+                  lastUpdateTime:
+                    nullable: true
+                    type: string
+                  message:
+                    nullable: true
+                    type: string
+                  reason:
+                    nullable: true
+                    type: string
+                  status:
+                    nullable: true
+                    type: string
+                  type:
+                    nullable: true
+                    type: string
+                type: object
+              nullable: true
+              type: array
+            event:
+              nullable: true
+              type: string
+            hookId:
+              nullable: true
+              type: string
+            jobStatus:
+              nullable: true
+              type: string
+            lastExecutedCommit:
+              nullable: true
+              type: string
+            lastSyncedTime:
+              nullable: true
+              type: string
+            observedGeneration:
+              type: integer
+            secretToken:
+              nullable: true
+              type: string
+            updateGeneration:
+              type: integer
+          type: object
+      type: object
+  version: v1
+  versions:
+  - name: v1
+    served: true
+    storage: true
+{{- end -}}
diff --git a/charts/fleet-crd/103.1.13+up0.9.15/values.yaml b/charts/fleet-crd/103.1.13+up0.9.15/values.yaml
new file mode 100644
index 0000000000..d41d3a2444
--- /dev/null
+++ b/charts/fleet-crd/103.1.13+up0.9.15/values.yaml
@@ -0,0 +1 @@
+# This file is intentionally empty
diff --git a/index.yaml b/index.yaml
index 3382832577..d1f06356ed 100755
--- a/index.yaml
+++ b/index.yaml
@@ -2961,6 +2961,23 @@ entries:
     urls:
     - assets/fleet-crd/fleet-crd-104.0.0+up0.10.0.tgz
     version: 104.0.0+up0.10.0
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cattle-fleet-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/release-name: fleet-crd
+    apiVersion: v2
+    appVersion: 0.9.15
+    created: "2025-02-25T21:51:37.673595386-03:00"
+    description: Fleet Manager CustomResourceDefinitions
+    digest: f1db884b6121e13483da5b8e46ede45b763ce4594769caf3aca2c768eada2e39
+    icon: https://charts.rancher.io/assets/logos/fleet.svg
+    name: fleet-crd
+    urls:
+    - assets/fleet-crd/fleet-crd-103.1.13+up0.9.15.tgz
+    version: 103.1.13+up0.9.15
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
diff --git a/release.yaml b/release.yaml
index e1e3dcb594..a07d4511dd 100644
--- a/release.yaml
+++ b/release.yaml
@@ -9,6 +9,7 @@ fleet:
   - 103.1.13+up0.9.15
 fleet-crd:
   - 104.1.5+up0.10.9
+  - 103.1.13+up0.9.15
 fleet-agent:
   - 104.1.5+up0.10.9
   - 103.1.13+up0.9.15

From 457432ba6329bdf3fb10efe29bd65a829d6b95a0 Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:52:40 -0300
Subject: [PATCH 16/19] fp: rancher-monitoring 103.2.2+up57.0.3

---
 .../rancher-monitoring-103.2.2+up57.0.3.tgz   |  Bin 0 -> 480270 bytes
 .../103.2.2+up57.0.3/.editorconfig            |    5 +
 .../103.2.2+up57.0.3/.helmignore              |   29 +
 .../103.2.2+up57.0.3/CHANGELOG.md             |   47 +
 .../103.2.2+up57.0.3/CONTRIBUTING.md          |   12 +
 .../103.2.2+up57.0.3/Chart.yaml               |  148 +
 .../103.2.2+up57.0.3/README.md                | 1080 ++++
 .../103.2.2+up57.0.3/app-README.md            |   46 +
 .../charts/grafana/.helmignore                |   23 +
 .../charts/grafana/Chart.yaml                 |   39 +
 .../103.2.2+up57.0.3/charts/grafana/README.md |  770 +++
 .../grafana/dashboards/custom-dashboard.json  |    1 +
 .../charts/grafana/templates/NOTES.txt        |   55 +
 .../charts/grafana/templates/_config.tpl      |  171 +
 .../charts/grafana/templates/_helpers.tpl     |  305 +
 .../charts/grafana/templates/_pod.tpl         | 1296 ++++
 .../charts/grafana/templates/clusterrole.yaml |   25 +
 .../grafana/templates/clusterrolebinding.yaml |   24 +
 .../grafana/templates/configSecret.yaml       |   43 +
 .../configmap-dashboard-provider.yaml         |   15 +
 .../charts/grafana/templates/configmap.yaml   |   15 +
 .../templates/dashboards-json-configmap.yaml  |   38 +
 .../charts/grafana/templates/deployment.yaml  |   53 +
 .../grafana/templates/extra-manifests.yaml    |    4 +
 .../grafana/templates/headless-service.yaml   |   22 +
 .../charts/grafana/templates/hpa.yaml         |   52 +
 .../templates/image-renderer-deployment.yaml  |  131 +
 .../grafana/templates/image-renderer-hpa.yaml |   47 +
 .../image-renderer-network-policy.yaml        |   79 +
 .../templates/image-renderer-service.yaml     |   31 +
 .../image-renderer-servicemonitor.yaml        |   48 +
 .../charts/grafana/templates/ingress.yaml     |   78 +
 .../grafana/templates/networkpolicy.yaml      |   61 +
 .../grafana/templates/nginx-config.yaml       |   94 +
 .../templates/poddisruptionbudget.yaml        |   22 +
 .../grafana/templates/podsecuritypolicy.yaml  |   45 +
 .../charts/grafana/templates/pvc.yaml         |   41 +
 .../charts/grafana/templates/role.yaml        |   32 +
 .../charts/grafana/templates/rolebinding.yaml |   25 +
 .../charts/grafana/templates/secret-env.yaml  |   14 +
 .../charts/grafana/templates/secret.yaml      |   16 +
 .../charts/grafana/templates/service.yaml     |   61 +
 .../grafana/templates/serviceaccount.yaml     |   17 +
 .../grafana/templates/servicemonitor.yaml     |   68 +
 .../charts/grafana/templates/statefulset.yaml |   58 +
 .../templates/tests/test-configmap.yaml       |   20 +
 .../tests/test-podsecuritypolicy.yaml         |   32 +
 .../grafana/templates/tests/test-role.yaml    |   17 +
 .../templates/tests/test-rolebinding.yaml     |   20 +
 .../templates/tests/test-serviceaccount.yaml  |   12 +
 .../charts/grafana/templates/tests/test.yaml  |   53 +
 .../charts/grafana/values.yaml                | 1315 ++++
 .../charts/hardenedKubelet/.helmignore        |   23 +
 .../charts/hardenedKubelet/Chart.yaml         |   15 +
 .../charts/hardenedKubelet/README.md          |   90 +
 .../hardenedKubelet/templates/_helpers.tpl    |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/hardenedKubelet/values.yaml        |  166 +
 .../charts/hardenedNodeExporter/.helmignore   |   23 +
 .../charts/hardenedNodeExporter/Chart.yaml    |   15 +
 .../charts/hardenedNodeExporter/README.md     |   90 +
 .../templates/_helpers.tpl                    |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/hardenedNodeExporter/values.yaml   |  166 +
 .../charts/k3sServer/.helmignore              |   23 +
 .../charts/k3sServer/Chart.yaml               |   15 +
 .../charts/k3sServer/README.md                |   90 +
 .../charts/k3sServer/templates/_helpers.tpl   |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../k3sServer/templates/pushprox-clients.yaml |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../k3sServer/templates/pushprox-proxy.yaml   |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/k3sServer/values.yaml              |  166 +
 .../charts/kube-state-metrics/.helmignore     |   21 +
 .../charts/kube-state-metrics/Chart.yaml      |   32 +
 .../charts/kube-state-metrics/README.md       |   85 +
 .../kube-state-metrics/templates/NOTES.txt    |   23 +
 .../kube-state-metrics/templates/_helpers.tpl |  196 +
 .../templates/ciliumnetworkpolicy.yaml        |   33 +
 .../templates/clusterrolebinding.yaml         |   20 +
 .../templates/crs-configmap.yaml              |   16 +
 .../templates/deployment.yaml                 |  314 +
 .../templates/extra-manifests.yaml            |    4 +
 .../templates/kubeconfig-secret.yaml          |   12 +
 .../templates/networkpolicy.yaml              |   43 +
 .../kube-state-metrics/templates/pdb.yaml     |   18 +
 .../templates/podsecuritypolicy.yaml          |   39 +
 .../templates/psp-clusterrole.yaml            |   19 +
 .../templates/psp-clusterrolebinding.yaml     |   16 +
 .../templates/rbac-configmap.yaml             |   22 +
 .../kube-state-metrics/templates/role.yaml    |  215 +
 .../templates/rolebinding.yaml                |   24 +
 .../kube-state-metrics/templates/service.yaml |   49 +
 .../templates/serviceaccount.yaml             |   17 +
 .../templates/servicemonitor.yaml             |  126 +
 .../templates/stsdiscovery-role.yaml          |   26 +
 .../templates/stsdiscovery-rolebinding.yaml   |   17 +
 .../templates/verticalpodautoscaler.yaml      |   44 +
 .../charts/kube-state-metrics/values.yaml     |  491 ++
 .../kubeAdmControllerManager/.helmignore      |   23 +
 .../kubeAdmControllerManager/Chart.yaml       |   15 +
 .../charts/kubeAdmControllerManager/README.md |   90 +
 .../templates/_helpers.tpl                    |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../kubeAdmControllerManager/values.yaml      |  166 +
 .../charts/kubeAdmEtcd/.helmignore            |   23 +
 .../charts/kubeAdmEtcd/Chart.yaml             |   15 +
 .../charts/kubeAdmEtcd/README.md              |   90 +
 .../charts/kubeAdmEtcd/templates/_helpers.tpl |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../kubeAdmEtcd/templates/pushprox-proxy.yaml |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/kubeAdmEtcd/values.yaml            |  166 +
 .../charts/kubeAdmProxy/.helmignore           |   23 +
 .../charts/kubeAdmProxy/Chart.yaml            |   15 +
 .../charts/kubeAdmProxy/README.md             |   90 +
 .../kubeAdmProxy/templates/_helpers.tpl       |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/kubeAdmProxy/values.yaml           |  166 +
 .../charts/kubeAdmScheduler/.helmignore       |   23 +
 .../charts/kubeAdmScheduler/Chart.yaml        |   15 +
 .../charts/kubeAdmScheduler/README.md         |   90 +
 .../kubeAdmScheduler/templates/_helpers.tpl   |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/kubeAdmScheduler/values.yaml       |  166 +
 .../charts/prometheus-adapter/.helmignore     |   21 +
 .../charts/prometheus-adapter/Chart.yaml      |   28 +
 .../charts/prometheus-adapter/README.md       |  160 +
 .../prometheus-adapter/templates/NOTES.txt    |    9 +
 .../prometheus-adapter/templates/_helpers.tpl |  113 +
 .../templates/certmanager.yaml                |   76 +
 .../cluster-role-binding-auth-delegator.yaml  |   20 +
 .../cluster-role-binding-resource-reader.yaml |   20 +
 .../cluster-role-resource-reader.yaml         |   24 +
 .../templates/configmap.yaml                  |   97 +
 .../templates/custom-metrics-apiservice.yaml  |   34 +
 ...stom-metrics-cluster-role-binding-hpa.yaml |   24 +
 .../custom-metrics-cluster-role.yaml          |   17 +
 .../templates/deployment.yaml                 |  143 +
 .../external-metrics-apiservice.yaml          |   34 +
 ...rnal-metrics-cluster-role-binding-hpa.yaml |   20 +
 .../external-metrics-cluster-role.yaml        |   21 +
 .../prometheus-adapter/templates/pdb.yaml     |   23 +
 .../prometheus-adapter/templates/psp.yaml     |   66 +
 .../resource-metrics-apiservice.yaml          |   34 +
 ...resource-metrics-cluster-role-binding.yaml |   20 +
 .../resource-metrics-cluster-role.yaml        |   23 +
 .../templates/role-binding-auth-reader.yaml   |   21 +
 .../prometheus-adapter/templates/secret.yaml  |   17 +
 .../prometheus-adapter/templates/service.yaml |   27 +
 .../templates/serviceaccount.yaml             |   18 +
 .../charts/prometheus-adapter/values.yaml     |  277 +
 .../prometheus-node-exporter/.helmignore      |   21 +
 .../prometheus-node-exporter/Chart.yaml       |   25 +
 .../charts/prometheus-node-exporter/README.md |   97 +
 .../templates/NOTES.txt                       |   29 +
 .../templates/_helpers.tpl                    |  236 +
 .../templates/clusterrole.yaml                |   19 +
 .../templates/clusterrolebinding.yaml         |   20 +
 .../templates/daemonset.yaml                  |  309 +
 .../templates/endpoints.yaml                  |   18 +
 .../templates/extra-manifests.yaml            |    4 +
 .../templates/networkpolicy.yaml              |   23 +
 .../templates/podmonitor.yaml                 |   91 +
 .../templates/psp-clusterrole.yaml            |   14 +
 .../templates/psp-clusterrolebinding.yaml     |   16 +
 .../templates/psp.yaml                        |   49 +
 .../templates/rbac-configmap.yaml             |   16 +
 .../templates/service.yaml                    |   29 +
 .../templates/serviceaccount.yaml             |   17 +
 .../templates/servicemonitor.yaml             |   71 +
 .../templates/verticalpodautoscaler.yaml      |   40 +
 .../prometheus-node-exporter/values.yaml      |  530 ++
 .../charts/rke2ControllerManager/.helmignore  |   23 +
 .../charts/rke2ControllerManager/Chart.yaml   |   15 +
 .../charts/rke2ControllerManager/README.md    |   90 +
 .../templates/_helpers.tpl                    |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rke2ControllerManager/values.yaml  |  166 +
 .../charts/rke2Etcd/.helmignore               |   23 +
 .../charts/rke2Etcd/Chart.yaml                |   15 +
 .../charts/rke2Etcd/README.md                 |   90 +
 .../charts/rke2Etcd/templates/_helpers.tpl    |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../rke2Etcd/templates/pushprox-clients.yaml  |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../rke2Etcd/templates/pushprox-proxy.yaml    |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rke2Etcd/values.yaml               |  166 +
 .../charts/rke2IngressNginx/.helmignore       |   23 +
 .../charts/rke2IngressNginx/Chart.yaml        |   15 +
 .../charts/rke2IngressNginx/README.md         |   90 +
 .../rke2IngressNginx/templates/_helpers.tpl   |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rke2IngressNginx/values.yaml       |  166 +
 .../charts/rke2Proxy/.helmignore              |   23 +
 .../charts/rke2Proxy/Chart.yaml               |   15 +
 .../charts/rke2Proxy/README.md                |   90 +
 .../charts/rke2Proxy/templates/_helpers.tpl   |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../rke2Proxy/templates/pushprox-clients.yaml |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../rke2Proxy/templates/pushprox-proxy.yaml   |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rke2Proxy/values.yaml              |  166 +
 .../charts/rke2Scheduler/.helmignore          |   23 +
 .../charts/rke2Scheduler/Chart.yaml           |   15 +
 .../charts/rke2Scheduler/README.md            |   90 +
 .../rke2Scheduler/templates/_helpers.tpl      |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rke2Scheduler/values.yaml          |  166 +
 .../charts/rkeControllerManager/.helmignore   |   23 +
 .../charts/rkeControllerManager/Chart.yaml    |   15 +
 .../charts/rkeControllerManager/README.md     |   90 +
 .../templates/_helpers.tpl                    |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rkeControllerManager/values.yaml   |  166 +
 .../charts/rkeEtcd/.helmignore                |   23 +
 .../charts/rkeEtcd/Chart.yaml                 |   15 +
 .../103.2.2+up57.0.3/charts/rkeEtcd/README.md |   90 +
 .../charts/rkeEtcd/templates/_helpers.tpl     |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../rkeEtcd/templates/pushprox-clients.yaml   |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../rkeEtcd/templates/pushprox-proxy.yaml     |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rkeEtcd/values.yaml                |  166 +
 .../charts/rkeIngressNginx/.helmignore        |   23 +
 .../charts/rkeIngressNginx/Chart.yaml         |   15 +
 .../charts/rkeIngressNginx/README.md          |   90 +
 .../rkeIngressNginx/templates/_helpers.tpl    |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rkeIngressNginx/values.yaml        |  166 +
 .../charts/rkeProxy/.helmignore               |   23 +
 .../charts/rkeProxy/Chart.yaml                |   15 +
 .../charts/rkeProxy/README.md                 |   90 +
 .../charts/rkeProxy/templates/_helpers.tpl    |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../rkeProxy/templates/pushprox-clients.yaml  |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../rkeProxy/templates/pushprox-proxy.yaml    |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rkeProxy/values.yaml               |  166 +
 .../charts/rkeScheduler/.helmignore           |   23 +
 .../charts/rkeScheduler/Chart.yaml            |   15 +
 .../charts/rkeScheduler/README.md             |   90 +
 .../rkeScheduler/templates/_helpers.tpl       |  170 +
 .../templates/pushprox-clients-rbac.yaml      |   97 +
 .../templates/pushprox-clients.yaml           |  157 +
 .../templates/pushprox-proxy-rbac.yaml        |   68 +
 .../templates/pushprox-proxy.yaml             |   57 +
 .../templates/pushprox-servicemonitor.yaml    |   45 +
 .../templates/validate-install-crd.yaml       |   14 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../charts/rkeScheduler/values.yaml           |  166 +
 .../charts/windowsExporter/.helmignore        |   21 +
 .../charts/windowsExporter/Chart.yaml         |   17 +
 .../charts/windowsExporter/README.md          |   42 +
 .../scripts/configure-firewall.ps1            |   31 +
 .../windowsExporter/templates/_helpers.tpl    |  216 +
 .../windowsExporter/templates/config.yaml     |   14 +
 .../windowsExporter/templates/daemonset.yaml  |  200 +
 .../windowsExporter/templates/podmonitor.yaml |   91 +
 .../templates/scriptConfig.yaml               |   14 +
 .../windowsExporter/templates/service.yaml    |   32 +
 .../templates/serviceaccount.yaml             |   17 +
 .../templates/servicemonitor.yaml             |   75 +
 .../charts/windowsExporter/values.yaml        |  366 ++
 .../files/ingress-nginx/nginx.json            | 1445 +++++
 .../request-handling-performance.json         |  963 +++
 .../cluster/rancher-cluster-nodes.json        |  793 +++
 .../rancher/cluster/rancher-cluster.json      |  776 +++
 .../files/rancher/fleet/bundle.json           |  246 +
 .../files/rancher/fleet/bundledeployment.json |  219 +
 .../files/rancher/fleet/cluster.json          |  484 ++
 .../files/rancher/fleet/clustergroup.json     |  468 ++
 .../rancher/fleet/controller-runtime.json     |  454 ++
 .../files/rancher/fleet/gitrepo.json          |  325 +
 .../rancher/home/rancher-default-home.json    | 1290 ++++
 .../files/rancher/k8s/rancher-etcd-nodes.json |  687 +++
 .../files/rancher/k8s/rancher-etcd.json       |  669 ++
 .../k8s/rancher-k8s-components-nodes.json     |  527 ++
 .../rancher/k8s/rancher-k8s-components.json   |  519 ++
 .../rancher/nodes/rancher-node-detail.json    |  805 +++
 .../files/rancher/nodes/rancher-node.json     |  792 +++
 .../performance/performance-debugging.json    | 1652 +++++
 .../rancher/pods/rancher-pod-containers.json  |  636 ++
 .../files/rancher/pods/rancher-pod.json       |  636 ++
 .../workloads/rancher-workload-pods.json      |  652 ++
 .../rancher/workloads/rancher-workload.json   |  652 ++
 .../delete-workloads-with-old-labels.sh       |   14 +
 .../103.2.2+up57.0.3/templates/NOTES.txt      |    4 +
 .../103.2.2+up57.0.3/templates/_helpers.tpl   |  467 ++
 .../templates/alertmanager/alertmanager.yaml  |  191 +
 .../templates/alertmanager/extrasecret.yaml   |   20 +
 .../templates/alertmanager/ingress.yaml       |   78 +
 .../alertmanager/ingressperreplica.yaml       |   67 +
 .../alertmanager/podDisruptionBudget.yaml     |   21 +
 .../templates/alertmanager/psp-role.yaml      |   23 +
 .../alertmanager/psp-rolebinding.yaml         |   20 +
 .../templates/alertmanager/psp.yaml           |   47 +
 .../templates/alertmanager/secret.yaml        |   35 +
 .../templates/alertmanager/service.yaml       |   68 +
 .../alertmanager/serviceaccount.yaml          |   21 +
 .../alertmanager/servicemonitor.yaml          |   84 +
 .../alertmanager/serviceperreplica.yaml       |   49 +
 .../templates/exporters/core-dns/service.yaml |   24 +
 .../exporters/core-dns/servicemonitor.yaml    |   58 +
 .../kube-api-server/servicemonitor.yaml       |   57 +
 .../kube-controller-manager/endpoints.yaml    |   22 +
 .../kube-controller-manager/service.yaml      |   29 +
 .../servicemonitor.yaml                       |   69 +
 .../templates/exporters/kube-dns/service.yaml |   28 +
 .../exporters/kube-dns/servicemonitor.yaml    |   71 +
 .../exporters/kube-etcd/endpoints.yaml        |   20 +
 .../exporters/kube-etcd/service.yaml          |   27 +
 .../exporters/kube-etcd/servicemonitor.yaml   |   75 +
 .../exporters/kube-proxy/endpoints.yaml       |   20 +
 .../exporters/kube-proxy/service.yaml         |   27 +
 .../exporters/kube-proxy/servicemonitor.yaml  |   63 +
 .../exporters/kube-scheduler/endpoints.yaml   |   22 +
 .../exporters/kube-scheduler/service.yaml     |   29 +
 .../kube-scheduler/servicemonitor.yaml        |   69 +
 .../kube-state-metrics/validate.yaml          |    7 +
 .../exporters/kubelet/servicemonitor.yaml     |  246 +
 .../exporters/node-exporter/validate.yaml     |    3 +
 .../templates/extra-objects.yaml              |    4 +
 .../grafana/configmap-dashboards.yaml         |   24 +
 .../grafana/configmaps-datasources.yaml       |   81 +
 .../alertmanager-overview.yaml                |  616 ++
 .../grafana/dashboards-1.14/apiserver.yaml    | 1772 ++++++
 .../dashboards-1.14/cluster-total.yaml        | 1882 ++++++
 .../dashboards-1.14/controller-manager.yaml   | 1196 ++++
 .../grafana/dashboards-1.14/etcd.yaml         | 1229 ++++
 .../dashboards-1.14/grafana-overview.yaml     |  635 ++
 .../grafana/dashboards-1.14/k8s-coredns.yaml  | 1534 +++++
 .../k8s-resources-cluster.yaml                | 3088 ++++++++++
 .../k8s-resources-multicluster.yaml           |   24 +
 .../k8s-resources-namespace.yaml              | 2797 +++++++++
 .../dashboards-1.14/k8s-resources-node.yaml   | 1026 ++++
 .../dashboards-1.14/k8s-resources-pod.yaml    | 2469 ++++++++
 .../k8s-resources-windows-cluster.yaml        |   24 +
 .../k8s-resources-windows-namespace.yaml      |   24 +
 .../k8s-resources-windows-pod.yaml            |   24 +
 .../k8s-resources-workload.yaml               | 2024 ++++++
 .../k8s-resources-workloads-namespace.yaml    | 2189 +++++++
 .../k8s-windows-cluster-rsrc-use.yaml         |   24 +
 .../k8s-windows-node-rsrc-use.yaml            |   24 +
 .../grafana/dashboards-1.14/kubelet.yaml      | 2256 +++++++
 .../dashboards-1.14/namespace-by-pod.yaml     | 1464 +++++
 .../namespace-by-workload.yaml                | 1736 ++++++
 .../node-cluster-rsrc-use.yaml                | 1063 ++++
 .../dashboards-1.14/node-rsrc-use.yaml        | 1089 ++++
 .../grafana/dashboards-1.14/nodes-darwin.yaml | 1073 ++++
 .../grafana/dashboards-1.14/nodes.yaml        | 1066 ++++
 .../persistentvolumesusage.yaml               |  587 ++
 .../grafana/dashboards-1.14/pod-total.yaml    | 1228 ++++
 .../prometheus-remote-write.yaml              | 1674 +++++
 .../grafana/dashboards-1.14/prometheus.yaml   | 1235 ++++
 .../grafana/dashboards-1.14/proxy.yaml        | 1276 ++++
 .../grafana/dashboards-1.14/scheduler.yaml    | 1118 ++++
 .../dashboards-1.14/workload-total.yaml       | 1438 +++++
 .../templates/grafana/namespaces.yaml         |   13 +
 .../_prometheus-operator.tpl                  |    7 +
 .../_prometheus-operator-webhook.tpl          |    6 +
 .../deployment/deployment.yaml                |  143 +
 .../admission-webhooks/deployment/pdb.yaml    |   15 +
 .../deployment/service.yaml                   |   58 +
 .../deployment/serviceaccount.yaml            |   15 +
 .../ciliumnetworkpolicy-createSecret.yaml     |   36 +
 .../ciliumnetworkpolicy-patchWebhook.yaml     |   36 +
 .../job-patch/clusterrole.yaml                |   33 +
 .../job-patch/clusterrolebinding.yaml         |   20 +
 .../job-patch/job-createSecret.yaml           |   73 +
 .../job-patch/job-patchWebhook.yaml           |   74 +
 .../job-patch/networkpolicy-createSecret.yaml |   33 +
 .../job-patch/networkpolicy-patchWebhook.yaml |   33 +
 .../admission-webhooks/job-patch/psp.yaml     |   47 +
 .../admission-webhooks/job-patch/role.yaml    |   21 +
 .../job-patch/rolebinding.yaml                |   21 +
 .../job-patch/serviceaccount.yaml             |   17 +
 .../mutatingWebhookConfiguration.yaml         |   77 +
 .../validatingWebhookConfiguration.yaml       |   77 +
 .../prometheus-operator/certmanager.yaml      |   55 +
 .../ciliumnetworkpolicy.yaml                  |   40 +
 .../prometheus-operator/clusterrole.yaml      |  109 +
 .../clusterrolebinding.yaml                   |   16 +
 .../prometheus-operator/deployment.yaml       |  204 +
 .../prometheus-operator/networkpolicy.yaml    |   29 +
 .../prometheus-operator/psp-clusterrole.yaml  |   21 +
 .../psp-clusterrolebinding.yaml               |   18 +
 .../templates/prometheus-operator/psp.yaml    |   46 +
 .../prometheus-operator/service.yaml          |   57 +
 .../prometheus-operator/serviceaccount.yaml   |   14 +
 .../prometheus-operator/servicemonitor.yaml   |   57 +
 .../verticalpodautoscaler.yaml                |   40 +
 .../templates/prometheus/_rules.tpl           |   44 +
 .../additionalAlertRelabelConfigs.yaml        |   16 +
 .../additionalAlertmanagerConfigs.yaml        |   16 +
 .../prometheus/additionalPrometheusRules.yaml |   43 +
 .../prometheus/additionalScrapeConfigs.yaml   |   20 +
 .../prometheus/ciliumnetworkpolicy.yaml       |   27 +
 .../templates/prometheus/clusterrole.yaml     |   30 +
 .../prometheus/clusterrolebinding.yaml        |   18 +
 .../templates/prometheus/csi-secret.yaml      |   12 +
 .../templates/prometheus/extrasecret.yaml     |   20 +
 .../templates/prometheus/ingress.yaml         |   77 +
 .../prometheus/ingressThanosSidecar.yaml      |   77 +
 .../prometheus/ingressperreplica.yaml         |   67 +
 .../templates/prometheus/networkpolicy.yaml   |   34 +
 .../templates/prometheus/nginx-config.yaml    |   68 +
 .../prometheus/podDisruptionBudget.yaml       |   25 +
 .../templates/prometheus/podmonitors.yaml     |   38 +
 .../templates/prometheus/prometheus.yaml      |  472 ++
 .../templates/prometheus/psp-clusterrole.yaml |   22 +
 .../prometheus/psp-clusterrolebinding.yaml    |   19 +
 .../templates/prometheus/psp.yaml             |   58 +
 .../rules-1.14/alertmanager.rules.yaml        |  305 +
 .../rules-1.14/config-reloaders.yaml          |   57 +
 .../templates/prometheus/rules-1.14/etcd.yaml |  461 ++
 .../prometheus/rules-1.14/general.rules.yaml  |  125 +
 ...les.container_cpu_usage_seconds_total.yaml |   43 +
 .../k8s.rules.container_memory_cache.yaml     |   42 +
 .../k8s.rules.container_memory_rss.yaml       |   42 +
 .../k8s.rules.container_memory_swap.yaml      |   42 +
 ...es.container_memory_working_set_bytes.yaml |   42 +
 .../k8s.rules.container_resource.yaml         |  168 +
 .../rules-1.14/k8s.rules.pod_owner.yaml       |  107 +
 .../prometheus/rules-1.14/k8s.rules.yaml      |  237 +
 .../kube-apiserver-availability.rules.yaml    |  273 +
 .../kube-apiserver-burnrate.rules.yaml        |  440 ++
 .../kube-apiserver-histogram.rules.yaml       |   53 +
 .../rules-1.14/kube-apiserver-slos.yaml       |  159 +
 .../kube-prometheus-general.rules.yaml        |   49 +
 .../kube-prometheus-node-recording.rules.yaml |   93 +
 .../rules-1.14/kube-scheduler.rules.yaml      |  135 +
 .../rules-1.14/kube-state-metrics.yaml        |  152 +
 .../prometheus/rules-1.14/kubelet.rules.yaml  |   65 +
 .../rules-1.14/kubernetes-apps.yaml           |  568 ++
 .../rules-1.14/kubernetes-resources.yaml      |  282 +
 .../rules-1.14/kubernetes-storage.yaml        |  216 +
 .../kubernetes-system-apiserver.yaml          |  193 +
 .../kubernetes-system-controller-manager.yaml |   55 +
 .../kubernetes-system-kube-proxy.yaml         |   56 +
 .../rules-1.14/kubernetes-system-kubelet.yaml |  379 ++
 .../kubernetes-system-scheduler.yaml          |   54 +
 .../rules-1.14/kubernetes-system.yaml         |   87 +
 .../rules-1.14/node-exporter.rules.yaml       |  188 +
 .../prometheus/rules-1.14/node-exporter.yaml  |  801 +++
 .../prometheus/rules-1.14/node-network.yaml   |   55 +
 .../prometheus/rules-1.14/node.rules.yaml     |  109 +
 .../rules-1.14/prometheus-operator.yaml       |  253 +
 .../prometheus/rules-1.14/prometheus.yaml     |  707 +++
 .../rules-1.14/windows.node.rules.yaml        |  301 +
 .../rules-1.14/windows.pod.rules.yaml         |  158 +
 .../templates/prometheus/secret.yaml          |   15 +
 .../templates/prometheus/service.yaml         |   80 +
 .../prometheus/serviceThanosSidecar.yaml      |   39 +
 .../serviceThanosSidecarExternal.yaml         |   46 +
 .../templates/prometheus/serviceaccount.yaml  |   21 +
 .../templates/prometheus/servicemonitor.yaml  |   97 +
 .../servicemonitorThanosSidecar.yaml          |   55 +
 .../templates/prometheus/servicemonitors.yaml |   47 +
 .../prometheus/serviceperreplica.yaml         |   54 +
 .../rancher-monitoring/clusterrole.yaml       |  135 +
 .../rancher-monitoring/config-role.yaml       |   48 +
 .../rancher-monitoring/dashboard-role.yaml    |   47 +
 .../addons/ingress-nginx-dashboard.yaml       |   18 +
 .../rancher/cluster-dashboards.yaml           |   17 +
 .../dashboards/rancher/default-dashboard.yaml |   17 +
 .../dashboards/rancher/fleet-dashboards.yaml  |   17 +
 .../dashboards/rancher/k8s-dashboards.yaml    |   31 +
 .../dashboards/rancher/nodes-dashboards.yaml  |   17 +
 .../rancher/performance-dashboards.yaml       |   18 +
 .../dashboards/rancher/pods-dashboards.yaml   |   17 +
 .../rancher/workload-dashboards.yaml          |   17 +
 .../exporters/fleet/servicemonitor.yaml       |   53 +
 .../ingress-nginx/network-policy.yaml         |   19 +
 .../exporters/ingress-nginx/service.yaml      |   27 +
 .../ingress-nginx/servicemonitor.yaml         |   49 +
 .../exporters/rancher/servicemonitor.yaml     |   58 +
 .../rancher-monitoring/hardened.yaml          |  147 +
 .../rancher-monitoring/upgrade/configmap.yaml |   13 +
 .../rancher-monitoring/upgrade/job.yaml       |   46 +
 .../rancher-monitoring/upgrade/rbac.yaml      |  131 +
 .../templates/thanos-ruler/extrasecret.yaml   |   20 +
 .../templates/thanos-ruler/ingress.yaml       |   77 +
 .../thanos-ruler/podDisruptionBudget.yaml     |   21 +
 .../templates/thanos-ruler/ruler.yaml         |  189 +
 .../templates/thanos-ruler/secret.yaml        |   26 +
 .../templates/thanos-ruler/service.yaml       |   53 +
 .../thanos-ruler/serviceaccount.yaml          |   20 +
 .../thanos-ruler/servicemonitor.yaml          |   82 +
 .../templates/validate-install-crd.yaml       |   23 +
 .../templates/validate-psp-install.yaml       |    7 +
 .../103.2.2+up57.0.3/values.yaml              | 5433 +++++++++++++++++
 index.yaml                                    |  152 +
 release.yaml                                  |    1 +
 573 files changed, 105021 insertions(+)
 create mode 100644 assets/rancher-monitoring/rancher-monitoring-103.2.2+up57.0.3.tgz
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/.editorconfig
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/CHANGELOG.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/CONTRIBUTING.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/app-README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/dashboards/custom-dashboard.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/NOTES.txt
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/_config.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/_pod.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/configSecret.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/configmap-dashboard-provider.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/configmap.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/dashboards-json-configmap.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/deployment.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/extra-manifests.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/headless-service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/hpa.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-deployment.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-hpa.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-network-policy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/ingress.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/networkpolicy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/nginx-config.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/poddisruptionbudget.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/podsecuritypolicy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/pvc.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/role.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/rolebinding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/secret-env.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/secret.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/statefulset.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-configmap.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-podsecuritypolicy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-role.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-rolebinding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/NOTES.txt
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/ciliumnetworkpolicy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/crs-configmap.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/deployment.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/extra-manifests.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/kubeconfig-secret.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/networkpolicy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/pdb.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/podsecuritypolicy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/psp-clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/psp-clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/rbac-configmap.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/role.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/rolebinding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/stsdiscovery-role.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/verticalpodautoscaler.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/NOTES.txt
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/certmanager.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/cluster-role-binding-auth-delegator.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/cluster-role-binding-resource-reader.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/cluster-role-resource-reader.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/configmap.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-apiservice.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-cluster-role-binding-hpa.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-cluster-role.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/deployment.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/external-metrics-apiservice.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/external-metrics-cluster-role-binding-hpa.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/external-metrics-cluster-role.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/pdb.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/psp.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-apiservice.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-cluster-role-binding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-cluster-role.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/role-binding-auth-reader.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/secret.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/NOTES.txt
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/daemonset.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/endpoints.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/extra-manifests.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/networkpolicy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/podmonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/psp.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/rbac-configmap.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/verticalpodautoscaler.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-clients-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-clients.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-proxy-rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/.helmignore
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/Chart.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/README.md
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/scripts/configure-firewall.ps1
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/config.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/daemonset.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/podmonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/scriptConfig.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/values.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/ingress-nginx/nginx.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/ingress-nginx/request-handling-performance.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/cluster/rancher-cluster-nodes.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/cluster/rancher-cluster.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/bundle.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/bundledeployment.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/cluster.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/clustergroup.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/controller-runtime.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/gitrepo.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/home/rancher-default-home.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/k8s/rancher-etcd-nodes.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/k8s/rancher-etcd.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/k8s/rancher-k8s-components-nodes.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/k8s/rancher-k8s-components.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/nodes/rancher-node-detail.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/nodes/rancher-node.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/performance/performance-debugging.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/pods/rancher-pod-containers.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/pods/rancher-pod.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/workloads/rancher-workload-pods.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/workloads/rancher-workload.json
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/files/upgrade/scripts/delete-workloads-with-old-labels.sh
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/NOTES.txt
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/alertmanager.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/extrasecret.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/ingress.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/ingressperreplica.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/podDisruptionBudget.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/psp-role.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/psp-rolebinding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/psp.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/secret.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/serviceperreplica.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/core-dns/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/core-dns/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-api-server/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-controller-manager/endpoints.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-controller-manager/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-controller-manager/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-dns/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-dns/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-etcd/endpoints.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-etcd/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-etcd/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-proxy/endpoints.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-proxy/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-proxy/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-scheduler/endpoints.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-scheduler/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-scheduler/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-state-metrics/validate.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kubelet/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/node-exporter/validate.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/extra-objects.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/configmap-dashboards.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/configmaps-datasources.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/alertmanager-overview.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/apiserver.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/cluster-total.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/controller-manager.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/etcd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/grafana-overview.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-coredns.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-cluster.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-multicluster.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-namespace.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-node.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-pod.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-cluster.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-namespace.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-pod.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-workload.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-workloads-namespace.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-windows-cluster-rsrc-use.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-windows-node-rsrc-use.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/kubelet.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/namespace-by-pod.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/namespace-by-workload.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/node-cluster-rsrc-use.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/node-rsrc-use.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/nodes-darwin.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/nodes.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/persistentvolumesusage.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/pod-total.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/prometheus-remote-write.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/prometheus.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/scheduler.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/workload-total.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/namespaces.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/_prometheus-operator.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/_prometheus-operator-webhook.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/deployment.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/pdb.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/ciliumnetworkpolicy-createSecret.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/ciliumnetworkpolicy-patchWebhook.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/job-createSecret.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/job-patchWebhook.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/networkpolicy-createSecret.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/networkpolicy-patchWebhook.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/psp.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/role.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/rolebinding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/mutatingWebhookConfiguration.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/validatingWebhookConfiguration.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/certmanager.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/ciliumnetworkpolicy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/deployment.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/networkpolicy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/psp-clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/psp-clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/psp.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/verticalpodautoscaler.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/_rules.tpl
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/additionalAlertRelabelConfigs.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/additionalAlertmanagerConfigs.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/additionalPrometheusRules.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/additionalScrapeConfigs.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/ciliumnetworkpolicy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/csi-secret.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/extrasecret.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/ingress.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/ingressThanosSidecar.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/ingressperreplica.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/networkpolicy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/nginx-config.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/podDisruptionBudget.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/podmonitors.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/prometheus.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/psp-clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/psp-clusterrolebinding.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/psp.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/alertmanager.rules.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/config-reloaders.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/etcd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/general.rules.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_cpu_usage_seconds_total.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_cache.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_rss.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_swap.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_working_set_bytes.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_resource.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.pod_owner.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-availability.rules.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-burnrate.rules.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-histogram.rules.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-state-metrics.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubelet.rules.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-apps.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-resources.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-storage.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-kube-proxy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/node-exporter.rules.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/node-exporter.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/node-network.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/node.rules.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/prometheus-operator.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/prometheus.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/windows.node.rules.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/windows.pod.rules.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/secret.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/serviceThanosSidecar.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/serviceThanosSidecarExternal.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/servicemonitorThanosSidecar.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/servicemonitors.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/serviceperreplica.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/clusterrole.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/config-role.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboard-role.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/addons/ingress-nginx-dashboard.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/cluster-dashboards.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/default-dashboard.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/fleet-dashboards.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/k8s-dashboards.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/nodes-dashboards.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/performance-dashboards.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/pods-dashboards.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/workload-dashboards.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/fleet/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/network-policy.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/rancher/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/hardened.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/upgrade/configmap.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/upgrade/job.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/upgrade/rbac.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/extrasecret.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/ingress.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/podDisruptionBudget.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/ruler.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/secret.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/service.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/serviceaccount.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/servicemonitor.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring/103.2.2+up57.0.3/values.yaml

diff --git a/assets/rancher-monitoring/rancher-monitoring-103.2.2+up57.0.3.tgz b/assets/rancher-monitoring/rancher-monitoring-103.2.2+up57.0.3.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..bc8ee547d89e63ecf27874f02411ab18c835a9de
GIT binary patch
literal 480270
zcmV)7K*zryiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PMYMcN;ghAbP%zeg%f?du*pwMN+a7o83A0D3+aQ+7BJcPM<Tq
zdK9n<BoS2s6#ylf9p$e18~5w|Y4c0&!p5V3sv<@C6(=pPmDnr*8?TLx{f59STN06!
zoKeLEWsA|1B^D}O;j;Lb5A$a{9*@6#_z?ackH@XQCzJhyy?>cJ{OaJ#$>ia~gS~$l
zPY%YD$-kiS2kL+0pIRy`{$>2$eYGd|8~KA7;|eRvnVjw*goUDWoT+6!ODP`}G$Txs
zDLSlhwj{}3I_|5)F60zl?;wOwf*3Bz6af;UGhT~~KmkIvD5hwsR3)dQ(SkzrjF+QI
z@RFz{sb!M!vaA_ZtI?7aWs+$iGJ^Z2l1dO<q7%V?B$?VCHm``lii^=jJtIj|(4CO0
zIYk2{YBJbCD8mXDe352Yse<TAxK=!&Oe$OyQ`9|1Nhb2IORTbGZ}W`kJ}Jq4+umw9
zsS3W531<nHQ*=dH&aY&DRVu3juM)FPFZ@7yE5jOG5+NyPQ*`g&zDARD@5^+YjM1Ob
zB;B9rf8OhDs^QBDXJm@Z$8geeB^4=q+f_uAR7sdeL0SEFchhVt!7ph}WU{yvQ`Gd3
zW?T?1_2#C{9*!<2y-?h?L^It>AK8iSrIW|&Cn`umuq1XtyF0w5(N8szN+wxVPtn7J
z@wk6Ae7%yCT&$+(;dnfLL3`_}RiziZsHGwzQJfdO)oQBGPsJHwDqOPu%Jv*JOLOp5
zI!^a@a7Dj&pDy=ya8)%w$LUv^0_3D3EGI0ZL{4`SlyR0*1yvRT&oRR(VR%-Md<WTM
zYrpRxBuK@j9@%P&=CmNw(I_36gFb3%`B8n9?x&MU+{qG)oG_CArJj+3s7`0C@*6ts
z*7lu`)4g;}-!FMip1!TPP(-X9Kv-$ZQM8(D8p_4KJR{<=r+;5^L#JWAjXl*fa;C5%
zFNhK}lidzAIgz?XQkp6^_1xE>LB(|PW%{r?hQqvk!kH4hD2RB08D8{Feoe(KMzp5c
zO-pl_mrqreuN#Rj+pcq4bBq2?1b@3)*C7;c*Q2YtMVDvUlH_%<e#L!-?Ya)DZ|Xj{
z!f}qPzVp_ta>EdM8~8yyOf{8@2EjHR_W+u%myqp_{Dx-1Q1&%Zj>aM`$llGzptsfy
zBU;yH)Ar~#z1Z&xw&-&Uyw}x^*+LL0UoI$n+uL1OVT*2C)o<#)|IGQ4EjrxhwCQ^5
zk6Ki^MUUGaGI2q+LaBGasCPi9b@;R$I&FtdHzCvQaOrlav=)=LM5Hb8Xd@ck0*kgq
zBFoROrIW4l8#?aR4*K3tCp$TjnV?m3Nd-ck<}I=dlxe)nlth}j6O1S#QHdFyYu0-g
zeQWqllw-M^aV&DVtEEAfYw6NLLZU8+L>Vt<l#v`=QME)l&+3veBRE3?GZcvwM^<z}
z1j`jtd<P*TP!dE~o+zFWmWKnfjD5hdn@)l;)KY&{OA>tCLFkngRMVX$2fp*&1Ynx!
z6}0P*r6fv@3clcS)D?QtiY<07$m)uV9GHIxbteh#!JVYNAv^l__kkET@v>KmDN~p-
zA^;#MF)gNgQ3bjB_n&H<XIxZT;!Eobk4vU_aY3${CJTz0sArV_`$B)v^KS$YR~A->
zRa#tNp_cSQ_O)_lO{-o+`*%sDqG_dk%Wq#`p(rE&NX~RoyVrmJ@j`G?U63><zK#3V
zRF)Z6>fgnevsE-K_$=sRwrZ-DRB&0~%XEqJe=I4v?3vDgD!N#SU<rPz2~(7%Gb$x#
zJuUvjRQLwUch*Y667)Q<eea^+xvAA!%r%lRuBw7&a29twjhKx0)4g=>k9B1Q+h1GL
z_Idv4(f?lJq9*bKDu6fYe-HNe_YWSn^}l;x?%nBsKgFLRIwEsi7YdneM{_RvX<WK9
zM6Z`rA}SF^|8@A{c{1ms#7dDIE)QMdh-3v81YKf5_2my2;*6k5Un@DHOmVd0wLprL
zRe=?e>CVm&of<3*w3g@zXLGu!g*nzc!(sdd#@Qpr4TngO`8(;EM@kSf(znqDF>yHD
z>3*H=AY_@HDN>@=B)zFM1s(MeJy~M5AV|R)&h;{&%zYxrt5siJ5+OAIzy*A4e$P=4
zP27pp-_udgogHjtx=v-A%F7HuX>MzZ9*-Z7VbM?j@)Vuaa;aI)P^r9Oo$UZd;i~53
zGP&GKACD@WUEl@jV=errs+P-2@V9!g`viz+x#zf$dcCb0=>&#98Sfo@g@!1%xUD#n
zB&!91=^-rjVqQFw$SA(|b`T0wr-1&M?=>mC+>#ZPFlBetOx+qF+S{-HP-Z$kyP(zg
zM9}#vDy}6tBjS=~<S@&4&D0Y?a(&(6LIxEpJEQSrvSXV)=NT@RT&kcN<2gAan%m{V
z4GPo>f)^yc@a!fSAI#jU0y7dAIS^93AfmAbA(S98pOZ{Y(cmS2`j%w1vQ-fZ%p_0W
zQmN#i+r)_u8`}h|p+k1)9)t_2gys*YXz*v)Dg((7D>u*1-tWbG?>55hK4q}=e|9^s
z|3n+x+1zM@9m2UkeY@PQvw5pc?VV84+787Z_u#DzgtcE6UH9(Lb#H$wbe(LAuKS-C
zx`G~JD^z{hhpLrTV??uQ@MnJ${`?wSzhjk4H_v!)|Es<U6Qh}0Gv9~X9n*{mbwtG!
zjfl!d%}E(aSp-#{X>q>kHu)m0z%Z--T#!|#IJqFJph||H#6U6}luGiPvij|-D%b!7
zOwPCTl1QhkLtyij`lJ9OC<r#JqSRR39{(2snAfX{Xht(9bI`g_wu#eljDsX#SoUy?
zcqlH&IdnsCPQ<yoHT}^G^sCdIotBnyyBp$RjD^$yNSM`AuEE5ETb;bk(_gy)H!Q*0
zcDLEND=scb<Hw=7){A}lt1`6S=DOVmj$348UnbI-Y~O`$-bh}yyykCU7sL!_t{0pe
z1u-s8>w*MG!#F!7Ms@V&^tqg(zYRuq0Y(|lFRA2W@OO_7mqg5<(t;@eIYGFh-wIw=
zP!v=b#A&6_-v$~%qyxSg=C8w4NVDb^Ax+1G<rSxXhZDQUjlmo?lrt`#;~8mfk06Eq
zNZBG-akC<>_TSFWEv)kjtL6E5vn~pY1yNAZcL<d>j6@etQD+A~_i<K&&&aQ}nmf+#
zLqomTms5lckt0get`lC+Y}J2UHO2Z%JtK!lFMeHuw#IQ{ODX-GMDHzS;!i~EZgV4*
zSSq-Yenn2A?SSzSgv~9bz`G6Fv_b!D;#J@UwT+1NX!4FC)(22Yd=6Nm3H$}w`?b}x
zU5}wV{p^Rrt_>pRCzZPHG_+3TwRhWF^Zl^=cc{(%CqVA4^|_xLa(_-7$0x*r9p{Al
zxw9QNYa&1Os@<rP?2%;OTWvYihe$06I{nMjJ?B5S3tytD0h3^q$yLEu;E*`f)E6Vh
zS)#Y&r5PmB|0_7okyPNmwLn+_*f}o>ex*NH2O|kU5>2`<^+8T2dw<mHAtu&Rla7;d
zTxUOh994PPt@1G4kE$GWs~n_bTLr!!>S+ifHL1BGDCdZAg%}~ZLq>2<)F+b?sb_sf
zP=*=GsUVpuRwxq$D`M8fsiBZs>WPEeLc#+0l>yg8{bfNf2}8K5z)Qh;j71&{?hf-Y
zVd3fMAVKA5PfwX0mMN93!-A`-bxayx>7<Q1w;}cr1lLFKduBQqtRv-pmvdLyzJWlj
zIp;T@^^NC!i!*;idpw_0M%5}DP{s4Zp3evg@>5L($&YF+OW3|BTO2PK_n*xSC}(k7
zJy1};waH}o2SP2MzOD3bx0fjdbU{{AH0a`tCpUxMhS5qKvvrkXJn8Fy(9onV5XCEA
z@WtvcFvxg-8Y?v7bz6CK?Cm%)fb21BTE8a|MOX%)Fgn7d<m`+nLm?&_70}g^FazI`
zO%0(rTONP`T54i{6VDTn3AE;PMbrX?6vIPm9e2ZkPkj6<(DS>qe|Pq~D{*)ByJtUS
zp^p4fzL5|Fr*2zH5FHGNA1P>t<rGamK6%);<iYZCcjV!YJakv$jy!x|@-Y6bkcWo>
zd3c!a-;swq^3Yw0JM!?mCl5PdnLG4OPrs^tZfDreh62hT&WaV9k!DNi95f?AHkGeo
z&O>xOcgwJgsDd@q_yW6q7C9|7&}J(rb}DcS8F6qIH5-f3&d{$+GQ*PO$R$89+NYco
z3Cb)>04$~$CAx_!;uT?FRmlXdh*Kk`JFO|do2Q*m2lFmYl6P))w|2Apq&A;Bce{U1
zce`P4Zl<*~u`lh*2PBLk_)ka{!>Qj)8y|o5_{*3ywzJi&A&_5gB9OnT;c7TUZ>ojB
zIgvZH`G+3FaEMN8hU^!g(qTsCT(5Ie!UfW7%?xK3=#pZD(f{BxwB-DvClGWvM8_pw
z5WOR{gug^>_$S-L4nkDdFbfgp#BjWTT#~{BcPPAoL~MKM#KdQIB4^>+w+)-G)6U4u
z&<-0O(DBG%vWB~8zKTOrb;+Ev+%SK(=Z5D3h@l}U=DLB;eyPhGfwjS?)<EP2B-f2&
zO^^B{>H{H(GE69NPUwmj1yW*V+%B-lmJl=C56E$}(TIYHW0oVz=ESu3BXlv-f|rOk
zqgm63Ke|LC;x1ymxjoHr1M-u))ol37pMSA&(Do#n15Vij8Ft$--woTXae;2O(3(NN
zZf|q2Vi2#rwuknfcdfN;`<;z2er){#47HAJzgjSe&3r>+=<7o7yUB+`bY^HDWr~PP
zT%;W&39_p=axCLETF9uS*$F#K<O`>0us_zc#P$c0!y8dd(VNrfh|du=pA6BKOI{bb
z-d+t5R@LoY1igVWXh8orLyq00h%$(Shkz<vRfR!tTvi3~w2HC?k(#(h&<&i^;BG~K
z`@3D;1mVnP(jlbsOD@QQyq%(Znj1d9pM#A@5_R2R^>xMbYrp%~`fj*}#D4R-kVHL5
z|9H<s>)hbFoxZtkjsN!EQxt0^*T*~H^F~ZQuXuj0#|}gKdoyBEVS9c2sl6!w>wfyh
zgFpDM5!azXS+lrn1MC5arsxlo2B+<++j7mJ1eoa({Pbi)II&rVFdRKizW@NZl=bF9
z(n$A%K0-ejm59_(UcP$$bgIurl#PH&L)muWb6HD;>MF;|WGd)M$QL9Ss70ZvPMEo1
ziUwVA)m+0qxq)GeJgM{u_0b2}*2b+%kT7Vi`o$yZwGkRkYsH&9QiztokC_V|k+*=m
zMyPxZc+&Dgn40{%U%G&bHI)Wt6o*B@uR>P_$M~6wIbrB(Neg0pJ6!50OF3N^>wvcq
zOP{=YCKXk+BK`)Q*F|AANh6%U#WZYP)Y^Rm*qpxTOyi=68)v*MIdkXq=U;Y)NM_{{
z%jFc|SvJ|*-x;EEWltH#7Z+s?z>iHP=KjNTdSrk@%BsFNnyi+Jmk0!BJudFhaxmv&
z0Jr}@l1n0}S`GABvsVT*0MG!y2;O?w;F?nqp{#H6GfWGTpOS)Oa5B?Jf3B&@e%Yz}
zf|N5N<T1-QlT<3J&GJnS${k0X%!sCFaD@f)hw2G<^!RJdBrwxE7i1U%X2)pm^!UU1
z=+2B&kmq4Vqfx-YNCSS}c&7QEhJc&-5)le_3&M!d_ox4I@kl=5HUrp`s(vH!f}D|z
zvs}LBYHigQkU04X&X#0jjZ-N%mY-eWYE1>FHrd$zuUuSEwm2i|o0TH1zD{`l>WW1x
z1yK$aHBp?0mzWlKMhn=+{yN{(f{Ac9TIJtSsrW+Ra$SY9g3DG}*JnR2FNkV=F|MJV
zZ}zZ#+uhZuT#KBiB;z92vPfLZ+`xxb)gGiNIBgV6J*8)g3oSbJmI2{z6?y+{IC9<5
z`0{nb4HF@UZk$Gg-E!<~{d7`yPv2p2U)MoCp}vo=yqN0?Z34we+&d+Ct;HGZwP%GJ
zJsKo4Ug?Ios$P1tfVqdJXpnv}uprKe0v_>vPBkSt*Mvp?r>QSM((<gX@C?eIapAbx
z<_?&HQY0WxJIFF6j(QH!Ve>LUZ~gG)0uYT%t48l$G<`LQs3}}C%vfg{Tss|LxHX#X
zARgXgjItsbozturG+Kb}wbKEpWbL?n$TO^^BhL0mhcw&oo-o_rH<RU_iV;y>TMi_7
zZK)y1J;e<<ZVDR$>%OfguYENd;@Vdlkk-CpLs)~79<myg0#OZqTap@oX%p1m(iS-l
z>V(9!^En`;oia~IyCs&41_eDtw6C;(h%o`R1)hAm-#|QrA6?SfQ`qe=B%7U24bj}@
z$ZtHLa^nd-j9*!~JEnKX^zN9x^D%7>*x_O!$N~<Q*X{h>p5zlj=JYL`Tv4+b=NIVB
z>2sN)H`1yPLO~CNS}LSM6&6Yhwfc)~sM{Gu9)(QMrIq=$^s2d$6htIb6_j_*tZzTc
zv?p<6nv+Xk!SP2&RDx`}mcPht1utbn3W$^ABYwpilLG?GJ3Kx*B4DuyW!)oE36fz&
za&(1PVZv%F1q-)32)H`4k5-B_dWObC#uN`l$yCdd!(fBrX_)O9Hm^CAt3<<1=CmOC
zJF--CYJP+j&!NP9_adqPo!D_hUGvYT5Fzrm5@41>Uj!9Gea8oy{o1*|u;g-R#%`V!
z>Y4PqDaRAuINi0A-B}cThKs3r5=a$JBQL9tuY$J@AY>F^Hc#v+Sx~9O$~&$Nhv=_H
z(ug0Of|7S|aydv0_3Qe&Sb-)qJ$l8jLF|IBWE6|Q=b=W(HI&F$R(Wq$vEDqfw(oNX
z!fBn+(@P>&eg(i33%bZ9z9a~1A*|68@;Mr(lXUz?Zwu69$e63{JNd?h1v~T6UV4x|
zdf<C|&Akyage>(`!ZFBQBnjEH^18Xpc&m}u=lgFKTPC(I5$V{ST-lE?J~`Z)P%eG7
zWU8>O`;48ohN)oeo#5zYgJr9_C~Pz#I-bAe>O>G}Y=MnCOrr%m{pRpVU}n?TLF{;A
z0_18*gbZgHX~5u%u5!u)*P5=XO;<rr3^jnN_L|^VrUMfVtcbvw>LmGpaw>PNqW=Z1
z<SvZsjAVi+=P%Jx%h^G=TX54jfL3{jtVc2`wV<$r^P0QE4$}?RppsQvruD-(1O9jg
z9(w`r+*CLXi9zh5nDb1IGR`tmDLJZOdq)+|6L5Z_YL(b;LtIr@l-|$fLxGhf%XnFR
zXs9dcG1(!Ov28+cscVqpqFUmXUn$@X$xj5=*P}6<qkCW6yB!p}=K+){x|j3pf(TdE
zKy-`SfSeJv6+}@pMN86vH2loBaNijB1|;m&;iw;-BWhw*Wo*D8CcU@hC26EC-6F%1
zNOYg13smq77Y-yPa@Sqp(3jjrX_`K8)@k_G++1e*Ddk=(HYb8GWBKL`96U-ch+bhq
zlp7t`ZowB-(;&?jn7($pS6vUnC@e1kZNQL65{)pKlbJ>uVglfjO3+KJNaB`j6wTtK
zE(%K&tc7#vS%!fHpkbMz51<@Qi>}sJVaL+**jFUDPa*ubb@c*mvKLO`x2SnX1<DQ6
zbpJ;_Go~cC7iR?BYeT#DpvN!ari||$Zs233e(&jMXG5`Fy{9mpwkH@o6+=|`{EM-8
z+am!{>3YH7tK0Z?F8MNacIfvn{gKbCk<9&T2j1I(CoOGBpcmG>lJ8azrn^UaY|a<I
z?a0=7E=SL^`?`*w56?rLWi!^!Qb%iPp2`H+{@^%YwGTKtb3~`;I<bnF!Z@OIIi7oe
zvt7u)@0!8w`hneBgTbNZr-QPAiQ173CxVQ^h9i(PLLJghcxK~H?6i8lzgjA;!=83)
z^z0Qi5^*zR<HBTJ-0U&aa;Eic3_z#ogiA^Fo>~tocr#+Mi!S$kxA8lq4oyvZ0&G~f
z&Y0~nN<RceZoXR=qr~<)YCN+-K62V+8xeBv=vY~)y_WE;R=m^zVz%@(zaT8yEQd=3
zIINsXQ5%Q)S)D_khTa|Aaur0)lHeVka8>fzXlO|Min2w5^*S}Zo6emV8R$nsl&2EW
zvaA&xV9hew70Tfd0>(H;R`AL?`o>Gy1<}>aFXQ!*n{Ijte2_*u_$QUJCUW%fVE^%>
zfc6~u!G8mTUn8j?R8nSDlLc`>A|-zNhT-O`H*H0D7%zg!wLvd?S%pn!J_0iuMn8?x
z1mMA+et1`8rZ_JGn1a{(??hjD3CZ<EGHQ`NqiFW30%YC%i%W8@nLJ)A>xF<2WlK7v
z>RiMz2S(gF2bWJGT9Ie>oZ|xe8fAhin&IM}uVMVCZf^SjAnWvSP1&3`?a5DdGi=++
z+dA*X-(gX7;l10B-1dI^fum12Uf%$HjgHxzADivs;?oQ}xdHkO!_%nhBdtIgc0OB8
z(cglO{vMTHVXCHRe=MV~jnC#m>Cw3&SOq1My`?Y82)!g?ite$x@Q4Xx2{3$3HS6Zw
znQA!G!C!TioG;9!;2?RoXme!*VEtoBuEsscogZ-o=ID;TNL5)C_ijUz(0weC7NXb!
zGUo51N@#&db5dF$Gb&DKjFwm~QHd)fS=m<RV)7o$wNb4Vt6eSOsj9H$R0b~bpDhUt
zrxZ~46D*A+wB3@brQr2qiM}I6c~80xG>XyT5D~VZjHJ$2d;?6&kH{9A;}Bxkz*9@I
zx>pn??~{FTOYn+_Vugsza7A(?xy|adBrD*z7*|FaRSCFhXDb6tkGW@)w78VYrP-dG
zT#|xUlr7G!z%+z6DigINiK>cZUNi7)y>WLo?zYC|bF(A21jM+~BB|lEM(@%1+&XUp
z5Rc5U_k8c(*oQ6@N9LKd#)dN-qHk7CI@$FNo<V)RGvLXa`!_QB&bf(5m^a(+6wYw|
zp>HJX`JBG>=MpT*d5X@6JI<-cBZO!C(jFzvy#u?oi*TMJu9ietSVRKO;@lWWqLN+R
zht%w;X2QV}*TC!V%cw%Lq6Xs|m!#?9mK5USZ1r%cH#gcF8=qs;)aOq0g9Z1}qW<&q
z&xw7w1Px??vy0TWNfmjk1}OREm!NKgFoUq#d07{VRs|WL6h#dZL|6_$dV5?0B<%Ey
zzkPf9>dgsC&=FCX7V_`S+bgdE^%pL%D5Z&wq1MB};F%J1u^{?}z$je8G#(S3qlH5E
z3&KzuxGJUJgVgr`jl-FJ0X3|P*z}9w`qZEVxP3=Z&bUw{KfzSU5Dr5B=YRiy=!>6!
zM(Im^;r{Z=^b7QZ{t4ZpUw-+a1zWFY&l0yj(K$+=zEwmpT)a7b9u56DWfvNwff6{U
zf-m&$u4@u>vePrqL*rDk6{cvyyB1I08Fd`gq-PoI1~g1fgj|QupPs%(3CzByW`Jxk
zqC)nyZ`bPI4-4LNsUe&*=N@f$zgzc*TXf-GX%2g^Hk9cXD4c6g%?;oK6-+AYvc#e_
z3-iq)(+#z^?58AB;zhjbFU+@|etK$e*-!97chuKW@N##zzcsD4?9+NwoY$g=`aErX
zK&D@yKes!Ln_W+3MFlR-8CT@I!uj;yZW;$Dxhx9wmz|PQ-+T8BKXX>ljG%!(7=tjv
zU|?}*@Stb9o}#wtXW+ZGnTUR3!nxfivq+&va{E=ZM`3^l7Fh>q5TMZj4TAlB=S2-I
zpTDJ*4QRfN0qWIw!M7oL#zknJfHW(UM-XIX!x*hHFiQ9mq<Xoe*t%1ZB6k&@6j;ia
zO+?&T;GGaFC1(X+jP}NR<I(uxXuLO~WhM9}M9#@XagZ=vuehQKWk~}d(PNF&mAZPS
zJ5TsL!OS(a!)T9gY64w%dbPFiv51_+f!XvyY!(_A{ZUTmU{zH95jzM8<2Ll$D0}TN
z>@O1p`)K@VvMuN)UoT;y&12U-GYk=|^SW>k4qE}yfroq-2BtUSQ6?2;CX!G?45bfr
zpDg;r3zM)~GJX(G%q;CT4gI2i$EA|qWN2N~ASr`QIjtvWF*tHh0rwXl{ApubL*qlv
zOH3I&bMHDk!D=a;4Q|ebUv6VBO28;wVYPHe0F*qP<vFWJmV%<lI3I??(yil|)RFK0
zc1KP_g7*>c=R^@vQbr_N@+-eE&{Ys~Y&25&1J~WhJ$o~v6cLFYL;^kQQ>baT`J`4A
zai`DCWQvZp+@-sL<923o(J#>J=VvXwNXPPX9G>f;^_%hdQ({)*!e_hAUA%u2XBupk
zDq6wA0L$QTgss*WJ5hz3kwZWKvxR$B!gR>jYaxuLW%_O`PWsn$9d#O_*{XSXpnY~t
zV|{EGSD@Lu5>zR|tRn_41i|^rWG9eLH3{o=JU6*BVzozi=sw;QGmnj+bOIeji7S1^
z2+o%AByA$DfG7@!@wzzzNyMqG>vq<X0PiDVdTlD+U3Kqr)vdYdo>9#Q&ABMu?cj3D
z!S=(>R>6i+PpTb+pMUOdQL2GhckN$(Nq+tr{lNlwS(h`Aq|&wRj)0mwmZ$Ls4cxzh
zX!eY%!A#I;{E)=m{@_62sv;~mnpF*pu-xA?rkl_i)()rv9%g-5GZYWbG>+0gY`&ZB
zu9y#W#n=l2aM>!|U7R%BK15h87wNchtliOfy@ymG&w@KAK!!7ukAmcmn)e<%yGtp0
zf|*A@#TNt=wjf98`2-JVg?FFnx=lgXq+{<T3Y*5(A_<Nt^z@rn8%ct1ZvRoalNfHz
zVB1@^xp>;?YHlEn2r{>Vw0?XNA6(7uce-*eEQ+H7g8LB|Nt#1!vg3>&?|bGaa6U9S
z!c1lv@>U7#qpqM~w39(zoe<oKO%z7nR$LM-kH8)=o)a&1uwrF8q;t0zsj^RU-+Re(
zkW}u4y)pZ7iuT8k$G)@YRDu)!@d?6tt~Z`YqzU7aTK+k3&N9(jUZ$ZEc|QvW?<TL@
zT57hera2i|Fmf~`Rs);R%F{~+Fc9zc0-B(pifqIYKj|RWL${4cuQB3sTx+Ui-$gPk
zVbzlIT6+}~#8AStdJ&wxb#V5~G~N7<PnsbX9OvKQLJN8hZ`+^Gz_Z{Kvjy>SRo2Oj
zaeax<xsfs*O6NpUVN6~i1o@7U5_qm<OT|s{IODvl8Afw*k}ECa`UH&O8ao)T4G8D?
zZ&j~;Og1~r6*ls0i7%WnO5ej7XN+Xl&rR@BpCK$1&FTURo4?Lj-msL-MKASbaKdwQ
zLKH1M9v)`k{EhBCfwspd_w;P;z2uBU$3mK%!alPx(lyo&n&<8Uc3|58koCXuv|(vo
z===@yZ)5bY|BC+n^`kEzj>q>k7Ee%)R}b`VIS(@j?CY=5!1XlPFzhFRTaZilcYM+~
zIM_kiu+u4;j3151!JTC(-l~elEV!1RING^|P~p-sdAHi;iV0Fq^~x44(td+{uvYtX
zBUulxx-CfjyVCd$aeq(h9^AUOq4N)Yzt1_&XO?hSpCnE6K`kn8+4JCeK!twebm;>k
zf6JBJqu`6!Uw2JHyyH1|-|Th)IU&Wdq)tu=fqO0>rV_>6brZx0eVXihgT5==CN}H6
zqMvug*)veaJf|gfN?NH8aAJp2Kmlin8J?5R?I3fXj4qP$FkA|)A<L$ZDQbwKNvslg
zjhh}pCg}9qJjixauc`qb_Ik2$ayA)BFLWdH*x97!Bwyl!f&>%nrVmKmOZUD?$Ka;I
z$W<$Z5PI5bbOm7xwG2jQl9GL*A!_;SIgH@l25YY7Pc>SwC9N6mN6b$tvnA17>UXbS
zpV%Lvy21mBq*1u#eo%!pB<}}vlN;@*Cg9*rhNx7Oqw@9hGcyd=RnWV+xxZ7Y+MA-k
zE{%w*FF+GBq6f8?_NgWM!-HIOe($$g!Dl8)=!j>v*CmW_Mbk1Lx_ctvDD1c*;^-$m
z?a^!7g@Y(FpWf9fod9?Ws+=2FO5e6~d&~69IOBqF`7V=Gg)}2}>H;?xM^|SA3nCzV
z;TbK+)X)1xn11xhh76y0u1JG7yJ%LcwOK#63Hf@TJ+%o%gDL+;lBsH0`NoyDtLm2e
z*Iv`#e)iTbOY*djd2F~6UmQ)?NC<1h{wSY*6ThdqM16MVTF})DW6Lnv<5l_Lw>Iol
zx=wdcXE05kW`$XfMUMFFN0O;~QXedwV}(=n!kqXy?;UXv=hMV=+Todm2AnBDXSL$O
zIxLSQT_jj!OR7kwYC-g{lZ>-V!mO`TK6L#DWD9<~+;#c_4!u->BdY|j@B*twcMwU3
z70+dSk@DQZjW|-1DW1>Uaa;`t+$4(c&z?|HA-EuUXlTc6U_l=FuTuAXj$GpCX0;MS
z<68h(1soqEh^#m>L3}|D8SIq5ouI$?qVxOD&0Xhua)AbwPvJfzh?=LK(0$`D3|C_4
znEL=WMYraRIF-5|M`MBs7qXTFY?_d|6RfI{ZP01%!OZ}J9Iv;<e`Jk<C`hE(6Cz;n
zde>?^<r16WK*V2=L&j5%u<eOP8_@B%ez9mZ?K+6tnDtRhRBIx}gZ+gW_iZq*6yh~Z
z*~cg9Wj{PQ)^ehIsV3@UyFkW3&V7Na*7AnmKlBRsEN!So3%cH7kqwrXxN5C)=AlGO
zZGfM71H3c&7)Cs>%egA=IC&o}(s7pX%;%D}Vo998Pl{~P4`3DUMUD>lV2K(Bf~{63
zS{N4wV9%OgnZJ_R>*r@SLdXfi&giCZ?~*{m9xWbdUjFP8@hIVZuE@;ZWe8o7SwyhI
zr3^T&nR_I{TnHr*3*rLTZ4hs?37T5Qhp7YiEPMyT_Wsn00T%V4hHNsiM(u+{+qN~3
zXcO^ojAmwV15@B4v)M{x>A*@HiL1j!`&+VSb;z3r@7b9CSNBZhhJ9-<7*kLfKIwAI
zqJr=Zy(afpg5q)BP@GtE%KNQxw77y7WB_>|6z{C$ZPzT!oM2|5!B5+hbi;3Q`L^-0
zt;2SQkjji-60tH`J6i0Tr;)NH$u1DTVhu&Q0b^fw-htT)b(=>C*CMLzW*dC<&|;MJ
zpEqG`cLKLY-)N*C28&xhYny5$dpoyT?;97|qp&fTy!*;^k+|F4)cbaY#5P9OATf`=
z9eITc&FJ^?nrpDsR_et~y&Pt#5VisF>$i11Xg^J3&NYBy$Jf>aAIMoWnhQ}XffZR;
z1IldGcXkaoAdLl7WtIV#DI$yM=2duMqL$BWCu>)umIS?GetZ3>)~-Pta3gVpZYqG)
znl*aP7w8#;PTDqaBtZpV%*!TQ-UEH8f0Uf*f`wCI6ntSCPHp|bOtr8W(w919Mw<IM
z@7~D;Up&`sry!Izf&%>qaZDX~TN&ai^~XLBYL_b#II6&v5ZG>_1ySQ51Qu-A_Xd*Z
zeQE~INiNa|V)4CqS~!H%>Q$PDPCd^{OM-I8A;z8#OY<&=W+f4bzH=@-dkD6{$=-N*
z&t#|r!*k;gEyx0l>crDV*W=&D$>YEO@qQ_<<#l<ze1Ptkv?!=FR%7J;E-9-OxSQ2N
zK4`t}ql}<FMS1|u4w$64ZWDlw1pSI$w<W(q(pHH4@obi$US?Q+bp2xEsUk;qcxf3)
zsIryncZe=|QJ3UNfob{L%D>Hdl8ssg1<eD0&xN&321GZ@h?FmQZl3QvB{=`9po+X=
z85#UNWHEe7;^@*5<focM{>}(RLq8aQOT#fmZ<&SSmp942IeoriTN*Qp^9({Y%gu2z
z@eYjWDPfak&Nyf*eb9u^RNQ0$?$)LAR)^BsE5)Velmsu4;M~Z==;-AcQ1aAeO$fXO
zTGrt=qL@bWGzMtv+17GYSWpSF4j59FnB|3)e3}uPXpY@R?;l2&>eJ}VI#eP-t^@_C
z9RQjH7G?%^-*&y;1ZSG;M9`>2QkggOYO?F*Fsqf1U$JIkB0V0M&4?mY!U@N=3r&H+
z)}ikeoAlF+K0fqKJjFC{XkBl0`bdVRt<5&p*(mT9{%sg;j7rF|c%Y91A;-E+S)(*;
zaIw-OH;9{iro-iwSa49#nJg4U%(*B@zKh7)j8w`#<xvnt9OzgviuJCwb#ay>Fudza
zO|Fa=0nbgh(xx)c(K^e}W?w;Y{xHNzuUI%BT@=YLtuZwcpFafpP=QU@z8e66)Un3t
z7GukJS=EpZ(sne8uf&KjBinJ~n`QFSX-YhPLH*aPsv$x2xJif;Qu46jq_<%ZI|b=p
z6;0f${_vV^C4iT)&z#ys^M;UC1<o{vglYLKgW{v(K=H+M5~=8%r--qt4<w(f0V)Y*
z(q}da`m#3dFHAC<FN}|m@)eM};@(rM(ul-a==P_32WrPSTGUuzrU-BtE)*>qnjO*-
zi+sb7s6=15B!%xZpuRo_=1#PU;cfQaa64S$7sgu!Cb-SJ|9H-~ZK*h9iZ&jMv4tRp
z*o5S1I${o~;uSCWV)YlY3f%&thQYk31pH}oz9GeTL!!Nl=9m_>Ac+m+>q$}j56;Mj
zNxW``G(~Ys7thkjoKn&SbID~}YiIWd_wg#*9(A8cIL>{8p<l>JsCPa(^w@8PXAN~7
zzek?qa>#a6L$I{LG|Cpo#-L(8o2Ql|IW;DGuZbvI3XV<c53c};CrkE7g8z|3c2)Cd
zttMoHE(Cy0)_mWKE;JMAp|2naZQ=Pn89qO~HBDZ#QCdn;31)fH0F8DleCj$h^1>Po
zF34)&rx89@t!28V1Que72Jm<Dx%cVon<sD3AIVA(3_58o##5%=VKJ__xF|Tz<w(;k
zNQ3R*CkB2Jz;7*#sdom|o;0<hWh(L8vkP+N@-Gg9hH!q}kF_KKA>hm2Fo_kFb87N7
z9`To4xi#|@LHE_wS*_Jt*++>Z1FM%xZ4T`xoGJ2Fp(QVJskb088VHwT8)0Sa)HXA%
zePE<XaVxEHKc<p-V69=C8TrIo@YE93G=~cwKrU#G_QvCJioUp<q$fOYk1dj5-ZOEk
z&w`#A;L)DTxMOe0uGyi4+&)tnX!!XhXQ!O2D7`ThyphB_bK$DbdqCJE={8$=;Ij@K
z_Nhr*ZdDtNnh4ys;oW*r#Pk^6tN`R4yivh<HN)A(uD@_;@Z|T5YT;~w_3hwzS9E;h
zxAY}f#K-J|zCCiob-lhh-UV>FV8NxNRgh`7{TOo5%%aUudzW%)o+prqvLBt}NaMWX
zH#HENHFu+$cMWVVFw79H)siq}N8;QIHPg{?hG^SNZ70FG4?cQIus)>5ctxO}YP`}&
z3RU(@o#@B(@~iY94g7b+B8t^clDd*g5L|w((SJG`P4>P@$LTnoOq&=gTUFOcY*f?N
zW2iNrMqxd=mi5!=tGE|bOw-i=f<UBjSbi}&5kkl-mHU<j95xltcrit<pPX!jxVHvk
z+x=)AOc6a=Wj_agP)2v<IecELs#fUCI=7t>6{zjZQrH%OAw7imJ(RvMFL>M*sA(2^
zLolkgJQXymy7pw`AP2)E28NaO_N@CA5hXR8(=N)XKuQquKu^P2*4=VB4?Ts=Lqv_>
z55VG~L=!p@l*9D`A>qjIlZ}6p7Dpo%*;Wtqg}pxZC!~LQKykq5;W~w<9<Hg1xZBBQ
zMMM}a>0()|0)3u;Oeq)~j=PWN$pys8hQbB(jBM;eOPmodsus@g6`3`&wBZ<s`6UsG
zN^)q<Y@pmPXhxL_WrVGEbrEHaZvSQQriD*kq6elg>eFXWCXXkN(BCG1NB66GR?zH0
z6CIhtcUz~qg&~7!N{O1MTr5UQRTd*L&vd1TmiEt}P5y1QZ{Y?xb`cjrthbNCm=SeF
z2y>SWR*IBWz$b<?^~@&15`D{$EQh>{Fhqzo)&>)kXQaFe3#*L(mj9ps{r^g+nx5#d
z4#52f@Z?8|9v+l(7wwPbE}E3PXtLZJmy-keAe?$UrwEB{4UIytO~hI_WgEn1qHe5V
zMI&tB1ONHWHkeEARBO4c>Y~_ciz{3CH?Ya=c|~)7#zjWVlM(hnzu*wXC2K)i&QG2{
z%L&dDyt@*<=!Qz&612L`=4Qk5tWwYFYy3*Rv5(Y%CPdFhR@k&_b3v{LoCz*v=mTa;
zWPewh&Jdhg%jCRwuI=Ogf-+jxWf)Opjcpp)jaC&SMy`Uy1QpMNun?0OMh{3I5$j_?
zl?<emOklaxGld)#D#$WrluMH4CSj<f^s&R)7~R)h2HL1j1C4Q#bEf~M%9uECzOpvL
zlCo3%(?_9>``oc(wY{0THTHnlOJf%_36vFe32Rey-$e)8<j$%p9<;8f9-aD!={!I%
zX8`i~yl{SrS*8c((@Y}@%h%0L<>0(hOCqkQB)jI_nK0Q-r%`);+pokK7|4P=+E3pq
zfvuNg7G<XZqai_;SWsR|V|S)ZpBo5*4KpF3`|x~}iflO^!V=4+UP&xz20}^bu?jB@
zHDmC8=rjmW1kX%wXsiP}V(zqUH$Cd%9lNcZQLE(?UGF#+dd~Uu54aMOKfHSO?f!qR
zX4N0Ei|6BK-yI!Z@c;a;<Knx=X||HD$G(MTBRM0aki@n;dhtL1bMJpX{OJ#0p3VN_
zc)qHi|3{v_E&1qVT<&ElJU{aWOiYp9+y=n+n3fjiMV#neq{gOXKe$Q;R=UDv0q;th
z&(qF3GpKPda=GjRY_N~;+>@I9gk+{|#~pq9yn6j~>IP34q>&29gywV%0#Qb7uI*N=
z!*m3Ci`0%1I4Drl7DfEpiC5kMJLRfVMh%|88-7lOpb_KTaMkBrEY6J=-uIMTSra>K
zx~*)r^XCO$P<E~d8HJkHYMElj*{bAq_nDzU@3FR{6wrM`s+Q)RBmaCMdf^fdP#>!3
za(_n;DEYSfMz~^5+=4tu?j5BHFWew)v-2e{$+>TPZUa|TS&f>(`1dAlqeM4Kf0Wj3
z#Hov#F`v3eo)kx<oRK_yb&N9qaHhQuA%o&2C0FRkPl7XF`t)s8aN(mOK&&|ju;zJU
z=e6F1XvL09R*PiQq*<&62E@F?bc7Xl_Cfbnr2mAx7dbfoKpIl_DwXd~lQT5a{F!_D
z*P-XUx0^UcTQn3me?JiS;RBAtBUv;I`z%!lpZuF!wxntQwDVe3c#-m|d9$k1v=5xq
zri5n1#<5<DrUlMOw;ixN)Zn78KednNCeb`J_#pn&U_^9`B2Rt{?<{yDdQ)b-BH-RL
z@hR;rg+6j)Hw51dI&FZpWBWIB>?oXzih0>gH&6~YQ(TgDGjN^FR^bD;4KrDgxk59t
zqzulY9Z=0INp2>oIUKVw=Ba`Bqyuc<>#h%DS@~JJH>9AGWp5{72s7Ro-I)hZmT1v~
zU{+VJ*c%5U#&Io%{ev^&6}M}!-LPIBg|Q%0G!y(v>W?DK#HuXBT|`roqNlZH3P;cD
zx1^l$S}fKc9ygRJs#WF~ubi4kxaI|3+%(4C6KMf7M-t~HWhYq5D|m>y61?=@D4k@(
zVG0U&XSi%~Ei4Tc8oh}dhpwepR>6c?V4J9Kk9ix@$hP8DHs(w0c{{Jwd!)YVe=@ga
zAhjK)ps#bi^;cDeOmGG~s9w=V_O&sJMpVankhHL8SUm|Izq97=X7OHZlYzIjbe$Zi
zj*|*f@1iJGuUF<_wS?7l7f_f^&oU4<WQASy?!!k*2y46BE*Gp@hjtoR1Q~$9<=695
zL`bmTD0JVj@n=CGxM>9c_Z3aTx?vCJ*tlDp#ID0$_s~K6)4)kDftTn`;{y<Ri#n+E
zA7qO5jMu0BFsBR`^dFXQ_VE!BHdmKfQVFh%_tnm}FDq&W92EHtMba{FhOObY%klPc
z)P)K8wmZ|XtF~AYEVAXxo38#a1IH8%CW9S+a?k3jaw(%2xk82tSD2AP?i$^a^O<p|
z3o>U(7XqHk0n0{_M-9Q~s|A4QYc$Q5<m$El`$QL=t(d}ZBPzO)i1qM>O}<9QEca41
zcyY$6uo`P?{FvYx5d}W0EWfdur9}aJVBFu(H}LF`jOCt&HQs;*{<?FupY~Lu@~B-c
z3~WWHruH7RCYolUZPu0GwbW){?S&npS`=P#?IcVOUITtSemoupy+kf`;LzvQ+LSq^
zpYO%L<+wj?(A8#YvN`K_n@3%PSCpE6f_liL!SOm~Q2%-V1P{2g!e>#lDViL}tuV7I
zKHZ3#4cIe%2N1R7xeqA?%@JWa`l%+yZM?HJdMjQ)t0_8pb@n;{*p=#hPP!AG>pc%P
zC9q8XsR03uY%PgIOM>%4->fbN<_{f5Uy}deHHQs|faMOld*zrhU+;rNGmPhiJl-dh
zy*&FW+aq|gH+eLlJjP`2fMj3J9zEWF_~rQE@px2SECMK_Ad^YD;KS#82M5XXy+>c#
z;h8x!!?$VSWRGyWhIF@fZ5>G-qGyn=8}#d727%mRlwFty5v=>N7r#IiX*ajgc%%Ui
zSSyDnOOkR%a>xwcC`0uW&Vt}ugveXa)r!{wXXH3PBD$*%F@<yEr}aitm;ZrDlf?l}
zv4Qa1<*S;SFXuG(N{#TH=ni2G=$j>AJ?SEljYqI^H<s1hJW|yr;WSFL+@^;vqoFyu
zfgwKh@yImX#Gh}=Ie=~a#4v$GWnLF4Wihf<eEj`77=qyZ6)RSuYDWu+5t6k=<H9N<
z1REM{+;MJ$s-g#)10(pNL$~BQ_4!RIOOUrHMBGu%MjqWLTa1PQ{2kPfdYy@dR|`xr
zV)&-Wd6VdGpkF)$J$ArV`mcc)h^1_o8c(epXWVh9UYK;aqrd(rIn(29SVfbN`hr&9
z6G7*zsBgdeA%h$FN9fP~D%BM4=bup}C{uGZ_`hUuk*4x88=&;mJdf|+=+W1!1#{`%
zB6pj8;xom%9hUXXXgV;<eT11M<o3mWG$RGS>P<7<I3|GL2i`?qDsudzy9BpOBK>IW
zC8hUIA^m9Ffcpd~qz}f8;I?%JP2=OWgKm{4r=T-|#VQHqZOD!@N%tP6;{+EKWlqUs
zxI%;(I<x8W8v`h1t@V5_r#X*S70&~*={<d}VW{pTJ1MmB{|cSkpk6S&1SJdqPm_lX
z@%j8uO>yS`If91f|EZ>?ju$pAcZ29zLb;NPl<sNFa}&}gR_19!|J)TYkZ)HhfJmFo
z(MN7gC50F0mtO{s|8E@R`kmRv{xV{HM+)_Nv9+ATJoxb130D!d);?b0u+=3NqYP(D
z(%aq+j+eyCoV`A>Ew9%}{MmZG>hA_szqcM_p&y1hkb!Tp?4Xuy7QaQ^86qhwwK}3r
zMu#>ch7)Zr<xMMRa5v1+0cfU383ZL+ulWu(B47`4GDQ#f9|hlx$|$J56Kf)^mL9jV
z=7x%-jd^u9q}6?LdZbT&m{k{t@*fYG^Wp7c{Y)G9KWQ6EG%!%3_2l5RSqo)~UeLu7
z6k$!IrX|!wq=It=FCkJbi72lS4K1R9MsDDe(K$V2WGk^(AH>Pt51rO)lX@z&!!*_c
zaB!~*zJfdUfdg#wsyg*`yyX2#&5w|b*xWFo?-2@OMm?E{V=PS-4fb^-cgwqMjb1(a
zYh-I|g-^!8lP&^sFNlDI_{TjLH`$Jw?2DO<A|@4)>Y2bLx#HrY|7j{Mo)#D+P#4pO
zivke!B5)GpWyKjh0SGuH<j!!o(^QC0hU_|K?0~=$0dc8jH57y^YRQ2Ed|1&l_|WI&
z(crp4bg0-o`)3Aa&kfvfB;@Ly5U?h9`6o>$ewP&dE-Cn3Qt<am3jQOXS=#K$l%)z`
zU|mm8o#7U3lc}abmIQfz&T0Nbs^X^edrvU!6prXf@Cx!NNJ%eAu|kYfxoVaR&Fbue
zI0tSN<fG07Z$uz_xB6!1_BuOvKHTTlVsLKY{ptQVog7?`)4l6)y08D!KOXA;^gq75
z9;aVjkJCrj<Mi?MB;7l>o}~J}uMV#FuJ^C^(}U}W*ALT!>o2drx_)&1_<C}1y?1c^
zaD07WAB;uqyw(9LpCFgwI{N5?H}8^ee?&IUFM!#HHb>W&lCH0wz2DDULEwE=UD}j$
zE$qh)Htn;${{PfK`V*|FpH{>=o}b&e8;evO?lCY_Tga)r%%%???!U+LBethG=TkJp
z;wDzCAV#HV|D7zk)K^7zm|s%KJ$qIdZ|1e`xAy&IqoUba&ukqkg|nqk!)^Ic=bvu5
zjnw&J%II3!OCKH>`<F{=9y@~(FZIUZUC^aZh;7d|>xpFeq@19a?E|1%XuU6ptVpIF
zxEtO3#>`fr6BX_FwIyd<I1Gp~A@}uR?jY%ebsI59OCl96tNz{spTO-Qc`mX$*w?O7
zd%$<>@f~}7#~#1$n>p5w&`awzr8SIzNf~C7xWEg!!OJ$FER)1rT;79qpi<UEjvnuQ
z8PNd%7@z+3xSi&2lworlndlNbm3y-9)l7GBZ40^*eCEPdHUc&kw*~7|Kbrx23y$-8
z51&|{kqqk#p|JruLW>0n-czr*wFde-JL12bCsF8T{mc!@>U$>X<k4<-@T1EKE~+J-
zAOSisFi3W4Mg5$_I@>O&!S7U{a*O}s2Ehs(a7?1bU}vA4yz$y|FIKG;2b_GeN$$Gm
zfuCnpeSSZi%X769T&aTOUi4C2;o`dBI6udiMBoKEpN!?TwY0^xYDq-=>A}5i<~BmO
zxWX%m{y_vsb6OAs{^Lz}F3;~%exB7rXbFt+bIp~srsKX|5xQ8a&YI}cCC?$Xer`WW
zP%oUDlIYWwpjxUh-|UaD>86E>mnS^zB^RrYw@3#5`TY`C70J)_zFf;ITy3|hmEf5!
z_-MnsuLpFV6PXEGDK6wS<OMnh+4)*6?f&4m?ePYgjVh9PnhCe6zWfRZ@Uuxl69AWd
zv{~pOq+hg0xDdRqVz!y_CUZ^C0BF9e%eU-5{o|kR^-J2#RCbMxeLDk5uq}VX$v@8j
z{>KM@>KAEy3?hDr8%A^MVKAbuxVSi1S#@4ZO}EV9bKmPc{vINariX2k_uzKZ`F-AD
zhQ;aLU>ogkcj)xt(CN3Q-y04c9fJs5lQyA=p*5M?UD_*~*AmjuLBMy!IrZ>NNyn<{
zNL`;9*pDJ4)R9Imth647K4XjWZxl-mVY%Dj-|YrFG4F1Rx7_027vr$`x!OCH;f`ha
zuq=bPBQv*tD){4=55q@>Tu_fS89wnPFPiY6Zp8i2C1Vil0J<zz-enW=OjJDIwb=|-
z==cPZc3DT{Ij<r4gLAGWt!I$+R!+w0<l!WJnC|U$zU+6tJZwg49@glcVA>caA<3>u
zifv;yns5iu-`W>ryP+E0&?(a|s|$#JteH1Q8e;}Hv)aUaIm%ZImo$Uu^BI;VKZWT#
zOao_)7$^_Z^0?mk+$*7B_>_fBC+Xf^C+p=D#<zo7aUK5Su;rdJjD2xH7t`!~5@fsX
zGbHz}(VZXPouTs1Q2CoOR2s_h(!N#f$t9%!^4d`|d56ezVbgm=#0RqN29MT<UV`pl
z=1g@S3tg9ee>>{bYXw|WKeW9z?3;CTF*zAcTq(M5=vFaLOj>301bI#hVqSrd<GM!r
zCl~Y|Cdvz*Qf+$pSXW2v)nTl;K<@1lo?Xz&BvBzk(YYQgF=*-%R1y~Rq<y~IA;b_*
ztSe&pGM0nQ7VU2B&Noiu0n~pkQS8o%@t-vo<>QJ285iV;$rMr)6KZp~QK_kpUXLRN
z5hS)+pC{oBJg_12k0%HF9Ujwv?Bg*n9?1kAQ30BqGkM2R-f@(79OWHH`73agU0QU<
zg50qncPz+<VL>dL(aVBZzQbuI+bl>cK-4DqW3t5ZC#PRFRADk6A3U^QLLQ{~E-zL&
zligMaYg!$=H|ui8sN69scZ|w!icz^^CGJ>>J67V(ha%h-%WrJ<zP!Wu_gLDk{Zl@7
z#Q$hKG*MaZnB=E6SMo*xjzDq0i@k2}8JXwxn0-FL*jTTNK9YUjF!_7?_TAKw!}lL=
zuz$nCxAS}&YlzL4=`!uZio56CW-C;1oVzD7AqPEWiierNFf;RTn*q;;y2qj81ox0X
z(u4*2=kVP#aR#`F0@GtivVsz(l8gxD)=78L5m1K1R`x3CK5oj@V_F3!n}TP!SaPXc
zVTPa4g4krOVIE)@sT{QjX+L1!o(T0$5a5G@azR$_4kWoCt4#^u?v&DZvfiDn_uG~A
zP+#7@O;j%?c@}~rbnd68TlRw|LBA0-c+a)>J7nkYB-cC1_195?1IfwjqVdE%b04<z
z!1e7vBhEhJ<^6pAX&i3%KZ?U`gD7_l=p6%k$AJDW8PIk9sSTC?XL3vZ&9KH@0&VEw
zhxV$ybE~~$=kM70&zYS!udY~D{=_{(b2A%nE|1TIh2KhrJ{j*leB5Dao3A%}$(Xge
z<7V%;**k9bcgM~C7C5*y<Y+w`ZWiTJvfw=oa-0VFj&r-?+}@3I`y5vDBkNZ6upF83
z`c?hWoSL<7;j|x;?`9wLPdqxXaq%=vxBlvq2tjja1QIix^}b^+%$t*zrrD3d6VK*^
zgiKQJn_nM?Q$o#?%3W^h<MT^F_kBFmN9CG=zWX?*&x3ag2HC?ueMTHqd!XyMsLzRy
zYL9s>FBP6W`?lL{j-G#^ea*>hJsKAszxU+ff?m3OoF=({A*Aw;?g?J{6O?0xcY!Gq
zG&c@Q;!^J$%}GergC5pAg7C2znqTMo4d%O^tyyywf9T72o9p;}*qdK{h5MMCcUMrY
zQBkc^Qr)DcTCb>DtE$pcL%%+xc^mKu&;YvfuYVYokw+E#&M?#g4oLswsjb@=*=;t1
zvc(ys{q~O`vifa5%b~yISX@!ImL(Yu(K9YGV#a%f<#NWc$k7w?;%e?c_!rs{xg-qH
zISPl18nj1CtnrXApNrpVz~((2$#BuS%w2$ry1T?LWys>KtF(#Ht9TxXoWSnF4R9}l
zanDdmy;qJtH_wH;H)MUXHK{Pm&1#h;X9&{P>FcaXzScZ6?^YmWs~fR78pS#W6y5|r
z^bbfUC`mG27!f;d62zzQ%5h@Uj|q936?IO&{$Hc}Ik~*91kbMJN?u=LF)HY6l=JL@
zh*A1S|HZz#FiQXU;Qk-3M-Mi4HkXN7RV3)>KCTs?%j+3s^HQCcRA$$+YJP3<cklh*
z*9N)f@;WE8+WdW4Dfmm3)m&cBYe_OyTrcYdQN?U7uc_pZzx;B1UH(*)np`tEm)9mM
z`N~X5|8Fj@E2+33*P_bKD_W7cymmgj@J~2B`d>fQST5&~v41YFmB1O9OQ0cZ-hYpD
z9`7a#^e9R0q=Y*u;Z92UwWWmb_!TNRTcDaLTIlZ04D8E`=4~#ty#Vo<%MbsYjQtHy
zQ*6Oy0%r<$tLE$FIh)J#`<gvc*Oph~4DJ#p^}X@nJpJRXc+Mt2?H&LB+3^4Rv_KlV
z=uJgUZVn3~luJ?PJy2xKqQ0^#+N0itjd~*qy7%+XNRhHCGz&g()(y8OQsL|(o!3R7
zCow=N`sEkDQTKv}uQbbTYen3z>FA}u+jx<~^k{}9F^`uCqA+DX80qzrcxvW7izee;
zG&b~lfyE3jh~o!45CM)LmsFGJ@2F<UR+j8e#&$esN?=76D`$#oBnt0rYHNV5*)(c)
zAaM(eF30KqV|xSW71Y8)1%|EH&(9FU3LfK49aQCHfF7$hf@=bmwN#eFciyKUR~TK3
zKUKWIY>{%Y7*!XGQ6^TE;v-ea(XhH$BpGK~Jg|wERUuzc_Pv2NMfM-BpPx-!3a&Sj
z2#Kzi9Gq^=YM6w<RGJjd`Ud>=FHcb==%vOK8_Z^nc8r)b&^XW0oC<QKWlbZ8C~jXn
zGr(YN;F`@#D$Ol=MP^IRFWg)3iU@`a<3{kvKC22clWpMY`=!?4n$0<dZv89%dQ7B!
zf&2X%r~6~)L}B*?K_nhfRzz9Gh0xN#O7~J?rL2f)X9t^7;tQKynF@4;SAEfZsN#w+
zMZqD?f_EvIo5zogK22ev3_<ma^jEt?UV{7{*b+D&a*Cc|TI{0Z1>=IazhALqjRZxZ
z*%;TXrwApQuQ)X#UwSNUkv^8SU=j^9iVk))*MSD6{Qz;bB;txnf(E*8<Fq)(w5SC+
z;RVfBp(|r}q%CW5X5Q^GXWMvwF9|B~TUyp-bME)Y=7Nt~!AV|ojE3kCojiSk2+O$M
z_$P;GR<pby=xRx`rRVv8eNo(b$`R<_VwQdK&)RRT<6P(jSu^8@LrK1i?89hE=#wir
z2fuaz*Sx;%eAx|<41WVd3fJg(?q;)#7KCa1BoM;st;XSCfd6Bt0y+_lJdO=@ue&aZ
z2Wix_elD+=J>GS-5I83i-RA;P=T`{fqvS1>N<J{CN`z&bH6uFHTx#M$r|7?U4X3Gg
z$K9NROPUko<HWC+>)M#c@si*i$S^I5?s&y(bVcPdehrv0ZkT|`_=m7q@GMXDUzOlL
zrj(ELDooLdAZII<-BdBjNkJ4zDvPq;aei@DXBi<mu`y0wsdE;(6Bu=uzco6NcVL@u
zU4ZVY>M}0o`xH$=DS6XH6|?lM3(L&>G-Snsm#Zls<vf!kc;8?oYL;mB&N(1BBqB+b
z&qj`$=lKzpqONq6Z|ZzOl-~=}S&84iVfYf$La&0JNKi)EVOY|)G&k@DJ;dal`2(}!
z>v;s**ZW=h(f+9L>H03+`p7K6Hf(?yLb$w+sF?5;y~=wBV||r!ksF8OD=sdyY?|<S
zqLw6?@waO^1-)SSlG7Xv`fSnS6jDEkm<51N!y{o-WLjv~(opO6Z?1NGWm>oBb#mg`
zGZCBto+ti_4!&DmU1A3^>YPYZerSrD&BwLkAjq9X6<+fT!osLh)b$K7f0zq2ZRXU~
zW(P~c+e;F@XWJccFw!2fi=0*?{$zLg_#_;dIYZ#)<+(u45W(3J1f#GTup)3N)49(E
zp;i?f?|UzKPBfr<L6c@ZY~d8`PsWeNJDq~pda(Nw|3p9PIGtz=2ZF;Za@+OW3aK*A
zGEylyvTbEzpPZp=;l7QAWnCzm=)pMbl6@0y9AfnBjG!A1<~hgt3>TPXM4;o7zGd!P
z<$-SZjcqsR>$nIi*sbm>Iy28oVYVRM!5tCC6_JL?pwge`oJjDT(^Q|=iXigVkO8Cw
zp3iBfOTbbAStTGtph3FiO7j=q=ecj-4%TY}%CV?V41j2SZajKb!tV|RcU`OFlU)?9
zSYN*y$h2t??-G?tUwg+VdP4<~QcEk!@~JKTp5-I$mg(K{7i|dhru)8@L?nxv=ENi7
zXy_Ivq1DF4J3fhaa|n~Lx@sf)*>orVz_<&f%eJ&sq%vY#hUl=NJhzAKAh*d^1Ae<v
zS3K{iG`%VBoyXe`^>FQ252a@R5k@D1azWMVNr9yVM_L8%&q{Nao29MV6<e3Z5m-CW
zbG|^&K&bUC-$;TAzL=K^-M37@1AWkbl$_~;MWE-?zfJS0Z4-5&Z!QB(GchwRsRHdG
z5rPX7`5QudPA*9?HKqLwSZ5*OA+q*T!pG(Y6J$Z9600ftsm806@}Q*BW8%6@V3sY3
z7?o6aPx7QkE17s%Jh1}^m?r8K^9Wa!<*d-0lEQc~qbFL(N>{k_cCv;<;Kfukm0#_p
zWB*YuaYS9Kx+omcI-bAe>O>H!QU15ItHJrBmxK{1%^Q>LJuGbLi7vc}X|_s-*Goa<
zk{9_D?FWn`RTLLTq`)h$I@oVkxgvt{yscD#^{*j+QvkIQW;(ivNNtXDx_)ND6@Q$m
z9emW88HJj$tV#5*&Op^8$y(K0z#tB7v*ulWgtDrhqP_9B48EE7&EfM4>c6|5I;|)D
zttZer5Q6PPb(*gO-iO&&%5v1)k&U2oU)I?YVTlg^dWN3<<?Mk`qhz&I`Y69VZfaz>
zpc#L#>-(CK4C^lJLo!KKU`BjzvlYP1;AR5HjhdNgQ0PGu^Lv^fcyfGnYUHK1(o=#e
zNw>DlV|(?NT&kCbwd|@PER8T6hGuA_;WP9lf<===B1h{jYn!<WV9-qD1?8+G6Y1iv
zBE`t{yl`eLzfty;^_(CreFdntJ-;0(#6|!n!7NXd@2)e*rl@U0x*)458eEXoAiz3z
zLrl@&=}$E-!ZJ`$Owj=T4hzV9PBJw`gO}VT#u#)jeT#CMXJwkwdX+lF&vYe}_g)_i
z{esA=m%XzzZX_+ukFI;@ih}RRKN5LV3(6LDs+28^BH4a^`j%uhn7*R6F}l1aqLl3l
ziP4iheOqb%8Fs8y1G#OB7lG`N1pgxmOmj_xa7&L_Pq9_I_mm{a01mBsamk)7$(b}l
zdwVHyNer{!>L5XrbT8dc9|m6~!6I9>hms&BC#k&5QYRqgyu_5HHa}pia=A)#CQ}0|
zmGyj1-v(89rMl~ySS19@c_?r-t20G|y+Lmik~2B>8VBPZ^@KA;-Ud37x%^h}x|*Ud
z4-WR58H<`7ZYX)l*(v9$b&W#N8%adFjU-vd%j!h%IW2<Q*okeYHPbiZk+pC(hwF*c
z1|`-EkVVNE^;BX-{PyQ^v+~LHlGt84=hIg`Teq^fDEQThpqI2D3-VNExWLBh9BZC5
ztMZB!E4`r4yu)2<X)|2m87-)yAr2yNCJ2A)-9LQ(JXpfxx#`c?F*G^Tmx$5e@=76I
zgKX?|Wt1(@;mI+|1j&sZO?FhQn-yz~GaOh=)_bw`2oW1Z1<Dqh^dxLS+1mu{=k}_G
z%#jPiTAcnQeVFdwp3!$h>EW$FOadDV_Oc(!wD4#Bvv_18g6Zq^{E^Q(l4!5!XqUHF
z8@RO@<~<BCc5GcK*%Wk`3OnBJUDdwXn-y%G7o=HZsk=-HEyFbD8!IK~tXA%QW8-|=
zm~bUg8d(GEM6Z|BJ7`Ix#bRJ6bU3e;sHVAQdW~6OVSl9Pi_1xR0*rh#y6CKae5$gR
zOo#MX5BQekIBN1P)VSF<Pj@xzXtd@UznhJL`ljFv?3(|B&!#uc?^hv~F{$jIp)ve+
zCkWrIn)<geL8F|=0$(P@8}qj}Y7_T{xc*o0Fg5DhT-~yThI2S;?Ho7=K0hHMSdQG@
z*P7~SAl_*KJn|2mZo^Auw`o0TG$T~Xnut>}4+UCl)iGtEsBl49K1BnkM7HJDvC3Je
zfv(7mSH_V6OlZcP%$bh+Y-G;wqH$EX4;X<8D%FE@ry*ZdqOw*sxUYb(y`+~`KFbMP
zHRDLpnW2E*0RS^Z%1W&epZ!QO>po!PHJtxT#3}*Z@pkvn;%@^Jd~cEeRAUu!q5X*s
z*ac+mu9%jh-(}VA>luejw1ZlU;4YWp5Iv)XA|jZM?y}HW-HJK!`b{hJ`K#V_fdiL6
zaMEEJX>}P_GV(>IO4H|BC~Aor2T!VXJvF|1R>n925yM*Ky<;`_URnObR!l2Ggq14X
zDu<)CSoc?|mYN9!Eb`tqu3ZERdRyX4mx(Ndme|+`$`(oVeVj%=&FYhU`gr{Kp;wa{
zfDf7xed^()9&dW&IT))?;~sCs6b;;<z+46d!<rl|e`yYh&u{^EqurC2VZ{a$BcGf;
zUl)z<1-|6MZLIAP8NM#E#SamB0*-e+5yuyyHcp?8#zdN4JOXa!ax#j>)-=s%LF*ET
zCa?hT6PoOep1_Z8!#RvKR1LUW$uw_Lgb-lzr+${kJHtj47^^k&2}f+JFxN=qMY^r~
zLbFsK*JUA0ts1#1bX*TuC=P5VYi;eB&{)*Fsb2f!j+O^P$NS($zk^$O99WDG{0zq4
z&mi_O7>E9<xAZOu*Wjc26LivQL|z2F{sXu59B>JT`uzoN_7(VKegck|-RK|C^$gh3
zC&1;}>hlEn&|Ux^%mbjcEP>^J3#)(ZO>bZoZ92Gx#k}j4-(%6gaWux>4$V8(`|ZXN
zL+G*8-_lCI!9u^rj=QxDca8n_7Pi}7YrGB0JqyXQQQ~PzzuR(j(EN`T!L@*)*%9#K
z#2#_OurUYRA>IcJA6k;4zuD>2!=o2Z(=zX6Xrdd>${C>`VaNH7(KB|st>Bs1t54sX
zb^+a*S;i5TE?n+SPtk;1l(pc!2;i-=B)Q~-K@NgIjoO?%4dW~V+qz)dJ~MYI9Pd&%
z{_3H{zt0qoXHf>B_f9&rCQ{gk@w$LZtHjwDDcVUd2!DO<ss5Uv(s!TZ?;&aOO+G+2
z?$X((47Ns2KW&E}=dN?$oqgJlK5ZwTj)RYuOB~<vlwDH6S=l`FM%bl)%np5jczS&J
z&GV;Ib69tLF+$(I`u52b4fe<8^8G{(L%)u*5NuPwlh8Xj2)(a!kWuyaI0bF*5cJ`l
zflR1w#|fz80JP5er`Pdklhe<8IsAN3XCEVFwGF3z4nFVd+_TZKXR}k!tsHtbIP>&7
z@~m^>>38Ajy6^P3?sVOD+Acd=yX)NGs?&1Q>37lTanI><%;_~2_BiD9JL9ae{PsHG
z^qYLwnS0;S@#dqL$Kjl8cDC8Zw0fgiwa=s)np3?g)vNI@iBL2Hr6VMk=DOn`NO6tT
zX$Se1Cp<s&?fR3>A?sJGFD1fqBJ{;yaVDuAg6_iFaJ76dT(w383<4}z1D!1Z)L>0=
z8DlWK@127jt15ynO|+-873*4YPY>M55N@Xsd5a;IpEDAIO1*i}f0B(2(VPxLnUkPO
zQV{`30hoVP!fW%I^aCIhz$-axHYUT&F#st#3cN(Jsy6x)V0sKXn0f`tPa8)d&rhCN
zvy`;=w;O~dbHVa9aHhcQXr2oM6E6JkLzaVZ;jBJEqwj6nflgJo43>?sA^qkkkUUrw
zhXgJdro?X#O{IXI#{A;2#r<`AqHLR<D7$S>@UgCPtVn1&i<i8ljFz|vq-+;-Y<I)u
z$k3u;K`+fQ`Tpb(y#dHz@xe-I%m)-9moy7~2XzmpL6CTN2v<ves6~LrxgEA)-XO%A
z<mQDSteHA3>p{8+k^`!3fZ+QJA?0wx!}=C<PE59_6P~B&giAvVEbi%6gIDwUU>6OJ
zP3(gH=P5CIslhJvKhT6{;9RFn&o6jRrbrib^RRfGql*Osx*WLg-8#yrpEUMF>4c7Z
zo1$}~0h^(@mzrWytZ}H}{QFdV!=Sb$6yIP;j$yh%S)lS<Hv$(I^)ZHW+KIWcEN+;x
zsIw5E`Fo4*!|EH?BCNQ6Absoc0Y|iMNdi<h+(#lv!ExRgj+&VmcJtJh8}yDGRo@5K
zyS?`!eS`LvP~tof#S#MsIWRtw3l6u4W25|K7cxYK(J;|bF|*+>GuuauvGL;Aqu&>X
zv^JDzO(4=i7>9Jb7^Z_pNAVi`X^^BjNiyt^4(PDwI=zj_INuy^NyJQT`&UG&_8+E`
zoz|X#6;mN>H227fU>fb`#!=}?i(Vw}q%ZP64;O(!uIo$G2=ce>F*>Ome4gIDhrq3=
z-^pn$=w}ehxdF7vl_MK#jQ$C&0+?E|`R`wM1dt0NviV}Sue9Z`ktlvan60@aMVZRw
z$U4QPmlHSU59C~Lc3@jakHFvIk{5N^xEes_;P1`1z{{Z10GafLJ<VP~foa<$yvEVJ
zX16fTfVVF5-D|#B6p=;+a&}>j+o<#|A}_fDeH`T9nG>vPK_tqF%mkh3%YYR83f(8^
zA~mX-UG!5;#A??dE@Z6~q|{I}_1m>L_n=9k1m01aarHg-sntGU62+WIx?mxXkU-zY
z7;3g$|2Aw_s2dC|<*^UTX7jxB0P1*ydDc7x)Z?S}&*f=m-BZpwkLEcaH22#^o;atp
zR(aA$H@;%0q~dwEpZ+(p5Im68;Vd`1vl-pxXYI$<<6O2S$@6nJcx-NX=cGhs#xIFj
zA<p31&#(x!G$yekW~js$#IXnep-G3!p9ZymND@dX{&miz6qkQIUx+G8&sA2XfB1Q`
zx4|!tGw?%6|M0W7i2V}k8;ytP4|=P7W#~R&TQt|gSx7L=Qv$l${S&x=G^HaT{Q9TT
z(T$@7<{}!HCc5ayS}K(BYGs%YEEW0h5B!~d*847H!$scUG3W@$XXatn=VNxG``F_2
z<cZ18739Nh631(N@t>w>GJZUsSSGP~t8<`hHHO{qUcWvGL8AK_!EN?=qg2yJ_$10s
zAAL3*?FAiu=Sv2<Qq!5A5vV`FAkk=cK;>tG2;iK+E@8AJI4`su;ZEEA!As7_z>F>Q
z1%=OzC4ap~=x*TEh@4lW^X?1xA@l)tYpG}SGWxz35s2XF25V|RvnQ%a=|4m-3CU%Q
z;8tDa5|d(yu1Ha|kHMzrLC`vnnA<<N=32^ZN%XD*nwTG<)a<i?+dJ2I*n-{e2US=>
z?FXo8?HhXOYpHoqDi!6ZeEs~)IUks=f^mBgQ}eKO<Xs%TfbHGOG;`oiWQv|`)9-MI
zUd`>1>tVq%E(n+JlDb+IGB~EeT-^H32o^-ZP4f&)B5pkI?QPNTX5qlUJKVNwL+57n
z#1li}5rEjf5Sv`Xa9PX1RWQsS4ELG8jcNriONF5&?W6J3_WiCm1$s{(=HEJX{_Wk6
zk@NKyg#TS>`wf8&A3C0)nMSLl;HD_3RD>bU!Z{htdOUs{cqH<eEW7s|K;HHiR%qEl
z#z*5vla1qXD!8=+a=O94l9>lN{>^&BZ;4*F%5K>gZ4zu>UvkIWCwBZDMP|Gc-@I*f
zPMGR*L);8PaRjO<@dCFIIXSM?(mpTk<m#$9Rw(k=J82ihP#Vs$1!r#^oV|wU=1kw5
z!q}#9Q8X(LcDl@#lN=2M!TD<7-(mC4U}{N9Ns3G2eayB!a)Qi>AS@$6VS+2_b)8;u
z@4sA5Mnk*7XBDwmW<4vYT)yP$R1fjcQH!>g=-8$d$4q%SLe|1M>t>uW<BevsD`Qk)
zp=eeYSYsz8Ou+;zEM*hQDsc(xU=F&XWs`g!ynZFR_XOG=pWM@EeoqS`(dm}Pv&s8Z
zAzfqbpm|Q`#_r_6wgEWrT~FkfF8ma-NzVxSw=w$He?@=(`q7sU$75g`CMd_N2YOqb
zqQe3E`fD_BJq<Pt+p@1vgzR!1pEMEi-L(CW#^bg3r-?vi3*i31!Ii|EBsS09IWOMu
zoLXah>%u)D!kWyt<^Z?3Y%4I41Kdw_@kW5&@xp0V<5pMCr2p!%=D6b%B;bm;WzRR<
zNx#?2C(?&kJV&|DsgGumRKHibzNO}Lb0Yttahh8}@Oe`4yy@F?9prn61#2o1Ez4Sg
z?vk_2MvFVI5em<RfG?=IA&$PWstc3W$N9Y&rJ#L4rAM%C<`w=EGGfTl!-M_DkAgV7
z&SM1YPI&w20c8A*qNfV1xepy1Rk=M`(yMjX%bbnDHq^5BJIp=f0{x{iJp9|&Xp&AI
z0jamXS$2nPHVTtj%KKdjbV)H3nar}bf)66Jy_^xU22*AQUySy~d*jjg;b^=!qGcuc
zC3yeKL~+RA?|Q`*O(;u(J6ex5!XaH9(o7|Mo?zyh+F`UuH${*lYiC;-$dQgfH2!o9
zci7u^Tq^0WQTv<;z;)O{rQ7f*>SL)JwlYXsCB_0Pa)no^_4Lhn*-Q?rr3^J{b|H;{
zF}h-O%_yE^)ELKZg=!koYrQ!4bE1eSAxdq@ulx+5tH6P<G-mGy4F&v|I5#6o(`h}3
zq_o+~5`Bf5Pw)b)T?03hDLO8zf_M#_^^(h)%ebRG)N5@m9>*ajLkcEAlt+OQGm{9%
z5kYF>_?!_Vx&w+<$Pd6W2O>s>L=_D`Z*a%|+=Mt#$KEYZH7j9<n+5t;#Ss{i&?Od>
z*AiX<0=qLa?1vqffpQ<@NEIn*J%lBeOOm4*mNY|J775)39yq(b8G{c)r9l)L1ortT
zx&NQNcU^De#u7#Qx1Iur_H0WT@urI%Yft(+YTHRPZ6|6=?(|G2qZC;nSy8c2sRAXd
zZSC*8#(BN-B<I7z9fi7)lq@@}AGTNpEG*m>7S?rP1bh<ixb+%3hQ0Xlh%4-7N9g00
zR8>w0IeHwV+3@j?-+s6MkDF2YczpSK@a^|6k1xqT{_7<E{&{bFlb;V%jhxIeNidFc
zENZ@d^WXp2`|pF_A3r@C{q1COvv~ctu=jpW`lo~W-nhrcJK9kEwNZS1dkmutkEx=1
zJb;wGSqmrHkjp@Y2d#BWw@(gBV#P=~>{2D?f770<KPqlctqO2Aral9j(Rb7Z<8(&G
z<O-RqBwxB2M$US`=bmO*Ie~1Bg*!SHj62{R9Sz09!B8)8`WUMNqHsiL&naUi3d${+
zi<&EUq9#>)G0%e(*eu3e74O=1z#60B!lh3QkJwJiP@A_{b4%Zl(&b3$w-F<k6OzrP
zjnqt#KP^o$B^i+-dlJHj55+0!F(91ipxfK-hY#qn03Z^%-QM;}>xm$7x3?BOeS`!&
zWf11UO0P-?t@dlzZuVCRDo9iAw;)7yI0+RY=FON{7X?C=<GxC4U4n`Nry{L&Hq86|
zQfWbTVJ!>$FsbSX0<J@Sy5zfTK9?osG|tZqqHV?;5h6@!8|>e7VvcNU2}-8i4~M&v
z<BWE-U9@?8@TOh*Sr!x3M-r-Va|nVY37&R)X(d5W)x{sF+=u$m=oExw2FoXWTLDYy
z37C>l`+gb*rELXg$~T(B=%*y?DvwX`jtiWmm#1l(D*Vk}m~NVKPm6Di=RCDG`;~19
zy`IQDwv@gsV9&iq-C5qoXcMnz6R+nF60c`tPPeK@!>6~c+e9+@tRfk?htn&c>QA3f
z>a*2huHP*&#t7)_2=(P_<wypJAy5EOVAw{n<vDlj_ak<Ru9C|pEjK=fNRb6egFHvv
z7a^G99?ip1Zyvnwj$$&t?8><J-|Wpq!gnbNP_g5K7z{~JND_lkoNK2=G3p{L{0lNq
z<-}<gmd)Df$r)IEz0h0z?gveU#~+)m@?|1Fxzq;yjAL@0%Zwl<LmOmMXhnx7IJKN;
zjf@U=-#Z<WyvHq@0r=IhcWN`28vo<WF&{pWyx|DbYs|e`a|ru$g$0wOMXqLyi~WIq
zzm{$aXUOiLcW?lC(H*z=@nqVYl1HzHUk|#khhOho93dcjqFLGfL9UNVou@wM<}8r^
zJP>LUPMmnk`aC5`D9I?qP?dT5lmyugt7o-TIhvTUE?oFyhhtao%R2BH%v4^3^}{^4
zl%c%}_LRz;1;vD<qhNfwi*mx5CB_sJkvd@%B_Rr?L6qcF8it{hQ=9$KZMue8+!N|J
zoJYy=>4~_q<|aOn8GwC{a+*P2ea<DZ;@luKO2+Xb#5tNQk}+SK>^dlet%3CcFfGv>
zlmwBn3?*q2BqucDvHF*!LD%Hv(O6t@Kygm{;QkpUQ?|MKj~JnZ#IZ@25ejR*tnRym
zbH;8HGWkE5Sn<NIaF#`(<i&~{Derj}T}ge~BW~ITVo@G;A(-~iyPUBQjHw+5IgcJ9
z%r|H-)w4VykPsxtbGA0F_W0O{rYv6aCp<cTea7jax;jab3_IoL7^3B|?ZW2q?4Ib`
zH6Gc#;WZvvbo$kMh~S&$z};|(jX0~hg=B_N#=}tw^JO-5YLT2!Y5W2t0VgW42^N5n
zI5?#XvGnWVjKGxuB}?Z<&Mn5B2JfT!Vs2aqRY9(ig^LLfIw0a!#MWAuN4dJ^8%qXU
zG$X1n`*1Nb>K%)#5}BZX;fx@Xp;(Ax6aGf*A3oKRLr_|YdGP)$`WJ>!I)j0{_K3~@
zt@Nli34nGJF=Y{QlS(IS9kQwI4waxTB&fczA0<W>t0%`>@;{nT!)~&+r!5s(COn5D
z(vk5T_Iihdo{aiqN8xCZJM}Iyr%K6&Cu`~>R7{!*nks+JRQTjcnF{aAGp6$8t&+0r
z%6Lyt*eXg%Or|#|PZ<LWCn?QfJp4qyYCx_@cFA^s-cJetrz_!iIsC2x-x(ZU?hJ~(
z(50+}#x~0(zLrL6kBo|cWrHYx^lU8uMG}1vVz>2oNgmKBpG4fa?IrnvP&sC*Al&1M
z-ruGE-(C-J!RMNRau`<xhckpg$d!CWWih-5e%(OGYuBl{P)Fp!W7l(|aH&Bup^2OX
z+!-?sGRo!XQ7%(cS$6{w1HylSw2WLH+0o{WxBQ-|oVXqtavbX=yK}nwt%4jxzI8<*
zW{n_?{w`1Vt3Bh86y~(Cn{6RTZcGLX$<Rr;3~(a@*D{s`sFE_x<?#-^Cbu4`usB(}
z-D^DR@gH3tU88%QMU?#*<A|{-lQ@{#?&@96+!i^ow*cTLR{yQ2?lNPL#X;yxur&<I
zxGDszWTiRLk_jm_f%mV>z7-TkRyG9{)%cnuPbeSiwKxAF#=#1`^+aDOG_7agt~<XX
zHr}yNi~il)*V+xuXh{;c3<u+x$rV~_`CVo!M%t%gUp)!CVdPp&z^=5PTv!9wHns-T
z%S5}qC^E%JpmPJ^F+F!h&+=KoM+bsw0G}#Is!@e?+PITp)g~JVt70G1vB}SgkW2lZ
zs>1Eda}-P{&QQd|3|fiJf+DuA|5Ao0Y<RT7H(Mm2T?S0ixr%L})u(xF4|k1_r%J;t
zjpKQ6G@)jeXk7Dba~LJ~TFr-O&emh`ca}Vcll(V9>ddG4{vM~)Xts7%`FT7K(!6hV
zbF5%kJ%yMlXDJ?AH_qRABo#8Bv$2iYW@AT!IFTUYCCq4nZNF>I1Q5%m51Z&3ytFnW
zyRAj>uE;2d$aSLUsOKd81lCHdSX%-977Pk?{1<)}EMlF@v5++xXdYMRhzW-hc>!va
zm?<q`v2v<x>h#%llcCtj$(-vAB%9&KLh&FaET|FJ3n`GrBP3vh$Jme$x8n9{tIB(>
z9pxfcI0z09!t&FZk~^oS^_%c~5<V@$Is}G5W&q65D9C|)%lM~ayUlPsH}YETs@)EQ
z4Q&T;P7Iq*d*F@0wl=*`b1OUYLlnQuasEAy=Q3QceYUwX>RC!csOhXAKGYv>)$(K{
z!GTtWRoz1K!Ll-;YTD>oZtz|PoaI5=Izl_y1p}-OTNU=J?w+|OOO|3uD0*?Xb&W8@
zb*VJ&d}-8q6R+y8UE$`t{8(Cpn2{Lk-D(e6{pb`oDuZ|A^k?O5YMZ}2*bQsv>+<eX
ze@|+6tR3%X)g9|VtH-bYkZ=)feJqqTyxO@?eOx**nhGQ58IUE8Pj_TiJU;92`9ue4
zO2UV}J5v%??aX2i>d#SCW#uzeL#oE90lQ`()p~V#8eDlnEziy>WZW^-XfDIgYOpKr
z#VRyD)jrI~=;3m-fSrH$nRt6Po@L5<%E7G6wvHUTd=rO8_oC5KtHx^P6K*etM`35N
zm&;ueM|kD^<Zt{FZ6$7~!37u(c1M{=`Wa47FY5M}4Rp0_X2GgMtbU!@sI}*we2sp(
zEoh?Sj;8r-i4AFiUX|ypL}j(%`<`5*m?TqfKLx3pESpNH#-KRiMuEdYsLgkUfkYnt
z3ltYsHMuQ<>7xMFEo4EvWYQ&Bh_k-<F(Qj3%#~FvH;0u{OGDZz%*Cbl8HGCa7;?R<
z8W||qdUyL5SQG(d_J=erAPf5A<VS}5c{ImAMM+4mkI*1@Y^~6k%%vPdYIwNfESTXS
zgv{XFF!L-4($u~JT?g?CUEQG-Roa_0BV(Qd<i@dbH1w`Qa&H~PjJ_6vzW-26uS6yy
zGSn={ghB|?1MrEl99kqz?NxxAFJc<;^hTo_4iu#5U>QZImEs9BHiF(dX3{!QlbVEo
zoW6Q{^5)eK=f|&)Omjls1dqN=vuL!SSb3C?gp#|&mZvxXGpBqUKp@tTQ7-{W<tfN8
zA6|$X!H_~3o(s1-scy@6QRMNTo0BV}y^{p;(6f4#ZQuwz;6@8DI+S{O8YK&Ps;clk
z+Pn?4844Y(gCIg9FpbFwaAHTd6Wu&WLivgnj@X!GGJ6AT6OI@qC_rPJ&@6~iOn9Uv
z)zlg50e6Dn#?HcL2yzD|RBpRpFD^uU%ZrO&<w-inH0T0hw1p2aOy){@O{OTuS2%XP
z8%Nm4Cxap@Aem0<A0-oF!GbJyg=l9rz`lh_N9@nZoEmI7cmhi0EKjV2Gai&H-!;t_
z4fQDhtVU7TCJNT<eIy;aGR!C9-P_l;63hsNaAY{rp3xu)*^=T~tS32)F`LF7dc&O@
zCd8}nG2%}N0|t5{l{>6IeQ+#idzEB)KV$>j&!cHK$i}mX;xS!hxF4iZcTAEie)i;G
zY%SVXhnM&*Q|Yr+XeQbKB9LYz4W<FrUd;xtnHt(QbuSiB4Wp0PIg(vt9{K+A>%3cL
z=yOU!6eKk2s{FL$AVFz{Sq}v#$~D&+-;-$^jBQ1mLAFf=q{w@sG=`QrB4b7-w1eh2
zNQ{Jvx-H?_{8b9ECBNd4-l!^o=rvKc5p1|P0kc{MLX!|QT?AQ>Pz-URWKa+bHGvY_
zlocpNIr>Vb$6X2`Uz;6H2ZaSAPb6tghcwepi1UHR7LnEpdRr?=%5g#?9gNa8%&<Y}
zs3?qAlqZd{QnNCsnH6orYZ07CM1(_>?3zAoyJ!+b@gl=A748Vrpw#N^k*^cyrs14j
zQ-(p%Oklg@%PQ57sJ_1R%i45olY+S>1+%$5_#u4(7M_d|uZ-YwU#fnN6vIjB`}wQ4
zI0!9Ez(p2wM2`A>US!y3^(3O&@#d`p0CpWls0$66uOCkp%WlFLHh!c&uyF&VoPh%)
zz1opW7x}Dg<N$(y=-`ug>~ypCb*leT(Bbd0U=kz&3WIz$BEZwa$-(vwJN;}4lg&~J
zBXqZyFBK^F0wfdvie!Z7f2ov)_WeU9KNMF)J9VK>Qn)`D=nRJ<pW$$z6B@et5_QdI
zhlPsI4hM6OeE~Y-cJpAS1A~FH92|ovGI^o9T3FgLF7HbRg}E&s(+HYEm3MGWIaS#5
zWOOg$Aex)CAIXpo@Z}tw1t>O1TCSZc`DlsujPO2F6-`tX;*Jn+NC@r-9kzvGZTy&w
zapxDaq%+%!T-uYTsi<uK2ptZ-iwrz{hJkz#=sca|qMJ_NAy@ay$h0A!<1kvxkI);Q
zx>|fFW(br_AX(6KK^eOae$8iC#9oN>-AV?{*pdf9qQfF}XJn4mQdIcpyq~hPv1)ic
zCAEB|b(vo0sH6@L;NCU-iTEQ}R-QNSVE=1RugzqJt-EgKKonD>L7!O?(Lgw!s%TTD
z@2TnV$HOF8R6p;@AR+c^MN)bCXDh~%T~dd0l*w|9CZ%wwhyIg{+=?JNfbdQbr;B8B
z)oN}?*o2&%OeWDdvU?Po8(;Y`uTT8ON9=;X?V)3548gup;VedJS7+b^KLMR6--<^c
zL8>c=G|@ApGF%`BE(X$jY#!X`oH*<nkmnIZpSh7uQ-Ver4ldCmon}FZbH_;uoj_wj
zconI8`c;Il?TZ@E>c+!ugJYYHo1YLAC1WyA0~#6WHj0CRrX=EWU5=2^0JqYGvEf+u
z>ejWmG{^{$fi`W;_zx;*Z-{aV4$T&+;#`k!(W@91JfSDtlO|CTB7WKDx$bs#kVrbi
zH+rE$<dfc4^PKj++EpPIOwEvpSG>3X>^a=<VS^$}$Dt0ap(9Yj+(@fq0!i)7a9}1*
z)}6sWY8J!v8yQ`2vIcqi7zX<0uY)z@p;+S1rGVRY={U=dGm4fX&^Q+mOaSBHVgl|a
zsMMI7VbtY`1iE9KQSl-$q2P=PI4z;T3j@+6zL5wm1F3t7Z;Xo=OnY(MbmR{xFb`4#
z0}<(>7%l@sWpIewy?@^^pz)*rBG#cclqAt)3f#CC`im7u!>C<EYx|%7bM(J|`S+cp
z?Vm#f2RGQphvDrJTiTUKdOK*x0zv*5DGD92#n#tM&DdD$Tn|d`tIDBJ-?$#?qGDl4
zhz7n9xsc+Ck3t4=!DS#9Bd2Q-xybM|BFRV37n1wl2HAM#doLv#7xX4=((b=Vf_FRv
z3Ox-oA|}s}Az4&chPYrPJHsia5f2o>{Z)1$&>=hIWd4&yjt$~&s1gL9z^Ew~C=2Nk
z1HcZ89Ak)t2udOFx%qWE#s+!gk&}cH1tZokNyJLY=||adlbm+I=Z2li8I}1gU~KI6
z3~Kn{L&j62vPRL-H>k(e@V)6cg#pfQ^;+VQU4P>au;Q;_$7JhSjU&|g@B!f6-dZ0;
zGLqq7V78Bw&}^b~p`u=|w`B<gH8<&HAvu#ML%v9l$tXbqV%$uu!wyC<R+GieDWY7i
z12xaD-ltq!E={{L)A@!UzwA_1<oFSK0WngYbSwS|tvWkJ6mxx%cvKQvk>3^6uS<NR
z!%G=ip|ouYKVD2pzhK&hU!@V_RdU%z%4**8o+V0MfX+lV3XU#(=-JM=iUO3UQIZ6g
zJU5$^A&Wo`g458Wx{Dy@2A<yZR6WRX&C9a^cmgBv#2LS;KHAZ7bU2w9XY>tsuyw95
zuscDK=rC+#V*BO(Mn=kj2I5<qHwM{c(~H9zFAV=-Vkx%PpEaXv^xWM;`o6QSE0=0D
z_cfeb?X2t4BHOILyR7rlB3o^8cPSr>C9W>cX7H?Riya@6Bwxhd^Pwxk@f?Xly%1mZ
z*m^tq`p_ifes6G|B4LaZ${>XJ%HnaR7e?5%C%aEfXd(-uEAAIYHD;g+b7hyD4%QZ3
z?u^)FmpeOy8w00qx-&di*}~!*Z3^I8(S3qr#xwi%>%(*8c+M92gGa_K23K;3tB6Th
zE*~=2Hml$S3e>Wp<BG2(B+C#=EG;Z**lbaN<dYmpgz5!IYdi>GSl!EjNs@izem69^
zgcxgS#huXPX2jSU1&Pre5M_HuI2n4%LsIHVzt9;6QKJBq`fgM~E6bMnAB0%ivr<2A
z&4{H$KnC!BK@y7JQ#2!S2=+5wZcL@Zi3e1e;c<JMF`3UvqT@2E@L;w{LukY`Oh|$<
zLMY#@(A7m0f@TdsPNNX*4F-drE23VzKGoa<xjg_XGSwnE&cDmZB0U16%-27V<Sijo
z*n1iu-sOz580z8^4~QI(+1@_Q2#DE~wuHw5e#>L3iAX$#;xHmG4UirKaWe_c`JR%{
zaoFI+4P}}c8H-!=*_Q`#{>hhcK@xef0(Mx?ybvow#72ZICt%{_D#}P=*^{0ddj%|I
z-lsT=U`}Fg9U0un_z|pIkfk7@@eQmIvY>1iW|$ilGKvX_trIYw6?C)^z|d?17FTT>
zqhNe_9b~Ywf$(x-U((JU>-%|PGdCsze{1b*PFha6m^_2&HnZOd`FVDPrsLFnuObiH
zxpGw8jE~l9E|=qiMX{QMye02HK7IS+f4+KgesS_r35eOr&;OQpW62M69JmO?9Rem9
z{RYANdN;v5HlqFg2!@J6Vg5o%%ec9g3RxoK2}X%nj5^>RDFQJ2{Rl`pejnu!0Ye@e
z(Znzc+w}qI3Cgalbp;(aU`wbTs%+3^Be<bKr0utlWKPi}#F-BpdCq|8B&X3bZ$w0e
zeK4FdqZ>s6xOJDD+g+=<h?`4sv56fcxyP4c&o?G^j}h#BY5|t}MgWOOpGK+pWf&v$
zALaW-y}WD$IpI9pcV3SR^UVJpEykA&PGQKAisA14$mPo3PuwcuqBv(J=IXPc(B!?k
zvsf_^Yoa2?(I^YD8%I|U@eqf-y@TGM8^md3<jqz|l+_(4N`4c;whdNGo#aM@>NyrH
z6W7hL(mX9zu%I)XP?1tsq-+Kw@KehOSJ6uq-rAepd69;JvhRmProbKWvg2YBXpQR;
zQl!db&!E%FvnR-=hRIGB*(2CR-Kp_|hn;8Fq5o|b85=+P0D%A7W2;Sl<MW9+A3i7n
zJ?ikdZWn?hy5L6O*-Z!a(CzJq4@%Ts>B9Q{rU$@#dX1pl+oRUiX)r}n9*%@C+!`D;
z#7@qA{#bS<QpO@6WrUJ3iI33vi&OR9GS@Jgfv`uXJT$yLA7!Q{C6%v&tUnIMGh713
zV-r)t`5~8^8@e9^Pd7C3;hrQBZMe}Qt7z$F3*k<elR0)AfzWn}vw6fVP<K%nWr$`N
z?;w(>C{ogtNW|M#!JQo2b{iEtBO}QmeUoXrToTbW6-AFwhpmO~H69thWZ5X9j9`6x
zb_`VVe3p^LbawV8H_!0v83xxDn<rJypeoM~5`hZfA||5Z2C@m@CDbqp(LJbB_}-I_
zCce1x2=}Hv5d#uYa)}cTjrTMt?}aO6`jPu`;O|L7GU31g>6Ury%xr<By9b7K!f!){
zQ^|}~6zW^ZMPxyO)0FWzcJvI@X)8E@XmFQbS9P;y6RZ&QfcKOX(XZ^`c{Im44d$t-
ztWhpSIGK=ajCq4H=(s2zC59U;vV=dx--3(CPmD3)TuQ<DQVo?FgTyVuuljb7iCs7L
z3FD)<3peL=w8Ma4k9G|~!VUjOlK4hBttziIcBHxK($tD<j(}>9eQ@LIDBO~q263$I
z!c^WWv5mANt^{XhATZWL+3-5fj<5JchpHef9XbEGVjYaGbD0jAAd*GXDADQGxX=eK
zZ9EALkFuYOo#OcFozEmF?hqn;!LNfG@YeDUx41D#xFgJPa{<3B#=wV9*xOY*<Dng3
z>eYLQ$RB>2k+~Qs)K&2ZO)F?4=ol82_$uX%f<|&82h$l!EqVEgWS2Q#h0&x0UvqEt
z&>JNv9T7USBhm3tjN%Os#c3tS3!+S~A%0J1*Clpn{ECY`XLsFSVS!4!{IqtoY(sND
zOk+gF^n&9PPK1Yf`4-z1`%COJGqRl6^M<s(VrD89_wrMt<#hNC<qf=_YQXq9_m6Wi
z(&TG0{T2>cp;E~8xvSz{vvK{~YvDx7C8IH!PO&A8hf_*=k1C(p>nx&dBU*${==Y`3
zd?;=gj47a$v4N5Y>Y?KpJSu5)h2tBpE>LX<Fk-+1l+%zbsQ#WW#@cTpNBt0A^+g#<
zz&D)t2z(~9xk?dcl3at^U=?zj;b5-WK3EIdZ8u6(5;d)oF=71q8?@IOKJ5*7qOm#S
z??Oz2D9(4mw#Us_NX9wZuF%;CCjf8;?#5)==SEDw8&m6K9e$Vd)c2T*lU@V_xZt_v
z99EI{G#FE!gM$x>nat1=ag1br*o|t>%G3sDe5Qn%g=w_m!KBC7AvL$c=bIA6URcv)
zBzds1AX+__$J}2rPG4puO>xL`Bj$E;#6nU;$pnPF5<63L)-XHg-X%_{&R!uqu00+N
z?lHN6P1n0Dpab0=-4rREK?QBLW|2S+ixPMOizr7^I3_bA*#(4?RrxOf04^P;9vTP-
z(S&dZoSt>67HgP^0p<Ana$$-Euyh_wzE17YHQJFVuz^i+gB2^(fa+RjNZ%m)jZph>
zc7UxGvs09Sy(gd(#7gOB^ojSSFXGEDKq$!9a~`p4gxCR^x<(VL1t7K8d?KmIJ29py
zVD}$!M%(jqR<<|v<oL6Ny3<pcG}Jp8CR`~}eDvs!Cc|t@P6n`!WfLNIc(a)>!ONN0
zt(}Tpb|~YN8d5b85`tHXa@di(jC}BOcN_?#qJ$(}*sV5rNLtG-nZWlMdP@#R?osaG
z%%|6059em?R<Rxw8@#Rrt|t?I&H;e|E};O1;hbjJOsJ8PoQf+%R}<S^k*$+Pneuy3
zgDqlG1v&Uyv!N+atNP@pvVDIJR5@_3jjXax@Wi!dmOYuEK(M1w2Uc4$l@#0<&Ch7u
z3aM_F7{TW0ZjB*S`^+6fhalYZ7|Pab^6y$>SWLj{m`lYmx&HAAXK|3GQ8N8YOvabF
zN=bEvGa8LSaUk<jLUZapk1jLE8P~}bIKn7LIc1$Ub+wAJSt}$bj+$6#Wf$p~%ozh^
zsb>Q(;%@ieM2V9^Or|holP|LMu)#C3-9vtL9#@0sw+OZVSj5(js3}w&XF)!b?#^(M
z$mV&(i98B1J0cYS-?QW}1GLSWG(uDqDu68);R)`9lN3X1hY!U(O5U=cXS{2gl|pYt
zj0BY$i*cM_7!#UC)no30o1<-+Kk)dcGxX}OXFDPfKUW~W_~AsC7zc4QCOhK3hDMl2
z1%%)*B<`khkYLr;=msE;xgCtoiz9M%r6kOspp#Sd;^gI9?j{xr**ChzqZuKWxlC4p
zu1R*OvP$w>$_%3!$?20EC781B#vMJH6r>-N@bf#TtSMo;!|h+9IhZza)1zo&SrmyR
zJd&3cl1bL^5295aAVdgbVNMw@874VTp3eZi;KTiGl;!lNh|a#}AW*QNgxxO3K^%)K
zfdSpQq_9fIaTMgjn1^*^&bNZfo_TT#gDKr=oMV{lEu@tqxDh6dY-Kl6o|uyG|NDRb
z-y8tsaM#yZLEG3#cou=eq&FP&*guA?u0p}GuI-{=*bCCM$FAbB{bgi+QDVRhqUsc_
z11SICkf8e!tLQ2M3o{wFiExP%fSZVm=lA3}C_%WaEkx6dAw@yBG9p*Fhqluo2m3>=
zsz5Z2`ORMIqVBA53600B+Liky!Hjf;S3xpnh;h}Zh?d6g<ECjes4SJrfibz)QI5G>
zv0TUL_O1CSoPl$!Cnb^GKs=x#B=u6Ujegb5|EkIUlbmbZ7AX(hD&fKQg6z0LFDC@g
znykx{AAE965YqO8E;1EFF<%J%m$LEv>G(A_xrB&B>|l;D<qQlYxui;npiVIf%(~V;
z9iVM-8t(M;;H#i>BaHCxiy&qs>*-*iPR{M&p@cV&k_E-NJcsz`o$)Tc6l=;pm5dN0
zix}tMl1xy;x8Pt4!~{r5kVc?^WfTT=I!JtQLOv*R0Y1TfX$k<ZuW&ZvwWpYNc2Ose
za`^u`pyL^XXyM}os+YLfX~CQ;C?$exkm<y&^md-zrnPbGRDjE=%!7UA%>d9t=VZ#Y
zraXqOjO!*KO)@e!bW@CV%BZQgHNCJrndL;Qg7G!j1h%2(qnL}le<LG)uMook_T~R!
zFw1}L{zpnO`e&snp8!7#1)|)|P-*I?gv!SbBKe55Sk$=a(W6<A<P#Zet>7cZ!3z;B
zzq8xm4R2RlBi^tH2wheIKPB?cTx>#$|D}Es#FyOnM2pgaeQ=e8X&Ohi=ldgn<Psz7
zE?_TX<BC?edM7qce+jLiK2?@gkI);4y39CWRZ4x7f3VLMqasbF<7gaFrMuDWncz!^
zz^4chqH#fgoIpe(v!q;-DzLCI`y*vZ;Pw+25>pnox-9ZUFDPZ2#K&Vnd6-Yoq2$q(
z;AXXflj=lQ_@T<RY&4dc(j~iD5gfBwtEt_dM#5<olsMuL<Gi9_3}ML3c)l<hqJbI$
zVrzQ*88vltDx<r~At?N*j4PH93;KXZDx>?p4C)JDAsc!cu+b*+jtw4@Mg(LBRLV_=
zWC;fr_a!s!U}WEYuq@9r4e9*#nZr*Bc+OxN)9iz;GnY!(0{*G!Faz-77#MP^fcXQB
z19v(cC_Iz{1eE|oX^QJ0;*6HSJiCli3(^(N_@6Q!v=?Fo+5I!js{ftUaEXT><x6~1
zgX$%|DZ`YTv%}FNL$w03H*iVOi8H-$xiNgf*8UAFD#zE15}?>{<&#PY&c(@<unVy_
z1)IpjY)55zFYhAU9H495Rup-hoBfFr$4$r^t3tR5Jz<CB#Wpvr%rX6_eQQ3ZB>bo-
z|3}8LeauDhrySFr-oI;iOwQuH*3m6ky^D)qj9_rJV=c|%%zgYxM>Q)M&q8P2P#!4>
zec?Q++_nB^yZ6=3WA(NW-NOo1S?9ndqlH-fvXN-V&nw#|YHQ<@PYXGE?wUtFCE@+@
z$0-Tb0nwUC_OO?dTQyiqV{)3am8UjWt61b*j<nGD86lh4*r^b|d=>U;SY`8e;?V%7
zmHMV;T41NIrnYlX!$hYlRq>a~K+DzQ;hyhOibg`gnpv!oxlH&eo7+j{w^Y(!Gk7a^
zGkLp+akk~seA@uOKtR7CWlZKNNpM2*ezu6gBW3H+qb&mfaADl;EhaY>Xn~&-8HE=&
zBb+dl&WrVeVt^3iN*;{IWRXy}vfwFuTgB7N6M>lq`K1oOj3MT-5@8wd#TBP38tqFI
z#rtFanlENf$_>Xz%e%?nsTayii4nIj%Ckkvt-lu`Xw-c})UbEiBIyDV8{7WpxSNKf
z{v++|-wjy*b>qD4Eu?%3ZRS17Q8b?~z%C7uWUSK}1xYAnb)aD32h+>Hh;1X&TZ<e>
zJks}8*#<HK?i+tbdA`7T|KM={`PXtXQWCyY$o~b9=QH97%`=aZW2rtmLPIH_dzS?I
zEk8A)WSU{=QCM8cZ1a6fGLxwP`5QFs4Zj9yueipEL56`40J}mL#MbOp6bO4k9EY-i
z@>><Hm|}W+vPUtQ_V)&RgZ|*4KiKO>^E4w@z_8?9O1gB0yRy|Fjk;0N)d0E-S8Ext
z;^1Q2C6jKD$f{fNQetB#+)B2}RyUFv2F#P|dr+B3>qZ^naDq-actcra9Y>&RF{Kjh
zG7tNLk*BOD!orV<5pOu4v)sJ8iXI3{<1Qiz=9gtLSvr4~3E9XbVIssT+We}{GSO~b
zFi7V&DMs5NrZ}6!aXus0YDl0dLofh%;&4Z?19!SWMwn8Zbr}*}Xqhb)#!&KC^d?mi
z(qvDL&<SH5)M0kU`M9xGSQR7!E;T<f*WM$M(7%{UMp7Qvx4@h!8oS{f7%aYojfw8^
zz$0;&#yV^zUv}!Jz2-!8Il1V(C$8BiacDSa$dPvgIr|6B7p@UFIknC0Nme`y&$O^F
zhDg<jSlL>**ljp?KG;)JLYzPhes4u3Pm_ad2-GZiry|6u2q!`kZZWSzC_dr_9nd29
z2m#7Hww@Rfc=7`YF$40%Y%UQmkI??$`9LXLUJL&3<P?eMl{nX;HODAec<xK-Wt3}!
z0)36HK45hK@xGKE_aDjZHQgvxw+7E04!jM)5;w(FYs9`(W@e;k+0x0WUfD4T!oLJ@
zkc`z5abKUoh59Y{(^*XKOUy&DL=#KEE{ym9S)hWdVRprtOrkN5Y!Tuv=%W$I<Ra}}
zN1>MHS(hjY<D7%w`u`)T{V!->*m|%Q9MG2+axau_JfIBx8tUi^<c+z0Yl<32#`ToD
zQ*pARJ@ahPCbx!ksEv3c;o0s(BD%Je>Gt?7m};%1m9b2?GTC*!7hx?Vt`a7gHL6u&
z_i*VfxpMlAYMWWpHfWWaW}JidTX5DI|CLy*$<$hgv1B!N%Nt6r1I2<}VoPM3+a#_7
z+oA=aMi)-LcUgRd-o1UzBfkhQe@Kg`7%?S)lfqQnHCRD0_McRd)M!_F=!FX6DGuac
zmHy*bGc%HoE)eB3B4~d8`b?$@<xLr_YZb~eN*V5SQ`;^(*(ZWdd+v2(l3|iB6&NPY
zO&cQJ7fGdDo!b|xh}fth)<33Sf)c_#;9vRJFMY<pDk%H4MxF!<cHJ`*=X!O;z^L)q
zXDFCVM8F4w1>#Yh?ki{%+{<#=<`yzBInz0JzTiBNCR1CR2vYI2^I!@}nsYzzYK7>j
z4A8^JTl^;~KzN?3L2v({H}q){{7L9duV{Zt@ul-?JNJPi@VhmP)j79KWz-_qaTz&9
zGX2oce0ryv9QMZA?>YOR$ACZB?DdWxy0UEaC9*d=QkTHqT~({4uy>%9Ayt=?-3Lo|
zSq)Z6a&~wxJ=eGsMn^DcT@Z72*s`!+b@yZ{01Hn=<*O1siZqX&G_j~Et7B<SM-#8=
zuU#QoT7E38LCi>ub#8lm$m&O@n9iOj!m<0K#Ve3$;x(Bfo+DY*dzWL8EE#Q!i~SCp
zuHSNYJtEVo<crFaE8B^m9d($UubK7Uz6Sa8Kc7Ya!ZKkvmO))*Dt#>+=dB2F4>#I2
z6dSOuAq%ib`5jz}aIhMXV);a3BLPcWR~Ino30AF`O8q>VW0h#%mh8*|Zaf}D36Bmq
zA(`?t0!icE!R*N{kGZnQsX>S`JYB>AyYk4*Alv)rp!@unf8U<xAM=m%kFy=LJ&)oz
zlD6RTe_;rYW@M2`b8y9QQhxd$p}m8d5lc%*bfmM&n1C@D<U_%1ABn)*mPk##Kk><Y
z&SY@NTsr-WY;tTOX5?B$k2D=)rF(-pmc>NspFBgOkq@^r<)WK$u}Q+k#`zXY(k+%{
zTl6Pe^qQ6&8%`m@sYB$gDXLG#BuOL#PAqp4eJ{7;Z2&<O(J-&Le-ihMil#HRsow;t
zGUqno<vo$MN7Uu3Bgm%G2hk|%MjUMtZPWvxCfaCeq)|_lQD1~nGrFkw&x6DgK}H3c
zbV7~V;YEGjtqvsG*k<FAm6Jg%Ki?QxI2;)tz~$sZ2-c3!)t>PU0U{T6uu-|vM?oHq
zFW5cO{emEv6`z%y%<%>LStyeRd45f@P?TXmtui?y6=OS31~M2GYXhi(vO&0+GUNvu
z%`sVkO3OILU!A^v_2T&a)ytkd(%-#(EsTsHhaVQ29dp-mp;_rB^DcH*#ApShV3#KX
zb|w(HA1nu)uxxBU`M{bcbyd52k;Nrj+gT{@viQi#AgvTc@7}&Pjt}IVA6mexXc4%c
zYVYU-Guj(uATyFFA<&p)8RPTVxckaR6Q{vkXi~B(8L|q3u!BhV<qu~-8hRo(q+uoE
zsH(X3-|i__h^6qwIwW~)Q=H{o#ybm=FlN7i?T{!hv~M66qP`MMv2g=WUm<Y@pXTc<
z0&)oep<xk^T%0hRd4YKxGlt88rd-Y8t|+@OT2SS4B=ldvEAtae1o8+_7)>B77Pb0o
z3xcKfC!8jiixD2vm}74<Jlc-p$gq`IGQKrbuMBN{H({;UdC;sUjCGR}rhTaD_F<~M
z$BGl48WloQBY#+GR2GsN`NL78@=(;MGz_(j;ihdqrE*aWEst-OX+5@S@k)t`@&Mvc
zMV(E$+U@c(lQ@|2YYzbC_9IZ?cMAhYE#HXKqZ-*8gGC4NkRUfAK`vJ(+b#M}5N~Io
zqGbJEygp&a0`TlTFJnpdnK!f<OWpBhHmy<djyJ2=r$&Q!v_H)*t&8*HG3|mhs@k93
zhs?pfd;59?c1_65^#oCqKjC7aG>9@--o^pmL&wU@!b<5QykOC<eC#h^6U(eWziO6-
zhhGiCP-UcsYGO|aCv*u?$W&4iKFM{G9K+XK2F(-FRL*4b9ptgEJh6i<2XQPEMal^Q
zPWBjbe915*G76pyC89GbL6FG_$>vyv-vR=}EqNtqTgMQv_3w?Rlgm6gR+b|{LvpWO
zj<U(VYk@;ijbwJp$T^fvT{Bd^4Kh3@6n7b`hI@v7k*`pg^CR@JyJar%4zF|pl{$8|
zhA!$bz?~yjYK)^RoOK6o1`!EBYyehxe~=eSEwZ>H0+cJ#(bZ6U&YPpJ2VW1_i1e?9
zeeu!_3?UA|A4n)-M4T!Ikns$Mix^Y^emPOKK^@qWabXCX7;_rfC$A<%;G{*pijjr*
zjL|$2>q{iZIyE$7ZE$0Bc0qAhHPp97dQuFeg;GTs5D#s6gboISH<9H`6(lt31{09Z
z-9UKOGy@qb=hVfx3eWpA=Am7zylPx9suH&{a>B;UiWhCg{6w9cOlU{M+ESrCbX(#k
z`c(??alhgQe^eDf^qR<axrdDMYErGkT_YiAx(Ko$p%?^_()8OxO`tRjvakZBC`Vrj
z2ZL}agnVswIKh<xRnx+B<V5ACvp;ZaawANYU{qYq>v2M(V^PWCK~E+QL~R1k2qxcN
zl%ymk)0@BI8`ECMs%R&I65)M?n+2j|*EAd2MIxzpS6I%EFb#V4>i-u>a78E1HA+Xw
zt|{XhY5EU2yCfInjGc6Y^GKST?$I$x*x{5rNfvpkF!1hS6L0O-K+T2PtgMWhBDG=V
zT6+nJ!Or+Xi<0RH=ivD3SMNbcPZCquYtpN8oXs6oT9u+rsoLz$;yv6A{?)ZCMEFyx
zd#ljC0kC1o`#p=PD0pH%Ve=N_%vMJ%J5lVAr`;e4yBer9TSi-!xe905FY%2|Z>~q8
z^Xm6S5bH1E6z;(P`ZWf_l_S*ofr#0~od%ufs~_cQh6A_=<TPX5SYj})Np=~NAk6!W
zWU+s`5`LG%?;7x(f#K!Opx6st${MD5@c!%)UrUdtM@B{1zVb&Y1waUHD({j!piw@F
zxTn-h@&loA%v3?(ON*M*Qr#&+L7GZmj4o%s<Pbi@6piSst6}eygf4ED0C7bZMA<KR
zh2K+a&OeW|jjzG;<TZE(%!5n8C%RVmIMXgFC?+Hw1>?(Ib=*c2g#>dk?kGw^6ifql
zI7proot#=?aV7GA(DJ@3#k-STfX3cWNuEck5qZ%t@8nl3-3RwdbFZnz64$WH!gB0O
zV`N$a%9KcgF(eC`E+{$^=ACDl8cJafS=1<j_je<sRcoLk5tb?G`tmYJtutk*FCCRB
zu&{YFm5)lMq5@+Xngv3jG&T&&DFMkkR@qKLt_1;Rx#O3R8gVGw3myi~v_4l5W<fr~
zA(t7!I!5CRhiowialW&KI6NVVlRb+JPZtn=C?U$iQ2WSGoR$96NTj$IKR_J3pfjG$
zlb<saLXI8>X*PWP<G0`K|KnzqJ|17b9(?=#%i~M(kN-M}zkl8v-{j{5RfDY`l3*O?
zSk!#^=D+{3_umJ<KYn^P`rFCmX7T!OVekE%^iK!#y>Sox?uA9HlES1J2^V0$7ULiR
z6_K!~15-e5WiGhP90hz5=FwCp0>jES&x)oY^M52%ELgeH!5SyyYnSJ0=9f4ii6Y|%
z_-&H})^G&d3X&!X3i#;J7T~HcmooD@SJ#NR34$QX1%~E95>4RRO^Go16Y*1nEDLV7
zU<tgDg;ZEWP%-~qX_$v%_%EX*JQAK=Z-R77UY~^l>z2W67(ovUiSwXQ@!6~>R%Dki
z8p#v>Y4a2wVddKuVK1U&+LxIf^ZpM%p1(Tl(f4$<HU@*i;OW5u{682B-2VrM`%nKg
zJa~5abT~XXINbZwVEFWKc=#tYSXU>jo&`Gr{xn#*Ew^)@$@Ad@dfa<43o_b+W9asl
zQF}DPA~^#jTkD}0Gd#Y87~nY#=pu(aFWk0|?K!C#?sj#Q7Ar?6E6_DIZcc;oWlt66
zxk3>S{TJq_8>5a0ef|w#_*TS07dUpdw*DUF5p60hcA6Iv19F-zv;ciZu658R^uG+{
zf@$*MB-1j?9=NWb5pPLPd!GTtsoeh;GaR#%s7KRyg*K}9|NgUQ&xX$ae|E4p-0c7R
zcpjm*d<ATM_|TR1hvg}KySKMcFq){mygdI+ZyZn>;~uXmu8VI)Jyk8uqJ&OR=il;v
zXDI+U2@8K)nCo@yV2uzf_Lwbh^#vV$gSMjt(!o{bG2SsCL=zVX|Hi-4ESjG!CX?tr
z>hwGQl7M@hW2>Sw7~qxj)>F^l|Nd879!faFvG_+v);W9xf3sULPH6Yw*|TTQzTSU6
z+<KRDi`x%K4ahi%<8Fd;io*`thB#b3)H!?imlxk3zdgVB;rPv~4(go0dUN{v`21C8
z2i@LoLAKd?Ak!?E1WC|QfAuDdI0mH{fcdH~Iw|MX0wcaX4hdyb7$qTok9ugJKIDrL
zM7%S<4$()Hr*T9fphTyq!Kh=(D7~k?3J;8<Z=gLfPx5O9Svz!lP9+IX{_Y`T?&MYy
zBc;*U4x=$e9XORc@)tY#*Z>AO)$Q%<pbkf<quS_*v$DhS6~9pDMUV!gD2`|ZrP(+0
z)sBPO)*}R=UBKdu-8^xYTQh>iTM#S0qT{e96dM+mAema)ZaMWKyY#<j6^_GsS)D!W
z18cLxu4ElAp>XMhh5ZZV-0(&ib~flrX(bcK`a+lcIgig;*8N89?3I^VWniTEx6yzU
z3Y!R)f2<vVO1OK)ud8(U6igc%bk-_pBIN&2+sRURd-j)AIu~Qwq-#bo^?nv)Ax?1k
z*OKqW{;hXE{zgWe0D2e@f7_S)d6&zex2yvft^(SdsVnX0SJ)eCMowwNmtDSV#)oH^
zSZcMc7n2y%Mrg>^?EpSKDVaMB=uBhun3d*1XoQ%G9re<X!a5>*Z1symz3(Db-rPJE
zB$-ei>E0)VqHX+pVZ&A6iaOFOzb{|+uZBUK&VpfQM|7kWKsk17a3MU`{0e6;$UF@)
zj5>e*X4u;s^akBQ$2U5xy#hk^WR>IFX#T{V)a`<FqVldLQRj_f|5b5hk55IxkBE~0
z3g)pjK606edM}l;Gh7~GLM|66>I7+;_pgQ>)X@bxjB90gnl8UtbX3neJI0FeK)$`*
za@47yL=^?M5D(`pn04SU3ov>r=7EU7(;0Ji60Q<LwxU5gJZbUItw-pmC<)1Rj?NY-
zM2h404*6Dkcyg!jFjQLz)c+uHiKArko~NzZ-C{*XI40NPwP6GRahs*q9F29(1ZjK*
znii5{6C%GdSnCMBf^mppd64tvBdrU>turEh0=9M1i~#Dg7hVGbpCLl&mDE7PyM&$X
z_aDRF@PO^TMzn{)@tF6J{D==uk&2cU@?9-W$9g5#;xmt~qWKX|nIFZN-lX`O`67oL
z<wr=|-}+y%%Y$@aF%=xJ8jXaBaA%fr2fC&s(ymIP5hSeOh-Sf<qTxQbm4kehIYm$R
z4IA~s^|4(3sHZ~Hd@T-@RD+dN)chl&*&-RE!vXxMZ~WbkhpzR%+Ik^F%E>0!W%mZL
zbpy61Y<qKerLCVZ2M*<-S8Swmr6>ZerxAY?#uUu_Me_M*9;uKaQI58StFLf~0>x>H
z$2+~PlZhk)9Eeaf=X`2J40dY!4TH%uLtbFZJ;SAaI=5qvBm@~qPwRKJ4JYXTv0fT-
z7G?MeXq~%m<-8eLLWezrC@CsDaTs#r5U$$Xe+EbdV|H!j76*J(A^E-Xz<avi-9P+h
z?`f|naPY4fC8hA4LGq(oD6&jx0lAX)o>r_Rxq0Cjg6>-kO3h+5@KiI*q1Zxog{$?p
zHG*2g*ZsG=<3Qu>HiGFPMg^G{`c{mmOFkrVHptL1x5IeOHpbplb2X3&s-Ekn)I_#g
zy-3o6+O>Y&G^ry;b^oyaOi9c;hBUNp{r7fUTIZ5I^XPC~WR%(jwHaU|JK{Ji9pHN9
zwkvt7@2ig^gz;-PV4bcR-=+EJX%#x~Q6l4O%CoDsA3RZ?M`!J6;2nEyppGcWnB>c^
zfn{JUuJ4Gmb!2OqZOg~|bDeLq6NQm03}OjAGmR&kj-DAHsz{HFy>9|vZU6H=oXto^
zaiY%fwf4l%ux&5h9odx~wVK@43Z3M=6dawwDv1=~ut|g53bVpX!9A?kwAWB4!xP<G
z5eyJ@{=I`b7ae)>OTzH6aP%6Sfp@09lb-k7u1nk#8{)@H0}%_-)VX~K=d<qU2JWbe
z36OE0y_F=9u&W4#zo)zkThaOOp>A+)Z#y0cX^_z_nH)7WRS<+hU%u-q=}Cl&>egK}
zY50hKUl0mCo#8B^QWy8QFm^^smk@$kG?y80nTHT(_zKjWK4O8J*EVk-Rj75Dx<%MA
zw&j`Zq${ODLk}lp*X)T~ht{oXGEqYeJp5a4r$x(&SgIe2`dx)XNBq%Q7H%moeBTqM
z($)VYven<q6dE*6WXZ25^4@u^oY-RDbd1A0oAsp|ZL=g&J5|E+>%d?qThDvj`Cfs^
z_D%D;XK-zkV={{?PLIVrH=Lk~I%}UIi!a`3gu-&u)EHu$iK4~q5=+jL$!<2Brt&H)
zoP9+myXWVL*D@(h0hSs&LC66S#!-tfx!oy`Z9uqOBot{_=8Kp{hH<JUtsu1=lldrO
zcNXB-@}|;2!+zB=5HkgF@ZFN^xF%m^r95Nmi061;nplUu6FvsQ+R7L%A{)K4Vd_c~
zue#wXl&c)Jy3*?$KEB?#cAf?l%joGk3#z;7nvP8org6ztBP6WSgzZ_USgFG!O2{GT
zSe;(Bws!=DXvhbo%|i5y<-M-Sl5zJf&!)p?EyCqyzzgCo=zuXEpqP}F8}~a2Wmq(w
zin98xCuA8wYn&DyLI)Wt-U2;oEI7K<Kuk>Q4O)EGEUq1kAN%hxRrw5$Pfw79)DUBl
zq_7}}R<j-?A=<VPKR!JXW%J(mL0%%N-a*?1+ZHtJ4WD-h_18vgAlZdc&a*`a%SGhI
z3Snnld-O+`2E&ez_|}%LqTKjB#R)X+tyRtkgA0(H=bZB1G}b@JS&s5E$S!L&`g`qc
z_!bGfNz|(-N_)V~SaO}CQ)>&=tLs2U`=SJu4m%@(hE5(5g0>tMiOs2K*&H5{fyr3Y
zA<`qv1_(?rchEL$qBRdRUp-~J?CWKA*-izG;R>r|NK6`zRwFN5*H%GO_J-@DDY~%+
z+gTMZ-OBbaJ)Ar`lFIBcUStpq)>z0_?MB(?o$%j*qr~#R(cTo=Ys2_#fUtcxj4~t+
zZBGs3TY|66Z~Nvqc?25Y5A2n2871LKjyh2S3Ftbyj>S8;CR-NPt(Jfo4*xoU&X^5b
zOTa40hQumqPrZNXsLnMY{(8MIZm`6LnsJ3V0XqxuK8H{yIt`e#&uVpS_|3s3Y@S}T
z%>q+cm94JgXKR5ia-6}cE?Z{Jr{CTq+%-x$@o=KD2R670XNjD~qKaHP^QD8V-O)5@
zgZMwn^z1J?J!hB}^1Ygo47p59_%asf!2aIj03g$4u6Z9&xc7{#t8AZJNmxI8@H(XN
zibmp8_QA@dT3J!2G-dD21gG`YoHU~fKq38TJt#K^sDf2Y4q5`tzB!*0G{Z5(6G{Ub
ziR}Rm5<0_~xcUlX)kThx>B@P!h+`ffCGQDo5{{sn44{F?1bq+zE>z)LG!N1oZC`%P
z7U)fkcXko6>j)!Bv^^&omZ7m`IG&3Ny)BN%(U!>dW}w2}$rz`)(V_S4-qse$wrYX7
zU`zl_Sz-sUVFCf(mOfWmqc}28bjI+~n-u>z0VZ}Hr2pgt_6uZCo<N|2TQFnjB12;?
zZ0L}EhC(SmFmlc4gR^o0wO6Z3{bnyrAZm~{7<;S?6M@FH)_o$=mXymV>H#^S8XQEp
zxq<n+$A0SuZf|?})wqEwxKax$9fgX`$<Zo%UyhE~0K)J^xx{;2aVP2~(<pggE5>G3
z#3l0wyF#TryK%L8v8-@6DZka<-pbGvmGK`;<(c)PcN5H;M}(-3|FE}zxW8}5f7sg}
z96sH|f4Gn5Lxm35*luPJC%sg9Jl`_}8@L*7@t{toCFqtJ(Mb``I<qOS<)@&wYEv|}
z+A^t@8B$6(RkgDHvh>zlW|)I&D>-(aFm5!V=)hySWp&sHe#TKYqoH}Mx=Je-n-p80
z=S!=^!T13=Md6Uu=iOs7f`%FcZ|n`$btQam-d0bw;EHP60HMLORr!1t@b-9CTre$s
zY+%wi90{9sLgv#&x3@<vD>LM8Z~yOn7VI59ZCjc5q~l7VAIeyKvR?5)eNZ#paahc|
z!L4Jnst76j*`<&!vOTTVR6Yw@H>@iA*)}tIXk*AKtUf;+%!sg!VHmYU=L&{A?T<a5
zF_1XIf(0cI&GgJFb51UCo7t=aQ+r0az+~=~cbOOi;{{*HG%Y)_s$lhC<(iwl^azlO
z3pX@{x6q8_@}_8GD)MLugtsj{aTTb+4&d5+;pvQNg)Tyj0Ft5Yf;`$EGHa2=JB<qq
zKkbunXQyPQN*iG$=<@5lFF@q|(!#0{Rz)Nm(W%kRdc{l5?QLHy{=5&f(O~P?w_A%#
zE2YVzkzPt5Zc`t^Ty(Z<N^A{|u{M^+r`MisZQ2E!8afG83|`gikk0tDq%n``E@!hb
z<aIu1QNNUN)ftEy?=xOOkawMGyE$=}b(G_Uf+Z4cw}J(A98gBK=oaUesAIuuHD$Re
zF3Y71ukFN1D5Z1O3MU?OQv|aH#LPD>#>WM;8bXjL&p?O$Za-88to4jmP)HzcZb3U&
zv;CbT&knd&J*a3<_h?572n{k?feHGs&H+$nS9K#%D7dyEDWcGJY>K$8GDz2W#2dQC
zqxOrI)xN9MD$`z;41@UG9_R9w?y4tm0y>`I?2Kjs#nYRz9y!I<(KEN@_4H5&>JTTC
z%7Nb&V-0Cdm|1-DmXmt8vl{=s1U^o>7Im81Ib4=FRV}FN89SM1nd8WREJ^kxC=Y2{
z4!4wqZ-lH^aC-Vh`|&fO)s3AI{je6OnIf&}mX*ahO;8!gmL@(1yw>DH)~y>8BS2ld
zF%kLwgks9gj3;vwEs=B$p{||Ps`(9|G_xI2rc~a%R!HZyDkO4~PZxcFIATTTa(0K?
zwKBKu%4BWmpC*#O-1;FJMM~kUqD=Ya))G1_Kjl2jWc8Hu6q8HL`8AHFGsylsP{YL9
zkh6)ixj7?uxkM@!N!>EJi-qzDmWsTETM7G0Bnwu=z14&ZW@x}AsGeDUJqKxNUOqWI
zWoi4Cz`d-crah^&k}2Bo)ax{h<~hn*W^F<MnJi4+xn&xzW$xS()_Rb$^MZ*{v~z{E
zM$&<~9z+Xi#{^qd%trR%!wL|WW@A)Tz*DRS(s{YW{m6m3o}rW}<G9*PB+qM&n}o7X
zoJ5vB12K_+Z%OO~yea{#%0buSbQLM?S`z}UMK}(xa7LpXABQ1$?r^H$|JX)GSPp(^
z(#1i32dO7d5{k1csTA~nYL9IZ^oqE$jdIRY%v*>W@7rVP09_TuMLtUxaqJyX_u~@C
zdcZG>@q}b!{0cOXFF5o!Bow6A|E&eS<-nIkcOE5gaS+~|;W0@<v9p|)EfDm8^BQQk
zq~%=FrFH+7xMBxAHkix3^|pBiw!(JHz1jwC3(JT7G`IhRz`9)B)6V>}F8|-~V9&|_
zx3~A~U~gmpc^^-u{in|A+5=IVG$DS>m%$Ih23-c_GAnogO=Rb66;l#%hZ!ejD7P!+
zi1;l^rGcS|SZ$XQ#T2h*RN8b1S2FA@160APt<%(1z;HwtD)hH4gIK{ZR*HL7X01zn
zvkPulY@sz<rGi>RU37cP<0vu+AJORP0Zztl48_lsbg$)UPXDF7Q#;!Kr+WJTbnvu5
z{|C<o8~T4APn}_PBWpU#FQ<zhtMCbBdsbFd1+|TM=VYG7c#acJ;UEXyBpPe)Ct>vD
z9zG)KZM!&hCQ`bEQ82#5NqA;ARM`;|sgK@pl`A5*<M#iQ@brdF(1NlxX84vZnL6lA
zHR;heh^KE{Mp3KQMc!yp<OaGH5(={*jZQ?M3kGqu_!t_jD0Jq8<7nALF`9?nl*!;U
zkhuCna<D<=jFE5}^K(YlcDZ9_N8wq?=tz&XTBWlG+>T$9a3?HJlb*&#Eagh}&8bi!
z16-DK;!Zs}N3FR(YR&c4*5Lm;GGq5`xkR8Ejx|-b<^CeZ`B6h84cl#lQDkpxNsCbx
zp)O)S`5H-M0pYR99C9@qnEh(yBco17cH1drhvjt3QW$ojxNagvkL?1MXOliROUaN^
zSytd%JuN9^4Yhv6G3RP3OBay&2&&@NH3^UB6fJ<^^5h~Egp$R4gfokToeC@GBD&g`
z&V%C*tuQj$Ds9{u&kv=sc8b__H>+v0n#{(%G_h<Y)lo(oOAU0KH#6)qYZh#|%7X%Z
z>RZd^S=ZD0{-5GZIL$Sd1k~LB51&38IQRd9;r_GD{r^6mmG1wNn&IrNSQ1Ud1)kz<
z1qTKQp9n!;<#|l@GHAt1t8@otw2+$e?)p2o{{k%#<`tTE>kGW+Dnb71C@&G?Hx`dP
zc5iFl0(DyXrW;W_=clOP%c5QM7zSvO&?uH`3(m<dvajL@?w_mP@fCMx4wl6htuSDW
z8;LZ>vh-LPEU0<=M#c@iQ4+2KhAPTo(;M+)&B1)Fk&+CkwGq7+cYl#Gm=+7{Z=@gx
zfkAO)A;=>SDF<Y$yUTHs;(%Hn+>g5d0?!_=Fraa5@5os%lqi5d#wFcpguPetMYWuJ
z{(>*bJctsTLAP&W$h?h7%&Z%k4b^i$L(T4JXw`cfYJ6Aoj<9}8?rgPd#(YZeZs=|Z
zl`{+_7e3VH(uXQ9e#mqAyPNJbkv&vwp{~29N#-tE8s}$PLtggL&!BP8G%jq;qD#d3
z_o|;tHNu#Wtn9RplK8-+1#GwK7E8lMijsmVqIlOg@aFfwl!Py%JX@sf9Qw;5oHn)t
zs<Z#`-2V=S8~yLSJS*M*d`qGvXk0zfbYrv|8m`k~JIh6utBA|-#l)6#6hVzAZXPAa
zJo2+V>diOhI-h2+3Uba?s0HueC4qyS^{yp)9(Wdlx#i;pzFn`a%Z=ZS%Q1rzMU7W0
zhCjRm3#AtHKTo?EiE(=apgQ{hY;fS({|pa@8~T4APgDB8ZMaF>v7XXA)ul{0qF6Qx
z#xgUZ?^Bwm+@@Vbq>{v;VL}c_d(l57;hFH6=UGBJ`t*29Vr-p7&}^`vGm=IBf@`%-
zX|g$2%FY#WG5;Xbbeuy(cq3UyeTu2?BI?UBWkE9HfXSuc=37C--te$DfZ+Q@Odv>i
zkVfBSWRd1a=$}vcT6yw|72C@xqq8E(ayqJ@41NKiLK&L@phlRLhhU1M{0Qj%Kc6ge
z3@>F(i08t?qp!G@)^Dxap8k&_$Q{w*7^vm{2YYV(=flB<{@=^<MbrPrL|-2if8ncp
za}1Oo10=?8@r0ov324ROZXskG!fP7Jd@=eBk7dRQ=^bJQF@-T&F5Y-W;MH~5PChhW
zgI4r^3ETfa)zkmI!#$V&5BG)}`hPFaABO(h6|`W<u67r6{|=3kopC&F>0wq;{SGaZ
z(=57*Vm!s+5t;;X&d!BLA_eZ4WLQKpK=dZXdCv^Fz|{*+R3ObK@(rG+^yX!hsTXNR
z*b#w4^@dC5)z6SzC)Yt19-p4*N^Gs<6eslW(Bg|Yi016;jO6qOp8ry#%wC?HzOY}M
zp1jmAvPE*7zss=@BRxW=ID;HtbcS_Q6GRCs$=#GQLZ}{~90fVL#&O&O0PF^Kgr2-*
zV2_iVCm^VL9VLtRvVrqil#7*)f;@+K6Rfd>gbY}Q(IStMDLPKm<7`eclm(E4iq3)r
zoxK8B<!voe>6sIYi<4RO%_65zoR24{PL;e&&TkMx-Z{wJ&$>EgaC$1*(>zL!kPh@T
z58fZ4r-z68hg%3ua?WhrXPX%g!XK0P<}D%g+bG67vyPnMhj^a1eVU*DOSyi-Q*-|B
z4-5LA;nQaaoAduZo)2aY+zJL@2W=;$sqfb!$FJT;IgJt#f>|8w{jWHMnnW>1QO-`o
zIKm;ip5X-cCy!kgk%WDn;dqXsB&R_f1A?ps&qFA5ttccohj96rHD}~VcRbX$OI+0J
zUGn_Gc#BgZ86TVNn2^gwiaJ-r4(jlZ*Ee8Z5_U|ycXl9ObBV1X?8OXozUpKG!<{3V
zE%1)Z`84vNHwSDDZekugrw*IXUOwy32)XPWp)|u?F}u6)W06j?AjHMOT^<CmbA&qk
z9s9Esv32>O*EvF$7^juKTe;U8zs7&dQ|X>O@7Li=Up5ppHDaq&jv2&3G2^gUpV^t9
zOrHE?#Du`T_)2{7bvR0uxX}l1EFg6_;LdVbjho?92fJ$JG-$$LA?jMIZKz2rjYBKQ
zH4Cf{T0O49XUiphxlbGZkK4DeJ^sVto+tjp;l}^tUY<{&&a0F&mGdsJ`o46zJhvl^
zCvrcQ+qH=8_(tXc$MHn`ZIj`<NKq+CL1XuKr@~SpFeQwY!YKKGtdJ*Df|L2KPLUa!
z@Z_|1`s|u5M?xm2IyrSxnVp<A9|;r4O7jwvApA=Z2gz6ug#E65G>R}*K;jH;25&(o
zR7A)8>NsGJqcE#=^Qvx1nn437*S@USr=%oYnQV-4!l?5?u9c2G-RD^_nM7kQ!LA=<
zZ?(c520ReV1o2D7do>fWH|XIHBm`@B6;3`8FY0?GOM0yNgquJuh}5vN=W>Q-P3y9%
zy^K&YCh-wEe{pJzVTReV!CChjkG2fEcGtq?n_+KnP-WpF&YDxz&WzI37o33i{OiHj
zgF?3~WExRk9bK6%juv#^t*Ho&8$Q!Dy=-h}xn?WNx}nH<nEzudxrg(ze&Kka6lp`<
z&T)ZsUc?bjsG<_icYX!uqdOKQrNo@_kiE5mUrU<ipnDQ(&jweRX$tO3r73$X%HX8v
z`P5wVm-Do~{{`GIqRln1-v8s7YyWkyzsdi9FV8ys|AnoLRPxtc;iQSqQa8D#raBMp
zPFHr0eFh;}8ytsn0j%R{=7UvwFIg@Xw%by>MA#JxRqiUC%HG`>kF}=%qTu@I|8Ouk
zaOHpd2OIg{{XFZS|2`R%a|r0=)f<xxle{-3^S*mDh{|8OkZ(0wT%OLrnGSvFdTq$*
zx{3%_MAEc;2qmfx0m#Q$kmA?TJOZLskC2-+p_!ZA%4Z~E7hN3WLeJfM%YXGmtX?PB
zqb+>pp=`|Mb5=xIxpyeBj}H6WR{w9|gOe~NJZ~5TmZ%g))QDjiG`5q!r!?JbELAq@
zAS2pg4LcxfM^?TTgreFMEj0i<ffpO10?GZ~Ww9Zkf!~c$aRDrkN<N-pJuCcIb1}bF
zd3hv8ILL4YEY7!)4(;K*Zj4q5xaIMqac){0K->u-xj-fjYXwTvpQj}l^4KjMMsc!e
zezurQqW7rNFClNm@L^WW>;4?mEE?w>8N(@y#&0o@_9&Sek&qjXNdbb{iCQ~^T42WL
z>}ZdN!W4Q~VPOa^RT-fcfpg;=LDSJcFD?R}W9#DL7b$WAfh3eTl6sSiC{&a?je{}R
zoLXzKrs4KTn}l*{v>7R12640T<+n^$To}fy*4rlYFAXoAT6fZpFL@;oI3%K|=_4+6
z;_ZrXHmy#L>H|oHmtPI0f5MvLs*aWF6RH)i<uF&nRh&KL2UsgC{m@p!&^?CQ9CNLZ
zZ`#mm-O(pk?RnS=doSFNk~lOyC1IBabhc#YiU&~n0arXb^_kbI=ZzZmjYQRn*s9wm
zS#3nJTlKFLdgIys5_}pqPxGg>{BQm7pZA|Vb>qJr4EHwjzk7MsA^)og=)B(e%N$0X
zX^s;``Tk-M7k0?{Vi0#51tE62%80vdJ&FFX!GzZpM%Y@34I=y+;f2eqHi$9oi|1<t
zbZij0eTQj>SYQ4_SzKegW}WF<wV@qCUSqq~Z4^!HO1t3eQ-a+l{YG{mIxRJ{b3l}u
z)|KF*jO=8Gv_IBzLSCzj_;-I73s!bw*P6C=PDR_g&TOX;S~x8Mkrt{uHg+zq1*<w&
zVSw5N;#-%Im=(}Drvb&2MVw>m;E|HBTg0VXPl!qzb;+zYpz=+#V=`63%~$e&_&u96
zoaOy7$#6GJ@};~$>g<0G3h_VohliW^ulMqJ_&+w+FO$5$`pNgoj@bFGm%pvf&F|H@
zgJBsa`RXcL4G5v%$Vke1#oOg|xE6Z^Re4karF1n;?H@>jx2$8rV~y?1ixLA`l(V2b
zbZ65k?iet8$aNVYmu}lM+YxBHm1SYSZE<O7cZ79_Zt?T->%0qV00vx6tDuR0WLd|O
z^uLuAP!0V*I4H#bJ2-s0iT`vj&+_!&wh>t27`T7iAWhmGa-=I7e*&W&O%sywNS>w{
zNM1?N-An<i8X>JS$bdZtmQhj3MEmTCBo!^QDRKnLtA>u!=WzY`C(CLy+F3IB!PXfu
zRiAH$rJOqEcrC92zpl11*sg-Y$WE~yyDF0%YGYDmt=Sf4R2^d@bs88$HQ<7p&5cy>
zRv9hTRBfirFT=QrsZvc{fBOZsXa6e5`q?58v7Pe1eS@_<KKhhZY+=h%f@6glOPfvL
z)7zD8hK>Eor?6jXwj647pk-NX8$c_phmCHt_%!7IffxsA1Uink&H%Oi|Gw-0^>pxb
zBmcRV$HV`#xjs&#Gnnbmk-ZPnh%eJSVeo}P#)D?=-4U?ZdwYH#9+TgmRj=w%kzsc@
z$+dAs&Qhx!=0>LRtsqqMnw6j$ah$Cnc!LnkC{1(AW>CLr#!*({;N>ezxQCX2)H+?4
zWppzpt&Y3AXZ~^>xEn0yoiLe|6T2j<*%)SFnK<LDZ8oKTK3In0jDy}dqe>&nu=>H(
z3D`KRhI_iWUW!oyDQ)oCWt9FMXVK)Q5vXD{4$>>5sT@OFQqxdI&@~QXErKcP3@TeL
zQ6Ol&z^7)<?)+)P|Bp#RGZM$FxG)M-XKB?Hpoah78|)vt{Qu$JM*e><PYM73LQVCX
z5<|eUQqrSib*-@S4q3~kpkxKF&TE$gcGZraLU*A?UW{@qnOku#`z)`TPNZ?{M|^O4
zr4~(=J(EXO?Qg46an0L!?5+8dp8zM~Bm$lD(Kl!~*gM>71>vkv|Cw1|37c!?%HKV8
zP{Q4%gSO)+r>NJWPfc-eG|Vu*J688BW&cJr_D6bFJpUV+gVmk?&xVEbfB1BNbN=7Q
zv*z>vVcUj%5*|R`hwhUJSkjhki357o<9W5i`HMc98(86e5#82(+9{FgR5PfyAimNd
zqZ*NF^TUR9YmE_&7;ROA!)u)=t-h6;!ixObdd~l9Jz&lG|8#$_@0|b74xerGfA{j-
z&H4Ws+Xj~J$Um;FVD*?3l#8{?;sGcbOQqDc$ggTw*rbt`R)&r6ZfJAZ4%U5IAXc4~
z578pAH7~u)tTt98w}y0A#)HfBvayD`F{DbZIsUyiY+pOZ8uEogcD{Dlf`T0F?1(^w
z63wFi{4P|BcQqJE6fZFpMRj9gSp2F?R>Uu@UY3p)Rj3tO*rnikmZkBt(paKZ+ih)e
zmjt?Y%iN9qL~HDu+fUR^@CtSmtzd5qc<=scbN|09|L>>!Zv3D9;o(O9e=kqT{om*R
z_kd*hYjN<lT!9@a{X=l^X53v@#E@kO&4c`RSL*G~ncSYD`0`%eWdMs&IlSoRmp9s3
ztQK2ddVR<Wc&$9q3ovR$!C!<Y`jYg2o&Mj42m7x4_u%m9CjbAvJa<X|KaueEkM7y+
z3_?LX`x&`*m!P{25$wvY-6goS5VJlM*KX@1dN7jIQue3WJTw-Jw)f+{OHt^u4&gO*
zmk=b?ffiHpW(g5e8)zHZ(dQ&PDxX=;3MmMU+N>1+8Yy_)c&UkTJNYt*NwZ$Gh_7BH
z!&@#GL+f?3f|PL+7@+af=KhE2IBe$eV?TBBzrAAo$EOE-oBQ8=JSF$PS9BbDFM#61
zgZA=a>vT=mC;`e4+psqx3dTe6-f`w+-3~hdzQ#w#E8;UN7He#rP9DP3n*J}L0IH+^
zhlj5GZ-0NV$^U&X&r<aNGw|}bi!;E{5yAUUtt4tqtJ_lQmTDLalC6O8u>FOTtEDBs
z)mpvA#$UXRy}nutEsgWL5A|SMmj1U<0M*(54~7F*|MP6H$^UaN&noo)bGPyroB0o}
zDKbW(pepjs_CwYc`S4wbvd9Cs*u_?-)e`EW%If#7FH$GrgHaf@WQ7_|P-D?=lgjs~
zNb+{SsV1qaa-HRT?ULmQUprvD-o~W8@s4U`pWPHh6WehgEN+Oet4YKB257id%TTBX
zgfr@3A>K5@qfmX>!MMaXHX!k$5gLWcng{2<8w4`*Z&H6CvlY~(zGjxOwQmMzqayvB
zRHVK+T|w7X2X3S6+B_9coBKa-081zUYxRHoh5P?-u(AKYm#5_Zf6AuXd$E^a9<&A!
zR_dDW#}bxny3OA|5EY<1E9=$)a`?+A0j-)FE#O0Y+SC8`3cy<Z-?M`K$Kl~7{_DLw
zOVa<(Km&L;XMm#vyt_kS1tnkuV%?flw^Re#plbDi#pA1`BG7KHUK3bSzNPn;UKXFN
zI&f+F-$DUcL;nw+?LT$s|KafI#{T18p4I68=dJ;i8~6{d0yKxApab+y_(N6#dJ$fS
z7SIQH38yhHel7HX)%EXP5vUKrhpGvz<%gP1Qe$0UquTeV4D^pcQ*B^n?MiiEEfgN$
zs<{qu<*-(^&ZxOY$BX?kDxHRaHaeZpNvGqT)D@IEweZ%a)oH{3v;7$^;-+bT)Ke$_
zdHS>v|KZti<NtFnPYM5jCa2oV+M8b=v>rgM*flZACOlUdpuas3oq%ta)~y%NZPe%n
zKFBElszyb2fMKJW#k>H|z1oNd!7Ft)DnsK};$DYi<*<p!|M#yNS&sg<(*e}b|Gk4l
zH~!nf{=r86b1%<|^#3!^1KjNy;OGPH_7GS>C(w{kFH5GEBhsHYiC#~3mQUX=Gy6)(
z{l?EqwA9fQTdvpBRMcsmX2ssPpRLAbz0XSLe?uKm&G~=$?CCRC|MP5<|K)z3^_>5o
zyB^3S4S#T5kUJCweNgG-KV+RyDbnlE3zY$1LN`>3XAAvMJ&b$T5!pxYL)8;C;*r}-
zT4Q}tV+i-CGb$gArh21V2z9PxP4bS^^Uo#8S4y$_jFPU@cix+9rDD0=Pm+}i64lCi
zuN53y^|!1du(Zi#lz}aPZ4`o^lR~g`VpmWKHiFq!G1%(<M+1sw5Y7Ho5JzD^8wi1G
z?tg>B{lfike{i_D|J}#qTf1zUc_3cvo+gSWgraSB9XrWUCrV%$bjktPYqc!DZ$%Y-
z>G|;rXIT_t31bpOF+UyKRlg2$l;JtK!eI}c0`G|yIYz}r?x`FlImJQP>y&S<&&iFY
z#r}^mT`K)U&HmpzI2^k6zXyjK{r~+uVlQq7Nr<-D);4!#jHx65JL<zM$U>ap@ULzG
zeuK~O?~5qIA?myc5(Y5Gw65+qz@c8xa8lO%H^9VqP{+6JB>p9JTS%j<5h(4bJx==o
zO-sslb{>XME5`Irq*)FN&PGOkHAFfOR>Gynr6Ag3eObRytGlXHYdNV@u`@+^RO3;g
zG#Jm`h?U9f+V76qjfx|X@o)qlEDU2&Gpu_qPwSFvdNbgSWi<`z)*HimfHW4XG^o22
z0(>c*M{`UTR7*XKmrYRdLUHi93&BaHRAOy%vKdK8Chwf}gJBexeTP?Ucyb!d)8<fg
z71Ua0;elBpt>~8CKpVl)+y3cBQt|L56`na=K}Jyntz}jS547=dcopSR57OosNCP@M
zLVYQ|7zZ5C=7@NZN5n%Sw4dj3)owqPrg3VQ8>UqY>!Suuk_)xRxDBqY&`vWl!b@<n
z4hiF6HUw-#!2ZAljBkRwBVT3kS0`Q^@_I>E5$0M6SB5z+yDaH)Eqp4PI1T8mW8WV(
z1a3p%{&)mVZiu@hapf(nPUIx)^^!Rs)P{u46;JyTL~ba~hT>FEoE0T(EAQ8pvu%Dc
zG9PQhZUj7=&3spzc_SuSkC<e6*+|t^-v~lB8+}b1eIrhI5aI;SZr{ibHZ<YW(1gtm
ze62U|;$>X^FoG%Y&^pb1zPb(U(()pNf_q!fmfLUxJZ(0H+^|3FwRR=>)YhEspN96o
z2?=pm{%m3T4^N%_|NdSv{>#&i{qMazrS`vU#$SmEFE;}I!CR_@C9n^G#~j#)O{q=r
zrykSK>8aWOGz+?9^cx<xNcU5C>h}MzkpFjZxXJ&1KM&idR^&LC^EW{fO>oWw#&x^h
z0&}o~9*bSR*>j)uQ@Q`ASuhEbpg#uP+B`_RVUW*8B*?-x<e)D8+i);+^S>MnH}PNY
z<q_vU$!r%IG4ll%8u>otF{WOs<?zbo5M;>-$;S94PGfSTOUncM@g$0Ij*h-Ty>HoH
zz3*Z&LLI%zy2IY^p#N3xx11y$<IW>0mIaaH%HTIa`Z~(#Rz&d}E;uqu=HoP=vt174
z1xYAQC?KJs0&)rsu%<ow24#4P-@oN{xW{pfI@|x#`>MaQ-TP|i=br(`#~ltFbsm4%
zy9JE9$UzYy2gxnCK^krp%Izo3qJ&OR=il<~zvZ3UkO0~X=<$w={zpW!MKVTD_u<cI
zezurQqW7rNRj&PhC!f+Ocdu8rca9P|Jaz%)QHaMu)-z~HtV6KynyqRHFQ6<5vYX}=
zp&056JDl&`#`Bc6t-iD4#w+o}KWOKt#Lm^OXuL&4oX7h1{ggLtdgZu_;r13*tBAiM
zwjQQp?S4d*{AW&*MpyVxO~5wKN>97<Kku?t#U(%M%KteW9PAbHe+~wl{BQU2EP4KG
zs;HMkK}g_b0aW?=!+R~RumTBV;TC*S#mUyFlQ|ADA$Ww7ukJ`T{aJm%531S%sYyU1
zk_d^d@uKK&*%F}RomuK-TYVO5*w$g(yaqpookR4#PfQpAxzIF<K;Vwh$F4w1uhn7M
zG=@0F6g#V&)h>J}6}Xp!(kFaTz7B2J(7Wg{*TtMj?G)p)8%&Ji^yI5E8_dVTjwyF5
z&&#TI_6K>V<%TFA_DV-5K}PK3Q-y<I!FW{H)P22(LNBZ9YkLuuhqS7!ml=%h!qMh6
zuK2-;%_l(3C{2(0{q|JRn6UOv`A0?%3_wCdB%|d4R#`MZ%`n_E`ke;LB_j)pMU4uM
zdOXH?euT`_Q&BGB9ycCfRYR{Q-2`KgUn&k7G>(*}Z!n#a=4(b*(SQ-6(Ohi^PA#2H
zVw7#M(5S6(l`Xki+m;~8)s2;`z<XFx*?AU>@k#g+=QK*plZ-zV#q_v$4Z8NO#fGf_
z-m@T@7@=bH^kv(i{2gc*r919&qdCrSz;=b)DQ|HaN8=!Oju|cASR^!x8EevnLT3Wn
zPB|6r+Id21sA;3apOe$BXxwSQq;08%MIEIwx;f4a_CUZlzIREAvw-68==tFJz(cGa
zFG;Oxh!ZHSN{LJp+E6c7xxbCLDiV!$;>wLQ*ow6#OqG0fj59h9l3;2C%yxFuu~Ej_
zM?vvJ8@|M9ds!yM2C^*2QVwO^?2FaXY7C48syPc|RWpCA$i{g1jvxtR{2d?nH_%83
ziz#1jV#?u}+b^1@F~pjHEwo%qHjLIgO^04$19D~_bd?t;f4#M3%=@yQM)E&bA7jpP
zmt3(;gRjfQfz|TA!)FHr*Z$|}{^3Ude=iSP`u(rAzQYOUhR`G<bM(YJ!%z4}aOyqk
z_p{)-H;w3QF<Rs}8*@DxgtjYiStRQ_gt;GlJqn&b3x<b-@w3AbKG+)!*<aysFnYE(
z7#|+u;n#bUVbGsTTZFzA<%#9^5>KKe;%7WteOoUHgeM)(fDMk4E~x7MFLaV1l7%=!
zl*o^C7UgIX#TZSZET<^LL5L<Kj>&bDOi>&qmq%N&tGt_T-^OG<UnCK|>CbRH?~Z3d
zM)N++Fz(NTDCvtA-Xp0$3&xjQU-coe%m<l0=^UZ}2{98o`bG;{UIb|{isFbyIPd*+
zF~Xuy@4HBqH_aa{NN(U%k?>=iWQ_&BUN!Cx+RpL(3TH3KJPk68I)DC#5s2QPJLq_N
zR4o4=&wI~%&%4k4rJHJ<oql=GXt!g&bKgjmFp)9y+DoZdP@%3x@!Rok-cG#+*b*-n
z^D$LuL~X&c9re!^CNHNF{)`pE4%hcdMce*!n`?rFl>39?06P~KQIalb-Z?`5+)}T9
z*)>ZD8_$X|#?t5<8Q|e#9Ocxm3f0xGTLTadBg(dLN8F)}Ptyd`ldyAyl0_Vw@3SDC
zof8t%DD51fq48-Jg<$%TkvR82j6BfTkx<dm3{Ntg&pJn3v~7MN*SwzDNqZ!q+?d31
zkmjBq7K(%wWzrzQak0VjhE>fVj)MFJiAl!is<h;7u~`LV6l9(eEfizh=QU2Il#SSM
zP*V~&11T>eY!V(DKdUO?e4IroTcE7gc#&mn-{hDgGT}QWM>!=K4pEdKI>Xjgz6$gt
zier1(d5e6P1!05}wh^j^VVXtZDOq7+U`_8;6o~N@Ct+ci7Rm*2G)<24bN_DiSGk%t
zEGZ_SVd;7BzG=xQX;?CgrZajLg-!dG&&YMtqEU!{ib7cPHg)k9r-TM^L(o@nN_A`j
zWAUk4AaRrc1ez_XwizpSEjm%PwmtOHeSWE^&c^4IL<xOEU@G86)pkp9HpU4JrVS>p
z1F>|yV|1k5zpfkG>9}Ltwko!5blkCR+qP}nM#o9Vwte!x>wnHVd+)W!sHzY3e5o<2
z>KXU_yRJEB$m*~b!w<wWNj5@$ELow<oyZ-oFzBj&)&WWc^9!oueU1n_x|b(30BY)_
z={=hqXtPSTDw@GL;6rkZQda3_cXT|NQonF+GQRe0S+Oh-Oplxa_U(}8y0JSQ2k%$z
z%BAh+%uLqE>GDjL&TmxTr`@X@?iOxy$AD%PP7MooNqcM(qfRBpWtg(>m3s_FxY$!S
z;5ln#Xhkk3Eq$r+mFb}sl9{PK6>IO;JIjdp-d$Zu6az7Owze4ru{+SUYFT@-COhjz
z$z)lK-C=_}FcTS3$1PZC%U2Ytw^ryf*j9Yl3LJmAw0Sg}a>@*uET^YE(T#h%RBUl|
zzt3lt23Ab`^4}`-wM-10Q~5#X-|AWYJz|H3bUiAk>p|QS6HV@xw`#=HyVcqJ+nWKa
zI73!uYT*1gcoC|cBNr#Kl}m&=nXul5;!=sVk-g8O6aBWBQbH)c-OnG}j@gPuvy&t3
zlhijtd<eMa`*hYyLi6bmRvN2GZPuN#;3h0Zoz|P!<OPGPlz7UO4Ymu(M{8zS3e)9D
zPvG+2F(L@y;?Z(a+Z-&sy<?b=Na&Z1tDLutx1+;P4G=?zFB;mmHlH<7zJfRMf}3us
z;~<hVjM^#9ZHcd!=UxB4?%3r4J?HMfmQ?Q40L!YUrKHti04i<t-4qXd+7W7;LgN(6
z*Fg+Ta_l*wVT3VpK`o4p@sIAKY?B`()*`Ci_iy*uqCYZ_MJL25U~G8{JEED<x8*3N
zL4HTn&^#w=d(fa(c4x!7Uv9s_7tVH$YTVOPuz8%)5{a7vs;$${Dkq{e`j03mB%z|n
z=G4{o4><Dl{40<3iK*8{!zBf*j75t`ucTGM*n7%2p77FVj~kMqH10h(Is53COph{h
zxMQMnR20DqRxVR06*wTr@3F$7&X*XV^IbIvcT5!$X~S&|l-U)F!}E97464(J?*oQ@
zW$%!P*s|M`xBLZM?t8G=m!$XOv@Mu1=35`gem1j%Aa=ylUWbB)C)~gjCD1FkDmX>0
zL$S{STI-N)o+Ur?f^eL0zxL;&G!m7Vru<)qzBk~>Q;2MV>^hop@sUL;?>W<j%J+%e
zW0dHB_rDu?ayp6ny`=MWWDNPC-Ndx0&ohg2b$8?#Ec@~&au+~0{X~y+Lzg?yX9~>g
z3w{p~qA*(u8YN2hL?KRH8Rf~?Qxl}nM)k^1E~Ss?wvP|?nR64)*WHh`r?^IQf`LPs
zOA9VSkMW?r0Dw?ewIT*pp1l%)XpK{=QUhtln&HphOe?z8=y+L8Hk0RiaScB5gK8f_
zANG5R+p-(%C+J|=JD=6pB*AxPsdT&NljPcB6BQ|@NK+l8wC6tD<_SKp6dISh@mNvf
znzmp14N|yFxdqsOLyj4jlWO|KO%IBl+d$=3#iPm96u*feVX|Kmk6I8|aPr>Wy9#ef
zT!n*6e60xmaV)S!2T=(ZsGSW6fdS{;(`0%RoDA?&iO+VnESwuRZ^2uWJUK&;4V7{J
zxeO)wAi1F6CM7wI!5C$cJJzHQYxPhB6{=^4H+pp3P%-e8lm@_zXxb-J>QM(@*J@t*
z#c+Up_DOa_r}Gf6+l-B%T7lQNBJX)F2}5h|IjwLVG0x6yv&k*1y}ewwZ6UBZVuMOy
z^|*G_z3gw{6~AT^Lr<qZ=dtQ&A~n3`c%XI&k&>&rUZu<JRH8L)mTNJN^7Vax+EU|p
zv7v?DGc~F<GSakt&r=ZmsodHq-O5m#5PNnxi>Bg4fxOLCM6h7)39YFNS)0m7O7=Km
z#TBwOv1|9&tLw^#H}h=^&wU%=qvi?nbDnQU$86@!8FP*02*ZV@fU}#SW!nPtO~K<-
zY%1nv%kQgcX1D2X^3B=j?_;}T-g|^^f7=4d{zDr@Oy#UYbV>#RcWI1w;!Z_WJuE{m
zCA5QeVu#{w0C4BVz9$9W#DR}E@vz5Er3TE(_&cIUfLX}EfY9gifXwHUhuioq|0veh
zzURumr)w%F{$w_O$s88BIN-5rhR!-*!y!W%{`>J7`Y}*w#xSVu5}Tbz^6tyN1)OOS
zImDA=;Q06|2Iv=93^eo%G7<sw>@Y@EUn9&a3z=~UJ4iQ}XBIGwFL1Q>5fVZ3|6aTm
zj{KAn56%y)P$rbZlEl!Ew9h1tA7tmnr?-J-lvH+)2L2Eh+-yvC;lC}bMgrAtuq8DB
z;<}<1DPRvjVaJb&EM=kguWw3)Ts0A|_A<o4Dz`bVusxCM+9e|;0OCx2Sgk>4Rg8q=
zU-&`1r_VER#4}^p^)i<_Nb)Ad(4G0c--5Ef@pA0#7$E43R+cN~F`FMB|M|za4&t%B
zwb2~)kk#`+S-Wvxw%J6Ym~1t1XY7K)-8IR!+4#F-!DV4ih=e5Xu!_Wd#OdDi(FICZ
zM3F%J)KKbnXVM1u)ECSzAmEOheSfrb3<}>_ZaO;d5AM%`Z1>2;$Cq3x8P%7Hxw9Qq
zZM+x~*f&k4RX~ZVacdl!F>Pp~Z5Fq&!5iKX@aHI2fn5kRnv)}k{R+!`sc@hDkpdtZ
zsc9}O9M1EqfU=v^TqHEA_F@}31~biq?2y-%b(l|h(Aj_N9)CVCn}vY%QnECD0$bXS
zL4zfZHdf<Vsh>Mt6HU!jft#?J$T~JHJ{ZIs{}&XzR@cB5{LOng2f7C4pF`LWvS4Al
zQ4zA*MEf!6QtUjd)&2aU5R0KnY}gLECi3MuHUg=gG5KmzA-dnxc3M86u`lQ(_)Lip
zL*|O}OTyFf2mr`*`nkU9&H$<D<r3=2>o*c)2`XaryJE+Y=CJ8P6G+#Jvr&50I?nd!
znPKHa(y@52ixrx%xzh?gajols2<n`PGHjk?xdZO=YVtwm-!`KTbBeEnOV7ebPPF#q
zUe6HE6skBT4^^HR9_*%xqbh`N!;36#^$dFSc?kCTxWqEt{D8F=f<?i`J4sxUjR4C_
zR)d=Qs|ej?m6$j-jxtXLXKHQ9L;FOxlT<$wwYp;nrVT}HzDU*_SkH(utksiCIpw{b
zWY+>Ud^D?c{3N5o48NJsr_+L4rq8<q#k0w*5}7o0OXn3uOOg~6!kmLer^Ga9N7sC8
zvEwUq2J?z?Z3b33S#>`TqtPQJ4?~n3gR-@8_J+z(-V`6`61|jAr+#DwU2B2%Vqn}1
zl-hT2{y{3R?kpA<EWduZ7r=zkkU$R6u3K~nz>kp-P60p7crx~cgMBfZU@{ifRoog8
z;uM2|T4Ii*7q1zMu=^+Ua1pNYUV};ybqny@xdn147pFm!Ls~AF$frLF(z*xwcw3~g
zTDY)zd3d)_h~-?a0`(e;vdX3(RiGzgWOFaAQe_L%^0PIEwk=VV!JUQY5*x6@Fv^-)
zrm?mhz3f;<JI#FXTeeI`eHkX1kmS4eLi&W~@(EkQutQ!>W=GQz>rq%A8e;WxJiyX%
z$cT6^=IgTqad~9BvkQXUQ~DJy>zawC3qF{_u0H@(*U=9ZFY`KPKQP6*{cj+>M{hL8
zj&KrG=k>cg3;nxX9(Mb2I3%R!CkP}D$KMn#EW#k~BG(yGyztXOqJbSq(n630G1UGT
zxmnzR^K7FJ$B7#_jz4{M-FALPUeF`%Sd8T@PPbk}=SC&#HZJB_yb5xSCq0jHdO445
zy6v7@LkWjE@9iFLWvWT}x<(itQys4Jyk|P_cr_6phdQ1W&OMh8Y+!Ua!LH)Jk1v1P
zjGqmKj1MW?=j4eI!5<j{H;S4R((z1+Z<hzHI1?-qm$A;E(IhITZ!;0JBq`wkWcPml
z<X#lwACjaM@z{qZToZQWwU=;<c?TXLsBWv|iTvf*Hy0oCOQ39zduBzkRxDOb{qO3a
zfJ@>~8$2J^xzDSk@<eLAOmiZ0ZILf6xE1A0Z*sjTl=E4_4-}}3-akwFRx9^QUtY?u
z7tWleqPUG)Eth<*vfVg9_x3>PX7WIubVwkc=sGcQIW9cM-TqB;N`&T^f9^q$K2iy|
z_+rt&7t>*1D;00vC;rl9Vp5hW<qgw+Fhi(dOrO;<EW!Dh&NI^h(B+y5%-nz<bCN;a
z(-3ar-2W_?y1)Ju-FUtBJyus2>h@6774l}oc`d%XMoKxt!@h}I82f#Up>)b@wrfD`
z^^hG11WGckSPc}$?jXtOYlzI~YsjI>O&V-8UJ=&PpVDcEar?qtkU$>n={<Tx|Esat
z(_2@FA2sp%QxCtIzvt`a_3mwXIc3|s+x_ih{j4Q+6F-4(;QX^Mc|Dh)1Hb-F6vOyQ
z*qPt>X+oT^qes@6UoF;orMblfz0>{V<Lgk9a{o!#n}7ca7HaueqbBU@k$qinEyEg!
z<F7F!`CC7@th4x2iZk;3$MT%0_><4Ac?@ge+XUeTT@j5yx6i;zB$T*NKR=jRXiXLL
zwD11?v47wfEz~?v#JD@kX9kYiBh80i!UIGkwZ3*3Jwx^2V27plDv@}{0~Va+_@JEK
z1u+KD3O)z?2?Di{1qCnx5tsmNdoCDIB2X#Gc9{XVdY29<kkC+I3J^u#Dz_e@K!Q0p
zPziGH$ukHCE-Gkda_l91=2pKyPzN3>91^Eg8;nSBJdmLf&{#gKB#3xe%jO>39yBSi
zB*jw;Nv}hrqE(TTK=EXN(_h9)(56Ku2E=_j21KhGHv#7#r_-sB@4a0248$QW(Jpsl
z0w7F-!8>Bz7a`kONHrzs0Z0u>>t-u|+T=b=ZetV~zH(9q44$72hzxzWxpr+H3lA7!
z>V^?sh7zL5WARD(1Gj;leIcBIMmhxfgMWtT;y}DYGnXj>oBAp;F@P4zZTn*Nu1+zW
zSU<!K*!kPOzvNEi<;n_V`Emg}CG$ebn?-WL@77ZS$pU4@0CUs`nSwT^k%Ki-w&Sgz
z@W8w6w}BS2?#f`w3uMkf{~mWd)Dg{O#p~epb&&GURik`@w^NdSf!ir&sW3FVJ~X7c
z&0E8Ri;e>d9ky#kn&ydI+!6yV9T_DN^HrRvG4oaI8HrqZ<^8+JL-<#D4!mzp(GV)S
zI)BUm#wuJ9<5I}Z(bVyF5a}m80JIO3sK9Tstg!+RuxYPk8@2@0xv0;E#8X<gDuDh}
z&#Vf%?BKZjCL9weHDf9qp&sqR|8tXh7nTNi3J$m<;sSVBO5AAa64wmP_tH(s_cH%1
zE{_{S4~TskX4^oz0QTq93<PsFuqoIiR4Ouq(O5t>x#|A&J{ZTTP3&vT1d4^)BOYk9
zh({zb{q|QR2>%a8AX0}wAkyz0JE+xAgd6QiACwR&d`FK!h-QFAKtjQgpb6^t1!qu2
zWHWaLZ!&#@D&eC6Ck@%$0`FudKLkSEgaktKVUY|;Z<@Jr{`myEK|zTV!?5^J0MVNV
z$~rsGQ{lY)xZQ@gQX_~*8zy=s%xs!*<O4EH<QcNaXW9tw{AMCgV&Y^=L%_wD|GBF4
zDRZ7DN=*(NMFJ)$=F4EplE+LPR7Si&dxAZ*Hi4~Sl6*0;5cMj{0&9h~LGT<TR;8RX
zX3;!QF30;M#n`YyelLX&*kDIYz|MXFs)b=*y)qr&j~Hoj3YNrrF_Ou&mt1h6zSiVP
zKDH^n-Bqd-9!|VpEO9bb3}cgGM^%k(%kPha14dSR&QSGE=S@+@QE%4N3|LVQ&yRzS
zfE6oLoET}t+*N5WSAoHM==7=f6Gj?R+u~*$2naW8)xWo#PeV1dZ$Gx0!p%rGG;T_l
zG!k6gG0OlUejQM$rj$%ncgZHHEnvOM%(j*ADUAFB3FhNI(yu!0FeoRh<{bU1OEJ+H
z>MYKrB7Sn!1$3cROx!&n6UMeSX^ED5toP*rSQ5W3xmF=bX~?^MQ+19rb&fV}2U4eG
z6(0(-aQ|KA=yS;Mi;bp6qEnSr)UV=1zWJh8c=lT~yq|J<*m4BHK9YKkXVmFbonA!U
zw2eE|UOPH6o^K*(N)hKkl4`DM%(qlSwnKG==vby|8y39iE*HuhtiNMAcyFwQ9iOCK
zpG0WAohS?5PwXm6Zm(-|^D&JhK@*B72797U6sDEgN2tG~(YzN0Yqotth<+y&!MEaz
zD?p0ykEjy|^p*YQ!aEy2X>(@7-nnTti)>VA9<zo4D0@3NUtiCLKjdI^xVWwSDH*iX
zh?Ys)Q}CD%BSgC4zL|A7)HIN?wCs|l$=BLgp6?z>rt}IaFF*ZNGxAkYZt>Zp^Kia@
ze;)LQ`z*&ovu63KTfU=f;d2$XkZ%|WjBj8I*6F|njo(JBI@XO_57$%JYS#b&_ha1s
z-oz%jC(=e1%i$wJc4WZi0@`Fj|Ht#-0&WI!Mw8RX>7;_@#P5M4PF?cA&8infTu;9K
z0OraEm5)k(qOR)lARnxBF0Qk3_a3>%yG!)}T-bF-Y0u<(18S22YNleg1EF|_?Y^V{
zs}Mr3@C#_cMVmIVKVy2cE^PKZ0j{B(V=-2eUMz=4C`vPCqr@u$Mk6d)+!k`N5*HZ}
z0sBe?Gc?{Am+GqeO3vG9C<_)RO6QC{13W@p=*7<D-3rgQ=q^A`#p*qr&*cG{4dV7R
z**0Nxx_Rm=d5@&dH=*f?3cD@BVd$t$J$aN~M3flWiO;?A?{r*%6}H*DJzDW)uvN6H
z7+g7WwL#Xbx3+y=l<eiQhw+&+n)$D*TwZfTO;ARsqGO+o-C5A{`PNPF_9X<HQfuv8
zsS&(|G469b^}ro@<{l1#&U*N#lixqIU*er5@w>?_rnTDfnpQC>^`5KfJ;8B@!##`*
zHB)aMIT&QBtqM}aDDk3Hll}QZ(z~k)7EnLQoA|)?7(W6NlTo_R)|&@ft7dvQTwMhw
zU(mEnae;Dvh4B$v;0&6UV(=za?0<r9_Zd#RYV5^zYTO6b>J+ef9%J5Eoo_DNj*i9V
zQyw#D?}QB6Yb+d!i5)Y)65C;>x$v&mzwp<c4R=L2ch{#ynjue_Ry_~xL@G=Buq+xh
zypw#J#oN+8Pr`uDjqr9(HSS<xiw<CFpvcMt`%$^YBHcN`grc$9!PCPj1p%4IEZRO<
zx4;dHJllK);VM<E(6Ig3pFnaI`O-hW6-30^-R8sZepWtGTJdY7bo~mSxax--S?;rw
z>BT#uyERHok|y4f=|JienCbxbDLo?vs&@xd9W<)?4Ke<{)2Y_f3feQ04j0?qPbH*a
z<RE^uY%(a`v3gmFtf(op$8YR_<`dbi(C_9l4t|;}VnmTc0!V#RuA9*XL6v6-2B{Es
zE=2d<pi7By1vlyMAzr|A53nW<*VSxUK57k5qcS2DRYDyBBzx+bh#Q+w7!xn(p}bNU
zCY{EPxKHR4Xh4{-{-93rQ}w}uif*ZdiKxU!(7=Vzs8FX)39}V`$V)%}LY|3JQVEt<
z4Uzo=msS})Q;J2Drp~o67ayyGte4W$0LU~E<y1#zC*4Ujfvq8mRz&BgMCn3r;uneY
z$e+r0<|tCcqEM%vt>@~kXR5826)-snR-*P*WXW6tPLRkgv}>g%A~_QUr~*X3rS=nG
z!swA;h?@st{#pdeney+yr-22ktvRamkt@4!%yHmWd?|rcrUCh_(a#c&+kXP=n$KRC
zW7yE!ZjqSh2wZ;_Z`n}#yp&WeTXed1WO5>aC`Ck~II9AgEDb&;Q9kHy{6$n;k=~}5
zN?CEGn2MzyAikepf3E~Zkj3bZS`Yq8X^4`i(@8~RkB2~+@DV3ZzrKGa#veZTTcy!R
zG|{N)c$lSJVZ3+gCXzLJV;q7Z+*?dTM@YO5bBz?6&5fi$1ZXPd9_K_bh}G!qbZBuY
zyr@F9u^cYbGMl1ld!UY@00;-o+g;I0`PE3+jzrN3=qE4-h+U#05QmTlM09G1^>#ko
zEOKsvy`v+p12m{F7!YMwHZ2j5Z(^4!q<Fg#gsKEVQLDrni^N1*a*5_Nsy)X}dNHe;
z+mH8awUftKX9ChKY4R<Wlfevlr`>u9ays_KunMxQ)-`$ZEw+=v_3wAj$g-Z@g|nWE
zCCIy1<;lCP=fiB5H^Y?ADwiTSA7HQ#m{jqQ$#A*Zr2HYjYhwN%YAv^91Tf^|jiT=h
z1W6bns}P;hwK1P0*~EbUCG*u~Ua|O^!KY_iXtrmiadRT@E}F1EjHC_5BE_j|X@(UA
z*B%a>Q%N|MXXZcJjkt7q#L&2svsb)RD&Y<F0f(56%X&T^O%InkXQwb;Zx=x(I?swp
z^8{Q?`H8rzlv#wR%cVx&XI%@gCQ`?wlQCs-Yn3l4z8#v)BpS=+jRFl}-kfs<^dyH<
zGm>R04iL<LLb6RIDyuIP$1<%6-6v0CrLjRit`od1DI714`8(@JNjl^xB!dgTx4J<j
zu6xXr10mXELl(K(__$s_(B51J`XX&`K_nW!c$o?y`D+aXC@M{VUhD5VN{HaQ#}K!G
z*5>%0->k@440>QcI<Sv=WA#D)q#*X-K}giJdx`;#0724mi$3e;qapL)VM|=Qeu{wy
z_ebJT06e;8QaJ6OBa(m0j~F%PysPSz`H(s@a~%~hd-8FeWMi8>J61+5>9#B@$;rvd
z&O9tI^IRHJ#SQP+FJ?C?wrEc{!F}OJv%gHc7JbNR6P+!Eoqo;GJ{}s^=pux0l~G*r
zA6;qk^_LjfrM-CUR5K`FU=@4bjM_o}Qs$Dwd%#8gQ<K+&^wfHDJv>Zg<1(P^Vh$)8
z-kX}C=+5dzp(WO}5Gop8Dan#o&zG7iU2J@56k^xNw*m9gm$Z~EThwkPeWRHC)xepA
z{kPfjTbB<4DQ-Sol#J5UYSuQe$(X8Ilx|Fptco($^U_a+j+qtz-mnY0ZQJrdg9L3`
z(vYVCd|OgHyLwA2fni&z50SL!CjKl=*1t*}Rm&Nv(n^%h4ao`%S?Ct?CJ~^DOh6jX
zpd>kvW>F_3V6TEF?V(Cp-F(oviXBs>ra>U4t6@M;v~`qVb*4fx8mFd8CSI1pMW*IX
zrkSN=Z~5$wx0kBzRxBd<=bdG9?P#dKt)m{2mCr?uD~j9U`cf8?V?np(YIck3h_|}n
zuh46)W_DPjX7x1ra(DK1#$e4KI!ksRkv%1!v-7-p3k1qlJiJ#eOFvfr$Cfw{0t_c8
z6_pV2>MBkGbzL?>>so8ERaGFQ!0clyeaz{@5fFB^2fw-8NaKnqh$N8;P59|P3m{d{
zT5R7X0y2mSzrg!84ft%XaIy=wRCxR4J0_e(X)o{zK`bnFgkF1w5^sxA*yI56rk^w$
zn^g-3=v2f|dx~uC?HkkhDipOCiNV!SG*}*vsym(C!!3(u(Jo)l8;#>`KMzWN@l=3v
zChI|MzQPJ}M4s`*2@72-L)wo*J=>5Gx}NWGuzC0cqWm-S(Q0@6Guw^UMd-_d5KGK+
z-Bq(SOUx6Kh&HQ*S(+(Q;HPI@Uzu5Ub0c7au%;(R*Z9=k`j%hGO~nCJMt_k|dfhPN
zRiKXyj47MndIf+eDu5GhKnts(EBZhMfPF!Lz=6imffGv}sX&Fs`1VeaC3m;MLqU*8
zf3<FNaS9}!HzgClIddkx7Yb6fQ4qLF*^gBOv=Y*Fz6+LyM=9pFkL{CF2L@S^Ct*(?
z?)F<E*=VV|;`YNZq@&nK$v-a)TC1sPCi$(>Y$^p>PxRWX!5Fr*a5{JR1Gi8(dQ?mt
z6nzA*e5d4^y7h^l7@&mfCdN`hR#H~q;`W~J1vas+3HA5a2R-0SXyck?u)>hZo!kpA
z-W3VO3$1vSQ~|dnu2Z}KqBtWDst8$#AdVZ`p87f#`?{beD94Q;&+Br*t!(SsNS6D+
z#3XQbvH)BKs=58SV-@}f<ML89-LlQjr&IYP3vSXJ#hW&gE2tNa;c4GosQI+U@De$b
zG)~dCja(T15Rc)>w+(WV*YLCodeXICxN-h7V2Rx2qGPE9GuN-02mx$CE*eRiKOa__
zA8k<owJg{BbjQl#6}bl|)}wl^LGUsFE%r?bZx(VCH?|`ZF18~TGqxk}K8^6{g7b^(
z1IYKX&2l@hgFqj2wj&nlTRZ`|*A;|2?(%;v3qhUb&V2&U7ZbdabCbu*brHB?sy98>
z`E!MhqZrt;mAX<L?0g3Zqk6ldG!1<{e!b;=4I_y?#dl(B?qzn1#Wt$;nLE+fA%_@p
z)^e#tfWC=5Q^<MFiaU|!Vl=lDRj)GP>fXMMe|q6_vg!%4E-(SBmT;OBhdpC&b}&OR
z5~49=?jhz^GUu!W1|Wd}Vo~a=nEdT<LN73l%~21TCxe&Uxg*uiA(?K19-|e{AWjKx
zP`}V>59K1PNEaWmnq4N8<L|L(NO77I_nR^BIe}qqjTS`s>acFd0%6@4GWMbRtcbn`
z0#+#2(|$4)2!;TUn5X4me0~NpbPNT)SSE4D3X>G^+5T9hQt+lf7z$|E(lZn;;|^95
zIq_bv&k#p5&e|td6v+~00+3q@TeFRj*+~7icl4t??Qvs}YlOY{3B1LWI>>zve9ofL
zPG_sK-K(8u<YeFU8N$N)^oa<)WFZn-a#pTiZ$CmjxFHHG>(gnhLx3kFI9b(YQ6?l>
z3li1km~h}%WbFg>xsi4Bxq;UuNMB^(EtS^C`ZqVrac}?J{j~ik5=H<kK)zhwVZ&;k
zT|DO=fc!Bi-<(w=7Z&70n2jGL!=^5Lv+8wE`dz^5XN+CzDZCOh^hJ0w7<OA|Uc=VH
zucIQ>tHZFG$YD|R7|Uh?6|3&y0Cy?!)8jE#{lE@XvIuYz!R@GaZ$lCq2B@-VRT2FZ
zN27<yNMUI)adO&x_q40it~fqA;$*tSq+aG0!Fy!r5;7PTXQukG%ce_MkxL-bbs!0I
z;Uj}u^-RmX6I_?AJ2kgcwUP-$reLmT8mjSS+>|DMi7Z(?vCe5(-QF{n$0SXz2ur&i
zO->zSzLre1Oxw2BR3|OhDJbu`@5o43eA)eb-A>wTVUcij+@v$as3<mllB>k;IH#ZI
zY514cU50*x*j^epWWnUxOt1W8oAe$gR1-K+k}Kt}bCj{6vsPF-e-qA1G2SCELct;-
zaQca@p-d{@m2rg7=&M|~%?Xq}9)gr?Kl;n=F9?#*L-BN|ST(<{l<0+MIb#WJNf4>-
zyNs8p)KU%Z1*s_Gi!^AJ>LVOD`CKXh<O5eG+UjFh&>_Zr=6fEB$zph-wfsB;T!0I6
z-ez(<JR_VIFAJpa{l-Aw7UBYU2W%Zqey)$Kqb^_>G{{)-FopS<GC%A9BQKDfvz-O|
ztnEzEt~2jW+eTBn`GmxcT`}0<d%FN?_^5WE#PlY4@i#D55CrQb)Zbjp?uA!)7Xb~c
zVh5NSfo{rAA#|n-YWPXA?^n^$QCg?mTVf{8k-PMi4t$lOD`G^Q(hOEfP%&is8ZTKL
z%<O_w^}{gZoTd83m}1pnL(Z3)uyz7F?IzC|im&1+r|cWV8m@LcUIWIKC>4y7dgjU~
z)VZV-Dsv(h#p*B0EH@XZD$=w(eI3-D6<BU#uUfxp%0z>ilBzXghIF{mTx2%(s^u3H
z+lg%3?8!Pk^3i+R6BRxkTO-(hkcvuJ$1);FJ14=Mo~7a)@OU~n?DH$#{XEUZ&nH2&
zkduehp&Jz={mUpe?&|42KVs3sKR*JN6LpU|a2)k^`l6q^i^??0)+Q4b8i!-|?>K=y
z5W`M1CB)iGvQzb^pU{N_Ia?@752~ECS@%nGWAmT0<LD`#5taexm0{G~rmH%W<St<q
zm50XVy)P9N)-Sz_{lbcJ`o=AdFXaXIF7KzHwTqnWQu^3eOi-j}I1l>8q-~Y=R@}CJ
z(z%z@zc_}dh|Gq$cJzXJbko-<bMz9aaUoZ03Z)8vQRzv@*{DTun|`u;mhL$TkrpID
zi}fE7^KcAk>MhN@63?HNYd)vsl@&Bpmp{FUa9>5UZq(Jvj0~Dl(l;yWb`lv`DA9#+
zKH+L}jyhw`m#kzXiClco%(C9Wz08P5m_tKS6W&LQ7sZS$P*{qyXJW-_{f47|ak=Dy
zF_n2a{3eJhwK$130cSIL%A#bfO6D8FyW^fDE;KT*aM{HPqPM*XO`ZO6#ty0HByWih
zU6ew&${J%Crh|XHixy5wWua$?5mPFGMe5D{BZE=l4JUn`eAjhHLP8lSd|Pw`Y8`^h
zu@f9Q+kEc(kdTpuF|^+@N8WT>F|&Dcm0G(xT*(o<{)s(3Fh#;z)@9*;BhXL2TxRha
zA*=jS+wFbaGEU#eTyVpe)+Z9vwuk1aKIOriVoV#p2M*6w7{{vIt$EGA{pfH#q{**p
zJ@k=-g?~8w_LbMf586u_r)ySvtxZvI*qVPRof;N@>9_UTp-zj2eJSEakWL7IyuS^F
z97IDe@#iBx1aFR(m3z)vd_{^Jxkpvhl)SgFT1VK!6Z_izy93O4q-K@obgf!U`Wjhk
zjg*n6d#{YZ@($bGGn{Z;KTPb_a13qG0kD34X53v}>8RO`O&}Cinl+#xK?pmjFP@5t
zo;AA{`^&&|<(@Bp?PItc<$-aLYqEePN18sRc@u$HzaqUsfqh!5;f;dw=ZDpJ&l{nX
zkBz8TmL*_-uxZm*Vxx8-PwW$_R4o#7Y~J`;XqU4pPaP$oo&%`UH#;dzCbjniH|Scs
zBu)a$ZgdLzCLANs2vBzxR02Jo$9ivK#;@q@3JCKeaB&A<P2HNwAFJoY%M-fzW5*eP
zcdIR&%57;L@>)yRp?vf(l`{0-PK~j*%a{7OPa<<roJ_V%{UMtP4Mv4dkRzofc*IR!
ze5Ej<%AXeZ?$2N;8Qmtxo)bk$g$f+bp#>y~s6VCA{XRj`g7`@Ts>@WM@zI-5cd6z%
z{EL(6S)fDS`QqjN1AkQ|VMmLXX&!*+P>j<+%1l1<2W8_FZRoCwQg7=PQ>rzekpE@B
zaZOSvJ4r>_QtJAKoCjo6@^MF7&@Zuhm3oFZ&pGE!?!G$M_$WIOhq&kC+^zebUhVyG
zJ#vbug-nKHgAuh$PWx2lD=OL}W=2#E52j<?&Q{4Hg%3;gg|s}1M{SwqeMT?J-2<2I
zyPBw|*80hu&-UL3)m?<hR{1`y4CC;5f_f$vx{pe9;xJ48EsgauvPkF2Nvuh+yW^XS
zjw{Z>C%*7Rve{a5J2=E8%1`%@S*bXG%U^a{GAe|ZrP52>gh`2S({Ac=ob0WyP<Ql7
zqh&;wiUJ}3gxuYnj-!_(h&WF#83Fra@Hc!SKObg$p6I#y?AL4Q<S9v$9UMC6d-Hz8
zsfz~!Zc&%6-kPjvKe&*8V^;79Cr&JXTO!U2jASM(f5+L>FAal_k#519HPnP>I4S1O
zR<791!s&yIA0>LrWCwx7`JHRMpNYXCRu&Pv^v{H<{gqagE|;sj<N^-?+6Aqze$qX9
z^{;)m*XPC)I~vN#xzSwnrF4Rcgi1$s3X5jAk`#FIg2_J+V`+WS;_gBIl=p(iHg#`R
zI&sQmHtDjG$>lU>lT>VTZcX6>Lysci1k-a5>BFD8$9I36e(_P!C-_{8JnS%>%V5(c
z?w5|(=Ctq}M%Ri>tLp(CWSIW!(Tk(}QP3dc9?veQHFke1emJU<*7$1K+swrmMgY{n
zgMI|2DGO^T`qZrT6vhQpVv!Wp$QZ4(6*`)+!#*vOc!zsBVk$I-lpUMkoh$z>VPrZc
zKeD-?JaOB#b{q}R$xGZ<xPYlYRnb=i>Hz8Ktwur(&=C|GzkpH1KS5YWgZl<UsXuxP
zk@&qzq+!$u@BDcQ<)9wH<{m~L!F;f9M-g_nt!Zr`L1F%Y)sp$L0`rEk3PObSrUU%}
z^Y&vUB!jT@4|MdYg#IrUY56SXYYmXGFKvblFd|`K9vluPP$UfIo5Nkd4nc-mb-x?<
zUcu0X#J@t|JOFXSYdZL6A{>;kR!H0fQZ@AcB%@a7oJfCbHx&X?u2#?&K0gx03W>Dv
ztWGfVG7mmK`4?~`5=Ds@O-?<8YN+D4nR!sDL+|z<9708{05MOt#VPrpci3WsW)l5_
z!*I|e?MBxgo6a4Bm9-y$fXfm&%b<7av-Ne>CUS0`CUW?a$EmyYwJiiW>zbWKUA~&K
zi>vF!M;zIUrMt$yPi9Qy`_~Vb<C4%ef;MRZC{y)0@G%p#!F8L^pl|Cg)o|zvVqLF#
zj&1F8y7v*XnZNeK@1ka3Fv{BJ=uQ8v0zm*pf7TjWhzrm%2%Gcq4{0@FlptJXgyC^m
z&X4VnrWe5m&xZB`JP2NTkb^Zd_C^Uu&Fc3SACIIS0N)%!1K)(xLGi?+*t(o9G~iDb
zbGYo#1^zSvkjudlis?He@%U!o8dDgkO(DcSg8h=ycl2#6d4D*sMA+^GFA!dB$my8d
z!2w}|tmX8bGFaAUTKU;~DF3cn%Q>o-*$kE;OgUDt_7lRx+`(5K63Pjv0<@45tr`LV
z`9DH8+wo9&RX!7!O5h=Xa^FwV!aAboXa{tGcOF6k&+lIgQjS!Ij!3cAPf0{0Y#k)&
zFKwh^M-CuEkikfL-&96M0cq%yEdlAvc3HdPONg=(_kxmWHi|juTGR{1^G?q%W|((*
zBH-IeWRTk*I(FG&q&LposRjbT4t&IulxOhzvb~u%;Hk`H5R;VOgnW|ocQERR0|<IO
zTPq{5T(S}yf}!jS43J4S5>U}Gh=7Jf=S8(N=EAZ6iV5LCecc44zk-6Nmn6+Q?9KbJ
zR+H|dm@~f9Wbc;Dp$W`Df+%Nxphct^D&Rd?lwUy$xjPPdf|ar0(OA%#n(QG>o-b@!
z4q`yU3Nq4jcjC0`NIg(Sf?!jk4U8_9ozakD0ctkMD*Yr~rJ7;jIA9Vc_MAbos7v7Y
zMywhsj#wB-!M_nbdNLtKwlpkgT(Rw0o`;DrZ&rRBFOI?NFaRA2{2wiEg~cb#tU~*C
z-?eZ~gpGBLgc-m5*=X@l=WZPpF{UnRosev~Zka8f^|Ga^*O&zWbrE(FS-VQchL<)d
z(2({m3xuAavSc_7@Lyb;j%65$->g;o-Z)%F=xIGtc3Ps%NVYcYDpWL(UEMP%Mj?Q@
z9Mn%V82xx^o5V=jc|hq@nmVhy)oxbB%oh21Yjm4d6hVgE90j1aQu#P`<pl`q2>p28
z=Q{OYIc&ItZI)I(QdMcY)fI-fY|KVUe0PPlV1|fT<?+Dzv&!{H<8oRXJliCRdfcrv
zS2c?GEYOhKg|;fR4DE2Rhq5TfvCMmbHaZA$WFZBDJ+!ZA9^>RkcrlD^PN*#`E{vp}
zs~YMypTf{05p}>k+SXEJXaDVg#phM<cFq4UKHJE7t|M*oqHggjMCj>^Q}}RgfZ<3+
z<%1ai6P}X|e|~Wli*X9;cQbf{k;_9)6~TuO$u!IKW+{zpq?C$W#EiDqAV3uIt9k^)
zt>NRi*KiX6z6aTCK|EAFoZPOi=0lpQhcg&<ye9_+S~(~+CY)?0(PH1p86tM@YOr!C
z?QD^@s_KC&@C5LNr)ApZQd(Y~{pkMQQ(k`fRq-Ipdhx$9xXp%z1`P4d`;ic}zs%=d
z@@n2{H+#<eFlvTJ6#=%PGCY%^e*Il=UReJm=53{6?XUcWG<i07fc0kG^LtAv>P=r@
zeE>D&DuVFqk9Ac4(oK7r%7mWWE3181h#Mq_c>LAGS956@|KY_utXn9y*%d~aqv$nM
z<L@ExuE6y)r?<`jJ@@8)FK1-g+p7M5lP@*8FuicS<z;<%70W-tH;D587km>_{}X)U
zzk_es06nssV`Qy$uJDLf>=rZ~?G`?Fwrq8%CD)U~n0Fw8m*FPL)qI`yIdb9qhe|8M
zx`mVqm|mm!S5Ls>H&%lmTujoMSpOkPzU@SzYPcQz6U8UPe@(1m71;ULdp@jV1@4CY
zdMi{*4r5m5z@?ukCPLiM5b&;9xkC&&<VRAMMajLvNd94G(V0R<RNQUQ_G`ZylNVaO
zxW~^_GDz6t17t-ZGPT(wq}&xQF5Vp<#WP_ByahS&UzBqbwbtB`S}Y$C0U?lsnR<05
ze;AdFHS=de*C6V!PDSMo#QS^xa+~wa(_8YyvqxkjHCrwQ$6yj?M|Hiu!gFFNvVh|T
z$N!C0r?XspKZf!G_<$i0-&L1T2|vr7xBtG%$1S%4*&7pX(4h9d5kxl)!x0t6Wt)%_
z>W|c3`M3<RdTT>_u&KT<KCIn1rBXeE+dac`GScEOW8XKLV1<4qJLQoSgWXhM6BQD!
z5P};I{LM2yNG7c>e00t8=MBsc`K~vn(#Z{h0`^(xCbL5{$+HaxuPBG<iYqVSmm`gV
zo|EX2ewF;L@W^Xo;93Lf;x)-x^ogr&tvB;cW^eV*Ym_EQaJuH;lC0=ZM&z|Y%Q8RU
zL-(G)iMKR7C`KzQ6PLJ(n*+ehYUQlkprgkNSkrjI46;>O4`?W`k7=Cj>ruYfC5@S+
z<c$$iRgSvf5Ht^=kP_nT>ocB%s}(TaksG72v`9+W&UY5l7R7#hIu*ezyusKOo3Apc
za9Qaf+>$Kf<+MNlQ;DQiw^;fGTIPHY3%(2z7o?N2mT)#|PXg;ZAzwYzma{_G=EblW
z*#=q_tjGR4>({pe$$KCH*(GjZyY;UE3H^OO#J?%H|GALbg7H+|#VX@CG8B%XO?5er
zy}=(<=ifA(@n31!HR<gXV;&u^>`q&D>2IAU)wY2P?;K@Vn-bnw+B`YJE<RU{WgPd(
z0DG_4Z}t7K%)t)E0{syfWd7pfv4O)EcWCw@)C<gCYcGuR(~vvWrCDk=#e`d>lxYLH
zCfgWY)i^eT0SV(6ChXBgfiJ-bhX_tvd2*dvyYM9|_~~FcgApIG4k=@msutUtL{w*;
zqePPh?)eS$k39zWCh!(H$n5U~PM~K*7-f`bd}Y8dW@?h?Z^oV$a?-oZG*N|zT4JiX
zPAY98d+>iq=Q8colhkmKOn<db6z^mC^da6vN7<4``TsgK1FIsvGUHx+r??Q)-0(ZA
ztf$SdCevg`Gz+P>NY9O_lJksHNv{DXPF7-Zp&Sv7?NAi%iFa}^o0pxJ{6L*qN`T)o
zTQM3O#Z}0GKKom^v-K@!qO7cRY_HxO__+IMIH|g?Iak9bAuJs(=D`mbP_j$cS*J#|
z61JCcL&&kbu6EaDalhRyr=}0OUfpP7Cn}75zN3aUkF?|zb9iRoyl`i%A56{guRo(J
zF>he<hm<~hj6Ct{AzKC3UtEx9Aq8M^Pr1&yR*w3#jr|(*vHdgRQ(?KM=+?1%UW(0>
z>ur;G5JF=OQCCrrU5{L%v@|xp8Ddp_ArZTl{)2*J5MK~v(V0X5I9&GlH2*leF&8}7
zTwu;OUv&Q=f?auXLDl!T_?eTW$Q>#jY9XpLkK5u4huKS0K!w<1HgAT<zba<@9I8qF
zCdi3k?Uvq?MS1YepYIxDSuylaR9L$H?G~}&Ei2>l6WH56V_L<x>l4-Hs+S$#mJW0Y
zbGY`a_e0a{zIj^ud+)dvUfUk{BryxlDHjAHkaKVMl`cCqWtTz)(%2j}``f>$Beb?*
zb$$QfJnf}$ohyk+6x0|Tvcdt>rCqQD5iH775=l)z2}AOqZ#?=l?Mn}NjN!fGvn4+9
zgiU)1x9CEMXIAUK+aj<dK=On*x5??z!m76j@Z6W7-guKf^h*eJAH=WNnioK+8Gb_<
z0k2zAHdpwhu2&02ko#G#vx?jE!uoA1iNAmW38U-70f7PqmoC8o2?v`!Ve2bTo<dv?
zCB9CkxvpS;BI{=;B>XJD==+OV#8~*#4|A~xYs<ia<MGPc%N$HWV&h(<skHHt2opKT
zDSwWaOS<vZ$T;3TE?delc}hRlr{@#zCQqH{qkK#KvU8vT+AONpTiD8|lsj2;HKBHS
znDI>VT+!CIH>M44wCEH5)z0?pm<ms&w}Vs;v@^rD2U_nCp`W9-oyoAbeFz|zO359o
zAP`CacayxY<F7n*-WJebnQ73cP&s(RhCET4kq*6~jAo7FYo!f^`)HR&EdN+<+ULP!
zU)ZFE+I1x0e%!l6EhyyEj=@JBjw=cIq3oDnN^tddYCo=1VP^10aW#3OX}%9F!=8I2
zq)rRQ{(kubKME6z24YM~RHLx>Tdbb^hz>WSmV2ZF>y!+h5K^w=HdOYQmXT;*AwH1o
z_K1fUsAE6JubP(!PYKtH{0^~Dj-KQ9DFU=WJt=`k0yKyt#Ie<uH|X&>{Gu<gRWt4i
z+`BNej`a^vR{g+4U&DG4U&HYI8StU!9X;+C{ZF*THCao6)LmB~PYvAeQ8UPE*uN=m
z9=-Iwdd_Cjz&$kb)!f}OlEBa4-xn~D-MrrGA8xE)&eKJHxj^3}KlSZ9STqC8c9IWj
z#RwNW>I03_0Gpi7!2ZSTWxRXzH3AwrpHAh&_}RdIa3c$RnHUGMLHP^Z&TM&ST5&p^
zG<RASV`1Xgc?D;1U;qMxg$icV%qIbbcx=gr!Otd3$@c`H0v(*fVsWz_I%7~?DSl<d
zcX=U6AX5z@AXCv>sMN7ZG;Wy5U8NN5ncukh8J~8Oaxyj`lX&pdT`}Baa?S`m^@DTM
zOWU0oW|0y63#8407h}7Xe0@K<V_yBM&!XLyeh%Y5DT_JQIK7fgFqbo{d-H83SI$ap
zO*PTZ_N%d{?@w%I7@xP3Z9Y<ZU$h^3U0}(U>{)m%)GZVj=3J-d88hr8cGs8q5mIjB
z$)2oJcc60YJKXQO*!BpL@5QEIsb^1L7Vw&S$t1|0FMm3{7dbWO=`f+WIWn2xTXdlJ
zH6{{+EGWi##z;&36UBCq<f9~N1v?Gi7iP%^>4sR->)<8QHc0%sk3ImlGWj8|jWJuO
zh&nsLCVZArgGy<c&e;64yi&d;Kyp*-wxHQ-Y8UuOXarQzrSB(CgV}cAiV1>AvGM1`
z;>5+jPgab$%Fs(8u=aY5m+~=0?MBT!L%b-C;FP=2(a1}x=}09k1?FP+Gvt|LkhE3c
zUOY;MA$~9|X$&m~Nl8`AA}7hQKJLEBmvQM?xE3!mgnoQ4o51El6}99sy-*dn&~X2L
z<{!v+?Ad2^B3vQI=#cm3Ti_?c%Q6f5VM&*Me77d?KDFt!uE(%NggVP&@T|pkH<#f-
z0`5+`8(%@?^xqfX1=bkPDTL5o<CJFrP#jJxN%eO-y5CleRUQWglLZ@&bcL-{)SD<l
z9Z8kXu`Dw1l^JF@#tECB2)#yjKt!K%jOX}Zg7UHCizJV!ilbmVY?=;Y(>tq4kNbwz
zdhQ-*gqIz^(kdQVZtGW89k`|JjiyaXdkuLeM{Y&LzR=p$m^IhR0g8~7sb*`3i1(OZ
zZq@FYlHpEUbaj@o&pys{(b4ng4<$cJz(4dy64ZkoEBYV(5{9{Yv+-Z>Q_KEe;0FVq
zGhD)p>_^P5+qk}A7;AK#oWx?5=t?5kyf`D>F6_R{q`$<l)mSwTBG7l<C_rS2(5erj
zOlod}lcrgSPUHvK-5eP?92+52CKD#D)`p<KON*65@#0ZIWzx|j_z|f;#$&YbPMV!!
ze=`?}qdgM`a+Qe4VL*&vZlNKgez*fX$H?W#vv{a?*785$5iP$lbGYiY|K=let!}Nx
z3BzLMY)bfeNQ_?orVTdFCDyqbt0Rh9?4SXiY}AwN4#P3qnrxVzX5T#!9WYdoUJ0|+
zWl;F{AoEJ;e8lF+=)QxQO1LsjR0)K=0z;;9Hl@kT6-DMeMxsPYO^+sRqMPfz>y_{Z
zB|5k?km7pG>7J>Mm9D2^s_9U}SuEF+4c4QN!$0_6+p=5b*tb9PS*++jjc&=dRiX6S
zxI<)9u9$&UK2*i2h#n>LKV8pq2r)dHrnBSu;U?j`>?s#J2Dvo(8^2X?j4l!lOj2pq
zjqFxug?Er${%#@frj0)sPrJSh(|kWwM0j1;VdFa3F%T>s<}0pHF4P^lH)ormlnCob
zA5T0-1a^_5aCg}t)>LC3E(u`7f`8>2=7oQ%V>@+{ixm9!EX(_yn)rHn|8037Tz5yX
zt<Gn+wN-Lq%k@7qm_`a73sKL;zFQv6a+>Y-KP@l*jrJ(nwIy-mUpCV7-)yAmdfQv=
zET?<c-Rwh2=Ir5h6T_m#C*Mhr;DHf>;2P^ux0Jf4;`ukXeUMbk-BKU>AQ_(Npuo;$
zNH@(tMel?1UpnmiT+N$jg&hf!<JxY-Y}n9zsh-sqy=}j79T&aa1`Q}={mKiN5p%T*
zZt5=2c@QgHR%yDX7giE8(^0v43Ul7VwQMyq$cPS`QIxeR%5)VSUM%+X`Mcp_cR;Xi
zKmju={6E{4#bkm;r!R1BU^wRIsl^Ur7tsGgl2}iR`?Mk31>6Z3tMN;2B|}YGuW;T&
zmsBzFk^aTYL3S9ut=;VO|89#}|F%V&usWu8*C0dAn6;FZAz}+fK-l)D83WOO>SD%V
ze*%h+5>fF9rolSW>8pw4`^t@@y{Ps=TaGQ4*zqj+AKDu_+=(GP!SQXqp!&S3W@XW9
z(TMvmZga%7fIkA#I&EiNQ6AhGxcVu>7j&~#&UV7qdmy5OIRBv`6pr6Cq_oFj1{;z$
ziT+o~{f@`~)(mG2-~h2ing80C2)MHo#5R4?v~=KJ2uVU(VkPA7au!}t!$z;rl(eMo
zjLp^|2Gf@qkcfz(oIQpUl>seGv~y-6*51cn^zKw4c;E8ntkL2BB46JBZ}R2-{~=#4
z>G%JKi1?T!V9AmEOGE~+%KrMAmkyY|NQh%P7)X6=BCftTP@kS?qfJa6otjqumuOkn
zvM&Quh5lU(DJ+`CV>L*`3caHSuL<&U+l}tT*}T1HjRO&vj24#~jTSGSV&YU`LQq3L
zxdxuU0(3J5jf$L0Mwe+@wo@1LBRh6Yx?N$Jy<XS4YYy~ds#2w};*XrGQ<pQ+!Yx>8
z0&=DHE)v6JFkRq|E==RzF1ehHO^2CaGPo3G-c~(ml!*-QZcf7fTs=X2<3O4Od&U@l
zPNX$2DJleL3j)@<oFy2zN(`h@^%bYGE*SO|S;Jyw<uXXlGm;uC+-R|lB<+)@d#v9T
zUXi8A72*8ya>-wV#D%h)?ukt~lDvdtDmzMA#SPgk)sibq4o&R^iZEeHt#QhuqVeIJ
zzi(9hLsS61x1%%hNHlmi8u5yxu=o4G*%8E)r+6tW{%XpAF42WduzArtwRs%6V-(4A
zWNpB+$6scyZaE3i!^E{DUP-IuQDMq5u}A^(uX5y}lH--d3XEz)WUG`Ao6$m4j3jT-
zA1Ybb<MW#|w^cl$8mfP&*iV~W%?PirJFB2U5vhrfNtEJ6CWkC`Vj(pYJ(%u8@l$CM
z0-t>FlTv!P3u49@C5eWgyY}&S5cvioJ6}sl<X%cAjZu+VO_mJGS@-tPg*J>E(_EQu
zjOjMeJSwP#IxPk*r)W#{lw#Hr>~Wcviu?U+G+lqYBq7L?-C|Inwjo>uGbuc337hQx
zObmO@5J+25HR(sJ91zKaaw!*&xDF|U&n*@rq~(0JO7w3_a@Aw;cjL?VyddifV<pOj
zKkXpvPN9$7j|XQ6XjUvhGpAm<Xx7uBlyW{el{|@oe?U_Z(rD`6mCNd|braXr2)s|Q
zwI73EhbjF9SH|mndT9X^hI8(1+rJ~ay=oLUUCMyC?w!aakKGrve}@H5DQeSTd2}Xz
zk^rZe?6ORZLdAXLifXmMUqq?Zv|v6)e#!6Y@CAwvMhcUmEw&S}bRwL|^&4rC1pj6<
z_x1k!z9)U5%(Q6E^!xC)32R2-=ku$Kc8RVkPI&Sf?bN;aT5dTFXcPSHudtU&icsJB
zgtDcvB#DyxWjj3ZTxY**Ocp?_Q@l=t5?xt(@;8-jGgY0vnl9y{M@GYvP}F5CifI*3
z4$g`<brp{{&W@jf+&3n5z7v0z!SYVvuPTeIY#A9WCBKDc59AHnWsUg2I6=Q<Vp}?}
zq?-7{gN2Ri+7zKyP%n74V7F(;=nt+@ATG`O(JFGQd^W<gt>5!!d8y(7r3}bFTY1T<
zjIL9$=C7nvUeYND^%C@`(`kY7>Y7LZO-(?2g%6QoLr^@~4*Z;Zr3lMIc?y(*Oq2yF
ze6CzKS6FCW`TxV&J4Q$Lwe7wY+qP}nwrxA<*z9!NvD2|_vxAOp+h)f(^?#n{ynFBW
z-RH}xF)~JKRn{7{s#fNj^SZC!byp-VluMFUh&E8eiWhWu5X$I=7n!Ttr4Z>PWhZH&
z-QrjV3oQ_Q$Ill75?<st-^SAU9!7{jZdYfZ3$P2D-hW(yb5=&<eHH5T5)kAotcWM+
z5@#^Uj0N+98c$#>lnqln3R{*GNq!73Nt6h6e-VckVKlRyq4$+h`_1O<{E*I5$7m~~
zwpXdllgJjuT!f&vy}-K<!Kk#xy=%ZgRUxi$%X^$QkG3@2?IR16jytZ>S<N$)_^z7*
zZ>zyvR;53)F-1c7=iX;PTZ7tkJX~duyNaUmAcgQu-K$Jx)dUh7j(N$<jJ_Pn^n+N=
zxEVBF<DEcwi49E0;=>m_dFZ~d;_|(DOpr6g!Z~<&j(Zv37%kQRplya6=wYWTasaJI
zfV7X=lG2w`D7Py^E#}Z%USj9)cV{XsspZVg<Wl0|P_XJls!9p_qASW*-1m;7r=aWd
zL}UASP4(JMRj~?V$}Nl}&s2E$rv@cK;nAm$iXvd<Dx;NTi8|%n1JROr$C7+y?rTOz
zL-ePbBLyFtw@JC~jyx+z-yl}?dBUHG&j#7(Zy6p`uym2J%U)DyQ9-E1ePSSotpO*^
z+j1G9Wh6P1%}SmuC6&T`H<z~Dd~g2Mbk57}))F10wV4K2%9EBwcV#oSpQ)sj0q`3^
zuFi@YOj)T*S0~qH45!d>v-8zz#8_{VFH6AG)1}sK$9AM+(tJ^$6D{!7Z~|Ve@%$7h
zD8OOn=O`phZuEF0=P!cf;T|BKyH;tU()rlQX8RE$5G6%vBSFEB$Ff-%RS3H?Ta|N4
zwn(>$a9Y-dxfZ0>pq}l;gKye+P!?W_Dj#XF_aa-$p5sv|p}q)g==)1{Eu?O(sBUai
zr={&q^kY-QmTs9ozYA+9Q4Y!~+v0nYsMD8h1-fO#9%_FnS;6b^hbI?BbI6MVHB#5)
zvg%`?)6_@mmDgZIbggEWnC_R>dCmjY+1FEt^4DMIn#9-M44hcGua@;}7LLeVlQ4Xu
z_bWb5^j-fF2`{w%c$^x0p^qp6`l+m4o3e2@ckgIY$9!@p8xg|<=ia==)YNSUWe+V)
z$JVY1$Njqwg|V}-=y6MaCMXDomZ090Womy=Ts}fmwGc)zlzX5L?30O?8tNY@HQ4Uv
zgO2xd;rOARHmd1KNAE)qFQ03L3ex3bBkAZGd$Ul5dFb!u!}l@Rjj8c<+s)5W<ABbh
z4u|~MY9AL)?(6c8c@ZB{T}n)iK?cA6eioA4XIhRI#0)&I+g(2AvSmE9^@5FG?L9<D
zQdzt|O8+FaKlk+Q3#OVUDW<|qCVR<H@?9pD;W}OM!J&-tgc{;T(npJ=iW4ofbEjzW
zOlgN;5-~=rr4CV9o!!u{P?1vw9LpZif9k4ymMD(m*<|49L^f84a%%jr3$@Iwz)Hm`
zOu))TX{$mqNB=Q(DAw1gU<Gld4S$mgbS36p4N<6Io=u8%!4-phS$mRP=p}P>D$7%T
zjaBS8h&bBo^m%yaweSmf@-uhx6L<2%OJN2X5PD@3B{vwK-!;C=ExByozse2N&<#}I
z6QqS}M^CL@x7;U)G$cJzfGplA+nOM|Ke1sAQf~8j)nVpNLcpYpXB;3AO*0<7^N)no
z%efj<?$yeX)nW-!;X#dovF?AkV}CM54j=5MW!Ux+rKFz~y69)tuC*q9(_3~;cMZkA
zE@bfi*?WeENo7X(ik{0i{bLj~gB`T#kM~<hjPBuXu%|7j8n{kV!~I3l{JGL%CO$b&
zq9G<Et$>Fi?nyiH-f5wjpt}@Ab`5!l8s?&oi?n$)^;Cv(p?=H;edKELAKNig_Hi>d
zimc%0s>gS#2r>q&rJG;lz)Zk$dR-;dLagg=aGwQp#$8cOeGaD<r>v;qP-Fd|#k)cG
zSQe0w%+gmCks?ouD2!Wr;iMa264=3{T^~{3h8PnB7fsZDk1qR`8-{0&Rq%Q|$0!d;
z;?38;;1SAsA{ssEs~^t_yqY<G6Y+(-^nUY!S!1)FUd>X<7qBbEQ_fWq@t4dKbn1QW
znvc4Q;=Rg^Rp7LhJYw>q$Kdi?Wm9#=8pdSTpZV5Wo0hj55|-87ZiCROeN@A)x@Rwe
z@E4z59~}3p$F42f=&_Bq2H1q^F!ih@tTEH)4O;ecu{TxK+}D<j!DOD>jO}C(C9Kyx
z!NPW8F+2D&3{~q(lx&O;LFObFBRzdq4^-OJ&h3Fp9JN0eAP-1ifn`={iitk6u7!|C
z_X3##&x@22L+kKm(Wb|3x9x%nyfD7?%Xa5)HR|ouiwh{SXp!S^$^DcGEA*9|!=2*5
zI58uX_yCH>*p6G;PKhV2QnNL1Ae*L&I{o%WXqORC2AfkNMi$x-aK(@zI>%*Cf1T7N
z_Nde{I<CqbxftO~53wP_Iwh^O*#|(`<(Xhk_Uz1{`tsXwS-CR-ct?TjR`%3m;@UWP
zqKa4VP<>(Rp$N?gCIc8bbOT|y#sj*r9P@b83wnuY@A||Cj#HD3effMm9Mez}tORxR
z#;ZOb;PiY>2-+Uk_4b!}GSymZFPX-ecW1{!fOG@6^v&Wyf^B#ETzG*^7R@P@W2A(z
z6$vLjlJ8VLLuTd0?+)X~Hy4sS2K-d~ky6ZE@k3zsp8bZ7q7*+)Ixn2^Qlg++<>@fO
zwyUdBbAsY5KEcY0m5NgxtCdW4!Cx#X=R#DHb1mCC6q<s4c(DC$(^uKYd7zefN8<Q<
zD(wBvkH@N5dr~kz2?)1)-2BETANU|66LCQKKG4KS0pji*utCrOm8YYn^wZ9@C@<;n
zXOQ<q03-p+2_54$EKzqWhTkTM$2Ey3P36Z?#^bJ|Zczplc#}vdp)mrYd25<xv)u$w
zmtkc}>=(B>-$SZh4R$R;RN@rh(54?ggLOxW)-cuKX04iEbvkkYOQ2PgpU)=&Jt@u(
zSZDSVfdKtC`fr!CGP+qlHSo(<zNt%V?EW%6k;3!azg*ASK{u)izN|vrB=+N4Oh5q-
zfAX+^sQSawB~{Rtw;iB+8tnnrzx}v4yEf9Bq{aOc%y{cVv0YYOf#7^zdbo;UD^2K`
zZLEAuD0YP&Khh%SSsSr-5%F~cg5sX_SCsVc(27H#u?|-p>ajsnNTeJ5k=55V+K-m*
zJS~1s=nLdweE6YUd*QD{=X4ML6Ha-yT1T+!(K5j^n#Y|f7_IdXq!Ei7%6I#Zos`?#
zoL`*il^1Gb{WKvyP|DZF>%K4GXRji=?z?+PTK3$SnY=`BL(8Ru{rCPIzPw+Nn^JUB
zeOr@V5Ccj4->Jj02{yzjY2o~h2VKN=?2b9?hl&L0>NdnOR9l&cf#w0W_bpfY{t|Lz
zd3LLJ&;)goI0={85Lt&!c=)?DdbL-1{ynt9e?Z=FiEpS4O2(|ZbApD8vM^1fHcsBV
zk@0s@!d<>o7ZzeD3Gaz9lDEq|an^9X@*`9#XkTF+LcT}gzIseAMdFl}g5~nh^z>kC
zm$q+}ds!6pyJ&24z7nd;1FXCJsrO^!yU1B3zm(2M=AeaDvl_Iqj_g@u25(JvFx?|p
zS!B^83Obad*&qspEGDk^pqK_ynu;6<a`bnTxcXCXa{^TlH2HV=kH6C0x}HzO-!XdG
zyNtG|4Z&x>p$EVN9p3_OAhaccRCrJJjPf+O$uZajQoLzE2S9aF)oVU8RZlH6(Z1?O
z*g*Njz@7*Z<*Stn)yO63`yZLxFw4WQO{RA}x-D*%XmkjQ3ccr6OKJ?Vhth%F<hz@o
zwb{Y{c!tfgrZApL$)J400tw~|;a5h=vSX!c0-l+_D0ZG;51)>t9*>=bW+xE6`L-31
z3T*tmtVvAqtU39->fQfsgH8RHd%c+|+pCl^fQqm>HUUxXAFOt2vVHqbn*8ED)e%yV
z%n(@GFS#M8sHiCICj6?csCfB$Qh#jny%RmpepKS9UOx9UD%+gD8vVcFwLJgEYf(vQ
z!G45*`_uf|Whx{pjcNasDBa)fd<t!_VTSeFJB^);m|W{Hb3fvh{s*t+H9V%oPFQ*m
zM-(L5{f)EqS`n~Blwhc}*xw7UK#=XO(Y;Nz=IvRv8~ek7mr_t}wLYa`U!$Y`_17C>
z4Zb-a{HdC~5_EybI7hwWXGl+D!amNR*n~`gx!PGF3kMAD|6jVc74(0jYel=@M{C-%
zsWeAshv?A9X%>1083|RASY_XzgubIhMy_qoBnzUrz$wYXn^Fg05s=yAoy^=~f|J$X
zj*$Q9|ES+TJ&0;6aTUVK{2#gxXu<!~eQ27u|8!?hBG$?6d;FIVmNe<}KiI8UC$})Q
zx=ma573ktB?i!8%b50qL)2YvbrCE{RZfnmCh8y;|i8RWT*FUC!<r1LoQv|J*4uo!D
zfBg^WmH-IddfA};FDERV(XQI}lNGyZ2~WOxRDa0@&WK56pa8Ty1GL1N4dLJY@0M6(
z*8js2+ct;v-z~8n65(HiHF$p+*I>pi*>e=wvzqs?!r4@RL(VFPPu?ZPe=GHJ1qwho
zZ$JU)N?&7K{;Yt3WN4{<-StfgayFT7>K|REmEZ`0G$H?-x4GRy83u|r?H>a-diw3L
zVvP4NE3SJ+JL&sSdu5A~GhL{S=`vGuRhR)euz)ekr~Y>y6jNN<xn2R&&1ltkJ{4m6
zM1<xrWSRLso)yV9Sbk3lLpf^G2`=<8-k~O8L_~)?BkO<^O0~^*EC)veIRV97)Ce}d
zP*`VAUO#W2vjtcpiA2*`D3~B<7p8GnVpLA+pu?gW-$;W?HXL~%B4rc(sYJ&?#iT6T
zl@Hfcyfynyp@(OYqXwe0CzVp4AWV!=yG=fc)m6KT5bFOxb&HRqHug~_vF8$39?>u*
zn&zVh*F?H~rdmkhn!uR2M%t>CT0}2k7p!<@%AlOaqaU57pME1n5isOM)m!J??ZMTy
z1928ca(1SNbXyBV1DN)OglMB3m45G^9~MC4N>XxZ+If?ykK@r;C*RJ?Mq0_$t4^Vn
z|0*9oj<!O!7#+_}0v%&@IsmmXCHMJad(BWudetXN@+cZqYZp%UVLTtvsHbxcu8Or|
z3mhePzQg~I1NBG53R;IS<$VkzvK)Ug@Jw^&A;w<ywl^Ae8Ie>JuNe&+ZZY1>qqPut
z)G_*~trNKsE5hkWnLNv3%f_>-NKNb4HH3AJA{Y!4S)`^dh3!y>&1kij<MpH90%<b9
zg*DqH@x(M)yMe_=Vme_>QCVS4hz=@A%>ZM95>6k)YR3>1oQ_zQg?|IV>FMf8xL2P)
zh?4ti$QE`npq|yZ_2CxR`iM;D-P|T7i=5%XxNgIG6E%}lt^?I$leD^D%T63`RCq9Z
zA!asf@;e`}SLB8ps2lqUpp>^rIr8{tA*gE;v6T%eIP$u1<A4I3a@3t7;1Fbtjvo{V
zMs=l|3#sJDFu-Cv<%1aWlh{D+`%mLQArlgJHNYVo#^NFya_|s$nQ8%cBV|%Wy#$24
zf^J~r0HILOOq8n_p{4nl!{#axMgJ6SiF(ME&h_LcmDj{2dMZT>@;}_$?h0C1ir`>$
z50cKkx=4ar1prRh&wgUyl*FxbaPfMvxbb?x<F^8j-~P|>9a#x5;_-;NgdKsOlp{n(
z_1&bzh@Ec;bKxgoVx1}-DnA|Y7jOl#QEA=a00#T*T4$hJEyx$}7x<RipuPd$l3v^2
zh}m?&Q=(m9AK{=m=mJ<7l(N#A`8wpoX#Q5eLGX$e{~oG7W8(gHui4<hEeND)f9@|n
zk@A_1VZ-76?kZ+0+V@_Hm5Ahh)(WHtB}E>Al$?b++u#{TBG^z&7%kz&2EuR2evs5S
z$}YPoa(U)BxgfGzw#oYZhU`jeE>U}+tDJcU$m3J_E{KFi6TuBvkOO_gNyzqRu?~aB
z@L@sT(gG9GIQE2_g*>R+>}>|1m5e#`z^)hJUsIMgxi7t+blki34<_4cZzaJ#7}*YG
z<ym24ay37tsAX{P7TLfiqOF)Qp+V@P8T-ak27^-Q%0cLA3FxA=0u`sgq%noer9@mX
zBn6>j;IZ3ppl`^*Bo(bW_hgU4MQbHs4hjVDcg}4saEAJmCrl1%dp}?8&Nn-k7BOC*
z*5SrGZtO&~vDhT}J4b!d#94~NL@r>%&&MkCdFihS3YV}>cdxLS>M~`MbL`77m_bH)
zIQ_SDE&u#uf%tBDPQ7et4pw$*fmB|Y1hEZd?CR<77}UI~^t~6@6LvRNBX~xtd8Bs5
z0-l~7?cJu{+5*=!rl;J^{5(87IEk_CR+xRLIuzZ0qEBfmT#|pa4H??ih<1&Yp?#r!
zCa;8}o+I~Wv;;i5a4$sKAU21Mlk+-W*VfuGq+}k&A5;wJkKQ$c*@<`YcJDZQ(O~*i
zJ-#{(cd`(`M{A1qU_?LFjEWy>G71Xe#i^U+Aw<-mZV=@@`BLe&N;Ro<FAsh6k0}^6
zG1xsLRGI9K&vEDvYiG8s4RGj>=O|?{4LvgMg`In}H@m>tNjx`f=*p<p8Mh}V3MC!7
zK#WT~v+lZx81;qFPy|xK9bH~Aq}ylCn=xilKjEdy)4Z_huo_)&C3?RLP%0(|5tRIT
z&!A6p@^EVBA40qrGc^dtP?PP!@aQC9Z{gB!^FY(ws7ZNi!y}+yRK0`eb6+!Z&&f>k
zJ5up&a8#uI(7?6o%y_<HKV5BajHHrNk<5zNIlATM$mCZvbzxcQRGelVo!}_5lXR`6
zw@aj1%I>oafA&a}@l?X++ifyBIR5G<<8M&Ktj=W@lDyY}Vw7&nOHDefZ#O<i<9Uhz
zvGq302?bg5>0_7oWZ!J&hkEPXN^*q@8Xo+qxmU0I=jjrYX7SP0xS?>g#)1+u7!<#S
zJ$$jDN_6csE_mR^Rfg}e?lOGCFnn3<T$+M}ygZ6gTD6)yjC@hnR$A3RihOa-07O;8
zlMC30JZD~563|`|Ur9^#-AC~-^ewrv1MczH(Fl*A;lh0qn*^{z+U(B84DHk(hv^U=
zzfNBD(aH8ovQVOeH)#nBphM?_{O^>QVaD(ccCo?pcx4<cdT<D-a&gg*?<)TMBqujD
z`@{t2YBYrx7~J8R%6#ChFEo>#5r`m;<7FU@LcANXgM!8mw_+aXc3L71JlIfG2-=;5
zOJTstb?94Yb3UW`6NxgGE!5t&XUX6MVo8OtLD>a_dw$M#!H*8*Im>Bp1gp!^X*V1(
z(?`a%uqgYAxGw!XUUdrK6~Mx$O>ico1)qE!A1{=|0R~ZEUQ1ttUxuO~@+q%5iMSNu
zlb8)TCawXzrZB)PfUkzKswh*!j)`OBwv$=%X;%~<C{tE6$thFXb~e`L%cFn$jhPm?
z*83hWu$M_t#(?3Bko=j!wKjdH%12CvDLVpi!o<7u)v3T`Lv;U6yJjC~Q6Z2b(U*bY
zkXNAbfxouECDbA19`oBbMHp_e`iXPX!>Un?WK&ZT;j~35*^v&;H?(VAV5&1kRd|cx
zU~_Dg_`2m6@}1*&ImxxAOZEM?A!+J@+<%NSB2IM<;&zw?@M9ynGSHidM}0lcL`(<l
zIy}pSE&kE0+Prmc9^8))ENN3p=_m&=NeaWl*Usi}-+!n{e#&D`AyVddDAj#S6bS#l
z7Tnx8a9XAW?DU(3*m3s@IkO*>_MiVMYb;l_R<rwH4t1GN`K1{|%L>6G+z`LcH9Cm9
zOXBUC8PK~+^6Bq>omTNq!%DJ~;4N#Rn?TTGCR%thUdtdtQPclGdbyqZwKq=o&50;w
zH4vCAVB#4rliuePf6}~p8o-KZR=<QqALbD{)WVroCmYd@QU*@A9zeLhHZdT}0x6Hl
zu?j-DzGgn$5i$``W!7i6K5eI$)upYM2hu2^;1RUCl)=-EFT45r-b6lj79O!l7o8#&
zfO}9X!#JWet|Ato%fWL{nqNJoRM{yeoVs>pSuTSV$X?;1PON|+l9~C7UPdj61-Gc&
z0oWnEJO&sMSGf~vDPy~{w+`qi#l(@6S4Y~f1!)lCfB(C?+uNwKX7yPMylpf$$$Zvb
z7sjV_RBSX#J}9sv{Dqwyo(6iqQUcg^T!D7~=l7p_Oz(E%edKwrIFF14uD9bLR7bdr
z!;w@$XdqOWgdp4~-%RBjptx@{z|TOG<!k&QqJF~K0aSqlKk?ARX%IRH%@v)hep{zr
zfPO|Y)b^#I*&U&=OW(l{DF7vuJYmuWH05wB+RY{?`SEg(=-qPb-~d_(BN}3^+5H9x
zDV9wNMbHH>_3NSlj@TE1Mfgef%pmk)FAXeyf};Y7+=7-3AOlDQkpD;qkl&l@!IS@P
zr?ZBZZg{@%7fsA?DFjg7hXN=iu!2TmO#w+M3!TuEKpZ{wtMw`taAk5U_Jp}O?&c%>
z7<2}*2uB05cs$y|ZT{Ad-UF_ktN#Xjp2oe35bx`K4QMY_+6K6Ig0zFVY(pL}2Jis>
z=oh{Q-NFON0Dt<)0L-AqF)~j8X2C4lry%SkyKNM+MzWtE?5Tedh0R{w06zh^e=*n@
zH#QkOok;(VTL^f$|HUcF1(Sw~H}nDzas!;Qj1mSt9DBfG8$TYbc~%)dToqJCG=tO~
z!+_L9GXgF!1_3K{<(?>Y(ME^>*5xw6AbbEY5Jkre93Tyd2ks3RvGQzUA|3(m4Ni0O
z1R8;k2K+GqkkUnfh-<1|lSTl)hj~Mz$O)+H>#JbT?<WiWeqFkW5ZXisp2g^ZJCFmg
z5iAwZk?AA>mXT!`4y2Dh(ZV-)Zpm<n4PZ||!rzjDnS5b)&A)x`ntFkC&QLCR7df(-
zfEAVzhvO5X@YLeCiL93O&vmP}CDO}Y|0hYwH>cc>n=i+KueZUk?K)lH#+K(??)TfW
zFmGa?+7a%c&oE4(=c&RWQOnAJ+c^S$P~RcbtYe4T=PRRYA^cBt#<AXyEZ2${i9UXn
zEk0(Ye}eG5O|5R(v8l}$I<51Nd+~!@YE=9I^xtOzK_EasBc>`SU@A$VJFS!P$$;Me
zgCF_k71+ZOAD-DOfAT);_p;hF4CVY^kbPtB{(is@xKO|k39RJ(8e&LdeVOiPVXxgQ
zNAEKs=J2%r&nu&yUs%Aokpp51CDiB@EF}~;Wq2kf6i#9A=q`%_V#1t$J)%36In}7j
z#ji2q9>e00k>|4Z7qO(s!og1!j;l#{V!=+X<-*iE|1hvJ+ed<-#Ow)`tN+Uk>a>N?
zGRDgz=`SU=l`O*dl|ycrYKd<7aEmL$Y75ty0Rle5dyYpwfz<=L8@NQKf(LKAjJ!-|
z7n*LI3|iZf*W~w1yxXnxHt%utb~-IW4h3^=PY(ug;mfRCff`))gE^yq1lW&9cLv33
z8+w@<-lWWLy#(51dyA(M#`Ey}J`0Dc1mW?Vp^pvA=Z6SYSi9rk>u|4lA?|82U-C<n
z6jgY;<40?@=2xC(u3xSOY|Z#;(`KXkm%#bS{;N{GF|C1_jh!~jTbJope-uhrg?+Tl
z1DiJY;lZ@|t{(!N)J=uk?#R?{1M9~wE!k!~2nXwY;v?c^mNN;`39Oh|p6mTj8!Z98
z<)62!z(<gAmC3+K_6hGS$6PzlUp>OeF8=^JguvHfh9_NDp`FSYrJKP1+(hj<a@3gZ
zUukaMJosmW?0AgYoiKEc%TfON{19@@$@~L~*-u*8rAOqs-U~TZSxK^iDUuHYHrQ9N
z!DZ)ht^N%onuN*9g)q(jVcvNnlLA%@B6aRQM+q!((5kjPTDFqyHS{=mEC**a{e21R
zBMHqLSbC!gZ}g;G$;G`xM(;6c#tcd$m`uM@k}QK5S`!%TyzyER8J1HfApF{Y`ss|9
z^a8#5UwbZv?J0Wio6}xAOLyq}*MpPe)L@`8jowF-Pt-Q^11&@i{sbjTlYuFr@q08K
zd21>ZEacvrs$z-9Xq4Usm>mUz_b1dl{?v9FnfKnr*dYH>Cwq~n<9g)IEdtH|sxZM{
zY?>REG4tyrW9wVo+xJIoH=Iyq%BYV1FU(2yUzihWB$gbdzjC7N*a%fm*p_eXzdUbd
z=j~Mt@zFeT@5mOohp4I2iEhFF2K`gfGcPD)Ends^+DMe7TOv>)q+ZB~xBQ<GTW#G$
zs~Ocx#w>p9CBVFptDw#s@ZXETg@!mYWcb@>_6{~`Fj{8bN;6DZ|3Okv3r2(V@e+26
zS$l{3_;=u7ixNVCS*?R{Ag@cE)$_kX2T5dnO?k=eTOxte9>~neg>Wcw`P{tKD!fmd
za4xwmd?K~`wW<-l>iTi&E-j2WnP<MM_oMWzzn<9TD!{<O{O{hDG}83n{W3Vz3+%OO
z^R;!D^uEI@k*2<|ygbhhr9<CJn&Gxo1h{og6~a)Hzyftlcag5k<JPN}C&6(?%4An%
z6FeL#YlZsk&Qwi$=t5?yPX!wPBDqJr95DTVk^pGhuqr2k@RD}Ve^4gZzbQR8HIzO6
z1ySV^6fVg%H#L?AKQ{l9D7bw5e<lj<!eCnUcT(BjR?6WVDuo}@g%=c2mm{$L2_CIc
z74ZkEocah=?G=Bg)%`^Y+)lL}`=DQGBFW*d86spTb|6U5S^pfDnu)Qg8=Tv=`L3Nm
zN|sWUKAUf7K|S*Wsiwt8((mIJJG=Q9*KkaP_y67O76vrC6|Q7lyZ&Q#gPnD6uf7H{
zO}GD>@cHBGN%5_;8%y`PDzL()+pzad^fD*g&G&z10Eo7n`?=pB)Qf3Lz@tYwJXpNI
z2jZy6|9{5{y0510haq`(DYn(N9tpYKyg(yO)h%f~HhxAtbW~t|T3DZ*R8^jR2+mG*
znjv`7+t0Jy>Wn2-CsWmqq^~8z2~GJ!X(2Wcggwx-P=Tv-9%gD&1&VC1j@-iUksOf=
zHPAfHre}ixEI(#DK(WuOH_MzNXr>w|dYT*(xhtQw!t7P>q^GN+>AaSYv}t~zc}m|l
zAtWJyQ|m<AruOrWPBTA|uMcp&(ST~UOaOS{Bua?1u;7Yg)hg2uD!-w2dWkEHQQxlT
z7e)PB_e=-^>YlRZdCvy_#YJUC?&)?3dGKfJqb$2!9iu)%6TA*~P#97()Jw(R{ng4(
zwytE*K=GR;{rEy$1A<W;$ZA?q53S{y{y^5dwNtot?KeX6PdK-K+`!)9n_$t*_!Xa6
zP}Wy$JF)?!_oVM#%qrCfhxgisHHm+wcjLYZ*fz4L_T1<hJ;U<KH|y@At?&1-x1aqq
zBqS;J>!vwjGc`0mKY0lKlBq`e?IkZnQd}%<(ARRw?1*;DgxDYF959rs1J(S0;815B
zfxlZz(~S(5yvUs}1xW0d%M|!A{!K#_hC=@n0nm2!KlIK9qI;m>t$Kj^(o1&MKJ{io
z1amjyzeuRc#E&OWp@YZi>bB`Ge`QwJ3Vr^;rC(p~oP3%QB4pzqLxEO}ykm3gZ6L6t
zU%plH_WeC<$#AjUg`#mb`n^6AEceA`Y|}9AchIhs95J8w>$mux61r`BJf6EuNEy6V
z&V@x483pBCWjeY87eYuc1?EVN`)z&N8?1Vg@@jGOrY5J;u6)8<@W@!7bFpgQom3$s
z!<mWhD~#5hOPa8xplm>D!$l(*9o1rhCEjaA2jbh_b`q|athLka3{&k{G15-^2T%PO
zT1o{!)c4%R{i08G@yv48;=`kSWvmKiOj@lEngFGmKWbmx)d$HB+||qIX?D6*W9U6x
zT8q@bewBHs{N<)mMi*k#3Zw2x3-kUuCh<6>f{cb+XBkoU{0`@cbrideyfSgjqUG&*
zRsU0x#v_TgHf7amm`AJFrGzlIa?JV9Uu>3uKLhC-J0~LTK%(|vqGiI5SFbBtKk4k?
zQ7IQV(ZAfsGvlxKmcuL|TK{H=@MG;SbbZtLrV9kcuj*I$F!9_Aj2bSInBmi)>ZebI
zknZ!N4DcfzXncgva%W6Ser{vmRb~2rUU;QQS@`0yJUH!w<+^lxnshr&`}_qvXWkGB
zuQ7u^zNH)e!wvK#i9n;U*3<2Nj!DzCpa!VNs)zz>zy+PZfypbOywv`zSQI8%|Is7=
z_J%3>v98{$@q?bs)zgnv#lHzdUbeyWg5Wgqv5pjB`cI*r_<nv62R=!EJ_vu>$Gy)g
zM~_EAKWGoSbiM8JnRfRKEx=Qe!0vV5fYG7QL5!V$V<xN6E(-;(9(;T?pW7$6Ch05n
zM<wt_CRiuqT|&quO=z(Eu=t!QMHdY!d{V~F4q;v+Fj;_?x~!)L6>bg?88lE)0ruy(
z7d7{O^1zo83{=MF$YJ*6H`+$E7nghH#sjU9S4z2o8#B<qZ5N0;-cu#>_G&4-tLvP+
zQ`VCpb_q_A#6FPNAJUgTb7Y41<A*tnzgm%r{E2*zP#%uMBU<R|#vK>JkYxB$C3?6^
z;>em+EF@Vf6!u*=*?O0l-8JTifnnN16cP^j@8-~*D6DNi+ZIDpn}k8$ZI#I8MO=M>
z$dq4?N%GAuD7hI)m0?tjVO&gxX-$z>&VEsfu<)=Uq-tkOd%H#PM$a4^hI~x*SWY<Y
z>B;&u;};*|{D-g|Q{zgs?MRtKqYc#fg>mvxjDJ#YOhuI6kHDR;maKYpmaPhzJkAH0
z&I7$LBQS-8RIfbG=W8{y@3ChuR$_V$24bi(z_OmN+~##Y8~G$lX@BG+zYv{AyH}n`
zs)Rq@ofaS;04bX7neFh*KjFSvyGquazAwx%b0cdpex{Ayjt2U<T$6RaUe8XBjPvNN
zhdf@Jja=9I>dVblRx(42qSFDsvdkzN!PK}Suw|m784|Hvgp-XeTRk*S9&BWp&Dsv<
z%KDrcZHJ=7OH0d@)fvDNVMHsO<j9}+kKsNOFZU6_T9%{$3HkJQG~;(%<9EM~7Tk&9
zqv7ANAuk^sLQ@jj_zZh5pDyk@uomm)s+W=Qi84(x)Hk!c2E!t}OQi?atrtoBQC8Cs
zdhBX?OpB&y7AtO4L%1u{cI(uQ4Q8z|*a#EJ3DzinPg{DlbiIDd@>+Jxnnxih9_QzH
zD|B*Jgz~Az4d6+Ke-u)cK!sbzA~Imi*MAY**N1t7rA{iuOhf+6$~w6U@pp|bxj&V%
zk|?yQ*!y{P{G+Guy`4@ogr1uw6He4EgQ>CdF*a$h!`Wf84R=2fGx{V<KA9#XD^<fg
z-Rvp6Eub7VO+_U($+Y-1d(~NAOI;zHxk5M#7p;J2YB4igYYSe7r=}#M68-IK_3i1p
z#ligR{Q{V&tZ=<n{n%taEXd`lWY)Twv)Qsrewh=HgbzVV63JmiA;Q-ab+!E|0Nz*H
z7j7>gZSyRKrv`Sz!PaNRd@mwjHOGfgPM4xRj+)H?im~hV(^X^!`<9JWR`SmXwYli$
zP<xE?t-!t(x;SHuKmrsW_B|vS=D|dGj6(b^F0Ft9N(*)pMvoGwalx^CGKVpJNDO<t
zGdQbk-wlZ9RBx0#C(N3V-~cQ}Y4SDF#{r(Y)6iB>{RhqdE(MPk6V*o~FQxw+-!da3
z<=IX{pa+Zc;&1Zj*Zcx^tXxb!vS&J;rM@q$>S~$Mud(N^sW7YWCQJigo`M&i!Cy{z
zQWT%PCvaddMDbsjL@!3C5~gdtlg^(M=@7v;NYGygVD_1pOeJWF&Yy=@$I8KqJSET*
z_E9L#Ulu1vZ1h2+1X!$oK{}|f-@0kM%|;n$O;exXZCZB_CT{eZuIb{n2`9+<;xOS=
zM%dfvQ5i{&>?hUgaz$*1P$utN5op)2BWhJsfuUNuz2e;=1a1W>lduLgEmoj*gIZ$I
zoDDMeWl6MilTLjn&CxzFTKcZk>tv(f7+UPDDjsAVQZDmXcpZy>_Uv^tS4iJq2GGhh
zbO%&OQ!d3-^6NedGz_k}7H35~&71beH6YZd8@O1FT3m^8BytyBs5D6!SkB^GXinba
zQKrqyRkJqF#D-ZUYQPH^{*p3v7c}y)S^cbcqHA6-x~TU;1@O|L?yiCq$7PP;QK!T%
z(d6_n=$YcpHCq%-$$1RGPe}!uSMKMcCKz3IxP&y^X{E0GWXqt?-1^4n>mvDP7m(Ha
zNUA%XlR@Gu9Q<tAIxK&`R$zt+0j*JdVs^D?m{E{R?kd{DZXZm;XAC!?YO(^_sNNB&
zXFSG)c*3%1ZFW*`Tm*QC00@BkB+G*OOpJi|_}PLY8%y=YQtm~8j;K%~jHq}3T<9?%
z5433!M(RbEq2tM-;>~8eP~ypmrG#TuWrSmK+Hr}8i)9mh*Si<1Pe;huo5`eEgK0Lf
zix{G0)&f`db9JWF@E9;t<m5EP{4->e)rzvbWD6RSH<`>RM}LF-<b?Xkc+CnHodJ*m
zNdzTluvKlvf{lO3BRK^S(+JPWWBs!o7A2^tIkYIt01rYqlQ$Dd+T;iNPT2*3J2MfI
zTbHrt?>D#8s=*JbUu-<BofD#J^weH9ccG~A9PLA;v&8W$e9Tf&Xsg5)9yw37I3K>Y
zC{=lr2AIL5E5pQJ1$@TRJ<yGSL@072lu@ix9O9Q@k{5mxbq8&%gDmNn`BoaqYU|+g
zF~IZ+&-XupA3Z{C_=Z|GXx>dxee%y`v`HjW!5^vL2gk6|PjP{!8(PjNeI1RLPz-gE
z)bgE?Fe?u^T4U(fgB0|gw{a{hiD!0OFxWavh!s`(S}pY~^ex9xW94Y=tt(ixKS(Dl
z_00<5J%lKuvTP}&7J^^wxq-U$_<CkvUrpNTqJELxO0)wEviKz-cpk0^uw^TKj7Y&@
z!7@iLn(sNK5rW*mM{zuwk;ZIDM{r{EFE7<Ys&;*aEFZ$-CI_FbSG$x9{FAqL!UGmo
zQeb0*P?_xW(<81sRf)R;O`Pkq)q9A=2Q8q)2jzZ{kQ&k=pxib~4IVBTO-_pmceR7u
zHh4Yr3=WVG=A44EuG^v@)vB@Ecb7Zt_9WQBzxLAQvXbq}%ft{D`#Pm~qFxSbd~}f1
zAb09HdWm9nr_$aq*ru#BR-O6LZY);8v*ejJ|9sUOKaTvXSc$2*vl|3E#eu5iklU&|
z4ozF?u~NB|?(jQ28AF48E2=3ZQxje~R4T;@w<4g;$<Q0F$KN1Avc-nZNz;H0+_ju|
zOWf5P;)t|6eL;Ul%b2-+56YA|#f9?Bf_W6R&LMNMS5r<7ko3>rCAHh+jM@jrM7DxL
zxsIX;A-lfRcpo)HqZ~C?2Uj0N!ReLfT(p>}&GH@(U<t5tQ-QInGyU<J8QP4#|NXLh
z7%$KG=c94rC@;2JW7AG(0?UMIKQw{cAoOErWlgT$<}=FUTz!7fC*#6Hio0$>|2C8q
zSR?ZEsFopgcem?sRPa%cCz_M-p2FFl=<XWzuq|smwb8huSMf9u@j2%S@A0M=+|lR?
zrkjTw?(L^tydKe@Q01P9NZ}|@1-M}0*86giv=Iq&%sQ$!s+QF{Psz^w2okKSLQ2`w
z-l-5~X{}CAA(f2Z`EuGWc~(Y!H?a2(Zqb^3gnmzf73B%K2yzKhHKB&0P6=}f%1#D5
z_zA0wII{uV81O5a6r>C)$S25@WoLL43q0VLsdt_fNC3WaPzczw^Hb_MZc4lX*mi8u
zB%x}ZxF4UM85Y!7cJaA=u1jg85uUau=d{Z8E{(|WUjn>x?d$}x{SqkDoRC6J6;I9t
zThn;#f-8wRWcO{K1%cBik{ibBqWs{$4Q+355uIWi0`m|zHw&a!hNWeAH#g*bHi$?{
zqa!^FH^OoOh(+<u!Rq|@2M(+HK|f2?--YQ*g6;YFnz8fbsF8(`vp__13gj#qpt!wd
z2ayJCaYsfQlM*1Uy=8}x22F!fOHUH#kO8~__fHPR%>m5W{+!v@SysG!IQF5l`e_s*
z;simf7mcg$086rN?by|>?qNi2g`VeN?Mb0N+afHmJ#k`1@V&t@C1OSUj$%+}(<=r7
zpX^!7v6!a_mNFCm82#;_>zbz709BT&?0uRdIWP+-mtiVuh?$d1f?l#`A?3$n$!3$7
zjjD=HLxU7N^ix=xl+-8NeCettZ1wV<3U!<IO3aFbO*1I=@}5j}8yM&^tPQ9<@u@UO
z*#pP~Huh9Gzz9xMQSdJltpoVJDE*zjr{rI|4bs4^LBH~~;YV=pAcB997~ziKz{a{?
zu})=^`iQ9)Y@<BD>fyGo!v6Kk<B^0)WLp<53DcT-Vzm?-_dYfqXLE-w0V|m|9t(5G
zoWhfbX`tH8E6iU`AO79<?GE@!e#;zLuLB!^8ODcg0c)8zehM>KQS_J*;i@4JR%6c7
zzXfB-qfF#kFuMW4qs0(H#<L}^9N=_-9<z@g^fa`LF8hhESJ_esmb{LMuk5H-Ei=G?
zIp*N%WW#pY(h*G~L!PS}y0w0FIdWJQh7}OA;`2=*Q3dNdH%{`mL0rFEa2!>9obJBu
zIzL9C=@t_2pDcFaVOzZ}y`w+)v2-G%xOwKy44Dk>=6MzcGGI+rE$(d^1{r_E%=7FK
zlv~y``!zjm@*Mto$szl&A#R|exmF%7sXE~3)vzN2J-JLIQuj9qg)NN@wF(_pI4Xzw
zIcjqS8Tdj4N2_M_38HqrZauhqrAV`Gy|#9>W|5?FwdT2P^F1kwN|j~-Oyy$5qH(@c
zII}+2Xhh(pt+5}%iqC%=vNLb$9Y2TE<SV9H5OLjVRngkCg7hBP-0RhzCjj{t!>J?>
zbfvl-nv*w#fD_VFN>J;UA&{|RT#ay-9~0z&L%<kFa*_;avRw2c_LvOX8DJbFbsdnZ
z7g-G2r~kPLk{;~?#SCTaX!LtyZq>3n4Aa|N8)VaJMPGagst(7Pt<SQYyzi(<`=?1`
zmn8Hzww)t|s^A($4X6{IuPcCnRJRjAfG;QqL|_?2V4MjtopG^@w}cN&9x9!29>SQn
z&rQ@EiP=C=MlgsM;Eo6GUO7t*Rx{qq*XOQs9dr&@zND+s<6W=Pn4P&ke)G}B+qA+L
z0N^8V^Ug!;Soh5W_x|R_a*Ew&6Ev@<PgY$=2X1`!-U%j8@Q9d>%lz15Y70Eyec<^H
zdr36v^mzr{0`_GnfLn%aV{T>J0zeKxM%J$~X?FPAiFf!{fh~8$vA-FXyP-L6&8<q-
zW@A44X^S}!_9)uFEz^=3R>TfOTkZx8fP{k~rpbaLDn(ynhgXVo#R_bT??XXG%sN9R
zD|IEv)nQW5hYP(Q9zs#{ZQ{1iYuw#^2~rOe{M>L?{0y+qJX>jV;Jb9{(e|XY3A`U7
zumk??^*it?<jc?UYjHyJEsKfrjS4Y<UuQa%?*y;u9r<rf&Q6|fpV}|sZ=|b7b>Gp1
zKJQ*HZ?pOkdtZ>$4oDA!w8cL+Md(S-2t3|`tp`6P$qulf)PLEk6I>bs)*za)PC;iF
z^9)Glkel>iPD)0i@Brx1JC5@?5X?>ulO|?co@~ocrH#vi79(k3Mt$8lB7NNrVA|Po
zp&*Z`vRo*SjM)xLxbJ$lonEptalL&Fon1*`kl3>Oa7@HKfZHGPSaA_d=rp*4SS>h4
zJ4r{VeCn6N*|6Gh>B*A(&GxXWMN*Z+ys$Dy1IALTzD5jdyR%Sc0`sbzQ_KJjL4T?K
z#w6_R&(F8(-qwKEa(CD7pSN*z^IdnelMV#(G|tr;HF&1KGHPrF$A)FB8Ro}Nng{L5
zQwk7lnN8ucYPoyW21I(md-F`mqJVdOsETwDtWi9Eb(P=CQhV3hgI6iRT2445o`-)H
z5x{Jox;0=xPL?if8MAP!%8Gj-z|ddMTT|GZP3y?{EBqFe-x#*>(OSn0o`D8%DLsy~
zyQ1%9BrD^F>*I8FSf@ke18}d9!JElrL=l_%-#4Y1FsC)W+qO}5KgF6eWaU)DO<1`m
z*)p_ZTj9Rb7~n?hejmDM9P)$0Bx_gSLPndK29AEfJIA*ksDT81TGn679w>iB$OBh6
zReOR$IL%2T)<)`^ZF!*U%dNBTccTe$ekFn6RA8C$pX^-?z3jYSxJXlC?SJYVKmAyC
zfiXJ1*Nv_I_(1He_PV^bFeSL@4ax0CuVV&@$&O*`+k0nv`fg^&1RV5eSz<6Qm&!{L
z9$8l}L22t&{^#sr?4y~v*hxyJm0#i!$@l&4yUTf8q{s=>A$mq=N5|Pue0eJ-A!>qK
zPpP4`?5ou)%Q@}F$Od37+#(VNBl9FxibamIjQh2U0-|LsyWPCMAtYHAjvj-}Aol{F
z?##SG8#~$ME4g8gR&p}=ju_v<`|@*3@D(J>tavCvH`A=450c&Wi@k9USA3FPP4x|;
zqCK!ehi1iyZIPe2RHvEV)yb$2B+Ih+Fm#~is_V!CwXE)d%CSW%C7ZFOOZc*q+8>>i
z9wU@jc@^Ycs<>YnMwb>LC6BKPT!O)^(05^RSg<p^OSAn)zEmPtp4VAS`ZL#_&wG2K
zUg@1Kev4?-=K3H6MpWrI;rGc+{b=RAX8DiCoHBD6!vxfM7G~fgBr#1BezQ<jiJU7{
z{HKXXHw{H@212)oL(&Y+E!^J#s~%1=#$|eMs<9X>{3EZ#5#ba(c@`f%bspSU3R#<<
z<)(bWis<ktJZSibO1W)F_9X2Wm*9;Z#;hsVbm(dFqsJjKrtDEvgw`_3cZRM#f}Ani
zgUe%{Y?Y_d6qDKtM4HuDh#1y_Qm^36t7tx#<<V3t{SHdY5mB2hVcn}Me`=1J6}Iy_
z`Y12UP2%cjDK(ju=4MQ1v!_v5_(L$G18$V)xHDWWHdPUf$hL7QhN>|naei!S$Z+Kc
zL}zXPa%p@cxV2fRzb3D<94|~yOzlf0N|p$HzBAVAM|7c_IP@T<-0=1gzfBH&3Jgbz
zw^Pn1Gd%4EuO92fY#B2$jg7xf@O;NS5aYsjy|u2Ri;fn>)N5$(TacWUkP4oC*&4|(
zi9^RO<bQ3D4mIkNUN$KzXS?P1N%+-#D(}pC-wcBkO`Yn$eP(f*fo>bUoxH(FV9;%W
z@sbfcbR1n^?c!GfZ;^yiyquCFn3S8!YC|n{x|;L;prggeKvt#tI@c(`a2X+Jxn1m-
zs4_>L>oI(%$CtL9`5yZQ_F{9Y$bvQ3XtjBvc1%0=wH6~FoH3nNB95D3yq(828*`E!
zFGVBSfvxtz)=yLRy~bhwmPW*>|3Yy=L@4|Uf}po${_r+x+DkVXON^iY+LOt!Z0%qV
z_((L~7|7)0R?{eWN(|6wkDkFma%PM@x=&4y6j+}g7)s?Oa~yAC$X=^)RNw>si&9G_
zs85wM(BgBsMVw@Aw~A{cWIR98DcQPynS%s*@wMs5_3>pGICGsXaE`zjcHF&X%zPnq
z{uDmoc#U)BxDWA6ICRx`l~kMJ-xh`+9OBs{_!_J|IFxKnjZHJNo!Wb|{mjHBOK@E=
z?|kd;TQQ#@^dzuX(IOEkv0mZeVd}Tmke#Qtep$yO_AUn1i@iS%w}I!e7`>Yg|GH^-
z!&JRYVD!*=_D$M{={1S)Dt%>+YOpYYv4zy2iv(?RE+f}s&C|_{Y`jD|+r&;b-mw`U
ztnz^AL<(-TMp9q=@<xhxUVwcTA%wEyT;%|@DnHTz`>ESeAt7I{RZD8O@NRfQFv~Wp
z#Od@QpN%YRRn=;x*f6{!)J?uhkHDGq{(#}n&|HSe<I~AGqAf#Pv^QbIExs?xu80;>
z!cAJ4|4#z`C4}s=K|3f#73k)`8M2p|RmMkjmwjSq2LF({;(W7p1D6>R?8%(ml^R*c
z2(uNW`g=i<VM3Pc2t01f3)G_b>G3|krq1dbQttwbm#-dsqZTH;G?&x4+5JvvULq4I
ztjn4igX<H`)+RbP2R$_ZS2T}Uc~R#eKuxSNKbb{e_XFvrv|t;e)08f6jpHngYR{dn
zkvA+aCLkDUIkm^jcMlITYrgQ9N?M1L3Bq4w;gJC&JGVaY>_{(=bykS1xcElSY`lR6
z&dx_m>Yk_I>3W5|0-O+)VHT@M54WBg_r`GbV!P9HKU+EO7^A~{(hEtXGi9yruT-R+
z$=`e*F~jGg2Xr_5^cNNuf)3mJB(w*JkJI(!!B#@Vn+v52?!BvL?DW4pL#5);5_0<7
z&!iN*eMasx^dBgqi^=enfnLF~fi}0kKdopZnRJnVRWn<VWhxdIxr_m$Jy7wF!E2p0
zlt7u;;Qbx+7Mc-Yrqg1k>2aK56O19TscZau`O_f#2X#>>Q?Eyq$pN8}!s*)dka(;I
zaDpk!EK1nb+I?1g)6zqTn(moc`?4J7Dc&Ljy#d=q`iOKC8d6(Tri>{!N*Z?%+|}E9
zQ&UDSpuh95kis?WY{j@VyCJz6f@nvLX~u>{Z-<NR93t`?K-Qfjpxdh@e%~tZAM@Zu
zwEVdv%!T@bRt#0^N+UvFycMF3hP)uDuds0Xb|0~qqxqhG!S`pJAh!Bv!QfmaH;ShF
zd&2du&CQm^I&5WT4gWU&DPu{|TC35oyjw8S_CJqb2Xzk88^e}paz<ZK0SL+G%6Bp*
zrN|@5Kj3HQDBXSY<4HQ`n`FbR6LQ0=MKkeUXyN=YK!~9IM0P4oci=o=bujHm6pMht
zQiRu2DiA#q)riSG7sAp!CU(I7kg6?rVehACahj@Z%xV6dSSuM~0W9V1d9{7UF2JdP
zF>V`0xG?m^^gmjHn_4(aiSWCyd`YmL3s6ef{R2uSAN(AgE(i8^e`N?7Y#k0g^18Dc
zkP^5x6f_n{ApuJJ^}ygjX;MqWW9TbRrL6_~VRpM&vq#HZf*2e4L!)9lfi873Lp4Dq
zy_UyCf*KM%ze?fK=G^lbT^TBv6x8I+hd=Rm5MP;yPS#puA=f%lFz!`6%!jkurKI`L
z*Lo|BU~-k0u}&ENYe%u47@~gy`@zgLdAOjHdJz8W(a}s=gVZk!7-3Wa@>#5C5MS{g
z;yS5=aWG%-I;n+JfqwFmOF=-e_)5tiXTHyJ$-gbWm3s3DQq<e3)n{7M7aow}sCS&<
z1gvk7G&oF>qW@XoAF9?C`bX!1)QW#MHJ$k2U<n0dsVB9Gh;$I3Om%xh#!T{@o2k>*
zQMU)EutY>zbO3B4b;XCy(6K>mBh9HM^HZsDR?~0^ttCHtmb2K?3_`wlF=W9Z%O^(>
zMGUdW8=ID5f?@PQ0L2`(J{A?X(W*nhq<AE7U9JFTL+Qaf2bdQx2R?&mRzNpU#RU}}
zcG~KxZrVXAX`C*(_rI67qWb=mIrF@MJfaMYIm@3ji>S}O2y2`rtM%^+NaZM&5OU=U
zl=jaD(>@4DO;CMf2rMwhx)gMnw!XR6CN;)7s*>|s2ED*IY9?Gsm_HnVk@P!U0(QEU
zKO15sI7nsY&V^!oP?a@seUom+=qB!-ih1#T<Z$cxq8)_txkR<#DNBB5wcu667z;bI
zw#qgLg`c)Nz%_o;&aAF74JA_Z%@r84^pPCcck}NRhj@A$2#a?TbIJ_8m9{TZiPD5J
zgu1s2I4rkLgOAUJ50Ilor(nHxVgK(8NKq6fzR?avwkx$fa0#tBY?Myblozt3gTugO
zA}Zfk{mk#+DWR;3k-ES1fQ>C{xyAvNmn>k`7TdEH$GM$#l+UEf`ell&LFN!rEoKWd
zWj=f$TvgYrc11BS3ZhVS%3ktip6Uur51!GN?>9PQI?rJz)DVT*UAwU)Ho`_ElrCy=
z*YdC0ID~z!+vYogaa&$h88*%Na19xBQHadx1VIspr%*%RvptxWZ|n0M1*WalCQh6!
z^_AWZ^IT<&%F@2JD`xghkr?tn*_*W8j$Os!<MM_Ih~DR66_50FTGa=ZM_MIiMgxBY
zOPF|S%qf&@?;UZKZd?RN`5n1k@ZAet+>Rqn7&Y@p(b)WJ^6RgRSt`AuKqx7<A~J>F
zzJWN1&o>=QopU$+d3^)of<WswNY|Z~r{TTaulXW3fpRBs7rPze*92+CNQl5`;{1Y5
z%F0dG$Gl$OlFqK$O4-8xtzjntjk(PoTmMX+AHk5^%9wXPWMadve;+5xV!PEx2a)&3
z+8!50tDF>Y`Eo2>Vs`r?X;LMF$dr<AznA~eF*k2@H?LYlY(Xuso|G$iK2~f|<tJ<8
z(^6WTJvMyNxuC!*o4GoFr5#{*e5aSR?Houf#4wJe&RAqM-LYCarIGyAjH4CJn#-i%
z#LoJ=N5rXMb&`)HPIWMgh5Xejln2<nV!dQvEo3X=v14arx<zv4)=uv}@l)a!2P$Rm
z+N1u}wBRSz{_T*lpGPEB5*CwBH<o$c<3dlSy$e<_Ibo_k{^T(OOTG`}@Dmc2-r4^{
z+dBtG+V0){v2EM7ZF^$dn%K6Dnb=MyHYc|2Of<21diJy5y`LB7)H%PZU!|%$ow}?0
z>idt>wZ5OV))muAKi}+P-O<ke8_H3-Gj66#flt}~eyvORkC=g3{@RshV)Gl)7N>3b
z*sWvpwlCnlXZ?4{r~lF=0^`fHS8(*MXDufd-0O7v`|hgY6`X6!HHc5V@uSw`=<=9=
zu4r8E8;=3uyAa);u?!m;oYAp^tihARTR3)cocrQQ>r*%X;>iTzD}mFO^@70yyG0IO
zW(fOLg_+XdZdg(g{>M9*CO)2l-UBsW%y`MdJ?pR^#rN&|(S92E2-270{&NHPs5&np
z9&9Q@>P1nUrUg1Yx1VyaarU;Rt7zq{w(`(()oCV%sc+!#mc;9e5z%G%A5s?W;S}w{
zGh*)iQMy6wZ1wO1-OJU~EG}mcr&K;_9~r9_s&?~t^xp+s%m<ltPT@Kh&Xm#<;v!uu
zNfk_UI)|{@cv!2p2z)n%tHB@rr$L!>9vBLwj!(%^{O|xLK?M)D=c|7A_}!}ooBx35
zMMj7KBFi6IWh$jBn@ePCb-d!14iSfRWj?KFt3l2=$b25|p~U^q-4Gns3c1vCZhGKX
zOLrYT@f)%6n@``>Kl>qu!@1(ZHFsn_!TvagHNE_ft=VdOD~;o|W{Q_P%5%KTkUbzX
zU3_9Ri|RZYQ48KA#F~NZA8B!wIxayewVg{EIYDvYP`kjL#f)1yPhoulpk97KDdcA=
zGwDFinlwCuCZ7wFEgz-@{t_~>yBa^!%v3Sx?rY+XzKZ?cuD4Q)v?J3lV3cZMGgfBX
z>0-&))vK@9v>d*L(Q7d84A0w?v0FJS9Bit4Rq7(Hl~D15;X$Z+%g8{`YkD4qehK=x
zvy<7=L8K)7=Vk~h<B@$R{a>3Qn*Z1gP3jV;eO`fte$4H);3yWL5H=FM=@^knvwfEt
z<x4FWFC*KVYHQkO$p#~{pn6|xF0;W!@e{|6H)Scn-=BxmRn~p=^9)1eYiimnr{C-@
zPZ-6BunsJ1)`V+z7{ja@e~`bZXpA1S*5RyfMprH5{Nm-DBYLMCv-mXnMEU%2Go*zn
zAbk_yTjSOQa5oN*BaYo3$0LqWJKNH8{aV3UCzfue>Q5Fg9A~%uQFNSR(_l82tf!*F
zEuh&~E`x6STsd*0=oeK%BWFy?{*PS{;?iiij4g1-V#1f7tMAHC%IsjL317lbN%?Hc
znypcu@6QZmM;{+)g7Msxg1<SAKr`C?fnwad<06#@A(+peD*|@$19Re*9py$RFq_Vp
zs^UmNbI-;|DN~pmrJM6vNcQvei{vY$!zVLYJl7H~M{6lKVz}Ici@%u$De_#LH?w@)
zY|~NF$rG_cnm_A?1%DJ@aA?zkB+$(~jP$uY+yu`d`@5@EZJy+Gq3ledx&0Em+7cv;
z)s>S@d49Pj!(9;lp2S&KI<5D)BBmFdc?P9{rk59VO##h_zPMOkV{8)2o{p|ARw26{
z!{e$A4H`N`xarnoI2bWVC^jg>JYvckl874**0mqkm_dx%FZ}Edxtmw^2p<xh)RDYE
z8m26bLLyQ;hlIQ)Emk(OEvi}8W|ZGhHnU0~5lW<m?6w%*igaGVXya(uajK!U7_W_g
z{1ff9+fMdt%fj}>7JXoKuir~CVAsF^zoF>wegu+@hZ#W_(bsGKBAzan34dN>K;lP4
zG2i?Bu0`-?FUMck*2VhGlA9Dlvm*5xI}bf>8ZUft$<wC*#ch^(35M4(8dy4Y9aJnw
z@Uh0fCa~k5ud~zrGHfs$mYGK$-qd%Nwkf?k6_wXtM|{49r+0mnoktqp^u-o*6OYQV
zMA@!6%@@zw5)2aToFs!5z5|M*Of0Yd<XnkRi46W8n716!;{YS*1VRZ%sd6qr<!6L&
zBG3YakeyIHmZQW0ECEcS)4?cBe?O@4s@^uvk$GhNF6t4!P)esY7iW}Hrme;4Y}fCt
z(<PS!WF8zrr9Hct`U9(wa#=o#_Q=wZPvF7v`xw~eSdYv~pRXfsf!^3`Ajj#bzP4<4
zAE@)-`jwG!p8z;A%haI3>_N0;rKI*<el80OEUe5ckxgu|h2V=Kj}KJUIIoqZVHaJE
zKALbyE6?B}?a#%)uNGQJT<$l;fnQ5^G)=ht$f+>d1!qVKeHjOB7@iTry>vKmcDAVj
za3I=>=yOVe9s&vl27ngK1A+ipMr#}xBM0Rgv_1=>0dQ_e5im)P3g8tM5x}2osz9^@
z4+atixY(uJA?M`Wv<_L~YwRL6@Q*)Rw;#{I6B1tact1S7<MHdVeEz(Nf54&?BZOL{
zA+1nqL;wwQ4{Dyw1VK}QOo&XuRrNWgmf}DeW*Z8KD}Eg#$F?XscaexXD^pM%@D*px
zs169IehGl#aB(bY)UajiB;SH%kFZt1(;k@H_1{}NfFCn5BDVxjlrQ&e1T2v^*38iu
z(l;s$oyG)g{f^xFqAgJwy5$MjSvIYsHdQtvfWIMLfYveok_CNr4)!3yk+lKhLl&Rw
zMXjgJfg&<wa5RKJjHDtr6ktRFDu5!2qQU?LIr8ZXLlQ^x44`1{X~0iIq1q<7+j4V|
zWKfRulk`Z)y&O@aUHJ4@9(jAeou%@KP(Jn$%yA63T+t4uGQiiVgkC+%0eR-sEu5vb
zwb}rvpDaj%VTj#Z4TL%_5T06Ko^%5|Ad?DZvtAG20AwJO5?G)ZAgs_40w9TIOVd*{
zBokp#p%|y_d&!u~5E)R@2~@BVDqbL#G$>G0x>S1-Q(eHcAAFO95wWt(8*a(~hzrsY
zfP;Iv1HKYBK<@DAPP#H>M}YFAbAY)JJnH$od_brMokOFXwc~gJ4r68V(nexxKVM;y
za0e;`m8b=k0IVnB&w36#phu7s0P7Ko3%~=chiKSR3p39|Su`NdX?rp-ZWn|R{4RqM
z>KI^3@S;P8xYMNB6uWD6Y1X3c%-^1Vysw+;7`E)v1li%~bqzRUkq$Vss>d0)KNqPz
zTI-txu?DPYf#7iyZy`tTN}N-76u7+<9JqZPA>e|%A81pyI2&s75EGIr6EKjM!6<_k
zk_J;k$tzMr$urfi`l;k>b%<GKsw~=@1XxX9QWCmhK(e!NKym}<j%g%Q@2JWNMgM5=
zk63+ZhO6f~k_|qr+!eCcFJKFm1Mfl1*gFCst%!~WG|-NM^vx!%wJ4ih4?d`|gjhrp
z!`SD7*AfhU+C1Yrz0Vau`lRmdG9Yq(8?z&NzYZ>kOUmP7*PG`*j-p*Hk{&n>HtLrE
zzhl1rVtAUicrci>ZR&Y8Zt&mR8Ad(Pk2^y|W+P&|qIhE9MS$S*JnD)f+3N60ld8ea
zYW)@UMEIabMAsBqw-Ddc=?Cjn+DJ6`-4xOmSDgkfu@vwfBytWg!=a=ql<!A=VvBJQ
zH6)&Zkl-S%B9XvH+N!}=)3GLVf+`76H!AxJwP_^AS_{L^41QaN%8&Jhx9iMqYZm<8
z^#B_#4CQzbB^*F{iZ69X+*x0{8(aKiQl`pN)(%q<`sEsPL4>niQqT7s^3m~aZAl3h
zJemK_AR@l8fg1Q=osDs=@xvz@Sge?cCiMiQKm{ok1@Q4Q<nwqW0eZ}5=AfzUX8}**
zP=vn0G{sJASF>42T~N{C1?j-#V%bxRT;}!T4mTD*oLHf34<dyP0jpr)Bx<bh$%hB9
zCfQN|YZ?)^1Y%+_H0>Qxk?tL_s`oOrR|_20S=I7OC-P(@KuWlA&K{5$yPgvq7{_A(
z)t-U^(N4opfKVcV(`*CSXf!=f&by0%b;C^<sy=?X&do%KTlE$|)d=;1fMB45Vu(jU
z07u(F&^`II4<dZwRVob%A)qKmR;17Vj&?G8+LtV%kjvzy^01`=o9l7cr#T&y8p{f&
zlRAB#cy&$&(cAM0;4Ia-e%6~CdH!$vV{EmZGV}V7sxrDZsb^tV79}<~^*6+5+T#<f
zUi8;{w#AMiI58{zN3;s>3yuklfgEKk5d|MhH-R)1d*U|`@y2Rb_lZxu7$81oJBvCJ
zdHQWmt^-0@z7AhNAlqGEE5}P9Xsu5i`hY?|UhK%_tFa`Z<7o)l7yQOKhX<>jF}sT?
z6Xw+?i}|97t)U(omLG0l&c(f$N3VjqsYlEVPJzzNYkwc%oCE$Hdo+(}fZ)}mIF@m!
zT1}oZ$sLt=QrwPRyBRSRSDGu^)MfZKXI%CglckU08uveAV<`YQJJ!^rAy<;Dco-`E
zL}2kj)MZC;S>>@%mz-IL5QHt6246lPV6yyO&n8JyZ!@b#C)wGbexhOB>fwB=UcQ<Y
zI+Yw+&9Xp;V90j2$A?;vO;fbnI+ge9XbAZwRVoIrn^?4ZRjH!64<tW4fFLW<(z7h6
zC?d|}s?-18e#La^h0w8bE&K`5QCgIpS3Sy+*sQLtSytS9!6`{sX44>FRFhip(xkQ=
z>{?U##rfj>jLUGpy0O7=g*|V%(->qZR5)Da^Tc=@cA-0JPEvVXMYs$j6~DJyjRx+%
zpm<J+Q9IXbcF{&Gp3Fh$UxNNCIdqt(mcmT>zXUx1X&n3uX;4}J&q$-qNciOMNFy5K
zv9)$GVw_!eE0SfuDV#fpj78}$MUS2sW)i8QZC?RU^r+yXVpCv}e-yo_BYf%qBhsM9
z|Gz;RLNxzpq|sM)Tdl0}OWP<#c||YP1@*M0^?8z-vtt`MR|5Z40mQTUkCKNjdKT6a
zdtyXvCO;>#=-0J}H17XyA&I8=Z1L&-1k?tB&a;=gB|B5mX=7CRMt%hKOyD`}AS~b#
z%#0Zi(b3RK6;Mx}4J&7drssl&_5CvT8}@@#AoG|BbF>%}L=0MtOZjRyR=J7II-BC~
zl0-Xuy#~j~+s<*2xMbg7w1as?k1RiR3XKx9f`ZSjT=T)VGTlsDwT#|R)w#pP<vxws
z(v$}yml4KwJXmT>DU2#bU&HG~&QE*Hrx32#!uw|4La(hc##`Y;cKV^Qk@O|QH@#h2
zLVDh34S(F>x2~Vf4etfwL8)1scw0ga|CxC%kB0Kcvbincm``_z&R;U0WaUO-q!6vm
z6z}QD0!>Z`-^DIFP7&Hmw3QTbs!PFBa>znWX6*S&JRWXpGyrZfnwh}G>2c4;(a(*W
zEIHcglWz5ZA<FBjIDBZ<XA1@DM2jBbKg;`wE9h&Uy+t=;s+H3w@8GH5u(gL_j1{i6
zI$6G#O(FqL0rI4-vGy(N{Dg2TpB<a_N1wsBKX!Mt92}YXF7F|NjXt$n{GFWKKK{GL
z7b4{Sx5ft?hu6~2_{Pb=R=99o!}Gmd!Q!K}dd-{?J2x7g2DiyZ(ben!GptDJhy+!j
zU*wSAo;wk>kbwJ9JXI&#h2RQ(lA+ncvj>))NS4LSP%s5o*&=D+u4L2q`_Yr=XSA%C
zCaPYSSpR3<1H0RmCZ|gUYArq&Hu1uTaQuPjucign5%|!-raS2Vw6Hik_tD)@<c#y@
z$lnzQVO(MFNW256F6YR%ajk)c0}R4rpPg{FZJTzk=%c9g<DZXauMNJd?J2V9Ui+6U
z?zAqarBd=J$i<}R#|6J=U6y&<7wLb)=&dh_<$i>GCrwtun`o;APzz?$>#7;|Yo+VC
zQrplL%tF<lJ9IBbdR%|U7jaT~#ejoeyN&8j*#5|Mkq+e<OfkJ}mDy+P*HZiLdrH)I
zRuyfS9#~r~4l`PytwrT4zJIWb!Q=nLF61^kj71ZaD*nbUB5HTFSA5I164GI5_`&fZ
zr*{9FS|8SZpmh62(>{k`fKHE*zlKN7-FF!KREdyPEGSY|GbH+pP(Sb5KzpxQa58mP
zss%6CYi#i~zI4p;AW6`7lYH-TP*S7j$k=KBeR!x`gzY;c;LLVyx{8UkZd7<BqK^}`
zOzn`5GHMMtD`%L)GMXCiF`(Z~cFM~L6o+^=EH%;$j3Yq7-Z4ZO1>b0Dd<nnhP_BrG
zuP5NDow#DNTMmM~_~n#5d}CAqmoK%<B-=lCRU{poJpP4MS(@LTH+}wHVmyyHlc-X1
zZ+c!Z){^npw-S{*+##aDZQB!;w-$Tx&m-7)TXY6f544_;=!^5|AuFko5pmSU=&ps=
z2_$lJ4-{3Gh&>+axq)3PF*_>1IA}O<|6LY&Bgaj&NrS5#?o5MEHq&$1T+Y#P$|><f
zjmuvo1M(;N82#?5Ig1qMhDAId5yE&m-Q<YiS3AO%JjCpR;};F=H#flrHW1HwbX$*d
zX*lTqn}FiZZ<~V#ty0t~-Cr;W6;-YH$HX7+#5K6(4^ABE6;1a;D6yKAYW}d0;`V%R
zANEH!h009HNY=LozRnpz`NM89RRfGtkS*FAdwKXhWjr6!#88&_Te&CtD>;-zDH0I=
zxAY>Cu!>=yP^oDT!T9Zz5eTS#`Tnwj;<ua`H>V+?)sE2*%u>Y@8qbyuHUS9yi#h0T
zfv77Hs8>F$ac~j}L^7vvkTOS@YU|_#xStV{#WhAwK|EB)a}Dgy=x&&A%nd%Q#|LA#
zlix~sZ&4kdP(6>=IOM-)1@Z*;ST^@y1@x3f_At4qZc{p3*Y0@sYMdw5Vg=Q%VD&;x
z@Y=0WFxx#E-Jvq~xI?%7JdLsJG%e~~3oRTuJJGwEljU8F9Dj=3Br{Cpzrp;q!|2A-
zg5+iZ9l^G20z|VaIPC<SQ;3jL2tsC6vkm0a;8xqWq~vjr^yyiyPUWes1~G&m$&;t#
zJM`-XvJZ!IZr)Tmo`qK<h;qar2bs6U&dIZ6ylXjn)4SIGdzS{In?Zkjg?BBN1COIo
z;#s@4n|Z~4ybq!xXlcQky3|iJ4^s8ioL|cT2QOEq>i1vyb3;30J_PLAbOpK32)%u;
zQ!mv!?^Vq*sC?sDJ}D~}7#s7X8_7)LPvZ;Qj7}{sZQd<vXVPD4=c;Hna_HZz$5L00
z=!ObuN|j@+6bCr^35I@J%r^3x+(0L3*2EEm+g`DuGvFrwcu)lAulL9zzu7%_o|!Gm
z2sPO=1k@2<GiZ<7#|fHBEz@$Th00sxa)*4K^g7o#^Rm7B@`K>5{Uw;vNdMvb*|bwD
z-tTt7fdNTsp!>;P@pDgb7~MVF<HmBu^DWrDacZZ5m%!!K;#XJn2T;8Cnh-wR^z`)N
z7MMZYG$nW2;Vj+NrTdEAP~r9X;K-XnpQ6)uq-pO;^_>Y-MSqG%+wr~SKD52x!Q$5z
zjhcM9@gB&k*-6tb$e6r<fs&drmh$MW&j<Cr87g{0{PMA@|M=4bm#D|q_t1^aOx{;b
zMW{Y%?}pu2xHKgd;Q0AT^8Bi62?H|+m-SjLu%go!zna_!Vpvfpo6gB>3BR9qUEeR$
z`r~N_p8Q`qh7`lDnGH1WkVKf?Q1jk#@_gT#PT{Y_cbK0(YluI#BnZ;+6ZcQuGm`!_
zIvK+^OcseY+7fr%K7L~NC%Ys3kUFN%r;Lr_wiYvsR`9;ae$uGyF+uSwZ}IK{%O4)g
zA1;!$RJSz_JvKR@B2(;sWFDbG+-_`Lz#&O2p9nDLe~0NCDTqfTmWGlRk#asG9-TCf
zt{%jzB+s^I*=c=9Zxx}kK2!WGb2LtE?3VwDVsjOWgF+ocVYCmKf|o^Py#i;N6N01_
zLD1XFHt*r!h;tJS>*XZe_vn`?$v0B~X5%4N%p6~Tr;8**6T~CR4ZliS$QrFGe77>$
zDe_^ZO1IA3XPnm`#Kt_7h|g+qry!aoLatsTX5r(45Xm|efw%csz*N-h;E|d+O1hGV
zT_}}w!1Ar&Ivs7EHT*nv&;5F9FSnRceyXce4k^)CKW^Jz@ZPO$^id%_0zXyLUm%CV
z3LAA>?27THTD0;}kD<ah*cvg3R1X1@?(olIsLTWyCk9eMpXo9L?jOXIET)~IF?aD_
z-<(iHB+iGaAX0NmpfIs-A^wq9IakLTAf&uAdGn2_iLbv6MMRpr{Bn>Y&2)90X=yoC
zyx_h3#*6<M?mxKW&HTb|mgi~!7mkVg`{ulX^TM?Q(_&NF-;o=ul16>n08Aa5C*Wdl
zzQ8ZW`<`cM<P$UYS_`7r_@n2?$53AO(I@ZOLx)B0XG^TfUzrt9A|@aZ&>a}KfXGT<
zNFqld48+`Ckk$d)c$};E-*yedVL!HD+@N=qsk&8#4&RW5m-3F!0lggMjPoI2NQUIL
zDj$$3IqWC(`FC(K(|LDQr<fMJ#S2^mg}j}ey_lQ80++6%hpTNRIjFzSjRP3f=6>fM
zg0TUHHaY9aikz#6an-*CHiPXhU4bGAng-C>D<s$7CLKB?s^?IvyX@_5FP%)9Yyr6s
zyX6);1#q`#jC_QP-U9f^ir`A%^5-oHiQKG#<%k)J5|9$^+38>!e;ai;w3Yd6G|*6-
zR$s(05qP|XUSW8=K?!0G?c|l?heUBbn0+^-=Z&#(eFtDY`TeZoP%~aA>!rIh4lYyb
zBM77>Tg?a}M#r{L625pWvEq7bA!P!zL;eb?%hB9You`MS`=PnV^aEom|KMGw1Z@S}
zUEV6(KFPFYeabgMHNK_JJ?1$~=}8l4;Zap<f@RImUn|<pH}Qnz_x`^u-u>D?YW-*V
z&xGH%IpR`JKk;;e#{|pXg2#H$Y5u&(5-fWjCuGTAL#%kus`J_SX5FKDu%hiaRo_Il
zfUakk%9c@vyZ}s~5CeM(L<|XW3Y3q4^v?&4*S%eza$?0AiVOEoRbd=vVh6F44GO|C
zfkPK^#kL`o4*Bj&{FF_*8>ds%s21q^^7Zwwq%KfcIH6I35KhkT@GB8dW+u_k2z{!;
z<b-0(`ALX0&w2lRD98>++N>J(>HHXS(23Q%I4`uVl&Wz{9Hm4HwPUASC7LW-?+7XA
z2o}4AhvvWWe?#gu3|kYYy5R%Ag!i@fJ?q+Et$4G-2Gl*pAPIi5B3^a$v38p^X^NPj
zM(v;AJR^qRi@bB9p=hd75mmFFA;OKA%QwqP;#@D7OmqIwzgZbdk?L#|x7^A5Yc$x1
zJOJ%ed~79f<2(K4;jDtR1vlQ`JxtTIDRyIjK(-x`EkZZT+io@3pL;{Sthxn!>sO*+
zHK{+)@zf2oJy=-^PbPS~9N>5UrXmpMa)t`5Pny1t+Oam_k@(C|r%bb8Dk{&hVCwL6
z=$u1)Vsoe~o9&rj+J;7Hs~g(>n6=#1)66bC<PA-YeSXtXV}gJG+3anz!d3dzQ}xl~
zzXgyGtoNV4g7pD~<t<KXm7kafT&i!Ed#@afZIAqW5D3|tY&yOUyu!oH+10g||F?{9
zZdko2{x8PoD)$<owIh@Xp3{%3<dvAgY#8hU+&>sV3)BkY9Jb7+4D{;YSOg7>B3MVr
z%_n&ouTm-~;ZLuyA7}glGzbE7%}C4)WL!t=Bp{9)&>opPX9^qv8dNywTc2lr^HYGr
zFRtV~LNO4vhlvCDPT-#JB;4HDNs7<=_Y;PA0$!-{jaed-ZBCp1hihS4ITddf;h_ve
z8Y8Z2Kk2O}B2px|$wS#PeInUndrTjZOkv-fgb#S$6GG54|0y~&6w+XKmzGPLBY*x5
zE73JIN+mq@W?D;Yc3KZ91vc@q%p4t#ro2iEjSPjla0MSuynuQl8Y~5191GXxyeoOq
zt{F((_Tyj;j%JQEGI*4L5H`y~-Ajq$m9@vnnZ9gcOr=uHQj<b!$Z<cFoGdNv#w=Yu
zli;;kg;sUwVS2ersn&pOK;y@l8gbLa7XU8?ufsDSAQ+koaUEKYLmD@EG6XNB(;+SF
zl&Q2vSAQ{a<AtsHU~i~y9Xng7Z$kA`Rb77go+wOl$MsF@TfvoqE&dVNg(updK+KmE
ze4}kh#T^t53oTD0+H=+?;y3pjzK+P9;hoQOCu99RMD@T^iChxhNZ}LlhMTa}FKlXg
z3Ce|cJh&=Hw~DvVr9=Jo><^!c(c-B#l(5V!sudd?feozdG-!H!V?N2W0r9TD*A+&i
zsN~D2<KkLq$mG(jFhzxtmZKp=y17+sjn_<0nO;R0oXXCwx5~jrEAg60lbC3<#b%0l
z)rIOxob_W-gDf`nbn#ajCrvMdq*-!kWh65B8RyD()<Z#8^OAup_Yo8MFk#cnG8Jn+
zjS0GJMsY>Y2Mxx{K7LwEN|H&Dm+I$UQLj8PnA(e(x9-|}S`tGax-a7mor4yV*pPrw
z+P7dOI;sW~Kq$=<hWk&TijoyOfrVGmdnx8cSS(K+Ij|u>2pK0J00<0>1_CVV4h{rl
z5)mqe|I8XWuulEqL{(UsE>vvO)-%|25iKcQ9uTlfRr%6mA3-Z7ei=sTGHX)~vR$Aa
z>HMSOw!Dt0`fvHF@vVv>3=ginps#?l(#(P?n_}{uE0XH8P1LO;{=};odTR1Y&_Pjl
zl@GJSDhSi~(pq*>!-;WLOR5Kl4h<Q&|A4gGUfm+h<Sf`17&r=zHzByAc29`p1KgF8
z)et-kLzX|+{KHcHJD!>O3_3$L4&a6wcb{ZU*Nb7QB7m|bm(*R6@mxS(98hbV`aexA
zRMGcV*0wL})}xl8^(mI%K4_n)Cn%u5O0SG^Ws)h78wqkXKd9KA_7rULEV9+>Q*>-1
zBhaw}Mubw|>aAO{&~A*YHIfO?55i;G`KQbF;RFulNsbCC_E)u&E-N-N4cmoeitD}(
z;dM}UY?|4{H;VR)kVlO2Dc4L}%lykp0>174g&)S-|5;cWpYYDl;J#bs&BNUbQQr@A
zZ40;u#LsNNuUI9cD`%g&@GDp~WVM0b8Ljx35!)uMT`gBukOpw=ja03Ql`!yW57?(&
z;2puD|4`@HVLQPPge-Wzww#+#lV&-ST6C(6Xw!;9#n6oeco~L`eUm1&|AbZ|P)f9L
zn`S-M)$jrAg=(AT*C&&`fS{GH6m8H5q?rcTv66Zpf3gc)`G7R#6Csi`&{oDmeXUdQ
z9Y=9EG7r#c1_U_hAOy+eKn)TcRZ^H??@}-@c@4oH@MJ7xN+>7<5<-BZPzkJIe4wKc
z73ev0l0w!1fhzK#I6Pvb(xK28Bd!$Dfbdq@BsiDpKQdG}Bg8*cqXS7kK>(NyJ1-GH
z=a!rUq)Wu!gsMsc<yd&Jtpemq{sgliMogm^piNnXC_qhFlyikB=3QjLSu!_tg6`Vi
z<!aXpMfiylN9mOg-M}k)YAX!B5@0)Cy$%zCGLSDkzPnHh5rak<+<bXZy|$Sm0W~@4
zt{)B%1vCc<;=>?~97LB?f(D3EXy9;};;3;ft<X?X;nF6BHPq{+#sbI61%j^6H`Et^
zU{m3WDsiaOL71652Ptu+F~XaffDiMy|K3+X?joj{y@c`#rH@^wJ19MfB$Qe*1GO2^
z=UyLIL7@NjJ(_-cfjR>rLm@bNwAqTsfr)%1CnPv7Oy7h65_Dh`RS;>w%2<3A0ge*y
zE7c0ZibC+&n41yrsxahcs~eDfU%(%~U_h3pxq5sbq-`1Cp4c9H*Ab5v=ZT@pu;q)f
zo&uh-?aP%4GQDNb7-#t&d~P#-b9>@h4E;wK$}#L0-Yq|kc-Xm5oQo{GPi$Qc0NA(q
z{;~R7z5;CjtQ?U+YnJs-dEZD9#dw{WzIVOlxeRXOquaQ*TXa-fEHnH8_CXy4p`IXw
ziUOJjr0XKG<xLHZYn!Hv9|l8>Yh2|Ic|WXew0>(@GO6`q)?w9QQK9IWML2P-Kqdnx
z2a=3L1;ecXeijr3tTSdk<gn!+<x1O9gLrZ5d)<27+>Cism;4br#yI5g-ZOD8jed7P
z9X10pUM;6eR4w#LVb1H->FetF#CaFZZLTfi?!7P$)6rmgR~Rr3(L??H>m>Za{p;G8
zTNs`Jbr;QIsOq#Gp&Q^4U!;1>N!0VRO$Y4?v<Hphfg_&Z=6yb_>K$!k-#_P#m95k#
z+Mh9}sjGO%`Hx2iX~cKD(NmG$<@C<c1Xu^LO^4I=;cCCh)RfxiVHLoM&&kKIj4&d2
za4wdyY;^&3!g_E5qDgwa9U`WLR}4i2pgXDTAide!!xF%kG8^&%9=DeWNDd3UMEXLV
zuTdW9QyeyWT_fWI+Ajpd82UoCz{aqd3`EU9_29&FDJvk|+5Or)As9rBGXXRGE$)Lu
zszEiPvau#`fj>K&n<^uskb)4bgrRsw5TJNcphRc#0rW^162PHg030f;KOHC(7{;O<
zhzd?gGvXW+EzHcVx4%ImAoTWig&RYmE(#P+0Tu)=4Id~Rkn;gVnmCaW82{vae4aId
zqHk{$9@t5g>41r$p`?YRL@1z%BO6z0L{WtD;h3Q#q_4Wq2$MYq2^x`nMtXRm1jM==
zh@N(Yu7HCOU7-X3cVz@{S9osdl~9Gcp%NI049dxfwi^M#O~&&OkQt3Fs5}QhLY=_w
zq}Wd2_Y!d6_b~*a9`gPGKL9O_@cVOXPWbO$pSuZ`Rv)?7l$d^sGy)4Z0vEumNJnrK
z4V~iI1@My*A1kdu1tC29o||^zZ#trej)-a_ksvmJk|2`zBY9G#+8ZAT`#A~qmrE=r
zUSSg%3H4_(06~MIV3529gc!+s1oRKZ0>S)xtgpOx7aDLD78+;(opFq0%G(71%YxlM
z&^4U#>Y4oPS~BUE2A`{h+#9YF|A$(a@Qvh4@1^j-h235d%+S1<Lp~TQ<uXZ%2fgZN
zl}^-MR7yr%V7a|~I$xvlF+r*qaa%drm94O2aMJWdkbXzA^l{8nsHe@uwE3V$WCIl|
zg8kPwDbt)W_!6uxdKlG^{RkDD86{iFnX#Z<VvCOgfPMHeu<fj&rLff$Wg_(kaO_nQ
zHS}9>(y};L(0>bzu>3190<RDXgO*nfZT*AtZcP<au`YByrv@3l!w%m2M}4f`q)m3W
zuxp_7n(6?7NufL)A4fzOM)ZYGT*NMNqvl<(zjoi~H(FSi$7*F1sdA>DROdA^?a=o+
z8*fJ`*_)RUiurNAk~^!te;FmA9bW)=CGW0i1HrkZ2apyinf|{>i-7(+ErPDoz>T36
z3Ci&Iu!vBjRES=$RG(CO*6--VhWHNr*9}uTm&8cVpvj;~2KIH#Y<PBG#B&b+a*_{l
zTTlGvZ#<}y^%$dNkyCfHsEnC_GN_@3OPwxTDc$_$C;8FebF+&&%`aIenm*l@`SJv~
z>S1#Y3IF6QS?u}$<}5D1es<s4D$2fA#;>}UXPc(5ZIy1;zb#E2wovr!e+c<$<6w9G
z9kZM*0Wb?%(##0hD@0c$3Cd*%pA0?pPvl8|2`7;S;pOI&r<6R-kk{9p4ga+7WqUt#
z@xULaAfJrq_<1|N>FOt8rqlF^y7ILWrJFc!bx3ivMHgiG96CC&<+g}{9jqSxSI&|_
z3E(Wnu6s}NmCG0KJS~i!X}H}%>c{$B>Id=bh%0ObHZC2T7te;hAKSm(=05>Bl2^=k
zi>|(*tIlOyxUhGN%^w$a?f}ff`Lr>+>y6ei-LBZJ{;-SV3?{Sm{BjIwjEt#Tkl!m?
z*puqF+vC*tzxPr)l{K63_OaWx4D5XUe@K>CH<K*>l`I)I`Tsdtk`_Pz?_|lMAmZRw
zeHBjqN??sX$!@#SD-N$m6)w+W<TAorGLrRYp5#sbw$3TFoV3WE_6wMitmtra#{um?
ztL?+vpxYN`QM>`ai1%Y?o`(oe$&Fq~<8-1!e|?Clg8zZm@Z4M$P~9NAxy)X`Y~IJ&
zyUKQmEH|^ymI@mE8X-f2{Q6KyiZ)HD1=sPv$(F=9#}^rN@?XOTPxjB=q86oSX9sl?
zoxY?+O--)|y53d`W*+Az&Z#_oHv}Y0bS`fHZKi}CrTm+jvZ1`yeMo{VpMILwWi;!W
zAjplj$*49NWx4-C^gc`uj`|OtQTLaV3$IywI{@<)_J83Zzpf4!WqL*Bjcer<5IOSI
zyEdCOo<+eFkSQq~#l6<RXOs00QBoa;+!X8-+U;q4svcI29)x7j9I9e!Apt~7GQ0mo
zOB%u^ei&?tYw<$^O)y>mK`$I+qv;J~^9TL5aH}k=9z#u+>6BecGn;j64<x`N#^H1i
z#>^we)0jTi7~VNd6=`HYHwfZIR?!MEoJVv0n2KwY7)l^6SS;U`FJFVlcU@CC5+!Mu
zEmN+Pzo?v<x0fKF(NCMz_yij6M28PX#gb^Ke-SVO|H4u-&>sLpZ8y}#F98m>xuBsQ
zaLH)!%~crK`H-^|DE=nBa=9KYshzDjVd!>p9}z<&t(yER44w|IcqqMwQ)Kk%6Y2JV
zD$7lTwNBPfO6QHw*TFF(b-k$ra!OfrN~lq5g&Bn?g$7s-LOOlDBzGNo8ZPKdzA7GJ
z`jq!bel__Dm7Mc6(k6}iK)oDk)FAbv-x^CO`FO17fWw^U>uS>pQyjNu)bT%q8%A_C
zWH-0$Q}>uz37%HuVy2O@9?L7IZS$6F7qx$!E%y`{1lOa`jLiipDO2z^>nbm;piq@j
z1NN<14b{sj=+B;pu67qBLaR7Hj_v(8Le0^VRlsN`*j2y_S)(N?V0GtO8nD0(G<)|9
zE}j3X+3^2-f85p)d|zm96aIV}PPNkaOf@VDrY5gx8gmuZ?F(LgUIDA-eER&^LbsV!
zu-vT9f5!+{y_X^b54nUg6A;DDdFnuKAVpeXe?xXiqiPo{2}bj@EcMMop^N3}l%BM)
zYNNH?h-k9A7R?SG=kpYY{2n9GLqyhdZ_1#jx~Lr8<S)&*=J0&P)l$K^*xzyoMzosN
zrWWZYR{b!eP9wgHFrcm<SS`hv){x3sS%MzWriSED(55zq0{nIND5x7Gcobj^3<gwk
z^g#(ter%MizS%TQkTYe%?8&obUS?UatP`5F*7riG68RAw-T2;4m|>E}6g6_S%o^d!
z-50IkuSYLY)51)b*L=L<yXjnmtd9>Guls`whL)=v6`=ECTWAk?s-K5PT)jS97NHCn
zQffV<axtIQTCS4ol9Zd@H=O@Q2+5Z(bbk(!E>8=$Tk+;aDVg){vn;}lj)6G;<2_ON
z@7@yuJ%9Fa>sO3T<oGX6%7anVvvlLdBB+};ROXqq=oXqbqd7Is77UqnV64S+W4lYL
zd->-Uzsv-^i}q91-`tA#6ZHpQ@cPr0HBTE@9PASz$WKK)grO{7^{u>%!FjKaz4P|*
zuZVX<Z*cfW!_~A0s`evBX(5D{g_p<I#M<?(u91I^^Uqw%?2~&ST@lfGCCHrBE7^Vg
zqw}L;@;^F1sNQsFpqfq^K&|IxL-RSh)Nril-Bq%4IBA6JyuRAZ%R*aEM}g&W;YZC!
z4+Z3L7$8AeM;`{}qCr^;1H&K?mHCQ&!^r1Ku|%17Bh++JXel9$pP79MOkyg@*ccD`
z%SLR+W`eZ#F+lJ+(cEKMIJ6h+93{5mbYRHi{VaSE(Zfr#bm21XMu-|8V}H*G$R_te
zZw{*Ve`<m$CZm4mD|;fF*}5P_wHEUpk8RX)DeLul)jV3K@UtW8+1zj*RFoqO_*AEW
zvVm(b8MlG6?Oz#8;HqLqlODhsSX#!C(dDOOWpmHWw@ozys)VZ>OE>|ca<r)*Q!2$G
zRobE81%}zMO~y&*0tIJK+DX%;V@Z!<jxXCK$bx0EV9Nwg9~Nu2We^I{q46Wam=_}1
z_^u7dgpL7l3r_-J+Ru{zNCS0gB?nA5*x`!?Hb<pEV_N?hi<x^PbX=qj2f-zD4F~1%
zUeT67C3LZ%(f|BqV?!YTnbRAHl!0l_e4Q;A8S^yep?b<Po(|H(?W<-_!3`?W#~N*D
zE&Cz^9C}mBH*KV+ps#C+zrgUi^DgEb>T^%^ZEy^*qHP?w*@++_mK$?xpq~P7#pl0d
z2_b)@g-7dyr`dL}ZQ@S3#FQ3&{-_yy3?y&u4g78O?5CX1l5$B(wathTeDm%jOtn3o
z9(MB{WD?7*xx7JLz$r%lf-hWKSL~D>dQio8?W<^PYft}4YvFy!n19&$wf-=Z2YeoQ
z-pWz$lSBR&d<ocUvg6F`jLpQpp&^$i;G1*7(_Ol|8FKAri1q<wV3zKYLGXW8zBroK
z2Fd@Se9I#7fOHy(%ibB$w>^Ig7H~MzG-Pr_f#zAuvn+i606qOQLJN8MJO{r2RQfcS
zDTuuP9L{kdIAbU|;F{uSfr5|mJh*WLu0_DA7mLnXfTH`CuH_<B^qAt&meEcxu39EB
z;s0Li=RAXb+H}B2#fCs50&IwHh@agYr+tH?hQotLKn8jXbW3I1=uZc=2!U9KSQkG)
zH)vq>H1mW5n*p66ZB+P9yJKL71<VV~8)$ta<7?ZP#V42Wk%@b1^!paU>`+NvzlFw<
zik1;DZMdmUPt^cO+wRV``@=udcH)n;?Ztzc07zSqTY$6$xz)zZzywI!?#@5bmN6VJ
zNMe{=|6?1n_<d4>6dm9P+90VIqFqAr%a|6N{FRFleO0qc2zZh~HCbBj@o?5#)H)G{
zq*UMKU8(F1Ikq@8F1^YmULfLa#<TV~R2vtm#byW-5>0eL1%<zf20f5xuYmJp1iAq^
zm~;V7z$B_gT7?{e&Fl;COveR2+9W^Hi!6r|asYIO9LIV=&cNom8wg+i=?tmC1ayWd
zZ|`6A!$L6%c@WQohhP$Q5{YG@==Zv-YAS~xgNR{fA?rOo#I*vdC0s45oHB@Kz9$f$
z(2(qe>;TkU5J1fZ{ZVs1f7IL+K+OdVmP@1(Uy}<N2Mhw#9118IK+OR~8V%tyT|1NZ
z4#xHlLM!+N3|R>W3^jlnIsq)Sdw(pndjOxPc5*EjQEyaNXR<H6BATp_56B)WQf`8@
zhz|*U^Vt(v9kFNt2nd?;_C2B!pE0F5l*qw0J{WPq7AI1OBM}s^a0Cw+F`!%HDjQ(s
zeFIo|0}Q}+Fnep&P<kD-tEP4^A9#T8Xl=lbTM&*l8VdP=b{dI*3|E1HTE(z{90AoL
zz*m26OMkeZ;P&!>^{W6R9?VZoC@vx>E}>pw8ff5ffJ6pGsPiNn#D~EV-pEIA3O}#l
zZQoUg=?iZp0wXkq1S6CQA%0S#*&N&ne%k{IQ;n?%-em<E019K(1Hyt}q7!=nh8w`R
z4hW0J0mi8T#YwB`2PH~_1t9_`{Rn{4NBX1mkpN2n&e|t%no%oNFo~~cubkC*Z#&}b
zy7Ux2NpKF*4-v=B0Tok?Du=-vmOO*64I_WhCiBH&Q>93wXwU^t4p29BkdH3<ShfH=
zDo+k<1-plv;$x0+x7H*tVll`#p>N{HLE0^oC!Xo#lf5rVa;s*~G<0mITttE=nKG9V
z2B<<%$AClRzQz1U6~csGdKdl>d9q<m$|W_R3PE~@Fr|~BADQo3NH!?xG3)le-sp{@
zTfIA3OJ0)3>ZkQfowW~*S{{(2yizuQ{&G&cM-ctSgG+4Lik;0$cC6jGwf_1Yd<CrL
zTn^3y7OtJ~ZoTmT6a@t8bcjvTlnG^)_^&xY7}s-NkU5BtibG{NY1y55#4(coV#-6e
z1lD)@7Eos2sUM_KrEfnzd3^$OgJJNmWiH7rzic(tefdE78sZb*x!*!W*xHv7Eg7t*
zrHfX*k~Asqgua=z0)9jp4?~YqkHIvKlSTeeu2<k0I3m^LYu;($`OsU$Wv}G5xlukM
zV=qJ+XC#;r=z|`ffV5p@GczLA;u1(Pchs<Xd_aPlGr?Y;#lvcjvVLvC{?2rE<=fJJ
zTWQnjTepz3%+P6?gK?giF84jM5H^}DYcUhS-0?g_G8lcl+u^<;UncZ<Z0DcR!qt9F
zK(sKwkR8c$LIGPQ`QZ@Z3pb!%fx(jY-}MTc&b5sE>+^H^PbLp~rxe)av2RxHbUjU9
zpQ}eNTLlwx(<E&Fo-15UDgfjPg~em#>KtaWp{To2Z>XBoP$jcIu!kJ}l`BLNhywrR
zhwvSp2caCRt4LABCyh0K2NN^dNu%Rj52Z==%F$T>@7w(g=p3&Gq%WTwKo5&3`gmIW
z(ZgVJz7WGW|5XrU;a&5HXz@7l<uBSiLVRDx)IZa2VSC-OiL9?Y^r~6A;h*#CElKSD
zd)>nA=f~A~)n^rFD^|{<S8!k5XVrQS);IUu{0k2KfJ^0bfir<;?bUFb5#$xsUuT7c
z5#qXXkzqlz(C^j9u%EHx6I8C9l?oPrsut`kn^&cOdYJf*N%*a+eka&m8EK#fbR1-%
z6zR|p_tHGWzRZd=S0ZC7^S&icxgg5B1m{Iwc%ij{*;pFmhWXa&sG0)WX%-U??Dz7_
zWSivYTU=gdGLZ*t%URD=YDM)#cqo>t<GA{SEDEq?caA6Oyu9yRA)7EZ-ueFMSvELi
z97#Y`f@9g=s}l58|5=rQ%Xp7=RQI>4gqs~BG)8Yf;|`iOBQElX3(Dga(j$B)(CJvc
zpp;Kf><s6Q^;4Q8O6|1I%kc+*`_Pp-odI9Jdwio>sV0|%U0RGhzOFDjr}lqrOvwAw
zm|$SeJUioheHd1(xC-OI80T15gf@$K*6-vRt&nh&y8JSxI^&eGO!B+_kGvIzzk36t
z7B?@<V~l9;E-tubeNf!=Ia352K3UX==7+k{U^|wU&{<iy<8=NfDhPc`@i%qL(h7(Q
z0;?S_{4FXtIP6G&E}-TxGMF$2_@o`&xX6>4FWI@@@)(a5w@b*n?;U^kehkK`iho(#
zD=ZiyS;#6hO-t@X_FokKaVH7Y)a1DHHUN9~E-SlnU)sikbCR~Ns@UfBd98*Wt9w&g
z+adP${po0IQI{^h>$8>XOGJrk4%v%UeHqL1s{$LKL$g%X%o_Qnutb*`Zc3GAE3}+s
zQx)RA)-Jl;Er6K|&lI~}SHFl3;t|V8QJnjW?yCS7zoObxRI?GkgXR?Om&@+lQr3iD
z(W;5^blMbO!@M`=saUyQxZ^sC1{g@jIW18)JU`iF2EN}mYR!tG$)ouH5Wl$EZbyI5
zW>o%hzs9t$_J%@XQ74F5Y7|6;DPI)mrs}|u+?qMME>~<3byk$b6ke)aQT)WMP=@xL
zGH#XJ=c-Db(6_!D8Q1k;l`%cyz?a%Y#ejTB(VZK8ATk8-;E}8Op}jGy;QJq_ZqD$R
zbZ9);udx=-CV;=-(6_Vzym|X$x3}7^38luM9dxzV$oSvBft?a3(auS`WV&#g2`tmc
z8_SXd+scsFQR7#C^;BShV1(Ge@ZjUaHGrcqX%bW)#>9MQ{etT<T%PIT2<VfkfAYv0
z6NK%S|0eqro<5NoBgfEEzRmBQ_J!SVc+BeC346SA+n~ECaQ2544L)sVY!eqca57U9
z%|u?-Ft^IvDIcs1nQ$Z!-Y2;gUOqRIBDqTR*7W`(JsWRE4Y)&!BxtA!^t`fHKZ18Z
zM8~KsodRlC<U~f2-{3o>9=St?&iOF-S5rRlkk8JPt3*EfIo`cEF_!Qv_-jfPg=A^$
zv2$H$`>wF5Yq)PF`Cs`A(jC|$tvV2?A4k~aE=sd5iv5fgVdJcQ<4#?42#kOTj4BEG
zI)<mDS|ky2P%fhut<RejJ)+B}ht*x)9te1kho=~iU9YYvV{edYbzDI$Sl*J^%~@E%
zmYc|nN>8@zFivA(d^F%T(q3qQY~&w3INRN${ocS!gzq1m`z)+u;&~wnTfU!Uid&8i
zcy?<Y>}Fk5`cbf*l+HL6T-0fyvNluO*p-;+4A^1rU^V~3>Vz7^3o?)r;ZP2PV93}1
znvu(0Dr!=~%-E}A2Ug+PJ(@u-V&F`oMV@^OaZSJ{GXbd7pl%xrG$5=h;bnyAt*H<G
z@?C&!%mg3m&P&#gv##8%1wBKeU80SX3!XMv+^AuM%)duB5RXc_V2cX?!G}N07+}QF
z5?S)Ug*6e)W)788`5v3=<9}9^zihPb5zQzmizign#IjO&l^W@H7l?VK9>*x+41nPI
zjXrf_hT5lXGbtjhYT{FmlS!xfLWPs*tLUy^FMW;J9`cU%PwQs$Tr@u>5J4%Bn>2rO
zdo6Dnr|)oYSIf;Ce7U`5)6z?Lq9}+Vs=<mdzb^nXWKj9g`uX`B(}wktPGZ_0^U+2Z
z{>eYS@(cQfk1)4*`^ScBPQ}#M6D>cU@e~cOED}D$Zyz55s{xS>I!2MFe2m|V^M6!*
zO*17B5XunOXHKU|loH7GS21Q)FiZG+dEmW6&1cmS#dnz$oVoUYT80%slf}>ov+!_q
zb8`}2kd2{yA3gBNlV5<{$cCF{n4W?N<PJ;Q*7MO8@_VWnPQL9?1+6E0?qK_Twe=9-
znm+K)HTVWk{OOG=8Txj)fEjk+AoUS;a5;By$;KBr;V|+xh0j9#+Zz+PWX;s~@f6Q6
zYG8Nw)?VQ36)jY`V8`X@@=MUcN$Q<x2DQic1Wi3+?M6jegQiiVEm>7WlhKObNvLF&
zMWXYFRXLe7l+kI~-ueeeXy9I->44G|Jyxke6TpFHwMpn`8_z02Ui>-z1FAv#sF-@|
z48Ru3<HydVFwEA;u6j0v9GdGc;wlmK`J*x^{2l6-KXkPNyFotZBSvMe;t4@ujUedd
zwH1DYlD7NB@JiXXkvJg%uYDl4c;)Nj-eB3>pq(Td;ra~>=Ee(ZLWR~0JV>~=m&V7A
z1jZ0jU90Cj9z3P&s8k;t@4-AFoJr(CpLMJ6j`_J&Mtme0?6-vb#9R7o(ql!XI;@Ul
zdHA-~q*Jf6t6PZeE2d?G<h;UxC-;s$);91;@%2@nquT!RuG-h4U?7g9Y|~e~&!J2^
ziVjb+_YK2%&?DeQp^K$eytMPiYK5@c4QKbS(r$jdvm#?mdNmWhmD1wgg03C5S*Su8
zyFP`mvPnqLw@Gj8hI)%y^k_mDAXJ&$0M1*-46x6Qu^(zttwBrQ0jlG3guf8aWmodV
zg`Pz3dB8k#=Le>esRqG%P}8XI<5zNY$HU=wRwi;l&U3&BdmmR$@^ENVV*kv%(EFa`
zC7|YLlcFgO)O?`hDb_^)yB<;f$@Cak?Lj5i?LM|^X(eGPq~tkb>G?1qvGG|A%eU2R
z+Xt&Fr0p*4Xs$BVciD>uo_uriyBwqhAscw*cGjXs&56FK6l41Wg)PBYlMUhMYvxRe
z9KRR;mB<&_rrgu8iZAAvRp&Jcxb7CX-ED#AToCR=UK;L*DZzeu=Qv|EXWDM>2h;QP
zKHh>bl39;0cTbNukC^SQyOW}&7j@sPxVI(Fm-4@L)f}D+uH$Icm@yV|uFBKD?w|I&
zGc!Y_YIrjehTd<#e;9gfjW77;!gp9GeRjo?)_!FB@5(i`L|?9V{#<*Es9eJ!$Cymh
zSyz}z{%sCh!TU6XWuU*aRadDGH*7j{`4Hr9)phYyu>B=mbk2J=_s(&6Fin7%AQr6-
zoq9*Uk-lcQ5m9Cou`z|uuclRs_nU8{=qDM0yzuX2$}ef@TVHflyO)BTKd_Vp5DxeA
zB}$`*_G4A{ldccqMkC)HRm~1OS<2^b&M*4$ip@Ap(;NhFH3}>^qvNb6SYN#@DkhV0
zr7TXT(!CbQyCQ{@wt~ZU>nGBB$6tqP8=X2>W+U^R!jn2)eV`1}w;hk{82N=BMpi+y
z**WX?kJV=p*39_HM0vqE$7+A}(@6E1Omp~TwQPHlT`KRTY~aY8r~|Gx&vl*ZXR(E~
zi$1WO>*>sFIWSSs)AP3bCD_HHS~DX)b+P+6hK_Ua_RwbNe;009x!<sEqRqHE(<Swl
zY@4?p(r?P7qS>fJFp_bikcpdfT8=AakfF~r$p498krFYnO!4;y{fpjrO*OE(C~>`l
zXPW2Y1J5T`Bhl1Ls2mj5I!XWLlj&}w5q9WQEab0H`hEI$ax^iVN9SzuH|RN`qbjxa
zNf%sUf{WEu9^omlnViu<v)r}iJMT9u>?(ZQd>EqXnj!<-fw4@{l-z0zlfORxbOy{e
z#bUs!6DgEcR&M>PHQ?4OGiaIwq?QW*W6B{x9x4f2pX?h#0j9rKB7aDVLuETnCcI>J
zW6w1`Z7<8`0i#^ItDtNBA^2CPXa>ZRdNf!F@EV-?yJ|Bun4c4^kXWpo+~!B`&3hT1
z5GLkyFec{J!*c1bw}~b;L#ahJI2@?aKR?sU1;u+hg}GZeRP443c)NREVjcmuF@SBr
z7<mi-b${NtKG?I@MkknC=pleRpz&5>0$9Jw0)eOvYy#L2L21sp<txx)Gu0CP-jXW?
z(k9Ua<S7qfYn%&|Id~?hIr!WZE;H@%Va9&Nd=Rl5tg&(i#)7kUFKdG&Me|ikYbS%-
zpyGv_v13#aa$x6Mo?+_C3Rb<K<b$b;Lq`~d3CkrpPI8Z#1N8e(0sMA^5;-O+3k0l`
z;_sX$N&*Jcd2}Zb5N22@vfBN56Of0Fa!V1V9b&=4Z5~S9yS2~~W>~4klKYZ}A6YEZ
zWXs{o*b;|HY3ul@*ez-_?{a1g&SJXDZtl3bX_s0cq)u!ox3h4*m_8MHaRbyZU~C3%
zb}a0_&|uphlgadi_#-9bEU{qPHLbi1vHDV-{i2?+%sfXG3FDmyewby>U@i`mj`ll>
zNhP{(Ta`%vFWTNQIMT3P*N#20?TIz9ZQJHV6Wg|J+qONiZBA@w_q^Ee+Ur}pYXA9u
zrSf!DSErv!_i^I7?m@|I2hywJmu-IuVU}T$&040<ej9ZspFCmz#rhM)Oq^VKV)EYK
z%5sH+U>IV%JR$?)zuF|XrGL2|Z0N-=3Y9lePcbuT6N+EkO9q#KQHxif7P$%*T0#&x
zh}&Q=ra&PZ6Ek7S9>w0-C9jH=cSoTLg>8I56~}M9$=RhGbZmZu+po3_<NPIHsUZHX
zZL7~SsV?&(41JT7gjOQya@ng;Y!~6wYz45L85)%Or?WI)f*CWkV7ey~Bj^j6r~N&I
zRGx{nMgm)ZpfGEYcWNBVL3Dt`98RKfSJ{EtfU`fQnFc?@;Q<f-V2%>Aa3DqI{Mo1p
zJCCRW{UM1e^Y4S+CzBOA4>JE5Gp8I>oZ<^q?7|%wN>_C{bmaHZ;8yYQX)MY1z4>6|
zyg^u9@Kd~79F0d#U;KK$3sfFdQ}0S30y<#c!a*Qj(m}va>`N?9{k~q#f>8M*)S}}(
zU*b8jO$9In6Od#e8atpLX1&O1ptZu^YK6b*GHJR5oM?!=qJYSOqzQpgq`u*Rk(;)Q
z0oF-Q&gSqom)gYc+q~W0qN)gBrLR~Kt<8i_2V;Y?%f<<$#})yVlK6274hf~CI0g$&
zf`frTkun!_Wm@wA`<x%X0o~Vm+~1sVmwMZR-xFmOfV=|T1D_a`83fFXAdmjCQk~qN
zGqF<W?NLB6p9MqRU0F-W?H^Z)?U(bi?PwVcvh7N<o!qu5n*JzX9ldU<%4_jk_f4Yc
z^$V%Jyagj|EwKfw)t{`>H&9)d)R%7;0P+<83IKvg!DfYmQ`HNn;tz{b_xm{-K0j5v
z_cJ{fl2`x@NOBmtLTC&pPafzyu<Ydn(;7<efo?Z~Z#+v#e9%NVy()kFoVCMQFsWI)
zX!j4iS9!X}uTV=+8gO-(T4nJnhp4%N=7^Fouu<}AEwXunfV5RgWagO6!E$JIV-BQv
z>)zB4jtA|KMDmy9Ka?Qlko=5e!GHmddobJvz{`!5o{W>e$zP$87j1vT;K%Z10x|&_
zPZUZMMHU6}mDue41i{o#1HwdM-FTDW>P`I(%uo!$a5PJUVm5##AL-a2$j|6&2s8u~
zUY3ccYEV>6!C{rMZc^#*gq^?x;cKSS>i`OdF*^<9y%+3}?e+k6(vWfm>N|buH(l^!
z7UBcVH^xzDr5%`{m&yRPm&#WKf5<&oR%hKMU&cvojIe@?ri{|;X*d2r=LfiuVBa2n
zkhVGxFi_o>CAgd~qQ|Q!knjSoFe<rURUmO8jyh;K5GpW*A>f9}3qQC&Gr7*Tnjqw!
zn2HI_LRRVmJ&QAM+?ju%<c<K|VIX`zh8txy7tFZOTnxs0Xaxf00782)n(*R5m|<A0
z;TlED9mUpHyEYITH{ez>GKf|(BKTIa#ae+@leFpy!udEUxJ|97oetKSLSTvmME&7E
zK3-3td+uO=uz_gdiNe3Ye$@fq;vJF6U4fhSVXEgH<ZA&*xN8AH+-reygMjNk815eE
z9mJ`0zY~mJA;mq$9U{*#AVMJib0?Zl=xYP|ZAjmc&43WGlthH-3Zszj^Ce&|AZLDG
zykzW49%o+}K}3DXutB5R0Eo8$z;#FlHHh<AP9QF3EUwI)Dqp<9AHNrCg=WuP(XQn~
zzb!@LhaWhD5~L#TK=vYN|IBKWpu0H{X8|!|0mRk3Hz(+BzwQ*{WL30`j$bdF;l)c4
zh);YzJ2Rq)Gj5Tlv9FP)sk{d}Kk%MDN#Fs$L89^PJ>+>08i4Zd)$WOPS~$}jPX4jX
zy$^mKBPyigCGxKa{P~6y-=g!h9o0hf#6@}4eS#j;=-_V>lm{S&<i?lv$i($i{?y3r
z7POLFKBK-=&n7mlq$*{!?iVF=TjI{;U*J@G&id2NC<48Uvu@lSj(_)!>GC81;&Ddc
zAq_+*MZRrS2X@Qk!E@_9yWs4FtlT0e1@fu{_F}KDLY~HHBb`x;h?X{7yBsio=MQU{
zu$p=m3J^-Y`5J5lHhpAhK&S$!7_ZDpUIXWzmMbvR=ZEaw<B#TBIK6sb;2)l;yCZuH
z19B`@GjKVyM1k|3i#G*m0ab^{RkgZ64WFF9UuytUh@SKe2C2^jgM4rX)Bd*2AqgAb
zrQe?(vw8=6worUlSyN6Fe)y~&z?yzC+{FwU9Oe96$xZuOz?ZRJezeG?N1Wih*Z4q)
zqw8(NFMjag3ktIMm{Z`aiusguE$ICMucmfo?6R420qnNSQP?%+lFLFu`4ZKRv0a_R
zA@wOl*r2vp>5_SrxN+1dNYZDprxgraW_p-zFA}d24?D$71+2yygQW<*R46MtaE)-)
z)XZf9c;PU2|MJ3d+fpaZ2GwSDOoorE-7Z-cB>yo(f3%C8cx@m_1Y#J^x^7=Gs&dHu
z4j7>i7-gjJ=7L6>U_=FM#6wOE`&;qiB*iZchn*B*AGY1IL~DI1jIO*VQuE8BxH$|6
zTLWwZu5$b5HsA}OzYaL$iHnty+TB{Qt-KE4@Rom;yDEWdEX?aprjA1~@dYA8_?}D9
zGJm(#r($|rCIY94zYUt);RkJMO6cV|Cp$hkE*i7(>;>G^UHx9>B+$(yz5#Nxy9nGn
zR_IKj>P~ey#DX7Es;2vb&*5117o6^xtANu?a-oe(=y}2=+9tVrrd1B^pRC{F?#W`R
z^XD)!HXw4>2nkDiP;tQFO6pq^(JlZ<Zh@bW$_hJ<jQE<~>R@BD(fZi`T(1E!V2jF9
zC#IC@mT8$bzK}^jZ8&Z2$S}KoYcCKaB_$#Uh5);8>O8aj`qmdg0Zl5PV>Je0w&q#}
zikK1r>dDLAOIh7jJ5$o8vdkb*1Ci%K>w({hm08?_Ripv2(uSlwtvzh<bf^_#k7|5h
zsP5v7mC?hS+|%r}x}JSsMeE~bHC9x_&`jcG+0pPP&1brW>`|eIU0sd3uG9ScZT^_l
z#_70TM}14lT+7IkXO$G%Ap+G2pd0zSCPte%Fm9yg_HcGY8UHsTpHlI`6~`J7`Ll;%
zLb!ii?o^b~+p`tah3@o4)_T``!rgAK$mQw_mSg2zo`<e9U@=JU!RVFo*KS@?btjC^
zrS<Xvq1|w3lcyv@30y*4njsBpy2V}kyouR_&AQHyYz;7(HSCQRkhA8iysIRifqI%h
zh3jZvO*EE|J<d;qoTuljoAX;?)-D}gQ`w8Bt0f~Iz3!0^p@Q(M*-f`CN7OAOa+Rq^
zEpL3}b}DhOh92<UX;-_p@lQrm0oVP^Se=$J3<P2U6vDsr0!jMU;U6X`k*&z`x+s6_
zbM&x$^aYxMx_ZN0WFKZeLX@u8oj=nrH$#-*O`JZ&dM#nC&D<0938CI<qiD5}>*f)W
ztFH*=dA+HjB98n02sQ?s>Ri<u0RIZ}E(~NsXXrbBF2*}dglUN2M`TI_2`7L7S9Uzh
zB`w-JaByVESMgJE@}-?);fcimrHex}d)t0E_Gab)j%Yq4HT5*2Exl!M81P9mHTl^>
zZeA3;t3vara1K$Z4b$rSO)&#vErr1s^xPm?VI|sHg=*mw>G(EHKzo#O9cU~P5g$Zc
z`xpPJKhosP{`(t|34FVtpV(Ci#3LeZ;AoG?dHgG|F%+hc7v6es^I|=mL=^hrm;Dy6
zZBEP7;an5?r**W`lY#HNBgW3sR!`qx7f?zf+|3Cd+@sf^L8pJu3MApOrC*~Z-`v#U
z{uSw%$hfaTe@O2$r<E5T_70)miKIs-Pb9Y-%}8IxfU$utt~SIoasbGlZ-UXy_eVbA
z0isX1$mBRrOk}|}_Bb5fb3Se$S)ZWpl719aMSprA6bvNzc8O}kO?=(ZQ!15cH5iR>
zV+nY>c2NuAKX!vq#!qL^L6{6yptyqp??5lWw(0NJh@QYbVu=M7vv)5XpWos98y&~q
z)t1sM#Qet!le}GfpqviE;)|mbCY}5J4NaBKYz-=>^fV<TN+u$`2@(kR&?>F;w26FI
z-;ab8igVE_P|5<JJl?-60w<c@I97mrOJl<~YMO+S)rl_ta?|z*fO4il;-%`BvuE~&
zTtYfoc|<z7cNgoW1CPOS{p@D&{DkX%LfkLHJx<J(UX<&XqpEa@i)d@S91bO<W2G|V
zh%xRtH|p+E(<c%}(NXNjdLZSx3=0|6wn4t~%Rd8)C4|OIaE0PnxYI{ez3?+5wh4-i
z&yYzws&aIbOX%<*<wMo{xhuA6`YTIH==Mzxw<zUw8R|1)OCpgB17_s@(kMJc@?E<4
zG9Nk)VvB!|Jo>xI9KkgK@zAp{ReUs}Dk+$6d`B8+7Gt;pUKCaOXxPXr&dEk3W|Vl6
zD)d;SP$eqWwl~Y?0tcT<dwqF$PEg+|ZVo<hhl4j*`w~*^n%QxY=&_tl3vA48{%Wj+
z6p0uc2FHpVJ8GIxM0rFoqyMaV9N4(e<L+^#gms0L@k^?)pb7CQs~K8HnupfAEmH%P
zWKY03M4jj|H{~jU#EJ@#GI5XUDuGs+r%|Ao5gomdVWx4(+ubkkBBQcAj5LG*poG~G
z<IstXIT&QAHfCdodct%g?(cwSY&ODJN1{38i$(J#V^Hh@!gB*gU4OVkJGk~bV*ZY&
zev|u($gh}h9YN;}PX@+;D<RRQ{%TZzqmz%Lgk5he4aa!9;j<v_H(2W-+s1idh!5B1
zNspKK<Akuz3uI9R1JrjzZlL+Lgj)^BJ|&8?%oE)!iT;+_QIs?c3VrEWMt+YEX#4>K
zHCS^f8?@AdB^?>^FvHBrB=s(YIsr7vh;DjvO!bD&n5_y)NE}_poJb=QVB()go?9D;
z)hV{;FX^YPZIDbCxX6?%?OG>Jm@b|kp1qeQ87i*V$5K=%1jU%qWh|a3*NI9|dPj9M
za~rL8;?Be(*sXpVKHecDUR%v>G;}9RGASp;JgX4lFj{s6^x0nquCnHAuyChLycc=1
z_SB#jxS3K*M;Q!7VnD=hx`shIpW+_6H5~NTd4XBIokOjd9p7kf@>1(mAQZU!U`fj}
zev!UKJAs|w?axI<Sn84Spcwa&JrL(4o{pyb`|8`xE#w6XNhAJ28N8zCIQ?-z=ot}D
zZBj0qb%c_8O)&jMCL3-FI~Sn_7qk$uS2XZ?m5#tcdiW>Ze<u^xJ;~#^6ZVy)BYncd
zvui{|>HUj-6e(Ben*7rIx~6cwNNRK=Nef6c%$K1-q{4~3MN`m5qe3Kr{dn1uLA}lF
zxSUnW_}<~@Bbk%Jg3g$cYchzGm_8Ji^2096IP{ztRVLV+NjQP1AwC^0?I?FF_Es!`
zXb#~glQB8T--ixNVu>;ZkY7_RSr1I=hzRDr=`}=u3K}N_hGJezHHoWk#vCpK`=-6Z
z^syL}p6`eG?B^_Cb7O2t6Kye54z3YzOrh=7OAsxg=Q&j)s>#48pc^<Y3U*p6hPL2P
z4I;?E+zhnCBF&T!-QB;{ZNLPZTeF3rS+!b^MLmymug&pBIfIsno=zIXxU(!Kj>YNf
z({#1L^di3dVJ2;3tN1i1pD<|J$*WaLd<ExH+fyb;z(*%<atm~Y>)I=vFl*kGZ>X!x
zhVJD@7ahskf#;4NQ1<>>6JxQQ>}MTN3|$PumBGmA`F#CTQ{{4{siwAL>(g=l5m9R|
zqP>D$+UWq35dNpfbg)==br@|R8&ca{ZD=u6I44!D#U7sUI20*qxTYh8%A;J9MXM{i
z?vJXy42M?AMr}iJ8lhU_25{TYJ4U(UMVo-1CH1B{C1-J?1c|z+Ac>)SO%%E;Qxi%*
zH`hBaRRoic3p}u<W7D{=@yVYyEFKa<d9q(s{1-|Tdh`R%)EGQ9K`RFF<v^*i!jDV*
z?jR7g8L`3K@slHXvawa|m8a#tkp;_J8YZpmTNsilym&I-c(IVYa<f#ur}C+X<hLDB
zHcnS2C_!eq#2765m(KrrZ2w-uGr~&%?-8xhTEMz_F=V^|Q~Ji280BrRx9%fLPwU}j
z739+$RLQcrmvwm+P5^S&?Y(%#Rk{|Co4d<G^E^-Cf;Q1`t=jI=(eWLncLyIAY(Zr+
z5yOR3IaIb~-;&v@=<NorWuLlGFdF1V6hwWzoTp7`=*Q)#WbgqcClgMrK)uZzPuW^R
zlJP(Syu@bGw~l(`Cfk8rM-+wv59KB?YT#>CIN8mjZyk-u5=)L{YvV2?ykP|F2Xho~
zFMGVFfoa=GxaZDqRP=A2yDflqrV<BTW{xS#C|kP^k%FS*o#)GFO!g!$5>D99UJ{0?
zHb#S^jLx%Kd^=AMEyABZp|d|J@x1NR3;kkptZ->A_FIDI(;upTafX`EDSGQteEX$w
zwE3)lL+cW>ro~ikl3>KFp*`W-{!K{J#vSkNz<_?<dN+MtVj1(J-U@zcmfkGG5GP-+
z8=7k5KxxRWlHI>+wl`(EjssmLdYJ5vkB5@3taG^tnjsGC_j0c=Xu{q!cB;AlZDX%-
z#bY@OlbfV*yc^6<^ZY!C<ZHK@Ar@vz-U^|F{$Z`LOtlRcY9zOI>lWDnYqr&>D6+ob
z`jRQNW|(=E#P8FE*!zcuP3pFy^)Pp6U>PF05Q~5fpM}`4NBK^g39w6x*b9Dx+Ty$R
zoO!Avhb~zvP9^dU<DX@~32m92rJ3Yqpeb#I$fLiD7JH8(U1?8#7g_clE7!vZ9>s_2
zGpE#K&6dPV?l5Dh0hP5?_KUdYioTWi{fSfu52YPX@>@MGyM3sJXlYX?iOnb}2X|AF
z0H5JPs|M|9h^KN^1%|^grWUZHD*=mcC@GIQ>$6vAY^Ja1a}baQ7CxSH0(3f2tAB5N
z``Ybnl~Hicu7zHkLa7RFzq3l5aiP<R>TfV>s}NbX*Dr#vnif|rc=R`Ku4x@?d*h_Z
zfu+)aEwdtPo*r6Y^nO&{Qr8Z6ap?Pbo)b~_3#hFY1S580$sVMw@KrKDnq)Lvq?*v9
zJiR%cYZM<mf`dgsfXsCYrPS}FtQ978sz`<ZL0SE<{Z}qXeS_HpSB8@VdNxc&H~E>E
z(7j^ZMes?JAhpr`>jz}i><^2mStX6ASr*Y{OdaBnQA{sb+2EtYMM560Y%XzISFW_-
zQxik%lH)eZ%xb&WM>aF1%<gOFmZ_R#oTqO&x|?=taM1YlPD8P;x<B<IF~sgmpA8+=
zcHN>`rVHHgC-2O&#qPMt47GmWSxq-7xYe<2Ch$&YU1}Ur{hEA946~T}KCR=xn|`<Y
zd1N*IGTKu`^d_Be2E3Z&`9rn;oD2+gCe=$p)96uI)yO$&mBlngoUh3?7~%rEkuNVM
zc=$q5AZpztX83}oAG>8)oX^RDb?5@t)@4F%pVla`YFoufZw^}&+nrk0Kx@c$80&Xh
zmSOu0774+pzj|t8l$Yvz-1c`CJE9KCqp@A{*)_}{AOqgd$S|T0VlnR>f#@;wzJ45h
z__l@cq}B-OIven`fmt&~knJC5B)p<?K)`K{wet>pGU{Z&anzX#^}sgT0`PqyRGQ=&
zA(5IOBe?>V>nh8yiKOp5g6Fy`CGAU;rRr%R@IoZ_ZN$UE)eAu|v`~_3P4_lJS1FAx
zRMo;%XW|9XR^$05JYUy9*NBZGv;B{ueMF?Sc!n4pu}wOd(U7Q2Y*ue^BX%&%Ya}u7
zxyzzp@Z1OfV}tIlK%=losnVP`Ii%hiw<glK^!Bq)x|>x25AzX3k}3%@#i<s%Y$Zwg
zogc;*j)>q0J+pm(EJ<v33x`1-70}uAt-QDg*8vx&?QZySq{)|uk*<-<R-oU25B8Ur
zgVR3O9dkV*gvP6*#*oA<6@yn`#`T;>)T?ewEH9Y`dUq)l(tJ#l=<!6-9;_FN?aE&(
z=Yi85`NQN<^J65C60fQ&3Hn6eI_j_bLg(8%q)24n;G+iF`RFVSiIOTUk4(p~>O>nP
zE1j#Zc@IX_(pAH6Gg!pvunqm^S*Fj$H4jb0#*juOV&`@he?U*IRD@5QEm>9H+VjQt
zt-1cF8KBzS*+IGE-9Rb1bl({CPLlbg-|$u`JyBh+$xdHAvtH9=sl$wE?N7UHr(zW%
z2l|-?LL#hNPnqAGk?6E(R|a#C@AfrRKfxe%My9sYo9GBnak{w{zFF9JLA7Mxyz$tY
zzcC?0JEH2ka2F#9n`agPo|oAw>nwR6SnGizm`2677${#N^(PA+8*{O`-R`V<n?1=}
zN2>@t&q<>wjZF#0OOaHoZf1=m-6{3l2|IAB3B4FaXr=g>t$=v~h>NZNj{)6&W6hh!
z;=w@giG+k*8!)xTA!hS$>9MF3g9$wXEqjYoyeqs@t@SKCiLY#1sq+HwBnfj>L$_Jk
z1CfN3Rua52Q8Dc1edX83mGl~?vix^}Ae_*f>stQMc5^6_7`;Q!lfS~gl~B4x=`-6F
zAidr*fqqJh-taNy!ohDTvC;IKkRaQ546p8>W`B$3`hH2tjkP9Jv3}}Ym5{KX@Z<OZ
z6+S}3=58}~(7>Sn>v~2KdWGkMyC6hhFA~Y}B~f1%i=5=gX0~8n8dW)m$+?y@;D9;~
z+IfJ;Hzd2Ka9n?yc`DqlrJ3M7bsqAeok;(%9XZ3zaeh3%w742<?%32dn?B2QjIQF*
z=Me=JCJM2d)_l>rOInZnj=%g@=M(#59*lzD{D$g|d%R{Fi}}9_{Zm=Z2nf6G#5Dhh
ztWW*^24HT!Am?d&Sr5>K3w7uB6hP)RAANZ5KFa$C&f5Gnc83VYtvb3&8?VORn+<iX
z#YY4<50~9YTog)w4u<;#aMp<&nEVkj1pB1-ff24h(IX<JA-a7pqGMmIJAPM$OnJ!I
z<dC=OVqyB7lSAp17}%YMLnL?4VI<Lh-WZl(F#;pwJca{{Ei{{;16)?dhpo&^I_dDk
zUzyJiTI?~qv&SM{0yWbe2#l+b;1JpG%#BbectK!CmorHZ%VAQTNce&NFP-0?nRwAX
z*+ZasluM23dhgAthvy%F_|g)pqsZqA2fSZXV+1<eteH$yHk<#hH?@9zaktc_-R|7)
znQ?`7IRI30O4nP}<r5I*0Zd1UwKvO!dHxnUfN7_59za<^<4pB`6Z+e636HKGm~Pp<
z@;i$Leqr>{44|H2zzBA|V|C9cZv^?fh&~Xa6XM<Q(0SU=c7Ygg2nfFOdU;o6R?X=D
zMd*VN2V)r4%ds3J2__S3#0zCsD`3wC;xdA)cDV}@LBOp8LEeb-@q71Xkn?ea>GfVA
z9hz(2TRD+@LI)7i>M)@sKbWs&=rdUq5p2=h{2oUklfnC*aS;f9k(s9L18X$&IVTy;
zrBn9smI{Vcb8UP2g!RhPZ?*MMO`#+owWy;Af%Nz+R|pa~#Y9wv{>*5>GxIY^pl^_F
zaYU&yxfh;nPd<ULSq#)wAI~q^n!r!C#s%zr&bm1A?YWyF_#aB2y34e3=Pd3lcW_<^
zSeOvQ!D2HCNkDtAEXg&+`*)Tp>_VD(zLX?;LH1w=AIHv*l#GK+VFf2io1n68z7iTH
zy&I4$rnHg{fs#IOPL`)*n)g;M8?O}T3{8|pn}QU^D&+c>LU&F>+gqbehT6ptzXSK2
z;v0ABO1FexT`cp%OQL_O!k=5K^}8rdGFw!GR?uLw&TLu3->IEat6|=?Sg*rFK1rK>
z0AH!~V}>{Kdhdd)gHAKsq<Qu;dKM05$Cu-0kFE+nl>1&7K~sL?P3+(Lzo_slI>@&{
zBzpzuJW%DIuG0bbfPZ&L@H-(WoY*SC-uc`vs>=Nx0HJjU5y?Ia<gTC$G2oyb=PFyp
z2q$hId}^W|U5429{?vKCZ(AD0<HG&+=Hc$7bD%=H_+++=yz2+Wo5B=d_F8r8W~&Q6
zR=W{bbLDJgq`>W}SkQmi8J2Xgd^z&qos}YUeBKW?s2m``AY&!?R3GS!>hGK*z}e$o
zEtlEnj=E!>njmAI0-c6CK2$3+&n@xOC4b2D)7^bVk9uHUlFGq=wP9YO=B+T|32~3p
zv$NsfJs2K2tB5N8{1W^nvzhM2Z71`hba)RK1^Bnb%lP&Wfk(%t99lsh)Vd~5w8cs}
zxDL1)LLT&NAQbdmCqd-BAy4$VREX%K<w9g{#+M{`&`(|YJteQgc*k8FdK#B=s;b7M
zOs%*g*?B6ivQ_Go3ah@lTgMqE6cR}28q!c1{`8N5&tIvx8JN2JZ>g7jY?7j&P?Mjs
z5vZidtKZI<_3MhZ#RjdiVcfkx58uRsV6n0`GjdS(Hdq$Jo;j%Ye-e5Er^JwNV+M`w
z)NyFll~F^*mqGuQdeArff2E!s4I-&D_CLg)-b7akB{8nivPjZl3=}#oLG(URZ80U0
zS|fN&d%4accbjU@xAL5Ed+#hNabh39&LB*Ra{Wkrwi@3>E4l1|rM}5O`ef-IyqwP;
zw1&R|8<93R!7GJtr!|0^kT$UKDoO3LW8jm)Tj$Tdqj+#XR1{uki+=b6o|05KV2M8s
zpzrj_eBR!ff2Bd?Xntd>2~L9hyi*z=Gg>m2+2|x!wb|z;ka_0|`p7>nvw4X7RGnj8
z=Dx`M7F<#iZM6RVyN#Kv6#)T4aMqT_)4}=upxtjleuVh#mZa_R>;EnOY`y-s_<P9B
zc%2R-2u#VmjzjtS{c)=M@CG0MntTLKf6_A!zc+v4gT~c;t$H?6EO&ZQdslpYSc5o3
zdQdwo$A^}AcU9Sl?(ms~^R#DWHPK{Lw=@aSt}*sxtIM`~A)X;ql`gWX%|h)0lC8?p
zwCcIruF)oR-Kf;=zJODeIjzJ&{e;jA$km(fihi0MZuL8-O^E{kX^NNh&}U0(v_CeO
zkS<-CODQi(>Oi*S!0(JJ=>Dq?M@KkdGadVXUrC0%)=TM0MWdo#dC~&Z6SdyOUC_3q
zTvDdEH$@vBo5xwRPq|HZ8HHT7#Gwp(oAN~z`;T~)CkIrpjG=bquyNb*G^Da_#_t$a
zO6l6Qd*X_8N=^x~bjo?sZPJy>crPcAELoI^=Z#C+i)!jGM_Cr(?KrOX5=j}Z_6AKj
zZl;5lwnt+{mbNEpl1rNl2~y>oD+v+HTN^);l-v8vsHz<krXyW1qIlaH`zLwZtRBAc
zttu5Qvao&r9#z5Zr5;bh8=S~4r=30vaBE9Fo8))%Un{Uuk_gK1FYb3@gP4>oXKw6Q
z==Zlelo4#poQo1%Ra)eE5Ce(GZ`xFM*q0ZO-95_FZnr_;@+hBVp2_$j2f=guXzR|X
zkX<_lF5;Hoq^+EIT->;rC8b7^a2_`@4Cdrb`sZ4tOo-=4{NhOoVS0Y<`9a9-Wb-`D
zPaB?ba5Njf^l{ZK|HO#0?chWnl^=GS7vgRD53~|(spHlXZMAb%5^atb7ZPp8AGDHf
zrTx~DZB~a>lB*4_9g2_2PC^gXQmX|FE~UC`iQnZroXx4K?LXw{s_ehbDz{#8=4;nq
zYUZDpncL-N{76x@nX<>}CjV5qBQPP>n)F$Ksgm@~v;YxCAxsCF1rw*LgpP%oO%e4q
z$KapzMYW%Y8!d+m-TS~u2ctxpCk-VRD4vsxT4RB}EhHW7U*Cjz>-fbJzo2DaVBq7z
z8|+x(ClnW$=q4&qSdwD(aZwVh<oxx#)+p&%ce|p`*_k@d&(5nv05xZ7g{fCb6)l<o
zWTc{~g=bJHX=6<^j4cAL)C1k#ceqjSS9^cB!E~Wp*o`X*WiOe(cQT{TAJsDcOl6T_
z#;vm2bg+(wCH=O0?yO&1>BvcgnW|A=^vS>i#2*4oZO_s9j_&b5sE<agLTFV8!a1lm
zRJuUa9ge(?H>CkujkeFhCa67!$%bubG05_vK|&YR+6-=Y8s+n??Wiyt@?e~GhvjH4
zm0Ie#Qy_R)d&rE|Aj#zgB6uGHr+6;tx3hMiypKMAjsV3p)I#32w)g{l@Fk2G;`#m>
zxa|H9D5`Fa30y(>xUEwqD5_f=uHf1Q31AMWY5b%DkcX!|HNU(34R=`><*0Gf9Ui%&
z7+CIEJHPSnN^)=*LoEkQe!cNm<QQ0HeU#hIdjsHy0gwqW$^|p9@j<}(m-2mf2lY{M
zP!x@>cu#RWTKi7~=3);{uOEMoHtHr2nD6At!Iq}DDK@=pkssupQq`0Y8s^g7#Z6cq
za?2oPc*F~HBHd?**qEQ>N2MGPCfh=Sk<M5?<jIRqL%3aJ_{?7o-ZB~}KWYKm8a_M)
z=V_$FN*{yAjFelb?KpCwN5f;Pli^cx%wbp;uyJH?bc~GIi-o%Cv_e^RUM;<Q?mkJ_
z-ICkPu~BH!&;s2O51)C53QID5JRNC4Ir)56Sv9J*xc+BhPCG}2qQ<SQCAlH_tb;!B
z0=I=~9x*GTgo+YUdN^WCF|ltkF*6#G8|#%sK^xShh&i313_eSGbS%tIPQgcW&U{hz
zc_fxOxy?+O)6k%njzf*RWXAEOEA<9?izrvY=;J>2AZxT9EHef(=kQZOvq;ZpSVMz3
z)<=ySG4Gs(!JzZv)bAk$B9=yj5p<%6Vg?f<IgE^jdIzHj+@p+GwCb({14JpBb;!rr
zl)*JSfU|gMM0Y$yy#_}p${mf-oZV$Rp*6^JeS-eTv-U<&j{@e%hFDGRVihK&u$V)g
zI?kpl;{$udLN{UGl$SZd(WviA49x=#VT}?^;wYW+1Y!N-ooTxe7vIP(s>0uf!#U?l
zNiyOCG^PQG6gQZ)LSrqD;V&p?tB@5Dcw=jf;C<kr-{01~59~7cVjo8fKu?;G{6G=f
z^qK1L@qumy!N?P2-@k|HC3|9_j6`VPcd5CkSbW?YhAJ)^Cs3MdK2KT{QP}cnaN!B}
z4cIzfzpjO9v6t2PHY5&x!_*=`xOoIzbkOFWfk=>uT=g8pa_;vAdU<|mGARCH#XH&B
zi><dbvIm<>$6ccKSq1lQ8qcY2n}7oiDG)aKOjGH0L^WAzQOFoBJ8O`IG@k<|6I2N0
zB^QwgSTsdQa3r#S=(wZVFSwYI_upG9!-ACStJ5;b%m%S1sp{66`rl$n^ei+f$8DEz
z+ss3uWtX`dNGy^jG|9!3=87C!7o`2=OlofZ`QnGxT)AonX#S(G6)y&TlO{jcd@l-t
z9TawEJ$g8Qzb$y94d(pz<e@s{N;C3unLG+Zx?w-E;d(oyv?|m+ka2K_V687{ZvJEK
zF40m1C~Tzw?u{`>Zn7+k-~k!e-p^_<jb*%)a(=q>Cp{W1Dop{1iWF^w0)B~O-}tSn
zsudaRjq0_vG};!PYKkZOyV*K4{D=2~Il&XOJAe7^j+ArCKhOqG<bg~o-sRAFvMEbk
zc+3ptI!^lwIz4t&AMMSOu!4W;C4bl!zeNHzmbZe@oQr%z2|)~)=~(J_G=y45{W487
z#nL|(ZS9;i$$WI;t4R06#N;`h%G>Zws<emGGA%wBo~S*niJ@(4WFD6mdtGui6PxQf
zUPpc_)iXg(Pg2)yL~)xvAiES7E1!*n5avqi=4n2%)G4R%k>3S1=jNt4$8P(l63-AN
zP;z6~FJakq`1I(8gq6N_5acvu3jd1pv-oxGla`~&7$N>_jT6w93o0k)eqHDQH+z%j
zW#v?fa=gHECHOXojh?V^v_2eWw)~I4{Zjej)Xdg4=KoaUU!r+w&h;Fd$X2V?9hS&v
z`Kpp(jq0PBs;K#oJoh}OY%~+~vh6xIdK2}gUzRTCMt>ZqFS8$Itvc2(oE|HuBt|$l
zL6?k}`BCjhA1jl3SoGTP-1ctty*s{0h(iUUwGpSOc5o~Zd=lQ-kGP@er4#x(9-;2+
zm_r2zaV6P_J1^w7Gi?@I%n^^J(kPpgiuqEnt$?QG@-`bX=eK~IxRUX{4%e1;8jU!*
z@av~Jg>ce&NnJw)vn!0K)kZ2Z{k{b~Ug#<CQ$S8(#v_5GHi95<o={(-04KJE0?RfK
zykLgthw^|0rv~9Nfax$4W{X`JIvg0-JJjW<u#_EnZsMN3A@#j);gU?-au|)en%f7*
zo(f6-z8}(_)aw6Q!xcI<{nA2dBo9+?M~m=6)m<oSfc+b}-@*LX$ld&3k-N3-DCM01
z<Y~(_BLAL0=s5bhTXPrRm$!IYKs8tsZ_`7_4x#WTtzpUn0-;dv^PfK}{Ebz~CgMLE
zDZWzf9^KwLo#;}kv#hp?i)fcfRX1B!v)??OOucE!=8fwSKr_+zKsMIi*iu_DcH-lS
z@Bz7AcMN-E-t-V}s*N9XPxu;gi^Iz^mxO&BlYZ(o5koh;mR<-1`{)N`;n_UCX!iGB
zI9Df3`a9BrMIb%E?kL<}_B5Y^pCRV#gE@Y)Oz|~Bf)p6KX1hb51E4$iY9}64)kHyw
zJFvZjB7p%m@fE#4cY{*xl$<<@VvEF+4-iW%6GfSc#3K2fYqI4-fd^Q71*}-%V+pQ{
z#}E+uFs?m>InvR2v<yRi`U%CQQlu+Pc+wxqQ>8UeL!KgRNN<HDlt#u(xrml!Po+P!
zFsUC?R24T)?aQ`DNJCwN*mQfQXReS;@1pxf()@oav(He{@Bm`-cjGKZ;!vqhLX_!?
zm^LAIU;!BNy?ErQ((fEdiMTMC6EgPA<%2~xt%F5%>SJd(!{dS{=rx$s-&88;&whGy
zH`jwnWyk20zXTqs;NJj>Dy3SE`pOdbZCRLAaDAO?VY5L6xi=BxO1ZCAW+I|d)6S|o
zc`ejpTnO;h&_JnyxX6$?gB6M0D8e71MhGE>7r&4OX0vlR7s8#Sk0d;-4=!sP;4SQm
zx9N_giTS2Jh$GWYU7)(%ztQ}1m61l|oC%=eh-gnfC-_1%owVQtqJlR#vW7|K4%VQ2
z*N#!u?fwGel}XYhD9A)w7@;tkHX<mHE<O(3DNkdRYqdW9LJi6}5H7M=?Ju};cW2ap
zOdAqg)@Myv)K?AA_+~m^Y0uCR%FY9$(?LK;?wiNHyp1_}6sq)$fM59p%J|3)2C{jH
z3^j=@AT(o&cn^A@VBZ18{=BX3#P5sQ>iJc6E)6pi+F0(09e31bDXfXO6zW)_*-S~S
z<JzIM{Gr|bbzdmZc#r;6c>rq!o~?0WKM7-8pN=+D=?f@)S5m116TBpDPTShoWMHdL
zs3Cjv&x6h%x6OfG1-75aoGA*(K#$_fK$}bMa5P&fN%DVMe-kr9wkE@^(sZ?ChhfHD
z{H07@wtG@J8r?gq5$XCT1ozgP;da+{&v%b$YY7{}|2PIVf@|bz$2QUL=~rMcLfu@T
z`;)7xypYK1-KczA8yD7yaRgDmjlwmEOGE-Rzb&R^pl+<2a-eS0<q{O0d0;hCJD`k&
z=$^(PuN45Lgqt$^u7;f4udESjoZ5-rUezg@o=hK+wOZ+Gt6V4&xbDhAjtUz^IMP!3
z@P}N#>_~J*kT9{2N6di0%eiwDkSRW$Fd2ufNNwv3gB9-ER{b6uAE;>uy&Iirhup{i
zO`}{u=Xu98R&%dAm#+rK?ut^Oz=~)eP{UEHAu#DTmMwPFyLE0#vrT){>lguYfqxS}
znxZ7rZGKxs3M<o{D9I~z3vR{r2EzP7jO2!XA2DHmy;t`}*FfJ6%JNc=`l9H_({9K-
zvk`HmJ5Dg!g<9C+OF6SKq2xgSH|+SL$bx7DjX&yzVTu{|%d&u%cF-r&Fo&;Hw$ET^
zm>f|4fZ<<_Li57d+=H9%VDCINT9YGc5(>ki!^z1zxD1c-ymH$x1g<BDC!Y&RT__8r
z#@+JG`OLFzp+H+m^gEwz(c(rq<8QILnZ3lJhiK2XJSoq!lt9OBPnP_7!byGGnfnJX
zJcQex0B@jre*pXUPX_AVb4NXGqg5<{C=)<FQ;$8tJCbZ2Zi2COx#aBn^W(v}^$7Lv
z%cWFK7EOTRPk>2Rj+N-<SM00yh2k2Z3XDUzWFVLi4F~|M!3PmwdA`28Pcgupt`_Sp
zLE6n9K<M*B1m%|p7CO)Sn-*M!JjdLNhB2Mz96T-pGL6q==IL`8N=jgUsZSYK*t(Xy
z81lfuT^5c`at>-_(N6&{SRTcBTzvdXCcXTyIGEYJxo07(f_qV)vRra8;}~)=W{z82
ztw*wW5<>`eF1~tt3nUW9;n9#DLUi(n#*QI^7cWIBj450_26kN9wS-j@*?*EO!QsD1
zHr4Jg$);1i5K;jh!t4bVOdDEtnJtKUM&_3v${R)=4<3$_PY+^#FKq+UIS^WE^~d!`
zP(hVsUBzrNjt~e?SD`+NjW>z9@d#Y$s^xa7LaCYFBU5gBV8F!ATQS8n(J+41D4p@o
zE!2^6Cve}Qx3EpZ$u{N8FT|R>&!e<Urkoi7?G>6qXMtNMfe4B1bq>`z;9qh!V8@pq
z-Kf0~!ylnkG>_rt^wq^dV!w`sB}e(Q3rt8atj}~h=o9~JGM2(<*EuS(?ZFZl(cfwG
z52QVH0U#}9%U`55BMYrMNyrkat`BGhU!>PSU#{?OucX7_#Ep*6{xnlPnqy2%+ZL5U
zDk-1l#LJfGNP-d}dQC+Yn5v(Y?Vk^GSIh*hJ$dH%!zZ1aBygfLku3%cQF3Z4YLN`=
zYy<YhoMN};^#Qjxo-!aRXZi}a9^d`nD~=|uqbK6qYnPQ#uTP#@!)toDsulksFvr6h
zoz-=v({&@u?xmveTSzqHOh6K%udhQ&Jf?m4_+UhZV5%P34=i^^e9fx!420tOdX3&G
z<SDJA?>_-PVY+cNK`Ygn2`H;IDt2_1<Q(Edg#CzK&iYrzp<|XmBi*r-Ih97+VeKMQ
zXKX^`ps5hL1_(H)dJHs@o#rmWzciCs-t;<*TsoGrH+e3yR-9Yb|D0=N+0;1HLspKM
z`%)alUT9GJSa#cU-3|(kzB_-32^%g11E7j*CnF92liZEt{|Z%fL0ZhAcLl#Y!yrok
z->Zz@wA!%$QDww5`2VxY*c|fjDx(bY+XEH)8wD%9A~!UhZoopS|05aP4v<Hx5o+@n
z{x|u5krf$$tkz$F|3g-lF3p!&K75701=J|6Pd*mv3I2P?F);H#gd9KJGLoCs6Vy!_
zR*myGfAA$QSTL=I0L#MK0oz=B;7D)4{*o9&jM?hb-xk9iW;ie;@O6czdmIAWDW$dJ
zN{Q)7AjO~r4TdHF+5c1f;AHL_fGP<jRL*;0aNuV6fS`+4ydl6U{p}k37djGTCT;{@
z-4_uy{EeA@W8^_aEaEsg2g-j6j{Zq7lzkY!VG&S}o1|*M$o;U4lqEkOC5fcsXvT<S
zmnovmIioTC&UJb65J7{jeFIjsaS8c$WD*GQ{poj}LhYGp-J4;Mz5)eelj+h#C)}AX
zL>ST<=MY8!A73B;W~=eEw3ikJ)dTvf!qoXB<(?P`#2XG~<%9HBuVC*Oh77ai2qy5P
zQo=%1^yJYY?MryWNT@yJc!t%>=hUk`)ZRROKn}DU=^h{TG?-vQ#}?KgP?xWS$OWkj
zCwhf$;QN?2$E#cq2Y{&;5pxVGqB5P*M%cy916apAclhIa(;5gT|55@OJm#P90wxxE
zdN?)pJuV;K@+?n@+%Hlt=WU)}5+3)7Fh67PR||OD8^xv_tXA#sXg);rHtQM?Z`6f^
zzadH0&mh(*D+&#2#AOAB;s;f4A|OWe?FC(vcu73VpZ*NtZVC>`G4&UIx2@zR<c9-b
zN}-X^Zx{esdoXJ*nBV+`jmFl$<piI<kI@g$gmw|$m4<dzAa#hI1HKOjb*ajb-YQ3B
ziJkueFjs%NX;!LRoN#s@T?9?;r)<h{htKN8jGUqtbBrcfht2>-NhW)OIklbPVz~Og
zaIRhca2S(B6pERMGxGPXSE7(k0)WAh!H)9;vgxzkw@m>Gj7xMav;iimw`8u6JG3Wi
zI~RRba#70WVFu3Po5&LbN0?SIuvCM=eufTC|I2|b4e0)}diVl7O>F2wrNS<1-Ea5;
zyJdp31-c~#8nlTelwrsYYtn}Za#zc^oJN?bP#1PnRhL9&;wkQLnT?Hl2M5gp-wdy2
zIM6T;>EIc?$$JxwW-$`_?4KpQ2I2kq6)3O!)f-}r1cmJa`dC4UkZsMdgd{ONr>`4F
z;WPNip0w2xQJ&``6Gc6~@7T)si9nFHhO{87%!w=|roE=%ETH5b_-Vi%DCXU!U2v&3
z3b{Juy2uaq<z*N$U5UndWhshdW)fY#*2lWO<a(sU)Bc`zSl@Ix9k)#`MV@ksb(8aS
z!)?UWA|cY<W`9e)6r`p2-=klHrMtQPJTlq6uzA5Rn)h|)or6;sI8wl>{W0ll0Z~Z`
zJL#JwX@de<tdUx-=La|Zq~jRzgZXOjx;W-k`g|25bejPG^X~dOXN=SW`{vlk)X*~d
z=zeY*G3@!8??XtBLxHMPq2qj3O_m$wzFMpK+59UEBLIJz#eLzVjubWuUy6*yJrm81
z_2dSAr~t1GTl6Pp8*`*G%zUnbaapQpoZBU~2znq(_(mB3T!{aIi|#J~xaii3-U05H
z$X!y=>@R$C_L|*J>09uAw+;~EbGYo7S=nuoJO}-NB^KZv!cV@Pf$1IiJH{w>_G=5_
z){{dL2Dp6-KrI_;hi?!c=1M5~owqY+MGAf=Mc{+<LanAIYPk1HK5<;T-iqiG)VkR`
z#6PW-JY-q&2AY|NXu?bEBn+XhXa;Aq$Ui+lmM1-b26YJV&y*sr5Q?RLK{M1{C=&Va
ze#^rACA!bSlSG*|`@VqfFLuqw?+q2%$uWFJhT?qVaRjchMogLv`@tbXbSx^j0?NJ>
zX!np}IYTS%)1@)bm?A0>d4rhKVG~I**<p;bwU%Spd<6BwXa|U%rNm72W5cCI+;G@~
z<(iBki8Pjx+a!aRL5F3QS*~8_^m*e|A$>DYL#zW76U6h=f<fqDWEYxqZ!>q^5*`&B
z*Ua-sWRvE_2r{P?(tZFd4d1`H)L;dlkv$NsS?HV?vc4I1;Ko<*DA=0smR*)e$m3uZ
z_<k)EFh-}%kfx4+0OUplk|6Q@GhvWksyi}lUxe;;t0IpF^$1TWv79_Zx@W%MR<=#V
z?QM*c8u*up-T|&hQWiLEsrOiYtM0?RiPP%L?ytoAd%gyyl<2(Q@2o$=*;TxjPOqic
zs)Q+EW=9I4?5iyk_Ma3Wbkh#K0bWiVSPTbueOM=7XzlSMBUZ9#VB#&hQo2w~nNwt0
z8r%HPRbgv&zo5>Ms`5Z!H3L+aB|xgI?J$2#QcN=SPDSaf95cyw)a1m8+J{=)8&5zF
zG#A#y9M)LtJvM*$vixVe18Z5|vC!7q#d+)NFVXyvw4<s1PrGA2smIyGR<6i4rs_pA
zg=(BYdFJ=<z(9ZgkO;Byj7qoZOX_$4mTB!To0N8_PMIh;hQ1O6+di(rkp*z_P#>D&
z_Q{(FGF{n60(?z?H+z-F2ZwBiyHESC*^E8vzq1(`^G$~Tn9X3_HJAuGhfe^wL|tdL
z>d7WqjvaeF$tIJZ%a@tX?*9#Fo}L{M)MI9W6h?{G8&p4+JP(}@!dN!{0W^pKxNU^Z
zPdgcg0GFr}#{oYOqj+pb$0P8C9b1^l5S|PdY0J6PRu)MgP}p!zOk<k`YWjb+i7XAM
zm;0%i2f<*uC>w3R!a)Q%ehtS)BK8)dxy}ga`Q<?6{uY7zmHsh0!VV^MPQ)-sbKpyK
z;!pIz?H)1)<(j&oeQu^AQ_i8s7V_#X%+SL&GJ2;qg~^1Uo=If<iiq;Vi&5<^dBx$!
z$V}Vn*AiHjgrSM<kRid)l!j!1Z^SZTlS{4_G$?y7{t;%-MUNP0B21IdV4J5Y4Tk;r
zBc8x3EjL(f>yB?dIA}&+*UOX8IId$5NX(X8)D;msRGd%53fTkbC?dn>D`zvTb%hC5
zJT~q4*I}m@U_K*jqR6u9YrU}%@@_F~k+tC!)+zm^uFz0%RXB|i%L@?)uv)*#^Ar+(
z|1k(ycEaa>BAn;lzl5Vf_vipFTvKKBKNF5FfN<RY5)KHGuUZK7dh)klpq{{)B7?x+
zNA~2-eL{nU-mx%gNnR*O1MT}vga6a)h=u*H_L1*5fPLhs1n%`;?4w59|I<D)|Nq)Y
zCjYXJe)pK*r8yJ-!#>)_FFXAxEZaA3$cm*lv6K9wja+<|qNY4_%v-oJLKgOfKSga@
z_0GxLCi#8jQV`Ar9#u;C3k^N$FX0Rt|0Ntno>lz!)GK#%-yEQ;l*C`6JYgN;dp;~F
z8G|Cl>a&#mS)k+)1uhX%o)<4II@vxf#4%^jYKOlIK0X5v;=O&S;J>Y1*dEQ=_^khV
ze8QEzf&ShDiqpuC`66P*i2>-`U>1|(HlPTv!b|JHwKD~C$iBSxEJHZ++=I_^g}$W3
zlAI)U%*%XkS9tS%Do@FMzFl8mr>6qNgziYdXA*LPk%$)LUgZ(Rz+TLRUR#7^5lZrA
zyM3@w+bQmZGvV|4N$CycPM{>U-E#;Oe!MJvywGj?faLVAFsVw|&IHx;Zvo}%JU7B_
zt8%1MN`xO8N9ls*W<6y$%S=So-D7z1$$)Bis6ehovs5p(s%8fbHx<QWFHeORwl-Hw
zWaF;Dz?~?ZtW92KC<sc)dHkGs6wqb_vPG&8rEx=#As`{Q{n~1<{Mv%K(8Jg>`M9v<
z>w&LTJN26wIRh4uXF13ppURl}rJPXC!0yJF-5kNq*$;p3E0ngTcK6xlo(8t?HT?SS
zRmE!wU#=|eAn$gGvy<CzS4pzom&nX{)LI3WXfuQ1YJPwF@!hLrQOXdgWxS!N0*ikV
zXuM$tPQUB`))=V5rhc0iVn&SD<O%wuy8GF}Y&G_2|4m;1!X>|YT>_FkCCtw-Cv-f4
ztb?pA-->mB&=9bOT596(dDAf3C6&m<x{YH20TX6`tYIULYY3SZEN5@%K$WRry(XM%
zZhjlGkBRko7HZ`o^5Ehs<SXJ&v$WiTLKV(w7+TfNqsxeiZl7q@&7;Zf){A4F+m)NZ
zqz6E$9(4spx!*8fV7u9F=Em$fwUJtcakFtq=-9f<&Cfre!${+7G%IT=baj~>wY)0&
z=0gVt#JVG?-QWXZ<tf-|hsS98-6F6rphUn2L_u8Vn&APzH9CN`cai8fP0JxvU_cF(
zn08iIMP}{Kljyrl#qckO!@4<F@1-*&7&t3zr!{#sMQC*|%Y2$OrPQpu1+-I2Bu_`X
z@xla%J$K9L?561WsLG7~S#2rJH&+_2A8&J08ab+`z6A!lc6O{~72IVoLPfvRiBe<#
ztzI@1nKCkhmR1e*5MS}xXW+j6CHOdz&^~6+ZCev&t<lljXa$DNDyk0`&*1wL$5AN}
zv>@(aPu;D}#qvi_qTTG<%WeB_<NA!Z7cHm!l5qvSt7FivoSLUQviSAJ96fTlh2(;M
z#1Rwbp+k4QUc7-!62tOJ=}RT|*)4_#B?{7FLS0@KDqS;B%Nz`M@}KTmA))hl71H&d
zx|i~T$Sh}ndqtr0A}vR|U%1cRKdx=o1l~I650=C(uDWae);}+$Fu%5~-+gk1zB;@s
zJ~lD*-l6vi5Du4pxi9CmgV>c}^T>kto!t$8QwscKY{a(`MVLF<l$8tRP#N8OtZ`J7
zpcZOlDxBZe>>^7Z_|)p5%>?shH9^WP>35fE6_&PzK5nzsmwJ||O?XS;jNhtmv})r?
zzANSG;W!s2!uTNpj+4wo#icdvpyfJ<NUYTa?HR)zvqjrM`?G1fxr|AA%)plXqLKXg
zj71?{`wG4$B6IM<6fMF=-sB91!X;o==rWRwF@g#O`f(j|;|nfHb>0nd7#YDnUKErV
zU2Zsuqyli1?<^2wG@2Hr2R4=U98lP*)pxMV`0{m*RmtN(+GYH@mZ$uOqj&X+D9v{N
zwNN2OdQEHDiqrSKf<<zrj4NBB$3cjTh^4FshzXG@F7N~gu<k9LNd;1HQ^lj%oQT1G
zbp5Ebx}80S>z$8|Rj4q@mxBkKqD%5B7&hwFhEuB7>$`fV@~vn(UYr^*)zy|XiB!=3
zkrri~9ogmmBFFZ%%U6iUKCfpixXV620wexilz8wcz$j!8@vS!BpbyQVi3eCPQ4hk*
zU&K8)>pmwL%aFKh=rTN0Tk8mi?MpIuA>2G)^L02|bEZym|28Z|wrL$N9CM~b(|pAn
z${+sIdq|=oDcFdP7ltZf#TJSFC~7Y5<kVlnj^q32FDJJ+@-VCCk}I4dWXfIh!5Q&7
zuR;!2h66sOPlp2)D~0jw@XKUxif=oVxOI2-wx%ZWEGIadxoC0;5dVv^Z;Y<9UC?f9
z+h${%jcuoClE$`e+iYyxwr$&N&?Mh(-!o_4GjnErGe35IJjq@wdp|o_m+wsM4px?v
zy@oK%WB*rh%O62Os@e_}d=CX@^8NFd9CVsBv{Y>%ycD;DV*LH!_9TTIKj~H4?L<kj
z^?+AAnO`r6c6#I1Y;EKjfMwtzur-D+Ihs`C17KTX<D1EXW49>D@FT+uyqVQr8g4;W
zbj?;r!%E^tS<m8Iz*kCa-<A#bAU)nN`|^4iK=1qo2bg)}nmc<K_!A!V<df8w^l~gf
zq2BXuc+@Chks+yoow_7KlnYLfSdPC*Yu~#nr80lX`AX9&NiE-xV?UZ{`IW9_T6f$O
zaB}xKQ{A)duOt%-ajY$#R_!vng2@UTgL9FV<P)W96Y1l){y|0KY}e<kjmm7#&fc9!
zzUN=WvV3in4w&#v)o;wZ&Iuczf^Y+@V`1RIQ-Y1u!F(ET@9#ANefW6c0FMeeIeJN}
zxs#Iu&AWl@H?mM5K;zWoAwK(SM<*K(HGdgICzx@Yo37l@L=~dUlJAPy_SX|Lf$XJp
zr1_%<!zqKWJFV$Q4~>t&Y8x3`ChsJ`GCdtnDR+2-X(~XDEQ_Gn=4RzovGeNos)o)r
zMn-+C%kz5n)Gaj2zc_S|Oxig~if;<fXI$z;)%PZ_Pl~K23tj91bn=3(D9GyqXZ$tp
zkl{ZP2#OMITEC<IB6d5{uCVZ8;YJ2djB~d)#@aSMlwJuW{MUp-hBtJ0eSNv>Qo?)|
z(90Em^4rJu$g~Lx1UHOfrQi$qKHmh}q3XUxpb)AtLEiS5{T1~$BTQF{&_vGNHdbO%
zNubdI@F3E5yvUqN$6Z$Sc4_J+9B@F|Un8TM3TgPhPCge*P@*mAp6|Z>>+B|VlN|G(
z1OgMMBX4x5&A{tsneVa^+B4O_r|$&!B++|m<4kzHtgaQ6f<Knu3@76Bawy+j2;zxo
zg?V;7F~{0F*(wR!`u0~-q`%2yEvZcR$L)Q6NK@}fiL}g+uei?ExR6xgstbz5rj=F6
zcI48GL#IOu6S`-l^2-QG%|tAUKg>6YtLg8V#UwWwB)qTuK2_BLCp)(lF-rq-zAioq
zI9(&TPwkm_{&<8Y_M6u1($MWv<2dK)vBcKu?b1+^wq}rMMAUr+uk*tQzy@a;+#LXF
z)(kxm;f}?S(cP6*d)Ex&iu}6>>k)Z#{b_Zi+B_N)R|t6R#L`WT0T+SN(CUdX5rVm2
z@Eeeb4(MhfIe5x8p2Pc1E~RTay>ndNY5ZGoFuFiLSo}zq7uzj^c!q5|O+KjoC<9jN
z2@_(V(dt5B`cK=xTIDpozpd?p|3X^sWw|nW+uT>VYc8ysmR9PxhMcYp5!7+2-ZnRN
z|Ha)#GWz3gGyV{w3pql+jywi5%Dp2v5qe?f46iGBdp&UBejqXiBS%46bI-FEeV$i!
zvKjop$*^ylEiXF18|9b=|63UrBYDUF|HxW$h9?*utRA~q1<m790Eaa!i}lzSF(7ES
zgO@0PT}WYe13fYfQCfWPV&^CqzmZHHFo(CtC^brbnzh~`^63YINT5}>{j%LHeA)Y-
zt#b7D|Jo|Y3HUdya;5Qq@RkSGbWQYAmOBH9f&AJNUtOjbLOMIhHGJ}!BbtxCW>-M*
zeD|x5miq@d%1>ZYjM>h=Jnx;60lrT+cA6HQ+Mg0n>NCfNwj|=h6M*^x5PWYOmtVM8
zx&^~@eTY=r9~o|WfLOcB`T}4f|Gh424$x)e{pbG4T4)ov`swTl&E<?koQTMtfEjF&
zc5>49seQy<h>U(JGk&Eqq>3Zs>_5RSK$0N`Ca86P2pHKR{^Ne@{df8@`5*3g^LO5q
zNBn=%m&bq57xTQ7zTdI*H$W_%T_@~MEIqqVPNcSY%lP;wWSuK|J0O@I2rVk{jVerg
z{D2PpcWXTNDb6x9`q@g#7Zb^%n~W?&L9RAEokMK=fPAHgPSpY0{b)O?=XitIX1Ykc
zv9E>VVYI|f$Hk#4Bh1{sUQL#`q{FUWZ89VOaWoZ8qQlON<zOV!?o0XUUlis)WT}#H
z_@18m??X_;4UqD-qe~whY}IGE^eLNy<6Qx`f>p%Vwf&|?|KKfpU;glxU7>71ES!g~
zUYMk}h|I~4^4Z1dO{)%>0<01a{;k>T3z|QjobsXAK4`2Hv7$3^D?k9=k>$GJQYJ3c
z3BFxt-{z|K^o>a%ZCdpfZ!*0-7XD06M)#{`umO7sfc={rl@<3^HDYx*Er}U&#B$Bq
zxfOl{BrQVRB(>zN{VPk6=lLf~`7lvvFM9d-#nr7_0C6g0TvY)9D!336PR)J5)~6tY
z&$;-_q_aPR<dg$}J38N)_H$}sj5Oz+eevkZ{6WKBzCb_Cf7E{K69ih60p1FH;l2j0
z-W=QuaCEf}Ku^9B^OS(yR&{N3U<E105^zON1ENXv@P*Y|7*OUuSRtNniuM@2e7%bK
zV8mA*>j%ovj!z=(BEZz7#?Gf{W1q1JQE#q1r^{s)y^L$&Z7mvOLKRk2Kr8`Ea;1iL
zfa_>u)?pN<ZW#zTKJ_;+=ITRoT$eR-&@pl_<}w(TXHI$vtj)QKJDkmO3HM6_OXQ9A
z3{?Z<s(4JBMA4PmkMo|kX(hf9P07g4F0N(X-<NB0)Q#`WD4L2qJZ7bCq57A8Cr5-A
zIu+4o)z9p1n(+I=9+7q^Pao<vA`0R%T^Hr!xylK=u?eX99~Fh|Pzu(mPkm0TvG;HT
zJ)e9=I@Yu$nwm@x=mN{J>0ADH{DT^_O9_*w7sc%qv*Y}w&P+%bAzVjfx!{*dV%ZsZ
zG5K1pz*!pPAk=0Q{Nc6?KAb&OggxYVoJX>89emYDQ_aH$QlT-4dNJd^I`#4%q-dTo
z_Bo>|M@Qy!TqASSseo`|cJ1aQs2jJEwXq~=lPPzdG-h!{R{&Aem`T`Jf2R+35T{tb
zvPSB9kw;p`x5_+uacRMJ4>RTVN$^EJ`g`%=do~b^VD>ll@2b%}w*aC(=zH=*>+aec
z-eU{Ph5aH2z#Qz(@*bVPE_Yjc|0Ij}xMF+nn%e!)=~{Td45xn&xQPzF)k1V)wFt$G
zT5F-=E&?qXn0Bki;uTMK=5`J^QU;pyTDAL(J3l=tUkQ71-?T`3a!~!Tc;&CVa}EB>
z@Ll-IcM|fHR~{e@y60FsG2cf0sO}8kAJJ-D#~*W@&)kA@{1FqLn(qfUhM!oGanypq
zr4JcfvHH+12FNufZ9vqo8m}p174Fk;#5-xm+drgHN>n;a&56kF8rO!2uop8qf+e)|
zToXAD#tASahJwCY!d`j@NtT`PY_LRx-9(87kYLCUAQcq*h<2O!U=D><B=Eu|vYGny
zTQs5oJ4-BFWLO+n{Yo;AUS4ybakKX-Ul66$5wzqB9QIr>v)7b4!XT(%OI_W6XQtP3
zp2ViXXt+d`o<w?bb7mEbMNN@N9WtdwhSBn2H5&8_@9XyesW0WR@)D`&9IqOfo_N0E
zfadw+y27PmEryXDsRmqjzBW!e4z#nURSIWQbatc2rDN&r3G%wl_X`&M=XQ5AW6m|y
z$mKY}ZzeIT`iDtWx&4hv9M=9}686zbj1QkLbOr*qCF{9kteh;nIUOzA5+ysp_X^@J
z*(835Jy4;qITL)@=V0yH&0mo;SVt!SOO!Zof=s?Cq~W-g_WKtuas2rI=Mw6a|2HmC
z=|cPOxWrq&6H=HsOE+lPr&qZ1rr-b=DXXC#!5&B!PB>#jqOiSnO&MgSeNoxnBwW$j
zr^^GX8xw7sxAd0Tszid}N5wf+Rp~_KN{#Gs)?wMmvmtyOvF)=VOnkT?q7(vH>Z~2t
z-Uqm#=iG7#|JwdmaFFjL;@1R`M=f06Vg$sIil1bJ@~LH_a|96#c7IHzk7f`7zv<7Y
zDEbm_rYK!nyxN5ZKI+TPRfK*|PMvVxZTey$Jo<DvbD-%+<!H5mX+S^PA)W0fW+0SI
z%9h0SIzIOE-0AK74h`P=e&h(l_I5=ix6dZV_aYmqEAJef;rD8Uwhco!4@)2Qr~1UA
zqA6<7`xDbofQP4>n}S`stQ`G98vXk@y#%ZaKkIf`_OD;34-GpC&l<efv>a;-cWzu3
zE`cVk@Z+i=AChVyFYTKVIeb+V?)a~hvl~2BO%3cxr-$>5eFR7*(3b;48CML8<zW;*
zYRIS6l?-G;^9R%Fh}*(hnQ<z63c=HrM!xqP4xNMv>`ef&D(rx)N;;rRY`yqbmpB~|
zuQ7M#WW6`v(%VdC0URG|u;2F;5hh-8bz?XB7avs|jPa-ez*=F!sS8g9SSx#eAYX3s
zaG!l4ILX7EPcZS}4|K6_zbSQFp#=Z~ycLuG@K*fI+`6j?Hv?7}2BBg;V}U;Fu~rfW
zZwsTb#!OI&(uT@k*HNWXOD53`ULhfGMv2NVaou3k=#nR{!TIMRz0k-mCqVx91jt$u
z7M|&RtW0V~Yu3=0=3URL1%dODuwM!KKD7uhfYPvxQ7ZgSTD$5Jp~AUWt&s$SJgRql
z^hit+QPwqI#CLrYd$1KeK=aoy%zt#a(vLbR<D*n<;B>*lVn4tt@MFAG4RA&Pr^US4
zpL*|39E<Hg>b?8YfPoW^OjZh!^awKiq(KH>=0C$#UN@FDY488Y)!JS2pLODPjjH7W
zG96+6k?HupIU_3fvY6Dx*SJ5+#GwzcKrUL^<lcF=k{B`Rqq-L)Y3Nr&+f8nfom+30
zn3hd5B)9Oj?i%P+68MV=Eh2&;re%Y4-21l?k(Xtw=Gy#rTm*>h`=U#DQog}Mf2RDM
z?`UA`2EFMDFa5TDc$T?e{_;C93x;UhV_5sM7{R|EYp9IuA2tYJ@ZY2mPOsH<;!k%~
zQ2SR5Nw0MY#xrGv5Qor(`>}iN--*Rrlk@7C)6ajYuV$=v{P+6mBKO_e8v#<NFSwnc
zg>4V}Eg;?T>^Sa<sGCCW?|gxDxMzYG7{Zy*e`^{1a_B&|Gzy=R@_({I&I~>;4gIk~
z(#ig}R><zG%b(0F0~QcMe0um>d8q{J(b=K=Ry5?{&qGXCuQ4p)LE(7j0BHh!{X+Uf
zvrS~>+J8nn;$}X6M?0RjQQ>`mJ0ZOP-U(?&w;Nq{i1C6!03xO1$g${ICIW`Qx5L;(
zpt7GvgXVGLXASsoxmlrqlbdbmx1O7oC4Xh;Hf@EmF~8c<+tu~iADnk)SpJC=eDm`B
z+v@0`aDt%o32U)Fy1j9Z+b90s&9Eb^=YiMQ2@huzLs#WXbaC^WGSr}hSHTZ#MjD1-
zZA-yUhl0pP4P-BWAi@PdF*9h2-nxoI9*ih#g}((ube~jB|3oiE`qRNL8f?=MhwA(!
zt^I}Ln7k#dz}|(ZFi%-T_iv=Zau|suW}}QkI;sz|5eR-a*URUZ54(()3uLFy7Rl&L
z{qf4L&;Mw%Vk9}5u4evevqrh+iz58BS|wDNMK*T^Sgl$GtX8=eg@^uGt+I#A8Fs#Z
zg?+>S#wNFq{vEniK`@MxrZ6VF#Uptg6RDq!My0phdz>8>+DH7;>YoCtp)k|RR`!@o
zEtFRIF>3Qf#U30W)sfu!LfG&0RFoe@rqXs5eW|W!dneVYMRi|(>TzC6M+u$I9tsiW
zx1Erqh$wsPf+i?9@EH=lLr&QVsA=>$-|j=;H7mb&^=H0N!aPUG_f87dwA=kk3Sv-O
z%;!JU;z@Au2R@LHjsqk-2b>lBIf)HoRRmA}>j-oaf!%OlCkV)~o>#Um(V>gNFp|5c
zWxM1@J6n{1&>p&)23Go-EVJc@D8z0zn~DF(mvxFDjy~CC1VVzYPPXy;tsA-LRlaxW
z_vokO=kF<dg6BhuBm7m7BRf0awD%Un7J}@N(wy@)qw(8Zv7EEzi0tCarW={@*Td)1
zF4R&9FomRwrFGVu3kqW|enP*B+*jUO`bTE=CS=4msHq2*KSHB4x!AL!+?L~|s%AAh
z_)qer^M~#W7)S8w6U>PBP=}jHTIbj^>$4C;A2LhCx>i#{Eg?w%8!7+n@>nX)F-k7l
zXM>X;Sm(2>vr}aX-Me&E`mZUoY&C5XRaOl;F`0?r*)n9=%do0Ucn?4%4t=dOeZ@nX
zX@^U}5huHf_nkerY~gU1XMuaz3Q;SRPy<22x&452gXg({Cb=H^d9RPK+wh)IV@|n7
z8f>INdM4F6MP1>OtglU?a`lWE5{zp0Z7p!E;asyT5Id64R&aI|Vel1mW%=wE8b$Zt
z6IrYf9J|T{C|wI_rW83u1iRE~O+S_aLsR2{&BiJ^VWyz4CHtTAu?;`B-r^}k;+E8s
zj`GZxp3G|V*@L~W{L+=kI83z`h*rF;8T}FjWXP^7M76lwN%Yu0#*<^f^O;~xth;dv
zKrx)~<;EU0E-d&WPBWD3XPT7<uE?^_`eCB)_Er%Jn0IcC#Rlk(zDIaVWQJK$MhpVm
zCm@S0ePO7<^1kP3Ud%A9C||s+(f5;Jts1dEtFYeFIGMrfD)6%{kH^-{JYt?KC$X_o
zS&bJf*izjc5|S3h4{K<C9G0?$<}b_Y4gA$wXoKApa^nV4=j;_{tc241B;dwr+Zj%O
zgpa;ywNz5iM4x(6P?So7@s!MR+R*u?tec!FT|YN9>LKJj_6&M)pO@(s7VY#hBg@}%
z5AJgeO$W=71pTTIvX1A&(zeq{$fFw<v>}_EtdiLu*Lo4sS$>Jz=x$(05d?*3#U~XJ
zpL}r?&ywPF9}8tBMgZUeQG5Z&WL+J`7fH3Z+7)YcPbTaHB^ge4CA(?$>2fzK?dfu8
z9o2C4fJ-x0e6?b2&wwAeI8-7l-SCjy@Sye-bqeP!{pq`cwJZ19InJMc@43Q2)_`oB
zpZT@^ZVaBI>s(6ndj&i55P1qxzd~`<_r)cqF;Lz9hVh$Q!(uyy^kx-KosD`id^`dA
zt`zIPH=Bx@8_V~{CagVV`P-skvdwEX?>widqvp(Y$YrAhH2cJw$yzN8dGoY>ID5KO
zT`fLjGxyg-DTtpkx%=5ZK@wUi3fQ`NoZhrd-aPYB03jo~od{|-R!y6flN%g<hnu%+
z{H`d}biC8fDu{)Cxv?aO<sct)exVBX{mFe&@DqwO9EUi~)3``??6Lye<i%Z&D@0Z<
zbD259`sN4~ZWaj!{CSl9Vnc?0+(qc|^tlGzJBXv!?(!GY;o#IFrg#61ldP<)$pLQ;
zK3>kn8v^`2s_>7Phidre9AUoW7=$zE=a@)pyaPco*A&?wYlzF=yb@LY&LRF92OymA
zyHkbvl~Rvs(l8n$sqam_am)nymB<%Q(r81moMgJ@f@J#SA<9Pw8k_n2&GXy(FD#EM
zqCqKVp29V>l1&Mx&!~&df$CUwtZPy7SY*Kq?9N=B$Ix6K28u(_6K&z&yhlzf_Uyqv
z?6a#@!=nQ{sUu(HElL6jn#{{u=w7bA_m29q$25;X?K@tv5iC&0hq1S}VzkHobkAIB
zyD6G{ZkbC|QTeq#UAFNQzjo1U&}_nHxH=nf&7!@p$G;;>3SD(>rM%Zux!+Q`UBkDR
zt!8AA-dy~-t#E9xDejGmv!3=mT4#`ZaV1;i!${+K5HfmDTQ_KSjV}E1ip-#-w@SM(
zy1{GT?0pX{3rps0!2DN#diJpCDT3}EMCGAR{{9snLMcM1aFz60T8r;en>Pj<p5$OZ
zBFWU7SR|@AY}*kfF3qi;`tA_e>Er_`hwKijkzM}yU&DIJa)~m=GiqS%&(t|8_)o;&
zzEoF_So<Mo6U*<}rocC&!3R$#FsQ%dPOeiOGI8b{rW_lZyJFO)FNP51@5|x{S3nzZ
zlelXw=a(nwzIlvTSYE~+NxVIw&wgJ};3Q8~DN6qQkf$1^g3mI7@|{)jMs?E6p;SGu
z0F|GAPy6z!Ev3f7sgjQ{&x@h(MIho<5Hk>j0j*K<raSzHlFbDWMgtU6dCJdIIY80X
zPGqNl)Q&=>RIYgVzWn`*<b^~+SQP#GnY|Cz{&DwzUBye^tXajNNm^IZYpwg(3iL;v
zN23Qh)y0Yb_(`o*pxdrbnXijlMe**b?$}v$GXq7!DVS%oSTTY}A~UHxpH(1_15sy8
zz7N@P$c7lGC4esB>n#}d3D1w+w#(m}Op{PY?XbxR5|s)`p65QtW;s_V`3!-*c$Ge|
z57taa&D%r}g*1(jDx{szFaLhXk%<&JNS&E9jc5jTBqQHQ{Lp?HR^mAi3;6_sRhTJ0
z)<~R1_?8J1d6E#ybDUKKSeHrUmQlq&uA#t4f^8)3yj3o4qnk>??rnqFPSQ=tIDfVJ
zb1hv7e4QeJZUI}lB=g{BxIAJll=)yeSIHtw)=4o~9~3N8CC~J|U$jvwFv+B)l8OEI
z9OjAhm~F=u1lO-_&PyK%jGDBG0{5j;WI64UKV0a)Cu(0r{s^;GQ{JtZ2ZB#UR)$bb
zg(@b-fslFbaAcBh_$HjtTR9)BRRUM{16jAgDM=o>ND)})bTt=wLwQh2Aw2#z;!&pO
z&wQH>JD2*mnGZlVFgW-_njFY+!25&QUeTV&6$nCEeBh1x>u2ACYQG<il^DGFS|zNy
zORVh6GS-!4wX-A7kF``9yiR_o&P)B0#i6k|s5pXT<U*b_pn=cjbdNo|2UoS^B~iBW
zBJ>A)hcfb<<O`LXYHfC3PfFk1O1mD--VWDfrrLgQr3F#_-b#}$*-W$YQIchqjg>IT
zV0zQoLyc6*LNDSuybJ`V)(iHLY|PD#4HKo-=soISSrRXJDvwfzUb7=p(z8{o{IY+-
zcEAP4b}*SAPI;0Ey`q$>)__>`gU6M8A%-5KEYJ&3^hc~FY?dBxP!#7NQG|oDpW&()
z0Xs8;J7qAS%ilIhE>>~%DO;U3R#E6rhBYZfPA)<>JB*WzVNO={&tl$fKx9d-4E&)q
z!X=(2MJ+U^t;@@ijjcQ}fJSIeSGGL|ahf-yBCvv011+wVpheZJLpDD#kQ5$Qh`;g`
z3|KDkEa$pBKP*+nXAo>fG9+V+O7P&k1nNuSY7`ox8?_Qt0gOI$3|I1|03v-NZO<oY
zft!1EZu+-5a1-mG9>6$SwF_VzZKUp~Wzb<t8?DYhW83qG|AOwQOrA-Jw0)vDKgOKx
z#!_STa!d22AX&mB3eOqC{(|etp)_d|MQI!Oc>(bn+_HI~s>pdFUOv%ld414%NqNvY
zcCGm^U96YkaMo3n`FJJct3H0T-wF%_468*lv>D*+0v3xZq{ZqE(U%fH_1fYqp!_8E
zbu99=(0XUfmOm1lZ>90vkM5%QX4i!PO)S#j`Qf`j=wnI$Y}#XL>|(tfb(txF%&W<&
z81Y+w7B*d;?Kjrfyp?Pre7W5kph{$&dDQ8MoI)SN=t3W}09G(%lDGMZl?328Z!MCi
z)Gt%OJ)d2z%0YL?fFA9j;C74)SOes~vj!|7>I%Dr-YdCVnZQ;t{?f;nJLt*%)~+ny
z=dzOb%_Fip=;p8f^|xPuC4k#~mod!mXU_Y}$@QW<L_>Fa8NH2RTM^7D%-jPG0Iiwt
z7g!C0Db8#86G@kx*{+b2(s+E|%#Q{}s~<r6pth)u9>1_qgkMCWes%lf#?SZ#vh(2D
zm7smLB~KOFg0`Z7`F@@C#{s3rqqqwJ2fHCBjTab4tE67}#Qv9FAr&vCU3Op(jWjZ9
z1xhXP^rx>P=UAa6U&Hi)7bIFtBZ@#t{m<?-+01JJVrA)my2u})LZYGkh~Q8DlT!14
z%zxU7{V(#LoqV`*7ysYtwSe#6s@H_OAwFy=()!bfB$L%Bk08TCRaJ1zZ%roxKhc8|
zba3KHVixmRh-Z|a$0{kxRNfsXbc`@LaLK6erpj*%@*q{g8a|uP{RxhKlHtnvM{sns
zNpCS)FYirf<)<F0(07$hKWy7oXA{!FXIl*vm=Z%BW_GE`5Y{vm{RZ>EpG0Dvv-OGz
zTjiW~Gl(b|m99o&v(!zB(oq7Fp$YKGX%aSrx+?4TO-A;K$*-}ni-YN|c&aDh5ZNg|
zcd|GfF)qj-%Pek}9?dB(lH+DpWu#Ol_hms7+tAM*Ldq&`b6VC6o0F^@EyoW7v&K_Y
zD9=@K>atd`%bQLLmXfezPRJ9(@M58SG*{;!W0NhON-q+Ob)2<Jfm=*Ay=yE=Ou$Ub
zbnU=|zWz%I+wVV0*mD#AEMc$c0S;6Slxp;R_}|T;&AoN^LP|GYVmwCN7XP}hY+%SV
z6nqR%H@W+>agMKJk5%NkF;z-V04^%m+DE~zM^=X0my}A?a>Hctd}bg;M;qxl6WiIa
zu@ZZK_1xIccdC{eU__RLaq&f$#Wj?BHrC7`e<niqZ+Y3~W-J5*m^N-Y?B3x$wdcdh
z-(zS`N-{r#KC-S7fdOM^J{EwzZqO@Z`A#G#dc!@`RpZ5x6937zp=xu%`4dO?jrh4N
zgKUIg-lCL!wyg;n+)8r5$W?^{i0OanUB`;#rm7BQSSdD~H*T;NrTfzcd5kKYMSY9<
z-4J?2Cm5?OkGE3$wNzWa^5H}?c8Y)X_o;JE&XX1Q?zsJiM+#_8L-)net+cB3D4rVX
zl&#B;5J>$P5{&*w6c44@zAaMz=>Nf*rZ<Cx+s&Y29#9>+hd{}K+kU31cTcik#mTW6
zs@?0-Uc=6CqA6Mue$+5F5uOVMMNk;F541Rdc1=_Y%$@Fh`wR_v(2XU`B=jj>bz2a^
z6U>X)hY5qR+w_ryU=I<tCb%21E(Rnh2PSC#?pTNCo=4h>?y;_vd?BMMUD%VKIAtr{
zVE>uc7#0gbW)hLfGbHr+qweR`h2{EU7v-h5w;S5={IkX=desk7sS5Wf1I|$Az4?X=
z!0<aK4F^bEh>;JY&kR{@XVn`I$arQ7j)V>+&{Vv7KMl<~I{LMS`llZuLKEDxiH+>R
zk1LB!ywfcTBmmjwQG%;q6drT?2`xk!>bTRFFGCLlCc=e%9s^0?Cq%~dkei9G(zz_`
zkM?U+fn6WVQFI5j_5<yRY(=9yl>N4Q>IHLdy>yZ*+#2@zJ0jukm$fo^5r@~z&VrH|
z;<vBStzsK_ld)N?sx_Uo32c@J<Jm=gwQZ77A9!K5X*?DP$9t4r1~z=lTz&nV;MSC>
zyDRR;)~@2+HX`2bV6(KCEfrt2nyrKg4)fy168QSQNc%p(U3v7;R%cp#H76_JhSOH7
zoawpCEH@Xmve4W%Z_X!Y<5-UO*1uv&k-Z_S=1LkRKo$ygaNix$T3QmA{t%e5+)a;>
zfa(O6#{B|{NmYp)aBaZZ^riNp9Y`uw+7@!IL6QVVfl!pN%`8hk4#-^3_d;IGf@BKA
zGXCn^r)pbD08BC*U#{?$;{L7J!3>@DY_6EUXF`Tz)aCQpP>x)F8kcm^Re(C*82RCr
zE9LrE?$Yj)Sv{V?euOW9!pkn>)5)LeepHzyk(1z}@oB@UstorKbD<<c1TRJq=HB!v
zb@pW=Cm%=93hJM;CqRk<l4tOaX=U9q_LPPFC6_t<C3IRtr`(C7x=!P|rOGdUg)M2t
zZ#{#hLvu+y%gxGX5<TvQ7(l81UPu>jxc6lqYYq+mUN96-y&<E0?uX*KV0nvTxA3Ln
zKTup9W$doRZX5aI&sPo07s(CiDE*mPvi4SRZ5h#*g|!8y2n?7GhYS06Lgjis_A{VA
zk!uSebE5V0^J%efGoO4yJPbDevdY|;x84i3L<gDD24WNe{;p1)a=~!{zf4EJll%$H
zl#`QqrI$`?mcIk|Epy87$bRL~ypndwnXdXU0pk<e5pbT{fH6q)-cz&g4Fsb1Fw48p
z51$q(e5P_zuW|?oZ{=MGzJWN1O(dJiHocoZQw~S9oAv?W07qxe6yX4KtznCGA|XD6
z@A;wcu6jqC*vMN$5<+u@)G1oNS<o(ChHBTC*SIs-*B0G%KvRrmm^^D%kW9SNq+v-I
zYwK_c?~YrqmJs3snFDh<j5(E5XO=!@8i!McYQ*LsWpL${gcIvSC}EL3W1K?%$&NkS
z2b%i+$?W+uYr6-5%M-0$6g5$sS6Y%rTl{j*_0kw*RT@ABt>ToCC%q|j&<S$W4l~Ep
zn-JD*G3Y+06W;K=TOuA25<AGgP9a@&`&r(Rk$w=3kum-m`59vv$nvVj$Qr!y`BbN7
z=vy8hMGv!Io7QW+2Fne`xzO^l>SQUUW`&8d26M|rg&-qljD4puJso;5J<UQRXN-kc
z??bUXWfyw;)IA~wD9Bor!sXDKS<wmfX!sBYcH{X@ln>axoeK@pDI;qx2U633*$=O_
zd1A)<FhVKEh=%vDn-zi-DGtKkPa$C+SHXb4EFt3@cM(~xqQ9Kou>mmfF_F+@=|h`u
zMz_FZFfb=vO8Zv^jf2R0lj{9t|737EY@QY`o@abrY?=}h7Ij4o*rakYHg!AU)p@-U
z3O_OgxFo>Usb0MiMM;0MJJM(fDSiFw{GPZbA2LQpbwx3g>U=s(8VxCn>iwYllAbs@
zP^nH9^;ta$UKoEeDJr<6@pv9=niIk(EIZgN78koWm)kE;$vp{NLjF{aJ$j>nTSN8x
z*65E0F2ivjY8D<$P^o$9*h$0If5loQz%sGU>BtK7eJn_jLtNz#`@CYF^R^tsS6|c2
zG`%VC`XKDyvJ7HPjKw_7CuWk<L5FGbRmvjgEvVj9%cN>*O>b2DM{o$$=kz`wNj-rA
zphRp*5b8V9bOdV8FSyc1H?*S_1ZjokJ#T9Y<lwc~!>wM!FM?1QlwDEGG6oFhP^mrT
zP|m+s2{!WCEW<T0^x18=u`>vPYRsJqBEg7+?V8X7B*%?uAP4>QXdtmA4FredEposF
zZH$>ZeJ)e-QiDS<#li-=-9eT<i|-XF%E@(tj989H`oS6j?$~%GjB~^a6qzF&SQc<Q
zOU&ClQ5&B%2(o=BKB;)Qn?j$@7d?R=K%szN8u^YC2NGG>!v!diSBz#bm{FI7gK-7C
zk!r^`xsc&gtsje*hniKUzc({Y3{V`ncoHZGY27@+r+Z97*AD?ZBB#Dbuf!zwwNCIE
zWARJ$nJcU>)`)<2R`CA!J3FIB6&5LY4+~wdbGd!NfSp8dd!GbSN!$7H=TA)@+>9xl
zIh0w4uTIQDfg$RkAfcj)Q_0Q<cdQ{`urUW_u%<m}854sIa3irX?p<-D)1~eS87&tw
zo5AOR{Y~Kt7v!;}(<xj@Q=Fh{+?Qh5M&}4M{Y|V<X1wSJ#y@G&<^t8X>V2}LtpTdX
znJomL=0g+EYH(urLB|v@|5On)`)QSDgaoJ_7AoipduA{dTil%R;=;{eijz4-Rmy~+
zf(}z!OUi=b;`e8;UJh(dH4~8~1szk`oB{A;z28snsSojhl1DUHQ(>s^O$9enjS*$I
ztB7OI*)H@=brk|(cI@dM*VG4L{{3m}9S8iQ;4=AzZ{G&PCzPx5P?pKMIm;3{aKU-I
z-G#VU`a>gGJ3Rce3JpYUowQMsPn`%^TuWfV-j0+sjb#+DYbOjCc^%k*WlIW7h21Pd
z7VK>q11Y2f)zEx!zKe=dm~t1`EgL$Vd8MA-NJJ{E`WYxRq->cq@Xfvc0yYB8X|SIr
zqj^HPUO7FGzS{F=htXR-6YR>QQODqcY1lyQK57Fb7~?`An1D1V+7r*?){ii^GVP1{
zxY*V}6uVg3G`dXv7Iz&eAwk*WtmvU>9lHfoX4j`g6IK8?p4|m<@r1iZbtnk9zKrOh
zBCQ^)@wXUmh2Ot}3LM|jp|=5xVvuz{oP}~|3+WCG$F;Ga>*@p_K7d?bhwbB+z|@Fi
zCU3;yIBsCsO=P$7mspDnEEVkzbqg8wa&Hw(axO<NTr=(gjr2T?u#^Pt2d!ZwS8|Kw
z<%kz=dbKQ-YTfc`v~m(u?qwQJSD+>1XwYp?21&FTRE)cxYE~@ZqRv{=Y*0xl&2r3t
zSMEzf1jF@I6q#N-i11>0VH|VPcvELnyp#wX7|iFM)yIO_BJHlsb4Xc?a*oHojR1Dv
zhCZi?%J4}n$<o4Q5xFXJZB8&Vhu8uGvY$xN97-7-$Zw2Ir@0>7+`TuJNjzC4zW-q_
z&(f&rC%RRxn8epOwU4gqYdi0`=ki&|+OhtzAt*}lD^5pIG`>sgvZv*_071vnlG54u
z)S^5Nx6Q56i}gTbKR&jx*uELrB8Fuy3|d8Je_t%$>dXMXnZeJO0nKD+K$-3GL}O_Q
zrg&UX3A1^Z6zF?4v0Ka<*=T!5stNHl$V#|I-TYCgN*O(gbz@}}H<F*bQSTlcEV6r)
z`cNJy%qT<Z192J2Zio1xTM1YW^D(?=2dqhlUzS#~Sl8ASL4@e-mRDEyhjX>_G(Rpc
zP6Yf<1aSWu6Yr;Teq1=QJmVa13^+s^pq0A!QCGCjO+-YvhaJ{UUIL(ulrbQ^67cQf
z?oWYXsW3Ztd%Dp*;g_)Ct_)Bd`fOytNHYy3$w*=F55h(X50idSr}+eK*9V~Zc)dMd
zTYT%;IWyJ#kRNv7ZzDU^)>l_~J!3l#pWN|DUBa5h4Xfjax1rMX{SM{{3#`uqfQ7)S
zk7C9F^|igWX;E+BD?ois5Ec^K8`XZi2el1SnsE=90Thp+pi+vSAr%NCzHYCgxwJHG
zpmk;b4%lx%#X3s6%3z8JrJVv(h!;VBHk=rm^-8=bY7=+WSZnK1;7F8e`G{zR;v^O6
z;<L}58lmD%&MWwfjh_w;!|p~G1PUsWqjxuyCl5c3P1u{JKmtY<usCkD%t~(ta{6`H
zjnb%vgP%vTZo%CI{PN*2x7az{gU2vp_4_0BJoJWFk+rE=z4*sc-lf9NV*C7}%FOFc
za_}Kq04CmG<RGxf{I-kh&z>NCbIyC;#6zkFsS?%n36jX?elGTKa#gw&$}=Tel1}Lb
z7KIUPk-hy6uBqE8z|g1Q;^vaYMkkc7`z~{R66gtg7hm7spZA&KQP%$i^(%0hK?w~J
zk@Bz(t5>_DCmiS-!u>kA(W<oMHJaWoA#u03Z6akL!I%aga`+LP`lw-;a7v{L_KFoS
zU~^dIE+7t89R$WAxX&HOwbLZs!x+K??5m&6NIWX9?&5Iv^v}H663(h}oIE;EcJ@rl
zy=pPD7hP7z6q+rl8gZk-82}{i1wi76lUAC!cr+~^IMqY|{=KD~=(98zjhQ|lp^lD|
z3(b=T$CR}B2tw{DF1y*7dnPw>W>u;-!`l}K8#o@=wexOC&pLvfI-FhSSigErZhdHO
zId+|RUmS&K^~<S&xd(q{X8)<m1V1DaZ19Qm354-Q9XI-FCb#((t#0jxGKr4f+%_iu
zMVXIB^GY0&7%oWhXzk<I5&y?YyZ06+ClLR;%em`Nd+c5nf=Dx^X}q<CPlmyeVE*7l
zW7^krBUfSnQD^%&R3{D!5t8y;_f$MN16IC-98E(MFY^;@h?Qj}r)km6<rEggE8G@f
zysegM&rw4O!%T+r*6v)4{MZj7a^o(Brrz#MlBtj)P3VtjM-n8<<08CZa!*afS8yt!
zfDA6<%>|C<0qgBh*l_{ZbC83!SA0s+Yw`kJ(H7JZftEVK+sajU!sKDtcri|CGhA`I
z5&UI_mbvGB@3~McvV#3+&xBu_<v+7;KZPO)rwA&FzAr<JxY|RxjDieA#3<fIFg&zw
zJzi?XHS48}FVad#X#iR840p<a5O?oGTYSh;lr-(oamcZmKU{Wp&4oHh{K}LqT}NHR
zUr5$cgo`Vt`9dP>o}dR;^rDs3YArAUc3U9wGYL&@eG9)``}_j0nzlN)(OCfEDPlF`
zju9g!)Yie#PbRcaCONr4qP0CXGxu9EeGw7<uL4-Ct3D;5hAH5pP^%l&AZ!iwpB1pM
z$oQikD4}wNS(-xj!Txk9+_+|;2UboK1Eil)U~sMOfP+snJ+48mZA=*0X|(rZ^3=!D
zuLqTi!>-YJ150_(BZ^{fP?@rX6x6GV<QMP?aO@ul5!x?yAN;A)8M}xdmlJ7`g;y96
z+JQ4F+O2KG^o^{TkMnM>9BM&2!9ePpIF}F$MXc?8b9Nu&Yt`9x)_F`F%A_B*@57em
zK$p|bz}X>7-6C10g#A^(i&Pb?iDegzt@M=W6kyX!B?)bn7B*(U*?BG2l^0sT*)4gj
zN@D{cfYO;lLb(kf?9;PIf-)fa(SE)yHe5I(m>et3`+&c!W8b?{zq*1yS|FaUEC;p<
z@~O<Hhj^gtvzrHBl4{}|(`hkl*{6pyo)I1n3ydR=1|u*|EUpvp1PP3nersaXvL{=!
zWBj3IYYu;puG>^OBGAgyG^*dn_Ns3*vZmkI{^>I$QKD~W(<jfb*(Bh`kQt*os@HU8
z-ZsczU|9S^>jJ=0&iq!O%gNb%nv>j6fNEBtwU1Qw7Iv4n>w_cb##Oh8cSw3oajMZU
zvtieP3OW<)0>_4qXGMnvCtZXx%NU2eb85nQY39=>yWrcmoY?gE87jdb&4GF~KWT*T
z?Xw;R?=iI8>VI$WI-I`Sn7A}l0h{Z4#*gA!gz~^xlP7fDPlh>uPG6Xi025FIni~m}
zE%e2lJ8=;L*}a}P)y0MsC=x*1a47FII5-2xS*fbsN2t*vC>da?RhA`k0#RMr7!=Tu
zG=fcla^9;qut*pbO+_78rhH(T71cOkxBPv<)FMHFfo(KJrQ|b|Gx;8;UyWy2bnaE~
z#ttRw{NUK$jsY1Q7jVf`aA~BkOw;Kxk^}~a%C3=(Qq=S|xeh~fNz(Fmq2{SfzYI)G
zy5sT=2{LS+{c&0!yc>BmS}s0zfToZsVyR$psvi9OP`Q3UDMV4N436K-P@u5j@~0eE
zAUJZ%a0zc%oTvIqUpQP^GG-f=9jonP-@Isys5HxVN5A}JaMDD1>=;7<MRLp-)Vfko
ziANqnV>v9+5^x5>lSP5q^j2^-!jgn>pZtI}API0%Ufq~_#5N6gry{>v8z@t!^LlCg
z&zQVSdi4RbJ_;bB%soCcDJrRQRK(2E(@#=9%L~h)RyLZ4x79kA`Zygg7T<&raR9FZ
z`>PU&M!L|VcMvcnpOC_va=BnRnIU)$`8u3FYskY5v1(mKlPsx<#J8LTUqx_9ksg7P
z6cyM49+wh)NjTprc$0|I$}Z3t$nzk*k}cjBiwianJCivpqa-*3y}61_3uH5F`@7n#
zX#oly26lQi6r6QssgBTQQzEB2r<Z)s@;AP%q{2q@rlVp1521)ME?Ci(=v~Q!V*#h6
zk!fU`#$s%yNf|tZulo9?_Nc>mI+P5lw8aKv1KK7kQC@n649Z}~Xvd0C$p{iRrR2~h
z$}szu(@m^HcB+&!*du!NvN=B6_0XMz@j)su4z#DiOzMmn2{ckPEi@DEg^33}(=6J+
ziDzKpxmeH*zAA&nS(VIanuPQ9<`P%JOK)oHS{olKNya2tJHsN4CV<i0{F8<<Zrt=3
zGW~lGo*=7{(?aQh)m6?@LwJ-mINW<pY@yM!<k7<`2gRgBjAmf9y3m0}zp>L>>M<@=
zsT`X1G|*+o!4&C|^|F_Y1xaK2XJd1AnyfD+ReW0bWa{!kBj<IFbueB<@wIrRjv?L;
z$ei<~idoP6dy+{}dFmgHW^D{Ayk{mMUR0@uqzc_L6e^%^=N5z4Z_zu;n$<zR+C!(4
zqW1cjEh}KQx#K=MLp~D&`D2Ia=e=-Jrj#@*g`-*DklbdlP>Gt!OztPBzn>VqO0QDF
zMC4sc;WN(}D42h3(yamaw7k#abK5@A|JhIj;(4$8Rjz_rQeD{cynDnvWh=}wl$T`^
zzF|SKoPO1})8qviLF~n3!@ztom(8i_Yq?`d&M(0N$EDUza2?k3R%Y;`nC?pdLI#@w
zsJ~dkZ}`g0R)|Qgv+j@oG{mWYgsEdl1=2#6fakF23LKZ<d1G|;(h7oT+dVPCjKapp
zAb!rNpXng899~TgfU&b~vc&qCg3b)5&k?%1j#W8FY@>NwS3eO%NuI5{wx&L~G2w#V
z`i%W&cHVpR7_cu8vLAxo`*x18j<?({vU%On{{_rW{0+>Oz_rKl{t|ji`5(aS(pV1M
zX|M<7Stc0DyafOK_81foSAhRpr)M+2AYgME@%;eyCBE<5*5;O&e{$c+r$-*~YgF6V
zkgpU-T_`LApkplpl3R;VU;)s2Q$(pmJ`zLDxsmUnn@ElWJcumsl!qz)R8B}K`h#G4
zkX(9_I?1|vOdxdR#zR`RDk`kuj&&tRV4&e;o475yLs`P)E^-V3ZutHA7$T@<o3U%I
z9h~)3jhz?1laY$KQ^K`!c1m<iUwi>rcJ}1oV_6~qmUU(k{7)=P>Ia$8JggD&Psuk^
z&#9YDY?D*py7)*q$mgL+Em!FHk=s*BDNp333*QkS`eu^wI$ps3WTUp!th#_C9@dc<
z1=X+R<P(QOQ<((b$V^ZFjdF|rQ~BN3D!Iz-Iv@fP?zU?O6Yxul7K{&VN}moU1B8wx
zv%e7+cE1EUckZYbR%>FN$bu{-UW4###SWH?eTMOX>w&K6>B;(q;$GC_5JvC2P@`-W
zgGimvnM7c%^A$w!1BBN(cOI8}IH)|G`p$}+><OB|77<A=zgg0zH~Ju-pyA;ToaQ^z
z0Fm?(b)*H8FJNV=)Ky3VyxbS8QCO!slILr^OlKWPryo5K8YQh;`)DkG?v+@9lD&Zj
zf@lYXl@*u5;J4^`hc>fQ28~V>eN*MRiz^<~^(s7-c85SVe1lzxA3pW9gGV<hx%5Cr
z1D16(GNP!|H1lxi6#(>$>ljW4^;`X2ftP<x$&R~NiC`31h1irQ#&l$zBp3}W>6Y1h
zimNbzj)8F*(ZAP6(x-7|q9nJaHc8^gHWYS`>K)*N!?s9Vn=d%$Hp!mAgcBDDy`|Cz
zQ6brVp;bDY>dPZ>caU%TK5m54%)8FL4(7izLx=g`EZFsWTRa)K`BKM>-NUQinX7y7
zqdFs8r<OuOC_+_`)4#`JCZt;6uxG4!2I4L4O>L}?l)RE;!is7!hWs6$pDJ;lX~BJX
z5^>Mby;lY2nmH&F!2wK6rUaS#7b7wPK?#t9s9!*B&1+t`@jmMZYDovUEG+EQ;jZ!u
zU$Rvx8t*Tj<JXjNJ}N2AflB8jJK9d9nm`pzzCN;678&+s+-S==f63W}4Y*xkra;_P
z3>$TwZnD?2TTtjHBBy}zd8F|7bT+at7pU|3FZqv9W=3e)c8mimPWv<~KNCV+!o9ja
zWWGZOrClc~(=LxzdLX<#aQy5)+{&?|C(Dg)()GIRu=*m4a@a&D77JpQ7`D%6Xk2;w
zxnjms>AZEeNjECl=5`b3+z%l8(qXpqKvP`xjIEAv_w&LXrBy4h{8D!6d#A(1y;v}s
zA8sq0eW07au`b4O$(Q}IbYz3mQw4f?b)(cji6qtiD$_zrIxy1C-i-IO)QDr_yIeN4
zcy~NCm9!4+^{_HZj1E`&o+;~<#83odW!0;Uj|{u!aW2g0{jhQ>(#5aEE+fk)nSWsC
z(A8j~t2|rYakT`}A|VPZLxx?ayA_l+(gLrBkl^CIi{ahz-u4;x&cr>|fXN;Sqxu%p
zH{+qserD{nMSQl(obJcBaP=yyZ`hJNKvw4Daag}_D;nC%&$OeOviv!(6QxiIo=S<H
zeFY&t7sZv<Rzd_`@Y<j@N(?QAh19GF6+w|XO?Tzp8N%T{5WMF$mlE0F1n=UHeQU;E
zx(c|&N0?A)knk|6tdzKXo7Zl3NKB3iFjp{LCAj;nAH9%GV}nHB7HpUq{x~~y0}zwG
z-5_J+N4ltGsBERj=C}2+UitIT{bWR?w{a6W*J?J)pSdwV&{j9DV}m$cWb3hB_vJiI
zN3s8$UM*v9<kw=bUm`GBsus<TX2+&yj#%_V=CD<TO$BayUJ1K9m0|_8n{!Be8q0r^
zqtp3&+ZHd^swJGzLhVw{G^xT$2mRQ3ifK$qI4Z*%6!e$#&o&OEhuhh)!`S(06fEK@
z7?&@q;}i(xiy=xf28|*mFf|BgqRC7{M_&#oASk=V+-CO8Fz_Vu88ja2Y1Nlt5Sq@0
zEF-`RNS)1CiZu_cOJ};zmC`-U4A@+{liT=Q>U@o|(+F(^S5}sdXS24yF)?c`IEId^
zKG=c#W+ztrB9v68@|wft)_@-St<+T#c}+Kdn#(YndKu}SDqYwu?3JrCwtOsydt%vU
z##pR2hD#DD_}T7EyCo57>f{^F22_%Eah_m@cMNDC;Bd5I*(~N%vHEGurC8>k3ze@d
zPu9z3Ed#za<`?8!PlL-RH0HOm%!acz*k~iy7+AW;iesQ9E)5B5%h<Rfk2i*+h=k!m
zGqj|$4CQ2bI^6uNsjVh`rEhGkK@&t(*NJ~#c5`i8cGG-iWQ%t}7T?l_B3jewHoa(d
z<P~Rq<dv5DdEXS<`U77Y(dBIi@2R+d{0Yw#GBQ^cBVtPd?glxU2xloza#zcArjcCB
zb8}EMMd}{WGJrlZa(Wr^&lf4ohDIb+s)WcIq{UYP)9GU!7reyWIs1MgD}s01my%I1
zD$+H86vsXRK}F+o?hU#-?9(zxQNmgNCLm0SBdEC-VaRZ4q_-Z~Z!m~e67kZBQ%75?
z6T&(vp1L@Kf@4f-U^2}R6BLvuW@5rHlrhdoVPMpZ!Q7W~3&d?;++1O4gQ$V+<zfyC
z_q{#4HFpQX@Emq<Qtuo#9Xv8Jvu7DA%#qb8=rkfeVQ^Aj(yquUX!LMdS=j%^gaIFJ
za9&TA7flF8%73ajl7oO56`q%P5dW644O^}fbk})1cN&s|9~Q-@<tm?d-<!T*Wc!6D
zx96eNW~f=$tXU=?4`Eqqv%Um+Q0{%Cd$e>GQ{7bWJ1T5>L<n4YIiV*@wc@41(DLk~
zzoC@d1w@^ec9Urixl6zN-9+$Lfo@@1!)c?a=^PoI<};mrS4t9`kO=&9*;-S1f97n&
z$?{us7LK{?aZ1b#EF_!^4Z#-^o5P4G<AfQ3fFG8PpW%YWl^P%AWerDshIw*<Vq5hD
z3~6tKw`y4|OZ{x67ZvHwQrZhl(Zbj4_j|mF232$*^3KI<3!o2w1NHIWKwYfd=A;)A
zImDUABQ&&NLV<9~Ik(%eF{h0d!#;OG?&T)F#}e%k*q830`lY)#xE~iRk-22P8z5x|
z!I)PHXpiKlMriycWyg5)^r<(n0f)cjma9tRlEGk}0Vs^hzN6X(*N!BOHces~!f(i)
z7zBXq=#$cc=#Z>`Ce$21&>mD<4o61B%c3mIi$mS{v=`+B)zBlIjbUYpd^Zq-*J2zq
zT_Wx(0pMJ$IEUN*1hiG>%XYsAd~?gm*RLS^cA!>PK|9%`5i}#5en?dt*vDCtUlS}f
zR19a#Tn1(}`pg_>5(4qd3TB+Pzta0>{nnx<Yk8X@Jd*V?+@7P*$G`6hcc;dMc@L_5
z#-pt9vs}>sR_eAmgQ+~BC4_2oFM%d#y|(fss9Bh0Pg3I1v#EEoU<Nxd{PYdshaqf5
zPljzg{yH0p9Uci2Mm$}Nb*&UVO+iKVaT@hnpvbX^vHX|yq?{S{vV?-@3uaS)8iuG=
zdRymdVL1SD->v=&xofr!=v|l_K)f7xbY^K9`&S38F8juRo&2S0A$6W>>qJ?ls_!`i
ze=jnZ?7}fC#@)IMfcCmw>Sv0A&;F8m7R6LyV<ZqV-?qa*fo|lGc!yJ=?%20JR|B~T
zn5EEY5IPr^`*#pw<DYXE^Yd`IaMp^wjo9eP!6T5f;mSmdu8<x<fuD{Ir&pYv$=07s
zeyq9~^}d0Ehw_S*?<x3!eNP#8LrVD4juEOrucPA(zR^>R(W^yagLI}VI8`z6uSk9w
z=U(jXUy*#?yWSN5$%}x1Y70D;ciHI<j9Q9A4(VO3RS+Nw!b0!+*lYsR$KiYB5+4dZ
z{c2t^xc<T2r;jfU9F-yyD)7a@^7KJ5e=XN*IJ{Q3S^DJvph<tJjt}{xNf*>6&o(&<
z0p$WO+lw0k&cVCUG0Efibq1V+M+goY$sfjfs28RKT9{%Bgy{#LqPSFmkuvTRKC*J7
zs;#0jp}%2q>I&4eTgon0xm0r$1GR|)o0|o}cp`!nnC86Cr)3R)QCDH@o@1XkzkL^T
z9=}c#ZXxnJwvoX0_t?hxKVlo$-o8rh3y}XA+b{~n#KYJtN?17teWvS>G>*Zmo``jh
zTE;njjv>-}yHF`cZGDs7nw>X^eXjz9HZB#8#N~9j13P4@J+!MV-+-T4W)u~`Xs0(?
zT2}n{qU^ZAkNhi`r85k!gW{;NI)dMmf<a+{rf$$b5yiydRL;K3Yt;jS8%eTc$yA;}
zp((&;IGfKwTB*S12l>Ba8~T{n9%5K1-+5`SSwZFc!6Dpl<<2v~=cqbCRfiNgg@lS@
z&{hAgP{;p^LLE#1AX;X3e^;n2{#Bvo`t~=48kkyM^WHEM`8}YMAW`=JG4_tZwe{<^
zZ!nY0I5W0qY&)5;ZQHhO+nKR#+qP}n95?S;d)>3|J^S3cUwYN}GHO(f>b?K|?P;w&
zlL<zh=#Ti{x40mNjZtqVPuzcjdzfVL*0)04^Q};ao`zfe%d`QkY-BZP;1-8&JV;&p
z&F$C}Fk`UFCEwg`PeZ}y{Eup_`nrgFSZsLBY@itH9Q-fWMigntT@Hoqylb@~WqRH&
z2wNR`r|JL_{O!>%tThMZstdCjUHFY68l&w$@0LTRe3+K%<;b<IrN8Vxol72%cW2|c
z=d79zMpi6AnnOH7+I8u;*1+<=Xii*oa2H!&G<=+eiCQ4WS;xyg;gcOmB%LwEevVL(
znb4(DtHYp<aJgczzUAl~Q}5^@A}z-WV+BcRq9BSyXD6zgr=4*dnuJz5o*uhrQsA}8
z7|qJqm8Msn6dnKB9yWXuOPehF0A@_Ixb+B~Y@Cb4q**@P(hs1%c2%*H6>Dol`lHEL
zBrEt10#^>*V(6pwmk*eCKszdlLw^=>z9<l113&ALJmoB5?W8hI$#ZNFSp_4i-f&xi
za1ZwR^NTf!9NoN6MZQs&vi*+xVR^p=Y2CdXM+522_4?y@>s<JNNzWVF9@#BSS-bdL
z!1;(`dm3|-b+C$3=GVwAqV$$WfEFEk$M*>)MP&DY+f|LzE##$mR}(3jA|rdudSx3d
zAir}hvQA-Fo<oJkYFn1|Ml>t5YMPwIUl;OWd%rj|tC)=yoI;7<xx;#g_E;{1@FIws
z8Xhv(isvaewfoKTF>gD&GJ~X;@%Ns5`@^$l!qMRG$+b^!uVB1X8{0?UFxKDRw>G_E
zF0H$`m*n=6#x#2%%70;F>wTQ1-PO2B#onAI#h5IAoi9>LiiFWFTTO~G1Z3wkr=&c(
zj^8dh(1~o=hvDx1YVL%H9-5HAKl&ZZPj|eId-d8>#<H4vZ#C+H7v|>^8ElIE*=N}F
zauOm1T6d6vhXVbKx?E9`!jq?Yjx%ll=#4INoL5KN@hrzB4>417wS#Ed=%~F)tVF<y
zB#BK#C)W4=E42hk9dgp;nT!cT2y_#}NOgjn=nuv2r>N{25&mhM^4`M{?%-)=o1aNh
z^<dyLkwh7%y4dvSJQuomdURWiY%1jtRN#?g3(dyusqLA~!Qwdlqd)z8=8=0Xsewmj
z8_dXxcGRU3xPeDhXw+q+|HJHx_Bo!OwRNJ_;qN1R)pm}u%?6WH)@_D$;WBZlCgIG;
zO=tEvbK@E2JEMxWpv>f7P2fk`L}o)r?>AOmG{~VVDmy2l6TQ4dt*pX3T)Ffh=Y3i_
zzupe4k}a5kGlncJfV4xIQ~Zt9No76|reUx=JjqA1*7nO`Of$@5SgXBKmw6(EwmP2V
zevZ2)(hm%-I14yY(Nh1>taxZJ^q8*I%HUwIUb#$0N5$>B)pd1yrHlGjkn^8eTJoRO
zogX&av3YZ%zhPG78)hFiIYGZaZEf#FZ`rKQ$}9xGKkNGUoWo!Di2ODm@=y^lg=ucn
z?QpRO#cMcSVk*Af@?u!(12v##TH^ob(uXKqSs6r&7tmO<r63j{bUh|eik#{H4X}Uz
z4X_6P0ayicsu%wZ`5w)CX*&nicfVj+7XJobjAP;eyYioSFhk6-mQg>KnT$0&+Yu}>
z6BsHJNLi-DhBk8a@F!tIVrDjU;h;16`-WC*X@`RU9OB#$t=Xb21><dD8VF!q7h7At
z0Apwb)H0)M^cVFS7+BCX1?y`?RpxT+6BpJpC&q7-R_2<M+ACPW4mI|+u%KH6u>Vy0
zNgWBxlh3l}IU&pT5Q^?Gl7C^&)ruIpy?VHsVE|6H<*%>n17_9$;z=tsru+U)uTS6f
zx}sgyDiv4&8+Hx4m%*ac>pIDcV(Mm?Q|Olru8wJ{)^}pYFVU)mvoEm@AD?x~$(>)h
z9?oKm#HHWzdel#gzmrSB5XvZGicn00KA<M?k>ipm6@Xds8dzg&<bYmd)?<tev+@nW
zEB`>Su7mI}<CrNv|7=&e2tG{oj~H~3uh@|U;P`JB2C>s_)n@#0Zloptm0OQSN|BTj
zo%ERcm{C?@GgGC$okuj+3++Hl*|~1wCs~zZFZRe3Lz)`M6zXFr3XKl>ACTMV5L)`$
z26m`}R~qEh2~@}CLw%ZtH!)sshLy@bWBi#yY-K$3$Jo^T9D9-^%oe__Ay>Uglvv6%
zrUZJ6EI!~~GnBU&6ZG;WX<a$q#KrKid_!OZFGz&;aLt=C4N}dppol{IM?HEbf!w*8
zG1Y;-w9*-n+@gQh6trD+=WS6ebFpKXEyh_zG22atNW7DujOE?_+h&2KZ--S^g%o4A
z^$4P}^Ap3-geHrxIpQC!4w#ko^W4H$Gx}RCrTa(-jQh<lBD>e90lKYl8c|1G9!{kW
zTdm4rp;}3kUN>XV$g~Fcac=Z$VUi|vOugwjIqnuQQ-OAWHm}t(@+X@@{Oxp$dttzD
z<+@6BYDuMO4$P3UFo{r*Xr5BS6Duw(UfFR)M{A}e+BGbyZuO{qbR6Cfzr@J=OtXEG
z%}<tn3!Ht*Z*+CDsf!?|GAgc#OsB92{1>_o%=|ZWRr@!(>dyp-eWPpe|BbG8{~cYG
z{tI1m{)4W%-=)9*XLMDtC=m#U#{D<C&follt{7i;F6)#pK<@an+-h@tSKMj>j&$t4
z9tpDpc0~cRH@0;U&(8$d7qH(Qecq_3YR8aur~g6M)Ul7(i9it?bmAxM+Gr6-)I>do
zb0Ie5TW#XnPDisX3`dCkEifY!njmQr>&Sm}XywD%>*sff{J4+i?dxLz&ILUDGh8;T
zaL7AEK(A>7ujdlp)pN+_|KO-N{cj>PIbz4i^9?i#CtBa}a3^j6+9n3-y)L5dfTj2k
z!aNIw>J<IMZ%ajR;$t6}0_o>W04?dw2?E^H`_t~%kEr0!KQAeaCo*s$ULHPpu-b6N
zpey(Iy$S<Dgdtgia56K<NK~X~<X#%2$Osg^+#!a+KqNTZK`d`bt|CB2aQb{RFZrnk
za78OZy5SgT--W=w<W5@d1UkM$2N$lCRb^$ywbm?;9lpADiy1`A=PM2)KdvEzWv2sD
zAO2-Jwr{TbkLft<;o@KLY9CP{^$)y~K+br9da?D=prYSevmprzZsOVU<4w~+XYRp{
zs}}E*`wjrFCsI#{(|6Gf$&lC2Lf&b)CrzpTZ=Peu|G{(YJm#693fhztlkYgZ<5}Yr
z9OeMCCCe~a|2(sO7wb!K!@dQA{{z_`RC$fiobi<8L63)`Rq~WkasXL%`(}!D17sai
zeCEm31+%4UfMMqquI5f)97IQeSjf`0h7>TcWk#2^C!y;^l|)S(2xVq}_`fX1`XZwR
zKXiae;0Qq?kyRkwUTQPniDq55d<!Lu*aA=03*)Rv5r|^7m}SUDeVJ=|oY@AN<BlVm
zMqQkHRBnFffD{VJpmOfYoV?4OE^MeQCCRb+XJkkx-YTR1K0_)kf=f8$BtRYSbA023
z7kaf2Nn+HhjT%mU@gw7_uK;tSs>bTCXpu`U932@rGd>dY)w+#V%$e$d%$o=1Eineo
zlE(N@NH1CIqpNm+s;iL-dk9Hj0j&P8es<}#rCR~(|NPXVBNN)IUEFmtzWD(3TA<O(
znFC8tHpktVRW!r;g4);2EN!O$B4%nQH>Z73s2k3r-xwir7YNf`Sah8vvuOljjVhK^
zb`+;kYwgs~s-tlmj46voiFeV%3D66>k91PgJ8ToDlVdTpv@C;VeoD8Lp!W1s)v$T{
zm3X_P(j;<&LmX|-qVasSZk<K9*w%E`Mq+P7U8-FPVNrQ(PPuM=QCfzS<PN`R+@Et0
zn~x1{gl4k@7x3p^ucr7_c7Jef!=rJ_qHz|sTb{HFb{YQB5CE^=kY2X5-?%m3m>Xiz
znJp<0v$P_d*`N%z3c2U(^cQwR-{J~kNlfA5Q=R3;d_%i@L(8dbx&J_sUHyzCVrZ*c
zxl+f3sC&iTXGNWNh2*Qc5lNcJM@7qF>AiW#yK?QQ%Ffj4Xhi+IM|~G5j>|wI4V^P|
zeVyy3sg{e%Oo0%eBs2;VaW~IvA~x!VU4Hpi5Q5a=DO!^l)g_9H7`^FrB}D)0tbQ@V
z``Pj&(?D8nb!yJqU$*et;!fgkdE_%;^mk~u6f2N2WZRi1!3OxZE@$rMV`=?;+5|f6
zM{PurKIafo`z_vFkR55z^!`DBOxAvl@-Ci%`yT{OW6?dF&IB7XHy0#i;_d<7Iy^&i
ze&^lp>`E*r13T5Xtm%TgOi>BEZK3Tg@#i<hZ0#Kd2qxQ;Nsc>Z*`Rn@k;LSJv=Egn
zg=!Y5EF>Gy<ITatgJA@NdGZ$;Y_^?zOyM=|6b^{31-oW*XT^E#Rfdw*>?-TNvitGM
z+hMDNkc^jYWhk4@W2=sMQzoMnkA9MK2<pK+q`a!tGB0aNMMsXz?sCuf##}U0#_MTe
z?d(TV2n#K)_3RIijmg@Qd>D5s&o-3@)wkN;o(t6Au%1jevpvIseLW&KBRl!Jv9|Eg
z0eG<9OfPnBA1~yXB7J<KpacmwhV%)3v8y#4ffE<TDfoRC#?FwVpO;1!ir(Zf^Hu10
z1M3vbDY;xVoMC0!9GZ91c?^WI0lP@)6ja#=N<S6&iGs|3tq<ouMHd9DEzStEzLWs3
z8?*RfyH#4@=Xy`1P%zj3J{YmEf`WYf<Z{p`mb*F`Dl*Ry<X`&IFCJ1sOQXywLvQQ?
zDXYU`J%TG)AOV>+F_!R3kRlY@uDX7!AYrYpFsBehXJ$wvURW$jVB=cyXwv@2oKf<c
z>@}A6xTztfjFIG=8hG(byK~Xhwz1o@d=atKodKxPIg5=e)uOEo7FWza#5s3Cp!0H-
z={R`v(Q<+UMX%F1Nj*>Lk|JcNO8<i5UzcCCwdIPjJk0Ikx6JgxNppfjHF?K&@WDyu
zI?0I<wUvpn80+D+l?4mWRxor;Ngj=rR0Gyam(aJ!b}`MgmLE#Em=WTo@ADFqA;S(S
zB7{Oa!!DY#mtYm}FElZC^@>Mq%K3hDmOKbdV5T0}<zu`plWr9hWe{HY<>A&=q;={z
zdFGy4Zj(rk>;W0p*i>Gj;-ni9;LI6_{uhWgJ`V9vO!dKo%5+v4!%NkOz^=LwrIGV9
z;44j6r`Sm{I1b@Z2dMsW_tLNxbj3w{^&!{k*=c2_rEL&b6JaIca%R$kM&!6pg_z(&
zmG0%j(AdRRBA^E_vE!aBd{aQJAs`2lDgJ-#!AF@z>}#8S{p`WV1|jiSo#|z1u>O7=
zqV}V<w}Wna*}(5RN4yCj9bpTz6Ujo9A>|b<Yrvq<J7b&2=qaM;uR5ShVUH%Wht3AN
z=ga6b<#spbqf2BZ&ltS3F|pIgITV$H-<zB+IjHB^^EK2#5|>WIg?Vr=$gQR<HU-11
z2C&o58Y--YAZnl+4D>Sz6L-GTMN2X<$`e~o_=O!okn9B@-fkl81Yo8eWeP^$uuO|7
zrb;8OEfo`EHn?Vq{f2`-x(Kkzd|Y;W>iy^crqqMMG!oRk1dkF%lc+G9o#DDll|_#b
z{=25iM5t~sONR<;Fgqi=ogqYYTSZ3#YcQuOX()-wf$O3_H?r}jTY;(0Z?HH6X0TX7
zz@i+5dG>BS)ubHtk8L?Xr)uN+3O6L`;oi*Q<j*rx&h5RMxpA$qH;)IU>R{PSLv8qB
zX_OLG9<wsN0ScosJ?vw^?Y$j3Y=l*$!4O-rm|>&=2k!IUHK_E$PiE9Q?A+SeQ~%o7
zMFcEpHP}ZlRuc{AG#(p+osr+}FyPU~-n`|iY}UJl+6KFHsBjpOL7?c+A+@%qeV6Z_
z=tv>-c2pz`Bycz}?{@%tWjN~GTKg0KTKfeAEJ~4oe;eg6|Ap}@aHmmZ-D5kjm6<wG
zW^BJ3oh1E<$vq4P@`5xA&VSq`O&A>$-pDFtByff%YJb1MzcC7hruBaSf2NLqz+b&$
z0EL_xRx!2fM_VG%4QM_tq64yG+om|T7QT%^KmuwIlt{6wuLh|spRKylK=?61`O=2b
zH~3$cy^n|^dVh0&{99?269b|0(dWOc*F*nUubuwOdfnN-^r^C-f#T9?WK^Ie($vU4
z#Es`)@!y#Lf45f4ivE9Es~vuvX}3Eyk1xs4CQ~WFW~kET_ig`G9J`BNTr=bJb4-;q
z3pDL-fkTtck^Uj`J!OQX+AK{utZRp}Fk)BdPl<8>HW3H;!dNbJlpPprP(lhSJyR3e
zmufVD{Fm7za7YDi8D6yfy?g8~z%R#1MH<3C+6r?-uU%znAYPnW0V+W|x?+(y_uw=f
z`hYq8cilsCxfb@f?LkB$^`pl%^m%RLq9{3SPEVCl<!C{D&?wVl$y}`UTD02A^0`tV
z;;$Y6?dY%eul6fc=R%wDC0rTJZROCffTiZB#EVa}rFABn?E>M0MzRr3&F8_xE+R0u
z?M~eX&A5@1)@1joKV1^l9kE?uL*uc$;+raMwayAFYU@msWFkXH7K4lL$2^Wjy?f-v
zA~}rD8Gmj**M+y>6&DM>kfe~Kqk$Hz_0_Oj$2v>XbW}IK*L)Jj#*%!Z%_YYxTlO;3
zx&>UW3Nt`pj&81nZx;1JD1A$*_V7n2huYTKYv=dhkCEmE1Y@vHzQh+rGE!Vd0?VyH
zS(345W`c#$IrriKRB@*TP4=jz>P&G5R&_H!Q!RCJv;=n-L*X3z0reZ8R0>wEh?$6~
z?{&Lko5<ev;%aXzJPBXpU_){`G5ckwA%2b3kIOTZHStQ(%rm9rop*KM{}%Y)t=InL
zCMP;=*4NO7k1AK>Z$~_jaL%Dk?-~%e6m1M%OA&x?to8WRuap2ggr~r1`&Q<II^F+u
zPD(H=|56Zyx8JHQEuP*+nns%e<t>-`&bQ=1e07?VH-fm`3~^w0WlF-sTY1p2vDpUC
zclK^=8FFm+uyeS&x$3Te>-}K?(RaC>t8HCZf;_;}XCMIse~FfE$$I@6B#k>qAR%tG
z6_2$+zTBRn+^wnS`A?qTKLch(zt*pxBLGj|XQaRXk0TPCa7chj&NfTF5q}Su;q)8j
zu~NlGaG<Q>KcPe_QTGdLc}|cm;lTC4aQ8Fop4oMYiSNWjc7m0ltwTMS7dCqaPQZQd
z5(dc>y{Kr@x0Sl(i(?DK9w6sFzhIK`(<T)R$X;tO=1^2ES;9F($@;DsP9De2zM$N`
zmJiJnER`+vC!PGOz_%p575w2!Y5r+^Y25xZz6SvD8l>9?=BPFJ%a`50lP3F_e*v#b
zij&8w*2@W|f-%sOG9SLqXY8vQ8(`MxZh+bn>Jqf={;(Vk*!A{N#Rl{T#9;tje(}4V
zc(p%*e(wnO!=@XgIrB%N2%7sVz#ssW5Pi*$^$FQQ<jVj-k8k=RH$k6L+JnqU10*m5
ztZ>%$K$v-?DLED0{O`d=h8{gUiB^U?#_rk5zdi1>i3ic#A(A(Lb$>o`g^JOJ&%ibQ
z$KOsGZ{2F)=UezgIa-4f+2xfJ`#B5YnvjG`bO)xk>O;2_p5?c~cY^@()OhINtmumL
z!?9#jVupm%Q+)aM=73hd!TTT59ot|I?A1iJj{GUv<l>uHkyWMP;3w?G1bXcx55WQ2
z932^yN>L8%uxL-0c0#cVeN<7;GslA}{*T`mR3`?}EA09>u5h)`q$`7a6x+^jZDKv5
zWT8q-4ijKm^e0Nc>{5=p3=f3YgTOHPaTfGOiY9sun?%Ph+3i7^@p&R}L(<@B5TOU+
zB$yt&q%1d<(q%Md!A(T(3GBWX4Y}-@YilRP6HBR%4hZEvc#u&?wpo+unMWqYlT4z^
zjTp;trPNg>y~l@X5Qk$I=9Nfh%kwVSB~p8a5z^4voq%1_)I{;VEQIZAP}Sl&nsNXH
zhT}MUXS{IEree&GZ=w`aoJw+xzrG_AgRg)b-m{EX0FA%#XZF(@$d3_EaRAq2+-7BB
z%-rB7c^wAgTap)5u#v=t*-jhrt;vLUh&JikDxA`+BdT4}__J_@0;$X>r*=`ZS<pjZ
zXc>`DR@HkWAJES?ypz`RabkEbhVw5jaR09D7AZ`o$GaIaRNn@7oL0$kBLqq;rGqEx
zBBZHmU3)tI0dSq(6kn)<0I?Vrs!~9{o0rs^kB#gCAmD4}1knDoxd5<ze6WA@*ggB+
zT=i@tu`N<2lz-)gW=UIqe-F}1Byk_O=#98`4p4mI5#Q12CX&quJimE-`hRV2uQR>@
zr1=Z>$RvUl&19ApIzqhDiU5%Jh}=5)Jo3x{u7y7sR&fMLIi5yNF<^J{`JM@DLmUBO
z5+@G4A~%c=GuHHo*xlw67`|{LEXEwd?JP#2_GTj7c%oia>Fm>@-XkpT*7NykM=6!w
zUX|sV9iKJ)?YuH>hNQ($NDKGQ?+nxPqbEk1fhF6}D3cF!G7NT!a!kJ#<<IZMiVT5T
zVlG;i?!?PC>T*VO<POqMn_U)qZz6S<;4ec+tnQBY6RR=()Z2eBBVv3W<v_;pH0S`b
z)?nUBFz!@x;Q+L6K9O)C5XPS_XnLP7yrg(8ksqxS>p1`oVL+>~_96%ZGb5i)4-0|{
z&znd)%k=m<TusZ*#Z;6=mvA(OLhTw#s_fl+djb9iI19~Cqe!gQz6-@9V`cyzRy*5G
zUZv8Z_QDEU%@n|7ftTzIu=~|D`~3hYd-Pe@##8heuJ2`elb7Lg+GRKDk@q*CW_u}p
zp(*OT*JC2>h?C<rS*>vMS9OzC%}14@|Ko5eR(Hmz{Y11k!r38n_zFE1?O>W;m7V8J
z#xTksW#70Esg%0`=`Z#`1cZzH^l@1@jc{ykt!P^WS~WehXty%Ax!^&Zh)GyUSt~J2
z?<(T#$MN9_<1H2OvM%MP@K(y?6o5O~;5RvU^(hrFy%tHg=s&69j@pFQ(h7{92>MES
z^|{np<VyXpsI>@|plOtsJ-$S8q^yJ!;JiKoIMW6a)>?Rj;iLZ2NCkwvdj$Zlh#UHS
zW`z<hK`yH%5fsPAFB)igd-*2F`+Y<u=eRw{QJg_Ox5(t)L^lz$zm$reAEl<p_tQt_
zU#55Fu^o1Zj`Y~efk$E;%ZGl1vV(wC`4VJXf3kl#KKc{T8Q3!XflFmL^Am?SyU0dL
zk#@(0(P%lA<-9?VTd4`5$vtileeUBqvn2-U_Bd?Sn7eonsKfHtp+0Y>20~m`IHZ#*
zA$nHH>)y-QGlUVjz+Rs{cD+*R_B;#p$s}Tlt1uB&ZJ(9uYVT?LN$PdptO@+R&-x%$
zk(hf)KaCJ2CjF3)>=nHbaJVlM&r&5M+G6{hWf_FMzD)rGLXMko^l(i+{?o0uYn{c3
zP~&sGW{D;jK$<F=eKIu9m-U4g{S@(1-R)xf0MH72Uj%HE%efcK13Ar#FeUMPce9k6
zW>>l@P;+uu6*9Zhz2dAA%4gKRDp6c6H+7Wjl`l$b3G=u{OS!k7EQx10Z~8lX^o`$Z
zz(+mu4&%^FPF}_UEuR9syITN^*w~nWY);6<w{Bf$R0mNq8_5+VkbA#bhYS3tp&-O<
z8z+vejm+GUg<O(_M)oUh=Xf#DwlC}>mneG}y!s$nwU@OEL?tFq26ot}+x|c{rbWPs
zJYCDd57}Y>+Otpa(N_p3)M2XfQ;U4drffF}L`60weJrl;aJBC=-LLtLKjSv8B1KI-
z&IZ?0G%IoJ4Ns_{G~y#D<wYE&4y#sfKMfrM#@~SwYg;3<zETDBwg-#;%0LnlwkOr0
zlKPH>J;7*Q`X3+9Oty_Fj~W>+r;ztfMpe{GZrf9Shy@qD@zynM4t?^zzk3LM^0J|)
zKLWA>3qQN{{X)e!MxWLk@WNk<De;nEcG!&gpO|NNmpG?g<n-&{QW{*tttiL2>)4Tt
zvu*m!iWdXx6WT%e5(Xj01f_8563v*IAPM`b@Z^o_^qCM&Km`;$F^muOtE9A5k4zL$
zF#oceI{hU-zem)b8NPlg{mIFC5ZblCVwDLR9bZa<O2yYY6g46Z%4-SzML<MF&9EDE
zFgQ^+9{M&)ew1DmZtU9l;abdNvV?cY=+jqbza*ncS+?25G~tYj^T+<)r;cU}Hj$ai
z88=w2v1?Z=OTmlU?KGU?sV+<=#Bf+>i8PNe;zS3se}0Q>=!k~UV#27Go9H!e!$nc2
zhyBpMm?|$w6<s4=k^vI<#P`NzZ?a_01WtD%=w^N&O&%WS*x{l7f{@xdp_8<MXjEaz
zJGmMvEsQG5S3F6Iz%G*y7P~vJ%=Us14#_l|U=JJ3I+F?|)iQL*l-}x)ZYrckJ7N?V
z-;ebV)iD2*JTz5!l`3@5d#jopLt5gIx@qr=2`Oo3nogR&Q{)Gi)9dV68^dbpl51ZS
zv0%$Da2u9i5gUrNNYjz47xg~d&u3jc4Ff*e1zxXA?$u2M=oS4w5CQ#Q0GoP%1FN3d
zN3k>J7K*H{C1Hi1@9O{uzNz2BS_@A{@!cg`>iPqAZ8;O#V<E`xVMOMlRG5~d6IF^;
z7XyCtigS|fRdUaUg0KB+vNm)MrO_(-Qsc&IB(XO*Sevg(4DOGk^=1O(1(G&czSL<`
zX4RFzW$_)l>^~Nvs_7d*gCXrR(-ZzK%~LuP3q68F+~eZYn0)%$PK`m~5v6zxx|U%8
z&jIv1Ez5pXPQS(%n{HRY@>Z`OJHUbT`&XmE3l8uIgUEHOl@M6}L`TC=3=lqz(d;V^
z?M4=0mK0hVFSJIot%dx+#*KukL}aO4A^Kru(fxzw-s=x-C5YXDW%dRL8ZFuljVnzC
zDLzPht)&pF@uA%B*c?-(mUJo(aoTzHw$?rjqyWxVmGYv<wL7c9h#;k_Rq<uPR^Sq$
z0QY!?zpYAXJPBZwewOihg+QhiV26<ljkpC(lHVmN6e&S(dFS+o=nbh2cIH;&hlGes
zW&GfHs0@(%ND69%6I$H6kdOEzufGj(v3;rdLM4(xA>FDlM}X3M!D}cSfueQ;nu6wK
zL5R$aNU+3rf3(2<Rx%Al#0OcsQ1cTP1Ys&UV4;{d9B$BmaSY#2tIO+wVr?T5j~=Ou
zc{57Wr``zi8@-?0ZjG`lTb7LyuTW>HYLJdNS$Tmj-2B#igVU(?Rw#m8mwRf+zcj9n
zNKwphwr!a(QEqj7wmSgMq`8w(G!mPDME4llE#Sqg8neGXqhHdmmvZpOdqog-(v>w)
za@()Bk6h5Ku*}`~Ws^7pjT3Xw0jSl`=Gp}$XkbAR(XnirRzhlyJ?qG~P7E*8#Z&gr
zwnm7?ms?WjaZ+0kU6tAPBb6OFw!xvUGFcN$Mcpx!9>fJi3RX!{Igc=7$-K9PTI`hK
znVzrZ?crGPG6#;L`>#I1qehNaM(YCj%=g_L7qzZ{`K`ZcfNMh2OUE;g+2@&M^mB%N
zvC%+JDTeq+k!zirKD934<LCG$xQr$&mNWX7wYaEX6dnUZJo!x>Ph@lXemOpI+rJDF
zqqI22^(OuXOnGRsF(K@LFyxtfT~PJO&2WZPkY;Bq^=o~0pBo(0YEVQt2>yUrrcVwF
zH&oz{tu$vjffu2O!Adfw3Cu1CeJ2`&hvXa^?Z-U}xAp#%uv9LnzfEL-hho;z1JV9?
z)6|8J(lQr7bL?@T$@%$Wv%@Zci((3c6B2YgJMBw^`t^c{Pt)^sUqfaPTog*sbWd1@
z1SIdfFCN*C-8Uq!Hv^D}4ktK47UeHX0b_^`4YuT!VS+4DKsMjdB%L{Bk|E(V{5CvS
zUr@fX+Rn1uzn1sjB4p-L@_Yp#K8&@;190Kryx?^~to){D%l$yPT-lFa;2+FqvVTwJ
z;`&H&s=d_`#2bIs0qk#57B(zG_EN{PsC@36o*<qa8i{;Hy|6q|BeevL_2Ixxf^1kG
zKWZy}p`-GM$;owtwIOqF!-D;IL!202pYjelj$Ma&Cq(mF9rcVAvzod`{#(vt__G$m
zq~y6h#&|ZHkt^!!ZnQ$S$zh~w?0bAnGieS4bpCnT-n_H?=Xj@iT8nbtxb|n*E%qM>
z`kVZRn6&TIh2k#$&v9t?w5qXDNkp_qfX;*AzQc*Q6WzsgueQ%maA}-FZ6Bbgw?@NQ
zO+T;dNOSu`fhl0we)&NmS_qQ_zTvQS0!Tpd{U2!#8$;%72p%+;KeYOJ4g5IpX-)US
zMn9=|Q(IP=>Pk_^D#x%i;yk!ZLkddYN_-ZsjW{5Ha3zNnE}#a65?9DLEAF%BThNYU
z{ot#4KiR%+ZZDs&zu;ZLsLp9=8*a6}ulBFI<SWriS|b>vj8_2A@09(OH9%*$`@Wjx
zSjXqtL`Q)9i=%(OnkUU`kmb`H;^O=wruxGZ_3L?9Wg5?`uzppAgA?HHN3u0_pOqO3
z>`UV{v3H9Wl;6R%VF*1u1J)1X2WWPAVrUhQe*R9O8unYebZ-K89)r^9{rqcGhC=&l
zlLvX&g(eY0$D{>#UtsUe1oJL&=z`8vi}2t(yYTr8$osTmqI(8xN~x{^1V|AuzP%Az
zw%cim7!N#DNB61Kp6a*_3s?`1T1R?!Z`k^*n-}9liR^f+`^fw09PNLTu{u72diY1}
z?JCELc9UswrZFxf-7I^#o&+!SWT+cb0YvdnE<FpAfPOu@FT5-GiLdQ%kT?cRcqlHo
z;e`p?9Zh?D8EvUdc1x@VUNTH8kYJZ}p5h)DB#cu-J$%`odwR$-o>IMJ4H`v#sO43i
zl{Hs;_u--jS<MC{w##HapV2%u-)h~l_m>@c3~FS2XKX9P#(1OUxOG0N*xeB8#5h`8
zgi_*?9oK0U)&>I`tKE#32{EKQ(*LN6XLDrZXAs0aS<Mx#!Vf-8{4S%`$;3*jh8)?N
zK<188gssS(v#Cpa9PA7ny7wu|TlNIpf1T{)xPBS5urgeCZ;FwHFb5%F!q&(noU*%Q
zIlRRmT7(7Hv6akf>KG<05=vk|j%9)3288W=Ju&ZRR3r=@vE;6e|3dUz`yR<MyFtwh
zN$N64sDO@I9PgsRBeDrlB_Cy#ILqaga54l&Tmza%+pY@Sr~?Xs;rX6WW+m+$8^w>e
zr^f8nRk4~I%8VpZtW5{urq(zNeMXcaM<b-`gLq1fWn1Kk$ia~vP&{BNh6+a+>&KRQ
zDxpU&*~gaU1{+LEgiy;-#alFAy$#uk<2Zz75_Jey0=%XCppy-}gdwF~De7M7o@&?b
zr<6MpR_`j0K!z2mY19N;7c<kTvl*HCHESqsKPa-G=hW=6eN+_q1{(|7Jli0jH~yR&
z%LtOeflOh}-?=#k)qj)*8>{zbWN3$_sp!~e-_`s&5SpPz3<m3JeeHh5{;ot=BUUVI
zu4DbhbUnLX{+_ig$h;G9B4n|v9_o}bO7RAfZGx=4KD%UDk(pA~o-DJ_ZCvjfmJ*@y
z#OyvQQ@+Dt1r<sIrq5oF4D{MU;zFy)sMQjpmzFH)(=}-ik49yq`GaU&7HpBehU#+6
zx|A!!a9MPs{JtjHy!=GeSxF!%j%rrisKT7le1QjLBgF!{(HTIdg#wtY;lqpjo-c-D
z7Cktec9}pwNhGnBz0yuh!cXg@mSfUmXI{QI&M!r@wHhYLby#(+W(~X|3TtcBqCz_L
z8gb`$&7n*h7Wksnp+MhShnhA|)7fp=>FN=F9#rh@hqEB}32pkeaz=#_rIfi$O-YMw
zCmJJ81$>A8<@bma=pY~Lu03ZYZt^9U5v`u~iVZyKER=6|$<%%ySZ{W>%3T>RDSJD`
zT9ik|QfVYxzbBh2fAmH9E{Hv2+w-u{kn|dner$!gz%mujV8VY`3R_WQw>F?uFTK$1
zjF^?IA%DNa?}Nn>#<dgYhp`!o&E$o!G44+;NFAd$3}&dTB(n>?wB4JUMXL}6PYVT}
zzD--!{dFethHYI_KT@(nwK;J~s(CvsnBND&lC$h-W(1RVL8R6yW%?5f_m-w$Rt<#{
z^0R)|OFt;M88Fj2juls(NOA6X{1ECvn0_+EPVsOo<=Z;hBi2IAIzWu<TRyg+TPXS5
zcM-&QhRd%_jIrQIL_`0+7iDJ2V<gS;N|b{}Yg(nmxI?V*tsY;MH6v{}rW#>V`k`je
zuWGera6N1o1LbL)1WMBG3`Fq>!<$CRK8W59CTo+U5PtIx`XEan2scs(87h3espT_3
zUJ0tReUx9x)|1$!fbZeW`_Mtu%8mh|!USmbBdV`7`qh{2s+^cY%W}J?a@g|uo?#z9
z5HJEaIfF*u=mCeSUQmUoN%22Xa}I^Y>@0|oW);~OsKWWz)WOP9Jctg9y&JG<=tCAw
zxHx$lFi}W9H>(6Ocu=6122-Y&pPbzzmQt_@@tQj<;=k4rSsLOcnVK3<i!iz8vuod>
zMLt9h+`~ajs-R~)%oz^|NAe}y+VB>us~Q#$6!nZflMjHZQgBe!oO#c)hRs8jugV53
zCEhFK+>)(ecyIeAmVM~G!ze6Lt4Y!#V8#pNRlXj@3WDFyaAXO?P<~K4iD^JqPz=u{
znK;T<ShJX?K^>`9ky)#07se;k-e3k%4Z9YS&>&G?HXC7eHu9Z1EUP$HYKxtL`^Wrb
zS!I-Ao#!DLb>3U_!Jh4-B~NfOtg={KNIS4trJq--uEdcW&$pjUr8UaXPH6uvktkL)
z{+JPIwrNKJIP{P%>`tm0N3mM%qD;2INhUCafQcyo_W3%JBXY$@Sw>0NV=wDTo6<n|
zX%xveW+%@SzfqMfmhxO16-ULc>u)Mo$SX;yU;Z|6rIsE~pR2NwpSoRSy0SMGKMYgm
z!%wFj?}5_-r`!{O9hY}3sT{<t&5Z`kjnMU1z@RC|RjhDV((4(iC0qaagOQngb4`YY
zQY(4LP_eYXMHG`V8URX8Hrj#G`~y9Fm6>dN4dzn^gqVA=2`JX5DdR)&46}Msn35u!
zqdKgox>!N7rp3HYJya|yM*X2YO2s?)Pq~qJW|eiBjUf$<@<zJAk!r0`+YR%gv<}Eb
ztOFvQq;c^RHoITM=*4E_4Ds9L@4D|~ZrsZU^qE4+RMl5>Rl0TVG4u_&5fDSw${n_t
zc5xX#^ZEMtN=~OM(TkcY;^%Mh_E8kD;T@b+u;aRl;hp7%(C$ss*TNr#T*<t9_Zr?|
zHJYRj94Jm%7voqb$tQ=<fhG=iFyNowN2Wmu4+Q$!O?cK4WE2B=(sWC-m@ZV<(B(BX
zX`6J6YO4&inJ|+S(QFtjR!JHxr)L_}wWe8bFn^9=e{0gA<N1pJw%K)PS1aL4DPj)&
zST6WZ{`NS@)UPWIuIz(DoQIn!+CT+&GB=oqC&)04SAm&aZip~<DR+aG<}173VJ@e&
z@&AFFCtjuk{#z>0b6!zsKJ($%WbCBPJbrNqZxZEX#5~RD*jSgAvwAwb0KY9H*`acr
zuRp3r-&rPEOUo2!rEHP}7Tu-?dk51Ar8f2Vw??txa>H&szs8u8(Jb|`XY$mm9Onc9
zJQ~Qk8C=9$II$Yl;4g~`feFM0M+md5cM)P0!QXG{0(C5vu$^!Undb%EBF)lv)5{h7
zMv5%G>UCPvt~2&aln=i(75^znS`hmEmX(UCPVd$gtR&L1;G;mM!c(<bR@r0o2=WG_
zU=}vrP1TIBiF|OfvRTKi!wrc|9eucMKGe~p57$&0l97oTnX2k|$5}U6%HT;(-spU1
zo71$|+?;W=ylB`wFO-rRfzUBFTbn?3E3}3VG`4H1rBfYmL$GcttKNFvv6KlmnspOy
z30mHSYqM;A=0VEfbcEvCbVj-9*Oq4-amDN-z>PPS0;G6|nui4^Pu<S&19uy3c4aJ1
zn|8Lv`*;Di!}XZ-dv5^k5Vo>PX!yJbCb2IkR=s2?p|*u@jio<Wz{T17{PLZauZ)9m
z!0N|?R|gdZsi_-KD`D~C`Jd@u1}lGf<@wc~MC*<O1ZpYuTJ2AH^x*A)xph?f9`+du
zC+fA$?FgjOp*clv8S)P-`s<YGb&6_2CCTgK5^N_nU`hbrFC0aTeT&xzH-4|YD!3Q)
zmeB6b#ALE#58=+{a9}p?B)4o0p7e4!#IfP#Zh!Lpzt}uhGVBF9V|7zFsOFlwtx<n-
z-lVtu@HrSauG}YG>tfi+N&Z)bW#t;{1Y=C&l^}SB@5+uYZQbF2!Vl_iwk}=~O^rJ&
zJ1YZ);6M$ja{_`D#UUn<;NGJ_R-+^-9C-=Ms}eL3%hgr*_y@qyB4Y5qMw(q?u8USI
z+ecmZGLBE&(ba0xLre=PLL?He=*ZVNS}kb})DcQWiQPm8*>q>`WNns7$Hhs5*VM(R
zUf|`(uMI1{>G0IhZr>^WsHzGrDy<`d@i`RLDtQj}ZV72Xx90BLOR~{8qh_n=?!;??
zr(=0VELgZvc=@Q|p})i#%>1A~8hJ9gTU<!jiN$={jMM2L@6<1c+-n1d_o>1swaAo)
z?Q~2Q2@Kl#U$`WAzZ|Qi<D|qqfAJI4>Gd*IBvbtA7|`Cyf*KLr$^Ky;z^T(k5nohT
zIZo2tk*+|KCsKlSH(g+=^hvjAfhK@U+r#kdvd1xb9<u`!y@5W>$VOp8sPO@0#IBqw
zi>bJ&_Sqx?oneH!)49Nn`)L8aind#U0MBdUaIJFkBKb<##uLE$%sC6j7ui;__<M)>
z+6M;i4Px;5d(3h4b<GL69JK`)!Ob4kfjV^HEgZ8C8(I0Wrj<dE$}XSqdEfxBa%8@j
zRvz#8Ph;xyV~ESFQ+3BX(Ls;=b?x&M1QPL1&a)p!@vIx{BX-+{a`YC1GXHyA8<|US
z%LER%zBI;{fceAKs>ErSGmq*$r~yv)JNyB-Eo1}Af)8$yV#L-9&E~$!>19$Y+=~a@
zpZ`ks;I#Fe;>BUm&*x*i-SKNqhrj@z+vv{VT)6zxx=J}ZIhpKvbqFC0nvEBrqf<iT
zbF0yYR4*Dp14bw>sm~FwiG-p<N~p$udy6}Yk{_$Rwa30YJm-0H9^p%bfl-|3T)ux0
zp7Chiu(AE3BM*?Fv!gS6LG;Y}+QvhE1f1wDu)YCk`iPbQQH`H{g11@mS0Y@nvS?m{
z^9D|{ukd508f(HDw*l&_t&UdIeW0z~IH$@<vu0P;iOyT{7`N1&`d}4z6DmRMk6j`T
z?=$>>W}g>QDCY0^l;ih+>a+hd_n(2t-_WmVQqgSGDN+qUf8V*{Q(Hc)9afk1tGA5M
z9Td`dnGDi9Ott~qWGvElJa|ubuf=zus;3A>D4L2-^EK3^{x6HU%dL<->v9AexLa2X
zM=w>_4F+s6(g893*e1p6=?t_zaN7M_e>;;L8L1{d;n!~m&wc)j&JqSU6d}@c0!6DW
z3Mn<ab=9d7^kz-;*Q@>v&w&sZQnMe>BNkuKBC`aQyaDi`ZmPEUM`TVsVE)00W0`|w
zC}zBNK<q7iRqLDKE}P%oXE6lp%Livc9frH4lK$gt0WuB~`Mu!y$939z#(^9JjKO?8
z^l5&}U4V4AL}2hiE~-9kMB6vzJBn$_8!r`W8-7+0FSWU6V6=Emr}B+4X}Fw0eef(>
zBhqo=athXp_E8K@_ymJk-0J(CLwdHA@A2F=i0;@T|0&JA;ZF_#{?($0_~7%3(8ss`
zqR<6~B}Jwc!#A@+d(x8rfOkR76pLPGC{}amWmvW@H}&{?+d7TLR-)DXx+sftmI`Wm
z6`)|Z<X;7G8xoRZ(53E1s-0h0u<%dMQ0LvBvtPMtfK8#FL2b{MOYoui;9&LzNEoiQ
zE5o#jYx3L2|F5u}DqB82;lX}nTH_y2%w`o;rvJZf8NCj5%cJdr<RK?W6kb~wt&WC$
z|E=>)E<x)-F3@4|-<5CtXX<o?x#m9?8~+`yQ&1Y$U;ICY>(&<K|0`KH%E|6x8JqOJ
zEL46`ZX1}QX5@l;0&rj8KErj2eps+G%Z!9q`vrZ_MQ#*-xj!Jrfc4saN^F@{h|}K2
z*)w)mAFqj+n0>4>&1HeRLe6BbsdPCWwHEVQ&eo3II)8FaSY`IXV7}7h?pohuthi~i
z*fO#Cu26RF!OKkAUUkL&2-R0Kp0ByqG~JL)Qsq{HLS}@wdXQK`<?K|4APo;Ru43KL
zDk8#>d36qxeNEsTcmJzZQTrI}oTIgEQ>;_mXlXcy%BaDSra?%EvIuPs>^q!x+$KyV
zmEptIX%=#{BIX&lTPhbs4W%+!+0a4{XNS;?@w8ZqbJ&W|+U3iBpi9AtpDAs0EJY5w
z{Jq(>>+5<F*0suz3#W~52%y5#s*-bCisW-a;#Th~Nyd!@L3M4QlS)k-=N?1R%rNpP
z3udGy2ANxM{Kwe|Ch<qmJvT8saKsh7PKCXuxZ`QP!A)br%?INPE2;x#C_-P<DZ9Rb
zA9n*5Yf{@EKhO;DD$qPP*-avu85k(f=ogxupGIs$<1rBt5j6P;zR-B|Sfkpf`fCw7
z2v@RmX}!9^uB4jx1yEKir{i6AvA!#Zn^Y5$<1JZMHMM20D?yr(O6^f@`0%TepwDkE
z9B#jL<f)`bSy`8?=k~*iQG7G7&X1P8uA6ag&Xho$i)Y7$;Qj)aTRLj=q{|xvTg*Jq
zJy&1&LZ5j}xMx$^q-QEfOKVRd+;tD{YQB1TE~j%CgnZm84#gPx9XP0AsN4nB?jBVo
zg8Jq=Ap4ICJB5W&>#o8;TM9J)sl0psqX_eMVkoEZm@|U*AgNh@2EKTd*-kFn##$I6
zFQ$BGXvSoN$~xI3#+*zgS~%`Go_583M-qDLGEhX!z}%E^!vr(Y;c|YjZ7r<o<eiZ4
z^Y;}>>YOhdhWA}~Ss>(%q7EoWl5l@2jqxjI7I8tG%+RG|mK^&{-h`3y%(9$a{~XOk
zZkc1<-mb6QV{jF83Df(~c77!8=z=<TYZ*mMK1DT07D?I{iY!P|b@e`xCNt>aqvep{
zxNJPxmFd=cXIJ!)VEndqpr}j!+%=geo%5`sVHtJvYVW}r+<2{*i&UpVv-xbviQ{cu
zcU%OTSJDLLkyw@9g7^~>x6nY`ttZCBUnv`9I;<vtF*#n5bd(7dI{5D%9J~_&wiHBQ
zlQbjPB*c*7m1s=unL$K7!Wk-%O&2|M1f~keiEsmFI|bF5Z<`G<3k8c{m3HBH>g9x~
zu`F^?Id)9#m@ZX`FQvg1@w#>q(B0b)Nn_m%f)Vo3snf<n4V&7z?l17S&99s^H~ezZ
zcsFOpVl}HEhWZOI!ygH0X@+<JVyxGdDvsskI(mhxN}1N|qo1y+y0ka;NCBBlAi)LB
zR$Q+^NRhJZSFxIfj0hxBQJ_Hg&Ww+j6U}mFm{RRk<=HN7s#d9r73QdL1_YtEkRwc1
zrym!3_M|7w8mU<xswf9gH)lRy>z_~E@Q%5%I&)1HA@YMQyAq*g?id}`$%w|}djDK%
z$K?HG=jg}7+Qi;uu<A2sk{75*)u~A%_4ZCHND5SD?%-e|PAA`Xtt$bi6KLVa-xXqT
z)4yzQ9K%&p9i|wgx94DJ?@MmEN-D8KaLrXBg2X;}o*E)F&I}#{S8-DM!asnHW2Y;%
zavXla@K)A9=VUko9-tOv+Mvsb)2u==PKiq@<NPjV9P*TiZUVJq3w_;FXCy0|c^bP+
zJ6}78MqT|8fc<Dcr!@y!Irz9ku9%!L9SP8Mx6iv;q=2pp@{-e1d=dwBd-7oh2hG@3
z1cLcSI%bvMxMgO6dhXSRAgFHuyiZ?^?N%DAc*E~()gX(jTD9_G$(~jnXCEr*4ejj3
zQeJxp7mpfRpY{U8#JMDps6bX0oTnB5TA+??!A&7Z&)5+}I}BaA?C&Q)jbr4;bIvxW
z43nItm`&DIAsIC>t)90I>5y*nE4AR3H~I$fZ_GD%jJIvs5fT;xT<2lvQlL?&28x>P
zG9aNyfw4F+d<d5K8u%XwwKLVUN`8NQCfj_|j$0Sce~b#J=VFx@f?kZ|4+utL*w+>0
z>Cz?fdtzAW&7ht2QQ8(I1+9(o%d=gD%*E!4Qo?)Wa9NU_&Vao7BwkmSOM??}P`*!3
ze8ixA){k3$W&Z(49s^bf?iDiuq@2U;ai63#pBl2|Q@{<`?7qkVub->%7piL+7k4va
zHcw2aQqFmYH`7^nM^fP#Hnl;LqCN$QGnl!qC_&H54YaC&akb}FsAHy^fKmP`rhEh;
zRM*s>D`X6d2@ppNFh5e$d4XD0J2ZonYfCM_X`vFhHMEGK^ThLQ+@}$tPAtIjb3$KP
zt_|y!BY%SVxsgcvsOW0^kr<8Uw1o=(Ne5>|Y}c1)Nz!%CEl~zFlLh7A&ECu(SC+$p
zN6o=(NH%&0InBTNGlU(2WCjFb0MgReT_Jij=ei*C=V||eUXoFot$xJgwet14+N%}C
zk{y!5hGIf}1c5#nLt(D4DcEm|I)P@Zq7xITX^<!0y`sjx_idWD6qD7DZc?;Q1uKBf
z9(gTb5F2gn0}@NMV}4NZwjbTW%7u0N3e_R)#KaOMUnE90x`g;zgns`IxP~6Wb*d9h
z=nU%XU-bihd$jsKp;7#7xz3d~Nx#p=rhTRE$S`V)wE3!JqdwRz<tv2sY(sRbjOMDm
z4p%)#bT$f!++}I>!nndzb1Ds$S8|#cvLwen2iri+aiW#O(@Ci#&Rfb|VP~wsI9;D+
zcUof6E>o{xN4v2ISP%P~68sMD4RTg^V$OJt74&Y7;!FlDXGQ4!0-=~Nts6h3p-HA?
zesey)?-WdbnKsXx{N-CUwy5>WP@|S=FuNzdI8Zik(L|#sa_MoOboP<3Q^~`+)+9*;
zK_W_lK+=Ing@Q77U18zc87L6E^MVXb<x8%bf9w}54uX_OyH*VU_|q<G>jNJhT`)sS
zp`p5`AvaIYMlLC;)|VB>#$%PpL{lUvaoCwWc0Ecf+ID9Vws&Ji?bA%{6TmeCR!Zj2
zg;XlILId2C*`jXG=FR!rzOZW?p;KfbmCv}u1xm=abPkh2wxX6rT#%%#`fyKsd@%dg
z^-jACzdLFnvs<or@bQO{nH@EIGc~(}4T$U=6%3(F@KAZqm&1<k@^R>6j|}qXVFVl@
zR+_nJ0JrB)bli4+D=D*jWcob?q*}Pto!cKjtU+}JqBR}Xe#!UtMZWzlvtom-e?l52
zqOoUBh_+;jQ+p2isr!seA3YpPRGzG;aw)9tl)lzbFkB_}%kboc>@Zf0jW1p`$DF}G
z9VR$dWAEJ*n&F*xCzc?ER$b)%xwqAUIkxs?S&q&d&P-fI7qoxIWVSxy7Z7In60i`3
z$P6#<M#n2YF+zEQj<qumW}-7nV%M*{^k4-o*W2|}_o7{V9s<;nqiE8qKEDDbx_)id
z9}@mcf--qi$!{+ZpFFMvpR98cH0^k5C{;;QamleCIBMN`h|pSq&9{TC)`Q;9iqzNO
zv3)IjI9{KhHBZCCkjPq1JlziLc{B~YKK8rZ15K(L+1vbZJ_M0o-Vr%Q256rzri6wB
zlpX%W-`kbwvfasML!9}Uut`HKrR$EYFO=-2l2^++O51-hmd@Q2@5=ON2lK-EKmhv$
znZz9Xb|0;I)z8Rq5<bI!#n*dTB!sy8rcf6WSg#{I-~G-8k})FdZJHRT|FXR&5pMRk
z+}5*e`WZh7oN{(8e<A^#0kfx1FL4ND?T<lf0EM$pizlug^VXR{%ZajsZ)hBw(~tgk
zgtPbiq?qIF(dnETQ;y9!cDz6PhoNS(C)%7Ds-nK6S+RmNym&5gyLY-dC(2Cjt$y__
zzmRo@9Pm3ul84s{8F|I5!TQNB%jb;IG`Y-l%GbC7e;mf1T^#4(@}T5&;O?|5eG<F;
z1qKSR=y+2NanEH2wn1%*K?O+vf@_q&zX1}c{0e$Gnb?<{>n3y~STU@Lu7Q6%^oG?G
z{lJ5)0{G2{1JEYqTpi?iQg<8hz!@#a#FEbyFd_6Y@X*0`-@(w13t|*9%PTw`T!RQv
zt@omC>&4~>y|#tkWGv6pZTiod&Lr*}*{OS)se9^qa^ohX4TO-O$=7Q3w2MVD5y&@E
z<PNAOt|B2!vFd<{EOmi#y5z5lF}h0EJP3ZPk6Dmc7j`7yh2S4jg8qdQ7_w0L^oDw6
z9k8R*;Tto7GN<ph(BDc#N{lUAPr7Zrs!$w(&vgsY9G9)6%Ad|wq<FxnvZ-sBPRLVw
z^GbfQAqWu|nE|{7_UnxFS9aLuCwKf`biGrMWK9FD-L`Gpwr$(p)3$9J)3$Bfw#{iz
z+taSo?-&0c=judVRz+6kj(w4t>sf0t(p8avw~_au%fTAG3PKTK3r?0K?23?Hk-&bE
zQ`jQk?*Zq<iLIu=xgyK*@ug7WDxr(6Zh?;CO<s*PWkT9+8$}9D_#GGr>jiQTz{UD*
z=RxBm>t~2#$C?eI$>2@O^*TWqLPN~;TH&lIabLnSGeEe<{YfF!p!*zTrmCXc082EL
zI8afR{}?UUhpZo%R(Yb*6O|uLU@>VKY*<HnI4X|98vaL>0|-!g7@&L>Dk*6QPqG`H
zfEUN$=uB)XY#|qbG$kW@#aF^~0nct{@IE#Y^M#=pDX#$?5t|A@Kmh~7hMB~Mvo={?
z524exr<P)&oajN_2;p|T^Be+gNQzj$Rrd45R!t3hAy}lw5*}LyI;wPHw!I>e!W>9%
zo+QL~d^s!v92V_E)DQGbs6ddD(^gg*sVKyANWEao5B*K68z;)rk%>n<+<&7>KICC*
zv&Ge2qJVJ^nomUfe#{}I;>uupoKp|tUN{zL0dBD~nQ}d2&JouV@#AE2BAEl0tl+$n
zzG3Oa|J=e@gBQ;+ajmB#+JDZJE3Atyt77aXCzo?(0Oz9^$6(&P|FXLM%<$Z8OrTGl
z%OTZ_9k>rL^VSHq3HueReOUMU_{~`wGQ?Hr7>m(X>)Tck#ok_tp_j_=xIni>d<O&f
zZn2+hXz(QK5~@C(QdV>&SH-r$foOZy-E9{1AvpF>2gTdLTreh1wE8aqZVuuMGxJ06
zN1$VP{vyow%!|GSNX_2c>wQyKMb^hJU<TZrfs+9r1>twAkhKy#?UML-w@X>4<p+r~
zU@KP_?0u2kcYoNVP^>*VyIW~3=9F2Pl1ohYdvMsJpSnsLoM>Bi6P)?O->$^Y$T5_s
zkTb4>b^7oLf0N9=;`}aUScZf6tK~Kv%}r}e_<c%Jn9mzpRMB1JwqFXBg*rH9HLPeB
z5#_uxtv6+NHw=J`2TAS+{U#e$kdveAu~EzLGH%Qw-&(?<Wf?wPT@rJlUH#B!t44us
zElg7f2G@Ns{f2dRF-f|&g@W2&0cv0XdZj}1n*nlN%>acIPM;nCOMerAP#{WgBJ9Ld
zE!jii2#nx2{e@YH1-`E4C#&B{N2|Fyg^1`#Qv*ZH%~PZhEg>>vLO>ynV1Qk8Ko5*o
zFYX1|<rr((<Xl)hu1*3pj?^7HEt@AFdW(D=lu!gu-Pbt1m_gybIly0%@%n&b$_JyM
zMS1Cw*bv6#l7RzCF@{`bplOW5Cti9Gu=+-TWP-{sGOo&LOljlLE57iK-gUJ$x|7rL
z8y`(=AIf?E-8TzoA+=y%)LWUn;nr;eEc)O#H?l_2LC~UFZ+Z?9GYDen)F(Ir`b#ap
z{O}1s3wNPph`XIFRG1JBw%#ELJnRP;?ClP+*O|hdQbtpABk^+=L}VOrsNQ1+aA*23
z^nf)2kh`Q<?~n@1B_uIL;&7s0LI&E$!)jgJO%gtu5_VN6d_4Y$nro0OQ?~oSLi!zR
zYQ2(au}_eq%3an7_EZM{;J--<b%O8UJ~AL_BZ%Z@sLY~;^EVd=BeI}6-J*Q@XMf3)
zhqDn_WVvVHuBfpUkkCnt;i*vY=TEPKIe`F%(51&S<AL?Zvp^@RG2)7>3M3>5d^BBP
zvy>4`IHf}uc50-KK08S%D&G1!@qbp{TfxwY{PRkE-si}xhcj972lL%<hM~D5WG;Z?
zOGE$9yZaYvoE@72Z#su2Y@q#ATraV`K<J7m%kN)fSzi1Es%&XC<iDqa^q0N7Vb-MB
zFs~b6oAM8B?w;8#OHEa(QRly(_mk)!xnUkJ!9wPVCD-ZMpMjxU2bp(^BqqX1Oyg>)
zzHI+!8v$-_x)-z^P|`)ONUSsR9A4q#k76~QK@F}EG;RUU^N?p>Pv850CpS04_5j->
zs!ae*rg8n{$8P8N?m;|{6TI8G8zML4pZtF(Zt|Bnc>NL&=zlKhcQ?G;v%eYlJ-;aj
zQ`@7d1!3}bTCaz>(~|e}c9v&Hxs6ympDXl0Iz=01JO&)Qte*w9@}#e3JV!19E2jT$
zpEvS3^ClBuJ5zd%O7yJ$bf=?b&)gB^>$S&+2qwt?B=AyP!(0t8zrS~(hrWr+w++Uy
zYw?qtwy)CRaNyjNrfXHebKT!?aNhhKBybG`CFJD3j6Nl0b_$oI6U``4Jp5@yiPDA^
zP&P%e)}M5iP|Kvlxt~~-v+p$N`z1BEm4mDasT57W7QX5I46R>_++oMBDL6VGeI*FV
z9jXA2nuVGI3!Q5W$jvo0zwZB@JP_Ls$o4#K0IdA?Ol*o3as9U0-u+X1UL_h#P;GmU
zmlh%RfU!NL^=gb)(J}SLe50!bn7XYNq$RqpQa4kMD&useu>W>@gew#KeOMvZY5>Y>
z&V@GQz684gF3w(F{$<YqdA`R>K+5$(5L4|JVciQLs1f4tcgkOvUyv1Vs$&?7AJo5e
zF4uJe3@#DhtYmoth+O`u9Vsfe=fC^EXxDzv6BML#0-0X`Fu4JMgOd9HZ$OjyR^S5o
zz-wHfcEkmnL~tUEcn)BMc`&5MzDRhYDJxPTTwpI!qQeS$ZQ#O#T~$^h`91$_;ObRC
zNb(|ts2;g)%GNsF7vSNT%;)>4ss6Fw?l{vBfOy(5jdVN3y*3ue0nz3F_bJ<WLVqX-
zRc4#0pQx*}CB?-@N*s|BqXpL~)ACj@8`1NoG-IRNL=JQOl9z>Enqt2^q?Pooh)gQL
z{@4gGoP7f1=ji7cnjZzsLA-zdlgQ(K0yxIE_SHXs*<E}Pf(U?3GIyOM78|AtJnoxP
zNmS~HUQaogS!dZ7K$5fX=(pn!jaJx&fi|HJN!J_WiqV+%wFoa7_9Yf7{^4AwFU4--
zSu*hSrZG@8>}%<(8ONKz=hTF8uDPR_34X~+d1w+SnKK%%>P*BFVC{i6J(vFW`SQ4g
z=)`az&ljxVeGJyqJn{Bf7*p>N6JNDvsVkVg=kKawP2N^MNDlVAb$#J;s#aQ-)wuL-
z;wIzjO3dV3uz!<LnGa8M=BiBf)6QR*VQ<Z2!zexKqg`U<oO6L%{KOKV{iZ#`joKjz
z(yL{i)|~NZQL<}O%5`DS&Z~dU&s_+Rn_r)r|5Kw{`^l#KR!PawdaBAYk-h30Dz<7p
zZydQ?<<-_0(z<V<`JDIePspC&UCQB8YCURkhMqqPUbf~dBjI)CD_|Ypda>*q#Ir85
z_MNv`?IGQ2(fUnL`*byovnr$bm_l%UX_Yv}I=x=JnkzEdI$h)%Hx8K|4M4|}AkY(o
z9riCS=lS+<boTa6ivsWq-d?`$$MLZq1@N1=o#0(I7~;Qlhc)cuntV}g+yWK*6_=KW
z`2G`^;0#vb23>9J&E`#c5jxM6FHm>HO~P{yA)!`VzHk^-gs#<6`Cyx_ItO~oBgWWw
zy99l(wH?wO(KY1BjMi2AnmGQ+ZWV+$G*s7Ov4(7k_h#IxZ4v3kKqbGCHepkRklCqk
z&2^;vE9Ne+=3cF4{PD+?X6jKR`8dAARGwloD-XMvdX~C2vGUScdhdJ+ht4<-BH#NQ
zMr)#Zaz&V7zalJEY^uRxmbEmxLMx87YC<dCe2#QYU58Cyne42yQpJ;6_ydC^q66I7
z9kg1KV>Z!%&-<Ru<$eNFqOUjgWH@;28Dt5zq7wGJf70<0_Dqpw1=bu9V+JSp#OIan
z1W^C<K0Y7&NqB~tj)@Hb{C%sO1N0_YqyYlp4FdimtP^~NJfGjz4C{Aq{@a~3815t(
zgHAoQj1i$(>T2j|__jPfc}b$cn<e#rf;x$O31;)_6`Z{DV>@x7`0*6)ypa~ZLF`?F
zH(jTmjms|Jy~R&U+RS2K%SgOMzr_<<kku|R7HFJ>s8(^eRy2vgd%9QbNIde+&61+i
zsU(Ux+2E-#o*55g|7u+iyXK}nu3NBvJ+6O`Kj+W?4)#gLodcrnqcWX86AbW@Xf6xL
zBolw5s(1~ZHnC92^7L-wa*}H9AYxO!AoSHbs2JjSutaaPtb;b&NJ(ztsy>z4=sb!(
z>BPwz9fUo@-LxQXQ@bcOp9Kg=H&~zY;oY}-=4G1S-yBkdzG!>Wr}vj=<1J|YWf$}z
zh=0`~(H3j&@EBa~-$pjz%?~ZmcIg-VEo-Aco%?E!u^-ObH0mM)ZrhghC@l$#Pentk
z?gV1FYT<5OGmXz*-K+$3+NCj^WfHNDd(G?8c(sR(%Kz6U|7n*Gw~*5R8nqvn`OAlS
zu{ze#knCGmj{S*A^od}Rp(kQPW3YPpu;cFH^|txDV1IrGuqW8dw|Kvw?KySWZ!z0A
z2T}ZMd>x0EA-ebFuGVyb!1>RDgoc@ECrts@i(9a<2g9E4+SZcOxesPUy#CLVY^fip
zbRGf=`rE7}+^37wfN(nw(J8rdupul-(U|CzaDGQqMZ04Sdsx^=n}#VGGI?9>cbUN9
z39K+T0PDCl&m(E0>9*Cr)U~QJFRMX+W1`+*WkGGB+TmC)lVfu!9fh-rT?TWO9aEe)
z60;uA?(gOCasMb7@QD@iWmc}aMpful-l6oUpNrZXOlb|90nu<d>(EXpxbOS^`gZy}
z&M6q+|8c}9=>O@2aVwyd!=GQ2smXdPGDFK%1)3qvH#lre8UN60%E3XGKjmG_s!DOM
zU-!wS9JQ9d51A~uMV?*m9ER1@8(c``Kvo!eg?46hQh39&0V8U$vYUEuq=9XK*>0n+
z-Rz_9ehcJ-j4kjq%R6E-WjkCqJ5gmo-_B0TI5E*|`j4fDtN+uWhn;>nd+t3-ei8V*
z?5J4vr%t`pmURFcc!mP8l8_aeWUC-e;Ngi(t8Ajy-&yBI1Mo0v#1W;T4bNU&CSH|y
zvlEKWkk7uDW*D$K;%4i*i&J7{8{$A~u5EwC=K1^4psC1fR>Jm#v?Gi45qT7Uv+}ZE
z*Er?qZ0JoBv9PoLCTS9y|H8s>?)&Sy*$=x)qX(8u@`6uL#YfC`L0SC5N>J9OGxn7+
zkcvEoe;RREN3Cq&L~DAR%An`F+imZ%wGZl<)a20D2o7j`-n|yEdZT2y&0A_{6;~C{
z%Eo!EIVnF=gV`biYQu8qPU{*g@=O9dIE&um2E+x~KYEb;eYqWeQRXsyvxlSu-8nfg
zAEYa7DT@VNt1w*1DIK$?vM$6IL0dBT(&!#+3Z}YjTJJi19doBXa$bN$@4wyyP5Rn|
zT6JRQNXCkqerLsTQJl=`YARz~%W_3LKc&>3s3-%Td64H)ZhWO1{K@XA4Qn(zQ;k5Y
zzJ0hVjNe*ve}+=ZsFbJ>8mxu~!ZHpWlxyPOJFV|QeMKyoZ|%SK*(3SsTlS{?_(*X7
z*m-(3e0)afH-4DMH+=@cdS5{|SAWY*TzwN{n46n}$owE=oM(LcO2GBXvpxYx%{R_{
z6}kjmIo>1?f|!GM=l&z@Epweq=$(F3&Nw9HzjS7(x-HflT=V^@YRJvLXZ1+snIR0H
z+o}iHd!_Ix2#U@Xa=+Oo-&;II&dd`O`ih-{mZUMU)(CD@Be?9JPgK-?t|H2dlNk&a
z1i6h5-!5lhfZd`a{0)keVOXj+QgUYlGOO&pi`^#`f8+pBO552`L}_rr{g9?-xKc~b
zWfp&`5riUF<Af;v6QI)%^&Atm#(28U=o|vk;@?=}ugp{e$w34DE^e=cAk?41rr)1o
z`E{uD^xx0S&oL==`ZEmsClGNK-bbC^#TOF^HY$#vV?GP6`u&}jT)z&*E-@pD409~M
zOw#;+%A#9>ncIVvnXH9uu%@lB!hU%h4gc0;hLJD>xW&RP!mF{UpjpzB-p_qo{d6Qt
zR%17>z~P5C2BsAbGilVBo-@UQ;2!}EGbv;fggaFYGa*O}E*N7qKgGCQkN&^svFD07
zrf}x4^e%3dfU&?h*9!P=GCxE9tn=Z2>&)?2X8UiQUSA}FR3G(*dTjh~M<Nl%c+vh&
zPFTiR<k}7z0p@Py;GfYFg->+WnOytgPMWlcDx~;}W|=A$ga|w4Woq<mvOXn>kadPN
z^9{s^vNeh?dNrIXf{f^wtf_AFYiIWEnxkE7Ynt97mjxr<?o2Q8HJp!6vYA@>erOUg
z&z;%3%8mX+7RDMBYZe5t+*F-;xN&}{SMdDKN)($mIf4sCemCYGYAu9Qz@e*??$<_)
zf@TdKzy0d*u9}DYTJ`d~H}z95w+8!`i0(pAE;k1^I2-q7fVR!|m?}rTtrA>2uD3?t
zYc{t3@0T58ER6!Z6UzVpzcX{^z|N)h18n|xm6*E(J5Y5CxG;o!FW>y=XHZml`ZCP+
zyx0Y#X8!U6&gcWOjbH@&;67f%?+2!9u6jZ@if{tgGT%BeMcV<!=r#X55l#Pvi~sDy
zXz1Rgp#r&40V;xP+HPA`iYnYPNV~wO+&ygE2{J!Az&C$>q|4`;f+F-$kbsHOVjaeJ
za2B}>TNiK6G1qvY?q4|59>3;_>`|+(EwyNlhdf>1V5igL9cAYgg&!N%vp@gvBG@eb
zr*{ATN0UHg_&EES@ci@FKCbu0CgA5luvj1WjnDD!U^nExvxiwNh5Hs^d>qrMpz|W!
z9wx*?W4kvb$I_!WU+=K@B}H8*__~I5Pw0CQJiqurD4bpRvyE^AZb3fLEa=cH05XRt
zGJ#Uvy10A_oWmJhYFhO4=bX1aML!eE9jy+iBUr0wYB?&ru_HEDxpJa*5Kut!^m|08
zfB`Z$I#<;sf}#ZD>f=_<v>s5JQ)H|Pd%sCc<Q*<=)2kyFQS5t)+B%p{2Sb`lSQu`y
zR)1v5^Xi<v5aQAA@aa5&IOX+{<#4)C%1Dt6Y2MQ&>;d{R2w1qKL=h2QuhL%bR8?P&
zRN~gaAPCW5ery-A5wnDCQOMC?D=VAlaym{dqc3wty+I(prKEE_rW836Ikfpj*3W6`
zpcBMdpl%*v25+0)aYT!hvz!7Ne1kmds}s_6w~AqziRNM};scQc)BufKL=vgH*|SQ(
zu<XaQ(cD7kP<?h%6b=iI>4SiY3B$nP{YAcb*mA43!iJ~=H|K%Fz`y~I`KOXB4ikrw
z&A_r}qt44%nmVA1%^*jPh9(P^fucJW1Jp*k#WT<u<uZ75QtVgQ7)%^G4sBZkdN~X&
zgzPVIqY^YtHbjk_8#av`dn{T8HVrl)TGy0u0>PNE05T5naTfOh2L5m6%g^!6w@vMr
z&xlu<@c`R{%4h&p_R($>Sd_<|8`uPaSYXPC=SXwS#>(C#S3=Wj5vjln_hGT^T5=;H
z5po;@;+AY_!s{ngcdY2T82$lrHK?9RAqUq3zoQ>K#I@~R9hLWqPsl9IY*=;uMzm!C
zj=u0NjoRPQvOYtOXFvYuxXgF+3<cT+0QjZ*&)mW0vVmC-`ytOTzgoTnc+M{$_p`mM
zF96~$HM2l=5VqrRo{Dr&#HM5VoDk7z@omruBNS9wpDfFPZ}B|jG%(m@XOd^aKRM|U
zTIZLS7;UyIKlbKC$Vjgz$|I<)TE_l-o`9C^g9rekn6<e^F<gH?3~o1yydiVIaG?Nt
zj5i|sEDDaMomC0<r1)ph0&fTj>K`9dxN<yjK6cJxw6#)gi+$|~)pHie$J9H8E|yuo
zk10M`;*1%2pzr6KqxpWncc^%|`CA~#cd7V6hudHApn%W2?Q-0sbi#ml&lL^--=vFi
zhXf^?t)O!AhG3M;i!)W3?87zM>A5nkNRRN3_@qf}8mx-RndK(#gZCyTmKXrb&Skx|
zO?|_=qHjZUg~XHX$g~JQvH6-$!tyiB%}>H~O3-V-?uhCMV0PyI=GDgyB(eADBif`L
zd45$62nBt^F2d2A-U{+gfH#meS^xB|c1o^7F1dmPG?$3<6}J26A|+_DQZ#{}5N~nj
z@I4uBU(y9Xb33dNy431cwh7c;ij&^pAH0TGHMEWo#lTign_S;4ohD^g&`XBW3}yVO
z-R!o_(X|d-y9@%M$@&tAF6%Q-W>@Su#?g^^6=7E9ztGI}B0o0mw}qTu%A8(_-D2aa
z2=l-E#(z_-3C`kH_~zJIZ=qT1MIWh7|C(D8WHtW_YhEw+LVNr-XHAe*`Y){XY?05M
z^WEfQe(0VM&w0fSseB{H>1#UnH6eL$bX1z-`{+sK=lwmdj0H%|-QS1>>_pptRe6^l
z3A_;96w@`4GS3rn3rrGzXTyy`sYlSb!is5-tQh|b7XQt^T1eu9PxCwH!n9ywSx=iM
zS@sZfrekJl{KD*ljsdsA#3!qkl~FfMel4@gsZTH0O9ChZx*AqFR!<cOS>+L$JCH$$
zqbpsD9tqb7b0fp4z)0f-(ig2E9J}Ejzo~p6Q~<Trh@n8SVFd|zknd2@*oPTxDD6+;
ztKLIcbQ75AD<umzC`BP!=1v|=wY2L<TlySMR+)}Jc|UX?l4~IuCk0F78evN?Fih2S
zDJp+-thRD5aW!Y~1-!DfBL^9q5$vDy>2!?<lGE+aF7j?9?K+!oyS7}W!T97~tuQ8Q
z`yU-2^`_3N2lIL+t0vN|AOASeC{^i8&A+R0I8Np!q-H62S!ATNPqY)rnLZ5@vy;Vz
z`INPaJzbPOh2^#dhC0Y>$+_}yi^2l+)|xn_1Q6M~p--T_S`oGKC?rGP21DMi!KP||
z8#23;0A=GYHnUr5?NikFjF<qakR7P(X%oM#4HY97746w;${aDEHd7$2<NtALP+SF$
z<*I<nz~@5utaID}iFa_hg0>xx_l%L5gALe)b8HU0&SBeDFZR%q8t4eomf~+(GMeph
zL!_n>VdM4=$LZZnY*SzZH8c$I$A_9`SnwNY1j%B{uwqJ{e$bpLp>D$Z9X84yYlk`p
z;)x=3TJc5&NqPU9g{xG!Ov#e;Za4?6eq|sJO}Z50a1!8ha1>vxhzW->E$DZN&IJrW
z<hpb6yY^Ud{3&IF+`1O2QRr2%=-@Enod@48WZS}>Q9vpI_DKNp!DqIG9ShiuT$lPp
z<zsySJVAzBeJNU4l>gj_*q|zke`>OgccZ?Sq5|+#fHLAdi>f6@7Y~DFL)3)n7i?~g
zxHMbhUCGu7B%Q^ZbKnj^T+HI2s+jq3<KUxBBPC9dqYH$pQSCpl367I5*PO6;I$pl=
z5F!<gH!9!_fDY?=E8DU_h9yY-OBfVjA{5B8!V#)?g}O6oNfUkHHKJM3YTivFbIvT|
zFX(bg5j8GXJFBZz8RtUua?ZS+ZoUt9o}y%Xxj37+I1e(H<|*>PzXGO^m&5Wjhe5Tj
z0o^@({M@rYRP2v=65xQU7zSWu9^V43;1Ars1FG8ezxKN12cn@pZCbw-P0y-m!RqB_
z^p2ud8AR~LN3GWU!2h>#n~`x=a^}<rl#grDTbL;CPdrkMzm`nhvOmbDE!|>ErC8MW
z2I7^sj|9ud|Ml_r@4jJQU;x!xoF-Y~KHy_I{b+|bkA^A$J>2}%0{8%_J5qwN6&OK5
z--w|@WJ=Ld4B51Zvexn?An<h8p;)<k*Qd``DiH_sZILvMTBkwvGZhL5g)|5|kum6?
z*0m=Aln~xIp<=KR6)*2D(oC#m$_OJL8#pYS<XZa6BbTxP)I1L}O8oEh{=+C;o!B_j
zK(&pMw*X0VM;1=@Z%R_+qz9l%+Wwuez?3HthXz1FMk2jL!XDBk{~to6ma^6$a=HRx
zGtz=49Jx#(h;XP*5LP0`sO?hcC3O2AB!$CieCRbx2or8DC`3P>w9OUI3WrT^$ST-_
zC6Kv08KJPECZ>}~<&@XP5m{1{(Pi6B2o2dgMQh;_`nzV84G1|60_sAZNVHi|bxn92
zAu;twhwl<*ncO~8yvda%*qIj;wk54jO|ibb&rU}W8S+se2n8Xg>*6>V>E7PcgX6(H
z49hq+H6+nU6cij~^z++&cVLO-ggN%*kFmH>_e!(}0l}$xCzD#Ro-eHAcSy2Gt_;y5
z;L>DvI^zY_Q4i6G<tV}$RRtPb#FL^oCU%>Qu8wJ;h#{izl9{uSd@F9WF-CPB2_+c<
z&Mz?43`Jo5tpyd{_pXXRC(KYVlD04UXrJn>zVqmbH<b{EfvEc`(BPZdG(;Nvr!dYm
zzq@GMOeZZgqXV{ZNjMyC(Z>|qiL_c-_&3P$<>iunXx?^fYyR*kP11r|L5^^;#N4p>
z9O6WCBlKobM<#u}vdeNsCrbvLu)-W^6B${NBw{9>_P}#4aZz9_5WKms=uLP>x$$tT
zkduPR)G{7<nhgRezbTF}e0794kbydT9T1Q0Uf@5ZZIiJ2E>gSJpxpE5tu+hD=B{HO
zjN=I%<p_Vmr(D6U%KOefh0o0dA3ogeW|Qi-2?L>|v1iaRH<Rs=v-Ta%+taZpG3~fB
z+`&hq32-uPn?U!PfrVmIxuhxDCZ{J2v?efBbW)Ey6XASW;V!U9xx*@KpJ)O7cKgG3
z9sGj59{WkR#fus&p6cIZXpHUr1BGntI3Wn|A;(SFZ!h#Z3mr8TLdA;`3slUYF~&%+
zG)9(Z*VAH}7PuLcLE712ndi!LCBJ$9UNW)w_vIDi;&L!oLzte~&cOU#RdcMTkS6^E
zCjBhJtxr|AOxfp}syDf8MS8lt=`~Ms8_uqe>RaFRqsQ(dZ#RT>w5R>3pY*r&2W?Yf
zy8;fqpx1&gvWkBtbKCeQ_O6iloIQUAvFMAABZg~BLt9;j^cFe44(3~>obI@a66IL|
z_Ilygw6y1T@XK?Pi>v6I0J7Xr6+;V~BTJxk;zUBr9^af9sLzIU%-T%~egfwsxlQip
z$}Nl8<Z`EE?iInBi&?{_88coH_bOKQk8c=3SWm`2XjnxeRV@;JmdMk8m#^)XNwt?n
zMLNJ+a%4JOFR(Wn(}!UnV5C<j9LQT>aqdA$<X@<Xpt!<g>#a8U?$%>vZerdh^E!RH
zvTxJ_R~3J1;)`EU;r_R|x*V88!JB`c5P?%QwJVUcW4?ETpgxZd*_0SB@0T(JJrPl~
zjDyzKl{!*DP}tpVkZ)djfUza!<5YK|CzYVBi70F6gLcXJq@CDPk=2|{Te7~8SW!#R
zVs)l9!Yn~s)9#`pVvsU>qLzM9&FCS{y`#kZ3-Ut+RIgYT@9~v%FeG;pQ&3(R_Gwbj
zx{G#V580#VMdhbjTe4GWd8G+-m;JKMW`o{>nOLZBx2(YU%Xtgk53fGSy~{LNgtO0)
z+`<4+;Irror^-2E5*WL7Pyt<E6H6DLN>Ltz;|gtoZBOGmB$h5w{-K8L+$bL6prN>S
z^<FvDJQRi(qSK!Vp&O0`ZwCo$*Kg8B)j}R)ZMkh@S=>ik0^*rLlv#%$|I78B-%F77
zK&+>YU`O`7+2)TylMv1e$2Dg?IKyP=il>9o&j<_=5DWnM@LT8rQM`GH9)=oI7%QPo
zr~)YEHYBB=Ae)EpvXwz=gj+C~5pMZnliKFxWdD9}fsm+MAxr>dFFeC{6zu_6#^6)^
z(*8e6?5@yk>@k^v2rN)o-3x?-1NK1ufyR(2I*QE0ZuqXt`7mq**SSBG{!j}sPEwt6
zynWu=a9tW(JhCmY^6|Htt7Sk_9G>80<uhS?*o%eCXH3kJ<X5$E92ahJtn$N|2V80>
z^aGH`i9VTAqF=9+*dSboksw!lq+^XJ9f9(Z4!Q#^$R!t_smD?1!?RSA+Smou=YD&9
z$YRx)n&i4aULi|*w$%qIlmc=<q4ak?e}|THTyQWBJV!8u;C_z*96UwnApj{|bek08
ziQBj=LrE!Dn{?x+U&16V3etjd1u5kBwV&7g^sqH~a0;B7yN!ikgmDw3m4z#nz(C6q
zLaQuXrcOvpnE-j$Q`IS!*905h6~V^2ui*Uoz_@&z0u6{8Z^+Y!kilO!{Up^|pq;F$
zJ@n)v^j=W4C;zYn7d#k6w1wzh0V?+kJ+}r-=uX!@dxKOLFhz6%Xw2hZ8f(K-=h?Nz
z*KYb@cJhw8z@~pl?3n_|r4|NS2?t6A>_23_B>2&~PQe!Kea+sSJRLY?^_&9e>QiqJ
zyhEBpU$0e0A{FIFj%z>6?4CZpzDGARKl}G@ExrYDbMl}2adPzY4B;RwEY2tmpA{M2
z%g+phz9}FEEbx}<-(}lV$?J#{v^d5Y^T4h06Tu}?xDLD)@dP#739C3Ma(u2XUNeRw
z_OKqK1fQ^rD4e*RJ9};foWgkT#ZE$H)}(i?{o(p?htks>9rrjH=OfOqN(7PeYlH(l
zy_PuV=NAvUlNW&qco#-VN4R7i_i;%c-S;;Z<TYrH6HLb~9HO>_($<Iv?AMzMqxv9j
z^@J+OQ&3R8sW=HFHYAKfsgD9lEQ636?H-5_vyA@TTxd%*7jep#NaKxrFy|8}CSJSF
zLYL(H#P=>Vf;Rf#`8sL3_I}-iWqHgS;Dy)|O_DhVq-1;sM6$@~IlAFfZ}f65goxVy
zibqb4_PkTM&FAtKL|g96^6!>RF@Ys-(eo-vCO#ur<Q%yt5-)hZ(5ZPb=-+lgcP-EL
z0eqzQ{(N@RM;$PO!=;grE96d^l~MQvLT#abi>9pF)ztyJ%Wt<MS)#|gYWmY6a=78E
zD_9THSE}=c5Fm8<f}135utJN6PGa{H@^uf_xq;iO;QgbM6Q^WDbmIjqqux=uzd^P1
z8Sgr1!Q!d^tL1#K<2{$t?M>DXp})g+yy&Lr;7TQIbh%8BctvjMq6be(GN<%Gf_ZGB
zC~gk{mZDW!c(h(eQM-F$`vu`$6_h6S33NAauC3=@GCspp8jShKzRrBP#9=naQQP(>
zI(EwTQbZM#loq@a@5p|DPCWTbZc~yYn*OLOLeN1VN}WLrrOqm|JQ^?9E)SWint9<!
z=B#;Xze1=eI3(*Hv2jtpC<-O=>+}>A$_qm2DV@<#WowTG#ET2Olz6I$DqAQzBNRwg
zf$Lx-Z3@USD(v{BLs1h4VCF3_`JgjojtE&yQK|0XLMZ+)%ft_;I?yuL%0<@j81=Pi
z1O6)Q4aaJx%Bg{k7dtca7$p;1)NhlQo47Q~g`)1Z&&=D`@rb~G-N^Z-n4dQ1(0S@`
zu-th(OG$=WS$WjcCUM_xO&J;(`$&hW+&sLQsGlHq<*6r0qc3&)QSD9Qb9%T}8@WIP
z>%6&6a5bjX)-ji-rzYwuvnmgtTbr+G4VlfW`r3~x17&h{yGR;r{0t<Zx7l^F1irb=
z=wd|VSI1$_7ic#BRGB*13w+fpa_J55rcsx#Hsz{MpFSjs6C={bNi*{U7zY`%on5#$
z;Ol9)U}VF~QHJ}?BCJEh?<ynebWx>hH7GB}p7(1>mmdWsdztzBci)!`D22$u#+;(J
zvY2eVzuTBOu(jbJdLLo-B_;aA0=H`hvP4AK4ha|zX~1oX7wGA#oZ6*3bpIl1BR*A8
zqzmnb<zV9i8?82Dg{<y(BMf&NU$2QDiWDv@F)<X2AKm{sY&;HMZxh7=OtxQpOXX0P
zFnbPTefrm}>}LSy8++(AE;@!(MCl=nPsaWs4dk9~M*=o}Dg$d$H)*RulKI9N{Y(|Q
z^aMJt4jy4fCUXV}hl&(gtyIGtHp(Zabt5~%I%uT*1(MJ(&E*>6D^w)}$07^bKh>KI
zQtN+9{z?Eh6-e7Gk?qYwswe?c+rUeLQ-uIi1%@go*x02Vx@5+tWL2QUuLRwa`Cdbn
zuLP_x*&gKSH;;Vr?hU~uKHapqky0Wex=bv(oRB~vvZgnIhOszM5@hu}5W2LZ9wdu8
zA@tfNH(~k<QnQ2WA84V$EKr4`8wXB4ikPL~zA?#4cD5oRWs0NyFON@Fg7t~MblM_h
z>tU$WZmA+18&5V}5cj<u-z-4%0CHjL4V2uj2-c2_mcRO+sk&??enARnlxEWh9U&RH
z5iAs=Q{w0(8<Id<SHxkatd8)hYu>9YG~w|0!-ZeVkMJ%du>}yO*hSzb%ps@<*X8H4
z_4T^72uhrbbxx49Zp#HdUQAg_5A<CyT}vxhGXD&NNFALK;s*=%8T*<!DJ!!g*Tlsv
ze>v9|bYV|grcDF>NAS@!_s>iLezbmPuiujZXMcCEqQ`#QL$9n%0C~o*+%Iv9fK7v!
zbluTVqufqI)6q>nPtA35t|Kp}*Q_FpEBo&ZBlycJ=8t@Sii`^jqs1L&&ftJdq+@`j
z?Y^*}u`X3*evh~P&C+4Sfs#~I<!T4&5Y3qjg>Mc~VlK4N7837-452Ur{p<OO&s&o(
zr`hZLnQ+2hQk6G{X$Nli%&u>s6Qf~V5y#(r$~t|w-(3@CKe<t*lx5AoI8<tGe8A(Q
zuk@(GM7tb(>zA(WN$o4%%`)g&5B>v{>%;lT2;N3W2cro1MYxN43p{TXS$qj6H@qhe
zd5MIihC_UvcX<%L<$NBhd96hdvoaLh_vUYf`_~2I`X=`B(=I#a6I*i?%Hzd8>f$mE
zo{C3KT*6>mbN4E!ea8dKqOe%;ObRIzUyr(;frT$Q*Ymz%cC9XDok;~3qgvm>G(>Vx
zm=qrbLHVa9o8XLVuuyU~++tJ-ODm_ZK~jS?uYOs_##mwSLwh7kGmlfWcubz81TKm5
z3G$ve(iE7*G{Wi(Zi9l~LQW)-m#~P7%mc&m<Yk1%@67HytRnJzPaI!N2^5L}?<d<C
zW5z}*27#B?K<-t1e!AF1WdunLTc@>orX(`()^Ss~jqk1zY^(U-<!~za$h|BVPYh9T
z{zsoCxF>P@_h)=A0$Ut_b0GtA44yum&s#Zqrnl})5nKP@!=)}w-Ib;M@nC2~(p4d!
zQ!7IMb^WH7`cAu>hdP1b=m$c#>72_`Yi*1$t5J&vM6DAQT)o8!*4kaWQx$KoU70&h
zjuTt6VArbnRM0vA*Kr+X!KRq{l3<;xR2}+JfMRV}`H-rz4?c4Ckdd|2t#QT<AK&*U
zRG|HI*S*%JsvNuPln-G=f06y{xxhY&wB=t*r?*S7Uqz~S^GgZEJ~vbAo1_f1S&Y?m
zRgK1P&MVHiQDUVB$2O22YIS!IY$a_8*mt%dx|<0eH-(hrX>8mVR8K}VxtR<?%dLUp
zV**yWogJqY5jL3RDw+4Z<Np6t_23POwKLpf9g#M7b943DuG3=AKkRI~R@BT}sm+=h
zE3wI`vz}>u0B$opZvAuP@N@p6QApwH`G7pVoP3M<0E4`|{ENr@Y)|VPz|2ge08|xX
zu>Czz#qpTFfOV!e!~4t$a8BpU%o}UN-RKvG1Vcaw)i|lGNW8!A6H{t#jhC{v7dWJ`
zg5;sG*;-4LlfbWccBT_PAl5vnOb`tt_@_6pPCdU#>EI-x5#hnLxRxX!_n@cj2WZzp
zv-<irYYofOsyT}H=q9=3E-rFOY;z!lsCjVqCMp@-c4X~v>q#jzj>9&%aJfUB8K$UP
z=M#~HlZuvK<YKjZ0iTrEZG&K}3S($IV}=5*+--}>{p*CTV1I2UV#rttwkqJ`Ll529
zZn5Bhbe$7O=~5@_klR6Vz*V>Zo7v@wb5Y@10J}KvO=|pz#v?uuw@RDWZh5#We0i#)
zxAWR%2=sj=gc^LsYT*0sXy({52;Z)BdKbh>E0A>uQquGL=`J5{4>&k`pgo)rfHEj*
zQ7mws^ENsJt+;pPh=(~AbplA7rE3zzI-&(~&*_c-i4TmrDezX}OqP}e7WHpjBPowh
z0u>&q?A`)(F+2YR7uHj*dXXC+*}|}yZqJFRmRJBx?K-H3355!<;ve~Rr=|Ud;!vEZ
zdrlD7VG5YvfKw)ih4jfl!=UC)qGF>Yn`K$j(b?|y<HEARRN69SlK>@?$V6URCtbC}
zY%X|7y6<bZm;hSyPMsk_R-)(<@b5(+*PtInk>>f&*9Ov&Db#rm{rhyNKW<NA=XyWn
ze(GLQj&2D&yHoV}f@Q0wW$Mni|MeeT^s-<*Xf@b^Ej_I=WLsD$jH+XkJ&{Y%v8oYe
zAfen^r1}gIQw2>JN;9GdW^30Qe{h3-Vo?Uchu$8_+jkr|7>8-8J7d(_NhuFQ-rN@{
zE=F_pot}@#iV%I^Ey4vu0h69O$f}Bpv{~HbSwhMRPX`Go8-m%HqB8~gLn9A3OQs(p
z<=hEindS2P!H*V9f}!lHPV%k@xsC4BF}xoVFN9P{Thr{`L31Upt>@~y#I?TEk(_fC
zjJi-foA@K#bvyov!CwOf;82BRtGfcK&oze!RuK=l&Cl0ISh@$4hYV)M1NJ9WdA|h(
z$KQzp1)v(@LVz4d6h76NO^S{rN8d1<#YGU6V4t>l1Ja24pPmYXL%7uv^FPTIFiq2i
z{S3{G7r)x_WRGW>C|vut-u!ajc-sEn$7-`3EX=+N$~Ipfm-_LnD+G1BI^N7+;%T<v
zxo?VUPt3q`?9u$yF0W^KeYM?={)o;?-3TBa5LAFg44iKQC@4Z~KJHssq;Gxy5V70e
zF=w9e?)hwyE%F{69J_HwHJk1^zO~A2x;?fnv+hhBx_p0Qwyl4!UT#|~UW#*UzO&EP
zB%#)xiM#f$Z%*#C<Z&lwouJRCEGx9O%DX7A+@#5Kk)LbYw~1Gmfa_F^T-V{)%GMU(
zGcT<**qi(Bw2ACCSeU)!$9X!v)N8-&zx_R6O9#k))?D|)^SNvWa2$FsE8<3WCw|f5
z<lBxdS6^aF#4gQcQmw&1lvBnP>~d1tjkMBxDYccvy&i@i`<N8|3k?uj$XaVAPbPoy
ziE$_gG0i_qSVXQq2g|)x;m#x#2@<7J$&`aQ8yKvcN514YEM%v8KR{7Hok?VZ0<Q*|
zA!D4<gjv#w!5LCpqi|Y95}1|I-HkF(_mGj(#aEYncnDiUS|o$zeBKcahrmbf5=1V1
zl)hCo>CHy<LTPIQQbb!~@wG7JGMDj&Y^GMTm%sxffa-0AZozUqK!Zarh|EMaeG5j^
zpr8A~vq6)38j;N$o`o*FAznT}is&q@8hOLdGH4g896|cW#I4Y>d{M9nmHFBAoVNq9
z(%u)^4)LdvR{g%1m+g8Y8P%@AQ}f&2k4&(jU8GfH4RQHEB6?kbat4j|Z?hHZ{zV)#
z_O?{j*T(%yDy;sZ5vNn$A68$ZPR4H3a~+PN@fp&dn9l9@rMezQs%FdVSRE@CHb;CC
z$IZw9vSZD21&2uW$4G;&*znr8yzDmQd~m~ga3-aFbQ>(8z76R%ToYha?}ZWH(rpcn
z!yF{YE>%YJJUIkJ;a^#ywu;XGgr-)aY^08n4YeidRuuF(E0NYnHQqrAGCRubp{)Is
zR>D5a4n}bvcumrs&a*0xkgHKGNTHLHsOH0si;)FYo}3PMYmLz?o{uaSfEO)IJjBf7
z57S?x2VPZu$4|YRy409N_d*f4+&Ki5{yVt4?xN5ZJ%jt^_QWdZHu-929h1|?W>>`@
zS4dfs1{1c>Gy$q2m81oUER8XlUy|YZ6`=rIX|8n@8gd+2Y=PlNga$xT5=3gU=5MmA
za|YiteiZX$?x>riCW05y*Ef-g%2`QGYaa1NGeTNq0au1e6Y**Htz~@GUh|hfj2H{-
z!+X*#I#*>=f{ScpWrLbTY+EWKa)IrLgDso?W%bjR;L&|a+h7iT#h_L30h&(gP}LWB
zLLxW29hiR)W-6F4yIAgA$ia!M0B~MYY-3y?x?DC;i%KBO(lRV=9mIL<M!}0M8-fpa
zRA%)+Rb3h3j}a?(p^J-nfZ_qPU}7w`99bSj%Ts?qeF0wdX;`Tq*EnEk<V*9-1|n|=
zasB7ia5BAyd3S*WC&LK~tD!8~Jc*`SBz&SI9H!Ndr}91d0q%U9wfvS?TG0}o9>;4I
zW@%<Z;>!q0+?It+Y~+C^9EtwKe|}+$1#Kn2K%pdxCihGH&lk%N=5feoitLXx?Md{6
zu!!eda^pwMpI}6q#~rr-EPPk+M_8cK9v?CwoO4V{m%7QGM3B5eS+~>lQ4pg;UKE6k
zu4_S<_KMOIoZ)>sr;I8Y8OIp`(>blrskRFNUJy4VKiFncB2?mc7eN+Sd%85D?wh@F
zMSUG?=xJ9xJz2xSRHycOQ`i!Z*Rob33VBaxtP8JL-W7gsYgk?1UzHdGdhgcr)glk*
z#q6G0r{~`u?Q<wLi{0jn)ph9F3Qrm<h2pnkV)a>Jy-2+@weLAa=_h{;C7vLp4>Sv(
zHEIxRpRE_G#p^M8b)M!>dSR`4TgmI!yb)!dPHPGgC&UpK^3DwIGFL5ud+y=Kvwr{V
zys&=63t4cNj&osxJF14ggbTg5+PXP~Q4@*6jBB@U@`}UGs_p*Kg_Uw{`if%OPMcS1
zlNu&d(C~|t9SyMhsrjCHJsElUv>MTjH2@-7sPojM36Yw997JJRkWvs!uM1I1GfEm*
zA>S;k5ET=08c@!K*|O0<rgR2GPA^E#@6aQT!%WvB7f`h?yt%<?99s?qj%~SiThhK0
z(`grQc!t~%?gQs*?kz^_t;7$7=VX74-vDkob@3Qhq4^%b*&$sv;O$9lAJCk1R%!qJ
zqq@04SmpwI*J2l(5I;*5fo*wYnwVL@_F%lXWYpx&pWxL}<<7ntHE~P2e8U|-aBDsS
zcFHW&#Qi|o)J^+m7eu@od+4+3-Tgz@s(w|QTa8reawr_7Hau(xs$BI=zgQACb8Jx6
zmPqQBW&3Iv15$TCPz6?B_Kh5!Hs?12&dSf;zw_hx+^z-fo~^1KFmJv#t&$aRog+*p
z&@&v^XPW|j0!C+oc4{)?$W<--<(qT2h(Ec6(SV7MWFD)vJlRClRwfcb_2cCo>rZ9N
zsy_28KnKX;CH0OUsKB3T=-UdEDQC%`v#+mVc&cLC*(pcuLyFy6nZ|aYB5wjaxT!PX
zqDy`|q9N8WKQ-c8#DBj#kh9aL`(Y&h>a2M#U6xVXx@h@kwlwSK=>qib`@N0F<h|GL
z`Yc+vZy%_?*&$`3@2^N@@nQ4Wn+Lr3UKZy?@8?oduxg7O?MjfEfc!@aF~Cr({keX-
zB>u5jK|v+B^oK{)E@4U)NFx5H(PL>o>Jt}&plW&(|0b!WIc{?0YH9)Nl_fSiq=+h}
zqQ@4GjadBtG4jH0uN{Pn>T-(~MySiy#!J(={?PqB>$2n+x~eFrT=JXwrW;XlsqP}-
zc$AV>KRJxjqH-g&3%Ad*g`Cu0S<&6tIBe%Pi05@{5xs!`%{^C)>qRO}`BKP^Er8Eb
ze+Sq6djR7*&$k7sVicg=DBfcjl#b`+*8=19zg@+C2j_S}qGTl-$RjTpjYxOEP31?s
zQC%{Eky&@z4j$zb^p9!V)Y~7DtMjAR)ZB3SvDkM6x|e&^zM2%qu)V>oSfhqJREItl
z_Jl?ypk8gtXdgM%ka>SI$6T|^KZboHoZ5%ALN{zob4Uqv0sPKC$E1>tm3coZ0Nztx
z$I`_y^LX*HpFH1h>=@YOJJSj5dcm`L(z}Q~{}(Q6=Uttc;2b+9M;@%p&@{yY4qBti
z&Wux$TxDQYT~XGiDIpx9vUVolOci(S-yDi#{R@MYk+Z;mc*jUQ?Ed0&mp+kpTrEk=
zInE<hnbLfrW#4j|d3E2A0c;{EtF_pH4zx5rptI0T8mjB{6K_#PTV$G=?l!~5yIH>x
z28(P|Ty{UH?#dLdS1<W0m_lg18#!GY$Gawbhq;c!Io%KPo65uVNYE2yASPFfpX0xb
zkYJm6K~Y0~L9Q;E(7Ptc7mgF)>z;pid;xf!@mwtTpL_P&^LKq9pZmV#B7Us=^Kzdq
zjNe`<03C()f7ce0{-KBC?(9d{Rh89C_SP6Xq8PqHo_v2MtYH|<KdLjECgn00eyeiy
zXMMM*5}6xe-b0Gq!bQu4-h#F|aUA*k?KVkg-I~AW!sv=5lwHRJG20fs-8#M{{0|(0
zXEG|Io(;+ZO?I9v8rhBnN`be!S>8!Uk+HGpca_ZoWX%LrBYta(f6m7?=NryO1F&=S
z^7P?Y?gcF@FyBAVB=UIf1$iDMCBJP29xOCb-%6NuB0lkiCKB*IIu(8TC^6olx21Bi
zdeM{LQQPdU;sw2$=LghM5nMy~`4CkpfYNwTRkbdC&rA+0fktL2$u*<BU6o2f@eaE|
z6k-h0`n|xq`ILbkK4Ur`Sy@PtoUW}t?a8LSDT_5;Y%e&0!nY5FWYCR@k<%XxfeQ{O
z4}4_tMbV3C0odZd$hKjs{`Hnrmc*};NuaVGD4QB5L;jud!-P_ejtwS&wd0c-zbTSL
z_(9i0U)9fSo4OaA`r)|oPPP|vk&jdrvGi&c_+$^~84tKLv4;Vb8{YL*m*7}W9|u2e
zObPEW`m~F;MpAIN-B3%#t4a4CqsIvdT--iRivdoH4k5S2Kapb$rrT&dzm0mmta|$t
z*pjB!(Fn9EQQYo<bEH-0_GgGJFy{|bqIUV2#yEeQ$k2l65O2_i0mTv>$uGgYNK;dZ
z9<$Se>rifh=NfsiC|Z{qJ<1H)Y!k-<P9OIreoLRK!#16?niQaikfVjD+W;vwQQmW7
zH-h<KTml7y;4(wJf^{8yW(WJTW1mjT0ql%zHC)B0e6}3qE@Cp#td4Y#YR0tVnsF?q
z9ba7c9beRrt~8u9a9bkaS{{~%3~pSl;G1wv&mgqvB!cWL_jUbswubRty-IQSABvfa
zpy(4OAC8I~e+;x9KE@#K0pq;%Cpfpeb4kT<_O-B<`a+i=-L<eaX45{kFoOo?pp@H-
zkS#n7uor<Z@OVuEiFde@jOmU;(~PYO1#ZD+uEFfye<Xj%g3fLIg+_CdPXq_oX-3?H
z25>N|WL?pka4q;o9FuB}u740F9-avwNJJXhjS&%zx9Z`!h&27n2`zKI;iD&PW%hWg
zkC@n}z=+*=i^yz?ax<v|!Fpc%kVO+T!4v)jB*KZfbRC>XV0HSqEC{clzzFVs@o7ER
zOhYq7q-qNkMdI!F5Ivbh_^d)nSk}yA2(IOs3gyPleDhhB^?Zw~>HCT~f?Ee2MIeY-
z9+C5P#h=#whokFCrZi+?xPCZ^Hv$mY`==5mro!;jkTBB5eFJeODjVmA1u1`D=+vT{
zNEqN`mEmbeOOH`(Ihf3-7AIUMCZ1Rc6!$*nkbbllH}0_0-2{emtVTsR?PsB?E`&JE
z?U8C8&h}(vrr{`1sad>0G~j$<8*xXL!J{ZzFEVQy%gF>UvM9QTUDtK7^s&fkU}n1^
zqysTwB6r6zSuCNUiO6VNVV^J|B%ZHm7_265aMbiO7wMgg)WWdaAlUtc^CUp1-Bb7m
z$B*5$og$3jx90FVYOgxG<zTndAZ-~~s2fl`LFbgIP582E$73=lg#^+z%~Imzo8IhN
z?0Leu!V0cBw+xf43dnp(X-&Eeh^!Y5hgAh9+@?k&SYIDRNN1=G`mN2P_d(Hfocv7p
zHt*9Nh7;MayUpaX9y7fdCxh4t-pbC~7@Z71hnqZ84oHMj2}jaL?>F~l5TX95D%f5?
z53)n{2>zc&#UyY!5o(rBesmFSbNu{7b@9yXU<mgJf*LkL^5bd})gI8H^a}@9m#YHF
zkXQ-0`@6LUlSZ0cTr*<>jH1_X%RZbFb<6|x#X6UZ!!`2vPyX||(&hd2Et>hsz>VGI
z8r1{wP)jvFPc>h~*XtE_%9M@_>U%v*>}GLxo*Nz>m@%VC>S~}7_Q3*KE?T23Jhanp
z9f$}7_y16y6o51t(kT2G@xN*#B6Q}|ku))R1mBdlDLBVoh>(~cvwvNN#4l-JW*kKX
zY(;?{|9>y^II5Pb><z!k*}QG>_($$QrKoc-Y^^O`D)ZMRv9CaAO+ktMksEyf=29}C
z$m-*mVVHZ!@x=K?Ycc*gw0PJei8=HcQFEIijBAJj*Ut$=_6N&gCImirITXTPuu{|v
zQARVFmT@r!$vO_~O#=<r7BdYhpKd(Potr5*XCzcLMIXDbdug-!KWv?2aHL=OrsIii
zXJXsNBoo`VCN?{^HL;xuCbn&RV%tu7`}g14{jjz5R`vV2tNWZf=f?HSLVI3}zo+#k
z5<a`v-J(4mN&EZ!3!)l%E??3H<Q)h}<55s)0%AgrW5xOrk@yz1$Vn|cglYeBeS;ki
z<v_M4{ATE4L_XRIRSx!CmlZPNy;{~R;tejg7@&qj77aei>-<B}tP&xfB`o|2QzSAm
zK(H6fyeDZjZ0#S-kkuFlj}1bZ6%-u{lLXd}Pbwu!a5|Ttr=F44vWLBg4~naj4v=sn
zC(NsTonKxPa-xj2EzYxSZ(&NMV*Y0YG^L8P&TTnq=SyW2njXY#SFJfac_Fx8Bog{&
z$Mc8<BXAGeb=SFNxoCUS9$e05c(cusa9)4?&~tSJ6tJ9j$lZO*egRJFk8TGh>1-;$
z4CSIEablV9^*P$DT(w!-I~Pw1bL74uGymsr#f&5?BF5Qzr-Od7{9j*S!ypf(_xFOj
zaPR~w8BQ-*o79dukbvxP@7^!?{>IbL(y3Rv?#>3;Ej?Elv|#gg>Y*-RVW8$jiVH$s
z<MfILkEM|RDiIL&y*s^N@vsT@AjR!9_>~@q^WPqhyz+^tJwCc2=yJg$KR0cFpHL)F
z^r+@(G0H>7AtJ#I_FhF;HS!QPwyHm;i(RSG&Yh7-Hm69&P8Ee^LK<OMfukrJp|_KQ
zP=xqGDkry2L3sZm9iaWRXg=ti8P0Hi#Jns@Al9X$6xf1ew1Wbo;$SW;5>!rRVGh5)
zAEEu;^=X93hOcRzzH^7D3Q9yV5Y?b&hf5Fikth@C)vr*dNR&w-z{F>t^BEDz{ZuT-
z>928o_eX9;n5#iD2ux-Rm|(gBNrT`->$mQsTF>;(usL7wK#B*LIJ9@^PEGa}87J*n
zpR5r<PK;hORd4}ToV!2Vtk6o4Z=~@<wUaN(C|LYEo!g3P2$E5PAzGSyZq+ParsSij
zEFeM!q%TC9m2@DSbEI%Cm=qdu*?!73MSv@kQTcjG@b_@<6tj0IiX$pY!Y({j)wG?%
zEn`CG0RsLTMQzok)9<WK=0+Nw_F3@OC5u)@3%yi~-f?yxdAtm5{e}3;%`mp7Sur*c
zn(RbD@Vdo{EF<31Go;3P7Vw}m{7OH0XQeB?FwCdWNto!=oyWfBK_@bJ!^hh$O^K}D
zSy5earOZ!7<BoZCt=87eSV1onjt4@vht8pktA7snZzv5V96P^=9R~>mJbD6qd=JPS
zp@4TC7q!g^jVk=LPCxpBZa7ZL=1v=XyaD7{e8kiW%h%=KOUavcA<HANSt{;`OGgB8
zuh{s1s#zL+pUJ>S`Kc8Ahi|KUNm4C5Y&jqEte(ET;`c7jYytRH0=R-#VzsWsP!N2a
z$mCz?G^UC``+X4{IY=WL;=71LG3wtA+J`#G&S@3ml})|&q5Mi3v%AVkPR<=ltor6e
z%siPG97ZopM{JN{w@uune$LdXZq;ThG*g#oupATfv}8Z_d&%~DQ3jjp_;Z;9MN1RX
zz6gGQ^&zU6Z+ejKM^Ld5u8g;9b0>l~><UI<;QfIj4T~zjlYsK7#CU~O@ywr$$rlrM
zPYY!F=~s0J-q^RYav1)|p1q|smRBZ*@cD`HcDAqi{-|`4i6PN}?8N$8TPTj#S%AQK
zFiud0aFBY`azt%X(qon&TUvP@iK+iYzQA<GrfB>6nR$Bp0Ql)I{0@8tDU(%wYlp8x
zMvm_8{&(uYgNuW^1NzzRL9mw?@i%qAX><J`=K)%b-^bpXaALHX5<af-Ucm7fuRrpz
z$y$Zs{}TYom~5FzobaJ?LYG^h%q>ru-RB2Hw8Pm4Z6obY$nx-9XZ=1FcXgj9iBMe5
z7w!}|%{o4|y7@O|1r|?qvWI4pJw|80SGhkPqL=XN<$^I$CxbWe3K#ssU63I2#P((y
zIz%S|J_gA@1swHGX&zQ}82ra91i8t^foKF8L5GLtjF=8qj`p719#21d=Km-Ckx14x
z!NYMKM?Kr=^R$QS3b}TNa=R||b0h*tQizCwqo*%bX>yJ9u!FjhZaU}<+(%LVKOvC3
z{~H2v<vh{ZiTK|ski?8co!XkAv#ZCBPYqFz^|t38z?u)}@zefrFJR%OML$!Boc{iW
zq^01B<;_!m2|qYrVTm3Eo1E+<?CBn^e-6J{oW7e8%+p934$&N%%GAeq2i0)J{RcX(
z&UU>!RHVu=$eVn-`NtaeNs}mj8==k)`_7_=yrUDHu*vZ<N$d@|m76ZSl!WM!sA?18
z_(FYYVT-N`j#t_;U;gn@4Q2VxDcoef0_SW}9d7>K8iV>)94R2oowzf-wk@tJflI?#
zQn5)}$*kH;*OHiRXjCSHYNVBbMcO$jk5+#}@^1y_Hs`NvF|0Rg0&jy$#B%eJ=T)c}
z&5tAvL#4Uw7TN=Q9NVe&9vfQJ#4vQr-sgaE82Hf$a?RC1+HkGE$4X2u<>R1;F!5iF
zJt9I`qn6~A>L0~%^OKzC)0{sHqTGLYj<czOP0X*9yc+x{Z3i_4|B(xw`VnlWYT%n0
zGz)znxGh!=Glk~mw-z0?ZK{wo%?%o8#=vO=Lbz4OJ#tTc5oBlQ<e6XeEKDpQ*a7YK
zD*mH9T*p01=?|j$i0dgt`k9L3SkpTyR*RrNt7`a6kV*A?SNJ>jU)!KuO_xXiwfdpP
zgGimpn(Q*uuHs}l?T}bE4FqL(FJb#~rWWA6z3O#@kIT&kOEozoVNc0k*=PM>y4Lk`
z2>xMVdO>woaN!A0su80>>6_=EO>mJYbpZnJjZ<|j1_G8V*<4_N6jD_2rV#os3(r9|
zP@Z8t3PdqTg9lLz_-e+dXW!<*8RNC8k*z*WXQO~TXI)k;dmSO`yHZhdV%7AazLJZg
zb9d^M2%0n89j2=GDjf2U3TO@RT^(lN6~QyM7JKeOg6dx)ZhIH5%3tdTTAg5n|5lTJ
zqmS3kMaZ&u<(!OQ7o()N9iX3cHt7ABqgUVZ7(~=#-JU~mZNZ_r&)M9|xZjlDL*_{c
zj5l)=egSm>{#2Ga$RhLv9zkhGr+#Ab3M;Egi+Szp5+KvdP>oY!55HmCxlie<E2bL+
zcJx5(etI^5WsD9%_nYa_e$~nhq)xUj!2wB8Q14F^htV3NMKy@UXbjj(jK04m@aTI|
z2EQTAjkrv0gimgGHPvzr9K14?vsa2XtTEMV@9Vv}2qL@y5%fBj2*8)VfDIse2gg28
zxTkgT3m7Xv`2`H(-HMG3Xnk-Ht@g$+66OZKV<)nM3qi#C1<i2ik8*DFqiJLpucF;j
zGuySL#ltSEz)0}yGfeQG15Nt*5X8E@v+WJe<V$=Cx(+$Gf%@quk`;Zj?!;g-)*`QA
zx-N@33Pzv{aUr>wxr!PqnaFJfA?gK$s$Jbi<Y*HM4dWNB(9FTnR#dUbgUZ8{%5i!W
zN7PHl4Lt!u7G0l7WL<N;a$S`qnIGy?#OpM^KDARrj@4{G#UX38<j+53-u8on+>03-
zW?|uFWgG_M^7VB#k1mLw|3NK2giiSXYe3;%a8=OfD{ql+@YBO{{Ylc7mmA^;&ef0M
zV!$p&dX!beXefak_bPqCIXE(N@>RrK0qem41Cm;p^`IIgaWD^R#t$f%c3!+yihlW0
zvkFO_-EmBZ-om{$k&xz5{VeK~^qQ;KsIXm@msVHTG5wHa{gNkc5hZRFMRV577L5L@
zTS{OYfYBy?nh7Dc4?o|A0gm?-Dc7xMk>u?;Q(B{)Hg$$G>Zy_k#~-JzF{j1~ef7W3
z`jfF*uwsRRZl9eqY|k^yVWN@Ihn72vouHX()(YPT@gA%m=1$1@9?3A7qBk-!=s1w=
zFvD{#MR(cLUyxmI0kcSjRL;DF)QKjT(dHi6jeSAB!Q?6!v*_DX(RN)WcMr>um9U()
zcx4r=(!r++nFVNWVc#7no7ZlyRN7$Z8(9#J<W8GODn)W>s!^=`MCc+_7QPO&6POFo
z4{Yaj`r>S%Mb|M6r`L$jp`#RjSTHV$bZ5>Y1SPIpKZ>}`DXCpGMJ1HF`q+pW>|KVJ
zD*gPef!$b7%J-P7b%G;y<?G<2PNo~Kf!W-mp3@k#pHYdhf6d)`d4Z0wmSlUxb#2-Y
z&vZc>gzNPkRtNh>3|{42s_2;jYO+4<J2(rpnziTLO`%rse^wq741MLFu;kc&X$Vd+
zV;<l%wZ)Z-+k>S}Gf>+Y@Lynait^gJ96>yrs+9p;_y;5zw&>lX6^iTqQwk)B<*&~1
zI3{Sjm6iPM8U#C=Ca#<DNEs83Bx?%QuP5QevBXER6#3}O1`E2m)n$QSMST?5n^Ei6
zkM}Eu%l)0c!)K^aEs)V<i5vqJaK15`VjSNGtmjZ?@R$!oaN-ipCFF&nadtwde$jZ+
zv}ip;tVfm4<F**$w)C8Gx_@cY0Y~WW04NGDmcbLCGR^0`Y7Wp8V`c$Vdh1Ag5-)pS
zeRd@=b^xLQnxZ5~ZfC-i&%`ZXR^JgxW_q0?1^ok-3HIU~V-YIh;faETjZ*yshAx2_
zmX7fa4xWQD`idkH>eA26^7)hwj%<e<Z*(E%Kis|d_EB{#l9bVpJRQLpMNKN1MX47E
zN+UVqfzV%A2N?3aY5a4PPoSGRdg@y<G{i?@43ggIc(>FaNL;Z<eDPI)r{{?>+XLP+
zDraJL3^CORORGh*?B*5jo9SS?*h&QDvUCe`(K5pzSu=)zyvlJ);aVNpepunEQMdK?
zVM%|JEN-Mw7tetz{cm%8_D{q1NiiV~y~XLK80#GegsTW;y$ZaY4%_}B<WZ{!)Na~u
z0z7GqRl9#O9I1{`H@nq+FG-EhjgJm=BK_fPbp-cV=})F<hE!5}J>I#B$&fr&v08^z
z0{R%pJy&3LMu(uL5U|<s=6?yhxc?pWVB$h!hc92VYpIuvQzsws>A!`|QmOo`jrV=%
z^BDRAJlJ>=pixnemrQB;K5om3W3pTX2L_1512b#nYwVND4^CHRxwG?mOi#S%x$vLe
zq_N1~;~~+K?3PLlJ;W~SmD)}v`nC$qWrBDEN}O14SD5Niwg`JHw#t+qpuql5t|+-T
zgOJi<)R^tpLENhuEqfIt(;FyYbUE@Y(<$>%=K9`R&QJA_ANlIa+rez(CrP1}x@zP8
zRD_peoh{6e{abmfWfXK6P7CN0O48jUebxTqFzJy{tPzU;x)Sv<b3Z57B`TDDN)V7#
z#+IJR!C4|_XHz4mxC2GOOR7mA_koL-PtOO)d?|<32%+QSH69eL3*e7lf;ToG*W4<K
zps5c4S>Q4Qr1&$FKb;{+jfmMocjS@8E0PjJE-$3hIry+i{IuZ-;%&L76DBm*T|Z9$
zQ!f9mgIQ#cS5UfV#%{VvFQWQup?>AwfFvh#iXEwX7Dr9BqTP198pBDoaz&n4bgxZo
zcxMeP$84^-A}ZbrloA&=4?}L=g@8<afr0)>%+Q3U1N-CWhMfkJTW+8ChD;Wu)Ntrj
z5{K=t8&OI0y1aZofY3LwBUxLcUob52MN?t|ev8z<qiCIYq=vyleLz%1qh4y*)dVL;
zK5fAeXA30ts$VH4)z0LY>_-##e1$1H2L&LtsMo%Qr6a4$kWL5byY1?@yPP7m8<*U@
zEp2~BgY>;oX#!y^Q+PNN8|r3?vx8{J*h;>#1+(&S43+o7PmC4;=JgOt^41DCwn%K*
z8Y^v*$paj<{esd23MB4uXi#SXa2$t*QFV*Wmn&#U92~TVZ<Pto5x9>SzVIzQv*%G_
zJEXb}Gg+<uLB>a;ZEna{sz!0|o?PfL3O!baC4<xoPjm?8LEu1VVn4F|;r#tYD?sa;
zMxn=8Zs~iaK<qHcs)4DP9v=WmdPYpK6!40|IP(rgFm5hToJCTPk0o5=KH8a$LaLm`
z4Q)@vSDjA?+;VE~E_e!?f{WrOp&%q}zvaftkIqS5kPa8@PeG4C4{=g(!z3}v2q+pE
zh(1iM@kDh;x`08Wx=${m*WFl!l%KTwCI%MF1Y*^PKzoj2R)xQoW96E6s-(x4BbCEi
z!O}<h@RQftf+h9Y>w}$3s>P!%HNXet*|A_V^jScvvWnuTBO|2y-@iH(fv`g-CZlR<
z2I32SBB~6N;Ki8R6Yt!<$fG|G6SM`tqva(h{^_8ifJ4{DkBOM+Fk3{b-((1t8a#%<
z!>g~H0#lxgvgJZgRVpqxsmnisbcU5`$yVZ#6b>aIaWPUhhQ^P{1ed%WbER6Z@=*$m
zIjGU1+2S3eHYrJBM4Zd1+f=`z%v)EkrXOKgf-J>#NwJtTnT=vfO$$!US5SuzYPa!H
zbm^Wq5((n#w`-YoXop87=lGVFAvv(D(Ey@-G@^}-luWM$6TpLY=h%Xo;S-tJ*&%Ak
zeZWu0V+P4I%tWUo7B_$q6%Ri$NAbRa%h%aX)!I?Q+saqrWoqP$2}EQ-rZ1^A;o{O^
z({>uU+7sD6#(^(EOE0mE#Sg)2xTC5i3i7HZsd>xH{5C`N3>v{0^z5&W(+?&~Ze8Bn
z=sji6)(;q|k-POy+4+rpQ}GX`uLdOczCd(oR*;I}FP<($BrK`SDV!lwvuAVilC_~^
zif0m5a}w4p-(a)KCA#qkF6#8EC)bLfqarPmF>nS4&~mX9*u6E&{CNP=PdyHJ8zb;!
z^EifrhEA)HlbbllA-ZAdJCYFb$&LtAOc22ok>o8o-o|RKxX9V<9ihHpL)H&O->w^k
z=5*N`>nS1*e+--na^!=~3x;~n6ZMW*u4IC~A4#IG3tLw6Sl_=zals;&RS2f@?B&z!
z)$S9i`6=wx<S7Le?LZN&k@2!ka7iPZx;4SaLNwNbv(Yb;ve2%??pok#U``RBOR5~G
zTXM1`f@g_TM?iAL=dm2{)UEHZ4@a*9+8zZF#uCMIAkGRg^x1p`nEuu$4?IGUC)t+m
ziX@dv=&pVXBknO7uH(n<0piy7csUlg!o<={iDG_Z*YN!OMH>a>F-=MFv~E14{EJFQ
zikFKXIz3+v*(l(U9Pi#JIou@5Ml9iu(lpL0K~Ng$$ik@H^OTbyLB@LCeae_DxxM)Y
z=fdcV{m8|<?q}-a&qYFtB-Xvhf}cau>>v&70WS&c;B6XJ8Sf9yM-;JocH#%`E)HVh
zAG<zk+fgSn+ux~*EVY9b6o=YLxK2tt{)lf(TRl?NmHjHTI&|~K6#ElM@u(ZHRqRPc
z^>~=F%qtc}nsL~%I^m%@^&Zgy8kPCOe}elMD0hO(&)Le8<modu;l5CbkglYZg<%s5
z{F4|<{dEO9$I`e$?E5Ht>A_kCdF)43({+}ohMO5^@z;?N*6k0Y-U782bU#QMVTZ9+
z^80Fdjc|SmEe*D_{Q7=LASVmd)>u!_QVre(=DU$)oE2M1HnMRSmqhGfjGD?w<cO%X
zqq_dZZDupA!#kie_%jt&r;^E$M)W<cf<il*T)Vw<m^Ie)kO!N>NsB(Bg3Cr+i>g&Q
zNOS9Le6EfmlTykgSt-q+`W?)SH;N;M2s?(>;~pfM2jk|xwv3^Nat2gm^+wqb{<%Xn
z@kmYgh)?ojF0H}q!*RbZh^_uP8}9Uo$g+L^E9MWUUJxECuiKPz)T>3I`s#ar&>IVf
z+mw2V-}TJj+Egt=v;z(_r>OF|xu9=h+@KWB0l-h9tOu261@22tG?smeC1sKKFDPqS
z{LzGFdiHBc8b|<kP1X$U6L6#A8>pGykdNs+vijrhL&b~@>3<rpwdB$tQ1R6D=KL0Q
z^W`E@`MiBsT2Cv1@vFBv>BwQ_a!gj}D-RWNVX||e{GoPZ;Pd_-xnh*3_=9Bz!})kS
zFO#rNs{Kd=f9J<79k@f+btO1cQ+bx1qPg^3*rGAG?p)V$?LX_Y_7~or8c8>NC~o^-
zSQd{ib@W33N4u{9s0|t)ukOxiNAo%z$AKGsM1~*nh2n{QaIR%6GeJWvk$TB5Oi~<P
zm7fn;j@fMFY7(mO^cdmQL>FN#!2v~Pfc1*xsil^$DtiXYF}I{xz~^%hFo##$SFeMc
z4q=k-T_soTsu91~Hlol%+(QtesbbwxLX)J2uQ6O~C7X2JEh4&2&dO~vaepnLsJKx$
z&C;hMcx&h41-t{>%SaG}t)%X`1}SO3Tjs8x-*GH0??8j?^Im}udv_lP|BsaRaq+PC
zKT_IH&0WpUl8tfnl?17}uiI!#pafIl9Sn9ww7|^F?fni^)`#GvAltC-9tuc0i@W|H
zD`eV>p!A}BW%M7kcZhjyXpx|sIf808g{s?l{AE>G+sBUs<#i$bLY`*?BMG{uj+xN}
zVdJ80P@#zN*ZuYJc>I&k9mzpW<wUqW<m)XU+PuI?o#5;~Nh>yjJb2}F6MACJ#t*+g
z+sU6Ra(}fJZ90ooJSYsJda1wupDNVp<^Qchoqxs)OZ3Th0rpNll|Bw_-Y$uiqZm_^
z;tOm8$-}aJBo5uuF$0&YZ2!XheA@S@&*r#aeO?<r89W)d8)En9)5HWraqK#Pvwz^r
z+oH71_tL5oU$!QY!g%voUBeG{&izm6>9qZSN>8csB)1Hm8VaOMN|qEtQt;g8{sTHY
zupOnBy0DG#Wp$v=lWvM#paDVSUCcj-Jn*t^+n{LGS2X^XFRKs|(W(uVQ8a6n`cEaH
zG)~;Ee@QZ<4UO&Kg0=39qR@(pMli9U+7nbi*f&t^N!uOjl3lKRXUKQTO|GqxD5F8D
z%C6<RINJu_eFCkdh72|D@V@}{JJnA)JP|JVqrxn1;$mfpFjdEg2dMHCQDAyOT_<sT
zh1|Tv=1+Zi%-R3MAVrWEG?Pgxih{%iijwaFx~YkrWEM~iP7D8=9PkCa=z90q;7MZf
z26TPV-_WjQwXP&lzNXG?U1+x?UyUhHU)q*gPJ7h*{fY>oXrv8-6mjP`-R$|~_e|W8
z^^HjT6C%KF9SsE!ov)-$qlRU5Y%614HcGZg1U@&D2u=&A8}fA-FKyasNWCCh;8*>$
z7CYTUULpcZ&XJD@AM(XuBm(Q(ZaDo1hn+Nd$#_X8#$5bB0AR&Y(v1SlV+w=mgI$-!
zj~kSbm7o_8O-4o=c+{O2Os^<H(qDHMwD45J<s-xiPEx3ldkPaZsy(|_Oz$<sD+I7A
zWN}<qOQ#+}17r*N<qMnteJFdC6lCybVzhU{&1^ah%i2$;E;#c}1a#5L!F9BaAR-WQ
z&X*{0(jWft&9Fj!lJT0WNuutM$vtug10thiEfKw>!m=kbZ5O>NViq8PPpjYPKtD^X
zS|x?ZD2ZkI9t{p*#B64PDa^%&<JH28T9IC@axgy`pNrnW<%nNX<%94i2%h$6EK#_H
z&sZx`Izw}HCGbl%2|3zi{Dm|JxBKxyn>u0};9~DC;x?{ZaSnEe?HmXxH{V|v^_yMW
zf|zXCM%&G34_#!FI>eHgClshpG)#VGa6x|aPUtp^_Bz#&&4x0&I5i*CmIWxLeZl1G
z{`6$Efe0^IQy7O(i!#xnpIs=yCTu9lVmyLGT=dU?GOoNxEsJh`w<Y6F++j^*tV<ls
zFG--5B})_VxmXzHVf8kPB0Blkn*Q&f5|qA+p(Qvi@=?z<wLP~XxR!yo26#QR$0L`f
zm?9y;zsA8W^!IVUD^tcm7)_B>dAAN&cOSIL-D4>|r~;1#!CP#X#ysoW$hk_nDouOa
zf6y7IRG6v4iBmAj;F0L?_fS5gFLZ1?KdRe5LVgeL*L<7!r&t@2ZLTCY_-NgNKQ^9Y
zCR?wVZbtGRLsO&u60so}tP&;B{KY`JmI<jlsXMhBxv<_mb&G^*idWrCIhDpi?=%R;
z=Mm9B5Jebrok(x?7qWt2#y(9dV_Cu8r#u;&BstU&?NJPQhIEDZVqJZ)rjQTOzq$#F
zJxKul_IE1HrHbdB?5?b+O)%#k5OOaK9>@&R<%#o<V8&j6yQj(oz@EtCiL)0FR(9hC
z$ZYol=(+(q?$q!eoCxk=^0Qgaow$kW`Dk{V7wUM_oUJ+CDzes!v>L59LTr2L1Ui-;
zzF3-J!47;z%#b~y#b#^WnS6<;VR!5Rx?pmqHE$qE{r6?6mZrgBJyg${olxXoCh7*k
zVIzD{(awd^2WFU|`!=Blo4mt6;Uedg%^6>64I4UIfw(qaA%M<?+bxM4MXOGWr#(MJ
z%Q|(Jyp+ri?|);CS}<jY(=i+BFAo~VYTDDANct~?GaKryvQ@J$+T)=#i_V>Vb=CUe
zie5zPAO&<lUq1|d=sBS%3lv+b6YerD*H7-~plYya(9iE^7V#S#g38<vL_hAktn?kP
zVq?v#5iGdu-|Pz=qkYgW?`o!ZIo2%AP}*XeCeqF(aCvDym6->@S#C|gVwS|w$Pv!+
z30yiBaPE)Xq-b|@f(wVtU(JP?R(MczqTezV$`eh$$ureE63$mK5~6fL&JE1h)Khni
zYoIlC8nj_c16)EF!V4+)sbz;dm>9B+ZgXVdskKHQ%>Q6vEBdFZqhlZbeAA^k(9jaF
zW82E^ag;VjQzXjqLw=(?=4zSsTj9VeJ5@d{az5SOXnz*s9cOgDX7n9@1F{_`4Mq$2
zHRLUQ^?df-jyd%MJsf=(9X<ivw_3TSVYx-xioD)Bd4<BYkOvPhh;JdOOsnMk!U+Sl
zyakR?OcBC;3$5Gdd<ouBI(@QvH;-TiGwDtjinWxzpT#TICx(^XmhY+9ZDu-g#XIMk
z=kLq<68o(`VY^04I>N^a#E-yl6KAA)>2$Y2l)l`|XeQO<Ik$sf<sy(v;jMsUK8ZVO
z+&p6PZE!#kfC*L#57bJVv8!Dg@f^Pgc*hf|$%0|t02hixg~x!3)6+U%J&~3Oph(Ms
zoRClI;&b)AW>{yWcI4lQw(5d;1Z64H2MMfCkL*CsgN;0Uuaa<p|82eh7anS*_d8Ai
z&CM(Gu+;U=mOkCD{yb<^>{?B0s9DRna+EHQ-`-Gva44mEVg3&5c|x@di=n(JaDd%<
z{3uEYQz8howbpAx_i;&+9QvZuC=aN9zD0Jg*l_~6<oO`;6KsrojV|~qK3;=!=r=e-
z4uUvQ&I=}>7?hfsro63dV8Gv;l!40zgM~f(o1XS7A5L9n@eS;FG$!DR;LXx$TL=|L
zAAOv^w5HY&^Km4lVWaV>Ula~CP(4R>POWseytvX<GU~f1ZiG9@>?(1nSqd@kL)d30
zjbJb`Vvwv1k5dG9l4z>iyH(xWH+;h*SMEU1FELg8dwzfnTD0_$6>2GmBXJJYp64G?
zSSJzus!rod=)z161V#x65ij1%KR9f+#@>F+!^9R1C?SSqCrmT?nme&tyDDQ9W%+Ce
zWKvdCPm7i!!Kw%M&x1d(GpL(mqhc6xB$gwomQAtfEa!s9A>_(qHMN>T;w;o%tQain
zt-SF}Od|6Xsa8jPt;3j}>aB>`jEbdyJr>Fao#=Vuz6zu;MPA#;{;^n|ql_&{-RJ#|
z;9q^whvl^5V+YxQ^DV7Vua90bU$r+2TKx5`>Aw1Uiu+b=69`C&xxw!k4Q%|wnr{RI
zxVmO;0!dI5VJ^P_7>ai9wdj#6lGmF%Fa}MVZmce&f`t>84*ROOg2PYzLOYb)yBVoA
zzkqv=%c}{;kaUPcn)Sx1LGDC2sOC>cw^0>D-d9_UMSYL%j**Xx2SQB9d~LDx8acJL
zm&NGhDXWTD7ew`8El0?E?UNey<6u#->*klD98D_(qdiplzr0y~Fbn;`pM9|?C`JdS
z>-bbrTL_(>030}zb(n#gK+jbYs(V0APUA6<z$<eOC?>NSL~JEt9&EEyROPVixum?G
zl)9pREaoX+;g$iGrFt!PBRN$iaMCoxGTyIiicb9QTcl7Go9+H5eE^2@I08d36NZRO
zSvNUOw7ddVlDsv{A}2lUF{K|>OEuFS){!xmAG#z1ytXz_csjoY-|KzRlkN;S>onS5
zd-6^10O;fGoH+}OhbbGW2Cb~J=C4|~Jw1$&X*}Kh=kxi;Md0SJu!OJqdFhT={M!7#
zf29QWyR2myPmlTy^`wVaSUW+<Z8XGXW$_2duh8F;jrr+C%v}A>5?LR-J(0^!oOiv(
z=XBk<UTY@1S+%8*1j{^g0lC2P`ugv{m7&Z7U~nJlA<&28qU9Js;I(`R)b=l5QgJaH
z0rQ(+>OQ~S*P7J+l8~?$>(Od1nWSkDkc}yZ3$`-ZWe@KM`~1G|#XoeSRgKipOy)A0
zv&Q_lxBD@a2@KN<mW^|N#z*r^Q_-G;k=mN*5YMIk%CTL9DC<|v0xW_ES@%EBtCzjO
zTdv5<kz3Jj0@MqF<iScod*0(o6YoADsRv^3(!y8$d7yx{;BL4&KGM;oQb^aE`ZBbT
zMiUdnrs=pQEeA?EPLWoM1+)m-WnNA6KU~qMay1qIeuLGu!Sf`@G)RV16}VTqHj_0E
z96}4GHz-z>`kj-c@5=k<E8>1`;!=#Hulw-Q8sVR`1c5f<i4aEnGmt2q41(&`O3Nvi
z1mFp*ws`o3ki5^|Q6T8`S`gIG!KRLS%d!Z{1?U~@{ZWd1Q`M!@@bFqf2`<96X_Hop
zCrgqX<XuGXmy~hzis3e)v#P@VlH!-NSvcfL7E9Y?WHT*Pf5!Q-kKVP|^WNDznoT|K
z3E28=rSv^=jn?G8WkxF0RGzdr#MWaPdIpIFHyY>8()dY54mEgVWv-4kky<FK@(Mu8
z2r&bSh$Ft(p#A_fhuBH>_&jYC5@zJ+jM9;8i7t|&l(0CfAok3&w9Dwx;^_~vuvlh7
z-pY(2%-bsT5))=@+!&@F&YafZyO@^DmT55WcAWK_wJm8&^$Hx?>SSlmo|6f7eLT<B
z09B!Zn6JPbLK4bPQ2R_#=lz;07ZmfqAdN2!3R^kgfwbQu{v!yTQMhus5rXj|5U0=M
zBGYU~G%aSs&b1d)UO<<&S7wjQgse<+8lklUuMGe5G{>5%kq$c&9c)?LqA5*(S-n}i
z$cgIYQEo(CB#pJCSp9*|PewFyG7Fk2)p_ST*G6VwUM61a_X^C5Ji68<OWo#+q4r?i
zBJVfAZYuC^nFx?1H#?W|Q#kIu8n`W)yZ%LzNQGxe%&_w9KR1;4$ZA?Gsah}kT4pu~
zFLhl$A~m<IXx4;gQ$2$EPWqX#reRoe*9(d~qop<T?ya*KW9&YHzvK=M0VcBx2e!@l
z%teSpwmw~7Y*nc(M=Wg}V*$W8*x!POo6-F#I*fh}o90zy!TTyGH6&yGiI;+A2g^XX
zfYsm>d+27Nov>;H1|chZrE^+x*}@v}cQ4c`LlR=ofASagE!nbKy~^pbvwUX;e(};C
zyn0Rf6rwztq2{O>M7@sZ9-rusR}xY>SDuSrczlt>&+8MjgcM+z-Pi9af%7+j!FTTx
zxPG>0xbm42LpKFXlX>Hxfl9KG!8PCo1j>(^)W2d-6PNBe6Xb$T0)NI{M8Y|3%2!7>
zRY%hzo$?BS%_N?D_8+gZLuM5qm|F{0E#<6#e%(O}jAYFv%dF01Y9>FlN2nU{ZHn$?
z5Z%=k+86{^J(OcIMKUykQ8fI+{H<tBy2gkF{jC;Rmdg>NU@Udx=Qpxrcd{x)AsMa=
zB5#Jr>CKycsEAF{eL}r{N7ID@M=}edf7q=r!|mZ;8UMP}Tq_J}-D9i^P1t<7%b0tS
z`{e^*RhBUNnx*wrStrND!Ls-onq$VYlk;u1q}M3I3FWbg#RZgEN$t5S|5Um~d&x<@
zRGF#4U1dyrYa@S-M@UU}C=c$N-NLdCq@_f#Nm$JJe5XH9U2M%;R#gFBXG()4HqW*F
zKKxg}8@1)wJ#gVGUl3IFyg!`SMcJ`Dh>nynLd0`#{0>7E5)?BABTRUfdRPeeB+IZL
zp%61|KKWv<*i|BC_&U16(Xrx+c||vxQP8R!S~i?WR|`0q{yTZI;U}_>N9MthOqpIA
z#EDr0H17WbxN-<suK*=;&(60eFYtXyDdHYq`Y^N?O1Ty7?S6Y@Y5|$x1?scO^K=0^
zPkl@0fK}mB>I;C>K;N8l#~1hQpGM%P&4GJ25eozQ{E#q*_5*{?=q*%;Xz%xt9&Y1T
zZv{X>TH?(Y`-IE6J%Bb0JSp7lk=Ls9*q}5^q79G!cX}QApEED`iNM;t;9|ayeul8&
zq?~<4^_rnsLZ%M!IYDenU=$v;EA5Qj3RE5p?(5U>OL7|IRO>8x>CrmEC;i>+_&vLR
zM%5p@Z?lt2np@zDjU3|~<+UEeJ@7qJyQsDJTJGRZ?4K~pFgPu7+#}Qwd%2o*+uVzC
z_6{PG<30A<G*p=PhoRr_q6s2Z^OpCB+K{T<RrC`jrHwNbO4Tx78eHhGymdo7axHNW
z8kSXMZsl=D^0JaNt)lSCWZygIuK+KfGbeFVnGIySkLBR2Q+#+@C|p^6tz?GX%P^~I
z@jd>6dcn<d4iNo=1`+`T)ktvz6@s%k>_5G(1z-!SR==XBc5V(_KT8+2+>*kn;2OSK
zctR?Ks8OQ&Ic=ur>uWtLgVa&QWJ$qJ7j@>5{y@dc0lvE;V@T-)>AQ9iXSh?}ou6~I
zr))?ZS%GXa!`ZG&Vw~#)YN497yh#|gjs^?M*59qAvsa2`^s7x@TZhCxcIX1;DbA>e
z|KOfx&&6+#jW^}HF%1g0d`<>v>-V>zqL2>_yK(JFqaqERX`JiY#3!W0kB}M3%^u>_
zTRqdA4m_F`fah+WQC0@S(5G35_XLN;=hJ_;yEJ_*h`cdlo#VSk{J9on2q)<|#E^`C
zaDisj#Wk7#A!MJ1)SwX_Cw;F3R_1L;ptTsdh^j#8Uyu(o(c%?dG~qF0T*rvqS`JFV
zeW(k}?IMcC&wQnRtPW!0$pN99D^Ji}4`N&w0sN=dx_BYY8UujOm)pDcqOU9)-1l_T
zlP*zWy_)Xdf0tv-0~AeAL0{k<)@}rhT9?rc%e>lR;aO$4)N7X~;%_{A)M|{UeKI4p
zG4)2S$OR*fcS>_|oowsJpDM2%AGKb5lOH<Mb^6n&d9|@@VV(<FdkD80+@sigNDe9V
zgIP6wm^3Q41+loZVn&HrmMk$XBMA-pXYR&vLibcUNRMUbJQoz`@lD!o)LSNTTgjn$
z%a<ufREx$`@_KL@<O>;wbi_1jUxSu?_khQ)L)eJwncRPRVW;#BSdZW1(we_@QZwNP
z?i=fEs9^~$POhNE8O<BCKfQ*WQx`sg!x|2im-CccB7OgvP<wg5&ZAGgp#$QR<5D<i
zl)FD=da#T4Tj`J|0>%c~ZB9R{g7VOYg-O3ePV_k}mM2#6UHmL2_17mpsO9j0-;Nr3
zD(PYuS`;_`X#F_1gQjzUBFF83HJt8hg9Z$wJMKlA+zybOn-4wq*yakYDGq!I2l6X?
zgTa0QBE==W_QbtW4=e*M$!FdyD;-#hqDB7Xli*xo-m1OmlX~s!eu|8vbw!>AOyfH7
zoCN%y@xfsUFugF2Lp#qg>|RjUzOGFORL}z6u>I4qG-MDv6iK=D!V!oho`4)BWD@4J
zjFOyQRW<wV1DJ09y_)Qge+1O|jGhR9_yRaPXFmW52~olsf!l)(>cAO`no#>sA%cf@
z4un=|;0)B{$Q>l-lt8nvl?Fewe*w}X16n^3%CkMD=Y4~TSjo2jnf6};4qke9{&;!o
zCT4WQmW+|hadJKWEebaIO-Tc!yhmo*TB!lbYbI_Y%10tNRf|*mdHtP<sQ2pg7>gy_
z+N!3%cks?GRJd<HSI6L7!+R)Hx45nEuS+)tiS1lTTpWeHe;vLMlaQDrGwWVnZKs5(
zuQv!!(#(#oQmcSk{(a1z#Fjvu9;(jKFOTd_;G>nNyZ8DPkn2{U;xn&}_+w5XoNf!c
zYs;M@c5I=mSpd=B-qW_-#PY3r`%f1^e6V0=`uo{~iuQWP854jrZpr>_+8_P}I5#&Z
z9R!T-anA;FlW74-_wB*j*lkOzK$rTj+EZ~m2{HRG=cac2T8`Tt!GioESOuaDfx?>#
zb?G>_#jbIJN<_f>XYr)!=e4o3r|{zZwOIF?5sGHmiS|gmB=afEf!t&oRSro4_x0bk
z0^C3}Sei4FJf{<{Z+q82SW0GpR3z!+ctsT1=W|b)a*$!V9a2ZqQ+)+~P!jDXL@#2&
z&g2HR2<a+8y&$p&;N>G2uE6+)^^%xn+h2h1p2ozBl=;kS5Bw%2e>dGUB}JRhUOimI
znVWH;YG76V6u7>aJy@S^eYD77AN)X0UHdhH7afXN$HtsiM}0IfHYu5lJnR`Vr`T*6
z@lBrA<aR=Z?)KM^du7^ng~bZ~3Quw8x!oV9O9+LnH$87ii59xC-B56BK8`|qLT8<l
zn(^ckpfqcF+m_@*&%Ut^kl*&PM*|4@2zwA-Yd|UogxvlFVhDHBLMzRUs47EFW&6|X
z7%k>$!2L??)qvX^T`13VF8BLMbE|av5&yZXE$sHSaNTk&44UfD44=kBpKp5dkn(pY
zv5|cZLhlBz;Kfj7`1#6UjIeH3JJlVs?K`M-wx=^^kN2iNvTVxN2Gbn8l&J}V#hs-r
zb!E=$604gQAfTLXBpC+)O3l!;_Q(fCEhp=#wK@<(oc@$f3qI5#@IIBbJ4wMHFuBeu
zY1w!0K$l#h5$Oh$8HbqTFhJlqn_Y(+q#;EmC}W2IX5-L-d83WoSo_8dC(lIc*Jslk
zlq$<$)Te73IC^1WlC-FAPZd0V(v*rZF8SmT%{m|IExcdXX-x}#y5b{2>z>#|X=ddg
ze*&HHE#dp@t0Kz@l7ctLnMe+ebgzuGAoTSvfH@hu_Hml}t_<&YH2QnMMn+PB0gd&i
zV@+gnN&+i7XQ6c}#_Q=&5ZUMYVl&gXYc4GKjeK`g=?m5;{R_pcx|hMc@2}e=RQo+~
zVP&60zk%B+pJl1Qj60xIlZg)J&R7Nbptz>h_d1RX|DnyR4Ep<DOEp0widPc#LoX-?
zj@1cf?R?;~65>WV^e^6*VXyCgng2iwWPVE=`VM&ULeT^iwz~$bPTn^j0{3BG{}wMP
z<pa6#uH!o7rGMm;Ic-Pe$ysQ`nn^6%w~wToMlJcci95_9SUBcG8srAL++xU~9w0=4
z4Ri<h{-dXAZXXZ?<9T*n|9c-PN3?IsC4L3_ki3ggRZC?Rm%YNvQI+XSf=NlIb3GiY
zj{GxTjLR51BPQDK9Pzm5=$-jjkqX=A;Lh2v*TwN9k~p{G(9QJg@%RpnLf@s>VV8pq
zqx<=Nz^ln)oute&&)K<|OADD3k3RYK=eU3Eq$@B*ihM1+fAaC118+jxfip=#dt08F
zAT`%d5*MH!Bw8|{B=&Xi=FEGJ3Ks=|!Uya6HF6y=ElO8ZZpEP{XRtDFve&C-F9O$q
z*qWNPWwlp{K;=_(w{3=~VVT~ji%_D**Or@?{P!+#-hytAZZuswadqEOytn5~xB@ZH
zr?jd`<qK<4mf=|M0v~|#9zCOf+hq$OywHLX*wh$nhTr)yXkX!_J;7e?UekdH@t1w!
zFg8!U^ps4_Y@#Z_-!J3s#EZ2dOWSLAk=q{AcIzwoiI}M#n4L{E0|+Y{x%})Q@X~po
zF<k`^PyORE|MEJx&xQFk<F<oY2LTd2OrTXD+m*>@sq93W-<@nBY?h%gNj8=t7Igx0
zXRQRZ5tN*lXzn8|SmoCh-TOz2cE(vx&*)_unN(j*c=QEriI-6w-ZX7xY~-bF7gYY|
zP2fe$eIM@)zYkDQz<A2rZ{YfRr+o!-;Q|>cz#c*4{@!E3SIC1ut;ah&r5eEOmKovH
z;GnL}B!WEF^+cAY^uV1qI7AewAUYAc%PD3d&f_O~L%O<BDP^jN<Fj6W2!`H)b_o~X
z=KE(r<6TcGP*MI1z&@g)C<6Xs;L<11jy+o%xK@ll`v)l18-&<YAo4|m6d#}bER3uO
z!_NftII!kA>{U(KDXAyzY<!H5vDyz}fP0TGrWp(uXg^{Tx_P`?yf%4pa)<X~Cpd0H
zrXD&Z86v0L=P2sid|TVg*z>t4pmmlqf)EUAOpcTy4j|_scf0NAd<c1bLdWUz=tD?t
zJrG1RNawa9zBwe28^8gl1dxW4bAyDZ_x?O4uNx9lw;AT`AE{9C>~X$d9&3A{-){AM
zWB=vaDPc2j>l+Lj>UH~Ibmb!evp<Iumc?=dWhIW&*(=^cyI}(`DzIff<Iwwyz)ir|
zZUO{qsljJM!zFiyQo($#m<>m5t^NDH_8P2rij>%~+8{>LaXHu074^VlzSkM8<^|o8
z@|3xVfrt81DW!{&==J<Z1kiyB3_lt@o^4oIJ}JD$iJ9255wP}rPZN`$Vs_P^>+Y3y
zcca^Ra4ld;H#KZSs<1>Bj_*Ak8=D&=2E!-~I^bTT`Z4>t^qi&{a+6mVzMAC3!Oi}m
zh9cMfw@mw!Iq?OQ*?imHIbiSt+5$ai&p=95Zu9FQ?GeB$d(dHnFVUKPI7OOpMLDf7
z=D|_so>uP0;)jwjW5KcjP_Yb+z8;A3HuesHv6Qm=nu!%)1lA4!Nf>W6>0z1~V9qF!
zZP~+`X6%Kg#(|UPh6vAqvVr0ckU7(Qn+N*yzZ#xNu4~K!OoN2pDR$pGVwQ^;SE>&B
z6?C^!zG;C2h52Rw0sUMz-vIyqTJW{Lt$_g*>sHmJUyAgX-?3cRIJj#t%#+CEoIyxO
z-W5tW=D*A-A2pC27&1pmqA-~6z7TxCVPs(Jk5;$d2?!0-=&;ZJ`DNUTVBtPtoRDxK
z28g+uz6WWOSDJ3scsh$o6^(aZB19sHLIf0Pm>6%gtP@@k^V%CZ<62utsmhNr+Jun*
zx>Ts(L=%{k^wIOS#WwkXMPJ#kTbmG0D&FNGr-{0UpiDB4s`1Sg#11<TI6zWR|E&TN
zEPhrK?P(JXwQ6L>7T~9LF<jS4NVER3HWYEYvf0*1Y7{>wU(%CNrtfoHmuQ+s$+__u
zkE@Ovgi8+H#%wDSHPGu41io-RowZDGAEoXaAGi#)O5MK9!cMl^I6{?R2C&c?3>rhR
zqr&U|h;mfkNjxNc-TaO)fYR+N4RZpMFeBNUbQ}3sNbMKt)sq%!3VR6phtqC{LC%zN
zOn;WErHUY1y1L=0ao%0OE^jV*{SKe3%p=U+Bhq5sCRY2%37MYij_R@hEH4<*W%818
zOBc&UVM}r($G<?7K`E~DW`S8Y7U#sC4<p#D>IY>;b-I58b-6?%gt~rC@dgu=Z<HDP
zQ6UNT)#U%IxBZc6l72KD0~Xc7dR%j_&sB++4eImI#>be^zQu&K?+!oPeW?nJXLvzJ
zaqbVYgu8X@ATvslMm?e8m&|QYKEd6Jm22^Q=%?K68gSv0(4K}s<%V~CD_Sw?Hu~Tu
zsa=e}n_c|PrVSSTZO{t!2P->PWbHS790Xc~F3#}3Mu?zE!9_A?h$G0I42cnz>V671
zG(R$L;bPtK)VZ;3r)>4t>C*dkDALS4mZL4?CFdU9<1NAI8iB<h!1(E~4u7DOEl_*n
z>;5^_bxkKg2SLde+=fx48oIm*EL6#T6QY>&?=sBddVmgrk}c$VI?~Bf(OLjq2J_ve
zNLD>mAhiQhrC@$&(W~ET$l26Q(ORetx?WLp!MFvy54-L>pPCVnR|t>dP8c~pyv*)n
zL^8LOf#lz4nLT3@8hf+I1H3%NpyiI3mycL)0=Kc}897d8vN<x?6L>)l{GGcTFJ7px
z6O$dDXAse?yV%JVJE@H+0KPG*ruqBVBGZ^jT4gaW1&0DH6uxu^Y5S7;=UHWU?Iod&
z3OMZS3i=(a?`!+YrTcSkU|u5gk!Z}~5N~T8jCEfEy`%~$1_1`EFI%rJie4LQy$Cm(
zl8He_VH3>ANI|)Kk_`cgW)`LG#V>|=9MqxmM?{|U<>2Ytxhj9aa^ABxwS5x;&LoZ6
zF+q`d_~h}RCi$Y1(F|?}8<{%=8_qE~?KEdw#vw=nfP6u87PX;sgCI=yfhx_U`ghQN
zDB-5qz4@`8qPlrg==u=LAdi+ud9)OvSOm?4OIRqaP!1#1yN*6ENW+Y~K3!=)P1&8H
zZnwWMS&7_p#B`}?S!S;B)Skqb^e3%ei~8P+YqnF(BMq%F!!2FOd&<1Ds9xh^9;c|j
zci;mwB%~exQITB>FA)kN>q-HpUwsAmHyr0)YkjrQPel3Sd5zTRi(h~U@$ElP!E*oA
z5bM)bB~kON3zJKn{MSKMVNCgB%-7q4(Z7Xn@38e-a3)SN%m*FdeL~D~9cw?EC-L#7
z<v`K-T>I{+OfN23f-#dW6$<?(Uqw!Y`BSs=zOfTaUye}ho8@D+^CD?T>ThcFkt%1y
zFfi{LFe(a6aEHcIq;JY$-`hr#$|_-G61ONTO$>9TeIP=Mxy7-Ua7S}AKQ%uUwss-F
zz$vqN1_=VEN1`VbI{Bet;wG7f6x_knorqUg4&ZPHi2|o*9E9B&APe|7F9@g6%2ti>
zaBEK?HT1uH5QfpFrXNy2F-L(#MSarqUmmWD!vKeaieq3ZTD-ns;&^Cbakj6HZRFz!
z=7cvTbtn5>7n?~9wmw+bXu$Nm12Xk$IPsU}lhiPoVX<&|cFvjKB2J2bVhHiO1$g|{
z0PUUE(}b_lTL*N)Ouk}q5u|+2PlzbLh5#0j{jrv_#DysMfRD5{3{YiLKnitofKzpM
z>x(8aD5l1O0hgUA=!FC6m8uy%Q30bD#&D>WI4-#9ap@c;ZUNAP@@kJP`*$c<{f5Xf
ze_@CGDX2%RiXvgu>l;|+GG1KJT90Pvv_@SkdAqz4+IA-b;S{&)(W)Ua{uQZ>$hW`M
zozwoT*dU${XcAM$(Hw>gRZT%K0C)(b{~P|Tf}_=u&U-*SXFfQFvYpu#89r2Va=yah
zJZ6J8VDoc)z`V@%+zX>S)spCwIp>u5opv0^&LevOz|GBWeg$yd3m|<m3+HVus6(Ec
zM>V8w!Mx!fMo&y(Yj(vxFm@xYP3UNR9^{UHY&-if5fC<K0#OvhEe8(10FLWNz^&1R
zy0RRoGDR+6GcH0C@NEl?fdaYRr%VW&8!Z}&&W+O5U{f2l?&nJ<+}Mi`p9&4J0J8ux
zjk)Jj%#_gaQwn<c@)*IQ$*#*G(=n4vd^E3o0nJSv<QgpEL9GwN=zgu%MPgdd4lh$9
zzvYs0d4mPB<OHAITz3Qd_&v){S*E)5*LT@S*-Nt<%FMGJntR(6XXKxGmm>^ErR?o1
z%QoooI0ONb(r@a#@CXs_vYeH1Hh(&2y6V>MA1(vjPWZuTai~u<i^n=A*JMRl6MwJx
zBuI~h!;USM75+#>pdS!#)7$zH`jhY7#F}kfp+7yw`zO&?h{re9_khwyqlhtxtdqQW
zGI4Ic6EE69V~V%$m-Gw?Px`+_QvTh*dqK5F7--L;-;jSRN^P((&>!5X{CghS+ioo}
zIj)Bjx|f#1>-o<eGsWXab+rL2yf#<xZAN0PR6e<<vyEOiNa5^qorHx7f%}fiDQRxw
z$kWu}&l;TaJRK}zE3k9E0yJUg5#VKnmUpX6#*KS9JypH3g};9ZtQnG)L$xoH8xYkZ
zn}aD{&|>+8cQ+?fyH!|*5{cAsivQSJ)v{NsS(F)IE0rAa$}*5vl&%Shm~>)+?4B`q
zGx|U+cAQ{|6d+alFY-fY_F0eSeCH9NT?(&&51vucmtmL=L(;A|s(-m%U%8MV#~T*P
zYo{8KRu1eF<3qF#h3{LAA0DPYwo8Sj5Hrq4n(}Acqt}Cu&fEPkH5RW1*j3YPEA;Zy
z#D!HAdP6eF5NMG7m;z=B<KS&cIv@DC7hQlIbP`@IwE19Uzx~k+O#)-)2YiCyo`?hJ
zrX`4*`}o%7@1T@eQ>5vD>GFogMp5Fb;gi-};-#%w4xv9*Wq!P@5|l)f^4s>XLpcj_
z_1l;E@Ho@<j#af-(TAt{soW(R{j9yJjb7AnO8vi*_FTexLg-G2(1Y^zL-j%kCHd3P
zrEq3l(+~TwCWaNchn{n&Xr>=PJyNRFoZrlvV;6c11LBXLxiG^|J_>cK|BI@33a_N=
z+D2pBwylnB+w7Pf+qRuf$F{AG-LY-kTzkFGcko~Pbe+sqvu2H|aci{IUuQ^+4!Ufj
zu%W3ds2^J?p58Y=Nr}|OERrLrz=kgGdfRk4$&7Qm1Xa#dY}36|tgw~Vq1M_p`Df`)
zc+A>Nb5f1h*Cx-}oO5aG+*Pa$n{B7<BjMRP$6X)&Se8z}(9y_bQ&4T8Vpv)wm)Cl%
zBoNRotmgeuYiCEEqbCuiV?ZwxafDyFg}o7;QPfjG=Jjqrkg8p7FccSlqygKNJBvS2
zsSio0Ut%P%6wk%;paox7JvBQ>niFYTJ->7%Fu*o#<+#K<4TMY5bPH<Mzf_Q>g^Uk7
zs@@Bt-KY!o5x&S4G@w3hB&(KAZJ9^8%#fU9TQXz|=w{u_qk=(=U~2@&&4zI$a0K%k
zzBi8y!@(>k#<T%I9Nac*<D_1aZs=0I9ZV?Vp4kXt25opg3iX%%_3ZteG7tlY!Tcg8
zMn`6k|73DCh{o|T7<x`Fu;Nkf80~bq^tf5dZLrGmmj46@JhQ)KHc0a=D0+H(=}-qV
z1-0HqWH}Ml52O^Zy>_4Xou6>3xCV!Oey9}2a&~SP9D#Z=p=ZlnT+p55e{d^bSZM{y
zAO(e1^wQl{kPPa(GBUrYj(!@you+!T#D<uS>5Qql@4Gx^Wk3L9+1$Fl{rO&o^rq%~
z8gCESJE_!E$r-VNOm<*pGh?2aG;-B*bVmJYg0Jg(+ZJIh;3WHE!4cl4Xg|A_RyZON
zh%*m=mi*Q#%J^5W<+rMdl;w?T<f!}QqomIPHahsKYs>UQ_PSk*z%9L6k5$M#>sa3i
zUzCh{uWA)c_liJO_9&{Rw!Xu=iWAnpWJ4)ad(C;>e(Fq*-?2YRKhFtp50n64Qjh7V
zv~AA*gE`<u77tB+VjDrz&&wkBzxoA0FO3C&Kdc#Pq&=R#4aK4Df_(&Q{U2l?u&A_P
zX!WxWfpR^L!go${#vXSUsGJczP6uIkphM}X9E*yO@4V@5sGnFQM1mJTo3kQ^!Skp4
z0BB8o7UdRx3Vj`ZF%KRz`CkC~l7Jr^0fmdhX9U8OhZ>J$phCe#N9p$u4o%QHGIpK2
zlPjL@>5P_kuoowmHVy8vtRf{iv!muHlr>)TT_pkC57Tvl?O_!uoF|z^_K9*7Hr~w~
zay7+Y@wpTCLO(^?Opx*mUvE+lip)M=cFU)MQ>)AL&!LCyke~dhBQk=EDz_^383=9h
zwb)WWOWfQd;=!CqPKeGS86suZX4wk=H3>p8cvdmzttDW9^4)g2=6k2Si*o(!w@^iw
zK~@93CNEYSio5fCT)#JLEc^I>7#!{fMzPTiYRRg^axptcpVVXU6u30%=_fVLBNTOy
zf7{OZ07ViN1Q3CPxdb9`tz?NbA%ZT4a)lg6u}mmBx|B34nTizZvEp7S>f+HIO3YXY
z;~AwEnWC*-@sjN!`z{9GMpV$!r~n~BnPULAfc<|MnR=Fch%+tM#uyhpRIaEE+S&|_
zK$JY)@0|SNJq$`jD%v$ns@@T`2!K`(W+xEYW+R|@1>7Fmt=<C^_;)}7ZEL>W!B~hD
zHeIO^bbR^SvDS3pA|lU0m`m{Nwh$OQrpO9Od|>FOtfUe^Y;A@d`7bHPnTylk3{aDv
zo*^DD>~3ZMfg9u7fo_q9K<1sFc)c(*s9=yCd-!hUgx{{?ApnpHAOAO|N(zfSr$ZOF
zbKgA?erzLC>c}dEj0$w=yZx;riA9aO{rj!#Q%Hl?lS{7f=A}E_c5&DEj?Oo#$8nH9
zk;&)H@`i?(@#Nr%LC}X@0<glD*Z&WZ2qo|P8F078aqASGMdbv7n*x1V$eN{!9+|Ti
zY#aaw4B-6p4;B*RKC3fz6ne#hvih?XOJuiz=bq>BQZLGF?gf6t-08>VJS#Ov9Ufa?
zt#UVoVq=vWXc@My@5w50(3qw1{|}JB$Wmyv=2xtR*%LBGZlFA{vbT86R>q*445;za
zm;;471l;Y?cmcmPeHSNyw(VglRGzcu0eM~BJV5Th<%w6Y3Jq1(9L>UYJnI&OVyJmr
z^B_89sELCz1(_QrO!vJRGOs^6eakQfGv~thTO~xK7ZSs$jUqo-Jcxp>6J|qt(GitD
z4c1g-#dPrtY^}L^lF7K@et)?&V?Qjp)yu*Eah+_jWSU6>Im)(+s{S|u!jLAvF(znF
z^>HfChh+B2!%|?~V|{cw`e&;D+~30~?e#5onH6Wd7B4$$epn54eFe3jCMy$#x4gbf
ztkwR$=czT1Lib}rhQ#oVbFUUfGzzt!F!jqZ)^@=V1d=Mk1VB<H9$XGdoWE|jvlq@>
z0CVUkhJ{RY+~!JM4xwgP-(*?sH*(rh%OYp~>8ItYQV!rn570NwzjPTe94oAM=+Zbq
z&4qZ3^0TLBu;_?BVAEiTm+2{LuJ+WpkL<#Ncc=6U#E^21s?3wfx_|KI#>$*JxAW5|
z!yy<zOq@e;B}Dyo@cbD-uC(w8=qZH<3J$;dXd&2`W%=Zzp$y)9*y%BkFXNGcelZsI
zVYj;ig=*xemYQq5l(%WfPV=P3&JuFULHJxrHxD-vI~NEL7Ymx+nFB+d1#HM6Qe6QQ
zCJDBEr=J*>S@B(V`_DcPo22I2R#dlJK~X5anV8RtU=m_;YfBkJhz%mwRD^-Jcd$#>
zk17O))>X-*=D0YH#7C1HeR7qeUO&;sDr3~^67@q@^BNn+=h3H&cg3$NHZe<T!rxE^
zhkZJU=S=80Si~9@Ebm7+@nRN~zvC@B1-CX&F`&7)`XVq25YQT@#xl(u>hb-{Xm0b#
zXTVIG)MkC%7KhJ&fq66>pBv|;O!Tt#%yN_{XTwyjW;OkkY))=u5G>H674`a!nuy-H
z8=k)P&NZhU*NPvPreyvFAX14ZJcS&>>{2`yM#i)QhkFDR?dhljgamkPZvY!(re^?V
z_&+sMu2R@pMBB)`AM^_xxHcUW*Iwd`x<WF;0T!+KZIA&o!H)u0NOo~ORvC!`ml!-|
zf>OOPH0(j>bJ-Iw-<hkhet1+>dT0LXr(sUla6+k?V`{vfU-2;`w0Hc6hG9JJWJ`iy
zPU@u8GITzo4K~W5#g$oM1@EfGs9Iq=+StdpO^+Ro<RL{KYek)s_z8T(E|+C|=)Jb(
z>?-)fIV!(v+%Gd~zbd+}4x!k*`V2}4Z3G>v`#u*XcIP^{K%TRsean_k@ccB-18|Ay
z!@nnh!XQ2Y{Nnongm9p`t}Tjs@LO-*G@xI-8pZYy>J&kNsgT#2=7IbR4kJ(Is8WSC
zC~=FLJ4clxjKGiL-5>5vaI@>govC{DNPJHKj8GA~9R0+USCh-lz`xXu-_No)hdi4W
z-GCc{=4;<E*za^NAZwuE{4Qbn=!3a*qNx|&&@(ej=m_zX*~YZCab{wwh2e=T%5sye
z=0jrh^`<`0S^i-nHtFl65>&+rX1w8bZ`iPH!;b?^is_h7dJpU>{cj#dkV8)D4XgL6
zh$@!V4GyhC-s-vYLK^%Hs<lfHKE(`w=c((wc>bs%o`w)}lbVvN#UJRR^OMNAmrMSo
zf((m%Ul%?VTf3&|C9COD$}WKqzd^$46|-aw749HG`CPMzK@_wcaDloD@{yzsQ0Akj
z2!YwTCB8i))Z~vS9~}9hV3Aef5LO?FXJ@VKFoZKaJ>bBphQoPF1(0X{j6cgQqg>2I
zaiK)K%0m$vfvx9DYXFUHz{N!Y-X;L~LyCI*wXZ4V`4h-lYrX)6_jOaU*8p6uf=#qp
zb@h3Jf6I;L1zJ(fyB}xI{LJ~B)1(wHqIUMjYUX?Oz&~Cd)zbh>W=*U?i#7RR7~_C`
z7Fs|;Lc%}YH=tBf<gHIs?B8608}9^Hc<JiKr9OC^<5Q$_Q%jWSp?8$eLEHE$7b#Q`
z=;R{l`rQO!o&2=1<!DuL<Lo(N*Xv?B;1Z>i>29r{S0VpGsR6*F3z2T4i~;cRO-}?!
zg)A&^0%jz08Q$^|cS=fHY0GK%Lr5YA9!0RJ&h(-?YWsP`Jj%wxy7fk4_#43mcc61{
z%stGcF9tmRo+ZWG_ZZ4ky|SOW@~v5FjL1eC915?;r2jjw=EvpYOND4zH)22f!wWhi
z$3ar1!-}tQ9xH4)J0AU2j^%ty;QO_{G@TYH#kqg$MfRzHx{|@XYp!JBa`APU#Cj?}
zwBy9-{wikK=V5;xH;HJn{k;EcS0@B;Q5UhN(LVP%+7>498Nki0a1Z#_!3T6DmC1bf
zL1H=3Eb99Z&E?Ce8j+n?>m1{q)G+cH3<Go2_dblv`JOrc0@Q4otuYyn0Z|{s@$Y5S
zU+Dmc{WteFK<rrNPWqce!dncj6%PO?4A=#rBa`OVePxUTIOXqwzxaFubBFQw05W)X
zxByMuzCZEl4>x}oKmdI{!<tTj{ZHht6p>^Aa`=A${C%x-hiCuk)5H(Im*`=wX2X%n
zXZ%Y?SYy#~eKy^v?cS+T>dnT#MKhoU1S(#AhkDoTlDlIFOxC+~{gYucC~Z4#2w`N`
z?FL@cGB?PQpZ^3;mje^4v!zLL6TZWuYRaN8^xfXcmQ(&u`@ZJg6Fn&Vq-6P;jN)+k
zs38T{{YSIzp=^Ahcvva(PoR6tj$7HMHb7*A_w3@k_lLL!uX+uA_Jz1~kVR525_^n<
z)w-?S3T8)a+~-!6W{!`qo8p32RjHqm68L-G;f3uL0Q&4JpbGHo_|1JdoMKYb(QXNe
z<RrfZoPVzj^qZK3m(&%>587NVNEFc5uQLxgs6GN@dmSo{n?<JKmnIUQzD<u^GQm&Q
z{A%0FiJ&dt@F%9!X2~Zr%S&&MssZCLlrLM&Yu&f3+8_O$q6uRzq;MOsU&{%yatq+*
zwSMUPb@=A~6d;n$2-so*P}*0030(o#1qh$!NabhKgTuW6SgZlK2nj&(e$vUt5g?pF
zkF?%^6y={7J#6l-S{fi*O}^C6cS0Xp`xKDW3_zaw7Y}@a$MHvH4*Pb=nP$BHNXFv8
z^sOTRDMEj34^;8sJrlJX=l&h>Vm-uE#?F;fG1<O)PCvMw-PY>(fCUne*kCXI&+-hv
zR+Yj;<jTEkoPv_C3!^kMC9uVI??V^fW?7Co97y0KI#qf2-6;8eF%z-ekTYR?*^}J3
zRx|@AG2~Ev1wcz#UcCVYoyD_VVuK#;???i5=asqqu;uXP1{=@)wZ!QD4FVnAMKp=i
zG3UQqCE28sJQ6mo1_L6(w-O&s#4{Rc#i_FzWGjuL_~RtOey2aRm<O-cT>OodZhm#M
z8ES6tR_6hRrMZLur{D)8W@dT;fr-p^LbQn1k_%8dCyzfIvp@{7(gMR6ymi7AU#Yd8
zx=(@NYWY^6JFQ0i36x}Bo^pGAF9_LR0a>Zb4`ROot>fE<TJK_yQv(awUz1tFmqGu+
z^bZ0_k>Kchk6nZQ4kEnKvwAY#lwAkP1AI5av$BF|misjX#+prR1bVmAQlcOZ#?x%|
z&}=tHvLP%l!tNZF-0{xhB-el9<DX^5E!V3T1sTQvh2AG0FBh#{Uoz!B;6GjGLrk=2
zX(&bOIC*LGvMY`;N)N_LgT(cqrVcfyg4htC{AF!uK*_T|?z8&Cskp4mAFnt3EufUJ
z9@sRbM*|26@|xd)Tb&NTz6HE5=ahzuY4mQ?b5}64#ezhJCcRxG*_SA>kBoNy?ww*V
z!&^{wt__uE&COUniQE=bngn}jQm&-DIME%DH6^=Yd5;TEoVuAW&xBjcj72Su^r!F`
z1Hk%NK_K0b3KYWwl*^igVsD~298bB;_8!ET=xRB&(yy)Ig3Y-OgRmtJmO?OVGQLhr
zFV3MRmRr}mf3<+c&2qRYXCF>f1nJD~e?GD%Gp?)vrr!MTU>$?LJ$yOjhXKeNp9$Gs
zM5BPd@Q?2lZixj?OQOsgK{{J`GYOmE&vAh(7Sly!=;ffBzqw)^P(gm-e;_4RJh)%^
z3OySMKnnscW(q4!Vx9w=Ed!L~1lMd@vPuTfFH@7V%RWXJHYxvpT2tto7!RXZa6ZD>
zQNcFfeTY=u%!!Vd|9IQPH!*jIW}UOpWR)@M$uE%D0K0e(quo#AMF5e0d6T;A0<x!9
z{Bw~Gut7r$hu!GN1_d&2@mE2K;+j*Y)xI{ITnj&1aR5OC<U1y+ulh2WZZ=v?9jlZ%
z7u$`?ove#~mFEC<X@kQe_4pkPrJ(Ns&eNBamjI%cyS{9%;%{Om>MV$<w5$aCcS02Q
z4BAP}1<*d$Y`fkEKyX1@9_ztsUU)l&n!vcclBO0fSBPRsI~d=YDp!L5uGsYyncsfj
zIJaKHslgP<kw8te8@Ni%<j?ikY@&7jg<pbGsmKzR;oV*d(@2(~n{JXMB(WY1Gu)5e
z;7_)w^0clhot`TaMElY{YOa#Py=L&EB4ZNQpg2Xa1?BWclYBcYcY|MvdwAqcS}>zj
zRFwB0WJJsspiJywAUF_#+nwU~XJQ?aM;0&-N04_s?^8v~X9Gf(#E}6KFbP+Qk7YYJ
zh2$)!FCPUpIxOh5e+(pd!8=#<s6l-9M_MkF0Z;XPuMACTu1#*+T64!y=*TJ;zcU#~
zG_&-%k?weg1Pk}H;XBJ_^T=*Lk3slfD5>kUQd(eDQ>-N$K8|7-9Ns#2dHzsAcB~8T
zoIZJo&0(-BX3$|#VnG&hiiqCwZC<EgpimXhs2YjpY9$U@!$nMnon)<PtNeh8SwkUU
z%M)u@6>@X!{|9<HW*;N8&u4ch`J(W-hB(w`^j!vy{bx!dsQsJ*5fZR~3+k2s)PjCR
zM4A(wV_tS42V-G3hz47BRQe+FCRYMyS?PSE?@Lg$h5Sn4kjn?cOtFgHS7x6SdzB83
zwR&yszOcIhKfGZ0Nn~r->oI+wA;DtOm?$a2pJ&K`6TK8`q?pGA6{nE8-7RqLd-hAd
zV@qZ^w-`ZjE}qOoXfBaJ0m*Yd)(UU46J{ooPg`c$y$nNvcpG^n5*YX)w{K`0{O`77
zQ<gX`5Q(ODl;}5^R#T4vh()N=6&YT@+x0!!_kV4?1cm>S_2hsU`R)E!@EyIJMPDLk
znNg@!Y+8!>zps+dUKlVXJga<cr%H}7?DLw$#ATUVf)8>Q7_S!sf1;p;l$4?r0T3$r
znxgQ(DiB*neh##}R3VHd{Bhxjxt=jzhp%s<Sz$|vITFDF9r`wJ4|MBnLG7~-V<E3x
z5~{jdFcky$!H`D1BL<FL=ZLbs(w?1?{<ZrzZ88}v!NPftay}kIL~}blMD+w+_PJy$
zmR@31j3iNm5f<Svsji~EKEs{PNpkA?0bzVjAD63YOW#Ev2@!k0`Y91a!tRL2KOF{B
zM0@}X7P%12iwj*NH8pN_{Yf$=0_={sAutl99pG;vXfya?C$*sh6qDahiH*r)JLr)D
zhZcW<dF{LhIjE<Pd{qzBnQ0>g(cp$`KB7l&bzR>;ZQwlBE*W5_e@$in+sA$WJ;3g;
zqV;=HSEQ}=`@*yLn5;=`%51g5CbC9=uIjSc7KG7w!~p&%S<|p7M>fl=4;0_Qtg8gR
zuj(ioGhch$ZbQvtgW@2OWnOaQ(gZf;7rNxen4N9UdGH|XGx8e4bM3{D|99CFd?0K=
zAn0Yt2{ZMoM?dL)JnC@%B+w<7@&y240&TDXA+eMcKC#*R09L4z>Xi$(Z*rB9AOe11
zz8On6>mLxusD#UT8!dpLuB22$vIX6Nx;>G#b8o0GXS8vzrC19B@>)JY(cv0n-K6k(
z%|VLy`FX%Rx4tSU123?}RLBLo!@{q=9mth_eANy0OPDgb*QjRJVAL*xL+5NZap8<T
zvP3O#VM7w>{7d5Xx&Xs2<hjG07sCCY+CSId_>HpnmL&!2naQ)D^RDn8kJcWjmfR2g
zZCMz!N)Liee&}i*U5$9yHgQ6wzu-LQ6EE`R(JKN9qk%1$hog`9Ru#WY?N~?U_CNOG
z)4G{;z52Wcw$rg?`Bt*?E;P2e=fU^peLW`$PRF5$$Bn3uBOZF*&q5_zv2}9!Xra?f
zUjX!1LcUOb1Dz(yr=&nQSG`>W_M65Hpm+c2;K^zA03;k`>ivEkXqgQ7I1kh<g~Bfr
zhUwAJCC2*~tpumM{-^NhY>f6hbK|6M(PL$B6T);hu0Sm8utP0GrZVBibQ?h?w^>Qx
zrDt`2#zeEG4s&&mWOH;z7h6pErGt)UP9SHNk8mSG44N%cokTPCDiWF-?P28wlDi|O
zG^<6sp1SJ)MpiZ9!#1=7_BZdRuXn8P=)dO&oG1?WN7@-c%Z#zaHXs1=0g!TFJP)v4
zbpU=c9*;*J#nd#3^XGj{qlC7wCeD)v`aV11=6AQ)o`)TMBXoG4Y;9V31<x2jkM*Np
zhQjXT+RlKGd)tg<K~Q9!vqH~lM~^GNs{GGVRS5gdK<Ax#H?_XJQ%Ee(l`EiLJ;lvx
zn`nX)YSj<YXS$*<9|jWntwR%r=v!Si9?JAzHyyMTR*M}ZzwTu{{VR-0yU@FlR__u!
z1{M5AWeK%r1^mbykD5`W%Iv{82<dP7BcWMV1D)|9xcsX!HB<g{D&@lL%9hLKGWv-+
zX{Q$ZZ4nphj2@2WT;)~#uN`<~Hmo_>`(F%7vR*6=I?-RVP*<un(FU9`KdqKzx*7Lr
zG!+^SFodM23Ua`1`R^;Toa}i5r7bw3xp2o4(S}P+YPk(`_`wKQ9hXeU^Q0XQopZ#^
z)kJD8Ny^m8&Jw&vW;?{3gh=5FIObLpEXc+?>EGl(ldN-99YAlfA6N@nQO@M=Nyyn9
z;X06ylpFBIfBhg=DUM2-`7|$B`gL~VQ<f)hpCQEu$)Di!TfDvO<saoR)eBqGuXUK!
z00%wBomDk|05-}CqJ=9e%+|qZ7$4&=Xof~WPA)?7w~>@(4PZqw_s4U94n&fRw0iX<
z<TbZaUY~rM+6_1D%0x@tL9xC>7imq~W$biAfIo5rHZ0wTLT#`fl6v%$mI#9X_jCm8
zqRCAqX$B}0AD^)yj@`BaKP!1TolT#v$Hr6p^7#Fy(YM~<yVejOVsP<mXRu%90??IZ
zxr8fObHOAeiQ*n8x57oTyf?qKl%DE_6fH}LM2p%07E(N|I&vW1ecu5Kh*~ow4~`6j
zmVla^XM7TUZ9o*sbxuYM8MF?Yw=12AcfC!SYR4$Nd%7@=j~pKqqQ0&mSU2kX#?J2F
z8@Fz$tVAaCc`-2eCw4(-ozG*bzO<gQrZ&g2CaP0}G_MMTSw%Re(}dJ$n$ghcwY?P9
z#H+2y$K|phc<V!<c3K&ygV7``+FpvLo#sYv6vogSP4O(4Ay6Uqo)bX<T8pEZJQJr+
z;CG)W7*{8$61=FCZe-VE)Y@eqw)YBHhhfGaIw0!5{n>(>Ki9IB`sM#Hq}rU}^_-te
z5E)5tt77Y6*$%-IYf<o>c52f=&+?TWrzgL5kwF%L>`!FN%92?pNZs+wPps2_nu4|e
z9Ali8R(G0?{68i&!&0nN^3)$q^c`}G+yR14IQa)!AkF^R$;g;$eA_u5tF(sps=y<b
z>XI*ZmonW~FNfk9$%RVNYMK97?+M9+8ZEnXhomahF|!c^XWAC;Yonsn!k1o`-dYdq
zf{F-kQ;^@^Z3l#gJ~D?|8w=7urXI8&A$m6D_&CO=q!WNX$ig`T%LXl3^_8GSR-7ea
z=`C6j9Rli$U*?**q3aOr37{G}G2YT;x0>-jxMLeyTbl(X1UnXZ7qoqU{~5YYEECvW
zDX&*_i#Psknh!AzxS|tsKFV!_uB5P`X%*1Sd=7xa3$VSGRPBlEtCG!ujZ~N|h3E*T
zs<~ORW+nFY!_x<C;=Ed8(J?+b+9(q>GcGQj3mQm#wkgK!w+^mEL-GgFW}c9Xo~lta
z*GF56pTgo!0;^cJqBQ1YwTMN>`;GIIFyU#9qp&Mx=6KW++#W1umRj|XHX6TbhE?`&
z?KIDSf2^q2{i#|2Gab!~SrQs@X{>%VuYrRN)M@9U2))NL&QM)qGF&4Rzrb81_k-a7
z%+flF3#?&jhD8B!=X4oZ&C#8;6*?SPr+F<Sh3p}VS2$c1Ln~HN4>ORZV}4EfCOo|C
zhfMsJN;?XEXubX)xIFM3O~?mGJg|{crIURH=3XBX1YrrNFdG?iXb!&Ar9>UXJ|8^!
zkqu+UYy1Yc64r%TQU}n15RsxC&^{-`fj&`JFutnXl`cm+eHNn4F^2;c(-i&*Hx|HH
zVRCdsjulV|ba7kx*68)Lmr3#Mlp#cFw7Cue+yp6n`tqVkL81^*P6hH2`*zL$;VMAw
zmm86#mc1we?tCW_keh_O!!2W3-#+rMrK`N(pxuDaX(5p(uizlG$m!H^Xque_pB-Y6
zgyq2$bPxV#18y#21IF6$%8WKPyrUt(0@{F@6KO)`L42niy=dFOX**aI@f+z(3nuLD
zYe{nIua!ypWpM$gDpi~n;S@)+#tB{MeHtsP^;r>}-N;;xA6wr2cR-7(&{)|R;DaFz
zU<?$D1nf+yZ2{`kb;BJ7#vOWGp(Y5AK_7Isia-*bgBLWh+^lUj|1{+ZvPQ0HE_&Lu
z*6o=cNor%}Xjh2gYUcA2>KZexduA{!c;?g=|2n;R`DxIv69%ByN*{R;B6vwidCQCV
z+LM_C08Mnm07{X|KoD*6FGR8JA%=MUX-($1mr8A=#km0LrhojwEA2WN<_9<EM;CV7
z2$60C%S}HQJ@mO|3DRsIwo0~5vhyU=u<NvcVZ?sybxnpQ9Cl647yTU6wv^-t+afN2
z_M^rNeeD`Zk`5_P7--=)>`6X*m>*j;LMPora<^8|O<zJhqv(d4hpVXYIkYT8WdAh|
zFT{%-F3o!v^)0<;7EE|CpUmb$Se4e1v)mE-)!B8fEHcjOIO_8f)XrwZ*KGCiE@7M?
z-;banAytVj0#l9ShIEE;r-~>gF}O^#H$=J(<J;ZNFgz$KqzPII29VdB>PlwB)YayV
zpY?CZB{*Ok7s-VejYU8cgx*+IT0e2hn|SZ*E$f-!%pd!9nOE8Zcx(#UJOSB5+abW{
zps_a_A1mEDV|CgGU*8k5k|%u9=nYp!#sljMp~XA?D!f^c&F*1cl1pE)GC)(@%>26!
zo^uQ^^G^}T)f~11aW2p06JRV^f(<Qrt!ZGdfsg7JdRUs~`4GSON3sz^j561uC%vlV
zi0T-QJo-g04+hjJHvgzTiEd=V(k6>7S89%xxxtw>r;T*luh}t6RDH>xYMvs>R(X-h
zW!Pm3ZBZ^l+ceRI^k(bb8rdgHSRrWz2T`nl8(xJ#991@rM825M_(P6RU}@e6hOK1i
z|5{?^YapSj`5W+OvWv|LR~nVT(rLDF!kI$Q77~vW-Uke*T=x%MG)f-{SH%&&m{?}B
zCFDJ$Ky#*4g3+3=l<~Y)FeI~8=kC8fnXvWeiJY)x`%z{{@sk`l#&ZuNU8rBSSGtE$
zM2voOG^>^h#>$p}GeJ1SP52LC_Z7S7z*VGr+$1za>tS{Z4^LU8BLcY};gyoehV1Me
zvHS@Z>dDwx%x|c!J&*s{1=tomVlm)<E6o{@o(DJl2<qDHd8$`xT-Ln^FNKXLl`iFI
znYH5`A7W#h(3%%OBMoeohC|CT*VyfUpu0C|IfO+ose@$msg*UsgDYMttbi+hBUu?x
zkIC_!(|{bc`)RwEkt(bKp^v#Z+1jLONmigi16#G53;V1zh%zxD)xk-cw{)Sa3$~Qv
zrSWc1IbH2EmJzwc`-^>EmA_N=#yKb>cMa{iGVM9f=hPV6d2v|qVD_OC$u0W@fQyu%
znDU)x33RM|H$|OfQN7YaGYcGsWDt>h#DKVJZvEJRO&F+)jNr{D|8DC;exJAals|&|
zlNfdrJZHOW5}`+ovwv(#J;MUg^Aid>;v}8DXy1m=Ex}O2kyZGIh(4MY^He7Y4Q`RQ
z+moYyI8@LBP_5_3&ym^!3e(!6nNVB8YF$$ihmULv){vZDN@{iW0tV$6D=@`s((^Fs
zvEDgeo$Lu_k@$tks1U=<({WrVFuSpG^nC-N+CcV)=`vk`^S#<=UF8^v8D#t`y~iU(
zWDlQ{dz`6{ywpWNM~{Z%)jF<=sp3Kqj{Zx)PBj9jFMEJHs|s?93x-sH(GWOBUn+sQ
z3&d02dsWrceGk~D7DsarF~YW*{Oz*&{6Ca<-iYh}o`OtI0=}(<&H#Mee73+)n0x;4
z&l$nr)4j6m7|*cK%r0Jb{~7l_E6)ZODHn3SQ1&5AkX;4;CAJ>p@F6+Enlv`xc1tCv
zl>7|@UYD_AR^nSn=J?QE#!3dl&m9xn@Ds>XZWvhq)r%pXwdlS!0RZkrUxfZ$S+tr}
zVO-&pkn~6ZqM~BF?pFXgGG%DUit63!#s^0~kx9h=kuT;ELXY1+hX8&`zt|mczOljT
z`dL1wGjcsil}cK-(w-~s%xVC*_s7~6WmcteqHlSzz|mm{&@}*{FxYYz%{jh&283F8
zn%6UvlsFc9HD$sNB!`b%qPpz`!52eyX7d<!6~T)L<=%kM!8E{|<d-4A4!N~P^S0Q|
zmJgIKN7@90C+-;ek3+iAa6rorI8f7$hGMjgK@$X`vTIEI^z7|W>rl&6V0DArPV&HW
z*T2JD8x%vkaiPE}lnS7GeDOXAm=k-e^J2{=iVm1ka=#&#3>=w7#Y;H!^AUPn6{~*{
zb3nLx_CLMzs(%>-^t~W_5~|8$A$0pZq+dOO$$kqX?OYgR_ls%7Cks92f;PA!m1zEb
z_Wv4<XwzEpVL#m@yykgzWcI2Ah$SciTH4xfSx+LJ+}ktu`x0u2&8mU!r`&+ow=3qp
z@6GJ4xaJ1$FXV(7sL`mW0N>?zfc>!-6q5xIpGuH_`6r-MKB7A9W<i&30i;7J$72GW
zqIU_zkBM)q6g!HZcA+o5e#U~h8XUs8lew9REcEpBSkC+{lN*)^)VvVs1Mr;!MG>nv
z&oiANeU}10&j^2F)_n|~jBdwmt~bL#r5;~0fYxA6Uj9EOf_kwfsH3``5r4>Bxg$h(
zgv=WGB9<#d;3fnE5rlUOL0}C=bm&6m+)~j&1QPfIA;r|$6d!p=5I`;axw9@F5N&T`
z*LJ{Y+ZKAsdx70M8Fp;Oa;ZrjeC_O?O>#%uJ$q*YLSCZaZ?aR~MUAAPw)rsTE<1H9
zahfUz<53Oj24t$+TxDUZ-2}*kpZ%#k&@w==XT_s^@_~h3I8*I*y&-pit|kz?*iGLq
zfZunK<wu@-nIQ1-A=$a;*51331IA!DAgkA%5_(S(zF_Gyt;+i*9Vm3*_=0kq817zU
zf)|i;q%=Z)?4CO~Od}<l7ee)4ZJ~BaJ`&BvT7cw<*#9=(y^b9Jpg?Ka@b;p|@wI>+
zhVF`J)Y>mOKkn^U12K#$t9HHq=c32saneu#wDk;D?9^}-<4J>dJ|ZDLl=^1=c`$aK
zkGLqHAz6LxNsHlVmGz#>qjO4HL;*TQ*BD89|It!qB#S4JBGn&4wawRi)2G)Po(q)F
zjng@M&4vx?5V6k=VKjnOpy^<ROaDLzu~%aXZ~GaXbn-i1EC5!WJ3QO57BV#Wlmc8|
zpH*T#)3!~%6cw4KGs6_OZpLhs9Om~ZtzOWSS%w+&gb@crL8_4A)TP9@52%h~xWUqJ
zeFU6<pqQL>GLjU`2Y~b|oe~~OP_*`NaK4gUeN4O!`O2^?d--5wR-kY;M%QweQjeRR
zlnz2u1u`m4SlSTD*zJVyK>JpVR(Fx#_L#<}Hz5Cgz`|^=V;-d>*4U;ss=EP&g#iNm
zcvmESp3_^!g=u|0iBn>$yFD4sby=CNov2p~>sr7ujNcX6ueLlY2wEI9kcj*zYJ2kU
z;yrq@y{fhohwZ+r>8;4U9Yxwd!o<%*`n-wHWWQQRQHs}LHA!6QGvZq+?J@VH#LCi<
zvjX+Z1uiB3+CvtshoUJvCs2Z`npUM0!^$8o!Y=sWurxI%I$t8q^}v$S%h<T$hBYSr
zgZZqE4&fpt6ZTNQr}&}B5QPt)7(%U$K%xe2lTQ5@Db%vuMRv<`?}ZHGHx(-$nY)E8
zb7dOp+i*q}4`Fpi0F|r&M$ynMI#mc8`)Y#?lpw-i+x3Vs9fwQl)d9KrcEq`!mdn9Q
zPSs2b;SN<&Q_pj7I=IN40y@gC`uxGAd^1`)Y%QC>FyJUAR=JUUenYs@DM<WIh0MGX
z0X+^fm3iRQ(Sp8lm`&$S;kFNfTSW%LUW9sZ0mr9<x3Itt7^J_+41WofED87{B?=R<
zDnpjmh#UA(Qw)eqcQ6O1l@}FYYO&dh6ga3Xbl{yDVIU%~OkwTO|GZ!k1nb2-RPHo1
zX_s1QX(R}4!DY5R<G$7$e$Ezz(*7$gF+=Xo#)u>Mqgb&zME>?bEjo;{1vjwV<e2|q
zmlCL}WURqDK2*O5!ZUC9(~4S?S%2w(@>LJ#I$fq(cF1hL`kO+AOQPf5G&s;!xpwtk
zT2nF53YH)ooi=3Lb#m^#=ZCWtoZIvs!_fa+U43zy7Yl{&Hiw1{RcA-6)J(YyK~YnD
z&A6na7K7FgJ>Wk>Uy>PU>ahcBs|%ilsYJr~xl&3C>(<OL{Q~$W=<+G$bnSy94^hhZ
zuz$vuhay0TMp2?~VE@F2$lxKemR)#XDj?;_o(+XF=YR)&@2d;=LZJ%+Ekt0?EulaW
z8nG1fW>+^>m)jj5qigY*K=BWTVf^Qx|JK>kG#{5eZIt0OrlOTiF{GDOv1(UhFD6e`
zLm%7KxwPDm{}uN1%71&fx=~Z9(xGaOSw@`_<>?@e^AV`5)ssca4ATZKyAcp5m)5TM
zmZN;w6-lOrfQP}`sH|K*8^NHks3|5Es`V@1jL7~l!n?kLJW^AqIv;t~k{g-7!dcYu
zO5{Yb2v1jtrKyq)WVlz2PA7cX&X02g2~F9Tx$>e)h}C45NQ@Mn)(Jb_3L1=9;8Y=p
zBJ7p4(<H+|{iW^^v9PVt6xu|OLieE_Wmxu_i91V-N%MCbMvP$o#3g08_HC+<cm|zN
zW1)G?Wo6oL5z@AAjE_8rG<KiVF>cmx3taxG;$QM{<Q6tN)l&5OdToEL>Q|xL)|1Q9
zTqY?cIIAUEiA*bOq2cKm9Z6GQod%Mbr}lC-RUkuIt92?43-HFV5k8-hZgDANDprHa
zb7f?+#;q-48u({Dqr4Y#NuROhF*lJtrtj`%bB@G!jOl1}ll!l#zN@|&Ju6=L+Nhvz
zH0|BhsV)CNw>iH==2!7zC4JVoWA$zcfgrPAP7UM?4<ekIn~xY_Yc%hsKm&m_5NhZ-
zO-s?!kX3`ot>je)vXQK$awx?`<|TZQa*AG3^&GzQmyfomvk?=YAJWu?X=AMm{A=Re
z_Cd~2wkrR?@#+eHhw9i64m1d-mFDz40_JB9vX$S-gJV2acGrUh)!fr@i<$0|@ZVo!
zGhhwhcg(7(C;~TuaWA<4Tve%CX)DTQe>tS-l1lV8#K=wlO%>(B;DTcf3DJZQK;HBh
z{tTMsJBoI-m2_s5_rBLZ>QS~>lmu|eh10#!+<+yQhE$V7n3u~CV{YpXsF_5`C}o`U
zM9Owt#RvMk*_J>gfiM?)CRI7r;qPNpFSj=qT8ZzyWr+0Ep?plP87XQB2f9372oz#;
z(X^3!V^*p$H_-SVl8lfT;B6Sa6P!cB<G)><W8dC$c6zMR%(`#<FB|Z-ErW*Aa)NH%
z^yS}G?_V>7FmbAsD4nqh8mgma?dEwT-W3C($R`7Gy18s-94$G&*nxd|XvXklybgW3
zPyf-I0jox)pJws<rE)c+5mYLSP18~h-id;#iP;JK59fwjvh)wzCTxYTp)k*++_Ll9
z%!utas<PTp=v^fHE|<)9@J^ofw1na|ghk>Og-MF@o);)Ud}YR7%3`$8YQi@H^tuup
zO+_?8<W*zYae%zEw!!fT1pS78XxK6)_;DjL`R__ya8b94VxGN8W)Y~_auTv<)~f1(
z%&B1?@iS+u0sXl+_ii}&2px$RZ)+nAe8Q?`M#{OAWR|pMrXrsCEhk>6ts<$E8fA@r
zT_P(=Bw+)uWOQ6+@gOT2`1tEU2YT?lw3Jt|%bQ0<x+7A_Q4aco6;s!Hz(Ija08~NN
zqf+PXY{0Rh7()_5ThgA0A@U#i={U01+gDIe;lJdEia8iQxg5E4Uz0}X5Uj#^9NKaV
zg$QtO@>eN-Zs|<*)V<n$j=XWtReKfUnLQM8nn#Esn|~Wtk(ku1BJ@m({)PFx@RX|G
zB2Lr74y#>?%?PKnTW&(ATE)&GY?~gjpjcxi2}pELw)KxQ*3ae+T8Xiso7!79B!LGj
zof3EpPm$l=Lh#5*ogKq9GZfuaCC0kM`f~Iq!NNg-QYu&Uozu)bh-P5dI1e|tL?xsO
z3=F;$5K7sOm;ew;Bf$$H6008FVC*fy#1uB$-u0P9kx+K@qN5r3ksB+|jN8*B-zas4
z6tBo|CirOxMHA_fQG7xC7MdOM2{J=Q^gf~kbKNQ4mH><lZ^S<(iNrII7JnLB{Mj+c
zF0EN&gw0@);X>=oEPIWr6QvWEx`6M5U#8I=_+bm<Vh!MQ;ybHp%}0IVY+e~s;zw}X
z_CK2q3-~990*FT0#tlL$gJ0wUIsbA%P`PuSy?Nm?N}H%c7uGJznU}<?-{lJbPX`>f
zY}YkgESoE(b8Q&#=8fN!Wd4f}6TT%*m%`<x=-JKqPsp0E0r@DYi&wW9O0(Ky)G>1%
zvkvkn6{EXos>lr}lZ2_bT@ue+L|Amws@qalBQXEdlsT>ULhg#@knzC%r<p5>%U|^D
zwOO#7Iumh^pA`zp1gxwi@)8Rw7|KJ5GfRr}&1>UFwF!}<=`~K>>X(NlyJBtpx1rBC
zcSKfZeb3y9i_EOhfRE2FW@Ba-*hRL&Awtq!vc^w(+q1#g$SoQZhUyZp`5jhoVRhZE
zwEOaOj>o9JKPiyxOJqs7gal2^9?|^@cHCi&<*g4O;rGJs8u=lJRvY!qlCp5P1)|)W
z;JPuhAKu^;&A}l%+tye(qy$emZ^7P(^5)1v7*TgwQP%2MM2sufhOD@yMf|Nue?9vt
zV=&BotV*@AZ;qm2!_YOmId1dKWL3Xf`6#VVL2cj_+hb#q!^7epP0~3Dt&cl?yfrz*
z$r$%Rv9`B%Fz`NNFPMy|A=d@5qIboED5})O11!@4H+95<hCLs5Z3#Dm90y?fy8s~^
zB(-mV)YtQOSsedNpzF-w0WeEbh`Bz7|B{?az#TyM9AZOH6O%t%rNvWmjp)5gEqb%a
z7d@oAAIgLr7;~K@1vXy7ZK6-uPZyI={&ZkMr0x7_=mP=It5t?7i=Se?^KK`C+TIOD
z;DRjERJo7JM!RxVHs$Kow-en7K;c{B=}y6uDc+4T07Y+PF-d?9BrVYn+psUl!?`jq
z4G(7YgC3hqHJxx=^oY&0dNB$A!#7N54)T}aLpz`L5lu<jYYz5UnSjQn!u^|N_^@4v
zD6XMNZTR=%xS|zzGaP-KGS7C0z-`|TBaGlRoDRlX@|Szwd9B#wKQsdBJ>~T1XuX)L
zW8iu`(LCn$%v+&h6Zz5lhP3#yAT3bGGD^g^s@9(SD_7sk2c&&%)FFU~!yR>e`ZvI>
zm80`-;0!gJhyS`owycxwZN3&2HMt+-#zFh_Izc!(s4!9MAJF%!n-2&cIoh=bCh!T=
zz$O$#(3(){2gUlF56#@Hf2;?*zx8Oe^fCqz4<Tpaag9RfBTUT}^T#=eiNN3q?Oe^<
zme!8=2p*1aaH#&l<b>sNc=3R6hD_Ap(!?d4I1U2)0|SO+=gN6rqSw}A&2Eb!!F?@s
zsi3>|Qcp8U3HO_<<b>v6%iqD_Mt5?E0&+3ehtZ&<+7UHk)f6OtJXjCylH^Cr1Ya?5
zeAz>gBL|!kJ`FUovhLbRq_>>4|0Gh#oJAeDSG-IT9gV_<x{i{#TQpVf<Mg87-Krr(
zTU70ssoj|kh1OsY505(jEyJkBRO)cVE6w?@8_7!D42*FBs6l-iBZF)~sGfeKZ@;=K
z&T=UL(<C6a{oN1K#$Y!`h}6fYt*s5|4)<<0H?>;yM-o1~tvXP~!F)*hY~2_w`24tO
zLUvHq$y?7FT=~aIJjTa|D_C7{E1cMY91Zox+pcsuCw37Huo<Zu@gZwV^3d@})P$Wz
zggYIj?!cV7opo8nitFF${V}=maM8v^{BNi4OQ2~~CVCNJ=3Fcm`Sbf;=ki4mhdhBF
zW>ej|>uZ4N!kN<hYXqVcHq7}(YVsN@$zM8GWqUe=r7*5a)Q%$ZOzm5G=yNbS-A#Rk
z3<ljX!Vf(t1FAbOCiIETeRTtc&TE%abfnM9W-?1WrF3dS)3xBMrze3z9&=w;4Mrc6
z&=fkPoN%=4ZQy|WHc>|BpMSvHRQJVikMK(qb!<pxEHp#)W{9h>*4;E)CXQn&%^Y1>
z;-z>;#cNb>D$dz-uQ`86Hc0}8X}&$4NHWJG<@0g42|fK1r-V4sNU1%NP|BDQ;nKfs
zRBzh)r5rM}A&IBDQ)EnTfwPU=5#OTk8xo~&Dt0JwOY&|g+>3Er+qTzH)AG8S>K&pj
zf$dcF4Wg8?BjvhYJ#c&KQ(ig0pVrlU7UwaSYCG;%N10{Hl~s-asa(~EOUaYKzQYTO
zj4<CBt5{InKn><wtXibw_9g*III85QzH>}QFw@#b7m1)+ypp_5tI#;q&XB7OnF0)h
zrH&kd{Yd0pcA#j4DRhGvW}u&GcZGvKM}IFyoSjhrkHw#u4+t8ynYQcb6arC8h_k{*
z0tJ5-{2oD$Z;?gghHV{g^!p<52b!s;<-FECgiaBCr1C%Vc7ed!%lik&M=eKW6H9r5
zY#aV5_$B-@Tn9fFo|@T4uUUTaYlQ`ba0jTVKo~$Nb*g{d`ljjc(_!_Cj*C-B3K5*e
zS?iW^+Y!X(i;v}?VSvMp&7N(auYe)lZxKa*9CG`4i++;ZbPM>R>{D|#SsgUj7ItYZ
zs2F$Z0w}q?5KV1t`9>wC<_oxw9I>q+u`9@2jnWI{7Z#VCZ8O#z%0E6`kpO#R`<VKi
z0X>;HLNOkuF%R^&974B}f0t<2PH{G6EJ`$PU7<emb*YiIKjtIf&>4@FY@^;p>H>ad
zw{wFIZr>SshiqYehY(_aPw)2WWjbiR)&;$^h5~eH9Q0nff<FJnzqf`4_-(c^ey;rW
zy%^{dybc=xXu|_ibO-wSE_^<}<73_|Zg&``+USp0{`%;d_%o)qF&<|N`&&x+>6!Ej
zUT<JM*#7KwV>Kdv5oHZ19{y}Vc^EO`=bcXzEI%0LSI%XTgyi1XSnx1>4VCgg*6dM=
zAII%}j(THP?6my)_P>NNDZdk}EXw`!UBWe1ukhz7oUf)i(*CM(ejeq!E9^}(E#2*Q
zJ9)m5XhKg@7f<AWE6d4F;<Y>ISnEJP{Gw;H-8C$4Mrghz4j&-?h;MUjfzRwDwyQ9)
zC~msOxq}Y%y@DZpH(<%3NmfP=ye^7hxz#;}Q9t9ke%c~}V<#kBXhOF?mG2VVGiHms
z3(i&+%`y`^QB3`p-u7J5yS&3@|AT5uJ@$=}q`CaJ=<9EExUzEJmH;LcgOM1ig*1c;
zjWqV`^^FvP;oLH2Me_NyA#tXy-zr*j_jG#<3jr4p4873|^FgUDhYvkHc`%5~qRJIo
zl?gdAz1;E1vE<m&WsX1x*Tjh;+HXkvW@urs&WYKixgqJD58@9qL$Fy$mcLxOB7{L7
z#;=fL5*`Ob`Q?_tuuJ>h;F<lKAcV-LJ%Tth-Yon(b``R~SOJvtbF}?3jbNv-h9Z1(
zr_(KM;wfKK6Rj2OKKQAc6@nR5om*6#$1L4?A*SMpZY82X=g`CAjsneMbkaQb$13Q6
z;oG|3foy8Z9I#bo1&iW`iW19ar;Z=z1jTE^DRZG`9e7HERGl`#z#TKV(px2D?(z-K
zT4y=e^|0cZSMHJzx*CCS7b|WDyW_Tup=vaYm~f{>i|}Jaf^K;psAHQsoALHLE2yXy
zST;`x@9GuvZ`rW;3jgnvb%_~*-~75tToLu!;5(#B+*woESw`vr9<y!Ix}djZkFh5w
z=5<nHfJ7C<SE_72mlgvi|N6$p2Q(Oy3Kx<e(oiq%`=pt#uxnFGxK;L1f>DLL#K#Zy
zq^9j%kVoWw+TF#rJ?qln&cBOFFI!)Na3XUw)qeK}w6W~e{%(ZY-cVIr1}<$Qi#~R9
zS?(aGP?7M_x|I5ZWvBDED)5B=IFhe|uTwn_Zk#Wd?{vuQL_h$;?%*9K){E_WPtQjd
z|9xf7BdwCTy0a-^RYk|v{;)PTeplt)0nTCyKZFDs=;t>`ljhC}OhJ_7pdr-r(x-2|
zS3ebF6BZ;$%1}9T>1QbEbY;v4X*9Wdao5x0-EvA%WPiQEI^I}HTLwOWo%8>DcC~E4
zfR*6s*O}~-(@tw`Gt{x(O4|8>VLAPo)zpFRTxJ<{kBIp&iM2xq@pF6vJ0eqvVZdlh
zWC~$hJ4Xnxtn?Z%njm(!l}J>F-M6+x{@+HYW2q3o{IW&;-}B5^2rLD<p-30}wV2CZ
z-l>A2sIvVmYP6>>;e53i1Xu0W1-PFc@DEpXkhZ%$j3qyTb%9nZTi936xdnK)G8BRL
zDOHgd@9wod-4)M5u1qA}74Nd$b^VSb6mjprTEu&0h&S-0yj|+Lz9;W*yW8t`w&*Dc
z%-k=HwHD0-N9N1)k;7cT`0>+B1-a8@Ds&7O(mn&zVcG*bv>i<5XVBHls<y=vmxUlR
z+eR}X4ey%p7$(=&qq=((_9Wm39EBqAmc9Vl3CUb@aro>bnp?P<wtzc(L|H3<RMxf&
z7-vA~QRUpHKSVt()K*A)cmvJ%`kOHxJEK|}o&gLh#(@aXBKyXYXSvs(1LZ+^w-{dC
zYma{ys>KF!FH&FdU->(HG8fQ;eV5%bKJ^DwSN~ThtB9+CCH66-1$bfpvk?0m^T_81
zy?$T$!2RsfB24%HgPvaN@Xa}QW(GC@9}Oy@HpOia{xT}%feoJ4O)M|K7EW|KD{${h
z@=@bm7J8EgMM_=;E)GEUap>I~iF=Owx6=uSz`lb&E~ct4{_EtmM%9kmDemet?a$%V
zDiho#l#KYaq!PG-Op?IUS3vFV=C%iAS-o2k*EI$$Y^5y2Q!o?}kZBxj!mE+n<F{<@
z{DgpLGz_*Yf^%lwwo#YHG*THP@e?L>f11pywF(-?mpe2QoZrYKrVY0#7{GTCF98EN
z)N=c2p&Igt@yQqL;U-^NlRvehA%=jY2w88nn9WP)1*0TV!X`IsEz(DEw{M8~=)w3U
zuUQ{WA)w8W+^iB=w@&?J0ou!3%XM+46e&u4=kfX(<EuLVkX%>pJ5DpV=3S-YprJ5d
zT**Cdxh@N9ramcnID5036w*CH4((NS1~@o>vk=)v``X4B)2p1!hVZI7eJvH<-uK(#
zAJgl;p(J6ZEVtS<mJH+WbPXRnLJn!is-}~iNTfNYu8K4zR>lxk+0nRekwsU-mT*ON
z?eOhV-Mti@YX9@HC{-IeYYj`>%Zk8yc{ftlOEo~-Ak>a#kp2D|Miixf<XCJ@XS`0=
z`ba{o#|tificxHMNFriZK!bIApxMJR)#Rq{Pz@)_k+6hKRTQ~wss-mp<P|-J`2=u!
z@-6Z-&hmGFVP;r4Lfj8abM+PTG>+<ZAYf*gdqL}V9M4DT$e)q0s8F7BzR2I+y;q_*
z-B$wn8cJh2ke?>ImOO_-;*%sl>>7h4x+I+`5Az}v!qRH?h`h-UobzKl7MJ4s;G*ar
z`ObF_S*tH~Cc1v$j510=yuN{5Qpr5EYrdAkq{Vcn8aqiK)2!a0t+USV)<#eHYK+xB
z11tT(VBT@pT&~3HL91rI9Yd2m4m}=M*P@xnbTr`0Z0VoH`}QG_@Mz|Ip$@v>hqL=W
z_Qf;}<`WpYyTIc_ygM1?xK<S`O!Xuw7$-_05=X&>PsVWn!+Q)h?LMp~9_*B+`ZUTl
z+n3VOkq%oC?nmVm$rS~Aq|FASs*QDXW`z0w2ev>-zZx(eJ@OnMokyOEY(@QlTs_|`
z5_^29$d>E!CXv`9&gQj5-#3rM)|V5jt&&Z&MY4$tG)5s4Nrw?2ePH;?0IeAak&t89
zA4rcG=gb{rN<si#S0<NeAJ%WHz>S2g#LUR_pbcJKA2ANGx-Wzr(}|=B8=_EVfTavO
zv<?&wQQ0GIpwHqu>VC@brjshC3~yI_l03xfx{vS07%q|#T&1M3$}-VD%9|=F8D&W^
zffBw8V1VV40ES8>L~i6D;6RQJpoiIA$q>2l)<(&hMtK(COYyn-C^tsY9}><@4i#J5
zKAa1j9F>BT!$)4_ln?DugOk<t|8ezvv*2Wjes2n#EY;;rf|FHrd{f|L@xE^!oGjk=
zso+G#WwtwWNua}03DkM)$Kywy)@eoke_TD^tOR;|X`Pnq@+KwFBhHMpMBg_rf!3E_
zsI6iz+Xq<*B!tEUA=D`qLhX9zk(<jqk6a3^rvHzt=bM#6OZ0nFQfR3zZ&C`aqT`#A
zLW}o(^HON>zE71xD#EYbE|5a$h=8;uT~;0Da;IHy)Ejl6>Jx`(jM0sFS7+Z9c1lbE
zje5$sF7=Wlc#V|l7yl`2q~h5jq3k`0e0Cm^01m{Bl=4u8eY9Ki3eJNGg0oo%Z<+LG
zi~DV;s6_y$s*hZ!DKm8v3d)EK1%2c)_~4Pt;MMg1arJz&GI)u8Z%PI))#Xjf;8k>d
zQ!;q*zHeRzFW&d5GFU}{wewM6AsUgf5=FfTd#r|ipu`YJdrJw)regR(h&+raAVLUb
zA5_-YB%}Y%RLM4qC<8rFQaAnv>6c1GioCx1{VL8vKs-0wlM%ez(T2w!0wd^0(DUwq
z<00rH7eoPoeU3I<6nG>Skv_WNBjk9)1O_eTDBmt}l;?t%mb#<sXf@8$@h3>Yp@+0>
zreCV7ufKym<h_*HA8v-&83O3KvVn?vq#}K@_-6_}F8#Ku914m0$W90Y{)?I-{aEj=
z#QE-qgx7#XOux`0w*U?x_NxH<E((zEB0s(>VmON%QoR)=G-Jat^g;w(nR=sWOk)fS
zsUtC+AP&8fP!A7=EOuj*s~WH&WSZ&#Gtpd{_Nm!b4sES`sVfd7X+k`XPz7KUUE};7
z63;_nO;@<$-;~{sqe<L5AC9mid)F5=tPS|8QJ`4n>I-zIFG{=;iSYvBBcF-L6T@3n
z^^k&bv)*b+kA!Bu)dnG=0dg1~Bk!&rJ4MQ6&e_)SBFa#xy-@W?MKgb|mX1uA@;RT1
zWT39F=7XO<emuYAjS9jv8?DaK#7~Bi?`J>S)*nqsHsiNWQj@5BLR$F(Brc{hyyl#^
zm&l1i%<e=A7rv1hNlkjlfqcQRA-WUsGA;^2B#V@!iQlZZWFV~Wsa$sjk987yz&H}S
zs2}_Z2l_y6jOv7h#=^y<hlY^<7V_Sz+T(@n5o8*^i}%^8nFA($;Hrl`=+pxmyh)zb
zyKnZE3_DV>>baZxl#=quXekGkR=y01ioPm63Cc6wn!>U8r)H1B;!nR({hA(xWj<XT
zgLTG_gZ$$%$ej-;-wqf;KKaOx*B7L6bq=8md;(Cvj~sRyd(%jm@+J&P$Y+sXP2#gY
z5EsQ=S9j$?J?l~AGk%TXk(j-Y+1mRIKoCYfLau)e)%IL4?)Zr-a04j_QBuGswIr02
zPAi`PU#{0F8iM$^pT=&f1VvI*nfy|^{*xQ^QQ5&ey`+_iw^f>Yw@h8Y;hxqAXaq*1
zAeJk-vz*wzqGc6O>^n#u;VBCd9Px)oP`;y{)c$4e2G95HM;?;4n*Kkoo^SSizeK+`
zb-rJ!%bPskucG6dI^Qqe_syU07w`MD^L<NMdRxlUtCim1Dt#Qj0`f$GKsS#XyWqb-
zw@f&8b;PweVWqGL_CX(xMW9tbtwxB?|G9qrU!o&D!iLF1RO;|Y2>Mi>+;Y8Fs(h+c
z`9l~4$d6BTDidM=smdgzOavi|&zrpW{`U;HIOOww7q`e?;9pN5HX9<L+X#_Le;6Ov
zRJ~=_h^DHVxt0Wp0&T2-ZW`aIv`B>$AUvWc4qE4z<VdXSaGb|6iHbx#f5{(zubwVf
ztR(11rnclLRA)UZ{BY5`dbs5aYk@(}0pX0Hn`pfL2k8m*!IfS%>Cw#t662;)*if0h
zTEgsg&Vii|M<~re{E91B;VosDd{1{i>3pOdHZtN656B2TO#CEf5c8+&nCyFyA<ASR
zC<#O`s7Rb8;{jO+`+e-Fv-=47Y+tupi(B3QPJgnNzqwc6+4%~-3eB2a1Ygx5N&LR^
zwf41^{G@*0`3kN~G*mbLxD1d}=M?<_N9YQC1y?tyC;sI_tjRxk3mNra`W<z#=)KbU
zD{M$D;482@grVyY7rA?Jqw&p5!^TpWZ8*l_PzJ`9FfhKB!6t@jPVb}zOs2wzt8)8=
z9)FY{o~4#W%&~aBAIXRdsa+zzq5BL%EG?GuYuF#0P7LRbTc&jw1XM-!*3+@bI?db5
z0?Ag*Kh9VF%K~*}t>!@LKo`9vVK9Wg6m%riduv1yfDt2fD8f)C_goW#qRn+ZnRBIs
zZ#82XE%g*}0=#%5N;Zf-bQlSdTL)*JX9~IGp?J^YcdyZ%xkS?$eUq)w!y~?C_@7*u
zA<C#wI`K_b>EN|CMJNyBK{S;Dyd@OiD$OrwH4^)H(P>vi%s1*CMS(`W)2iRrWg-`s
zAS!}~_^gf~!;V;^F(ar1f+BuMmANB6fJ!G6i(g7oVeI;y*bW{qeq|6B>iW|4qu}7G
z0pR-6`)_BDx4o~^j=o#e)AGaaR&{dn@pc=#T7ID2p5D%Kgx#LrPCK+VmAS1c%xzN-
zCIUSN&_Tbb_))D}76P!oqrAg7Kqxw!6ue%Lj=rg^N6lkXzBP|$l5Ynmv3zShOZnD#
zbn<OAJ>K@dKD2yWqNfih-<Im+!^*c+boJrn+v2_5gnV1Pw^QYtGI%$SQnKV|Hd%74
zWeJxm&rg;doIEyJvZ5YudtV<|mMqiL2a_esb@D-F$x6EVV6tS1-flpaEYaJkvP5~x
zG!Ij<<S>yXrHPhB=uA2vkggA+0!L~d_7Q;LK%^4XYC)-2RBcrOMMzr6KJ`2@00E(_
zEG;E}V87L9HTN3_`_1-#zH7B{tyOEtER@+?&)OYEmvwL<9rg$eU1bzhZZgPCd)PG(
zxcoyf^e_rjM>^%C)9j>3*O^TWAI4(%=vj*4^=A#*&K_@jUmscwuO%1IR(0}W#qfG_
z=4?-IrwTUZxzapH?al|Y?arNecRqZUyYu=p>TG9^x4o|qy*sZZPtI0#@?m%9_2!e=
zp59K~os|<)vz^+V+q3P?2l4LQdDz`~J2vO_Cz{!w9zQsTt~3iyX3;C>tY#~<=v%Wb
z`gXkN51!kiSFxKlKK7NZBUP(QIr0jV?+6b<5sb%395h3G?+%D^663Z|V0e&a^Z?5H
zsM$<SYjd_~ZN<~t=F=J%1G&L$sHYwJ0J<(_nE22GS7*jTla5&QN=%ec#l-PY&vl8k
zSG_rkm14}R8QE?`a59gchvfE7coGkWgtEx@k*D3*g%`UI86G3>@!e&-z%qeo@d6n@
z>?2pMgK?wYmPO{{Ri|76nkj#|=4}3Q?ZgJuDqM7p{GvM-c+Re~WSzBEfQ-`uLQTtw
zIi)AsWp@}?r%NqBbc?ABKTKxpQiL_Dt>MirL!l47t8_d?+2fbU2@$(e3RJ1k1s-A)
zaFS6#1LWZTolL_Zo)zxrVrx`?Un3FI8Br8Rg%~SI#$1DxLpkqILPV`q7N6`#o@hmW
zT_|d07(~JHh7`agc2frPQX-#+fT2;~$s9(I0VhNvt-=hwGuckL@f;iO)qFk2ZTBPJ
zkufAa#Aik1Ex<CDMI2D9)zZiH+xo4ZU*&xbQz4#4@x!<{A|ID=9aG>V2T=;cJKi`6
zU0H(A*kDF=@FNZ>tD0>Ke_i3`A9slK`2dC2RKiWET1uZT-n@HrcKN3J;q3jJFLP8-
z0=1g{%2B;jZ^ZI9HQwX(fBlpA#uxeh_t?iH=%q?y8MM{!$Ym_~LGYh+3Bwdzwdx$s
znOv+i`$xtSftrzw6exO~RzX4+z8rjVqXU7c+*<$pB@kap?f*(cby)J1#J650>L{*g
zSxp58#Gk!N*Uzf;N$3c_wq$jMs3uuRi$V1{5fQ}{|8jXCLIj`>P#6-Gd4V`i#N~mD
z9kF{$j!d@$9O(1cdkBn(i~AV4=}jK{W9VV`RP0D~U2W<Vyp`9bKl>>dH|rvX=2AUy
z{~j`DC=+~~j$rVKGQL57k^kIRirw-nr<FYMD&ML=wD#sU2oV+8GEP5z$$s%dQk4&C
z*T>%8w^LaWONi0YC}ObZp}4@9Af2Suknd+IkBRWeN4`TMpP>-BRRGm24KZaTyt~py
zH{oyJLvhu67cmr$u#Z%l7rl6S>o+94=52|PG}&B8Jg*0x>npuQsOM7;<yMBylPB_@
z_=vAl@XFjncXloj0-s)~lzBQGj!eb(gB0d(rLgC-5gP#c=jwDQ1Ca#i*cT}-y8Ooe
zcTUn?jSZ2E_p3>8P{VP1dv)-U2umXe6Y=KW^N`BcLM8NZ5rf!M22A8LdYa#h=#bpR
z5rH#rKyrTnDN+aCDSKq3$!RosB@-X%t>$|QKIvRI4o39L?sw*&dtzrY#FrY4+9)od
z?+j50-p4p3J1HMi2_nQw6uqH(gy=RPd?EGj3R?S~#^0u?u*lP$ov+{=hH%6eANUGh
zBkF`$CMDv3$s7t_cfJA<(*@MOwe(*yFpBeE;#>Qb@6TiGa)~a0hqT=eN#wclvN!TP
z#eI@b-|$83!;#2=;PH*0k|=bLj&qVjHTL?iSCvo>yq3VZ%2nL6jO*`L@QYc6#@Nr|
zhrw5HRdFC=9x|G&(L2h}sG`Huj0`9o`dknX(YoAm`Bz@ay;o<W;E#Y;G7FA)RLBE9
zuNpXUEX_~|9VVB$A?03O(5hM(?_ofz0%1rTNO@;vlBfyYf`dVb29TkTL`|)@&ii?$
zZ%ybb_KiG6*T*z{H{Ah)ub>M9eiV;`Nxy>Mhe#AlGENSk@^4Hlk(jVD=S~$vyw5^}
zWNk!sA>Z(xAgw}sDkstO{u{tI3OzwI@ax4p5D@H3=_onNm@#8nsV|Cpl<JeB1ZPZ8
z8BvL;2)^n;D(YBC*h^_Nk~}Gxh#$NH5BgGSh}=qM9#Io>s=zjRpftGUMuatA)qj&I
za&ipvvTWU}R5#{}@jH3`iz6V#nJ#<R*nI0{->cKHGt-oC2+cpoNvae=6J|ru(YSRc
z8x%5G<cy7@;uzs$IBA?TrpABbflos8LDN#>3c+7*#XXR_sS~|WJw*s4H9{4Gr}Eip
zjfa45VT7v2^R(av8P_MYV=ktS$e?vj+|;Ag<cDPcGt*zmEm!OSU%^!$dQ@;qMldO1
z#NSceE(D*8`+XF0y1SU;w_YSg(HKMUNw13_qQf90w}o7<9@=-&IK$_hk@f@VT*CpP
z``O0!>fjQ|Ek1h-TwT05d;R`RedNll2qQj0*p~@)#3{=MHzI$W=jo9t%%+iv8lRZ8
zhz_M%NhLg7p=1rO`KezeVtcQmsg3Pa2^ko7Lhq__9CC0mv?xpLroG0n4=(=kCdt)i
z&bRE$rB2YcWG9kDZ?k_}(0Ix324bFO|K?kNz|RdI2H3w{{L@&rQuBE;bA0^`bKJ$h
zikRch@v+wW$J#3W{&kzGGJuQEZ=2RKl?!*FBaUNqQo_b;>cMJ~!7;U3_V^&K+q8TP
zQ4gKDqle{J_0egaS}Whq*oU?7?~LDGEhkO<s65!ck35D0FFu@8DKIHN;Yc8sQ3CL@
z=19L(0OY9FQOYJ1bjAHRC5<>hLuZK5Si0+00cL64qxy`11jI)PNK7er4Q;LO0tf<#
zg+AJ}zJP!O330Ub!Ov%DZEO|X46!Fq^0G9lk;2r-$g7fa%ATt~00i;z`3|^|+EbFb
zsS1>w4;eMGT&9w}pmf?wl~W{@+)qxOIFW<jNqAj53rXaw@%_UmH$HevX~gGHoY_?d
zQ{sal#ACjWeloV!ot@wL3HB#K2A+Wz<cUM_vcT|C^{!jcZ&wxeN||VqMt(bg1p*|q
zU-l5YK}a1e42Njd)c^V4{~xEes8_3IGES4JIwvPnlq~oIIjj!erqqWVu<^qvM?&fi
zj_+i0Qoh#sx+*%}NS$RLhv-I};DuJ*Ku&SfstHDNgW&5+Ss9G1P^NlQrD+8>s5d0!
zI$2}#^bEzMWXLN^(u#c32~E>xv{bK?Gdlm0nB~+AX8NzY5)ij8RY{!5MINXkh&kl#
z68`Zltu(aEf03{4cq{nC@4LjI337Hk61nw(m@R>y6HRFiahZ&yqHaiTYK-hF`qcFD
z`wqHpS9hi>I<vR4bLI&Hl}spHjq}uMmKC-yk$$o`*QU0M)S)}VLJ9l3Bvj0`FHIIq
zHb0S96rAa|fPQUf=l6_)BsRThO?{)@Zv4Hfm@Y(x&j!R*+A}KD-@Ypj^m3^QH8}Pe
z5)KD)O^LibLU%2c;%d56d*7A0i2DdK!TLlb^5tuD1U<e6I1|X3=4U@?h>~@vwUSOL
z3gnjavs!^t8LKsf$~N}1B*_^_dM5aN6fyZn!Xc(XFE%9z8)ZCpqLk25u`G_lQZ*rO
za<2RM?owng#hgtk#cDs``*IZM^m7gh8SZ08n(zp4i4sa8Tbd6>gfk(Rj8(BSdHov2
z10T8OoBR{VC(&RiH6|3XD3CfsObw2Y$0EvI3tr<lJ#-65=nVOGBL^*%i!uYV&|Aw^
z84BdlRci0Fe8Mgo1%&Yri0nD>UJ!-8R*&l`Ccdmz-S3N~LLwGtx)w)gp+)AMyr%V?
zon{@J@g<=Z;6QF0AsJ(t(Ho|z;Hy<3WPfr@mji)16D%JxWMVqRa*f-QW=?@*WJ2^X
zH9g88gi_zsW({GzR#qs{OLU7Ft?#rX?Gi2r#N;cS+VIuFfx@jqVz{`bdQ~kr!EhcC
zIrI2nlD^b;+I8?-dU3y>xVY1^nO65zV_wD~=tJ!B=^GJO=00LXDQuMR5i?E|v&v<m
zo9*2hcud-}S#pKp5vl^t^nfpi!7wGPhEST`?huoPqkhB%y<(vnM{cpZhV-<M8(D}P
z240;h^Ats_zH=bf5}_=;nE32T-sX>M4U@9}8$;lWAIMDR0c4z4#DnvZTM;V=iGl>4
zr+5YG{ovJEvL4l!Ij>55s9zK;Mg^5+XWV4%mw%a)pHNOjHJgD*d=A9)Q8H^&a;r6D
z9o^Y^YZ@-h&5keUPk$gLOh@~CvFg)Vp%$y~$vqC=p}Ac#1Ss($o%m2gd$nn@c-e?0
z!w_Z21R5%De2g7ayDH~AlfP4&!x+mACq7{sf?No_nS?oSA$R7L%56?~S-XnU_#GZ$
zriuPTl5#)ULSoG&Kd(rq5$tmS8W3p=4UrT-e0RpsGwlDdP|&M^5g@-H5S^h4Ru9xc
z(gjX*Os{#{Bw{xR4~7Y+_mGeJSQNY%!m-kN3NGQt5>pxou_d*jNkVdoZeF7?@`xxU
zVPF!8bU3H!*vHp#?4wFAF1MKc?X0(nYAQtF4~}yoa7b_`cYseb`cO?Xzf5{}Ps%~T
z*2-{K1@z8$kPCJtGUps7XMayDG@%_8p!U-cI@e!z`TzGopLi|`(}$ASsSQB?F3!rz
z0jWM$_HjrV_{2dq8={fMQzXO#><d4VfKYz0zngiK8FTS|&m%o)XA)34U1V<GjVIVN
zF$)1wgT7l+N6=al+*%*GdpbX#FKDG!ctRYxc7BXPLD#p*IYOpbRi}%Zivl*}Cjt@9
z8#``gJh_xTou8|)KcH2eu$CgUvr_|~3b680D<a)y(v)FO!Nl+%a3h(Wl#Ee0#^`2W
zw4hdgVNVoICtCy6L*MBMNFLr3)J=Csx|vC>O%ce6#j|$e63#G!!Zm5b(?*v&J_RZ`
zgjN+06T50+zqtY=%xA(Co}9kO@fmm=@aftQfikf7VW`DN!3@{M+9*DB^6kzrAMIyM
zN9LN4CdTxd^0Q)L;tIIRyv`T*saR^6&n~mf47Pl2er=!Q-P$0+E~5JbDb#9|!H^5j
zk^7wrjjv_GcjT%~D74A088Ky|TUrC9m0auZoI1<Ixpc*zwX^d>EZnLobE{hUbgG3?
zDUbLHkB>D~Rl6xf(lJiESjW&>`$sW2P#jUHy^M=^UGjT)#F_6-x%X&k5gSGoN}b3O
z9AhYl;#h5~yir}qU~Fm+-C6)cb|<`>g#(>n#xoxvNbkT66gz@T<UYX9#QMm{!AnR+
zINl;+%YJ#kl6|HM^noRVF3f@Q1Hz=%if2T3FfJx4YjpLoD#cUZ`6!O~lqBjQp{Fgk
znFnzvv_<>__I{;^{*1iQZ_3q5C~eEzNaqQh&`ws(`(DJ6@PUX)qr$JMh&v?g67T#A
zg?x-RK3_{aJC~v&%T=K-*%hA&d8Er8%Ei7}{=GQIGgPrILTjO@uRpGB2TI%T)^~m;
zH)yOCuf%huD^(DpKE6$ILH7{2MnRGi{|5RjE{Z1Kkens$`jX@L`B0w|#clw4h~Jc8
zPIqa~IEN6^ze;+5r7aT$K6~0<v1khBaU%9jyG^YYqKKlJGU3;1RQbZkjw=P9lYW3N
zUVI=7y?Ak|6kVqKu`;8G(}IMXf)rP^nj7BL_^n#aMZIXC7TX0<zB=NunAW>7?UY+7
z0xw<^bm+wk)4QT*J@F=AyeOo|ix+x9<)>E8qtt#0i<e$-r#n0UEzZ?)zJn0aXoQpw
zUR7D9rf&$iGChA11(i-ZZR8ObgV3rm0dvK2#J)N+7@JO9M?r!g!8zu46ts`~5x*)m
zZ0G#gFFiC+NHJx|chGOdi$<{yXFsCJ@vfBn#qM!|7{vY+a6E`dO2crvvjYGC##-io
z>ev>cb^yV6|NoA^&(!C6PyZX#0`UEPg$Br}oZeT0%tIGQd`cE^tDIJ32P)sbeXl<%
zzb;qm>5CWOBLV0ZIg#@ChCMQlD@0dyjmA)#KUBnpwj<t%c}Af+(i;W0`zQpT44wAH
z4`;8+vi}GOFJ9rK-j~*q8jRS`7ytirKkPwge{W}}RR_QNX6R7a%Ga`<uOyY)Jrz@v
zCG9ItGikyfqY(G+!1-^W$C(#_3)z-iFPt{H4aJ=*S`De)B{kQoYr)ttW?Qc|(I-9U
zxhCR?Jd2G`+Q_0~tm2rexVEJzHwdwxt!fqrH}Q^nh+XM}NAZ}mN%Q5ih0#)~K|TQK
z2_T&G(j(9Uz!?%k&0?IKpu$2H&zlG@+s#3&^91Qu0b)*lPiOy^vWnDqcG`7tA)9rg
zQ23Tzi2wt^E*GdDm-S$}Zj0Ome*2z^vH+2?y6EM=pF0~v>~WbqnNHJLy2kDT1pc7J
z2eshk_n+=7B&eK%iX=p(3Mv6)Lw;qScY0rUy7KMI_hpOY0XUqIH8A;^sIDsu)e9+8
zm5N?Ta*me~9ZnEjDVGdk(Sp|q(Ab!+W?yd+q(7mp5udsE;5|<G@}r6ii&u@Z7F?+s
zl6P?A>2ioY?296lT=)?m3AJh5FjRqe*a2`vB3T%hG7`c;Y)M0|DjCX#Lf;CpuWiU9
z;v%Xl=BPtPHK{7(#x1Fj=t7WK#YL3tpAu<_K*oYGpY8zB-l<q?>I<(tNa+VSLZ@I5
zw8S0R#rM32r{GiN0zvop5Hs|P@1V*T@ks2YFWZW}Xw{!_>!+a8_z5Sm7J7@*L5ndt
zi|0s;mA4SnL!1y&J-RYUTHo2p@2g6s?+lT1omxs~|KgJ-b}A1IpmUd6gWpqd{+pC7
zX}1o!kmF-%;+r6jt7rexr&JEiiH~A?n{c9mLUjkA;VXOgFAlYo7xQmbGss8UR{9W&
zqR)ImrsW~=Q56h1XG)ACS0)FD=fBmpCOLh200;}@#X-KD1<fZaE{zRCVZchUL=~X=
zpk8F|&mPiz;>J$T9JCp0(!9l2iqgo}T*8H0y@wdggnIo+e00js(X4iZD62JLTqY)f
zRG*t^Tr34rj>{>Rg!))Qi`<G7ha1Je^(v9kel^G#bcS+m=&HOzA}b+s{+nE!{NSv^
zmWz&>GR%0=QIq#0_5{n7UUSH(C&JE!H7mA@D4;5xWW=y&k=n9qT&$)%x~g&5Bc$L4
zd7fUhqAM(tm5E~gPui<YS6_vO-@-?2r11%$SSU>dh!f@4jKeLLhp{hH91BGC=e3Ss
zc$VKX<WoFGsvJFw&tpO|B!NT-Qk)90RnzOhK$f%>_3QgFQ!4XqD3J=(U_i?PzADry
zN~+{EgBbO3Q~rBFk^i0urq|P@q;gGS8|-<eN-8P;EGUtRkrHLKiO@XXU^+}9L5u^q
z+}KDY5BCf^*ND+nh%5(1pZEkVr8&gHD{jAY(vtRz@)kubppMFkJa7N-=&-Y=y<6~L
zSo6>rc|fcD`IukHnHSG|$I&rzff-t7<^~agnBs}{<Z!(D&Q1+{ATFwD<!M!T?9_xa
zVNH1xp7PUgy7anGM-u2t!E3ge*p=e|aaW#lk*9p7Gy^2<?bNg>Pkbx3>&2&Qq1IRS
z#9Amla-bP_D7^%f8-=uxy2yc{+5~9qrzd<Wgo08B(g{9H42Wu9;u38H1DXl?$oibt
z!H-2D6X`YgDXs9={%oS-Gh1*H#dO+&vmb|V?5V}^4|O<E=ZUmYS)W|g=|--VL=A&|
zbM6d?Nr2-a5$qrD6WOLTRy0mTruxJ1`x1WWeA|fqUSfx0b|cScVkF7A0?2~}jf=<M
z2yx`$YtisELb6|CX7v`Ka7?0001`$?XW(L21|`{I2%+B4i4)F$d!=m5ztKc9uRTZ-
zYnDTNK2l*?%<h|V%_Oik<Hia7<m+dDa^ky~UQ734c`ny7*@2#iQYztEEJ<V~_ar1K
z2^`h2JF?FP{(u2iSv*d`xVdwUefKn{QrH<G204{ELh%JK4#rNcs0-%B#*T*8CVbuj
zpaxQKl|R78{2J41iIyEGATWR76nr4QJcDwQe3;|w`kh}d-kySe8uj8RB)Z@4G+Q0_
zxK(Q%wpz6Vr_-n%yRA;G-9PHVHadaML2qBv@28MN0o|u!@{F(P`?UdoU|-oJL%RPS
zJ0YQ@&+4zpD2N!^=l!7jv-i7CKi&oC6jUnm_$}r|x|X==xB=Z?eDCfQ2(A7O5Tf0|
z>@IbdIR(w1@D2bIb!(^KwNQWT6di$*uI&KD8FF5J#2!*Q5CK5vT2kUvlUi32YRk?S
zCpgIT1sH#tw+hLcEZpR|X*1#WYI8i@P@fPR->Ip_n3)SQN6736GBc%%O_jbe4<p5C
z$j*OzC7~MQLW11*D5OIi=*{>1H+i@pN}qhS-2fPGUfNwVw>vAPa-5<DEB9k9!4hq!
z*o&1Dz$n&lt7!RT2L`5I+t`6sG=@ha7sUL^!3p+Y$k$y+pl|^+f>Y{-j1?g~>V%@C
zmpFn#*A4lJTW2tlE}p_hAnliofU9QfNMxjMo;Dk;gOe*MObVg$ix)Dt$cq<=i+x?F
z7nKN;Zre#GlrNAtiK>e~VBbBH{kl^AlCdw^RYUZop?i|nF#?Bp{7fnwi0V5#uLams
zAs;DEQhhKV^A`hA?ONifI{)WN&SFpCggAOXg%<V`a!D7E;(ImO>QzdP7H8B->t_LS
zIY=BC(=u_p(%X?Sic|2lrnaTzQQn+rt*)NDJ{B9*xCy;r2%E;X9j}{oVhjGjcc5Oc
ztKagob_y~pMm$;cTxvE`Eeom?j78p;9gJsY(uRC$Qc&-vxl3yIGZo~V+JD)ipL{U>
zJ`93d45?S~jYgx<I6OEI|27(p%)iZMtJC^R^Wdm+*lZpgbXtFDG&{{!<1e7GijPnG
zi712NUm8n)D?7MH@>7^|hRZFHvyuz!9bovIVw%oK5e1Zm2#&y~LQVUM5_c4~y{9Ev
za_pBURl0hYMX6w7RNASaM|A4NmAN7ARa3n_TYKUYDCM+{b5mNjeKTHZ1by7sxi1D#
zfCXJd6TD?Q7$VMBqt$*gmLea5NUK07bBxg0d})`eN=zssAB09y9yfiWeAQLDq(ZGj
z+M&^K!LBBTEfR%7A7OaOsZCH&SK6~wmWgqze!Gu+BQInPD!$<NI{SNdQ|%P1TGJ=b
zM9p(LmqTs2Zg`Ia=8vX_yn=63`ji<?FD~k1UuAp}0j$ZiBu=PO=}Twv%T=m9u|2%c
zhBy?s@W%9#nG5$#CG-AX0`jVQMJ6awInyy14z$8j1c{g{D<*B7Q#P|vEbP*~2WsF<
z<G$EyTJc)ViDc5@B37vuxa3zeKKarmU%*}E2?XOYBj2qtQbWEQD}{~8%w)M-p&K+G
zvF^FzYbdS9901Fs%f4h^LsgiP1#y2Bdn@wElSeXo(QTi&DE1y*{Vtbkeh=)cm61vY
zxJucSYFK=4u4Fc5+b$Z{#;y8MK9!9D(Xy?p7WU+>Kx3nc-jT;J#3Z7{oCBZ}5=sq&
zV}9!f>@GlZ>K;@|$z4wUnO~Ud+^4*C;}n@%b&y=)42V=--FShjb*ou#rp+(Tk)TxJ
z2C2@@-vX7jq*y%hjtLGDVY<j00SU8{2v(Ia=)3R0ufhRRB@;6~GH%veoxktw#2KKm
zpSxWZp6cKdIZ=q&9T0jgVf>ij!r>6#K>?%tRK2zz5VxlPs7VjE{XN6<s0+iz(S&JQ
z)OU8ys8DxM;Sm1fMVtb9!q8s40J|iV#xZF}*B)5HD4wH)UZ8tbg+ruaFpwJ$BOpK_
zp8x=Tfc=_u9gK5a_fx6Rgx97@m?zVa)dLzNv1=+IROj}<eI0`*$YEH4^@AdfTz%*N
z{O|vF=f4xjyq*6BZ~cPov{ezrq?=JX3K@J3DS(s`2Mf6)!>0T@aDI7isI~JmV<s|>
zZH;n(viZ|V<E`&xdo9%>ntEo6hr(5=bAF5N2z}M%xy<zi(`iYsz^;glReG1$zb!Vn
z#Dm=9>qzUvJfuTme>RN*Vxjaxa*cf9;Dw5k{Lx67&=}~eC@Rs0L<B0osOL$$DhaQ_
z?p4|$@T!^_g7QzRb4tau3iU=jKnze8IoHw_f~D(O;?(L8p9;m;5XA>F&XxwEjfo-J
zO^sNF@p4rBYe4+O31h-qW<;vWtA;IEj99zq<(5}$1|%{ZpofOg>nGfA<T8}Ggw4HG
zcPX8hS+a)OB?N2AKui*frIOvp;>-`rY-Dkq>i%9P32E#DS2`JSayXfGHZ?o32T(HY
z@%+TPAaP6*>nY`|T|7z&h($*H)B~3c`mP8R%t(s9EN&r`Uw@B+=3)J?-jFp18ug~U
zc2aND+tSYdfiUbKVHQ?i6{kDe2)$DSSIU4~HzE@$f}t~va~E<ZNS<O)EtTA3(kn|p
zDNk}JEO;&so&z4HOx9nBN#~QB`p(Wja(HW}CjA=j0<oiCDcmXYE#joasi4klEbzSY
zQ+bCe<CrF&J}4bYl240yCH7>sXa&H%$^*fI*OZHc%pxTHB{;2raU4ivpEPD<`0k5!
zCRU5cF-@f#L6R9n2d^78&@l3l$o7Hig#`_+5*~%%I_ZkG(`uzoHFntNOBRYONP@8m
zU?Cn1q&H_GO?{PXgW(aXgHP?&LGy4T?$!S)#}V<ucj6C~&bfBnIzB#b9<>hlwn}UI
zbbbmB7k%s@x}Qqiw=e!*|AP{Lfp1LI|27*(heyq{{<qa^G@Dlc`w&0(I{;L=UF-)D
zqm@(eX=ew3FI9O}=g~=DPa>Q7jeB7dsqp<;JSMHP_u9`FRC*Ei*jvAH3YyjAY9cNw
zr=U_xln=F9#du8OmCC8iaGP8oVz=Nbc8LFqcq9}q_JbbWZB#+4*{p(Ar&9&ZJ+o<9
zB>+^;lHq{=l4@^iKF8$>e=Zh-6?N}hH9y$&u>NNJIm4jPZ6JD1qtULC$h(5^x{4XQ
zN%F_81RPxtQq~QTN1)rKkuZ+-Bd;ssTNxY$U5XsyyYyZkT>tv=b0zY{uK&4GH5>FG
zr7!>Ux$?K{#m|*$EXl+J@n4@S-#)b)^vj;e+_0N{F-31RWfFBxnlmw1Cx`OC^qhHk
zg!wXSHW~#pDJ^&4LQo?$hjd78#1b@LqYQ~yjCLbE-*E5`bjO!=B|DzXV}dWfnAb4#
z(2wG{pX(2Dix!n=MXx9E@0T65vMR{MEVEE510S)sZsipCk>|-PAq<8e3Go;X^Z+YZ
zr_|uI>a-8qos+}P!Ew7K?t0k2PWoO6ppQHnGp}CF6$d&)^bwB`iJ0+4d5_Q7574<D
z2vm@rS9xDV+ZNxV#$EyRydQL`pmQMqYt&CtGcTWLA5}rKby5Wf4gSb+!84sk6*P}p
zRlr+o)K8A~G=1Zlnt@9z{dg8hkj#5!0HXnlcRg`w1aI{~)5~&%eSM>mS&IdHz=k2B
zL*luz(#fPJ-ox-32@>*kk=>0dgAlvtgr<8rtek?j(HQT-q4D=^rk8j8?_ATE&vdJi
z{OvOoj-i)b9_baP$P@(FAAFPxzgcuWy(p5-8!Vor4??%hn0ugZ@uuU8->Q=v3uQ3a
zq{doFW4To{g14_BgXaYMLUbClU*XgcH{KJm>+!9`7doj*>Y0!H%NgPYgt9*76H=*U
zFaAh;c8UKKO?Ddp%eXIMyEE^IYo)J<;lGE$1hVrp6Mv8QFHImOJ6`#)f0nsH;uj{+
zjs`Hi_OPGfr9Sq&v@mEltDxCDu7c+A3FqhLaf;>p{5v^8${RMDk*&1&&T!J+%L;}v
zJ`$VnE8;~XKTTI<kSZse7UW`Y+~wjNhmfIiVXmFq?u}~!aWm3*HS)SO`m(pjN!e(m
zgllTk<M^RVQHT*uKcYGQN61guX;8=46zU7{RLQIgC2J2REQxq~qZw**p{m5G8YZ|<
znJA_Er15MBeZI7i&vJ4{i(IJ&<p=fTJ;ClKqa2%zBJNIR6dBd|az-A}yUSEI5f6S)
z+Z7xS<g;ptT0xy&vp(_BGm+GXvq|dXmX*|2Qd>zqT~c!y4ab8n8KY1fp37ymyrEK*
zcGYUZ#9y88Ha}J-$E!lq{PJ@JIt-5!!M=b%rwr!BCD<Ne|0*G|mGoB9pMpw&LI?RQ
z@-bUl;2*C`;_FBxuo{uyY|VH&Z(5meWxkd9v&sBzIhI#tCZfOo=X2%LL9O$p{vwv>
zU>|H#PZ!4-4}&F6I#qCT!vCvxCgX}rX)Xa5kRh<^6Tf!wwR3w5LPP`NQ)HMgEZlg0
zaKl9o9zh}P8_!GI(9S}S;~CWr7J2{+JuLK?4n5#_FwG>OjQJ0$RQUF(DG<jCaM*Z4
zii9GkfTu0d8DY?~GTq8_P$tt`%^78S+sbq+)2&ROF4ILyuLb?}=8^K{(i^;d2^z~-
z0MeA*tlWMFsV;2^euUUFndwQ(?$XmZ^f08aw4A+9)@~1mIT<3{Ro@|hAhJt08>#E4
z=<#`kXJS__a8i`l!%!@k^jA2`rvw6*U+KY=O0=VlL`x~ei`>`RIVK+>JQ#|(YBd_c
zZ6zb>4wJv>2XvDil7|LJfFh$~(8B}&jD9S3=;c$HyQq@#6$t$ycF~(r!0t-!{R@R8
z-`)t`7Cb+~e!<m{kN>jJciPw-&8yf&zhhS{qIL@LP!bAC>fvN=y++i@Hz#pvzF#ss
zZ`t0=cX*nc4eX;E)w9+lEHaC9Rt6<F$OBtZ2RDQ+j(EGB^z}R+g~)eNh=fGwd&Jm$
zLKGmFlmGJSYmo(4`s-GP$vbkp*3m<mfr)Luh{Z*Elw8mFrW_#mos`3wO>_G_+Ga9}
ztB#24>i0yC-n#?4>f+-5Z^d5hGai3aq7KX;VC9yRc$DAY12qEh?OVDf8FMD2jV$tB
znMYJN8?(x4V*zp^{U||WYEAR&mqXmoE%sQrzg2@M_2Y~E+0DZjy+FDgYQY{thcHBL
z!4@Vrs#bQp>1w3lM59P%=FLTR%!D+A2Y%A`TX>5z;;R>ll*<`%@FA%!iBrtnLDiup
z^K|hR9q*l=zT~=p2X7}Gw3786qJIaOl`b-#<vPJ{kiid-qTFJYf++X6ltj79c`#mn
zhD-YS!)AJE+VYDy<Ssww0vQx6Q*r$r8pplfF&mwN`BG9J)BvUo6Pa?3Q|G(mlSaSM
zs#LSjjUZ)GCVkiIH+zjn{*fen)O;+rqP7HUrW>3HHXCaJn>lxkJld3?@@R`dWkC>~
z!jw7qxLHui$7lg1m<%Yl4jgWin?f-ZoaAO<!ow}|xtJZ-uElD@8)!D>^XFIyxyH%x
zyCXCr;axYPaDYxZ`*&T=|BnFD&gE6IdYIc>4CX!|C|l$l3bq!|(jlL>XAEh#4qC2R
zjd_?smd6=jnbl%8^M<*}YRq<PX~dbE;K`74MGDFMPFH9=HPK_sswAHpf&@~t2&Uq$
zF2#SME{#SH>>{(iFq>82tPA8IJWeH>SgCTbM4;&jtbrM)P=cYyHHQ;)zpI<T%k<7Q
z$K?I64KVnF>>_x(|BEOTPNQ(WdfmoifcKf`bvL9hwOZYIAaDvgS*`9&*n1(Z?lkP3
z^>Z)4-r`$F53SU-2s^oG5%w|&8;%FFhPH=@F9e@yWnAx$p$GOy-ve6<v<0o6q9XHb
zj6@~%_oC<ESKjk&w9G#tlqNXq5#Y3EudG}hQriLu*4{=4*370hnyCNGs6LNQo;EI%
z`(<`tN`P19js;%Z1-!uS6t!3;wNMc0?7dwvm77qKEdszE9Ar5`v@S$dJgFkuEneXv
zX4rw5m>IQ6=0Yk|98B)I3@sS2NpS+pgSuDezb=C4a&A4=)iT@tnZaHv$Pkzqs^X9^
zhXbD@+)MZK;n1EV;=eM&Vy4VgNk~z%Va61d;-KRU4r(1_fKbj3e3-{U*cFkyTFT|v
zMuMWwBzYac0a9H*GQ{cvp$ZO{C|TUVC-i3oT_K{=cjR7Ski{Whwn#vtPs$CRvO8}Q
z!wKYWIOe3+vAKcgR$)Obvn0T@cxL0Ni80N|bLDZ(z+Cb`Ekq-^{6GKs&wtk5zpuT1
z4SxRlbTm564zWnts-~PV6pH!7MYIV*L{T_SzLi&`Q0QYOS55wAiAn;P8#!em_6O<j
z3Xh$5+nKsg#S^T82<!|O&9I0{2j6Amc8f8NxL4jiJ$ZgK>Y=cB@<>4En7TKjq>-Jt
z@`?Ll(!{NMdd@oy@D4KMJ9p1{jv842pF1L!Ox~;2PM*tLRr+_XNj$NWn484>T)p0o
zxjM0PHGQt$Y{Oi={qUTpXqw#m@u2|64|7R0J7on^_A#vznUSN0*maS=8VLW(uOIEq
z=o=-;ld`j>811Lk?uBV~+R2P_c6Ij<Q$_|M9CiO4L7!m{?KbM1nlr~$b@iqkE5W61
z?_Ry~*O#9wX<haf<QMQzRmV9^a4;3Nrqs<D(hAI*oM(;*tXN(CYC6wOoZu5X!P`B-
zua}+R6Fb41oM0DGhJ8&`QKPzivfs=;*|TSKNnG}~c^0R}!>)D$^U!h)y!+#dr!yOZ
z@x<oyVK>&F7PH%Cf``wgX9V^TxKQ&0I69}I68pyx`m~Qi5nG&1Wy@)ir^HNFRr$&e
zm~0U%UU544-K(5Ou$cf)d(2Fr(UzFmS~_WAk-Jf|(K^Vu939VZU0b82thnaP%%-yZ
zL2%A9&E!L6Tu7UtInIV3KfWtJ8&({YO;-BkPKTx1utJ`jq-kknM{#)4Y$eW!`A*Mr
zVti)mml^aa`}G(5t38!x^(l*=%P0E(Q|fimZGc16RqkD~cKmhJL!pltq8tkdIi3du
z^GbIq*oTC&Jx~Lp=HAMy$`nX){=o?;NCwxa>mf#w?}T>&>pCc8k|wgAda?8`aWk6;
z2{NMp6$%;dV+S$>-th0;l?ix`2Lvg)a4-nb0A@?$6^Qj6^=;l|z7+ZWj(n#=ogo^*
z-%v<Z!T3XYnM)11U#pPQxaPfRQ#t3wEi*I<Jjk#=h=o<f!;~3o(iCB_4{afwI8Wl%
ziV=nJK+*Q2(Yz_%V>heUkU?;n1{X%A@B-)|{PQH4`Do&+X7T@jM<^6t;6YK}4Z=55
zR|n`evoo54Qg<XP(^IZbo=!bqslPDWnL^{UtmKS|`?qcvrZN_rNMkBaE2cj79WQdx
zSz!uqJu@Hlu3<Jdiadr3e7p2~`9&`o(^WW0;*(wJ&^I+{_Yl%y6%?Ih_7<Gtg5YHa
z2Vx%S|L8te(sy%%;n#{ERtrdu*0>Q-^ieich!mgbsxoVd@>A(Niz|DgUF#aVFZaey
zEkDtdlxwzKdt1Nu7F%^2T5q$echc)JAg*1NlRCKFYc=mFJ9VMv9Y|NSO5@~;OE1xB
zn#^yBzJJNJ+uDw`EB^hmqZW<~c!&{sT;zq^)SB9TTi0<RH<i?D0d}s1K1#i;NYd4(
zF7v#pj}zi|Gw!F-HvedilHWVV?@jZMcEh}5IGMMM-<z&vkuQ1-{ETR#^l4u)8$L7}
zHoww3F#j-u*p6JYzq&6e^8HCfs86LAk{hbFawAjDPj5f`KVTok2f*~6Ux|c%(FlR6
zjFThU&bPm;<|l-{Gelu+M10Ihi2cESAA5-IE1sx{@9!&itPP>>de|S-0u+klx$mI*
zAC&l$zR_qj8ixl5;@?K2k@@$qanw2bOY`8UbJ%Pi9CTWLX|y^A2d%$=#)`%`@h74T
zhJR@+{jKca9?6g5>~0tPLBx#Xt!AsP*otw83hqJQCk$$ii;V`EQ-4Mi)r+vl-ugLR
zO<J_oYT&03_Ms0!t(F#)$S;i5O$1-w-s2EIU1_RO1+8YY3R;~`6=cgmXyJC23=jMl
zIP*}L4Kheh>U7v6FmwxabmCtn!-bwc#DR{V(fe;<`pL?`M@;CKP7a#~`dSEs;m0^+
zPmxgCA`%^H1v8`+R;QrZIc_x%4m*d3?Y6Rq<ZKm{0QxAkpQnSX3Nv<=M6H*{t(Qiw
z&x&j^<oie%^n~gVFnEo8&?g}f8<wz_MFC|Yf+HZpSwadJ0V=o_K%llX@gzmQD=tZ!
zoB7FXu1|I8rx3bWf<AM2MTV%nDXJi;eBK<DsmqsBZ@I|7lp4`IF~xE?G5cH)`W}b3
z=S|+F>Ez3T+{?n;%R(v3qtneW%S_q_b2tS->X|TgbM(2W^h}LA1GL^}_oR0*s}%O6
zJeWNf&fd!2DVn;{koGA-?GwV<%L3achqjkk71F!;WPhR0J^+n+r^^4O(Mb8%?1}3D
z2>%56D*y}o66pp&Y@>hqA7C09^aG-}t^8w;|Fiem&zXZt{W%J32}XJOc<S<AR;k4@
zKkZItAl@S+-AOs^epnstPM+w(J2@$(-dT!z@$ac~W|=Lr%uPkzxj=)WbA4Iv0rRLM
z<+K*K`V0ZGq4-6a2+Fe!6zYs}83(ZM;xTq3SfWrV&MZ)vTVO(Vf%5zUWf=x02*!Mt
zfpnMinFeyaVZ`v~R#Qm?e|ZdlX%v5H9Dhk9|73oily_j`{VwFBd>(@GOav2h5hTqQ
zs~xu$d=HU?-ZVfy1H=cR$UQAMdx&B%4f-J&i7OdAzB!bgxwItAKCm!bUAHj%5yNcd
z4*WoHr!-0D6fiW|;pdUU^oJ$=lf&uTOTNbj)PL0yIu_m*qg#w#*k_B;w-KXnT3da*
zIE-#jhtZQ#wLTEcE-!X!G5E8=;0ag>ARDeot>}=*Uk<FygH`6n(f9X&4>s#Mzx|j-
z*O(uR8uNVC&LJCGOtW50lP@U0aeQEL&Ev&28QtTLBm@XLL%Ai9o=_;dRe%`<BjjS}
zC(6dsqs+#2j!S^0V+)onSV~B_&0wiS?~~J4R>2}*YFl(a&j(MvpR~VPcx6>a7FuPR
ze^k)wJeFI4^ufWcbfxUv-o}hh0UQy30HEh3*XrA(g^F|K&yTE{sd|SNTCEmZ0Z750
zC?pnQtrTLVv{7Ku<ZOuosst-Zz{Vhp)U8hkwa%CN3yz`$e%jju`{3a^qrPcjS`kc(
z^GAsqZURqRaP~0ZOzle|dCOM89ShT*3`{H2fUzMGJ22^+Cp4)6-#P`@QaG(;aoXB&
zn#E_E#AjtXEh9;177bY_G>cc0&`>$Vr_l(x77bZdmBm1r=C>OIZCbAsCx=}GugnmQ
zYw?Q3E9&+Z_%}VMTT?Z8BGxb&3Z`nQoeuQw1g@&8_a4p<3f$l8zCJogl+g}Z->7(8
z);G$cqHOaP70F8_YMdot(aDKLMHUq$q}*my6k{S`OPRwtNmp0_bHJb&=j?s<_kf{2
z+6SqA%-anC#}@BM+>boUDyyIKu;HFFD5>TS`{aKJqR&%NXI2L^MQCk5RS}S-<jw9f
zg(UFMqXVR8V-&)Hku`u5(E`$k0i-T+dUp(2OlmP{>ds@qq<KwUyR|qZJ)90nZ9WhA
zfJK$7MU~UhoW7)u`(00#i#Lsg3&6X*1%Tz$t}KT&w-sSRiBx7xjIk~F>Q^)O5_S+!
zlVzcmwSMOM{A@ARj`0bzR92G0K36TP)zUX|^|G=Rv&@=VM&9~--K?oOw2LcFOs}6c
zt%6o&g%nhhm|jO~S|zPaEiC|yJLysxlPhYKm1rm_(lD{E)}+#fB~?Gtvydj+ED%|^
z^!2fiwMXB4buo&IR+LTIgz_KegkCDykS_#MUJ7JlF_6-7Ad43SDINHni-BI_;MdT*
zyz`x6{GF@mF|DdcdC8ZO${rJHdz4o9C`&A#s`8Po^I=xKNR|3Xzn>}hF{R)~y5vWu
z=trjPN4oGwx+q7cEJvpNN4ic&x&(+(1SDH+xu6ipw6CT=bC~{2`m1J9kaSs)bYT#)
zG)U2e6%`06DiNYnSp2Lr=bk6kH}p%YT*$#sKlZMFq5p~{P^xIiPOkn#Y5fm%W8d*2
z%225PuBpFkK5-G9TKYr$Os@ZNaCp>dWa@t$95gz%{>MZ7a8@s@<1wLjXJG}88S8hH
zRqrU)Z_ib^W7fJI<yAYfrIQNEawJ7LG<eOH<Pefqs*+kldzC4+ku9|mZ?+ljUDDtC
zdwINd(6?{A-`};5PLAA8t|(}slCMm~SEAsXsSZ0vp8HCakxO^fMSU1~EQiURh%zCL
z?!OhDs7OjRlN**&CN@$Rid2c^b>NSTuia$o!WWf+Z{#{LNp+}ZJN~mkYgnu^EY}zo
z>kEsuh5FEx(?b=j3X2tm$w-TogvBbtDGI^~O1?_qMFZ?7$EeCty=kOsEmHxOC;-dV
ze-o8|rK-PT#or{g-|Q8*o1g~Zc(99wmhHYPiph4nFaPto!ewgL38GkoCT8&K4fb7f
zL&Y5dZp7u!mFkGN=;h}Mc0KgD^6k^#x?SF8jMlV0QSTm^GDoFau>y;tu>oa4ch0I<
zQ0%%`-&LmVD%EwBYPu50^y>Uq@GHX}{xe;#yHL4RrrIhhMmbHbmGDooN~=JjRjSS^
zQ)U&bvWgX11!}CMi+L4RT7RDuxlf;^rpGvz>WRv<L~5g}G&847vC&l;nL}HFcBt&+
zK1rXoXfN|x$3i_;aX)ixk=I|9X|GCkSKrJtg+&r+Bw@UmQIm}z<A<4?{!EMVO7HFi
z9A$O<DQ!mO9f9tr&gcu+HL1E+Nxkwd-9jY@Nq|Czv-;(figObH=y(MHsBHm|1whjQ
z5RFE=0_k`Jx*hP#1&2dj&bb2J>}t3}?<hl~uBzBa!tTE#6rrvsddoR)Rq&>alcyt{
z646sQ(&nNgZLWBv%~?nK!=fWycv73Ip4H~e)B0*l04(n|ILp|WEqa{;y>1=wvjEis
zRDFN*s;=hY3ZUMBg?bk1&8F*$p}`1^NO;$Mk49%>h&|ZzP*=DebF`rG0ioSsct^1V
zJ^eyIMC!o|GLSArePeVbLA!OFOl)ILJh5#~Fu}yOZRf<87!yp42`08}o!GW*o-gmc
z-@ERQu70ZfPp|4)wQBEY*M4l42PJDpeESqSw|lvA0%OlQ@H^F#0;vMS)RMHYjg^P3
zk?p0C0^(y~0k|RKaANKzxnJ9L3NgtcaUYooP2k_}g>&cufO5sI4`lJhfx8#(1cJPe
z$I0Ig)PJsqMZSLdh**x5FYI1jo@l(fpVc}yFi<!JZocY1b3u;alOzX*jCo91TJ)d_
z!Ow2n$X7AaLg8X-DVd5+tK)CuLQ01Jr^k_jp-{xWl_s7Wf-b6&4|8m&x~15U5$0Kj
zZazNM{mYgg524kjX2I;cGnVmSd>6KwC()77@C`qB?ya#SCb+WcwM(<Qfx7x$oO(X3
zA>hYRaj4cLr1?IBVboSRMN}OF=ntO7bHsXlJOvf}HtR_~i)wDS(v|1lDSnO7`+!C&
z&mwJk*VD>l?j=Rl$4(iv;5hg=^d67>+1JGp(?bjzo2<qjB2<3X&#8?Zr{p3wF6)ye
zeSJZa2Ly}04=lb!ZGwa&fRo>T>5}`KVO-)qz~AF-R!xK7#N093F$8tluf{+LMYE0a
zNk>CmlZh<dl>>bY!ZHjYLL^3wIGGaU3ls@m6Pb6)(>6@%-VJo>&f=K1-igLS&a7^R
zN7k_`m0mOLcYKt(a1&gLRT_goR#}u;xd*Ts^i;6xW^`Td%*|ZtshlIpbL=SK2WHvB
zd0w34lF7;Tbc5pnXOA@|ZWO0%5?bpK^D&z15g%>C%*9^S0rq=KCsO71rpoKzksXnf
zMozYVfYfhQYsN?K$k2pQ6!qt8P?ly^*2*W&OLs>}=52+n4)fYG<(AVyTN=q3E@JxS
zJLQ?P&dv&;;q(#xY?*T&M!ds4`OH#*%xg9FzLP!V%z<xsNLWk?!yV~AT7Qq4rh!aK
zxT9S$`}P{-q52|^ktX&+OXosM`$K;hCGbtl7o?4rT2eD`+#>uLLEKdhJx(~m4zRu-
zxL-DH6s$(mAMy1ue1vww_&p;@^GZKHqLH)_FSXO<uDm0BUuXHzwaf+{$@%sS{twWQ
z|LAf*J?cIH`$UjsfE{#h!CH2MCk+H#6*+3=0-^Q(Ds!;Lf#aU_>#Z!r89mJNMns{v
z46*;_4?|$1@fOq4Ce3&1(guui@9Qq)eWR>rOw6-TWn~Nd2@}s5In&IK4Y__RI<#yj
zE5`mvFYdfM+TK|JFh(Kd;E}Jz@_fzsGAULul=#Jgs^v1fmUP6tMF)ke`X40{F@s|S
zxN+n(U;t%O&};qSZ<)`G(x7>foW~MW`XPcTgMN+IK7;<Ub9-%RyK|JZvxvt$1_xRO
zpZ#<~l&O;rX}NJ--|}}HB)2<P?Gh80Hm&kHK}`z}tdVv97Kr}Mb!d}47R(E-hllRX
zo(nkk_I>_(Th)s39}NO@8EnEfa=CTm*cB9eUia*(xe7Y{W2L4+3z>6vfyY`7=1ubx
ziqsve$o@KGHB;U<A&h;(r=us0-lRXR`eY9*V|DFkn=Ngqtzrn)7rMog4lQB@>}L-w
zGWMnj*>cN`tf?c(GWyQFtXOPOxyyPye-a{R1Ws79*upjb-i~VsLdh_-`^%A|(NT@^
z1kx@pcRMLH;m?qsI8gQ>_nO;#Pkgg-F;nm%6jr(Ix)%&t@@Kx$Lz_stn|Mmk1Xp;?
z@r)k;ZMgWPxxlO9ZwRPW%@KS6+_tp%HseOBF|*l>5fZwLeg-PyS@=i!u(%+U@<0A!
ztQHk;8@oDtLE00;dqzdqw1V%!UkD-m*x|@xtS>6Bz!S~T#iTFlGkN*q!c*{I1@la9
zD>DdMB?yT4NcjnWrTEbh%;&zd=H+tklW(cJz0l;tW+v%uzgrnO^Fs3{JQaS}D1FUD
zk}A??Q&cpjIT_9R{sgnJUa%Svg4{yBoWdj0^``r*^EPxS`y2dmBYcvN(H3t#E{PpJ
ztk*t0Gk;Abd9O)#eF-sQ#v#c1D=k?x1^QhvegL^Vy<purbDqJt;;f;xeBL{(yg`6_
zPdG*JxGQB7A_$9`+S*&dRfnb{8#BwdcR{ucEkv-?O_F?p>Yb_MHj7jFEHwgh20qoJ
z^H#z#thX8|xVvvy4{Ks01i+JI;7QIwgn{?CC|&*d@0mud0^*tJ0p5mup~dz+a_R)m
zxY6AGjl@{JH*R*Sd0@M&cY6qyr`?TZ7vs?r6V*Y7*xu<W+O>|ymy1v9KXI#-xzp1d
zM;*`F&ei?Y$@Pw7nDlq=$-m?4wRxF3Vy_bV%#QrS{G@wHQ;ON0=?C^J{bqI3HsGMN
zx8)?UGtsXCIIT06=1}_OL2qy7hm%+QmTFOPOgD7{!@jqweVx0KOng{EEmo6-#A>Nj
zmKa@cG!rbF{{p}bh-_sBp(^v-4QW4sv21a%<%;3YweATKX}_etYhFqV*;b?d3^U*)
z2%_YaNgPdj4EMAbc6kOi(_Rg)e>x^GDaL>MAj=9?ulz8mbFq9ECf%_J0uP;fHdfF?
z+`}xZD`lL?=#73Ae;iG((v{a3aA6jfGgF9E9DbW%+J{ZN`ZF(H72Z`Y9PxbHjr`Eg
zQ6{H!25oeUejZt>nfi6@5}p08yQaR%_1o|xHS%G>Mv_V!lW4mE`GXwz2IOI`aXWUH
zBe<XJea}m0lA8NxVT-x=DhE!Hkp-3>zGy+zn4f1DN(D)tk;M;rudaIzY8FKa1T{N^
zDqk_wtqSeoUR3s#dp>R>C5zn{N3#KoPeAzfA^O3ffdy9%f@S$*^`br_%k~X;T4HqG
zg?6oC3FdS$)2yrFe6`1soo18uG;@Pba}&o#Z*^sYShpWNwP|_4V?zLkJWum}Ro`qR
zjjanaytQCT(V?=D7bX=bT`I)6&_+68C_Wc*->mWeU^F9ayA)XUD;9~l4e`if<a6X$
zO=`>wK5Rw_{q7#+PJ;O?2Q!JA&Ht$>`f+LGlBjp2poy*|)&bAwD{tNvYu1IsGF%r5
zMZYqb9d#=~u<hGx`w>EQ#NC@*$?W>tVf#LUIcfeyGt4&uc%DQA{4w{c*7%_sDcx&`
z@ZM0-VW4`e_}iBoy{=-S*H95cCm+t1lO_uS_54eBHiWvQv=5YKyyFAR=c@;pt54Ie
z|J*-2a8~C0keb1|vC(KI@irt1d}zdiL$?9ZifI{vMU(+rwfC@$4x@()q-~3RX6!^8
z)OE`>W_46cXDuXnsZ?t&D6M)p?>q?JoD!gW9U$ovr9PxX-Im{qkiEy%xl(2$8uj@W
zjXQi3|5Gpq=weIJ9KH#101N6@v8VN_?Vg+|g+Vvc#|Ra*qI6-AaWjrrw!zVZtp7n2
zm^6eE@c<Pn2NUe)=r}jr4{Tb2=K?<lzsdgse?(3;qCjnu;#8wRP439m04f@(eT`-t
z#ol(+X_rK<?rX9tR9X<}gzC{2>Pdz#1a<Pp>wC7`FSYn_$YwW8-W8oC>LIt$dL`P-
zbPK_loq9-F!q$He(Q=+-x0~)Xs7YK>?AKn}1$LlgQMe3<bmZ~k$-V?{%m(4muhpBg
z{doypvRxrH^~gEr*;x|dZhKu?hhGv0;SxKSC;5F*IYvlnDD0$r>o=EY;(GIw15qxZ
zf%BI3v}{B)8ma`jhnB=nmK~pP(5DCcnSY29;dgPM*abY^aMTmPrTpEZh)rseh9$ac
zFk3T?Lo6#S5~O1g7xYoBmJYSc%@w3uD(J<Xnj*!?zE<v$!kt8a*S>hL369c0*A>Xo
zxL1i`=As~t3W~M~l2`mT=eh7?uu~WBNs4G=wC9o!!hjW^`e<@mvNqoVuEKMDJR14`
z+6C?|!{IqM=J;V>;g+;y``kIy!n@6r&V{1(nap(nwmA`x-^mJx0yoGCA6v*Je_}kn
zazQV&bt!f}oD(&74GEb|d3=I97qKq1>5_0Uk(VuxWw`*qD|*RE5vy@8^9%xOW7~E1
z$Ws)6cpGdc4te+!>VpzqDBz1#Dh6DK7Vnvg#hsZ0+TBHWrFkYDLInR9>)0NrBajT;
z!#=xBDQhTRj^ipU4x)W$NCN%qM+WIdom1zUySlBy-Geu^Q{}AJH7jf06$3nhy6=K~
z^ZZdQ=XAsi@+a#S@#YaiKIf*~9YznEB*%_56btU-hu6OaX<aot`CBznUyrdzq!SyD
z4u1_P_{1wm>}PrFpOz;jL7K@_#DAaY5JRz#ellU}uAEDPIF02-*gr&YJS`n?OWilD
z0$zPSM%R!%zqKL1P{KG65Gp&4Y>^0$$uzE==LvnmI0BrZi9~#m07m26;6eN`78F~J
zSr%y2|CF*t3ylDi*|yxDSAc~g!=ydRq{7^cKyXC6akk*H{pSTSnXQ?<j+uSFwA4Xt
zBes~O5xGLQ-M5U*llY#(s&^$`{3#S!gvE=;(P3nW5)_Cc5%S1+MD~&NCwompO`tCi
z)V`abx+RUM@Q-OjOs=mx$&9(3otAJ@sJp%+uqO43HLRKF8{ePjJp?$#JGy9C){!M*
ze6O$IoU*D0@T7i`t+s&OYGgUPHuXre*g|8EW3!OMclXi*xrPbWAltYb`{29hlNUcD
zzu6spa$-n*OclfFfkui9eS}#{gkgf|B?DGMG{u=A%;Nn|bh?2wpfC<zJZA_OD;IZL
zju~WstwAVH=WXdfmcaOpf5UFV-!hNTW_-q{C1mR5`TWUARFb1gmqiSxqpyXb$HlPY
zTjaozIV0D?74EkzI^e41lX|<iN%1%ALGWA1GA!b79ooxset-R>;1f+Gl!lHn-++q|
z&RUD}^ojYbntQ6%MoRxuIe&e{bJI_M9e|0v@SQ*@$Ir6W8eDl2PP@~Z43N8}u5FEQ
z+wszm!_pHUvH{-RWsPV0ov**!tt8c$Z_ZbK;>GEmt={;Y?(k;RyIWzd$Tzqojnka|
zxOz3cnLUuPNSa}i;>w70XYI8kcRO(n_^e8+ZmDW(r;Jp=P`^T#sAc&{RE4U?1v$o{
zX=@!0d}-;VAyTs?yr-HenRKY~cK$Xut6=g?QCc#qIGOvs^iBRAOq_@@1Du;nuO4Iu
zT_Eu-gKtY_1&;P^x|-t3!H42+SB!a3emN`{R>_$?Cf7rc7&Ta`@lgb4Un(!f<9>D2
zv0Y*KoDyy`XaSX-7*Y?<pD@r~7kAJZVO$ncIW~%ZLgn8yLH(94MJ$l_Q+6UB?LY9y
z5kV1`RUO6;1-N6(n<xq@mHb1uM(h)$D9#`LNAr`^TxQkE0Aw1@`C!p-xcPMwKtbu@
zH!mX3`Co~bCiQs94tiXOu*jh|dg8FhM7sP1c#uj*N@$edYCxKb_-@O-SQ&PrKpltp
zQ}LxN%**y^_Eb18^e@Q#v=9-M@GX5eDahjKGz<FKpuit<mBR!-O$+tVOVjY*Ut=dL
zrq#I!3FA{@SW<7%dlP~3Oo+s3WJ8Yc;sv7!8z;+FT;n*Ly`7y#`bFZ-N#cAsTzhFj
zo)`SFrj{vi2UwSR-?gh&(y~bS2;6zHdr{z9io!pSrUtQ0>`FQ6$kdG(-4stM@r3ES
zmzumlnhj+ydt%E3L%asZB{uw#T$~*f;(R4!LF7QdheTel#g0g7@|=|%E2yqPe+m8;
zLv>8ox&LGe<6s~TH~HmZz?oBBHZ<w`nx~@fHDmabkTbqBeW``e4YLI;A^Pac6ITaS
zX_PQ#j^2*2WKz~3nC&8*7988G{_+d|!v|mfs}Hgv#iSfo#7L}$&{>X|ef(4Cm-+%o
z<SM~4i>Jys!AqP?$bq}7_kZi<LFTv3h<}D?eEY0Piy!L!DP!@qI(HZ|&WFvleUSvM
ziV2l6=?RCg!<HuXF_;OT2_Thoa}+QX$X-1@SugkPPufc|WY<q4^GB<mKg)GwRI38|
zfYT7U;pu-_FN|p_CSawibiX9CutxPM)pV?n&laqK*RjlZcmC-BzJJA}tWPa7w#jR6
z7<}^RHR-J+`JLV5zsJ{9!X%DlO?t<NbV!T!_p4Q4rEtIZ*`5D?4on52sNJ?`iOlo+
zlIM<3kj=!szip+5lgEuWP5bNb)B(8;<#tJVz0;i@H0w#He3reLA+cW^h1Ew!NYj1S
ziAUSr`S9y$l4!Vs3}K{}9CQIF|D!s26eP@w0X#evw|4M{St64moWu3;{~|d$E`A04
zR3zA_O<KVnkYqdOdv@QY&Y{KkVh*#q9%k>QP#?I~6p_7klu33rRsLl^o{t^%6Ic9O
zTU#5kJi^;o1|5&&yo5lW3q6iO)R$ABkcOC;W{&?mL0Dzf@x8;_Zpnv7pv-@<Xn*Lt
zy@><b8%abF=f@{!WQg|hZ}~%$qi=O{qVetjI3xOJxFN9t=-j8t2Gnj#U@4?6jCTw=
zQcaRJ*H+-y<^PaJUv==~an@=hY-1wEX@s=liRmSEPWw!>kj^-u&qgSDQlL#_q>Q2l
zxdI0R#KpuVu#IXP2TXP1MtC+f69$f}w322i<}Z>7(o04FE`i~(uxPjfnpf4bSB}-h
zo|alyxkPnaJwf4A-F=_QbUjGCX7p%FJa1B`Tua?87}oj6p9HMup*|$1H#aT=U-Cay
zsCy=Z;IBqP(PnMeK`fD4-G-2TxX^HUioVnlfYSmtGGm^a08#G7FWoE{boB?}h>S=$
zq@;A^Gl8aAA53vDrj{01WvSIHeZ9!lR4jcAnT-+V`9^_Z_O_=1VQy?*#3Cm73cV7T
zNF`Kzr#bX$xvE(0c|+lZ<?c|LONK_lpH6QOM75w&m)@|(P?T0yBq9deG$O9@!D1CU
zD$<oEH^8FO^1R#2s1T+IC5c1@=0H9mDy%ytH*X=aGmk5q=kwQoKHv%o<HFj$Ni!T`
zpXn7r6MvB{2zfPacrZ*$V#UFm+2-FvTVkoeI$Ttq-kp^IvpMri{*jPkpaj(zzL}r&
zDgs<tX)*zy%EUt>DR+gjy?NVxGa7fjJp);^GX_R8$$2T7;{ti?%!@C?Xoy@a9Z)wO
zQdf<iJ~K#_DH7;N`Xj=Ox1A~WVZMrgVS`B54K*q&Wp;#V&{fDKhZOrnNzo5S@rdU$
z?qk0Z)J#70OV35?r7YgoVUll30x;WLHYo-NzmgmSWh(ep40%f;5@>@#ZWr{v7D(~0
z3bM_29qFM%gzQ@H6|4Jp?)QW5W)6Y0!2oxcf+YIQVr1NkjpKas3^^SfmGb0~q*B94
z%7b5)Uy87>{<9;a6z5vLOH9s+@_u|2@qqGuRTt|gqaOL2{KWYb=<zNciK?>o+n`GX
z`nMD3ZSOw%ql+Uq7Ey0gz@C1l?fu5uykW%JTc?!FFxzV5(o8EMis9yf$(hvD7*1&<
zM)2_UAJ;A1jh*PDBS}z$seuc=FPb`k#;}Z?uEtQz`0Rj>OFKMXL_5DH|8YdJoD|^K
zd|@iQaJag2Pai448^pI!cp@a_qzexQ8|Ty*$RB2-g;lP@7Iu9d;}tJ$Z}sA6XunL$
zn?F!v5>lCv?<Rtpegrj@C!OSPRhac;z&aoWHc3IZL&P!XEMZ9pTB|Sce*1RR6!uLP
z*c~*M-fecaYjeH-?`pqDIb$FNSH~Vk=Rh|a7dG{LWGiv<gWx@_LO$Q23d1MNlf^VO
z)VX(OW++BZ?V?#ak*|{FdSzFUL?fBk-Y!i8^dw6y5F>!osOOE#R)ITJgk8%NBV$pt
zenQ-i7}?x<|1dS@+dze2(2}F&+x4}R+qczuc)=JP>iz7v1Vlm_y^lQ1S31LBH@q<C
zI(DUdtC}JPX2P!{v@VhDLHzArg<Be=P#)}BPlI9F{Z|q;gzZe(sL-H*ft+P@K^L62
zW?m~|7r(l4hYELGEp2!-(@ujVoD$g^8fW$*XYt~>B5?>MjAX8zlZ$Dp5agOJ%?r1~
z&TI1fvJ=`u5R=srAm<<S=wviC`C%ap#4$wt`b6MGv4w0j959xi05iN#t}Z+o7Jp3x
z?HnxTb*kdb2iFBd8xkF2;2s_gd*=!S1}w9j%#*OKC|bWRM0i&ot>}}q<7^&@{?Zls
zlxQPJ{EtH5>X`2&@6UBMkAVDZuDDde@X(n(Frr=gM|Au}9eUn7M*l}=tJ2a#whYb(
zNAOar$)O;77#Z*{$m*?+L@BC*j&#lxMZj6QM-gx)P6l;^0Tii;f`Gwh6?wU4<Tgj&
zk^q>FaMwwsrEjD^K8T<v3di?Jgaau7_zCEcXL2J!k(0;5l-#gm2+hr#(g4`^cw1BL
ze_yZA3lXAOTQN+%?r)dFb2i#v_lsYK_e1s;Z$h2sB_e2l>_IW$Ez#)FYWUYxA0A6T
zh(th%d6jwW-vtLD@qQtIj9rS)N5`3B7tU0C0i^Osg{v}4#64v->+Gt(yOTY?`s8!}
zhAQU_+HSC!vj%f%iN}vd>BSn-K+nG&FlEB;4|W!8iB%T*oGR&?dt_rGY&TebV^sbn
z+i8K+nL%V)&Ln&OzLHTRG6^4Wyx^&?l)Z+Hc~W9DdVwF-5r!NzR-eY!UWXK-X`KPC
z$1>nVJfSget8Q&oc5hE_<r8Tlu(XWWXr}mvoHB=|pax*B6wR&_$!^CrJk&mlnH&4*
zkOqa-I#~lu__9M!0?m---}1ZhS=uG}ZG+X{;SaE$=zwGwdzQ`Lp*0cF;I8=!!EHh-
z{Q;+LTfENbmc9b|7Ol_fW0><b<2>r1IHdZU@u~4;NBo-7r<2pujYU34uXV6(<6F3C
zi1iOI8)A0TAzZ)BgPhX)&8oQFO`8Z_`w1GR{5m{fjyAZ%&(qa2z7)K{Ct$t$a*1~B
zBHZxdqfhuiepb`uFU3=crqQ5{EN#Q7qWft=^2CS{m|nI7@aLQP`+v$9j>lgTJ6deS
zR|Z?-;(&qyOu6knwm>!Xf7}`!uZ=wU6WZrOCTa37KESH^sLjqucJ0@rz2Wn{o}~vJ
z7QC7G?<!^#Zbm{X`^pC_f{bARgA5>?xLH2cax{`IleP1C<6t-&L*vXMS%Xo6RDs^M
z&Sa?7qV(CPrLf-6Zd40D0(3DE`DYr&`LB$4>+B|2)cbQc)gPGB)f^z)L6FWhQ8>sC
zEfiM0IfUwY8m#Anw4$@Iz?FrN3~r=?d7?6|Q#RCTZ}xBH0m9A%R}W_26ZrTeSk`=@
zdIX6{CEHf-jWP<B9Un9<dpBYz*mdt2wp((Mn<rhX=oPu4L;sPzRFGIvuk*m-{BOoj
z&fG`7<C<|@<bTtB%7Z?PS|pgk!QoPY%Z3q>N?X_loKaAWh;tC%4RfZKoLcP_gNTnu
zg8aVts>7J;gCUr%b1eOln`B@L`0SL&oSBY}iG>VR#5RMlkQDCTC+K~g{g0!DpP}gw
zD>8F_fav|Cc%+O{+3?x+=(41I;iFV1iP47-gY@4$VnM<h|8@wNlJxy6@2aEPW^(?1
z4N-tQO*bGC+q_@6ZIGOfctUT+u9#^!`i)ER$Pe?)o5gwZy+QKRMGQthUzq8~LVDj7
z{_(x>_Ew^7IfwBI-<z3J{y^l*$AOda0<C8~g#4Linx)ZByOby_O;9{ch*+FE2^*mi
zE_C`mK__UQricE0fHUL6Sv*v9Ya5>UDE)2Yt;Dj$=mGFR>X<D2YjT2XSmPF@*3%dA
zM(+$wT`<;V`OFsDtAh&v0qTKZO1v6>!FZ|SsCb}y60*<y$Db&}CGjXD#;`2tJ_Y6O
zZ*CfUeOLAs`nq_BRo$?rNSZ<x1MVuxz~cm2vm9~VyZ^{NyWULBO%8Jv!=fi-gYBkY
zj??Qjtz^pQXnSN$J4kKh0DqT#FBpE!OlV@?U*Yab8qOtzD&tE12v-)DCm;xMoO}0x
z@e32IUoFYWR29`Opu{9w7pYn;_UN2-D^P+F7-)I^>-Yze<zM&MzEoCUn$H7j#AOw+
z@q~CNscU7zB^~2&*!Sy~a4*^#MiDv6;MTo$|B4cGz+z&2nHroX7n-`P=LK&dT?Y4#
z*I~>Oh!`Vu8IR2h&s8DSubYZ&>0Lxu;t>&xmD1>Cc9wOV1T3tv*Y%c;3Es5g=1+eD
zn-{wn?t;m7h6ce^>>maa(2V$ChrXA46ru%(xbsziTLT+S@F>)C6OS{{t>#6?|Ddtw
znTtnwb)*=0RcViWYO6Nh5#!gSB(v_lpk!rz_L?|-!PWkLJnBcZ(P=1L;R)<-MJ8&n
zr@EVs&^B<%e32!eZ4$)xo9H<#L*m|aHj9p7=H|CGacL~b!7ULq&Nc5FWK{6sFxo9c
z!rt^XefnqI!%h0uk?(jJ9&xF!Ceehl-N@o(vy~besg-6qor}`lXn9qW+p`Z{or==3
zaf5%VCaLDo;yf0nyvlO&Z9^G%M3d4aIF~VbnT__AHaIuOY3?=!8bEZ=?)=@fFSCi@
zZi&T$=->^zH*>5n!zFM6z7h0BF6=S@G$5P(BQ6DboiKSc{(GyqAIKexnvwo=8Qj-c
z0si<Z%=O`ub-j7>D6I>AZ=vP3Eo`2*6R1yzgVS8*6uY}bQ06k>4WM(3X!EpQ`ednI
znjGT(ksd8S>o|UkfMuerDK|68N{M0QC0{LQ{{dZgx%%&btCqjhHgBR)EQ1JBAIvX?
zaned_*!QYwkn7UT({BN|7QkMRnhJ-;_ODch#Pj=Hus$8w_v}M_Q_2Fr<!G&`Vl*M^
z-^Nz_rR#PMCc|PT1hk$cfT=UGES6ke_?WrR&|yj4ze>{Q+#)UCQ2nt19lFNr+h5U1
zIm}aZB~O6Z&lZXBxm<}cE3y~ok0wn|Z_&3W#4#bCE0=CH1mC#-t$V?J?24nVg<49y
zak9L9S`uWwear?k`N9#LNN*6r0Zad6yF3Xy7*-vA=kIJu5zGN@cf9oq^n12Zy~Jv;
zVg!;7fF1M4YBU>$Oi)B>j(5gS)laVx<SDqWqt(6&6hZ|CN7#$3F@?)wod2|lSQ{3<
z=n(hCbLsiGagp>jOjo7)M|mR+#WWA!xCY~_pu4VihSvQzH&zk~_lqW_VM4%!t#M$t
z3N+LQ#B0;%vLGg5#jQ;5x*zkEGWOG^UV7=`BGg^7gdjKST~wi|Iz(NRqZzlL2XnVQ
zFs;Hhvug})(U?lpJahZs5CMo4#ESxj+PlH@kcBS#3m3lu(P6<PJT@3AZ1jY>JmRax
z3B64XPI($R9kOo+%(IrisefG$^(2A=m2zO7knivKX;Rz;4fEb?yvDtDL-8EjqgfL)
zzZdEMkx1|Gx1ctqYu?n*vRQav5AE*&%`0Jec|VHXTs_k&z)KhPXrJ5~cygo7y(xym
zZ)b9KzPNkpn8uwnD$)0cD|Ow_Zeej<l0v&XTV0(D*e)W3GWJ{0k9c>En!~f#_mo$e
z5BN}|o{Wn|vvBVOO>zWmM3MO_#L!+p-;-Nm53djSr@F95;g1s1vKLLo^BV0Y6G3|3
z@wx*ajr;4YmnRV6td=IBTc_W>k00HkeY}hxU9l8(+_Nf3c5<hDcRORAq(y6%ovSRO
z*4*?4LFh>N&pb)4)-D!1y)aE(3cQKBC$YKUWLNpk+*m8Ai`Mye3a9XdGmVAji8%cc
zJlDgi()`MT0hvyhP!xIgocS#lSH@`_?Y&mAc8>+WD*cmo50UVkw7m8EhvogNb!-}g
zSBYtsLIQ)Ay=fNeF9t7;J>_gzt%tiI6M>7GJ;=Bh3HX;lfQMhc$-DArTOc%jO{wTQ
z?wn|n!cIKqTa*nBD4=|SK>#nf%0vqS4|d5^K)|ymG=Bc)TQVR1`*-HYo6<?(+V*oC
ziK9dL)<<dr!cFDupSf@e>zrAN2j1<no+9{SiO!rH7biFWkC#mY#!9uxESBlirrx7<
zU7tX?DguFRTJg8H`4uU;kLP=h)AX0NUZF6{<Y{LMd8xSV=#lFYi#y&2-%Epglq!!F
zA}Tz0OwTe_{)$*NqM`egxtC1lQpMysmZC7$8<h^3KGrD3nzkxM6DL}eUW~hI?9Wf&
zHRyvd<ig1}GQmwsxOtyF((T`RnTq)&v37LVHmgz}UGY`&G-TU0Te>bhQZD?9YhQ2e
zr;jf-cdtBB$iNEsFg*HL#AC-2(i)UIY{hUjNC8U?eLzly_ZmlQ5+cUzIf$!BsBTni
z@<2!_Q;CA>=PFZI*HA&SM_=a+qM?u<A+U%DO75hnL*p*hRn{lcrrIbvC2E%MSUEH<
z^=H^R*)vD^&Cs+uE}P3$-GM89VJQ-%4X<Z1J&E;yE;sd@_vby3@P+3BH#t4M+P5V6
zS--AGK2aba0n}f~KHlel(Z;-<9pDkSR1PsonxnmTv9&p3Ifg012e3Z1nM0GWBRCkc
z8{AK%794;-Dr~@u3x!hsgW0)B(D}8ftd|BJtAK*Qd3Vdm30cOHMIz^p>m@UkW~I-1
zz1?cimA*}+hHZ`*-EK<Im4uEH350l8Um(IG3^gF&y_SldXN&P?`lk_8H4tS|N_nA0
zQ+VgYxm2DT@^$i^k=tY2d8m8Vui`ZnNRuOhhuGu21Hx5UnLdjzntjduK~6x_<v!>F
z!tQwp1p%NZgvQdP4onZp0z##f<1Kk}K>s4gj?x%l1BaJJxzJJU#Qf%X0w*&3A&MxK
zFO{;^VC~M27^c6;V2x+#@d?;5?9Vzv!-1mjh+kl(qD1}m+ABhI`WvR60>!*4T=s1^
zP`Js!6M2ZI-e7Hs`NRDN@<Z5&(&^h90ZpbhGyW2DHnYOc4htr&v_s$(KWy^zwd%Oe
zEdch0bUUIq?5cgqJr6R5g19;Xuj&@@ugqG3%oT#h5zWXtZ^}{TviQH$5~69xAMmPG
zii;+wvAPXE$p+H?alTOJ>)L?Wid?9r)2n3{J(ce1=7V2o!&I23c?VrU@`qT1E*<x@
z6ryht>P4iZ>GOw^HamnbUk_kku($m;U98cj_3ZBEN%L34Red7*A8XV8fi|E>^HUqb
zOCHb}PXIGY!)tP_K3`Rr)?e}*Cr95zY&a~1i)JlIlx#YRwJxoM-1@aG(tME#sGFiP
z`#ZthBfr<2nYIJ*c>H$~DY}paQzk8KlAmfce(GM!S)rFj6DS?FpaZDB<P0~(OR+|R
zd?F9q4)v#s`Sw*t>Z%s({&hBvF1NAAbWpMJ4nl7MUUPog)4$g51QOFu>+Fj54%5`|
zu!#_VRNV%v@4>%|=ml|YiWvW3ZG3Lel{%O({yDWCniRwo4|aLz&$(e|1X~n$<cxt^
zW|xJ_Z-E;_#UOA?<+HF2+R}-jp_}#O3Z#2@G2$gx$064a?)hm|%HfL|Q&e$gVXnee
zI-psI<x%{Jx)DejZ`iI$^Hh%IyI@$PaHaLX;TItr^tOeks=-oWTm`*2XrNorBq78`
z9=BXyK=|mjmY7J^L7l?w^VL&<d;a`ZAso$%PgWP!{8Axklh>hjtT?{zR;KSSpQJ^~
z79qoXgkkC6XCcxFLaYj2YHxvWTzJCYL)X>FJar!B|3uv&)>>3PKiBdZnfo=DhpAZe
z*zl;)w3lDcy=;|EG>m#aUt>=jx*+Lc&=gIZ``948<E`ip^`}b8rV8>fC!R9Ky%j|t
zy&s-vn=4&%BK4jOxhCE^#PT%!0{E4bry?OAK~r_<u16d=8-mcin%3Al4zVN0%BOu4
zfh{j?bam9~(I>=_%*7RR_hbv<-vhkh$6RkBKnX9-D-lA7e%?8yxfg~kG^Nvg&--!v
z=cP#o3me%q{|Pic13s^PXz~>PP#U+`QFzk7UV5yj0f5u>Uhk%>(%m6G9J8!nwF;72
z#rfC{0;+Vf*VPQr`-m!v3pt!m@)KZ!M1(tsE%e*VB0297!*0OooNF%DEzq4Wt7F}r
z34Hhgy3o%8-wFwNB!k(bsDJ(92&OK~B#7|M+ZQn=nF$Nx2W;|g5_z$D(yj2O5%BjF
z80yX~c@3-g7VGNIFwm#S8mv5~1-}E)iL(ZHegXeNK50qJ%*@CawVeI!^pF%X_0zG5
zpPoz0a^@1ufLKii*VcuAZ_Gfz^hgCAt&8b!IUz!?U?X4k*4EMUS$Ge-q9RealqA}Z
zLSGy$IVLJ&(yF5}-j4kASV5>_%fG}q&5cSzN!gN}fmDPz=D)UAqpUnzT4p!QM-Z5F
z2zI*fWnd0Qa53$L$=IbPNeKHf?w|W2csLvdaw5u0=}PJ3q{x9wi@EolnvyZ7KY}#p
zTB>u-Up<n7R#(-?yviL*WmLgYmO5q`Vh&vxG}~n`em7Df0HO6MpK;^*IRE<~N@`>~
z|9rrTl>_6U^=gZWhR$zkyZz2Oi^;Gw6tHafNnr;Nljg$R-C!St3EIoAtv!?04*>P6
z)|ubvPVBOmeQje$TfU7~POG2QH6|Fpar{Df0E5b8q_7v5KT`e<FN)2KCyI^MM5RrE
z_-v^qaeeflMTYrPLSn8pMv9X3rw0-5+`Ll2z}~OS-6{UK;ma>ZH4+dbM{VBMXjNU>
z49C}Qn{r9X<|2b)b`Y&;GozT*;%dG=QJp|M)1I8n+Sf3^Xv=4r3kC56m7XYq0E86*
zm1v`*-Qg&corNO_0VcKEaOSf5w-VzdX5owr!~o*Xf7e3=F1oI$xZMP8=Y$q>JiA|Z
zqqVlh)Aix6SopbU%XX|FpevRv!eJYBq}5K`9u4(yz!#zwPh>een_856t+$Q@MK%M>
zWb?l^J>4}>!)yrke%UbUVh;9EaomWXA-4}jE4!9IicD=<xki4_T%vjRy{cS7j~h;2
zTwZSc*3TF!-`LzNn?DsVTLfLSzqol=K)&-)kq4j+V7yZH2_g0jxma)J9VRvvurNg$
z2U>tLB<j^y8fN@CWOcmG1U-n<yw6n%bTju7ig@W;ceSF&7A7)ZHnHHI_y`Wj5|!g5
zA|4WM*5&%zW6{z?0hi-=q>j?nhQ%A_Ku^^xYkj5arY;ED61xj+Kk(6sPtXn=&P({B
zK}DAPYgt2<|0#o8c+Vf3i=3K6EWGrL%ZAS!oZrQ{s`u=ra^&UtT=p%z#*T{*=n?Na
zQ&Hx=OM9$y;ri3C&VfXjx8&l6iXV;Q#m*OGOqkI7@w%q$jYY3JArs&h^abcQGWF$>
ziEnpZ?<+%97;1^E6&dka`LWbnPfwPe=A7dWXsf@6oCww}7hEuebU)oQ-v>K%h~)O$
zGw(BVfs7xU*Tre9X*cd)>^!#B6a2t`FVwr+ha4WYM|3o&{2E8fF{cnlpd=1}4On7v
ztY)XYXo>fgqrH%0M*pLIFcQ=SkMTq7iGI)f&42!p^$yuDB%3wX;iGpX;r6Ube`~?o
zyOl{`t*uU^jhEwQd&9pXJ_p45(I*MI_Ba_AX(;-@;P}+g<y47=B5LeMj5geGdX_Ky
zNJMvzZWkmC&B5Ix^WE%&_$*IS`5TJ-eT#0#LQ&fn5nI%Ug@eST%m}?!r~0(TeFCvC
z#$_=t)Jjg6`5k%u3H-7Ob{`h><B)yB9u)NU_#2|yef2k6YAf%rD5m<Va3k|qOZAo-
zNIx*{u4cln9|7h&JI9L#j2mkjrw`YJV~z=G={3IR1L97CZWU%0OXus$df|08Sy}7e
zv(ML7X9_+E-y7Cnp0q1!fvUed2*+CFQx_NRoV`CP9iqxBj<vZri|sEMuravyRkbTJ
zY}Vg6T-l8>yAGozG_)tps~`-d62!*us0f5r-|%!BKSk%Ukz-E7-w3ADa=A%!@{i<M
zavvlojk7!dDZCwE!kdrv!P#~FQ|T4_i(jK)k@vOc1zEGAJ*W02yS%=KREQa4FizGb
z`1DVnP|St8kuZTv69=Al8=raWjqmRzj;-Ni|KtY+pUYhJmEW>DKN@bL-WM0nHnb@J
z*cNlO*-X4!ayFd~aQrmczXEF%EZ3Z78zhkyfT$uT%`oO9GXDOhV9VDi+=C^|o8a;e
zG<PuhM)sl#5g07$RI@(RU`xQ`wAa6ZBRa%^5TP=Z9yRHjweIC+@nz*85S9O&f3>kH
zuTNYwd|eW1%l*;jNJ%`L44*F|YM%Nl6pfmbL3UQo?aiTV0kccpiplg{aW@=y!HJ@i
zytSXf>8tjpoV!p+=cdk)SQ?*q<-%h_XI1S!(A5mM*V^#UKxy6sby0NQgU=%+!e2&h
zGrmfDoFEZH0e0&m?}?W*>f7<o5$15cvB3Ak3Y@-^*bc+oPy771fk6>JW)*FMBGw%&
znlP<Dv-DHF+*@-p1ei)L)Ec?AX<MI_wLlM0LyEf2d#R-y9Z@g|+!kV}e+W6RO{(@f
zAmS*;>hCzRi(csUo)NUVXebFaptB?HT3ALvU+Br9Zy0G#7~GFTb11;J#5`2}rN4E8
zGPi)87xn|g-UX_hn(q;@A_TLi<`zIoqIzRGU_IMqXtv9jl}n$O)h^nSZ*m}V#?!rh
zTpG$CH4Gk@4nT(~%a#k`sH_|IW5LHEmr(NUmF%RNVWiuS;eD-W(SKU%yAQ(t@rsoA
zOT^OwHpa~O^)K0qnsP#xp>y*Fe*kV7s3^u~u$0CR!UQPhmIdqfO=u4fTVVILtXE)F
z-K;%W+Tzj?oIAU`y1Mxs_W;swoBcqW>kR(@OZOTRzf1cZH{N9VP?B|uFcQOX3~HGQ
zh@w7XPR4D*@;W63hN#y?eqe43p|V(W{eTpQ@(Pwz@IsTDK$y&f#E*lxgA;6D-jL$Y
z0&%S@Z*EGFV0BwfdnLQWztiyT90^gNs(c#^6Z}QdBpc!6`ln!l5QY-&X%GeJ8Y!GL
zhr=5R1@NOTb>}ioLUS;|4V91C1NFg!&!_FD%!|IGRY^ZOe7|CX>~E5+2dT`N030u$
zv9^X9pQn?lb>^MQ-#Tjq(GHrU{T^{vQ;%?3vU)Q^kz{r4P#&1L!TwMFI{&<_1~*FC
z=2zv?PQrOr-uJQP{1U#ugpZ+7<Qa&j3)iy>#Yy@-%`sYcTxUf~1UYs5`vk<i9xrDC
zq*5HQemmLhJ5$|ez2iR?!DRZt1_hzcXKOnbWrVq|kH=4V{P8fqf?A5y6*~8BZC5bf
zW>B$;N#unDDnAZFS{)w}&H=2$)~6@v=&<+CsV&K?;13NlP#4TQ*+Pcp#T9>7@i>QN
z>M%dlqQeS<m%#Fp$q#s1d+M-|#Uoi^H@t~9c{%($#4%PO&02^ix|d(@?dP{~uCyU~
ze0fa4%9=fF;rxN;^aRVnY2UgM=^G29EqeLrB2PN$J=>%E-5nx2o%{d7btrD;{lfOs
z?gRZDUBr2Nck`gfpDW*5X6PTSTKli1mY6Y9oB(`AKS@7yJ&Q-{Xmc$;OV{Lw=4g0S
zK0zKalt)^9%$%=XUXJ{x<}-0sSmvsj=y>IL)UWJb^J&&wURm=oJ<$Kf`M-dhGlr?d
z&=C|N;MM*UD{eQ7d_3U?QsM4Yg3x{YOru7q)j<>KXSK{X#P$jd6m63HW7Y2TFVa;u
zA}Y{-$grnO#U^njIl?*fOED&FBL>Hwy`V5%<XuQH!aX(i1p0Fg3)?KDI9TJDhsqoe
z)`$R6P#G$s_<x4rxr>w9tsU=Lp5e)|+KNq$7E20kE3eaMw*^mkoG3;$PG1=E`6(=y
z2kxZM-MN|0t@>cKXcsII>5GQjF>m?9Gyuj6G2guPCI@~uc~E+i`I>E#Ny?!u`P#f5
za$Y0&qDM>Rkgr|(D4e4<Q+SBrFMtA82$cAt=N@NXrSYy{1$2#DR`9O+eId7M{5&ZR
zVuwA){R7}h)7y%6dwd~IAp|xXgcfpdV?_>gY^Jn=L4>X+mu3LYr~pv-Sfpk!NE(jM
zWvXZrR7DY25CL1=?>Bhzk)`6rY(eokA<38Yd}1>(1<G6;^jH>%;^raB;4~G<43FQ?
ztb!o*!~rxR->rNVc>xz}=Y93#sO%PwmPZDc)Tw<TwkWHT3dWn@j6GTVNajB;<jfjH
zrtMQFgLJ!as@_a{qX%X)6o&w}$&Osbu1$N2_X~C2D)*x6e-cN7o)E}JV3lb@vmAAS
zcwM|?A~Z}Xp~!T7M5IM4TCo!lKf*WHVe;@*JM5p2*C<GD!YV>Z+vCUbgyxT&>TGU#
z4LMBiWwTtJXMYU%3hplbb}wU}&6@0lSi8GpuRWxxg@+$pWgCCv^5rqD2rQ(FG_sYd
zkJg29@IQ~!GZQt%goA+B1;7Ikn9XJeZ<n1HJa)0Y4f1CK%N=fQ<$}P@WI24`F_TH~
zPkx5eWafsxn@C;;GQRyWS?6|vicF@{jDEA0az;fuxiRe`Gc7u_F_qD_+R8}vl#%kE
z7C)c!8YxfY>1?{_YxIZ|PO*=bX%tIQiut@oWfP0nVB^bO3I(*ve;$4>&67n@+k50=
zl#Nj%B`jMr(N2aR3$9IsR*Ykw9_cgV(wbl`lFn$|>v8#APRlz&AtzP)=Zqqbadr6D
zOq9TeD>+(@u&LS?@e>$81EVetLMh|+3TCBCQ0@x4KC`%|837q7?U!K_wxG+5MS6#)
z4dgAi?%?~HnHNo~7}$YeLZpRKK5K@jrJAjd;uB3e?xEfBfg1Un7*2R8x7rv&oOkq+
z5`{)(n$?mdySWjr6H}u6NHV%*DKq~Vvn1<JNa*;ZKrY9a;!DU&Xw#&*3_L3@xNl?Q
zLzF)iY;@^pQ3V1!{%0)vKF9Lv-RJu{pF_n*o&vOy<=qOwgJ-5u2GU+&i96;oUy-Th
zzNZsXhX_Z2urkin_+ngU#8z7KVaN6JU%Y1G$Q!Ur+!Os<0u;*UdiZ-UMI__rMa5Ts
zdz@XlS^4s?-7(XolESTT$hE^VtZuG{5ptD;>$MW-XdKNdgh0gIf0v_aJmoGD{2FLB
zfQkX=n13Ms>q7Vkc8cjar;0kGLPo*Ag28-5gDVb1wu|O_glP$GKciQo+ZEZJ!^-j5
z3-Y~G^i}(^hQjO)YFNoI7v@^n)njc>)(AMOO9Ovoi4{n3*@W4uCySeK8BG3~wGe;>
zDsCI^{Py0~_+4wl+1IwBPB!#}>%gsFO5s01Aa-F+P*r$6#JbkPKuP~NRYeULQQ4{g
z4#}1}=1Y}$JGAY}v^uJ)KAGTQCPd{{C3a@74K$??D#I_EZGY3W&)}PoJFhRz;wk|>
z{Cu@tn6hA>ty!G^<4tdQ<0Mi5|FF2WJ5^abF~r&^_hh{QdACs9c&f6>xrKvf-K|qx
zUkZ7t0@*&cU+;xD1(UeHb`QvUzBv$pZOq0LSZ`@z;;B-YPzi1)gW8)f^*Wgoc>Mhb
z{(~nDLGG=Yjy}4zjAh<3ID&fHYY!#tx`;`A$^f>aA(Z$J%=N*e%agZ1NX_sc@Eng@
z(j)pksH`i#^<<$}bpVu*T4dJ6lC);){|xTb?&?^2v2IwPFqz;}AQlQinoM6*sh*fk
zQ<3aepDZUZPZ6v1;A*4(dPu{4UC3MQj)nG7mE@>Kx&6|n3uSp5(kdVAF9gt_W?z^o
zZMoR5llZ98`U&i@(Eg}e&+5?qZ2R8(_`r*w<o=t1+eel6p@?tQEpVP6{$v}Ps?Wd*
zwc5?ulQ}a;DCyqj*)BvzKAU-S5iNVmW*ZWRpfg2Sfy0VYBTfJG8_liu+e!HsZu1E*
zlWV#g&-bawHeAyF$!H07VxdIf{Bvt|x0G>KmCgAhW|K{w1Il<OpMi$m!+O(llRT)B
zCcf}gq1!Sm?{vgColjf?#mt&k#p38+%{bv_Uv3dPIDfom5~p?I6h;qCsD4=`hu*bt
zv883fw$NpyMg7PT=xx=KVqW_lmor%0*DU`A-q@LmN&`0a@OwXJm)O4~r}bAu#S|Sk
z)Jn23R+Yo8f9q@wI&ky6&DK@pf4t331auXrDO8HLwCNqj`9#+FzKLfg=Y_TGh@!Zh
zj_Yua`^mCA9-D4z<Np?Usc7S8y!FI#V1(Rs`c2`YH>H>5P!{Gc3{zirYd8Pgc;c($
z)>*-~xzIXU%D1VW<#3uuqyO2m9<E}-{=>8r{6(yD`c^s){v8sG&{jB*IgDho;2f!F
zoX<P?XHj3k_UEQuP_zjbk$S`DVxiGCySzEE59YHZYdn23c)VVI5-&T1tsph;lL}72
z=Zt*1)G4S5ggQy2e#V`lrB)6;C8T*sNJAVRFqMF&J)<BFt5WI9OZRf(Cl~68Zf8>9
znzQu|4v;D&m}*`wmf7lrW3R0Vj6SK3>SIIvel&X>0mDk4C)!zWc-me{9pxndhXPYN
zyRWFp{uWbN#JJZsuCYB}fX8uEdxI$jj#JGRhcg4!9MyfqhA>o|SQRsi0?qoEMu@^j
zY*SqE{zc{HTLKt_F3oBqnYu@rzd2Z8^07|3o6u!Qq_PKmy)vYs0k3`nLG6#tp`q{Z
zOLkxPw(wtF4f%Ou{d!Y7ma<RDqpFO`>JboNzx1>oJ?H2b#CEtCHf7k|Nzc`I@V`wS
z{;m4CAlZpWxfxyTEPFGA8fjd0iP03bSGB)iuQnr@Z*L;REva2~gZJ0o@&?hBXoAJ4
zk0pPTkmv5B=*4Z`YKuj_tMNRxV==kvj6;_^9#cSImyP=i23Imnz8^N)7e1M#cxHym
z&CVDMRNatiqNz`ZCD~HUOw-NXmjSr#5ANWBUwxBAiLNc$L~Dr0&PJC$sL?j!aq_Dh
zHT=A+0(~!dLibcK-Fx?&%a>>S*9Jb1xr4yRn`IFP30p|azUUVYx^n2Ynm{2G!7za^
zmY1RFs>=-HHUKr#&H)tjRTz&@EJAB<Lb#8R5p7Y4v{D2C1=CGXT0ZL!a!Qi(kmVSu
zm3Ho4=%7NH0Fye>nDA=D8Mof9NSwe*R&i*|cm!w^43eH%p?g2?2?L;b%a8F$8{1qX
z;_&iSYm|1+v^(4ISZz2Z*CWeh7<~cz(%*|G&-IJsFl~a)o{o;yi@cuq|LSf}<`q_*
zUhqxYR|lCNvx57Cyq2y0+S#>Va%_4$cnwJqOOvy8aS=l2JXABA*`6ga;ST_i+Gdn+
zBc1eSWxi6T?oE9o@MMS`T(h+Q+CS{W#67Uu;z2}ogz!uXZRIQ_^_f}9G;<2+_$tM4
zaGII-BlWH$pt*#bX?LnBZGe){D{xF3nQl2qnPm@h29ny{<a5^h7h#Yu5#-CUN$Ce5
zm;Qx@ZB!mF#{5p;dj2fr9M<2mR~L#ABmkh=|3G{x8_XTP#!{Ga2`iKkry%AR?<FKc
zfH$Es(CX}pp3J46q+;rgRvAP`$vr{{54wnhbjVO7VxU_OJFINsFf<c6l!p@;jx`RJ
zgPJZN6_q*ao!c{KQ^k$9xh}H2(IX4QW4Vhwf!`SmhuPw!z;K!_%0LI<>378S#beR7
z;cXj=EG;yig?kz_pv;gh5a%bzkx%cy6Jjmc+2&GTIwZpc9$m#hQFPEYO*6lhX=-;0
zOQqGA_T$~gr}d3U_NWbQSgoG_BJ63s@|&}5oo*(e3e26)Q<li&QNbgc>G$B>2gS2t
zn$Bfq^Hi6Pt;&WsMlr;)xbvx-Km&ML^qz<SR=Jr|v={jbJ{CY}p?F!f-{Q_Ur&Xc%
z$wF69Qkj(G7OAA+Q2Ib!h9nkeseJlLfHZ3KzLSJ5W<Tjex_%yEP02-1EgbKd7YCwM
zcQH_)pVh(*jk;KM#@F1Fs|F*I#G@=v&LiP3c)`sHYYn@M#h~yQt^q!z`KKy7O)tQS
zhyZj>e9_6aPas<B(S>L&!I;QVbh<#kT!Ng?9m-PxH>TPXnr7azCdnn4=KbSmd2!1r
z;*1wNZ@zaLJxL2_bMz4dDH7T(YJK(sdq70I(!f&ng{UL~WB7X|1ZM2D$U>9j(K3aH
zxJL^2(_u{_^{QB&U#xF@5g_&|V)?Mz?uY9pa%6s+*e)P)j}kssrqc0&(<ry?*Xmzr
z>Spc;$GDL^DYj<W7->AqcbK1ZG_j<5ao1WX?Wk61j-p0v@4T}N<`EAcGMP&Yp9eBY
zQQOJ?^tW@9*CH1cZg?HeY~pr$=!hEdvhtur_anS=;Im9piNyrGt%nV!;qkzDi7-Cn
zVunW<d?k||Wuh~ppbp6tAWR~QlA<C#Ja3pHLfIBQN9+_CHWQaitbH!i*u4LotIO`#
z|Btq}im5B=-*ut5v#^EB!rk57-Mu&zcXxMpcXxNExECqzS}0z8^L_uFoSc)KWZ&$Y
zaXpinIWxw1pXdEW?dic$M=w!&*)BpSnY{dX+QnS{(g)BKQq&6nwk;|*QRXY|1Q*E!
zCgbX4Tx@B`26i1kUF+y<ZgUhiyc4t~h=dV1d0RKr{!G(ZeXI<Azk0eZ!l%4^)Sx4$
z?~z=FGLgS<n2@Vm2?0Z2LCv3$ru&&d)f-nAP6mSB0~j%HU^RdIHi3MGG#mt*ia>3R
zBLjW=_)Bt76M@#0I~bj#>5Hp>Fb>s%nz)0$Eksih=7YbT`*)R>H{5N*Zi7I%)+ZNQ
zkH{&Yk~+mz>NvY7E*f`N0)lPGdsbjuB<k7;6%dBRi)@5w+M5HTNhs0p^Wx&PGVc{d
zn~8KECR0o2Jsx=j0>L{*iRn`qefA>KDb&fkCsxCNG!X5<7o=Lq&M%k7NraAZ#v5&p
zmd3<wR!C}Asj#9{11K+(cF;fg4lPrdJ5~du6;NR+t`7ojB%{2wUFEnB$SI~*@RnrJ
zN*WqCkDF=AEJGOKhNSsQ5}z3NX{akR<}=iL5u9YgI3vS*DjKE>#Z59s$8ml@92xve
z9T7dJ2{wYrMZ08K$H^FjpLbRbDHiN)tTF^=t;>g0pcBrK9g5%rQ|}e36{x&SP;r9|
zCv5Nu`RPL;W-3-cf`|Q(oI#5NH)$rzA4H1gyI=BtNo`$j{Fs^|IC#?#U9*B2r=yJ4
zg6#-GYt~pHrw><;`+<OMB!3cD5rbZ@ye4{kf;gTzR2bS-Y|bK=S1C%&Cz)127c1i&
zb7mXTq>pA7X|6RZ2%1KGy@LZ=HOV1!aeE{LA9&nvWI`Ctst(&y@$v*%9x(&KiGPN&
zz`+6oxp0dWujdj(i?Agkb;~!uK4D#YVHg;n%kMwGogW?TcqFPZ_7DiL2Tn9(85LtV
zj#61j5_Sy)wVAPhiwbxi7QqF}*jHmlb3Pq*Np3Ju%T71VdA`~`@JU2ELik4|@+R}f
zF!VR6NeF=EwOK)-JZ)1tGMXZ?MuiAkOX*=22MiA3ka7{PhMt#WRjc6N-8A6+KnvD!
zG{P3j|5kVZatfMa<CbJ(yF}RZ0jv{ZDBDK4HNBxK$!`S9_<#6HfhpoSD+>>ooOs)0
zNLtHRE)qZ#V}|8G6sx2oiYTM-R^5=UK8%P=+-W?LS*%E@2YdNARaq3xgpqU{VytNC
zuY^wNs&X;^O7FxhEL=E}4U1FQo+uNzbzExbiI<T?mY{nzO*)25sDOx24N^om)cHVS
z_7@YPzU@tff#*)@KQ-DG8skBA$PMOLn+n^3gjMh5;Jeo2xKpv97?Y$b>+9){oak`+
zy2}Uz#;Ygqc4LU*B_^=g1;#zNi9~h8f=AyJG=wJzxSv{vK(t5qX?3R4e-9BIW=@B=
z+&WB?By8`9*tqXC2q|`KPH%8Tal;~mYv5n9vJ4i_L^nXaOWf12=-)+I8Q(S;tJ%BI
zBVbZzh2;g9(H-@(AVfQ>YkVV-^(o4V6ErJhisN|*U{=UlKZSGcWJ((Qo-<B65JEFB
zeq*&?#XeZ-E>_2FWF%HsaEpG<A-HhNsOK-0-vIfemrMdYRy`8^JSy%@q<#W3vMqHq
z*&%s_$oVagl<s6AF%Row7#7BZScr<lM&4*CC^vkI7N1M6U}z*w7DeuMJZE7{XN*o2
zhwGqYzRcITc|t=2J*>-=UruKQ62eY7&b`>)YIF_<{y!NJlRT^qPoO;~Hmo8efZdrM
zB^I1(|0Uj2Z_gP(28s=_m*EZLE{pyb|DhGh3oArt75DTtk&o6jV(I~Ww7X)<GT@zK
z)FwV0AP+5S)pwE-*wVLTRYcCAR%`o|{wMtpv<NF4qjrs$&)`1zOtypA1d^Cx=EO1b
zK@6G=a$>2MDoNw=0ZSm%T+PmTN4)FDbi-%$(}m87=zchvu^awuGbW$er~CDH3&Hl!
z?&kib$|wKpgXTcfaoggXcW+f3u(Td{`J%u(sVjb+3QunYC?v_+wRJUNf>Q6amsY0R
zppN*Oe61;+if?Egq5WSwp=(eQel9r)@!zqh>slbvL-iw*Q(~+>r)$=bAC;yEY6ysF
z(k&Qx2FN#<%13&h2yKW96pwTAWwDUj9MRkWqyU=7#-gz(mrR-XFpZKV{si^QTj^yR
zv1~3w%=v5fP5BeQ3pnmGGzrYJN`rlBdy;pJd%g1JtV}yp2O%D<&&D*a+47YYCmc9m
z#1nKkuiEI23yhImdG-OlL)QJ}-7hZtJsN+n96a1h#W)9sSWTlO9I<{Qr^KQmdgzbP
zpR`GLz<xRCPrD>4Bk(S3uT_3xcjBj9iT`fMPCt-eZKcyjsXarhA8LEqBUpW$J;7FR
zlhe)*S^#T<-Gl6w_R#4^+{|bZp`lIjWu;~KyKY(+2P=&-BTN$FBvRPWPaPc@v?OCj
z5$1QM25G%cw5)4>)`XK(j(?vy(+H2WExO!QU?36by6|+pt}*|owzGGVh}PTCeqp;{
z2OU>b*-Y0(nJ3etP|DU+t8?&oOiK623t4J|(=@9XpMxP)(4sGn9hun{S{HaA^??ga
zQnY}TR?*CmH=S?e+VqM>CJR*$)g*S%P8CD-m||?tP2OhDOXRvBbGAPBR=ysB?PRki
zl)=zQQ$lYlZBl+$k&xaBZ%VG**R|9m9IeGy20{#~e_<2&h-7EKSPEoNV2ZC4cCX!k
z+sN|#jZmaD1_6P5io&|Mo^s7mI^0X$)BhyhYhUwwD!nFh7&WbQs3Nuad-M$*V+H`0
zgN6ndpu=tTFw3+yMA!wigG)L#(lB4A8?Ck>mI!?rAM;mZx~5!#bWBVfe;Vw=ccmbj
z^3>WYH}l{|cjSQ|Q6dy6$m@e4P$4H3-dUqo%p;e(+|9};-)yZmG$P~R@U1qSwnr&v
z$8dM6vZkiCMl<}QTUX<_uPebQD{hYIUJj>&ha(4!TU7n#j9A3dT`#_wOp^#Lh_h9Z
z1zAy%I6A2znm!1`hhIzhE36Ria*XZF933;2<<)lHmM0zkCzqDH*zslBhjn5SH>2wc
z6gcWekH|ZS)dWI&0mC)-l<jy}UfhNps=0H%>;f2FzHR=_s>B84LH*JiPnw(Kcjo|+
zjgkgnv$7VCudl*}lMv-5S&W)jOC~FRM&0D_=)lLOyZ^57%mYmIeAWG%(a;dF7owO~
z8^t9~F_||uvSu^H<*kO-#>=z7A2>?0lj}7ms#BR4&Lp|ZW=~b8nrlOV3>MMSz?*L;
zRn<#Vvu+NKQJeddm?KCd`snc1X96*_szO}rvQkt<*?LkNb!5czD!^@rLh7r`t3w{N
z+ptZ43M5;BD3$E6nxeXvXw>_bc#<`$URX_L%-&fweKnZVNBP$~u?r);C^T1estS{K
zOHv;t#K2~L6Dj|$8Y7oYPK(5wOis;>%q&VaH|Z;oN^gYJetYN6Vjar3U&aJ=CdIFi
z<1mUAE|mC6kI}#YA2ro0tL(cFC!0hc{4qt97(S*pycbQF!~^jB$L@(d4%3CKN_(yx
zKP~Fs`}OGHttI#`<pi;Lj^3U=_Wb-l?fu&YK79p=GU9)8G8<iw<n8_u9}?u*`wQ)%
zu-LrJWZz_ceoKD&s^^NEZm{dN&^S<5zDyYlh-{2D*|hzFWqIc=Z$+g%>~~Xtm~5>o
zWZ+?VfE#XE#`hBmzpWqA&n1MKOJ>7{ZySQLLTaM>_)sdZxereI&4&5^UDv_8hJpx<
zluo0>_*X)||7M&+mte6US_$X6W({9ujfZmBRk-;}x62Ti2g9bM%<#48z4Ozd$3Za1
z$$d3OlCpW%X!Rs6ljML_dR_>*%z2MxA=$LyNY9A#fBd$J0FA;!TdAlZo!?$_{5!;e
z4V9*@veU{O4*xQ#Sy3$`7pXy&lamsarHS)!U3sm68c%><irXm-x4<(}$4$z!oF;A9
zCb~X|bW<ZinnVUg(UjBq_;?+X@g%qbP^c$?&epl{n1fDADSo_wa0~`lI^T8v^^^Sd
zJy+>T?nel^$47@b69U{wdw8Pz(X;9IFhksh2A<`l&&R7nF5T0^t?c`7D!8~c3keWT
zMaI99=)C+}!}y?^J0Gl&p*!+lxjgd;c>3$dDe2A@EF~4RIdcC5HZC}2Zc6zC$K@qM
zw9vu?xR4qdZ^9?i4bib6?DL`xNhCB0&a8?OfiB9rL`OJ#_WCXj{r%lLLKSl%aoWnR
zfWfPu14Q{M@RHhM<C;8In#+n3RZSFL3<_MeHhf1~YzxkRt@>_?PR?O6g1888iFQjU
z9sLspD@|6o2=l~Bu6=_SWZg*xQTNYT)72hH_~T0!g>rIxfiQ_9>o}fLH|dJ`3Nj#4
znKO;eWCW|M39C1)psz8PpXSqWZ1kUs-Al9U{@&f;;jQoPMET*3pAOh8akaGDGNQj{
z;6sww6b`Zp8K0GMZJ5%B;8QIp>ORlG5k<UmD-pBwO(&E{YRyiJb3I=Q#g4EU&sgy@
z$9W13mJ5TzP){3KefljmQN&WC@|$E#3jSFbN%SqBYp}?MqNXv)<sPZjn<}`g|IU7?
zO_Ff7fk2@2rWig|v;wm$WW;RA{-w|s&q{8u)OUs0n7IVPY%w=ZvmjqZEY6dv)pmey
zG#g0r-wc35tgYS7?~NGsf7;(;+{e^rvL5is*zuyDrh`M@3z?DLe;tBW<z?MZ-4uo3
zw1Q(-bcJd=z3UFmnnEW15#^*`&j<BAc!V(qZ`r8)By#?bZF`ee3=DPe864<c6xTV)
z-w=y^Ck>f-BW8@97PP+4g^L}&o?Wqi`FRChpKtqddvm$;+?`xI%?hh#MUnXVvVJ^q
z_Ve>0{%)@Px}D`AecJ8paWZPJMdi68QlE4G!H@5~g+0>r1DSY{LKCh&dS12Fo`NKj
zIv<V&LCI^nT@s^%p8G!9gsaOuRXyY2hjjgn8l~qgx<po=7guFH`a3cCTaH$rPx3~I
zY^r6GETfHqaAxR4_Hh|A9(1~FvMxqFaNMPlDU#b;MD-wAvR;?WO(*6#;A!-d^P@#n
zsw~U*Iw_{SXQhYisGi3oOd=cE?$$UHm*yq+H4;+uSOut}ROc+}H$WYgPs+oRtVf(^
zDAT2b&>u}lPB-Q_WV1J`B|`)IyMt;ReMQ_X2&3qo^2tE6>QJNcSQ;=0l3K1&`lF4%
zL`<>s1yk+TJqtnDt(@3Fu=;XWEZMc+`RF9dqilVfde!Vx(sDdZ-8^FC&}U?k!oSfR
z$w-?XgG$TZzGj}vvhb^ZV!h9%{u+uy8TU|yGja3Bkvzu1k_(!!DHRl9V;p>@1k&`w
zEwco1ut6o5_;fOxe{&4O(6)e-oSjF2mS_XcSL|WGakE@U@-5Ss<*HYNvQ|dt`3m}Z
zzns0DxL@z&`E$KI{IP8$#((jCe6P3vWNyqzNLM;gE>tLXdAYniI9WPq|9Z)fy#uML
zc$RjB6k-ea0I~rIjYJuj;I9#@@^&1EaBj-1Lb>$C1oGE>Glx9fy_n7Q&JX1S#Z_%F
zW5z?q%Ws<I^J2yAr-GlVal><K$tV1Qh<}!v3&uGaC2|*OoZqVIZjxdwsv5?#;MDe2
zco32=Gr|(igwwG)zvmt4?qlK!`tk6*Pi-h3=eQ0frNi47WM><r<nBduS=!s%8$Zh|
zV!o0cakoM2y|g=Z-PIpXDHeBid9e381|EbiVDbrOO+M^LliSN5z0ujHh}2wm(S{Ou
zo_J=J$}$B=3~@2vkyI5>k0<bK*?+LsS3sheLC#-}lqUa>{%vYd&$4(6vUWR<i`SUo
z&$X&a8Q-j-LgP-yOvFnWJ*Q)4j>6Y(IA?h^F{h$?Y?T4~4ey45Nlm+<d3l+_^ZR)8
zmwaIo<=}-+;O5v$3)ZptRi^&vI-I6%(DC1}`Q>4o&zS+#)>`VN&w`pxri+#D@6X@@
z(SJVSGr4r{ub2PrZ1wi``n=hDyVq}j_QuZ{zxJ0Qqic^3WaYb@-wO=+BZRM&{~<A-
zn-Kii-APh?L&3c7x^3*ZOIZCjS{>m*Z#0Yx*^{Q!dTu#LJ>01<n2a(Pn<+{;Lj;V>
zT^9CU<j5ox?M!MIT2^oPTBFX>;ArW<_K6_z7z01e`v4BOAH00iJD=^Vl{Y)@K7^2;
zm4Ew1#CFcb9^pX`W#cw#fC|b*KC46l_hmiTW?I;+>N-9=)^J=^Jw5bCuPJvgP5f_^
zlmp9P9Z6141RoSq8Mtp6bR41c+@Mt%<x>+Ry{W4)#^wvUH5T$8GjweJ(>fKbzVyIG
z4W9Djc*gO5PEnUZwu1v@I9sF^tCC9|?rsqigUIDSzewC9>Sp9Za;N`ls>q#1M~p2O
z`T>1;unI*$n)8uA8qU=<Xt*t|+*+sHncpbI<9)1fQFFpRdBVS(379{#3bCJ82hE$$
z@iw?!`^*U<SzRhz8MFKwg@8iTy^YB!oKz(zXh&9Zf&+qx+^Cqu)LY8lZgk&IfnEX9
z2@^QvcgjEDC6{HKr2!Gnf~Aq;B@L_yY|(#zna*efI)1>IRw6V7InoMp6zNIM-4m2<
zt&TS-F&N_H^Ic;%_3XmG<|U%2-MS&nyoS}{rc@fpn0GO->|u*B<bRE{%%-_MW5zdH
zaktiNyLqAP*evt7&al~I4?n{C9dq{iovq?(CT)<P)i(cX%Gy8@T2jryROUAO*FZ!o
zSD88-*)mj5^KJx=$b)bED4DbBA>z$5>o8(+0BBaJolH*3sp`4eOfEfhQ1adL@0{L0
zlo3#zwCeVsub|o;nsFE7ZPkkC@Mg!)yMOl6g)twgvILs>_q}ughp!A{GOBiR8w|ZE
z&g%~>O`^2c*3jPp0L}p~ALu7b^Q%=<6ymc=4@-5DehsWU?V(V6HBjv3v@NbA<#mah
zk%V-8ylI=r`l-3xoN<S{9!3AQ&?mj5W*Mwzk%TXer0zOrCg|A*kDqjhk3xlGiiZ`$
zHfhHdaH<oQq^5g%!4j{y6G4l%cRTj|dolWWWZa>Q80A@M3(>FAmcJ_T_f{oSX7<|6
zMyF+ue*#sOe&u`rqoeo~#iAi-=y|gzYC*W|U#ffZzdCXT-umbHz9TJxRi~UhGG>s_
zc3<z%T>gu`Z&orP@)l?kK#COWdx2+4M}v+<x=HQ8>r+DF;qff*t<agTqODS#RXB|O
z`BEoCZ9E*o6Vjo_qpLm0y>}f>_=&U9&rkL-jt9vGif(1LeZRgwzVmN$cSk;d@F&Vg
zatS)f5ZgEBWu6?WoR{SzvNJ<!bdH1xSx548W<*cFWF83{c>);j4Amb%1>0f(h<<Kk
z1`=BxxZ`)kB4H#1cBr_shLFjOU^XuJuQiSKF0uu1a!XT@IWQA7;yq?J-!*4Qlr#p$
z?fu5MZ$Dr?^a5C~K``14_6NO%ZM|wP2l@X(85WNIEbeQnE=bi_9!5_0Kuy^4FlxSN
zxEZ?In;JvlCA{gkIz+-{{McF(@*hr=L=W5U^_;?W!(RBJobA@~WF2HN;!g$f9x<IO
zWOY#bIxPN8H+(4W5cWPl)bcw4ZB1@pcDPS3uS{3{PaN#~S3bXDCMvzFEld1LUg1=~
zVY$uYdcTh%2GI{&^f)RP-P%APN-|-F{W-Fcx~1%<?~K&65}NsSY1nJU!>>tD3M5RO
zr!+gGYKKoIG^|A(Ebx5Gj%^!GYjQr_=O+akEu}9$VDYOclLY8NPyVd)T-7$94+P*R
zgKXz@VPIa^#uGdMkf;0>R0*0vcM4IyRvqbVgjoN+7n9zXj?~cp32VsHEo9hMOAoL+
zdQ_ahp}xf)5-6U$&NNV{<4-U*Mnz6axdY6Sp<N<ASCl-(vifSb^?`5Lu?aZKV(tlH
z=Ld?8$l`Ja(%cx=Fnl|?eyqG+vUU{bf$Qin+mb+k52m0ZE`62>AgignJVv*LZEtc)
zSS58r-EDHr8ku&E1Q8$~+n{-WFF!eCkh<&ucG<-%Hj~8Zp`mKZH`Pwu4=jgt1>)MZ
zIIDb#AVVxNk*AmVziqp1-Qm^rDEL8-#q9K|I_hu0^jtDIf^9P)c*o8vG6h6<Ed2^r
zc_3>;+Z)L5G}}e3ASN@QjxVMmN<o;#Eb`J=3iS8;c(#k=Kb1{OX>5;fMzyBXXzHya
z+AxYn$6cA695c(M=1BT_S4rULAtO*Xc8t<w|2CBBNI~o{%S|;gymkKK&WyHv7HCp9
zLA!h4XkDb1^KT3*No&ZCje}$U<X*z($L(j8$@S$If$E5LKy@77TkzKd&zHN9L4^W|
zC-EnON>Nj$ncjIrnkYng2(xviN4<vBR@uv9O4w=|Q<hf<Bo&C%OI(jxoJ$sw=j$$X
zJ$4Krnvty>Nn~FPWGqQckvsn#4RnB`Zs;Wfa4cWZGg4kdQQk*wO2CmO{!K`<Cvh}p
zwiZEquwp}Fsep5*k%qr*f))EKURvn|ekCj*I;ihHD6bKZmnhdj8Z(Y58TO$Cj42M$
zTZ{dC^8c_uP&^%tMq#7a0y5(Ii(Ipe758|j9UL^)NtC1mqAzh-LvV`YU|3a8qrOig
zEwHVWo0|53J=|bgP_8!W5&wgXM2<S|PJXfGyj6Qz$e_sbHpvqEUBQrDI!OcV^v@%B
zkIr-$s+~$*9cY=Xml)uj!pSrw9OUaCgP*?}00F)ArKQLBXz3mNK{p%t9HLFO!9Xts
zF36$@850_tpDW!rjo`o^KPJQ4ErjxfOhT?h$~!b7O?s)K;g6qrH0E9maex|4?ALQt
zvoz5JnAwP#jUD&(e)NMYwZ)1EH;Y0*w<n@Rrg8XaM=cev5^rI!7HrGKn+;Lb*^A=-
zJ%cGSTGWfH{L5pHP&W>>`|5O+BFC6Wq7os-c%1AP@$T34g86|4T?A7gc}+x<6cV>O
zYe5gX*SAm#noI6M<#j4u(UOQVQkS-tH3}iz3mX2Kg*2JC8xs4^#qCRF6l7)dTIC>c
z=I8R-&^E-+Cxk*CXQ#O?4Hz&wjc<mUHOBAYa>`Uf|Jh`g(JWG3`WNmyCb}kQ2)1%a
zk8vo~l<XL!`lE$!DD{0e1oo{8T6L2H84?@VVE@<tM|+WDu!0)IDReK%bR-{_L!90G
zhP?;I3*;7?ol>%Y!drjlJ2Vsn+kS@-C+u=t--Wu-3Sl55%(pEx;MQ0FtW?~pk&RQe
z&ItRuFgyg5Ik2&uF4&_}u4~Mg)gTBJ+>GHcb=g0qbL3<By?9|UUxjR#`u94&k1I)+
zTF0Fppp+<pQi7(>C2+d{VX7;k=7Y+fAZz@b(`nq?#MQHA1!{R1C}>zs+aRgKpZ};s
zIz1|Wf#izDr8Porw>RG`c_qQo(J<|oX<3KOrH51>QeD;?WJF&s5=&dQ>?SO^$>-$S
zPYzdv>uI4X2Oug)=%UkK!u1)4MV1nUw1<0RJl1fNiRyr3b_QotiwQ>rKOl7?TVelG
z9%zb2=RiGMOSp<D7nlQ~4gJFgLF%z~5_U*rUrw~n3l)f~B~Dut!MG#t5@S00$9~=J
zVjR@U<KhyD>%-6iez3q4_?@V@dJe~{8b@>wqnv(3vg$$#!_grnfH*>G7j5k(wOc=+
z?)9_?)N=kUMiY(na_Ku5G=U`tn8pUaEq4fnSUir0+O)8TvK(b)DCFnScPq+)#+=F_
zz|h8z%)Degmz#Hu+Zv&qPIK0{l$iK$^DOO01o%NZ1@Fty@|0<f35VQb>#WZ2rYCio
z1qrIj@LLxokr9n(qgo--b5Cnb*Roc(+-DE`k~3)8qO=Qiu<s-B{B?3F?FomVgA0a&
zx*)FG&OKbPfoZ6SYi_3BL#4jK3<iG)dnTVmk3|lB7nmDyVv1!f8$@4qL{FJyS!ttJ
zOxoLTxd?KgnXY+&le>>A=9+O`SHHp_t48nOSkyMVq|6q?Wm*r56PVLdFLE=RQ=k6E
zIDkjK2oU})#8efF(a56CnOlv3tq;QJmE*w~>FP=F0_+}#KDz#eP64DAf|5%T(!KCt
zVO6D!N6cE!P7<76Cl6Q@OB0M`E`thEdcpJs8{gmLk8%?7slV@fmzt>HYAY;t_pz`&
zH*GM~P@Uz_y%>G>I^1MZaW2~ik}9h8Z-SGJRxTJ1jdaa&!gl^p?W3xXzr_J)vNOI5
z$w?2@NE)$pA9pgkVLg)9tN{*IBoiGXI$$jZ*&RpgRzb_DdMw@~f2hwaOlWaA<8P?>
zO6oB70gfR{)-`1fLmo2i!30c0Cdl-NpWh_j$rJ|0fycAACTe3)LSRERBQ%X@hyg0{
zB(9q5^}<372{GJ^s=&^F?wIIzR?|_72oXea{IXBPgyCf5{W&&5VF`UHkIsayid_1K
zcsdF}sv_qg0o&1$EE5Wa9vXKFFUAS%O12KBbXAlW4}sJ%-e#rx6Mes>`r8==wk1{b
z1~5<z-yWYf0no)GX#fHJM1Nv?43SoBlsPxIceT7bk(F%rD8-6lX&&y5bxSxYLLihE
z8M#9!phA;cQ;5<lY=sSy+oOA4oMMBme)*svIgD_xVw*@dK2sEXctOj2E|@HB6B%V*
zH}h6O9bv`D-X=&>m$yR5LAX{aX2TPcN=?Vptb#k+M9n+RLz6sU!kqPJK%e_>Z$VVI
zyGV%~hmLr$!jG2#va)pvTJFfzp!9XfteiDH8F|Nki3psQ5=0f>I{i*uBlF>?#)V8K
zS^dSQZ*l8OLuM5epfybIqXyXJ?XYRI%D^_GHpW3%gFYG5zp3=P&9dBS-IoEZ7uTZS
z@EF3hR16X_eZeq|t1gkhCuqEs^HGvNa0_OpOjW=*zW#VCfd%)Z5YKrOn)u=1DN55q
z!oRHEHiPVSSh~iCndm?xv$ABDtq1ZK;BeLx2qFa`vu+kdGxi^4X!dYU--B=tgD*MW
zl(HcjVZO^z8}PvCp*`=GG80HrF3)gZK{0~4#5n}Oh}dMy+o&UXOthN)PS1<+f@~8Q
z6r7@Fu_QEZi{<0LBbHF6!oF(_TBX$;MvSf+S63ZqsqQYW1FCK<ti}pUh@AD_g<>pY
zCFE3syBguCRm`6Y@L2?LDx=YDr3O)|T;t35CvD4!^>N;su8Bi0;;7PL`kSd|cj}4#
zd9z>F|3FP^Bj!AKLpPWd@s$|EtUw-_S(Af+xUbZi9!-{ZN-<;vRfuu<Bcfz&TCkJ$
zH}x$o=cljNs@#ZHa&wscG0qP%C@&N#C|K@V8j^f2F=#VvV=bZMNDCUcEu^D3s>B^{
z0g*U4Go0wfvLYUpttuKFYE0q>m$U6C)wB~u(59tx!!gJ%lAAtR&W=YwsE0#;VKA4i
z17|E@9HEop%Jl1=&zKyl5(c|XSiv%F0qagEZZVR50_3wc_pGrarU{QyIA$B`1;8EP
z8c_=xiHsMoG{()DT1<n_?0jm4N`(9nv5wFcsM$wRHDmzuCppf=pAZ0YXWl`rNJ>G4
z9q)l!xZhArkX_~$7C1}O9Ru9`tR`BQRZh%r^Kee1J0W`<%X88oDX__;0csykaG`<f
zM@Lv>!*%+^Xa{TEMaJz_UOS^x?;&sz(sZ%59J1K4Xhnmy(9mgcyzo{LJFLJ9BJP&1
zPO<|$@bFKvzYP$3viq=)ttZ`IzBRV+<p`NEqs_8q4j@UQr)+SOHo{Y$b^}e6gyS!X
z6PO6`;<M>4=#?3=e>ETO=9A_!bqXwhq}BxXcP9Hu@pGoz$I0J@WZuuEb^eOE&&??q
zmDq6`ccc(}e3N`+wdD*+T~X9}eN$nU#6=LQopULgH{a)y^%sYSeCgI4`w_wOXczwZ
z+;gu!*#&!hj-z;#av0yq7veir2d_lKXi@Ts>WX*QN!>J<+E1mwET7n2?0^AEZ-5Lp
zdTF(Fzw9mZF)QCIE9BH~42HKL*qqi5pN9TiUP8_>tt7$?V}QY;MHaM&U39K)1;mRk
zV#-K+2;zAK{C<qvQr`D`e6Y9N;XYaW-<;iDzZ<gK`5VgD320u~*w{yS^kg+q;2DP3
z;q&YA&9_;x7!b!jzh4jr^bp0*53Z!e_cT7}JB15|mG;fsv}0R5CK)Vh0&<<6FRXDX
z6oCM(g~2#zdEskp#*6=caxQn00VwMlmBVT&#}1;kC`1}INW)=ZV7zmKHS2kJ>ka<2
z5R}I=k9FI=Iqh(BT_&gJYW!XqdsVpewdh}<60?YM(4#gnF*LVF(ynNdlwoC&*Nja_
z&`T06XNfigYHJ8syI*aMjlJs<#m0_}L1+`l#**8h7QFiXLAAU!umxD&K*YjbaBwIk
zKXJ+g3Atc{)_)akVhtWus-m!_#gtInAyNXNGzq-RZQE&or~ztb%J5>dmC?p~sc?nI
z6SOsPWB(vhlL||0okcE*8~O#eEf)R(MU%$l#{F7T()1Jtnwgtony!oIKF)r``4Fd8
z(S#o!t{Ng-Q2Q!vI@6|Q9)|p)Z9#=XoWec4q!XUKO;Nq<&_&Ykil%#SuS3X@4AWva
z$u4wr9in-FV`s_P;NJ8#n`{>0qh1C{n~0aUWtzzSY2j=dtOb!4nRZT-_cjg@ugb;H
zF8e|w*L*Qv4OtGFmVf6=$mQFXw1m05!$|pzAGw1aShqMui%#p5*0=%5e959JWX^2E
zR<ba14)&;fgi98@B)rh72MbU-nrL>_)>)i~Z8ZA(B>}pYmsi1d&2YDNcu4fplgIUd
zyDGk$&R%+)HyQ050qNcrq*S55zpe&pD{l0O$O93_|CV%U^2j_M-krVXAZQ@b(?}Hm
zureAca2mv5xlD-aSX$;sf`i~(J~oRl0Jw@LRIW0P{6+vz^HM*e*1A*Ez{RD5jfah1
zZ_9XCB_zEaPX`tg-}rXWi`S4wMsSpk3EW$`#F7H%Ma~;$xdwK=pefgustS!h<X6y;
zeht;M1YK5<Lii?!5a}t{2FA`2aZyA7pgeUdNDfa&(UH74a9b&9Jwr9zu@IH3?cv5*
zechiCB0AZ6N&oO%*v{}43pG|uwrJL8&8F@4C`i3g)=%-Dv$JaIe@H0QGP;dIVY_12
zv5e*IjJc|_#L8IhU){vzrXH-|(&ie90@KEah^>K2+K|aC*c|iJgAB>JfmStO{E*Tf
z!d>r0{}1Q{IHM$mlOcT<vDazIhdgR3)x)=FR|c<Lo+Ee6*KbiGK6bep$EIhLir3>O
z^A|%s#XzQC&Xud!SSCSbAjK5VFmU=VXMgbct)q5(vLVM`4ROoo+jkKq9TS$zv_*tj
zf_cjvgAVvfG9>J!MlG%F8Uw^(CWzGn1DsRPF9iE=MfvY6HRb^SV&lXfW5VOh_ga>}
zlu@t<l@WA%Y7-Eoa-47%;;q!8?e|Y?3X{Ya05M|rWwO2lF0wt&iJdT?4NFUJrL(ys
z(nK!WThZA-<w{xTL9@`R8_Y2>cEmx~pMla%mAtVEXg?V7MxoODMW^%SPK6(J<e8_>
z9co}7v6!K-749rVMNR9G=6KU*I<2F2`^fJ^3K;v@6Oex@%SZ8Aj`+I1;NtY=CV=cr
z28{WrE=fw}evPu6MyGnOf0N*1!*}K$*p|2RJamkX?vUTP5a+_>^oGNG`feed1h&DN
z8^)oP!o3H@OoU_S`Y4MWE^B(733xEiNL0|c5=&`J`JAMqn^o6_v*+ALZ{<VHmpBWU
zAUKtCzyV4uV#lDTPJyd|OT;OnYu3Us^pZLuQF@R%L8ay^wLeF4`0u@lzJ!n~U63=2
znN6WlE@KirhZ-c)qS@{UFK0Jc4bBc<VIt!*D2-0ofl$UGb12OQ6+)@_8NV|Fe<vV_
zInVzW;<*pBFw#ax>=5VPj_orG8eh!d#tiu>|M8ueuUBk&x|NR&dN<-iFfl1InwXSa
z?i~9#gJECr#f1C{WX}{Mn|07D)xIu6u<zt6bi?q26Zd<+JoARS47pJsaM1^DN?Z}0
zzVR2k$dH@=y5G7TF<bKAq*0lX^a!5)EKayZQ-&c}c6V%xl<&?FHTNndDv_mx>2P$8
zc#HO~#N#~v<~yJAOG5c5kwi%m>y8~kuY$bZFuc!i_1)nxt{*?WpKU7mIFUNaMRCD?
zah|5?eM^;RQ|q#*G*s2xd>heO5y7nByFcEEMY?xqbU0%dwE(fxU&~#Hi@sO!$LN`w
ztjgz>H4sgvqCytJ#x!m1ihGTeuijd)2B?+Y+)%fV5gfgk&L(t3*0+&Tk($TG0_hdX
zCU&c)$g&;6dzk8Gm~iaQ15f&Cca8)T{PMXRf!ai;nPdT<H9cthroHd{gMFz-8c;ZA
zTiIjS(OY9CJn-BC?H_B6yxucysokD~9n8}o(ZFh3egnn$k+s<`STuu(SXTd%sZr^<
z;^JP^Je^|GsI1E4i^^erQpMKfI_*yHs()ak-$<@GPOTf_aNEvTznd||o%fjCAWXCb
z(+yco1fnPZZSlkDV73ZX)1Z1a*U;N-p4e=9P04BiB%s5GzRPQWb>nK#urlAvj&5R0
z{Flag6Ehr>4t}~l1{o+x1V&aTPX7;!qm$J?+|jSPj-{WXaI8(Gf`_AF*TAuqEhJD$
zTl+P>V?Xe<hztof*2xZTD_|f+qAls(G#IK9h;W6d-td3G-&EflS51=_>vn=ds|O1H
zKkSXCsJ6j_mCqZx^^cWu2>qPzR^MO`WO&{^tdFf2BPO?T5&w(cRMx%Q$b@^VdiY-_
zd+lhorZZ}zhwtG(ji_Tz!$RU=Vj`tvcX(M~+j#O``Z~~h6I{|w(`?RkGu1n-x~5gf
zFHUhs6F0)`gGdvvgMBgEJvsK^hgk>}Ivreu4Q9o19N8;0{(r%n4LSRWm{|FpbKu>^
zuocp1Ztl5`%w*Px=4%?Qb<V%Eg(;Op?a?i(pcM(|rO@L0lmYzUis>tBz*C7#$)KVH
zXBCC;(ZgM*tRz(5uF_Xl$V0H0soFEF3OZ;i%d73GwOBOvK9QNV%n@MSk!xy#F01R7
z`rfFIFs#rJN|#x_l66MEx1uWRjSky9JJ)z25z=_)Y;9fkWB>k}A%gbpbLYvdL`b6c
zYE~|e_-vm97vl423Lh<pE`OHKi)PHp@`8$GPtTJ1%w3Guaj)4I=BNBz0q4u4i{u=m
z7sebNo4fAfc)xt4XNoa)kn}^Q!<e*MX<8(k{5p*zU6XdE30kbDgq#k-{3x}&N`{vG
z;HSJN2^mll)mNLNDI0>iK@ILgkDa<a%+iC_q%|dqPZ{EO2%Mq%ObT8~^A~M{J}90{
z#fhLTzGan4vtyMjO{@N%*?8Raky-6`<KtKAay+Rc%dUo&)3Ug2x-=kv5l>~Sevniu
zO)KB8A%M;*PB}B?BTP#e?u;zUT>cw>2FFOw>l{8&Z$k1SDJH#;DP0Lkn}+L$dTP~6
z*;D}?uiB?3Gvv{Je@`zZKXkKx;M`}5`x&tC9zw6Fd;G(Yfh?4r<WA*baGv_4{|V*k
z?$saW_2K#Y^?AT&xi1pVoAMFTzP{(T|Ii-N-<%SQN=ki(jgI?o?a?s^=6IxNCcvK^
z8$wd}?s@A+;R%1Y2WWqdb=BuGaZ>&L*4MQ_=ud>k;7V!ld0f|G3&QvEkF-Q<VtBdL
z)62VmYq#lu`P@=3tSjs(hJ)8ntoYf5D))NiIV5!~zxIN9;(Pqp>$njNd6Swj4{DQq
z{w@HTX7cFn%zIl=_DH)mX4bb6nyk&Q`Zpid)M441rHI??heRf-9Y?mT+)qL8zze8g
znB3H5%JPyqT@7bj5k_2C%+=*hwr0pL6KI{1W_lKStui|s9TsOD@Ai_)W-SFNpRfd<
zTNY`)M~t4gq(>EV%BXEra}Z!hJ8pwo8cx}i&Fy?=6O?`@ycVIvPz;x~Y3n^3nV1Z^
zJB4x%XwuA_8l>42`@f6PKt4IW?y`;aef4A;`pIh{_INV*g<|WwmXt?I7|e^?`leWf
z^t&z$etcZ{K@<w0^O%eO5{K+2g7Ei|p~g1@kQknIMB~pk{l6g^P_u-freH<O${P&V
zne?XNq2hT4dt5lBgDZE8K^NY0AnIyIJe#~d{VZuE8>)rH^-{^a9D&N)(NcMG(s+bQ
z7v|HUNS3)1u3*~kr}~=zlG8W&sn4aW7U##EkHKvP+t00^Cq|co_+c?77g6m|6A_+J
zBGS0!H}di6J{1Za8L~#9GA&<;&;uAWN$<e_G+K3yCl!k5OwEq++}(>tPEt#k#IPi~
ziu6{9LLrgNn^^qwTc{(9purS0OC1xsnH!4nsr*%Ing&loXOy8(OJ_Kdb5+&C`JhW4
zd%OmXrSK>hwvfLFwkcvrW64>aYeQrqvt8h`g=5TGE>2@PGeS2fQ->qLpQzKki(xz!
zK>pbQj*hLP+bie|i2l499X1@HZTh|v@XXZzpp&7EMll4Jojmdsid5!iK0@0W4sExH
z_9O2c-e%#%9f3WaKw=r=sLQ|;egHbs5Sz1NSYZymaAU*HtPvYU#cK&&>?NG-nC!EU
z?nfUzfpHs7thI(%)2JgG6LK@Ba`XD<7LtMBMvD82ty!LMfedTp+v*&LqJrQ@y?>6s
zfNy_lWxr|L34<V0_DSmGPx&wYu>R@bth`p5?9Lr5k)u<_Lq8<1%9j;R`q*p#KEpnq
z%0buZ6llj4Yg}D3gs&;<Wn0EGk(|%8c>ily+Bf$UhI;R0<n}0glS02rELq>n=nj68
zPHvlxGj^S+LoaKy$fH-NEIL$rdL2Cr*O1R^3)Hw|JPlL8Xx@KQP9Vba>(V>jl<%nZ
zn4H>Qee;6lk1Y(RXQLbv=KJisSP-pqB?2|oYA1={F2?8_fFM(vAz_@6T)#GSM?4J;
z>wwFs&B20>923%3591K-qKHM9hVeazj>EK6#tzdu4+B6KBsK&8D{qt;$@rF@<N4cF
z77E+0xvvDyMfmQNaPC*7#mQ2Xjn^rb)^`7G=ui}C{UL*Y<C#~YFi204e5}QkgP~z_
z@%1jY={R%e{2lS#9KM$4Pozoj4+(R-Lz)5D@Gz5I5?$(`aSDzMWOApYa-%2;V^LKw
z?y+<{6ADxdsYF)^heO2P@83<m!DDgbe$A*R=*i%pV=c|nEDvQai_i5D_4B{GeB5<E
z+0O~$zrQ@TX`v#&^S^$qwtr@5$&Jfa+*Bx)EA#leJ>J}%-E4fl&{u=q$x0-)b|v&8
z%NJO*@1)gI<XyrsvY8Z|cwvy;Uv-|dX$x^>?s?`;xjEZW>#LnFs=LbSx)LVLM$A7x
zXjv_b7Ig3PKdFE2SzJ!s<q3s7o@px`W&?{AtWvrC)K@F&%(69%64}u!MoL|<DAt*g
zNR~vsj&KiyJk#tWHErJhot@q@+6!hnufWL~(DVe_*+ucYgpr;XeUT-RN3_zb?Z4qB
zoo!%-9_)`?P7Ei~^CeteZ+`e4eEW$|OzYvtmU=M?l-<sneAeEk3e{S7)r9B0oxR(P
zjnq5GV%Sn(wC)8hxb#2I^%SA;r2vGQ(bE;G$gPq+dncu)qHESGc?ERHpIpisRY1<o
zMN)@)8e(=zSk=uVBUDZ<gH=<P@tK7UYpXQimb7ciY9%!`hK<dt=a$((P0mo6JjnVx
zC?`DKC7ldlr-j>Bs-|ZPmo<zhqKeY|&Iuv9+*T&{8QgR{RHGaGa02s>uJw~v>>%ZI
zr}C!1+uPgw`QJ|N@UYkClfZwdnk*hUQxXVkzs1U>SJ+Q_eB=DK@C<&+&ws)GvI;kX
zYV#M9Klf)v4G=KuLHn&CNY<!-bwqwu6+@LHp71~^3h;57Bj>XD>yf#s!2FTkF!e$_
zk{N<m)g1g<X{&T8Y8t>I{84Rs_&&1zNO#%Z+&wb-|HHF>d6svcsBh&%pYQ<RYV>v5
zh~;chv$A+Wp4455_{*lU^RJmYV#~U&TbpV8A99Y4@@p6LJ7@ZiuzEM}&$kIp|7B-1
zI<o!HN}WUcW&oWUQ6favyE<;1ewq3fgK5;t*5-xJCMzPjXV#q&t&803{yxGVy*Nb(
zWjI9fGM3f_@}y>~6YH3`cQPe*^~jB^PPXQtOVhCaBx4yvF}5<~hwjs*Mp#U=&L9P~
zVD<VYl?iU=_G<k;**!t(z{BoTp)V5X0{?i<AOGs|diCG6fWTDl=XhBmEg=MTNhNJ)
z@Y!ZF0WJU@&{x}&qYOuGfy$}6$h;l6RymHXP3^zf&HKf}FI})E@uls~`!5m-P1<>>
z!bfmDsb)pU!Sgl?HNzUpujF6`R=WwMbrI8Ix8ItOPP*R9?I{2Djip04x=p>AxQip1
zLa1xF#(5SZw{M^Cv0tka&O9$QExQ1r#|a<aQd<!;SKj6k4g<`6+uh9Y>ivVJY@?py
zCa?^gwd@LKGCoiwg3q^Ya5h<&9?$xEj$KV1#GoY0$ojRBVzi=7bW(*x^apqm;xb6o
zcAm84SUAOJQS${^r<vfW_7PoWheF88vjla=TrzQdmh)jg>4H9mc=j{cjxev~DV-=i
z!OM616<&$sKat&dT|dgdj&oAv>=6rPir-q!RJ}4o#<N=ZElH-<G@CnK8ft3km!V@i
zz*i1fJ0w}1`@=lIq!mX+tKpwpn=<Cm7<`J+tV}KJmbiF4DO(X(WxRaJnlUFOI8D5;
zhI<cKo*$rJ?76#G#5>T~&sDj9Pxeh<Oq^_-;yfQSCpKxXWENT`ztu$xt+J$){1!1x
z_w;#@&`X3(=Y)p9%N0^^AxkIbk!CD?uV5$*P4_BMB-Ll|p2|WJ<!rS_Ny)1F*c`T?
zekN*CItw8GGNcRiQ$D>PKIVFTu0%fOn(O<GaKESCZhk<qnwmYm>xL5eC;DOixHOrQ
zTq!3>9M?1iKUNtkXe8-Fa~}p)34h@~EkJby9ar&(iS@{yo3BaM)Z#YS%HgQ#vKF+o
zT$FF`^9O>jFYVzYM4n$-xallMS?%Zhme0rB?1xdg!RME8E=0){CrxJ8hCWQ21K&Gx
zx2Lg!%A4*Xl(Ch-`NZNlK`3e?<wJDyK>x;Lz_ca-xN*GH2f!wA`27srSQ7%riJ*1m
z6qPCx(*xkWhtunB(#k`4BqxW6d;{JAx{dm|c?F}b#BlLWvFqf8{domM>wt}6{D1ec
z-e|||*LwZM>HlfIGvT-V6FjHwhS#wY=f8A_gaKcV1#)yF<1t<m_Sy6_8~{GECAJH0
z_WyH4=fwA9GdkVMZm%&42fR}{?uY&9glrePiTG$XGGq?#DtXwA_70o7y!gETvyg4L
z^PANDii4v5GdFnlO2O{^tKPTuqd$F4V$bPX;y`K(uIe7oe4oSr;ST7Eb8G*l3Kjlu
zb9%r>)g884M0fwnTEaLiiOHLheN(cwUIVL;jLTt0w#qYe=xB;fh|5{LL+RSB_(ow@
zIjrxHmm^V&`|KbhVdeW8V&{N0^~CC=W-HWH*H@tjhE?!357&ITaM(yRvCuWQXkZUo
zj=RdG>~L?%O~U{T9zh`^xw*a-XUM}Qyz5O_7o-bqyMIueV&YHKM;vv(xqBz4KY?uM
z!43%}Iq?n@iQg^8CCPj3bIzuk9+1|)o*`4W3KnMQA0qyj-_QZ476~+Q1#tPdEBfXe
zMAI%x4~)`ZaAchlu?d4y&uD%lGjcWK%(oQnNKFmyAxsPgOOIV5GtZO7ICEgKNM3{B
z<)?HPHvZW=@9OQ7MJ-%GvA$yJ_5Fv)mJkx>Z*J;CT`41+QZW}d<Ueg&ZM;x449SFm
z*M+P!>ROtQ=qUxXGURI(;?NE~bu>z7sAz`e%(7@4EnPo=;JrK#jnbH$(3cXbC0<UP
z*(B!1Oa|~^I+X7s^`W+FAw%rh0@7&TkEUGRVu~iOaXFAH%(Aqct&gOwb`?h(-=;^`
zN*p9JJ3fn~I8lO}<hv`!hjmULo|{rtPof*=4>AAVbg(PaDEOElNYfc{;(iHO&R(Pf
z?9cwc8r>g1s~5PU9Wm~H8Yp@6#P;PV0jZOrbH@*$sFl~JSr}ZkrV0Z^hca5#dNgTE
z>{NZNWQMI}vE}(izF{N+dO>v=pd51OuW;`AQsN+jWO}AzB))wi8n`GWL*e>o6rm#o
zV{JPg7VpPXT6*$R5W1JRU2#aFl*jnj?wqSJgPkPug$)-DXE}s7l?=*L8xr)dXi=>f
z?1?zPaJQ~|m!kS-tQ5r>K;kfpRMfu)VN6+s;d1QrRq(U@hVp)Y6b3i>DjFCoSm=&(
zpuEjLb#tSoNxC={A?_B7GZdrzGdPplMV#q4%o6uPm4(G1;N@RbbMl221FBDu7>xMC
zmh^ioo@dpor5yT9?^nx!ty=nwiWw#Zw@=TY16I>sP<B#P6+(-2ozwvLBp&u2@!*%P
z9;fIq03LjGh?OsCKv#G37|F8hzn3b_5f!-@eM$~T%#6a!>PqFMy^jdx{3;FEekwvB
zVisf*MA5MZZPrT-hkWSLvo`w`Iwr0)w%g27&(Ol<W8)@ZH*z^LwC;dWZAcUrtQUd@
zZ;XeF$>R0Vjh-!7C)h>dDA||&WHG{6Z6`tccMq|^WX14P%_FxRO7rmBUtex_nX>e8
zRBEvz;GMMKh@YVTJG?&}!~(>8@e>NBw8&5ElV&WyOC2lK;EA+B1VN{YH67__Lsdy@
zDU(RN!{FWzO2s27ham|co^G<SynGzoUhC|*PD1?NKQ)YTit*oI4slbTRD^b!?tiX-
zvtUNn!|#-<h%{Menbt1+rScE5Au5s<U=*TeR0rIXVL@|Fq-NJ4+?(`s5P|el52m)m
zgZUPNu*Uh1vsHJYLzuD(+$DG$^;nD$pG%VS^baQ=yl;>lE@#Drpw!3Cv|sQyAg-fc
z0UqQJ-JORjChK^iAc#P_$Y?t<pKoM8FPJzw)#>-ME{Q_}zcoj%siq0{=uzmKG~zG{
zM+C3{Z)MH}C-sc|&p#F{&lIVX_Avf@{XDx+^=URe>mn9W2GB_{4ZDQw=R?i(r8N9g
z+L7f=AMm(Mn;X0MG%miK??va=|H51&t<6*Pt_2+L7d?dWz~R&FWBiYJPl~6mW!^8x
zriqAO7p6I+zGN`ikfvHVhN=3ayMWY=u(N9?2~s(>r<uAe0!2wmKdsIRNx&2mri3J@
z9r6R{Ov_6yz8R9y35H8ECK?uS1K>ux$a-87Vu8czz&O!}zkn|jnhm6bU~hvWd(|+5
zG$L^<BhloKKtQS~!qgZ^zXtJ0H0?jO+qAoyCh8FIbcrDe05=0}EHi`};un6MAol)>
zDRhWh!rCYO<w_RC#U&$zDn{l2clmG9mO*IM*F_ni;|e}T8wq%{Vgd_BX2S!kwvB7U
z9|AA>iO5HDOx#0Nmb@$y^y$>lg1)OYtF{NbXWJ?_H-Xgk&yUtqgLqc28AnoPOcLBO
zbK@2nS(tv_??-SM`jnQ`Eq>8uW~X11^QxTEc%^jc)kA{Vh*qRA-Ozt+<)>1%=bZbO
zykhgnnZi^{tPsEbpM;temAX<+i8ro5B~4-c=S>GBu<ys;MxOAoZTA-Ygn{*LC<aHb
zB+ewaeWw{~h-1p+Y-@$SwInVXrJ1SX7mXXbo^i+u5E<^d2xbod@&6_DpMHpb`?dcJ
zi9=(jU($36D%H7F9><=Ve3+eHpY-;S=m-$=B|`Z(A4Lt4pq;^(J+T%G(G-p{pvXlu
z);Eyqg>|?SdFAndn2eZIN|aU^m+eJ@4521t-f#MS?=02nd*ql|t|G-u?k21>X%JAC
zzvlN*=A<w_hr#r>cafPomahCv-w-FuXWbU4k>a9&_0Gh^?_`Hv$*p=Fok&?_cm<ZU
zzii2DWUPOJ7oyinZJ4qu`5Y5bot5rKTt;TJQp}X8f42$bMR-NixQuYTD3;<9(+g?d
z&FU~-wFaEaFl6>7Jf_??H)6(S|NMtRsG<pf6Tvlf#;&2NWyDvyF^G)4#~h9o<`4cg
znv(MSA%e5TGc(P>H)1d&4dYZTIB22DvV^YctW{!Spww7SdS$fUTX$6CGn={i8Po{M
z&%9D^)OgXPBtwP&1&Kg*zcwI4NMB0(Igh$0oG$VWEhoV#A$1X-wqjz<F%u_Vl{*u?
zmt>4o8eEvmsRw;LpGxDMS*X|ZF2Ctl`DQ1Y=_xZ<01-x>aGtD=3pzYW;Dw3vu4Hdx
zh83dXn9k1L>(kxH84~Am$~2d0=!E&1?jT7-pTZpn2V5XP)T@*$pc6eqYZ`(ayj|!b
zlWm$;>T%FXLyvG&?~kR&%pr{7Xe_hmK@v-DhX?4bOnIlO1?#XkHo>c{9aJE=pjIfx
z?Ys&UDy_US)SS&Rsy$1*s}jIuvzc<>t{nJYP{rLlAyOtAt)fvUHGM!5(`=)aoWyIv
z%WMKoPHZlvrnp}t#0*+e2B|*Ru3U{Uvth;9=uDWUF6ny#$Lwk0GE@^0?25f|SOjWs
zLuQH8K-)0emtX`hUnL0m%9gF!r5wv$cEFkS_aT7|7eg#5FUZV3fC@2Hb_Xy>EB#ZR
zlal(JpG?YS)PuNvHGWcrfIO2TPJ5taHMqPX721#<>MGl22R-sqY@UipI29%9X}3)-
zkv|`sIW8Z;5fO(OZqUV--*U_=-Wz6mkqq)db{l@E&4JhhFs2kQodhn4eDKnkj-wOm
z<{bBe7XUg(IKTrTw#_ECss_B|+A{4+PewfgTc6;c<rEn-4>8+Do}PISqbL-N`C7s2
zm91fhMOEagDPY>w-BH(zsqX0O#vmi1^xpYG3Tg{T&eVXqunj6yXmuZ+Gr^lE36}0k
z!4s)>4y8XyZzUq%8+kJ9A_M7+DVB=AvZ~EoE~0k+x9l!|2uoX#n{oaLFJ+-VBjXBG
z2jXUIrhx(aR4wM>$s{?-uNM(iBAh>l2Tks?nvq{w-)ZX4%j{OE_@UGso3VDWPeHHK
zP$5uIYTaq!qkK{?+b`Q0QWhIaL16h%7L)Q+4P;u85V<**bFRi2hH}&Er!aCWWsbp9
znr|r9+YiJQ%gdYumnG>EvU@aVWW<50Ljx8^81`D=bQwdNLgmA#mh8Oz3Y#e-FK}6l
zK_y$jY`F(J#v@;!5@$C0nMPtVNPDD=vh8fpi|-5U4_b*3CB2;_iuiOYMp!;)=t@*6
z#3o@7Eg*N1S-z(!Lg0$yl8p6s!U%_4&+%3vN>Eg{opGu|KVe2ex6E#f02$eNmjrs}
zD+%2+PDX9B!<(>qptlS(^$|fN0A)$w6uz4PAmCN|I0T2U?3Tzy`2Vx_?%i$M+T!5+
zJNy(lQhH<On3UyLT1}F<uH&?xlZUUJp3YhM<=PMlNvtV?halysb?&<V&nNhOz57XK
zVQ&BgUy}TY)ApEaHMK}QHa38b{lebs8w!4`Z!B&}5{0M$;c389Pc0J1dGbC?2C$JO
z!zS5Uq?>id^_gU?t}fX83fbWo$PfGAzJyn>FT*JCX&S%`Qa@v<c;XSqIc2QycrBc{
z@4)A^Xlxy)0uA`!IRGvY#d@;%BJYpj{QmH);Q#-Y2kcPA2k9Mv=g!iIkL73C{hy~#
z_bUGXTRRW;zwhUPP$MeZokNIEGaB)+_8JR$Zvy0XKspdiq_GIN+st%ekH;^blfJjL
z=WV*1<QeIE+kN@x<Ho973<$*4v%ab&DL+ek2zJYXc2H_AXNCX3wypK-Vl=qsib_T8
zV(gCERftN!5}G8%&rPrI?YOGSmJ<}NHv_bw!d-`;bl0I|;9q*%L4vH#2gf?g0mT}_
zj~xWPX}3DrJYfSonNS7lm|5ENw!FS`?fq{Z!K<&a#rwa%+uy0if8E;KdD#E=@^p=t
z7)~u5@zs4`ZvKG<?jQSaUb`cnPH83?Ey>i#0xy{#NoHzB(+~~!bxjy}NSce}p5qkV
zLx4psFG!|q$TRCYiS|S^f({h~H4m9B#1#IIFS&ogQVE>XZQ`vL`s1T76Js<OvZs4{
zdprHT@4oAAefQngrtgm^rF46fe!J`MJsq)c`@N#C?(4q$y1(l<HSbJx$5k{oi&XU1
zL?k+Tq!J^GaMgq$<x&_rQBf=hq|>QJ?XJ{yy7w=AI9;dvl_U_SdkYx^;J#lu1iHLe
zSp<4~%QGehPM5fHylEcCIAHK(*PC(!oy!ZQ9u*>=DpA~;PDu)8eQ#^i+iYo3d$780
zkj~vSkCiQor{FSVw^ev!`x7o$TsrQ|!WobcAEB>eY6qkvIgG7-$LZ=+UNA%z8Cg47
z4oH7<Yj;b1P=~56N7UjsKWqD`_)xdG)yphW!kQgg^8$u#4Rm%DCueobDf5GM$CMtB
zj``cP1<E6ftlGZK(7L{1Rp^AA66Us^ZhvRfvzk9Cw4y*0b)~i)V@zAxow9Q)MnqI7
zSFxnKcj)9=@^OW>PeFk-SaLAjjk_y!`2Ac{la0bx5bmDQlum_rCcxdyjLo7bW+)si
zC%DK<F(fgVqwP-HIAMsraY~26-0g(u7(&m-0ARfncU#labzN@T!X++pxP{KXywhzt
zK;CD^F_fff{aQY+S`%NfZ7JthF0$fFp`~?n0KxCJ_r8M`k47Yql|x3T$h|(J)JT3h
zd0kP#>Zv7lZ&X7qEFV-!m=ZyK*5Y?ssHY)dU{@P2hm1^lfKI02sOD>r1gy}is#~!3
zt*pW|7y(b2$ixP&`pZx-b>%C}NSsFzWJ|$)q&TAPQs0LWPcLa20Jl&mtV;^;qhnd!
zc&lQwsyf(3P+hDcEPE{4q|Uh9I&dNw2it<btFVaZ0fV=do19D?b56-arb}LORx-@#
z%eYVo6x-(dxo+(LZekV}w`PVYj|XMGlsyohVo%s+)or%i`0bokX~6!O%kQ>PRgz91
z2jHfx`r&cK(7K{e>ToVs)pE~NXVv2!!D*P@l0%Xm)l*J0&YX2@5Yptqqy>g9Ibk#q
zYA~>jHA4?h5@B4JUrZGc<3@SxXNrllJpGg>L8GT%5-#)hQ%t$)sp7{ua9UU^{kp;L
zb3kt7h`Ag)%10}Viz`=O6F=w#x&%Wv8cxa8ZRr%Cwn%#s7D*1Q<!xmzfNb@h63XSH
zedw-702Vl<Ig8nDMZMtO0Z->e!c{m-3WqV{i$zst^|~8|?YIW*Dn}P}yvTm!(gY;K
zZbttb?TZxF<1m-=w<^b<G-V>;=vgA6QWr*q=@Ryf?o+vLncsz<lm*rwzyrzAi}(xs
zA)(%+nhp80;~05RpP#q)M3ShePPt@^8dWj`k`?OC@6ad7u?W`}c1%)TeNpcuJod_7
zTp;;7xPD5m2j#SyIL-QUEINCmPXUG7{AJe=HEK)qE@^WmO%dc<vJ(P*_~;Phj-$K8
z95k4(&ZLns=7fUdwk9m2<C+bj_^uPnkPn?o<qjai=gC~s0dcgr=V>S<E*7{^I813e
zcZa!{55cmaKmhYh-!TG<7AL|ulQScw&QZhVaK+h&wnx3~W@Lhu`zaTqz`qs?>uXgt
zBKu9{LTz@$=V>uv$^u<-E|bJa34>X#V>!T4K#3pmJkWbWQty;q!VTV(&7kpP9=Pwh
z`=dNRlulSNYQsDOuWVJ~m<KqJANeJlv2^1Lc)g)a3vwO}W;FICLB*ThOkIq_m?urn
zPBkyRFcz64+7JuGV9?W26NR?Sg=dtk83n#YE8eZKm7K^5pE>P>Cq@2vjGA7CEz46L
zIs@iNo_`pUNs=HdBut?gmONc5Uq*9H?$U5P$r`$oqbSU5jS6wKKcM)4Y&s6eZ%f2>
z9a0I!_ga`Qlw8a*F%(;;5klGh+s$t`9YR(jUaD9F`9iNFdGh9Q5zGaJP}{<|A_cn!
z$tsc}HBv17xrtz5Hl&Xajv&A1=bHB4A_(-^ghdHUg_kAEOu<X+zdL(d)%dTwo0|{u
zAMfSq>NqzJ<mpfXKzjzgh9pqsKtqi-OH)m!xcNr(IyY)S$Dz0XcDm%}Fb?>oAg36b
zRt~23#L;h!hEbAi8U%&X6zrk$5CSI@<WV*pS!Bo}eyLvD4x}oKPsF7(?rYVj@Fy(D
zBW;f0g4r!PPkIte8^LYKBwffMkHWR>CL={X(EJZnUHO8IM$FF!r1O@aDgfkbt(6#%
z&f!0E8g<IpY5}9jy=l!cS{o1eG?Dyy=ULzD@3@<tO6CPCW0?0tm}#?~Y-h+a>Xo%N
zh0hOwr4u_WEYv*fCj5{+qy;(5bQ6z^*}9aU!b;&_axV>@n`PQ$lWfP8X~MHC?~mH?
zW+M$?Jd=G-Svm$2;bj_T%m%z@Upa0p+99nCs<GJ(*YIp3w<({J3x<FSQK;EBRWU5M
ztW;@Xm`e577*^?~6;g%#*d*iR@oSa2NETFHV3-=o?uC5*Y@1gb<9As3JGE>vAjM){
z1tM+8=u{?at;huOUZ=D&u>e>I>WhXjAUv(8B}@m%Q(DnVikl4`2)$TSXXt|UZr0bE
z4ue`nEMpP=PJ3BBe|qMvddhh9jqtt^o|yTAZ-P!^VyaS-(e+A^S}HIokTs2tlowNl
z@}Qltb%og(%Bn}7;g7!&u0ee<(e(vZ1c0zo(wWceD=&Kls+=_#6wq&1gj47Hbd|#0
zMeXl>LLXVX_TpRN(j>V?p18JxC4%6Q`auKb7Vh2^CR=5Py$@`a)4{HStXgi~8{?{y
zuCw|0XiUyoXA)f?7bS{(ALwhz=IKHT!zLUqNjQ2#T&@J1l^WC>9!OA6Uc(vEMkC?8
z@d}(g$^}|*ZJwuDwd)ocA~VbA+g`D19xhs_TXx!8X(($0->zG3ZE;~OYm|*7vkkk;
z2(3pfq@$wrguxmEugt-7^n21J3g;(l7;TH7HT`@g=_v9Sk`?esr&tcf%Bkn@RGe{B
zSC8(xuSZH^I|>wL44=L--fXbS0;XxZ4q(0C4h2hahjdh&+RjR~P_3u8_8I`zIXk04
zkTN08&N}NWHIo$yd^@D0zMqA`YCu?#bvvsgqmJ3<geHlcorZ7qZrf*5F8`MKTsm8t
z8*d)8-STy2tW@tdb5?4odDieeSgnO?%v=dEH=8@V>-y~J<Xmi;Wb=k*8nEJ#POVsn
ztToha?5=vOxJ@0Pzhnm`1JS7-p1LV>s97)9R6<Bej==k}X=c~PieTvyoip8~S{m5#
zdP!<&Bzf2ZS%U@N*36O&%4M*#NT74kBFODRo%-3?X*_(F4W?*Rk7vb}o5pAF`kTk|
zYlO2>wsWhF8l02vbTs8KaLdMnr916>$*n<a48PXA5=%uFt;TA>PBu@jIW6^=YS-w_
za$_<}7fEs}9y=Foej5lY0o6!HJ4fABqq@E2G^mUYJ^s6xf@bpH+~1#i4pvKnFaK1z
z^y{qjS4gsZWBXslFGaWzeyQ<d=#u;2yH9tk_P?il{fGRI_wvAcG`fiewi9oGwpXS0
zUvPN?G$+Mf>P5+Aor^FI2E<A*>r7cj1Der+LkM1XURmWw2x@PjO1rQg870gWiNjd#
zZn7imL%^lMVv}bjrL9Y768@0#JP`x(;V~vpdi=5M?jhd?+SN5tIhvr*jHN>{0B70{
zk8{CFHNo_O_kFIR^{ny&G!B+%cy6FBfsw~N)?O|@oxGOg?C3bF9cyqOI%Ae~KDHST
znj*PrJsQ%^)oU~nVb^tUu^hh-;~<R3Uv*XTh@G&J>{+k11*32Xsqd+4!z^;R*riq<
zHdtN_V5z${CJ3>jH&oG4GuSjupP8fzIJcUh>jHJ#DV2k2*$%61z7~u~SwRJYXuLd8
zHs)L#XA88PUj>bXR3e&?#l!ZlxiBhJ<T~eqJwfGE=4!HPnaKZGD_A59{M(Z>oP`k^
z+wPZ^H>`2Bl<$s?56Xp(k6sop(mdW5KM9s9N5wp11M>JpzTJ=KkE>A-YTs{p-02Gq
zmDyE&E~#9(lc7jm?PkJnt5v_!2Va5ny~=VVke53Gr6G+J|6$|hO)fIP&0~BEKDzo!
zk4vUuJRqCqD$kUD8j!u+-R)h6kdeSM=8l?684cdW(fovSxXOYqU&Xv*3}@AtOCIA5
zr#qWZH5V><%v99q$NGg1Yb{^EO-~m5s9x!7)-;<OL+Wyvy}}y#ma)LfM_Pop#`{P*
z48-Z_>mn$$(3cc{eE<Hq!84)}ZjC*)k(P;^*2@O||IXyU1u=n^#sAstZ&u{Ly}iBN
z2l?+lp06YS(IgR)w{EFb4@N8-z(dlyjc;qb)JJ`@!QKjYc!)Mw{qLTEA;j!0ruN-{
zbd;-*Ic2YfI{WrR!;#YvNSTy8>+pEdmkJyt=$Suxebb@tVUrr4s!402<a1+0ert|f
zg)Hqt*nlt-T3J;o-R^3YH%+aEPAg~w38#D~!x~Sc18!|BEwJ0oE|!l=C9g=e?Gmu1
z+afKnmVB011=n_?UI?vSa0#$YjHP^nSRfB=q~2FyDzcx$Z1N*kQ3cBa%-icrueFt>
z*hIKtbDT#J%3#_ugH<XYExyT6sOvOWLyNh;TWh)LGNOT~GW6D403J~M+Ppy<UU8p@
zeEvLWEtb)70dH}G$h;_gPO9})QM<NMh<Ua*uH6tT7pLjiy3Fnp*B$*ch@U@NQ#tF_
zOW(jz#m&>``J=VtlXw5`KhAzSdA(k0zhSjkk{{UJ%SP2_mj*#9+kJQPeti+hvJP;h
zt~?T+*I7^9za506l%BY_<~wAXxox=g3mHz+tkcwB1*;9CwnLp%!OsPABmHsFSQqL+
z8t}QWe6x|;hD(=l#YLF7GbnRo@Rq4*?2bX@;!26)`3)jn+!(})JYk@T@YC}i%lw`Y
z5%Bo9`mH~`1cIrS>s_$<l4|Y+Yp#lUU6$4MsVj?>T4)(}<rRx(_EtwKsP?%<Kj0R{
ztCUaeAQuGVODR=r?L9^*5gE;L;h{R?R#X9Dlcb;u*nl(<QkC>`G1*X!YPwZ#d67pj
zI*Hm1YMaFYk2Cfuv+)AznzuZbVtwf_HXlKkL;9PWn^ipBkxUQ60?GT0+$f?x^P29;
zif$057Ko6Z3g@(8HQr#m75Ve6vi6<dc6)}YS+G|9&4qJ)*N7}-<f^d|K2PR=Lvg1Z
zL^-g*a#o^Jei={U5;3s}kZ=9CvQ`4~C!BOn8BP637>})JFL0tJbDen#f=l70Zd`Vq
zS}PJs1M=v%gTs^eXRnT4AD+G4e{=Y`UJx$*J^Jl$hyPeu4Cy7bxL<42DqVa#efQJJ
z!Qt~qYojm@)Y1l+d&C7Vnh}8j*rZd3l3WoXsf;Vdh6$qqabwb7xB4;gUZ<PNAeZ-I
zkM&yPso|)tFRQbRiHx|vmL?55{Y?Jt-_$(3qM^F)31AqVUI&VN3NzAgY_fu{_7-(o
zwq*_0QL_L_+6ZTDksa^^B0Ur-*B}<mqiRpGVe94l{gWRK-`i`}PZ}!KYLKg|`Uw5W
zlm}#IXJ=vgR?tmWJA}M~b^zSGYlgd8rCNR&)a}LF@l9(Ougxyve19p{>lGVnEyesQ
zH5ys0^1f?iJF3d_O2$M<b!$nti)5`cmM+(uzmg3#@Ixg6v^sFbqPit)Dy~-(XjPK6
zI&=s7cZod{X{-^*%BrXXc`YfTGATD}vq8kDWAuhiH_0C>v%+ZCYGBarz@n%@xih<B
zf2&c^c3r;O#UptUdtEJ1F>EdC;kulA$*Q<I;Myc;Pj3QUeI4`P3JB3=O%?u!l*NTr
zO@j~5zrb^Q`!CYRcJJS%{=eHhJ3CeX-|elf2m9}RJU6rd+GiL>Ap>cC(XG?_aR04c
zVqa!MEZ>v=<2(O0+~WUQPOo=97hl}vwFdEBc)T{C;dkKh+5pvEdkZd^&fk;s<k!c>
z%C3|4%bWO48mB!an=JRCyc4&=LRD}lZiOw)-Nvo3#t{FD@Wyw<|1Hc2xQzdM`m~z=
zZ*S*;|GS^(tMGr?{jcWHcXuTF4m|ai&}`D;sE1*m3`xJX*IawIci=SF-gwz(jyOwH
zTnlWy&6eIfc7dy>kZ*P=YbbZ$?r*i+^ot<9hU?okJl7hz&_Al<TG<+Z8>=&-Wr^3C
zUFiBgYl(^Ubvuu>#x-?)|AK106}$_U2_JtbqHP#$o@%*Ht**pcR~Wjz-Nnv|wOR78
zQxX0eis|zr<r(*RG$8K}&{YUy1s&@S+p3C2%DM8e+f}}|=l>KLQVldQg3I{7{?p3+
zkL}Iv&CLh??>?T}-Tx?up{rj5sfDR)WCx42=lMKk96Wq`RXU>sO0Ga|mV{&c0%WHp
zVq`1*DROs`-+o)(o)zS=fe-zK4}ql|6q!<h#0Bq*KxB&8*#+D>`)Z@+w9dF11!SWN
zvITK>er-gnjvkpDrGw|B(;=03WpeQx3DODU8I3|K9;m|YI=OBQPj{$7y)>+JQ)Iz4
zh)O&qbH=RcxTgnjh1ulRZtdgwH;~+>o_9?3@LaOx9kQ13|3~n+eKhM9_Uy2IW-QNT
z8znxX1tUv>-`ouw@w>RD)yhcd1iY*85i7XrN1@1ADO2PM{`o7j88!fQK0{|oSP<mY
z;Ah=hE-N!156@SBZp{AyiKH2GRi1a(PlFaM;1d3?zqwbv|NC@%=OO;ny*yoYNR2bH
z7O|MDMVw#c3F#~{4|Yh$va5CE@zLq5uaiyS5xXEgK7u@&rTiNB0fL_5$4(pP*DLdU
z9aQ04jVK|zlucv*_(+{D!YUb#h>BLII$g{7X$E=6Rq*RB`9CXgm5Rti)M`)1XlweV
zLL{GUkVouOC@^HRYO@5<8vCay0z)f7Qk)hhUFN~bOH7dn$s6ObM~)#TI#Iii92ZGx
z-|3{ZP-)0UJT>LYS=Kz5x}{_LN}=f<o_lz1PyZ8<=riDE^nY`2vrhk?KG=Wm<@ply
z|2lU4t}TGI(sS=eDoCen_wUs#{uq81S{%_ZBAxdWrZ``d0xaN6KxY#=!`$$-X2|~W
zk<p?WLaS3$AD<qpjK?Ndr6RFO%6-NHNu4`o!nxq@uRZ_Q-2dK$MbmH`^OUXL$Flvu
zyIqa{xwY5ddD#E=@pQ>C%`%o^W;>i&R4NSfFoLYC3H2}Nm<i8OnR^8$*%L%eSQHVt
zzfrFf#^Vi=vWRBkjDeH1^`6Fo(<Lz*V@ln%1cE5B0DYtXvhHDCX&ysO2@**dB<5qD
z<GnmRJI#2?oGv+lv?=882d5+mQ{i~yFzdm;2)^SDe@%PvuYNHZ_vAnNr<ldPqM;%6
zCB*}WZ0Ct5E)(a8H>4NN6EB;}zj+#tohSe0bjjao8uDC_qnC%m@sgDP!u-tf!hq2p
z7Ek#vjyDrN4_NQ3Z|)VIYwrJ(!~K_U4!vn`ojw-t|E<0L_Eu&8_n+=Ood5UobZg1I
z9cN$X1l8vo6`0Lmzy6?;A%9$hD++^NZyaWmd<f#3&LOM|tz+(M!7@Seq@0%;@==@A
z%IHc$<G@Z*Ez8uBFY}ntQi^aq-aW@TLRM6e57mJ!1XeBjEM=@Wp16r5cs)(|dex@Z
zL0y+Jnz1@;Fj}9+<~GQLg(*1bJr*QZDZ%9+(Jl>nNwY}}4<6Yk9~#8E#$llJ+)GSx
zS0@2ouh>t>!3hZkp^@NP?^z@#HyTJgFo<N5wDJ+|Br@tx<g66=#)V0iZ8Bhcj`Ne0
zR0)ky_>6sql?>kmM@g7bod{gk9q}mQmzW}*#gg2Lf#Z^Y@SMb~F<uFPM0Lt;xzHw%
zl~po%L#8GHl8y5`6JfwK=x{M-jd^3QxF>hcGCw#sZHIE1X+o$M+4^F5U}-|z0F4yd
zB`EAu!eJW~K=iksdYj&+*RMfwkq;T#qYW%ede!*HWGA`Mmv;q#!UB0zGCzX@mYnN5
zP3J41wmA_$j7=#jNJ&f}vyc+1y;Fz^S)zuRuoN^HDwFP%USLK`CP3SLu7gFNFBz`f
zF+9(#3s-n^R*<#OW1dRuPR{GWU(VMZ=e@OX<wjI=CuM3+2L;KahUkstwpB~#gSF9A
z3ixc^TSyfb)>tQsm+%~?+a*608S%M||5@ML+Wo8JoMtr5<mWK1ecm7+j(I?|NJEa*
z^@0MZa%7o+`=aOb*k?&5dfMNsm+-*VKU^hvt)tL1WGp5roAMb8aEVBiSa9qgA9;?m
zF9?-lR32p;<jE5yB;|{S_T&j9AqBLLQYI!wy%kpIJz~P_$PJPUmZFA?eM*?0;i^ek
zI^yXRX^;y!l@tV3S_CBcyj4^^2lb#_p`flimm+H@g-C(uNK!VFoMALK1+z3~=brOF
z|NZ|tFUXT8Z+XTBPo6k0$WcjnRJms*e>^wMV0anaWS3MBDg^gKSebZM#B(W#7QQ|W
zGZV&SL}wD6@{E-PAz}mvh|Lccjn{LkP>;x*=LUOoo~K5rZd#>UDh6=me1qVOwBcMz
zk-DjKvc_gCmKc>COlh3cD4G*LVl<WvgBj$yTt{JsX}lw*1^6FjV+xJ9P=+bLU@-*d
zVRobr4X?=k2_kotr;tS#+Q1_dXcKfH$u=C;YYO04EyweX$`CdP%Y1L$lbABNQtXo;
zW0nz-<^F}y8vtY*Bte*c9t+4uK4FI1$Zd(YM=yc8X=FgVr4g%uQS!V^cr2G6kcLHT
zIpe5x-axFV4G=|Y?KCVej1Y+=G0fzmpU`Mj?0(IEp@0|y(_`$18YDd9jq=%$2$Sm!
zO2~CmC1U%5IyG)X#i(wix2}1FA(Mn7FiM`*nUH`@<#G;KM#HEyHO6XN%(<ByV|F%)
z<BO}nF}ozqqeK=sNuqhVz-dO~fTn@KW8y&d3~LrowSs*Dwn|`1M3^C6Se}cJl8j}N
zWU3Rb%HgVUNI;N()su<Y#sL5;0ee^e($)&+iX7_>$Q60XgrA0R;hbEN!%uXYM2uWH
zSHzVMQU7<#zo5Xm;W*C86@g>h<a*US>ySZ!1LSU5K&}+~1e}~~!!mN~RxnL=T(E)2
zv!m~+C~>@!CS6iA#w#WSS($T{lKPp7CH7+Q%<Aby!O2L7wzi*scaB4<<viCwnGc|e
zQ3qeKL9fVpr*p1Q{Z3^aT8QeGYRXnab+fP5IkY1;zuc>LAdmEh5g+!ZRFaF{OYY}z
zu}DJPqe<vZgKpWOut|PdD6Uw1xSn3cuG;bng}q!5HF+=<vJ2Ul;!$A6tw6wLRL-W1
z6FET%4@9x24fCNqI3NrW)I$Cr*H(E+qTd9rTwoen=0mxF$r;(lea%OOBbj0rBo&uZ
zPY@tdAm%_BfrhsQPWDho1Q7}ImvOFU5^prI8dlg5AAUpc7=?<@AIrlwo<(|h81E82
z`I2x0kH?c7oPDgJJ{IKAAcn&&P7ldPan`XkmCR8Ngdk;cz`)|GEL^}{kH~q8Yt=aj
zuPh@p;_(;+Iyl*YvD%Q_md_-E7z&FY#We^OaXG0|2=T8b%P0X3)JjD~i0rFpYfi4n
z`EQ>U&T7Efd$y!VDd{MHTb8oCPZKy6_^6OUi-l!vBy|r_jm+LZ<+W=ED3s6?ME7#S
zQfBQ$oQotMMxmHgbt$e~li?`z^(yfsYlYnc(a)nSl!r;77E)Lga^J-~&@7JnZm9-<
zVU`3W3VoPuRB2z4^Y6CzzN?Ny#X^*0F+Q;+9!Hlj%nl!!6T-Mz+EH1|IrjOpx<UuH
z0qk7oco=;C?1`DL)4h5SK(&59LAi=|&I?*}UO=tzh%~0tsf^B!*(yhP$|Qj#qlk{>
z)Z!As*(xH1%k`Qv)G8>_E0mG}_vN`d7lGY8H@Xhlffk}lP?Ulc%2J0hvM{wEMv_+B
zdJaXmXQ8BdI)s$aWETjf8U>v73;VBTDwlw~;=lvnD;$f$$V!-wMq1F6+is(_qm**8
zu7`o;QBlLFle5siSaG68%?cnzPOTnuf&04JA;hXJ@S?RoT4%%p-M!KS2~7#h8imE^
zx=y~>RnV7<`arC#j~H->1%#HFYZjo@>n6}OB$+)|@|4oEi94FNP{<`b;ejIJDf3b3
zHP=g6^LYAf2RUF$=aRLs^b3@X@+=1-AH|*9&ruT=fCE6WlIp-pFai2#N_cQr>lz5;
z4T3ROY3fZ9|K7#I{Bx{|#stJ)4?VXYK{iiV0e&;sz!^gLQa-9^)I(Ids2YY&f>J`A
zMRM8V!n(#vT$n0%C3r8`oaivPu$BuA`uuuFnjFlHMt$Aww>*_^d7;^wG7AOZVHBeB
z<nFLw+>?-BSh(&QY#S@=5beiwdivVj?k4_(`4>x;xe7yv;%8w&QXGB3?)Ws81OdEW
z6<vWdF|<xii;#o1i=3CDP0L0@$#n80WRk0o=1ODcGa+a?SJCqzh^3UnV{)iM-sxsR
zIvmbz=G8L_Dj;0YDio7)UJDnhq`W4sxg2BEXqMzq6$4X_W-1wXt-ufCHtc>8AXTu@
zHW*D%)2|3(5pA>;lk|6i%W?os32Y^#Cg#^jsDPfdKx*!_YgHqxY}hd#IYqHFV52aW
zJbO{NiK|H&4bWB&n?Tz(RFp`=Xj@|YEf68gw-ExlvsG_iBgQJp4kWUEo-i=DSY%0S
zK~~lQw2-N$9Kb-W%&RIU74#K7nWD>N2!8u|{uBuTdZtL6(LkwYXmdx}wV}Aw)nsOe
zbL3kzo}wq5_L2>a+NKi7U(U@nl8?}o;bn#^a{l3C1$p(nVYU{@0v~9%rH5J@qYc1X
zQnGX&2P}<1OJggJj(Jc~+#@c4>73G-j*)EJU97iFcthGUqf5`HLk6Z#(9cSUESM)$
zY>?2bJn&J(1IDga(|VO#SYcDuv1${T&GzBw^kRBACfyiBBvjhF2&tfvfYeHjc>rcm
zJVM*Y@K_*j(mcNPP->b;V>wj%Bx6b>Q8*2i+eL|`vzAyv{+gP$W4U1K@^3X<`4P4@
zf?HDlp_a1No)vKgngen(x5K~ye7Y5T^OS-dRrd=zm7wy+(x53jtL^z!)}0pmyppv_
z`wtc3*ov*Aoq}H$u0n7?>3wI2kJd?jyZP;A36z`7B?8zymGz)JZ4+5Ege143a;~(v
z!c?w>qk@fGFOXy5lvg{-jQN2DxV`K}aM2Jhp=_f$WmCzh`aBj{O2O6wx61@s!y_MN
zwZZc828=1wFb+gdKqKpbY-NL;(`jUGi3^Xs;wdf$C66>gwo!I^i6Z3v;Z$NwQ*S>{
zQ@Nb#9+r;<nPHPiHkkl#0cAxN)sYq)f;>1b*xZ;CrZkb~oa`061hKh|l2RSU2`dVQ
zWe*!2WYpjT78}b~o&<%Tj5f1FO)wr9lYxOgWrW3WSTeYUALPIg$fhHjfWlV|3u6(k
zZz%Y&zOlF^Nfe?2gr@;ZJ+(+2=gIpp8Nf!C44Y(Yk#5!**JqNoy1HQVD`baXAV2Jb
z`x0Kkz6_(lr)dB)Nd1hZ;)zEb=ajL+<F#<+z5}1vqOo<H3N+w@=K#1s6zj?2i@ZOA
z^ZUcI!2jPe@zQ`M8B2Qy;J33V)MMkb?Ed%8PVN3rzyA>b=UyHNHKL;3IfVE$qY)o#
zud$H#CO}>Xqyxc38jFCt%}fXOc>Lly>3dsy-ln@ro{_${-IsqpZmi11fIwV5>#JIl
z^0TCeV7DA-2c_n6R`?HW+gi^qMuTgvs8rN0#_ljqP_?CB4P8Q$r1-h%^*6muCn%h6
z24o+d^pGw}vMFUdONXx8op9N41CcIF4z38tP217AVDn3!2H+q+NvPwR;3KZpmE)Su
zEQSE)Nl(*bXDSbC9e2+qY)ZpuAkVlgq{16BCjR{wmWhn|7Z_bz1v|k4^1Gu0poomk
zSnP@kW0QH&)?~!en8pG7_1~vVaFI+{%H&8*V-w&6f7u#2DkNKd#5%H_9PlEPDH^t{
zSSx1DV&3t#yv;xJQFbl*Z!uuk>0>ed@9*|^tM|XQws-a(=>L5@UE?K)ldEY}0}b>%
z2YrgwL6Jo&1Z^S`9RgFy!bQw&LXiBbUQSdf&H?Fk9LLJE{@HOdp74l|=ch@^XmC)-
z5CihzqvK$pPfTU6B6S*y-J6DK%2O6JfZasR3CZXfDYx9;gd}+s>3rcwqqjUePMKhF
z<~R`_zh*NQ4akn;DEfNBq-b{}C59P|2BbfA91PTi5tjCLcD5a-67lx4<0NUwA)0PP
zg}{KV5)Iw1aVkPz+^X|1Sp%b&6kXinWucJ)C9uz@Ly#qL|E@bVM^n?Ar4hBxe-MU)
zKsz=XvET7?k@4xi#VKH3p)N^zB#&J9t}|L!d%zG;OBy#3;jrC;8Z{mRPM7?YM$i`C
z|FKTH;?Dsz1zu9%k*-2l1P&p28sVWk=vj2mQ*x&#X1=4NcYU|{9V`&Y_$2YCRgDAE
zmw?D~z3*-H;ii(%A?>x2h2h~J^O&TZ+x}C+>5`O<mYn_epP>*r6TPRKdr!Y}k|Jt>
z6`NTH)Q7;!0A8h#xwfbEG6;o77P!@CR9t{_J-WEK2@hOT-}u_YEA}aK8bU^cise}6
zHaHYMjVQ87noRgs;0L57LCTW>`Ou+J)cLp|xW5WL-58I$5{bGG0nU7%Pm|-6OJN+l
z%H|0hkdr*l!YNaP%5l;m^>GQED(^Xnwg=XWlkfKrtlJUAZ31QYl_P?`6ex}&kxgxt
zFIp^W3X$cM<36`FTlf503Z-mFJE9jFovJsN6z@GKdxT*-w3$e`oXM>QmS>6$g@T}o
zAY*~$C^yQZ2)(1#zSMjmj;Cyjv8WVw{gYtCr-BX0{?Di6@NcK&X#Wk6BRs(>U<;&H
z_I8s?+oPAlqf`1Tk73`j3(<q<Hd!whEFI@zz<OwZn(H{Xu4>Yioq3aN8p#D-p^Z+L
z8~|M-FW;UPS1-V=LFM1q4%&6{25NaHhy~v7FhmjPIZJ0MHg*@HaQ3||Z`<2}-vaU#
zGwW+C`nL0^8*s_!drF04icRNU5DO3Mdm<l=!cXv#Cq^>tTA{e(fGd=eB7tIOt5Ye)
zf>>-yf>{KlR>y`?7VCEXB!?Y3Rllcf3a5L2>)SUWyhBa%YUQ2cW(*@yIAgIoB8JTA
zE+TX(8?ltdKC?vxnuNVeo?b+p2Cf+j+$@^)d);GbR`&wGB$Tq3ADD`lk7q}3!f2FD
zezhV)0xZZRfwSoV-ANrxz8%u&C5!0%l=(ak#DHwegGkaSo@eIeZh5?tOorBg&F`-R
zn#!O>v`SagL!y`lVC`ftUE<138#3`9Ig@kw__wn&xs1-vp8r?pKLww%Gh{H%VEaAl
ze15Dd+9A))D=SR`dG^dZQ6*lyFeNmx(dCsw7Y_O2tvu&D)A<>Kt3W6UD4s{bEb{5v
zvuEBZjN`?N-=015fU$W4O{e0;i_hz1I480Y9Ms>>U%Y_K(_MmjHPQG#3de6~qKyA3
za|`;3_CHDCBo!|EqC+zZ&l?KA8-#tzq~IMXD~+<;usD-2Is_e!B%|fP4=ntLnHCN3
z7n~S93Y+*C+GqG6)zOvtLS(1)Hp!Y*f)F{YYo?JiKgrK>LC5S&;3hiDct)e&Oo_id
z?{qdAp#QKv{kU$mT>LGikQU%pgHAR8fR#a-@__y2c_$1a*4fZM_$3W9^HXGuM%M(l
zv}W{YW8)f>z>|=b-xT!+@U>jrC<)u^=pv;O2@l$<Bs{3E1{023bJ?YH>dsaVosG{V
zZq6j-wU!a~b0&|iFdm-?mYogf853V<9bFGhSWgPVH*ES|t|kTE3IGw}uHN?kjD`^%
zMr`%=|3y~fWf%wiazM7HMxGcn@Ufa3*xA{3w49_O{~aAeQ@;K+Fs!JPVYGSF1=%v*
zfLytXLLcYDDD=s}K05Sa;FfS4GjzMzKR(iN!3nuwbGv35&ZL}i!Hn6tR9e{#d^lsO
z{WVttIXNRNo`oro!NF%n(-5y8frEs)2(Y0}=P6AD;i+8t`o32-VN*f{OdKjo9Tv~j
zLE1Gu@%uN&XD^RV)HLYa<JmMRl{(%(J^lIJ$xFM~tCUZR$wz?x#^x#~X4hI;12UcC
zck2TnF`+_S@-(nlv~qej;$@fY$8*UEq?FKfoTIV=e(&p_*05YRi-eotq_`Js?#c;$
z4r#cvNXY-Z3pOv6hJ@AiVt$&HyH^SOu=BsG?0r>?Dq#i`V`^M>%5EH|;&bKydOYsQ
z0_Gbo>z8nKji>W>=>Z6`rA~y10BW(U2c3N!3io{K4)ZvO7>upl;j1uWO~XYm>C&K8
z&UHO<vS{q(Wau#9Fz!|Nf7`g4Q>mN5SbIy9hEz%2?v#>fefTKHi7LMG&16Zk5*}FE
zKR`&Kl58qnRYWeTQs~>9;?G(Gc8bl4Iwc%6N$7<tMPxM1(Cx!^vy&VUXeyw&fAE}K
zLJb`;37jS@2TusCA{e0&@Ut0H{wH%CFigkK0GB-);||_GJ|d_QAUOs+f_M}VUC7t5
zPfVJ4Ea{Pb*??X;${(n>WQHwUApH!1R&?Al9+ShroqFVyF^nM=#6sm;t!e+AF8O)F
z%7`h3y#YN)DU}YRc@blQsY}us*GJ8(FcsO)VK(^@8*;iuuY=Y?PS<wW6q#gZ$8*?x
zj{Y?;r`idJ;MhNb_mD$KYX8=$OFsP+Q_WHg$ky&R`u%C1j@28vLSKd=&4I3dp9f=B
z)6s<^a$GNEtty2gs0JuBIGcvC;cDawR0c{n0W$+$Y~Wtz)#rwkT9N=(hu3!;x!vD@
zQ*JtFY688KUMkJjfb494ySX`0XK?ZQ+oyY*lRvW&^$+}9%l=zL|9<=K{o$#Xeacqp
zV`=>Ft!n=N?Y#&8pZj@A*>YO!zFJk^As!*0KNnHYw3Dpo9Kp3ub}6Y!o-quYQ_wSg
zHi1X1_CvO80VZmZN|d-J)(4dYOQ88OzQ~xZ<{}?5KZ_v1mg}bUlJsa23VpM)2w0AZ
z!b@ot+v=j;%xi6;4wKQaEo@hpYH#_g#00<L{y&?rC}FAavShg{$ddiPw_Ef7+u7|u
z<bS!Br>o<f!2(n_(ApEIHsk;-$C+#N_Au3ShO=)(uXCdYbQ%)-Z^>qYIzy0Cj7;u0
zzx~#G;^?<J>>s#l(;zVZ<rz5ROST$(5b@H%h9ip%S;Q~ZYy19yisBY=8VKSWDZrnw
zAdj@%!3DEhbe{Aim^OmjatX`vxG1Z4Y%j@<Q`p&{u6)5pBj#rV(s|2I6#(+JzMelI
zox^|TH0qSG)dEJ5dfA#|bbLSH(}bpsbe{FS{*JrZsU+U95=MGIgqivi+L5%)E1TL1
zmrnpo=k-}wsA<;a6q8vv9iW#*7%|DoKcC7C?N8W%0M=n49DYhvAiI)nTZJK1<qE8{
z9D{fSx<z4FLmoOsLt10KqGd_r(Q_q5;@Bs9+wf;NJq7zJ>A0QdK{*FHc8l&q9>8-V
z=MsbX&?JF@c+SrZTZi(Q>_ZMp9?w37SO|Pt3Zw$Vhr1Ja^8xItdfA48tf}ioFW;WZ
zvT*q!Vg9=39F0nTNky<cba6#fe-VHTu8+Z8K?%Hqc2!Il3`YaK(H{+hb(z)zE6spj
zhmgApMl*Q6`XpO$8pL2Lo*mJtfVK4Y+5i@G)cr<uDy?C^*I9N8_n5P9E=biK)6kj0
zx`uOoN40D1Kb69<wh8NDv+QXqdBH8-bk=Hyn^uaJQDGtq6cHK0vu*WN4V5~rb7(Iy
z{96;!D;*=1bpF~QowLpjXvz=DgiMB1guZghTN!kn=JE4qXTqYXCnm@xma}Ir9=C@X
zK$FUGpf3Ho!#QTA)HA6=E;d#&p;?N2oAp8oO*5B|Dj7i+5_iv}ZCx@ZeOkUY`9Up0
zg|oMBt_U=b!T6ZVQP-+iS>Y?WRPBtimhYrWNn6R&S})O*mlc<Y_Eo*^;;7=HakM6*
z>oUw*6H#wPClV+x71%RPBT{?1dhR#-v|VGowr|?owsWdn%v0WRu1e9`m|k_c{Jq}R
zd~D-D9~G63I_i&FV&ld}T6wM?SVpW&S$f5;ioPTmdc|#;66z$yT{#I@XPvB7_*1-j
z)L+b@s{gNB7*fR8ZoGc(wiN~Oees$4wS~L|&kf~&pQRa6?#7J&<!6cfzq`}luE_tp
z+uINMzwYI!o+yRJ--H=)RnGM;IVgfkMk8gdKN2Em>4v%YY-Prw=<|NCZ`<T0hv;;{
z)-R=tOE#Qvet|Su<t)(_#?qxbuo>$m2YNG=KO6yAmOgw1)#m5VQV1ToI50QFcB{F?
zS2@4RiN+fbZQEiAr79OOWu?Zm+^$$jv`t7!!x@>p{|bgBklVS=n^K)i<eUO-z-o$1
z!tj+;&hvpa&pJAeL}zJQO^66J_p42_)%4xWwOpHE(0-U=Yl{7pWpD2SrGYX3*-?)z
z@=`V);&^b+DVLVJ-p4+q`%~AheCny?=hd6*04N9h%A27~{9;9M&}S*vG2Q8q&zN=7
zp+faCj)TLHU-wVhU}_#nT4lZa6x+J9b&pHsRT$GKns1oppl{=p4>&^zX%Z?<TxenB
z>(Impa(IX2a3v!6#YkXz!v`_kHwE0dHyg`Ms(CkBKKIlUT=TTVw6D#If0gH^@}Ig;
zmhy<X!!QoQc<j<Vo45gs*qCPAk_(r`f7#lq*nhYCPoF->fA{iKNHxUJv{Y60F|;Tn
zygrbMtnlCCq9~n9fAn+VI^@{qM!}?A*&dGEI*QEGBvkjdTXF0VQbVzUN8N?4bRcp_
zd;`%^ux|NQ?X`x}r1bO(oZOIGXwY*1&h=$~w&yPCzjn@YQ$_<zF}RfeKi#a*|E>P+
zL;RO}c^>Hhm#6=geQ}qR|CW$E91;KO&t1^}HoC8$W&Yn!pY|*Ce{*+t`+@%7$MePL
z{{!J~Ap95&!!=}I>0=<YLFvA+Yh@0GpAZv<U^E6$6vB_<HmXC&jHN?Wc??%SUGTSu
zKQ3wJPnrnmP4~a<c$Hv)%j~~TcdPe5b~pP^ANK!!JZfjgJgePmz_=haGEi)G9jN3^
zbk7fJXGfzDHy7-z0lCu7F+8ozka2!2y+z=Oa#&Fmr%L5Z^;OY@fnJK(65f-}h8;%Y
z_}$CShM5b9E0OR({$E9cA*$V1VU)2{n9wq{_%OBj3XS0smIX_wgi2@+lt4<sW{4eX
z#v1OL_hh{s`Q(u)Pm8EDO#x>hddlLcGc`<p{;)g!xV~<>sK=za&#6)`T@s47JS*YF
zd(w=RKg^sy%%we-f5<spdG@Y5aZRzH8t1A!0ea^CQk}UKr(}hBSQI_06>SDHw?x!e
z#7l|R+%bCo^UKf!wf*l0WeX40TVUmjoqX-ssXEct_?Cjhsr$Q^N|d>)MHgO{-03X>
z<DF=Js<~rRZE@F2t~D2vxTHH%&2+c7XrxX2|4rq;QpjhwaA0YY2baiyTf5se{ZD`Q
z;r{=<JU10C%w3m-&iXV7)!pHWzDV5?DWuBQl7$ogsx@l&=}}y@;(ZnJYJK=k9?;j5
zC^7tr_SaHih4C-U&s?9nqm)lUz_l(ze<KPXvd;1gA-3qde$D$MmOfpBYWtS`Ug2C#
zw!f)3UlQoQs0L9jPp>h|gync<Lh{{8qjFc4mm2=FNT(si&p!Pg;+#P*!@V6A`=zoz
zZP1&H(el-d3PNUu#tFByfg<J^S+n-61<itOysjMVthCwhU!P*;Y!d;!4&bp$+VCcf
z!)ZQ+z|#eE`YXQvN<lns@!ZY%-{=l7Nhopy%k2NVd)rm}|K8Ta`F}5uT(P|;4x}{>
zM`W6d3<CB<c)JGz$Ss&`m|%wr!m|lWFGHb1+o?5x;Q$gI;w?*)*j|2u>dup1^#Wj%
zDQfLn{K@)*>%v`GuqFwG#2zV+qOa<?fWZrk0Q?WG3wQI}J^imsfXnUwdsX>wXXnBG
zcQ4QHits*A+y+9|<}}d8He2adK6IWy?j-aKP(RD0=!W~>$_BsO0bud|?{D?Ds`>wR
zw;t^O_w$rBDv2oeWf45LX<OPFliCK;Um8O$x9Ch{yTEN;OT=Fy$~QK=0IF*?{?+Nm
z9lKCy^+S>3&bqdyUt&ilf-<Qqr%kNo8vb;s7#&bK^Czz@w5^7?dhDID`r9&iILba@
zR<C@bQja&DtZ(&_Xk26_s(H1PwYai0oLV@lHE1p3n;j;qYHhE9;%~zI3z1KiD_3c~
ztYM6kN8WqYm-jst?3iW~(y6$9b=F}hVnVle_e4HjhLnaaw_w{XM#*)E#tl2sJ3?99
zDni1og^LEwrWGvR=$}nlJ5asWST&-i(x?fSUX-vRs9T%7p`dEp{5IxD%TQ|;rya%2
z!Ybx&C7lwwT7!&A<XA94Wv|HkN<M!c)IMi)Og?|^lzTk3vbxr46e(X9t|%7I?C&g|
z4Q{(?X*#wxqDy*3T3Y?ebx}#_COplaTd)^tW~-f)59QTVqIMe%$vI{;?WK9#Q+L<l
zlgZRktyfP0(pnw!fwbaBwg^xJVfwt6O_QFwmtK6fwppG=5<yu~96(k|*F25%db0L|
zRUkoB+AFI5^|#+(2eg!tbg=@y7K~HK6zqm7Rj@sijk$!Y?aWGZuTl}$a0L_@bE#-n
z-SQ!<t`f7dODSF22xW8OYaU*hN2s*u4H?0d$xD~G$r5i86E<$wQYJ>bel11gl1<#-
zyzbdkPPJ$kttVl;i_UE?0+T<s)N9QXq;YDC%C{N4$yaKZDw3F573~4v^qj9G8Mezd
z<R88*wr6%0o`u`V&ev0Jv~fd~iZ9z!buwAa)uT6mZPOq%uwGa4^)xq$S*gk`+3)V=
z)UkVPIx%V>;B2@pWm-m7=cmir*)3tIF(`KJe6P&D-JJehnekGQhSo~pnbi1;h_Wu!
zyk^?-=`U)twN`T{4JqwQr)1@8D~DRoXI>O--O&x;H?-3TcMajCj8!emp%kip*^02E
z#y2kryTr2fP-(niVNWqLT~X3-zUoUET`7&nY?WrpZ2dw4S$m=KwhfwLx3jqsyOjkb
zvVl78m8zEdcbmzc$*fy-VlL}B%GY16ZWO1Ltk<EjNhg~o+5Bagsw|6lLrvWk2qcCy
zvJr6WAV-xY@U=CX56^X;8|weHqw7i@piBKfH=ow*e|r!2fA8g4>izuS==tF2`QYez
zb4SmXykGyCuAXhk_(MB;{_cEwuJhCm^2M&4H+q)&e{NOn|J&P}JAd^2Z#QGC?q*Ea
zc$WD8wD1KF{*_<EztXMl#;@pbSp#Kdhf4s9#~F>>ga<CoGcJ4@RRd37<U^)HBmOx^
z=^ygBEBSAc2k0{TFaNH{e@`Fsf85XWHR%5X;cp<Xt+An6c;<$XQJp89au_HR{z=D!
zs)vEP;r>s8;pz<G()&Nv_|IG0dk^`4@8_wTVP1wJ%@etWzR!a(%WOTfz2{euF{`P*
zyh2HHT<_>1jMUv`FIZt}r(wK5qhVA?_x78zDQ~6fdO(esY;1yl`YEOr7)tM!L($Mg
z8IF5#JN;vtKyFI^#Y&O?@L59tx3~BDHTu8v5dZmJ9*h68m2Bml>~glNDsuS_nZ)(g
zb2fr%uXkM7=+ObQ1KK**bxQ|KxmIy*l<VHrsqrVJ`mOH7O|Hc9-ErZl=gQMyscYVp
zep*<jG}@6s9R}2uEboAv<ng}PkLQw~m47ZR@RMMv{rycYGAM)ZXgp@+0rWSwc5Gnx
zc6YaT;aGSb#`&j~zC@lR5u36&qfx<-Hx#tI9b9Eihd;HA--^`wh9<RTehb;@E6Xs6
zNSeeJ0t0@G+xKzhM%v?q2il(pN`y>2w(h9O=fmS%FnFnJ-Y$31?J(Y?t^7S8{;O#Q
zW$zESum2>^4f#J4+4?U0KX&$ZYW^Qjw;uSv`*<4tKlJQAxPLsje>}K<+{*pq!Ruo{
z9-KXXzt3Hr|4nWqniE*2|KG0pe{5~<J;eXIm*-mcKND~E!T;mS_<wwTw~uRkdprnu
zf9U5+(En@te{4Q|T8;m>`E>8W{(CRa*P#Cog#Yt$w~q$@4wC~c<^i+*>WPeIH_QNb
z)BOOcKvutB%lqAu`|tl)#s7D=8vpC*ga5}pJyreB?ehOUaCfCmZf%Tq-`5-RdL<^0
zeacuYXG!Z}Sqh!AI17EK{*dwY;c0qqNdM8yxuOfmGWx%{S>gY-cD5hlf8Wp3uJ&uq
z`-q_e{$=U=9s3(*^F$p8Y0NSP=V=xRlMGUY+iKOjvNQ`vlE^DXt%|SJR{ny`9|-Hi
zW1bt+|JH0z^=BFV-`%R_|J~W$e7OIAFHZ}Fui8(W!jtGVKpP_eu6_bo$3|0wissis
z%r+FQlJwuIp?a5}P<L=7{n^eZZLu@~{9O36<npIyBe5I<lay!N=h1+?KRAXr8BND5
z!*G8(ieK3?`<8Cl3RQTbHh?ETG_D3+Kq)bgj+M<*|7>inQuvSQ{(VdOPf_w)atth^
z|NW;`{m<U!?nC_ddwH67f|BUlG(pvaLhBB`wu|JK(MJ?sQ1!!4BkHctz@~QFPN)S{
zmLFC3a3(hV`5<=uUY={we{aH~X*iB~%C6JLGW*|dzk2_3YrFs8|9LM@mmJe9V`(f%
z#tF_Xxty?=4D&F89Bv8qFX)&F&*>7#6DRTnxIrQ&EQ-iD;zPVt7slfalCp?q;fxW8
zi(R~@ao}`G%*H@6$Xb%JQTR#cnET7RN8ZKJobVWGN{~pxQWAwR^BnKx>Dg(<Q|5HZ
z0iRBJO#XgwN`f#IjyDdo9{h{oJKpfuv<Ls{7n5;M{-b}2S==ic8dCovPsk{Ym~ftW
z;xcibctd*OJn^z=;yn2;r%V1$(~#$a9KAdgj+dnT7v^V<7Y2;>uw2T2`6H6FYwiD&
z!~K_U4!vn`y*?K2|NhR?ekK0jR)6Oq|MUGkU2<&Zne3}P1kO<`G8#pKWD`a{)JuF^
z0|9Q(>y5)~k`FzfPkV(9(-q;kX#uU15l^Ab1570S2Cd*^|M<w$@04Yn(3Fu}uz-Xy
z`I~8)4Cmy-k0!zlIpzV`HxXt;0a#h18gO6qGAb@aFU@0@CXmZU5~5yPxSHO&q=@h*
zx#a0Z#AzVNkV=s9gvVsg^OW$*SV2sZJc?LAMk${X8k<;WW<W{GXJG&&?Sffo_mHZ>
zwj(~Ds#|9Y`P#t-t$K}!m#4DcwOPtoZ%U<P+7lTaMyywEVO@2UO=zY;62{Yja7lx;
z!>;3W<@#VL`)3}CFk`}Ttf}aG{hhx;nIBk2eq_;<oaihaArs^%9&yJxKR@?*EO^8m
z2`EWf!U+umVyzFKPp3IVvev_E`sk@Kha86N;*hOY^CX}dlRY}l*(qb>!@2o*UZ76C
z^TY%f1t3rUb0$mmaEZz;X&jJ%`;hPeEwE=WR<$>9ypZmsKE_a$`EYXh`f&gB@a*mW
zo5PQdBW~Cx_5kqSV2*bmKCX33zt_o-Mf_3%hNbP!myTDJTVcpQ#o-Er&g14`<8WY&
zr)<h+Ob}T}u5N2F$%W5jSoc&2?uRtfyn!r<ixvQ65mb<GQx-8Qm{%IVfnzBKOvzPn
zkc?9b{Ln%iKq*$8_zwp^?w`E>NL*KSXiu?SaXH9XZaKhR@}83&Z_C?soD-dY0uZP(
zVaVk;WJqXZeo01o6wQfQV8e)!Y?AVPJRviX`^b4Yk;OSQcV5b@aW1JDBT33;z%Z$r
z6FOsL$XHA+SdtMcbX095G78vD3GA_|8qGIM<afvx!aik$k8m~U<RRpe3L;o0IYH)U
z(OjMuvP6;O&8Q6&omFdwOz8y^B+QyeEZd0LB`NJUGNWk-#m*}+>CegKB#cBxE*MMX
zBFQWyL~{U9p~4<Jd6lQxgr!rSvJD$)x*K!h`J99TW=Xab#ti_-xqvbm9-B0tlZeM-
zmU`qEhP)v^)M|QmAF;?74Lov$SQK>1YLl=5P00OvoN~!EpOXm{IJ^2Ll>|mYnsHFa
zlJk>1&cZ2si6cKRW_=rH{bkN%VJbIzJZ5r;))b<0Xaiu<TMQ1RRIbX>&U4)nPkkoG
zLU<~V+l-Txxk{B)UK@DA9oTd1IIt;^83}*Ya|!#Me9uNwK2k?O7>`@_YZzxK@8u$l
z$7is2yMEE0n@t#=UG5Ot(?lVR$LpTNiC_#!WNBsc1XV3S5(AdeP$F7V07*1A$V{Hl
z1+9E6$Ol|;pq>4==Jl+f>l=ipB+X%(1*<G`MOMV1PT<6ZU+R^7t>diQEwP$Pb4U*3
z0Mdgy&U+5a(+psPuvp|NzBw<abW)V3lBnq%NSPi=>Ga^KBo8(KN^3@#0>C3jBl~+O
z2>X<9;Pzs<jDCFo{`eGHn{Xk~d$3RNPL#=-t}Dn@U!qd563Dro&_E5LmIg*|4aI4b
zlU$0W&VCSta&BlO>0)sr`h3dNnxL@b_{bzI0N+x=b3-<V{1X}Gut?@)O6S0`0>$K<
zOeMk4yedzDkW6VJ3r{ryqd6Qq!1>0E1;D$q6jt$uq@_S#aZLt@h=eCOC~eQ}Ou^?G
z<R}yX9>TgNS3a=4IE&_ByP?3*8%BJn*<sk3DlgVFC}fc&<q1pW&neB;75ZC63@x)b
z&Z|(*1}_#J;-<ZJX038t-q|2}=zduY63mA^siyG5kH`Dul13Nmpt?hW$F-X6b@gjW
zuz2iF^C%0G$hz<y2W~kFxI~>i`|IK&@o5Yj4$fD`NDz)jER~d9%QsR4yi@6|tF%<|
zI4IpxUmxHMmqk#=Ih02ilKW67YD+FdNrtJMvdX+<T<&-nR6uA(&U>=)USn2feOdY3
zBZumM9L~))1#R1TDZ4hD_F0;<4cM;|eM1dF_$yXd8w&_aX=@?XhRkouyPT-1Iz)+-
z&i*53>3l#Q|8{m3(<wVUd;VXY{}g=6&Jgx9uqHg}e142kPpZkpOpaCZ?3s6>zP@--
zTxc~BS2BOX!~i|o<wNC<>HG{~Qr+Q4g*FA7$fs-1o_VJL?~50|J$vSX)%OiFnTi)L
zKCeqm$U@*Z`~CdIi}m8TIn)yP%5z+k*;{70B_^Xa&j&bVteEcleCbviXH0+mea)GM
z>I=@AhHLd%Gs=r4v(`FUC)Ea^aT-PZk|aDJ2gg6bY5j&xc{;CjqjgmGrj??CTrvqC
z%E0HcO+SlB#*=f+x~;YVHR2i<p#G>r9VEG49fqw@6Mj`B7s{vgnI&s>b~c)^HPgVE
zpX6t`pksC>n9t)toMk+t(Ql^2U!He58x1Sy!}j#!x@mXa%IVe!)GAQP$^cLqlqnC`
zU!HfuAYz>j{exf9Ff%`;%oJS%%!b5_e8$o=49dA0B}DdbYfj)>C5siBx7*6=0@nA0
z2W`a@9#m%=#x^K^tF140#9gcmIvbx!ESyO((OM$d!`UTIFQhajSavp?XH4Ar8o3U5
zuvQdgZ`ky`Tqz2yrGOCPuG+2%uDNR4f5H`Z8O8y>9FXlP9uZHTynXlnaPZ^_Ib|6T
zGm7#k@bgu|rYX7LO6pf?!wS9MKR(g|;f7L*Yr!8>Afr6?QThtAxg@-Iua@`7z91s^
zCrXTx;#b0j2tg}lgFhuho=vo(3*b|}Xx{ZLkSp2$Ao-ybZc_<Arue=_I*_IQUwgIq
z&s%#B_Wyf%D&9ym&B77&wV5RfeHIHgAo~gRC(PaQHk%5?7h*uJTorQ>{k2eGb_)AU
zZS*{i2Bcx5H0qIT3s1@SY|EiZVt)3$r{1O$FyW^mFopxNj~aT^k4U0Wv`<Pa*_m*Y
zQMwJH9*|_S_MHnhzvO8E_vgxuxmG`pOU(Nz4U2^NE@4v|MguYqX`JT6kpKHwzL32d
zS2y#mDE=#rCn98%hSK^|Q8?v16EqGa(GmZiaFH?Y1;uT_Us)PvS?J)ewteoHBgDNP
ziqQYoVrCr^?`Ox`-t@Nrh<*}(*5?NF-%=y5*2iM{zq7SfyZ^DhyY+DY`(B<dQ6?F!
z)Grgv^3)p-uuu?6{;~h&wToKQj0NC7B@4V{eneAdj96MuPN+ahIpe4#HQwZ&<3J)}
zlsX~Q-+Vv<?q5KxI(Vzx3g!c%R%~w?rYTQZ;I<MlLb~LgW_y8If^JAg$K-Ot1v4tR
zP}l+RX5WYo@sQ2gH)oByTtLSIGQ(4cfc_lAP!Gt_=q=BVQzjVPq7K3_6B(#boLWj|
z^5LV?HAiI!zPqw97cbU!fHrH`p%Hzpqx910lDGME$Wp>bghv6HghFBoZC>)!0izly
zGEyEzL+W2R#gtp-cVwYMp{;iPO($iuP!9Y@Z1Z(E4YPs#;9zuc&?`cKaOCk5VG=8&
z*1<}_j(6Qvzb9sn<q+g7z2{`Yq6C}(Xcj`C$vK(`cs5}v9_E5vPC|bI3Un2qyoy;5
zn%jo~vk<D%n9ww(bBUtg)RAW@d?r(x2(otZt#Cy)j~E)p>^dToR8f$%DF^Ek_zVJf
zf)%jK0wvv+9Nb-tIVu3?w|?1zFFd_g^Gywxn`~T*gmf*$B@|Ti3g;O&vZL9ZU;>i>
z>jteUHTxEp=YcVdK+J=5NPW3sKg~Vz^Q15sZxFQ4O1e@h2u7roXUs?IW@(QDXHwYk
zfIgvVn28Ks8<ZN*HtZ|2HW~njc~-6fhCa`cV4Qrve{d{;0F5kyIv^t&2|4m^SIVG-
z#j`NwF&L@~qDKYHD4v!ip<ybZjhRXL-6enDKRMd}{`KJix1UC)iZk9w3762q3hvas
zD@n38z5XuHEJDPD8r5zq1%vhQT3P3)u|5(%3JFcexpGmnO<(oSyKtPaPjs3{a^SjI
zBwRmCB*!80Fk@naxNgM9t~@<92+MrjPTE1pNWe553vCA(@jMR5gr&{Q`%q%#*Iosh
zF6bFiv7XZXbc`!sO=H6Ra5OJm9R%tY@HnJ$6&saAS8Wqfs8m2XY~e_o>Vcf4Xa`+8
z=D|9t_+DUhCu~#<q*X&~@C*uJqa^9+CSB#8(d!D9fsaA;3z)*FYwK6c-=}53V3ER1
zXw=|rq{_KO+fLu|fEiK8GI+1$iO5n$r%-2I-5(r~Z!yGXxmmeS>YhEaf~tqf=_Q7s
zZb4J1Nm&5qd$gG8SE&23bl^&3QgmT?sn}N-J+s+=R88qUUk+w(_VLe*<RYh0G%u{*
zpumw0tAQG$ysi(uXPiWgf?YHOnn5La!Vh^aRO9}HOERS~o(q;LPbN@ng|VcZf`J2R
z>@%V1cACe8$2N6RegaV_&urDY0cQi1PgIaMVI0a;2q>NNoCKU)(zrAlt6Cl_9~1y@
z#O2-y<FRT#3S(J_2EXJYL+zEMjLc_3&~y&h0+d^zvVN!0oD5S67#hh{^|(O!W6v}@
z4RxA|E?Or@e{*xHUnspa+1q&&Iyg?G@am{k6{b$9^!C=9&~dETyoTf}Mg~RO1AX(;
zEbH%{ez)h8Z@8*g^0a~%rKPN+e-VP&GTz1eQFIh%EFDo;TB^TV#A(apCFDKfr&I#e
zk;NrF50jTUjZQP_Utsy#nI+4-qSG)6Ass{K=y<l**&y=&JDrbqfw?{wI>#v+vDCB-
z=ej)jC{YPSuq3Rmfzu^nJWiPq=u6Dw(%y2qB<6%+frO>gPzn!DY&X<!*g9QOc)+xr
zxZu&O_q>uelqXI=*_6kEWsW|8yInkt;SW+fiJbz`5*j5Px8k&*{VK1NrVZA$L*#V{
z`GpUaqFcWy&e?<q%GV9}_5cPDmuPIUbY#WF+BBZ9lx93_e5YJv!npU+_8#rgB=n|1
zS52B4xudlC?_q`OLE`yIi0~)OqR@m4sR;f3JewFq3>i&X`kr5~_*JMShAa|D%k^;s
z#~~coKc&%t{B-gfxDTQjK{>%<!t*FFhF3`zVH<?;SP_S=-YKdTgXTgS)JyUWj?P>|
zw;Ry!3W3XlaX-tbKf$Tdw_ZU@9|~Wx1#;;Ds)R>Qw4<Ws7&F`Qws*ZvWE_Tk#!9eL
zX#I_Ko7Na>ii3#2O{*b`B%h+Vcx{V6Y4{RK@-m~5Vf~PLybq_0=OEY#YX&rxQS)!5
z@gw`ipZZX$pi|q^*R-RnL`|nqF?l{u85gizXZ;RZt!yQ)HD#y3JA&{j&ro@sNV?%7
z^mq_RA`=@q7{3IP%TH=_f%-m6G8UBZEs8z{WYcu57JI2{TJ#94ORZNm?JM+}70uhd
z9xoi6rVdT5D`pi(qps7<XcPkHV=q3HyMb(ZTTj&@jM*hiOW;9ID?t~rcq}D#1067Q
z_XVOnQC|ZDHv<+0wEKb<Zcx|3?UG|2=<TD|TCrg?AWWYUO3{(Bk@p49fVLg$6~F=*
zKMAzMT4R{fIUK{lI;6;a3qEBPepCu^awDandz!IyP9nK2)QU$H$Oy%ZLwy8labJ+N
z{^sW9U)RZyO+raYi3B7v^azmzK8Xcnp^#L%>V>D&5#ln$`>J@2>$FVQGHx}r0gX!{
zkcFsD2=O9S9%ZHhC2v^1)mjfx!4+JPDBL1(Z6f@yB+#+QBzM1|kOeDMN*F_C6JV@o
zx&AAS*)$waG8C*wBkc(NAFs(jbA%etIy8Ax)w>5As|K=__34tgn#YlIjQy4D)xg#0
zb42SNg=Wq4bqvEPc@2ycc4TpY`a%Hn#-0||C2fY`g9^Lo)12f)-4zLA+f=uZf9nzr
zpbFY)?IIzWVO8q5%o>p_rLh>XRA?%r#9K?_ddvgDV}%7g3%ph~3wyB+Vf$ol-KI_F
zDz;=8A&Do0ACQCP-|(7aq)@M&8&cEqWq6_GOb~W2w>Qqa_N@lpcN#J!QvSk+cp}Li
zSzdr@yCjKMR=ddJUMshL3hZuAM>x{`)>%=_7k4Cy)~G+G*#vKv!og&&yXx7el56g0
z_Yl+R_nM_v>U<g-Ita2t5$%<MVhVY1QjP+v#pgF%65M#i2Mrf4jot~52`~xTB&^rf
z9k=lMT@@k{*Jh3Yri=zk3Lu#j14{TZE5w>qG=<<j17$<9eO?TO(2kJymWQ?E`%GyM
zhe(L5MfXk}fnG(BYEZwy5yoPl^~NlgwOC+ZJ)lV__uAG@uZs|0u({qX?yT?1Em;+T
z5I+{e-oHMro)fsJz&X6Y(!{#3(jY>q4Qa;>HWvtxR}V#{fiEdTwi2dOI$|X#amU+l
ztns{)MYoKw@zcrcTkv9EW4Jf~=%33$ZdtM<0sDfKblDhS!@c-vj(%Z-t^Rkr9(f7Z
z8-*eo!f+ABLeem^B?%b&I#Mzqk<2cf)CDh92-ZrJ0sWukF;M9jvcSUg|NQs=Rz@jJ
z$h3SZ87wK9d(Bd3mnex-Y4;SvFkz-07)Mk08`Vv`3IG);*Ff<jk9jIzi;PYaK~xqN
z;7P%5X!Vma34^+kpA~fyw3PsFtHeKfR$<4JatD?%RCTUc1%JZ1Q1)pg`v3Fa|GVHD
zV&d~C3Po}E4@srPBC5VLyI}S6vl>gr73&7Ztu1p1;z8<JyxoskmTXyQdYSSB1P<g3
z@vd-2(mamkIwxzd;2z=zIn8~av492ZdZX2^x_C_oPXopEc`OAm(KB%udJ+Wrj~j&}
z=Fk0z^}6zBGNFnS7==;B(h~&C8o?{jNT0AkZ6RYvDW+O2AY%nYB{txSY=8PhQeC+b
zaiekvHkXwsb`@HZdpw~jowAIjLLK%goeG;8D9sJhbkqVSNd#M5>of4uXu)bU9cz-7
z@+p<)eiY3me=Cf_->8O^R5@aoL`oL{O#_=j9fd4XH~a`s!*LiFd+irKgjK3+z_Q^`
zkRl2HETpiY&(5-Ga#qmNvtRfS?yeLv#_Ift<#GmoBUyznsc<Q3q-XfLRb$pw7fn{j
zd>D_JDA=iHm7C^-zNGr9qPJ4y^$TgOD(WhAc-@h*N^h7Op6X>?RXb=m)>PdEd<}}K
zYe2fPn(8h<ZPZekJCotBOx?r}XvR)6$r6v}BpgZU+9|&s7^~R{ha2ucVT=|6{z&FG
zig#1`>8IEbkpbyDPSxD{1&ys=($xB84Xt0q%xW81yXpoQ+1k`LQ)4vU-E20omW;A?
zg>6~EDZ2m^Hu+TYOKC<heSF1^XXyd0Ya(58tldN~K;?k!N0)Rih&Dj1U%iVZqmrlW
z>MfhG)KT4N8)uwHk+J-$NSXu7Q6aRr1zHJvYH`l!#1uG0{biUjlxS^7he{hL?jhba
z-^(!Ijfz}hZUj?oCltiUqbk4vtPABQXxuBE;%=vHPR8xj;tdAegM_OLCCIME1Xb~6
zksXYL%3rg$ySu$3H+dfKH@<tz;}gy^gCG-xM3-|~T~ojbg9eho$tGTf5kvPv3){Yx
zu3E208U%%--043~&)y%sIdq(KNFl&=w_CW7D3t#jh~OvR?;jNV&{6vQ$^<7O*{@*N
zLGPy`+K4&{LDgIGnO9|4KzN>sFetoX(9>W8(|CclIZWk1QYIuFny{2PMubDYqYE2E
zl=Z@D|4g{Zh_bai@`p0ut6|7ZIiV`#29!-wE=dSEdTHJ70tcI;mqn#FxP+B+-eUnb
z5Wpc=IewD0-nx`Id$MW|zE+)apjDVp@kZ~ys`~|at^z|d;g=Ae2NtQ2jj>Om04=b3
zrCA+GF+hP{=??U%DMo*wW7tHsupJNuBVZd^01Rg=ntKJc(Gh)81nw=5*#`NMi|jo&
z9%D#)zYkG50C50)mE^GkEVkUq9Q`0b!i`O1Mv^TU<aCN!9UkLaUPX!$8Bgh$^=24(
zq}K%$xq9TNet~z##j8PeAdM3(*GFZd<tuBlp+w_kAE(^6CcE2&*OhVFI0E#Lt^qCP
zq5`v+3kziVy%FNmxwr>_yJTO8a2ykgX{x~mVl)aNKA!L=EXd(DJY02jx?M+qM8_7T
zB;VIB;SJH@l7g3c8ph*O)65aXL{+a3KQTWCP*g2!>r|;T-?MZoicgY`La2aOASv1(
z@FV1*(Ix>1s$D5Uh}NwQ$WdJTh-j_0i*2Jg;>u}pp=GB_?1<E;Fs6YDLsNF5flP`C
z5BAIcRbBEb`~*ZBERiDOm*j`P9cnVHV@!!6H$ZVQKdqP$1RXIq<1U+per8;>fI4R>
zwY+?mLuuKht~1EO>B;<6Kcc!OOjoKRa0NlhE{7%(!3!m{I-AN4Ldfqnn#dq}W;G6x
zquN)-731ZlqO!bv+n^7(huU`O1CbWQwpP50XBX&G)oOA{-`n!Gy&Xp)fTj@cLVbxv
z-xD)mCwOoJKBZyoDKBPKXgc?TSa?|16ZvQqesa3n^Vc*5-hOewGocnSEa?I1Y;{US
zSP+ZN^4_;M9t5A)))+#`WIjy8Krcc`1MJdrDVG-`7Xv9G<e!lLDSwnB7!W!Q_I7Nx
zd@O|nlCU)7C}F~jQ67<urPDB`IxG>mBb3Z)+nbQfKaV0ENXqDN9jo#WvcY5M;1pvn
zXhuBa5lf4G=@JHJ>j8Po73D&$Q$alr<?$~nWs#h<6m_(QQo^V_0<5#&9^_O?QDbJj
z!kvZZF1l+6Y?zPn-%?<YfMLtbm9iv{!JB)8vPsXz&KvCX7*&Lg_YWi=VJ=Vz+fkcl
z6BJ|XqmW2y>L!~ENH1Wsp7qg<_;_(gD5YJmD<yMD#@#8e`QtR?!0Ja-h_@icaMV64
z<wBPv)gr~IX<bq%T)g#F1-VJeuK&3IT-WCj?i()%#RcTj^)OO+;0BU>Gx7XC*HSvY
zia1ZMM#0tE<Vsx4)`Jh!{q^HjJe#ur^}m9@#`2$JUH<#1p>Zj@z#Tbc0(d%q-b?e?
z(rQ*mp*UINNCF(WBJ*zD>E4V`G9PwGIXzlUY@SVZdW;uHm4F+A1@KJ&slVKWy_9Xp
z73ks{H=8F+(LYoLbvk72rIyTJYIM9y4?w0W-dxEgVqVK1SEt;+VA<8dgr+ZHZmzzM
zxPO6vV;{&?;c(2~YCKwSM3LeOcal}hX2v8ZcU58JuF5=Iec6q|G2AG_;|dyOfhVV?
z_*l9A_YA+hp-C|%En^Uk_XnTh>&3Nwi2}><qY@;wknZGRqJLB_8#eDTp)UD=R>q2r
z1OZ#+ivPcqDFL+&8%F1VgkYnhM<5x!C~jt|&>nIN$Wyqy+NG%M)3mn0<5?Jl)D8Uc
zw73llvyAtvRDoWpz@YE#c-vTPX73(#a_h#kX<`^s3(-CKUZMzh9(p$*d={!KsI47Z
zh2IbjR}&3UTiR9HQCZ%ap<0QcEQIq8sma&dnMZM$9TW>T<3tKaA&s;yJK=$$pXI_z
ztI{Q}OL3EB=~Col(0}1M{(h1&G2u}#AlnWS(H~fbI&S&nN65uon4l{D^9r<=ETVJ6
z7{PVpGOyH^??eu6E>@R)dFrCQyC@1HDB?hyA(SIJ|L(`2S+*HV!L|ubKZOjYQ<E&b
z#qQ|J$2=&4v^8BiL4&LgX9~LMgvTiI14oSdR}jW^F`C(q@#sV66_+UsT``*`*_^Cp
z6Q(0pYnw&UAy|5}mRE^oc0cRtj<DXjgngnArIp9bZb*9zn-@ylH3SC(d0GYBgr%Tu
zihWkT3tHGzK$|InYMTw8#@er<EFkzv4jK_O38;IBsib<rNn!B8i^(MoeCSV#=uJxN
zVyWLvD+BN}WFixoR3<gQ_u~LeTFSY$sG>~=wStbNc|<P_`U#!zSYTnpgp-B9R#W<E
zABz~nRoQ@|ts(tQZ9lPl2;=2Fgz<HHfLCanD{fhp(K`*}a7rV~fSWQ9Tr}omhQhZL
z#3k(mi2i=OPtb@5ekL@_<jRJn0J;zD-PM)tpQr|Lhd0|->;S?DFlyF7iedq}#DTLp
z#4E^XnyHB63tG?~v{pL-sJsB9Q8;3F)99E7jS61Uc{dutML8sF^3M~7Mt}~g_d1f8
zbhP~y`+WoMs`5jj`kB%=9D$!n;U-Omi8+90&>LOIYy%hK)paW#y)%8!9~1H&XjanL
z+zR(uWLj!Lf1o?{xm*;!xbTj202QFXGAyLBBm?4-WW%T!rLYE!mY2~n_}jzE#yJW&
z!{BDh$wsj03~91)QU2O7QT~;l8^r%9vVgvQ_x|wI%RXg``&bhHZF_HLubTh)>C=b!
zZ};-_JxJaoiJ+yW0$;V^T)X+1Bmp`tfXW=HxDG)&Z`C#D&Vr=7N<w`5?&aax@w=1v
z&mXPn(6wWh5!Wp|x=YDETcZ(GvUC!clV1dn6Pit)cYgCk!hE=MEIw?0^z=pS&mFC~
z7AtmBPN=+I8OhOcWgN1yxckwB8JogDL`Jh*c*Y1U->Dy;;VLEbCtQ0HKT<Fb9vQS_
z63$4l@(jM_H29uIlHW@g%_1QL0&tR}3@$E#w2n@M(=g66i%+qeBuB@ZbI|@ho?{tw
z{=su#7cXh1-GO18@^G;h;$s`rV&)U~@<y}xxR}M$!;`-s9W+cNG=J-9ya{xrxqtkd
zp7O}Tr>8F2%h?Z;&yQ;pUkq!oAX9hqS}*|)R@lzR?_NTZqYCmsX?q8oAR?XS>p9O?
zZxGwssJEkU)ycNJ6O~H})XtwjcUm`K$)IU%xz67q1B;q~{?=1()7$j=3(&7Gc|bTc
zi~M$!0Y@TJ=P<aWX>bP!eWd4WQT}!-W3N+55?qRk<SBt!ma9f>GMAH7>?W{Rf^R>{
z*p6$m{}p!-RE{Hvz~s2(P$z&<a;6`JEY3=Iopc^B<+;5E7XoJ?HJ&djMfrM>490lQ
zk(5UagHQ;8wx;v*^CAMeD>-d&UXolm>2%0P<wabGs2zQn^lq}zRm6=MONS;dvn%%x
z08&iDmplJ&#s8g6Sd_3-cv-S26y%cppSye8)%d@=dwV+%{NH^%U2=je09G3cYNUgX
zF=t98b*4j+bs%wfg(9d(d>9GPYYg;fs_6)e--ur4Mh)oX;r8E7m;4Mt!UZ`+^`E3#
zy(f--tKBy+7I+XCRhvBSP*(`Xab(>#99aYsE2`I)HCj^aA{nS(+?Yb6wDKY2g4r!P
zPkNe?Y6Qbq+*elXh+pM5(@_Wk^SwL~wCe!Wl`piRyHi-j<?F)I-8uYcPNPm4TP<Md
zD~qK$M&bMb!<doIv%c5gaW^}}JFxsKy}#u{rW6w14`HUSD9d(+ETdkVFM?q{WXXkv
znr2;2F`0$a0eG;C!iY)U<oQ%?Xn(>61h5VZ;qX%e{@>MDV-VrfQRND(EMX?xqByJ~
z6)6<>2EC^3NS)-0WN9AzWN#b(45z2yE<!qPr+(V@o;YalB-HePnHl9=;x#;)Bm}Q0
z|IDy$D4)q5<e&r@GE9vEAs4JWJ$Mfqt#NWn!NprI+fa}-byN1`+f!Lq9+FawTKAlz
zQR%9F!7XB(ZFEWg|JnQ7=D2O7VHE!S@K@j-IhQ0~B1e)f*_m4Jb7^g7<Fk&VvYg#}
z%ayXAAx6U$hhzv+_N?r?&iC^#&o4QJZoCtm7fF$mtoXs!kU*o+02+-(zZl;HOhL%S
z$)L@1iS6o?Hrr%?<M^Ra6%l*CuQC8)9?HKTKxanJRv%%5qb3Ui@uf<{(|Nfja)yP*
z5T@3Fg^jL0-@<=7v(Oq|v4)h+kD_I&@~p;E(x+?nVTNjh!1fSZA$XDO__yLMpFuS(
z#Nfey56IxdVEsjgfn3oJZw-{O0^+Q4K0-G}LZZ%!ao(mYbXiD$QTIeLqXj)@X?!*Z
zaC&rAy2M~5ojTV9mg^R(Xx+r+WJN5Eh#IX_UhN*QC3O--bC9}&v6Q<gY8|lXIr&U}
zY0HKMrYXXd>rmTAN?e=rpLCWR1gv@%3$d*a#b+JlBXAO2xJtBz-r5t%Cs`b%399SY
z9kc$U?$RE*tKZ);y;GGuz^>J6+o9x5AB%U3CDI?m+jzH@)5JP%ZTA5$Y$8~kRy8w_
ze{_@~K>$7T<eiB=zAnk2nxWDIasJXGx!9%*9eU;VWIM13@Q#L0srojdSuUfI!|O>|
zpJi#viiG^cCH@HpHdm>F2fh}`1uhGlwms}SjQ<-x`iB3H;Qn4o7p@6{tbM%5*5df>
z+a8F9p8Ky{Z2cbDA;;hLc3^0Fu(0A+>dz|pDwMt+rq&{|kY08A+|k^*g=z9t=Ew@u
z;g09R>Ov_7s1L>slh+F}D0eCY3_;#nOKWO-<AFKh><q4^Wu~F^&Vo|08rZ)&7L@)O
zrMG}REY3cS_^&3kt8E+Wgf?&$*LC#{%Np@rbld_Mh(%iX)L5tNb?NJqnw+pkXYwbu
z`#xTPdG0YCI=kN!1b_xdhOj8<T45eU^G?(U5S9BxWGiHY_~1lvSXj}-QxNa%=nBiL
zd0`GTfKK>><)Hj91R7R1K0yyKXK{Q7-jlrJ^qi1aMb$zUn5{G$H)MeGNpnFd6IoRT
zB)O74E#nTnFWc)%cMfDV_%$ug8QB__#h5n1jl!x%I&Ze|noce!_6yl+<`w&KB4okA
zj8^Y4vB}Sw3Oi1&zJN3r6Z;s2hiL;#tsiANs0c5=_O6?Fbsl8}a$AFtRhfQ$7G(lv
zuEeDl6~8M+W$4yrQs&z|gZlLu6poZK#<zVC0wdFV!0vb#bXdxR4?E-m24);RBM<bc
zwo}tv=U7J{cO83v^I5;dGRCgo6jAR2^jHN$-y`9!&=ltnyRvafu-ma675wJh8cWyj
z9o+xj=>At;tkq@C7NrARn*VjzzyCcvIJm$6y^}}IYg(jai~VBsqi1xiv~Eq^vTf&U
z&<I49Lp7!`PzFd&WKWZSKaxhvIE~(xIg4zA<u!Dlu31GS!&ph13h3if5V=-ee<np%
zq^xMjW6%vNdk_H!n80E>AOgPeh!=<#Y0$MO(MBK;Be!Ok8T-gBBM|{gTAf4PP%}QI
z7qr4#a8SWexyxJYk?X$pB))&H{oEG+Kg)_VE6#)4z%u^-Xz!8B{~w7x;hz8B#q%5E
z|9`=0<ZJ`C$jYrfWo=u%NKEs$YyyGQB+p&Yy-2&{Si75l3n?nMoV}E>t3(+O&1FUH
zlj4nfXR&s<DM03L?1LKyZq0^5SAL1XS7v#*mO1PFE_Bo9M*LsL6<VAOd@=ujwEOt+
z6JP${-+gq?|L@|lSv9RHZn*Lb7~B)q+?q`8uJ+Xo8tlb>%UeOmlq3`;3yXI0Fp9dC
ziZlRO@zRPxbV+W-W+E6h?X}gJRlC!*voVbyDosWxZMVIZ1Pb&}#Eb9?g}U*5*B}Sc
zOn#(dXFKU#Lgqc4(GX8(L>8d&)Kqg&A;g_gH=9+u6*c69EDNLxdtP18dXC}OAnX9y
zD(gN=lSSYbOK00I4ICQ#0a$d&K!n$86S_OHomfx0Y#_#yxn@`mdLWR8DV@0iK5o*j
zu5hy=b6X%41v|7bZknmLB)r-ZGLCzQ@<3t>X_ZIM^sEg}IdCHi`W7udKxj0qNIp*B
z4&yE;<M^yZX=y)|*zm2$$0{6|#Uar&!K6laYts7MA`g*)zAD;Gld3Mq6aLIZJ`ES+
zbFNGAId=+qM+7e_ZirS6=(;Q$4O{#O0r$-M|NLw(d7SLVy92T{E@{sA*w{HMgWrzX
zM##3K534q1mx<u>7Ge;<NPHNI4;?g}dAablXyqe2OE8skEPY|0y??Ov{f{T_KD;{K
z{&{qD<<8*%<SzR-s?T|-WPnBN?XQGvr=7ka*KW05KD-7-L3|(svP(-`can0>x6a&L
zx{C3Uek<A`G62-Kp;AmEm>s*fg<XKZ+Xp{f?Yp|1jl2&8T_ogT-+wycH-eS%zDauS
zib)@&X3s2_w_q1+zC#{h2(-~NGdYXP?iw)HUl(lNOCs?d;aTR@OOY}*1dE3r<rk+a
z_}_=;SdRm$D+;JbFBHtKzQB3at*4UojmW#_$IF&OC!Uuzrk$u*779+i#4qY2<%H7e
z5P8kTC1%!=wbh+sZUnDD9qSf$3Z?An=k`|iCb1xPo3p1U0<^AY-N%}!vLw#ePSM`J
zVFtya|5nYLMf-pWV|H~#+Nxspl3rtRA51X#S?_!al=cBuT`4XIstOB*vTL0vYrSy%
zqCO};G+Qqqx1bBA8+y(>3zwT)@ejY=yzc&|EV!O-UvI^Ez;3kUJXqIXa~_}@EIJR;
zqE*)sK}~!)Z*_W?#isgorA=?e^~JglFTO<wVyC)WtuNBGAYS;}()!kUvG41O#OS<q
z<IdW2k4@mVvA2Tkps?YCXMlQM0*)SwrfxHybyKnin=mF;CPk&+J^wTu=v}u+uyZC?
z$KCd=)3xg!=#e0uBYc1&figjo*v)=@nk+v0I0k^usXS!;7ouFq60nDiy;gzY?u0D_
zdj?>k#o#T{`<f&T8-3m_J#TAzSmD?2qz~66xwP2t$8ja>*22r+<PCg4I(SfCvif74
zHH<?L1n`KsbnJ<hQ^E=!xIug52jnwEAs2GQQC-vdHrYxXgXhoMVm;4zv)%dK#X42-
zg*DDn@w)<&vgCtpGVpY517q#itE(G$x@4=)B298^3sYM&R*M;9(LOPK+O|clU4LK$
zW4-)j6VkSOF}y4acXi%NTG9H`(BxcJ=d+^9G6gGiJ){qYQDm{F67CDd768yzyr~(T
zJqv|%^G-CwPHiAxtmB%+qLF7$pFVxsDTzEQo@6<DHe}6s=#7CaFto~nvBg?KV;JTF
zv7#RltJ0zy6nA77->1OpJ)@lUIJFzol#WBY3#4~8I*#sM2S#KdM$~QJaGON{Rq-!h
zhD*9`Im&+dGFno&q37hwm;d2Yx_@xEtT1+J;2$hHdf4A|Upwggn`%&tyqZe5vx|0=
z&)v(*unKwwg^`d=!)lJH{IZ7Xy7#)v>v)H+s6Gw^?~134=FRlqgB3MzJ=!v*roqsR
z?zgHB4O9$C1eWV-4i>6A4pv?5>nJpAb;c54_sWi2R(5nc>945EC6|@`H)XvZ8eie!
zY}w3kQM~bmu;shEUITseyGO$8nBQa*Vi_)V{gapYFKbwxl+;eME6VbYL-iU?-96X~
z`FjOpASa`;#pkW}Zehrx>=itI^}=n!StB|TtS+LnzdCffsdbjlplQmOq?)(dl9T6B
z7xVL3-d=l7=66%hO9;QNy_p>&RG0G7SYEpiGPB;Ob71o{y*l%j!<ppuj8itOZ(Ug5
zF1o%>vqzt~u*GF8=tio-Ra8QYuru{ksnCvKs{oxC`treih#^JaDs1<r>b+HH0BNdT
zWVK6!8B4QvHX=W$1Wq@_@aqlLHE<3q8dpJ6r+RepTvqWqbnR*xS3wY~x!9TXlGng-
zoh$a0^%cv=xVHNfw&t~Sb*G;AU+1}z|BqI1-NgTAclXKR<BtE&{^7m<&s{v;5;dt9
zJU3457W7h;_+z>S@%D_%Lq|+>jvd=Q#l1#x2&TALRxJ@A9eviC_K?-8S|r!>v4@%6
zZ2d!mIGxX~j|(hY|GQ6o|Gy`X9^L2vx|8SX%Ae3q_CYaS;y8xD%9S{<JRlfm`H#LY
z{--=QTK@&=G%7eV_samw;y>)~?)mF~Z|}+d`oD|E+yCW=q87v!(QR2k7RrkAPAG>r
zcKttugz#Vm$6>Vt)7$qOmTBIwcI*odE64)4IN!}Hrh&W!kn+c?Lj9`B^yH4bl>ZY>
zR=<zuM*QCj54q?7xP<>7KHm5F|Ka1ky?g$D7thryp-g-B0gLa1>zTrqm4Ri?k&Mfl
zl{^`jv*G0)1fRui<XFS_YI{gHob0a=ha#|{^pG=6GqIP@++;jizNrMam4B6I00W4j
zM<$$pWUvG+1<UMVh8%tIV;4fS`XFy2mqgE4k$wt_9oE-uYXJ%#IuvwlYHn#G?C1vc
zTnlW)5d7C{{?`<RR-J53L&wt}<m!{+jPq{o&>t(dT$SlN3<PY=a_{BZZ43CA8%Zm$
zY?*3B?aQhY&GS*Re4N(0RP3RTbAh3+IBo&*8RgmdsI|fCSGOJfBiKHpHLD?-30}Ng
zc=(_00-q-DT!QOYchSBRSI)Zew_o1{9;Il}G77=pchNH3|NK<v)_j+5Zfnj%`1?z0
zwV>YIRtwXzDC>9GjPZuf>?=d>!>zXGN(izo$vbbU9o*61p_!h|?5x+f)mF_wfXWIx
zB8T<zF6JWU)_WVmr1R-U_()sQrm6NF`3%D=tRkvIT?25E<qfOfVh()=B!rz>4AH4<
z!GtW@Z&{kv5G!(BM7{dg*acntNBn(Fy8q|uBW`y7=T*Ey4ESaG-`#`m{m<e3{m-2|
zS62LA%Y4(#$zAbEG8VEWN@`O&D@w5QuHw~88Fy}*Y`NK@kB(nSr2tR9r(7Ho^K3jH
zUhbW-hVBiI!I>URQ>8oAwowe&!E{%SGTc=mh>3fnxboySj{Y*Ryc@!OlYMGf0p!{I
zIkL^x$@|T!OqJ;`P%UFvNJeWH&-=}mGpD9?Y+Uis*dH4BYfsnv=a!$_<o|s!;FsS2
z9Ul1c-=FN=+yC6j^Sj~yw;NObmbQUg*#&MMR{o~_F#+Gj7SR*({buU-n_uGI??S)E
zb5s7m*zyyfCH#N?@qwTJ>0o#NKL695Jikl+@76GPhHkw-g!#!TaqAVye}%C1Rh?aC
zIXh?R2(>y9AsYm<FptZcN!KLsW8q2UxhlnEQ(Nk9syE7^M8Bx&QtUn~)o;+@K>tk3
zkHtq?r$@)HOeHZFc*6?mHS#>C*-U>`ejeh5<CG^u&0sv%=cZ5E8P6(kY;0{}GRuk)
zQK4mL^wWqO9vnP65XY>xIO0EXCU5FC$T6!Sxn?tE##Ng%r6`F5SC?gDNXrT3<Ri=T
z1OSLr;fQR$6=08w`6gU{zRrsFlWO4IG~;p&5X!lrH)c~UQvs}Iq~%$0PL8VTsGgNI
zscAD6C`@TVPF@16{<hkx%Grz+4bA1D)Gqo%%Nr<;v<BNzt#wl~gQh~@!Zh8YtLFkv
zqAxBTT6)x+aFl@VvP~6<2wd2*obfqt*i221KepU)qy67<nwimlQDCY5@35o)+kJAM
z|LabkRa~_CTtS{I-X7j*Z|a0~(`{EF<cH1~k<b4Pj39WAs<dWDO;cxQZDYIL-Z)*A
z0@M>iT(vz?X(f!uEpN}v*J~yCvO96(9ARI3+TK66^xTO5D?^zjXTW9Wzuo;q|NM7&
zpa1u69*_U45$&<~)U01>hyD;ptgmX}-$VbbdePGSq@m*r*HJpFzN51&&lujgd!b%J
z)lH2qI`Z2*5W#H$sJV%q;n*&iU<Mux6ZxRB&r~aVGD;F{b&`}i;0JHY6aw-M$Trz3
z%7$#gNwZVBkma_wi4{Xmy$#}{J}$7?XuvqJ7lQfhSTc1|Q>^F->e|EJ+!pomy@K^W
z^tp}wpUUiX*FFDr@;~oC+26nS|GSgN(*G{f>Uwzy<ySw~vo9W~%cE;b2`eWKzJa`O
zD~25X0)tN6czbfgRVUV(*Vc7HuZ4oHtwxmF2)DMR16K64eQ%?>y3hZ7v*$MW|1uxI
zCH((j_wjCr{~zAxf4-Ba-~VrR9p}H<O+EkQ&hfRq|9%s$f3x49-`{Mx)1Su`mOB2;
z`n>*Dq0O)2EOrBT!`bi1*Knn|cl&OD>;?{awkO>J;(Pvgt910M_`c1$j&I*(ISabI
zi4Qk&r<r|CueRB*>(Dj(b-lS}cjfXlyLEr3PV-BAm6l<)zzb@%Y10!a(w0J8>mzAl
z{K^XziI-u@rS1KP4>DTYhYvqn_%vo87!e8SLzY@4YF6cR3>FU#Us(Z(>vhBr=ys#7
zh>iNXo$2~E|Hr#S{l`5wI{#g=y2-{guga9RP07bJXMtnjvirXSU;p=L_i*q2{_jp6
z+x~Njou(RMC+^o^n`|j2qo%`gnI4(xAkU8-BhDZ=c?$e{2+|+ovauU*RG!Q_dvBPU
zH5-?+87oZMU;EA4vbeG-kr#ka-AXTmE@nzj*B>wxw9~;p*(Tfz0jVzYoTYEO$yx#*
zZ&xf`hLcoS1`xt8>q~gy7H9Mm*e=>Zu+6)>=<_Tqx)|tp*Tw)P73tLCT07CI;zMcj
zglqi;WwWw4VK?_NS+Ub?mD0w^U1PtwhBp59EGk`N|4*hYpJnGoS+mvJShD}`9_;!4
zACDd%9^CK$ckyhHW7;&VE;wmQf}=`4PFX?D+AIf?>WYpp=sDv_Bu&qGTY()1;Zv69
zM4T;9NtPAoJ8(*EvP%Y$iLCduNTUr>Fq!{$tE$-~`@~XQvj1y4A&^P8ETE=9iBzm6
zc~-C_N?x3NIBCk7MH}RKIh&OQ`TO$|l4doJlJl$?!oP@ql$`y$9>Txs#q@kA{!u^q
zWid2>&gl4}t;i(H8IK+&{9_e8OwQ;<^e|~=RrK)xL>uJqw9d+wlUFZZ@+grW3sI7#
zj1I9}UH<F$$N{dg{@=bldhx@{WR|Yl#*+1a`1r}bxBmAJ_wVCB+{qJdkYhd2<V~3}
z@=}R(k@ZE5KADs?nbJD_NNWbih96I)N(l>bmXfnMdHCkl|0Wl#E?CZY$j3Ts8di|3
zAb%}!!B=^Eehw~WSeuN6gf(u;nkP{Nd<G^WIV;PCH#My|p*F7X9b|vrl8IW+vu4_!
z!Nro9!9y{FKd3%zlN4kQ&Kgn{gp&7v)0ZC_j&mQft@JI@v!<Cc^8S04&#*Wj4ToY=
zO!#zLu}d<e1wChV5=9#u<gctDZ%ty%SH+}^{`9}%m^AEDlV?Q}rx^!oV3xfyFVE*B
zj{h8;o}P}&f|ogqL=&WDRY_=?5^H^m13(K|!4x*3kBKBrRsymyu5$}2ib0~qDEe^1
z7<sS1b^19>%Q1%^@XrTPXt)itLo_HRMp}+r@FN2E<quwer9YwQ;>HGfRq%%9Ie9K{
ziaMRn<mdNqU%q~Mbn^1Uo1-6I{v0GhFW<8Jg)RXt=H~i&YeW6cit}x9#`5xG^1-2j
zL|`cyWVt1j5Iz2>$QJjxEyBIVe!v2$*{r-|oQOhVN}6dbny$)%6%8kp^KzWgMs2m=
zmj+7<aAP@C0LLkoGs;=wbY0`IwDY>;D&4QnYYO5;U-zK^yU~!7IF=Z7Cba~=yiZte
zd5<>8qvVs2p&lonqUfZdbt8H=smmF;lvm-8lig%@2S|M?5Y=4uR1QeSZ3bfvr#a-O
zQu$yocW-V1|8ZH2S=I1idCBU_jC~x+fbFrE0da}${=+c{KrsRwZYSj3l+|n^M8J93
zk}17pqDMGI04KvZ&rCT<qr@3Rfz`OlRb^8#&cz|{S?@A+MnBF-@8Diz^}m`R!W<B<
zN%^rL<CZt&jJ$U(4-9#O8%kVOtfoy_2j89L<=JpXvtszdo+v|FWyvhva4*QWNm-Nk
zCgSn0*|LepyS+mySnPxqyscrJ715h1%W86}E|gEnBx8BX2_28iTCCZ8E{cQ8Df=kr
zV}gs|J2Bt)aV0zwE8+PR(u;_~81gME&POm)AdR_~I#4>`!eBM!f^v}xlb33rT})tJ
zmlee$#)y1h^5$LnT&b-P?8b(4TmyC=MZgoD!z9T5t=1keCGr=X<8pJ#it`?Jkrho{
z4q@ef0M@ZFHt^zR%5blZam^^6BsQCbyekQ33|P3{mBhwaR%k5<EIVZl&2p9!<N^)f
zA(t7?8pF#sIeCAHS`R_5pSO~s^>ceiOtQKyL<P=>v;Qfs#z$Q)%%|l?Oo7X<v);sv
z@RGSj(Lc+UjA<dqkDT^_IMtQ{U@FhXfGqOIQxEECLjE!*oHdR9+HqsViE=9VuNE#p
zX1QQdRbI{sC87%6M_Z2Ds%<$lTppw_Orm$C_9tXwr7+HS;0-I9Y)l);accHU3yF2M
zE;C9fIdx5CPhp#3pXjX0*)|S7C8t)fms4qe!BWE8@sv<*t&-~p$q7Zr=^2-}W;9j7
z%OFjb6~2rN1_UoH?Z9QqCI|&_1F5fx0fNA=X4;4QoHaPDV99zjKoN}x`RAE9=l*->
z)fqN5W5XF0L>Q|2Lxp%uwF@Zj{xiW0a4GWS_juS3JpJeY`hx90SDNqo2RzLTfibQU
z^u>CX>HnT|@_+3g?A`l+-^t_Ip^s@p^YUC73W%d(mZq#2k%3^IgJ2O@RhNqIZ2tKf
z*-Q2hlihfi{E6%(kM_i$o589jACWvO+E3P3IVHvCF{_(wk_p}|--gRsH+l%$n$IzY
za|l<IC!Sa)Czgw$YWY+!2;aGZR+ag=o9rczV_9WCN*N#5S%ref32QiMD?;VoBKB-j
zPGAE$ZuwN~OLC(T#|dgKK}0E4LZF;yV!Ka3oc_B-VnyN2NTMEEtr2?U(W=VD7L=7m
zq=#uY*-!SOwb#ETRIEJ57O(%kgT2ST|IhxDNB90eck*nI7t#t?N_i8A7vru2t@+P5
zq2!-OKfI17Wj&)!!&1<jivlm$IHxrum$c4=yag8uXN**obC!~<Xi5};wEc)UGU(>P
z=|hQKLfAShrLMxP6OeXcMUan_lXF&xV~@Z=oI0E%26<7AFIX**i#EvO6P1x>)yl(j
z6k{|!V^0nb4<GLxe*5j-{<q)m?~cb4N-2G`OP?N$51&lf)4ic-Yvc7^{Ce*oip(Jc
z*Ik4bSdzy!IYY6g;yQ(~mQqzrB0`XJNeaDX=NWJ6`G^b#eoP>*ZnQy;NS<-vCMRrm
z$!bAa-qch`)4Zv{aBnMRldM2}ZGb{QfLt`oij)sI0NI97uvh>orFk<?qK#;Sd?$og
zI-ZgXHYZs@EUu*tp?O#S9#7f$Ld+I%5Xz8Cj@!Bx<7}(6P+HyOTAu=!ON>Vwgcftf
zU%B63IJsPADN70E0y9oZI0%s$tq|`Y3(>ZiHWY!Pk|wp621@3lb2b6sXspPPvI2W_
z#-uXUQn`tvGStK-UrorY&6}*snd%3GZej%-1X#^dvX!=QFc;u+T2%r;**y$`w7nzy
zf%R3}!0=(sk+M!%jV-<@A(+VqiA8^F8PJ^)IOwTGxkJ7eKXGa0xf@{08cx9qF87lC
z-DI~1qS9W*aazygx-E8OM69}I<Hmu-01ZL%zNclIrvmfwwB)RCwmUs>M&$j^(3Tn6
z5g7;xV}EZDZHV&%nrFb@%FvagPxjvK{=vTdAU9Q2j>yTce|FZB`H&S5f0><JWI`0k
zCi8BYmNWNI_q=AQI0e$2>lLac7S%mi*1%_(QQnefN<k}l29r~6(qd+02}=lT#_4vX
zOOMDv|E*zxFTKT9VZO-w8h~CfmP%HQcFbwyP;URpqi=0~#ylS#gd$Pn8n$N17BGEW
zj<^FNq|LEem`Sn>ZRu&Arii*|#zX3iicLqZbCvRk@QRHA_KA$7b8}T2oE?M8Hr-j#
z;9us7o9t+dci^U&w;=f-eHK*TERLePQbH6roaDYAh4P}1)D8|9Qt!N`XIu`owAA5h
zJVp`5mt)!mM$f>OBdx2lY9VTnMf6Q>(t;CIE+-n2#pqdGmo+I{xOS_-WDTYy@*eT0
zWjn1zU*&(6al%<cXkHfQJOedl#*zQ-Kw~^B#*AcuE&EhKNI^s&O3E%OW`h$#P980j
zKgUL;JTBTBk{4Qpw_StC)t4yJoFp`V_3HaL&Bjx=9VNvGs#GO!%on{j%Sh$={`S$~
zw*c|ggtP)FxrIvQmCWRUJ^AVFYuKoa;G~9@$cs%S)Wug<np=GNf(nu3>Pj%CiqkRs
z@+IMyV`VFz<mH&=qpK?{ClCWus10(WnfI(r;jpIna7j$Dtsw)$(~y|WZ6n8!>8sU`
zQ&uwz@tX05@8GQem~lpOMlWH2i#E?A+j9gYBA|~LGC_*EWjl_%C}=e)>yNZfL0Zs?
zIL)Z0VjNx_i|Tv(Pm<kaH`zn5vU*vF{ScxJDhwqINqn2t304Eth+s!}EyyQYu;XYt
zA|ebMDh`3y%Xx5_QS$w}cgH7@-lqtJJ$zBhU0L=}Ad}S$3ki%6mW|l|KO`(JhNinH
zwg-kQMzlc68e2k`ld>K&K=VX;XxYG*jf)H?K=m4x5hbMlGiATD;(H~eQ4SW#z&e2)
zkV#I@Wjm7HOVCXT7d<Ewx^SEFf)z$AJe!MI)s$pLFPKr|rix1{B1Efh?}$!dc#S?-
zyb>*1!;B+mZ5za^@B?e6WojZ{zGXD!vNJG^l|V0!B0~DpT5Mefj&YN=KxKNy#geSq
z7(~^qP^(YbSg6g8&?*Cx&*)st1iW~L8k9`hMr<-tDDQDxi+V&W_1Y_c3|Z|4!%JEZ
z>$VtTL|E?Kb-M9KhCqnHa_S&3fxMQ&z9xPAe0D(!U8_4iiQ;;O0F^}p#B88nkFDu#
zc^X|XaT0Y%E*`wLqWO9ZKpDTBoV+F~!3iD<an1FM-I9Aj5~;GD3l;!;95<7K2^L7}
zIeGW`gp8TAc@U>laooh!t(M@J7GmrsWm}+sm?-}utL640+7VL|hzzS4ECz|#80GBn
zMHg7mi3Ee92poTSRTdyj39RI$71vFoqo-{1g3X=ZWBS}LvY~VVKguh^uHMB9MU044
znK)Fly5Wi1#BoXyY86IfEsOIuB?Qbxbqi2Ht_#&q%~mBl7UPjbY7)b?lEN^+ehPAB
zHX)}j(c~OG)nZ?f`bA`WP(-zf?YQ(nQB9u*)&BX9DU(r=^;}e<VSAQmeCkVUvE0(f
zmW<XJav>N6RWbxF<W%EF+NIy8t?Y?+tdUy{ITMppeZw{*i*d;*tYvixi-ucMa-!KU
zy%nKFql>4U938)sO@W=R7Rx6jIC3yz?w3V7CkTmBbS4(UZ{eCzoctr4KX^Asa)>A3
z=10O|-XPXGKye*z*D*Ran6tojuk5v@c^AA{lsd6xd_tNsXSKW{5r_~%CzGtmnz?Ec
zbeA$@wKnq8*9k`Awg#-B=bbwQ^IhJ^kI4IhS9t)07?;&t@B#j6am%wzoVZvT=h<0J
z>v??E^7$FuEJzgKdS)-u2Nrdl$cjdcj5u{pI{IKO*=O9EHCCW?J%i}DE;%>!SI5Hc
zT$Mn;U0Y1luq|6zn*rkjHM`N{G8N279tN9M##_RzfRb@uwy9bZf_vBOqd=^x*(Cr!
zF4Op38GkSK52+KDg4$WzkfLl<iQ_WGj(lH!WS6YoQ74{O9BK2pkl#JTJWY<&w1^jI
zCkjF+wa%J&riF7JO)qIN77P_8wp@B}B(LomZLMX>9bll06HL3D*q2R-IyF&%CE;*+
zvSt+I7NvN%`ep!ca#FOjGgiYiVQ|j`y4~U&HN6ZWi(MWX1K~*Qe>@W#zF<MEHU+d4
z!vR~PIy;{>f#yUn%r#q3AuiVk6d#e@D1!6bl4E-_t;_a&Dv$5pW*|@BW}0Y@jaDw|
z?EZB3>25^GO3X_Z3$QO(JSv3%CE|dXt7Ec#!?+>`TZ3h(-t=%R^*O|_;M?HmKZv2k
zAM{!G{?|Bvf0(koVl_{iYROgblKbDshx?uUKYP3P_8)ihY>>CoumW5e<pE%TH;*5r
zH1MI8caH-IwCBYPb7M;c?<{q-s?LgLLI&UP;ow>TRIoq$?`VVkBP-JKBPS>5nkG6k
zd>E;>TEi$<HceBbG==+6u?c|@3d$%ukthOQ0P?lPKLryOdwO1q)A(4aKKXdc(l%Gu
z5hZ6f#OUErplK5rzM|2a1s&-d%fq#8CL@k|p!pxky5a?!OxU;?k-?ktL?R$wE3L$c
z3|{`y(tO}js|O9G*>=VlZyTSNvr5S4gFo#hdynJY0dYeG{LS3fC4bEtb*(4hoUw*_
zvBiwdj}CPuN-iuE9`(QCEv4HfT2=Y{Z-M(m)3FEo+M0}>5eQeQKEb`JDImVvxiNg0
z{j|~`66@yuK|kGWq5+N{MB6h~pTia5$2x16jktj?4L268kY0c)IHv`;LuZ?~+9Je?
zi4dC*aE2*#?l)yIEV!(cGck0fx6(c3jjCmr4$TlBb2JA=uLl(-O%#+?VCdIxw?e*r
zv9DLHfI8-i_A~jVEgLAR&K4tLCi5y7sf&z(H&|P>QkM+gsbn4U6(=kM^@SCxN#4uY
zp<z*2HBq-frfkd&BsjI;!P3e9rqvm$V7Hm=?a*e>sfcAP#y{vUtHw`_yj4$LUVX!p
zZ+OBl$D?o30ogJ^0$f@qGA_WjSHz#XSfB~@&WkSVaUQ%U?44mqbwtA7`m}uf4UaYH
z%|Lf27&v<2=RtS=ZLd7-5h*v;E-0YitcYhU>&8;y9;5d6F0s$8ReSN2$F!>aTsGlR
zkojxE1s#Tv_;H2NMfTHt;p$ysu<<-}C)7fe)*+U&Y;Hs=FM?}$`*7_)dWiQ8kAYn{
z9QiKD=V52lF-*h$KHY?tD<P+?K&;IJ8S2~Du!r>VNZ4-@Lz4$B#~WN*<_W8IbrsGU
z>(aNsqJKSXAarkb`k@5M+Q|3omU|&CtY!5w$TIt=yNuB$#3Fh(oZ{#i+C8Zf#`wwV
zM&BeL-5t5IeV~XVUkFhkfe1TtI+&T$4YMvK<4{u%Zo91qI^3e9jF!_^rkjn{f>4ew
zg57op6mEhCWFSK;4pypVM|2#JEkJBw#dREPuLQ;l`8Xg06TWgaB&=YNgVl-ArR+08
zt4fSc;9IxZ{?QcEzh^v`j+T<f!=1JvuQOs!y_<}g11LOdxF4(rVU3Y<2y?x$vzzXY
zUN#|CHl;3@096t)=oA}}tw7yibN;pxhZ;b8$pM}W_`u&h6)3%_SueMyl>d#*fgOSM
zWoTr#&LzWAB?cc<lX7Zc!`sfOCCKs+g362017^D?vqcbX9j|#2=60b$ckdhoH{WHQ
zF+f#+R)ietpS|kcjX7lZ<VVR~xX*ZH2RCXcV4QTTy+I40Rr`ab2mNx%jZt&GhCQ_0
zndlT<G#mYbgJxc>IV>((DyiIx%~@tldg>xe?xo}4g3WJ&q19w^!RBP3jH7M~sDihg
z2f5@>{lASN2($lidw=LLSi-=qKV@Lat|<K#G8tX}{?9W^;ow&vbPQeM|9$Y}z`y@{
z@?`fu{@a~AFdwyUV!_=>vOwEQP(QlBdBcnSeB;;@E35oWqBkd|Y@c4S6YN!nxmbAR
zS@Fv5s2dPtvx2a)n?Jke9^!qfOkFD(Xc-D&&<il8eZSdq=G26%5A^q0L+k0w0(Q2)
zu!iRv>JsRAQ5MR|<)^o=A@s*k+JX(N&b=R;vu5yf-{k>L57!1z>CxPTx65mUm~b4&
zH<*rp$%-^9&cEucEOREqE33J-pcjz}wQR4cwQ=SxMh(N+7tHfWdeX};q(px__Rxh*
zX!zDjJGm-a>mqg2Ar+nKSq`f$z8;E*vx1BR5p<q#FLTzW*#a%+S0Q5{v*yBXCu>d&
zkBh9cFW3Wwo5JvN?~FB64c2j)p2!^mW0C*9X0Xa+P}SLGma}u){L-?9)uxu>-K*p0
zZlU8>FU*U&Espq4oXJFNVlN(%&9~z1Q8C~2qabv?-*CHA4h`Pu$~Ko&_IxrVtLu0s
zT&-69v)cH)oNiZ6+Pb!?a!?x5T*@CdU4CeJ1GL%1w_u}dqHE2vVnlYeE6<F68j-_;
zgGUDuArp>!%q@Yd8BKpI@;L<b%W{S$UuN7d%e<YLyc3(~;dE=`DaRrvo1oKtk=2{(
z1x!KOOvMX|SrERLuauiLZKlT%x*SH&+(y1(EY&`jrR;<8M^a%RPEKB<BNF<~NGHYb
z-@Q8ySVjc#R@9RVY1xtUYGH<g+dKdD#{^my|7Um4&;NS(<lylB{C5}6*E#>GEFe9#
zj7hr<K&A^Z-uSl0%g-fZ&H7v1L<6_}w=cjDqL-G6hd3ewX)5I83tE|Uw)aC|%dskH
zAC7ghqORXnnUGY`Q-X9dir#>bIxmePmNFp>5KQ@UnN&8GcUSLuQ`cH89gpXeVf80y
zfZORy5AHVD#ph$Eq|T=Pv?D@*qlfJ+(u1pGv%D(0wi)$8Z0&+ekPQiz;z<iG^ZBS#
z?{`_vn}1}@^n0u#3%UoGH|w8XJ2NYsX5US=7|OSgB8cWt>wxQ!Mf>k|Acve0HAY_7
zd%XY>;P{<!0~m?%Cn8_IjCzYT)Ji~WJcyi}Q)qMI*H=;4oy4OtCgrlMacw|emQGsR
zX-{Jk$CF>u;@N|(?|(db_u<v?w(|`PRpPeJpFP+*e*5G9{^y6E-oD;;;0I>ARC~E>
z*Z`HEW16P5fcxXyciW3l7Ii=(jm4JmtSfq|_U#}fO{qgY+it#RObNFEr(fED>)Id$
z(4%Ug*LJ8AAN`iII9DGR^>v{hBtXxF<-?cUHeRYk%rCMkzJxN@MsJy##%>r?F0nXK
zJiA7ui)*9kohLLlIevOJWX*WUc@84JjFfEtOezSb>ejnp^Ci{d3l^?ArYkfWk7+E5
zIS_jK?Y&~frM=XV3(9qF@elB#_^vKzc908#@uhSoJMTS4Dd7!mTArXf<3?NoaTBb-
zM{Gnwj1;W>7x!KRReY-pd67jh8j0Ef)t!Yn8nRD~O&3ttyeSKDtamnJ{SkCIWN&wO
z*Qe7ho#~-laPo#U0lYi%itmbwahlZ@ikLtE#xyV+ud&?fZgNZ4=ePepL)SE-)!y#H
zvA%6W3i<YVuNW~dt2xk+->L-R1~ynON_gd$$rLf+Q=0*etskGQnZU-=k_=85ts!}x
z73~Ff)M^g;92xgSI(6f;8+4!uB8|v{tLHD@zWeaqtJj#x=1aFAIQ>1i`rFHYE-Z%p
z5+ELRU|OZkx04@#di(t4vj<y~tVre52Aqc^1}mBgfdJTK(8ZE`CR}itSR5OsjHV<m
z$lkWqj>dPLX1q==Z^iEGTK(zJsIM)nv4-)6#Q$~%4IBMJ{_DTwIDCg0Ihv9H8d|3}
zfFhr=hU^7Fdi3gtc){i?0ql}y0hTm~XJ?W<FDr=jpi5&cm<N7K0<iV+-O<~>zI<oT
z*>M%9)Tu!}fA02hJe`#(dHneC!t%YSEAmOqJ+cGh`dt`rzlvXe8P@&9`{_+P6z_~K
z()?&C)w>k~wU$zTl^Q`2%UyRtvBOuMn<!mKfU?HJi5(A7=Y%OQS-o6u{+$36kcS)w
zv^sKTQr!?Y8P_X>n$NOU$L{&jZBkE18Ve%n&5ACPYn>vzLAf5xz!9TM(QASZoj+C<
zh4Ef1AfVmCjiN&3*6tPe_JfMHb>-?9x8z0QwO_!y*jm=Yx{|wdtGGJi>PpZa-U^!f
zI@f<I5JX*T%J4sg^rS3bd^LFg{0BU@aQ}-8ve)`|sr~Px$B!TT_P>w!9^K#n-o<mh
z`(Jwx!zg5MnqTB~dKc!u9Vhl>cZjZ^{O{lRH{iwpwTxbGeJp-;lh+Q$w_))bAj5CK
z;5C5NZCeX28P4C5@#NR1#>%FX_RH(oPHLk)c{W*YLwPG^g+^6yD`tf~;BI18*b#{T
zLuBLIlK&QE1Y9QnJ$d5i|2sUmm;dhO`6}|CGXLvX^xYoIz6DFYB|Mw-80uk|C(Y8=
zwwmj2_7;rh`hmMPb0k`#;#zRm8@}niWfM3#0hSuT1<KvE`5U6J)cCDiYzd-kSgr-7
z(BG@!ntL06lUrvb%Mz<KyU_YJYn6`lbu){#;GA0DzQC`yf_1^N!^iK6X=_2dtkt<r
z&aTRuR~Wjz-^9*}wdq*c$q0XeVrsvr%cdNc`G~xGj;2BwE9h7?*jJSYIp@mV?pOKV
zg8V1>kc1Er1eeKwdrv(7k4L+Yp6uPre|PcR%>Tm;L)Uc!>4d2Zii2kECF8PYC0O_l
zeLkZCO0K|emV{&c71&Ns#K>O$V{&(rtE=VktRRm8IrLxU8Hki4lPLvQT>8!gB9qL{
zE)aLcSDQ2^UBOi=AcHE%9>U$a+lW#fJ<vHyN6*M$K)iTmV)DG=WRMk?G|#Mfppv%R
zWZfExYEXuH3Cwg|WPuxm7f(s=F<UC`>2q*l*15HN+j#a3B)9429g{6Q6Jq&*Y&GTo
z#ml0<H`^BV?67^hFV6%FM~>*B$dceUw<AXUCfu}o1qqdacNIBe1ylVz;|+5%MXq3<
zzp|KNBhZyIRF;GVK~6P&wyo*1vhZ>LeD&x0@*nU>+OSwAdXL9-8rA|Xk^lB~4}JgN
zCyyW9$A7w$XG3mM=MCA)SwXh)vb<<3GFWsyI3NS-UTq+@kHKJjo9u#&xB;if2are8
z$*+MQAm}N69P~+kLs#Y-pbFmtA`jV4HjSg>S8{jZR>^EaWVAxr=vGsnG>~^(2EX1Q
z|342er-;}@EqE$MTj-Yzk^EtYJYb(Pjv<>ROb4Sa_KPk8U2`xoyM<1d`TXq*Opyr5
z8;kRV979ZWA{QSyHc4rJR7q)}(ixkSwJzsoSxaE(miFx{g{HfI?%=rv{$KG*?E%-~
z|GS5~UH*S~fB$nQ&#%G%*SXi<un%Cp{5<)dax!r5{fC_!e+)kh5GORt$>80TNy%5I
z082~8p|L5w#N6;5Fy!d?mDZwaMypa(AD<k{jK?}xrDU;HU5*(`1$Q2}jB~-?Uwi!5
zUH{3H<+JR(C~LNI8_U-J!6QHZ=l+x3gZuS=7taPcrcJ|Y%xs4Pi%NyFHp?L^YemNw
z^qlb|l9_usCfVbJPg$N5vA$8SlNIMXq-Hs7vP%X=($;%gq|pW`*g2-u-Krpn5=+rG
z`hRUFm{+<ipr$~HR16aHu_Q`foP0QG%9=$R<T<2GA%A~<Lei|}QF5L&L--fbkCL;0
z*F*SMy_lX4#XssNzbu9Z&>0;Ijt2(W(Zhs)tfGg>8NG-eCe2LzUDnxo^zi>g8|3e_
z&dQdPS1(@jD5>i5Uu@h&NtQA?#Nu`NuPC|X<1%H#ufDifc-CG2Z(kn0_~B(TOV?;)
z@%rCC+<Ua|um9ag_xt~yJR6<l-cfX<a)PS;jdIN9uU@}b$&i2E0vCnRaCn|I)AkIG
zZz_kdDzuHcuQ_WtX)8A`HRPk#sg==`gchltq*|2eBwsEILY)-hxV<M)^a>?WPTu<+
zTZpWj^i9p!@O&Cqg5eDn=NtN<wn1H2Gup5&ZqVB?Ewnetlw~y-=xuUR$durslXx!;
zc}bgThYkrjBJTsox?nf(^gOI|@mM7R-S+NJ$n&=(<AmnCRC-U7oLp-l?Z6;HNK(p2
z@JVEJJQbs2@{MzyEL&&5PNL{1aZ)9;z{6)TW>`tfO|X?@4ONN2Mcql6=jBICk<JRi
zZuuyR$v?}M6f7981W=+XWw)4UQ^?9HguF8*2LY0emu<tdlquA~F=vY<=ZW!?J7vu{
zJ=L%?G0mp5PFcZHHOaOY;{#I@U;{Sd&@ND6pQ;j;kwIc_|4Fi&>?V61EH2tJhWF7L
zmnE$#`eU+_mMiC74ydqHY?W->zy?cBl~2>@3ZxAu;)lLTMFnw=3FI=PgevP4B14wQ
zE>^4t4Tj95JEIqv(UNh{cAu(X(WgtgD^^U|HkQK`dd_mPl_e~ZY2C?bH~7oxb`-s{
zCazeBlJC?^uIbdUJgS-AL@Zl5b>3SGO{Rcv=EH?tabb;ZB4vpriZ(XLPbMRNY1995
zFWEo%?<hKHXx)g<S<(5tL*5^kDN#onaxC2o3{q}nnY0}9;kYcutZMjB*?SGEGL6-b
zSRTB#@z8X}SV3wwD=%4!Q$&!&!sF=pRT4!<oKSI$YV&4?JbWk*N$sMpJ$wjBNP+B=
zn(?VtZ)G08M@r}wxkFmcYSfUiPZb+CIBP0aPs)0RJSc{oN)iK~7Xb@C?LDfVf_hNQ
zP*B&MiX&?#4v`$mQPu2HNQU`b7i{X5ohH%$`+xsG(Vxk~hi}S;jUGOX{!Csuhew%v
zR>;S54F<!@;3E4-IiZ}F;|yjd?iIyc97K(+Phe!Sf=uY8Ag9=41w+Ug!44w$(W3q)
zk&pF+%*$3&Z(g>wK2(QhsX7${I%2%x;EcTCR2(7|s8h1VE?FTcDjJy4qNRC0C*z#a
zLI@1HliOk*WeukB&Y3#Ee=mSZGU7xztIG>kKwutbN9s`c@^(B$;!fHcvgiT~+%kbT
zK@);)!)CoD5iaC(Jl*lSutQigPPP+4DNQRWK5=r+8p4})e4+IQfY}bI5a)4OaL7hJ
zWt!WFWr^OSAA!3mVgOvH$1-4)*l(+{5YrD>!=ky|l&E#yL8{0Fkmqvl1f~~8h(wl{
zHDc0FX+ANlU&&v1K+Hhs(f5Z6CEVk+@>#P8o$Cxrh<V~Ov7=P(8aLr$Q~?=oD;eR8
z3C59XB~R~22*hS$I;X6mS?&ytzO^-Dt_Me7JL|;p#ud0=A4#~EC<0eiK6eY8G_*)*
zopRhJp39bD&f>0S#3vA|IHp8|5mJT4z6dGFSR+`b+|hgqSN207g7T{xOw2Y82v`Z&
zH^eV>TM>OG$EpGHnY>_pTxZ~LPCk>DpXjX08TlN2Cb4*k{6BVoL4i{(ah#IR1h#FR
z>s86DXAA-ypmfVp@>z;cAjt_B)+M)sf@!h~BL<?(j<%=Vk$449`bhCIUJ4;7%ACrS
z)PIt(#Qr?`lhx9njU*#5+JE%q+f(dPC+E3BN`C-NjNJIl0{u)*2ZK{d>K|p+p@pP=
zA%|==QipA|P63Ws{9>)%!g*wPmX~M485Qhe_@W%Q;8-Lu9?~jHX6c4&PZ&DCEIh7Q
za=02^DX!Y*6$)$FFg39;nX?Ny633%d_gkWXU}VmwrX*s3sxswfO>5ypT5v!ZBB+J(
zKh7<8N}}Ba&Rh^0dd5SVfQb<~!gXCvj3Jp676ca;r=B!LqCm_6mw;Nf1xfa$iU`6h
zHeM#V>Os8Lz$#o}MZCX4>ljIjFF(88)|N$Tb!h7nHTZ&YgN#>JEg1V)UESp5r6x=X
zUYrTC53|>?x)#Dw3yh#<MatmDS6*;|bUh)bJ*HKsaCl`6p?O)H!+{QVHV~|KgtRqg
zLO{&8C6D49go-$w<SvBtmxHC10MF%2MMa2cYiMguK9kd{FOp^*<m@%;C{i391xU-{
zEI+0dYzyVYoI%aRvKEr`LzF$U*N;1Q?Er-W8^d%zPFc;Ym55_ewP$(8r@k&F7IQM2
zWMef;5+Pb)v%vJ*yvf97V$?#Cid?L_qD+;DBfnd!0T7r41Ie>7j5eyYKa<mMA02+{
z_d~`)6n)V)v5t(RN@!uHoah}wn_1dXS@b^k<%{&718)F3*EwzmU%n*#a;(z5CJ;ci
z>z^P^#RsQ`7o8fcB^{B+3<h5B?3k^hhbK%hNHWRkxfoiUA~;$mQn;9}HAAg}WW8J}
z8E{>m%6$>U%~P%G5Dln9l!Jv6q)?Q4S)d5h31TF8wXNrneETvJJWqv?;)?A8qm;dX
zy?$Z)ex`DP$af{kz;}wrqA;=or&kko&=kvVr?aA@a<Z$3f$8C?VdTzfv@ceis7Y7>
zB-yFeV#{$|`wc>@T0<A5^-($_ma68Z9*8SW=xP)elWU!Pv8#};<=u{0SsyXr5K9Sl
zg=?1Lt=Dz13nZC6mFFp`XXCdtZW$L-cv_~CiPvn5O0T(^!b-+ddpn#1W^^t@3roL1
z$)s&sIOOAT=jLM+q5?<&c&wx<uo4V_+M22|y{&l-4DuSmn0=mloy5PlF){xbvm%&)
z`0J79#yx1}6*K6E(FVy7!k3m4Potip(nZ$Ld=iuraxW6o7AMvkGjU<6+?DXXU~{6v
z;KE!s8ua;kTbk(1wR*ko@>`zD*PUp#rpzJ%SQurfJh?q8X!9hL7Z%RDz}?0QD@55b
zot(VZ-rZz8W#fw_(_Dt3!{ev9L6Q=^5qHM45DWpVUL{|FJu$O(O^cC(wu_uP(WV8^
zObDH2l`$dJ=X0qs8#B&nJ(tn*Ac&<nhZp3f40)%(!s+mAZVRu8R!{-s0;o_-ob!65
zP<hG=NzHDIQLR}LU6lfi8_iS*?n;556@AqGRgjdyM*DEoK~29RiYD4<FD2=3f|hOo
zO@XWzQWNuQRFp$Y>OiXf+LfviW;U#tgq+~9G-Z>l5Hh<d9Fl5kMpL{ihee?7He{4Y
zEofWE_8SmFl<#8%Vr9$Lk|4#rWCwy+|ClnkaIx5u(t@n41L$E>p&Y=#t@JCOk`jAQ
zPbT>?IRm?WHGYzX06&u~PHUhf7#eO!nKl@wuFy3*>?2R{@)RxMl$C6z)iz!re=#;|
zBp;zQLuZE1<n;Z|9`U+)!)z^*g+B0ZOAobmj&}goloF-eB4u?BS{hq%bX=yM;vQ)M
zLgx%@%z$m%O>FlKcpz<=)}^<zGX__mpq~{OSvXHA-yxZvd0?Z68;o78qxEtjtgxuM
zRJ9q*Zhv=FdNI`<oo);w5=!k|j$BZmfaFXq$`r0aaSQG5!zM@C)NOI&u5>h!`sPsT
zlk`<0$+KA|%`O~~&YEI|{e?i=v0M<k_*-^Ye1xTq=sL<j)KYffSrJzN9I%_Y9R>#Q
zQ&8;1;{-YK*9#hzpz_Dkpviky+w#lRof>_fb6chChs<$oMd)}>QGPV0La;%pb*Gt+
z(n&qteY)$Qa=o!c1j9qw4a(CukOmO4Tu<ffL0n-dx3Y;5BexB4ESi>nLyf+EU@0yy
zdlFm(!X>zOG$(8(1l4g_@TR74*8<*UoNVEi52G5mdHDe@Q)XF_@*xKx+dyo22Ro;;
zTziT0gnU=lI2q)5B!t<HYxI)mDEq^%#F*mV<F>BFbn04IZgO&oAdzh{4%Pzl7Mc4!
zH4=i@I4;;+Unk6HCH6VdDp(03xE)8S4*i4~1>Lf{jRrEZ^C>Iz%~xBc#!g0EvqMd|
zJkVDL8vB|NR={S-zzaWZK_C#Ib6SDIS9S|y5pM5D{IR~iajU94Lj_1#r>suoB#EMj
z@3LwH3t0$kLaar;*%e&>Bt)yv7i|6+#o<4rJUj;TC3M05nC0o1)+vl29XG7z4-*na
zCyW`3S7Xe53pTF?*ftIYUf_e}0GL3S`DDpO$?w7V{r*{C{|`nKV5p>W6%L<+-OhqY
zkKt#T|M%g+VaNXeKK|p~JP>L`M!Sm$p>>l@=onZ<Ru1!Q%nHs%<fx+KDU0`$-B6+8
zf{$eWES+)#7{ZC2N};XuQD~P7TE<RUK8tZCMud!ML-X=n8M9^Oa0*<1L<SJ!Bv=F{
z@TH13viav{WG~r2Om^d4@+Y#FJlYd~ZU(ECd_*AJpY>I)6!BTGX}C@uDZ8m~IV&m&
z!nT%Kj6v$c6{Y4pMp~*h+Fg-uM3w!BR+av_pX}`>dr@jkf<{C-N02TgvE|`Ou3;c!
zpuDNJ{WxcrEZ4zJrlr6uFqY<`B*Z_W3pW2))+w0u<4f^}rb!fA*9=ii476w_qzM%m
zFeYq9vwTDvT4%o`*;!4e+3bI2;&4<>8i9!pA_GPCo_@P)YRzcTviyJQmYpZ8)g@=*
zg(;QN%Pjq$-B0N_nVHz(Y1yRX2>%X@hYGzH#n+%tGq2bP1qswxM|$=iBzuR+<6mJ<
zU5o!)0@yljEav}@clVz7`5*T8A3wS0|9A0hXe&V+ToCcPL!U%uVV=OrQ3id*@S6~P
z8-r|$B{IGMHil{EWmHYg#)h-3uFIOG0e%)@afCGVTyQt!XN2%69g%_H`Bj_eD$Dn)
z$(yn{t{G=V6GfdcrR4q3(T3ig2Jk%=^<%uT8AK5pOplNwH@S?jTk%T8_ml^H6HuHG
zWa5&9Z#4-9kcn}Fyer9+<rQ2d(k27fcFY|~%0@fbae3x#xiZlAgQoHXz#YL+m1R(s
z7KGL{g|pX{3X!TRd=cj>PPQ(d@|ZXCoNe!r(ygP<pkUWLMqgOicCi9BX^67X6a96=
ziP5S)?e%`yhc9Kl7Wfcg7i4h63E8j+S5Y|BN}9_v9z<AElNXdA0$~Nv9ny`!?OG;}
zfKuTU*jYhidLmv;+WdrRqiT}UhDICa1lcy_j5gUAl&Kut&Qe0hb;&vTlQQ>Gn$AC?
z_Rd%yowZrs#90w-0HieIW6{4knK0V4^)>eE4T%v;W57o2&>O}SqX5&!I>XEWsu|Tg
z@fWzh5#CTa@y}aY)1qOFCy{`ypkhQsXK_WUpChs-2>*Nvv2{>8pw+Ov5%S9U96i=;
zkYL1sSDk4RZIGHx3;`DT4ty-@i@c;Mypqn(d}!JnZm33q7Dic-aWZ&YLWrH8KnF1p
zBVV!F)}qM5;7k9atx@x#U4S;7`kQc`&f&JFB+bW?)NN6q+ZXy%BDbc5Ps_RyO=V>Y
zs+erX1W(Bs*?i0JE*ha3v#^<v1J7wivH~WezzB6GC$fJdqUwqPc%xP0WuB60#vxQP
zTt^AH%xKaC$<FBbA~IWx?HmLu9jQ5PO0u^b)$B48QqK1X^K~}MnvwVrZIIVeg=Sr?
zjPs1p`W(!Qx$A%t*gZCEoyCa6G0wC2{NGs>vtnGP5S$>6^YT2NWI01u9<hj|^?g-J
z_fcA(ySLj!%<^l9!M33^PQE;gb(fM^8nI7JO^@nx<YJMuXi@P7N95`5(_LU}io)O`
z1d{rzW9YFMfsddkvbP?wnSzk{TosNmGCM{F6fniy{|n8<^r~MS%Z+veZ=`U5jnAbZ
zk6T`=lQ|==j=2X9kArV9r3dn7jkRpaK97>CFW~25UEpE7L6~f5s!Z^;f;t+vyeVfo
zyyzD|omN#)Ru`a^UeuVEV+)b`tqN#lEcUO_m>OFrs7`oktVOkI)b?sX89=%Ds^c$j
z==cJ>gg6?eW7V_rQzYTbIIogN22#UB^%))GzWHh*Hz~R3{|f|+w|_Z$Zc&WLuTq?Y
ziYM4bDwZ-s4+czA2u3NQPvQfK3BSltK?=VCkoXmovsUnC*cMAvpxPF5cwtcH><p7i
zfxk<$W115*7HbPdke0KTvf;O-Sj6+Ptz(5tENVrn!?w*1iOJix(5}MI^R{6%O=npF
zd3HGX7PFMZ<i|I!|0&6yO)Nhg<tHzoZe<f66V1lNjtGb=w*<=V#8X1@g8!S6h%S?+
z+>VGSX%(^u;3!QyH^|RnYQI$jw`uZ>2@WnG3@vEdra)a&XNBOC|7wdd*jB;xLy$zl
zL>YzrAjOuk<6S1ulCE1gyWB));YfaipQW&7=RO;l3D3ALArqgyALJQt20LW%kv8Kg
zd<JF+xB18ojpLi-_+rXS8+!5&AqYrWLd|>*L1nz6*432Qqt*4=_wU{v8-u_tEyIaX
zV>uJQ=VFq`CbknP1?c-PA@qpp4h|nCCIZKKjh2aGc{mjsfi;+tCy~HYEK-QG8jy@s
z$^%S~wDf#sdMpFMinG*iviCT_%pB%4wdg!02I(4mv1}aL?(D=(&f{@bO<5iDHftCU
zY{S66Z?F-c38MUa=uu*$<@B7Xsb%(ALN+$^t)VuKlO7#P*wR*NSR9TP++4$<@1`M9
zDb0dlAC{hKTgPR(?dMiOaBr8$sSV{9AethX<El(!J(IQLE4*T#gs{q*xS6up{}NBi
zI;N&-WToCX2_=2$ORl9;zkqOXtP+^L<YSss)H<5u^4N;+rcTvqT~;R7$I<K8k((@0
zrm)>0{}8MUeZy-e&a13ISDvPn4lZ*oj2q8oiZ(pTT|ATLv2j`OaaOim0v}IHu`<=|
zb<4Fgvx<~bi~SdFx<K-lr^vc3z^kLU%<8hhbpXsY&zdG@61qlb2Yt^eCqHCGCdM~W
zp7m*I{7hwUtZHq6J#O46DH4936`~ML|J9<q?@TnI@40v66+Jk2%lqAYPR?p@Os12D
z)nwC<d^6EtXPHXzvO&nWY9Xc1Oud+~8E~G%$3JAcr^wd)N}W27_J7Fain9|-OKvA^
zMInj_?ou*&o7l)gOq?UApSU<=!!RoA%WRU3VG|HExL|W0d8w>X5XC*sPbA&sYJw;Q
zu*XVbyM&j(I&w4g;J$exU9li^J1TN~!!zTYF3pH{bfgv0uv&7C;0D?z=|rsLMh`3s
zafuR@#L7_?eo{irxRe;F7H8C*Kx%0kCT*UhSSW*mD(yIce#<7TW(B%2i;Y*g&P!(s
zX<z|T2^`zSt^=o9v8};4E<LR;=7ONslN!D{yA(3NQt%8HXo`G#Sw|5h+E1L3F@@`}
zf1Hq)e>)+sj(z~C754_u@gUF@fqX(g@`TRlzsmx)D0abz5K*-m3a)eBW+@v=4xn<Y
z#1bS3yUDbf<)NdJ5v;^WNQn#=VnB82SBH0c-*V1SPJDeSD|GWjsC8u0QOKf=orXe{
z^3zkO_gT@f`jVR3VoL^@0Tct$NEQ?;v9zNEHYK>QG2c_xO<dY4xX#hzF{>JuN;bEF
za*%059E4TV5=W<LYFc!S234!r;Z<5~40yZM<At45hu{!&r4fSONJCPH)GHXL<-LEY
zB4zI<`%jWx-~t8v$Z7{YXlW(va#ox-Qwuxe`F;l|zM(Vr8ZfvXvZ$51D{MiN>!Ax%
z5YT*=%~;tsMktqFy!L|7R@9}6bR`ZC`!*Mn%U|wISnB(xsrH@gi;$K>e3+I+S*w+4
z%Hwh9ErV_dnOHB|I`EEz2d#~_5FE7$JGv`L|4_hOsZ8Yhfm)tJpu-l>*QP0@H{i;E
z6B$tesuzr<T!F;BN%``C6S>v~Q11A*DoqZ^`zFX7+Gpz7*NvCq_X>NVDKAC~B@M(c
zme&#Z<$}#eMEq-BH#x`iuvSs26HErd6+6Me<~?_OWF~}1BXvY897nX;T!sh>g$;`~
zHloT8vOEfGU}{(;`c;|QMbzipKxu<k6|HA#dE63E&c@=Dce^m>eB9(V3)vvDokSH*
zXkJZe;x+-tF_s?Jr8rJw<|eZFaC03P@-$_^7?Dl9-c{ceJVj6g@QgJp!K;OwKVt@9
zWXmCcmpPkJ^JA-iR3y!6(VUKCDKqIhlF$Zm$|RE<qNc?$`7T%S)6kC8Y0s9XpMx#}
z#ovdP)e0ab>t)5c37|fFV>c=5jk7#!XRy%0;2eHJ`TgN@_~F+=R7bX*3?73FmEg38
zfV~a?v1pZnvZ~fw0U(1l)EQ2cJgTx2DCnjI!&6gJzAPH&P>(mXZWE|QV&^sET<H*{
ziasksZ-Hr;);7HKVe%CbbI+S-z4kd#Afc_E5%M4f`D-yTIiwbU>||5duO`7Veo9=q
z&g7Iw^57NBTb%du2FGFC%T-Ues(AXEYNtg?rzI+<<qD^+y2&V;q^fCSgS;tIrUXGj
zXV`Z*&(1-evkG;@xh=+no0Y~mD~n;|r9GAxTFRZr8Q=BW)jNozs~;i|7^4E>kSq5g
zjlet4x#iZH7Gv4Ov`DQK$-~G=sVo`!yRs_t@_bHs1wxzcGjKzc%oToB;y-aCTZ^%^
z*lJCnhaXSi+jH|t-8UQ=DMU($PJAuPIDktt56+sXdzHBiP*tWvQaTFVfdVOnJXdEW
ztdpE_{zhKTfhkA^*I&^Fsr(|!dS$g$UbjVT86n!MK0O->1YcylZh^i0rA^PJ@G1l9
z)0nf0qRL1)z_^}A@~TCr6M#~JOVt@iw*vNwjvHAE1#rRKhGk7^cFsPj`~X~Cz5pix
zFoFlBteE4Envq%Cpvsti8s{y~E?E*G;3HMZ+$t@`UaFc!4+?Ep@-=(#LKa)r0c%sR
zEHUt=8eDRmgRi<S#9M9D32*XfL$OF~J0X8D+IAB!(Zo;$CqhsHz)4u2q7Vx7TL&Pw
zF~sjX#;I0!L%W?JJrTvMCRN_n6m-5bXv_3bA&tF+NRFUc&9e(;3|6Ghe@3>{1t-~j
zW&(FUdw=ni#{ehZ+cAF^J4urKyd#$0v-h;BeipyCH$~5mRJh&Ehnwo6O8Y@otTtWA
z3f@QqA8A}s%ryzlS{ayfN<~*VyJR&}F^wUfdN$L`lso7nRu6yP+*XqXg(i2>qqMa`
zR~Jq%Yff1#Z`GM~XA{fD?Up8&0eRCI=J4W%(V0EDx?gW^u31#M<q2o)VleAoyR%Mq
z?J1893Ubm}FL34^UD7NEHP^VzQI_gARNk;A&<<Q4Q(fJ<7Oa_NCLpiY$`&}hv>Qw!
z)0)hlY+Wa1=LMWv@VZMTR~8%Pj8^hzT^9c;&+td8qBzQ*T4ccAI@%)qg7`FIzUNh$
zf>q;~=6J^ytFscrU%CM>50Zaov#dd9Mfg2y8!*iI$j+u^dErQGT&J$ZxrjgUq*%$&
z@%XMx<zE%6Ib@}6@EUEL(`*+0B;S^4swIXqkQnp_{6iUgst@wFC~sL|%1=0izqDmT
z@s+$-l7EACPW~{`n0isx^ju)92`JOpEhG<ihBgfyPjSqm4Gd4173VMsv62jCNipdM
ziDT=NGLs;FK#<53>d{Y}QO*t@gO{pU)G+BKRB@=pQ)bPYk%N}Z(uBGM$9U)jqmR3B
z0ukU3U=S*JrvQNgt+6GClY_(#rhb7lcA&AIjvb{b*^*XE+h8H(1?UjmdH7L>XK*2N
zqP(Y72o#BF3D=~Fu^U3;2BRXCp(RaVp-#ANq#7=NFmO|CI@^<AE>?tZNFafAP&j-w
zQIJhIPiND@I%j1w#j98{WA(Y(S{1P^kUlhR^%vfqx6sCao0K&HuW7a0xnaqTM0*?E
zHeb}Sqfc<KV02|`xT3ZiamW@s60)M-PPAd91Jykp==PJ$b(0lAK(>%#cfttS&>72Q
z)U!p`RicfJs1xKHtNUgxzoJpguW8cq>l(EDD&{P<F^gx)(lump%~)I`mW~Mv-ttIs
z^5Ut9j{s3fFrt$-)s&hIFX5zQfndd%2!P+&mU4oqcn$3Za~P4mWbbkEt(b5N3gIG@
zERVC?oM@e`&NX2uQXTYM#tn~xu42Y0(gh|ZQ4^p6*`b&hU^1(!y^+S}JDB`KjJGzq
zRiVHkC}L9*RW=fx_`#Sr1a=k;|NBxb-Cc-1yz72CR;KiO?)x{EJ-i{@rI7u`G)Kjh
zmdTuLHn170YR6@Iq$`E|UC?w!asU+DtFpj5MFCqH;viR+#mu;gRUqS>8(U3dN5p1T
zGbdYMW@-o6sI3Np0csau+!gJ1wx!>el3Y;7Au~2wfD*ZY^b78tHAiwEkF7GXb;xk7
zO%2o2G5q_60vudWTujtlMXS`R#aN}VaHXju2$ktu%QE@rj)7J-o|^NMob{G<mWDEd
z07`;kU=GV#|2`^GxZ{^5M5YS5bB($MBjwm3I0r@=`9$Pxo<$8EXQxafBFY?L5xuhj
z&)QckPVub0-CfDz>=v?Oc?(&wP77$c5B@~v?#(6dEGx1Z%`L+gbqr83fMo8kGe&5h
zUE(_U`|%M$|0oRo*fe5t!&G3G*;pE@143Ex)^Z~An^)#{W)`LrVH9apKo@i^gL`z$
z+*3C)PSyel>Q>Z(lcKv9_{?MzCQ~1lX+n;bVY8fJqSoNY$z-rY2Cs^&$!ISARNhzv
z-2VoGpA3|#Cbs)SDHy)^AUKy}S1Ew1fORxYU9(Cwps)gGL7cB>gPbs?HX?Gy^73QU
zF`e8X0lP`u45AI9?I!U}jMWWxOAzx=T7Z#-j6TYY5CM(C46dIf3X5=iDUJ?gMvH8s
zB9cr0PRg|tEqZDFpbA-B&WXyP99A!~A|1(_*&k@7E;Ly~Q`%5<o0)reo6>vM_y|Fx
z^0Qr08negnjtpQb4b+vnw2{R{&Pi7MOA7e5Ex#_7m|M93@2=B0E3(FR*&UIK>|=Ib
zXXy|ej<b}FX+1)#M!?~f9o}^@9!?}!o<#2NAU?9e^-y}9U9y64PzIiX(4NaT$Kr*c
z>x5=`TeEl5n(=9wrz7$xB5;B7S0>Hk#gFe9wYE89_aweW1Ui(_`~}PD{6w7eQ$8XG
z5s?m?`qiG0Pk0NaL{^hx{xoP4X4S?EF`8y>7i#tD_t1y09sA(^Su_5JviIi0H$T36
zd6G1rnpN6Z68~wxoB#RI!R~$hr#pE9W`K}pfoHJ8ay#)=4yxV0{2bDbNQfrt6v6dL
zlb(TYead7~Mrl)pM;4wy?mFdyr%$IH53lIvuGTt#`G#!Hm<GMGvcAbgq9w?B($3p;
z4IFxT#*jEFkx&x7Dx~@pJo~S%w6g>m1a2*qOT~aB<ja?2S#hmilI0gB2vWyrnIdRt
zcX)35E2_XEoK!i@zzjzmWvaSt%Ci;{FEMo3m3=+}8)-6yy(2O3Qn((`!aHPDoS6pB
z=C)mI)__i;tTFB{8bQ}qjyLpQ&oPsyvE`*U5E=edjZP9pS64B~CYlJ2SEUNs`sGU$
z`EH?lfJL{_iU*d2I<H5u_K-CxvM|!cM|9zgV)C-!Xnf~nog-F00vX&?dx2t3!ON_Z
zuxHyuvNXvZYfo1`icU{YBM1(RH&wQ8E*T7nGSar(aMex8aJ{)XKv3wftKIg_Spz5t
zs<R>`U%uS$?!SxYn*0BUDa$J%o;TI<P+*Jq|Gme12T#2H|MBD9!~6aJE}jjQ=N6W(
z)K?GC((;2;6Mj(Ma|058`Qmd{H_vb|AeOFH)mhO@$lx1399#>4;4S{&4(4Vadsq`9
ziaiihSbrg-XJkv6iu89n*|s2L6CVhE!>>)9%}(0MB>O}L!$G(t;12OAtco5noZwS-
zy-@!*$Um|o6$k1QR7MMu3?D}7tx9_h8eW>F#=HiCQBTSmgI(es|4t-|fNDj)w&Q2Z
zEXH77NybVODo%@On=4Dkk~14(^l<186MO~hRLfA5<4DEm<ub6taSkGa+Od(WD_*e4
zgpHdK8N4Y^Bm&~KN>4Q+gO|UwG#~WO77Gn!|L)9j4E+2YEvU)hPkYJU<9K&KlINCX
zaq>44XFK_8rY>LrPQVGm#1?fX!oot~SwDP8F0<JP?n)+E&YF3}p3MY98&BDY0M%h4
zy!=$Dm}9nouuQ`(%NeTl2%Ls8YW^e`5E!gb)dUtL^%d!7($sA+CWnvUPqQ}SLAXQF
zb7ha9+7QymoQQG61eUa_pc6^-4~Ed8d?VTr9pdDSjVa^-D`(Cj1-cG#!%<*^3qdty
zGfuW-X#E#&PDEL-p{Uq+JBiFaJ_6CUXc+byeWg7+H@J`$$V+Tjp|X**0(@3|)WlU~
zdJC*XeKr4pJ3>!J&sHB`3r|fHgp$~qObxEi+qDri`$zl@A9&EP-F2qi!nLKQqQ7do
z`7OnOuQa}HJb*WSBkdMTq=}B%E%fl1y=$@9zTF2J`sEYaYh)n*7_0=Omzqa9%|h4M
z29JqWFn`GL*5*wXn?jb!97Z#moq_R>3=+L67n8?kXG6EAwqvys+@kwRh4=MtLf<93
zxjpwR{sMU)<jz95&TppqINltr#%G|ypm$Z-iyr@0TiR#1q7$7M{P%ziJ`AqG;s2_x
zn9nHB#wy<0DrjTTftYJkmd_GC#k0z2sd`0rSe##@uD6)XI~1SI0g@gvWdISZq_acn
z6y||K6|I}NoGeGsoUf4?ELhh{P<bt>VJc13a2@F|;9=Z#SZUGQPL<E(m$q!2CEevw
zcBDQ0Oq%kabe1nD(Fe<pZ6`j<-|k?%@wklpCr+&sFNoi2JlQ2@h#k95^5O1=OG%Cp
z90k0;y1H68+SbJALQru)*QOMv_*NX=4v)YCF$745j_&sa0igMUS@xi}O02jVqIoCG
z24p<%Vu}^5&=}%_6Deb1MH93_ythMGEU)GTlF$G;0VbA%@}oRxSl#dsJ-}SP`CVDh
zsM!1b(9q;nQMI5e-Ac1@Lk2h_^?og*U0YQKB)QUQ_56=twpUs=U6^Xz!SbAJjY}b#
z2M@MZHPU&rP3*0i{X(|Hx#q`-5Mu^2TD?c3)}J9z%tY)(S6^V+#>85cayKIG&J3mW
zx=V<&6E7QpcT<MMQsFRrOukm8o*~(Tutp-N%t*EaJPP0?d`hiv2549N@(mw-!~aL@
z_NJ5z%S0B0ELA9PDhQXBoM3j2Z4X34&;3^xhH5~1G4t{HN@!Zs!NPbI`u_UFU4fK$
zOvm1Rr?Xl2E+>6W6JAN?7U#AXQ2_caEvXRX8&Nz2(3!_e`m*xk3uFG9@80b$+PmxD
zS_}F&Ha4p){jYu9asPPFHShm0K#c7tIPXsjwAB7**T4UJvU~9O{{HVS9?2GIksAG$
z6AnpvhHbH5dP>NENdue{gKa#k8VguEkWnP9U<2WdY)e>gW42wlL1g!`))CS@kK1)V
zlOiipRy5>sN94CnZe_y@j^nvjx_l-sNPVhU!<Hg)0&A{m^b?5_9D0(V8HyX3$%~Y<
zO6R(oCEdwG#MT6F(qq&=b7a`5MIV!3XesjLi^kX=)-|A*Q9mS>Mpo^uXt>f1UDXL&
zr7NllV@0bH0FKLA#XF9{_{#!?={ow1u`Ep+kq;PKjmvyQ-aS9I$Ia14Deot}IyHn~
zlcv1m{6s!$70}b&r+cfTV>b5tef@X-TzCIRlL9M=$AYYY%ksbO@B8^*4-X&R=l{Et
zC&0zQd0t*RI`7<sC2;Px_jxEo+XkXnz|Ly|9;$ucRR0T38)w`9iaW8G$#2;N!jekc
z$pt-%v^$UKQ0G=dlFZ2%<081MsJmTVt6$c}#apzt9!0Ul-VJ!ZaucCz?3;@-w!-ym
zuZsVi=eqpA=CKZUvn(O(68^vY<jEtC{~tVla?k(o<OyEuI<Z?UV|mZ7(f4SyS^0IC
zRgA4`D|IL;JxOoGT5fA+xx-_rq9b-6R+vh$4tA!YyLNZjWHcPF5nmT~&Gm122`|qE
zy?FgU+TH8q|3BE<Ke%82ck$RunpPDTvYJ25t+cB4fm6y5Cb6v}ui)1g#&z48c{gPg
zze8@Yj1%-S0;T2QzrJ?Iq};V-Qx%iJ?sHK#OQ#3X*?H}#*A`?q+pMLG@YCpaRd(T&
zu@2VV0^w2X#~!8JH`kk=7)#)JPP5rN#WkgKwbK&?b)@oZ=!HRuJ5jGWS)bb4G^gus
zq+wHR$-MQd^);k>NQj!k;A?KDEVTyAdT-!#4;nW*oCI}gPSo+PKFyC84**Irn|eTy
zfrJ6Jkw`kT2lo@nADm8@XI(K6-q|8#Z$+;?e1Y~#>Kfk-(x3}^5g4rMmbFbs*BWSX
z90c+}4jHH<N6$#Z>VnpD^6l=oyJV|JacU_pcl+)pjo@lE=4wFQ=Jt%eQ*b5kAN3nM
zlT2*ep4isJwr$(CZQJ(5wr$(mC%^xB&&7Lp`m$?Rb#+zmex6=yeLw5+SVb|TX5FQ0
zUsUxKS!E^)RSk`|s*MFlsM+)LAQHhg#>cIkPuw@-=G=j;K?mtEF0LYO+7s@sU{%TB
zsN{^z*}?1aQ`HQ?@N#X?{usmmF^_Jd2|Y#jO~MPyRf<NZ52?j$%Lg-&9WC*3Z7G?n
z`77eNej=#(N#JZ@mf131^N26eH(6Z(f-A5%&7Fn}1AW~V4^|(?4DW*Bh>b~~{mae$
zAL<|#3U?bMt7WG~kS^jre7u%mlgR2OQnr%QI3Apm(*zwz$G*lDUmcNUOwRA#qe?ti
zm}_)F<T*%i{<$m2b8oV)@kX+soahN=dzas@>-4P|RH1BmR<*OuLyOlz_S)F##VXtH
zVGS@XYlHsR(LJadS`37tIgKfQ_)ypAS9098X3M^&xRB-GMwUS+Ao8v6^?0&UtiwkW
z7fcaa7LS{*e3{iWi}hePbU=S2PqZVzEAFq=Rb}iADe?wc2vwhHl-9=#?zNT%r>cdm
z&OATo^3zOq=LmY7I0WPQvQ%+B0vQPGoqaTLDRLjCXlr~Bq$HN<MqLaUiNI7%2%wp%
zcxySiNz-6&M97K9e8U-DIyV;!Nolu%*ce-*8Mz+YWX8hAwMwq#1LKk%55jd_&ogp#
zcLfV(od#ZKG{CrzrTYfQHwI=tQ`8G#yhI&Y=Uof?!FAAbkP4c<DVKJ-9K`MMUNKW*
zg{!<9mToKjp)fzk<wRF^G1m`)0(QYIMB5M*gNPb*Ji9}3#Qj(_2UgOU>~H$%g`(=B
zVE64Xdwd|+Dk_@Qo7y`c<W&0mM<-9@SE<TAy7Qf*Al!2tN!e5U5}}==Yv=hH!reZG
z%eYkh!@pndes>i?r<m8NgWUDIZ!+p5?$ENG0>~%v0@PIwX_l+hs|$rN9D_-7UFqK&
zUqvV4Gnk2L@;J3M;+o1;I`jH8*C5cMK9|`@{_}L~^g2fL1f^N91=u<b=n=Y$;D=&G
zm*59zP5w>?))l6EoDP*={%8p+^*fuA9Ydsx3riPOgb0i9Xz`F|9hIY?j#tKq{b#yj
z*#|8!g4b27sNHk~BWYL~VQU+tk=m=C3bE_fF7rbWpPL_jkHiKq9&i3JPD!IWlLKlH
zXG5m-?+ca&<xEYrpUujJ{PJjqZIfvw=2Psx%h<IIs>eum>k)rg3mZ)XfC~5InA_!D
z<q@_(`DSGx?FNN*7E1r-c0e)$Mvsv3VBxAAuIH$|ZqM*Xr#bRH71T6}9jgz1<@=J@
zQA5x<**$j*EysNcT^m?tgK>W6jDe_syA-|Qx$^>TrZedbsYO@^q80`3;?=g`MNwJ!
zmJdW9kgX)6c^0}>mSSga;9coF*YjpxSN1Y3xBzb=!Rr1#WeT}|SfBN`<zQYB>)}HZ
z)13n~rv1LojaEIl-Pv}0<zore^(~19A5UVK0JsQjb?(0Zoc`KDThaX<P_I4ki=Was
zW)bzhDO1aC<GdHr-Nc1o1~hautN#I;#R3lVxZTzn%B%7O{7Da6vth)3A~SO@m#ke>
zk}r|&T;}Ye#^7N)Ykh8@m#59sAL>#xAQi6W@91{p>~~QWT8jC`9$cie%kH-vub7;8
zc#|MyKYD1`m62gKeK@B@!rJz6yU=^7+>E}nMmIaDv(?TlZ&J}OaF*A2YLGsHX=z3D
za>Z3#X<Ha>*we8hZw)y#Dt>GDaG;$*HZ!fZp?OZa<7%8Q-nDiyGY_12FTJm&ZDZ9k
z{JG6=fM~AeJ3z07Bb&gs9(k4t(A(Xuy#w%kx%>Vf5?59AUT~z|XGsEns37`)UEx?W
z0zn+M`U42D_vIwxV(0Rmar{>#dtbwo@9k-Q?>9crcISVK63w51`+wYKBf8x6Tbn=5
z9zk!1E`CS(m)e}J#<BZe%xFpJb3)MoDSwaG+UJ%CW83k&F5^8m@5FvD?zPLOF9O2#
zm+#GCdq?-HEg2ifu%8g!9)x=%W_VBn>WNBL+6RT*N)*Tmb=sytke~7D@(*OKKY}CQ
zo$jDLzOh{)2GXF57OsyBn1-wxmEM{#r6G%xgU(tj8KKn%)7!=hQJSy7A}P2B-tPiD
z6+{-L^@wrv($dKB{7O_-a|`G3f`dw<`>K%#-c=f*<)M&D@ekGBz+J0kEjQ#PXSVxn
zHgs>qj#uddNTcgR#2Muy%t`j=6O!*I*(1@)CZO`sD!32-UL6f!ZMzZ+csSK_eenVO
ze3(`sBkzg~U$h`;9_y|@X0bB$aJFT&yWhmb=#EWgk?$zVLa;xCrh5K6pvw|CA<2*I
zd@BtQnN|~exg-so7s<=!6LyMEF7%-hr*8BZ$mb6Wou-+6y-NJhv-bVp?n8PB{^Oo`
zx8Y%D+eZxGX@?Iuv&rdun~4Fmlk!@ryFl19Y)7bSxHPAQGUeOF#%&l`E`5Qvb*~C*
zi3eWE+S%I%&UOZ9-myIgZRlNWZ7mZobqExp37xWCgC|#<UouUsaY%`slA*i5Of#+t
zA1xolw3V8Ztrx%Tpl{*UDAc3d)BD8@sCRiee{Oo)f1U@s%eM~w281)WCoWr0iyA$I
zru?xTO8sMe*Fuviv+AI0D)KQ#327V?!Qo|FDTxym5pv8l;)8fd)>Ayx-afcPu#^0x
zo`N)Yw2!l(pJFUD4W1{g88ZDdryEr{{eO+=&Y9md$shSsg*|GgFi$2|kA7sbk8Sd;
zxYu+79;jLj{B};iU2o<Rd3*so8{Inq0N?X=3x^H1`u|(fA~zjBta>;(+F<o}sJ*y3
zJNm{RDf#enn>KY~ATABFhMhzxPQk=Fw`1p~x2yM%(g~D6Jm8_EKFeqbA$$nfU$k)U
z^pDfd*n=1!;ExpN_fSK0<X4^f@Ey~znR+ZYV)c%ozm#%Nvr3R>w82A(eeJShBc6F@
z#h0tmDFXfnsO|1LfqzCg6*(t<yz57s^v8|m8!xu?sx7#bp1E=-m1|)HN=VJQhwz}V
zr(lgb?=dlZ==N1=R=?B}snK5lIrfIB5MUkq#`XR(1VCR4Tpt0z=doGx<>dAGUjf70
z%RWH2<8+X1r0)v$@20_H1sNC$Z-Z*^s(^M_wo*vj$$F=6%OOCt>+u`}k@^Ur&-HES
zh7WKipULQd)9tty;`#or?9{zxc`m{;QrTj}jsFV(?Wn;88?Pt~+FK|XEwoo>IM`pV
zzAgQfYz9}YT`D6^&dgN(b3JbVbTPcVbXCi_iI33g-f{$>j^-V1%mN_9%HpxU0Sd`q
zJ^?m4vC0CWp#4j_j{EoQAU=7vl@&${9m5YnqKx*sO6q0E!-5J$Mw3vaaT@7j5`E&C
zVNh}C?uYnqV!RxIO&ug@^}7*Sy`0`}2h?Ste19E93yczu9Z`I>FTV6<Wuy9p6`d*X
z6P`x>)hh;6Osh*TMh<wwKv7Mc>uhxP@i_cGn`<^e_3&6inIn(=`*D^qW*(MRjVp{o
zD?4ikh@G@MJd{&RmN=!<Q><m@AX|Thdg)bNtt(pRxK0TPV6O|;GUuB@(9jo1pg^gh
z$smWpd^Q_(Atst7dT(?oUkKDBeDs)Xf&^E1=8X?OO`|Rz;32()p!H9B*V-&8+5drR
zN@!Vun1_kKHim_|XL&Q_)baeRzpRE2x-@e{6dXS`A6R>*R>mX}xnY@TgD<Gqq1Bsb
zjd6ijTDm)yJDVhL%}3iBqa8*M9b4xQ`i(GenL?jpRpBv{DFpG!Dg%RMY7UkD4-~7>
z%Nk>eT%M`fe`V?G*l*nI=&4?nyi&!h8(xEF_;~j!2-Ru?g5N?dSH096Pc+=UXq~@b
zwiSphLkzrQ)3$LX%7!geUk65pIeokCjz*?7ZX%U);a^4&?ldvoD7onZRD>(75JnIj
z4YtdJx)R8;HKO`c131`lcZr!d!}7XCbWbY~9lUKg=3M{rfr+5t5x5jg6g-Rp)|4%H
zSog?=P>W(-i$6KM5H34cNZ(qsfZ$1}ckbHz7EH$mAq9LZhB7MRX8WXxQx~feNUlHz
zN;{CL_isID_Gr9Tf4I)CW@%Utsj$f$w$PwTBbkjrg3eVFD;D}~8$0WQO(!SyMJMEf
zD<Z|lT5AFcM^02Y2V?;`pXSHQnwKsPqZO8zfm%YRDh#*CbfC^s5rM!pQHxDZGaKg~
zHm|hfhyL@!S?e#O;RM0^g5o~ZGgK)D7u@<xEG;uZ$DNH18;w%VGFaRR6r@mk?0oA*
z&pOcv(u?oN3P(dqtEWwI!ays#N{JD_MhG&DQUdF7cg#P9IjT)eCN^}RTiVs_!C$`a
zv$1zo_W-=sYXA?ghf^-#L^dac&^w*9+uXEOqa}0M$y(TVwx!@D<LHa6AxstRT3h7l
za@5DVS<DvmxKQSC4on-9HqmV>)t;-8t5SXO4(+w!E~8b_i9z0!V(!^rSY@&1V%_J~
zIsNkHbu9r<i2`NW?x%VS5c_vP2H@kx+x+-hdCx{K!74vW+a#>vm&}ti{+?8&)hFnJ
zaZEYYgq?S@+p~YF`~^0CbLh=R7)W>n{qvW)Y&7F$V7Y^OLFCH?zofx|HeG6v{_w$c
zg>k;p^Qr*-N(n#nP_TYTzWi7MYq^59ytmqW1^bVkW}k6zw3K%qTrU%Pr0En~FPaXU
zl<*Emv`mM3g1)Hl=YmI??wc|3nUvVROEa9k<iFn8G&0}`-Q2M)ZBJA3#bwv)1e&{+
zSUUa@F346%Pqhct<Q(zkKd=RLDr;8V(?{7TpB>?)Hlv*v=o3<CAbfnq;lC&K(_3ve
z-WNkO8k;qH3;u0zc(zEzIeOtIy>R*3kOSnCW^FM6-cIwAfZNxxg9FdEA6<nDHaR1e
z35Z4lSYzR)XR$d$Q;WO(s5#MQ(JG@{f9xcC?bo_7FIKme;?qBsn*%y3?<%0~m3aMA
z9d$s#%++h}=ef$KFFOve&9HAST*%K`Pc}zZdo{Q9iSPlg3~Cr*KC5^WVcxyhok^T@
z|F40>>nhEmk$`IQB*f8PhKX&-?4RV<946Zq1@jslo9IXh>|a%rkO1is2JpUC1vYKZ
z0S;HpsEWcT)8O^GaQ=s%h#T#ja0GWo?Wj=a^r$*kk2U<Zn|tOR>mDmRMMmnj@WUuK
z^9B%`>=@}V4G(EI_W78yW^FW1Am_gU5Ah3({(xc?^~USXdTIsy8qn19fl2>*U^UV0
zRr)wGl~Bf&2e=E3=}L4qNthJfg*Fg{?s81W<yVLH?)eaPf|XV^{yMDQXAe}wWnQ)r
zun3{A1Z;6RTb1bAb!#pryeK{t5f>$Rn=UQZo;fE?L=*D@iW-o9Hx7`U>S|lTIJ+54
z99Ma!s|pqq%$6rg#%ntb=~YYT`ikRx5B&j^8PR+i4N=Efy|_@pkxm4BBmZ>-{B6s)
z=zqpVlP35Dvu#fqLo9w-w#_2i9G`5vu-l!9&`>p9TPV_qY$aoxqG;}!lgq_Po07zT
zZTmY+CI{;(T00`t({-)6&3-#}(dtH5>RLy{Rn%(d8BUr_-?#q!+k0XSK<T6LRS3%p
z@nN|uWvvTKVU^X2;TJ>-qx46@ZNw&##3YDOdpT2%7=3-2c5)|mUyXWB>Rxc3XZrOw
zY-Vb$uR44)W?G(i0xl{$wkwPXDnES#TfSaid%jP$xbZjM09E}^Ep59cns!rm+L4TH
zqO!i+6Lpge`a0r%tAs1s_Tj&_rPb%YlT70B_ns;Lu5`v00rzK);sAhM@vq-ra^Kca
z0lF@jMyNk!59Z6h-uH)NV?6(DKdEnhH=LvSMi}iPx$rvq`@NY~K1>%(rM`Wq?ulTq
zC~Z2N{FGn#AV#V`cVe#}e0Qb{w*i{**&CytN_Wn!s>wvk!uBa4rKs|!mpjo51MAt`
zWZxziXMcYS8>C!Rr<-4nPN>ICpU^<7PbahJcGp7?(M0mgRREPJj?4tIP?{yxeM*y+
z%&inHA@Esi$k#QXS2K!a(-15D>4vW?IU0F_S5N_HPHD8l5MeHv0Ymzhr(d#NS#j+i
zKmI8*o|IOt@i8STH9yr_+xaEW9-F|H^uC2Ar}9-Dg4CU_fK*w^gl6Had(5o!@hb#r
zk*?_2s~^TP4ywhYyzzN$vT?MP%~Z?Mri2OBoUrwek6F)JobG0%h3~g1@!L#py&IlP
zB8zEeRK4IgHa8xx&8V-K*vnh)&G8zsX%mH7j-5gg*h<Rgq?+KcF^W)kUlfF@(|Fs>
zWqfO6m=L&dS;mYhP0SdJ><C6KI_ZLtoiN%QD={Xm$*^Ze&@`UJDoT=`L)?)S($}z{
zktJa6VQfaCi@+R27bZ@8*a1ll`T-YkG!z<1G?m^crc?Cbo)OpE-A16F<T#QmDuVz0
zgC_od)pf`JuGE<<@xH@<BJY)bR~9qG(n`im7iK(|7Ruc*nilevuFVSdVVubd1zcUm
z_s(%kO3CW<dJW<7O(^D@arvMyt&h04zt8XyrEZ!53<GR@@od<JBfbEyr)}+k(3kfe
zTprIBlpnRpO;!hr$u4UJn%)e@kplaDdOl57U7?FF4OL`V?CYC_%H#-x4pd2hAI;$W
zEvB(m?0X!>VY(p+_FOY=WsJnR=L=zm82qC;tgz^IAPiPL%5B?q`sm0wj*L4xoj8Ul
zp^=7^1unYtJx4BfoP-KZ*x%@5F4a!dT=(&ia1Oh>V3S1DDGLETD&F<I)uLfPdB*gM
z0iOL681P1b_2d~hssl%nbin{GS%wLV)`t+yQP2jhh$0@(t|~Q~<xJx1<NAF*Rk;wU
zitoeub+_b6{fj1y{DzD%`~Ky4(E@XE8~<|Y`#PR6aseA41pgZ;EV(W2N+nNd@;#MA
zgZGB1eg?-BL`-q|_>A>Hm<0*!LpK9#XjVO=u4p&NAqV0&?cyG>hJiYWU-Zx|@Zy+p
z9O`PVjP}2Jhx?8r&V`v0j$qJM%lBEoE4#HR8`T-`jq02+yf?;-<G8$7>3b(xH^Q<F
zh{RKU%2c~7-y%|IvjS6mQas^?7#!2nL{~+XzMP~_Vo9>IkHBt9>aO!@^6lrm_MA(d
z^4Vz3UNJQDbY!wd?DAkp@8~40B^lY(=%S>GkKuDv%66Yagirs2T|jbn*oNBGQ#>C#
zNfzT_ZGRM*B3kLf6sCnQPU%5U&<58%<QF<$*7xIzs;$p=B_D$Q((z-i!Ieo`J%Nm#
zT*ld8F<z{oz@@FJG$D7=gUmd(8IMFT9vvA~Cnm?V&^^=N#;9OPmY{yWj+)p};O~Rq
z5{^VD+gW|0U(HbtXwO-pgQN9sLuiK~5xL;|`9)zax?Bj<582iE@h|FCqp*pg9KR4h
zVMjmFzocl%FIn!<*?ue39(Me^^jBf!6%Nhu!}dTgBfIm?XQ)l!B*w6Xe07RGF5V8U
zVIpZ>6HICXj!H4Nw?KGN8UjS?`8m>FVf;79(03ajL$nGh&8Mn=Qu0>PukaSu0%69@
zorl0qYu~R5x=Q{{<TOBMxUPf7g}qX_pT+|0)G%L`)P|%GygGOZg144M)tMAA#?7E{
zfFUsq8VyWB0nFJvoU*TnT;UV)v$yFDCG-gcFvq`mNW}PL|Fml&?BW71!jL5CE_52C
z2y~yZvrQQ<_U7dr%t<;sNz!JKDR|R<Q>j`AoZQunBNrBzbra}Jo0SR5GAI>|2S{k8
z?luE8PS#A9SQ7q1&%9tjZ2FQ__g4blD5;->Vci@r8Wt>mRqef#=^e$qm?=-Q(DmL?
z<@ZohWxP;+^0ni#1H_i8e#z$?z3-T_`{p~U1H_RzjotCnj@O5Jm%{<rIII`G@VT28
zzOMHyHL#FPdG?&jFaAL;D8YnMqJyYb8_jI~)jri~+uyD;W3zmmcaYnDUQ!|7h54^1
zJx>csvEn$SN4CSY2_!=^4L%9%tcRMOT>q*=y|EuJ@4)F-H^1|dQsdStrs9&l$l6qx
z&!DFo&S(7j9%Fgl#^RBg@D6`x9TPkB!^n<D$rXkmNRSgaX8rtBR@l7{`gdAFs+{j>
zfB^Lphy%Nb;IG^4%8E;_JT-l{o$_hu4I5_$=q$nm4v%7p?|8m0(;C3?4B97t@C^Jf
zzoSpz*S2iH!`$7S_jfFp`}3$&`kKHwir~A&y@2&w><{}Izm%`%u8zsDU$8DS5`tbG
zaUm<-GDA#o{-goVNR-2rFg$@s<V;iS_gjo2Ji?n_QXBnZs67=eGiojv7rdSD>{khm
zK8Kop-=y4%tZqp^>IAsm^v}FUxyqJ=z0P7WX5n5M5691em&5JJ#_jQZX@&^)AM=_e
z?=L<i`CqcjvpU`A<`<LGZcJX6td#F?bn7Eb%|STht0>dL^{*zopzx+W(i|-$p%XQH
zea3-0hw1GwN90}`uZzog#jt&}(lPK%-9|0F6m$;Mab$XjwhL#V@*8#WVOZ=CA25Ay
zJW|3N$I~LnO1(?pgz-t3P1olvp8M|EOfv@1CvM3wdy8@$xUT9q{ihia)<dYjV|kN~
z_0uK52&l#0vWL(i)1<@MJc5bAoVxCgJ$dB1VuY~J;IM%$UX$h_c7Uv~dhj*5%SS{X
zgsEzO$^5jea6gH`eYt!>Bj{<f$)c}S1_m<e^DFkl3+VJz``^ZliVp+^A9Y|(aw&~*
zI6<VyZojuiSSG;y96Z!0s$3~f{C6tr_nJa^#OAq;IAUHEVMGdE!pM&^QzZhBAsPeL
zlS0itN2*arU<EnoPv)^KXiD|KSA+m&y9k^fN-Y{Qun)nhsn7#hMefr91<UBU#l|==
zqk-z<>I%rNEPGL-oi7Y3%}vDnFwhTXr<|UG;X`>iudR}HeT?mAc6N`i;@<?pR7)}9
z`zyXJ&x%h%Np@&S9Gz_uK@=D=Xjg2crp}%Nky*hsltfsL-9pWS6(x`xSg$md(o02Y
zbAovuaD$Wx<^n%;IbH)11eY8gPhoBEJ00{4BbZjGry^K?^IQv^=(j)Mv$2k2a=1NA
z?wOZIuY$V8XWOnd8;uH?t$Xd=sw3kK^R%`jS=G~IlLHLRnGl4)wBZ(jETo6>iC^BR
zjoJ1wVe@Wa)l0qJ`r}OYy(AnjxY&t`1P+SL!EY95?oak|a;h+H>0yUtem$|8?UrCp
zon?LCA3mwF{s}BREiW31I!YMLgf_}}S+s@?S<O6lnmkgNkfW?wHUz8d0jHy4exrb)
z;n?StYD5}Hfh)Rkj5d%}fD(Lh{tHoP>Yj5<LJP~7iDQ7_PZIwU=8JWwCix_vulAcf
z3pHrioasn@^cDm7+Y>5Kf9MP<&$!o^2JsTTFEqs=B4Uj|Kzx6Wa}5?p>D<tu%ZDdV
z%9NA{pN}i%n1t<psq@AJ4ZQK4T{7ag+L(flQtxSZIww{2W1|@POy0-}vI0!r;cu#`
z5;xJY^iPLxh+h?wb_!CkO}ytX$#N&&pJnYsCo^Wn4}3l-QIrQPdbxZbpPX`(0-x;g
zX58<uzc--!2(+wXwakur{tC%0KVj0vQ^v3w>6O95TF}9^he&5%9GVO}m;mK4>)Z+z
zy=R6oBQblx!)7JfU#6Xb@e_f3hLIwdjY_$wC8C4ZkeT}kJs=i=TZ1k~S&%L7J*B^T
zxjhczzk>RPZH><?2xo-~_AMfg^OD@lsF16{>;3ab-izkX#mG;%!6G7}!CtTOU!jJS
z7al{f-O15rf6qb+oy2obA6HbLmh(`mi}!>2U;_TgWz)BJxAlnFchhS#9E2j7vM0H8
zOgIJxWuQMa_HBGnz970mmhTob*3mcjKv=6Se&s=)r&xp$njx$MWePw0X&_(gzU&YO
z-!GO{yFowKQ8w87*<)0Qk7eo9j|U=B(V3%M>D;)9+0jgBQcr;sV@*U+o8n*>-Sx*-
zr4@5}xWr~LV>xhO5*U)s!YT`k`>uNy@By>hD3F~FhqtXJaKQ2_MI$wT9O{cL>Wi77
z0gs<J5mEqeUEYF|CN?03Mxl&zIbgHn79@LYnfZ!Fu7$OIS!TREFr7_s27GxO_j{n7
z^AZebN8?^f1JxGS)rRMq<bYF$v}DLm-8DHt8?{3PO)k}f26jD35j~duwzs4}M|fv8
z@4^I?W8_6gw}paQm9OV-Mtsp~U8QYTP5M{fg-8SR%8o|{jZ71F4151P1+H{35(nA>
z<c#dvx*h;5Gq^4@&(y!DTkthOkvbBIAr?nQfa$_442NXTAbD;UL06aWy#^mal=pp0
zBg3DDBq!lYxgumhhsbe^s=4_6>on3Nk;fSJRsB6-!v$TbD~VhgBtb;5+{C@#+c}I_
z;<p701e%qDj@_6d%P;}NVUOIyqLp%kVLe_?VHn2NcO9HvPJkAs%&0N0d4ec?^J;3)
z6qy6JS;6q2{rT$;2KyrL{PXi8%AebMwg3r!!XD>NT~XuVFdh$sNyBn1SkH)c4DlAc
zvj4Ah$|{-7ku;V?G`Gd58e-`?{D>3WFsX#v#CZd~1-{H!_>%kD>TeB}4v+D%vo%W&
zl)*ELdN08$YDj7ofbrTGv|xd3xDqhj5R$-yYn;!le$>*uJ8h@G)-jL4B`C@Y;U!3f
zZlo*IEdTWSZ5PxwjfQp_6EC3%7PGo03J_tCY@X4fAUt%-M7&dHWgWqlYz2vpVLuF~
z^;=xUj<FMJQgDs$B?wUfizXCrpDsPVJ05g&WUvlSv||Q+m;D&J;Vq2>Vjs^Rr>22|
z#c&GB!EvZ+$N2_G%Q4=4h@~*^Z{%h66%^q>?xU`OUIo~VCMqufPtyRot9Vay9a;?Z
zy!61F;(R?(1xy;rbTrIZ5Xk^`TA^lgu$SqzXds%2HC88|l#uO>#Seij{CP4O@Me4U
zI1*Z=$VQgI@XxsII?EJ%s_0S_D(f!9dr#215K=J>jloEcHf4UO;*gqfPTEs<maY;B
z0t_m|mQ9bmgcC9mY|r$24O6`z1U6T8+O(*yxeUsC!k1mSIx~zzBvTi*V<qSI2?^zi
zVG3yaXuu{F6WomZse0Bu0|u1X{^vnF`z<&uRpo5^I0KClXIlg+Jxb?9;aOE39Jz^n
zyLvT*eLG*?Ps0Tc<YOzUg(u_0f&*vbx#s~x+`6j>S%#sZQS$s&?ysC*ID*RtIt}T;
z-u=h^iLEF|#d3&-#blXy$E+Ny5HwO#C4q+Jxz=#7K8`y(Txq^DGicvCRIq)an32pW
zj=iHP?E$K<zOjE}GG6%ba^diHek8vAHR2PdI*1xiN$@_AnFB~lc(1tTHS`*~ob~jf
z)$_*1Tx0hn6y$xMe;?N>xT`R2oSug_@<=6rvb6L*>(itG`GwmSu!VYSEO69?l&?ZV
zgkS>V6oojP1<;%BakcQ@lxcPB3kOPO2mVan_j<zvOe)u5Nz9F6C;Ga6=0q4iPlL5N
zb6oo?iQ~<fWTZ+wb)T_^t^Xmg)#ReWJ`_C&fe~wyl?{Y9ReMudTrO76frQjsEG?t9
zhtbctk?-3-emWxYJV8?z6-7Q(kE$O4Sg7OG<nNe`0c__YN{qViAkAh!8Dj4xK!nct
zdy-koP$Zz?6`?YmXV%7&$wM|TLB89n*+x$VsOgQQ)4sU#7JlX<(55S092A2utp0>1
zHz4wsEEdKDMCXYf^iRrF-1INyEwaJ`v>chk^DsnWt`JkH^38kOag$X$<w`95)7a@F
z<E-3ATA*4NV{g(!j4-^u=D*6N0xU`LerZ$vIKf`uRvoI*MhMA~&&Y2-LbX|iQ)Ik-
zxiRh!#qXar&9Z+7sla9{m8PH95Oidpmwu6ZvJYmX4hBr6GL=ajW#l+0w5q#YJqcv>
zjoXvHXPVB83q}*~AREMiYv)FW@hJ9=#L3d1O+d)cdWhkT+;PZns%O5dKuUbZn!zH0
zj*Zf?7SGAZ%8u|3%|!`UAH&ZQ%S(&z`;RC3-6DSj%w#jge&caPGxPFynTHNN13#dN
zEGy@8IT6AYp}N-<+S}@Ky|Q$(P<?q+dZ8YM=_RdOKbr8h$a^+x&pMs7(=~cX)caJn
zE||bNplZFP9km84x%YBJjOV)$)P2VeVO1oWcnAC)Yc}1j>7dS2wzdCAqwkCY@!*y}
z#N!)cI*twx`XpL+?@(ZDF3@tE+hw8VJE(EM?%l<A)d@kBr-_Gat6Ob7qtA6Ch09ax
zJ(*F8dg5~6no9Hn8T9OmlfCc+<E2PLssHbl#Ud>c!4)zGv+YiNh8LkQaBdqahf>l)
zO&=wx;f5T73(qpBwv?EG=){@j!4#OKM0O6R-<7>KOpab^TSGuh=d!BF99}98kY0^^
z$H-OnQndWa2&s*7x)~2aR0iMm`>2`WGe^EUnaaq$rswMQ63XFDeGav%l*GZaL?(}I
zgF*9+O`}P3%w=WBNxuh=Rh<LtpjE5O@$53lpoB&oDBDa#a4|Nlir0QiM*CskeYJDj
zasB=pM4y`kIxFZk8^YhEWZuQ7R7mD=KqRdnuE1llwJ}0Tf_^#LH6&{h2|P}l>VifU
z4T7f}X(Ct0nYx^=SR`-@om>N)Lu32~FPHYkUZ(|<a;XKc<+D|0Zu`XrWFzf$xjK;X
z8OMUz#kK{3l-<0nY2a`Ei)l#B&Mk+rYJo~!HCsRB(m{;{<Hc30Q?y8{f5zp3q&+)&
z?8H$LiF6HzvfLf2R`%FX(S%>rEd(_%G3&~u6}?N`Wih{40opYF*<TwYABwg8Fc3DM
ziex)hk@LFwqhHmZzR{~FzuxfH(S=lxd_C{m_5hwN?0DSmFMzEf(8n@sWGOH5ZzM~4
zfsfOK3G7VO2(=tEW9!7+>2>&GRjy=bW^Gpk%B#l3qx8GUEHfVB2_J}Z*O#4@e>{U9
za={%YOb=`<1JX2z(jPXxhgHwUs<?SaDl;WCdMY1vnr<x&seO})Eb{Vny;;5fo6O$K
zb5U8FT(09VFW#vSKx2h?pk<e4PgZl4y>*QGGY>WbF<Vbk*D+MBl`IC=<<a`vJsqPC
z(kzMh^scL`DSzn|K(jPyXG{3ETqK5yI9vXCWY&Tb3#!IR@K>dhpHF8++qVpkzbVg(
zixU^ZtMgj>3JsXq#mh{CJNn<so$4ZtROMOJPtV^9=0K&@e#MIPS2T&Fh^@#^mYBR2
z|Awy=q8;j7F{M9`p4RED(m6DC828<yN%fB~o)k3#Xm#<(pnXiyKvnP9x^I@l!bdM9
z8`iwG*^>)3bSzH=#a?)SOW=A%Q@!C&or82uHef`Bu+&&UTXcP@-GkUQ#@ZS`i*~gh
z#JeX&jq>Xrr7!G=9v<Euh{fUxlHtsx;X0=>V|`~0Mn13vSJGhID_4IwW2HV+Adc~F
z+pVv8oX>B6=q-3*9(|mH#}Uw)?1K*lAoGo?o@cPqnwZ9Q;HcEzi+&HPmECBSIQ&}j
zCP{|a-`|JV5gzDdzE9ZyZxgIeL|kP@eK{80Bzg4N))eti_Ng}}i@)+702dNy@>P0}
z`0;7$dhdn%^*34n?6m^M{12B|vMM93&b^p(WB(=$7q>924qywGA?Vb5$Y)}{OYbeL
zjY+9Yh2O$@F})R^Ml9wozUSW@9bT~_KKtlwq~5d1MtRPtBo9(<gOp+ZU?VG$vpzvE
z%{<*p;c?BigK~3F)P{EUd&##&cZNhX7v`{66>wX1yHlTyOQ#lJP4gn^SWb&DRNJZk
zHrknAGg@O8U7HEUlY-e)2(@4H5B(Y%na&cAvijwxNN#AS(BK)=hX}jnLd&MCyM;n3
zBHZrZaaEMzVt<k;1fTh**{Dp0koCMaEbaTZO{M9Eu`s;6;dyo|kk{^OwR0e^7cuU~
z$xPw233#^3t;(M;i={1w<D$3jaUNSQT6lvV%xFuO!Sg9|URJtB&%p<>-jJ~eNJzd<
zue;}e7mYesf1s4^#<_jIcXuy8PXJ%B2tN=0+0uKfTqo7h5(Q}qr}A2sImU6pPVUUk
zbBaGr4{-P*ve>{w%W3)WpTszn@@Y03od;ZI(oGGzuX&J~n)a4o*lNv_>(b8iV7-Tv
zkxQ`?#~q8m4Ej&zpIyjXp;ImP?kXuBYVxO+cdMBe(m(^phLEv_9%z}gt>6uWa%X1;
zUl$&DsRMXV7)M{2yj`FE@&y`oJl)i+8Vs3kqc-|t&9Xu~ft-h%G~;m|Z@CR6SUOe`
zqbGfA?&8};?tgG+XG+jP9jDG0gJIt=O8uzP@(%b@n63LTP?>t*GJT?h!{UVNzHgV#
zr4hExo;qm1qXY^}LdQ)B9|fN^_4mOiS$~W_xeLqC`tRRX97gOIa2amv@v;aDAX6V=
z_400>N2oif_#XO6*aXu<<ZUHr7Mlj0M^^zQPh7oQ-*8{Xq#E#$QY#)SVJP=kk+O_L
z;*H?DaW_f<W#nvXw300AwF#8m1Eyr4Fj0KGm`QyB>XMtVqK*_grbeFr$gG-vJYvT@
z@u?m0mzyf|AQHs)y9be~C$@ZEfOq)itG7)XsMK#fug_XlfZ96T8|kCl`uT#H_Ls}u
z1N{lT4v()LLwJH*0$blEIiB#GG!zLxxed1DeYjn}F?T-OBnEtVYMlNIhS<N(F@|V~
z8oZ&b3(*Jjy)sK0!@7XG05?DdE!MC1^v@IDapzY&sb&;PV1_1{nP9SB5pYb6POII@
z&JpSswaR~N7AgD^)pjjmmm(PgC6HTKj{V$bF(jO9Iz2o*fQ!mjvMGr4qrzqM!-djk
zxWF}T__4dYyZPtrJnBb@QEW5Fz9%lO&8fc`SE>SATV2>YO~H4|=S0(gRSmko@{cN$
z({xW@E5np`Tvh4|&ADqEoCrbYagvdl@eAmHlXM!rnzueZ=i){1Dj4&g{42xGQ|iXL
zbl7GyXe_-?b+WFJJUJKAP)8w@oBTJ$Bh6^WUA#4vqS!=RFV{<at7u^gbtj1OuKEhg
z_}9{P?cI!6o2;o+J>5v?k!v&Iv0|!~iLI#GSGpoDKx?!Dj_*wv7FX;6)&7V_%SmUx
zP-heuJ)8f5u(7#2?*K%xO=5tWC_u0Qee~<j-rVjsz!QDO<y-dw?jMa&-V}Z34+VR#
zw_575(ktxA^WOJ!S9gN;yB77a<DvO=pRkrT%=P!3g}}cXg54#MrJ6!;Rhp9<O1Jw9
zL&K|CiH9S$`b18%zvpC?h7_(yDr)I4E=Ve?b6eH}Fq$BDz2R0}LT|N=M7vaPH)Dw=
zU%ljFFZVlJ+`1y)ihI7*VLe;*m$<^`)w^p&#BvA=+~z4g_KR9CbzD#x7uQ{Q%wk!n
zWHqEcI-RAiBZPJdKq?S@>g!w1uh;=~Os~~jR^WNq!Zqr}vwRl28e7=D*tN_B#v+Ru
zYi18=&C;gt9omB#$t7&D^kzP-qE7u(M+XQ)P0e}P$C9;)i^-Ty!Q~sBLYGlmnaxmK
z>3cKt(%I<l8btzFv7;O47*s*+0n>|q+PMzYCt9BCTVy+1qrM5KW3m|mKeuE1T4WD6
zn6tY*Jk<H_j6899;X5}!U0>nXFh8%_*Awydi94nVhT8E-oGA-Ru&m2OJ;Ue)+Bh4<
zSR3=LSkFE@7+Lzll)$5PIOSVl3`;7kP=KjxyR}XZlV;*-^j|^Km08qk0#~*6Ysw(t
zLTr7oBp!Eq<X@q{<sq+;!g?DAyX!h0j83q`5)<W>3*W$7dxX`6r%>!xqtO1N?f_p9
z|5qZH5t8cW47P2c%F@y`=I#@l!e*g{i%iUoZqOkW2jvW~Z$8hHnd8sHY@M4k;W#HI
z6LZ=(8gcli^Ea^%`brZgIJB~#D=vpYwA>f_K6s^agcdQcuQlU8usmARGAd}Pge;5C
zM>q#{&DS>Ho_9y;H-uFZ+B9;@ZchO`jVeFt!`{8!B1!;!$d4P#w>8#Cj!<qc@XH`2
zE|6WOc08(WVl$A=9=<n&ItF3o>S+|nXpm<X51$`*O2Zre6F4DfKh`GoaHV#_i!S3f
zTDB-byRyXI<5?qzZqp1?CTvoL0+NSfJ`&_SX5w(g^AKR!r)){|OTLgVxp3+^RXYB2
zFOFNUR|H3qZGzVl5w}j)897Y@KH<D+_J~P0t9KA7T&{~T{rwQmp#Zu4VN_i?>Dg2{
z35^%4Q6l5Q<%!CYmu73c-Me_v>176&`=<*Yb7m2<jst+71-JeQ80-Eo+CtwC_;Yu0
zlMbUs&iCS*m(}Ln>)U&DH}cpxd+=ZKYiBww$;%nKj=>lQB6H5N3V!E2BrB(TSw(5e
zOga3#F_KyRPHm+kiH2=r!LMG<&a`!!J@xa$vKD~$vGf0Vx);&)763k<#VWwdshgWq
zFW|qA-~T+_nB*%v<+(Bjx<ZVK1{0RH0>xo(F_r5hHKSN$UPF87!Eez{*(7NMiD?53
z;T5=mqUaYE=xm;ZI?9wqo>78uBv?kacRml^<z!jpR|P*|CWzp-w3}CYdR{FQ^XVTA
z9%Q`a|EG%!6$1&p_J4c0=m6OVvvclGThrLj=wo>ehx_*<>g!kaobMlwz=0THp|@2|
zDZuH|60eBx!uM&ad$@7vo6pzz{eDFCn_J5@>gWS-YV>+qRuA|ot=`E6{A2^0BRsjL
z%PXKOrvHrBXY_h}$)XDR_yVb-i2ff(ckz$1kQ(c`{*~qQk6BZtlZtgNe=$FfAt{(R
zOQS%$-V{M!3Z37KwCC3K5%YjGBqzJgO5TE^Ch_<aRQ2V2VCuhpk9c^>)PCyIN@dol
zW3yt|@FRO?8;ug-06V>MO!%S18zh{jhIAASRRu%lW+k|yHBWQGFXnut+gz6u<#mSu
zg1Xqrf0MHump6E-42?B|&r8D*1(6tg1#yK(K`_@-DR<k~L>gbfto9sy60s-?A}jGG
z`t6Bn*aQ@kP?b@E(e-2(*=KF*g*&A{xlD+~h<(SWkmxUakpdwplXimVPvucnBHj;6
z(}AF1|D6aBBUH@$H<Sf>{P*iTXOomV;8x)U7n&(^j@t+t7B&7U<sWDfv^OY=pgDS8
z-A)5ai#+(??P)mQE#!9{c<^rbY3y=c6^8O2eq?r%miG1$5De^){8#|UFExkqYZmPq
ze+^GUpR`OCrMQd?{u*M*vItp1CgbodgJFj{y-~>yM~`4sT1-gGmtsjY?{<R@gOMU*
zeXX{E%*HGnVcrL0bytTq*>8t6$E;R}y@+UvH`(dKoL|%_Vyp|9Vb;_VC)xFLM$oSY
zbGqZGsXlYW3Msd^rna%43d)0jWj=Kgz6wVG|Lo~tGSK%=D9pdS#J97H3FWEaITBZ3
zsq)U#jR#nEzX)VNQc$~U_q*TKu{_QZ{!;1iC}j*sk&>7`JZ1!o6M>LI;FOxydXI1%
z1;MaZL`4eS-{vbNj2kO@z9L4%fvl5r957pNM__&8G3L7-5>j$Z%n1(rOsL5bEE&<{
z7QNxP$3e0tlYq(SfYH1*C@Ob@J>=!dF|26AB(ow(l88AOade_3=y%P+M|K&d_B{Ml
zCIOs#h!OC=lhCXlZ}T5;-L)0*jIY!Q@#&rZr0GEXS%W|NpAj!dmV-JbNKv3%6>Dr<
z5F~xt%wNj>L%$Bg?1wgZDKvg~$|hSxZV;D>?iSHF)+le0FQ1P9#;M=VV<)z4L%}LK
zKTp8<Q3s)-B7l!sD9v%`#Sxh^p!@~?HjtlEP}N1bP9}i>0#Bt2enT5)m8#PC4{}dV
zF6QqZ88ZkS%8uhyoC@N*8G+aa5Q1%l{CnpI$r5+y;<l3Bi>o8L_3Y_O8cs&ZWlwJi
zxGjLIY1#rJ;3B~sz$t<bwK!xhX^&n_ar1nHXv-9Yc+||Sm&PES-k^~Idjqyq6P*x=
zP&pAAjMxOSr!gN9)JY>mQa4b7D#)F4Q@HXW_012!@SiRG3WXuzK4`xCVP9)sz-d5n
znlsfe$mL+Q{;;o|=Wi%6^(Vm&pqk@L9ZA9T90jHcsm)MUQbawiD_K_}3%8~_?7W;&
z+4cVn@=BrjH`3@VVr!wWK%3(^aFgkb#`~MxDOLWDeVrm4gsKod)DA^Drbeh%!abLP
zRFf471a_p_oTg@t1H=GRcN5;5)H?7cJiQ2Xi0nS*7AI!6m*quN>r?nZV{(}I5bm~5
zcn{F|qBpZECykN15AUn5w(O=#cb+8Z2bOH5A;~Rz1xv^}{b%P;sZ%HIq7d#+(P(%{
zSu4>MK)xmCG%Q63CXz0tp75@jE_K;C*E%e|qnr@scX~RPXqw7itTN>Yp7ae&!+5`2
z$#zQaaMqEEw8S@2AtWXLr9ijlQPwhIp)JT~@DSPE0qR}E7qejRD+}Iv+AAH1M27|)
z_Q4YQ>E5P_K-P3dFSUd!^h<SudPrGOH@_~Gx`gakiKHuGsUQ!`Qx_@JYIN0_Qjsu?
zTuMmS`hv!5+;5z?5U3u(H+=I-*#wL~{z<TcLL(ldhz#{arERqf5~$*2!QlNv!OO@Y
zVJM><a$<QY)&dFM#Y_RWQQ(y%s@-9lv{eD9E`y!17`VjpcW>U_>zobZSHEzz3(#~K
zY~t?btAh0K4J$sfy5_?q_RvaWFAF&@)N)|=%D_b98cB?H?~=D^<7&tc8;G0Ek&;wZ
z5V1<fP*6D8*ZAu=QRY?pg8VS-h44hMf)L`f4k?3PQzMI`f#^w!3kZdymj2L^=Z+qY
z%pjT4?oRS(G8Zjcp%Bo*YV+n{;=rC2%?nTuFtH_cg;JQBT<3CLWkAD#v!E_?r`Km;
za{XQ*q8_myG?meeAU9*m5cV%X(hXB#r(yVFq9d|TQ!*h87omIBP6&}4jPJ!R`5*c^
zybwqQTW0;|n*SMp84q#oh(lUV(pECV^0ZBLiL#H-`TuC9s%YMEK0eiTasxMjOsXBZ
z;dp(Y-<<QtyWivZo4xr2LLxd-QRzFX@>1M{@eVqo*U~vOhv4Yb^x}+=7RuE$NPcTo
zQz^FPtz_jZ3pD7^MZ>kx(;u}%?H?DnIEMizAt?tIq!h_Dc_ja!uO<IOUz`7jzUD;Y
z{#*Qi(ASNAjXr0uQ<6s@aW{%_{x>Kw#^y%g(zWE0b0{0vb<KrE_6^pd!1rcp`iEoc
z>bg<f^2nXQ;th(1g9!&cHou_SEvUOFDq|Zk>*e6-ulTj>2RcObIXc+N(K~;=OK#_c
z$v^!@{#740+hI2)_~>B`nq544S-e<U^fQKFwnaoI?v@gg5Pm|#U$`O|Uzc#Vxc1AV
zFN-e7On()fB0Wh2T9UVdt5ug68;u`?zd4~|P_ho_+-!W_PSpt>&LPrhQYNQEW^YFu
z@i;e-stP=;7th0nC(t0i9>$Anl>k%lecoxlu1w6#DPGr%7g`kB9SyocWMJJ7DK%wW
z8+Q9g>7#<Dn{_Z2(6w?Y3Lmp#y^v|$Iala$7G$P1hJYa$pb$J5yROUomnf&BCh3Z{
zGmOP0JjAH2)iu}JDZyaazXZdSYJMvBRmCl?P*6LV?MD_s$iG;5NNq<ZI$Unf;85oh
zKcUfLK4(r6G|dv37I%IS+>{0$^<y0wJ#&j2P(I!UbtO>VD7EI{#-Nwno?C*VGSHo(
zW<c}Q3c)06<j7dmoM0@akTNP$_ANH1!}M!o-WC?YcItwOr&~3_ie@i9QU|CRV_yxD
zd};4C<nSv3ZHSkLKd~~6>ys46oqJx5FG3~3a}ATDm!*VQA(0B2)M9NEWn|4EdLPw6
zC)o;_gf9lP<hSgA{4VfDCr0Gbj5*e1T&8d#h<kd$1PzVsPf0>Gvc~3z%xqW!g0Lyp
zWo4wyw_P10(Iqns+fcnASBJV~9@}pMmvj-j0xh2nIaf%Xn)-Dzs_2wsK#~=a5Z$y^
z5<jY2H3cywW;T7x^pD)(?b;jE{i;L11a%Au->p?YlryaWp^t!au0vWdWkj!-5njyH
ze3fC7n2!H6OUMti&e}0dXC**$JjGnog9D%0&O5+ch2N-;yYMqkIOCo`^fv;=Lu1NP
z<@P_U%!+8`#D2Jr(!%k`^0QM1!?<`kjT?i*01eQDq>LiMHi0{+tDJwlVw*qm<3)KB
zP5ine#g)W*viQCk-dJ5^hPY{*+R(R^c4oU)o$H+~hxQ$@l{Hwa$)^ytaU~z|0gMym
zrHOutKk%y({qb=*DTl>1Ivkb2L9D(&qK^vmeWeXo^`$$jZE^&D#bQ0Hrx>4zhhi{H
zKXCDLwh8Yz*^|?)lN_jVXR|QSmDHN-_(F4>ve>8tHra`2tR>Bn089B#AyP07XsNkl
zo?s`wTG++}NdUD}M^H!Xallk?9##=Fy#q`STATLp7%<*jT?N|AMC`8g&+y3T2M*^M
za6>VIi@-^J59ze`y>|vNqqz4V#F{?ODQS%SbEslC<4|`X(+oIAGcnBzNBc0{f8gsm
zkom~TOy+75Fnc?#`d}CGNprGk4n`_rXam<!)<VunWD1xPV_9raqr*d?6tfxC^kC(z
zD2K*>sk_{>bfECw(@;{obw+lud^A7cYwZyh(7@U(v}2-6T*=ov&nx?h26jPE@r+QK
z7t(n4>3^;AYyr_UU~GiTL_1cnH9IhK=L@KsUV`?oTuGszP`U%utAFHiAXpIe!Oi9B
zviKgu540FmM7mV^H@U*xt2r<B6!Jjvi69BU3JS=D=<Wef{WmW&39o?92;BakPD)s)
zm9z2dws&=Bz{!{dGvHv?%<jK|13Yn7qQ)(bAh7@C#N-X-*K>hAaet#HgsWxpw@o!m
zUe*J)9GM<tWk3D@5bPx61I#GC+ikyCj)+0rpQ3b0C4TaLd|<st;@}i(8<=N&b+&;y
zJd+Tn0J)4Zp2@Ab4wyM{HNnQJcgJ0XFT=k+4u?U?r&CZoWp*osRa?$w9IvX|E{FsZ
z5B-eO4*c~4w>`uHs+~)eXqec0_CYRx#ptK{`0hiUhr6b~|4eUHn_0bm<MZO-wLSyx
z?!LZye{x_>Nf<RuICoRtdA8sFkk|hUfsvW>mIfm>1<4U(br}iJ1eO29z)st2H3tX;
z6?X7na7(f9kZ7p91)#JKniy&l%fyANPvvB1@8!}YrBMN|Oz<^obbgM{Rt-<{ZeCHw
z22mk~&xb#Uo7?^6+U@CDW1#?|G)3{_oFA_@P8N51UFkm`*5&QY{1=ngReO!Obc`5k
zcdOqMm(`dvO3&iuqAF(<&;rw>j81foYB6CKY>h5|dYqrHbw2E#v$|`G{MkKQX9a++
zJC}s?M!A+m^agY11McD*#kd)Fx}=e^7=#-tW!%I1kCNqM9dxFPscinQq}1=K9Q0#Y
zdV1uuNJ&R1Os0>Dg8KiZq`0pC@08TRe<`VoBy?$c6Hyg`6k;YE93I{TzEL6NX5xg`
zr`+l<rLWoN_T~*5=7DqE^$3s<Yj`i0YywmFiE^lcoI=gmuu4Gn2gpHuzsl6A$*J~M
zU4@mPEWD%GUpyY>H+AY96p#44yB7J4NyZZHD_Nd4RAwT{qzSEgPcArz>Y+Bl9dx}u
ztZH@)7vyUg&~M}XwlRHFYADwkGue|(Kp)|z^vu*Qg$EU-n{3>uB?k#(dLgE)r8dLh
zHcP2t&5eto3*7%wP1huwDlbjuqt>b&gT}zE46CUK9o6KcAD8SIiL0k8VeZN)uOYTl
z5WOW`Wj^IqO)-)Lua|RU%%^uxK}q3oqhTbSs-{U<WArDsSY&F=O+~oT745;l1F0|+
zht2yq_hqRcSV-VD6{jZ{i62-72^P%eBbvn^RMeG^Xw@E6R8X;^{7$0KKM~8n$@Zmn
z-XdTUlI-D@6zuRN!p&@rFaMED*_z=6G|6FBSwh^dnC?5`R!96qi2CURjt#)|c?{-^
zoH-Ad{gDMAS5@w{g@gy8FuJO(V40jBIY@t{^V~BTvyNnSM8QV))m7K#R!)DH%BX2=
zXXX^J;}v}<MDfq#hz;;&>Nh@3+oD%V3O!p=`uxeR2yh1B@?$XOkj-GhskR(0ia`&k
zP!TKPyuiDGiZOP#1eP#S`CC8P<}h3@5JnpyK?&!1m^BwSF$RQ5?T;5g@>A{6d-|6@
zIx|T^?*C!$u7cuz^ghocf#B{C+}$m>y9I~fPH>mt?v1+>2rj`bxVyVUaChnLB>!{f
zJoD5{?NsgV)!y_y6wtq--{03qiex<OCIRqnUaFH`8}pPZ*pWwtEXHZqIZXYip5n|&
ztO2f9H~Ir^0Vc&<Qdw0v5dy?#|GbKCpWt0|n%`M)t0)Jl0YHgQ^bwR&#d<}aE+1`(
zEgN(-IrW$pqpR#0)IHL)w=$+~a8Dr|&P<J_s=B&es9~zV^<))-GvI#|JpCIbnuR4<
zq0M@oYS3@HJUdzu0160N55u5i62s0C7SmtJZ><pttUsS1#fW(#!aD5<(3a)X=i)#S
z+Wh;uM~`PIa{q|^c=)bCt9TNnawWu$o>cMy16_S?W@)5b@q&blMGz_Bzkg2rIxB*F
zWXj=?Hn*pVaMzy-0oV9=oJZm~AF}uPVqYSSw4~7l>z(KQIted<Bw{#+MYUcQBU!;3
zY*Mccy{2$61ChvWD=od~dUJH_XCbjTGx)Ce5663C6J&V~HItDA4hq-7T#S!K2-#4u
z5KZPGG3uI$yr>kxnz(r`3iK&GMJ7aPsJCXR00nizU77>Tw<PVwZ)!{7I9%94R>-}I
z*H&GH?_02RDN_Ne(2**8j(!Dx@x%%vN~f@0?M|+cT<%V;h*>#BdH0;RJ}3vFKVW5r
zZFI3vk{EO{i%1l9LvKPp*S%c8i?!z|z<UxRR#~FKghX()rnTXO@+f}kQmCMAr``%S
zSdN1iGoIAYMi1_|2{xZC$AxMZ$6b$Zo(mW(P36H1qEdY`iAdH9;g9@82n`y5&-6`=
zm#!uzqmVPj!D9W)sMinQcXnmLOGn=muBB?rSthJ|hHN1~3ONA&Y7@L%sY09gv@UZU
zoE}MuK31cKOEUXk+ZV%G0Jq0Tq0D}OOv$04ZbG2V&)U*_DfO5lp9U8C@{pT10hHbQ
zm+~E81)6|wY7MtB&wb<<NR10P;Q8f{G8^!CYG`w+9eB@}4ce9I_vihf0{*Kq*PI4I
zO_AN?R_ka&H9W)4ePgW@GAVTZrLj)(jgZ37vu6nE+c(UFLqX?R9UDUo`iu}mQ+6od
z67C>k7%0<3QAu{(I_`Er)fkvcT0fOSFef4P3>C5&J-zW>j1&)>mowoVR4QdaYlO6?
zk|<%4HJhA7iKhW*@7=Bso-?gF7YFse_(lW*wD(@t8`f0i!(e$bUo!_Tq2@KCX?(-k
zA$5=zH?d|H`gXC1-xNIzFVV*gtWwTf^~}#<p)1jETvlZf1WTqpss7!%xIB?K$;euz
zerF`KXmqI%2v+VEUeLqiUof${mUi8daofVrzJI^w&IW*H_CYb8&=P>c-jXN89DUbz
zqz`RNze1ArVYoT%L*vC4(gk(JAxKG~K$;&f8MU~ax^txxI8Ozxwg?6F(IV+_Ifq7>
zmRAz$jA)3a7&yritdb--f*EIO)^A7!KE=}v5{0DuF2pJ^2#qzG@6{;c8cPe4#-V<a
zGV5zj`xSch(C57uN}C>3S6TaFPjYKCl9`9s5PEp~B~<uW^oudGPh)F^wqX5LzuUCO
zE#iIWmOv+x#70nMJ+oTHpheYGp&A?l-hT;NM$47v`TmT#-?JZ;1>2%)CV_QROBef|
zRmk7LsJ2@%<K+5kqbsQG&-}Ndr9n8WsWOBkWHaGTI1rFD;(Cr3$xzm_4%Kk9XRsiw
zUdDMo-(;0|{DX*Semm2KWD3$%d1uhgzaz#fn=q02$CkZ#*A#<8GZyH6Md_<Mu_(VU
zq`4G!Y|wRomHk!j?yoKmQ^Houg)&+(tdN<;=bmp~O-FgBONVED)AR2-RvK29cBZSM
zw6wL%uw6A+v~zHzBt;K-An^iAMyH&jyi^!UH>r&AK8sCi`E)2dW9-3`z&-R<4Cdu$
zx*{sl;I4#tRv*_8N=2W#P_uwU_xek-05uI}mkk@Rm7Nw0zAi=w(`;?GimJ)-;)XkL
zuzjBgp&n-QOy7siyZNJUC2$Wdy-A(EVcoZW%&f;P$7BW3O9w$_X__BK>`o0^H9p1p
z4tQ4TGEhXXP}$tI4Mog#w2r0E@zz%1WxqeZt?nA0L#bO^P7`g^P{ceix-Qq$Y^gEm
zqp~ealSQK6&<?dGq|3Gei%M};X4|yAzEJ&qC_3iuK@2Yf=lX6cr6GwwRVJiJyNPHv
zE}q?fQ%~Nyrk3x-p8%}O&803s!12Qg={}C`kN;KM(l~Ko9$Ysy-##alyjhqv{w*8Y
zcFw!HeuW`r6_4HeiQ^;1d^%%6znN&GrU^cy?8o9|=pI}{xpZd$h1>R2yHVtd(4tg{
zgf1pQeVKxqZ<&YEhYwb7t(p)YpBrQEi}eC;Wi}&yhqa$<l%MD@mexjr3osH}guA-h
zE-cP{ujd1bgj}z_v9a%C&tHArF2VS%R(jDk!aIAH>13aon%lsW6OI^fYqx91)e?iq
zj4)DN_RDig7=8_sysP?HWphRLu7c}Ay0MnfnrxIRUMzfZZCBG988$^?<a2g(d;?*g
z*3AMR1DgQp`CX0s^xLy%Q>Z&psnUYnyhVV-0zJ_+>bsea6(*jtudtQKZRd6Vb9FTE
zljORFTT9)#5NwLmV&cu9lv-kRM$JS0v$5m(Dh=K0{pWE=9ZD`!Nzhx<8#X89iN`v_
z;3bnXn#9menTjc1of9W28J)HcD|~3&UG_4LnO=7vqx9EB!z{d?pBh;xVOVOp*r%o(
z|F=mD56OQ|VqpJk5_42Ex@S~R3jo$or<x;duhj9i#29gM^e{zRXnwGwS#KBcQnqux
zdosNxWlH$;25;Vsph|DdN&0-SeQH^|XlEvD@#-_Oqwv|nqP&v8sc!(3Z^X~l+fsV#
zo?j~-ZI;>lOcP5&xHKCx<4tQ06H)5<(0hP4Ee$lH6qHroxSJ4Ckg-l`c<kRaqVj-N
zou`aL<6sBa%p}+LqCy0zF1PvQw`k!*yw#3lcrs1R36}=&6+Y@HHe(SknX_8oba>`X
zYe!<+&m;u@yMj^rcLifHOI9(hv-3{{BcFtkUM3qM*!I=SEIg{ZyP}$kYnnD`#@!MC
zv?~Tyq@Y`<z2$V-Pfh}3ViiL`=Xjs_^d*4>TK&Oa)-KgP;@12ELzdp*?6ACy7c9*{
z+*e=RBC)!BI@j|f5wl~v(@EZk8j<Wx$`g4?T!V4hKYc#}FqSTqvjVudx0T33A+g?&
zrnWD+mQpPibr+vZYf@i+i5@I|YDyYZAqm0?I-DK8N?1OvRQUSI*A(}MKj)<VksE8&
zqb8)ij?<yv+KFqkkFND&IQw%YxK1m>G`KZ`na5}QG3KM9$#g^wFl%)BK6FX~Q;UjQ
zAELds2QSr8pPz~*JuMK|GyBWdk+p@XFkD~8hq)y_$a$DuB=pCItQPXjQm)lc=AWN8
zcs6{Nm__0Ew(bG{^L@;QHrKD7sxx%JM2=+E7#wfKW`!-vA-3A6^tIR0?29&DuQwas
z!b#X%#*DX>uGxLqfxHi5!T~ap$ym$(CV}xPc<|?G`=$DJGQ~V9-YJ;VdCCB(<qe7U
zohl~iz-H=Gv>heM_av&y%Ey>AG+TxgpS*5My{7*M1DLR9sn>qNSA_WQ^PR0mk(fCi
z8l!JC^DbJqE<*fM<@2HgZTMB1jyAR~y8(_l_%D#Q%HBD}PHaO^T`wxrv&){bS~Bj!
zk@3$K<4u?vLW}R{EFd^ZIVET#eHhL0Yd`fhF7q=*!t@g>*NN`cxdSLcXPC^F5c}yl
z(_$sJ^*x$Em<9q?0t9GzzEi2<P)q;)*Mddrw)Wps@W}1V!-yz(e3+HrgYg;{ZPi}A
z3o1Mg8dq}iI?Kh%whRun&+!2D5xNZjHw&0+11yS9WGnEQB}*b|*#WyM?%(l;#%*p%
z<Jd`&1v=ba-tKztt2Wx6E@lp6s{|VHyNf#C69JFs1d};MePH>s8=ly;H99}Pyo@|X
zYD^Fj$mNqK79uj=hrd^5M~8r|4qpk0_a@b~$5kvrWRnoxrZ8D#>z}%?WtB6IFOy_B
zXqocX=03t3!6`RrBVO;ciVO+#p#(nWIDY6T2DF{S8dzjx!^`_b!m<8vUHYlv7F$Zc
zQi`-vq6I-w-@Qayi){&=Mpzne9S6TJ>_k3Qb9r@o_^7Yn&SA+pNKaJXL7XE{Z;ms%
zZz&ZM8=KN_{_e9zz3BgW2xF%zhoRf3=G;m<?>Tlg=X!lEE{Ww)((gC_zLK<5r<?NH
zb4kd$w){5F%b`W~<WSC7ofuzr3fhs3A-{%t<<?S}Wf^C!);i;@rhz)jhau9h0Wvlp
z!qnWSZwoLt+3;QWbPLcX*JjIU!QG%9UHyGm@0zv}xycbWeI%nxNq^wA5n3cs=hHVJ
ziHnQj=Y`GJYrBgthd}XfP3kx2!w(yh0|NtNpbF-q<83C3Z{^W<j18eK&Y!dMWd87T
z5U_!<rs|4h{(J~{8R*N<_|U07c|5+b9U0ozK)f#ATLy*L8R(}0ui6@erCXEPS-d$^
z6&qbIN;Q_U(yMTk%l|#2JSJ~dTGP;!b`kU{>DCBK_XV~WNLhPnv)k!H2T>Uh%;vM4
z2YwW2`PURY9MD?)<}}9ioLI#UYJ&2Ezh~;cblpvK!G25Vn((Bq+re!r&vrSp1H<L*
zGJpF=B!BCaxW>@LKNXBl8Rsjj6c^0b6=KIR+Tb^3$c3ZzhZXlMR0g{I`B90CfpSyc
znT1o*`EvGp4{zb?R*rmlbs8dH>TeZLr|cS@S%sCOxpZ=C>mQ8FcbCh>7l#mhlg*CW
z24_eSr`^TYJANvWjAA-}gFbmm)ZsZ;o;l-uw50(`uak9ZlfZz!oDfA&kgou(7<0bY
z+3IfV1}w-9sr-sqnDlL&7D@fb!F$Vbm9UFbuE!`D>SpLxEkMjAe05e#6d>!RxO7cg
zz(;p22e3Ou8v4feAyA5^l(q;g5`IHHe2~134d317a!zbaT*rP6TB;1T7SiEkCuhE#
zB(ih#^pw+fOCg|24rRhxVU@c1n}f+NWKz>9K)&;0&X092GI-i0fntFe?=kTP*D3cZ
zyTgxew57rI0B54pf1C5P#n>_EK!o0HNEq<Olufx-cZj>lHgk8_%!mDTb~g+us$9ya
z4xeS)%|X8GQ=Af%`vQP$9%e3<Os`tIXpm$3dI5_~4s6*mq%^*oeCT_>;skL@eQ@ma
zL78C2knc}y%Pu~x)iwAl`+7|K;1@1}O!mFbfu7&T_-DII38Aw;h~Klw4hm;}(=e4-
zH9ZqfX$sLF!yE`bzVkEzW8EgSh(*qgF{|i+egl(Myp(K|y*gen6~LB%kf2f-s#Kfd
z=J#Sy#J2qrMJZ-Rml#NhaVQS%GGKaj%zp*s*evBh4K10<8J;qGmi;F6W-mopy+Im7
zlVO^}5r(u_)dDM50WIyK{mU_pX<XkZT#R}>Rqm@JG|yD{YS?Z$t;};BtqeR-^b+})
zORHxR2T`)^-fD-6Rm<}MQZ~b*Z$Fz0^lCZ~SpnMS&DZf9*qm@6djXVxdGh)OF+Vi%
zN<>X%yLJvLdtX>y>2J96l;u_%*(fRWKSR*V;f8jZ-QZdGG`5g{K8vr%RAbXt%YQoA
zmQ&}OucxJm9J^vSpvPEUs$d(Z0KP3BcaFc^o6~1Y&XA8SsT-Fs17nFeu6>bWLIa;)
zK{N1#JO$!ij^$rMBcmjO9dP@Uk~j*wFtb?CKGr%i4Ul?eUf@O=liqPHyX2dAN;zW9
zkhYkiklVBsOaD3n1j*MFo(V%sCu)Y(Oo2Fqno8&NpD7UJ@hsG%1KtC^9+zABQcn9P
z0Bj}B;Fr@rDA<C`k03SR=|cbA#^nHT`1wNr)`;^o5?CVm=rUc!i#H==&j&N;O8E3b
z=|uQs?77Ex6WRRWmM;0}V9WQT*RCCV>~ws>0+YVOz{J%}4m~x2ARO+g@iiZ)7uLTf
zM$`h9*`0A@yW9aE%VtspJ3uFr$;R{>KuM||Ny*z+LGP=Fsn<testLWarpBGj()8RT
z?*f9d$FhZURhHfR_x9q3v*(HhM(Q!bUq5jKsTB~;ckGvM7LFdde9t4SXRL_IBWH&l
zBc02aFMDuIN71H3jTvY?=dMzw-P`@_WF+gKB&NR`bz98FgpN>E#jW4Dq=r1|!czcc
z-2+{RXpwIhII5W_>bEXH6;2P!NEz;9St6@Fs_lL;MB`zud|W;wblRMAxSvf6v26XI
zI2h@K<{)C6P1|a&mZ_^lJl6Yr2EJdiDPhop8NEzp4*#G<v!T-O^y4^_$R`SR;XO83
z9G}8HN^Y6_fKrjo?G<UffkVV(Df4iHM(<tsT_Q_qG_x@c2x4WmS{;;Sgwk3#61&k|
zQlXm5AN1}RtWdnVqdW$0vsGt9pKD2Bm|Qjh#C5o1qRG`ts9JVBd_w7yTtZ}tuHbOb
z46=s!YC;IH*`OQ9O=KM<-6Z3XHw(m(2xZK-nnmfMxxLRwxz$PpN%Yj4eiSK33Nw3n
zCH2_bq0Q2wP~X49?(*gbmHxsY{ggaNV@CfTKBT<xW3h%NXa&C7Rln3^3iM$+ovWNS
zR(~*E8_&p)@GhHvvI|wp=`K?W|A2=zO64MG1%6lV?6BI%LzS&Pe6b<kc^wyDKG}~6
z>$OPN;Sigj)D(8Z;qGpbNlpA^wikFiDd_nkNN|v!>p|iZ6F)x@y1S-@hgLKl$L7(V
z3sIV_MJWfljyz3npw;zEyIuzRcUke<Md9|GXptp|{BYz{tkMc2Csi`~2}<ae-7-HZ
zlqeMpH*u3A6Uk6~*X67aMb3kv$^9D7CNQ&KQPOpeitZ^%7$09pz+iIH7zG8TBHw={
zojw70@1gWbT4Zup{AU2uN3}UwW@I=xD5td|B`vZ%F-I}U<T`5-+<y4AYS8)V;YZ*(
z@J0XN<JHBMqGgu^G7;|vV1Z*#c|IHS>Qcll@X*vAG()ODePD?KZn~`npbsL|?t9Wy
zr<55C(t~%7U{hxfN=3~ib`{j-)Zefa;U|gwF}tW!Xj++Mg`Y%Qf%6mf7%_tFDnvF<
zskD-D2)xxS{AUS{fkHxj|7E~CmV$5;oEvhlfS7!U5%&Q(nhU|OadJF>Qoo01ADYx?
z&#2r7I6XaRHnFq9(Yy%88-Gd43rZZ3Y8&oyWb&Wk<O3r;{TN8FbP$~f@N$;A(wE^0
zG;}ab!<#ZIh+ws%@g$?d>GmZO0>+>Tc$@G>Njtw*8WW+;dfbs9<?XhyX|Xt>>JZZ(
zx`h@l0%GNZh$sW`uJpUXxTF9IiD2R<+-Rz~GmR^3+AvfY{$<}1p>8%k{2Y$R$@=l!
z;M@dC^pA*p-yQH7CDf>1v*S_w<(OlX@I81nM8G()cL_jfgoBOckA((pr*`h;({lI$
z4Gn*ESJ9I?F;wo6ZSnRlap8oxeUbs=?O+023oONY8E=T12xDn6O_Djy%t)p9D9ixU
zVe|@`tzi!sAtfKR$nd#-aIgZf=j;br54udnT{%P{0YFOBdyjY6<3m(eM_jxUMiK%%
zIbl?Uq`>nzU;uQA_I49_4h+Fc%Y0e9)&K(9?+JL3E9u`8@ZkaoRE<YaBPLWyIAN?G
z`?Igod+FS#5yj2hFhrCRn-eL%cP2IWcHn=tj=K3wF$5D9L&)#p8ve;@j!#4Akmx5G
z8FGhJpbu$Er5BCzYh5|-4~#jcz4(eyE3fi-iW@S{&c(8ilafz6+#l`_RI4N3M%byh
zi~xR3igklIp<cI(A{lSBs-IbQ?d#iAbUAJ@;k=rSthNnGov|HhXA6`jbOQX=2Gixm
zWqKh@EeFf^D}s@6yTC2OHt7<9fQBRTa0hg$W@2{d@=yeDbUMd~XWlGTe-jl=6kS~l
ze#0;+|4c}icUDVS<VzZ~WH1w&)iREAkxg^mw4mp|w&$=Z7BtM9jfLV0vdG!9$ten}
zOQ;=aT&6J@m^+qlEfYg@(Ww}=4o`yurFAiT%_uQ42Jd)eMW6}w4^JQtJw+Hlij*-5
zdzeDyIi$-8=LIGpzAF<Yv4N6<2}9-DRW1~MKpB$G776oh)?9|U5K*DU6Y16bI^%d1
zuIuwc?=TNBzFNm2Dl;YlK3zMx2btbg6Q@A?;Rh+bG1-t;n4{VL+xMBuv|J^jPb_O0
zxFcyb=nf3Ejs%k4^FNB*11JlmF{o)TgDrx4AZD0$NYO&2O|jxNca1hEEK9@)9$O9Z
z!2GqC<GA4r>Zb}{!*vC`oUh7xkkjCmN5uzv=S>LaMBqOjishj2j!usb=TFp3<m}n-
zHX$0!^A7ZEUYqCWzb{=aLxxpdxkooCY4Xy#%pZZX3YXkvsa#3TN~=>Fy$FDXmIjG8
z5k=x?U2~<Z!SJ4AxZ0TH$9vO*e$Q7b*^$JydR982I6^ea9Mo3QaN=beuo27^<PrfI
z8Lmh}ja6h_*Q#(dm5YqbGCc6y$0;!z<*JNej{;D*4+>kFAkzKkjb}cFe9bA6&PN$M
zsufop;@A*eiR{dz+rB|`jv9PF@{b%6^gL(B`+jj{4c(EoPt+Nx@N*Z_NWGX;<vJM2
z1=b0kHOIMCyQkqeYD6qsDDbcq@C)=}RSTSxS`njqGGAqummXr~8MXt0%q^+Y+{Yo<
zJsB`y>2MXZPIKRn9*Trvg?#mom)1(m-7RQwdgiD#1SbbmrTZ>Z{tiAj<{LetoA|;{
z;zp_d)!pwa7;kG(hHpG2-P)l2_q>C7Hfk)~vY(BCi18$aO!8ESk)A;k*pI>c2?mLA
z<^W<H@^VCK2g~oP^_%TR@cGl55DXevH+^Q3>8YdYb?eU06^wg2RO~Y<X1QRbQKanI
zCrI$Te6V}LMb74zHsv*<ssuBAefVEnGv2Xb=~fUsrG+5PO$-N;Q#{G6!dj5xK!~-=
zbU>IJnPjFzlfAdbZZ0>?z{-*k`6X8u2K!w=PbyODCwK9qh}lFSd9nzy;vikxm4XZW
z@|L?HTvZ1rX#PDwFE4HKnzvBt``%LFzGsZGjTYLcBnUbFjPEF`N#KGqE!EHBeu+a8
ztp>Bwp!xSOwT3ALx#<lk#$#A^sOsp%bWMG-0s;vYxbGbcm2%NSOV!5Sj{a7bgOtjo
zCU>PZ@})z#h*KI!8A6YoCdr`rcYLd71{9KIHx`JRx;={yOyg*y_YhjXIV|=~IA5f-
zgy$Q;ovUed5DhlfpVZJ3(4IoF<gQFvLz=$U|7-qTC)b2)Rv-?}ri9UDY4yZDhEM!}
zMxy&W^^#PE4PN+5-|`nF@1T7ICN^)<l=F42xP?l5Gi?CEg})oVYe^u@6Bt4~TEz&t
zi3fr@-i*C-atLA%|29O>IFI}<jHL!1u`25>2Gfxr4DFe*xJ?3G0(8Wz2HDC!Ql#=8
zC<S5fqaL+Jj?~T#qvhxNONR`g*JhOW`evP-n^^{>s4Lu99EB^urDf!&QC4%^gIp&J
zbI5G3SetKEwUebzc@po)Pi4p**ker=#pMgxq{@wa8!E?i85dh08Z#>&P#ZV{blBeV
zl4|F201i+skgj#iGe5z+OR=4<XX6Pt?%|=6axVv}bEO5#a39qgv()d}KtN+3vf9yN
zdV4_*Y5RAP;7vc3X9YGQ(*#dmcis~J+BI!bzq_I@RC|ZogQa99&4>w31p^$(SH$V6
zMkZAvG5#|@c$D(ikm-9*P0_lNC_am<Nji1yizp#Z2VwI->BFxw?(BladTXjh9_&fl
ze;X|z-~Eb|bpy6E{k}E#T5|*KK;The41iN8U=(;#O?ZPg0NQ{5{(JvjIPD-Ha~U=H
zIaAj-Wsnm$)B^lae19xW9W8*HyK+&a6@8x_{U8$uGyh#pYfrlJhkaNKs2SGcXmD1?
zD-zis2W6w(v<ec<OIxz`gcd3OAp+*0Ee1{2reLCEVwA8-<8=Qn4Fz~7)H@`KmxuPd
zCQ~hfJaBT*gXeR+6v4sP3N?P01QtXFiZ#Hl0cyc6*y8puf<YjU`{l!M4|ovM7UoF?
zH4<ccXmtQPwdOd{Q?COfP8q3QnZenI-Zu5DTYH*Ge`Ek83WV}h0txn`Z_wubv$^;S
zP@LJ=5Vx)k2qEG+FZZzMuD%BJaJ&K?rkHc%@HNMR%)Iw1(Su*ykVwE8EHV|;W;H<<
z4nOrIdxK3#=P6Naohs10PJHh(5nc<>eK!#Y8%=%*;zjtL=?Ka{h6(BM?`TNJZ<}`^
zciHi%fXm#uN<1N-tmK*_*L5ukCQ@1<JGuR+6k$h8o}@2(BX|%6E+*s<@EBrxvWXzm
zuDZZjyM3@idP{2j@NV$R+dis}K&hO$?ObYdZ0!gmGAjB)N@S(DAjN!>=&>h)r>Yeg
zUFT+ur_%upjSU?bd#UOvki35e36uOEC_?BEB)y%8er5P>`acgG#@e-ko<uE4-Z7BO
zhW!?i;0=$`_fdJzR+5>+;$|0yz7Bj334IqSqmLr8z|9bKOiqiYOvjsu{(}$W8``Hn
z!4A1Vx@7pxO#X~7?d*g^#%VbJX9kkGGiAt*453ahtCw{@TN1xYDL}2oN+ixn8X;?h
zKACL0WvqNH+AgcTbwMDL-~61;l6ZWb!5PKx+4dF%2lV$373Z?}hk^I*398~K7gNGJ
zDg?lZ)h9wDdk@pug3J`B?-BSTG@4zYhkm?=z!*ZccV!2`kKH39Vo&+g1R^1$9i<j0
z2FZ@evoRm#xyi21_@mSqPQ#i+y1DUM#<OYnpgtw00o3C5!Vum|#>Va<Un!}bhLQWc
znp+F13I6zMd&)TyRqYwtknd-x1DW%gYEWz4kv5?E;MY9a_L1*#$4_^YYBjb7Tu%+I
za@vfzPd%$s36c|XKJyV&!FuEtZ8o!<PEj<9t)Gx>`=Y|o_E=MH){z2rtywB3@1bz2
zCFqbs)`D8Q{d~2kZ5=iH;JVk?(r0+?1?^$DW}Mi#BeG@SveC(}w2`Fc_ANqYw6PIt
zxW*1sk6W|iJ_MHC;((Wbgl(MTx50B<Nn&)+`pJNBw-;!840|Q;m*C+r(o3S~*jkD2
zs-j^k)u*MaC_sbx{rrL8>CI1KN(#wJI&?ONOJROB@|Y0<tIoh+DOq4;YuK9$*PrNs
zR~^$dGt7qw3wfV-?KnEfhsZL>p8mt=6yUF>uI2$h-<G5n3{AGlvjZh4R@xcPouJW?
zA3$yjn%%%yl~f^J*1>&dmcGVM4<%+$g+5LPe*uv?x{_r^jaN<=k-5#9!kV#~>{?k!
z%`Tf_li&?W-U}$GED+FkbSnXJAHFJti<-r@$!U$T6f^FKkTHKbK0YX|16rbErQClj
zrjB`k*nvS7$36h4o-kYd(tf=HRW=>>svWT*UtDUC^%IF$PAevX5>fIvo#p#ZaBk@w
z;QM&Xz{db%t#xgo__VoC^lX)x4qs4=A`MjFdI)*U*>@dTh5BW3Ly5zwzppYqp)2iB
znxbK-gt3vnnvnZ*OfyBQi$6=}>Bh{4?GW(%25@Y`p9ugJ5G)$TlKmFq(k^>P*4ys`
zg)|H-$_{5m*3=on@uF2R4Apjj65ADcf~%Iffv}s{h`g03aC%r7r{u`Bc(1PZKz4mq
zD2*-V?-2dY^jJwrb1Q~8W}A37bdaBSFG>4R3t^=~)}k)CXt8Ll4h$<7?2`NiJ;vRW
zjZDJ*Wb|;hJf#+ytmJT8ihz~dg$UJeV5m|tq}xmcp+T+*W*oZ{F$K56E<Wo5Xwtd)
z&ATGZwdp1>7<8(E=ggEtEI13;NOJL_U#EVN^W7aO>*hXwloG6;4D{5J*EMtD!3u0=
z`R3Pc^X6$0mRWD;f!)@u{0-)aAq~oZz1=MgX+T-j2obMbqj+S{!cBz20c0IaT8@M&
zy;j1F#JSn-7-OTL7A}cgfWLV@4qi)H=+fV8TV&37Z$-;?-~^fr2Y{WW<rQFJ6)A{G
zlc-BrWTB7j+0!gZnu)dJniVD_z4sXQ2=*<)YOqvuCG8)B%3FrKoN3c$KJ>4IN`W;a
zPwL87Z6?^H&Lt0<VO8}Ku|LmT`-!-o`C0V9-11kud^=I^BZ*D7iV}Vbl$hxVmbqmZ
z`XfoZ;R3zj3xu*=$xJ}DWRG?FyMVmyF<VNee#3Eeo$60?GE6e=B&nRc5K}leN%LZP
zOkcNfIjkjwZIwgZjBV?QYiZ3CptfL>1k>`1QVb`y6GOX%xX})XzL}uW4@$v)!VL+Q
zONmUm6sc+DOCN_Du{Xj>${4dkNqL4$j~)E!Ampo)*HD%yQ_|5m?VY!uKP2Y#MNI<6
z<-Rzu7&0`jJ~icwnV~+83%SBN>-YHPTr?|BoP}Kj{Oa;j>iDF;3QQSEdnfX{M}EQM
zC*LxHNg^})an12pQk@yhwr-%8x8v+6@adO3DD}Jry*vEBUBaZ`ix2P9n486p_jG{G
zh}mnfNF!Sf7C73348f=&(*wyKE8M#%(XlYdw%-y<vuOYS4Ceo<4CeNKpTR($CZDZy
zVCkrbw!?p!8|kVHELXQ#uW*>7Ua%AtDDUH05y^jllHU(Fhxqzoj*p+((4uE6BA`HL
z+mT^2YC8Anf33P`sD;rZ6x-d0%HP}1iLTVmtVI@8z<M{@G}jFj>EqV@s2ycIsWkc_
zz!Db|GVKJ-4y~N_Z`-Axy(KKS?!~*{7xgf<2*yRY4nS0#=M*nng|z|k)?mSyKMrr@
zSm|H1OIfACQO62c!+;Bod%)-IVZQn^ZT&ngMVnJdu+i5G{}97*Zs0{1h<K4##=LL|
zr}G7(1RsMNn#{W_NJ`+>O~8(^*6=28EcdupeIo|O-0C)K%iuLCE}wWLV3vJ#%it(;
zG12GXL!Li23`{B`F>9@73$?AvrXBCw*Q%*@Htvd0TvcaFA<*ooM_S-h=UV~8VLHq=
z`?<Ei^}S^}H2v~Q2rCHV1SX%!hR%yQ2|>2rUa*9O!gBLxd-}YQsmCHD4_LtYk(oHu
z9`B;~C`*$C?yebG<5$;~`5w19lTw8_@A;D@PC=&yyPSy$IP-!EuQGr7F6ob1^8ARa
zrH=;IjXI3Y92WC8)~+(;9G@kk$3kpt203+;T@~sPL)f}g*$+u&&w2~I`mh@Ps{u;U
zO|;xr8d;@p>esovyt6NEHSb*S?1;`4+o6w>eqsX?>u*-_Z#1ZDTbqGZsBzu=gRMVK
zjDAHtZ^Y*C***akVxT4O-#{N|`4QIJ7=@qr>KmOV6}_hDu7iz8yQFw(IcOcw%5<Z$
zz>V@csZYjXIq#wbEMzTkKB5N9<3AMYXvNl}?xRcRi=Egy(szUg$rkJ}PDn`W#7@#b
zS!XBX{$9w?<g)~R<zE$TLsl!XrnF`kF0f9HeS`_H+yISY%yqn5c)xzX^z&#b5y}Fs
zvijnSA)|j9m1Taut`Cnd+5TZEUs)wfv)frB=Gimjfj>h+Mr{Gfxh@bMAN`K+9BcO>
zg&MZN<Vo#2YxELNMi>CIf*~zfRLV=y27!%f%P6H#;G|jsar65M4tfyI5`OwG3!X1u
zMvAe&gO68WS$xX1Z7noX`LJTxKDOYGnnyS2jWR!i?qWXP&#hy$_d;tyUI>^9qR(mQ
zBr#-f8l*f3XcoFv*>|kbP8tMiVvMpuU!H0aewJj(NZ(44U@u3i$2ix^X)od8^?I%K
z1f&en0E6pvp=py@@Byz*mv`)1CtP*JKYTj(9Eus)+0`{-nzwiQvk-=kw7Jj)-hd}x
zZJbuP<1Y?&s(vb`MJKV*425Tjaikr1$Cy*OrA3V>xZ2TiU<#9yJIDic18NIC92|9Q
zbhhbVVYGmwkPEjj;+gNyFPAQ9cFPt_S=`{aa2@*;Fm|9FNOCxmE2VsdE+C06dNJJI
z8-QX0<BGl137b+=^yFiWjVC!gF6MK3@{o!_Le3%N4U*$tXZeW7XwLpZ6P|Kl38$#V
zyj!;FHo8Us{(8{Zd+SHtYogZ{U_j0++NZoj$+Dsk`(pZcSyMI3X01Isp6kqWqIVeW
zJ)j9HYZzv9cD(-jGB#<TvPKeA*7*AVtE@qu=1rP;m?i~od<N>|pj&)?%X!Pyp8+Bv
zBM}|>Zj2lp|MCTmX~b3Ncyc75MuK0&v+M0-U@<)wcrF<b27l1Y$EpIJLE(tppc?1Y
zu`_83kXIsLPB)&Ym$2yzYE}}+lA5Z7m-ift^V8bL<zaW7oZ6&#28q&o50gYkqvhz3
zT?Kd8Qq-!#<Utwo*4Lh>c&yEp+8ya7OIuq&A{IYU_Grd(fHl@6V=ayuY8($FC36)D
zxI!%sTLZ8(=~zZG0<1%ntAgggG(l@-7|;k9b}NU>YoFgMk4Fkh_MN;xA;nk6Om$na
zu0kA+HzIAT=F#b8IWib#3;b*)i07EFue5@&AQb7-xq`EFhoda2s^fV~2S&v0W4vL2
z(CMux*5QrYz)AP(M^K};aA7C4vBJ@->8H9z_OM4Y_DUX<GS1@1S@+R1)QOB2201<c
z<phr7mZS}0r9PeA%Q8tX^8>-x1AT$7+`cOnQFeKE+Lw?{o-8FVO9h6hkq*ARz8jyR
zYJdF>Ybt{@<flH3{SIpqsTgzqhBdMOgf*Z`*ZOjhETi(?w<`_1j7X!xrRYO%z(msN
zse&y!<6QSnit_$v;S8O?#&J1g1q4cLMGK57TfpJ=Jn{SuETVjrVEa)G=`RPuz>?Tm
zyO)^>;xw!J4GNvg!~M^!UK-`cwUuta!x~nRkrr$Hn%!Z(qd}-W9<GP?ZTSxZiU(%#
z@BxoSh2QHh`ORpypct@LC7t@SnjpF<HHAM^lhm-NXx%t*ti%P<cFYlYsEIK{ho?i*
z=JZLYW1Kksp=Hj0hc!tff5Vzz_s=eW!Wz@xVGTERTk|z2tclUX*@F&K%7(k26^U--
zwl)17);#VvuI1!;CFjrOb~;wMMGwk|SBBt#9*oiK2i<6eRnhUwu_>%h7ltqhx7ZTE
zq56rqped>ilF{x1rub6Dhh_)wAh@g=RFjH{n=u5ABx;@T3t-3*hYIu+6ec!&pWen+
zW)#n3eED9dzre)45x!m#75i!}fqa=L_f;H_FZ1SlITL!FFryKBN2!b^GYy^U)f-5i
z4(tDJvDZdK+7<>|w;$cACu%Cr9TwL)8YCpH$bHh;ebO4Ox2?~Hj#=JkrKH1Q3cJ4_
z{<c-9KS=aOe81&|H*}v37SeFoJh|(n8t3mah}W?!scO13kGLo{21orJa~v9wRfuci
zNiAC`%$O>9o7VfYKjl1j0_gs<UbsYD=WKOD%*8c^30>!b7jHh1UGZfDuBFl{G;U!M
z$?y35#D1Z5cBLw?rQPFWhb81r^qP1kQB|L3T|v=;_Nd)-53P~fM3&k~3I2pNCOXuD
z4aOQ{WW8REcRR?IVTl9TGR(PS{&e9-F@J5DBYJD6UkWj9;rv;aqi`nCwCO^&MdGuZ
zd#=VHTZU4?j^~Fwa8VOOqBB`sXvJSr*}s;pb9?irmBosB<=ush9);cl{w#scvDu=!
zW0gB5*L&UOcVnkx2BlRyZ!2IV!xc0$z_`+u>hIPUTi3`J&4EB{+@0lL8}*l+iaGpV
z>i0kaBEGK|!1aNH-?|LaA6=%()5Vi$t20{i<k&lG&h4rb2-0Qf{^~OA4|Ae=_$cS3
z+j9XS8$v(Jph`bW!dEVhZ>U`CE)4Yd=Oyf?G=^u*3VW$=X%UGwCscP&t5$<vlef-5
z#tcdrP}pRrb=WsU^_?yikl$CY3h1`z8wWf)xK`U0#C%%_`?d06WL>y$9WPs68{(FE
zEWr$<WRKM=wg%=l-*uI-IQ427Z)<NI*L!)o5kM@^lh`5C)ct5Zzi5=Oc~XnBMSW@z
z-%VG8du@lVRBOL<yW}O)o)@b~i*AV38gc$s)hb@DWoh;N5a8K~m=8ZsL)1z4KZiAh
zf5IBEf5MuMzhRBkdX7N}%03+LC-erFJ@xVC%i0zB4!1ZUIS|0F0TXb%+u3#f^c-7I
za1i+Z@mxT_%?qe3FS_6jJuUUg9P_>G@^v7)IgQxE-I2EhMdGU8TDkPV16_4iaulHA
zrMP@e+UL>q)m<W9GLqnF!5M*cuev-Df}YV^pOQ3Tbo|REN1p~d2ey2d8a{Ca<seq?
z>B~|W>j(a64w=xZu;X~`4pw14J8p-9-H3hw09kdrLAK#^s|?n(6dS(in367Ac=n3s
z@S~aH9zVZ7)$g$8n4qcy6xNJ^!kQ3`-(ig&;O(Pg!rh!R;z^q2^NqG%I18<#7`((h
zdFN6z&Si%Cw>es=5{R~pK~(&pqXASV%_5au=*vg^NL)%Vc^*+UX-&Yc>Q1qB+(>`-
zK+i#$Z$k>uk83)>qxNSj_U@Jy-6r0n9mxG@1AcwGApy>`d-Gn!r(>BgnZYha&fGWx
zP~DQeCMhbnG@SZww_4U14+EnX!A~zyXQ#?%7k&~EAJV-2YLND6FC9I|huy#tqg_g}
z!W%HR+db`$PM!)H{1WUq-A>w0oqN_K=d(rvR1GYf7Sqk|cc+!iIAuyBeVh^S=oOIs
zjmxmmp`6xq9#U5SfFs|t$r~}v&g|^}Ph7?W26R=Oct-`oWqAK~HCCXmror}f`FB?n
zI>GOK_7ljK{r%&n!b_*`tlbr`;5~4n-P;H8tutD`)0ozv;$;=+@3^i0`qmyYKr}Pa
z9R{+=dcO)9t6a@d{OnG2Nc|#FRn6&bjN|BiC!wRvQJ_XqI>9(@(r5g+Or>^_UJ<fi
zq$_KUc1QQ}ys90Tk?rf-zwN;;Kb>jAKhSdR`|u+h=wv@B=*<nhzdVd%)5f457<O&y
zvQWig%KwYY6#mb+%;O(i=Kc>ZqwyP;Ik!aP{qP5uSsVEWm&s}UgUkG)5hBG6?DigY
zds)EFVT@omR|w4%TEe(0PJl;~;BkAgRK3~kgz4Cc1!muGb{<78{h)d)c-z&Gt|G9I
zgY3E_CSLK_zCIrH*p59cy6$D#-`=n!l+U69?l}+USP&M$E3CH(?8W5l9qMZ-asOTk
z>Dl*q(irI67RIYx*AQIA_vYjW9uyB$`SRT!Y%%O>etkoZfmTGeI_L!69QM5WGUX@~
zfU+8bGEi3I^CzpR5-c?u6g=-j4>qjgijG(^LO9AOB`L>qsk!4YhoXus*Z!Yz8TLQ8
zOcDr}X$Rpl&=e{P0`u4nXn%1TyFa*$CkU505_ReNgUe8Usa^)*G8}(#8UB5807X|H
z=@b*9i*%$GB(eYxB@u&FmJ4nP|2^y4>L+obRt_L656{1FndJY1%W(a{W#~-*2QK4{
zl1`fkOPeG8vpOL;W0N)<t`yEcvLk^#X2zNxFpkz``#5<ys6P!QoywsP>nEl*WGigJ
zRx(T*)W(vK0oK<)Bi>aIM>Dx)I8Jz7?DME#+Z#bla9BeoY{mvU@-@sOtv$1H_hUEw
z;wM3U3W0IQBfEu@B!qyJ{rt7_92rkZm$4t=bqX(;qmK5)xF!KgBi4<_uUo`Htv1&W
zJ~?VO<J%PUpRA_-cUDsZyG#4;tcK#>Sxw5{tR_~q_SaPUUIcmqBiv3GW=H0p3DZ>?
z(@0B#GTY-w$uajiVmIb{<*TgBA+`_6^s!doxKIbw<Hsd;a);0^`f3~F=_*gAD1PHI
z#WN&C!x0bP!+~Y~zV;7HF;2>pZ7710(mMxVuP*5k!&NK?)4cVRAk@a_(Z7M8Ls_C#
zmv8c8p3jX;Pk!=sSGhdOpJq3sC*jEeX)0o9sMIW*+yY)ZAIDj!R7;d2n--}Qv!y63
zYpg64vxQJqgr3RGy}ym=C`WIQQQm~FQo)Zq{)nrYz=ek^Opn@2V9y~#zRLX;ACx;D
z=?4|7tu}|6`W`AcpxKsObzX`ZKrjW^JCTtJxm4kzzk<Sl90$JL1GzT<REq0GQ1}8K
z+uoAvs)>?XUh0Dbviu0&Qo2N4<$3Zli-q4MhP#Q^VnkTr9vd&EQInv1QcTjEX?CF)
zN!a^yzu3=tel1424Wge3?q6s9y!$_FnT_AJ3=XWR3L*!o*GU8gM1fHNk31H8ObU4z
zu6)qXT<j%GXADfu{*Pud{y<>_%Bip**6|tHWFaF$GqWS5i!1TpwhR`J>Qpex#qhiJ
zcb{My5L0fm-*E$WxtFUL40AxXOzVHzGDfJnR;}Pd4T`KmJW}XLbA#q`PWTS=m$$z-
z?74ywa2jik(wJpd8@1A5t{~^DBa$OAD#o9~Fg?JwHK${O+n7bkYkNyj!~_d23;AAU
z-bA2SAo3)ikujy*2dsDM%urkAaetsVtC$-N<h5~}b@!Fv6)vc;cBjJjqgs(E9xK57
z+z-eURiC7;{1Sb)oa|M}CE1$gvh{F9W8YmF{xyjj!d$DZoU@7A0&SXa*IhnyFb!nO
zsMGaPp_FlhY?%)rTc-UVTc&O52(420uPu}Ik1gZYt3Rx>wHn990p3hfg^PRzLztO>
z@A#B9UY82MKL~N(7TpDU&2{E>Ny!qBIf`yB&)4fEjq;ksZGsi)V8!Fp2>6pz^)qL#
zT4B&9WF;CA51-(84b!1jZAvd-WL>Jj2rHYB%c}U&IfZ}adYMl>Y*mRzMft$@_02Iz
z)@t@&O$}4WmEU?C;5df7)Hhx&R6YNxezkT?$tHFVuZw&8BC_tcEW-toW$b>-GVKb1
zP<-@gDEAgvkJr_oqUk`g4Ba1DX63IeW1lShjgs-3iW|wmZ&{{=0){*4k1X@$w=Bc=
zZ&}7O?<Mw!8ijOJhR`rnUY@C-2~6rDz?g60un>Vfp*vu6TjUs4R19vHpoCOuq=9%S
zyEKZJ&$x?sNX>4$f>XT<j%s^{>5nY4cW_keVglg(z}q5b(_yemyi>FU5%4vtNML_g
zm5ef2BU7L@_Nvm@gE6Q8ia8*Yf&?<Q%Guf9nV+N}d9oChx~iO*T_J&n+S$I&-=LnU
zu)+@(oMk(NFM=KB14x!(0Ld~LAX$bgUS$e}bpI$VIRT&bX)m%@3zGYKR2_i^6CX-y
zL?i{-0(wD&m&Ro>zB($9e1l{-Dea(GrqwJ!1YCZ|xyqd0ykEMveGqGhd%LcMp%0xM
zS3X}zIh;w1E)y&DjT9uyq$U25Wyb%TEaM82Ww=akt`4V0o_I|d#cHrVpz8n}RN)y;
z3emrc{$iG8ql@eq=<o(G9d2^?X&n<V1v2S-`(TzhRtb<R*>otz<!zsp?1~ql{Y`3g
zbbco_<^N7<DnLoi8ZFy@Noo!p$<M`6xFnb7Nhp<MRG}hd;zg#8*o9HQ0eYn_tY*eZ
z9`Dr1-Lqv#`Y>0ZBxp3i-Cl<ukCTR>h&PIfAvfp<%BBb5QrG1Y^J!w%e0Id7cT8rG
zAa|A7dImG<esth?<Wssr#+elNN5RJ&v<Q&wmNH!CmkSJ=^@?z`|A2JpgDt}fp8K`@
zP49&Am(In$NK|QTs(n~+kb1B+R{p~ApQI+HP=Mm}i?`%6mV<D29ebi2pE)>QdvZij
zQdIGo>m=m9GmRL0PlwQui88&=kfh7OnU_fqgcMkbx=NBJET_<Cc`dxNh)RFqby8fX
ztm5@=7w3#H*Fb1BO?VVv{+m?~s6JL>iU-$fVb-9VqQgQn<=Dwzq+Wkz8SFo@OaPij
z^6(nWx@-gaA6dpySl`yID7<ggYHo$F^R~#lEXYiI7y&~lNI9rKVa-rDlq#>SI{u8l
zBN|a5EW)^@$-PY9Ey18aV1&bjab_~_Ny{^?P)tAKBe?uKQNI$6A&pIis3@HogI$AD
z(gK+VOBRcN%Q8j($TFt?l4UZ76Wy#dCy@qZKe^x5`@`X2N5PE+WiOBh%P>q(a%eb3
zS&hVNmSPx`F3AONRw6toPlv4OL;aRz5dV>7%<ygc$Y13*YtuopjE?L-vJ53imT~(l
z%TWD?EW?EVFImPO=09W^aF8s6PliIJGY*nv)aic9G6(;bWsLEK;Qx_jI!ldJMD*(t
zq&wvLQ5vi66l+m7&Exwl;S&i$mZ?<o5cdigGcrD$0kD7Z^+|DKQs7(G$uj^t7c&?l
zVnI~9aR}&_@xckvW9&a<ndOYXvWzDnh(5MU#uzVVe7f4KNmAEulBXCpi*$vv_*a8X
zQ_+{Sh9ahYW9Ul7>It|ogjDmy^8~3+guT?;P{yv-n(d`zU+hcLH92tQI=}Liwxw#v
zFmgfT!WP{!N-&mi5KDiT#tXp5sG7Xv;M)(&@CK}U&>+ed-Vw-n#k*3(bEiwPp5&8G
z<C3e_3a(6=F=7*Ze$ipnc!80`@2bE7PRcCdObj+b^nkZ&rCS<+32;PsxYJ6<934Of
z%1k~OYfcvC%tgJFE-T1->GkOpZHLOZeCe5*QUvIw<cZh|e|IWQi>;Mz|JC_RL#TO8
z57g9De4*U4Tp4sEHfiQaaI)z|Y;a^sPc$-V6#L!O2q^z)YIZ<PO%bT6nftFzO&jBm
z338S9;(s(X{78Y$;J=%i!fVaW|7>c$bmIMOYASv=HC?12T84v+p2*2DSd?_dgdiWP
z5Ib!_Lt6%Bd%MX*_EaHtMsC%~NIeX#ck7N$!bOux34?w_mlJw$urHK;D!WP?E7^f{
zcnpcZ%Om$QG~QDtYVuFhp-oJmCNO^?gby<a2px`Esgc#KOj`qQ%R9-Y4nfdy?8sVY
zvZM}~ROba>VBTxNd=V)Z?^wdn?ZnKV8>7$xiFp5NYS2%P|28#&znhwzhu=*N9hu(9
zpQa``(8Yo7Uro*Q@1~|Rbn`xR;^+Z5Lki<Xg;HK8oIWr=(Q+?15eq%{0PMOhD0mZn
z0e<x+o(mgwJwQR54Cp^p6^|CTw1Ylzk<yi-G_rx%;?$t68Q3}31ArbYckkN;9+MGX
ziXks22Iebih|mVh%wK4wRbJ>HNFEqMX@!Q?$EAS&#-Ir@Lr!ilNz42@W;e+l8Zib#
z(E8ZbM2Fx-jz{f?KYDT=m*`Dyw@zsF)qLLervCG?upj;T`+=qr@IJVn*blJ0+3Llb
zW?#ZmP__9#w6lB#{v?`Rx_Y{{TWx79teHFTwdZzMp8zfsArKyQZj2Nc6!hBXY(-S%
zK)zlf^V$3Iyj@msNni6Y1m#i$;Z1FFz#EaseV*bI8TdMb28|m3MALlEy>}C5pnM1~
z@(Zsx_%c&WoYYD@)G;7Av|H6^_+end(tgMhJaeXIXr6B8k|jBu1utd^^i3-;4=hMw
zdjFnDpYSHoK!m19@%g6D(Ei4|TMxl=PdBR(^89pj(gE+k+cL@jVap(eAJ5mhE<EvO
zJ%fUpn3+czys(+(KqLtJjVeNjPwQoj5NsW?@cp3*q3%ZQkEGJ}T_{79NP7a%DJc^C
z!;eOcY7WL9q3D|M9^QZL++fX*Ft}}F*7tlQ1$30KhsKdOm9ye~OfAZ!NIF(PACL2X
z!QH2Abd}O2F(g3HEiRDp=t46!Gr=_BArE}(+VX!9)+;Uj0O+j(e#tDp3jH=wv1FEn
zs-80`fx%2*y;+y>j%P$eK^(>P!<wg*?yDU?7EUZegH=Cg&#$9kHA{3y+SHHkZ#P9l
z6L^<}%n|RRxuTcNVp#Sp-AcPEQc;!jb@$`XPM8Pl(RSdB_5HxDoA!+s<(uf_9_(cM
z<nKl_h26a*oOlo3sF1eIJZ+#Qr(~tOoC3u3hDgGP2*&KSk3&fAzVUo;dTl_jHMXxO
z67_ST+G_ADv=OyknWm_OYYHCndCgt13TR`BDc}i@_K8l_Fb%JIY%sa79*(?9nU*;&
zc^ANxL)adKx*<163IN9inA{)5#M3?6zcqkP^L1p?r%KXwa9BzLSWGja%PG!&uq%po
z|BP|ei@{ARCV@_qNRTM!XRV$trPc3Buc{rMG<e5n-nRKHb-RFSel?__8fSt!pu_+*
z0Z0tvwKgUKtyIZ_R;q%h4L-B@b@HIEx%{9-qH7J*e>Vo|hpc+@hmM>FD<HW7kg6H>
zTGPYAP?;aJm#|EZetF60vVOSYHN_mr^!!W9<m8lfz2$&t8UA#={HEWu%qWPKG4EzM
zHmsZLI>-7=%QOZ*tT~s$&BLC6btmreS*kewu*FH>)q^Y5CQ3W{;@M8doqSsHjyz3^
zzmIcg9CrblqydJqh}n6Nr+_3S5}Z{Xg8!YgnDn8~)MpSaLm!_TCz6SJNJR!)4)D?X
z!MLmlx99jxo8Vy5618G>A-QRSq*;x4-}7V;r-GU$NB67zivh|nJcKnXo+PEldL6%S
zWSHWbSUk*wD<yhhb4P1%!+nx{lQsij>hFqp%KB`F+BesP)0svB%Iwn;!Hs#bB8P{M
z#+VV<>=FBu{28x2QLka9-;wuN_CMfbMq+SWGiw|-4*$&IGv||KsTC8VAd0f*r^v+S
zC`MSD_Dyk6f!6E{gdvwiy{!5Z)Od32f_@l4L5=S^|L>rtWAEQVO~OAxO%*{ZdGV7P
z$d*|yllW`PsEQz$f^3<Lxt)J(nX1P!kS#O!$ClCl$Ci0|s1tSOj!8$eo-}CZ{VXBT
ziY^nrvRECUfG-eq<))??;_Ymm^?$K<*FSNtjlb`4clYA%?iBap?(PnyIK|!F-QC@t
z;#OK*ixhX=16^x9&-&(^<otA!y|e#?NoI22bA7J&>%A=_4QR`xFR=VqTc(gh_iPu7
z7ZwG~ehLn+vWC)ySPG_=Md&C)ogi3xl%JUd@F|dFR`8A}O-et}G}cI#J0daJ(L*f|
zgk<mS21z11leNe&l9a+>z$T6ZSG~DQIsu0=P$!x7R$qG4>uIo_XyH3=OK<&K1PWx;
zVJx>rffbhP1~qWDguErHm(j;>eF953<}C!L@;A|CL3-uSO*rBaw;A_C>AsgD7h;li
zAj#l5el>@Ckh02SO!7X9NMp+<Y^LmQuWgb-(!gdZ_B#t0%a)m$9k(}j81FYG#0z~y
zRAPq4FfIt7g6|h98XrtPSNv;H<7|jt_`ayw2TeniTz^~C<o{XJaQu5wgZYf<6&w@!
z&!Wb5O;nNGNsw&*iqUqYw@F{aM1hoMSW)077KW<u!#xqwPV<w-=_?(JfKS?AaTyx5
zGo07c`h0))mnDDy{(Z!k^~XDB<t$vtLuU!_oKC;2LMUannV1E$()Lmmj`g!Fk8)sT
z0{6@HPr*-IQhirx@vt(oG#GOpTP1dlfeJO&I6;LoXivFYD1L-!2?{s(GsfSxt~9-E
zAY#T?`5mYm&OfH|x5^|?n_MQaIEm~_$^k5;mdca@NVXk?R`!15fHKIW*W6>8F8z3D
z*f1i8^+IZ;@;glpvY-LJ=bwH<w&+@P`U#C3k$hry+mhT<0iGw`JZF$o9bH=G9s0^}
zm#<iFjM5N*QF>4*m&LvW)i3Qsput^s)hYhKoZOHXl!~(z`&movPzj3+&-r)ZCXH+n
zd$uu8)fH0Lrkl@v6bGsW&^86rZN{#WJ+kh;La$8E__@i(P#NkhcaC;Cmp$kdxueZ>
z0<S&Te2P$iH&wbpze^=`KrRoPlMz;>4Vq%`lMLpzOnh^lW2`x4eoqZ6fS$X*7<8`I
zymZC7=1H_=A|+$81BrDsZfTtOK|}MkLyfG`nH~t^>wRAw1nGp8DKsDOSb|tn+=Yoh
zY$+!09^66=mu$0DI~)#vZDjA=>P?g7>-;3{bHU{y?uk#omp3|GH?)qGL77zSjBTZ4
zJ{lG)rFA)pieZ@p!4+zgVv0s?h4;0^{T=R!#e6dEDrpTfaDYPGr`MI$6abcFxuDPZ
zvHK^|CzbQRHZ`{ZEGgs1I3@r~Y7)(CX$nFIq-FL*L4T`et--UuZE6s$RmOX5{VK$4
z*0i?ERIBE^z0|{<*aJlXOj01pI^=_9nVY+O-*iwv8@RY#=y;?ri<JN2I4Jhvy;h6x
zk1wPv9NwYv;;>N!+Dd!1>7P66gp3V1y?*j6uJ-Rj$xeNGq)cieKl|OZyNIlI!>npy
zl4|o^XV~1!kPsifa39VbE{{35n(;)kk<vdq!lVIN(CYqPb4DS7A%JoNwV5<H&M}RR
zx6s%+{cxsg-<_1Li6eI)B596eC>>f=rFY(l1K4`<NbwA;eIU`zay8N&u&KfS%?H@j
zT!p@GYOY3q+p@|iVEozCparJCZ)!Ni#Zc?3p#Ym2o}~4(xu#RVrY7lGyIl*gsbTnm
z=a!CNe$_snr2<iRin9ip9$7Ouse<Ix-pNvId-B(&rUCAKQzOQbe5~=HSzN9MD9eES
zRhD_aP!>Lrp15<A`+HNv)6Vf{Q&UO>*whTHhP`cSI6;;{{p@f}Wx;o;|7>c|-!?UF
zu5F9suB(P)f(!2Kc*{-vm-FlV+1comnp(G?P&NGGKewe>;<UIN^)A}BYde}vR~#%I
zC#YMrh2b2*uNtP>w9-vvSZc|b1u$96iYBduiQmT2oq`z9<>EM~*w0r%sBBm63#vGm
zT%Q`k9v`psufHDfeXjuPx+|_ITt_SH7K&Z9dGcwLM>`Q5D!fJ%Ug~(|_w-i3eZ{|t
zhCqDje!P1x%fJB2GJS7lnd&cZWtj`Q>oP!D#v~y?_&;TtX(F&}9y{yzvdna$&ike&
zh*W|26Nel5gK%Hrre(5OWkDstaeQWy!^Hj&7aa{K%WP+tZxU?1lS*}BsH|;<_bG@(
zDL32O;AV+g8xK9V{95XKM|D85eQX$6S}D@{yOL=ol*x$uc7xnHiDnCI7`HQ-b$!pR
z6K?wBJ4MIlBRm|Z21b2Z`>S8^Ug@OzC{w*v%4Cc_Pm&v&idxaAZX(U{Drxn9!#t~z
zR{VgVUI=kEZxabE6mbmi;>?Q2-t>DeT^V%$6K(^Yyz8oBZAsF0&GM#IZ^$&du`1Nj
zc4!%knN>z*jiWa@D~jT{xsWQu&-FM)OKszHkKUCWODd;UjYz4TZU&e=Z2!9(+UTmh
z6xoS0X%ZaOV9l`8wTw(<+{{il9q(9%IHQ-ZZ=)J|Lw3^Wsln#q(F+GYSfTA(9$nW%
zL17!$-3%-4r8Q#-)uk_~XXB=;cJqU3TTdloQDBFT!}_cRwFv?;9ZxMA;2V2P-mpw<
zhmz6adkV~?Ue5_;p9By`XErzIgx}IKJf`CPZ)q8_^9w*)h6<3DNqhvPWp?!m+#(n<
zJ~w4MGVorcj8@D<FJMwvHr|2gy4RgS-Y2@7%7!mvC(sA4(sah2V!=kb7nrzPc}5q^
ze$>|Ppo<rBx|TQ(zCE3yjYU>%LBH7%)GT(y(bL>{ZU5zyz6Yk6{8}vVYw4=n%)c1%
z`t@}8(&b7Z%|v@-k*+gsG-MFyizH6<xomjy6M)8JjP65VPzYc0xdnkEddR7r(n!Ok
z{eYqt1aqMEnPxt<`U9<66j>~DsR)2X%_Bhnqb%JtN%Qp)q4V#?42gwKRU+RD={2Kh
zPzOx=F=lFNd@k)cv0UJAVHhu9Yxo+Z<P~pFF^uE;Q(YSNc(11XdRuB7SMftTi1lux
z1Z+iO%C2lLTYrg~kQKW&XoYMIS~lY*rLff>V=4R1So$0bUk>xF{deOMgoz{*vhMc`
zx-Bdh#@*Cj`o<6Nt&&b9HbGW7qTTB@5!N0NB}8R(o!98Th<M$#c8o!KT@=K6U2t0I
z=+2sbT3v**dI?Mv*DrOY%UXZZGI${>Z)q9c_q5Cl26;8X@6j}u)iFDyk}bN6yM_GD
z`pfK>ONMOzjPBp6L(TFYm4LKNC)S^|%wUT^X7_0oh{n|$uB6siUi7PU4}dEvkD(?{
zc@E1!Hz$dA%WtwWX#ezOtI$-nDdH~m@7{Q`mC6^}X5Vb3v43o(ae%FqGf~;AWmd#Q
z0TCZg!5XI4JmTzNg=F;*5JWzdt$VGGe8m|pxFLSX@p51mBh&cfG>&e``I0`hlLnBM
zS>nmbGFQdUHCb&0q-9J90BM<v3_w~&_upxmJA(RzGd~R2lYFl2Pujo+s1-Q~-($XG
zmC`=6rrC@LqOV&<bx;#y`HM^dCr)jV%EH{VzNckeEr{nI#!M=Fz_bvsuO6SdvpyHh
z_1As8d{MwdTU&7(bQKk6h;RfIp_B{su*@CO!fUSc?wVQjy!?4GHO(hIV>zwYy3{Ua
zTu7`Y904_J4b8d3lSo(=3cnbR(s*-Z3=@5pI_e9u9gXXcqRuEC>d|XX@GZ~S5}+&L
zvT2o#DaB~Rd~hLIZjDp`iwoMBVW249KNawL-TQq2;BN%7ye-%R#C@W@@1y6sE3AW_
zP{ep`BP<%|ecJC1`tL^%0DGo*N@y|*&~JQOf@l)~A3?0Q*mFra0$}O4p&Jc`%q2Pk
z;M#_Gan@{#O6eS*Y4<dnHRV9XZJe;<(IYSi9z9Iv>}MHv5Pf1E&-fyDJmi3ce_m;u
zUvN>6^l%%)>-{DvtFu0Wu+B3DPnd@>^B?&%3&+ft00?bhe#?K5G1T84za8H9;q|hc
zwT{u?W^<28Pv3)i2bSv1rc|5kz~93%R&T<R>*tmuox|Ttf~#vC`0EW{&xcNkC!?1P
zJC|o>t?2eR4h+z1%l0R!KhH<*H-?4!9kGYmCJ$;>t9Py0zI0-Z5F@H!P4D$2inxe>
zH`ZmqHFrsB<Z`AMZXd{+WHkk^6GN9JY@Q{yOm}Q&qN5f=&2Pp7=t|bK|3g=@*9YiI
zGyq+RtQw{I2;MTP(uKvErd6#YEd5<qx-n&30O(3KzJGKj2^F31^K5r#_mFoh0M?M!
zq5r=ZFa-PpU;ckz!2BHdNmu)40dsrxOYo&VdrB?#RryYjB+t&3)&nxu-RcXw1@wGB
zt6W;49X{I<|8E4py&sU(L*J0iB15eLtCvm=Rvn<U>jOIY3ck&rboH;}G#;o4wu%1w
zi4kk1N_BOM)1rDkv_5zgVXlGNXv+SB-;{1Hwd(|<*0iwn_crX|GkXZVda>tIRZ0^^
z!<_bkOI#bXe-)#Phet?etW`aV0R_vGMq243v0ON-#5R$ek6*4(3e7JW+3$;qfV9le
zxGl&1n$$~thWL#J4OCV9E5y{%sQ>~Z;)l0?toChB1<EXbrA>XrdFPcR|K^o+Gv9b6
z+?sT@11ul#rnxw#x<tUfmuHlryW+!?#D#gR@M~I>U;$oIqN49$;OV%Caoln$d`Hop
zW!_#MRf{EP!2;N_UrVL{u0m11c$?V48M=dx;<y@l$UZ!UZG!d;C-cQusg=*8O?;kg
zxiZ&=xz4M`gDfGM{A6Ck$E6*`6lVb%ON+Ld+Y21>D@7WvGLvUgA-nX;G_yYY7PDPx
zRqwo#?l=vTm}r!F??~DoUI}%oLGztgLgg~_|HCUOhpiCu`xw3PN>p#W63rX0<P7h)
ztbX_9&hvVT{o;eYs3xOa(&t-0-jxBE7O@xHt7x24AHb6ppe(aH7n=+y%Xk3FGP)T>
z$>9+#<$v=^RRCV;v*ZWk0R;2tXh2z}@Sn1b?8TAFds$|P5Kxv;o&%g>li2-JmWe+>
z|GO-Ma9@n0ok+fg!ZxJD^~2g{6m2y7W|ZWHYb&KrBTD0|dGxa^$Jas?LMl609s0|i
zC$=PsfUU^Uc?z=_)Xb55iOI3N27%JNhG~m$<Q7#wRmv;wYh0|BZW0ye0P~kkCz_Y+
zbD33Oo{iV%eDC;I0gtoSmGS+hjn|)d*F1o-%-Ga>S!UsM-RjF*StjDWEOYyxvdpOI
z6^vCsM-UNU#MAKqUY22=L<f{*9=l(j9$7G^@-5=_j+2}!cwU3$j_w6SAA>J_K4c^O
z-Ie(X=*pZEhviaRiTO)&o2<AR@9IX0-f(WRU<`|7*fku9j5=rU&=!e04-!iJxXU8X
zog;!yH<VoMgo~rBMKa2NZ9Ov5Ibi*o^`EYc*ZIL)SH^h+Izg7mhr5-~Ai-%kTTB%3
zC47VD<?hrC@uj>gMb=|W;84yx@oMbr5GxWMB1l~(1%LNs2E|K?F1Os1A^l6{-pst)
zg&yENJakW?ZDVKRNa@{HO8jFh@mXgT`?x&OyxB@#*ZrNnX3zHm0({=j+ob}Cc6`H!
zmp=BaU)<&SUj6qW{evH0b@?;J9PEa<RM`X<p2fISFV*yXlm}yc*8C}8`gQGa(CY`W
z{=$_E-*F`jjYfL5`TWJgM5crQ@?4Dq%?1lJy-%n@G-Q3}?zi~+@MDD;o)rw%WHoWW
z!ZT{uocB!pHm}k4j~0Rt{aWeG8uVqq>o)?+URlLphdV+|dwi25mi7x5&C|m<jKiph
zAn<gQ;n$q!K4O;lI5BB!Ee`YjZ1sZb==h2FlleC#lUv&Gcq`a~R4frF$+0^qI}~hq
zQ$w{e_ib&=@kR6+ui<;bzi}l43ObHn6%=%3bP!B03JbjAC3WIVGQZV}-0j%z0@yf4
zt1c9v(6YEyziCtXL=`AEBXSPlu*l-@Ke$qV1|I-dy2xA!K^NqlH4^vxW(qio=o1n(
zUR^i?vgrE`6e<4$obuQysgH^JD;6H_?W6bl2iBYx?Fj6Ld^TDuQ<b}6Lkid`f>TGJ
zz`(6CV?kg{TI^B|*?f3;D~16?tN0)oMFrFm6%lBa87h$?+F0pt>IfKc8j`M`7;5v#
zw)KA#lp4?EvyG!ukn5lg`O|m;vNF1VvNHLm7s(1s4r{mpGzfV+JY4Z++_V}53o>@Z
zQI({b(L;jqWE<foc4TVW%lXm;w3|GiiiP<T(9e}nU)4ZgH_r6_smcsZJ??D(Rh7B#
z$N?)$d#}pCzE@>D09BdfzpFB$|5Rnv|EkJ(-VC{B7`;_xFdS;-vUp>qW(^l+vv|J}
z7x>;tPTt9+H|ODWi_82%ZI#2w*fl3I%4WeplVHOhr?B7`C)g2`C4&~s!~}*VXe=uu
z`Ku};QBn~rPt27^GQOM`1GimhtG)xvev$e5eERCpMIx8gAq~s!c`<Mw)lo_rU3XIv
z6P@giCBxt!e4OSe#3knsMTvSEW=w@P!@M|L$D$xaekGNov{LIwG!U@?;&8WFcKz@P
z{}5WE2sX0Qq-~^8(I#K95FM1$uv^eUY>g3xx)8@w<mNlNG?>^Rm{S_9IUa-LA6to`
zj^@8?C9J<}rR4wEO5yrJBbl_0C3&z$8;Q^z&_zhrxb#PS(DuZm4h?!*ef$QZ8?Iho
zsUm5p_#K!{z&8hpTjoE5`dVijLpjBe<CVourR=e9sc#+4SZ&zCU^Cj93^E%ewAj_N
zBJV&}7@*T(QfX%1BGX&|4b&Fk!@3y+Nf?JJ5QTV)ZA-d6Bt8Yg7=j5!-+Z8sIg45v
zGMgZFu4FMM`c*JF5GCwpwGtSvz$Q^$ZXCdb8bLBImbI9P<U0Y*6<m>{puLRqyOHiz
z+b-%e&r#p`uF^(;4(cPd0@!5T7Y!SGg=x|Pw~_NS&R7=EiLFXiK<Y)+fi@J1rvNA1
z16eArR;WhCEq{SbyA=T#YOLClrS=CWkUpCJX~>(c)JkM#3F0WM%R;b&%*#o^v2(?e
zX~smtF$sS@5IpjFTjm1@7$<Rx?F98S{+m|fQ1k?m{1jop*}6cfPR>I$_%UIb=_Wyq
zRJS+2ii&%?5Xmp^n?zE<i|QWAqwQTK)0}G|DG4F>mxrfasO0$)w<_OR0bepPUC&+M
zP9l;ed`ab3(sG1Kk!!0~ll0sl1m$dg4g;H*W-gEq5_WjS+iMvxpJzNWAz;6#lM<fH
z&|d5t6yxZa&*`a_(FEaDHK~P_7j+2%U}G6sZJELop{PK2v_ltZBzr84`cjF|?>V&a
zZf-@5XGA2Ngz(5$@3NBA-?GxU_nWLlGW?}#P7?cn$V#H`vJ#&Pw&0f`KbN@jwE-;~
zfUNXsU|5flTP$yDd}_huXoT2>+u1qvhi7k#;E;4ZIM^eWwAZ)MQZX5rYECcX54$?U
z7urzbu>Uk=PTra_VsyDGB=Wi%g60|IO7g!pOhJ1s^(3@_Q9%p`;N8$HkhqDtMzx^M
z891bIfj_;=O5YY(=qLbNlyS_^dI<Zy)JiNxYIc~Iq(J%)({NRR&WeXQWCqxfl3l_H
zG%QnciJvFH0zuN^4s@r~CnMrRJYwmF0J4(Hzhxyl#%ED&ku7Gb2_ckl?TmI(_{0zr
z9}XE%LPl5!6mj5V_Ou4Okzc!W`N`KVBibQ`bll`k#M>npn%^ZU9)hL~l1x=GyrRAC
ziPz_Pt$^wmxpX1)y6&E+<#%<xByxUuW)lhzt}2X%i;>NvM2{G0H#c#!n3bz<f}_I4
z$ry5@YlV~gwX2xIU|yxMG*C+{ju*xPPwh&q0g^IN4VA(&ISC~&Xo;kOc?%YP#4;qI
zu^S6TnZg&p%O%cu6NSQPnqVUot3Xa35-*o%5@A1f$q7Pqsd1_n#-cNJrc#P3;k7>x
zg~kny7U4sT<eLV?a+q0oF<pqr9zzh0eu~7##G7*Q5*ks_+7i|9N|*=<v~;(C+zLZg
zrGqJ-X_W2!E<4@4F%kGrQU>NdDPxmUkCuur`6nrJ^Y5e#`dd<F^*t%0_$Mhdny2m?
z7kxOndOH#X9s?v_SwLNjV(r_OR>!)6t^+^}M49)v<vRb!O0V!`H5i01?!Q_uVZuy?
zq|Scp`x`?YNY6=5<Pqe~h~7+lqC}uv(4!cK2Q-3{RnaE4BX=ZQODf}N=j_h<b*-F8
zp@z3Elr{5tA4%V<LQga#U{m@+<wHeMwD<cV$O*X_kgaNX;^Jl?p$|JdoU3-9koQJ_
zCtHnZ7v&0H*IyAzhIXO3f}}wO0V!0+Rrh3KVK*1`j`aQz6-%_9Gn|%y%Cx{>B3c-h
zwqSzA+Go`pJ9dj1Q2ezC&6P-XI$r~jm6HFKm9XArCDFfRrM)*<saBb)NBJLF3BJ7>
zCWd+095;fy^gs=)_8a?;Fv*AX9uu~&ML<nSil|3c#tHp0QbY@<KN3rkDRDnV$kEHw
z!7r0a1$@(GZ<1sKoB}?KZ6Z;w2Yo{+1-B8l=>{bhd1MzO{M3{&(QH_udi;^_Xo>{_
z0n?w3ie_Yp-4}!1q#PJ-MaoBIxFDd*lp@|UHG;@i?{~H_QO^`<_#6f$7hI!Ufe`MP
zxDGo9&k6~{v|CuLJ+&13tZBL?u}>|B7TSkguKr;-z?boSALk;?rC)|74w(PUwjZI9
zL-d2Mpkm%NF|-DOf8r1;US^@egne`iP_EM_RBq8Gn@=+~KkcQLnQf%?z74}^XX|I9
zBVjX6QLa<O7V(BC48RT@FV?uLh=1RZXREbjPVs(pRCZ%(#M7~bV@8oW(uvTPxB3{T
z7|#mEL8+Vj+v>|VWR82{)=Nd4|JjrgeQU}X`!wYOnlhYicg@;>rc4x|DZ}*ElwryO
zG-ZMSO&Qj=ri>*Tprsy%w=nhZrc7gI(oIL$TT>?S@Ox1HTT_N!IB>&HasN+KX2xfx
z+SjqY6F@6zEz69}HO20J9C5TF-~SPUYrU(>N;NoQ8~R2odF8#+O2YtJNg6;amHnGm
z`U0Sp2z2jj%Kt+vdEh}DfV|O4lKZvZ|Du(=+5XT<TJN-yXcnxarI<Qka0nAD(lp8`
z0xQA5TwUFefHW}ZFq-ruld(9pWq+Uoi7cf5w_3zu&8Hkn^`us7xR}^*M2$Q?y>MFE
zZR3P=e0RUgkL_@*S6n2tU&rHmX`bwXLB3*f7hz+0?$$A48o289ML#zV(~WOI!4p~#
z)U70oY;nr1i7z7|)FFKjP!IR4r)u%05h+iXZt4*HhgPEazVwGyf_$fy&fjSzv5us7
zT8R$wXiN2PTB+cTR`NmYJw?o3IDfT^vzX-c;fRcz>O_V5vCMgpf39)+vVVUm`1^Tk
zW4TxOCEMfvV;OSl?@1!k9Pr4w(lDIx*)_QDM=>oiG6O%r`fRF{4WozGJBb0$mLsPg
zUKe!OcXE(h+0m6cO8lfTYEySAaRql8XToP%2r9mDotd#Opu_CHmiw*kZ=z;JejA)b
z4Jn0a_MxPi>}GrUYzSN$CxcSZ3fl$!5)5ocFxagW9_;PDY4iuuSVN3*NCpi<5Bk7^
za&>6o0{Gnu`a+d^JvW0pe~b9^)o?03+h_Y`HEu{X`?Ys-Lj&M{Z~QvTeR%}j7vYwI
zyTz=!d*GU8c<lkbP2T>n?hcq@&j~?k3Y8$k>(&!u^v$DBkT|b!&>0{Rm3~Ngj8gi9
z2#t~0MHo=!poujlsZ5%u>P$&t?nWs?RutjmnF*0hi`m1456H?e|C5yw;O2H`=XAe!
zv_HGp6%>FXPf&blkkiA15TBwr9?VgjTyWz#TSGv=FGkJ`-E4^)#;E<amUb><5}jaa
zoLZHJw4;q8yw4oI8`EOTX9XY-=30Gz_aAU(z5z>_JiiEmZl4c{7<W4li5a)s0ack_
z&LI?w=?rmTn1HIxq5O%Fy_*G~D#Ng+h|bZZRO1I2y-(jh(vg%wsZPOO7A7;G`~@rx
zQ|JEymRbS865Qx;wn3GnRqy~h%202Q3pW5*qWuFb2{ZrtfJZR$VW+U{2eRbT!_<%)
zwU7D3N}7!-w!t;DjR<gmEd+nNWK6y1t}>Xx(oALWz{2aI(bw}4{c=-lmWV1{^+a}}
zV!u}ZeL20frwU{_n0$%pFLNa}dss?YpNnx;!myFa#!ToBCIM9$8m2178$eYi$cp~G
zDg#J0E3X)LN1z8Zo3R!<o%n1a*%mFC+M{(Qpz%^j>?GpFrF@%#D{i#KGPFyZV_LG~
zA>x5hdt?GrcSW%+7yrS&(?qAURpzUea=ZipmdHmQxBd%QO8WyWQTk9-z5`2u39dBO
z`9uIM3U&;#<mc)W%GNl*d65+WSZXZ5{%>GObL*4z8?batxxbqd>xN?(W5H@M@Ph=D
zrn2k;z2cs_91dQr$7u+*D_YqH-+?^aQxseh;|*9k!;=gxsb{}2h}&CYMHJMegkMAl
zy-R1A(Gf4-s;T3-6P?zsAgmChO{@46yuxiy@(bvvVpn-+2o|t^b)t=6QB+s)0NET-
zwUVmCx6<L3X(+g#5BIG&$FIu)gA4fwWMM~wZ485Oq!SM0c=ZJATKG@4y=AP%K3XCF
zRh5~HCub8s3IbGR3UkV?0aclzB|ueXc}?oQDr3!ZlHp+Urz#^HoWX+Q*osAHL^drP
zBa)DCg1HJl-!e)J4MR169qY{;*MoDAEP9mpTp&+xRyOE>kclxP<@HvTiPHi%tQwAr
zm<fx!7+qKzK!o^O)jM68qy+7v)edgX3;>o){tH;j(e_k^Tm1~DFDjo_uX&ub0=tG^
za9>B;0+TF>%~)hqTT)T62G`FBx}>j-{foF7lPQ`|_9JtKX+*a|t%L##qEn-HIo#8z
z(@;Gci8Pq<MK9EnQlFcG)7UiKvnw`*iSIQ}$VW#s<kv9=33HB8HQ|>nPR$R>xBIIk
zv0&7PTJ&Hf<&r@kYlYbE5sc#S{2iXhzDhcl>9KJ`S9e;XVVb`n%*v5n<!Gv+Hf!)j
z4eHxPQ01JZb>rX=tJ$cpf!kFjQu(<{n+oPc3-E{pZ<kQjLclMU&zTrE@Z=`6M8X5E
zFK-G{`ltn(jEFZcE`y7JSu~+}`gUvZUGk#fV8V8C;s73Y+_%B?qI&BI1%YnA^~}J8
zD^lbYAn}kiOor|{v?Lspu;i`5vCNK+`Sb2}40J2PrZ-SSB46(L$^ZU(XQ6AGa`jQo
zZybyzZcM*c9*~uxe#^>;mP`h0tZ}smVRmq}`}I!EPJ3j#3xqrh{|G3|Vb?|bOIV@@
z2uo=?wVtnPA@0JN7+1VFx-+CmaOirUS?(DToU*?AW#TBfEA+wkHV|Qk4CPceki!@q
zKu(otu)sKmGk4%xm4n45GC5I0$(1~fqS1B2iDNYL%0TqRw!AWu#p?@-Nu|s((i*pE
zdtx)7w~yx^RMf~&s4BEAS3o$p@#oyfT;W4rHM3c^OO*y3dXP+DTGFS<unw!51jxJk
z03HQgp_W73Molqp0u{u!_H;;1m@$=wWD&Q6@T_5zR4_#A9BHrXBMl7L3bH?d2zrla
zPds;<5d4y3!7!uU_l~vMfzjQ5_4@2AKlS=hA;9VW_9uRE{>2KXe6cV!&~NlBTG5=c
z(4Y!_=~dapmiwUF6)pIji|O>&&)hpx3MfTO8QS`mnzbowsN!DbbP;|gbBwf+MH`6d
z$w*+iIT3ZIA>>9F#Y-1fEWXM`=b=iuk&t6oqyE^in6-}L1sSO%+;Z+9GN`?P2{vB|
zQS?|NHaUqhU(FMuiQYMQx{SI!T<9ZxXADqCb)t%)#L8SZo%yk9?E;9HhR57@0I`%+
za49pgf6@%<bN211z3~sR6#Ygl8D_i@ON~Dg{vwv@V!f8$h$TrH0I@_wVA1SS_&2fC
zHTy;^HEl~Fz7b2}zyA<RC{BNfC6{+%2@gOlRd5qkf{rz&f^z(aSc;@#{X;A*l?h?B
zDY0+_&HNA}av7O&W}0MmqoKhJ4Pu6YlO{>6k73Z0xh-S!30CM<I=~QCM7bnKq7o0%
z`dQIghce=!GAp$YqK}-yKx^@Fw!<`O8Z}48!kC6ikG&<vz1Cn-9zK1}xxHyTX9oEv
zR>ZoEUHOgN?~WNc?&_}17mk&EwcfMz=|+sAGBoVpi)pM<Uj_a9nz$9oig5M?1q^5c
zQ_;r`)v}YKyEn7Myjo{uL1<7vVv!wOO|3?b5_~OFg@*vWYKPxcb`jvSu)m#t@W`GX
z9xCnh?Bz={(V7pnvQjsI;<wOcownUQSk<pLaryq(quPjfOg>^czt_oDWx31!dnve)
z(@aU?%2!93^TI2qx-hL6k_^s<Q(MXYDyd}!iZh?Jq>DEuH>*34ryx?i&ucrG)2(6S
zZ()gs=3Q9oG+O1;j+(wYZiqItumV}P)w0ERFkvuCR83kAT6Kw7q=1;6k$0c;9U`Q5
zx`WxyQVwUn8&wy>MQ%vSu13cfy%!1r;dhXBq@*g==vR^&YAPl8?Or9WXykz^_062i
z%cvt&Uj<!;?=x!8UI#t6T#dALYVqP~31-^${LC6?&x%~OIo4jprCj#PiC90H39w#r
z%f+pnLJKyMn5mAdlQApPW7sq;YP->WC6~>kEzE`8@>FAcVS&SA-b8Hka;;Q%`>}=z
z;bYaNSIsh%*0DA?Q}a(Ar^CII(k*T4EOhB{MvRKP0UK7Q(X7I1m$rw-t!46_FOryS
zpeKtAa%>4*^AQZU#)1;PQG^e(P4ym1qczH~xAAF;aS)$YD$VIslY&WN_z3Ts3>KB;
ztNe5Z@chG71#Q_K(_M?LIz5-@itv;x&H7_)j#%WLe_!5fY*sY7oU+D}aat6Ymll21
zY9_G$-84?-3Nex9J@F|tv8cSHc5Rw2X*ucV?6=aUL1!_ncyb-%(aJB*49gevNQ)?C
z$ZFu?zb)n2*4zn{MT0e8>6>~cUw&UcXRrBB{3R^Oz6(p8k+0Plae%f=$NUSU^Tgw6
z|9-H`>-x-0|KsW7{r_FT{AUHj{(o06|6f-yI=_6596>6_U*|qtSv{<8&RhmRyxv~i
zb3c5TV5T=dO46M$9xw#zAdOtQD;ku3DbZz55jO}<E*U)P_5cn-^6L4%PdfpdgcwRA
z9C$_7j(+%U2{DOgI8Gu}nfU0;T_G9<&-j-pqld@OLW0d0m~2N0qx^yW#SqWjYOPRO
zbRl!Wluwnk?aI2Yjfd%N$tJTnKR))Cc8xMF8o~G2R1|`LcKW{X;83^=UmC3g+;pK?
z0KO>o?V@NS&0wA;mkqZHc#&K^OfJPfA-8ey(JSF{Yf6FX5x9LMNCkXv_2!3_{~NHx
zU_FW95W$^t@l8MZ#~)ycy`OD5Z~c^Atcec*EG;ChJ;1yHOW!%L`We<yV;S^<DgnR}
z-6owL(gDL*O1!(z^87I!ykQr1q!q$I*@Oi@8$rFtz$Lj4Y&;+p0sxk5cR8Sx&oSJd
z4rkVu@8w?aljS~4u79T4)+*^#ed@{3g`@Vl0sI0Qu4GTHyQ+Pqeee}I45isrQMyvT
zOqZ0P-VGf$>oO_|&>GLzE3r?*tg`9BQKc(qSIV64)wAClJRDZB(y@T7-EcDTXpjFH
zAl-O&XOiHiHodpFQOPowg6cmy2)M;xu4UZT!WP2jB_xcxEm!Sc0p*@CO!$lB8u#^z
zMWRUax9ez<RhwJ#w>9*mwu&Qsc{$edi0QhMA8NF%%+cJAf^L)WFTmB5T~l+dsXKo9
z-c%NrHlBZgCGgvs3<ruT-x_FDc}Qys>j-6xXYC30ot!W`HgR2a<OspMJ>M}ihd2PR
zq@D5w*lD7j71`2jmw8dZk1iPQ;n^Esj%W73KqJTPl@bBQ?xbU@Jue?qtQD9zp}3E)
zQGS~)N=rjv-Q23{-saZqS5~1p+pp@CBOQ`D#n^HpF~E~77~Vyu6w<-~#F1#I=A#R9
zp!nT4<Bwm@ha&}{X;TUZI`vr*O%<5g>N<NO)96%osU+wFquXMSSB5A-B!w@2CCATQ
z-e!0CT;5#GwQqlr>t@C6%kLKNei}Z|Q+@N5NC-HFST&OYzS7m^)6NxO(<GS?5Z3^_
zM{rIUW-3Go%<hmbABWoqo_rqggVBhUR96T>$A|#_lzna<qtzS3sZy)5_-lSsYs4tb
z5bV}-XPpJ-0p>-pz=+pfme@rng>SBnJ3Z??9=fqUeqB)Y4YG<xlM5)jLOqC-WnjIa
zF~u9NH1^IbDR_}H)tv7>ZeI#yb#c7$N|`u(BNMVtfxXsQK|9O!W;8#W{i@1;5bdxv
zfNnhS@T^?ZU*8<%*xIc{+5PDGV&savKWtUIc5Hsoh;f;IRTHMZ;ADo*b2xOVIVjTW
zf-BlQZdj>Ct7pgYstacv8%zyn?zAD5*G6K^T%8Qxz&-v0uPuIC$574;ryfKjKa4y^
z%L2JkwskcH13f=<Mhn4aPJkUFaHiS>dHVB)f^yFBw`xw#8k`?ZiRFA9acZGU*AQ&O
zi*49Vi7Pa^gA>4N^ny+vEGdUaEwAh!LmaKft^^9o=&cWNJnx=BJx_LCMHgGhA6#vo
zPUirbn}uzkY<_&+JD<~SC!W`8w_pPd=IK4PPVUa=v-Kg88yEh8L!SF}pR?*+^w%XA
z_tksdr$eG@_z+j*b4$T~JHm|xkcFyz@FnYgJE|`iM@B~5(~_6t{{TzT@4%A9JFqlv
z?+O5xpaxzE>&{nqyRXrKmqvZ2vX_ot@%cUeH}1g1y^=!4d1-<7x?HSpxII4)Ulu>_
zBVMd~d7j+7<fjEy-NO~cz5z=~{{Tx1@4yn^PGNl1xtcx?9X5&9y_`mS{L{tw!+8X0
zGzQmI^#PX1n1KcrxVrXTmy8H`YUXl}RaiAS;8n`6oc*JwYz$q<&-;306K?kcs{{l+
z<R!93PZPf{YxY}Wqv(+&Bp*r!Y?7^i_N$?eDKlV5Ey=3#`j_k~&ANWe8uM@mkxOy0
z`3*RP@d6#RNpl(AfvXNsKZ)xkes;|w|6P87^A0REcAyw3?}T7PR7k!9OC0Ai<tlH$
z5=Sfv`yXIQs&E8;>yqOQSW0^bmWbbgr6t1T$iV2}DYe%Xu@}%23D~_+lvCZ9;PMJz
ztDSDa*An_yd_F$UkymGi?5K`{BJkyK4WXMY)=q8X0i9g}=TNJ=1#Jhf7Tad&2SSq1
zA3Z$5Tv%zY+0Gy(+`|OgY~u8)sV`g2`#2zCr9Ky?4V^FJy0zQqo3IiwYvpD*S4%L!
zl<?5U>$#2yENqmqA}5zHW&I5-HOLXvP9YB`OgMgn5%D;-YlEh(1d(*p0su=C`_;7~
z#AtRhMf_a;8NWmb1RYf|3ZEs>3j;qHu}eCwR%x0{1XpUcH&rL30Y)&0**xd35oU)7
zEugQbAFgqqUNv5OU!54T_55G$wwF#*VAN>@ZhdkxT2#7ysyEMvuj(1M0>qdc)~8Yu
zJYAq`7)|iV(`RTZ;McK&@UlB+RFx;pRYDKz!&x-W)tAZ=XxYc-d~4<H&6>wJ)t(-$
zPG9%-*RyNC5Xi=}nrTheo;-cvuiSsd!vjPE{#}CU{6DD#Bk-RR%%W2T|0|@pe=%g^
z<+_jeo&77|g5(_K$#2f#GV+qPb;@DOm&2pzGOUX!k24X2??<xvhD})h4@H(x<zhM&
zUK1L<qr~Nlg+cD~Z4Jypanq!%;mYCckz3;yLgs}coVur7+Z}>#3Gva_ft6sYC|<EF
zi|LacGK?KrTb`W{@;Z!5yAc=_(6|-sIicS0%ti_b!0ypplE#wuwGvm-!aB2ti#`5w
zQKRDFnr1o>mQ$TF9Jk8I)3y^nLZ2oj2cRR}%8s*492{-FvZDG!5lLcy*pwyC@0B^0
z(y+@oGF)y0X*%Wn5Kts#?l)$J!gve-mRkM*OL?cHk=s`|(gpP*HCp`6ycfyNg8xsz
z5;*`^a#lE_G=_2hl2SkXRI1k%k6TL&CGLJK5wjezM<lIY5>nBQLqI5tg`0yc)eaQs
zHL1ucMuz0?zwf<%`sfdVmK@F`?9&irGEo8Zs(x(TyRiKZENQ<1OMYY|*F_c$z?Q!Q
z?+k2a<prrNL0ZEobE&xlM-s>!L$Swu{fKA|CJ)F|8;tQPR!I_R-5X3>w+0Hr`@Yx*
zGMI5KhkNdg*PR&8%e*ija!-2r+YbsRcv6^M$OMy(=cgUW4%8+VT+VQs*MWJ~9#`&!
z(RetACXjg!A2^Q$*AaVLZoOJ=e877N-_}NBWf+)Jn7wn$_T-fo&Qr#5B+tf7_^84%
z9$?YqA(#e6OY=o;(Bry}^=ke@mU2g132P*_w8Z4z0Xl4~2$&QcXVlc%U6j)|XmrbY
zV)~oWcnU>H%?iyQ@f7j_Xw&?o*x44Bs><89A<$mLx1)aVzLL|BA4n;=(LL$J{)j(s
zNhv8&$tAIVZ@#LE3)r5ZV6J`@E_5OriWI51voTjYN}NH*JbbukuUOY*_v^F3r0dRT
zysJfTkX#lZ3d4c^7q6s<2;h~@Vsw=L=9P3}X#<HhhaS{Fzw=7a&S5<7yplE{f`E3T
z?s};(AJMpTZf&y+W~*wMjdEFoA&~en2j%1lu9#4wvT)=GLAxP<S4si!O5l;(WYC6U
zs6>pvL_dS$i-ISeN2Mxm_#pX9vJ&S;TwcYI#iRtMrgEcocp`s8YK<2~P;oYZ>tO!M
z(TnD1({IvA0azDsMcr6Qf2XK`da7bzEOa0nr1(@+LD-=Vmi)sODCT!OoB_gYfH2zy
z_S}jXp0p>QJN$|)5$I55g*tfz%B@Wjx!)6Dd7igRELwiaZzxLO%bC<*M8xn7DU_Cp
z8f<3DoR><jJFZ(^FyiB{nHOPjl(q98cNH1|RW1;8V43r&-yJCJBHQhm${-G05+fK*
z{Tu>*jLfy6g4DDU?#H0BhS6x{cQ);29Zk&Gn(1(MdBSAWSQ+Y(h4pA)FqFg7!=weU
zB68`XQaGCCXml({okI^$N0A{L1S=akFbGL9t3oAF*)_BU&@2%F3Er#NkgMWC0!4rv
z<DVyAsB&`b$jE-Q9kCkn=k<f!-wDd_F1n;O-5F{n%DO|kf7QKaFlU@a84g)NYH4z*
zR3od8!Y1YXc#sshBlfN<F#&WXoHt#m@Go5{>`hl<`%72C9*vt{AJaBmhwo-HeW*$>
z1`~ml%kIY8jKg7@LYIGltQi;yujb9+Fy3h+2|dg<UdT->@uq9GW>NlW)F{Rn#rd>V
zaq{uQLFBgcO1e@ny?gbXJ}_c9*Z^Oe=nL<$az2dB!?={oU`+qQjg-T}yc%W3Zd_?-
zc<H>(NUeOdP^T?42m*-}J319IZbBgu!&CzXzcCnO0g<0B<tvGeiX_T5d5oi=x%o08
zHVFCW9jqxAZYt2xf*Qh>mTC7sq*xFx$TFz;Iy#BE;y<|3C&z{KFXfRcHGQFXcd%l^
z63U+Ut!>u$8U>$%qv#dV8L&7;zF0K*>VGgQjppK72$9@GFOELW?>JJ=g55L+jvzFX
z9O>DnS=A=gksB!?Yp?_xqoIL{oHK@j!C$c^RR0ZYL8CA9F`|ViniyV4oRq>1mgr^I
z)PkfZv_P3PAf(m3Xm=+l!uy`sVG(GOw;o+sYVaRisWIl06n+CK?Ka`4Ylx%C-hJup
zA6$uf^$36~IiNT&)D3b*-Bs91pM%MY#Z$^FZ^6#M6oVIahlERLlNV}87{-P>B^TtP
zIP9DTSpb2V_I})=^j#H;zk$c@^mM<f>p}qFN)-THN%e1BY5gx;>9m$XZ-<Bb%R8<#
zzA=uOtq1-GS4uy9!<Bfb-DXMxG`Eo5B90bS&GxL(X*%@%1mh%SiVdw|MeLi$WH$YD
zoq|-sN8MXlnKxSTMm>-RCSsdhLZA~+RKDiL705Sm%gP5>kTRik{Ah5J=<-5`&MH=v
za2WjjRbfn}N2lBI#l6rGc;uF9q~{i9xQw+9q=*Bx&^*kjd7V>XmUFqGAINR~8{@?u
zZ6$+PR!Qh85b1I$)3)DsYn2>StEF@YWqEWRcCEZD!|#vU4t-^!25fCjrI_u|4;US-
zNco2(<amZexhk7!fxoWX;GL6*>q$!GBzbVxXSzhSW6o&d$xx>>e8s8@i4DlMOWX0U
ze7SUBX8LLv<e4?lVC63qR$CtlmTQ1efXWh;$yEK|<<*pug4*+}^kV?HlJ<USGu2Z&
zY~NG2Ao?Q6fF2^BtFB<}H+ASPeCrrEA}<T>QjK{M*0vFXG&w&7p*2xI>)4v6oPoqb
zM-D&0J-JXRf7k|X&FSQyIu?dZ&6?Lu!**U&>(sfaNz9<&NCs%R=f<w;)0>i%3;-=K
z+|I}!HE%10o__6cX_YjkcEb@qb)40?#5;+Alxik<>(fWnUL?Xpl?(J1RFdsQRxB>{
z_K}h}8%;PI=v<ZwV)BBAFI04<z}p#n(y4riaq2L9yhO#!yO}r`4gKe{Xu4iDIUqye
z`9dtY`;8L0isSW?6AO6xKk7)6sKHY#*_DV|Xh6La8VqjLfECGcZTuA|*q*}(la|G_
zm?V8rTPnz>(RvmYEe*XQBOFsCsR|x++L_rvO!`C5N5RVqiPA+vW0uE<*h|UHSVi=>
z@IZEd#%K^X=Gc_{cKsM&zCHvsFq%|<uNtush7V=@>^9W1X;?#M0>1nmV!E%$n$7pC
z)<N}QO2YKgv2h$jJk!AM^5=M3u)9=ahaVth!MQh~%I3oNCF6Uh!5%x{+;U7PpF~H+
zepo9>?=ak$hHsIun%$*r21W3{XbbDs+oo8EGWS5P*?iBvDf$J<C?VCLOG-3uR5P0r
zlwZ$UfqjCEN$5OjAyholG(pv7gKJBrRb+DzexLI72=%xggcx)Wd-suaHUW|;>`QOT
zDvoOPArvlN8M&$~#GIX86g5LpQvP_PpqP+FXLu~ECA@^9Wn9n(#2`(B7ko6=7P%g&
ztFBZ(N-1CPY*v9zC~4GQEL?j@h%-cJ;_(!FL+UuVIOc28IJ!XJjF>&mkU)bX`w$Cr
zRgZm-ZIUStmakl-AwiZ@T>gVwZw?CU3l;|Jff*Y~cUjZiY?j)&YUy1rAjfU*e5F*d
zWKx2pEq}OTv6pYH$ne1MfG%&_oD7xYMUyV+_Jh3+4@$#!Vn-X-!M}1PoV*ZgnJ(67
zgSApl+58q1_WVn#h`ohmvi$Xoc1<givOnvl=%?N#km_;H<$jtEpBJ{=?vXR7E-9hi
zqWcMTJ~mzT(jV|HRu8nwb;&uALX<{-C;V9r(K*00_F_-NRMg^HGvXxpX##3|I753g
z<{w?@Ixz{wuZ5F-S@B(0y3I%d=t>SP&tVGqivV3|oH_YTS2};wm8@a|O)?@J>xJe1
zOIOlh{u20s{v#oh@GvW=f3-Ho9`W&s^j&TD|J0R6A1QJB1pm^N*xz*}7pKuA4oU={
z;0t@8P3b$ZNA9qG-#wyZLU@>@OA3C64A`NukR|364@jo!U45Mu80QV)9iV`Z30KA=
zqA#aJch8&k#4kQ+bI`Kpr(k|Ai{x(F=NgwU`y2Z5<F9;Qysw^!UI2Uf7)ue;b|<J@
zH)L6JpbBCs4+pfGfO;aXNpnV{wXf^VY*O_1@{3cmWE{Rk+9`!-7;d}`tBzsQrnFfe
z5}t{<{Kg$4*qQMx_iLv0n>(*O0bmU|4%{la_6k4Jdo!6x>5V07*}r1t(Ii&xoV!+!
z^ayZXJnCk9N<+NNeZAW^vRX<&geHY$^-kQEd7@3><unSWJ{(({9I@~-!VRA9M{@=2
zX--av9_FFd?n+1vxa`f74g?^*UQ-3^`<TO^PAgMNV^&#%csA@{lNgv<1W478^`<!=
zcp5_X^nIhT!UCntTun=TMeQ*Ah;PP2L6{;R3dOWyK38*ivm0#s^4~`JVWOTckDCRr
z-R+J~A9eE@qCO<>;lf2_0Jcb<E|Ice6GBjYfZ(Et;CsExetRB&3oOWsLvRn6us}l`
zUAJJ~Moxb|QhtKZDH~utEUt4PVDK9cdA342C#-CkfPE^p<|(!~k-G>9bV_@&n(V`-
zqt+4em$Y>bxkwnk8q1zJJFO4V(fIf<MVv-|IiEom_Sz`nq+7F-HUvKYTqE;U_rACH
z6zyxt)z_%z(R0n^5#Cuq+e;WNewyI)*WC4r&mkfNB1*s7T}AgReCZ?LCP>FCB&7IM
zbkyPLD?~6P;w>Qg!zkq$f+>kSUeJd<rL3rAu}WEAg6iiQ9YN2RJgO2r5O@)ff5A@%
zI8ELVC=>-dy|2|LmxO&Ti;))f>0Kxfa4%9n>9-%w$*zZLn+=%eEzYrj$-C$)L(mIQ
z935TTg*`bp#I8T#mn`>c*n;m}0p<sSpbx~iA48otf?=Nm^M^bCiK3F3B+`;8)uwqp
zmvfyAdPg?VjI+jW?=m8$cX4huJUWcVoRn*&xNm*pJOVih7T2>&N$)_?EG+jFd>lw?
zB>xI(NH)w$d084LfyKw9jR~Y_|Cu@%r8Bt3nj!NGZzc=FuoPaR=}<u9qF|w?_)z^E
zH<u~zW6!cf68`=rD?>K}Fm1O{c6dfuZ4U>KIdY7$Rnrq~t>vPX!use1?HLE0=|}Hd
zrgG>^IuGzGlGj(h?dgKK(nmT*igdf8mPbX45)u-)&2^4Y{-U&BlCpxofaF?s_%r9a
zi=jJ*5@Ze4_|hnZiC=`P?-}zhH|_1uu9gAk8<-4_&oA-~2cpghq(FV897bGDNbGHt
ziY0VvumYvLMw)0;cQNHO-VEirxc&(qU1iZC75N>I!puFv=+s|qhs?29bj6OTk4!D#
zU6paUy3#ZvNS@uBN?MpidJ2D#>54IPrGL~0xff0o_mPYD8#1%_(m|<6FrBi?e25Li
z?$4f#?ZnL(XpTvy^i52YNBNSHi^Cqog?)?x0Y6dxZ0EQ?rbXOK&F7LNz4(He@J#9#
zwNxzvK4Ab8YYK#@4B)t>NP&0}PmEX3w~t9TKuPruP&Ab2ZbQ~_Vy9{Z8{f|MyO3T3
zEUV2zQuy#w_Dwch_Khv>H07@C7}0wczvc;P^4RN~Pw+}bRhy&1u0YW`1HpelvGiVU
zqwd!u#@N0jE(TAhZ`Mlmo^{ULOLmYFzAGD<<22<uO^m<dwgf4Dx)AavyTKYfy+m{L
z^#UR(CG^bw&NMl7;S5(H+H)aJj{0nr+D|Z%w-zzel7g*4mwof-H5{5x^EvoM-Gn#q
z+zMlE7aVW}WJlPM)El|XxQ+5ES#B^HaC8x#(V4v)F*VDH#!bVYI>-Zel`4_}OYlv-
zB}Ai3Zlg77Je;-L`FX-3H0Y8NSUjvP2+mRQv$5P%zsINIZRfF2CX#NN$Ym4ZB?m?e
zzJv+|js3>FwRCZ}tUX#~oOU%$X70vcmjYW1U$*1@K8;?}?iK>;@DIe>wKfzX7Q0Yi
zKPMv)d5Z1EqQ`+13F5?Y0N#Qfl33`!<2hPfpHS+KrCgYZcGOAPZ~6A<8Fy{;+>dc&
zG0R8|G5+Gwy7_6H9l??nly$>-J)p?zJ2HOpD-7eCQX-H$XV>-Ekpyi@UwmBso;20T
z3#3-kE*xI5e#aeuu@i(!nl+w^(NNe*k`OMPD0><>JGaQg))hLwG3=d7Rac7i5HIJK
zbE5z~>g?5`%nStR_=^Q}u>)vZa@$JAO-qYcvX`FWP^p`qN|XCU+GF2eo}2xzJL?vz
zvCIiA839ySV8Dbbl}mi~Ruk$eXI<OsXXb->U;E9b5a%)LD)78nm|mS(b#z$GfH1dG
z%T`^eZB@e-SsI_e#(sypW&buOQ#i}-{fHs?u|&qqjXN}fn7s9d7<onBQrqx@JlxP_
zeinfQJJGG#Cl<))rO*d0Si~LWkt!46Z-c&lYI(z>voXSxB)P9fR}yaW@((JYBY8cA
zXW<?oo3gslh$rfu>ebAw_5`=as9jh_pcXXfd4#wA9fbIG#eJ;pbxcvO`RdtTeVRH3
zkYCl1{po7_*A*GZDO24gVK9DXRBQMxm#Te6p%e((?_jJ?7(YK}G|!PT4$fXrQfzOj
zh~kPag3jHcjaDS=NO43kQQo-L8j%EJ%Kj8=d`&Jq3_W)wB7sm%l^v;+7W_0J)+|>u
zVzi-&_fmQivHub-d<J6eXvVrPw)f@wb=l*#X~f3Z!1MJ)E|<*-W2ASLm67!4@^U>`
z3bY;81~~b$m*d6f0J=8(l_aB94??)^sTU9BHuXA_TkxQ7q`&tigPL5Z5(^YnO6lY1
zV~j7j^GO7yOsq^_;)1!yIK75jZ!%hs!o2p^+}J!2^@HeoftPmR@v}S;M}NR-mZ|Q#
z?tI#-)Q(M!8Ca7KM<dPMI)ZOKf~H>TCUUI-nKTc%fnkc6Vu6pubT2*gGrSIA-jkBD
z_#(!VN-p7m20EsmfOERZVK-Le(x<xgedd(tdy%?`#3)Z+noxj+!Xh~}SQK`g!S9r<
zGhDoFQo_`-PJ|Vl3FVYzN=$f8A?^xE$){fxC2&L3MQ7lP*RzHArB`(J)VY++T*4gv
zOs1rlklU1`W6&b@UKhbG7vuh76~yrP$zzeR1et*5YFEJO(H92Wxk*tm5y5IOhUW#-
zafI`($_v{{^=j8PJ(n4>g{E-klY|-%1vH%uN3y_PR#8DWl>}$RQe6WSC82susX5+^
zi%v+QBb6Og%TF1s?E$iSFa=1pym{Okovd@A=CfkK&3rrOrB`<_7Z-%rgsv4QQs%Ta
z99E?YTy05<mo0~0-auLVaSq_s;K_Co=4SL$Uj{u@zlc+bp{IhYRs=u>9uj;NL@rk1
zuJ^Qs#HjJJv%oFRs7f}Ym2!-ewg0w+avJxQqu@KPXYC-nKSjkTec(vZp)pumMBG=+
zDnqFK#M{=?60nBEtq_PdM+hp69DN7g^_X_TqPrq+XC)iZE@V}y1B4Bm{{?D5mA`AH
zFqGnyQOM*&%JRK9!mKc(R`e?@+ex;J!UnStr9I?z+gt7J_KspndC5ejN?DO-jW@c3
z{`ex`5}*jJ=#&*!z>>?by@Jc<?pF|tLfWh<>5IcG+wu#|fDUIMc9SfixdQ0pf{+^7
z>MEv#&erDEW@mG!v$@rYMx3vK2rbOdsh<ytulmGk<VT5LG~jbcJ1Y`C&OGtr0q@$U
z*FH{ERRE$4Sq~+HD7l4ilJN{m<i<&DczJsevgLLlh^cC}S}>29j{^|Zl{J7(yTtAj
zcN_f2B|k+X>6XF?z|B``ieAa`mq7H-Ai`-&X6Mz3b724Z(u_*@a|>!AxN>1224>};
zb?1MQ3CZq+g{CEa74de)j9ian5xJF9M@|i7s3?Ui8TdgRTy3Sp=6tNVq~(CWkc;;U
z2RB3{xmz*w4oZ5?Vqdv|mrIEKH)g~yfRJj0tUw&c+uz+?S5Vmuk-=k0D&d4qk_+Rv
zDqaG$B?w)i0q~`Jml(P=kA5C&Ayv=ziefZfQ{J)}T|<N~$>I)4+!EfW7w4SK2@Q!7
zJfzHyFo+hQ#hyXiVlY2Ovd)Mmoz_aLl-^VDg_k88>iPTB`cG@wcQ}ud`#1@WOq{@o
zS;;&3Il=`fWjtR60j&|vYGdh?rfAIiBR~_4gDQ&Sq_d)I_W@j-<dLu5aDdg{2F_9%
z)4?6ONWsx(zp$lUP+`nZFNlPd%cgw>P5XwKu0)>rE_yaPE>Kx`xNxYAY@JVn$r8-G
zi$b3#U<8VFWI78L&`G5TPPFBBVSXMZB?gxjv~xscd?#TFj>AyKEw%ke3;S?v>PT9p
zcIEX!<?V--rChkZYpoRNOMe~XJC2V59$nG+?|<(o{zk+G=|SR!9BSZfAUC~_d}&>s
zy%HRzdM#b2qVQGeji6upt*GVGZ1CzIr{`}#g8irZ2!=#{NJltIUVWh(qVy&r<%am|
z`Zx^vk^4%@Pn!_%W3$Jl4pnX}ZTb9h7OQePG)ND`7RApg%4Q?Ye^0Jjif-%aEyNpG
z2;YlD??ohDCGbQ^W!)BGlVreHbt9*pNPtiP3uw=&>;;zJN&%*DK=rwxDzPNs6@RNi
zStp73o3mEXx!D>SrTLv7Mwu_#71fE<T@@0zSo$f+7$gh}h>S^crrzWdD`-E)(TL3_
z?CN%N35M8=Mt8*(Q#uLUOfAc4h6lvp^+K&w5d!{O8W#Bl&j}8H$fBH_CLk}e=r_WT
zxHm$3UF89<qXfs%Z#s3bUt;vqNx=6@E)FdLl031F%NOP2D_?L8G}F!vXWwfzY29tP
z)?0$?&QD!D68`*#dBxfH`*rn+Hi*E{sAqD8h00LG1q3R@Thd(IBrw%IN{lsEL?m6y
z#nebokV2>y3gCPwtwMlHQIm$E#1}jT1g8@MfeNpR#RP%y8YS`uxK(33#E&>|pSX=i
z;}IG&-a1Vr$AU&AjK-tFo%_9v)2Ql#>qV46UEv;bMe_HA2<h!2`i&fOE~<!lq$+}!
zy3+ly@rcig>{Gfi@o9=<lQuvw3r^xi8&Z5=suR$&aP|tE*N60dav<{;3f#-c0U^#Y
zqVIW&!zi_AO-8`SHb*SSSw2o%5<kYg6f&tV?oXsjEgL6_!ACf|it-F+;I&uPBM7ZG
zG;Kj@9*_JO(sQWv!&5ZGadgEy^{>Y4?uy>ZM1unmh_}1#t|yeMT2DOncF~4TyP0X<
zGCqA`vPAjwnF&}xN9h<Y042}eQG+e3o1f<@ZKeyqV$&G6Rh#o`tlg?`92$wseYF4W
z=?^DxQ6aCrMTi$OcnS!YeC3W+V0TT^WY~)}M)-z|>HGB-T%QY=;m_8J`1cGm_MT>8
z53xL>$sm=#dEaGAG})}Ox`Fzz#@nL#o=s(o032=ttJ<~h8+dcykvj>cFL#iF%J^ac
zx`Gabuf9s`F7_n3CBayRg_1iOUEP@%b5gm=VJ0LL9<~CTKTp6)fFzTjMU1S36Gj<;
z2(4K>^c7Bi!%+~^aR@p^P}oGtFC<VL9`mClr(6nQJ~Z4}mryIa052OSZ8r2cx30Vp
zi_5=Nh7M?OLo&X+S}R4Sd(OjpZ0LzUI<gT!iD4U{A{k@@xSUd0l2IF-!yjTci~^da
z9g<8$99{<^c-3$2w0%QDc^?pIQru9AYcRzk`^b~{knoBh>bg$8Y!|;<`n)B{B+94|
z5+^u|L?}8d#wK46BI00~Ph45y4H=OE)Cv#;TgR;5=QH>Nc%Rb*?fr0p4!^tT@w(l%
zj^LJ{2#-)kMSMoM!tj0|S15vgncsObNQ9IG5RJm1O>S8G3$&I{<sYuT@~y=8Lk8<%
ztBpt)iAxgiG8?m8rthH%KdYFh!voWpY;cl+Fl6LGQKGMKM5@HYU&owA1Th{nQUt`~
zy+ANV4i+LetN;ZAJ3>MgDSQpeVI~8qN)o_(16Xm)=!S|Gjku(8akjUAr~>$xwduZv
zbC(HTp%&*&z%87ZIOJ&@j+sv|%l&T2-Z2V0|DN*n*!arpAx~IK_w1lyJq>@a0d{Xg
zLbTmRIL~naw>2V3nY<wp6LUw$Am?z@W60bDH~F$?fa92i#%ep47vg)c5_tzZZGBr%
zgph`N+BJo7)0Pu3RyE}mxP~y;_&qBSEut!bn>b&_y!^Tx8Sevd&X<4x{Pg&+zjuDJ
zh#9GF<cGs=`bP(cCznT;|LI?zes_4%e|>a(*h7`DZdE&0S7<i_yu&v~rzbt6SA`tJ
z%QhM(oXCl|)P!$iPO(%ND`3#Yp`)w~;E?2XcguARg{{$qv4E9*Fv3@K0^^2&ifo(_
z5gta&*W4I1W)G$bXGyE2?&^6r-bCGddrtbu1xk`}QKK#zafwj2#mOBp^O&ANVWj)%
zh~OhR35{YtPNUAG+wT6ovqF-|1ZRT7^Cw+Dkam~n5bqZ_{DKMQG6TX)uE%0!BGhiT
z)t^c*|Hlov`=@#-?UKMGpm>MSKZJ-Pq6-Vn*njrk9{;oT{6+*S!njNaAs8#Qu=x7|
zfd*w%akv0Q(g9!H>6;;@jpfi%5=^0ZxgN(lzMF^#%0$KlamQ0y09B(9VPu<#EIu=w
z%qG4Q@?MQrm_*M5UrXKv7lGX*3UsJ=@BZF{fB<)^T&$DXYOdhKO-UBtA;JO(w85y3
zLVl;S0>L$Fnh_Z*?pqR%DjQ%(;!&Fo#nK<r_c@g=TKzmqSsy21KhL7zhILlp*o6zX
zJdOS9aUxV5B$<c>uW+h#&FXR(Tw^4w`LWi-AwRxIl4p174pTLO#lpNHcN-$65l#@T
z8k)X0LPyEjPzI%nfmH&rs?FPkNp#Q|Yne$cUZJ6tDmlp&Ku&#f9o_cizv7+h#<0q_
zP#VxAx)ug@p9NMmIe8RfpNxQSZFg2QNF<q*$he%qeMKWHb6BE|vri*B0$Iwuf>*bu
zoTNA@P`lN1rC!cYA{z5$HaPIQq)Ec%H^X~@`LZCKW2#GEci9pe9%-R+EZp$*N;K|j
zOrtEYt`eIESdo^JWtkbjOnej5t`f{FV#e*@d`fnfa-)gtn{Mk$CHqO+P(yKEXvQjy
zl#D)0cBMi;3vW5$m!cP11DX0g=aJVP3^AxTWad1UXXApw<6IK3W9!!7@O$QSMl07I
zO7`gHWk{RGCNqc;<6c~f$!}>$dT3{Bv$!x<F5bl*xL;x~g}ae;NsbU6hY@J|5z9-E
zmP(S_G!i$W+JWP%-JQ+NQZaGiuhF9?WdGtwxNYqH#@X8M$Q}9~B>u{zI2IH0Sxz(J
zM+p}mMUN)d4U8-8T@{}Ji}dKjESiw4)O<T&kxYrL$~osnUI^{wc@|xba|`RD!80il
zE4x2@Gts^uEDe-d5rm#P6HyYymID2!`&kh&1Tz)a4Rm)xDpzuFnng(vrLfyWQn8&-
z5O8RMjD+kdI%y_MW^C^o!ekYZ^hI23)zB9xA#bhxO~)P_C3#1D-mKqV&epn(t#zlj
zW|J=$`74^+D&y{r3wO-K$c)IaFP+r=Wx#(;AG?YJTr6s7!!u@ChYfK?!jAqV^wWa&
zPC<gX{bt^OH5;&L2i9ys1r$jpVhhTATT)Uyj;={?7sLd8OX&@3qeG$j<&u>OS9*on
zP-{MECbJ$SkTF8t7qnv45VWHu!IZKbl05eG9Fd@aT4`gI;lmkbGFDzZ9&o8dC#{lc
zq*To1IAUPu+>!;21rkPsEDDDH)%fZvCc<DT#R-Y!cZHE4rom0|Wd*WyLbh9eE^_iL
zocu)(NO=IDcjw0&9Eg}E1F7T_V$cM~QHXwvWCrdH(JDupY2%m}Dt_5CzRtBYFp2^i
z)1-}#qZ?u7+LLfQLe79gqQpRFgtK7GXv`Q*{9pM0LY!l9Kz3w=64vRqx7%ACHJGoP
zDp{%741-c#pmO)lnZve%k7fhyc_>YaEU%IkyP=lxQ`wOjuOMuPv^g+6T!le~SyC2K
zyRu01r3@D2?SAFGj>FXJm{!fkpMpZE@<RP>+Q1-$A||gU<j%EVDHNABECsXH*!DOI
zU1doqQV*+pHu;**rntskDYzbGhNuh{^rx^0g2B;hC<evXnB?TZoFQQ=;>5Fi-Qbvr
zT(4_oL)i7lts~ViSfR<kH35P+vvTnWs$;Jn@opgE8yHs3G#ea+MS+5wSiQeTZ4pWi
zM8=1Q{^+jHyXiwKt457$8i$<RkM8={QO5GVcwv+%tkZWlneiULwwYF6%>U@FABFvH
ziT%u@oG$>~5wBk=!kO1dxEAe|K85PG-(re<J|`Rr<>K~+d&i+#^}Cy!tB!J<S&FM|
zTL3ZlcMgHH#gqOFjv@#S>I{!+8&OSdH+&b{aFEv)Q5PCboyfRQNmyG3qK!R%B(C`o
zPe#IVKxTk4#;ks@q6h%%EK|&VT}PsYexKZ?S-)RXXxzAPK=R56lN<HbtFpu;9<_nq
zGSi2+^o;N=r(I`M*nsYAZ`BlRSnz64BMjdE_V$rZf$!u7)h{YSVnSjdD_iB&m{1Pk
zMGjF?_7p|4%Usi}Oegr`3T&buMn|AJ?}@)a9akzOodhaXbAm@b#4^(7e@T)9O1U5x
z8TBl>s>}jaGcG!dRDC%Wme}qfx%zq_Em6FT1SB$ju#s*CmX)A_<EXk9<>`+HBn!uR
zb%D#Ycg{`77u!IbL10et?|=W>QHqfX$-oji$f7)wUJ<22(whUK^2%5cu2L#<Pftln
zjzR<B+>O)JXE_dTTp*1{Bb?od*p}6meSeRBzQ5O@c~zu`_J}Zs2gE~d^ziUAdUz-u
z?S*6T;}3A@nk*ECelWyI0`8wHE!~S^3-t?=DJ)9ae2FmrRbOqs3%*(06};)HS1U4F
zmu8`8Ht0v8<~orGdS!eReZIv}f=;tRyWk4@VU;a37hA!j3EN}NV&S9@@bu-oe<{C<
zfR0SQtZ$6Hj%SwyNgFLZns--z(DLT^=M-}2D2*y81moyRJCqj{I{#2G0Ji=qcz^j-
ziLZtTAirq9r$_?2TxlJw$_ZFCrt8R@O2w?LuG))48V<oDa}FJFv>Q&^6-L~gV;v1b
zPjOo4OlwdS>HrDNvnfniX$ChaC#RQ(J#;B#*P=0zjGoU62)07iUc?$fRoquDK1`9b
zGV?}HDbZ<LvJC)3+sGu+Bt~Ah6f<7v3e*l!=LsDVUl%LLF_&v>LiXZ(?}z^Xxi~#h
zDwi?K>Bv<VYzz&EJLRHn-g=>j)`DM-&C_a-kesibEkj=;Hi!AnV3SPgNPGsPWEY55
zG+<-HcM1#EPEJ^ELW+dq8P=||dH)JCvb!^XFaFi;PIFHPUG47hQyoqzLt9k_VG!jp
zzFGhTQPGA%yt|w>>L|Y&2R9~HGW)<)UAto==V3#~__uLJ7U&e}l{&;M3M_o%ARuY}
zEy03ZebM=1wIxhJ<Xt2<THZqZs2J&6MQeAq!9vxwJ3(PpR8n6=;sMay7S)WcU%qFR
zVJ@%k9FQ<X!H>xZ$hsko2+$SHhwXywaS*`lTw<-Ki4G_>gho;LE!uk++>`{qG<C4Z
zj(OWEj~aDCOGAw}+JZFABF;Y9E~^E}m3Q1xf<`#iwi^LWCM1&%I8hQI@G!`yp1V@h
zX@`9)90OI+C;`1PIN8cTJRB$0V+Fp&bimX%Ixs?tBcwH`m74NPOCPK9_-}|613t|-
zzRROPLIqhl`qwn;i-Z<T6N#7(M3E6(>jgAnB08pQxSy!-Yj%WmiGYNNa8ubt2)qah
z53e5bI4^sR*7!<R$)%MSwMscveh;p$>*(RZNJwpcLmz}tA&QWg5%ln|y2}4fLiF(9
z@rhL@^q%c+Cly|*Z*9m~T*%5LM77;ApWhZZ_7vme1OT#cj8&%b0A1sN*B@swob&w5
z<+~`O@0mP<MQjJ<JS=<<fURULdD%y4-sdRhznw=u4T>nr!hx@Y$N5l3gXpY?fhi}v
zC@BKHK_tszTYTxs4$ICof|cW_=(A{$^tm)+eqsSl`MMc1lJx-ejf~*1N3(&dJkE#x
zx;XkV9Yjfo0>nC5v#bcG*=#jIBiolZyo&p@tKu|j8`XsczUYTb&=EupDn?7fKFtO=
zktsa&N8#eg1r7U!cD!3b#|L|7PqoT49ebk<ja6FEoC@=Ql}@L~V-trsZRd0pqli;J
zxch(;3g(-C)i*w+I5I2M$u_<Sg4Y*}nnh-Gk0s&^sHjlpOQl>^d8U-MnQxE&ki;n$
zCGs@3IA;N?>8r#sqz^YEJGQVRQe#zQ<uSy4g}3JO*5+%4*HGp~3IPiL4(G+6ZQqff
zMKbEl<Q*K2E7BHAMQG#gmvD}x!Gn(Em>>-N#Lv92&nNEZTGy2o^s{K~XC3KLaFmE%
ziw0okf3~e7;r3J;>nPhD>8h%hlI}tM{NT%_HX+#+Wuza|!GI6!RpDQT5c=^)8RhS%
zpNtz~^a^>SJD4ST8>EaHAPUnfw7b14UyK>)GZw36rBK6nQ$LRxdS%QBLX5?Ib`z!j
z3FN;meZ7j3upcJ8^Klfu`Y*OY$FDebVH;uaYIH}l0slh;WU)5K#oJ5A<|wWAjhPlZ
z8|6>4&Ur&E{=eSSElA#6^Mai2Hs$fZyt2!br+!K6-6$jhR_@jTjUm;WWpk*k&6MM&
zP_T-NV7_9RjCBLbwooQN&4*-EBw5V}uboE|BGnR1F!(ZiKF(20Fw6C3d#PhdNdw8%
z+{o)W5QdS$y9Q@?L~@cbhv2_q-lIZOhP2Pb$a{16Ro+DJqd^vhJ_NEC^$X`p$Xn7a
zxmHdKFItH;Vh0;3hYu;d6~V!E1y$mWh#D^|6<%)EdpG`$LHkw^Cli-36N$1#WH^x`
z8&2z+C`FvS03A`B0feX-LvFVSoM>3JC4CBuE&eWvejSt7QA|VtC_S=Lq-7Z+&5E9^
z6gtOrfMPNsv37F<+w?d_axD}w*l0o!z3!od!*AZb*+54puTMA74}0e)8|d)-{PcVS
z?VlfA9_{ZPx0UZ77!~t^&{s?c$GoeadId^lR`0!SS|GVC@wKxiw1mv{TLgaOEgevh
zUNe$r6g=W^%&~Nb<Zlw9aS{x1G9Y2GfH@l`^W>t8NUPblY%&@oG$VVWoio*p5juB8
zQWa&1Um-sLHQ1$$aCRe!xR3>TMQyIshk~+A!QavA*&7!r+KYC-mtk!^*`i(pi%hi|
zX?bq>%cJXp!iq$Oa)JbVzzEKQp<HkrSTO`&+OSKXzlhnPnt8*goLIh(Dk0~rOth-6
z2-40bB1o0Y+sK5EE&!RYGNE=&DHC2Fe3MFZpuOW`5w{UQ<qT6C7acN59QenRB1m2`
zj$_&STaph&x?C_Or6?phKaC32iCA>3jeg*>_QT%g{<l?Bg%n}=P0_{;G0hjphlgh<
zk{lOg0p%bTsuMtbf>=yQ3b@|g<m8MdArmM7LlpsMPxPT;59mSbwY8z$TQX1s$@4|2
zQ1z=7(dq@TUpi8s1l<g{$OT}`Ac9x~AA*?RB)&sItfG9%ZO4hEvckf86Ph6icQ+Xc
zzDA>QFhs*>z|T`DO~ug-LEF2VdgN%WJ6wm&aZRw8bdH*YCcZQR{_3J(AiOE@*(|gV
zBA_k=Jdz5918Z4)+0aZ7A2qnZ$?z8xbeYBGxuat=#1n!rlE(Xpj&nR9a7w|wB%kXP
z^LldIClsAuTy|a`oouL}oHFvzkiHiNanPm8;ftf3DW}+ssMKnID|)b}z=`)=Mgp|P
zqTsLV4fxo#QFfSwa6>J&SCQ3MxD|pKpP=e;jqx|{&W~lB&0ePiNaGAYgz^D9JGc+C
zufdeHQAf0(Xx`oxqwzQ|GXJw7;Uo!i(Fx_OG_r&xCrzW!0L~EJkPP-ADi~XyAK2$m
z!amAW{HH|wq8BAWpn?#fIYnaR$(=gWl(yDz^XCgmO~gTwds={~=muus&TU4o5_R~i
zJ#q5Z9kzB$wxu+jt+#oGEgNVAK^}7^N!M>OU$e5Jv>Q|rg=EVDZ$+RJIJ846it}Un
z149e`Y4Hdb`--!lhjB25GXwWvn!3!xL6my=-Pi~rUMU?ys<Qe^7qlUjS#PAEM@)$b
zt&J1Nsq?cWSg)ZiepaiL@`7Zko8?YEO3nMzLZe&o$FaJO+0f^%il2bk_(~QSC!w?$
z{#m^FSws&Q=O%n&P#MHH$O#rxRDsoEDKw+Ogo*VWY?i@bbqW_u6<mQCtQ7m?SgrPw
z*Q(>SrYwM%(i_2L7vBC-^DLQbV7$Z<maA7S)j@{SA;hy%llUJa`~x(g)fFW*#?Sg9
zQ|d=vXLQ7+RdxaHY~zgl42mNF$|66YA+g|Ls!H3~u0>dSYaKijXJMEqJd(F4TwxdI
zFP8lFlHYFRx3xupol*ym(wGlNU5v^gNH*J4Trh{`Rj1`CqpgbM$;_!gsHkLd={6}y
zlVW>xQ#2by;5lR{wTl>0vKSN+_NQgupg4_8W=}&RY_MEy8b)QRRS0}k8kVK=1A{YF
z+O#+my6_-}6i^7uZhZ*fEi=@ORZ~_yb2q~s9fXI4`*^-8H080`8^}<>p?r6wBCYXy
z@1l3=BHz`jQc24IE|BrYuvpWyRx}UFZ<PVOK$wG^*D~iu+fOG`R2!X5t}wiio<gwD
z&D9AOj_@m=tVYthTbM<%(2i*HiWYW1pMi?90C}mW`~&gMOTKBzH$7HQX?n>%Ql!ug
zJyxbL$klv8g>hKSud_7i`s|8Jv(`-NOUujE0JxD`(D;~#T~L;nPrxcDfB8>K0XdZ=
zP+-r%4v3<2vI1uNp8*>n;{hyLfF%pCWC4~efMNkmJN$)@e-$R=kw?EIQH$#mokw%i
z$qdv+o`WJ=L|`A<i|`WaU})qcI2dQjJHi}811li$GY=bJcyB(Q5zvi&W}JYAdlp_m
zd-Kl64cL8r2K;~mc*zkgIf5leu;d6dM_{ILe*{lphFo|wXP}AIlkf(*wddvxibG;5
zZ*WosrkIgCsElele*g(dWX4~?H5H-fHMxZ_8R~~BtsPlUMA`y+jc6RAb8#yppyVrx
zV~jVTeAvH@SWdG$2|{;M#cPCU>ktQtZ-^1iiLlmJQOYv|G!^c(1trd90nXqQWiE2w
z)Zk9riys!=S5VD&G>racWZtf@O7g~uiCa88&M6CU93_KV)@l?b=T;?%7F4`?39m#N
z=KZsGJ>>0fdd54MBuudl@)|Bv$)^iPiIwu0jwJ4s|AgGi4ek^wa-sUyZm_AB91kSS
zgC5#$cQ@NFn~Jj`Mr$gVw4hvO@+)_(!f68vnHjS7;`jJY_#BY>q%<v=s({!2_VV(q
z|Ly6;We<5W{i5po{P5)9@ciiHO@HtF%|#FSenNeQlkke(Zuq{u`1A+qc*FPKM@dNE
z`+Q5i>TZ3tdHdzduPW`lJv}(=sRaBg(Hc5>b8>oq*yoU3^nt&-uriQ6PZ9~}>LaI-
zkSWNT5=lT2JwHY=3H`%PC!t?k2_=lT4JjpRZ#Av75=gqnRufAg6&R!@wS@j&PA=hC
z*~S#vQKeg`^g@`@NngXJRxE!ahli1(hV^Y2^HXU}f4guwE<HiEHSl3VKd$Z_AFqmw
z^jW;2R6N^rO7qwH&cE>dtqd2^8=J|tQyT77GG#Vl>08QjB=g+M%;n{*_w|+2ETSBH
zB2E|YUcNAreu7Phk+Hk^2rEvls!Oy379Dn)X5yR|M3rW8p{;UqusTCs@BzHK0|}(a
z9F>H|Xm!&)^ws89UE_2+vtI%mAb1;`@>P`6fW|U6zm#3vu(a)5kkVNZ`0|M55hNHB
zjp=0EZFG1m8Cs7^RbC#X;tVkQmOD=N@|Gr%4AQ7lR|*CXqYJA9+CM+wgjV?sg8`!v
z@JGjcR4qAz18~wwS;vv}N>-|4Ib`^!5y`VCP*%VNFV{mO0VJ0((3&Yvj4N_Ih%gZ2
zm=8xxDI6~Ag<^wg5?VwX?T#d8J|uiK@!^SSk7ZyKU55o3PDvr)ZEBf=w++F|Op6*)
z98@6<+Cdhwc1R{B;v5)*)5?gn+bK}c7I=o5_9S*D-G5Cs+ud$^bA=yNzF4y&d91OB
zRW?}(C4y+m#;30PwFu;NbS=ii(W@dWM2WI;lBs98bfI#bKps>k_9t5f!JTFq3G%pz
zA0x$g9LHBUxX~G%ix7X3!z)&~oS+qSl%N1JX${^7*-R!Qtb$^tTPd;Xs`H|=3p=HR
zWqwy7&RLGAHklXH`ApL$4Q!$Xk5U7YPv^)2U~dRXTSXMDiUfj`m@hd>o7!S@Vtxg2
z4y3LqxuWAFM0tj<ucLr}0Ao2bT!4`PT`U@?dL%->SQL6%Z*-h5+TEe-%~JX59PU!_
zt24KN6(DGCOK4pqgSHWBOj9wD&!9vCiv=xcg-l2fkX*=g(rVW{x7RfnT4_jBvS_#)
z<qQF1(IAmW)(m{HkvBJ?A@TLu0+IY%A`yietC4Q{lEy@surA)W&XHqBKj6$+?&Bo%
zbKQwf;aj{Ch!;KWU0+8D=S8ZZpfwpFS@6$FZdiX5h@yEvrJ>L9(^<h1000{&dE~1%
z3UKw?z@f~5i(`oXl@mB?!f{Np4UrJV<9qzZn^DBcF}q<pCMC&yDXtZP4E@nK&Z9IY
zzV4|=j=WNIFBx@tt`>#8R;xl}R#wozzy-mkKRSw(Bnhy&BbsnZXA=j#aoQroh}>VA
zL_`c-M=^+<QqTIn-72TO)}cUZpaHJxP=#4Lpvh{kQkf`irnniAZaPw9DRWO>4hfRb
zLa=U~n!SyF0R6a#Fd%b)13}}&tB5Zo&o|MU)gMT_pr=(@+9GAFK?$>5>DuICfPMw%
zHZWrniO6^65QG&mPVSI46<t|DYh~C_NLU^vVv=}=>l({ZiPG00S(Ynclk>w0@-Cx}
ztO!M=D6R&cD$R)4FXoI*?V8;3(=y5n=PX6D(4Lvv3)mL@2~@PAVtgmrYU6@NU`}2N
z$<-JrgLWC7s-?K-1_&aCMiGNlIW$v?<^Dmg6uBJEXegB+7~IhW7i$i3)ws-R>BJdO
zWhC+ngY!?2MLEeLEbh%{qI4^;$RKPJr83~k26z%>1j}2mK@kULWd(gR&LP4m7kSwR
zdQU`}5u>1DqF}|U+b=O5i97*Pfzk~zGRVlt_sV->IWvilE0ZK=rtBjJ5fMponOTc1
z<%a+_b&$JTPdYGwdZj~3Xc<Kje$~&aR@DIRkBb1|GTJGHY!ey8XbP>ehdOAxQNc&|
zplcC1eswH;bd+q!i>My@Q8o9|gC>CW@JaE1rRje}Y-}aMxwn=b6%aPJ{ILOHhg`c@
zY4TLdinqfm&YH1;B(1VSaza2$b*&C7$w;Iq&$V`~Ex^hw1G<W7aC2~SaZcbChm$>f
zYzHS7a5%}2N;e7hlnQi3$7=zCFSo54T<Pw)+T;9CbIQ!%sv%0kXcC2E93$~kZbm_u
zR7^KfO{*^qNmN`|=&D6wUR7RU^O^Fc-s2xa&jRwwKUEWl?SHq`-@aCml;7;^Y|k;o
zoJz)?*o=U_S&stqu#$2tEsxABGG%~K`VF6&9{R`r(ZRWMa5>exMCx&2VohqGw(=u4
zxm-LyHSFG&mbAEh`W|N?gu%yo1ggk8&SV+;<vn;f%lt+n8#U^-yW1$FgmF$t9}U$c
zlQK59Oh3s_(r;v!`(}@7A&(h>1P#~Y_=4m`@b7))pdH>NcoYR_gp=r+OFL*1VKsP>
z(Cida_nP^t%oygLp|uxB4QGHST@_^RCQ8B{QjEieigX9mm*m*a<I<FsjIWTM5o0*G
zAxS7w0}X;y=Er;s&U%>@(ArMf028kB>v87XSK-pEL<2I3BrkBLzPDDmAVaeJgdP)o
zLqe666U+ldghr$?|LV)wQuIa{hHXfK8wR(#0wpWTzCooYCbubNMXW%5>0k!F(-#G8
zbd;O=o~t``tKV*|w77T(A>xX-zd5xU;@l@4%TA@Gz(@o{H0(t<TcGcX$Zd)fSOcxu
zW3V!kk5hFUXb3{;&5CN?*Uba`dr~HgCM3Sw;An$1YY~Hce&NPvXNk@gXE8exH(Dz?
zo4>r1Q`$-r+yIpl$q#B)ff6~|E$4U1H2+0E^0w43G>0;|w8ol}j#=mA^z!hco!{nv
zneW-$+}zyV*@1sIH#f`wzTAEJ<zKoxU%uS!c6WAOZvAC*tGm<f{snE$+0R1HnB_S8
z%jTo|Di7{6dAe=%hUCJ8XVnPe3`FN0BN=*lScPDZI=&-cgwg=6*Wza!r@lcRqXEg)
z2JroY(Kb`0=qS|ct4NZ9%00L3n3L#(j`gutY3q6%$GklcwbyxDK80ilDb9zly!$pM
zzwJu<MzBhwanB~k9(s6q@X!Y&@&F*;4@p2ng1$y17}8d&wbceiKq(ie3@I#RAQHlH
z2Aq-shPvT__YV(BFI+?&=By?tlZC_?<-;gZrdGh~3go-6YhVODJhW$+fHs>1ZN)=_
z6;w+^1Fs7N{s7k;(x&VxN<x!+|7vpsr7^*b2yba(#CkWP*MqE@5gGIp*rlI;{<(!}
z!bkE&x5xOJ?4eEL%^Q)(N4~l)ez%NNnJqYYJx1~Xi~BGid8+|V`w7YW5Ghv9$gBS*
z>8dIr(wJUFNvB{4V2c0tH&uiUb>VEBwB=7ZkOPwAC}zT_fupAOkZKD3$}9PNp#bZ7
znic9DDZ;+TcMJs?X2Uj&`ZdVe<6MQ2QA=jSu#-gZ&X3m^7%fWt-rxHu!^wcugmM>i
zj#TtozL@npUROkPZ^54;&^!Oe$xCkRk$2}{0XvCUlpCZ(O7e2P?1cGXL)UA`ZlY^-
zUC)qrLPK&!v)rp}EC?8&z~g6dmZOu?gTwyW>G|cW7i%WfnwMOaNDOBSg%tMV=1=WJ
zg7n}OcMsEd>3S8=qq7p2yk+)SV56Lj08W<Ue9Y;g%$&sE$sZ4%0w)+!HQz5JP`wu#
zjcQ6@x~+LRra1ft$2bW{);KpJsPa*cM)(fpkRumellN#8CF9(%&^H@IM`ud1o!}_u
z6sg@(OtT7x116(l4Z%RU0Awt;RqNE61oNZy{S33ZYR&4!;raJR`;LiSr2pxiTQk3U
zuO>V;FsXJppZh3%SY5Yv_=^JIUft2<i)nPPf_*`Dj?O$Z)BZd=JpfCk5_&+7GWYz%
z$ir#cwr@pvsaJK?Ma_+BEg;TG05#j^1dcY9$JDFcU`n=xw)K`$1Dkg|5VYi)W+2+X
zP?$p7B70+n0E<6c+ii4A2T@YoJ7_iz_zISj6m_N67#tZgA$8X9f~}S$!CX941-Mul
zv796UF&TuFr+#FM2!Z>^(aD=0IxD&cQw||Ag@66)Ux5(FU|Wm`&IweAaI1?@sYU&m
zXH`mtxiiT|Q395QsNpeNe9BQ9^ZDfb|2*<vU$7<ZJdNk-qgnpzZg1{xmgK*!%`Z2X
z^51hj_xGJITIh|mf0cR&NXW$ZN(+6_kpx9(k_z%9N*>@GdvFH0NSIRvA;=lD`9cKo
z@4Z58ux`}vGfH!KEt~cQ`O@@8x*<M16p8Hb@6j(bN|3i<bRc()nfwWTXcc_!3lfvj
zhWO`u9P=)tBqX=0r(!5k5_#gZGU(shO_YR340$7*db*W$tDGt#lf4whR4MU-Q}|ac
z`y5qOS<d%mV@>`mPvfG<ivoy(7q3()x2Q2zcb*uiyCHWQ=!LLGo&#?-%0zYe{v(Iy
zhTNftho4%eFyfdbv)&&E&$WkmJ=WEZFvE4o%4&@cG5e0(sXCre(0J>jn8LWo49TnU
z(XHk5KU_YSbv~ek&u)^Vt#!FKtE*ymSPNI7M?zW$<fEWd!Kn@4%7AgIRRODIfV3tl
zTbs+iqE?%~K<iF0<uY8OSv?NiA6^3_>(Ef=3sg<<0}24ClhaNPTnzFA{T4JCv@xD0
z^=cviKFgz;U*)k2K+R*N2Zs3PkiJj2OjHDAW^Fc<xl;cM8lbBv>5ycC*buCybL5lp
zbwPWYLAO;a^9>u76f<%$rFNOoO&Dd!Pl0KdiF4av<Z3mc$xIW~K`$JT%rHF~!XoD6
z3j@)v7Ff}}8#gb?MK#7<dqt#|b?lXK7JKXRR1U^jjC^);jsCZVknc-F17G^mqTNmT
zVT5ntrFvr>{BjzK6s|U+?NVmqQBltS7I}N{7V?kB(wDTurASZqRz6eAI((L#ZI>z+
z^R3~M^&lUg(Xh<#Cmm44*P<6ydgkVhbg#9Yd;?{SUhGP<_k~#$)b|2kjZS3gnVUCK
z<`$itogaO_cX{Yvo_=?DV$O$Mx~3D}!oFBHzPLOtFM_YR48}<Q>fPmQ|0~Z}fYzpc
z5vFH+m-k*F&y$)Mb2o+j%bMWKT-(~KNfYj^mnn?K3i*|{3(ARNtD9vMOs}Avix@St
zKLzIbPL)->0>k31KuJl{EWBRI+I5^pW?X1vu7F;khlh?bpyyvr2-JIy+M=F*%U?<W
z{D+6G8jAn$&{1cK0jGPAMlcr}(G{k&uKWkYNQhQDzK_~pAm8u&6|s(2l=FJ+FE;EK
zCO)kOy^YRb)wSBHV8u~D8lZ9<TCPGh;J>)P_wGHBRW=c7wg<RxP<(#@=FCT1g>F=c
zcX7`bR;TTs9BHDyT;Xz2$Y1tiXv$L0D;Yb-Ts8%l1KF58IiOjjveKWv;Cn3LzKG7t
z8(%=yFA<PJ_}5|OIrWgaB25FGZmWn?ElmrR<Ewe;EZzGJ4nfl)wG321XqpX<LQ6~8
zR9OVFcAe3))UFM#T(qbIR?i5KjFDZ8r*aAj@6s8YvvlcJ5NkmHjIG!~vvqUj@YOT6
zW>+hk6F0&~(x>i1#7~*IRcCGE27i0A=t&+vJxyyGqGZoCZ;eYqc`7!ys24y*x#cKa
zNj`!kIW)*eb?;aAu{35gm3FWZa1x?5b2pG=(th*0e{s0~?)>QTKmCKFi@k4-5Bo<a
zN0&!?$Njy7w?`-a{qw`U%cIkib-S|5fMdP6ebL_8-o?car{@R#{_CUT!?~&ecQ1@L
zAl<e5`r-q++T9^ZfIgsK$22E~jBgcI#&$)c>e8gzur6EIxMENo4OJATh2cqAg<1Nu
zM7=~ZW!q%t;i08d2=|oU%Bmm_fEV?kSJ&0=t*>4_Py5Vu|6^E?&eKQp{m<6+=I&1U
z{%7mUt>yjCb37~PT&w`=zz}gJ`tscAXJinuJiD_F4Mj=@F}=cZJHUA!leVZSqhXxO
zdb(PgMM-{*y#HbyZ=nVh8M2PL74!qdt6}J3oTfC(CFiT&O5-Q#3<quif>{8sQjwQG
zO2)UszGkDviwKK&@!Ie&RWTU2Y{v@6FXas>-Nq>+W{WLgtStn?SMU=x99o&cue1;M
zBtjzEp^Qrc6B%g{>hc%l`kDlJ4|yl_LIS{F7d`~u;jd#Hd-aTg0S1#^3)UPnGMbPK
ztok#8ynl4t-5r0^L+yPd#7X<R@fDG*e)~<7%Rix=E0W`qEd^ygft;2pFtr*Bxn><S
z-jit51BL8$6cf$`zZ&rk9SliNi8GxqT8Fo(GH@{6^MTN{TeV`3FbVOCudry^`%n$o
zFny(gM>>8O`hfCmoCIih8~%(&7vt;e=oWdtS5-`RzGxMG5GtMBIF9cSpE{8U9j7V4
z-ERFrMB7k4=RJU;2wjl?j~M~iJkzyN*pEgemiYp~{amfmh@my<5hQI*AyIrvg7tRm
z=o)3h&P6n$ZF)r140spiRsc+hH3z^;XloH$m?=5viTbGVDT~y8p9SCgM#D!h0QTOi
z*(bDsQDZ?gQZ@w=a9S_t1g;>E{(mvA)RyRU_T^Q31yd|KV>bB?QT{-f=>Rx-qX_rV
zhFOJDo`cqlp_o_}e=9=q0Rmg#fFSR`J>>PhMYm9SgX_3GGWb+2=+&51&ZTJ=Ys++a
zCHgSMK)t4|#8^S*g3y-f@{fuwrLzI|z1#FrUlNu-V&pL8(-7eKIq#(r6C935W5a5s
zW*Z2nLgAKEP&*kU2rNvgpaLODfKh;G35Mlf5e`bmfE!(b!<As7o6i<$-RD4eB`9T?
z2-X%bv1L&Y0q!)aKu05*$oL`kz>Dt!@*#;wZ8j8AgIlVVgh7h5)$fY+IF`+}4T?)M
zMJ@KyR1pkqo<70@(#|nl)>o}ICrbTze~&m@a83pUVpQUQ?8WhMl#>j{$om%?;`SGw
zqgl^0R7+Jj+~RT-5Rtww^snxO{y@!(bgD!y8z*pk6c~|slh@r1ngKD1+Dm@gG?wx1
zJAv2cpbaLoj%vze)*kUml}gRE@~pV1PrVN9#+R#d`q~m9Oclyzowlc2cjZ{Fk6wny
zlnRen$N;?x!IPC<P1(^1uO-fIM>*5x)R6Nzp*iP@m8A`9CFFf!aLp@<Y7Jaep#oIr
z!VB4N?-g2$DZLq|$eVOM<OxNe=Qwap+wt{j2lBeHuvK5`jkr3NFX0Z+b2-UXj-Is)
zC*fY44)Mu&gmyO9XVo$4nK&o;I7?K}#Ehm{1X7Q_Rf6L<yTU;OGU0Pk#X4(W*h1{y
z*^w;8+TUV^JW<!QCTQP$#iV1o#jnp;w!-H(*W;pdw}GXf2TjV4t6_)A5;e$z8-i&V
zlaU*uWMGVb9j%qL2>*PAy6x`YoAn6t-}Ms0oL!)jA>ATy+SqRBtu!swIVHC_NrW}Q
z(@x^Ie35VgG)8AMM0+w!H^~~Nb(rG1DV>5OBMNwDvc-phkU7lS?-C_Vr8!otDu4{M
zC}L6?9z-k~!*$;`<8VM439O@ZEs0PD=Z$sj1u$o&Sr@H{q0^akJ7?8)%L`W*Zd$0i
z&|Hf&y4FFuB8FHlobRU6m55zH(E`8ZSI5ERB12qeY~J_HU^1Z;X6l8GMLYx8s_s##
zYB3C&p|!@L6eH&Y$+I!xG!Y2uqfsDcu8zchH5-XtpBIlQ&WD$G={)#5lU4rsczaE=
z5zb|d(X(+Z!_BZZI!e+p1V~v6qktd&l!7$km5X|)eXpY$l|MeLPhqpIhBObUJ!(w*
zY+;_Y7SJTXx%gDNlqt7}DsN2gk<Uwhmy*+K!2AfOKMM1;pCE+tHMlxHz`pfSA<;^F
z2!?bGuBnB6AqQxEU8(@fluQ{AshjO-rsw8NNz15x5di1?kU&T}kvhuAfhBL!CHp(X
zDx!;wT-IPQC4$QdwdB6hR)wp74WVy)uSC=q{dF#H4{gxob{;^cb*9<tD+mU&khhQ1
zm*aPY!}Qu{G!mc9q2h6%nl)UvR?u{5?J4J52;-FJWR${iaw>c|<QfDWV;bW~<t;#^
z@N#xAp_aY^LyazZDiYK+grZDXlt&YSZpfVxv7>&i*LeB)mbu*v-R^hfj={F?y+S{?
ztk=DkFO8>u1X=S6GvaL^Pm7vA83ouVPwPL*03y7AKwbZa+|?EViMH=-iA!g~YP_~H
zC=!Plz=2RA^~DC14q_OT2vpXW3$j`eBEQd8Fvc?#Bnio)pilX)8Oqa}9M4b;|2EDD
z4rc*C<{=E|X!g<x$)^<N{qrJx`}CubBzctI_3JB)6S!9GE1JRU4skytVZ_`sCvy(K
z^zxO^=K#8ks%VvcI4Apj^Wp(%v+ahJSX1XcxeD>5cGcC?0(A7RVhT$_-h9a}e?}j`
z>mRnCZ`nj^Lh7UsrM)bt<|v7#d4BpXbMXF#sne=bhPL&_XhU`%jI)d+`CFVqeFK_G
zQF#v2B##ntVn7VyaybbYj6`~xO3=VPE|uoqx{k&hXGhDO=##~O6PjEvwP89{ti>d;
z`s2KA7<MI4)vC55az+N^_ANv_@&5OJU#$I4uisz$pB_mjAFiXAe3;;IoUgC{&;5`8
z@8PHae(<zcNCie$Pol4D9L4gE?;3d*<~e~@|BJ1vh`Jo0E22XW8i93-@J|ruyc)(2
zMG4CZ4%<44iyZ^cNPY-jz9KU9)tyLssj>^|#HP;0-1g9#@Dy)*Hpc6atPbzWd&RL;
ztC)CIJEVeZccYcgrgc?XekLo~+;sJw{pP;L^yc@rSzA6&_snJgnbL6X;2+cMKf60y
zFJG4JKf60y%lIG9^3-TZO*u6O?_J0Q>@m*Sdqy~4kG~VYm?hp$3E^SomEeL?Inji4
zZ}3dv%9T3KZBS4(=MmS`<D8E8y9=uX_-opx{S5`3*Y%}{g#y}25X1YzYrQ=sVu97V
zk%f(aH<Pl>*Q)8Po-moe;^CpCe^^+siZsC&CNlq(Y)dA?dc=q;iQ^EsnN_mMsUU>a
zajwBFeM5vQhd;Vyd~swZ&1FLMSa#9@8G==sEPalWDBpuW*WJw+3Z2@v%rd;egW`8h
zt6Diz+h$S1O3W)1AXd^~)^noR?6wKV(AJQ?PdL>2tJJe7O&%}g2fUOo91<0WqwLRx
zv>`Wpt&Muyw2pB0FH9*i)41GVsGI7rAy&E}k)&3*((0y!%W7k%DpM_bc<4<jENn>r
z#fEt6<?gh?0yM9MDxm|O5mwLTIvm+~ZY>hyYO2VAYwF=F@?ckU5MNXqMYfJ4?IM>0
zu^mAc{8nLw>R<l3{?iJPXm#Dzp=(Q+be4kvwn#JOJ}P??&w>-3LP<4LBqLi44<gm}
zTYe0(0vTfGO67x=Ea2#rY4OUydzSoR6Mch%Fp*ae8S)BKsrITW|FTHaeDal|il|X2
zr+vRD@RT%2HLv}s+0jgNsIJ~zw5Y!Gnmt}up_V2!gSjYOdSbZercZUvRcVx>6X-_|
z;svpxClmc<kn9tAKB$m&u%4zE0c!31?QcjnhWuO9A$d@gc7`qT&`)maP#wtAlL(!M
ze5Qa$Re(q`G09${B>@=}p&%W~7fQ#mFuvZq0=g^$i%zCp1xmqW7_(WRsl?qTU8;u8
zS_j`-h1KpRY6{mhZ8ksZAvg;FB$@DG7w*S$Ntn3s<wcgxIWC^Mo7_2%A#w5LK80r3
zI@N>5UGOtF{K^a85^Tf_2^2b)wst0Q42gf%Kg}{KSGg#nemR$P^=N(y*~&i5rx^}&
zS%U?>Xyqx7c?I8WLWW&>t|PtNQO$v97ppzKU4SflXg>n7xesWok+aIFJlBy_S$QAr
zIC882wVnqF&B$KNH_+W#Mr8_-3LHmoPEOAc`+LXdhkFPA>7SjS?jK%U93E6)0?Vm7
zSX66o4==wxt=2t0y14X8MUVHsIXrfayk<Zmr>Tt(XTTG){P$SLcdhi@|9<cI-C-Gm
z`+Ip5w`)&Pje0{dq&ko3;FwHETnm-@UWMuOP5=1t`zlWE?`vtp{JquA-0RchgTwR6
zd|2llgs)){O`>Gb(bwLkhRzQ!PT!sHHz3vxt6~~$Se-L0Ncp=Y`gKfRM==36h3b&r
zogDq&cZU!J=49{f;e~UtP1|8jON<em1w+d#&V~TGJ==34gVTH+X}ZGy%@4~>lwQW{
zdy+-hcU4F(zB@YWUmjodzdt-bdi|e;SA8Q0K^CRCqwoFmqqEBex~%OmjwU1_jGbll
zN+ZpB`BeO=>XDPtsM4kV_UZe4V!5ier;p0>H!6G-=j4l0(|PVj8Z>Q%0^3?<SWCkJ
z8&Suo7T`P|sg7TW5jEOda-&Obw01Q<CrfIr@jnb-YL04V=Co4j)8SAp(4L1)ZSL~v
zcvYjHN3*LY%%3RFI%Nwk&bE3|X|y&^^97r`z975(INo*&%Kqf+moamT@nF{8nvE}7
z*q~q`j!3t)<cF60P|YfQPHxCp+n*3G#95(5IiX@iGxI^EDxVG)WB~R&JWx}IPsai2
zULMW=6!3nc+|QKt_7vQY#nY(!v(JUESt`$-wx{2dd(+E$G2YFf3bNnY5Mm`ORsgST
zjnGz`VXE=4L6HkvJ?$GVzts7TKRmR`@05wKI~JGa%5Hhh3vgYY^L5a<Q?J!VR2PKr
zyYUtI1_w9qaTY?5fINbb0I=yr5osWP93?k)7K7^NQm;YDwsy8_@HJP~3WuHXJRJA(
z9(>7ZFYm$YdF=YjZAdczmgGa~Xl!{?UV>?PQ~ufT-OHQuXSpfY8*OR|9+B_n-NoVg
zl*BmGa`jYzKR^7x&@P`!dkAGKR$;sO9l0x+ZyE-iYi5=iS0*6NY<`$EShj{$JdhWm
zoPei2W+eL#Y;kpX=pqx4_hhIqQVl(IDx-yFO!e?N&X|g4;hZ%qu4wbjHL${*Se%oX
zV#h%M3;x`73e^&B-q5@AV|QC_rs3>VE9T~8eSoRpf&<AeWm?+G$ZHQ7lOyqd*t^{S
z)-xyNz7oh`A154-W7gcH4Nnu1G$HseLnNy&wm!q@4MXW)9G-uFc;3G}dV6^Ku0n7d
zcq=DP7i3MLt$m0^@#)Nu4bSg2Kl{f=hbNbd&QBSqOAXndS3~wWo0mEAXXyKO!(B!w
zbmmml=oXf`nx(F$Ze{&WZge#kYv1Ef#gDGR%tmAH6IVPLkUov_$!Ks6YdE{kr=x^2
zA$u-cxP~6*RYpB~(%>gBtE>1Ee-8RB)1mWEa<M!cHpCj+<1&Ycu2-{k`+FxRr<b6i
z_&BpNm#S@6^U5hH-(6aRrGjp$pj#^F=2XzluWGZ-k>^pjm078|Rc<xB*kjc?&2UX4
zoYT}h?xG)41vd@P^V`JR?ai%<d!~7tK_&N$^VY1In_=4Q;Y_>FTPo@P1WG!+L>lyT
zGl?|L)iiC#d_1+?tWKd$W30wNjdN@JmR_Mtec#e6)NXAKWmy60Q)$bV&ZB7QJo@>l
zxt`X2bbdXTgMd7NmTO9jkMgpeU-2|cYtukl>X(-KrKNu92@Jrj-S;F`U^el8F5Og#
zb6G$+<>q}JujOcjZ0a#IUC-ex`*9UiQ;_|b^JGyK)icfBOiHR}oW1!i$fhEDX-4*E
z)=+(fFd6msUDXH~b1Hn6K`)l-o@LOB1ynr+piiUdS;od##>Qyc7*DC%nX&0*^o&OY
zQZrETXa$d>t)+Trsoq(tcb-ALW9+>rQSO+e|9Mn9B~E2-#g3cPd8}ff5vnPN%QU5c
zv*gEA=uAQJ;%CQV%A9AJu^ALO&o*Q8D{-cvc&Wnq^Qv$@R;(<?Mo;7MAW9Zi-pJ}p
z)y-0M<6KnFskl+Se&T8y1?JNzZB%P6l}!VV9<8pKqur;_=jisIN1IdM-P7rEWFL>#
z<S1A_CnFsN^CzUE(I7p&7uN5n6Iv=^mP(kV66Oh%Fq%9(i3+Bm+0UbZv3QQT)h{lN
z<*}lC14NDFd72pSDEBedE{%v?l!0AL<?_*IX$E!6v&_=`s+LB?E)^|*UPX&s7>lV{
zGy`8K0G~i$zgaBRNqc{Yv%Gy`WR`v+70GO>kp)yDQxpz`qQQVkjB+nczb6?J;S(I{
zk*83LJP~wrt4NB->b7pAgztckM!0BE{_N?Zc3$#QX})q~09nf~(6Nh3KMe?QHqiT(
z|6SL&S#I%;t=+6cyI=fX+j-Vh_&VNx5;^kU8(-arbsXZ<)|Q$;@UPQBfHrbEiX8yx
zZ%xdDBgOqb41a{vhAj8MlJj5HO!~I_Dikbo-d9SOQ}eIs{QU;sZHVK#;v6aSOT;>-
z86MP-=n2j`adf5d>sic>wM<h^1z1j!fM}2##?`KlV7i1~`0KhR?FF16A;~t-3!`N3
zRoMi}t!jNy*Lrk~)@X*-hL~~rN7nFuVKnj9E3dDkn0V_B8L(*H=Y&`RTeDOusP7c@
zJEi)aLhsuKsH#}^YKk~<zQBu`X%buKEl!;iwsu4A7*HohvwSa3hj=R9+6&@qs!C_t
zkV+YORjC)|m%63aJW$6PTjSLF)^5DLjy$0q5X%eQ-*>(Uh9tP*wS#e%ar$1=Kx|0I
zafq%68sa1*oT_3b6%6Q$P6g3|%=@CioE)10Xc^n~-mjd7Rd!|mgXd{MdF1L(>_mln
zp%m|*e3=wY&$dWZ`Da}s8pz*!fjknBM=lQ)Pqwr=)awyWVSPO1@~Cueu9A65zt(4)
zdtK=&B;g{)bFMDc_3yp79tX!$9lU3fIe5geyCChYJ9D3C{Ed;9>qLi-5CK{#B~ZQ2
zu`WC_dd{#n&2U}ppH;X}CuoY<Tzom0&8gN{`wlxLHB|t<H(-6HS*S+ZagX&WeY@rY
z(P=1zK88ANF0g9c&(Oy*sHz9fA(M-Xt_Fcz2;;S4xFLeiAw!plm`gIBLcbhC`QFgH
zJl#;{0CWM}LCsJOM`?a{5M@t0m{RX4&8jLYgF>b>Jfm5DQtC&m(fCK3q>8kP?Hp$V
zlJn1Iy)>ga4QSj$m-}b+y$&d2QEGJT=RsQ6`QJDHzVrAF#^JmjygLvb7^Y{cr?b<8
z{?VDP<Gh=`jz}C<?xo?am_U}}d<-+7oBI8&CEUF<kMz^Lh5z%}P1N`IInLixSy5<8
zC(d;z+Kx^xF87X)`)9}R-W;7=G@~m}YPv>@HDSPs0MmqdhP(Pvo|dP;xgg$No;}SL
zo~dW|ghCa^ek|?8GT2YHdLIjV%~D)o5yBPTIY~m2k*uCoeDk`0et2?lcz$&9Mp=V6
zEP94{p7uJO>8s6$e*H{!TxU=Z){mk}<wjFOtvG;Goc$fqYSRez_l}Rh+1vkaidB-`
zjfCq=p2r-dS%y0A*vg}s2G2$Lwx;%~=*{c?+1};17yX01%RR@i*9Jrre<S^N5_#+G
z6z4;sM{j8N`1DQ17Ivm~V>)otLD8<03eMPc6P1;%pPznzba8Zga&+=$u`UdeXqKxg
z<9z)de_Hu)rUG1rQyClsurKPI7XUIatTF&=v@x;`;Yl*#1C}&$&Hf^`ggW<KHQ0Lj
zef4fje(1Rgr44|A1wrmhwBEj1b~Z6XV28RP&fNPnDom2e95SMX&^b{cF4yhDjiz}-
z6C4Ygt9}^=+BLQ`y9Hj-j9f>zww%Y`6#dB(FQ(p5&o*e+O{iZmUZ4HYr&+N)pKafB
z+VsWIH3{y5n0!m=4J(Ev-&)-ml(ntwHx?S+6PgcJT2}@yLYW}@P~f+%qhJda(a!mw
z2@S~wiAj*t%%&Z2l#FkE{@rJ?fM<cW<%Gp-&;X=5vN9yqJGblWD2Z~=XsN$@t(oR!
zYTG$YX-o%q7b#z2`!r#Bh9jx|s{PoTeKa|ZNe1bYSS?zOGP7XTC_Wcrg^Cw|cU%)`
zVx|`29Fim4fd(1DIT4gn9#p+oi2UjhzQxtzex(8k<HD^_8gJfLqwt&kjBx7g80ywv
zOo~6%K*g_<Sr5%}bJmuh#|Uk@0b2c>Kn4A|Y>ibcnJ6bC<IIAeJ?mI-ES#@u&WXwo
zgGVWwUsWzFtL3UUm{W{~7FweG9Q2(HE-<z-AK*4$gNZcw=KA_GT9-AigBRt6GxNZz
zHk%cDO?#_2>(}TnO519tI@Rm^`8H=AV^>=DzEG=hP<+Fr6u7C1v8fAzCOtAuCv`Ru
z@~iWEewPyDrIWxbt$5RnQ&-5v<<fqPBQ2H${Ktto{cBD@B!Z#t%!<%;Yisa%m}RU(
z%<2dGg5@gL$^Cuj3zX1&$mL{dKw?k03mavvsnJ1{yd@)=-IeuLL|$YmoQ+5rjYmBs
zN>^xPQ_C#+jT}d#$XwUzm9&Lu<f)Cdtf4~p4qmZon>JZWG+IfN5i!jMWA4#fTlIeK
zLt~n;#WX{Una5`)cKk?VoX=Kcx}C<t{Fq`;ir(ir5~f;SOt-q2V^)m#?7!2}YmD>a
zHr<$ceA+kmcN*K25X5!%A2W~72*CCnBb>>QM4_VK8!F7UWyH`Z3RGI*k334>(ohyM
zUOW#AE)V8*n$cfKkUOFiSwqytTq=g5jf$?p>MLMTb1wmlT<!CE?w047XTb<n<t7UP
zHT5>{qmVE=Q{`^J!p4v?%gjanE-;`Gpo`Y&aw-^}50~Xuv`knhJ6J91($m^iM4^ty
zGF#PUn;Kn=E1J=4scwmsdaE?wpiQ%u;H;{rin>nz`Ik@d$#4=3N#>7e66G|Dl0hdJ
z;w)#{_Ae)+G{!k$ogf~woMah|30Qf~+Q;VR=H~9s4*a{hxmo^qYqPuim+sD&FL%4$
zot>9kf7#sH?ta<*3)=j+Ll@7O<v9Dx=A-*65AHL09HMP@g#)Q?6RruSc@TWm7un&u
z{XuLVu}scsOwPwKVe5_-#*7?ldaH|r$aoVaVGkK^TR4rRzj6;jZ9LA0G>d)%b!hwM
zE7p!^XVPtrNRBys$;lJM-ZFfCEBv!4V5?qtYKQ{X>F^~fFkTd0I8O8(2SuBmr7!lI
z3Rvif66O%2rq9Vtoc}bgdAg*U@xFR3*WK<6;D21$_<4cT=uJk)DeIvhJ?|&9f;<mJ
zNf-s3;Guj-P(U++_RfybfEO&?-k=}7Kq+~dx1oG)nD-MDoRI7a3Jplkze2<f{zn|K
z9Ln4qrqk7Hqx$KadIMlKZJxejM$nHxm4ac4zkY9Ow0xfXS@8V7;+rHH%*F;xIsdym
z+uNn{f9K`a?(+P9j^|m<f7hx0jaWg89qx-9p>oN7!mI%sUva5i-qi|>T?oU#y&&L%
zPODiZ$gILA_63QawE9TKhH+wxqfA=3R5`MW@~MHTD=|GY*RW;Ag_x!i<E2jfhK2U2
zi)&B*%til=%l3H$z-jW|?$*n){I|99<&yqC$Mdm_I2JeI0En)mSjOgf9Z7x{-h;XY
zVlnVe%(G+CZ7GTgCK}b_!kgF3!)wh=HSNRY(>h)RHtwey{MykD<V2Q3=9s|+ih|O1
z*_1>oK(5KzZNDMPEVx~?hSt#sbhW!flE55Hag~f2qSxSaz<Qm|ki?@l8+Jk(FhRKb
zieB{x<0vE@90Y{1C>ivj*AB{u5kv2zI7T#y@6daiK|F*zI!4$0Z}<*P!Rp0fh{S5l
zDT;FQ2D_r*V>u_F2Q%Wi6rZLM(E`bJC`KO~+DQwwCN7OYRPJF+2i=O7@;L!+u5G@b
zo58MM)ByNmpw}&)--q*<|NI}})Ny;=#1Bk4|2MzfF6)1Hw_m<op8wDBIL_(0G;=k!
z4$hNV+rj<e6txc9i#Ztwg$*YLMEeKjNHP4NsWBa%nUE~B|L3~>nZEybH_Q8f>*bd_
z%l-cxPf3n1^XT(!<vEPUAH`RHN@QZDjr;h0`mvsQ_P=4T{0pOrKPx?$djI>fEdRgU
zeYw5d|IhK<HyQNb-`7gwQ^U798+>9~;;`~BS<%l<W?sxmW?odO0zy^3Sh)0-P5UL*
zU(6nVjJMKIS|z;d%~TLRH-xxW;MtQ`=nskyujx1m`Fv~F#d;a+MR{>OB22FfidQJl
z#)k4(Iv!W0H;AU&Gbh5;zrxE0-_Yeq0go4$(GjrPIt;@s(x4c*Rw@x&6EcGgd0%92
zDI-c?sIH>#`{vJ2<Ct1LAL*Iv{3mHl??xn<OZz|d{NLGn*)8k;H@i#wuV;A_6|TgY
z8Z&Z{<D6WN;|r3nS8swHUP0@#xIhU4ZgK)RO<6~?0|$DQeHOBXL%I;99TdK{dc8U7
zQ(iBpB<R`RY}SP0aZXu)<0u&z6I%GNr*RZu<<_Ns+IPD0r9+pJ5fLrr+lb{fyEA+Q
zblqwJQC0b$i{XxN9t@ACU$UrL$BwDntwDA{;4bnE=VTz`DKh!XiSRrFU%Mtnk|LpU
z1jef7k9}jbz;Fz=0hfmx4Ueq_IhzAQg_&_IJ+L$%lHi7oM^ZcF-g0F*SY*Uu<59W4
z2H)aRcWz<S>RyGOX<thGx4*%RfLXpbMVR&0o8h$ZVnF5e>~g_2yKb)uSFndUVXkgw
zM|8ZW4-QxgKDaIbaXK1X?Ks?l`MK~kfe6j%5Pm*2#xh{4IRm0glYKv9oSq6CK1n8p
z1FzbC?q=p&e>dYR66A54|C=QwCtx%sU6gzsXtXX7R~_BhD<3`!6AyLv)Y7+<h7KCN
zls!K7GY|g{)_wj6C($)wIh$Dsn5O^lR`mbdUv4k$KcD5fzjt|8oeD$5LLE@?dy?wG
z<>vg%pLzEGkl-*TjQJ{B<%|Si%Kq<ey)5tloz2~){QoQuC^cCQI{P?cIr3P}JmeX&
zzsKK+UyT1U%=-*~9<?~6!LrQ>IwOeGDicgc-1S)^jZ`!WhA|*OvzYO?8qy!>x>7M>
z(oFj3tcOl$LMmeR+(M}AicgBR6^DrOI`;ou5%|+0CjOEM{D{w7^gqROT7HOU3jN>S
z+1f18|L*peOaAX!p2yMu2GwDiB)iBaUr<FENjnAM{+4FZZ(MGT&uF+On<v@tq7uew
zT9T~mdoD#KQ})TQr)m^H{F70o+S>>xctAq`N(O~LCo#c{wAE2tTQN#ljuSa(T}?^;
z>L>urUP2-j9n#jNp0{r_n~!7#lRSls#pDbJQBnLmGzfD{_9#luUFvCbl^SJaC44)*
zQc*@$B6$`C%(_c<RTODzM07DVAYY!9=hB;4YDbiFaiL)qBOjSz%yef?AC1bkT1TD%
zO=q%oMRMG=(g_I&_a-F61M)79V(AxEiwoC~TytAAZU##hLpS;{zTqbVV&**Il?M0E
z-YqywK|21_rpOq~?=(Ly2x=y$VQQ|(5Kkf%R#^S&nNfF|YBe#%e_{@E9{$fx-{H?}
z4$#d1b-UY}Rr|j$m-c_p@(3pwwR36{!%T6$d(s>HQks~LB7NHfo$q?zRrhHw`|XyW
z@#??SaibxCU3M0;0C$Z=j0DOpJ*~+=Il<5r1A^%@_zBw+%s$p;>jJx--_h2f@v?uu
z%l+m7e!NT3hJINvB;hzFnSE_*y%rwM?fL{e(|f7Jk1)Ebe0z%if^in*cl$KS$*mnl
z-2AX`;LI6d7*dw+#Sv!2m`>y6$Lu@JA_~KdF=IBmE1#ysou1kk{A#D;IIiUKflp_}
z7kkL^deB_Q<s1g(OayjZD<`ztCcz5OUMPqyBZVqQVD|GOBZG+L*&XLiG@)a6EGMJB
zw1McWGM*6@y$MmeP2U(*MLu!WWJ8RsI`CR-mIBm=huULJ0gzJ0S@OHaG<c$LjtA)B
z;a`HHO)D$_^h%>D%Y@GecLfyNxW!nYXEct2y9Sn^SmmN9ntk>HIvU|}&+?_6(eb_#
zl5~ca`0}=QaKnJh+Xt0%C|5U36G4Zxf@OmrHNd(Q%kGxk36~{=j;zS2E@hN>hIyX8
zu~iR9=VR!U-_8c2d$30SWE*+kUS6K{&rZ)TOTA6Y4C%m#BWvH3MJF41E2QsgDoz{J
z!xON8dwY0!ezbq#hF8R3nYN?qy>#kCL08s78@h(vg$9J>42A_fQ}Y<^IycFq2llw}
zh;kE`N7WQC8xCu|D=+FeB-F$up?YqmyEOxJ6C=HSdD9rV-#hszEulnUuB0f+N9i@2
zeejiRY2vBmOnclorvOn+WCp`C^QC=6#?VZDCMuXI(2QQ2qftKsf=aqE{+Maa9y59)
zCz)DSGc6n|koTWhY5RoFBlN#Bn*&U{|9`n%*8lEoE#rSb&vRdm|Ke5x&#Wr^gf9M{
zSd+Y%9e_)C{iB%$I4|%QpQXAB{Q9*w^L2hh6Z2f|*EjPAx$2*9fap0cmKOwRRx^NU
z&40#50doxPlbFfH4F>94p51(4hBp2<#srVx{}PhFr`e64f~Kv36`bb(|MJVS|NrjG
z?&gyJdyeOk{GVI{LfP7mqfwL}C4-DG?K@<$46-!eN=00E!8@Fo4Lt?3=SKpLMVP+I
z<zqlcoUQ30amQ@;gk(=B&$yHxpzDl|kZfJEQz;EEp5s=!XlcHC+8Qx_*D1!sc=$|R
z-la;8_tBBYxWtJ1P*Pp{vubkdl+7+h^R=Z{^ovQa>T7DSubvW@Etg`unb)@$kOs6o
z=`(acx93H7r>dHqEeb&6%-1#R@P=;Eqgez3oD1bLQHWvI6`OG!&v1)=Uy4)ow3O`d
z(;#Hzx#$?N$yiSRj702EVVf8vYz5&srteXhFyQjzv1WK{soTqKC&hYqa5igEMch_U
zj^i5<uH2ZE#@-Fux(GGR>C@2CCDHuEWrIiX|1*05PvQT!HaE-s|I6;qGXC$gJdZpz
z)f%YL{XUH!?q_8WtT6KN?1EJfAHhDj>b*N7EZUt|G;Men7d9`}7>#4=5mqd7ScI6S
zb&m5+pN$KOCDSf+)AUSsYuxD;FB`4<X7J3Ooxj@oG|!>s^ZPuHKmTRT#r1#N-R-jf
z_wLKxrT*_(o&~Mb$^vn*eA)rc2xaYnjymPzUpDkaT);e_YnDJzRGWbS8|L|1F^@DW
zN8wy-iACj~pGQ%{T9{Q)Yy(NcltzgP^Rb|v=6pa$Nlvl}*2k&(ZJ(r$tE1VwU_pjc
zav6;X9qXgsdfC|7kS6K~?m=jBcq>d>ry)myz)KfB56LWiQUN|Mzu3_8n2E6bs=9vB
zn^D#BD9mRB)?}0n^s+QwEd;_Z^a|!edaabK9!k{3doCX`RHs{k{y1>DJAV$MGRH&%
zFKcQ!%r|q25lgo6vwP;^|AgXx?ifH*_`jE%yF2ClPurWz_&?9`l$j_w#fsHav3_32
z4|{2J#4d9Fu{K4lY9o>bU8!MJdl%yrGy(EXsBnav);O!FI7??|I3Hf#rL%XUDmWYG
zY^nmek%!eaBnbuug5j88X)DUGgCncy#UMch2EkQW4bW8qzUfMEDaWfYS9#-W+3VkR
z9;s?I)}88#*eL-Ns9cPle&R6xYA8>t$y4Z=Nq1M{$WnAA98_f5A1=noQZE{k`#3px
zLk&E2YnI0nl?y;8<+nE9+E`V==Qrap*Bpz*sFVZMHoMYi<5;j*HH2_TS<X;VvE=t>
zmD1LM{HN(1TXhT?=6PD&Vevg_U1{kto13%Z&*Hj&+N>6<xcB&l5Mq&+(#@5`NG<g&
z6<36%(yptp6E1|VaBxG)?v@ou%tNSh+a{@K)y1ri%-9deu9de4CF9YR%I0O#Z})9q
z#h2EA>|_Qwj2>p~(y_U#!1&V^p1+)e$4`O%TI}P7eO71$X51yuwlPgYyp-+!kk35w
zpR{_KYVTWqrs@B;b}RY6UhZry<-g~6N^DQbT+e;0|52^qJ^{x66VKmOF<NV!!>BOF
zMkOoVX&y19#b9d&bbE(2%`I#zIBVdoxga&I`R<F<n2ilw#Wc7%IJr327JtR47c=@R
z;k(j|AtE^;g5u}{%IW`M1vHLj=d7L6qK0YUS0_ts)z~96Ip8!bz9ysaIn5TQ&LEg;
z9^U38OR!;aQ8p4^%+zq|Rb>!IU}am1#W8J`ZqqmlBDfO+`o^jO2xhRxoMASdoaLg}
zn33GNEF&`-lOD<l4yP=$CG+{Qp1JtHL6qFeWOnmh0!-omcDq|;{r~pX*3$mtS)REw
zvdd-Ri^Y&;^!83JiK<<NTsa?yb<<#RKp>4`Pvz?7M3rRyG@}7wj4(l5@HnSm!*`Np
zH0#H7U{Rw^NG2VYhjg5y_c%*L*)$4K_32D-)(LPhBw|;H|F_d9{JJH&n2;oA=w4Ag
z2~t3lgam>e>~3!Dh&~=fonfA*x`sl8?2qJu>}eE@M4)~4wJaLbLI0X&Bb*Cj9VKY>
z#}|1tBK?>KI7X1-0q0}(6MB)65zR>-hhc_%{d3Gn#((@eCM-v5FE}Xuj9in9Wb3PP
zOu*6H-l;+Kb7>hNp6=$?Rw+)_OGS98uS&%jNgTyq+J&yh*Vlv-Cu<Vu^|f6LCZrEn
zB29Azf1{X8NX%Y!dt2y++_C;|G$F4>ckpkoySX_+QG$a!nvhrB5RLF{pGCisSKZBl
zM#l)JNT6z*4l*1P^rDzx{Z6j|9e7ZF`C5NiT}44mnSS%2df-eD$&4mqNVQN5?yJoL
zp$OrCFZg0*1BUe1!EaG&;V=2x`qm#sNk1mZARnUcP3c=eM`<5$hPFzdU@?l{Il0X{
zY0Q@(P9c~AM@8osJi#o;qBOT&-}=S}s2VV4ml(z3gHaId89KkDWFY?>MA!1KG#Qj&
zo8auOZn$B@K!J%6^4?w?9ikt*{_aoz+x85csYROihXjWtL*G)CqZdQUa-$UAW*{GQ
za2gq@WsQkbO{JI#T!ALG(}5id7Y5s#o5oZ=)V0nC&Vu0rEgKcs_^N*$#W~63<XMx&
zOiWpYX%Y}~+ckh0M-$R<KndGrB90u?ZFj$}lrWI}PHii5lQq`Z*Za@47aOa}ndLo+
z>2)G_k!f?FLC_%eNU~GyQc$!Bj^PyA+T29jn_H+GPAj>+*+tu%Q;Xr`4!s=JmAbkU
zOG@BGybEZOXEZje;4oAu)X%^DGvEyNVVEz*Da$j0N3s!d7)@&f>iYYlL*%97t2hcg
zv(}tjpi{R8ie+88IunsPbhfgXUg5YM;5?5DmxmB}(2Z9L6<f5ARy~}i7vrmUS?u*Z
zZ?*IS_RFN((cBU1%)&i&q=d{mFj{97TQKc8#B1pr(E$W{t6!He0QV>h5A5bE){%IE
zF-^nd!^0<y3wae%g9|>96P)9$v&w&{zpX_TU86O{X7P%I1BCuR)c)ds+iU;R`-Oc7
z82j)`I{3iPw-1Bp`a_xwK12ci5R9`AgWo=|$$<a&+lNuQ^MMWqALwB6;XSz;t-n~e
z=nO*SHjOfMGRx=hHc_w!lacpXloRy-?0IW{ArP|G{$d?<UUbn_M(~X>tcRBQ?@~nn
zoSu2)|CEMd#IkY9PqnLYI3Uw9zldjw{NLT$-Y&=g`*LgP|M@IWNqw8r@IX)TH!#KJ
z+aH(y(^0L?0_?0>^iOwBWLjO79nLFw97W0A1V?dUYhk{rb+DYRZG8JK!KK!%ceU*=
zW*$HFZfB|KecoqI`maJx&t(HJ&Hul<TlW9k*;(p;pXV_QKi7<G-Zq1tva}KhAiKf=
z|8Q6&h}y>~zKY@~j|gk;ogGQ?&)VN&hCH!kI+HF0G3=btPz5&^_g`Kmi?>~)I6v%q
zi=G~f9|ol}Q(?l97|6WrcSIU=)vWi_*7yHeG>Kv|AYl((<Cu{a65(mi)Q3YB;8=!T
zR3*635oIJi$Y^R#lnQWjAa#?B<RXCC0S#_QwjmCYgT4L!>Gy}{=SK&JuvqrLJ^kTC
zU*7H=AGb<jy?wMAsB45(^+pBo)-TeG{z8JBg!)auBK<dmd^GxJNZ%*#aTe~K9Tg3z
z?6djz&^siJ=U=(hFRf7uB=DC<XZ!Yxv!eq8P2*&by<<e4YuT6|fve~I?Ot-X3J2eD
zl#FldzmL;2CL@yMIDV7SamuWsZ^tZ$;$jG3Ppr?(74({BS5b&?7)Hqe<wJrXru%?5
z)YkYOMM)2JwE#B4w>`A`^5yo+7DCqydVStbGlIj@B)&VRG=Ck%L}cGlXk8xapX@W&
z`9BFhO8)oFmtU6izwa#Nzvp@GtMPx#gx>1Zx3WcA1#TmjN67%_?mAjC)TNcg;9fcj
zy!E;eL1!*X{<(^VHj45LpG|_}Cp0TG+c!-NA8TVcrK{^G!Ey8($y86piv^7t#f{}#
z8uIf9+|l}|_eygs$m2&BN;5i%LV|FPVuD$YXhLLFG@>Cv*EB-~E1)<LG-f13S9j=*
zm_*NwzXAlsaeZ7M)~=(Bxwn%6%euJ|Y`3EZ=uweqtjPteluSozq%}*xa+*Q%H$zEo
zcFLmPO4*Ji9a)Phy&0#-n{++oIk&XuaJV%0<GSO!vA@?PUIccvC&zPi+~$k6U35I}
z?vYq6dApV0&Y{sU+qM)dGpT5r!zV1Q@BS3eJp5lq;~AnoR-bA5pO@QPW&ZEwmrMVT
zXL%g_A7~|ljNqKud>?!mGjb?-zH=Ir^@>+Gl)~eDNHdxHq2eXND}EN7-N$t2keH|0
zqZMzJ$<s)%m3k}+Nr1C<VV_iKyeN`m$syF1N#pS#N~+%h1YmmkJfDwa!o;Cn_O<?G
zl#ZNb!f7P6HG&2Dah2TWB!RY8f0A61VwzNuvPL{2s_cYhSE`&SJ7%QRjtK9A(2vs>
z{!cY-7oWz|yO8*!=lz6MkmsQ&38R1?AfQ<aXhzW9*^$sLmGSzcr&F~vZv%Nk1IRoJ
zsXuxHlJl?cIZMO;h$EJJP8?ag*Re8-l8#NgWo=r;2}#dlv6|73Keaw*R%zbz|BBCM
zGMD-P)cgPKO8n>TZg&~~=UE=tU4}gS7dzL#5ewu`f4uX}BJ<`cs@Q<Tmdc?AtWm|Q
z&c%5Z__D<G`l9!hV3jk@iK(_3U;RRYob_5hvO;_A1pysH;=lTanN{@U5!3$Jk=al7
znTP(1!`LUuWIicy3jN=F`DHo(>(-auW&YP^c}j$aBoh%S@&e|%d<GZ+efj6b0{N0;
z^1OszM72Ln@vmbd-Nszewan;e4m>#HZLLAY4=AS>Io~`Y;MCRb4oL!2LHfzEi1Y9N
z`87b(_`mL#<@>*_?$%QO^DK{{g#dBf)c4?U6eaqGPwa$sy9hrE-n{N#9PYn6Kf3%+
zfA8S!(MkVo@8aTz)ANIV|Mk)F;apXw6h1h**!$-Auzz%Nba}LQEGzGyAMRZqot~_h
zlp%45Q}-37_+pQ&Vt@1$)b5YO(mLp9t(hl??FTr=UR9$0v?$=8`<aja&zSJ3^h~q=
zc-bx6|8Fhx|3A}H;{P1^oZvnj?7>v*(I?OF^a&Vje2lbBb0%ss1DBeetxNRRnNX;!
zcYcN&<~KTi4w&BPoKD_4S_3moXF+wlK0_j?g;PIiJ%sIDX~TO=arh06aT1WsGhs46
zG=UWx<rHl8yV)<=U2VdBeYIJ5{kWDdKpB1xHk#EA%&!X>_Y^9iTm^-6PQe_|6B%gf
z=u84^ym-6;Qn{B)k)Kpt;Mo0HpBBtLHb=IxN9PxtE2EeuCy&V`h6>MS!SL7az!Mrm
zuv1U6<TX?yk;T^6*NYz1OXpzK$0-n6V~0zd!`qZHs9H|>Iuq%v^fW_WwLg3&wFUS;
zEcCatvw>6P|4RO^?cMD!m;B#zJZ}C^s_1KOg33If(*5IcPDlJN`~4-oA&H9;s9t!z
zxBM^kL5Ij`C|cJA2h-#}KMseeAo&Q4q8{X<`9;T}x4f2FK8|Mr`aeD4W9gYf|984u
zW%+-5_sb>yf0oBh|38V0kN-b=|K8ljjV+4e``=%G3LMJWmVCq}Da*3WigSL7>?GP_
z$2yXo>?v2S2zG;HN6ki0qgyh^@~Qj({g(HW+`?J_8vW!;k&_v-YBCmy$HD@zURaOn
zGx(-O9sg8i95>=REu|WlvVmHo!LpK#D;H_}L&`FKkwT2?m0n!0*y0~uUUAOSB=FA5
zH4@wJPo-0xG_z{gRZ2kGur#NDQi?hH1nO=3a0w|ZnGlzkzZH~fRn<|Aa2e=a!U>B*
z>OmlGVdIueygtzO_1G9}NmVuhynHvCv$-!XvAOKj{sC1v*CqvxXSU%6tO-whmC()0
zg8nHAfqpIh`Snx&tR?@aG-Z=46l*$xERp}892{2ie-FOO|M&BO*FBL!>Ble-Dd~t*
zbV%ny?ezsqJMufT^Lgb<{pO^}OD34rtK^EYRZ#hiisq<t3H{z)Ijo$<v9Pp}9In5_
z1LYs-#i2C-DP{y76-Do1^<|xb{0@0txenVhm%$mMeu!0OG&ve-u5UI|e!^0binRfJ
zmcJF$=TIv~@wZ^UGE(7%qq2YU<IR|NC9-)BgJ24%*^QGRO34HFokD>7JrxY<$#r@r
zXa?wVXAb}oGkWmkNMv&x5Hm#{3Do^v@Tj})l=c1B0zr6PGfG!Q*C%TOVkWK`Y$+_I
zNVGqR58QTcY}>ie)$bGxz51S5o}$aJU#dcLm5rH~hOYeoBw{Ip2ov=xAkRihgGg0@
zbWfzD;+E?-*4^5g+*})8T}?h4sY}fLTAEi<$7&cNG`r3d7HG^W8%>$kA@fq{11#7+
zea)g#lSQMLYNRQ#MNKx1rVI@$CwL&Fl5d05<lG>oyc-R8gVY<_Y!nR8{L;QGsRV#o
zsS?#tA*$hi*;R_G{wZG-%6t5*qyMGyxWa!++<wU%OW*%1`M(aI4xW6~|L)^c;!1LJ
ze@N(@-SFh9ss86mb)r^~>g8mcXjT>3xie$o+!eFljPt9`kiZcY8PM`-gRaj)ma;D9
z2Ive)XUrx%VO{tUTpj`*?ZaO%2=kfWxszH|Nfx<cX6jV^|0STL^G^QvCq~0`)-fsk
zvm|`cQDrQa;}Xgy%y0;unBU_*d+}iRX3A31?P4XNZo)*&Bf;c1u@sR>x2vl!J@3mu
zl7I<Gp&xw8lJGM*`0hUk<d)EzEAp`Se-ZN2yLV^3PfGYZ`228B&GvzG9>^Ix<i!ip
zIq3I01P$I_N%^1ovmyOoD;4xI`hR#-w*MVHIs8ih@8x4Fz}x3iX=fu_=6bom?9iGs
z{q-1)NvqhH4_du{*CmnOFlBO0!eN~cxjtR8{cCHoWUFCqUS{j}QtoM!dRqN$rH)qL
z=v36|Pm_pR4<G{lpo_tO|DsH6L;Al~D!66z|KMrG|MzMC>-*2WeEz!h|BuWw_iv<{
zn51lVDbNs(FQ5Jl_T#sIRT}&yKU>iMl~aK&mH!XQ^#94h*Z7b7`TWb%|84S-{X4ON
zt<sgPhtNEUnB+PQX~foxSb4`p+Q}V&zs9Ys`q_~FuN4Zog#P!B4$Ju;pFBPKTL0r-
zKA)<2Wb29dokR%URe0XUq~R|@$?uOKZFc|fH2>e@!+s_I*V89o@Bh7gR(=0lF$>HY
z_qUR?wjl~%O6XdXrf3swl~Qd)(JBrc#VyqO`3a9w_A%A&mxV7kO3{Hy<MgD#oKBe=
zXJLq5Xre6WLxVHxcNnPrZOg`&n|8>qA9yM0$V1stXR}jn)d=C<x_L+<?wi;Q#Z9bl
zw$F1yCzBuwQkBv~|J4xitutG!IY-Jvme_u9))#B9z<A@;BvUCx&glCsKd=)RV3QZ=
z$AW>E%F*vKVbegQ$pSBWIVnK#h~v)c9^~`qp5>lZ-!$ezayv-nxukJQrz-Ntz%I|1
zPBGJI@18f!$ME=kP9?GY(CP6w?Tu+FdgCC1e{}XqrwhsL6}v^3fsPIy!*>qImSA~W
zbqORzID?Qz>}Yvm;jWaw)g>FPkjSOf#FzkEJ=>OhRThp>>FK5lt$EDJr&yP-BuujT
zRPWl)?3yM2&T60eESLXW$s~hm#1ppR9Lw~-Cy&eT|NTM#YyQ7``RtH0nx-s?1W7r;
zZ6-G}7LjolgisGQrrs5uGT}Nq<lQU~@MsH3n8b{QA(0#&9YBL<x(^|tX>iRTz}otr
zM!vH{A~pqXLw4hYO@fciM|$%=_FN*V5x4`#2oi}|Lc$<ouH(MExV%Vt!kis)!sl}y
zkzY<Oh#w@vai>Arga0D<jywKm(u4o%FJ{x8{Ez-qTt~fppfUBXvY1SQkO}9JD{f-v
zkvpbW&LcOS$Ihew<Lr=MXcF*Dkkgm1gyUWdkNeDV)uXZF20o)bY@hJoowvXK{ObJT
zFF{n6-~aPh$1mT!a_9cWbF|+7!O`H!lhXYkJUux4TL1lCK0Df3oczSXIe~}@$9Y6f
zBazZD#F{-fY)njWjU)*ut&tC^?{B-xQBgBto=kgtj<d5veq<>*XE7(I(S$qBXf*P8
zBzVXi$ySII#R&C%qIwcJkg!IY2I(vty8-XX_FX)iR^Kf4Y0Bidj&pgz82Mm+L#X6n
zTFvvhC*TkG&!ueC+XH8MC6f`Kdl`76fU)}$mY`6fOJge(z2hXnAF!;E{1!<W)Xzro
z7vvN&nlHNQi_x%(13gUMN@GJ~0hhP4L*7S06EK<nsfT(j{A>;BvpD1nNGebTL3PQS
z<Bad1UK3&_VRL@X1knrrn+ed7O=2FgC>4YX!M%W{nylxj0qnvw!p4w`>x!odg_A`i
zqT`u}(jg>cq9kHBWKMtQ3AskAgX0{lFK`0&wfrlZGO`;6SBzW_+ynP9>3&D958S@n
z-z!w3qNxNWVI&ZQMotjPmC!U8hm4F9Mz16kYP^Us0B}yDjE01IpfdsZJLDZFhjMtb
zdmQ=Xu{$_$2YV8KfiQ5Xcn*OV?YkG`KsM{=BRr8KIL_aBMrQOHm+kwc+nw;lgFhEM
zO9*UO1_;Y{hayr{dKf;j5D#PFBK&-^Bb=-q!pH8w2Jk8N`2p@rq@qL?xY1l95<B7@
z-3Jgxw)$^$v=ND^)G1PykQ*vU!sI>ios<_loa^>3Ii1MWlN-5P5l=~+uxrVY!vzs6
zh2zpN*FK53+Ab#$c~}jPG!~1auQM`q3c}Elrvn72NTiJVvS-s$;J~Bje1@90<J^)n
zgOFvPTk?_#F9~80qn3YUdsLs-{oFdY-PJ$qwB4k=)zi5pBOR$cTE70Dv-y}M@>WC;
z*tM+vXs~q9CVY`m%>9>vNHW--?=yeOQg<Fi$JaCn={RJge4aDz6W_EY^B@Z5*_=?_
zv;tQYgquLt3>W?QKB6Vas&LVd09O{(LiPv1m7A7F_B<uH@>cbuZwFV-FE7%Brfj-s
z7)stR-INH`wrzAW`b0YEB4(W->6~+5=I=p_>5$KD@B&<6aLpnn#96|}thF_Ht(p>O
ztEpMj`A4{<$n+yiJ45n`bfg9+fwZGb_DM%7f1M$D-0%0vXVM9xAPs2vl7)0}!8{)M
zqBA5%{e99=ktO-JkL9-$8iZNG-pvvwW<2yeLx>0*5p}VpB(TB?Z^^lCy3z_aUEt>t
zz*RDuHv?8Y5GDJ216&>B-`p9J!>0%P1it}C4D;2*{#zauyg^C8VG12~+63Ay0c$Lu
zkTcbVU>0*JX$TQaBNB68*nn+wgUUR=1!1SMDKRG8Wuudk&%G;_xB*`kx&lPn{M*<$
zhsaopmqAn#**AbIrPF1-ZpqtgmL!3%glMh1!2l$sQ*txoAnYT@4}>j&$FZiDyCaAx
z9y2NBf!sOTlZ)7l@7aqGv!zSd$Q3h6b~(^;8t%2VzXP~pV~Ah6>9VPcE?KgU(dp!8
zo}ML4u&9L~EQ3ouNHt$u3ocbzhwOSZlKZD$Q2ad`t`EO$gfT_u3MD|==p4G{8Qop=
zY;HeFldP3ztpb<ioULQr+PbNR2~q_$!et6wtOr~HF3B`jhYLyu+<@|_K@0?8km24p
za6Rj9zmGbDXUn<QY(dfr0E|cQ@A?hR$6gn>0$f(bg8Ff8$+7Pv0kcaUOac~yu2qI`
zOFB`l#n345okm!0!rnT-TSNPilq9x2_quFC%RbhedsA$o7OrjBdrftlrhQaiV77-w
z3jvezP^%og8eC`#X%#z8GLiDRwwf#*{chm$meHD9OqwgtmuhQv^YpA9uDjUBVsV_B
z;cn&hDx0Y#GNv5r(~z<1OLl{aej<{)x&e5NaM{IgEJYd;*YSyj@8tC5xxny8=IgvN
z62x&0T<fyQB7e+l+%%ngy=}Uwg}@p!#9i_2x>`7+!aT~PDG8{S6zhxYY`S+kU)#kp
zK5<J<(1DZ^-KSNIxFsV9J6#`509Uz;ObabN_Wb}wQv(n_dQNykMBp=zCYA@x#+!%u
z;vzi`11i`Od)BQyKLWyEh30`V_a6$<W2x7Z<A`GWt<F>sP32)-T^1DN6uT@NeY<_s
zaIL_5G&}{~a}CZdgeGPFvn7q!aQ)eMkA^Fz>1>INYVhTGEKZq^&-g8H^|mmU+Hk#V
zlk0Q1K#=E?cCaK|XW(D3HgE;F;6Ak**(&&weZc3l0j>`nP{+IMBb~>g<Zm7gJ9lwO
zC2>2W>8uIj99U=yC<H1JCoE<W2-WPGB@0-Ca=TJ*6fSu$*dz<lH$?vwL{sv?!;`FD
z#PB)j_}2?^{Q7${;R%n@gohzZ@>khB#a~whQ(-;z(i_p0Y`?2z3P}8i{d?C3?on@=
z1wQMkmG`W>-P=)c?78Gzzh{;AGv)Xy#v?{}LgqYSxMUVV`WyGI=w{kV1PWX7?)60x
z;|=Za1TOXe%@)HPF0>HJMlN}C{C6p`n<q5M3N4*Oy(0?p-3u~s2hSw5oz4<ymCaW<
z5iYkKot(Yzy<u~nER5@+Nu}2dgLzP3fLqc{+rf7U-TayR=KU4Y^KoBE$Y2MqwBHIY
z%WHSp`FdxXt^(bb=Sw>+uka{$ti7F$(S8YB+u#f6-Dwo0Cq`gvmKTE5lI!#<yppxF
zsY}9nS8y$Z3Fo<}h@5Spt#b2LhU*t}(5)NpmZ%@mn?mXI;Ec?C5=1qU@`h(DhwJq+
z;i^Wyl4lEiY-kirSV>5}1Kr-6F+U5j97nsnVB6ZRo(W>Ql3nznNM|(CYS~8Gvjta8
zlG&zn|6Z_aN>O>XL@L>%Pg7cGzm@!6PU7Ao_r25dUfzZ5j^b-?Bw6>!%1l4n1GwO)
z^*<H3MDWixxGsW!7U42D^FkWTEA2;v{*S?(?4z9=zdRuBqwPd>_R9%~csK&?V~y=?
z?Q>SeS1I}Js0deOAD7{4E2o0`l)lyRZpoQ-uB<e~&2Pvb&KdQ8O@frYjXbt8A*;gG
zrn_2jrN87Ep$l4U39fDEmkrk>h-eu6vz{F_!IgI^w;z2VonkWY_}c5n2~Qaa>K#&#
z!kTk0)thUtmi*t6SD?};axXb!9ES^Z9X$Kx#I3C3&hRC&@mZr<eM_*gDJ3Es6F*4I
zGfU+fY<Vdwa0L;H$+d+4mYfzzY9PR^PPN^aY94YUj@%sG3#F>6lT?!+>dsLRPdN$Z
zal)@*T@#+nrPj6ulW1Fxq|2|RoL}$_y3pSOtCzs$;1$6p+mjb5xSq`TP4tqcw2iR>
zngIv<#OKk&RO&2DQDJ@~#i3ac6PgkTPs(C)3(;720#}Rw#VwIdyPj;@1z?PPrhEyC
zz8IT$T&w_DjUUD;kl8*Nw`4TV#A3|Xw)8Z@RqKbb9Ilj33++b(_wm48-<7Ztu3FcM
z<!}|<EVfh(>fow%tym6M(amC8XNm$`E#`zOTvA`ESQ5y85@k!+m{Y8)7#xT20+TXJ
zC4lgOhW1-gFcw{}$W|0%WzltzaMa4LX%e8ZKc+&U<Fj@g+g2ftt|9RBhlE#T+cI3W
z5KR(3Cp1STo&%R$FnsSiK075o_XOb)`S424rXCgR?2=G=gnOcwun9{f8|qD2#1hG!
zZSy6KgWmPP9X##ru;}`lCOB>PdeHTF!Z5@H*kVe2meL>;E;%W&dyP7c2Z;jo3|dX0
zq{Zid*^%tdm75nvErbh#`C33V2mcA#*<>i#)0b2#4(g30<+4BZeP%2T)>)`uhNLjn
zWwgJCyjE|xl|_gzwTchF6<1-h-M4sZ)vO}#_GehgIg5OjEIU`X<bp*4;$T*~_%!m-
zP5_Z8s`?Mv)vaa;&!#i-A&tYPpe%lqaus=anFg`Aq>+D_CV_V)dOMj2qG>msv2GfN
z-ANXK=CHT7D!oyQm!PW`>DNJY)%HyCJM+>ScN!s=SBnvM6Zf{<riB}VVg1dg%X*Wx
zeeS?P1nxVC>cX_&%9aao{bHpX*aR-6+x$UrwHpBoaQ#>ZS4D^3%J!Y59M)OPdG(H8
zv8W_`zfty4+k;J|QX{EsuO09#o32aV(8#A!?%gNBL>pG|5nCtfDIG$93rWn0F4(ey
zKPTq8Q4xk31XJ<F#@9CfoZ7~WqqZEew)16DLzGTh!wdhCEw+3_RCe&TlivoH&Msa8
zYr`Xk%5a!XgJthM2-g`lRm>vfRB{U%@@R^$v-&dV_FJ8MDMYXIdUtE0-ttprb*`|B
zG!FMRlPB>$hAfe%c!js9DqOnr9RiiVDW<_BXnpNzhRbxWZNHW1Z34W{RPn@S{#dt<
zs<W<BmWVrtYZ=0B$xG8znWP$ha_<zbC4%9tEdm-%LOqzFfG2VUZlQ4^Tqa>wwB)(r
zR?~rpg2YKMr^%w#17TaZ>Y`yA;DV;Moxqr*^g|x}CR_zql!Ytl!WBTy+QKjD0BMfD
zaLI8P@*6=|0G3l45t<})A=QCTn6D@g_V`TZpb%U=6J3!mLbkV0c(IR26L=Qi1@{yW
zbCp061nl5$O}Xv5qDz%+kPKeGJU$~dOJ^)f1Fz9dWy{yWnyRKv9QfT#<yepku=VPt
z<Y7yHf@pLYIpy<k1nFM(NjeJz0j&%}?q`f#u?05lLPNKp(82(CNmjpHfVCyQJzLu4
zmO4V_^H{-&O|MBsxVE|UOC2F=;ab5da@z--LP^+G!^9c)S3%UB!L^EegNAEG@6kJf
z>ugyZk($SLaLDzSJg7*!&KS7XjF>FI6$TULExeHZ#CfAaPn2m!H6=6IR=XQrq&hoE
zoUn_O$K=B+^vrCv2&PnAiJrdHtQ&JbuTI>fX-d6WcSa*WWJ%XR*=5%(N_#s#n*@>U
zBvN?z>C(vW#t9QCk99AxrxCQ3X9}u`ZI3}3LE6Kp?g6N-{pcSVU9>+4)q>C%eOm>g
zJ^J>RjIM&4V44Je4;U%-UJss@sM|6;#TTAhcn0plk-L7VR}EY(fwX0~mIcyo$y*9=
zowdZ#mf>0!NW0~mkA`ch^JorNp1-nn^t-uoOA`j<aIKIf;O^i;iSK<B{3ByO1R><!
zDd6swTu2cYgrS=IMc)5>`oG`5g1YuUAHR8ZQEL%}q&kA7QWH~lA~1KUF>Zn|RMu~j
z0Vp7mq2oNp#rhd!cuAG>*%ey|6!6HHr8kU4wq8XezsD1zvkTt@>CCpN^MuT^Fb(36
z0fPejIvQ=4N~#6qfnlH_ASMrjfuMU8yLSUsyBSTqnbKb52*7cu?~5L0FcUp1Io6y6
zk>Q=UMF{Jl0WqNJ3I>vd(K9E(6qODz0VycNjAx;5@=ckig`6#4Ld%sb>~&DVYu=~|
z71-xChHV9MRtFL8g4zF(f+#-_5J`w9H)dWi37EfMJ+{@&#3giL2_%SQYuQa$k2%66
zZ>3&%6A08Z%rA1YZ)SlvE6fxKl4KF6E->ksL3wwVoTd*2p`qX;<^tbnQm)`#kmJ{{
z;ZFoHh(KA6iYI=BhvPcz-O$vVy<zE$Tj&0k;5Ty840E;lEM;DrUrrTnC|vTZ+}&S~
z-<|waMXJvURln&+_<cMM7q4HvIwL`f?I6}uE-JtLutgCOA!9M@%28iZR37=bUKn*$
zyC%&LN(TB1JbE^eAqb5@1jq#<v!C0<g(NUzp3Y!C`HxKyoUo8n|NZ&vA~F6!ve7IF
zrBI#QOG^qR_J!wd7Wpv`qI4e<l3nvFM(9M6B5EB}9Rw<Glgi!*eo`|o(&6KNzYjTa
zs6P*)9@z9mz~yP|Y13#Ar|i@tR$K+~IW#C-ejt#jjt7Ep@UQ@3SgYvgum1Pt`}5a8
z9_7E^yn6T3+m{WmkU90P10jfl^cenG^b|v$1a4MvTBX{FSq2o{Q9Dj0kp_1W;|cF#
z0^C4AIzZ;bLyTD|q+3Zcwr^shX|&LzqR8*tzFuiCXYP_kz-vVL6{7I+P=dPf;ILvK
zQ(@xV64_uIT8+(F2F=x39ckfp7F-u6+D1L9g-aJ}05h7xi?&PK?YGNEQiV&;0W}{+
z`8+6V8ADY;Gp>L|^0DhyxfNVInFeM%Z^@~z!Qsi2MuET*7xMV#49VI^#gT1Jypn(0
zQn)5O%$IpfUh`?-(U9QRIe*khn?jY!lFfVr6=x}2ejwzDdI{%sB=4P<2G>#~O*x_0
zJn&TzeaQ5A!&e99m!MnA9=a4R$ZzmIz^ris0F&QfHeATrttoa95b%zY5Whd&#7Mgo
zu0kxwEz#$<E&Gl&IvGh7;E%YEc#y;o37<=iM_i;y=A~I;1B)2cPopU(D#K)IT>&C=
zM?@v$42N9EWe4;6<!$H<-L$@1iR>>cl1WDTE)>78B$(8`3{`ly>_O5HB2R;fevpvU
zU1gF;#R2gkiS@ePl1&J&RkW69T2=blrfr$l>nS*87|Uu`5zsc}Yc+7!RlqFx3bft=
z?FU2bwUrnE)Ie}0k9#}}p-{UG>24N5>X5qmR45$|j|S{O5W&(tCCx!50j*=H&_y_;
zy>uS;O3%;jtIFRLv~KxsW~V)>-Z80Gz=;haTb)Qb;VRRg;xHl&B7MFAQQ%V=C^2}8
z7{S$0W)`Cp#waMHOtWt&fv1zXh-|DHWDzic8EZWZV1Lh2dr$EoB+TSgUU8XCi>g)r
zx6}SDX#eFb0L^%W+|$+jdps6A%u-eNLqY)6L9jWbmiWj#`Fl|pm8$5Jr%HiUH*XvG
zYPIN!8eQ7B`&XlL5E>L|8|8J%^vc@w#jEq5kKer7hriB_FD`z4d;W6&PBiTT+G{K+
z_iswEwbwe;xu`o^g5BMz&&H!|8!NHx7<VV8VjHdv?8P=bD~U0>`NqiG*nGSqsOyU`
zIc#@tNVb9gm*XXkc>I?#DccMCbJ&%O5d9U5%NE3qY|*-gU(m>G!x2P5`m*c>-DYXF
zFx_Hph6|^d6-Kgq+Zdv460@!~+V~we`3tVb)pGacjcvkBaMi2kOSoDN&k8(EH(u)s
zmH@2k<*RVCmB3t=pXHF%Yew7gvm9ibo9%KPswDRQ^*CFO(R#z&UzW4w3#*s%@1L{T
z5Y?%BCC;Xse=)v>0C*}#VLfNFE@Z8~cVC<>heL9spR3_2ZJf<u`u_M@PHI->YV-7u
zaWKDl^X`mz3G-Q$1~e4z$`4aHT$y0W-&lJJJ%sCuEws7Rzy%Q011ATLs6t0a{<Q*N
zIb1On;)W-F8*CfFr3Xg1^j}M0L$7yv(N@{Wb@velwl}gi-ebkRwLo2AZ<|qwK&`U3
z(6YO1hb_2P*xSwED()@9wQPs+$Q6QU-S*(xTXL*_Z;z>^;E?KT55quIng#;IhYH0g
zfzuc}V2T~6rprPHZd;B*`=<^rw7=KCovB3Y<pnp5eka9RG+fPLAQgNq32C^SA`BX?
zs4<?wDq5ic1L}c-+dgJNh9F-fbt+$1ozcM@s7d24;WHFrA&P<{^|T_-^QivZNf_QS
zQSVFK3@_%yVj{f<z(HsR*po5!T27=5yDkC{`2g<u_s1tKzS>)!O@PaY`mIUr5iUW_
zd5F--e~g0&D#7Y^Ddj?=AI4NIA=3r_mVbVa9fe6zrgdDX+#7j}l*tZ&nhEww(ONl5
z1A|i{86^ovH)_52hEB^LNEgJZ*!*o`{kvqGNwEpl3uKM3`P2|HAG+w}tL!6YI(Z@_
zRds7lK`i1|%S#BTQ*g%p0H#1$zYFCLugXyDf@)JZQ2P>jQ3}%w60>9;2uwar1-W4%
zMrqeOTomAXFW7M$A1Cvs49`;P#tOW;9YNUuZc7cYri^Z7?R)KBAURy{bRjqUJPVuR
z8VU~?rXYls5ExFN-TuRGjmU5Pl;E-scpZ34;j%Bt_Hd~R$Sa6p<Rz#Fre-qQPt>cV
zPsR&7*M-tl3Yqy<ePu_%Dw(bl_h`XIEuYS0DkK5cplYcE+i#WmOR|9<5;|u$Jh^Jm
zUHEIB15!Qg%g)_|VP>Hcf!>lT7vXBnT?lQv6Ww@Jidb_?tvAeE*aB5;-oi$xbn7x)
zW15Pd{LdZ1)sVNa0j`uz>wMO3$>@6E9&Vbqum-OBh_Obvte`Qs*nXQ>u_9b8ky$lx
zwFYNxn?!=&L?NgCOWWzXE;V0MzB?phc{(m|w9%t>ZRe$&sI|k~0#{8+x<7aRxte9v
zM+@GPb3@JeWGM#ke%nv$3EnL^$r34$NfNd~WbVeLahoA35xaVbngewui_Ve|^L6y(
zKko#t3bCt$t1V#nmW-adPakg@tlI=vC2Y42uC{>PErWHN;Ho5Pt%IvAV0TLbZ0@)&
zVBBnHdRugSG+80?hoBN%5?{Nca~3ixn47<2wbT?QC4;~l9?A3DA`f9^ebs!9&Cv-w
zPWW63N|_)$W(k!)Y~$`-2Uk>noU`CE3&vN05{Q97^)d{R>fVjPNy7z|Dz9nn!|PA{
zhD_jjDoVozIm^+cUNME2P!kt$OGbnCl&|Z+)m-T8mYiw-M0@(?(aEScXK506YszW0
za0ze5>P=3!<N|)PO*U#?gjDjxB3!dHZAs_17F=nlvRKueuWDtgamc+ZW5v)<X9li2
zFwkkZ+6;%U^U^Ms(N~}QTqLp%-rM|sqV07RSnKyuo}G8WobfCzNfPQ?^?Yc(SmSvM
zgv6LG@=TyQ@VZB<5iY5ljae8(73EV(IPe?pbFoH(fP^Q4jM;=I%$zq@L%4F5sXCbO
z6ra~X2JhkdZ!16+L{lcP9^LwIB@7>Ae+q<@Rmw#KY+U`E&BqLiHSo|U=NJiuSrIr%
zm=psG?MH(xDs`)rXpzqn*2aQzFB>dyAiH%F)z9XX|GBIbduh<6oT>)QwuCabW!O$v
zN-47xOiQ$Ffv7IOOd~|?8D^G3q%1}~_5a=CEG=Nxr=4j4b6Mh<rC>_UsP5IkG-(2}
zJ_}6)n9K6eECq9!;M)jhZ3%(~Fmrpvx)5qGkHZ_fXe-uMcd486?cb_$oGiNTUeg3Q
zS_$$^z+A@K>cMPGzu%Z~zY6WYND}@cZi;VV#Y||GlV%a)YQNRDaDxlcmUXBd%vDkl
z)q}agNh>DcBkf?8{)`J5`TkHa+X{2HVe=<0QldJp2%rITnNU-Q%_QKkc{Rn?+Q8KP
zhzC_(*8=n5!wt@+Dp6lsk*Zm=Sx1^FgSqTYq6N&jCgWiRn|5*dmU=DAz+9%wEdjGi
ztSfgWN%0M7ys%HenqWTbKWlv%XaO^&$&{sM1z_8;sli=y`!@rV#_?IgQ||G)0Pkbp
zN6&Vv8JPquG)C#Q&nP%~ENM~&Qwf?Ebw%fH^C}0~*o0wfV}dr-DolGc49C>F0vFkK
zFgLjAZTUiP3yDzb&S`C?&?Tta=nA!IgtsIzN?-{{l^KEvr4U{*7OxEEGEK1t%!s8o
zJh?)t)rG=Tsyz27r<;`gY&QcJSty7XL}Q*sK1mZgnFJn6XFLkgVOKxMSfwV!hIF$A
z%vTD^6~N?KT7)y@OQ76Pb8X8PiGDPu9GI#BRwLr-dRHrM`Uav$TkY|CE;n8TtgZO?
zJ=YsAk?@x4<M&)}ym%E>GU?b!tBO~|9N6VaX4ZqW_WIPo59x+peFS~3%pGsZOI6qs
zyq<^`1}23!VA$hPgr#2BlZ01-zlKWH;s2wg*Fl=cGvycSmK@s;*I-oEzhc$`>>J91
zBfqwygpiaf3$LPDo=K4<k;d9MSp6BRfj`j1zIG5xZnn=5L|s5XqDHHG+Ou(3hdCIa
zJ&?U_X0~+V!s%<CS;_;Ih2N56t55<o0i!Wwa5B#l2tqyH714otadGktd{4cr8=Ckh
zd>+#@7zbgInwS-jRYT(0EhR9yK|=YM$J~FYB2xfA*DMk6hQcJU19$M4_?!uOg-i*8
zYN;}UX0`I2y>*<OogJbQmYe+scS$M#ISxdTX|8$XKE}YyF~4SxGa8K+bRIfZ#gL&x
zR0$*bFG74ir$IC%>QyC(rY^(DT#wJ8Ny2%0nI++nbiUb*m2A8xhP~c5yV!kCX!~df
zdcXvi^6p%UY<wvJ9YS1>qZT0NR!2_#K#0`D1p?J2oqBlW@Hkp0pK&xA6|ux8q*B`q
z&|+5>bDX@$jpdl9>xQ92YOxfV9HLn6snSYiqi`KZ10zpsU8yxWn8%ZZiI}6mZE?0?
zzI~P65=&j8N{(PDD8L&)bq4t9UDKo&24jt;p50DWv>vKgKT+E#Vbp&cg^MB9H@2qC
zU1pZfT52lyShdVV(i1b9Fu$pB82}p(jVLG-&mWpUyV`yawdkAIvNC{h=oBo*Gd$&F
zqzi+MT<x))SGl$;s*m=ak)Ca|Pez^yMo=PVWJ;cm;P7yC(Okq*JotepggQ+ln&4ME
z01B(`gGMHgt1~K~NFLRl9de4Ll&l3h?|`~d`9CsYH)IZxt#;uhzfg@ysirRZ9tfZ8
zDEOQab$#^>j6)hJn;?aLGk#+{*{L^E^H|3}pGI!F!Zi{KIYI8hh2IhKyWr7~+&Y@7
ze{ymP-?74VIzz|$#dTfluN@+JM95MG!$Bf0@P04#u!l~AG-RD2>0HQl8wZ`vzTGGb
zeA$GKJ%4cU_^|k+;vJnK8JMp>!@s;tq<mgo>yC-1q{bjX5!yWb+TJNYNI>*i*uO(v
z&ip4ewj9O2A-ysXu0#zq&Rt}>BBh#+OYqLwWJt8pUo#?)&+Yt32decnV(F<rB>Hcy
zz31QLDGr9#vp@V8@~a>Rt^1EG@UFTT{yi*>KRD<Qp06^8`bHCrmlv03=WpM<diT?-
z_ZMb^z>l#4PNCQ9w|_e=w|~vA0tL87!|Kig$JK~S=#4uK(pfgn1WP;~$-56|lz;c~
zXU^W7ij*Zbc1zo(*d_V?_~O;kVd2WZw6kU@DOXi}<q<Kp4<Uzvlxau=dA-ssiO7Fl
zy!~07pl|_q-3p%xbTfHOzo&v79TFCK+-E+X)m`RJUGgJKk|5o4j!DFBNK6wtXDLg_
zj0!SlEGl}5W=RNC!=ply8WK#%f@e7mB;%t)g(;PMf&C++p)i5X=)a+dVo{nba`1fS
zaf|{I;H(fZ-*``GF%CdaIq?H=<vOPm^v}Y90>qABDM2T#d~#rC@N3;9YIQJnJ|Q$p
z^T|NqL3|k`IF9<_`0NyO4k=$jl}1pa5r*bcj)n*zZ^q_yNWRtQY{9c+3WMNY_h|1^
zobcb7mv-f8{@fcUH1cLl^giLgx`F?>2jllX$^V1D723a3B64vEc{m)?mSh4Qhb43m
zdk>Z4aFA&KU?@EdI9ZT4?=RlTLz%ERq#hcNzd86p?Y=#Wim1S=u}=)F@_W1@FtCE6
zxIcc740?W$9OPHW(We9tQXpDUCMW*p;0HN%jxTjF5mj=EZw`KtlgR(m(-_3T4b{a%
zikS!<JZQ|iAFZjqF_v#%USBnyRj6O6r-IyJTajo7D$)XP$(uvg3%Mm>XeW9oCH*KQ
zh*3yRSt1C}FnX6qO2BrgG9%DDv_FVi60^Dxql~B7>X6R3U^YZj__#@eG-Z*43=wlx
zf^Ot_Oo&1}kV{T5DTls%rJ<BE!h9G2joO$5+Oe~sCn`}i^HtIt-*ud0k}!|Y=PdG3
ze-4BecX(vYL}F&`@;;<hAPMs`Pix(#zDXg6ro@#~97*n3mL%wvDalNn@R%jxg3N;?
zfpz5hcPv#UPnL&cSuz-ngI`cK8ItRPa}`AXFwZ&S%vnk$+myTunI5`z8L>ORNJLo;
z6`QN1#T}B)pyTMluAYgKxG^NRU5AhluIv70cv<nLm@G)`SEVM6pSdfT&|>qO5(Xm0
zdt&NI^29n;`|`|Y)0yI+>VPo6?*2H9_lGRKKjoBw^%uy&3#37{ZVy@E_DI=4#n8Fr
zy-=9}1S9g~;9UETPKu>{MeGbvD)WNAQ?BEvWHXYTOXWpwE2dPDgWGAYg2+6Hf%1?B
zb7tLOxC(H!{e57?OR|h9Rdb}WSN)!ehAvi88mZx_R59O*YY({3ckZ{wi1?i=u02=n
zrwhW~>dDchdUj!Li*-~Wf3Qud&@P624`iY-^QfdVHo`QwRY#S?38cG+3rE7>D$g{5
zoLA>^0Oy_@4vAtYTS{X|T#|sM`I$AZD=8;)8i9kGJYW{7$zy-0?@QH%i*%aELzyQ|
z0}6Om4mldO(<B74h9KpXC?^j^T2xJKIV2CIp!ksN7!@D+|AZ$)(s;`ptnB(y%^y#@
z{@9fuE80bf4LWLi)*xlA<IRG^Q{s=UHb$377cm<e?3u4YcbG4_`iFmnU4J}$a`^Zl
zZz5PSB>uRYFzWLtTtGSz^D}r0vHuc0(#y~veIkbB;l=xyB^R$G#?R=32lCs8rseN7
zedP+qR4@q~;@Q@xg$U=|msnS2836J4&z^dI=s_m<Mc1SHUz02htwHAW<J*`;Cp?P8
zko3upArRM3+{6D_Y<cR3Otm~{Y3cDOdP6_H4kk<zm?0S)9`@UY)_Bi1xex81_aDD_
z?mpfp&-;fjp1X(gA5UI9cb~|A9KCq%9_>TZ7lXbvnw(R3G-UobH^$*-hkQHcJp4|X
z#^n~mtzv$V7Vf=O7$P@w$W{`$dQ@PiO;^;unLdqEsk+HQKPV)iYu~U3zI@t^!R5&m
zDP15^d^IeRyd7m8vhHP9rQ?#EW3ONbvag7J>)>uVb@!^~TJ4Z;@qX^>CoTWGg2O`I
z$0g^gg=1gH9}^nSf|RulXkkm<(b7oz;!al>2{|s2H^Y^Z+{cAfC{fcUyBDaE^Mrh#
z@Eeim*MEPySD6%t8saGVoPpHTcrqn{@2d23xj~aB(^H=eq<#hZtj-Roy2H=8xyr2I
zJ4u7emW)C+wP*cj{c0~wAq<(>mosO=OlZhYOJ8{n%Kd=ewe(SW?hAbkxpGRk4F$%Y
zqD^E>Mc_f%Y}F9HIL^{p&5U_t!)nXD-q*uw_0(7>_dKg&rxs$69_{p3Ge&)uXbvKO
zKFNQrj5epql@dDPoY+_94gCn3O$^6!s=5Z^rER!{vF0@X4t=Zy+LUy{8jnZU3~KD8
z9L=v_1W2{&BEJImVHtc&tVZ7~Lk>CvchJdyPeTFwqhFtjU;irCe|*A{w9vrX3xJA`
zf0vg~W!5dOfkj@jh(Vmi&P^OO4TYYn<GOCA@B_THxBmDywkZB~T@);~;}NwSqNH${
z^n7jVR!x4{e=%jNoT>JUs#<nBO3;8J7PjhK0IY^e2lZ>GEHpzpqZte5I@olCMmd@m
zvO<dTR?2xGNoksoe-}Cp6vb;;W=Y3!l#WAk9S4#X-ixABNx9u7JXM}ZxR<}pVu(+>
zFa=oY+F0potk{y2*)97OwXRneX$T4{BBb6G{GA2<&}=z2*&!@QXG($K$@DTX?>IYz
z=U*$8Myj4~lPQv!KwRoqy`0(#7WtP6n+K6E6&3Tn3OM!_Loz^it9aU_+>P*>UCx;h
zbjoZ|c?Tj>Mi*JEYPVe|7cofwVTwu_$1$NAB7tMno2g-Hjva`13S{g)G*3%j5K9_8
zBoF`lzyDjSMv$y<NFILVAIJK;ESB0ngfA61PT>&<HUQi*9JDiDuDg*n8)xrT>j-)?
zHP6=_2enK=7ZJ^U+uFE8x#;qjwOQ}xi3l{|9xs;G8s6K^)?KXhysNPsh;pIky+551
zyk@hZhcbfilNrBZ*HR?cbrgm2D+q%$4Hbd)_*|9a^U1DY3>~QUT*rYOH3tD1SEgdW
z4gFJB6Y`Pm<NkXofw*<CU%av4tQN5H*E&WF`N2F(nbf?29#BYWa3cj3L$b+B?qzcp
zp)<h>1UzCN)4aH@U}-mtbNb!YzjO@};jO4!pzweWP9`i>G3U5y#ahr&QA?m!iO7A-
zMsC{MW5R3U?slv4*)<D!%o5R)9WKGXsn&B@T)>{|{GDg8jo|VDTmxT^c|!hv{N}Za
z;j@^iS{~39d!z60fdU3?dYphCs}B?KwYzAw>tQ9+T-xuJHD>uih|G}IFV-{1JFZ@r
z3bjA2Q;$v{=?y0$WwC4}@Ay7g(IbY}MU7Cn-s;$BQj(t%IjW;Bdz6=cE2fIjolS8E
ztFtW!=?bca-b;+RZTp8ab{n?QP;lF`vBBP3v%6~WRW})%L$1W!cw5<LV7`N+ql3ez
z&-&e?Cr5|f!zaGieRlA~>pmO%%s-_5^8^2J&QRqo^gxy^(YYdLJw?w4AN;iSR;x_*
zHMDtmeNqV|v7TD)k%UdNkS5^*pg_+NO>ahe{*k`L%F(ryTvd~I^(#2Ax=8tfo=p=v
z&QBNkwJC90ax+LK5kM+OjWC*$aTbI=J_%``VbEYCS#@m(H+g3)_cqar_Tur+AE55u
z@l8)D&s56je1M0s3mcakJ(Zu9;VjU!mp4+q4_5DeQ0@JA_1=$*y$iymK2OafD3{CT
zUgaUpL0oUlVmF8Adw|!#8moHURm(GI*>d5LP+dr=T`Q;Nw}g2txK@&T&K!V7DA}*8
z+gL5Cx|sfyl@I;dA-}TmjPon<{`|E{wl@h>vZzv9bn@=hj9{n=6CRBj@p%RzEt$Oa
z;{;<R)E!IXkW8`&)GD_$R?0p~ZRpb{GWzt%&=As5OLmp+)*&wW{CPw^e|}gVAV}rb
zHjjW#m{xyeo-@4VSScn5gEUYO<7Kas$)b!z6De#wBBxQ9=e`FQE#<Le$%rZ@#v-a(
z!2qhJ>4GbV0|^=?z|k^+e?SV>;9Aw%1e1^a!C2_fVKd>}^4csyP~^l-Ab=YgLO~-?
zY#AhN0AOqk$i;)&f%z2_)kY;GDCr?Amy!K1AtTo=z*P%C%qaz5C>=)P7DP`;szDZo
zmFYh64|pNchOrFl{qLi1HWV`A5i7(7AlKs8ERiZ0@<M10+a96QBA<{z9jN`<D+Ts7
zn#c*v*8iC2Ft+%R+85x42|5=B@?iQ>MiiEAqt6E7K`#iewXYYP2gas6rOL9XD*YOc
zJ{)N$M~I?izDr(7J_e|V<+I2qS&R?)1>|UjyAc0SxNu5WHL2H?!vA9_p}M_8L<Ik2
z#$cnJ)B~Zxle+GWHdtx`MMf?ZjCX%z=?Juv8IAl9Dga2qR%DY&psCxOixhTFpx69Q
z$iczy&w!?E#c*-sgiV5vWLKZ>J;ynX2v2-Wx?JB;^<nPR-A6aWVXtQe!RW!h+uO&i
z+Xa`-luId0drtx%b90fRCH}^8j7J_)%+R8Gx{yd>NIKCph(02#fPd;3Hn-R<VQ~Jt
zm>gh8dJhIm`(%Q36E<ZZhomEc>o_Lt#}JDDwd+3GD@P4oJrgEc$Y<A1Ti{b3)l^^S
zNgK*{(EdEbtq0qKX=wy?a}c~NVc~+9Og6@(ZaLfqQJ`!Z3RWos3UdrT<fO}IiP+dO
zT%ZrVot#ekEZI}$PRQYF`PqWR4q-NE1J}VyC0Y~GDcQA>z-wG7|8O-f#z^gfaonoh
zqMrax3m6$TMyq|GSvqqeBT(R7a{1S9`SB$$^!dfO)XPAA_2BYSuJ==qrCv`>*^@ml
z3*+=mpU?RK3i`DN!4{vj6Gfr?5Cry^`WqpKT6XCS)Ddgt-EMbHuO<mVSAo+7aJo37
zgL2~AnEoSUC5I%l>LK|SHvhZw>hm99HK&mmW<Jwod$ki{uZvWA*aqvyMReiZDBHUH
z;^!rcMr9lX!8hPZ)IU5#Cj&c3t$ja{I+)lqI9(>hu(A##vE{|jE>fP*DI=#*%9087
z7}-6!INdW>y6*B*a&mD>{6vcT1Y#i)mL>ta&d-pZ>cjCrvxJequ?6`BOvGnuT#Hgb
zqzDiSXslP;g(vi`CxR|cWe7r-%65AzZ&`6b5Mo#b&q)^Pnd^`Ws+0({!h#T$hITy>
zxRR^~+&rpO1|dqgI8M_f7-uQ7lpq{Uqv%92uld5PTx&ZK_t{xC4g)d6MW3_Du%yb-
ztLv_pFdhB}qO;s-ouGi6h1s-w8mS#FiJDB;_WO{qIZs(3VM`EAYxl1`|6p$%^0AIA
zIDd8g^35xE?(Za7)D5C8W>d5_wUAArDg&5PURqTlS%KqxzsUWA>hinz%47r4&a@mN
zj$#$${Q!RiVS<_q=}YQzf@q-+f&3|$&dBjK4MM7-vn5Z<BJfT!`kbSUV>cA)gpnkR
zEGd#uGLz#_dmQ}^WE)NqQx4jYs2@szbw;4ENjX7A`bQPpjhG$DnLsKVSz_79QHH2v
zL8RV;W?MO_uKp?*R5+9**J6qdqv2|9=)wW5L01T!Q}pT8qI3oNloLJ%Utk)B(B$+?
zsMd~lTPA<!na=90f^W!3D&Uar?(^r-2pL*xRpA2=!QhssqjDSBJceJY?Yp#1UsX|+
zkQu#<8B4^F<S=yg(uU9b&kuF85aMJnsqcf}OCEeWd;9Y8^z3t?74@&>gn~6TloE11
zP`PK!fBXqQ7=Dy=b2E4k=#r?3YOW9PTs}v?-|rtC9>V|k`~C9&_xt^W{}>!TeR4Dy
z93DP7_>ca<;X!}!AEbXD2*^ZAlmF;%Jy&^gf056p&tDpXub(gZX}<qgj|F-U_fF&&
zz(qEjW7++Gdi1z-|NDcd{jc}`K0YP0jz?1(@~P|5G!2;>@ZK!&eHIy0OI?$zY|OgG
zuk_(}FUY_>ICA^lKKYgm+{Xj?&xf^Lxfqf#h_a8?uj)w3pFPP@CC48U^=*AS>pd68
zw$5``EJVuY^&Jx|8q!4pUSEbd6SFwsAIsV{jpO{!zB_OayQ<59<1^tU0X$Dig<R@m
zF`;&<O(kKSWny-g@Q=z_A5603C1rCST`*{+TNt%lxQ@i}FBXb5h95f0J3!x7rP)Kc
zIKE{$W^4NHfjcOQA*<YfON`v;jJ4nY!IQyZ<^CTY9Dcq3_wm^wFYVAZG-Q|Wf$P|L
zME-vK=5-ez6jGI-K{j~FypSfWsWw><Y14E5wCXtd^r-Dx^}ohkDGd2NK`%VWFLy%)
zF=@baoiI0azXa`80_W_I8qL{CN#gPOJd1*K(bG2%6=%k%KW0ylj*booN6()R4xT?h
z=zHFTQc559>9Z%^(bEZgHt6MZ?YtgzUk{$hg`L<YFUOgNd`v?{W7ALtjl?3>R)mtm
z0M-ehTna<ys(ONYf)(twq?@(MhO<MC(XE<K$OW4#uW6AcG>D`knSk5cuI0X1gP}KI
zH<$;JFM0w7K_5no9KZ`!68Lg2cbpx_KLoEUs!q5?wRBY{aJM(s570rq8S}1Cp=BgM
zDybsW?bLiq*?cHW4z)QtZ#p}KMhoLAQeLmnrZsr#x?&5V6U@$OjBvk=<lJbfgF*KT
zC4Eg)CoaxL0OkNzXz*EN-0PHgqowz<8|;Zwo>~$6bM1thKwt>ZqLd}fC%b-z3ivfk
zLW)&;)$$VX#oXIh>%jhcZk;P6P>)GC<IfySUpu5L*PCP!K3$^@t}o?2`APnXR|_0v
zgn%Sgavp0tB`LTbxCec=-!P&I1R&k6pDemb7VYPcdR|%>OIZ%ajCeCHSX5wl=HLv;
zhu>hXd~1iKBPEQ3LC4wAsdHe7U~9zcNoPDshh)${cygeAP)t>~BkJ&*KP&es{~?I*
z5$ED6kfJ~^SybC(f)#6;+o4kWhF0pK!L<fDi@vTrV(=zH;f-<(hcoxF-3?sk5|(=Y
zo?}`MNyq%#j0LZprK<e8t`v-}O;}@Hp~!a%m^*m-__<Bbn65Og>igg*3N&HHHYC{^
z%#@09iY0>T-WzQarn{BmzzXSpN<fXNz_dj2w^zDCm57-KV_&EM?smqY%emElXWLc_
zUa>tI2kzY8F^iQG=2p>tWN7b`Pz9DGbS~UWtPEz>W>FNg6ioGoha51bu!5HN7<Nlx
zyLQ76d((uDg)T;g@2*1c$I!u)VNB&Z)w`?f52u{OJkG$S#zOi-VNfho)SGKYvIsp(
z5}ttXJCAb1wx&Ih!)QX>Uy!_N(O19ZsiO1nJf<>}1p?{sK1?Qp$YUe`XxYb@c@QCp
zFZy|1JWXuyK&ZoGWO59e6G|SJ^YzF}Bf<mQMZ65jr_YXKC`sM<HMcJ>0cPgWQcM5^
z7e$)?V(un)h}zTVkB^?ih^G^hMG*Or8qY^778hdk&R-iJ4iud9*6N3BE!1^CeKOSI
z^XD!!c0YZRgeex(W1l})GgAydeZqDUu+N|IDjDKE=RR83H4j(Flxz(Nm~qtLS(;~;
zQ}%RB29*PzFp&z|i6&(98a6n>n0|ealtcvh5tvj_Zo+;+UX-|+@C359N@)S&ghXl)
zDtN;`J(JxB2T$F;+jj>ztajHiuM!4AHHJdIP3r7O=uEKJ#(luZcO?-K{nsJz0%*ND
z2iE~5KfQZ*cHtO4g<f|rx#G%dg*pK<G=gYBj10E``(Jg!V*6-jiIP1qyfJbH!V{bc
z$Akj;047#3EDpYGUySd#zM~Wwr}BC6**`M*d!fpI<RdwN$7CHy7TH59=UKZrgB}-R
zta7n%yim#0;5CG1>5M1AKbfgesgdBU%H9cS*xoFi$)?&#nisYicg|uPq}1V!ask$k
zm*<RvOR`)H9Ahoes|1gEoRjGSYMk+I!eFU{d3H_ax_YKG4lwM6E-=B`oL^%PN+ww<
znT!(3b;voR2}|Bd(0&L)mOqu&oW7d&XDW;DHBIby;!;^CwXJGbdw__}a_lG<jv&h8
z0KO!CE>z;0Rt#;l9DR~iFvXHBK*Lc7A<Mmdy=tJp{9Hj`c>(3}qszaoM*wu*fs2dR
zrVtgXg?Q(h#coBtjFT&mkd7lWiI^mTG+AH~Q<k6$q|{FH0<iiDD)+4k&mv5mAlttT
z665o{Lw-=6o@gdPw@1ks)#)gUE^wh;H4KU(xlf~nKtiQGv(1!nU-X<;Y*F~zqbKDi
zJK7fTHpcjYs@+8e^e7J$1xOr7r5eHtH511pg+V+zKoW9^Ta*_HU{c?9@Kt12t<#WI
zMULfuxQ;%=m~jNQ0r)A%mBECJibyNPdP4hAEncCCo>NEK+W0_G&FF)gfBrgSm^wK>
zi&`{9KaaAs)>SOsvt+c&mP^5?)+9qnGNzuM-13eq;a07rq}C`_LsW$nZb9u>gsU$4
z(Jv%0w`ViHzJ_0xZiEqyuAT{Ue0Hj)dMo$Mh~*PfyK|VqyzomK=fpr8{eGVVj8Rik
z^LOz46e_bwtZG+pz0Etsx(BLc0}Vs);KBTzAcX2wTbB38K|h}hTgE5Es&@i_5TXl>
z=qbT=sr*Jws$KJ(kW1XwhNW~`c|*v5_xOBHBY#LfbV{8&fC!Jr3rPpCxO?-=I-z4X
z48{pf7Ts|s7Gro>P$0nb%)l`UiwP`-umzP`vTP4Fl07D?RHsJXbL9(UP7w7HE<}!h
ztrk|#s;-V4VU>}B;ZLh6LQ0)x!@vv0p7e}E%1fmTrkM(-LRLVD7xK(EZgyl6B<w~4
z7ANc)20!C|_Z{y-?LK7_R)X3%gWw0<;*9&ake_tqveJ0K1wLFz`Mm^K$&#ZiEtqaL
zqEi$?sikY8P78V-^{;8<NrH;eZ+OE*o~lKiXzMP6Pkla^9ZqLGHo01BqA->kM<~sj
zQIK1-;oVwWKJY_f1p}zESURVoKt2y6OD+$Sfp8@Gp9sdP{6Q8^6HMJ`8HS}ym&h-%
z4740538u5OW;z!lGBrfC261&ip!tyW9S8KcC2D&*OCT)_s_!LcptSG&m>7z!vuC01
zuF_boM7&h98uA5~N4uv{A{E3?tI75Y<BAk)4U(1T0;{E1`sX@=1;2HE`%}6-ef_A<
zD(}DM!LD~XV`0n^;imB#Pr*yxe-Doio|N8y51t%7`TG8QAD<m^t{f|zPoKJ40qEe%
zqt3f?sVld4NcZz+XlNN~@nusxb=1CDnr?9tMCpWdz7f67Mgy?Oul(EDA-@KZ&u;`#
zDSYH&dXF6at+6mll1+U-H=4qGsANLmgn}~4z9XApeJ1?cqMwooOP(HbS}23y&6uBs
z`Z<CNW{>DR>Pawd1jDag`D@o29r4>$%C+q#BUL?B83OytFW6+lymUx9Kl2L(fc#op
zC5EK)>K_>mJ4I|YfT1nhg+0dCMyQ9CFw*&U;0_ME{SI+YXiRmWtoyh8wa)!9NcFRx
z9B0f@T8iJweSQF}P%voO+Ngflf5cbH;*ucR|8F(#hxx)Dm}hG;d_nxcOU+O4u9`QH
zzw2XK_a@nlD>H;^y}UnY#+!{afbmk!J!i=jo(M5a)B-#oUpa2H-H^rs)!OWVD|oh%
zYdk`XsR^-4NQo#^-Zxb<Y`Cmd;b53f=jg2Enxsm0>$($ChWrfPE~Ko&BPjHz&V=#;
z18?!dEadZN`*~IVto42KM0-pAk?|CoYTaUJ1xKy|k$%YNls0Qur+FovcRG??eI;~i
z91T$ZE+dtsqFKUBprQuy7f1+3N5v9yURBH)x?y#iy}deSQ0a(mEW+PuZmaiC@4VGd
zJzjky+;4;{uD#(meuwM^D)Ow1OE_2^;_j82l#ebpNb6QdiifF0dGMXE@q{7P5r{JD
zGxG5_qH9o}Z*=v51;V8J?Nra--pa=wff5A^3>ct)UJ=f&>f2QY_byt0?-Tmay0wsg
zCywD-=7}B}cEQE{tZ!H#2rj8I8fe#gdso<O)Q9c`TL{uR$SPc$t#DOz#Ask2MgNZm
z<b5N$KrRXt`99EBg3iWcJr0}Kv<)s-0?v4WSj+<n>iKKnAx$(A_>G(6<UuCz1=p5&
z>P@?*i(sks=-b?}{5+hGP<`2H9;K$O4Sch0xpBnSUe+pWNoEsvml0Z*SV%`h={bWl
z240!N7wGq-Tjb79)-sw70jY9iyxDr|3i5>%1zgg}k3)WPtg~2@jO(U)aMyD^P#W8*
zuP|fe^p){ugH=>8&Dd1{tMhg!yaabhN5wUER_cXjJ$<!z0kF=cjvl<c?Ch;H47z8*
zFdfoSzh4IaYCtH6=OALNjEpK~Ul1C{a(8Net4`azoAUTK?B~+m($aYSqV18_*|9>u
zZT74%Q2nkUKUi&qHFmCmn9cUip1Qhws<Oi_RIaTVrUol6=~S9^$Zk#F+Ud${rCT=v
z`b&0DGZ39J^VCBbre=M)JEP)nYysp5yf5o^c6X`>mTu9x)KjXXffMf)w3b?uha-?(
zIPguw?A4&Yh!zX%G!*Du)CRfTs8i*gom%F*Y%%$udOa(ST(>^^))yIbo!^sN@)2s~
zGo`kjttP5*PP)_8pa;;Z>%rEYX1Qc*&<cJ-Ww44TvCy>bG?p87(nY-HwiLmV{nwbz
za$_<_7fEs>9y?cTu?>XQl<pN<kdAhax~oC;c*|)}5gmH{cd-Ta<iCEtf9X9~Lcpzm
zru^@89@dD`nt9#h`_Fpse<f!W(M`tGTN)U;B>wx!(<kNkzbB86o_>A*yN?f?M`N34
zc{_1iti1&7qb<Q3U^&TSso~fZ?-XWn>gCD3Q8qp2A*)GjwzA33<n)$Znw9m?7-4Qn
z6h!iNlSA1*!K~e_PoA-e?S*y;je{RCu{-(j5EC0c{H^HjA;0&vtE*0642`Z?G8RK{
zrv30R6Rgk^o<1<%XAP@oSr(v?zr@0`fw=@$9`Q(fxx7DrE!WxUDPORTwYU$RDN8%Q
zH9a2S@hJKLYC9Uz&eeO=5#e$oz4eac_W>j%{i3ImhfF0P(`T(^6%HZQJGC~<B7?v#
zb^3JTLHjgd=FW97QOL$$Mn~nrrf&PJJctEww%VX|f!cOU<)Rv{!)lkWEi)v#_SXha
z6d!Ze##xJ%^NXNyX`<TFvfVWgMv027!x!ugLZ;BW9*kK^^=6%M|3YyDl}zt1b%I6A
zz`s3Cg6kk;Q``O0@`g38mh!vPvy)<@v(uOP7fBW!i@e$;)N~;a&*itr(c)n_3qs}h
zE!mw8XejNjnsZ6#QcQ*-b(P43Ppfsm)r>F4`BCXO5=bQ(g3*wMKU#%l6kgtBA_d%F
z(tOMykk==e2hot^b%p2j<B%LZdGh#)L&!uRkGZ4abdt_<&LNZqUB2>t$9$b8Z}UTp
zaJsYoRD01S55cDSGDsfkFW?B$boLPP`Gx$3`9G<zbeJ_wXJ?Ru8+I>$jr^H0-^5&U
zozUFGBk42{7Z<NF5D8;vRFL9N@7|r&ct+I1T}pAfOy#t`tdak>)Bje>3A8N#Pk+!a
z=l?rAeEe1ayN}P8(f?>13n^PS^s*9yS_2@Hw4(8Ci<kOQM>g13;SQN-&8z?23owM3
zYsNleoyj5TC|4oFW!FNT9sN+la;#1!hNIwFhwMcM6<{W3ntHR>n=bVTht&8~Ls}ap
zKN}<RnPImIS=xoL24OmuOLr+mcQxvprdQ3RCA1MziOI0mQ|o|RSxW=#_OR{xaiQfc
zDUV$Mwh%4S0BgZ#c~x+2H|kbs?S@N$trINe$BzWc&_?V1AxK2}Ymm-<!Y-;|QGxk+
zeeJb!vXqzz5jJO87+#p%^m&)kkCxnIDAYQ`RnTJMcPk^;1tS`WN=t8y0&s!iSN09Y
zaPxQ~^7-?yu~|x|IlOrUk@+I`IVty7P3_*wAm-ZMxb{G-*qkQQLea%;ck&NEdhuZQ
zr?(gHE>F+)3crD)N;gZw7Y}yN&fos`-!I>vzuqg1Uvt`(*{eu~^Fh_mUF!RZ9QW<{
zyS+A$Wgn18yOJfmsEVF?eme<C%1z}3JIr^?v~XJ!^h;9+UF*~hSi)+}s_j%KW$-h>
zx_NPwmbJFpL2B^X+P?mg+lEWG=!&Z#?p{Nijlo-Hrm-gmlS@}>6fZW&bg?mrC4Is`
z6XH)VumXk%LEOjFZ~fDaA(?8i-xXUd>DIks^<6!>!lYe~c4f1|2o38leZ`_{`>G=q
zRQKGX9}q?HL&E393VD!Us!;2}`W~~Ch?J(8aM7Hx6;(jkBq=BZHY9a~6ukZ0S8oQ@
zbgMdYn@2D@iP{6|H;WS<LA5?>JTTY%%p<AR7nrg65o|eR(C_!lc)BB<o|tMMc~O!g
zA~fBV9lL&DS5K@IfhnBE4X#^WQ`Kr~$NV<GXPBP3Xf^1!?)6<GQp&d{jbeny;|1VQ
z+^GanOl+`Rlqj`dCR22YnArr#v;MfXP6G30oOCXrggcg-OLBXSoD=LhD({I3>c(T&
zsf^-5`QQhiPF|hAyZqtw^{dODkKerdTx|$Je-A$W?bY8~n<2e~5sxclTCMZnF5bRB
zKY8`y!R{o8e08(|<{s&S7tMq~0&LQ$LP>6kkW{8C)rJ|PKIukeuxHI<;9X~$(ju47
zVy|_r^;B@wG?z75%0x=K|14}8PWqYr=YOhw_<;s0-V?wuHoXos`52^y8s7PkC44oH
zc*Pbg4Om4@3zW1L&dMP>;W1=-Fs(5c%!Bewa$xJrcgN>HzItb$Sud{XROvx(Z>uZx
zW^?Y7!^6YY_Kl!x^eM<oXa~T}clB_WyOi56gSxqSGrnmB<CWb-oF6a6dbMLsuceq@
zrAMuZRlIk#Vn^9{o@ePo1n>lv6FVQGcAA0=smtx=KgfY<<e>rqS{=CjP;CjD%Ij4J
zTA5_64&BM|U1HB<8mk4ebSkPquBAnkHf6IhYgCLXMmHR~PXAb06vlV08UgJNUKBMb
zclNG0IH)zWtt(e|ktMf@*X0JawfpW)axc6pt`4|<612A$tId9y=f4#YqMtQY`X5qM
z7gl{5{QCJf_-y$8i$rlH@86~VzmE?O56k|)gZ|h0PxtcK?ETl~VVH#swE4EE)BAA$
ztpu?zdqXV7$^Z48e`})nzm(JKo$tjT?($lJ_%1wNYtZl~aCohO>aM*7mu%;s$$9e2
zV`F94N&Cx9d?$_5p3+U0`%vDATVZZ0xD&U+hT*nxE362_|0c5WHuB%96#<vYe@~y5
z>;D}de3k$1=krD6Kkfck@#wodl6?oBdP`_FX>ioTG*5=4ukAJ0JnbDg%{32R^qC{h
z5))U;TW|eK?;X3qsROXo0j{RqeY?LQ2uq#cs?C-Fx`yXktrYrKbzCdH#&7fLjA&Wn
zwPrV3-)Aj0nZCC3SgSo#>-!g!`>o(zuuS>*OA&1&X!Attb?S7**15ve?aeNBR<6y0
zhn>psSJO=Mi-f1#<Kd9JJ3&_=%oTK|Cv55}YANT+%WgLLZYcjL+M{|c5d@dXe}kvx
z_>ZIhlcTTl-+g?xi~lI5p{s_0RMOPdii7#tb3L9g4j#U}GM&*0C08IfOVTm^0c58k
zV`L-!$!m9#PoI{LXC-;8kwbsyV-P8ad8HH}asInJ5t$-(c7twJe6>+?Q59T`0kYNv
z*?_n^4;#^@qX(u&>F@>VbVw;*nLIqFf^>rDnudXu4^-iHkF49n)f1{zFEuCKG-(Ng
zDCJW!JZ4wtJw1UCW>Z_cagG<?KyjOD-7z)83n`X&$ZpF2OYo?9HG3BJ?6iGmEidF4
z1v#PtBTJIs+>IFVrwG$(6eM&3-c{s?6<qbhK%}ftDRKq>{FTKF8-S{up{pdcBsn$s
z*|Uzz%EHIj&lmr!C;tImq$%sF;_h89@t0cxm&kvE{!v-}domb&&Hr>SpB=@drYYGC
zSwwb2&abkVblRQ=JEUX1t92y%=ydk>NFQXx9nc;hKpo9OeGU8plAhv^ohHezSCsiW
zXu`J!QA&29n#S?jsp2leY8gz3%2uc*-A(yL3U$X-^6MS)|0}^&Xd;=YHJ;AVR`-`m
zk$kyN9<Yyrz?98u%mPHa>>s8HEUf@Z&Mi#2%#-t%SRxUMH%3#JoIy@>qAnsi%Zt*!
z)kSHc)0j<oV%im}thumtOV{>=Qqz6?+{0%>`X7r}^MI}CfB&dorT<U9zW?0I=Z~QO
z>%8ml*a}!9J$HYif^>@S{=LeJKc=6B5hpYVN$1^+DaqHA0P{H$FxiY=V{Q1#Fy#2`
z)L2msq17d-&o0hX#bZ;eQjyp=;T~hYq|Tip;cWT$m)`$X?!P-@;XIf|JYgHnvF!do
zd0fu_*?;`>;OqUrkIxP{qiM<#tZavyj7EiV7KBihHKyJboigD%s&cQuB71^}84E)q
z?>E|Yf@r!=5*E@lxMtuaZGBH8-`OD%n_@}b-58Q6F&}-S|Hqz-b)|U(JtasaW>A=q
zxsLnt;_@Qp33GPH36xDCznokUKS+e*PJ^@u|3&Z}cl^(!2mjSy%%(m0AN{Aej(Yh(
zW9mtY2M*cJBUjwS&LekBubfA2I+y?ENicOD{U2wC{6dp}XM&u*d?g$=PWbQ4OC2}x
z8SP>7g#Yfi*TUmI>wWRdy~1ae`+xrG_~n~d?%dySj`sV1a5Q*)P`v+xr%w*P^8b7J
z>{N<-JI=AL399)U6<Ez*fBiuhL;h_SLKKF*-ZV&O*%;I}T|-zm+QZt{f~A6Faj`Bn
z)T1_~mC==iM!sF7TDGYaU*-{^g%aV&-d)EzMX6Mf59Nim0;>*vnlRRz&bqNAcs)(|
zdgY<^z+9IwnzAZvuv(8sCK_bMf&?7&9tskvlHhWY_%01~Nz+*c4=y<-A8ORP+GU{j
z+>1@~t}X()S9(7oC+8#(goc7^yJudU+*ly(#2`{g(#A)KNo3TU$z93ojSEvO+f=}I
z9p}B&R0)kx`HVb<os8TBtRzUOE(9+7PIwsd8!VB|B1vw=(CL!D^Nd8SHeU&VM0Lq-
zdC+E1l~oFPW2QC%ijDIu6@kw*=n$B*%iO7($H|RY>iHuxb|8=0j3z#dn6D4nUOPN+
zG+}IjMk?(R6!tOZaE)>x1_w{wzT0;P6)3K<F~j$01Iv<GHU6>KNhWmgt^iP&FIgq?
zQed!Tq+^;!E1<T%5I?L<87fFYO(53+B~*K-5S6k-Eiq;ZSTIy2-8sF&ik3`(wR@zK
zMUR#&SKb(&rB=WdM$QVd8@S9>W!=fBn*3$7=Q!`IgDWqhqB{vwciPWM9yLU7BCoAF
zIv=cyrb@u4i(V^LZ0)f}lq}&o&dv^bpI5}^HvX>%?!lA)={OfDO;Y)D5LJHOCm+tZ
zPqa!y&Qy3o4pcF-jL$vM^LXU3I2AqZ@70UB-_?I~mEyIBO4FFJh$L*zubGcWM54rk
z<M`~<b(~{Cs8pk}Fx@AQ9w{X$Yg^i*M^J<m&^}3+m>Kg{P@?yU33DU&NhVl=7BcoR
zW?qV?CT7WmCv&7hU8t#~ASlx!Ai<+XRdodBL3u*KTsM*`Yao?Kf#`@6b}c2taA6vz
zNybL5^Z)+e|Bv$>dGzRKp0eSiN6vTTw4gky+OtwVUYKDpy$oKm8!8ADf_nj+Oym{O
zLMo!UuTRa+1QD6gYl%+DV<kZd8NmhO@WZzCx=tDD30d&WU~j>*#3<Eur&Mdj0FK;m
zP@IuAjHE)ThZ>PxcFiJ*Q8~e!Mi~vm1@S^gBPlSLMefOS6r@<jJ7ijc|49y}(1-_R
zobW3aL1G?eXX?=Kip-lKawk~=RdittWSKylU<ygLfm!b=fFpGrNBgBE>=TxH?w%_#
zWpJg$CqbqxB_hqdD`PhR$o5H$Fnc@_P>p=X47HKh5~D|NfVyd9z_^7KtAtUK-^M(W
z#}7zD+gVOITAlY1E9wG-p*lM?#|tw=B1sHVdFW>}oaDD(%U`G<1|am9_d^X5@_1u>
zHYCE-I)fJSoRo>!v9GwsHdKu2L3(>yMi?_mIDBK|Y1|13*jyfGpQSVi3tMAeZSy@h
zn`54xP2u=F6gXlxq<)ns0>^Q<C^ooAY2?$y7sw_~)XZ>Zk*nq66Nps;OCrJ!>Bf>T
zLP;`~N|LEKT3NzX>yUt;{Hiw-tBnHyRsr@M`ImmJaBj(&o`BqvmrQs`00HOZmc05%
z=W)o$t#eDd@<Y`BcZ+{PgOQOqM&y<N+cvdcwahwZkl+BNTjrBnB|d>9C&#cJx%DVm
zCOgW-K$O|h_f!-lUP+T~C_ct3Ap}L4kt#|3t;!|#-SAs$rtfk|MnZJ(`04WzE~!%U
zTmxl(085NweE9{vC8JJfq)`1<RUK+Y^-Hy7tD(ByS8D|0$jdM9>K*7Ky>ZCLy*ZWS
zqW6+}83Yzdh<h{++_}F~^ewE@Us}}_OAgoDtHf1XU!ic9bD}00Q?9#^W2qkbX59(|
z97fe_N;#1m6mwtXciIRa%7X*a5J4}L|M6@Uk0km{;K>D{p<zFi3z*!IW4zaVk~@+q
zVL?)HsrC3iA_Z~|6cK1-TaaX5>5L#EX5KQ%)okKM8>?Z38}Z>2ddDbKeEzMtY~xv^
zZ-?<N(VH&`H^_KA&cNBnTIxeVUKzx2h~jjSeB`{2C5aS{G9UyAi+lzzzUr|Hr0WS8
zHMmxdKzU^;p&^f^pwIzl1Ho!vN?RV20%9O6c@)nebj0JNxDeuBZI&?toT!tEh7dVd
z&$gW0lF_Hn3TGAI>^oa9q!ervAT3K>-lH+F1wP4j(EMOo7fHn-s+HOIr+9Yl1cefs
zoao-nSi-EEh<g!d<1i4jvMr@6&txzOJbg-BDO%yQK=iXP4J0$k%|Z%`Lf*TG`&z_N
zzgwmO5SS$a2?Gyy8%^4`Wc2*;(ev^;R4zoh7UL6Jka2ViBkb^r;Sk2n($30a_}J&q
zDw+<W0qk1m$P7MzcEz=)%e}ggK(!j5pj^c}qns9va;Oy^k;Zg7rPbLvTjdHbm?V&7
z64I&MT0A1STY08%d0rESRs}_Rg)%bWy&NgN2;%0**gE6{T8Sz^QAkoKTfK@<gsCJk
zlC;{kb11rf9Y~s|Q%DI-c7af;RRFJVoxfbETmtd~2O0QY;b==ED`7gFXhl<AyZy?I
zQpU-u9R`j^$qb`7XKsD5@<dJQ4M2*VS~F$>?{#@X$W@!;MO%He&4~GWdSwR^ni3W*
z3hn4xr(WzT=*vWPAy(B#OgO}RLW{yR^YPVd6X<G+%#M^krR;3tj`l4O@(9nkuZVcU
zJT!VO^byuFp62bK2h8b0iWZiAfs#p<W}xJwy0iTr)nNf708}ffPOJnQpjlJQ{kuBX
zKp;0r#$2YUn-u=Ni-Y;EaVlyH5Pv!JY`ubX5wjfpdayw<g!H9+QnIKAXmn9M44nj{
zgyKc=*y6!j<0Q70%3TTGE4Cmy4KAGJ+=9MXkEO}QY_#fiuix@gzQu!PTgogHfQM0l
z#*@3lf^knmd7<^()x2%2a6_~o)5XPW6WvX`8S}1|9CMY14%N^61xZQtxwzxeND>6_
zdR24<cw%62O^c9&wTp}j*{0>7ffPD<955->hYMvf^Oz7cS*YxJki=5z;SqVIQr_ud
zK|35TY~j^41}Y$2Fe)^YdR~JRs<ga1skxYA)L53}Qk4Kx%w{SDcWuBAq9*MAAwa5R
zqfIcHq^4gG#5~(*BPQve0++=EniAMjN=>Y<5mNy(X@%6pwQEx&oNTx;F1bLp)Mt|*
zk}`YVxK64`81?b394>)=+fZ2|ji7C*?OPy1wr?T?@@A{q+**v4iXBK~{W@dt;9`*_
zZ3S7`2GBsJ>S_Q3wK89oF{z+0*~t`LCS&m1*ZZeP2+%V{;*14K4MXcE(yk48P*>eE
zJMfWb_;`w*aN0{YFlL)lB7eCzYZM=$3BzE9TQd6aTM2p9x?#2z$pRl}w`GUgo#GpS
zb);nLEb>_rf|bTL9G!8$WVlCMfY3Ro5uGC0wx`%@+VGmPWyY4C&BqL$KEXaKA+lhe
zQL#?~bMnAP5gCl#tzz{mj<CX|s$$h9F#YD`=<;HEIi}ngWF%D9yAY|M(SX!Rjkpib
zpvXd-*YHpvZjvn8dMOo4q<J}1_9XL^NWx$qD7TA(NM{|focz@dZRc{q(dEC@a^;V3
zwGrHc@ei$(mGP{MD=-|8n}wYQ2H?}9*q5h}<fwdK(5VECKb8eey|db$Uq#z#ZqF;c
zR%!pCTpe3+bbP1aH@T}2FerWR4Dr!6sb~FX{Q@YP?Ii+Ozm?UbJWU&!4}>JQWO6Qz
zxWZQM29sQj+{=+;;gpvrO3m{F^YMDwhv2FvT|)7V=7P<opz85RqzQ$$7KknrWEWXJ
z>}t)+%Nux1nFo<CdIAR717xc=*ae-3CQ4km<OiPMVNm)=9c24Or<X89*&nzPW14z<
zS(3=(RQ0fYD9AMqiDZ)r@D@<7$fCT`TtbkH<BBcJbHbd)lF!Lm!AlT_+b<Z^VV!WI
zU|IIE(LqKn-e-|{`O0EH_mk1j?9dY)56qK+fj(h`MZhc>MB)1x2n2HIkj7x}Rm;L$
zgnRo6e(Y~v+~PP4&;Y^{pCzt3B#!gwT@Vl9B1?fyinT~LtAgvdQnb3gVvAc8hrdI4
z*aP<^48gt$Lf@l_4?9S`lqKSkOC0BdvE1V|cjmqWpVxe_J=_X>zz5F(aDm9rlO-3q
ze+B3Fub(#m|7^^T{rQDAV}2I0q;~>dJ1gdVv_H$@f1W-q`Trjbo(#VF|KH08QjMr=
zcMc&QO=-xd+G{M}y%~_#A?ZLek=iEUZgZ^@dp!K^1sS*pM{d8{C*P8R`*<M#`LMPt
z7efMh^{ijjk(576dI;~9L+zkc-_A<^fn!_exr^E0>N_gr-BWm@f7rnJscqX%JN4AI
zrnYUno!YiFwQbwR)OI^{J9V@9zwcgqwuie1yE)BKu3Sl;{O-^5y)oQyTs%}o$YkJT
zEeTKk|7{2Qtf}cC6AF6t;2j{)5A(c)YK9L&02eJ`;2IB5;zp*xM(~GFh#-4>b#g&p
zUS!Tx?EXCF;s3!e#YeB$cZY`Er&-N+P_q}05VZIMIggn5f8`g8zHxg`|H0IAzu4CR
z!qzV6u<csGleMe@v$<H2f}q<}pEk6@CJXY#(V!(HFuWL!#)F6^pBNor{Yw~L&m>QK
zpK=3ZftE)VwVAKD6+QV~u=i*OOP11cRw37R`yxKRS1v}$e>#tth=>R|E>Dnzkk8+5
z{<#~jBt_tQ$>L{sQ5nWR+xe-}4KMz)USd9{oG1_K&O>_q>@a#C8-Q^xzj8&QSEsc|
zf-@arZWSO+bn!f;$vypzhxfVe7Z>mBEY6}(PA;P>YQVeS6Kcl2z8hM`okboii>teo
zM(vM@LRcKcJkXs=*F`Q~_RB>grY<E>I-7LT15f?@XI-CRXe}@{ZI?9B_DSLwj8Qau
ztfuj)J|;f@_jIbH+c1)zt<k-aFi9A=Hxc+I%%Zj(S3czMRlQaA5q^=a(;}aZ_GfE8
z3Wr(Orl6^ci@S=pZ294taLHSW=VaF$z)Y-Vy7JF1Y{4x=%^t(~|AJBUU&YK(;PR@m
z8}4x|pNrR+xjHNqg(4l3R6Q=?3bjxq8o2M^h?+xGG5hvgdPajcI9XYLPkVz<eIzh=
zaIQ<fd9XEcMi*w3IC^pqi0Y4%MNSafd2DPTiT(v~d~E7gj7AgK9um=jCxtD$8L7+8
zEzS~ITbK6Gi7(HxP2-^M{}U#)`09gdVUMk#xL}9WgMl+cO%VpHfWPk}p#)!U0zerV
zFOd8>OR^#rG&s^@9k{5WQgcuhWdx9@N@o}g^Z(iN$jUAwGun&u>n3DlJr&@|giemC
z`vi{dv~jlCQAYdqzF@hKSx{ZTlhREk4Mn-gN~&}Ajyb6&HTksaGGTy+QL2*$7z#~n
zjhD?nKYXA2-odf`0M5K8T3BML@sXf;#ODoqym4%g_cyDlbq8@6n4QlXLUtEaoBBvS
z{a`6Nn9$Hoa!sRDWQ3YaOo(Vr8x@FYJfNl}Prz;-=rsQ3?=sp|WvND}?h4Zfn-xtJ
zvJxSlyi$>%17i<~Wmt9Gl@$?z#{8naj%|8T?h|Fes&nKf!4Sv&ii?9EXr#k0m>&FT
zkX_&I$=)L7#}E5Vl^<vdH5+2`XUM!Nc=x*|N5okj+gI1Q>Txy38dwNjv{z&EiKQM3
z^^@~#g|(MyWz)q|+@5A@8+wAN`P0#646lVQLC6|;M)6?1_^cHwO9L*c3EjMCf>@6A
zbMytc^_FE?SPAMujFcdnv|;Sy)S=mep9n1u+sXkKj6$>}RbT7yFXZuDaF%ov$zjWp
z3P0zkjF$n@c`Dq_C1?8I_Ofl?7$sPv6mhtj$2ZIMzpY$s!%x0Sj?UMNeZz(<;f@}$
zAL!ZJ7FM5j8&GSPbM4QF8i5xxdosrj!)u2=j1t0e>bdpevI0-qXE*tXjS-K^_R6Sw
z(h=YLsic@@fvYw68y!U=BMW^tI!7hMzM{`9Ck5;e2`TtQqS#03VZyw<a$VTRh*OFH
z?akb~B)OC7a$639gnBY!pmC`4J<=#8H}v7#WT3QhWgUKQ$f`a^6au?H%y}8Qw<2Rz
z<R*Y*%((u?C?@1>Rv$h-xw@U^4!1*XDqWDbthsOj3JFo+pwm%`W-#>SN(C$HWNrbK
zy~)s|;npqL*{+!p-u*z0n>!eqQQ90giJ=4b9A9k5s5r&<$nVhw89wQ3oPCgULEpf(
z*nUaU0hDtimXdA|S9v7U#`Z-T<7Xng*`}qa7*L{PSYrJvusN;N5C=~gxqfdz+%<_f
zWZVjA1Wj?Vp-&oeCwCC;(Zfn*m^Mk}!Oiv{ctd>mMDRum&NoYZ7I^SGdJeCLLlC}l
zRu@riwRB1oZ%-g;BJh@v?x{n43gcls^AdI?Dkifie`(B)3U|tQ7{>m)9I+U!qV8OZ
z)FFfk{i}iliaE{uHYSS$Nyt7i%)`Vkm6Vl;jVAcEeKJ38VNuq})Ng9Yl$7x99YuxJ
z3EQ+dWFgFmX$k9N%9Lqc4=tXi#EhpG{>r=we|Y3I-~?jPg>Zg1t^A6$1ikVmmffJd
zgO*i^P$vydWc$<X#%zwvl<I^kOKS~Bg6J;WBkjVJsXQc$cod6!4IdzjBi`r?cx{R`
zGU6zX{~1WycRGjvWsnQ~wiH6m&6r_u@>~a87v$QiJN4&3d)DWB^(Q$1Eh60FQY;gt
z{dR@*2oNu*j0~$5kX?~aYkv)M+vY_geVES%y0?xS9I{W^<975fH~X?|>q+`m0b+8@
zV3dkuOZQNY(@`OR7sNE4-cqNtPuLHynt!X1I!rdzB|s@TPmWX}H+_gvauKs=n;Kw8
z+ftWX4934N*UdI!)m?#@0t!7I8_X|6gdGR8->`bgy{<0Ovyfh&*ENwkRjpZriLUOj
z|HJKxrCDb`z3+I}1L<;4{x)^5fpXjvAU9KqPJFzJ^i+SHww>!VN&poCFTmDx*Dcj=
zTz4@D-`qLEV$x2p;-^uHqhd=sbRA~qhHuhUyRzs@*y*Ph?~YtCSWN!QmWp=FfVij1
zFck;b>S1($tT;`vn@|I%%N}%|{L#h*o!1_0IZJ4mzY6<M*p#*!tf-sy$tbh-CT%hD
zYbO0@W{HFNG5L<7SfG&=r3?1`arC)<%gGJ%g@?>G_)tSahDM+i59`*3`PG>W>5Z8*
zLn=bRs9|q?G1x>@mX?To0BcENjaZ+pBiWPjP!1UZXW6-{ZMtv~MJo$#-{y|`b^exD
zQNE-8ub~fzjJevOfgg!BjB;vptQ!>^Rw>}Y&?R<m#WHdnv%!9Y>hNp~DJyjXR3!dG
ze4*Yw3-aJgaHKIwt{11Xlcw=PYE{s|U~k(|j+2%7dCcuTmY=_*&M*#_^?OY96HaZG
zBW-LnjbH_=^x5a__s{i=n#A4K!u!=*2>;TLTQ8sVu+>^0^IWZlw{TggNIeGVsdC+m
z7SxqwmBCOU+HvVBJ3hv>>%wsrv6px9CH&6o3*{}2l^pzaXp_U2&GNXH#Tviee0dI^
zShD|UccbZna*39em-|l%U?;z~X*X3v!SvUxdU29<v%V{4;cZxm2VZ86ZXQ?63|Zf3
zE7|sUaDI$gGn%l?>#O#HQp)#s+C2=7<lxdAbEKbSc$=l(t>+ziaIshNl*~o{gKdJ;
z)R<S+<iBM<fGXWVdIwQ_E!Q$V^VKx*|B%0(_`P9@DGB4fKTcd#v&&T=ymSs@_4!8?
ztpqT$UUpVd6h*FUP>#Fw@}})(Ew$cI(*V;xbvt#G@!P&{5PIbjRXuji<*7k8-r(=R
zRK?bh&Z?ohwDqu+*<a@YX2r|AxZ4m-2BLm$NwB5=)qK+~t1@87vjdMwcU59DwEw(M
z5v`D&d2yD+3_1D>Tln3Mw~GxMQMT1laDooXYHv6<>W{IR7Z><CSdasOxir)<{hHYz
zbGs$lkvT=1mq+KHDUWsI#{y@Nv$565_qw>rn*$w))YSOYMFIw-3H0PSkhU713~k!<
zm^yw~{&}=<m#Jpg6N`Ncv*(^$-AXf8XyGVj8_d8wCzrJ!De@6NeGaToQ;cnA<+4@@
zp1ezYD4^##di&7;<^Inh|0drXMV%pV4oGKx{zLp+lD5%@257)Y9qN_fUGZdemINBw
z$LTMB`iD#Ql)deu+=F?mwnjqrV)zHPXr%lzxb=hp(7Z7|6&^Iss^v&P7-MF*l{O<5
z79c_+lf7(tnI)5uS@r}nT}^ry#xS>0#;W*rPJrE@z@<Y+>*cj1wGzYKzs!kqPOS&{
zu8kf@Z<18)6Mwu*g>{}3N?@>emX1&n2r*xUU*Q#{=Iy=pKMUAs@?SOzB}m8u_&k`?
z`zMzGsY*<JIeo{Mu4Z{^tD0Ld9&)nJCfN`DX%q4r3ke>zJ42%({BvC}++R955>7mR
zs+H5|-U^bw=F&C@>iejRd@43W)8@DJvWg_gnkCS;%QdlZA~AoF++5iSIa{w(vQ;5Y
z^$D7p6rZ=1d&|=f>o@jo24GjQ#8_c34<jqtEbMX^>zxJQ@!=}W*vX>Puj-_6IhYz}
zdkpOrTT(jKswJrI1+k%;azuQ6^oLiSM8?ctO3;w1L>ON^9A*_NV`q1|{}^C4J!X6k
zT9ScdS-=q`T)BK*Iq~e)S_oTy_|07^2w0Y1)n<TP%|<rjzy<zy3_qQk_nPh(_E{90
zBdG!=4{(VgQndT<$n<>kYRE0y!#30+hWtlQQ~WZBMU|gkr30s6+`e}QuL$7@XhXc_
zqC;5h5q=8EuU=^bD%gmxi|=vVIU|O|>!Uad1e-q_aERAS$!#86KSWAfP7L~Gf8u}A
z_9o3$2Rl1MmrNNwH~+XNDoIp|S1oHBeU@TH8Xg(Z$;Hf?kc<-S_4hZAjHw@FY@k72
zWKCUqStJKKhyityFf6sc^7Z>PmVlrQsRI6sK;nZ3t~Y~()0nA0j6GQs5wD<%E`Hse
ze02JYQm-v@{2=sqrRY`v2XI8P3*Ut~FZGmWTvUw^_zE3&#^ua95`ab=RU&JJ*q{9;
zauO`A@%bso`+v2v{KI5a0wW2d5_faCXs^n8ZQxq0A@f1ZsoGku72Vg?D?ik}PZe`C
z2ZpKqN;aw<!w=ZhltuV^QXl<vC^My_Owt8zd)y+0P@S4_tTw<gRE{HJ!>J2iEnk0>
zPisai%24wh-fnnoaOiwb;SPEq;itQvT2`UW;8@V~*K%f(Al;bHGY6PjNRT?Doyy(9
zYzoACcI{$pePYT<D;ay9umVsB`x+dW!|HZ162BWj*UU^BR`0KTk66axIVs*TVCV2b
z2+nYjILv}ruzo1OC5T_=KkzCtD0*CJB2oh7m0yv-)w;D3yS-ao+`k_DKdzR(pE~fS
z-Z3ugGx!-Q%)wv@`UqoU`EKRU?RsDbPQM3;UEDG3tEoJuJY-8t(H}=XvF*yzhw4lf
z8I(I}r_|c@<Et}PajN7l59G64P~DG-+vr)sH0-$;`E(_3hRC+wuBqkttj?dz?lH10
zWnctPj2z;RRPma2wzEZW{1OpP-uqeC*^Jl~Lq&Q@@k9W8bdf66zVZ-1mF@J>Sl+?9
z>;zmAK@&Tu<NY?<ZmF~Mwj*{s3OdLk_<+z?`cO1gVVi&&_)s2P-gp7IntE1Ri)l%h
z(Vlkj!BH(?qI$3f7G<SJ7nV)bV42<(LN6sTX6VQ)2$}p5>9jP^=HUaVX^xx5l&YuH
zDa}vVR>H-bCvP`CJE^j8v%r&23_;rJj)$b1`#60}9OwweJox8jkysBd`%b^!g+IOz
zo7Z!S{4JI%H;h}C@)V8AiB)70AzA`3gpIK>s4K(JQ{s`@?`Eu_l54}JLcj0EYJ}m~
zb4-VO3WU)V4qR<beF6zM@~0+M5_I87+$h#NVwJd(ppVuaXv$7+1V3+2uFlIm#sqWy
ztT;m?{pbANpO^X=ZNom$CHU-PteXGy>3w`my-u80S@0Hd#X?#^OzRy8W6nf?c+COl
zZ_2h1C#FNE79)}12+&q2j~Fk^?n^lpouhlL>6Y4-Jm|QM6IN;lI)=#S_{q}!VuSJg
zFUo)W;iT9%{9uS?OD?}BPTMJeT_$k&w#3s;H8K*^M`l4OLaTETh`A>nC!7nX>jvvG
z&t0(H1;&2gCCLZAKK4jA8QGsNpMi8uHUlEf5`Y{A1_oiXEvU9~gY1Z-83J^A!n^gv
z^z?74z}{ge?xrB{ZuFXbHa^|BXMJJOhVDe;+z6|o@^qHoeL42DB`PxKk~7Nw(zs@|
zS=0UpFc8HwF`ORJ(ru4jX&Zwxadiq>JJ;-gXbp8k8EdRoV6~Ds#&}C}#760som_O(
z!tfbUc<VU{L-gR;Y9p*A!7Z(fBIk+5-y0nyyUWQHV*QEe;Y;t}EEAh`#7miLth$4X
z0NM0{jvj8gC$4J{ts&peBL76Gs6?phgw7WLg6F@#`X~Niiu=;T2flyo?G+FMed>X#
zz;j^%j|X6u2d+68gq`0))lxVt(2md8;6${#HyL;c1Ju^P6I7qS9DP2h3h(A5-4PqE
zf<o#G4$weQ&5py?ZOrW}+nX308=d@}e3I@FnX4-7Bl1IwShORtUc`=mO-j>f%JCVF
z!4@QI$Q$pVkNQgfN7hJ6KE3&W*XNt?M|tqVeEk^)<RE|J9Bcf6TG19_k(?&PFZWQa
z`L?0ta<ybnYFYd1)_R)IDJ`QN`^EbzZwD#7pF?(hQ*;t=Ma=V2qm=E3R%{c}TZ7hN
zo+<(?542Hp`1sX58<9q(WMf|RWb(&3_59Kg%|<;-Td=oa$077A$ZT?qB+80Gn3thg
zpQfDQ#~HjzTU+=VUI!-wnmhSWeo1Ec_o(XWK>%LDGYu|%NJr4@QHY&hW~xhV_h0wq
zo6jS`fgrI{PGQH)k5$3SJ|LI3pX&=Hkbn5p??$lF>MUzc2;b_W`k<hcUvL^eOE|=#
zZPvn6WCCk#CdoC%An>Z$G{*K=u+yF9^{Vao5Ko$z(fMq*Nfwn3rc)WdzWuC6L5w;h
zcfH>xs*c*4DJ!UoRY+StfiYt9r3uZ7$Gg-z1z8_$m8!+pEXQ+)`C#<iEn!$fKrwI=
zS*tDlI}K)qJ|Lww3*ZT@G*wo7ok5iO{0N!HT(z-L<I?>G9kt00>V)CxJ2h-k@tXYu
zYNoZ;m6{mN$!(VXxsQrhN~F+cZlrvjF&~cD9bv0c7Z$<Z(-V)=BvTcP)B;`nlWRoG
z8E8#2gIP}EHOdSIQI^3A5(Vq3V+-U7#D8@pf57}@p{<~??)EW4W2^^fN(8?340V2Z
zc;0@{0hfY(TS5O*m?jiNR2q{_*H-{E*W}LyvbsZcC-;{_ZoEW`5O_`q&0`jdl1<76
z5dHzhWiLgW)UR$;tohN@z9y)@K?`fG2=jZ;+7Q^ZM=8h~v7)3sCjS<ObRLqwK4HHa
zaJ19Qzff7n(6}_Of1%SQ30@^yJi1IXn>FD!fiEC`s&NFCsF5zTh0>>cIe+2HQi|M-
zy8caO8;?{NhNHCTq`jJJq-AvNEH0{6ysA|D<Ga>bV&hZ1?D{hw=4C4$cnV1O=-+<z
zzo}n60!se;%7=ONMf&QCGw`2M?bm+o0Gjki=sdl95D@#z2_jI$1#yvGzr$fA)zO1t
zo23kxChy_f4E+cr8?$go!BS(<)+&7admyLEr`|#j6+IITC}uy{TCZW9g#!Bh{WLiI
zc*n?+J9Nsza_!+x%LU@hUA_vwOMZTqJpfVj8J)3Hs2J-TiLROOv6w8Jz}2)KNW0-j
zQ(oiBx2EdHi79MFl0$AEV%>AOh;9;tsD<$iRA7@hdr=n0*U9OKOr*DS36p3SU`>jE
z9%Eyji(2sf+)|WfAXoDi2YfqN63@h1UMHtf<P7~dJ_-_Z8X)v1OxJt)9(41P4y5h8
zHFzB{-8u#)`Zr!SSHW~5ip<`Tl5Va)t;=8keM=umZMsZX`MRl&7@NKJ=g~R(E{tZu
zCb82kU>28;v%YJk$>T@3Pyl+>e{bUaX9fX<+meD?48DK3fTv|+b^bh0Wec4y00H28
z_~+^S)59*WXD5*4sA+}v`ig6;k-EHl7d&j`<9L<Cl;tR%_g2hk{wnU!nY9b@N&XLN
zS}c#|d)7iyqLzM*EYefCnw1$M72M)DKzU}9J?gs!9UMK?;GOp~(J4|?QH*c-cU!Xh
zptGr<#cR)l<D7jrs?*Cq;THiNwFSb`+4Td~L!@eT!qn_cq(TnaiK;1(r_o}4?8{V)
zG)R0eM;X5L<!*oeb2T$+E<drsu9iP&j*fDMV<6$Cinmp8Xf&{;*jQk3l8W!pb|@D~
zb8ht(o<=k2(`x7q-{T$-R#l}F3hy(+FnQ@Z;A)fF5lzV)cRW(4q}_w57Of`N840+E
zUv)Ss=vqz~z!Jc<8nZDrAS)Z4$!?OO<O7Tk*Q-sP#Hh}0nJvQKObq&x2^Lvn!mR&h
zB(GD_l4mVSp=(*N@Cjuxa|#Wmx+BAX=2$q!u%mu{QuLiZfA~Sb&-yHo)EH{9Rt*bc
z^JcQVdZvTXvL9$rA<4EIPAK+T;nxOe`;hr*W;3fML}dxp9tJ?N@`OgDP#H&ZGxi6O
z(Vr^>GgMnj<7sw<vuZs$PB_0tPMDY6?ZF$&vNmG8FXMn<O?~Ev*_u<%GxYv_Fzt(i
z@JMDH`xFA^62YAbgVbrT)4Ukmi}Q}&I2O*oGgLC!m$;@DalZwuJ2nj9>Mwub2+%1f
znw3`O%O!`?Z-;_pwlP8~H7qCc6birG+B}mMLF>o#V!{d4<)mkweV%yU#}G!8225(H
ztc;5Cyp_8=1tnS>Iz-%I(~sUmLN;_q4(qfOA5#wvTInWn+0E@x^5TGhO2X@6nQaI7
zeUftJ7#))4G1!)5MfooHX;K{Aj1pQb;>1V7@>F2Lxj0}5#I2Q;qRc4H@K7$>302iB
z8svC|6yMJ{(h-w8tTnOOcph_suXRB8UYf41o5mz$caPkgiR`F*TI)IISI^q8fk#%)
zaeHtH@X<zQ=*i(O@>~~j)v-5CcWQ+R+V+#PBM*QDEF4w45TReaWlyh4xVPBJx}1?i
z-VA(+>SnpB^~g8m-Tz?C55x{?x^Vm?B5!$>I3<Ar5G@l<nwHL(Cp`ua);0}aQqncX
zy9tqj`jQmL5TZbzG)vT5z(jvgWK#(bNuL>nBllouD2QT;3DlszrOpUyvTLvQfb6dz
z9oyHpgYyYV`@MU|U5Z&7@-jT0krtBLbStxt^sSLUiDKF)jkR1t;CIyKtx04ZNY->o
zgJexAR&<EcNAFBiN-{}(n0T|Uxux5VXmtcc0%edp;3yQ2JdtXYisnr^A?EQs{T_!t
zf(4d;(w|m%kXIisA1hk1WwrpSESU#`H*UDbiG&GzT)2~njzU*?mW$l%$Z8u7c`YT`
zMQn;xfnKMmyVZMc<%G7aiJq`7AH3`_Y)vDQ+%b>l!8$maRjQ~U0#_e{#@M_-t9zyS
z1=1L6C@G>|w2`F`=QkxDBli^M4{g0ctjj%+tfBv3St9}VkMS%0QJt&pNKQe>e!^yQ
zkUR_qBx`c~kW0NpCP1==?~CjJsQ>icl35jfEMW`1y;ZG7gRV(mS;{eBkui3>1~p$O
z>CgmM!JZpFZ9<_1H-eRSG_Nsgc*<*0K48|9ETn*z4U?*(52Itam&Dg%`mra?luPV=
zF20xOAPJvij!N+YrhYgg`X|Y}4y)_-Z=t8T!i#wk)jn*UR{YAV25nK?a1uX1^&bWC
zuHTdYHu55Ib)EIj4&w0v4p2RU`TmtHsB@Ihm-YcvH4wRV?dwoA<bP2GG*xHf_hmF+
zi^O$!V^+8!pgQ6zHC0T*?iTPxX9z6Gyr7~HCWOIy|Ne+?R-=-R$rhRf$r>|3F<9K)
zL=(Q%bt#x6IHN!pr`jhmwEtv{Dq8t}vgW6m1ZvunW9CsM=bZupgHb5P-Tsf5IJEMY
z`-V<iEG^2P;ZaP9*>iXxS)(NoY)E2Ku^E#?KWus%wIuoP_YIFWrY=_&7zM2*zS8Xr
z{C6CwRSH&HxElPRdl^}DN-ZAfP-J^f)arlj%~;Azq@&Xbl8Mm2DUy=gLs5aoO(|%5
zVv6+mA}_jnOU}-+VST^QxNN>z<gG`Ml^7R&v&y`@H%b_4Nr-Jmu7sQ7k~$zN)Xenq
zt8BKRrahXsEcIdg4aK2Ael0H0C1=c8v8l|bkbFmrOqKeg+dOC$cs`fJdXgT=i2w&+
z^}AjKB$3CxY%?PT^iShSp@-LRS}yid4LRhK_~{sgkB5%078)Bfu*TW`4#~AGwui+s
zw=y?VdR|Naet<{R4b5zmduVoh96eVns&%~*4p}+#3`efIMP#kdzO0DAM;`CAy>T&}
zQ{x+olfov&Dig%At4)cv#h6Q%vt%Q@P)Vx!9YX?|FJ08>dr&*KYAdopplTt#qG}T6
zy?Pm46mu-4M2<$bJMutVoyqKjDLftZIuo-@1AO}>&a6S5>MYnR83f*o@V;h>MB31!
zIVG07-`{`uG%~m}+3vWc@mY8hTR9tV#z&F(>qtUDx%h0exOtavAqiFLhvM45if1Au
zoV|@;jFT|b8R4TBS`>QL)aHMf%!J~qk+AHe#!4w-)mnw<*L4Y5(6RDjzNOSRH6UH-
zOmo5gY?NZY3ktJ*%#uY<W6kT{6h_H_c45-S{TCV#V}6X7;;ZU$-6zQj2!IT*HY3Gg
z7=RwHqMIv}U*KRK=cP2MeOT_o{Mv>z`f^bWZTWV0`1^E+f%cSpWp8r;dIEJZ-MlDE
zoL{0S`t0`$B`(#l-tYuAoDGtUt|q+)m1o^q&NzF!(9}kdfWeK-VRXk*<to45l<ccI
z+)Q%{9&G?@5pFC^_D~Q!h}Ia9ZEN`wFyx@(jk!AAsrOt{?}vnG$d2n4{}z2x@ks~~
zs~gE>mf{u-DAyR!*i(p!)mbt;GQ1)ml4-RPu$&H^1;o>(UnF<bXN0CS6l6sIM{ANU
z_vyH?=x&bc3yAb*<@Z-Kpy>_&qcw-#`q7y5&3xI*x-%@509oG(k$?(ww&S2K_PsGH
z0{1@n1oCxDf*AUWbBdtyrr1_v))&3K#w?*^2p!pq$S02bfB`vWGPRqHk_t3h0)?2L
zOp1)LXS50()3pSf#aThnXm6AIs8YLO<LDKTcA|EDFyx-^oD%&%TQg?bjH}iE22fnq
zVZbBf1T#uAj8Ad~U~`&Pfgx_m{8Ae$4(K(f!SK!071`?D5*!c-$cMu&11K72^a~^+
z+Revz+S<FfOX?RsU{dUxrr1_bbGC?m`8xce6+p+tBw^c1+7FNCIO4br%T%X?@ZH-E
zBeJ%L5%?Bd?0Kn$zd#Pg5NpN7GgX+iPwWIHa>_0h%+hG*5~Z*irZbsFr}Jj(4H~V(
z{nJ8D1bd(~^r2KwfnkaA9LU(lSFgK(Wgx7iR+oofvN4DQe5Xz?nv4~e5HaeJO+cVW
zl2WwJ65oR!VQBt^w2A1XGQH^Yy~HR|HBZ#&r*f@W((saIh@Pq#Pw+7NdlQn~2}stw
z_Ki5d#yd8nZAJYjYhv$W{*yKJ*&Uf6S(99p5nh&bRPLwGTn>^oVNmifS~KHypj)&y
zALw`J@dS%k8n7fK1;yP#J>k8eq*DbJ63`Oxb)WUB0Oz(Iv2Ry8>vEGzt%=^GrX3u~
zE_TCMt<E&WRxFK0i6(pORX<hfpCMvzJu}4|&7{*6pB8lI>2Oqs0A^-r0d-LN=`4-G
z8UlYSM;`7mxKv7=@Ee$dg?R#O_k(j`mc)9{Ed*Z47!q(p1dM}i>+m0wC~4n^YQ!pz
zcJ`}jxwttf0Bv|3qhyJ8%FqkogVEC$3@hm1eO$F?x*Zs$!m~Hr0t{ks2aY~iMLg9Q
zwD4(WOau_7!v_>u^mD6#c-Nd5*Cx@Qj>NR-fkC|mA*GI5%ATPlGeV?$qBO$D&;|{F
zY4Npnj9U}`W2dPHN(l%lb+P7Ks6?*W>vt}ae&G{v0vww}2TrKfn|4b#&{2IGEwX?7
zy(8?t><i>OwL&2?E&192DZpyL{nr5(PRd1u2GMj+V1@?2CQKVR(F-c~H!{?$Jj9N1
zAO&Qf;4kc9AdZGBuo<!F8cysIAba1w*Yx*uZo!E0tIyxn^;Q-5DlCv-EoR!~0t*++
zD%IE!gCE^=4Y_t1(4HVSya73AS8HY*e|2M!*xToS_S{YU8u$2l`s-`X&So_R3HE4(
z%@2!m!vEw0^&<@eufWv7q8QlUfaLv;nINa9h*`-eqpRo+voNh5G++6&n7et0$vbPj
z5#xC@4<J_cyhK&o;ZY_0kTu|SOc?px!}Z`U&@}ekL@S71x=4A*LB8b_X(}snFFn0^
z|HL=Y-~S+3z23I8y?edsJ0n?s===B2=jV+-@ljJr;jm-&epFpP#M3<rpQAtT*Lls4
z$tWvDXW?iBj_v^)d}`f{PUI+DqGx$oTrsIikE7nhvvab6!eyNHdAH2eQ5ST)$a2iw
z0JLVllv4DfLlOgveJn;U$JsRbR(;&~_y)NY=mjc%9zH(4GZMddJAdG&!?TYO7km(@
z=MI8?FDy#D#G_eX)#--!=JU=!11<#$9*iL;sCY(<#2yZdj%i}LWvSfSEYu@iaM4rp
zXwV?kp5Ml!rmpGfb|bv$*p@#D`oMNu6b7uFL>(oNjzkqF5O3Fv$_&CH+S9jZ1R(D;
zfI7j1a!d@JZd0V+zh+CX>SV&p&Cq`R{?6aG%32s>_|#pV;WGlj>MgGhNFZ|o5XBNH
zuu3dVx|P9N2nqOxbUgk+j+ml~`Ru*4olw@V7fZy`g4RNo>T3fU8+?#5sjbJs9%%S;
z&L)5TK6kNc)iMoHqiIHiLL9??`AaW6dyuMvCqX3HLX4{MsS^t|N)cR>)iA@{>1$MC
zC!zr5@-8{o$MLE~k%uXPR?twYv^mW}&3~o9(T>GN4xbXOyQo8e=v*`0KDdTs*pCnB
zz~#iahR68Y)OAkgCt`qgm<uA$U<G0XJF>NK1{al=nC@{4lh++344cN8bJe(kLPCe+
z?WPxYG^S&Q&Vtb2E+q!-R-`V&wpvSMbuk?gl7D>`Y+46(e~&BTij4J(&Csxltb1)0
zyR{jW`HXH|<Y5imYnwyq3q{+F83$m2;WZdO-^ZadydHnp%|J4=rLh+&VYM+ED{`Am
zYN0NswX4|Wg@pv_EP8oKPq0TbkFyhV7+)m@T2)ngLfQ0AF8&^X^%T~c_?K|uU@S3`
zT-Q!{4v;R;hR>rQL$hOy{e^2bBCjY$%4iwvHuCN3B*sHyp^~fm4A~Ej9Y+?n3N4zt
zN`<Tqc?*`lUwz7h0}YMB@V2FqaeP_n8MDu{b^J0$ozUf;g^3+}sMXt#3Ff_z)5z)0
z(mL|P8}(XN0Ad0j6!57IpHYYDGpM&lT`;it@K~yt)S{_}fK|bMFtwUl=roqQIL=X7
zxgS@xSh*w`Xs~slBAuANm}mp#dD=N)8^oEVLye+ymPn0_S%gNF3&KewxmK=mR-l&K
z7XV1IWW#ugp!LW7_~+?kQ-z-)icIE}BTmRU*b6d#c9HLd3A|9oOk;5o3sEYcM;9!2
z!NLWy%&uj}sv_HI_F&p^rkKB(oDCD&lzP5Zu5@9gJjBQR)`<rLz{<E_M{fuD40Huo
zXIutVIcA;(uwX@FMND4IFe9=#B8_4NG97sDKR7NzQVv;-z7XI=WBzzx*0^ko>d!AM
z0L(ErhKN!T$1rnH<=}9a!EP)2UvkkwR0|40CQ(GbFpQD?-Y(WhdW}A${iV2*{~RxN
zP+so9jT2K%jR!sge|$s`Bkhbh`jiThJgjQK!2?&<V~vSp`Gvgrlj^ZRTOFfKOCWB<
z&>@Bnc8|lKgI%n8qrTf^N0&hb@+oaPNQgv$M=bPkoUQ>H=}(o4nQ02Iu<X`oSn5Fg
zzUX}4)FA6ou+HUQaPmPwzKcNr4j|79-z7F$LLc1#TbSjU$->qTE)NO}yxrn0PFb^<
z2d#{17q8YW4iG;SYD$ug_GF%sD5Fk{jc0-nRA#hYti%nO({U7OfjO`U-C^Djtc6T>
zGN()#aHe+Q?pH%iV4g5f<ip7E!Fhz%zr}t8b!?`{Z+@M8j^CgdVPFSs99M^w+b$dc
zq8-Tu&3`;*Vfz@6T_Cw>&p!m6@koizD&Cp>z(P4>K8<8tt3WHkDXTt`BXAC+MSN4X
zfj0y^?cs6Q;0J7xBi)Q{&<mULm@7c<JEaN|6_unPjDMtsPY7`xJd>1~9stIr;EIrj
zbW0gt(kFBqyU2-u%1pWXVr|Trb3{ZxfX%=ZpK=xSF)D4E$xx~85?J*rx+s|za<u{|
zLOS24cBb+~$7QBv*_-OW$M78dxB;w8=qkc-@W(JX*K=s5F-4gkYu;NB3=LXKk>rC5
z`_1KJef06%Je0x7J8LudO|LpZeZK<|6JD=A^j(8`cY^;f0T@7q2<IFwhoq}}7oi-+
zfZYfse>qwFWD6ekkQ#se2a1@%7Zg#fr6zL3J5#ci_W#!ejIj_qOC5Nkt7&`7%*H~h
z(9TqnIz7&}*a2T7X^12&j;4^TZ)P$SI+1?sdm<MjVcepewhBw<YfQlslC~zyer-K9
zTY?=A5`z2PZ(*;y%=voZ!4BlB+8LF~rp+ogi?mSCNHUujQmGl%IWV6gHJIk=v{eSb
zWCXs#yx^a_i?Sh0F@$ib&X?zMQzwW6E7g&pAs)N1_EU}p_>CN&=ilBF=4nPNdb}sP
zN#|C}F;@T752E@mc3T!~4=!~Lnnz#MqXgDibFZl-td!6ASm>@yx^2{<*f`CWCY*tF
zl{+4V3mM3A{6vw#-EeF#-a8|5>Ogmtuu^pMA{FKLNAQp$h!1%mUFGuPG&vjKFeC1=
zT3x~-mmNCa+-bNb{zJje&wEv*xslc1wwb0Qsk=6%S(0kjYUF`e^b{HB%AS&^Qos^1
zN!UHuPO~loBZxO;NfGqt{-LF?h}OVSsh_5n8b+Rb20u@PwN?JfcFBbw1AjAH%1~nB
zoZ)Z=vZ~UsvLX8$=cyaSEo9d)mY4N*s`qcLpTt*0-=;qw=^_e)SpS_TZ)#a(DC69^
zMKbsSF(s?Oj7<NyX-G<7G}TEZocekI`Z&t$cI6em7~eZw+ltxk4Vt;{d3e>&J@Wah
z5KVVEx>3{#jAC=ENKfp2EEKl4__cDP6&{@J@kWEN^4nw0nbsQ~TNE_<)cH0calfAz
zn)h$L9n*y?r)S+A$I-%0tfPq;Y`D8y0C3Z6_x+Mo;1~NNd9i9nChr{~8zCTfIj580
zC)MhwLW~?2$j4_S>>sXOYtnBTN6v(gz10cVTLm7Lclq=4v1YY(p7k-bf|5Bqv#jyk
z%|MA6`z~E)hxzLB)xRm4R-F;}mq^>rd37C(Gdb2aauy*hbc^C?TTznFQL{G?MvTAl
zoy;7UOQBN_8Bc}PT*sdrj1m6+-4)msd?Kz^2hRtpEH64lEygRFdN6_j3^oYBI9r_$
z%~Rd<84&iAzXSKA&ys;RU;;w%lbj9x9tYp+|3xi+ArLzR9E<gp=&S1f>4;jg6p8_F
znoUU)#!MOLCxguAt+TzSfUNm3U!te=GX?D=t=MVu=MV0^PqO_*!-lCQ^~FCF!o<Li
zadU2h1e8rpKC5>Vj;&ySk_p9C-DS%liPh$IQwZ47&w757=0yx$l9&I9%jjXlE?P#0
zo+6*1YkFmsuudMQKeYMg)=oEF;77mj#aW&E*}4#~v35xF;@^YHGHV(2r(VybWB$=g
zv<hSKGO1c3bLSCr04uuzdP0#b3v0WKbwpx!xQijMs^xEaoh>ZF5s5v&<Kn`GMq7Vb
zCtL4r*#!TAy6DxJ#947BROj_&#NF=<l7ct-#i!(UQXSg_r9LYuOhMKXLv4E3_{jlR
zG%Eh517{kkGL01{d!=0LYpl>PO(nu%F8YN>;cN}DkG;@Ht(*#YJ+m&|vap`L`W9`R
zM%-k8%P3ZG0Qe2j_-hsvpgG-q0>H-Z-gs?Kz#z43W4SP$>-r><Y3d!C4LX3rGO0NE
zqpwD>gmBBp3jLP2lp<fuclS#%sR7w`AK1pO$H~O;a)+)$-WPOp>@R$z;h+Jl|2`_K
zvFDhrWqT0x!kiVW;2f*xWDuEw_by9#6Yey{=F6a!$vfS@L5fXP)7YIfgYo7+9|)f3
z(nTaA8uyuQiVCv@uH1j~{z>!}v9n$zUOfJJA(k!;Y;X6hN)};zmAV^yzL^6gqN%r2
z{Tmk6E_KE?&^`kCoclAJKx(G}%T{kz9{YknzZR0eo>BA17Jxx~7P_tW=PPm&(=h$A
zi=MF#+TFwP_h!Lfn4F%G+TCB-IEJuFr!juBO@+lH0qx|fQrnF-zh`|v4Lh6xktxzt
zjmUL4ujT#1VftaoZ610TWXN=PbYbkAQU2F4<LMWjSmQ}#A=n`m%aet&$8H)`y%pYC
z)HT16*mEwj5l#62eA^n;);9bRu2)T>p}mvzwuWWMP$#Z!SThW$gRjMt=t0$P+DA9E
z3!(yw(TU<|TlEMILoopH)00UWqAfMm40mekdN^riBO-4HPi)gD%Y&uo5Zx<2Eyv}f
zL~Gb|As8<{?M+NKO~jy-?9OZIzWMIG#Qq9q@%_w;@O@>qv{Q#RL8|i;F7BOYp?Uf$
ztXS8<9rk6zUnPuC&xRRU^PIj$n<MzdFR9DBipX-yopeAgKbVO+T4~B{ddLSJI^_Ft
z`)^jnIQ;&neFx#<El~clj!;;>clhP|)!PJXx&uS09B%+umsMDnvnwZ}O!u=o|5aa^
zZcCf^QzUe$(A5s&PrbEPOXfu}@>h(~_e4P^?Mo5f2&jC7&CT2`YTd@rvD$;Jt}spy
zXot+q(HvYkCgN3E{cW<PkzC>Ga}4+_NPq8@60<ck0GJm^#qLX4z9{R8bsqzd!QxC;
z;lEnVRWq#{=3CFENm$0q+F#;JHV@?#IGCqfdnC6}2jS$|S<+0fC+X;=e@34(N<vbF
zxlIJJ*se#gP&sGeF9MJvViThZ^P|_pa8>VXPR66jgIJ`N2^HS}3XRRh`LY<_4Qsv9
zOLS}MbVn~F>yH!s>Q<``tweeF0SN3j`7gpoGr8%$=^l@T?aV?U_p0q>*w)=cPD@V@
zv8^ZByYBvB7Zu`Feh&Nk4)}?wQMyPh<kR=udkJ=`LFLq(noKgw8{d=Z_y(z|A>d;L
z?U7^(_9-c@p^%~+(aTIIHW9YUUv<^<f{v75$_XZB?P3NK*-7X8c)9ugf#=~r9DWM+
zfc~IA$~KYlz4`px?92bMGh#bRXFhN;kt=HXx;i*DnEk0>z`uz%Vnr!MV0ev=QfMgw
ziEfC|21nIF72|>zUxkE$FE%VI-Dfgg^j}_P<G;L2EhsO;?zqgE&Y~r)CEe|>%85kt
zDf0D5(|{rf+2DBtXGoi!hafL7Ms=<eUcF!SOH3=xZaqML84$o)Ke$fXm<$M)L+L!i
zKML|v&yPg0^#$$O`j{)bk<UVMku8%zarW8NHR8%NN8{$=(p>Asa#dSFCae2R^i5-T
zeZSVDqRjx>&F8`07X~TjhdYjwUpMCEOkA42EK8pZN>zj!zlVB5kv(6Xn%t3Yo06*z
zj!jSLh;!E~iZ5w2pQ@2i6+~I&MP7Ymw?60m1;EDbOd;+^B!8;aG`wjnJ!qI%BEHOd
zY;U5i8bd8{!__SRUs^_@FHKx%GeA-)2sEoP_TRO()X}K@cPpb$slQ6FOsF$uuBqW%
z=ZU2OquU8Nb2VdBIpzec2|zvngL&>RrKYF3!twI>iu1BH1B~W#YB}32x$B!lK}Np#
z+8x4y`T4aQ{@+tJJOA635wBAqA^&K*i};m^((tD66;JYE<23@*6s{xKjjkiU-w5!;
zK&!)M|3C)UXH>M~(RQ40|H=!ZAt51P2v^85*r9S)hPr~=HuXY0mKcO@sW7B43S}JH
zrm3zcLj^{Uk3J^=)oWqf<-T}%Dp!F%evcq9GJUFaB#8I58gaHsIJF~Gyn~)6uMPgh
zJd<pEZX-F<^0O<jpyS^_6^qNTmhpl1-errA_YXqwRREa-3SCpP&)IF8gx#BXLM_@`
ztHe>38vJJwbgf#?-SZs}g?5@)O=j$$c&#b5(z<u?YAq}4&zB(YKCD87G&&N0+R_@x
ztLg;r+=AMz0tUJ59b#jPqm62@wMaz&H1qpj+D2A{CR3rEe8Y0o6L_9vj8-=@_1TX5
z#!dNNk7OX^C0cG8T+q}}-<Q(o=UDX6>HE+7T~Xib=dYryu-aF|;>6NfdSvU3hoR~M
zJh2z|OJ51<6y3mWfb`f4)|!Is=(ze<k&Q>vuAh!TUgFULdH5H97i6My0Yk~R=;)nG
zG1H*+Or-A87wf{4Lb`T(h~gE<^`Q1xL4w56B8y6i^F1slJ>@Bl(a2LI3i}*=7-`!h
z2(0$21UH`-XOYB<5s~xCi69Hq7GIf*xb;M@pFj8Dnks9ydB&<73fkqHt}`<Bv2dpJ
z8dc1J@n%-<);!Svrkj6RGuFM}VsRHj{a2Q;m56!K<6E-EqBQ;AvW&=6az<*iGM#hi
z%YS7VjDXS{vMNe|lyl|n63e)m+5X}A!&!dIk)UC;ur$BY<~BmKB^1LR`fJ@TuWdJw
zpU-;|_(+=1=p-F0+n79`@|RM}ontDpYn=ZKef74g<KxY7TOs^WNMZ~8>JD#tp?Z0>
zpM><B?(3{o+HbpZ`m_*k7gvmSJ=Gc?ghz(224m9hA|h-<jTduSyJ&x3w@dl;h<|Ay
z)yiP_MdBZVZr5t<6N@_f>2rklNysL*4j8Q#Y8LfZlQ*=&l6tiJJ!zJg(>ID9so2dz
z^nQfsT!`U>K9R{J^WFrILC9q~r)5y>vQFh70sUxi5YusNFP(x3cpL(`r;dpn{l9j3
z|8l$l7rv5#r@{gT!N9u1)m>JsdUd~RATINP`sden*ci#u++aizsY1lNpGfFYl}vy*
zo*DBxW&7yHZLHDw-8zApxLS;QTDd?M7Y1k*W{u2%@dG&mT`ZS}dsU3fKp%+@P=gEj
z6+*q_nPU#s1NxZE0;5l#KJt4&A^xRT|A;wkZiLAsY|V9K54>3T^d_#r%4#oEeJGPj
zUrE(#GfmTYG|u1BA}_BJT?#pI&r-t41u=DWkkSOZFjhyli79an#n%eR(kYf94GX}o
zLleDoKxiHzWs(Z*wB)Zb|6h0Kh12jCwuu<D*&<)g&ccQ5hH-*%Q%oN?10Ek!{+N0%
zbsxs8*Z072!F9Kd6$m|OvQtmggsZ=Af2lp(Kd1I4*Po{7fFA0@CKk_vxs3Pe1rben
z6b}0NtYdQ^^}-Gy5{$E)A2|{K=P}l2ZiKyXT|{z?CBTpad{{bM70i8GI;;J^1kB3A
zuHc5C_y0o%rsV(U1}3U%ol4xlImm3H8Xc(l*L3vgP!GCbKEfcC9k3rnCHh)w)edfb
z75ZXiH>fB~Zw=lN2Z26*hDolR7D08={0$+jyqFiMw!V<c%<zhM(sW^nYU-GVIy-eV
zn8BBOYFy#3ib0AS&5-$hy3v@^4nfEiO5q+a6qW_gBH+8CoWpQ@4QVdQs4xcA-jtUI
znTGCKk!T2DpLg~T_N%zY@SNO-!Sm-Q4sgtgX|jO!b<Szy#Vg*IYl@s)4d0nM567~g
zGSjROV7kpLE1H#F&2ZS$>4oiekMfgNpGY-}iB4WxxNMyxHbIO_29YanZs#S=Wm>9#
zrCdw-I&oX?H{}dAqn!s%R08;hB$OG3*-n(r2QkZUg(Koj7VUyi&}F%mCi%)yGwAFW
z(<=dnBNY<TO&=2AxmH<;Jis?jhdJ#gTH83P8)+I5*Ilrx%PMzLX{0rMHt+Fu+V{2j
zn)mm*cS?q5ZQHGv#({pasGNW5_^<;XdTDBptP2ho4tHu0mloqD%5@e?iRjW~J(G*7
zXfLZMdAA{lj51{p-05YY@aau~=mIU%f-SVii<2Qm*{(>r0t<r6w@=tfVu$$%zl6|Q
z%KeN(o?GG-a)~q-N}81h<cU)d5Umr56eOJ@&AKt@v0g}C4Z&ljXw${r#Z{!HMQ7xQ
z(DgYHXd<>2ssrddnL%~jeo$U!wspU82kl!~5Mj7a3)NpV?J&Qw(+uTy^aBhE6K!<$
z*+B-g|MD_Yam?XblLh#%A@ue`@l?IUJz&?=iC~B7>Hu_!yLZkxWd*-}eC!41%-<_s
zC=KMuLP@Y24GB2r5n^e$={aXK!mNvB29uz?%qZz2E$}xa+>NK1uR1_v1(cV`QMi!%
z%Z1)H`m0@&6z1H$IL1+$`!FIUvCNHz%TPsO7L75OtHL(+e&d2)BfDs8w$icN4?bs+
zz}SE)s^2Sbx(bPDk~B7m+}Kk-Cn7V@{7!x8zq}0Me|edS(GUHQB-7?2fXbGo8=OXU
zFhtOO)s|c}C-OI3sI|5igGHVFtt2*Xunwv^I)rFk;+$k1=Qr+*6F922S;o7U@CcyK
zN?*Z%qBNnXv+Ul6dW(L^w6`?b0GLc0J9(RkFSvAEyb)K&@qc-l6=TxLzqme=^yuGD
zrGJ3&9EPF>6;3Or6n`lkp}+gx=CUk3YbWiaUI_}mxkt!aFY~1fRgm<fQ!okq5^|WB
zcMAt!5sa=BMNs<Gwq3U_ZymEnG9vVQdDYqu5LoPyYn-}f-}_tm&VyiaTOT31g>=7`
zFQK!tCzAcusHn$s<k-<8qRa7=`faw+-1@_Ku@iy&<U*<V52H}Ok=RTrD}`_HJ;3-)
zj$vO^%uxuR{4Dfda8W&#lEogJ4ksim?Gu&E&{s0<PS=8hNQycHYIdaK4~BRI<~X;a
zctMh#a1wtip0K9EkXcgI#xSp4bqJQiaQH4Wk3_-2)YwI%nrR{*5q+nay@16Q>7m&x
zV$iRc5_>l1O4Q^51_hG!@ZL*HCC7bB=$L{6E3tt?hHgDlz4-BZs%C50Nd`vg1k-a|
zOrG|2q56%(MRlo;09-avVsZSCI4Ok#Y>|)X8D)t84B-k(*nJl_`Kbv;ysv-ad(~h$
zUgiv8DN(WD#b&ir;ljwPBAkmn<<x*f(nya8W3!XjipAQ@f&|f`%<GvD>}9UVcAVG0
ztdZ-*_Of?e@}osuDXIr93-D!7rGm1P83xoF0LuFDmk!w`sVJ@kk0JJN;A|G8(u9Nd
zMbhtSh<(5OUhIAmk>ijXL`Ox|jB_=HqPsUHc9N-Plw_ugZ<`qOMx46d;`dj(#ib9V
ze;4RNHtWzJK`-arrHN2<@+kLOP!wgnjo=$~v#DZpX}!nNSDYoCpoJUtwMi6nY;!Gj
zRH%azuL?5kk;BEi)kPlZ0rh1R*Lhwbl_M*Kl%$o%b#hB-2icQwo%HQCxFL6Y<GAON
z>54N<yZUKI==W+3xcqyRxnYjN5l#1CLQRzLwUC!Unv?ytVbdmu)+onz!zh5y+8o!(
z#riTjk;dBe$2T~4>uD|%&)Q22ky`Co9IK~9P73^q^H8D)X$8#|T7bkV&y%r+@NNtT
zj<M>m;Sf=Fa$&XhQZ(<LYw+BX@xO{^Duc75oXrj_hm?F1<O9P9_=O8LOwyW@p7-`J
z{D%0`9hOFGIN+>Vscee(O4}Vk;`RD(=-(<+1LZ)08Pd8^zGzPI)qc{OgqV(5l^f+3
z4~&r4Ibp0n;KT9Zc|LUoIj5?@4lo3uO$Y{AvDVm6xUo!y;RnfvDX1Q3G&+>k9JEeG
z6<eu$J%ujhOMBpqHVALNJq)qmPZX;3pI;ciAL~%DFDaWBd?SxBX3w)lMxf_|I}QzX
zwYUTIWkgH~L46sWr_SsU419e?GM7Y9U*_kPFgkh<w#OjpF(O!@K9oTqFAJx=d~hPD
zFN4UiUiw<Vg2U6qSE^h2^JLH%TX{6dn5pqp7+tnDyzEG|xI1|$$la6sN2rDYUU`7i
zK>2*kr5B@e`TV`DvJ1ypc_ZMi1Rkt3YbFKZdNF{c%x>+IUMR}6$d0+PxHKNNaF%l;
zYGThLaLO879@&<$g!<3wI0Q7Cbf{{NO?s(Bfh`w{0H`m+URcC+%-Usdn`{k_FLuTd
zE=u}~fLyj1y&0+HlQ?4UY7-YsaNU@5H>yFq0V1xtPl1+87qOMHhLmCRoAz2t4K%YO
z!;>0OGWc6ouH3DeGn~`AGY}F1%#T_#r%@=<2>e})wOLs3qOoIrpV%vMRwX7RS*fvs
zb#od0^`S?r=tW9V(RbQWHjG5zPr_<7fw^`f;%%S@fqQu_%iA}^q=Om@E3s(EYWC9o
zGeER;n9nd2Z0-^%(&%{W3>}Xhfjym0sqJ~wITh3@&6)+b81!^<z*VBA67ewY!T&+r
zJGMs_wT-qN+a24s-C@VJZ6_VuwylnB+w52!vtv7{Q+b~E?05fz{kcBXwboU$=A7dm
z1H#zVTBEyyw926@Q-d8_rq+kMp(|Y{mWC4&8z$s|L5QJ@jYz265+eZjd+nb`b{p0q
zS!U_0?&MH%B@e_9e#v%JNmO}b6jw!*fAFXa=d&D58Iuq{j{z8yhk^rh;tsSUf=x;s
zBdjbneGYwgM`k!!{_?R#1i4a)MXw(H`KWB4SQu=(=Io@s6)noPvz6|ZChzfTqiT5g
zAK%wv5YYqSq;h$Oy^Cc}fwSMWpc9*qs31-DrmWQR8{(${@rTPYGtDUKs}niy#lvH<
z;;{h>RRW6Tf05V*_DxayQ^<9Nmwq}6mFg%UG$yBree1z+*Bu!{)O)F`#F(9w-;v1}
zu^j4vhy3@gAq2^lKnCqWD*NRitm=mm@@qIkL$}o*>BRhVq*m15iC$rig*yj}(RF{#
z4sgOmTO_eX;h-5=Dr;4wq2Kq~3Y`z-(jmEfkDsfM$-@UPRHIMp<npOBQrm6d<58mG
zEGqc)8~NrPS>~q^`TITcbs%A115q;vOeJ^Gec8YQ{E>3Nxv{*58<;Q+&E@;zK2k>M
zXOplHh%`~=1~5hUxH_-)y}v<az}e_jiS?{~*Xi9aT)IHd*)HUI=bsoP4rbg%JI~^Z
z7|0JdfC{QBhS+$B*w<00Al3WD^aN?7_h5kk7uID*<ltNI4+~G00}?<S^84q#CMp0x
zfsdJ7@3znN@s~fKEJrm-04LA%$}cw7>IU%kf!SU91e|0IP$4DR$PtmiN)}3tF<sQi
z{zciR2Q?I8Lb6POZ0Agm=4Imth`j&!5a~UB7;`JW61=+ev(xT0v-v?(n|o79B>BmD
z9JbSnH};L(i<k5RD%SQ-W7yixIetjQ`ru#um{R2CU~-|{GeIxkZNY2NG#|?O0#2~|
z`~mH-vfJf?y&e76^?)F{OQ_K{pjifWa3l6xx2sl;Q|<!DmXyV(%Oc{#yH79U^BvCd
zcAM`?QT_07FQCv*VHN<~?0l*KK7<6cX{6v=F>9V*xfK`zePB<m`*~ZQMOEpL<d{uu
z3WK;^C58hb<!AZfbB^0h!9u~sp7NKxvAICAjFe9RoNk(?B_Cx%Lb%i%43^NOh$Rg(
z&*#lA486HPuw$Dwle3VUXRJw4OJv>oBA{P6=ySJq`|+vw!?hPPw1@~g@VI;DFzWi+
zLR9~;)3c_!)#u6<5VFr!$jXeTe!a?qvZn2vI(eQT9JBbZ0!C<toXLfu0eByJw%q8t
z^2(!)1XRmt&n%N#63s00f2m~*ztl29Uuqd$H6;#*mhjOP?Wy_inD7bbw+fer4(%ML
z5Yf{m!swhWNsWPLJ-yp^Ui73B&}y?$k?rbJO1n`Lu+Z2nqw{mCyJW^})jDpG4v+_f
zKhve{FZ|nd23D^+XHw}7A*8=&B$&n@`rmuKF+L6>?J1>PgcJEbnD6ubBg_<NHOmqc
z*Z3ujtJvpI6);<adO)YgonpA?sB#A4xYWC(VZg_-T7kU*Uo?rSwoY-N!qn<_|E`^s
z$G#_N_#Fht8mD<0&v<^}QYGliEc2s%jJ&(KpJ+uYnl{=81hT3>F$x$Ltzp{johIj8
zTc{7bex#!cq`nhmhUQeZX61_1l7h@dBfFJCl$1HL2wl+Pgs<mh2$U|_aus%kr+6~{
zR%b`{S1qQ=Zp>D@V@M37m1%7SsiT@=>}`)LGHLZ>CEOz=^*PgC8obx6YO&XXwwe?T
z+V}1KS{v(TI($kAB_0LNmGO$IK2d*Wds(K=$y$;XN7WII6f%XiBpZU*HiCEQ$Wj8U
zjXWnUEm@`!I!I<;k#v~=JH4eMQoZh|k`5my+8;AH#RjSTlfq1e?<G<?aV8PG;`a_W
zD(c+w{A!q@+Fx)n@cBRv4R!b(`x$pP^y<jL$jco}A?NzwI-Gio1|D>$v%Z*oP@86N
zbu<)aP)L2+jX)XvU-CE7W>H-;7Q@Vxg!{szOg5Fr$4+$sYcveZxRTVdTBzNg1J?Me
zz6^&c&sCdW*KZJ&kSHI&M*KK)Dzblp^7=EGGRvnf<5km+6zk1!tJ25G{8H=QLcyDS
zR0B<%s>=1way*W<4no!jPg22Z8RJGEp}+t$p@Z;*P7GJR@Kx0P5raEDU-w-&8|5D*
z2~1UjuSXZ%x;*ruQHd7bai1kh^}$MN+bl@CGSQLKc{o-z*OGh<0h%Bdcn7$Mo0c5;
zqU}G7{9y@klv5HYNDtg4xO}Z{Z6R*J7*@vvR$pK~n|b{zeH&&M?^t9zLmO;b1R|Dl
zy+%M;)fW696WEG@4$28h4W<ARrR)!uY_sUzgn9`_RwU<U-%99rYS@Wecv5LDmA!sw
zW#s{n1n0;<^bf7ENi2P@V4_6aiQ&CYc&O{Lr%Um@T(R>|haVmQ39{J8*Hq{JF{?yk
zg(?NPp8j;QQ3D-)ZYD{Y2i2ma>-9=;$AF_Nq7M~eqzY4Z$E?GB4fw~A^uTX=cj_V{
zLlp><yvNhcEMf}w<8;vXyG0@@T(Q}x)_)ATc~r&4+tHeaY;82Kqj3emKRW5?L<HKJ
zXBddSZV-;a&ZqY>N|{&MEDp$TOi{i&Upb8&rR``U6Zw0UTv3IHRiHU)-RA59y^6P7
zIueid*oyX{*ySdNh6&6iH;hXI6xESJ&s`9dDqcjsY9|P21Se7s*yiHG*mUMBX<#}K
zATUWb7~`z{?QTN$I}r9lwT9P?bhlgPTXFB7$Q*{mWx6v`;S(72GY!y~x5lm_wU+fy
z=!IJfr4am#;Wa^Q2k_|nuF5w|h|amIK&o5O({Vy-rimCcd?25(x#Zi35>l>WV+qI@
z{rt6ERW+(;iSdyMGJ*Qb0<)GUb?lVAM>>2ksV~4#iee@(I+<ymY09)C&@W?(ypwkC
zrnpIFRJ~x+MlGm~i|~*456@Vz*A3KW-4Yeyhwg+UICe}iib&&07U8na-t+Er?%=AS
zE>Tvvw}CQJ-@6&5oGFMDg@wU35-9B;(|?5$YO&;gEzERPq4zh`$OljFnuCDKyB~g;
zf5=K9?k2s_)vr+jSN*%b{D3o|-W9J~fWVNs^ijKGzFe5Xw{_YR&B!0BXb74<sTEmt
zj&}%W9d0;3jtV#d7d8pKBbLdVOilsimM=yfow4s~npoVEh=mfkvi*b;jKt8wLfEFW
zyRr<HiJRfI)8CX5MkvSII0&Q`DB&pCGRf!h6PT@HPtIMr(<uTsA|*W)L<mx>S!F^i
zJq=z6!+YN0cyQ+G@Q|N$U5UT#=u1})`L~t!&IArs8&yKU>v}D$8sBr|nk-~b9$&io
z^!n{Q{M9;yC^AY19JeLg@e9n5(}VR|HP0~%eoLi0ud7S&Sy6o@c9w**N*^cArEdN8
zTOdSnKxj!1r%TDi>Q1s{UkYItH}}c>!ksk%lF4_^S>BQv5_4A;C2bL0Cyo)66C)>n
z8Dw~UDgf7=Bf+||^dNvVf8;yPr|cX&E`zlyG5k__2JWDRZBabWfq4a%d1?=ON|d_@
z3PkAdgelFjG{zFIrOe*JvTf>LQ6O_eU9h6_3A@W2)<4xjJs736%5}c6LEeRsBS@$%
zPN7<XCR4}QkiVJ+!Ifj;9>K5Gam$t(cf#Y~*T?ifZ$7p-0S;zxKZ5U0agY24y<PDU
zdm?nK4J)J)=H#j+i@syAQQ20Ksv1=|65OM;D5Yx_RQWzozdYj}Q7@jw*rBG&eKSlh
zRu*(qqwoT+&|=4e|8u1ltepCBAKbqwa&{#moQGBVcuIa3$fsW<r=vXxD{?J)R~X<5
zCw~Q-MPD%}0Nzq@XrL~nR>X0Y<ETozV%aNDHO!qQTnKeuIFLXH>O;T8$4_NwF}Rx;
zSmZWzDAkAkTWIMp0RG{f{x7jDAL=Ep{{F#QbOF>#vd4LeuDp6U9YU$S*Jy{AM%<tK
z^QJf>OKZ?=J8e6BM?*&A6t&c~&`s0mWlG5TIR#I-fDs}Z=WE#gToX9_cN4mz7-+4@
z*_FuHLhpVtki51`JhnqNYj@c3RgR@b+1Upf3mbcq0BrKo+GtL+s*1q!5j)V;>=lGQ
zv~yJTgYsYMU)?2-Cbw@)PYb0)k+2i1rSf*>zYV2y`&P(no<EfFsv(0DG*@)-v1O-v
zNQ83lHtXM)vs-*PxnEkp!b^$sZ9a2HV`t|YzqfrJt61WFR;~s98(s=b@4U$2{^k5+
z;>f@=J=t!G1*hh{$C24?GCIG)qx+$CV}oYURUDNG;(V4?iYKLOHIl|#NJM7-6WPad
zV=brNK%*h#O;V0p0*vxfr3r&}au8(<5!ri#Nt%XAy`KRsv|lWWh!eMcx^tmfuV)gY
z2rA`F)6rz(bxPUq$=g?r%i4C+OV$KNZvDin!g43I8cMtK!fCu)sIf%9QQ7GCKN71d
zPM1lKo}(5v=Zb3P9F&n_2~15VT7pelo?fKj=3uL#lzzo59F^GCY$(+^;+5VA`npEH
zH*dhASDhA&_ouv~bT74(pm4$_?+d_+nR+T{QMwvQB&`eJ>v&&y35?>LUI@Mb?HyqE
zWj1JV-jtu9*0od@y*oFM8glpAr((mVIh9;7kV8~VXEK)9qC(j4c*581cM}wX!hbx$
zbk|cJM6rRHC7jZCmn5()LR1C>j7~mla$A1XgPXi4o76^-m%5nYq!vN7LH_5b1o&Um
zVlfmJF0xV59R3FDNE@u;wEX=K0arfDb)L(n0YovW8t#_{3;`*nnlwc^Ko($f<=+Hf
zWlen>(q($;<tWE-0DV$cQxWl%PIp)gj90E3lGA%DSInNvdznfG`F(cm^Hkz8M%4gu
zu}8^rXvXx8VOqWbUY!)ePPsNNS}@ic?&*mImyOLvDMvZvOgD#xZvJKGZ*N8VQN!lJ
zl|Yml+He!(<xw<M^O<!nZG%Ja?`)__lNQ1lj2rq%OjbH3IbQvL^R1|z>osGf4*cj~
z&A3CJAG^Y9_k&}nucb+G)IzjwueP#tRB&^;J*s=D%>FUIh0F<q)6Agq5N#a4Z|uAD
z=*|ZIdH%><$?^W9u%XL*oH*0Wi5<Aau1E3SqV=ThabuZHxIC8dL-!IqI#h_{011sz
za9RVVZEeJ!SX^D;-_01C98_^>?yXGFESS^t-tZkJA~9*G+f-;Mtp)N&HpSf?T~H|<
z*6r^nd}pqxe!hkn#%zw3JR?TF23fJ?6Wf;%8SCj@|Fm4TS4D5~JWZ&>19+*l!Anc~
z170c8B7$-``<SZ)6P)m<s8$|owxqc4e%^r3DO7C35N#uQykb+D(wpC6pWES|tz?vc
z8r}uFeQQeq-CUkGDgc0xKwJ?3!ege*W^=wWBRU<)Kdtx%XS>Ngg79z>@{Y>p8nxN|
zgOjljxo`#(IHoHm83p1fRu<p!6<K<D?RPrVK&4KSGQrnlyj2Vcg71c>w7=?D6v0#4
zQ--&+`40Gtoxr&Ci#DEI1ezXNxjaQIZQ`s(%}4p6K}Jgi*Me(_6MMw73ZyNjxv9?%
zu~S2^rm2hkp`Nx+O)sjcPb)%G4_${f+LO4+Y>>Qf9bEb|LMfD`Y2MQ>98T?%oq<x&
z2y?EkqOVI^-^*4Z6&Y<eWO|KGQUNL{7yDf4Z7x3RdzhAa8>H6a+a~ZBV>BEV7~;~_
z2YK$h!F_`?etzXgdAT+Hvt9*1f}{5lDB)9JEO+`Lrrg-d6#inyR>O^4&4CnIf0MpR
zn#=jhE(N3|P}t9SQnrZ{hO^Mef$|XZV?n^^w!nweXNxlSw(v#s9@Npjx57;$rl?~7
z=*P>uk2%U%7m`FVK`*KvyO=z8Z$@yjQm%&JU3alkTQlEl2yCg?zjeqe!=(l*)+I^&
zckCiP5<i`$<q%h7I04L-R^E2mHWRow-QjjO1lvpaEf&@oZsv3yz8b}@4v~^5-XM(y
z%I|D2pZ68glXa6CpiTlxy*KiLVI~zzzUnSL#aV7*7rON|lMP#jJ2z%2C|b+9Z;>S{
zM~XigsAk&x1$WSgk;FLIlXQ@$7|CU-W3HH`VQ7P#M!ea~|3=Xg*<_<Hg5V<KlA?<V
zVm2Z$mmO$NCt!+!8^@P%=ih5)n^;N;rcvni>D)0$w`=LQM=!-0OcH<S)vAv!gt~ZY
zU|4Jk-UJO~@-n_KT%CwH8u~*YmOIGPFS>{Amz*8r+D>!!UVOqYDMzV&Yz+WQ6eP6h
z?KnoF>4(mJ#2aPcin3pwrLwQil6$bM4CHqlzrQ%iKL#bm|H9#X-zAe96>q_8Q@m@h
z;)59feXYoun6rTuLTdRV_rul6^Ye27$$l%>*VFBN;a{4Wi2ME1d8?n`$Hsu!7^C6P
z{z$sG^~c8WY;Sg6c8_NZYvh7NJV)POastu0XlSxN3Oh6@Cuyu>76Nr#V0=3~Ezx&0
z{bzsY3|q4pL*B5?nbw)*PMIx(aYJH5qC24MtF#pI{!iYB&==b123T5B;NZv1^p2ID
zZ$;D`RDTO^pxbBw$tu(QW@-@9C}cvZiI_p)GR{5*aaSdPM!5QX`*HJ<C%>J=hI^DM
z7ejFH*wQ}Wz%otZ<ls<O=R<o^QGqY4C&K%!rl)aG_e#mW7yk6|=;9d>2h0APVej3Y
zdN~W9zB|>(H-$hArPA}V%IN2&yIy7bSi4=(Neja=(8ze`dPn&D1H+?iz+VkY4sD6w
z5Y408CVxqD`Sec?o;|7;%|bf*7>+7ifR1!jneD{pNK+Y>Z1k3+Mb>A1168yyeUyI-
zNL(Sfsj=_yXV21~mKvRl-IOkgt{ToV?v~W)x|##Mo3G503ryxl)}Tt<{--tw@q9J)
zJRrWJqprgG`rjSnb$cEF(_??{e^Hp5UZ{`KS9zq{_AJ0k*B}!dw#8kPUXFn1v;98G
z8w;V)L(V&);Pc9DB%nS}kFy6;pZ}m4<c5MokKW=LAG}K|f8C{NC-LH)A3|P0fI|&2
zhpo3u`n(u+9j#;h7Hc9V7~M*_AIQUKhjz+q7>W>mVkX3J5&`I||CfZh*^~VAN}nwn
z^J96hMVV{mPVEkm=qBgOY63qs%%mKiUy04M&T|D5a=r*sH$Dn)92#owTd{t+x8nk@
z(G=byP%^W8`m<{vvwj~%q)U2l8#BgU`Tg}Lf=;F9{?-03@g}+mEmquW!p77}8U3dy
zjmG)K*BgijUs_R2I%R=R1sQFabxq<29wFU!A@%f*ZvLT}v1ZMPIyCH0y6FQSMH5pD
zvvL0}!G49W#u5dk&Dlg%w)3HBYnJyFB>)D4jHmT~Ntn4iU}fnY$UDAu1IkJYtOdX<
zi_04$gEAlAnP@E_QF=Cc@)CfJC4;ZVk}pKdLLzfR3gBct=b&{P*jOU-Xc{Z<n`ICx
z#ygRs?%OMT;z7wUa5V#~rS8crYqx-{nfPYOF4RI~w?8Xh{O=^ALXpQ^OebyeHpOwz
zV=x@IbVUdi_vHtK9k0nIK~J_qv1h$PhgHK4wkUmGVu!J-$<_jz`#_bIb?eN{DK3@W
zLKQECnfvgtQ`&j*8o*d{y(cp^fS=ViPivA^KwK==qJJ#$fHMn))E9HMNeco-)87r9
z+bBfggUpP)S|w74SisMec@R9G+I)-#1}-t1=G_I}NmKLL{gv<aSnigvZZy9*x9sLJ
zM69U~woUZ&><RJgc6+z~uJj%F+O46cEw+*I!pM%xC7P-?X17KC4PtOa=*^t0MOwLV
zkw7vTqW?pXCxkyO_5UZ9?6MA4swcb|GOuHVf)jPiOB}r)#s4x)SzyP7kEu~nY*IHy
zp`OM@9js^{_$}>Ju<fRmG3QRrnY~FDOMEu{%$=KM9!#D#nt~POy;olXPgM&L-NvZU
zIU0Ylrb~bx#$BkFpCO{;L7|M#{#OVTbr&`Pi#D+h!p)Uxns<h0sWle~N(=lx1Ut@x
zpLvZsTOe-7fbK!PBmkkn3vgoZ4#>pt_<qnUgIFIPf5w53+AUpe+q%Cqf6zs9!R`gO
zT~Vq?^i+UrBr8HD$p%_iA#7uX0(CZuYAVAPrV*!&QLKtL8cP-5={Oi0;^)Ji&08n9
zFyG(mpZsF(uH-FPVn!|1{yZFMxPI#M)gA-R2_N+MasXk^HVKXSbd~`r7Y=T7We(g?
zXk`<bP`j#3B~xyqhkBu6k64CinPkCv_DyF)|J>t%%h$wnrf_`IjZeJz42I-CEa}tB
zgLu&haV*@AUS5Ialo_RyaUl}!kOA*SxAzsyJcfy?{22`HfClOVMoLVwNVuct{kHP~
zKNRoL-uIt#A%F=+ihTw^+<TI4sV@H?Q)H)DD3G<8nprz1^Oausnrz+P>{~x`F+NvU
zz``1dA50`y7W3`V1GV#e*Vw1r;QY;gIHazPo{68^yETRx%7wt|uHJ6r$cvyLzwgIF
zxnRt4j`7XQw&1zoc5NPD>#p<-_-9HxW^XIjna(<J;*H(_m{{`t5W*1oYy*@34!L>B
z#X#98t*~u^V7OKm)Le^AkDYP2)Ul`#r<I~MqL4@wGexr0C0q3Dl$w~YM1oiAw(Yo;
z&owa?_Bwz8N*mroM|BZPsW*eIr|#5a=TnB5eg=z^+ysML#R0GMfMX)O4+?tUf-NZ~
z>Chu_FD;@w?=;^RBp*8t6{Tga3u!gGsl)zcg7Qah+D}++Msi9bzD{PH|CghaX#g8=
z7?4;Jhj3Sx1YrPX8(r5vyWD840<`6dtJgs`1)Q2D&r+g3DKTq@CSvjj2I#TRPt8OV
zP7RWrlI+cffc=DCQ`ST!>mJl^)bZq<+y%1vG_;tv4CSlfR2;d}QW!r~0uhm%UCRU?
zA9&k|=?5*!Mq;@$WCKYGsbk0zeqjuP6~h>VvFTVI=l_}YfE<+oo7)z=_41v);>>T$
z)K$9wNvn}MMROB3EN3Poux0uUHs)DXauAh4gC*HMGn6)eSudP$nF1cYxR4_LjEg8B
zT8@~+G(y8j4zA81T&iPX2bNY#33B<eKn8<fr$NWpr~!Bc-!_oe7=1n@@F1q?#$rR^
zhwX}Y+%44hP6XSdtl(HeI(-W|d@ugK3OoN|fXAi?+LP^u=`<X|&m%g9+OuzCo1pI^
z_C7TP__e+5cjJe5TnHbT2*4|i$$J_LYosGl`b})U=Mex|k*P^BA-s&x$X4tz-odg}
znPr|p3Ahg4TN3*HFL6HkyGy3-0<>gs(U3o|vJ`X0H5v`B6O&1PNU*kvE;Vm6H}C3J
z08O3mqoTl}cvRgsa)p9+DteiKT?C;uc5<8zyg-wci&9jRNr3WDP?r3ma4gmr7*<_z
ziaZsR{Z&~yps}7xkqA8*gY%pwA2g}KNga+x^f~tXJnID-U@k8^tBQj*b&tJnOA7fS
z*Bf;Nax1?gO9TyB{t5o|bkPAUH#HK+Iw(u^0;xF>$}F%o+&nM%li0$-Fbv3HgmhZ9
zSBnJ%2_78Et6Aoa!qiI~G$~rl{)11r-^~vYL~0}_3PMf7^cIqhljWHZ<~8HVoKY#*
zB-;D(G1hinzNY~zO9e^+fCMCpKjFbnnkMROAwztNQ;WpAri~7PWBAjsWrc9YJ1H<-
zFeN)SxD03bAPzKRj&17N0|W)8CvM)c)FHIQ0?aHW<c5cIT}rNC{x)$3(9Y?<;VTm4
z%l0_lHTKTtaChubv6<{lhe-^-_uAjl9Ueec0hM5B*ucyZGVR_svWR?qI1j^636luN
z@d#g3GE$${-|r!?M)1OMw}evh*Rkp&=EEc^)vOl%|B7dZVo4pX|As|DIK|ujoPbVC
zW{s7=_Rw+*1mie7z?)+UPnuY!s;%B~Zswl2sDd3mEA6B1CVo^cgw8%5?^@p}grBFP
zA_-j?ib%({z_4eh7YNW8t|KEkkGGk+5~Gq7m!4r6j!{c<80O(3qUxQP9<tj1=CA1Q
z69pjeMxUYQPC|><zRhf?3*YVMZYM9z3$n~ra60>o8s``O+^hZphXbE7#7x!-USq3z
zraDoT_8k>3-$k0#iFSxG{@@uaG)X%)(6m9B9<p#Mw!XBA<i;u21udUd51N>20$xn=
z^h%VW{t9Xvo7Jb592;@&^RCD~tgTpl+8HMK6@-p?Z*KwWJ{4ZqjY{F8v5cn)d8u|d
zwK~+wt7;i}WH&4?ZwcXqbaRrd^IQ&WhM}Xj(E$=Eifd?-DDK0uNfm*n=^rE961oUt
z+6L{As<J-J4xM$$2qQ%`Ftb!cAZE1*3d}4m+R(5La8k{Zl*~4v3W$P36%z;QQ2|J8
zRV7jPDdL@kEG*WLP(VlA4zOl_am)vp2y5)<WLxtq21^8FgQ<ektYMI?DQBPrAF}CC
zv{%S>EsRKM?239nBNQ2f)AV>(F=&fnj4u=vN*^3Kk07w<rOpzqj%u88ke0$SV|VS{
zC-|In#$rHV#+vm(!)A(q=j$1mgqVK_hu0Ra49)MFPXw1tjTI^g%0d9I<Y%xANrnq&
zW<5|W7CH$(AhRPL>RqKX1?NIZ24<E7)K{8-nWbHOeefBaz6|pgBZ=}=svlZM9o|?6
z4)i9Z)j?JREQpEjVN_~nxp_1fnJ}>2Y?=SIWGsYYlES?bW*L&wWlvka$1RxfMT$t0
z3t(0|Xc@dV7DvCB7ETL;Mn&g!vPBh#llpSXfDth{LnaOppL1k3*^ggu9EWW$uMj&C
z-!_+}uSQ0bYEv0f;+EqIhiGPMYA*6W9!9x~L)C&zX&t*`d%x^8o++eyJrD<2-T4GU
zqq~J=Vj{3Fg2s&*>$JA;u$t5A??N2HCq^e4OtoT2g1bqZ!yeyjDKybQFHZ(1fXp5$
z{EZ^ALrkd-k|#<jgZ-XD7Sgq38A&2T8i8`WRFWfdeQ}n4$Cn`-DcJ%StyBei`5JP!
zLYw0J!*}clq^|-O#_xnfrf%R$mPFXuJraRBGG2lYIaXvAio#ji(u3tuDDDatZ%{fC
z%^G^#AwYakvE-hhMrg@en2@cv8jyYvtQs|7<WjB7=!$+nt>H{8{?%C$B}G*UvBoJ_
zIb-;v899X*B0zp_V<Ym0!74Y9M29NVl~0V*eUupdJDT#!^$%D{e|8i`s1GqwktR17
zIpI>y+f@Pr91%#q7WUYXR2|5z)kLF(vI_$IE#i3k8Q%j#h##j=Isi|_kp9QJ`$_u~
z?1YCL`?KqRJ4<V2W{PohCnTO!0x;q*j+l-OVgp)1sF?rlEb&mXATa!CXvv>l>70Ky
zx&(HX;=Vdds=}=FrjW2i161Ps<41M*14#;c8WL_8+as`)q9e?@I$f%@oswJyyGy7n
zn3g9BABzNJ#B<h;l<-P3$V8{A*XV6%#{0``Slk+&V|9tPnMgR!1+0_C6Te?g80gH1
zP3fqPNW2Kh>JL2KrR2mWc)95;!qS|T-5*i{V6iZxVW-=2S4cu&>1Qd})t#ehCQ<b(
zkPRx<WZHKa5S|^^LpN(dizPVLA&aD}Uc-q_ZHlVX;e9dNswn;(^ern{8TrKU889WO
zNGx@_T3Ufmgre;y!Kp}-@<b{#G@gxcl$YcS1@|~{fzP)RH;B>*Z76J91we20#GqU!
z(VN{>V^yN_?u@;j1qTie8%WQ?HZ&mQhsdr0GfS;X`b*5z`L%1~;QAD4$gPY|@^#2N
z=7Gc1aLHH{b@F5)xc5a2Sy}j(327&M!xCKB<hZnrvh)dp+ga?9ao`ZcqwuXJ&%4G5
z9@8C$CFtYd2;Ex^!`88jkot(Iw>(qDn<V<AjB#RT8p_Q6n^{7bH;A^`$Sz!H*-dRQ
zok$hP(o=Hq3G_)7G3n!jStW=-KNN~4(PJ`e4PC0_8GsF|h)_-Hzh6%yos1ekEORoB
zPf*afLOlqS0z*yCG(%|<x`DOTALJ1E3sg{VNdsxtlw*a}q-5FzvKuxGLrnC986xKC
zPaBb}b{z+oPy2eEPf|Qv@K&RD5n5AYKGJ<yc&KwTyOIEq=L4#v-EuPSiabns8ln9-
zLm@O@HP+ioE8eBYuE<uY5hTlBHp6ps@(G(K3dC*s2kpvJKi7-(9`zn+^8ea0qWpMM
z<4C$~vMnZn*0h^G(7|;Kss0=BQ!D!1;sA?l`V=i?;^PM?pB@E@j^;eMiVqv6%LK#{
zleDHL_>OhJifQ!uP6|?|)lJts_)M~8ws_T~K|CUn_OropKbvChP=>tk7%UlNLEI|Q
zMkQo78O+3|1Fa%WyBilRteo65^rWqLjiZD~R<cl&|20YDt5kDvA7d;nkNRb>W&E92
z>@2KeAlF~L;WETC@W?>ZjLDI2*!9ohB@=h-lce~Rq?^FVQa03tX?{K<RROh5>UX`}
zpRCBx&wnK2gZkC!;G9uhAHm;O^*#RH@<q&jOGHPZ_ZA|HZG01$fpUm%?;9D`I>?gk
zf8b@%+SHqSp^qHgF5<%zenu7O?}<pFf{%oDWrCL0s?*Kmnt}Muv!@E>Y)^EginQEc
z{R2us6!8aia0#Ud!z}>1|4Ke@_y(Xu%-BFyFf31$iN1*z{#P^gy8cn~@$>lPqz(hn
z>sJT3|2+PGE`)jad;E0mwl$VS9u;J)Da3RcN&E>eHlAqwxqp7TIuYS&^V4sfJA+Ta
zmkik=GW^Fkp`b($x>?rkC)mfwBPm~b^#|HNJ5i#O<9IhBMj$b#r>B>vr=HF5?{G!<
zToZfV*U^o55_Ht>t7v7su9fQ3usnT9Fsk{vnZGX#C{Mg-ul)9*^?YNdw*epBp9`L!
zD>)zCVIO{sy|K5bgXJNlJv~S&2ZS0szWnZY9lR5hk{XWxwan1s{03TPU?;&5o@8aQ
z+$AcwZu{<Bp5hG@w}6%z_9<G@Y*9~=iYU1;Xe$DmJJg~NLjA)za(Zqjy-{-Q*@w}e
z`V>-w?h<(yS66};SAu?9+a90Z=Dd;OhFGDU8@sJubDxbUA1&JpKEL#yI&0s&a#yZr
zMBQ}yjVo15?CCX#8-GSx7t5*3LOU@C6`&;yJN@wP&28>{tX^pcY=o`c@aX@8-1~Lu
z00q)@^+W)wyLF}u?&+PSo{Z3i`0w^6b%AaWB#5%}Z?g7@PECp@vGGDgTO{rRFej!e
zxVnbeqD>@)v~0)8V7}>;38Sr|7dROYBkg7Ub3c1-isy210O$fH%xC0p2HSInF)qFG
z!q=RD3#DQqm8P5o`DcH1ei4qjrvRjDG~Q2VM||fQGdX~Cjfa#*vk0zUUtM*;EW`c*
zU14?w)z&?buDMz2MW<6Bz_wYsw}m`m8IU>)=8JOTopsI2dav4*hgAT#sw!XPaE_Lg
z?lk9ZH4+yUa!QcyXcVVZpBzOu$O{CuuG=xti0h<vc}~kXpwM1dM>d)rV9BoAi4N$@
zz{%=YTvTwX%ibYrb&@b*`MHp@%xx&q9mRsjg1!N>#+;rV2eQ+F;ie5?shYOY;u3L(
zXIIe3c;#YEIret$5t-DsT)TTm!+yiQk?P<(t@(S~g1(v(SZ&(g^g~3B6F13(35yo3
z^YRdnNO<?Y?I;OMQI^i!DvQ*{5-7`NMyHFmh}te!lNTB2i)GV8q|P{C=E<Na3a#a5
zVX9U|SFAHrNp(dKACjJ+X$h(P<S|qU_9jOkFR_GOQgR@Ki70FQ^JJKuwql4K)Rd3D
zoC^AWlI~a2rHWGZjCW2_#*m7&PVl9eVQ3}DhMwsEuVRMZfJtlZ(B!n-Ig*eC|CXjS
z)ld!+NY*IWR9-v7ocpy055N3bM1Hv;no8?}N=#ct8>s4>Uhlg)s=^t$f1>uY$5G`z
z19$yqH&K|!SBb5ab}xxP^IV~Io^eX=)kVq^`>z@AKVVI!<59G65ONw+QWulU7z~0j
z1ti#{2JHO~S%S&>d!ayp^<Rrju@vMzczMBH$({Rq+C;IfufP)j(mNNF9x$*($onn;
zb)XiT9#u~2-IOR3rsE^~nvZq@3cG2=m0GzmK>fou;htns3^Dr9R)x{u>Y+!>=`%^d
zrIOj7Th4OJyI$LYF`Rd7G6M+KghjYwDfeg;0KpoUK_>i_Z#51sD5G#!VT`gwEaztT
zy$L-MlB`ILy1lAgpULE=VzIg8c(f=?11f2C`X+e;zob8^KZ@a-KEVkja&?CESCL>I
zC?2fF^7!R9p$=a>+~mpRB43k%U`_ddz#7*c@jS9wAXu}?Ea~zf)}3^{+SuK;b9A-)
zTCan2-jK;P&BBF|(>+&86l~$U!7duT{^$P|%v=e&i?;8NG5jCF4EL8{CRlY>Y%nx`
z`%5s>t^c+PB`oT}yzlLgKYitqc#Vr0(`m^<H|VsCFSlj`oeB{Enr{A@+fg@mCYq?~
zZT4L4d;pDzndoEWxtL`qPNV6eaujX(I%#d_Tn$UqwVlYQ(n{*9cM5}sVKLbr%}VNs
zT~z`EYw#e5Bj&wvCi#J2jbtrxU~94Zw|B0%&a2zYxc7Ht9w1nQP>Swu8ig_H5e@dj
z+*_jF^!F81&)&T>#7hrLKSXl~n?~GK83ikhTV7{I4uP?o%oyE#JswU}ktx2l1lge6
z-@Hq60r>!<+?{j8j61<HkNaQnXzlwNgq0_?@KGtB3*-QbAb^P+&0I)a3ac9Hh(&jt
zu!ME|a^k>9hr46H=#Lpksj$vDl7#@#MlRG-E5wRxh7wHeS76EAS#eU-(MD4o`s#Aq
z&ad+VrQ!P>>NMUtTzBmAIPbIz3uaevCdLRk_bTjHVaW+tSXv*htHYTOgZddScxx~A
zRyzaY!%<=>B#ogmOrm@Z`gXPOkpo;Cx-ULIgFc=FeDO1mM}m0p_dx&X3C${kPsp(y
zG-+1MnnYyTYs~hdf6EBldT(7J?j_UA)@OB!1d=rdp7MMzDwbbl&AtY$Y(K#S60yS<
zSu?pW8_G6aJ8ZlVpi+Dz>FkReSA3czW{e}RY#BR-%}(qo?};ay)CY9TbOOm5#+8yR
z_}<fiBR`^^L!=W6(ITrK@2xN8Kl}w#wIV=nko@vO%k7ncUV0!|lWyF^(KAH}kv98r
z^(q9gbla#^)nlRwh47Q5v0UDF2yKD|)3z@1@%=`xxoT)f`czeUFLD%rw8)f1L_pox
zteQ7KwVQ9nh@e+ydfFh_vLF=z4L|u-<l2!T3Whi9zKy1(=O1z1Awy$DQnL#;8souR
zjGm8`1=A*Ep43+3DW%H<zL+jN*h8IZI4D+K6;dGZpUP6Fngsrxv1&BytX|ZFSXaR{
z=-|AB8RNm7`9jy})VAT`Rk9n9tcmi#jxHu1td(63tpUH4OKnnW|7HPt3ilHyzN@O7
zTm_0s8D~w(#Uuy`NY<PJ$(pt4qmnZw3-54S_>rsD)|5L+^Q~t&tlA#Keoi_A^|_s_
zRX2>1hRA5U<xDoI0HL4>b{-?f5}acpUc<BhRF>lYQ(5YWy!R~3f|H^2XOfyPU&)eY
z^b(z@!GVW8X_elip7e1I8R(8$-+mhsV0XPZY^}n@7>50|w~nI)PfRo&1i3!F*)1*8
zQikY7xY#h+&mdAIZo8$uP@z_{;N#5|<;)Q>#83wpMY;|3qE+GHS`b_i6$%F%yOo$K
zO>CYFsTu~wvY502d^$H0T=t-{Nk5fCF?5uV94lQrJA_S4v3xcJtFpq_gG)?H@gs|>
zBfLB9+R^v^)<!GxXqw^v!en0e#}fT1_75h69XPiYgn9BrrfqRdX^dqXmEZjCU423|
zfvNKyI=nV5NbkRv8P{JA7Mni&sGKcD8VW$mjP$~^=wy!p&8jST*2gQcMxf7L6kqeF
zl74}fyxj%Dk10W3xc#=`=$xFFEa`x97ZClt=e-Y2RK~C`v_?M{OLn4%$WZZm&9Tec
zbweP_`=xd2cwh~P)_DD)I8Zg4dc9<DHUn{*#mR-56w)v}q8s>YcR5v))kqoTJSV9*
zjc0(T0u#P%ag>BG+B$Q2Ix4lY1oA5V>dtE5`*EF|zgS?#_ZJz0n41^$N_u6=P6s-a
zT>II)LAsu;ZeR9ndC$ZHI>4qc&>pNYKd>RjHHF26Av3IfZOlG5r|0fkmkkR+CDvSW
ztmY=8^YiiLJ==YG{nhPsY&W}Ud2ZEm2O|bb`wd9e<S06q=sVYnR{rZ+(y%{KZ!{XV
zv^-MLF5n%Ek)+o(8LxJ^XZ&~0fVGTTfuhgzvl^}}xHTPW?I3<%fAo9XT5o4BVA;7&
z=l_s3ejy~Ctu271cO?zXc}8w95zHaKEB=kj4M6V2m5tyk;Bp`8Oz|JZ(W+b^_qv|q
zx}V%Nq=lRd-9y)2!<K2{@K<H&fuad^zYZ3PfEeqtt7#$*d2y?c@*?d)h1$?gBGts(
zEvfX~OQMY}-Tt;JrRgHEPU2JRXdw_`>}^zo@81p7#%7RU-0w<jVk<VGB3doPwQt#$
z+k&|)Rz5H#NYPK4LT8$35Ce32`Md2Q9pK`*hZ*-yFE0n|gr$skRj(sETW^?6w}MUB
zNIDsRiwO`sj&Jqb(j8hix(A)!r4xrGU2jy?O>^hbc=q@wn>ozC6A(}HH?z#xzy|0V
zJrMu!V)y@TXDWqkWMW^IRAgA^D4UmAjKkxWnXj7Aah7~5)NB)W$e|A>_N*&J7U%#e
zzdDkgV#)Dy@<nw_LV~^sCPVPtU^ql^pQJJy?g)JC_tdZnJ52(hU5$yB>bVuu)G4L-
ze!!)dt;;Z_lHAYL<$d1H#rs}Lkg9YI<Sk=PiHk-~nTIG&{&^wD=CLgoqTuE;b~Fdx
zqHMb6#JPX8IsGfMlmL^L`t~kP;GKE&)_nMtS%Q@sWJ13UlT71ORs*pm*jK)uOCjdh
zWsz(ESyL<EOS<0oKfk)Txbz5)#>!>3234PD`lOaNr}RK9pgXz!eGDXP;0$zcu}HI*
zIr5AcIu4l8HH!!*p;)Tf{k|pSvVAJ@B^oXpvI~UHA2NBZ<GiHKua^C+SkN}+OOyd~
z^nBH#3^8K?N@m=yV)1iP<ba6Ekhqr1AsYeD0ibyka0D!hCj-nodv!Yjz#WCxs{^1j
zZX3882odWCqBXawtk}#@{$a%^G4@tnL(<r526iFr1ciu|fL91C;l-^&!l<q)3vQww
z2Xv*<bE#t1B0{{Mv7`ws^?Ya7?g>H=1T6P7IK4d=3Qs7-#iidYWxfM8Gvl`__SKN3
zJCJ#xOO$A%<f~3<mfuQVC*~|;Y#avbjai~^xbPitjV=2(!Fd6`HqBkczg96C)S4vV
zYEox!8%{Fq7M<(aaT$IrlWW}SXEP@kECC}+#U@LPlI))-f+z?Va8nyg_O&r7<U^w2
zb=<in)LZ?<rjUZ=-E0RG!v$&}D@0L|+qOSkAxLSWtwii&K%xEjIgbzwz<Gd<nNL2T
zV<rR>M;~9Pn7|@0>Gi3w{H0kT9HNA?1}1!cdhm7t+UzRP&h6eSyW72q*lO8U>#9%j
zH!uAHW*kSXyzlFi{;aQnN4I6aTh*6irqK&grRy@(QOBuGFsExHJB$SYNjA?Qh^ogX
zCcg#*Yldj#s|LNpRA5_U^S>HPYCUiUF%_|jS><x4C-T@ACAWuN^)pLBTqoSE-5X=J
zd*s?KYo<yrwfWQ4bK1ov%)F2((rMdNdVfh4hN~5;HYvYzQ1^Jw6{#*7(?MVps`uW^
z=KGseJi4X1wCprqlK=9H{H2TGgCC;1H5K@W<#L@gQ#V5!zde8T7!u%56-hYZZA8&d
zl&&vTriD8T1Zye>tR_HJ%>PEv64?R48Wdb)%rCI!xDf#a=$N56@F3_vAp?@D9B{sz
z#e}p;4EZ%4S?2Fr_V^>G<R?xNeqLUka;5B>{|q%8?tBM1VXbGn4m#fl?Xr_0BY};j
z<HdR$`}$3n5AULC?7I!SSp|Koxr$zXx0)4MiAoZ6k?8PSBS<zA>lC8%A;_q&#*!F|
zSXy2ExIf8$9Ii3>AB$`>Kys)ln_L4N&@q!;HZ1cW#|+kD%;b#yk6lrm_@8-t1i4+j
zZ@VWCyK5UkoMCxc2*f8>bEST~@4xJTikWXW`5+4x)!R9r_jluygTRL=E{PHK8-eRd
z0<-JCikaRB@^<2A=M08kj%Z7)Bs=lfEO9~DZPku)1SdzvBMo&N`5<vyAM6~}WYyv~
zB<uOQh1moBPqC>%Btw!teh`G;3wH(Mqs1gXlw&yE>%<ccHc{U=Bw3**|3sJ@Cv;E2
zjos%<*9bAB|9r^hGT7hk3`*)H=wV&4QQ;D>@)okQ%Os5+N#diB&lAYm=t2Jlbj&c<
zCg3Bh&;E5^5d=DBg1;Oyo?!@)oMxDozIE}Z(@6OG^u_Ni`dngkUfbNmu^qQvYRn1F
zo8oh}x>XO6sZkF{f(}0rJ;scFOp=yjF5x=@!5W=1AXsy|+Rdjy`Jht5OqtlMIw$J%
zTU*pt$qs74ao9rXJ~dzWDekwJVUsmCcoVzEcXAr*M%qWW?8p|?!&3%=@w@*-mJF>G
zkt(GwQ&k;3hJH)_$=(9(c;z|jC5I-N{)#Ns*TPL^LK6A{z<WD4{1OCPyZ{XMfK8v*
zd&^CLn_DZu0MH$`eR1A<gdM6mw!<OFczQ4J*AG|dJjy2AHTykp`(*`X7|@)pw<3V4
z|M##t;D(1!58vb&jH`>MPOG(bC-C1pDYv|@j}_eokEK9Y%vG_|I+|P3ut2i4Bkf{E
zU~?OKi+^X7_7_=0nGmx=2ABqtH4>j*k5zgAd%(Y-cQ?V_S`vWdQ*Y?c?N^OQ9KHvP
zYn%DKvM|fs@6!5f)-~N5>|E2$V68q!;jKT0*+-YpTJCGsAil_&3#B6qx9!U>vgVFS
zxBtNwVwS!1`>XjcoyO`Lw|X8@O$>LSV@B;slUAjqw$r1Edu8$T6XM}2^_oG$<>gtK
z*_Pbm_;=Sz#F8r3*;i$$^Q*E%kHnj>J3A+ni)pHNsF;g5)|qzlRauHP4YSQ-p*+^{
zT)m*#?ws@sM1c9mAmotnzT&4A1z6qO+Vp)S0&I?6+1(Jj;&hl{Ns!9sDB~?!Glt(L
z9_{RIRNi4{C^*5mHWK0QV;b<%W0PvX#MNv{3ixQj&q~~$#EbY%h7l<ty8Qlb;CREE
z6E4HV+bGluL~Dw<ZDDJqK>n!+wIJJF7?LXex|dj@!tWyLk+*u8c;4eS8j^3QWRi{c
z&JS$K0{&Wqt`$f;>}dccGucexS_0(1Mr_8qN*RfRHJ6s{F7}5x75<iJy2;#M2SyzV
ztd-pY25+l;*s>rWz9chrj9l>2u@(hmfd`ytD5RgrhFaBu!E}9{(RlU2mA;vEky<Gv
zY1gy*T2o9Y|E(-#la)paWQ{m!YCXF@`#fw{9|{^I7>ack&UkUs>|@aHfWFlBcI(Fh
zd|Enzs-b^+zW9z3x+*55zp>XO?%tiWko|H!{!sQ9s^7ib?7n4Xnc$iXA^s&G6vCIS
z?1Ak0$}G*>C%t>NOdS`&Zhs?TSW{z<3EC%h>|iP~Wg#KaE;w;1nvkb0<7G(HcN+tg
z?V7UhhLwTHA6YnmkSmep*(UtFHy!|1mi#RZn}qz-WeqGaC|;Ws4q5bby9WLvndyWc
zV?Ge2G<r%f)=hq-)J(<@z?oOnt8jHqY5rDXx4YV-WYrP2&HsKm1AtQ-W8HCm_w(}W
z><8r839kBG9zKyj187`7Vm-dtn*KOq(jMEVD|WiibYBdj*a0%~&rat5W|oeVh0OP_
zVS$;YzIfnw`29bU83BHb|B=i@vBXiuaJxO)j&L7u>wA5w{{{4?mn0pKOiFin6GlA(
zw(R%;$1|TZmxG_Zar$9+VX9)%RW@O)QBonhY?1{u)+pj>yAY-Ulr&E)bPc1>xC?CL
z-hM@Tl;aF75|RsbQZ-aulDM;jbdNk_MVJ~&ZbklNQf%VeCxCWr1KodoL5$o|#reR@
z5>RS;3LG1lkUsr2CjBLudAv;?k{s{aAu0E~))(D|3k6Vl0W(Vm-gEn3nWf6AQV@i}
zaA!V;vBzBS^N#CW@WJbOFH{w@&#NvOhAv9L?ys@!0haO7XuNJ76Fr6G7kjpfE}{s_
z)xjfEpkhy_o+{4rs?z?F+?VzekTe*iZjTrw*(F7I_XL>n^>Zt20ldvV63hU+UVh;W
zck^HUSO!ly)*h?N?Dc-v1F|)BAjGgidRHXnBMZbj|6yw^(5&@YwU}Ax&;N(55m!%S
zikki(wk9{>4-HD}sMn6iPpU|k+a7_s_OVDY{gmWKhLO!c)~?(G?{1zlS%sApwkiuW
zPAuE+W;8e^GD)a-_XMno5s5qA@fK;J9mPv+LSg=R@lUbVInG$_UYF<<9_kn%n^kM_
zW0Po!OsFMvX`b@B**ca)(?di$5{VN(!zGIi*^U|u&th0r>9ke*5c#gmeU-@#L(^vI
z3ZD~za1E7Yg#r++*^a#h9!u1V@=SAenu66z`%agV70q~)`zujNyWWLxgjQ7PjNvLV
z!zkGB<*Cs{l#AknI&)Y!pqy~EJ8OyEv<K!~n{psdrkk;)M%g$E2-LBGa2O0SUf`j>
z){hzDT9Uo;&IVo>@SbqiwPhnxuNR>+z<H+Jj~Y=bQv|tT=L;MAs?3)Kf~96prkC82
zOPnzbAsM4Z!W!wKjj5t0DtMM6Cp3t{*XNU4Fo}|HO1ej&(^G@lKDEnW`1BaGd5<0}
zOhC5{jA@E<B>F=ZR`GJ%Q}}Uj-*>r<3>@MrUgso6^5a{lV$zgw?ro^i<vfju11&R^
zn)VFp*>A%XC=H@J9yy3Fnn25p?5qAmP)@hsL)QWg9qlL2I8JTr*xNoI#jTV`teAU%
z_{0ny+A+$Rm<PsOp%MSTt0mgoHd??*WYh|UUS?>rS#fdFd*n!)D3>HWA7X4A=q#@R
z*}+PgrIu|1rTh@NC6B#@eC`hvC8D>oVw<W(ZONEzQu4*vza+}y(u?tPaS$;yI_wbi
zKRvjG2o^&!r9gvt7(p?-w>(w(p&p3z3-W7tkJXoh^+~W3i>Usgr@=2|SZSmvdlI+<
z9`XPyZ@GLPw;Z)6JL70qUQQ;u1Y#GO41}}av1Ay7vd(!-$V}+sP&G2#)l67@QI>iH
zVlyOJSYT_pxL>e=fQ=LkB62^{Q4HtxsYcuwT^`Np^sQw%!%~eZjs37cVxD~)7pXnh
zajOK(X|~ND+DymDTSN*&4ul04@xtU#Y)q_0BF+~cDH^){93>ARVFQL{G8Do>cPE`G
zWJF+Pb{hZOV96%F7h6KEG6#X>ZUSl_$iTG`I_N1vlpS&C-lK{;fKj0O-3BsSDN;??
z+vp%rEm(EoMCl*Gw?=v;q8Y_pW?*iq1eja0jhHK1>Dwe@{#L_ol)x03*D98Ka|k4C
zwzO)T7J2N6RfixYl<QsbCgE5`Nu*_HdQL_SdFDHTrWto3nI9*Lk0KGMxi?ZTRT{w+
zzaZ(KdCFPqgEX>n+;)u$z~?uTSq9>rMo?(U<<DdshA6zbN1I@i7Bg{7o0ptxD1K(-
zsP4Ms!)DJ}?-2k^Ghzud=a8kU>BENDtb7!Dk-3J`d*vm=l*pA>siMKyi7_wj(B$J5
z!<r>rbEl{^SWrK~57oIdG;HyZnPBVOfTkI(-OYI8HIR1VTB@iCaL}1?1nze%xya;1
z+^bNRm$-0%+Xc`x)1Jr${3O6wd&x6}<t$z}5G>iwQpPU$89Wg$%n+-c{5xGzjwLg)
zsp~zzY3f&Q=~wv3e{xIC3{pydlui*og3mK2|GenO9im-b^Y{fviP^1krHdEg{tSf&
z$=m<Ib-H{z4qOzBs1R|M{E(7ab1HUyv&sR(>v?(6(;f6F=9IZJv`2Mvo%2fhsSHiG
zhxIf-0z=_A>PqFZseh#Rm0OYn=9Z@4q@cYtS=oJ={&m7}@2nJQ#AxUH8vso+G?d<f
zk$h&J@<7v!`<H3v8TQamNBc2Rv=>IFortYzD$D_7pVi6#jfc?kCkrv11H+6xzhks0
z5V7F^NwI-TJTI7n9)QK6Pt;i=+p;nuuc;&5@)N$o5{jH9JU67BC28kPc8kdNo@o;r
znT(?5dczX&nHnn~kwH|<25CU@S)OY+7?}HxB_!FH9yqM7(e|T*AmI*UrNX(bYd$jA
zGFP`R1W^vyTWSIJmJ}I?D1f~sM}&c}w(KG5;CsxZ-^t$?ho!{Cpsy;;t>o;+UP@;J
z%@7Wz_^qjx=<p#VCf^wdLm=?rUL>}K9tK!A62nElld?X=b-PZ3hv4B(yVQ<06_3ab
zwNsT0vKj7oF#MieF=3G+X_o?J&@yc8yDzm&xgHd)3;{>S-geU@kpBPJd&{P}qP5Wy
zCwOpocM0z9!QI{69RdUh?iM7tySux)yE|+M4!d{G+qZ7_$F8pKPv<ABTD4@(Ii4|4
zr8>FP{)e%lLY?F+Z*&}ex!?LY`Rg2^7vaY+PQ9GyY=%I2c}VUqO2Z}hjXsKZL@*GG
z)a@&h(K7GI!0!D?kiJCyrY#tp+V4BKe)UbEmCjQ=Q^r$}YUatd;Gb#+HAm&2Y6gk<
zd2t`DZ*4xK|HX%q)&>*m!d!GL=nbHk1!8P+==EW5gbnf;7%KlUHpXH9i?PW8F*X&U
z|C_OihM0bB`}oJ$hzE>{z;tW!AA=YhZo-&Di6qC4s^M6)@v&kem{h6nNaP9%RsO61
z@t93`l0MJ`LJ8uNdzaX#dc_%8lc0*FxanHgEF|j~oPA8cpG%brvj;BVyS6LI|1dVD
zXzTqPF>~kc_?H9{7BfTsvZrgSna7OAesFR3S}b>olBExsW0VZ${NBw20!C=ltyadT
z*rIHi8mg^_2ks}=u7~*$(qLXyh~_4g>0sXMnBJY$?jXnp>pzeU=g+{EIu@XBCA=m0
zevMQPU)-NeOtpd=$^Vhf#M$8eg-T)CM;M|Op(ULr>$Y<?uBt^l0Z}&aJ950_Aj+oF
zyh<du%A@eEZ_{S6!l7rV$nWZ>h0Qo3T2Q!h@OaW+Wsx@OyiOL+Egn03xy!F-BW|G0
z9|_MSEBS&6=m}7AY2c!ynFQ{aK@^{Ix^ozqK}~Q?Z$>&!Npat($cDspmE8h?RsYZF
zPLR>-d?8~tT_U-zHtW}al1n=S-&|-^wq<Ia_z0%u_c)Z`LCGaB%*;FAf5{~WZ>F-f
zY1VRfIlofTpt^<(mp*;E+oZ~vc0(wc1iMBgsg%VB`uu;%B^9=JvDtZrKVu11MT>*4
zcoL(3sJ%(mov&1uzR=@)$O|jn>EJCWCpu^7b9u;cP$HQ&rVLQUHzOrbs=%!eH+>+7
z{>L`6vzFh|EA!7bqflu$jDg4mqnoG`U*rzPXg977iPM_mqgGPb+g<!GxrEr~XgHl~
zMA|z86{U(t15V}UNuiJLrj#}@iF`8JV#P0^$bClno2Ka>Wt00GGcqoea>ytQ-{tdD
zEXL~}WrH;)45DoE!q;1c@q_9>$t7#71vY5Lm@;nO>4VIDB5P1`2`Xzc$o{v!UGw+W
z0=ta)B1LL3_+rJ`8JB3ptP#=;vR^vhy9E)j(J$I!7v^GGCaN4|Hf-rvk9(s46Bq9C
zO&l`{jP(wTwm<FQzfv-fSkp!BzSt8Fn1(gdmaJum&(Dg}P2|l|)2fomB*~C%GBG4f
zYnfzzv<ZVKo3FgU796HPI9>d?rsTlVBD-FYYzB<mi0j)oB*b0ny!78AvMy>n%%^I>
z<HTYiRF{>-CuvoDORxMBI+P#b5AJp{r&cASHBA*?36xxRXphO=RsJ1=+2^@*w24D)
zss1Z2aVFq>t>4TXZ-a6ERkkTDsS~}qILK<1xx!bT{PJVCwQEws=}bD!Xv0e3EEJ(!
zIj621v2Ph-&OF*~Hvy&LytcCw+;p5`%w*XV%nUt((XO_^DY2Z!87rO`fQB8?8rRCQ
zQJ-xvk6|9jokEkc$(NZ*X{hiWWnv^+kMtj8^P?rG76jQygCHA}SUFzR<4_r`Ti4hp
zc!S_C4ihTn1Kh?EeYKOu1tHNme)8YUUox@k9+MI*Jf6{_VaLt>)H2iN;S!``<li39
zet{xz!^8S>i#gD*7y4TlBJkZndoz;kyApU}8Y?4YoizW=SVtjFujK!|xa2Bh$@M?Q
zC8%pToM8X#LT8Lr)=48A^+q#Ah<)#pWScn6tH~~yTumf9^b!c9=UpB!rmsE%xGu`K
zmQDeI&r?r8p_pOzoZ`mIE~vO{ZyBPKcdQ{G|He+u3(!$$!@Csd$1EhxK~}%z9V%{&
zS^V<z0Z$IFjRQ(9J%f@<Yfzi^)n+DfBRf4LA4Zl!tJe-mH_}3@SNDN}9s!vR;6FNj
zhIQ*GUTmjP`W$%Tk!7zvBwtZN?JG~1EJ9oZY19_=C%5Ll{4AwpfQu3Zwh=yrl<41$
z#bVp8{07%iB3&kJHX&qy1om6O#@2Ha^B*w4qRGJvJwlxiJNzxz7J>C5%R66CZD=68
zgz^vJVr~P*6nOsS;0y#lJ-sSkycoWHbp4}Yi2p;w(1!g#pkZ+SOT+w^hWRfI^Zz9c
zQ}tgO=D#$||K~J}42Xt#^ZQ>kOnvb#^y5y+8{gmenvRZ-57@UG|94)tnHX4i-a+U;
zUBNj8Uy`$}My(sva>vlPc4~71>A~1gx?UV>!~$gMxqB=QF;o`-eGfTafU<cOmsG;x
zI*rU=fn;LQ-OymR@zjyuh}M~gQ6t5WWzq*p$M2j(GE3Cxd=jI_JOxzZH!^Vr)@ZF&
z>1NnAqX$RpZb^HZ0<-TZgDvmipx%-iQUs7QO*iGgD9ry)D2&{HQJDXtF#m5*82SyM
z%_mJIf_2(4Oc+xHaND<8vjuqd<VkcMxHEyWTrmHAvMw9SwXrL|5ty}$G@Es*b?!Z6
z-ZeoH1^dr2^W6$_*ccO;UzBCj+d74qw6yDo;yUw1nM(g=Jj2-YHI?GaQ@oQk%g&)T
zz4ZpAal(7kWC=8W{8L<=*ZcuWa|di7k(}m==)c~QW+Op8IQK$#Aiw$IE1Enp&P_w`
zasv}WsCK9DfGdJKTr~g0x3eR_{g|zwg5k0D-<ZCxCuXaoK&x*=t)SkL0I0Wg)Z@gu
z=g{ICe)OD15tVegUr{~IUqtOT=$mS5KTX3gn(1p}p0$Pn(J^=~7W8NXCbu=7OfopS
ztwb#~V04fv$RWewcFitQLFT?fdlX``hCE^4jTL#@5iI>>4>6}UhKGK^E;jYPB0eEr
zM-rVaaJ4TI0Tf));K81RtC!1&8naO&1G-ijX(-(~GLIk9$(;Q>3$XSYpwpE5ygYp_
z+B$tcO$ks^Xn=hDR#4=mmR0N~Oq6?D0=stUEPx<-@Ie^IhdZnETYv5(IL?;!pJav%
zU6AqVC5Hc*ed@_};-6#&BRR~N?hqx3$+5T+Vx51uWVe7`%%|Nf(G0S_O4OTbZv=d8
zXJcdQ{tGTEzv(hmb)oUQYU;ECfIw7x_DF7q@7M{e7sS6va#z_44(Yj#nbOru3Z<f$
z>DYdPkqKD87kE(&R1VnqAr?&-KQ?jz7>nwZ<J3x8hP@~<VD=wC-7)wnv-thEn{7fq
ze)23Yx$|E!ji=+*{BEN_&u$=N0=kv*XYSRf$JJ-cO5kHW@WLR#@Z=L43;LkmeL{1}
zY>)tqC{dEVyX+2)+1xCo4RhHmg17SX;$LpbH#&d;P@jJk^xUs5on23#FdZG>M8Fd(
zK0XMj95|4G!SouPt+0B3Z5G>-icideC}dTB_p}uasEE}SVK@^#B}td9Vi2s$@6fsV
zeNHb`!cpIcG!i?;GJN3HYad+%?TLN~nqFT5ge@BDj_S;jF}CUmPE6$6wkyvJE!(w%
zX{Q;D1v(Eag=w^G6DKCB_fRZ7OTCM;H!`z0YW8$-YJe0or2WTUnZ;hPNvXK+g^%<9
zQOrQ=g)q<sw1BT+MwhabBXx1WlYqtUq;mzKo_di1Uhe-iX=55#`ME<S`26u#INymX
zK3)+e#Y*39r6RH6LYY7yPw$dz-<rE|e%zl6E7fkX?t+v`xo(s<<X`6&d^y_*6nJ|%
z{96pYQ@3tAgfe-}qjcAfKkPiV_vr?3a3val$B&opc$fB?!w@hBTA-m-@Yf;V6M|w(
zyukr^{npwqOhFvwyps0Cyk!MK=8eC{)9#0PHBt8eoNPWikhlCwvzs$dlbP!Z=4_F4
zOvoI*#8G3?4=C_*j*`c2k*xE`Raz~4K9`8oP>!p^F!R^@7#0eFNGx05(Vt%no@q~8
z{GeTS*M4xv@bLbIAUe@%8)xNV?%;kHY?6!r4w+9AKy&{q<1pALfHu#@o_~aavJ$?6
z7C|Z7nYuct)mcMH%1&4>S`FhPYlag_X{;qP{=^%qAgL5iX`R8~SX)9!gGygm|DJQ^
zxoMj>dP#2fDE{;D(IZ>IwtZoscK7%r%n@Tb%X`f8C47sU76~JdA9K3Qlw;eZ<LvcC
zQuo_&%T`Wa_hP<!pzpO_&F^>(iRv&M)T1FptI=gTk=0*FSW#$Ak5OikOva{3;1a{c
zT*I<|=D4XpX^|$ZvdpkSiWzR@sEq$8W>`w`)3SGh`hT&L#0hrs^Lu+f4$NH)G_=4v
zA`5Zhi_Y#8C;~m6FE&Aj8Ss4($l^Jj9=?yWlccn8W+MCOL<TH5e5dOKCa?c7%mkpz
zxrl)bGx`DcI14OPThR|(F##Ce6>h5dhx-PTb=B-SFfr?|Y`hgT71B?{%Z0`zxnn)=
zQR(5t{o;eZ5O}gBCt^u)G7_%}@f<!)V#(%fSm1Vv7Raf2=rhA)z8To@XCi5OA$lxv
z=K{{X!vmhM)PVwimep&ePJWBe!JC`xQlQwpw|tJEKW~da{W(Z6V`4zgM^c^Bc2^w;
zQp|k004Zi3knu4bCz<BojYyY%6Z3ZKNWYkOJ4I?ecDqIrx*vI0nUI~d$K-FcYh7S6
zVqZ)J?gkM6;)jA#r4*RU`Sz&*K5a@B4V6cAzTUM8=VkJy3KX^#`M(ZjTO!sAH<61E
zBIgQE8AUp-iRGgDtyWyVSlQOn$f_+{XkOlMW7=1YFX{6qp8Q(*3&Sz6oKK{YvdLJn
z4~URU`oq%&?e^DwGEnZTcqWI$E3t_ob}9#w;QJ?BKuZgd%uw(0qhl86`E<5W;{JB?
z=>Y8e^d;`uSPPu`hS(6_XCGj&c;?><<P2WLUi*5*{UX$JUqc=VwB_ll_GjvDov?*G
zaQEuu9leEh@^Uw7a&YW}UU-pm$$5WW)LM6+_w&NvkvVFlzNU)ur&-z8C{>3B@i2Da
zp4ct@VZ!f<WcWMEpStB_yJRmnYYjdhJtZ?lhdpmE{+KU{?LZFx*X5D=mEE$IAj>2y
zDFONWLao<v1J|pq>OSjg!q%&AQk~Fr)jZ7xEk&MFOioj10EaX-sg5^~K-<OQ-0(B_
zYDapnYM!E5p^Ae{`<R}nCET(4UfU_V#`YPVJU0KWDbuO8VvQ%}(!iEb&%XSLk=#gY
zdJ#V6qb`NY>VB<%l9{a`kYvW%`(JJ;)&kH;b59osa1-9{64(4EnPK3wdrRiwIhh}D
z(0ti8_(Z>y^5a(gsz(7j;aoZpdVFfh6&MYCy6ez=56=#(#)X-eRz1Oh{kx8k-&x4x
z_567LpWIUL7K8N2GxYx@x1^YhHSjHwpZ9Qf2S6H;45?2Gt)=&_Kuv}|Ic+y<A6Y|X
zt?)azLPeNYJ)SXC*LO8SjZi>^Ll%}f;wDL_o2}a`7UwSMl1?6-oVfJQ6_xhiC}9s8
zl`d|Lb{jTo#Qao6nQT^kwwp7#FUA^8O}cMhcSsm5*2{$G0-d`iZHk=b@4#AqTjHr=
zk$;jIya@#4fkbj0ntGC#DWAazA@OvL3KCL;TPAWThQ0D!s>*zgqEX8C`!uX?@=%#B
zVU>w2)MI7&GsSg!saS$U0frwf_3yBitd&-pi=H=<=AFU_t-_xdjyGKUflp6F0HLjk
z8gk^as7Sj)c5-~{976?!{h4nluY+8dHiANeeu1t@b|KNLKQ<1?OAD-*R(i4HA21AG
z?Gp`WQeXVk_V9%VDL2ZCot^wB6tFEC<t4?<=rOV#)LyKi-A5z<7sxNf9G#U^?_W7~
zLA9mof3>9sMnFV>JWjD477JrE=jly39O6{Jc<w*N%tVr=78&Y4x(%EsEbCPKQq-j~
zYW|ZVYQA4ejCWjaX}Y=|t9Ox+U_(>(`_pYl_|DZ!U?03U%w`PG@y3zs8Q5?I`!>_{
z-VFsb9ID=7Wj3mM=YM838*I7y><SwK)s`RzmD39c1G$Pt0qT^!`&n$Kb_52-_Rlal
zE>3=hjir%u<7i7GB_sL!b>-@`T6W6Es70(N)7?|tC+}~zGr+_*A)E!bL_ITa8O<Bh
zxzC-ADv)F5$<u@Q5eQoR9&%UG>6n=FWf`l{A(qI%t7}KGv?DUpAn+@<r5Ps(NUo+A
z)9$_D|K*kOsFRS*3{!WJ=#yFZBC@DkA;s<LO>D=9rclmjeU${xOo3g<p5Xe8DU(5i
z95d{<!I~wOCF%w$HDU&$YZ!o*v=Ryh*<)yInWYdQ*{cD|yVP0;a2)m^is(O%8FK+7
zD;&wJgCAnePZUNgKc6UY!qT>r{$$<;o|wDr3A~`xh<#$E$_Sbto-UEzgHj`b1<FUz
zGV%jNoXqz-ox70|-txYN{;te-x-P(60-{bIR~-5MjR)31;0@@CJ#F3seJyYH-h0vv
zOO!V^?vc&DD|vVSM67t37`ZWLJw(C(n$L3jmnqSPpRoV$_vNptF`RXe90i!<3;oq{
zNPkP!t<Bvi;Tl#MRHioABbiTd;i}N~ygFfXJVVK7$!{(oe@9hnJ*dlA-<WJNat~a{
zOs`agtV6l$%M3(vI)}_j8W-n_471briQKS~XVAb+!~XKHE|t@X!FT&I3hsT=y37;)
zqvgaPFVoW;b#^NABeavB6pq|@+@<VkacC?BW?mk#|0hM6Uue2Go}{TDefu`I>QKEp
z^kwgTz%iFPnuXWPBv~XeZ5v!{Vj;Xasnh2bjpD*Po?PKVbb~JEZTsPhpDf$?q$UK-
z&w4X1Lo3tL@$sLXq?k!yL&NvhLy76Ki=-@;Au!lKVw3nv)G>1DSK$mT4r-&VB~9B#
zIZqBC<<N~FIp61}mGg+B2$~Zl^Ly?YR*{=S0wAL%&f@b0boT21XvzdKc(9qXd8L8V
zu^&rO#?WyajkQHv^BM*>UW>l7aORbgEOY$Oqa=kZ@`OjFl^gtupc4!urZ%4)nx-|E
z$TsVdJ7G3=f)F<0DKA(R9Yi0UWo||eXGJpJo^%hYE!}^g@wH^o>qdp%p)FfosI&0S
zGw}hzV?*=aj&}bvGns#nU545W?a)Z&pmJ8u;&a_4-Zu+@|3*XKG-vp#`s?>=k}B_f
zqB@19P04E554A$EtqLzE*_?^$43aHT8R?djJ`K9a;yM6v)vaFk`$g8$){?TkV>MRM
za-m6sy$8F`G`F3QlA-}InZ-+>D3iEeV)1?0;~^XdDRh0D?D(*3SIXkEfQsnVC?lJB
zqc{@oht_Oqzq;zIOL7|ep@@EI83jw}J(*G8NtNc3s}c$T6aKv2HNgD)Gi4$vPh_Hj
z^B7BZS(rLc(aDb|L*Pqb*UeZGwc~vxat{ApH?`FAk@8~B5#Ub#N8bZm>sYmzr06h!
z=10meO9{>cY~`zqgY*mv@`BsQq@-L>aH%kP7Yy~?Xxj_2CiZW{B%myRn;|##T;)oq
z2%v#@dixR<^$if_8t^;$&-55fS3YhD&5aS7#RAKBOA1-*bmt!;NG?e=1%>@=+q5az
z&%`_|B9eME18hBoxD>~E7RAWFn14%}Qe0c<h+^so{g9%%r8*66u;;Gig6hxEiapV7
zBDF)+k?6DNr7g0e9Hf?HvXao^h+#_E24mSEgWe}N!VR%GG%asM+DXL`@Il)Ajt04_
zLyiSk@a(O7h-(NcE*)1L(MeU^W2s2k1+in=j?{Ish*8uJ7Vbv{5EPSly@6CS*n?1^
zMCL-tG<&!;$up4>r8<_g!8J*|=zI}FWzN`4Sh6Ht-)YGaX)OurQ~-_BP*QgNX|D1W
zEHYJP${M-?CpIq0YucExD|x-RT~yb~`Cs%f&L$n4bbe|Rq_Pf}?iZcnE;HoV==ed@
zMH<V9r<1Ow=SC?dMr&l5N1|6T?L|5}i7N%9B>h?%1_v(y^9=`5R$*=<@uU*Q;{zh=
zOXW#+vo_-g;`R!qY1{4`q|<;A&w(qS2zXiazYelCzj8OLS838VAk$KC3!kM9A4*0j
zl8iaygeB;T_OY#HU_mNdNbRUv$aH2=>xWxKV~c)?WIM^H`0GiQw)zxu6P?q&l888B
zW%;yr?@FLjaNH&?+XePLn)~?yri=8XJCI5GBdL^^J#DdOFqu)xrln??r+4pn?#&X%
zrj*YBJMkkGsU>!orZ@Y~Ub0wcW`;x~G*7z`(UlMLYxkk}fujd_=cUe?(AqQ()dSe1
z?v8lK0D;J*R%rMyAk|E{OFwn#sA=&NNHr4*`%g7fqx3n_WX>$}@Vhq!K~!wQ?+Z4I
zAUSMn&3%Fg1$sZk$^QE?`iL|rxnzW{G}cTqMl>ExQu$|&Y)t+8eifC*K0M$42lYcN
zYT@&HA5k-aA+bZuJ8g9ABpTnWvok%oA&zx%B$|M(|M2S&F3H=hB_X366T$Z%sLAY6
zv|4^Yix3JgP<b4kt9ZjF=&PjDkJq5}PIt{9`)s1*bWx8WO!^VMF;+<YA|_<AM5O~+
zwPoRMRVvlgLT|f$ijNP&vI1Wjtd@nRHycvPhUS%n8Ygc6%38g3@o^7?YRn9#<iEJZ
zS=n5HtF|lhN~3ji@=reUayFOZSy3ju^5~q^7b@+3->C{H5-TWn^D#XT<O4G`;DqEG
zb)=ON?)=k^>M)!KeZ@Hb(_FGf>$5A6eGAJH0u5yw5QmTc939E`GhxJ)YF6r35LBTK
zb!lL4s4sQBythP^g`ESlsB+~;6bwXORi~Kff{7Py!p$Yo8~SjaikjwF4vrl)_3PpM
z=b9njqy6WanZFHIWMo3kV$7z^s#!_Q*AS^Sph`w;Wu6&o12vc0=G||R4=Km{`(;7R
zB|?k;)m%FN*Ibh2{@=|dn%&CWjepH0sl#vrvt8dIQv*Eh*o8T11NN8Z4Vz1vyezwO
zV<YdyMV9@;#dU0Q#l_JoFtp3XQ|ECf!xg?zy{1eil?!rrN%qt&1c9$fS+mPDlhiA8
ze@)Uzcak|^|Ig+URUV_>0#21dOW(Az*`wZONoY<?mGw5-aM~?*95gz!b*OAjhF-tQ
zaFQk8CM4BfG)OiRKuS?y&GA!C(7^LrP>P8z2r6i0T!~5}7%pB)HDTmJ2NYd$O!yaF
za#VfxBt*FH87X(dBKh<=Y`gygI#cF&b!Ze}3w<bhDJ@o3R5~N;R`NqjM%!oDpTNRi
zhNpLSDBCQ$?JE2RsxI~GEaN?_*+}6LPgY5Goj>a8jjtG36&FvEfP3Lkmhx*8V<!8e
zjU%|OWDhjg4I(E5$d{DVsJn6f8fI_TtDTg<<LwNvK}d{0ZE8jTiEH^~_b=TueAcgD
z&Ng__1daNKo8z2QKdAIhC!<1L$^^6FVzk9^5hgN5b6{l{UIh5b!^w`ap%7XI_9ih5
zAdCJ$3_~mB;r5&~N$2gSo+M^o5fsQa42IJ|;qd*Y#ojD}5E@%AeUpgC7?a#^Qj_`K
zLl()qVMR|lAOyvD1(iv#rX%~kvPL-+(I*jG1#^W-J*Kwacm(PYqo#<JkP<g-&D}Ij
zO?93{QkTaL!g}MYHd)Fad%cYt;s4RiWHb68WMTZ%%?!Sp%lGY?)KZo~YwN(y_804M
z1pUx0lX91ZzqIvX>q{H^`u=$I4u=KtE?>)C^aIUE)KhA{Nd(rtZSvA7)-P&U^&vFL
zp#GQ2f2vDu+Ii2?S}KSZt)wS6LW>dqs!KKrh!3FZl22(2LL)eiTx3g*1uLWK?0kA;
z!2y3Y?R5eciJL+{L#J@Fy+_>|=U!~RxonzXHX?1hpoq`}E1MHhxLp*5&C!oIG9s2^
zOQfnaB;#M-mkP_rjG8yX|LJD-{zo@sb)#|^d=5jQVUs#y1T#e5=#LnOJ71h-;YlPb
zhF-=HE}B~?|BK=~)i0-xT5(>}U)GN&5cbC|BB$>=Cav$3cJ|^cDxZ0&_24t3tq{9G
zTa%OQEJ3-UCJsdOW6J(Le^lY<0uhliYa23i44bdjF76p@Qyz%tSL!J93bM(1ma9db
zgvb0#(&H9o{5w9bntzU89iySTDgLLrByJ-->S9ZGf;UK6>_U!f&FZ3xKJv%f;HFgN
z7#8o~kqx`Ah+IF|zJR9)ovBpPd$^npN*6&qjkW%Vl;C9f0000JO`Aj!r5y(z|DB|{
zwr{#$raXU88)T7^(?i@B-0!!W@bHmQP5#(Z%U5%`vC>KP<KYlsApYj^lO(}j1!fzf
zKXUS%d<hLgh@0t5J_DV~xNnAMo8AkKtd&u&4EZ1w6MBFxJO-J~<d$_R`N&pha9vR{
zb8SzKg@`8UM}K!=sD+c3N<@EL3CUNdS!=DJeoaJ>ZN|X??)}c!+?hU-T?AU%V7L)+
zknFCL`X<o?4FCULU7DiI-um;O>Jn-zv+<Wl_rzgktzniBW3{<N0l0{hY?X2WgQjm!
zczy;PwcoSg*>^)uz*>b*|C)_T^yT)weC%<J0D-(?`|p{Ak&7f<X}gUL^4%k^j>hjh
z3Oz)?hLs)PTVPLIZc3u*2tt(TM;qbgCA2^DvLGd-OHj9E>lP0e%VNJt->DhffuAUB
zwd>Rw0==M6Qtnfy9B;?;1P(zje(w@_jV;NZ`!5^TJ=pk3$`wjCG^(>85<K8r%LH4=
z5G9gHHnxu7{q4*;%&nOYM~!bdt9nB)@@=hfRiS6mSr`7p&2M|A9$?IZ=a3+X(z$fx
zdIUCngg@tkp#J1EoM}gURnLnz1!(YK*6WoJu9}X5&a6<(w6<11P)aFZdHkrnqE>!3
zY)38fM?)bzJqkYxI*%xxrThvvi8GP@JlaCr#d|d5S>@_)3iFIK_UmbpRq{gB`?a7P
zX-tFo3+L&^)(jTF8G3?tdUdz4Al&UDpOT$&p%D@@%%Bv^nQth@0(;6)ah#;%{dsF4
zVuRh#7_|9P&~x`mUWS*jLpu?va?bvil-VNM3TUPCZa^|9Xs51R$B~!RnPp#Av1lqn
z{|$lK8`yVIN+2%SdE-*qZWVv~qeO-cjI+Qxlat8jl!G6vylY}Cy%-v&zn|_$uU(~|
zG(h%eIIFYiZ?-c71I3py2ry4DY{tyq5@X5!dc?isTN$e7WMaSL7D!1>rXF*BjVYD(
zHVKzEeD@HDn$0idJR|Jc5h%5CuI$&FMTGPNrG86}{tb|h02j(zre03zlTfta>5W!F
zma?+dDr%d!TN!jL#ckvnY}9O&BdfWo>z9U;HzJF@pA1U-L%R2c7w4Pm@jv7#`#vtc
z2~}fc8!8GXzs-i?`fj=jW9aIi7Mh$59M4_CgL&}g+Yta^Ndx(~d3c{EE(XBsNoN-L
zG7IPwO4cQnwZohC)y-3FF?4PvoaM6_W;9_8?#jgsqVRnaM#zM4tiG7wMEpraW2sa#
z%!X#`W6MdBX^s}F9A&Veej>k#ne*%2V{tMP1xF-86iXF{Ri)AY`B3JqOX6RV+=USx
zIl~`aT|lr2b9j=pf}?73`o}KNr{YnMgk*Hm3?ecsF7|l3FjWEc?~)02_-(2QkpQKf
z4x^ns1sgy42VB&%e-5+spG*yqMcs9JNujm_+pgg4gQX`Q>zY(JP<5hZiZ6*0rq%@f
zXUafZ(&~_SWitB6Z;A>lZ%i@~r{(e5KR1bRQzc754=ow2kPvgiRQgNvd_1$jWV%*7
z9>vgg2aqWui@l0A-LJCSW*a4%mJgb+_rfeut=|rMT1MY^4Qz;H?3-8~)880*D-=7=
zBbs~(3Dc-;`6pJAjdI(%>#Az8t%9oIw5~{N!~7N55H4SV96s(bdcE1X29apVbPtkW
z$TDoUcVnCCe0|g3>b`vQnUY|F6gah}y;RB6S2Km=yNU`xp#g*(aTq!AnJNGEG+Yg)
zw@2SX=9xBa^FP#Cz?UQwJ<1@3%1(?8X7(azyjm3|N3e>xwRJ`8*RG&Bi%6xkq1P77
zJN`A@80R6=ChsRPfh+UU{FR<a;t%SJ1VIEK(&{<d@u3B@!Rnrbc*gz1DF8K)rt3|)
zd+?GEtu0jM1Y<TFfeAC-aG0I^lDABp@tQ4nQ4Ftq6RZ)smxs7C5zZ|`iHb}a6O5h$
zelx}l$~{JJmzs#W02Mlhn@MpH2pik@#eN6vLFGq?*akjUH>A3ErX_YGhUh&-8;&Lz
z0|5v+=zIMD_E7aGqT2Fb&$e-6bit-?KE<d~B{n&5OJ9jqPyI+WkB;I2&?Gzw9|dfD
zF-9OD!}KtV2$Rlb3<kgI#}>pG2=6GmRvmE*l_hs5bvc&xAS6R2_=?NO%!O9bf2z{R
z+YC*ql43k8*=UwH_hsUz@fr8DDWP=Gh{!CNoB!7?oReDbR?xR^WiB#4nPKp((A2=?
z&e1CxoRPr_J7TcW57*hMjv#dF{wn64sXQzAMpm6l4eI(c73EH8pKsnE$fN^9!l+{#
za4e!9tGUnDe)(kfs=MZ>ikFgKH`CTg@lof*UG8le>hhR(T*160sa_J8pwd)J5tiXW
zbCd>q6(T)nj5O$E@<tU&{;RW3FQ!26;yY5EB20Uv@X=+yWnFDfWUUSA6CYGfS}SJ>
zTLgLZkc9B_xo%3q5j-oE`ZKph@~}z+c^5J1rDR=p{L&g?HDz|9m{tR!@lTN}oui1S
zpQ_Oy0dgLStb}QSHWve0_lif(BX7hVW%k(CeAl_>OKRm#aJ(Q)U+?{-AhnaSNG!wm
zBG5O0h}%KgL`>(iD%#b9vYNUQW>;>TMi+O%nmZpWwe?_%de|#q|GVd+{{iSx_WU~1
zJ?!KRHXAq%+h(dq4M)*_oTl$1Vn%@-I2h-qgY5A-^8^8aC(B8X3`$f91yDLoR=UFt
zcgGHL#D~s<i%zJ#IxsqXGa5Z+3q!t`cl)dXz6Y{Rgcz9tB56aYAfJXB#0HC!LJMT!
zXlg5<32?$I-l|@y3}Ak&OK2M3ndTf(22PecsR+kAsvpxv6#e04f2E}z$up5%N8iCH
z4S>GW*aUmg{z({jg^VbWc&ZlxKgX?!+A;b7ybuEBrsA{B?o!DgM(tX{7H2M!<)6w$
zB1j62BeA8G*#!7KU3*Cp27ATBgxNirs$=rOWEiA)lV)#3vx^<EPml=R4x<<+0?K%@
zB|%%DF<eKIe3O}?%?G;~X~uiJ%*+e?(b{nZVBT2sX5t0f$@2!`K<#KTQn={E#{45V
zGK=V4*im&SGLtVcRt^G7e@9v59l;vOI*5hJ!NiX#Hb<{}lj}oEghcm!^(@7|hWq0x
zq>mwm0${v(%b`g{AhB^mWyQ?+mGi^C(YkV10c1vJKG?IJUo_59kh&6DwPH^>jLD8d
zX#WJ?L`C#YOdOJpJs7+(68F;`h1Y^*v7j0Jl!2d+A8yM9RUh}|@8=tK0DHJ!OwVKM
zI{EX7|Mq68E*&OjCX-3}gvIHmSP%k+)qXRIyij!fk&jY!sQR58+Fb}!QQVGp`4@q<
z+6Ir_*{e#%kdkYXQPEvje<^moDn<RGcP6hw2YjK3L;XT{sjT$eZFGXR0w4oG>D0<Y
z*|Z*#*pI@MA)y#;$h9$@lR@_03k+K!A}xApsa(ImJCSEi06+81(YCn$X2lYaXEx5_
zsVY<8$Cig1wtf$q@?tG2Q@6x|pBphKcHN(hH2wk=l}NA%Mi_uWouGimZBDloKWVBp
zAD_E4$300lUT9vQW%1S3-n!*kIh#ry8ncfNFNJXu0h0|tHHH@O3e9$*o^?UMVnQ)&
zxqv98yM~Jh?la!<f(3W5Q=A@Q+0Um$RI1w#x}!{RGZSu-VU&f4q9T`dRDTbI!LljV
zyKyiVz}MEcb0T`?4ERZWHyqJeMfnA*P+s358(x?kuh%3f@1j&mPtII<Do13kaMi`T
zy~W?<ehCn!97>++*|6N2{3K6CD~=FGox6lX7qKVpm%&ly5+a8&)M-xf{qb<?jKit>
zy~atwwbPDaFSYbiAQn*CFH4jE14b0yY{@y}o`<VYSe+U(ruK8g^KkdXQ|Qyp<>7jz
z2S_;8)qRpO@Rbh9J&2AwKqM~k$M4fILu7;Vqf@x4W(ofqNZECr&~7E?9|tX?a_8Dh
z!$&P82TBxILCw&}KMA_#J^d9iNwA6CN5M_UBqT*$l#dr6<ipsae;At>3mSi&+jZy7
z@%wdboTtnikFp1+T*PYd{l)%T?FUcr<n;dCo)q5qy>hzl`ihzEf}_wgO(k{y%KSSN
z5{(Sz+at<sq~uRTc$uZlub8L;BvRT3l)TG}dt`R}9UWO-`azfOqdyGtMLY8AU)bem
z^<Ez%`8m7$1m45|sH>DTH@MiDz*om`I`EuP-4X04uf?N_Yzbr8iOlhspXBRR0H!Wk
zvH-=9e3RDvayItKLpf5LQfEzq@<&o7Ag`4dt=r_Trg;Zf<65bfS)0Zd&5HZNXlzNS
zY8|5XCJq&Hzhd}{lwvP7olGCmVVk@`m%CNM<lMBgk?8zT21rz~I}9lis->+zkKz%$
zwOck~{WWziy_^g8;x~_3yR#r%62sS=&HOnttU+9a+l`>_QU!+vE2M2^X2nACSSOh1
z2zaSaLC<{MOQFNK8_h34>OXmKQHzEtNO5Pv%=1+)T>^|SqaVN2X_`+bZ@}l+JlYC|
zfx}VXeX7oUqvsVX;)HKb1^50vfq0VB6@`+=9vAcBoN?HDu@KK%YJxacVnTIPflPb;
zU5RI_j)8)gf{KAzSQGj(4zT5>WFT$G6l>X1ku?|{>3bWv3{9VHbqXn16Zd%)&u`IF
zvcvE20564GA@O!<U#$6CRFU+r>2!IIh}vI#Ff!ESZy#IY%ekLKX`#_b#PK(WLPPjg
zv<78?QJ$a~7AE`yI2ZC3rEHIaLx`*aC&*tBfFSY;!{yDr?g1{xeo^wZU^v&;1^*GX
zv-8Iqa>1_yK_NdF=uDJyll|;hT*0RGY2*j>g$dG8hlV7OZ`%$@w9yu57@*IGAIvmm
zvO>4G+taN|q#xSRni}dPW^7nbVHHF4h2c(!svuT>{m7has*}W%E_L5Lk~S^-so*ao
zJdQa4wpvz&aFS@HyXva^ktw(STs|3fD@wDpbBx=y=hZc#P89mPhoZEjUoWmHfjEN}
zz1B}ERZS*++}0>z#0GsMMj3VfEPiDSbE=g=Gx_D~vNBx`!98r2K4^wKJN03!wa_lB
z<Syva2MRRDUX&8=SW*6*5LOo|pSf)b(WJ?aWLd&K-jKd0(DBC{0@LeOIakP3we~Bn
z{^N^1rutAjZS-zvn6n8=UUJ+gqUrPa=g!0%@B+=q(lisR(M&|00TZ5O2iOC&^XxDH
z9$5DPANqhm!GK)Bzd2sa=JniVIeT2ExG(;A#a0IJQNe%CKCnkg<9~4QRgQi#mFnQ&
z&eMb*%DoJ_6bruzZdUe6f|nzl;bgJYlQQ(`iB9*!iR)squOoIABpe0jH{6@tqSApi
zP9wc5h`0|XV6W=nhFq9;m__nWDK}}z7TaOI#LZcUpLGh(cHD}LIG7<+wL*1Oy^}<n
zF1mwrQFY8jgH1CA5TmL=57ep@U*33lJ{eqI!fq$!lorw_hCbh$uoprMVsmV$%MWl(
z4GY3eW+hql8GP0)QJ+&x57O}@{lM$4VDHQh*gWg37F;;}`>qQfzuIhKU}_;E!{cwl
z&cb3(HY<kO#9!oZ9>qU?%7NR-QcgMp8!1uHrUwYr$}tA{Gy9;62_mL@k6k<-!4C{h
zrD!@UeTJ;i$;DoS_>XUR=yHXG9+LsYHQ8u*xquWIGC7|6u(X|e2Q7@hChKyHJRmi^
zUxT2(O*L~9IV?Ov7l8mOive;p{gyqohT;kNT|b@lL<Vu&I`XS;AEz?k<s7af)REDV
zRQ>M;IMbdI%UyA-V6EZlXJE~#c8aF)IrH3nOUJfh^92jh9WbltMItd<!aFt3$criz
z|F~vWBY#7``5+=yoehGy_}hki+1yQ5F})|gYQUQQVnN5!cs980w3Ry*8*EOIw_Ao{
zg=AnAlIFFGxT%^UGoFd<KuQOL=<u_J_M)k7hpxL<cG{gb`!PS}GD(d77KiRu+c&B%
zVywR<c-5Pf+*8>y<Z@laZ&%~JN5nE3b5TVa<NM4SBEdBPvS=pjp=p3MG*8_$iF^Cn
zU6w}6Rb?US_i8IYENTXLIbWC)u1?o9*AY!y_mk;!SSjBEK2MG*riOQ3-Ng*6W?4_?
z;py3UuVLuBhP}%9@X2?L*l(|4YCPDPdJxgw)i_UJ(vjo@wPMAILg)Lq{blBqw0PYQ
zgrYVp5r{AulJC0hK|9jFVxEEL=)lPn$o+kR9;UlMsw7pV8uXrv-w-WCq{9vQ(#?3w
z#W-BWXB0-JopT`!#bzs%Fv!7r3(&e|))&Z@&2H4TX52z-;)1vwYj$d(=1Wsj6XZ5u
zvL*t^2!jj}*q{?Xjc%R8e7R87Y4J(Sfk-d@nVOBD;jiM!1?Ct-h%GuGM^+&o_yOMm
zp80wT7W^^?%W|ShSlR|dIqy=tLj9j>x3!GYEu73<Gpniox^=s}a&KJr`#IOo+Vkh{
z#6c~?OY4~o9oi%qi0#C)Rd$uK*;Aa)88VT{96o>{q4y%N#>(HGyvF^EUtkS+t)U$u
zIFZe3wCeSRh>niFs`x@5T2eWEVfhUqu0O}}ST)BL6gAwk@SR;9eW$jM>oO4X#t=L<
zCUM$C#0;l8<ZN|EZExs!Ga<uO2;1=2fIz-QB^~6%-^n4(j0j4r&my?(c2oS{pj8&9
zo%lT*WO;%J3R;EY0^QlU<a!X?`T|WZBB>$i`WKA@X!!CZVs`m_7hweabXC;W^OH$R
z<*UVBN4=A9`JUSO^dYIOH=GXe*#tV03UsrS<`zol>~$?2>7}3SdbV@J`mX)f@#_J^
zBw$XV9Mz~a?zl{=oxT&~_=C-y&Qne$$IJ{j=WWC`hL)e34}J#k+EdWl;8v|v%rNSn
zs2a7I-2;rhl^=JIW}YTUTw_55=0g~XRQ5rlOCx^^({s5eVif(*{8ZLDFPMcKw?*q~
zgElhXVrXXaYs-mI|ISDsj8V~T4aMg7B*oZh%;rk!eZ8kPz9X6vBqk}h9!vw4%#cL5
z{i0nu5KtUQ)Rk_>kzS8#snRWRzOp}2lgv7@X=DIAUwoq@obSe{$y|BwUQH?1O;SJe
zM6o-MsxPat7Xi8g9S(p$uH7aqgY~k2?k&f_x;MKMQs6<?d*yqL{|(#N{tp_44=RSv
zUkOKh3g?9M&ZBg%0?s&aB&D6Aag5xu>vnf4NUst9I9!uV^}{kjN5-ivw<-=3v08I0
z-=%|+VYnMGhV;b3j7_>EH(>{iFZxi)JynqHD=$4$pPHXfa`izHpN1Q6NWhvB#g_lj
z7Ly;uSkM==RDaH4fG-)s69!G`LG-1E)p|jO9?#U1Urb4G>>k!}1{fvlcGx0y4yoB~
zhW)Eqpz_}XVc3e-W#10iT-j+x1Ci*aMGka7GJZzFhgAL0`sD`SnnfszCGm#4lxmCj
z;JvdJQku=JvH8d0><djNM^UEgLWGgBJz)a<Yw&q!&MNXzPONnj5s>V+m}heG1FyWQ
zB5e1s-Vk$b&|D+V>8)Y1B9$=~3jeo1*GIcIJp^6;e;1fb0)?PCZm*|zBy!ph-ZN86
zOf!oEd(L4u0-2w8qJf07af?A{CK$0hgfF^-BbQH=D+EePwcWtJ=i6~aT9zC!uN2f1
z5@8)i3fq*B>t%e7;)T5xM>MOuNasnLg;{r4i@2o4ZgGOL_LX+wWDBX{W6np`@&)&8
zhc`Jb@FuuRkDn}DvMR6pzte=e{5_o>9&ZmXA9k-Qdfp#yEFA-0U#>bD4sv6+yWfgS
zpoL&@a2F^|jUl1|qZ6U^67l%E)n_cy=o)jCAmmd9*O%3bjX|4a`*pLc5P2No*yc=2
z{)13c%vOTu&H5<Nj0i;!9F-a`-mx87{`tjVehtezw2c6UnO&s5;`Iv>G!d};QwLfc
z@bqQI>8qABo#6MFqHw};{^{2e5A4GSk1W+`YwSJw3V*Vsb0m-uX=J!VvNQgZqrf40
zyYeR3XTb-kQ5yT91#`7%fa~hpEI|~Lm%`J;36USt8?;*ZgXixTrHombD@z85IkXkg
zf-+akuPKhTnt|=>m1AFu6>~=$X{_3e9#%V%hjE`4c~fGS-GiFE$~2TTI(XwPg4F4=
zd=_|1ebhAQNjmb7igDeG16@6XKlWBu;W-dL*B(VDZXH{2ZF;X8@oj1ydI)WTu4{>H
z;*aekhRbRODs1qj)HTYP!!~jr?xCFTeN=Qwi=(&6dYwg4>SW}i)*S};D~hG}BFl2A
z&Ey#jt2CnBRsYtm8AwrF90S%=0Au@i90h$hflhQI(}W`?hxn~&tedHa{i$2A2P&&o
zp_;12*l=Gox<cqweGR5{#hNtlxs={Mf!`{(nY%cEjguwjxSWj!k0v(lehf}<bG%Ga
z64V80MI7j<zsKRX*%%>LDY(qwK5|pWC%F5kTy`}~rFYbAz5E_*VkMO+ALeZgQfenC
zmh?H&=-v_>3ed@_nyBfe5^OYPBpSOvC)XFt)ftWFs(i&bPiH%u=x~dM0N=G%{qC7O
zawVCoL|3s-H}iM059`fW^T*Lm<(@f+XmzK|%{&DvQbp1fB5fY&Xzkso*%gYDz`Y^!
zbZmQX6(!VLCR-3Qqcj{R!dvoeRd;n^MBXQd6-t_Q&_-(P>jIvu?mh8=C<9H-w6O8e
zpN4OWo;k}OAo|aP_+9Awpe0$Tx|B(RL|*YN3MW7Rjjw=VJ|<Sywu*anui)mF^4R4C
zZ*HqV!OCg)KKlZnwRT0QdBFDd*q)ozTv3vs|NO#!?8yW6A4+3m&&Q_HDM%kCaZ^Om
zg_d4l3z^rY3$rzohLGSlEa;z7ZJ+z8bHnzxM=v!RYu2udyM0WGH`jy&rK$QZ8hOm`
zi|X&T(3bg>zSZhF1CAF*D;ih72S!%!#k6%{jonUk(d-m6%+qwIyo_*&kG+=|<cQ@a
z)q`*GNGkG;U*+_r?5enSQa>-6S`qp2%-gTQiPeWETC+<G#qVe9VXG32b*4<z58Gk+
zYxz?@<&!7c!*k4=7)-k=UbQc@@5=>KG~UbhwJy%`G+f5jI+kpdtLlVw6-t-#brgj(
zkeHL!w2Qiy7t*weW&CZIk=nzXR!eCLN!g>2wxEeCj?+ksMBw*|3f-SIAS*HV*n~xk
z-(S8~#UZ8tebu2S(|P;EDlr1>-gqO6&Q)*BedMYQIRAbVDt9$xB7|;c`Lt~z0@khU
zYzMXicSde<_InV~dxeY%Kq+Q3@@G;RT7=KcW3emM&%qr;<ien`XrJEZn_mc9Hb4Yk
zMtrb#BjAnQ%?;Omppfq>@afL=IuLadaDwt~v-Y<+Fo+yHQq7C03ajfISB6Ej1_cW(
z#88@WVi;8Lr~_7oW@CBzTmnLK`Dx?$SB>SDMfP|tuh~4uJ?6sZVm%chvGZ<X{CE_X
zkk4zFo1Q6CpRBYLMb0tFR82F;%Re#88CETAGMx5?K^i;WFD|iGaT$2258a;LTj3JU
zl|=X=;Oihm9NL6N$+m*yM^oGKfTMm7Ulx!oZ{LK~sPAQG=ZfnPSn}qJasq+_p(YLy
zRokpl2BeRx?cjVd9XmKejP!%PPTi15wW2wG?um_Eu=ZbcC~)(eUv)biT$}=2IyHgA
z(59=EThRovzpn=}+$MGipMmp&BnZ#I?Z<_7;K=s&bjat4LBQ1~@!yVFm1*Ln4xfOC
zq=UG<k2?;1A*w*(p13iSlDIZp-VG7XF2U5iDQsu-){u^|L%Fxi%6L2r=#i+gwEL$&
zp0|xG`c%iW?Z;MilfpfbNdtvvd$(eVDkXuCfzH$&XNR`!%<|opM*#rysmCPu^=3ki
zy*B*zE~f0Rp^ozKHp-)0YWN9(?i>nB{Jx~AkzxFX`YeV8KxvI`>%~NqTg)AmE`?ma
z<W1)RkQf-}(`SVm>9Y~1%RAU_a88J&f-l{;HQ==v*x0~ke>h7H!?BRhB0xXRpC5fh
zX-kS-oZ;B#mpIb6C6#B36!6Db>$$u{-^F8?GVhzeLN2DaALq2TdnyLPMj1P)rP3_@
zZ-p?)W<mr<ZMTEmC8E!nN8Qg)Y!Edk!&Ki{NdH(j`q{IxQ?Uhno$(+#2X0T)h{X<+
z=bMK?4;uT7{Y|$p<NiL+J;o&cf11ozNN<MW$nA83+{1(c>@Eq%V#!HKmnI0S`YC$K
zPI4SM;o6t((vo$%JZm(vyt0DxI4Judnc3F}$mws-i3Q^DI*IIKR=dzO3Ns27orMPB
z5&K$!zTUF?g=Pj$32Fk*%=tIa1A)l`&ozE5-KTfJQK2>U<%OUyV>cegFIYu^Xtfvp
zzG#R8ayK$c-{Eh@0=)<UEw%ChT5_ox<cyJ`pF37+-XdrVwc%Ie?=3>)paAy&#x_&l
zw9J5k&H5|AhZf@f!0VG0(h=DQ$`dkGvV^37Ywuy(GVC9lParh0W&q9h=EIF{qFsbs
zIY3dg<FH<Oym{0;Lk)9EIx(T=xb-H=&BqxPS(Og#YYJf;bk384<^|EQ_fR<-0}dRL
z7^nA+`0K!MYk8zdjc0<|!P(bj`LImtaq1-NRJCtygENP{oWI5)<N(p3hh5cX)j>M#
ziQmzRREMqE%(FB#Ol7x$(hG2$mLUd;7<(JZe#u7QU2M0V3gPc58i(T85WM4(Z712e
zxl-Q4fMiiPAtujbifGe)Jm>_%HUpSoC>dlgH;FAGB+R4%0Fl7WWwHw3Q?HBP5iuY8
z1T{oxSIDwc-4T5`WOP_&pFh(D9Jkfa2_}SpU(`GkjmBY-z<|u4M~KJI-^<Cz>+x}S
zY7h3r$k%nz{g}k8UZHn?KvL>6+YI}+ne@VYW<i+!cLJ<ftwvpwSs}}@cVoqGPrc3r
zwGVP2wvmRs6V*^h(%8SC(tlKoh*HUd=rNhe7p`><Ly)Ch7<zdYlL!H}Mu&;@JuP!T
z2R6GatDY{G0vP`WH7fckDy4V$RgPkeNvBr2zI@WRc48W=K%sEYy@GY9X^Rk|(;<J?
z9_CPA0jEe<qKSojVho{i9DK<{M`X+x2eae?t4&r*#o9&C;_w6W9Km9b;-ePzAzFy5
zMcN?ICG!pihjJM$xzHr!nAhmw9nZC}Zlmg@;}&={1AOszI{90-`@ZA9?zkG5Bk0Qw
zyg7P0t!20efML*&9D!asD@-jh^a!5@g3zhcdb-+4iCKd(YDsGVcQ)#^q_I}J86ICc
z4ondWv%7RM9w=)muIc5^ot93;`kxM9P%=uy&BGaOBd@IJa?e)mcrl-%T)*qHD8b2V
zMz5VSF_cy6^+z&N;n+z=zG3No(zJXuM&mwE8TO{uihWLxGN9>&3)`C!FZ~RnGLvkO
zPfag?x<aAIPRvryq4G1t8-%iqs7+Ni7~bzajt)cU7nIT~M)_52c7q!I>3nOeI9(Y~
z8gRGchm4cu0EDz62Rn7ft0%f6;kAn?{`B^NY07!@88q!defqNJ4Y}JY;OZmZD>Gd!
ztQe1J(xzqR-Z+}YG#YK7PCp<V8IJ*>3|}X1)XWO#X$VTyOZAC_8eaF>M^oMp&q|0$
zqM(FBA1DFf1>uugvIUUSy|1$e&J+ZDJE|Ided3_kA`uQ*g5R~>y-Gr{CdJ_E(=#lo
zCOV;iW$t!Ej;6S$0=E>J(3YOo0!M#OOi+E)#r<_-lhoGK$H1rgmhB%4&sGWMa@%7_
zI0AK0O0&vOe+a*5KXi`n3NXz~LRa!I6b$rkRSXLWv4mVvE_VujqI;7M33lSO6lay#
z%rKEeU@OR)BxAB7`QzM4f<BDa^*0GxS^k+<wzZ)Enpey(g%L{i_(LX3;gvajVc;ZW
z_w4@c*4zoFJF7lzW&nF(K+NYEp#5xiYa%_6#+<A0wss_uYk_(r7jjH}=KR9mlaBo<
z(S9HB{7`iNL*JKJ%Q(k=zbn=YYXQ2|TpmYvCEhc@Zyyc{)v;iB)bmSf*@K!IIggMa
z>Gm7@AJ#z?lMSwU6#tyGXs`4pe0d1*XqTZ`exnnmrfkjE{&03P9qZB?KAr)@j0F`t
zY%BwW3jOdZ=sS58+vIq56m2GCyevl%jFJc_zyu!}85yaEnyoCVG`yK+Z=a`(2z7b<
z?|ItQ69xs>R7X?KAg7gWqBWnckA#?(ZjrEaT0*jmE0wGC5$Aj972mQD;`Ttv`>AZ9
zEkN$9Yh3@!Z?Z3MS}7h^!G<w2bZ<BJ1H~Vnw-0^)M|<}eTxtJ@2|gXOqmJ!#Y}>YN
z+qP{x>DabyJ0070&gA)TZSCyTzL?sXovPV--kdtG&wW>&A3opf`f}vW6`?ZVgTX98
zD^GApdNP&6UUegxwIL)QT426)^>q^t`RdE(y#YV)WO&Gh9pZJZ(pKalv`<RPjn*X*
zkH`f{L7QVT*cH2_^5i6Hh8STvSrg>V?kZFY<Bp<M2qmC=rJ7innc7h)pJ0d`UFyYq
zljUAJ?1jRh5W68-jHY4~hz1^yX!|~4c1bA7ox}JEj8PRq9j;Oy48$H2L~+ImJmSkJ
zS4r1-j(;+2?tJ46HdW6Ct!IhT#SQ}K#mk7Y>AJTqZEMM^J3RJ%v3hA#2iV?t-5>zG
zX>-4SlOjr(Ai24W<6hQ5ZHX`YhXqetXk-824`?tcY<d}lg{*kW3{e4uo%((^5q1c~
zGO;m2YDaCki1!#pX?Xdb^1R@<ak4TdW94H|V<LOPQRc&g01_$)43CTw#}|~`q{yq9
zg`I>$V73k+>!!xi#85&OL#C|S<IvDh+0am0-JkF}-CXFPeMt%uxv(dZrhU8jzdh+M
zR2?rn@jR|WXRu2c{C1(7=zuiuRtZzUfElV2!N%Dp5P7mgX{&-SL<gM-q%OO@+aEgS
zR@MkaiDTI85*b-~4BC3BXdN&~!1{oPvCF3gnV-k{L-KP=5d@Cqk?wdx`8{f3z!~KZ
z_xspSF8rDY&FF|ytq2Y@11-zc*t%oKX)wua3fV~g5um`D?1qzcu#((qp4J-O3Y0o4
znk=1Y81fnBjO3RrZ7b0#EmY-41q9msq7r`zU$ajkT;(Fux8P$%1YQkX=eslQ81?Q+
zfl3jfhMJ&wtIY+8547vYOQ$v7?Iv9pt6A|zrfWbTj)Y=F-0G+aWc$#2Ni|3Tk*7ke
z5xCpxR)f4(wD~_`SwKy{5KyDzv2zY0pHCUHKuGjLmi;{Bai{zmEF=Ln8h2+;Ju)=p
z1fy)le1ib-ouw~eu<_JMqwVaJLRiM1azy>rRQEzfy)VayJE<_8u<l#}Wh%t;1?{M;
z$w^opNB1+Nx}gwSx)&)trfctIUgm@x;ts;StlUKispqS~Ij0=20JI#ru3<tf40z6I
z&PLHe#TVd^)euJ_EM!<MYgQr0f^E6eP+5Oj_=&$~1U&eg)|?+Be#Wam0{?=&{V}Zd
zZQFy&P1dYdIS;K&y6<G1k4c}QncB%BjnnPx;Lq5M8j%Q=XndYMceBaZupS5Y;%*ax
zNQ}QjddIerK1al_<9Q?85Xknl;vb7a5t5=gj>*?B5?_6*rU<6Y8us)>7=h^2=dO0b
zlm4O+FnJDs59X+^_jaPRs28p<L()&qzliM=r8M?@6YMK3tieU+B*h~!CP?C04K0<8
zss@{#2M|2b*t6}FC$SBCTGwL{dp&+?DIN8y{8DombWSlbt~{Ha@ONz!p(i^%$fW`r
zC?GzHm<!yEDI#%Gbxa9@tt?1*7CWz*9-tJ~ef+}T3u*|MWs|0H`^C^H;s>}IFyfK`
z79sRY@t&UbfZ7q1Y!e!?io++qHB0|MCriF-O{<aBu|)hE^^;7un<M6knB{G$<k|xj
ztl^DIA_7ruOhHGf=cFN>qr87=f-IC)f6!IYi;Sj5?xbqrWk<q?-5VZFnS`yZie%om
zDv0BH0&R-A+vhQ_4saN$Cxub+<Na;vSk<4_R-0D_1T(hVtIq|P4w8S1z%;{sW&t6I
z**jFyD8dpB1KmO}AY(${O5gah9lXLB%x&7O?>YXghG<%B@&v`oPC<Zqj3NV_n6Ni?
zmBBxv)99VqU4F+R<7kBmo?l~h&Gt`Po`Di$9sIS7(DQDeqwfy<2f<Iuj*{?J_&(HP
z{3JuMgUm{qTFl-M5LRHdi9y(8uN4HuId<UU-#d>9KdT8P{^sQ7X0gBJ2*mcDEBzgJ
z2%bj|j|LTDOMzMiG(tsAh%QL}S^*hACNjY{k73+RTVR4m_j4yLe46T0y^M4cmGc%k
zTrl{RV>aqTIdq*KC&K=w4Eo)5#aB$<6?ZS@LK{k>;P3Vud3l67kEa3^h75*ZSy<xe
zA>nk>gGxzDfuK+Q*+bNhYC{v1aqicWL)zS`$tL^$I)3y|-a3Pnvw#xLgQU5*i6I~i
zN`IYFLV>ph|DJZ3Qv3B>G<$nuM^wL33b=U@yXf`{$SFd;*DM-P5<M;8hdd(<)V+jw
z0rwF@@DjmB1zpy4LuJGkU*UTn9a8V~n@(J>1-G!j5JIgLb%B9UJ59fysBagfOw5O7
zt5O!?N$L$@W~~kgjglv*=|(qh8nhYm!<Xe~c+eI2_ovYL(Cr~d**HCGCVUGt$h*3;
z4O$L#>V3`xYJqn4-O`DrYWXr~M_=C=k?1gxh#D31ZT3!8MCtOvS3Ar#NC~1S*Lz|d
z+`GcuLCt{^c9{eR$q~^Ci(-mTfFagX2lB{)&){d~L4$t(KoPwrTT$HG$74Sx(Omrc
zd1Bu%7E=%QK{cSh?t-S&NlYu}XB012uC8OJtGy?t5QG^`FEO*zDGVL#HM<Fn9(OEI
zrP!c67Bl4Y5<_TkN{_q&^!$4?c`hmHTr81^W7$9#i6wLNH7`5^`M7K!M3}h>zWn|E
zni2f2kv~#`iHgjA&{W!dDpA!#Z`7=c8Z97xiC9pKC*MEgL#*e_YEPxQD1UjhB18(*
zzI@wGW<*abA*iX6W~AV0Eh$TFD>WK9U$}4rEekulGf|O0s~L5oWU$?_*6>j`Wh)Dx
z_^jR<rFW+uWNMrLtq+ZXIE3s^j5@cR&HYdM=^qj22(QUS1nb1|kjfP-RM!ElD-@q$
zi04agp!g#3MC>Fg72u<eI1^=CP|1VVR%-mT8azQ~uFC6KUQSrq+I&KBCNO;vFCB-B
zGer6Jb+eI$;xhNatiN9kfOEj0fLl#NVpP<UI1ovKS26OPWi+4ksMka{^DrB#lM3)L
z4}Kq`d?jnF7Avzua_u4qS-?9>-CGRcw+?4L5W|5nCXDOJk7r@Ip~xW(nq!nR#;f{c
zs!vzz-6S$SOe;EJOJ>&oS|l~*PiT~*mYGLDyJP7xQKed$WBVg#z8@U7jpfHo#Xdhz
z*xhTVhagavZ&@G%<ADoTV}=A70v$vhi(7ioCO$W;Ufjuoj=m4NAX8G@Fs7=399(z6
zre(1l6|h+Vdp*2f?(gbOodLroqqiYVGdn+FXJkJyV1$ny{vIp3*N;Y3I!WVzSzs-J
z6%s6!8cDk!Y~bqdL{CYz5U#9b!&1SomGfQyMF=wT<I_5LU1##Hu`^BlvCAGq?6QLp
zd8$s|tg532y%U`+sB);&h!N(!zZcQ|K1HD57qmg;qS3-YD=EZ=pK;lelO5G#L$rRM
z?NtpRK_A68W5(lao8oz*1S66$#j$5}*#)fT2EfD3Wj5@~g~8=L3UK&d6`>R#^+xKJ
z0kxjEe-Quimu-9CZoj$djAs-nPD$X$QOW&tm2xPrAQk?ObKTK`$!F}z0Jyw3DG@P!
zVUnjR2CT|&Tfh|Rtuet;7XE$_93lbbCnqnw;4FaRLW<YT6vm893ghIK31-11Um$}w
zp`tQ8j1gmJ6m`OV21_Fi*j1JNIKwC;^5HJi%G75NSW0wWtgCqmkS?Jj7a9DF%Mk|}
zTp6dJC%nqsmcZ<AwsQ8%r`l-Z7O~y8=a>ody7J+D2$k*fm;5lym=pgcDm>T<SQ*zm
z29QuBY05@1>VsJqrIs1^I5i{BIhYf@R|CMhk{(Iss3OsPn_l26g1P5yEEzn6@paSR
z#8tKw;U)__S#ph7s~-@$cinv#qgj#7f%eJhpR*3pb_hGC3j@;qRQD%(qm9Xm9Ql&7
zr_fu2O_AF;2nWT&57OP8opF|meHBY85#Ust$`M1ZoG5f@z2&+lmsz0A1$=<JBY|>0
z%M+vu@}qzUtZ<L04$f5<x-5(e%Cs6;4_X+g^UCI_>9AqK-EqQ_hz6{!mUDj6xy&5G
zRl?q9)k039iGU-YrqVBf6x3=M8~jMGFXf86iGV?otY0}Bsff8W_u$?zo;~|dahOYs
z@_UKP-xIQI)optK=hc0M-h=i@LKj7(Do$#*l>U+>lX(IS3%ON=Wf7W{9qt3Nivqd<
zj=!0Xw+7Ewj3?&fl1K~GBqWpT#>0wc<^^J@N4+o|pRXFSjO^26QQwx}`L(wI9#+ZI
z9oVy3N?)B4u*EUWOKa{^2y@5|E3zcVjmX=*!Re{CVS_wgJDL@NSSEgji`7+7g$OwB
z`=fj;;Dqn5>n4bc{Ql^(e>b=jDefiPh0cPuT^p($2lQYoS6qHhcPM93q-ekQzABr$
zlEcH!as+{<bVoakY4GmD<<+Vayed&6H|JKN+ImK>>qZKvsMh*~+Mi@&7kyWh!pCs`
z2N&V8Im#$c1?uvh5{(~boQQEx(NSa@qkHOOXv$+h#DAh3Hr`)IjIFXP6<W_cidk4)
z3xs1(m(+Ye`pWizvJo4Q)tr@~EJGT5<2zc{DjgGC+SH35dRHZ~Ot6l_uO+fJwpIF3
zi&`}Hhu66UcHH<;PR3Vnqh^LrDE=!Q`IjwEjawbRM|%u;Rj*PKhA$&oME@F%SbSd9
zn>P7hbc8(jc@SCEIx-J#+FVbTZFHbXhszTcaz}wt^4M!mY1NyaT4q<fSGhGq(do<!
zPx*CBO(??sp=I8m=)ySkHHOg>MesJ?SnGlrt5t$|PRvk90GHXUFsD{Y2_-5WJi!@w
z;84ia>|18%O69j<aoBJzvF!3vr7p%)sxqC5w?1c-_5L(y9^z(ZETQQ##kAhyls1Br
zSwFL&12)@w)U#~Sq-kR`Yii9WRdbf8WY!jmo(i$48)ex{;ZQ4An$1|i(3i?^iYIa1
zo9i-)?BFw#I@PTQvsboTYz9}}uR7v)b}D_eHH5ji*yh>xJ>^#G>y7puSDLVvf5S?u
zUtI*OK#K0-Dn+V)(K!vhUz^V4GJpEc{LF>J{rJv7_~EhG98S`W>>J*cn&<5_wjV8W
z3yGicmfr65!zZ^K{P%cqiTS2{s2z7=F3pl0?c1!es?}k`48fOG+XUl&dYfGAEY+K2
zP6`HId~62>asTRP6Ydp3H@tEwB~v(hsE8_6?hPX7g3l&3d&MK@3PktwTJPCf64<1L
ztP9Kx^(0B{9kH}h(gbbE^$^EacNCao^pLj`t=jI_`XLwJUFirA1!snoVvh?v7V;C<
z_0NNsYk4G*u_4w!<4h(cRum>Gjm<_VKM5`wo9HJygF>|v-YT8DA=|)6+bJ7Xv00ig
zH%c#7+x4uW7qwfIsLJ=*DqUYV=m?#_(h>XL+zPHH*U(KRE3>viqf^c-BvUVK#n9ns
z>c_hDY!GyyKPz^FP?W5f#W8cnuzoa<eYTOSC1Z@=olr!q1!MS_3k{sfN#1UCB<_0@
zCc4&C(B3hy@AcS`THc0rxCyz)4z-Am8MLH><v+gT)NnrL<=1sMOrvCD*)kAUSawOh
z)a$rPer^wdvm=d8;0Dgc4J&-n-QFpV!SuqVWcI=WD+@=sCq<3&@gAlx%n&)eT&yLU
z{v=S0ah*&FnZSVamDw9I&*)b~g?%l5!Z{B+$>8sJ={L80|NY!g)S<WFg>%?(27}M9
zF*%5KGoKi2d#HMr&P;7W7T1pJQgbKbqer!9OQYBpa>kt?0b=j+go{VGyMgg4c6<5y
z8cxE{58cwA!zEUsG)*fB<G!g3&?F<9E&t#R+|5%5eCB@*aC>)0e~C6k!K}3xs-n!>
z{PasLy2adXbQ{B4ngG8ix4K1Ya{Fwd?L{bnPahv+Bdmr+nQyreDP`2<RjbA>O!OJ3
z6W8yYN~MTg{OvVPV5xj`<tL`yDn$?(ClgfGqNO}Vv+t~0(p~0RrAl3OOFEzy%M8@g
zl=5?RN<Z~{q$#C6>nbt@@&`Qk<O(59?Xp423fKy4p$>G_njKgzOP_*Qe^4Q8RnuR*
z!Ynl3*oZaFi-NPZCJHIr(ynIm2_1_zosC%)M-1UO6%>GTh-JQT&$e~6m1k5bfdy69
zJ&GSZc2AQnU5IWM8KG`Z3`Zu)BDsWG7yi7i5<S_}SNVnCoF?X=7bE5hcGyzp!bgFM
z&eVNzPw-fUsHd$j4=3Q^sz~)64p_O9Ay$`ros<3Z)fce;eaV0A*>p?2NHeA5%%TNH
z;rnEUeq^wjD?8&k!H4S2NBB6Hd{a*CQT{qbOe|bJfsi)iMJ5H+k|NsE=vQJ{ZQTp5
zLS4b4n9bBj%YJY0xL@By(-f$7)7IFvHD=xaN5k!dVZ4*l%+c~jCEa{7yzgKSDtd2;
znn8OLb1;M_KR^7oMAcgb)O*?x;VJ$t+V>5ESh4E4!zdDEt5eeC8grJJ^bz<h+@uMS
zV|nW(f<*O5UX+G>rmc^62W2SModa(vVNB5Hx4DJ2cdWXE8-HZNyV-OrvMS#yD5V)N
z3n7aL^xW5kY7K<4R|WT7eV86B5;KGnPvkz+_qkgCAWWJiPf@tsxn*kI7orur5gR&e
zhTD3A4EzM})H|8IoSWw{$~Fp47u`4<!f^r2Rar2mt^H<W&xn;}_v_`8=}Atq88bH3
z*10v2!f4A#w!uG3;a-C6a!`3$t6GgDvqoJKMYo_CDezzDzMJSty#eYHn~Wlk<T_?X
zp8i<Ontt4(N8ItT?eQ0z%jCe~M0Y0>x0ws~vb^1%vC28!%~<_~J)*i_Z%25NnFKvS
zh_M=mm{k?q(>`B^4=+>S4|jnaio_gb(tD5p*HjW8u+?63J~3+$49z}Nlm4)oSZ5Hd
z=P(!MU+H3VDu+j^BMnv!Sr}1mM~p<2D73-%*!AMwBHgi`&&<tGygCh~cqAafjR!3=
zg&KZ?pKHCU&ta)nb<2L%i&Xvz8oO4AYxWuZ#SmMVj(uDf)5PE`-CVpJpA(smi6()Q
z^JPnco12ZQ=#xk0V&Az)?Ty}KC(zzVci`(k>^`$`u1r!*-j(HCS+9p#t@S&bI>PP?
zlhtfp8y_^nU!6VFge%|L8X|C{_uZ5Kz#zsQm1d>AA}G)PG7{6aX01tGt;wsP&wKQ*
z2s?|Z9qZI#na!ZG^gfA+Z4T$oHlKtx3Zz))vndj0VmWj%)KH3I5wT@&lm@72{u1d)
z5$4+n5S90@XYSd%>9sK1P^x~qk<cO4VZ~y?)~qmDRdT3tM_GZ;Y6G3RoYE_|-T%@A
zAsDavy#R=7Z?CPkyxF~{y=iL#psnp;&h=O>0=(AC0j~#kFFW4_VKbK>Jx4g-1z~)d
zx=-H)Vg0_Ev8$@D2<O)afRDbO6xEMyiWBE^&)bgB&Sw0-B7@&`x4wRUsxV3$F{oN~
z*}g?PW45u;O@d@ow6@5cWr0scHuW4K4wU-A$z^)qpEv_sB$c%!2!P1ZVb?^!as_0o
z#Fyt+r#j&JbOGY^+J|Rb=u2_ew<@grvhIRf=&WjIt%yhteu2w8rQ3c{>$y=AGUFV#
z6PHmm3x%|rq+6$>#C3weE&)gdyjOjF%k>2-pqAmKYRd{N4@;<8{W}-Qaz|qe%NMPN
zvA|e(F=Nf_KCMa0^sQZUFeAB`C6?CgNt38uFZu4a#9&=xR>twqiul<$Y<vIW<raa9
zNcEIPQ1;}Fsd@1gj5@!s&~z-l5~L$ob}3Xxy94F1mgm|Q>9*#CZ^HYik0e;1^4<20
z`~Bz0ZX($X-gnB=%jV^$C^ww;JBApgbha{frP&PpeAXX?-3{A2jAS_nIF|-Ooc-%w
z7Y+sym%H3@7qZto<3~4<1kp(Bw;3m3!o$+?Bw#8Ut{S9xaT8OPoAtel@QjA$opQK1
z6=Wlbz2+|~q4XHsQ_Mews)NqrM7rttIj&i)@(#lLqoWWM_8UZ*Pd7_J3`>#0^UjGR
zGx(UVNe?&;C3iWv1IQ-YnjMZYs@webnJ!!O>;sepDIG>NVgNMR#H*zT*o$=Y_XiD~
zaC!>|AqWu_;-0ndyrodL;-%kWrNEu%qllJ4XCsKTYE=pcn76N%kr<>v*6f1H;%W&8
zO8X_IaTDwPBLl~ozAVWAKgRh0_xjEbw1Zs=${pxeTQ)YUao?GopZ`fkG8NTPKm%Kg
zR2O*KW9p(}+@o=XZy#j-u&8e3(P~*C0*OO(<@59cb!M`BWWIqA^N8SW*G|ywp}B7}
z>t_XzmvE`d7@iyBbnmb$G-e`U(9F+rsu7!k{;mg0)V+=aEc;a~3uzS$yHSW{Uecx$
zzAo^%5Auj&E3!<`TOwT6Z95^WX}~3%HP0S0#LDU#h6|DZP1AZg0Cgxpc847kSN^_O
zP)<VSkX~h)a_;a*X2xr_Ib83S|LzBy;r6nb0x;&3aqh%?_}a0V-2=$rzrH71Kfc$3
z$UR>%Wq!_gjsWVz!K(Mqcj{Q);@n`w5~hf7PaZ>syCss|{v`V}E0LO77B5S52d6t3
zO?l=*Ws-8)X&Iv-L+uKM`c*1fkYRzo>@ALct-EX6F2H%VukY}lyHk7-d&dxV#WbLS
zZ0aL7aKKddyC=)r%ViXb8al<$m~+#Bi9%|e{JSm+1CHhtY`>d`^4a0L9t<kCj*WEB
zt5BOvg62tl+CW1{6*izK`q~_cgOgbQpL#IbKw=51!POJM-}}01rwl&XA4p^9zm5#M
z_j`EWom7h09bHE0lcc{VKzWGtlN?8S!XkJ+(E40I#(WRFUuxbAT;|XK^1gQ!MY?cI
z`Tjd@2yvHOPp{5LTu)>V^X?aDj<?rLu{2pDfRQx<-$M7Kl&ntA&k#<ZloEgu|L%+Y
zs2N`7@hLA3AOgaC^lkgYuI5(#`XjfS-Q#ls%NO^rMa<zbV8`y|AkX~^A~5tFpu@vi
zwf8s1vB)Bz{5{&C@~Ec!t2BZD&<-K{OXTxQSZQ(`s?@eTq}F0_V0|SEB`Zn2i-viz
zaQRO%eNqr<zIu^HqdAJM46=YFN&l_KGtM#2cu|&@6^+&J+JuwHth%qE$qCSbbIR!z
z+n-Ayj@r{^ee1P-79bfXEBK74hX{Es6W_`^AX2zM7xOFuwE-2^%Rz`oW0B*WLC*8a
zw7sn)!tV+53)#U-f>6e6QqlOiG9u9urYId<2vU6f1=1D?1J1-iwcKN03vFT<rPh1o
zRoJXNh_uv;^v8gVhD|^PF-0i_D9xM90-MY~<zSMa9fw3CL;x|#1Uk!ZB%tu}gsp&C
z6S-t%NOxpX)*lhkCB}V)aldDG^`~*~X+O@gH`7q~*_I7O113$r@9X*ngpIlmZ-C7E
zSAnAC*1^ax98>z~%l*)Cxt<}udhwd`5IWI5=P*-H8Yn&t>k<<xMmn(h^z&OO)a81?
zB!|zW7u?_$*I{l4){F8378gMsP~-)aouK1?OCBIGrUZfss?29ENLHGSv8i>8P^dq+
z4LJ;ji%;~s*#*;@vadyY9Zl3<8EwjZF<h}vxAC{`;Y)NUGP)NJL>$UbJrwV)O3c5S
zVKb=%cdI?5It=~c_7ECJ>fXP&h|?{Pcqt19ROI{KT==q0tMlIrd|;DQ<vx#%Br*|8
z{2?H_bLR(B;%<;i1MkEu67Q`KcvkLI<&_ka{oEBFstA=>2&xM@u*%V?Ll76r8}!>h
zImo_d6U~y#7fH6Slf~stkx*!}GLOX*L{#8=XEOCFp3;;L+$JJ@2;U?lF=f{nT|JHh
z15=P5zBA95iHC5PQxq4NJrM2<7|AX_L!S%`5a`olMWwJLP7;eb8Fg?WAs%qc$3k@<
z8}7c(1v~@TdE-W6d5gfXxP2}@`2H>>iK=_5jE=x?!xpFZ3A#wL=Vz7hgC>Q$3fCh<
zn4z2-uBDR`D0-00{=QP{Log7r^Jn`oTl4TPfqG1$npZHijZbM)DYsTCZ!`cBy<jDu
z9>p3K$W{`J9>eW02=6UT)00U|7`_bvr7sLeKz|_g42UTJo^TtH`h8<Nq=ytOMxMyk
zWduchr2id;1V&36h(YM8aU>^<Hrz{z?1n5wu*#yf?1{7^l(6sCQy1jjAJKdL3ap5!
zs^GPE5P%YdW^7k>2@bTzGlp=4FU_VzluJKlJy<um@=qz)F9yBM^$6pBa{Fx)bHY)0
zwE+eVn(xWlYa*3{A7O^#oTzvGu<@fvg#rklQNs&o50tMkD1(qexR<<2_`5hY(K8vs
zC*N5}0<+?Y;W)u}%dIeIg%)u>vSX0Qr0Alh(OlV_1VEWE4nNiT3tO9+*DW<K+x}u-
zx-19pSCsTZb&x(O7eHni-xmDcsmv1>yN}yvwx==$&lu9ILdxZ<+*3nBbP;1leI`sI
zHVoEFzZ0>PXm!8=Mo7|KGBIef2kIs7?I!wC_zQg;l2r;d3g<rM7AJc1PZknu?kQI!
zMw`7&7#WYy*LDQ}3~pFs4?PhJc%`}evD|1GDi9Qce5*cgQ|uOsn4Lak_dumkFa4qj
z={pN)WK~fo(G5(tz4#<5^`9&xL-m9=&veO)(7ESfDPE<7D8KLCxcgK?Erp7sHed+=
zPzt*Htun+zNR+lKmHcNzB}e10rJBQ(s!$8h%4PIn#8BO=CF&ER{}=*CidA8NGiK6F
ztr*{CiTc6JK(>cbzO=7;c{RF2>$=YG>Wnw&;07&vW_x<&b{KY~Gx^dLYW`k*qp4y-
z5`(~crh}#Q<^Is99X}?aS(roLqACt?gH2Ec8b~;tcLKrQ!5Hk_HklG-{PbU_plE0s
zvgm{g_{V%W{u<3-;!n}zko}CPl?hspq<<|8Q7Y{Sd3^d#(8D8YdX`hGh$0tHXXi*P
z?!orKF=(eGAfM<{+9$@aqSJoq*uRbPly}4&wjsnw=z+3J3V`G4o}K}pdPof8<SQG>
z>8SIYWs#!g&Gt=!2P}2RH3O4^4u)afk<a5h2{|ORAnfVdq_6;EOG*d}hNV^5YJ69M
zy-cWvH=x=brB`7nSg=6Hr3BO9&B9g(J87Keq3B~kh<6JnQ8LcRX8%(O2AmObsxzZD
z9hDg78K0cUw%1ThJ%r4JAzjEPA5JSonT49>gMk*`Dn-!{H%N$fOd~ExvNyU7w*Uk=
z8Q?!C57ZG&dWps0^LlV&?1;mFR-hIc6J9mORvwJ%GGEqB;FR_!Jz03$P`78i#pwpK
zx6(N#wQr?{rw3Z8O%)HRw0WCsRL<U2>$boitZ9(w4t>SCa(Z%&Ld9(uG>~{9O((2M
z7^!cooFN#-V+un9h4}n%e$?;Sf$CZqfpuhknSfMILJ2NHBSB#9Ogey2iZVQYXQ?<_
z@b0og?1n2@AcC?PCQ6|i`0DM?Ju78044;qGKb2r?DSzTo=(;i~gcY$nK9|E2hR2$5
zz())9L*iLYjsK|xlfDGUACrm3kc>HQXD2u)uevFy<QX>^6kzUZ1hF52I!6sYJXtT&
zx!^dVboV6qPbJu(fWUb_GtAt%Gu8=}u*rx*Zh{L-_aE=bR{ULcObODQ2B2si7~y`2
zVMSNYlOK-l2nE6Vy8qn7k&wTZUTu2ETB!j+0WC?CBT@E&msb3i9I&2arW@5HHnh20
z-1zmi1+M?Kk_T=1W6w4;hqES6&8QN1`zMQ7NL)8lHVf4mBBr(x{1jOqIl(m{f3uhx
zmfYUFLYrlu=NPKcpFS{+YO0gSscNRWG|eiHh5eTHB-`v+Damwy;4r#~S+{y_s*@Yy
zB(#+I?4g#rVJLZfDO1zy$8#H`Nj1B+fJtLa4kcbn_=KbrN_(=ra6L$bM~YYI&G2}8
z%kLbdN^K*p2^MPb=%Cqj6GUVM@6I^X20#1n3#G|_a*%>?bK+PT4zn>)8wbYvf9ZHz
z|C57MD8QJ1>@1eAFwr1B^@v@#UQe7t0hZ>$qDat63F4FFr2p*tLxB|QGC-b;`7;Dx
zWle;WUL1hXT1hthtCvN=!oWK^${|hschQ@62Lm&(@j&?P7)JRYf=rR{xV4I5mNHUP
zCLvvRY~aI<ICa9NJnPa+SH2*#?IFm)v6O~al_=&297v;2@8RCv?;Ip!F!c@a*}h_{
ze{zscYckT3W?3(c5@-{l1}`f<6RAL7(v9rbfk{I1pTd>Q1RqN$j!Z&555PEN>5*iF
z$3)hx7Q_x{pG*Sxh?q=Y(so0lc)!;9bUJL(%!L_xA^uvg=0DNQLg>XMnQ4;}Oc;Jo
z0EHALGFhQtA)?_sO`8kQ##v`7KD4uJDl|)N%ul=q`JW?SGyoHV9AO;36VE3>&_}rS
zrEO`b)Vx7jVwbb1NP{z;=)_Ra7N-<WMDvRXn0H0S!&tzHDOe<g?0^qZHhRK!VB06A
zj%BCL*9%$9<TsL;s}hD6x)Tr3SP*9O8=$;5z<tLc_00|S96Aie+BG6>eiOc`q^jGf
zC`vl)+RWf|aPS?)!nDwml!H=t9lBD`Xx<Po={NPM(VF(l#`@!>PGt(8QiYLaY@E+u
zr_Lx8plC@Pt{Jc7nTwHqk^FE;8<!-&X4~T~3OUu$mEZy?8+7cfB3g!&&jscrB2N?t
z=xoxN$SCWdy#ic1q=;G?^CXMjOr};epiB7DZt;pYO}*y~GEX<-q1sJuIzGUr<6IH~
ze~;<J;Nz&hYhgHIA1Upx67d$W!}-sMSVo`D`DyK=>UlRMqJCfDd|R2(G93N3i7}L)
z;Z}+EVW@FBMt`-;NeIFs_Y<faIrU{2?PtQ(2_z6gH)=4J^t1WoYpER9(D8}T@aly;
zyT_?2_l%M<aXbR<`8r^k9@vSf{3jCnC_idJ{rO;V7GPn!9n{kzYg=e{N50ngQ;h9{
z!2cm)SCWMGStG~tECGR3pezK-gxgjy)!Q(0XGaOtHgecsKMr?+`crS9zA;GXk14@b
ze#~D~$FbgfY^G7lh&9S|&!`4E6@4D9C?~z4qdy@1OHan)B0qQqZ{7z?oj-WFp0Du)
z2d6dGa5r+5uYGgya9Q>Nx$y9Kdw}bGkTMaYX3o$!KU5|eTBSv`?;TyQj_6>p5#cf^
zf{o)JB+rYln+Vv?KtbOfxY1{$6JCr6-z$xdVlN^5nw;ATV)5ICozR^Y>@pydZz=W(
z5o0~u5W2Q=f%7MPeP9!(sstfAh=ggPoEPG2*7t0T20}(H_;1u~Ahaz`|GH*qMxgJZ
zCB%>VPCV>=8i-$%u-6=r?d}@c2Jv->f5pt+oF1-VKR|rVZjP8|dh8!<WDF-}05@wl
z=8S-IyO#$7z)F{wi&GN14ZYUwlw+Rmmp{Z6o+xkEbFn#3NiafVkQ@<arwKn*P}w&K
zJ88Am?8g^S;3a*=DapV^qN4EThty7Nq{~Sx6%(pDk&~IdlS`A3LIJ#Rz|pAF_&K^*
z)j!U=c|{o;M1>$fecasKoZj3VPVDwgq(TJZrzuFBCjRigrDF5qF{Taqw5ZO07QFtv
zN#AcQV5G-Z{l|W-X?|~lFX9!VE9aGw1F|FyPLxdQun||RO)hO7oL#PT-|bwovTcj}
z**INi`GKz9mjw03J(q;_hT+ZoUPjjla@1^fNTF!Z3D=hLH%E5v#!E%nX^$09Seq4V
z1HRY#bT<$<MCFhwGcfnTsj1-)!hhI<VABni=T`fu4ynqtT{G-N4)$y4RGXTJ_MoBm
z^-egxJN3}0<V{3W_)~}&u(7!~<9J6Um79nXULJF+?v*}gpW2!>s2Katkk=!CLk!`(
zT(a>^U&qTJ`*R94W5X%{RU^Rr@qH>&t0w5$UA5&_0y1!p5Hq=*Ot0#cIln~W^KP5v
zHzw(exh`e6TTvJZC6Xqz<~cQC9jb;}`&Ui%dNHe7(VLO4ppn1c1?&?)DO3>t=FDYH
zw*kThThnzi`{W-K6mGKc<5wKS3>ZWivzFWS!@44~WLkYTpw{UB<DA-)?KHXPiwRn^
zPmxl=Hv5fwd}pn>`Twep%w-LV^oUGW)DN<HX)?Sp9|}K88vk)t0`5zd{i)j@c3oT~
zWyB{!yw=rTc<>KF+NSF(uOhiLQ<|cVLRacbV~_z^Ms(FkFCoz1iE+@8LI3{tJtVuJ
zQpwFwJ6=wq+m}&OUp}h`%4OQQ^Dg$df@pd-rm7TI6lGYN5^yXgA;d{(h*xaxBYlrh
z6g;k{&FI&|iMZw5NbwDd0(C*BhM@aB1`Ec%lRBzESOb36RvmPNgoPo}y=bhV8l9bZ
zN@y`~9ypI%#IQf2qhb2%Yx44{27bzB*0y>vbqU#Xi#`8I^Dknb4l-mJFgXw0rdCT1
zxoA=Nu;EY!`vyZm-|50ROy+DFD^cRvRG`XLF;dRUU4Id=C!Usp6DBKj3^MJHqbvgv
zG(i&;&|OA<7ZRjK{$Nl6<^~lP5<m2r)8>oLOc9q8BbW|*NQ?(v7VDwXK)ECfc3@W|
zig7$}3R5|=l-xWH+oV8nWOgx%Qb|&ht?nlAp@Vb+3$ba+(kR^+r{=4Ok07j!z(zl?
zR-*N@c(j2#+$%IVVKD@f44BV4{D=A6T;WflDfcP2N|pQ3<3tJ@8$Y_BhhVgV?~n7L
z{a>cX@FO}xIAYyB?fg;Gct<veG3O7uI$>S{yhv*f(sX2oVu;OYPX*g=kV;;D(1gOU
z7uOg;fe!Ho%)9TG;VrM7_Zl~xSZ;39fdE}yngKKdrF^UfJ@EiN>fH6GRD$AX^_;ld
z<x*iQ-@R*`k3~MjV|_;J)R{dMxTm4ikKmP$$616ni-9{DH^)LL#6?X87+~*@B?1m?
zQR#4Ivs#^O8luAghRvvj{J&x|)UgA9jPTMCA5GHYWmItgD>f6B#)|gMW(H-y*-Q~c
zJE|6GTD%f?q{5+tUxi-+zRZMNHdJ4iqYE6Zo1+U@U~W;qYmSHQ&?kX)zk*z55}1(j
z1S*+%7>s+SP6K7iHQ=YbZRtWlj_3eo253P3-h>S)-mv~OvSzI!r39^n8$lY&0q`99
zL-MkaKGo+A2D7CIzm0r|tD$uhem#YW4A?GIGH)B7B<(=_5H)<Fza8-vuhbZ^T3kF*
zF#{}2It`lcFwD@^-HCyUS}}4(>86!RU@I5itd|gY49MFCbd&ZUC4tAT<RchnG-=Wd
z!wLq0(*MTBloEa081dvuuw=RaQ^qI@$5&!Yep(r-sllDDg!0Al-kC}RY?FcB7NUkQ
zCfan3&f5c2Uwm_MahdLWc-$GhMghLxGA8+W*q;MO;m1jJp6PF3WmzVpNA)wC^1&(B
z&g;JxK*^zhKUx|Dzi>(PJ*LJmii=SqPkCJyTh{x@)mY#L#?7F=<m{pN5unG(-($=e
z^zA*Udsslkj4^ZBP}be@q;k2^>T08sISCIZvFF@3(eyGPuP8`Q`QhA^s;B5M^3VJa
zeTm;AXjh%a0}O;V;ZM^+`Mjzsk%;!XU#p7hG)Gh*(3LNx4P)mv+_I(_335BO;Xij3
zZFg8GXwgvyK6-?L9nQn;Nh|Ywwk#BfK7iE9YX{~<p0rm^Lnle7%k+yw+={lAo8Eqj
zKtX7Gnm<S+mQ9hZMN@JI*}DD3bKaj4!t8w!pX4@u1#5+@xi8ft-C25JurpkPI>nZ&
zp2GeQd};QOz-0r*l*&KcPMWISEmvXgpUqxxqmTMOz)L}-eesy5dYc$ilDwW8=2%v+
z*QZ6hYSk-e)LXVhORpUj@sTsWLJVw6ow}zoNt~ndyu>lE9%33Tl{w#hr+&&Ta-NjA
z5oMVUOKY4*o$<6B+{VI#NApD965<AW)b^!K#gpu1=bS7@P51tn>*ld)-$}=86KZie
z3dSXKMx%s3e_($zhXPqK_%T1PK3Q-&%6NuqZc1#=evXKD)0{PM1ri@R$?3yPSJN1-
zf4M3gILJdN^R5yzFSohf^X!{v?(E2LS(jHIcZM<6V)(g*njs{Qxh@mBO54Rlb=_J$
z$A!0Eh0aeG9HS<S`@fi~(GJ;9=K~s94b;RQy)+isuROCW@>2_eNFglP)#Pj*l3LYZ
zS@M`ly11iqvfBeV^Fu_t-M5rkTomjccGBr1HtUb&(DDDBxW$PnDTg7CK5QJjtG|_O
zsQ}uCA!SY&H2d%vOITFC8==5Yb~6H-V%&V?CMluLx?FT4=RAIK^=~i|qlSzwmhHFb
z08@<J0<Yz+k?cdhKvF#_b6z<MHsN+|d<LR>ULeB^Vc-8)AZuw^rW01~T_LId_*DE=
z4G|QtzM_qXVLjPR$TTr{rRHNPyU~>y@WJ`ycxdz6e6!ok@j%+8a`~FZQw3|Z+tLlM
zlC>Y4Q&n*C@@YD&z00$l4K34jsGs4#1G#XkBPi4og>^SxUi=L<QY#OB7nlAm4nlUd
z)QCzsF@QLVi{Q0FM@d1x(nn(u(<eNE&x+M{*|E^1(_Mk82v@$`a5UQdm|pVr^!ib0
z$Fkn;nlXx$)wr~@xX@dr0pIM>ahSjvXd>NXQZlHqV7$0$b%GjcHDGOithAxWK@=sP
zNK=0x!_}T@Wse4l1+^4b5m4C7T#9MS3}0R-SmleQsb>m!di|2T?(-nI8R9jj{%j`y
zgp0Vaxd2!W7TUqj(@=Y(x9@#EHyqDoeDw_M-t6=NT=DSoM6EN`_Bd}-)jW;O0VJ`k
zy$%Xpe{@u|mfNBd?1Z9#8>X{Rn2Nw~*n@T)kDH`@g7O~0+np%S>sY=^!H6XWPf2Bk
zeZ^XtG_LNfk{TZ&rwV!w%+qfXUt1%G5?y?&LOsK-1yRm2#xSL4Pa+PHc>?s-V>?Jp
zn{syEdY^f))VMS2fu#FUP;)fXB=ru(GfK%*b!E0Ao!cp9$}Op`3O)OvpI2y({izc(
z>kA34wR%FMp*(Y3AsjxQ$)O4l_A(WWF&h+FP#7sSH0z;5<DSyj(M@#v2WZ5-+4Qn8
zdlg&gNg?U$S()bM99CDGWo;EevN)}0i}|*kC5H+)Vg@`yYe0wuRO6rsDr3pcrn92$
zn+L~VrDw&&hzg<9yRCc$`_1g)rLVvo1JC|U9-1^!!~@#M(@bIaHX69vBMe;hLv%6c
zYB?4az9ZodTK}FLY@MG)c1p#(&}JPn$kj!yg<a%C*v2Ld*?jjXoj-HxxSsI~8oC~4
zQF5^UH4;-<@kqZh?z&<<+pDniS;ZFxc5XAI!<<(e$0OD8p>Y4vx;A7>Afn2BdOOM`
zA!3x5dpCJ{jL7cwbTP&l8uxpI(?oLMFe-$X>~@bydiOU>h?nwv413n09`4!@nvCX#
zY#SQxnlXdrL-m`$pC(k@UP)Qh?quCE)8)prY`#;6)vj@@SO2=%Qc;aREyK@Z6mWxU
zYwr}lnN(wcZGXdXHA13FJIaf(z($EfrtZe?Qm|#f@+edz1z<*x&FsW?CL|R8wdd;a
z-ui(z!&qx{8K-M~ENlqKO&qi4Rys2EL%z$3F18<)Rz7mY_Z=9P;4P|dMm+<K3J*~=
z1o~9dg=jIo29HWLh9sV$On7<su>co^ZFDwL@9C>ql6#N<h37DCSR{O=3h`Ayw*^U^
zB4{>%E?Yz0rL61fY?0NOcA^Nb(LY4dH&MTG1k-OrLlWZRsCMFUUt<Dm9=ikF>as};
zqOvLN(7BI!pfpv$l11xBrF8ADT)JIyLCdP=5%S}q?Lvbm)Q-^*XRxDzqjk&3`l2*Q
zS}U1xHW3^tcavJleNjQ1d2EZsT@ACjYgbL84O}9NFigp7FR&eu5!*|ws9n|T@X?i;
z!f6w*uF{<<9fVWb^0Y(~-?haHYB+;#jA+ZBgJ)CbKKfiH&tb>XzA%ZZu}?-*?K+pN
zkV?1XTt1Ix*9Q;BfX`Ujo~-WcrQsGi&%zgf_AYd#uZual$)Q%>+??kWf2ub>p|fzx
zU1iM&rTa{AF^j|S3e#@n;vmh5Lfulk47C55>Lu>+|3SS(IBTms{wyWSSQ0r=bKR#*
z(MlJ^Y0Kj}1_$`5{^C74-IQ|Rr|U^#YHIHOZUyVi6CV3M=-3RW#J37SVfulEh((kv
z%$wQ($6mUpc^RK73~Crx%AR+pj$I<&$Ad<y)2nq)ARVNk+Y$8`t2aR~(5E*$xRB!H
zp@wSqmp44He}l8;rTXL~Sl-4D^03TKmU_`Ga$jX>hIKu|)~DkWqurE50}ev+*<&ND
zQu)9l9FaeR8YtAO0!fIwuFpcgV9qC5Y8R1*5kpSz!`@I17{=tc{S5k4pn8%P`kKy;
z$P{Y%-7n(Qe$g#47aPl8{zZuH4~H*Pr>`Y=+g-l*rvr1cw*PDGi#hSOCouYY@v%VS
zj68qHG6B}h8LoV?u_m(~7PDktkqVopkV}?H+-W{V8+e-@F0&~T2$pURUiR1FRGWAM
zzsc$18NZFqIwh>hJrl8PE|2zlH?ouV(oX{0JRG2v?X_JS7xQLaFlX0$8?Ob_Va<+6
zHeQYJM;B4an&dRyl2GNr@?6e})j6gdRti$+>J5r^Z4}EcgI9}=*H{DmNG>HqzH<;&
z#3da4ME5SMJZAOfw^<xKYh+K3g*22=aOFn-O|eKbtMSX>#!__asJ{+onO}9y<WWA<
zk>Bxwu?4`!mOewf{!6pXWm=cJ$(>T2HY{dr%_>v1Wd}O<6xHyp4p12znSDyz!=EkS
z0!f;R#Q*|lXMOFJoq=QB9Y;?9?cLDQTo2{GZ!VYjTjME!o6GI)e?5Om0xXyRSN!Gv
ze}KPSBHca3F-Ug2|Maz7D%J%*1<$wrpUht(xv1yyqeTxs&;^6(RA<98YAYyP9HyI6
zx2*5Fx<1I(VlP^y5VS}DaJj78zSy`wL*VbWy}hoUz6x_fsy|_il8dJ)eyTJcLzqu1
zgxy@SzD7xqw}E%4$H&~d>T%*=5OKcBDt9D$z1Dkh5seiJ|NJ!N_z~}*q%83R6)i_K
ze3ZC>5zEc`c1dVTUDIv}T&x1B9>iYLm!&{TG}bA4evWdly(qp$3Sov*W|O?Fz~1Np
zB)Ro6UfT1;LLmKYNZ_=6EWs2Z+DqasW=+vuHg*@Pp}J~|eWc<#uT{F^DlKa_8DT=Z
zUbP4iSt9;y;Q{_M+34*-T{DQz%w7OOM47N{B^vc2$hC0xi&*K$U+04`W`W23FtkdQ
z-wx3)A5BBB$bQXP`Q^k^;tu7v3yh=2*1P+=_fx!B6TZEe=6zi1+gmVqcEKoi!5^&H
z*v)?dxIEu84Nl)XH+OOEUq-YhP-~G35A~B_9h2NANGmrLZF_HaTRO3@d?K4aE^iSR
z=PJKj!SL`;e}A30i2HoDPaYRQZKDfOtTkC+ijrL)T=qw&%q5Ll1v|`l5pq-JUA0R2
zbP0X~uxbrt`*6(tGHmPS9;1i@+4lp)cWis9HL8(H{>BlX1!+BVX0h@Ofz$~u9`9%p
zq<l9+huuWv(QuiA-^66f^6R<E@){>h`U^}emuJe$UaRfNmhU2Er?@=NH*MU28Mopq
zzm8i#-)`O%AeZ;W_xu0-J9%FE<BhWzczJB*vn2_+<?8vmh3hNL2UR3%o}BdRHA;L;
zH5CX(aag||qpN@Yrb>VG+wfQmFGZ;&m-4W4#-qeKS4oT+G;qP8!+^QEoJTp1_4GV`
z)wq9sVniO#2`3y`-LtD?159NzUU@?Yb{j(PeerT}90Vc*4%OCvx}rxzCo)9jQ&@@w
zN_zCQUXPA<VMkur_nT71gtKj%t%N5;dM7lbq0XTM;+yY#W&}<D6ki2PS=^ey4@ZKb
zXL;*+_Nt`JCY@FE6Jh`leoec6shQ!)Mlqkx!f}8#Rvg`qnGr)j+`OeND1ZkD-{AP(
z;kn~|RdlCmKMeUU=6+C|s)9(H;j`g_8ga&Y`((4nenNFQ;l2-PeQ-_{!W`cM>|I8;
z&2ayakX`Ha?8f9Cp7N^8vHARBSRXlZf0G^Q+2hBo|6=9cwDel$0+iUs=l~vub3<Fw
z4PRe**|2%o&9VS}eGC8J0GNn>0nEPu=6`1Zlld=z`4_<a-vEr>|F!_;^#7j#rsQ7$
s^Dlt;7r^`rVEzR#|6>5=c=!Is{pAD3_sbUu2nYZ$cY0C;N)iS7FBWKY1ONa4

literal 0
HcmV?d00001

diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/.editorconfig b/charts/rancher-monitoring/103.2.2+up57.0.3/.editorconfig
new file mode 100644
index 0000000000..f5ee2f4610
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/.editorconfig
@@ -0,0 +1,5 @@
+root = true
+
+[files/dashboards/*.json]
+indent_size = 2
+indent_style = space
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/.helmignore
new file mode 100644
index 0000000000..9bdbec92b4
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/.helmignore
@@ -0,0 +1,29 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+# helm/charts
+OWNERS
+hack/
+ci/
+kube-prometheus-*.tgz
+
+unittests/
+files/dashboards/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/CHANGELOG.md b/charts/rancher-monitoring/103.2.2+up57.0.3/CHANGELOG.md
new file mode 100644
index 0000000000..8178169b91
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/CHANGELOG.md
@@ -0,0 +1,47 @@
+# Changelog
+All notable changes from the upstream Prometheus Operator chart will be added to this file.
+
+## [Package Version 00] - 2020-07-19
+### Added
+- Added [Prometheus Adapter](https://github.com/helm/charts/tree/master/stable/prometheus-adapter) as a dependency to the upstream Prometheus Operator chart to allow users to expose custom metrics from the default Prometheus instance deployed by this chart
+- Remove `prometheus-operator/cleanup-crds.yaml` and `prometheus-operator/crds.yaml` from the Prometheus Operator upstream chart in favor of just using the CRD directory to install the CRDs.
+- Added support for `rkeControllerManager`, `rkeScheduler`, `rkeProxy`, and `rkeEtcd` PushProx exporters for monitoring k8s components within RKE clusters
+- Added support for a `k3sServer` PushProx exporter that monitors k3s server components (`kubeControllerManager`, `kubeScheduler`, and `kubeProxy`) within k3s clusters
+- Added support for `kubeAdmControllerManager`, `kubeAdmScheduler`, `kubeAdmProxy`, and `kubeAdmEtcd` PushProx exporters for monitoring k8s components within kubeAdm clusters
+- Added support for `rke2ControllerManager`, `rke2Scheduler`, `rke2Proxy`, and `rke2Etcd` PushProx exporters for monitoring k8s components within rke2 clusters
+- Exposed `prometheus.prometheusSpec.ignoreNamespaceSelectors` on values.yaml and set it to `false` by default. This value instructs the default Prometheus server deployed with this chart to ignore the `namespaceSelector` field within any created ServiceMonitor or PodMonitor CRs that it selects. This prevents ServiceMonitors and PodMonitors from configuring the Prometheus scrape configuration to monitor resources outside the namespace that they are deployed in; if a user needs to have one ServiceMonitor / PodMonitor monitor resources within several namespaces (such as the resources that are used to monitor Istio in a default installation), they should not enable this option since it would require them to create one ServiceMonitor / PodMonitor CR per namespace that they would like to monitor. Relevant fields were also updated in the default README.md.
+- Added `grafana.sidecar.dashboards.searchNamespace` to `values.yaml` with a default value of `cattle-dashboards`. The namespace provided should contain all ConfigMaps with the label `grafana_dashboard` and will be searched by the Grafana Dashboards sidecar for updates. The namespace specified is also created along with this deployment. All default dashboard ConfigMaps have been relocated from the deployment namespace to the namespace specified
+- Added `monitoring-admin`, `monitoring-edit`, and `monitoring-view` default `ClusterRoles` to allow admins to assign roles to users to interact with Prometheus Operator CRs. These can be enabled by setting `.Values.global.rbac.userRoles.create` (default: `true`). In a typical RBAC setup, you might want to use a `ClusterRoleBinding` to bind these roles to a Subject to allow them to set up or view `ServiceMonitors` / `PodMonitors` / `PrometheusRules` and view `Prometheus` or `Alertmanager` CRs across the cluster. If `.Values.global.rbac.userRoles.aggregateRolesForRBAC` is enabled, these ClusterRoles will aggregate into the respective default ClusterRoles provided by Kubernetes
+- Added `monitoring-config-admin`, `monitoring-config-edit` and `monitoring-config-view` default `Roles` to allow admins to assign roles to users to be able to edit / view `Secrets` and `ConfigMaps` within the `cattle-monitoring-system` namespace. These can be enabled by setting `.Values.global.rbac.userRoles.create` (default: `true`). In a typical RBAC setup, you might want to use a `RoleBinding` to bind these roles to a Subject within the `cattle-monitoring-system` namespace to allow them to modify Secrets / ConfigMaps tied to the deployment, such as your Alertmanager Config Secret. 
+- Added `monitoring-dashboard-admin`, `monitoring-dashboard-edit` and `monitoring-dashboard-view` default `Roles` to allow admins to assign roles to users to be able to edit / view `ConfigMaps` within the `cattle-dashboards` namespace. These can be enabled by setting `.Values.global.rbac.userRoles.create` (default: `true`) and deploying Grafana as part of this chart. In a typical RBAC setup, you might want to use a `RoleBinding` to bind these roles to a Subject within the `cattle-dashboards` namespace to allow them to create / modify ConfigMaps that contain the JSON used to persist Grafana Dashboards on the cluster.
+- Added default resource limits for `Prometheus Operator`, `Prometheus`, `AlertManager`, `Grafana`, `kube-state-metrics`, `node-exporter`
+- Added a default template `rancher_defaults.tmpl` to AlertManager that Rancher will offer to users in order to help configure the way alerts are rendered on a notifier. Also updated the default template deployed with this chart to reference that template and added an example of a Slack config using this template as a comment in the `values.yaml`.
+- Added support for private registries via introducing a new field for `global.cattle.systemDefaultRegistry` that, if supplied, will automatically be prepended onto every image used by the chart.
+- Added a default `nginx` proxy container deployed with Grafana whose config is set in the `ConfigMap` located in `charts/grafana/templates/nginx-config.yaml`. The purpose of this container is to make it possible to view Grafana's UI through a proxy that has a subpath (e.g. Rancher's proxy). This proxy container is set to listen on port `8080` (with a `portName` of `nginx-http` instead of the default `service`), which is also where the Grafana service will now point to, and will forward all requests to the Grafana container listening on the default port `3000`.
+- Added a default `nginx` proxy container deployed with Prometheus whose config is set in the `ConfigMap` located in `templates/prometheus/nginx-config.yaml`. The purpose of this container is to make it possible to view Prometheus's UI through a proxy that has a subpath (e.g. Rancher's proxy). This proxy container is set to listen on port `8081` (with a `portName` of `nginx-http` instead of the default `web`), which is also where the Prometheus service will now point to, and will forward all requests to the Prometheus container listening on the default port `9090`.
+- Added support for passing CIS Scans in a hardened cluster by introducing a Job that patches the default service account within the `cattle-monitoring-system` and `cattle-dashboards` namespaces on install or upgrade and adding a default allow all `NetworkPolicy` to the `cattle-monitoring-system` and `cattle-dashboards` namespaces.
+### Modified
+- Updated the chart name from `prometheus-operator` to `rancher-monitoring` and added the `io.rancher.certified: rancher` annotation to `Chart.yaml`
+- Modified the default `node-exporter` port from `9100` to `9796`
+- Modified the default `nameOverride` to `rancher-monitoring`. This change is necessary as the Prometheus Adapter's default URL (`http://{{ .Values.nameOverride }}-prometheus.{{ .Values.namespaceOverride }}.svc`) is based off of the value used here; if modified, the default Adapter URL must also be modified
+- Modified the default `namespaceOverride` to `cattle-monitoring-system`. This change is necessary as the Prometheus Adapter's default URL (`http://{{ .Values.nameOverride }}-prometheus.{{ .Values.namespaceOverride }}.svc`) is based off of the value used here; if modified, the default Adapter URL must also be modified
+- Configured some default values for `grafana.service` values and exposed them in the default README.md
+- The default namespaces the following ServiceMonitors were changed from the deployment namespace to allow them to continue to monitor metrics when `prometheus.prometheusSpec.ignoreNamespaceSelectors` is enabled:
+    - `core-dns`: `kube-system`
+    - `api-server`: `default`
+    - `kube-controller-manager`: `kube-system`
+    - `kubelet`: `{{ .Values.kubelet.namespace }}`
+- Disabled the following deployments by default (can be enabled if required):
+    - `AlertManager`
+    - `kube-controller-manager` metrics exporter
+    - `kube-etcd` metrics exporter
+    - `kube-scheduler` metrics exporter
+    - `kube-proxy` metrics exporter
+- Updated default Grafana `deploymentStrategy` to `Recreate` to prevent deployments from being stuck on upgrade if a PV is attached to Grafana
+- Modified the default `<serviceMonitor|podMonitor|rule>SelectorNilUsesHelmValues` to default to `false`. As a result, we look for all CRs with any labels in all namespaces by default rather than just the ones tagged with the label `release: rancher-monitoring`.
+- Modified the default images used by the `rancher-monitoring` chart to point to Rancher mirrors of the original images from upstream.
+- Modified the behavior of the chart to create the Alertmanager Config Secret via a pre-install hook instead of using the normal Helm lifecycle to manage the secret. The benefit of this approach is that all changes to the Config Secret done on a live cluster will never get overridden on a `helm upgrade` since the secret only gets created on a `helm install`. If you would like the secret to be cleaned up on an `helm uninstall`, enable `alertmanager.cleanupOnUninstall`; however, this is disabled by default to prevent the loss of alerting configuration on an uninstall. This secret will never be modified on a `helm upgrade`.
+- Modified the default `securityContext` for `Pod` templates across the chart to `{"runAsNonRoot": "true", "runAsUser": "1000"}` and replaced `grafana.rbac.pspUseAppArmor` in favor of `grafana.rbac.pspAnnotations={}` in order to make it possible to deploy this chart on a hardened cluster which does not support Seccomp or AppArmor annotations in PSPs. Users can always choose to specify the annotations they want to use for the PSP directly as part of the values provided.
+- Modified `.Values.prometheus.prometheusSpec.containers` to take in a string representing a template that should be rendered by Helm (via `tpl`) instead of allowing a user to provide YAML directly.
+- Modified the default Grafana configuration to auto assign users who access Grafana to the Viewer role and enable anonymous access to Grafana dashboards by default. This default works well for a Rancher user who is accessing Grafana via the `kubectl proxy` on the Rancher Dashboard UI since anonymous users who enter via the proxy are authenticated by the k8s API Server, but you can / should modify this behavior if you plan on exposing Grafana in a way that does not require authentication (e.g. as a `NodePort` service).
+- Modified the default Grafana configuration to add a default dashboard for Rancher on the Grafana home page.
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/CONTRIBUTING.md b/charts/rancher-monitoring/103.2.2+up57.0.3/CONTRIBUTING.md
new file mode 100644
index 0000000000..f6ce2a3235
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/CONTRIBUTING.md
@@ -0,0 +1,12 @@
+# Contributing Guidelines
+
+## How to contribute to this chart
+
+1. Fork this repository, develop and test your Chart.
+1. Bump the chart version for every change.
+1. Ensure PR title has the prefix `[kube-prometheus-stack]`
+1. When making changes to rules or dashboards, see the README.md section on how to sync data from upstream repositories
+1. Check the `hack/minikube` folder has scripts to set up minikube and components of this chart that will allow all components to be scraped. You can use this configuration when validating your changes.
+1. Check for changes of RBAC rules.
+1. Check for changes in CRD specs.
+1. PR must pass the linter (`helm lint`)
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/Chart.yaml
new file mode 100644
index 0000000000..d71222b02d
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/Chart.yaml
@@ -0,0 +1,148 @@
+annotations:
+  artifacthub.io/license: Apache-2.0
+  artifacthub.io/links: |
+    - name: Chart Source
+      url: https://github.com/prometheus-community/helm-charts
+    - name: Upstream Project
+      url: https://github.com/prometheus-operator/kube-prometheus
+  artifacthub.io/operator: "true"
+  catalog.cattle.io/auto-install: rancher-monitoring-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/deploys-on-os: windows
+  catalog.cattle.io/display-name: Monitoring
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/namespace: cattle-monitoring-system
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: monitoring.coreos.com.prometheus/v1
+  catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.19.0-0'
+  catalog.cattle.io/release-name: rancher-monitoring
+  catalog.cattle.io/requests-cpu: 4500m
+  catalog.cattle.io/requests-memory: 4000Mi
+  catalog.cattle.io/type: cluster-tool
+  catalog.cattle.io/ui-component: monitoring
+  catalog.cattle.io/upstream-version: 57.0.3
+apiVersion: v2
+appVersion: v0.72.0
+dependencies:
+- condition: grafana.enabled
+  name: grafana
+  repository: file://./charts/grafana
+  version: 7.3.11
+- condition: hardenedKubelet.enabled
+  name: hardenedKubelet
+  repository: file://./charts/hardenedKubelet
+  version: 0.2.1
+- condition: hardenedNodeExporter.enabled
+  name: hardenedNodeExporter
+  repository: file://./charts/hardenedNodeExporter
+  version: 0.2.1
+- condition: k3sServer.enabled
+  name: k3sServer
+  repository: file://./charts/k3sServer
+  version: 0.2.1
+- condition: kubeStateMetrics.enabled
+  name: kube-state-metrics
+  repository: file://./charts/kube-state-metrics
+  version: 5.16.4
+- condition: kubeAdmControllerManager.enabled
+  name: kubeAdmControllerManager
+  repository: file://./charts/kubeAdmControllerManager
+  version: 0.2.1
+- condition: kubeAdmEtcd.enabled
+  name: kubeAdmEtcd
+  repository: file://./charts/kubeAdmEtcd
+  version: 0.2.1
+- condition: kubeAdmProxy.enabled
+  name: kubeAdmProxy
+  repository: file://./charts/kubeAdmProxy
+  version: 0.2.1
+- condition: kubeAdmScheduler.enabled
+  name: kubeAdmScheduler
+  repository: file://./charts/kubeAdmScheduler
+  version: 0.2.1
+- condition: prometheus-adapter.enabled
+  name: prometheus-adapter
+  repository: file://./charts/prometheus-adapter
+  version: 4.2.0
+- condition: nodeExporter.enabled
+  name: prometheus-node-exporter
+  repository: file://./charts/prometheus-node-exporter
+  version: 4.30.3
+- condition: rke2ControllerManager.enabled
+  name: rke2ControllerManager
+  repository: file://./charts/rke2ControllerManager
+  version: 0.2.1
+- condition: rke2Etcd.enabled
+  name: rke2Etcd
+  repository: file://./charts/rke2Etcd
+  version: 0.2.1
+- condition: rke2IngressNginx.enabled
+  name: rke2IngressNginx
+  repository: file://./charts/rke2IngressNginx
+  version: 0.2.1
+- condition: rke2Proxy.enabled
+  name: rke2Proxy
+  repository: file://./charts/rke2Proxy
+  version: 0.2.1
+- condition: rke2Scheduler.enabled
+  name: rke2Scheduler
+  repository: file://./charts/rke2Scheduler
+  version: 0.2.1
+- condition: rkeControllerManager.enabled
+  name: rkeControllerManager
+  repository: file://./charts/rkeControllerManager
+  version: 0.2.1
+- condition: rkeEtcd.enabled
+  name: rkeEtcd
+  repository: file://./charts/rkeEtcd
+  version: 0.2.1
+- condition: rkeIngressNginx.enabled
+  name: rkeIngressNginx
+  repository: file://./charts/rkeIngressNginx
+  version: 0.2.1
+- condition: rkeProxy.enabled
+  name: rkeProxy
+  repository: file://./charts/rkeProxy
+  version: 0.2.1
+- condition: rkeScheduler.enabled
+  name: rkeScheduler
+  repository: file://./charts/rkeScheduler
+  version: 0.2.1
+- condition: windowsExporter.enabled
+  name: windowsExporter
+  repository: file://./charts/windowsExporter
+  version: 0.3.1
+description: kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards,
+  and Prometheus rules combined with documentation and scripts to provide easy to
+  operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus
+  Operator.
+home: https://github.com/prometheus-operator/kube-prometheus
+icon: file://assets/logos/rancher-monitoring.png
+keywords:
+- operator
+- prometheus
+- kube-prometheus
+kubeVersion: '>=1.19.0-0'
+maintainers:
+- email: andrew@quadcorps.co.uk
+  name: andrewgkew
+- email: gianrubio@gmail.com
+  name: gianrubio
+- email: github.gkarthiks@gmail.com
+  name: gkarthiks
+- email: kube-prometheus-stack@sisti.pt
+  name: GMartinez-Sisti
+- email: github@jkroepke.de
+  name: jkroepke
+- email: scott@r6by.com
+  name: scottrigby
+- email: miroslav.hadzhiev@gmail.com
+  name: Xtigyro
+- email: quentin.bisson@gmail.com
+  name: QuentinBisson
+name: rancher-monitoring
+sources:
+- https://github.com/prometheus-community/helm-charts
+- https://github.com/prometheus-operator/kube-prometheus
+type: application
+version: 103.2.2+up57.0.3
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/README.md
new file mode 100644
index 0000000000..9baf58bb16
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/README.md
@@ -0,0 +1,1080 @@
+# kube-prometheus-stack
+
+Installs the [kube-prometheus stack](https://github.com/prometheus-operator/kube-prometheus), a collection of Kubernetes manifests, [Grafana](http://grafana.com/) dashboards, and [Prometheus rules](https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/) combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with [Prometheus](https://prometheus.io/) using the [Prometheus Operator](https://github.com/prometheus-operator/prometheus-operator).
+
+See the [kube-prometheus](https://github.com/prometheus-operator/kube-prometheus) README for details about components, dashboards, and alerts.
+
+_Note: This chart was formerly named `prometheus-operator` chart, now renamed to more clearly reflect that it installs the `kube-prometheus` project stack, within which Prometheus Operator is only one component._
+
+## Prerequisites
+
+- Kubernetes 1.19+
+- Helm 3+
+
+## Get Helm Repository Info
+
+```console
+helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+helm repo update
+```
+
+_See [`helm repo`](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+
+## Install Helm Chart
+
+```console
+helm install [RELEASE_NAME] prometheus-community/kube-prometheus-stack
+```
+
+_See [configuration](#configuration) below._
+
+_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
+
+## Dependencies
+
+By default this chart installs additional, dependent charts:
+
+- [prometheus-community/kube-state-metrics](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics)
+- [prometheus-community/prometheus-node-exporter](https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-node-exporter)
+- [grafana/grafana](https://github.com/grafana/helm-charts/tree/main/charts/grafana)
+
+To disable dependencies during installation, see [multiple releases](#multiple-releases) below.
+
+_See [helm dependency](https://helm.sh/docs/helm/helm_dependency/) for command documentation._
+
+## Uninstall Helm Chart
+
+```console
+helm uninstall [RELEASE_NAME]
+```
+
+This removes all the Kubernetes components associated with the chart and deletes the release.
+
+_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
+
+CRDs created by this chart are not removed by default and should be manually cleaned up:
+
+```console
+kubectl delete crd alertmanagerconfigs.monitoring.coreos.com
+kubectl delete crd alertmanagers.monitoring.coreos.com
+kubectl delete crd podmonitors.monitoring.coreos.com
+kubectl delete crd probes.monitoring.coreos.com
+kubectl delete crd prometheusagents.monitoring.coreos.com
+kubectl delete crd prometheuses.monitoring.coreos.com
+kubectl delete crd prometheusrules.monitoring.coreos.com
+kubectl delete crd scrapeconfigs.monitoring.coreos.com
+kubectl delete crd servicemonitors.monitoring.coreos.com
+kubectl delete crd thanosrulers.monitoring.coreos.com
+```
+
+## Upgrading Chart
+
+```console
+helm upgrade [RELEASE_NAME] prometheus-community/kube-prometheus-stack
+```
+
+With Helm v3, CRDs created by this chart are not updated by default and should be manually updated.
+Consult also the [Helm Documentation on CRDs](https://helm.sh/docs/chart_best_practices/custom_resource_definitions).
+
+_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
+
+### Upgrading an existing Release to a new major version
+
+A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions.
+
+### From 56.x to 57.x
+
+This version upgrades Prometheus-Operator to v0.72.0
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.72.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 55.x to 56.x
+
+This version upgrades Prometheus-Operator to v0.71.0, Prometheus to 2.49.1
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.71.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 54.x to 55.x
+
+This version upgrades Prometheus-Operator to v0.70.0
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.70.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 53.x to 54.x
+
+Grafana Helm Chart has bumped to version 7
+
+Please note Grafana Helm Chart [changelog](https://github.com/grafana/helm-charts/tree/main/charts/grafana#to-700).
+
+### From 52.x to 53.x
+
+This version upgrades Prometheus-Operator to v0.69.1, Prometheus to 2.47.2
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.69.1/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 51.x to 52.x
+
+This includes the ability to select between using existing secrets or create new secret objects for various thanos config. The defaults have not changed but if you were setting:
+
+- `thanosRuler.thanosRulerSpec.alertmanagersConfig` or
+- `thanosRuler.thanosRulerSpec.objectStorageConfig` or
+- `thanosRuler.thanosRulerSpec.queryConfig` or
+- `prometheus.prometheusSpec.thanos.objectStorageConfig`
+
+you will have to need to set `existingSecret` or `secret` based on your requirement
+
+For instance, the `thanosRuler.thanosRulerSpec.alertmanagersConfig` used to be configured as follow:
+
+```yaml
+thanosRuler:
+  thanosRulerSpec:
+    alertmanagersConfig:
+      alertmanagers:
+        - api_version: v2
+          http_config:
+            basic_auth:
+              username: some_user
+              password: some_pass
+          static_configs:
+            - alertmanager.thanos.io
+          scheme: http
+          timeout: 10s
+```
+
+But it now moved to:
+
+```yaml
+thanosRuler:
+  thanosRulerSpec:
+    alertmanagersConfig:
+      secret:
+        alertmanagers:
+          - api_version: v2
+            http_config:
+              basic_auth:
+                username: some_user
+                password: some_pass
+            static_configs:
+              - alertmanager.thanos.io
+            scheme: http
+            timeout: 10s
+```
+
+or the `thanosRuler.thanosRulerSpec.objectStorageConfig` used to be configured as follow:
+
+```yaml
+thanosRuler:
+  thanosRulerSpec:
+    objectStorageConfig:
+      name: existing-secret-not-created-by-this-chart
+      key: object-storage-configs.yaml
+```
+
+But it now moved to:
+
+```yaml
+thanosRuler:
+  thanosRulerSpec:
+    objectStorageConfig:
+      existingSecret:
+        name: existing-secret-not-created-by-this-chart
+        key: object-storage-configs.yaml
+```
+
+### From 50.x to 51.x
+
+This version upgrades Prometheus-Operator to v0.68.0, Prometheus to 2.47.0 and Thanos to v0.32.2
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.68.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 49.x to 50.x
+
+This version requires Kubernetes 1.19+.
+
+We do not expect any breaking changes in this version.
+
+### From 48.x to 49.x
+
+This version upgrades Prometheus-Operator to v0.67.1, 0, Alertmanager to v0.26.0, Prometheus to 2.46.0 and Thanos to v0.32.0
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.67.1/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 47.x to 48.x
+
+This version moved all CRDs into a dedicated sub-chart. No new CRDs are introduced in this version.
+See [#3548](https://github.com/prometheus-community/helm-charts/issues/3548) for more context.
+
+We do not expect any breaking changes in this version.
+
+### From 46.x to 47.x
+
+This version upgrades Prometheus-Operator to v0.66.0 with new CRDs (PrometheusAgent and ScrapeConfig).
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.66.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 45.x to 46.x
+
+This version upgrades Prometheus-Operator to v0.65.1 with new CRDs (PrometheusAgent and ScrapeConfig), Prometheus to v2.44.0 and Thanos to v0.31.0.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusagents.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.65.1/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 44.x to 45.x
+
+This version upgrades Prometheus-Operator to v0.63.0, Prometheus to v2.42.0 and Thanos to v0.30.2.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.63.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 43.x to 44.x
+
+This version upgrades Prometheus-Operator to v0.62.0, Prometheus to v2.41.0 and Thanos to v0.30.1.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.62.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.62.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.62.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.62.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.62.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.62.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.62.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.62.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+If you have explicitly set `prometheusOperator.admissionWebhooks.failurePolicy`, this value is now always used even when `.prometheusOperator.admissionWebhooks.patch.enabled` is `true` (the default).
+
+The values for `prometheusOperator.image.tag` & `prometheusOperator.prometheusConfigReloader.image.tag` are now empty by default and the Chart.yaml `appVersion` field is used instead.
+
+### From 42.x to 43.x
+
+This version upgrades Prometheus-Operator to v0.61.1, Prometheus to v2.40.5 and Thanos to v0.29.0.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.61.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.61.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.61.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.61.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.61.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.61.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.61.1/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.61.1/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 41.x to 42.x
+
+This includes the overridability of container registry for all containers at the global level using `global.imageRegistry` or per container image. The defaults have not changed but if you were using a custom image, you will have to override the registry of said custom container image before you upgrade.
+
+For instance, the prometheus-config-reloader used to be configured as follow:
+
+```yaml
+    image:
+      repository: quay.io/prometheus-operator/prometheus-config-reloader
+      tag: v0.60.1
+      sha: ""
+```
+
+But it now moved to:
+
+```yaml
+    image:
+      registry: quay.io
+      repository: prometheus-operator/prometheus-config-reloader
+      tag: v0.60.1
+      sha: ""
+```
+
+### From 40.x to 41.x
+
+This version upgrades Prometheus-Operator to v0.60.1, Prometheus to v2.39.1 and Thanos to v0.28.1.
+This version also upgrades the Helm charts of kube-state-metrics to 4.20.2, prometheus-node-exporter to 4.3.0 and Grafana to 6.40.4.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.60.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.60.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.60.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.60.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.60.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.60.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.60.1/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.60.1/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+This version splits kubeScheduler recording and altering rules in separate config values.
+Instead of `defaultRules.rules.kubeScheduler` the 2 new variables `defaultRules.rules.kubeSchedulerAlerting` and `defaultRules.rules.kubeSchedulerRecording` are used.
+
+### From 39.x to 40.x
+
+This version upgrades Prometheus-Operator to v0.59.1, Prometheus to v2.38.0, kube-state-metrics to v2.6.0 and Thanos to v0.28.0.
+This version also upgrades the Helm charts of kube-state-metrics to 4.18.0 and prometheus-node-exporter to 4.2.0.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+Starting from prometheus-node-exporter version 4.0.0, the `node exporter` chart is using the [Kubernetes recommended labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/). Therefore you have to delete the daemonset before you upgrade.
+
+```console
+kubectl delete daemonset -l app=prometheus-node-exporter
+helm upgrade -i kube-prometheus-stack prometheus-community/kube-prometheus-stack
+```
+
+If you use your own custom [ServiceMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitor) or [PodMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#podmonitor), please ensure to upgrade their `selector` fields accordingly to the new labels.
+
+### From 38.x to 39.x
+
+This upgraded prometheus-operator to v0.58.0 and prometheus to v2.37.0
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.58.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.58.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.58.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.58.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.58.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.58.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.58.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.58.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 37.x to 38.x
+
+Reverted one of the default metrics relabelings for cAdvisor added in 36.x, due to it breaking container_network_* and various other statistics. If you do not want this change, you will need to override the `kubelet.cAdvisorMetricRelabelings`.
+
+### From 36.x to 37.x
+
+This includes some default metric relabelings for cAdvisor and apiserver metrics to reduce cardinality. If you do not want these defaults, you will need to override the `kubeApiServer.metricRelabelings` and or `kubelet.cAdvisorMetricRelabelings`.
+
+### From 35.x to 36.x
+
+This upgraded prometheus-operator to v0.57.0 and prometheus to v2.36.1
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.57.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.57.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.57.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.57.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.57.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.57.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.57.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.57.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 34.x to 35.x
+
+This upgraded prometheus-operator to v0.56.0 and prometheus to v2.35.0
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.56.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 33.x to 34.x
+
+This upgrades to prometheus-operator to v0.55.0 and prometheus to v2.33.5.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.55.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 32.x to 33.x
+
+This upgrades the prometheus-node-exporter Chart to v3.0.0. Please review the changes to this subchart if you make customizations to hostMountPropagation.
+
+### From 31.x to 32.x
+
+This upgrades to prometheus-operator to v0.54.0 and prometheus to v2.33.1. It also changes the default for `grafana.serviceMonitor.enabled` to `true.
+
+Run these commands to update the CRDs before applying the upgrade.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.54.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 30.x to 31.x
+
+This version removes the built-in grafana ServiceMonitor and instead relies on the ServiceMonitor of the sub-chart.
+`grafana.serviceMonitor.enabled` must be set instead of `grafana.serviceMonitor.selfMonitor` and the old ServiceMonitor may
+need to be manually cleaned up after deploying the new release.
+
+### From 29.x to 30.x
+
+This version updates kube-state-metrics to 4.3.0 and uses the new option `kube-state-metrics.releaseLabel=true` which adds the "release" label to kube-state-metrics labels, making scraping of the metrics by kube-prometheus-stack work out of the box again, independent of the used kube-prometheus-stack release name. If you already set the "release" label via `kube-state-metrics.customLabels` you might have to remove that and use it via the new option.
+
+### From 28.x to 29.x
+
+This version makes scraping port for kube-controller-manager and kube-scheduler dynamic to reflect changes to default serving ports
+for those components in Kubernetes versions v1.22 and v1.23 respectively.
+
+If you deploy on clusters using version v1.22+, kube-controller-manager will be scraped over HTTPS on port 10257.
+
+If you deploy on clusters running version v1.23+, kube-scheduler will be scraped over HTTPS on port 10259.
+
+### From 27.x to 28.x
+
+This version disables PodSecurityPolicies by default because they are deprecated in Kubernetes 1.21 and will be removed in Kubernetes 1.25.
+
+If you are using PodSecurityPolicies you can enable the previous behaviour by setting `kube-state-metrics.podSecurityPolicy.enabled`, `prometheus-node-exporter.rbac.pspEnabled`, `grafana.rbac.pspEnabled` and `global.rbac.pspEnabled` to `true`.
+
+### From 26.x to 27.x
+
+This version splits prometheus-node-exporter chart recording and altering rules in separate config values.
+Instead of `defaultRules.rules.node` the 2 new variables `defaultRules.rules.nodeExporterAlerting` and `defaultRules.rules.nodeExporterRecording` are used.
+
+Also the following defaultRules.rules has been removed as they had no effect: `kubeApiserverError`, `kubePrometheusNodeAlerting`, `kubernetesAbsent`, `time`.
+
+The ability to set a rubookUrl via `defaultRules.rules.rubookUrl` was reintroduced.
+
+### From 25.x to 26.x
+
+This version enables the prometheus-node-exporter subchart servicemonitor by default again, by setting `prometheus-node-exporter.prometheus.monitor.enabled` to `true`.
+
+### From 24.x to 25.x
+
+This version upgrade to prometheus-operator v0.53.1. It removes support for setting a runbookUrl, since the upstream format for runbooks changed.
+
+```console
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply --server-side -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.53.1/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 23.x to 24.x
+
+The custom `ServiceMonitor` for the _kube-state-metrics_ & _prometheus-node-exporter_ charts have been removed in favour of the built-in sub-chart `ServiceMonitor`; for both sub-charts this means that `ServiceMonitor` customisations happen via the values passed to the chart. If you haven't directly customised this behaviour then there are no changes required to upgrade, but if you have please read the following.
+
+For _kube-state-metrics_ the `ServiceMonitor` customisation is now set via `kube-state-metrics.prometheus.monitor` and the `kubeStateMetrics.serviceMonitor.selfMonitor.enabled` value has moved to `kube-state-metrics.selfMonitor.enabled`.
+
+For _prometheus-node-exporter_ the `ServiceMonitor` customisation is now set via `prometheus-node-exporter.prometheus.monitor` and the `nodeExporter.jobLabel` values has moved to `prometheus-node-exporter.prometheus.monitor.jobLabel`.
+
+### From 22.x to 23.x
+
+Port names have been renamed for Istio's
+[explicit protocol selection](https://istio.io/latest/docs/ops/configuration/traffic-management/protocol-selection/#explicit-protocol-selection).
+
+| | old value | new value |
+|-|-----------|-----------|
+| `alertmanager.alertmanagerSpec.portName` | `web` | `http-web` |
+| `grafana.service.portName` | `service` | `http-web` |
+| `prometheus-node-exporter.service.portName` | `metrics` (hardcoded) | `http-metrics` |
+| `prometheus.prometheusSpec.portName` | `web` | `http-web` |
+
+### From 21.x to 22.x
+
+Due to the upgrade of the `kube-state-metrics` chart, removal of its deployment/stateful needs to done manually prior to upgrading:
+
+```console
+kubectl delete deployments.apps -l app.kubernetes.io/instance=prometheus-operator,app.kubernetes.io/name=kube-state-metrics --cascade=orphan
+```
+
+or if you use autosharding:
+
+```console
+kubectl delete statefulsets.apps -l app.kubernetes.io/instance=prometheus-operator,app.kubernetes.io/name=kube-state-metrics --cascade=orphan
+```
+
+### From 20.x to 21.x
+
+The config reloader values have been refactored. All the values have been moved to the key `prometheusConfigReloader` and the limits and requests can now be set separately.
+
+### From 19.x to 20.x
+
+Version 20 upgrades prometheus-operator from 0.50.x to 0.52.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRDs manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.52.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.52.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.52.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.52.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.52.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.52.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.52.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.52.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 18.x to 19.x
+
+`kubeStateMetrics.serviceMonitor.namespaceOverride` was removed.
+Please use `kube-state-metrics.namespaceOverride` instead.
+
+### From 17.x to 18.x
+
+Version 18 upgrades prometheus-operator from 0.49.x to 0.50.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRDs manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.50.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.50.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.50.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.50.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.50.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.50.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.50.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.50.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 16.x to 17.x
+
+Version 17 upgrades prometheus-operator from 0.48.x to 0.49.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRDs manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.49.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.49.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.49.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.49.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.49.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.49.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.49.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.49.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 15.x to 16.x
+
+Version 16 upgrades kube-state-metrics to v2.0.0. This includes changed command-line arguments and removed metrics, see this [blog post](https://kubernetes.io/blog/2021/04/13/kube-state-metrics-v-2-0/). This version also removes Grafana dashboards that supported Kubernetes 1.14 or earlier.
+
+### From 14.x to 15.x
+
+Version 15 upgrades prometheus-operator from 0.46.x to 0.47.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRDs manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.47.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.47.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.47.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.47.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.47.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.47.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.47.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 13.x to 14.x
+
+Version 14 upgrades prometheus-operator from 0.45.x to 0.46.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRDs manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.46.0/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml
+```
+
+### From 12.x to 13.x
+
+Version 13 upgrades prometheus-operator from 0.44.x to 0.45.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRD manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.45.0/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml
+```
+
+### From 11.x to 12.x
+
+Version 12 upgrades prometheus-operator from 0.43.x to 0.44.x. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRD manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/release-0.44/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml
+```
+
+The chart was migrated to support only helm v3 and later.
+
+### From 10.x to 11.x
+
+Version 11 upgrades prometheus-operator from 0.42.x to 0.43.x. Starting with 0.43.x an additional `AlertmanagerConfigs` CRD is introduced. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRD manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/release-0.43/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml
+```
+
+Version 11 removes the deprecated tlsProxy via ghostunnel in favor of native TLS support the prometheus-operator gained with v0.39.0.
+
+### From 9.x to 10.x
+
+Version 10 upgrades prometheus-operator from 0.38.x to 0.42.x. Starting with 0.40.x an additional `Probes` CRD is introduced. Helm does not automatically upgrade or install new CRDs on a chart upgrade, so you have to install the CRD manually before updating:
+
+```console
+kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/release-0.42/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml
+```
+
+### From 8.x to 9.x
+
+Version 9 of the helm chart removes the existing `additionalScrapeConfigsExternal` in favour of `additionalScrapeConfigsSecret`. This change lets users specify the secret name and secret key to use for the additional scrape configuration of prometheus. This is useful for users that have prometheus-operator as a subchart and also have a template that creates the additional scrape configuration.
+
+### From 7.x to 8.x
+
+Due to new template functions being used in the rules in version 8.x.x of the chart, an upgrade to Prometheus Operator and Prometheus is necessary in order to support them. First, upgrade to the latest version of 7.x.x
+
+```console
+helm upgrade [RELEASE_NAME] prometheus-community/kube-prometheus-stack --version 7.5.0
+```
+
+Then upgrade to 8.x.x
+
+```console
+helm upgrade [RELEASE_NAME] prometheus-community/kube-prometheus-stack --version [8.x.x]
+```
+
+Minimal recommended Prometheus version for this chart release is `2.12.x`
+
+### From 6.x to 7.x
+
+Due to a change in grafana subchart, version 7.x.x now requires Helm >= 2.12.0.
+
+### From 5.x to 6.x
+
+Due to a change in deployment labels of kube-state-metrics, the upgrade requires `helm upgrade --force` in order to re-create the deployment. If this is not done an error will occur indicating that the deployment cannot be modified:
+
+```console
+invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app.kubernetes.io/name":"kube-state-metrics"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable
+```
+
+If this error has already been encountered, a `helm history` command can be used to determine which release has worked, then `helm rollback` to the release, then `helm upgrade --force` to this new one
+
+## Configuration
+
+See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments:
+
+```console
+helm show values prometheus-community/kube-prometheus-stack
+```
+
+You may also run `helm show values` on this chart's [dependencies](#dependencies) for additional options.
+
+### Rancher Monitoring Configuration
+
+The following table shows values exposed by Rancher Monitoring's additions to the chart:
+
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `nameOverride` | Provide a name that should be used instead of the chart name when naming all resources deployed by this chart |`"rancher-monitoring"`|
+| `namespaceOverride` | Override the deployment namespace | `"cattle-monitoring-system"` |
+| `global.rbac.userRoles.create` | Create default user ClusterRoles to allow users to interact with Prometheus CRs, ConfigMaps, and Secrets | `true` |
+| `global.rbac.userRoles.aggregateToDefaultRoles` | Aggregate default user ClusterRoles into default k8s ClusterRoles | `true` |
+| `prometheus-adapter.enabled` | Whether to install [prometheus-adapter](https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-adapter) within the cluster | `true` |
+| `prometheus-adapter.prometheus.url` | A URL pointing to the Prometheus deployment within your cluster. The default value is set based on the assumption that you plan to deploy the default Prometheus instance from this chart where `.Values.namespaceOverride=cattle-monitoring-system` and `.Values.nameOverride=rancher-monitoring` | `http://rancher-monitoring-prometheus.cattle-monitoring-system.svc` |
+| `prometheus-adapter.prometheus.port` | The port on the Prometheus deployment that Prometheus Adapter can make requests to | `9090` |
+| `prometheus.prometheusSpec.ignoreNamespaceSelectors` | Ignore NamespaceSelector settings from the PodMonitor and ServiceMonitor configs. If true, PodMonitors and ServiceMonitors can only discover Pods and Services within the namespace they are deployed into | `false` |
+
+The following values are enabled for different distributions via [rancher-pushprox](https://github.com/rancher/dev-charts/tree/master/packages/rancher-pushprox). See the rancher-pushprox `README.md` for more information on what all values can be configured for the PushProxy chart.
+
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `rkeControllerManager.enabled` | Create a PushProx installation for monitoring kube-controller-manager metrics in RKE clusters | `false` |
+| `rkeScheduler.enabled` | Create a PushProx installation for monitoring kube-scheduler metrics in RKE clusters | `false` |
+| `rkeProxy.enabled` | Create a PushProx installation for monitoring kube-proxy metrics in RKE clusters | `false` |
+| `rkeIngressNginx.enabled` | Create a PushProx installation for monitoring ingress-nginx metrics in RKE clusters | `false` |
+| `rkeEtcd.enabled` | Create a PushProx installation for monitoring etcd metrics in RKE clusters | `false` |
+| `rke2IngressNginx.enabled` | Create a PushProx installation for monitoring ingress-nginx metrics in RKE2 clusters | `false` |
+| `k3sServer.enabled` | Create a PushProx installation for monitoring k3s-server metrics (accounts for kube-controller-manager, kube-scheduler, and kube-proxy metrics) in k3s clusters | `false` |
+| `kubeAdmControllerManager.enabled` | Create a PushProx installation for monitoring kube-controller-manager metrics in kubeAdm clusters | `false` |
+| `kubeAdmScheduler.enabled` | Create a PushProx installation for monitoring kube-scheduler metrics in kubeAdm clusters | `false` |
+| `kubeAdmProxy.enabled` | Create a PushProx installation for monitoring kube-proxy metrics in kubeAdm clusters | `false` |
+| `kubeAdmEtcd.enabled` | Create a PushProx installation for monitoring etcd metrics in kubeAdm clusters | `false` |
+
+
+### Multiple releases
+
+The same chart can be used to run multiple Prometheus instances in the same cluster if required. To achieve this, it is necessary to run only one instance of prometheus-operator and a pair of alertmanager pods for an HA configuration, while all other components need to be disabled. To disable a dependency during installation, set `kubeStateMetrics.enabled`, `nodeExporter.enabled` and `grafana.enabled` to `false`.
+
+## Work-Arounds for Known Issues
+
+### Running on private GKE clusters
+
+When Google configure the control plane for private clusters, they automatically configure VPC peering between your Kubernetes cluster’s network and a separate Google managed project. In order to restrict what Google are able to access within your cluster, the firewall rules configured restrict access to your Kubernetes pods. This means that in order to use the webhook component with a GKE private cluster, you must configure an additional firewall rule to allow the GKE control plane access to your webhook pod.
+
+You can read more information on how to add firewall rules for the GKE control plane nodes in the [GKE docs](https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#add_firewall_rules)
+
+Alternatively, you can disable the hooks by setting `prometheusOperator.admissionWebhooks.enabled=false`.
+
+## PrometheusRules Admission Webhooks
+
+With Prometheus Operator version 0.30+, the core Prometheus Operator pod exposes an endpoint that will integrate with the `validatingwebhookconfiguration` Kubernetes feature to prevent malformed rules from being added to the cluster.
+
+### How the Chart Configures the Hooks
+
+A validating and mutating webhook configuration requires the endpoint to which the request is sent to use TLS. It is possible to set up custom certificates to do this, but in most cases, a self-signed certificate is enough. The setup of this component requires some more complex orchestration when using helm. The steps are created to be idempotent and to allow turning the feature on and off without running into helm quirks.
+
+1. A pre-install hook provisions a certificate into the same namespace using a format compatible with provisioning using end user certificates. If the certificate already exists, the hook exits.
+2. The prometheus operator pod is configured to use a TLS proxy container, which will load that certificate.
+3. Validating and Mutating webhook configurations are created in the cluster, with their failure mode set to Ignore. This allows rules to be created by the same chart at the same time, even though the webhook has not yet been fully set up - it does not have the correct CA field set.
+4. A post-install hook reads the CA from the secret created by step 1 and patches the Validating and Mutating webhook configurations. This process will allow a custom CA provisioned by some other process to also be patched into the webhook configurations. The chosen failure policy is also patched into the webhook configurations
+
+### Alternatives
+
+It should be possible to use [jetstack/cert-manager](https://github.com/jetstack/cert-manager) if a more complete solution is required, but it has not been tested.
+
+You can enable automatic self-signed TLS certificate provisioning via cert-manager by setting the `prometheusOperator.admissionWebhooks.certManager.enabled` value to true.
+
+### Limitations
+
+Because the operator can only run as a single pod, there is potential for this component failure to cause rule deployment failure. Because this risk is outweighed by the benefit of having validation, the feature is enabled by default.
+
+## Developing Prometheus Rules and Grafana Dashboards
+
+This chart Grafana Dashboards and Prometheus Rules are just a copy from [prometheus-operator/prometheus-operator](https://github.com/prometheus-operator/prometheus-operator) and other sources, synced (with alterations) by scripts in [hack](hack) folder. In order to introduce any changes you need to first [add them to the original repository](https://github.com/prometheus-operator/kube-prometheus/blob/main/docs/customizations/developing-prometheus-rules-and-grafana-dashboards.md) and then sync there by scripts.
+
+## Further Information
+
+For more in-depth documentation of configuration options meanings, please see
+
+- [Prometheus Operator](https://github.com/prometheus-operator/prometheus-operator)
+- [Prometheus](https://prometheus.io/docs/introduction/overview/)
+- [Grafana](https://github.com/grafana/helm-charts/tree/main/charts/grafana#grafana-helm-chart)
+
+## prometheus.io/scrape
+
+The prometheus operator does not support annotation-based discovery of services, using the `PodMonitor` or `ServiceMonitor` CRD in its place as they provide far more configuration options.
+For information on how to use PodMonitors/ServiceMonitors, please see the documentation on the `prometheus-operator/prometheus-operator` documentation here:
+
+- [ServiceMonitors](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/getting-started.md#include-servicemonitors)
+- [PodMonitors](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/getting-started.md#include-podmonitors)
+- [Running Exporters](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/running-exporters.md)
+
+By default, Prometheus discovers PodMonitors and ServiceMonitors within its namespace, that are labeled with the same release tag as the prometheus-operator release.
+Sometimes, you may need to discover custom PodMonitors/ServiceMonitors, for example used to scrape data from third-party applications.
+An easy way of doing this, without compromising the default PodMonitors/ServiceMonitors discovery, is allowing Prometheus to discover all PodMonitors/ServiceMonitors within its namespace, without applying label filtering.
+To do so, you can set `prometheus.prometheusSpec.podMonitorSelectorNilUsesHelmValues` and `prometheus.prometheusSpec.serviceMonitorSelectorNilUsesHelmValues` to `false`.
+
+## Migrating from stable/prometheus-operator chart
+
+## Zero downtime
+
+Since `kube-prometheus-stack` is fully compatible with the `stable/prometheus-operator` chart, a migration without downtime can be achieved.
+However, the old name prefix needs to be kept. If you want the new name please follow the step by step guide below (with downtime).
+
+You can override the name to achieve this:
+
+```console
+helm upgrade prometheus-operator prometheus-community/kube-prometheus-stack -n monitoring --reuse-values --set nameOverride=prometheus-operator
+```
+
+**Note**: It is recommended to run this first with `--dry-run --debug`.
+
+## Redeploy with new name (downtime)
+
+If the **prometheus-operator** values are compatible with the new **kube-prometheus-stack** chart, please follow the below steps for migration:
+
+> The guide presumes that chart is deployed in `monitoring` namespace and the deployments are running there. If in other namespace, please replace the `monitoring` to the deployed namespace.
+
+1. Patch the PersistenceVolume created/used by the prometheus-operator chart to `Retain` claim policy:
+
+    ```console
+    kubectl patch pv/<PersistentVolume name> -p '{"spec":{"persistentVolumeReclaimPolicy":"Retain"}}'
+    ```
+
+    **Note:** To execute the above command, the user must have a cluster wide permission. Please refer [Kubernetes RBAC](https://kubernetes.io/docs/reference/access-authn-authz/rbac/)
+
+2. Uninstall the **prometheus-operator** release and delete the existing PersistentVolumeClaim, and verify PV become Released.
+
+    ```console
+    helm uninstall prometheus-operator -n monitoring
+    kubectl delete pvc/<PersistenceVolumeClaim name> -n monitoring
+    ```
+
+    Additionally, you have to manually remove the remaining `prometheus-operator-kubelet` service.
+
+    ```console
+    kubectl delete service/prometheus-operator-kubelet -n kube-system
+    ```
+
+    You can choose to remove all your existing CRDs (ServiceMonitors, Podmonitors, etc.) if you want to.
+
+3. Remove current `spec.claimRef` values to change the PV's status from Released to Available.
+
+    ```console
+    kubectl patch pv/<PersistentVolume name> --type json -p='[{"op": "remove", "path": "/spec/claimRef"}]' -n monitoring
+    ```
+
+**Note:** To execute the above command, the user must have a cluster wide permission. Please refer to [Kubernetes RBAC](https://kubernetes.io/docs/reference/access-authn-authz/rbac/)
+
+After these steps, proceed to a fresh **kube-prometheus-stack** installation and make sure the current release of **kube-prometheus-stack** matching the `volumeClaimTemplate` values in the `values.yaml`.
+
+The binding is done via matching a specific amount of storage requested and with certain access modes.
+
+For example, if you had storage specified as this with **prometheus-operator**:
+
+```yaml
+volumeClaimTemplate:
+  spec:
+    storageClassName: gp2
+    accessModes: ["ReadWriteOnce"]
+    resources:
+     requests:
+       storage: 50Gi
+```
+
+You have to specify matching `volumeClaimTemplate` with 50Gi storage and `ReadWriteOnce` access mode.
+
+Additionally, you should check the current AZ of your legacy installation's PV, and configure the fresh release to use the same AZ as the old one. If the pods are in a different AZ than the PV, the release will fail to bind the existing one, hence creating a new PV.
+
+This can be achieved either by specifying the labels through `values.yaml`, e.g. setting `prometheus.prometheusSpec.nodeSelector` to:
+
+```yaml
+nodeSelector:
+  failure-domain.beta.kubernetes.io/zone: east-west-1a
+```
+
+or passing these values as `--set` overrides during installation.
+
+The new release should now re-attach your previously released PV with its content.
+
+## Migrating from coreos/prometheus-operator chart
+
+The multiple charts have been combined into a single chart that installs prometheus operator, prometheus, alertmanager, grafana as well as the multitude of exporters necessary to monitor a cluster.
+
+There is no simple and direct migration path between the charts as the changes are extensive and intended to make the chart easier to support.
+
+The capabilities of the old chart are all available in the new chart, including the ability to run multiple prometheus instances on a single cluster - you will need to disable the parts of the chart you do not wish to deploy.
+
+You can check out the tickets for this change [here](https://github.com/prometheus-operator/prometheus-operator/issues/592) and [here](https://github.com/helm/charts/pull/6765).
+
+### High-level overview of Changes
+
+#### Added dependencies
+
+The chart has added 3 [dependencies](#dependencies).
+
+- Node-Exporter, Kube-State-Metrics: These components are loaded as dependencies into the chart, and are relatively simple components
+- Grafana: The Grafana chart is more feature-rich than this chart - it contains a sidecar that is able to load data sources and dashboards from configmaps deployed into the same cluster. For more information check out the [documentation for the chart](https://github.com/grafana/helm-charts/blob/main/charts/grafana/README.md)
+
+#### Kubelet Service
+
+Because the kubelet service has a new name in the chart, make sure to clean up the old kubelet service in the `kube-system` namespace to prevent counting container metrics twice.
+
+#### Persistent Volumes
+
+If you would like to keep the data of the current persistent volumes, it should be possible to attach existing volumes to new PVCs and PVs that are created using the conventions in the new chart. For example, in order to use an existing Azure disk for a helm release called `prometheus-migration` the following resources can be created:
+
+```yaml
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: pvc-prometheus-migration-prometheus-0
+spec:
+  accessModes:
+  - ReadWriteOnce
+  azureDisk:
+    cachingMode: None
+    diskName: pvc-prometheus-migration-prometheus-0
+    diskURI: /subscriptions/f5125d82-2622-4c50-8d25-3f7ba3e9ac4b/resourceGroups/sample-migration-resource-group/providers/Microsoft.Compute/disks/pvc-prometheus-migration-prometheus-0
+    fsType: ""
+    kind: Managed
+    readOnly: false
+  capacity:
+    storage: 1Gi
+  persistentVolumeReclaimPolicy: Delete
+  storageClassName: prometheus
+  volumeMode: Filesystem
+```
+
+```yaml
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  labels:
+    app.kubernetes.io/name: prometheus
+    prometheus: prometheus-migration-prometheus
+  name: prometheus-prometheus-migration-prometheus-db-prometheus-prometheus-migration-prometheus-0
+  namespace: monitoring
+spec:
+  accessModes:
+  - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+  storageClassName: prometheus
+  volumeMode: Filesystem
+  volumeName: pvc-prometheus-migration-prometheus-0
+```
+
+The PVC will take ownership of the PV and when you create a release using a persistent volume claim template it will use the existing PVCs as they match the naming convention used by the chart. For other cloud providers similar approaches can be used.
+
+#### KubeProxy
+
+The metrics bind address of kube-proxy is default to `127.0.0.1:10249` that prometheus instances **cannot** access to. You should expose metrics by changing `metricsBindAddress` field value to `0.0.0.0:10249` if you want to collect them.
+
+Depending on the cluster, the relevant part `config.conf` will be in ConfigMap `kube-system/kube-proxy` or `kube-system/kube-proxy-config`. For example:
+
+```console
+kubectl -n kube-system edit cm kube-proxy
+```
+
+```yaml
+apiVersion: v1
+data:
+  config.conf: |-
+    apiVersion: kubeproxy.config.k8s.io/v1alpha1
+    kind: KubeProxyConfiguration
+    # ...
+    # metricsBindAddress: 127.0.0.1:10249
+    metricsBindAddress: 0.0.0.0:10249
+    # ...
+  kubeconfig.conf: |-
+    # ...
+kind: ConfigMap
+metadata:
+  labels:
+    app: kube-proxy
+  name: kube-proxy
+  namespace: kube-system
+```
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/app-README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/app-README.md
new file mode 100644
index 0000000000..3920854384
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/app-README.md
@@ -0,0 +1,46 @@
+# Rancher Monitoring and Alerting
+
+ This chart is based on the upstream [kube-prometheus-stack](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack) chart. The chart deploys [Prometheus Operator](https://github.com/prometheus-operator/prometheus-operator) and its CRDs along with [Grafana](https://github.com/grafana/helm-charts/tree/main/charts/grafana), [Prometheus Adapter](https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-adapter) and additional charts / Kubernetes manifests to gather metrics. It allows users to monitor their Kubernetes clusters, view metrics in Grafana dashboards, and set up alerts and notifications.
+
+For more information on how to use the feature, refer to our [docs](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/).
+
+The chart installs the following components:
+
+- [Prometheus Operator](https://github.com/coreos/prometheus-operator)  - The operator provides easy monitoring definitions for Kubernetes services, manages [Prometheus](https://prometheus.io/) and [AlertManager](https://prometheus.io/docs/alerting/latest/alertmanager/) instances, and adds default scrape targets for some Kubernetes components.
+- [kube-prometheus](https://github.com/prometheus-operator/kube-prometheus/) - A collection of community-curated Kubernetes manifests, Grafana Dashboards, and PrometheusRules that deploy a default end-to-end cluster monitoring configuration.
+- [Grafana](https://github.com/grafana/helm-charts/tree/main/charts/grafana) - Grafana allows a user to create / view dashboards based on the cluster metrics collected by Prometheus.
+- [node-exporter](https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-node-exporter) / [kube-state-metrics](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics) / [rancher-pushprox](https://github.com/rancher/charts/tree/dev-v2.7/packages/rancher-monitoring/rancher-pushprox/charts) - These charts monitor various Kubernetes components across different Kubernetes cluster types.
+- [Prometheus Adapter](https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-adapter) - The adapter allows a user to expose custom metrics, resource metrics, and external metrics on the default [Prometheus](https://prometheus.io/) instance to the Kubernetes API Server.
+
+For more information, review the Helm README of this chart.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+​
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Upgrading from 100.0.0+up16.6.0 to 100.1.0+up19.0.3
+
+### Noticeable changes:
+Grafana:
+- `sidecar.dashboards.searchNamespace`, `sidecar.datasources.searchNamespace` and `sidecar.notifiers.searchNamespace` support a list of namespaces now.
+
+Kube-state-metrics
+- the type of `collectors` is changed from Dictionary to List.
+- `kubeStateMetrics.serviceMonitor.namespaceOverride` was replaced by `kube-state-metrics.namespaceOverride`.
+
+### Known issues:
+- Occasionally, the upgrade fails with errors related to the webhook `prometheusrulemutate.monitoring.coreos.com`. This is a known issue in the upstream, and the workaround is to trigger the upgrade one more time. [32416](https://github.com/rancher/rancher/issues/32416#issuecomment-828881726)
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/.helmignore
new file mode 100644
index 0000000000..8cade1318f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.vscode
+.project
+.idea/
+*.tmproj
+OWNERS
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/Chart.yaml
new file mode 100644
index 0000000000..ff6bcb26aa
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/Chart.yaml
@@ -0,0 +1,39 @@
+annotations:
+  artifacthub.io/license: Apache-2.0
+  artifacthub.io/links: |
+    - name: Chart Source
+      url: https://github.com/grafana/helm-charts
+    - name: Upstream Project
+      url: https://github.com/grafana/grafana
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-grafana
+apiVersion: v2
+appVersion: 10.4.1
+description: The leading tool for querying and visualizing time series and metrics.
+home: https://grafana.com
+icon: https://artifacthub.io/image/b4fed1a7-6c8f-4945-b99d-096efa3e4116
+keywords:
+- monitoring
+- metric
+kubeVersion: '>=1.26.0-0'
+maintainers:
+- email: zanhsieh@gmail.com
+  name: zanhsieh
+- email: rluckie@cisco.com
+  name: rtluckie
+- email: maor.friedman@redhat.com
+  name: maorfr
+- email: miroslav.hadzhiev@gmail.com
+  name: Xtigyro
+- email: mail@torstenwalter.de
+  name: torstenwalter
+name: grafana
+sources:
+- https://github.com/grafana/grafana
+- https://github.com/grafana/helm-charts
+type: application
+version: 7.3.11
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/README.md
new file mode 100644
index 0000000000..0ff07f297d
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/README.md
@@ -0,0 +1,770 @@
+# Grafana Helm Chart
+
+* Installs the web dashboarding system [Grafana](http://grafana.org/)
+
+## Get Repo Info
+
+```console
+helm repo add grafana https://grafana.github.io/helm-charts
+helm repo update
+```
+
+_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+
+## Installing the Chart
+
+To install the chart with the release name `my-release`:
+
+```console
+helm install my-release grafana/grafana
+```
+
+## Uninstalling the Chart
+
+To uninstall/delete the my-release deployment:
+
+```console
+helm delete my-release
+```
+
+The command removes all the Kubernetes components associated with the chart and deletes the release.
+
+## Upgrading an existing Release to a new major version
+
+A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an
+incompatible breaking change needing manual actions.
+
+### To 4.0.0 (And 3.12.1)
+
+This version requires Helm >= 2.12.0.
+
+### To 5.0.0
+
+You have to add --force to your helm upgrade command as the labels of the chart have changed.
+
+### To 6.0.0
+
+This version requires Helm >= 3.1.0.
+
+### To 7.0.0
+
+For consistency with other Helm charts, the `global.image.registry` parameter was renamed
+to `global.imageRegistry`. If you were not previously setting `global.image.registry`, no action
+is required on upgrade. If you were previously setting `global.image.registry`, you will
+need to instead set `global.imageRegistry`.
+
+## Configuration
+
+| Parameter                                 | Description                                   | Default                                                 |
+|-------------------------------------------|-----------------------------------------------|---------------------------------------------------------|
+| `replicas`                                | Number of nodes                               | `1`                                                     |
+| `podDisruptionBudget.minAvailable`        | Pod disruption minimum available              | `nil`                                                   |
+| `podDisruptionBudget.maxUnavailable`      | Pod disruption maximum unavailable            | `nil`                                                   |
+| `podDisruptionBudget.apiVersion`          | Pod disruption apiVersion                     | `nil`                                                   |
+| `deploymentStrategy`                      | Deployment strategy                           | `{ "type": "RollingUpdate" }`                           |
+| `livenessProbe`                           | Liveness Probe settings                       | `{ "httpGet": { "path": "/api/health", "port": 3000 } "initialDelaySeconds": 60, "timeoutSeconds": 30, "failureThreshold": 10 }` |
+| `readinessProbe`                          | Readiness Probe settings                      | `{ "httpGet": { "path": "/api/health", "port": 3000 } }`|
+| `securityContext`                         | Deployment securityContext                    | `{"runAsUser": 472, "runAsGroup": 472, "fsGroup": 472}`  |
+| `priorityClassName`                       | Name of Priority Class to assign pods         | `nil`                                                   |
+| `image.registry`                          | Image registry                                | `docker.io`                                       |
+| `image.repository`                        | Image repository                              | `grafana/grafana`                                       |
+| `image.tag`                               | Overrides the Grafana image tag whose default is the chart appVersion (`Must be >= 5.0.0`) | ``                                                      |
+| `image.sha`                               | Image sha (optional)                          | ``                                                      |
+| `image.pullPolicy`                        | Image pull policy                             | `IfNotPresent`                                          |
+| `image.pullSecrets`                       | Image pull secrets (can be templated)         | `[]`                                                    |
+| `service.enabled`                         | Enable grafana service                        | `true`                                                  |
+| `service.type`                            | Kubernetes service type                       | `ClusterIP`                                             |
+| `service.port`                            | Kubernetes port where service is exposed      | `80`                                                    |
+| `service.portName`                        | Name of the port on the service               | `service`                                               |
+| `service.appProtocol`                     | Adds the appProtocol field to the service     | ``                                                      |
+| `service.targetPort`                      | Internal service is port                      | `3000`                                                  |
+| `service.nodePort`                        | Kubernetes service nodePort                   | `nil`                                                   |
+| `service.annotations`                     | Service annotations (can be templated)        | `{}`                                                    |
+| `service.labels`                          | Custom labels                                 | `{}`                                                    |
+| `service.clusterIP`                       | internal cluster service IP                   | `nil`                                                   |
+| `service.loadBalancerIP`                  | IP address to assign to load balancer (if supported) | `nil`                                            |
+| `service.loadBalancerSourceRanges`        | list of IP CIDRs allowed access to lb (if supported) | `[]`                                             |
+| `service.externalIPs`                     | service external IP addresses                 | `[]`                                                    |
+| `service.externalTrafficPolicy`           | change the default externalTrafficPolicy | `nil`                                            |
+| `headlessService`                         | Create a headless service                     | `false`                                                 |
+| `extraExposePorts`                        | Additional service ports for sidecar containers| `[]`                                                   |
+| `hostAliases`                             | adds rules to the pod's /etc/hosts            | `[]`                                                    |
+| `ingress.enabled`                         | Enables Ingress                               | `false`                                                 |
+| `ingress.annotations`                     | Ingress annotations (values are templated)    | `{}`                                                    |
+| `ingress.labels`                          | Custom labels                                 | `{}`                                                    |
+| `ingress.path`                            | Ingress accepted path                         | `/`                                                     |
+| `ingress.pathType`                        | Ingress type of path                          | `Prefix`                                                |
+| `ingress.hosts`                           | Ingress accepted hostnames                    | `["chart-example.local"]`                                                    |
+| `ingress.extraPaths`                      | Ingress extra paths to prepend to every host configuration. Useful when configuring [custom actions with AWS ALB Ingress Controller](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.6/guide/ingress/annotations/#actions). Requires `ingress.hosts` to have one or more host entries. | `[]`                                                    |
+| `ingress.tls`                             | Ingress TLS configuration                     | `[]`                                                    |
+| `ingress.ingressClassName`                | Ingress Class Name. MAY be required for Kubernetes versions >= 1.18 | `""`                              |
+| `resources`                               | CPU/Memory resource requests/limits           | `{}`                                                    |
+| `nodeSelector`                            | Node labels for pod assignment                | `{}`                                                    |
+| `tolerations`                             | Toleration labels for pod assignment          | `[]`                                                    |
+| `affinity`                                | Affinity settings for pod assignment          | `{}`                                                    |
+| `extraInitContainers`                     | Init containers to add to the grafana pod     | `{}`                                                    |
+| `extraContainers`                         | Sidecar containers to add to the grafana pod  | `""`                                                    |
+| `extraContainerVolumes`                   | Volumes that can be mounted in sidecar containers | `[]`                                                |
+| `extraLabels`                             | Custom labels for all manifests               | `{}`                                                    |
+| `schedulerName`                           | Name of the k8s scheduler (other than default) | `nil`                                                  |
+| `persistence.enabled`                     | Use persistent volume to store data           | `false`                                                 |
+| `persistence.type`                        | Type of persistence (`pvc` or `statefulset`)  | `pvc`                                                   |
+| `persistence.size`                        | Size of persistent volume claim               | `10Gi`                                                  |
+| `persistence.existingClaim`               | Use an existing PVC to persist data (can be templated) | `nil`                                          |
+| `persistence.storageClassName`            | Type of persistent volume claim               | `nil`                                                   |
+| `persistence.accessModes`                 | Persistence access modes                      | `[ReadWriteOnce]`                                       |
+| `persistence.annotations`                 | PersistentVolumeClaim annotations             | `{}`                                                    |
+| `persistence.finalizers`                  | PersistentVolumeClaim finalizers              | `[ "kubernetes.io/pvc-protection" ]`                    |
+| `persistence.extraPvcLabels`              | Extra labels to apply to a PVC.               | `{}`                                                    |
+| `persistence.subPath`                     | Mount a sub dir of the persistent volume (can be templated) | `nil`                                     |
+| `persistence.inMemory.enabled`            | If persistence is not enabled, whether to mount the local storage in-memory to improve performance | `false`                                                   |
+| `persistence.inMemory.sizeLimit`          | SizeLimit for the in-memory local storage     | `nil`                                                   |
+| `initChownData.enabled`                   | If false, don't reset data ownership at startup | true                                                  |
+| `initChownData.image.registry`            | init-chown-data container image registry      | `docker.io`                                               |
+| `initChownData.image.repository`          | init-chown-data container image repository    | `busybox`                                               |
+| `initChownData.image.tag`                 | init-chown-data container image tag           | `1.31.1`                                                |
+| `initChownData.image.sha`                 | init-chown-data container image sha (optional)| `""`                                                    |
+| `initChownData.image.pullPolicy`          | init-chown-data container image pull policy   | `IfNotPresent`                                          |
+| `initChownData.resources`                 | init-chown-data pod resource requests & limits | `{}`                                                   |
+| `schedulerName`                           | Alternate scheduler name                      | `nil`                                                   |
+| `env`                                     | Extra environment variables passed to pods    | `{}`                                                    |
+| `envValueFrom`                            | Environment variables from alternate sources. See the API docs on [EnvVarSource](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#envvarsource-v1-core) for format details. Can be templated | `{}` |
+| `envFromSecret`                           | Name of a Kubernetes secret (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `""` |
+| `envFromSecrets`                          | List of Kubernetes secrets (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `[]` |
+| `envFromConfigMaps`                       | List of Kubernetes ConfigMaps (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `[]` |
+| `envRenderSecret`                         | Sensible environment variables passed to pods and stored as secret. (passed through [tpl](https://helm.sh/docs/howto/charts_tips_and_tricks/#using-the-tpl-function))   | `{}`                               |
+| `enableServiceLinks`                      | Inject Kubernetes services as environment variables. | `true`                                           |
+| `extraSecretMounts`                       | Additional grafana server secret mounts       | `[]`                                                    |
+| `extraVolumeMounts`                       | Additional grafana server volume mounts       | `[]`                                                    |
+| `extraVolumes`                            | Additional Grafana server volumes             | `[]`                                                    |
+| `automountServiceAccountToken`            | Mounted the service account token on the grafana pod. Mandatory, if sidecars are enabled  | `true`      |
+| `createConfigmap`                         | Enable creating the grafana configmap         | `true`                                                  |
+| `extraConfigmapMounts`                    | Additional grafana server configMap volume mounts (values are templated) | `[]`                         |
+| `extraEmptyDirMounts`                     | Additional grafana server emptyDir volume mounts | `[]`                                                 |
+| `plugins`                                 | Plugins to be loaded along with Grafana       | `[]`                                                    |
+| `datasources`                             | Configure grafana datasources (passed through tpl) | `{}`                                               |
+| `alerting`                                | Configure grafana alerting (passed through tpl) | `{}`                                                  |
+| `notifiers`                               | Configure grafana notifiers                   | `{}`                                                    |
+| `dashboardProviders`                      | Configure grafana dashboard providers         | `{}`                                                    |
+| `dashboards`                              | Dashboards to import                          | `{}`                                                    |
+| `dashboardsConfigMaps`                    | ConfigMaps reference that contains dashboards | `{}`                                                    |
+| `grafana.ini`                             | Grafana's primary configuration               | `{}`                                                    |
+| `global.imageRegistry`                    | Global image pull registry for all images.    | `null`                                   |
+| `global.imagePullSecrets`                 | Global image pull secrets (can be templated). Allows either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style).  | `[]`                                                    |
+| `ldap.enabled`                            | Enable LDAP authentication                    | `false`                                                 |
+| `ldap.existingSecret`                     | The name of an existing secret containing the `ldap.toml` file, this must have the key `ldap-toml`. | `""` |
+| `ldap.config`                             | Grafana's LDAP configuration                  | `""`                                                    |
+| `annotations`                             | Deployment annotations                        | `{}`                                                    |
+| `labels`                                  | Deployment labels                             | `{}`                                                    |
+| `podAnnotations`                          | Pod annotations                               | `{}`                                                    |
+| `podLabels`                               | Pod labels                                    | `{}`                                                    |
+| `podPortName`                             | Name of the grafana port on the pod           | `grafana`                                               |
+| `lifecycleHooks`                          | Lifecycle hooks for podStart and preStop [Example](https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/#define-poststart-and-prestop-handlers)     | `{}`                                                    |
+| `sidecar.image.registry`                  | Sidecar image registry                        | `quay.io`                          |
+| `sidecar.image.repository`                | Sidecar image repository                      | `kiwigrid/k8s-sidecar`                          |
+| `sidecar.image.tag`                       | Sidecar image tag                             | `1.26.0`                                                |
+| `sidecar.image.sha`                       | Sidecar image sha (optional)                  | `""`                                                    |
+| `sidecar.imagePullPolicy`                 | Sidecar image pull policy                     | `IfNotPresent`                                          |
+| `sidecar.resources`                       | Sidecar resources                             | `{}`                                                    |
+| `sidecar.securityContext`                 | Sidecar securityContext                       | `{}`                                                    |
+| `sidecar.enableUniqueFilenames`           | Sets the kiwigrid/k8s-sidecar UNIQUE_FILENAMES environment variable. If set to `true` the sidecar will create unique filenames where duplicate data keys exist between ConfigMaps and/or Secrets within the same or multiple Namespaces. | `false`                           |
+| `sidecar.alerts.enabled`             | Enables the cluster wide search for alerts and adds/updates/deletes them in grafana |`false`       |
+| `sidecar.alerts.label`               | Label that config maps with alerts should have to be added | `grafana_alert`                               |
+| `sidecar.alerts.labelValue`          | Label value that config maps with alerts should have to be added | `""`                                |
+| `sidecar.alerts.searchNamespace`     | Namespaces list. If specified, the sidecar will search for alerts config-maps  inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil`                               |
+| `sidecar.alerts.watchMethod`         | Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. | `WATCH` |
+| `sidecar.alerts.resource`            | Should the sidecar looks into secrets, configmaps or both. | `both`                               |
+| `sidecar.alerts.reloadURL`           | Full url of datasource configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/alerting/reload"` |
+| `sidecar.alerts.skipReload`          | Enabling this omits defining the REQ_URL and REQ_METHOD environment variables | `false` |
+| `sidecar.alerts.initAlerts`          | Set to true to deploy the alerts sidecar as an initContainer. This is needed if skipReload is true, to load any alerts defined at startup time. | `false` |
+| `sidecar.alerts.extraMounts`         | Additional alerts sidecar volume mounts. | `[]`                               |
+| `sidecar.dashboards.enabled`              | Enables the cluster wide search for dashboards and adds/updates/deletes them in grafana | `false`       |
+| `sidecar.dashboards.SCProvider`           | Enables creation of sidecar provider          | `true`                                                  |
+| `sidecar.dashboards.provider.name`        | Unique name of the grafana provider           | `sidecarProvider`                                       |
+| `sidecar.dashboards.provider.orgid`       | Id of the organisation, to which the dashboards should be added | `1`                                   |
+| `sidecar.dashboards.provider.folder`      | Logical folder in which grafana groups dashboards | `""`                                                |
+| `sidecar.dashboards.provider.disableDelete` | Activate to avoid the deletion of imported dashboards | `false`                                       |
+| `sidecar.dashboards.provider.allowUiUpdates` | Allow updating provisioned dashboards from the UI | `false`                                          |
+| `sidecar.dashboards.provider.type`        | Provider type                                 | `file`                                                  |
+| `sidecar.dashboards.provider.foldersFromFilesStructure`        | Allow Grafana to replicate dashboard structure from filesystem.                                 | `false`                                                  |
+| `sidecar.dashboards.watchMethod`          | Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. | `WATCH` |
+| `sidecar.skipTlsVerify`                   | Set to true to skip tls verification for kube api calls | `nil`                                         |
+| `sidecar.dashboards.label`                | Label that config maps with dashboards should have to be added | `grafana_dashboard`                                |
+| `sidecar.dashboards.labelValue`                | Label value that config maps with dashboards should have to be added | `""`                                |
+| `sidecar.dashboards.folder`               | Folder in the pod that should hold the collected dashboards (unless `sidecar.dashboards.defaultFolderName` is set). This path will be mounted. | `/tmp/dashboards`    |
+| `sidecar.dashboards.folderAnnotation`     | The annotation the sidecar will look for in configmaps to override the destination folder for files | `nil`                                                  |
+| `sidecar.dashboards.defaultFolderName`    | The default folder name, it will create a subfolder under the `sidecar.dashboards.folder` and put dashboards in there instead | `nil`                                |
+| `sidecar.dashboards.searchNamespace`      | Namespaces list. If specified, the sidecar will search for dashboards config-maps  inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil`                                |
+| `sidecar.dashboards.script`               | Absolute path to shell script to execute after a configmap got reloaded. | `nil`                                |
+| `sidecar.dashboards.reloadURL`            | Full url of dashboards configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/dashboards/reload"` |
+| `sidecar.dashboards.skipReload`           | Enabling this omits defining the REQ_USERNAME, REQ_PASSWORD, REQ_URL and REQ_METHOD environment variables | `false` |
+| `sidecar.dashboards.resource`             | Should the sidecar looks into secrets, configmaps or both. | `both`                               |
+| `sidecar.dashboards.extraMounts`          | Additional dashboard sidecar volume mounts. | `[]`                               |
+| `sidecar.datasources.enabled`             | Enables the cluster wide search for datasources and adds/updates/deletes them in grafana |`false`       |
+| `sidecar.datasources.label`               | Label that config maps with datasources should have to be added | `grafana_datasource`                               |
+| `sidecar.datasources.labelValue`          | Label value that config maps with datasources should have to be added | `""`                                |
+| `sidecar.datasources.searchNamespace`     | Namespaces list. If specified, the sidecar will search for datasources config-maps  inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil`                               |
+| `sidecar.datasources.watchMethod`         | Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. | `WATCH` |
+| `sidecar.datasources.resource`            | Should the sidecar looks into secrets, configmaps or both. | `both`                               |
+| `sidecar.datasources.reloadURL`           | Full url of datasource configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/datasources/reload"` |
+| `sidecar.datasources.skipReload`          | Enabling this omits defining the REQ_URL and REQ_METHOD environment variables | `false` |
+| `sidecar.datasources.initDatasources`     | Set to true to deploy the datasource sidecar as an initContainer in addition to a container. This is needed if skipReload is true, to load any datasources defined at startup time. | `false` |
+| `sidecar.notifiers.enabled`               | Enables the cluster wide search for notifiers and adds/updates/deletes them in grafana | `false`        |
+| `sidecar.notifiers.label`                 | Label that config maps with notifiers should have to be added | `grafana_notifier`                               |
+| `sidecar.notifiers.labelValue`            | Label value that config maps with notifiers should have to be added | `""`                                |
+| `sidecar.notifiers.searchNamespace`       | Namespaces list. If specified, the sidecar will search for notifiers config-maps (or secrets) inside these namespaces. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces. | `nil`                               |
+| `sidecar.notifiers.watchMethod`           | Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds. | `WATCH` |
+| `sidecar.notifiers.resource`              | Should the sidecar looks into secrets, configmaps or both. | `both`                               |
+| `sidecar.notifiers.reloadURL`             | Full url of notifier configuration reload API endpoint, to invoke after a config-map change | `"http://localhost:3000/api/admin/provisioning/notifications/reload"` |
+| `sidecar.notifiers.skipReload`            | Enabling this omits defining the REQ_URL and REQ_METHOD environment variables | `false` |
+| `sidecar.notifiers.initNotifiers`         | Set to true to deploy the notifier sidecar as an initContainer in addition to a container. This is needed if skipReload is true, to load any notifiers defined at startup time. | `false` |
+| `smtp.existingSecret`                     | The name of an existing secret containing the SMTP credentials. | `""`                                  |
+| `smtp.userKey`                            | The key in the existing SMTP secret containing the username. | `"user"`                                 |
+| `smtp.passwordKey`                        | The key in the existing SMTP secret containing the password. | `"password"`                             |
+| `admin.existingSecret`                    | The name of an existing secret containing the admin credentials (can be templated). | `""`                                 |
+| `admin.userKey`                           | The key in the existing admin secret containing the username. | `"admin-user"`                          |
+| `admin.passwordKey`                       | The key in the existing admin secret containing the password. | `"admin-password"`                      |
+| `serviceAccount.automountServiceAccountToken` | Automount the service account token on all pods where is service account is used | `false` |
+| `serviceAccount.annotations`              | ServiceAccount annotations                    |                                                         |
+| `serviceAccount.create`                   | Create service account                        | `true`                                                  |
+| `serviceAccount.labels`                   | ServiceAccount labels                         | `{}`                                                    |
+| `serviceAccount.name`                     | Service account name to use, when empty will be set to created account if `serviceAccount.create` is set else to `default` | `` |
+| `serviceAccount.nameTest`                 | Service account name to use for test, when empty will be set to created account if `serviceAccount.create` is set else to `default` | `nil` |
+| `rbac.create`                             | Create and use RBAC resources                 | `true`                                                  |
+| `rbac.namespaced`                         | Creates Role and Rolebinding instead of the default ClusterRole and ClusteRoleBindings for the grafana instance  | `false` |
+| `rbac.useExistingRole`                    | Set to a rolename to use existing role - skipping role creating - but still doing serviceaccount and rolebinding to the rolename set here. | `nil` |
+| `rbac.pspEnabled`                         | Create PodSecurityPolicy (with `rbac.create`, grant roles permissions as well) | `false`                |
+| `rbac.pspUseAppArmor`                     | Enforce AppArmor in created PodSecurityPolicy (requires `rbac.pspEnabled`)  | `false`                   |
+| `rbac.extraRoleRules`                     | Additional rules to add to the Role           | []                                                      |
+| `rbac.extraClusterRoleRules`              | Additional rules to add to the ClusterRole    | []                                                      |
+| `command`                                 | Define command to be executed by grafana container at startup | `nil`                                   |
+| `args`                                    | Define additional args if command is used     | `nil`                                                   |
+| `testFramework.enabled`                   | Whether to create test-related resources      | `true`                                                  |
+| `testFramework.image.registry`            | `test-framework` image registry.            | `docker.io`                                             |
+| `testFramework.image.repository`          | `test-framework` image repository.            | `bats/bats`                                             |
+| `testFramework.image.tag`                 | `test-framework` image tag.                   | `v1.4.1`                                                |
+| `testFramework.imagePullPolicy`           | `test-framework` image pull policy.           | `IfNotPresent`                                          |
+| `testFramework.securityContext`           | `test-framework` securityContext              | `{}`                                                    |
+| `downloadDashboards.env`                  | Environment variables to be passed to the `download-dashboards` container | `{}`                        |
+| `downloadDashboards.envFromSecret`        | Name of a Kubernetes secret (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `""` |
+| `downloadDashboards.resources`            | Resources of `download-dashboards` container  | `{}`                                                    |
+| `downloadDashboardsImage.registry`        | Curl docker image registry                    | `docker.io`                                       |
+| `downloadDashboardsImage.repository`      | Curl docker image repository                  | `curlimages/curl`                                       |
+| `downloadDashboardsImage.tag`             | Curl docker image tag                         | `7.73.0`                                                |
+| `downloadDashboardsImage.sha`             | Curl docker image sha (optional)              | `""`                                                    |
+| `downloadDashboardsImage.pullPolicy`      | Curl docker image pull policy                 | `IfNotPresent`                                          |
+| `namespaceOverride`                       | Override the deployment namespace             | `""` (`Release.Namespace`)                              |
+| `serviceMonitor.enabled`                  | Use servicemonitor from prometheus operator   | `false`                                                 |
+| `serviceMonitor.namespace`                | Namespace this servicemonitor is installed in |                                                         |
+| `serviceMonitor.interval`                 | How frequently Prometheus should scrape       | `1m`                                                    |
+| `serviceMonitor.path`                     | Path to scrape                                | `/metrics`                                              |
+| `serviceMonitor.scheme`                   | Scheme to use for metrics scraping            | `http`                                                  |
+| `serviceMonitor.tlsConfig`                | TLS configuration block for the endpoint      | `{}`                                                    |
+| `serviceMonitor.labels`                   | Labels for the servicemonitor passed to Prometheus Operator      |  `{}`                                |
+| `serviceMonitor.scrapeTimeout`            | Timeout after which the scrape is ended       | `30s`                                                   |
+| `serviceMonitor.relabelings`              | RelabelConfigs to apply to samples before scraping.     | `[]`                                      |
+| `serviceMonitor.metricRelabelings`        | MetricRelabelConfigs to apply to samples before ingestion.  | `[]`                                      |
+| `revisionHistoryLimit`                    | Number of old ReplicaSets to retain           | `10`                                                    |
+| `imageRenderer.enabled`                    | Enable the image-renderer deployment & service                                     | `false`                          |
+| `imageRenderer.image.registry`             | image-renderer Image registry                                                      | `docker.io` |
+| `imageRenderer.image.repository`           | image-renderer Image repository                                                    | `grafana/grafana-image-renderer` |
+| `imageRenderer.image.tag`                  | image-renderer Image tag                                                           | `latest`                         |
+| `imageRenderer.image.sha`                  | image-renderer Image sha (optional)                                                | `""`                             |
+| `imageRenderer.image.pullPolicy`           | image-renderer ImagePullPolicy                                                     | `Always`                         |
+| `imageRenderer.env`                        | extra env-vars for image-renderer                                                  | `{}`                             |
+| `imageRenderer.envValueFrom`               | Environment variables for image-renderer from alternate sources. See the API docs on [EnvVarSource](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#envvarsource-v1-core) for format details. Can be templated | `{}` |
+| `imageRenderer.serviceAccountName`         | image-renderer deployment serviceAccountName                                       | `""`                             |
+| `imageRenderer.securityContext`            | image-renderer deployment securityContext                                          | `{}`                             |
+| `imageRenderer.podAnnotations `            | image-renderer image-renderer pod annotation                                       | `{}`                             |
+| `imageRenderer.hostAliases`                | image-renderer deployment Host Aliases                                             | `[]`                             |
+| `imageRenderer.priorityClassName`          | image-renderer deployment priority class                                           | `''`                             |
+| `imageRenderer.service.enabled`            | Enable the image-renderer service                                                  | `true`                           |
+| `imageRenderer.service.portName`           | image-renderer service port name                                                   | `http`                           |
+| `imageRenderer.service.port`               | image-renderer port used by deployment                                             | `8081`                           |
+| `imageRenderer.service.targetPort`         | image-renderer service port used by service                                        | `8081`                           |
+| `imageRenderer.appProtocol`                | Adds the appProtocol field to the service                                          | ``                               |
+| `imageRenderer.grafanaSubPath`             | Grafana sub path to use for image renderer callback url                            | `''`                             |
+| `imageRenderer.podPortName`                | name of the image-renderer port on the pod                                         | `http`                           |
+| `imageRenderer.revisionHistoryLimit`       | number of image-renderer replica sets to keep                                      | `10`                             |
+| `imageRenderer.networkPolicy.limitIngress` | Enable a NetworkPolicy to limit inbound traffic from only the created grafana pods | `true`                           |
+| `imageRenderer.networkPolicy.limitEgress`  | Enable a NetworkPolicy to limit outbound traffic to only the created grafana pods  | `false`                          |
+| `imageRenderer.resources`                  | Set resource limits for image-renderer pods                                        | `{}`                             |
+| `imageRenderer.nodeSelector`               | Node labels for pod assignment                | `{}`                                                    |
+| `imageRenderer.tolerations`                | Toleration labels for pod assignment          | `[]`                                                    |
+| `imageRenderer.affinity`                   | Affinity settings for pod assignment          | `{}`                                                    |
+| `networkPolicy.enabled`                    | Enable creation of NetworkPolicy resources.                                                                              | `false`             |
+| `networkPolicy.allowExternal`              | Don't require client label for connections                                                                               | `true`              |
+| `networkPolicy.explicitNamespacesSelector` | A Kubernetes LabelSelector to explicitly select namespaces from which traffic could be allowed                           | `{}`                |
+| `networkPolicy.ingress`                    | Enable the creation of an ingress network policy             | `true`    |
+| `networkPolicy.egress.enabled`             | Enable the creation of an egress network policy              | `false`   |
+| `networkPolicy.egress.ports`               | An array of ports to allow for the egress                    | `[]`    |
+| `enableKubeBackwardCompatibility`          | Enable backward compatibility of kubernetes where pod's defintion version below 1.13 doesn't have the enableServiceLinks option  | `false`     |
+
+### Example ingress with path
+
+With grafana 6.3 and above
+
+```yaml
+grafana.ini:
+  server:
+    domain: monitoring.example.com
+    root_url: "%(protocol)s://%(domain)s/grafana"
+    serve_from_sub_path: true
+ingress:
+  enabled: true
+  hosts:
+    - "monitoring.example.com"
+  path: "/grafana"
+```
+
+### Example of extraVolumeMounts and extraVolumes
+
+Configure additional volumes with `extraVolumes` and volume mounts with `extraVolumeMounts`.
+
+Example for `extraVolumeMounts` and corresponding `extraVolumes`:
+
+```yaml
+extraVolumeMounts:
+  - name: plugins
+    mountPath: /var/lib/grafana/plugins
+    subPath: configs/grafana/plugins
+    readOnly: false
+  - name: dashboards
+    mountPath: /var/lib/grafana/dashboards
+    hostPath: /usr/shared/grafana/dashboards
+    readOnly: false
+
+extraVolumes:
+  - name: plugins
+    existingClaim: existing-grafana-claim
+  - name: dashboards
+    hostPath: /usr/shared/grafana/dashboards
+```
+
+Volumes default to `emptyDir`. Set to `persistentVolumeClaim`,
+`hostPath`, `csi`, or `configMap` for other types. For a
+`persistentVolumeClaim`, specify an existing claim name with
+`existingClaim`.
+
+## Import dashboards
+
+There are a few methods to import dashboards to Grafana. Below are some examples and explanations as to how to use each method:
+
+```yaml
+dashboards:
+  default:
+    some-dashboard:
+      json: |
+        {
+          "annotations":
+
+          ...
+          # Complete json file here
+          ...
+
+          "title": "Some Dashboard",
+          "uid": "abcd1234",
+          "version": 1
+        }
+    custom-dashboard:
+      # This is a path to a file inside the dashboards directory inside the chart directory
+      file: dashboards/custom-dashboard.json
+    prometheus-stats:
+      # Ref: https://grafana.com/dashboards/2
+      gnetId: 2
+      revision: 2
+      datasource: Prometheus
+    loki-dashboard-quick-search:
+      gnetId: 12019
+      revision: 2
+      datasource:
+      - name: DS_PROMETHEUS
+        value: Prometheus
+      - name: DS_LOKI
+        value: Loki
+    local-dashboard:
+      url: https://raw.githubusercontent.com/user/repository/master/dashboards/dashboard.json
+```
+
+## BASE64 dashboards
+
+Dashboards could be stored on a server that does not return JSON directly and instead of it returns a Base64 encoded file (e.g. Gerrit)
+A new parameter has been added to the url use case so if you specify a b64content value equals to true after the url entry a Base64 decoding is applied before save the file to disk.
+If this entry is not set or is equals to false not decoding is applied to the file before saving it to disk.
+
+### Gerrit use case
+
+Gerrit API for download files has the following schema: <https://yourgerritserver/a/{project-name}/branches/{branch-id}/files/{file-id}/content> where {project-name} and
+{file-id} usually has '/' in their values and so they MUST be replaced by %2F so if project-name is user/repo, branch-id is master and file-id is equals to dir1/dir2/dashboard
+the url value is <https://yourgerritserver/a/user%2Frepo/branches/master/files/dir1%2Fdir2%2Fdashboard/content>
+
+## Sidecar for dashboards
+
+If the parameter `sidecar.dashboards.enabled` is set, a sidecar container is deployed in the grafana
+pod. This container watches all configmaps (or secrets) in the cluster and filters out the ones with
+a label as defined in `sidecar.dashboards.label`. The files defined in those configmaps are written
+to a folder and accessed by grafana. Changes to the configmaps are monitored and the imported
+dashboards are deleted/updated.
+
+A recommendation is to use one configmap per dashboard, as a reduction of multiple dashboards inside
+one configmap is currently not properly mirrored in grafana.
+
+Example dashboard config:
+
+```yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: sample-grafana-dashboard
+  labels:
+     grafana_dashboard: "1"
+data:
+  k8s-dashboard.json: |-
+  [...]
+```
+
+## Sidecar for datasources
+
+If the parameter `sidecar.datasources.enabled` is set, an init container is deployed in the grafana
+pod. This container lists all secrets (or configmaps, though not recommended) in the cluster and
+filters out the ones with a label as defined in `sidecar.datasources.label`. The files defined in
+those secrets are written to a folder and accessed by grafana on startup. Using these yaml files,
+the data sources in grafana can be imported.
+
+Should you aim for reloading datasources in Grafana each time the config is changed, set `sidecar.datasources.skipReload: false` and adjust `sidecar.datasources.reloadURL` to `http://<svc-name>.<namespace>.svc.cluster.local/api/admin/provisioning/datasources/reload`.
+
+Secrets are recommended over configmaps for this usecase because datasources usually contain private
+data like usernames and passwords. Secrets are the more appropriate cluster resource to manage those.
+
+Example values to add a postgres datasource as a kubernetes secret:
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: grafana-datasources
+  labels:
+    grafana_datasource: 'true' # default value for: sidecar.datasources.label
+stringData:
+  pg-db.yaml: |-
+    apiVersion: 1
+    datasources:
+      - name: My pg db datasource
+        type: postgres
+        url: my-postgresql-db:5432
+        user: db-readonly-user
+        secureJsonData:
+          password: 'SUperSEcretPa$$word'
+        jsonData:
+          database: my_datase
+          sslmode: 'disable' # disable/require/verify-ca/verify-full
+          maxOpenConns: 0 # Grafana v5.4+
+          maxIdleConns: 2 # Grafana v5.4+
+          connMaxLifetime: 14400 # Grafana v5.4+
+          postgresVersion: 1000 # 903=9.3, 904=9.4, 905=9.5, 906=9.6, 1000=10
+          timescaledb: false
+        # <bool> allow users to edit datasources from the UI.
+        editable: false
+```
+
+Example values to add a datasource adapted from [Grafana](http://docs.grafana.org/administration/provisioning/#example-datasource-config-file):
+
+```yaml
+datasources:
+ datasources.yaml:
+   apiVersion: 1
+   datasources:
+      # <string, required> name of the datasource. Required
+    - name: Graphite
+      # <string, required> datasource type. Required
+      type: graphite
+      # <string, required> access mode. proxy or direct (Server or Browser in the UI). Required
+      access: proxy
+      # <int> org id. will default to orgId 1 if not specified
+      orgId: 1
+      # <string> url
+      url: http://localhost:8080
+      # <string> database password, if used
+      password:
+      # <string> database user, if used
+      user:
+      # <string> database name, if used
+      database:
+      # <bool> enable/disable basic auth
+      basicAuth:
+      # <string> basic auth username
+      basicAuthUser:
+      # <string> basic auth password
+      basicAuthPassword:
+      # <bool> enable/disable with credentials headers
+      withCredentials:
+      # <bool> mark as default datasource. Max one per org
+      isDefault:
+      # <map> fields that will be converted to json and stored in json_data
+      jsonData:
+         graphiteVersion: "1.1"
+         tlsAuth: true
+         tlsAuthWithCACert: true
+      # <string> json object of data that will be encrypted.
+      secureJsonData:
+        tlsCACert: "..."
+        tlsClientCert: "..."
+        tlsClientKey: "..."
+      version: 1
+      # <bool> allow users to edit datasources from the UI.
+      editable: false
+```
+
+## Sidecar for notifiers
+
+If the parameter `sidecar.notifiers.enabled` is set, an init container is deployed in the grafana
+pod. This container lists all secrets (or configmaps, though not recommended) in the cluster and
+filters out the ones with a label as defined in `sidecar.notifiers.label`. The files defined in
+those secrets are written to a folder and accessed by grafana on startup. Using these yaml files,
+the notification channels in grafana can be imported. The secrets must be created before
+`helm install` so that the notifiers init container can list the secrets.
+
+Secrets are recommended over configmaps for this usecase because alert notification channels usually contain
+private data like SMTP usernames and passwords. Secrets are the more appropriate cluster resource to manage those.
+
+Example datasource config adapted from [Grafana](https://grafana.com/docs/grafana/latest/administration/provisioning/#alert-notification-channels):
+
+```yaml
+notifiers:
+  - name: notification-channel-1
+    type: slack
+    uid: notifier1
+    # either
+    org_id: 2
+    # or
+    org_name: Main Org.
+    is_default: true
+    send_reminder: true
+    frequency: 1h
+    disable_resolve_message: false
+    # See `Supported Settings` section for settings supporter for each
+    # alert notification type.
+    settings:
+      recipient: 'XXX'
+      token: 'xoxb'
+      uploadImage: true
+      url: https://slack.com
+
+delete_notifiers:
+  - name: notification-channel-1
+    uid: notifier1
+    org_id: 2
+  - name: notification-channel-2
+    # default org_id: 1
+```
+
+## Sidecar for alerting resources
+
+If the parameter `sidecar.alerts.enabled` is set, a sidecar container is deployed in the grafana
+pod. This container watches all configmaps (or secrets) in the cluster (namespace defined by `sidecar.alerts.searchNamespace`) and filters out the ones with
+a label as defined in `sidecar.alerts.label` (default is `grafana_alert`). The files defined in those configmaps are written
+to a folder and accessed by grafana. Changes to the configmaps are monitored and the imported alerting resources are updated, however, deletions are a little more complicated (see below).
+
+This sidecar can be used to provision alert rules, contact points, notification policies, notification templates and mute timings as shown in [Grafana Documentation](https://grafana.com/docs/grafana/next/alerting/set-up/provision-alerting-resources/file-provisioning/).
+
+To fetch the alert config which will be provisioned, use the alert provisioning API ([Grafana Documentation](https://grafana.com/docs/grafana/next/developers/http_api/alerting_provisioning/)).
+You can use either JSON or YAML format.
+
+Example config for an alert rule:
+
+```yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: sample-grafana-alert
+  labels:
+     grafana_alert: "1"
+data:
+  k8s-alert.yml: |-
+    apiVersion: 1
+    groups:
+        - orgId: 1
+          name: k8s-alert
+          [...]
+```
+
+To delete provisioned alert rules is a two step process, you need to delete the configmap which defined the alert rule
+and then create a configuration which deletes the alert rule.
+
+Example deletion configuration:
+```yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: delete-sample-grafana-alert
+  namespace: monitoring
+  labels:
+    grafana_alert: "1"
+data:
+  delete-k8s-alert.yml: |-
+    apiVersion: 1
+    deleteRules:
+      - orgId: 1
+        uid: 16624780-6564-45dc-825c-8bded4ad92d3
+```
+
+## Statically provision alerting resources
+If you don't need to change alerting resources (alert rules, contact points, notification policies and notification templates) regularly you could use the `alerting` config option instead of the sidecar option above.
+This will grab the alerting config and apply it statically at build time for the helm file.
+
+There are two methods to statically provision alerting configuration in Grafana. Below are some examples and explanations as to how to use each method:
+
+```yaml
+alerting:
+  team1-alert-rules.yaml:
+    file: alerting/team1/rules.yaml
+  team2-alert-rules.yaml:
+    file: alerting/team2/rules.yaml
+  team3-alert-rules.yaml:
+    file: alerting/team3/rules.yaml
+  notification-policies.yaml:
+    file: alerting/shared/notification-policies.yaml
+  notification-templates.yaml:
+    file: alerting/shared/notification-templates.yaml
+  contactpoints.yaml:
+    apiVersion: 1
+    contactPoints:
+      - orgId: 1
+        name: Slack channel
+        receivers:
+          - uid: default-receiver
+            type: slack
+            settings:
+              # Webhook URL to be filled in
+              url: ""
+              # We need to escape double curly braces for the tpl function.
+              text: '{{ `{{ template "default.message" . }}` }}'
+              title: '{{ `{{ template "default.title" . }}` }}'
+```
+
+The two possibilities for static alerting resource provisioning are:
+
+* Inlining the file contents as shown for contact points in the above example.
+* Importing a file using a relative path starting from the chart root directory as shown for the alert rules in the above example.
+
+### Important notes on file provisioning
+
+* The format of the files is defined in the [Grafana documentation](https://grafana.com/docs/grafana/next/alerting/set-up/provision-alerting-resources/file-provisioning/) on file provisioning.
+* The chart supports importing YAML and JSON files.
+* The filename must be unique, otherwise one volume mount will overwrite the other.
+* In case of inlining, double curly braces that arise from the Grafana configuration format and are not intended as templates for the chart must be escaped.
+* The number of total files under `alerting:` is not limited. Each file will end up as a volume mount in the corresponding provisioning folder of the deployed Grafana instance.
+* The file size for each import is limited by what the function `.Files.Get` can handle, which suffices for most cases.
+
+## How to serve Grafana with a path prefix (/grafana)
+
+In order to serve Grafana with a prefix (e.g., <http://example.com/grafana>), add the following to your values.yaml.
+
+```yaml
+ingress:
+  enabled: true
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+    nginx.ingress.kubernetes.io/rewrite-target: /$1
+    nginx.ingress.kubernetes.io/use-regex: "true"
+
+  path: /grafana/?(.*)
+  hosts:
+    - k8s.example.dev
+
+grafana.ini:
+  server:
+    root_url: http://localhost:3000/grafana # this host can be localhost
+```
+
+## How to securely reference secrets in grafana.ini
+
+This example uses Grafana [file providers](https://grafana.com/docs/grafana/latest/administration/configuration/#file-provider) for secret values and the `extraSecretMounts` configuration flag (Additional grafana server secret mounts) to mount the secrets.
+
+In grafana.ini:
+
+```yaml
+grafana.ini:
+  [auth.generic_oauth]
+  enabled = true
+  client_id = $__file{/etc/secrets/auth_generic_oauth/client_id}
+  client_secret = $__file{/etc/secrets/auth_generic_oauth/client_secret}
+```
+
+Existing secret, or created along with helm:
+
+```yaml
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: auth-generic-oauth-secret
+type: Opaque
+stringData:
+  client_id: <value>
+  client_secret: <value>
+```
+
+Include in the `extraSecretMounts` configuration flag:
+
+```yaml
+- extraSecretMounts:
+  - name: auth-generic-oauth-secret-mount
+    secretName: auth-generic-oauth-secret
+    defaultMode: 0440
+    mountPath: /etc/secrets/auth_generic_oauth
+    readOnly: true
+```
+
+### extraSecretMounts using a Container Storage Interface (CSI) provider
+
+This example uses a CSI driver e.g. retrieving secrets using [Azure Key Vault Provider](https://github.com/Azure/secrets-store-csi-driver-provider-azure)
+
+```yaml
+- extraSecretMounts:
+  - name: secrets-store-inline
+    mountPath: /run/secrets
+    readOnly: true
+    csi:
+      driver: secrets-store.csi.k8s.io
+      readOnly: true
+      volumeAttributes:
+        secretProviderClass: "my-provider"
+      nodePublishSecretRef:
+        name: akv-creds
+```
+
+## Image Renderer Plug-In
+
+This chart supports enabling [remote image rendering](https://github.com/grafana/grafana-image-renderer/blob/master/README.md#run-in-docker)
+
+```yaml
+imageRenderer:
+  enabled: true
+```
+
+### Image Renderer NetworkPolicy
+
+By default the image-renderer pods will have a network policy which only allows ingress traffic from the created grafana instance
+
+### High Availability for unified alerting
+
+If you want to run Grafana in a high availability cluster you need to enable
+the headless service by setting `headlessService: true` in your `values.yaml`
+file.
+
+As next step you have to setup the `grafana.ini` in your `values.yaml` in a way
+that it will make use of the headless service to obtain all the IPs of the
+cluster. You should replace ``{{ Name }}`` with the name of your helm deployment.
+
+```yaml
+grafana.ini:
+  ...
+  unified_alerting:
+    enabled: true
+    ha_peers: {{ Name }}-headless:9094
+    ha_listen_address: ${POD_IP}:9094
+    ha_advertise_address: ${POD_IP}:9094
+
+  alerting:
+    enabled: false
+```
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/dashboards/custom-dashboard.json b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/dashboards/custom-dashboard.json
new file mode 100644
index 0000000000..9e26dfeeb6
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/dashboards/custom-dashboard.json
@@ -0,0 +1 @@
+{}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/NOTES.txt b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/NOTES.txt
new file mode 100644
index 0000000000..d86419fe23
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/NOTES.txt
@@ -0,0 +1,55 @@
+1. Get your '{{ .Values.adminUser }}' user password by running:
+
+   kubectl get secret --namespace {{ include "grafana.namespace" . }} {{ .Values.admin.existingSecret | default (include "grafana.fullname" .) }} -o jsonpath="{.data.{{ .Values.admin.passwordKey | default "admin-password" }}}" | base64 --decode ; echo
+
+
+2. The Grafana server can be accessed via port {{ .Values.service.port }} on the following DNS name from within your cluster:
+
+   {{ include "grafana.fullname" . }}.{{ include "grafana.namespace" . }}.svc.cluster.local
+{{ if .Values.ingress.enabled }}
+   If you bind grafana to 80, please update values in values.yaml and reinstall:
+   ```
+   securityContext:
+     runAsUser: 0
+     runAsGroup: 0
+     fsGroup: 0
+
+   command:
+   - "setcap"
+   - "'cap_net_bind_service=+ep'"
+   - "/usr/sbin/grafana-server &&"
+   - "sh"
+   - "/run.sh"
+   ```
+   Details refer to https://grafana.com/docs/installation/configuration/#http-port.
+   Or grafana would always crash.
+
+   From outside the cluster, the server URL(s) are:
+     {{- range .Values.ingress.hosts }}
+     http://{{ . }}
+     {{- end }}
+{{- else }}
+   Get the Grafana URL to visit by running these commands in the same shell:
+   {{- if contains "NodePort" .Values.service.type }}
+     export NODE_PORT=$(kubectl get --namespace {{ include "grafana.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "grafana.fullname" . }})
+     export NODE_IP=$(kubectl get nodes --namespace {{ include "grafana.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+     echo http://$NODE_IP:$NODE_PORT
+   {{- else if contains "LoadBalancer" .Values.service.type }}
+   NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+        You can watch the status of by running 'kubectl get svc --namespace {{ include "grafana.namespace" . }} -w {{ include "grafana.fullname" . }}'
+     export SERVICE_IP=$(kubectl get svc --namespace {{ include "grafana.namespace" . }} {{ include "grafana.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+     http://$SERVICE_IP:{{ .Values.service.port -}}
+   {{- else if contains "ClusterIP"  .Values.service.type }}
+     export POD_NAME=$(kubectl get pods --namespace {{ include "grafana.namespace" . }} -l "app.kubernetes.io/name={{ include "grafana.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+     kubectl --namespace {{ include "grafana.namespace" . }} port-forward $POD_NAME 3000
+   {{- end }}
+{{- end }}
+
+3. Login with the password from step 1 and the username: {{ .Values.adminUser }}
+
+{{- if not .Values.persistence.enabled }}
+#################################################################################
+######   WARNING: Persistence is disabled!!! You will lose your data when   #####
+######            the Grafana pod is terminated.                            #####
+#################################################################################
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/_config.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/_config.tpl
new file mode 100644
index 0000000000..19df19cd2a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/_config.tpl
@@ -0,0 +1,171 @@
+{{/*
+ Generate config map data
+ */}}
+{{- define "grafana.configData" -}}
+{{ include "grafana.assertNoLeakedSecrets" . }}
+{{- $files := .Files }}
+{{- $root := . -}}
+{{- with .Values.plugins }}
+plugins: {{ join "," . }}
+{{- end }}
+grafana.ini: |
+{{- range $elem, $elemVal := index .Values "grafana.ini" }}
+  {{- if not (kindIs "map" $elemVal) }}
+  {{- if kindIs "invalid" $elemVal }}
+  {{ $elem }} =
+  {{- else if kindIs "string" $elemVal }}
+  {{ $elem }} = {{ tpl $elemVal $ }}
+  {{- else }}
+  {{ $elem }} = {{ $elemVal }}
+  {{- end }}
+  {{- end }}
+{{- end }}
+{{- range $key, $value := index .Values "grafana.ini" }}
+  {{- if kindIs "map" $value }}
+  [{{ $key }}]
+  {{- range $elem, $elemVal := $value }}
+  {{- if kindIs "invalid" $elemVal }}
+  {{ $elem }} =
+  {{- else if kindIs "string" $elemVal }}
+  {{ $elem }} = {{ tpl $elemVal $ }}
+  {{- else }}
+  {{ $elem }} = {{ $elemVal }}
+  {{- end }}
+  {{- end }}
+  {{- end }}
+{{- end }}
+
+{{- range $key, $value := .Values.datasources }}
+{{- if not (hasKey $value "secret") }}
+{{ $key }}: |
+  {{- tpl (toYaml $value | nindent 2) $root }}
+{{- end }}
+{{- end }}
+
+{{- range $key, $value := .Values.notifiers }}
+{{- if not (hasKey $value "secret") }}
+{{ $key }}: |
+  {{- toYaml $value | nindent 2 }}
+{{- end }}
+{{- end }}
+
+{{- range $key, $value := .Values.alerting }}
+{{- if (hasKey $value "file") }}
+{{ $key }}:
+{{- toYaml ( $files.Get $value.file ) | nindent 2 }}
+{{- else if (or (hasKey $value "secret") (hasKey $value "secretFile"))}}
+{{/*  will be stored inside secret generated by "configSecret.yaml"*/}}
+{{- else }}
+{{ $key }}: |
+  {{- tpl (toYaml $value | nindent 2) $root }}
+{{- end }}
+{{- end }}
+
+{{- range $key, $value := .Values.dashboardProviders }}
+{{ $key }}: |
+  {{- toYaml $value | nindent 2 }}
+{{- end }}
+
+{{- if .Values.dashboards  }}
+download_dashboards.sh: |
+  #!/usr/bin/env sh
+  set -euf
+  {{- if .Values.dashboardProviders }}
+    {{- range $key, $value := .Values.dashboardProviders }}
+      {{- range $value.providers }}
+  mkdir -p {{ .options.path }}
+      {{- end }}
+    {{- end }}
+  {{- end }}
+{{ $dashboardProviders := .Values.dashboardProviders }}
+{{- range $provider, $dashboards := .Values.dashboards }}
+  {{- range $key, $value := $dashboards }}
+    {{- if (or (hasKey $value "gnetId") (hasKey $value "url")) }}
+  curl -skf \
+  --connect-timeout 60 \
+  --max-time 60 \
+    {{- if not $value.b64content }}
+      {{- if not $value.acceptHeader }}
+  -H "Accept: application/json" \
+      {{- else }}
+  -H "Accept: {{ $value.acceptHeader }}" \
+      {{- end }}
+      {{- if $value.token }}
+  -H "Authorization: token {{ $value.token }}" \
+      {{- end }}
+      {{- if $value.bearerToken }}
+  -H "Authorization: Bearer {{ $value.bearerToken }}" \
+      {{- end }}
+      {{- if $value.basic }}
+  -H "Authorization: Basic {{ $value.basic }}" \
+      {{- end }}
+      {{- if $value.gitlabToken }}
+  -H "PRIVATE-TOKEN: {{ $value.gitlabToken }}" \
+      {{- end }}
+  -H "Content-Type: application/json;charset=UTF-8" \
+    {{- end }}
+  {{- $dpPath := "" -}}
+  {{- range $kd := (index $dashboardProviders "dashboardproviders.yaml").providers }}
+    {{- if eq $kd.name $provider }}
+    {{- $dpPath = $kd.options.path }}
+    {{- end }}
+  {{- end }}
+  {{- if $value.url }}
+    "{{ $value.url }}" \
+  {{- else }}
+    "https://grafana.com/api/dashboards/{{ $value.gnetId }}/revisions/{{- if $value.revision -}}{{ $value.revision }}{{- else -}}1{{- end -}}/download" \
+  {{- end }}
+  {{- if $value.datasource }}
+    {{- if kindIs "string" $value.datasource }}
+    | sed '/-- .* --/! s/"datasource":.*,/"datasource": "{{ $value.datasource }}",/g' \
+    {{- end }}
+    {{- if kindIs "slice" $value.datasource }}
+      {{- range $value.datasource }}
+        | sed '/-- .* --/! s/${{"{"}}{{ .name }}}/{{ .value }}/g' \
+      {{- end }}
+    {{- end }}
+  {{- end }}
+  {{- if $value.b64content }}
+    | base64 -d \
+  {{- end }}
+  > "{{- if $dpPath -}}{{ $dpPath }}{{- else -}}/var/lib/grafana/dashboards/{{ $provider }}{{- end -}}/{{ $key }}.json"
+    {{ end }}
+  {{- end }}
+{{- end }}
+{{- end }}
+{{- end -}}
+
+{{/*
+ Generate dashboard json config map data
+ */}}
+{{- define "grafana.configDashboardProviderData" -}}
+provider.yaml: |-
+  apiVersion: 1
+  providers:
+    - name: '{{ .Values.sidecar.dashboards.provider.name }}'
+      orgId: {{ .Values.sidecar.dashboards.provider.orgid }}
+      {{- if not .Values.sidecar.dashboards.provider.foldersFromFilesStructure }}
+      folder: '{{ .Values.sidecar.dashboards.provider.folder }}'
+      {{- end }}
+      type: {{ .Values.sidecar.dashboards.provider.type }}
+      disableDeletion: {{ .Values.sidecar.dashboards.provider.disableDelete }}
+      allowUiUpdates: {{ .Values.sidecar.dashboards.provider.allowUiUpdates }}
+      updateIntervalSeconds: {{ .Values.sidecar.dashboards.provider.updateIntervalSeconds | default 30 }}
+      options:
+        foldersFromFilesStructure: {{ .Values.sidecar.dashboards.provider.foldersFromFilesStructure }}
+        path: {{ .Values.sidecar.dashboards.folder }}{{- with .Values.sidecar.dashboards.defaultFolderName }}/{{ . }}{{- end }}
+{{- end -}}
+
+{{- define "grafana.secretsData" -}}
+{{- if and (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) (not .Values.admin.existingSecret) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) }}
+admin-user: {{ .Values.adminUser | b64enc | quote }}
+{{- if .Values.adminPassword }}
+admin-password: {{ .Values.adminPassword | b64enc | quote }}
+{{- else }}
+admin-password: {{ include "grafana.password" . }}
+{{- end }}
+{{- end }}
+{{- if not .Values.ldap.existingSecret }}
+ldap-toml: {{ tpl .Values.ldap.config $ | b64enc | quote }}
+{{- end }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/_helpers.tpl
new file mode 100644
index 0000000000..68d2d815d8
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/_helpers.tpl
@@ -0,0 +1,305 @@
+# Rancher
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "grafana.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "grafana.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "grafana.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create the name of the service account
+*/}}
+{{- define "grafana.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "grafana.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{- define "grafana.serviceAccountNameTest" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (print (include "grafana.fullname" .) "-test") .Values.serviceAccount.nameTest }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.nameTest }}
+{{- end }}
+{{- end }}
+
+{{/*
+Allow the release namespace to be overridden for multi-namespace deployments in combined charts
+*/}}
+{{- define "grafana.namespace" -}}
+{{- if .Values.namespaceOverride }}
+{{- .Values.namespaceOverride }}
+{{- else }}
+{{- .Release.Namespace }}
+{{- end }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "grafana.labels" -}}
+helm.sh/chart: {{ include "grafana.chart" . }}
+{{ include "grafana.selectorLabels" . }}
+{{- if or .Chart.AppVersion .Values.image.tag }}
+app.kubernetes.io/version: {{ mustRegexReplaceAllLiteral "@sha.*" .Values.image.tag "" | default .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- with .Values.extraLabels }}
+{{ toYaml . }}
+{{- end }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "grafana.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "grafana.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "grafana.imageRenderer.labels" -}}
+helm.sh/chart: {{ include "grafana.chart" . }}
+{{ include "grafana.imageRenderer.selectorLabels" . }}
+{{- if or .Chart.AppVersion .Values.image.tag }}
+app.kubernetes.io/version: {{ mustRegexReplaceAllLiteral "@sha.*" .Values.image.tag "" | default .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels ImageRenderer
+*/}}
+{{- define "grafana.imageRenderer.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "grafana.name" . }}-image-renderer
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Looks if there's an existing secret and reuse its password. If not it generates
+new password and use it.
+*/}}
+{{- define "grafana.password" -}}
+{{- $secret := (lookup "v1" "Secret" (include "grafana.namespace" .) (include "grafana.fullname" .) ) }}
+{{- if $secret }}
+{{- index $secret "data" "admin-password" }}
+{{- else }}
+{{- (randAlphaNum 40) | b64enc | quote }}
+{{- end }}
+{{- end }}
+
+{{/*
+Return the appropriate apiVersion for rbac.
+*/}}
+{{- define "grafana.rbac.apiVersion" -}}
+{{- if $.Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
+{{- print "rbac.authorization.k8s.io/v1" }}
+{{- else }}
+{{- print "rbac.authorization.k8s.io/v1beta1" }}
+{{- end }}
+{{- end }}
+
+{{/*
+Return the appropriate apiVersion for ingress.
+*/}}
+{{- define "grafana.ingress.apiVersion" -}}
+{{- if and ($.Capabilities.APIVersions.Has "networking.k8s.io/v1") (semverCompare ">= 1.19-0" .Capabilities.KubeVersion.Version) }}
+{{- print "networking.k8s.io/v1" }}
+{{- else if $.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }}
+{{- print "networking.k8s.io/v1beta1" }}
+{{- else }}
+{{- print "extensions/v1beta1" }}
+{{- end }}
+{{- end }}
+
+{{/*
+Return the appropriate apiVersion for Horizontal Pod Autoscaler.
+*/}}
+{{- define "grafana.hpa.apiVersion" -}}
+{{- if .Capabilities.APIVersions.Has "autoscaling/v2" }}  
+{{- print "autoscaling/v2" }}  
+{{- else }}  
+{{- print "autoscaling/v2beta2" }}  
+{{- end }} 
+{{- end }}
+
+{{/*
+Return the appropriate apiVersion for podDisruptionBudget.
+*/}}
+{{- define "grafana.podDisruptionBudget.apiVersion" -}}
+{{- if $.Values.podDisruptionBudget.apiVersion }}
+{{- print $.Values.podDisruptionBudget.apiVersion }}
+{{- else if $.Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" }}
+{{- print "policy/v1" }}
+{{- else }}
+{{- print "policy/v1beta1" }}
+{{- end }}
+{{- end }}
+
+{{/*
+Return if ingress is stable.
+*/}}
+{{- define "grafana.ingress.isStable" -}}
+{{- eq (include "grafana.ingress.apiVersion" .) "networking.k8s.io/v1" }}
+{{- end }}
+
+{{/*
+Return if ingress supports ingressClassName.
+*/}}
+{{- define "grafana.ingress.supportsIngressClassName" -}}
+{{- or (eq (include "grafana.ingress.isStable" .) "true") (and (eq (include "grafana.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" .Capabilities.KubeVersion.Version)) }}
+{{- end }}
+
+{{/*
+Return if ingress supports pathType.
+*/}}
+{{- define "grafana.ingress.supportsPathType" -}}
+{{- or (eq (include "grafana.ingress.isStable" .) "true") (and (eq (include "grafana.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" .Capabilities.KubeVersion.Version)) }}
+{{- end }}
+
+{{/*
+Formats imagePullSecrets. Input is (dict "root" . "imagePullSecrets" .{specific imagePullSecrets})
+*/}}
+{{- define "grafana.imagePullSecrets" -}}
+{{- $root := .root }}
+{{- range (concat .root.Values.global.imagePullSecrets .imagePullSecrets) }}
+{{- if eq (typeOf .) "map[string]interface {}" }}
+- {{ toYaml (dict "name" (tpl .name $root)) | trim }}
+{{- else }}
+- name: {{ tpl . $root }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+
+{{/*
+ Checks whether or not the configSecret secret has to be created
+ */}}
+{{- define "grafana.shouldCreateConfigSecret" -}}
+{{- $secretFound := false -}}
+{{- range $key, $value := .Values.datasources }}
+  {{- if hasKey $value "secret" }}
+    {{- $secretFound = true}}
+  {{- end }}
+{{- end }}
+{{- range $key, $value := .Values.notifiers }}
+  {{- if hasKey $value "secret" }}
+    {{- $secretFound = true}}
+  {{- end }}
+{{- end }}
+{{- range $key, $value := .Values.alerting }}
+  {{- if (or (hasKey $value "secret") (hasKey $value "secretFile")) }}
+    {{- $secretFound = true}}
+  {{- end }}
+{{- end }}
+{{- $secretFound}}
+{{- end -}}
+
+{{/*
+    Checks whether the user is attempting to store secrets in plaintext
+    in the grafana.ini configmap
+*/}}
+{{/* grafana.assertNoLeakedSecrets checks for sensitive keys in values */}}
+{{- define "grafana.assertNoLeakedSecrets" -}}
+      {{- $sensitiveKeysYaml := `
+sensitiveKeys:
+- path: ["database", "password"]
+- path: ["smtp", "password"]
+- path: ["security", "secret_key"]
+- path: ["security", "admin_password"]
+- path: ["auth.basic", "password"]
+- path: ["auth.ldap", "bind_password"]
+- path: ["auth.google", "client_secret"]
+- path: ["auth.github", "client_secret"]
+- path: ["auth.gitlab", "client_secret"]
+- path: ["auth.generic_oauth", "client_secret"]
+- path: ["auth.okta", "client_secret"]
+- path: ["auth.azuread", "client_secret"]
+- path: ["auth.grafana_com", "client_secret"]
+- path: ["auth.grafananet", "client_secret"]
+- path: ["azure", "user_identity_client_secret"]
+- path: ["unified_alerting", "ha_redis_password"]
+- path: ["metrics", "basic_auth_password"]
+- path: ["external_image_storage.s3", "secret_key"]
+- path: ["external_image_storage.webdav", "password"]
+- path: ["external_image_storage.azure_blob", "account_key"]
+` | fromYaml -}}
+  {{- if $.Values.assertNoLeakedSecrets -}}
+      {{- $grafanaIni := index .Values "grafana.ini" -}}
+      {{- range $_, $secret := $sensitiveKeysYaml.sensitiveKeys -}}
+        {{- $currentMap := $grafanaIni -}}
+        {{- $shouldContinue := true -}}
+        {{- range $index, $elem := $secret.path -}}
+          {{- if and $shouldContinue (hasKey $currentMap $elem) -}}
+            {{- if eq (len $secret.path) (add1 $index) -}}
+              {{- if not (regexMatch "\\$(?:__(?:env|file|vault))?{[^}]+}" (index $currentMap $elem)) -}}
+                {{- fail (printf "Sensitive key '%s' should not be defined explicitly in values. Use variable expansion instead. You can disable this client-side validation by changing the value of assertNoLeakedSecrets." (join "." $secret.path)) -}}
+              {{- end -}}
+            {{- else -}}
+              {{- $currentMap = index $currentMap $elem -}}
+            {{- end -}}
+          {{- else -}}
+              {{- $shouldContinue = false -}}
+          {{- end -}}
+        {{- end -}}
+      {{- end -}}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/_pod.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/_pod.tpl
new file mode 100644
index 0000000000..2ebf7d5f10
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/_pod.tpl
@@ -0,0 +1,1296 @@
+{{- define "grafana.pod" -}}
+{{- $sts := list "sts" "StatefulSet" "statefulset" -}}
+{{- $root := . -}}
+{{- with .Values.schedulerName }}
+schedulerName: "{{ . }}"
+{{- end }}
+serviceAccountName: {{ include "grafana.serviceAccountName" . }}
+automountServiceAccountToken: {{ .Values.automountServiceAccountToken }}
+{{- with .Values.securityContext }}
+securityContext:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.hostAliases }}
+hostAliases:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- if .Values.dnsPolicy }}
+dnsPolicy: {{ .Values.dnsPolicy }}
+{{- end }}
+{{- with .Values.dnsConfig }}
+dnsConfig:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.priorityClassName }}
+priorityClassName: {{ . }}
+{{- end }}
+{{- if ( or .Values.persistence.enabled .Values.dashboards .Values.extraInitContainers (and .Values.sidecar.alerts.enabled .Values.sidecar.alerts.initAlerts) (and .Values.sidecar.datasources.enabled .Values.sidecar.datasources.initDatasources) (and .Values.sidecar.notifiers.enabled .Values.sidecar.notifiers.initNotifiers)) }}
+initContainers:
+{{- end }}
+{{- if ( and .Values.persistence.enabled .Values.initChownData.enabled ) }}
+  - name: init-chown-data
+    {{- $registry := include "system_default_registry" . | default .Values.initChownData.image.registry -}}
+    {{- if .Values.initChownData.image.sha }}
+    image: "{{ $registry }}{{ .Values.initChownData.image.repository }}:{{ .Values.initChownData.image.tag }}@sha256:{{ .Values.initChownData.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.initChownData.image.repository }}:{{ .Values.initChownData.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.initChownData.image.pullPolicy }}
+    {{- with .Values.initChownData.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    command:
+      - chown
+      - -R
+      - {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.runAsGroup }}
+      - /var/lib/grafana
+    {{- with .Values.initChownData.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: storage
+        mountPath: "/var/lib/grafana"
+        {{- with .Values.persistence.subPath }}
+        subPath: {{ tpl . $root }}
+        {{- end }}
+{{- end }}
+{{- if .Values.dashboards }}
+  - name: download-dashboards
+    {{- $registry := include "system_default_registry" . | default .Values.downloadDashboardsImage.registry -}}
+    {{- if .Values.downloadDashboardsImage.sha }}
+    image: "{{ $registry }}{{ .Values.downloadDashboardsImage.repository }}:{{ .Values.downloadDashboardsImage.tag }}@sha256:{{ .Values.downloadDashboardsImage.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.downloadDashboardsImage.repository }}:{{ .Values.downloadDashboardsImage.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.downloadDashboardsImage.pullPolicy }}
+    command: ["/bin/sh"]
+    args: [ "-c", "mkdir -p /var/lib/grafana/dashboards/default && /bin/sh -x /etc/grafana/download_dashboards.sh" ]
+    {{- with .Values.downloadDashboards.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    env:
+      {{- range $key, $value := .Values.downloadDashboards.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- range $key, $value := .Values.downloadDashboards.envValueFrom }}
+      - name: {{ $key | quote }}
+        valueFrom:
+          {{- tpl (toYaml $value) $ | nindent 10 }}
+      {{- end }}
+    {{- with .Values.downloadDashboards.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.downloadDashboards.envFromSecret }}
+    envFrom:
+      - secretRef:
+          name: {{ tpl . $root }}
+    {{- end }}
+    volumeMounts:
+      - name: config
+        mountPath: "/etc/grafana/download_dashboards.sh"
+        subPath: download_dashboards.sh
+      - name: storage
+        mountPath: "/var/lib/grafana"
+        {{- with .Values.persistence.subPath }}
+        subPath: {{ tpl . $root }}
+        {{- end }}
+      {{- range .Values.extraSecretMounts }}
+      - name: {{ .name }}
+        mountPath: {{ .mountPath }}
+        readOnly: {{ .readOnly }}
+      {{- end }}
+{{- end }}
+{{- if and .Values.sidecar.alerts.enabled .Values.sidecar.alerts.initAlerts }}
+  - name: {{ include "grafana.name" . }}-init-sc-alerts
+    {{- $registry := include "system_default_registry" . | default .Values.sidecar.image.registry -}}
+    {{- if .Values.sidecar.image.sha }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
+    env:
+      {{- range $key, $value := .Values.sidecar.alerts.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- if .Values.sidecar.alerts.ignoreAlreadyProcessed }}
+      - name: IGNORE_ALREADY_PROCESSED
+        value: "true"
+      {{- end }}
+      - name: METHOD
+        value: "LIST"
+      - name: LABEL
+        value: "{{ .Values.sidecar.alerts.label }}"
+      {{- with .Values.sidecar.alerts.labelValue }}
+      - name: LABEL_VALUE
+        value: {{ quote . }}
+      {{- end }}
+      {{- if or .Values.sidecar.logLevel .Values.sidecar.alerts.logLevel }}
+      - name: LOG_LEVEL
+        value: {{ default .Values.sidecar.logLevel .Values.sidecar.alerts.logLevel }}
+      {{- end }}
+      - name: FOLDER
+        value: "/etc/grafana/provisioning/alerting"
+      - name: RESOURCE
+        value: {{ quote .Values.sidecar.alerts.resource }}
+      {{- with .Values.sidecar.enableUniqueFilenames }}
+      - name: UNIQUE_FILENAMES
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.alerts.searchNamespace }}
+      - name: NAMESPACE
+        value: {{ . | join "," | quote }}
+      {{- end }}
+      {{- with .Values.sidecar.alerts.skipTlsVerify }}
+      - name: SKIP_TLS_VERIFY
+        value: {{ quote . }}
+      {{- end }}
+      {{- with .Values.sidecar.alerts.script }}
+      - name: SCRIPT
+        value: {{ quote . }}
+      {{- end }}
+    {{- with .Values.sidecar.livenessProbe }}
+    livenessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.readinessProbe }}
+    readinessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: sc-alerts-volume
+        mountPath: "/etc/grafana/provisioning/alerting"
+      {{- with .Values.sidecar.alerts.extraMounts }}
+      {{- toYaml . | trim | nindent 6 }}
+      {{- end }}
+{{- end }}
+{{- if and .Values.sidecar.datasources.enabled .Values.sidecar.datasources.initDatasources }}
+  - name: {{ include "grafana.name" . }}-init-sc-datasources
+    {{- $registry := include "system_default_registry" . | default .Values.sidecar.image.registry -}}
+    {{- if .Values.sidecar.image.sha }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
+    env:
+      {{- range $key, $value := .Values.sidecar.datasources.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- if .Values.sidecar.datasources.ignoreAlreadyProcessed }}
+      - name: IGNORE_ALREADY_PROCESSED
+        value: "true"
+      {{- end }}
+      - name: METHOD
+        value: "LIST"
+      - name: LABEL
+        value: "{{ .Values.sidecar.datasources.label }}"
+      {{- with .Values.sidecar.datasources.labelValue }}
+      - name: LABEL_VALUE
+        value: {{ quote . }}
+      {{- end }}
+      {{- if or .Values.sidecar.logLevel .Values.sidecar.datasources.logLevel }}
+      - name: LOG_LEVEL
+        value: {{ default .Values.sidecar.logLevel .Values.sidecar.datasources.logLevel }}
+      {{- end }}
+      - name: FOLDER
+        value: "/etc/grafana/provisioning/datasources"
+      - name: RESOURCE
+        value: {{ quote .Values.sidecar.datasources.resource }}
+      {{- with .Values.sidecar.enableUniqueFilenames }}
+      - name: UNIQUE_FILENAMES
+        value: "{{ . }}"
+      {{- end }}
+      {{- if .Values.sidecar.datasources.searchNamespace }}
+      - name: NAMESPACE
+        value: "{{ tpl (.Values.sidecar.datasources.searchNamespace | join ",") . }}"
+      {{- end }}
+      {{- with .Values.sidecar.skipTlsVerify }}
+      - name: SKIP_TLS_VERIFY
+        value: "{{ . }}"
+      {{- end }}
+    {{- with .Values.sidecar.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: sc-datasources-volume
+        mountPath: "/etc/grafana/provisioning/datasources"
+{{- end }}
+{{- if and .Values.sidecar.notifiers.enabled .Values.sidecar.notifiers.initNotifiers }}
+  - name: {{ include "grafana.name" . }}-init-sc-notifiers
+    {{- $registry := include "system_default_registry" . | default .Values.sidecar.image.registry -}}
+    {{- if .Values.sidecar.image.sha }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
+    env:
+      {{- range $key, $value := .Values.sidecar.notifiers.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- if .Values.sidecar.notifiers.ignoreAlreadyProcessed }}
+      - name: IGNORE_ALREADY_PROCESSED
+        value: "true"
+      {{- end }}
+      - name: METHOD
+        value: LIST
+      - name: LABEL
+        value: "{{ .Values.sidecar.notifiers.label }}"
+      {{- with .Values.sidecar.notifiers.labelValue }}
+      - name: LABEL_VALUE
+        value: {{ quote . }}
+      {{- end }}
+      {{- if or .Values.sidecar.logLevel .Values.sidecar.notifiers.logLevel }}
+      - name: LOG_LEVEL
+        value: {{ default .Values.sidecar.logLevel .Values.sidecar.notifiers.logLevel }}
+      {{- end }}
+      - name: FOLDER
+        value: "/etc/grafana/provisioning/notifiers"
+      - name: RESOURCE
+        value: {{ quote .Values.sidecar.notifiers.resource }}
+      {{- with .Values.sidecar.enableUniqueFilenames }}
+      - name: UNIQUE_FILENAMES
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.notifiers.searchNamespace }}
+      - name: NAMESPACE
+        value: "{{ tpl (. | join ",") $root }}"
+      {{- end }}
+      {{- with .Values.sidecar.skipTlsVerify }}
+      - name: SKIP_TLS_VERIFY
+        value: "{{ . }}"
+      {{- end }}
+    {{- with .Values.sidecar.livenessProbe }}
+    livenessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.readinessProbe }}
+    readinessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: sc-notifiers-volume
+        mountPath: "/etc/grafana/provisioning/notifiers"
+{{- end}}
+{{- with .Values.extraInitContainers }}
+  {{- tpl (toYaml .) $root | nindent 2 }}
+{{- end }}
+{{- if or .Values.image.pullSecrets .Values.global.imagePullSecrets }}
+imagePullSecrets:
+  {{- include "grafana.imagePullSecrets" (dict "root" $root "imagePullSecrets" .Values.image.pullSecrets) | nindent 2 }}
+{{- end }}
+{{- if not .Values.enableKubeBackwardCompatibility }}
+enableServiceLinks: {{ .Values.enableServiceLinks }}
+{{- end }}
+containers:
+{{- if and .Values.sidecar.alerts.enabled (not .Values.sidecar.alerts.initAlerts) }}
+  - name: {{ include "grafana.name" . }}-sc-alerts
+    {{- $registry := include "system_default_registry" . | default .Values.sidecar.image.registry -}}
+    {{- if .Values.sidecar.image.sha }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
+    env:
+      {{- range $key, $value := .Values.sidecar.alerts.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- if .Values.sidecar.alerts.ignoreAlreadyProcessed }}
+      - name: IGNORE_ALREADY_PROCESSED
+        value: "true"
+      {{- end }}
+      - name: METHOD
+        value: {{ .Values.sidecar.alerts.watchMethod }}
+      - name: LABEL
+        value: "{{ .Values.sidecar.alerts.label }}"
+      {{- with .Values.sidecar.alerts.labelValue }}
+      - name: LABEL_VALUE
+        value: {{ quote . }}
+      {{- end }}
+      {{- if or .Values.sidecar.logLevel .Values.sidecar.alerts.logLevel }}
+      - name: LOG_LEVEL
+        value: {{ default .Values.sidecar.logLevel .Values.sidecar.alerts.logLevel }}
+      {{- end }}
+      - name: FOLDER
+        value: "/etc/grafana/provisioning/alerting"
+      - name: RESOURCE
+        value: {{ quote .Values.sidecar.alerts.resource }}
+      {{- with .Values.sidecar.enableUniqueFilenames }}
+      - name: UNIQUE_FILENAMES
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.alerts.searchNamespace }}
+      - name: NAMESPACE
+        value: {{ . | join "," | quote }}
+      {{- end }}
+      {{- with .Values.sidecar.alerts.skipTlsVerify }}
+      - name: SKIP_TLS_VERIFY
+        value: {{ quote . }}
+      {{- end }}
+      {{- with .Values.sidecar.alerts.script }}
+      - name: SCRIPT
+        value: {{ quote . }}
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_USERNAME
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.userKey | default "admin-user" }}
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_PASSWORD
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.passwordKey | default "admin-password" }}
+      {{- end }}
+      {{- if not .Values.sidecar.alerts.skipReload }}
+      - name: REQ_URL
+        value: {{ .Values.sidecar.alerts.reloadURL }}
+      - name: REQ_METHOD
+        value: POST
+      {{- end }}
+      {{- if .Values.sidecar.alerts.watchServerTimeout }}
+      {{- if ne .Values.sidecar.alerts.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.alerts.watchServerTimeout with .Values.sidecar.alerts.watchMethod %s" .Values.sidecar.alerts.watchMethod) }}
+      {{- end }}
+      - name: WATCH_SERVER_TIMEOUT
+        value: "{{ .Values.sidecar.alerts.watchServerTimeout }}"
+      {{- end }}
+      {{- if .Values.sidecar.alerts.watchClientTimeout }}
+      {{- if ne .Values.sidecar.alerts.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.alerts.watchClientTimeout with .Values.sidecar.alerts.watchMethod %s" .Values.sidecar.alerts.watchMethod) }}
+      {{- end }}
+      - name: WATCH_CLIENT_TIMEOUT
+        value: "{{ .Values.sidecar.alerts.watchClientTimeout }}"
+      {{- end }}
+    {{- with .Values.sidecar.livenessProbe }}
+    livenessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.readinessProbe }}
+    readinessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: sc-alerts-volume
+        mountPath: "/etc/grafana/provisioning/alerting"
+      {{- with .Values.sidecar.alerts.extraMounts }}
+      {{- toYaml . | trim | nindent 6 }}
+      {{- end }}
+{{- end}}
+{{- if .Values.sidecar.dashboards.enabled }}
+  - name: {{ include "grafana.name" . }}-sc-dashboard
+    {{- $registry := include "system_default_registry" . | default .Values.sidecar.image.registry -}}
+    {{- if .Values.sidecar.image.sha }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
+    env:
+      {{- range $key, $value := .Values.sidecar.dashboards.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- range $key, $value := .Values.sidecar.datasources.envValueFrom }}
+      - name: {{ $key | quote }}
+        valueFrom:
+          {{- tpl (toYaml $value) $ | nindent 10 }}
+      {{- end }}
+      {{- if .Values.sidecar.dashboards.ignoreAlreadyProcessed }}
+      - name: IGNORE_ALREADY_PROCESSED
+        value: "true"
+      {{- end }}
+      - name: METHOD
+        value: {{ .Values.sidecar.dashboards.watchMethod }}
+      - name: LABEL
+        value: "{{ .Values.sidecar.dashboards.label }}"
+      {{- with .Values.sidecar.dashboards.labelValue }}
+      - name: LABEL_VALUE
+        value: {{ quote . }}
+      {{- end }}
+      {{- if or .Values.sidecar.logLevel .Values.sidecar.dashboards.logLevel }}
+      - name: LOG_LEVEL
+        value: {{ default .Values.sidecar.logLevel .Values.sidecar.dashboards.logLevel }}
+      {{- end }}
+      - name: FOLDER
+        value: "{{ .Values.sidecar.dashboards.folder }}{{- with .Values.sidecar.dashboards.defaultFolderName }}/{{ . }}{{- end }}"
+      - name: RESOURCE
+        value: {{ quote .Values.sidecar.dashboards.resource }}
+      {{- with .Values.sidecar.enableUniqueFilenames }}
+      - name: UNIQUE_FILENAMES
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.dashboards.searchNamespace }}
+      - name: NAMESPACE
+        value: "{{ tpl (. | join ",") $root }}"
+      {{- end }}
+      {{- with .Values.sidecar.skipTlsVerify }}
+      - name: SKIP_TLS_VERIFY
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.dashboards.folderAnnotation }}
+      - name: FOLDER_ANNOTATION
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.dashboards.script }}
+      - name: SCRIPT
+        value: "{{ . }}"
+      {{- end }}
+      {{- if not .Values.sidecar.dashboards.skipReload }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_USERNAME
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.userKey | default "admin-user" }}
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_PASSWORD
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.passwordKey | default "admin-password" }}
+      {{- end }}
+      - name: REQ_URL
+        value: {{ .Values.sidecar.dashboards.reloadURL }}
+      - name: REQ_METHOD
+        value: POST
+      {{- end }}
+      {{- if .Values.sidecar.dashboards.watchServerTimeout }}
+      {{- if ne .Values.sidecar.dashboards.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.dashboards.watchServerTimeout with .Values.sidecar.dashboards.watchMethod %s" .Values.sidecar.dashboards.watchMethod) }}
+      {{- end }}
+      - name: WATCH_SERVER_TIMEOUT
+        value: "{{ .Values.sidecar.dashboards.watchServerTimeout }}"
+      {{- end }}
+      {{- if .Values.sidecar.dashboards.watchClientTimeout }}
+      {{- if ne .Values.sidecar.dashboards.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.dashboards.watchClientTimeout with .Values.sidecar.dashboards.watchMethod %s" .Values.sidecar.dashboards.watchMethod) }}
+      {{- end }}
+      - name: WATCH_CLIENT_TIMEOUT
+        value: {{ .Values.sidecar.dashboards.watchClientTimeout | quote }}
+      {{- end }}
+    {{- with .Values.sidecar.livenessProbe }}
+    livenessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.readinessProbe }}
+    readinessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: sc-dashboard-volume
+        mountPath: {{ .Values.sidecar.dashboards.folder | quote }}
+      {{- with .Values.sidecar.dashboards.extraMounts }}
+      {{- toYaml . | trim | nindent 6 }}
+      {{- end }}
+{{- end}}
+{{- if and .Values.sidecar.datasources.enabled (not .Values.sidecar.datasources.initDatasources) }}
+  - name: {{ include "grafana.name" . }}-sc-datasources
+    {{- $registry := include "system_default_registry" . | default .Values.sidecar.image.registry -}}
+    {{- if .Values.sidecar.image.sha }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
+    env:
+      {{- range $key, $value := .Values.sidecar.datasources.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- if .Values.sidecar.datasources.ignoreAlreadyProcessed }}
+      - name: IGNORE_ALREADY_PROCESSED
+        value: "true"
+      {{- end }}
+      - name: METHOD
+        value: {{ .Values.sidecar.datasources.watchMethod }}
+      - name: LABEL
+        value: "{{ .Values.sidecar.datasources.label }}"
+      {{- with .Values.sidecar.datasources.labelValue }}
+      - name: LABEL_VALUE
+        value: {{ quote . }}
+      {{- end }}
+      {{- if or .Values.sidecar.logLevel .Values.sidecar.datasources.logLevel }}
+      - name: LOG_LEVEL
+        value: {{ default .Values.sidecar.logLevel .Values.sidecar.datasources.logLevel }}
+      {{- end }}
+      - name: FOLDER
+        value: "/etc/grafana/provisioning/datasources"
+      - name: RESOURCE
+        value: {{ quote .Values.sidecar.datasources.resource }}
+      {{- with .Values.sidecar.enableUniqueFilenames }}
+      - name: UNIQUE_FILENAMES
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.datasources.searchNamespace }}
+      - name: NAMESPACE
+        value: "{{ tpl (. | join ",") $root }}"
+      {{- end }}
+      {{- if .Values.sidecar.skipTlsVerify }}
+      - name: SKIP_TLS_VERIFY
+        value: "{{ .Values.sidecar.skipTlsVerify }}"
+      {{- end }}
+      {{- if .Values.sidecar.datasources.script }}
+      - name: SCRIPT
+        value: "{{ .Values.sidecar.datasources.script }}"
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_USERNAME
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.userKey | default "admin-user" }}
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_PASSWORD
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.passwordKey | default "admin-password" }}
+      {{- end }}
+      {{- if not .Values.sidecar.datasources.skipReload }}
+      - name: REQ_URL
+        value: {{ .Values.sidecar.datasources.reloadURL }}
+      - name: REQ_METHOD
+        value: POST
+      {{- end }}
+      {{- if .Values.sidecar.datasources.watchServerTimeout }}
+      {{- if ne .Values.sidecar.datasources.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.datasources.watchServerTimeout with .Values.sidecar.datasources.watchMethod %s" .Values.sidecar.datasources.watchMethod) }}
+      {{- end }}
+      - name: WATCH_SERVER_TIMEOUT
+        value: "{{ .Values.sidecar.datasources.watchServerTimeout }}"
+      {{- end }}
+      {{- if .Values.sidecar.datasources.watchClientTimeout }}
+      {{- if ne .Values.sidecar.datasources.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.datasources.watchClientTimeout with .Values.sidecar.datasources.watchMethod %s" .Values.sidecar.datasources.watchMethod) }}
+      {{- end }}
+      - name: WATCH_CLIENT_TIMEOUT
+        value: "{{ .Values.sidecar.datasources.watchClientTimeout }}"
+      {{- end }}
+    {{- with .Values.sidecar.livenessProbe }}
+    livenessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.readinessProbe }}
+    readinessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: sc-datasources-volume
+        mountPath: "/etc/grafana/provisioning/datasources"
+{{- end}}
+{{- if .Values.sidecar.notifiers.enabled }}
+  - name: {{ include "grafana.name" . }}-sc-notifiers
+    {{- $registry := include "system_default_registry" . | default .Values.sidecar.image.registry -}}
+    {{- if .Values.sidecar.image.sha }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
+    env:
+      {{- range $key, $value := .Values.sidecar.notifiers.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- if .Values.sidecar.notifiers.ignoreAlreadyProcessed }}
+      - name: IGNORE_ALREADY_PROCESSED
+        value: "true"
+      {{- end }}
+      - name: METHOD
+        value: {{ .Values.sidecar.notifiers.watchMethod }}
+      - name: LABEL
+        value: "{{ .Values.sidecar.notifiers.label }}"
+      {{- with .Values.sidecar.notifiers.labelValue }}
+      - name: LABEL_VALUE
+        value: {{ quote . }}
+      {{- end }}
+      {{- if or .Values.sidecar.logLevel .Values.sidecar.notifiers.logLevel }}
+      - name: LOG_LEVEL
+        value: {{ default .Values.sidecar.logLevel .Values.sidecar.notifiers.logLevel }}
+      {{- end }}
+      - name: FOLDER
+        value: "/etc/grafana/provisioning/notifiers"
+      - name: RESOURCE
+        value: {{ quote .Values.sidecar.notifiers.resource }}
+      {{- if .Values.sidecar.enableUniqueFilenames }}
+      - name: UNIQUE_FILENAMES
+        value: "{{ .Values.sidecar.enableUniqueFilenames }}"
+      {{- end }}
+      {{- with .Values.sidecar.notifiers.searchNamespace }}
+      - name: NAMESPACE
+        value: "{{ tpl (. | join ",") $root }}"
+      {{- end }}
+      {{- with .Values.sidecar.skipTlsVerify }}
+      - name: SKIP_TLS_VERIFY
+        value: "{{ . }}"
+      {{- end }}
+      {{- if .Values.sidecar.notifiers.script }}
+      - name: SCRIPT
+        value: "{{ .Values.sidecar.notifiers.script }}"
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_USERNAME
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.userKey | default "admin-user" }}
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_PASSWORD
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.passwordKey | default "admin-password" }}
+      {{- end }}
+      {{- if not .Values.sidecar.notifiers.skipReload }}
+      - name: REQ_URL
+        value: {{ .Values.sidecar.notifiers.reloadURL }}
+      - name: REQ_METHOD
+        value: POST
+      {{- end }}
+      {{- if .Values.sidecar.notifiers.watchServerTimeout }}
+      {{- if ne .Values.sidecar.notifiers.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.notifiers.watchServerTimeout with .Values.sidecar.notifiers.watchMethod %s" .Values.sidecar.notifiers.watchMethod) }}
+      {{- end }}
+      - name: WATCH_SERVER_TIMEOUT
+        value: "{{ .Values.sidecar.notifiers.watchServerTimeout }}"
+      {{- end }}
+      {{- if .Values.sidecar.notifiers.watchClientTimeout }}
+      {{- if ne .Values.sidecar.notifiers.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.notifiers.watchClientTimeout with .Values.sidecar.notifiers.watchMethod %s" .Values.sidecar.notifiers.watchMethod) }}
+      {{- end }}
+      - name: WATCH_CLIENT_TIMEOUT
+        value: "{{ .Values.sidecar.notifiers.watchClientTimeout }}"
+      {{- end }}
+    {{- with .Values.sidecar.livenessProbe }}
+    livenessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.readinessProbe }}
+    readinessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: sc-notifiers-volume
+        mountPath: "/etc/grafana/provisioning/notifiers"
+{{- end}}
+{{- if .Values.sidecar.plugins.enabled }}
+  - name: {{ include "grafana.name" . }}-sc-plugins
+    {{- $registry := include "system_default_registry" . | default .Values.sidecar.image.registry -}}
+    {{- if .Values.sidecar.image.sha }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}@sha256:{{ .Values.sidecar.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.sidecar.image.repository }}:{{ .Values.sidecar.image.tag }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
+    env:
+      {{- range $key, $value := .Values.sidecar.plugins.env }}
+      - name: "{{ $key }}"
+        value: "{{ $value }}"
+      {{- end }}
+      {{- if .Values.sidecar.plugins.ignoreAlreadyProcessed }}
+      - name: IGNORE_ALREADY_PROCESSED
+        value: "true"
+      {{- end }}
+      - name: METHOD
+        value: {{ .Values.sidecar.plugins.watchMethod }}
+      - name: LABEL
+        value: "{{ .Values.sidecar.plugins.label }}"
+      {{- if .Values.sidecar.plugins.labelValue }}
+      - name: LABEL_VALUE
+        value: {{ quote .Values.sidecar.plugins.labelValue }}
+      {{- end }}
+      {{- if or .Values.sidecar.logLevel .Values.sidecar.plugins.logLevel }}
+      - name: LOG_LEVEL
+        value: {{ default .Values.sidecar.logLevel .Values.sidecar.plugins.logLevel }}
+      {{- end }}
+      - name: FOLDER
+        value: "/etc/grafana/provisioning/plugins"
+      - name: RESOURCE
+        value: {{ quote .Values.sidecar.plugins.resource }}
+      {{- with .Values.sidecar.enableUniqueFilenames }}
+      - name: UNIQUE_FILENAMES
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.plugins.searchNamespace }}
+      - name: NAMESPACE
+        value: "{{ tpl (. | join ",") $root }}"
+      {{- end }}
+      {{- with .Values.sidecar.plugins.script }}
+      - name: SCRIPT
+        value: "{{ . }}"
+      {{- end }}
+      {{- with .Values.sidecar.skipTlsVerify }}
+      - name: SKIP_TLS_VERIFY
+        value: "{{ . }}"
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_USERNAME
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.userKey | default "admin-user" }}
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: REQ_PASSWORD
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.passwordKey | default "admin-password" }}
+      {{- end }}
+      {{- if not .Values.sidecar.plugins.skipReload }}
+      - name: REQ_URL
+        value: {{ .Values.sidecar.plugins.reloadURL }}
+      - name: REQ_METHOD
+        value: POST
+      {{- end }}
+      {{- if .Values.sidecar.plugins.watchServerTimeout }}
+      {{- if ne .Values.sidecar.plugins.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.plugins.watchServerTimeout with .Values.sidecar.plugins.watchMethod %s" .Values.sidecar.plugins.watchMethod) }}
+      {{- end }}
+      - name: WATCH_SERVER_TIMEOUT
+        value: "{{ .Values.sidecar.plugins.watchServerTimeout }}"
+      {{- end }}
+      {{- if .Values.sidecar.plugins.watchClientTimeout }}
+      {{- if ne .Values.sidecar.plugins.watchMethod "WATCH" }}
+        {{- fail (printf "Cannot use .Values.sidecar.plugins.watchClientTimeout with .Values.sidecar.plugins.watchMethod %s" .Values.sidecar.plugins.watchMethod) }}
+      {{- end }}
+      - name: WATCH_CLIENT_TIMEOUT
+        value: "{{ .Values.sidecar.plugins.watchClientTimeout }}"
+      {{- end }}
+    {{- with .Values.sidecar.livenessProbe }}
+    livenessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.readinessProbe }}
+    readinessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.sidecar.securityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: sc-plugins-volume
+        mountPath: "/etc/grafana/provisioning/plugins"
+{{- end}}
+  - name: {{ .Chart.Name }}
+    {{- $registry := include "system_default_registry" . | default .Values.image.registry -}}
+    {{- if .Values.image.sha }}
+    image: "{{ $registry }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}@sha256:{{ .Values.image.sha }}"
+    {{- else }}
+    image: "{{ $registry }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+    {{- end }}
+    imagePullPolicy: {{ .Values.image.pullPolicy }}
+    {{- if .Values.command }}
+    command:
+    {{- range .Values.command }}
+      - {{ . | quote }}
+    {{- end }}
+    {{- end }}
+    {{- if .Values.args }}
+    args:
+    {{- range .Values.args }}
+      - {{ . | quote }}
+    {{- end }}
+    {{- end }}
+    {{- with .Values.containerSecurityContext }}
+    securityContext:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    volumeMounts:
+      - name: config
+        mountPath: "/etc/grafana/grafana.ini"
+        subPath: grafana.ini
+      {{- if .Values.ldap.enabled }}
+      - name: ldap
+        mountPath: "/etc/grafana/ldap.toml"
+        subPath: ldap.toml
+      {{- end }}
+      {{- range .Values.extraConfigmapMounts }}
+      - name: {{ tpl .name $root }}
+        mountPath: {{ tpl .mountPath $root }}
+        subPath: {{ tpl (.subPath | default "") $root }}
+        readOnly: {{ .readOnly }}
+      {{- end }}
+      - name: storage
+        mountPath: "/var/lib/grafana"
+        {{- with .Values.persistence.subPath }}
+        subPath: {{ tpl . $root }}
+        {{- end }}
+      {{- with .Values.dashboards }}
+      {{- range $provider, $dashboards := . }}
+      {{- range $key, $value := $dashboards }}
+      {{- if (or (hasKey $value "json") (hasKey $value "file")) }}
+      - name: dashboards-{{ $provider }}
+        mountPath: "/var/lib/grafana/dashboards/{{ $provider }}/{{ $key }}.json"
+        subPath: "{{ $key }}.json"
+      {{- end }}
+      {{- end }}
+      {{- end }}
+      {{- end }}
+      {{- with .Values.dashboardsConfigMaps }}
+      {{- range (keys . | sortAlpha) }}
+      - name: dashboards-{{ . }}
+        mountPath: "/var/lib/grafana/dashboards/{{ . }}"
+      {{- end }}
+      {{- end }}
+      {{- with .Values.datasources }}
+      {{- $datasources := . }}
+      {{- range (keys . | sortAlpha) }}
+      {{- if (or (hasKey (index $datasources .) "secret")) }} {{/*check if current datasource should be handeled as secret */}}
+      - name: config-secret
+        mountPath: "/etc/grafana/provisioning/datasources/{{ . }}"
+        subPath: {{ . | quote }}
+      {{- else }}
+      - name: config
+        mountPath: "/etc/grafana/provisioning/datasources/{{ . }}"
+        subPath: {{ . | quote }}
+      {{- end }}
+      {{- end }}
+      {{- end }}
+      {{- with .Values.notifiers }}
+      {{- $notifiers := . }}
+      {{- range (keys . | sortAlpha) }}
+      {{- if (or (hasKey (index $notifiers .) "secret")) }} {{/*check if current notifier should be handeled as secret */}}
+      - name: config-secret
+        mountPath: "/etc/grafana/provisioning/notifiers/{{ . }}"
+        subPath: {{ . | quote }}
+      {{- else }}
+      - name: config
+        mountPath: "/etc/grafana/provisioning/notifiers/{{ . }}"
+        subPath: {{ . | quote }}
+      {{- end }}
+      {{- end }}
+      {{- end }}
+      {{- with .Values.alerting }}
+      {{- $alertingmap := .}}
+      {{- range (keys . | sortAlpha) }}
+      {{- if (or (hasKey (index $.Values.alerting .) "secret") (hasKey (index $.Values.alerting .) "secretFile")) }} {{/*check if current alerting entry should be handeled as secret */}}
+      - name: config-secret
+        mountPath: "/etc/grafana/provisioning/alerting/{{ . }}"
+        subPath: {{ . | quote }}
+      {{- else }}
+      - name: config
+        mountPath: "/etc/grafana/provisioning/alerting/{{ . }}"
+        subPath: {{ . | quote }}
+      {{- end }}
+      {{- end }}
+      {{- end }}
+      {{- with .Values.dashboardProviders }}
+      {{- range (keys . | sortAlpha) }}
+      - name: config
+        mountPath: "/etc/grafana/provisioning/dashboards/{{ . }}"
+        subPath: {{ . | quote }}
+      {{- end }}
+      {{- end }}
+      {{- with .Values.sidecar.alerts.enabled }}
+      - name: sc-alerts-volume
+        mountPath: "/etc/grafana/provisioning/alerting"
+      {{- end}}
+      {{- if .Values.sidecar.dashboards.enabled }}
+      - name: sc-dashboard-volume
+        mountPath: {{ .Values.sidecar.dashboards.folder | quote }}
+      {{- if .Values.sidecar.dashboards.SCProvider }}
+      - name: sc-dashboard-provider
+        mountPath: "/etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml"
+        subPath: provider.yaml
+      {{- end}}
+      {{- end}}
+      {{- if .Values.sidecar.datasources.enabled }}
+      - name: sc-datasources-volume
+        mountPath: "/etc/grafana/provisioning/datasources"
+      {{- end}}
+      {{- if .Values.sidecar.plugins.enabled }}
+      - name: sc-plugins-volume
+        mountPath: "/etc/grafana/provisioning/plugins"
+      {{- end}}
+      {{- if .Values.sidecar.notifiers.enabled }}
+      - name: sc-notifiers-volume
+        mountPath: "/etc/grafana/provisioning/notifiers"
+      {{- end}}
+      {{- range .Values.extraSecretMounts }}
+      - name: {{ .name }}
+        mountPath: {{ .mountPath }}
+        readOnly: {{ .readOnly }}
+        subPath: {{ .subPath | default "" }}
+      {{- end }}
+      {{- range .Values.extraVolumeMounts }}
+      - name: {{ .name }}
+        mountPath: {{ .mountPath }}
+        subPath: {{ .subPath | default "" }}
+        readOnly: {{ .readOnly }}
+      {{- end }}
+      {{- range .Values.extraEmptyDirMounts }}
+      - name: {{ .name }}
+        mountPath: {{ .mountPath }}
+      {{- end }}
+    ports:
+      - name: {{ .Values.podPortName }}
+        containerPort: {{ .Values.service.targetPort }}
+        protocol: TCP
+      - name: {{ .Values.gossipPortName }}-tcp
+        containerPort: 9094
+        protocol: TCP
+      - name: {{ .Values.gossipPortName }}-udp
+        containerPort: 9094
+        protocol: UDP
+    env:
+      - name: POD_IP
+        valueFrom:
+          fieldRef:
+            fieldPath: status.podIP
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_USER) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: GF_SECURITY_ADMIN_USER
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.userKey | default "admin-user" }}
+      {{- end }}
+      {{- if and (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+      - name: GF_SECURITY_ADMIN_PASSWORD
+        valueFrom:
+          secretKeyRef:
+            name: {{ (tpl .Values.admin.existingSecret .) | default (include "grafana.fullname" .) }}
+            key: {{ .Values.admin.passwordKey | default "admin-password" }}
+      {{- end }}
+      {{- if .Values.plugins }}
+      - name: GF_INSTALL_PLUGINS
+        valueFrom:
+          configMapKeyRef:
+            name: {{ include "grafana.fullname" . }}
+            key: plugins
+      {{- end }}
+      {{- if .Values.smtp.existingSecret }}
+      - name: GF_SMTP_USER
+        valueFrom:
+          secretKeyRef:
+            name: {{ .Values.smtp.existingSecret }}
+            key: {{ .Values.smtp.userKey | default "user" }}
+      - name: GF_SMTP_PASSWORD
+        valueFrom:
+          secretKeyRef:
+            name: {{ .Values.smtp.existingSecret }}
+            key: {{ .Values.smtp.passwordKey | default "password" }}
+      {{- end }}
+      {{- if .Values.imageRenderer.enabled }}
+      - name: GF_RENDERING_SERVER_URL
+        value: http://{{ include "grafana.fullname" . }}-image-renderer.{{ include "grafana.namespace" . }}:{{ .Values.imageRenderer.service.port }}/render
+      - name: GF_RENDERING_CALLBACK_URL
+        value: {{ .Values.imageRenderer.grafanaProtocol }}://{{ include "grafana.fullname" . }}.{{ include "grafana.namespace" . }}:{{ .Values.service.port }}/{{ .Values.imageRenderer.grafanaSubPath }}
+      {{- end }}
+      - name: GF_PATHS_DATA
+        value: {{ (get .Values "grafana.ini").paths.data }}
+      - name: GF_PATHS_LOGS
+        value: {{ (get .Values "grafana.ini").paths.logs }}
+      - name: GF_PATHS_PLUGINS
+        value: {{ (get .Values "grafana.ini").paths.plugins }}
+      - name: GF_PATHS_PROVISIONING
+        value: {{ (get .Values "grafana.ini").paths.provisioning }}
+      {{- range $key, $value := .Values.envValueFrom }}
+      - name: {{ $key | quote }}
+        valueFrom:
+          {{- tpl (toYaml $value) $ | nindent 10 }}
+      {{- end }}
+      {{- range $key, $value := .Values.env }}
+      - name: "{{ tpl $key $ }}"
+        value: "{{ tpl (print $value) $ }}"
+      {{- end }}
+    {{- if or .Values.envFromSecret (or .Values.envRenderSecret .Values.envFromSecrets) .Values.envFromConfigMaps }}
+    envFrom:
+      {{- if .Values.envFromSecret }}
+      - secretRef:
+          name: {{ tpl .Values.envFromSecret . }}
+      {{- end }}
+      {{- if .Values.envRenderSecret }}
+      - secretRef:
+          name: {{ include "grafana.fullname" . }}-env
+      {{- end }}
+      {{- range .Values.envFromSecrets }}
+      - secretRef:
+          name: {{ tpl .name $ }}
+          optional: {{ .optional | default false }}
+        {{- if .prefix }}
+        prefix: {{ tpl .prefix $ }}
+        {{- end }}
+      {{- end }}
+      {{- range .Values.envFromConfigMaps }}
+      - configMapRef:
+          name: {{ tpl .name $ }}
+          optional: {{ .optional | default false }}
+        {{- if .prefix }}
+        prefix: {{ tpl .prefix $ }}
+        {{- end }}
+      {{- end }}
+    {{- end }}
+    {{- with .Values.livenessProbe }}
+    livenessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.readinessProbe }}
+    readinessProbe:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.lifecycleHooks }}
+    lifecycle:
+      {{- tpl (toYaml .) $root | nindent 6 }}
+    {{- end }}
+    {{- with .Values.resources }}
+    resources:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+{{- with .Values.extraContainers }}
+  {{- tpl . $ | nindent 2 }}
+{{- end }}
+nodeSelector: {{ include "linux-node-selector" . | nindent 2 }}
+{{- with .Values.nodeSelector }}
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.affinity }}
+affinity:
+  {{- tpl (toYaml .) $root | nindent 2 }}
+{{- end }}
+{{- with .Values.topologySpreadConstraints }}
+topologySpreadConstraints:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+tolerations: {{ include "linux-node-tolerations" . | nindent 2 }}
+{{- with .Values.tolerations }}
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+volumes:
+  - name: config
+    configMap:
+      name: {{ include "grafana.fullname" . }}
+  {{- $createConfigSecret := eq (include "grafana.shouldCreateConfigSecret" .) "true" -}}
+  {{- if and .Values.createConfigmap $createConfigSecret }}
+  - name: config-secret
+    secret:
+      secretName: {{ include "grafana.fullname" . }}-config-secret
+  {{- end }}
+  {{- range .Values.extraConfigmapMounts }}
+  - name: {{ tpl .name $root }}
+    configMap:
+      name: {{ tpl .configMap $root }}
+      {{- with .items }}
+      items:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+  {{- end }}
+  {{- if .Values.dashboards }}
+  {{- range (keys .Values.dashboards | sortAlpha) }}
+  - name: dashboards-{{ . }}
+    configMap:
+      name: {{ include "grafana.fullname" $ }}-dashboards-{{ . }}
+  {{- end }}
+  {{- end }}
+  {{- if .Values.dashboardsConfigMaps }}
+  {{- range $provider, $name := .Values.dashboardsConfigMaps }}
+  - name: dashboards-{{ $provider }}
+    configMap:
+      name: {{ tpl $name $root }}
+  {{- end }}
+  {{- end }}
+  {{- if .Values.ldap.enabled }}
+  - name: ldap
+    secret:
+      {{- if .Values.ldap.existingSecret }}
+      secretName: {{ .Values.ldap.existingSecret }}
+      {{- else }}
+      secretName: {{ include "grafana.fullname" . }}
+      {{- end }}
+      items:
+        - key: ldap-toml
+          path: ldap.toml
+  {{- end }}
+  {{- if and .Values.persistence.enabled (eq .Values.persistence.type "pvc") }}
+  - name: storage
+    persistentVolumeClaim:
+      claimName: {{ tpl (.Values.persistence.existingClaim | default (include "grafana.fullname" .)) . }}
+  {{- else if and .Values.persistence.enabled (has .Values.persistence.type $sts) }}
+  {{/* nothing */}}
+  {{- else }}
+  - name: storage
+    {{- if .Values.persistence.inMemory.enabled }}
+    emptyDir:
+      medium: Memory
+      {{- with .Values.persistence.inMemory.sizeLimit }}
+      sizeLimit: {{ . }}
+      {{- end }}
+    {{- else }}
+    emptyDir: {}
+    {{- end }}
+  {{- end }}
+  {{- if .Values.sidecar.alerts.enabled }}
+  - name: sc-alerts-volume
+    emptyDir:
+      {{- with .Values.sidecar.alerts.sizeLimit }}
+      sizeLimit: {{ . }}
+      {{- else }}
+      {}
+      {{- end }}
+  {{- end }}
+  {{- if .Values.sidecar.dashboards.enabled }}
+  - name: sc-dashboard-volume
+    emptyDir:
+      {{- with .Values.sidecar.dashboards.sizeLimit }}
+      sizeLimit: {{ . }}
+      {{- else }}
+      {}
+      {{- end }}
+  {{- if .Values.sidecar.dashboards.SCProvider }}
+  - name: sc-dashboard-provider
+    configMap:
+      name: {{ include "grafana.fullname" . }}-config-dashboards
+  {{- end }}
+  {{- end }}
+  {{- if .Values.sidecar.datasources.enabled }}
+  - name: sc-datasources-volume
+    emptyDir:
+      {{- with .Values.sidecar.datasources.sizeLimit }}
+      sizeLimit: {{ . }}
+      {{- else }}
+      {}
+      {{- end }}
+  {{- end }}
+  {{- if .Values.sidecar.plugins.enabled }}
+  - name: sc-plugins-volume
+    emptyDir:
+      {{- with .Values.sidecar.plugins.sizeLimit }}
+      sizeLimit: {{ . }}
+      {{- else }}
+      {}
+      {{- end }}
+  {{- end }}
+  {{- if .Values.sidecar.notifiers.enabled }}
+  - name: sc-notifiers-volume
+    emptyDir:
+      {{- with .Values.sidecar.notifiers.sizeLimit }}
+      sizeLimit: {{ . }}
+      {{- else }}
+      {}
+      {{- end }}
+  {{- end }}
+  {{- range .Values.extraSecretMounts }}
+  {{- if .secretName }}
+  - name: {{ .name }}
+    secret:
+      secretName: {{ .secretName }}
+      defaultMode: {{ .defaultMode }}
+      {{- with .items }}
+      items:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+  {{- else if .projected }}
+  - name: {{ .name }}
+    projected:
+      {{- toYaml .projected | nindent 6 }}
+  {{- else if .csi }}
+  - name: {{ .name }}
+    csi:
+      {{- toYaml .csi | nindent 6 }}
+  {{- end }}
+  {{- end }}
+  {{- range .Values.extraVolumes }}
+  - name: {{ .name }}
+    {{- if .existingClaim }}
+    persistentVolumeClaim:
+      claimName: {{ .existingClaim }}
+    {{- else if .hostPath }}
+    hostPath:
+      {{ toYaml .hostPath | nindent 6 }}
+    {{- else if .csi }}
+    csi:
+      {{- toYaml .csi | nindent 6 }}
+    {{- else if .configMap }}
+    configMap:
+      {{- toYaml .configMap | nindent 6 }}
+    {{- else if .emptyDir }}
+    emptyDir:
+      {{- toYaml .emptyDir | nindent 6 }}
+    {{- else }}
+    emptyDir: {}
+    {{- end }}
+  {{- end }}
+  {{- range .Values.extraEmptyDirMounts }}
+  - name: {{ .name }}
+    emptyDir: {}
+  {{- end }}
+  {{- with .Values.extraContainerVolumes }}
+  {{- tpl (toYaml .) $root | nindent 2 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/clusterrole.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/clusterrole.yaml
new file mode 100644
index 0000000000..3af4b62b63
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/clusterrole.yaml
@@ -0,0 +1,25 @@
+{{- if and .Values.rbac.create (or (not .Values.rbac.namespaced) .Values.rbac.extraClusterRoleRules) (not .Values.rbac.useExistingClusterRole) }}
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  name: {{ include "grafana.fullname" . }}-clusterrole
+{{- if or .Values.sidecar.dashboards.enabled .Values.rbac.extraClusterRoleRules .Values.sidecar.datasources.enabled .Values.sidecar.plugins.enabled .Values.sidecar.alerts.enabled }}
+rules:
+  {{- if or .Values.sidecar.dashboards.enabled .Values.sidecar.datasources.enabled .Values.sidecar.plugins.enabled .Values.sidecar.alerts.enabled }}
+  - apiGroups: [""] # "" indicates the core API group
+    resources: ["configmaps", "secrets"]
+    verbs: ["get", "watch", "list"]
+  {{- end}}
+  {{- with .Values.rbac.extraClusterRoleRules }}
+  {{- toYaml . | nindent 2 }}
+  {{- end}}
+{{- else }}
+rules: []
+{{- end}}
+{{- end}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/clusterrolebinding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000000..bda9431a2c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/clusterrolebinding.yaml
@@ -0,0 +1,24 @@
+{{- if and .Values.rbac.create (or (not .Values.rbac.namespaced) .Values.rbac.extraClusterRoleRules) }}
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ include "grafana.fullname" . }}-clusterrolebinding
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "grafana.serviceAccountName" . }}
+    namespace: {{ include "grafana.namespace" . }}
+roleRef:
+  kind: ClusterRole
+  {{- if .Values.rbac.useExistingClusterRole }}
+  name: {{ .Values.rbac.useExistingClusterRole }}
+  {{- else }}
+  name: {{ include "grafana.fullname" . }}-clusterrole
+  {{- end }}
+  apiGroup: rbac.authorization.k8s.io
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/configSecret.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/configSecret.yaml
new file mode 100644
index 0000000000..55574b9bbc
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/configSecret.yaml
@@ -0,0 +1,43 @@
+{{- $createConfigSecret := eq (include "grafana.shouldCreateConfigSecret" .) "true" -}}
+{{- if and .Values.createConfigmap $createConfigSecret }}
+{{- $files := .Files }}
+{{- $root := . -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: "{{ include "grafana.fullname" . }}-config-secret"
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+      {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+data:
+{{- range $key, $value := .Values.alerting }}
+  {{- if (hasKey $value "secretFile") }}
+  {{- $key | nindent 2 }}:
+    {{- toYaml ( $files.Get $value.secretFile ) | b64enc | nindent 4}}
+  {{/* as of https://helm.sh/docs/chart_template_guide/accessing_files/ this will only work if you fork this chart and add files to it*/}}
+  {{- end }}
+{{- end }}
+stringData:
+{{- range $key, $value := .Values.datasources }}
+{{- if (hasKey $value "secret") }}
+{{- $key | nindent 2 }}: |
+  {{- tpl (toYaml $value.secret | nindent 4) $root }}
+{{- end }}
+{{- end }}
+{{- range $key, $value := .Values.notifiers }}
+{{- if (hasKey $value "secret") }}
+{{- $key | nindent 2 }}: |
+  {{- tpl (toYaml $value.secret | nindent 4) $root }}
+{{- end }}
+{{- end }}
+{{- range $key, $value := .Values.alerting }}
+{{ if (hasKey $value "secret") }}
+  {{- $key | nindent 2 }}: |
+    {{- tpl (toYaml $value.secret | nindent 4) $root }}
+  {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/configmap-dashboard-provider.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/configmap-dashboard-provider.yaml
new file mode 100644
index 0000000000..b412c4d1f0
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/configmap-dashboard-provider.yaml
@@ -0,0 +1,15 @@
+{{- if and .Values.sidecar.dashboards.enabled .Values.sidecar.dashboards.SCProvider }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  name: {{ include "grafana.fullname" . }}-config-dashboards
+  namespace: {{ include "grafana.namespace" . }}
+data:
+  {{- include "grafana.configDashboardProviderData" . | nindent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/configmap.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/configmap.yaml
new file mode 100644
index 0000000000..7d7428be51
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/configmap.yaml
@@ -0,0 +1,15 @@
+{{- if .Values.createConfigmap }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+data:
+  {{- include "grafana.configData" . | nindent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/dashboards-json-configmap.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/dashboards-json-configmap.yaml
new file mode 100644
index 0000000000..b96ce72026
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/dashboards-json-configmap.yaml
@@ -0,0 +1,38 @@
+{{- if .Values.dashboards }}
+{{ $files := .Files }}
+{{- range $provider, $dashboards := .Values.dashboards }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "grafana.fullname" $ }}-dashboards-{{ $provider }}
+  namespace: {{ include "grafana.namespace" $ }}
+  labels:
+    {{- include "grafana.labels" $ | nindent 4 }}
+    dashboard-provider: {{ $provider }}
+    {{- if $.Values.sidecar.dashboards.enabled }}
+    {{ $.Values.sidecar.dashboards.label }}: {{ $.Values.sidecar.dashboards.labelValue | quote }}
+    {{- end }}
+{{- if $dashboards }}
+data:
+{{- $dashboardFound := false }}
+{{- range $key, $value := $dashboards }}
+{{- if (or (hasKey $value "json") (hasKey $value "file")) }}
+{{- $dashboardFound = true }}
+  {{- print $key | nindent 2 }}.json:
+    {{- if hasKey $value "json" }}
+    |-
+      {{- $value.json | nindent 6 }}
+    {{- end }}
+    {{- if hasKey $value "file" }}
+    {{- toYaml ( $files.Get $value.file ) | nindent 4}}
+    {{- end }}
+{{- end }}
+{{- end }}
+{{- if not $dashboardFound }}
+  {}
+{{- end }}
+{{- end }}
+---
+{{- end }}
+
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/deployment.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/deployment.yaml
new file mode 100644
index 0000000000..46c016faa3
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/deployment.yaml
@@ -0,0 +1,53 @@
+{{- if (and (not .Values.useStatefulSet) (or (not .Values.persistence.enabled) (eq .Values.persistence.type "pvc"))) }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+    {{- with .Values.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if and (not .Values.autoscaling.enabled) (.Values.replicas) }}
+  replicas: {{ .Values.replicas }}
+  {{- end }}
+  revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
+  selector:
+    matchLabels:
+      {{- include "grafana.selectorLabels" . | nindent 6 }}
+  {{- with .Values.deploymentStrategy }}
+  strategy:
+    {{- toYaml . | trim | nindent 4 }}
+  {{- end }}
+  template:
+    metadata:
+      labels:
+        {{- include "grafana.selectorLabels" . | nindent 8 }}
+        {{- with .Values.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+      annotations:
+        checksum/config: {{ include "grafana.configData" . | sha256sum }}
+        {{- if .Values.dashboards }}
+        checksum/dashboards-json-config: {{ include (print $.Template.BasePath "/dashboards-json-configmap.yaml") . | sha256sum }}
+        {{- end }}
+        checksum/sc-dashboard-provider-config: {{ include "grafana.configDashboardProviderData" . | sha256sum }}
+        {{- if and (or (and (not .Values.admin.existingSecret) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD)) (and .Values.ldap.enabled (not .Values.ldap.existingSecret))) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+        checksum/secret: {{ include "grafana.secretsData" . | sha256sum }}
+        {{- end }}
+        {{- if .Values.envRenderSecret }}
+        checksum/secret-env: {{ tpl (toYaml .Values.envRenderSecret) . | sha256sum }}
+        {{- end }}
+        kubectl.kubernetes.io/default-container: {{ .Chart.Name }}
+        {{- with .Values.podAnnotations }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- include "grafana.pod" . | nindent 6 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/extra-manifests.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/extra-manifests.yaml
new file mode 100644
index 0000000000..a9bb3b6ba8
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/extra-manifests.yaml
@@ -0,0 +1,4 @@
+{{ range .Values.extraObjects }}
+---
+{{ tpl (toYaml .) $ }}
+{{ end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/headless-service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/headless-service.yaml
new file mode 100644
index 0000000000..3028589d32
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/headless-service.yaml
@@ -0,0 +1,22 @@
+{{- $sts := list "sts" "StatefulSet" "statefulset" -}}
+{{- if or .Values.headlessService (and .Values.persistence.enabled (not .Values.persistence.existingClaim) (has .Values.persistence.type $sts)) }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "grafana.fullname" . }}-headless
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  clusterIP: None
+  selector:
+    {{- include "grafana.selectorLabels" . | nindent 4 }}
+  type: ClusterIP
+  ports:
+  - name: {{ .Values.gossipPortName }}-tcp
+    port: 9094
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/hpa.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/hpa.yaml
new file mode 100644
index 0000000000..46bbcb49a2
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/hpa.yaml
@@ -0,0 +1,52 @@
+{{- $sts := list "sts" "StatefulSet" "statefulset" -}}
+{{- if .Values.autoscaling.enabled }}
+apiVersion: {{ include "grafana.hpa.apiVersion" . }}
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "grafana.name" . }}
+    helm.sh/chart: {{ include "grafana.chart" . }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    {{- if has .Values.persistence.type $sts }}
+    kind: StatefulSet
+    {{- else }}
+    kind: Deployment
+    {{- end }}
+    name: {{ include "grafana.fullname" . }}
+  minReplicas: {{ .Values.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.autoscaling.targetMemory }}
+    - type: Resource
+      resource:
+        name: memory
+        {{- if eq (include "grafana.hpa.apiVersion" .) "autoscaling/v2beta1" }}
+        targetAverageUtilization: {{ .Values.autoscaling.targetMemory }}
+        {{- else }}
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.autoscaling.targetMemory }}
+        {{- end }}
+    {{- end }}
+    {{- if .Values.autoscaling.targetCPU }}
+    - type: Resource
+      resource:
+        name: cpu
+        {{- if eq (include "grafana.hpa.apiVersion" .) "autoscaling/v2beta1" }}
+        targetAverageUtilization: {{ .Values.autoscaling.targetCPU }}
+        {{- else }}
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.autoscaling.targetCPU }}
+        {{- end }}
+    {{- end }}
+  {{- if .Values.autoscaling.behavior }}
+  behavior: {{ toYaml .Values.autoscaling.behavior | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-deployment.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-deployment.yaml
new file mode 100644
index 0000000000..28231b803e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-deployment.yaml
@@ -0,0 +1,131 @@
+{{ if .Values.imageRenderer.enabled }}
+{{- $root := . -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "grafana.fullname" . }}-image-renderer
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.imageRenderer.labels" . | nindent 4 }}
+    {{- with .Values.imageRenderer.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.imageRenderer.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if and (not .Values.imageRenderer.autoscaling.enabled) (.Values.imageRenderer.replicas) }}
+  replicas: {{ .Values.imageRenderer.replicas }}
+  {{- end }}
+  revisionHistoryLimit: {{ .Values.imageRenderer.revisionHistoryLimit }}
+  selector:
+    matchLabels:
+      {{- include "grafana.imageRenderer.selectorLabels" . | nindent 6 }}
+
+  {{- with .Values.imageRenderer.deploymentStrategy }}
+  strategy:
+    {{- toYaml . | trim | nindent 4 }}
+  {{- end }}
+  template:
+    metadata:
+      labels:
+        {{- include "grafana.imageRenderer.selectorLabels" . | nindent 8 }}
+        {{- with .Values.imageRenderer.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+        {{- with .Values.imageRenderer.podAnnotations }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with .Values.imageRenderer.schedulerName }}
+      schedulerName: "{{ . }}"
+      {{- end }}
+      {{- with .Values.imageRenderer.serviceAccountName }}
+      serviceAccountName: "{{ . }}"
+      {{- end }}
+      {{- with .Values.imageRenderer.securityContext }}
+      securityContext:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.imageRenderer.hostAliases }}
+      hostAliases:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.imageRenderer.priorityClassName }}
+      priorityClassName: {{ . }}
+      {{- end }}
+      {{- with .Values.imageRenderer.image.pullSecrets }}
+      imagePullSecrets:
+        {{- range . }}
+        - name: {{ tpl . $root }}
+        {{- end}}
+      {{- end }}
+      containers:
+        - name: {{ .Chart.Name }}-image-renderer
+          {{- $registry := include "system_default_registry" | default .Values.imageRenderer.image.registry -}}
+          {{- if .Values.imageRenderer.image.sha }}
+          image: "{{ $registry }}{{ .Values.imageRenderer.image.repository }}:{{ .Values.imageRenderer.image.tag }}@sha256:{{ .Values.imageRenderer.image.sha }}"
+          {{- else }}
+          image: "{{ $registry }}{{ .Values.imageRenderer.image.repository }}:{{ .Values.imageRenderer.image.tag }}"
+          {{- end }}
+          imagePullPolicy: {{ .Values.imageRenderer.image.pullPolicy }}
+          {{- if .Values.imageRenderer.command }}
+          command:
+            {{- range .Values.imageRenderer.command }}
+            - {{ . }}
+            {{- end }}
+          {{- end}}
+          ports:
+            - name: {{ .Values.imageRenderer.service.portName }}
+              containerPort: {{ .Values.imageRenderer.service.targetPort }}
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /
+              port: {{ .Values.imageRenderer.service.portName }}
+          env:
+            - name: HTTP_PORT
+              value: {{ .Values.imageRenderer.service.targetPort | quote }}
+          {{- if .Values.imageRenderer.serviceMonitor.enabled }}
+            - name: ENABLE_METRICS
+              value: "true"
+          {{- end }}
+          {{- range $key, $value := .Values.imageRenderer.envValueFrom }}
+            - name: {{ $key | quote }}
+              valueFrom:
+                {{- tpl (toYaml $value) $ | nindent 16 }}
+          {{- end }}
+          {{- range $key, $value := .Values.imageRenderer.env }}
+            - name: {{ $key | quote }}
+              value: {{ $value | quote }}
+          {{- end }}
+          {{- with .Values.imageRenderer.containerSecurityContext }}
+          securityContext:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          volumeMounts:
+            - mountPath: /tmp
+              name: image-renderer-tmpfs
+          {{- with .Values.imageRenderer.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+      {{- with .Values.imageRenderer.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.imageRenderer.affinity }}
+      affinity:
+        {{- tpl (toYaml .) $root | nindent 8 }}
+      {{- end }}
+      {{- with .Values.imageRenderer.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      volumes:
+        - name: image-renderer-tmpfs
+          emptyDir: {}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-hpa.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-hpa.yaml
new file mode 100644
index 0000000000..b0f0059b79
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-hpa.yaml
@@ -0,0 +1,47 @@
+{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.autoscaling.enabled }}
+apiVersion: {{ include "grafana.hpa.apiVersion" . }}
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "grafana.fullname" . }}-image-renderer
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    app.kubernetes.io/name: {{ include "grafana.name" . }}-image-renderer
+    helm.sh/chart: {{ include "grafana.chart" . }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "grafana.fullname" . }}-image-renderer
+  minReplicas: {{ .Values.imageRenderer.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.imageRenderer.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.imageRenderer.autoscaling.targetMemory }}
+    - type: Resource
+      resource:
+        name: memory
+        {{- if eq (include "grafana.hpa.apiVersion" .) "autoscaling/v2beta1" }}
+        targetAverageUtilization: {{ .Values.imageRenderer.autoscaling.targetMemory }}
+        {{- else }}
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.imageRenderer.autoscaling.targetMemory }}
+        {{- end }}
+    {{- end }}
+    {{- if .Values.imageRenderer.autoscaling.targetCPU }}
+    - type: Resource
+      resource:
+        name: cpu
+        {{- if eq (include "grafana.hpa.apiVersion" .) "autoscaling/v2beta1" }}
+        targetAverageUtilization: {{ .Values.imageRenderer.autoscaling.targetCPU }}
+        {{- else }}
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.imageRenderer.autoscaling.targetCPU }}
+        {{- end }}
+    {{- end }}
+  {{- if .Values.imageRenderer.autoscaling.behavior }}
+  behavior: {{ toYaml .Values.imageRenderer.autoscaling.behavior | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-network-policy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-network-policy.yaml
new file mode 100644
index 0000000000..d1a0eb313d
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-network-policy.yaml
@@ -0,0 +1,79 @@
+{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.networkPolicy.limitIngress }}
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: {{ include "grafana.fullname" . }}-image-renderer-ingress
+  namespace: {{ include "grafana.namespace" . }}
+  annotations:
+    comment: Limit image-renderer ingress traffic from grafana
+spec:
+  podSelector:
+    matchLabels:
+      {{- include "grafana.imageRenderer.selectorLabels" . | nindent 6 }}
+      {{- with .Values.imageRenderer.podLabels }}
+      {{- toYaml . | nindent 6 }}
+      {{- end }}
+
+  policyTypes:
+    - Ingress
+  ingress:
+    - ports:
+        - port: {{ .Values.imageRenderer.service.targetPort }}
+          protocol: TCP
+      from:
+        - namespaceSelector:
+            matchLabels:
+              kubernetes.io/metadata.name: {{ include "grafana.namespace" . }}
+          podSelector:
+            matchLabels:
+              {{- include "grafana.selectorLabels" . | nindent 14 }}
+              {{- with .Values.podLabels }}
+              {{- toYaml . | nindent 14 }}
+              {{- end }}
+        {{- with .Values.imageRenderer.networkPolicy.extraIngressSelectors -}}
+        {{ toYaml . | nindent 8 }}
+        {{- end }}
+{{- end }}
+
+{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.networkPolicy.limitEgress }}
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: {{ include "grafana.fullname" . }}-image-renderer-egress
+  namespace: {{ include "grafana.namespace" . }}
+  annotations:
+    comment: Limit image-renderer egress traffic to grafana
+spec:
+  podSelector:
+    matchLabels:
+      {{- include "grafana.imageRenderer.selectorLabels" . | nindent 6 }}
+      {{- with .Values.imageRenderer.podLabels }}
+      {{- toYaml . | nindent 6 }}
+      {{- end }}
+
+  policyTypes:
+    - Egress
+  egress:
+    # allow dns resolution
+    - ports:
+        - port: 53
+          protocol: UDP
+        - port: 53
+          protocol: TCP
+    # talk only to grafana
+    - ports:
+        - port: {{ .Values.service.targetPort }}
+          protocol: TCP
+      to:
+        - namespaceSelector:
+            matchLabels:
+              name: {{ include "grafana.namespace" . }}
+          podSelector:
+            matchLabels:
+              {{- include "grafana.selectorLabels" . | nindent 14 }}
+              {{- with .Values.podLabels }}
+              {{- toYaml . | nindent 14 }}
+              {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-service.yaml
new file mode 100644
index 0000000000..f8da127cf8
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-service.yaml
@@ -0,0 +1,31 @@
+{{- if and .Values.imageRenderer.enabled .Values.imageRenderer.service.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "grafana.fullname" . }}-image-renderer
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.imageRenderer.labels" . | nindent 4 }}
+    {{- with .Values.imageRenderer.service.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.imageRenderer.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  type: ClusterIP
+  {{- with .Values.imageRenderer.service.clusterIP }}
+  clusterIP: {{ . }}
+  {{- end }}
+  ports:
+    - name: {{ .Values.imageRenderer.service.portName }}
+      port: {{ .Values.imageRenderer.service.port }}
+      protocol: TCP
+      targetPort: {{ .Values.imageRenderer.service.targetPort }}
+      {{- with .Values.imageRenderer.appProtocol }}
+      appProtocol: {{ . }}
+      {{- end }}
+  selector:
+    {{- include "grafana.imageRenderer.selectorLabels" . | nindent 4 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-servicemonitor.yaml
new file mode 100644
index 0000000000..5d9f09d266
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/image-renderer-servicemonitor.yaml
@@ -0,0 +1,48 @@
+{{- if .Values.imageRenderer.serviceMonitor.enabled }}
+---
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ include "grafana.fullname" . }}-image-renderer
+  {{- if .Values.imageRenderer.serviceMonitor.namespace }}
+  namespace: {{ tpl .Values.imageRenderer.serviceMonitor.namespace . }}
+  {{- else }}
+  namespace: {{ include "grafana.namespace" . }}
+  {{- end }}
+  labels:
+    {{- include "grafana.imageRenderer.labels" . | nindent 4 }}
+    {{- with .Values.imageRenderer.serviceMonitor.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  endpoints:
+  - port: {{ .Values.imageRenderer.service.portName }}
+    {{- with .Values.imageRenderer.serviceMonitor.interval }}
+    interval: {{ . }}
+    {{- end }}
+    {{- with .Values.imageRenderer.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ . }}
+    {{- end }}
+    honorLabels: true
+    path: {{ .Values.imageRenderer.serviceMonitor.path }}
+    scheme: {{ .Values.imageRenderer.serviceMonitor.scheme }}
+    {{- with .Values.imageRenderer.serviceMonitor.tlsConfig }}
+    tlsConfig:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- with .Values.imageRenderer.serviceMonitor.relabelings }}
+    relabelings:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+  jobLabel: "{{ .Release.Name }}-image-renderer"
+  selector:
+    matchLabels:
+      {{- include "grafana.imageRenderer.selectorLabels" . | nindent 6 }}
+  namespaceSelector:
+    matchNames:
+      - {{ include "grafana.namespace" . }}
+  {{- with .Values.imageRenderer.serviceMonitor.targetLabels }}
+  targetLabels:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/ingress.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/ingress.yaml
new file mode 100644
index 0000000000..b2ffd81095
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/ingress.yaml
@@ -0,0 +1,78 @@
+{{- if .Values.ingress.enabled -}}
+{{- $ingressApiIsStable := eq (include "grafana.ingress.isStable" .) "true" -}}
+{{- $ingressSupportsIngressClassName := eq (include "grafana.ingress.supportsIngressClassName" .) "true" -}}
+{{- $ingressSupportsPathType := eq (include "grafana.ingress.supportsPathType" .) "true" -}}
+{{- $fullName := include "grafana.fullname" . -}}
+{{- $servicePort := .Values.service.port -}}
+{{- $ingressPath := .Values.ingress.path -}}
+{{- $ingressPathType := .Values.ingress.pathType -}}
+{{- $extraPaths := .Values.ingress.extraPaths -}}
+apiVersion: {{ include "grafana.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+    {{- with .Values.ingress.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- range $key, $value := . }}
+    {{ $key }}: {{ tpl $value $ | quote }}
+    {{- end }}
+  {{- end }}
+spec:
+  {{- if and $ingressSupportsIngressClassName .Values.ingress.ingressClassName }}
+  ingressClassName: {{ .Values.ingress.ingressClassName }}
+  {{- end -}}
+  {{- with .Values.ingress.tls }}
+  tls:
+    {{- tpl (toYaml .) $ | nindent 4 }}
+  {{- end }}
+  rules:
+  {{- if .Values.ingress.hosts  }}
+  {{- range .Values.ingress.hosts }}
+    - host: {{ tpl . $ | quote }}
+      http:
+        paths:
+          {{- with $extraPaths }}
+          {{- toYaml . | nindent 10 }}
+          {{- end }}
+          - path: {{ $ingressPath }}
+            {{- if $ingressSupportsPathType }}
+            pathType: {{ $ingressPathType }}
+            {{- end }}
+            backend:
+              {{- if $ingressApiIsStable }}
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $fullName }}
+              servicePort: {{ $servicePort }}
+              {{- end }}
+  {{- end }}
+  {{- else }}
+    - http:
+        paths:
+          - backend:
+              {{- if $ingressApiIsStable }}
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $fullName }}
+              servicePort: {{ $servicePort }}
+              {{- end }}
+            {{- with $ingressPath }}
+            path: {{ . }}
+            {{- end }}
+            {{- if $ingressSupportsPathType }}
+            pathType: {{ $ingressPathType }}
+            {{- end }}
+  {{- end -}}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/networkpolicy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/networkpolicy.yaml
new file mode 100644
index 0000000000..4cd3ed6976
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/networkpolicy.yaml
@@ -0,0 +1,61 @@
+{{- if .Values.networkPolicy.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+    {{- with .Values.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  policyTypes:
+    {{- if .Values.networkPolicy.ingress }}
+    - Ingress
+    {{- end }}
+    {{- if .Values.networkPolicy.egress.enabled }}
+    - Egress
+    {{- end }}
+  podSelector:
+    matchLabels:
+      {{- include "grafana.selectorLabels" . | nindent 6 }}
+
+  {{- if .Values.networkPolicy.egress.enabled }}
+  egress:
+    {{- if not .Values.networkPolicy.egress.blockDNSResolution }}
+    - ports:
+        - port: 53
+          protocol: UDP
+    {{- end }}
+    - ports:
+        {{ .Values.networkPolicy.egress.ports | toJson }}
+      {{- with .Values.networkPolicy.egress.to }}
+      to:
+        {{- toYaml . | nindent 12 }}
+      {{- end }}
+  {{- end }}
+  {{- if .Values.networkPolicy.ingress }}
+  ingress:
+    - ports:
+      - port: {{ .Values.service.targetPort }}
+      {{- if not .Values.networkPolicy.allowExternal }}
+      from:
+        - podSelector:
+            matchLabels:
+              {{ include "grafana.fullname" . }}-client: "true"
+        {{- with .Values.networkPolicy.explicitNamespacesSelector }}
+        - namespaceSelector:
+            {{- toYaml . | nindent 12 }}
+        {{- end }}
+        - podSelector:
+            matchLabels:
+              {{- include "grafana.labels" . | nindent 14 }}
+              role: read
+      {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/nginx-config.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/nginx-config.yaml
new file mode 100644
index 0000000000..557471f6ff
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/nginx-config.yaml
@@ -0,0 +1,94 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: grafana-nginx-proxy-config
+  namespace: {{ template "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+data:
+  nginx.conf: |-
+    worker_processes      auto;
+    error_log             /dev/stdout warn;
+    pid                   /var/cache/nginx/nginx.pid;
+
+    events {
+       worker_connections 1024;
+    }
+
+    http {
+      include       /etc/nginx/mime.types;
+      log_format    main '[$time_local - $status] $remote_addr - $remote_user $request ($http_referer)';
+
+      proxy_connect_timeout       10;
+      proxy_read_timeout          180;
+      proxy_send_timeout          5;
+      proxy_buffering             off;
+      proxy_cache_path            /var/cache/nginx/cache levels=1:2 keys_zone=my_zone:100m inactive=1d max_size=10g;
+
+      map $http_upgrade $connection_upgrade {
+        default upgrade;
+        '' close;
+      }
+
+      server {
+        listen          8080;
+        access_log      off;
+
+        gzip            on;
+        gzip_min_length 1k;
+        gzip_comp_level 2;
+        gzip_types      text/plain application/javascript application/x-javascript text/css application/xml text/javascript image/jpeg image/gif image/png;
+        gzip_vary       on;
+        gzip_disable    "MSIE [1-6]\.";
+
+        proxy_set_header Host $host;
+
+        location /api/dashboards {
+          proxy_pass     http://localhost:3000;
+        }
+
+        location /api/search {
+          proxy_pass     http://localhost:3000;
+
+          sub_filter_types application/json;
+          sub_filter_once off;
+        }
+
+        location /api/live/ {
+          proxy_http_version 1.1;
+          proxy_set_header Upgrade $http_upgrade;
+          proxy_set_header Connection $connection_upgrade;
+          proxy_set_header Host $http_host;
+          proxy_pass http://localhost:3000;
+        }
+
+        location / {
+          proxy_cache         my_zone;
+          proxy_cache_valid   200 302 1d;
+          proxy_cache_valid   301 30d;
+          proxy_cache_valid   any 5m;
+          proxy_cache_bypass  $http_cache_control;
+          add_header          X-Proxy-Cache $upstream_cache_status;
+          add_header          Cache-Control "public";
+          
+          proxy_pass     http://localhost:3000/;
+
+          sub_filter_once off;
+
+          {{- if eq .Values.global.cattle.clusterId "local" -}}
+          sub_filter '"appSubUrl":""' '"appSubUrl":"/api/v1/namespaces/{{ template "grafana.namespace" . }}/services/http:{{ template "grafana.fullname" . }}:{{ .Values.service.port }}/proxy"';
+          {{- else -}}
+          sub_filter '"appSubUrl":""' '"appSubUrl":"/k8s/clusters/{{ .Values.global.cattle.clusterId }}/api/v1/namespaces/{{ template "grafana.namespace" . }}/services/http:{{ template "grafana.fullname" . }}:{{ .Values.service.port }}/proxy"';
+          {{- end -}}
+
+          sub_filter ':"/avatar/' ':"avatar/';
+
+          if ($request_filename ~ .*\.(?:js|css|jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm)$) {
+            expires             90d;
+          }
+
+          rewrite ^/k8s/clusters/.*/proxy(.*) /$1 break;
+
+        }
+      }
+    }
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/poddisruptionbudget.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/poddisruptionbudget.yaml
new file mode 100644
index 0000000000..05251214ac
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/poddisruptionbudget.yaml
@@ -0,0 +1,22 @@
+{{- if .Values.podDisruptionBudget }}
+apiVersion: {{ include "grafana.podDisruptionBudget.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+    {{- with .Values.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  {{- with .Values.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ . }}
+  {{- end }}
+  {{- with .Values.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ . }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "grafana.selectorLabels" . | nindent 6 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/podsecuritypolicy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/podsecuritypolicy.yaml
new file mode 100644
index 0000000000..973caccd57
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/podsecuritypolicy.yaml
@@ -0,0 +1,45 @@
+{{- if and (or .Values.global.cattle.psp.enabled .Values.rbac.pspEnabled) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+{{- if .Values.rbac.pspAnnotations }}
+    annotations: {{ toYaml .Values.rbac.pspAnnotations | nindent 4 }}
+{{- end }}
+spec:
+  privileged: false
+  allowPrivilegeEscalation: false
+  requiredDropCapabilities:
+    # Default set from Docker, with DAC_OVERRIDE and CHOWN
+      - ALL
+  volumes:
+    - 'configMap'
+    - 'emptyDir'
+    - 'projected'
+    - 'csi'
+    - 'secret'
+    - 'downwardAPI'
+    - 'persistentVolumeClaim'
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      # Forbid adding the root group.
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      # Forbid adding the root group.
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/pvc.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/pvc.yaml
new file mode 100644
index 0000000000..c9b234305f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/pvc.yaml
@@ -0,0 +1,41 @@
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) (eq .Values.persistence.type "pvc")}}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+    {{- with .Values.persistence.extraPvcLabels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.persistence.annotations  }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.persistence.finalizers  }}
+  finalizers:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  accessModes:
+{{- $_ := required "Must provide at least one access mode for persistent volumes used by Grafana" .Values.persistence.accessModes }}
+{{- $_ := required "Must provide at least one access mode for persistent volumes used by Grafana" (first .Values.persistence.accessModes) }}
+    {{- range .Values.persistence.accessModes }}
+    - {{ . | quote }}
+    {{- end }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size | quote }}
+  {{- if (lookup "v1" "PersistentVolumeClaim" (include "grafana.namespace" .) (include "grafana.fullname" .)) }}
+  volumeName: {{ (lookup "v1" "PersistentVolumeClaim" (include "grafana.namespace" .) (include "grafana.fullname" .)).spec.volumeName }}
+  {{- end }}
+  {{- with .Values.persistence.storageClassName }}
+  storageClassName: {{ . }}
+  {{- end }}
+  {{- with .Values.persistence.selectorLabels }}
+  selector:
+    matchLabels:
+    {{- toYaml . | nindent 6 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/role.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/role.yaml
new file mode 100644
index 0000000000..469b6f4e6c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/role.yaml
@@ -0,0 +1,32 @@
+{{- if and .Values.rbac.create (not .Values.rbac.useExistingRole) -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- if or (or .Values.global.cattle.psp.enabled .Values.rbac.pspEnabled) (and .Values.rbac.namespaced (or .Values.sidecar.dashboards.enabled .Values.sidecar.datasources.enabled .Values.sidecar.plugins.enabled .Values.rbac.extraRoleRules)) }}
+rules:
+  {{- if and (or .Values.global.cattle.psp.enabled .Values.rbac.pspEnabled) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+  - apiGroups:      ['extensions']
+    resources:      ['podsecuritypolicies']
+    verbs:          ['use']
+    resourceNames:  [{{ include "grafana.fullname" . }}]
+  {{- end }}
+  {{- if and .Values.rbac.namespaced (or .Values.sidecar.dashboards.enabled .Values.sidecar.datasources.enabled .Values.sidecar.plugins.enabled) }}
+  - apiGroups: [""] # "" indicates the core API group
+    resources: ["configmaps", "secrets"]
+    verbs: ["get", "watch", "list"]
+  {{- end }}
+  {{- with .Values.rbac.extraRoleRules }}
+  {{- toYaml . | nindent 2 }}
+  {{- end}}
+{{- else }}
+rules: []
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/rolebinding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/rolebinding.yaml
new file mode 100644
index 0000000000..58f77c6b0b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/rolebinding.yaml
@@ -0,0 +1,25 @@
+{{- if .Values.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  {{- if .Values.rbac.useExistingRole }}
+  name: {{ .Values.rbac.useExistingRole }}
+  {{- else }}
+  name: {{ include "grafana.fullname" . }}
+  {{- end }}
+subjects:
+- kind: ServiceAccount
+  name: {{ include "grafana.serviceAccountName" . }}
+  namespace: {{ include "grafana.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/secret-env.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/secret-env.yaml
new file mode 100644
index 0000000000..eb14aac707
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/secret-env.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.envRenderSecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "grafana.fullname" . }}-env
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+type: Opaque
+data:
+{{- range $key, $val := .Values.envRenderSecret }}
+  {{ $key }}: {{ tpl ($val | toString) $ | b64enc | quote }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/secret.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/secret.yaml
new file mode 100644
index 0000000000..fd2ca50f4b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/secret.yaml
@@ -0,0 +1,16 @@
+{{- if or (and (not .Values.admin.existingSecret) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION)) (and .Values.ldap.enabled (not .Values.ldap.existingSecret)) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+type: Opaque
+data:
+  {{- include "grafana.secretsData" . | nindent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/service.yaml
new file mode 100644
index 0000000000..e9396a15c6
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/service.yaml
@@ -0,0 +1,61 @@
+{{- if .Values.service.enabled }}
+{{- $root := . }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+    {{- with .Values.service.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.service.annotations }}
+  annotations:
+    {{- tpl (toYaml . | nindent 4) $root }}
+  {{- end }}
+spec:
+  {{- if (or (eq .Values.service.type "ClusterIP") (empty .Values.service.type)) }}
+  type: ClusterIP
+  {{- with .Values.service.clusterIP }}
+  clusterIP: {{ . }}
+  {{- end }}
+  {{- else if eq .Values.service.type "LoadBalancer" }}
+  type: LoadBalancer
+  {{- with .Values.service.loadBalancerIP }}
+  loadBalancerIP: {{ . }}
+  {{- end }}
+  {{- with .Values.service.loadBalancerClass }}
+  loadBalancerClass: {{ . }}
+  {{- end }}
+  {{- with .Values.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- else }}
+  type: {{ .Values.service.type }}
+  {{- end }}
+  {{- with .Values.service.externalIPs }}
+  externalIPs:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.service.externalTrafficPolicy }}
+  externalTrafficPolicy: {{ . }}
+  {{- end }}
+  ports:
+    - name: {{ .Values.service.portName }}
+      port: {{ .Values.service.port }}
+      protocol: TCP
+      targetPort: {{ .Values.service.targetPort }}
+      {{- with .Values.service.appProtocol }}
+      appProtocol: {{ . }}
+      {{- end }}
+      {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }}
+      nodePort: {{ .Values.service.nodePort }}
+      {{- end }}
+      {{- with .Values.extraExposePorts }}
+      {{- tpl (toYaml . | nindent 4) $root }}
+      {{- end }}
+  selector:
+    {{- include "grafana.selectorLabels" . | nindent 4 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/serviceaccount.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..ffca0717ae
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/serviceaccount.yaml
@@ -0,0 +1,17 @@
+{{- if .Values.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+automountServiceAccountToken: {{ .Values.serviceAccount.autoMount | default .Values.serviceAccount.automountServiceAccountToken }}
+metadata:
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+    {{- with .Values.serviceAccount.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- tpl (toYaml . | nindent 4) $ }}
+  {{- end }}
+  name: {{ include "grafana.serviceAccountName" . }}
+  namespace: {{ include "grafana.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/servicemonitor.yaml
new file mode 100644
index 0000000000..b321b1269c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/servicemonitor.yaml
@@ -0,0 +1,68 @@
+{{- if .Values.serviceMonitor.enabled }}
+---
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  {{- if .Values.serviceMonitor.namespace }}
+  namespace: {{ tpl .Values.serviceMonitor.namespace . }}
+  {{- else }}
+  namespace: {{ include "grafana.namespace" . }}
+  {{- end }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+    {{- with .Values.serviceMonitor.labels }}
+    {{- tpl (toYaml . | nindent 4) $ }}
+    {{- end }}
+spec:
+  endpoints:
+  - port: {{ .Values.service.portName }}
+    {{- with .Values.serviceMonitor.interval }}
+    interval: {{ . }}
+    {{- end }}
+    {{- with .Values.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ . }}
+    {{- end }}
+    honorLabels: true
+    path: {{ .Values.serviceMonitor.path }}
+    scheme: {{ .Values.serviceMonitor.scheme }}
+    {{- with .Values.serviceMonitor.tlsConfig }}
+    tlsConfig:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    metricRelabelings:
+    {{- if .Values.serviceMonitor.metricRelabelings }}
+    {{- toYaml .Values.serviceMonitor.metricRelabelings | nindent 6 }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+    - sourceLabels: [__address__]
+      targetLabel: cluster_id
+      replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName }}
+    - sourceLabels: [__address__]
+      targetLabel: cluster_name
+      replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+    {{- if .Values.serviceMonitor.relabelings }}
+    {{- with .Values.serviceMonitor.relabelings }}
+    relabelings:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+    {{- end }}
+    {{- with .Values.serviceMonitor.metricRelabelings }}
+    metricRelabelings:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+  jobLabel: "{{ .Release.Name }}"
+  selector:
+    matchLabels:
+      {{- include "grafana.selectorLabels" . | nindent 6 }}
+  namespaceSelector:
+    matchNames:
+      - {{ include "grafana.namespace" . }}
+  {{- with .Values.serviceMonitor.targetLabels }}
+  targetLabels:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/statefulset.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/statefulset.yaml
new file mode 100644
index 0000000000..49278083e8
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/statefulset.yaml
@@ -0,0 +1,58 @@
+{{- $sts := list "sts" "StatefulSet" "statefulset" -}}
+{{- if (or (.Values.useStatefulSet) (and .Values.persistence.enabled (not .Values.persistence.existingClaim) (has .Values.persistence.type $sts)))}}
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: {{ include "grafana.fullname" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  replicas: {{ .Values.replicas }}
+  selector:
+    matchLabels:
+      {{- include "grafana.selectorLabels" . | nindent 6 }}
+  serviceName: {{ include "grafana.fullname" . }}-headless
+  template:
+    metadata:
+      labels:
+        {{- include "grafana.selectorLabels" . | nindent 8 }}
+        {{- with .Values.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+        checksum/dashboards-json-config: {{ include (print $.Template.BasePath "/dashboards-json-configmap.yaml") . | sha256sum }}
+        checksum/sc-dashboard-provider-config: {{ include (print $.Template.BasePath "/configmap-dashboard-provider.yaml") . | sha256sum }}
+        {{- if and (or (and (not .Values.admin.existingSecret) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD__FILE) (not .Values.env.GF_SECURITY_ADMIN_PASSWORD)) (and .Values.ldap.enabled (not .Values.ldap.existingSecret))) (not .Values.env.GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION) }}
+        checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
+        {{- end }}
+        kubectl.kubernetes.io/default-container: {{ .Chart.Name }}
+        {{- with .Values.podAnnotations }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- include "grafana.pod" . | nindent 6 }}
+  {{- if .Values.persistence.enabled}}
+  volumeClaimTemplates:
+  - metadata:
+      name: storage
+    spec:
+{{- $_ := required "Must provide at least one access mode for persistent volumes used by Grafana" .Values.persistence.accessModes }}
+{{- $_ := required "Must provide at least one access mode for persistent volumes used by Grafana" (first .Values.persistence.accessModes) }}
+      accessModes: {{ .Values.persistence.accessModes }}
+      storageClassName: {{ .Values.persistence.storageClassName }}
+      resources:
+        requests:
+          storage: {{ required "Must provide size for persistent volumes used by Grafana" .Values.persistence.size }}
+      {{- with .Values.persistence.selectorLabels }}
+      selector:
+        matchLabels:
+          {{- toYaml . | nindent 10 }}
+      {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-configmap.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-configmap.yaml
new file mode 100644
index 0000000000..01c96c9243
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-configmap.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.testFramework.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "grafana.fullname" . }}-test
+  namespace: {{ include "grafana.namespace" . }}
+  annotations:
+    "helm.sh/hook": test-success
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+data:
+  run.sh: |-
+    @test "Test Health" {
+      url="http://{{ include "grafana.fullname" . }}/api/health"
+
+      code=$(wget --server-response --spider --timeout 90 --tries 10 ${url} 2>&1 | awk '/^  HTTP/{print $2}')
+      [ "$code" == "200" ]
+    }
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-podsecuritypolicy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-podsecuritypolicy.yaml
new file mode 100644
index 0000000000..70a0a884c9
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-podsecuritypolicy.yaml
@@ -0,0 +1,32 @@
+{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.testFramework.enabled (or .Values.global.cattle.psp.enabled .Values.rbac.pspEnabled) }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ include "grafana.fullname" . }}-test
+  annotations:
+    "helm.sh/hook": test-success
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+spec:
+  allowPrivilegeEscalation: true
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  fsGroup:
+    rule: RunAsAny
+  seLinux:
+    rule: RunAsAny
+  supplementalGroups:
+    rule: RunAsAny
+  runAsUser:
+    rule: RunAsAny
+  volumes:
+    - configMap
+    - downwardAPI
+    - emptyDir
+    - projected
+    - csi
+    - secret
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-role.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-role.yaml
new file mode 100644
index 0000000000..976418b137
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-role.yaml
@@ -0,0 +1,17 @@
+{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.testFramework.enabled (or .Values.global.cattle.psp.enabled .Values.rbac.pspEnabled) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ include "grafana.fullname" . }}-test
+  namespace: {{ include "grafana.namespace" . }}
+  annotations:
+    "helm.sh/hook": test-success
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+rules:
+  - apiGroups:      ['policy']
+    resources:      ['podsecuritypolicies']
+    verbs:          ['use']
+    resourceNames:  [{{ include "grafana.fullname" . }}-test]
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-rolebinding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-rolebinding.yaml
new file mode 100644
index 0000000000..509566eccd
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-rolebinding.yaml
@@ -0,0 +1,20 @@
+{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.testFramework.enabled (or .Values.global.cattle.psp.enabled .Values.rbac.pspEnabled) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ include "grafana.fullname" . }}-test
+  namespace: {{ include "grafana.namespace" . }}
+  annotations:
+    "helm.sh/hook": test-success
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ include "grafana.fullname" . }}-test
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "grafana.serviceAccountNameTest" . }}
+    namespace: {{ include "grafana.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-serviceaccount.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-serviceaccount.yaml
new file mode 100644
index 0000000000..38fba3596a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test-serviceaccount.yaml
@@ -0,0 +1,12 @@
+{{- if and .Values.testFramework.enabled .Values.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  name: {{ include "grafana.serviceAccountNameTest" . }}
+  namespace: {{ include "grafana.namespace" . }}
+  annotations:
+    "helm.sh/hook": test-success
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test.yaml
new file mode 100644
index 0000000000..83aaa185c2
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/templates/tests/test.yaml
@@ -0,0 +1,53 @@
+{{- if .Values.testFramework.enabled }}
+{{- $root := . }}
+apiVersion: v1
+kind: Pod
+metadata:
+  name: {{ include "grafana.fullname" . }}-test
+  labels:
+    {{- include "grafana.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test-success
+    "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
+  namespace: {{ include "grafana.namespace" . }}
+spec:
+  serviceAccountName: {{ include "grafana.serviceAccountNameTest" . }}
+  {{- with .Values.testFramework.securityContext }}
+  securityContext:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- if or .Values.image.pullSecrets .Values.global.imagePullSecrets }}
+  imagePullSecrets:
+    {{- include "grafana.imagePullSecrets" (dict "root" $root "imagePullSecrets" .Values.image.pullSecrets) | nindent 4 }}
+  {{- end }}
+  {{- with .Values.nodeSelector }}
+  nodeSelector:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.affinity }}
+  affinity:
+    {{- tpl (toYaml .) $root | nindent 4 }}
+  {{- end }}
+  {{- with .Values.tolerations }}
+  tolerations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  containers:
+    - name: {{ .Release.Name }}-test
+      image: "{{ template "system_default_registry" . | default .Values.testFramework.image.registry }}/{{ .Values.testFramework.image.repository }}:{{ .Values.testFramework.image.tag }}"
+      imagePullPolicy: "{{ .Values.testFramework.imagePullPolicy}}"
+      command: ["/opt/bats/bin/bats", "-t", "/tests/run.sh"]
+      volumeMounts:
+        - mountPath: /tests
+          name: tests
+          readOnly: true
+      {{- with .Values.testFramework.resources }}
+      resources:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+  volumes:
+    - name: tests
+      configMap:
+        name: {{ include "grafana.fullname" . }}-test
+  restartPolicy: Never
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/values.yaml
new file mode 100644
index 0000000000..45e3df9325
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/grafana/values.yaml
@@ -0,0 +1,1315 @@
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+
+  # To help compatibility with other charts which use global.imagePullSecrets.
+  # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style).
+  # Can be tempalted.
+  # global:
+  #   imagePullSecrets:
+  #   - name: pullSecret1
+  #   - name: pullSecret2
+  # or
+  # global:
+  #   imagePullSecrets:
+  #   - pullSecret1
+  #   - pullSecret2
+  imagePullSecrets: []
+
+rbac:
+  create: true
+  ## Use an existing ClusterRole/Role (depending on rbac.namespaced false/true)
+  # useExistingRole: name-of-some-role
+  # useExistingClusterRole: name-of-some-clusterRole
+  pspEnabled: false
+  pspUseAppArmor: false
+  namespaced: false
+  extraRoleRules: []
+  # - apiGroups: []
+  #   resources: []
+  #   verbs: []
+  extraClusterRoleRules: []
+  # - apiGroups: []
+  #   resources: []
+  #   verbs: []
+serviceAccount:
+  create: true
+  name:
+  nameTest:
+  ## ServiceAccount labels.
+  labels: {}
+  ## Service account annotations. Can be templated.
+  #  annotations:
+  #    eks.amazonaws.com/role-arn: arn:aws:iam::123456789000:role/iam-role-name-here
+
+  ## autoMount is deprecated in favor of automountServiceAccountToken
+  # autoMount: false
+  automountServiceAccountToken: true
+
+replicas: 1
+
+## Create a headless service for the deployment
+headlessService: false
+
+## Should the service account be auto mounted on the pod
+automountServiceAccountToken: true
+
+## Create HorizontalPodAutoscaler object for deployment type
+#
+autoscaling:
+  enabled: false
+  minReplicas: 1
+  maxReplicas: 5
+  targetCPU: "60"
+  targetMemory: ""
+  behavior: {}
+
+## See `kubectl explain poddisruptionbudget.spec` for more
+## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
+podDisruptionBudget: {}
+#  apiVersion: ""
+#  minAvailable: 1
+#  maxUnavailable: 1
+
+## See `kubectl explain deployment.spec.strategy` for more
+## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
+deploymentStrategy:
+  type: RollingUpdate
+
+readinessProbe:
+  httpGet:
+    path: /api/health
+    port: 3000
+
+livenessProbe:
+  httpGet:
+    path: /api/health
+    port: 3000
+  initialDelaySeconds: 60
+  timeoutSeconds: 30
+  failureThreshold: 10
+
+## Use an alternate scheduler, e.g. "stork".
+## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
+##
+# schedulerName: "default-scheduler"
+
+image:
+  repository: rancher/mirrored-grafana-grafana
+  # Overrides the Grafana image tag whose default is the chart appVersion
+  tag: 10.4.9
+  sha: ""
+  pullPolicy: IfNotPresent
+
+  ## Optionally specify an array of imagePullSecrets.
+  ## Secrets must be manually created in the namespace.
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+  ## Can be templated.
+  ##
+  pullSecrets: []
+  #   - myRegistrKeySecretName
+
+testFramework:
+  enabled: false
+  imagePullPolicy: IfNotPresent
+  securityContext:
+    runAsNonRoot: true
+    runAsUser: 1000
+  #  limits:
+  #    cpu: 100m
+  #    memory: 128Mi
+  #  requests:
+  #    cpu: 100m
+  #    memory: 128Mi
+
+# dns configuration for pod
+dnsPolicy: ~
+dnsConfig: {}
+  # nameservers:
+  #   - 8.8.8.8
+  #   options:
+  #   - name: ndots
+  #     value: "2"
+  #   - name: edns0
+
+securityContext:
+  runAsNonRoot: true
+  runAsUser: 472
+  runAsGroup: 472
+  fsGroup: 472
+
+containerSecurityContext:
+  allowPrivilegeEscalation: false
+  capabilities:
+    drop:
+    - ALL
+  seccompProfile:
+    type: RuntimeDefault
+
+# Enable creating the grafana configmap
+createConfigmap: true
+
+# Extra configmaps to mount in grafana pods
+# Values are templated.
+extraConfigmapMounts: []
+  # - name: certs-configmap
+  #   mountPath: /etc/grafana/ssl/
+  #   subPath: certificates.crt # (optional)
+  #   configMap: certs-configmap
+  #   readOnly: true
+
+
+extraEmptyDirMounts: []
+  # - name: provisioning-notifiers
+  #   mountPath: /etc/grafana/provisioning/notifiers
+
+
+# Apply extra labels to common labels.
+extraLabels: {}
+
+## Assign a PriorityClassName to pods if set
+# priorityClassName:
+
+downloadDashboardsImage:
+  repository: rancher/mirrored-curlimages-curl
+  tag: 7.85.0
+  sha: ""
+  pullPolicy: IfNotPresent
+
+downloadDashboards:
+  env: {}
+  envFromSecret: ""
+  resources: {}
+  securityContext:
+    allowPrivilegeEscalation: false
+    capabilities:
+      drop:
+      - ALL
+    seccompProfile:
+      type: RuntimeDefault
+  envValueFrom: {}
+  #  ENV_NAME:
+  #    configMapKeyRef:
+  #      name: configmap-name
+  #      key: value_key
+
+## Pod Annotations
+# podAnnotations: {}
+
+## Pod Labels
+# podLabels: {}
+
+podPortName: grafana
+gossipPortName: gossip
+## Deployment annotations
+# annotations: {}
+
+## Expose the grafana service to be accessed from outside the cluster (LoadBalancer service).
+## or access it from within the cluster (ClusterIP service). Set the service type and the port to serve it.
+## ref: http://kubernetes.io/docs/user-guide/services/
+##
+service:
+  enabled: true
+  type: ClusterIP
+  loadBalancerIP: ""
+  loadBalancerClass: ""
+  loadBalancerSourceRanges: []
+  port: 80
+  targetPort: 3000
+    # targetPort: 4181 To be used with a proxy extraContainer
+  ## Service annotations. Can be templated.
+  annotations: {}
+  labels: {}
+  portName: service
+  # Adds the appProtocol field to the service. This allows to work with istio protocol selection. Ex: "http" or "tcp"
+  appProtocol: ""
+
+serviceMonitor:
+  ## If true, a ServiceMonitor CRD is created for a prometheus operator
+  ## https://github.com/coreos/prometheus-operator
+  ##
+  enabled: false
+  path: /metrics
+  #  namespace: monitoring  (defaults to use the namespace this chart is deployed to)
+  labels: {}
+  interval: 30s
+  scheme: http
+  tlsConfig: {}
+  scrapeTimeout: 30s
+  relabelings: []
+  metricRelabelings: []
+  targetLabels: []
+
+extraExposePorts: []
+ # - name: keycloak
+ #   port: 8080
+ #   targetPort: 8080
+
+# overrides pod.spec.hostAliases in the grafana deployment's pods
+hostAliases: []
+  # - ip: "1.2.3.4"
+  #   hostnames:
+  #     - "my.host.com"
+
+ingress:
+  enabled: false
+  # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+  # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+  # ingressClassName: nginx
+  # Values can be templated
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  labels: {}
+  path: /
+
+  # pathType is only for k8s >= 1.1=
+  pathType: Prefix
+
+  hosts:
+    - chart-example.local
+  ## Extra paths to prepend to every host configuration. This is useful when working with annotation based services.
+  extraPaths: []
+  # - path: /*
+  #   backend:
+  #     serviceName: ssl-redirect
+  #     servicePort: use-annotation
+  ## Or for k8s > 1.19
+  # - path: /*
+  #   pathType: Prefix
+  #   backend:
+  #     service:
+  #       name: ssl-redirect
+  #       port:
+  #         name: use-annotation
+
+
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+resources: {}
+#  limits:
+#    cpu: 100m
+#    memory: 128Mi
+#  requests:
+#    cpu: 100m
+#    memory: 128Mi
+
+## Node labels for pod assignment
+## ref: https://kubernetes.io/docs/user-guide/node-selection/
+#
+nodeSelector: {}
+
+## Tolerations for pod assignment
+## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+##
+tolerations: []
+
+## Affinity for pod assignment (evaluated as template)
+## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+##
+affinity: {}
+
+## Topology Spread Constraints
+## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
+##
+topologySpreadConstraints: []
+
+## Additional init containers (evaluated as template)
+## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+##
+extraInitContainers: []
+
+## Enable an Specify container in extraContainers. This is meant to allow adding an authentication proxy to a grafana pod
+extraContainers: ""
+# extraContainers: |
+# - name: proxy
+#   image: quay.io/gambol99/keycloak-proxy:latest
+#   args:
+#   - -provider=github
+#   - -client-id=
+#   - -client-secret=
+#   - -github-org=<ORG_NAME>
+#   - -email-domain=*
+#   - -cookie-secret=
+#   - -http-address=http://0.0.0.0:4181
+#   - -upstream-url=http://127.0.0.1:3000
+#   ports:
+#     - name: proxy-web
+#       containerPort: 4181
+
+## Volumes that can be used in init containers that will not be mounted to deployment pods
+extraContainerVolumes: []
+#  - name: volume-from-secret
+#    secret:
+#      secretName: secret-to-mount
+#  - name: empty-dir-volume
+#    emptyDir: {}
+
+## Enable persistence using Persistent Volume Claims
+## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
+##
+persistence:
+  type: pvc
+  enabled: false
+  # storageClassName: default
+  accessModes:
+    - ReadWriteOnce
+  size: 10Gi
+  # annotations: {}
+  finalizers:
+    - kubernetes.io/pvc-protection
+  # selectorLabels: {}
+  ## Sub-directory of the PV to mount. Can be templated.
+  # subPath: ""
+  ## Name of an existing PVC. Can be templated.
+  # existingClaim:
+  ## Extra labels to apply to a PVC.
+  extraPvcLabels: {}
+
+  ## If persistence is not enabled, this allows to mount the
+  ## local storage in-memory to improve performance
+  ##
+  inMemory:
+    enabled: false
+    ## The maximum usage on memory medium EmptyDir would be
+    ## the minimum value between the SizeLimit specified
+    ## here and the sum of memory limits of all containers in a pod
+    ##
+    # sizeLimit: 300Mi
+
+initChownData:
+  ## If false, data ownership will not be reset at startup
+  ## This allows the grafana-server to be run with an arbitrary user
+  ##
+  enabled: true
+
+  ## initChownData container image
+  ##
+  image:
+    repository: rancher/mirrored-library-busybox
+    tag: "1.31.1"
+    sha: ""
+    pullPolicy: IfNotPresent
+
+  ## initChownData resource requests and limits
+  ## Ref: http://kubernetes.io/docs/user-guide/compute-resources/
+  ##
+  resources: {}
+  #  limits:
+  #    cpu: 100m
+  #    memory: 128Mi
+  #  requests:
+  #    cpu: 100m
+  #    memory: 128Mi
+  securityContext:
+    runAsNonRoot: false
+    runAsUser: 0
+    seccompProfile:
+      type: RuntimeDefault
+    capabilities:
+      add:
+        - CHOWN
+
+# Administrator credentials when not using an existing secret (see below)
+adminUser: admin
+# adminPassword: strongpassword
+
+# Use an existing secret for the admin user.
+admin:
+  ## Name of the secret. Can be templated.
+  existingSecret: ""
+  userKey: admin-user
+  passwordKey: admin-password
+
+## Define command to be executed at startup by grafana container
+## Needed if using `vault-env` to manage secrets (ref: https://banzaicloud.com/blog/inject-secrets-into-pods-vault/)
+## Default is "run.sh" as defined in grafana's Dockerfile
+# command:
+# - "sh"
+# - "/run.sh"
+
+## Optionally define args if command is used
+## Needed if using `hashicorp/envconsul` to manage secrets
+## By default no arguments are set
+# args:
+# - "-secret"
+# - "secret/grafana"
+# - "./grafana"
+
+## Extra environment variables that will be pass onto deployment pods
+##
+## to provide grafana with access to CloudWatch on AWS EKS:
+## 1. create an iam role of type "Web identity" with provider oidc.eks.* (note the provider for later)
+## 2. edit the "Trust relationships" of the role, add a line inside the StringEquals clause using the
+## same oidc eks provider as noted before (same as the existing line)
+## also, replace NAMESPACE and prometheus-operator-grafana with the service account namespace and name
+##
+##  "oidc.eks.us-east-1.amazonaws.com/id/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:sub": "system:serviceaccount:NAMESPACE:prometheus-operator-grafana",
+##
+## 3. attach a policy to the role, you can use a built in policy called CloudWatchReadOnlyAccess
+## 4. use the following env: (replace 123456789000 and iam-role-name-here with your aws account number and role name)
+##
+## env:
+##   AWS_ROLE_ARN: arn:aws:iam::123456789000:role/iam-role-name-here
+##   AWS_WEB_IDENTITY_TOKEN_FILE: /var/run/secrets/eks.amazonaws.com/serviceaccount/token
+##   AWS_REGION: us-east-1
+##
+## 5. uncomment the EKS section in extraSecretMounts: below
+## 6. uncomment the annotation section in the serviceAccount: above
+## make sure to replace arn:aws:iam::123456789000:role/iam-role-name-here with your role arn
+
+env: {}
+
+## "valueFrom" environment variable references that will be added to deployment pods. Name is templated.
+## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core
+## Renders in container spec as:
+##   env:
+##     ...
+##     - name: <key>
+##       valueFrom:
+##         <value rendered as YAML>
+envValueFrom: {}
+  #  ENV_NAME:
+  #    configMapKeyRef:
+  #      name: configmap-name
+  #      key: value_key
+
+## The name of a secret in the same kubernetes namespace which contain values to be added to the environment
+## This can be useful for auth tokens, etc. Value is templated.
+envFromSecret: ""
+
+## Sensible environment variables that will be rendered as new secret object
+## This can be useful for auth tokens, etc.
+## If the secret values contains "{{", they'll need to be properly escaped so that they are not interpreted by Helm
+## ref: https://helm.sh/docs/howto/charts_tips_and_tricks/#using-the-tpl-function
+envRenderSecret: {}
+
+## The names of secrets in the same kubernetes namespace which contain values to be added to the environment
+## Each entry should contain a name key, and can optionally specify whether the secret must be defined with an optional key.
+## Name is templated.
+envFromSecrets: []
+## - name: secret-name
+##   prefix: prefix
+##   optional: true
+
+## The names of conifgmaps in the same kubernetes namespace which contain values to be added to the environment
+## Each entry should contain a name key, and can optionally specify whether the configmap must be defined with an optional key.
+## Name is templated.
+## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#configmapenvsource-v1-core
+envFromConfigMaps: []
+## - name: configmap-name
+##   prefix: prefix
+##   optional: true
+
+# Inject Kubernetes services as environment variables.
+# See https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#environment-variables
+enableServiceLinks: true
+
+## Additional grafana server secret mounts
+# Defines additional mounts with secrets. Secrets must be manually created in the namespace.
+extraSecretMounts: []
+  # - name: secret-files
+  #   mountPath: /etc/secrets
+  #   secretName: grafana-secret-files
+  #   readOnly: true
+  #   subPath: ""
+  #
+  # for AWS EKS (cloudwatch) use the following (see also instruction in env: above)
+  # - name: aws-iam-token
+  #   mountPath: /var/run/secrets/eks.amazonaws.com/serviceaccount
+  #   readOnly: true
+  #   projected:
+  #     defaultMode: 420
+  #     sources:
+  #       - serviceAccountToken:
+  #           audience: sts.amazonaws.com
+  #           expirationSeconds: 86400
+  #           path: token
+  #
+  # for CSI e.g. Azure Key Vault use the following
+  # - name: secrets-store-inline
+  #  mountPath: /run/secrets
+  #  readOnly: true
+  #  csi:
+  #    driver: secrets-store.csi.k8s.io
+  #    readOnly: true
+  #    volumeAttributes:
+  #      secretProviderClass: "akv-grafana-spc"
+  #    nodePublishSecretRef:                       # Only required when using service principal mode
+  #       name: grafana-akv-creds                  # Only required when using service principal mode
+
+## Additional grafana server volume mounts
+# Defines additional volume mounts.
+extraVolumeMounts: []
+  # - name: extra-volume-0
+  #   mountPath: /mnt/volume0
+  #   readOnly: true
+  # - name: extra-volume-1
+  #   mountPath: /mnt/volume1
+  #   readOnly: true
+  # - name: grafana-secrets
+  #   mountPath: /mnt/volume2
+
+## Additional Grafana server volumes
+extraVolumes: []
+  # - name: extra-volume-0
+  #   existingClaim: volume-claim
+  # - name: extra-volume-1
+  #   hostPath:
+  #     path: /usr/shared/
+  #     type: ""
+  # - name: grafana-secrets
+  #   csi:
+  #     driver: secrets-store.csi.k8s.io
+  #     readOnly: true
+  #     volumeAttributes:
+  #       secretProviderClass: "grafana-env-spc"
+
+## Container Lifecycle Hooks. Execute a specific bash command or make an HTTP request
+lifecycleHooks: {}
+  # postStart:
+  #   exec:
+  #     command: []
+
+## Pass the plugins you want installed as a list.
+##
+plugins: []
+  # - digrich-bubblechart-panel
+  # - grafana-clock-panel
+  ## You can also use other plugin download URL, as long as they are valid zip files,
+  ## and specify the name of the plugin after the semicolon. Like this:
+  # - https://grafana.com/api/plugins/marcusolsson-json-datasource/versions/1.3.2/download;marcusolsson-json-datasource
+
+## Configure grafana datasources
+## ref: http://docs.grafana.org/administration/provisioning/#datasources
+##
+datasources: {}
+#  datasources.yaml:
+#    apiVersion: 1
+#    datasources:
+#    - name: Prometheus
+#      type: prometheus
+#      url: http://prometheus-prometheus-server
+#      access: proxy
+#      isDefault: true
+#    - name: CloudWatch
+#      type: cloudwatch
+#      access: proxy
+#      uid: cloudwatch
+#      editable: false
+#      jsonData:
+#        authType: default
+#        defaultRegion: us-east-1
+#    deleteDatasources: []
+#    - name: Prometheus
+
+## Configure grafana alerting (can be templated)
+## ref: http://docs.grafana.org/administration/provisioning/#alerting
+##
+alerting: {}
+  # rules.yaml:
+  #   apiVersion: 1
+  #   groups:
+  #     - orgId: 1
+  #       name: '{{ .Chart.Name }}_my_rule_group'
+  #       folder: my_first_folder
+  #       interval: 60s
+  #       rules:
+  #         - uid: my_id_1
+  #           title: my_first_rule
+  #           condition: A
+  #           data:
+  #             - refId: A
+  #               datasourceUid: '-100'
+  #               model:
+  #                 conditions:
+  #                   - evaluator:
+  #                       params:
+  #                         - 3
+  #                       type: gt
+  #                     operator:
+  #                       type: and
+  #                     query:
+  #                       params:
+  #                         - A
+  #                     reducer:
+  #                       type: last
+  #                     type: query
+  #                 datasource:
+  #                   type: __expr__
+  #                   uid: '-100'
+  #                 expression: 1==0
+  #                 intervalMs: 1000
+  #                 maxDataPoints: 43200
+  #                 refId: A
+  #                 type: math
+  #           dashboardUid: my_dashboard
+  #           panelId: 123
+  #           noDataState: Alerting
+  #           for: 60s
+  #           annotations:
+  #             some_key: some_value
+  #           labels:
+  #             team: sre_team_1
+  # contactpoints.yaml:
+  #   secret:
+  #     apiVersion: 1
+  #     contactPoints:
+  #       - orgId: 1
+  #         name: cp_1
+  #         receivers:
+  #           - uid: first_uid
+  #             type: pagerduty
+  #             settings:
+  #               integrationKey: XXX
+  #               severity: critical
+  #               class: ping failure
+  #               component: Grafana
+  #               group: app-stack
+  #               summary: |
+  #                 {{ `{{ include "default.message" . }}` }}
+
+## Configure notifiers
+## ref: http://docs.grafana.org/administration/provisioning/#alert-notification-channels
+##
+notifiers: {}
+#  notifiers.yaml:
+#    notifiers:
+#    - name: email-notifier
+#      type: email
+#      uid: email1
+#      # either:
+#      org_id: 1
+#      # or
+#      org_name: Main Org.
+#      is_default: true
+#      settings:
+#        addresses: an_email_address@example.com
+#    delete_notifiers:
+
+## Configure grafana dashboard providers
+## ref: http://docs.grafana.org/administration/provisioning/#dashboards
+##
+## `path` must be /var/lib/grafana/dashboards/<provider_name>
+##
+dashboardProviders: {}
+#  dashboardproviders.yaml:
+#    apiVersion: 1
+#    providers:
+#    - name: 'default'
+#      orgId: 1
+#      folder: ''
+#      type: file
+#      disableDeletion: false
+#      editable: true
+#      options:
+#        path: /var/lib/grafana/dashboards/default
+
+## Configure grafana dashboard to import
+## NOTE: To use dashboards you must also enable/configure dashboardProviders
+## ref: https://grafana.com/dashboards
+##
+## dashboards per provider, use provider name as key.
+##
+dashboards: {}
+  # default:
+  #   some-dashboard:
+  #     json: |
+  #       $RAW_JSON
+  #   custom-dashboard:
+  #     file: dashboards/custom-dashboard.json
+  #   prometheus-stats:
+  #     gnetId: 2
+  #     revision: 2
+  #     datasource: Prometheus
+  #   local-dashboard:
+  #     url: https://example.com/repository/test.json
+  #     token: ''
+  #   local-dashboard-base64:
+  #     url: https://example.com/repository/test-b64.json
+  #     token: ''
+  #     b64content: true
+  #   local-dashboard-gitlab:
+  #     url: https://example.com/repository/test-gitlab.json
+  #     gitlabToken: ''
+  #   local-dashboard-bitbucket:
+  #     url: https://example.com/repository/test-bitbucket.json
+  #     bearerToken: ''
+  #   local-dashboard-azure:
+  #     url: https://example.com/repository/test-azure.json
+  #     basic: ''
+  #     acceptHeader: '*/*'
+
+## Reference to external ConfigMap per provider. Use provider name as key and ConfigMap name as value.
+## A provider dashboards must be defined either by external ConfigMaps or in values.yaml, not in both.
+## ConfigMap data example:
+##
+## data:
+##   example-dashboard.json: |
+##     RAW_JSON
+##
+dashboardsConfigMaps: {}
+#  default: ""
+
+## Grafana's primary configuration
+## NOTE: values in map will be converted to ini format
+## ref: http://docs.grafana.org/installation/configuration/
+##
+grafana.ini:
+  paths:
+    data: /var/lib/grafana/
+    logs: /var/log/grafana
+    plugins: /var/lib/grafana/plugins
+    provisioning: /etc/grafana/provisioning
+  analytics:
+    check_for_updates: true
+  log:
+    mode: console
+  grafana_net:
+    url: https://grafana.net
+  server:
+    domain: "{{ if (and .Values.ingress.enabled .Values.ingress.hosts) }}{{ .Values.ingress.hosts | first }}{{ else }}''{{ end }}"
+## grafana Authentication can be enabled with the following values on grafana.ini
+ # server:
+      # The full public facing url you use in browser, used for redirects and emails
+ #    root_url:
+ # https://grafana.com/docs/grafana/latest/auth/github/#enable-github-in-grafana
+ # auth.github:
+ #    enabled: false
+ #    allow_sign_up: false
+ #    scopes: user:email,read:org
+ #    auth_url: https://github.com/login/oauth/authorize
+ #    token_url: https://github.com/login/oauth/access_token
+ #    api_url: https://api.github.com/user
+ #    team_ids:
+ #    allowed_organizations:
+ #    client_id:
+ #    client_secret:
+## LDAP Authentication can be enabled with the following values on grafana.ini
+## NOTE: Grafana will fail to start if the value for ldap.toml is invalid
+  # auth.ldap:
+  #   enabled: true
+  #   allow_sign_up: true
+  #   config_file: /etc/grafana/ldap.toml
+
+## Grafana's LDAP configuration
+## Templated by the template in _helpers.tpl
+## NOTE: To enable the grafana.ini must be configured with auth.ldap.enabled
+## ref: http://docs.grafana.org/installation/configuration/#auth-ldap
+## ref: http://docs.grafana.org/installation/ldap/#configuration
+ldap:
+  enabled: false
+  # `existingSecret` is a reference to an existing secret containing the ldap configuration
+  # for Grafana in a key `ldap-toml`.
+  existingSecret: ""
+  # `config` is the content of `ldap.toml` that will be stored in the created secret
+  config: ""
+  # config: |-
+  #   verbose_logging = true
+
+  #   [[servers]]
+  #   host = "my-ldap-server"
+  #   port = 636
+  #   use_ssl = true
+  #   start_tls = false
+  #   ssl_skip_verify = false
+  #   bind_dn = "uid=%s,ou=users,dc=myorg,dc=com"
+
+## Grafana's SMTP configuration
+## NOTE: To enable, grafana.ini must be configured with smtp.enabled
+## ref: http://docs.grafana.org/installation/configuration/#smtp
+smtp:
+  # `existingSecret` is a reference to an existing secret containing the smtp configuration
+  # for Grafana.
+  existingSecret: ""
+  userKey: "user"
+  passwordKey: "password"
+
+## Sidecars that collect the configmaps with specified label and stores the included files them into the respective folders
+## Requires at least Grafana 5 to work and can't be used together with parameters dashboardProviders, datasources and dashboards
+sidecar:
+  image:
+    repository: rancher/mirrored-kiwigrid-k8s-sidecar
+    tag: 1.26.1
+    sha: ""
+  imagePullPolicy: IfNotPresent
+  resources: {}
+#   limits:
+#     cpu: 100m
+#     memory: 100Mi
+#   requests:
+#     cpu: 50m
+#     memory: 50Mi
+  securityContext:
+    allowPrivilegeEscalation: false
+    capabilities:
+      drop:
+      - ALL
+    seccompProfile:
+      type: RuntimeDefault
+  # skipTlsVerify Set to true to skip tls verification for kube api calls
+  # skipTlsVerify: true
+  enableUniqueFilenames: false
+  readinessProbe: {}
+  livenessProbe: {}
+  # Log level default for all sidecars. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL. Defaults to INFO
+  # logLevel: INFO
+  alerts:
+    enabled: false
+    # Additional environment variables for the alerts sidecar
+    env: {}
+    # Do not reprocess already processed unchanged resources on k8s API reconnect.
+    # ignoreAlreadyProcessed: true
+    # label that the configmaps with alert are marked with
+    label: grafana_alert
+    # value of label that the configmaps with alert are set to
+    labelValue: ""
+    # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL.
+    # logLevel: INFO
+    # If specified, the sidecar will search for alert config-maps inside this namespace.
+    # Otherwise the namespace in which the sidecar is running will be used.
+    # It's also possible to specify ALL to search in all namespaces
+    searchNamespace: null
+    # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds.
+    watchMethod: WATCH
+    # search in configmap, secret or both
+    resource: both
+    # watchServerTimeout: request to the server, asking it to cleanly close the connection after that.
+    # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S
+    # watchServerTimeout: 3600
+    #
+    # watchClientTimeout: is a client-side timeout, configuring your local socket.
+    # If you have a network outage dropping all packets with no RST/FIN,
+    # this is how long your client waits before realizing & dropping the connection.
+    # defaults to 66sec (sic!)
+    # watchClientTimeout: 60
+    #
+    # Endpoint to send request to reload alerts
+    reloadURL: "http://localhost:3000/api/admin/provisioning/alerting/reload"
+    # Absolute path to shell script to execute after a alert got reloaded
+    script: null
+    skipReload: false
+    # This is needed if skipReload is true, to load any alerts defined at startup time.
+    # Deploy the alert sidecar as an initContainer.
+    initAlerts: false
+    # Additional alert sidecar volume mounts
+    extraMounts: []
+    # Sets the size limit of the alert sidecar emptyDir volume
+    sizeLimit: {}
+  dashboards:
+    enabled: false
+    # Additional environment variables for the dashboards sidecar
+    env: {}
+    # Do not reprocess already processed unchanged resources on k8s API reconnect.
+    # ignoreAlreadyProcessed: true
+    SCProvider: true
+    # label that the configmaps with dashboards are marked with
+    label: grafana_dashboard
+    # value of label that the configmaps with dashboards are set to
+    labelValue: ""
+    # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL.
+    # logLevel: INFO
+    # folder in the pod that should hold the collected dashboards (unless `defaultFolderName` is set)
+    folder: /tmp/dashboards
+    # The default folder name, it will create a subfolder under the `folder` and put dashboards in there instead
+    defaultFolderName: null
+    # Namespaces list. If specified, the sidecar will search for config-maps/secrets inside these namespaces.
+    # Otherwise the namespace in which the sidecar is running will be used.
+    # It's also possible to specify ALL to search in all namespaces.
+    searchNamespace: null
+    # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds.
+    watchMethod: WATCH
+    # search in configmap, secret or both
+    resource: both
+    # If specified, the sidecar will look for annotation with this name to create folder and put graph here.
+    # You can use this parameter together with `provider.foldersFromFilesStructure`to annotate configmaps and create folder structure.
+    folderAnnotation: null
+    # Endpoint to send request to reload alerts
+    reloadURL: "http://localhost:3000/api/admin/provisioning/dashboards/reload"
+    # Absolute path to shell script to execute after a configmap got reloaded
+    script: null
+    skipReload: false
+    # watchServerTimeout: request to the server, asking it to cleanly close the connection after that.
+    # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S
+    # watchServerTimeout: 3600
+    #
+    # watchClientTimeout: is a client-side timeout, configuring your local socket.
+    # If you have a network outage dropping all packets with no RST/FIN,
+    # this is how long your client waits before realizing & dropping the connection.
+    # defaults to 66sec (sic!)
+    # watchClientTimeout: 60
+    #
+    # provider configuration that lets grafana manage the dashboards
+    provider:
+      # name of the provider, should be unique
+      name: sidecarProvider
+      # orgid as configured in grafana
+      orgid: 1
+      # folder in which the dashboards should be imported in grafana
+      folder: ''
+      # type of the provider
+      type: file
+      # disableDelete to activate a import-only behaviour
+      disableDelete: false
+      # allow updating provisioned dashboards from the UI
+      allowUiUpdates: false
+      # allow Grafana to replicate dashboard structure from filesystem
+      foldersFromFilesStructure: false
+    # Additional dashboard sidecar volume mounts
+    extraMounts: []
+    # Sets the size limit of the dashboard sidecar emptyDir volume
+    sizeLimit: {}
+  datasources:
+    enabled: false
+    # Additional environment variables for the datasourcessidecar
+    env: {}
+    envValueFrom: {}
+    # Do not reprocess already processed unchanged resources on k8s API reconnect.
+    # ignoreAlreadyProcessed: true
+    # label that the configmaps with datasources are marked with
+    label: grafana_datasource
+    # value of label that the configmaps with datasources are set to
+    labelValue: ""
+    # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL.
+    # logLevel: INFO
+    # If specified, the sidecar will search for datasource config-maps inside this namespace.
+    # Otherwise the namespace in which the sidecar is running will be used.
+    # It's also possible to specify ALL to search in all namespaces
+    searchNamespace: null
+    # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds.
+    watchMethod: WATCH
+    # search in configmap, secret or both
+    resource: both
+    # watchServerTimeout: request to the server, asking it to cleanly close the connection after that.
+    # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S
+    # watchServerTimeout: 3600
+    #
+    # watchClientTimeout: is a client-side timeout, configuring your local socket.
+    # If you have a network outage dropping all packets with no RST/FIN,
+    # this is how long your client waits before realizing & dropping the connection.
+    # defaults to 66sec (sic!)
+    # watchClientTimeout: 60
+    #
+    # Endpoint to send request to reload datasources
+    reloadURL: "http://localhost:3000/api/admin/provisioning/datasources/reload"
+    # Absolute path to shell script to execute after a datasource got reloaded
+    script: null
+    skipReload: true
+    # This is needed if skipReload is true, to load any datasources defined at startup time.
+    # Deploy the datasources sidecar as an initContainer.
+    initDatasources: true
+    # Sets the size limit of the datasource sidecar emptyDir volume
+    sizeLimit: {}
+  plugins:
+    enabled: false
+    # Additional environment variables for the plugins sidecar
+    env: {}
+    # Do not reprocess already processed unchanged resources on k8s API reconnect.
+    # ignoreAlreadyProcessed: true
+    # label that the configmaps with plugins are marked with
+    label: grafana_plugin
+    # value of label that the configmaps with plugins are set to
+    labelValue: ""
+    # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL.
+    # logLevel: INFO
+    # If specified, the sidecar will search for plugin config-maps inside this namespace.
+    # Otherwise the namespace in which the sidecar is running will be used.
+    # It's also possible to specify ALL to search in all namespaces
+    searchNamespace: null
+    # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds.
+    watchMethod: WATCH
+    # search in configmap, secret or both
+    resource: both
+    # watchServerTimeout: request to the server, asking it to cleanly close the connection after that.
+    # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S
+    # watchServerTimeout: 3600
+    #
+    # watchClientTimeout: is a client-side timeout, configuring your local socket.
+    # If you have a network outage dropping all packets with no RST/FIN,
+    # this is how long your client waits before realizing & dropping the connection.
+    # defaults to 66sec (sic!)
+    # watchClientTimeout: 60
+    #
+    # Endpoint to send request to reload plugins
+    reloadURL: "http://localhost:3000/api/admin/provisioning/plugins/reload"
+    # Absolute path to shell script to execute after a plugin got reloaded
+    script: null
+    skipReload: false
+    # Deploy the datasource sidecar as an initContainer in addition to a container.
+    # This is needed if skipReload is true, to load any plugins defined at startup time.
+    initPlugins: false
+    # Sets the size limit of the plugin sidecar emptyDir volume
+    sizeLimit: {}
+  notifiers:
+    enabled: false
+    # Additional environment variables for the notifierssidecar
+    env: {}
+    # Do not reprocess already processed unchanged resources on k8s API reconnect.
+    # ignoreAlreadyProcessed: true
+    # label that the configmaps with notifiers are marked with
+    label: grafana_notifier
+    # value of label that the configmaps with notifiers are set to
+    labelValue: ""
+    # Log level. Can be one of: DEBUG, INFO, WARN, ERROR, CRITICAL.
+    # logLevel: INFO
+    # If specified, the sidecar will search for notifier config-maps inside this namespace.
+    # Otherwise the namespace in which the sidecar is running will be used.
+    # It's also possible to specify ALL to search in all namespaces
+    searchNamespace: null
+    # Method to use to detect ConfigMap changes. With WATCH the sidecar will do a WATCH requests, with SLEEP it will list all ConfigMaps, then sleep for 60 seconds.
+    watchMethod: WATCH
+    # search in configmap, secret or both
+    resource: both
+    # watchServerTimeout: request to the server, asking it to cleanly close the connection after that.
+    # defaults to 60sec; much higher values like 3600 seconds (1h) are feasible for non-Azure K8S
+    # watchServerTimeout: 3600
+    #
+    # watchClientTimeout: is a client-side timeout, configuring your local socket.
+    # If you have a network outage dropping all packets with no RST/FIN,
+    # this is how long your client waits before realizing & dropping the connection.
+    # defaults to 66sec (sic!)
+    # watchClientTimeout: 60
+    #
+    # Endpoint to send request to reload notifiers
+    reloadURL: "http://localhost:3000/api/admin/provisioning/notifications/reload"
+    # Absolute path to shell script to execute after a notifier got reloaded
+    script: null
+    skipReload: false
+    # Deploy the notifier sidecar as an initContainer in addition to a container.
+    # This is needed if skipReload is true, to load any notifiers defined at startup time.
+    initNotifiers: false
+    # Sets the size limit of the notifier sidecar emptyDir volume
+    sizeLimit: {}
+
+## Override the deployment namespace
+##
+namespaceOverride: ""
+
+## Number of old ReplicaSets to retain
+##
+revisionHistoryLimit: 10
+
+## Add a seperate remote image renderer deployment/service
+imageRenderer:
+  deploymentStrategy: {}
+  # Enable the image-renderer deployment & service
+  enabled: false
+  replicas: 1
+  autoscaling:
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 5
+    targetCPU: "60"
+    targetMemory: ""
+    behavior: {}
+  image:
+    # image-renderer Image repository
+    repository: rancher/mirrored-grafana-grafana-image-renderer
+    # image-renderer Image tag
+    tag: 3.10.5
+    # image-renderer Image sha (optional)
+    sha: ""
+    # image-renderer ImagePullPolicy
+    pullPolicy: Always
+  # extra environment variables
+  env:
+    HTTP_HOST: "0.0.0.0"
+    # RENDERING_ARGS: --no-sandbox,--disable-gpu,--window-size=1280x758
+    # RENDERING_MODE: clustered
+    # IGNORE_HTTPS_ERRORS: true
+
+  ## "valueFrom" environment variable references that will be added to deployment pods. Name is templated.
+  ## ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core
+  ## Renders in container spec as:
+  ##   env:
+  ##     ...
+  ##     - name: <key>
+  ##       valueFrom:
+  ##         <value rendered as YAML>
+  envValueFrom: {}
+    #  ENV_NAME:
+    #    configMapKeyRef:
+    #      name: configmap-name
+    #      key: value_key
+
+  # image-renderer deployment serviceAccount
+  serviceAccountName: ""
+  # image-renderer deployment securityContext
+  securityContext: {}
+  # image-renderer deployment container securityContext
+  containerSecurityContext:
+    seccompProfile:
+      type: RuntimeDefault
+    capabilities:
+      drop: ['ALL']
+    allowPrivilegeEscalation: false
+    readOnlyRootFilesystem: true
+  ## image-renderer pod annotation
+  podAnnotations: {}
+  # image-renderer deployment Host Aliases
+  hostAliases: []
+  # image-renderer deployment priority class
+  priorityClassName: ''
+  service:
+    # Enable the image-renderer service
+    enabled: true
+    # image-renderer service port name
+    portName: 'http'
+    # image-renderer service port used by both service and deployment
+    port: 8081
+    targetPort: 8081
+    # Adds the appProtocol field to the image-renderer service. This allows to work with istio protocol selection. Ex: "http" or "tcp"
+    appProtocol: ""
+  serviceMonitor:
+    ## If true, a ServiceMonitor CRD is created for a prometheus operator
+    ## https://github.com/coreos/prometheus-operator
+    ##
+    enabled: false
+    path: /metrics
+    #  namespace: monitoring  (defaults to use the namespace this chart is deployed to)
+    labels: {}
+    interval: 1m
+    scheme: http
+    tlsConfig: {}
+    scrapeTimeout: 30s
+    relabelings: []
+    # See: https://doc.crds.dev/github.com/prometheus-operator/kube-prometheus/monitoring.coreos.com/ServiceMonitor/v1@v0.11.0#spec-targetLabels
+    targetLabels: []
+      # - targetLabel1
+      # - targetLabel2
+  # If https is enabled in Grafana, this needs to be set as 'https' to correctly configure the callback used in Grafana
+  grafanaProtocol: http
+  # In case a sub_path is used this needs to be added to the image renderer callback
+  grafanaSubPath: ""
+  # name of the image-renderer port on the pod
+  podPortName: http
+  # number of image-renderer replica sets to keep
+  revisionHistoryLimit: 10
+  networkPolicy:
+    # Enable a NetworkPolicy to limit inbound traffic to only the created grafana pods
+    limitIngress: true
+    # Enable a NetworkPolicy to limit outbound traffic to only the created grafana pods
+    limitEgress: false
+    # Allow additional services to access image-renderer (eg. Prometheus operator when ServiceMonitor is enabled)
+    extraIngressSelectors: []
+  resources: {}
+#   limits:
+#     cpu: 100m
+#     memory: 100Mi
+#   requests:
+#     cpu: 50m
+#     memory: 50Mi
+  ## Node labels for pod assignment
+  ## ref: https://kubernetes.io/docs/user-guide/node-selection/
+  #
+  nodeSelector: {}
+
+  ## Tolerations for pod assignment
+  ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+  ##
+  tolerations: []
+
+  ## Affinity for pod assignment (evaluated as template)
+  ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+  ##
+  affinity: {}
+
+  ## Use an alternate scheduler, e.g. "stork".
+  ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
+  ##
+  # schedulerName: "default-scheduler"
+
+networkPolicy:
+  ## @param networkPolicy.enabled Enable creation of NetworkPolicy resources. Only Ingress traffic is filtered for now.
+  ##
+  enabled: false
+  ## @param networkPolicy.allowExternal Don't require client label for connections
+  ## The Policy model to apply. When set to false, only pods with the correct
+  ## client label will have network access to  grafana port defined.
+  ## When true, grafana will accept connections from any source
+  ## (with the correct destination port).
+  ##
+  ingress: true
+  ## @param networkPolicy.ingress When true enables the creation
+  ## an ingress network policy
+  ##
+  allowExternal: true
+  ## @param networkPolicy.explicitNamespacesSelector A Kubernetes LabelSelector to explicitly select namespaces from which traffic could be allowed
+  ## If explicitNamespacesSelector is missing or set to {}, only client Pods that are in the networkPolicy's namespace
+  ## and that match other criteria, the ones that have the good label, can reach the grafana.
+  ## But sometimes, we want the grafana to be accessible to clients from other namespaces, in this case, we can use this
+  ## LabelSelector to select these namespaces, note that the networkPolicy's namespace should also be explicitly added.
+  ##
+  ## Example:
+  ## explicitNamespacesSelector:
+  ##   matchLabels:
+  ##     role: frontend
+  ##   matchExpressions:
+  ##    - {key: role, operator: In, values: [frontend]}
+  ##
+  explicitNamespacesSelector: {}
+  ##
+  ##
+  ##
+  ##
+  ##
+  ##
+  egress:
+    ## @param networkPolicy.egress.enabled When enabled, an egress network policy will be
+    ## created allowing grafana to connect to external data sources from kubernetes cluster.
+    enabled: false
+    ##
+    ## @param networkPolicy.egress.blockDNSResolution When enabled, DNS resolution will be blocked
+    ## for all pods in the grafana namespace.
+    blockDNSResolution: false
+    ##
+    ## @param networkPolicy.egress.ports Add individual ports to be allowed by the egress
+    ports: []
+    ## Add ports to the egress by specifying - port: <port number>
+    ## E.X.
+    ## - port: 80
+    ## - port: 443
+    ##
+    ## @param networkPolicy.egress.to Allow egress traffic to specific destinations
+    to: []
+    ## Add destinations to the egress by specifying - ipBlock: <CIDR>
+    ## E.X.
+    ## to:
+    ##  - namespaceSelector:
+    ##    matchExpressions:
+  ##    - {key: role, operator: In, values: [grafana]}
+  ##
+  ##
+  ##
+  ##
+  ##
+
+# Enable backward compatibility of kubernetes where version below 1.13 doesn't have the enableServiceLinks option
+enableKubeBackwardCompatibility: false
+useStatefulSet: false
+# Create a dynamic manifests via values:
+extraObjects: []
+  # - apiVersion: "kubernetes-client.io/v1"
+  #   kind: ExternalSecret
+  #   metadata:
+  #     name: grafana-secrets
+  #   spec:
+  #     backendType: gcpSecretsManager
+  #     data:
+  #       - key: grafana-admin-password
+  #         name: adminPassword
+
+# assertNoLeakedSecrets is a helper function defined in _helpers.tpl that checks if secret
+# values are not exposed in the rendered grafana.ini configmap. It is enabled by default.
+#
+# To pass values into grafana.ini without exposing them in a configmap, use variable expansion:
+# https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#variable-expansion
+#
+# Alternatively, if you wish to allow secret values to be exposed in the rendered grafana.ini configmap,
+# you can disable this check by setting assertNoLeakedSecrets to false.
+assertNoLeakedSecrets: true
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/Chart.yaml
new file mode 100644
index 0000000000..c81bc0093f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: hardenedKubelet
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedKubelet/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/Chart.yaml
new file mode 100644
index 0000000000..1efee00e2f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: hardenedNodeExporter
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/hardenedNodeExporter/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/Chart.yaml
new file mode 100644
index 0000000000..725e8f31b0
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: k3sServer
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/k3sServer/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/.helmignore
new file mode 100644
index 0000000000..f0c1319444
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/Chart.yaml
new file mode 100644
index 0000000000..002a6a180d
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/Chart.yaml
@@ -0,0 +1,32 @@
+annotations:
+  artifacthub.io/license: Apache-2.0
+  artifacthub.io/links: |
+    - name: Chart Source
+      url: https://github.com/prometheus-community/helm-charts
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-kube-state-metrics
+apiVersion: v2
+appVersion: 2.10.1
+description: Install kube-state-metrics to generate and expose cluster-level metrics
+home: https://github.com/kubernetes/kube-state-metrics/
+keywords:
+- metric
+- monitoring
+- prometheus
+- kubernetes
+maintainers:
+- email: tariq.ibrahim@mulesoft.com
+  name: tariq1890
+- email: manuel@rueg.eu
+  name: mrueg
+- email: david@0xdc.me
+  name: dotdc
+name: kube-state-metrics
+sources:
+- https://github.com/kubernetes/kube-state-metrics/
+type: application
+version: 5.16.4
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/README.md
new file mode 100644
index 0000000000..843be89e69
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/README.md
@@ -0,0 +1,85 @@
+# kube-state-metrics Helm Chart
+
+Installs the [kube-state-metrics agent](https://github.com/kubernetes/kube-state-metrics).
+
+## Get Repository Info
+<!-- textlint-disable -->
+```console
+helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+helm repo update
+```
+
+_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+<!-- textlint-enable -->
+
+## Install Chart
+
+```console
+helm install [RELEASE_NAME] prometheus-community/kube-state-metrics [flags]
+```
+
+_See [configuration](#configuration) below._
+
+_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
+
+## Uninstall Chart
+
+```console
+helm uninstall [RELEASE_NAME]
+```
+
+This removes all the Kubernetes components associated with the chart and deletes the release.
+
+_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
+
+## Upgrading Chart
+
+```console
+helm upgrade [RELEASE_NAME] prometheus-community/kube-state-metrics [flags]
+```
+
+_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
+
+### Migrating from stable/kube-state-metrics and kubernetes/kube-state-metrics
+
+You can upgrade in-place:
+
+1. [get repository info](#get-repository-info)
+1. [upgrade](#upgrading-chart) your existing release name using the new chart repository
+
+## Upgrading to v3.0.0
+
+v3.0.0 includes kube-state-metrics v2.0, see the [changelog](https://github.com/kubernetes/kube-state-metrics/blob/release-2.0/CHANGELOG.md) for major changes on the application-side.
+
+The upgraded chart now the following changes:
+
+* Dropped support for helm v2 (helm v3 or later is required)
+* collectors key was renamed to resources
+* namespace key was renamed to namespaces
+
+## Configuration
+
+See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments:
+
+```console
+helm show values prometheus-community/kube-state-metrics
+```
+
+### kube-rbac-proxy
+
+You can enable `kube-state-metrics` endpoint protection using `kube-rbac-proxy`. By setting `kubeRBACProxy.enabled: true`, this chart will deploy one RBAC proxy container per endpoint (metrics & telemetry).
+To authorize access, authenticate your requests (via a `ServiceAccount` for example) with a `ClusterRole` attached such as:
+
+```yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: kube-state-metrics-read
+rules:
+  - apiGroups: [ "" ]
+    resources: ["services/kube-state-metrics"]
+    verbs:
+      - get
+```
+
+See [kube-rbac-proxy examples](https://github.com/brancz/kube-rbac-proxy/tree/master/examples/resource-attributes) for more details.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/NOTES.txt b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/NOTES.txt
new file mode 100644
index 0000000000..3589c24ec3
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/NOTES.txt
@@ -0,0 +1,23 @@
+kube-state-metrics is a simple service that listens to the Kubernetes API server and generates metrics about the state of the objects.
+The exposed metrics can be found here:
+https://github.com/kubernetes/kube-state-metrics/blob/master/docs/README.md#exposed-metrics
+
+The metrics are exported on the HTTP endpoint /metrics on the listening port.
+In your case, {{ template "kube-state-metrics.fullname" . }}.{{ template "kube-state-metrics.namespace" . }}.svc.cluster.local:{{ .Values.service.port }}/metrics
+
+They are served either as plaintext or protobuf depending on the Accept header.
+They are designed to be consumed either by Prometheus itself or by a scraper that is compatible with scraping a Prometheus client endpoint.
+
+{{- if .Values.kubeRBACProxy.enabled}}
+
+kube-rbac-proxy endpoint protections is enabled:
+- Metrics endpoints are now HTTPS
+- Ensure that the client authenticates the requests (e.g. via service account) with the following role permissions:
+```
+rules:
+  - apiGroups: [ "" ]
+    resources: ["services/{{ template "kube-state-metrics.fullname" . }}"]
+    verbs:
+      - get
+```
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/_helpers.tpl
new file mode 100644
index 0000000000..ed277fbb53
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/_helpers.tpl
@@ -0,0 +1,196 @@
+# Rancher
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "monitoring_registry" -}}
+  {{- $temp_registry := (include "system_default_registry" .) -}}
+  {{- if $temp_registry -}}
+    {{- trimSuffix "/" $temp_registry -}}
+  {{- else -}}
+    {{- .Values.global.imageRegistry -}}
+  {{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "kube-state-metrics.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "kube-state-metrics.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "kube-state-metrics.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+    {{ default (include "kube-state-metrics.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Allow the release namespace to be overridden for multi-namespace deployments in combined charts
+*/}}
+{{- define "kube-state-metrics.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "kube-state-metrics.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Generate basic labels
+*/}}
+{{- define "kube-state-metrics.labels" }}
+helm.sh/chart: {{ template "kube-state-metrics.chart" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/component: metrics
+app.kubernetes.io/part-of: {{ template "kube-state-metrics.name" . }}
+{{- include "kube-state-metrics.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+{{- if .Values.customLabels }}
+{{ toYaml .Values.customLabels }}
+{{- end }}
+{{- if .Values.releaseLabel }}
+release: {{ .Release.Name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "kube-state-metrics.selectorLabels" }}
+{{- if .Values.selectorOverride }}
+{{ toYaml .Values.selectorOverride }}
+{{- else }}
+app.kubernetes.io/name: {{ include "kube-state-metrics.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+{{- end }}
+
+{{/* Sets default scrape limits for servicemonitor */}}
+{{- define "servicemonitor.scrapeLimits" -}}
+{{- with .sampleLimit }}
+sampleLimit: {{ . }}
+{{- end }}
+{{- with .targetLimit }}
+targetLimit: {{ . }}
+{{- end }}
+{{- with .labelLimit }}
+labelLimit: {{ . }}
+{{- end }}
+{{- with .labelNameLengthLimit }}
+labelNameLengthLimit: {{ . }}
+{{- end }}
+{{- with .labelValueLengthLimit }}
+labelValueLengthLimit: {{ . }}
+{{- end }}
+{{- end -}}
+
+{{/*
+Formats imagePullSecrets. Input is (dict "Values" .Values "imagePullSecrets" .{specific imagePullSecrets})
+*/}}
+{{- define "kube-state-metrics.imagePullSecrets" -}}
+{{- range (concat .Values.global.imagePullSecrets .imagePullSecrets) }}
+  {{- if eq (typeOf .) "map[string]interface {}" }}
+- {{ toYaml . | trim }}
+  {{- else }}
+- name: {{ . }}
+  {{- end }}
+{{- end }}
+{{- end -}}
+
+{{/*
+The image to use for kube-state-metrics
+*/}}
+{{- define "kube-state-metrics.image" -}}
+{{- $registry := (include "monitoring_registry" .) }}
+{{- if .Values.image.sha }}
+{{- if $registry }}
+{{- printf "%s/%s:%s@%s" $registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.sha }}
+{{- else }}
+{{- printf "%s/%s:%s@%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.sha }}
+{{- end }}
+{{- else }}
+{{- if $registry }}
+{{- printf "%s/%s:%s" $registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }}
+{{- else }}
+{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+The image to use for kubeRBACProxy
+*/}}
+{{- define "kubeRBACProxy.image" -}}
+{{- $registry := (include "monitoring_registry" .) }}
+{{- if .Values.kubeRBACProxy.image.sha }}
+{{- if $registry }}
+{{- printf "%s/%s:%s@%s" $registry .Values.kubeRBACProxy.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.kubeRBACProxy.image.tag) .Values.kubeRBACProxy.image.sha }}
+{{- else }}
+{{- printf "%s/%s:%s@%s" .Values.kubeRBACProxy.image.registry .Values.kubeRBACProxy.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.kubeRBACProxy.image.tag) .Values.kubeRBACProxy.image.sha }}
+{{- end }}
+{{- else }}
+{{- if $registry }}
+{{- printf "%s/%s:%s" $registry .Values.kubeRBACProxy.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.kubeRBACProxy.image.tag) }}
+{{- else }}
+{{- printf "%s/%s:%s" .Values.kubeRBACProxy.image.registry .Values.kubeRBACProxy.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.kubeRBACProxy.image.tag) }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/ciliumnetworkpolicy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/ciliumnetworkpolicy.yaml
new file mode 100644
index 0000000000..025cd47a88
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/ciliumnetworkpolicy.yaml
@@ -0,0 +1,33 @@
+{{- if and .Values.networkPolicy.enabled (eq .Values.networkPolicy.flavor "cilium") }}
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  {{- if .Values.annotations }}
+  annotations:
+    {{ toYaml .Values.annotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  name: {{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+spec:
+  endpointSelector:
+    matchLabels:
+      {{- include "kube-state-metrics.selectorLabels" . | indent 6 }}
+  egress:
+    {{- if and .Values.networkPolicy.cilium .Values.networkPolicy.cilium.kubeApiServerSelector }}
+      {{ toYaml .Values.networkPolicy.cilium.kubeApiServerSelector | nindent 6 }}
+    {{- else }}
+    - toEntities:
+      - kube-apiserver
+    {{- end }}
+  ingress:
+  - toPorts:
+    - ports:
+      - port: {{ .Values.service.port | quote }}
+        protocol: TCP
+      {{- if .Values.selfMonitor.enabled }}
+      - port: {{ .Values.selfMonitor.telemetryPort | default 8081 | quote }}
+        protocol: TCP
+      {{ end }}
+{{ end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/clusterrolebinding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000000..cf9f628d04
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/clusterrolebinding.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.rbac.create .Values.rbac.useClusterRole -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  name: {{ template "kube-state-metrics.fullname" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+{{- if .Values.rbac.useExistingRole }}
+  name: {{ .Values.rbac.useExistingRole }}
+{{- else }}
+  name: {{ template "kube-state-metrics.fullname" . }}
+{{- end }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "kube-state-metrics.serviceAccountName" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/crs-configmap.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/crs-configmap.yaml
new file mode 100644
index 0000000000..d38a75a51d
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/crs-configmap.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.customResourceState.enabled}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}-customresourcestate-config
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  {{- if .Values.annotations }}
+  annotations:
+    {{ toYaml .Values.annotations | nindent 4 }}
+  {{- end }}
+data:
+  config.yaml: |
+    {{- toYaml .Values.customResourceState.config | nindent 4 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/deployment.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/deployment.yaml
new file mode 100644
index 0000000000..03158eb948
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/deployment.yaml
@@ -0,0 +1,314 @@
+apiVersion: apps/v1
+{{- if .Values.autosharding.enabled }}
+kind: StatefulSet
+{{- else }}
+kind: Deployment
+{{- end }}
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  {{- if .Values.annotations }}
+  annotations:
+{{ toYaml .Values.annotations | indent 4 }}
+  {{- end }}
+spec:
+  selector:
+    matchLabels:
+      {{- include "kube-state-metrics.selectorLabels" . | indent 6 }}
+  replicas: {{ .Values.replicas }}
+  {{- if not .Values.autosharding.enabled }}
+  strategy:
+    type: {{ .Values.updateStrategy | default "RollingUpdate" }}
+  {{- end }}
+  revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
+  {{- if .Values.autosharding.enabled }}
+  serviceName: {{ template "kube-state-metrics.fullname" . }}
+  volumeClaimTemplates: []
+  {{- end }}
+  template:
+    metadata:
+      labels:
+        {{- include "kube-state-metrics.labels" . | indent 8 }}
+      {{- if .Values.podAnnotations }}
+      annotations:
+{{ toYaml .Values.podAnnotations | indent 8 }}
+      {{- end }}
+    spec:
+      hostNetwork: {{ .Values.hostNetwork }}
+      serviceAccountName: {{ template "kube-state-metrics.serviceAccountName" . }}
+      {{- if .Values.securityContext.enabled }}
+      securityContext: {{- omit .Values.securityContext "enabled" | toYaml | nindent 8 }}
+      {{- end }}
+    {{- if .Values.priorityClassName }}
+      priorityClassName: {{ .Values.priorityClassName }}
+    {{- end }}
+      {{- with .Values.initContainers }}
+      initContainers:
+      {{- toYaml . | nindent 6 }}
+      {{- end }}
+      containers:
+      {{- $servicePort := ternary 9090 (.Values.service.port | default 8080) .Values.kubeRBACProxy.enabled}}
+      {{- $telemetryPort := ternary 9091 (.Values.selfMonitor.telemetryPort | default 8081) .Values.kubeRBACProxy.enabled}}
+      - name: {{ template "kube-state-metrics.name" . }}
+        {{- if  .Values.autosharding.enabled }}
+        env:
+        - name: POD_NAME
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.name
+        - name: POD_NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        {{- end }}
+        args:
+        {{-  if .Values.extraArgs  }}
+        {{- .Values.extraArgs | toYaml | nindent 8 }}
+        {{-  end  }}
+        - --port={{ $servicePort }}
+        {{-  if .Values.collectors  }}
+        - --resources={{ .Values.collectors | join "," }}
+        {{-  end  }}
+        {{- if .Values.metricLabelsAllowlist }}
+        - --metric-labels-allowlist={{ .Values.metricLabelsAllowlist | join "," }}
+        {{- end }}
+        {{- if .Values.metricAnnotationsAllowList }}
+        - --metric-annotations-allowlist={{ .Values.metricAnnotationsAllowList | join "," }}
+        {{- end }}
+        {{- if .Values.metricAllowlist }}
+        - --metric-allowlist={{ .Values.metricAllowlist | join "," }}
+        {{- end }}
+        {{- if .Values.metricDenylist }}
+        - --metric-denylist={{ .Values.metricDenylist | join "," }}
+        {{- end }}
+        {{- $namespaces := list }}
+        {{- if .Values.namespaces }}
+        {{- range $ns := join "," .Values.namespaces | split "," }}
+        {{- $namespaces = append $namespaces (tpl $ns $) }}
+        {{- end }}
+        {{- end }}
+        {{- if .Values.releaseNamespace }}
+        {{- $namespaces = append $namespaces ( include "kube-state-metrics.namespace" . ) }}
+        {{- end }}
+        {{- if $namespaces }}
+        - --namespaces={{ $namespaces | mustUniq | join "," }}
+        {{- end }}
+        {{- if .Values.namespacesDenylist }}
+        - --namespaces-denylist={{ tpl (.Values.namespacesDenylist | join ",") $ }}
+        {{- end }}
+        {{- if .Values.autosharding.enabled }}
+        - --pod=$(POD_NAME)
+        - --pod-namespace=$(POD_NAMESPACE)
+        {{- end }}
+        {{- if .Values.kubeconfig.enabled }}
+        - --kubeconfig=/opt/k8s/.kube/config
+        {{- end }}
+        {{- if .Values.kubeRBACProxy.enabled }}
+        - --telemetry-host=127.0.0.1
+        - --telemetry-port={{ $telemetryPort }}
+        {{- else }}
+        {{- if .Values.selfMonitor.telemetryHost }}
+        - --telemetry-host={{ .Values.selfMonitor.telemetryHost }}
+        {{- end }}
+        {{- if .Values.selfMonitor.telemetryPort }}
+        - --telemetry-port={{ $telemetryPort }}
+        {{- end }}
+        {{- end }}
+        {{- if .Values.customResourceState.enabled }}
+        - --custom-resource-state-config-file=/etc/customresourcestate/config.yaml
+        {{- end }}
+        {{- if or (.Values.kubeconfig.enabled) (.Values.customResourceState.enabled) (.Values.volumeMounts) }}
+        volumeMounts:
+        {{- if .Values.kubeconfig.enabled }}
+        - name: kubeconfig
+          mountPath: /opt/k8s/.kube/
+          readOnly: true
+        {{- end }}
+        {{- if .Values.customResourceState.enabled }}
+        - name: customresourcestate-config
+          mountPath: /etc/customresourcestate
+          readOnly: true
+        {{- end }}
+        {{- if .Values.volumeMounts }}
+{{ toYaml .Values.volumeMounts | indent 8 }}
+        {{- end }}
+        {{- end }}
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        image: {{ include "kube-state-metrics.image" . }}
+        {{- if eq .Values.kubeRBACProxy.enabled false }}
+        ports:
+        - containerPort: {{ .Values.service.port | default 8080}}
+          name: "http"
+        {{- if .Values.selfMonitor.enabled }}
+        - containerPort: {{ $telemetryPort }}
+          name: "metrics"
+        {{- end }}
+        {{- end }}
+        livenessProbe:
+          failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+          httpGet:
+            {{- if .Values.hostNetwork }}
+            host: 127.0.0.1
+            {{- end }}
+            httpHeaders:
+            {{- range $_, $header := .Values.livenessProbe.httpGet.httpHeaders }}
+            - name: {{ $header.name }}
+              value: {{ $header.value }}
+            {{- end }}
+            path: /healthz
+            port: {{ $servicePort }}
+            scheme: {{ upper .Values.livenessProbe.httpGet.scheme }}
+          initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+          successThreshold: {{ .Values.livenessProbe.successThreshold }}
+          timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
+        readinessProbe:
+          failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+          httpGet:
+            {{- if .Values.hostNetwork }}
+            host: 127.0.0.1
+            {{- end }}
+            httpHeaders:
+            {{- range $_, $header := .Values.readinessProbe.httpGet.httpHeaders }}
+            - name: {{ $header.name }}
+              value: {{ $header.value }}
+            {{- end }}
+            path: /
+            port: {{ $servicePort }}
+            scheme: {{ upper .Values.readinessProbe.httpGet.scheme }}
+          initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+          successThreshold: {{ .Values.readinessProbe.successThreshold }}
+          timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
+        {{- if .Values.resources }}
+        resources:
+{{ toYaml .Values.resources | indent 10 }}
+{{- end }}
+{{- if .Values.containerSecurityContext }}
+        securityContext:
+{{ toYaml .Values.containerSecurityContext | indent 10 }}
+{{- end }}
+        {{-  if .Values.kubeRBACProxy.enabled  }}
+      - name: kube-rbac-proxy-http
+        args:
+        {{-  if .Values.kubeRBACProxy.extraArgs  }}
+        {{- .Values.kubeRBACProxy.extraArgs | toYaml | nindent 8 }}
+        {{-  end  }}
+        - --secure-listen-address=:{{ .Values.service.port | default 8080}}
+        - --upstream=http://127.0.0.1:{{ $servicePort }}/
+        - --proxy-endpoints-port=8888
+        - --config-file=/etc/kube-rbac-proxy-config/config-file.yaml
+        volumeMounts:
+          - name: kube-rbac-proxy-config
+            mountPath: /etc/kube-rbac-proxy-config
+          {{- with .Values.kubeRBACProxy.volumeMounts }}
+          {{- toYaml . | nindent 10 }}
+          {{- end }}
+        imagePullPolicy: {{ .Values.kubeRBACProxy.image.pullPolicy }}
+        image: {{ include "kubeRBACProxy.image" . }}
+        ports:
+          - containerPort: {{ .Values.service.port | default 8080}}
+            name: "http"
+          - containerPort: 8888
+            name: "http-healthz"
+        readinessProbe:
+          httpGet:
+            scheme: HTTPS
+            port: 8888
+            path: healthz
+          initialDelaySeconds: 5
+          timeoutSeconds: 5
+        {{- if .Values.kubeRBACProxy.resources }}
+        resources:
+{{ toYaml .Values.kubeRBACProxy.resources | indent 10 }}
+{{- end }}
+{{- if .Values.kubeRBACProxy.containerSecurityContext }}
+        securityContext:
+{{ toYaml .Values.kubeRBACProxy.containerSecurityContext | indent 10 }}
+{{- end }}
+      {{-  if .Values.selfMonitor.enabled  }}
+      - name: kube-rbac-proxy-telemetry
+        args:
+        {{-  if .Values.kubeRBACProxy.extraArgs  }}
+        {{- .Values.kubeRBACProxy.extraArgs | toYaml | nindent 8 }}
+        {{-  end  }}
+        - --secure-listen-address=:{{ .Values.selfMonitor.telemetryPort | default 8081 }}
+        - --upstream=http://127.0.0.1:{{ $telemetryPort }}/
+        - --proxy-endpoints-port=8889
+        - --config-file=/etc/kube-rbac-proxy-config/config-file.yaml
+        volumeMounts:
+          - name: kube-rbac-proxy-config
+            mountPath: /etc/kube-rbac-proxy-config
+          {{- with .Values.kubeRBACProxy.volumeMounts }}
+          {{- toYaml . | nindent 10 }}
+          {{- end }}
+        imagePullPolicy: {{ .Values.kubeRBACProxy.image.pullPolicy }}
+        image: {{ include "kubeRBACProxy.image" . }}
+        ports:
+          - containerPort: {{ .Values.selfMonitor.telemetryPort | default 8081 }}
+            name: "metrics"
+          - containerPort: 8889
+            name: "metrics-healthz"
+        readinessProbe:
+          httpGet:
+            scheme: HTTPS
+            port: 8889
+            path: healthz
+          initialDelaySeconds: 5
+          timeoutSeconds: 5
+        {{- if .Values.kubeRBACProxy.resources }}
+        resources:
+{{ toYaml .Values.kubeRBACProxy.resources | indent 10 }}
+{{- end }}
+{{- if .Values.kubeRBACProxy.containerSecurityContext }}
+        securityContext:
+{{ toYaml .Values.kubeRBACProxy.containerSecurityContext | indent 10 }}
+{{- end }}
+      {{- end }}
+      {{- end }}
+      {{- with .Values.containers }}
+      {{- toYaml . | nindent 6 }}
+      {{- end }}
+{{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }}
+      imagePullSecrets:
+        {{- include "kube-state-metrics.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.imagePullSecrets) | indent 8 }}
+      {{- end }}
+      {{- if .Values.affinity }}
+      affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      {{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+      {{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+      {{- end }}
+      {{- if .Values.topologySpreadConstraints }}
+      topologySpreadConstraints:
+{{ toYaml .Values.topologySpreadConstraints | indent 8 }}
+      {{- end }}
+      {{- if or (.Values.kubeconfig.enabled) (.Values.customResourceState.enabled) (.Values.volumes) (.Values.kubeRBACProxy.enabled) }}
+      volumes:
+      {{- if .Values.kubeconfig.enabled}}
+        - name: kubeconfig
+          secret:
+            secretName: {{ template "kube-state-metrics.fullname" . }}-kubeconfig
+      {{- end }}
+      {{- if .Values.kubeRBACProxy.enabled}}
+        - name: kube-rbac-proxy-config
+          configMap:
+            name: {{ template "kube-state-metrics.fullname" . }}-rbac-config
+      {{- end }}
+      {{- if .Values.customResourceState.enabled}}
+        - name: customresourcestate-config
+          configMap:
+            name: {{ template "kube-state-metrics.fullname" . }}-customresourcestate-config
+      {{- end }}
+      {{- if .Values.volumes }}
+{{ toYaml .Values.volumes | indent 8 }}
+      {{- end }}
+      {{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/extra-manifests.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/extra-manifests.yaml
new file mode 100644
index 0000000000..567f7bf329
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/extra-manifests.yaml
@@ -0,0 +1,4 @@
+{{ range .Values.extraManifests }}
+---
+{{ tpl (toYaml .) $ }}
+{{ end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/kubeconfig-secret.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/kubeconfig-secret.yaml
new file mode 100644
index 0000000000..6af0084502
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/kubeconfig-secret.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.kubeconfig.enabled -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}-kubeconfig
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+type: Opaque
+data:
+  config: '{{ .Values.kubeconfig.secret }}'
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/networkpolicy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/networkpolicy.yaml
new file mode 100644
index 0000000000..309b38ec54
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/networkpolicy.yaml
@@ -0,0 +1,43 @@
+{{- if and .Values.networkPolicy.enabled (eq .Values.networkPolicy.flavor "kubernetes") }}
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  {{- if .Values.annotations }}
+  annotations:
+    {{ toYaml .Values.annotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  name: {{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+spec:
+  {{- if .Values.networkPolicy.egress }}
+  ## Deny all egress by default
+  egress:
+    {{- toYaml .Values.networkPolicy.egress | nindent 4 }}
+  {{- end }}
+  ingress:
+  {{- if .Values.networkPolicy.ingress }}
+    {{- toYaml .Values.networkPolicy.ingress | nindent 4 }}
+  {{- else }}
+    ## Allow ingress on default ports by default
+  - ports:
+    - port: {{ .Values.service.port | default 8080 }}
+      protocol: TCP
+    {{- if .Values.selfMonitor.enabled }}
+    {{- $telemetryPort := ternary 9091 (.Values.selfMonitor.telemetryPort | default 8081) .Values.kubeRBACProxy.enabled}}
+    - port: {{ $telemetryPort }}
+      protocol: TCP
+    {{- end }}
+  {{- end }}
+  podSelector:
+    {{- if .Values.networkPolicy.podSelector }}
+    {{- toYaml .Values.networkPolicy.podSelector | nindent 4 }}
+    {{- else }}
+    matchLabels:
+      {{- include "kube-state-metrics.selectorLabels" . | indent 6 }}
+    {{- end }}
+  policyTypes:
+    - Ingress
+    - Egress
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/pdb.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/pdb.yaml
new file mode 100644
index 0000000000..3771b511de
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/pdb.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.podDisruptionBudget -}}
+{{ if $.Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" -}}
+apiVersion: policy/v1
+{{- else -}}
+apiVersion: policy/v1beta1
+{{- end }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }}
+{{ toYaml .Values.podDisruptionBudget | indent 2 }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/podsecuritypolicy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/podsecuritypolicy.yaml
new file mode 100644
index 0000000000..d9d944d740
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/podsecuritypolicy.yaml
@@ -0,0 +1,39 @@
+{{- if and .Values.rbac.create (and (or .Values.global.cattle.psp.enabled .Values.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy")) }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+{{- if .Values.podSecurityPolicy.annotations }}
+  annotations:
+{{ toYaml .Values.podSecurityPolicy.annotations | indent 4 }}
+{{- end }}
+spec:
+  privileged: false
+  volumes:
+    - 'secret'
+{{- if .Values.podSecurityPolicy.additionalVolumes }}
+{{ toYaml .Values.podSecurityPolicy.additionalVolumes | indent 4 }}
+{{- end }}
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      # Forbid adding the root group.
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      # Forbid adding the root group.
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/psp-clusterrole.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/psp-clusterrole.yaml
new file mode 100644
index 0000000000..c69e01a716
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/psp-clusterrole.yaml
@@ -0,0 +1,19 @@
+{{- if and .Values.rbac.create (and (or .Values.global.cattle.psp.enabled .Values.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy")) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  name: psp-{{ template "kube-state-metrics.fullname" . }}
+rules:
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }}
+- apiGroups: ['policy']
+{{- else }}
+- apiGroups: ['extensions']
+{{- end }}
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "kube-state-metrics.fullname" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/psp-clusterrolebinding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/psp-clusterrolebinding.yaml
new file mode 100644
index 0000000000..df81c49028
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/psp-clusterrolebinding.yaml
@@ -0,0 +1,16 @@
+{{- if and .Values.rbac.create (and (or .Values.global.cattle.psp.enabled .Values.podSecurityPolicy.enabled) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy")) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  name: psp-{{ template "kube-state-metrics.fullname" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: psp-{{ template "kube-state-metrics.fullname" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-state-metrics.serviceAccountName" . }}
+    namespace: {{ template "kube-state-metrics.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/rbac-configmap.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/rbac-configmap.yaml
new file mode 100644
index 0000000000..671dc9d660
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/rbac-configmap.yaml
@@ -0,0 +1,22 @@
+{{- if .Values.kubeRBACProxy.enabled}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}-rbac-config
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  {{- if .Values.annotations }}
+  annotations:
+    {{ toYaml .Values.annotations | nindent 4 }}
+  {{- end }}
+data:
+  config-file.yaml: |+
+    authorization:
+      resourceAttributes:
+        namespace: {{ template "kube-state-metrics.namespace" . }}
+        apiVersion: v1
+        resource: services
+        subresource: {{ template "kube-state-metrics.fullname" . }}
+        name: {{ template "kube-state-metrics.fullname" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/role.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/role.yaml
new file mode 100644
index 0000000000..0170878376
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/role.yaml
@@ -0,0 +1,215 @@
+{{- if not (kindIs "slice" .Values.collectors) }}
+{{- fail "Collectors need to be a List since kube-state-metrics chart 3.2.2. Please check README for more information."}}
+{{- end }}
+{{- if and (eq .Values.rbac.create true) (not .Values.rbac.useExistingRole) -}}
+{{- range (ternary (join "," .Values.namespaces | split "," ) (list "") (eq $.Values.rbac.useClusterRole false)) }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+{{- if eq $.Values.rbac.useClusterRole false }}
+kind: Role
+{{- else }}
+kind: ClusterRole
+{{- end }}
+metadata:
+  labels:
+    {{- include "kube-state-metrics.labels" $ | indent 4 }}
+  name: {{ template "kube-state-metrics.fullname" $ }}
+{{- if eq $.Values.rbac.useClusterRole false }}
+  namespace: {{ . }}
+{{- end }}
+rules:
+{{ if has "certificatesigningrequests" $.Values.collectors }}
+- apiGroups: ["certificates.k8s.io"]
+  resources:
+  - certificatesigningrequests
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "configmaps" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - configmaps
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "cronjobs" $.Values.collectors }}
+- apiGroups: ["batch"]
+  resources:
+  - cronjobs
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "daemonsets" $.Values.collectors }}
+- apiGroups: ["extensions", "apps"]
+  resources:
+  - daemonsets
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "deployments" $.Values.collectors }}
+- apiGroups: ["extensions", "apps"]
+  resources:
+  - deployments
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "endpoints" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - endpoints
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "endpointslices" $.Values.collectors }}
+- apiGroups: ["discovery.k8s.io"]
+  resources:
+  - endpointslices
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "horizontalpodautoscalers" $.Values.collectors }}
+- apiGroups: ["autoscaling"]
+  resources:
+  - horizontalpodautoscalers
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "ingresses" $.Values.collectors }}
+- apiGroups: ["extensions", "networking.k8s.io"]
+  resources:
+  - ingresses
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "jobs" $.Values.collectors }}
+- apiGroups: ["batch"]
+  resources:
+  - jobs
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "leases" $.Values.collectors }}
+- apiGroups: ["coordination.k8s.io"]
+  resources:
+  - leases
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "limitranges" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - limitranges
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "mutatingwebhookconfigurations" $.Values.collectors }}
+- apiGroups: ["admissionregistration.k8s.io"]
+  resources:
+    - mutatingwebhookconfigurations
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "namespaces" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - namespaces
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "networkpolicies" $.Values.collectors }}
+- apiGroups: ["networking.k8s.io"]
+  resources:
+  - networkpolicies
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "nodes" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - nodes
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "persistentvolumeclaims" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - persistentvolumeclaims
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "persistentvolumes" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - persistentvolumes
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "poddisruptionbudgets" $.Values.collectors }}
+- apiGroups: ["policy"]
+  resources:
+    - poddisruptionbudgets
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "pods" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - pods
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "replicasets" $.Values.collectors }}
+- apiGroups: ["extensions", "apps"]
+  resources:
+  - replicasets
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "replicationcontrollers" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - replicationcontrollers
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "resourcequotas" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - resourcequotas
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "secrets" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - secrets
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "services" $.Values.collectors }}
+- apiGroups: [""]
+  resources:
+  - services
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "statefulsets" $.Values.collectors }}
+- apiGroups: ["apps"]
+  resources:
+  - statefulsets
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "storageclasses" $.Values.collectors }}
+- apiGroups: ["storage.k8s.io"]
+  resources:
+    - storageclasses
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "validatingwebhookconfigurations" $.Values.collectors }}
+- apiGroups: ["admissionregistration.k8s.io"]
+  resources:
+    - validatingwebhookconfigurations
+  verbs: ["list", "watch"]
+{{ end -}}
+{{ if has "volumeattachments" $.Values.collectors }}
+- apiGroups: ["storage.k8s.io"]
+  resources:
+    - volumeattachments
+  verbs: ["list", "watch"]
+{{ end -}}
+{{-  if $.Values.kubeRBACProxy.enabled  }}
+- apiGroups: ["authentication.k8s.io"]
+  resources:
+    - tokenreviews
+  verbs: ["create"]
+- apiGroups: ["authorization.k8s.io"]
+  resources:
+    - subjectaccessreviews
+  verbs: ["create"]
+{{- end }}
+{{- if $.Values.customResourceState.enabled }}
+- apiGroups: ["apiextensions.k8s.io"]
+  resources:
+    - customresourcedefinitions
+  verbs: ["list", "watch"]
+{{- end }}
+{{ if $.Values.rbac.extraRules }}
+{{ toYaml $.Values.rbac.extraRules }}
+{{ end }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/rolebinding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/rolebinding.yaml
new file mode 100644
index 0000000000..330651b73f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/rolebinding.yaml
@@ -0,0 +1,24 @@
+{{- if and (eq  .Values.rbac.create true) (eq .Values.rbac.useClusterRole false) -}}
+{{- range (join "," $.Values.namespaces) | split "," }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  labels:
+    {{- include "kube-state-metrics.labels" $ | indent 4 }}
+  name: {{ template "kube-state-metrics.fullname" $ }}
+  namespace: {{ . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+{{- if (not $.Values.rbac.useExistingRole) }}
+  name: {{ template "kube-state-metrics.fullname" $ }}
+{{- else }}
+  name: {{ $.Values.rbac.useExistingRole }}
+{{- end }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "kube-state-metrics.serviceAccountName" $ }}
+  namespace: {{ template "kube-state-metrics.namespace" $ }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/service.yaml
new file mode 100644
index 0000000000..6c486a662a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/service.yaml
@@ -0,0 +1,49 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  annotations:
+    {{- if .Values.prometheusScrape }}
+    prometheus.io/scrape: '{{ .Values.prometheusScrape }}'
+    {{- end }}
+    {{- if .Values.service.annotations }}
+    {{- toYaml .Values.service.annotations | nindent 4 }}
+    {{- end }}
+spec:
+  type: "{{ .Values.service.type }}"
+  ports:
+  - name: "http"
+    protocol: TCP
+    port: {{ .Values.service.port | default 8080}}
+  {{- if .Values.service.nodePort }}
+    nodePort: {{ .Values.service.nodePort }}
+  {{- end }}
+    targetPort: {{ .Values.service.port | default 8080}}
+  {{ if .Values.selfMonitor.enabled }}
+  - name: "metrics"
+    protocol: TCP
+    port: {{ .Values.selfMonitor.telemetryPort | default 8081 }}
+    targetPort: {{ .Values.selfMonitor.telemetryPort | default 8081 }}
+  {{- if .Values.selfMonitor.telemetryNodePort }}
+    nodePort: {{ .Values.selfMonitor.telemetryNodePort }}
+  {{- end }}
+  {{ end }}
+{{- if .Values.service.loadBalancerIP }}
+  loadBalancerIP: "{{ .Values.service.loadBalancerIP }}"
+{{- end }}
+{{- if .Values.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range $cidr := .Values.service.loadBalancerSourceRanges }}
+    - {{ $cidr }}
+  {{- end }}
+{{- end }}
+{{- if .Values.autosharding.enabled }}
+  clusterIP: None
+{{- else if .Values.service.clusterIP }}
+  clusterIP: "{{ .Values.service.clusterIP }}"
+{{- end }}
+  selector:
+    {{- include "kube-state-metrics.selectorLabels" . | indent 4 }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/serviceaccount.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..38a93b31d1
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/serviceaccount.yaml
@@ -0,0 +1,17 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  name: {{ template "kube-state-metrics.serviceAccountName" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+{{- if .Values.serviceAccount.annotations }}
+  annotations:
+{{ toYaml .Values.serviceAccount.annotations | indent 4 }}
+{{- end }}
+{{- if or .Values.serviceAccount.imagePullSecrets .Values.global.imagePullSecrets }}
+imagePullSecrets:
+  {{- include "kube-state-metrics.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.serviceAccount.imagePullSecrets) | indent 2 }}
+{{- end }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/servicemonitor.yaml
new file mode 100644
index 0000000000..01ec44e067
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/servicemonitor.yaml
@@ -0,0 +1,126 @@
+{{- if .Values.prometheus.monitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+  {{- with .Values.prometheus.monitor.additionalLabels }}
+    {{- tpl (toYaml . | nindent 4) $ }}
+  {{- end }}
+  {{- with .Values.prometheus.monitor.annotations }}
+  annotations:
+    {{- tpl (toYaml . | nindent 4) $ }}
+  {{- end }}
+spec:
+  jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.monitor.jobLabel }}
+  {{- with .Values.prometheus.monitor.targetLabels }}
+  targetLabels:
+    {{- toYaml . | trim | nindent 4 }}
+  {{- end }}
+  {{- with .Values.prometheus.monitor.podTargetLabels }}
+  podTargetLabels:
+    {{- toYaml . | trim | nindent 4 }}
+  {{- end }}
+  {{- include "servicemonitor.scrapeLimits" .Values.prometheus.monitor | indent 2 }}
+  {{- if .Values.prometheus.monitor.namespaceSelector }}
+  namespaceSelector:
+    matchNames:
+    {{- with .Values.prometheus.monitor.namespaceSelector }}
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+  {{- end }}
+  selector:
+    matchLabels:
+    {{- with .Values.prometheus.monitor.selectorOverride }}
+      {{- toYaml . | nindent 6 }}
+    {{- else }}
+      {{- include "kube-state-metrics.selectorLabels" . | indent 6 }}
+    {{- end }}
+  endpoints:
+    - port: http
+    {{- if .Values.prometheus.monitor.interval }}
+      interval: {{ .Values.prometheus.monitor.interval }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.scrapeTimeout }}
+      scrapeTimeout: {{ .Values.prometheus.monitor.scrapeTimeout }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.proxyUrl }}
+      proxyUrl: {{ .Values.prometheus.monitor.proxyUrl}}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.enableHttp2 }}
+      enableHttp2: {{ .Values.prometheus.monitor.enableHttp2}}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.honorLabels }}
+      honorLabels: true
+    {{- end }}
+      metricRelabelings:
+      {{- if .Values.prometheus.monitor.metricRelabelings }}
+        {{- toYaml .Values.prometheus.monitor.metricRelabelings | nindent 6 }}
+      {{- end }}
+      {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+      {{- end }}
+      {{ if .Values.global.cattle.clusterName }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.relabelings }}
+      relabelings:
+        {{- toYaml .Values.prometheus.monitor.relabelings | nindent 8 }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.scheme }}
+      scheme: {{ .Values.prometheus.monitor.scheme }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.tlsConfig }}
+      tlsConfig:
+        {{- toYaml .Values.prometheus.monitor.tlsConfig | nindent 8 }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.bearerTokenFile }}
+      bearerTokenFile: {{ .Values.prometheus.monitor.bearerTokenFile }}
+    {{- end }}
+    {{- with .Values.prometheus.monitor.bearerTokenSecret }}
+      bearerTokenSecret:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+  {{- if .Values.selfMonitor.enabled }}
+    - port: metrics
+    {{- if .Values.prometheus.monitor.interval }}
+      interval: {{ .Values.prometheus.monitor.interval }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.scrapeTimeout }}
+      scrapeTimeout: {{ .Values.prometheus.monitor.scrapeTimeout }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.proxyUrl }}
+      proxyUrl: {{ .Values.prometheus.monitor.proxyUrl}}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.enableHttp2 }}
+      enableHttp2: {{ .Values.prometheus.monitor.enableHttp2}}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.honorLabels }}
+      honorLabels: true
+    {{- end }}
+    {{- if .Values.prometheus.monitor.relabelings }}
+      relabelings:
+        {{- toYaml .Values.prometheus.monitor.relabelings | nindent 8 }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.scheme }}
+      scheme: {{ .Values.prometheus.monitor.scheme }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.tlsConfig }}
+      tlsConfig:
+        {{- toYaml .Values.prometheus.monitor.tlsConfig | nindent 8 }}
+    {{- end }}
+    {{- if .Values.prometheus.monitor.bearerTokenFile }}
+      bearerTokenFile: {{ .Values.prometheus.monitor.bearerTokenFile }}
+    {{- end }}
+    {{- with .Values.prometheus.monitor.bearerTokenSecret }}
+      bearerTokenSecret:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/stsdiscovery-role.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/stsdiscovery-role.yaml
new file mode 100644
index 0000000000..489de147c1
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/stsdiscovery-role.yaml
@@ -0,0 +1,26 @@
+{{- if and .Values.autosharding.enabled .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: stsdiscovery-{{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - get
+- apiGroups:
+  - apps
+  resourceNames:
+  - {{ template "kube-state-metrics.fullname" . }}
+  resources:
+  - statefulsets
+  verbs:
+  - get
+  - list
+  - watch
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml
new file mode 100644
index 0000000000..73b37a4f64
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.autosharding.enabled .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: stsdiscovery-{{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: stsdiscovery-{{ template "kube-state-metrics.fullname" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-state-metrics.serviceAccountName" . }}
+    namespace: {{ template "kube-state-metrics.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/verticalpodautoscaler.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/verticalpodautoscaler.yaml
new file mode 100644
index 0000000000..f46305b517
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/templates/verticalpodautoscaler.yaml
@@ -0,0 +1,44 @@
+{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1") (.Values.verticalPodAutoscaler.enabled) }}
+apiVersion: autoscaling.k8s.io/v1
+kind: VerticalPodAutoscaler
+metadata:
+  name: {{ template "kube-state-metrics.fullname" . }}
+  namespace: {{ template "kube-state-metrics.namespace" . }}
+  labels:
+    {{- include "kube-state-metrics.labels" . | indent 4 }}
+spec:
+  {{- with .Values.verticalPodAutoscaler.recommenders }}
+  recommenders:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  resourcePolicy:
+    containerPolicies:
+    - containerName: {{ template "kube-state-metrics.name" . }}
+      {{- with .Values.verticalPodAutoscaler.controlledResources }}
+      controlledResources:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- if .Values.verticalPodAutoscaler.controlledValues }}
+      controlledValues: {{ .Values.verticalPodAutoscaler.controlledValues }}
+      {{- end }}
+      {{- if .Values.verticalPodAutoscaler.maxAllowed }}
+      maxAllowed:
+        {{ toYaml .Values.verticalPodAutoscaler.maxAllowed | nindent 8 }}
+      {{- end }}
+      {{- if .Values.verticalPodAutoscaler.minAllowed }}
+      minAllowed:
+        {{ toYaml .Values.verticalPodAutoscaler.minAllowed | nindent 8 }}
+      {{- end }}
+  targetRef:
+    apiVersion: apps/v1
+    {{- if .Values.autosharding.enabled }}
+    kind: StatefulSet
+    {{- else }}
+    kind: Deployment
+    {{- end }}
+    name:  {{ template "kube-state-metrics.fullname" . }}
+  {{- with .Values.verticalPodAutoscaler.updatePolicy }}
+  updatePolicy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/values.yaml
new file mode 100644
index 0000000000..bc8ee28fda
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kube-state-metrics/values.yaml
@@ -0,0 +1,491 @@
+# Default values for kube-state-metrics.
+prometheusScrape: true
+image:
+  registry: docker.io
+  repository: rancher/mirrored-kube-state-metrics-kube-state-metrics
+  tag: v2.10.1
+  sha: ""
+  pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+# - name: "image-pull-secret"
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+
+  # To help compatibility with other charts which use global.imagePullSecrets.
+  # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style).
+  # global:
+  #   imagePullSecrets:
+  #   - name: pullSecret1
+  #   - name: pullSecret2
+  # or
+  # global:
+  #   imagePullSecrets:
+  #   - pullSecret1
+  #   - pullSecret2
+  imagePullSecrets: []
+  #
+  # Allow parent charts to override registry hostname
+  imageRegistry: ""
+
+# If set to true, this will deploy kube-state-metrics as a StatefulSet and the data
+# will be automatically sharded across <.Values.replicas> pods using the built-in
+# autodiscovery feature: https://github.com/kubernetes/kube-state-metrics#automated-sharding
+# This is an experimental feature and there are no stability guarantees.
+autosharding:
+  enabled: false
+
+replicas: 1
+
+# Change the deployment strategy when autosharding is disabled.
+# ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
+# The default is "RollingUpdate" as per Kubernetes defaults.
+# During a release, 'RollingUpdate' can lead to two running instances for a short period of time while 'Recreate' can create a small gap in data.
+# updateStrategy: Recreate
+
+# Number of old history to retain to allow rollback
+# Default Kubernetes value is set to 10
+revisionHistoryLimit: 10
+
+# List of additional cli arguments to configure kube-state-metrics
+# for example: --enable-gzip-encoding, --log-file, etc.
+# all the possible args can be found here: https://github.com/kubernetes/kube-state-metrics/blob/master/docs/cli-arguments.md
+extraArgs: []
+
+service:
+  port: 8080
+  # Default to clusterIP for backward compatibility
+  type: ClusterIP
+  nodePort: 0
+  loadBalancerIP: ""
+  # Only allow access to the loadBalancerIP from these IPs
+  loadBalancerSourceRanges: []
+  clusterIP: ""
+  annotations: {}
+
+## Additional labels to add to all resources
+customLabels: {}
+  # app: kube-state-metrics
+
+## Override selector labels
+selectorOverride: {}
+
+## set to true to add the release label so scraping of the servicemonitor with kube-prometheus-stack works out of the box
+releaseLabel: false
+
+hostNetwork: false
+
+rbac:
+  # If true, create & use RBAC resources
+  create: true
+
+  # Set to a rolename to use existing role - skipping role creating - but still doing serviceaccount and rolebinding to it, rolename set here.
+  # useExistingRole: your-existing-role
+
+  # If set to false - Run without Cluteradmin privs needed - ONLY works if namespace is also set (if useExistingRole is set this name is used as ClusterRole or Role to bind to)
+  useClusterRole: true
+
+  # Add permissions for CustomResources' apiGroups in Role/ClusterRole. Should be used in conjunction with Custom Resource State Metrics configuration
+  # Example:
+  # - apiGroups: ["monitoring.coreos.com"]
+  #   resources: ["prometheuses"]
+  #   verbs: ["list", "watch"]
+  extraRules: []
+
+# Configure kube-rbac-proxy. When enabled, creates one kube-rbac-proxy container per exposed HTTP endpoint (metrics and telemetry if enabled).
+# The requests are served through the same service but requests are then HTTPS.
+kubeRBACProxy:
+  enabled: false
+  image:
+    repository: rancher/mirrored-kube-rbac-proxy
+    tag: v0.14.0
+    sha: ""
+    pullPolicy: IfNotPresent
+
+  # List of additional cli arguments to configure kube-rbac-prxy
+  # for example: --tls-cipher-suites, --log-file, etc.
+  # all the possible args can be found here: https://github.com/brancz/kube-rbac-proxy#usage
+  extraArgs: []
+
+  ## Specify security settings for a Container
+  ## Allows overrides and additional options compared to (Pod) securityContext
+  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
+  containerSecurityContext:
+    readOnlyRootFilesystem: true
+    allowPrivilegeEscalation: false
+    capabilities:
+      drop:
+      - ALL
+
+  resources: {}
+    # We usually recommend not to specify default resources and to leave this as a conscious
+    # choice for the user. This also increases chances charts run on environments with little
+    # resources, such as Minikube. If you do want to specify resources, uncomment the following
+    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+    # limits:
+    #  cpu: 100m
+    #  memory: 64Mi
+    # requests:
+    #  cpu: 10m
+    #  memory: 32Mi
+
+  ## volumeMounts enables mounting custom volumes in rbac-proxy containers
+  ## Useful for TLS certificates and keys
+  volumeMounts: []
+    # - mountPath: /etc/tls
+    #   name: kube-rbac-proxy-tls
+    #   readOnly: true
+
+serviceAccount:
+  # Specifies whether a ServiceAccount should be created, require rbac true
+  create: true
+  # The name of the ServiceAccount to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name:
+  # Reference to one or more secrets to be used when pulling images
+  # ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+  imagePullSecrets: []
+  # ServiceAccount annotations.
+  # Use case: AWS EKS IAM roles for service accounts
+  # ref: https://docs.aws.amazon.com/eks/latest/userguide/specify-service-account-role.html
+  annotations: {}
+
+prometheus:
+  monitor:
+    enabled: false
+    annotations: {}
+    additionalLabels: {}
+    namespace: ""
+    namespaceSelector: []
+    jobLabel: ""
+    targetLabels: []
+    podTargetLabels: []
+    interval: ""
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+    scrapeTimeout: ""
+    proxyUrl: ""
+    ## Whether to enable HTTP2 for servicemonitor
+    # enableHttp2: false
+    selectorOverride: {}
+    honorLabels: false
+    metricRelabelings: []
+    relabelings: []
+    scheme: ""
+    ## File to read bearer token for scraping targets
+    bearerTokenFile: ""
+    ## Secret to mount to read bearer token for scraping targets. The secret needs
+    ## to be in the same namespace as the service monitor and accessible by the
+    ## Prometheus Operator
+    bearerTokenSecret: {}
+      # name: secret-name
+      # key:  key-name
+    tlsConfig: {}
+
+## Specify if a Pod Security Policy for kube-state-metrics must be created
+## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
+##
+podSecurityPolicy:
+  annotations: {}
+    ## Specify pod annotations
+    ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#apparmor
+    ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#seccomp
+    ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#sysctl
+    ##
+    # seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*'
+    # seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default'
+    # apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
+
+  additionalVolumes: []
+
+## Configure network policy for kube-state-metrics
+networkPolicy:
+  enabled: false
+  # networkPolicy.flavor -- Flavor of the network policy to use.
+  # Can be:
+  # * kubernetes for networking.k8s.io/v1/NetworkPolicy
+  # * cilium     for cilium.io/v2/CiliumNetworkPolicy
+  flavor: kubernetes
+
+  ## Configure the cilium network policy kube-apiserver selector
+  # cilium:
+    # kubeApiServerSelector:
+      # - toEntities:
+      #   - kube-apiserver
+
+  # egress:
+  # - {}
+  # ingress:
+  # - {}
+  # podSelector:
+  #   matchLabels:
+  #     app.kubernetes.io/name: kube-state-metrics
+
+securityContext:
+  enabled: true
+  runAsGroup: 65534
+  runAsUser: 65534
+  fsGroup: 65534
+  runAsNonRoot: true
+  seccompProfile:
+    type: RuntimeDefault
+
+## Specify security settings for a Container
+## Allows overrides and additional options compared to (Pod) securityContext
+## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
+containerSecurityContext:
+  readOnlyRootFilesystem: true
+  allowPrivilegeEscalation: false
+  capabilities:
+    drop:
+    - ALL
+
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+nodeSelector: {}
+
+## Affinity settings for pod assignment
+## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+affinity: {}
+
+## Tolerations for pod assignment
+## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+tolerations: []
+
+## Topology spread constraints for pod assignment
+## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
+topologySpreadConstraints: []
+
+# Annotations to be added to the deployment/statefulset
+annotations: {}
+
+# Annotations to be added to the pod
+podAnnotations: {}
+
+## Assign a PriorityClassName to pods if set
+# priorityClassName: ""
+
+# Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
+podDisruptionBudget: {}
+
+# Comma-separated list of metrics to be exposed.
+# This list comprises of exact metric names and/or regex patterns.
+# The allowlist and denylist are mutually exclusive.
+metricAllowlist: []
+
+# Comma-separated list of metrics not to be enabled.
+# This list comprises of exact metric names and/or regex patterns.
+# The allowlist and denylist are mutually exclusive.
+metricDenylist: []
+
+# Comma-separated list of additional Kubernetes label keys that will be used in the resource's
+# labels metric. By default the metric contains only name and namespace labels.
+# To include additional labels, provide a list of resource names in their plural form and Kubernetes
+# label keys you would like to allow for them (Example: '=namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...)'.
+# A single '*' can be provided per resource instead to allow any labels, but that has
+# severe performance implications (Example: '=pods=[*]').
+metricLabelsAllowlist: []
+  # - namespaces=[k8s-label-1,k8s-label-n]
+
+# Comma-separated list of Kubernetes annotations keys that will be used in the resource'
+# labels metric. By default the metric contains only name and namespace labels.
+# To include additional annotations provide a list of resource names in their plural form and Kubernetes
+# annotation keys you would like to allow for them (Example: '=namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...)'.
+# A single '*' can be provided per resource instead to allow any annotations, but that has
+# severe performance implications (Example: '=pods=[*]').
+metricAnnotationsAllowList: []
+  # - pods=[k8s-annotation-1,k8s-annotation-n]
+
+# Available collectors for kube-state-metrics.
+# By default, all available resources are enabled, comment out to disable.
+collectors:
+  - certificatesigningrequests
+  - configmaps
+  - cronjobs
+  - daemonsets
+  - deployments
+  - endpoints
+  - horizontalpodautoscalers
+  - ingresses
+  - jobs
+  - leases
+  - limitranges
+  - mutatingwebhookconfigurations
+  - namespaces
+  - networkpolicies
+  - nodes
+  - persistentvolumeclaims
+  - persistentvolumes
+  - poddisruptionbudgets
+  - pods
+  - replicasets
+  - replicationcontrollers
+  - resourcequotas
+  - secrets
+  - services
+  - statefulsets
+  - storageclasses
+  - validatingwebhookconfigurations
+  - volumeattachments
+
+# Enabling kubeconfig will pass the --kubeconfig argument to the container
+kubeconfig:
+  enabled: false
+  # base64 encoded kube-config file
+  secret:
+
+# Enabling support for customResourceState, will create a configMap including your config that will be read from kube-state-metrics
+customResourceState:
+  enabled: false
+  # Add (Cluster)Role permissions to list/watch the customResources defined in the config to rbac.extraRules
+  config: {}
+
+# Enable only the release namespace for collecting resources. By default all namespaces are collected.
+# If releaseNamespace and namespaces are both set a merged list will be collected.
+releaseNamespace: false
+
+# Comma-separated list(string) or yaml list of namespaces to be enabled for collecting resources. By default all namespaces are collected.
+namespaces: ""
+
+# Comma-separated list of namespaces not to be enabled. If namespaces and namespaces-denylist are both set,
+# only namespaces that are excluded in namespaces-denylist will be used.
+namespacesDenylist: ""
+
+## Override the deployment namespace
+##
+namespaceOverride: ""
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #  cpu: 100m
+  #  memory: 64Mi
+  # requests:
+  #  cpu: 10m
+  #  memory: 32Mi
+
+## Provide a k8s version to define apiGroups for podSecurityPolicy Cluster Role.
+## For example: kubeTargetVersionOverride: 1.14.9
+##
+kubeTargetVersionOverride: ""
+
+# Enable self metrics configuration for service and Service Monitor
+# Default values for telemetry configuration can be overridden
+# If you set telemetryNodePort, you must also set service.type to NodePort
+selfMonitor:
+  enabled: false
+  # telemetryHost: 0.0.0.0
+  # telemetryPort: 8081
+  # telemetryNodePort: 0
+
+# Enable vertical pod autoscaler support for kube-state-metrics
+verticalPodAutoscaler:
+  enabled: false
+
+  # Recommender responsible for generating recommendation for the object.
+  # List should be empty (then the default recommender will generate the recommendation)
+  # or contain exactly one recommender.
+  # recommenders: []
+  # - name: custom-recommender-performance
+
+  # List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
+  controlledResources: []
+  # Specifies which resource values should be controlled: RequestsOnly or RequestsAndLimits.
+  # controlledValues: RequestsAndLimits
+
+  # Define the max allowed resources for the pod
+  maxAllowed: {}
+  # cpu: 200m
+  # memory: 100Mi
+  # Define the min allowed resources for the pod
+  minAllowed: {}
+  # cpu: 200m
+  # memory: 100Mi
+
+  # updatePolicy:
+    # Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction
+    # minReplicas: 1
+    # Specifies whether recommended updates are applied when a Pod is started and whether recommended updates
+    # are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto".
+    # updateMode: Auto
+
+# volumeMounts are used to add custom volume mounts to deployment.
+# See example below
+volumeMounts: []
+#  - mountPath: /etc/config
+#    name: config-volume
+
+# volumes are used to add custom volumes to deployment
+# See example below
+volumes: []
+#  - configMap:
+#      name: cm-for-volume
+#    name: config-volume
+
+# Extra manifests to deploy as an array
+extraManifests: []
+  # - apiVersion: v1
+  #   kind: ConfigMap
+  #   metadata:
+  #   labels:
+  #     name: prometheus-extra
+  #   data:
+  #     extra-data: "value"
+
+## Containers allows injecting additional containers.
+containers: []
+  # - name: crd-init
+  #   image: kiwigrid/k8s-sidecar:latest
+
+## InitContainers allows injecting additional initContainers.
+initContainers: []
+  # - name: crd-sidecar
+  #   image: kiwigrid/k8s-sidecar:latest
+
+## Liveness probe
+##
+livenessProbe:
+  failureThreshold: 3
+  httpGet:
+    httpHeaders: []
+    scheme: http
+  initialDelaySeconds: 5
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 5
+
+## Readiness probe
+##
+readinessProbe:
+  failureThreshold: 3
+  httpGet:
+    httpHeaders: []
+    scheme: http
+  initialDelaySeconds: 5
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 5
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/Chart.yaml
new file mode 100644
index 0000000000..0b753af5db
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: kubeAdmControllerManager
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmControllerManager/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/Chart.yaml
new file mode 100644
index 0000000000..389e1386b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: kubeAdmEtcd
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmEtcd/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/Chart.yaml
new file mode 100644
index 0000000000..b755e8cd9e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: kubeAdmProxy
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmProxy/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/Chart.yaml
new file mode 100644
index 0000000000..f7c201833a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: kubeAdmScheduler
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/kubeAdmScheduler/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/.helmignore
new file mode 100644
index 0000000000..f0c1319444
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/Chart.yaml
new file mode 100644
index 0000000000..d067725a17
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/Chart.yaml
@@ -0,0 +1,28 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-prometheus-adapter
+apiVersion: v1
+appVersion: v0.10.0
+description: A Helm chart for k8s prometheus adapter
+home: https://github.com/kubernetes-sigs/prometheus-adapter
+keywords:
+- hpa
+- metrics
+- prometheus
+- adapter
+kubeVersion: '>=1.26.0-0'
+maintainers:
+- email: mattias.gees@jetstack.io
+  name: mattiasgees
+- name: steven-sheehy
+- email: hfernandez@mesosphere.com
+  name: hectorj2f
+name: prometheus-adapter
+sources:
+- https://github.com/kubernetes/charts
+- https://github.com/kubernetes-sigs/prometheus-adapter
+version: 4.2.0
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/README.md
new file mode 100644
index 0000000000..d77bb0c920
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/README.md
@@ -0,0 +1,160 @@
+# Prometheus Adapter
+
+Installs the [Prometheus Adapter](https://github.com/kubernetes-sigs/prometheus-adapter) for the Custom Metrics API. Custom metrics are used in Kubernetes by [Horizontal Pod Autoscalers](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) to scale workloads based upon your own metric pulled from an external metrics provider like Prometheus. This chart complements the [metrics-server](https://github.com/helm/charts/tree/master/stable/metrics-server) chart that provides resource only metrics.
+
+## Prerequisites
+
+Kubernetes 1.14+
+
+## Get Helm Repositories Info
+
+```console
+helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+helm repo update
+```
+
+_See [`helm repo`](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+
+## Install Helm Chart
+
+```console
+helm install [RELEASE_NAME] prometheus-community/prometheus-adapter
+```
+
+_See [configuration](#configuration) below._
+
+_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
+
+## Uninstall Helm Chart
+
+```console
+helm uninstall [RELEASE_NAME]
+```
+
+This removes all the Kubernetes components associated with the chart and deletes the release.
+
+_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
+
+## Upgrading Helm Chart
+
+```console
+helm upgrade [RELEASE_NAME] [CHART] --install
+```
+
+_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
+
+### To 4.2.0
+
+Readiness and liveness probes are now fully configurable through values `readinessProbe` and `livenessProbe`. The previous values have been kept as defaults.
+
+### To 4.0.0
+
+Previously, security context of the container was set directly in the deployment template. This release makes it configurable through the new configuration variable `securityContext` whilst keeping the previously set values as defaults. Furthermore, previous variable `runAsUser` is now set in `securityContext` and is not used any longer. Please, use `securityContext.runAsUser` instead. In the same security context, `seccompProfile` has been enabled and set to type `RuntimeDefault`.
+
+### To 3.0.0
+
+Due to a change in deployment labels, the upgrade requires `helm upgrade --force` in order to re-create the deployment.
+
+## Configuration
+
+See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands:
+
+```console
+helm show values prometheus-community/prometheus-adapter
+```
+
+### Prometheus Service Endpoint
+
+To use the chart, ensure the `prometheus.url` and `prometheus.port` are configured with the correct Prometheus service endpoint. If Prometheus is exposed under HTTPS the host's CA Bundle must be exposed to the container using `extraVolumes` and `extraVolumeMounts`.
+
+### Adapter Rules
+
+Additionally, the chart comes with a set of default rules out of the box but they may pull in too many metrics or not map them correctly for your needs. Therefore, it is recommended to populate `rules.custom` with a list of rules (see the [config document](https://github.com/kubernetes-sigs/prometheus-adapter/blob/master/docs/config.md) for the proper format).
+
+### Horizontal Pod Autoscaler Metrics
+
+Finally, to configure your Horizontal Pod Autoscaler to use the custom metric, see the custom metrics section of the [HPA walkthrough](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/#autoscaling-on-multiple-metrics-and-custom-metrics).
+
+The Prometheus Adapter can serve three different [metrics APIs](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#support-for-metrics-apis):
+
+### Custom Metrics
+
+Enabling this option will cause custom metrics to be served at `/apis/custom.metrics.k8s.io/v1beta1`. Enabled by default when `rules.default` is true, but can be customized by populating `rules.custom`:
+
+```yaml
+rules:
+  custom:
+  - seriesQuery: '{__name__=~"^some_metric_count$"}'
+    resources:
+      template: <<.Resource>>
+    name:
+      matches: ""
+      as: "my_custom_metric"
+    metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>}) by (<<.GroupBy>>)
+```
+
+### External Metrics
+
+Enabling this option will cause external metrics to be served at `/apis/external.metrics.k8s.io/v1beta1`. Can be enabled by populating `rules.external`:
+
+```yaml
+rules:
+  external:
+  - seriesQuery: '{__name__=~"^some_metric_count$"}'
+    resources:
+      template: <<.Resource>>
+    name:
+      matches: ""
+      as: "my_external_metric"
+    metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>}) by (<<.GroupBy>>)
+```
+
+### Resource Metrics
+
+Enabling this option will cause resource metrics to be served at `/apis/metrics.k8s.io/v1beta1`. Resource metrics will allow pod CPU and Memory metrics to be used in [Horizontal Pod Autoscalers](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) as well as the `kubectl top` command. Can be enabled by populating `rules.resource`:
+
+```yaml
+rules:
+  resource:
+    cpu:
+      containerQuery: |
+        sum by (<<.GroupBy>>) (
+          rate(container_cpu_usage_seconds_total{container!="",<<.LabelMatchers>>}[3m])
+        )
+      nodeQuery: |
+        sum  by (<<.GroupBy>>) (
+          rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal",<<.LabelMatchers>>}[3m])
+        )
+      resources:
+        overrides:
+          node:
+            resource: node
+          namespace:
+            resource: namespace
+          pod:
+            resource: pod
+      containerLabel: container
+    memory:
+      containerQuery: |
+        sum by (<<.GroupBy>>) (
+          avg_over_time(container_memory_working_set_bytes{container!="",<<.LabelMatchers>>}[3m])
+        )
+      nodeQuery: |
+        sum by (<<.GroupBy>>) (
+          avg_over_time(node_memory_MemTotal_bytes{<<.LabelMatchers>>}[3m])
+          -
+          avg_over_time(node_memory_MemAvailable_bytes{<<.LabelMatchers>>}[3m])
+        )
+      resources:
+        overrides:
+          node:
+            resource: node
+          namespace:
+            resource: namespace
+          pod:
+            resource: pod
+      containerLabel: container
+    window: 3m
+```
+
+**NOTE:** Setting a value for `rules.resource` will also deploy the resource metrics API service, providing the same functionality as [metrics-server](https://github.com/helm/charts/tree/master/stable/metrics-server). As such it is not possible to deploy them both in the same cluster.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/NOTES.txt b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/NOTES.txt
new file mode 100644
index 0000000000..b7b9b99322
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/NOTES.txt
@@ -0,0 +1,9 @@
+{{ template "k8s-prometheus-adapter.fullname" .  }} has been deployed.
+In a few minutes you should be able to list metrics using the following command(s):
+{{ if .Values.rules.resource }}
+  kubectl get --raw /apis/metrics.k8s.io/v1beta1
+{{- end }}
+  kubectl get --raw /apis/custom.metrics.k8s.io/v1beta1
+{{ if .Values.rules.external }}
+  kubectl get --raw /apis/external.metrics.k8s.io/v1beta1
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/_helpers.tpl
new file mode 100644
index 0000000000..edbb829b2b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/_helpers.tpl
@@ -0,0 +1,113 @@
+# Rancher
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "k8s-prometheus-adapter.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "k8s-prometheus-adapter.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Allow the release namespace to be overridden for multi-namespace deployments in combined charts
+*/}}
+{{- define "k8s-prometheus-adapter.namespace" -}}
+{{- default .Release.Namespace .Values.namespaceOverride -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "k8s-prometheus-adapter.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Generate basic labels
+*/}}
+{{- define "k8s-prometheus-adapter.labels" }}
+helm.sh/chart: {{ include "k8s-prometheus-adapter.chart" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/component: metrics
+app.kubernetes.io/part-of: {{ template "k8s-prometheus-adapter.name" . }}
+{{- include "k8s-prometheus-adapter.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+{{- if .Values.customLabels }}
+{{ toYaml .Values.customLabels }}
+{{- end }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "k8s-prometheus-adapter.selectorLabels" }}
+app.kubernetes.io/name: {{ include "k8s-prometheus-adapter.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "k8s-prometheus-adapter.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+    {{ default (include "k8s-prometheus-adapter.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/* Get Policy API Version */}}
+{{- define "k8s-prometheus-adapter.pdb.apiVersion" -}}
+{{- if and (.Capabilities.APIVersions.Has "policy/v1") (semverCompare ">= 1.21-0" .Capabilities.KubeVersion.Version) -}}
+    {{- print "policy/v1" -}}
+{{- else -}}
+    {{- print "policy/v1beta1" -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/certmanager.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/certmanager.yaml
new file mode 100644
index 0000000000..4e32c964c6
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/certmanager.yaml
@@ -0,0 +1,76 @@
+{{- if .Values.certManager.enabled -}}
+---
+# Create a selfsigned Issuer, in order to create a root CA certificate for
+# signing webhook serving certificates
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}-self-signed-issuer
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+spec:
+  selfSigned: {}
+---
+# Generate a CA Certificate used to sign certificates for the webhook
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}-root-cert
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+spec:
+  secretName: {{ template "k8s-prometheus-adapter.fullname" . }}-root-cert
+  duration: {{ .Values.certManager.caCertDuration }}
+  issuerRef:
+    name: {{ template "k8s-prometheus-adapter.fullname" . }}-self-signed-issuer
+  commonName: "ca.webhook.prometheus-adapter"
+  isCA: true
+---
+# Create an Issuer that uses the above generated CA certificate to issue certs
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}-root-issuer
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+spec:
+  ca:
+    secretName: {{ template "k8s-prometheus-adapter.fullname" . }}-root-cert
+---
+# Finally, generate a serving certificate for the apiservices to use
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}-cert
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+spec:
+  secretName: {{ template "k8s-prometheus-adapter.fullname" . }}
+  duration: {{ .Values.certManager.certDuration }}
+  issuerRef:
+    name: {{ template "k8s-prometheus-adapter.fullname" . }}-root-issuer
+  dnsNames:
+  - {{ template "k8s-prometheus-adapter.fullname" . }}
+  - {{ template "k8s-prometheus-adapter.fullname" . }}.{{ include "k8s-prometheus-adapter.namespace" . }}
+  - {{ template "k8s-prometheus-adapter.fullname" . }}.{{ include "k8s-prometheus-adapter.namespace" . }}.svc
+{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/cluster-role-binding-auth-delegator.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/cluster-role-binding-auth-delegator.yaml
new file mode 100644
index 0000000000..6701e6ba08
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/cluster-role-binding-auth-delegator.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-system-auth-delegator
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: system:auth-delegator
+subjects:
+- kind: ServiceAccount
+  name: {{ template "k8s-prometheus-adapter.serviceAccountName" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/cluster-role-binding-resource-reader.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/cluster-role-binding-resource-reader.yaml
new file mode 100644
index 0000000000..67efd2aa2f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/cluster-role-binding-resource-reader.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-resource-reader
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "k8s-prometheus-adapter.name" . }}-resource-reader
+subjects:
+- kind: ServiceAccount
+  name: {{ template "k8s-prometheus-adapter.serviceAccountName" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/cluster-role-resource-reader.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/cluster-role-resource-reader.yaml
new file mode 100644
index 0000000000..2c690a03cc
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/cluster-role-resource-reader.yaml
@@ -0,0 +1,24 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-resource-reader
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - namespaces
+  - pods
+  - services
+  - configmaps
+  verbs:
+  - get
+  - list
+  - watch
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/configmap.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/configmap.yaml
new file mode 100644
index 0000000000..17f415d970
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/configmap.yaml
@@ -0,0 +1,97 @@
+{{- if not .Values.rules.existing -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+data:
+  config.yaml: |
+{{- if or .Values.rules.default .Values.rules.custom }}
+    rules:
+{{- if .Values.rules.default }}
+    - seriesQuery: '{__name__=~"^container_.*",container!="POD",namespace!="",pod!=""}'
+      seriesFilters: []
+      resources:
+        overrides:
+          namespace:
+            resource: namespace
+          pod:
+            resource: pod
+      name:
+        matches: ^container_(.*)_seconds_total$
+        as: ""
+      metricsQuery: sum(rate(<<.Series>>{<<.LabelMatchers>>,container!="POD"}[5m]))
+        by (<<.GroupBy>>)
+    - seriesQuery: '{__name__=~"^container_.*",container!="POD",namespace!="",pod!=""}'
+      seriesFilters:
+      - isNot: ^container_.*_seconds_total$
+      resources:
+        overrides:
+          namespace:
+            resource: namespace
+          pod:
+            resource: pod
+      name:
+        matches: ^container_(.*)_total$
+        as: ""
+      metricsQuery: sum(rate(<<.Series>>{<<.LabelMatchers>>,container!="POD"}[5m]))
+        by (<<.GroupBy>>)
+    - seriesQuery: '{__name__=~"^container_.*",container!="POD",namespace!="",pod!=""}'
+      seriesFilters:
+      - isNot: ^container_.*_total$
+      resources:
+        overrides:
+          namespace:
+            resource: namespace
+          pod:
+            resource: pod
+      name:
+        matches: ^container_(.*)$
+        as: ""
+      metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>,container!="POD"}) by (<<.GroupBy>>)
+    - seriesQuery: '{namespace!="",__name__!~"^container_.*"}'
+      seriesFilters:
+      - isNot: .*_total$
+      resources:
+        template: <<.Resource>>
+      name:
+        matches: ""
+        as: ""
+      metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>}) by (<<.GroupBy>>)
+    - seriesQuery: '{namespace!="",__name__!~"^container_.*"}'
+      seriesFilters:
+      - isNot: .*_seconds_total
+      resources:
+        template: <<.Resource>>
+      name:
+        matches: ^(.*)_total$
+        as: ""
+      metricsQuery: sum(rate(<<.Series>>{<<.LabelMatchers>>}[5m])) by (<<.GroupBy>>)
+    - seriesQuery: '{namespace!="",__name__!~"^container_.*"}'
+      seriesFilters: []
+      resources:
+        template: <<.Resource>>
+      name:
+        matches: ^(.*)_seconds_total$
+        as: ""
+      metricsQuery: sum(rate(<<.Series>>{<<.LabelMatchers>>}[5m])) by (<<.GroupBy>>)
+{{- end -}}
+{{- if .Values.rules.custom }}
+{{ toYaml .Values.rules.custom | indent 4 }}
+{{- end -}}
+{{- end -}}
+{{- if .Values.rules.external }}
+    externalRules:
+{{ toYaml .Values.rules.external | indent 4 }}
+{{- end -}}
+{{- if .Values.rules.resource }}
+    resourceRules:
+{{ toYaml .Values.rules.resource | indent 6 }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-apiservice.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-apiservice.yaml
new file mode 100644
index 0000000000..8b7b4e555e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-apiservice.yaml
@@ -0,0 +1,34 @@
+{{- if or .Values.rules.default .Values.rules.custom }}
+{{- if .Capabilities.APIVersions.Has "apiregistration.k8s.io/v1" }}
+apiVersion: apiregistration.k8s.io/v1
+{{- else }}
+apiVersion: apiregistration.k8s.io/v1beta1
+{{- end }}
+kind: APIService
+metadata:
+{{- if or .Values.certManager.enabled .Values.customAnnotations }}
+  annotations:
+    certmanager.k8s.io/inject-ca-from: {{ printf "%s/%s-root-cert" (include "k8s-prometheus-adapter.namespace" .) (include "k8s-prometheus-adapter.fullname" .) | quote }}
+    cert-manager.io/inject-ca-from: {{ printf "%s/%s-root-cert" (include "k8s-prometheus-adapter.namespace" .) (include "k8s-prometheus-adapter.fullname" .) | quote }}
+    {{- if .Values.customAnnotations }}
+    {{- toYaml .Values.customAnnotations | nindent 4 }}
+    {{- end }}
+{{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: v1beta1.custom.metrics.k8s.io
+spec:
+  service:
+    name: {{ template "k8s-prometheus-adapter.fullname" . }}
+    namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+  {{- if .Values.tls.enable }}
+  caBundle: {{ b64enc .Values.tls.ca }}
+  {{- end }}
+  group: custom.metrics.k8s.io
+  version: v1beta1
+  {{- if not (or .Values.tls.enable .Values.certManager.enabled) }}
+  insecureSkipTLSVerify: true
+  {{- end }}
+  groupPriorityMinimum: 100
+  versionPriority: 100
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-cluster-role-binding-hpa.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-cluster-role-binding-hpa.yaml
new file mode 100644
index 0000000000..0cc6920836
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-cluster-role-binding-hpa.yaml
@@ -0,0 +1,24 @@
+{{- /*
+This if must be aligned with custom-metrics-cluster-role.yaml
+as otherwise this binding will point to not existing role.
+*/ -}}
+{{- if and .Values.rbac.create (or .Values.rules.default .Values.rules.custom) -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-hpa-controller
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "k8s-prometheus-adapter.name" . }}-server-resources
+subjects:
+- kind: ServiceAccount
+  name: {{ template "k8s-prometheus-adapter.serviceAccountName" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-cluster-role.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-cluster-role.yaml
new file mode 100644
index 0000000000..4aa15ffe99
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/custom-metrics-cluster-role.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.rbac.create (or .Values.rules.default .Values.rules.custom) -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-server-resources
+rules:
+- apiGroups:
+  - custom.metrics.k8s.io
+  resources: ["*"]
+  verbs: ["*"]
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/deployment.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/deployment.yaml
new file mode 100644
index 0000000000..a7ea3310a0
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/deployment.yaml
@@ -0,0 +1,143 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  {{- if or .Values.customAnnotations .Values.deploymentAnnotations }}
+  annotations:
+    {{- with .Values.customAnnotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+    {{- with .Values.deploymentAnnotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+spec:
+  replicas: {{ .Values.replicas }}
+  strategy: {{ toYaml .Values.strategy | nindent 4 }}
+  selector:
+    matchLabels:
+      {{- include "k8s-prometheus-adapter.selectorLabels" . | indent 6 }}
+  template:
+    metadata:
+      labels:
+        {{- include "k8s-prometheus-adapter.labels" . | indent 8 }}
+        {{- with .Values.podLabels }}
+        {{- toYaml . | trim | nindent 8 }}
+        {{- end }}
+      name: {{ template "k8s-prometheus-adapter.name" . }}
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+        {{- with .Values.podAnnotations }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.customAnnotations }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      serviceAccountName: {{ template "k8s-prometheus-adapter.serviceAccountName" . }}
+      {{- if .Values.hostNetwork.enabled }}
+      hostNetwork: true
+      {{- end }}
+      {{- if .Values.dnsPolicy }}
+      dnsPolicy: {{ .Values.dnsPolicy }}
+      {{- end}}
+      containers:
+      - name: {{ .Chart.Name }}
+        image: "{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        {{- with .Values.env }}
+        env:
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+        args:
+        - /adapter
+        - --secure-port={{ .Values.listenPort }}
+        {{- if or .Values.tls.enable .Values.certManager.enabled }}
+        - --tls-cert-file=/var/run/serving-cert/tls.crt
+        - --tls-private-key-file=/var/run/serving-cert/tls.key
+        {{- end }}
+        - --cert-dir=/tmp/cert
+        - --prometheus-url={{ tpl .Values.prometheus.url . }}{{ if .Values.prometheus.port }}:{{ .Values.prometheus.port }}{{end}}{{ .Values.prometheus.path }}
+        - --metrics-relist-interval={{ .Values.metricsRelistInterval }}
+        - --v={{ .Values.logLevel }}
+        - --config=/etc/adapter/config.yaml
+        {{- if .Values.extraArguments }}
+        {{- toYaml .Values.extraArguments | trim | nindent 8 }}
+        {{- end }}
+        ports:
+        - containerPort: {{ .Values.listenPort }}
+          name: https
+        {{- with .Values.livenessProbe }}
+        livenessProbe:
+          {{- toYaml . | nindent 10 }}
+        {{- end }}
+        {{- with .Values.readinessProbe }}
+        readinessProbe:
+          {{- toYaml . | nindent 10 }}
+        {{- end }}
+        {{- if .Values.resources }}
+        resources:
+          {{- toYaml .Values.resources | nindent 10 }}
+        {{- end }}
+        {{- with .Values.dnsConfig }}
+        dnsConfig:
+        {{ toYaml . | indent 8 }}
+        {{- end }}
+        {{- with .Values.securityContext }}
+        securityContext:
+          {{- toYaml . | nindent 10 }}
+        {{- end }}
+        volumeMounts:
+        {{- if .Values.extraVolumeMounts }}
+        {{ toYaml .Values.extraVolumeMounts | trim | nindent 8 }}
+        {{ end }}
+        - mountPath: /etc/adapter/
+          name: config
+          readOnly: true
+        - mountPath: /tmp
+          name: tmp
+        {{- if or .Values.tls.enable .Values.certManager.enabled }}
+        - mountPath: /var/run/serving-cert
+          name: volume-serving-cert
+          readOnly: true
+        {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{- toYaml .Values.nodeSelector | nindent 8 }}
+{{- end }}
+      affinity:
+        {{- toYaml .Values.affinity | nindent 8 }}
+      topologySpreadConstraints:
+        {{- toYaml .Values.topologySpreadConstraints | nindent 8 }}
+      priorityClassName: {{ .Values.priorityClassName }}
+      {{- if .Values.podSecurityContext }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{- toYaml .Values.tolerations | nindent 8 }}
+{{- end }}
+      {{- if .Values.image.pullSecrets }}
+      imagePullSecrets:
+        {{- range .Values.image.pullSecrets }}
+        - name: {{ . }}
+        {{- end }}
+      {{- end }}
+      volumes:
+      {{- if .Values.extraVolumes  }}
+      {{ toYaml .Values.extraVolumes | trim | nindent 6 }}
+      {{ end }}
+      - name: config
+        configMap:
+          name: {{ .Values.rules.existing | default (include "k8s-prometheus-adapter.fullname" . ) }}
+      - name: tmp
+        emptyDir: {}
+      {{- if or .Values.tls.enable .Values.certManager.enabled }}
+      - name: volume-serving-cert
+        secret:
+          secretName: {{ template "k8s-prometheus-adapter.fullname" . }}
+      {{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/external-metrics-apiservice.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/external-metrics-apiservice.yaml
new file mode 100644
index 0000000000..21339af128
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/external-metrics-apiservice.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.rules.external }}
+{{- if .Capabilities.APIVersions.Has "apiregistration.k8s.io/v1" }}
+apiVersion: apiregistration.k8s.io/v1
+{{- else }}
+apiVersion: apiregistration.k8s.io/v1beta1
+{{- end }}
+kind: APIService
+metadata:
+{{- if or .Values.certManager.enabled .Values.customAnnotations }}
+  annotations:
+    certmanager.k8s.io/inject-ca-from: {{ printf "%s/%s-root-cert" (include "k8s-prometheus-adapter.namespace" .) (include "k8s-prometheus-adapter.fullname" .) | quote }}
+    cert-manager.io/inject-ca-from: {{ printf "%s/%s-root-cert" (include "k8s-prometheus-adapter.namespace" .) (include "k8s-prometheus-adapter.fullname" .) | quote }}
+    {{- if .Values.customAnnotations }}
+    {{- toYaml .Values.customAnnotations | nindent 4 }}
+    {{- end }}
+{{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: v1beta1.external.metrics.k8s.io
+spec:
+  service:
+    name: {{ template "k8s-prometheus-adapter.fullname" . }}
+    namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+  {{- if .Values.tls.enable }}
+  caBundle: {{ b64enc .Values.tls.ca }}
+  {{- end }}
+  group: external.metrics.k8s.io
+  version: v1beta1
+  {{- if not (or .Values.tls.enable .Values.certManager.enabled) }}
+  insecureSkipTLSVerify: true
+  {{- end }}
+  groupPriorityMinimum: 100
+  versionPriority: 100
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/external-metrics-cluster-role-binding-hpa.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/external-metrics-cluster-role-binding-hpa.yaml
new file mode 100644
index 0000000000..05547bd323
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/external-metrics-cluster-role-binding-hpa.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.rbac.create .Values.rules.external -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-hpa-controller-external-metrics
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "k8s-prometheus-adapter.name" . }}-external-metrics
+subjects:
+- kind: ServiceAccount
+  name: horizontal-pod-autoscaler
+  namespace: kube-system
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/external-metrics-cluster-role.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/external-metrics-cluster-role.yaml
new file mode 100644
index 0000000000..212ea78b25
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/external-metrics-cluster-role.yaml
@@ -0,0 +1,21 @@
+{{- if and .Values.rbac.create .Values.rules.external -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-external-metrics
+rules:
+- apiGroups:
+  - "external.metrics.k8s.io"
+  resources:
+  - "*"
+  verbs:
+  - list
+  - get
+  - watch
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/pdb.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/pdb.yaml
new file mode 100644
index 0000000000..205761a9f1
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/pdb.yaml
@@ -0,0 +1,23 @@
+{{- if .Values.podDisruptionBudget.enabled }}
+apiVersion: {{ include "k8s-prometheus-adapter.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+spec:
+  {{- if .Values.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.podDisruptionBudget.minAvailable }}
+  {{- end  }}
+  {{- if .Values.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }}
+  {{- end  }}
+  selector:
+    matchLabels:
+      {{- include "k8s-prometheus-adapter.selectorLabels" . | indent 6 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/psp.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/psp.yaml
new file mode 100644
index 0000000000..fded5a7491
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/psp.yaml
@@ -0,0 +1,66 @@
+{{- if and (or .Values.global.cattle.psp.enabled .Values.psp.create) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+---
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+spec:
+  {{- if .Values.hostNetwork.enabled }}
+  hostNetwork: true
+  hostPorts:
+    - min: {{ .Values.listenPort }}
+      max: {{ .Values.listenPort }}
+  {{- end }}
+  fsGroup:
+    rule: RunAsAny
+  runAsGroup:
+    rule: RunAsAny
+  runAsUser:
+    rule: MustRunAs
+    ranges:
+    - min: 1024
+      max: 65535
+  seLinux:
+    rule: RunAsAny
+  supplementalGroups:
+    rule: RunAsAny
+  volumes:
+  - secret
+  - emptyDir
+  - configMap
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-psp
+rules:
+- apiGroups: 
+  - 'policy'
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "k8s-prometheus-adapter.fullname" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-psp
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "k8s-prometheus-adapter.name" . }}-psp
+subjects:
+- kind: ServiceAccount
+  name: {{ template "k8s-prometheus-adapter.serviceAccountName" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-apiservice.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-apiservice.yaml
new file mode 100644
index 0000000000..0cc9fff6a2
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-apiservice.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.rules.resource}}
+{{- if .Capabilities.APIVersions.Has "apiregistration.k8s.io/v1" }}
+apiVersion: apiregistration.k8s.io/v1
+{{- else }}
+apiVersion: apiregistration.k8s.io/v1beta1
+{{- end }}
+kind: APIService
+metadata:
+{{- if or .Values.certManager.enabled .Values.customAnnotations }}
+  annotations:
+    certmanager.k8s.io/inject-ca-from: {{ printf "%s/%s-root-cert" (include "k8s-prometheus-adapter.namespace" .) (include "k8s-prometheus-adapter.fullname" .) | quote }}
+    cert-manager.io/inject-ca-from: {{ printf "%s/%s-root-cert" (include "k8s-prometheus-adapter.namespace" .) (include "k8s-prometheus-adapter.fullname" .) | quote }}
+    {{- if .Values.customAnnotations }}
+    {{- toYaml .Values.customAnnotations | nindent 4 }}
+    {{- end }}
+{{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: v1beta1.metrics.k8s.io
+spec:
+  service:
+    name: {{ template "k8s-prometheus-adapter.fullname" . }}
+    namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+  {{- if .Values.tls.enable }}
+  caBundle: {{ b64enc .Values.tls.ca }}
+  {{- end }}
+  group: metrics.k8s.io
+  version: v1beta1
+  {{- if not (or .Values.tls.enable .Values.certManager.enabled) }}
+  insecureSkipTLSVerify: true
+  {{- end }}
+  groupPriorityMinimum: 100
+  versionPriority: 100
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-cluster-role-binding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-cluster-role-binding.yaml
new file mode 100644
index 0000000000..3c247e48d2
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-cluster-role-binding.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.rbac.create .Values.rules.resource -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-hpa-controller-metrics
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "k8s-prometheus-adapter.name" . }}-metrics
+subjects:
+- kind: ServiceAccount
+  name: {{ template "k8s-prometheus-adapter.serviceAccountName" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-cluster-role.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-cluster-role.yaml
new file mode 100644
index 0000000000..73d8953046
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/resource-metrics-cluster-role.yaml
@@ -0,0 +1,23 @@
+{{- if and .Values.rbac.create .Values.rules.resource -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-metrics
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  - nodes
+  - nodes/stats
+  verbs:
+  - get
+  - list
+  - watch
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/role-binding-auth-reader.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/role-binding-auth-reader.yaml
new file mode 100644
index 0000000000..d3c77c1c65
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/role-binding-auth-reader.yaml
@@ -0,0 +1,21 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.name" . }}-auth-reader
+  namespace: kube-system
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: extension-apiserver-authentication-reader
+subjects:
+- kind: ServiceAccount
+  name: {{ template "k8s-prometheus-adapter.serviceAccountName" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . | quote }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/secret.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/secret.yaml
new file mode 100644
index 0000000000..3e7e8887bd
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/secret.yaml
@@ -0,0 +1,17 @@
+{{- if .Values.tls.enable -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  {{- if .Values.customAnnotations }}
+  annotations:
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+type: kubernetes.io/tls
+data:
+  tls.crt: {{ b64enc .Values.tls.certificate }}
+  tls.key: {{ b64enc .Values.tls.key }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/service.yaml
new file mode 100644
index 0000000000..ddac37cfa1
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/service.yaml
@@ -0,0 +1,27 @@
+apiVersion: v1
+kind: Service
+metadata:
+  {{- if or .Values.service.annotations .Values.customAnnotations }}
+  annotations:
+  {{- if .Values.service.annotations }}
+  {{ toYaml .Values.service.annotations | indent 4 }}
+  {{- end }}
+  {{- if .Values.customAnnotations }}
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+  {{- end }}
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.fullname" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+spec:
+  ports:
+  - port: {{ .Values.service.port }}
+    protocol: TCP
+    targetPort: https
+  selector:
+    {{- include "k8s-prometheus-adapter.selectorLabels" . | indent 4 }}
+  type: {{ .Values.service.type }}
+  {{- if .Values.service.clusterIP }}
+  clusterIP: {{ .Values.service.clusterIP }}
+  {{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/serviceaccount.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..30a169ae0e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/templates/serviceaccount.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    {{- include "k8s-prometheus-adapter.labels" . | indent 4 }}
+  name: {{ template "k8s-prometheus-adapter.serviceAccountName" . }}
+  namespace: {{ include "k8s-prometheus-adapter.namespace" . }}
+{{- if or .Values.serviceAccount.annotations .Values.customAnnotations }}
+  annotations:
+  {{- if .Values.serviceAccount.annotations }}
+  {{- toYaml .Values.serviceAccount.annotations | nindent 4 }}
+  {{- end }}
+  {{- if .Values.customAnnotations }}
+  {{- toYaml .Values.customAnnotations | nindent 4 }}
+  {{- end }}
+{{- end }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/values.yaml
new file mode 100644
index 0000000000..a1445a23f1
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-adapter/values.yaml
@@ -0,0 +1,277 @@
+# Default values for k8s-prometheus-adapter..
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+
+affinity: {}
+
+topologySpreadConstraints: []
+
+image:
+  repository: rancher/mirrored-prometheus-adapter-prometheus-adapter
+  tag: v0.12.0
+  pullPolicy: IfNotPresent
+
+logLevel: 4
+
+metricsRelistInterval: 1m
+
+listenPort: 6443
+
+nodeSelector: {}
+
+priorityClassName: ""
+
+## Override the release namespace (for multi-namespace deployments in combined charts)
+namespaceOverride: ""
+
+## Additional annotations to add to all resources
+customAnnotations: {}
+  # role: custom-metrics
+
+## Additional labels to add to all resources
+customLabels: {}
+  # monitoring: prometheus-adapter
+
+# Url to access prometheus
+prometheus:
+  # Value is templated
+  url: http://prometheus.default.svc
+  port: 9090
+  path: ""
+
+replicas: 1
+
+# k8s 1.21 needs fsGroup to be set for non root deployments
+# ref: https://github.com/kubernetes/kubernetes/issues/70679
+podSecurityContext:
+  fsGroup: 10001
+
+# SecurityContext of the container
+# ref. https://kubernetes.io/docs/tasks/configure-pod-container/security-context
+securityContext:
+  allowPrivilegeEscalation: false
+  capabilities:
+    drop: ["all"]
+  readOnlyRootFilesystem: true
+  runAsNonRoot: true
+  runAsUser: 10001
+  seccompProfile:
+    type: RuntimeDefault
+
+rbac:
+  # Specifies whether RBAC resources should be created
+  create: true
+
+psp:
+  # Specifies whether PSP resources should be created
+  create: false
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name:
+  # ServiceAccount annotations.
+  # Use case: AWS EKS IAM roles for service accounts
+  # ref: https://docs.aws.amazon.com/eks/latest/userguide/specify-service-account-role.html
+  annotations: {}
+
+# Custom DNS configuration to be added to prometheus-adapter pods
+dnsConfig: {}
+  # nameservers:
+  #   - 1.2.3.4
+  # searches:
+  #   - ns1.svc.cluster-domain.example
+  #   - my.dns.search.suffix
+  # options:
+  #   - name: ndots
+  #     value: "2"
+  #   - name: edns0
+
+resources: {}
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+# Configure liveness probe
+# https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#Probe
+livenessProbe:
+  httpGet:
+    path: /healthz
+    port: https
+    scheme: HTTPS
+  initialDelaySeconds: 30
+  timeoutSeconds: 5
+
+# Configure readiness probe
+readinessProbe:
+  httpGet:
+    path: /healthz
+    port: https
+    scheme: HTTPS
+  initialDelaySeconds: 30
+  timeoutSeconds: 5
+
+rules:
+  default: true
+
+  custom: []
+    # - seriesQuery: '{__name__=~"^some_metric_count$"}'
+    #   resources:
+    #     template: <<.Resource>>
+    #   name:
+    #     matches: ""
+    #     as: "my_custom_metric"
+    #   metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>}) by (<<.GroupBy>>)
+
+  # Mounts a configMap with pre-generated rules for use. Overrides the
+  # default, custom, external and resource entries
+  existing:
+
+  external: []
+    # - seriesQuery: '{__name__=~"^some_metric_count$"}'
+    #   resources:
+    #     template: <<.Resource>>
+    #   name:
+    #     matches: ""
+    #     as: "my_external_metric"
+    #   metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>}) by (<<.GroupBy>>)
+
+  # resource:
+  #   cpu:
+  #     containerQuery: |
+  #       sum by (<<.GroupBy>>) (
+  #         rate(container_cpu_usage_seconds_total{container!="",<<.LabelMatchers>>}[3m])
+  #       )
+  #     nodeQuery: |
+  #       sum  by (<<.GroupBy>>) (
+  #         rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal",<<.LabelMatchers>>}[3m])
+  #       )
+  #     resources:
+  #       overrides:
+  #         node:
+  #           resource: node
+  #         namespace:
+  #           resource: namespace
+  #         pod:
+  #           resource: pod
+  #     containerLabel: container
+  #   memory:
+  #     containerQuery: |
+  #       sum by (<<.GroupBy>>) (
+  #         avg_over_time(container_memory_working_set_bytes{container!="",<<.LabelMatchers>>}[3m])
+  #       )
+  #     nodeQuery: |
+  #       sum by (<<.GroupBy>>) (
+  #         avg_over_time(node_memory_MemTotal_bytes{<<.LabelMatchers>>}[3m])
+  #         -
+  #         avg_over_time(node_memory_MemAvailable_bytes{<<.LabelMatchers>>}[3m])
+  #       )
+  #     resources:
+  #       overrides:
+  #         node:
+  #           resource: node
+  #         namespace:
+  #           resource: namespace
+  #         pod:
+  #           resource: pod
+  #     containerLabel: container
+  #   window: 3m
+
+service:
+  annotations: {}
+  port: 443
+  type: ClusterIP
+  # clusterIP: 1.2.3.4
+
+tls:
+  enable: false
+  ca: |-
+    # Public CA file that signed the APIService
+  key: |-
+    # Private key of the APIService
+  certificate: |-
+    # Public key of the APIService
+
+# Set environment variables from secrets, configmaps or by setting them as name/value
+env: []
+  # - name: TMP_DIR
+  #   value: /tmp
+  # - name: PASSWORD
+  #   valueFrom:
+  #     secretKeyRef:
+  #       name: mysecret
+  #       key: password
+  #       optional: false
+
+# Any extra arguments
+extraArguments: []
+  # - --tls-private-key-file=/etc/tls/tls.key
+  # - --tls-cert-file=/etc/tls/tls.crt
+
+# Any extra volumes
+extraVolumes: []
+  # - name: example-name
+  #   hostPath:
+  #     path: /path/on/host
+  #     type: DirectoryOrCreate
+  # - name: ssl-certs
+  #   hostPath:
+  #     path: /etc/ssl/certs/ca-bundle.crt
+  #     type: File
+
+# Any extra volume mounts
+extraVolumeMounts: []
+  #   - name: example-name
+  #     mountPath: /path/in/container
+  #   - name: ssl-certs
+  #     mountPath: /etc/ssl/certs/ca-certificates.crt
+  #     readOnly: true
+
+tolerations: []
+
+# Labels added to the pod
+podLabels: {}
+
+# Annotations added to the pod
+podAnnotations: {}
+
+# Annotations added to the deployment
+deploymentAnnotations: {}
+
+hostNetwork:
+  # Specifies if prometheus-adapter should be started in hostNetwork mode.
+  #
+  # You would require this enabled if you use alternate overlay networking for pods and
+  # API server unable to communicate with metrics-server. As an example, this is required
+  # if you use Weave network on EKS. See also dnsPolicy
+  enabled: false
+
+# When hostNetwork is enabled, you probably want to set this to ClusterFirstWithHostNet
+# dnsPolicy: ClusterFirstWithHostNet
+
+# Deployment strategy type
+strategy:
+  type: RollingUpdate
+  rollingUpdate:
+    maxUnavailable: 25%
+    maxSurge: 25%
+
+podDisruptionBudget:
+  # Specifies if PodDisruptionBudget should be enabled
+  # When enabled, minAvailable or maxUnavailable should also be defined.
+  enabled: false
+  minAvailable:
+  maxUnavailable: 1
+
+certManager:
+  enabled: false
+  caCertDuration: 43800h
+  certDuration: 8760h
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/.helmignore
new file mode 100644
index 0000000000..f0c1319444
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/Chart.yaml
new file mode 100644
index 0000000000..9130cbcc91
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/Chart.yaml
@@ -0,0 +1,25 @@
+annotations:
+  artifacthub.io/license: Apache-2.0
+  artifacthub.io/links: |-
+    - name: Chart Source
+      url: https://github.com/prometheus-community/helm-charts
+apiVersion: v2
+appVersion: 1.7.0
+description: A Helm chart for prometheus node-exporter
+home: https://github.com/prometheus/node_exporter/
+keywords:
+- node-exporter
+- prometheus
+- exporter
+maintainers:
+- email: gianrubio@gmail.com
+  name: gianrubio
+- email: zanhsieh@gmail.com
+  name: zanhsieh
+- email: rootsandtrees@posteo.de
+  name: zeritti
+name: prometheus-node-exporter
+sources:
+- https://github.com/prometheus/node_exporter/
+type: application
+version: 4.30.3
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/README.md
new file mode 100644
index 0000000000..149b982267
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/README.md
@@ -0,0 +1,97 @@
+
+# Prometheus Node Exporter
+
+Prometheus exporter for hardware and OS metrics exposed by *NIX kernels, written in Go with pluggable metric collectors.
+
+This chart bootstraps a Prometheus [Node Exporter](http://github.com/prometheus/node_exporter) daemonset on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
+
+## Get Repository Info
+<!-- textlint-disable terminology -->
+```console
+helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+helm repo update
+```
+
+_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+<!-- textlint-enable -->
+## Install Chart
+
+```console
+helm install [RELEASE_NAME] prometheus-community/prometheus-node-exporter
+```
+
+_See [configuration](#configuring) below._
+
+_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
+
+## Uninstall Chart
+
+```console
+helm uninstall [RELEASE_NAME]
+```
+
+This removes all the Kubernetes components associated with the chart and deletes the release.
+
+_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
+
+## Upgrading Chart
+
+```console
+helm upgrade [RELEASE_NAME] prometheus-community/prometheus-node-exporter --install
+```
+
+_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
+
+### 3.x to 4.x
+
+Starting from version 4.0.0, the `node exporter` chart is using the [Kubernetes recommended labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/). Therefore you have to delete the daemonset before you upgrade.
+
+```console
+kubectl delete daemonset -l app=prometheus-node-exporter
+helm upgrade -i prometheus-node-exporter prometheus-community/prometheus-node-exporter
+```
+
+If you use your own custom [ServiceMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitor) or [PodMonitor](https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#podmonitor), please ensure to upgrade their `selector` fields accordingly to the new labels.
+
+### From 2.x to 3.x
+
+Change the following:
+
+```yaml
+hostRootFsMount: true
+```
+
+to:
+
+```yaml
+hostRootFsMount:
+  enabled: true
+  mountPropagation: HostToContainer
+```
+
+## Configuring
+
+See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands:
+
+```console
+helm show values prometheus-community/prometheus-node-exporter
+```
+
+### kube-rbac-proxy
+
+You can enable `prometheus-node-exporter` endpoint protection using `kube-rbac-proxy`. By setting `kubeRBACProxy.enabled: true`, this chart will deploy a RBAC proxy container protecting the node-exporter endpoint.
+To authorize access, authenticate your requests (via a `ServiceAccount` for example) with a `ClusterRole` attached such as:
+
+```yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: prometheus-node-exporter-read
+rules:
+  - apiGroups: [ "" ]
+    resources: ["services/node-exporter-prometheus-node-exporter"]
+    verbs:
+      - get
+```
+
+See [kube-rbac-proxy examples](https://github.com/brancz/kube-rbac-proxy/tree/master/examples/resource-attributes) for more details.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/NOTES.txt b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/NOTES.txt
new file mode 100644
index 0000000000..8c5391f1f7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/NOTES.txt
@@ -0,0 +1,29 @@
+1. Get the application URL by running these commands:
+{{- if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ template "prometheus-node-exporter.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "prometheus-node-exporter.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ template "prometheus-node-exporter.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ template "prometheus-node-exporter.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ template "prometheus-node-exporter.namespace" . }} {{ template "prometheus-node-exporter.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ template "prometheus-node-exporter.namespace" . }} -l "app.kubernetes.io/name={{ template "prometheus-node-exporter.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:{{ .Values.service.port }} to use your application"
+  kubectl port-forward --namespace {{ template "prometheus-node-exporter.namespace" . }} $POD_NAME {{ .Values.service.port }}
+{{- end }}
+
+{{- if .Values.kubeRBACProxy.enabled}}
+
+kube-rbac-proxy endpoint protections is enabled:
+- Metrics endpoints is now HTTPS
+- Ensure that the client authenticates the requests (e.g. via service account) with the following role permissions:
+```
+rules:
+  - apiGroups: [ "" ]
+    resources: ["services/{{ template "prometheus-node-exporter.fullname" . }}"]
+    verbs:
+      - get
+```
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/_helpers.tpl
new file mode 100644
index 0000000000..72a6db45a1
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/_helpers.tpl
@@ -0,0 +1,236 @@
+# Rancher
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "prometheus-node-exporter.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "prometheus-node-exporter.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "prometheus-node-exporter.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "prometheus-node-exporter.labels" -}}
+helm.sh/chart: {{ include "prometheus-node-exporter.chart" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/component: metrics
+app.kubernetes.io/part-of: {{ include "prometheus-node-exporter.name" . }}
+{{ include "prometheus-node-exporter.selectorLabels" . }}
+{{- with .Chart.AppVersion }}
+app.kubernetes.io/version: {{ . | quote }}
+{{- end }}
+{{- with .Values.podLabels }}
+{{ toYaml . }}
+{{- end }}
+{{- if .Values.releaseLabel }}
+release: {{ .Release.Name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "prometheus-node-exporter.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "prometheus-node-exporter.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "prometheus-node-exporter.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "prometheus-node-exporter.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+The image to use
+*/}}
+{{- define "prometheus-node-exporter.image" -}}
+{{- $temp_registry := (include "system_default_registry" .) }}
+{{- if .Values.image.sha }}
+{{- fail "image.sha forbidden. Use image.digest instead" }}
+{{- else if .Values.image.digest }}
+{{- if $temp_registry }}
+{{- printf "%s%s:%s@%s" $temp_registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.digest }}
+{{- else if .Values.global.imageRegistry }}
+{{- printf "%s/%s:%s@%s" .Values.global.imageRegistry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.digest }}
+{{- else }}
+{{- printf "%s/%s:%s@%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) .Values.image.digest }}
+{{- end }}
+{{- else }}
+{{- if $temp_registry }}
+{{- printf "%s%s:%s" $temp_registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }}
+{{- else if .Values.global.imageRegistry }}
+{{- printf "%s/%s:%s" .Values.global.imageRegistry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }}
+{{- else }}
+{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Allow the release namespace to be overridden for multi-namespace deployments in combined charts
+*/}}
+{{- define "prometheus-node-exporter.namespace" -}}
+{{- if .Values.namespaceOverride }}
+{{- .Values.namespaceOverride }}
+{{- else }}
+{{- .Release.Namespace }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create the namespace name of the service monitor
+*/}}
+{{- define "prometheus-node-exporter.monitor-namespace" -}}
+{{- if .Values.namespaceOverride }}
+{{- .Values.namespaceOverride }}
+{{- else }}
+{{- if .Values.prometheus.monitor.namespace }}
+{{- .Values.prometheus.monitor.namespace }}
+{{- else }}
+{{- .Release.Namespace }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/* Sets default scrape limits for servicemonitor */}}
+{{- define "servicemonitor.scrapeLimits" -}}
+{{- with .sampleLimit }}
+sampleLimit: {{ . }}
+{{- end }}
+{{- with .targetLimit }}
+targetLimit: {{ . }}
+{{- end }}
+{{- with .labelLimit }}
+labelLimit: {{ . }}
+{{- end }}
+{{- with .labelNameLengthLimit }}
+labelNameLengthLimit: {{ . }}
+{{- end }}
+{{- with .labelValueLengthLimit }}
+labelValueLengthLimit: {{ . }}
+{{- end }}
+{{- end }}
+
+{{/*
+Formats imagePullSecrets. Input is (dict "Values" .Values "imagePullSecrets" .{specific imagePullSecrets})
+*/}}
+{{- define "prometheus-node-exporter.imagePullSecrets" -}}
+{{- range (concat .Values.global.imagePullSecrets .imagePullSecrets) }}
+  {{- if eq (typeOf .) "map[string]interface {}" }}
+- {{ toYaml . | trim }}
+  {{- else }}
+- name: {{ . }}
+  {{- end }}
+{{- end }}
+{{- end -}}
+
+{{/*
+Create the namespace name of the pod monitor
+*/}}
+{{- define "prometheus-node-exporter.podmonitor-namespace" -}}
+{{- if .Values.namespaceOverride }}
+{{- .Values.namespaceOverride }}
+{{- else }}
+{{- if .Values.prometheus.podMonitor.namespace }}
+{{- .Values.prometheus.podMonitor.namespace }}
+{{- else }}
+{{- .Release.Namespace }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/* Sets default scrape limits for podmonitor */}}
+{{- define "podmonitor.scrapeLimits" -}}
+{{- with .sampleLimit }}
+sampleLimit: {{ . }}
+{{- end }}
+{{- with .targetLimit }}
+targetLimit: {{ . }}
+{{- end }}
+{{- with .labelLimit }}
+labelLimit: {{ . }}
+{{- end }}
+{{- with .labelNameLengthLimit }}
+labelNameLengthLimit: {{ . }}
+{{- end }}
+{{- with .labelValueLengthLimit }}
+labelValueLengthLimit: {{ . }}
+{{- end }}
+{{- end }}
+
+{{/* Sets sidecar volumeMounts */}}
+{{- define "prometheus-node-exporter.sidecarVolumeMounts" -}}
+{{- range $_, $mount := $.Values.sidecarVolumeMount }}
+- name: {{ $mount.name }}
+  mountPath: {{ $mount.mountPath }}
+  readOnly: {{ $mount.readOnly }}
+{{- end }}
+{{- range $_, $mount := $.Values.sidecarHostVolumeMounts }}
+- name: {{ $mount.name }}
+  mountPath: {{ $mount.mountPath }}
+  readOnly: {{ $mount.readOnly }}
+{{- if $mount.mountPropagation }}
+  mountPropagation: {{ $mount.mountPropagation }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/clusterrole.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/clusterrole.yaml
new file mode 100644
index 0000000000..c256dba73d
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/clusterrole.yaml
@@ -0,0 +1,19 @@
+{{- if and (eq .Values.rbac.create true) (eq .Values.kubeRBACProxy.enabled true) -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+rules:
+  {{-  if $.Values.kubeRBACProxy.enabled  }}
+  - apiGroups: [ "authentication.k8s.io" ]
+    resources:
+      - tokenreviews
+    verbs: [ "create" ]
+  - apiGroups: [ "authorization.k8s.io" ]
+    resources:
+      - subjectaccessreviews
+    verbs: [ "create" ]
+  {{- end }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/clusterrolebinding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000000..653305ad9e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/clusterrolebinding.yaml
@@ -0,0 +1,20 @@
+{{- if and (eq .Values.rbac.create true) (eq .Values.kubeRBACProxy.enabled true) -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+  name: {{ template "prometheus-node-exporter.fullname" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+{{- if .Values.rbac.useExistingRole }}
+  name: {{ .Values.rbac.useExistingRole }}
+{{- else }}
+  name: {{ template "prometheus-node-exporter.fullname" . }}
+{{- end }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "prometheus-node-exporter.serviceAccountName" . }}
+  namespace: {{ template "prometheus-node-exporter.namespace" . }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/daemonset.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/daemonset.yaml
new file mode 100644
index 0000000000..48d274f1b1
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/daemonset.yaml
@@ -0,0 +1,309 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  namespace: {{ include "prometheus-node-exporter.namespace" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+  {{- with .Values.daemonsetAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  selector:
+    matchLabels:
+      {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }}
+  revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
+  {{- with .Values.updateStrategy }}
+  updateStrategy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "prometheus-node-exporter.labels" . | nindent 8 }}
+    spec:
+      automountServiceAccountToken: {{ ternary true false (or .Values.serviceAccount.automountServiceAccountToken .Values.kubeRBACProxy.enabled) }}
+      {{- with .Values.securityContext }}
+      securityContext:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.priorityClassName }}
+      priorityClassName: {{ . }}
+      {{- end }}
+      {{- with .Values.extraInitContainers }}
+      initContainers:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "prometheus-node-exporter.serviceAccountName" . }}
+      {{- with .Values.terminationGracePeriodSeconds }}
+      terminationGracePeriodSeconds: {{ . }}
+      {{- end }}
+      containers:
+        {{- $servicePort := ternary .Values.kubeRBACProxy.port .Values.service.port .Values.kubeRBACProxy.enabled }}
+        - name: node-exporter
+          image: {{ include "prometheus-node-exporter.image" . }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          args:
+            - --path.procfs=/host/proc
+            - --path.sysfs=/host/sys
+            {{- if .Values.hostRootFsMount.enabled }}
+            - --path.rootfs=/host/root
+            {{- if semverCompare ">=1.4.0-0" (coalesce .Values.version .Values.image.tag .Chart.AppVersion) }}
+            - --path.udev.data=/host/root/run/udev/data
+            {{- end }}
+            {{- end }}
+            - --web.listen-address=[$(HOST_IP)]:{{ $servicePort }}
+            {{- with .Values.extraArgs }}
+            {{- toYaml . | nindent 12 }}
+            {{- end }}
+          {{- with .Values.containerSecurityContext }}
+          securityContext:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          env:
+            - name: HOST_IP
+              {{- if .Values.kubeRBACProxy.enabled }}
+              value: 127.0.0.1
+              {{- else if .Values.service.listenOnAllInterfaces }}
+              value: 0.0.0.0
+              {{- else }}
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.hostIP
+              {{- end }}
+            {{- range $key, $value := .Values.env }}
+            - name: {{ $key }}
+              value: {{ $value | quote }}
+            {{- end }}
+          {{- if eq .Values.kubeRBACProxy.enabled false }}
+          ports:
+            - name: {{ .Values.service.portName }}
+              containerPort: {{ .Values.service.port }}
+              protocol: TCP
+          {{- end }}
+          livenessProbe:
+            failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+            httpGet:
+              {{- if .Values.kubeRBACProxy.enabled }}
+              host: 127.0.0.1
+              {{- end }}
+              httpHeaders:
+              {{- range $_, $header := .Values.livenessProbe.httpGet.httpHeaders }}
+              - name: {{ $header.name }}
+                value: {{ $header.value }}
+              {{- end }}
+              path: /
+              port: {{ $servicePort }}
+              scheme: {{ upper .Values.livenessProbe.httpGet.scheme }}
+            initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+            successThreshold: {{ .Values.livenessProbe.successThreshold }}
+            timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
+          readinessProbe:
+            failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+            httpGet:
+              {{- if .Values.kubeRBACProxy.enabled }}
+              host: 127.0.0.1
+              {{- end }}
+              httpHeaders:
+              {{- range $_, $header := .Values.readinessProbe.httpGet.httpHeaders }}
+              - name: {{ $header.name }}
+                value: {{ $header.value }}
+              {{- end }}
+              path: /
+              port: {{ $servicePort }}
+              scheme: {{ upper .Values.readinessProbe.httpGet.scheme }}
+            initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+            successThreshold: {{ .Values.readinessProbe.successThreshold }}
+            timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
+          {{- with .Values.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- if .Values.terminationMessageParams.enabled }}
+          {{- with .Values.terminationMessageParams }}
+          terminationMessagePath: {{ .terminationMessagePath }}
+          terminationMessagePolicy: {{ .terminationMessagePolicy }}
+          {{- end }}
+          {{- end }}
+          volumeMounts:
+            - name: proc
+              mountPath: /host/proc
+              {{- with .Values.hostProcFsMount.mountPropagation }}
+              mountPropagation: {{ . }}
+              {{- end }}
+              readOnly:  true
+            - name: sys
+              mountPath: /host/sys
+              {{- with .Values.hostSysFsMount.mountPropagation }}
+              mountPropagation: {{ . }}
+              {{- end }}
+              readOnly: true
+            {{- if .Values.hostRootFsMount.enabled }}
+            - name: root
+              mountPath: /host/root
+              {{- with .Values.hostRootFsMount.mountPropagation }}
+              mountPropagation: {{ . }}
+              {{- end }}
+              readOnly: true
+            {{- end }}
+            {{- range $_, $mount := .Values.extraHostVolumeMounts }}
+            - name: {{ $mount.name }}
+              mountPath: {{ $mount.mountPath }}
+              readOnly: {{ $mount.readOnly }}
+              {{- with $mount.mountPropagation }}
+              mountPropagation: {{ . }}
+              {{- end }}
+            {{- end }}
+            {{- range $_, $mount := .Values.sidecarVolumeMount }}
+            - name: {{ $mount.name }}
+              mountPath: {{ $mount.mountPath }}
+              readOnly: true
+            {{- end }}
+            {{- range $_, $mount := .Values.configmaps }}
+            - name: {{ $mount.name }}
+              mountPath: {{ $mount.mountPath }}
+            {{- end }}
+            {{- range $_, $mount := .Values.secrets }}
+            - name: {{ .name }}
+              mountPath: {{ .mountPath }}
+            {{- end }}
+        {{- range .Values.sidecars }}
+          {{- $overwrites := dict "volumeMounts" (concat (include "prometheus-node-exporter.sidecarVolumeMounts" $ | fromYamlArray) (.volumeMounts | default list) | default list) }}
+          {{- $defaults := dict "image" (include "prometheus-node-exporter.image" $) "securityContext" $.Values.containerSecurityContext "imagePullPolicy" $.Values.image.pullPolicy }}
+        - {{- toYaml (merge $overwrites . $defaults) | nindent 10 }}
+        {{- end }}
+        {{-  if .Values.kubeRBACProxy.enabled  }}
+        - name: kube-rbac-proxy
+          args:
+            {{-  if .Values.kubeRBACProxy.extraArgs  }}
+            {{- .Values.kubeRBACProxy.extraArgs | toYaml | nindent 12 }}
+            {{-  end  }}
+            - --secure-listen-address=:{{ .Values.service.port}}
+            - --upstream=http://127.0.0.1:{{ $servicePort }}/
+            - --proxy-endpoints-port=8888
+            - --config-file=/etc/kube-rbac-proxy-config/config-file.yaml
+          volumeMounts:
+            - name: kube-rbac-proxy-config
+              mountPath: /etc/kube-rbac-proxy-config
+          imagePullPolicy: {{ .Values.kubeRBACProxy.image.pullPolicy }}
+          {{- $base_registry := (include "monitoring_registry" .) }}
+          {{- if .Values.kubeRBACProxy.image.sha }}
+          image: "{{ $base_registry | default .Values.kubeRBACProxy.image.registry}}/{{ .Values.kubeRBACProxy.image.repository }}:{{ .Values.kubeRBACProxy.image.tag }}@sha256:{{ .Values.kubeRBACProxy.image.sha }}"
+          {{- else }}
+          image: "{{ $base_registry | default .Values.kubeRBACProxy.image.registry}}/{{ .Values.kubeRBACProxy.image.repository }}:{{ .Values.kubeRBACProxy.image.tag }}"
+          {{- end }}
+          ports:
+            - containerPort: {{ .Values.service.port}}
+              name: {{ .Values.kubeRBACProxy.portName }}
+              {{- if .Values.kubeRBACProxy.enableHostPort }}
+              hostPort: {{ .Values.service.port }}
+              {{- end }}
+            - containerPort: 8888
+              name: "http-healthz"
+          readinessProbe:
+            httpGet:
+              scheme: HTTPS
+              port: 8888
+              path: healthz
+            initialDelaySeconds: 5
+            timeoutSeconds: 5
+          {{- if .Values.kubeRBACProxy.resources }}
+          resources:
+          {{- toYaml .Values.kubeRBACProxy.resources | nindent 12 }}
+          {{- end }}
+          {{- if .Values.terminationMessageParams.enabled }}
+          {{- with .Values.terminationMessageParams }}
+          terminationMessagePath: {{ .terminationMessagePath }}
+          terminationMessagePolicy: {{ .terminationMessagePolicy }}
+          {{- end }}
+          {{- end }}
+          {{- with .Values.kubeRBACProxy.env }}
+          env:
+            {{- range $key, $value := $.Values.kubeRBACProxy.env }}
+            - name: {{ $key }}
+              value: {{ $value | quote }}
+            {{- end }}
+          {{- end }}
+          {{- if .Values.kubeRBACProxy.containerSecurityContext }}
+          securityContext:
+          {{ toYaml .Values.kubeRBACProxy.containerSecurityContext | nindent 12 }}
+        {{- end }}
+        {{- end }}
+      {{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }}
+      imagePullSecrets:
+        {{- include "prometheus-node-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.imagePullSecrets) | indent 8 }}
+      {{- end }}
+      hostNetwork: {{ .Values.hostNetwork }}
+      hostPID: {{ .Values.hostPID }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.dnsConfig }}
+      dnsConfig:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.restartPolicy }}
+      restartPolicy: {{ . }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      volumes:
+        - name: proc
+          hostPath:
+            path: /proc
+        - name: sys
+          hostPath:
+            path: /sys
+        {{- if .Values.hostRootFsMount.enabled }}
+        - name: root
+          hostPath:
+            path: /
+        {{- end }}
+        {{- range $_, $mount := .Values.extraHostVolumeMounts }}
+        - name: {{ $mount.name }}
+          hostPath:
+            path: {{ $mount.hostPath }}
+            {{- with $mount.type }}
+            type: {{ . }}
+            {{- end }}
+        {{- end }}
+        {{- range $_, $mount := .Values.sidecarVolumeMount }}
+        - name: {{ $mount.name }}
+          emptyDir:
+            medium: Memory
+        {{- end }}
+        {{- range $_, $mount := .Values.sidecarHostVolumeMounts }}
+        - name: {{ $mount.name }}
+          hostPath:
+            path: {{ $mount.hostPath }}
+        {{- end }}
+        {{- range $_, $mount := .Values.configmaps }}
+        - name: {{ $mount.name }}
+          configMap:
+            name: {{ $mount.name }}
+        {{- end }}
+        {{- range $_, $mount := .Values.secrets }}
+        - name: {{ $mount.name }}
+          secret:
+            secretName: {{ $mount.name }}
+        {{- end }}
+        {{- if .Values.kubeRBACProxy.enabled }}
+        - name: kube-rbac-proxy-config
+          configMap:
+            name: {{ template "prometheus-node-exporter.fullname" . }}-rbac-config
+        {{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/endpoints.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/endpoints.yaml
new file mode 100644
index 0000000000..56b695203a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/endpoints.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.endpoints }}
+apiVersion: v1
+kind: Endpoints
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  namespace: {{ include "prometheus-node-exporter.namespace" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+subsets:
+  - addresses:
+      {{- range .Values.endpoints }}
+      - ip: {{ . }}
+      {{- end }}
+    ports:
+      - name: {{ .Values.service.portName }}
+        port: {{ .Values.service.port }}
+        protocol: TCP
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/extra-manifests.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/extra-manifests.yaml
new file mode 100644
index 0000000000..2b21b71062
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/extra-manifests.yaml
@@ -0,0 +1,4 @@
+{{ range .Values.extraManifests }}
+---
+{{ tpl . $ }}
+{{ end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/networkpolicy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/networkpolicy.yaml
new file mode 100644
index 0000000000..825722729d
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/networkpolicy.yaml
@@ -0,0 +1,23 @@
+{{- if .Values.networkPolicy.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  namespace: {{ include "prometheus-node-exporter.namespace" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" $ | nindent 4 }}
+  {{- with .Values.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  ingress:
+    - ports:
+      - port: {{ .Values.service.port }}
+  policyTypes:
+    - Egress
+    - Ingress
+  podSelector:
+    matchLabels:
+      {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/podmonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/podmonitor.yaml
new file mode 100644
index 0000000000..f88da6a34e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/podmonitor.yaml
@@ -0,0 +1,91 @@
+{{- if .Values.prometheus.podMonitor.enabled }}
+apiVersion: {{ .Values.prometheus.podMonitor.apiVersion | default "monitoring.coreos.com/v1" }}
+kind: PodMonitor
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  namespace: {{ include "prometheus-node-exporter.podmonitor-namespace" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+    {{- with .Values.prometheus.podMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.podMonitor.jobLabel }}
+  {{- include "podmonitor.scrapeLimits" .Values.prometheus.podMonitor | nindent 2 }}
+  selector:
+    matchLabels:
+    {{- with .Values.prometheus.podMonitor.selectorOverride }}
+      {{- toYaml . | nindent 6 }}
+    {{- else }}
+      {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - {{ include "prometheus-node-exporter.namespace" . }}
+  {{- with .Values.prometheus.podMonitor.attachMetadata }}
+  attachMetadata:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.prometheus.podMonitor.podTargetLabels }}
+  podTargetLabels:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  podMetricsEndpoints:
+    - port: {{ .Values.service.portName }}
+      {{- with .Values.prometheus.podMonitor.scheme }}
+      scheme: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.path }}
+      path: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.basicAuth }}
+      basicAuth:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.bearerTokenSecret }}
+      bearerTokenSecret:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.tlsConfig }}
+      tlsConfig:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.authorization }}
+      authorization:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.oauth2 }}
+      oauth2:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.proxyUrl }}
+      proxyUrl: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.interval }}
+      interval: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.honorTimestamps }}
+      honorTimestamps: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.honorLabels }}
+      honorLabels: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.scrapeTimeout }}
+      scrapeTimeout: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.relabelings }}
+      relabelings:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.metricRelabelings }}
+      metricRelabelings:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      enableHttp2: {{ default false .Values.prometheus.podMonitor.enableHttp2 }}
+      filterRunning: {{ default true .Values.prometheus.podMonitor.filterRunning }}
+      followRedirects: {{ default false .Values.prometheus.podMonitor.followRedirects }}
+      {{- with .Values.prometheus.podMonitor.params }}
+      params:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml
new file mode 100644
index 0000000000..ee5bbba4a5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml
@@ -0,0 +1,14 @@
+{{- if and (or .Values.global.cattle.psp.enable (and .Values.rbac.create .Values.rbac.pspEnabled)) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: psp-{{ include "prometheus-node-exporter.fullname" . }}
+  labels: 
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+rules:
+- apiGroups: ['extensions']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+    - {{ include "prometheus-node-exporter.fullname" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml
new file mode 100644
index 0000000000..160f2bbf7a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml
@@ -0,0 +1,16 @@
+{{- if and (or .Values.global.cattle.psp.enable (and .Values.rbac.create .Values.rbac.pspEnabled)) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: psp-{{ include "prometheus-node-exporter.fullname" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: psp-{{ include "prometheus-node-exporter.fullname" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "prometheus-node-exporter.fullname" . }}
+    namespace: {{ include "prometheus-node-exporter.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/psp.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/psp.yaml
new file mode 100644
index 0000000000..f3b52e1120
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/psp.yaml
@@ -0,0 +1,49 @@
+{{- if and (or .Values.global.cattle.psp.enable (and .Values.rbac.create .Values.rbac.pspEnabled)) (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  namespace: {{ include "prometheus-node-exporter.namespace" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+  {{- with .Values.rbac.pspAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  privileged: false
+  # Allow core volume types.
+  volumes:
+    - 'configMap'
+    - 'emptyDir'
+    - 'projected'
+    - 'secret'
+    - 'downwardAPI'
+    - 'persistentVolumeClaim'
+    - 'hostPath'
+  hostNetwork: true
+  hostIPC: false
+  hostPID: true
+  hostPorts:
+    - min: 0
+      max: 65535
+  runAsUser:
+    # Permits the container to run with root privileges as well.
+    rule: 'RunAsAny'
+  seLinux:
+    # This policy assumes the nodes are using AppArmor rather than SELinux.
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/rbac-configmap.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/rbac-configmap.yaml
new file mode 100644
index 0000000000..814e110337
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/rbac-configmap.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.kubeRBACProxy.enabled}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "prometheus-node-exporter.fullname" . }}-rbac-config
+  namespace: {{ include "prometheus-node-exporter.namespace" . }}
+data:
+  config-file.yaml: |+
+    authorization:
+      resourceAttributes:
+        namespace: {{ template "prometheus-node-exporter.namespace" . }}
+        apiVersion: v1
+        resource: services
+        subresource: {{ template "prometheus-node-exporter.fullname" . }}
+        name: {{ template "prometheus-node-exporter.fullname" . }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/service.yaml
new file mode 100644
index 0000000000..a065e46e39
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/service.yaml
@@ -0,0 +1,29 @@
+{{- if .Values.service.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  namespace: {{ include "prometheus-node-exporter.namespace" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" $ | nindent 4 }}
+  {{- with .Values.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+{{- if .Values.service.ipDualStack.enabled }}
+  ipFamilies: {{ toYaml .Values.service.ipDualStack.ipFamilies | nindent 4 }}
+  ipFamilyPolicy: {{ .Values.service.ipDualStack.ipFamilyPolicy }}
+{{- end }}
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      {{- if ( and (eq .Values.service.type "NodePort" ) (not (empty .Values.service.nodePort)) ) }}
+      nodePort: {{ .Values.service.nodePort }}
+      {{- end }}
+      targetPort: {{ .Values.service.targetPort }}
+      protocol: TCP
+      name: {{ .Values.service.portName }}
+  selector:
+    {{- include "prometheus-node-exporter.selectorLabels" . | nindent 4 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/serviceaccount.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..5c3348c09b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/serviceaccount.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.rbac.create .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "prometheus-node-exporter.serviceAccountName" . }}
+  namespace: {{ include "prometheus-node-exporter.namespace" . }}
+  labels: 
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- if or .Values.serviceAccount.imagePullSecrets .Values.global.imagePullSecrets }}
+imagePullSecrets:
+  {{- include "prometheus-node-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.serviceAccount.imagePullSecrets) | indent 2 }}
+{{- end }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/servicemonitor.yaml
new file mode 100644
index 0000000000..6d6e440473
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/servicemonitor.yaml
@@ -0,0 +1,71 @@
+{{- if .Values.prometheus.monitor.enabled }}
+apiVersion: {{ .Values.prometheus.monitor.apiVersion | default "monitoring.coreos.com/v1" }}
+kind: ServiceMonitor
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  namespace: {{ include "prometheus-node-exporter.monitor-namespace" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+    {{- with .Values.prometheus.monitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.monitor.jobLabel }}
+  {{- include "servicemonitor.scrapeLimits" .Values.prometheus.monitor | nindent 2 }}
+  {{- with .Values.prometheus.monitor.podTargetLabels }}
+  podTargetLabels:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  selector:
+    matchLabels:
+    {{- with .Values.prometheus.monitor.selectorOverride }}
+      {{- toYaml . | nindent 6 }}
+    {{- else }}
+      {{- include "prometheus-node-exporter.selectorLabels" . | nindent 6 }}
+    {{- end }}
+  {{- with .Values.prometheus.monitor.attachMetadata }}
+  attachMetadata:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  endpoints:
+    - port: {{ .Values.service.portName }}
+      scheme: {{ .Values.prometheus.monitor.scheme }}
+      {{- with .Values.prometheus.monitor.basicAuth }}
+      basicAuth:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.bearerTokenFile }}
+      bearerTokenFile: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.tlsConfig }}
+      tlsConfig:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.proxyUrl }}
+      proxyUrl: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.interval }}
+      interval: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.scrapeTimeout }}
+      scrapeTimeout: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.relabelings }}
+      relabelings:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+      metricRelabelings:
+        {{- with .Values.prometheus.monitor.metricRelabelings }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{ if .Values.global.cattle.clusterId }}
+        - sourceLabels: [__address__]
+          targetLabel: cluster_id
+          replacement: {{ .Values.global.cattle.clusterId }}
+        {{- end }}
+        {{ if .Values.global.cattle.clusterName }}
+        - sourceLabels: [__address__]
+          targetLabel: cluster_name
+          replacement: {{ .Values.global.cattle.clusterName }}
+      {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/verticalpodautoscaler.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/verticalpodautoscaler.yaml
new file mode 100644
index 0000000000..2c2705f872
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/templates/verticalpodautoscaler.yaml
@@ -0,0 +1,40 @@
+{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1") (.Values.verticalPodAutoscaler.enabled) }}
+apiVersion: autoscaling.k8s.io/v1
+kind: VerticalPodAutoscaler
+metadata:
+  name: {{ include "prometheus-node-exporter.fullname" . }}
+  namespace: {{ include "prometheus-node-exporter.namespace" . }}
+  labels:
+    {{- include "prometheus-node-exporter.labels" . | nindent 4 }}
+spec:
+  {{- with .Values.verticalPodAutoscaler.recommenders }}
+  recommenders:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  resourcePolicy:
+    containerPolicies:
+    - containerName: node-exporter
+      {{- with .Values.verticalPodAutoscaler.controlledResources }}
+      controlledResources:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.verticalPodAutoscaler.controlledValues }}
+      controlledValues: {{ . }}
+      {{- end }}
+      {{- with .Values.verticalPodAutoscaler.maxAllowed }}
+      maxAllowed:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.verticalPodAutoscaler.minAllowed }}
+      minAllowed:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+  targetRef:
+    apiVersion: apps/v1
+    kind: DaemonSet
+    name: {{ include "prometheus-node-exporter.fullname" . }}
+  {{- with .Values.verticalPodAutoscaler.updatePolicy }}
+  updatePolicy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/values.yaml
new file mode 100644
index 0000000000..b9f2f7ab87
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/prometheus-node-exporter/values.yaml
@@ -0,0 +1,530 @@
+# Default values for prometheus-node-exporter.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+image:
+  registry: docker.io
+  repository: rancher/mirrored-prometheus-node-exporter
+  # Overrides the image tag whose default is {{ printf "v%s" .Chart.AppVersion }}
+  tag: v1.7.0
+  pullPolicy: IfNotPresent
+  digest: ""
+
+imagePullSecrets: []
+# - name: "image-pull-secret"
+nameOverride: ""
+fullnameOverride: ""
+
+# Number of old history to retain to allow rollback
+# Default Kubernetes value is set to 10
+revisionHistoryLimit: 10
+
+global:
+  cattle:
+    psp:
+      enable: true
+    systemDefaultRegistry: ""
+
+  # To help compatibility with other charts which use global.imagePullSecrets.
+  # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style).
+  # global:
+  #   imagePullSecrets:
+  #   - name: pullSecret1
+  #   - name: pullSecret2
+  # or
+  # global:
+  #   imagePullSecrets:
+  #   - pullSecret1
+  #   - pullSecret2
+  imagePullSecrets: []
+  #
+  # Allow parent charts to override registry hostname
+  imageRegistry: "docker.io"
+
+# Configure kube-rbac-proxy. When enabled, creates a kube-rbac-proxy to protect the node-exporter http endpoint.
+# The requests are served through the same service but requests are HTTPS.
+kubeRBACProxy:
+  enabled: false
+  ## Set environment variables as name/value pairs
+  env: {}
+    # VARIABLE: value
+  image:
+    registry: docker.io
+    repository: rancher/mirrored-kube-rbac-proxy
+    tag: v0.15.0
+    sha: ""
+    pullPolicy: IfNotPresent
+
+  # List of additional cli arguments to configure kube-rbac-proxy
+  # for example: --tls-cipher-suites, --log-file, etc.
+  # all the possible args can be found here: https://github.com/brancz/kube-rbac-proxy#usage
+  extraArgs: []
+
+  ## Specify security settings for a Container
+  ## Allows overrides and additional options compared to (Pod) securityContext
+  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
+  containerSecurityContext: {}
+
+  # Specify the port used for the Node exporter container (upstream port)
+  port: 8100
+  # Specify the name of the container port
+  portName: http
+  # Configure a hostPort. If true, hostPort will be enabled in the container and set to service.port.
+  enableHostPort: false
+
+  resources: {}
+    # We usually recommend not to specify default resources and to leave this as a conscious
+    # choice for the user. This also increases chances charts run on environments with little
+    # resources, such as Minikube. If you do want to specify resources, uncomment the following
+    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+    # limits:
+    #  cpu: 100m
+    #  memory: 64Mi
+  # requests:
+  #  cpu: 10m
+  #  memory: 32Mi
+
+service:
+  enabled: true
+  type: ClusterIP
+  port: 9796
+  targetPort: 9796
+  nodePort:
+  portName: metrics
+  listenOnAllInterfaces: true
+  annotations:
+    prometheus.io/scrape: "true"
+  ipDualStack:
+    enabled: false
+    ipFamilies: ["IPv6", "IPv4"]
+    ipFamilyPolicy: "PreferDualStack"
+
+# Set a NetworkPolicy with:
+# ingress only on service.port
+# no egress permitted
+networkPolicy:
+  enabled: false
+
+# Additional environment variables that will be passed to the daemonset
+env: {}
+##  env:
+##    VARIABLE: value
+
+prometheus:
+  monitor:
+    enabled: false
+    additionalLabels: {}
+    namespace: ""
+
+    jobLabel: ""
+
+    # List of pod labels to add to node exporter metrics
+    # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitor
+    podTargetLabels: []
+
+    scheme: http
+    basicAuth: {}
+    bearerTokenFile:
+    tlsConfig: {}
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## Override serviceMonitor selector
+    ##
+    selectorOverride: {}
+
+    ## Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above.
+    ##
+    attachMetadata:
+      node: false
+
+    relabelings: []
+    metricRelabelings: []
+    interval: ""
+    scrapeTimeout: 10s
+    ## prometheus.monitor.apiVersion ApiVersion for the serviceMonitor Resource(defaults to "monitoring.coreos.com/v1")
+    apiVersion: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+  # PodMonitor defines monitoring for a set of pods.
+  # ref. https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.PodMonitor
+  # Using a PodMonitor may be preferred in some environments where there is very large number
+  # of Node Exporter endpoints (1000+) behind a single service.
+  # The PodMonitor is disabled by default. When switching from ServiceMonitor to PodMonitor,
+  # the time series resulting from the configuration through PodMonitor may have different labels.
+  # For instance, there will not be the service label any longer which might
+  # affect PromQL queries selecting that label.
+  podMonitor:
+    enabled: false
+    # Namespace in which to deploy the pod monitor. Defaults to the release namespace.
+    namespace: ""
+    # Additional labels, e.g. setting a label for pod monitor selector as set in prometheus
+    additionalLabels: {}
+    #  release: kube-prometheus-stack
+    # PodTargetLabels transfers labels of the Kubernetes Pod onto the target.
+    podTargetLabels: []
+    # apiVersion defaults to monitoring.coreos.com/v1.
+    apiVersion: ""
+    # Override pod selector to select pod objects.
+    selectorOverride: {}
+    # Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above.
+    attachMetadata:
+      node: false
+    # The label to use to retrieve the job name from. Defaults to label app.kubernetes.io/name.
+    jobLabel: ""
+
+    # Scheme/protocol to use for scraping.
+    scheme: "http"
+    # Path to scrape metrics at.
+    path: "/metrics"
+
+    # BasicAuth allow an endpoint to authenticate over basic authentication.
+    # More info: https://prometheus.io/docs/operating/configuration/#endpoint
+    basicAuth: {}
+    # Secret to mount to read bearer token for scraping targets.
+    # The secret needs to be in the same namespace as the pod monitor and accessible by the Prometheus Operator.
+    # https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#secretkeyselector-v1-core
+    bearerTokenSecret: {}
+    # TLS configuration to use when scraping the endpoint.
+    tlsConfig: {}
+    # Authorization section for this endpoint.
+    # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.SafeAuthorization
+    authorization: {}
+    # OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
+    # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.OAuth2
+    oauth2: {}
+
+    # ProxyURL eg http://proxyserver:2195. Directs scrapes through proxy to this endpoint.
+    proxyUrl: ""
+    # Interval at which endpoints should be scraped. If not specified Prometheus’ global scrape interval is used.
+    interval: ""
+    # Timeout after which the scrape is ended. If not specified, the Prometheus global scrape interval is used.
+    scrapeTimeout: ""
+    # HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data.
+    honorTimestamps: true
+    # HonorLabels chooses the metric’s labels on collisions with target labels.
+    honorLabels: true
+    # Whether to enable HTTP2. Default false.
+    enableHttp2: ""
+    # Drop pods that are not running. (Failed, Succeeded).
+    # Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase
+    filterRunning: ""
+    # FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. Default false.
+    followRedirects: ""
+    # Optional HTTP URL parameters
+    params: {}
+
+    # RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds
+    # relabelings for a few standard Kubernetes fields. The original scrape job’s name
+    # is available via the __tmp_prometheus_job_name label.
+    # More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
+    relabelings: []
+    # MetricRelabelConfigs to apply to samples before ingestion.
+    metricRelabelings: []
+
+    # SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    sampleLimit: 0
+    # TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    targetLimit: 0
+    # Per-scrape limit on number of labels that will be accepted for a sample.
+    # Only valid in Prometheus versions 2.27.0 and newer.
+    labelLimit: 0
+    # Per-scrape limit on length of labels name that will be accepted for a sample.
+    # Only valid in Prometheus versions 2.27.0 and newer.
+    labelNameLengthLimit: 0
+    # Per-scrape limit on length of labels value that will be accepted for a sample.
+    # Only valid in Prometheus versions 2.27.0 and newer.
+    labelValueLengthLimit: 0
+
+## Customize the updateStrategy if set
+updateStrategy:
+  type: RollingUpdate
+  rollingUpdate:
+    maxUnavailable: 1
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 200m
+  #   memory: 50Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 30Mi
+
+# Specify the container restart policy passed to the Node Export container
+# Possible Values: Always (default)|OnFailure|Never
+restartPolicy: null
+
+serviceAccount:
+  # Specifies whether a ServiceAccount should be created
+  create: true
+  # The name of the ServiceAccount to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name:
+  annotations: {}
+  imagePullSecrets: []
+  automountServiceAccountToken: false
+
+securityContext:
+  fsGroup: 65534
+  runAsGroup: 65534
+  runAsNonRoot: true
+  runAsUser: 65534
+
+containerSecurityContext:
+  readOnlyRootFilesystem: true
+  # capabilities:
+  #   add:
+  #   - SYS_TIME
+
+rbac:
+  ## If true, create & use RBAC resources
+  ##
+  create: true
+  pspAnnotations: {}
+
+# for deployments that have node_exporter deployed outside of the cluster, list
+# their addresses here
+endpoints: []
+
+# Expose the service to the host network
+hostNetwork: true
+
+# Share the host process ID namespace
+hostPID: true
+
+# Mount the node's root file system (/) at /host/root in the container
+hostRootFsMount:
+  enabled: true
+  # Defines how new mounts in existing mounts on the node or in the container
+  # are propagated to the container or node, respectively. Possible values are
+  # None, HostToContainer, and Bidirectional. If this field is omitted, then
+  # None is used. More information on:
+  # https://kubernetes.io/docs/concepts/storage/volumes/#mount-propagation
+  mountPropagation: HostToContainer
+
+# Mount the node's proc file system (/proc) at /host/proc in the container
+hostProcFsMount:
+  # Possible values are None, HostToContainer, and Bidirectional
+  mountPropagation: ""
+
+# Mount the node's sys file system (/sys) at /host/sys in the container
+hostSysFsMount:
+  # Possible values are None, HostToContainer, and Bidirectional
+  mountPropagation: ""
+
+## Assign a group of affinity scheduling rules
+##
+affinity: {}
+#   nodeAffinity:
+#     requiredDuringSchedulingIgnoredDuringExecution:
+#       nodeSelectorTerms:
+#         - matchFields:
+#             - key: metadata.name
+#               operator: In
+#               values:
+#                 - target-host-name
+
+# Annotations to be added to node exporter pods
+podAnnotations:
+  # Fix for very slow GKE cluster upgrades
+  cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
+
+# Extra labels to be added to node exporter pods
+podLabels: {}
+
+# Annotations to be added to node exporter daemonset
+daemonsetAnnotations: {}
+
+## set to true to add the release label so scraping of the servicemonitor with kube-prometheus-stack works out of the box
+releaseLabel: false
+
+# Custom DNS configuration to be added to prometheus-node-exporter pods
+dnsConfig: {}
+# nameservers:
+#   - 1.2.3.4
+# searches:
+#   - ns1.svc.cluster-domain.example
+#   - my.dns.search.suffix
+# options:
+#   - name: ndots
+#     value: "2"
+#   - name: edns0
+
+## Assign a nodeSelector if operating a hybrid cluster
+##
+nodeSelector:
+  kubernetes.io/os: linux
+  #  kubernetes.io/arch: amd64
+
+# Specify grace period for graceful termination of pods. Defaults to 30 if null or not specified
+terminationGracePeriodSeconds: null
+
+tolerations:
+  - effect: NoSchedule
+    operator: Exists
+  - effect: NoExecute
+    operator: Exists
+
+# Enable or disable container termination message settings
+# https://kubernetes.io/docs/tasks/debug/debug-application/determine-reason-pod-failure/
+terminationMessageParams:
+  enabled: false
+  # If enabled, specify the path for termination messages
+  terminationMessagePath: /dev/termination-log
+  # If enabled, specify the policy for termination messages
+  terminationMessagePolicy: File
+
+
+## Assign a PriorityClassName to pods if set
+# priorityClassName: ""
+
+## Additional container arguments
+##
+extraArgs: []
+#   - --collector.diskstats.ignored-devices=^(ram|loop|fd|(h|s|v)d[a-z]|nvme\\d+n\\d+p)\\d+$
+#   - --collector.textfile.directory=/run/prometheus
+
+## Additional mounts from the host to node-exporter container
+##
+extraHostVolumeMounts: []
+#  - name: <mountName>
+#    hostPath: <hostPath>
+#    https://kubernetes.io/docs/concepts/storage/volumes/#hostpath-volume-types
+#    type: "" (Default)|DirectoryOrCreate|Directory|FileOrCreate|File|Socket|CharDevice|BlockDevice
+#    mountPath: <mountPath>
+#    readOnly: true|false
+#    mountPropagation: None|HostToContainer|Bidirectional
+
+## Additional configmaps to be mounted.
+##
+configmaps: []
+# - name: <configMapName>
+#   mountPath: <mountPath>
+secrets: []
+# - name: <secretName>
+#   mountPath: <mountPatch>
+## Override the deployment namespace
+##
+namespaceOverride: ""
+
+## Additional containers for export metrics to text file; fields image,imagePullPolicy,securityContext take default value from main container
+##
+sidecars: []
+#  - name: nvidia-dcgm-exporter
+#    image: nvidia/dcgm-exporter:1.4.3
+#    volumeMounts:
+#     - name: tmp
+#       mountPath: /tmp
+
+## Volume for sidecar containers
+##
+sidecarVolumeMount: []
+#  - name: collector-textfiles
+#    mountPath: /run/prometheus
+#    readOnly: false
+
+## Additional mounts from the host to sidecar containers
+##
+sidecarHostVolumeMounts: []
+#  - name: <mountName>
+#    hostPath: <hostPath>
+#    mountPath: <mountPath>
+#    readOnly: true|false
+#    mountPropagation: None|HostToContainer|Bidirectional
+
+## Additional InitContainers to initialize the pod
+##
+extraInitContainers: []
+
+## Liveness probe
+##
+livenessProbe:
+  failureThreshold: 3
+  httpGet:
+    httpHeaders: []
+    scheme: http
+  initialDelaySeconds: 0
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 1
+
+## Readiness probe
+##
+readinessProbe:
+  failureThreshold: 3
+  httpGet:
+    httpHeaders: []
+    scheme: http
+  initialDelaySeconds: 0
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 1
+
+# Enable vertical pod autoscaler support for prometheus-node-exporter
+verticalPodAutoscaler:
+  enabled: false
+
+  # Recommender responsible for generating recommendation for the object.
+  # List should be empty (then the default recommender will generate the recommendation)
+  # or contain exactly one recommender.
+  # recommenders:
+  # - name: custom-recommender-performance
+
+  # List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
+  controlledResources: []
+  # Specifies which resource values should be controlled: RequestsOnly or RequestsAndLimits.
+  # controlledValues: RequestsAndLimits
+
+  # Define the max allowed resources for the pod
+  maxAllowed: {}
+  # cpu: 200m
+  # memory: 100Mi
+  # Define the min allowed resources for the pod
+  minAllowed: {}
+  # cpu: 200m
+  # memory: 100Mi
+
+  # updatePolicy:
+    # Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction
+    # minReplicas: 1
+    # Specifies whether recommended updates are applied when a Pod is started and whether recommended updates
+    # are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto".
+    # updateMode: Auto
+
+# Extra manifests to deploy as an array
+extraManifests: []
+  # - |
+  #   apiVersion: v1
+  #   kind: ConfigMap
+  #   metadata:
+  #     name: prometheus-extra
+  #   data:
+  #     extra-data: "value"
+
+# Override version of app, required if image.tag is defined and does not follow semver
+version: ""
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/Chart.yaml
new file mode 100644
index 0000000000..c50eeb0faf
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rke2ControllerManager
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2ControllerManager/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/Chart.yaml
new file mode 100644
index 0000000000..266f100ff9
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rke2Etcd
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Etcd/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/Chart.yaml
new file mode 100644
index 0000000000..8978b71027
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rke2IngressNginx
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2IngressNginx/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/Chart.yaml
new file mode 100644
index 0000000000..a8d19e9326
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rke2Proxy
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Proxy/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/Chart.yaml
new file mode 100644
index 0000000000..bffedd10b1
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rke2Scheduler
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rke2Scheduler/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/Chart.yaml
new file mode 100644
index 0000000000..76cc55be61
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rkeControllerManager
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeControllerManager/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/Chart.yaml
new file mode 100644
index 0000000000..7f08ee0ba7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rkeEtcd
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeEtcd/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/Chart.yaml
new file mode 100644
index 0000000000..4fd9562394
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rkeIngressNginx
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeIngressNginx/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/Chart.yaml
new file mode 100644
index 0000000000..5ff503cf7c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rkeProxy
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeProxy/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/Chart.yaml
new file mode 100644
index 0000000000..7ff647b0c2
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/Chart.yaml
@@ -0,0 +1,15 @@
+annotations:
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+  catalog.cattle.io/os: linux
+  catalog.rancher.io/certified: rancher
+  catalog.rancher.io/namespace: cattle-monitoring-system
+  catalog.rancher.io/release-name: rancher-pushprox
+apiVersion: v1
+appVersion: v0.1.4-rancher2
+description: Sets up a deployment of the PushProx proxy and a DaemonSet of PushProx
+  clients.
+kubeVersion: '>=1.26.0-0'
+name: rkeScheduler
+type: application
+version: 0.2.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/README.md
new file mode 100644
index 0000000000..345002f48a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/README.md
@@ -0,0 +1,90 @@
+# rancher-pushprox
+
+A Rancher chart based on Rancher [PushProx](https://github.com/rancher/PushProx) that sets up a Deployment of a PushProx proxy and a DaemonSet of PushProx clients on a Kubernetes cluster.
+
+Installs [rancher-pushprox](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-pushprox) to create PushProx clients that can access their host's network and register with a PushProx proxy. A [Prometheus Operator](https://github.com/coreos/prometheus-operator) ServiceMonitor CR is also included that is configured to scrape the metrics from each of the clients through the proxy.
+
+Using an instance of this chart is suitable for the following scenarios:
+- You need to scrape metrics from a port that should not be accessible outside of the host (e.g. scraping `etcd` metrics in a hardened cluster)
+- You need to scrape metrics on a host that are not exposed outside of 127.0.0.1 (e.g. scraping `kube-proxy` metrics)
+- You need to scrape metrics through HTTPS using certs hosted directly on `hostPath`
+- You need to scrape metrics from Kubernetes components that require authorization via a service account (e.g. permissions to make request to `/metrics`)
+- You need to scrape metrics without access to cacerts (i.e. enable `insecureSkipVerify`)
+
+The clients and proxy are created based on a Rancher fork of the [prometheus-community/PushProx](https://github.com/prometheus-community/PushProx) project.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+​
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
+
+## Configuration
+
+The following tables list the configurable parameters of the rancher-pushprox chart and their default values.
+
+### General
+
+#### Required
+| Parameter | Description | Example |
+| ----- | ----------- | ------ |
+| `component` | The component that is being monitored | `kube-etcd`
+| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
+| `namespaceOverride` | The namespace to install the chart | `""`
+
+#### Optional
+| Parameter | Description | Default |
+| ----- | ----------- | ------ |
+| `serviceMonitor.enabled` | Deploys a [Prometheus Operator](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor) ServiceMonitor CR that is configured to scrape metrics on the hosts that the clients are deployed on via the proxy. Also deploys a Service that points to all pods with the expected client name that exposes the `metricsPort` selected | `true` |
+| `serviceMonitor.endpoints` | A list of endpoints that will be added to the ServiceMonitor based on the [Endpoint spec](https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint) | `[{port: metrics}]` |
+| `service.selector` | The selector that is used to populate the Service's Endpoints object. The chart will error out on rendering templating if `.Values.clients.enabled` is set alongside this field, since it is expected that this service should point to the PushProx Clients Daemonset / Deployment | `{}` |
+| `clients.enabled` | Deploys a DaemonSet of clients that are each capable of scraping endpoints on the hostNetwork it is deployed on | `true` |
+| `clients.port` |  The port where the client will publish PushProx client-specific metrics. If deploying multiple clients onto the same node, the clients should not have conflicting ports | `9369` |
+| `clients.proxyUrl` | Overrides the default proxyUrl setting of `http://pushprox-{{ .Values.component }}-proxy.{{ . Release.Namespace }}.svc.cluster.local:{{ .Values.proxy.port }}"` with the `proxyUrl` specified | `""` |
+| `clients.useLocalhost` | Sets a flag on each client deployment to redirect scrapes directed to `HOST_IP` to `127.0.0.1` | `false` |
+| `clients.https.enabled` | Enables scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.forceHTTPSScheme` | Forces scraping metrics via HTTPS using the provided TLS certs that exist on each host | `false` |
+| `clients.https.useServiceAccountCredentials` | If set to true, the client will create a service account with permissions to scrape `/metrics` endpoint of Kubernetes components. The client will use the service account token provided to make authorized scrape requests to the Kubernetes API | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.enabled` | If set to true, the client will use service account credentials mounted at the configured path `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath`. This requires permissions to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath` | This is a volume mount on the pod with permissions to scrape `/metrics` endpoint of Kubernetes components | `"/var/run/secrets/kubernetes.io/serviceaccount/token"` |
+| `clients.https.authenticationMethod.bearerTokenSecret.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components. This method is deprecated by the prometheus operator and may be removed in a future release | `false` |
+| `clients.https.authenticationMethod.authorization.enabled` | If set to true, the client will use service account credentials to scrape `/metrics` endpoint of Kubernetes components | `false` |
+| `clients.https.authenticationMethod.authorization.type` | If set, the client will use this type of authorization in its client requests for metrics | `"bearer"` |
+| `clients.https.authenticationMethod.authorization.credentials.key` | If set, the client will use this key in the secret created by `clients.https.useServiceAccountCredentials` for authorization in its client requests for metrics | `"token"` |
+| `clients.https.authenticationMethod.authorization.credentials.optional` | If set to false, the client will fail if the key in the secret created by `clients.https.useServiceAccountCredentials` does not exist | `false` |
+| `clients.https.insecureSkipVerify` | If set to true, the client will disable SSL security checks | `false` |
+| `clients.https.certDir` | A `hostPath` where TLS certs can be found. This path is mounted as a volume on an `initContainer` which copies only the necessary files over to an EmptyDir volume used by each client. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.certFile` | The path to the TLS cert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
+| `clients.https.seLinuxOptions` | seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host. Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided. | `""` |
+| `clients.metrics.enabled` | Whether the client should publish PushProx client-specific metrics. | `false` |
+| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
+| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
+| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
+| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
+| `clients.resources` | Set resource limits and requests for the client container | `{}` |
+| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
+| `clients.tolerations` | Specify tolerations for clients | `[]` |
+| `proxy.enabled` | Deploys the proxy that each client will register with | `true` |
+| `proxy.port` | The port exposed by the proxy that each client will register with to allow metrics to be scraped from the host | `8080` |
+| `proxy.resources` | Set resource limits and requests for the proxy container | `{}` |
+| `proxy.nodeSelector` | Select which nodes the proxy can be deployed on | `{}` |
+| `proxy.tolerations` | Specify tolerations (if necessary) to allow the proxy to be deployed on the selected node | `[]` |
+| `kubeVersionOverrides` | A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches any of the semver constraints provided as keys on the map. On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. | `[]`
+
+*Tip: The filepaths set in `clients.https.<cert|key|caCert>File` can include wildcard characters*. 
+
+See [rancher-monitoring](https://github.com/rancher/charts/tree/gh-pages/packages/rancher-monitoring) for examples of how this chart can be used.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/_helpers.tpl
new file mode 100644
index 0000000000..1ba5093944
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/_helpers.tpl
@@ -0,0 +1,170 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# General
+
+{{- define "applyKubeVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.kubeVersionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{- define "pushprox.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "pushProxy.commonLabels" -}}
+release: {{ .Release.Name }}
+component: {{ .Values.component | quote }}
+provider: kubernetes
+{{- end -}}
+
+{{- define "pushProxy.proxyUrl" -}}
+{{- $_ := (required "Template requires either .Values.proxy.port or .Values.client.proxyUrl to set proxyUrl for client" (or .Values.clients.proxyUrl .Values.proxy.port)) -}}
+{{- if .Values.clients.proxyUrl -}}
+{{ printf "%s" .Values.clients.proxyUrl }}
+{{- else -}}
+{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
+{{- end -}}{{- end -}}
+
+# Client
+
+{{- define "pushProxy.client.name" -}}
+{{- printf "pushprox-%s-client" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.serviceAccountTokenName" -}}
+{{- printf "pushprox-%s-client-service-account-token" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.client.labels" -}}
+k8s-app: {{ template "pushProxy.client.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# Proxy
+
+{{- define "pushProxy.proxy.name" -}}
+{{- printf "pushprox-%s-proxy" (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.proxy.labels" -}}
+k8s-app: {{ template "pushProxy.proxy.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+# ServiceMonitor
+
+{{- define "pushprox.serviceMonitor.name" -}}
+{{- printf "%s-%s" .Release.Name (required ".Values.component is required" .Values.component) -}}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.labels" -}}
+app: {{ template "pushprox.serviceMonitor.name" . }}
+{{ template "pushProxy.commonLabels" . }}
+{{- end -}}
+
+{{- define "pushProxy.serviceMonitor.endpoints" -}}
+{{- $proxyURL := (include "pushProxy.proxyUrl" .) -}}
+{{- $useHTTPS := .Values.clients.https.enabled -}}
+{{- $setHTTPSScheme := .Values.clients.https.forceHTTPSScheme -}}
+{{- $insecureSkipVerify := .Values.clients.https.insecureSkipVerify -}}
+{{- $useServiceAccountCredentials := .Values.clients.https.useServiceAccountCredentials -}}
+{{- $serviceAccountTokenName := (include "pushProxy.client.serviceAccountTokenName" . ) -}}
+{{- $metricRelabelings := list }}
+{{- $endpoints := .Values.serviceMonitor.endpoints }}
+{{- if .Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- range $endpoints }}
+{{- if $.Values.proxy.enabled }}
+{{- $_ := set . "proxyUrl" $proxyURL }}
+{{- end }}
+{{- $clusterIdRelabel := dict }}
+{{- $metricRelabelings := list }}
+{{- if $.Values.global.cattle.clusterId }}
+{{- $_ := set $clusterIdRelabel "action" "replace" }}
+{{- $_ := set $clusterIdRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterIdRelabel "targetLabel" "cluster_id" }}
+{{- $_ := set $clusterIdRelabel "replacement" $.Values.global.cattle.clusterId }}
+{{- $metricRelabelings = append $metricRelabelings $clusterIdRelabel }}
+{{- end }}
+{{- $clusterNameRelabel := dict }}
+{{- if $.Values.global.cattle.clusterName }}
+{{- $_ := set $clusterNameRelabel "action" "replace" }}
+{{- $_ := set $clusterNameRelabel "sourceLabels" (list "__address__") }}
+{{- $_ := set $clusterNameRelabel "targetLabel" "cluster_name" }}
+{{- $_ := set $clusterNameRelabel "replacement" $.Values.global.cattle.clusterName }}
+{{- $metricRelabelings = append $metricRelabelings $clusterNameRelabel }}
+{{- end }}
+{{- if not (empty $metricRelabelings) }}
+{{- $_ := set . "metricRelabelings" ($metricRelabelings)}}
+{{- end }}
+{{- if $setHTTPSScheme -}}
+{{- $_ := set . "scheme" "https" }}
+{{- end -}}
+{{- if $useHTTPS -}}
+{{- if (hasKey . "params") }}
+{{- $_ := set (get . "params") "_scheme" (list "https") }}
+{{- else }}
+{{- $_ := set . "params" (dict "_scheme" (list "https")) }}
+{{- end }}
+{{- end }}
+{{- if (hasKey . "tlsConfig") }}
+{{- $_ := set (get . "tlsConfig") "insecureSkipVerify" $insecureSkipVerify }}
+{{- else }}
+{{- $_ := set . "tlsConfig" (dict "insecureSkipVerify" $insecureSkipVerify) }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenFile.enabled }}
+{{- $_ := set . "bearerTokenFile" $.Values.clients.https.authenticationMethod.bearerTokenFile.bearerTokenFilePath }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.bearerTokenSecret.enabled }}
+{{- $_ := set . "bearerTokenSecret" $serviceAccountTokenName }}
+{{- end }}
+{{- if $.Values.clients.https.authenticationMethod.authorization.enabled }}
+{{- if (hasKey . "authorization") }}
+{{- $_ := set (get . "authorization") "type" $.Values.clients.https.authenticationMethod.authorization.type }}
+{{- $_ := set (get . "authorization") "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional) }}
+{{- else }}
+{{- $_ := set . "authorization" (dict "type" $.Values.clients.https.authenticationMethod.authorization.type) }}
+{{- $_ := set . "authorization" (dict "credentials" (dict "name" $serviceAccountTokenName "key" $.Values.clients.https.authenticationMethod.authorization.credentials.key "optional" $.Values.clients.https.authenticationMethod.authorization.credentials.optional)) }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- toYaml $endpoints }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-clients-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-clients-rbac.yaml
new file mode 100644
index 0000000000..a8e27c3735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-clients-rbac.yaml
@@ -0,0 +1,97 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.client.name" . }}
+{{- end }}
+{{- if and .Values.clients.https.enabled .Values.clients.https.useServiceAccountCredentials }}
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]
+{{- if .Values.clients.rbac.additionalRules }}
+{{ toYaml .Values.clients.rbac.additionalRules }}
+{{- end }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.client.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.client.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+---
+{{- if .Values.clients.https.useServiceAccountCredentials }}
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: {{ template "pushProxy.client.serviceAccountTokenName" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/service-account.name: {{ template "pushProxy.client.name" . }}
+{{- end }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: true
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+    seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 6 }}
+{{- end }}
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+    - 'emptyDir'
+    - 'hostPath'
+  allowedHostPaths:
+  - pathPrefix: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+    readOnly: true
+{{- end }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-clients.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-clients.yaml
new file mode 100644
index 0000000000..e8fcfb3883
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-clients.yaml
@@ -0,0 +1,157 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.clients }}{{- if .Values.clients.enabled }}
+apiVersion: apps/v1
+{{- if .Values.clients.deployment.enabled }}
+kind: Deployment
+{{- else }}
+kind: DaemonSet
+{{- end }}
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+    pushprox-exporter: "client"
+spec:
+  {{- if .Values.clients.deployment.enabled }}
+  replicas: {{ .Values.clients.deployment.replicas }}
+  {{- end }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
+    spec:
+      {{- if .Values.clients.affinity }}
+      affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.clients.nodeSelector }}
+{{ toYaml .Values.clients.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.clients.tolerations }}
+{{ toYaml .Values.clients.tolerations | indent 8 }}
+{{- end }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      serviceAccountName: {{ template "pushProxy.client.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-client
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        command:
+        {{- range .Values.clients.command }}
+          - {{ . | quote }}
+        {{- end }}
+        args:
+        - --fqdn=$(HOST_IP)
+        - --proxy-url=$(PROXY_URL)
+        {{- if .Values.clients.metrics.enabled }}
+        - --metrics-addr=$(PORT)
+        {{- end }}
+        - --allow-port={{ required "Need .Values.metricsPort to configure client to be allowed to scrape metrics at port" .Values.metricsPort}}
+        {{- if .Values.clients.useLocalhost }}
+        - --use-localhost
+        {{- end }}
+        {{- if .Values.clients.https.enabled }}
+        {{- if .Values.clients.https.insecureSkipVerify }}
+        - --insecure-skip-verify
+        {{- end }}
+        {{- if .Values.clients.https.useServiceAccountCredentials }}
+        - --token-path=/var/run/secrets/kubernetes.io/serviceaccount/token
+        {{- end }}
+        {{- if .Values.clients.https.certDir }}
+        - --tls.cert=/etc/ssl/push-proxy/push-proxy.pem
+        - --tls.key=/etc/ssl/push-proxy/push-proxy-key.pem
+        - --tls.cacert=/etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        {{- end }}
+        {{- end }}
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        {{- if .Values.clients.metrics.enabled }}
+        - name: PORT
+          value: :{{ .Values.clients.port }}
+        {{- end }}
+        - name: PROXY_URL
+          value: {{ template "pushProxy.proxyUrl" . }}
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+        {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+        volumeMounts:
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+        {{- end }}
+        {{- if .Values.clients.resources }}
+        resources: {{ toYaml .Values.clients.resources | nindent 10 }}
+        {{- end }}
+      {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
+      initContainers:
+      - name: copy-certs
+        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        command:
+        - sh
+        - -c
+        - |
+          echo "Searching for files to copy within the source volume"
+          echo "cert: ${CERT_FILE_NAME}"
+          echo "key: ${KEY_FILE_NAME}"
+          echo "cacert: ${CACERT_FILE_NAME}"
+
+          CERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CERT_FILE_NAME}" | sort -r | head -n 1)
+          KEY_FILE_SOURCE=$(find /etc/source/ -type f -name "${KEY_FILE_NAME}" | sort -r | head -n 1)
+          CACERT_FILE_SOURCE=$(find /etc/source/ -type f -name "${CACERT_FILE_NAME}" | sort -r | head -n 1)
+
+          test -z ${CERT_FILE_SOURCE} && echo "Failed to find cert file" && exit 1
+          test -z ${KEY_FILE_SOURCE} && echo "Failed to find key file" && exit 1
+          test -z ${CACERT_FILE_SOURCE} && echo "Failed to find cacert file" && exit 1
+
+          echo "Copying cert file from $CERT_FILE_SOURCE to $CERT_FILE_TARGET"
+          cp $CERT_FILE_SOURCE $CERT_FILE_TARGET || exit 1
+          chmod 444 $CERT_FILE_TARGET || exit 1
+
+          echo "Copying key file from $KEY_FILE_SOURCE to $KEY_FILE_TARGET"
+          cp $KEY_FILE_SOURCE $KEY_FILE_TARGET || exit 1
+          chmod 444 $KEY_FILE_TARGET || exit 1
+
+          echo "Copying cacert file from $CACERT_FILE_SOURCE to $CACERT_FILE_TARGET"
+          cp $CACERT_FILE_SOURCE $CACERT_FILE_TARGET || exit 1
+          chmod 444 $CACERT_FILE_TARGET || exit 1
+        env:
+        - name: CERT_FILE_NAME
+          value: {{ required "Need a TLS cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.certFile }}
+        - name: KEY_FILE_NAME
+          value: {{ required "Need a TLS key file for scraping metrics endpoint over HTTPs" .Values.clients.https.keyFile }}
+        - name: CACERT_FILE_NAME
+          value: {{ required "Need a TLS CA cert file for scraping metrics endpoint over HTTPs" .Values.clients.https.caCertFile }}
+        - name: CERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy.pem
+        - name: KEY_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-key.pem
+        - name: CACERT_FILE_TARGET
+          value: /etc/ssl/push-proxy/push-proxy-ca-cert.pem
+        securityContext:
+          runAsNonRoot: false
+{{- if and .Values.global.seLinux.enabled .Values.clients.https.seLinuxOptions }}
+          seLinuxOptions: {{ .Values.clients.https.seLinuxOptions | toYaml | nindent 12 }}
+{{- end }}
+        volumeMounts:
+        - name: metrics-cert-dir-source
+          mountPath: /etc/source
+          readOnly: true
+        - name: metrics-cert-dir
+          mountPath: /etc/ssl/push-proxy
+      volumes:
+      - name: metrics-cert-dir-source
+        hostPath:
+          path: {{ required "Need access to volume on host with the SSL cert files to use HTTPs" .Values.clients.https.certDir }}
+      - name: metrics-cert-dir
+        emptyDir: {}
+      {{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-proxy-rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-proxy-rbac.yaml
new file mode 100644
index 0000000000..eefe609058
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-proxy-rbac.yaml
@@ -0,0 +1,68 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "pushProxy.proxy.name" . }}
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "pushProxy.proxy.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "pushProxy.proxy.name" . }}
+    namespace: {{ include "pushprox.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ include "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- end }}{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-proxy.yaml
new file mode 100644
index 0000000000..723bbd6c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-proxy.yaml
@@ -0,0 +1,57 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if and .Values.proxy }}{{ if .Values.proxy.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+    pushprox-exporter: "proxy"
+spec:
+  selector:
+    matchLabels: {{ include "pushProxy.proxy.labels" . | nindent 6 }}
+  template:
+    metadata:
+      labels: {{ include "pushProxy.proxy.labels" . | nindent 8 }}
+    spec: 
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.proxy.nodeSelector }}
+{{ toYaml .Values.proxy.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.proxy.tolerations }}
+{{ toYaml .Values.proxy.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "pushProxy.proxy.name" . }}
+      {{- if .Values.global.imagePullSecretName }}
+      imagePullSecrets:
+      - name: {{ .Values.global.imagePullSecretName }}
+      {{- end }}
+      containers:
+      - name: pushprox-proxy
+        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        command:
+        {{- range .Values.proxy.command }}
+          - {{ . | quote }}
+        {{- end }}
+        {{- if .Values.proxy.resources }}
+        resources: {{ toYaml .Values.proxy.resources | nindent 10 }}
+        {{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.proxy.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: pp-proxy
+    port: {{ required "Need .Values.proxy.port to configure proxy" .Values.proxy.port }}
+    protocol: TCP
+    targetPort: {{ .Values.proxy.port }}
+  selector: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-servicemonitor.yaml
new file mode 100644
index 0000000000..67eb2216b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/pushprox-servicemonitor.yaml
@@ -0,0 +1,45 @@
+{{- template "applyKubeVersionOverrides" . -}}
+{{- if .Values.serviceMonitor }}{{- if .Values.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "pushprox.serviceMonitor.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.serviceMonitor.labels" . | nindent 4 }}
+spec:
+  endpoints: {{include "pushProxy.serviceMonitor.endpoints" . | nindent 4 }}
+  jobLabel: component
+  podTargetLabels:
+  - component
+  - pushprox-exporter
+  namespaceSelector:
+    matchNames:
+    - {{ template "pushprox.namespace" . }}
+  selector:
+    matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
+---
+{{- $selector := "" }}
+{{- if not (kindIs "invalid" .Values.service)  }}
+{{- if not (kindIs "invalid" .Values.service.selector) }}
+{{ if .Values.service.selector }}
+{{- if .Values.clients.enabled }}
+{{- required (printf "Cannot override .Values.service.selector=%s when .Values.clients.enabled=true" (toJson .Values.service.selector)) "" }}
+{{- end }}
+{{- $selector = (toYaml .Values.service.selector) }}
+{{- end }}
+{{- end }}
+{{- end }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "pushProxy.client.name" . }}
+  namespace: {{ template "pushprox.namespace" . }}
+  labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
+spec:
+  ports:
+  - name: metrics
+    port: {{ required "Need .Values.metricsPort to configure client to listen to metrics at port" .Values.metricsPort}}
+    protocol: TCP
+    targetPort: {{ .Values.metricsPort }}
+  selector: {{ default (include "pushProxy.client.labels" .) $selector | nindent 4 }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..16abc2fa83
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install Prometheus Operator CRDs before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/values.yaml
new file mode 100644
index 0000000000..7f38498a1c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/rkeScheduler/values.yaml
@@ -0,0 +1,166 @@
+# Default values for rancher-pushprox.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Default image containing both the proxy and the client was generated from the following Dockerfile
+# https://github.com/prometheus-community/PushProx/blob/eeadbe766641699129920ccfaaaa30a85c67fe81/Dockerfile#L1-L15
+
+# Configuration
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+  seLinux:
+    enabled: false
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in kubeVersionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm generally assumes the kubeVersion is v1.20.0
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+kubeVersionOverrides: []
+# - constraint: "< 1.21"
+#   values:
+#     metricsPort: 10252
+#     clients:
+#       https:
+#         enabled: false
+#         insecureSkipVerify: false
+#         useServiceAccountCredentials: false
+
+namespaceOverride: ""
+
+# The component that is being monitored (i.e. etcd)
+component: "component"
+
+# The port containing the metrics that need to be scraped
+metricsPort: 2739
+
+# Configure ServiceMonitor that monitors metrics from the metricsPort endpoint
+serviceMonitor:
+  enabled: true
+  # A list of endpoints that will be added to the ServiceMonitor based on the Endpoint spec
+  # Source: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
+  # By default, proxyUrl and params._scheme will be overridden based on other values
+  endpoints:
+  - port: metrics
+
+# Configure Service that grabs scrape targets
+service:
+  # The selector that is used to populate the Service's Endpoints object.
+  # The chart will error out on rendering templating if .Values.clients.enabled is set alongside this field,
+  # since it is expected that this service should point to the PushProx Clients Daemonset / Deployment
+  selector: {}
+
+clients:
+  enabled: true
+  # The port which the PushProx client will post PushProx metrics to
+  port: 9369
+  # If unset, this will default to the URL for the proxy service: http://pushprox-{{component}}-proxy.{{namepsace}}.svc.cluster.local:{{proxy.port}}
+  # Should be modified if the clients are being deployed outside the cluster where the proxy rests, otherwise leave it null
+  proxyUrl: ""
+  # If set to true, the client will forward any requests from the host IP to 127.0.0.1
+  # It will only allow proxy requests to the metricsPort specified
+  useLocalhost: false
+  # Configuration for accessing metrics via HTTPS
+  https:
+    # Does the client require https to access the metrics?
+    enabled: false
+    # Does the client require requests be sent to http or https?
+    forceHTTPSScheme: false
+    # If set to true, the client will create a service account with adequate permissions and set a flag
+    # on the client to use the service account token provided by it to make authorized scrape requests
+    useServiceAccountCredentials: false
+    # Configuration for authentication to metrics via https endpoint
+    authenticationMethod:
+      # Reads token from defined file in container
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenFile:
+        enabled: false
+        bearerTokenFilePath: "/var/run/secrets/kubernetes.io/serviceaccount/token"
+      # Reads token from defined secret in namespace
+      # This function is deprecated in the prometheus operator api and may be removed in a future version
+      bearerTokenSecret:
+        enabled: false
+      # Reads token from defined secret in namespace
+      authorization:
+        enabled: false
+        type: "bearer"
+        credentials:
+          key: "token"
+          optional: false
+    # If set to true, the client will disable SSL security checks
+    insecureSkipVerify: false
+    # Directory on host where necessary TLS cert and key to scrape metrics can be found
+    certDir: ""
+    # Filenames for files located in .Values.clients.https.certDir that correspond to TLS settings
+    certFile: ""
+    keyFile: ""
+    caCertFile: ""
+    # seLinuxOptions to be passed into the container that copies certs. Should define a container with permissions to read the files in the certDir provided on the host.
+    # Required and only used if `clients.https.enabled` is set and `clients.https.certDir` is provided.
+    seLinuxOptions: {}
+
+  metrics:
+    # Whether the client should publish PushProx client-specific metrics to .Values.clients.port
+    enabled: false
+
+  rbac:
+    # Additional permissions to provide to the ServiceAccount bound to the client
+    # This can be used to provide additional permissions for the client to scrape metrics from the k8s API
+    # Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true
+    additionalRules: []
+
+  # Resource limits
+  resources: {}
+
+  # Options to select all nodes to deploy client DaemonSet on
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  image:
+    repository: rancher/pushprox-client
+    tag: v0.1.4-rancher2-client
+  command: ["pushprox-client"]
+
+  copyCertsImage:
+    repository: rancher/mirrored-library-busybox
+    tag: 1.31.1
+
+  # The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
+  # This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
+  # situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
+  # However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
+  # this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
+  # If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
+  # be responsible for upgrading this chart accordingly to the right number of replicas.
+  deployment:
+    enabled: false
+    replicas: 0
+
+proxy:
+  enabled: true
+  # The port through which PushProx clients will communicate to the proxy
+  port: 8080
+  
+  # Resource limits
+  resources: {}
+  
+  # Options to select a node to run a single proxy deployment on
+  nodeSelector: {}
+  tolerations: []
+
+  image:
+    repository: rancher/pushprox-proxy
+    tag: v0.1.4-rancher2-proxy
+  command: ["pushprox-proxy"]
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/.helmignore b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/.helmignore
new file mode 100644
index 0000000000..f0c1319444
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/Chart.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/Chart.yaml
new file mode 100644
index 0000000000..784bb0ec7e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/Chart.yaml
@@ -0,0 +1,17 @@
+apiVersion: v2
+appVersion: 0.25.1
+description: A Helm chart for prometheus windows-exporter
+home: https://github.com/prometheus-community/windows_exporter/
+keywords:
+- windows-exporter
+- windows
+- prometheus
+- exporter
+maintainers:
+- email: github@jkroepke.de
+  name: jkroepke
+name: windowsExporter
+sources:
+- https://github.com/prometheus-community/windows_exporter/
+type: application
+version: 0.3.1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/README.md b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/README.md
new file mode 100644
index 0000000000..1da1c64e12
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/README.md
@@ -0,0 +1,42 @@
+# Prometheus `Windows Exporter`
+
+Prometheus exporter for hardware and OS metrics exposed by Windows kernels, written in Go with pluggable metric collectors.
+
+This chart bootstraps a prometheus [`Windows Exporter`](http://github.com/prometheus-community/windows_exporter) daemonset on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
+
+## Get Repository Info
+
+```console
+helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+helm repo update
+```
+
+_See [`helm repo`](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+
+## Install Chart
+
+```console
+helm install [RELEASE_NAME] prometheus-community/prometheus-windows-exporter
+```
+
+_See [configuration](#configuring) below._
+
+_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
+
+## Uninstall Chart
+
+```console
+helm uninstall [RELEASE_NAME]
+```
+
+This removes all the Kubernetes components associated with the chart and deletes the release.
+
+_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
+
+## Configuring
+
+See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands:
+
+```console
+helm show values prometheus-community/prometheus-windows-exporter
+```
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/scripts/configure-firewall.ps1 b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/scripts/configure-firewall.ps1
new file mode 100644
index 0000000000..9cbed7112d
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/scripts/configure-firewall.ps1
@@ -0,0 +1,31 @@
+$ErrorActionPreference = 'Continue'
+
+function CheckFirewallRuleError {
+    # We hit an error. This can happen for a number of reasons, including if the rule already exists
+    if ($error[0]) {
+        if (($error[0].Exception.NativeErrorCode) -and ($error[0].Exception.NativeErrorCode.ToString() -eq "AlreadyExists")) {
+            # Previous versions of monitoring may have already created this Firewall Rule
+            # Because of this, if the rule alreadys exists there is no need to delete and recreate it.
+            Write-Host "Detected Existing Firewall Rule, Nothing To Do"
+        } else {
+            Write-Host "Error Encountered Setting Up Required Firewall Rule"
+            $error[0].Exception
+            exit 1
+        }
+    }
+}
+
+Write-Host "Attempting To Configure Firewall Rules For Ports 9796, 10250"
+
+# This is the exact same firewall rule that has historically been created by rancher-wins
+# https://github.com/rancher/wins/blob/91f670c47f19c6d9fe97d8f66a695d3081ad994f/pkg/apis/process_service_mgmt.go#L149
+New-NetFirewallRule -DisplayName rancher-wins-windows-exporter-TCP-9796 -Name rancher-wins-windows-exporter-TCP-9796 -Action Allow -Protocol TCP -LocalPort 9796 -Enabled True -PolicyStore ActiveStore
+CheckFirewallRuleError
+Write-Host "Windows Node Exporter Firewall Rule Successfully Created"
+
+# This rule is required in order to have the Rancher UI display node metrics in the 'Nodes' tab of the cluster explorer
+New-NetFirewallRule -DisplayName rancher-wins-windows-exporter-TCP-10250 -Name rancher-wins-windows-exporter-TCP-10250 -Action Allow -Protocol TCP -LocalPort 10250 -Enabled True -PolicyStore ActiveStore
+CheckFirewallRuleError
+Write-Host "Windows Prometheus Metrics Firewall Rule Successfully Created"
+
+Write-Host "All Firewall Rules Successfully Configured"
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/_helpers.tpl
new file mode 100644
index 0000000000..c9a5d6db8c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/_helpers.tpl
@@ -0,0 +1,216 @@
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+The components in this chart create additional resources that expand the longest created name strings.
+The longest name that gets created adds and extra 37 characters, so truncation should be 63-35=26.
+*/}}
+{{- define "prometheus-windows-exporter.fullname" -}}
+{{ printf "%s-windows-exporter" .Release.Name }}
+{{- end -}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "windowsExporter.renamedMetricsRelabeling" -}}
+{{- range $original, $new := (include "windowsExporter.renamedMetrics" . | fromJson) -}}
+- sourceLabels: [__name__]
+  regex: {{ $original }}
+  replacement: '{{ $new }}'
+  targetLabel: __name__
+{{ end -}}
+{{- end -}}
+
+{{- define "windowsExporter.labels" -}}
+k8s-app: {{ template "prometheus-windows-exporter.fullname" . }}
+release: {{ .Release.Name }}
+component: "windows-exporter"
+provider: kubernetes
+{{- end -}}
+
+{{- define "windowsExporter.renamedMetrics" -}}
+{{- $renamed := dict -}}
+{{/* v0.15.0 */}}
+{{- $_ := set $renamed "windows_mssql_transactions_active_total" "windows_mssql_transactions_active" -}}
+{{/* v0.16.0 */}}
+{{- $_ := set $renamed "windows_adfs_ad_login_connection_failures" "windows_adfs_ad_login_connection_failures_total" -}}
+{{- $_ := set $renamed "windows_adfs_certificate_authentications" "windows_adfs_certificate_authentications_total" -}}
+{{- $_ := set $renamed "windows_adfs_device_authentications" "windows_adfs_device_authentications_total" -}}
+{{- $_ := set $renamed "windows_adfs_extranet_account_lockouts" "windows_adfs_extranet_account_lockouts_total" -}}
+{{- $_ := set $renamed "windows_adfs_federated_authentications" "windows_adfs_federated_authentications_total" -}}
+{{- $_ := set $renamed "windows_adfs_passport_authentications" "windows_adfs_passport_authentications_total" -}}
+{{- $_ := set $renamed "windows_adfs_password_change_failed" "windows_adfs_password_change_failed_total" -}}
+{{- $_ := set $renamed "windows_adfs_password_change_succeeded" "windows_adfs_password_change_succeeded_total" -}}
+{{- $_ := set $renamed "windows_adfs_token_requests" "windows_adfs_token_requests_total" -}}
+{{- $_ := set $renamed "windows_adfs_windows_integrated_authentications" "windows_adfs_windows_integrated_authentications_total" -}}
+{{- $_ := set $renamed "windows_net_packets_outbound_errors" "windows_net_packets_outbound_errors_total" -}}
+{{- $_ := set $renamed "windows_net_packets_received_discarded" "windows_net_packets_received_discarded_total" -}}
+{{- $_ := set $renamed "windows_net_packets_received_errors" "windows_net_packets_received_errors_total" -}}
+{{- $_ := set $renamed "windows_net_packets_received_total" "windows_net_packets_received_total_total" -}}
+{{- $_ := set $renamed "windows_net_packets_received_unknown" "windows_net_packets_received_unknown_total" -}}
+{{- $_ := set $renamed "windows_dns_memory_used_bytes_total" "windows_dns_memory_used_bytes" -}}
+{{- $renamed | toJson -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "prometheus-windows-exporter.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "prometheus-windows-exporter.labels" -}}
+helm.sh/chart: {{ include "prometheus-windows-exporter.chart" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/component: metrics
+app.kubernetes.io/part-of: {{ include "prometheus-windows-exporter.name" . }}
+{{ include "prometheus-windows-exporter.selectorLabels" . }}
+{{- with .Chart.AppVersion }}
+app.kubernetes.io/version: {{ . | quote }}
+{{- end }}
+{{- with .Values.podLabels }}
+{{ toYaml . }}
+{{- end }}
+{{- if .Values.releaseLabel }}
+release: {{ .Release.Name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "prometheus-windows-exporter.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "prometheus-windows-exporter.fullname" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "prometheus-windows-exporter.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "prometheus-windows-exporter.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+The image to use
+*/}}
+{{- define "prometheus-windows-exporter.image" -}}
+{{- if .Values.image.sha }}
+{{- fail "image.sha forbidden. Use image.digest instead" }}
+{{- else if .Values.image.digest }}
+{{- if .Values.global.cattle.systemDefaultRegistry }}
+{{- printf "%s/%s:%s@%s" .Values.global.cattle.systemDefaultRegistry .Values.image.repository (default .Chart.AppVersion .Values.image.tag) .Values.image.digest }}
+{{- else }}
+{{- printf "%s/%s:%s@%s" .Values.image.registry .Values.image.repository (default .Chart.AppVersion .Values.image.tag) .Values.image.digest }}
+{{- end }}
+{{- else }}
+{{- if .Values.global.cattle.systemDefaultRegistry }}
+{{- printf "%s/%s:%s" .Values.global.cattle.systemDefaultRegistry .Values.image.repository (default .Chart.AppVersion .Values.image.tag) }}
+{{- else }}
+{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository (default .Chart.AppVersion .Values.image.tag) }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Allow the release namespace to be overridden for multi-namespace deployments in combined charts
+*/}}
+{{- define "prometheus-windows-exporter.namespace" -}}
+{{- if .Values.namespaceOverride }}
+{{- .Values.namespaceOverride }}
+{{- else }}
+{{- .Release.Namespace }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create the namespace name of the service monitor
+*/}}
+{{- define "prometheus-windows-exporter.monitor-namespace" -}}
+{{- if .Values.namespaceOverride }}
+{{- .Values.namespaceOverride }}
+{{- else }}
+{{- if .Values.prometheus.monitor.namespace }}
+{{- .Values.prometheus.monitor.namespace }}
+{{- else }}
+{{- .Release.Namespace }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/* Sets default scrape limits for servicemonitor */}}
+{{- define "servicemonitor.scrapeLimits" -}}
+{{- with .sampleLimit }}
+sampleLimit: {{ . }}
+{{- end }}
+{{- with .targetLimit }}
+targetLimit: {{ . }}
+{{- end }}
+{{- with .labelLimit }}
+labelLimit: {{ . }}
+{{- end }}
+{{- with .labelNameLengthLimit }}
+labelNameLengthLimit: {{ . }}
+{{- end }}
+{{- with .labelValueLengthLimit }}
+labelValueLengthLimit: {{ . }}
+{{- end }}
+{{- end }}
+
+{{/*
+Formats imagePullSecrets. Input is (dict "Values" .Values "imagePullSecrets" .{specific imagePullSecrets})
+*/}}
+{{- define "prometheus-windows-exporter.imagePullSecrets" -}}
+{{- range (concat .Values.global.imagePullSecrets .imagePullSecrets) }}
+  {{- if eq (typeOf .) "map[string]interface {}" }}
+- {{ toYaml . | trim }}
+  {{- else }}
+- name: {{ . }}
+  {{- end }}
+{{- end }}
+{{- end -}}
+
+{{/*
+Create the namespace name of the pod monitor
+*/}}
+{{- define "prometheus-windows-exporter.podmonitor-namespace" -}}
+{{- if .Values.namespaceOverride }}
+{{- .Values.namespaceOverride }}
+{{- else }}
+{{- if .Values.prometheus.podMonitor.namespace }}
+{{- .Values.prometheus.podMonitor.namespace }}
+{{- else }}
+{{- .Release.Namespace }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/* Sets default scrape limits for podmonitor */}}
+{{- define "podmonitor.scrapeLimits" -}}
+{{- with .sampleLimit }}
+sampleLimit: {{ . }}
+{{- end }}
+{{- with .targetLimit }}
+targetLimit: {{ . }}
+{{- end }}
+{{- with .labelLimit }}
+labelLimit: {{ . }}
+{{- end }}
+{{- with .labelNameLengthLimit }}
+labelNameLengthLimit: {{ . }}
+{{- end }}
+{{- with .labelValueLengthLimit }}
+labelValueLengthLimit: {{ . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/config.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/config.yaml
new file mode 100644
index 0000000000..25f1fa69c2
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/config.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "prometheus-windows-exporter.fullname" . }}
+  namespace: {{ include "prometheus-windows-exporter.namespace" . }}
+  labels:
+    {{- include "windowsExporter.labels" $ | nindent 4 }}
+  {{- with .Values.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+data:
+  config.yml: |
+    {{- .Values.config | nindent 4 }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/daemonset.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/daemonset.yaml
new file mode 100644
index 0000000000..be7feb3ed1
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/daemonset.yaml
@@ -0,0 +1,200 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: {{ include "prometheus-windows-exporter.fullname" . }}
+  namespace: {{ include "prometheus-windows-exporter.namespace" . }}
+  labels:
+    {{- include "windowsExporter.labels" . | nindent 4 }}
+  {{- with .Values.daemonsetAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  selector:
+    matchLabels:
+      {{- include "windowsExporter.labels" . | nindent 6 }}
+  {{- with .Values.updateStrategy }}
+  updateStrategy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "windowsExporter.labels" . | nindent 8 }}
+    spec:
+      automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
+      {{- with .Values.securityContext }}
+      securityContext:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.priorityClassName }}
+      priorityClassName: {{ . }}
+      {{- end }}
+      initContainers:
+        - name: configure-firewall
+          image: {{ include "prometheus-windows-exporter.image" . }}
+          command:
+          - C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe
+          args: ["-f", "scripts/configure-firewall.ps1"]
+          volumeMounts:
+            - mountPath: /scripts
+              name: exporter-scripts
+        {{- with .Values.extraInitContainers }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+      serviceAccountName: {{ include "prometheus-windows-exporter.fullname" . }}
+      containers:
+        - name: windows-exporter
+          image: {{ include "prometheus-windows-exporter.image" . }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          args:
+            - --config.file=%CONTAINER_SANDBOX_MOUNT_POINT%/config.yml
+            - --collector.textfile.directories=%CONTAINER_SANDBOX_MOUNT_POINT%
+            - --web.listen-address=:{{ .Values.service.port }}
+            {{- with .Values.extraArgs }}
+            {{- toYaml . | nindent 12 }}
+            {{- end }}
+          {{- with .Values.securityContext }}
+          securityContext:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          env:
+            {{- range $key, $value := .Values.env }}
+            - name: {{ $key }}
+              value: {{ $value | quote }}
+            {{- end }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.service.port }}
+              hostPort: {{ .Values.service.port }}
+              protocol: TCP
+          livenessProbe:
+            failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+            httpGet:
+              httpHeaders:
+              {{- range $_, $header := .Values.livenessProbe.httpGet.httpHeaders }}
+              - name: {{ $header.name }}
+                value: {{ $header.value }}
+              {{- end }}
+              path: /
+              port: {{ .Values.service.port }}
+              scheme: {{ upper .Values.livenessProbe.httpGet.scheme }}
+            initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+            successThreshold: {{ .Values.livenessProbe.successThreshold }}
+            timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
+          readinessProbe:
+            failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+            httpGet:
+              httpHeaders:
+              {{- range $_, $header := .Values.readinessProbe.httpGet.httpHeaders }}
+              - name: {{ $header.name }}
+                value: {{ $header.value }}
+              {{- end }}
+              path: /
+              port: {{ .Values.service.port }}
+              scheme: {{ upper .Values.readinessProbe.httpGet.scheme }}
+            initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+            successThreshold: {{ .Values.readinessProbe.successThreshold }}
+            timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
+          {{- with .Values.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          volumeMounts:
+            - name: config
+              mountPath: /config.yml
+              subPath: config.yml
+            {{- range $_, $mount := .Values.extraHostVolumeMounts }}
+            - name: {{ $mount.name }}
+              mountPath: {{ $mount.mountPath }}
+              readOnly: {{ $mount.readOnly }}
+            {{- end }}
+            {{- range $_, $mount := .Values.sidecarVolumeMount }}
+            - name: {{ $mount.name }}
+              mountPath: {{ $mount.mountPath }}
+              readOnly: true
+            {{- end }}
+            {{- range $_, $mount := .Values.configmaps }}
+            - name: {{ $mount.name }}
+              mountPath: {{ $mount.mountPath }}
+            {{- end }}
+            {{- range $_, $mount := .Values.secrets }}
+            - name: {{ .name }}
+              mountPath: {{ .mountPath }}
+            {{- end }}
+        {{- with .Values.sidecars }}
+        {{- toYaml . | nindent 8 }}
+          {{- if or .Values.sidecarVolumeMount .Values.sidecarHostVolumeMounts }}
+          volumeMounts:
+            {{- range $_, $mount := .Values.sidecarVolumeMount }}
+            - name: {{ $mount.name }}
+              mountPath: {{ $mount.mountPath }}
+              readOnly: {{ $mount.readOnly }}
+            {{- end }}
+            {{- range $_, $mount := .Values.sidecarHostVolumeMounts }}
+            - name: {{ $mount.name }}
+              mountPath: {{ $mount.mountPath }}
+              readOnly: {{ $mount.readOnly }}
+            {{- end }}
+          {{- end }}
+        {{- end }}
+      {{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }}
+      imagePullSecrets:
+        {{- include "prometheus-windows-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.imagePullSecrets) | indent 8 }}
+      {{- end }}
+      hostNetwork: {{ .Values.hostNetwork }}
+      hostPID: {{ .Values.hostPID }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.dnsConfig }}
+      dnsConfig:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      volumes:
+        - name: exporter-scripts
+          configMap:
+            name: {{ include "prometheus-windows-exporter.fullname" . }}-scripts
+        - name: config
+          configMap:
+            name: {{ include "prometheus-windows-exporter.fullname" . }}
+        {{- range $_, $mount := .Values.extraHostVolumeMounts }}
+        - name: {{ $mount.name }}
+          hostPath:
+            path: {{ $mount.hostPath }}
+        {{- end }}
+        {{- range $_, $mount := .Values.sidecarVolumeMount }}
+        - name: {{ $mount.name }}
+          emptyDir:
+            medium: Memory
+        {{- end }}
+        {{- range $_, $mount := .Values.sidecarHostVolumeMounts }}
+        - name: {{ $mount.name }}
+          hostPath:
+            path: {{ $mount.hostPath }}
+        {{- end }}
+        {{- range $_, $mount := .Values.configmaps }}
+        - name: {{ $mount.name }}
+          configMap:
+            name: {{ $mount.name }}
+        {{- end }}
+        {{- range $_, $mount := .Values.secrets }}
+        - name: {{ $mount.name }}
+          secret:
+            secretName: {{ $mount.name }}
+        {{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/podmonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/podmonitor.yaml
new file mode 100644
index 0000000000..bbb6c39340
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/podmonitor.yaml
@@ -0,0 +1,91 @@
+{{- if .Values.prometheus.podMonitor.enabled }}
+apiVersion: {{ .Values.prometheus.podMonitor.apiVersion | default "monitoring.coreos.com/v1" }}
+kind: PodMonitor
+metadata:
+  name: {{ include "prometheus-windows-exporter.fullname" . }}
+  namespace: {{ include "prometheus-windows-exporter.podmonitor-namespace" . }}
+  labels:
+    {{- include "windowsExporter.labels" . | nindent 4 }}
+    {{- with .Values.prometheus.podMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.podMonitor.jobLabel }}
+  {{- include "podmonitor.scrapeLimits" .Values.prometheus.podMonitor | nindent 2 }}
+  selector:
+    matchLabels:
+    {{- with .Values.prometheus.podMonitor.selectorOverride }}
+      {{- toYaml . | nindent 6 }}
+    {{- else }}
+      {{- include "prometheus-windows-exporter.selectorLabels" . | nindent 6 }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - {{ include "prometheus-windows-exporter.namespace" . }}
+  {{- with .Values.prometheus.podMonitor.attachMetadata }}
+  attachMetadata:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.prometheus.podMonitor.podTargetLabels }}
+  podTargetLabels:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  podMetricsEndpoints:
+    - port: {{ .Values.service.portName }}
+      {{- with .Values.prometheus.podMonitor.scheme }}
+      scheme: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.path }}
+      path: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.basicAuth }}
+      basicAuth:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.bearerTokenSecret }}
+      bearerTokenSecret:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.tlsConfig }}
+      tlsConfig:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.authorization }}
+      authorization:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.oauth2 }}
+      oauth2:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.proxyUrl }}
+      proxyUrl: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.interval }}
+      interval: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.honorTimestamps }}
+      honorTimestamps: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.honorLabels }}
+      honorLabels: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.scrapeTimeout }}
+      scrapeTimeout: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.relabelings }}
+      relabelings:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.podMonitor.metricRelabelings }}
+      metricRelabelings:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      enableHttp2: {{ default false .Values.prometheus.podMonitor.enableHttp2 }}
+      filterRunning: {{ default true .Values.prometheus.podMonitor.filterRunning }}
+      followRedirects: {{ default false .Values.prometheus.podMonitor.followRedirects }}
+      {{- with .Values.prometheus.podMonitor.params }}
+      params:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/scriptConfig.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/scriptConfig.yaml
new file mode 100644
index 0000000000..f514c8161a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/scriptConfig.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "prometheus-windows-exporter.fullname" . }}-scripts
+  namespace: {{ include "prometheus-windows-exporter.namespace" . }}
+  labels:
+    {{- include "windowsExporter.labels" $ | nindent 4 }}
+  {{- with .Values.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+data:
+{{ (.Files.Glob "scripts/*").AsConfig | indent 2 }}
+
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/service.yaml
new file mode 100644
index 0000000000..267b796f63
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/service.yaml
@@ -0,0 +1,32 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "prometheus-windows-exporter.fullname" . }}
+  namespace: {{ include "prometheus-windows-exporter.namespace" . }}
+  labels:
+    {{- include "windowsExporter.labels" $ | nindent 4 }}
+  {{- if or .Values.prometheus.monitor.enabled .Values.prometheus.podMonitor.enabled }}
+  {{- with .Values.service.annotations }}
+  annotations:
+    {{- unset . "prometheus.io/scrape" | toYaml | nindent 4 }}
+  {{- end }}
+  {{- else }}
+  annotations:
+    prometheus.io/scrape: "true"
+  {{- with .Values.service.annotations }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- end }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      {{- if ( and (eq .Values.service.type "NodePort" ) (not (empty .Values.service.nodePort)) ) }}
+      nodePort: {{ .Values.service.nodePort }}
+      {{- end }}
+      targetPort: {{ .Values.service.port }}
+      protocol: TCP
+      appProtocol: http
+      name: {{ .Values.service.portName }}
+  selector:
+    {{- include "windowsExporter.labels" . | nindent 4 }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/serviceaccount.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..14c1c46807
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/serviceaccount.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.rbac.create .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "prometheus-windows-exporter.serviceAccountName" . }}
+  namespace: {{ include "prometheus-windows-exporter.namespace" . }}
+  labels:
+    {{- include "windowsExporter.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- if or .Values.serviceAccount.imagePullSecrets .Values.global.imagePullSecrets }}
+imagePullSecrets:
+  {{- include "prometheus-windows-exporter.imagePullSecrets" (dict "Values" .Values "imagePullSecrets" .Values.serviceAccount.imagePullSecrets) | indent 2 }}
+{{- end }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/servicemonitor.yaml
new file mode 100644
index 0000000000..2effc07758
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/templates/servicemonitor.yaml
@@ -0,0 +1,75 @@
+{{- if .Values.prometheus.monitor.enabled }}
+apiVersion: {{ .Values.prometheus.monitor.apiVersion | default "monitoring.coreos.com/v1" }}
+kind: ServiceMonitor
+metadata:
+  name: {{ include "prometheus-windows-exporter.fullname" . }}
+  namespace: {{ include "prometheus-windows-exporter.monitor-namespace" . }}
+  labels:
+    {{- include "windowsExporter.labels" . | nindent 4 }}
+    {{- with .Values.prometheus.monitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  jobLabel: {{ default "app.kubernetes.io/name" .Values.prometheus.monitor.jobLabel }}
+  {{- include "servicemonitor.scrapeLimits" .Values.prometheus.monitor | nindent 2 }}
+  {{- with .Values.prometheus.monitor.podTargetLabels }}
+  podTargetLabels:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  selector:
+    matchLabels:
+    {{- with .Values.prometheus.monitor.selectorOverride }}
+      {{- toYaml . | nindent 6 }}
+    {{- else }}
+      {{- include "windowsExporter.labels" . | nindent 6 }}
+    {{- end }}
+  {{- with .Values.prometheus.monitor.attachMetadata }}
+  attachMetadata:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  endpoints:
+    - port: {{ .Values.service.portName }}
+      scheme: {{ .Values.prometheus.monitor.scheme }}
+      {{- with .Values.prometheus.monitor.basicAuth }}
+      basicAuth:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.bearerTokenFile }}
+      bearerTokenFile: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.tlsConfig }}
+      tlsConfig:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.proxyUrl }}
+      proxyUrl: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.interval }}
+      interval: {{ . }}
+      {{- end }}
+      {{- with .Values.prometheus.monitor.scrapeTimeout }}
+      scrapeTimeout: {{ . }}
+      {{- end }}
+      metricRelabelings:
+{{- include "windowsExporter.renamedMetricsRelabeling" . | nindent 6 -}}
+      - sourceLabels: [__name__]
+        regex: 'wmi_(.*)'
+        replacement: 'windows_$1'
+        targetLabel: __name__
+      - sourceLabels: [volume, nic]
+        regex: (.*);(.*)
+        separator: ''
+        targetLabel: device
+        action: replace
+        replacement: $1$2
+      - sourceLabels: [__name__]
+        regex: windows_cs_logical_processors
+        replacement: 'system'
+        targetLabel: mode
+      relabelings:
+      - separator: ':'
+        sourceLabels:
+        - __meta_kubernetes_pod_host_ip
+        - __meta_kubernetes_pod_container_port_number
+        targetLabel: instance
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/values.yaml
new file mode 100644
index 0000000000..04569505d6
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/charts/windowsExporter/values.yaml
@@ -0,0 +1,366 @@
+# Default values for prometheus-windows-exporter.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+image:
+  registry: docker.io
+  repository: rancher/mirrored-prometheus-windows-exporter
+  # Overrides the image tag whose default is {{ printf "v%s" .Chart.AppVersion }}
+  tag: "0.25.1"
+  pullPolicy: IfNotPresent
+  digest: ""
+
+config: |-
+  collectors:
+    enabled: '[defaults],tcp,memory,container'
+
+imagePullSecrets: []
+# - name: "image-pull-secret"
+nameOverride: ""
+fullnameOverride: ""
+
+global:
+  # To help compatibility with other charts which use global.imagePullSecrets.
+  # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style).
+  # global:
+  #   imagePullSecrets:
+  #   - name: pullSecret1
+  #   - name: pullSecret2
+  # or
+  # global:
+  #   imagePullSecrets:
+  #   - pullSecret1
+  #   - pullSecret2
+  imagePullSecrets: []
+  cattle:
+    systemDefaultRegistry: ""
+
+service:
+  type: ClusterIP
+  port: 9796
+  nodePort:
+  portName: windows-metrics
+  annotations: {}
+
+# Additional environment variables that will be passed to the daemonset
+env: {}
+##  env:
+##    VARIABLE: value
+
+prometheus:
+  monitor:
+    enabled: true
+    additionalLabels: {}
+    namespace: ""
+
+    jobLabel: "component"
+
+    # List of pod labels to add to windows exporter metrics
+    # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitor
+    podTargetLabels: ["component"]
+
+    scheme: http
+    basicAuth: {}
+    bearerTokenFile:
+    tlsConfig: {}
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## Override serviceMonitor selector
+    ##
+    selectorOverride: {}
+
+    ## Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above.
+    ##
+    attachMetadata:
+      node: false
+
+    relabelings: []
+    metricRelabelings: []
+    interval: ""
+    scrapeTimeout: 10s
+    ## prometheus.monitor.apiVersion ApiVersion for the serviceMonitor Resource(defaults to "monitoring.coreos.com/v1")
+    apiVersion: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+  # PodMonitor defines monitoring for a set of pods.
+  # ref. https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.PodMonitor
+  # Using a PodMonitor may be preferred in some environments where there is very large number
+  # of Windows Exporter endpoints (1000+) behind a single service.
+  # The PodMonitor is disabled by default. When switching from ServiceMonitor to PodMonitor,
+  # the time series resulting from the configuration through PodMonitor may have different labels.
+  # For instance, there will not be the service label any longer which might
+  # affect PromQL queries selecting that label.
+  podMonitor:
+    enabled: false
+    # Namespace in which to deploy the pod monitor. Defaults to the release namespace.
+    namespace: ""
+    # Additional labels, e.g. setting a label for pod monitor selector as set in prometheus
+    additionalLabels: {}
+    #  release: kube-prometheus-stack
+    # PodTargetLabels transfers labels of the Kubernetes Pod onto the target.
+    podTargetLabels: []
+    # apiVersion defaults to monitoring.coreos.com/v1.
+    apiVersion: ""
+    # Override pod selector to select pod objects.
+    selectorOverride: {}
+    # Attach node metadata to discovered targets. Requires Prometheus v2.35.0 and above.
+    attachMetadata:
+      node: false
+    # The label to use to retrieve the job name from. Defaults to label app.kubernetes.io/name.
+    jobLabel: ""
+
+    # Scheme/protocol to use for scraping.
+    scheme: "http"
+    # Path to scrape metrics at.
+    path: "/metrics"
+
+    # BasicAuth allow an endpoint to authenticate over basic authentication.
+    # More info: https://prometheus.io/docs/operating/configuration/#endpoint
+    basicAuth: {}
+    # Secret to mount to read bearer token for scraping targets.
+    # The secret needs to be in the same namespace as the pod monitor and accessible by the Prometheus Operator.
+    # https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#secretkeyselector-v1-core
+    bearerTokenSecret: {}
+    # TLS configuration to use when scraping the endpoint.
+    tlsConfig: {}
+    # Authorization section for this endpoint.
+    # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.SafeAuthorization
+    authorization: {}
+    # OAuth2 for the URL. Only valid in Prometheus versions 2.27.0 and newer.
+    # https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.OAuth2
+    oauth2: {}
+
+    # ProxyURL eg http://proxyserver:2195. Directs scrapes through proxy to this endpoint.
+    proxyUrl: ""
+    # Interval at which endpoints should be scraped. If not specified Prometheus’ global scrape interval is used.
+    interval: ""
+    # Timeout after which the scrape is ended. If not specified, the Prometheus global scrape interval is used.
+    scrapeTimeout: ""
+    # HonorTimestamps controls whether Prometheus respects the timestamps present in scraped data.
+    honorTimestamps: true
+    # HonorLabels chooses the metric’s labels on collisions with target labels.
+    honorLabels: true
+    # Whether to enable HTTP2. Default false.
+    enableHttp2: ""
+    # Drop pods that are not running. (Failed, Succeeded).
+    # Enabled by default. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase
+    filterRunning: ""
+    # FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. Default false.
+    followRedirects: ""
+    # Optional HTTP URL parameters
+    params: {}
+
+    # RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds
+    # relabelings for a few standard Kubernetes fields. The original scrape job’s name
+    # is available via the __tmp_prometheus_job_name label.
+    # More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
+    relabelings: []
+    # MetricRelabelConfigs to apply to samples before ingestion.
+    metricRelabelings: []
+
+    # SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    sampleLimit: 0
+    # TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    targetLimit: 0
+    # Per-scrape limit on number of labels that will be accepted for a sample.
+    # Only valid in Prometheus versions 2.27.0 and newer.
+    labelLimit: 0
+    # Per-scrape limit on length of labels name that will be accepted for a sample.
+    # Only valid in Prometheus versions 2.27.0 and newer.
+    labelNameLengthLimit: 0
+    # Per-scrape limit on length of labels value that will be accepted for a sample.
+    # Only valid in Prometheus versions 2.27.0 and newer.
+    labelValueLengthLimit: 0
+
+## Customize the updateStrategy if set
+updateStrategy:
+  type: RollingUpdate
+  rollingUpdate:
+    maxUnavailable: 1
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 200m
+  #   memory: 50Mi
+  # requests:
+  #   cpu: 100m
+#   memory: 30Mi
+
+serviceAccount:
+  # Specifies whether a ServiceAccount should be created
+  create: true
+  # The name of the ServiceAccount to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name:
+  annotations: {}
+  imagePullSecrets: []
+  automountServiceAccountToken: false
+
+securityContext:
+  windowsOptions:
+    hostProcess: true
+    runAsUserName: "NT AUTHORITY\\system"
+
+rbac:
+  ## If true, create & use RBAC resources
+  ##
+  create: true
+
+# Expose the service to the host network
+hostNetwork: true
+
+# Share the host process ID namespace
+hostPID: true
+
+## Assign a group of affinity scheduling rules
+##
+affinity: {}
+#   nodeAffinity:
+#     requiredDuringSchedulingIgnoredDuringExecution:
+#       nodeSelectorTerms:
+#         - matchFields:
+#             - key: metadata.name
+#               operator: In
+#               values:
+#                 - target-host-name
+
+# Annotations to be added to windows exporter pods
+podAnnotations:
+  # Fix for very slow GKE cluster upgrades
+  cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
+
+# Extra labels to be added to windows exporter pods
+podLabels: {}
+
+# Annotations to be added to windows exporter daemonset
+daemonsetAnnotations: {}
+
+## set to true to add the release label so scraping of the servicemonitor with kube-prometheus-stack works out of the box
+releaseLabel: false
+
+# Custom DNS configuration to be added to prometheus-windows-exporter pods
+dnsConfig: {}
+# nameservers:
+#   - 1.2.3.4
+# searches:
+#   - ns1.svc.cluster-domain.example
+#   - my.dns.search.suffix
+# options:
+#   - name: ndots
+#     value: "2"
+#   - name: edns0
+
+## Assign a nodeSelector if operating a hybrid cluster
+##
+nodeSelector:
+  kubernetes.io/os: windows
+  #  kubernetes.io/arch: amd64
+
+tolerations:
+  - effect: NoSchedule
+    operator: Exists
+
+## Assign a PriorityClassName to pods if set
+# priorityClassName: ""
+
+## Additional container arguments
+##
+extraArgs: []
+#   - --collector.service.services-where
+#   - "Name LIKE 'sql%'"
+
+## Additional mounts from the host to windows-exporter container
+##
+extraHostVolumeMounts: []
+#  - name: <mountName>
+#    hostPath: <hostPath>
+#    mountPath: <mountPath>
+#    readOnly: true|false
+
+## Additional configmaps to be mounted.
+##
+configmaps: []
+# - name: <configMapName>
+#   mountPath: <mountPath>
+secrets: []
+# - name: <secretName>
+#   mountPath: <mountPatch>
+## Override the deployment namespace
+##
+namespaceOverride: ""
+
+## Additional containers for export metrics to text file
+##
+sidecars: []
+##  - name: nvidia-dcgm-exporter
+##    image: nvidia/dcgm-exporter:1.4.3
+
+## Volume for sidecar containers
+##
+sidecarVolumeMount: []
+##  - name: collector-textfiles
+##    mountPath: /run/prometheus
+##    readOnly: false
+
+## Additional mounts from the host to sidecar containers
+##
+sidecarHostVolumeMounts: []
+#  - name: <mountName>
+#    hostPath: <hostPath>
+#    mountPath: <mountPath>
+#    readOnly: true|false
+#    mountPropagation: None|HostToContainer|Bidirectional
+
+## Additional InitContainers to initialize the pod
+##
+extraInitContainers: []
+
+## Liveness probe
+##
+livenessProbe:
+  failureThreshold: 3
+  httpGet:
+    httpHeaders: []
+    scheme: http
+  initialDelaySeconds: 0
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 1
+
+## Readiness probe
+##
+readinessProbe:
+  failureThreshold: 3
+  httpGet:
+    httpHeaders: []
+    scheme: http
+  initialDelaySeconds: 0
+  periodSeconds: 10
+  successThreshold: 1
+  timeoutSeconds: 1
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/ingress-nginx/nginx.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/ingress-nginx/nginx.json
new file mode 100644
index 0000000000..565352235a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/ingress-nginx/nginx.json
@@ -0,0 +1,1445 @@
+{
+  "__inputs": [
+
+  ],
+  "__requires": [
+
+  ],
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      },
+      {
+        "datasource": "$datasource",
+        "enable": true,
+        "expr": "sum(changes(nginx_ingress_controller_config_last_reload_successful_timestamp_seconds{instance!=\"unknown\",controller_class=~\"$controller_class\",namespace=~\"$namespace\"}[30s])) by (controller_class)",
+        "hide": false,
+        "iconColor": "rgba(255, 96, 96, 1)",
+        "limit": 100,
+        "name": "Config Reloads",
+        "showIn": 0,
+        "step": "30s",
+        "tagKeys": "controller_class",
+        "tags": [],
+        "titleFormat": "Config Reloaded",
+        "type": "tags"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "iteration": 1534359654832,
+  "links": [],
+  "panels": [
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(245, 54, 54, 0.9)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(50, 172, 45, 0.97)"
+      ],
+      "datasource": "$datasource",
+      "format": "ops",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 6,
+        "x": 0,
+        "y": 0
+      },
+      "id": 20,
+      "interval": null,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": true,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": true
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "round(sum(irate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",namespace=~\"$namespace\"}[2m])), 0.001)",
+          "format": "time_series",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 4
+        }
+      ],
+      "thresholds": "",
+      "title": "Controller Request Volume",
+      "transparent": false,
+      "type": "singlestat",
+      "valueFontSize": "80%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "N/A",
+          "value": "null"
+        }
+      ],
+      "valueName": "avg"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(245, 54, 54, 0.9)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(50, 172, 45, 0.97)"
+      ],
+      "datasource": "$datasource",
+      "format": "none",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 6,
+        "x": 6,
+        "y": 0
+      },
+      "id": 82,
+      "interval": null,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": true,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": true
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "sum(avg_over_time(nginx_ingress_controller_nginx_process_connections{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",state=\"active\"}[2m]))",
+          "format": "time_series",
+          "instant": false,
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 4
+        }
+      ],
+      "thresholds": "",
+      "title": "Controller Connections",
+      "transparent": false,
+      "type": "singlestat",
+      "valueFontSize": "80%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "N/A",
+          "value": "null"
+        }
+      ],
+      "valueName": "avg"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(245, 54, 54, 0.9)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(50, 172, 45, 0.97)"
+      ],
+      "datasource": "$datasource",
+      "format": "percentunit",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 80,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": false
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 6,
+        "x": 12,
+        "y": 0
+      },
+      "id": 21,
+      "interval": null,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": true,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": true
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "sum(rate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",namespace=~\"$namespace\",status!~\"[4-5].*\"}[2m])) / sum(rate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",namespace=~\"$namespace\"}[2m]))",
+          "format": "time_series",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 4
+        }
+      ],
+      "thresholds": "95, 99, 99.5",
+      "title": "Controller Success Rate (non-4|5xx responses)",
+      "transparent": false,
+      "type": "singlestat",
+      "valueFontSize": "80%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "N/A",
+          "value": "null"
+        }
+      ],
+      "valueName": "avg"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(245, 54, 54, 0.9)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(50, 172, 45, 0.97)"
+      ],
+      "datasource": "$datasource",
+      "decimals": 0,
+      "format": "none",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 3,
+        "x": 18,
+        "y": 0
+      },
+      "id": 81,
+      "interval": null,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": true,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": true
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "avg(irate(nginx_ingress_controller_success{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\"}[1m])) * 60",
+          "format": "time_series",
+          "instant": false,
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 4
+        }
+      ],
+      "thresholds": "",
+      "title": "Config Reloads",
+      "transparent": false,
+      "type": "singlestat",
+      "valueFontSize": "80%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "N/A",
+          "value": "null"
+        }
+      ],
+      "valueName": "total"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(245, 54, 54, 0.9)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(50, 172, 45, 0.97)"
+      ],
+      "datasource": "$datasource",
+      "decimals": 0,
+      "format": "none",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 3,
+        "x": 21,
+        "y": 0
+      },
+      "id": 83,
+      "interval": null,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": true,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": true
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "count(nginx_ingress_controller_config_last_reload_successful{controller_pod=~\"$controller\",controller_namespace=~\"$namespace\"} == 0)",
+          "format": "time_series",
+          "instant": true,
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 4
+        }
+      ],
+      "thresholds": "",
+      "title": "Last Config Failed",
+      "transparent": false,
+      "type": "singlestat",
+      "valueFontSize": "80%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "N/A",
+          "value": "null"
+        }
+      ],
+      "valueName": "avg"
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fill": 1,
+      "grid": {},
+      "gridPos": {
+        "h": 7,
+        "w": 12,
+        "x": 0,
+        "y": 3
+      },
+      "height": "200px",
+      "id": 86,
+      "isNew": true,
+      "legend": {
+        "alignAsTable": true,
+        "avg": true,
+        "current": false,
+        "hideEmpty": false,
+        "hideZero": true,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "sideWidth": 300,
+        "sort": "current",
+        "sortDesc": true,
+        "total": false,
+        "values": true
+      },
+      "lines": true,
+      "linewidth": 2,
+      "links": [],
+      "nullPointMode": "connected",
+      "percentage": false,
+      "pointradius": 5,
+      "points": false,
+      "renderer": "flot",
+      "repeat": null,
+      "repeatDirection": "h",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "round(sum(irate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (ingress), 0.001)",
+          "format": "time_series",
+          "hide": false,
+          "instant": false,
+          "interval": "",
+          "intervalFactor": 1,
+          "legendFormat": "{{ ingress }}",
+          "metric": "network",
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeShift": null,
+      "title": "Ingress Request Volume",
+      "tooltip": {
+        "msResolution": false,
+        "shared": true,
+        "sort": 2,
+        "value_type": "cumulative"
+      },
+      "transparent": false,
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "reqps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": false
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "max - istio-proxy": "#890f02",
+        "max - master": "#bf1b00",
+        "max - prometheus": "#bf1b00"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "decimals": 2,
+      "editable": false,
+      "error": false,
+      "fill": 0,
+      "grid": {},
+      "gridPos": {
+        "h": 7,
+        "w": 12,
+        "x": 12,
+        "y": 3
+      },
+      "id": 87,
+      "isNew": true,
+      "legend": {
+        "alignAsTable": true,
+        "avg": true,
+        "current": false,
+        "hideEmpty": true,
+        "hideZero": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "sideWidth": 300,
+        "sort": "avg",
+        "sortDesc": true,
+        "total": false,
+        "values": true
+      },
+      "lines": true,
+      "linewidth": 2,
+      "links": [],
+      "nullPointMode": "connected",
+      "percentage": false,
+      "pointradius": 5,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",namespace=~\"$namespace\",ingress=~\"$ingress\",status!~\"[4-5].*\"}[2m])) by (ingress) / sum(rate(nginx_ingress_controller_requests{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (ingress)",
+          "format": "time_series",
+          "instant": false,
+          "interval": "10s",
+          "intervalFactor": 1,
+          "legendFormat": "{{ ingress }}",
+          "metric": "container_memory_usage:sort_desc",
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeShift": null,
+      "title": "Ingress Success Rate (non-4|5xx responses)",
+      "tooltip": {
+        "msResolution": false,
+        "shared": true,
+        "sort": 1,
+        "value_type": "cumulative"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": false
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fill": 1,
+      "grid": {},
+      "gridPos": {
+        "h": 6,
+        "w": 8,
+        "x": 0,
+        "y": 10
+      },
+      "height": "200px",
+      "id": 32,
+      "isNew": true,
+      "legend": {
+        "alignAsTable": false,
+        "avg": true,
+        "current": true,
+        "max": false,
+        "min": false,
+        "rightSide": false,
+        "show": false,
+        "sideWidth": 200,
+        "sort": "current",
+        "sortDesc": true,
+        "total": false,
+        "values": true
+      },
+      "lines": true,
+      "linewidth": 2,
+      "links": [],
+      "nullPointMode": "connected",
+      "percentage": false,
+      "pointradius": 5,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum (irate (nginx_ingress_controller_request_size_sum{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\"}[2m]))",
+          "format": "time_series",
+          "instant": false,
+          "interval": "10s",
+          "intervalFactor": 1,
+          "legendFormat": "Received",
+          "metric": "network",
+          "refId": "A",
+          "step": 10
+        },
+        {
+          "expr": "- sum (irate (nginx_ingress_controller_response_size_sum{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\"}[2m]))",
+          "format": "time_series",
+          "hide": false,
+          "interval": "10s",
+          "intervalFactor": 1,
+          "legendFormat": "Sent",
+          "metric": "network",
+          "refId": "B",
+          "step": 10
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeShift": null,
+      "title": "Network I/O pressure",
+      "tooltip": {
+        "msResolution": false,
+        "shared": true,
+        "sort": 0,
+        "value_type": "cumulative"
+      },
+      "transparent": false,
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": false
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "max - istio-proxy": "#890f02",
+        "max - master": "#bf1b00",
+        "max - prometheus": "#bf1b00"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "decimals": 2,
+      "editable": false,
+      "error": false,
+      "fill": 0,
+      "grid": {},
+      "gridPos": {
+        "h": 6,
+        "w": 8,
+        "x": 8,
+        "y": 10
+      },
+      "id": 77,
+      "isNew": true,
+      "legend": {
+        "alignAsTable": true,
+        "avg": true,
+        "current": true,
+        "max": false,
+        "min": false,
+        "rightSide": false,
+        "show": false,
+        "sideWidth": 200,
+        "sort": "current",
+        "sortDesc": true,
+        "total": false,
+        "values": true
+      },
+      "lines": true,
+      "linewidth": 2,
+      "links": [],
+      "nullPointMode": "connected",
+      "percentage": false,
+      "pointradius": 5,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "avg(nginx_ingress_controller_nginx_process_resident_memory_bytes{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\"}) ",
+          "format": "time_series",
+          "instant": false,
+          "interval": "10s",
+          "intervalFactor": 1,
+          "legendFormat": "nginx",
+          "metric": "container_memory_usage:sort_desc",
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeShift": null,
+      "title": "Average Memory Usage",
+      "tooltip": {
+        "msResolution": false,
+        "shared": true,
+        "sort": 2,
+        "value_type": "cumulative"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "bytes",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": false
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "max - istio-proxy": "#890f02",
+        "max - master": "#bf1b00"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "decimals": 3,
+      "editable": false,
+      "error": false,
+      "fill": 0,
+      "grid": {},
+      "gridPos": {
+        "h": 6,
+        "w": 8,
+        "x": 16,
+        "y": 10
+      },
+      "height": "",
+      "id": 79,
+      "isNew": true,
+      "legend": {
+        "alignAsTable": true,
+        "avg": true,
+        "current": true,
+        "max": false,
+        "min": false,
+        "rightSide": false,
+        "show": false,
+        "sort": null,
+        "sortDesc": null,
+        "total": false,
+        "values": true
+      },
+      "lines": true,
+      "linewidth": 2,
+      "links": [],
+      "nullPointMode": "connected",
+      "percentage": false,
+      "pointradius": 5,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "avg (rate (nginx_ingress_controller_nginx_process_cpu_seconds_total{controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\"}[2m])) ",
+          "format": "time_series",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "legendFormat": "nginx",
+          "metric": "container_cpu",
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": [
+        {
+          "colorMode": "critical",
+          "fill": true,
+          "line": true,
+          "op": "gt"
+        }
+      ],
+      "timeFrom": null,
+      "timeShift": null,
+      "title": "Average CPU Usage",
+      "tooltip": {
+        "msResolution": true,
+        "shared": true,
+        "sort": 2,
+        "value_type": "cumulative"
+      },
+      "transparent": false,
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "none",
+          "label": "cores",
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "columns": [],
+      "datasource": "$datasource",
+      "fontSize": "100%",
+      "gridPos": {
+        "h": 8,
+        "w": 24,
+        "x": 0,
+        "y": 16
+      },
+      "hideTimeOverride": false,
+      "id": 75,
+      "links": [],
+      "pageSize": 7,
+      "repeat": null,
+      "repeatDirection": "h",
+      "scroll": true,
+      "showHeader": true,
+      "sort": {
+        "col": 1,
+        "desc": true
+      },
+      "styles": [
+        {
+          "alias": "Ingress",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 2,
+          "pattern": "ingress",
+          "preserveFormat": false,
+          "sanitize": false,
+          "thresholds": [],
+          "type": "string",
+          "unit": "short"
+        },
+        {
+          "alias": "Requests",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 2,
+          "pattern": "Value #A",
+          "thresholds": [
+            ""
+          ],
+          "type": "number",
+          "unit": "ops"
+        },
+        {
+          "alias": "Errors",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 2,
+          "pattern": "Value #B",
+          "thresholds": [],
+          "type": "number",
+          "unit": "ops"
+        },
+        {
+          "alias": "P50 Latency",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 0,
+          "link": false,
+          "pattern": "Value #C",
+          "thresholds": [],
+          "type": "number",
+          "unit": "dtdurations"
+        },
+        {
+          "alias": "P90 Latency",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 0,
+          "pattern": "Value #D",
+          "thresholds": [],
+          "type": "number",
+          "unit": "dtdurations"
+        },
+        {
+          "alias": "P99 Latency",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 0,
+          "pattern": "Value #E",
+          "thresholds": [],
+          "type": "number",
+          "unit": "dtdurations"
+        },
+        {
+          "alias": "IN",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 2,
+          "pattern": "Value #F",
+          "thresholds": [
+            ""
+          ],
+          "type": "number",
+          "unit": "Bps"
+        },
+        {
+          "alias": "",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 2,
+          "pattern": "Time",
+          "thresholds": [],
+          "type": "hidden",
+          "unit": "short"
+        },
+        {
+          "alias": "OUT",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 2,
+          "mappingType": 1,
+          "pattern": "Value #G",
+          "thresholds": [],
+          "type": "number",
+          "unit": "Bps"
+        }
+      ],
+      "targets": [
+        {
+          "expr": "histogram_quantile(0.50, sum(rate(nginx_ingress_controller_request_duration_seconds_bucket{ingress!=\"\",controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (le, ingress))",
+          "format": "table",
+          "hide": false,
+          "instant": true,
+          "intervalFactor": 1,
+          "legendFormat": "{{ ingress }}",
+          "refId": "C"
+        },
+        {
+          "expr": "histogram_quantile(0.90, sum(rate(nginx_ingress_controller_request_duration_seconds_bucket{ingress!=\"\",controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (le, ingress))",
+          "format": "table",
+          "hide": false,
+          "instant": true,
+          "intervalFactor": 1,
+          "legendFormat": "{{ ingress }}",
+          "refId": "D"
+        },
+        {
+          "expr": "histogram_quantile(0.99, sum(rate(nginx_ingress_controller_request_duration_seconds_bucket{ingress!=\"\",controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (le, ingress))",
+          "format": "table",
+          "hide": false,
+          "instant": true,
+          "intervalFactor": 1,
+          "legendFormat": "{{ destination_service }}",
+          "refId": "E"
+        },
+        {
+          "expr": "sum(irate(nginx_ingress_controller_request_size_sum{ingress!=\"\",controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (ingress)",
+          "format": "table",
+          "hide": false,
+          "instant": true,
+          "interval": "",
+          "intervalFactor": 1,
+          "legendFormat": "{{ ingress }}",
+          "refId": "F"
+        },
+        {
+          "expr": "sum(irate(nginx_ingress_controller_response_size_sum{ingress!=\"\",controller_pod=~\"$controller\",controller_class=~\"$controller_class\",controller_namespace=~\"$namespace\",ingress=~\"$ingress\"}[2m])) by (ingress)",
+          "format": "table",
+          "instant": true,
+          "intervalFactor": 1,
+          "legendFormat": "{{ ingress }}",
+          "refId": "G"
+        }
+      ],
+      "timeFrom": null,
+      "title": "Ingress Percentile Response Times and Transfer Rates",
+      "transform": "table",
+      "transparent": false,
+      "type": "table"
+    },
+    {
+      "columns": [
+        {
+          "text": "Current",
+          "value": "current"
+        }
+      ],
+      "datasource": "$datasource",
+      "fontSize": "100%",
+      "gridPos": {
+        "h": 8,
+        "w": 24,
+        "x": 0,
+        "y": 24
+      },
+      "height": "1024",
+      "id": 85,
+      "links": [],
+      "pageSize": 7,
+      "scroll": true,
+      "showHeader": true,
+      "sort": {
+        "col": 1,
+        "desc": false
+      },
+      "styles": [
+        {
+          "alias": "Time",
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "pattern": "Time",
+          "type": "date"
+        },
+        {
+          "alias": "TTL",
+          "colorMode": "cell",
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "dateFormat": "YYYY-MM-DD HH:mm:ss",
+          "decimals": 0,
+          "pattern": "Current",
+          "thresholds": [
+            "0",
+            "691200"
+          ],
+          "type": "number",
+          "unit": "s"
+        },
+        {
+          "alias": "",
+          "colorMode": null,
+          "colors": [
+            "rgba(245, 54, 54, 0.9)",
+            "rgba(237, 129, 40, 0.89)",
+            "rgba(50, 172, 45, 0.97)"
+          ],
+          "decimals": 2,
+          "pattern": "/.*/",
+          "thresholds": [],
+          "type": "number",
+          "unit": "short"
+        }
+      ],
+      "targets": [
+        {
+          "expr": "avg(nginx_ingress_controller_ssl_expire_time_seconds{kubernetes_pod_name=~\"$controller\",namespace=~\"$namespace\",ingress=~\"$ingress\"}) by (host) - time()",
+          "format": "time_series",
+          "intervalFactor": 1,
+          "legendFormat": "{{ host }}",
+          "metric": "gke_letsencrypt_cert_expiration",
+          "refId": "A",
+          "step": 1
+        }
+      ],
+      "title": "Ingress Certificate Expiry",
+      "transform": "timeseries_aggregations",
+      "type": "table"
+    }
+  ],
+  "refresh": "5s",
+  "schemaVersion": 16,
+  "style": "dark",
+  "tags": [
+    "nginx"
+  ],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      },
+      {
+        "allValue": ".*",
+        "current": {
+          "text": "All",
+          "value": "$__all"
+        },
+        "datasource": "$datasource",
+        "hide": 0,
+        "includeAll": true,
+        "label": "Namespace",
+        "multi": false,
+        "name": "namespace",
+        "options": [],
+        "query": "label_values(nginx_ingress_controller_config_hash, controller_namespace)",
+        "refresh": 1,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tags": [],
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": ".*",
+        "current": {
+          "text": "All",
+          "value": "$__all"
+        },
+        "datasource": "$datasource",
+        "hide": 0,
+        "includeAll": true,
+        "label": "Controller Class",
+        "multi": false,
+        "name": "controller_class",
+        "options": [],
+        "query": "label_values(nginx_ingress_controller_config_hash{namespace=~\"$namespace\"}, controller_class) ",
+        "refresh": 1,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tags": [],
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": ".*",
+        "current": {
+          "text": "All",
+          "value": "$__all"
+        },
+        "datasource": "$datasource",
+        "hide": 0,
+        "includeAll": true,
+        "label": "Controller",
+        "multi": false,
+        "name": "controller",
+        "options": [],
+        "query": "label_values(nginx_ingress_controller_config_hash{namespace=~\"$namespace\",controller_class=~\"$controller_class\"}, controller_pod) ",
+        "refresh": 1,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tags": [],
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": ".*",
+        "current": {
+          "tags": [],
+          "text": "All",
+          "value": "$__all"
+        },
+        "datasource": "$datasource",
+        "hide": 0,
+        "includeAll": true,
+        "label": "Ingress",
+        "multi": false,
+        "name": "ingress",
+        "options": [],
+        "query": "label_values(nginx_ingress_controller_requests{namespace=~\"$namespace\",controller_class=~\"$controller_class\",controller_pod=~\"$controller\"}, ingress) ",
+        "refresh": 1,
+        "regex": "",
+        "sort": 2,
+        "tagValuesQuery": "",
+        "tags": [],
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "2m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ],
+    "time_options": [
+      "5m",
+      "15m",
+      "1h",
+      "6h",
+      "12h",
+      "24h",
+      "2d",
+      "7d",
+      "30d"
+    ]
+  },
+  "timezone": "browser",
+  "title": "NGINX / Ingress Controller",
+  "uid": "nginx",
+  "version": 1
+}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/ingress-nginx/request-handling-performance.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/ingress-nginx/request-handling-performance.json
new file mode 100644
index 0000000000..156e33123d
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/ingress-nginx/request-handling-performance.json
@@ -0,0 +1,963 @@
+{
+    "__inputs": [
+
+    ],
+    "__requires": [
+
+    ],
+    "annotations": {
+      "list": [
+        {
+          "builtIn": 1,
+          "datasource": "-- Grafana --",
+          "enable": true,
+          "hide": true,
+          "iconColor": "rgba(0, 211, 255, 1)",
+          "name": "Annotations & Alerts",
+          "type": "dashboard"
+        }
+      ]
+    },
+    "description": "",
+    "editable": true,
+    "gnetId": 9614,
+    "graphTooltip": 1,
+    "id": null,
+    "iteration": 1582146566338,
+    "links": [],
+    "panels": [
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "description": "Total time taken for nginx and upstream servers to process a request and send a response",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 0,
+          "y": 0
+        },
+        "hiddenSeries": false,
+        "id": 91,
+        "legend": {
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "histogram_quantile(\n  0.5,\n  sum by (le)(\n    rate(\n      nginx_ingress_controller_request_duration_seconds_bucket{\n        ingress =~ \"$ingress\"\n      }[1m]\n    )\n  )\n)",
+            "interval": "",
+            "legendFormat": ".5",
+            "refId": "D"
+          },
+          {
+            "expr": "histogram_quantile(\n  0.95,\n  sum by (le)(\n    rate(\n    nginx_ingress_controller_request_duration_seconds_bucket{\n        ingress =~ \"$ingress\"\n      }[1m]\n    )\n  )\n)",
+            "interval": "",
+            "legendFormat": ".95",
+            "refId": "B"
+          },
+          {
+            "expr": "histogram_quantile(\n  0.99,\n  sum by (le)(\n    rate(\n      nginx_ingress_controller_request_duration_seconds_bucket{\n        ingress =~ \"$ingress\"\n      }[1m]\n    )\n  )\n)",
+            "interval": "",
+            "legendFormat": ".99",
+            "refId": "A"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Total request handling time",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "s",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      },
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "description": "The time spent on receiving the response from the upstream server",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 12,
+          "y": 0
+        },
+        "hiddenSeries": false,
+        "id": 94,
+        "legend": {
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "histogram_quantile(\n  0.5,\n  sum by (le)(\n    rate(\n      nginx_ingress_controller_response_duration_seconds_bucket{\n        ingress =~ \"$ingress\"\n      }[1m]\n    )\n  )\n)",
+            "instant": false,
+            "interval": "",
+            "intervalFactor": 1,
+            "legendFormat": ".5",
+            "refId": "D"
+          },
+          {
+            "expr": "histogram_quantile(\n  0.95,\n  sum by (le)(\n    rate(\n    nginx_ingress_controller_response_duration_seconds_bucket{\n        ingress =~ \"$ingress\"\n      }[1m]\n    )\n  )\n)",
+            "interval": "",
+            "legendFormat": ".95",
+            "refId": "B"
+          },
+          {
+            "expr": "histogram_quantile(\n  0.99,\n  sum by (le)(\n    rate(\n      nginx_ingress_controller_response_duration_seconds_bucket{\n        ingress =~ \"$ingress\"\n      }[1m]\n    )\n  )\n)",
+            "interval": "",
+            "legendFormat": ".99",
+            "refId": "A"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Upstream response time",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "s",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      },
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 0,
+          "y": 8
+        },
+        "hiddenSeries": false,
+        "id": 93,
+        "legend": {
+          "alignAsTable": true,
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "rightSide": true,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "  sum by (path)(\n    rate(\n      nginx_ingress_controller_request_duration_seconds_count{\n        ingress =~ \"$ingress\"\n      }[1m]\n    )\n  )\n",
+            "interval": "",
+            "intervalFactor": 1,
+            "legendFormat": "{{ path }}",
+            "refId": "A"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Request volume by Path",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "reqps",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      },
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "description": "For each path observed, its median upstream response time",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 12,
+          "y": 8
+        },
+        "hiddenSeries": false,
+        "id": 98,
+        "legend": {
+          "alignAsTable": true,
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "rightSide": true,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "histogram_quantile(\n  .5,\n  sum by (le, path)(\n    rate(\n      nginx_ingress_controller_response_duration_seconds_bucket{\n        ingress =~ \"$ingress\"\n      }[1m]\n    )\n  )\n)",
+            "interval": "",
+            "intervalFactor": 1,
+            "legendFormat": "{{ path }}",
+            "refId": "A"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Median upstream response time by Path",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "s",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      },
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "description": "Percentage of 4xx and 5xx responses among all responses.",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 0,
+          "y": 16
+        },
+        "hiddenSeries": false,
+        "id": 100,
+        "legend": {
+          "alignAsTable": true,
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "rightSide": true,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null as zero",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "sum by (path) (rate(nginx_ingress_controller_request_duration_seconds_count{\n  ingress =~ \"$ingress\",\n  status =~ \"[4-5].*\"\n}[1m])) / sum by (path) (rate(nginx_ingress_controller_request_duration_seconds_count{\n  ingress =~ \"$ingress\",\n}[1m]))",
+            "interval": "",
+            "intervalFactor": 1,
+            "legendFormat": "{{ path }}",
+            "refId": "A"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Response error rate by Path",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "percentunit",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      },
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "description": "For each path observed, the sum of upstream request time",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 12,
+          "y": 16
+        },
+        "hiddenSeries": false,
+        "id": 102,
+        "legend": {
+          "alignAsTable": true,
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "rightSide": true,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "sum by (path) (rate(nginx_ingress_controller_response_duration_seconds_sum{ingress =~ \"$ingress\"}[1m]))",
+            "interval": "",
+            "intervalFactor": 1,
+            "legendFormat": "{{ path }}",
+            "refId": "A"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Upstream time consumed by Path",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "s",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      },
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 0,
+          "y": 24
+        },
+        "hiddenSeries": false,
+        "id": 101,
+        "legend": {
+          "alignAsTable": true,
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "rightSide": true,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "  sum (\n    rate(\n      nginx_ingress_controller_request_duration_seconds_count{\n        ingress =~ \"$ingress\",\n        status =~\"[4-5].*\",\n      }[1m]\n    )\n  ) by(path, status)\n",
+            "interval": "",
+            "intervalFactor": 1,
+            "legendFormat": "{{ path }} {{ status }}",
+            "refId": "A"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Response error volume by Path",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "reqps",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      },
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 12,
+          "y": 24
+        },
+        "hiddenSeries": false,
+        "id": 99,
+        "legend": {
+          "alignAsTable": true,
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "rightSide": true,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "sum (\n  rate (\n      nginx_ingress_controller_response_size_sum {\n        ingress =~ \"$ingress\",\n      }[1m]\n  )\n)  by (path) / sum (\n  rate(\n      nginx_ingress_controller_response_size_count {\n        ingress =~ \"$ingress\",\n      }[1m]\n  )\n) by (path)\n",
+            "hide": false,
+            "instant": false,
+            "interval": "",
+            "intervalFactor": 1,
+            "legendFormat": "{{ path }}",
+            "refId": "D"
+          },
+          {
+            "expr": "    sum (rate(nginx_ingress_controller_response_size_bucket{\n        ingress =~ \"$ingress\",\n    }[1m])) by (le)\n",
+            "hide": true,
+            "legendFormat": "{{le}}",
+            "refId": "A"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Average response size by Path",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "decbytes",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      },
+      {
+        "aliasColors": {},
+        "bars": false,
+        "dashLength": 10,
+        "dashes": false,
+        "datasource": "$datasource",
+        "fill": 1,
+        "fillGradient": 0,
+        "gridPos": {
+          "h": 8,
+          "w": 12,
+          "x": 0,
+          "y": 32
+        },
+        "hiddenSeries": false,
+        "id": 96,
+        "legend": {
+          "avg": false,
+          "current": false,
+          "max": false,
+          "min": false,
+          "show": true,
+          "total": false,
+          "values": false
+        },
+        "lines": true,
+        "linewidth": 1,
+        "nullPointMode": "null",
+        "options": {
+          "dataLinks": []
+        },
+        "percentage": false,
+        "pointradius": 2,
+        "points": false,
+        "renderer": "flot",
+        "seriesOverrides": [],
+        "spaceLength": 10,
+        "stack": false,
+        "steppedLine": false,
+        "targets": [
+          {
+            "expr": "sum (\n  rate(\n      nginx_ingress_controller_ingress_upstream_latency_seconds_sum {\n        ingress =~ \"$ingress\",\n      }[1m]\n)) / sum (\n  rate(\n      nginx_ingress_controller_ingress_upstream_latency_seconds_count {\n        ingress =~ \"$ingress\",\n      }[1m]\n  )\n)\n",
+            "hide": false,
+            "instant": false,
+            "interval": "",
+            "intervalFactor": 1,
+            "legendFormat": "average",
+            "refId": "B"
+          }
+        ],
+        "thresholds": [],
+        "timeFrom": null,
+        "timeRegions": [],
+        "timeShift": null,
+        "title": "Upstream service latency",
+        "tooltip": {
+          "shared": true,
+          "sort": 0,
+          "value_type": "individual"
+        },
+        "type": "graph",
+        "xaxis": {
+          "buckets": null,
+          "mode": "time",
+          "name": null,
+          "show": true,
+          "values": []
+        },
+        "yaxes": [
+          {
+            "format": "s",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          },
+          {
+            "format": "short",
+            "label": null,
+            "logBase": 1,
+            "max": null,
+            "min": null,
+            "show": true
+          }
+        ],
+        "yaxis": {
+          "align": false,
+          "alignLevel": null
+        }
+      }
+    ],
+    "refresh": "30s",
+    "schemaVersion": 22,
+    "style": "dark",
+    "tags": [
+      "nginx"
+    ],
+    "templating": {
+      "list": [
+        {
+          "current": {
+            "text": "Prometheus",
+            "value": "Prometheus"
+          },
+          "hide": 0,
+          "label": "Data Source",
+          "name": "datasource",
+          "options": [
+  
+          ],
+          "query": "prometheus",
+          "refresh": 1,
+          "regex": "",
+          "type": "datasource"
+        },
+        {
+          "allValue": ".*",
+          "current": {},
+          "datasource": "$datasource",
+          "definition": "label_values(nginx_ingress_controller_requests, ingress) ",
+          "hide": 0,
+          "includeAll": true,
+          "label": "Service Ingress",
+          "multi": false,
+          "name": "ingress",
+          "options": [],
+          "query": "label_values(nginx_ingress_controller_requests, ingress) ",
+          "refresh": 1,
+          "regex": "",
+          "skipUrlSync": false,
+          "sort": 2,
+          "tagValuesQuery": "",
+          "tags": [],
+          "tagsQuery": "",
+          "type": "query",
+          "useTags": false
+        }
+      ]
+    },
+    "time": {
+      "from": "now-15m",
+      "to": "now"
+    },
+    "timepicker": {
+      "refresh_intervals": [
+        "5s",
+        "10s",
+        "30s",
+        "2m",
+        "5m",
+        "15m",
+        "30m",
+        "1h",
+        "2h",
+        "1d"
+      ],
+      "time_options": [
+        "5m",
+        "15m",
+        "1h",
+        "6h",
+        "12h",
+        "24h",
+        "2d",
+        "7d",
+        "30d"
+      ]
+    },
+    "timezone": "browser",
+    "title": "NGINX / Request Handling Performance",
+    "uid": "4GFbkOsZk",
+    "version": 1
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/cluster/rancher-cluster-nodes.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/cluster/rancher-cluster-nodes.json
new file mode 100644
index 0000000000..1d4943501b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/cluster/rancher-cluster-nodes.json
@@ -0,0 +1,793 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 28,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - avg(irate({__name__=~\"node_cpu_seconds_total|windows_cpu_time_total\",mode=\"idle\"}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "{{instance}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "Load[5m] ({{instance}})"
+            },
+            "properties": []
+          }
+        ]
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 3,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(node_load5 OR avg_over_time(windows_system_processor_queue_length[5m])) by (instance)",
+          "interval": "",
+          "legendFormat": "Load[5m] ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(node_load1 OR avg_over_time(windows_system_processor_queue_length[1m])) by (instance)",
+          "interval": "",
+          "legendFormat": "Load[1m] ({{instance}})",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(node_load15 OR avg_over_time(windows_system_processor_queue_length[15m])) by (instance)",
+          "interval": "",
+          "legendFormat": "Load[15m] ({{instance}})",
+          "refId": "C"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Load Average",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - sum(node_memory_MemAvailable_bytes OR windows_os_physical_memory_free_bytes) by (instance) / sum(node_memory_MemTotal_bytes OR windows_cs_physical_memory_bytes) by (instance) ",
+          "interval": "",
+          "legendFormat": "{{instance}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 5,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - (sum(node_filesystem_free_bytes{device!~\"rootfs|HarddiskVolume.+\"} OR windows_logical_disk_free_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) by (instance) / sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\"} OR windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) by (instance))",
+          "interval": "",
+          "legendFormat": "{{instance}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_disk_read_bytes_total[$__rate_interval]) OR rate(windows_logical_disk_read_bytes_total[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Read ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_disk_written_bytes_total[$__rate_interval]) OR rate(windows_logical_disk_write_bytes_total[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Write ({{instance}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_network_receive_errs_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) by (instance) OR sum(rate(windows_net_packets_received_errors_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Receive Errors ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_network_receive_packets_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) by (instance) OR sum(rate(windows_net_packets_received_total_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Receive Total ({{instance}})",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(rate(node_network_transmit_errs_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) by (instance) OR sum(rate(windows_net_packets_outbound_errors_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Transmit Errors ({{instance}})",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(rate(node_network_receive_drop_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) by (instance) OR sum(rate(windows_net_packets_received_discarded_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Receive Dropped ({{instance}})",
+          "refId": "D"
+        },
+        {
+          "expr": "sum(rate(node_network_transmit_drop_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) by (instance) OR sum(rate(windows_net_packets_outbound_discarded{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Transmit Dropped ({{instance}})",
+          "refId": "E"
+        },
+        {
+          "expr": "sum(rate(node_network_transmit_packets_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) by (instance) OR sum(rate(windows_net_packets_sent_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Transmit Total ({{instance}})",
+          "refId": "F"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "pps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 14
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_network_transmit_bytes_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval]) OR rate(windows_net_packets_sent_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Transmit Total ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_network_receive_bytes_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval]) OR rate(windows_net_packets_received_total_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Receive Total ({{instance}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Cluster (Nodes)",
+  "uid": "rancher-cluster-nodes-1",
+  "version": 3
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/cluster/rancher-cluster.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/cluster/rancher-cluster.json
new file mode 100644
index 0000000000..24385a237a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/cluster/rancher-cluster.json
@@ -0,0 +1,776 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 28,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - avg(irate({__name__=~\"node_cpu_seconds_total|windows_cpu_time_total\",mode=\"idle\"}[$__rate_interval]))",
+          "legendFormat": "Total",
+          "interval": "",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "Load[5m]"
+            },
+            "properties": []
+          }
+        ]
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 3,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(node_load5 OR avg_over_time(windows_system_processor_queue_length[5m]))",
+          "interval": "",
+          "legendFormat": "Load[5m]",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(node_load1 OR avg_over_time(windows_system_processor_queue_length[1m]))",
+          "interval": "",
+          "legendFormat": "Load[1m]",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(node_load15 OR avg_over_time(windows_system_processor_queue_length[15m]))",
+          "interval": "",
+          "legendFormat": "Load[15m]",
+          "refId": "C"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Load Average",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - sum(node_memory_MemAvailable_bytes OR windows_os_physical_memory_free_bytes) / sum(node_memory_MemTotal_bytes OR windows_cs_physical_memory_bytes)",
+          "legendFormat": "Total",
+          "interval": "",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 5,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - (sum(node_filesystem_free_bytes{device!~\"rootfs|HarddiskVolume.+\"} OR windows_logical_disk_free_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) / sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\"} OR windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}))",
+          "legendFormat": "Total",
+          "interval": "",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_disk_read_bytes_total[$__rate_interval]) OR rate(windows_logical_disk_read_bytes_total[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Read",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_disk_written_bytes_total[$__rate_interval]) OR rate(windows_logical_disk_write_bytes_total[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Write",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "(sum(rate(node_network_receive_errs_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_received_errors_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Receive Errors",
+          "refId": "A"
+        },
+        {
+          "expr": "(sum(rate(node_network_receive_packets_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_received_total_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Receive Total",
+          "refId": "B"
+        },
+        {
+          "expr": "(sum(rate(node_network_transmit_errs_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_outbound_errors_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Transmit Errors",
+          "refId": "C"
+        },
+        {
+          "expr": "(sum(rate(node_network_receive_drop_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_received_discarded_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Receive Dropped",
+          "refId": "D"
+        },
+        {
+          "expr": "(sum(rate(node_network_transmit_drop_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_outbound_discarded{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Transmit Dropped",
+          "refId": "E"
+        },
+        {
+          "expr": "(sum(rate(node_network_transmit_packets_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_sent_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Transmit Total",
+          "refId": "F"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "pps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 14
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_network_transmit_bytes_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval]) OR rate(windows_net_packets_sent_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Transmit Total",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_network_receive_bytes_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\"}[$__rate_interval]) OR rate(windows_net_packets_received_total_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*'}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Receive Total",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Cluster",
+  "uid": "rancher-cluster-1",
+  "version": 3
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/bundle.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/bundle.json
new file mode 100644
index 0000000000..698f48aeed
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/bundle.json
@@ -0,0 +1,246 @@
+{
+   "description": "Bundle",
+   "graphTooltip": 1,
+   "panels": [
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 0
+         },
+         "id": 1,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_ready{exported_namespace=\"$namespace\",name=~\"$name\"}) / sum(fleet_bundle_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Bundles",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 0
+         },
+         "id": 2,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_not_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_out_of_sync{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Out of Sync"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_err_applied{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Err Applied"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_modified{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Modified"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_pending{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Pending"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_wait_applied{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Wait Applied"
+            }
+         ],
+         "title": "Bundles",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 8
+         },
+         "id": 3,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_not_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_out_of_sync{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Out of Sync"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_err_applied{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Err Applied"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_modified{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Modified"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_pending{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Pending"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundle_wait_applied{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Wait Applied"
+            }
+         ],
+         "title": "Bundles",
+         "type": "timeseries"
+      }
+   ],
+   "schemaVersion": 39,
+   "templating": {
+      "list": [
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "name": "namespace",
+            "query": "label_values(fleet_bundle_desired_ready, exported_namespace)",
+            "refresh": 2,
+            "type": "query"
+         },
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "includeAll": true,
+            "name": "name",
+            "query": "label_values(fleet_bundle_desired_ready{exported_namespace=~\"$namespace\"}, name)",
+            "refresh": 2,
+            "type": "query"
+         }
+      ]
+   },
+   "time": {
+      "from": "now-1h",
+      "to": "now"
+   },
+   "timezone": "utc",
+   "title": "Fleet / Bundle",
+   "uid": "fleet-bundle"
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/bundledeployment.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/bundledeployment.json
new file mode 100644
index 0000000000..c81f7a6212
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/bundledeployment.json
@@ -0,0 +1,219 @@
+{
+   "description": "BundleDeployment",
+   "graphTooltip": 1,
+   "panels": [
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 0
+         },
+         "id": 1,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"Ready\"}) / sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\"})"
+            }
+         ],
+         "title": "Ready BundleDeployments",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 0
+         },
+         "id": 2,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"Ready\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"NotReady\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"WaitApplied\"})",
+               "legendFormat": "Wait Applied"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"ErrApplied\"})",
+               "legendFormat": "Err Applied"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"OutOfSync\"})",
+               "legendFormat": "OutOfSync"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"Pending\"})",
+               "legendFormat": "Pending"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"Modified\"})",
+               "legendFormat": "Modified"
+            }
+         ],
+         "title": "BundleDeployments",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 8
+         },
+         "id": 3,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"Ready\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"NotReady\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"WaitApplied\"})",
+               "legendFormat": "Wait Applied"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"ErrApplied\"})",
+               "legendFormat": "Err Applied"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"OutOfSync\"})",
+               "legendFormat": "OutOfSync"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"Pending\"})",
+               "legendFormat": "Pending"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_bundledeployment_state{cluster_namespace=~\"$namespace\",state=\"Modified\"})",
+               "legendFormat": "Modified"
+            }
+         ],
+         "title": "BundleDeployments",
+         "type": "timeseries"
+      }
+   ],
+   "schemaVersion": 39,
+   "templating": {
+      "list": [
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "name": "namespace",
+            "query": "label_values(fleet_bundledeployment_state, cluster_namespace)",
+            "refresh": 2,
+            "type": "query"
+         }
+      ]
+   },
+   "time": {
+      "from": "now-1h",
+      "to": "now"
+   },
+   "timezone": "utc",
+   "title": "Fleet / BundleDeployment",
+   "uid": "fleet-bundledeployment"
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/cluster.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/cluster.json
new file mode 100644
index 0000000000..73bdea4834
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/cluster.json
@@ -0,0 +1,484 @@
+{
+   "description": "Cluster",
+   "graphTooltip": 1,
+   "panels": [
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 0
+         },
+         "id": 1,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_ready_git_repos{exported_namespace=\"$namespace\",name=~\"$name\"}) / sum(fleet_cluster_desired_ready_git_repos{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Git Repos",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 0
+         },
+         "id": 2,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_desired_ready_git_repos{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_ready_git_repos{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            }
+         ],
+         "title": "Git Repos",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 8
+         },
+         "id": 3,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_desired_ready_git_repos{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_ready_git_repos{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            }
+         ],
+         "title": "Git Repos",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 13
+         },
+         "id": 4,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_ready{exported_namespace=\"$namespace\",name=~\"$name\"}) / sum(fleet_cluster_resources_count_desiredready{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Resources",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 13
+         },
+         "id": 5,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_desiredready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_notready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_missing{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Missing"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_modified{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Modified"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_unknown{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Unknown"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_orphaned{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Orphaned"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_waitapplied{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Wait Applied"
+            }
+         ],
+         "title": "Resources",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 21
+         },
+         "id": 6,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_desiredready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_notready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_missing{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Missing"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_modified{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Modified"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_unknown{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Unknown"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_orphaned{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Orphaned"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_resources_count_waitapplied{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Wait Applied"
+            }
+         ],
+         "title": "Resources",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 26
+         },
+         "id": 7,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_state{exported_namespace=\"$namespace\",name=~\"$name\",state=\"Ready\"}) / sum(fleet_cluster_state{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Clusters",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 26
+         },
+         "id": 8,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_state{exported_namespace=\"$namespace\",name=~\"$name\",state=\"Ready\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_state{exported_namespace=\"$namespace\",name=~\"$name\",state=\"NotReady\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_state{exported_namespace=\"$namespace\",name=~\"$name\",state=\"WaitCheckIn\"})",
+               "legendFormat": "Wait Check In"
+            }
+         ],
+         "title": "Clusters",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 34
+         },
+         "id": 9,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_state{exported_namespace=\"$namespace\",name=~\"$name\",state=\"Ready\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_state{exported_namespace=\"$namespace\",name=~\"$name\",state=\"NotReady\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_state{exported_namespace=\"$namespace\",name=~\"$name\",state=\"WaitCheckIn\"})",
+               "legendFormat": "Wait Check In"
+            }
+         ],
+         "title": "Clusters",
+         "type": "timeseries"
+      }
+   ],
+   "schemaVersion": 39,
+   "templating": {
+      "list": [
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "name": "namespace",
+            "query": "label_values(fleet_cluster_desired_ready_git_repos, exported_namespace)",
+            "refresh": 2,
+            "type": "query"
+         },
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "includeAll": true,
+            "name": "name",
+            "query": "label_values(fleet_cluster_desired_ready_git_repos{exported_namespace=~\"$namespace\"}, name)",
+            "refresh": 2,
+            "type": "query"
+         }
+      ]
+   },
+   "time": {
+      "from": "now-1h",
+      "to": "now"
+   },
+   "timezone": "utc",
+   "title": "Fleet / Cluster",
+   "uid": "fleet-cluster"
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/clustergroup.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/clustergroup.json
new file mode 100644
index 0000000000..ce3df87b21
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/clustergroup.json
@@ -0,0 +1,468 @@
+{
+   "description": "ClusterGroup",
+   "graphTooltip": 1,
+   "panels": [
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 0
+         },
+         "id": 1,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_bundle_ready{exported_namespace=\"$namespace\",name=~\"$name\"}) / sum(fleet_cluster_group_bundle_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Bundles",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 0
+         },
+         "id": 2,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_bundle_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_bundle_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            }
+         ],
+         "title": "Bundles",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 8
+         },
+         "id": 3,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_bundle_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_bundle_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            }
+         ],
+         "title": "Bundles",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 13
+         },
+         "id": 4,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "(sum(fleet_cluster_group_cluster_count{exported_namespace=\"$namespace\",name=~\"$name\"}) - sum(fleet_cluster_group_non_ready_cluster_count{exported_namespace=\"$namespace\",name=~\"$name\"})) / sum(fleet_cluster_group_cluster_count{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Clusters",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 13
+         },
+         "id": 5,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_cluster_count{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Total"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_non_ready_cluster_count{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Non Ready"
+            }
+         ],
+         "title": "Clusters",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 21
+         },
+         "id": 6,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_cluster_count{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Total"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_non_ready_cluster_count{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Non Ready"
+            }
+         ],
+         "title": "Clusters",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 26
+         },
+         "id": 7,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_ready{exported_namespace=\"$namespace\",name=~\"$name\"}) / sum(fleet_cluster_group_resource_count_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Resources",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 26
+         },
+         "id": 8,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_notready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_missing{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Missing"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_modified{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Modified"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_orphaned{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Orphaned"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_unknown{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Unknown"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_waitapplied{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Wait Applied"
+            }
+         ],
+         "title": "Resources",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 34
+         },
+         "id": 9,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_notready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_missing{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Missing"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_modified{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Modified"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_orphaned{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Orphaned"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_unknown{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Unknown"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_cluster_group_resource_count_waitapplied{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Wait Applied"
+            }
+         ],
+         "title": "Resources",
+         "type": "timeseries"
+      }
+   ],
+   "schemaVersion": 39,
+   "templating": {
+      "list": [
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "name": "namespace",
+            "query": "label_values(fleet_cluster_group_bundle_desired_ready, exported_namespace)",
+            "refresh": 2,
+            "type": "query"
+         },
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "includeAll": true,
+            "name": "name",
+            "query": "label_values(fleet_cluster_group_bundle_desired_ready{exported_namespace=~\"$namespace\"}, name)",
+            "refresh": 2,
+            "type": "query"
+         }
+      ]
+   },
+   "time": {
+      "from": "now-1h",
+      "to": "now"
+   },
+   "timezone": "utc",
+   "title": "Fleet / ClusterGroup",
+   "uid": "fleet-cluster-group"
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/controller-runtime.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/controller-runtime.json
new file mode 100644
index 0000000000..23a81f2a8c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/controller-runtime.json
@@ -0,0 +1,454 @@
+{
+   "description": "Controller Runtime",
+   "graphTooltip": 1,
+   "panels": [
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 0
+         },
+         "id": 1,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "controller_runtime_active_workers{job=\"$job\", namespace=\"$namespace\"}",
+               "legendFormat": "{{controller}} {{instance}}"
+            }
+         ],
+         "title": "Number of Workers in Use",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 8
+         },
+         "id": 2,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(rate(controller_runtime_reconcile_errors_total{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, pod)",
+               "legendFormat": "{{instance}} {{pod}}"
+            }
+         ],
+         "title": "Reconciliation Error Count per Controller",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 16
+         },
+         "id": 3,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(rate(controller_runtime_reconcile_total{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, pod)",
+               "legendFormat": "{{instance}} {{pod}}"
+            }
+         ],
+         "title": "Total Reconciliation Count per Controller",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 24
+         },
+         "id": 4,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "workqueue_depth{job=\"$job\", namespace=\"$namespace\"}",
+               "legendFormat": "{{instance}} {{pod}}"
+            }
+         ],
+         "title": "WorkQueue Depth",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 32
+         },
+         "id": 5,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "histogram_quantile(0.50, sum(rate(workqueue_queue_duration_seconds_bucket{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, name, le))",
+               "legendFormat": "P50 {{name}}"
+            }
+         ],
+         "title": "Seconds for Items Stay in Queue (before being requested) P50",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 40
+         },
+         "id": 6,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "histogram_quantile(0.90, sum(rate(workqueue_queue_duration_seconds_bucket{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, name, le))",
+               "legendFormat": "P90 {{name}}"
+            }
+         ],
+         "title": "Seconds for Items Stay in Queue (before being requested) P90",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 48
+         },
+         "id": 7,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "histogram_quantile(0.99, sum(rate(workqueue_queue_duration_seconds_bucket{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, name, le))",
+               "legendFormat": "P99 {{name}}"
+            }
+         ],
+         "title": "Seconds for Items Stay in Queue (before being requested) P99",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 56
+         },
+         "id": 8,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(rate(workqueue_adds_total{job=\"$job\", namespace=\"$namespace\"}[2m])) by (instance, name)",
+               "legendFormat": "{{name}} {{instance}}"
+            }
+         ],
+         "title": "Work Queue Add Rate",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 64
+         },
+         "id": 9,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "rate(workqueue_unfinished_work_seconds{job=\"$job\", namespace=\"$namespace\"}[5m])",
+               "legendFormat": "{{name}} {{instance}}"
+            }
+         ],
+         "title": "Unfinished Seconds",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 72
+         },
+         "id": 10,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "histogram_quantile(0.50, sum(rate(workqueue_work_duration_seconds_bucket{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, name, le))",
+               "legendFormat": "P50 {{name}}"
+            }
+         ],
+         "title": "Seconds Processing Items from WorkQueue - 50th Percentile",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 80
+         },
+         "id": 11,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "histogram_quantile(0.90, sum(rate(workqueue_work_duration_seconds_bucket{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, name, le))",
+               "legendFormat": "P90 {{name}}"
+            }
+         ],
+         "title": "Seconds Processing Items from WorkQueue - 90th Percentile",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 88
+         },
+         "id": 12,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "histogram_quantile(0.99, sum(rate(workqueue_work_duration_seconds_bucket{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, name, le))",
+               "legendFormat": "P99 {{name}}"
+            }
+         ],
+         "title": "Seconds Processing Items from WorkQueue - 99th Percentile",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": null,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 96
+         },
+         "id": 13,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(rate(workqueue_retries_total{job=\"$job\", namespace=\"$namespace\"}[5m])) by (instance, name)",
+               "legendFormat": "{{name}} {{instance}}"
+            }
+         ],
+         "title": "Work Queue Retries Rate",
+         "type": "timeseries"
+      }
+   ],
+   "schemaVersion": 39,
+   "templating": {
+      "list": [
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "name": "namespace",
+            "query": "label_values(controller_runtime_reconcile_total, namespace)",
+            "refresh": 2,
+            "type": "query"
+         },
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "name": "job",
+            "query": "label_values(controller_runtime_reconcile_total{namespace=~\"$namespace\"}, job)",
+            "refresh": 2,
+            "type": "query"
+         }
+      ]
+   },
+   "time": {
+      "from": "now-1h",
+      "to": "now"
+   },
+   "timezone": "utc",
+   "title": "Fleet / Controller-Runtime",
+   "uid": "fleet-controller-runtime"
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/gitrepo.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/gitrepo.json
new file mode 100644
index 0000000000..1a50c2937d
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/fleet/gitrepo.json
@@ -0,0 +1,325 @@
+{
+   "description": "GitRepo",
+   "graphTooltip": 1,
+   "panels": [
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 0
+         },
+         "id": 1,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_ready_clusters{exported_namespace=\"$namespace\",name=~\"$name\"}) / sum(fleet_gitrepo_desired_ready_clusters{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Clusters",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 0
+         },
+         "id": 2,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_desired_ready_clusters{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_ready_clusters{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            }
+         ],
+         "title": "Clusters",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 8
+         },
+         "id": 3,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_desired_ready_clusters{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_ready_clusters{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            }
+         ],
+         "title": "Clusters",
+         "type": "timeseries"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": "percentunit"
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 7,
+            "x": 0,
+            "y": 13
+         },
+         "id": 4,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_ready{exported_namespace=\"$namespace\",name=~\"$name\"}) / sum(fleet_gitrepo_resources_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})"
+            }
+         ],
+         "title": "Ready Resources",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 5,
+            "w": 17,
+            "x": 7,
+            "y": 13
+         },
+         "id": 5,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_not_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_missing{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Missing"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_modified{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Modified"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_unknown{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Unknown"
+            }
+         ],
+         "title": "Resources",
+         "type": "stat"
+      },
+      {
+         "datasource": {
+            "type": "datasource",
+            "uid": "-- Mixed --"
+         },
+         "fieldConfig": {
+            "defaults": {
+               "decimals": 0,
+               "unit": null
+            }
+         },
+         "gridPos": {
+            "h": 8,
+            "w": 24,
+            "x": 0,
+            "y": 21
+         },
+         "id": 6,
+         "pluginVersion": "v11.0.0",
+         "targets": [
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_desired_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Desired Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_not_ready{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Not Ready"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_missing{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Missing"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_modified{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Modified"
+            },
+            {
+               "datasource": {
+                  "type": "prometheus",
+                  "uid": "prometheus"
+               },
+               "expr": "sum(fleet_gitrepo_resources_unknown{exported_namespace=\"$namespace\",name=~\"$name\"})",
+               "legendFormat": "Unknown"
+            }
+         ],
+         "title": "Resources",
+         "type": "timeseries"
+      }
+   ],
+   "schemaVersion": 39,
+   "templating": {
+      "list": [
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "name": "namespace",
+            "query": "label_values(fleet_gitrepo_desired_ready_clusters, exported_namespace)",
+            "refresh": 2,
+            "type": "query"
+         },
+         {
+            "datasource": {
+               "type": "prometheus",
+               "uid": "prometheus"
+            },
+            "includeAll": true,
+            "name": "name",
+            "query": "label_values(fleet_gitrepo_desired_ready_clusters{exported_namespace=~\"$namespace\"}, name)",
+            "refresh": 2,
+            "type": "query"
+         }
+      ]
+   },
+   "time": {
+      "from": "now-1h",
+      "to": "now"
+   },
+   "timezone": "utc",
+   "title": "Fleet / GitRepo",
+   "uid": "fleet-gitrepo"
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/home/rancher-default-home.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/home/rancher-default-home.json
new file mode 100644
index 0000000000..3fce207561
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/home/rancher-default-home.json
@@ -0,0 +1,1290 @@
+{
+  "annotations": {
+    "list": []
+  },
+  "editable": false,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": null,
+  "links": [],
+  "panels": [
+    {
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 24,
+        "x": 0,
+        "y": 0
+      },
+      "id": 1,
+      "title": "",
+      "type": "welcome"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": true,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "percent",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": true,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 5,
+        "w": 8,
+        "x": 0,
+        "y": 4
+      },
+      "height": "180px",
+      "id": 6,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "(1 - (avg(irate({__name__=~\"node_cpu_seconds_total|windows_cpu_time_total\",mode=\"idle\"}[5m])))) * 100",
+          "format": "time_series",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "65, 90",
+      "title": "CPU Utilization",
+      "type": "singlestat",
+      "valueFontSize": "80%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": true,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "percent",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": true,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 5,
+        "w": 8,
+        "x": 8,
+        "y": 4
+      },
+      "height": "180px",
+      "id": 4,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "(1 - sum({__name__=~\"node_memory_MemAvailable_bytes|windows_os_physical_memory_free_bytes\"}) / sum({__name__=~\"node_memory_MemTotal_bytes|windows_cs_physical_memory_bytes\"})) * 100",
+          "format": "time_series",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "65, 90",
+      "title": "Memory Utilization",
+      "type": "singlestat",
+      "valueFontSize": "80%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": true,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "percent",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": true,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 5,
+        "w": 8,
+        "x": 16,
+        "y": 4
+      },
+      "height": "180px",
+      "id": 7,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "(1 - (((sum(node_filesystem_free_bytes{device!~\"rootfs|HarddiskVolume.+\"}) OR on() vector(0)) + (sum(windows_logical_disk_free_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) OR on() vector(0))) / ((sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\"}) OR on() vector(0)) + (sum(windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) OR on() vector(0))))) * 100",
+          "format": "time_series",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "metric": "",
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "65, 90",
+      "title": "Disk Utilization",
+      "type": "singlestat",
+      "valueFontSize": "80%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "none",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 4,
+        "x": 0,
+        "y": 9
+      },
+      "height": "1px",
+      "id": 11,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": " cores",
+      "postfixFontSize": "30%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "sum(irate({__name__=~\"node_cpu_seconds_total|windows_cpu_time_total\",mode!=\"idle\"}[5m]))",
+          "format": "time_series",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "",
+      "title": "CPU Used",
+      "type": "singlestat",
+      "valueFontSize": "50%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "none",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 4,
+        "x": 4,
+        "y": 9
+      },
+      "height": "1px",
+      "id": 12,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": " cores",
+      "postfixFontSize": "30%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "sum(kube_node_status_allocatable_cpu_cores{}) OR sum(kube_node_status_allocatable{resource=\"cpu\",unit=\"core\"})",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "",
+      "title": "CPU Total",
+      "type": "singlestat",
+      "valueFontSize": "50%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "bytes",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 4,
+        "x": 8,
+        "y": 9
+      },
+      "height": "1px",
+      "id": 9,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "20%",
+      "prefix": "",
+      "prefixFontSize": "20%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "sum({__name__=~\"node_memory_MemTotal_bytes|windows_cs_physical_memory_bytes\"}) - sum({__name__=~\"node_memory_MemAvailable_bytes|windows_os_physical_memory_free_bytes\"})",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "",
+      "title": "Memory Used",
+      "type": "singlestat",
+      "valueFontSize": "50%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "bytes",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 4,
+        "x": 12,
+        "y": 9
+      },
+      "height": "1px",
+      "id": 10,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "sum(kube_node_status_allocatable_memory_bytes{}) OR sum(kube_node_status_allocatable{resource=\"memory\", unit=\"byte\"})",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "",
+      "title": "Memory Total",
+      "type": "singlestat",
+      "valueFontSize": "50%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "bytes",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 4,
+        "x": 16,
+        "y": 9
+      },
+      "height": "1px",
+      "id": 13,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "(sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\"}) - sum(node_filesystem_free_bytes{device!~\"rootfs|HarddiskVolume.+\"}) OR on() vector(0)) + (sum(windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) - sum(windows_logical_disk_free_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) OR on() vector(0))",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "",
+      "title": "Disk Used",
+      "type": "singlestat",
+      "valueFontSize": "50%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "cacheTimeout": null,
+      "colorBackground": false,
+      "colorValue": false,
+      "colors": [
+        "rgba(50, 172, 45, 0.97)",
+        "rgba(237, 129, 40, 0.89)",
+        "rgba(245, 54, 54, 0.9)"
+      ],
+      "datasource": "Prometheus",
+      "decimals": 2,
+      "editable": true,
+      "error": false,
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "format": "bytes",
+      "gauge": {
+        "maxValue": 100,
+        "minValue": 0,
+        "show": false,
+        "thresholdLabels": false,
+        "thresholdMarkers": true
+      },
+      "gridPos": {
+        "h": 3,
+        "w": 4,
+        "x": 20,
+        "y": 9
+      },
+      "height": "1px",
+      "id": 14,
+      "interval": null,
+      "isNew": true,
+      "links": [],
+      "mappingType": 1,
+      "mappingTypes": [
+        {
+          "name": "value to text",
+          "value": 1
+        },
+        {
+          "name": "range to text",
+          "value": 2
+        }
+      ],
+      "maxDataPoints": 100,
+      "nullPointMode": "connected",
+      "nullText": null,
+      "postfix": "",
+      "postfixFontSize": "50%",
+      "prefix": "",
+      "prefixFontSize": "50%",
+      "rangeMaps": [
+        {
+          "from": "null",
+          "text": "N/A",
+          "to": "null"
+        }
+      ],
+      "sparkline": {
+        "fillColor": "rgba(31, 118, 189, 0.18)",
+        "full": false,
+        "lineColor": "rgb(31, 120, 193)",
+        "show": false
+      },
+      "tableColumn": "",
+      "targets": [
+        {
+          "expr": "(sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\"}) OR on() vector(0)) + (sum(windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) OR on() vector(0))",
+          "interval": "10s",
+          "intervalFactor": 1,
+          "refId": "A",
+          "step": 10
+        }
+      ],
+      "thresholds": "",
+      "title": "Disk Total",
+      "type": "singlestat",
+      "valueFontSize": "50%",
+      "valueMaps": [
+        {
+          "op": "=",
+          "text": "0",
+          "value": "null"
+        }
+      ],
+      "valueName": "current"
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "Prometheus",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {},
+          "links": []
+        },
+        "overrides": []
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 6,
+        "w": 8,
+        "x": 0,
+        "y": 12
+      },
+      "hiddenSeries": false,
+      "id": 2051,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "links": [],
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 5,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - (avg(irate({__name__=~\"node_cpu_seconds_total|windows_cpu_time_total\",mode=\"idle\"}[$__rate_interval])))",
+          "format": "time_series",
+          "hide": false,
+          "instant": false,
+          "intervalFactor": 1,
+          "legendFormat": "Cluster",
+          "refId": "A"
+        },
+        {
+          "expr": "1 - avg(irate({__name__=~\"node_cpu_seconds_total|windows_cpu_time_total\", mode=\"idle\"}[$__rate_interval])) by (instance)",
+          "format": "time_series",
+          "hide": false,
+          "intervalFactor": 1,
+          "legendFormat": "{{ instance }}",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Usage",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "percentunit",
+          "label": "",
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": "",
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "Prometheus",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {},
+          "links": []
+        },
+        "overrides": []
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 6,
+        "w": 8,
+        "x": 8,
+        "y": 12
+      },
+      "hiddenSeries": false,
+      "id": 2052,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "links": [],
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 5,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "100 * (1 - sum({__name__=~\"node_memory_MemAvailable_bytes|windows_os_physical_memory_free_bytes\"}) / sum({__name__=~\"node_memory_MemTotal_bytes|windows_cs_physical_memory_bytes\"}))",
+          "format": "time_series",
+          "hide": false,
+          "instant": false,
+          "intervalFactor": 1,
+          "legendFormat": "Cluster",
+          "refId": "A"
+        },
+        {
+          "expr": "100 * (1- sum({__name__=~\"node_memory_MemAvailable_bytes|windows_os_physical_memory_free_bytes\"}) by (instance) / sum({__name__=~\"node_memory_MemTotal_bytes|windows_cs_physical_memory_bytes\"}) by (instance))",
+          "format": "time_series",
+          "hide": false,
+          "intervalFactor": 1,
+          "legendFormat": "{{ instance }}",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Usage",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "percent",
+          "label": "",
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": "",
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "Prometheus",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {},
+          "links": []
+        },
+        "overrides": []
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 6,
+        "w": 8,
+        "x": 16,
+        "y": 12
+      },
+      "hiddenSeries": false,
+      "id": 2053,
+      "legend": {
+        "alignAsTable": false,
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": false,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "links": [],
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 5,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "(1 - ((sum(node_filesystem_free_bytes{device!~\"rootfs|HarddiskVolume.+\"}) OR on() vector(0)) + (sum(windows_logical_disk_free_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"} OR on() vector(0)))) / ((sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\"}) OR on() vector(0)) + (sum(windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) OR on() vector(0)))) * 100",
+          "legendFormat": "Cluster",
+          "refId": "A"
+        },
+        {
+          "expr": "(1 - (sum(node_filesystem_free_bytes{device!~\"rootfs|HarddiskVolume.+\"}) by (instance)) / sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\"}) by (instance)) * 100",
+          "hide": false,
+          "legendFormat": "{{ instance }}",
+          "refId": "B"
+        },
+        {
+          "expr": "(1 - (sum(windows_logical_disk_free_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) by (instance)) / sum(windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\"}) by (instance)) * 100",
+          "hide": false,
+          "legendFormat": "{{ instance }}",
+          "refId": "C"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk Usage",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "percent",
+          "label": "",
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": "",
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "folderId": 0,
+      "gridPos": {
+        "h": 15,
+        "w": 12,
+        "x": 0,
+        "y": 18
+      },
+      "headings": true,
+      "id": 3,
+      "limit": 30,
+      "links": [],
+      "query": "",
+      "recent": true,
+      "search": true,
+      "starred": false,
+      "tags": [],
+      "title": "Dashboards",
+      "type": "dashlist"
+    },
+    {
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 8,
+        "w": 12,
+        "x": 12,
+        "y": 18
+      },
+      "id": 2055,
+      "options": {
+        "content": "## About Rancher Monitoring\n\nRancher Monitoring is a Helm chart developed by Rancher that is powered by [Prometheus Operator](https://github.com/prometheus-operator/prometheus-operator). It is based on the upstream [kube-prometheus-stack](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack) Helm chart maintained by the Prometheus community.\n\nBy default, the chart deploys Grafana alongside a set of Grafana dashboards curated by the [kube-prometheus](https://github.com/prometheus-operator/kube-prometheus) project.\n\nFor more information on how Rancher Monitoring differs from [kube-prometheus-stack](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack), please view the CHANGELOG.md of the rancher-monitoring chart located in the [rancher/charts](https://github.com/rancher/charts) repository.\n\nFor more information about how to configure Rancher Monitoring, please view the [Rancher docs](https://rancher.com/docs/rancher/v2.x/en/).\n\n",
+        "mode": "markdown"
+      },
+      "pluginVersion": "7.1.0",
+      "timeFrom": null,
+      "timeShift": null,
+      "title": "",
+      "type": "text"
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "hidden": true,
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ],
+    "time_options": [
+      "5m",
+      "15m",
+      "1h",
+      "6h",
+      "12h",
+      "24h",
+      "2d",
+      "7d",
+      "30d"
+    ],
+    "type": "timepicker"
+  },
+  "timezone": "browser",
+  "title": "Home",
+  "uid": "rancher-home-1",
+  "version": 5
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/k8s/rancher-etcd-nodes.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/k8s/rancher-etcd-nodes.json
new file mode 100644
index 0000000000..8af4b81ce0
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/k8s/rancher-etcd-nodes.json
@@ -0,0 +1,687 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 32,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "Prometheus",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(etcd_network_client_grpc_received_bytes_total{job=\"kube-etcd\"}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Client Traffic In ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(etcd_network_client_grpc_sent_bytes_total{job=\"kube-etcd\"}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Client Traffic Out ({{instance}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "GRPC Client Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "Load[5m]({{instance}})"
+            },
+            "properties": []
+          }
+        ]
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 3,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(etcd_mvcc_db_total_size_in_bytes) by (instance)",
+          "interval": "",
+          "legendFormat": "DB Size ({{instance}})",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "DB Size",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "bytes",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(grpc_server_started_total{grpc_service=\"etcdserverpb.Watch\",grpc_type=\"bidi_stream\"}) by (instance) - sum(grpc_server_handled_total{grpc_service=\"etcdserverpb.Watch\",grpc_type=\"bidi_stream\"}) by (instance)",
+          "interval": "",
+          "legendFormat": "Watch Streams ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(grpc_server_started_total{grpc_service=\"etcdserverpb.Lease\",grpc_type=\"bidi_stream\"}) by (instance) - sum(grpc_server_handled_total{grpc_service=\"etcdserverpb.Lease\",grpc_type=\"bidi_stream\"}) by (instance)",
+          "interval": "",
+          "legendFormat": "Lease Watch Stream ({{instance}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Active Streams",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 5,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(etcd_server_proposals_committed_total[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Proposal Committed ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(etcd_server_proposals_applied_total[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Proposal Applied ({{instance}})",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(rate(etcd_server_proposals_failed_total[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "Proposal Failed ({{instance}})",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(etcd_server_proposals_pending) by (instance)",
+          "interval": "",
+          "legendFormat": "Proposal Pending ({{instance}})",
+          "refId": "D"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Raft Proposals",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(grpc_server_started_total{grpc_type=\"unary\"}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "RPC Rate ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(grpc_server_handled_total{grpc_type=\"unary\",grpc_code!=\"OK\"}[$__rate_interval])) by (instance)",
+          "interval": "",
+          "legendFormat": "RPC Failure Rate ({{instance}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "RPC Rate",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 0,
+          "format": "ops",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "decimals": null,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "histogram_quantile(0.99, sum(rate(etcd_disk_wal_fsync_duration_seconds_bucket[$__rate_interval])) by (instance, le))",
+          "interval": "",
+          "legendFormat": "WAL fsync ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "histogram_quantile(0.99, sum(rate(etcd_disk_backend_commit_duration_seconds_bucket[$__rate_interval])) by (instance, le))",
+          "interval": "",
+          "legendFormat": "DB fsync ({{instance}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk Sync Duration",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 2,
+          "format": "s",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / etcd (Nodes)",
+  "uid": "rancher-etcd-nodes-1",
+  "version": 5
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/k8s/rancher-etcd.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/k8s/rancher-etcd.json
new file mode 100644
index 0000000000..0c058cafb9
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/k8s/rancher-etcd.json
@@ -0,0 +1,669 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 33,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "Prometheus",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(etcd_network_client_grpc_received_bytes_total{job=\"kube-etcd\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Client Traffic In",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(etcd_network_client_grpc_sent_bytes_total{job=\"kube-etcd\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Client Traffic Out",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "GRPC Client Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": [
+          {
+            "properties": []
+          }
+        ]
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 3,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(etcd_mvcc_db_total_size_in_bytes)",
+          "interval": "",
+          "legendFormat": "DB Size",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "DB Size",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "bytes",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(grpc_server_started_total{grpc_service=\"etcdserverpb.Watch\",grpc_type=\"bidi_stream\"}) - sum(grpc_server_handled_total{grpc_service=\"etcdserverpb.Watch\",grpc_type=\"bidi_stream\"})",
+          "interval": "",
+          "legendFormat": "Watch Streams",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(grpc_server_started_total{grpc_service=\"etcdserverpb.Lease\",grpc_type=\"bidi_stream\"}) - sum(grpc_server_handled_total{grpc_service=\"etcdserverpb.Lease\",grpc_type=\"bidi_stream\"})",
+          "interval": "",
+          "legendFormat": "Lease Watch Stream",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Active Streams",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 5,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(etcd_server_proposals_committed_total[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Proposal Committed",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(etcd_server_proposals_applied_total[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Proposal Applied",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(rate(etcd_server_proposals_failed_total[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Proposal Failed",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(etcd_server_proposals_pending)",
+          "interval": "",
+          "legendFormat": "Proposal Pending",
+          "refId": "D"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Raft Proposals",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(grpc_server_started_total{grpc_type=\"unary\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "RPC Rate",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(grpc_server_handled_total{grpc_type=\"unary\",grpc_code!=\"OK\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "RPC Failure Rate",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "RPC Rate",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 0,
+          "format": "ops",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "decimals": null,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "histogram_quantile(0.99, sum(rate(etcd_disk_wal_fsync_duration_seconds_bucket[$__rate_interval])) by (instance, le))",
+          "interval": "",
+          "legendFormat": "WAL fsync",
+          "refId": "A"
+        },
+        {
+          "expr": "histogram_quantile(0.99, sum(rate(etcd_disk_backend_commit_duration_seconds_bucket[$__rate_interval])) by (instance, le))",
+          "interval": "",
+          "legendFormat": "DB fsync",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk Sync Duration",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 2,
+          "format": "s",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / etcd",
+  "uid": "rancher-etcd-1",
+  "version": 4
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/k8s/rancher-k8s-components-nodes.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/k8s/rancher-k8s-components-nodes.json
new file mode 100644
index 0000000000..b31358eaaf
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/k8s/rancher-k8s-components-nodes.json
@@ -0,0 +1,527 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 30,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(apiserver_request_total[$__rate_interval])) by (instance, code)",
+          "interval": "",
+          "legendFormat": "{{code}}({{instance}})",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "API Server Request Rate",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 0,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "Load[5m]({{instance}})"
+            },
+            "properties": []
+          }
+        ]
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 3,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"deployment\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "Deployment Depth ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"volumes\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "Volumes Depth ({{instance}})",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"replicaset\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "ReplicaSet Depth ({{instance}})",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"service\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "Service Depth ({{instance}})",
+          "refId": "D"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"serviceaccount\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "ServiceAccount Depth ({{instance}})",
+          "refId": "E"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"endpoint\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "Endpoint Depth ({{instance}})",
+          "refId": "F"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"daemonset\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "DaemonSet Depth ({{instance}})",
+          "refId": "G"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"statefulset\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "StatefulSet Depth ({{instance}})",
+          "refId": "H"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"replicationmanager\"}) by (instance, name)",
+          "interval": "",
+          "legendFormat": "ReplicationManager Depth ({{instance}})",
+          "refId": "I"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Controller Manager Queue Depth",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(kube_pod_status_scheduled{condition=\"false\"})",
+          "interval": "",
+          "legendFormat": "Failed To Schedule",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Pod Scheduling Status",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{instance}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 5,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(nginx_ingress_controller_nginx_process_connections{state=\"reading\"}) by (instance)",
+          "interval": "",
+          "legendFormat": "Reading ({{instance}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(nginx_ingress_controller_nginx_process_connections{state=\"waiting\"}) by (instance)",
+          "interval": "",
+          "legendFormat": "Waiting ({{instance}})",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(nginx_ingress_controller_nginx_process_connections{state=\"writing\"}) by (instance)",
+          "interval": "",
+          "legendFormat": "Writing ({{instance}})",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(ceil(increase(nginx_ingress_controller_nginx_process_connections_total{state=\"accepted\"}[$__rate_interval]))) by (instance)",
+          "interval": "",
+          "legendFormat": "Accepted ({{instance}})",
+          "refId": "D"
+        },
+        {
+          "expr": "sum(ceil(increase(nginx_ingress_controller_nginx_process_connections_total{state=\"handled\"}[$__rate_interval]))) by (instance)",
+          "interval": "",
+          "legendFormat": "Handled ({{instance}})",
+          "refId": "E"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Ingress Controller Connections",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Kubernetes Components (Nodes)",
+  "uid": "rancher-k8s-components-nodes-1",
+  "version": 5
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/k8s/rancher-k8s-components.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/k8s/rancher-k8s-components.json
new file mode 100644
index 0000000000..44cf97f9fd
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/k8s/rancher-k8s-components.json
@@ -0,0 +1,519 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 31,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(apiserver_request_total[$__rate_interval])) by (code)",
+          "interval": "",
+          "legendFormat": "{{code}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "API Server Request Rate",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 0,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "Load[5m]({{instance}})"
+            },
+            "properties": []
+          }
+        ]
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 3,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"deployment\"}) by (name)",
+          "interval": "",
+          "legendFormat": "Deployment Depth",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"volumes\"}) by (name)",
+          "interval": "",
+          "legendFormat": "Volumes Depth",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"replicaset\"}) by (name)",
+          "interval": "",
+          "legendFormat": "Replicaset Depth",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"service\"}) by (name)",
+          "interval": "",
+          "legendFormat": "Service Depth",
+          "refId": "D"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"serviceaccount\"}) by (name)",
+          "interval": "",
+          "legendFormat": "ServiceAccount Depth",
+          "refId": "E"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"endpoint\"}) by (name)",
+          "interval": "",
+          "legendFormat": "Endpoint Depth",
+          "refId": "F"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"daemonset\"}) by (name)",
+          "interval": "",
+          "legendFormat": "DaemonSet Depth",
+          "refId": "G"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"statefulset\"}) by (name)",
+          "interval": "",
+          "legendFormat": "StatefulSet Depth",
+          "refId": "H"
+        },
+        {
+          "expr": "sum(workqueue_depth{component=\"kube-controller-manager\", name=\"replicationmanager\"}) by (name)",
+          "interval": "",
+          "legendFormat": "ReplicationManager Depth",
+          "refId": "I"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Controller Manager Queue Depth",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(kube_pod_status_scheduled{condition=\"false\"})",
+          "interval": "",
+          "legendFormat": "Failed To Schedule",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Pod Scheduling Status",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 5,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(nginx_ingress_controller_nginx_process_connections{state=\"reading\"})",
+          "interval": "",
+          "legendFormat": "Reading",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(nginx_ingress_controller_nginx_process_connections{state=\"waiting\"})",
+          "interval": "",
+          "legendFormat": "Waiting",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(nginx_ingress_controller_nginx_process_connections{state=\"writing\"})",
+          "interval": "",
+          "legendFormat": "Writing",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(ceil(increase(nginx_ingress_controller_nginx_process_connections_total{state=\"accepted\"}[$__rate_interval])))",
+          "interval": "",
+          "legendFormat": "Accepted",
+          "refId": "D"
+        },
+        {
+          "expr": "sum(ceil(increase(nginx_ingress_controller_nginx_process_connections_total{state=\"handled\"}[$__rate_interval])))",
+          "interval": "",
+          "legendFormat": "Handled",
+          "refId": "E"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Ingress Controller Connections",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Kubernetes Components",
+  "uid": "rancher-k8s-components-1",
+  "version": 5
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/nodes/rancher-node-detail.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/nodes/rancher-node-detail.json
new file mode 100644
index 0000000000..920fb94cf7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/nodes/rancher-node-detail.json
@@ -0,0 +1,805 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 28,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {
+        "{{mode}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "avg(irate({__name__=~\"node_cpu_seconds_total|windows_cpu_time_total\", instance=\"$instance\"}[$__rate_interval])) by (mode)",
+          "interval": "",
+          "legendFormat": "{{mode}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "Load[5m]"
+            },
+            "properties": []
+          }
+        ]
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 3,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(node_load5{instance=~\"$instance\"} OR avg_over_time(windows_system_processor_queue_length{instance=~\"$instance\"}[5m]))",
+          "interval": "",
+          "legendFormat": "Load[5m]",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(node_load1{instance=~\"$instance\"} OR avg_over_time(windows_system_processor_queue_length{instance=~\"$instance\"}[1m]))",
+          "interval": "",
+          "legendFormat": "Load[1m]",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(node_load15{instance=~\"$instance\"} OR avg_over_time(windows_system_processor_queue_length{instance=~\"$instance\"}[15m]))",
+          "interval": "",
+          "legendFormat": "Load[15m]",
+          "refId": "C"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Load Average",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - (node_memory_MemAvailable_bytes{instance=~\"$instance\"} OR windows_os_physical_memory_free_bytes{instance=~\"$instance\"}) / (node_memory_MemTotal_bytes{instance=~\"$instance\"} OR windows_cs_physical_memory_bytes{instance=~\"$instance\"})",
+          "interval": "",
+          "legendFormat": "Total",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{device}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 5,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - (sum(node_filesystem_free_bytes{device!~\"rootfs|HarddiskVolume.+\", instance=~\"$instance\"} OR windows_logical_disk_free_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\", instance=~\"$instance\"}) by (device) / sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\", instance=~\"$instance\"} OR windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\", instance=~\"$instance\"}) by (device))",
+          "interval": "",
+          "legendFormat": "{{device}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{device}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_disk_read_bytes_total{instance=~\"$instance\"}[$__rate_interval]) OR rate(windows_logical_disk_read_bytes_total{instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Read ({{device}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_disk_written_bytes_total{instance=~\"$instance\"}[$__rate_interval]) OR rate(windows_logical_disk_write_bytes_total{instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Write ({{device}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{device}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_network_receive_errs_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) by (device) OR sum(rate(windows_net_packets_received_errors_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Receive Errors ({{device}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_network_receive_packets_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) by (device) OR sum(rate(windows_net_packets_received_total_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Receive Total ({{device}})",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(rate(node_network_transmit_errs_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) by (device) OR sum(rate(windows_net_packets_outbound_errors_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Transmit Errors ({{device}})",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(rate(node_network_receive_drop_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) by (device) OR sum(rate(windows_net_packets_received_discarded_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Receive Dropped ({{device}})",
+          "refId": "D"
+        },
+        {
+          "expr": "sum(rate(node_network_transmit_drop_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) by (device) OR sum(rate(windows_net_packets_outbound_discarded{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Transmit Dropped ({{device}})",
+          "refId": "E"
+        },
+        {
+          "expr": "sum(rate(node_network_transmit_packets_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) by (device) OR sum(rate(windows_net_packets_sent_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Transmit Total ({{device}})",
+          "refId": "F"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "pps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{device}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 14
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_network_transmit_bytes_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval]) OR rate(windows_net_packets_sent_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Transmit Total ({{device}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_network_receive_bytes_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval]) OR rate(windows_net_packets_received_total_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) by (device)",
+          "interval": "",
+          "legendFormat": "Receive Total ({{device}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "instance",
+        "query": "label_values({__name__=~\"node_exporter_build_info|windows_exporter_build_info\"}, instance)",
+        "refresh": 2,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Node (Detail)",
+  "uid": "rancher-node-detail-1",
+  "version": 3
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/nodes/rancher-node.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/nodes/rancher-node.json
new file mode 100644
index 0000000000..367df3cc9d
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/nodes/rancher-node.json
@@ -0,0 +1,792 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 28,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - avg(irate({__name__=~\"node_cpu_seconds_total|windows_cpu_time_total\", instance=\"$instance\", mode=\"idle\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Total",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": [
+          {
+            "matcher": {
+              "id": "byName",
+              "options": "Load[5m]"
+            },
+            "properties": []
+          }
+        ]
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 3,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(node_load5{instance=~\"$instance\"} OR avg_over_time(windows_system_processor_queue_length{instance=~\"$instance\"}[5m]))",
+          "interval": "",
+          "legendFormat": "Load[5m]",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(node_load1{instance=~\"$instance\"} OR avg_over_time(windows_system_processor_queue_length{instance=~\"$instance\"}[1m]))",
+          "interval": "",
+          "legendFormat": "Load[1m]",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(node_load15{instance=~\"$instance\"} OR avg_over_time(windows_system_processor_queue_length{instance=~\"$instance\"}[15m]))",
+          "interval": "",
+          "legendFormat": "Load[15m]",
+          "refId": "C"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Load Average",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - sum(node_memory_MemAvailable_bytes{instance=~\"$instance\"} OR windows_os_physical_memory_free_bytes{instance=~\"$instance\"}) / sum(node_memory_MemTotal_bytes{instance=~\"$instance\"} OR windows_cs_physical_memory_bytes{instance=~\"$instance\"})",
+          "interval": "",
+          "legendFormat": "Total",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 5,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "1 - (sum(node_filesystem_free_bytes{device!~\"rootfs|HarddiskVolume.+\", instance=~\"$instance\"} OR windows_logical_disk_free_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\", instance=~\"$instance\"}) / sum(node_filesystem_size_bytes{device!~\"rootfs|HarddiskVolume.+\", instance=~\"$instance\"} OR windows_logical_disk_size_bytes{volume!~\"(HarddiskVolume.+|[A-Z]:.+)\", instance=~\"$instance\"}))",
+          "interval": "",
+          "legendFormat": "Total",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "percentunit",
+          "label": null,
+          "logBase": 1,
+          "max": "1",
+          "min": "0",
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_disk_read_bytes_total{instance=~\"$instance\"}[$__rate_interval]) OR rate(windows_logical_disk_read_bytes_total{instance=~\"$instance\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Read",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_disk_written_bytes_total{instance=~\"$instance\"}[$__rate_interval]) OR rate(windows_logical_disk_write_bytes_total{instance=~\"$instance\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Write",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "(sum(rate(node_network_receive_errs_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_received_errors_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Receive Errors",
+          "refId": "A"
+        },
+        {
+          "expr": "(sum(rate(node_network_receive_packets_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_received_total_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Receive Total",
+          "refId": "B"
+        },
+        {
+          "expr": "(sum(rate(node_network_transmit_errs_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_outbound_errors_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Transmit Errors",
+          "refId": "C"
+        },
+        {
+          "expr": "(sum(rate(node_network_receive_drop_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_received_discarded_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Receive Dropped",
+          "refId": "D"
+        },
+        {
+          "expr": "(sum(rate(node_network_transmit_drop_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_outbound_discarded{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Transmit Dropped",
+          "refId": "E"
+        },
+        {
+          "expr": "(sum(rate(node_network_transmit_packets_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0)) + (sum(rate(windows_net_packets_sent_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval])) OR on() vector(0))",
+          "interval": "",
+          "legendFormat": "Transmit Total",
+          "refId": "F"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "pps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 14
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(node_network_transmit_bytes_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval]) OR rate(windows_net_packets_sent_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Transmit Total",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(node_network_receive_bytes_total{device!~\"lo|veth.*|docker.*|flannel.*|cali.*|cbr.*\", instance=~\"$instance\"}[$__rate_interval]) OR rate(windows_net_packets_received_total_total{nic!~'.*isatap.*|.*VPN.*|.*Pseudo.*|.*tunneling.*', instance=~\"$instance\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Receive Total",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "instance",
+        "query": "label_values({__name__=~\"node_exporter_build_info|windows_exporter_build_info\"}, instance)",
+        "refresh": 2,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Node",
+  "uid": "rancher-node-1",
+  "version": 3
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/performance/performance-debugging.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/performance/performance-debugging.json
new file mode 100644
index 0000000000..454bc39390
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/performance/performance-debugging.json
@@ -0,0 +1,1652 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": {
+          "type": "datasource",
+          "uid": "grafana"
+        },
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "target": {
+          "limit": 100,
+          "matchAny": false,
+          "tags": [],
+          "type": "dashboard"
+        },
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "fiscalYearStartMonth": 0,
+  "graphTooltip": 0,
+  "links": [],
+  "liveNow": false,
+  "panels": [
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 22,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": true,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (handler_name) (rate(lasso_controller_reconcile_time_seconds_sum[5m]))\n/\nsum by (handler_name) (rate(lasso_controller_reconcile_time_seconds_count[5m])))",
+          "interval": "",
+          "legendFormat": "{{handler_name}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Handler Average Execution Times Over Last 5 Minutes (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:1390",
+          "format": "short",
+          "label": "Execution Time in Seconds",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:1391",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "description": "",
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 8
+      },
+      "hiddenSeries": false,
+      "id": 28,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (resource, method, code) (rate(steve_api_request_time_sum{resource!=\"subscribe\"}[5m]))\n/\nsum by (resource, method, code) (rate(steve_api_request_time_count{resource!=\"subscribe\"}[5m])))",
+          "interval": "",
+          "legendFormat": "{{resource}} {{method}} {{code}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Rancher API Average Request Times Over Last 5 Minutes (Top 20) (Subscribes Omitted)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:178",
+          "format": "ms",
+          "label": "",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:179",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 16
+      },
+      "hiddenSeries": false,
+      "id": 30,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "rate(steve_api_request_time_sum{resource=\"subscribe\"}[5m])\n/\nrate(steve_api_request_time_count{resource=\"subscribe\"}[5m])",
+          "interval": "",
+          "legendFormat": "{{resource}} {{method}} {{code}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Subscribe Average Request Times Over Last 5 Minutes",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:368",
+          "format": "ms",
+          "label": "",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:369",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 24
+      },
+      "hiddenSeries": false,
+      "id": 14,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,workqueue_depth)",
+          "interval": "",
+          "legendFormat": "{{name}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Lasso Controller Work Queue Depth (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:1553",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:1554",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 13,
+        "w": 16,
+        "x": 0,
+        "y": 32
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "alignAsTable": false,
+        "avg": false,
+        "current": false,
+        "hideEmpty": false,
+        "hideZero": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (id, resource, method, code) (steve_api_total_requests))",
+          "instant": false,
+          "interval": "",
+          "legendFormat": "{{id}} {{resource}} {{method}} {{code}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Number of Rancher Requests (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:290",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:291",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 9,
+        "w": 16,
+        "x": 0,
+        "y": 45
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (id, resource, method) (steve_api_total_requests{code!=\"200\",code!=\"201\"}))",
+          "interval": "",
+          "legendFormat": "{{id}} {{resource}} {{method}} {{code}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Number of Failed Rancher API Requests (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:428",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:429",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 54
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "alignAsTable": false,
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (resource, method, code) (rate(k8s_proxy_store_request_time_sum[5m]))\n/\nsum by (resource, method, code) (rate(k8s_proxy_store_request_time_count[5m])))",
+          "interval": "",
+          "legendFormat": "{{resource}} {{method}} {{code}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "K8s Proxy Store Average Request Times Over Last 5 Minutes (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:662",
+          "format": "ms",
+          "label": "",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:663",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 62
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": true,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (resource, method, code) (rate(k8s_proxy_client_request_time_sum[5m]))\n/\nsum by (resource, method, code) (rate(k8s_proxy_client_request_time_count[5m])))",
+          "interval": "",
+          "legendFormat": "{{resource}} {{method}} {{code}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "K8s Proxy Client Average Request Times Over Last 5 Minutes (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:1710",
+          "format": "ms",
+          "label": "",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:1711",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 70
+      },
+      "hiddenSeries": false,
+      "id": 10,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,lasso_controller_total_cached_object)",
+          "interval": "",
+          "legendFormat": "{{kind}} {{version}} {{group}} {{pod}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Cached Objects by GroupVersionKind (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:744",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:745",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "description": "",
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 78
+      },
+      "hiddenSeries": false,
+      "id": 12,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (handler_name) (\nlasso_controller_total_handler_execution\n))",
+          "interval": "",
+          "legendFormat": "{{handler_name}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Lasso Handler Executions (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:824",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:825",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 86
+      },
+      "hiddenSeries": false,
+      "id": 32,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20, sum by (handler_name,controller_name) (\nincrease(lasso_controller_total_handler_execution[2m])\n))",
+          "interval": "",
+          "legendFormat": "{{controller_name}}.{{handler_name}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Handler Executions Over Last 2 Minutes (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 94
+      },
+      "hiddenSeries": false,
+      "id": 20,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (handler_name) (\nlasso_controller_total_handler_execution{has_error=\"true\"}\n))",
+          "interval": "",
+          "legendFormat": "{{handler_name}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Total Handler Executions with Error (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:1230",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:1231",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 102
+      },
+      "hiddenSeries": false,
+      "id": 34,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,sum by (handler_name,controller_name) (\nincrease(lasso_controller_total_handler_execution{has_error=\"true\"}[2m])\n))",
+          "interval": "",
+          "legendFormat": "{{controller_name}}.{{handler_name}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Handler Executions Over Last 2 Minutes (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 110
+      },
+      "hiddenSeries": false,
+      "id": 16,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "topk(20,session_server_total_transmit_bytes)",
+          "interval": "",
+          "legendFormat": "{{clientkey}} {{pod}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Data Transmitted by Remote Dialer Sessions (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:1953",
+          "format": "decbytes",
+          "label": "",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:1954",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "uid": "$datasource"
+      },
+      "description": "",
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 118
+      },
+      "hiddenSeries": false,
+      "id": 18,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "exemplar": true,
+          "expr": "session_server_total_transmit_error_bytes",
+          "interval": "",
+          "legendFormat": "{{clientkey}} {{pod}}",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Errors for Remote Dialer Sessions (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:2045",
+          "format": "ms",
+          "label": "Error Data",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:2046",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 126
+      },
+      "hiddenSeries": false,
+      "id": 26,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "editorMode": "code",
+          "exemplar": true,
+          "expr": "session_server_total_add_websocket_session - (session_server_total_remove_websocket_session or (0 * session_server_total_add_websocket_session))",
+          "interval": "",
+          "legendFormat": "{{clientkey}} {{pod}}",
+          "range": true,
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Remote Dialer Active Connections (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:2199",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:2200",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 134
+      },
+      "hiddenSeries": false,
+      "id": 35,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "editorMode": "code",
+          "exemplar": true,
+          "expr": "rate(session_server_total_remove_connections[$__rate_interval])",
+          "interval": "",
+          "legendFormat": "{{clientkey}} {{pod}}",
+          "range": true,
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Remote Dialer Removed Connections Rate (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:2199",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:2200",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    },
+    {
+      "aliasColors": {},
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": {
+        "type": "prometheus",
+        "uid": "$datasource"
+      },
+      "fill": 1,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 8,
+        "w": 16,
+        "x": 0,
+        "y": 142
+      },
+      "hiddenSeries": false,
+      "id": 24,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "rightSide": true,
+        "show": true,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "options": {
+        "alertThreshold": true
+      },
+      "percentage": false,
+      "pluginVersion": "9.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "datasource": {
+            "uid": "$datasource"
+          },
+          "editorMode": "code",
+          "exemplar": true,
+          "expr": "rate(session_server_total_add_connections[$__rate_interval])",
+          "interval": "",
+          "legendFormat": "{{clientkey}} {{pod}}",
+          "range": true,
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeRegions": [],
+      "title": "Remote Dialer Added Connections Rate (Top 20)",
+      "tooltip": {
+        "shared": true,
+        "sort": 2,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "mode": "time",
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "$$hashKey": "object:2117",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        },
+        {
+          "$$hashKey": "object:2118",
+          "format": "short",
+          "logBase": 1,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false
+      }
+    }
+  ],
+  "schemaVersion": 37,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "selected": false,
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "includeAll": false,
+        "label": "Data Source",
+        "multi": false,
+        "name": "datasource",
+        "options": [],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "skipUrlSync": false,
+        "type": "datasource"
+      }
+    ]
+  },
+  "time": {
+    "from": "now-15m",
+    "to": "now"
+  },
+  "timepicker": {},
+  "timezone": "",
+  "title": "Rancher Performance Debugging",
+  "uid": "tfrfU0a7k",
+  "version": 1,
+  "weekStart": ""
+}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/pods/rancher-pod-containers.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/pods/rancher-pod-containers.json
new file mode 100644
index 0000000000..cf78a2204c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/pods/rancher-pod-containers.json
@@ -0,0 +1,636 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 28,
+  "iteration": 1618265214337,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {
+        "{{container}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(container_cpu_cfs_throttled_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\", container!=\"\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "CFS throttled ({{container}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(container_cpu_system_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) by (container) OR sum(rate(windows_container_cpu_usage_seconds_kernelmode{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "System ({{container}})",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(rate(container_cpu_usage_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) by (container) OR sum(rate(windows_container_cpu_usage_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Total ({{container}})",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(rate(container_cpu_user_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) by (container) OR sum(rate(windows_container_cpu_usage_seconds_usermode{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "User ({{container}})",
+          "refId": "D"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "cpu",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{container}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(container_memory_working_set_bytes{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\", container!=\"\"} OR windows_container_memory_usage_commit_bytes{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\", container!=\"\"}) by (container)",
+          "interval": "",
+          "legendFormat": "({{container}})",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "bytes",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{container}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(irate(container_network_receive_packets_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container) OR sum(irate(windows_container_network_receive_packets_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Receive Total ({{container}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(irate(container_network_transmit_packets_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container) OR sum(irate(windows_container_network_transmit_packets_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Transmit Total ({{container}})",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(irate(container_network_receive_packets_dropped_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container) OR sum(irate(windows_container_network_receive_packets_dropped_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Receive Dropped ({{container}})",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(irate(container_network_receive_errors_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Receive Errors ({{container}})",
+          "refId": "D"
+        },
+        {
+          "expr": "sum(irate(container_network_transmit_errors_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Transmit Errors ({{container}})",
+          "refId": "E"
+        },
+        {
+          "expr": "sum(irate(container_network_transmit_packets_dropped_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container) OR sum(irate(windows_container_network_transmit_packets_dropped_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Transmit Dropped ({{container}})",
+          "refId": "F"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "pps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{container}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(irate(container_network_receive_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container) OR sum(irate(windows_container_network_receive_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Receive Total ({{container}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(irate(container_network_transmit_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container) OR sum(irate(windows_container_network_transmit_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Transmit Total ({{container}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{container}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(container_fs_writes_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Write ({{container}})",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(container_fs_reads_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) by (container)",
+          "interval": "",
+          "legendFormat": "Read ({{container}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "refresh": false,
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "namespace",
+        "query": "label_values(kube_pod_info{}, namespace)",
+        "refresh": 2,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "pod",
+        "query": "label_values(kube_pod_info{namespace=\"$namespace\"}, pod)",
+        "refresh": 2,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Pod (Containers)",
+  "uid": "rancher-pod-containers-1",
+  "version": 8
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/pods/rancher-pod.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/pods/rancher-pod.json
new file mode 100644
index 0000000000..4859eccc74
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/pods/rancher-pod.json
@@ -0,0 +1,636 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 28,
+  "iteration": 1618265214337,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {
+        "": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(container_cpu_cfs_throttled_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\", container!=\"\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "CFS throttled",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(container_cpu_system_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) OR sum(rate(windows_container_cpu_usage_seconds_kernelmode{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "System",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(rate(container_cpu_usage_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) OR sum(rate(windows_container_cpu_usage_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Total",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(rate(container_cpu_user_seconds_total{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval])) OR sum(rate(windows_container_cpu_usage_seconds_usermode{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "User",
+          "refId": "D"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "cpu",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(container_memory_working_set_bytes{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\", container!=\"\"} OR windows_container_memory_usage_commit_bytes{container!=\"POD\",namespace=~\"$namespace\",pod=~\"$pod\", container!=\"\"})",
+          "interval": "",
+          "legendFormat": "Total",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "bytes",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(irate(container_network_receive_packets_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) OR sum(irate(windows_container_network_receive_packets_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Receive Total",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(irate(container_network_transmit_packets_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) OR sum(irate(windows_container_network_transmit_packets_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Transmit Total",
+          "refId": "B"
+        },
+        {
+          "expr": "sum(irate(container_network_receive_packets_dropped_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) OR sum(irate(windows_container_network_receive_packets_dropped_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Receive Dropped",
+          "refId": "C"
+        },
+        {
+          "expr": "sum(irate(container_network_receive_errors_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Receive Errors",
+          "refId": "D"
+        },
+        {
+          "expr": "sum(irate(container_network_transmit_errors_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Transmit Errors",
+          "refId": "E"
+        },
+        {
+          "expr": "sum(irate(container_network_transmit_packets_dropped_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) OR sum(irate(windows_container_network_transmit_packets_dropped_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Transmit Dropped",
+          "refId": "F"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "pps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(irate(container_network_receive_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) OR sum(irate(windows_container_network_receive_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Receive Total",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(irate(container_network_transmit_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval])) OR sum(irate(windows_container_network_transmit_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Transmit Total",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum(rate(container_fs_writes_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Write",
+          "refId": "A"
+        },
+        {
+          "expr": "sum(rate(container_fs_reads_bytes_total{namespace=~\"$namespace\",pod=~\"$pod\",container!=\"\"}[$__rate_interval]))",
+          "interval": "",
+          "legendFormat": "Read",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "refresh": false,
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "namespace",
+        "query": "label_values(kube_pod_info{}, namespace)",
+        "refresh": 2,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "pod",
+        "query": "label_values(kube_pod_info{namespace=\"$namespace\"}, pod)",
+        "refresh": 2,
+        "regex": "",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Pod",
+  "uid": "rancher-pod-1",
+  "version": 8
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/workloads/rancher-workload-pods.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/workloads/rancher-workload-pods.json
new file mode 100644
index 0000000000..92c0d24a6e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/workloads/rancher-workload-pods.json
@@ -0,0 +1,652 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 28,
+  "iteration": 1618265214337,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "(sum(rate(container_cpu_cfs_throttled_seconds_total{namespace=~\"$namespace\",container=\"\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "CFS throttled ({{pod}})",
+          "refId": "A"
+        },
+        {
+          "expr": "(sum(rate(container_cpu_system_seconds_total{namespace=~\"$namespace\",container=\"\"}[$__rate_interval])) by (pod) OR sum(rate(windows_container_cpu_usage_seconds_kernelmode{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "System ({{pod}})",
+          "refId": "B"
+        },
+        {
+          "expr": "(sum(rate(container_cpu_usage_seconds_total{namespace=~\"$namespace\",container=\"\"}[$__rate_interval])) by (pod) OR sum(rate(windows_container_cpu_usage_seconds_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Total ({{pod}})",
+          "refId": "C"
+        },
+        {
+          "expr": "(sum(rate(container_cpu_user_seconds_total{namespace=~\"$namespace\",container=\"\"}[$__rate_interval])) by (pod) OR sum(rate(windows_container_cpu_usage_seconds_usermode{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "User ({{pod}})",
+          "refId": "D"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "cpu",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "(sum(container_memory_working_set_bytes{namespace=~\"$namespace\",container=\"\"} OR windows_container_memory_usage_commit_bytes{namespace=~\"$namespace\"}) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "({{pod}})",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "bytes",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "(sum(irate(container_network_receive_packets_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_receive_packets_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Receive Total ({{pod}})",
+          "refId": "A"
+        },
+        {
+          "expr": "(sum(irate(container_network_transmit_packets_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_transmit_packets_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Transmit Total ({{pod}})",
+          "refId": "B"
+        },
+        {
+          "expr": "(sum(irate(container_network_receive_packets_dropped_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_receive_packets_dropped_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Receive Dropped ({{pod}})",
+          "refId": "C"
+        },
+        {
+          "expr": "(sum(irate(container_network_receive_errors_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Receive Errors ({{pod}})",
+          "refId": "D"
+        },
+        {
+          "expr": "(sum(irate(container_network_transmit_errors_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Transmit Errors ({{pod}})",
+          "refId": "E"
+        },
+        {
+          "expr": "(sum(irate(container_network_transmit_packets_dropped_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_transmit_packets_dropped_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Transmit Dropped ({{pod}})",
+          "refId": "F"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "pps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "(sum(irate(container_network_receive_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_receive_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Receive Total ({{pod}})",
+          "refId": "A"
+        },
+        {
+          "expr": "(sum(irate(container_network_transmit_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_transmit_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Transmit Total ({{pod}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "(sum(rate(container_fs_writes_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Write ({{pod}})",
+          "refId": "A"
+        },
+        {
+          "expr": "(sum(rate(container_fs_reads_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"}",
+          "interval": "",
+          "legendFormat": "Read ({{pod}})",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "refresh": false,
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "namespace",
+        "query": "query_result(kube_pod_info{namespace!=\"\"} * on(pod) group_right(namespace, created_by_kind, created_by_name) count({__name__=~\"container_.*|windows_container_.*\", pod!=\"\"}) by (pod))",
+        "refresh": 2,
+        "regex": "/.*namespace=\"([^\"]*)\"/",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "kind",
+        "query": "query_result(kube_pod_info{namespace=\"$namespace\", created_by_kind!=\"\"} * on(pod) group_right(namespace, created_by_kind, created_by_name) count({__name__=~\"container_.*|windows_container_.*\", pod!=\"\"}) by (pod))",
+        "refresh": 2,
+        "regex": "/.*created_by_kind=\"([^\"]*)\"/",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "workload",
+        "query": "query_result(kube_pod_info{namespace=\"$namespace\", created_by_kind=\"$kind\", created_by_name!=\"\"} * on(pod) group_right(namespace, created_by_kind, created_by_name) count({__name__=~\"container_.*|windows_container_.*\", pod!=\"\"}) by (pod))",
+        "refresh": 2,
+        "regex": "/.*created_by_name=\"([^\"]*)\"/",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Workload (Pods)",
+  "uid": "rancher-workload-pods-1",
+  "version": 8
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/workloads/rancher-workload.json b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/workloads/rancher-workload.json
new file mode 100644
index 0000000000..9f5317c2f0
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/rancher/workloads/rancher-workload.json
@@ -0,0 +1,652 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": "-- Grafana --",
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "gnetId": null,
+  "graphTooltip": 0,
+  "id": 28,
+  "iteration": 1618265214337,
+  "links": [],
+  "panels": [
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 2,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum((sum(rate(container_cpu_cfs_throttled_seconds_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "CFS throttled",
+          "refId": "A"
+        },
+        {
+          "expr": "sum((sum(rate(container_cpu_system_seconds_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(rate(windows_container_cpu_usage_seconds_kernelmode{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "System",
+          "refId": "B"
+        },
+        {
+          "expr": "sum((sum(rate(container_cpu_usage_seconds_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(rate(windows_container_cpu_usage_seconds_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Total",
+          "refId": "C"
+        },
+        {
+          "expr": "sum((sum(rate(container_cpu_user_seconds_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(rate(windows_container_cpu_usage_seconds_usermode{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "User",
+          "refId": "D"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "CPU Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": null,
+          "format": "cpu",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 4,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum((sum(container_memory_working_set_bytes{namespace=~\"$namespace\"} OR windows_container_memory_usage_commit_bytes{namespace=~\"$namespace\"}) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Total",
+          "refId": "A"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Memory Utilization",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "bytes",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 16,
+        "y": 0
+      },
+      "hiddenSeries": false,
+      "id": 7,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum((sum(irate(container_network_receive_packets_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_receive_packets_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Receive Total",
+          "refId": "A"
+        },
+        {
+          "expr": "sum((sum(irate(container_network_transmit_packets_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_transmit_packets_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Transmit Total",
+          "refId": "B"
+        },
+        {
+          "expr": "sum((sum(irate(container_network_receive_packets_dropped_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_receive_packets_dropped_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Receive Dropped",
+          "refId": "C"
+        },
+        {
+          "expr": "sum((sum(irate(container_network_receive_errors_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Receive Errors",
+          "refId": "D"
+        },
+        {
+          "expr": "sum((sum(irate(container_network_transmit_errors_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Transmit Errors",
+          "refId": "E"
+        },
+        {
+          "expr": "sum((sum(irate(container_network_transmit_packets_dropped_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_transmit_packets_dropped_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Transmit Dropped",
+          "refId": "F"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network Traffic",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "pps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 0,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 8,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum((sum(irate(container_network_receive_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_receive_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Receive Total",
+          "refId": "A"
+        },
+        {
+          "expr": "sum((sum(irate(container_network_transmit_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod) OR sum(irate(windows_container_network_transmit_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Transmit Total",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Network I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    },
+    {
+      "aliasColors": {
+        "{{pod}}": "#3797d5"
+      },
+      "bars": false,
+      "dashLength": 10,
+      "dashes": false,
+      "datasource": "$datasource",
+      "fieldConfig": {
+        "defaults": {
+          "custom": {}
+        },
+        "overrides": []
+      },
+      "fill": 0,
+      "fillGradient": 0,
+      "gridPos": {
+        "h": 7,
+        "w": 8,
+        "x": 8,
+        "y": 7
+      },
+      "hiddenSeries": false,
+      "id": 6,
+      "legend": {
+        "avg": false,
+        "current": false,
+        "max": false,
+        "min": false,
+        "show": false,
+        "total": false,
+        "values": false
+      },
+      "lines": true,
+      "linewidth": 1,
+      "nullPointMode": "null",
+      "percentage": false,
+      "pluginVersion": "7.1.5",
+      "pointradius": 2,
+      "points": false,
+      "renderer": "flot",
+      "seriesOverrides": [],
+      "spaceLength": 10,
+      "stack": false,
+      "steppedLine": false,
+      "targets": [
+        {
+          "expr": "sum((sum(rate(container_fs_writes_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Write",
+          "refId": "A"
+        },
+        {
+          "expr": "sum((sum(rate(container_fs_reads_bytes_total{namespace=~\"$namespace\"}[$__rate_interval])) by (pod)) * on(pod) kube_pod_info{namespace=~\"$namespace\", created_by_kind=\"$kind\", created_by_name=\"$workload\"})",
+          "interval": "",
+          "legendFormat": "Read",
+          "refId": "B"
+        }
+      ],
+      "thresholds": [],
+      "timeFrom": null,
+      "timeRegions": [],
+      "timeShift": null,
+      "title": "Disk I/O",
+      "tooltip": {
+        "shared": true,
+        "sort": 0,
+        "value_type": "individual"
+      },
+      "type": "graph",
+      "xaxis": {
+        "buckets": null,
+        "mode": "time",
+        "name": null,
+        "show": true,
+        "values": []
+      },
+      "yaxes": [
+        {
+          "decimals": 1,
+          "format": "Bps",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        },
+        {
+          "format": "short",
+          "label": null,
+          "logBase": 1,
+          "max": null,
+          "min": null,
+          "show": true
+        }
+      ],
+      "yaxis": {
+        "align": false,
+        "alignLevel": null
+      }
+    }
+  ],
+  "refresh": false,
+  "schemaVersion": 26,
+  "style": "dark",
+  "tags": [],
+  "templating": {
+    "list": [
+      {
+        "current": {
+          "text": "Prometheus",
+          "value": "Prometheus"
+        },
+        "hide": 0,
+        "label": "Data Source",
+        "name": "datasource",
+        "options": [
+
+        ],
+        "query": "prometheus",
+        "refresh": 1,
+        "regex": "",
+        "type": "datasource"
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "namespace",
+        "query": "query_result(kube_pod_info{namespace!=\"\"} * on(pod) group_right(namespace, created_by_kind, created_by_name) count({__name__=~\"container_.*|windows_container_.*\", pod!=\"\"}) by (pod))",
+        "refresh": 2,
+        "regex": "/.*namespace=\"([^\"]*)\"/",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "kind",
+        "query": "query_result(kube_pod_info{namespace=\"$namespace\", created_by_kind!=\"\"} * on(pod) group_right(namespace, created_by_kind, created_by_name) count({__name__=~\"container_.*|windows_container_.*\", pod!=\"\"}) by (pod))",
+        "refresh": 2,
+        "regex": "/.*created_by_kind=\"([^\"]*)\"/",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      },
+      {
+        "allValue": null,
+        "hide": 0,
+        "includeAll": false,
+        "label": null,
+        "multi": false,
+        "name": "workload",
+        "query": "query_result(kube_pod_info{namespace=\"$namespace\", created_by_kind=\"$kind\", created_by_name!=\"\"} * on(pod) group_right(namespace, created_by_kind, created_by_name) count({__name__=~\"container_.*|windows_container_.*\", pod!=\"\"}) by (pod))",
+        "refresh": 2,
+        "regex": "/.*created_by_name=\"([^\"]*)\"/",
+        "sort": 0,
+        "tagValuesQuery": "",
+        "tagsQuery": "",
+        "type": "query",
+        "useTags": false
+      }
+    ]
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {
+    "refresh_intervals": [
+      "5s",
+      "10s",
+      "30s",
+      "1m",
+      "5m",
+      "15m",
+      "30m",
+      "1h",
+      "2h",
+      "1d"
+    ]
+  },
+  "timezone": "",
+  "title": "Rancher / Workload",
+  "uid": "rancher-workload-1",
+  "version": 8
+}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/files/upgrade/scripts/delete-workloads-with-old-labels.sh b/charts/rancher-monitoring/103.2.2+up57.0.3/files/upgrade/scripts/delete-workloads-with-old-labels.sh
new file mode 100644
index 0000000000..89431e7132
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/files/upgrade/scripts/delete-workloads-with-old-labels.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+set -e
+set -x
+
+# node-exporter
+kubectl delete daemonset -l app=prometheus-node-exporter,release=rancher-monitoring --ignore-not-found=true
+
+# prometheus-adapter
+kubectl delete deployments -l app=prometheus-adapter,release=rancher-monitoring --ignore-not-found=true
+
+# kube-state-metrics
+kubectl delete deployments -l app.kubernetes.io/instance=rancher-monitoring,app.kubernetes.io/name=kube-state-metrics --cascade=orphan --ignore-not-found=true
+kubectl delete statefulsets -l app.kubernetes.io/instance=rancher-monitoring,app.kubernetes.io/name=kube-state-metrics --cascade=orphan --ignore-not-found=true
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/NOTES.txt b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/NOTES.txt
new file mode 100644
index 0000000000..371f3ae398
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/NOTES.txt
@@ -0,0 +1,4 @@
+{{ $.Chart.Name }} has been installed. Check its status by running:
+  kubectl --namespace {{ template "kube-prometheus-stack.namespace" . }} get pods -l "release={{ $.Release.Name }}"
+
+Visit https://github.com/prometheus-operator/kube-prometheus for instructions on how to create & configure Alertmanager and Prometheus instances using the Operator.
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/_helpers.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/_helpers.tpl
new file mode 100644
index 0000000000..2827e81196
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/_helpers.tpl
@@ -0,0 +1,467 @@
+# Rancher
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "monitoring_registry" -}}
+  {{- $temp_registry := (include "system_default_registry" .) -}}
+  {{- if $temp_registry -}}
+    {{- trimSuffix "/" $temp_registry -}}
+  {{- else -}}
+    {{- .Values.global.imageRegistry -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+https://github.com/helm/helm/issues/4535#issuecomment-477778391
+Usage: {{ include "call-nested" (list . "SUBCHART_NAME" "TEMPLATE") }}
+e.g. {{ include "call-nested" (list . "grafana" "grafana.fullname") }}
+*/}}
+{{- define "call-nested" }}
+{{- $dot := index . 0 }}
+{{- $subchart := index . 1 | splitList "." }}
+{{- $template := index . 2 }}
+{{- $values := $dot.Values }}
+{{- range $subchart }}
+{{- $values = index $values . }}
+{{- end }}
+{{- include $template (dict "Chart" (dict "Name" (last $subchart)) "Values" $values "Release" $dot.Release "Capabilities" $dot.Capabilities) }}
+{{- end }}
+
+# Special Exporters
+{{- define "exporter.kubeEtcd.enabled" -}}
+{{- if or .Values.kubeEtcd.enabled .Values.rkeEtcd.enabled .Values.kubeAdmEtcd.enabled .Values.rke2Etcd.enabled -}}
+"true"
+{{- end -}}
+{{- end }}
+
+{{- define "exporter.kubeControllerManager.enabled" -}}
+{{- if or .Values.kubeControllerManager.enabled .Values.rkeControllerManager.enabled .Values.k3sServer.enabled .Values.kubeAdmControllerManager.enabled .Values.rke2ControllerManager.enabled -}}
+"true"
+{{- end -}}
+{{- end }}
+
+{{- define "exporter.kubeScheduler.enabled" -}}
+{{- if or .Values.kubeScheduler.enabled .Values.rkeScheduler.enabled .Values.k3sServer.enabled .Values.kubeAdmScheduler.enabled .Values.rke2Scheduler.enabled -}}
+"true"
+{{- end -}}
+{{- end }}
+
+{{- define "exporter.kubeProxy.enabled" -}}
+{{- if or .Values.kubeProxy.enabled .Values.rkeProxy.enabled .Values.k3sServer.enabled .Values.kubeAdmProxy.enabled .Values.rke2Proxy.enabled -}}
+"true"
+{{- end -}}
+{{- end }}
+
+{{- define "exporter.kubelet.enabled" -}}
+{{- if or .Values.kubelet.enabled .Values.hardenedKubelet.enabled .Values.k3sServer.enabled -}}
+"true"
+{{- end -}}
+{{- end }}
+
+{{- define "exporter.kubeControllerManager.jobName" -}}
+{{- if .Values.k3sServer.enabled -}}
+k3s-server
+{{- else -}}
+kube-controller-manager
+{{- end -}}
+{{- end }}
+
+{{- define "exporter.kubeScheduler.jobName" -}}
+{{- if .Values.k3sServer.enabled -}}
+k3s-server
+{{- else -}}
+kube-scheduler
+{{- end -}}
+{{- end }}
+
+{{- define "exporter.kubeProxy.jobName" -}}
+{{- if .Values.k3sServer.enabled -}}
+k3s-server
+{{- else -}}
+kube-proxy
+{{- end -}}
+{{- end }}
+
+{{- define "exporter.kubelet.jobName" -}}
+{{- if .Values.k3sServer.enabled -}}
+k3s-server
+{{- else -}}
+kubelet
+{{- end -}}
+{{- end }}
+
+{{- define "kubelet.serviceMonitor.resourcePath" -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if not (eq .Values.kubelet.serviceMonitor.resourcePath "/metrics/resource/v1alpha1") -}}
+{{ .Values.kubelet.serviceMonitor.resourcePath }}
+{{- else if semverCompare ">=1.20.0-0" $kubeTargetVersion -}}
+/metrics/resource
+{{- else -}}
+/metrics/resource/v1alpha1
+{{- end -}}
+{{- end }}
+
+{{- define "rancher.serviceMonitor.selector" -}}
+{{- if .Values.rancherMonitoring.selector }}
+{{ .Values.rancherMonitoring.selector | toYaml }}
+{{- else }}
+{{- $rancherDeployment := (lookup "apps/v1" "Deployment" "cattle-system" "rancher") }}
+{{- if $rancherDeployment }}
+matchLabels:
+  app: rancher
+  chart: {{ index $rancherDeployment.metadata.labels "chart" }}
+  release: rancher
+{{- end }}
+{{- end }}
+{{- end }}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+# Prometheus Operator
+
+{{/* vim: set filetype=mustache: */}}
+{{/* Expand the name of the chart. This is suffixed with -alertmanager, which means subtract 13 from longest 63 available */}}
+{{- define "kube-prometheus-stack.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 50 | trimSuffix "-" -}}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+The components in this chart create additional resources that expand the longest created name strings.
+The longest name that gets created adds and extra 37 characters, so truncation should be 63-35=26.
+*/}}
+{{- define "kube-prometheus-stack.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 26 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 26 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 26 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/* Fullname suffixed with -operator */}}
+{{/* Adding 9 to 26 truncation of kube-prometheus-stack.fullname */}}
+{{- define "kube-prometheus-stack.operator.fullname" -}}
+{{- if .Values.prometheusOperator.fullnameOverride -}}
+{{- .Values.prometheusOperator.fullnameOverride | trunc 35 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-operator" (include "kube-prometheus-stack.fullname" .) -}}
+{{- end }}
+{{- end }}
+
+{{/* Prometheus custom resource instance name */}}
+{{- define "kube-prometheus-stack.prometheus.crname" -}}
+{{- if .Values.cleanPrometheusOperatorObjectNames }}
+{{- include "kube-prometheus-stack.fullname" . }}
+{{- else }}
+{{- print (include "kube-prometheus-stack.fullname" .) "-prometheus" }}
+{{- end }}
+{{- end }}
+
+{{/* Prometheus apiVersion for networkpolicy */}}
+{{- define "kube-prometheus-stack.prometheus.networkPolicy.apiVersion" -}}
+{{- print "networking.k8s.io/v1" -}}
+{{- end }}
+
+{{/* Alertmanager custom resource instance name */}}
+{{- define "kube-prometheus-stack.alertmanager.crname" -}}
+{{- if .Values.cleanPrometheusOperatorObjectNames }}
+{{- include "kube-prometheus-stack.fullname" . }}
+{{- else }}
+{{- print (include "kube-prometheus-stack.fullname" .) "-alertmanager" -}}
+{{- end }}
+{{- end }}
+
+{{/* Fullname suffixed with thanos-ruler */}}
+{{- define "kube-prometheus-stack.thanosRuler.fullname" -}}
+{{- printf "%s-thanos-ruler" (include "kube-prometheus-stack.fullname" .) -}}
+{{- end }}
+
+{{/* Shortened name suffixed with thanos-ruler */}}
+{{- define "kube-prometheus-stack.thanosRuler.name" -}}
+{{- default (printf "%s-thanos-ruler" (include "kube-prometheus-stack.name" .)) .Values.thanosRuler.name -}}
+{{- end }}
+
+
+{{/* Create chart name and version as used by the chart label. */}}
+{{- define "kube-prometheus-stack.chartref" -}}
+{{- replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name -}}
+{{- end }}
+
+{{/* Generate basic labels */}}
+{{- define "kube-prometheus-stack.labels" }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/version: "{{ replace "+" "_" .Chart.Version }}"
+app.kubernetes.io/part-of: {{ template "kube-prometheus-stack.name" . }}
+chart: {{ template "kube-prometheus-stack.chartref" . }}
+release: {{ $.Release.Name | quote }}
+heritage: {{ $.Release.Service | quote }}
+{{- if .Values.commonLabels}}
+{{ toYaml .Values.commonLabels }}
+{{- end }}
+{{- end }}
+
+{{/* Create the name of kube-prometheus-stack service account to use */}}
+{{- define "kube-prometheus-stack.operator.serviceAccountName" -}}
+{{- if .Values.prometheusOperator.serviceAccount.create -}}
+    {{ default (include "kube-prometheus-stack.operator.fullname" .) .Values.prometheusOperator.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.prometheusOperator.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/* Create the name of kube-prometheus-stack service account to use */}}
+{{- define "kube-prometheus-stack.operator.admissionWebhooks.serviceAccountName" -}}
+{{- if .Values.prometheusOperator.serviceAccount.create -}}
+    {{ default (printf "%s-webhook" (include "kube-prometheus-stack.operator.fullname" .)) .Values.prometheusOperator.admissionWebhooks.deployment.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.prometheusOperator.admissionWebhooks.deployment.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/* Create the name of prometheus service account to use */}}
+{{- define "kube-prometheus-stack.prometheus.serviceAccountName" -}}
+{{- if .Values.prometheus.serviceAccount.create -}}
+    {{ default (print (include "kube-prometheus-stack.fullname" .) "-prometheus") .Values.prometheus.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.prometheus.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/* Create the name of alertmanager service account to use */}}
+{{- define "kube-prometheus-stack.alertmanager.serviceAccountName" -}}
+{{- if .Values.alertmanager.serviceAccount.create -}}
+    {{ default (print (include "kube-prometheus-stack.fullname" .) "-alertmanager") .Values.alertmanager.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.alertmanager.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/* Create the name of thanosRuler service account to use */}}
+{{- define "kube-prometheus-stack.thanosRuler.serviceAccountName" -}}
+{{- if .Values.thanosRuler.serviceAccount.create -}}
+    {{ default (include "kube-prometheus-stack.thanosRuler.name" .) .Values.thanosRuler.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.thanosRuler.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Allow the release namespace to be overridden for multi-namespace deployments in combined charts
+*/}}
+{{- define "kube-prometheus-stack.namespace" -}}
+  {{- if .Values.namespaceOverride -}}
+    {{- .Values.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Use the grafana namespace override for multi-namespace deployments in combined charts
+*/}}
+{{- define "kube-prometheus-stack-grafana.namespace" -}}
+  {{- if .Values.grafana.namespaceOverride -}}
+    {{- .Values.grafana.namespaceOverride -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Allow kube-state-metrics job name to be overridden
+*/}}
+{{- define "kube-prometheus-stack-kube-state-metrics.name" -}}
+  {{- if index .Values "kube-state-metrics" "nameOverride" -}}
+    {{- index .Values "kube-state-metrics" "nameOverride" -}}
+  {{- else -}}
+    {{- print "kube-state-metrics" -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Use the kube-state-metrics namespace override for multi-namespace deployments in combined charts
+*/}}
+{{- define "kube-prometheus-stack-kube-state-metrics.namespace" -}}
+  {{- if index .Values "kube-state-metrics" "namespaceOverride" -}}
+    {{- index .Values "kube-state-metrics" "namespaceOverride" -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Use the prometheus-node-exporter namespace override for multi-namespace deployments in combined charts
+*/}}
+{{- define "kube-prometheus-stack-prometheus-node-exporter.namespace" -}}
+  {{- if index .Values "prometheus-node-exporter" "namespaceOverride" -}}
+    {{- index .Values "prometheus-node-exporter" "namespaceOverride" -}}
+  {{- else -}}
+    {{- .Release.Namespace -}}
+  {{- end -}}
+{{- end -}}
+
+{{/* Allow KubeVersion to be overridden. */}}
+{{- define "kube-prometheus-stack.kubeVersion" -}}
+  {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride -}}
+{{- end -}}
+
+{{/* Get Ingress API Version */}}
+{{- define "kube-prometheus-stack.ingress.apiVersion" -}}
+  {{- if and (.Capabilities.APIVersions.Has "networking.k8s.io/v1") (semverCompare ">= 1.19-0" (include "kube-prometheus-stack.kubeVersion" .)) -}}
+      {{- print "networking.k8s.io/v1" -}}
+  {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" -}}
+    {{- print "networking.k8s.io/v1beta1" -}}
+  {{- else -}}
+    {{- print "extensions/v1beta1" -}}
+  {{- end -}}
+{{- end -}}
+
+{{/* Check Ingress stability */}}
+{{- define "kube-prometheus-stack.ingress.isStable" -}}
+  {{- eq (include "kube-prometheus-stack.ingress.apiVersion" .) "networking.k8s.io/v1" -}}
+{{- end -}}
+
+{{/* Check Ingress supports pathType */}}
+{{/* pathType was added to networking.k8s.io/v1beta1 in Kubernetes 1.18 */}}
+{{- define "kube-prometheus-stack.ingress.supportsPathType" -}}
+  {{- or (eq (include "kube-prometheus-stack.ingress.isStable" .) "true") (and (eq (include "kube-prometheus-stack.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" (include "kube-prometheus-stack.kubeVersion" .))) -}}
+{{- end -}}
+
+{{/* Get Policy API Version */}}
+{{- define "kube-prometheus-stack.pdb.apiVersion" -}}
+  {{- if and (.Capabilities.APIVersions.Has "policy/v1") (semverCompare ">= 1.21-0" (include "kube-prometheus-stack.kubeVersion" .)) -}}
+      {{- print "policy/v1" -}}
+  {{- else -}}
+    {{- print "policy/v1beta1" -}}
+  {{- end -}}
+  {{- end -}}
+
+{{/* Get value based on current Kubernetes version */}}
+{{- define "kube-prometheus-stack.kubeVersionDefaultValue" -}}
+  {{- $values := index . 0 -}}
+  {{- $kubeVersion := index . 1 -}}
+  {{- $old := index . 2 -}}
+  {{- $new := index . 3 -}}
+  {{- $default := index . 4 -}}
+  {{- if kindIs "invalid" $default -}}
+    {{- if semverCompare $kubeVersion (include "kube-prometheus-stack.kubeVersion" $values) -}}
+      {{- print $new -}}
+    {{- else -}}
+      {{- print $old -}}
+    {{- end -}}
+  {{- else -}}
+    {{- print $default }}
+  {{- end -}}
+{{- end -}}
+
+{{/* Get value for kube-controller-manager depending on insecure scraping availability */}}
+{{- define "kube-prometheus-stack.kubeControllerManager.insecureScrape" -}}
+  {{- $values := index . 0 -}}
+  {{- $insecure := index . 1 -}}
+  {{- $secure := index . 2 -}}
+  {{- $userValue := index . 3 -}}
+  {{- include "kube-prometheus-stack.kubeVersionDefaultValue" (list $values ">= 1.22-0" $insecure $secure $userValue) -}}
+{{- end -}}
+
+{{/* Get value for kube-scheduler depending on insecure scraping availability */}}
+{{- define "kube-prometheus-stack.kubeScheduler.insecureScrape" -}}
+  {{- $values := index . 0 -}}
+  {{- $insecure := index . 1 -}}
+  {{- $secure := index . 2 -}}
+  {{- $userValue := index . 3 -}}
+  {{- include "kube-prometheus-stack.kubeVersionDefaultValue" (list $values ">= 1.23-0" $insecure $secure $userValue) -}}
+{{- end -}}
+
+{{/* Sets default scrape limits for servicemonitor */}}
+{{- define "servicemonitor.scrapeLimits" -}}
+{{- with .sampleLimit }}
+sampleLimit: {{ . }}
+{{- end }}
+{{- with .targetLimit }}
+targetLimit: {{ . }}
+{{- end }}
+{{- with .labelLimit }}
+labelLimit: {{ . }}
+{{- end }}
+{{- with .labelNameLengthLimit }}
+labelNameLengthLimit: {{ . }}
+{{- end }}
+{{- with .labelValueLengthLimit }}
+labelValueLengthLimit: {{ . }}
+{{- end }}
+{{- end -}}
+
+{{/*
+To help compatibility with other charts which use global.imagePullSecrets.
+Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style).
+global:
+  imagePullSecrets:
+  - name: pullSecret1
+  - name: pullSecret2
+
+or
+
+global:
+  imagePullSecrets:
+  - pullSecret1
+  - pullSecret2
+*/}}
+{{- define "kube-prometheus-stack.imagePullSecrets" -}}
+{{- range .Values.global.imagePullSecrets }}
+  {{- if eq (typeOf .) "map[string]interface {}" }}
+- {{ toYaml . | trim }}
+  {{- else }}
+- name: {{ . }}
+  {{- end }}
+{{- end }}
+{{- end -}}
+
+{{- define "kube-prometheus-stack.operator.admission-webhook.dnsNames" }}
+{{- $fullname := include "kube-prometheus-stack.operator.fullname" . }}
+{{- $namespace := include "kube-prometheus-stack.namespace" . }}
+{{- $fullname }}
+{{ $fullname }}.{{ $namespace }}.svc
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.enabled }}
+{{ $fullname }}-webhook
+{{ $fullname }}-webhook.{{ $namespace }}.svc
+{{- end }}
+{{- end }}
+
+{{- define "rke2-ingress-nginx.namespace" -}}
+  {{- if .Values.rke2IngressNginx.namespaceOverride -}}
+    {{- .Values.rke2IngressNginx.namespaceOverride -}}
+  {{- else -}}
+    {{- print "kube-system" -}}
+  {{- end -}}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/alertmanager.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/alertmanager.yaml
new file mode 100644
index 0000000000..19044054ac
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/alertmanager.yaml
@@ -0,0 +1,191 @@
+{{- if .Values.alertmanager.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: Alertmanager
+metadata:
+  name: {{ template "kube-prometheus-stack.alertmanager.crname" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.alertmanager.annotations }}
+  annotations:
+{{ toYaml .Values.alertmanager.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.alertmanager.alertmanagerSpec.image }}
+  {{- $registry := include "monitoring_registry" . | default .Values.alertmanager.alertmanagerSpec.image.registry }}
+  {{- if and .Values.alertmanager.alertmanagerSpec.image.tag .Values.alertmanager.alertmanagerSpec.image.sha }}
+  image: "{{ $registry }}/{{ .Values.alertmanager.alertmanagerSpec.image.repository }}:{{ .Values.alertmanager.alertmanagerSpec.image.tag }}@sha256:{{ .Values.alertmanager.alertmanagerSpec.image.sha }}"
+  {{- else if .Values.alertmanager.alertmanagerSpec.image.sha }}
+  image: "{{ $registry }}/{{ .Values.alertmanager.alertmanagerSpec.image.repository }}@sha256:{{ .Values.alertmanager.alertmanagerSpec.image.sha }}"
+  {{- else if .Values.alertmanager.alertmanagerSpec.image.tag }}
+  image: "{{ $registry }}/{{ .Values.alertmanager.alertmanagerSpec.image.repository }}:{{ .Values.alertmanager.alertmanagerSpec.image.tag }}"
+  {{- else }}
+  image: "{{ $registry }}/{{ .Values.alertmanager.alertmanagerSpec.image.repository }}"
+  {{- end }}
+  version: {{ .Values.alertmanager.alertmanagerSpec.image.tag }}
+  {{- if .Values.alertmanager.alertmanagerSpec.image.sha }}
+  sha: {{ .Values.alertmanager.alertmanagerSpec.image.sha }}
+  {{- end }}
+{{- end }}
+  replicas: {{ .Values.alertmanager.alertmanagerSpec.replicas }}
+  listenLocal: {{ .Values.alertmanager.alertmanagerSpec.listenLocal }}
+  serviceAccountName: {{ template "kube-prometheus-stack.alertmanager.serviceAccountName" . }}
+  automountServiceAccountToken: {{ .Values.alertmanager.alertmanagerSpec.automountServiceAccountToken }}
+{{- if .Values.alertmanager.alertmanagerSpec.externalUrl }}
+  externalUrl: "{{ tpl .Values.alertmanager.alertmanagerSpec.externalUrl . }}"
+{{- else if and .Values.alertmanager.ingress.enabled .Values.alertmanager.ingress.hosts }}
+  externalUrl: "http://{{ tpl (index .Values.alertmanager.ingress.hosts 0) . }}{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}"
+{{- else if not (or (kindIs "invalid" .Values.global.cattle.url) (kindIs "invalid" .Values.global.cattle.clusterId)) }}
+  externalUrl: "{{ .Values.global.cattle.url }}/k8s/clusters/{{ .Values.global.cattle.clusterId }}/api/v1/namespaces/{{ .Values.namespaceOverride }}/services/http:{{ template "kube-prometheus-stack.fullname" . }}-alertmanager:{{ .Values.alertmanager.service.port }}/proxy"
+{{- else }}
+  externalUrl: http://{{ template "kube-prometheus-stack.fullname" . }}-alertmanager.{{ template "kube-prometheus-stack.namespace" . }}:{{ .Values.alertmanager.service.port }}
+{{- end }}
+  nodeSelector: {{ include "linux-node-selector" . | nindent 4 }}
+{{- if .Values.alertmanager.alertmanagerSpec.nodeSelector }}
+{{ toYaml .Values.alertmanager.alertmanagerSpec.nodeSelector | indent 4 }}
+{{- end }}
+  paused: {{ .Values.alertmanager.alertmanagerSpec.paused }}
+  logFormat: {{ .Values.alertmanager.alertmanagerSpec.logFormat | quote  }}
+  logLevel:  {{ .Values.alertmanager.alertmanagerSpec.logLevel | quote  }}
+  retention: {{ .Values.alertmanager.alertmanagerSpec.retention | quote  }}
+{{- if .Values.alertmanager.alertmanagerSpec.secrets }}
+  secrets:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.secrets | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.configSecret }}
+  configSecret: {{ .Values.alertmanager.alertmanagerSpec.configSecret }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.configMaps }}
+  configMaps:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.configMaps | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.alertmanagerConfigSelector }}
+  alertmanagerConfigSelector:
+{{ tpl (toYaml .Values.alertmanager.alertmanagerSpec.alertmanagerConfigSelector | indent 4) . }}
+{{ else }}
+  alertmanagerConfigSelector: {}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.alertmanagerConfigNamespaceSelector }}
+  alertmanagerConfigNamespaceSelector:
+{{ tpl (toYaml .Values.alertmanager.alertmanagerSpec.alertmanagerConfigNamespaceSelector | indent 4) . }}
+{{ else }}
+  alertmanagerConfigNamespaceSelector: {}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.web }}
+  web:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.web | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.alertmanagerConfiguration }}
+  alertmanagerConfiguration:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.alertmanagerConfiguration | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.alertmanagerConfigMatcherStrategy }}
+  alertmanagerConfigMatcherStrategy:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.alertmanagerConfigMatcherStrategy | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.resources }}
+  resources:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.resources | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.routePrefix }}
+  routePrefix: "{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}"
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.securityContext }}
+  securityContext:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.securityContext | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.storage }}
+  storage:
+{{ tpl (toYaml .Values.alertmanager.alertmanagerSpec.storage | indent 4) . }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.podMetadata }}
+  podMetadata:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.podMetadata | indent 4 }}
+{{- end }}
+{{- if or .Values.alertmanager.alertmanagerSpec.podAntiAffinity .Values.alertmanager.alertmanagerSpec.affinity }}
+  affinity:
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.affinity }}
+{{ toYaml .Values.alertmanager.alertmanagerSpec.affinity | indent 4 }}
+{{- end }}
+{{- if eq .Values.alertmanager.alertmanagerSpec.podAntiAffinity "hard" }}
+    podAntiAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+      - topologyKey: {{ .Values.alertmanager.alertmanagerSpec.podAntiAffinityTopologyKey }}
+        labelSelector:
+          matchExpressions:
+            - {key: app.kubernetes.io/name, operator: In, values: [alertmanager]}
+            - {key: alertmanager, operator: In, values: [{{ template "kube-prometheus-stack.alertmanager.crname" . }}]}
+{{- else if eq .Values.alertmanager.alertmanagerSpec.podAntiAffinity "soft" }}
+    podAntiAffinity:
+      preferredDuringSchedulingIgnoredDuringExecution:
+      - weight: 100
+        podAffinityTerm:
+          topologyKey: {{ .Values.alertmanager.alertmanagerSpec.podAntiAffinityTopologyKey }}
+          labelSelector:
+            matchExpressions:
+              - {key: app.kubernetes.io/name, operator: In, values: [alertmanager]}
+              - {key: alertmanager, operator: In, values: [{{ template "kube-prometheus-stack.alertmanager.crname" . }}]}
+{{- end }}
+  tolerations: {{ include "linux-node-tolerations" . | nindent 4 }}
+{{- if .Values.alertmanager.alertmanagerSpec.tolerations }}
+{{ toYaml .Values.alertmanager.alertmanagerSpec.tolerations | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.topologySpreadConstraints }}
+  topologySpreadConstraints:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.topologySpreadConstraints | indent 4 }}
+{{- end }}
+{{- if .Values.global.imagePullSecrets }}
+  imagePullSecrets:
+{{ include "kube-prometheus-stack.imagePullSecrets" . | trim | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.containers }}
+  containers:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.containers | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.initContainers }}
+  initContainers:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.initContainers | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.priorityClassName }}
+  priorityClassName: {{.Values.alertmanager.alertmanagerSpec.priorityClassName }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.additionalPeers }}
+  additionalPeers:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.additionalPeers | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.volumes }}
+  volumes:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.volumes | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.volumeMounts }}
+  volumeMounts:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.volumeMounts | indent 4 }}
+{{- end }}
+  portName: {{ .Values.alertmanager.alertmanagerSpec.portName }}
+{{- if .Values.alertmanager.alertmanagerSpec.clusterAdvertiseAddress }}
+  clusterAdvertiseAddress: {{ .Values.alertmanager.alertmanagerSpec.clusterAdvertiseAddress }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.clusterGossipInterval }}
+  clusterGossipInterval: {{ .Values.alertmanager.alertmanagerSpec.clusterGossipInterval }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.clusterPeerTimeout }}
+  clusterPeerTimeout: {{ .Values.alertmanager.alertmanagerSpec.clusterPeerTimeout }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.clusterPushpullInterval }}
+  clusterPushpullInterval: {{ .Values.alertmanager.alertmanagerSpec.clusterPushpullInterval }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.forceEnableClusterMode }}
+  forceEnableClusterMode: {{ .Values.alertmanager.alertmanagerSpec.forceEnableClusterMode }}
+{{- end }}
+{{- if .Values.alertmanager.alertmanagerSpec.minReadySeconds }}
+  minReadySeconds: {{ .Values.alertmanager.alertmanagerSpec.minReadySeconds }}
+{{- end }}
+{{- with .Values.alertmanager.alertmanagerSpec.additionalConfig }}
+  {{- tpl (toYaml .) $ | nindent 2 }}
+{{- end }}
+{{- with .Values.alertmanager.alertmanagerSpec.additionalConfigString }}
+  {{- tpl . $ | nindent 2 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/extrasecret.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/extrasecret.yaml
new file mode 100644
index 0000000000..ecd8f47021
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/extrasecret.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.alertmanager.extraSecret.data -}}
+{{- $secretName := printf "alertmanager-%s-extra" (include "kube-prometheus-stack.fullname" . ) -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ default $secretName .Values.alertmanager.extraSecret.name }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- if .Values.alertmanager.extraSecret.annotations }}
+  annotations:
+{{ toYaml .Values.alertmanager.extraSecret.annotations | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+    app.kubernetes.io/component: alertmanager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+{{- range $key, $val := .Values.alertmanager.extraSecret.data }}
+  {{ $key }}: {{ $val | b64enc | quote }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/ingress.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/ingress.yaml
new file mode 100644
index 0000000000..be9f5aa279
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/ingress.yaml
@@ -0,0 +1,78 @@
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.ingress.enabled }}
+{{- $pathType := .Values.alertmanager.ingress.pathType | default "ImplementationSpecific" }}
+{{- $serviceName := printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "alertmanager" }}
+{{- $backendServiceName := .Values.alertmanager.ingress.serviceName | default (printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "alertmanager") }}
+{{- $servicePort := .Values.alertmanager.ingress.servicePort | default .Values.alertmanager.service.port -}}
+{{- $routePrefix := list .Values.alertmanager.alertmanagerSpec.routePrefix }}
+{{- $paths := .Values.alertmanager.ingress.paths | default $routePrefix -}}
+{{- $apiIsStable := eq (include "kube-prometheus-stack.ingress.isStable" .) "true" -}}
+{{- $ingressSupportsPathType := eq (include "kube-prometheus-stack.ingress.supportsPathType" .) "true" -}}
+apiVersion: {{ include "kube-prometheus-stack.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+  name: {{ $serviceName }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- if .Values.alertmanager.ingress.annotations }}
+  annotations:
+    {{- tpl (toYaml .Values.alertmanager.ingress.annotations) . | nindent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+{{- if .Values.alertmanager.ingress.labels }}
+{{ toYaml .Values.alertmanager.ingress.labels | indent 4 }}
+{{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  {{- if $apiIsStable }}
+  {{- if .Values.alertmanager.ingress.ingressClassName }}
+  ingressClassName: {{ .Values.alertmanager.ingress.ingressClassName }}
+  {{- end }}
+  {{- end }}
+  rules:
+  {{- if .Values.alertmanager.ingress.hosts }}
+  {{- range $host := .Values.alertmanager.ingress.hosts }}
+    - host: {{ tpl $host $ | quote }}
+      http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ tpl $p $ }}
+            {{- if and $pathType $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $backendServiceName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $backendServiceName }}
+              servicePort: {{ $servicePort }}
+    {{- end }}
+    {{- end -}}
+  {{- end -}}
+  {{- else }}
+    - http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ tpl $p $ }}
+            {{- if and $pathType $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $backendServiceName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $backendServiceName }}
+              servicePort: {{ $servicePort }}
+  {{- end }}
+  {{- end -}}
+  {{- end -}}
+  {{- if .Values.alertmanager.ingress.tls }}
+  tls:
+{{ tpl (toYaml .Values.alertmanager.ingress.tls | indent 4) . }}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/ingressperreplica.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/ingressperreplica.yaml
new file mode 100644
index 0000000000..b2e00a4162
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/ingressperreplica.yaml
@@ -0,0 +1,67 @@
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.servicePerReplica.enabled .Values.alertmanager.ingressPerReplica.enabled }}
+{{- $pathType := .Values.alertmanager.ingressPerReplica.pathType | default "" }}
+{{- $count := .Values.alertmanager.alertmanagerSpec.replicas | int -}}
+{{- $servicePort := .Values.alertmanager.service.port -}}
+{{- $ingressValues := .Values.alertmanager.ingressPerReplica -}}
+{{- $apiIsStable := eq (include "kube-prometheus-stack.ingress.isStable" .) "true" -}}
+{{- $ingressSupportsPathType := eq (include "kube-prometheus-stack.ingress.supportsPathType" .) "true" -}}
+apiVersion: v1
+kind: List
+metadata:
+  name: {{ include "kube-prometheus-stack.fullname" $ }}-alertmanager-ingressperreplica
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+items:
+{{ range $i, $e := until $count }}
+  - kind: Ingress
+    apiVersion: {{ include "kube-prometheus-stack.ingress.apiVersion" $ }}
+    metadata:
+      name: {{ include "kube-prometheus-stack.fullname" $ }}-alertmanager-{{ $i }}
+      namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+      labels:
+        app: {{ include "kube-prometheus-stack.name" $ }}-alertmanager
+      {{ include "kube-prometheus-stack.labels" $ | indent 8 }}
+      {{- if $ingressValues.labels }}
+{{ toYaml $ingressValues.labels | indent 8 }}
+      {{- end }}
+      {{- if $ingressValues.annotations }}
+      annotations:
+        {{- tpl (toYaml $ingressValues.annotations) $ | nindent 8 }}
+      {{- end }}
+    spec:
+      {{- if $apiIsStable }}
+      {{- if $ingressValues.ingressClassName }}
+      ingressClassName: {{ $ingressValues.ingressClassName }}
+      {{- end }}
+      {{- end }}
+      rules:
+        - host: {{ $ingressValues.hostPrefix }}-{{ $i }}.{{ $ingressValues.hostDomain }}
+          http:
+            paths:
+      {{- range $p := $ingressValues.paths }}
+              - path: {{ tpl $p $ }}
+                {{- if and $pathType $ingressSupportsPathType }}
+                pathType: {{ $pathType }}
+                {{- end }}
+                backend:
+                  {{- if $apiIsStable }}
+                  service:
+                    name: {{ include "kube-prometheus-stack.fullname" $ }}-alertmanager-{{ $i }}
+                    port:
+                      number: {{ $servicePort }}
+                  {{- else }}
+                  serviceName: {{ include "kube-prometheus-stack.fullname" $ }}-alertmanager-{{ $i }}
+                  servicePort: {{ $servicePort }}
+      {{- end }}
+      {{- end -}}
+      {{- if or $ingressValues.tlsSecretName $ingressValues.tlsSecretPerReplica.enabled }}
+      tls:
+        - hosts:
+            - {{ $ingressValues.hostPrefix }}-{{ $i }}.{{ $ingressValues.hostDomain }}
+          {{- if $ingressValues.tlsSecretPerReplica.enabled }}
+          secretName: {{ $ingressValues.tlsSecretPerReplica.prefix }}-{{ $i }}
+          {{- else }}
+          secretName: {{ $ingressValues.tlsSecretName }}
+          {{- end }}
+      {{- end }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/podDisruptionBudget.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/podDisruptionBudget.yaml
new file mode 100644
index 0000000000..b183403125
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/podDisruptionBudget.yaml
@@ -0,0 +1,21 @@
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.podDisruptionBudget.enabled }}
+apiVersion: {{ include "kube-prometheus-stack.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  {{- if .Values.alertmanager.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.alertmanager.podDisruptionBudget.minAvailable }}
+  {{- end }}
+  {{- if .Values.alertmanager.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.alertmanager.podDisruptionBudget.maxUnavailable }}
+  {{- end }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: alertmanager
+      alertmanager: {{ template "kube-prometheus-stack.alertmanager.crname" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/psp-role.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/psp-role.yaml
new file mode 100644
index 0000000000..8810e93ded
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/psp-role.yaml
@@ -0,0 +1,23 @@
+{{- if and .Values.alertmanager.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+rules:
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }}
+- apiGroups: ['policy']
+{{- else }}
+- apiGroups: ['extensions']
+{{- end }}
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/psp-rolebinding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/psp-rolebinding.yaml
new file mode 100644
index 0000000000..794f4ad178
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/psp-rolebinding.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.alertmanager.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-prometheus-stack.alertmanager.serviceAccountName" . }}
+    namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/psp.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/psp.yaml
new file mode 100644
index 0000000000..07b616b5cb
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/psp.yaml
@@ -0,0 +1,47 @@
+{{- if and .Values.alertmanager.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+{{- if .Values.global.rbac.pspAnnotations }}
+  annotations:
+{{ toYaml .Values.global.rbac.pspAnnotations | indent 4 }}
+{{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  privileged: false
+  # Allow core volume types.
+  volumes:
+    - 'configMap'
+    - 'emptyDir'
+    - 'projected'
+    - 'secret'
+    - 'downwardAPI'
+    - 'persistentVolumeClaim'
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    # Permits the container to run with root privileges as well.
+    rule: 'RunAsAny'
+  seLinux:
+    # This policy assumes the nodes are using AppArmor rather than SELinux.
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/secret.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/secret.yaml
new file mode 100644
index 0000000000..d2fe84a7bf
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/secret.yaml
@@ -0,0 +1,35 @@
+{{- if and (.Values.alertmanager.enabled) (not .Values.alertmanager.alertmanagerSpec.useExistingSecret) }}
+{{/* This file is applied when the operation is helm install and the target secret does not exist. */}}
+{{- $secretName := (printf "alertmanager-%s" (include "kube-prometheus-stack.alertmanager.crname" .)) }}
+{{- if or (not (lookup "v1" "Secret" (include "kube-prometheus-stack.namespace" .) $secretName)) (eq .Values.alertmanager.secret.recreateIfExists true) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ $secretName }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": pre-install, pre-upgrade
+    "helm.sh/hook-weight": "3"
+    "helm.sh/resource-policy": keep
+{{- if .Values.alertmanager.secret.annotations }}
+{{ toYaml .Values.alertmanager.secret.annotations | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+{{- if .Values.alertmanager.tplConfig }}
+{{- if .Values.alertmanager.stringConfig }}
+  alertmanager.yaml: {{ tpl (.Values.alertmanager.stringConfig) . | b64enc | quote }}
+{{- else if eq (typeOf .Values.alertmanager.config) "string" }}
+  alertmanager.yaml: {{ tpl (.Values.alertmanager.config) . | b64enc | quote }}
+{{- else }}
+  alertmanager.yaml: {{ tpl (toYaml .Values.alertmanager.config) . | b64enc | quote }}
+{{- end }}
+{{- else }}
+  alertmanager.yaml: {{ toYaml .Values.alertmanager.config | b64enc | quote }}
+{{- end }}
+{{- range $key, $val := .Values.alertmanager.templateFiles }}
+  {{ $key }}: {{ $val | b64enc | quote }}
+{{- end }}
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/service.yaml
new file mode 100644
index 0000000000..373de328a5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/service.yaml
@@ -0,0 +1,68 @@
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if .Values.alertmanager.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+    self-monitor: {{ .Values.alertmanager.serviceMonitor.selfMonitor | quote }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.alertmanager.service.labels }}
+{{ toYaml .Values.alertmanager.service.labels | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.service.annotations }}
+  annotations:
+{{ toYaml .Values.alertmanager.service.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.alertmanager.service.clusterIP }}
+  clusterIP: {{ .Values.alertmanager.service.clusterIP }}
+{{- end }}
+{{- if .Values.alertmanager.service.externalIPs }}
+  externalIPs:
+{{ toYaml .Values.alertmanager.service.externalIPs | indent 4 }}
+{{- end }}
+{{- if .Values.alertmanager.service.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.alertmanager.service.loadBalancerIP }}
+{{- end }}
+{{- if .Values.alertmanager.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range $cidr := .Values.alertmanager.service.loadBalancerSourceRanges }}
+    - {{ $cidr }}
+  {{- end }}
+{{- end }}
+{{- if ne .Values.alertmanager.service.type "ClusterIP" }}
+  externalTrafficPolicy: {{ .Values.alertmanager.service.externalTrafficPolicy }}
+{{- end }}
+  ports:
+  - name: {{ .Values.alertmanager.alertmanagerSpec.portName }}
+  {{- if eq .Values.alertmanager.service.type "NodePort" }}
+    nodePort: {{ .Values.alertmanager.service.nodePort }}
+  {{- end }}
+    port: {{ .Values.alertmanager.service.port }}
+    targetPort: {{ .Values.alertmanager.service.targetPort }}
+    protocol: TCP
+  - name: reloader-web
+    {{- if semverCompare ">=1.20.0-0" $kubeTargetVersion }}
+    appProtocol: http
+    {{- end }}
+    port: 8080
+    targetPort: reloader-web
+{{- if .Values.alertmanager.service.additionalPorts }}
+{{ toYaml .Values.alertmanager.service.additionalPorts | indent 2 }}
+{{- end }}
+  selector:
+    app.kubernetes.io/name: alertmanager
+    alertmanager: {{ template "kube-prometheus-stack.alertmanager.crname" . }}
+{{- if .Values.alertmanager.service.sessionAffinity }}
+  sessionAffinity: {{ .Values.alertmanager.service.sessionAffinity }}
+{{- end }}
+{{- if eq .Values.alertmanager.service.sessionAffinity "ClientIP" }}
+  sessionAffinityConfig:
+    clientIP:
+      timeoutSeconds: {{ .Values.alertmanager.service.sessionAffinityConfig.clientIP.timeoutSeconds }}
+{{- end }}
+  type: "{{ .Values.alertmanager.service.type }}"
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/serviceaccount.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/serviceaccount.yaml
new file mode 100644
index 0000000000..745ced8bde
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/serviceaccount.yaml
@@ -0,0 +1,21 @@
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "kube-prometheus-stack.alertmanager.serviceAccountName" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+    app.kubernetes.io/name: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+    app.kubernetes.io/component: alertmanager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.alertmanager.serviceAccount.annotations }}
+  annotations:
+{{ toYaml .Values.alertmanager.serviceAccount.annotations | indent 4 }}
+{{- end }}
+automountServiceAccountToken: {{ .Values.alertmanager.serviceAccount.automountServiceAccountToken }}
+{{- if .Values.global.imagePullSecrets }}
+imagePullSecrets:
+{{ include "kube-prometheus-stack.imagePullSecrets" . | trim | indent 2}}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/servicemonitor.yaml
new file mode 100644
index 0000000000..6233690019
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/servicemonitor.yaml
@@ -0,0 +1,84 @@
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceMonitor.selfMonitor }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- with .Values.alertmanager.serviceMonitor.additionalLabels }}
+{{- toYaml . | nindent 4 }}
+{{- end }}
+spec:
+  {{- include "servicemonitor.scrapeLimits" .Values.alertmanager.serviceMonitor | nindent 2 }}
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-alertmanager
+      release: {{ $.Release.Name | quote }}
+      self-monitor: "true"
+  namespaceSelector:
+    matchNames:
+      - {{ printf "%s" (include "kube-prometheus-stack.namespace" .) | quote }}
+  endpoints:
+  - port: {{ .Values.alertmanager.alertmanagerSpec.portName }}
+    enableHttp2: {{ .Values.alertmanager.serviceMonitor.enableHttp2 }}
+    {{- if .Values.alertmanager.serviceMonitor.interval }}
+    interval: {{ .Values.alertmanager.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.alertmanager.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.alertmanager.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.alertmanager.serviceMonitor.scheme }}
+    scheme: {{ .Values.alertmanager.serviceMonitor.scheme }}
+    {{- end }}
+    {{- if .Values.alertmanager.serviceMonitor.bearerTokenFile }}
+    bearerTokenFile: {{ .Values.alertmanager.serviceMonitor.bearerTokenFile }}
+    {{- end }}
+    {{- if .Values.alertmanager.serviceMonitor.tlsConfig }}
+    tlsConfig: {{- toYaml .Values.alertmanager.serviceMonitor.tlsConfig | nindent 6 }}
+    {{- end }}
+    path: "{{ trimSuffix "/" .Values.alertmanager.alertmanagerSpec.routePrefix }}/metrics"
+    metricRelabelings:
+    {{- if .Values.alertmanager.serviceMonitor.metricRelabelings }}
+    {{- tpl (toYaml .Values.alertmanager.serviceMonitor.metricRelabelings | nindent 6) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+    - sourceLabels: [__address__]
+      targetLabel: cluster_id
+      replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName }}
+    - sourceLabels: [__address__]
+      targetLabel: cluster_name
+      replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+    {{- if .Values.alertmanager.serviceMonitor.relabelings }}
+    relabelings: {{- toYaml .Values.alertmanager.serviceMonitor.relabelings | nindent 6 }}
+    {{- end }}
+  {{- range .Values.alertmanager.serviceMonitor.additionalEndpoints }}
+  - port: {{ .port }}
+    {{- if or $.Values.alertmanager.serviceMonitor.interval .interval }}
+    interval: {{ default $.Values.alertmanager.serviceMonitor.interval .interval }}
+    {{- end }}
+    {{- if or $.Values.alertmanager.serviceMonitor.proxyUrl .proxyUrl }}
+    proxyUrl: {{ default $.Values.alertmanager.serviceMonitor.proxyUrl .proxyUrl }}
+    {{- end }}
+    {{- if or $.Values.alertmanager.serviceMonitor.scheme .scheme }}
+    scheme: {{ default $.Values.alertmanager.serviceMonitor.scheme .scheme }}
+    {{- end }}
+    {{- if or $.Values.alertmanager.serviceMonitor.bearerTokenFile .bearerTokenFile }}
+    bearerTokenFile: {{ default $.Values.alertmanager.serviceMonitor.bearerTokenFile .bearerTokenFile }}
+    {{- end }}
+    {{- if or $.Values.alertmanager.serviceMonitor.tlsConfig .tlsConfig }}
+    tlsConfig: {{- default $.Values.alertmanager.serviceMonitor.tlsConfig .tlsConfig | toYaml | nindent 6 }}
+    {{- end }}
+    path: {{ .path }}
+    {{- if or $.Values.alertmanager.serviceMonitor.metricRelabelings .metricRelabelings }}
+    metricRelabelings: {{- tpl (default $.Values.alertmanager.serviceMonitor.metricRelabelings .metricRelabelings | toYaml | nindent 6) . }}
+    {{- end }}
+    {{- if or $.Values.alertmanager.serviceMonitor.relabelings .relabelings }}
+    relabelings: {{- default $.Values.alertmanager.serviceMonitor.relabelings .relabelings | toYaml | nindent 6 }}
+    {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/serviceperreplica.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/serviceperreplica.yaml
new file mode 100644
index 0000000000..75a13bdf97
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/alertmanager/serviceperreplica.yaml
@@ -0,0 +1,49 @@
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.servicePerReplica.enabled }}
+{{- $count := .Values.alertmanager.alertmanagerSpec.replicas | int -}}
+{{- $serviceValues := .Values.alertmanager.servicePerReplica -}}
+apiVersion: v1
+kind: List
+metadata:
+  name: {{ include "kube-prometheus-stack.fullname" $ }}-alertmanager-serviceperreplica
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+items:
+{{- range $i, $e := until $count }}
+  - apiVersion: v1
+    kind: Service
+    metadata:
+      name: {{ include "kube-prometheus-stack.fullname" $ }}-alertmanager-{{ $i }}
+      namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+      labels:
+        app: {{ include "kube-prometheus-stack.name" $ }}-alertmanager
+{{ include "kube-prometheus-stack.labels" $ | indent 8 }}
+      {{- if $serviceValues.annotations }}
+      annotations:
+{{ toYaml $serviceValues.annotations | indent 8 }}
+      {{- end }}
+    spec:
+      {{- if $serviceValues.clusterIP }}
+      clusterIP: {{ $serviceValues.clusterIP }}
+      {{- end }}
+      {{- if $serviceValues.loadBalancerSourceRanges }}
+      loadBalancerSourceRanges:
+      {{- range $cidr := $serviceValues.loadBalancerSourceRanges }}
+        - {{ $cidr }}
+      {{- end }}
+      {{- end }}
+      {{- if ne $serviceValues.type "ClusterIP" }}
+      externalTrafficPolicy: {{ $serviceValues.externalTrafficPolicy }}
+      {{- end }}
+      ports:
+        - name: {{ $.Values.alertmanager.alertmanagerSpec.portName }}
+          {{- if eq $serviceValues.type "NodePort" }}
+          nodePort: {{ $serviceValues.nodePort }}
+          {{- end }}
+          port: {{ $serviceValues.port }}
+          targetPort: {{ $serviceValues.targetPort }}
+      selector:
+        app.kubernetes.io/name: alertmanager
+        alertmanager: {{ template "kube-prometheus-stack.alertmanager.crname" $ }}
+        statefulset.kubernetes.io/pod-name: alertmanager-{{ include "kube-prometheus-stack.alertmanager.crname" $ }}-{{ $i }}
+      type: "{{ $serviceValues.type }}"
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/core-dns/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/core-dns/service.yaml
new file mode 100644
index 0000000000..b8618f7558
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/core-dns/service.yaml
@@ -0,0 +1,24 @@
+{{- if and .Values.coreDns.enabled .Values.coreDns.service.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-coredns
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-coredns
+    jobLabel: coredns
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+spec:
+  clusterIP: None
+  ports:
+    - name: {{ .Values.coreDns.serviceMonitor.port }}
+      port: {{ .Values.coreDns.service.port }}
+      protocol: TCP
+      targetPort: {{ .Values.coreDns.service.targetPort }}
+  selector:
+    {{- if .Values.coreDns.service.selector }}
+{{ toYaml .Values.coreDns.service.selector | indent 4 }}
+    {{- else}}
+    k8s-app: kube-dns
+    {{- end}}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/core-dns/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/core-dns/servicemonitor.yaml
new file mode 100644
index 0000000000..dc15a06937
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/core-dns/servicemonitor.yaml
@@ -0,0 +1,58 @@
+{{- if and .Values.coreDns.enabled .Values.coreDns.serviceMonitor.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-coredns
+  {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  namespace: kube-system
+  {{- else }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-coredns
+  {{- with .Values.coreDns.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  jobLabel: {{ .Values.coreDns.serviceMonitor.jobLabel }}
+  {{- include "servicemonitor.scrapeLimits" .Values.coreDns.serviceMonitor | nindent 2 }}
+  selector:
+    {{- if .Values.coreDns.serviceMonitor.selector }}
+    {{ tpl (toYaml .Values.coreDns.serviceMonitor.selector | nindent 4) . }}
+    {{- else }}
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-coredns
+      release: {{ $.Release.Name | quote }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - "kube-system"
+  endpoints:
+  - port: {{ .Values.coreDns.serviceMonitor.port }}
+    {{- if .Values.coreDns.serviceMonitor.interval}}
+    interval: {{ .Values.coreDns.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.coreDns.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.coreDns.serviceMonitor.proxyUrl}}
+    {{- end }}
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    metricRelabelings:
+    {{- if .Values.coreDns.serviceMonitor.metricRelabelings }}
+    {{ tpl (toYaml .Values.coreDns.serviceMonitor.metricRelabelings | indent 4) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+    - sourceLabels: [__address__]
+      targetLabel: cluster_id
+      replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName }}
+    - sourceLabels: [__address__]
+      targetLabel: cluster_name
+      replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.coreDns.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.coreDns.serviceMonitor.relabelings | indent 4) . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-api-server/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-api-server/servicemonitor.yaml
new file mode 100644
index 0000000000..66e777632e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-api-server/servicemonitor.yaml
@@ -0,0 +1,57 @@
+{{- if and .Values.kubeApiServer.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-apiserver
+  {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  namespace: default
+  {{- else }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-apiserver
+  {{- with .Values.kubeApiServer.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  {{- include "servicemonitor.scrapeLimits" .Values.kubeApiServer.serviceMonitor | nindent 2 }}
+  endpoints:
+  - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    {{- if .Values.kubeApiServer.serviceMonitor.interval }}
+    interval: {{ .Values.kubeApiServer.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubeApiServer.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubeApiServer.serviceMonitor.proxyUrl }}
+    {{- end }}
+    port: https
+    scheme: https
+    metricRelabelings:
+    {{- if .Values.kubeApiServer.serviceMonitor.metricRelabelings }}
+{{ tpl (toYaml .Values.kubeApiServer.serviceMonitor.metricRelabelings | indent 6) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.kubeApiServer.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubeApiServer.serviceMonitor.relabelings | indent 6) . }}
+{{- end }}
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      serverName: {{ .Values.kubeApiServer.tlsConfig.serverName }}
+      insecureSkipVerify: {{ .Values.kubeApiServer.tlsConfig.insecureSkipVerify }}
+  jobLabel: {{ .Values.kubeApiServer.serviceMonitor.jobLabel }}
+  namespaceSelector:
+    matchNames:
+    - default
+  selector:
+{{ toYaml .Values.kubeApiServer.serviceMonitor.selector | indent 4 }}
+{{- end}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-controller-manager/endpoints.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-controller-manager/endpoints.yaml
new file mode 100644
index 0000000000..6a6afa6412
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-controller-manager/endpoints.yaml
@@ -0,0 +1,22 @@
+{{- if and .Values.kubeControllerManager.enabled .Values.kubeControllerManager.endpoints .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Endpoints
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-controller-manager
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-controller-manager
+    k8s-app: kube-controller-manager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+subsets:
+  - addresses:
+      {{- range .Values.kubeControllerManager.endpoints }}
+      - ip: {{ . }}
+      {{- end }}
+    ports:
+      - name: {{ .Values.kubeControllerManager.serviceMonitor.port }}
+        {{- $kubeControllerManagerDefaultInsecurePort := 10252 }}
+        {{- $kubeControllerManagerDefaultSecurePort := 10257 }}
+        port: {{ include "kube-prometheus-stack.kubeControllerManager.insecureScrape" (list . $kubeControllerManagerDefaultInsecurePort $kubeControllerManagerDefaultSecurePort .Values.kubeControllerManager.service.port) }}
+        protocol: TCP
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-controller-manager/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-controller-manager/service.yaml
new file mode 100644
index 0000000000..43b1a976d5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-controller-manager/service.yaml
@@ -0,0 +1,29 @@
+{{- if and .Values.kubeControllerManager.enabled .Values.kubeControllerManager.service.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-controller-manager
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-controller-manager
+    jobLabel: kube-controller-manager
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+spec:
+  clusterIP: None
+  ports:
+    - name: {{ .Values.kubeControllerManager.serviceMonitor.port }}
+      {{- $kubeControllerManagerDefaultInsecurePort := 10252 }}
+      {{- $kubeControllerManagerDefaultSecurePort := 10257 }}
+      port: {{ include "kube-prometheus-stack.kubeControllerManager.insecureScrape" (list . $kubeControllerManagerDefaultInsecurePort $kubeControllerManagerDefaultSecurePort .Values.kubeControllerManager.service.port) }}
+      protocol: TCP
+      targetPort: {{ include "kube-prometheus-stack.kubeControllerManager.insecureScrape" (list . $kubeControllerManagerDefaultInsecurePort $kubeControllerManagerDefaultSecurePort .Values.kubeControllerManager.service.targetPort) }}
+{{- if .Values.kubeControllerManager.endpoints }}{{- else }}
+  selector:
+    {{- if .Values.kubeControllerManager.service.selector }}
+{{ toYaml .Values.kubeControllerManager.service.selector | indent 4 }}
+    {{- else}}
+    component: kube-controller-manager
+    {{- end}}
+{{- end }}
+  type: ClusterIP
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-controller-manager/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-controller-manager/servicemonitor.yaml
new file mode 100644
index 0000000000..7ed3baa65f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-controller-manager/servicemonitor.yaml
@@ -0,0 +1,69 @@
+{{- if and .Values.kubeControllerManager.enabled .Values.kubeControllerManager.serviceMonitor.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-controller-manager
+  {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  namespace: kube-system
+  {{- else }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-controller-manager
+  {{- with .Values.kubeControllerManager.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  jobLabel: {{ .Values.kubeControllerManager.serviceMonitor.jobLabel }}
+  {{- include "servicemonitor.scrapeLimits" .Values.kubeControllerManager.serviceMonitor | nindent 2 }}
+  selector:
+    {{- if .Values.kubeControllerManager.serviceMonitor.selector }}
+    {{ tpl (toYaml .Values.kubeControllerManager.serviceMonitor.selector | nindent 4) . }}
+    {{- else }}
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-kube-controller-manager
+      release: {{ $.Release.Name | quote }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - "kube-system"
+  endpoints:
+  - port: {{ .Values.kubeControllerManager.serviceMonitor.port }}
+    {{- if .Values.kubeControllerManager.serviceMonitor.interval }}
+    interval: {{ .Values.kubeControllerManager.serviceMonitor.interval }}
+    {{- end }}
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    {{- if .Values.kubeControllerManager.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubeControllerManager.serviceMonitor.proxyUrl}}
+    {{- end }}
+    {{- if eq (include "kube-prometheus-stack.kubeControllerManager.insecureScrape" (list . false true .Values.kubeControllerManager.serviceMonitor.https )) "true" }}
+    scheme: https
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      {{- if eq (include "kube-prometheus-stack.kubeControllerManager.insecureScrape" (list . nil true .Values.kubeControllerManager.serviceMonitor.insecureSkipVerify)) "true" }}
+      insecureSkipVerify: true
+      {{- end }}
+      {{- if .Values.kubeControllerManager.serviceMonitor.serverName }}
+      serverName: {{ .Values.kubeControllerManager.serviceMonitor.serverName }}
+      {{- end }}
+    {{- end }}
+    metricRelabelings:
+    {{- if.Values.kubeControllerManager.serviceMonitor.metricRelabelings }}
+    {{ tpl (toYaml .Values.kubeControllerManager.serviceMonitor.metricRelabelings | indent 4) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.kubeControllerManager.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubeControllerManager.serviceMonitor.relabelings | indent 4) . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-dns/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-dns/service.yaml
new file mode 100644
index 0000000000..81b2c9930c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-dns/service.yaml
@@ -0,0 +1,28 @@
+{{- if and .Values.kubeDns.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-dns
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-dns
+    jobLabel: kube-dns
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+spec:
+  clusterIP: None
+  ports:
+    - name: http-metrics-dnsmasq
+      port: {{ .Values.kubeDns.service.dnsmasq.port }}
+      protocol: TCP
+      targetPort: {{ .Values.kubeDns.service.dnsmasq.targetPort }}
+    - name: http-metrics-skydns
+      port: {{ .Values.kubeDns.service.skydns.port }}
+      protocol: TCP
+      targetPort: {{ .Values.kubeDns.service.skydns.targetPort }}
+  selector:
+    {{- if .Values.kubeDns.service.selector }}
+{{ toYaml .Values.kubeDns.service.selector | indent 4 }}
+    {{- else}}
+    k8s-app: kube-dns
+    {{- end}}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-dns/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-dns/servicemonitor.yaml
new file mode 100644
index 0000000000..9fa41b575f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-dns/servicemonitor.yaml
@@ -0,0 +1,71 @@
+{{- if and .Values.kubeDns.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-dns
+  {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  namespace: kube-system
+  {{- else }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-dns
+  {{- with .Values.kubeDns.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  jobLabel: {{ .Values.kubeDns.serviceMonitor.jobLabel }}
+  {{- include "servicemonitor.scrapeLimits" .Values.kubeDns.serviceMonitor | nindent 2 }}
+  selector:
+    {{- if .Values.kubeDns.serviceMonitor.selector }}
+    {{ tpl (toYaml .Values.kubeDns.serviceMonitor.selector | nindent 4) . }}
+    {{- else }}
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-kube-dns
+      release: {{ $.Release.Name | quote }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - "kube-system"
+  endpoints:
+  - port: http-metrics-dnsmasq
+    {{- if .Values.kubeDns.serviceMonitor.interval }}
+    interval: {{ .Values.kubeDns.serviceMonitor.interval }}
+    {{- end }}
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    {{- if .Values.kubeDns.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubeDns.serviceMonitor.proxyUrl}}
+    {{- end }}
+    metricRelabelings:
+    {{- if .Values.kubeDns.serviceMonitor.dnsmasqMetricRelabelings }}
+    {{ tpl (toYaml .Values.kubeDns.serviceMonitor.dnsmasqMetricRelabelings | indent 4) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.kubeDns.serviceMonitor.dnsmasqRelabelings }}
+    relabelings:
+{{ toYaml .Values.kubeDns.serviceMonitor.dnsmasqRelabelings | indent 4 }}
+{{- end }}
+  - port: http-metrics-skydns
+    {{- if .Values.kubeDns.serviceMonitor.interval }}
+    interval: {{ .Values.kubeDns.serviceMonitor.interval }}
+    {{- end }}
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+{{- if .Values.kubeDns.serviceMonitor.metricRelabelings }}
+    metricRelabelings:
+{{ tpl (toYaml .Values.kubeDns.serviceMonitor.metricRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubeDns.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubeDns.serviceMonitor.relabelings | indent 4) . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-etcd/endpoints.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-etcd/endpoints.yaml
new file mode 100644
index 0000000000..e366447577
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-etcd/endpoints.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.kubeEtcd.enabled .Values.kubeEtcd.endpoints .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Endpoints
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-etcd
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-etcd
+    k8s-app: etcd-server
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+subsets:
+  - addresses:
+      {{- range .Values.kubeEtcd.endpoints }}
+      - ip: {{ . }}
+      {{- end }}
+    ports:
+      - name: {{ .Values.kubeEtcd.serviceMonitor.port }}
+        port: {{ .Values.kubeEtcd.service.port }}
+        protocol: TCP
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-etcd/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-etcd/service.yaml
new file mode 100644
index 0000000000..d07d4f35e3
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-etcd/service.yaml
@@ -0,0 +1,27 @@
+{{- if and .Values.kubeEtcd.enabled .Values.kubeEtcd.service.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-etcd
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-etcd
+    jobLabel: kube-etcd
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+spec:
+  clusterIP: None
+  ports:
+    - name: {{ .Values.kubeEtcd.serviceMonitor.port }}
+      port: {{ .Values.kubeEtcd.service.port }}
+      protocol: TCP
+      targetPort: {{ .Values.kubeEtcd.service.targetPort }}
+{{- if .Values.kubeEtcd.endpoints }}{{- else }}
+  selector:
+    {{- if .Values.kubeEtcd.service.selector }}
+{{ toYaml .Values.kubeEtcd.service.selector | indent 4 }}
+    {{- else}}
+    component: etcd
+    {{- end}}
+{{- end }}
+  type: ClusterIP
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-etcd/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-etcd/servicemonitor.yaml
new file mode 100644
index 0000000000..26fdbdbed3
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-etcd/servicemonitor.yaml
@@ -0,0 +1,75 @@
+{{- if and .Values.kubeEtcd.enabled .Values.kubeEtcd.serviceMonitor.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-etcd
+  {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  namespace: kube-system
+  {{- else }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-etcd
+  {{- with .Values.kubeEtcd.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  jobLabel: {{ .Values.kubeEtcd.serviceMonitor.jobLabel }}
+  {{- include "servicemonitor.scrapeLimits" .Values.kubeEtcd.serviceMonitor | nindent 4 }}
+  selector:
+    {{- if .Values.kubeEtcd.serviceMonitor.selector }}
+    {{ tpl (toYaml .Values.kubeEtcd.serviceMonitor.selector | nindent 4) . }}
+    {{- else }}
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-kube-etcd
+      release: {{ $.Release.Name | quote }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - "kube-system"
+  endpoints:
+  - port: {{ .Values.kubeEtcd.serviceMonitor.port }}
+    {{- if .Values.kubeEtcd.serviceMonitor.interval }}
+    interval: {{ .Values.kubeEtcd.serviceMonitor.interval }}
+    {{- end }}
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    {{- if .Values.kubeEtcd.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubeEtcd.serviceMonitor.proxyUrl}}
+    {{- end }}
+    {{- if eq .Values.kubeEtcd.serviceMonitor.scheme "https" }}
+    scheme: https
+    tlsConfig:
+      {{- if .Values.kubeEtcd.serviceMonitor.serverName }}
+      serverName: {{ .Values.kubeEtcd.serviceMonitor.serverName }}
+      {{- end }}
+      {{- if .Values.kubeEtcd.serviceMonitor.caFile }}
+      caFile: {{ .Values.kubeEtcd.serviceMonitor.caFile }}
+      {{- end }}
+      {{- if  .Values.kubeEtcd.serviceMonitor.certFile }}
+      certFile: {{ .Values.kubeEtcd.serviceMonitor.certFile }}
+      {{- end }}
+      {{- if .Values.kubeEtcd.serviceMonitor.keyFile }}
+      keyFile: {{ .Values.kubeEtcd.serviceMonitor.keyFile }}
+      {{- end}}
+      insecureSkipVerify: {{ .Values.kubeEtcd.serviceMonitor.insecureSkipVerify }}
+    {{- end }}
+    metricRelabelings:
+    {{- if .Values.kubeEtcd.serviceMonitor.metricRelabelings }}
+    {{ tpl (toYaml .Values.kubeEtcd.serviceMonitor.metricRelabelings | indent 4) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.kubeEtcd.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubeEtcd.serviceMonitor.relabelings | indent 4) . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-proxy/endpoints.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-proxy/endpoints.yaml
new file mode 100644
index 0000000000..8613e62425
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-proxy/endpoints.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.kubeProxy.enabled .Values.kubeProxy.endpoints .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Endpoints
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-proxy
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-proxy
+    k8s-app: kube-proxy
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+subsets:
+  - addresses:
+      {{- range .Values.kubeProxy.endpoints }}
+      - ip: {{ . }}
+      {{- end }}
+    ports:
+      - name: {{ .Values.kubeProxy.serviceMonitor.port }}
+        port: {{ .Values.kubeProxy.service.port }}
+        protocol: TCP
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-proxy/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-proxy/service.yaml
new file mode 100644
index 0000000000..8ccb2210d7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-proxy/service.yaml
@@ -0,0 +1,27 @@
+{{- if and .Values.kubeProxy.enabled .Values.kubeProxy.service.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-proxy
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-proxy
+    jobLabel: kube-proxy
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+spec:
+  clusterIP: None
+  ports:
+    - name: {{ .Values.kubeProxy.serviceMonitor.port }}
+      port: {{ .Values.kubeProxy.service.port }}
+      protocol: TCP
+      targetPort: {{ .Values.kubeProxy.service.targetPort }}
+{{- if .Values.kubeProxy.endpoints }}{{- else }}
+  selector:
+    {{- if .Values.kubeProxy.service.selector }}
+{{ toYaml .Values.kubeProxy.service.selector | indent 4 }}
+    {{- else}}
+    k8s-app: kube-proxy
+    {{- end}}
+{{- end }}
+  type: ClusterIP
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-proxy/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-proxy/servicemonitor.yaml
new file mode 100644
index 0000000000..24b0ab2001
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-proxy/servicemonitor.yaml
@@ -0,0 +1,63 @@
+{{- if and .Values.kubeProxy.enabled .Values.kubeProxy.serviceMonitor.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-proxy
+  {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  namespace: kube-system
+  {{- else }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-proxy
+  {{- with .Values.kubeProxy.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  jobLabel: {{ .Values.kubeProxy.serviceMonitor.jobLabel }}
+  {{- include "servicemonitor.scrapeLimits" .Values.kubeProxy.serviceMonitor | nindent 2 }}
+  selector:
+    {{- if .Values.kubeProxy.serviceMonitor.selector }}
+    {{ tpl (toYaml .Values.kubeProxy.serviceMonitor.selector | nindent 4) . }}
+    {{- else }}
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-kube-proxy
+      release: {{ $.Release.Name | quote }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - "kube-system"
+  endpoints:
+  - port: {{ .Values.kubeProxy.serviceMonitor.port }}
+    {{- if .Values.kubeProxy.serviceMonitor.interval }}
+    interval: {{ .Values.kubeProxy.serviceMonitor.interval }}
+    {{- end }}
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    {{- if .Values.kubeProxy.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubeProxy.serviceMonitor.proxyUrl}}
+    {{- end }}
+    {{- if .Values.kubeProxy.serviceMonitor.https }}
+    scheme: https
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+    {{- end}}
+    metricRelabelings:
+    {{- if .Values.kubeProxy.serviceMonitor.metricRelabelings }}
+    {{ tpl (toYaml .Values.kubeProxy.serviceMonitor.metricRelabelings | indent 4) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.kubeProxy.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubeProxy.serviceMonitor.relabelings | indent 4) . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-scheduler/endpoints.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-scheduler/endpoints.yaml
new file mode 100644
index 0000000000..6236b42f10
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-scheduler/endpoints.yaml
@@ -0,0 +1,22 @@
+{{- if and .Values.kubeScheduler.enabled .Values.kubeScheduler.endpoints .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Endpoints
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-scheduler
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-scheduler
+    k8s-app: kube-scheduler
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+subsets:
+  - addresses:
+      {{- range .Values.kubeScheduler.endpoints }}
+      - ip: {{ . }}
+      {{- end }}
+    ports:
+      - name: {{ .Values.kubeScheduler.serviceMonitor.port }}
+        {{- $kubeSchedulerDefaultInsecurePort := 10251 }}
+        {{- $kubeSchedulerDefaultSecurePort := 10259 }}
+        port: {{ include "kube-prometheus-stack.kubeScheduler.insecureScrape" (list . $kubeSchedulerDefaultInsecurePort $kubeSchedulerDefaultSecurePort .Values.kubeScheduler.service.port)  }}
+        protocol: TCP
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-scheduler/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-scheduler/service.yaml
new file mode 100644
index 0000000000..90b3a800a4
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-scheduler/service.yaml
@@ -0,0 +1,29 @@
+{{- if and .Values.kubeScheduler.enabled .Values.kubeScheduler.service.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-scheduler
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-scheduler
+    jobLabel: kube-scheduler
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: kube-system
+spec:
+  clusterIP: None
+  ports:
+    - name: {{ .Values.kubeScheduler.serviceMonitor.port }}
+      {{- $kubeSchedulerDefaultInsecurePort := 10251 }}
+      {{- $kubeSchedulerDefaultSecurePort := 10259 }}
+      port: {{ include "kube-prometheus-stack.kubeScheduler.insecureScrape" (list . $kubeSchedulerDefaultInsecurePort $kubeSchedulerDefaultSecurePort .Values.kubeScheduler.service.port)  }}
+      protocol: TCP
+      targetPort: {{ include "kube-prometheus-stack.kubeScheduler.insecureScrape" (list . $kubeSchedulerDefaultInsecurePort $kubeSchedulerDefaultSecurePort .Values.kubeScheduler.service.targetPort)  }}
+{{- if .Values.kubeScheduler.endpoints }}{{- else }}
+  selector:
+    {{- if .Values.kubeScheduler.service.selector }}
+{{ toYaml .Values.kubeScheduler.service.selector | indent 4 }}
+    {{- else}}
+    component: kube-scheduler
+    {{- end}}
+{{- end }}
+  type: ClusterIP
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-scheduler/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-scheduler/servicemonitor.yaml
new file mode 100644
index 0000000000..b17c4f1d47
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-scheduler/servicemonitor.yaml
@@ -0,0 +1,69 @@
+{{- if and .Values.kubeScheduler.enabled .Values.kubeScheduler.serviceMonitor.enabled .Values.kubernetesServiceMonitors.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kube-scheduler
+  {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  namespace: kube-system
+  {{- else }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kube-scheduler
+  {{- with .Values.kubeScheduler.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  jobLabel: {{ .Values.kubeScheduler.serviceMonitor.jobLabel }}
+  {{- include "servicemonitor.scrapeLimits" .Values.kubeScheduler.serviceMonitor | nindent 2 }}
+  selector:
+    {{- if .Values.kubeScheduler.serviceMonitor.selector }}
+    {{ tpl (toYaml .Values.kubeScheduler.serviceMonitor.selector | nindent 4) . }}
+    {{- else }}
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-kube-scheduler
+      release: {{ $.Release.Name | quote }}
+    {{- end }}
+  namespaceSelector:
+    matchNames:
+      - "kube-system"
+  endpoints:
+  - port: {{ .Values.kubeScheduler.serviceMonitor.port }}
+    {{- if .Values.kubeScheduler.serviceMonitor.interval }}
+    interval: {{ .Values.kubeScheduler.serviceMonitor.interval }}
+    {{- end }}
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    {{- if .Values.kubeScheduler.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubeScheduler.serviceMonitor.proxyUrl}}
+    {{- end }}
+    {{- if eq (include "kube-prometheus-stack.kubeScheduler.insecureScrape" (list . false true .Values.kubeScheduler.serviceMonitor.https )) "true" }}
+    scheme: https
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      {{- if eq (include "kube-prometheus-stack.kubeScheduler.insecureScrape" (list . nil true .Values.kubeScheduler.serviceMonitor.insecureSkipVerify)) "true" }}
+      insecureSkipVerify: true
+      {{- end }}
+      {{- if .Values.kubeScheduler.serviceMonitor.serverName }}
+      serverName: {{ .Values.kubeScheduler.serviceMonitor.serverName }}
+      {{- end}}
+    {{- end}}
+    metricRelabelings:
+    {{- if .Values.kubeScheduler.serviceMonitor.metricRelabelings }}
+    {{ tpl (toYaml .Values.kubeScheduler.serviceMonitor.metricRelabelings | indent 4) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.kubeScheduler.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubeScheduler.serviceMonitor.relabelings | indent 4) . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-state-metrics/validate.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-state-metrics/validate.yaml
new file mode 100644
index 0000000000..9211b3d771
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kube-state-metrics/validate.yaml
@@ -0,0 +1,7 @@
+{{- if .Values.kubeStateMetrics.enabled }}
+{{- if not (kindIs "invalid" .Values.kubeStateMetrics.serviceMonitor) }}
+{{- if .Values.kubeStateMetrics.serviceMonitor.namespaceOverride }}
+{{- fail "kubeStateMetrics.serviceMonitor.namespaceOverride was removed. Please use kube-state-metrics.namespaceOverride instead." }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kubelet/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kubelet/servicemonitor.yaml
new file mode 100644
index 0000000000..f570fbfdbc
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/kubelet/servicemonitor.yaml
@@ -0,0 +1,246 @@
+{{- if (and (not .Values.kubelet.enabled) .Values.hardenedKubelet.enabled) }}
+{{ required "Cannot set .Values.hardenedKubelet.enabled=true when .Values.kubelet.enabled=false" "" }}
+{{- end }}
+{{- if (and .Values.kubelet.enabled .Values.kubernetesServiceMonitors.enabled (not .Values.hardenedKubelet.enabled) (not .Values.k3sServer.enabled)) }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-kubelet
+  {{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  namespace: {{ .Values.kubelet.namespace }}
+  {{- else }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-kubelet
+  {{- with .Values.kubelet.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  {{- include "servicemonitor.scrapeLimits" .Values.kubelet.serviceMonitor | nindent 2 }}
+  {{- with .Values.kubelet.serviceMonitor.attachMetadata }}
+  attachMetadata:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  endpoints:
+  {{- if .Values.kubelet.serviceMonitor.https }}
+  - port: https-metrics
+    scheme: https
+    {{- if .Values.kubelet.serviceMonitor.interval }}
+    interval: {{ .Values.kubelet.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    {{- end }}
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      insecureSkipVerify: true
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
+    honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
+    metricRelabelings:
+    {{- if .Values.kubelet.serviceMonitor.metricRelabelings }}
+    {{- tpl (toYaml .Values.kubelet.serviceMonitor.metricRelabelings | nindent 6) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.kubelet.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.relabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.cAdvisor }}
+  - port: https-metrics
+    scheme: https
+    path: /metrics/cadvisor
+    {{- if .Values.kubelet.serviceMonitor.interval }}
+    interval: {{ .Values.kubelet.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    {{- end }}
+    honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
+    honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      insecureSkipVerify: true
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+{{- if .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings }}
+    metricRelabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.cAdvisorRelabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.cAdvisorRelabelings | indent 4) . }}
+{{- end }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.probes }}
+  - port: https-metrics
+    scheme: https
+    path: /metrics/probes
+    {{- if .Values.kubelet.serviceMonitor.interval }}
+    interval: {{ .Values.kubelet.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    {{- end }}
+    honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
+    honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      insecureSkipVerify: true
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+{{- if .Values.kubelet.serviceMonitor.probesMetricRelabelings }}
+    metricRelabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.probesMetricRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.probesRelabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.probesRelabelings | indent 4) . }}
+{{- end }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.resource }}
+  - port: https-metrics
+    scheme: https
+    path: {{ include "kubelet.serviceMonitor.resourcePath" . }}
+    {{- if .Values.kubelet.serviceMonitor.interval }}
+    interval: {{ .Values.kubelet.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    {{- end }}
+    honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
+    honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      insecureSkipVerify: true
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+{{- if .Values.kubelet.serviceMonitor.resourceMetricRelabelings }}
+    metricRelabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.resourceMetricRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.resourceRelabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.resourceRelabelings | indent 4) . }}
+{{- end }}
+{{- end }}
+  {{- else }}
+  - port: http-metrics
+    {{- if .Values.kubelet.serviceMonitor.interval }}
+    interval: {{ .Values.kubelet.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    {{- end }}
+    honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
+    honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
+{{- if .Values.kubelet.serviceMonitor.metricRelabelings }}
+    metricRelabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.metricRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.relabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.relabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.cAdvisor }}
+  - port: http-metrics
+    path: /metrics/cadvisor
+    {{- if .Values.kubelet.serviceMonitor.interval }}
+    interval: {{ .Values.kubelet.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    {{- end }}
+    honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
+    honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
+{{- if .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings }}
+    metricRelabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.cAdvisorRelabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.cAdvisorRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.probes }}
+  - port: http-metrics
+    path: /metrics/probes
+    {{- if .Values.kubelet.serviceMonitor.interval }}
+    interval: {{ .Values.kubelet.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    {{- end }}
+    honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
+    honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
+{{- if .Values.kubelet.serviceMonitor.probesMetricRelabelings }}
+    metricRelabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.probesMetricRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.probesRelabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.probesRelabelings | indent 4) . }}
+{{- end }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.resource }}
+  - port: http-metrics
+    path: {{ include "kubelet.serviceMonitor.resourcePath" . }}
+    {{- if .Values.kubelet.serviceMonitor.interval }}
+    interval: {{ .Values.kubelet.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.kubelet.serviceMonitor.proxyUrl }}
+    {{- end }}
+    {{- if .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    scrapeTimeout: {{ .Values.kubelet.serviceMonitor.scrapeTimeout }}
+    {{- end }}
+    honorLabels: {{ .Values.kubelet.serviceMonitor.honorLabels }}
+    honorTimestamps: {{ .Values.kubelet.serviceMonitor.honorTimestamps }}
+{{- if .Values.kubelet.serviceMonitor.resourceMetricRelabelings }}
+    metricRelabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.resourceMetricRelabelings | indent 4) . }}
+{{- end }}
+{{- if .Values.kubelet.serviceMonitor.resourceRelabelings }}
+    relabelings:
+{{ tpl (toYaml .Values.kubelet.serviceMonitor.resourceRelabelings | indent 4) . }}
+{{- end }}
+{{- end }}
+{{- end }}
+  {{- end }}
+  jobLabel: k8s-app
+  namespaceSelector:
+    matchNames:
+    - {{ .Values.kubelet.namespace }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: kubelet
+      k8s-app: kubelet
+{{- end}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/node-exporter/validate.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/node-exporter/validate.yaml
new file mode 100644
index 0000000000..bdc73d6165
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/exporters/node-exporter/validate.yaml
@@ -0,0 +1,3 @@
+{{- if (and (not .Values.nodeExporter.enabled) .Values.hardenedNodeExporter.enabled) }}
+{{ required "Cannot set .Values.hardenedNodeExporter.enabled=true when .Values.nodeExporter.enabled=false" "" }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/extra-objects.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/extra-objects.yaml
new file mode 100644
index 0000000000..567f7bf329
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/extra-objects.yaml
@@ -0,0 +1,4 @@
+{{ range .Values.extraManifests }}
+---
+{{ tpl (toYaml .) $ }}
+{{ end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/configmap-dashboards.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/configmap-dashboards.yaml
new file mode 100644
index 0000000000..e719009ffe
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/configmap-dashboards.yaml
@@ -0,0 +1,24 @@
+{{- if or (and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled) .Values.grafana.forceDeployDashboards }}
+{{- $files := .Files.Glob "dashboards-1.14/*.json" }}
+{{- if $files }}
+apiVersion: v1
+kind: ConfigMapList
+items:
+{{- range $path, $fileContents := $files }}
+{{- $dashboardName := regexReplaceAll "(^.*/)(.*)\\.json$" $path "${2}" }}
+- apiVersion: v1
+  kind: ConfigMap
+  metadata:
+    name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) $dashboardName | trunc 63 | trimSuffix "-" }}
+    namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+    labels:
+      {{- if $.Values.grafana.sidecar.dashboards.label }}
+      {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+      {{- end }}
+      app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 6 }}
+  data:
+    {{ $dashboardName }}.json: {{ $.Files.Get $path | toJson }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/configmaps-datasources.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/configmaps-datasources.yaml
new file mode 100644
index 0000000000..718020d4f6
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/configmaps-datasources.yaml
@@ -0,0 +1,81 @@
+{{- if or (and .Values.grafana.enabled .Values.grafana.sidecar.datasources.enabled) .Values.grafana.forceDeployDatasources }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-grafana-datasource
+  namespace: {{ default .Values.grafana.sidecar.datasources.searchNamespace (include "kube-prometheus-stack.namespace" .) }}
+{{- if .Values.grafana.sidecar.datasources.annotations }}
+  annotations:
+    {{- toYaml .Values.grafana.sidecar.datasources.annotations | nindent 4 }}
+{{- end }}
+  labels:
+    {{ $.Values.grafana.sidecar.datasources.label }}: {{ $.Values.grafana.sidecar.datasources.labelValue | quote }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  datasource.yaml: |-
+    apiVersion: 1
+{{- if .Values.grafana.deleteDatasources }}
+    deleteDatasources:
+{{ tpl (toYaml .Values.grafana.deleteDatasources | indent 6) . }}
+{{- end }}
+    datasources:
+{{- $scrapeInterval := .Values.grafana.sidecar.datasources.defaultDatasourceScrapeInterval | default .Values.prometheus.prometheusSpec.scrapeInterval | default "30s" }}
+{{- if .Values.grafana.sidecar.datasources.defaultDatasourceEnabled }}
+    - name: Prometheus
+      type: prometheus
+      uid: {{ .Values.grafana.sidecar.datasources.uid }}
+      {{- if .Values.grafana.sidecar.datasources.url }}
+      url: {{ .Values.grafana.sidecar.datasources.url }}
+      {{- else }}
+      url: http://{{ template "kube-prometheus-stack.fullname" . }}-prometheus.{{ template "kube-prometheus-stack.namespace" . }}:{{ .Values.prometheus.service.port }}/{{ trimPrefix "/" .Values.prometheus.prometheusSpec.routePrefix }}
+      {{- end }}
+      access: proxy
+      isDefault: {{ .Values.grafana.sidecar.datasources.isDefaultDatasource }}
+      jsonData:
+        httpMethod: {{ .Values.grafana.sidecar.datasources.httpMethod }}
+        timeInterval: {{ $scrapeInterval }}
+        {{- if .Values.grafana.sidecar.datasources.timeout }}
+        timeout: {{ .Values.grafana.sidecar.datasources.timeout }}
+        {{- end }}
+{{- if .Values.grafana.sidecar.datasources.exemplarTraceIdDestinations }}
+        exemplarTraceIdDestinations:
+        - datasourceUid: {{ .Values.grafana.sidecar.datasources.exemplarTraceIdDestinations.datasourceUid }}
+          name: {{ .Values.grafana.sidecar.datasources.exemplarTraceIdDestinations.traceIdLabelName }}
+{{- end }}
+{{- if .Values.grafana.sidecar.datasources.createPrometheusReplicasDatasources }}
+{{- range until (int .Values.prometheus.prometheusSpec.replicas) }}
+    - name: Prometheus-{{ . }}
+      type: prometheus
+      uid: {{ $.Values.grafana.sidecar.datasources.uid }}-replica-{{ . }}
+      url: http://prometheus-{{ template "kube-prometheus-stack.prometheus.crname" $ }}-{{ . }}.prometheus-operated:9090/{{ trimPrefix "/" $.Values.prometheus.prometheusSpec.routePrefix }}
+      access: proxy
+      isDefault: false
+      jsonData:
+        timeInterval: {{ $scrapeInterval }}
+{{- if $.Values.grafana.sidecar.datasources.exemplarTraceIdDestinations }}
+        exemplarTraceIdDestinations:
+        - datasourceUid: {{ $.Values.grafana.sidecar.datasources.exemplarTraceIdDestinations.datasourceUid }}
+          name: {{ $.Values.grafana.sidecar.datasources.exemplarTraceIdDestinations.traceIdLabelName }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- if .Values.grafana.sidecar.datasources.alertmanager.enabled }}
+    - name: Alertmanager
+      type: alertmanager
+      uid: {{ .Values.grafana.sidecar.datasources.alertmanager.uid }}
+      {{- if .Values.grafana.sidecar.datasources.alertmanager.url }}
+      url: {{ .Values.grafana.sidecar.datasources.alertmanager.url }}
+      {{- else }}
+      url: http://{{ template "kube-prometheus-stack.fullname" . }}-alertmanager.{{ template "kube-prometheus-stack.namespace" . }}:{{ .Values.alertmanager.service.port }}/{{ trimPrefix "/" .Values.alertmanager.alertmanagerSpec.routePrefix }}
+      {{- end }}
+      access: proxy
+      jsonData:
+        handleGrafanaManagedAlerts: {{ .Values.grafana.sidecar.datasources.alertmanager.handleGrafanaManagedAlerts }}
+        implementation: {{ .Values.grafana.sidecar.datasources.alertmanager.implementation }}
+{{- end }}
+{{- end }}
+{{- if .Values.grafana.additionalDataSources }}
+{{ tpl (toYaml .Values.grafana.additionalDataSources | indent 4) . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/alertmanager-overview.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/alertmanager-overview.yaml
new file mode 100644
index 0000000000..dfc26d7ecd
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/alertmanager-overview.yaml
@@ -0,0 +1,616 @@
+{{- /*
+Generated from 'alertmanager-overview' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceMonitor.selfMonitor }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "alertmanager-overview" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  alertmanager-overview.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 1,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "30s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "current set of alerts stored in the Alertmanager",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(alertmanager_alerts{namespace=~\"$namespace\",service=~\"$service\"}) by (namespace,service,instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Alerts",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "none",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "none",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "rate of successful and invalid alerts received by the Alertmanager",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(alertmanager_alerts_received_total{namespace=~\"$namespace\",service=~\"$service\"}[$__rate_interval])) by (namespace,service,instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Received",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "sum(rate(alertmanager_alerts_invalid_total{namespace=~\"$namespace\",service=~\"$service\"}[$__rate_interval])) by (namespace,service,instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Invalid",
+                                "refId": "B"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Alerts receive rate",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Alerts",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "rate of successful and invalid notifications sent by the Alertmanager",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": "integration",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(alertmanager_notifications_total{namespace=~\"$namespace\",service=~\"$service\", integration=\"$integration\"}[$__rate_interval])) by (integration,namespace,service,instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Total",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "sum(rate(alertmanager_notifications_failed_total{namespace=~\"$namespace\",service=~\"$service\", integration=\"$integration\"}[$__rate_interval])) by (integration,namespace,service,instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Failed",
+                                "refId": "B"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "$integration: Notifications Send Rate",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "latency of notifications sent by the Alertmanager",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": "integration",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99,\n  sum(rate(alertmanager_notification_latency_seconds_bucket{namespace=~\"$namespace\",service=~\"$service\", integration=\"$integration\"}[$__rate_interval])) by (le,namespace,service,instance)\n) \n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} 99th Percentile",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "histogram_quantile(0.50,\n  sum(rate(alertmanager_notification_latency_seconds_bucket{namespace=~\"$namespace\",service=~\"$service\", integration=\"$integration\"}[$__rate_interval])) by (le,namespace,service,instance)\n) \n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Median",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "sum(rate(alertmanager_notification_latency_seconds_sum{namespace=~\"$namespace\",service=~\"$service\", integration=\"$integration\"}[$__rate_interval])) by (namespace,service,instance)\n/\nsum(rate(alertmanager_notification_latency_seconds_count{namespace=~\"$namespace\",service=~\"$service\", integration=\"$integration\"}[$__rate_interval])) by (namespace,service,instance)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Average",
+                                "refId": "C"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "$integration: Notification Duration",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Notifications",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "alertmanager-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": "namespace",
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(alertmanager_alerts, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": "service",
+                    "multi": false,
+                    "name": "service",
+                    "options": [
+
+                    ],
+                    "query": "label_values(alertmanager_alerts, service)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "all",
+                        "value": "$__all"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 2,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "integration",
+                    "options": [
+
+                    ],
+                    "query": "label_values(alertmanager_notifications_total{integration=~\".*\"}, integration)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Alertmanager / Overview",
+        "uid": "alertmanager-overview",
+        "version": 0
+    }
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/apiserver.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/apiserver.yaml
new file mode 100644
index 0000000000..bd1048b567
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/apiserver.yaml
@@ -0,0 +1,1772 @@
+{{- /*
+Generated from 'apiserver' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled .Values.kubeApiServer.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "apiserver" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  apiserver.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "panels": [
+            {
+                "content": "The SLO (service level objective) and other metrics displayed on this dashboard are for informational purposes only.",
+                "datasource": null,
+                "description": "The SLO (service level objective) and other metrics displayed on this dashboard are for informational purposes only.",
+                "gridPos": {
+                    "h": 2,
+                    "w": 24,
+                    "x": 0,
+                    "y": 0
+                },
+                "id": 2,
+                "mode": "markdown",
+                "span": 12,
+                "title": "Notice",
+                "type": "text"
+            }
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "#299c46",
+                            "rgba(237, 129, 40, 0.89)",
+                            "#d44a3a"
+                        ],
+                        "datasource": "$datasource",
+                        "decimals": 3,
+                        "description": "How many percent of requests (both read and write) in 30 days have been answered successfully and fast enough?",
+                        "format": "percentunit",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": false,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "rightSide": true
+                        },
+                        "links": [
+
+                        ],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 4,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "tableColumn": "",
+                        "targets": [
+                            {
+                                "expr": "apiserver_request:availability30d{verb=\"all\", cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "",
+                        "title": "Availability (30d) > 99.000%",
+                        "tooltip": {
+                            "shared": false
+                        },
+                        "type": "singlestat",
+                        "valueFontSize": "80%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "avg"
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "decimals": 3,
+                        "description": "How much error budget is left looking at our 0.990% availability guarantees?",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 8,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "100 * (apiserver_request:availability30d{verb=\"all\", cluster=\"$cluster\"} - 0.990000)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "errorbudget",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "ErrorBudget (30d) > 99.000%",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "decimals": 3,
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "decimals": 3,
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "#299c46",
+                            "rgba(237, 129, 40, 0.89)",
+                            "#d44a3a"
+                        ],
+                        "datasource": "$datasource",
+                        "decimals": 3,
+                        "description": "How many percent of read requests (LIST,GET) in 30 days have been answered successfully and fast enough?",
+                        "format": "percentunit",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": false,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "rightSide": true
+                        },
+                        "links": [
+
+                        ],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 3,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "tableColumn": "",
+                        "targets": [
+                            {
+                                "expr": "apiserver_request:availability30d{verb=\"read\", cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "",
+                        "title": "Read Availability (30d)",
+                        "tooltip": {
+                            "shared": false
+                        },
+                        "type": "singlestat",
+                        "valueFontSize": "80%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "avg"
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "How many read requests (LIST,GET) per second do the apiservers get by code?",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+                            {
+                                "alias": "/2../i",
+                                "color": "#56A64B"
+                            },
+                            {
+                                "alias": "/3../i",
+                                "color": "#F2CC0C"
+                            },
+                            {
+                                "alias": "/4../i",
+                                "color": "#3274D9"
+                            },
+                            {
+                                "alias": "/5../i",
+                                "color": "#E02F44"
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by (code) (code_resource:apiserver_request_total:rate5m{verb=\"read\", cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}} code {{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Read SLI - Requests",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "reqps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "reqps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "How many percent of read requests (LIST,GET) per second are returned with errors (5xx)?",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by (resource) (code_resource:apiserver_request_total:rate5m{verb=\"read\",code=~\"5..\", cluster=\"$cluster\"}) / sum by (resource) (code_resource:apiserver_request_total:rate5m{verb=\"read\", cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}} resource {{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Read SLI - Errors",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "How many seconds is the 99th percentile for reading (LIST|GET) a given resource?",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "cluster_quantile:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds:histogram_quantile{verb=\"read\", cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}} resource {{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Read SLI - Duration",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "#299c46",
+                            "rgba(237, 129, 40, 0.89)",
+                            "#d44a3a"
+                        ],
+                        "datasource": "$datasource",
+                        "decimals": 3,
+                        "description": "How many percent of write requests (POST|PUT|PATCH|DELETE) in 30 days have been answered successfully and fast enough?",
+                        "format": "percentunit",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": false,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "rightSide": true
+                        },
+                        "links": [
+
+                        ],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 3,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "tableColumn": "",
+                        "targets": [
+                            {
+                                "expr": "apiserver_request:availability30d{verb=\"write\", cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "",
+                        "title": "Write Availability (30d)",
+                        "tooltip": {
+                            "shared": false
+                        },
+                        "type": "singlestat",
+                        "valueFontSize": "80%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "avg"
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "How many write requests (POST|PUT|PATCH|DELETE) per second do the apiservers get by code?",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+                            {
+                                "alias": "/2../i",
+                                "color": "#56A64B"
+                            },
+                            {
+                                "alias": "/3../i",
+                                "color": "#F2CC0C"
+                            },
+                            {
+                                "alias": "/4../i",
+                                "color": "#3274D9"
+                            },
+                            {
+                                "alias": "/5../i",
+                                "color": "#E02F44"
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by (code) (code_resource:apiserver_request_total:rate5m{verb=\"write\", cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}} code {{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Write SLI - Requests",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "reqps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "reqps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "How many percent of write requests (POST|PUT|PATCH|DELETE) per second are returned with errors (5xx)?",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 11,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by (resource) (code_resource:apiserver_request_total:rate5m{verb=\"write\",code=~\"5..\", cluster=\"$cluster\"}) / sum by (resource) (code_resource:apiserver_request_total:rate5m{verb=\"write\", cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}} resource {{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Write SLI - Errors",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "How many seconds is the 99th percentile for writing (POST|PUT|PATCH|DELETE) a given resource?",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 12,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "cluster_quantile:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds:histogram_quantile{verb=\"write\", cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}} resource {{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Write SLI - Duration",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 13,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(workqueue_adds_total{job=\"apiserver\", instance=~\"$instance\", cluster=\"$cluster\"}[$__rate_interval])) by (instance, name)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}name{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Work Queue Add Rate",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 14,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(workqueue_depth{job=\"apiserver\", instance=~\"$instance\", cluster=\"$cluster\"}[$__rate_interval])) by (instance, name)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}name{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Work Queue Depth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 15,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(workqueue_queue_duration_seconds_bucket{job=\"apiserver\", instance=~\"$instance\", cluster=\"$cluster\"}[$__rate_interval])) by (instance, name, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}name{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Work Queue Latency",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 16,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "process_resident_memory_bytes{job=\"apiserver\",instance=~\"$instance\", cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 17,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(process_cpu_seconds_total{job=\"apiserver\",instance=~\"$instance\", cluster=\"$cluster\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 18,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "go_goroutines{job=\"apiserver\",instance=~\"$instance\", cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Goroutines",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": "cluster",
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"apiserver\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"apiserver\", cluster=\"$cluster\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / API server",
+        "uid": "09ec8aa1e996d6ffcd6817bbaff4db1b",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/cluster-total.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/cluster-total.yaml
new file mode 100644
index 0000000000..f4be0bbd45
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/cluster-total.yaml
@@ -0,0 +1,1882 @@
+{{- /*
+Generated from 'cluster-total' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "cluster-total" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  cluster-total.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+                {
+                    "builtIn": 1,
+                    "datasource": "-- Grafana --",
+                    "enable": true,
+                    "hide": true,
+                    "iconColor": "rgba(0, 211, 255, 1)",
+                    "name": "Annotations & Alerts",
+                    "type": "dashboard"
+                }
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "panels": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 0
+                },
+                "id": 2,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": true,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 1
+                },
+                "id": 3,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "sort": "current",
+                    "sortDesc": true,
+                    "total": false,
+                    "values": true
+                },
+                "lines": false,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 24,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Received",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "series",
+                    "name": null,
+                    "show": false,
+                    "values": [
+                        "current"
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": true,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 1
+                },
+                "id": 4,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "sort": "current",
+                    "sortDesc": true,
+                    "total": false,
+                    "values": true
+                },
+                "lines": false,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 24,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Transmitted",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "series",
+                    "name": null,
+                    "show": false,
+                    "values": [
+                        "current"
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "columns": [
+                    {
+                        "text": "Time",
+                        "value": "Time"
+                    },
+                    {
+                        "text": "Value #A",
+                        "value": "Value #A"
+                    },
+                    {
+                        "text": "Value #B",
+                        "value": "Value #B"
+                    },
+                    {
+                        "text": "Value #C",
+                        "value": "Value #C"
+                    },
+                    {
+                        "text": "Value #D",
+                        "value": "Value #D"
+                    },
+                    {
+                        "text": "Value #E",
+                        "value": "Value #E"
+                    },
+                    {
+                        "text": "Value #F",
+                        "value": "Value #F"
+                    },
+                    {
+                        "text": "Value #G",
+                        "value": "Value #G"
+                    },
+                    {
+                        "text": "Value #H",
+                        "value": "Value #H"
+                    },
+                    {
+                        "text": "namespace",
+                        "value": "namespace"
+                    }
+                ],
+                "datasource": "$datasource",
+                "fill": 1,
+                "fontSize": "90%",
+                "gridPos": {
+                    "h": 9,
+                    "w": 24,
+                    "x": 0,
+                    "y": 10
+                },
+                "id": 5,
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null as zero",
+                "renderer": "flot",
+                "scroll": true,
+                "showHeader": true,
+                "sort": {
+                    "col": 0,
+                    "desc": false
+                },
+                "spaceLength": 10,
+                "span": 24,
+                "styles": [
+                    {
+                        "alias": "Time",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Time",
+                        "thresholds": [
+
+                        ],
+                        "type": "hidden",
+                        "unit": "short"
+                    },
+                    {
+                        "alias": "Current Bandwidth Received",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #A",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Current Bandwidth Transmitted",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #B",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Average Bandwidth Received",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #C",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Average Bandwidth Transmitted",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #D",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Rate of Received Packets",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #E",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Transmitted Packets",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #F",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Received Packets Dropped",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #G",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Transmitted Packets Dropped",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #H",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Namespace",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": true,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "d/8b7a8b326d7a6f1f04244066368c67af/kubernetes-networking-namespace-pods?orgId=1&refresh=30s&var-namespace=$__cell",
+                        "pattern": "namespace",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "short"
+                    }
+                ],
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "A",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "B",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(avg(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "C",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(avg(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "D",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_packets_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "E",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_packets_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "F",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_packets_dropped_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "G",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_packets_dropped_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "H",
+                        "step": 10
+                    }
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Status",
+                "type": "table"
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 10
+                },
+                "id": 6,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": true,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 0,
+                            "y": 11
+                        },
+                        "id": 7,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "sort": "current",
+                            "sortDesc": true,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": false,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "null",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(avg(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Rate of Bytes Received",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "series",
+                            "name": null,
+                            "show": false,
+                            "values": [
+                                "current"
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": true,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 12,
+                            "y": 11
+                        },
+                        "id": 8,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "sort": "current",
+                            "sortDesc": true,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": false,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "null",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(avg(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Rate of Bytes Transmitted",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "series",
+                            "name": null,
+                            "show": false,
+                            "values": [
+                                "current"
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Average Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 11
+                },
+                "id": 9,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth History",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 24,
+                    "x": 0,
+                    "y": 12
+                },
+                "id": 10,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": true,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": true,
+                    "min": true,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 24,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Receive Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 24,
+                    "x": 0,
+                    "y": 21
+                },
+                "id": 11,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": true,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": true,
+                    "min": true,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 24,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Transmit Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 30
+                },
+                "id": 12,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 24,
+                            "x": 0,
+                            "y": 31
+                        },
+                        "id": 13,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": true,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": true,
+                            "min": true,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_receive_packets_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 24,
+                            "x": 0,
+                            "y": 40
+                        },
+                        "id": 14,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": true,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": true,
+                            "min": true,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_transmit_packets_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Packets",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 31
+                },
+                "id": 15,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 24,
+                            "x": 0,
+                            "y": 50
+                        },
+                        "id": 16,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": true,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": true,
+                            "min": true,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_receive_packets_dropped_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 24,
+                            "x": 0,
+                            "y": 59
+                        },
+                        "id": 17,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": true,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": true,
+                            "min": true,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_transmit_packets_dropped_total{cluster=\"$cluster\",namespace=~\".+\"}[$interval:$resolution])) by (namespace))",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 24,
+                            "x": 0,
+                            "y": 59
+                        },
+                        "id": 18,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": true,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": true,
+                            "min": true,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+                            {
+                                "targetBlank": true,
+                                "title": "What is TCP Retransmit?",
+                                "url": "https://accedian.com/enterprises/blog/network-packet-loss-retransmissions-and-duplicate-acknowledgements/"
+                            }
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(rate(node_netstat_Tcp_RetransSegs{cluster=\"$cluster\"}[$interval:$resolution]) / rate(node_netstat_Tcp_OutSegs{cluster=\"$cluster\"}[$interval:$resolution])) by (instance))",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of TCP Retransmits out of all sent segments",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 24,
+                            "x": 0,
+                            "y": 59
+                        },
+                        "id": 19,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": true,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": true,
+                            "min": true,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+                            {
+                                "targetBlank": true,
+                                "title": "Why monitor SYN retransmits?",
+                                "url": "https://github.com/prometheus/node_exporter/issues/1023#issuecomment-408128365"
+                            }
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(rate(node_netstat_TcpExt_TCPSynRetrans{cluster=\"$cluster\"}[$interval:$resolution]) / rate(node_netstat_Tcp_RetransSegs{cluster=\"$cluster\"}[$interval:$resolution])) by (instance))",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of TCP SYN Retransmits out of all retransmits",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Errors",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "refresh": "10s",
+        "rows": [
+
+        ],
+        "schemaVersion": 18,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "resolution",
+                    "options": [
+                        {
+                            "selected": false,
+                            "text": "30s",
+                            "value": "30s"
+                        },
+                        {
+                            "selected": true,
+                            "text": "5m",
+                            "value": "5m"
+                        },
+                        {
+                            "selected": false,
+                            "text": "1h",
+                            "value": "1h"
+                        }
+                    ],
+                    "query": "30s,5m,1h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 2,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "interval",
+                    "options": [
+                        {
+                            "selected": true,
+                            "text": "4h",
+                            "value": "4h"
+                        }
+                    ],
+                    "query": "4h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                },
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Networking / Cluster",
+        "uid": "ff635a025bcfea7bc3dd4f508990a3e9",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/controller-manager.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/controller-manager.yaml
new file mode 100644
index 0000000000..8d420d7a4f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/controller-manager.yaml
@@ -0,0 +1,1196 @@
+{{- /*
+Generated from 'controller-manager' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+{{- if (include "exporter.kubeControllerManager.enabled" .)}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "controller-manager" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  controller-manager.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "#299c46",
+                            "rgba(237, 129, 40, 0.89)",
+                            "#d44a3a"
+                        ],
+                        "datasource": "$datasource",
+                        "format": "none",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": false,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "rightSide": true
+                        },
+                        "links": [
+
+                        ],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 2,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "tableColumn": "",
+                        "targets": [
+                            {
+                                {{- if .Values.k3sServer.enabled  }}
+                                "expr": "sum(up{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", metrics_path=\"/metrics\"})",
+                                {{- else }}
+                                "expr": "sum(up{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\"})",
+                                {{- end }}
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "",
+                        "title": "Up",
+                        "tooltip": {
+                            "shared": false
+                        },
+                        "type": "singlestat",
+                        "valueFontSize": "80%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "min"
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 10,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(workqueue_adds_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance, name)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} {{`{{`}}name{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Work Queue Add Rate",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(workqueue_depth{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance, name)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} {{`{{`}}name{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Work Queue Depth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(workqueue_queue_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance, name, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} {{`{{`}}name{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Work Queue Latency",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\",code=~\"2..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "2xx",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\",code=~\"3..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "3xx",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\",code=~\"4..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "4xx",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\",code=~\"5..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "5xx",
+                                "refId": "D"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Kube API Request Rate",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 8,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\", verb=\"POST\"}[$__rate_interval])) by (verb, url, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}verb{{`}}`}} {{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Post Request Latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\", instance=~\"$instance\", verb=\"GET\"}[$__rate_interval])) by (verb, url, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}verb{{`}}`}} {{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Get Request Latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "process_resident_memory_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\",instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(process_cpu_seconds_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\",instance=~\"$instance\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 11,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "go_goroutines{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\",instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Goroutines",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": "cluster",
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{cluster=\"$cluster\", job=\"{{ include "exporter.kubeControllerManager.jobName" . }}\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Controller Manager",
+        "uid": "72e0e05bef5099e5f049b05fdc429ed4",
+        "version": 0
+    }
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/etcd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/etcd.yaml
new file mode 100644
index 0000000000..0eeedc6299
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/etcd.yaml
@@ -0,0 +1,1229 @@
+{{- /*
+Generated from 'etcd' from https://github.com/etcd-io/etcd.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+{{- if (include "exporter.kubeEtcd.enabled" .)}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "etcd" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  etcd.json: |-
+    {
+        "annotations": {
+            "list": []
+        },
+        "description": "etcd sample Grafana dashboard with Prometheus",
+        "editable": true,
+        "gnetId": null,
+        "hideControls": false,
+        "links": [],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "editable": true,
+                "height": "250px",
+                "panels": [
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "rgba(245, 54, 54, 0.9)",
+                            "rgba(237, 129, 40, 0.89)",
+                            "rgba(50, 172, 45, 0.97)"
+                        ],
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "format": "none",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": false,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "id": 28,
+                        "interval": null,
+                        "isNew": true,
+                        "links": [],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 3,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "targets": [
+                            {
+                                "expr": "sum(etcd_server_has_leader{job=\"$cluster\"})",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "metric": "etcd_server_has_leader",
+                                "refId": "A",
+                                "step": 20
+                            }
+                        ],
+                        "thresholds": "",
+                        "title": "Up",
+                        "type": "singlestat",
+                        "valueFontSize": "200%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "avg"
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "id": 23,
+                        "isNew": true,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 5,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(grpc_server_started_total{job=\"$cluster\",grpc_type=\"unary\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "RPC Rate",
+                                "metric": "grpc_server_started_total",
+                                "refId": "A",
+                                "step": 2
+                            },
+                            {
+                                "expr": "sum(rate(grpc_server_handled_total{job=\"$cluster\",grpc_type=\"unary\",grpc_code=~\"Unknown|FailedPrecondition|ResourceExhausted|Internal|Unavailable|DataLoss|DeadlineExceeded\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "RPC Failed Rate",
+                                "metric": "grpc_server_handled_total",
+                                "refId": "B",
+                                "step": 2
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "RPC Rate",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "id": 41,
+                        "isNew": true,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 4,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(grpc_server_started_total{job=\"$cluster\",grpc_service=\"etcdserverpb.Watch\",grpc_type=\"bidi_stream\"}) - sum(grpc_server_handled_total{job=\"$cluster\",grpc_service=\"etcdserverpb.Watch\",grpc_type=\"bidi_stream\"})",
+                                "intervalFactor": 2,
+                                "legendFormat": "Watch Streams",
+                                "metric": "grpc_server_handled_total",
+                                "refId": "A",
+                                "step": 4
+                            },
+                            {
+                                "expr": "sum(grpc_server_started_total{job=\"$cluster\",grpc_service=\"etcdserverpb.Lease\",grpc_type=\"bidi_stream\"}) - sum(grpc_server_handled_total{job=\"$cluster\",grpc_service=\"etcdserverpb.Lease\",grpc_type=\"bidi_stream\"})",
+                                "intervalFactor": 2,
+                                "legendFormat": "Lease Streams",
+                                "metric": "grpc_server_handled_total",
+                                "refId": "B",
+                                "step": 4
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Active Streams",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": "",
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "showTitle": false,
+                "title": "Row"
+            },
+            {
+                "collapse": false,
+                "editable": true,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "decimals": null,
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "grid": {},
+                        "id": 1,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "etcd_mvcc_db_total_size_in_bytes{job=\"$cluster\"}",
+                                "hide": false,
+                                "interval": "",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} DB Size",
+                                "metric": "",
+                                "refId": "A",
+                                "step": 4
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "DB Size",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "cumulative"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "grid": {},
+                        "id": 3,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 1,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": true,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(etcd_disk_wal_fsync_duration_seconds_bucket{job=\"$cluster\"}[$__rate_interval])) by (instance, le))",
+                                "hide": false,
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} WAL fsync",
+                                "metric": "etcd_disk_wal_fsync_duration_seconds_bucket",
+                                "refId": "A",
+                                "step": 4
+                            },
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(etcd_disk_backend_commit_duration_seconds_bucket{job=\"$cluster\"}[$__rate_interval])) by (instance, le))",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} DB fsync",
+                                "metric": "etcd_disk_backend_commit_duration_seconds_bucket",
+                                "refId": "B",
+                                "step": 4
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk Sync Duration",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "cumulative"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "id": 29,
+                        "isNew": true,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "process_resident_memory_bytes{job=\"$cluster\"}",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Resident Memory",
+                                "metric": "process_resident_memory_bytes",
+                                "refId": "A",
+                                "step": 4
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "title": "New row"
+            },
+            {
+                "collapse": false,
+                "editable": true,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "fill": 5,
+                        "id": 22,
+                        "isNew": true,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 3,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(etcd_network_client_grpc_received_bytes_total{job=\"$cluster\"}[$__rate_interval])",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Client Traffic In",
+                                "metric": "etcd_network_client_grpc_received_bytes_total",
+                                "refId": "A",
+                                "step": 4
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Client Traffic In",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "fill": 5,
+                        "id": 21,
+                        "isNew": true,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 3,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(etcd_network_client_grpc_sent_bytes_total{job=\"$cluster\"}[$__rate_interval])",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Client Traffic Out",
+                                "metric": "etcd_network_client_grpc_sent_bytes_total",
+                                "refId": "A",
+                                "step": 4
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Client Traffic Out",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "id": 20,
+                        "isNew": true,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(etcd_network_peer_received_bytes_total{job=\"$cluster\"}[$__rate_interval])) by (instance)",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Peer Traffic In",
+                                "metric": "etcd_network_peer_received_bytes_total",
+                                "refId": "A",
+                                "step": 4
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Peer Traffic In",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "decimals": null,
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "grid": {},
+                        "id": 16,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(etcd_network_peer_sent_bytes_total{job=\"$cluster\"}[$__rate_interval])) by (instance)",
+                                "hide": false,
+                                "interval": "",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Peer Traffic Out",
+                                "metric": "etcd_network_peer_sent_bytes_total",
+                                "refId": "A",
+                                "step": 4
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Peer Traffic Out",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "cumulative"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "title": "New row"
+            },
+            {
+                "collapse": false,
+                "editable": true,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "id": 40,
+                        "isNew": true,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(etcd_server_proposals_failed_total{job=\"$cluster\"}[$__rate_interval]))",
+                                "intervalFactor": 2,
+                                "legendFormat": "Proposal Failure Rate",
+                                "metric": "etcd_server_proposals_failed_total",
+                                "refId": "A",
+                                "step": 2
+                            },
+                            {
+                                "expr": "sum(etcd_server_proposals_pending{job=\"$cluster\"})",
+                                "intervalFactor": 2,
+                                "legendFormat": "Proposal Pending Total",
+                                "metric": "etcd_server_proposals_pending",
+                                "refId": "B",
+                                "step": 2
+                            },
+                            {
+                                "expr": "sum(rate(etcd_server_proposals_committed_total{job=\"$cluster\"}[$__rate_interval]))",
+                                "intervalFactor": 2,
+                                "legendFormat": "Proposal Commit Rate",
+                                "metric": "etcd_server_proposals_committed_total",
+                                "refId": "C",
+                                "step": 2
+                            },
+                            {
+                                "expr": "sum(rate(etcd_server_proposals_applied_total{job=\"$cluster\"}[$__rate_interval]))",
+                                "intervalFactor": 2,
+                                "legendFormat": "Proposal Apply Rate",
+                                "refId": "D",
+                                "step": 2
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Raft Proposals",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": "",
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "datasource": "$datasource",
+                        "decimals": 0,
+                        "editable": true,
+                        "error": false,
+                        "fill": 0,
+                        "id": 19,
+                        "isNew": true,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "changes(etcd_server_leader_changes_seen_total{job=\"$cluster\"}[1d])",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Total Leader Elections Per Day",
+                                "metric": "etcd_server_leader_changes_seen_total",
+                                "refId": "A",
+                                "step": 2
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Total Leader Elections Per Day",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {},
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "decimals": 0,
+                        "editable": true,
+                        "error": false,
+                        "fieldConfig": {
+                            "defaults": {
+                                "custom": {}
+                            },
+                            "overrides": []
+                        },
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 7,
+                            "w": 12,
+                            "x": 0,
+                            "y": 28
+                        },
+                        "hiddenSeries": false,
+                        "id": 42,
+                        "isNew": true,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [],
+                        "nullPointMode": "connected",
+                        "options": {
+                            "alertThreshold": true
+                        },
+                        "percentage": false,
+                        "pluginVersion": "7.4.3",
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [],
+                        "spaceLength": 10,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum by (instance, le) (rate(etcd_network_peer_round_trip_time_seconds_bucket{job=\"$cluster\"}[$__rate_interval])))",
+                                "interval": "",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Peer round trip time",
+                                "metric": "etcd_network_peer_round_trip_time_seconds_bucket",
+                                "refId": "A",
+                                "step": 2
+                            }
+                        ],
+                        "thresholds": [],
+                        "timeFrom": null,
+                        "timeRegions": [],
+                        "timeShift": null,
+                        "title": "Peer round trip time",
+                        "tooltip": {
+                            "msResolution": false,
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": []
+                        },
+                        "yaxes": [
+                            {
+                                "$$hashKey": "object:925",
+                                "decimals": null,
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "$$hashKey": "object:926",
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ],
+                        "yaxis": {
+                            "align": false,
+                            "alignLevel": null
+                        }
+                    }
+                ],
+                "title": "New row"
+            }
+        ],
+        "schemaVersion": 13,
+        "sharedCrosshair": false,
+        "style": "dark",
+        "tags": [
+            "etcd-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "prod",
+                        "value": "prod"
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if (or .Values.grafana.sidecar.dashboards.multicluster.global.enabled .Values.grafana.sidecar.dashboards.multicluster.etcd.enabled) }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": "cluster",
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [],
+                    "query": "label_values(etcd_server_has_leader, job)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 2,
+                    "tagValuesQuery": "",
+                    "tags": [],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-15m",
+            "to": "now"
+        },
+        "timepicker": {
+            "now": true,
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "etcd",
+        "uid": "c2f4e12cdf69feb95caa41a5a1b423d9",
+        "version": 215
+    }
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/grafana-overview.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/grafana-overview.yaml
new file mode 100644
index 0000000000..d2609140cf
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/grafana-overview.yaml
@@ -0,0 +1,635 @@
+{{- /*
+Generated from 'grafana-overview' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "grafana-overview" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  grafana-overview.json: |-
+    {
+        "annotations": {
+            "list": [
+                {
+                    "builtIn": 1,
+                    "datasource": "-- Grafana --",
+                    "enable": true,
+                    "hide": true,
+                    "iconColor": "rgba(0, 211, 255, 1)",
+                    "name": "Annotations & Alerts",
+                    "target": {
+                        "limit": 100,
+                        "matchAny": false,
+                        "tags": [
+
+                        ],
+                        "type": "dashboard"
+                    },
+                    "type": "dashboard"
+                }
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "id": 3085,
+        "iteration": 1631554945276,
+        "links": [
+
+        ],
+        "panels": [
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "mappings": [
+
+                        ],
+                        "noValue": "0",
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+                                {
+                                    "color": "green",
+                                    "value": null
+                                },
+                                {
+                                    "color": "red",
+                                    "value": 80
+                                }
+                            ]
+                        }
+                    },
+                    "overrides": [
+
+                    ]
+                },
+                "gridPos": {
+                    "h": 5,
+                    "w": 6,
+                    "x": 0,
+                    "y": 0
+                },
+                "id": 6,
+                "options": {
+                    "colorMode": "value",
+                    "graphMode": "area",
+                    "justifyMode": "auto",
+                    "orientation": "auto",
+                    "reduceOptions": {
+                        "calcs": [
+                            "mean"
+                        ],
+                        "fields": "",
+                        "values": false
+                    },
+                    "text": {
+
+                    },
+                    "textMode": "auto"
+                },
+                "pluginVersion": "8.1.3",
+                "targets": [
+                    {
+                        "expr": "grafana_alerting_result_total{job=~\"$job\", instance=~\"$instance\", state=\"alerting\"}",
+                        "instant": true,
+                        "interval": "",
+                        "legendFormat": "",
+                        "refId": "A"
+                    }
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Firing Alerts",
+                "type": "stat"
+            },
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "mappings": [
+
+                        ],
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+                                {
+                                    "color": "green",
+                                    "value": null
+                                },
+                                {
+                                    "color": "red",
+                                    "value": 80
+                                }
+                            ]
+                        }
+                    },
+                    "overrides": [
+
+                    ]
+                },
+                "gridPos": {
+                    "h": 5,
+                    "w": 6,
+                    "x": 6,
+                    "y": 0
+                },
+                "id": 8,
+                "options": {
+                    "colorMode": "value",
+                    "graphMode": "area",
+                    "justifyMode": "auto",
+                    "orientation": "auto",
+                    "reduceOptions": {
+                        "calcs": [
+                            "mean"
+                        ],
+                        "fields": "",
+                        "values": false
+                    },
+                    "text": {
+
+                    },
+                    "textMode": "auto"
+                },
+                "pluginVersion": "8.1.3",
+                "targets": [
+                    {
+                        "expr": "sum(grafana_stat_totals_dashboard{job=~\"$job\", instance=~\"$instance\"})",
+                        "interval": "",
+                        "legendFormat": "",
+                        "refId": "A"
+                    }
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Dashboards",
+                "type": "stat"
+            },
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "custom": {
+                            "align": null,
+                            "displayMode": "auto"
+                        },
+                        "mappings": [
+
+                        ],
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+                                {
+                                    "color": "green",
+                                    "value": null
+                                },
+                                {
+                                    "color": "red",
+                                    "value": 80
+                                }
+                            ]
+                        }
+                    },
+                    "overrides": [
+
+                    ]
+                },
+                "gridPos": {
+                    "h": 5,
+                    "w": 12,
+                    "x": 12,
+                    "y": 0
+                },
+                "id": 10,
+                "options": {
+                    "showHeader": true
+                },
+                "pluginVersion": "8.1.3",
+                "targets": [
+                    {
+                        "expr": "grafana_build_info{job=~\"$job\", instance=~\"$instance\"}",
+                        "instant": true,
+                        "interval": "",
+                        "legendFormat": "",
+                        "refId": "A"
+                    }
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Build Info",
+                "transformations": [
+                    {
+                        "id": "labelsToFields",
+                        "options": {
+
+                        }
+                    },
+                    {
+                        "id": "organize",
+                        "options": {
+                            "excludeByName": {
+                                "Time": true,
+                                "Value": true,
+                                "branch": true,
+                                "container": true,
+                                "goversion": true,
+                                "namespace": true,
+                                "pod": true,
+                                "revision": true
+                            },
+                            "indexByName": {
+                                "Time": 7,
+                                "Value": 11,
+                                "branch": 4,
+                                "container": 8,
+                                "edition": 2,
+                                "goversion": 6,
+                                "instance": 1,
+                                "job": 0,
+                                "namespace": 9,
+                                "pod": 10,
+                                "revision": 5,
+                                "version": 3
+                            },
+                            "renameByName": {
+
+                            }
+                        }
+                    }
+                ],
+                "type": "table"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "links": [
+
+                        ]
+                    },
+                    "overrides": [
+
+                    ]
+                },
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 8,
+                    "w": 12,
+                    "x": 0,
+                    "y": 5
+                },
+                "hiddenSeries": false,
+                "id": 2,
+                "legend": {
+                    "avg": false,
+                    "current": false,
+                    "max": false,
+                    "min": false,
+                    "show": true,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 1,
+                "nullPointMode": "null",
+                "options": {
+                    "alertThreshold": true
+                },
+                "percentage": false,
+                "pluginVersion": "8.1.3",
+                "pointradius": 2,
+                "points": false,
+                "renderer": "flot",
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum by (status_code) (irate(grafana_http_request_duration_seconds_count{job=~\"$job\", instance=~\"$instance\"}[1m])) ",
+                        "interval": "",
+                        "legendFormat": "{{`{{`}}status_code{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeRegions": [
+
+                ],
+                "timeShift": null,
+                "title": "RPS",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "$$hashKey": "object:157",
+                        "format": "reqps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "$$hashKey": "object:158",
+                        "format": "short",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": false
+                    }
+                ],
+                "yaxis": {
+                    "align": false,
+                    "alignLevel": null
+                }
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "links": [
+
+                        ]
+                    },
+                    "overrides": [
+
+                    ]
+                },
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 8,
+                    "w": 12,
+                    "x": 12,
+                    "y": 5
+                },
+                "hiddenSeries": false,
+                "id": 4,
+                "legend": {
+                    "avg": false,
+                    "current": false,
+                    "max": false,
+                    "min": false,
+                    "show": true,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 1,
+                "nullPointMode": "null",
+                "options": {
+                    "alertThreshold": true
+                },
+                "percentage": false,
+                "pluginVersion": "8.1.3",
+                "pointradius": 2,
+                "points": false,
+                "renderer": "flot",
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "exemplar": true,
+                        "expr": "histogram_quantile(0.99, sum(irate(grafana_http_request_duration_seconds_bucket{instance=~\"$instance\", job=~\"$job\"}[$__rate_interval])) by (le)) * 1",
+                        "interval": "",
+                        "legendFormat": "99th Percentile",
+                        "refId": "A"
+                    },
+                    {
+                        "exemplar": true,
+                        "expr": "histogram_quantile(0.50, sum(irate(grafana_http_request_duration_seconds_bucket{instance=~\"$instance\", job=~\"$job\"}[$__rate_interval])) by (le)) * 1",
+                        "interval": "",
+                        "legendFormat": "50th Percentile",
+                        "refId": "B"
+                    },
+                    {
+                        "exemplar": true,
+                        "expr": "sum(irate(grafana_http_request_duration_seconds_sum{instance=~\"$instance\", job=~\"$job\"}[$__rate_interval])) * 1 / sum(irate(grafana_http_request_duration_seconds_count{instance=~\"$instance\", job=~\"$job\"}[$__rate_interval]))",
+                        "interval": "",
+                        "legendFormat": "Average",
+                        "refId": "C"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeRegions": [
+
+                ],
+                "timeShift": null,
+                "title": "Request Latency",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "$$hashKey": "object:210",
+                        "format": "ms",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "$$hashKey": "object:211",
+                        "format": "short",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ],
+                "yaxis": {
+                    "align": false,
+                    "alignLevel": null
+                }
+            }
+        ],
+        "schemaVersion": 30,
+        "style": "dark",
+        "tags": [
+
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "description": null,
+                    "error": null,
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": "Data Source",
+                    "multi": false,
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "queryValue": "",
+                    "refresh": 1,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "type": "datasource"
+                },
+                {
+                    "allValue": ".*",
+                    "current": {
+                        "selected": false,
+                        "text": [
+                            "default/grafana"
+                        ],
+                        "value": [
+                            "default/grafana"
+                        ]
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(grafana_build_info, job)",
+                    "description": null,
+                    "error": null,
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": true,
+                    "name": "job",
+                    "options": [
+
+                    ],
+                    "query": {
+                        "query": "label_values(grafana_build_info, job)",
+                        "refId": "Billing Admin-job-Variable-Query"
+                    },
+                    "refresh": 1,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": ".*",
+                    "current": {
+                        "selected": false,
+                        "text": "All",
+                        "value": "$__all"
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(grafana_build_info, instance)",
+                    "description": null,
+                    "error": null,
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": true,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": {
+                        "query": "label_values(grafana_build_info, instance)",
+                        "refId": "Billing Admin-instance-Variable-Query"
+                    },
+                    "refresh": 1,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-6h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Grafana Overview",
+        "uid": "6be0s85Mk",
+        "version": 2
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-coredns.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-coredns.yaml
new file mode 100644
index 0000000000..7ecca76f23
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-coredns.yaml
@@ -0,0 +1,1534 @@
+{{- /*
+Generated from 'k8s-coredns' from ../files/dashboards/k8s-coredns.json
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled .Values.coreDns.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-coredns" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-coredns.json: |-
+    {
+      "annotations": {
+        "list": [
+          {
+            "builtIn": 1,
+            "datasource": "-- Grafana --",
+            "enable": true,
+            "hide": true,
+            "iconColor": "rgba(0, 211, 255, 1)",
+            "name": "Annotations & Alerts",
+            "type": "dashboard"
+          }
+        ]
+      },
+      "description": "A dashboard for the CoreDNS DNS server with updated metrics for version 1.7.0+.  Based on the CoreDNS dashboard by buhay.",
+      "editable": true,
+      "gnetId": 12539,
+      "graphTooltip": 0,
+      "iteration": 1603798405693,
+      "links": [
+        {
+          "icon": "external link",
+          "tags": [],
+          "targetBlank": true,
+          "title": "CoreDNS.io",
+          "type": "link",
+          "url": "https://coredns.io"
+        }
+      ],
+      "panels": [
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": [],
+              "mappings": [],
+              "thresholds": {
+                "mode": "absolute",
+                "steps": [
+                  {
+                    "color": "green",
+                    "value": null
+                  },
+                  {
+                    "color": "red",
+                    "value": 80
+                  }
+                ]
+              }
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 8,
+            "x": 0,
+            "y": 0
+          },
+          "hiddenSeries": false,
+          "id": 2,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "total",
+              "yaxis": 2
+            }
+          ],
+          "spaceLength": 10,
+          "stack": true,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "sum(rate(coredns_dns_request_count_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (proto) or\nsum(rate(coredns_dns_requests_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (proto)",
+              "format": "time_series",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}",
+              "refId": "A",
+              "step": 60
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Requests (total)",
+          "tooltip": {
+            "shared": true,
+            "sort": 2,
+            "value_type": "individual"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 8,
+            "x": 8,
+            "y": 0
+          },
+          "hiddenSeries": false,
+          "id": 4,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "total",
+              "yaxis": 2
+            },
+            {
+              "alias": "other",
+              "yaxis": 2
+            }
+          ],
+          "spaceLength": 10,
+          "stack": true,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "sum(rate(coredns_dns_request_type_count_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (type) or \nsum(rate(coredns_dns_requests_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (type)",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{type}}"}}",
+              "refId": "A",
+              "step": 60
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Requests (by qtype)",
+          "tooltip": {
+            "shared": true,
+            "sort": 2,
+            "value_type": "individual"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 8,
+            "x": 16,
+            "y": 0
+          },
+          "hiddenSeries": false,
+          "id": 6,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "total",
+              "yaxis": 2
+            }
+          ],
+          "spaceLength": 10,
+          "stack": true,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "sum(rate(coredns_dns_request_count_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (zone) or\nsum(rate(coredns_dns_requests_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (zone)",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{zone}}"}}",
+              "refId": "A",
+              "step": 60
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Requests (by zone)",
+          "tooltip": {
+            "shared": true,
+            "sort": 2,
+            "value_type": "individual"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 12,
+            "x": 0,
+            "y": 7
+          },
+          "hiddenSeries": false,
+          "id": 8,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "total",
+              "yaxis": 2
+            }
+          ],
+          "spaceLength": 10,
+          "stack": false,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "sum(rate(coredns_dns_request_do_count_total{job=\"coredns\",instance=~\"$instance\"}[5m])) or\nsum(rate(coredns_dns_do_requests_total{job=\"coredns\",instance=~\"$instance\"}[5m]))",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "DO",
+              "refId": "A",
+              "step": 40
+            },
+            {
+              "expr": "sum(rate(coredns_dns_request_count_total{job=\"coredns\",instance=~\"$instance\"}[5m])) or\nsum(rate(coredns_dns_requests_total{job=\"coredns\",instance=~\"$instance\"}[5m]))",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "total",
+              "refId": "B",
+              "step": 40
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Requests (DO bit)",
+          "tooltip": {
+            "shared": true,
+            "sort": 2,
+            "value_type": "cumulative"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": null,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 6,
+            "x": 12,
+            "y": 7
+          },
+          "hiddenSeries": false,
+          "id": 10,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "tcp:90",
+              "yaxis": 2
+            },
+            {
+              "alias": "tcp:99 ",
+              "yaxis": 2
+            },
+            {
+              "alias": "tcp:50",
+              "yaxis": 2
+            }
+          ],
+          "spaceLength": 10,
+          "stack": false,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "histogram_quantile(0.99, sum(rate(coredns_dns_request_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto))",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:99 ",
+              "refId": "A",
+              "step": 60
+            },
+            {
+              "expr": "histogram_quantile(0.90, sum(rate(coredns_dns_request_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto))",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:90",
+              "refId": "B",
+              "step": 60
+            },
+            {
+              "expr": "histogram_quantile(0.50, sum(rate(coredns_dns_request_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto))",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:50",
+              "refId": "C",
+              "step": 60
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Requests (size, udp)",
+          "tooltip": {
+            "shared": true,
+            "sort": 0,
+            "value_type": "cumulative"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "bytes",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "short",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 6,
+            "x": 18,
+            "y": 7
+          },
+          "hiddenSeries": false,
+          "id": 12,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "tcp:90",
+              "yaxis": 1
+            },
+            {
+              "alias": "tcp:99 ",
+              "yaxis": 1
+            },
+            {
+              "alias": "tcp:50",
+              "yaxis": 1
+            }
+          ],
+          "spaceLength": 10,
+          "stack": false,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "histogram_quantile(0.99, sum(rate(coredns_dns_request_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le,proto))",
+              "format": "time_series",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:99 ",
+              "refId": "A",
+              "step": 60
+            },
+            {
+              "expr": "histogram_quantile(0.90, sum(rate(coredns_dns_request_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le,proto))",
+              "format": "time_series",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:90",
+              "refId": "B",
+              "step": 60
+            },
+            {
+              "expr": "histogram_quantile(0.50, sum(rate(coredns_dns_request_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le,proto))",
+              "format": "time_series",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:50",
+              "refId": "C",
+              "step": 60
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Requests (size,tcp)",
+          "tooltip": {
+            "shared": true,
+            "sort": 0,
+            "value_type": "cumulative"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "bytes",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "short",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 12,
+            "x": 0,
+            "y": 14
+          },
+          "hiddenSeries": false,
+          "id": 14,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [],
+          "spaceLength": 10,
+          "stack": true,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "sum(rate(coredns_dns_response_rcode_count_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (rcode) or\nsum(rate(coredns_dns_responses_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (rcode)",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{rcode}}"}}",
+              "refId": "A",
+              "step": 40
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Responses (by rcode)",
+          "tooltip": {
+            "shared": true,
+            "sort": 2,
+            "value_type": "individual"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "short",
+              "logBase": 1,
+              "max": null,
+              "min": null,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 12,
+            "x": 12,
+            "y": 14
+          },
+          "hiddenSeries": false,
+          "id": 32,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [],
+          "spaceLength": 10,
+          "stack": false,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "histogram_quantile(0.99, sum(rate(coredns_dns_request_duration_seconds_bucket{job=\"coredns\",instance=~\"$instance\"}[5m])) by (le, job))",
+              "format": "time_series",
+              "intervalFactor": 2,
+              "legendFormat": "99%",
+              "refId": "A",
+              "step": 40
+            },
+            {
+              "expr": "histogram_quantile(0.90, sum(rate(coredns_dns_request_duration_seconds_bucket{job=\"coredns\",instance=~\"$instance\"}[5m])) by (le))",
+              "format": "time_series",
+              "intervalFactor": 2,
+              "legendFormat": "90%",
+              "refId": "B",
+              "step": 40
+            },
+            {
+              "expr": "histogram_quantile(0.50, sum(rate(coredns_dns_request_duration_seconds_bucket{job=\"coredns\",instance=~\"$instance\"}[5m])) by (le))",
+              "format": "time_series",
+              "intervalFactor": 2,
+              "legendFormat": "50%",
+              "refId": "C",
+              "step": 40
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Responses (duration)",
+          "tooltip": {
+            "shared": true,
+            "sort": 0,
+            "value_type": "cumulative"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "s",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "short",
+              "logBase": 1,
+              "max": null,
+              "min": null,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 12,
+            "x": 0,
+            "y": 21
+          },
+          "hiddenSeries": false,
+          "id": 18,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "udp:50%",
+              "yaxis": 1
+            },
+            {
+              "alias": "tcp:50%",
+              "yaxis": 2
+            },
+            {
+              "alias": "tcp:90%",
+              "yaxis": 2
+            },
+            {
+              "alias": "tcp:99%",
+              "yaxis": 2
+            }
+          ],
+          "spaceLength": 10,
+          "stack": false,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "histogram_quantile(0.99, sum(rate(coredns_dns_response_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto)) ",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:99%",
+              "refId": "A",
+              "step": 40
+            },
+            {
+              "expr": "histogram_quantile(0.90, sum(rate(coredns_dns_response_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto)) ",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:90%",
+              "refId": "B",
+              "step": 40
+            },
+            {
+              "expr": "histogram_quantile(0.50, sum(rate(coredns_dns_response_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto)) ",
+              "hide": false,
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:50%",
+              "metric": "",
+              "refId": "C",
+              "step": 40
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Responses (size, udp)",
+          "tooltip": {
+            "shared": true,
+            "sort": 0,
+            "value_type": "cumulative"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "bytes",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "short",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 12,
+            "x": 12,
+            "y": 21
+          },
+          "hiddenSeries": false,
+          "id": 20,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "udp:50%",
+              "yaxis": 1
+            },
+            {
+              "alias": "tcp:50%",
+              "yaxis": 1
+            },
+            {
+              "alias": "tcp:90%",
+              "yaxis": 1
+            },
+            {
+              "alias": "tcp:99%",
+              "yaxis": 1
+            }
+          ],
+          "spaceLength": 10,
+          "stack": false,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "histogram_quantile(0.99, sum(rate(coredns_dns_response_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le,proto)) ",
+              "format": "time_series",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:99%",
+              "refId": "A",
+              "step": 40
+            },
+            {
+              "expr": "histogram_quantile(0.90, sum(rate(coredns_dns_response_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le,proto)) ",
+              "format": "time_series",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:90%",
+              "refId": "B",
+              "step": 40
+            },
+            {
+              "expr": "histogram_quantile(0.50, sum(rate(coredns_dns_response_size_bytes_bucket{job=\"coredns\",instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le, proto)) ",
+              "format": "time_series",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{proto}}"}}:50%",
+              "metric": "",
+              "refId": "C",
+              "step": 40
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Responses (size, tcp)",
+          "tooltip": {
+            "shared": true,
+            "sort": 0,
+            "value_type": "cumulative"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "bytes",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "short",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 12,
+            "x": 0,
+            "y": 28
+          },
+          "hiddenSeries": false,
+          "id": 22,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [],
+          "spaceLength": 10,
+          "stack": true,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "sum(coredns_cache_size{job=\"coredns\",instance=~\"$instance\"}) by (type) or\nsum(coredns_cache_entries{job=\"coredns\",instance=~\"$instance\"}) by (type)",
+              "interval": "",
+              "intervalFactor": 2,
+              "legendFormat": "{{"{{type}}"}}",
+              "refId": "A",
+              "step": 40
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Cache (size)",
+          "tooltip": {
+            "shared": true,
+            "sort": 2,
+            "value_type": "cumulative"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "decbytes",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "short",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        },
+        {
+          "aliasColors": {},
+          "bars": false,
+          "dashLength": 10,
+          "dashes": false,
+          "datasource": "$datasource",
+          "editable": true,
+          "error": false,
+          "fieldConfig": {
+            "defaults": {
+              "custom": {},
+              "links": []
+            },
+            "overrides": []
+          },
+          "fill": 1,
+          "fillGradient": 0,
+          "grid": {},
+          "gridPos": {
+            "h": 7,
+            "w": 12,
+            "x": 12,
+            "y": 28
+          },
+          "hiddenSeries": false,
+          "id": 24,
+          "legend": {
+            "avg": false,
+            "current": false,
+            "max": false,
+            "min": false,
+            "show": true,
+            "total": false,
+            "values": false
+          },
+          "lines": true,
+          "linewidth": 2,
+          "links": [],
+          "nullPointMode": "connected",
+          "options": {
+            "alertThreshold": true
+          },
+          "percentage": false,
+          "pluginVersion": "7.2.0",
+          "pointradius": 5,
+          "points": false,
+          "renderer": "flot",
+          "seriesOverrides": [
+            {
+              "alias": "misses",
+              "yaxis": 2
+            }
+          ],
+          "spaceLength": 10,
+          "stack": true,
+          "steppedLine": false,
+          "targets": [
+            {
+              "expr": "sum(rate(coredns_cache_hits_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (type)",
+              "hide": false,
+              "intervalFactor": 2,
+              "legendFormat": "hits:{{"{{type}}"}}",
+              "refId": "A",
+              "step": 40
+            },
+            {
+              "expr": "sum(rate(coredns_cache_misses_total{job=\"coredns\",instance=~\"$instance\"}[5m])) by (type)",
+              "hide": false,
+              "intervalFactor": 2,
+              "legendFormat": "misses",
+              "refId": "B",
+              "step": 40
+            }
+          ],
+          "thresholds": [],
+          "timeFrom": null,
+          "timeRegions": [],
+          "timeShift": null,
+          "title": "Cache (hitrate)",
+          "tooltip": {
+            "shared": true,
+            "sort": 2,
+            "value_type": "individual"
+          },
+          "type": "graph",
+          "xaxis": {
+            "buckets": null,
+            "mode": "time",
+            "name": null,
+            "show": true,
+            "values": []
+          },
+          "yaxes": [
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            },
+            {
+              "format": "pps",
+              "logBase": 1,
+              "max": null,
+              "min": 0,
+              "show": true
+            }
+          ],
+          "yaxis": {
+            "align": false,
+            "alignLevel": null
+          }
+        }
+      ],
+      "refresh": "10s",
+      "schemaVersion": 26,
+      "style": "dark",
+      "tags": [
+        "dns",
+        "coredns"
+      ],
+      "templating": {
+        "list": [
+          {
+            "current": {
+              "text": "Prometheus",
+              "value": "Prometheus"
+            },
+            "hide": 0,
+            "includeAll": false,
+            "label": "Data Source",
+            "multi": false,
+            "name": "datasource",
+            "options": [],
+            "query": "prometheus",
+            "queryValue": "",
+            "refresh": 1,
+            "regex": "",
+            "skipUrlSync": false,
+            "type": "datasource"
+          },
+          {
+            "allValue": ".*",
+            "current": {
+              "selected": true,
+              "text": "All",
+              "value": "$__all"
+            },
+            "datasource": "$datasource",
+            "definition": "label_values(up{job=\"coredns\"}, instance)",
+            "hide": 0,
+            "includeAll": true,
+            "label": "Instance",
+            "multi": false,
+            "name": "instance",
+            "options": [],
+            "query": "label_values(up{job=\"coredns\"}, instance)",
+            "refresh": 1,
+            "regex": "",
+            "skipUrlSync": false,
+            "sort": 3,
+            "tagValuesQuery": "",
+            "tags": [],
+            "tagsQuery": "",
+            "type": "query",
+            "useTags": false
+          }
+        ]
+      },
+      "time": {
+        "from": "now-3h",
+        "to": "now"
+      },
+      "timepicker": {
+        "refresh_intervals": [
+          "10s",
+          "30s",
+          "1m",
+          "5m",
+          "15m",
+          "30m",
+          "1h",
+          "2h",
+          "1d"
+        ]
+      },
+      "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+      "title": "CoreDNS",
+      "uid": "vkQ0UHxik",
+      "version": 2
+    }
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-cluster.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-cluster.yaml
new file mode 100644
index 0000000000..93ee57db93
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-cluster.yaml
@@ -0,0 +1,3088 @@
+{{- /*
+Generated from 'k8s-resources-cluster' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-cluster" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-cluster.json: |-
+    {
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "height": "100px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 1,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 2,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "cluster:node_cpu:ratio_rate5m{cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Utilisation",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 2,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(namespace_cpu:kube_pod_container_resource_requests:sum{cluster=\"$cluster\"}) / sum(kube_node_status_allocatable{job=\"kube-state-metrics\",resource=\"cpu\",cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Requests Commitment",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 2,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(namespace_cpu:kube_pod_container_resource_limits:sum{cluster=\"$cluster\"}) / sum(kube_node_status_allocatable{job=\"kube-state-metrics\",resource=\"cpu\",cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Limits Commitment",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 2,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "1 - sum(:node_memory_MemAvailable_bytes:sum{cluster=\"$cluster\"}) / sum(node_memory_MemTotal_bytes{job=\"node-exporter\",cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Utilisation",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 2,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(namespace_memory:kube_pod_container_resource_requests:sum{cluster=\"$cluster\"}) / sum(kube_node_status_allocatable{job=\"kube-state-metrics\",resource=\"memory\",cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Requests Commitment",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 2,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(namespace_memory:kube_pod_container_resource_limits:sum{cluster=\"$cluster\"}) / sum(kube_node_status_allocatable{job=\"kube-state-metrics\",resource=\"memory\",cluster=\"$cluster\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Limits Commitment",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Headlines",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Pods",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 0,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/85a562078cdf77779eaa1add43ccec1e/k8s-resources-namespace?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$__cell_1",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Workloads",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 0,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to workloads",
+                                "linkUrl": "d/a87fb0d919ec0ea5f6543124e16c42a5/k8s-resources-workloads-namespace?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$__cell_1",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "CPU Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #G",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Namespace",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/85a562078cdf77779eaa1add43ccec1e/k8s-resources-namespace?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$__cell",
+                                "pattern": "namespace",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(kube_pod_owner{job=\"kube-state-metrics\", cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "count(avg(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\"}) by (workload, namespace)) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(namespace_cpu:kube_pod_container_resource_requests:sum{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\"}) by (namespace) / sum(namespace_cpu:kube_pod_container_resource_requests:sum{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(namespace_cpu:kube_pod_container_resource_limits:sum{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\"}) by (namespace) / sum(namespace_cpu:kube_pod_container_resource_limits:sum{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "G",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(container_memory_rss{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", container!=\"\"}) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Usage (w/o cache)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Pods",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 0,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/85a562078cdf77779eaa1add43ccec1e/k8s-resources-namespace?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$__cell_1",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Workloads",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 0,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to workloads",
+                                "linkUrl": "d/a87fb0d919ec0ea5f6543124e16c42a5/k8s-resources-workloads-namespace?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$__cell_1",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Memory Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #G",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Namespace",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/85a562078cdf77779eaa1add43ccec1e/k8s-resources-namespace?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$__cell",
+                                "pattern": "namespace",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(kube_pod_owner{job=\"kube-state-metrics\", cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "count(avg(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\"}) by (workload, namespace)) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_rss{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", container!=\"\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(namespace_memory:kube_pod_container_resource_requests:sum{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_rss{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", container!=\"\"}) by (namespace) / sum(namespace_memory:kube_pod_container_resource_requests:sum{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(namespace_memory:kube_pod_container_resource_limits:sum{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_rss{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", container!=\"\"}) by (namespace) / sum(namespace_memory:kube_pod_container_resource_limits:sum{cluster=\"$cluster\"}) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "G",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Requests by Namespace",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Requests",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 11,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Current Receive Bandwidth",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Current Transmit Bandwidth",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Rate of Received Packets",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Transmitted Packets",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Received Packets Dropped",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Transmitted Packets Dropped",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Namespace",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/85a562078cdf77779eaa1add43ccec1e/k8s-resources-namespace?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$__cell",
+                                "pattern": "namespace",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Current Network Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Network Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 12,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Receive Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 13,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Transmit Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 14,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "avg(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Container Bandwidth by Namespace: Received",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 15,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "avg(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Container Bandwidth by Namespace: Transmitted",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Average Container Bandwidth by Namespace",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 16,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 17,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 18,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 19,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=~\".+\"}[$__rate_interval])) by (namespace)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets Dropped",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "decimals": -1,
+                        "fill": 10,
+                        "id": 20,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "ceil(sum by(namespace) (rate(container_fs_reads_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", container!=\"\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]) + rate(container_fs_writes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval])))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "IOPS(Reads+Writes)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 21,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by(namespace) (rate(container_fs_reads_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", container!=\"\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]) + rate(container_fs_writes_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}namespace{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "ThroughPut(Read+Write)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Storage IO",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 22,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "sort": {
+                            "col": 4,
+                            "desc": true
+                        },
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "IOPS(Reads)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "IOPS(Writes)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "IOPS(Reads + Writes)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Throughput(Read)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Throughput(Write)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Throughput(Read + Write)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Namespace",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/85a562078cdf77779eaa1add43ccec1e/k8s-resources-namespace?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$__cell",
+                                "pattern": "namespace",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum by(namespace) (rate(container_fs_reads_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(namespace) (rate(container_fs_writes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(namespace) (rate(container_fs_reads_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]) + rate(container_fs_writes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(namespace) (rate(container_fs_reads_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(namespace) (rate(container_fs_writes_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(namespace) (rate(container_fs_reads_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]) + rate(container_fs_writes_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace!=\"\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Current Storage IO",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Storage IO - Distribution",
+                "titleSize": "h6"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Compute Resources / Cluster",
+        "uid": "efa86fd1d0c121a26444b636a3f509a8",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-multicluster.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-multicluster.yaml
new file mode 100644
index 0000000000..9c295831a5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-multicluster.yaml
@@ -0,0 +1,24 @@
+{{- /*
+Generated from 'k8s-resources-multicluster' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ template "kube-prometheus-stack-grafana.namespace" . }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-multicluster" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-multicluster.json: |-
+    {{`{"annotations":{"list":[]},"editable":`}}{{ .Values.grafana.defaultDashboardsEditable }}{{`,"gnetId":null,"graphTooltip":0,"hideControls":false,"links":[],"refresh":"10s","rows":[{"collapse":false,"height":"100px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":1,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"cluster:node_cpu:ratio_rate5m","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"CPU Utilisation","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":2,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(kube_pod_container_resource_requests{job=\"kube-state-metrics\", resource=\"cpu\"}) / sum(kube_node_status_allocatable{job=\"kube-state-metrics\", resource=\"cpu\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"CPU Requests Commitment","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":3,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(kube_pod_container_resource_limits{job=\"kube-state-metrics\", resource=\"cpu\"}) / sum(kube_node_status_allocatable{job=\"kube-state-metrics\", resource=\"cpu\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"CPU Limits Commitment","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":4,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"1 - sum(:node_memory_MemAvailable_bytes:sum) / sum(node_memory_MemTotal_bytes{job=\"node-exporter\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"Memory Utilisation","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":5,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(kube_pod_container_resource_requests{job=\"kube-state-metrics\", resource=\"memory\"}) / sum(kube_node_status_allocatable{job=\"kube-state-metrics\", resource=\"memory\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"Memory Requests Commitment","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":6,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(kube_pod_container_resource_limits{job=\"kube-state-metrics\", resource=\"memory\"}) / sum(kube_node_status_allocatable{job=\"kube-state-metrics\", resource=\"memory\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"Memory Limits Commitment","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":false,"title":"Headlines","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":0,"id":7,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":2,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate) by (cluster)","format":"time_series","legendFormat":"{{cluster}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Usage","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":8,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"CPU Usage","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Requests","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Requests %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #C","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"CPU Limits","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #D","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Limits %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #E","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Cluster","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":true,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"/d/efa86fd1d0c121a26444b636a3f509a8/k8s-resources-cluster?var-datasource=$datasource&var-cluster=`}}{{ if .Values.grafana.sidecar.dashboards.enableNewTablePanelSyntax }}${__value.text}{{ else }}$__cell{{ end }}{{`","pattern":"cluster","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"sum(kube_pod_container_resource_requests{job=\"kube-state-metrics\", resource=\"cpu\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"B"},{"expr":"sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate) by (cluster) / sum(kube_pod_container_resource_requests{job=\"kube-state-metrics\", resource=\"cpu\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"C"},{"expr":"sum(kube_pod_container_resource_limits{job=\"kube-state-metrics\", resource=\"cpu\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"D"},{"expr":"sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate) by (cluster) / sum(kube_pod_container_resource_limits{job=\"kube-state-metrics\", resource=\"cpu\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"E"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Quota","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU Quota","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":0,"id":9,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":2,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(container_memory_rss{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", container!=\"\"}) by (cluster)","format":"time_series","legendFormat":"{{cluster}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Usage (w/o cache)","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"bytes","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":10,"interval":"1m","legend":{"alignAsTable":true,"avg":false,"current":false,"max":false,"min":false,"rightSide":true,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"Memory Usage","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"number","unit":"bytes"},{"alias":"Memory Requests","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"bytes"},{"alias":"Memory Requests %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #C","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Memory Limits","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #D","thresholds":[],"type":"number","unit":"bytes"},{"alias":"Memory Limits %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #E","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Cluster","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":true,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"/d/efa86fd1d0c121a26444b636a3f509a8/k8s-resources-cluster?var-datasource=$datasource&var-cluster=`}}{{ if .Values.grafana.sidecar.dashboards.enableNewTablePanelSyntax }}${__value.text}{{ else }}$__cell{{ end }}{{`","pattern":"cluster","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"sum(container_memory_rss{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", container!=\"\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"sum(kube_pod_container_resource_requests{job=\"kube-state-metrics\", resource=\"memory\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"B"},{"expr":"sum(container_memory_rss{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", container!=\"\"}) by (cluster) / sum(kube_pod_container_resource_requests{job=\"kube-state-metrics\", resource=\"memory\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"C"},{"expr":"sum(kube_pod_container_resource_limits{job=\"kube-state-metrics\", resource=\"memory\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"D"},{"expr":"sum(container_memory_rss{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", container!=\"\"}) by (cluster) / sum(kube_pod_container_resource_limits{job=\"kube-state-metrics\", resource=\"memory\"}) by (cluster)","format":"table","instant":true,"legendFormat":"","refId":"E"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Requests by Cluster","tooltip":{"shared":false,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory Requests","titleSize":"h6"}],"schemaVersion":14,"style":"dark","tags":["kubernetes-mixin"],"templating":{"list":[{"current":{"text":"default","value":"default"},"hide":0,"label":"Data source","name":"datasource","options":[],"query":"prometheus","refresh":1,"regex":"","type":"datasource"}]},"time":{"from":"now-1h","to":"now"},"timepicker":{"refresh_intervals":["5s","10s","30s","1m","5m","15m","30m","1h","2h","1d"],"time_options":["5m","15m","1h","6h","12h","24h","2d","7d","30d"]},"timezone": "`}}{{ .Values.grafana.defaultDashboardsTimezone }}{{`","title":"Kubernetes / Compute Resources /  Multi-Cluster","uid":"b59e6c9f2fcbe2e16d77fc492374cc4f","version":0}`}}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-namespace.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-namespace.yaml
new file mode 100644
index 0000000000..1c32c9c02e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-namespace.yaml
@@ -0,0 +1,2797 @@
+{{- /*
+Generated from 'k8s-resources-namespace' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-namespace" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-namespace.json: |-
+    {
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "height": "100px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 1,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}) / sum(kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Utilisation (from requests)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}) / sum(kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Utilisation (from limits)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\",container!=\"\", image!=\"\"}) / sum(kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Utilisation (from requests)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "format": "percentunit",
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\",container!=\"\", image!=\"\"}) / sum(kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"})",
+                                "format": "time_series",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "70,80",
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Utilisation (from limits)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "singlestat",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Headlines",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+                            {
+                                "alias": "quota - requests",
+                                "color": "#F2495C",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            },
+                            {
+                                "alias": "quota - limits",
+                                "color": "#FF9830",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "scalar(kube_resourcequota{cluster=\"$cluster\", namespace=\"$namespace\", type=\"hard\",resource=\"requests.cpu\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "quota - requests",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "scalar(kube_resourcequota{cluster=\"$cluster\", namespace=\"$namespace\", type=\"hard\",resource=\"limits.cpu\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "quota - limits",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "CPU Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "CPU Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "d/6581e46e4e5c7ba40a07646395ef7b23/k8s-resources-pod?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-pod=$__cell",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod) / sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod) / sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+                            {
+                                "alias": "quota - requests",
+                                "color": "#F2495C",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            },
+                            {
+                                "alias": "quota - limits",
+                                "color": "#FF9830",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "scalar(kube_resourcequota{cluster=\"$cluster\", namespace=\"$namespace\", type=\"hard\",resource=\"requests.memory\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "quota - requests",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "scalar(kube_resourcequota{cluster=\"$cluster\", namespace=\"$namespace\", type=\"hard\",resource=\"limits.memory\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "quota - limits",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Usage (w/o cache)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Memory Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Usage (RSS)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Usage (Cache)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #G",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Usage (Swap)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #H",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "d/6581e46e4e5c7ba40a07646395ef7b23/k8s-resources-pod?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-pod=$__cell",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\",container!=\"\", image!=\"\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_requests{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\",container!=\"\", image!=\"\"}) by (pod) / sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_requests{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_limits{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\",container!=\"\", image!=\"\"}) by (pod) / sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_limits{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_rss{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\",container!=\"\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_cache{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\",container!=\"\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "G",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_swap{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\",container!=\"\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "H",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Current Receive Bandwidth",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Current Transmit Bandwidth",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Rate of Received Packets",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Transmitted Packets",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Received Packets Dropped",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Transmitted Packets Dropped",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/6581e46e4e5c7ba40a07646395ef7b23/k8s-resources-pod?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-pod=$__cell",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Current Network Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Network Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Receive Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 11,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Transmit Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 12,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_total{cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 13,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_total{cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 14,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_dropped_total{cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 15,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_dropped_total{cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets Dropped",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "decimals": -1,
+                        "fill": 10,
+                        "id": 16,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "ceil(sum by(pod) (rate(container_fs_reads_total{container!=\"\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]) + rate(container_fs_writes_total{container!=\"\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "IOPS(Reads+Writes)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 17,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_reads_bytes_total{container!=\"\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]) + rate(container_fs_writes_bytes_total{container!=\"\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "ThroughPut(Read+Write)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Storage IO",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 18,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "sort": {
+                            "col": 4,
+                            "desc": true
+                        },
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "IOPS(Reads)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "IOPS(Writes)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "IOPS(Reads + Writes)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Throughput(Read)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Throughput(Write)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Throughput(Read + Write)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/6581e46e4e5c7ba40a07646395ef7b23/k8s-resources-pod?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-pod=$__cell",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_reads_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_writes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_reads_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]) + rate(container_fs_writes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_reads_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_writes_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_reads_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]) + rate(container_fs_writes_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Current Storage IO",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Storage IO - Distribution",
+                "titleSize": "h6"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"kube-state-metrics\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kube_namespace_status_phase{job=\"kube-state-metrics\", cluster=\"$cluster\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Compute Resources / Namespace (Pods)",
+        "uid": "85a562078cdf77779eaa1add43ccec1e",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-node.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-node.yaml
new file mode 100644
index 0000000000..e60a42d747
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-node.yaml
@@ -0,0 +1,1026 @@
+{{- /*
+Generated from 'k8s-resources-node' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-node" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-node.json: |-
+    {
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 1,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+                            {
+                                "alias": "max capacity",
+                                "color": "#F2495C",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(kube_node_status_capacity{cluster=\"$cluster\", node=~\"$node\", resource=\"cpu\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "max capacity",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "CPU Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "CPU Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", node=~\"$node\"}) by (pod) / sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", node=~\"$node\"}) by (pod) / sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+                            {
+                                "alias": "max capacity",
+                                "color": "#F2495C",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(kube_node_status_capacity{cluster=\"$cluster\", node=~\"$node\", resource=\"memory\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "max capacity",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_memory_working_set_bytes{cluster=\"$cluster\", node=~\"$node\", container!=\"\"}) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Usage (w/o cache)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Memory Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Usage (RSS)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Usage (Cache)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #G",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Usage (Swap)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #H",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_memory_working_set_bytes{cluster=\"$cluster\", node=~\"$node\",container!=\"\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_requests{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_memory_working_set_bytes{cluster=\"$cluster\", node=~\"$node\",container!=\"\"}) by (pod) / sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_requests{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_limits{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_memory_working_set_bytes{cluster=\"$cluster\", node=~\"$node\",container!=\"\"}) by (pod) / sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_limits{cluster=\"$cluster\", node=~\"$node\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_memory_rss{cluster=\"$cluster\", node=~\"$node\",container!=\"\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_memory_cache{cluster=\"$cluster\", node=~\"$node\",container!=\"\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "G",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_memory_swap{cluster=\"$cluster\", node=~\"$node\",container!=\"\"}) by (pod)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "H",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Quota",
+                "titleSize": "h6"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"kube-state-metrics\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": true,
+                    "name": "node",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kube_node_info{cluster=\"$cluster\"}, node)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Compute Resources / Node (Pods)",
+        "uid": "200ac8fdbfbb74b39aff88118e4d1c2c",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-pod.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-pod.yaml
new file mode 100644
index 0000000000..80fab51c00
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-pod.yaml
@@ -0,0 +1,2469 @@
+{{- /*
+Generated from 'k8s-resources-pod' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-pod" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-pod.json: |-
+    {
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 1,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+                            {
+                                "alias": "requests",
+                                "color": "#F2495C",
+                                "fill": 0,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            },
+                            {
+                                "alias": "limits",
+                                "color": "#FF9830",
+                                "fill": 0,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{namespace=\"$namespace\", pod=\"$pod\", cluster=\"$cluster\"}) by (container)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}container{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", resource=\"cpu\"}\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "requests",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", resource=\"cpu\"}\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "limits",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": true,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(increase(container_cpu_cfs_throttled_periods_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", namespace=\"$namespace\", pod=\"$pod\", container!=\"\", cluster=\"$cluster\"}[$__rate_interval])) by (container) /sum(increase(container_cpu_cfs_periods_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", namespace=\"$namespace\", pod=\"$pod\", container!=\"\", cluster=\"$cluster\"}[$__rate_interval])) by (container)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}container{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+                            {
+                                "colorMode": "critical",
+                                "fill": true,
+                                "line": true,
+                                "op": "gt",
+                                "value": 0.25,
+                                "yaxis": "left"
+                            }
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Throttling",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": 1,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Throttling",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "CPU Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "CPU Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Container",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "container",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container) / sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container) / sum(cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+                            {
+                                "alias": "requests",
+                                "color": "#F2495C",
+                                "dashes": true,
+                                "fill": 0,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            },
+                            {
+                                "alias": "limits",
+                                "color": "#FF9830",
+                                "dashes": true,
+                                "fill": 0,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", container!=\"\", image!=\"\"}) by (container)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}container{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", resource=\"memory\"}\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "requests",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", resource=\"memory\"}\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "limits",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Usage (WSS)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Memory Usage (WSS)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Usage (RSS)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Usage (Cache)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #G",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Usage (Swap)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #H",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Container",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "container",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", container!=\"\", image!=\"\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_requests{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", image!=\"\"}) by (container) / sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_requests{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_limits{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", container!=\"\", image!=\"\"}) by (container) / sum(cluster:namespace:pod_memory:active:kube_pod_container_resource_limits{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_rss{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", container != \"\", container != \"POD\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_cache{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", container != \"\", container != \"POD\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "G",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(container_memory_swap{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\", container != \"\", container != \"POD\"}) by (container)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "H",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Receive Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Transmit Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 11,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets Dropped",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "decimals": -1,
+                        "fill": 10,
+                        "id": 12,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "ceil(sum by(pod) (rate(container_fs_reads_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval])))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Reads",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "ceil(sum by(pod) (rate(container_fs_writes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\",namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval])))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Writes",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "IOPS",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 13,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_reads_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Reads",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(pod) (rate(container_fs_writes_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Writes",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "ThroughPut",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Storage IO - Distribution(Pod - Read & Writes)",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "decimals": -1,
+                        "fill": 10,
+                        "id": 14,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "ceil(sum by(container) (rate(container_fs_reads_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]) + rate(container_fs_writes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval])))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}container{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "IOPS(Reads+Writes)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 15,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by(container) (rate(container_fs_reads_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]) + rate(container_fs_writes_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}container{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "ThroughPut(Read+Write)",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Storage IO - Distribution(Containers)",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 16,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "sort": {
+                            "col": 4,
+                            "desc": true
+                        },
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "IOPS(Reads)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "IOPS(Writes)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "IOPS(Reads + Writes)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": -1,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Throughput(Read)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Throughput(Write)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Throughput(Read + Write)",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Container",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "container",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum by(container) (rate(container_fs_reads_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(container) (rate(container_fs_writes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\",device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(container) (rate(container_fs_reads_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]) + rate(container_fs_writes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(container) (rate(container_fs_reads_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(container) (rate(container_fs_writes_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by(container) (rate(container_fs_reads_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]) + rate(container_fs_writes_bytes_total{job=\"kubelet\", metrics_path=\"/metrics/cadvisor\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\", container!=\"\", cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[$__rate_interval]))",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Current Storage IO",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Storage IO - Distribution",
+                "titleSize": "h6"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"kube-state-metrics\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kube_namespace_status_phase{job=\"kube-state-metrics\", cluster=\"$cluster\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "pod",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kube_pod_info{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\"}, pod)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Compute Resources / Pod",
+        "uid": "6581e46e4e5c7ba40a07646395ef7b23",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-cluster.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-cluster.yaml
new file mode 100644
index 0000000000..d77170afd8
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-cluster.yaml
@@ -0,0 +1,24 @@
+{{- /*
+Generated from 'k8s-resources-windows-cluster' from https://github.com/kubernetes-monitoring/kubernetes-mixin.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled .Values.windowsMonitoring.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ template "kube-prometheus-stack-grafana.namespace" . }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-windows-cluster" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-windows-cluster.json: |-
+    {{`{"__inputs":[],"__requires":[],"annotations":{"list":[]},"editable":`}}{{ .Values.grafana.defaultDashboardsEditable }}{{`,"gnetId":null,"graphTooltip":0,"hideControls":false,"id":null,"links":[],"refresh":"","rows":[{"collapse":false,"height":"100px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":2,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"1 - avg(rate(windows_cpu_time_total{cluster=\"$cluster\", job=\"windows-exporter\", mode=\"idle\"}[1m]))","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"CPU Utilisation","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":3,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(kube_pod_windows_container_resource_cpu_cores_request{cluster=\"$cluster\"}) / sum(node:windows_node_num_cpu:sum{cluster=\"$cluster\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"CPU Requests Commitment","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":4,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(kube_pod_windows_container_resource_cpu_cores_limit{cluster=\"$cluster\"}) / sum(node:windows_node_num_cpu:sum{cluster=\"$cluster\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"CPU Limits Commitment","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":5,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"1 - sum(:windows_node_memory_MemFreeCached_bytes:sum{cluster=\"$cluster\"}) / sum(:windows_node_memory_MemTotal_bytes:sum{cluster=\"$cluster\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"Memory Utilisation","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":6,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(kube_pod_windows_container_resource_memory_request{cluster=\"$cluster\"}) / sum(:windows_node_memory_MemTotal_bytes:sum{cluster=\"$cluster\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"Memory Requests Commitment","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"format":"percentunit","id":7,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":2,"stack":false,"steppedLine":false,"targets":[{"expr":"sum(kube_pod_windows_container_resource_memory_limit{cluster=\"$cluster\"}) / sum(:windows_node_memory_MemTotal_bytes:sum{cluster=\"$cluster\"})","format":"time_series","instant":true,"refId":"A"}],"thresholds":"70,80","timeFrom":null,"timeShift":null,"title":"Memory Limits Commitment","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"singlestat","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":false,"title":"Headlines","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":8,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\"}) by (namespace)","format":"time_series","legendFormat":"{{namespace}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Usage","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":9,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"CPU Usage","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Requests","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Requests %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #C","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"CPU Limits","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #D","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Limits %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #E","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Namespace","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":true,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"/d/490b402361724ab1d4c45666c1fa9b6f/k8s-resources-windows-namespace?var-datasource=$datasource&var-namespace=`}}{{ if .Values.grafana.sidecar.dashboards.enableNewTablePanelSyntax }}${__value.text}{{ else }}$__cell{{ end }}{{`","pattern":"namespace","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"sum(kube_pod_windows_container_resource_cpu_cores_request{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"B"},{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\"}) by (namespace) / sum(kube_pod_windows_container_resource_cpu_cores_request{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"C"},{"expr":"sum(kube_pod_windows_container_resource_cpu_cores_limit{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"D"},{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\"}) by (namespace) / sum(kube_pod_windows_container_resource_cpu_cores_limit{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"E"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Quota","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU Quota","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":10,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\"}) by (namespace)","format":"time_series","legendFormat":"{{namespace}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Usage (Private Working Set)","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"decbytes","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":11,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"Memory Usage","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Requests","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Requests %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #C","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Memory Limits","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #D","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Limits %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #E","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Namespace","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":true,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"/d/490b402361724ab1d4c45666c1fa9b6f/k8s-resources-windows-namespace?var-datasource=$datasource&var-namespace=`}}{{ if .Values.grafana.sidecar.dashboards.enableNewTablePanelSyntax }}${__value.text}{{ else }}$__cell{{ end }}{{`","pattern":"namespace","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"sum(kube_pod_windows_container_resource_memory_request{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"B"},{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\"}) by (namespace) / sum(kube_pod_windows_container_resource_memory_request{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"C"},{"expr":"sum(kube_pod_windows_container_resource_memory_limit{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"D"},{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\"}) by (namespace) / sum(kube_pod_windows_container_resource_memory_limit{cluster=\"$cluster\"}) by (namespace)","format":"table","instant":true,"legendFormat":"","refId":"E"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Requests by Namespace","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory Requests","titleSize":"h6"}],"schemaVersion":14,"style":"dark","tags":["kubernetes-mixin"],"templating":{"list":[{"current":{"text":"default","value":"default"},"hide":0,"label":null,"name":"datasource","options":[],"query":"prometheus","refresh":1,"regex":"","type":"datasource"},{"allValue":null,"current":{},"datasource":"$datasource","hide":`}}{{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }}{{`,"includeAll":false,"label":"cluster","multi":false,"name":"cluster","options":[],"query":"label_values(up{job=\"windows-exporter\"}, cluster)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false}]},"time":{"from":"now-6h","to":"now"},"timepicker":{"refresh_intervals":["5s","10s","30s","1m","5m","15m","30m","1h","2h","1d"],"time_options":["5m","15m","1h","6h","12h","24h","2d","7d","30d"]},"timezone": "`}}{{ .Values.grafana.defaultDashboardsTimezone }}{{`","title":"Kubernetes / Compute Resources / Cluster(Windows)","uid":"4d08557fd9391b100730f2494bccac68","version":0}`}}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-namespace.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-namespace.yaml
new file mode 100644
index 0000000000..13a1fc3abd
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-namespace.yaml
@@ -0,0 +1,24 @@
+{{- /*
+Generated from 'k8s-resources-windows-namespace' from https://github.com/kubernetes-monitoring/kubernetes-mixin.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled .Values.windowsMonitoring.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ template "kube-prometheus-stack-grafana.namespace" . }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-windows-namespace" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-windows-namespace.json: |-
+    {{`{"__inputs":[],"__requires":[],"annotations":{"list":[]},"editable":`}}{{ .Values.grafana.defaultDashboardsEditable }}{{`,"gnetId":null,"graphTooltip":0,"hideControls":false,"id":null,"links":[],"refresh":"","rows":[{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":2,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"time_series","legendFormat":"{{pod}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Usage","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU Usage","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":3,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"CPU Usage","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Requests","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Requests %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #C","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"CPU Limits","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #D","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Limits %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #E","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Pod","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":true,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"/d/40597a704a610e936dc6ed374a7ce023/k8s-resources-windows-pod?var-datasource=$datasource&var-namespace=$namespace&var-pod=`}}{{ if .Values.grafana.sidecar.dashboards.enableNewTablePanelSyntax }}${__value.text}{{ else }}$__cell{{ end }}{{`","pattern":"pod","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"sum(kube_pod_windows_container_resource_cpu_cores_request{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"B"},{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod) / sum(kube_pod_windows_container_resource_cpu_cores_request{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"C"},{"expr":"sum(kube_pod_windows_container_resource_cpu_cores_limit{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"D"},{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod) / sum(kube_pod_windows_container_resource_cpu_cores_limit{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"E"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Quota","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU Quota","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":4,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"time_series","legendFormat":"{{pod}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Usage","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"decbytes","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory Usage","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":5,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"Memory Usage","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Requests","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Requests %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #C","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Memory Limits","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #D","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Limits %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #E","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Pod","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":true,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"/d/40597a704a610e936dc6ed374a7ce023/k8s-resources-windows-pod?var-datasource=$datasource&var-namespace=$namespace&var-pod=`}}{{ if .Values.grafana.sidecar.dashboards.enableNewTablePanelSyntax }}${__value.text}{{ else }}$__cell{{ end }}{{`","pattern":"pod","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"sum(kube_pod_windows_container_resource_memory_request{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"B"},{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod) / sum(kube_pod_windows_container_resource_memory_request{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"C"},{"expr":"sum(kube_pod_windows_container_resource_memory_limit{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"D"},{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod) / sum(kube_pod_windows_container_resource_memory_limit{cluster=\"$cluster\", namespace=\"$namespace\"}) by (pod)","format":"table","instant":true,"legendFormat":"","refId":"E"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Quota","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory Quota","titleSize":"h6"}],"schemaVersion":14,"style":"dark","tags":["kubernetes-mixin"],"templating":{"list":[{"current":{"selected":true,"text":"default","value":"default"},"hide":0,"label":null,"name":"datasource","options":[],"query":"prometheus","refresh":1,"regex":"","type":"datasource"},{"allValue":null,"current":{},"datasource":"$datasource","hide":`}}{{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }}{{`,"includeAll":false,"label":"cluster","multi":false,"name":"cluster","options":[],"query":"label_values(up{job=\"windows-exporter\"}, cluster)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false},{"allValue":null,"current":{},"datasource":"$datasource","hide":0,"includeAll":false,"label":"Namespace","multi":false,"name":"namespace","options":[],"query":"label_values(windows_pod_container_available{cluster=\"$cluster\"}, namespace)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false}]},"time":{"from":"now-6h","to":"now"},"timepicker":{"refresh_intervals":["5s","10s","30s","1m","5m","15m","30m","1h","2h","1d"],"time_options":["5m","15m","1h","6h","12h","24h","2d","7d","30d"]},"timezone": "`}}{{ .Values.grafana.defaultDashboardsTimezone }}{{`","title":"Kubernetes / Compute Resources / Namespace(Windows)","uid":"490b402361724ab1d4c45666c1fa9b6f","version":0}`}}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-pod.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-pod.yaml
new file mode 100644
index 0000000000..6686e54053
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-windows-pod.yaml
@@ -0,0 +1,24 @@
+{{- /*
+Generated from 'k8s-resources-windows-pod' from https://github.com/kubernetes-monitoring/kubernetes-mixin.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled .Values.windowsMonitoring.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ template "kube-prometheus-stack-grafana.namespace" . }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-windows-pod" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-windows-pod.json: |-
+    {{`{"__inputs":[],"__requires":[],"annotations":{"list":[]},"editable":`}}{{ .Values.grafana.defaultDashboardsEditable }}{{`,"gnetId":null,"graphTooltip":0,"hideControls":false,"id":null,"links":[],"refresh":"","rows":[{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":2,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"time_series","legendFormat":"{{container}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Usage","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU Usage","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":3,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"CPU Usage","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Requests","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Requests %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #C","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"CPU Limits","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #D","thresholds":[],"type":"number","unit":"short"},{"alias":"CPU Limits %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #E","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Container","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"container","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"sum(kube_pod_windows_container_resource_cpu_cores_request{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"B"},{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container) / sum(kube_pod_windows_container_resource_cpu_cores_request{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"C"},{"expr":"sum(kube_pod_windows_container_resource_cpu_cores_limit{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"D"},{"expr":"sum(namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container) / sum(kube_pod_windows_container_resource_cpu_cores_limit{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"E"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Quota","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU Quota","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":4,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"time_series","legendFormat":"{{container}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Usage","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory Usage","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":5,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"styles":[{"alias":"Time","dateFormat":"YYYY-MM-DD HH:mm:ss","pattern":"Time","type":"hidden"},{"alias":"Memory Usage","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #A","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Requests","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #B","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Requests %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #C","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Memory Limits","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #D","thresholds":[],"type":"number","unit":"decbytes"},{"alias":"Memory Limits %","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"Value #E","thresholds":[],"type":"number","unit":"percentunit"},{"alias":"Container","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"link":false,"linkTargetBlank":false,"linkTooltip":"Drill down","linkUrl":"","pattern":"container","thresholds":[],"type":"number","unit":"short"},{"alias":"","colorMode":null,"colors":[],"dateFormat":"YYYY-MM-DD HH:mm:ss","decimals":2,"pattern":"/.*/","thresholds":[],"type":"string","unit":"short"}],"targets":[{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"A"},{"expr":"sum(kube_pod_windows_container_resource_memory_request{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"B"},{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container) / sum(kube_pod_windows_container_resource_memory_request{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"C"},{"expr":"sum(kube_pod_windows_container_resource_memory_limit{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"D"},{"expr":"sum(windows_container_private_working_set_usage{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container) / sum(kube_pod_windows_container_resource_memory_limit{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}) by (container)","format":"table","instant":true,"legendFormat":"","refId":"E"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Quota","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"transform":"table","type":"table","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory Quota","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"fillGradient":0,"id":6,"legend":{"alignAsTable":true,"avg":true,"current":true,"max":false,"min":false,"rightSide":true,"show":true,"sideWidth":null,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null","percentage":false,"pointradius":5,"points":false,"renderer":"flot","repeat":null,"seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"targets":[{"expr":"sort_desc(sum by (container) (rate(windows_container_network_received_bytes_total{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[1m])))","format":"time_series","intervalFactor":2,"legendFormat":"Received : {{ container }}","refId":"A"},{"expr":"sort_desc(sum by (container) (rate(windows_container_network_transmitted_bytes_total{cluster=\"$cluster\", namespace=\"$namespace\", pod=\"$pod\"}[1m])))","format":"time_series","intervalFactor":2,"legendFormat":"Transmitted : {{ container }}","refId":"B"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Network I/O","tooltip":{"shared":true,"sort":0,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"bytes","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"bytes","label":null,"logBase":1,"max":null,"min":0,"show":true}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Network I/O","titleSize":"h6"}],"schemaVersion":14,"style":"dark","tags":["kubernetes-mixin"],"templating":{"list":[{"current":{"text":"default","value":"default"},"hide":0,"label":null,"name":"datasource","options":[],"query":"prometheus","refresh":1,"regex":"","type":"datasource"},{"allValue":null,"current":{},"datasource":"$datasource","hide":`}}{{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }}{{`,"includeAll":false,"label":"cluster","multi":false,"name":"cluster","options":[],"query":"label_values(up{job=\"windows-exporter\"}, cluster)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false},{"allValue":null,"current":{},"datasource":"$datasource","hide":0,"includeAll":false,"label":"Namespace","multi":false,"name":"namespace","options":[],"query":"label_values(windows_pod_container_available{cluster=\"$cluster\"}, namespace)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false},{"allValue":null,"current":{},"datasource":"$datasource","hide":0,"includeAll":false,"label":"Pod","multi":false,"name":"pod","options":[],"query":"label_values(windows_pod_container_available{cluster=\"$cluster\",namespace=\"$namespace\"}, pod)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false}]},"time":{"from":"now-6h","to":"now"},"timepicker":{"refresh_intervals":["5s","10s","30s","1m","5m","15m","30m","1h","2h","1d"],"time_options":["5m","15m","1h","6h","12h","24h","2d","7d","30d"]},"timezone": "`}}{{ .Values.grafana.defaultDashboardsTimezone }}{{`","title":"Kubernetes / Compute Resources / Pod(Windows)","uid":"40597a704a610e936dc6ed374a7ce023","version":0}`}}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-workload.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-workload.yaml
new file mode 100644
index 0000000000..e2a63ae208
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-workload.yaml
@@ -0,0 +1,2024 @@
+{{- /*
+Generated from 'k8s-resources-workload' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-workload" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-workload.json: |-
+    {
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 1,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(\n    node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "CPU Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "CPU Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "d/6581e46e4e5c7ba40a07646395ef7b23/k8s-resources-pod?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-pod=$__cell",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(\n    node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n/sum(\n    kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n/sum(\n    kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(\n    container_memory_working_set_bytes{cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Memory Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "d/6581e46e4e5c7ba40a07646395ef7b23/k8s-resources-pod?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-pod=$__cell",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "sum(\n    container_memory_working_set_bytes{cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    container_memory_working_set_bytes{cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n/sum(\n    kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    container_memory_working_set_bytes{cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n/sum(\n    kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=\"$workload\", workload_type=\"$type\"}\n) by (pod)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Current Receive Bandwidth",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Current Transmit Bandwidth",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Rate of Received Packets",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Transmitted Packets",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Received Packets Dropped",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Transmitted Packets Dropped",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Pod",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "d/6581e46e4e5c7ba40a07646395ef7b23/k8s-resources-pod?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-pod=$__cell",
+                                "pattern": "pod",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Current Network Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Network Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Receive Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Transmit Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(avg(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Container Bandwidth by Pod: Received",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(avg(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Container Bandwidth by Pod: Transmitted",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Average Container Bandwidth by Pod",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 11,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 12,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 13,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets Dropped",
+                "titleSize": "h6"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"kube-state-metrics\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kube_namespace_status_phase{job=\"kube-state-metrics\", cluster=\"$cluster\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "type",
+                    "options": [
+
+                    ],
+                    "query": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\"}, workload_type)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "workload",
+                    "options": [
+
+                    ],
+                    "query": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}, workload)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Compute Resources / Workload",
+        "uid": "a164a7f0339f99e89cea5cb47e9be617",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-workloads-namespace.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-workloads-namespace.yaml
new file mode 100644
index 0000000000..95d758ea2d
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-resources-workloads-namespace.yaml
@@ -0,0 +1,2189 @@
+{{- /*
+Generated from 'k8s-resources-workloads-namespace' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-resources-workloads-namespace" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-resources-workloads-namespace.json: |-
+    {
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 1,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+                            {
+                                "alias": "quota - requests",
+                                "color": "#F2495C",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            },
+                            {
+                                "alias": "quota - limits",
+                                "color": "#FF9830",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(\n  node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}} - {{`{{`}}workload_type{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "scalar(kube_resourcequota{cluster=\"$cluster\", namespace=\"$namespace\", type=\"hard\",resource=\"requests.cpu\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "quota - requests",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "scalar(kube_resourcequota{cluster=\"$cluster\", namespace=\"$namespace\", type=\"hard\",resource=\"limits.cpu\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "quota - limits",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Running Pods",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 0,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "CPU Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "CPU Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Workload",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "d/a164a7f0339f99e89cea5cb47e9be617/k8s-resources-workload?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-workload=$__cell&var-type=$__cell_2",
+                                "pattern": "workload",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Workload Type",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "workload_type",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "count(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}) by (workload, workload_type)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n  node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n  kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n  node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n/sum(\n  kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n  kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n  node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate{cluster=\"$cluster\", namespace=\"$namespace\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n/sum(\n  kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"cpu\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+                            {
+                                "alias": "quota - requests",
+                                "color": "#F2495C",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            },
+                            {
+                                "alias": "quota - limits",
+                                "color": "#FF9830",
+                                "dashes": true,
+                                "fill": 0,
+                                "hiddenSeries": true,
+                                "hideTooltip": true,
+                                "legend": true,
+                                "linewidth": 2,
+                                "stack": false
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(\n    container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}} - {{`{{`}}workload_type{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "scalar(kube_resourcequota{cluster=\"$cluster\", namespace=\"$namespace\", type=\"hard\",resource=\"requests.memory\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "quota - requests",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "scalar(kube_resourcequota{cluster=\"$cluster\", namespace=\"$namespace\", type=\"hard\",resource=\"limits.memory\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "quota - limits",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Running Pods",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 0,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Memory Usage",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Requests %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Memory Limits",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "bytes"
+                            },
+                            {
+                                "alias": "Memory Limits %",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "percentunit"
+                            },
+                            {
+                                "alias": "Workload",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "d/a164a7f0339f99e89cea5cb47e9be617/k8s-resources-workload?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-workload=$__cell&var-type=$__cell_2",
+                                "pattern": "workload",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Workload Type",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "workload_type",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "count(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}) by (workload, workload_type)",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n  kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n/sum(\n  kube_pod_container_resource_requests{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n  kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum(\n    container_memory_working_set_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\", container!=\"\", image!=\"\"}\n  * on(namespace,pod)\n    group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n/sum(\n  kube_pod_container_resource_limits{job=\"kube-state-metrics\", cluster=\"$cluster\", namespace=\"$namespace\", resource=\"memory\"}\n* on(namespace,pod)\n  group_left(workload, workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}\n) by (workload, workload_type)\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Quota",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory Quota",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Current Receive Bandwidth",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Current Transmit Bandwidth",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "Bps"
+                            },
+                            {
+                                "alias": "Rate of Received Packets",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #C",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Transmitted Packets",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #D",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Received Packets Dropped",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #E",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Rate of Transmitted Packets Dropped",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #F",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "pps"
+                            },
+                            {
+                                "alias": "Workload",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": true,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down to pods",
+                                "linkUrl": "d/a164a7f0339f99e89cea5cb47e9be617/k8s-resources-workload?var-datasource=$datasource&var-cluster=$cluster&var-namespace=$namespace&var-workload=$__cell&var-type=$type",
+                                "pattern": "workload",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Workload Type",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "workload_type",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "C",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "D",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "E",
+                                "step": 10
+                            },
+                            {
+                                "expr": "(sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "F",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Current Network Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Network Usage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Receive Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Transmit Bandwidth",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(avg(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Container Bandwidth by Workload: Received",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(avg(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Container Bandwidth by Workload: Transmitted",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Average Container Bandwidth by Workload",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 11,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 12,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 13,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\", namespace=\"$namespace\"}[$__rate_interval])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Rate of Packets Dropped",
+                "titleSize": "h6"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"kube-state-metrics\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kube_pod_info{job=\"kube-state-metrics\", cluster=\"$cluster\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "deployment",
+                        "value": "deployment"
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\"}, workload_type)",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "type",
+                    "options": [
+
+                    ],
+                    "query": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\", namespace=\"$namespace\", workload=~\".+\"}, workload_type)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Compute Resources / Namespace (Workloads)",
+        "uid": "a87fb0d919ec0ea5f6543124e16c42a5",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-windows-cluster-rsrc-use.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-windows-cluster-rsrc-use.yaml
new file mode 100644
index 0000000000..d9ce9d738c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-windows-cluster-rsrc-use.yaml
@@ -0,0 +1,24 @@
+{{- /*
+Generated from 'k8s-windows-cluster-rsrc-use' from https://github.com/kubernetes-monitoring/kubernetes-mixin.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled .Values.windowsMonitoring.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ template "kube-prometheus-stack-grafana.namespace" . }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-windows-cluster-rsrc-use" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-windows-cluster-rsrc-use.json: |-
+    {{`{"__inputs":[],"__requires":[],"annotations":{"list":[]},"editable":`}}{{ .Values.grafana.defaultDashboardsEditable }}{{`,"gnetId":null,"graphTooltip":0,"hideControls":false,"id":null,"links":[],"refresh":"","rows":[{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":2,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"node:windows_node_cpu_utilisation:avg1m{cluster=\"$cluster\"} * node:windows_node_num_cpu:sum{cluster=\"$cluster\"} / scalar(sum(node:windows_node_num_cpu:sum{cluster=\"$cluster\"}))","format":"time_series","legendFormat":"{{instance}}","legendLink":"/d/96e7484b0bb53b74fbc2bcb7723cd40b/k8s-windows-node-rsrc-use"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Utilisation","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":1,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":3,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":true,"steppedLine":false,"targets":[{"expr":"node:windows_node_memory_utilisation:ratio{cluster=\"$cluster\"}","format":"time_series","legendFormat":"{{instance}}","legendLink":"/d/96e7484b0bb53b74fbc2bcb7723cd40b/k8s-windows-node-rsrc-use"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Utilisation","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":1,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":4,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":true,"steppedLine":false,"targets":[{"expr":"node:windows_node_memory_swap_io_pages:irate{cluster=\"$cluster\"}","format":"time_series","legendFormat":"{{instance}}","legendLink":"/d/96e7484b0bb53b74fbc2bcb7723cd40b/k8s-windows-node-rsrc-use"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Saturation (Swap I/O Pages)","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":5,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"node:windows_node_disk_utilisation:avg_irate{cluster=\"$cluster\"} / scalar(node:windows_node:sum{cluster=\"$cluster\"})","format":"time_series","legendFormat":"{{instance}}","legendLink":"/d/96e7484b0bb53b74fbc2bcb7723cd40b/k8s-windows-node-rsrc-use"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Disk IO Utilisation","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":1,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Disk","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":6,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":true,"steppedLine":false,"targets":[{"expr":"node:windows_node_net_utilisation:sum_irate{cluster=\"$cluster\"}","format":"time_series","legendFormat":"{{instance}}","legendLink":"/d/96e7484b0bb53b74fbc2bcb7723cd40b/k8s-windows-node-rsrc-use"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Net Utilisation (Transmitted)","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"Bps","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":7,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":true,"steppedLine":false,"targets":[{"expr":"node:windows_node_net_saturation:sum_irate{cluster=\"$cluster\"}","format":"time_series","legendFormat":"{{instance}}","legendLink":"/d/96e7484b0bb53b74fbc2bcb7723cd40b/k8s-windows-node-rsrc-use"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Net Saturation (Dropped)","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"Bps","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Network","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":10,"id":8,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":0,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":true,"steppedLine":false,"targets":[{"expr":"sum by (instance)(node:windows_node_filesystem_usage:{cluster=\"$cluster\"})\n","format":"time_series","legendFormat":"{{instance}}","legendLink":"/d/96e7484b0bb53b74fbc2bcb7723cd40b/k8s-windows-node-rsrc-use"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Disk Capacity","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":1,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Storage","titleSize":"h6"}],"schemaVersion":14,"style":"dark","tags":["kubernetes-mixin"],"templating":{"list":[{"current":{"text":"default","value":"default"},"hide":0,"label":null,"name":"datasource","options":[],"query":"prometheus","refresh":1,"regex":"","type":"datasource"},{"allValue":null,"current":{},"datasource":"$datasource","hide":`}}{{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }}{{`,"includeAll":false,"label":"cluster","multi":false,"name":"cluster","options":[],"query":"label_values(up{job=\"windows-exporter\"}, cluster)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false}]},"time":{"from":"now-6h","to":"now"},"timepicker":{"refresh_intervals":["5s","10s","30s","1m","5m","15m","30m","1h","2h","1d"],"time_options":["5m","15m","1h","6h","12h","24h","2d","7d","30d"]},"timezone": "`}}{{ .Values.grafana.defaultDashboardsTimezone }}{{`","title":"Kubernetes / USE Method / Cluster(Windows)","uid":"53a43377ec9aaf2ff64dfc7a1f539334","version":0}`}}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-windows-node-rsrc-use.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-windows-node-rsrc-use.yaml
new file mode 100644
index 0000000000..a7608496a3
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/k8s-windows-node-rsrc-use.yaml
@@ -0,0 +1,24 @@
+{{- /*
+Generated from 'k8s-windows-node-rsrc-use' from https://github.com/kubernetes-monitoring/kubernetes-mixin.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled .Values.windowsMonitoring.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ template "kube-prometheus-stack-grafana.namespace" . }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "k8s-windows-node-rsrc-use" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  k8s-windows-node-rsrc-use.json: |-
+    {{`{"__inputs":[],"__requires":[],"annotations":{"list":[]},"editable":`}}{{ .Values.grafana.defaultDashboardsEditable }}{{`,"gnetId":null,"graphTooltip":0,"hideControls":false,"id":null,"links":[],"refresh":"","rows":[{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":2,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":false,"steppedLine":false,"targets":[{"expr":"node:windows_node_cpu_utilisation:avg1m{cluster=\"$cluster\", instance=\"$instance\"}","format":"time_series","legendFormat":"Utilisation","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Utilisation","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":3,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":false,"steppedLine":false,"targets":[{"expr":"sum by (core) (irate(windows_cpu_time_total{cluster=\"$cluster\", job=\"windows-exporter\", mode!=\"idle\", instance=\"$instance\"}[$__rate_interval]))","format":"time_series","legendFormat":"{{core}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"CPU Usage Per Core","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"CPU","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":4,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":4,"stack":false,"steppedLine":false,"targets":[{"expr":"node:windows_node_memory_utilisation:{cluster=\"$cluster\", instance=\"$instance\"}","format":"time_series","legendFormat":"Memory","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Utilisation %","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"fillGradient":0,"id":5,"legend":{"alignAsTable":false,"avg":false,"current":false,"max":false,"min":false,"rightSide":false,"show":true,"sideWidth":null,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null","percentage":false,"pointradius":5,"points":false,"renderer":"flot","repeat":null,"seriesOverrides":[],"spaceLength":10,"span":4,"stack":false,"steppedLine":false,"targets":[{"expr":"max(\n  windows_os_visible_memory_bytes{cluster=\"$cluster\", job=\"windows-exporter\", instance=\"$instance\"}\n  - windows_memory_available_bytes{cluster=\"$cluster\", job=\"windows-exporter\", instance=\"$instance\"}\n)\n","format":"time_series","intervalFactor":2,"legendFormat":"memory used","refId":"A"},{"expr":"max(node:windows_node_memory_totalCached_bytes:sum{cluster=\"$cluster\", instance=\"$instance\"})","format":"time_series","intervalFactor":2,"legendFormat":"memory cached","refId":"B"},{"expr":"max(windows_memory_available_bytes{cluster=\"$cluster\", job=\"windows-exporter\", instance=\"$instance\"})","format":"time_series","intervalFactor":2,"legendFormat":"memory free","refId":"C"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Usage","tooltip":{"shared":true,"sort":0,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"bytes","label":null,"logBase":1,"max":null,"min":null,"show":true},{"format":"bytes","label":null,"logBase":1,"max":null,"min":null,"show":true}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":6,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":4,"stack":false,"steppedLine":false,"targets":[{"expr":"node:windows_node_memory_swap_io_pages:irate{cluster=\"$cluster\", instance=\"$instance\"}","format":"time_series","legendFormat":"Swap IO","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Memory Saturation (Swap I/O) Pages","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"short","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Memory","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":7,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":false,"steppedLine":false,"targets":[{"expr":"node:windows_node_disk_utilisation:avg_irate{cluster=\"$cluster\", instance=\"$instance\"}","format":"time_series","legendFormat":"Utilisation","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Disk IO Utilisation","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"fillGradient":0,"id":8,"legend":{"alignAsTable":false,"avg":false,"current":false,"max":false,"min":false,"rightSide":false,"show":true,"sideWidth":null,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null","percentage":false,"pointradius":5,"points":false,"renderer":"flot","repeat":null,"seriesOverrides":[{"alias":"read","yaxis":1},{"alias":"io time","yaxis":2}],"spaceLength":10,"span":6,"stack":false,"steppedLine":false,"targets":[{"expr":"max(rate(windows_logical_disk_read_bytes_total{cluster=\"$cluster\", job=\"windows-exporter\", instance=\"$instance\"}[2m]))","format":"time_series","intervalFactor":2,"legendFormat":"read","refId":"A"},{"expr":"max(rate(windows_logical_disk_write_bytes_total{cluster=\"$cluster\", job=\"windows-exporter\", instance=\"$instance\"}[2m]))","format":"time_series","intervalFactor":2,"legendFormat":"written","refId":"B"},{"expr":"max(rate(windows_logical_disk_read_seconds_total{cluster=\"$cluster\", job=\"windows-exporter\",  instance=\"$instance\"}[2m]) + rate(windows_logical_disk_write_seconds_total{cluster=\"$cluster\", job=\"windows-exporter\", instance=\"$instance\"}[2m]))","format":"time_series","intervalFactor":2,"legendFormat":"io time","refId":"C"}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Disk I/O","tooltip":{"shared":true,"sort":0,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"bytes","label":null,"logBase":1,"max":null,"min":null,"show":true},{"format":"ms","label":null,"logBase":1,"max":null,"min":null,"show":true}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Disk","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":9,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":false,"steppedLine":false,"targets":[{"expr":"node:windows_node_net_utilisation:sum_irate{cluster=\"$cluster\", instance=\"$instance\"}","format":"time_series","legendFormat":"Utilisation","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Net Utilisation (Transmitted)","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"Bps","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]},{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":10,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":6,"stack":false,"steppedLine":false,"targets":[{"expr":"node:windows_node_net_saturation:sum_irate{cluster=\"$cluster\", instance=\"$instance\"}","format":"time_series","legendFormat":"Saturation","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Net Saturation (Dropped)","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"Bps","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Net","titleSize":"h6"},{"collapse":false,"height":"250px","panels":[{"aliasColors":{},"bars":false,"dashLength":10,"dashes":false,"datasource":"$datasource","fill":1,"id":11,"legend":{"avg":false,"current":false,"max":false,"min":false,"show":true,"total":false,"values":false},"lines":true,"linewidth":1,"links":[],"nullPointMode":"null as zero","percentage":false,"pointradius":5,"points":false,"renderer":"flot","seriesOverrides":[],"spaceLength":10,"span":12,"stack":false,"steppedLine":false,"targets":[{"expr":"node:windows_node_filesystem_usage:{cluster=\"$cluster\", instance=\"$instance\"}\n","format":"time_series","legendFormat":"{{volume}}","legendLink":null}],"thresholds":[],"timeFrom":null,"timeShift":null,"title":"Disk Utilisation","tooltip":{"shared":true,"sort":2,"value_type":"individual"},"type":"graph","xaxis":{"buckets":null,"mode":"time","name":null,"show":true,"values":[]},"yaxes":[{"format":"percentunit","label":null,"logBase":1,"max":null,"min":0,"show":true},{"format":"short","label":null,"logBase":1,"max":null,"min":null,"show":false}]}],"repeat":null,"repeatIteration":null,"repeatRowId":null,"showTitle":true,"title":"Disk","titleSize":"h6"}],"schemaVersion":14,"style":"dark","tags":["kubernetes-mixin"],"templating":{"list":[{"current":{"text":"default","value":"default"},"hide":0,"label":null,"name":"datasource","options":[],"query":"prometheus","refresh":1,"regex":"","type":"datasource"},{"allValue":null,"current":{},"datasource":"$datasource","hide":`}}{{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }}{{`,"includeAll":false,"label":"cluster","multi":false,"name":"cluster","options":[],"query":"label_values(up{job=\"windows-exporter\"}, cluster)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false},{"allValue":null,"current":{},"datasource":"$datasource","hide":0,"includeAll":false,"label":"Instance","multi":false,"name":"instance","options":[],"query":"label_values(windows_system_system_up_time{cluster=\"$cluster\"}, instance)","refresh":2,"regex":"","sort":1,"tagValuesQuery":"","tags":[],"tagsQuery":"","type":"query","useTags":false}]},"time":{"from":"now-6h","to":"now"},"timepicker":{"refresh_intervals":["5s","10s","30s","1m","5m","15m","30m","1h","2h","1d"],"time_options":["5m","15m","1h","6h","12h","24h","2d","7d","30d"]},"timezone": "`}}{{ .Values.grafana.defaultDashboardsTimezone }}{{`","title":"Kubernetes / USE Method / Node(Windows)","uid":"96e7484b0bb53b74fbc2bcb7723cd40b","version":0}`}}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/kubelet.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/kubelet.yaml
new file mode 100644
index 0000000000..74a5303f8f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/kubelet.yaml
@@ -0,0 +1,2256 @@
+{{- /*
+Generated from 'kubelet' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+{{- if (include "exporter.kubelet.enabled" .) }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "kubelet" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  kubelet.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "panels": [
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "links": [
+
+                        ],
+                        "mappings": [
+
+                        ],
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+
+                            ]
+                        },
+                        "unit": "none"
+                    }
+                },
+                "gridPos": {
+                    "h": 7,
+                    "w": 4,
+                    "x": 0,
+                    "y": 0
+                },
+                "id": 2,
+                "links": [
+
+                ],
+                "options": {
+                    "colorMode": "value",
+                    "graphMode": "area",
+                    "justifyMode": "auto",
+                    "orientation": "auto",
+                    "reduceOptions": {
+                        "calcs": [
+                            "lastNotNull"
+                        ],
+                        "fields": "",
+                        "values": false
+                    },
+                    "textMode": "auto"
+                },
+                "pluginVersion": "7",
+                "targets": [
+                    {
+                        "expr": "sum(kubelet_node_name{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\"})",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "A"
+                    }
+                ],
+                "title": "Running Kubelets",
+                "transparent": false,
+                "type": "stat"
+            },
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "links": [
+
+                        ],
+                        "mappings": [
+
+                        ],
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+
+                            ]
+                        },
+                        "unit": "none"
+                    }
+                },
+                "gridPos": {
+                    "h": 7,
+                    "w": 4,
+                    "x": 4,
+                    "y": 0
+                },
+                "id": 3,
+                "links": [
+
+                ],
+                "options": {
+                    "colorMode": "value",
+                    "graphMode": "area",
+                    "justifyMode": "auto",
+                    "orientation": "auto",
+                    "reduceOptions": {
+                        "calcs": [
+                            "lastNotNull"
+                        ],
+                        "fields": "",
+                        "values": false
+                    },
+                    "textMode": "auto"
+                },
+                "pluginVersion": "7",
+                "targets": [
+                    {
+                        "expr": "sum(kubelet_running_pods{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"}) OR sum(kubelet_running_pod_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"})",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "title": "Running Pods",
+                "transparent": false,
+                "type": "stat"
+            },
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "links": [
+
+                        ],
+                        "mappings": [
+
+                        ],
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+
+                            ]
+                        },
+                        "unit": "none"
+                    }
+                },
+                "gridPos": {
+                    "h": 7,
+                    "w": 4,
+                    "x": 8,
+                    "y": 0
+                },
+                "id": 4,
+                "links": [
+
+                ],
+                "options": {
+                    "colorMode": "value",
+                    "graphMode": "area",
+                    "justifyMode": "auto",
+                    "orientation": "auto",
+                    "reduceOptions": {
+                        "calcs": [
+                            "lastNotNull"
+                        ],
+                        "fields": "",
+                        "values": false
+                    },
+                    "textMode": "auto"
+                },
+                "pluginVersion": "7",
+                "targets": [
+                    {
+                        "expr": "sum(kubelet_running_containers{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"}) OR sum(kubelet_running_container_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"})",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "title": "Running Containers",
+                "transparent": false,
+                "type": "stat"
+            },
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "links": [
+
+                        ],
+                        "mappings": [
+
+                        ],
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+
+                            ]
+                        },
+                        "unit": "none"
+                    }
+                },
+                "gridPos": {
+                    "h": 7,
+                    "w": 4,
+                    "x": 12,
+                    "y": 0
+                },
+                "id": 5,
+                "links": [
+
+                ],
+                "options": {
+                    "colorMode": "value",
+                    "graphMode": "area",
+                    "justifyMode": "auto",
+                    "orientation": "auto",
+                    "reduceOptions": {
+                        "calcs": [
+                            "lastNotNull"
+                        ],
+                        "fields": "",
+                        "values": false
+                    },
+                    "textMode": "auto"
+                },
+                "pluginVersion": "7",
+                "targets": [
+                    {
+                        "expr": "sum(volume_manager_total_volumes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\", state=\"actual_state_of_world\"})",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "title": "Actual Volume Count",
+                "transparent": false,
+                "type": "stat"
+            },
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "links": [
+
+                        ],
+                        "mappings": [
+
+                        ],
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+
+                            ]
+                        },
+                        "unit": "none"
+                    }
+                },
+                "gridPos": {
+                    "h": 7,
+                    "w": 4,
+                    "x": 16,
+                    "y": 0
+                },
+                "id": 6,
+                "links": [
+
+                ],
+                "options": {
+                    "colorMode": "value",
+                    "graphMode": "area",
+                    "justifyMode": "auto",
+                    "orientation": "auto",
+                    "reduceOptions": {
+                        "calcs": [
+                            "lastNotNull"
+                        ],
+                        "fields": "",
+                        "values": false
+                    },
+                    "textMode": "auto"
+                },
+                "pluginVersion": "7",
+                "targets": [
+                    {
+                        "expr": "sum(volume_manager_total_volumes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\",state=\"desired_state_of_world\"})",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "title": "Desired Volume Count",
+                "transparent": false,
+                "type": "stat"
+            },
+            {
+                "datasource": "$datasource",
+                "fieldConfig": {
+                    "defaults": {
+                        "links": [
+
+                        ],
+                        "mappings": [
+
+                        ],
+                        "thresholds": {
+                            "mode": "absolute",
+                            "steps": [
+
+                            ]
+                        },
+                        "unit": "none"
+                    }
+                },
+                "gridPos": {
+                    "h": 7,
+                    "w": 4,
+                    "x": 20,
+                    "y": 0
+                },
+                "id": 7,
+                "links": [
+
+                ],
+                "options": {
+                    "colorMode": "value",
+                    "graphMode": "area",
+                    "justifyMode": "auto",
+                    "orientation": "auto",
+                    "reduceOptions": {
+                        "calcs": [
+                            "lastNotNull"
+                        ],
+                        "fields": "",
+                        "values": false
+                    },
+                    "textMode": "auto"
+                },
+                "pluginVersion": "7",
+                "targets": [
+                    {
+                        "expr": "sum(rate(kubelet_node_config_error{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"}[$__rate_interval]))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "title": "Config Error Count",
+                "transparent": false,
+                "type": "stat"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 0,
+                    "y": 7
+                },
+                "id": 8,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(rate(kubelet_runtime_operations_total{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (operation_type, instance)",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}operation_type{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Operation Rate",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 12,
+                    "y": 7
+                },
+                "id": 9,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(rate(kubelet_runtime_operations_errors_total{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance, operation_type)",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}operation_type{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Operation Error Rate",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 24,
+                    "x": 0,
+                    "y": 14
+                },
+                "id": 10,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "histogram_quantile(0.99, sum(rate(kubelet_runtime_operations_duration_seconds_bucket{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance, operation_type, le))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}operation_type{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Operation duration 99th quantile",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 0,
+                    "y": 21
+                },
+                "id": 11,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(rate(kubelet_pod_start_duration_seconds_count{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance)",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} pod",
+                        "refId": "A"
+                    },
+                    {
+                        "expr": "sum(rate(kubelet_pod_worker_duration_seconds_count{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance)",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} worker",
+                        "refId": "B"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Pod Start Rate",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 12,
+                    "y": 21
+                },
+                "id": 12,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "histogram_quantile(0.99, sum(rate(kubelet_pod_start_duration_seconds_bucket{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance, le))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} pod",
+                        "refId": "A"
+                    },
+                    {
+                        "expr": "histogram_quantile(0.99, sum(rate(kubelet_pod_worker_duration_seconds_bucket{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance, le))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} worker",
+                        "refId": "B"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Pod Start Duration",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 0,
+                    "y": 28
+                },
+                "id": 13,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(rate(storage_operation_duration_seconds_count{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance, operation_name, volume_plugin)",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}operation_name{{`}}`}} {{`{{`}}volume_plugin{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Storage Operation Rate",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 12,
+                    "y": 28
+                },
+                "id": 14,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(rate(storage_operation_errors_total{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance, operation_name, volume_plugin)",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}operation_name{{`}}`}} {{`{{`}}volume_plugin{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Storage Operation Error Rate",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 24,
+                    "x": 0,
+                    "y": 35
+                },
+                "id": 15,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "histogram_quantile(0.99, sum(rate(storage_operation_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"}[$__rate_interval])) by (instance, operation_name, volume_plugin, le))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}operation_name{{`}}`}} {{`{{`}}volume_plugin{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Storage Operation Duration 99th quantile",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 0,
+                    "y": 42
+                },
+                "id": 16,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(rate(kubelet_cgroup_manager_duration_seconds_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"}[$__rate_interval])) by (instance, operation_type)",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}operation_type{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Cgroup manager operation rate",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 12,
+                    "y": 42
+                },
+                "id": 17,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "histogram_quantile(0.99, sum(rate(kubelet_cgroup_manager_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"}[$__rate_interval])) by (instance, operation_type, le))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}operation_type{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Cgroup manager 99th quantile",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "description": "Pod lifecycle event generator",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 0,
+                    "y": 49
+                },
+                "id": 18,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(rate(kubelet_pleg_relist_duration_seconds_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"}[$__rate_interval])) by (instance)",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "PLEG relist rate",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 12,
+                    "x": 12,
+                    "y": 49
+                },
+                "id": 19,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "histogram_quantile(0.99, sum(rate(kubelet_pleg_relist_interval_seconds_bucket{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance, le))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "PLEG relist interval",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 24,
+                    "x": 0,
+                    "y": 56
+                },
+                "id": 20,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "histogram_quantile(0.99, sum(rate(kubelet_pleg_relist_duration_seconds_bucket{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])) by (instance, le))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "PLEG relist duration",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 24,
+                    "x": 0,
+                    "y": 63
+                },
+                "id": 21,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\",code=~\"2..\"}[$__rate_interval]))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "2xx",
+                        "refId": "A"
+                    },
+                    {
+                        "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\",code=~\"3..\"}[$__rate_interval]))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "3xx",
+                        "refId": "B"
+                    },
+                    {
+                        "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\",code=~\"4..\"}[$__rate_interval]))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "4xx",
+                        "refId": "C"
+                    },
+                    {
+                        "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\",code=~\"5..\"}[$__rate_interval]))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "5xx",
+                        "refId": "D"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "RPC Rate",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "ops",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 24,
+                    "x": 0,
+                    "y": 70
+                },
+                "id": 22,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": true
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", instance=~\"$instance\"}[$__rate_interval])) by (instance, verb, url, le))",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}verb{{`}}`}} {{`{{`}}url{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Request duration 99th quantile",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "s",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 8,
+                    "x": 0,
+                    "y": 77
+                },
+                "id": 23,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "process_resident_memory_bytes{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Memory",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "bytes",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "bytes",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 8,
+                    "x": 8,
+                    "y": 77
+                },
+                "id": 24,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "rate(process_cpu_seconds_total{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}[$__rate_interval])",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "CPU usage",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "short",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "short",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 1,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 7,
+                    "w": 8,
+                    "x": 16,
+                    "y": 77
+                },
+                "id": 25,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "nullPointMode": "null",
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "go_goroutines{cluster=\"$cluster\",job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",instance=~\"$instance\"}",
+                        "format": "time_series",
+                        "intervalFactor": 2,
+                        "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Goroutines",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 0,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "short",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    },
+                    {
+                        "format": "short",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": null,
+                        "show": true
+                    }
+                ]
+            }
+        ],
+        "refresh": "10s",
+        "rows": [
+
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": "cluster",
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": "instance",
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\",cluster=\"$cluster\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Kubelet",
+        "uid": "3138fa155d5915769fbded898ac09fd9",
+        "version": 0
+    }
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/namespace-by-pod.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/namespace-by-pod.yaml
new file mode 100644
index 0000000000..f5c72844fb
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/namespace-by-pod.yaml
@@ -0,0 +1,1464 @@
+{{- /*
+Generated from 'namespace-by-pod' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "namespace-by-pod" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  namespace-by-pod.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+                {
+                    "builtIn": 1,
+                    "datasource": "-- Grafana --",
+                    "enable": true,
+                    "hide": true,
+                    "iconColor": "rgba(0, 211, 255, 1)",
+                    "name": "Annotations & Alerts",
+                    "type": "dashboard"
+                }
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "panels": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 0
+                },
+                "id": 2,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "cacheTimeout": null,
+                "colorBackground": false,
+                "colorValue": false,
+                "colors": [
+                    "#299c46",
+                    "rgba(237, 129, 40, 0.89)",
+                    "#d44a3a"
+                ],
+                "datasource": "$datasource",
+                "decimals": 0,
+                "format": "time_series",
+                "gauge": {
+                    "maxValue": 100,
+                    "minValue": 0,
+                    "show": false,
+                    "thresholdLabels": false,
+                    "thresholdMarkers": true
+                },
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 1
+                },
+                "height": 9,
+                "id": 3,
+                "interval": null,
+                "links": [
+
+                ],
+                "mappingType": 1,
+                "mappingTypes": [
+                    {
+                        "name": "value to text",
+                        "value": 1
+                    },
+                    {
+                        "name": "range to text",
+                        "value": 2
+                    }
+                ],
+                "maxDataPoints": 100,
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "nullText": null,
+                "options": {
+                    "fieldOptions": {
+                        "calcs": [
+                            "last"
+                        ],
+                        "defaults": {
+                            "max": 10000000000,
+                            "min": 0,
+                            "title": "$namespace",
+                            "unit": "Bps"
+                        },
+                        "mappings": [
+
+                        ],
+                        "override": {
+
+                        },
+                        "thresholds": [
+                            {
+                                "color": "dark-green",
+                                "index": 0,
+                                "value": null
+                            },
+                            {
+                                "color": "dark-yellow",
+                                "index": 1,
+                                "value": 5000000000
+                            },
+                            {
+                                "color": "dark-red",
+                                "index": 2,
+                                "value": 7000000000
+                            }
+                        ],
+                        "values": false
+                    }
+                },
+                "postfix": "",
+                "postfixFontSize": "50%",
+                "prefix": "",
+                "prefixFontSize": "50%",
+                "rangeMaps": [
+                    {
+                        "from": "null",
+                        "text": "N/A",
+                        "to": "null"
+                    }
+                ],
+                "span": 12,
+                "sparkline": {
+                    "fillColor": "rgba(31, 118, 189, 0.18)",
+                    "full": false,
+                    "lineColor": "rgb(31, 120, 193)",
+                    "show": false
+                },
+                "tableColumn": "",
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution]))",
+                        "format": "time_series",
+                        "instant": null,
+                        "intervalFactor": 1,
+                        "legendFormat": "",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": "",
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Received",
+                "type": "gauge",
+                "valueFontSize": "80%",
+                "valueMaps": [
+                    {
+                        "op": "=",
+                        "text": "N/A",
+                        "value": "null"
+                    }
+                ],
+                "valueName": "current"
+            },
+            {
+                "cacheTimeout": null,
+                "colorBackground": false,
+                "colorValue": false,
+                "colors": [
+                    "#299c46",
+                    "rgba(237, 129, 40, 0.89)",
+                    "#d44a3a"
+                ],
+                "datasource": "$datasource",
+                "decimals": 0,
+                "format": "time_series",
+                "gauge": {
+                    "maxValue": 100,
+                    "minValue": 0,
+                    "show": false,
+                    "thresholdLabels": false,
+                    "thresholdMarkers": true
+                },
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 1
+                },
+                "height": 9,
+                "id": 4,
+                "interval": null,
+                "links": [
+
+                ],
+                "mappingType": 1,
+                "mappingTypes": [
+                    {
+                        "name": "value to text",
+                        "value": 1
+                    },
+                    {
+                        "name": "range to text",
+                        "value": 2
+                    }
+                ],
+                "maxDataPoints": 100,
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "nullText": null,
+                "options": {
+                    "fieldOptions": {
+                        "calcs": [
+                            "last"
+                        ],
+                        "defaults": {
+                            "max": 10000000000,
+                            "min": 0,
+                            "title": "$namespace",
+                            "unit": "Bps"
+                        },
+                        "mappings": [
+
+                        ],
+                        "override": {
+
+                        },
+                        "thresholds": [
+                            {
+                                "color": "dark-green",
+                                "index": 0,
+                                "value": null
+                            },
+                            {
+                                "color": "dark-yellow",
+                                "index": 1,
+                                "value": 5000000000
+                            },
+                            {
+                                "color": "dark-red",
+                                "index": 2,
+                                "value": 7000000000
+                            }
+                        ],
+                        "values": false
+                    }
+                },
+                "postfix": "",
+                "postfixFontSize": "50%",
+                "prefix": "",
+                "prefixFontSize": "50%",
+                "rangeMaps": [
+                    {
+                        "from": "null",
+                        "text": "N/A",
+                        "to": "null"
+                    }
+                ],
+                "span": 12,
+                "sparkline": {
+                    "fillColor": "rgba(31, 118, 189, 0.18)",
+                    "full": false,
+                    "lineColor": "rgb(31, 120, 193)",
+                    "show": false
+                },
+                "tableColumn": "",
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution]))",
+                        "format": "time_series",
+                        "instant": null,
+                        "intervalFactor": 1,
+                        "legendFormat": "",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": "",
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Transmitted",
+                "type": "gauge",
+                "valueFontSize": "80%",
+                "valueMaps": [
+                    {
+                        "op": "=",
+                        "text": "N/A",
+                        "value": "null"
+                    }
+                ],
+                "valueName": "current"
+            },
+            {
+                "columns": [
+                    {
+                        "text": "Time",
+                        "value": "Time"
+                    },
+                    {
+                        "text": "Value #A",
+                        "value": "Value #A"
+                    },
+                    {
+                        "text": "Value #B",
+                        "value": "Value #B"
+                    },
+                    {
+                        "text": "Value #C",
+                        "value": "Value #C"
+                    },
+                    {
+                        "text": "Value #D",
+                        "value": "Value #D"
+                    },
+                    {
+                        "text": "Value #E",
+                        "value": "Value #E"
+                    },
+                    {
+                        "text": "Value #F",
+                        "value": "Value #F"
+                    },
+                    {
+                        "text": "pod",
+                        "value": "pod"
+                    }
+                ],
+                "datasource": "$datasource",
+                "fill": 1,
+                "fontSize": "100%",
+                "gridPos": {
+                    "h": 9,
+                    "w": 24,
+                    "x": 0,
+                    "y": 10
+                },
+                "id": 5,
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null as zero",
+                "renderer": "flot",
+                "scroll": true,
+                "showHeader": true,
+                "sort": {
+                    "col": 0,
+                    "desc": false
+                },
+                "spaceLength": 10,
+                "span": 24,
+                "styles": [
+                    {
+                        "alias": "Time",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Time",
+                        "thresholds": [
+
+                        ],
+                        "type": "hidden",
+                        "unit": "short"
+                    },
+                    {
+                        "alias": "Bandwidth Received",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #A",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Bandwidth Transmitted",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #B",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Rate of Received Packets",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #C",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Transmitted Packets",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #D",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Received Packets Dropped",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #E",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Transmitted Packets Dropped",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #F",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Pod",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": true,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "d/7a18067ce943a40ae25454675c19ff5c/kubernetes-networking-pod?orgId=1&refresh=30s&var-namespace=$namespace&var-pod=$__cell",
+                        "pattern": "pod",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "short"
+                    }
+                ],
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "A",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "B",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sum(irate(container_network_receive_packets_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "C",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sum(irate(container_network_transmit_packets_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "D",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sum(irate(container_network_receive_packets_dropped_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "E",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sum(irate(container_network_transmit_packets_dropped_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "F",
+                        "step": 10
+                    }
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Status",
+                "type": "table"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 19
+                },
+                "id": 6,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 20
+                },
+                "id": 7,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 12,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Receive Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 20
+                },
+                "id": 8,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 12,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Transmit Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 29
+                },
+                "id": 9,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 10,
+                            "w": 12,
+                            "x": 0,
+                            "y": 30
+                        },
+                        "id": 10,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 10,
+                            "w": 12,
+                            "x": 12,
+                            "y": 30
+                        },
+                        "id": 11,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Packets",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 30
+                },
+                "id": 12,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 10,
+                            "w": 12,
+                            "x": 0,
+                            "y": 40
+                        },
+                        "id": 13,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_dropped_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 10,
+                            "w": 12,
+                            "x": 12,
+                            "y": 40
+                        },
+                        "id": 14,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_dropped_total{cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Errors",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "refresh": "10s",
+        "rows": [
+
+        ],
+        "schemaVersion": 18,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": ".+",
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "kube-system",
+                        "value": "kube-system"
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(container_network_receive_packets_total{cluster=\"$cluster\"}, namespace)",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(container_network_receive_packets_total{cluster=\"$cluster\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "resolution",
+                    "options": [
+                        {
+                            "selected": false,
+                            "text": "30s",
+                            "value": "30s"
+                        },
+                        {
+                            "selected": true,
+                            "text": "5m",
+                            "value": "5m"
+                        },
+                        {
+                            "selected": false,
+                            "text": "1h",
+                            "value": "1h"
+                        }
+                    ],
+                    "query": "30s,5m,1h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 2,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "interval",
+                    "options": [
+                        {
+                            "selected": true,
+                            "text": "4h",
+                            "value": "4h"
+                        }
+                    ],
+                    "query": "4h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Networking / Namespace (Pods)",
+        "uid": "8b7a8b326d7a6f1f04244066368c67af",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/namespace-by-workload.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/namespace-by-workload.yaml
new file mode 100644
index 0000000000..801b09c265
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/namespace-by-workload.yaml
@@ -0,0 +1,1736 @@
+{{- /*
+Generated from 'namespace-by-workload' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "namespace-by-workload" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  namespace-by-workload.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+                {
+                    "builtIn": 1,
+                    "datasource": "-- Grafana --",
+                    "enable": true,
+                    "hide": true,
+                    "iconColor": "rgba(0, 211, 255, 1)",
+                    "name": "Annotations & Alerts",
+                    "type": "dashboard"
+                }
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "panels": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 0
+                },
+                "id": 2,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": true,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 1
+                },
+                "id": 3,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "sort": "current",
+                    "sortDesc": true,
+                    "total": false,
+                    "values": true
+                },
+                "lines": false,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 24,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}} workload {{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Received",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "series",
+                    "name": null,
+                    "show": false,
+                    "values": [
+                        "current"
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": true,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 1
+                },
+                "id": 4,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "sort": "current",
+                    "sortDesc": true,
+                    "total": false,
+                    "values": true
+                },
+                "lines": false,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 24,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}} workload {{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Transmitted",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "series",
+                    "name": null,
+                    "show": false,
+                    "values": [
+                        "current"
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "columns": [
+                    {
+                        "text": "Time",
+                        "value": "Time"
+                    },
+                    {
+                        "text": "Value #A",
+                        "value": "Value #A"
+                    },
+                    {
+                        "text": "Value #B",
+                        "value": "Value #B"
+                    },
+                    {
+                        "text": "Value #C",
+                        "value": "Value #C"
+                    },
+                    {
+                        "text": "Value #D",
+                        "value": "Value #D"
+                    },
+                    {
+                        "text": "Value #E",
+                        "value": "Value #E"
+                    },
+                    {
+                        "text": "Value #F",
+                        "value": "Value #F"
+                    },
+                    {
+                        "text": "Value #G",
+                        "value": "Value #G"
+                    },
+                    {
+                        "text": "Value #H",
+                        "value": "Value #H"
+                    },
+                    {
+                        "text": "workload",
+                        "value": "workload"
+                    }
+                ],
+                "datasource": "$datasource",
+                "fill": 1,
+                "fontSize": "90%",
+                "gridPos": {
+                    "h": 9,
+                    "w": 24,
+                    "x": 0,
+                    "y": 10
+                },
+                "id": 5,
+                "lines": true,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null as zero",
+                "renderer": "flot",
+                "scroll": true,
+                "showHeader": true,
+                "sort": {
+                    "col": 0,
+                    "desc": false
+                },
+                "spaceLength": 10,
+                "span": 24,
+                "styles": [
+                    {
+                        "alias": "Time",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Time",
+                        "thresholds": [
+
+                        ],
+                        "type": "hidden",
+                        "unit": "short"
+                    },
+                    {
+                        "alias": "Current Bandwidth Received",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #A",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Current Bandwidth Transmitted",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #B",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Average Bandwidth Received",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #C",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Average Bandwidth Transmitted",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #D",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "Bps"
+                    },
+                    {
+                        "alias": "Rate of Received Packets",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #E",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Transmitted Packets",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #F",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Received Packets Dropped",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #G",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Rate of Transmitted Packets Dropped",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": false,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "",
+                        "pattern": "Value #H",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "pps"
+                    },
+                    {
+                        "alias": "Workload",
+                        "colorMode": null,
+                        "colors": [
+
+                        ],
+                        "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                        "decimals": 2,
+                        "link": true,
+                        "linkTooltip": "Drill down",
+                        "linkUrl": "d/728bf77cc1166d2f3133bf25846876cc/kubernetes-networking-workload?orgId=1&refresh=30s&var-namespace=$namespace&var-type=$type&var-workload=$__cell",
+                        "pattern": "workload",
+                        "thresholds": [
+
+                        ],
+                        "type": "number",
+                        "unit": "short"
+                    }
+                ],
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "A",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "B",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(avg(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "C",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(avg(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "D",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_packets_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "E",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_packets_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "F",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_packets_dropped_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "G",
+                        "step": 10
+                    },
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_packets_dropped_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "table",
+                        "instant": true,
+                        "intervalFactor": 2,
+                        "legendFormat": "",
+                        "refId": "H",
+                        "step": 10
+                    }
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Status",
+                "type": "table"
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 19
+                },
+                "id": 6,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": true,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 0,
+                            "y": 20
+                        },
+                        "id": 7,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "sort": "current",
+                            "sortDesc": true,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": false,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "null",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(avg(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}} workload {{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Rate of Bytes Received",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "series",
+                            "name": null,
+                            "show": false,
+                            "values": [
+                                "current"
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": true,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 12,
+                            "y": 20
+                        },
+                        "id": 8,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "sort": "current",
+                            "sortDesc": true,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": false,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "null",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(avg(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}} workload {{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Rate of Bytes Transmitted",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "series",
+                            "name": null,
+                            "show": false,
+                            "values": [
+                                "current"
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Average Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 29
+                },
+                "id": 9,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth HIstory",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 38
+                },
+                "id": 10,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 12,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Receive Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 38
+                },
+                "id": 11,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 12,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Transmit Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 39
+                },
+                "id": 12,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 0,
+                            "y": 40
+                        },
+                        "id": 13,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_receive_packets_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 12,
+                            "y": 40
+                        },
+                        "id": 14,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_transmit_packets_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Packets",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 40
+                },
+                "id": 15,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 0,
+                            "y": 41
+                        },
+                        "id": 16,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_receive_packets_dropped_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 12,
+                            "y": 41
+                        },
+                        "id": 17,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_transmit_packets_dropped_total{cluster=\"$cluster\",namespace=\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\", workload_type=\"$type\"}) by (workload))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}workload{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Errors",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "refresh": "10s",
+        "rows": [
+
+        ],
+        "schemaVersion": 18,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "kube-system",
+                        "value": "kube-system"
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(container_network_receive_packets_total{cluster=\"$cluster\"}, namespace)",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(container_network_receive_packets_total{cluster=\"$cluster\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "deployment",
+                        "value": "deployment"
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\"}, workload_type)",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "type",
+                    "options": [
+
+                    ],
+                    "query": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=\"$namespace\", workload=~\".+\"}, workload_type)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "resolution",
+                    "options": [
+                        {
+                            "selected": false,
+                            "text": "30s",
+                            "value": "30s"
+                        },
+                        {
+                            "selected": true,
+                            "text": "5m",
+                            "value": "5m"
+                        },
+                        {
+                            "selected": false,
+                            "text": "1h",
+                            "value": "1h"
+                        }
+                    ],
+                    "query": "30s,5m,1h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 2,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "interval",
+                    "options": [
+                        {
+                            "selected": true,
+                            "text": "4h",
+                            "value": "4h"
+                        }
+                    ],
+                    "query": "4h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Networking / Namespace (Workload)",
+        "uid": "bbb2a765a623ae38130206c7d94a160f",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/node-cluster-rsrc-use.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/node-cluster-rsrc-use.yaml
new file mode 100644
index 0000000000..9869a3d3e0
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/node-cluster-rsrc-use.yaml
@@ -0,0 +1,1063 @@
+{{- /*
+Generated from 'node-cluster-rsrc-use' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled (or .Values.nodeExporter.enabled .Values.nodeExporter.forceDeployDashboards) }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "node-cluster-rsrc-use" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  node-cluster-rsrc-use.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 1,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "30s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "((\n  instance:node_cpu_utilisation:rate5m{job=\"node-exporter\", cluster=\"$cluster\"}\n  *\n  instance:node_num_cpu:sum{job=\"node-exporter\", cluster=\"$cluster\"}\n) != 0 )\n/ scalar(sum(instance:node_num_cpu:sum{job=\"node-exporter\", cluster=\"$cluster\"}))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}} instance {{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Utilisation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  instance:node_load1_per_cpu:ratio{job=\"node-exporter\", cluster=\"$cluster\"}\n  / scalar(count(instance:node_load1_per_cpu:ratio{job=\"node-exporter\", cluster=\"$cluster\"}))\n)  != 0\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Saturation (Load1 per CPU)",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  instance:node_memory_utilisation:ratio{job=\"node-exporter\", cluster=\"$cluster\"}\n  / scalar(count(instance:node_memory_utilisation:ratio{job=\"node-exporter\", cluster=\"$cluster\"}))\n) != 0\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Utilisation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_vmstat_pgmajfault:rate5m{job=\"node-exporter\", cluster=\"$cluster\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Saturation (Major Page Faults)",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "rds",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "rds",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+                            {
+                                "alias": "/Receive/",
+                                "stack": "A"
+                            },
+                            {
+                                "alias": "/Transmit/",
+                                "stack": "B",
+                                "transform": "negative-Y"
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_network_receive_bytes_excluding_lo:rate5m{job=\"node-exporter\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Receive",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "instance:node_network_transmit_bytes_excluding_lo:rate5m{job=\"node-exporter\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Transmit",
+                                "refId": "B"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Utilisation (Bytes Receive/Transmit)",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+                            {
+                                "alias": "/ Receive/",
+                                "stack": "A"
+                            },
+                            {
+                                "alias": "/ Transmit/",
+                                "stack": "B",
+                                "transform": "negative-Y"
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_network_receive_drop_excluding_lo:rate5m{job=\"node-exporter\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Receive",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "instance:node_network_transmit_drop_excluding_lo:rate5m{job=\"node-exporter\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} Transmit",
+                                "refId": "B"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Saturation (Drops Receive/Transmit)",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Network",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  instance_device:node_disk_io_time_seconds:rate5m{job=\"node-exporter\", cluster=\"$cluster\"}\n  / scalar(count(instance_device:node_disk_io_time_seconds:rate5m{job=\"node-exporter\", cluster=\"$cluster\"}))\n) != 0\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk IO Utilisation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  instance_device:node_disk_io_time_weighted_seconds:rate5m{job=\"node-exporter\", cluster=\"$cluster\"}\n  / scalar(count(instance_device:node_disk_io_time_weighted_seconds:rate5m{job=\"node-exporter\", cluster=\"$cluster\"}))\n) != 0\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}} {{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk IO Saturation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Disk IO",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 10,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum without (device) (\n  max without (fstype, mountpoint) ((\n    node_filesystem_size_bytes{job=\"node-exporter\", fstype!=\"\", mountpoint!=\"\", cluster=\"$cluster\"}\n    -\n    node_filesystem_avail_bytes{job=\"node-exporter\", fstype!=\"\", mountpoint!=\"\", cluster=\"$cluster\"}\n  ) != 0)\n)\n/ scalar(sum(max without (fstype, mountpoint) (node_filesystem_size_bytes{job=\"node-exporter\", fstype!=\"\", mountpoint!=\"\", cluster=\"$cluster\"})))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk Space Utilisation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Disk Space",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "node-exporter-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(node_time_seconds, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Node Exporter / USE Method / Cluster",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/node-rsrc-use.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/node-rsrc-use.yaml
new file mode 100644
index 0000000000..75e69afa22
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/node-rsrc-use.yaml
@@ -0,0 +1,1089 @@
+{{- /*
+Generated from 'node-rsrc-use' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled (or .Values.nodeExporter.enabled .Values.nodeExporter.forceDeployDashboards) }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "node-rsrc-use" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  node-rsrc-use.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 1,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "30s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_cpu_utilisation:rate5m{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Utilisation",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Utilisation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_load1_per_cpu:ratio{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Saturation",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Saturation (Load1 per CPU)",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_memory_utilisation:ratio{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Utilisation",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Utilisation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_vmstat_pgmajfault:rate5m{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Major page Faults",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Saturation (Major Page Faults)",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "rds",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "rds",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+                            {
+                                "alias": "/Receive/",
+                                "stack": "A"
+                            },
+                            {
+                                "alias": "/Transmit/",
+                                "stack": "B",
+                                "transform": "negative-Y"
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_network_receive_bytes_excluding_lo:rate5m{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Receive",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "instance:node_network_transmit_bytes_excluding_lo:rate5m{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Transmit",
+                                "refId": "B"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Utilisation (Bytes Receive/Transmit)",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+                            {
+                                "alias": "/ Receive/",
+                                "stack": "A"
+                            },
+                            {
+                                "alias": "/ Transmit/",
+                                "stack": "B",
+                                "transform": "negative-Y"
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance:node_network_receive_drop_excluding_lo:rate5m{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Receive",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "instance:node_network_transmit_drop_excluding_lo:rate5m{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Transmit",
+                                "refId": "B"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Saturation (Drops Receive/Transmit)",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Network",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance_device:node_disk_io_time_seconds:rate5m{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk IO Utilisation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "instance_device:node_disk_io_time_weighted_seconds:rate5m{job=\"node-exporter\", instance=\"$instance\", cluster=\"$cluster\"} != 0",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk IO Saturation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Disk IO",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 10,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": false,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(1 -\n  (\n   max without (mountpoint, fstype) (node_filesystem_avail_bytes{job=\"node-exporter\", fstype!=\"\", instance=\"$instance\", cluster=\"$cluster\"})\n   /\n   max without (mountpoint, fstype) (node_filesystem_size_bytes{job=\"node-exporter\", fstype!=\"\", instance=\"$instance\", cluster=\"$cluster\"})\n  ) != 0\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk Space Utilisation",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Disk Space",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "node-exporter-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(node_time_seconds, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(node_exporter_build_info{job=\"node-exporter\", cluster=\"$cluster\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Node Exporter / USE Method / Node",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/nodes-darwin.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/nodes-darwin.yaml
new file mode 100644
index 0000000000..fe11875324
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/nodes-darwin.yaml
@@ -0,0 +1,1073 @@
+{{- /*
+Generated from 'nodes-darwin' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled (and (or .Values.nodeExporter.enabled .Values.nodeExporter.forceDeployDashboards) .Values.nodeExporter.operatingSystems.darwin.enabled) }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "nodes-darwin" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  nodes-darwin.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 1,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "30s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  (1 - sum without (mode) (rate(node_cpu_seconds_total{job=\"node-exporter\", mode=~\"idle|iowait|steal\", instance=\"$instance\"}[$__rate_interval])))\n/ ignoring(cpu) group_left\n  count without (cpu, mode) (node_cpu_seconds_total{job=\"node-exporter\", mode=\"idle\", instance=\"$instance\"})\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 5,
+                                "legendFormat": "{{`{{`}}cpu{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Usage",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": 1,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": 1,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "node_load1{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "1m load average",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "node_load5{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "5m load average",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "node_load15{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "15m load average",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "count(node_cpu_seconds_total{job=\"node-exporter\", instance=\"$instance\", mode=\"idle\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "logical cores",
+                                "refId": "D"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Load Average",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 9,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "node_memory_total_bytes{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Physical Memory",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "(\n    node_memory_internal_bytes{job=\"node-exporter\", instance=\"$instance\"} -\n    node_memory_purgeable_bytes{job=\"node-exporter\", instance=\"$instance\"} +\n    node_memory_wired_bytes{job=\"node-exporter\", instance=\"$instance\"} +\n    node_memory_compressed_bytes{job=\"node-exporter\", instance=\"$instance\"}\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Memory Used",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "(\n    node_memory_internal_bytes{job=\"node-exporter\", instance=\"$instance\"} -\n    node_memory_purgeable_bytes{job=\"node-exporter\", instance=\"$instance\"}\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "App Memory",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "node_memory_wired_bytes{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Wired Memory",
+                                "refId": "D"
+                            },
+                            {
+                                "expr": "node_memory_compressed_bytes{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Compressed",
+                                "refId": "E"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Usage",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "datasource": "$datasource",
+                        "fieldConfig": {
+                            "defaults": {
+                                "max": 100,
+                                "min": 0,
+                                "thresholds": {
+                                    "mode": "absolute",
+                                    "steps": [
+                                        {
+                                            "color": "rgba(50, 172, 45, 0.97)"
+                                        },
+                                        {
+                                            "color": "rgba(237, 129, 40, 0.89)",
+                                            "value": 80
+                                        },
+                                        {
+                                            "color": "rgba(245, 54, 54, 0.9)",
+                                            "value": 90
+                                        }
+                                    ]
+                                },
+                                "unit": "percent"
+                            }
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "span": 3,
+                        "targets": [
+                            {
+                                "expr": "(\n    (\n      avg(node_memory_internal_bytes{job=\"node-exporter\", instance=\"$instance\"}) -\n      avg(node_memory_purgeable_bytes{job=\"node-exporter\", instance=\"$instance\"}) +\n      avg(node_memory_wired_bytes{job=\"node-exporter\", instance=\"$instance\"}) +\n      avg(node_memory_compressed_bytes{job=\"node-exporter\", instance=\"$instance\"})\n    ) /\n    avg(node_memory_total_bytes{job=\"node-exporter\", instance=\"$instance\"})\n)\n*\n100\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": ""
+                            }
+                        ],
+                        "title": "Memory Usage",
+                        "transparent": false,
+                        "type": "gauge"
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+                            {
+                                "alias": "/ read| written/",
+                                "yaxis": 1
+                            },
+                            {
+                                "alias": "/ io time/",
+                                "yaxis": 2
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(node_disk_read_bytes_total{job=\"node-exporter\", instance=\"$instance\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}} read",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "rate(node_disk_written_bytes_total{job=\"node-exporter\", instance=\"$instance\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}} written",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "rate(node_disk_io_time_seconds_total{job=\"node-exporter\", instance=\"$instance\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}} io time",
+                                "refId": "C"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk I/O",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "datasource": "$datasource",
+                        "fieldConfig": {
+                            "defaults": {
+                                "custom": {
+
+                                },
+                                "thresholds": {
+                                    "mode": "absolute",
+                                    "steps": [
+                                        {
+                                            "color": "green"
+                                        },
+                                        {
+                                            "color": "yellow",
+                                            "value": 0.8
+                                        },
+                                        {
+                                            "color": "red",
+                                            "value": 0.9
+                                        }
+                                    ]
+                                },
+                                "unit": "decbytes"
+                            },
+                            "overrides": [
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Mounted on"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "custom.width",
+                                            "value": 260
+                                        }
+                                    ]
+                                },
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Size"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "custom.width",
+                                            "value": 93
+                                        }
+                                    ]
+                                },
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Used"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "custom.width",
+                                            "value": 72
+                                        }
+                                    ]
+                                },
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Available"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "custom.width",
+                                            "value": 88
+                                        }
+                                    ]
+                                },
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Used, %"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "unit",
+                                            "value": "percentunit"
+                                        },
+                                        {
+                                            "id": "custom.displayMode",
+                                            "value": "gradient-gauge"
+                                        },
+                                        {
+                                            "id": "max",
+                                            "value": 1
+                                        },
+                                        {
+                                            "id": "min",
+                                            "value": 0
+                                        }
+                                    ]
+                                }
+                            ]
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "span": 6,
+                        "targets": [
+                            {
+                                "expr": "max by (mountpoint) (node_filesystem_size_bytes{job=\"node-exporter\", instance=\"$instance\", fstype!=\"\", mountpoint!=\"\"})\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": ""
+                            },
+                            {
+                                "expr": "max by (mountpoint) (node_filesystem_avail_bytes{job=\"node-exporter\", instance=\"$instance\", fstype!=\"\", mountpoint!=\"\"})\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": ""
+                            }
+                        ],
+                        "title": "Disk Space Usage",
+                        "transformations": [
+                            {
+                                "id": "groupBy",
+                                "options": {
+                                    "fields": {
+                                        "Value #A": {
+                                            "aggregations": [
+                                                "lastNotNull"
+                                            ],
+                                            "operation": "aggregate"
+                                        },
+                                        "Value #B": {
+                                            "aggregations": [
+                                                "lastNotNull"
+                                            ],
+                                            "operation": "aggregate"
+                                        },
+                                        "mountpoint": {
+                                            "aggregations": [
+
+                                            ],
+                                            "operation": "groupby"
+                                        }
+                                    }
+                                }
+                            },
+                            {
+                                "id": "merge",
+                                "options": {
+
+                                }
+                            },
+                            {
+                                "id": "calculateField",
+                                "options": {
+                                    "alias": "Used",
+                                    "binary": {
+                                        "left": "Value #A (lastNotNull)",
+                                        "operator": "-",
+                                        "reducer": "sum",
+                                        "right": "Value #B (lastNotNull)"
+                                    },
+                                    "mode": "binary",
+                                    "reduce": {
+                                        "reducer": "sum"
+                                    }
+                                }
+                            },
+                            {
+                                "id": "calculateField",
+                                "options": {
+                                    "alias": "Used, %",
+                                    "binary": {
+                                        "left": "Used",
+                                        "operator": "/",
+                                        "reducer": "sum",
+                                        "right": "Value #A (lastNotNull)"
+                                    },
+                                    "mode": "binary",
+                                    "reduce": {
+                                        "reducer": "sum"
+                                    }
+                                }
+                            },
+                            {
+                                "id": "organize",
+                                "options": {
+                                    "excludeByName": {
+
+                                    },
+                                    "indexByName": {
+
+                                    },
+                                    "renameByName": {
+                                        "Value #A (lastNotNull)": "Size",
+                                        "Value #B (lastNotNull)": "Available",
+                                        "mountpoint": "Mounted on"
+                                    }
+                                }
+                            },
+                            {
+                                "id": "sortBy",
+                                "options": {
+                                    "fields": {
+
+                                    },
+                                    "sort": [
+                                        {
+                                            "field": "Mounted on"
+                                        }
+                                    ]
+                                }
+                            }
+                        ],
+                        "transparent": false,
+                        "type": "table"
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Disk",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "Network received (bits/s)",
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(node_network_receive_bytes_total{job=\"node-exporter\", instance=\"$instance\", device!=\"lo\"}[$__rate_interval]) * 8",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Received",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "Network transmitted (bits/s)",
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(node_network_transmit_bytes_total{job=\"node-exporter\", instance=\"$instance\", device!=\"lo\"}[$__rate_interval]) * 8",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Transmitted",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Network",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "node-exporter-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": "Instance",
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(node_uname_info{job=\"node-exporter\", sysname=\"Darwin\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Node Exporter / MacOS",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/nodes.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/nodes.yaml
new file mode 100644
index 0000000000..0da40a7b99
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/nodes.yaml
@@ -0,0 +1,1066 @@
+{{- /*
+Generated from 'nodes' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled (and (or .Values.nodeExporter.enabled .Values.nodeExporter.forceDeployDashboards) .Values.nodeExporter.operatingSystems.linux.enabled) }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "nodes" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  nodes.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 1,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "30s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  (1 - sum without (mode) (rate(node_cpu_seconds_total{job=\"node-exporter\", mode=~\"idle|iowait|steal\", instance=\"$instance\"}[$__rate_interval])))\n/ ignoring(cpu) group_left\n  count without (cpu, mode) (node_cpu_seconds_total{job=\"node-exporter\", mode=\"idle\", instance=\"$instance\"})\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 5,
+                                "legendFormat": "{{`{{`}}cpu{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU Usage",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": 1,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": 1,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "node_load1{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "1m load average",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "node_load5{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "5m load average",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "node_load15{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "15m load average",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "count(node_cpu_seconds_total{job=\"node-exporter\", instance=\"$instance\", mode=\"idle\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "logical cores",
+                                "refId": "D"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Load Average",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "CPU",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 9,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  node_memory_MemTotal_bytes{job=\"node-exporter\", instance=\"$instance\"}\n-\n  node_memory_MemFree_bytes{job=\"node-exporter\", instance=\"$instance\"}\n-\n  node_memory_Buffers_bytes{job=\"node-exporter\", instance=\"$instance\"}\n-\n  node_memory_Cached_bytes{job=\"node-exporter\", instance=\"$instance\"}\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "memory used",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "node_memory_Buffers_bytes{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "memory buffers",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "node_memory_Cached_bytes{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "memory cached",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "node_memory_MemFree_bytes{job=\"node-exporter\", instance=\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "memory free",
+                                "refId": "D"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory Usage",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "datasource": "$datasource",
+                        "fieldConfig": {
+                            "defaults": {
+                                "max": 100,
+                                "min": 0,
+                                "thresholds": {
+                                    "mode": "absolute",
+                                    "steps": [
+                                        {
+                                            "color": "rgba(50, 172, 45, 0.97)"
+                                        },
+                                        {
+                                            "color": "rgba(237, 129, 40, 0.89)",
+                                            "value": 80
+                                        },
+                                        {
+                                            "color": "rgba(245, 54, 54, 0.9)",
+                                            "value": 90
+                                        }
+                                    ]
+                                },
+                                "unit": "percent"
+                            }
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "span": 3,
+                        "targets": [
+                            {
+                                "expr": "100 -\n(\n  avg(node_memory_MemAvailable_bytes{job=\"node-exporter\", instance=\"$instance\"}) /\n  avg(node_memory_MemTotal_bytes{job=\"node-exporter\", instance=\"$instance\"})\n* 100\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": ""
+                            }
+                        ],
+                        "title": "Memory Usage",
+                        "transparent": false,
+                        "type": "gauge"
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Memory",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+                            {
+                                "alias": "/ read| written/",
+                                "yaxis": 1
+                            },
+                            {
+                                "alias": "/ io time/",
+                                "yaxis": 2
+                            }
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(node_disk_read_bytes_total{job=\"node-exporter\", instance=\"$instance\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}} read",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "rate(node_disk_written_bytes_total{job=\"node-exporter\", instance=\"$instance\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}} written",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "rate(node_disk_io_time_seconds_total{job=\"node-exporter\", instance=\"$instance\", device=~\"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}} io time",
+                                "refId": "C"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Disk I/O",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "percentunit",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "datasource": "$datasource",
+                        "fieldConfig": {
+                            "defaults": {
+                                "custom": {
+
+                                },
+                                "thresholds": {
+                                    "mode": "absolute",
+                                    "steps": [
+                                        {
+                                            "color": "green"
+                                        },
+                                        {
+                                            "color": "yellow",
+                                            "value": 0.8
+                                        },
+                                        {
+                                            "color": "red",
+                                            "value": 0.9
+                                        }
+                                    ]
+                                },
+                                "unit": "decbytes"
+                            },
+                            "overrides": [
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Mounted on"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "custom.width",
+                                            "value": 260
+                                        }
+                                    ]
+                                },
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Size"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "custom.width",
+                                            "value": 93
+                                        }
+                                    ]
+                                },
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Used"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "custom.width",
+                                            "value": 72
+                                        }
+                                    ]
+                                },
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Available"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "custom.width",
+                                            "value": 88
+                                        }
+                                    ]
+                                },
+                                {
+                                    "matcher": {
+                                        "id": "byName",
+                                        "options": "Used, %"
+                                    },
+                                    "properties": [
+                                        {
+                                            "id": "unit",
+                                            "value": "percentunit"
+                                        },
+                                        {
+                                            "id": "custom.displayMode",
+                                            "value": "gradient-gauge"
+                                        },
+                                        {
+                                            "id": "max",
+                                            "value": 1
+                                        },
+                                        {
+                                            "id": "min",
+                                            "value": 0
+                                        }
+                                    ]
+                                }
+                            ]
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "span": 6,
+                        "targets": [
+                            {
+                                "expr": "max by (mountpoint) (node_filesystem_size_bytes{job=\"node-exporter\", instance=\"$instance\", fstype!=\"\", mountpoint!=\"\"})\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": ""
+                            },
+                            {
+                                "expr": "max by (mountpoint) (node_filesystem_avail_bytes{job=\"node-exporter\", instance=\"$instance\", fstype!=\"\", mountpoint!=\"\"})\n",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": ""
+                            }
+                        ],
+                        "title": "Disk Space Usage",
+                        "transformations": [
+                            {
+                                "id": "groupBy",
+                                "options": {
+                                    "fields": {
+                                        "Value #A": {
+                                            "aggregations": [
+                                                "lastNotNull"
+                                            ],
+                                            "operation": "aggregate"
+                                        },
+                                        "Value #B": {
+                                            "aggregations": [
+                                                "lastNotNull"
+                                            ],
+                                            "operation": "aggregate"
+                                        },
+                                        "mountpoint": {
+                                            "aggregations": [
+
+                                            ],
+                                            "operation": "groupby"
+                                        }
+                                    }
+                                }
+                            },
+                            {
+                                "id": "merge",
+                                "options": {
+
+                                }
+                            },
+                            {
+                                "id": "calculateField",
+                                "options": {
+                                    "alias": "Used",
+                                    "binary": {
+                                        "left": "Value #A (lastNotNull)",
+                                        "operator": "-",
+                                        "reducer": "sum",
+                                        "right": "Value #B (lastNotNull)"
+                                    },
+                                    "mode": "binary",
+                                    "reduce": {
+                                        "reducer": "sum"
+                                    }
+                                }
+                            },
+                            {
+                                "id": "calculateField",
+                                "options": {
+                                    "alias": "Used, %",
+                                    "binary": {
+                                        "left": "Used",
+                                        "operator": "/",
+                                        "reducer": "sum",
+                                        "right": "Value #A (lastNotNull)"
+                                    },
+                                    "mode": "binary",
+                                    "reduce": {
+                                        "reducer": "sum"
+                                    }
+                                }
+                            },
+                            {
+                                "id": "organize",
+                                "options": {
+                                    "excludeByName": {
+
+                                    },
+                                    "indexByName": {
+
+                                    },
+                                    "renameByName": {
+                                        "Value #A (lastNotNull)": "Size",
+                                        "Value #B (lastNotNull)": "Available",
+                                        "mountpoint": "Mounted on"
+                                    }
+                                }
+                            },
+                            {
+                                "id": "sortBy",
+                                "options": {
+                                    "fields": {
+
+                                    },
+                                    "sort": [
+                                        {
+                                            "field": "Mounted on"
+                                        }
+                                    ]
+                                }
+                            }
+                        ],
+                        "transparent": false,
+                        "type": "table"
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Disk",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "Network received (bits/s)",
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(node_network_receive_bytes_total{job=\"node-exporter\", instance=\"$instance\", device!=\"lo\"}[$__rate_interval]) * 8",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Received",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "description": "Network transmitted (bits/s)",
+                        "fill": 0,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(node_network_transmit_bytes_total{job=\"node-exporter\", instance=\"$instance\", device!=\"lo\"}[$__rate_interval]) * 8",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}device{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Transmitted",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Network",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "node-exporter-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": "Instance",
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(node_uname_info{job=\"node-exporter\", sysname!=\"Darwin\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Node Exporter / Nodes",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/persistentvolumesusage.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/persistentvolumesusage.yaml
new file mode 100644
index 0000000000..4d1e33208b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/persistentvolumesusage.yaml
@@ -0,0 +1,587 @@
+{{- /*
+Generated from 'persistentvolumesusage' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "persistentvolumesusage" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  persistentvolumesusage.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": true,
+                            "current": true,
+                            "max": true,
+                            "min": true,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 9,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  sum without(instance, node) (topk(1, (kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n  -\n  sum without(instance, node) (topk(1, (kubelet_volume_stats_available_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "Used Space",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "sum without(instance, node) (topk(1, (kubelet_volume_stats_available_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "Free Space",
+                                "refId": "B"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Volume Space Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "rgba(50, 172, 45, 0.97)",
+                            "rgba(237, 129, 40, 0.89)",
+                            "rgba(245, 54, 54, 0.9)"
+                        ],
+                        "datasource": "$datasource",
+                        "format": "percent",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": true,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "rightSide": true
+                        },
+                        "links": [
+
+                        ],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 3,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "tableColumn": "",
+                        "targets": [
+                            {
+                                "expr": "max without(instance,node) (\n(\n  topk(1, kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n  -\n  topk(1, kubelet_volume_stats_available_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n)\n/\ntopk(1, kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n* 100)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "80, 90",
+                        "title": "Volume Space Usage",
+                        "tooltip": {
+                            "shared": false
+                        },
+                        "type": "singlestat",
+                        "valueFontSize": "80%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "current"
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": true,
+                            "current": true,
+                            "max": true,
+                            "min": true,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 9,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum without(instance, node) (topk(1, (kubelet_volume_stats_inodes_used{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "Used inodes",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "(\n  sum without(instance, node) (topk(1, (kubelet_volume_stats_inodes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n  -\n  sum without(instance, node) (topk(1, (kubelet_volume_stats_inodes_used{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})))\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": " Free inodes",
+                                "refId": "B"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Volume inodes Usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "none",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "none",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "rgba(50, 172, 45, 0.97)",
+                            "rgba(237, 129, 40, 0.89)",
+                            "rgba(245, 54, 54, 0.9)"
+                        ],
+                        "datasource": "$datasource",
+                        "format": "percent",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": true,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "rightSide": true
+                        },
+                        "links": [
+
+                        ],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 3,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "tableColumn": "",
+                        "targets": [
+                            {
+                                "expr": "max without(instance,node) (\ntopk(1, kubelet_volume_stats_inodes_used{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n/\ntopk(1, kubelet_volume_stats_inodes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\", persistentvolumeclaim=\"$volume\"})\n* 100)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "80, 90",
+                        "title": "Volume inodes Usage",
+                        "tooltip": {
+                            "shared": false
+                        },
+                        "type": "singlestat",
+                        "valueFontSize": "80%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "current"
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": "cluster",
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kubelet_volume_stats_capacity_bytes{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": "Namespace",
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": "PersistentVolumeClaim",
+                    "multi": false,
+                    "name": "volume",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kubelet_volume_stats_capacity_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics\", namespace=\"$namespace\"}, persistentvolumeclaim)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-7d",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Persistent Volumes",
+        "uid": "919b92a8e8041bd567af9edab12c840c",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/pod-total.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/pod-total.yaml
new file mode 100644
index 0000000000..9a7e7d0603
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/pod-total.yaml
@@ -0,0 +1,1228 @@
+{{- /*
+Generated from 'pod-total' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "pod-total" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  pod-total.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+                {
+                    "builtIn": 1,
+                    "datasource": "-- Grafana --",
+                    "enable": true,
+                    "hide": true,
+                    "iconColor": "rgba(0, 211, 255, 1)",
+                    "name": "Annotations & Alerts",
+                    "type": "dashboard"
+                }
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "panels": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 0
+                },
+                "id": 2,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "cacheTimeout": null,
+                "colorBackground": false,
+                "colorValue": false,
+                "colors": [
+                    "#299c46",
+                    "rgba(237, 129, 40, 0.89)",
+                    "#d44a3a"
+                ],
+                "datasource": "$datasource",
+                "decimals": 0,
+                "format": "time_series",
+                "gauge": {
+                    "maxValue": 100,
+                    "minValue": 0,
+                    "show": false,
+                    "thresholdLabels": false,
+                    "thresholdMarkers": true
+                },
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 1
+                },
+                "height": 9,
+                "id": 3,
+                "interval": null,
+                "links": [
+
+                ],
+                "mappingType": 1,
+                "mappingTypes": [
+                    {
+                        "name": "value to text",
+                        "value": 1
+                    },
+                    {
+                        "name": "range to text",
+                        "value": 2
+                    }
+                ],
+                "maxDataPoints": 100,
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "nullText": null,
+                "options": {
+                    "fieldOptions": {
+                        "calcs": [
+                            "last"
+                        ],
+                        "defaults": {
+                            "max": 10000000000,
+                            "min": 0,
+                            "title": "$namespace: $pod",
+                            "unit": "Bps"
+                        },
+                        "mappings": [
+
+                        ],
+                        "override": {
+
+                        },
+                        "thresholds": [
+                            {
+                                "color": "dark-green",
+                                "index": 0,
+                                "value": null
+                            },
+                            {
+                                "color": "dark-yellow",
+                                "index": 1,
+                                "value": 5000000000
+                            },
+                            {
+                                "color": "dark-red",
+                                "index": 2,
+                                "value": 7000000000
+                            }
+                        ],
+                        "values": false
+                    }
+                },
+                "postfix": "",
+                "postfixFontSize": "50%",
+                "prefix": "",
+                "prefixFontSize": "50%",
+                "rangeMaps": [
+                    {
+                        "from": "null",
+                        "text": "N/A",
+                        "to": "null"
+                    }
+                ],
+                "span": 12,
+                "sparkline": {
+                    "fillColor": "rgba(31, 118, 189, 0.18)",
+                    "full": false,
+                    "lineColor": "rgb(31, 120, 193)",
+                    "show": false
+                },
+                "tableColumn": "",
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\", pod=~\"$pod\"}[$interval:$resolution]))",
+                        "format": "time_series",
+                        "instant": null,
+                        "intervalFactor": 1,
+                        "legendFormat": "",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": "",
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Received",
+                "type": "gauge",
+                "valueFontSize": "80%",
+                "valueMaps": [
+                    {
+                        "op": "=",
+                        "text": "N/A",
+                        "value": "null"
+                    }
+                ],
+                "valueName": "current"
+            },
+            {
+                "cacheTimeout": null,
+                "colorBackground": false,
+                "colorValue": false,
+                "colors": [
+                    "#299c46",
+                    "rgba(237, 129, 40, 0.89)",
+                    "#d44a3a"
+                ],
+                "datasource": "$datasource",
+                "decimals": 0,
+                "format": "time_series",
+                "gauge": {
+                    "maxValue": 100,
+                    "minValue": 0,
+                    "show": false,
+                    "thresholdLabels": false,
+                    "thresholdMarkers": true
+                },
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 1
+                },
+                "height": 9,
+                "id": 4,
+                "interval": null,
+                "links": [
+
+                ],
+                "mappingType": 1,
+                "mappingTypes": [
+                    {
+                        "name": "value to text",
+                        "value": 1
+                    },
+                    {
+                        "name": "range to text",
+                        "value": 2
+                    }
+                ],
+                "maxDataPoints": 100,
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "nullText": null,
+                "options": {
+                    "fieldOptions": {
+                        "calcs": [
+                            "last"
+                        ],
+                        "defaults": {
+                            "max": 10000000000,
+                            "min": 0,
+                            "title": "$namespace: $pod",
+                            "unit": "Bps"
+                        },
+                        "mappings": [
+
+                        ],
+                        "override": {
+
+                        },
+                        "thresholds": [
+                            {
+                                "color": "dark-green",
+                                "index": 0,
+                                "value": null
+                            },
+                            {
+                                "color": "dark-yellow",
+                                "index": 1,
+                                "value": 5000000000
+                            },
+                            {
+                                "color": "dark-red",
+                                "index": 2,
+                                "value": 7000000000
+                            }
+                        ],
+                        "values": false
+                    }
+                },
+                "postfix": "",
+                "postfixFontSize": "50%",
+                "prefix": "",
+                "prefixFontSize": "50%",
+                "rangeMaps": [
+                    {
+                        "from": "null",
+                        "text": "N/A",
+                        "to": "null"
+                    }
+                ],
+                "span": 12,
+                "sparkline": {
+                    "fillColor": "rgba(31, 118, 189, 0.18)",
+                    "full": false,
+                    "lineColor": "rgb(31, 120, 193)",
+                    "show": false
+                },
+                "tableColumn": "",
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\", pod=~\"$pod\"}[$interval:$resolution]))",
+                        "format": "time_series",
+                        "instant": null,
+                        "intervalFactor": 1,
+                        "legendFormat": "",
+                        "refId": "A"
+                    }
+                ],
+                "thresholds": "",
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Transmitted",
+                "type": "gauge",
+                "valueFontSize": "80%",
+                "valueMaps": [
+                    {
+                        "op": "=",
+                        "text": "N/A",
+                        "value": "null"
+                    }
+                ],
+                "valueName": "current"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 10
+                },
+                "id": 5,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 11
+                },
+                "id": 6,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 12,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_receive_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\", pod=~\"$pod\"}[$interval:$resolution])) by (pod)",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Receive Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 11
+                },
+                "id": 7,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 12,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sum(irate(container_network_transmit_bytes_total{cluster=\"$cluster\",namespace=~\"$namespace\", pod=~\"$pod\"}[$interval:$resolution])) by (pod)",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Transmit Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 20
+                },
+                "id": 8,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 10,
+                            "w": 12,
+                            "x": 0,
+                            "y": 21
+                        },
+                        "id": 9,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_total{cluster=\"$cluster\",namespace=~\"$namespace\", pod=~\"$pod\"}[$interval:$resolution])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 10,
+                            "w": 12,
+                            "x": 12,
+                            "y": 21
+                        },
+                        "id": 10,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_total{cluster=\"$cluster\",namespace=~\"$namespace\", pod=~\"$pod\"}[$interval:$resolution])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Packets",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 21
+                },
+                "id": 11,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 10,
+                            "w": 12,
+                            "x": 0,
+                            "y": 32
+                        },
+                        "id": 12,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_receive_packets_dropped_total{cluster=\"$cluster\",namespace=~\"$namespace\", pod=~\"$pod\"}[$interval:$resolution])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 10,
+                            "w": 12,
+                            "x": 12,
+                            "y": 32
+                        },
+                        "id": 13,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(irate(container_network_transmit_packets_dropped_total{cluster=\"$cluster\",namespace=~\"$namespace\", pod=~\"$pod\"}[$interval:$resolution])) by (pod)",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Errors",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "refresh": "10s",
+        "rows": [
+
+        ],
+        "schemaVersion": 18,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": ".+",
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "kube-system",
+                        "value": "kube-system"
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(container_network_receive_packets_total{cluster=\"$cluster\"}, namespace)",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(container_network_receive_packets_total{cluster=\"$cluster\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": ".+",
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(container_network_receive_packets_total{cluster=\"$cluster\",namespace=~\"$namespace\"}, pod)",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "pod",
+                    "options": [
+
+                    ],
+                    "query": "label_values(container_network_receive_packets_total{cluster=\"$cluster\",namespace=~\"$namespace\"}, pod)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "resolution",
+                    "options": [
+                        {
+                            "selected": false,
+                            "text": "30s",
+                            "value": "30s"
+                        },
+                        {
+                            "selected": true,
+                            "text": "5m",
+                            "value": "5m"
+                        },
+                        {
+                            "selected": false,
+                            "text": "1h",
+                            "value": "1h"
+                        }
+                    ],
+                    "query": "30s,5m,1h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 2,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "interval",
+                    "options": [
+                        {
+                            "selected": true,
+                            "text": "4h",
+                            "value": "4h"
+                        }
+                    ],
+                    "query": "4h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Networking / Pod",
+        "uid": "7a18067ce943a40ae25454675c19ff5c",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/prometheus-remote-write.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/prometheus-remote-write.yaml
new file mode 100644
index 0000000000..5c11900e69
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/prometheus-remote-write.yaml
@@ -0,0 +1,1674 @@
+{{- /*
+Generated from 'prometheus-remote-write' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled .Values.prometheus.prometheusSpec.remoteWriteDashboards }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "prometheus-remote-write" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  prometheus-remote-write.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "60s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "(\n  prometheus_remote_storage_highest_timestamp_in_seconds{cluster=~\"$cluster\", instance=~\"$instance\"} \n-  \n  ignoring(remote_name, url) group_right(instance) (prometheus_remote_storage_queue_highest_sent_timestamp_seconds{cluster=~\"$cluster\", instance=~\"$instance\"} != 0)\n)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Highest Timestamp In vs. Highest Timestamp Sent",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "clamp_min(\n  rate(prometheus_remote_storage_highest_timestamp_in_seconds{cluster=~\"$cluster\", instance=~\"$instance\"}[5m])  \n- \n  ignoring (remote_name, url) group_right(instance) rate(prometheus_remote_storage_queue_highest_sent_timestamp_seconds{cluster=~\"$cluster\", instance=~\"$instance\"}[5m])\n, 0)\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate[5m]",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Timestamps",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(\n  prometheus_remote_storage_samples_in_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m])\n- \n  ignoring(remote_name, url) group_right(instance) (rate(prometheus_remote_storage_succeeded_samples_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m]) or rate(prometheus_remote_storage_samples_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m]))\n- \n  (rate(prometheus_remote_storage_dropped_samples_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m]) or rate(prometheus_remote_storage_samples_dropped_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m]))\n",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate, in vs. succeeded or dropped [5m]",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Samples",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "minSpan": 6,
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_remote_storage_shards{cluster=~\"$cluster\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Current Shards",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_remote_storage_shards_max{cluster=~\"$cluster\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Max Shards",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_remote_storage_shards_min{cluster=~\"$cluster\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Min Shards",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_remote_storage_shards_desired{cluster=~\"$cluster\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Desired Shards",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Shards",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_remote_storage_shard_capacity{cluster=~\"$cluster\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Shard Capacity",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 10,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_remote_storage_pending_samples{cluster=~\"$cluster\", instance=~\"$instance\"} or prometheus_remote_storage_samples_pending{cluster=~\"$cluster\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Pending Samples",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Shard Details",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 11,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_tsdb_wal_segment_current{cluster=~\"$cluster\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "TSDB Current Segment",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "none",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 12,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_wal_watcher_current_segment{cluster=~\"$cluster\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}consumer{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Remote Write Current Segment",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "none",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Segments",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 13,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(prometheus_remote_storage_dropped_samples_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m]) or rate(prometheus_remote_storage_samples_dropped_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Dropped Samples",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 14,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(prometheus_remote_storage_failed_samples_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m]) or rate(prometheus_remote_storage_samples_failed_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Failed Samples",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 15,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(prometheus_remote_storage_retried_samples_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m]) or rate(prometheus_remote_storage_samples_retried_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Retried Samples",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 16,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 3,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(prometheus_remote_storage_enqueue_retries_total{cluster=~\"$cluster\", instance=~\"$instance\"}[5m])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}}:{{`{{`}}instance{{`}}`}} {{`{{`}}remote_name{{`}}`}}:{{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Enqueue Retries",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Misc. Rates",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "prometheus-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": {
+                            "selected": true,
+                            "text": "All",
+                            "value": "$__all"
+                        },
+                        "value": {
+                            "selected": true,
+                            "text": "All",
+                            "value": "$__all"
+                        }
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kube_pod_container_info{image=~\".*prometheus.*\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+                        "text": {
+                            "selected": true,
+                            "text": "All",
+                            "value": "$__all"
+                        },
+                        "value": {
+                            "selected": true,
+                            "text": "All",
+                            "value": "$__all"
+                        }
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(prometheus_build_info{cluster=~\"$cluster\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "url",
+                    "options": [
+
+                    ],
+                    "query": "label_values(prometheus_remote_storage_shards{cluster=~\"$cluster\", instance=~\"$instance\"}, url)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-6h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Prometheus / Remote Write",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/prometheus.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/prometheus.yaml
new file mode 100644
index 0000000000..27f7c44e2c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/prometheus.yaml
@@ -0,0 +1,1235 @@
+{{- /*
+Generated from 'prometheus' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "prometheus" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  prometheus.json: |-
+    {
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "links": [
+
+        ],
+        "refresh": "60s",
+        "rows": [
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 1,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "styles": [
+                            {
+                                "alias": "Time",
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "pattern": "Time",
+                                "type": "hidden"
+                            },
+                            {
+                                "alias": "Count",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #A",
+                                "thresholds": [
+
+                                ],
+                                "type": "hidden",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Uptime",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "Value #B",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "s"
+                            },
+                            {
+                                "alias": "Instance",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "instance",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Job",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "job",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "Version",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "link": false,
+                                "linkTargetBlank": false,
+                                "linkTooltip": "Drill down",
+                                "linkUrl": "",
+                                "pattern": "version",
+                                "thresholds": [
+
+                                ],
+                                "type": "number",
+                                "unit": "short"
+                            },
+                            {
+                                "alias": "",
+                                "colorMode": null,
+                                "colors": [
+
+                                ],
+                                "dateFormat": "YYYY-MM-DD HH:mm:ss",
+                                "decimals": 2,
+                                "pattern": "/.*/",
+                                "thresholds": [
+
+                                ],
+                                "type": "string",
+                                "unit": "short"
+                            }
+                        ],
+                        "targets": [
+                            {
+                                "expr": "count by (job, instance, version) (prometheus_build_info{job=~\"$job\", instance=~\"$instance\"})",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A",
+                                "step": 10
+                            },
+                            {
+                                "expr": "max by (job, instance) (time() - process_start_time_seconds{job=~\"$job\", instance=~\"$instance\"})",
+                                "format": "table",
+                                "instant": true,
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "B",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Prometheus Stats",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "transform": "table",
+                        "type": "table",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Prometheus Stats",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 2,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(prometheus_target_sync_length_seconds_sum{job=~\"$job\",instance=~\"$instance\"}[5m])) by (scrape_job) * 1e3",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}scrape_job{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Target Sync",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ms",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 3,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(prometheus_sd_discovered_targets{job=~\"$job\",instance=~\"$instance\"})",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "Targets",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Targets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Discovery",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "id": 4,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(prometheus_target_interval_length_seconds_sum{job=~\"$job\",instance=~\"$instance\"}[5m]) / rate(prometheus_target_interval_length_seconds_count{job=~\"$job\",instance=~\"$instance\"}[5m]) * 1e3",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}interval{{`}}`}} configured",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Scrape Interval Duration",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ms",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 5,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum by (job) (rate(prometheus_target_scrapes_exceeded_body_size_limit_total[1m]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "exceeded body size limit: {{`{{`}}job{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by (job) (rate(prometheus_target_scrapes_exceeded_sample_limit_total[1m]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "exceeded sample limit: {{`{{`}}job{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by (job) (rate(prometheus_target_scrapes_sample_duplicate_timestamp_total[1m]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "duplicate timestamp: {{`{{`}}job{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by (job) (rate(prometheus_target_scrapes_sample_out_of_bounds_total[1m]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "out of bounds: {{`{{`}}job{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            },
+                            {
+                                "expr": "sum by (job) (rate(prometheus_target_scrapes_sample_out_of_order_total[1m]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "out of order: {{`{{`}}job{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Scrape failures",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 6,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(prometheus_tsdb_head_samples_appended_total{job=~\"$job\",instance=~\"$instance\"}[5m])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}job{{`}}`}} {{`{{`}}instance{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Appended Samples",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Retrieval",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 7,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_tsdb_head_series{job=~\"$job\",instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}job{{`}}`}} {{`{{`}}instance{{`}}`}} head series",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Head Series",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 8,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "prometheus_tsdb_head_chunks{job=~\"$job\",instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}job{{`}}`}} {{`{{`}}instance{{`}}`}} head chunks",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Head Chunks",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Storage",
+                "titleSize": "h6"
+            },
+            {
+                "collapse": false,
+                "height": "250px",
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 9,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(prometheus_engine_query_duration_seconds_count{job=~\"$job\",instance=~\"$instance\",slice=\"inner_eval\"}[5m])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}job{{`}}`}} {{`{{`}}instance{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Query Rate",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 10,
+                        "id": 10,
+                        "legend": {
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "show": true,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 0,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null as zero",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "max by (slice) (prometheus_engine_query_duration_seconds{quantile=\"0.9\",job=~\"$job\",instance=~\"$instance\"}) * 1e3",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}slice{{`}}`}}",
+                                "legendLink": null,
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Stage Duration",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ms",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": false
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Query",
+                "titleSize": "h6"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "prometheus-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": ".+",
+                    "current": {
+                        "selected": true,
+                        "text": "All",
+                        "value": "$__all"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": "job",
+                    "multi": true,
+                    "name": "job",
+                    "options": [
+
+                    ],
+                    "query": "label_values(prometheus_build_info{job=\"prometheus-k8s\",namespace=\"monitoring\"}, job)",
+                    "refresh": 1,
+                    "regex": "",
+                    "sort": 2,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": ".+",
+                    "current": {
+                        "selected": true,
+                        "text": "All",
+                        "value": "$__all"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": "instance",
+                    "multi": true,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(prometheus_build_info{job=~\"$job\"}, instance)",
+                    "refresh": 1,
+                    "regex": "",
+                    "sort": 2,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Prometheus / Overview",
+        "uid": "",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/proxy.yaml
new file mode 100644
index 0000000000..410812451e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/proxy.yaml
@@ -0,0 +1,1276 @@
+{{- /*
+Generated from 'proxy' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+{{- if (include "exporter.kubeProxy.enabled" .)}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "proxy" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  proxy.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "#299c46",
+                            "rgba(237, 129, 40, 0.89)",
+                            "#d44a3a"
+                        ],
+                        "datasource": "$datasource",
+                        "format": "none",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": false,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "rightSide": true
+                        },
+                        "links": [
+
+                        ],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 2,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "tableColumn": "",
+                        "targets": [
+                            {
+                                {{- if .Values.k3sServer.enabled }}
+                                "expr": "sum(up{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", metrics_path=\"/metrics\"})",
+                                {{- else }}
+                                "expr": "sum(up{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\"})",
+                                {{- end }}
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "",
+                        "title": "Up",
+                        "tooltip": {
+                            "shared": false
+                        },
+                        "type": "singlestat",
+                        "valueFontSize": "80%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "min"
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 5,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(kubeproxy_sync_proxy_rules_duration_seconds_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "rate",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rules Sync Rate",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 5,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99,rate(kubeproxy_sync_proxy_rules_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rule Sync Latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(kubeproxy_network_programming_duration_seconds_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "rate",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Programming Rate",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 6,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(kubeproxy_network_programming_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])) by (instance, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Network Programming Latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\",code=~\"2..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "2xx",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\",code=~\"3..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "3xx",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\",code=~\"4..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "4xx",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\",code=~\"5..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "5xx",
+                                "refId": "D"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Kube API Request Rate",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 8,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\",instance=~\"$instance\",verb=\"POST\"}[$__rate_interval])) by (verb, url, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}verb{{`}}`}} {{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Post Request Latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\", instance=~\"$instance\", verb=\"GET\"}[$__rate_interval])) by (verb, url, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}verb{{`}}`}} {{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Get Request Latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "process_resident_memory_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\",instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 11,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(process_cpu_seconds_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\",instance=~\"$instance\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 12,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "go_goroutines{cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\",instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Goroutines",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": "cluster",
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubeProxy.jobName" . }}\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubeProxy.jobName" . }}\", cluster=\"$cluster\", job=\"{{ include "exporter.kubeProxy.jobName" . }}\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Proxy",
+        "uid": "632e265de029684c40b21cb76bca4f94",
+        "version": 0
+    }
+{{- end }}{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/scheduler.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/scheduler.yaml
new file mode 100644
index 0000000000..ee0cf08b2f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/scheduler.yaml
@@ -0,0 +1,1118 @@
+{{- /*
+Generated from 'scheduler' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+{{- if (include "exporter.kubeScheduler.enabled" .)}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "scheduler" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  scheduler.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+
+            ]
+        },
+        "editable": false,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "refresh": "10s",
+        "rows": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "cacheTimeout": null,
+                        "colorBackground": false,
+                        "colorValue": false,
+                        "colors": [
+                            "#299c46",
+                            "rgba(237, 129, 40, 0.89)",
+                            "#d44a3a"
+                        ],
+                        "datasource": "$datasource",
+                        "format": "none",
+                        "gauge": {
+                            "maxValue": 100,
+                            "minValue": 0,
+                            "show": false,
+                            "thresholdLabels": false,
+                            "thresholdMarkers": true
+                        },
+                        "gridPos": {
+
+                        },
+                        "id": 2,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "rightSide": true
+                        },
+                        "links": [
+
+                        ],
+                        "mappingType": 1,
+                        "mappingTypes": [
+                            {
+                                "name": "value to text",
+                                "value": 1
+                            },
+                            {
+                                "name": "range to text",
+                                "value": 2
+                            }
+                        ],
+                        "maxDataPoints": 100,
+                        "nullPointMode": "connected",
+                        "nullText": null,
+                        "postfix": "",
+                        "postfixFontSize": "50%",
+                        "prefix": "",
+                        "prefixFontSize": "50%",
+                        "rangeMaps": [
+                            {
+                                "from": "null",
+                                "text": "N/A",
+                                "to": "null"
+                            }
+                        ],
+                        "span": 2,
+                        "sparkline": {
+                            "fillColor": "rgba(31, 118, 189, 0.18)",
+                            "full": false,
+                            "lineColor": "rgb(31, 120, 193)",
+                            "show": false
+                        },
+                        "tableColumn": "",
+                        "targets": [
+                            {
+                                {{- if .Values.k3sServer.enabled }}
+                                "expr": "sum(up{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", metrics_path=\"/metrics\"})",
+                                {{- else }}
+                                "expr": "sum(up{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\"})",
+                                {{- end }}
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": "",
+                        "title": "Up",
+                        "tooltip": {
+                            "shared": false
+                        },
+                        "type": "singlestat",
+                        "valueFontSize": "80%",
+                        "valueMaps": [
+                            {
+                                "op": "=",
+                                "text": "N/A",
+                                "value": "null"
+                            }
+                        ],
+                        "valueName": "min"
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 3,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 5,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(scheduler_e2e_scheduling_duration_seconds_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} e2e",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "sum(rate(scheduler_binding_duration_seconds_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} binding",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "sum(rate(scheduler_scheduling_algorithm_duration_seconds_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} scheduling algorithm",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "sum(rate(scheduler_volume_scheduling_duration_seconds_count{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance)",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} volume",
+                                "refId": "D"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Scheduling Rate",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 4,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 5,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(scheduler_e2e_scheduling_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\",instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} e2e",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(scheduler_binding_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\",instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} binding",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(scheduler_scheduling_algorithm_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\",instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} scheduling algorithm",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(scheduler_volume_scheduling_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\",instance=~\"$instance\"}[$__rate_interval])) by (cluster, instance, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}cluster{{`}}`}} {{`{{`}}instance{{`}}`}} volume",
+                                "refId": "D"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Scheduling latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 5,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\",code=~\"2..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "2xx",
+                                "refId": "A"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\",code=~\"3..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "3xx",
+                                "refId": "B"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\",code=~\"4..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "4xx",
+                                "refId": "C"
+                            },
+                            {
+                                "expr": "sum(rate(rest_client_requests_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\",code=~\"5..\"}[$__rate_interval]))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "5xx",
+                                "refId": "D"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Kube API Request Rate",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "ops",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 6,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 8,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\", verb=\"POST\"}[$__rate_interval])) by (verb, url, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}verb{{`}}`}} {{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Post Request Latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 7,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "histogram_quantile(0.99, sum(rate(rest_client_request_duration_seconds_bucket{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\", verb=\"GET\"}[$__rate_interval])) by (verb, url, le))",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}verb{{`}}`}} {{`{{`}}url{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Get Request Latency 99th Quantile",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "s",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 8,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "process_resident_memory_bytes{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Memory",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 9,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "rate(process_cpu_seconds_total{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", instance=~\"$instance\"}[$__rate_interval])",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "CPU usage",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "bytes",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 1,
+                        "fillGradient": 0,
+                        "gridPos": {
+
+                        },
+                        "id": 10,
+                        "interval": "1m",
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": false,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "nullPointMode": "null",
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 4,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "go_goroutines{cluster=\"$cluster\", job=\"{{ include "exporter.kubeScheduler.jobName" . }}\",instance=~\"$instance\"}",
+                                "format": "time_series",
+                                "intervalFactor": 2,
+                                "legendFormat": "{{`{{`}}instance{{`}}`}}",
+                                "refId": "A"
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Goroutines",
+                        "tooltip": {
+                            "shared": false,
+                            "sort": 0,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            },
+                            {
+                                "format": "short",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": null,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": false,
+                "title": "Dashboard Row",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "schemaVersion": 14,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": "cluster",
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubeScheduler.jobName" . }}\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "instance",
+                    "options": [
+
+                    ],
+                    "query": "label_values(up{job=\"{{ include "exporter.kubeScheduler.jobName" . }}\", cluster=\"$cluster\"}, instance)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Scheduler",
+        "uid": "2e6b6a3b4bddf1427b3a55aa1311c656",
+        "version": 0
+    }
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/workload-total.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/workload-total.yaml
new file mode 100644
index 0000000000..5aafccdebe
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/dashboards-1.14/workload-total.yaml
@@ -0,0 +1,1438 @@
+{{- /*
+Generated from 'workload-total' from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/grafana-dashboardDefinitions.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (or .Values.grafana.enabled .Values.grafana.forceDeployDashboards) (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "workload-total" | trunc 63 | trimSuffix "-" }}
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: {{ ternary $.Values.grafana.sidecar.dashboards.labelValue "1" (not (empty $.Values.grafana.sidecar.dashboards.labelValue)) | quote }}
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+  workload-total.json: |-
+    {
+        "__inputs": [
+
+        ],
+        "__requires": [
+
+        ],
+        "annotations": {
+            "list": [
+                {
+                    "builtIn": 1,
+                    "datasource": "-- Grafana --",
+                    "enable": true,
+                    "hide": true,
+                    "iconColor": "rgba(0, 211, 255, 1)",
+                    "name": "Annotations & Alerts",
+                    "type": "dashboard"
+                }
+            ]
+        },
+        "editable": true,
+        "gnetId": null,
+        "graphTooltip": 0,
+        "hideControls": false,
+        "id": null,
+        "links": [
+
+        ],
+        "panels": [
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 0
+                },
+                "id": 2,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Current Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": true,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 1
+                },
+                "id": 3,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "sort": "current",
+                    "sortDesc": true,
+                    "total": false,
+                    "values": true
+                },
+                "lines": false,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 24,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}} pod {{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Received",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "series",
+                    "name": null,
+                    "show": false,
+                    "values": [
+                        "current"
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": true,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 1
+                },
+                "id": 4,
+                "legend": {
+                    "alignAsTable": true,
+                    "avg": false,
+                    "current": true,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": true,
+                    "show": true,
+                    "sideWidth": null,
+                    "sort": "current",
+                    "sortDesc": true,
+                    "total": false,
+                    "values": true
+                },
+                "lines": false,
+                "linewidth": 1,
+                "links": [
+
+                ],
+                "minSpan": 24,
+                "nullPointMode": "null",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 24,
+                "stack": false,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}} pod {{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Current Rate of Bytes Transmitted",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "series",
+                    "name": null,
+                    "show": false,
+                    "values": [
+                        "current"
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 10
+                },
+                "id": 5,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": true,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 0,
+                            "y": 11
+                        },
+                        "id": 6,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "sort": "current",
+                            "sortDesc": true,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": false,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "null",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(avg(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}} pod {{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Rate of Bytes Received",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "series",
+                            "name": null,
+                            "show": false,
+                            "values": [
+                                "current"
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": true,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 12,
+                            "y": 11
+                        },
+                        "id": 7,
+                        "legend": {
+                            "alignAsTable": true,
+                            "avg": false,
+                            "current": true,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": true,
+                            "show": true,
+                            "sideWidth": null,
+                            "sort": "current",
+                            "sortDesc": true,
+                            "total": false,
+                            "values": true
+                        },
+                        "lines": false,
+                        "linewidth": 1,
+                        "links": [
+
+                        ],
+                        "minSpan": 24,
+                        "nullPointMode": "null",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 24,
+                        "stack": false,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(avg(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}} pod {{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Average Rate of Bytes Transmitted",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "series",
+                            "name": null,
+                            "show": false,
+                            "values": [
+                                "current"
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "Bps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Average Bandwidth",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": false,
+                "collapsed": false,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 11
+                },
+                "id": 8,
+                "panels": [
+
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Bandwidth HIstory",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 0,
+                    "y": 12
+                },
+                "id": 9,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 12,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_receive_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Receive Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "aliasColors": {
+
+                },
+                "bars": false,
+                "dashLength": 10,
+                "dashes": false,
+                "datasource": "$datasource",
+                "fill": 2,
+                "fillGradient": 0,
+                "gridPos": {
+                    "h": 9,
+                    "w": 12,
+                    "x": 12,
+                    "y": 12
+                },
+                "id": 10,
+                "legend": {
+                    "alignAsTable": false,
+                    "avg": false,
+                    "current": false,
+                    "hideEmpty": true,
+                    "hideZero": true,
+                    "max": false,
+                    "min": false,
+                    "rightSide": false,
+                    "show": true,
+                    "sideWidth": null,
+                    "total": false,
+                    "values": false
+                },
+                "lines": true,
+                "linewidth": 2,
+                "links": [
+
+                ],
+                "minSpan": 12,
+                "nullPointMode": "connected",
+                "paceLength": 10,
+                "percentage": false,
+                "pointradius": 5,
+                "points": false,
+                "renderer": "flot",
+                "repeat": null,
+                "seriesOverrides": [
+
+                ],
+                "spaceLength": 10,
+                "span": 12,
+                "stack": true,
+                "steppedLine": false,
+                "targets": [
+                    {
+                        "expr": "sort_desc(sum(irate(container_network_transmit_bytes_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                        "format": "time_series",
+                        "intervalFactor": 1,
+                        "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                        "refId": "A",
+                        "step": 10
+                    }
+                ],
+                "thresholds": [
+
+                ],
+                "timeFrom": null,
+                "timeShift": null,
+                "title": "Transmit Bandwidth",
+                "tooltip": {
+                    "shared": true,
+                    "sort": 2,
+                    "value_type": "individual"
+                },
+                "type": "graph",
+                "xaxis": {
+                    "buckets": null,
+                    "mode": "time",
+                    "name": null,
+                    "show": true,
+                    "values": [
+
+                    ]
+                },
+                "yaxes": [
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    },
+                    {
+                        "format": "Bps",
+                        "label": null,
+                        "logBase": 1,
+                        "max": null,
+                        "min": 0,
+                        "show": true
+                    }
+                ]
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 21
+                },
+                "id": 11,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 0,
+                            "y": 22
+                        },
+                        "id": 12,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 12,
+                            "y": 22
+                        },
+                        "id": 13,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_transmit_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Packets",
+                "titleSize": "h6",
+                "type": "row"
+            },
+            {
+                "collapse": true,
+                "collapsed": true,
+                "gridPos": {
+                    "h": 1,
+                    "w": 24,
+                    "x": 0,
+                    "y": 22
+                },
+                "id": 14,
+                "panels": [
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 0,
+                            "y": 23
+                        },
+                        "id": 15,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_receive_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Received Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    },
+                    {
+                        "aliasColors": {
+
+                        },
+                        "bars": false,
+                        "dashLength": 10,
+                        "dashes": false,
+                        "datasource": "$datasource",
+                        "fill": 2,
+                        "fillGradient": 0,
+                        "gridPos": {
+                            "h": 9,
+                            "w": 12,
+                            "x": 12,
+                            "y": 23
+                        },
+                        "id": 16,
+                        "legend": {
+                            "alignAsTable": false,
+                            "avg": false,
+                            "current": false,
+                            "hideEmpty": true,
+                            "hideZero": true,
+                            "max": false,
+                            "min": false,
+                            "rightSide": false,
+                            "show": true,
+                            "sideWidth": null,
+                            "total": false,
+                            "values": false
+                        },
+                        "lines": true,
+                        "linewidth": 2,
+                        "links": [
+
+                        ],
+                        "minSpan": 12,
+                        "nullPointMode": "connected",
+                        "paceLength": 10,
+                        "percentage": false,
+                        "pointradius": 5,
+                        "points": false,
+                        "renderer": "flot",
+                        "repeat": null,
+                        "seriesOverrides": [
+
+                        ],
+                        "spaceLength": 10,
+                        "span": 12,
+                        "stack": true,
+                        "steppedLine": false,
+                        "targets": [
+                            {
+                                "expr": "sort_desc(sum(irate(container_network_transmit_packets_dropped_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\",namespace=~\"$namespace\"}[$interval:$resolution])\n* on (namespace,pod)\ngroup_left(workload,workload_type) namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\", workload_type=\"$type\"}) by (pod))\n",
+                                "format": "time_series",
+                                "intervalFactor": 1,
+                                "legendFormat": "{{`{{`}}pod{{`}}`}}",
+                                "refId": "A",
+                                "step": 10
+                            }
+                        ],
+                        "thresholds": [
+
+                        ],
+                        "timeFrom": null,
+                        "timeShift": null,
+                        "title": "Rate of Transmitted Packets Dropped",
+                        "tooltip": {
+                            "shared": true,
+                            "sort": 2,
+                            "value_type": "individual"
+                        },
+                        "type": "graph",
+                        "xaxis": {
+                            "buckets": null,
+                            "mode": "time",
+                            "name": null,
+                            "show": true,
+                            "values": [
+
+                            ]
+                        },
+                        "yaxes": [
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            },
+                            {
+                                "format": "pps",
+                                "label": null,
+                                "logBase": 1,
+                                "max": null,
+                                "min": 0,
+                                "show": true
+                            }
+                        ]
+                    }
+                ],
+                "repeat": null,
+                "repeatIteration": null,
+                "repeatRowId": null,
+                "showTitle": true,
+                "title": "Errors",
+                "titleSize": "h6",
+                "type": "row"
+            }
+        ],
+        "refresh": "10s",
+        "rows": [
+
+        ],
+        "schemaVersion": 18,
+        "style": "dark",
+        "tags": [
+            "kubernetes-mixin"
+        ],
+        "templating": {
+            "list": [
+                {
+                    "current": {
+                        "text": "Prometheus",
+                        "value": "Prometheus"
+                    },
+                    "hide": 0,
+                    "label": "Data Source",
+                    "name": "datasource",
+                    "options": [
+
+                    ],
+                    "query": "prometheus",
+                    "refresh": 1,
+                    "regex": "",
+                    "type": "datasource"
+                },
+                {
+                    "allValue": null,
+                    "current": {
+
+                    },
+                    "datasource": "$datasource",
+                    "hide": {{ if .Values.grafana.sidecar.dashboards.multicluster.global.enabled }}0{{ else }}2{{ end }},
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "cluster",
+                    "options": [
+
+                    ],
+                    "query": "label_values(kube_pod_info{job=\"kube-state-metrics\"}, cluster)",
+                    "refresh": 2,
+                    "regex": "",
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": ".+",
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "kube-system",
+                        "value": "kube-system"
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\"}, namespace)",
+                    "hide": 0,
+                    "includeAll": true,
+                    "label": null,
+                    "multi": false,
+                    "name": "namespace",
+                    "options": [
+
+                    ],
+                    "query": "label_values(container_network_receive_packets_total{job=\"{{ include "exporter.kubelet.jobName" . }}\", metrics_path=\"/metrics/cadvisor\", cluster=\"$cluster\"}, namespace)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "",
+                        "value": ""
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\"}, workload)",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "workload",
+                    "options": [
+
+                    ],
+                    "query": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\"}, workload)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "deployment",
+                        "value": "deployment"
+                    },
+                    "datasource": "$datasource",
+                    "definition": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\"}, workload_type)",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "type",
+                    "options": [
+
+                    ],
+                    "query": "label_values(namespace_workload_pod:kube_pod_owner:relabel{cluster=\"$cluster\",namespace=~\"$namespace\", workload=~\"$workload\"}, workload_type)",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 0,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "query",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 0,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "resolution",
+                    "options": [
+                        {
+                            "selected": false,
+                            "text": "30s",
+                            "value": "30s"
+                        },
+                        {
+                            "selected": true,
+                            "text": "5m",
+                            "value": "5m"
+                        },
+                        {
+                            "selected": false,
+                            "text": "1h",
+                            "value": "1h"
+                        }
+                    ],
+                    "query": "30s,5m,1h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                },
+                {
+                    "allValue": null,
+                    "auto": false,
+                    "auto_count": 30,
+                    "auto_min": "10s",
+                    "current": {
+                        "text": "5m",
+                        "value": "5m"
+                    },
+                    "datasource": "$datasource",
+                    "hide": 2,
+                    "includeAll": false,
+                    "label": null,
+                    "multi": false,
+                    "name": "interval",
+                    "options": [
+                        {
+                            "selected": true,
+                            "text": "4h",
+                            "value": "4h"
+                        }
+                    ],
+                    "query": "4h",
+                    "refresh": 2,
+                    "regex": "",
+                    "skipUrlSync": false,
+                    "sort": 1,
+                    "tagValuesQuery": "",
+                    "tags": [
+
+                    ],
+                    "tagsQuery": "",
+                    "type": "interval",
+                    "useTags": false
+                }
+            ]
+        },
+        "time": {
+            "from": "now-1h",
+            "to": "now"
+        },
+        "timepicker": {
+            "refresh_intervals": [
+                "5s",
+                "10s",
+                "30s",
+                "1m",
+                "5m",
+                "15m",
+                "30m",
+                "1h",
+                "2h",
+                "1d"
+            ],
+            "time_options": [
+                "5m",
+                "15m",
+                "1h",
+                "6h",
+                "12h",
+                "24h",
+                "2d",
+                "7d",
+                "30d"
+            ]
+        },
+        "timezone": "{{ .Values.grafana.defaultDashboardsTimezone }}",
+        "title": "Kubernetes / Networking / Workload",
+        "uid": "728bf77cc1166d2f3133bf25846876cc",
+        "version": 0
+    }
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/namespaces.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/namespaces.yaml
new file mode 100644
index 0000000000..39ed210ed4
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/grafana/namespaces.yaml
@@ -0,0 +1,13 @@
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled (not .Values.grafana.defaultDashboards.useExistingNamespace) }}
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: {{ .Values.grafana.defaultDashboards.namespace }}
+  labels:
+    name: {{ .Values.grafana.defaultDashboards.namespace }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  annotations:
+{{- if not .Values.grafana.defaultDashboards.cleanupOnUninstall }}
+    helm.sh/resource-policy: "keep"
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/_prometheus-operator.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/_prometheus-operator.tpl
new file mode 100644
index 0000000000..6ae9dc72e6
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/_prometheus-operator.tpl
@@ -0,0 +1,7 @@
+{{/* Generate basic labels for prometheus-operator */}}
+{{- define "kube-prometheus-stack.prometheus-operator.labels" }}
+{{- include "kube-prometheus-stack.labels" . }}
+app: {{ template "kube-prometheus-stack.name" . }}-operator
+app.kubernetes.io/name: {{ template "kube-prometheus-stack.name" . }}-prometheus-operator
+app.kubernetes.io/component: prometheus-operator
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/_prometheus-operator-webhook.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/_prometheus-operator-webhook.tpl
new file mode 100644
index 0000000000..f419caf54b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/_prometheus-operator-webhook.tpl
@@ -0,0 +1,6 @@
+{{/* Generate basic labels for prometheus-operator-webhook */}}
+{{- define "kube-prometheus-stack.prometheus-operator-webhook.labels" }}
+{{- include "kube-prometheus-stack.labels" . }}
+app.kubernetes.io/name: {{ template "kube-prometheus-stack.name" . }}-prometheus-operator
+app.kubernetes.io/component: prometheus-operator-webhook
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/deployment.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/deployment.yaml
new file mode 100644
index 0000000000..054eac4a77
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/deployment.yaml
@@ -0,0 +1,143 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.deployment.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}-webhook
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-operator-webhook
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" . | nindent 4 }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.labels }}
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.labels | indent 4 }}
+{{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.annotations }}
+  annotations:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.annotations | indent 4 }}
+{{- end }}
+spec:
+  replicas: {{ .Values.prometheusOperator.admissionWebhooks.deployment.replicas }}
+  revisionHistoryLimit: {{ .Values.prometheusOperator.admissionWebhooks.deployment.revisionHistoryLimit }}
+  {{- with .Values.prometheusOperator.admissionWebhooks.deployment.strategy }}
+  strategy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-operator-webhook
+      release: {{ $.Release.Name | quote }}
+  template:
+    metadata:
+      labels:
+        app: {{ template "kube-prometheus-stack.name" . }}-operator-webhook
+        {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" . | nindent 8 }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.podLabels }}
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.podLabels | indent 8 }}
+{{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.podAnnotations }}
+      annotations:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.podAnnotations | indent 8 }}
+{{- end }}
+    spec:
+    {{- if .Values.prometheusOperator.admissionWebhooks.deployment.priorityClassName }}
+      priorityClassName: {{ .Values.prometheusOperator.admissionWebhooks.deployment.priorityClassName }}
+    {{- end }}
+    {{- if .Values.global.imagePullSecrets }}
+      imagePullSecrets:
+      {{- include "kube-prometheus-stack.imagePullSecrets" . | indent 8 }}
+    {{- end }}
+      containers:
+        - name: prometheus-operator-admission-webhook
+          {{- $operatorRegistry := .Values.global.imageRegistry | default .Values.prometheusOperator.admissionWebhooks.deployment.image.registry -}}
+          {{- if .Values.prometheusOperator.admissionWebhooks.deployment.image.sha }}
+          image: "{{ $operatorRegistry }}/{{ .Values.prometheusOperator.admissionWebhooks.deployment.image.repository }}:{{ .Values.prometheusOperator.admissionWebhooks.deployment.image.tag | default .Chart.AppVersion }}@sha256:{{ .Values.prometheusOperator.admissionWebhooks.deployment.image.sha }}"
+          {{- else }}
+          image: "{{ $operatorRegistry }}/{{ .Values.prometheusOperator.admissionWebhooks.deployment.image.repository }}:{{ .Values.prometheusOperator.admissionWebhooks.deployment.image.tag | default .Chart.AppVersion }}"
+          {{- end }}
+          imagePullPolicy: "{{ .Values.prometheusOperator.admissionWebhooks.deployment.image.pullPolicy }}"
+          args:
+            {{- if .Values.prometheusOperator.admissionWebhooks.deployment.logFormat }}
+            - --log-format={{ .Values.prometheusOperator.admissionWebhooks.deployment.logFormat }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.admissionWebhooks.deployment.logLevel }}
+            - --log-level={{ .Values.prometheusOperator.admissionWebhooks.deployment.logLevel }}
+            {{- end }}
+          {{- if .Values.prometheusOperator.admissionWebhooks.deployment.tls.enabled }}
+            - "--web.enable-tls=true"
+            - "--web.cert-file=/cert/{{ if .Values.prometheusOperator.admissionWebhooks.certManager.enabled }}tls.crt{{ else }}cert{{ end }}"
+            - "--web.key-file=/cert/{{ if .Values.prometheusOperator.admissionWebhooks.certManager.enabled }}tls.key{{ else }}key{{ end }}"
+            - "--web.listen-address=:{{ .Values.prometheusOperator.admissionWebhooks.deployment.tls.internalPort }}"
+            - "--web.tls-min-version={{ .Values.prometheusOperator.admissionWebhooks.deployment.tls.tlsMinVersion }}"
+          ports:
+            - containerPort: {{ .Values.prometheusOperator.admissionWebhooks.deployment.tls.internalPort }}
+              name: https
+          {{- else }}
+          ports:
+            - containerPort: 8080
+              name: http
+          {{- end }}
+          {{- if .Values.prometheusOperator.admissionWebhooks.deployment.readinessProbe.enabled }}
+          readinessProbe:
+            httpGet:
+              path: /healthz
+              port: {{ .Values.prometheusOperator.admissionWebhooks.deployment.tls.enabled | ternary "https" "http" }}
+              scheme: {{ .Values.prometheusOperator.admissionWebhooks.deployment.tls.enabled | ternary "HTTPS" "HTTP" }}
+            initialDelaySeconds: {{ .Values.prometheusOperator.admissionWebhooks.deployment.readinessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.prometheusOperator.admissionWebhooks.deployment.readinessProbe.periodSeconds }}
+            timeoutSeconds: {{ .Values.prometheusOperator.admissionWebhooks.deployment.readinessProbe.timeoutSeconds }}
+            successThreshold: {{ .Values.prometheusOperator.admissionWebhooks.deployment.readinessProbe.successThreshold }}
+            failureThreshold: {{ .Values.prometheusOperator.admissionWebhooks.deployment.readinessProbe.failureThreshold }}
+          {{- end }}
+          {{- if .Values.prometheusOperator.admissionWebhooks.deployment.livenessProbe.enabled }}
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: {{ .Values.prometheusOperator.admissionWebhooks.deployment.tls.enabled | ternary "https" "http" }}
+              scheme: {{ .Values.prometheusOperator.admissionWebhooks.deployment.tls.enabled | ternary "HTTPS" "HTTP" }}
+            initialDelaySeconds: {{ .Values.prometheusOperator.admissionWebhooks.deployment.livenessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.prometheusOperator.admissionWebhooks.deployment.livenessProbe.periodSeconds }}
+            timeoutSeconds: {{ .Values.prometheusOperator.admissionWebhooks.deployment.livenessProbe.timeoutSeconds }}
+            successThreshold: {{ .Values.prometheusOperator.admissionWebhooks.deployment.livenessProbe.successThreshold }}
+            failureThreshold: {{ .Values.prometheusOperator.admissionWebhooks.deployment.livenessProbe.failureThreshold }}
+          {{- end }}
+          resources:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.resources | indent 12 }}
+          securityContext:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.containerSecurityContext | indent 12 }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.tls.enabled }}
+          volumeMounts:
+            - name: tls-secret
+              mountPath: /cert
+              readOnly: true
+      volumes:
+        - name: tls-secret
+          secret:
+            defaultMode: 420
+            secretName: {{ template "kube-prometheus-stack.fullname" . }}-admission
+{{- end }}
+    {{- with .Values.prometheusOperator.admissionWebhooks.deployment.dnsConfig }}
+      dnsConfig:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.securityContext }}
+      securityContext:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.securityContext | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "kube-prometheus-stack.operator.serviceAccountName" . }}-webhook
+      automountServiceAccountToken: {{ .Values.prometheusOperator.admissionWebhooks.deployment.automountServiceAccountToken }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.hostNetwork }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+{{- end }}
+    {{- with .Values.prometheusOperator.admissionWebhooks.deployment.nodeSelector }}
+      nodeSelector:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+    {{- with .Values.prometheusOperator.admissionWebhooks.deployment.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+    {{- with .Values.prometheusOperator.admissionWebhooks.deployment.tolerations }}
+      tolerations:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/pdb.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/pdb.yaml
new file mode 100644
index 0000000000..52dd78f624
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/pdb.yaml
@@ -0,0 +1,15 @@
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.podDisruptionBudget -}}
+apiVersion: policy/v1{{ ternary "" "beta1" ($.Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget") }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}-webhook
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" . | nindent 4 }}
+spec:
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-operator-webhook
+      release: {{ $.Release.Name | quote }}
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.podDisruptionBudget | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/service.yaml
new file mode 100644
index 0000000000..b06c129123
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/service.yaml
@@ -0,0 +1,58 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.deployment.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}-webhook
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-operator-webhook
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" . | nindent 4 }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.labels }}
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.service.labels | indent 4 }}
+{{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.annotations }}
+  annotations:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.service.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.clusterIP }}
+  clusterIP: {{ .Values.prometheusOperator.admissionWebhooks.deployment.service.clusterIP }}
+{{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.externalIPs }}
+  externalIPs:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.deployment.service.externalIPs | indent 4 }}
+{{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.prometheusOperator.admissionWebhooks.deployment.service.loadBalancerIP }}
+{{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.deployment.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range $cidr := .Values.prometheusOperator.admissionWebhooks.deployment.service.loadBalancerSourceRanges }}
+    - {{ $cidr }}
+  {{- end }}
+{{- end }}
+{{- if ne .Values.prometheusOperator.admissionWebhooks.deployment.service.type "ClusterIP" }}
+  externalTrafficPolicy: {{ .Values.prometheusOperator.admissionWebhooks.deployment.service.externalTrafficPolicy }}
+{{- end }}
+  ports:
+  {{- if not .Values.prometheusOperator.admissionWebhooks.deployment.tls.enabled }}
+  - name: http
+    {{- if eq .Values.prometheusOperator.admissionWebhooks.deployment.service.type "NodePort" }}
+    nodePort: {{ .Values.prometheusOperator.admissionWebhooks.deployment.service.nodePort }}
+    {{- end }}
+    port: 8080
+    targetPort: http
+  {{- end }}
+  {{- if .Values.prometheusOperator.admissionWebhooks.deployment.tls.enabled }}
+  - name: https
+    {{- if eq .Values.prometheusOperator.admissionWebhooks.deployment.service.type "NodePort"}}
+    nodePort: {{ .Values.prometheusOperator.admissionWebhooks.deployment.service.nodePortTls }}
+    {{- end }}
+    port: 443
+    targetPort: https
+  {{- end }}
+  selector:
+    app: {{ template "kube-prometheus-stack.name" . }}-operator-webhook
+    release: {{ $.Release.Name | quote }}
+  type: "{{ .Values.prometheusOperator.admissionWebhooks.deployment.service.type }}"
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/serviceaccount.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/serviceaccount.yaml
new file mode 100644
index 0000000000..55511da36b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/deployment/serviceaccount.yaml
@@ -0,0 +1,15 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.deployment.enabled }}
+apiVersion: v1
+kind: ServiceAccount
+automountServiceAccountToken: {{ .Values.prometheusOperator.admissionWebhooks.deployment.serviceAccount.automountServiceAccountToken }}
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.admissionWebhooks.serviceAccountName" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-operator
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" . | indent 4 }}
+{{- if .Values.global.imagePullSecrets }}
+imagePullSecrets:
+{{ include "kube-prometheus-stack.imagePullSecrets" . | trim | indent 2 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/ciliumnetworkpolicy-createSecret.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/ciliumnetworkpolicy-createSecret.yaml
new file mode 100644
index 0000000000..f7543b0f1a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/ciliumnetworkpolicy-createSecret.yaml
@@ -0,0 +1,36 @@
+{{- if and .Values.prometheusOperator.networkPolicy.enabled (eq .Values.prometheusOperator.networkPolicy.flavor "cilium") }}
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission-create
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    helm.sh/hook: pre-install,pre-upgrade
+    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
+    ## Ensure this is run before the job
+    helm.sh/hook-weight: "-5"
+    {{- with .Values.prometheusOperator.admissionWebhooks.annotations }}
+    {{ toYaml . | nindent 4 }}
+    {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission-create
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+spec:
+  endpointSelector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" $ }}-admission-create
+      {{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
+      {{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
+      {{- else }}
+      {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 6 }}
+      {{- end }}
+  egress:
+    {{- if and .Values.prometheusOperator.networkPolicy.cilium .Values.prometheusOperator.networkPolicy.cilium.egress }}
+      {{ toYaml .Values.prometheusOperator.networkPolicy.cilium.egress | nindent 6 }}
+    {{- else }}
+    - toEntities:
+      - kube-apiserver
+    {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/ciliumnetworkpolicy-patchWebhook.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/ciliumnetworkpolicy-patchWebhook.yaml
new file mode 100644
index 0000000000..4e3b0d9225
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/ciliumnetworkpolicy-patchWebhook.yaml
@@ -0,0 +1,36 @@
+{{- if and .Values.prometheusOperator.networkPolicy.enabled (eq .Values.prometheusOperator.networkPolicy.flavor "cilium") }}
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission-patch
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    helm.sh/hook: post-install,post-upgrade
+    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
+    ## Ensure this is run before the job
+    helm.sh/hook-weight: "-5"
+    {{- with .Values.prometheusOperator.admissionWebhooks.patch.annotations }}
+    {{ toYaml . | nindent 4 }}
+    {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+spec:
+  endpointSelector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch
+      {{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
+      {{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
+      {{- else }}
+      {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 6 }}
+      {{- end }}
+  egress:
+    {{- if and .Values.prometheusOperator.networkPolicy.cilium .Values.prometheusOperator.networkPolicy.cilium.egress }}
+      {{ toYaml .Values.prometheusOperator.networkPolicy.cilium.egress | nindent 6 }}
+    {{- else }}
+    - toEntities:
+      - kube-apiserver
+    {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/clusterrole.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/clusterrole.yaml
new file mode 100644
index 0000000000..b81257c168
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/clusterrole.yaml
@@ -0,0 +1,33 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled .Values.global.rbac.create (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission
+  annotations:
+    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+rules:
+  - apiGroups:
+      - admissionregistration.k8s.io
+    resources:
+      - validatingwebhookconfigurations
+      - mutatingwebhookconfigurations
+    verbs:
+      - get
+      - update
+{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") (or .Values.global.cattle.psp.enabled .Values.global.rbac.pspEnabled) }}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }}
+  - apiGroups: ['policy']
+{{- else }}
+  - apiGroups: ['extensions']
+{{- end }}
+    resources: ['podsecuritypolicies']
+    verbs:     ['use']
+    resourceNames:
+    - {{ template "kube-prometheus-stack.fullname" . }}-admission
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/clusterrolebinding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/clusterrolebinding.yaml
new file mode 100644
index 0000000000..4cf1335b22
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/clusterrolebinding.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled .Values.global.rbac.create (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission
+  annotations:
+    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "kube-prometheus-stack.fullname" . }}-admission
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-prometheus-stack.fullname" . }}-admission
+    namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/job-createSecret.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/job-createSecret.yaml
new file mode 100644
index 0000000000..baed83db48
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/job-createSecret.yaml
@@ -0,0 +1,73 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission-create
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": pre-install,pre-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+{{- with .Values.prometheusOperator.admissionWebhooks.annotations }}
+{{ toYaml . | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission-create
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+spec:
+  {{- if .Capabilities.APIVersions.Has "batch/v1alpha1" }}
+  # Alpha feature since k8s 1.12
+  ttlSecondsAfterFinished: 0
+  {{- end }}
+  template:
+    metadata:
+      name:  {{ template "kube-prometheus-stack.fullname" . }}-admission-create
+{{- with .Values.prometheusOperator.admissionWebhooks.patch.podAnnotations }}
+      annotations:
+{{ toYaml .  | indent 8 }}
+{{- end }}
+      labels:
+        app: {{ template "kube-prometheus-stack.name" $ }}-admission-create
+        {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 8 }}
+    spec:
+      {{- if .Values.prometheusOperator.admissionWebhooks.patch.priorityClassName }}
+      priorityClassName: {{ .Values.prometheusOperator.admissionWebhooks.patch.priorityClassName }}
+      {{- end }}
+      containers:
+        - name: create
+          {{- $registry := include "monitoring_registry" . | default .Values.prometheusOperator.admissionWebhooks.patch.image.registry -}}
+          {{- if .Values.prometheusOperator.admissionWebhooks.patch.image.sha }}
+          image: {{ $registry }}/{{ .Values.prometheusOperator.admissionWebhooks.patch.image.repository }}:{{ .Values.prometheusOperator.admissionWebhooks.patch.image.tag }}@sha256:{{ .Values.prometheusOperator.admissionWebhooks.patch.image.sha }}
+          {{- else }}
+          image: {{ $registry }}/{{ .Values.prometheusOperator.admissionWebhooks.patch.image.repository }}:{{ .Values.prometheusOperator.admissionWebhooks.patch.image.tag }}
+          {{- end }}
+          imagePullPolicy: {{ .Values.prometheusOperator.admissionWebhooks.patch.image.pullPolicy }}
+          args:
+            - create
+            - --host={{- include "kube-prometheus-stack.operator.admission-webhook.dnsNames" . | replace "\n" "," }}
+            - --namespace={{ template "kube-prometheus-stack.namespace" . }}
+            - --secret-name={{ template "kube-prometheus-stack.fullname" . }}-admission
+          {{- with .Values.prometheusOperator.admissionWebhooks.createSecretJob }}
+          securityContext:
+          {{ toYaml .securityContext | nindent 12 }}
+          {{- end }}
+          resources:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.patch.resources | indent 12 }}
+      restartPolicy: OnFailure
+      serviceAccountName: {{ template "kube-prometheus-stack.fullname" . }}-admission
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} 
+{{- with .Values.prometheusOperator.admissionWebhooks.patch.nodeSelector }}
+{{ toYaml . | indent 8 }}
+{{- end }}
+      {{- with .Values.prometheusOperator.admissionWebhooks.patch.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} 
+{{- with .Values.prometheusOperator.admissionWebhooks.patch.tolerations }}
+{{ toYaml . | indent 8 }}
+      {{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.patch.securityContext }}
+      securityContext:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.patch.securityContext | indent 8 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/job-patchWebhook.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/job-patchWebhook.yaml
new file mode 100644
index 0000000000..5639cc9e80
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/job-patchWebhook.yaml
@@ -0,0 +1,74 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission-patch
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+{{- with .Values.prometheusOperator.admissionWebhooks.patch.annotations }}
+{{ toYaml . | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+spec:
+  {{- if .Capabilities.APIVersions.Has "batch/v1alpha1" }}
+  # Alpha feature since k8s 1.12
+  ttlSecondsAfterFinished: 0
+  {{- end }}
+  template:
+    metadata:
+      name:  {{ template "kube-prometheus-stack.fullname" . }}-admission-patch
+{{- with .Values.prometheusOperator.admissionWebhooks.patch.podAnnotations }}
+      annotations:
+{{ toYaml . | indent 8 }}
+{{- end }}
+      labels:
+        app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch
+        {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 8 }}
+    spec:
+      {{- if .Values.prometheusOperator.admissionWebhooks.patch.priorityClassName }}
+      priorityClassName: {{ .Values.prometheusOperator.admissionWebhooks.patch.priorityClassName }}
+      {{- end }}
+      containers:
+        - name: patch
+          {{- $registry := include "monitoring_registry" . | default .Values.prometheusOperator.admissionWebhooks.patch.image.registry -}}
+          {{- if .Values.prometheusOperator.admissionWebhooks.patch.image.sha }}
+          image: {{ $registry }}/{{ .Values.prometheusOperator.admissionWebhooks.patch.image.repository }}:{{ .Values.prometheusOperator.admissionWebhooks.patch.image.tag }}@sha256:{{ .Values.prometheusOperator.admissionWebhooks.patch.image.sha }}
+          {{- else }}
+          image: {{ $registry }}/{{ .Values.prometheusOperator.admissionWebhooks.patch.image.repository }}:{{ .Values.prometheusOperator.admissionWebhooks.patch.image.tag }}
+          {{- end }}
+          imagePullPolicy: {{ .Values.prometheusOperator.admissionWebhooks.patch.image.pullPolicy }}
+          args:
+            - patch
+            - --webhook-name={{ template "kube-prometheus-stack.fullname" . }}-admission
+            - --namespace={{ template "kube-prometheus-stack.namespace" . }}
+            - --secret-name={{ template "kube-prometheus-stack.fullname" . }}-admission
+            - --patch-failure-policy={{ .Values.prometheusOperator.admissionWebhooks.failurePolicy }}
+          {{- with .Values.prometheusOperator.admissionWebhooks.patchWebhookJob }}
+          securityContext:
+          {{ toYaml .securityContext | nindent 12 }}
+          {{- end }}
+          resources:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.patch.resources | indent 12 }}
+      restartPolicy: OnFailure
+      serviceAccountName: {{ template "kube-prometheus-stack.fullname" . }}-admission
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} 
+{{- with .Values.prometheusOperator.admissionWebhooks.patch.nodeSelector }}
+{{ toYaml . | indent 8 }}
+{{- end }}
+      {{- with .Values.prometheusOperator.admissionWebhooks.patch.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} 
+{{- with .Values.prometheusOperator.admissionWebhooks.patch.tolerations }}
+{{ toYaml . | indent 8 }}
+      {{- end }}
+{{- if .Values.prometheusOperator.admissionWebhooks.patch.securityContext }}
+      securityContext:
+{{ toYaml .Values.prometheusOperator.admissionWebhooks.patch.securityContext | indent 8 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/networkpolicy-createSecret.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/networkpolicy-createSecret.yaml
new file mode 100644
index 0000000000..864deb52a0
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/networkpolicy-createSecret.yaml
@@ -0,0 +1,33 @@
+{{- if and .Values.prometheusOperator.networkPolicy.enabled (eq .Values.prometheusOperator.networkPolicy.flavor "kubernetes") }}
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission-create
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": pre-install,pre-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+    ## Ensure this is run before the job
+    "helm.sh/hook-weight": "-5"
+    {{- with .Values.prometheusOperator.admissionWebhooks.annotations }}
+    {{ toYaml . | nindent 4 }}
+    {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission-create
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+spec:
+  podSelector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" $ }}-admission-create
+      {{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
+      {{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
+      {{- else }}
+      {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 6 }}
+      {{- end }}
+  egress:
+  - {}
+  policyTypes:
+  - Egress
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/networkpolicy-patchWebhook.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/networkpolicy-patchWebhook.yaml
new file mode 100644
index 0000000000..076c467004
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/networkpolicy-patchWebhook.yaml
@@ -0,0 +1,33 @@
+{{- if and .Values.prometheusOperator.networkPolicy.enabled (eq .Values.prometheusOperator.networkPolicy.flavor "kubernetes") }}
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission-patch
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+    ## Ensure this is run before the job
+    "helm.sh/hook-weight": "-5"
+    {{- with .Values.prometheusOperator.admissionWebhooks.patch.annotations }}
+    {{ toYaml . | nindent 4 }}
+    {{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+spec:
+  podSelector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" $ }}-admission-patch
+      {{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
+      {{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
+      {{- else }}
+      {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 6 }}
+      {{- end }}
+  egress:
+  - {}
+  policyTypes:
+  - Egress
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/psp.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/psp.yaml
new file mode 100644
index 0000000000..0113b6a5d8
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/psp.yaml
@@ -0,0 +1,47 @@
+{{- if and (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-admission
+  annotations:
+    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+{{- if .Values.global.rbac.pspAnnotations }}
+{{ toYaml .Values.global.rbac.pspAnnotations | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-admission
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  # Allow core volume types.
+  volumes:
+    - 'configMap'
+    - 'emptyDir'
+    - 'projected'
+    - 'secret'
+    - 'downwardAPI'
+    - 'persistentVolumeClaim'
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    # Permits the container to run with root privileges as well.
+    rule: 'RunAsAny'
+  seLinux:
+    # This policy assumes the nodes are using AppArmor rather than SELinux.
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/role.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/role.yaml
new file mode 100644
index 0000000000..f15abf4395
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/role.yaml
@@ -0,0 +1,21 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled .Values.global.rbac.create (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - secrets
+    verbs:
+      - get
+      - create
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/rolebinding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/rolebinding.yaml
new file mode 100644
index 0000000000..30bde920b6
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/rolebinding.yaml
@@ -0,0 +1,21 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled .Values.global.rbac.create (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "kube-prometheus-stack.fullname" . }}-admission
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-prometheus-stack.fullname" . }}-admission
+    namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/serviceaccount.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/serviceaccount.yaml
new file mode 100644
index 0000000000..02594547d1
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/job-patch/serviceaccount.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled .Values.prometheusOperator.admissionWebhooks.patch.enabled .Values.global.rbac.create (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+{{- if .Values.global.imagePullSecrets }}
+imagePullSecrets:
+{{ include "kube-prometheus-stack.imagePullSecrets" . | trim | indent 2 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/mutatingWebhookConfiguration.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/mutatingWebhookConfiguration.yaml
new file mode 100644
index 0000000000..da01f3b57e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/mutatingWebhookConfiguration.yaml
@@ -0,0 +1,77 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled }}
+apiVersion: admissionregistration.k8s.io/v1
+kind: MutatingWebhookConfiguration
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission
+{{- if .Values.prometheusOperator.admissionWebhooks.certManager.enabled }}
+  annotations:
+    certmanager.k8s.io/inject-ca-from: {{ printf "%s/%s-admission" (include "kube-prometheus-stack.namespace" .) (include "kube-prometheus-stack.fullname" .) | quote }}
+    cert-manager.io/inject-ca-from: {{ printf "%s/%s-admission" (include "kube-prometheus-stack.namespace" .) (include "kube-prometheus-stack.fullname" .) | quote }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+webhooks:
+  - name: prometheusrulemutate.monitoring.coreos.com
+    {{- if eq .Values.prometheusOperator.admissionWebhooks.failurePolicy "IgnoreOnInstallOnly" }}
+    failurePolicy: {{ .Release.IsInstall | ternary "Ignore" "Fail" }}
+    {{- else if .Values.prometheusOperator.admissionWebhooks.failurePolicy  }}
+    failurePolicy: {{ .Values.prometheusOperator.admissionWebhooks.failurePolicy }}
+    {{- else if .Values.prometheusOperator.admissionWebhooks.patch.enabled }}
+    failurePolicy: Ignore
+    {{- else }}
+    failurePolicy: Fail
+    {{- end }}
+    rules:
+      - apiGroups:
+          - monitoring.coreos.com
+        apiVersions:
+          - "*"
+        resources:
+          - prometheusrules
+        operations:
+          - CREATE
+          - UPDATE
+    clientConfig:
+      service:
+        namespace: {{ template "kube-prometheus-stack.namespace" . }}
+        name: {{ template "kube-prometheus-stack.operator.fullname" $ }}{{ if .Values.prometheusOperator.admissionWebhooks.deployment.enabled }}-webhook{{ end }}
+        path: /admission-prometheusrules/mutate
+      {{- if and .Values.prometheusOperator.admissionWebhooks.caBundle (not .Values.prometheusOperator.admissionWebhooks.patch.enabled) (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+      caBundle: {{ .Values.prometheusOperator.admissionWebhooks.caBundle }}
+      {{- end }}
+    timeoutSeconds: {{ .Values.prometheusOperator.admissionWebhooks.timeoutSeconds }}
+    admissionReviewVersions: ["v1", "v1beta1"]
+    sideEffects: None
+    {{- if or .Values.prometheusOperator.denyNamespaces .Values.prometheusOperator.namespaces .Values.prometheusOperator.admissionWebhooks.namespaceSelector }}
+    namespaceSelector:
+      {{- with (omit .Values.prometheusOperator.admissionWebhooks.namespaceSelector "matchExpressions") }}
+      {{- toYaml . | nindent 6 }}
+      {{- end }}
+      {{- if or .Values.prometheusOperator.denyNamespaces .Values.prometheusOperator.namespaces .Values.prometheusOperator.admissionWebhooks.namespaceSelector.matchExpressions }}
+      matchExpressions:
+        {{- with (.Values.prometheusOperator.admissionWebhooks.namespaceSelector.matchExpressions) }}
+        {{- toYaml . | nindent 6 }}
+        {{- end }}
+        {{- if .Values.prometheusOperator.denyNamespaces }}
+      - key: kubernetes.io/metadata.name
+        operator: NotIn
+        values:
+        {{- range $namespace := mustUniq .Values.prometheusOperator.denyNamespaces }}
+        - {{ $namespace }}
+        {{- end }}
+        {{- else if and .Values.prometheusOperator.namespaces .Values.prometheusOperator.namespaces.additional }}
+      - key: kubernetes.io/metadata.name
+        operator: In
+        values:
+        {{- if and .Values.prometheusOperator.namespaces.releaseNamespace (default .Values.prometheusOperator.namespaces.releaseNamespace true) }}
+        {{- $namespace := printf "%s" (include "kube-prometheus-stack.namespace" .) }}
+        - {{ $namespace }}
+        {{- end }}
+        {{- range $namespace := mustUniq .Values.prometheusOperator.namespaces.additional }}
+        - {{ $namespace }}
+        {{- end }}
+        {{- end }}
+      {{- end }}
+    {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/validatingWebhookConfiguration.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/validatingWebhookConfiguration.yaml
new file mode 100644
index 0000000000..4827871cca
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/admission-webhooks/validatingWebhookConfiguration.yaml
@@ -0,0 +1,77 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.admissionWebhooks.enabled }}
+apiVersion: admissionregistration.k8s.io/v1
+kind: ValidatingWebhookConfiguration
+metadata:
+  name:  {{ template "kube-prometheus-stack.fullname" . }}-admission
+{{- if .Values.prometheusOperator.admissionWebhooks.certManager.enabled }}
+  annotations:
+    certmanager.k8s.io/inject-ca-from: {{ printf "%s/%s-admission" (include "kube-prometheus-stack.namespace" .) (include "kube-prometheus-stack.fullname" .) | quote }}
+    cert-manager.io/inject-ca-from: {{ printf "%s/%s-admission" (include "kube-prometheus-stack.namespace" .) (include "kube-prometheus-stack.fullname" .) | quote }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" $ }}-admission
+    {{- include "kube-prometheus-stack.prometheus-operator-webhook.labels" $ | nindent 4 }}
+webhooks:
+  - name: prometheusrulemutate.monitoring.coreos.com
+    {{- if eq .Values.prometheusOperator.admissionWebhooks.failurePolicy "IgnoreOnInstallOnly" }}
+    failurePolicy: {{ .Release.IsInstall | ternary "Ignore" "Fail" }}
+    {{- else if .Values.prometheusOperator.admissionWebhooks.failurePolicy  }}
+    failurePolicy: {{ .Values.prometheusOperator.admissionWebhooks.failurePolicy }}
+    {{- else if .Values.prometheusOperator.admissionWebhooks.patch.enabled }}
+    failurePolicy: Ignore
+    {{- else }}
+    failurePolicy: Fail
+    {{- end }}
+    rules:
+      - apiGroups:
+          - monitoring.coreos.com
+        apiVersions:
+          - "*"
+        resources:
+          - prometheusrules
+        operations:
+          - CREATE
+          - UPDATE
+    clientConfig:
+      service:
+        namespace: {{ template "kube-prometheus-stack.namespace" . }}
+        name: {{ template "kube-prometheus-stack.operator.fullname" $ }}{{ if .Values.prometheusOperator.admissionWebhooks.deployment.enabled }}-webhook{{ end }}
+        path: /admission-prometheusrules/validate
+      {{- if and .Values.prometheusOperator.admissionWebhooks.caBundle (not .Values.prometheusOperator.admissionWebhooks.patch.enabled) (not .Values.prometheusOperator.admissionWebhooks.certManager.enabled) }}
+      caBundle: {{ .Values.prometheusOperator.admissionWebhooks.caBundle }}
+      {{- end }}
+    timeoutSeconds: {{ .Values.prometheusOperator.admissionWebhooks.timeoutSeconds }}
+    admissionReviewVersions: ["v1", "v1beta1"]
+    sideEffects: None
+    {{- if or .Values.prometheusOperator.denyNamespaces .Values.prometheusOperator.namespaces .Values.prometheusOperator.admissionWebhooks.namespaceSelector }}
+    namespaceSelector:
+      {{- with (omit .Values.prometheusOperator.admissionWebhooks.namespaceSelector "matchExpressions") }}
+      {{- toYaml . | nindent 6 }}
+      {{- end }}
+      {{- if or .Values.prometheusOperator.denyNamespaces .Values.prometheusOperator.namespaces .Values.prometheusOperator.admissionWebhooks.namespaceSelector.matchExpressions }}
+      matchExpressions:
+        {{- with (.Values.prometheusOperator.admissionWebhooks.namespaceSelector.matchExpressions) }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- if .Values.prometheusOperator.denyNamespaces }}
+        - key: kubernetes.io/metadata.name
+          operator: NotIn
+          values:
+        {{- range $namespace := mustUniq .Values.prometheusOperator.denyNamespaces }}
+            - {{ $namespace }}
+        {{- end }}
+        {{- else if and .Values.prometheusOperator.namespaces .Values.prometheusOperator.namespaces.additional }}
+        - key: kubernetes.io/metadata.name
+          operator: In
+          values:
+        {{- if and .Values.prometheusOperator.namespaces.releaseNamespace (default .Values.prometheusOperator.namespaces.releaseNamespace true) }}
+        {{- $namespace := printf "%s" (include "kube-prometheus-stack.namespace" .) }}
+            - {{ $namespace }}
+        {{- end }}
+        {{- range $namespace := mustUniq .Values.prometheusOperator.namespaces.additional }}
+            - {{ $namespace }}
+        {{- end }}
+        {{- end }}
+      {{- end }}
+    {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/certmanager.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/certmanager.yaml
new file mode 100644
index 0000000000..cb27e49f48
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/certmanager.yaml
@@ -0,0 +1,55 @@
+{{- if .Values.prometheusOperator.admissionWebhooks.certManager.enabled -}}
+{{- if not .Values.prometheusOperator.admissionWebhooks.certManager.issuerRef -}}
+# Create a selfsigned Issuer, in order to create a root CA certificate for
+# signing webhook serving certificates
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-self-signed-issuer
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+spec:
+  selfSigned: {}
+---
+# Generate a CA Certificate used to sign certificates for the webhook
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-root-cert
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+spec:
+  secretName: {{ template "kube-prometheus-stack.fullname" . }}-root-cert
+  duration: {{ .Values.prometheusOperator.admissionWebhooks.certManager.rootCert.duration | default "43800h0m0s" | quote }}
+  issuerRef:
+    name: {{ template "kube-prometheus-stack.fullname" . }}-self-signed-issuer
+  commonName: "ca.webhook.kube-prometheus-stack"
+  isCA: true
+---
+# Create an Issuer that uses the above generated CA certificate to issue certs
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-root-issuer
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+spec:
+  ca:
+    secretName: {{ template "kube-prometheus-stack.fullname" . }}-root-cert
+{{- end }}
+---
+# generate a server certificate for the apiservices to use
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-admission
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+spec:
+  secretName: {{ template "kube-prometheus-stack.fullname" . }}-admission
+  duration: {{ .Values.prometheusOperator.admissionWebhooks.certManager.admissionCert.duration | default "8760h0m0s" | quote }}
+  issuerRef:
+    {{- if .Values.prometheusOperator.admissionWebhooks.certManager.issuerRef }}
+    {{- toYaml .Values.prometheusOperator.admissionWebhooks.certManager.issuerRef | nindent 4 }}
+    {{- else }}
+    name: {{ template "kube-prometheus-stack.fullname" . }}-root-issuer
+    {{- end }}
+  dnsNames:
+    {{- include "kube-prometheus-stack.operator.admission-webhook.dnsNames" . | splitList "\n" | toYaml | nindent 4 }}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/ciliumnetworkpolicy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/ciliumnetworkpolicy.yaml
new file mode 100644
index 0000000000..07e2e99967
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/ciliumnetworkpolicy.yaml
@@ -0,0 +1,40 @@
+{{- if and .Values.prometheusOperator.networkPolicy.enabled (eq .Values.prometheusOperator.networkPolicy.flavor "cilium") }}
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+spec:
+  endpointSelector:
+    matchLabels:
+      {{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
+      app: {{ template "kube-prometheus-stack.name" . }}-operator
+      {{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
+      {{- else }}
+      {{- include "kube-prometheus-stack.prometheus-operator.labels" $ | nindent 6 }}
+      {{- end }}
+  egress:
+    {{- if and .Values.prometheusOperator.networkPolicy.cilium .Values.prometheusOperator.networkPolicy.cilium.egress }}
+    {{ toYaml .Values.prometheusOperator.networkPolicy.cilium.egress | nindent 6 }}
+    {{- else }}
+  - toEntities:
+    - kube-apiserver
+  {{- end }}
+  ingress:
+  - toPorts:
+    - ports:
+      {{- if .Values.prometheusOperator.tls.enabled }}
+      - port: {{ .Values.prometheusOperator.tls.internalPort | quote }}
+      {{- else }}
+      - port: "8080"
+      {{- end }}
+        protocol: "TCP"
+      {{- if not .Values.prometheusOperator.tls.enabled }}
+      rules:
+        http:
+        - method: "GET"
+          path: "/metrics"
+      {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/clusterrole.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/clusterrole.yaml
new file mode 100644
index 0000000000..fd11b69eed
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/clusterrole.yaml
@@ -0,0 +1,109 @@
+{{- if and .Values.prometheusOperator.enabled .Values.global.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - alertmanagers
+  - alertmanagers/finalizers
+  - alertmanagers/status
+  - alertmanagerconfigs
+  - prometheuses
+  - prometheuses/finalizers
+  - prometheuses/status
+  - prometheusagents
+  - prometheusagents/finalizers
+  - prometheusagents/status
+  - thanosrulers
+  - thanosrulers/finalizers
+  - thanosrulers/status
+  - scrapeconfigs
+  - servicemonitors
+  - podmonitors
+  - probes
+  - prometheusrules
+  verbs:
+  - '*'
+- apiGroups:
+  - apps
+  resources:
+  - statefulsets
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - secrets
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - list
+  - delete
+- apiGroups:
+  - ""
+  resources:
+  - services
+  - services/finalizers
+  - endpoints
+  verbs:
+  - get
+  - create
+  - update
+  - delete
+- apiGroups:
+  - ""
+  resources:
+  - nodes
+  verbs:
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - namespaces
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - patch
+  - create
+- apiGroups:
+  - networking.k8s.io
+  resources:
+  - ingresses
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - storageclasses
+  verbs:
+  - get
+{{- if .Capabilities.APIVersions.Has "discovery.k8s.io/v1/EndpointSlice" }}
+- apiGroups:
+  - discovery.k8s.io
+  resources:
+  - endpointslices
+  verbs:
+  - get
+  - list
+  - watch
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/clusterrolebinding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/clusterrolebinding.yaml
new file mode 100644
index 0000000000..ad9e3ef6c5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/clusterrolebinding.yaml
@@ -0,0 +1,16 @@
+{{- if and .Values.prometheusOperator.enabled .Values.global.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "kube-prometheus-stack.operator.serviceAccountName" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/deployment.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/deployment.yaml
new file mode 100644
index 0000000000..8a01b2912a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/deployment.yaml
@@ -0,0 +1,204 @@
+{{- $namespace := printf "%s" (include "kube-prometheus-stack.namespace" .) }}
+{{- $defaultKubeletSvcName := printf "%s-kubelet" (include "kube-prometheus-stack.fullname" .) }}
+{{- if .Values.prometheusOperator.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+{{- if .Values.prometheusOperator.labels }}
+{{ toYaml .Values.prometheusOperator.labels | indent 4 }}
+{{- end }}
+{{- if .Values.prometheusOperator.annotations }}
+  annotations:
+{{ toYaml .Values.prometheusOperator.annotations | indent 4 }}
+{{- end }}
+spec:
+  replicas: 1
+  revisionHistoryLimit: {{ .Values.prometheusOperator.revisionHistoryLimit }}
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-operator
+      release: {{ $.Release.Name | quote }}
+  {{- with .Values.prometheusOperator.strategy }}
+  strategy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  template:
+    metadata:
+      labels:
+        {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 8 }}
+{{- if .Values.prometheusOperator.podLabels }}
+{{ toYaml .Values.prometheusOperator.podLabels | indent 8 }}
+{{- end }}
+{{- if .Values.prometheusOperator.podAnnotations }}
+      annotations:
+{{ toYaml .Values.prometheusOperator.podAnnotations | indent 8 }}
+{{- end }}
+    spec:
+    {{- if .Values.prometheusOperator.priorityClassName }}
+      priorityClassName: {{ .Values.prometheusOperator.priorityClassName }}
+    {{- end }}
+    {{- if .Values.global.imagePullSecrets }}
+      imagePullSecrets:
+      {{- include "kube-prometheus-stack.imagePullSecrets" . | indent 8 }}
+    {{- end }}
+      containers:
+        - name: {{ template "kube-prometheus-stack.name" . }}
+          {{- $base_registry := (include "monitoring_registry" .) }}
+          {{- $configReloaderRegistry := $base_registry | default .Values.prometheusOperator.prometheusConfigReloader.image.registry -}}
+          {{- $operatorRegistry := $base_registry | default .Values.prometheusOperator.image.registry -}}
+          {{- $thanosRegistry := $base_registry | default .Values.prometheusOperator.thanosImage.registry -}}
+          {{- if .Values.prometheusOperator.image.sha }}
+          image: "{{ $operatorRegistry }}/{{ .Values.prometheusOperator.image.repository }}:{{ .Values.prometheusOperator.image.tag | default .Chart.AppVersion }}@sha256:{{ .Values.prometheusOperator.image.sha }}"
+          {{- else }}
+          image: "{{ $operatorRegistry }}/{{ .Values.prometheusOperator.image.repository }}:{{ .Values.prometheusOperator.image.tag | default .Chart.AppVersion }}"
+          {{- end }}
+          imagePullPolicy: "{{ .Values.prometheusOperator.image.pullPolicy }}"
+          args:
+            {{- if .Values.prometheusOperator.kubeletService.enabled }}
+            - --kubelet-service={{ .Values.prometheusOperator.kubeletService.namespace }}/{{ default $defaultKubeletSvcName .Values.prometheusOperator.kubeletService.name  }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.logFormat }}
+            - --log-format={{ .Values.prometheusOperator.logFormat }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.logLevel }}
+            - --log-level={{ .Values.prometheusOperator.logLevel }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.denyNamespaces }}
+            - --deny-namespaces={{ tpl (.Values.prometheusOperator.denyNamespaces | join ",") $ }}
+            {{- end }}
+            {{- with $.Values.prometheusOperator.namespaces }}
+            {{- $namespaces := list }}
+            {{- if .releaseNamespace }}
+            {{- $namespaces = append $namespaces $namespace }}
+            {{- end }}
+            {{- if .additional }}
+            {{- range $ns := .additional }}
+            {{- $namespaces = append $namespaces (tpl $ns $) }}
+            {{- end }}
+            {{- end }}
+            - --namespaces={{ $namespaces | mustUniq | join "," }}
+            {{- end }}
+            - --localhost=127.0.0.1
+            {{- if .Values.prometheusOperator.prometheusDefaultBaseImage }}
+            - --prometheus-default-base-image={{ $base_registry | default .Values.prometheusOperator.prometheusDefaultBaseImageRegistry }}/{{ .Values.prometheusOperator.prometheusDefaultBaseImage }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.alertmanagerDefaultBaseImage }}
+            - --alertmanager-default-base-image={{ $base_registry | default .Values.prometheusOperator.alertmanagerDefaultBaseImageRegistry }}/{{ .Values.prometheusOperator.alertmanagerDefaultBaseImage }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.prometheusConfigReloader.image.sha }}
+            - --prometheus-config-reloader={{ $configReloaderRegistry }}/{{ .Values.prometheusOperator.prometheusConfigReloader.image.repository }}:{{ .Values.prometheusOperator.prometheusConfigReloader.image.tag | default .Chart.AppVersion }}@sha256:{{ .Values.prometheusOperator.prometheusConfigReloader.image.sha }}
+            {{- else }}
+            - --prometheus-config-reloader={{ $configReloaderRegistry }}/{{ .Values.prometheusOperator.prometheusConfigReloader.image.repository }}:{{ .Values.prometheusOperator.prometheusConfigReloader.image.tag | default .Chart.AppVersion }}
+            {{- end }}
+            - --config-reloader-cpu-request={{ (((.Values.prometheusOperator.prometheusConfigReloader.resources).requests).cpu) | default 0 }}
+            - --config-reloader-cpu-limit={{ (((.Values.prometheusOperator.prometheusConfigReloader.resources).limits).cpu) | default 0 }}
+            - --config-reloader-memory-request={{ (((.Values.prometheusOperator.prometheusConfigReloader.resources).requests).memory) | default 0 }}
+            - --config-reloader-memory-limit={{ (((.Values.prometheusOperator.prometheusConfigReloader.resources).limits).memory) | default 0 }}
+            {{- if .Values.prometheusOperator.prometheusConfigReloader.enableProbe }}
+            - --enable-config-reloader-probes=true
+            {{- end }}
+            {{- if .Values.prometheusOperator.alertmanagerInstanceNamespaces }}
+            - --alertmanager-instance-namespaces={{ .Values.prometheusOperator.alertmanagerInstanceNamespaces | join "," }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.alertmanagerInstanceSelector }}
+            - --alertmanager-instance-selector={{ .Values.prometheusOperator.alertmanagerInstanceSelector }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.alertmanagerConfigNamespaces }}
+            - --alertmanager-config-namespaces={{ .Values.prometheusOperator.alertmanagerConfigNamespaces | join "," }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.prometheusInstanceNamespaces }}
+            - --prometheus-instance-namespaces={{ .Values.prometheusOperator.prometheusInstanceNamespaces | join "," }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.prometheusInstanceSelector }}
+            - --prometheus-instance-selector={{ .Values.prometheusOperator.prometheusInstanceSelector }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.thanosImage.sha }}
+            - --thanos-default-base-image={{ $thanosRegistry }}/{{ .Values.prometheusOperator.thanosImage.repository }}:{{ .Values.prometheusOperator.thanosImage.tag }}@sha256:{{ .Values.prometheusOperator.thanosImage.sha }}
+            {{- else }}
+            - --thanos-default-base-image={{ $thanosRegistry }}/{{ .Values.prometheusOperator.thanosImage.repository }}:{{ .Values.prometheusOperator.thanosImage.tag }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.thanosRulerInstanceNamespaces }}
+            - --thanos-ruler-instance-namespaces={{ .Values.prometheusOperator.thanosRulerInstanceNamespaces | join "," }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.thanosRulerInstanceSelector }}
+            - --thanos-ruler-instance-selector={{ .Values.prometheusOperator.thanosRulerInstanceSelector }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.secretFieldSelector }}
+            - --secret-field-selector={{ tpl (.Values.prometheusOperator.secretFieldSelector) $ }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.clusterDomain }}
+            - --cluster-domain={{ .Values.prometheusOperator.clusterDomain }}
+            {{- end }}
+            {{- if .Values.prometheusOperator.tls.enabled }}
+            - --web.enable-tls=true
+            - --web.cert-file=/cert/{{ if .Values.prometheusOperator.admissionWebhooks.certManager.enabled }}tls.crt{{ else }}cert{{ end }}
+            - --web.key-file=/cert/{{ if .Values.prometheusOperator.admissionWebhooks.certManager.enabled }}tls.key{{ else }}key{{ end }}
+            - --web.listen-address=:{{ .Values.prometheusOperator.tls.internalPort }}
+            - --web.tls-min-version={{ .Values.prometheusOperator.tls.tlsMinVersion }}
+          ports:
+            - containerPort: {{ .Values.prometheusOperator.tls.internalPort }}
+              name: https
+          {{- else }}
+          ports:
+            - containerPort: 8080
+              name: http
+          {{- end }}
+          env:
+          {{- range $key, $value := .Values.prometheusOperator.env }}
+          - name: {{ $key }}
+            value: {{ $value | quote }}
+          {{- end }}
+          resources:
+{{ toYaml .Values.prometheusOperator.resources | indent 12 }}
+          securityContext:
+{{ toYaml .Values.prometheusOperator.containerSecurityContext | indent 12 }}
+          volumeMounts:
+          {{- if .Values.prometheusOperator.tls.enabled }}
+            - name: tls-secret
+              mountPath: /cert
+              readOnly: true
+          {{- end }}
+          {{- with .Values.prometheusOperator.extraVolumeMounts }}
+          {{- toYaml . | nindent 12 }}
+          {{- end }}
+      volumes:
+        {{- if .Values.prometheusOperator.tls.enabled }}
+        - name: tls-secret
+          secret:
+            defaultMode: 420
+            secretName: {{ template "kube-prometheus-stack.fullname" . }}-admission
+        {{- end }}
+        {{- with .Values.prometheusOperator.extraVolumes }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    {{- with .Values.prometheusOperator.dnsConfig }}
+      dnsConfig:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+{{- if .Values.prometheusOperator.securityContext }}
+      securityContext:
+{{ toYaml .Values.prometheusOperator.securityContext | indent 8 }}
+{{- end }}
+      serviceAccountName: {{ template "kube-prometheus-stack.operator.serviceAccountName" . }}
+      automountServiceAccountToken: {{ .Values.prometheusOperator.automountServiceAccountToken }}
+{{- if .Values.prometheusOperator.hostNetwork }}
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+{{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} 
+{{- with .Values.prometheusOperator.nodeSelector }}
+{{ toYaml . | indent 8 }}
+{{- end }}
+    {{- with .Values.prometheusOperator.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} 
+{{- with .Values.prometheusOperator.tolerations }}
+{{ toYaml . | indent 8 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/networkpolicy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/networkpolicy.yaml
new file mode 100644
index 0000000000..cfd5b0b8c7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/networkpolicy.yaml
@@ -0,0 +1,29 @@
+{{- if and .Values.prometheusOperator.networkPolicy.enabled (eq .Values.prometheusOperator.networkPolicy.flavor "kubernetes") }}
+apiVersion: {{ template "kube-prometheus-stack.prometheus.networkPolicy.apiVersion" . }}
+kind: NetworkPolicy
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+spec:
+  egress:
+    - {}
+  ingress:
+    - ports:
+      {{- if .Values.prometheusOperator.tls.enabled }}
+      - port: {{ .Values.prometheusOperator.tls.internalPort }}
+      {{- else }}
+      - port: 8080
+      {{- end }}
+  policyTypes:
+    - Egress
+    - Ingress
+  podSelector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-operator
+      release: {{ $.Release.Name | quote }}
+      {{- if .Values.prometheusOperator.networkPolicy.matchLabels }}
+      {{ toYaml .Values.prometheusOperator.networkPolicy.matchLabels | nindent 6 }}
+      {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/psp-clusterrole.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/psp-clusterrole.yaml
new file mode 100644
index 0000000000..61bc3d9040
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/psp-clusterrole.yaml
@@ -0,0 +1,21 @@
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+{{- if and .Values.prometheusOperator.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}-psp
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+rules:
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }}
+- apiGroups: ['policy']
+{{- else }}
+- apiGroups: ['extensions']
+{{- end }}
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "kube-prometheus-stack.operator.fullname" . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/psp-clusterrolebinding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/psp-clusterrolebinding.yaml
new file mode 100644
index 0000000000..40e0fc5c15
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/psp-clusterrolebinding.yaml
@@ -0,0 +1,18 @@
+{{- if and .Values.prometheusOperator.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}-psp
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}-psp
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-prometheus-stack.operator.serviceAccountName" . }}
+    namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/psp.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/psp.yaml
new file mode 100644
index 0000000000..28a9075d3e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/psp.yaml
@@ -0,0 +1,46 @@
+{{- if and .Values.prometheusOperator.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+{{- if .Values.global.rbac.pspAnnotations }}
+  annotations:
+{{ toYaml .Values.global.rbac.pspAnnotations | indent 4 }}
+{{- end }}
+spec:
+  privileged: false
+  # Allow core volume types.
+  volumes:
+    - 'configMap'
+    - 'emptyDir'
+    - 'projected'
+    - 'secret'
+    - 'downwardAPI'
+    - 'persistentVolumeClaim'
+  hostNetwork: {{ .Values.prometheusOperator.hostNetwork }}
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    # Permits the container to run with root privileges as well.
+    rule: 'RunAsAny'
+  seLinux:
+    # This policy assumes the nodes are using AppArmor rather than SELinux.
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/service.yaml
new file mode 100644
index 0000000000..d45ab22d08
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/service.yaml
@@ -0,0 +1,57 @@
+{{- if .Values.prometheusOperator.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+{{- if .Values.prometheusOperator.service.labels }}
+{{ toYaml .Values.prometheusOperator.service.labels | indent 4 }}
+{{- end }}
+{{- if .Values.prometheusOperator.service.annotations }}
+  annotations:
+{{ toYaml .Values.prometheusOperator.service.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.prometheusOperator.service.clusterIP }}
+  clusterIP: {{ .Values.prometheusOperator.service.clusterIP }}
+{{- end }}
+{{- if .Values.prometheusOperator.service.externalIPs }}
+  externalIPs:
+{{ toYaml .Values.prometheusOperator.service.externalIPs | indent 4 }}
+{{- end }}
+{{- if .Values.prometheusOperator.service.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.prometheusOperator.service.loadBalancerIP }}
+{{- end }}
+{{- if .Values.prometheusOperator.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range $cidr := .Values.prometheusOperator.service.loadBalancerSourceRanges }}
+    - {{ $cidr }}
+  {{- end }}
+{{- end }}
+{{- if ne .Values.prometheusOperator.service.type "ClusterIP" }}
+  externalTrafficPolicy: {{ .Values.prometheusOperator.service.externalTrafficPolicy }}
+{{- end }}
+  ports:
+  {{- if not .Values.prometheusOperator.tls.enabled }}
+  - name: http
+    {{- if eq .Values.prometheusOperator.service.type "NodePort" }}
+    nodePort: {{ .Values.prometheusOperator.service.nodePort }}
+    {{- end }}
+    port: 8080
+    targetPort: http
+  {{- end }}
+  {{- if .Values.prometheusOperator.tls.enabled }}
+  - name: https
+    {{- if eq .Values.prometheusOperator.service.type "NodePort"}}
+    nodePort: {{ .Values.prometheusOperator.service.nodePortTls }}
+    {{- end }}
+    port: 443
+    targetPort: https
+  {{- end }}
+  selector:
+    app: {{ template "kube-prometheus-stack.name" . }}-operator
+    release: {{ $.Release.Name | quote }}
+  type: "{{ .Values.prometheusOperator.service.type }}"
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/serviceaccount.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/serviceaccount.yaml
new file mode 100644
index 0000000000..4f84974f9b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/serviceaccount.yaml
@@ -0,0 +1,14 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.serviceAccountName" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+automountServiceAccountToken: {{ .Values.prometheusOperator.serviceAccount.automountServiceAccountToken }}
+{{- if .Values.global.imagePullSecrets }}
+imagePullSecrets:
+{{ include "kube-prometheus-stack.imagePullSecrets" . | trim | indent 2 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/servicemonitor.yaml
new file mode 100644
index 0000000000..cbe79e1253
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/servicemonitor.yaml
@@ -0,0 +1,57 @@
+{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.serviceMonitor.selfMonitor }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+{{- with .Values.prometheusOperator.serviceMonitor.additionalLabels }}
+{{ toYaml . | indent 4 }}
+{{- end }}
+spec:
+  {{- include "servicemonitor.scrapeLimits" .Values.prometheusOperator.serviceMonitor | nindent 2 }}
+  endpoints:
+  {{- if .Values.prometheusOperator.tls.enabled }}
+  - port: https
+    scheme: https
+    tlsConfig:
+      serverName: {{ template "kube-prometheus-stack.operator.fullname" . }}
+      ca:
+        secret:
+          name: {{ template "kube-prometheus-stack.fullname" . }}-admission
+          key: {{ if .Values.prometheusOperator.admissionWebhooks.certManager.enabled }}ca.crt{{ else }}ca{{ end }}
+          optional: false
+  {{- else }}
+  - port: http
+  {{- end }}
+    honorLabels: true
+    {{- if .Values.prometheusOperator.serviceMonitor.interval }}
+    interval: {{ .Values.prometheusOperator.serviceMonitor.interval }}
+    {{- end }}
+    metricRelabelings:
+    {{- if .Values.prometheusOperator.serviceMonitor.metricRelabelings }}
+    {{ tpl (toYaml .Values.prometheusOperator.serviceMonitor.metricRelabelings | indent 6) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.prometheusOperator.serviceMonitor.relabelings }}
+    relabelings:
+{{ toYaml .Values.prometheusOperator.serviceMonitor.relabelings | indent 6 }}
+{{- end }}
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-operator
+      release: {{ $.Release.Name | quote }}
+  namespaceSelector:
+    matchNames:
+      - {{ printf "%s" (include "kube-prometheus-stack.namespace" .) | quote }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/verticalpodautoscaler.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/verticalpodautoscaler.yaml
new file mode 100644
index 0000000000..f225d16dde
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus-operator/verticalpodautoscaler.yaml
@@ -0,0 +1,40 @@
+{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1") (.Values.prometheusOperator.verticalPodAutoscaler.enabled) }}
+apiVersion: autoscaling.k8s.io/v1
+kind: VerticalPodAutoscaler
+metadata:
+  name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    {{- include "kube-prometheus-stack.prometheus-operator.labels" . | nindent 4 }}
+spec:
+  {{- with .Values.prometheusOperator.verticalPodAutoscaler.recommenders }}
+  recommenders:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  resourcePolicy:
+    containerPolicies:
+    - containerName: {{ template "kube-prometheus-stack.name" . }}
+      {{- with .Values.prometheusOperator.verticalPodAutoscaler.controlledResources }}
+      controlledResources:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- if .Values.prometheusOperator.verticalPodAutoscaler.controlledValues }}
+      controlledValues: {{ .Values.prometheusOperator.verticalPodAutoscaler.controlledValues }}
+      {{- end }}
+      {{- if .Values.prometheusOperator.verticalPodAutoscaler.maxAllowed }}
+      maxAllowed:
+        {{- toYaml .Values.prometheusOperator.verticalPodAutoscaler.maxAllowed | nindent 8 }}
+      {{- end }}
+      {{- if .Values.prometheusOperator.verticalPodAutoscaler.minAllowed }}
+      minAllowed:
+        {{- toYaml .Values.prometheusOperator.verticalPodAutoscaler.minAllowed | nindent 8 }}
+      {{- end }}
+  targetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ template "kube-prometheus-stack.operator.fullname" . }}
+  {{- with .Values.prometheusOperator.verticalPodAutoscaler.updatePolicy }}
+  updatePolicy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/_rules.tpl b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/_rules.tpl
new file mode 100644
index 0000000000..4a8213d089
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/_rules.tpl
@@ -0,0 +1,44 @@
+{{- /*
+Generated file. Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- define "rules.names" }}
+rules:
+  - "alertmanager.rules"
+  - "config-reloaders"
+  - "etcd"
+  - "general.rules"
+  - "k8s.rules.container-cpu-usage-seconds-total"
+  - "k8s.rules.container-memory-cache"
+  - "k8s.rules.container-memory-rss"
+  - "k8s.rules.container-memory-swap"
+  - "k8s.rules.container-memory-working-set-bytes"
+  - "k8s.rules.container-resource"
+  - "k8s.rules.pod-owner"
+  - "kube-apiserver-availability.rules"
+  - "kube-apiserver-burnrate.rules"
+  - "kube-apiserver-histogram.rules"
+  - "kube-apiserver-slos"
+  - "kube-prometheus-general.rules"
+  - "kube-prometheus-node-recording.rules"
+  - "kube-scheduler.rules"
+  - "kube-state-metrics"
+  - "kubelet.rules"
+  - "kubernetes-apps"
+  - "kubernetes-resources"
+  - "kubernetes-storage"
+  - "kubernetes-system"
+  - "kubernetes-system-kube-proxy"
+  - "kubernetes-system-apiserver"
+  - "kubernetes-system-kubelet"
+  - "kubernetes-system-controller-manager"
+  - "kubernetes-system-scheduler"
+  - "node-exporter.rules"
+  - "node-exporter"
+  - "node.rules"
+  - "node-network"
+  - "prometheus-operator"
+  - "prometheus"
+  - "windows.node.rules"
+  - "windows.pod.rules"
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/additionalAlertRelabelConfigs.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/additionalAlertRelabelConfigs.yaml
new file mode 100644
index 0000000000..bff930981a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/additionalAlertRelabelConfigs.yaml
@@ -0,0 +1,16 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigs }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-am-relabel-confg
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- if .Values.prometheus.prometheusSpec.additionalPrometheusSecretsAnnotations }}
+  annotations:
+{{ toYaml .Values.prometheus.prometheusSpec.additionalPrometheusSecretsAnnotations | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus-am-relabel-confg
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+  additional-alert-relabel-configs.yaml: {{ toYaml .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigs | b64enc | quote }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/additionalAlertmanagerConfigs.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/additionalAlertmanagerConfigs.yaml
new file mode 100644
index 0000000000..2fe8fdb816
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/additionalAlertmanagerConfigs.yaml
@@ -0,0 +1,16 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-am-confg
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- if .Values.prometheus.prometheusSpec.additionalPrometheusSecretsAnnotations }}
+  annotations:
+{{ toYaml .Values.prometheus.prometheusSpec.additionalPrometheusSecretsAnnotations | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus-am-confg
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+  additional-alertmanager-configs.yaml: {{ tpl (toYaml .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs) . | b64enc | quote }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/additionalPrometheusRules.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/additionalPrometheusRules.yaml
new file mode 100644
index 0000000000..cb4aabaa7b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/additionalPrometheusRules.yaml
@@ -0,0 +1,43 @@
+{{- if or .Values.additionalPrometheusRules .Values.additionalPrometheusRulesMap}}
+apiVersion: v1
+kind: List
+metadata:
+  name: {{ include "kube-prometheus-stack.fullname" $ }}-additional-prometheus-rules
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+items:
+{{- if .Values.additionalPrometheusRulesMap }}
+{{- range $prometheusRuleName, $prometheusRule := .Values.additionalPrometheusRulesMap }}
+  - apiVersion: monitoring.coreos.com/v1
+    kind: PrometheusRule
+    metadata:
+      name: {{ template "kube-prometheus-stack.name" $ }}-{{ $prometheusRuleName }}
+      namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+      labels:
+        app: {{ template "kube-prometheus-stack.name" $ }}
+{{ include "kube-prometheus-stack.labels" $ | indent 8 }}
+    {{- if $prometheusRule.additionalLabels }}
+{{ toYaml $prometheusRule.additionalLabels | indent 8 }}
+    {{- end }}
+    spec:
+      groups:
+{{ toYaml $prometheusRule.groups| indent 8 }}
+{{- end }}
+{{- else }}
+{{- range .Values.additionalPrometheusRules }}
+  - apiVersion: monitoring.coreos.com/v1
+    kind: PrometheusRule
+    metadata:
+      name: {{ template "kube-prometheus-stack.name" $ }}-{{ .name }}
+      namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+      labels:
+        app: {{ template "kube-prometheus-stack.name" $ }}
+{{ include "kube-prometheus-stack.labels" $ | indent 8 }}
+    {{- if .additionalLabels }}
+{{ toYaml .additionalLabels | indent 8 }}
+    {{- end }}
+    spec:
+      groups:
+{{ toYaml .groups| indent 8 }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/additionalScrapeConfigs.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/additionalScrapeConfigs.yaml
new file mode 100644
index 0000000000..ebdf766fde
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/additionalScrapeConfigs.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.prometheusSpec.additionalScrapeConfigs }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-scrape-confg
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- if .Values.prometheus.prometheusSpec.additionalPrometheusSecretsAnnotations }}
+  annotations:
+{{ toYaml .Values.prometheus.prometheusSpec.additionalPrometheusSecretsAnnotations | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus-scrape-confg
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+{{- if  eq ( typeOf .Values.prometheus.prometheusSpec.additionalScrapeConfigs ) "string" }}
+  additional-scrape-configs.yaml: {{ tpl .Values.prometheus.prometheusSpec.additionalScrapeConfigs $ | b64enc | quote }}
+{{- else }}
+  additional-scrape-configs.yaml: {{ tpl (toYaml .Values.prometheus.prometheusSpec.additionalScrapeConfigs) $ | b64enc | quote }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/ciliumnetworkpolicy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/ciliumnetworkpolicy.yaml
new file mode 100644
index 0000000000..74d61d7c13
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/ciliumnetworkpolicy.yaml
@@ -0,0 +1,27 @@
+{{- if and .Values.prometheus.networkPolicy.enabled (eq .Values.prometheus.networkPolicy.flavor "cilium") }}
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+    {{- include "kube-prometheus-stack.labels" . | nindent 4 }}
+spec:
+  endpointSelector:
+    {{- if .Values.prometheus.networkPolicy.cilium.endpointSelector }}
+    {{- toYaml .Values.prometheus.networkPolicy.cilium.endpointSelector | nindent 4 }}
+    {{- else }}
+    matchExpressions:
+      - {key: app.kubernetes.io/name, operator: In, values: [prometheus]}
+      - {key: prometheus, operator: In, values: [{{ template "kube-prometheus-stack.prometheus.crname" . }}]}
+    {{- end }}
+  {{- if and .Values.prometheus.networkPolicy.cilium .Values.prometheus.networkPolicy.cilium.egress }}  
+  egress:
+    {{ toYaml .Values.prometheus.networkPolicy.cilium.egress | nindent 4 }}
+  {{- end }}
+  {{- if and .Values.prometheus.networkPolicy.cilium .Values.prometheus.networkPolicy.cilium.ingress }}  
+  ingress:
+    {{ toYaml .Values.prometheus.networkPolicy.cilium.ingress | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/clusterrole.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/clusterrole.yaml
new file mode 100644
index 0000000000..3585b5db11
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/clusterrole.yaml
@@ -0,0 +1,30 @@
+{{- if and .Values.prometheus.enabled .Values.global.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+rules:
+# This permission are not in the kube-prometheus repo
+# they're grabbed from https://github.com/prometheus/prometheus/blob/master/documentation/examples/rbac-setup.yml
+- apiGroups: [""]
+  resources:
+  - nodes
+  - nodes/metrics
+  - services
+  - endpoints
+  - pods
+  verbs: ["get", "list", "watch"]
+- apiGroups:
+  - "networking.k8s.io"
+  resources:
+  - ingresses
+  verbs: ["get", "list", "watch"]
+- nonResourceURLs: ["/metrics", "/metrics/cadvisor"]
+  verbs: ["get"]
+{{- if .Values.prometheus.additionalRulesForClusterRole }}
+{{ toYaml .Values.prometheus.additionalRulesForClusterRole | indent 0 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/clusterrolebinding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/clusterrolebinding.yaml
new file mode 100644
index 0000000000..9fc4f65da4
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/clusterrolebinding.yaml
@@ -0,0 +1,18 @@
+{{- if and .Values.prometheus.enabled .Values.global.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-prometheus-stack.prometheus.serviceAccountName" . }}
+    namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- end }}
+
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/csi-secret.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/csi-secret.yaml
new file mode 100644
index 0000000000..e05382f633
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/csi-secret.yaml
@@ -0,0 +1,12 @@
+{{- if and .Values.prometheus.prometheusSpec.thanos .Values.prometheus.prometheusSpec.thanos.secretProviderClass }}
+---
+apiVersion: secrets-store.csi.x-k8s.io/v1alpha1
+kind: SecretProviderClass
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+spec:
+{{ toYaml .Values.prometheus.prometheusSpec.thanos.secretProviderClass | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/extrasecret.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/extrasecret.yaml
new file mode 100644
index 0000000000..17f3478a46
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/extrasecret.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.prometheus.extraSecret.data -}}
+{{- $secretName := printf "prometheus-%s-extra" (include "kube-prometheus-stack.fullname" . ) -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ default $secretName .Values.prometheus.extraSecret.name }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- if .Values.prometheus.extraSecret.annotations }}
+  annotations:
+{{ toYaml .Values.prometheus.extraSecret.annotations | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+    app.kubernetes.io/component: prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+{{- range $key, $val := .Values.prometheus.extraSecret.data }}
+  {{ $key }}: {{ $val | b64enc | quote }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/ingress.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/ingress.yaml
new file mode 100644
index 0000000000..d2f6af5dd1
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/ingress.yaml
@@ -0,0 +1,77 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.ingress.enabled -}}
+  {{- $pathType := .Values.prometheus.ingress.pathType | default "ImplementationSpecific" -}}
+  {{- $serviceName := printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "prometheus" -}}
+  {{- $servicePort := .Values.prometheus.ingress.servicePort | default .Values.prometheus.service.port -}}
+  {{- $routePrefix := list .Values.prometheus.prometheusSpec.routePrefix -}}
+  {{- $paths := .Values.prometheus.ingress.paths | default $routePrefix -}}
+  {{- $apiIsStable := eq (include "kube-prometheus-stack.ingress.isStable" .) "true" -}}
+  {{- $ingressSupportsPathType := eq (include "kube-prometheus-stack.ingress.supportsPathType" .) "true" -}}
+apiVersion: {{ include "kube-prometheus-stack.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+{{- if .Values.prometheus.ingress.annotations }}
+  annotations:
+    {{- tpl (toYaml .Values.prometheus.ingress.annotations) . | nindent 4 }}
+{{- end }}
+  name: {{ $serviceName }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.prometheus.ingress.labels }}
+{{ toYaml .Values.prometheus.ingress.labels | indent 4 }}
+{{- end }}
+spec:
+  {{- if $apiIsStable }}
+  {{- if .Values.prometheus.ingress.ingressClassName }}
+  ingressClassName: {{ .Values.prometheus.ingress.ingressClassName }}
+  {{- end }}
+  {{- end }}
+  rules:
+  {{- if .Values.prometheus.ingress.hosts }}
+  {{- range $host := .Values.prometheus.ingress.hosts }}
+    - host: {{ tpl $host $ }}
+      http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ tpl $p $ }}
+            {{- if and $pathType $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+    {{- end }}
+    {{- end -}}
+  {{- end -}}
+  {{- else }}
+    - http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ tpl $p $ }}
+            {{- if and $pathType $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+  {{- end }}
+  {{- end -}}
+  {{- end -}}
+  {{- if .Values.prometheus.ingress.tls }}
+  tls:
+{{ tpl (toYaml .Values.prometheus.ingress.tls | indent 4) . }}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/ingressThanosSidecar.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/ingressThanosSidecar.yaml
new file mode 100644
index 0000000000..3f507cfa9f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/ingressThanosSidecar.yaml
@@ -0,0 +1,77 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.thanosIngress.enabled }}
+{{- $pathType := .Values.prometheus.thanosIngress.pathType | default "" }}
+{{- $serviceName := printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "thanos-discovery" }}
+{{- $thanosPort := .Values.prometheus.thanosIngress.servicePort -}}
+{{- $routePrefix := list .Values.prometheus.prometheusSpec.routePrefix }}
+{{- $paths := .Values.prometheus.thanosIngress.paths | default $routePrefix -}}
+{{- $apiIsStable := eq (include "kube-prometheus-stack.ingress.isStable" .) "true" -}}
+{{- $ingressSupportsPathType := eq (include "kube-prometheus-stack.ingress.supportsPathType" .) "true" -}}
+apiVersion: {{ include "kube-prometheus-stack.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+{{- if .Values.prometheus.thanosIngress.annotations }}
+  annotations:
+    {{- tpl (toYaml .Values.prometheus.thanosIngress.annotations) . | nindent 4 }}
+{{- end }}
+  name: {{ template "kube-prometheus-stack.fullname" . }}-thanos-gateway
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.prometheus.thanosIngress.labels }}
+{{ toYaml .Values.prometheus.thanosIngress.labels | indent 4 }}
+{{- end }}
+spec:
+  {{- if $apiIsStable }}
+  {{- if .Values.prometheus.thanosIngress.ingressClassName }}
+  ingressClassName: {{ .Values.prometheus.thanosIngress.ingressClassName }}
+  {{- end }}
+  {{- end }}
+  rules:
+  {{- if .Values.prometheus.thanosIngress.hosts }}
+  {{- range $host := .Values.prometheus.thanosIngress.hosts }}
+    - host: {{ tpl $host $ }}
+      http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ tpl $p $ }}
+            {{- if and $pathType $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  number: {{ $thanosPort }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $thanosPort }}
+    {{- end }}
+    {{- end -}}
+  {{- end -}}
+  {{- else }}
+    - http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ tpl $p $ }}
+            {{- if and $pathType $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  number: {{ $thanosPort }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $thanosPort }}
+  {{- end }}
+  {{- end -}}
+  {{- end -}}
+  {{- if .Values.prometheus.thanosIngress.tls }}
+  tls:
+{{ tpl (toYaml .Values.prometheus.thanosIngress.tls | indent 4) . }}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/ingressperreplica.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/ingressperreplica.yaml
new file mode 100644
index 0000000000..1d76d135c8
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/ingressperreplica.yaml
@@ -0,0 +1,67 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.servicePerReplica.enabled .Values.prometheus.ingressPerReplica.enabled }}
+{{- $pathType := .Values.prometheus.ingressPerReplica.pathType | default "" }}
+{{- $count := .Values.prometheus.prometheusSpec.replicas | int -}}
+{{- $servicePort := .Values.prometheus.servicePerReplica.port -}}
+{{- $ingressValues := .Values.prometheus.ingressPerReplica -}}
+{{- $apiIsStable := eq (include "kube-prometheus-stack.ingress.isStable" .) "true" -}}
+{{- $ingressSupportsPathType := eq (include "kube-prometheus-stack.ingress.supportsPathType" .) "true" -}}
+apiVersion: v1
+kind: List
+metadata:
+  name: {{ include "kube-prometheus-stack.fullname" $ }}-prometheus-ingressperreplica
+  namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+items:
+{{ range $i, $e := until $count }}
+  - kind: Ingress
+    apiVersion: {{ include "kube-prometheus-stack.ingress.apiVersion" $ }}
+    metadata:
+      name: {{ include "kube-prometheus-stack.fullname" $ }}-prometheus-{{ $i }}
+      namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+      labels:
+        app: {{ include "kube-prometheus-stack.name" $ }}-prometheus
+      {{ include "kube-prometheus-stack.labels" $ | indent 8 }}
+      {{- if $ingressValues.labels }}
+{{ toYaml $ingressValues.labels | indent 8 }}
+      {{- end }}
+      {{- if $ingressValues.annotations }}
+      annotations:
+        {{- tpl (toYaml $ingressValues.annotations) $ | nindent 8 }}
+      {{- end }}
+    spec:
+      {{- if $apiIsStable }}
+      {{- if $ingressValues.ingressClassName }}
+      ingressClassName: {{ $ingressValues.ingressClassName }}
+      {{- end }}
+      {{- end }}
+      rules:
+        - host: {{ $ingressValues.hostPrefix }}-{{ $i }}.{{ $ingressValues.hostDomain }}
+          http:
+            paths:
+      {{- range $p := $ingressValues.paths }}
+              - path: {{ tpl $p $ }}
+                {{- if and $pathType $ingressSupportsPathType }}
+                pathType: {{ $pathType }}
+                {{- end }}
+                backend:
+                  {{- if $apiIsStable }}
+                  service:
+                    name: {{ include "kube-prometheus-stack.fullname" $ }}-prometheus-{{ $i }}
+                    port:
+                      number: {{ $servicePort }}
+                  {{- else }}
+                  serviceName: {{ include "kube-prometheus-stack.fullname" $ }}-prometheus-{{ $i }}
+                  servicePort: {{ $servicePort }}
+      {{- end }}
+      {{- end -}}
+      {{- if or $ingressValues.tlsSecretName $ingressValues.tlsSecretPerReplica.enabled }}
+      tls:
+        - hosts:
+            - {{ $ingressValues.hostPrefix }}-{{ $i }}.{{ $ingressValues.hostDomain }}
+          {{- if $ingressValues.tlsSecretPerReplica.enabled }}
+          secretName: {{ $ingressValues.tlsSecretPerReplica.prefix }}-{{ $i }}
+          {{- else }}
+          secretName: {{ $ingressValues.tlsSecretName }}
+          {{- end }}
+      {{- end }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/networkpolicy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/networkpolicy.yaml
new file mode 100644
index 0000000000..1296a79063
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/networkpolicy.yaml
@@ -0,0 +1,34 @@
+{{- if and .Values.prometheus.networkPolicy.enabled (eq .Values.prometheus.networkPolicy.flavor "kubernetes") }}
+apiVersion: {{ template "kube-prometheus-stack.prometheus.networkPolicy.apiVersion" . }}
+kind: NetworkPolicy
+metadata:
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+    {{- include "kube-prometheus-stack.labels" . | nindent 4 }}
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+spec:
+  {{- if .Values.prometheus.networkPolicy.egress }}
+  egress:
+    {{- toYaml .Values.prometheus.networkPolicy.egress | nindent 4 }}
+  {{- end }}
+  {{- if .Values.prometheus.networkPolicy.ingress }}
+  ingress:
+    {{- toYaml .Values.prometheus.networkPolicy.ingress | nindent 4 }}
+  {{- end }}
+  policyTypes:
+    - Egress
+    - Ingress
+  podSelector:
+    {{- if .Values.prometheus.networkPolicy.podSelector }}
+    {{- toYaml .Values.prometheus.networkPolicy.podSelector | nindent 4 }}
+    {{- else }}
+    matchLabels:
+      {{- if .Values.prometheus.agentMode }}
+      app.kubernetes.io/name: prometheus-agent
+      {{- else }}
+      app.kubernetes.io/name: prometheus
+      {{- end }}
+      operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
+    {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/nginx-config.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/nginx-config.yaml
new file mode 100644
index 0000000000..e4d91f9a9e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/nginx-config.yaml
@@ -0,0 +1,68 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: prometheus-nginx-proxy-config
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.prometheus.annotations }}
+  annotations:
+{{ toYaml .Values.prometheus.annotations | indent 4 }}
+{{- end }}
+data:
+  nginx.conf: |-
+    worker_processes      auto;
+    error_log             /dev/stdout warn;
+    pid                   /var/cache/nginx/nginx.pid;
+
+    events {
+       worker_connections 1024;
+    }
+
+    http {
+      include       /etc/nginx/mime.types;
+      log_format    main '[$time_local - $status] $remote_addr - $remote_user $request ($http_referer)';
+
+      proxy_connect_timeout       10;
+      proxy_read_timeout          180;
+      proxy_send_timeout          5;
+      proxy_buffering             off;
+      proxy_cache_path            /var/cache/nginx/cache levels=1:2 keys_zone=my_zone:100m inactive=1d max_size=10g;
+
+      server {
+        listen          8081;
+        access_log      off;
+
+        gzip            on;
+        gzip_min_length 1k;
+        gzip_comp_level 2;
+        gzip_types      text/plain application/javascript application/x-javascript text/css application/xml text/javascript image/jpeg image/gif image/png;
+        gzip_vary       on;
+        gzip_disable    "MSIE [1-6]\.";
+
+        proxy_set_header Host $host;
+
+        location / {
+          proxy_cache         my_zone;
+          proxy_cache_valid   200 302 1d;
+          proxy_cache_valid   301 30d;
+          proxy_cache_valid   any 5m;
+          proxy_cache_bypass  $http_cache_control;
+          add_header          X-Proxy-Cache $upstream_cache_status;
+          add_header          Cache-Control "public";
+          
+          proxy_pass     http://localhost:9090/;
+
+          sub_filter_once off;
+          sub_filter          'var PATH_PREFIX = "";' 'var PATH_PREFIX = ".";';
+
+          if ($request_filename ~ .*\.(?:js|css|jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm)$) {
+            expires             90d;
+          }
+
+          rewrite ^/k8s/clusters/.*/proxy(.*) /$1 break;
+
+        }
+      }
+    }
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/podDisruptionBudget.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/podDisruptionBudget.yaml
new file mode 100644
index 0000000000..48f3f1f5a6
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/podDisruptionBudget.yaml
@@ -0,0 +1,25 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.podDisruptionBudget.enabled }}
+apiVersion: {{ include "kube-prometheus-stack.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  {{- if .Values.prometheus.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.prometheus.podDisruptionBudget.minAvailable }}
+  {{- end  }}
+  {{- if .Values.prometheus.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.prometheus.podDisruptionBudget.maxUnavailable }}
+  {{- end  }}
+  selector:
+    matchLabels:
+      {{- if .Values.prometheus.agentMode }}
+      app.kubernetes.io/name: prometheus-agent
+      {{- else }}
+      app.kubernetes.io/name: prometheus
+      {{- end }}
+      operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/podmonitors.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/podmonitors.yaml
new file mode 100644
index 0000000000..4e748c23b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/podmonitors.yaml
@@ -0,0 +1,38 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.additionalPodMonitors }}
+apiVersion: v1
+kind: List
+items:
+{{- range .Values.prometheus.additionalPodMonitors }}
+  - apiVersion: monitoring.coreos.com/v1
+    kind: PodMonitor
+    metadata:
+      name: {{ .name }}
+      namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+      labels:
+        app: {{ template "kube-prometheus-stack.name" $ }}-prometheus
+{{ include "kube-prometheus-stack.labels" $ | indent 8 }}
+        {{- if .additionalLabels }}
+{{ toYaml .additionalLabels | indent 8 }}
+        {{- end }}
+    spec:
+      {{- include "servicemonitor.scrapeLimits" . | nindent 6 }}
+      podMetricsEndpoints:
+{{ toYaml .podMetricsEndpoints | indent 8 }}
+    {{- if .jobLabel }}
+      jobLabel: {{ .jobLabel }}
+    {{- end }}
+    {{- if .namespaceSelector }}
+      namespaceSelector:
+{{ toYaml .namespaceSelector | indent 8 }}
+    {{- end }}
+      selector:
+{{ toYaml .selector | indent 8 }}
+    {{- if .podTargetLabels }}
+      podTargetLabels:
+{{ toYaml .podTargetLabels | indent 8 }}
+    {{- end }}
+    {{- if .sampleLimit }}
+      sampleLimit: {{ .sampleLimit }}
+    {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/prometheus.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/prometheus.yaml
new file mode 100644
index 0000000000..5c3c8d4d1f
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/prometheus.yaml
@@ -0,0 +1,472 @@
+{{- if .Values.prometheus.enabled }}
+{{- if .Values.prometheus.agentMode }}
+apiVersion: monitoring.coreos.com/v1alpha1
+kind: PrometheusAgent
+{{- else }}
+apiVersion: monitoring.coreos.com/v1
+kind: Prometheus
+{{- end }}
+metadata:
+  name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.prometheus.annotations }}
+  annotations:
+{{ toYaml .Values.prometheus.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if and (not .Values.prometheus.agentMode) (or .Values.prometheus.prometheusSpec.alertingEndpoints .Values.alertmanager.enabled) }}
+  alerting:
+    alertmanagers:
+{{- if .Values.prometheus.prometheusSpec.alertingEndpoints }}
+{{ toYaml .Values.prometheus.prometheusSpec.alertingEndpoints | indent 6 }}
+{{- else if .Values.alertmanager.enabled }}
+      - namespace: {{ template "kube-prometheus-stack.namespace" . }}
+        name: {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+        port: {{ .Values.alertmanager.alertmanagerSpec.portName }}
+        {{- if .Values.alertmanager.alertmanagerSpec.routePrefix }}
+        pathPrefix: "{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}"
+        {{- end }}
+        {{- if .Values.alertmanager.alertmanagerSpec.scheme }}
+        scheme: {{ .Values.alertmanager.alertmanagerSpec.scheme }}
+        {{- end }}
+        {{- if .Values.alertmanager.alertmanagerSpec.tlsConfig }}
+        tlsConfig:
+{{ toYaml .Values.alertmanager.alertmanagerSpec.tlsConfig | indent 10 }}
+        {{- end }}
+        apiVersion: {{ .Values.alertmanager.apiVersion }}
+{{- end }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.apiserverConfig }}
+  apiserverConfig:
+{{ toYaml .Values.prometheus.prometheusSpec.apiserverConfig | indent 4}}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.image }}
+  {{- $registry := include "monitoring_registry" . | default .Values.prometheus.prometheusSpec.image.registry -}}
+  {{- if and .Values.prometheus.prometheusSpec.image.tag .Values.prometheus.prometheusSpec.image.sha }}
+  image: "{{ $registry }}/{{ .Values.prometheus.prometheusSpec.image.repository }}:{{ .Values.prometheus.prometheusSpec.image.tag }}@sha256:{{ .Values.prometheus.prometheusSpec.image.sha }}"
+  {{- else if .Values.prometheus.prometheusSpec.image.sha }}
+  image: "{{ $registry }}/{{ .Values.prometheus.prometheusSpec.image.repository }}@sha256:{{ .Values.prometheus.prometheusSpec.image.sha }}"
+  {{- else if .Values.prometheus.prometheusSpec.image.tag }}
+  image: "{{ $registry }}/{{ .Values.prometheus.prometheusSpec.image.repository }}:{{ .Values.prometheus.prometheusSpec.image.tag }}"
+  {{- else }}
+  image: "{{ $registry }}/{{ .Values.prometheus.prometheusSpec.image.repository }}"
+  {{- end }}
+  version: {{ default .Values.prometheus.prometheusSpec.image.tag .Values.prometheus.prometheusSpec.version }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.additionalArgs }}
+  additionalArgs:
+{{ toYaml .Values.prometheus.prometheusSpec.additionalArgs | indent 4}}
+{{- end -}}
+{{- if .Values.prometheus.prometheusSpec.externalLabels }}
+  externalLabels:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.externalLabels | indent 4) . }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.prometheusExternalLabelNameClear }}
+  prometheusExternalLabelName: ""
+{{- else if .Values.prometheus.prometheusSpec.prometheusExternalLabelName }}
+  prometheusExternalLabelName: "{{ .Values.prometheus.prometheusSpec.prometheusExternalLabelName }}"
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.replicaExternalLabelNameClear }}
+  replicaExternalLabelName: ""
+{{- else if .Values.prometheus.prometheusSpec.replicaExternalLabelName }}
+  replicaExternalLabelName: "{{ .Values.prometheus.prometheusSpec.replicaExternalLabelName }}"
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enableRemoteWriteReceiver }}
+  enableRemoteWriteReceiver: {{ .Values.prometheus.prometheusSpec.enableRemoteWriteReceiver }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.externalUrl }}
+  externalUrl: "{{ tpl .Values.prometheus.prometheusSpec.externalUrl . }}"
+{{- else if and .Values.prometheus.ingress.enabled .Values.prometheus.ingress.hosts }}
+  externalUrl: "http://{{ tpl (index .Values.prometheus.ingress.hosts 0) . }}{{ .Values.prometheus.prometheusSpec.routePrefix }}"
+{{- else if not (or (kindIs "invalid" .Values.global.cattle.url) (kindIs "invalid" .Values.global.cattle.clusterId)) }}
+  externalUrl: "{{ .Values.global.cattle.url }}/k8s/clusters/{{ .Values.global.cattle.clusterId }}/api/v1/namespaces/{{ template "kube-prometheus-stack.namespace" . }}/services/http:{{ template "kube-prometheus-stack.fullname" . }}-prometheus:{{ .Values.prometheus.service.port }}/proxy"
+{{- else }}
+  externalUrl: http://{{ template "kube-prometheus-stack.fullname" . }}-prometheus.{{ template "kube-prometheus-stack.namespace" . }}:{{ .Values.prometheus.service.port }}
+{{- end }}
+  nodeSelector: {{ include "linux-node-selector" . | nindent 4 }}
+{{- if .Values.prometheus.prometheusSpec.nodeSelector }}
+{{ toYaml .Values.prometheus.prometheusSpec.nodeSelector | indent 4 }}
+{{- end }}
+  paused: {{ .Values.prometheus.prometheusSpec.paused }}
+  replicas: {{ .Values.prometheus.prometheusSpec.replicas }}
+  shards: {{ .Values.prometheus.prometheusSpec.shards }}
+  logLevel:  {{ .Values.prometheus.prometheusSpec.logLevel }}
+  logFormat:  {{ .Values.prometheus.prometheusSpec.logFormat }}
+  listenLocal: {{ .Values.prometheus.prometheusSpec.listenLocal }}
+{{- if not .Values.prometheus.agentMode }}
+  enableAdminAPI: {{ .Values.prometheus.prometheusSpec.enableAdminAPI }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.web }}
+  web:
+{{ toYaml .Values.prometheus.prometheusSpec.web | indent 4 }}
+{{- end }}
+{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.exemplars }}
+  exemplars:
+  {{ toYaml .Values.prometheus.prometheusSpec.exemplars | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enableFeatures }}
+  enableFeatures:
+{{- range $enableFeatures := .Values.prometheus.prometheusSpec.enableFeatures }}
+  - {{ tpl $enableFeatures $ }}
+{{- end }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.scrapeInterval }}
+  scrapeInterval: {{ .Values.prometheus.prometheusSpec.scrapeInterval }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.scrapeTimeout }}
+  scrapeTimeout: {{ .Values.prometheus.prometheusSpec.scrapeTimeout }}
+{{- end }}
+{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.evaluationInterval }}
+  evaluationInterval: {{ .Values.prometheus.prometheusSpec.evaluationInterval }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.resources }}
+  resources:
+{{ toYaml .Values.prometheus.prometheusSpec.resources | indent 4 }}
+{{- end }}
+{{- if not .Values.prometheus.agentMode }}
+  retention: {{ .Values.prometheus.prometheusSpec.retention | quote  }}
+{{- if .Values.prometheus.prometheusSpec.retentionSize }}
+  retentionSize: {{ .Values.prometheus.prometheusSpec.retentionSize | quote }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.tsdb }}
+  tsdb:
+    {{- if .Values.prometheus.prometheusSpec.tsdb.outOfOrderTimeWindow }}
+    outOfOrderTimeWindow: {{ .Values.prometheus.prometheusSpec.tsdb.outOfOrderTimeWindow }}
+    {{- end }}
+{{- end }}
+{{- end }}
+{{- if eq .Values.prometheus.prometheusSpec.walCompression false }}
+  walCompression: false
+{{ else }}
+  walCompression: true
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.routePrefix }}
+  routePrefix: {{ .Values.prometheus.prometheusSpec.routePrefix | quote  }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.secrets }}
+  secrets:
+{{ toYaml .Values.prometheus.prometheusSpec.secrets | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.configMaps }}
+  configMaps:
+{{ toYaml .Values.prometheus.prometheusSpec.configMaps | indent 4 }}
+{{- end }}
+  serviceAccountName: {{ template "kube-prometheus-stack.prometheus.serviceAccountName" . }}
+{{- if .Values.prometheus.prometheusSpec.serviceMonitorSelector }}
+  serviceMonitorSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.serviceMonitorSelector | indent 4) . }}
+{{ else if .Values.prometheus.prometheusSpec.serviceMonitorSelectorNilUsesHelmValues  }}
+  serviceMonitorSelector:
+    matchLabels:
+      release: {{ $.Release.Name | quote }}
+{{ else }}
+  serviceMonitorSelector: {}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.serviceMonitorNamespaceSelector }}
+  serviceMonitorNamespaceSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.serviceMonitorNamespaceSelector | indent 4) . }}
+{{ else }}
+  serviceMonitorNamespaceSelector: {}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.podMonitorSelector }}
+  podMonitorSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.podMonitorSelector | indent 4) . }}
+{{ else if .Values.prometheus.prometheusSpec.podMonitorSelectorNilUsesHelmValues  }}
+  podMonitorSelector:
+    matchLabels:
+      release: {{ $.Release.Name | quote }}
+{{ else }}
+  podMonitorSelector: {}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.podMonitorNamespaceSelector }}
+  podMonitorNamespaceSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.podMonitorNamespaceSelector | indent 4) . }}
+{{ else }}
+  podMonitorNamespaceSelector: {}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.probeSelector }}
+  probeSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.probeSelector | indent 4) . }}
+{{ else if .Values.prometheus.prometheusSpec.probeSelectorNilUsesHelmValues  }}
+  probeSelector:
+    matchLabels:
+      release: {{ $.Release.Name | quote }}
+{{ else }}
+  probeSelector: {}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.probeNamespaceSelector }}
+  probeNamespaceSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.probeNamespaceSelector | indent 4) . }}
+{{ else }}
+  probeNamespaceSelector: {}
+{{- end }}
+{{- if and (not .Values.prometheus.agentMode) (or .Values.prometheus.prometheusSpec.remoteRead .Values.prometheus.prometheusSpec.additionalRemoteRead) }}
+  remoteRead:
+{{- if .Values.prometheus.prometheusSpec.remoteRead }}
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.remoteRead | indent 4) . }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.additionalRemoteRead }}
+{{ toYaml .Values.prometheus.prometheusSpec.additionalRemoteRead | indent 4 }}
+{{- end }}
+{{- end }}
+{{- if (or .Values.prometheus.prometheusSpec.remoteWrite .Values.prometheus.prometheusSpec.additionalRemoteWrite) }}
+  remoteWrite:
+{{- if .Values.prometheus.prometheusSpec.remoteWrite }}
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.remoteWrite | indent 4) . }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.additionalRemoteWrite }}
+{{ toYaml .Values.prometheus.prometheusSpec.additionalRemoteWrite | indent 4 }}
+{{- end }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.securityContext }}
+  securityContext:
+{{ toYaml .Values.prometheus.prometheusSpec.securityContext | indent 4 }}
+{{- end }}
+{{- if not .Values.prometheus.agentMode }}
+{{- if .Values.prometheus.prometheusSpec.ruleNamespaceSelector }}
+  ruleNamespaceSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.ruleNamespaceSelector | indent 4) . }}
+{{ else }}
+  ruleNamespaceSelector: {}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.ruleSelector }}
+  ruleSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.ruleSelector | indent 4) . }}
+{{- else if .Values.prometheus.prometheusSpec.ruleSelectorNilUsesHelmValues }}
+  ruleSelector:
+    matchLabels:
+      release: {{ $.Release.Name | quote }}
+{{ else }}
+  ruleSelector: {}
+{{- end }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.scrapeConfigSelector }}
+  scrapeConfigSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.scrapeConfigSelector | indent 4) . }}
+{{ else if .Values.prometheus.prometheusSpec.scrapeConfigSelectorNilUsesHelmValues  }}
+  scrapeConfigSelector:
+    matchLabels:
+      release: {{ $.Release.Name | quote }}
+{{ else }}
+  scrapeConfigSelector: {}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.scrapeConfigNamespaceSelector }}
+  scrapeConfigNamespaceSelector:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.scrapeConfigNamespaceSelector | indent 4) . }}
+{{ else }}
+  scrapeConfigNamespaceSelector: {}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.storageSpec }}
+  storage:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.storageSpec | indent 4) . }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.podMetadata }}
+  podMetadata:
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.podMetadata | indent 4) . }}
+{{- end }}
+{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.query }}
+  query:
+{{ toYaml .Values.prometheus.prometheusSpec.query | indent 4}}
+{{- end }}
+{{- if or .Values.prometheus.prometheusSpec.podAntiAffinity .Values.prometheus.prometheusSpec.affinity }}
+  affinity:
+{{- if .Values.prometheus.prometheusSpec.affinity }}
+{{ toYaml .Values.prometheus.prometheusSpec.affinity | indent 4 }}
+{{- end }}
+{{- if eq .Values.prometheus.prometheusSpec.podAntiAffinity "hard" }}
+    podAntiAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+      - topologyKey: {{ .Values.prometheus.prometheusSpec.podAntiAffinityTopologyKey }}
+        labelSelector:
+          matchExpressions:
+            - {key: app.kubernetes.io/name, operator: In, values: [prometheus]}
+            - {key: prometheus, operator: In, values: [{{ template "kube-prometheus-stack.prometheus.crname" . }}]}
+{{- else if eq .Values.prometheus.prometheusSpec.podAntiAffinity "soft" }}
+    podAntiAffinity:
+      preferredDuringSchedulingIgnoredDuringExecution:
+      - weight: 100
+        podAffinityTerm:
+          topologyKey: {{ .Values.prometheus.prometheusSpec.podAntiAffinityTopologyKey }}
+          labelSelector:
+            matchExpressions:
+              - {key: app.kubernetes.io/name, operator: In, values: [prometheus]}
+              - {key: prometheus, operator: In, values: [{{ template "kube-prometheus-stack.prometheus.crname" . }}]}
+{{- end }}
+{{- end }}
+  tolerations: {{ include "linux-node-tolerations" . | nindent 4 }}
+{{- if .Values.prometheus.prometheusSpec.tolerations }}
+{{ toYaml .Values.prometheus.prometheusSpec.tolerations | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.topologySpreadConstraints }}
+  topologySpreadConstraints:
+{{ toYaml .Values.prometheus.prometheusSpec.topologySpreadConstraints | indent 4 }}
+{{- end }}
+{{- if .Values.global.imagePullSecrets }}
+  imagePullSecrets:
+{{ include "kube-prometheus-stack.imagePullSecrets" . | trim | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.additionalScrapeConfigs }}
+  additionalScrapeConfigs:
+    name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-scrape-confg
+    key: additional-scrape-configs.yaml
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.additionalScrapeConfigsSecret.enabled }}
+  additionalScrapeConfigs:
+    name: {{ .Values.prometheus.prometheusSpec.additionalScrapeConfigsSecret.name }}
+    key: {{ .Values.prometheus.prometheusSpec.additionalScrapeConfigsSecret.key }}
+{{- end }}
+{{- if not .Values.prometheus.agentMode }}
+{{- if or .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret }}
+  additionalAlertManagerConfigs:
+{{- if .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs }}
+    name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-am-confg
+    key: additional-alertmanager-configs.yaml
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret }}
+    name: {{ .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret.name }}
+    key: {{ .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret.key }}
+    {{- if hasKey .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret "optional" }}
+    optional: {{ .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret.optional }}
+    {{- end }}
+{{- end }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigs }}
+  additionalAlertRelabelConfigs:
+    name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-am-relabel-confg
+    key: additional-alert-relabel-configs.yaml
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigsSecret }}
+  additionalAlertRelabelConfigs:
+    name: {{ .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigsSecret.name }}
+    key: {{ .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigsSecret.key }}
+{{- end }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.containers }}
+  containers:
+{{ tpl .Values.prometheus.prometheusSpec.containers $ | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.initContainers }}
+  initContainers:
+{{ toYaml .Values.prometheus.prometheusSpec.initContainers | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.priorityClassName }}
+  priorityClassName: {{ .Values.prometheus.prometheusSpec.priorityClassName }}
+{{- end }}
+{{- if not .Values.prometheus.agentMode }}
+{{- if .Values.prometheus.prometheusSpec.thanos }}
+  thanos:
+{{- with (omit .Values.prometheus.prometheusSpec.thanos "objectStorageConfig")}}
+{{ toYaml . | indent 4 }}
+{{- end }}
+{{- if ((.Values.prometheus.prometheusSpec.thanos.objectStorageConfig).existingSecret) }}
+    objectStorageConfig:
+      key: "{{.Values.prometheus.prometheusSpec.thanos.objectStorageConfig.existingSecret.key }}"
+      name: "{{.Values.prometheus.prometheusSpec.thanos.objectStorageConfig.existingSecret.name }}"
+{{- else if ((.Values.prometheus.prometheusSpec.thanos.objectStorageConfig).secret) }}
+    objectStorageConfig:
+      key: object-storage-configs.yaml
+      name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+{{- end }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.disableCompaction }}
+  disableCompaction: {{ .Values.prometheus.prometheusSpec.disableCompaction }}
+{{- end }}
+{{- end }}
+  portName: {{ .Values.prometheus.prometheusSpec.portName }}
+{{- if .Values.prometheus.prometheusSpec.volumes }}
+  volumes:
+{{ toYaml .Values.prometheus.prometheusSpec.volumes | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.volumeMounts }}
+  volumeMounts:
+{{ toYaml .Values.prometheus.prometheusSpec.volumeMounts | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.arbitraryFSAccessThroughSMs }}
+  arbitraryFSAccessThroughSMs:
+{{ toYaml .Values.prometheus.prometheusSpec.arbitraryFSAccessThroughSMs | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.overrideHonorLabels }}
+  overrideHonorLabels: {{ .Values.prometheus.prometheusSpec.overrideHonorLabels }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.overrideHonorTimestamps }}
+  overrideHonorTimestamps: {{ .Values.prometheus.prometheusSpec.overrideHonorTimestamps }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+  ignoreNamespaceSelectors: {{ .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enforcedNamespaceLabel }}
+  enforcedNamespaceLabel: {{ .Values.prometheus.prometheusSpec.enforcedNamespaceLabel }}
+{{- $prometheusDefaultRulesExcludedFromEnforce := (include "rules.names" .) | fromYaml }}
+{{- if not .Values.prometheus.agentMode }}
+  prometheusRulesExcludedFromEnforce:
+{{- range $prometheusDefaultRulesExcludedFromEnforce.rules }}
+    - ruleNamespace: "{{ template "kube-prometheus-stack.namespace" $ }}"
+      ruleName: "{{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) . | trunc 63 | trimSuffix "-" }}"
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.prometheusRulesExcludedFromEnforce }}
+{{ toYaml .Values.prometheus.prometheusSpec.prometheusRulesExcludedFromEnforce | indent 4 }}
+{{- end }}
+{{- end }}
+  excludedFromEnforcement:
+{{- range $prometheusDefaultRulesExcludedFromEnforce.rules }}
+    - group: monitoring.coreos.com
+      resource: prometheusrules
+      namespace: "{{ template "kube-prometheus-stack.namespace" $ }}"
+      name: "{{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) . | trunc 63 | trimSuffix "-" }}"
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.excludedFromEnforcement }}
+{{ tpl (toYaml .Values.prometheus.prometheusSpec.excludedFromEnforcement | indent 4) . }}
+{{- end }}
+{{- end }}
+{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.queryLogFile }}
+  queryLogFile: {{ .Values.prometheus.prometheusSpec.queryLogFile }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.sampleLimit }}
+  sampleLimit: {{ .Values.prometheus.prometheusSpec.sampleLimit }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enforcedKeepDroppedTargets }}
+  enforcedKeepDroppedTargets: {{ .Values.prometheus.prometheusSpec.enforcedKeepDroppedTargets }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enforcedSampleLimit }}
+  enforcedSampleLimit: {{ .Values.prometheus.prometheusSpec.enforcedSampleLimit }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enforcedTargetLimit }}
+  enforcedTargetLimit: {{ .Values.prometheus.prometheusSpec.enforcedTargetLimit }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enforcedLabelLimit	}}
+  enforcedLabelLimit: {{ .Values.prometheus.prometheusSpec.enforcedLabelLimit	}}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enforcedLabelNameLengthLimit	}}
+  enforcedLabelNameLengthLimit: {{ .Values.prometheus.prometheusSpec.enforcedLabelNameLengthLimit	}}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.enforcedLabelValueLengthLimit}}
+  enforcedLabelValueLengthLimit: {{ .Values.prometheus.prometheusSpec.enforcedLabelValueLengthLimit	}}
+{{- end }}
+{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.allowOverlappingBlocks }}
+  allowOverlappingBlocks: {{ .Values.prometheus.prometheusSpec.allowOverlappingBlocks }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.minReadySeconds }}
+  minReadySeconds: {{ .Values.prometheus.prometheusSpec.minReadySeconds }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.maximumStartupDurationSeconds }}
+  maximumStartupDurationSeconds: {{ .Values.prometheus.prometheusSpec.maximumStartupDurationSeconds }}
+{{- end }}
+  hostNetwork: {{ .Values.prometheus.prometheusSpec.hostNetwork }}
+{{- if .Values.prometheus.prometheusSpec.hostAliases }}
+  hostAliases:
+{{ toYaml .Values.prometheus.prometheusSpec.hostAliases | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.prometheusSpec.tracingConfig }}
+  tracingConfig:
+{{ toYaml .Values.prometheus.prometheusSpec.tracingConfig | indent 4 }}
+{{- end }}
+{{- with .Values.prometheus.prometheusSpec.additionalConfig }}
+  {{- tpl (toYaml .) $ | nindent 2 }}
+{{- end }}
+{{- with .Values.prometheus.prometheusSpec.additionalConfigString }}
+  {{- tpl . $ | nindent 2 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/psp-clusterrole.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/psp-clusterrole.yaml
new file mode 100644
index 0000000000..71476cd18b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/psp-clusterrole.yaml
@@ -0,0 +1,22 @@
+{{- if and .Values.prometheus.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-psp
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+rules:
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }}
+- apiGroups: ['policy']
+{{- else }}
+- apiGroups: ['extensions']
+{{- end }}
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/psp-clusterrolebinding.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/psp-clusterrolebinding.yaml
new file mode 100644
index 0000000000..a393928c78
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/psp-clusterrolebinding.yaml
@@ -0,0 +1,19 @@
+{{- if and .Values.prometheus.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-psp
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus-psp
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-prometheus-stack.prometheus.serviceAccountName" . }}
+    namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/psp.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/psp.yaml
new file mode 100644
index 0000000000..62d3854151
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/psp.yaml
@@ -0,0 +1,58 @@
+{{- if and .Values.prometheus.enabled (or .Values.global.cattle.psp.enabled (and .Values.global.rbac.create .Values.global.rbac.pspEnabled)) }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{- if .Values.global.rbac.pspAnnotations }}
+  annotations:
+{{ toYaml .Values.global.rbac.pspAnnotations | indent 4 }}
+{{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  privileged: false
+  # Allow core volume types.
+  volumes:
+    - 'configMap'
+    - 'emptyDir'
+    - 'projected'
+    - 'secret'
+    - 'downwardAPI'
+    - 'persistentVolumeClaim'
+{{- if .Values.prometheus.podSecurityPolicy.volumes }}
+{{ toYaml .Values.prometheus.podSecurityPolicy.volumes | indent 4 }}
+{{- end }}
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    # Permits the container to run with root privileges as well.
+    rule: 'RunAsAny'
+  seLinux:
+    # This policy assumes the nodes are using AppArmor rather than SELinux.
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      # Allow adding the root group.
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+{{- if .Values.prometheus.podSecurityPolicy.allowedCapabilities }}
+  allowedCapabilities:
+{{ toYaml .Values.prometheus.podSecurityPolicy.allowedCapabilities | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.podSecurityPolicy.allowedHostPaths }}
+  allowedHostPaths:
+{{ toYaml .Values.prometheus.podSecurityPolicy.allowedHostPaths | indent 4 }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/alertmanager.rules.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/alertmanager.rules.yaml
new file mode 100644
index 0000000000..b66f052ade
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/alertmanager.rules.yaml
@@ -0,0 +1,305 @@
+{{- /*
+Generated from 'alertmanager.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/alertmanager-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.alertmanager }}
+{{- $alertmanagerJob := printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "alertmanager" }}
+{{- $namespace := printf "%s" (include "kube-prometheus-stack.namespace" .) }}
+{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceMonitor.selfMonitor }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "alertmanager.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: alertmanager.rules
+    rules:
+{{- if not (.Values.defaultRules.disabled.AlertmanagerFailedReload | default false) }}
+    - alert: AlertmanagerFailedReload
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager | indent 8 }}
+{{- end }}
+        description: Configuration has failed to load for {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod{{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/alertmanager/alertmanagerfailedreload
+        summary: Reloading an Alertmanager configuration has failed.
+      expr: |-
+        # Without max_over_time, failed scrapes could create false negatives, see
+        # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details.
+        max_over_time(alertmanager_config_last_reload_successful{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[5m]) == 0
+      for: {{ dig "AlertmanagerFailedReload" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "AlertmanagerFailedReload" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.AlertmanagerMembersInconsistent | default false) }}
+    - alert: AlertmanagerMembersInconsistent
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager | indent 8 }}
+{{- end }}
+        description: Alertmanager {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod{{`}}`}} has only found {{`{{`}} $value {{`}}`}} members of the {{`{{`}}$labels.job{{`}}`}} cluster.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/alertmanager/alertmanagermembersinconsistent
+        summary: A member of an Alertmanager cluster has not found all other cluster members.
+      expr: |-
+        # Without max_over_time, failed scrapes could create false negatives, see
+        # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details.
+          max_over_time(alertmanager_cluster_members{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[5m])
+        < on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) group_left
+          count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) (max_over_time(alertmanager_cluster_members{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[5m]))
+      for: {{ dig "AlertmanagerMembersInconsistent" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "AlertmanagerMembersInconsistent" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.AlertmanagerFailedToSendAlerts | default false) }}
+    - alert: AlertmanagerFailedToSendAlerts
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager | indent 8 }}
+{{- end }}
+        description: Alertmanager {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod{{`}}`}} failed to send {{`{{`}} $value | humanizePercentage {{`}}`}} of notifications to {{`{{`}} $labels.integration {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/alertmanager/alertmanagerfailedtosendalerts
+        summary: An Alertmanager instance failed to send notifications.
+      expr: |-
+        (
+          rate(alertmanager_notifications_failed_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[5m])
+        /
+          ignoring (reason) group_left rate(alertmanager_notifications_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[5m])
+        )
+        > 0.01
+      for: {{ dig "AlertmanagerFailedToSendAlerts" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "AlertmanagerFailedToSendAlerts" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.AlertmanagerClusterFailedToSendAlerts | default false) }}
+    - alert: AlertmanagerClusterFailedToSendAlerts
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager | indent 8 }}
+{{- end }}
+        description: The minimum notification failure rate to {{`{{`}} $labels.integration {{`}}`}} sent from any instance in the {{`{{`}}$labels.job{{`}}`}} cluster is {{`{{`}} $value | humanizePercentage {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/alertmanager/alertmanagerclusterfailedtosendalerts
+        summary: All Alertmanager instances in a cluster failed to send notifications to a critical integration.
+      expr: |-
+        min by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service, integration) (
+          rate(alertmanager_notifications_failed_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}", integration=~`.*`}[5m])
+        /
+          ignoring (reason) group_left rate(alertmanager_notifications_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}", integration=~`.*`}[5m])
+        )
+        > 0.01
+      for: {{ dig "AlertmanagerClusterFailedToSendAlerts" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "AlertmanagerClusterFailedToSendAlerts" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.AlertmanagerClusterFailedToSendAlerts | default false) }}
+    - alert: AlertmanagerClusterFailedToSendAlerts
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager | indent 8 }}
+{{- end }}
+        description: The minimum notification failure rate to {{`{{`}} $labels.integration {{`}}`}} sent from any instance in the {{`{{`}}$labels.job{{`}}`}} cluster is {{`{{`}} $value | humanizePercentage {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/alertmanager/alertmanagerclusterfailedtosendalerts
+        summary: All Alertmanager instances in a cluster failed to send notifications to a non-critical integration.
+      expr: |-
+        min by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service, integration) (
+          rate(alertmanager_notifications_failed_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}", integration!~`.*`}[5m])
+        /
+          ignoring (reason) group_left rate(alertmanager_notifications_total{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}", integration!~`.*`}[5m])
+        )
+        > 0.01
+      for: {{ dig "AlertmanagerClusterFailedToSendAlerts" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "AlertmanagerClusterFailedToSendAlerts" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.AlertmanagerConfigInconsistent | default false) }}
+    - alert: AlertmanagerConfigInconsistent
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager | indent 8 }}
+{{- end }}
+        description: Alertmanager instances within the {{`{{`}}$labels.job{{`}}`}} cluster have different configurations.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/alertmanager/alertmanagerconfiginconsistent
+        summary: Alertmanager instances within the same cluster have different configurations.
+      expr: |-
+        count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) (
+          count_values by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) ("config_hash", alertmanager_config_hash{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"})
+        )
+        != 1
+      for: {{ dig "AlertmanagerConfigInconsistent" "for" "20m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "AlertmanagerConfigInconsistent" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.AlertmanagerClusterDown | default false) }}
+    - alert: AlertmanagerClusterDown
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $value | humanizePercentage {{`}}`}} of Alertmanager instances within the {{`{{`}}$labels.job{{`}}`}} cluster have been up for less than half of the last 5m.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/alertmanager/alertmanagerclusterdown
+        summary: Half or more of the Alertmanager instances within the same cluster are down.
+      expr: |-
+        (
+          count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) (
+            avg_over_time(up{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[5m]) < 0.5
+          )
+        /
+          count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) (
+            up{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}
+          )
+        )
+        >= 0.5
+      for: {{ dig "AlertmanagerClusterDown" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "AlertmanagerClusterDown" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.AlertmanagerClusterCrashlooping | default false) }}
+    - alert: AlertmanagerClusterCrashlooping
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.alertmanager | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $value | humanizePercentage {{`}}`}} of Alertmanager instances within the {{`{{`}}$labels.job{{`}}`}} cluster have restarted at least 5 times in the last 10m.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/alertmanager/alertmanagerclustercrashlooping
+        summary: Half or more of the Alertmanager instances within the same cluster are crashlooping.
+      expr: |-
+        (
+          count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) (
+            changes(process_start_time_seconds{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}[10m]) > 4
+          )
+        /
+          count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace,service,cluster) (
+            up{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}
+          )
+        )
+        >= 0.5
+      for: {{ dig "AlertmanagerClusterCrashlooping" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "AlertmanagerClusterCrashlooping" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.alertmanager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/config-reloaders.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/config-reloaders.yaml
new file mode 100644
index 0000000000..8416d6df40
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/config-reloaders.yaml
@@ -0,0 +1,57 @@
+{{- /*
+Generated from 'config-reloaders' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/prometheusOperator-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.configReloaders }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "config-reloaders" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: config-reloaders
+    rules:
+{{- if not (.Values.defaultRules.disabled.ConfigReloaderSidecarErrors | default false) }}
+    - alert: ConfigReloaderSidecarErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.configReloaders }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.configReloaders | indent 8 }}
+{{- end }}
+        description: 'Errors encountered while the {{`{{`}}$labels.pod{{`}}`}} config-reloader sidecar attempts to sync config in {{`{{`}}$labels.namespace{{`}}`}} namespace.
+
+          As a result, configuration for service running in {{`{{`}}$labels.pod{{`}}`}} may be stale and cannot be updated anymore.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/configreloadersidecarerrors
+        summary: config-reloader sidecar has not had a successful reload for 10m
+      expr: max_over_time(reloader_last_reload_successful{namespace=~".+"}[5m]) == 0
+      for: {{ dig "ConfigReloaderSidecarErrors" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "ConfigReloaderSidecarErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.configReloaders }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.configReloaders }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/etcd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/etcd.yaml
new file mode 100644
index 0000000000..a1d7a508f8
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/etcd.yaml
@@ -0,0 +1,461 @@
+{{- /*
+Generated from 'etcd' group from https://github.com/etcd-io/etcd.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.etcd }}
+{{- if (include "exporter.kubeEtcd.enabled" .)}}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "etcd" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: etcd
+    rules:
+{{- if not (.Values.defaultRules.disabled.etcdMembersDown | default false) }}
+    - alert: etcdMembersDown
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": members are down ({{`{{`}} $value {{`}}`}}).'
+        summary: etcd cluster members are down.
+      expr: |-
+        max without (endpoint) (
+          sum without (instance) (up{job=~".*etcd.*"} == bool 0)
+        or
+          count without (To) (
+            sum without (instance) (rate(etcd_network_peer_sent_failures_total{job=~".*etcd.*"}[120s])) > 0.01
+          )
+        )
+        > 0
+      for: {{ dig "etcdMembersDown" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdMembersDown" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdInsufficientMembers | default false) }}
+    - alert: etcdInsufficientMembers
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": insufficient members ({{`{{`}} $value {{`}}`}}).'
+        summary: etcd cluster has insufficient number of members.
+      expr: sum(up{job=~".*etcd.*"} == bool 1) without (instance) < ((count(up{job=~".*etcd.*"}) without (instance) + 1) / 2)
+      for: {{ dig "etcdInsufficientMembers" "for" "3m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdInsufficientMembers" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdNoLeader | default false) }}
+    - alert: etcdNoLeader
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": member {{`{{`}} $labels.instance {{`}}`}} has no leader.'
+        summary: etcd cluster has no leader.
+      expr: etcd_server_has_leader{job=~".*etcd.*"} == 0
+      for: {{ dig "etcdNoLeader" "for" "1m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdNoLeader" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdHighNumberOfLeaderChanges | default false) }}
+    - alert: etcdHighNumberOfLeaderChanges
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": {{`{{`}} $value {{`}}`}} leader changes within the last 15 minutes. Frequent elections may be a sign of insufficient resources, high network latency, or disruptions by other components and should be investigated.'
+        summary: etcd cluster has high number of leader changes.
+      expr: increase((max without (instance) (etcd_server_leader_changes_seen_total{job=~".*etcd.*"}) or 0*absent(etcd_server_leader_changes_seen_total{job=~".*etcd.*"}))[15m:1m]) >= 4
+      for: {{ dig "etcdHighNumberOfLeaderChanges" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdHighNumberOfLeaderChanges" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdHighNumberOfFailedGRPCRequests | default false) }}
+    - alert: etcdHighNumberOfFailedGRPCRequests
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": {{`{{`}} $value {{`}}`}}% of requests for {{`{{`}} $labels.grpc_method {{`}}`}} failed on etcd instance {{`{{`}} $labels.instance {{`}}`}}.'
+        summary: etcd cluster has high number of failed grpc requests.
+      expr: |-
+        100 * sum(rate(grpc_server_handled_total{job=~".*etcd.*", grpc_code=~"Unknown|FailedPrecondition|ResourceExhausted|Internal|Unavailable|DataLoss|DeadlineExceeded"}[5m])) without (grpc_type, grpc_code)
+          /
+        sum(rate(grpc_server_handled_total{job=~".*etcd.*"}[5m])) without (grpc_type, grpc_code)
+          > 1
+      for: {{ dig "etcdHighNumberOfFailedGRPCRequests" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdHighNumberOfFailedGRPCRequests" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdHighNumberOfFailedGRPCRequests | default false) }}
+    - alert: etcdHighNumberOfFailedGRPCRequests
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": {{`{{`}} $value {{`}}`}}% of requests for {{`{{`}} $labels.grpc_method {{`}}`}} failed on etcd instance {{`{{`}} $labels.instance {{`}}`}}.'
+        summary: etcd cluster has high number of failed grpc requests.
+      expr: |-
+        100 * sum(rate(grpc_server_handled_total{job=~".*etcd.*", grpc_code=~"Unknown|FailedPrecondition|ResourceExhausted|Internal|Unavailable|DataLoss|DeadlineExceeded"}[5m])) without (grpc_type, grpc_code)
+          /
+        sum(rate(grpc_server_handled_total{job=~".*etcd.*"}[5m])) without (grpc_type, grpc_code)
+          > 5
+      for: {{ dig "etcdHighNumberOfFailedGRPCRequests" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdHighNumberOfFailedGRPCRequests" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdGRPCRequestsSlow | default false) }}
+    - alert: etcdGRPCRequestsSlow
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": 99th percentile of gRPC requests is {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}} for {{`{{`}} $labels.grpc_method {{`}}`}} method.'
+        summary: etcd grpc requests are slow
+      expr: |-
+        histogram_quantile(0.99, sum(rate(grpc_server_handling_seconds_bucket{job=~".*etcd.*", grpc_method!="Defragment", grpc_type="unary"}[5m])) without(grpc_type))
+        > 0.15
+      for: {{ dig "etcdGRPCRequestsSlow" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdGRPCRequestsSlow" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdMemberCommunicationSlow | default false) }}
+    - alert: etcdMemberCommunicationSlow
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": member communication with {{`{{`}} $labels.To {{`}}`}} is taking {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}}.'
+        summary: etcd cluster member communication is slow.
+      expr: |-
+        histogram_quantile(0.99, rate(etcd_network_peer_round_trip_time_seconds_bucket{job=~".*etcd.*"}[5m]))
+        > 0.15
+      for: {{ dig "etcdMemberCommunicationSlow" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdMemberCommunicationSlow" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdHighNumberOfFailedProposals | default false) }}
+    - alert: etcdHighNumberOfFailedProposals
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": {{`{{`}} $value {{`}}`}} proposal failures within the last 30 minutes on etcd instance {{`{{`}} $labels.instance {{`}}`}}.'
+        summary: etcd cluster has high number of proposal failures.
+      expr: rate(etcd_server_proposals_failed_total{job=~".*etcd.*"}[15m]) > 5
+      for: {{ dig "etcdHighNumberOfFailedProposals" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdHighNumberOfFailedProposals" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdHighFsyncDurations | default false) }}
+    - alert: etcdHighFsyncDurations
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": 99th percentile fsync durations are {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}}.'
+        summary: etcd cluster 99th percentile fsync durations are too high.
+      expr: |-
+        histogram_quantile(0.99, rate(etcd_disk_wal_fsync_duration_seconds_bucket{job=~".*etcd.*"}[5m]))
+        > 0.5
+      for: {{ dig "etcdHighFsyncDurations" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdHighFsyncDurations" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdHighFsyncDurations | default false) }}
+    - alert: etcdHighFsyncDurations
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": 99th percentile fsync durations are {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}}.'
+        summary: etcd cluster 99th percentile fsync durations are too high.
+      expr: |-
+        histogram_quantile(0.99, rate(etcd_disk_wal_fsync_duration_seconds_bucket{job=~".*etcd.*"}[5m]))
+        > 1
+      for: {{ dig "etcdHighFsyncDurations" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdHighFsyncDurations" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdHighCommitDurations | default false) }}
+    - alert: etcdHighCommitDurations
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": 99th percentile commit durations {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}}.'
+        summary: etcd cluster 99th percentile commit durations are too high.
+      expr: |-
+        histogram_quantile(0.99, rate(etcd_disk_backend_commit_duration_seconds_bucket{job=~".*etcd.*"}[5m]))
+        > 0.25
+      for: {{ dig "etcdHighCommitDurations" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdHighCommitDurations" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdDatabaseQuotaLowSpace | default false) }}
+    - alert: etcdDatabaseQuotaLowSpace
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": database size exceeds the defined quota on etcd instance {{`{{`}} $labels.instance {{`}}`}}, please defrag or increase the quota as the writes to etcd will be disabled when it is full.'
+        summary: etcd cluster database is running full.
+      expr: (last_over_time(etcd_mvcc_db_total_size_in_bytes{job=~".*etcd.*"}[5m]) / last_over_time(etcd_server_quota_backend_bytes{job=~".*etcd.*"}[5m]))*100 > 95
+      for: {{ dig "etcdDatabaseQuotaLowSpace" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdDatabaseQuotaLowSpace" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdExcessiveDatabaseGrowth | default false) }}
+    - alert: etcdExcessiveDatabaseGrowth
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": Predicting running out of disk space in the next four hours, based on write observations within the past four hours on etcd instance {{`{{`}} $labels.instance {{`}}`}}, please check as it might be disruptive.'
+        summary: etcd cluster database growing very fast.
+      expr: predict_linear(etcd_mvcc_db_total_size_in_bytes{job=~".*etcd.*"}[4h], 4*60*60) > etcd_server_quota_backend_bytes{job=~".*etcd.*"}
+      for: {{ dig "etcdExcessiveDatabaseGrowth" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdExcessiveDatabaseGrowth" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.etcdDatabaseHighFragmentationRatio | default false) }}
+    - alert: etcdDatabaseHighFragmentationRatio
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.etcd }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.etcd | indent 8 }}
+{{- end }}
+        description: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": database size in use on instance {{`{{`}} $labels.instance {{`}}`}} is {{`{{`}} $value | humanizePercentage {{`}}`}} of the actual allocated disk space, please run defragmentation (e.g. etcdctl defrag) to retrieve the unused fragmented disk space.'
+        runbook_url: https://etcd.io/docs/v3.5/op-guide/maintenance/#defragmentation
+        summary: etcd database size in use is less than 50% of the actual allocated storage.
+      expr: (last_over_time(etcd_mvcc_db_total_size_in_use_in_bytes{job=~".*etcd.*"}[5m]) / last_over_time(etcd_mvcc_db_total_size_in_bytes{job=~".*etcd.*"}[5m])) < 0.5 and etcd_mvcc_db_total_size_in_use_in_bytes{job=~".*etcd.*"} > 104857600
+      for: {{ dig "etcdDatabaseHighFragmentationRatio" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "etcdDatabaseHighFragmentationRatio" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.etcd }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/general.rules.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/general.rules.yaml
new file mode 100644
index 0000000000..8aca0b85f5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/general.rules.yaml
@@ -0,0 +1,125 @@
+{{- /*
+Generated from 'general.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubePrometheus-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.general }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "general.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: general.rules
+    rules:
+{{- if not (.Values.defaultRules.disabled.TargetDown | default false) }}
+    - alert: TargetDown
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.general }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.general | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} printf "%.4g" $value {{`}}`}}% of the {{`{{`}} $labels.job {{`}}`}}/{{`{{`}} $labels.service {{`}}`}} targets in {{`{{`}} $labels.namespace {{`}}`}} namespace are down.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/general/targetdown
+        summary: One or more targets are unreachable.
+      expr: 100 * (count(up == 0) BY (cluster, job, namespace, service) / count(up) BY (cluster, job, namespace, service)) > 10
+      for: {{ dig "TargetDown" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "TargetDown" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.general }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.general }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.Watchdog | default false) }}
+    - alert: Watchdog
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.general }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.general | indent 8 }}
+{{- end }}
+        description: 'This is an alert meant to ensure that the entire alerting pipeline is functional.
+
+          This alert is always firing, therefore it should always be firing in Alertmanager
+
+          and always fire against a receiver. There are integrations with various notification
+
+          mechanisms that send a notification when this alert is not firing. For example the
+
+          "DeadMansSnitch" integration in PagerDuty.
+
+          '
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/general/watchdog
+        summary: An alert that should always be firing to certify that Alertmanager is working properly.
+      expr: vector(1)
+      labels:
+        severity: {{ dig "Watchdog" "severity" "none" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.general }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.general }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.InfoInhibitor | default false) }}
+    - alert: InfoInhibitor
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.general }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.general | indent 8 }}
+{{- end }}
+        description: 'This is an alert that is used to inhibit info alerts.
+
+          By themselves, the info-level alerts are sometimes very noisy, but they are relevant when combined with
+
+          other alerts.
+
+          This alert fires whenever there''s a severity="info" alert, and stops firing when another alert with a
+
+          severity of ''warning'' or ''critical'' starts firing on the same namespace.
+
+          This alert should be routed to a null receiver and configured to inhibit alerts with severity="info".
+
+          '
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/general/infoinhibitor
+        summary: Info-level alert inhibition.
+      expr: ALERTS{severity = "info"} == 1 unless on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace) ALERTS{alertname != "InfoInhibitor", severity =~ "warning|critical", alertstate="firing"} == 1
+      labels:
+        severity: {{ dig "InfoInhibitor" "severity" "none" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.general }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.general }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_cpu_usage_seconds_total.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_cpu_usage_seconds_total.yaml
new file mode 100644
index 0000000000..9de5f5bc9c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_cpu_usage_seconds_total.yaml
@@ -0,0 +1,43 @@
+{{- /*
+Generated from 'k8s.rules.container-cpu-usage-seconds-total' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8sContainerCpuUsageSecondsTotal }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "k8s.rules.container-cpu-usage-seconds-total" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: k8s.rules.container_cpu_usage_seconds_total
+    rules:
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, container) (
+          irate(container_cpu_usage_seconds_total{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}[5m])
+        ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) group_left(node) topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) (
+          1, max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerCpuUsageSecondsTotal }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerCpuUsageSecondsTotal }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_cache.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_cache.yaml
new file mode 100644
index 0000000000..323f41f9cb
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_cache.yaml
@@ -0,0 +1,42 @@
+{{- /*
+Generated from 'k8s.rules.container-memory-cache' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8sContainerMemoryCache }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "k8s.rules.container-memory-cache" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: k8s.rules.container_memory_cache
+    rules:
+    - expr: |-
+        container_memory_cache{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}
+        * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) group_left(node) topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) (1,
+          max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_memory_cache
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerMemoryCache }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerMemoryCache }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_rss.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_rss.yaml
new file mode 100644
index 0000000000..312d73c889
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_rss.yaml
@@ -0,0 +1,42 @@
+{{- /*
+Generated from 'k8s.rules.container-memory-rss' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8sContainerMemoryRss }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "k8s.rules.container-memory-rss" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: k8s.rules.container_memory_rss
+    rules:
+    - expr: |-
+        container_memory_rss{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}
+        * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) group_left(node) topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) (1,
+          max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_memory_rss
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerMemoryRss }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerMemoryRss }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_swap.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_swap.yaml
new file mode 100644
index 0000000000..136595e801
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_swap.yaml
@@ -0,0 +1,42 @@
+{{- /*
+Generated from 'k8s.rules.container-memory-swap' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8sContainerMemorySwap }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "k8s.rules.container-memory-swap" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: k8s.rules.container_memory_swap
+    rules:
+    - expr: |-
+        container_memory_swap{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}
+        * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) group_left(node) topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) (1,
+          max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_memory_swap
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerMemorySwap }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerMemorySwap }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_working_set_bytes.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_working_set_bytes.yaml
new file mode 100644
index 0000000000..d308b7473a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_memory_working_set_bytes.yaml
@@ -0,0 +1,42 @@
+{{- /*
+Generated from 'k8s.rules.container-memory-working-set-bytes' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8sContainerMemoryWorkingSetBytes }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "k8s.rules.container-memory-working-set-bytes" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: k8s.rules.container_memory_working_set_bytes
+    rules:
+    - expr: |-
+        container_memory_working_set_bytes{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}
+        * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) group_left(node) topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) (1,
+          max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_memory_working_set_bytes
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerMemoryWorkingSetBytes }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerMemoryWorkingSetBytes }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_resource.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_resource.yaml
new file mode 100644
index 0000000000..2d896e59e4
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.container_resource.yaml
@@ -0,0 +1,168 @@
+{{- /*
+Generated from 'k8s.rules.container-resource' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8sContainerResource }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "k8s.rules.container-resource" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: k8s.rules.container_resource
+    rules:
+    - expr: |-
+        kube_pod_container_resource_requests{resource="memory",job="{{ $kubeStateMetricsJob }}"}  * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster)
+        group_left() max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+          (kube_pod_status_phase{phase=~"Pending|Running"} == 1)
+        )
+      record: cluster:namespace:pod_memory:active:kube_pod_container_resource_requests
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, cluster) (
+            sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+                max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, container, cluster) (
+                  kube_pod_container_resource_requests{resource="memory",job="{{ $kubeStateMetricsJob }}"}
+                ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) group_left() max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+                  kube_pod_status_phase{phase=~"Pending|Running"} == 1
+                )
+            )
+        )
+      record: namespace_memory:kube_pod_container_resource_requests:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        kube_pod_container_resource_requests{resource="cpu",job="{{ $kubeStateMetricsJob }}"}  * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster)
+        group_left() max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+          (kube_pod_status_phase{phase=~"Pending|Running"} == 1)
+        )
+      record: cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, cluster) (
+            sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+                max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, container, cluster) (
+                  kube_pod_container_resource_requests{resource="cpu",job="{{ $kubeStateMetricsJob }}"}
+                ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) group_left() max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+                  kube_pod_status_phase{phase=~"Pending|Running"} == 1
+                )
+            )
+        )
+      record: namespace_cpu:kube_pod_container_resource_requests:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        kube_pod_container_resource_limits{resource="memory",job="{{ $kubeStateMetricsJob }}"}  * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster)
+        group_left() max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+          (kube_pod_status_phase{phase=~"Pending|Running"} == 1)
+        )
+      record: cluster:namespace:pod_memory:active:kube_pod_container_resource_limits
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, cluster) (
+            sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+                max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, container, cluster) (
+                  kube_pod_container_resource_limits{resource="memory",job="{{ $kubeStateMetricsJob }}"}
+                ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) group_left() max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+                  kube_pod_status_phase{phase=~"Pending|Running"} == 1
+                )
+            )
+        )
+      record: namespace_memory:kube_pod_container_resource_limits:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        kube_pod_container_resource_limits{resource="cpu",job="{{ $kubeStateMetricsJob }}"}  * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster)
+        group_left() max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+         (kube_pod_status_phase{phase=~"Pending|Running"} == 1)
+         )
+      record: cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, cluster) (
+            sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+                max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, container, cluster) (
+                  kube_pod_container_resource_limits{resource="cpu",job="{{ $kubeStateMetricsJob }}"}
+                ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) group_left() max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+                  kube_pod_status_phase{phase=~"Pending|Running"} == 1
+                )
+            )
+        )
+      record: namespace_cpu:kube_pod_container_resource_limits:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sContainerResource }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.pod_owner.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.pod_owner.yaml
new file mode 100644
index 0000000000..4915b25e73
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.pod_owner.yaml
@@ -0,0 +1,107 @@
+{{- /*
+Generated from 'k8s.rules.pod-owner' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8sPodOwner }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "k8s.rules.pod-owner" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: k8s.rules.pod_owner
+    rules:
+    - expr: |-
+        max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, workload, pod) (
+          label_replace(
+            label_replace(
+              kube_pod_owner{job="{{ $kubeStateMetricsJob }}", owner_kind="ReplicaSet"},
+              "replicaset", "$1", "owner_name", "(.*)"
+            ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}replicaset, namespace) group_left(owner_name) topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}replicaset, namespace) (
+              1, max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}replicaset, namespace, owner_name) (
+                kube_replicaset_owner{job="{{ $kubeStateMetricsJob }}"}
+              )
+            ),
+            "workload", "$1", "owner_name", "(.*)"
+          )
+        )
+      labels:
+        workload_type: deployment
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sPodOwner }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sPodOwner }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: namespace_workload_pod:kube_pod_owner:relabel
+    - expr: |-
+        max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, workload, pod) (
+          label_replace(
+            kube_pod_owner{job="{{ $kubeStateMetricsJob }}", owner_kind="DaemonSet"},
+            "workload", "$1", "owner_name", "(.*)"
+          )
+        )
+      labels:
+        workload_type: daemonset
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sPodOwner }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sPodOwner }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: namespace_workload_pod:kube_pod_owner:relabel
+    - expr: |-
+        max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, workload, pod) (
+          label_replace(
+            kube_pod_owner{job="{{ $kubeStateMetricsJob }}", owner_kind="StatefulSet"},
+            "workload", "$1", "owner_name", "(.*)"
+          )
+        )
+      labels:
+        workload_type: statefulset
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sPodOwner }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sPodOwner }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: namespace_workload_pod:kube_pod_owner:relabel
+    - expr: |-
+        max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, workload, pod) (
+          label_replace(
+            kube_pod_owner{job="{{ $kubeStateMetricsJob }}", owner_kind="Job"},
+            "workload", "$1", "owner_name", "(.*)"
+          )
+        )
+      labels:
+        workload_type: job
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.k8sPodOwner }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.k8sPodOwner }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: namespace_workload_pod:kube_pod_owner:relabel
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.yaml
new file mode 100644
index 0000000000..c61bd222ab
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/k8s.rules.yaml
@@ -0,0 +1,237 @@
+{{- /*
+Generated from 'k8s.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/main/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8s }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "k8s.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: k8s.rules
+    rules:
+    - expr: |-
+        sum by (cluster, namespace, pod, container) (
+          irate(container_cpu_usage_seconds_total{job="{{ include "exporter.kubelet.jobName" . }}", metrics_path="/metrics/cadvisor", image!=""}[5m])
+        ) * on (cluster, namespace, pod) group_left(node) topk by (cluster, namespace, pod) (
+          1, max by(cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        container_memory_working_set_bytes{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}
+        * on (cluster, namespace, pod) group_left(node) topk by(cluster, namespace, pod) (1,
+          max by(cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_memory_working_set_bytes
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        container_memory_rss{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}
+        * on (cluster, namespace, pod) group_left(node) topk by(cluster, namespace, pod) (1,
+          max by(cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_memory_rss
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        container_memory_cache{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}
+        * on (cluster, namespace, pod) group_left(node) topk by(cluster, namespace, pod) (1,
+          max by(cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_memory_cache
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        container_memory_swap{job="kubelet", metrics_path="/metrics/cadvisor", image!=""}
+        * on (cluster, namespace, pod) group_left(node) topk by(cluster, namespace, pod) (1,
+          max by(cluster, namespace, pod, node) (kube_pod_info{node!=""})
+        )
+      record: node_namespace_pod_container:container_memory_swap
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        kube_pod_container_resource_requests{resource="memory",job="kube-state-metrics"}  * on (namespace, pod, cluster)
+        group_left() max by (namespace, pod, cluster) (
+          (kube_pod_status_phase{phase=~"Pending|Running"} == 1)
+        )
+      record: cluster:namespace:pod_memory:active:kube_pod_container_resource_requests
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        sum by (namespace, cluster) (
+            sum by (namespace, pod, cluster) (
+                max by (namespace, pod, container, cluster) (
+                  kube_pod_container_resource_requests{resource="memory",job="kube-state-metrics"}
+                ) * on(namespace, pod, cluster) group_left() max by (namespace, pod, cluster) (
+                  kube_pod_status_phase{phase=~"Pending|Running"} == 1
+                )
+            )
+        )
+      record: namespace_memory:kube_pod_container_resource_requests:sum
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        kube_pod_container_resource_requests{resource="cpu",job="kube-state-metrics"}  * on (namespace, pod, cluster)
+        group_left() max by (namespace, pod, cluster) (
+          (kube_pod_status_phase{phase=~"Pending|Running"} == 1)
+        )
+      record: cluster:namespace:pod_cpu:active:kube_pod_container_resource_requests
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        sum by (namespace, cluster) (
+            sum by (namespace, pod, cluster) (
+                max by (namespace, pod, container, cluster) (
+                  kube_pod_container_resource_requests{resource="cpu",job="kube-state-metrics"}
+                ) * on(namespace, pod, cluster) group_left() max by (namespace, pod, cluster) (
+                  kube_pod_status_phase{phase=~"Pending|Running"} == 1
+                )
+            )
+        )
+      record: namespace_cpu:kube_pod_container_resource_requests:sum
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        kube_pod_container_resource_limits{resource="memory",job="kube-state-metrics"}  * on (namespace, pod, cluster)
+        group_left() max by (namespace, pod, cluster) (
+          (kube_pod_status_phase{phase=~"Pending|Running"} == 1)
+        )
+      record: cluster:namespace:pod_memory:active:kube_pod_container_resource_limits
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        sum by (namespace, cluster) (
+            sum by (namespace, pod, cluster) (
+                max by (namespace, pod, container, cluster) (
+                  kube_pod_container_resource_limits{resource="memory",job="kube-state-metrics"}
+                ) * on(namespace, pod, cluster) group_left() max by (namespace, pod, cluster) (
+                  kube_pod_status_phase{phase=~"Pending|Running"} == 1
+                )
+            )
+        )
+      record: namespace_memory:kube_pod_container_resource_limits:sum
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        kube_pod_container_resource_limits{resource="cpu",job="kube-state-metrics"}  * on (namespace, pod, cluster)
+        group_left() max by (namespace, pod, cluster) (
+         (kube_pod_status_phase{phase=~"Pending|Running"} == 1)
+         )
+      record: cluster:namespace:pod_cpu:active:kube_pod_container_resource_limits
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        sum by (namespace, cluster) (
+            sum by (namespace, pod, cluster) (
+                max by (namespace, pod, container, cluster) (
+                  kube_pod_container_resource_limits{resource="cpu",job="kube-state-metrics"}
+                ) * on(namespace, pod, cluster) group_left() max by (namespace, pod, cluster) (
+                  kube_pod_status_phase{phase=~"Pending|Running"} == 1
+                )
+            )
+        )
+      record: namespace_cpu:kube_pod_container_resource_limits:sum
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+      labels:
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+    - expr: |-
+        max by (cluster, namespace, workload, pod) (
+          label_replace(
+            label_replace(
+              kube_pod_owner{job="kube-state-metrics", owner_kind="ReplicaSet"},
+              "replicaset", "$1", "owner_name", "(.*)"
+            ) * on(replicaset, namespace) group_left(owner_name) topk by(replicaset, namespace) (
+              1, max by (replicaset, namespace, owner_name) (
+                kube_replicaset_owner{job="kube-state-metrics"}
+              )
+            ),
+            "workload", "$1", "owner_name", "(.*)"
+          )
+        )
+      labels:
+        workload_type: deployment
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+      record: namespace_workload_pod:kube_pod_owner:relabel
+    - expr: |-
+        max by (cluster, namespace, workload, pod) (
+          label_replace(
+            kube_pod_owner{job="kube-state-metrics", owner_kind="DaemonSet"},
+            "workload", "$1", "owner_name", "(.*)"
+          )
+        )
+      labels:
+        workload_type: daemonset
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+      record: namespace_workload_pod:kube_pod_owner:relabel
+    - expr: |-
+        max by (cluster, namespace, workload, pod) (
+          label_replace(
+            kube_pod_owner{job="kube-state-metrics", owner_kind="StatefulSet"},
+            "workload", "$1", "owner_name", "(.*)"
+          )
+        )
+      labels:
+        workload_type: statefulset
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+      record: namespace_workload_pod:kube_pod_owner:relabel
+    - expr: |-
+        max by (cluster, namespace, workload, pod) (
+          label_replace(
+            kube_pod_owner{job="kube-state-metrics", owner_kind="Job"},
+            "workload", "$1", "owner_name", "(.*)"
+          )
+        )
+      labels:
+        workload_type: job
+      {{- if .Values.defaultRules.additionalRuleLabels }}
+        {{ toYaml .Values.defaultRules.additionalRuleLabels | nindent 8 }}
+      {{- end }}
+      record: namespace_workload_pod:kube_pod_owner:relabel
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-availability.rules.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-availability.rules.yaml
new file mode 100644
index 0000000000..6194e9c614
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-availability.rules.yaml
@@ -0,0 +1,273 @@
+{{- /*
+Generated from 'kube-apiserver-availability.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.kubeApiServer.enabled .Values.defaultRules.rules.kubeApiserverAvailability }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kube-apiserver-availability.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - interval: 3m
+    name: kube-apiserver-availability.rules
+    rules:
+    - expr: avg_over_time(code_verb:apiserver_request_total:increase1h[30d]) * 24 * 30
+      record: code_verb:apiserver_request_total:increase30d
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, code) (code_verb:apiserver_request_total:increase30d{verb=~"LIST|GET"})
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: code:apiserver_request_total:increase30d
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, code) (code_verb:apiserver_request_total:increase30d{verb=~"POST|PUT|PATCH|DELETE"})
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: code:apiserver_request_total:increase30d
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, verb, scope) (increase(apiserver_request_sli_duration_seconds_count{job="apiserver"}[1h]))
+      record: cluster_verb_scope:apiserver_request_sli_duration_seconds_count:increase1h
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, verb, scope) (avg_over_time(cluster_verb_scope:apiserver_request_sli_duration_seconds_count:increase1h[30d]) * 24 * 30)
+      record: cluster_verb_scope:apiserver_request_sli_duration_seconds_count:increase30d
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, verb, scope, le) (increase(apiserver_request_sli_duration_seconds_bucket[1h]))
+      record: cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase1h
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, verb, scope, le) (avg_over_time(cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase1h[30d]) * 24 * 30)
+      record: cluster_verb_scope_le:apiserver_request_sli_duration_seconds_bucket:increase30d
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        1 - (
+          (
+            # write too slow
+            sum by (cluster) (cluster_verb_scope:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count:increase30d{verb=~"POST|PUT|PATCH|DELETE"})
+            -
+            sum by (cluster) (cluster_verb_scope_le:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket:increase30d{verb=~"POST|PUT|PATCH|DELETE",le="1"})
+          ) +
+          (
+            # read too slow
+            sum by (cluster) (cluster_verb_scope:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count:increase30d{verb=~"LIST|GET"})
+            -
+            (
+              (
+                sum by (cluster) (cluster_verb_scope_le:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope=~"resource|",le="1"})
+                or
+                vector(0)
+              )
+              +
+              sum by (cluster) (cluster_verb_scope_le:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope="namespace",le="5"})
+              +
+              sum by (cluster) (cluster_verb_scope_le:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope="cluster",le="30"})
+            )
+          ) +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (code:apiserver_request_total:increase30d{code=~"5.."} or vector(0))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (code:apiserver_request_total:increase30d)
+      labels:
+        verb: all
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:availability30d
+    - expr: |-
+        1 - (
+          sum by (cluster) (cluster_verb_scope:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count:increase30d{verb=~"LIST|GET"})
+          -
+          (
+            # too slow
+            (
+              sum by (cluster) (cluster_verb_scope_le:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope=~"resource|",le="1"})
+              or
+              vector(0)
+            )
+            +
+            sum by (cluster) (cluster_verb_scope_le:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope="namespace",le="5"})
+            +
+            sum by (cluster) (cluster_verb_scope_le:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket:increase30d{verb=~"LIST|GET",scope="cluster",le="30"})
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (code:apiserver_request_total:increase30d{verb="read",code=~"5.."} or vector(0))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (code:apiserver_request_total:increase30d{verb="read"})
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:availability30d
+    - expr: |-
+        1 - (
+          (
+            # too slow
+            sum by (cluster) (cluster_verb_scope:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count:increase30d{verb=~"POST|PUT|PATCH|DELETE"})
+            -
+            sum by (cluster) (cluster_verb_scope_le:apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket:increase30d{verb=~"POST|PUT|PATCH|DELETE",le="1"})
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (code:apiserver_request_total:increase30d{verb="write",code=~"5.."} or vector(0))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (code:apiserver_request_total:increase30d{verb="write"})
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:availability30d
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,code,resource) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[5m]))
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: code_resource:apiserver_request_total:rate5m
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,code,resource) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[5m]))
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: code_resource:apiserver_request_total:rate5m
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, code, verb) (increase(apiserver_request_total{job="apiserver",verb=~"LIST|GET|POST|PUT|PATCH|DELETE",code=~"2.."}[1h]))
+      record: code_verb:apiserver_request_total:increase1h
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, code, verb) (increase(apiserver_request_total{job="apiserver",verb=~"LIST|GET|POST|PUT|PATCH|DELETE",code=~"3.."}[1h]))
+      record: code_verb:apiserver_request_total:increase1h
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, code, verb) (increase(apiserver_request_total{job="apiserver",verb=~"LIST|GET|POST|PUT|PATCH|DELETE",code=~"4.."}[1h]))
+      record: code_verb:apiserver_request_total:increase1h
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, code, verb) (increase(apiserver_request_total{job="apiserver",verb=~"LIST|GET|POST|PUT|PATCH|DELETE",code=~"5.."}[1h]))
+      record: code_verb:apiserver_request_total:increase1h
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverAvailability }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-burnrate.rules.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-burnrate.rules.yaml
new file mode 100644
index 0000000000..e6666a6f41
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-burnrate.rules.yaml
@@ -0,0 +1,440 @@
+{{- /*
+Generated from 'kube-apiserver-burnrate.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.kubeApiServer.enabled .Values.defaultRules.rules.kubeApiserverBurnrate }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kube-apiserver-burnrate.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kube-apiserver-burnrate.rules
+    rules:
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[1d]))
+            -
+            (
+              (
+                sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le="1"}[1d]))
+                or
+                vector(0)
+              )
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le="5"}[1d]))
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le="30"}[1d]))
+            )
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[1d]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[1d]))
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate1d
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[1h]))
+            -
+            (
+              (
+                sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le="1"}[1h]))
+                or
+                vector(0)
+              )
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le="5"}[1h]))
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le="30"}[1h]))
+            )
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[1h]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[1h]))
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate1h
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[2h]))
+            -
+            (
+              (
+                sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le="1"}[2h]))
+                or
+                vector(0)
+              )
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le="5"}[2h]))
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le="30"}[2h]))
+            )
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[2h]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[2h]))
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate2h
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[30m]))
+            -
+            (
+              (
+                sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le="1"}[30m]))
+                or
+                vector(0)
+              )
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le="5"}[30m]))
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le="30"}[30m]))
+            )
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[30m]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[30m]))
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate30m
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[3d]))
+            -
+            (
+              (
+                sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le="1"}[3d]))
+                or
+                vector(0)
+              )
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le="5"}[3d]))
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le="30"}[3d]))
+            )
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[3d]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[3d]))
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate3d
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[5m]))
+            -
+            (
+              (
+                sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le="1"}[5m]))
+                or
+                vector(0)
+              )
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le="5"}[5m]))
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le="30"}[5m]))
+            )
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[5m]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[5m]))
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate5m
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[6h]))
+            -
+            (
+              (
+                sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope=~"resource|",le="1"}[6h]))
+                or
+                vector(0)
+              )
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="namespace",le="5"}[6h]))
+              +
+              sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward",scope="cluster",le="30"}[6h]))
+            )
+          )
+          +
+          # errors
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET",code=~"5.."}[6h]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"LIST|GET"}[6h]))
+      labels:
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate6h
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[1d]))
+            -
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le="1"}[1d]))
+          )
+          +
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[1d]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[1d]))
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate1d
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[1h]))
+            -
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le="1"}[1h]))
+          )
+          +
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[1h]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[1h]))
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate1h
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[2h]))
+            -
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le="1"}[2h]))
+          )
+          +
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[2h]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[2h]))
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate2h
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[30m]))
+            -
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le="1"}[30m]))
+          )
+          +
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[30m]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[30m]))
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate30m
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[3d]))
+            -
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le="1"}[3d]))
+          )
+          +
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[3d]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[3d]))
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate3d
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[5m]))
+            -
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le="1"}[5m]))
+          )
+          +
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[5m]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[5m]))
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate5m
+    - expr: |-
+        (
+          (
+            # too slow
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_count{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[6h]))
+            -
+            sum by (cluster) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward",le="1"}[6h]))
+          )
+          +
+          sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",code=~"5.."}[6h]))
+        )
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(apiserver_request_total{job="apiserver",verb=~"POST|PUT|PATCH|DELETE"}[6h]))
+      labels:
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverBurnrate }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: apiserver_request:burnrate6h
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-histogram.rules.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-histogram.rules.yaml
new file mode 100644
index 0000000000..d145341952
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-histogram.rules.yaml
@@ -0,0 +1,53 @@
+{{- /*
+Generated from 'kube-apiserver-histogram.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.kubeApiServer.enabled .Values.defaultRules.rules.kubeApiserverHistogram }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kube-apiserver-histogram.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kube-apiserver-histogram.rules
+    rules:
+    - expr: histogram_quantile(0.99, sum by (cluster, le, resource) (rate(apiserver_request{{ if (semverCompare ">=1.23.0-0" $kubeTargetVersion) }}_slo{{ end }}_duration_seconds_bucket{job="apiserver",verb=~"LIST|GET",subresource!~"proxy|attach|log|exec|portforward"}[5m]))) > 0
+      labels:
+        quantile: '0.99'
+        verb: read
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverHistogram }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverHistogram }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:apiserver_request_sli_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.99, sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, le, resource) (rate(apiserver_request_sli_duration_seconds_bucket{job="apiserver",verb=~"POST|PUT|PATCH|DELETE",subresource!~"proxy|attach|log|exec|portforward"}[5m]))) > 0
+      labels:
+        quantile: '0.99'
+        verb: write
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverHistogram }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverHistogram }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:apiserver_request_sli_duration_seconds:histogram_quantile
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml
new file mode 100644
index 0000000000..30ef9a4293
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml
@@ -0,0 +1,159 @@
+{{- /*
+Generated from 'kube-apiserver-slos' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.kubeApiServer.enabled .Values.defaultRules.rules.kubeApiserverSlos }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kube-apiserver-slos" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kube-apiserver-slos
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubeAPIErrorBudgetBurn | default false) }}
+    - alert: KubeAPIErrorBudgetBurn
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeApiserverSlos }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeApiserverSlos | indent 8 }}
+{{- end }}
+        description: The API server is burning too much error budget.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeapierrorbudgetburn
+        summary: The API server is burning too much error budget.
+      expr: |-
+        sum(apiserver_request:burnrate1h) > (14.40 * 0.01000)
+        and
+        sum(apiserver_request:burnrate5m) > (14.40 * 0.01000)
+      for: {{ dig "KubeAPIErrorBudgetBurn" "for" "2m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        long: 1h
+        severity: {{ dig "KubeAPIErrorBudgetBurn" "severity" "critical" .Values.customRules }}
+        short: 5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverSlos }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverSlos }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeAPIErrorBudgetBurn | default false) }}
+    - alert: KubeAPIErrorBudgetBurn
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeApiserverSlos }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeApiserverSlos | indent 8 }}
+{{- end }}
+        description: The API server is burning too much error budget.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeapierrorbudgetburn
+        summary: The API server is burning too much error budget.
+      expr: |-
+        sum(apiserver_request:burnrate6h) > (6.00 * 0.01000)
+        and
+        sum(apiserver_request:burnrate30m) > (6.00 * 0.01000)
+      for: {{ dig "KubeAPIErrorBudgetBurn" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        long: 6h
+        severity: {{ dig "KubeAPIErrorBudgetBurn" "severity" "critical" .Values.customRules }}
+        short: 30m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverSlos }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverSlos }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeAPIErrorBudgetBurn | default false) }}
+    - alert: KubeAPIErrorBudgetBurn
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeApiserverSlos }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeApiserverSlos | indent 8 }}
+{{- end }}
+        description: The API server is burning too much error budget.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeapierrorbudgetburn
+        summary: The API server is burning too much error budget.
+      expr: |-
+        sum(apiserver_request:burnrate1d) > (3.00 * 0.01000)
+        and
+        sum(apiserver_request:burnrate2h) > (3.00 * 0.01000)
+      for: {{ dig "KubeAPIErrorBudgetBurn" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        long: 1d
+        severity: {{ dig "KubeAPIErrorBudgetBurn" "severity" "warning" .Values.customRules }}
+        short: 2h
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverSlos }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverSlos }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeAPIErrorBudgetBurn | default false) }}
+    - alert: KubeAPIErrorBudgetBurn
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeApiserverSlos }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeApiserverSlos | indent 8 }}
+{{- end }}
+        description: The API server is burning too much error budget.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeapierrorbudgetburn
+        summary: The API server is burning too much error budget.
+      expr: |-
+        sum(apiserver_request:burnrate3d) > (1.00 * 0.01000)
+        and
+        sum(apiserver_request:burnrate6h) > (1.00 * 0.01000)
+      for: {{ dig "KubeAPIErrorBudgetBurn" "for" "3h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        long: 3d
+        severity: {{ dig "KubeAPIErrorBudgetBurn" "severity" "warning" .Values.customRules }}
+        short: 6h
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverSlos }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeApiserverSlos }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml
new file mode 100644
index 0000000000..fcf35f389b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml
@@ -0,0 +1,49 @@
+{{- /*
+Generated from 'kube-prometheus-general.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubePrometheus-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubePrometheusGeneral }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kube-prometheus-general.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kube-prometheus-general.rules
+    rules:
+    - expr: count without(instance, pod, node) (up == 1)
+      record: count:up1
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusGeneral }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusGeneral }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: count without(instance, pod, node) (up == 0)
+      record: count:up0
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusGeneral }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusGeneral }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml
new file mode 100644
index 0000000000..7a0d202324
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml
@@ -0,0 +1,93 @@
+{{- /*
+Generated from 'kube-prometheus-node-recording.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubePrometheus-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubePrometheusNodeRecording }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kube-prometheus-node-recording.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kube-prometheus-node-recording.rules
+    rules:
+    - expr: sum(rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal"}[3m])) BY (instance)
+      record: instance:node_cpu:rate:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum(rate(node_network_receive_bytes_total[3m])) BY (instance)
+      record: instance:node_network_receive_bytes:rate:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum(rate(node_network_transmit_bytes_total[3m])) BY (instance)
+      record: instance:node_network_transmit_bytes:rate:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum(rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal"}[5m])) WITHOUT (cpu, mode) / ON(instance) GROUP_LEFT() count(sum(node_cpu_seconds_total) BY (instance, cpu)) BY (instance)
+      record: instance:node_cpu:ratio
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum(rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal"}[5m]))
+      record: cluster:node_cpu:sum_rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: cluster:node_cpu:sum_rate5m / count(sum(node_cpu_seconds_total) BY (instance, cpu))
+      record: cluster:node_cpu:ratio
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubePrometheusNodeRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml
new file mode 100644
index 0000000000..c9d61ce37b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml
@@ -0,0 +1,135 @@
+{{- /*
+Generated from 'kube-scheduler.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.kubeScheduler.enabled .Values.defaultRules.rules.kubeSchedulerRecording }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kube-scheduler.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kube-scheduler.rules
+    rules:
+    - expr: histogram_quantile(0.99, sum(rate(scheduler_e2e_scheduling_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.99'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_e2e_scheduling_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.99, sum(rate(scheduler_scheduling_algorithm_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.99'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_scheduling_algorithm_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.99, sum(rate(scheduler_binding_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.99'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_binding_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.9, sum(rate(scheduler_e2e_scheduling_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.9'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_e2e_scheduling_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.9, sum(rate(scheduler_scheduling_algorithm_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.9'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_scheduling_algorithm_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.9, sum(rate(scheduler_binding_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.9'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_binding_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.5, sum(rate(scheduler_e2e_scheduling_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.5'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_e2e_scheduling_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.5, sum(rate(scheduler_scheduling_algorithm_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.5'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_scheduling_algorithm_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.5, sum(rate(scheduler_binding_duration_seconds_bucket{job="{{ include "exporter.kubeScheduler.jobName" . }}"}[5m])) without(instance, pod))
+      labels:
+        quantile: '0.5'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: cluster_quantile:scheduler_binding_duration_seconds:histogram_quantile
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-state-metrics.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-state-metrics.yaml
new file mode 100644
index 0000000000..d1ad3cae5e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kube-state-metrics.yaml
@@ -0,0 +1,152 @@
+{{- /*
+Generated from 'kube-state-metrics' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubeStateMetrics-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubeStateMetrics }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kube-state-metrics" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kube-state-metrics
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubeStateMetricsListErrors | default false) }}
+    - alert: KubeStateMetricsListErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeStateMetrics }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeStateMetrics | indent 8 }}
+{{- end }}
+        description: kube-state-metrics is experiencing errors at an elevated rate in list operations. This is likely causing it to not be able to expose metrics about Kubernetes objects correctly or at all.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kube-state-metrics/kubestatemetricslisterrors
+        summary: kube-state-metrics is experiencing errors in list operations.
+      expr: |-
+        (sum(rate(kube_state_metrics_list_total{job="{{ $kubeStateMetricsJob }}",result="error"}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)
+          /
+        sum(rate(kube_state_metrics_list_total{job="{{ $kubeStateMetricsJob }}"}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster))
+        > 0.01
+      for: {{ dig "KubeStateMetricsListErrors" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeStateMetricsListErrors" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeStateMetrics }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeStateMetrics }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeStateMetricsWatchErrors | default false) }}
+    - alert: KubeStateMetricsWatchErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeStateMetrics }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeStateMetrics | indent 8 }}
+{{- end }}
+        description: kube-state-metrics is experiencing errors at an elevated rate in watch operations. This is likely causing it to not be able to expose metrics about Kubernetes objects correctly or at all.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kube-state-metrics/kubestatemetricswatcherrors
+        summary: kube-state-metrics is experiencing errors in watch operations.
+      expr: |-
+        (sum(rate(kube_state_metrics_watch_total{job="{{ $kubeStateMetricsJob }}",result="error"}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)
+          /
+        sum(rate(kube_state_metrics_watch_total{job="{{ $kubeStateMetricsJob }}"}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster))
+        > 0.01
+      for: {{ dig "KubeStateMetricsWatchErrors" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeStateMetricsWatchErrors" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeStateMetrics }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeStateMetrics }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeStateMetricsShardingMismatch | default false) }}
+    - alert: KubeStateMetricsShardingMismatch
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeStateMetrics }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeStateMetrics | indent 8 }}
+{{- end }}
+        description: kube-state-metrics pods are running with different --total-shards configuration, some Kubernetes objects may be exposed multiple times or not exposed at all.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kube-state-metrics/kubestatemetricsshardingmismatch
+        summary: kube-state-metrics sharding is misconfigured.
+      expr: stdvar (kube_state_metrics_total_shards{job="{{ $kubeStateMetricsJob }}"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) != 0
+      for: {{ dig "KubeStateMetricsShardingMismatch" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeStateMetricsShardingMismatch" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeStateMetrics }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeStateMetrics }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeStateMetricsShardsMissing | default false) }}
+    - alert: KubeStateMetricsShardsMissing
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeStateMetrics }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeStateMetrics | indent 8 }}
+{{- end }}
+        description: kube-state-metrics shards are missing, some Kubernetes objects are not being exposed.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kube-state-metrics/kubestatemetricsshardsmissing
+        summary: kube-state-metrics shards are missing.
+      expr: |-
+        2^max(kube_state_metrics_total_shards{job="{{ $kubeStateMetricsJob }}"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) - 1
+          -
+        sum( 2 ^ max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, shard_ordinal) (kube_state_metrics_shard_ordinal{job="{{ $kubeStateMetricsJob }}"}) ) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)
+        != 0
+      for: {{ dig "KubeStateMetricsShardsMissing" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeStateMetricsShardsMissing" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeStateMetrics }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeStateMetrics }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubelet.rules.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubelet.rules.yaml
new file mode 100644
index 0000000000..39fdddf3fe
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubelet.rules.yaml
@@ -0,0 +1,65 @@
+{{- /*
+Generated from 'kubelet.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubelet }}
+{{- if (include "exporter.kubelet.enabled" .)}}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubelet.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubelet.rules
+    rules:
+    - expr: histogram_quantile(0.99, sum(rate(kubelet_pleg_relist_duration_seconds_bucket{job="kubelet", metrics_path="/metrics"}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance, le) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) group_left(node) kubelet_node_name{job="kubelet", metrics_path="/metrics"})
+      labels:
+        quantile: '0.99'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubelet }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubelet }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: node_quantile:kubelet_pleg_relist_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.9, sum(rate(kubelet_pleg_relist_duration_seconds_bucket{job="kubelet", metrics_path="/metrics"}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance, le) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) group_left(node) kubelet_node_name{job="kubelet", metrics_path="/metrics"})
+      labels:
+        quantile: '0.9'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubelet }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubelet }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: node_quantile:kubelet_pleg_relist_duration_seconds:histogram_quantile
+    - expr: histogram_quantile(0.5, sum(rate(kubelet_pleg_relist_duration_seconds_bucket{job="kubelet", metrics_path="/metrics"}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance, le) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) group_left(node) kubelet_node_name{job="kubelet", metrics_path="/metrics"})
+      labels:
+        quantile: '0.5'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubelet }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubelet }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+      record: node_quantile:kubelet_pleg_relist_duration_seconds:histogram_quantile
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-apps.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-apps.yaml
new file mode 100644
index 0000000000..2a861a522c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-apps.yaml
@@ -0,0 +1,568 @@
+{{- /*
+Generated from 'kubernetes-apps' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubernetesApps }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+{{- $targetNamespace := .Values.defaultRules.appNamespacesTarget }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-apps" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-apps
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubePodCrashLooping | default false) }}
+    - alert: KubePodCrashLooping
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: 'Pod {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}} ({{`{{`}} $labels.container {{`}}`}}) is in waiting state (reason: "CrashLoopBackOff").'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubepodcrashlooping
+        summary: Pod is crash looping.
+      expr: max_over_time(kube_pod_container_status_waiting_reason{reason="CrashLoopBackOff", job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}[5m]) >= 1
+      for: {{ dig "KubePodCrashLooping" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubePodCrashLooping" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubePodNotReady | default false) }}
+    - alert: KubePodNotReady
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: Pod {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}} has been in a non-ready state for longer than 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubepodnotready
+        summary: Pod has been in a non-ready state for more than 15 minutes.
+      expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+          max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+            kube_pod_status_phase{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}", phase=~"Pending|Unknown|Failed"}
+          ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) group_left(owner_kind) topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, cluster) (
+            1, max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, owner_kind, cluster) (kube_pod_owner{owner_kind!="Job"})
+          )
+        ) > 0
+      for: {{ dig "KubePodNotReady" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubePodNotReady" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeDeploymentGenerationMismatch | default false) }}
+    - alert: KubeDeploymentGenerationMismatch
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: Deployment generation for {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.deployment {{`}}`}} does not match, this indicates that the Deployment has failed but has not been rolled back.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubedeploymentgenerationmismatch
+        summary: Deployment generation mismatch due to possible roll-back
+      expr: |-
+        kube_deployment_status_observed_generation{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          !=
+        kube_deployment_metadata_generation{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+      for: {{ dig "KubeDeploymentGenerationMismatch" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeDeploymentGenerationMismatch" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeDeploymentReplicasMismatch | default false) }}
+    - alert: KubeDeploymentReplicasMismatch
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: Deployment {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.deployment {{`}}`}} has not matched the expected number of replicas for longer than 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubedeploymentreplicasmismatch
+        summary: Deployment has not matched the expected number of replicas.
+      expr: |-
+        (
+          kube_deployment_spec_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+            >
+          kube_deployment_status_replicas_available{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+        ) and (
+          changes(kube_deployment_status_replicas_updated{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}[10m])
+            ==
+          0
+        )
+      for: {{ dig "KubeDeploymentReplicasMismatch" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeDeploymentReplicasMismatch" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeDeploymentRolloutStuck | default false) }}
+    - alert: KubeDeploymentRolloutStuck
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: Rollout of deployment {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.deployment {{`}}`}} is not progressing for longer than 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubedeploymentrolloutstuck
+        summary: Deployment rollout is not progressing.
+      expr: |-
+        kube_deployment_status_condition{condition="Progressing", status="false",job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+        != 0
+      for: {{ dig "KubeDeploymentRolloutStuck" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeDeploymentRolloutStuck" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeStatefulSetReplicasMismatch | default false) }}
+    - alert: KubeStatefulSetReplicasMismatch
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: StatefulSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.statefulset {{`}}`}} has not matched the expected number of replicas for longer than 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubestatefulsetreplicasmismatch
+        summary: StatefulSet has not matched the expected number of replicas.
+      expr: |-
+        (
+          kube_statefulset_status_replicas_ready{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+            !=
+          kube_statefulset_status_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+        ) and (
+          changes(kube_statefulset_status_replicas_updated{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}[10m])
+            ==
+          0
+        )
+      for: {{ dig "KubeStatefulSetReplicasMismatch" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeStatefulSetReplicasMismatch" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeStatefulSetGenerationMismatch | default false) }}
+    - alert: KubeStatefulSetGenerationMismatch
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: StatefulSet generation for {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.statefulset {{`}}`}} does not match, this indicates that the StatefulSet has failed but has not been rolled back.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubestatefulsetgenerationmismatch
+        summary: StatefulSet generation mismatch due to possible roll-back
+      expr: |-
+        kube_statefulset_status_observed_generation{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          !=
+        kube_statefulset_metadata_generation{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+      for: {{ dig "KubeStatefulSetGenerationMismatch" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeStatefulSetGenerationMismatch" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeStatefulSetUpdateNotRolledOut | default false) }}
+    - alert: KubeStatefulSetUpdateNotRolledOut
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: StatefulSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.statefulset {{`}}`}} update has not been rolled out.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubestatefulsetupdatenotrolledout
+        summary: StatefulSet update has not been rolled out.
+      expr: |-
+        (
+          max without (revision) (
+            kube_statefulset_status_current_revision{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+              unless
+            kube_statefulset_status_update_revision{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          )
+            *
+          (
+            kube_statefulset_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+              !=
+            kube_statefulset_status_replicas_updated{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          )
+        )  and (
+          changes(kube_statefulset_status_replicas_updated{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}[5m])
+            ==
+          0
+        )
+      for: {{ dig "KubeStatefulSetUpdateNotRolledOut" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeStatefulSetUpdateNotRolledOut" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeDaemonSetRolloutStuck | default false) }}
+    - alert: KubeDaemonSetRolloutStuck
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: DaemonSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.daemonset {{`}}`}} has not finished or progressed for at least 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubedaemonsetrolloutstuck
+        summary: DaemonSet rollout is stuck.
+      expr: |-
+        (
+          (
+            kube_daemonset_status_current_number_scheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+             !=
+            kube_daemonset_status_desired_number_scheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          ) or (
+            kube_daemonset_status_number_misscheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+             !=
+            0
+          ) or (
+            kube_daemonset_status_updated_number_scheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+             !=
+            kube_daemonset_status_desired_number_scheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          ) or (
+            kube_daemonset_status_number_available{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+             !=
+            kube_daemonset_status_desired_number_scheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          )
+        ) and (
+          changes(kube_daemonset_status_updated_number_scheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}[5m])
+            ==
+          0
+        )
+      for: {{ dig "KubeDaemonSetRolloutStuck" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeDaemonSetRolloutStuck" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeContainerWaiting | default false) }}
+    - alert: KubeContainerWaiting
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: pod/{{`{{`}} $labels.pod {{`}}`}} in namespace {{`{{`}} $labels.namespace {{`}}`}} on container {{`{{`}} $labels.container{{`}}`}} has been in waiting state for longer than 1 hour.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubecontainerwaiting
+        summary: Pod container waiting longer than 1 hour
+      expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, pod, container, cluster) (kube_pod_container_status_waiting_reason{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}) > 0
+      for: {{ dig "KubeContainerWaiting" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeContainerWaiting" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeDaemonSetNotScheduled | default false) }}
+    - alert: KubeDaemonSetNotScheduled
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $value {{`}}`}} Pods of DaemonSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.daemonset {{`}}`}} are not scheduled.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubedaemonsetnotscheduled
+        summary: DaemonSet pods are not scheduled.
+      expr: |-
+        kube_daemonset_status_desired_number_scheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          -
+        kube_daemonset_status_current_number_scheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"} > 0
+      for: {{ dig "KubeDaemonSetNotScheduled" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeDaemonSetNotScheduled" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeDaemonSetMisScheduled | default false) }}
+    - alert: KubeDaemonSetMisScheduled
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $value {{`}}`}} Pods of DaemonSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.daemonset {{`}}`}} are running where they are not supposed to run.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubedaemonsetmisscheduled
+        summary: DaemonSet pods are misscheduled.
+      expr: kube_daemonset_status_number_misscheduled{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"} > 0
+      for: {{ dig "KubeDaemonSetMisScheduled" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeDaemonSetMisScheduled" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeJobNotCompleted | default false) }}
+    - alert: KubeJobNotCompleted
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: Job {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.job_name {{`}}`}} is taking more than {{`{{`}} "43200" | humanizeDuration {{`}}`}} to complete.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubejobnotcompleted
+        summary: Job did not complete in time
+      expr: |-
+        time() - max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}namespace, job_name, cluster) (kube_job_status_start_time{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          and
+        kube_job_status_active{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"} > 0) > 43200
+      labels:
+        severity: {{ dig "KubeJobNotCompleted" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeJobFailed | default false) }}
+    - alert: KubeJobFailed
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: Job {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.job_name {{`}}`}} failed to complete. Removing failed job after investigation should clear this alert.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubejobfailed
+        summary: Job failed to complete.
+      expr: kube_job_failed{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}  > 0
+      for: {{ dig "KubeJobFailed" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeJobFailed" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeHpaReplicasMismatch | default false) }}
+    - alert: KubeHpaReplicasMismatch
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: HPA {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.horizontalpodautoscaler  {{`}}`}} has not matched the desired number of replicas for longer than 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubehpareplicasmismatch
+        summary: HPA has not matched desired number of replicas.
+      expr: |-
+        (kube_horizontalpodautoscaler_status_desired_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          !=
+        kube_horizontalpodautoscaler_status_current_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"})
+          and
+        (kube_horizontalpodautoscaler_status_current_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          >
+        kube_horizontalpodautoscaler_spec_min_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"})
+          and
+        (kube_horizontalpodautoscaler_status_current_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          <
+        kube_horizontalpodautoscaler_spec_max_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"})
+          and
+        changes(kube_horizontalpodautoscaler_status_current_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}[15m]) == 0
+      for: {{ dig "KubeHpaReplicasMismatch" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeHpaReplicasMismatch" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeHpaMaxedOut | default false) }}
+    - alert: KubeHpaMaxedOut
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesApps | indent 8 }}
+{{- end }}
+        description: HPA {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.horizontalpodautoscaler  {{`}}`}} has been running at max replicas for longer than 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubehpamaxedout
+        summary: HPA is running at max replicas
+      expr: |-
+        kube_horizontalpodautoscaler_status_current_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+          ==
+        kube_horizontalpodautoscaler_spec_max_replicas{job="{{ $kubeStateMetricsJob }}", namespace=~"{{ $targetNamespace }}"}
+      for: {{ dig "KubeHpaMaxedOut" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeHpaMaxedOut" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesApps }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-resources.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-resources.yaml
new file mode 100644
index 0000000000..1d32f9bbad
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-resources.yaml
@@ -0,0 +1,282 @@
+{{- /*
+Generated from 'kubernetes-resources' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubernetesResources }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-resources" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-resources
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubeCPUOvercommit | default false) }}
+    - alert: KubeCPUOvercommit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources | indent 8 }}
+{{- end }}
+        description: Cluster {{`{{`}} $labels.cluster {{`}}`}} has overcommitted CPU resource requests for Pods by {{`{{`}} $value {{`}}`}} CPU shares and cannot tolerate node failure.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubecpuovercommit
+        summary: Cluster has overcommitted CPU resource requests.
+      expr: |-
+        sum(namespace_cpu:kube_pod_container_resource_requests:sum{job="{{ $kubeStateMetricsJob }}",}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) - (sum(kube_node_status_allocatable{job="{{ $kubeStateMetricsJob }}",resource="cpu"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) - max(kube_node_status_allocatable{job="{{ $kubeStateMetricsJob }}",resource="cpu"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)) > 0
+        and
+        (sum(kube_node_status_allocatable{job="{{ $kubeStateMetricsJob }}",resource="cpu"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) - max(kube_node_status_allocatable{job="{{ $kubeStateMetricsJob }}",resource="cpu"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)) > 0
+      for: {{ dig "KubeCPUOvercommit" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeCPUOvercommit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeMemoryOvercommit | default false) }}
+    - alert: KubeMemoryOvercommit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources | indent 8 }}
+{{- end }}
+        description: Cluster {{`{{`}} $labels.cluster {{`}}`}} has overcommitted memory resource requests for Pods by {{`{{`}} $value | humanize {{`}}`}} bytes and cannot tolerate node failure.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubememoryovercommit
+        summary: Cluster has overcommitted memory resource requests.
+      expr: |-
+        sum(namespace_memory:kube_pod_container_resource_requests:sum{}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) - (sum(kube_node_status_allocatable{resource="memory", job="{{ $kubeStateMetricsJob }}"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) - max(kube_node_status_allocatable{resource="memory", job="{{ $kubeStateMetricsJob }}"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)) > 0
+        and
+        (sum(kube_node_status_allocatable{resource="memory", job="{{ $kubeStateMetricsJob }}"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) - max(kube_node_status_allocatable{resource="memory", job="{{ $kubeStateMetricsJob }}"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)) > 0
+      for: {{ dig "KubeMemoryOvercommit" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeMemoryOvercommit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeCPUQuotaOvercommit | default false) }}
+    - alert: KubeCPUQuotaOvercommit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources | indent 8 }}
+{{- end }}
+        description: Cluster {{`{{`}} $labels.cluster {{`}}`}}  has overcommitted CPU resource requests for Namespaces.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubecpuquotaovercommit
+        summary: Cluster has overcommitted CPU resource requests.
+      expr: |-
+        sum(min without(resource) (kube_resourcequota{job="{{ $kubeStateMetricsJob }}", type="hard", resource=~"(cpu|requests.cpu)"})) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)
+          /
+        sum(kube_node_status_allocatable{resource="cpu", job="{{ $kubeStateMetricsJob }}"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)
+          > 1.5
+      for: {{ dig "KubeCPUQuotaOvercommit" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeCPUQuotaOvercommit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeMemoryQuotaOvercommit | default false) }}
+    - alert: KubeMemoryQuotaOvercommit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources | indent 8 }}
+{{- end }}
+        description: Cluster {{`{{`}} $labels.cluster {{`}}`}}  has overcommitted memory resource requests for Namespaces.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubememoryquotaovercommit
+        summary: Cluster has overcommitted memory resource requests.
+      expr: |-
+        sum(min without(resource) (kube_resourcequota{job="{{ $kubeStateMetricsJob }}", type="hard", resource=~"(memory|requests.memory)"})) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)
+          /
+        sum(kube_node_status_allocatable{resource="memory", job="{{ $kubeStateMetricsJob }}"}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)
+          > 1.5
+      for: {{ dig "KubeMemoryQuotaOvercommit" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeMemoryQuotaOvercommit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeQuotaAlmostFull | default false) }}
+    - alert: KubeQuotaAlmostFull
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources | indent 8 }}
+{{- end }}
+        description: Namespace {{`{{`}} $labels.namespace {{`}}`}} is using {{`{{`}} $value | humanizePercentage {{`}}`}} of its {{`{{`}} $labels.resource {{`}}`}} quota.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubequotaalmostfull
+        summary: Namespace quota is going to be full.
+      expr: |-
+        kube_resourcequota{job="{{ $kubeStateMetricsJob }}", type="used"}
+          / ignoring(instance, job, type)
+        (kube_resourcequota{job="{{ $kubeStateMetricsJob }}", type="hard"} > 0)
+          > 0.9 < 1
+      for: {{ dig "KubeQuotaAlmostFull" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeQuotaAlmostFull" "severity" "info" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeQuotaFullyUsed | default false) }}
+    - alert: KubeQuotaFullyUsed
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources | indent 8 }}
+{{- end }}
+        description: Namespace {{`{{`}} $labels.namespace {{`}}`}} is using {{`{{`}} $value | humanizePercentage {{`}}`}} of its {{`{{`}} $labels.resource {{`}}`}} quota.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubequotafullyused
+        summary: Namespace quota is fully used.
+      expr: |-
+        kube_resourcequota{job="{{ $kubeStateMetricsJob }}", type="used"}
+          / ignoring(instance, job, type)
+        (kube_resourcequota{job="{{ $kubeStateMetricsJob }}", type="hard"} > 0)
+          == 1
+      for: {{ dig "KubeQuotaFullyUsed" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeQuotaFullyUsed" "severity" "info" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeQuotaExceeded | default false) }}
+    - alert: KubeQuotaExceeded
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources | indent 8 }}
+{{- end }}
+        description: Namespace {{`{{`}} $labels.namespace {{`}}`}} is using {{`{{`}} $value | humanizePercentage {{`}}`}} of its {{`{{`}} $labels.resource {{`}}`}} quota.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubequotaexceeded
+        summary: Namespace quota has exceeded the limits.
+      expr: |-
+        kube_resourcequota{job="{{ $kubeStateMetricsJob }}", type="used"}
+          / ignoring(instance, job, type)
+        (kube_resourcequota{job="{{ $kubeStateMetricsJob }}", type="hard"} > 0)
+          > 1
+      for: {{ dig "KubeQuotaExceeded" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeQuotaExceeded" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.CPUThrottlingHigh | default false) }}
+    - alert: CPUThrottlingHigh
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesResources | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $value | humanizePercentage {{`}}`}} throttling of CPU in namespace {{`{{`}} $labels.namespace {{`}}`}} for container {{`{{`}} $labels.container {{`}}`}} in pod {{`{{`}} $labels.pod {{`}}`}}.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/cputhrottlinghigh
+        summary: Processes experience elevated CPU throttling.
+      expr: |-
+        sum(increase(container_cpu_cfs_throttled_periods_total{container!="", }[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, container, pod, namespace)
+          /
+        sum(increase(container_cpu_cfs_periods_total{}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, container, pod, namespace)
+          > ( 25 / 100 )
+      for: {{ dig "CPUThrottlingHigh" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "CPUThrottlingHigh" "severity" "info" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesResources }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-storage.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-storage.yaml
new file mode 100644
index 0000000000..b988445653
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-storage.yaml
@@ -0,0 +1,216 @@
+{{- /*
+Generated from 'kubernetes-storage' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubernetesStorage }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+{{- $targetNamespace := .Values.defaultRules.appNamespacesTarget }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-storage" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-storage
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubePersistentVolumeFillingUp | default false) }}
+    - alert: KubePersistentVolumeFillingUp
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage | indent 8 }}
+{{- end }}
+        description: The PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} {{`{{`}} with $labels.cluster -{{`}}`}} on Cluster {{`{{`}} . {{`}}`}} {{`{{`}}- end {{`}}`}} is only {{`{{`}} $value | humanizePercentage {{`}}`}} free.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubepersistentvolumefillingup
+        summary: PersistentVolume is filling up.
+      expr: |-
+        kubelet_volume_stats_available_bytes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}
+          /
+        kubelet_volume_stats_capacity_bytes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}
+          < 0.03
+        and
+        kubelet_volume_stats_used_bytes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"} > 0
+        unless on(namespace, persistentvolumeclaim)
+        kube_persistentvolumeclaim_access_mode{ access_mode="ReadOnlyMany"} == 1
+        unless on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, persistentvolumeclaim)
+        kube_persistentvolumeclaim_labels{label_excluded_from_alerts="true"} == 1
+      for: {{ dig "KubePersistentVolumeFillingUp" "for" "1m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubePersistentVolumeFillingUp" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubePersistentVolumeFillingUp | default false) }}
+    - alert: KubePersistentVolumeFillingUp
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage | indent 8 }}
+{{- end }}
+        description: Based on recent sampling, the PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} {{`{{`}} with $labels.cluster -{{`}}`}} on Cluster {{`{{`}} . {{`}}`}} {{`{{`}}- end {{`}}`}} is expected to fill up within four days. Currently {{`{{`}} $value | humanizePercentage {{`}}`}} is available.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubepersistentvolumefillingup
+        summary: PersistentVolume is filling up.
+      expr: |-
+        (
+          kubelet_volume_stats_available_bytes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}
+            /
+          kubelet_volume_stats_capacity_bytes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}
+        ) < 0.15
+        and
+        kubelet_volume_stats_used_bytes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"} > 0
+        and
+        predict_linear(kubelet_volume_stats_available_bytes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}[6h], 4 * 24 * 3600) < 0
+        unless on(namespace, persistentvolumeclaim)
+        kube_persistentvolumeclaim_access_mode{ access_mode="ReadOnlyMany"} == 1
+        unless on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, persistentvolumeclaim)
+        kube_persistentvolumeclaim_labels{label_excluded_from_alerts="true"} == 1
+      for: {{ dig "KubePersistentVolumeFillingUp" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubePersistentVolumeFillingUp" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubePersistentVolumeInodesFillingUp | default false) }}
+    - alert: KubePersistentVolumeInodesFillingUp
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage | indent 8 }}
+{{- end }}
+        description: The PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} {{`{{`}} with $labels.cluster -{{`}}`}} on Cluster {{`{{`}} . {{`}}`}} {{`{{`}}- end {{`}}`}} only has {{`{{`}} $value | humanizePercentage {{`}}`}} free inodes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubepersistentvolumeinodesfillingup
+        summary: PersistentVolumeInodes are filling up.
+      expr: |-
+        (
+          kubelet_volume_stats_inodes_free{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}
+            /
+          kubelet_volume_stats_inodes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}
+        ) < 0.03
+        and
+        kubelet_volume_stats_inodes_used{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"} > 0
+        unless on(namespace, persistentvolumeclaim)
+        kube_persistentvolumeclaim_access_mode{ access_mode="ReadOnlyMany"} == 1
+        unless on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, persistentvolumeclaim)
+        kube_persistentvolumeclaim_labels{label_excluded_from_alerts="true"} == 1
+      for: {{ dig "KubePersistentVolumeInodesFillingUp" "for" "1m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubePersistentVolumeInodesFillingUp" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubePersistentVolumeInodesFillingUp | default false) }}
+    - alert: KubePersistentVolumeInodesFillingUp
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage | indent 8 }}
+{{- end }}
+        description: Based on recent sampling, the PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} {{`{{`}} with $labels.cluster -{{`}}`}} on Cluster {{`{{`}} . {{`}}`}} {{`{{`}}- end {{`}}`}} is expected to run out of inodes within four days. Currently {{`{{`}} $value | humanizePercentage {{`}}`}} of its inodes are free.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubepersistentvolumeinodesfillingup
+        summary: PersistentVolumeInodes are filling up.
+      expr: |-
+        (
+          kubelet_volume_stats_inodes_free{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}
+            /
+          kubelet_volume_stats_inodes{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}
+        ) < 0.15
+        and
+        kubelet_volume_stats_inodes_used{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"} > 0
+        and
+        predict_linear(kubelet_volume_stats_inodes_free{job="{{ include "exporter.kubelet.jobName" . }}", namespace=~"{{ $targetNamespace }}", metrics_path="/metrics"}[6h], 4 * 24 * 3600) < 0
+        unless on(namespace, persistentvolumeclaim)
+        kube_persistentvolumeclaim_access_mode{ access_mode="ReadOnlyMany"} == 1
+        unless on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, persistentvolumeclaim)
+        kube_persistentvolumeclaim_labels{label_excluded_from_alerts="true"} == 1
+      for: {{ dig "KubePersistentVolumeInodesFillingUp" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubePersistentVolumeInodesFillingUp" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubePersistentVolumeErrors | default false) }}
+    - alert: KubePersistentVolumeErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesStorage | indent 8 }}
+{{- end }}
+        description: The persistent volume {{`{{`}} $labels.persistentvolume {{`}}`}} {{`{{`}} with $labels.cluster -{{`}}`}} on Cluster {{`{{`}} . {{`}}`}} {{`{{`}}- end {{`}}`}} has status {{`{{`}} $labels.phase {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubepersistentvolumeerrors
+        summary: PersistentVolume is having issues with provisioning.
+      expr: kube_persistentvolume_status_phase{phase=~"Failed|Pending",job="{{ $kubeStateMetricsJob }}"} > 0
+      for: {{ dig "KubePersistentVolumeErrors" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubePersistentVolumeErrors" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesStorage }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml
new file mode 100644
index 0000000000..af34a23f88
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml
@@ -0,0 +1,193 @@
+{{- /*
+Generated from 'kubernetes-system-apiserver' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubernetesSystem }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-system-apiserver" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-system-apiserver
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubeClientCertificateExpiration | default false) }}
+    - alert: KubeClientCertificateExpiration
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: A client certificate used to authenticate to kubernetes apiserver is expiring in less than 7.0 days.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeclientcertificateexpiration
+        summary: Client certificate is about to expire.
+      expr: apiserver_client_certificate_expiration_seconds_count{job="apiserver"} > 0 and on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}job) histogram_quantile(0.01, sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}job, le) (rate(apiserver_client_certificate_expiration_seconds_bucket{job="apiserver"}[5m]))) < 604800
+      for: {{ dig "KubeClientCertificateExpiration" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeClientCertificateExpiration" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeClientCertificateExpiration | default false) }}
+    - alert: KubeClientCertificateExpiration
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: A client certificate used to authenticate to kubernetes apiserver is expiring in less than 24.0 hours.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeclientcertificateexpiration
+        summary: Client certificate is about to expire.
+      expr: apiserver_client_certificate_expiration_seconds_count{job="apiserver"} > 0 and on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}job) histogram_quantile(0.01, sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}job, le) (rate(apiserver_client_certificate_expiration_seconds_bucket{job="apiserver"}[5m]))) < 86400
+      for: {{ dig "KubeClientCertificateExpiration" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeClientCertificateExpiration" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeAggregatedAPIErrors | default false) }}
+    - alert: KubeAggregatedAPIErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Kubernetes aggregated API {{`{{`}} $labels.name {{`}}`}}/{{`{{`}} $labels.namespace {{`}}`}} has reported errors. It has appeared unavailable {{`{{`}} $value | humanize {{`}}`}} times averaged over the past 10m.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeaggregatedapierrors
+        summary: Kubernetes aggregated API has reported errors.
+      expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}name, namespace, cluster)(increase(aggregator_unavailable_apiservice_total{job="apiserver"}[10m])) > 4
+      labels:
+        severity: {{ dig "KubeAggregatedAPIErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeAggregatedAPIDown | default false) }}
+    - alert: KubeAggregatedAPIDown
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Kubernetes aggregated API {{`{{`}} $labels.name {{`}}`}}/{{`{{`}} $labels.namespace {{`}}`}} has been only {{`{{`}} $value | humanize {{`}}`}}% available over the last 10m.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeaggregatedapidown
+        summary: Kubernetes aggregated API is down.
+      expr: (1 - max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}name, namespace, cluster)(avg_over_time(aggregator_unavailable_apiservice{job="apiserver"}[10m]))) * 100 < 85
+      for: {{ dig "KubeAggregatedAPIDown" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeAggregatedAPIDown" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if .Values.kubeApiServer.enabled }}
+{{- if not (.Values.defaultRules.disabled.KubeAPIDown | default false) }}
+    - alert: KubeAPIDown
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: KubeAPI has disappeared from Prometheus target discovery.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeapidown
+        summary: Target disappeared from Prometheus target discovery.
+      expr: absent(up{job="apiserver"} == 1)
+      for: {{ dig "KubeAPIDown" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeAPIDown" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeAPITerminatedRequests | default false) }}
+    - alert: KubeAPITerminatedRequests
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: The kubernetes apiserver has terminated {{`{{`}} $value | humanizePercentage {{`}}`}} of its incoming requests.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeapiterminatedrequests
+        summary: The kubernetes apiserver has terminated {{`{{`}} $value | humanizePercentage {{`}}`}} of its incoming requests.
+      expr: sum(rate(apiserver_request_terminations_total{job="apiserver"}[10m]))  / (  sum(rate(apiserver_request_total{job="apiserver"}[10m])) + sum(rate(apiserver_request_terminations_total{job="apiserver"}[10m])) ) > 0.20
+      for: {{ dig "KubeAPITerminatedRequests" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeAPITerminatedRequests" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml
new file mode 100644
index 0000000000..205bd59800
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml
@@ -0,0 +1,55 @@
+{{- /*
+Generated from 'kubernetes-system-controller-manager' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubeControllerManager }}
+{{- if (include "exporter.kubeControllerManager.enabled" .)}}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-system-controller-manager" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-system-controller-manager
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubeControllerManagerDown | default false) }}
+    - alert: KubeControllerManagerDown
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeControllerManager }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeControllerManager | indent 8 }}
+{{- end }}
+        description: KubeControllerManager has disappeared from Prometheus target discovery.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubecontrollermanagerdown
+        summary: Target disappeared from Prometheus target discovery.
+      expr: absent(up{job="{{ include "exporter.kubeControllerManager.jobName" . }}"} == 1)
+      for: 15m
+      labels:
+        severity: {{ dig "KubeControllerManagerDown" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeControllerManager }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeControllerManager }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-kube-proxy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-kube-proxy.yaml
new file mode 100644
index 0000000000..66b1d62001
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-kube-proxy.yaml
@@ -0,0 +1,56 @@
+{{- /*
+Generated from 'kubernetes-system-kube-proxy' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/main/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubeProxy }}
+{{- if (include "exporter.kubeProxy.enabled" .)}}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-system-kube-proxy" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-system-kube-proxy
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubeProxyDown | default false) }}
+    - alert: KubeProxyDown
+      annotations:
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupAnnotations.kubeProxy }}
+        {{- with .Values.defaultRules.additionalRuleAnnotations }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupAnnotations.kubeProxy }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+        description: KubeProxy has disappeared from Prometheus target discovery.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeproxydown
+        summary: Target disappeared from Prometheus target discovery.
+      expr: absent(up{job="{{ include "exporter.kubeProxy.jobName" . }}"} == 1)
+      for: 15m
+      labels:
+        severity: {{ dig "KubeProxyDown" "labelsSeverity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeProxy }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeProxy }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml
new file mode 100644
index 0000000000..2a55676735
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml
@@ -0,0 +1,379 @@
+{{- /*
+Generated from 'kubernetes-system-kubelet' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubernetesSystem }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-system-kubelet" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-system-kubelet
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubeNodeNotReady | default false) }}
+    - alert: KubeNodeNotReady
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $labels.node {{`}}`}} has been unready for more than 15 minutes.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubenodenotready
+        summary: Node is not ready.
+      expr: kube_node_status_condition{job="{{ $kubeStateMetricsJob }}",condition="Ready",status="true"} == 0
+      for: {{ dig "KubeNodeNotReady" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeNodeNotReady" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeNodeUnreachable | default false) }}
+    - alert: KubeNodeUnreachable
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $labels.node {{`}}`}} is unreachable and some workloads may be rescheduled.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubenodeunreachable
+        summary: Node is unreachable.
+      expr: (kube_node_spec_taint{job="{{ $kubeStateMetricsJob }}",key="node.kubernetes.io/unreachable",effect="NoSchedule"} unless ignoring(key,value) kube_node_spec_taint{job="{{ $kubeStateMetricsJob }}",key=~"ToBeDeletedByClusterAutoscaler|cloud.google.com/impending-node-termination|aws-node-termination-handler/spot-itn"}) == 1
+      for: {{ dig "KubeNodeUnreachable" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeNodeUnreachable" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletTooManyPods | default false) }}
+    - alert: KubeletTooManyPods
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Kubelet '{{`{{`}} $labels.node {{`}}`}}' is running at {{`{{`}} $value | humanizePercentage {{`}}`}} of its Pod capacity.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubelettoomanypods
+        summary: Kubelet is running at capacity.
+      expr: |-
+        count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, node) (
+          (kube_pod_status_phase{job="{{ $kubeStateMetricsJob }}",phase="Running"} == 1) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}instance,pod,namespace,cluster) group_left(node) topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}instance,pod,namespace,cluster) (1, kube_pod_info{job="{{ $kubeStateMetricsJob }}"})
+        )
+        /
+        max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, node) (
+          kube_node_status_capacity{job="{{ $kubeStateMetricsJob }}",resource="pods"} != 1
+        ) > 0.95
+      for: {{ dig "KubeletTooManyPods" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeletTooManyPods" "severity" "info" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeNodeReadinessFlapping | default false) }}
+    - alert: KubeNodeReadinessFlapping
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: The readiness status of node {{`{{`}} $labels.node {{`}}`}} has changed {{`{{`}} $value {{`}}`}} times in the last 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubenodereadinessflapping
+        summary: Node readiness status is flapping.
+      expr: sum(changes(kube_node_status_condition{job="{{ $kubeStateMetricsJob }}",status="true",condition="Ready"}[15m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, node) > 2
+      for: {{ dig "KubeNodeReadinessFlapping" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeNodeReadinessFlapping" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletPlegDurationHigh | default false) }}
+    - alert: KubeletPlegDurationHigh
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: The Kubelet Pod Lifecycle Event Generator has a 99th percentile duration of {{`{{`}} $value {{`}}`}} seconds on node {{`{{`}} $labels.node {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletplegdurationhigh
+        summary: Kubelet Pod Lifecycle Event Generator is taking too long to relist.
+      expr: node_quantile:kubelet_pleg_relist_duration_seconds:histogram_quantile{quantile="0.99"} >= 10
+      for: {{ dig "KubeletPlegDurationHigh" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeletPlegDurationHigh" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletPodStartUpLatencyHigh | default false) }}
+    - alert: KubeletPodStartUpLatencyHigh
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Kubelet Pod startup 99th percentile latency is {{`{{`}} $value {{`}}`}} seconds on node {{`{{`}} $labels.node {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletpodstartuplatencyhigh
+        summary: Kubelet Pod startup latency is too high.
+      expr: histogram_quantile(0.99, sum(rate(kubelet_pod_worker_duration_seconds_bucket{job="{{ include "exporter.kubelet.jobName" . }}", metrics_path="/metrics"}[5m])) by (cluster, instance, le)) * on(cluster, instance) group_left(node) kubelet_node_name{job="{{ include "exporter.kubelet.jobName" . }}", metrics_path="/metrics"} > 60
+      for: 15m
+      labels:
+        severity: {{ dig "KubeletPodStartUpLatencyHigh" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletClientCertificateExpiration | default false) }}
+    - alert: KubeletClientCertificateExpiration
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Client certificate for Kubelet on node {{`{{`}} $labels.node {{`}}`}} expires in {{`{{`}} $value | humanizeDuration {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletclientcertificateexpiration
+        summary: Kubelet client certificate is about to expire.
+      expr: kubelet_certificate_manager_client_ttl_seconds < 604800
+      labels:
+        severity: {{ dig "KubeletClientCertificateExpiration" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletClientCertificateExpiration | default false) }}
+    - alert: KubeletClientCertificateExpiration
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Client certificate for Kubelet on node {{`{{`}} $labels.node {{`}}`}} expires in {{`{{`}} $value | humanizeDuration {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletclientcertificateexpiration
+        summary: Kubelet client certificate is about to expire.
+      expr: kubelet_certificate_manager_client_ttl_seconds < 86400
+      labels:
+        severity: {{ dig "KubeletClientCertificateExpiration" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletServerCertificateExpiration | default false) }}
+    - alert: KubeletServerCertificateExpiration
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Server certificate for Kubelet on node {{`{{`}} $labels.node {{`}}`}} expires in {{`{{`}} $value | humanizeDuration {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletservercertificateexpiration
+        summary: Kubelet server certificate is about to expire.
+      expr: kubelet_certificate_manager_server_ttl_seconds < 604800
+      labels:
+        severity: {{ dig "KubeletServerCertificateExpiration" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletServerCertificateExpiration | default false) }}
+    - alert: KubeletServerCertificateExpiration
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Server certificate for Kubelet on node {{`{{`}} $labels.node {{`}}`}} expires in {{`{{`}} $value | humanizeDuration {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletservercertificateexpiration
+        summary: Kubelet server certificate is about to expire.
+      expr: kubelet_certificate_manager_server_ttl_seconds < 86400
+      labels:
+        severity: {{ dig "KubeletServerCertificateExpiration" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletClientCertificateRenewalErrors | default false) }}
+    - alert: KubeletClientCertificateRenewalErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Kubelet on node {{`{{`}} $labels.node {{`}}`}} has failed to renew its client certificate ({{`{{`}} $value | humanize {{`}}`}} errors in the last 5 minutes).
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletclientcertificaterenewalerrors
+        summary: Kubelet has failed to renew its client certificate.
+      expr: increase(kubelet_certificate_manager_client_expiration_renew_errors[5m]) > 0
+      for: {{ dig "KubeletClientCertificateRenewalErrors" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeletClientCertificateRenewalErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeletServerCertificateRenewalErrors | default false) }}
+    - alert: KubeletServerCertificateRenewalErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Kubelet on node {{`{{`}} $labels.node {{`}}`}} has failed to renew its server certificate ({{`{{`}} $value | humanize {{`}}`}} errors in the last 5 minutes).
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletservercertificaterenewalerrors
+        summary: Kubelet has failed to renew its server certificate.
+      expr: increase(kubelet_server_expiration_renew_errors[5m]) > 0
+      for: {{ dig "KubeletServerCertificateRenewalErrors" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeletServerCertificateRenewalErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if (include "exporter.kubelet.enabled" .)}}
+{{- if not (.Values.defaultRules.disabled.KubeletDown | default false) }}
+    - alert: KubeletDown
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Kubelet has disappeared from Prometheus target discovery.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeletdown
+        summary: Target disappeared from Prometheus target discovery.
+      expr: absent(up{job="{{ include "exporter.kubelet.jobName" . }}", metrics_path="/metrics"} == 1)
+      for: 15m
+      labels:
+        severity: {{ dig "KubeletDown" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml
new file mode 100644
index 0000000000..9890b1c959
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml
@@ -0,0 +1,54 @@
+{{- /*
+Generated from 'kubernetes-system-scheduler' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.kubeScheduler.enabled .Values.defaultRules.rules.kubeSchedulerAlerting }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-system-scheduler" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-system-scheduler
+    rules:
+{{- if .Values.kubeScheduler.enabled }}
+{{- if not (.Values.defaultRules.disabled.KubeSchedulerDown | default false) }}
+    - alert: KubeSchedulerDown
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubeSchedulerAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubeSchedulerAlerting | indent 8 }}
+{{- end }}
+        description: KubeScheduler has disappeared from Prometheus target discovery.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeschedulerdown
+        summary: Target disappeared from Prometheus target discovery.
+      expr: absent(up{job="{{ include "exporter.kubeScheduler.jobName" . }}"} == 1)
+      for: 15m
+      labels:
+        severity: {{ dig "KubeSchedulerDown" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubeSchedulerAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system.yaml
new file mode 100644
index 0000000000..621326d0ad
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/kubernetes-system.yaml
@@ -0,0 +1,87 @@
+{{- /*
+Generated from 'kubernetes-system' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubernetesSystem }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "kubernetes-system" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: kubernetes-system
+    rules:
+{{- if not (.Values.defaultRules.disabled.KubeVersionMismatch | default false) }}
+    - alert: KubeVersionMismatch
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: There are {{`{{`}} $value {{`}}`}} different semantic versions of Kubernetes components running.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeversionmismatch
+        summary: Different semantic versions of Kubernetes components running.
+      expr: count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}git_version, cluster) (label_replace(kubernetes_build_info{job!~"kube-dns|coredns"},"git_version","$1","git_version","(v[0-9]*.[0-9]*).*"))) > 1
+      for: {{ dig "KubeVersionMismatch" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeVersionMismatch" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.KubeClientErrors | default false) }}
+    - alert: KubeClientErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.kubernetesSystem | indent 8 }}
+{{- end }}
+        description: Kubernetes API server client '{{`{{`}} $labels.job {{`}}`}}/{{`{{`}} $labels.instance {{`}}`}}' is experiencing {{`{{`}} $value | humanizePercentage {{`}}`}} errors.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/kubernetes/kubeclienterrors
+        summary: Kubernetes API server client is experiencing errors.
+      expr: |-
+        (sum(rate(rest_client_requests_total{job="apiserver",code=~"5.."}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance, job, namespace)
+          /
+        sum(rate(rest_client_requests_total{job="apiserver"}[5m])) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance, job, namespace))
+        > 0.01
+      for: {{ dig "KubeClientErrors" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "KubeClientErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.kubernetesSystem }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/node-exporter.rules.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/node-exporter.rules.yaml
new file mode 100644
index 0000000000..5d4711ae08
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/node-exporter.rules.yaml
@@ -0,0 +1,188 @@
+{{- /*
+Generated from 'node-exporter.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/nodeExporter-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.nodeExporterRecording }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "node-exporter.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: node-exporter.rules
+    rules:
+    - expr: |-
+        count without (cpu, mode) (
+          node_cpu_seconds_total{job="node-exporter",mode="idle"}
+        )
+      record: instance:node_num_cpu:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        1 - avg without (cpu) (
+          sum without (mode) (rate(node_cpu_seconds_total{job="node-exporter", mode=~"idle|iowait|steal"}[5m]))
+        )
+      record: instance:node_cpu_utilisation:rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        (
+          node_load1{job="node-exporter"}
+        /
+          instance:node_num_cpu:sum{job="node-exporter"}
+        )
+      record: instance:node_load1_per_cpu:ratio
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        1 - (
+          (
+            node_memory_MemAvailable_bytes{job="node-exporter"}
+            or
+            (
+              node_memory_Buffers_bytes{job="node-exporter"}
+              +
+              node_memory_Cached_bytes{job="node-exporter"}
+              +
+              node_memory_MemFree_bytes{job="node-exporter"}
+              +
+              node_memory_Slab_bytes{job="node-exporter"}
+            )
+          )
+        /
+          node_memory_MemTotal_bytes{job="node-exporter"}
+        )
+      record: instance:node_memory_utilisation:ratio
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: rate(node_vmstat_pgmajfault{job="node-exporter"}[5m])
+      record: instance:node_vmstat_pgmajfault:rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: rate(node_disk_io_time_seconds_total{job="node-exporter", device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"}[5m])
+      record: instance_device:node_disk_io_time_seconds:rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: rate(node_disk_io_time_weighted_seconds_total{job="node-exporter", device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"}[5m])
+      record: instance_device:node_disk_io_time_weighted_seconds:rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum without (device) (
+          rate(node_network_receive_bytes_total{job="node-exporter", device!="lo"}[5m])
+        )
+      record: instance:node_network_receive_bytes_excluding_lo:rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum without (device) (
+          rate(node_network_transmit_bytes_total{job="node-exporter", device!="lo"}[5m])
+        )
+      record: instance:node_network_transmit_bytes_excluding_lo:rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum without (device) (
+          rate(node_network_receive_drop_total{job="node-exporter", device!="lo"}[5m])
+        )
+      record: instance:node_network_receive_drop_excluding_lo:rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum without (device) (
+          rate(node_network_transmit_drop_total{job="node-exporter", device!="lo"}[5m])
+        )
+      record: instance:node_network_transmit_drop_excluding_lo:rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterRecording }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/node-exporter.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/node-exporter.yaml
new file mode 100644
index 0000000000..14738cedfa
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/node-exporter.yaml
@@ -0,0 +1,801 @@
+{{- /*
+Generated from 'node-exporter' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/nodeExporter-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.nodeExporterAlerting }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "node-exporter" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: node-exporter
+    rules:
+{{- if not (.Values.defaultRules.disabled.NodeFilesystemSpaceFillingUp | default false) }}
+    - alert: NodeFilesystemSpaceFillingUp
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available space left and is filling up.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefilesystemspacefillingup
+        summary: Filesystem is predicted to run out of space within the next 24 hours.
+      expr: |-
+        (
+          node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_size_bytes{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 15
+        and
+          predict_linear(node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""}[6h], 24*60*60) < 0
+        and
+          node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0
+        )
+      for: {{ dig "NodeFilesystemSpaceFillingUp" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFilesystemSpaceFillingUp" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFilesystemSpaceFillingUp | default false) }}
+    - alert: NodeFilesystemSpaceFillingUp
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available space left and is filling up fast.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefilesystemspacefillingup
+        summary: Filesystem is predicted to run out of space within the next 4 hours.
+      expr: |-
+        (
+          node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_size_bytes{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 10
+        and
+          predict_linear(node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""}[6h], 4*60*60) < 0
+        and
+          node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0
+        )
+      for: {{ dig "NodeFilesystemSpaceFillingUp" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFilesystemSpaceFillingUp" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFilesystemAlmostOutOfSpace | default false) }}
+    - alert: NodeFilesystemAlmostOutOfSpace
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available space left.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefilesystemalmostoutofspace
+        summary: Filesystem has less than 5% space left.
+      expr: |-
+        (
+          node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_size_bytes{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 5
+        and
+          node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0
+        )
+      for: {{ dig "NodeFilesystemAlmostOutOfSpace" "for" "30m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFilesystemAlmostOutOfSpace" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFilesystemAlmostOutOfSpace | default false) }}
+    - alert: NodeFilesystemAlmostOutOfSpace
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available space left.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefilesystemalmostoutofspace
+        summary: Filesystem has less than 3% space left.
+      expr: |-
+        (
+          node_filesystem_avail_bytes{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_size_bytes{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 3
+        and
+          node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0
+        )
+      for: {{ dig "NodeFilesystemAlmostOutOfSpace" "for" "30m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFilesystemAlmostOutOfSpace" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFilesystemFilesFillingUp | default false) }}
+    - alert: NodeFilesystemFilesFillingUp
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available inodes left and is filling up.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefilesystemfilesfillingup
+        summary: Filesystem is predicted to run out of inodes within the next 24 hours.
+      expr: |-
+        (
+          node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_files{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 40
+        and
+          predict_linear(node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""}[6h], 24*60*60) < 0
+        and
+          node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0
+        )
+      for: {{ dig "NodeFilesystemFilesFillingUp" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFilesystemFilesFillingUp" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFilesystemFilesFillingUp | default false) }}
+    - alert: NodeFilesystemFilesFillingUp
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available inodes left and is filling up fast.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefilesystemfilesfillingup
+        summary: Filesystem is predicted to run out of inodes within the next 4 hours.
+      expr: |-
+        (
+          node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_files{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 20
+        and
+          predict_linear(node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""}[6h], 4*60*60) < 0
+        and
+          node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0
+        )
+      for: {{ dig "NodeFilesystemFilesFillingUp" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFilesystemFilesFillingUp" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFilesystemAlmostOutOfFiles | default false) }}
+    - alert: NodeFilesystemAlmostOutOfFiles
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available inodes left.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefilesystemalmostoutoffiles
+        summary: Filesystem has less than 5% inodes left.
+      expr: |-
+        (
+          node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_files{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 5
+        and
+          node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0
+        )
+      for: {{ dig "NodeFilesystemAlmostOutOfFiles" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFilesystemAlmostOutOfFiles" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFilesystemAlmostOutOfFiles | default false) }}
+    - alert: NodeFilesystemAlmostOutOfFiles
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Filesystem on {{`{{`}} $labels.device {{`}}`}}, mounted on {{`{{`}} $labels.mountpoint {{`}}`}}, at {{`{{`}} $labels.instance {{`}}`}} has only {{`{{`}} printf "%.2f" $value {{`}}`}}% available inodes left.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefilesystemalmostoutoffiles
+        summary: Filesystem has less than 3% inodes left.
+      expr: |-
+        (
+          node_filesystem_files_free{job="node-exporter",fstype!="",mountpoint!=""} / node_filesystem_files{job="node-exporter",fstype!="",mountpoint!=""} * 100 < 3
+        and
+          node_filesystem_readonly{job="node-exporter",fstype!="",mountpoint!=""} == 0
+        )
+      for: {{ dig "NodeFilesystemAlmostOutOfFiles" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFilesystemAlmostOutOfFiles" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeNetworkReceiveErrs | default false) }}
+    - alert: NodeNetworkReceiveErrs
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $labels.instance {{`}}`}} interface {{`{{`}} $labels.device {{`}}`}} has encountered {{`{{`}} printf "%.0f" $value {{`}}`}} receive errors in the last two minutes.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodenetworkreceiveerrs
+        summary: Network interface is reporting many receive errors.
+      expr: rate(node_network_receive_errs_total{job="node-exporter"}[2m]) / rate(node_network_receive_packets_total{job="node-exporter"}[2m]) > 0.01
+      for: {{ dig "NodeNetworkReceiveErrs" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeNetworkReceiveErrs" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeNetworkTransmitErrs | default false) }}
+    - alert: NodeNetworkTransmitErrs
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $labels.instance {{`}}`}} interface {{`{{`}} $labels.device {{`}}`}} has encountered {{`{{`}} printf "%.0f" $value {{`}}`}} transmit errors in the last two minutes.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodenetworktransmiterrs
+        summary: Network interface is reporting many transmit errors.
+      expr: rate(node_network_transmit_errs_total{job="node-exporter"}[2m]) / rate(node_network_transmit_packets_total{job="node-exporter"}[2m]) > 0.01
+      for: {{ dig "NodeNetworkTransmitErrs" "for" "1h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeNetworkTransmitErrs" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeHighNumberConntrackEntriesUsed | default false) }}
+    - alert: NodeHighNumberConntrackEntriesUsed
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $value | humanizePercentage {{`}}`}} of conntrack entries are used.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodehighnumberconntrackentriesused
+        summary: Number of conntrack are getting close to the limit.
+      expr: (node_nf_conntrack_entries{job="node-exporter"} / node_nf_conntrack_entries_limit) > 0.75
+      labels:
+        severity: {{ dig "NodeHighNumberConntrackEntriesUsed" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeTextFileCollectorScrapeError | default false) }}
+    - alert: NodeTextFileCollectorScrapeError
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Node Exporter text file collector on {{`{{`}} $labels.instance {{`}}`}} failed to scrape.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodetextfilecollectorscrapeerror
+        summary: Node Exporter text file collector failed to scrape.
+      expr: node_textfile_scrape_error{job="node-exporter"} == 1
+      labels:
+        severity: {{ dig "NodeTextFileCollectorScrapeError" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeClockSkewDetected | default false) }}
+    - alert: NodeClockSkewDetected
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Clock at {{`{{`}} $labels.instance {{`}}`}} is out of sync by more than 0.05s. Ensure NTP is configured correctly on this host.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodeclockskewdetected
+        summary: Clock skew detected.
+      expr: |-
+        (
+          node_timex_offset_seconds{job="node-exporter"} > 0.05
+        and
+          deriv(node_timex_offset_seconds{job="node-exporter"}[5m]) >= 0
+        )
+        or
+        (
+          node_timex_offset_seconds{job="node-exporter"} < -0.05
+        and
+          deriv(node_timex_offset_seconds{job="node-exporter"}[5m]) <= 0
+        )
+      for: {{ dig "NodeClockSkewDetected" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeClockSkewDetected" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeClockNotSynchronising | default false) }}
+    - alert: NodeClockNotSynchronising
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Clock at {{`{{`}} $labels.instance {{`}}`}} is not synchronising. Ensure NTP is configured on this host.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodeclocknotsynchronising
+        summary: Clock not synchronising.
+      expr: |-
+        min_over_time(node_timex_sync_status{job="node-exporter"}[5m]) == 0
+        and
+        node_timex_maxerror_seconds{job="node-exporter"} >= 16
+      for: {{ dig "NodeClockNotSynchronising" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeClockNotSynchronising" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeRAIDDegraded | default false) }}
+    - alert: NodeRAIDDegraded
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: RAID array '{{`{{`}} $labels.device {{`}}`}}' at {{`{{`}} $labels.instance {{`}}`}} is in degraded state due to one or more disks failures. Number of spare drives is insufficient to fix issue automatically.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/noderaiddegraded
+        summary: RAID Array is degraded.
+      expr: node_md_disks_required{job="node-exporter",device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"} - ignoring (state) (node_md_disks{state="active",job="node-exporter",device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"}) > 0
+      for: {{ dig "NodeRAIDDegraded" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeRAIDDegraded" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeRAIDDiskFailure | default false) }}
+    - alert: NodeRAIDDiskFailure
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: At least one device in RAID array at {{`{{`}} $labels.instance {{`}}`}} failed. Array '{{`{{`}} $labels.device {{`}}`}}' needs attention and possibly a disk swap.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/noderaiddiskfailure
+        summary: Failed device in RAID array.
+      expr: node_md_disks{state="failed",job="node-exporter",device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"} > 0
+      labels:
+        severity: {{ dig "NodeRAIDDiskFailure" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFileDescriptorLimit | default false) }}
+    - alert: NodeFileDescriptorLimit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: File descriptors limit at {{`{{`}} $labels.instance {{`}}`}} is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}%.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefiledescriptorlimit
+        summary: Kernel is predicted to exhaust file descriptors limit soon.
+      expr: |-
+        (
+          node_filefd_allocated{job="node-exporter"} * 100 / node_filefd_maximum{job="node-exporter"} > 70
+        )
+      for: {{ dig "NodeFileDescriptorLimit" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFileDescriptorLimit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeFileDescriptorLimit | default false) }}
+    - alert: NodeFileDescriptorLimit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: File descriptors limit at {{`{{`}} $labels.instance {{`}}`}} is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}%.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodefiledescriptorlimit
+        summary: Kernel is predicted to exhaust file descriptors limit soon.
+      expr: |-
+        (
+          node_filefd_allocated{job="node-exporter"} * 100 / node_filefd_maximum{job="node-exporter"} > 90
+        )
+      for: {{ dig "NodeFileDescriptorLimit" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeFileDescriptorLimit" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeCPUHighUsage | default false) }}
+    - alert: NodeCPUHighUsage
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: 'CPU usage at {{`{{`}} $labels.instance {{`}}`}} has been above 90% for the last 15 minutes, is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}%.
+
+          '
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodecpuhighusage
+        summary: High CPU usage.
+      expr: sum without(mode) (avg without (cpu) (rate(node_cpu_seconds_total{job="node-exporter", mode!="idle"}[2m]))) * 100 > 90
+      for: {{ dig "NodeCPUHighUsage" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeCPUHighUsage" "severity" "info" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeSystemSaturation | default false) }}
+    - alert: NodeSystemSaturation
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: 'System load per core at {{`{{`}} $labels.instance {{`}}`}} has been above 2 for the last 15 minutes, is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}.
+
+          This might indicate this instance resources saturation and can cause it becoming unresponsive.
+
+          '
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodesystemsaturation
+        summary: System saturated, load per core is very high.
+      expr: |-
+        node_load1{job="node-exporter"}
+        / count without (cpu, mode) (node_cpu_seconds_total{job="node-exporter", mode="idle"}) > 2
+      for: {{ dig "NodeSystemSaturation" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeSystemSaturation" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeMemoryMajorPagesFaults | default false) }}
+    - alert: NodeMemoryMajorPagesFaults
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: 'Memory major pages are occurring at very high rate at {{`{{`}} $labels.instance {{`}}`}}, 500 major page faults per second for the last 15 minutes, is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}.
+
+          Please check that there is enough memory available at this instance.
+
+          '
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodememorymajorpagesfaults
+        summary: Memory major page faults are occurring at very high rate.
+      expr: rate(node_vmstat_pgmajfault{job="node-exporter"}[5m]) > 500
+      for: {{ dig "NodeMemoryMajorPagesFaults" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeMemoryMajorPagesFaults" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeMemoryHighUtilization | default false) }}
+    - alert: NodeMemoryHighUtilization
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: 'Memory is filling up at {{`{{`}} $labels.instance {{`}}`}}, has been above 90% for the last 15 minutes, is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}%.
+
+          '
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodememoryhighutilization
+        summary: Host is running out of memory.
+      expr: 100 - (node_memory_MemAvailable_bytes{job="node-exporter"} / node_memory_MemTotal_bytes{job="node-exporter"} * 100) > 90
+      for: {{ dig "NodeMemoryHighUtilization" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeMemoryHighUtilization" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeDiskIOSaturation | default false) }}
+    - alert: NodeDiskIOSaturation
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: 'Disk IO queue (aqu-sq) is high on {{`{{`}} $labels.device {{`}}`}} at {{`{{`}} $labels.instance {{`}}`}}, has been above 10 for the last 30 minutes, is currently at {{`{{`}} printf "%.2f" $value {{`}}`}}.
+
+          This symptom might indicate disk saturation.
+
+          '
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodediskiosaturation
+        summary: Disk IO queue is high.
+      expr: rate(node_disk_io_time_weighted_seconds_total{job="node-exporter", device=~"(/dev/)?(mmcblk.p.+|nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+|md.+|dasd.+)"}[5m]) > 10
+      for: {{ dig "NodeDiskIOSaturation" "for" "30m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeDiskIOSaturation" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeSystemdServiceFailed | default false) }}
+    - alert: NodeSystemdServiceFailed
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Systemd service {{`{{`}} $labels.name {{`}}`}} has entered failed state at {{`{{`}} $labels.instance {{`}}`}}
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodesystemdservicefailed
+        summary: Systemd service has entered failed state.
+      expr: node_systemd_unit_state{job="node-exporter", state="failed"} == 1
+      for: {{ dig "NodeSystemdServiceFailed" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeSystemdServiceFailed" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.NodeBondingDegraded | default false) }}
+    - alert: NodeBondingDegraded
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.nodeExporterAlerting | indent 8 }}
+{{- end }}
+        description: Bonding interface {{`{{`}} $labels.master {{`}}`}} on {{`{{`}} $labels.instance {{`}}`}} is in degraded state due to one or more slave failures.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/node/nodebondingdegraded
+        summary: Bonding interface is degraded
+      expr: (node_bonding_slaves - node_bonding_active) != 0
+      for: {{ dig "NodeBondingDegraded" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeBondingDegraded" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.nodeExporterAlerting }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/node-network.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/node-network.yaml
new file mode 100644
index 0000000000..8dc60ef66b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/node-network.yaml
@@ -0,0 +1,55 @@
+{{- /*
+Generated from 'node-network' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubePrometheus-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.network }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "node-network" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: node-network
+    rules:
+{{- if not (.Values.defaultRules.disabled.NodeNetworkInterfaceFlapping | default false) }}
+    - alert: NodeNetworkInterfaceFlapping
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.network }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.network | indent 8 }}
+{{- end }}
+        description: Network interface "{{`{{`}} $labels.device {{`}}`}}" changing its up status often on node-exporter {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}}
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/general/nodenetworkinterfaceflapping
+        summary: Network interface is often changing its status
+      expr: changes(node_network_up{job="node-exporter",device!~"veth.+"}[2m]) > 2
+      for: {{ dig "NodeNetworkInterfaceFlapping" "for" "2m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "NodeNetworkInterfaceFlapping" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.network }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.network }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/node.rules.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/node.rules.yaml
new file mode 100644
index 0000000000..e2911b905e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/node.rules.yaml
@@ -0,0 +1,109 @@
+{{- /*
+Generated from 'node.rules' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/kubernetesControlPlane-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.node }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "node.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: node.rules
+    rules:
+    - expr: |-
+        topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) (1,
+          max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, node, namespace, pod) (
+            label_replace(kube_pod_info{job="{{ $kubeStateMetricsJob }}",node!=""}, "pod", "$1", "pod", "(.*)")
+        ))
+      record: 'node_namespace_pod:kube_pod_info:'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.node }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.node }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, node) (
+          node_cpu_seconds_total{mode="idle",job="node-exporter"}
+          * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) group_left(node)
+          topk by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod) (1, node_namespace_pod:kube_pod_info:)
+        )
+      record: node:node_num_cpu:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.node }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.node }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum(
+          node_memory_MemAvailable_bytes{job="node-exporter"} or
+          (
+            node_memory_Buffers_bytes{job="node-exporter"} +
+            node_memory_Cached_bytes{job="node-exporter"} +
+            node_memory_MemFree_bytes{job="node-exporter"} +
+            node_memory_Slab_bytes{job="node-exporter"}
+          )
+        ) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster)
+      record: :node_memory_MemAvailable_bytes:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.node }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.node }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        avg by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, node) (
+          sum without (mode) (
+            rate(node_cpu_seconds_total{mode!="idle",mode!="iowait",mode!="steal",job="node-exporter"}[5m])
+          )
+        )
+      record: node:node_cpu_utilization:ratio_rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.node }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.node }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        avg by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (
+          node:node_cpu_utilization:ratio_rate5m
+        )
+      record: cluster:node_cpu:ratio_rate5m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.node }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.node }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/prometheus-operator.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/prometheus-operator.yaml
new file mode 100644
index 0000000000..1f288dffe3
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/prometheus-operator.yaml
@@ -0,0 +1,253 @@
+{{- /*
+Generated from 'prometheus-operator' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/prometheusOperator-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.prometheusOperator }}
+{{- $operatorJob := printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "operator" }}
+{{- $namespace := printf "%s" (include "kube-prometheus-stack.namespace" .) }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "prometheus-operator" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: prometheus-operator
+    rules:
+{{- if not (.Values.defaultRules.disabled.PrometheusOperatorListErrors | default false) }}
+    - alert: PrometheusOperatorListErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator | indent 8 }}
+{{- end }}
+        description: Errors while performing List operations in controller {{`{{`}}$labels.controller{{`}}`}} in {{`{{`}}$labels.namespace{{`}}`}} namespace.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/prometheusoperatorlisterrors
+        summary: Errors while performing list operations in controller.
+      expr: (sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (rate(prometheus_operator_list_operations_failed_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[10m])) / sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (rate(prometheus_operator_list_operations_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[10m]))) > 0.4
+      for: {{ dig "PrometheusOperatorListErrors" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOperatorListErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusOperatorWatchErrors | default false) }}
+    - alert: PrometheusOperatorWatchErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator | indent 8 }}
+{{- end }}
+        description: Errors while performing watch operations in controller {{`{{`}}$labels.controller{{`}}`}} in {{`{{`}}$labels.namespace{{`}}`}} namespace.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/prometheusoperatorwatcherrors
+        summary: Errors while performing watch operations in controller.
+      expr: (sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (rate(prometheus_operator_watch_operations_failed_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m])) / sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (rate(prometheus_operator_watch_operations_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]))) > 0.4
+      for: {{ dig "PrometheusOperatorWatchErrors" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOperatorWatchErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusOperatorSyncFailed | default false) }}
+    - alert: PrometheusOperatorSyncFailed
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator | indent 8 }}
+{{- end }}
+        description: Controller {{`{{`}} $labels.controller {{`}}`}} in {{`{{`}} $labels.namespace {{`}}`}} namespace fails to reconcile {{`{{`}} $value {{`}}`}} objects.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/prometheusoperatorsyncfailed
+        summary: Last controller reconciliation failed
+      expr: min_over_time(prometheus_operator_syncs{status="failed",job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusOperatorSyncFailed" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOperatorSyncFailed" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusOperatorReconcileErrors | default false) }}
+    - alert: PrometheusOperatorReconcileErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $value | humanizePercentage {{`}}`}} of reconciling operations failed for {{`{{`}} $labels.controller {{`}}`}} controller in {{`{{`}} $labels.namespace {{`}}`}} namespace.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/prometheusoperatorreconcileerrors
+        summary: Errors while reconciling objects.
+      expr: (sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (rate(prometheus_operator_reconcile_errors_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]))) / (sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (rate(prometheus_operator_reconcile_operations_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]))) > 0.1
+      for: {{ dig "PrometheusOperatorReconcileErrors" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOperatorReconcileErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusOperatorStatusUpdateErrors | default false) }}
+    - alert: PrometheusOperatorStatusUpdateErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} $value | humanizePercentage {{`}}`}} of status update operations failed for {{`{{`}} $labels.controller {{`}}`}} controller in {{`{{`}} $labels.namespace {{`}}`}} namespace.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/prometheusoperatorstatusupdateerrors
+        summary: Errors while updating objects status.
+      expr: (sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (rate(prometheus_operator_status_update_errors_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]))) / (sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (rate(prometheus_operator_status_update_operations_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]))) > 0.1
+      for: {{ dig "PrometheusOperatorStatusUpdateErrors" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOperatorStatusUpdateErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusOperatorNodeLookupErrors | default false) }}
+    - alert: PrometheusOperatorNodeLookupErrors
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator | indent 8 }}
+{{- end }}
+        description: Errors while reconciling Prometheus in {{`{{`}} $labels.namespace {{`}}`}} Namespace.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/prometheusoperatornodelookuperrors
+        summary: Errors while reconciling Prometheus.
+      expr: rate(prometheus_operator_node_address_lookup_errors_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]) > 0.1
+      for: {{ dig "PrometheusOperatorNodeLookupErrors" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOperatorNodeLookupErrors" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusOperatorNotReady | default false) }}
+    - alert: PrometheusOperatorNotReady
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator | indent 8 }}
+{{- end }}
+        description: Prometheus operator in {{`{{`}} $labels.namespace {{`}}`}} namespace isn't ready to reconcile {{`{{`}} $labels.controller {{`}}`}} resources.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/prometheusoperatornotready
+        summary: Prometheus operator not ready
+      expr: min by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,controller,namespace) (max_over_time(prometheus_operator_ready{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]) == 0)
+      for: {{ dig "PrometheusOperatorNotReady" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOperatorNotReady" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusOperatorRejectedResources | default false) }}
+    - alert: PrometheusOperatorRejectedResources
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheusOperator | indent 8 }}
+{{- end }}
+        description: Prometheus operator in {{`{{`}} $labels.namespace {{`}}`}} namespace rejected {{`{{`}} printf "%0.0f" $value {{`}}`}} {{`{{`}} $labels.controller {{`}}`}}/{{`{{`}} $labels.resource {{`}}`}} resources.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus-operator/prometheusoperatorrejectedresources
+        summary: Resources rejected by Prometheus operator
+      expr: min_over_time(prometheus_operator_managed_resources{state="rejected",job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusOperatorRejectedResources" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOperatorRejectedResources" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheusOperator }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/prometheus.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/prometheus.yaml
new file mode 100644
index 0000000000..9dfeb1f9db
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/prometheus.yaml
@@ -0,0 +1,707 @@
+{{- /*
+Generated from 'prometheus' group from https://raw.githubusercontent.com/prometheus-operator/kube-prometheus/a8ba97a150c75be42010c75d10b720c55e182f1a/manifests/prometheus-prometheusRule.yaml
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.prometheus }}
+{{- $prometheusJob := printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "prometheus" }}
+{{- $namespace := printf "%s" (include "kube-prometheus-stack.namespace" .) }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "prometheus" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: prometheus
+    rules:
+{{- if not (.Values.defaultRules.disabled.PrometheusBadConfig | default false) }}
+    - alert: PrometheusBadConfig
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has failed to reload its configuration.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusbadconfig
+        summary: Failed Prometheus configuration reload.
+      expr: |-
+        # Without max_over_time, failed scrapes could create false negatives, see
+        # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details.
+        max_over_time(prometheus_config_last_reload_successful{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) == 0
+      for: {{ dig "PrometheusBadConfig" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusBadConfig" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusSDRefreshFailure | default false) }}
+    - alert: PrometheusSDRefreshFailure
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has failed to refresh SD with mechanism {{`{{`}}$labels.mechanism{{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheussdrefreshfailure
+        summary: Failed Prometheus SD refresh.
+      expr: increase(prometheus_sd_refresh_failures_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[10m]) > 0
+      for: {{ dig "PrometheusSDRefreshFailure" "for" "20m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusSDRefreshFailure" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusNotificationQueueRunningFull | default false) }}
+    - alert: PrometheusNotificationQueueRunningFull
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Alert notification queue of Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} is running full.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusnotificationqueuerunningfull
+        summary: Prometheus alert notification queue predicted to run full in less than 30m.
+      expr: |-
+        # Without min_over_time, failed scrapes could create false negatives, see
+        # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details.
+        (
+          predict_linear(prometheus_notifications_queue_length{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m], 60 * 30)
+        >
+          min_over_time(prometheus_notifications_queue_capacity{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m])
+        )
+      for: {{ dig "PrometheusNotificationQueueRunningFull" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusNotificationQueueRunningFull" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusErrorSendingAlertsToSomeAlertmanagers | default false) }}
+    - alert: PrometheusErrorSendingAlertsToSomeAlertmanagers
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} printf "%.1f" $value {{`}}`}}% errors while sending alerts from Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} to Alertmanager {{`{{`}}$labels.alertmanager{{`}}`}}.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheuserrorsendingalertstosomealertmanagers
+        summary: Prometheus has encountered more than 1% errors sending alerts to a specific Alertmanager.
+      expr: |-
+        (
+          rate(prometheus_notifications_errors_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m])
+        /
+          rate(prometheus_notifications_sent_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m])
+        )
+        * 100
+        > 1
+      for: {{ dig "PrometheusErrorSendingAlertsToSomeAlertmanagers" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusErrorSendingAlertsToSomeAlertmanagers" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusNotConnectedToAlertmanagers | default false) }}
+    - alert: PrometheusNotConnectedToAlertmanagers
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} is not connected to any Alertmanagers.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusnotconnectedtoalertmanagers
+        summary: Prometheus is not connected to any Alertmanagers.
+      expr: |-
+        # Without max_over_time, failed scrapes could create false negatives, see
+        # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details.
+        max_over_time(prometheus_notifications_alertmanagers_discovered{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) < 1
+      for: {{ dig "PrometheusNotConnectedToAlertmanagers" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusNotConnectedToAlertmanagers" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusTSDBReloadsFailing | default false) }}
+    - alert: PrometheusTSDBReloadsFailing
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has detected {{`{{`}}$value | humanize{{`}}`}} reload failures over the last 3h.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheustsdbreloadsfailing
+        summary: Prometheus has issues reloading blocks from disk.
+      expr: increase(prometheus_tsdb_reloads_failures_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[3h]) > 0
+      for: {{ dig "PrometheusTSDBReloadsFailing" "for" "4h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusTSDBReloadsFailing" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusTSDBCompactionsFailing | default false) }}
+    - alert: PrometheusTSDBCompactionsFailing
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has detected {{`{{`}}$value | humanize{{`}}`}} compaction failures over the last 3h.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheustsdbcompactionsfailing
+        summary: Prometheus has issues compacting blocks.
+      expr: increase(prometheus_tsdb_compactions_failed_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[3h]) > 0
+      for: {{ dig "PrometheusTSDBCompactionsFailing" "for" "4h" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusTSDBCompactionsFailing" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusNotIngestingSamples | default false) }}
+    - alert: PrometheusNotIngestingSamples
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} is not ingesting samples.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusnotingestingsamples
+        summary: Prometheus is not ingesting samples.
+      expr: |-
+        (
+          sum without(type) (rate(prometheus_tsdb_head_samples_appended_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m])) <= 0
+        and
+          (
+            sum without(scrape_job) (prometheus_target_metadata_cache_entries{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}) > 0
+          or
+            sum without(rule_group) (prometheus_rule_group_rules{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}) > 0
+          )
+        )
+      for: {{ dig "PrometheusNotIngestingSamples" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusNotIngestingSamples" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusDuplicateTimestamps | default false) }}
+    - alert: PrometheusDuplicateTimestamps
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} is dropping {{`{{`}} printf "%.4g" $value  {{`}}`}} samples/s with different values but duplicated timestamp.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusduplicatetimestamps
+        summary: Prometheus is dropping samples with duplicate timestamps.
+      expr: rate(prometheus_target_scrapes_sample_duplicate_timestamp_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusDuplicateTimestamps" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusDuplicateTimestamps" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusOutOfOrderTimestamps | default false) }}
+    - alert: PrometheusOutOfOrderTimestamps
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} is dropping {{`{{`}} printf "%.4g" $value  {{`}}`}} samples/s with timestamps arriving out of order.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusoutofordertimestamps
+        summary: Prometheus drops samples with out-of-order timestamps.
+      expr: rate(prometheus_target_scrapes_sample_out_of_order_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusOutOfOrderTimestamps" "for" "10m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusOutOfOrderTimestamps" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusRemoteStorageFailures | default false) }}
+    - alert: PrometheusRemoteStorageFailures
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} failed to send {{`{{`}} printf "%.1f" $value {{`}}`}}% of the samples to {{`{{`}} $labels.remote_name{{`}}`}}:{{`{{`}} $labels.url {{`}}`}}
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusremotestoragefailures
+        summary: Prometheus fails to send samples to remote storage.
+      expr: |-
+        (
+          (rate(prometheus_remote_storage_failed_samples_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) or rate(prometheus_remote_storage_samples_failed_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]))
+        /
+          (
+            (rate(prometheus_remote_storage_failed_samples_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) or rate(prometheus_remote_storage_samples_failed_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]))
+          +
+            (rate(prometheus_remote_storage_succeeded_samples_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) or rate(prometheus_remote_storage_samples_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]))
+          )
+        )
+        * 100
+        > 1
+      for: {{ dig "PrometheusRemoteStorageFailures" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusRemoteStorageFailures" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusRemoteWriteBehind | default false) }}
+    - alert: PrometheusRemoteWriteBehind
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} remote write is {{`{{`}} printf "%.1f" $value {{`}}`}}s behind for {{`{{`}} $labels.remote_name{{`}}`}}:{{`{{`}} $labels.url {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusremotewritebehind
+        summary: Prometheus remote write is behind.
+      expr: |-
+        # Without max_over_time, failed scrapes could create false negatives, see
+        # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details.
+        (
+          max_over_time(prometheus_remote_storage_highest_timestamp_in_seconds{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m])
+        - ignoring(remote_name, url) group_right
+          max_over_time(prometheus_remote_storage_queue_highest_sent_timestamp_seconds{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m])
+        )
+        > 120
+      for: {{ dig "PrometheusRemoteWriteBehind" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusRemoteWriteBehind" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusRemoteWriteDesiredShards | default false) }}
+    - alert: PrometheusRemoteWriteDesiredShards
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} remote write desired shards calculation wants to run {{`{{`}} $value {{`}}`}} shards for queue {{`{{`}} $labels.remote_name{{`}}`}}:{{`{{`}} $labels.url {{`}}`}}, which is more than the max of {{`{{`}} printf `prometheus_remote_storage_shards_max{instance="%s",job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}` $labels.instance | query | first | value {{`}}`}}.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusremotewritedesiredshards
+        summary: Prometheus remote write desired shards calculation wants to run more than configured max shards.
+      expr: |-
+        # Without max_over_time, failed scrapes could create false negatives, see
+        # https://www.robustperception.io/alerting-on-gauges-in-prometheus-2-0 for details.
+        (
+          max_over_time(prometheus_remote_storage_shards_desired{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m])
+        >
+          max_over_time(prometheus_remote_storage_shards_max{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m])
+        )
+      for: {{ dig "PrometheusRemoteWriteDesiredShards" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusRemoteWriteDesiredShards" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusRuleFailures | default false) }}
+    - alert: PrometheusRuleFailures
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has failed to evaluate {{`{{`}} printf "%.0f" $value {{`}}`}} rules in the last 5m.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusrulefailures
+        summary: Prometheus is failing rule evaluations.
+      expr: increase(prometheus_rule_evaluation_failures_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusRuleFailures" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusRuleFailures" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusMissingRuleEvaluations | default false) }}
+    - alert: PrometheusMissingRuleEvaluations
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has missed {{`{{`}} printf "%.0f" $value {{`}}`}} rule group evaluations in the last 5m.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusmissingruleevaluations
+        summary: Prometheus is missing rule evaluations due to slow rule group evaluation.
+      expr: increase(prometheus_rule_group_iterations_missed_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusMissingRuleEvaluations" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusMissingRuleEvaluations" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusTargetLimitHit | default false) }}
+    - alert: PrometheusTargetLimitHit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has dropped {{`{{`}} printf "%.0f" $value {{`}}`}} targets because the number of targets exceeded the configured target_limit.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheustargetlimithit
+        summary: Prometheus has dropped targets because some scrape configs have exceeded the targets limit.
+      expr: increase(prometheus_target_scrape_pool_exceeded_target_limit_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusTargetLimitHit" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusTargetLimitHit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusLabelLimitHit | default false) }}
+    - alert: PrometheusLabelLimitHit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has dropped {{`{{`}} printf "%.0f" $value {{`}}`}} targets because some samples exceeded the configured label_limit, label_name_length_limit or label_value_length_limit.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheuslabellimithit
+        summary: Prometheus has dropped targets because some scrape configs have exceeded the labels limit.
+      expr: increase(prometheus_target_scrape_pool_exceeded_label_limits_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusLabelLimitHit" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusLabelLimitHit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusScrapeBodySizeLimitHit | default false) }}
+    - alert: PrometheusScrapeBodySizeLimitHit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has failed {{`{{`}} printf "%.0f" $value {{`}}`}} scrapes in the last 5m because some targets exceeded the configured body_size_limit.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusscrapebodysizelimithit
+        summary: Prometheus has dropped some targets that exceeded body size limit.
+      expr: increase(prometheus_target_scrapes_exceeded_body_size_limit_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusScrapeBodySizeLimitHit" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusScrapeBodySizeLimitHit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusScrapeSampleLimitHit | default false) }}
+    - alert: PrometheusScrapeSampleLimitHit
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has failed {{`{{`}} printf "%.0f" $value {{`}}`}} scrapes in the last 5m because some targets exceeded the configured sample_limit.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheusscrapesamplelimithit
+        summary: Prometheus has failed scrapes that have exceeded the configured sample limit.
+      expr: increase(prometheus_target_scrapes_exceeded_sample_limit_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0
+      for: {{ dig "PrometheusScrapeSampleLimitHit" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusScrapeSampleLimitHit" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusTargetSyncFailure | default false) }}
+    - alert: PrometheusTargetSyncFailure
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} printf "%.0f" $value {{`}}`}} targets in Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} have failed to sync because invalid configuration was supplied.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheustargetsyncfailure
+        summary: Prometheus has failed to sync targets.
+      expr: increase(prometheus_target_sync_failed_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[30m]) > 0
+      for: {{ dig "PrometheusTargetSyncFailure" "for" "5m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusTargetSyncFailure" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusHighQueryLoad | default false) }}
+    - alert: PrometheusHighQueryLoad
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} query API has less than 20% available capacity in its query engine for the last 15 minutes.
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheushighqueryload
+        summary: Prometheus is reaching its maximum capacity serving concurrent requests.
+      expr: avg_over_time(prometheus_engine_queries{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) / max_over_time(prometheus_engine_queries_concurrent_max{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0.8
+      for: {{ dig "PrometheusHighQueryLoad" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusHighQueryLoad" "severity" "warning" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- if not (.Values.defaultRules.disabled.PrometheusErrorSendingAlertsToAnyAlertmanager | default false) }}
+    - alert: PrometheusErrorSendingAlertsToAnyAlertmanager
+      annotations:
+{{- if .Values.defaultRules.additionalRuleAnnotations }}
+{{ toYaml .Values.defaultRules.additionalRuleAnnotations | indent 8 }}
+{{- end }}
+{{- if .Values.defaultRules.additionalRuleGroupAnnotations.prometheus }}
+{{ toYaml .Values.defaultRules.additionalRuleGroupAnnotations.prometheus | indent 8 }}
+{{- end }}
+        description: '{{`{{`}} printf "%.1f" $value {{`}}`}}% minimum errors while sending alerts from Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} to any Alertmanager.'
+        runbook_url: {{ .Values.defaultRules.runbookUrl }}/prometheus/prometheuserrorsendingalertstoanyalertmanager
+        summary: Prometheus encounters more than 3% errors sending alerts to any Alertmanager.
+      expr: |-
+        min without (alertmanager) (
+          rate(prometheus_notifications_errors_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}",alertmanager!~``}[5m])
+        /
+          rate(prometheus_notifications_sent_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}",alertmanager!~``}[5m])
+        )
+        * 100
+        > 3
+      for: {{ dig "PrometheusErrorSendingAlertsToAnyAlertmanager" "for" "15m" .Values.customRules }}
+      {{- with .Values.defaultRules.keepFiringFor }}
+      keep_firing_for: "{{ . }}"
+      {{- end }}
+      labels:
+        severity: {{ dig "PrometheusErrorSendingAlertsToAnyAlertmanager" "severity" "critical" .Values.customRules }}
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.prometheus }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/windows.node.rules.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/windows.node.rules.yaml
new file mode 100644
index 0000000000..7c25553861
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/windows.node.rules.yaml
@@ -0,0 +1,301 @@
+{{- /*
+Generated from 'windows.node.rules' group from https://github.com/kubernetes-monitoring/kubernetes-mixin.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.windowsMonitoring.enabled .Values.defaultRules.rules.windows }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "windows.node.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: windows.node.rules
+    rules:
+    - expr: |-
+        count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (
+          windows_system_system_up_time{job="windows-exporter"}
+        )
+      record: node:windows_node:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        count by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) (sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance, core) (
+          windows_cpu_time_total{job="windows-exporter"}
+        ))
+      record: node:windows_node_num_cpu:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: 1 - avg by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (rate(windows_cpu_time_total{job="windows-exporter",mode="idle"}[1m]))
+      record: :windows_node_cpu_utilisation:avg1m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        1 - avg by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) (
+          rate(windows_cpu_time_total{job="windows-exporter",mode="idle"}[1m])
+        )
+      record: node:windows_node_cpu_utilisation:avg1m
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        1 -
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (windows_memory_available_bytes{job="windows-exporter"})
+        /
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (windows_os_visible_memory_bytes{job="windows-exporter"})
+      record: ':windows_node_memory_utilisation:'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (windows_memory_available_bytes{job="windows-exporter"} + windows_memory_cache_bytes{job="windows-exporter"})
+      record: :windows_node_memory_MemFreeCached_bytes:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: (windows_memory_cache_bytes{job="windows-exporter"} + windows_memory_modified_page_list_bytes{job="windows-exporter"} + windows_memory_standby_cache_core_bytes{job="windows-exporter"} + windows_memory_standby_cache_normal_priority_bytes{job="windows-exporter"} + windows_memory_standby_cache_reserve_bytes{job="windows-exporter"})
+      record: node:windows_node_memory_totalCached_bytes:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (windows_os_visible_memory_bytes{job="windows-exporter"})
+      record: :windows_node_memory_MemTotal_bytes:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) (
+          (windows_memory_available_bytes{job="windows-exporter"})
+        )
+      record: node:windows_node_memory_bytes_available:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) (
+          windows_os_visible_memory_bytes{job="windows-exporter"}
+        )
+      record: node:windows_node_memory_bytes_total:sum
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        (node:windows_node_memory_bytes_total:sum - node:windows_node_memory_bytes_available:sum)
+        /
+        scalar(sum(node:windows_node_memory_bytes_total:sum))
+      record: node:windows_node_memory_utilisation:ratio
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: 1 - (node:windows_node_memory_bytes_available:sum / node:windows_node_memory_bytes_total:sum)
+      record: 'node:windows_node_memory_utilisation:'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: irate(windows_memory_swap_page_operations_total{job="windows-exporter"}[5m])
+      record: node:windows_node_memory_swap_io_pages:irate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        avg by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (irate(windows_logical_disk_read_seconds_total{job="windows-exporter"}[1m]) +
+            irate(windows_logical_disk_write_seconds_total{job="windows-exporter"}[1m])
+          )
+      record: :windows_node_disk_utilisation:avg_irate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        avg by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) (
+          (irate(windows_logical_disk_read_seconds_total{job="windows-exporter"}[1m]) +
+           irate(windows_logical_disk_write_seconds_total{job="windows-exporter"}[1m]))
+        )
+      record: node:windows_node_disk_utilisation:avg_irate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster,instance,volume)(
+          (windows_logical_disk_size_bytes{job="windows-exporter"}
+        - windows_logical_disk_free_bytes{job="windows-exporter"})
+        / windows_logical_disk_size_bytes{job="windows-exporter"}
+        )
+      record: 'node:windows_node_filesystem_usage:'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance, volume) (windows_logical_disk_free_bytes{job="windows-exporter"} / windows_logical_disk_size_bytes{job="windows-exporter"})
+      record: 'node:windows_node_filesystem_avail:'
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (irate(windows_net_bytes_total{job="windows-exporter"}[1m]))
+      record: :windows_node_net_utilisation:sum_irate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) (
+          (irate(windows_net_bytes_total{job="windows-exporter"}[1m]))
+        )
+      record: node:windows_node_net_utilisation:sum_irate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (irate(windows_net_packets_received_discarded_total{job="windows-exporter"}[1m])) +
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster) (irate(windows_net_packets_outbound_discarded_total{job="windows-exporter"}[1m]))
+      record: :windows_node_net_saturation:sum_irate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, instance) (
+          (irate(windows_net_packets_received_discarded_total{job="windows-exporter"}[1m]) +
+          irate(windows_net_packets_outbound_discarded_total{job="windows-exporter"}[1m]))
+        )
+      record: node:windows_node_net_saturation:sum_irate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/windows.pod.rules.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/windows.pod.rules.yaml
new file mode 100644
index 0000000000..86340b5c05
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/rules-1.14/windows.pod.rules.yaml
@@ -0,0 +1,158 @@
+{{- /*
+Generated from 'windows.pod.rules' group from https://github.com/kubernetes-monitoring/kubernetes-mixin.git
+Do not change in-place! In order to change this file first read following link:
+https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack
+*/ -}}
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if and (semverCompare ">=1.14.0-0" $kubeTargetVersion) (semverCompare "<9.9.9-9" $kubeTargetVersion) .Values.defaultRules.create .Values.windowsMonitoring.enabled .Values.defaultRules.rules.windows }}
+{{- $kubeStateMetricsJob := include "kube-prometheus-stack-kube-state-metrics.name" . }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" .) "windows.pod.rules" | trunc 63 | trimSuffix "-" }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.defaultRules.labels }}
+{{ toYaml .Values.defaultRules.labels | indent 4 }}
+{{- end }}
+{{- if .Values.defaultRules.annotations }}
+  annotations:
+{{ toYaml .Values.defaultRules.annotations | indent 4 }}
+{{- end }}
+spec:
+  groups:
+  - name: windows.pod.rules
+    rules:
+    - expr: windows_container_available{job="windows-exporter", container_id != ""} * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container_id, cluster) group_left(container, pod, namespace) max(kube_pod_container_info{job="{{ $kubeStateMetricsJob }}", container_id != ""}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container, container_id, pod, namespace, cluster)
+      record: windows_pod_container_available
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: windows_container_cpu_usage_seconds_total{job="windows-exporter", container_id != ""} * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container_id, cluster) group_left(container, pod, namespace) max(kube_pod_container_info{job="{{ $kubeStateMetricsJob }}", container_id != ""}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container, container_id, pod, namespace, cluster)
+      record: windows_container_total_runtime
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: windows_container_memory_usage_commit_bytes{job="windows-exporter", container_id != ""} * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container_id, cluster) group_left(container, pod, namespace) max(kube_pod_container_info{job="{{ $kubeStateMetricsJob }}", container_id != ""}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container, container_id, pod, namespace, cluster)
+      record: windows_container_memory_usage
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: windows_container_memory_usage_private_working_set_bytes{job="windows-exporter", container_id != ""} * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container_id, cluster) group_left(container, pod, namespace) max(kube_pod_container_info{job="{{ $kubeStateMetricsJob }}", container_id != ""}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container, container_id, pod, namespace, cluster)
+      record: windows_container_private_working_set_usage
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: windows_container_network_receive_bytes_total{job="windows-exporter", container_id != ""} * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container_id, cluster) group_left(container, pod, namespace) max(kube_pod_container_info{job="{{ $kubeStateMetricsJob }}", container_id != ""}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container, container_id, pod, namespace, cluster)
+      record: windows_container_network_received_bytes_total
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: windows_container_network_transmit_bytes_total{job="windows-exporter", container_id != ""} * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container_id, cluster) group_left(container, pod, namespace) max(kube_pod_container_info{job="{{ $kubeStateMetricsJob }}", container_id != ""}) by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container, container_id, pod, namespace, cluster)
+      record: windows_container_network_transmitted_bytes_total
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, container) (
+          kube_pod_container_resource_requests{resource="memory",job="{{ $kubeStateMetricsJob }}"}
+        ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container,pod,namespace,cluster) (windows_pod_container_available)
+      record: kube_pod_windows_container_resource_memory_request
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: kube_pod_container_resource_limits{resource="memory",job="{{ $kubeStateMetricsJob }}"} * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container,pod,namespace,cluster) (windows_pod_container_available)
+      record: kube_pod_windows_container_resource_memory_limit
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        max by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, container) (
+          kube_pod_container_resource_requests{resource="cpu",job="{{ $kubeStateMetricsJob }}"}
+        ) * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container,pod,namespace,cluster) (windows_pod_container_available)
+      record: kube_pod_windows_container_resource_cpu_cores_request
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: kube_pod_container_resource_limits{resource="cpu",job="{{ $kubeStateMetricsJob }}"} * on ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}container,pod,namespace,cluster) (windows_pod_container_available)
+      record: kube_pod_windows_container_resource_cpu_cores_limit
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+    - expr: |-
+        sum by ({{ range $.Values.defaultRules.additionalAggregationLabels }}{{ . }},{{ end }}cluster, namespace, pod, container) (
+          rate(windows_container_total_runtime{}[5m])
+        )
+      record: namespace_pod_container:windows_container_cpu_usage_seconds_total:sum_rate
+      {{- if or .Values.defaultRules.additionalRuleLabels .Values.defaultRules.additionalRuleGroupLabels.windows }}
+      labels:
+        {{- with .Values.defaultRules.additionalRuleLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+        {{- with .Values.defaultRules.additionalRuleGroupLabels.windows }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/secret.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/secret.yaml
new file mode 100644
index 0000000000..e4a1e73c7b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/secret.yaml
@@ -0,0 +1,15 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.prometheusSpec.thanos .Values.prometheus.prometheusSpec.thanos.objectStorageConfig}}
+{{- if and .Values.prometheus.prometheusSpec.thanos.objectStorageConfig.secret (not .Values.prometheus.prometheusSpec.thanos.objectStorageConfig.existingSecret) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+    app.kubernetes.io/component: prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+  object-storage-configs.yaml: {{ toYaml .Values.prometheus.prometheusSpec.thanos.objectStorageConfig.secret | b64enc | quote }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/service.yaml
new file mode 100644
index 0000000000..d61b9d6ef3
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/service.yaml
@@ -0,0 +1,80 @@
+{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }}
+{{- if .Values.prometheus.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+    self-monitor: {{ .Values.prometheus.serviceMonitor.selfMonitor | quote }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.prometheus.service.labels }}
+{{ toYaml .Values.prometheus.service.labels | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.service.annotations }}
+  annotations:
+{{ toYaml .Values.prometheus.service.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.prometheus.service.clusterIP }}
+  clusterIP: {{ .Values.prometheus.service.clusterIP }}
+{{- end }}
+{{- if .Values.prometheus.service.externalIPs }}
+  externalIPs:
+{{ toYaml .Values.prometheus.service.externalIPs | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.service.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.prometheus.service.loadBalancerIP }}
+{{- end }}
+{{- if .Values.prometheus.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range $cidr := .Values.prometheus.service.loadBalancerSourceRanges }}
+    - {{ $cidr }}
+  {{- end }}
+{{- end }}
+{{- if ne .Values.prometheus.service.type "ClusterIP" }}
+  externalTrafficPolicy: {{ .Values.prometheus.service.externalTrafficPolicy }}
+{{- end }}
+  ports:
+  - name: {{ .Values.prometheus.prometheusSpec.portName }}
+    {{- if eq .Values.prometheus.service.type "NodePort" }}
+    nodePort: {{ .Values.prometheus.service.nodePort }}
+    {{- end }}
+    port: {{ .Values.prometheus.service.port }}
+    targetPort: {{ .Values.prometheus.service.targetPort }}
+  - name: reloader-web
+    {{- if semverCompare "> 1.20.0-0" $kubeTargetVersion }}
+    appProtocol: http
+    {{- end }}
+    port: {{ .Values.prometheus.service.reloaderWebPort }}
+    targetPort: reloader-web
+  {{- if .Values.prometheus.thanosIngress.enabled }}
+  - name: grpc
+    {{- if eq .Values.prometheus.service.type "NodePort" }}
+    nodePort: {{ .Values.prometheus.thanosIngress.nodePort }}
+    {{- end }}
+    port: {{ .Values.prometheus.thanosIngress.servicePort }}
+    targetPort: {{ .Values.prometheus.thanosIngress.servicePort }}
+  {{- end }}
+{{- if .Values.prometheus.service.additionalPorts }}
+{{ toYaml .Values.prometheus.service.additionalPorts | indent 2 }}
+{{- end }}
+  publishNotReadyAddresses: {{ .Values.prometheus.service.publishNotReadyAddresses }}
+  selector:
+    {{- if .Values.prometheus.agentMode }}
+    app.kubernetes.io/name: prometheus-agent
+    {{- else }}
+    app.kubernetes.io/name: prometheus
+    {{- end }}
+    operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
+{{- if .Values.prometheus.service.sessionAffinity }}
+  sessionAffinity: {{ .Values.prometheus.service.sessionAffinity }}
+{{- end }}
+{{- if eq .Values.prometheus.service.sessionAffinity "ClientIP" }}
+  sessionAffinityConfig:
+    clientIP:
+      timeoutSeconds: {{ .Values.prometheus.service.sessionAffinityConfig.clientIP.timeoutSeconds }}
+{{- end }}
+  type: "{{ .Values.prometheus.service.type }}"
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/serviceThanosSidecar.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/serviceThanosSidecar.yaml
new file mode 100644
index 0000000000..15b89c8c23
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/serviceThanosSidecar.yaml
@@ -0,0 +1,39 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.thanosService.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-thanos-discovery
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-thanos-discovery
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.prometheus.thanosService.labels }}
+{{ toYaml .Values.prometheus.thanosService.labels | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.thanosService.annotations }}
+  annotations:
+{{ toYaml .Values.prometheus.thanosService.annotations | indent 4 }}
+{{- end }}
+spec:
+  type: {{ .Values.prometheus.thanosService.type }}
+  clusterIP: {{ .Values.prometheus.thanosService.clusterIP }}
+{{- if ne .Values.prometheus.thanosService.type "ClusterIP" }}
+  externalTrafficPolicy: {{ .Values.prometheus.thanosService.externalTrafficPolicy }}
+{{- end }}
+  ports:
+  - name: {{ .Values.prometheus.thanosService.portName }}
+    port: {{ .Values.prometheus.thanosService.port }}
+    targetPort: {{ .Values.prometheus.thanosService.targetPort }}
+    {{- if eq .Values.prometheus.thanosService.type "NodePort" }}
+    nodePort: {{ .Values.prometheus.thanosService.nodePort }}
+    {{- end }}
+  - name: {{ .Values.prometheus.thanosService.httpPortName }}
+    port: {{ .Values.prometheus.thanosService.httpPort }}
+    targetPort: {{ .Values.prometheus.thanosService.targetHttpPort }}
+    {{- if eq .Values.prometheus.thanosService.type "NodePort" }}
+    nodePort: {{ .Values.prometheus.thanosService.httpNodePort }}
+    {{- end }}
+  selector:
+    app.kubernetes.io/name: prometheus
+    operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/serviceThanosSidecarExternal.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/serviceThanosSidecarExternal.yaml
new file mode 100644
index 0000000000..453eed7f1b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/serviceThanosSidecarExternal.yaml
@@ -0,0 +1,46 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.thanosServiceExternal.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-thanos-external
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.prometheus.thanosServiceExternal.labels }}
+{{ toYaml .Values.prometheus.thanosServiceExternal.labels | indent 4 }}
+{{- end }}
+{{- if .Values.prometheus.thanosServiceExternal.annotations }}
+  annotations:
+{{ toYaml .Values.prometheus.thanosServiceExternal.annotations | indent 4 }}
+{{- end }}
+spec:
+  type: {{ .Values.prometheus.thanosServiceExternal.type }}
+{{- if .Values.prometheus.thanosServiceExternal.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.prometheus.thanosServiceExternal.loadBalancerIP }}
+{{- end }}
+{{- if .Values.prometheus.thanosServiceExternal.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range $cidr := .Values.prometheus.thanosServiceExternal.loadBalancerSourceRanges }}
+    - {{ $cidr }}
+  {{- end }}
+{{- end }}
+{{- if ne .Values.prometheus.thanosServiceExternal.type "ClusterIP" }}
+  externalTrafficPolicy: {{ .Values.prometheus.thanosServiceExternal.externalTrafficPolicy }}
+{{- end }}
+  ports:
+  - name: {{ .Values.prometheus.thanosServiceExternal.portName }}
+    port: {{ .Values.prometheus.thanosServiceExternal.port }}
+    targetPort: {{ .Values.prometheus.thanosServiceExternal.targetPort }}
+    {{- if eq .Values.prometheus.thanosServiceExternal.type "NodePort" }}
+    nodePort: {{ .Values.prometheus.thanosServiceExternal.nodePort }}
+    {{- end }}
+  - name: {{ .Values.prometheus.thanosServiceExternal.httpPortName }}
+    port: {{ .Values.prometheus.thanosServiceExternal.httpPort }}
+    targetPort: {{ .Values.prometheus.thanosServiceExternal.targetHttpPort }}
+    {{- if eq .Values.prometheus.thanosServiceExternal.type "NodePort" }}
+    nodePort: {{ .Values.prometheus.thanosServiceExternal.httpNodePort }}
+    {{- end }}
+  selector:
+    app.kubernetes.io/name: prometheus
+    operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/serviceaccount.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/serviceaccount.yaml
new file mode 100644
index 0000000000..e97b989bbd
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/serviceaccount.yaml
@@ -0,0 +1,21 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "kube-prometheus-stack.prometheus.serviceAccountName" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+    app.kubernetes.io/name: {{ template "kube-prometheus-stack.name" . }}-prometheus
+    app.kubernetes.io/component: prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- if .Values.prometheus.serviceAccount.annotations }}
+  annotations:
+{{ toYaml .Values.prometheus.serviceAccount.annotations | indent 4 }}
+{{- end }}
+automountServiceAccountToken: {{ .Values.prometheus.serviceAccount.automountServiceAccountToken }}
+{{- if .Values.global.imagePullSecrets }}
+imagePullSecrets:
+{{ include "kube-prometheus-stack.imagePullSecrets" . | trim | indent 2 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/servicemonitor.yaml
new file mode 100644
index 0000000000..a36f3e33ca
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/servicemonitor.yaml
@@ -0,0 +1,97 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.serviceMonitor.selfMonitor }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- with .Values.prometheus.serviceMonitor.additionalLabels }}
+{{- toYaml . | nindent 4 }}
+{{- end }}
+spec:
+  {{- include "servicemonitor.scrapeLimits" .Values.prometheus.serviceMonitor | nindent 2 }}
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-prometheus
+      release: {{ $.Release.Name | quote }}
+      self-monitor: "true"
+  namespaceSelector:
+    matchNames:
+      - {{ printf "%s" (include "kube-prometheus-stack.namespace" .) | quote }}
+  endpoints:
+  - port: {{ .Values.prometheus.prometheusSpec.portName }}
+    {{- if .Values.prometheus.serviceMonitor.interval }}
+    interval: {{ .Values.prometheus.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.prometheus.serviceMonitor.scheme }}
+    scheme: {{ .Values.prometheus.serviceMonitor.scheme }}
+    {{- end }}
+    {{- if .Values.prometheus.serviceMonitor.tlsConfig }}
+    tlsConfig: {{- toYaml .Values.prometheus.serviceMonitor.tlsConfig | nindent 6 }}
+    {{- end }}
+    {{- if .Values.prometheus.serviceMonitor.bearerTokenFile }}
+    bearerTokenFile: {{ .Values.prometheus.serviceMonitor.bearerTokenFile }}
+    {{- end }}
+    path: "{{ trimSuffix "/" .Values.prometheus.prometheusSpec.routePrefix }}/metrics"
+    metricRelabelings: 
+    {{- if .Values.prometheus.serviceMonitor.metricRelabelings }}
+    {{- tpl (toYaml .Values.prometheus.serviceMonitor.metricRelabelings | nindent 6) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+    {{- if .Values.prometheus.serviceMonitor.relabelings }}
+    relabelings: {{- toYaml .Values.prometheus.serviceMonitor.relabelings | nindent 6 }}
+    {{- end }}
+  - port: reloader-web
+    {{- if .Values.prometheus.serviceMonitor.interval }}
+    interval: {{ .Values.prometheus.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.prometheus.serviceMonitor.scheme }}
+    scheme: {{ .Values.prometheus.serviceMonitor.scheme }}
+    {{- end }}
+    {{- if .Values.prometheus.serviceMonitor.tlsConfig }}
+    tlsConfig: {{- toYaml .Values.prometheus.serviceMonitor.tlsConfig | nindent 6 }}
+    {{- end }}
+    path: "/metrics"
+    {{- if .Values.prometheus.serviceMonitor.metricRelabelings }}
+    metricRelabelings: {{- tpl (toYaml .Values.prometheus.serviceMonitor.metricRelabelings | nindent 6) . }}
+    {{- end }}
+    {{- if .Values.prometheus.serviceMonitor.relabelings }}
+    relabelings: {{- toYaml .Values.prometheus.serviceMonitor.relabelings | nindent 6 }}
+    {{- end }}
+  {{- range .Values.prometheus.serviceMonitor.additionalEndpoints }}
+  - port: {{ .port }}
+    {{- if or $.Values.prometheus.serviceMonitor.interval .interval }}
+    interval: {{ default $.Values.prometheus.serviceMonitor.interval .interval }}
+    {{- end }}
+    {{- if or $.Values.prometheus.serviceMonitor.proxyUrl .proxyUrl }}
+    proxyUrl: {{ default $.Values.prometheus.serviceMonitor.proxyUrl .proxyUrl }}
+    {{- end }}
+    {{- if or $.Values.prometheus.serviceMonitor.scheme .scheme }}
+    scheme: {{ default $.Values.prometheus.serviceMonitor.scheme .scheme }}
+    {{- end }}
+    {{- if or $.Values.prometheus.serviceMonitor.bearerTokenFile .bearerTokenFile }}
+    bearerTokenFile: {{ default $.Values.prometheus.serviceMonitor.bearerTokenFile .bearerTokenFile }}
+    {{- end }}
+    {{- if or $.Values.prometheus.serviceMonitor.tlsConfig .tlsConfig }}
+    tlsConfig: {{- default $.Values.prometheus.serviceMonitor.tlsConfig .tlsConfig | toYaml | nindent 6 }}
+    {{- end }}
+    path: {{ .path }}
+    {{- if or $.Values.prometheus.serviceMonitor.metricRelabelings .metricRelabelings }}
+    metricRelabelings: {{- tpl (default $.Values.prometheus.serviceMonitor.metricRelabelings .metricRelabelings | toYaml | nindent 6) . }}
+    {{- end }}
+    {{- if or $.Values.prometheus.serviceMonitor.relabelings .relabelings }}
+    relabelings: {{- default $.Values.prometheus.serviceMonitor.relabelings .relabelings | toYaml | nindent 6 }}
+    {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/servicemonitorThanosSidecar.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/servicemonitorThanosSidecar.yaml
new file mode 100644
index 0000000000..0f70aabb58
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/servicemonitorThanosSidecar.yaml
@@ -0,0 +1,55 @@
+{{- if and .Values.prometheus.thanosService.enabled .Values.prometheus.thanosServiceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-thanos-sidecar
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-thanos-sidecar
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- with .Values.prometheus.thanosServiceMonitor.additionalLabels }}
+{{- toYaml . | nindent 4 }}
+{{- end }}
+spec:
+  {{- include "servicemonitor.scrapeLimits" .Values.prometheus.thanosServiceMonitor | nindent 2 }}
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-thanos-discovery
+      release: {{ $.Release.Name | quote }}
+  namespaceSelector:
+    matchNames:
+      - {{ printf "%s" (include "kube-prometheus-stack.namespace" .) | quote }}
+  endpoints:
+  - port: {{ .Values.prometheus.thanosService.httpPortName }}
+    {{- if .Values.prometheus.thanosServiceMonitor.interval }}
+    interval: {{ .Values.prometheus.thanosServiceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.prometheus.thanosServiceMonitor.scheme }}
+    scheme: {{ .Values.prometheus.thanosServiceMonitor.scheme }}
+    {{- end }}
+    {{- if .Values.prometheus.thanosServiceMonitor.tlsConfig }}
+    tlsConfig: {{ toYaml .Values.prometheus.thanosServiceMonitor.tlsConfig | nindent 6 }}
+    {{- end }}
+    {{- if .Values.prometheus.thanosServiceMonitor.bearerTokenFile }}
+    bearerTokenFile: {{ .Values.prometheus.thanosServiceMonitor.bearerTokenFile }}
+    {{- end }}
+    path: "/metrics"
+    metricRelabelings:
+    {{- if .Values.prometheus.thanosServiceMonitor.metricRelabelings}}
+    {{ tpl (toYaml .Values.prometheus.thanosServiceMonitor.metricRelabelings | indent 6) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.prometheus.thanosServiceMonitor.relabelings }}
+    relabelings:
+{{ toYaml .Values.prometheus.thanosServiceMonitor.relabelings | indent 6 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/servicemonitors.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/servicemonitors.yaml
new file mode 100644
index 0000000000..a7a301babc
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/servicemonitors.yaml
@@ -0,0 +1,47 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.additionalServiceMonitors }}
+apiVersion: v1
+kind: List
+items:
+{{- range .Values.prometheus.additionalServiceMonitors }}
+  - apiVersion: monitoring.coreos.com/v1
+    kind: ServiceMonitor
+    metadata:
+      name: {{ .name }}
+      namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+      labels:
+        app: {{ template "kube-prometheus-stack.name" $ }}-prometheus
+{{ include "kube-prometheus-stack.labels" $ | indent 8 }}
+        {{- if .additionalLabels }}
+{{ toYaml .additionalLabels | indent 8 }}
+        {{- end }}
+    spec:
+      {{- include "servicemonitor.scrapeLimits" . | nindent 6 }}
+      endpoints:
+{{ toYaml .endpoints | indent 8 }}
+    {{- if .jobLabel }}
+      jobLabel: {{ .jobLabel }}
+    {{- end }}
+    {{- if .namespaceSelector }}
+      namespaceSelector:
+{{ toYaml .namespaceSelector | indent 8 }}
+    {{- end }}
+      selector:
+{{ toYaml .selector | indent 8 }}
+    {{- if .targetLabels }}
+      targetLabels:
+{{ toYaml .targetLabels | indent 8 }}
+    {{- end }}
+    {{- if .podTargetLabels }}
+      podTargetLabels:
+{{ toYaml .podTargetLabels | indent 8 }}
+    {{- end }}
+    {{- if .metricRelabelings }}
+      metricRelabelings:
+{{ toYaml .metricRelabelings | indent 8 }}
+    {{- end }}
+    {{- if .relabelings }}
+      relabelings:
+{{ toYaml .relabelings | indent 8 }}
+    {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/serviceperreplica.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/serviceperreplica.yaml
new file mode 100644
index 0000000000..4bc7f7b869
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/prometheus/serviceperreplica.yaml
@@ -0,0 +1,54 @@
+{{- if and .Values.prometheus.enabled .Values.prometheus.servicePerReplica.enabled }}
+{{- $count := .Values.prometheus.prometheusSpec.replicas | int -}}
+{{- $serviceValues := .Values.prometheus.servicePerReplica -}}
+apiVersion: v1
+kind: List
+metadata:
+  name: {{ include "kube-prometheus-stack.fullname" $ }}-prometheus-serviceperreplica
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+items:
+{{- range $i, $e := until $count }}
+  - apiVersion: v1
+    kind: Service
+    metadata:
+      name: {{ include "kube-prometheus-stack.fullname" $ }}-prometheus-{{ $i }}
+      namespace: {{ template "kube-prometheus-stack.namespace" $ }}
+      labels:
+        app: {{ include "kube-prometheus-stack.name" $ }}-prometheus
+{{ include "kube-prometheus-stack.labels" $ | indent 8 }}
+      {{- if $serviceValues.annotations }}
+      annotations:
+{{ toYaml $serviceValues.annotations | indent 8 }}
+      {{- end }}
+    spec:
+      {{- if $serviceValues.clusterIP }}
+      clusterIP: {{ $serviceValues.clusterIP }}
+      {{- end }}
+      {{- if $serviceValues.loadBalancerSourceRanges }}
+      loadBalancerSourceRanges:
+      {{- range $cidr := $serviceValues.loadBalancerSourceRanges }}
+        - {{ $cidr }}
+      {{- end }}
+      {{- end }}
+      {{- if ne $serviceValues.type "ClusterIP" }}
+      externalTrafficPolicy: {{ $serviceValues.externalTrafficPolicy }}
+      {{- end }}
+      ports:
+        - name: {{ $.Values.prometheus.prometheusSpec.portName }}
+          {{- if eq $serviceValues.type "NodePort" }}
+          nodePort: {{ $serviceValues.nodePort }}
+          {{- end }}
+          port: {{ $serviceValues.port }}
+          targetPort: {{ $serviceValues.targetPort }}
+      selector:
+        {{- if $.Values.prometheus.agentMode }}
+        app.kubernetes.io/name: prometheus-agent
+        statefulset.kubernetes.io/pod-name: prom-agent-{{ include "kube-prometheus-stack.prometheus.crname" $ }}-{{ $i }}
+        {{- else }}
+        app.kubernetes.io/name: prometheus
+        statefulset.kubernetes.io/pod-name: prometheus-{{ include "kube-prometheus-stack.prometheus.crname" $ }}-{{ $i }}
+        {{- end }}
+        operator.prometheus.io/name: {{ template "kube-prometheus-stack.prometheus.crname" $ }}
+      type: "{{ $serviceValues.type }}"
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/clusterrole.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/clusterrole.yaml
new file mode 100644
index 0000000000..56ca9f5eae
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/clusterrole.yaml
@@ -0,0 +1,135 @@
+{{- if and .Values.global.rbac.create .Values.global.rbac.userRoles.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: monitoring-admin
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+  {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
+    rbac.authorization.k8s.io/aggregate-to-admin: "true"
+  {{- end }}
+rules:
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - alertmanagers
+  - prometheuses
+  - prometheuses/finalizers
+  - alertmanagers/finalizers
+  verbs:
+  - 'get'
+  - 'list'
+  - 'watch'
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - thanosrulers
+  - thanosrulers/finalizers
+  - servicemonitors
+  - podmonitors
+  - prometheusrules
+  - podmonitors
+  - probes
+  - probes/finalizers
+  - alertmanagerconfigs
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: monitoring-edit
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+  {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
+    rbac.authorization.k8s.io/aggregate-to-edit: "true"
+  {{- end }}
+rules:
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - alertmanagers
+  - prometheuses
+  - prometheuses/finalizers
+  - alertmanagers/finalizers
+  verbs:
+  - 'get'
+  - 'list'
+  - 'watch'
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - thanosrulers
+  - thanosrulers/finalizers
+  - servicemonitors
+  - podmonitors
+  - prometheusrules
+  - podmonitors
+  - probes
+  - alertmanagerconfigs
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: monitoring-view
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+  {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
+    rbac.authorization.k8s.io/aggregate-to-view: "true"
+  {{- end }}
+rules:
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - alertmanagers
+  - prometheuses
+  - prometheuses/finalizers
+  - alertmanagers/finalizers
+  - thanosrulers
+  - thanosrulers/finalizers
+  - servicemonitors
+  - podmonitors
+  - prometheusrules
+  - podmonitors
+  - probes
+  - probes/finalizers
+  - alertmanagerconfigs
+  verbs:
+  - 'get'
+  - 'list'
+  - 'watch'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: monitoring-ui-view
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - services/proxy
+  resourceNames:
+  - "http:{{ template "kube-prometheus-stack.fullname" . }}-prometheus:{{ .Values.prometheus.service.port }}"
+  - "https:{{ template "kube-prometheus-stack.fullname" . }}-prometheus:{{ .Values.prometheus.service.port }}"
+  - "http:{{ template "kube-prometheus-stack.fullname" . }}-alertmanager:{{ .Values.alertmanager.service.port }}"
+  - "https:{{ template "kube-prometheus-stack.fullname" . }}-alertmanager:{{ .Values.alertmanager.service.port }}"
+{{- if .Values.grafana.enabled }}
+  - "http:{{ include "call-nested" (list . "grafana" "grafana.fullname") }}:{{ .Values.grafana.service.port }}"
+  - "https:{{ include "call-nested" (list . "grafana" "grafana.fullname") }}:{{ .Values.grafana.service.port }}"
+{{- end }}
+  verbs:
+  - 'get'
+  - 'create'
+- apiGroups:
+  - ""
+  resourceNames:
+  - {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+  - {{ template "kube-prometheus-stack.fullname" . }}-alertmanager
+{{- if .Values.grafana.enabled }}
+  - {{ include "call-nested" (list . "grafana" "grafana.fullname") }}
+{{- end }}
+  resources:
+  - endpoints
+  verbs:
+  - list
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/config-role.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/config-role.yaml
new file mode 100644
index 0000000000..f48ffc827e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/config-role.yaml
@@ -0,0 +1,48 @@
+{{- if and .Values.global.rbac.create .Values.global.rbac.userRoles.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: monitoring-config-admin
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - secrets
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: monitoring-config-edit
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - secrets
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: monitoring-config-view
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - secrets
+  verbs:
+  - 'get'
+  - 'list'
+  - 'watch'
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboard-role.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboard-role.yaml
new file mode 100644
index 0000000000..d2f81976a2
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboard-role.yaml
@@ -0,0 +1,47 @@
+{{- if and .Values.global.rbac.create .Values.global.rbac.userRoles.create .Values.grafana.enabled }}
+{{- if .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: monitoring-dashboard-admin
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: monitoring-dashboard-edit
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: monitoring-dashboard-view
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - 'get'
+  - 'list'
+  - 'watch'
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/addons/ingress-nginx-dashboard.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/addons/ingress-nginx-dashboard.yaml
new file mode 100644
index 0000000000..7b51a0bf7a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/addons/ingress-nginx-dashboard.yaml
@@ -0,0 +1,18 @@
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled .Values.ingressNginx.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: {{ printf "%s-%s" (include "kube-prometheus-stack.fullname" $) "ingress-nginx" | trunc 63 | trimSuffix "-" }}
+  {{- if .Values.grafana.sidecar.dashboards.annotations }}
+  annotations: {{ toYaml .Values.grafana.sidecar.dashboards.annotations | nindent 4 }}
+  {{- end }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ (.Files.Glob "files/ingress-nginx/*").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/cluster-dashboards.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/cluster-dashboards.yaml
new file mode 100644
index 0000000000..d73b257451
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/cluster-dashboards.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: rancher-default-dashboards-cluster
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ (.Files.Glob "files/rancher/cluster/*").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/default-dashboard.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/default-dashboard.yaml
new file mode 100644
index 0000000000..8865efa932
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/default-dashboard.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: rancher-default-dashboards-home
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ (.Files.Glob "files/rancher/home/*").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/fleet-dashboards.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/fleet-dashboards.yaml
new file mode 100644
index 0000000000..9b05cea2e8
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/fleet-dashboards.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: rancher-fleet-dashboards
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ (.Files.Glob "files/rancher/fleet/*").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/k8s-dashboards.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/k8s-dashboards.yaml
new file mode 100644
index 0000000000..2afae10ef7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/k8s-dashboards.yaml
@@ -0,0 +1,31 @@
+{{- $files := (.Files.Glob "files/rancher/k8s/*").AsConfig }}
+{{- $filesDict := (fromYaml $files) }}
+{{- if not (include "exporter.kubeEtcd.enabled" .) }}
+{{- $filesDict = (unset $filesDict "rancher-etcd-nodes.json") -}}
+{{- $filesDict = (unset $filesDict "rancher-etcd.json") -}}
+{{- end }}
+{{- if not (include "exporter.kubeControllerManager.enabled" .) }}
+{{- $filesDict = (unset $filesDict "rancher-k8s-components-nodes.json") -}}
+{{- $filesDict = (unset $filesDict "rancher-k8s-components.json") -}}
+{{- else }}
+{{- $_ := (set $filesDict "rancher-k8s-components-nodes.json" (get $filesDict "rancher-k8s-components-nodes.json" | replace "kube-controller-manager" (include "exporter.kubeControllerManager.jobName" .))) -}}
+{{- $_ := (set $filesDict "rancher-k8s-components.json" (get $filesDict "rancher-k8s-components.json" | replace "kube-controller-manager" (include "exporter.kubeControllerManager.jobName" .))) -}}
+{{- end }}
+{{ $files = (toYaml $filesDict) }}
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: rancher-default-dashboards-k8s
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ $files | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/nodes-dashboards.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/nodes-dashboards.yaml
new file mode 100644
index 0000000000..172c36e9d1
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/nodes-dashboards.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: rancher-default-dashboards-nodes
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ (.Files.Glob "files/rancher/nodes/*").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/performance-dashboards.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/performance-dashboards.yaml
new file mode 100644
index 0000000000..19836ec4e4
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/performance-dashboards.yaml
@@ -0,0 +1,18 @@
+{{- $selector := (include "rancher.serviceMonitor.selector" .) -}}
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled .Values.rancherMonitoring.enabled $selector }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: rancher-default-dashboards-performance-debugging
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ (.Files.Glob "files/rancher/performance/*").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/pods-dashboards.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/pods-dashboards.yaml
new file mode 100644
index 0000000000..940f18869b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/pods-dashboards.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: rancher-default-dashboards-pods
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ (.Files.Glob "files/rancher/pods/*").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/workload-dashboards.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/workload-dashboards.yaml
new file mode 100644
index 0000000000..d146dacdd0
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/dashboards/rancher/workload-dashboards.yaml
@@ -0,0 +1,17 @@
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ .Values.grafana.defaultDashboards.namespace }}
+  name: rancher-default-dashboards-workloads
+  annotations:
+{{ toYaml .Values.grafana.sidecar.dashboards.annotations | indent 4 }}
+  labels:
+    {{- if $.Values.grafana.sidecar.dashboards.label }}
+    {{ $.Values.grafana.sidecar.dashboards.label }}: "1"
+    {{- end }}
+    app: {{ template "kube-prometheus-stack.name" $ }}-grafana
+{{ include "kube-prometheus-stack.labels" $ | indent 4 }}
+data:
+{{ (.Files.Glob "files/rancher/workloads/*").AsConfig | indent 2 }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/fleet/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/fleet/servicemonitor.yaml
new file mode 100644
index 0000000000..90d24c2061
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/fleet/servicemonitor.yaml
@@ -0,0 +1,53 @@
+{{- if .Values.rancherMonitoring.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+  name: monitoring-fleet-controller
+  namespace: cattle-fleet-system
+spec:
+  endpoints:
+  - port: metrics
+    metricRelabelings:
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+  jobLabel: fleet
+  selector:
+    matchLabels:
+      app: fleet-controller
+{{- end }}
+---
+{{- if .Values.rancherMonitoring.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+  name: monitoring-gitops-controller
+  namespace: cattle-fleet-system
+spec:
+  endpoints:
+  - port: metrics
+    metricRelabelings:
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+  jobLabel: gitops
+  selector:
+    matchLabels:
+      app: gitjob
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/network-policy.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/network-policy.yaml
new file mode 100644
index 0000000000..9d3e515f39
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/network-policy.yaml
@@ -0,0 +1,19 @@
+{{- if .Values.rke2IngressNginx.networkPolicy.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  annotations:
+    np.rke2.io/ingress: resolved
+  name: rke2-ingress-network-policy
+  namespace: {{ include "rke2-ingress-nginx.namespace" . }}
+spec:
+  ingress:
+    - ports:
+        - port: {{ .Values.rke2IngressNginx.metricsPort }}
+          protocol: TCP
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/name: rke2-ingress-nginx
+  policyTypes:
+    - Ingress
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/service.yaml
new file mode 100644
index 0000000000..53a9ad6897
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/service.yaml
@@ -0,0 +1,27 @@
+{{- if and (not .Values.ingressNginx.enabled) (.Values.rkeIngressNginx.enabled) }}
+{{- fail "Cannot set .Values.rkeIngressNginx.enabled=true when .Values.ingressNginx.enabled=false" }}
+{{- end }}
+{{- if and .Values.ingressNginx.enabled (not .Values.rkeIngressNginx.enabled) }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-ingress-nginx
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-ingress-nginx
+    jobLabel: ingress-nginx
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+  namespace: {{ .Values.ingressNginx.namespace }}
+spec:
+  clusterIP: None
+  ports:
+    - name: http-metrics
+      port: {{ .Values.ingressNginx.service.port }}
+      protocol: TCP
+      targetPort: {{ .Values.ingressNginx.service.targetPort }}
+  selector:
+    {{- if .Values.ingressNginx.service.selector }}
+{{ toYaml .Values.ingressNginx.service.selector | indent 4 }}
+    {{- else }}
+    app: ingress-nginx
+    {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/servicemonitor.yaml
new file mode 100644
index 0000000000..b0f92e63b5
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/ingress-nginx/servicemonitor.yaml
@@ -0,0 +1,49 @@
+{{- if and (not .Values.ingressNginx.enabled) (.Values.rkeIngressNginx.enabled) }}
+{{- fail "Cannot set .Values.rkeIngressNginx.enabled=true when .Values.ingressNginx.enabled=false" }}
+{{- end }}
+{{- if and .Values.ingressNginx.enabled (not .Values.rkeIngressNginx.enabled) }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-ingress-nginx
+  namespace: {{ .Values.ingressNginx.namespace }}
+  labels:
+    app: {{ template "kube-prometheus-stack.name" . }}-ingress-nginx
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  jobLabel: jobLabel
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.name" . }}-ingress-nginx
+      release: {{ $.Release.Name | quote }}
+  namespaceSelector:
+    matchNames:
+      - {{ .Values.ingressNginx.namespace }}
+  endpoints:
+  - port: http-metrics
+    {{- if .Values.ingressNginx.serviceMonitor.interval}}
+    interval: {{ .Values.ingressNginx.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.ingressNginx.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.ingressNginx.serviceMonitor.proxyUrl}}
+    {{- end }}
+    bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    metricRelabelings:
+    {{- if .Values.ingressNginx.serviceMonitor.metricRelabelings }}
+    {{ tpl (toYaml .Values.ingressNginx.serviceMonitor.metricRelabelings | indent 4) . }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+{{- if .Values.ingressNginx.serviceMonitor.relabelings }}
+    relabelings:
+{{ toYaml .Values.ingressNginx.serviceMonitor.relabelings | indent 4 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/rancher/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/rancher/servicemonitor.yaml
new file mode 100644
index 0000000000..1fba8f23f7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/exporters/rancher/servicemonitor.yaml
@@ -0,0 +1,58 @@
+{{- $selector := (include "rancher.serviceMonitor.selector" .) -}}
+{{- if and .Values.rancherMonitoring.enabled $selector }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels: {{ include "kube-prometheus-stack.labels" . | nindent 4 }}
+  name: rancher
+  namespace: cattle-system
+spec:
+  endpoints:
+  - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
+    port: http
+    tlsConfig:
+      caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+      insecureSkipVerify: true
+      serverName: rancher
+    metricRelabelings:
+    {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+  jobLabel: rancher
+{{- if .Values.rancherMonitoring.namespaceSelector }}
+  namespaceSelector: {{ .Values.rancherMonitoring.namespaceSelector | toYaml | nindent 4 }}
+{{- end }}
+  selector: {{ include "rancher.serviceMonitor.selector" . | nindent 4 }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-rancher-metrics
+rules:
+- apiGroups:
+  - management.cattle.io
+  resources:
+  - ranchermetrics
+  verbs:
+  - get
+---
+apiVersion: rbac.authorization.k8s.io/v1   
+kind: ClusterRoleBinding                                                                                                                       
+metadata:                                                                                                                                      
+  name: {{ template "kube-prometheus-stack.fullname" . }}-rancher-metrics
+roleRef:                                         
+  apiGroup: rbac.authorization.k8s.io          
+  kind: ClusterRole                           
+  name: {{ template "kube-prometheus-stack.fullname" . }}-rancher-metrics
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kube-prometheus-stack.fullname" . }}-prometheus
+    namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/hardened.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/hardened.yaml
new file mode 100644
index 0000000000..f9a66151ee
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/hardened.yaml
@@ -0,0 +1,147 @@
+{{- $namespaces := dict "_0" .Release.Namespace -}}
+{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled (not .Values.grafana.defaultDashboards.useExistingNamespace) -}}
+{{- $_ := set $namespaces "_1" .Values.grafana.defaultDashboards.namespace -}}
+{{- end -}}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ .Chart.Name }}-patch-sa
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}-patch-sa
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade
+    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
+spec:
+  template:
+    metadata:
+      name: {{ .Chart.Name }}-patch-sa
+      labels:
+        app: {{ .Chart.Name }}-patch-sa
+    spec:
+      serviceAccountName: {{ .Chart.Name }}-patch-sa
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+      restartPolicy: Never
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+      containers:
+      {{- range $_, $ns := $namespaces }}
+      - name: patch-sa-{{ $ns }}
+        image: {{ template "system_default_registry" $ }}{{ $.Values.global.kubectl.repository }}:{{ $.Values.global.kubectl.tag }}
+        imagePullPolicy: {{ $.Values.global.kubectl.pullPolicy }}
+        command: ["kubectl", "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"]
+        args: ["-n", "{{ $ns }}"]
+      {{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ .Chart.Name }}-patch-sa
+  labels:
+    app: {{ .Chart.Name }}-patch-sa
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - serviceaccounts
+  verbs: ['get', 'patch']
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ .Chart.Name }}-patch-sa
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ .Chart.Name }}-patch-sa
+  labels:
+    app: {{ .Chart.Name }}-patch-sa
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Chart.Name }}-patch-sa
+subjects:
+- kind: ServiceAccount
+  name: {{ .Chart.Name }}-patch-sa
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Chart.Name }}-patch-sa
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}-patch-sa
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ .Chart.Name }}-patch-sa
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}-patch-sa
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'secret'
+{{- range $_, $ns := $namespaces }}
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: default-allow-all
+  namespace: {{ $ns }}
+spec:
+  podSelector: {}
+  ingress:
+  - {}
+  egress:
+  - {}
+  policyTypes:
+  - Ingress
+  - Egress
+{{- end }}
+{{- end }}
+---
+{{- if .Values.hardened.k3s.networkPolicy.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: rancher-monitoring-coredns-allow-all
+  namespace: kube-system
+spec:
+  ingress:
+  - {}
+  egress:
+  - {}
+  policyTypes:
+  - Ingress
+  - Egress 
+  podSelector:
+    matchLabels:
+      k8s-app: kube-dns
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/upgrade/configmap.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/upgrade/configmap.yaml
new file mode 100644
index 0000000000..53cb898214
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/upgrade/configmap.yaml
@@ -0,0 +1,13 @@
+{{- if .Values.upgrade.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  annotations:
+    "helm.sh/hook": pre-upgrade, pre-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+    "helm.sh/hook-weight": "0"
+data:
+{{ (.Files.Glob "files/upgrade/scripts/*").AsConfig | indent 2 }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/upgrade/job.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/upgrade/job.yaml
new file mode 100644
index 0000000000..8f2771740c
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/upgrade/job.yaml
@@ -0,0 +1,46 @@
+{{- if .Values.upgrade.enabled }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  annotations:
+    "helm.sh/hook": pre-upgrade, pre-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+    "helm.sh/hook-weight": "2"
+spec:
+  template:
+    metadata:
+      name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+      labels:
+        app: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+    spec:
+      serviceAccountName: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+      securityContext:
+        runAsNonRoot: false
+        runAsUser: 0
+      restartPolicy: Never
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+      containers:
+        - name: run-scripts
+          image: {{ template "system_default_registry" . }}{{ .Values.upgrade.image.repository }}:{{ .Values.upgrade.image.tag }}
+          imagePullPolicy: {{ $.Values.global.kubectl.pullPolicy }}
+          command:
+          - /bin/sh
+          - -c
+          - >
+            for s in $(find /etc/scripts -type f); do 
+              echo "Running $s...";
+              cat $s | bash
+            done;
+          volumeMounts:
+            - name: upgrade
+              mountPath: /etc/scripts
+      volumes:
+      - name: upgrade
+        configMap:
+          name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/upgrade/rbac.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/upgrade/rbac.yaml
new file mode 100644
index 0000000000..e929a19925
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/rancher-monitoring/upgrade/rbac.yaml
@@ -0,0 +1,131 @@
+{{- if .Values.upgrade.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  annotations:
+    "helm.sh/hook": pre-upgrade, pre-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded
+    "helm.sh/hook-weight": "1"
+rules:
+- apiGroups:
+  - apps
+  resources:
+  - deployments
+  - daemonsets
+  - statefulsets
+  verbs:
+  - 'list'
+  - 'delete'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  annotations:
+    "helm.sh/hook": pre-upgrade, pre-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+    "helm.sh/hook-weight": "1"
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+subjects:
+- kind: ServiceAccount
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  labels:
+    app: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  annotations:
+    "helm.sh/hook": pre-upgrade, pre-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+    "helm.sh/hook-weight": "1"
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  labels:
+    app: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  annotations:
+    "helm.sh/hook": pre-upgrade, pre-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+    "helm.sh/hook-weight": "1"
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+subjects:
+- kind: ServiceAccount
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  annotations:
+    "helm.sh/hook": pre-upgrade, pre-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+    "helm.sh/hook-weight": "1"
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.fullname" . }}-upgrade
+  annotations:
+    "helm.sh/hook": pre-upgrade, pre-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+    "helm.sh/hook-weight": "1"
+spec:
+  privileged: false
+  allowPrivilegeEscalation: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'configMap'
+    - 'secret'
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/extrasecret.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/extrasecret.yaml
new file mode 100644
index 0000000000..587fca2dca
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/extrasecret.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.thanosRuler.extraSecret.data -}}
+{{- $secretName := printf "%s-extra" (include "kube-prometheus-stack.thanosRuler.name" . ) -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ default $secretName .Values.thanosRuler.extraSecret.name }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- if .Values.thanosRuler.extraSecret.annotations }}
+  annotations:
+{{ toYaml .Values.thanosRuler.extraSecret.annotations | indent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+    app.kubernetes.io/component: thanos-ruler
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+{{- range $key, $val := .Values.thanosRuler.extraSecret.data }}
+  {{ $key }}: {{ $val | b64enc | quote }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/ingress.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/ingress.yaml
new file mode 100644
index 0000000000..e245ad448e
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/ingress.yaml
@@ -0,0 +1,77 @@
+{{- if and .Values.thanosRuler.enabled .Values.thanosRuler.ingress.enabled }}
+{{- $pathType := .Values.thanosRuler.ingress.pathType | default "ImplementationSpecific" }}
+{{- $serviceName := include "kube-prometheus-stack.thanosRuler.name" . }}
+{{- $servicePort := .Values.thanosRuler.service.port -}}
+{{- $routePrefix := list .Values.thanosRuler.thanosRulerSpec.routePrefix }}
+{{- $paths := .Values.thanosRuler.ingress.paths | default $routePrefix -}}
+{{- $apiIsStable := eq (include "kube-prometheus-stack.ingress.isStable" .) "true" -}}
+{{- $ingressSupportsPathType := eq (include "kube-prometheus-stack.ingress.supportsPathType" .) "true" -}}
+apiVersion: {{ include "kube-prometheus-stack.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+  name: {{ $serviceName }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+{{- if .Values.thanosRuler.ingress.annotations }}
+  annotations:
+    {{- tpl (toYaml .Values.thanosRuler.ingress.annotations) . | nindent 4 }}
+{{- end }}
+  labels:
+    app: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+{{- if .Values.thanosRuler.ingress.labels }}
+{{ toYaml .Values.thanosRuler.ingress.labels | indent 4 }}
+{{- end }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  {{- if $apiIsStable }}
+  {{- if .Values.thanosRuler.ingress.ingressClassName }}
+  ingressClassName: {{ .Values.thanosRuler.ingress.ingressClassName }}
+  {{- end }}
+  {{- end }}
+  rules:
+  {{- if .Values.thanosRuler.ingress.hosts }}
+  {{- range $host := .Values.thanosRuler.ingress.hosts }}
+    - host: {{ tpl $host $ }}
+      http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ tpl $p $ }}
+            {{- if and $pathType $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+    {{- end }}
+    {{- end -}}
+  {{- end -}}
+  {{- else }}
+    - http:
+        paths:
+  {{- range $p := $paths }}
+          - path: {{ tpl $p $ }}
+            {{- if and $pathType $ingressSupportsPathType }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if $apiIsStable }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  number: {{ $servicePort }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+  {{- end }}
+  {{- end -}}
+  {{- end -}}
+  {{- if .Values.thanosRuler.ingress.tls }}
+  tls:
+{{ tpl (toYaml .Values.thanosRuler.ingress.tls | indent 4) . }}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/podDisruptionBudget.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/podDisruptionBudget.yaml
new file mode 100644
index 0000000000..83e54edf9b
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/podDisruptionBudget.yaml
@@ -0,0 +1,21 @@
+{{- if and .Values.thanosRuler.enabled .Values.thanosRuler.podDisruptionBudget.enabled }}
+apiVersion: {{ include "kube-prometheus-stack.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+spec:
+  {{- if .Values.thanosRuler.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.thanosRuler.podDisruptionBudget.minAvailable }}
+  {{- end }}
+  {{- if .Values.thanosRuler.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.thanosRuler.podDisruptionBudget.maxUnavailable }}
+  {{- end }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: thanos-ruler
+      thanos-ruler: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/ruler.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/ruler.yaml
new file mode 100644
index 0000000000..b281221563
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/ruler.yaml
@@ -0,0 +1,189 @@
+{{- if .Values.thanosRuler.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ThanosRuler
+metadata:
+  name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ include "kube-prometheus-stack.thanosRuler.name" . }}
+{{- include "kube-prometheus-stack.labels" . | indent 4 -}}
+{{- if .Values.thanosRuler.annotations }}
+  annotations:
+{{ toYaml .Values.thanosRuler.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.thanosRuler.thanosRulerSpec.image }}
+  {{- $registry := include "monitoring_registry" . | default .Values.thanosRuler.thanosRulerSpec.image.registry -}}
+  {{- if and .Values.thanosRuler.thanosRulerSpec.image.tag .Values.thanosRuler.thanosRulerSpec.image.sha }}
+  image: "{{ $registry }}/{{ .Values.thanosRuler.thanosRulerSpec.image.repository }}:{{ .Values.thanosRuler.thanosRulerSpec.image.tag }}@sha256:{{ .Values.thanosRuler.thanosRulerSpec.image.sha }}"
+  {{- else if .Values.thanosRuler.thanosRulerSpec.image.sha }}
+  image: "{{ $registry }}/{{ .Values.thanosRuler.thanosRulerSpec.image.repository }}@sha256:{{ .Values.thanosRuler.thanosRulerSpec.image.sha }}"
+  {{- else if .Values.thanosRuler.thanosRulerSpec.image.tag }}
+  image: "{{ $registry }}/{{ .Values.thanosRuler.thanosRulerSpec.image.repository }}:{{ .Values.thanosRuler.thanosRulerSpec.image.tag }}"
+  {{- else }}
+  image: "{{ $registry }}/{{ .Values.thanosRuler.thanosRulerSpec.image.repository }}"
+  {{- end }}
+  {{- if .Values.thanosRuler.thanosRulerSpec.image.sha }}
+  sha: {{ .Values.thanosRuler.thanosRulerSpec.image.sha }}
+  {{- end }}
+{{- end }}
+  replicas: {{ .Values.thanosRuler.thanosRulerSpec.replicas }}
+  listenLocal: {{ .Values.thanosRuler.thanosRulerSpec.listenLocal }}
+  serviceAccountName: {{ template "kube-prometheus-stack.thanosRuler.serviceAccountName" . }}
+{{- if .Values.thanosRuler.thanosRulerSpec.externalPrefix }}
+  externalPrefix: "{{ tpl .Values.thanosRuler.thanosRulerSpec.externalPrefix . }}"
+{{- else if and .Values.thanosRuler.ingress.enabled .Values.thanosRuler.ingress.hosts }}
+  externalPrefix: "http://{{ tpl (index .Values.thanosRuler.ingress.hosts 0) . }}{{ .Values.thanosRuler.thanosRulerSpec.routePrefix }}"
+{{- else }}
+  externalPrefix: http://{{ template "kube-prometheus-stack.thanosRuler.name" . }}.{{ template "kube-prometheus-stack.namespace" . }}:{{ .Values.thanosRuler.service.port }}
+{{- end }}
+  nodeSelector: {{ include "linux-node-selector" . | nindent 4 }}
+{{- if .Values.thanosRuler.thanosRulerSpec.additionalArgs }}
+  additionalArgs:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.additionalArgs | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.nodeSelector }}
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.nodeSelector | indent 4 }}
+{{- end }}
+  paused: {{ .Values.thanosRuler.thanosRulerSpec.paused }}
+  logFormat: {{ .Values.thanosRuler.thanosRulerSpec.logFormat | quote  }}
+  logLevel:  {{ .Values.thanosRuler.thanosRulerSpec.logLevel | quote  }}
+  retention: {{ .Values.thanosRuler.thanosRulerSpec.retention | quote  }}
+{{- if .Values.thanosRuler.thanosRulerSpec.evaluationInterval }}
+  evaluationInterval: {{ .Values.thanosRuler.thanosRulerSpec.evaluationInterval }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.ruleNamespaceSelector }}
+  ruleNamespaceSelector:
+{{ tpl (toYaml .Values.thanosRuler.thanosRulerSpec.ruleNamespaceSelector | indent 4) . }}
+{{ else }}
+  ruleNamespaceSelector: {}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.ruleSelector }}
+  ruleSelector:
+{{ tpl (toYaml .Values.thanosRuler.thanosRulerSpec.ruleSelector | indent 4) .}}
+{{- else if .Values.thanosRuler.thanosRulerSpec.ruleSelectorNilUsesHelmValues }}
+  ruleSelector:
+    matchLabels:
+      release: {{ $.Release.Name | quote }}
+{{ else }}
+  ruleSelector: {}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.alertQueryUrl }}
+  alertQueryUrl: "{{ .Values.thanosRuler.thanosRulerSpec.alertQueryUrl }}"
+{{- end}}
+{{- if .Values.thanosRuler.thanosRulerSpec.alertmanagersUrl }}
+  alertmanagersUrl:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.alertmanagersUrl | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.alertmanagersConfig.existingSecret }}
+  alertmanagersConfig:
+    key: "{{.Values.thanosRuler.thanosRulerSpec.alertmanagersConfig.existingSecret.key }}"
+    name: "{{.Values.thanosRuler.thanosRulerSpec.alertmanagersConfig.existingSecret.name }}"
+{{- else if .Values.thanosRuler.thanosRulerSpec.alertmanagersConfig.secret }}
+  alertmanagersConfig:
+    key: alertmanager-configs.yaml
+    name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.queryEndpoints }}
+  queryEndpoints:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.queryEndpoints | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.queryConfig.existingSecret }}
+  queryConfig:
+    key: "{{.Values.thanosRuler.thanosRulerSpec.queryConfig.existingSecret.key }}"
+    name: "{{.Values.thanosRuler.thanosRulerSpec.queryConfig.existingSecret.name }}"
+{{- else if .Values.thanosRuler.thanosRulerSpec.queryConfig.secret }}
+  queryConfig:
+    key: query-configs.yaml
+    name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.resources }}
+  resources:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.resources | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.routePrefix }}
+  routePrefix: "{{ .Values.thanosRuler.thanosRulerSpec.routePrefix }}"
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.securityContext }}
+  securityContext:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.securityContext | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.storage }}
+  storage:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.storage | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.objectStorageConfig.existingSecret }}
+  objectStorageConfig:
+    key: "{{.Values.thanosRuler.thanosRulerSpec.objectStorageConfig.existingSecret.key }}"
+    name: "{{.Values.thanosRuler.thanosRulerSpec.objectStorageConfig.existingSecret.name }}"
+{{- else if .Values.thanosRuler.thanosRulerSpec.objectStorageConfig.secret }}
+  objectStorageConfig:
+    key: object-storage-configs.yaml
+    name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.labels }}
+  labels:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.labels | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.podMetadata }}
+  podMetadata:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.podMetadata | indent 4 }}
+{{- end }}
+{{- if or .Values.thanosRuler.thanosRulerSpec.podAntiAffinity .Values.thanosRuler.thanosRulerSpec.affinity }}
+  affinity:
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.affinity }}
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.affinity | indent 4 }}
+{{- end }}
+{{- if eq .Values.thanosRuler.thanosRulerSpec.podAntiAffinity "hard" }}
+    podAntiAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+      - topologyKey: {{ .Values.thanosRuler.thanosRulerSpec.podAntiAffinityTopologyKey }}
+        labelSelector:
+          matchExpressions:
+            - {key: app.kubernetes.io/name, operator: In, values: [thanos-ruler]}
+            - {key: thanos-ruler, operator: In, values: [{{ template "kube-prometheus-stack.thanosRuler.name" . }}]}
+{{- else if eq .Values.thanosRuler.thanosRulerSpec.podAntiAffinity "soft" }}
+    podAntiAffinity:
+      preferredDuringSchedulingIgnoredDuringExecution:
+      - weight: 100
+        podAffinityTerm:
+          topologyKey: {{ .Values.thanosRuler.thanosRulerSpec.podAntiAffinityTopologyKey }}
+          labelSelector:
+            matchExpressions:
+              - {key: app.kubernetes.io/name, operator: In, values: [thanos-ruler]}
+              - {key: thanos-ruler, operator: In, values: [{{ template "kube-prometheus-stack.thanosRuler.name" . }}]}
+{{- end }}
+  tolerations: {{ include "linux-node-tolerations" . | nindent 4 }}
+{{- if .Values.thanosRuler.thanosRulerSpec.tolerations }}
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.tolerations | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.topologySpreadConstraints }}
+  topologySpreadConstraints:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.topologySpreadConstraints | indent 4 }}
+{{- end }}
+{{- if .Values.global.imagePullSecrets }}
+  imagePullSecrets:
+{{ toYaml .Values.global.imagePullSecrets | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.containers }}
+  containers:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.containers | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.initContainers }}
+  initContainers:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.initContainers | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.priorityClassName }}
+  priorityClassName: {{.Values.thanosRuler.thanosRulerSpec.priorityClassName }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.volumes }}
+  volumes:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.volumes | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.thanosRulerSpec.volumeMounts }}
+  volumeMounts:
+{{ toYaml .Values.thanosRuler.thanosRulerSpec.volumeMounts | indent 4 }}
+{{- end }}
+  portName: {{ .Values.thanosRuler.thanosRulerSpec.portName }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/secret.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/secret.yaml
new file mode 100644
index 0000000000..acab7fd9ae
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/secret.yaml
@@ -0,0 +1,26 @@
+{{- if .Values.thanosRuler.enabled }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ include "kube-prometheus-stack.thanosRuler.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+data:
+  {{- with .Values.thanosRuler.thanosRulerSpec.alertmanagersConfig }}
+  {{- if and .secret (not .existingSecret) }}
+  alertmanager-configs.yaml: {{ toYaml .secret | b64enc | quote }}
+  {{- end }}
+  {{- end }}
+  {{- with .Values.thanosRuler.thanosRulerSpec.objectStorageConfig }}
+  {{- if and .secret (not .existingSecret) }}
+  object-storage-configs.yaml: {{ toYaml .secret | b64enc | quote }}
+  {{- end }}
+  {{- end }}
+  {{- with .Values.thanosRuler.thanosRulerSpec.queryConfig }}
+  {{- if and .secret (not .existingSecret) }}
+  query-configs.yaml: {{ toYaml .secret | b64enc | quote }}
+  {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/service.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/service.yaml
new file mode 100644
index 0000000000..be0c844591
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/service.yaml
@@ -0,0 +1,53 @@
+{{- if .Values.thanosRuler.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+    self-monitor: {{ .Values.thanosRuler.serviceMonitor.selfMonitor | quote }}
+{{- include "kube-prometheus-stack.labels" . | indent 4 -}}
+{{- if .Values.thanosRuler.service.labels }}
+{{ toYaml .Values.thanosRuler.service.labels | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.service.annotations }}
+  annotations:
+{{ toYaml .Values.thanosRuler.service.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.thanosRuler.service.clusterIP }}
+  clusterIP: {{ .Values.thanosRuler.service.clusterIP }}
+{{- end }}
+{{- if .Values.thanosRuler.service.externalIPs }}
+  externalIPs:
+{{ toYaml .Values.thanosRuler.service.externalIPs | indent 4 }}
+{{- end }}
+{{- if .Values.thanosRuler.service.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.thanosRuler.service.loadBalancerIP }}
+{{- end }}
+{{- if .Values.thanosRuler.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range $cidr := .Values.thanosRuler.service.loadBalancerSourceRanges }}
+    - {{ $cidr }}
+  {{- end }}
+{{- end }}
+{{- if ne .Values.thanosRuler.service.type "ClusterIP" }}
+  externalTrafficPolicy: {{ .Values.thanosRuler.service.externalTrafficPolicy }}
+{{- end }}
+  ports:
+  - name: {{ .Values.thanosRuler.thanosRulerSpec.portName }}
+  {{- if eq .Values.thanosRuler.service.type "NodePort" }}
+    nodePort: {{ .Values.thanosRuler.service.nodePort }}
+  {{- end }}
+    port: {{ .Values.thanosRuler.service.port }}
+    targetPort: {{ .Values.thanosRuler.service.targetPort }}
+    protocol: TCP
+{{- if .Values.thanosRuler.service.additionalPorts }}
+{{ toYaml .Values.thanosRuler.service.additionalPorts | indent 2 }}
+{{- end }}
+  selector:
+    app.kubernetes.io/name: thanos-ruler
+    thanos-ruler: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+  type: "{{ .Values.thanosRuler.service.type }}"
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/serviceaccount.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/serviceaccount.yaml
new file mode 100644
index 0000000000..b58f1cd4df
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/serviceaccount.yaml
@@ -0,0 +1,20 @@
+{{- if and .Values.thanosRuler.enabled .Values.thanosRuler.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "kube-prometheus-stack.thanosRuler.serviceAccountName" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+    app.kubernetes.io/name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+    app.kubernetes.io/component: thanos-ruler
+{{- include "kube-prometheus-stack.labels" . | indent 4 -}}
+{{- if .Values.thanosRuler.serviceAccount.annotations }}
+  annotations:
+{{ toYaml .Values.thanosRuler.serviceAccount.annotations | indent 4 }}
+{{- end }}
+{{- if .Values.global.imagePullSecrets }}
+imagePullSecrets:
+{{ toYaml .Values.global.imagePullSecrets | indent 2 }}
+{{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/servicemonitor.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/servicemonitor.yaml
new file mode 100644
index 0000000000..b2b138b498
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/thanos-ruler/servicemonitor.yaml
@@ -0,0 +1,82 @@
+{{- if and .Values.thanosRuler.enabled .Values.thanosRuler.serviceMonitor.selfMonitor }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+  namespace: {{ template "kube-prometheus-stack.namespace" . }}
+  labels:
+    app: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+{{ include "kube-prometheus-stack.labels" . | indent 4 }}
+{{- with .Values.thanosRuler.serviceMonitor.additionalLabels }}
+{{- toYaml . | nindent 4 }}
+{{- end }}
+spec:
+  {{- include "servicemonitor.scrapeLimits" .Values.thanosRuler.serviceMonitor | nindent 2 }}
+  selector:
+    matchLabels:
+      app: {{ template "kube-prometheus-stack.thanosRuler.name" . }}
+      release: {{ $.Release.Name | quote }}
+      self-monitor: {{ .Values.thanosRuler.serviceMonitor.selfMonitor | quote }}
+  namespaceSelector:
+    matchNames:
+      - {{ printf "%s" (include "kube-prometheus-stack.namespace" .) | quote }}
+  endpoints:
+  - port: {{ .Values.thanosRuler.thanosRulerSpec.portName }}
+    {{- if .Values.thanosRuler.serviceMonitor.interval }}
+    interval: {{ .Values.thanosRuler.serviceMonitor.interval }}
+    {{- end }}
+    {{- if .Values.thanosRuler.serviceMonitor.proxyUrl }}
+    proxyUrl: {{ .Values.thanosRuler.serviceMonitor.proxyUrl}}
+    {{- end }}
+    {{- if .Values.thanosRuler.serviceMonitor.scheme }}
+    scheme: {{ .Values.thanosRuler.serviceMonitor.scheme }}
+    {{- end }}
+    {{- if .Values.thanosRuler.serviceMonitor.bearerTokenFile }}
+    bearerTokenFile: {{ .Values.thanosRuler.serviceMonitor.bearerTokenFile }}
+    {{- end }}
+    {{- if .Values.thanosRuler.serviceMonitor.tlsConfig }}
+    tlsConfig: {{- toYaml .Values.thanosRuler.serviceMonitor.tlsConfig | nindent 6 }}
+    {{- end }}
+    path: "{{ trimSuffix "/" .Values.thanosRuler.thanosRulerSpec.routePrefix }}/metrics"
+    {{- if .Values.thanosRuler.serviceMonitor.metricRelabelings }}
+    metricRelabelings: {{- tpl (toYaml .Values.thanosRuler.serviceMonitor.metricRelabelings | nindent 6) . }}
+    {{- end }}
+        {{ if .Values.global.cattle.clusterId }}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_id
+        replacement: {{ .Values.global.cattle.clusterId }}
+    {{- end }}
+    {{ if .Values.global.cattle.clusterName}}
+      - sourceLabels: [__address__]
+        targetLabel: cluster_name
+        replacement: {{ .Values.global.cattle.clusterName }}
+    {{- end }}
+    {{- if .Values.thanosRuler.serviceMonitor.relabelings }}
+    relabelings: {{- toYaml .Values.thanosRuler.serviceMonitor.relabelings | nindent 6 }}
+    {{- end }}
+  {{- range .Values.thanosRuler.serviceMonitor.additionalEndpoints }}
+  - port: {{ .port }}
+    {{- if or $.Values.thanosRuler.serviceMonitor.interval .interval }}
+    interval: {{ default $.Values.thanosRuler.serviceMonitor.interval .interval }}
+    {{- end }}
+    {{- if or $.Values.thanosRuler.serviceMonitor.proxyUrl .proxyUrl }}
+    proxyUrl: {{ default $.Values.thanosRuler.serviceMonitor.proxyUrl .proxyUrl }}
+    {{- end }}
+    {{- if or $.Values.thanosRuler.serviceMonitor.scheme .scheme }}
+    scheme: {{ default $.Values.thanosRuler.serviceMonitor.scheme .scheme }}
+    {{- end }}
+    {{- if or $.Values.thanosRuler.serviceMonitor.bearerTokenFile .bearerTokenFile }}
+    bearerTokenFile: {{ default $.Values.thanosRuler.serviceMonitor.bearerTokenFile .bearerTokenFile }}
+    {{- end }}
+    {{- if or $.Values.thanosRuler.serviceMonitor.tlsConfig .tlsConfig }}
+    tlsConfig: {{- default $.Values.thanosRuler.serviceMonitor.tlsConfig .tlsConfig | toYaml | nindent 6 }}
+    {{- end }}
+    path: {{ .path }}
+    {{- if or $.Values.thanosRuler.serviceMonitor.metricRelabelings .metricRelabelings }}
+    metricRelabelings: {{- tpl (default $.Values.thanosRuler.serviceMonitor.metricRelabelings .metricRelabelings | toYaml | nindent 6) . }}
+    {{- end }}
+    {{- if or $.Values.thanosRuler.serviceMonitor.relabelings .relabelings }}
+    relabelings: {{- default $.Values.thanosRuler.serviceMonitor.relabelings .relabelings | toYaml | nindent 6 }}
+    {{- end }}
+  {{- end }}
+{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/validate-install-crd.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..6fcb8b3a69
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/validate-install-crd.yaml
@@ -0,0 +1,23 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "monitoring.coreos.com/v1alpha1/AlertmanagerConfig" false -}}
+# {{- set $found "monitoring.coreos.com/v1/Alertmanager" false -}}
+# {{- set $found "monitoring.coreos.com/v1/PodMonitor" false -}}
+# {{- set $found "monitoring.coreos.com/v1/Probe" false -}}
+# {{- set $found "monitoring.coreos.com/v1alpha1/PrometheusAgent" false -}}
+# {{- set $found "monitoring.coreos.com/v1/Prometheus" false -}}
+# {{- set $found "monitoring.coreos.com/v1/PrometheusRule" false -}}
+# {{- set $found "monitoring.coreos.com/v1alpha1/ScrapeConfig" false -}}
+# {{- set $found "monitoring.coreos.com/v1/ServiceMonitor" false -}}
+# {{- set $found "monitoring.coreos.com/v1/ThanosRuler" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/templates/validate-psp-install.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring/103.2.2+up57.0.3/values.yaml b/charts/rancher-monitoring/103.2.2+up57.0.3/values.yaml
new file mode 100644
index 0000000000..40f676556a
--- /dev/null
+++ b/charts/rancher-monitoring/103.2.2+up57.0.3/values.yaml
@@ -0,0 +1,5433 @@
+# Default values for kube-prometheus-stack.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Rancher Monitoring Configuration
+
+## Configuration for prometheus-adapter
+## ref: https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-adapter
+##
+prometheus-adapter:
+  enabled: true
+  prometheus:
+    # Change this if you change the namespaceOverride or nameOverride of prometheus-operator
+    url: http://rancher-monitoring-prometheus.cattle-monitoring-system.svc
+    port: 9090
+
+## RKE PushProx Monitoring
+## ref: https://github.com/rancher/charts/tree/dev-v2.9/packages/rancher-monitoring/rancher-pushprox
+##
+rkeControllerManager:
+  enabled: false
+  metricsPort: 10257 # default to secure port as of k8s >= 1.22
+  component: kube-controller-manager
+  clients:
+    https:
+      enabled: true
+      insecureSkipVerify: true
+      useServiceAccountCredentials: true
+    port: 10011
+    useLocalhost: true
+    nodeSelector:
+      node-role.kubernetes.io/controlplane: "true"
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+  kubeVersionOverrides:
+  - constraint: "< 1.22"
+    values:
+      metricsPort: 10252 # default to insecure port in k8s < 1.22
+      clients:
+        https:
+          enabled: false
+          insecureSkipVerify: false
+          useServiceAccountCredentials: false
+
+rkeScheduler:
+  enabled: false
+  metricsPort: 10259
+  component: kube-scheduler
+  clients:
+    https:
+      enabled: true
+      insecureSkipVerify: true
+      useServiceAccountCredentials: true
+    port: 10012
+    useLocalhost: true
+    nodeSelector:
+      node-role.kubernetes.io/controlplane: "true"
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+  kubeVersionOverrides:
+  - constraint: "< 1.23"
+    values:
+      metricsPort: 10251 # default to insecure port in k8s < 1.23
+      clients:
+        https:
+          enabled: false
+          insecureSkipVerify: false
+          useServiceAccountCredentials: false
+
+rkeProxy:
+  enabled: false
+  metricsPort: 10249
+  component: kube-proxy
+  clients:
+    port: 10013
+    useLocalhost: true
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+
+rkeEtcd:
+  enabled: false
+  metricsPort: 2379
+  component: kube-etcd
+  clients:
+    port: 10014
+    https:
+      enabled: true
+      certDir: /etc/kubernetes/ssl
+      certFile: kube-etcd-*.pem
+      keyFile: kube-etcd-*-key.pem
+      caCertFile: kube-ca.pem
+      seLinuxOptions:
+        # Gives rkeEtcd permissions to read files in /etc/kubernetes/*
+        # Type is defined in https://github.com/rancher/rancher-selinux
+        type: rke_kubereader_t
+    nodeSelector:
+      node-role.kubernetes.io/etcd: "true"
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+
+rkeIngressNginx:
+  enabled: false
+  metricsPort: 10254
+  component: ingress-nginx
+  clients:
+    port: 10015
+    useLocalhost: true
+    tolerations:
+      - effect: "NoExecute"
+        operator: "Exists"
+      - effect: "NoSchedule"
+        operator: "Exists"
+    nodeSelector:
+      node-role.kubernetes.io/worker: "true"
+
+## k3s PushProx Monitoring
+## ref: https://github.com/rancher/charts/tree/dev-v2.9/packages/rancher-monitoring/rancher-pushprox
+##
+k3sServer:
+  enabled: false
+  metricsPort: 10250
+  component: k3s-server
+  clients:
+    port: 10013
+    useLocalhost: true
+    https:
+      enabled: true
+      useServiceAccountCredentials: true
+      insecureSkipVerify: true
+    rbac:
+      additionalRules:
+      - nonResourceURLs: ["/metrics/cadvisor"]
+        verbs: ["get"]
+      - apiGroups: [""]
+        resources: ["nodes/metrics"]
+        verbs: ["get"]
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+  serviceMonitor:
+    endpoints:
+    - port: metrics
+      honorLabels: true
+      relabelings:
+      - sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+    - port: metrics
+      path: /metrics/cadvisor
+      honorLabels: true
+      relabelings:
+      - sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+    - port: metrics
+      path: /metrics/probes
+      honorLabels: true
+      relabelings:
+      - sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+
+hardened:
+  k3s:  
+    networkPolicy:
+      enabled: true
+
+## KubeADM PushProx Monitoring
+## ref: https://github.com/rancher/charts/tree/dev-v2.9/packages/rancher-monitoring/rancher-pushprox
+##
+kubeAdmControllerManager:
+  enabled: false
+  metricsPort: 10257
+  component: kube-controller-manager
+  clients:
+    port: 10011
+    useLocalhost: true
+    https:
+      enabled: true
+      useServiceAccountCredentials: true
+      insecureSkipVerify: true
+    nodeSelector:
+      node-role.kubernetes.io/master: ""
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+
+kubeAdmScheduler:
+  enabled: false
+  metricsPort: 10259
+  component: kube-scheduler
+  clients:
+    port: 10012
+    useLocalhost: true
+    https:
+      enabled: true
+      useServiceAccountCredentials: true
+      insecureSkipVerify: true
+    nodeSelector:
+      node-role.kubernetes.io/master: ""
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+
+kubeAdmProxy:
+  enabled: false
+  metricsPort: 10249
+  component: kube-proxy
+  clients:
+    port: 10013
+    useLocalhost: true
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+
+kubeAdmEtcd:
+  enabled: false
+  metricsPort: 2381
+  component: kube-etcd
+  clients:
+    port: 10014
+    useLocalhost: true
+    nodeSelector:
+      node-role.kubernetes.io/master: ""
+    tolerations:
+    - effect: "NoExecute"
+      operator: "Exists"
+    - effect: "NoSchedule"
+      operator: "Exists"
+
+## rke2 PushProx Monitoring
+## ref: https://github.com/rancher/charts/tree/dev-v2.9/packages/rancher-monitoring/rancher-pushprox
+##
+rke2ControllerManager:
+  enabled: false
+  metricsPort: 10257 # default to secure port as of k8s >= 1.22
+  component: kube-controller-manager
+  clients:
+    https:
+      enabled: true
+      insecureSkipVerify: true
+      useServiceAccountCredentials: true
+    port: 10011
+    useLocalhost: true
+    nodeSelector:
+      node-role.kubernetes.io/master: "true"
+    tolerations:
+      - effect: "NoExecute"
+        operator: "Exists"
+      - effect: "NoSchedule"
+        operator: "Exists"
+  kubeVersionOverrides:
+  - constraint: "< 1.22"
+    values:
+      metricsPort: 10252 # default to insecure port in k8s < 1.22
+      clients:
+        https:
+          enabled: false
+          insecureSkipVerify: false
+          useServiceAccountCredentials: false
+
+rke2Scheduler:
+  enabled: false
+  metricsPort: 10259 # default to secure port as of k8s >= 1.22
+  component: kube-scheduler
+  clients:
+    https:
+      enabled: true
+      insecureSkipVerify: true
+      useServiceAccountCredentials: true
+    port: 10012
+    useLocalhost: true
+    nodeSelector:
+      node-role.kubernetes.io/master: "true"
+    tolerations:
+      - effect: "NoExecute"
+        operator: "Exists"
+      - effect: "NoSchedule"
+        operator: "Exists"
+  kubeVersionOverrides:
+  - constraint: "< 1.22"
+    values:
+      metricsPort: 10251 # default to insecure port in k8s < 1.22
+      clients:
+        https:
+          enabled: false
+          insecureSkipVerify: false
+          useServiceAccountCredentials: false
+
+rke2Proxy:
+  enabled: false
+  metricsPort: 10249
+  component: kube-proxy
+  clients:
+    port: 10013
+    useLocalhost: true
+    tolerations:
+      - effect: "NoExecute"
+        operator: "Exists"
+      - effect: "NoSchedule"
+        operator: "Exists"
+
+rke2Etcd:
+  enabled: false
+  metricsPort: 2381
+  component: kube-etcd
+  clients:
+    port: 10014
+    useLocalhost: true
+    nodeSelector:
+      node-role.kubernetes.io/etcd: "true"
+    tolerations:
+      - effect: "NoExecute"
+        operator: "Exists"
+      - effect: "NoSchedule"
+        operator: "Exists"
+
+rke2IngressNginx:
+  enabled: false
+  networkPolicy:
+    enabled: false
+  metricsPort: 10254
+  component: ingress-nginx
+  # in the RKE2 cluster, the ingress-nginx-controller is deployed
+  # as a non-hostNetwork workload starting at the following versions
+  # - >= v1.22.12+rke2r1 < 1.23.0-0
+  # - >= v1.23.9+rke2r1 < 1.24.0-0
+  # - >= v1.24.3+rke2r1 < 1.25.0-0
+  # - >= v1.25.0+rke2r1
+  # As a result we do not need clients and proxies as we can directly create
+  # a service that targets the workload with the given app name
+  namespaceOverride: kube-system
+  clients:
+    enabled: false
+  proxy:
+    enabled: false
+  service:
+    selector:
+      app.kubernetes.io/name: rke2-ingress-nginx
+  kubeVersionOverrides:
+  - constraint: "< 1.21.0-0"
+    values:
+      namespaceOverride: ""
+      clients:
+        enabled: true
+        port: 10015
+        useLocalhost: true
+        tolerations:
+          - effect: "NoExecute"
+            operator: "Exists"
+          - effect: "NoSchedule"
+            operator: "Exists"
+        affinity:
+          podAffinity:
+            requiredDuringSchedulingIgnoredDuringExecution:
+              - labelSelector:
+                  matchExpressions:
+                    - key: "app.kubernetes.io/component"
+                      operator: "In"
+                      values:
+                        - "controller"
+                topologyKey: "kubernetes.io/hostname"
+                namespaces:
+                  - "kube-system"
+        # in the RKE2 cluster, the ingress-nginx-controller is deployed as
+        # a DaemonSet with 1 pod when RKE2 version is < 1.21.0-0
+        deployment:
+          enabled: false
+      proxy:
+        enabled: true
+      service:
+        selector: false
+  - constraint: ">= 1.21.0-0 < 1.22.12-0"
+    values:
+      namespaceOverride: ""
+      clients:
+        enabled: true
+        port: 10015
+        useLocalhost: true
+        tolerations:
+          - effect: "NoExecute"
+            operator: "Exists"
+          - effect: "NoSchedule"
+            operator: "Exists"
+        affinity:
+          podAffinity:
+            requiredDuringSchedulingIgnoredDuringExecution:
+              - labelSelector:
+                  matchExpressions:
+                    - key: "app.kubernetes.io/component"
+                      operator: "In"
+                      values:
+                        - "controller"
+                topologyKey: "kubernetes.io/hostname"
+                namespaces:
+                  - "kube-system"
+        # in the RKE2 cluster, the ingress-nginx-controller is deployed as
+        # a hostNetwork Deployment with 1 pod when RKE2 version is >= 1.21.0-0
+        deployment:
+          enabled: true
+          replicas: 1
+      proxy:
+        enabled: true
+      service:
+        selector: false
+  - constraint: ">= 1.23.0-0 < v1.23.9-0"
+    values:
+      namespaceOverride: ""
+      clients:
+        enabled: true
+        port: 10015
+        useLocalhost: true
+        tolerations:
+          - effect: "NoExecute"
+            operator: "Exists"
+          - effect: "NoSchedule"
+            operator: "Exists"
+        affinity:
+          podAffinity:
+            requiredDuringSchedulingIgnoredDuringExecution:
+              - labelSelector:
+                  matchExpressions:
+                    - key: "app.kubernetes.io/component"
+                      operator: "In"
+                      values:
+                        - "controller"
+                topologyKey: "kubernetes.io/hostname"
+                namespaces:
+                  - "kube-system"
+        # in the RKE2 cluster, the ingress-nginx-controller is deployed as
+        # a hostNetwork Deployment with 1 pod when RKE2 version is >= 1.20.0-0
+        deployment:
+          enabled: true
+          replicas: 1
+      proxy:
+        enabled: true
+      service:
+        selector: false
+  - constraint: ">= 1.24.0-0 < v1.24.3-0"
+    values:
+      namespaceOverride: ""
+      clients:
+        enabled: true
+        port: 10015
+        useLocalhost: true
+        tolerations:
+          - effect: "NoExecute"
+            operator: "Exists"
+          - effect: "NoSchedule"
+            operator: "Exists"
+        affinity:
+          podAffinity:
+            requiredDuringSchedulingIgnoredDuringExecution:
+              - labelSelector:
+                  matchExpressions:
+                    - key: "app.kubernetes.io/component"
+                      operator: "In"
+                      values:
+                        - "controller"
+                topologyKey: "kubernetes.io/hostname"
+                namespaces:
+                  - "kube-system"
+        # in the RKE2 cluster, the ingress-nginx-controller is deployed as
+        # a hostNetwork Deployment with 1 pod when RKE2 version is >= 1.20.0-0
+        deployment:
+          enabled: true
+          replicas: 1
+      proxy:
+        enabled: true
+      service:
+        selector: false
+
+
+
+## Additional PushProx Monitoring
+## ref: https://github.com/rancher/charts/tree/dev-v2.9/packages/rancher-monitoring/rancher-pushprox
+##
+
+# hardenedKubelet can only be deployed if kubelet.enabled=true
+# If enabled, it replaces the ServiceMonitor deployed by the default kubelet option with a 
+# PushProx-based exporter that does not require a host port to be open to scrape metrics.
+hardenedKubelet:
+  enabled: false
+  metricsPort: 10250
+  component: kubelet
+  clients:
+    port: 10015
+    useLocalhost: true
+    https:
+      enabled: true
+      useServiceAccountCredentials: true
+      insecureSkipVerify: true
+    rbac:
+      additionalRules:
+      - nonResourceURLs: ["/metrics/cadvisor"]
+        verbs: ["get"]
+      - apiGroups: [""]
+        resources: ["nodes/metrics"]
+        verbs: ["get"]
+    tolerations:
+      - effect: "NoExecute"
+        operator: "Exists"
+      - effect: "NoSchedule"
+        operator: "Exists"
+  serviceMonitor:
+    endpoints:
+    - port: metrics
+      honorLabels: true
+      relabelings:
+      - sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+    - port: metrics
+      path: /metrics/cadvisor
+      honorLabels: true
+      relabelings:
+      - sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+    - port: metrics
+      path: /metrics/probes
+      honorLabels: true
+      relabelings:
+      - sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+
+# hardenedNodeExporter can only be deployed if nodeExporter.enabled=true
+# If enabled, it replaces the ServiceMonitor deployed by the default nodeExporter with a 
+# PushProx-based exporter that does not require a host port to be open to scrape metrics.
+hardenedNodeExporter:
+  enabled: false
+  metricsPort: 9796
+  component: node-exporter
+  clients:
+    port: 10016
+    useLocalhost: true
+    tolerations:
+      - effect: "NoExecute"
+        operator: "Exists"
+      - effect: "NoSchedule"
+        operator: "Exists"
+
+## Upgrades
+upgrade:
+  ## Run upgrade scripts before an upgrade or rollback via a Job hook
+  enabled: true
+  ## Image to use to run the scripts
+  image:
+    repository: rancher/shell
+    tag: v0.2.1
+
+## Rancher Monitoring
+##
+
+rancherMonitoring:
+  enabled: true
+
+  ## A namespaceSelector to identify the namespace to find the Rancher deployment
+  ##
+  namespaceSelector:
+    matchNames:
+    - cattle-system
+
+  ## A selector to identify the Rancher deployment
+  ## If not set, the chart will try to search for the Rancher deployment in the cattle-system namespace and infer the selector values from it
+  ## If the Rancher deployment does not exist, no resources will be deployed.
+  ##
+  selector: {}
+
+## Component scraping nginx-ingress-controller
+##
+ingressNginx:
+  enabled: false
+
+  ## The namespace to search for your nginx-ingress-controller
+  ##
+  namespace: ingress-nginx
+  
+  service:
+    port: 9913
+    targetPort: 10254
+    # selector:
+    #   app: ingress-nginx
+  serviceMonitor:
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: "30s"
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## 	metric relabel configs to apply to samples before ingestion.
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    # 	relabel configs to apply to samples before ingestion.
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+# Prometheus Operator Configuration
+
+## Provide a name in place of kube-prometheus-stack for `app:` labels
+## NOTE: If you change this value, you must update the prometheus-adapter.prometheus.url
+##
+nameOverride: "rancher-monitoring"
+
+## Override the deployment namespace
+## NOTE: If you change this value, you must update the prometheus-adapter.prometheus.url
+##
+namespaceOverride: "cattle-monitoring-system"
+
+## Provide a k8s version to auto dashboard import script example: kubeTargetVersionOverride: 1.26.6
+##
+kubeTargetVersionOverride: ""
+
+## Allow kubeVersion to be overridden while creating the ingress
+##
+kubeVersionOverride: ""
+
+## Provide a name to substitute for the full names of resources
+##
+fullnameOverride: ""
+
+## Labels to apply to all resources
+##
+commonLabels: {}
+# scmhash: abc123
+# myLabel: aakkmd
+
+## Install Prometheus Operator CRDs
+##
+crds:
+  enabled: true
+
+## custom Rules to override "for" and "severity" in defaultRules
+##
+customRules: {}
+  # AlertmanagerFailedReload:
+  #   for: 3m
+  # AlertmanagerMembersInconsistent:
+  #   for: 5m
+  #   severity: "warning"
+
+## Create default rules for monitoring the cluster
+##
+defaultRules:
+  create: true
+  rules:
+    alertmanager: true
+    etcd: true
+    configReloaders: true
+    general: true
+    k8sContainerCpuUsageSecondsTotal: true
+    k8sContainerMemoryCache: true
+    k8sContainerMemoryRss: true
+    k8sContainerMemorySwap: true
+    k8sContainerResource: true
+    k8sContainerMemoryWorkingSetBytes: true
+    k8sPodOwner: true
+    kubeApiserverAvailability: true
+    kubeApiserverBurnrate: true
+    kubeApiserverHistogram: true
+    kubeApiserverSlos: true
+    kubeControllerManager: true
+    kubelet: true
+    kubeProxy: true
+    kubePrometheusGeneral: true
+    kubePrometheusNodeRecording: true
+    kubernetesApps: true
+    kubernetesResources: true
+    kubernetesStorage: true
+    kubernetesSystem: true
+    kubeSchedulerAlerting: true
+    kubeSchedulerRecording: true
+    kubeStateMetrics: true
+    network: true
+    node: true
+    nodeExporterAlerting: true
+    nodeExporterRecording: true
+    prometheus: true
+    prometheusOperator: true
+    windows: true
+
+  ## Reduce app namespace alert scope
+  appNamespacesTarget: ".*"
+
+  ## Set keep_firing_for for all alerts
+  keepFiringFor: ""
+
+  ## Labels for default rules
+  labels: {}
+  ## Annotations for default rules
+  annotations: {}
+
+  ## Additional labels for PrometheusRule alerts
+  additionalRuleLabels: {}
+
+  ## Additional annotations for PrometheusRule alerts
+  additionalRuleAnnotations: {}
+
+  ## Additional labels for specific PrometheusRule alert groups
+  additionalRuleGroupLabels:
+    alertmanager: {}
+    etcd: {}
+    configReloaders: {}
+    general: {}
+    k8sContainerCpuUsageSecondsTotal: {}
+    k8sContainerMemoryCache: {}
+    k8sContainerMemoryRss: {}
+    k8sContainerMemorySwap: {}
+    k8sContainerResource: {}
+    k8sPodOwner: {}
+    kubeApiserverAvailability: {}
+    kubeApiserverBurnrate: {}
+    kubeApiserverHistogram: {}
+    kubeApiserverSlos: {}
+    kubeControllerManager: {}
+    kubelet: {}
+    kubeProxy: {}
+    kubePrometheusGeneral: {}
+    kubePrometheusNodeRecording: {}
+    kubernetesApps: {}
+    kubernetesResources: {}
+    kubernetesStorage: {}
+    kubernetesSystem: {}
+    kubeSchedulerAlerting: {}
+    kubeSchedulerRecording: {}
+    kubeStateMetrics: {}
+    network: {}
+    node: {}
+    nodeExporterAlerting: {}
+    nodeExporterRecording: {}
+    prometheus: {}
+    prometheusOperator: {}
+
+  ## Additional annotations for specific PrometheusRule alerts groups
+  additionalRuleGroupAnnotations:
+    alertmanager: {}
+    etcd: {}
+    configReloaders: {}
+    general: {}
+    k8sContainerCpuUsageSecondsTotal: {}
+    k8sContainerMemoryCache: {}
+    k8sContainerMemoryRss: {}
+    k8sContainerMemorySwap: {}
+    k8sContainerResource: {}
+    k8sPodOwner: {}
+    kubeApiserverAvailability: {}
+    kubeApiserverBurnrate: {}
+    kubeApiserverHistogram: {}
+    kubeApiserverSlos: {}
+    kubeControllerManager: {}
+    kubelet: {}
+    kubeProxy: {}
+    kubePrometheusGeneral: {}
+    kubePrometheusNodeRecording: {}
+    kubernetesApps: {}
+    kubernetesResources: {}
+    kubernetesStorage: {}
+    kubernetesSystem: {}
+    kubeSchedulerAlerting: {}
+    kubeSchedulerRecording: {}
+    kubeStateMetrics: {}
+    network: {}
+    node: {}
+    nodeExporterAlerting: {}
+    nodeExporterRecording: {}
+    prometheus: {}
+    prometheusOperator: {}
+
+  additionalAggregationLabels: []
+
+  ## Prefix for runbook URLs. Use this to override the first part of the runbookURLs that is common to all rules.
+  runbookUrl: "https://runbooks.prometheus-operator.dev/runbooks"
+
+  ## Disabled PrometheusRule alerts
+  disabled: {}
+  # KubeAPIDown: true
+  # NodeRAIDDegraded: true
+
+## Deprecated way to provide custom recording or alerting rules to be deployed into the cluster.
+##
+# additionalPrometheusRules: []
+#  - name: my-rule-file
+#    groups:
+#      - name: my_group
+#        rules:
+#        - record: my_record
+#          expr: 100 * my_record
+
+## Provide custom recording or alerting rules to be deployed into the cluster.
+##
+additionalPrometheusRulesMap: {}
+#  rule-name:
+#    groups:
+#    - name: my_group
+#      rules:
+#      - record: my_record
+#        expr: 100 * my_record
+
+##
+global:
+  cattle:
+    psp:
+      enabled: false
+
+    systemDefaultRegistry: ""
+    ## Windows Monitoring
+    ## ref: https://github.com/rancher/charts/tree/dev-v2.5-source/packages/rancher-windows-exporter
+    ##
+    ## Deploys a DaemonSet of Prometheus exporters based on https://github.com/prometheus-community/windows_exporter.
+    ## Every Windows host must have a wins version of 0.1.0+ to use this chart (default as of Rancher 2.5.8).
+    ## To upgrade wins versions on Windows hosts, see https://github.com/rancher/wins/tree/master/charts/rancher-wins-upgrader.
+    ##
+    windows:
+      enabled: false
+  seLinux:
+    enabled: false
+  kubectl:
+     repository: rancher/kubectl
+     tag: v1.20.2
+     pullPolicy: IfNotPresent
+  rbac:
+    ## Create RBAC resources for ServiceAccounts and users
+    ##
+    create: true
+
+    userRoles:
+      ## Create default user ClusterRoles to allow users to interact with Prometheus CRs, ConfigMaps, and Secrets
+      create: true
+      ## Aggregate default user ClusterRoles into default k8s ClusterRoles
+      aggregateToDefaultRoles: true
+
+    pspAnnotations: {}
+      ## Specify pod annotations
+      ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#apparmor
+      ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#seccomp
+      ## Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#sysctl
+      ##
+      # seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*'
+      # seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default'
+      # apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
+
+  ## Global image registry to use if it needs to be overriden for some specific use cases (e.g local registries, custom images, ...)
+  ##
+  imageRegistry: docker.io
+
+  ## Reference to one or more secrets to be used when pulling images
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+  ##
+  imagePullSecrets: []
+  # - name: "image-pull-secret"
+  # or
+  # - "image-pull-secret"
+
+windowsMonitoring:
+  ## Deploys the windows-exporter and Windows-specific dashboards and rules (job name must be 'windows-exporter')
+  enabled: false
+
+## Configuration for prometheus-windows-exporter
+## ref: https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-windows-exporter
+##
+prometheus-windows-exporter:
+  ## Enable ServiceMonitor and set Kubernetes label to use as a job label
+  ##
+  prometheus:
+    monitor:
+      enabled: true
+      jobLabel: jobLabel
+
+  releaseLabel: true
+
+  ## Set job label to 'windows-exporter' as required by the default Prometheus rules and Grafana dashboards
+  ##
+  podLabels:
+    jobLabel: windows-exporter
+
+  ## Enable memory and container metrics as required by the default Prometheus rules and Grafana dashboards
+  ##
+  config: |-
+    collectors:
+      enabled: '[defaults],memory,container'
+
+## Configuration for alertmanager
+## ref: https://prometheus.io/docs/alerting/alertmanager/
+##
+alertmanager:
+
+  ## Deploy alertmanager
+  ##
+  enabled: true
+
+  ## Annotations for Alertmanager
+  ##
+  annotations: {}
+
+  ## Api that prometheus will use to communicate with alertmanager. Possible values are v1, v2
+  ##
+  apiVersion: v2
+
+  ## Service account for Alertmanager to use.
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+  ##
+  serviceAccount:
+    create: true
+    name: ""
+    annotations: {}
+    automountServiceAccountToken: true
+
+  ## Configure pod disruption budgets for Alertmanager
+  ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
+  ## This configuration is immutable once created and will require the PDB to be deleted to be changed
+  ## https://github.com/kubernetes/kubernetes/issues/45398
+  ##
+  podDisruptionBudget:
+    enabled: false
+    minAvailable: 1
+    maxUnavailable: ""
+
+  ## Alertmanager configuration directives
+  ## ref: https://prometheus.io/docs/alerting/configuration/#configuration-file
+  ##      https://prometheus.io/webtools/alerting/routing-tree-editor/
+  ##
+  config:
+    global:
+      resolve_timeout: 5m
+    inhibit_rules:
+      - source_matchers:
+          - 'severity = critical'
+        target_matchers:
+          - 'severity =~ warning|info'
+        equal:
+          - 'namespace'
+          - 'alertname'
+      - source_matchers:
+          - 'severity = warning'
+        target_matchers:
+          - 'severity = info'
+        equal:
+          - 'namespace'
+          - 'alertname'
+      - source_matchers:
+          - 'alertname = InfoInhibitor'
+        target_matchers:
+          - 'severity = info'
+        equal:
+          - 'namespace'
+      - target_matchers:
+          - 'alertname = InfoInhibitor'
+    route:
+      group_by: ['namespace']
+      group_wait: 30s
+      group_interval: 5m
+      repeat_interval: 12h
+      receiver: 'null'
+      routes:
+      - receiver: 'null'
+        matchers:
+          - alertname = "Watchdog"
+    receivers:
+    - name: 'null'
+    templates:
+    - '/etc/alertmanager/config/*.tmpl'
+
+  ## Alertmanager configuration directives (as string type, preferred over the config hash map)
+  ## stringConfig will be used only, if tplConfig is true
+  ## ref: https://prometheus.io/docs/alerting/configuration/#configuration-file
+  ##      https://prometheus.io/webtools/alerting/routing-tree-editor/
+  ##
+  stringConfig: ""
+
+  ## Pass the Alertmanager configuration directives through Helm's templating
+  ## engine. If the Alertmanager configuration contains Alertmanager templates,
+  ## they'll need to be properly escaped so that they are not interpreted by
+  ## Helm
+  ## ref: https://helm.sh/docs/developing_charts/#using-the-tpl-function
+  ##      https://prometheus.io/docs/alerting/configuration/#tmpl_string
+  ##      https://prometheus.io/docs/alerting/notifications/
+  ##      https://prometheus.io/docs/alerting/notification_examples/
+  tplConfig: false
+
+  ## Alertmanager template files to format alerts
+  ## By default, templateFiles are placed in /etc/alertmanager/config/ and if
+  ## they have a .tmpl file suffix will be loaded. See config.templates above
+  ## to change, add other suffixes. If adding other suffixes, be sure to update
+  ## config.templates above to include those suffixes.
+  ## ref: https://prometheus.io/docs/alerting/notifications/
+  ##      https://prometheus.io/docs/alerting/notification_examples/
+  ##
+
+  templateFiles:
+    rancher_defaults.tmpl: |-
+        {{- define "slack.rancher.text" -}}
+        {{ template "rancher.text_multiple" . }}
+        {{- end -}}
+
+        {{- define "rancher.text_multiple" -}}
+        *[GROUP - Details]*
+        One or more alarms in this group have triggered a notification.
+
+        {{- if gt (len .GroupLabels.Values) 0 }}
+        *Group Labels:*
+          {{- range .GroupLabels.SortedPairs }}
+          • *{{ .Name }}:* `{{ .Value }}`
+          {{- end }}
+        {{- end }}
+        {{- if .ExternalURL }}
+        *Link to AlertManager:* {{ .ExternalURL }}
+        {{- end }}
+
+        {{- range .Alerts }}
+        {{ template "rancher.text_single" . }}
+        {{- end }}
+        {{- end -}}
+
+        {{- define "rancher.text_single" -}}
+        {{- if .Labels.alertname }}
+        *[ALERT - {{ .Labels.alertname }}]*
+        {{- else }}
+        *[ALERT]*
+        {{- end }}
+        {{- if .Labels.severity }}
+        *Severity:* `{{ .Labels.severity }}`
+        {{- end }}
+        {{- if .Labels.cluster }}
+        *Cluster:*  {{ .Labels.cluster }}
+        {{- end }}
+        {{- if .Annotations.summary }}
+        *Summary:* {{ .Annotations.summary }}
+        {{- end }}
+        {{- if .Annotations.message }}
+        *Message:* {{ .Annotations.message }}
+        {{- end }}
+        {{- if .Annotations.description }}
+        *Description:* {{ .Annotations.description }}
+        {{- end }}
+        {{- if .Annotations.runbook_url }}
+        *Runbook URL:* <{{ .Annotations.runbook_url }}|:spiral_note_pad:>
+        {{- end }}
+        {{- with .Labels }}
+        {{- with .Remove (stringSlice "alertname" "severity" "cluster") }}
+        {{- if gt (len .) 0 }}
+        *Additional Labels:*
+          {{- range .SortedPairs }}
+          • *{{ .Name }}:* `{{ .Value }}`
+          {{- end }}
+        {{- end }}
+        {{- end }}
+        {{- end }}
+        {{- with .Annotations }}
+        {{- with .Remove (stringSlice "summary" "message" "description" "runbook_url") }}
+        {{- if gt (len .) 0 }}
+        *Additional Annotations:*
+          {{- range .SortedPairs }}
+          • *{{ .Name }}:* `{{ .Value }}`
+          {{- end }}
+        {{- end }}
+        {{- end }}
+        {{- end }}
+        {{- end -}}
+
+  ingress:
+    enabled: false
+
+    # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+    # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+    # ingressClassName: nginx
+
+    annotations: {}
+
+    labels: {}
+
+    ## Override ingress to a different defined port on the service
+    # servicePort: 8081
+    ## Override ingress to a different service then the default, this is useful if you need to
+    ## point to a specific instance of the alertmanager (eg kube-prometheus-stack-alertmanager-0)
+    # serviceName: kube-prometheus-stack-alertmanager-0
+
+    ## Hosts must be provided if Ingress is enabled.
+    ##
+    hosts: []
+      # - alertmanager.domain.com
+
+    ## Paths to use for ingress rules - one path should match the alertmanagerSpec.routePrefix
+    ##
+    paths: []
+    # - /
+
+    ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
+    ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
+    # pathType: ImplementationSpecific
+
+    ## TLS configuration for Alertmanager Ingress
+    ## Secret must be manually created in the namespace
+    ##
+    tls: []
+    # - secretName: alertmanager-general-tls
+    #   hosts:
+    #   - alertmanager.example.com
+
+  ## Configuration for Alertmanager secret
+  ##
+  secret:
+    annotations: {}
+
+  # by default the alertmanager secret is not overwritten if it already exists
+    recreateIfExists: false
+
+  ## Configuration for creating an Ingress that will map to each Alertmanager replica service
+  ## alertmanager.servicePerReplica must be enabled
+  ##
+  ingressPerReplica:
+    enabled: false
+
+    # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+    # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+    # ingressClassName: nginx
+
+    annotations: {}
+    labels: {}
+
+    ## Final form of the hostname for each per replica ingress is
+    ## {{ ingressPerReplica.hostPrefix }}-{{ $replicaNumber }}.{{ ingressPerReplica.hostDomain }}
+    ##
+    ## Prefix for the per replica ingress that will have `-$replicaNumber`
+    ## appended to the end
+    hostPrefix: ""
+    ## Domain that will be used for the per replica ingress
+    hostDomain: ""
+
+    ## Paths to use for ingress rules
+    ##
+    paths: []
+    # - /
+
+    ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
+    ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
+    # pathType: ImplementationSpecific
+
+    ## Secret name containing the TLS certificate for alertmanager per replica ingress
+    ## Secret must be manually created in the namespace
+    tlsSecretName: ""
+
+    ## Separated secret for each per replica Ingress. Can be used together with cert-manager
+    ##
+    tlsSecretPerReplica:
+      enabled: false
+      ## Final form of the secret for each per replica ingress is
+      ## {{ tlsSecretPerReplica.prefix }}-{{ $replicaNumber }}
+      ##
+      prefix: "alertmanager"
+
+  ## Configuration for Alertmanager service
+  ##
+  service:
+    annotations: {}
+    labels: {}
+    clusterIP: ""
+
+    ## Port for Alertmanager Service to listen on
+    ##
+    port: 9093
+    ## To be used with a proxy extraContainer port
+    ##
+    targetPort: 9093
+    ## Port to expose on each node
+    ## Only used if service.type is 'NodePort'
+    ##
+    nodePort: 30903
+    ## List of IP addresses at which the Prometheus server service is available
+    ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
+    ##
+
+    ## Additional ports to open for Alertmanager service
+    ##
+    additionalPorts: []
+    # - name: oauth-proxy
+    #   port: 8081
+    #   targetPort: 8081
+    # - name: oauth-metrics
+    #   port: 8082
+    #   targetPort: 8082
+
+    externalIPs: []
+    loadBalancerIP: ""
+    loadBalancerSourceRanges: []
+
+    ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+    ##
+    externalTrafficPolicy: Cluster
+
+    ## If you want to make sure that connections from a particular client are passed to the same Pod each time
+    ## Accepts 'ClientIP' or 'None'
+    ##
+    sessionAffinity: None
+
+    ## If you want to modify the ClientIP sessionAffinity timeout
+    ## The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP"
+    ##
+    sessionAffinityConfig:
+      clientIP:
+        timeoutSeconds: 10800
+
+    ## Service type
+    ##
+    type: ClusterIP
+
+  ## Configuration for creating a separate Service for each statefulset Alertmanager replica
+  ##
+  servicePerReplica:
+    enabled: false
+    annotations: {}
+
+    ## Port for Alertmanager Service per replica to listen on
+    ##
+    port: 9093
+
+    ## To be used with a proxy extraContainer port
+    targetPort: 9093
+
+    ## Port to expose on each node
+    ## Only used if servicePerReplica.type is 'NodePort'
+    ##
+    nodePort: 30904
+
+    ## Loadbalancer source IP ranges
+    ## Only used if servicePerReplica.type is "LoadBalancer"
+    loadBalancerSourceRanges: []
+
+    ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+    ##
+    externalTrafficPolicy: Cluster
+
+    ## Service type
+    ##
+    type: ClusterIP
+
+  ## Configuration for creating a ServiceMonitor for AlertManager
+  ##
+  serviceMonitor:
+    ## If true, a ServiceMonitor will be created for the AlertManager service.
+    ##
+    selfMonitor: true
+
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS.
+    scheme: ""
+
+    ## enableHttp2: Whether to enable HTTP2.
+    ## See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint
+    enableHttp2: true
+
+    ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS.
+    ## Of type: https://github.com/coreos/prometheus-operator/blob/main/Documentation/api.md#tlsconfig
+    tlsConfig: {}
+
+    bearerTokenFile:
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional Endpoints
+    ##
+    additionalEndpoints: []
+    # - port: oauth-metrics
+    #   path: /metrics
+
+  ## Settings affecting alertmanagerSpec
+  ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#alertmanagerspec
+  ##
+  alertmanagerSpec:
+    ## Standard object's metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata
+    ## Metadata Labels and Annotations gets propagated to the Alertmanager pods.
+    ##
+    podMetadata: {}
+
+    ## Image of Alertmanager
+    ##
+    image:
+      repository: rancher/mirrored-prometheus-alertmanager
+      tag: v0.27.0
+      sha: ""
+
+    ## If true then the user will be responsible to provide a secret with alertmanager configuration
+    ## So when true the config part will be ignored (including templateFiles) and the one in the secret will be used
+    ##
+    useExistingSecret: false
+
+    ## Secrets is a list of Secrets in the same namespace as the Alertmanager object, which shall be mounted into the
+    ## Alertmanager Pods. The Secrets are mounted into /etc/alertmanager/secrets/.
+    ##
+    secrets: []
+
+    ## If false then the user will opt out of automounting API credentials.
+    ##
+    automountServiceAccountToken: true
+
+    ## ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods.
+    ## The ConfigMaps are mounted into /etc/alertmanager/configmaps/.
+    ##
+    configMaps: []
+
+    ## ConfigSecret is the name of a Kubernetes Secret in the same namespace as the Alertmanager object, which contains configuration for
+    ## this Alertmanager instance. Defaults to 'alertmanager-' The secret is mounted into /etc/alertmanager/config.
+    ##
+    # configSecret:
+
+    ## WebTLSConfig defines the TLS parameters for HTTPS
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#alertmanagerwebspec
+    web: {}
+
+    ## AlertmanagerConfigs to be selected to merge and configure Alertmanager with.
+    ##
+    alertmanagerConfigSelector: {}
+    ## Example which selects all alertmanagerConfig resources
+    ## with label "alertconfig" with values any of "example-config" or "example-config-2"
+    # alertmanagerConfigSelector:
+    #   matchExpressions:
+    #     - key: alertconfig
+    #       operator: In
+    #       values:
+    #         - example-config
+    #         - example-config-2
+    #
+    ## Example which selects all alertmanagerConfig resources with label "role" set to "example-config"
+    # alertmanagerConfigSelector:
+    #   matchLabels:
+    #     role: example-config
+
+    ## Namespaces to be selected for AlertmanagerConfig discovery. If nil, only check own namespace.
+    ##
+    alertmanagerConfigNamespaceSelector: {}
+    ## Example which selects all namespaces
+    ## with label "alertmanagerconfig" with values any of "example-namespace" or "example-namespace-2"
+    # alertmanagerConfigNamespaceSelector:
+    #   matchExpressions:
+    #     - key: alertmanagerconfig
+    #       operator: In
+    #       values:
+    #         - example-namespace
+    #         - example-namespace-2
+
+    ## Example which selects all namespaces with label "alertmanagerconfig" set to "enabled"
+    # alertmanagerConfigNamespaceSelector:
+    #   matchLabels:
+    #     alertmanagerconfig: enabled
+
+    ## AlermanagerConfig to be used as top level configuration
+    ##
+    alertmanagerConfiguration: {}
+    ## Example with select a global alertmanagerconfig
+    # alertmanagerConfiguration:
+    #   name: global-alertmanager-Configuration
+
+    ## Defines the strategy used by AlertmanagerConfig objects to match alerts. eg:
+    ##
+    alertmanagerConfigMatcherStrategy: {}
+    ## Example with use OnNamespace strategy
+    # alertmanagerConfigMatcherStrategy:
+    #   type: OnNamespace
+
+    ## Define Log Format
+    # Use logfmt (default) or json logging
+    logFormat: logfmt
+
+    ## Log level for Alertmanager to be configured with.
+    ##
+    logLevel: info
+
+    ## Size is the expected size of the alertmanager cluster. The controller will eventually make the size of the
+    ## running cluster equal to the expected size.
+    replicas: 1
+
+    ## Time duration Alertmanager shall retain data for. Default is '120h', and must match the regular expression
+    ## [0-9]+(ms|s|m|h) (milliseconds seconds minutes hours).
+    ##
+    retention: 120h
+
+    ## Storage is the definition of how storage will be used by the Alertmanager instances.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/storage.md
+    ##
+    storage: {}
+    # volumeClaimTemplate:
+    #   spec:
+    #     storageClassName: gluster
+    #     accessModes: ["ReadWriteOnce"]
+    #     resources:
+    #       requests:
+    #         storage: 50Gi
+    #     selector: {}
+
+
+    ## The external URL the Alertmanager instances will be available under. This is necessary to generate correct URLs. This is necessary if Alertmanager is not served from root of a DNS name. string  false
+    ##
+    externalUrl:
+
+    ## The route prefix Alertmanager registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true,
+    ## but the server serves requests under a different route prefix. For example for use with kubectl proxy.
+    ##
+    routePrefix: /
+
+    ## scheme: HTTP scheme to use. Can be used with `tlsConfig` for example if using istio mTLS.
+    scheme: ""
+
+    ## tlsConfig: TLS configuration to use when connect to the endpoint. For example if using istio mTLS.
+    ## Of type: https://github.com/coreos/prometheus-operator/blob/main/Documentation/api.md#tlsconfig
+    tlsConfig: {}
+
+    ## If set to true all actions on the underlying managed objects are not going to be performed, except for delete actions.
+    ##
+    paused: false
+
+    ## Define which Nodes the Pods are scheduled on.
+    ## ref: https://kubernetes.io/docs/user-guide/node-selection/
+    ##
+    nodeSelector: {}
+
+    ## Define resources requests and limits for single Pods.
+    ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
+    ##
+    resources:
+      limits:
+        memory: 500Mi
+        cpu: 1000m
+      requests:
+        memory: 100Mi
+        cpu: 100m
+
+    ## Pod anti-affinity can prevent the scheduler from placing Prometheus replicas on the same node.
+    ## The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided.
+    ## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node.
+    ## The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured.
+    ##
+    podAntiAffinity: ""
+
+    ## If anti-affinity is enabled sets the topologyKey to use for anti-affinity.
+    ## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone
+    ##
+    podAntiAffinityTopologyKey: kubernetes.io/hostname
+
+    ## Assign custom affinity rules to the alertmanager instance
+    ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+    ##
+    affinity: {}
+    # nodeAffinity:
+    #   requiredDuringSchedulingIgnoredDuringExecution:
+    #     nodeSelectorTerms:
+    #     - matchExpressions:
+    #       - key: kubernetes.io/e2e-az-name
+    #         operator: In
+    #         values:
+    #         - e2e-az1
+    #         - e2e-az2
+
+    ## If specified, the pod's tolerations.
+    ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+    ##
+    tolerations: []
+    # - key: "key"
+    #   operator: "Equal"
+    #   value: "value"
+    #   effect: "NoSchedule"
+
+    ## If specified, the pod's topology spread constraints.
+    ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
+    ##
+    topologySpreadConstraints: []
+    # - maxSkew: 1
+    #   topologyKey: topology.kubernetes.io/zone
+    #   whenUnsatisfiable: DoNotSchedule
+    #   labelSelector:
+    #     matchLabels:
+    #       app: alertmanager
+
+    ## SecurityContext holds pod-level security attributes and common container settings.
+    ## This defaults to non root user with uid 1000 and gid 2000. *v1.PodSecurityContext  false
+    ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+    ##
+    securityContext:
+      runAsGroup: 2000
+      runAsNonRoot: true
+      runAsUser: 1000
+      fsGroup: 2000
+      seccompProfile:
+        type: RuntimeDefault
+
+    ## ListenLocal makes the Alertmanager server listen on loopback, so that it does not bind against the Pod IP.
+    ## Note this is only for the Alertmanager UI, not the gossip communication.
+    ##
+    listenLocal: false
+
+    ## Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an Alertmanager pod.
+    ##
+    containers: []
+    # containers:
+    # - name: oauth-proxy
+    #   image: quay.io/oauth2-proxy/oauth2-proxy:v7.5.1
+    #   args:
+    #   - --upstream=http://127.0.0.1:9093
+    #   - --http-address=0.0.0.0:8081
+    #   - --metrics-address=0.0.0.0:8082
+    #   - ...
+    #   ports:
+    #   - containerPort: 8081
+    #     name: oauth-proxy
+    #     protocol: TCP
+    #   - containerPort: 8082
+    #     name: oauth-metrics
+    #     protocol: TCP
+    #   resources: {}
+
+    # Additional volumes on the output StatefulSet definition.
+    volumes: []
+
+    # Additional VolumeMounts on the output StatefulSet definition.
+    volumeMounts: []
+
+    ## InitContainers allows injecting additional initContainers. This is meant to allow doing some changes
+    ## (permissions, dir tree) on mounted volumes before starting prometheus
+    initContainers: []
+
+    ## Priority class assigned to the Pods
+    ##
+    priorityClassName: ""
+
+    ## AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster.
+    ##
+    additionalPeers: []
+
+    ## PortName to use for Alert Manager.
+    ##
+    portName: "http-web"
+
+    ## ClusterAdvertiseAddress is the explicit address to advertise in cluster. Needs to be provided for non RFC1918 [1] (public) addresses. [1] RFC1918: https://tools.ietf.org/html/rfc1918
+    ##
+    clusterAdvertiseAddress: false
+
+    ## clusterGossipInterval determines interval between gossip attempts.
+    ## Needs to be specified as GoDuration, a time duration that can be parsed by Go’s time.ParseDuration() (e.g. 45ms, 30s, 1m, 1h20m15s)
+    clusterGossipInterval: ""
+
+    ## clusterPeerTimeout determines timeout for cluster peering.
+    ## Needs to be specified as GoDuration, a time duration that can be parsed by Go’s time.ParseDuration() (e.g. 45ms, 30s, 1m, 1h20m15s)
+    clusterPeerTimeout: ""
+
+    ## clusterPushpullInterval determines interval between pushpull attempts.
+    ## Needs to be specified as GoDuration, a time duration that can be parsed by Go’s time.ParseDuration() (e.g. 45ms, 30s, 1m, 1h20m15s)
+    clusterPushpullInterval: ""
+
+    ## ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica.
+    ## Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each.
+    forceEnableClusterMode: false
+
+    ## Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to
+    ## be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).
+    minReadySeconds: 0
+
+    ## Additional configuration which is not covered by the properties above. (passed through tpl)
+    additionalConfig: {}
+
+    ## Additional configuration which is not covered by the properties above.
+    ## Useful, if you need advanced templating inside alertmanagerSpec.
+    ## Otherwise, use alertmanager.alertmanagerSpec.additionalConfig (passed through tpl)
+    additionalConfigString: ""
+
+  ## ExtraSecret can be used to store various data in an extra secret
+  ## (use it for example to store hashed basic auth credentials)
+  extraSecret:
+    ## if not set, name will be auto generated
+    # name: ""
+    annotations: {}
+    data: {}
+  #   auth: |
+  #     foo:$apr1$OFG3Xybp$ckL0FHDAkoXYIlH9.cysT0
+  #     someoneelse:$apr1$DMZX2Z4q$6SbQIfyuLQd.xmo/P0m2c.
+
+## Using default values from https://github.com/grafana/helm-charts/blob/main/charts/grafana/values.yaml
+##
+grafana:
+  enabled: true
+  namespaceOverride: ""
+
+  ## Grafana's primary configuration
+  ## NOTE: values in map will be converted to ini format
+  ## ref: http://docs.grafana.org/installation/configuration/
+  ##
+  grafana.ini:
+    users:
+      auto_assign_org_role: Viewer
+    auth:
+      disable_login_form: false
+    auth.anonymous:
+      enabled: true
+      org_role: Viewer
+    auth.basic:
+      enabled: false
+    dashboards:
+      # Modify this value to change the default dashboard shown on the main Grafana page
+      default_home_dashboard_path: /tmp/dashboards/rancher-default-home.json
+    security:
+      # Required to embed dashboards in Rancher Cluster Overview Dashboard on Cluster Explorer
+      allow_embedding: true
+
+  deploymentStrategy:
+    type: Recreate
+
+  ## ForceDeployDatasources Create datasource configmap even if grafana deployment has been disabled
+  ##
+  forceDeployDatasources: false
+
+  ## ForceDeployDashboard Create dashboard configmap even if grafana deployment has been disabled
+  ##
+  forceDeployDashboards: false
+
+  ## Deploy default dashboards
+  ##
+  defaultDashboardsEnabled: true
+
+  # Additional options for defaultDashboards
+  defaultDashboards:
+    # The default namespace to place defaultDashboards within
+    namespace: cattle-dashboards
+    # Whether to create the default namespace as a Helm managed namespace or use an existing namespace
+    # If false, the defaultDashboards.namespace will be created as a Helm managed namespace
+    useExistingNamespace: false
+    # Whether the Helm managed namespace created by this chart should be left behind on a Helm uninstall
+    # If you place other dashboards in this namespace, then they will be deleted on a helm uninstall
+    # Ignore if useExistingNamespace is true
+    cleanupOnUninstall: false
+
+  ## Timezone for the default dashboards
+  ## Other options are: browser or a specific timezone, i.e. Europe/Luxembourg
+  ##
+  defaultDashboardsTimezone: utc
+
+  ## Editable flag for the default dashboards
+  ##
+  defaultDashboardsEditable: true
+
+  adminPassword: prom-operator
+
+  ingress:
+    ## If true, Grafana Ingress will be created
+    ##
+    enabled: false
+
+    ## IngressClassName for Grafana Ingress.
+    ## Should be provided if Ingress is enable.
+    ##
+    # ingressClassName: nginx
+
+    ## Annotations for Grafana Ingress
+    ##
+    annotations: {}
+      # kubernetes.io/ingress.class: nginx
+      # kubernetes.io/tls-acme: "true"
+
+    ## Labels to be added to the Ingress
+    ##
+    labels: {}
+
+    ## Hostnames.
+    ## Must be provided if Ingress is enable.
+    ##
+    # hosts:
+    #   - grafana.domain.com
+    hosts: []
+
+    ## Path for grafana ingress
+    path: /
+
+    ## TLS configuration for grafana Ingress
+    ## Secret must be manually created in the namespace
+    ##
+    tls: []
+    # - secretName: grafana-general-tls
+    #   hosts:
+    #   - grafana.example.com
+
+  # # To make Grafana persistent (Using Statefulset)
+  # #
+  # persistence:
+  #   enabled: true
+  #   type: sts
+  #   storageClassName: "storageClassName"
+  #   accessModes:
+  #     - ReadWriteOnce
+  #   size: 20Gi
+  #   finalizers:
+  #     - kubernetes.io/pvc-protection
+
+  serviceAccount:
+    create: true
+    autoMount: true
+
+  sidecar:
+    dashboards:
+      enabled: true
+      label: grafana_dashboard
+      searchNamespace: cattle-dashboards
+      labelValue: "1"
+
+      # Support for new table panels, when enabled grafana auto migrates the old table panels to newer table panels
+      enableNewTablePanelSyntax: false
+
+      ## Annotations for Grafana dashboard configmaps
+      ##
+      annotations: {}
+      multicluster:
+        global:
+          enabled: false
+        etcd:
+          enabled: false
+      provider:
+        allowUiUpdates: false
+    datasources:
+      enabled: true
+      defaultDatasourceEnabled: true
+      isDefaultDatasource: true
+
+      uid: prometheus
+
+      ## URL of prometheus datasource
+      ##
+      # url: http://prometheus-stack-prometheus:9090/
+
+      ## Prometheus request timeout in seconds
+      # timeout: 30
+
+      # If not defined, will use prometheus.prometheusSpec.scrapeInterval or its default
+      # defaultDatasourceScrapeInterval: 15s
+
+      ## Annotations for Grafana datasource configmaps
+      ##
+      annotations: {}
+
+      ## Set method for HTTP to send query to datasource
+      httpMethod: POST
+
+      ## Create datasource for each Pod of Prometheus StatefulSet;
+      ## this uses headless service `prometheus-operated` which is
+      ## created by Prometheus Operator
+      ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/0fee93e12dc7c2ea1218f19ae25ec6b893460590/pkg/prometheus/statefulset.go#L255-L286
+      createPrometheusReplicasDatasources: false
+      label: grafana_datasource
+      labelValue: "1"
+
+      ## Field with internal link pointing to existing data source in Grafana.
+      ## Can be provisioned via additionalDataSources
+      exemplarTraceIdDestinations: {}
+        # datasourceUid: Jaeger
+        # traceIdLabelName: trace_id
+      alertmanager:
+        enabled: true
+        uid: alertmanager
+        handleGrafanaManagedAlerts: false
+        implementation: prometheus
+
+  extraConfigmapMounts: []
+  # - name: certs-configmap
+  #   mountPath: /etc/grafana/ssl/
+  #   configMap: certs-configmap
+  #   readOnly: true
+
+  deleteDatasources: []
+  # - name: example-datasource
+  #   orgId: 1
+
+  ## Configure additional grafana datasources (passed through tpl)
+  ## ref: http://docs.grafana.org/administration/provisioning/#datasources
+  additionalDataSources: []
+  # - name: prometheus-sample
+  #   access: proxy
+  #   basicAuth: true
+  #   basicAuthPassword: pass
+  #   basicAuthUser: daco
+  #   editable: false
+  #   jsonData:
+  #       tlsSkipVerify: true
+  #   orgId: 1
+  #   type: prometheus
+  #   url: https://{{ printf "%s-prometheus.svc" .Release.Name }}:9090
+  #   version: 1
+
+  ## Passed to grafana subchart and used by servicemonitor below
+  ##
+  service:
+    portName: nginx-http
+    ## Port for Grafana Service to listen on
+    ##
+    port: 80
+    ## To be used with a proxy extraContainer port
+    ##
+    targetPort: 8080
+    ## Port to expose on each node
+    ## Only used if service.type is 'NodePort'
+    ##
+    nodePort: 30950
+    ## Service type
+    ##
+    type: ClusterIP
+
+  proxy:
+    image:
+      repository: rancher/mirrored-library-nginx
+      tag: 1.24.0-alpine
+
+  ## Enable an Specify container in extraContainers. This is meant to allow adding an authentication proxy to a grafana pod
+  extraContainers: |
+    - name: grafana-proxy
+      args:
+      - nginx
+      - -g
+      - daemon off;
+      - -c
+      - /nginx/nginx.conf
+      image: "{{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}"
+      ports:
+      - containerPort: 8080
+        name: nginx-http
+        protocol: TCP
+      volumeMounts:
+      - mountPath: /nginx
+        name: grafana-nginx
+      - mountPath: /var/cache/nginx
+        name: nginx-home
+      securityContext:
+        runAsUser: 101
+        runAsGroup: 101
+
+  ## Volumes that can be used in containers
+  extraContainerVolumes:
+    - name: nginx-home
+      emptyDir: {}
+    - name: grafana-nginx
+      configMap:
+        name: grafana-nginx-proxy-config
+        items:
+        - key: nginx.conf
+          mode: 438
+          path: nginx.conf
+
+  ## If true, create a serviceMonitor for grafana
+  ##
+  serviceMonitor:
+    # If true, a ServiceMonitor CRD is created for a prometheus operator
+    # https://github.com/coreos/prometheus-operator
+    #
+    enabled: true
+
+    # Path to use for scraping metrics. Might be different if server.root_url is set
+    # in grafana.ini
+    path: "/metrics"
+
+    #  namespace: monitoring  (defaults to use the namespace this chart is deployed to)
+
+    # labels for the ServiceMonitor
+    labels: {}
+
+    # Scrape interval. If not set, the Prometheus default scrape interval is used.
+    #
+    interval: ""
+    scheme: http
+    tlsConfig: {}
+    scrapeTimeout: 30s
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+  resources:
+    limits:
+      memory: 200Mi
+      cpu: 200m
+    requests:
+      memory: 100Mi
+      cpu: 100m
+
+  testFramework:
+    enabled: false
+
+## Flag to disable all the kubernetes component scrapers
+##
+kubernetesServiceMonitors:
+  enabled: true
+
+## Component scraping the kube api server
+##
+kubeApiServer:
+  enabled: true
+  tlsConfig:
+    serverName: kubernetes
+    insecureSkipVerify: false
+  serviceMonitor:
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    jobLabel: component
+    selector:
+      matchLabels:
+        component: apiserver
+        provider: kubernetes
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings:
+      # Drop excessively noisy apiserver buckets.
+      - action: drop
+        regex: apiserver_request_duration_seconds_bucket;(0.15|0.2|0.3|0.35|0.4|0.45|0.6|0.7|0.8|0.9|1.25|1.5|1.75|2|3|3.5|4|4.5|6|7|8|9|15|25|40|50)
+        sourceLabels:
+          - __name__
+          - le
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels:
+    #     - __meta_kubernetes_namespace
+    #     - __meta_kubernetes_service_name
+    #     - __meta_kubernetes_endpoint_port_name
+    #   action: keep
+    #   regex: default;kubernetes;https
+    # - targetLabel: __address__
+    #   replacement: kubernetes.default.svc:443
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+    #  foo: bar
+
+## Component scraping the kubelet and kubelet-hosted cAdvisor
+##
+kubelet:
+  enabled: true
+  namespace: kube-system
+
+  serviceMonitor:
+    ## Attach metadata to discovered targets. Requires Prometheus v2.45 for endpoints created by the operator.
+    ##
+    attachMetadata:
+      node: false
+
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## If true, Prometheus use (respect) labels provided by exporter.
+    ##
+    honorLabels: true
+
+    ## If true, Prometheus ingests metrics with timestamp provided by exporter. If false, Prometheus ingests metrics with timestamp of scrape.
+    ##
+    honorTimestamps: true
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## Enable scraping the kubelet over https. For requirements to enable this see
+    ## https://github.com/prometheus-operator/prometheus-operator/issues/926
+    ##
+    https: true
+
+    ## Enable scraping /metrics/cadvisor from kubelet's service
+    ##
+    cAdvisor: true
+
+    ## Enable scraping /metrics/probes from kubelet's service
+    ##
+    probes: true
+
+    ## Enable scraping /metrics/resource from kubelet's service
+    ## This is disabled by default because container metrics are already exposed by cAdvisor
+    ##
+    resource: false
+    # From kubernetes 1.18, /metrics/resource/v1alpha1 renamed to /metrics/resource
+    resourcePath: "/metrics/resource/v1alpha1"
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    cAdvisorMetricRelabelings:
+      # Drop less useful container CPU metrics.
+      - sourceLabels: [__name__]
+        action: drop
+        regex: 'container_cpu_(cfs_throttled_seconds_total|load_average_10s|system_seconds_total|user_seconds_total)'
+      # Drop less useful container / always zero filesystem metrics.
+      - sourceLabels: [__name__]
+        action: drop
+        regex: 'container_fs_(io_current|io_time_seconds_total|io_time_weighted_seconds_total|reads_merged_total|sector_reads_total|sector_writes_total|writes_merged_total)'
+      # Drop less useful / always zero container memory metrics.
+      - sourceLabels: [__name__]
+        action: drop
+        regex: 'container_memory_(mapped_file|swap)'
+      # Drop less useful container process metrics.
+      - sourceLabels: [__name__]
+        action: drop
+        regex: 'container_(file_descriptors|tasks_state|threads_max)'
+      # Drop container spec metrics that overlap with kube-state-metrics.
+      - sourceLabels: [__name__]
+        action: drop
+        regex: 'container_spec.*'
+      # Drop cgroup metrics with no pod.
+      - sourceLabels: [id, pod]
+        action: drop
+        regex: '.+;'
+    # - sourceLabels: [__name__, image]
+    #   separator: ;
+    #   regex: container_([a-z_]+);
+    #   replacement: $1
+    #   action: drop
+    # - sourceLabels: [__name__]
+    #   separator: ;
+    #   regex: container_(network_tcp_usage_total|network_udp_usage_total|tasks_state|cpu_load_average_10s)
+    #   replacement: $1
+    #   action: drop
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    probesMetricRelabelings: []
+    # - sourceLabels: [__name__, image]
+    #   separator: ;
+    #   regex: container_([a-z_]+);
+    #   replacement: $1
+    #   action: drop
+    # - sourceLabels: [__name__]
+    #   separator: ;
+    #   regex: container_(network_tcp_usage_total|network_udp_usage_total|tasks_state|cpu_load_average_10s)
+    #   replacement: $1
+    #   action: drop
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    ## metrics_path is required to match upstream rules and charts
+    cAdvisorRelabelings:
+      - action: replace
+        sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    probesRelabelings:
+      - action: replace
+        sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    resourceRelabelings:
+      - action: replace
+        sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - sourceLabels: [__name__, image]
+    #   separator: ;
+    #   regex: container_([a-z_]+);
+    #   replacement: $1
+    #   action: drop
+    # - sourceLabels: [__name__]
+    #   separator: ;
+    #   regex: container_(network_tcp_usage_total|network_udp_usage_total|tasks_state|cpu_load_average_10s)
+    #   replacement: $1
+    #   action: drop
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    ## metrics_path is required to match upstream rules and charts
+    relabelings:
+      - action: replace
+        sourceLabels: [__metrics_path__]
+        targetLabel: metrics_path
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+    #  foo: bar
+
+## Component scraping the kube controller manager
+##
+kubeControllerManager:
+  enabled: false
+
+  ## If your kube controller manager is not deployed as a pod, specify IPs it can be found on
+  ##
+  endpoints: []
+  # - 10.141.4.22
+  # - 10.141.4.23
+  # - 10.141.4.24
+
+  ## If using kubeControllerManager.endpoints only the port and targetPort are used
+  ##
+  service:
+    enabled: true
+    ## If null or unset, the value is determined dynamically based on target Kubernetes version due to change
+    ## of default port in Kubernetes 1.22.
+    ##
+    port: null
+    targetPort: null
+    # selector:
+    #   component: kube-controller-manager
+
+  serviceMonitor:
+    enabled: true
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## port: Name of the port the metrics will be scraped from
+    ##
+    port: http-metrics
+
+    jobLabel: jobLabel
+    selector: {}
+    #  matchLabels:
+    #    component: kube-controller-manager
+
+    ## Enable scraping kube-controller-manager over https.
+    ## Requires proper certs (not self-signed) and delegated authentication/authorization checks.
+    ## If null or unset, the value is determined dynamically based on target Kubernetes version.
+    ##
+    https: null
+
+    # Skip TLS certificate validation when scraping
+    insecureSkipVerify: null
+
+    # Name of the server to use when validating TLS certificate
+    serverName: null
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+    #  foo: bar
+
+## Component scraping coreDns. Use either this or kubeDns
+##
+coreDns:
+  enabled: true
+  service:
+    enabled: true
+    port: 9153
+    targetPort: 9153
+    # selector:
+    #   k8s-app: kube-dns
+  serviceMonitor:
+    enabled: true
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## port: Name of the port the metrics will be scraped from
+    ##
+    port: http-metrics
+
+    jobLabel: jobLabel
+    selector: {}
+    #  matchLabels:
+    #    k8s-app: kube-dns
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+    #  foo: bar
+
+## Component scraping kubeDns. Use either this or coreDns
+##
+kubeDns:
+  enabled: false
+  service:
+    dnsmasq:
+      port: 10054
+      targetPort: 10054
+    skydns:
+      port: 10055
+      targetPort: 10055
+    # selector:
+    #   k8s-app: kube-dns
+  serviceMonitor:
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    jobLabel: jobLabel
+    selector: {}
+    #  matchLabels:
+    #    k8s-app: kube-dns
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    dnsmasqMetricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    dnsmasqRelabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+    #  foo: bar
+
+## Component scraping etcd
+##
+kubeEtcd:
+  enabled: false
+
+  ## If your etcd is not deployed as a pod, specify IPs it can be found on
+  ##
+  endpoints: []
+  # - 10.141.4.22
+  # - 10.141.4.23
+  # - 10.141.4.24
+
+  ## Etcd service. If using kubeEtcd.endpoints only the port and targetPort are used
+  ##
+  service:
+    enabled: true
+    port: 2381
+    targetPort: 2381
+    # selector:
+    #   component: etcd
+
+  ## Configure secure access to the etcd cluster by loading a secret into prometheus and
+  ## specifying security configuration below. For example, with a secret named etcd-client-cert
+  ##
+  ## serviceMonitor:
+  ##   scheme: https
+  ##   insecureSkipVerify: false
+  ##   serverName: localhost
+  ##   caFile: /etc/prometheus/secrets/etcd-client-cert/etcd-ca
+  ##   certFile: /etc/prometheus/secrets/etcd-client-cert/etcd-client
+  ##   keyFile: /etc/prometheus/secrets/etcd-client-cert/etcd-client-key
+  ##
+  serviceMonitor:
+    enabled: true
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+    scheme: http
+    insecureSkipVerify: false
+    serverName: ""
+    caFile: ""
+    certFile: ""
+    keyFile: ""
+
+    ## port: Name of the port the metrics will be scraped from
+    ##
+    port: http-metrics
+
+    jobLabel: jobLabel
+    selector: {}
+    #  matchLabels:
+    #    component: etcd
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+    #  foo: bar
+
+## Component scraping kube scheduler
+##
+kubeScheduler:
+  enabled: false
+
+  ## If your kube scheduler is not deployed as a pod, specify IPs it can be found on
+  ##
+  endpoints: []
+  # - 10.141.4.22
+  # - 10.141.4.23
+  # - 10.141.4.24
+
+  ## If using kubeScheduler.endpoints only the port and targetPort are used
+  ##
+  service:
+    enabled: true
+    ## If null or unset, the value is determined dynamically based on target Kubernetes version due to change
+    ## of default port in Kubernetes 1.23.
+    ##
+    port: null
+    targetPort: null
+    # selector:
+    #   component: kube-scheduler
+
+  serviceMonitor:
+    enabled: true
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+    ## Enable scraping kube-scheduler over https.
+    ## Requires proper certs (not self-signed) and delegated authentication/authorization checks.
+    ## If null or unset, the value is determined dynamically based on target Kubernetes version.
+    ##
+    https: null
+
+    ## port: Name of the port the metrics will be scraped from
+    ##
+    port: http-metrics
+
+    jobLabel: jobLabel
+    selector: {}
+    #  matchLabels:
+    #    component: kube-scheduler
+
+    ## Skip TLS certificate validation when scraping
+    insecureSkipVerify: null
+
+    ## Name of the server to use when validating TLS certificate
+    serverName: null
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+    #  foo: bar
+
+## Component scraping kube proxy
+##
+kubeProxy:
+  enabled: false
+
+  ## If your kube proxy is not deployed as a pod, specify IPs it can be found on
+  ##
+  endpoints: []
+  # - 10.141.4.22
+  # - 10.141.4.23
+  # - 10.141.4.24
+
+  service:
+    enabled: true
+    port: 10249
+    targetPort: 10249
+    # selector:
+    #   k8s-app: kube-proxy
+
+  serviceMonitor:
+    enabled: true
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## port: Name of the port the metrics will be scraped from
+    ##
+    port: http-metrics
+
+    jobLabel: jobLabel
+    selector: {}
+    #  matchLabels:
+    #    k8s-app: kube-proxy
+
+    ## Enable scraping kube-proxy over https.
+    ## Requires proper certs (not self-signed) and delegated authentication/authorization checks
+    ##
+    https: false
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+    #  foo: bar
+
+## Component scraping kube state metrics
+##
+kubeStateMetrics:
+  enabled: true
+
+## Configuration for kube-state-metrics subchart
+##
+kube-state-metrics:
+  namespaceOverride: ""
+  rbac:
+    create: true
+  releaseLabel: true
+  prometheus:
+    monitor:
+      enabled: true
+
+      ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+      ##
+      interval: ""
+
+      ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+      ##
+      sampleLimit: 0
+
+      ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+      ##
+      targetLimit: 0
+
+      ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+      ##
+      labelLimit: 0
+
+      ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+      ##
+      labelNameLengthLimit: 0
+
+      ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+      ##
+      labelValueLengthLimit: 0
+
+      ## Scrape Timeout. If not set, the Prometheus default scrape timeout is used.
+      ##
+      scrapeTimeout: ""
+
+      ## proxyUrl: URL of a proxy that should be used for scraping.
+      ##
+      proxyUrl: ""
+
+      # Keep labels from scraped data, overriding server-side labels
+      ##
+      honorLabels: true
+
+      ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+      ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+      ##
+      metricRelabelings: []
+      # - action: keep
+      #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+      #   sourceLabels: [__name__]
+
+      ## RelabelConfigs to apply to samples before scraping
+      ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+      ##
+      relabelings: []
+      # - sourceLabels: [__meta_kubernetes_pod_node_name]
+      #   separator: ;
+      #   regex: ^(.*)$
+      #   targetLabel: nodename
+      #   replacement: $1
+      #   action: replace
+
+  selfMonitor:
+    enabled: false
+
+## Deploy node exporter as a daemonset to all nodes
+##
+nodeExporter:
+  enabled: true
+  operatingSystems:
+    linux:
+      enabled: true
+    darwin:
+      enabled: true
+
+  ## ForceDeployDashboard Create dashboard configmap even if nodeExporter deployment has been disabled
+  ##
+  forceDeployDashboards: false
+
+## Configuration for prometheus-node-exporter subchart
+##
+prometheus-node-exporter:
+  namespaceOverride: ""
+  podLabels:
+    ## Add the 'node-exporter' label to be used by serviceMonitor to match standard common usage in rules and grafana dashboards
+    ##
+    jobLabel: node-exporter
+  releaseLabel: true
+  extraArgs:
+    - --collector.filesystem.mount-points-exclude=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/.+)($|/)
+    - --collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$
+  service:
+    portName: http-metrics
+  prometheus:
+    monitor:
+      enabled: true
+
+      jobLabel: jobLabel
+
+      ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+      ##
+      interval: ""
+
+      ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+      ##
+      sampleLimit: 0
+
+      ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+      ##
+      targetLimit: 0
+
+      ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+      ##
+      labelLimit: 0
+
+      ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+      ##
+      labelNameLengthLimit: 0
+
+      ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+      ##
+      labelValueLengthLimit: 0
+
+      ## How long until a scrape request times out. If not set, the Prometheus default scape timeout is used.
+      ##
+      scrapeTimeout: ""
+
+      ## proxyUrl: URL of a proxy that should be used for scraping.
+      ##
+      proxyUrl: ""
+
+      ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+      ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+      ##
+      metricRelabelings: []
+      # - sourceLabels: [__name__]
+      #   separator: ;
+      #   regex: ^node_mountstats_nfs_(event|operations|transport)_.+
+      #   replacement: $1
+      #   action: drop
+
+      ## RelabelConfigs to apply to samples before scraping
+      ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+      ##
+      relabelings: []
+      # - sourceLabels: [__meta_kubernetes_pod_node_name]
+      #   separator: ;
+      #   regex: ^(.*)$
+      #   targetLabel: nodename
+      #   replacement: $1
+      #   action: replace
+
+## Manages Prometheus and Alertmanager components
+##
+prometheusOperator:
+  enabled: true
+
+  ## Use '{{ template "kube-prometheus-stack.fullname" . }}-operator' by default
+  fullnameOverride: ""
+
+  ## Number of old replicasets to retain ##
+  ## The default value is 10, 0 will garbage-collect old replicasets ##
+  revisionHistoryLimit: 10
+
+  ## Strategy of the deployment
+  ##
+  strategy: {}
+
+  ## Prometheus-Operator v0.39.0 and later support TLS natively.
+  ##
+  tls:
+    enabled: true
+    # Value must match version names from https://golang.org/pkg/crypto/tls/#pkg-constants
+    tlsMinVersion: VersionTLS13
+    # Users who are deploying this chart in GKE private clusters will need to add firewall rules to expose this port for admissions webhooks
+    internalPort: 8443
+
+  ## Admission webhook support for PrometheusRules resources added in Prometheus Operator 0.30 can be enabled to prevent incorrectly formatted
+  ## rules from making their way into prometheus and potentially preventing the container from starting
+  admissionWebhooks:
+    ## Valid values: Fail, Ignore, IgnoreOnInstallOnly
+    ## IgnoreOnInstallOnly - If Release.IsInstall returns "true", set "Ignore" otherwise "Fail"
+    failurePolicy: ""
+    ## The default timeoutSeconds is 10 and the maximum value is 30.
+    timeoutSeconds: 10
+    enabled: true
+    ## A PEM encoded CA bundle which will be used to validate the webhook's server certificate.
+    ## If unspecified, system trust roots on the apiserver are used.
+    caBundle: ""
+    ## If enabled, generate a self-signed certificate, then patch the webhook configurations with the generated data.
+    ## On chart upgrades (or if the secret exists) the cert will not be re-generated. You can use this to provide your own
+    ## certs ahead of time if you wish.
+    ##
+    annotations: {}
+    #   argocd.argoproj.io/hook: PreSync
+    #   argocd.argoproj.io/hook-delete-policy: HookSucceeded
+
+    namespaceSelector: {}
+
+    deployment:
+      enabled: false
+
+      ## Number of replicas
+      ##
+      replicas: 1
+
+      ## Strategy of the deployment
+      ##
+      strategy: {}
+
+      # Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
+      podDisruptionBudget: {}
+        # maxUnavailable: 1
+        # minAvailable: 1
+
+      ## Number of old replicasets to retain ##
+      ## The default value is 10, 0 will garbage-collect old replicasets ##
+      revisionHistoryLimit: 10
+
+      ## Prometheus-Operator v0.39.0 and later support TLS natively.
+      ##
+      tls:
+        enabled: true
+        # Value must match version names from https://golang.org/pkg/crypto/tls/#pkg-constants
+        tlsMinVersion: VersionTLS13
+        # The default webhook port is 10250 in order to work out-of-the-box in GKE private clusters and avoid adding firewall rules.
+        internalPort: 10250
+
+      ## Service account for Prometheus Operator Webhook to use.
+      ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+      ##
+      serviceAccount:
+        automountServiceAccountToken: false
+        create: true
+        name: ""
+
+      ## Configuration for Prometheus operator Webhook service
+      ##
+      service:
+        annotations: {}
+        labels: {}
+        clusterIP: ""
+
+        ## Port to expose on each node
+        ## Only used if service.type is 'NodePort'
+        ##
+        nodePort: 31080
+
+        nodePortTls: 31443
+
+        ## Additional ports to open for Prometheus operator Webhook service
+        ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#multi-port-services
+        ##
+        additionalPorts: []
+
+        ## Loadbalancer IP
+        ## Only use if service.type is "LoadBalancer"
+        ##
+        loadBalancerIP: ""
+        loadBalancerSourceRanges: []
+
+        ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+        ##
+        externalTrafficPolicy: Cluster
+
+        ## Service type
+        ## NodePort, ClusterIP, LoadBalancer
+        ##
+        type: ClusterIP
+
+        ## List of IP addresses at which the Prometheus server service is available
+        ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
+        ##
+        externalIPs: []
+
+      # ## Labels to add to the operator webhook deployment
+      # ##
+      labels: {}
+
+      ## Annotations to add to the operator webhook deployment
+      ##
+      annotations: {}
+
+      ## Labels to add to the operator webhook pod
+      ##
+      podLabels: {}
+
+      ## Annotations to add to the operator webhook pod
+      ##
+      podAnnotations: {}
+
+      ## Assign a PriorityClassName to pods if set
+      # priorityClassName: ""
+
+      ## Define Log Format
+      # Use logfmt (default) or json logging
+      # logFormat: logfmt
+
+      ## Decrease log verbosity to errors only
+      # logLevel: error
+
+      ## Prometheus-operator webhook image
+      ##
+      image:
+        registry: quay.io
+        repository: rancher/mirrored-prometheus-operator-admission-webhook
+        # if not set appVersion field from Chart.yaml is used
+        tag: v0.72.0
+        sha: ""
+        pullPolicy: IfNotPresent
+
+      ## Define Log Format
+      # Use logfmt (default) or json logging
+      # logFormat: logfmt
+
+      ## Decrease log verbosity to errors only
+      # logLevel: error
+
+
+      ## Liveness probe
+      ##
+      livenessProbe:
+        enabled: true
+        failureThreshold: 3
+        initialDelaySeconds: 30
+        periodSeconds: 10
+        successThreshold: 1
+        timeoutSeconds: 1
+
+      ## Readiness probe
+      ##
+      readinessProbe:
+        enabled: true
+        failureThreshold: 3
+        initialDelaySeconds: 5
+        periodSeconds: 10
+        successThreshold: 1
+        timeoutSeconds: 1
+
+      ## Resource limits & requests
+      ##
+      resources: {}
+      # limits:
+      #   cpu: 200m
+      #   memory: 200Mi
+      # requests:
+      #   cpu: 100m
+      #   memory: 100Mi
+
+      # Required for use in managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico),
+      # because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working
+      ##
+      hostNetwork: false
+
+      ## Define which Nodes the Pods are scheduled on.
+      ## ref: https://kubernetes.io/docs/user-guide/node-selection/
+      ##
+      nodeSelector: {}
+
+      ## Tolerations for use with node taints
+      ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+      ##
+      tolerations: []
+      # - key: "key"
+      #   operator: "Equal"
+      #   value: "value"
+      #   effect: "NoSchedule"
+
+      ## Assign custom affinity rules to the prometheus operator
+      ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+      ##
+      affinity: {}
+        # nodeAffinity:
+        #   requiredDuringSchedulingIgnoredDuringExecution:
+        #     nodeSelectorTerms:
+        #     - matchExpressions:
+        #       - key: kubernetes.io/e2e-az-name
+        #         operator: In
+        #         values:
+        #         - e2e-az1
+      #         - e2e-az2
+      dnsConfig: {}
+        # nameservers:
+        #   - 1.2.3.4
+        # searches:
+        #   - ns1.svc.cluster-domain.example
+        #   - my.dns.search.suffix
+        # options:
+        #   - name: ndots
+        #     value: "2"
+        #   - name: edns0
+      securityContext:
+        fsGroup: 65534
+        runAsGroup: 65534
+        runAsNonRoot: true
+        runAsUser: 65534
+        seccompProfile:
+          type: RuntimeDefault
+
+      ## Container-specific security context configuration
+      ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+      ##
+      containerSecurityContext:
+        allowPrivilegeEscalation: false
+        readOnlyRootFilesystem: true
+        capabilities:
+          drop:
+            - ALL
+
+      ## If false then the user will opt out of automounting API credentials.
+      ##
+      automountServiceAccountToken: true
+
+    patch:
+      enabled: true
+      image:
+        repository: rancher/mirrored-ingress-nginx-kube-webhook-certgen
+        tag: v1.4.3
+        sha: ""
+        pullPolicy: IfNotPresent
+      resources: {}
+      ## Provide a priority class name to the webhook patching job
+      ##
+      priorityClassName: ""
+      annotations: {}
+      #   argocd.argoproj.io/hook: PreSync
+      #   argocd.argoproj.io/hook-delete-policy: HookSucceeded
+      podAnnotations: {}
+      nodeSelector: {}
+      affinity: {}
+      tolerations: []
+
+      ## SecurityContext holds pod-level security attributes and common container settings.
+      ## This defaults to non root user with uid 2000 and gid 2000. *v1.PodSecurityContext  false
+      ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+      ##
+      securityContext:
+        runAsGroup: 2000
+        runAsNonRoot: true
+        runAsUser: 2000
+        seccompProfile:
+          type: RuntimeDefault
+
+    # Security context for create job container
+    createSecretJob:
+      securityContext:
+        allowPrivilegeEscalation: false
+        readOnlyRootFilesystem: true
+        capabilities:
+          drop:
+          - ALL
+
+      # Security context for patch job container
+    patchWebhookJob:
+      securityContext:
+        allowPrivilegeEscalation: false
+        readOnlyRootFilesystem: true
+        capabilities:
+          drop:
+          - ALL
+
+    # Use certmanager to generate webhook certs
+    certManager:
+      enabled: false
+      # self-signed root certificate
+      rootCert:
+        duration: ""  # default to be 5y
+      admissionCert:
+        duration: ""  # default to be 1y
+      # issuerRef:
+      #   name: "issuer"
+      #   kind: "ClusterIssuer"
+
+  ## Namespaces to scope the interaction of the Prometheus Operator and the apiserver (allow list).
+  ## This is mutually exclusive with denyNamespaces. Setting this to an empty object will disable the configuration
+  ##
+  namespaces: {}
+    # releaseNamespace: true
+    # additional:
+    # - kube-system
+
+  ## Namespaces not to scope the interaction of the Prometheus Operator (deny list).
+  ##
+  denyNamespaces: []
+
+  ## Filter namespaces to look for prometheus-operator custom resources
+  ##
+  alertmanagerInstanceNamespaces: []
+  alertmanagerConfigNamespaces: []
+  prometheusInstanceNamespaces: []
+  thanosRulerInstanceNamespaces: []
+
+  ## The clusterDomain value will be added to the cluster.peer option of the alertmanager.
+  ## Without this specified option cluster.peer will have value alertmanager-monitoring-alertmanager-0.alertmanager-operated:9094 (default value)
+  ## With this specified option cluster.peer will have value alertmanager-monitoring-alertmanager-0.alertmanager-operated.namespace.svc.cluster-domain:9094
+  ##
+  # clusterDomain: "cluster.local"
+
+  networkPolicy:
+    ## Enable creation of NetworkPolicy resources.
+    ##
+    enabled: false
+
+    ## Flavor of the network policy to use.
+    #  Can be:
+    #  * kubernetes for networking.k8s.io/v1/NetworkPolicy
+    #  * cilium     for cilium.io/v2/CiliumNetworkPolicy
+    flavor: kubernetes
+
+    # cilium:
+    #   egress:
+
+    ## match labels used in selector
+    # matchLabels: {}
+
+  ## Service account for Prometheus Operator to use.
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+  ##
+  serviceAccount:
+    create: true
+    name: ""
+    automountServiceAccountToken: true
+
+  ## Configuration for Prometheus operator service
+  ##
+  service:
+    annotations: {}
+    labels: {}
+    clusterIP: ""
+
+  ## Port to expose on each node
+  ## Only used if service.type is 'NodePort'
+  ##
+    nodePort: 30080
+
+    nodePortTls: 30443
+
+  ## Additional ports to open for Prometheus operator service
+  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#multi-port-services
+  ##
+    additionalPorts: []
+
+  ## Loadbalancer IP
+  ## Only use if service.type is "LoadBalancer"
+  ##
+    loadBalancerIP: ""
+    loadBalancerSourceRanges: []
+
+    ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+    ##
+    externalTrafficPolicy: Cluster
+
+  ## Service type
+  ## NodePort, ClusterIP, LoadBalancer
+  ##
+    type: ClusterIP
+
+    ## List of IP addresses at which the Prometheus server service is available
+    ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
+    ##
+    externalIPs: []
+
+  # ## Labels to add to the operator deployment
+  # ##
+  labels: {}
+
+  ## Annotations to add to the operator deployment
+  ##
+  annotations: {}
+
+  ## Labels to add to the operator pod
+  ##
+  podLabels: {}
+
+  ## Annotations to add to the operator pod
+  ##
+  podAnnotations: {}
+
+  ## Assign a PriorityClassName to pods if set
+  # priorityClassName: ""
+
+  ## Define Log Format
+  # Use logfmt (default) or json logging
+  # logFormat: logfmt
+
+  ## Decrease log verbosity to errors only
+  # logLevel: error
+
+  kubeletService:
+    ## If true, the operator will create and maintain a service for scraping kubelets
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/helm/prometheus-operator/README.md
+    ##
+    enabled: true
+    namespace: kube-system
+    ## Use '{{ template "kube-prometheus-stack.fullname" . }}-kubelet' by default
+    name: ""
+
+  ## Create a servicemonitor for the operator
+  ##
+  serviceMonitor:
+    ## If true, create a serviceMonitor for prometheus operator
+    ##
+    selfMonitor: true
+
+    ## Labels for ServiceMonitor
+    additionalLabels: {}
+
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## Scrape timeout. If not set, the Prometheus default scrape timeout is used.
+    scrapeTimeout: ""
+
+    ## Metric relabel configs to apply to samples before ingestion.
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    #   relabel configs to apply to samples before ingestion.
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+  ## Resource limits & requests
+  ##
+  resources:
+    limits:
+      cpu: 200m
+      memory: 500Mi
+    requests:
+      cpu: 100m
+      memory: 100Mi
+
+  ## Operator Environment
+  ##  env:
+  ##    VARIABLE: value
+  env:
+    GOGC: "30"
+
+  # Required for use in managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico),
+  # because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working
+  ##
+  hostNetwork: false
+
+  ## Define which Nodes the Pods are scheduled on.
+  ## ref: https://kubernetes.io/docs/user-guide/node-selection/
+  ##
+  nodeSelector: {}
+
+  ## Tolerations for use with node taints
+  ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+  ##
+  tolerations: []
+  # - key: "key"
+  #   operator: "Equal"
+  #   value: "value"
+  #   effect: "NoSchedule"
+
+  ## Assign custom affinity rules to the prometheus operator
+  ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+  ##
+  affinity: {}
+    # nodeAffinity:
+    #   requiredDuringSchedulingIgnoredDuringExecution:
+    #     nodeSelectorTerms:
+    #     - matchExpressions:
+    #       - key: kubernetes.io/e2e-az-name
+    #         operator: In
+    #         values:
+    #         - e2e-az1
+    #         - e2e-az2
+  dnsConfig: {}
+    # nameservers:
+    #   - 1.2.3.4
+    # searches:
+    #   - ns1.svc.cluster-domain.example
+    #   - my.dns.search.suffix
+    # options:
+    #   - name: ndots
+    #     value: "2"
+  #   - name: edns0
+  securityContext:
+    fsGroup: 65534
+    runAsGroup: 65534
+    runAsNonRoot: true
+    runAsUser: 65534
+    seccompProfile:
+      type: RuntimeDefault
+
+  ## Container-specific security context configuration
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+  ##
+  containerSecurityContext:
+    allowPrivilegeEscalation: false
+    readOnlyRootFilesystem: true
+    capabilities:
+      drop:
+      - ALL
+
+  # Enable vertical pod autoscaler support for prometheus-operator
+  verticalPodAutoscaler:
+    enabled: false
+
+    # Recommender responsible for generating recommendation for the object.
+    # List should be empty (then the default recommender will generate the recommendation)
+    # or contain exactly one recommender.
+    # recommenders:
+    # - name: custom-recommender-performance
+
+    # List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
+    controlledResources: []
+    # Specifies which resource values should be controlled: RequestsOnly or RequestsAndLimits.
+    # controlledValues: RequestsAndLimits
+
+    # Define the max allowed resources for the pod
+    maxAllowed: {}
+    # cpu: 200m
+    # memory: 100Mi
+    # Define the min allowed resources for the pod
+    minAllowed: {}
+    # cpu: 200m
+    # memory: 100Mi
+
+    updatePolicy:
+      # Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction
+      # minReplicas: 1
+      # Specifies whether recommended updates are applied when a Pod is started and whether recommended updates
+      # are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto".
+      updateMode: Auto
+
+  ## Prometheus-operator image
+  ##
+  image:
+    repository: rancher/mirrored-prometheus-operator-prometheus-operator
+    tag: v0.72.0
+    sha: ""
+    pullPolicy: IfNotPresent
+
+  ## Prometheus image to use for prometheuses managed by the operator
+  ##
+  # prometheusDefaultBaseImage: prometheus/prometheus
+
+  ## Prometheus image registry to use for prometheuses managed by the operator
+  ##
+  # prometheusDefaultBaseImageRegistry: quay.io
+
+  ## Alertmanager image to use for alertmanagers managed by the operator
+  ##
+  # alertmanagerDefaultBaseImage: prometheus/alertmanager
+
+  ## Alertmanager image registry to use for alertmanagers managed by the operator
+  ##
+  # alertmanagerDefaultBaseImageRegistry: quay.io
+
+  ## Prometheus-config-reloader
+  ##
+  prometheusConfigReloader:
+    image:
+      repository: rancher/mirrored-prometheus-operator-prometheus-config-reloader
+      tag: v0.72.0
+      sha: ""
+
+    # add prometheus config reloader liveness and readiness probe. Default: false
+    enableProbe: false
+
+    # resource config for prometheusConfigReloader
+    resources: {}
+      # requests:
+      #   cpu: 200m
+      #   memory: 50Mi
+      # limits:
+      #   cpu: 200m
+      #   memory: 50Mi
+
+  ## Thanos side-car image when configured
+  ##
+  thanosImage:
+    repository: rancher/mirrored-thanos-thanos
+    tag: v0.34.1
+    sha: ""
+
+  ## Set a Label Selector to filter watched prometheus and prometheusAgent
+  ##
+  prometheusInstanceSelector: ""
+
+  ## Set a Label Selector to filter watched alertmanager
+  ##
+  alertmanagerInstanceSelector: ""
+
+  ## Set a Label Selector to filter watched thanosRuler
+  thanosRulerInstanceSelector: ""
+
+  ## Set a Field Selector to filter watched secrets
+  ##
+  secretFieldSelector: "type!=kubernetes.io/dockercfg,type!=kubernetes.io/service-account-token,type!=helm.sh/release.v1"
+
+  ## If false then the user will opt out of automounting API credentials.
+  ##
+  automountServiceAccountToken: true
+
+  ## Additional volumes
+  ##
+  extraVolumes: []
+
+  ## Additional volume mounts
+  ##
+  extraVolumeMounts: []
+
+## Deploy a Prometheus instance
+##
+prometheus:
+  enabled: true
+
+  ## Toggle prometheus into agent mode
+  ## Note many of features described below (e.g. rules, query, alerting, remote read, thanos) will not work in agent mode.
+  ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/designs/prometheus-agent.md
+  ##
+  agentMode: false
+
+  ## Annotations for Prometheus
+  ##
+  annotations: {}
+
+  ## Configure network policy for the prometheus
+  networkPolicy:
+    enabled: false
+
+    ## Flavor of the network policy to use.
+    #  Can be:
+    #  * kubernetes for networking.k8s.io/v1/NetworkPolicy
+    #  * cilium     for cilium.io/v2/CiliumNetworkPolicy
+    flavor: kubernetes
+
+    # cilium:
+    #   endpointSelector:
+    #   egress:
+    #   ingress:
+
+    # egress:
+    # - {}
+    # ingress:
+    # - {}
+    # podSelector:
+    #   matchLabels:
+    #     app: prometheus
+
+  ## Service account for Prometheuses to use.
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+  ##
+  serviceAccount:
+    create: true
+    name: ""
+    annotations: {}
+    automountServiceAccountToken: true
+
+  # Service for thanos service discovery on sidecar
+  # Enable this can make Thanos Query can use
+  # `--store=dnssrv+_grpc._tcp.${kube-prometheus-stack.fullname}-thanos-discovery.${namespace}.svc.cluster.local` to discovery
+  # Thanos sidecar on prometheus nodes
+  # (Please remember to change ${kube-prometheus-stack.fullname} and ${namespace}. Not just copy and paste!)
+  thanosService:
+    enabled: false
+    annotations: {}
+    labels: {}
+
+    ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+    ##
+    externalTrafficPolicy: Cluster
+
+    ## Service type
+    ##
+    type: ClusterIP
+
+    ## gRPC port config
+    portName: grpc
+    port: 10901
+    targetPort: "grpc"
+
+    ## HTTP port config (for metrics)
+    httpPortName: http
+    httpPort: 10902
+    targetHttpPort: "http"
+
+    ## ClusterIP to assign
+    # Default is to make this a headless service ("None")
+    clusterIP: "None"
+
+    ## Port to expose on each node, if service type is NodePort
+    ##
+    nodePort: 30901
+    httpNodePort: 30902
+
+  # ServiceMonitor to scrape Sidecar metrics
+  # Needs thanosService to be enabled as well
+  thanosServiceMonitor:
+    enabled: false
+    interval: ""
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+
+    ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS.
+    scheme: ""
+
+    ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS.
+    ## Of type: https://github.com/coreos/prometheus-operator/blob/main/Documentation/api.md#tlsconfig
+    tlsConfig: {}
+
+    bearerTokenFile:
+
+    ## Metric relabel configs to apply to samples before ingestion.
+    metricRelabelings: []
+
+    ## relabel configs to apply to samples before ingestion.
+    relabelings: []
+
+  # Service for external access to sidecar
+  # Enabling this creates a service to expose thanos-sidecar outside the cluster.
+  thanosServiceExternal:
+    enabled: false
+    annotations: {}
+    labels: {}
+    loadBalancerIP: ""
+    loadBalancerSourceRanges: []
+
+    ## gRPC port config
+    portName: grpc
+    port: 10901
+    targetPort: "grpc"
+
+    ## HTTP port config (for metrics)
+    httpPortName: http
+    httpPort: 10902
+    targetHttpPort: "http"
+
+    ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+    ##
+    externalTrafficPolicy: Cluster
+
+    ## Service type
+    ##
+    type: LoadBalancer
+
+    ## Port to expose on each node
+    ##
+    nodePort: 30901
+    httpNodePort: 30902
+
+  ## Configuration for Prometheus service
+  ##
+  service:
+    annotations: {}
+    labels: {}
+    clusterIP: ""
+
+    ## Port for Prometheus Service to listen on
+    ##
+    port: 9090
+
+    ## To be used with a proxy extraContainer port
+    targetPort: 8081
+
+    ## Port for Prometheus Reloader to listen on
+    ##
+    reloaderWebPort: 8080
+
+    ## List of IP addresses at which the Prometheus server service is available
+    ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
+    ##
+    externalIPs: []
+
+    ## Port to expose on each node
+    ## Only used if service.type is 'NodePort'
+    ##
+    nodePort: 30090
+
+    ## Loadbalancer IP
+    ## Only use if service.type is "LoadBalancer"
+    loadBalancerIP: ""
+    loadBalancerSourceRanges: []
+
+    ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+    ##
+    externalTrafficPolicy: Cluster
+
+    ## Service type
+    ##
+    type: ClusterIP
+
+    ## Additional ports to open for Prometheus service
+    ##
+    additionalPorts: []
+    # additionalPorts:
+    # - name: oauth-proxy
+    #   port: 8081
+    #   targetPort: 8081
+    # - name: oauth-metrics
+    #   port: 8082
+    #   targetPort: 8082
+
+    ## Consider that all endpoints are considered "ready" even if the Pods themselves are not
+    ## Ref: https://kubernetes.io/docs/reference/kubernetes-api/service-resources/service-v1/#ServiceSpec
+    publishNotReadyAddresses: false
+
+    ## If you want to make sure that connections from a particular client are passed to the same Pod each time
+    ## Accepts 'ClientIP' or 'None'
+    ##
+    sessionAffinity: None
+
+    ## If you want to modify the ClientIP sessionAffinity timeout
+    ## The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP"
+    ##
+    sessionAffinityConfig:
+      clientIP:
+        timeoutSeconds: 10800
+
+  ## Configuration for creating a separate Service for each statefulset Prometheus replica
+  ##
+  servicePerReplica:
+    enabled: false
+    annotations: {}
+
+    ## Port for Prometheus Service per replica to listen on
+    ##
+    port: 9090
+
+    ## To be used with a proxy extraContainer port
+    targetPort: 9090
+
+    ## Port to expose on each node
+    ## Only used if servicePerReplica.type is 'NodePort'
+    ##
+    nodePort: 30091
+
+    ## Loadbalancer source IP ranges
+    ## Only used if servicePerReplica.type is "LoadBalancer"
+    loadBalancerSourceRanges: []
+
+    ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+    ##
+    externalTrafficPolicy: Cluster
+
+    ## Service type
+    ##
+    type: ClusterIP
+
+  ## Configure pod disruption budgets for Prometheus
+  ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
+  ## This configuration is immutable once created and will require the PDB to be deleted to be changed
+  ## https://github.com/kubernetes/kubernetes/issues/45398
+  ##
+  podDisruptionBudget:
+    enabled: false
+    minAvailable: 1
+    maxUnavailable: ""
+
+  # Ingress exposes thanos sidecar outside the cluster
+  thanosIngress:
+    enabled: false
+
+    # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+    # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+    # ingressClassName: nginx
+
+    annotations: {}
+    labels: {}
+    servicePort: 10901
+
+    ## Port to expose on each node
+    ## Only used if service.type is 'NodePort'
+    ##
+    nodePort: 30901
+
+    ## Hosts must be provided if Ingress is enabled.
+    ##
+    hosts: []
+      # - thanos-gateway.domain.com
+
+    ## Paths to use for ingress rules
+    ##
+    paths: []
+    # - /
+
+    ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
+    ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
+    # pathType: ImplementationSpecific
+
+    ## TLS configuration for Thanos Ingress
+    ## Secret must be manually created in the namespace
+    ##
+    tls: []
+    # - secretName: thanos-gateway-tls
+    #   hosts:
+    #   - thanos-gateway.domain.com
+    #
+
+  ## ExtraSecret can be used to store various data in an extra secret
+  ## (use it for example to store hashed basic auth credentials)
+  extraSecret:
+    ## if not set, name will be auto generated
+    # name: ""
+    annotations: {}
+    data: {}
+  #   auth: |
+  #     foo:$apr1$OFG3Xybp$ckL0FHDAkoXYIlH9.cysT0
+  #     someoneelse:$apr1$DMZX2Z4q$6SbQIfyuLQd.xmo/P0m2c.
+
+  ingress:
+    enabled: false
+
+    # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+    # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+    # ingressClassName: nginx
+
+    annotations: {}
+    labels: {}
+
+    ## Redirect ingress to an additional defined port on the service
+    # servicePort: 8081
+
+    ## Hostnames.
+    ## Must be provided if Ingress is enabled.
+    ##
+    # hosts:
+    #   - prometheus.domain.com
+    hosts: []
+
+    ## Paths to use for ingress rules - one path should match the prometheusSpec.routePrefix
+    ##
+    paths: []
+    # - /
+
+    ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
+    ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
+    # pathType: ImplementationSpecific
+
+    ## TLS configuration for Prometheus Ingress
+    ## Secret must be manually created in the namespace
+    ##
+    tls: []
+      # - secretName: prometheus-general-tls
+      #   hosts:
+      #     - prometheus.example.com
+
+  ## Configuration for creating an Ingress that will map to each Prometheus replica service
+  ## prometheus.servicePerReplica must be enabled
+  ##
+  ingressPerReplica:
+    enabled: false
+
+    # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+    # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+    # ingressClassName: nginx
+
+    annotations: {}
+    labels: {}
+
+    ## Final form of the hostname for each per replica ingress is
+    ## {{ ingressPerReplica.hostPrefix }}-{{ $replicaNumber }}.{{ ingressPerReplica.hostDomain }}
+    ##
+    ## Prefix for the per replica ingress that will have `-$replicaNumber`
+    ## appended to the end
+    hostPrefix: ""
+    ## Domain that will be used for the per replica ingress
+    hostDomain: ""
+
+    ## Paths to use for ingress rules
+    ##
+    paths: []
+    # - /
+
+    ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
+    ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
+    # pathType: ImplementationSpecific
+
+    ## Secret name containing the TLS certificate for Prometheus per replica ingress
+    ## Secret must be manually created in the namespace
+    tlsSecretName: ""
+
+    ## Separated secret for each per replica Ingress. Can be used together with cert-manager
+    ##
+    tlsSecretPerReplica:
+      enabled: false
+      ## Final form of the secret for each per replica ingress is
+      ## {{ tlsSecretPerReplica.prefix }}-{{ $replicaNumber }}
+      ##
+      prefix: "prometheus"
+
+  ## Configure additional options for default pod security policy for Prometheus
+  ## ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
+  podSecurityPolicy:
+    allowedCapabilities: []
+    allowedHostPaths: []
+    volumes: []
+
+  serviceMonitor:
+    ## If true, create a serviceMonitor for prometheus
+    ##
+    selfMonitor: true
+
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS.
+    scheme: ""
+
+    ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS.
+    ## Of type: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#tlsconfig
+    tlsConfig: {}
+
+    bearerTokenFile:
+
+    ## Metric relabel configs to apply to samples before ingestion.
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    #   relabel configs to apply to samples before ingestion.
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional Endpoints
+    ##
+    additionalEndpoints: []
+    # - port: oauth-metrics
+    #   path: /metrics
+
+  ## Settings affecting prometheusSpec
+  ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#prometheusspec
+  ##
+  prometheusSpec:
+    ## If true, pass --storage.tsdb.max-block-duration=2h to prometheus. This is already done if using Thanos
+    ##
+    disableCompaction: false
+    ## APIServerConfig
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#apiserverconfig
+    ##
+    apiserverConfig: {}
+
+    ## Allows setting additional arguments for the Prometheus container
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.Prometheus
+    additionalArgs: []
+
+    ## Interval between consecutive scrapes.
+    ## Defaults to 30s.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/release-0.44/pkg/prometheus/promcfg.go#L180-L183
+    ##
+    scrapeInterval: "30s"
+
+    ## Number of seconds to wait for target to respond before erroring
+    ##
+    # scrapeTimeout: "30s"
+
+    ## Interval between consecutive evaluations.
+    ##
+    evaluationInterval: "30s"
+
+    ## ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP.
+    ##
+    listenLocal: false
+
+    ## EnableAdminAPI enables Prometheus the administrative HTTP API which includes functionality such as deleting time series.
+    ## This is disabled by default.
+    ## ref: https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis
+    ##
+    enableAdminAPI: false
+
+    ## Sets version of Prometheus overriding the Prometheus version as derived
+    ## from the image tag. Useful in cases where the tag does not follow semver v2.
+    version: ""
+
+    ## WebTLSConfig defines the TLS parameters for HTTPS
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#webtlsconfig
+    web: {}
+
+    ## Exemplars related settings that are runtime reloadable.
+    ## It requires to enable the exemplar storage feature to be effective.
+    exemplars: ""
+      ## Maximum number of exemplars stored in memory for all series.
+      ## If not set, Prometheus uses its default value.
+      ## A value of zero or less than zero disables the storage.
+      # maxSize: 100000
+
+    # EnableFeatures API enables access to Prometheus disabled features.
+    # ref: https://prometheus.io/docs/prometheus/latest/disabled_features/
+    enableFeatures: []
+    # - exemplar-storage
+
+    ## Image of Prometheus.
+    ##
+    image:
+      repository: rancher/mirrored-prometheus-prometheus
+      tag: v2.50.1
+      sha: ""
+
+    ## Tolerations for use with node taints
+    ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+    ##
+    tolerations: []
+    #  - key: "key"
+    #    operator: "Equal"
+    #    value: "value"
+    #    effect: "NoSchedule"
+
+    ## If specified, the pod's topology spread constraints.
+    ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
+    ##
+    topologySpreadConstraints: []
+    # - maxSkew: 1
+    #   topologyKey: topology.kubernetes.io/zone
+    #   whenUnsatisfiable: DoNotSchedule
+    #   labelSelector:
+    #     matchLabels:
+    #       app: prometheus
+
+    ## Alertmanagers to which alerts will be sent
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#alertmanagerendpoints
+    ##
+    ## Default configuration will connect to the alertmanager deployed as part of this release
+    ##
+    alertingEndpoints: []
+    # - name: ""
+    #   namespace: ""
+    #   port: http
+    #   scheme: http
+    #   pathPrefix: ""
+    #   tlsConfig: {}
+    #   bearerTokenFile: ""
+    #   apiVersion: v2
+
+    ## External labels to add to any time series or alerts when communicating with external systems
+    ##
+    externalLabels: {}
+
+    ## enable --web.enable-remote-write-receiver flag on prometheus-server
+    ##
+    enableRemoteWriteReceiver: false
+
+    ## Name of the external label used to denote replica name
+    ##
+    replicaExternalLabelName: ""
+
+    ## If true, the Operator won't add the external label used to denote replica name
+    ##
+    replicaExternalLabelNameClear: false
+
+    ## Name of the external label used to denote Prometheus instance name
+    ##
+    prometheusExternalLabelName: ""
+
+    ## If true, the Operator won't add the external label used to denote Prometheus instance name
+    ##
+    prometheusExternalLabelNameClear: false
+
+    ## External URL at which Prometheus will be reachable.
+    ##
+    externalUrl: ""
+
+    ## Define which Nodes the Pods are scheduled on.
+    ## ref: https://kubernetes.io/docs/user-guide/node-selection/
+    ##
+    nodeSelector: {}
+
+    ## Secrets is a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods.
+    ## The Secrets are mounted into /etc/prometheus/secrets/. Secrets changes after initial creation of a Prometheus object are not
+    ## reflected in the running Pods. To change the secrets mounted into the Prometheus Pods, the object must be deleted and recreated
+    ## with the new list of secrets.
+    ##
+    secrets: []
+
+    ## ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods.
+    ## The ConfigMaps are mounted into /etc/prometheus/configmaps/.
+    ##
+    configMaps: []
+
+    ## QuerySpec defines the query command line flags when starting Prometheus.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#queryspec
+    ##
+    query: {}
+
+    ## If nil, select own namespace. Namespaces to be selected for PrometheusRules discovery.
+    ruleNamespaceSelector: {}
+    ## Example which selects PrometheusRules in namespaces with label "prometheus" set to "somelabel"
+    # ruleNamespaceSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## If true, a nil or {} value for prometheus.prometheusSpec.ruleSelector will cause the
+    ## prometheus resource to be created with selectors based on values in the helm deployment,
+    ## which will also match the PrometheusRule resources created
+    ##
+    ruleSelectorNilUsesHelmValues: false
+
+    ## PrometheusRules to be selected for target discovery.
+    ## If {}, select all PrometheusRules
+    ##
+    ruleSelector: {}
+    ## Example which select all PrometheusRules resources
+    ## with label "prometheus" with values any of "example-rules" or "example-rules-2"
+    # ruleSelector:
+    #   matchExpressions:
+    #     - key: prometheus
+    #       operator: In
+    #       values:
+    #         - example-rules
+    #         - example-rules-2
+    #
+    ## Example which select all PrometheusRules resources with label "role" set to "example-rules"
+    # ruleSelector:
+    #   matchLabels:
+    #     role: example-rules
+
+    ## If true, a nil or {} value for prometheus.prometheusSpec.serviceMonitorSelector will cause the
+    ## prometheus resource to be created with selectors based on values in the helm deployment,
+    ## which will also match the servicemonitors created
+    ##
+    serviceMonitorSelectorNilUsesHelmValues: false
+
+    ## ServiceMonitors to be selected for target discovery.
+    ## If {}, select all ServiceMonitors
+    ##
+    serviceMonitorSelector: {}
+    ## Example which selects ServiceMonitors with label "prometheus" set to "somelabel"
+    # serviceMonitorSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## Namespaces to be selected for ServiceMonitor discovery.
+    ##
+    serviceMonitorNamespaceSelector: {}
+    ## Example which selects ServiceMonitors in namespaces with label "prometheus" set to "somelabel"
+    # serviceMonitorNamespaceSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## If true, a nil or {} value for prometheus.prometheusSpec.podMonitorSelector will cause the
+    ## prometheus resource to be created with selectors based on values in the helm deployment,
+    ## which will also match the podmonitors created
+    ##
+    podMonitorSelectorNilUsesHelmValues: false
+
+    ## PodMonitors to be selected for target discovery.
+    ## If {}, select all PodMonitors
+    ##
+    podMonitorSelector: {}
+    ## Example which selects PodMonitors with label "prometheus" set to "somelabel"
+    # podMonitorSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## If nil, select own namespace. Namespaces to be selected for PodMonitor discovery.
+    podMonitorNamespaceSelector: {}
+    ## Example which selects PodMonitor in namespaces with label "prometheus" set to "somelabel"
+    # podMonitorNamespaceSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## If true, a nil or {} value for prometheus.prometheusSpec.probeSelector will cause the
+    ## prometheus resource to be created with selectors based on values in the helm deployment,
+    ## which will also match the probes created
+    ##
+    probeSelectorNilUsesHelmValues: true
+
+    ## Probes to be selected for target discovery.
+    ## If {}, select all Probes
+    ##
+    probeSelector: {}
+    ## Example which selects Probes with label "prometheus" set to "somelabel"
+    # probeSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## If nil, select own namespace. Namespaces to be selected for Probe discovery.
+    probeNamespaceSelector: {}
+    ## Example which selects Probe in namespaces with label "prometheus" set to "somelabel"
+    # probeNamespaceSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## If true, a nil or {} value for prometheus.prometheusSpec.scrapeConfigSelector will cause the
+    ## prometheus resource to be created with selectors based on values in the helm deployment,
+    ## which will also match the scrapeConfigs created
+    ##
+    scrapeConfigSelectorNilUsesHelmValues: true
+
+    ## scrapeConfigs to be selected for target discovery.
+    ## If {}, select all scrapeConfigs
+    ##
+    scrapeConfigSelector: {}
+    ## Example which selects scrapeConfigs with label "prometheus" set to "somelabel"
+    # scrapeConfigSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## If nil, select own namespace. Namespaces to be selected for scrapeConfig discovery.
+    scrapeConfigNamespaceSelector: {}
+    ## Example which selects scrapeConfig in namespaces with label "prometheus" set to "somelabel"
+    # scrapeConfigNamespaceSelector:
+    #   matchLabels:
+    #     prometheus: somelabel
+
+    ## How long to retain metrics
+    ##
+    retention: 10d
+
+    ## Maximum size of metrics
+    ##
+    retentionSize: ""
+
+    ## Allow out-of-order/out-of-bounds samples ingested into Prometheus for a specified duration
+    ## See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#tsdb
+    tsdb:
+      outOfOrderTimeWindow: 0s
+
+    ## Enable compression of the write-ahead log using Snappy.
+    ##
+    walCompression: true
+
+    ## If true, the Operator won't process any Prometheus configuration changes
+    ##
+    paused: false
+
+    ## Number of replicas of each shard to deploy for a Prometheus deployment.
+    ## Number of replicas multiplied by shards is the total number of Pods created.
+    ##
+    replicas: 1
+
+    ## EXPERIMENTAL: Number of shards to distribute targets onto.
+    ## Number of replicas multiplied by shards is the total number of Pods created.
+    ## Note that scaling down shards will not reshard data onto remaining instances, it must be manually moved.
+    ## Increasing shards will not reshard data either but it will continue to be available from the same instances.
+    ## To query globally use Thanos sidecar and Thanos querier or remote write data to a central location.
+    ## Sharding is done on the content of the `__address__` target meta-label.
+    ##
+    shards: 1
+
+    ## Log level for Prometheus be configured in
+    ##
+    logLevel: info
+
+    ## Log format for Prometheus be configured in
+    ##
+    logFormat: logfmt
+
+    ## Prefix used to register routes, overriding externalUrl route.
+    ## Useful for proxies that rewrite URLs.
+    ##
+    routePrefix: /
+
+    ## Standard object's metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata
+    ## Metadata Labels and Annotations gets propagated to the prometheus pods.
+    ##
+    podMetadata: {}
+    # labels:
+    #   app: prometheus
+    #   k8s-app: prometheus
+
+    ## Pod anti-affinity can prevent the scheduler from placing Prometheus replicas on the same node.
+    ## The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided.
+    ## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node.
+    ## The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured.
+    podAntiAffinity: ""
+
+    ## If anti-affinity is enabled sets the topologyKey to use for anti-affinity.
+    ## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone
+    ##
+    podAntiAffinityTopologyKey: kubernetes.io/hostname
+
+    ## Assign custom affinity rules to the prometheus instance
+    ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+    ##
+    affinity: {}
+    # nodeAffinity:
+    #   requiredDuringSchedulingIgnoredDuringExecution:
+    #     nodeSelectorTerms:
+    #     - matchExpressions:
+    #       - key: kubernetes.io/e2e-az-name
+    #         operator: In
+    #         values:
+    #         - e2e-az1
+    #         - e2e-az2
+
+    ## The remote_read spec configuration for Prometheus.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#remotereadspec
+    remoteRead: []
+    # - url: http://remote1/read
+    ## additionalRemoteRead is appended to remoteRead
+    additionalRemoteRead: []
+
+    ## The remote_write spec configuration for Prometheus.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#remotewritespec
+    remoteWrite: []
+    # - url: http://remote1/push
+    ## additionalRemoteWrite is appended to remoteWrite
+    additionalRemoteWrite: []
+
+    ## Enable/Disable Grafana dashboards provisioning for prometheus remote write feature
+    remoteWriteDashboards: false
+
+    ## Resource limits & requests
+    ##
+    resources:
+      limits:
+        memory: 3000Mi
+        cpu: 1000m
+      requests:
+        memory: 750Mi
+        cpu: 750m
+
+    ## Prometheus StorageSpec for persistent data
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/storage.md
+    ##
+    storageSpec: {}
+    ## Using PersistentVolumeClaim
+    ##
+    #  volumeClaimTemplate:
+    #    spec:
+    #      storageClassName: gluster
+    #      accessModes: ["ReadWriteOnce"]
+    #      resources:
+    #        requests:
+    #          storage: 50Gi
+    #    selector: {}
+
+    ## Using tmpfs volume
+    ##
+    #  emptyDir:
+    #    medium: Memory
+
+    # Additional volumes on the output StatefulSet definition.
+    volumes:
+      - name: nginx-home
+        emptyDir: {}
+      - name: prometheus-nginx
+        configMap:
+          name: prometheus-nginx-proxy-config
+          defaultMode: 438
+
+    # Additional VolumeMounts on the output StatefulSet definition.
+    volumeMounts: []
+
+    ## AdditionalScrapeConfigs allows specifying additional Prometheus scrape configurations. Scrape configurations
+    ## are appended to the configurations generated by the Prometheus Operator. Job configurations must have the form
+    ## as specified in the official Prometheus documentation:
+    ## https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. As scrape configs are
+    ## appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility
+    ## to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible
+    ## scrape configs are going to break Prometheus after the upgrade.
+    ## AdditionalScrapeConfigs can be defined as a list or as a templated string.
+    ##
+    ## The scrape configuration example below will find master nodes, provided they have the name .*mst.*, relabel the
+    ## port to 2379 and allow etcd scraping provided it is running on all Kubernetes master nodes
+    ##
+    additionalScrapeConfigs: []
+    # - job_name: kube-etcd
+    #   kubernetes_sd_configs:
+    #     - role: node
+    #   scheme: https
+    #   tls_config:
+    #     ca_file:   /etc/prometheus/secrets/etcd-client-cert/etcd-ca
+    #     cert_file: /etc/prometheus/secrets/etcd-client-cert/etcd-client
+    #     key_file:  /etc/prometheus/secrets/etcd-client-cert/etcd-client-key
+    #   relabel_configs:
+    #   - action: labelmap
+    #     regex: __meta_kubernetes_node_label_(.+)
+    #   - source_labels: [__address__]
+    #     action: replace
+    #     targetLabel: __address__
+    #     regex: ([^:;]+):(\d+)
+    #     replacement: ${1}:2379
+    #   - source_labels: [__meta_kubernetes_node_name]
+    #     action: keep
+    #     regex: .*mst.*
+    #   - source_labels: [__meta_kubernetes_node_name]
+    #     action: replace
+    #     targetLabel: node
+    #     regex: (.*)
+    #     replacement: ${1}
+    #   metric_relabel_configs:
+    #   - regex: (kubernetes_io_hostname|failure_domain_beta_kubernetes_io_region|beta_kubernetes_io_os|beta_kubernetes_io_arch|beta_kubernetes_io_instance_type|failure_domain_beta_kubernetes_io_zone)
+    #     action: labeldrop
+    #
+    ## If scrape config contains a repetitive section, you may want to use a template.
+    ## In the following example, you can see how to define `gce_sd_configs` for multiple zones
+    # additionalScrapeConfigs: |
+    #  - job_name: "node-exporter"
+    #    gce_sd_configs:
+    #    {{range $zone := .Values.gcp_zones}}
+    #    - project: "project1"
+    #      zone: "{{$zone}}"
+    #      port: 9100
+    #    {{end}}
+    #    relabel_configs:
+    #    ...
+
+
+    ## If additional scrape configurations are already deployed in a single secret file you can use this section.
+    ## Expected values are the secret name and key
+    ## Cannot be used with additionalScrapeConfigs
+    additionalScrapeConfigsSecret: {}
+      # enabled: false
+      # name:
+      # key:
+
+    ## additionalPrometheusSecretsAnnotations allows to add annotations to the kubernetes secret. This can be useful
+    ## when deploying via spinnaker to disable versioning on the secret, strategy.spinnaker.io/versioned: 'false'
+    additionalPrometheusSecretsAnnotations: {}
+
+    ## AdditionalAlertManagerConfigs allows for manual configuration of alertmanager jobs in the form as specified
+    ## in the official Prometheus documentation https://prometheus.io/docs/prometheus/latest/configuration/configuration/#<alertmanager_config>.
+    ## AlertManager configurations specified are appended to the configurations generated by the Prometheus Operator.
+    ## As AlertManager configs are appended, the user is responsible to make sure it is valid. Note that using this
+    ## feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release
+    ## notes to ensure that no incompatible AlertManager configs are going to break Prometheus after the upgrade.
+    ##
+    additionalAlertManagerConfigs: []
+    # - consul_sd_configs:
+    #   - server: consul.dev.test:8500
+    #     scheme: http
+    #     datacenter: dev
+    #     tag_separator: ','
+    #     services:
+    #       - metrics-prometheus-alertmanager
+
+    ## If additional alertmanager configurations are already deployed in a single secret, or you want to manage
+    ## them separately from the helm deployment, you can use this section.
+    ## Expected values are the secret name and key
+    ## Cannot be used with additionalAlertManagerConfigs
+    additionalAlertManagerConfigsSecret: {}
+      # name:
+      # key:
+      # optional: false
+
+    ## AdditionalAlertRelabelConfigs allows specifying Prometheus alert relabel configurations. Alert relabel configurations specified are appended
+    ## to the configurations generated by the Prometheus Operator. Alert relabel configurations specified must have the form as specified in the
+    ## official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs.
+    ## As alert relabel configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the
+    ## possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible alert relabel
+    ## configs are going to break Prometheus after the upgrade.
+    ##
+    additionalAlertRelabelConfigs: []
+    # - separator: ;
+    #   regex: prometheus_replica
+    #   replacement: $1
+    #   action: labeldrop
+
+    ## If additional alert relabel configurations are already deployed in a single secret, or you want to manage
+    ## them separately from the helm deployment, you can use this section.
+    ## Expected values are the secret name and key
+    ## Cannot be used with additionalAlertRelabelConfigs
+    additionalAlertRelabelConfigsSecret: {}
+      # name:
+      # key:
+
+    ## SecurityContext holds pod-level security attributes and common container settings.
+    ## This defaults to non root user with uid 1000 and gid 2000.
+    ## https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md
+    ##
+    securityContext:
+      runAsGroup: 2000
+      runAsNonRoot: true
+      runAsUser: 1000
+      fsGroup: 2000
+      seccompProfile:
+        type: RuntimeDefault
+
+    ## Priority class assigned to the Pods
+    ##
+    priorityClassName: ""
+
+    ## Thanos configuration allows configuring various aspects of a Prometheus server in a Thanos environment.
+    ## This section is experimental, it may change significantly without deprecation notice in any release.
+    ## This is experimental and may change significantly without backward compatibility in any release.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#thanosspec
+    ##
+    thanos: {}
+      # secretProviderClass:
+      #   provider: gcp
+      #   parameters:
+      #     secrets: |
+      #       - resourceName: "projects/$PROJECT_ID/secrets/testsecret/versions/latest"
+      #         fileName: "objstore.yaml"
+      ## ObjectStorageConfig configures object storage in Thanos.
+      # objectStorageConfig:
+      #   # use existing secret, if configured, objectStorageConfig.secret will not be used
+      #   existingSecret: {}
+      #     # name: ""
+      #     # key: ""
+      #   # will render objectStorageConfig secret data and configure it to be used by Thanos custom resource,
+      #   # ignored when prometheusspec.thanos.objectStorageConfig.existingSecret is set
+      #   # https://thanos.io/tip/thanos/storage.md/#s3
+      #   secret: {}
+      #     # type: S3
+      #     # config:
+      #     #   bucket: ""
+      #     #   endpoint: ""
+      #     #   region: ""
+      #     #   access_key: ""
+      #     #   secret_key: ""
+
+    proxy:
+      image:
+        repository: rancher/mirrored-library-nginx
+        tag: 1.24.0-alpine
+
+    ## Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to a Prometheus pod.
+    ## if using proxy extraContainer update targetPort with proxy container port
+    containers:  |
+      - name: prometheus-proxy
+        args:
+        - nginx
+        - -g
+        - daemon off;
+        - -c
+        - /nginx/nginx.conf
+        image: "{{ template "system_default_registry" . }}{{ .Values.prometheus.prometheusSpec.proxy.image.repository }}:{{ .Values.prometheus.prometheusSpec.proxy.image.tag }}"
+        ports:
+        - containerPort: 8081
+          name: nginx-http
+          protocol: TCP
+        volumeMounts:
+        - mountPath: /nginx
+          name: prometheus-nginx
+        - mountPath: /var/cache/nginx
+          name: nginx-home
+        securityContext:
+          runAsUser: 101
+          runAsGroup: 101
+
+    ## InitContainers allows injecting additional initContainers. This is meant to allow doing some changes
+    ## (permissions, dir tree) on mounted volumes before starting prometheus
+    initContainers: []
+
+    ## PortName to use for Prometheus.
+    ##
+    portName: "http-web"
+
+    ## ArbitraryFSAccessThroughSMs configures whether configuration based on a service monitor can access arbitrary files
+    ## on the file system of the Prometheus container e.g. bearer token files.
+    arbitraryFSAccessThroughSMs: false
+
+    ## OverrideHonorLabels if set to true overrides all user configured honor_labels. If HonorLabels is set in ServiceMonitor
+    ## or PodMonitor to true, this overrides honor_labels to false.
+    overrideHonorLabels: false
+
+    ## OverrideHonorTimestamps allows to globally enforce honoring timestamps in all scrape configs.
+    overrideHonorTimestamps: false
+
+    ## When ignoreNamespaceSelectors is set to true, namespaceSelector from all PodMonitor, ServiceMonitor and Probe objects will be ignored,
+    ## they will only discover targets within the namespace of the PodMonitor, ServiceMonitor and Probe object,
+    ## and servicemonitors will be installed in the default service namespace.
+    ## Defaults to false.
+    ignoreNamespaceSelectors: true
+
+    ## EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert and metric that is user created.
+    ## The label value will always be the namespace of the object that is being created.
+    ## Disabled by default
+    enforcedNamespaceLabel: ""
+
+    ## PrometheusRulesExcludedFromEnforce - list of prometheus rules to be excluded from enforcing of adding namespace labels.
+    ## Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair
+    ## Deprecated, use `excludedFromEnforcement` instead
+    prometheusRulesExcludedFromEnforce: []
+
+    ## ExcludedFromEnforcement - list of object references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects
+    ## to be excluded from enforcing a namespace label of origin.
+    ## Works only if enforcedNamespaceLabel set to true.
+    ## See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#objectreference
+    excludedFromEnforcement: []
+
+    ## QueryLogFile specifies the file to which PromQL queries are logged. Note that this location must be writable,
+    ## and can be persisted using an attached volume. Alternatively, the location can be set to a stdout location such
+    ## as /dev/stdout to log querie information to the default Prometheus log stream. This is only available in versions
+    ## of Prometheus >= 2.16.0. For more details, see the Prometheus docs (https://prometheus.io/docs/guides/query-log/)
+    queryLogFile: false
+
+    # Use to set global sample_limit for Prometheus. This act as default SampleLimit for ServiceMonitor or/and PodMonitor.
+    # Set to 'false' to disable global sample_limit. or set to a number to override the default value.
+    sampleLimit: false
+
+    # EnforcedKeepDroppedTargetsLimit defines on the number of targets dropped by relabeling that will be kept in memory.
+    # The value overrides any spec.keepDroppedTargets set by ServiceMonitor, PodMonitor, Probe objects unless spec.keepDroppedTargets
+    # is greater than zero and less than spec.enforcedKeepDroppedTargets. 0 means no limit.
+    enforcedKeepDroppedTargets: 0
+
+    ## EnforcedSampleLimit defines global limit on number of scraped samples that will be accepted. This overrides any SampleLimit
+    ## set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the SampleLimit to keep overall
+    ## number of samples/series under the desired limit. Note that if SampleLimit is lower that value will be taken instead.
+    enforcedSampleLimit: false
+
+    ## EnforcedTargetLimit defines a global limit on the number of scraped targets. This overrides any TargetLimit set
+    ## per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the TargetLimit to keep the overall
+    ## number of targets under the desired limit. Note that if TargetLimit is lower, that value will be taken instead, except
+    ## if either value is zero, in which case the non-zero value will be used. If both values are zero, no limit is enforced.
+    enforcedTargetLimit: false
+
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. If more than this number of labels are present
+    ## post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions
+    ## 2.27.0 and newer.
+    enforcedLabelLimit: false
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. If a label name is longer than this number
+    ## post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions
+    ## 2.27.0 and newer.
+    enforcedLabelNameLengthLimit: false
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. If a label value is longer than this
+    ## number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus
+    ## versions 2.27.0 and newer.
+    enforcedLabelValueLengthLimit: false
+
+    ## AllowOverlappingBlocks enables vertical compaction and vertical query merge in Prometheus. This is still experimental
+    ## in Prometheus so it may change in any upcoming release.
+    allowOverlappingBlocks: false
+
+    ## Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to
+    ## be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).
+    minReadySeconds: 0
+
+    # Required for use in managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico),
+    # because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working
+    # Use the host's network namespace if true. Make sure to understand the security implications if you want to enable it.
+    # When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically.
+    hostNetwork: false
+
+    # HostAlias holds the mapping between IP and hostnames that will be injected
+    # as an entry in the pod’s hosts file.
+    hostAliases: []
+    #  - ip: 10.10.0.100
+    #    hostnames:
+    #      - a1.app.local
+    #      - b1.app.local
+
+    ## TracingConfig configures tracing in Prometheus.
+    ## See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#prometheustracingconfig
+    tracingConfig: {}
+
+    ## Additional configuration which is not covered by the properties above. (passed through tpl)
+    additionalConfig: {}
+
+    ## Additional configuration which is not covered by the properties above.
+    ## Useful, if you need advanced templating inside alertmanagerSpec.
+    ## Otherwise, use prometheus.prometheusSpec.additionalConfig (passed through tpl)
+    additionalConfigString: ""
+
+    ## Defines the maximum time that the `prometheus` container's startup probe
+    ## will wait before being considered failed. The startup probe will return
+    ## success after the WAL replay is complete. If set, the value should be
+    ## greater than 60 (seconds). Otherwise it will be equal to 600 seconds (15
+    ## minutes).
+    maximumStartupDurationSeconds: 0
+
+  additionalRulesForClusterRole: []
+  #  - apiGroups: [ "" ]
+  #    resources:
+  #      - nodes/proxy
+  #    verbs: [ "get", "list", "watch" ]
+
+  additionalServiceMonitors: []
+  ## Name of the ServiceMonitor to create
+  ##
+  # - name: ""
+
+    ## Additional labels to set used for the ServiceMonitorSelector. Together with standard labels from
+    ## the chart
+    ##
+    # additionalLabels: {}
+
+    ## Service label for use in assembling a job name of the form <label value>-<port>
+    ## If no label is specified, the service name is used.
+    ##
+    # jobLabel: ""
+
+    ## labels to transfer from the kubernetes service to the target
+    ##
+    # targetLabels: []
+
+    ## labels to transfer from the kubernetes pods to the target
+    ##
+    # podTargetLabels: []
+
+    ## Label selector for services to which this ServiceMonitor applies
+    ##
+    # selector: {}
+
+    ## Namespaces from which services are selected
+    ##
+    # namespaceSelector:
+      ## Match any namespace
+      ##
+      # any: false
+
+      ## Explicit list of namespace names to select
+      ##
+      # matchNames: []
+
+    ## Endpoints of the selected service to be monitored
+    ##
+    # endpoints: []
+      ## Name of the endpoint's service port
+      ## Mutually exclusive with targetPort
+      # - port: ""
+
+      ## Name or number of the endpoint's target port
+      ## Mutually exclusive with port
+      # - targetPort: ""
+
+      ## File containing bearer token to be used when scraping targets
+      ##
+      #   bearerTokenFile: ""
+
+      ## Interval at which metrics should be scraped
+      ##
+      #   interval: 30s
+
+      ## HTTP path to scrape for metrics
+      ##
+      #   path: /metrics
+
+      ## HTTP scheme to use for scraping
+      ##
+      #   scheme: http
+
+      ## TLS configuration to use when scraping the endpoint
+      ##
+      #   tlsConfig:
+
+          ## Path to the CA file
+          ##
+          # caFile: ""
+
+          ## Path to client certificate file
+          ##
+          # certFile: ""
+
+          ## Skip certificate verification
+          ##
+          # insecureSkipVerify: false
+
+          ## Path to client key file
+          ##
+          # keyFile: ""
+
+          ## Server name used to verify host name
+          ##
+          # serverName: ""
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    # metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    # relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+  additionalPodMonitors: []
+  ## Name of the PodMonitor to create
+  ##
+  # - name: ""
+
+    ## Additional labels to set used for the PodMonitorSelector. Together with standard labels from
+    ## the chart
+    ##
+    # additionalLabels: {}
+
+    ## Pod label for use in assembling a job name of the form <label value>-<port>
+    ## If no label is specified, the pod endpoint name is used.
+    ##
+    # jobLabel: ""
+
+    ## Label selector for pods to which this PodMonitor applies
+    ##
+    # selector: {}
+
+    ## PodTargetLabels transfers labels on the Kubernetes Pod onto the target.
+    ##
+    # podTargetLabels: {}
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    # sampleLimit: 0
+
+    ## Namespaces from which pods are selected
+    ##
+    # namespaceSelector:
+      ## Match any namespace
+      ##
+      # any: false
+
+      ## Explicit list of namespace names to select
+      ##
+      # matchNames: []
+
+    ## Endpoints of the selected pods to be monitored
+    ## https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#podmetricsendpoint
+    ##
+    # podMetricsEndpoints: []
+
+## Configuration for thanosRuler
+## ref: https://thanos.io/tip/components/rule.md/
+##
+thanosRuler:
+
+  ## Deploy thanosRuler
+  ##
+  enabled: false
+
+  ## Annotations for ThanosRuler
+  ##
+  annotations: {}
+
+  ## Service account for ThanosRuler to use.
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+  ##
+  serviceAccount:
+    create: true
+    name: ""
+    annotations: {}
+
+  ## Configure pod disruption budgets for ThanosRuler
+  ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget
+  ## This configuration is immutable once created and will require the PDB to be deleted to be changed
+  ## https://github.com/kubernetes/kubernetes/issues/45398
+  ##
+  podDisruptionBudget:
+    enabled: false
+    minAvailable: 1
+    maxUnavailable: ""
+
+  ingress:
+    enabled: false
+
+    # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+    # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+    # ingressClassName: nginx
+
+    annotations: {}
+
+    labels: {}
+
+    ## Hosts must be provided if Ingress is enabled.
+    ##
+    hosts: []
+      # - thanosruler.domain.com
+
+    ## Paths to use for ingress rules - one path should match the thanosruler.routePrefix
+    ##
+    paths: []
+    # - /
+
+    ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched)
+    ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types
+    # pathType: ImplementationSpecific
+
+    ## TLS configuration for ThanosRuler Ingress
+    ## Secret must be manually created in the namespace
+    ##
+    tls: []
+    # - secretName: thanosruler-general-tls
+    #   hosts:
+    #   - thanosruler.example.com
+
+  ## Configuration for ThanosRuler service
+  ##
+  service:
+    annotations: {}
+    labels: {}
+    clusterIP: ""
+
+    ## Port for ThanosRuler Service to listen on
+    ##
+    port: 10902
+    ## To be used with a proxy extraContainer port
+    ##
+    targetPort: 10902
+    ## Port to expose on each node
+    ## Only used if service.type is 'NodePort'
+    ##
+    nodePort: 30905
+    ## List of IP addresses at which the Prometheus server service is available
+    ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
+    ##
+
+    ## Additional ports to open for ThanosRuler service
+    additionalPorts: []
+
+    externalIPs: []
+    loadBalancerIP: ""
+    loadBalancerSourceRanges: []
+
+    ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints
+    ##
+    externalTrafficPolicy: Cluster
+
+    ## Service type
+    ##
+    type: ClusterIP
+
+  ## Configuration for creating a ServiceMonitor for the ThanosRuler service
+  ##
+  serviceMonitor:
+    ## If true, create a serviceMonitor for thanosRuler
+    ##
+    selfMonitor: true
+
+    ## Scrape interval. If not set, the Prometheus default scrape interval is used.
+    ##
+    interval: ""
+
+    ## Additional labels
+    ##
+    additionalLabels: {}
+
+    ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
+    ##
+    sampleLimit: 0
+
+    ## TargetLimit defines a limit on the number of scraped targets that will be accepted.
+    ##
+    targetLimit: 0
+
+    ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelLimit: 0
+
+    ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelNameLengthLimit: 0
+
+    ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+    ##
+    labelValueLengthLimit: 0
+
+    ## proxyUrl: URL of a proxy that should be used for scraping.
+    ##
+    proxyUrl: ""
+
+    ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS.
+    scheme: ""
+
+    ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS.
+    ## Of type: https://github.com/coreos/prometheus-operator/blob/main/Documentation/api.md#tlsconfig
+    tlsConfig: {}
+
+    bearerTokenFile:
+
+    ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    metricRelabelings: []
+    # - action: keep
+    #   regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
+    #   sourceLabels: [__name__]
+
+    ## RelabelConfigs to apply to samples before scraping
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig
+    ##
+    relabelings: []
+    # - sourceLabels: [__meta_kubernetes_pod_node_name]
+    #   separator: ;
+    #   regex: ^(.*)$
+    #   targetLabel: nodename
+    #   replacement: $1
+    #   action: replace
+
+    ## Additional Endpoints
+    ##
+    additionalEndpoints: []
+    # - port: oauth-metrics
+    #   path: /metrics
+
+  ## Settings affecting thanosRulerpec
+  ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#thanosrulerspec
+  ##
+  thanosRulerSpec:
+    ## Standard object's metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata
+    ## Metadata Labels and Annotations gets propagated to the ThanosRuler pods.
+    ##
+    podMetadata: {}
+
+    ## Image of ThanosRuler
+    ##
+    image:
+      repository: rancher/mirrored-thanos-thanos
+      tag: v0.34.1
+
+    ## Namespaces to be selected for PrometheusRules discovery.
+    ## If nil, select own namespace. Namespaces to be selected for ServiceMonitor discovery.
+    ## See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#namespaceselector for usage
+    ##
+    ruleNamespaceSelector: {}
+
+    ## If true, a nil or {} value for thanosRuler.thanosRulerSpec.ruleSelector will cause the
+    ## prometheus resource to be created with selectors based on values in the helm deployment,
+    ## which will also match the PrometheusRule resources created
+    ##
+    ruleSelectorNilUsesHelmValues: true
+
+    ## PrometheusRules to be selected for target discovery.
+    ## If {}, select all PrometheusRules
+    ##
+    ruleSelector: {}
+    ## Example which select all PrometheusRules resources
+    ## with label "prometheus" with values any of "example-rules" or "example-rules-2"
+    # ruleSelector:
+    #   matchExpressions:
+    #     - key: prometheus
+    #       operator: In
+    #       values:
+    #         - example-rules
+    #         - example-rules-2
+    #
+    ## Example which select all PrometheusRules resources with label "role" set to "example-rules"
+    # ruleSelector:
+    #   matchLabels:
+    #     role: example-rules
+
+    ## Define Log Format
+    # Use logfmt (default) or json logging
+    logFormat: logfmt
+
+    ## Log level for ThanosRuler to be configured with.
+    ##
+    logLevel: info
+
+    ## Size is the expected size of the thanosRuler cluster. The controller will eventually make the size of the
+    ## running cluster equal to the expected size.
+    replicas: 1
+
+    ## Time duration ThanosRuler shall retain data for. Default is '24h', and must match the regular expression
+    ## [0-9]+(ms|s|m|h) (milliseconds seconds minutes hours).
+    ##
+    retention: 24h
+
+    ## Interval between consecutive evaluations.
+    ##
+    evaluationInterval: ""
+
+    ## Storage is the definition of how storage will be used by the ThanosRuler instances.
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/storage.md
+    ##
+    storage: {}
+    # volumeClaimTemplate:
+    #   spec:
+    #     storageClassName: gluster
+    #     accessModes: ["ReadWriteOnce"]
+    #     resources:
+    #       requests:
+    #         storage: 50Gi
+    #   selector: {}
+
+    ## AlertmanagerConfig define configuration for connecting to alertmanager.
+    ## Only available with Thanos v0.10.0 and higher. Maps to the alertmanagers.config Thanos Ruler arg.
+    alertmanagersConfig:
+      # use existing secret, if configured, alertmanagersConfig.secret will not be used
+      existingSecret: {}
+        # name: ""
+        # key: ""
+      # will render render alertmanagersConfig secret data and configure it to be used by Thanos Ruler custom resource, ignored when alertmanagersConfig.existingSecret is set
+      # https://thanos.io/tip/components/rule.md/#alertmanager
+      secret: {}
+        # alertmanagers:
+        # - api_version: v2
+        #   http_config:
+        #     basic_auth:
+        #       username: some_user
+        #       password: some_pass
+        #   static_configs:
+        #     - alertmanager.thanos.io
+        #   scheme: http
+        #   timeout: 10s
+
+    ## DEPRECATED. Define URLs to send alerts to Alertmanager. For Thanos v0.10.0 and higher, alertmanagersConfig should be used instead.
+    ## Note: this field will be ignored if alertmanagersConfig is specified. Maps to the alertmanagers.url Thanos Ruler arg.
+    # alertmanagersUrl:
+
+    ## The external URL the Thanos Ruler instances will be available under. This is necessary to generate correct URLs. This is necessary if Thanos Ruler is not served from root of a DNS name. string false
+    ##
+    externalPrefix:
+
+    ## The route prefix ThanosRuler registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true,
+    ## but the server serves requests under a different route prefix. For example for use with kubectl proxy.
+    ##
+    routePrefix: /
+
+    ## ObjectStorageConfig configures object storage in Thanos
+    objectStorageConfig:
+      # use existing secret, if configured, objectStorageConfig.secret will not be used
+      existingSecret: {}
+        # name: ""
+        # key: ""
+      # will render objectStorageConfig secret data and configure it to be used by Thanos Ruler custom resource, ignored when objectStorageConfig.existingSecret is set
+      # https://thanos.io/tip/thanos/storage.md/#s3
+      secret: {}
+        # type: S3
+        # config:
+        #   bucket: ""
+        #   endpoint: ""
+        #   region: ""
+        #   access_key: ""
+        #   secret_key: ""
+
+    ## QueryEndpoints defines Thanos querier endpoints from which to query metrics.
+    ## Maps to the --query flag of thanos ruler.
+    queryEndpoints: []
+
+    ## Define configuration for connecting to thanos query instances. If this is defined, the queryEndpoints field will be ignored.
+    ## Maps to the query.config CLI argument. Only available with thanos v0.11.0 and higher.
+    queryConfig:
+      # use existing secret, if configured, queryConfig.secret will not be used
+      existingSecret: {}
+        # name: ""
+        # key: ""
+      # render queryConfig secret data and configure it to be used by Thanos Ruler custom resource, ignored when queryConfig.existingSecret is set
+      # https://thanos.io/tip/components/rule.md/#query-api
+      secret: {}
+        # - http_config:
+        #     basic_auth:
+        #       username: some_user
+        #       password: some_pass
+        #   static_configs:
+        #     - URL
+        #   scheme: http
+        #   timeout: 10s
+
+    ## Labels configure the external label pairs to ThanosRuler. A default replica
+    ## label `thanos_ruler_replica` will be always added as a label with the value
+    ## of the pod's name and it will be dropped in the alerts.
+    labels: {}
+
+    ## If set to true all actions on the underlying managed objects are not going to be performed, except for delete actions.
+    ##
+    paused: false
+
+    ## Allows setting additional arguments for the ThanosRuler container
+    ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#thanosruler
+    ##
+    additionalArgs: []
+      # - name: remote-write.config
+      #   value: |-
+      #     "remote_write":
+      #     - "name": "receiver-0"
+      #       "remote_timeout": "30s"
+      #       "url": "http://thanos-receiver-0.thanos-receiver:8081/api/v1/receive"
+
+    ## Define which Nodes the Pods are scheduled on.
+    ## ref: https://kubernetes.io/docs/user-guide/node-selection/
+    ##
+    nodeSelector: {}
+
+    ## Define resources requests and limits for single Pods.
+    ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
+    ##
+    resources: {}
+    # requests:
+    #   memory: 400Mi
+
+    ## Pod anti-affinity can prevent the scheduler from placing Prometheus replicas on the same node.
+    ## The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided.
+    ## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node.
+    ## The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured.
+    ##
+    podAntiAffinity: ""
+
+    ## If anti-affinity is enabled sets the topologyKey to use for anti-affinity.
+    ## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone
+    ##
+    podAntiAffinityTopologyKey: kubernetes.io/hostname
+
+    ## Assign custom affinity rules to the thanosRuler instance
+    ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+    ##
+    affinity: {}
+    # nodeAffinity:
+    #   requiredDuringSchedulingIgnoredDuringExecution:
+    #     nodeSelectorTerms:
+    #     - matchExpressions:
+    #       - key: kubernetes.io/e2e-az-name
+    #         operator: In
+    #         values:
+    #         - e2e-az1
+    #         - e2e-az2
+
+    ## If specified, the pod's tolerations.
+    ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+    ##
+    tolerations: []
+    # - key: "key"
+    #   operator: "Equal"
+    #   value: "value"
+    #   effect: "NoSchedule"
+
+    ## If specified, the pod's topology spread constraints.
+    ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
+    ##
+    topologySpreadConstraints: []
+    # - maxSkew: 1
+    #   topologyKey: topology.kubernetes.io/zone
+    #   whenUnsatisfiable: DoNotSchedule
+    #   labelSelector:
+    #     matchLabels:
+    #       app: thanos-ruler
+
+    ## SecurityContext holds pod-level security attributes and common container settings.
+    ## This defaults to non root user with uid 1000 and gid 2000. *v1.PodSecurityContext  false
+    ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+    ##
+    securityContext:
+      runAsGroup: 2000
+      runAsNonRoot: true
+      runAsUser: 1000
+      fsGroup: 2000
+      seccompProfile:
+        type: RuntimeDefault
+
+    ## ListenLocal makes the ThanosRuler server listen on loopback, so that it does not bind against the Pod IP.
+    ## Note this is only for the ThanosRuler UI, not the gossip communication.
+    ##
+    listenLocal: false
+
+    ## Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an ThanosRuler pod.
+    ##
+    containers: []
+
+    # Additional volumes on the output StatefulSet definition.
+    volumes: []
+
+    # Additional VolumeMounts on the output StatefulSet definition.
+    volumeMounts: []
+
+    ## InitContainers allows injecting additional initContainers. This is meant to allow doing some changes
+    ## (permissions, dir tree) on mounted volumes before starting prometheus
+    initContainers: []
+
+    ## Priority class assigned to the Pods
+    ##
+    priorityClassName: ""
+
+    ## PortName to use for ThanosRuler.
+    ##
+    portName: "web"
+
+  ## ExtraSecret can be used to store various data in an extra secret
+  ## (use it for example to store hashed basic auth credentials)
+  extraSecret:
+    ## if not set, name will be auto generated
+    # name: ""
+    annotations: {}
+    data: {}
+  #   auth: |
+  #     foo:$apr1$OFG3Xybp$ckL0FHDAkoXYIlH9.cysT0
+  #     someoneelse:$apr1$DMZX2Z4q$6SbQIfyuLQd.xmo/P0m2c.
+
+## Setting to true produces cleaner resource names, but requires a data migration because the name of the persistent volume changes. Therefore this should only be set once on initial installation.
+##
+cleanPrometheusOperatorObjectNames: false
+
+## Extra manifests to deploy as an array
+extraManifests: []
+  # - apiVersion: v1
+  #   kind: ConfigMap
+  #   metadata:
+  #   labels:
+  #     name: prometheus-extra
+  #   data:
+  #     extra-data: "value"
diff --git a/index.yaml b/index.yaml
index d1f06356ed..ad28d5afb9 100755
--- a/index.yaml
+++ b/index.yaml
@@ -19586,6 +19586,158 @@ entries:
     urls:
     - assets/rancher-monitoring/rancher-monitoring-104.0.0+up45.31.1.tgz
     version: 104.0.0+up45.31.1
+  - annotations:
+      artifacthub.io/license: Apache-2.0
+      artifacthub.io/links: |
+        - name: Chart Source
+          url: https://github.com/prometheus-community/helm-charts
+        - name: Upstream Project
+          url: https://github.com/prometheus-operator/kube-prometheus
+      artifacthub.io/operator: "true"
+      catalog.cattle.io/auto-install: rancher-monitoring-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/deploys-on-os: windows
+      catalog.cattle.io/display-name: Monitoring
+      catalog.cattle.io/kube-version: '>= 1.26.0-0 < 1.31.0-0'
+      catalog.cattle.io/namespace: cattle-monitoring-system
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/provides-gvr: monitoring.coreos.com.prometheus/v1
+      catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.19.0-0'
+      catalog.cattle.io/release-name: rancher-monitoring
+      catalog.cattle.io/requests-cpu: 4500m
+      catalog.cattle.io/requests-memory: 4000Mi
+      catalog.cattle.io/type: cluster-tool
+      catalog.cattle.io/ui-component: monitoring
+      catalog.cattle.io/upstream-version: 57.0.3
+    apiVersion: v2
+    appVersion: v0.72.0
+    created: "2025-02-25T21:52:20.994093783-03:00"
+    dependencies:
+    - condition: grafana.enabled
+      name: grafana
+      repository: file://./charts/grafana
+      version: 7.3.11
+    - condition: hardenedKubelet.enabled
+      name: hardenedKubelet
+      repository: file://./charts/hardenedKubelet
+      version: 0.2.1
+    - condition: hardenedNodeExporter.enabled
+      name: hardenedNodeExporter
+      repository: file://./charts/hardenedNodeExporter
+      version: 0.2.1
+    - condition: k3sServer.enabled
+      name: k3sServer
+      repository: file://./charts/k3sServer
+      version: 0.2.1
+    - condition: kubeStateMetrics.enabled
+      name: kube-state-metrics
+      repository: file://./charts/kube-state-metrics
+      version: 5.16.4
+    - condition: kubeAdmControllerManager.enabled
+      name: kubeAdmControllerManager
+      repository: file://./charts/kubeAdmControllerManager
+      version: 0.2.1
+    - condition: kubeAdmEtcd.enabled
+      name: kubeAdmEtcd
+      repository: file://./charts/kubeAdmEtcd
+      version: 0.2.1
+    - condition: kubeAdmProxy.enabled
+      name: kubeAdmProxy
+      repository: file://./charts/kubeAdmProxy
+      version: 0.2.1
+    - condition: kubeAdmScheduler.enabled
+      name: kubeAdmScheduler
+      repository: file://./charts/kubeAdmScheduler
+      version: 0.2.1
+    - condition: prometheus-adapter.enabled
+      name: prometheus-adapter
+      repository: file://./charts/prometheus-adapter
+      version: 4.2.0
+    - condition: nodeExporter.enabled
+      name: prometheus-node-exporter
+      repository: file://./charts/prometheus-node-exporter
+      version: 4.30.3
+    - condition: rke2ControllerManager.enabled
+      name: rke2ControllerManager
+      repository: file://./charts/rke2ControllerManager
+      version: 0.2.1
+    - condition: rke2Etcd.enabled
+      name: rke2Etcd
+      repository: file://./charts/rke2Etcd
+      version: 0.2.1
+    - condition: rke2IngressNginx.enabled
+      name: rke2IngressNginx
+      repository: file://./charts/rke2IngressNginx
+      version: 0.2.1
+    - condition: rke2Proxy.enabled
+      name: rke2Proxy
+      repository: file://./charts/rke2Proxy
+      version: 0.2.1
+    - condition: rke2Scheduler.enabled
+      name: rke2Scheduler
+      repository: file://./charts/rke2Scheduler
+      version: 0.2.1
+    - condition: rkeControllerManager.enabled
+      name: rkeControllerManager
+      repository: file://./charts/rkeControllerManager
+      version: 0.2.1
+    - condition: rkeEtcd.enabled
+      name: rkeEtcd
+      repository: file://./charts/rkeEtcd
+      version: 0.2.1
+    - condition: rkeIngressNginx.enabled
+      name: rkeIngressNginx
+      repository: file://./charts/rkeIngressNginx
+      version: 0.2.1
+    - condition: rkeProxy.enabled
+      name: rkeProxy
+      repository: file://./charts/rkeProxy
+      version: 0.2.1
+    - condition: rkeScheduler.enabled
+      name: rkeScheduler
+      repository: file://./charts/rkeScheduler
+      version: 0.2.1
+    - condition: windowsExporter.enabled
+      name: windowsExporter
+      repository: file://./charts/windowsExporter
+      version: 0.3.1
+    description: kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards,
+      and Prometheus rules combined with documentation and scripts to provide easy
+      to operate end-to-end Kubernetes cluster monitoring with Prometheus using the
+      Prometheus Operator.
+    digest: df5e2dfaf649402b85e9198f87f0d1965ecb145655ec4e10bf88b8999aa3bf7f
+    home: https://github.com/prometheus-operator/kube-prometheus
+    icon: file://assets/logos/rancher-monitoring.png
+    keywords:
+    - operator
+    - prometheus
+    - kube-prometheus
+    kubeVersion: '>=1.19.0-0'
+    maintainers:
+    - email: andrew@quadcorps.co.uk
+      name: andrewgkew
+    - email: gianrubio@gmail.com
+      name: gianrubio
+    - email: github.gkarthiks@gmail.com
+      name: gkarthiks
+    - email: kube-prometheus-stack@sisti.pt
+      name: GMartinez-Sisti
+    - email: github@jkroepke.de
+      name: jkroepke
+    - email: scott@r6by.com
+      name: scottrigby
+    - email: miroslav.hadzhiev@gmail.com
+      name: Xtigyro
+    - email: quentin.bisson@gmail.com
+      name: QuentinBisson
+    name: rancher-monitoring
+    sources:
+    - https://github.com/prometheus-community/helm-charts
+    - https://github.com/prometheus-operator/kube-prometheus
+    type: application
+    urls:
+    - assets/rancher-monitoring/rancher-monitoring-103.2.2+up57.0.3.tgz
+    version: 103.2.2+up57.0.3
   - annotations:
       artifacthub.io/license: Apache-2.0
       artifacthub.io/links: |
diff --git a/release.yaml b/release.yaml
index a07d4511dd..bc7b6e18a1 100644
--- a/release.yaml
+++ b/release.yaml
@@ -15,6 +15,7 @@ fleet-agent:
   - 103.1.13+up0.9.15
 rancher-monitoring:
   - 104.1.4+up57.0.3
+  - 103.2.2+up57.0.3
 rancher-monitoring-crd:
   - 104.1.4+up57.0.3
 harvester-csi-driver:

From 083cd3a1a5d87ddb996408603f40cbb8261dcab4 Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:53:30 -0300
Subject: [PATCH 17/19] fp: rancher-monitoring-crd 103.2.2+up57.0.3

---
 ...ancher-monitoring-crd-103.2.2+up57.0.3.tgz | Bin 0 -> 299447 bytes
 .../103.2.2+up57.0.3/Chart.yaml               |  10 ++
 .../103.2.2+up57.0.3/README.md                |  24 +++++
 .../103.2.2+up57.0.3/files/crd-manifest.tgz   | Bin 0 -> 308610 bytes
 .../103.2.2+up57.0.3/templates/_helpers.tpl   |  30 ++++++
 .../103.2.2+up57.0.3/templates/jobs.yaml      | 102 ++++++++++++++++++
 .../103.2.2+up57.0.3/templates/manifest.yaml  |   8 ++
 .../103.2.2+up57.0.3/templates/rbac.yaml      |  76 +++++++++++++
 .../templates/validate-psp-install.yaml       |   7 ++
 .../103.2.2+up57.0.3/values.yaml              |  17 +++
 index.yaml                                    |  14 +++
 release.yaml                                  |   1 +
 12 files changed, 289 insertions(+)
 create mode 100644 assets/rancher-monitoring-crd/rancher-monitoring-crd-103.2.2+up57.0.3.tgz
 create mode 100644 charts/rancher-monitoring-crd/103.2.2+up57.0.3/Chart.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.2.2+up57.0.3/README.md
 create mode 100644 charts/rancher-monitoring-crd/103.2.2+up57.0.3/files/crd-manifest.tgz
 create mode 100644 charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/_helpers.tpl
 create mode 100644 charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/jobs.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/manifest.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/rbac.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-monitoring-crd/103.2.2+up57.0.3/values.yaml

diff --git a/assets/rancher-monitoring-crd/rancher-monitoring-crd-103.2.2+up57.0.3.tgz b/assets/rancher-monitoring-crd/rancher-monitoring-crd-103.2.2+up57.0.3.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..5aab96d12b039c8a01be1833848fff92620de5d5
GIT binary patch
literal 299447
zcmV)1K+V4&iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PMR3TvXroC{D*9QX&cnhmsJ6Zjcs136T(x7?=YyILr(abSNpI
zA|N6ljnXJcND2}XBB=r@Eu~<9D2n_)16bett^0fT-TU7E-Tm={=j^@C+H0@1SMEJH
z7}^;D;w0QLXe0rHL!w<JoN;hT9Rv(Vfcn7PQDpz?O-f2iN<mI;>whUJso(xDB`>2$
zCM~BZuOKZgCnqmMCM7K|uOLkZNc{`u{>w(h6JR(pssH7<e!IB;OBxJ~#t>ixBnFLF
zfdGIri~vJnT%pb|0s#d=kr+v55Jy0|AVIhau(MZw7Yu=f!$GtPz)!#tLH^$bLBrfZ
zJQn5*ssP)aKW{p`51s(J|L%7<5Cy{Upakjr??n7&!$M$Kq$P;MBQa<dz*7bS2l380
zB$lxCZh*!UU?>zGARs_M$4nOwxL|O<g9r-w(<ul(SWpFkVX-Kr^A^V-p5JDamXd|a
zKxGaQvGR&gDX1*uKP}e3-TpxTJz*#!i2oNEfWOjzIeDqy=)Z!Lw9J3?|KHIB0A0`p
zMnn;SZIS<hYLGSs6e0kaBanCii3ebSwU*Iw2^S2`9Y!F4aKHtL0!aY6pfd`F0|8GM
z4heHYfp~y`0h~Yp3&Z0<IDkYGFn|w+hyw_qI~D~afOseb;)=pJ!B9K)hkyb}PXK_$
zW49jw07R2;!Bqek7zz(=b#5Ds9pcSES0tW*^HBl#`5_RbJIr+p2M)wy@T3*^d{=5o
zJOV_aAOJvsxvBu3QcxMFGz5aiz`>Is3Unr5a4LXb00ct7pg`P?T?B0H{_j!ff3p37
z{(qN_qyqv(VL==oO2Gb4O~GI2zqE{^?63MSBPA^_`(OS4cQgUOY{#oZ{QM*UIOu{z
zg8=`wb~(Ve)yo05qhI`hL_ok6AkqbZT5dauZSDQ$uzy!Czki0sA<+aEfL{nN$^Sn>
z0HWdl@C*?EtdM9p#tRReBx11`9D%eLNioQ`US|{$PXKX%7ZQa6U~o9Fvo3%DL!t>=
zCJ%)~6TJbF9l(o2NFYui3gflY{gW{unKLg8?hFb8gW~~b3=u^F1@O)Y5KcsaaMCyd
zfx&}6V}yuFlF0m-!CRveq)~~Vuy6BM0yqPbOxceR2!khuR9hBWW#?N`2k7DgIuld?
zeq+qZ9Rf(*7%T}N$&&Hwc@SYJ{$IKE2V~%P?B6dk#)IyjAWjG4jwKm&el=;Rw48(#
zKLFK%VPQ^46q0}h@z7&LCvYeFg6bm)JC9p<oInB$dWPr(;?N+;*l#UHWt%zMWTEij
z7UZ7-{hrkS)2j3Ti}siH-wosRzZwVrh5c8Mm6!QV{HG`<FaKZr|L<r&=S@y9f-^$W
zQyOvxiH55Hh8QP^J4k@RVFVZ{n%Yi|{QLmuc6GoQ<_-b@0TRwQ5JmuZ0Co~Q5|r6?
z-nIp|)eQs$KmY&*a{^KL?Z^&>#r_UP2mt&hEd>C61c-8n;t`Sv4CV~K3V_An2@=Td
z#7=zsjfi!{!QkM|8xDg)Il-LI{NvXWa1aF&KnW}cg>?4eR{@+r7Yq)R*c#hf3=)GD
z2ew}EL}zCZgoE&%cNZ8E1;QbCEa*(4>zkTv)A%#9NbN5fMruE^<4;)v0N-ZadIoWx
zNM}&X*%?Db6O8|0CU+Pb=DL-!Z-3)V#32bjIv6wo^d|h66GudA;f*n9GYp3CbBz6c
z%mNSMQ~;@+PG=07<TydxPh?B%taf{CBpZVNJ_Z2W5jly#ZyfuR5CaMX1dx`p6CG@Q
z3;hww0|5al|1eB|xqjo)PcxblQ7F?bDXRbmF2)#wDGtPgXu?l$&KP%h7#gnfQ<nrF
z>4Zc};t{{}NjU%VdibX|005m47=T|3i$(b$(XLxH1}GHDulfs+`x!VA2S{K6Ns!<y
z>5PN_I_w0)g9>th1bk;4gLXl>lE6q(M7n@@0+itD3w2VE1N;F33<pSf`+5QrI)8wU
z<W8LlC{hlDBI%xlnag)bz~BG-__n})8CLzBwdrEeARqrv1D+TZ(H%4*?LNH9FCYBa
z3O`8y1%Q;8!Qdunl#dEPz!AaU47!tWn!*SOm7h5Q`SvBrUK74a)dYP6hC~r@-*EgU
zk@EwPXlE1={zs7x6z~VoNHiQo69A<j8|XIy?$1bn1tMUqVeY8k2mC|KqyXl7$1i#2
zAJF?tfcW=F{yAd(Gm3wP`+Ed$%l*5^|5Vu9k~4x~f8HQ}WEH=EEg>NR`4_mQZ7cup
zc1t+$$Hf1q`JJB#`~RKa+2QT~lYU2+wD$kg{LZ#O00{}CE1I;+(HMe+3x<e>tCLLr
zANrgBx|RRBmH$0%<v*Qi{h!(XGXMW>1penWfWJEbk(H7DZT(kPTJFF3|G%UCa&G!9
z#M1euV1Fyn`bj_kPN?+_-S2rAQa{NwK#w3%ARej@5&(V|(&In)BYwaia8i&1(awNB
zuw!53Na+954E?{X{iXinoM6uXd+UF)GSa`j|Dh-+^I!e{x3r)2e@oObA_0NHA$_;J
zH}s6sRyF>IW!OGRF~gw1ziS(I5`n+Yuf7B0h$vDdAOXOzNPQfJh~4^Z>lO4SfM^o6
z_#M)=PI>VdBF-7yfpR9|2^jZpom&ST$gM~O0sx*M&Izvq*a~k~J%q&pVONkq`VUJ=
zGD#2HaVzPGh=uRKppbZiu-%`Zdtvcd=*}@Uuyuy>gLuGJcsu74w)=(Lt$z5o>}U%F
z3F5bab_gXkTVWy|{N>9nbGp6QKW5@j5!P=L>VHno+DJ4UiFW<pC~gc2Gy`2ou-|z0
zCp1C;;2*c*UsHr9I=O+)gspA0{r$;bGTFbisK4Xhe#`9dEd9-V{~SC2RW*$7C`n}g
zGyD1HC2enJNl$4fkO2F(JW~w(<jzjs&Z7R)EBscqz~YdeNEGP$^YsxJ3Wf19{WhS7
zcZQ*0+jqsjK_D=Af-y+&!r;#Q+G${_^J|Bxf$oovA61Jj5=oX!1rRnP^=hGggdqTc
z2al6dus<FrVzDUD9Yhmgs2|4fJE##6PuKz%-tL8=U4PD++>vM%K>B-H<PP&z0Tkrr
zW#u6N;DX=Qt$z`^Z^^b921D2i*S6{^KUncgMkfIXf6v;4zxCijXB<cn{@GOhr`_TI
zbL}tVKTjA6N%DgdSUmRIf!jYB5B^pDry%v4`+qVr@^b&Z|MPEY0y|E?l>msKKr|qN
z!eGu2u>k*{1qu8B|4-hRAK)kb6BPxdwk~D}{4;*#8!#F}07QPhRib5Tu;X&@(4#Os
z!2he?k^Bdb!!P<BqYDg)0{G1lAV7fOTtUM3D?o4zh~JtF0rLd6E(HGr8bHg`;CrkE
z1x&Xb5dcTxNkjvtCr$AH5)BX#NIc+7@;p0rd;p8XID;T5R)X^XV8o7L`=jUowEX`-
z|IPHYbdB_&?(l!b9Dkwzax(vT|6lsQ^`C!F6ZoUs?poh22JUQf0s=+=kpFO#o`?tG
zfRoSf-lm5L2mnVhUfVkNlfICGDh&w4{6~*F42MT-A%>w)0LJAT{;g}pcwp-U8@{b|
zAmI3OEyxjoBXL`mai8tW#jqdMs~wv0-^d2x0A?HHn>B!;Flbji5)J}55CwX|&;-Ct
zTT2HJ`88M<|DAm3mp*X-hKB#6B@u-}ASP(%Z9DUQ1~`ZXw+mL^j0}heU^wt6G9`hX
z%Pgcv9A>M}3Fdr8{AV_T-k>v)K>GHV+c1FSFV|tdy?(n70~lhQwirXogiJ|UF9`$M
z2LQd1_^nf<onJNJf06_K``H^D@In$0zb^^QcJDXl5-<QBBmj=2Kpcw2fp`$-30k1f
zpfO(PBS;Vh$E$C}ijJz=tHKjNEJ<28(1VD?fp7qiL_34xTL)Am$pN;<zF!dp;23AT
zod|+Jz~WUTC4ap;NE(wQ!0>1Al3VoxxWtcf$?fuh#P=-xw;d8cRSYBrTu5|EU~xn=
z674FwC1n_3yS0R^Z4AR<h-ml^LR^sq1knlVjB)>oCJ8*!6)#ER;Fc(H5(Eqeg_lI)
z@k9_WDW|9)u=VJSaVLfS5(>)F^3ux6vI?T&0G{ZK*b%_i*)!k-{@5C549*>fLiqqL
zIE*{s_<QA%Z_d(@B#l3UaD+l605c+*w38gao!`N*Sd`CqnQoD=rB0-c`n#Lq=e_W=
z4r0C$yp06;%O)Y|2LM9@B>wK)<@)^{jt8+Y9E<>NZ|0rD#edOO{(IZ_TRIDML84(O
zq%VlWtJ~T+{toN5sr%RP&KU)g*n|D)w@V~p|H49J3;|RD3|xLSGh4tg6e&&H;m8jY
z`rZB!wq6NHcaX%Q-;=@iooOdL2ImA|ywD&Hk3eF-@e_q~0iAuEQQ&q52ER=sNufd9
zR#YTT;sOkCM1UywA5wM{{|S0$3KV|phax!89peeY|6!Rw+3FwEZTlE2gbztQgb9Eb
z2)GgPgl&iMgJnCb{*l!D<TQ3x;toTiw{dDfAO>jQD2ZMI1`hKP2YfKZZ|Vo%`FRU$
z%R7<G!H=GA7GxVGY)b;d_^oQw76m_MCrKVdBmf|K%e{akcL~6@f>t69BykK!@({S~
z<=Jl0B5U`z*XfLd|K$=%q474}t?iGO{MnIW&?uj+LIeg!*!J~1a@)!SNcc$8i33hV
z!jFJ@2Yw6uo5qtEv?Wj&>c>|^GzxhJ1iTPiyYKr(bAdT;MgCjA3HncmMgPyVKZyT-
z|IqD!ILDvG|I*U3G73^MzdiqzlKb!PfB!9wH=1tyVe?h}8Lz3z3aMw0KCycrwC<8E
zOni0iwC@6bq;AQ(f4$>$9ZJ}zHd!J3=uvGWR&lb<?6lPPqv>H>dWM4J5BghrUTyHb
zeLDTJ&3){)mrVQVsO-?2lZu~%r>3T+#t!hNYzD37e%*W<E!n-v_~qp%j>gaL3TGcR
zew^%@ZB!2Y+WMBmVS^^%u3{9YDShN8%*9I{9s3-{U(ANK49t`9C^D~Y>Qh`;wc6Z2
z5re%pMe&Hv<dk%-thD{4TJ0mnm71VW;Ox3a(A$~!vkrlM_M04!8ht&!aII(^d@JCv
zY0`JP(=3(yfQP?g+6m>-gI9XbNE-09(|27m?7{KR=CBG_vR)LLy54BZeJN<o$=_f1
z#Z+DQ(I>Lmp*QuF59PsA_m+D!E5Wn_W^OiIU+X}~ty5iH@oT0ATj`sHgqDRw2OC>H
ze$Z%1D$8ztZ-Pc%PRqD@C04vqFxWzk&lPUSASQa~a7Sc|XyV6dwovQ|smP(yuytW=
zx9U`I|3vnF(YC6g(BopsxuIvKmj<Gz-oAg--oDPRnDf>xso3=)+&|d#93B^36aGY*
zCH;JyU{t|=R|}uu8eSR1fz?xS`=<ss{6bZ3*l)IW_aQ?PuO{!^Xpez>a(_fwnjgEK
zDO0G_qtc$e34IyURds0O2;FSQpuc9XlO>qsRlh;6%?}e&)>@xo6&Bo};#0lOIsCwQ
zW>UGQQ#lZgJ&2EUelJlk(mLPzX)WEMBJhH#p>8u$bhRI~n`uA4m@!oxJ{Y?2>5RJn
z`N7HF`MAC1obuXuPuC-YgKrAO_1K&eFXcp>--}ntjLV_p5EV<xIcaDnxZi9vi9<=p
zNmQ_-wYtq3SAi<CKS6onWben<BjdXVKR!GuVlg_lyQ4?Y;B^9@f*#J8dNOBPH@2Dk
z{9dOVo@Q#N_@Fr5i+$`9kPBR3a}@Oit4G`|YpqSYsl9H5h3x%_E$CGC-satY=gOnF
z7myuqSv|5Ef(x?FnP~90%`r|<^*MDKyM@bV_h0`SI^$zudRMKV_L{L+N41h+M=)GJ
zxaUZcFkZ}n|B&%Ttbu;=iZ=eNM_OQ~L?bh;gw2eZ`%yk0zxq{C&Qs*X^UUmYqgD?^
zEZK?!b6sZN4GqcT(jQ0PKK$ADg_UH~5NjTNc54E*{QSut+=ci($PNVGszzK)oKwKM
zo_t5X`Qq2oD7yT|ZZY<5iFqH~EpD8OBgFJDtgy}s`bAO?f2PR0wpT#@HtbmM^vgx2
z6zelznmh*6R!88pRze1^C>Guuvjr%0U*=nI@09m*YYy#x8!WSw=9X3bDY{MeNRUl(
zdA{DjMBCJvBwI-VOZc(SE}3lIblEPS8!_3n%0@3aM~x<`=NLQRgu)kHO@Vi%5Z9%Q
z$CtcLV0>~$^QZQfpe=J7Vf)6wEAC(2-RTp&PdHST=D~2QBm3+gMSfy=-Y0I$7#Jxy
zdN1-BeEQTuyjM5(b6O|)?ze5V<{sllGEeB#9WLa*EU7+qldD5Hk<N90t*u5sji8Q?
zP^7>b+8EL@or+!K>K@`%ZklH`%1`_{7Ztnys^ZGU1fj{JjRw)fmti&f#di3We4)3(
zdJeQk8(j#^<-{e8;?mp^bn|g7d-}+i-dcl#*BD*B`6O2QlfvekqVB+BlOCOyd!MCv
z*SA!9%#Cu&HuwRd0B+7y@?xlBvF{<Mz}u8M1<ta$h+qcW7?KZe<V;Q%hIB!K_vtH7
zt@iZdZ(2~-@abEPr|%88m@0Pus5EFeGOxFgo^V&_KDTh8e(3dslxfz>$(Pp6MRN@g
zu&thHf#`IclX`Z1C7`eIG9%*76E_1|o`tMl<E&(-x_ff><6|;Z#b(2u8|LBTi*MRB
zL{3h&M!&uNe6mV6BQ8EPC&yIHTT7`%Q1%^<y3v(4R-A$B-62<uPc%ibbR4_;DxH@)
zC-2?Fxl6rGo1gBVo4u^@@$1*d7nm>0Zxktdaw*(7LM3xvny$X&Oe;v;TWTO3|DJ8d
zpCboXQNVJC=ZloEjg;J@;Fme((7plD9x9*kBuu+UmP9FwPpP?qJGa`EI{rs(b44#4
zg_AF%DlReg83p8^IW0|vjz%H)1e@lS;Kjl*AXRA!pHVM`pl`*6r}Vb(Gjh!r%KIrk
zi%Nee(0_>%DNMPv(#0*nRTZmjqog`4!-uc|PbP!D#g_h!wq9CCg03+aH|OYNfhR+E
zLAaPD0Gn3=fX$=<b)SsdIlxANXP!+Wgl^rzf?^{1<#b(as3dl;+lNMLztRa8`O4dg
zyNlvlKJlm`N~rr2Zv-&0434M^O(f)MGaOB3GqRd}#>rIrcAs@=n1DM&t>5|0I}d`Q
z-;elY)8}|{hj2MM3U^L~y#g{TR@#CRhuP6zk+iJ!6~-?m+4vXu7}Qw^<DsFE@AgQx
z*3NTTKCs^?2&pa~vVCo!bpP1r&&N)8uSYT@U08agaC^~&<NRI&OZpn%{Nh+yKJCr@
z6{7}sd0Ioe5hwBn&gbe|h8Y)=mn|J-+BaLsPaG^}gp!@SI5tq%Y0^8}00RUv9}Z+^
zv_HITmeMOZ#>~o!-><%YX!UWa;}>%Nf=`Z(jBrtl&x7R?BhTy`dk?4ksV0-(?7w(V
zwaatnD%Jb8+d0(hjn#Ql4mIb5s!g5RJ8nVy2Esecx;R%7VqE9$IjMTz2y&PS9iVbe
zJdmWH#{02|CUl>EHU3_4X=+`Q+BIJ8tdLpZbY5=X+dOJjn2&TKw-Z7+gy(oo(gTgs
zHwOHdW<{@IH*`vFeTg|{T%L}v`|>H>LM!mA>lKNhwxJ@{cdlB72Jh%6G|F{lRyTts
zx+Trxl6b#<@L&1TI+m`!u|7RN5Wf*LJM8)>@N2i?8_j6G6@usqPJDHO_mU~u2ah{$
zb%ofNiK3A&LY-7R{gew#9CNK4_>!Uo|9e7cz^qx6wdykNiA^*cv}o~8&B4t3ZQ;3<
z9&~A6Uw`~Gw&|(1zA=`*@nxlT?4o}9=EiV&eB*&j4R;zhUd`Uz^nTmg@%FY?bY_x!
zcxv6K8?@wE3R<C?LUC4rOvsmjuXNt;qyM0||26;acT69ye6X%;eBSPX&RV*9B`U|%
zApgko*n}cYD~rpMxt0UVhYm6pgt*=h?vd<$Ar&?|&1EcKqjdXV!Q^ZzyGB>k`Sj(Z
zHq39!Q>{*aQJYzDJqNa?=XxWl&Bq5CLz7Mz8g(yyDfDfqmmezqa9i?B-A0PpN!~h~
zWZ?15&+j*V)>k_sKh0B`e2|>sn-t_DXw@X%9gsEGXe_px?dQ)M3UP_8pD&R1jDFkb
z)kfxTrjg4JQ<LwIf$e5f?38`)rrLK?k(p&mMEMNsP&W?cm%n#Ut$swy)P{`dE2@oz
zA~WM!;COAb(8kg`VvKRY3QZiApNXnQ=onju;VC|8i5MH0>plGL<p=PdrxNQ+?^dhN
zv9pKfG#_a@?He7phbYn&!V%rjawvr+Z;wr?pe~(C$N4y2+>*}7QFy>CYa*=!{S$Xg
zM}KLDyZE_epF`JP*BOLUbqtc-Or3EKePK?S4?UE`9NI_WDo0F0M+z&2O|D1=y>fLv
zPiv$oE_|}tfKRnt7*j|;L46rc3}m$w%t@F$FG1&Eit{40f0U4L$yODc6)0zHx%|RZ
zKYd}7x_e-?w%kj2PR__Z+*;_tozC8bIC1u=BW7<ijZv#9V{{gB8@@`D!ILh@^Ye=)
zQnp&7Qc^Gq!YqX~KDeaY-jVx6K9leH^g>pZwV?-ejja1PO(66$z=58(efv?6I^JT1
z$0F@B4?3MXaLK#s@+)&;iY#iYl24v+D0FyB+$ZX*(OBVnls2l4aNbomPFc=UZkqSy
zDUqSm5wBE<w|VPVAm39L$KF#W#J_x<KTlvas5$uHLKnIB?G9E&(PH8~htbMTvp&)1
zl-5ml89Fx_S7n>_G0|w#3yX>h9ym`~kr{AQ9&cq>GqdsZ`UwG{5UH#q;qPvYqnY<r
z-*|wAu3EC*0uQtpaYNYScRRI!Qf7mDibkW1Xiq?SDPc~7TB%AGl0uoF-UmV%#_4iw
z%xNJ`w6;Zd)sCLb&<ueiXY_pTWOy<|ZygAwN7Dw9zqlc&8LRr#GNbD7zDE`5sq#w~
zE0lAO?C+G`!&WZ3Ng;G9mPLX}l<EpWt8K2GV&kJO!$aP5DyN(gZ@qny1>*a!E+r-%
z@jP;)x^p_R*-%ROOS>@4JG<vd3%_xyHgkUcV3h9lXJa>msdizE43Nkp&V<8yYzJr8
zdm`0O@ued4CVb;2N>(qiGI+Fmk6WV{V!77d840Aj=0;I1DR-3@^-n<eDi8WbKE4wv
zRkCY=DvvG0co%sd8+n4iCNYaOG$Q?;y!|Wt7nG8odFMDNC28!rDegt{DoS3I*1jW3
zc!)NDB_g8lT@dzkIn3g8NlXltblhP=%0qni$dcn2pY+A^Qryja!fG;mIL=F}a7ScO
zpS)!{;*8ks&YPz5wi{(jgzHnxaj+crqg%)vzsD2hkgWt`<Ctc6^0<;!#)IPE>FQAW
zM3GD!?>QOJx@`$+V0d>V;WF!F%7;<LjfUGOzRZIH)UPBobmHk{1HXP%pWGdUNYX$J
zC9x_=^6P(DGOst+*Wh9ikr)!xImsWNp_FkYvZv1#O{9&HmWjG4sy@~e{nGwL*i4&}
zO#cca^vT2O$3;Bcp=qz*m)Gz2i4-6nQ@@MP6HTnHJ$r)JJh%nJO#3$b$nBRB3j-o<
z2l!J@-?^?8lEv81m_<tn7Ri~rYWM-!Y#(#-PVTv=N{0b&9rmy}=GCSc?hUbW#F-R!
zcd#l8G0LttT#Df0+WY$6%{)!2k=)&n&5l2|3r=h*Q0JXG?iaJm^Eo{FSx*YhiyQNM
zyLg@IF485bOMPa46*=tSUViD^K<WJr<$!6|3w+EAcXR{7qqTa$I;!0V)<Um8e$Cz`
z#W%f&h8Y(eI{;`t5Iq~mwC}6eOsk|+``1GWG}vUb@+FSGFHqn3;@g`F^@?YRUnwJd
zzqXsf05dBSINjCUhB!=tE7#_8udAh$p8}`L=G*8-b6)U1OR~b)Tqi5)mI;C|?xKq;
z=@w8wZL4t@`#{SIeL%O=_vyyuI#O@b%Rj}jrRjptr+2IC_GVqY=m6vx)>)?FIAco3
zc-gt#SuU~%11D0On=a9~O=SCqdG6;CRrYIKd9h!QD=_d-dH3h_SXwi7%PBrKz9%IL
z4{8DfDtxZxUlXodoFjiRd8f|&<En)7WC^Y#cS5M9Xe{{61s5?LfbgCnp{SQ;9dYk9
z?^grt=MdpMw!i~v0QU2m88v!Szs0fXHSg|wuQbeDn9!T(0-n0j^w2A9c2+g+GM4vW
z#qJt@>9fIJt9naD$S6igeqD-4ac`WCMoP(&Oa{Tmlemi_B>SqEloAh12z7`6_u1i~
zoNk_77tsYgHBDL!T5(bFg|;?<rP-{uNxZJ+bFAn}(0yQ6-)U%b;CZ_)+p=dW1_i3+
z9rh@ChXv7xm2w9FMo51K!01K?Fp8axV@jd{Df%!~wccN@*YhH>#(Y1$JpQ1@*TCD!
zY|qu_CSm3GXz~11X{{@k<}o&Lb=?Uc3C|zwN~An@P<-{xlY0{ovz)8Cw@?$KiLVc{
ze|RNb65VIu0x6JWNxNmZU|b2wex1#woxjO#AXfhTVMg1BbIBITPOs~kUS+V!bVxs}
z6s_Mhtgnt}{#<HF#d!7k6Q&ncvr;9~Ursw{Ci1i*oFhy>C$Bo`a*Wfdxk6_2Ob;|Z
z?Gz}1q(|IbWh!m-J<kMMxnG{><l~9CF7!3?{3eYiOOVK9<8IRy2iZzyMNRSO03V-q
zmz9^Vjy*~psWs`{(@J^I<Xk$1Mu6a#mD-Hpn_T)eCHgfE6*e9b2z!T|P=VANspo-#
z!DC^_64rs5<&>z!hsZIx4=HE*amNz%Z@BnJBCQsy6zXi5dys}y&8=l^r*LH%MXbZD
z^!(Swp5JLyLm=&41ck$Pohtqq9y}H|v*vrgu(HAg)A6o%uq-GXZn56|Ua8$Dqs#yL
z(e}!aIjy%(;<M_^e9>9@u$Ri7+$^DCHS#*#$pW%R(`W9E_T0k9fjm{4G+g<1iE-Av
z&4l?S9sByb4Yv;WKYzn<%`a!1#wX}*;CmZC`sdADy9d-ZRrwy4Y^*L89;I02wrgy_
z?ZXwb)r0*CO6#&ZqVE@EsN+kRXbK=^g8tTqS*iwm1*Po|b}$Ry)h=qBFKJnNaOl%{
z?mYhX(**&w56$w|?o?#X+Vm(Fy5I?lH#?rak{C0Cm4Kz(*;Z4-`!27YqEGT@eizSi
zKha{`GGRL4)q}x9ypsu3FL2xq6V(E264M8#UZADX#1QFsH(XBhdtg~TbT5u(cTha#
zNA7c4WiI3mtrw(P2J~KK?|!l@E?>~JOTfnHFvNvU^u#?E#qqag)<+|KlO7&zUizT-
zVo_G{gZ7=N*GntsATJm*f<sW=p=IReSktBeGBKrF){f;mWMbZALQE&9$6i*B9!A%+
z7Fo0~R^^SlufMRl_wLnQRkk~?7ikfrv*d`;Dtcan(T1cH#O<oyW*@sZm5@}9{V5lm
zCLb%@d?<B~->%kOV0gFFuxfQ-0)qh-T6wp4<>i7+eNCVP{q<v2A$o_bYP|LZeW6t0
zY5eHsUl(0#oLCS$YK%cNUvnJDY<==zy?y$oy7>n&7Ut`T8PQF(C6^w8Pc0yKjif(T
z9pUuJGf7#lA#`4l=_CJAe&Q&n-J^U>^NepHM|=@0K`S;cV$S4LuWo=cnIzOKEQ)=Y
zb%OfFHA{i8meXQG$L9~hxV)*Or`|?$G(Nw};5F2XKXg;?#%M-~4P0f|6{@A1H1N`X
z_~rE&m-ara<b#NOkoF=oHuS6j6*r%R;o*#OYYm>QSfM88&bL@Wc8w!XlYTE;mq81n
zC1e*Xy?$F$<8Yt$`*z`T`|=;>GJD=_5R~WbebDn@kJUA`6Q}53hHico+_fAirVYq>
zK(ul`m>ptWtQS`>k3Bn4EGjDT5E0XJ6VW_<T6kt8guOY^a*v_^u@#|s-N*?+M@&m(
zpUhlIT}TCw{L+jaVbLC+syt}Nk(@Da$9z_We4zz6tHPq$L2E8tkZ~wu_hawdem+cf
z)eX*&x_#c#Zzjpe?7vj|c*L+|8D*aFJQh_v*+veY=oZ#~b>jI{pSf1wTH7mk!s3yO
z#f*-?jZO$DL@4Vw1ls1@4$%eA+MgX)rg}t47Cajw^~YYnCDp>(4JiX_do<Rl|7>E+
zU4{K5#jM`+dG}ca#|BC_LoCH8<1=SO3%T9c)P{@2-QBIW*65`fyHn^GFNar%l_`aE
zRV6z0(OFkN*>@Qn7E+p$1?-xBaYo*!UK?a^SV&s*MlY~PpPJKS-|-stc{TaIbM<*K
ze7A_I!mic(sO;K~jrV$(JVidY_aLV8P4A)ljoYP`CAnR(#(#9X4;l7P<j;<5o)X)o
z%UTk0tXkaQat&u`ThQ9`nMKV8-n%G%7&w<ud||B4_oS62`hocSo4xnW0`r|}{r4^W
zlFyr-;4o(&(OM~pxbmSm-Et+Uy^8(__p_v{k`ATILKR;o9$)>ysCe*X*Wj&dG2&te
zlvAYNGR*GT9VlnYz&mv4PS=~G9mAhzysnlyZ+x+Ixwf{-$CM+6XrnA_LdRB|VDVHp
z@qW@5a@O!Rm+n%Tjrd5VlQ>0{M)gKSB#ntF-4_)#t?>`bxsYdHFP(1+9@W_Kh|j)0
zH&^$r3Np1jy~lw|5&NJfc&T#LgJmDLBX$=Xql^eu-~k!BT^H>O?u~ov?%KQSB9_c$
z^RkSeloE-%H0=r&XZzB`$g?FL%VhDtp&4!{xR=Ril<baF(d68dqou_;$gIg}PA0^A
zCq&;n7j{RlV&b0s`N^`+`PjW5$JJE@f?^XNTviVmW9EAkla$yLHw}j8-dwRpL^z7c
zK5ARY(QT}<HCrO(WyOlt1%)(ae#7aqY$aq=^k3C26`q>)>ZjIAHSq}dYSbmY&<O~Z
zy3H*;FyW+B!lRY(G>W};Vp8FF_j>D@Tg*?5Q`bAV<v*G%>!{{wYY<-AoEbZepwDDz
zZm*y>WnXb%*HW4|P8V7pm`qeC%70UA3YxEkOHlNy*ZZYiaXJDqtQ0NZEZGxexm@yO
zc)5w?<e{<5-J*%hX$K}NtU?D<ONtJ?9!xb}gxpCwAUZEHed3I!etM0;ddHWBHC0$M
zL^$~aUH+%I8Ra9v2}#ZdX7!>3VpvNhD#<x=Y3^Q$OopzxozaWoDc@JBeRNoZ##Q=>
zr;{hp9_j+B^-51B6$+lk(+cmsots9n@_tUnB!jG&Y)=Lc8TFji4Kk$5LjC1i9!U@N
z*an7fCiX-rj&LcfE-Vdv#VJL)76w%d7(|EOcyWxr$=u+0!1bde*BxVlBMI;5uW-N5
zwfQ7)GO?j0!FIw1SDBH2>8{D4lB)X5`znIX`uhni1$tkr;GgOb4%tmM&&^9%^CXw8
zJ&G;r?6$?Lx3%-k**OUJ7ke_Ri+nwJGJ*2gBcm0OZngG{0>QUTnGolf@o<`XAF=-U
z*;*ZahyfV0ZZ($PpY=#As5-AJNX*!UD#{h`!Y6m1=)@go$bQ5x#w>j8aiUkty9`E4
zNlh+sM92&oe<kznu=B5(HCq(UvLZsL-ES$7jX18VGrHe$BO_7_(whovUPqjuaKDwo
zxc80Ic<a4rofjXkym3N=R8Sy7EGX|ZEzlxDX2=mC74*F{g<Khod+#&_E1a?;n?Yu%
zF`A1%4UMq4P1ZTEVn#iK<Y5U3dnY$R*8Nog{9u}PBc&k1K8<F?v4ULNm}E29LQ`!L
zG`Wh{x5*3O9C2Kw*um$1tBwpEM2cuhai}oev#<5$=SDYKq)%Z#M^H+AzLYQ=GTN9@
zK)d`QLg5sjd2kas4ef&rM(<O9rf9TV*kfs^k)~UJ$oFM1T26=DogdtDvet&9=E`)v
z?*51QqQvO5pum_o<(EpALuo4--|en;l!+=)NqP8q(qefzG&b(!b$~^yJ1l@2glowJ
zaGYGL)#T_-JlLE2)<1?F9}G?7&5GuTn45gBLwMVo3H89foiV0qixjcG%*u1J_E`nY
zx*ioIH)TefJ0uQ1X>A`>w}BpDzhE;h4}KkJVTM|Q{e89CU1MCyFSxU~PO?OL+$p#;
z-Kx}H(iS!|QY#)}9I}sarn2XeB_!<nl>;2iOjbTLoE)#C@AUGgxLXjc;~wv3;)~v6
z!SgPcC5~#gi77nKUce51XikftHFX}pf2I29OTpqY=G#?|`aelmJbWxvBYL=U_QGC!
zT?f8ZwL4SmAJ<R><kL?P^IoE-TI2U!+Z0ZH=5nW+`00gPQIt#hh>`T26osVfMhk0N
zV!%fE9?sC*mIcD61C@(9!xua)u81b;9>PmIyRB%*?@Oi0UyW<aPSY9|DzjsYvKZZ`
zqG!&Z>JdC3#J`*$OR<5>ZxJn#nJ?$$I!Z0}K-)Sax#!NOD>}0I(>*7avn{JAM2-dD
zHTA~w&ubTYp(>+`8$&Lh6G~%Av&7vsI#$oH`p#PDs^46`)zof8fuhtE`Q*3iwF^UR
z6)Baz2H|?$<Ta0>YT_-I@3@7JM8R(ty6Cp4@4KHHqjBQQy;|^UctW+O*#>vO>@zi(
zPe)XBN6q7*+`A=LPBuEomd_^$Mh%?LjcvI(HE$MRo<Z+g1y>YUAG*^HS%{ihxA(cA
zKNm%9cblKyZ^iDmOR7a$Ohv^-f`KJHa!=rfjD(9@_yywzuIp^R)~ggNWx@8AyMb2_
zm=#^^Zt_q&N|AH+mc3nWlo?ko#s+%33TQ}5NYcj0y+XZR5MOI@NgDfIbxPA09Oxy(
z?JW<TwYQYllq?K9Yj4SO*4{FOtiGs*+}B!5^3WVOL~ZI!<JPS?e9p-G6iA!Vc3jfJ
z)cGZg^r<{)wjGx)??TcAd6$f<7F@tI6`wGjvetuqJ^Gb08}cpkUfj&QY9Xn)jjy+>
zlVSV=ZIy<1u)+k)C-~m$v19Dj8@wzb)Kx)BWaXPjuc=pW)aLuXK?lu&?Ak&kr+0SO
z$k_;?kbC2ExsY8KNonXf9j)UBUeR*eknEI#2sCyJ`!_X=rC~oy?rW`g_*4z++gar_
z7Lx=1lxO6zb`dlM%+<|9D(uI+&LFO&f7tbC?@jd8bhH8&r@uzS`ifrrxLrIwj7Cs<
zR{>3Anya&*SWj?5c*POtn!`0CH5adms)cf#>Zk6Lco3|RJHW9b_^Ph8H#Hu)@^m3I
zeHrSoDcnhPuT9nsz2cPcOiW!8ady81+Uqd1DSi%S_cjO0SE?_=XE?;LOmvz@nIp$u
z-|{>S*1l9KMSA%0hG*OIs2K;AbFN1{f4X$Gwb)_Qt;+Fpm~~G@maR$6r_~mouChrX
zHo+CK2w%MmFXR@FVNX2CY|8pNb?(}Yh^9+ln>z-jN0*@vwK}g<JVXZWr%liX@F*7w
zO1O-zi&s5u)>(B~+ZC}lt{YX5)4XEt3Rr4OH(4>59X)3(+0!@KS}yIYSL|dI5TQHD
zRl}5NMvv5P5b8>?WaNKx=9ctcrk+^H5%twbwWQAl9PU;rB41i)uPyo&>EFrq;qf@t
z-2GNb_RD>)Cw_Tidt8p|cN41La$D(%^gfM|PrQF&T59SkW)JQA*X|d_+XpLdxpX$h
z^xhsDV^%VP<@jAtxAqtle&nB;&zHtYfe>=6rH-XV!s+YDB=vMZ)yb1jYwemepgb?k
zY_do;Nl#w}T$Y$9eRarh{<hU8C?^`b7awohW$o2vc6;i8X?e8EjVnooC+jUFPkvrH
zY;&#h0p}~YjfSdR<{Ap_)_5!B@D0%uhPu-SarG6q1L|L#SX7S=K%a#*I*#)J%f~vM
z!{2atM#xxp_r_V&=}FdPTi+Oxw)tqgh7<~C>&U-*&;NV@zkv3j-V}>5n!)qxWx`&9
zs9N0<WMr;jos!n3_xcK^J$r0(qv}!OqlS{8hBIGM6#~-~1ADkMqF*kzmX~Ubw$^lm
zJom4s?jEyYdIBaxR<158mR`9hCVRY|t7{R)z;4`Idy6B(i*E%=AVVs|x=<n&bjXkj
z<O!O~+H-c*<h`}GmXULIrzrE-GK@)Cg>E$KoE=>~!%m^`U0Z1=ht6^{yXJB;XNDI{
zLvvZ1Nprc`=<JKI=VbK^nIzP&DDp&U<XbbkyAP@r$;g_XEV?R|C;H+1KJmdl4BJW;
zk?i!`Tzw_kskinP<Bq2VrU$dAd^t+Ud^xn2wU-CJllqEc&Tftx`#EHkS4}JB&8<HT
zaWz(;yE0jK?Uqu~q;bD@KTgXLyJAL7(=On2%Mly8<CmNIjD~a+mA0^l%848e2`2r4
z+#{=J5a7MD>Mr2c)$m&6Qf<7=q|i<AvdT|k0W-{zE(T|;C~ARsbXQkSM)+`;<M@4c
zMFzpV&Kn6yvokI5Pq<`5PA*%=Hha}r&9Ej9U<RIvX?^q-dL!6L_u(<+$1kTMbuDw!
z+}HPsscYOQkth;#LZA{=UG<825OP^3-1=-6nk@|#7qWY<m~&koNEq~+(-g4|DLl^k
zg(s#XwGW;oL{pNUBQu&zJAc)y`5eJ>6rD1UmC4p-U1A@r7ME4cq8unTIw|{L*swIz
zC*}g?Gy@Rd=ac<;bB?z$bN^i}^T7qk%7b$}%Dn<Nse1)zhwAv_;zvU<$wZ5?&9G12
zO2>3(`#0`;<s=tzZ@guyF=(=ynsUgH?#;J^%f!WNJC(%Wy_{5DOED3{E<2HsV3*9r
z{-{J?=;F!jGYDsF$hgk^grz*i$rTggk>?Mo#JZ1q$p~tF>=`A;#r4Lm`w7}on^j#u
zF?mRHjgHwSE$!Cxnh4ruO_QhV8N>N<`VYVA@G3B&dyTozdQyyZsGRi-=ByKpGg0js
zDa}H4<khP&`Phbe74Z6*OL_J#n!uIrKEKg7cE#6&$?j{3B^6`U#{s6L(#G_(q~~&L
z_akqp7`ArW44|ZwUSGV+>Jm2iTt-bbZXC|j_Xs-2`RXO^y4$<tuCU7)t>OX_>l-n~
zj3)WPXu^S&szmmygdz^N)LYNQ3oS0{pE6ACzTzTwSU!ET;{hPaZWs;ucrPc;tk~eF
ze(5uMcp9zVu(NiL?_(bx*7<p5L}DI>kUk$Ln}0{3^;0u{S`FK2!_a99{`ug++AALB
zPEe#7nB;ma!7Ow4X}wl8sf$<RLLnE<l<A&&HZm7faz{xOy^86)Y<&U9F*p)$`&#dD
z7eCUtt~P3K9JVMz5yz#8x!G5gCHhGY+3h@cSVv(9>WR;gz_FT%;lx_xeRxw(?>nIE
zQst*7DG;mgpgk7O(>Pow{~_t<%F##1?}eOz&Gk}U%sWSacUMYTwIg=C?fkPnZ^`E!
zl4wfHkqoId#Nms#!_i9_7u5S5KB(=v1|2^%c<$JO#31vcLx2BM*%(!sYqFk&(Q3M_
zcl>)slp5n!xqV`ftg(_=^+N8k4^oap)`#u}v!;S<sn6C88)>0#GVOX=PR-CL<)>AH
zlgLZ4i#cOB)sH#5Mh$ci!uC(8UW>}VKKvXQxcPzS@UD>Y%o?efx1-BVy@Shb=iVA_
z7)}keYqZ?6@}+2Qn^uxD9L`Maychs>>4b*F+Znanb}&nr;mOZ(-i77KG$}z@L{G`5
zM4Y~1CLR+dbN^UeR&d>u<{@lA?UE=9!P3#dEEj|L5_tJ;SgCOD#}{pHE=t#|lHF&Y
z?Y+XFpt6QUP;pUz7T|9VH<f)EV8}Fo--hL6o8T~Gww1nM&T(5+p|$n(tR<#_m4IbK
zqxOe~doHhA6w=Biv!${&SeruOCX9D(*kjb}s$zEED@>APKfhCvYOoO!d@M~p#pcdw
zPA<aHKE)v!So^-yyYR7wtzAPW;eL*V?17svIdx=vH!3<|Pw)7r)JHZy-ZT8LVzYn)
zdzk@>Ytn;OKN!lIrnH}i5D%3WKZ`FvqCTT=b5KM_Io!#q%`)SUkFZqYN@EJwJHx-8
zJ>uztwo4T$s&QDnWYYX*X?AI!Hrq{RT{p=J{@eDeo;uX@`(7l+_4miL&G|<iJl<2G
z=gwqFCv0;<<gElt-n8HeCnfr)Tpmt$TC|@@H`qC7ti9t=DN`Nny?lU_rD>B5Mz)t2
zn+LyfA3ZTveRb_#^Z_?gx^|8ug6z#?`@?AG7-n~fUAe7U=ws6;qr=kabhq_aXEfuH
zS)bugkLf<X@T{qUGWN)ep527?Bk*!6r<fjuR$s8_DUsLGwbbtE6Ty?$hAS5yT%_ui
z<oEv&%MlWccQ*aP*-D>Mt#%FT?tX}mP1w<?=2#frUmjNdrfkLZFoD5V{svV~^aGZv
z^{h&M(<{Y+xvCjqE#%L`K0WOWzI;M$v<r2p>tTHzL)V43OJ+-U&s`{`)6-u+d=OHw
z+C*ltXhjwlqc{O$mkBRetvA;iTGwxJ%ybLbiAT+gmv1a&S`}kFEgB*woR|swCC}-!
ztHW**{aR&?(<z6Mll-9^9WxG+F-;l1X>d6)X74)+{HsO*knE<Y{9+)>!{sc+Vb0H(
z0l$H|>+EU1B^#G=n>7U|RH{R};`Zbp;zED%8nbKIJ^lG|*FjcG8moE4rLj6+=c;N%
z=kHXl2seAQ{P`|qEXu47M15UuHavjp&f7jM>X#P@DVBWAg+6{GF&`$o-!4heO~HAR
zqeqnc3nF9h;Q}kf)rre-<!i?<ebjd*W~*en>Pne>01GWys4NTawOdHh;uEWstJji!
znrkoej7u1IbsY&3@w;*i$|!j^CBFFsE&UVT<E0TUqxto#4ir^EQfEhlsK@C?LL+AA
zDXM}bEyh0t>F(P5?CVadKK^0(#zIr=hQX<scw+A8L1+2y-5sVKk)k(bg)<jp|5ay2
z;l)+m%nxVyUqw8vs1xccj?bx)O?lOt_$K%9!-UE>)J|$3PZdkUuGv9*JVfT)T-B(Z
z+Si^JOmcmgdVl;uxLv)VnzU$C*V4^q>+ujdSZiVGM*LFFsp96B52xu`uT1S9W-p7`
zTjgfuO=UgT(ecUM*DBRdY>Xz?lDahTl$b?FWTUI`xFWS^|1thkm2W)4A4{({m1(pQ
z)ipbgUsw@pX0tSCkvNi*vf|TobS`)<?%5bs!fhtK>T-jG_hRX<+_-2H=q@#_B=4<7
z0?d~F3n8oZ;w_eTl4B(xdNp7DgoNaneVAOG+Qx*TdQE%c)v#NPlAo{Ky?62IDB-9X
z-p|(qy?*XeM>S8RNJ}-VKyVm${k|#g%@p>J#xZP(pL1qEnZM`oA_}U@L9C{Z)tFU%
zo*5dhn!D)IFsNs{;UfI{@U4VYW3hQQ)loqw+O7+$ujg#K74sPO7g@!h)n2V93tPxE
zt*3mGf7XQBUrdMW@D(z{3{&+z1!H6)=3{GedkRX)w+laH#4J7fJp~ckt0X%@DY@Hc
z%Bnd!({uxpVH&__n%BUaVOmd{VY+cpGjkn%R(sVnj|Vd3MSdCxW5~hYM6mHZzRq8*
zIdY8sG!US>YcDi5d^;e#Pu-6$;8~|O6EPp7Atjsi+Q!T{w-Xd$3s&3YtszCs#~60-
z?I~EJsNQIL&6Jj5<bCQ-4>NfoLlLI*G_?D;fe?jpSO*}b<eN_sGQ}c&N=m7jJZVF}
z^HtOM+>M1yF77StI@{&cJvmy`j%T%3FEfo4R9q%T*cICfB_~LgsVy$NwkV`~Z(OjE
zh_{TbvN+7A7Tn3Ox>s!F%z5K8QTdvp9dp6hxGd_`=dpFZ_%Osd`wQtot6?LQ%8515
z(Krhcu=QMFe32&u`;8aZFWt`fTJ7^Jb+SGGsAKMoW&iZbyW)P0(p6)XdjHz^yZ*;>
zXXjCG^{6gLS{XRp)Hr>Bj-cmCoyabHbn!yTkx7oUAr`_7i{iNQP`c|U^8#ne7Syt%
z^D>GG&HcHuBr6JqYu5%XAGb;cN?o~o#mPC^D?+N%(+6WFF5;?Jvim&+zF=r3Wq`LN
zP$l5gyP=^Wld*>NMUz=qMLy12y1bPO8UEoM8U8d0kLbum(xvHyTsz4wPM2}KlxTMz
z+G{L-vtmvznjy)hBUvw=0&?rfD-C0px2<cEtH+FnVZBLi<@=#%Cd$>*?_U(`*L4&7
zQYnTO#2=5=^kA07C0;(sqfU7LIK=*>fZ1e4@S(LAHI|O0^{=(0t9@7By&EFxXpqg2
zB~Y5~<|ONEqEQo>0p7@F^_%EE&9ZvQn9vuT#K2xQA&0C1)UxAuUFIGrYIwl`KmEBj
zLHVY3&M55+DvJud22%#rN;|Y~Ud3?P?|qc_I6!K*dts2(=)+02loaEAr75kdt3pPB
z&2^@<OHMN(BM&J~F`0Cy`TBwOC-DJ@ngE!6>bR;0Kg7e#>$A$Ig|*GMGw;V5KW<!Y
z4EkCduh@0jQ`qOoA|6TXzCr6enmd$q&(5#Hvv=4yE~Z<lrwWPjav!r>^mw9pE9s!u
z6N$2L)#rCz*Pbl&7{$Hzdh+?YdSz|lY)$#>0qFcw7G)Rzy<>Ad*Q9oD9C%oE-LoV`
zDnEMTNX%yg^|?sT`WLKVVaJlaYZ}YqK>@{!=P`&Q=r(d8U-eTd)c)C>?|t8ltlziG
z_367r?W<SeV$L+%#tT2gWM`B)aJudOLqv1&W#Ab6lI4TMy+=b`xLkZ%tPk+MNP8M0
z!Q!H?+fAt6V0Kld3dcCV4#%eOb=$ugg*16KS1M@7JG8t(t=6eDr;ZPXt|%l`D?d5R
zGIW3TiPEQs-tk=PANKN2hDSA~9b3b&47`4KDX8}$w2_n7&)aQW>*&i<Y3c5TB6(GP
zpN8M4rBpA`XN7%nQ&K}9ZiETmXS<vnT3%%&FX2Q-Y)Ixha%^nWz?*%f^8>}5D`Ayo
zy8%j88Gw%xM+Z>KoMlBEVsHl)$woRqs582QXMQP4gPFzRzZ9hp)lwi1*;3{-e4xx}
z@Fg>IP@Kp<8W2`l)@xZARMcy^w^N;lEWz(IxjETrXoLm%u1@t2X4Er0yeuJMxJ%#a
z(o45f3L@;6SVlT4f2m8`4zp|8S|biE25^3-){e{_tpD3}>B_RdUza9f|D`TnjG7L4
z>kf`RT@s0#2E%9GB!pI8Y&{*TD1ISxO1nM;mpIbuA>^%NlM<WN86aOg<`|e#Ry+Bb
z;~bMO&*!eylqa=Gg?^Rc8)WJ*uiiOlEw&D&L#+ze4>vrKY&_J;V-qk~P3ar3>o|D9
z#s85D@2c+WqS1(|n|3H_*3tKm?~lZkwkg1xhl?$}jP}mDshddlqy$K*iRg%3Tp470
z>$p^?P-Z8=g0Q(wfw1YL?7cH-_2dr4)xnfkbskB!-M#6noFjFatZ_4Aa~u1$dXWJk
z_ndCoo<0LN@=-btH{I>Kcz-NzX068ic2|1)_IXIu{q6IRC55(nmbs^=g!^yj0=}mH
ztUd{^GiDF^?r}+TZf6<dQSSb@OIlUmCHAnLK+pMib`C&T4$kL@-nEI`u@9#o?UqW8
z%X`QD-uFJD;!=*=C1aV%c?~wDVcQDU6KXg6jHfj<byyH0W|VS!tjRw%G_5f<VBQ2&
ziJS}P?=^)}W@H{68|XF7`K1nPO2rvP_H!LJod3|-aDI7Boy&n|!})p6hV!S8G3wQj
zb4G0;@2AH0@j}<{KYwK8eacH?A}dJJ0^3L0Ce?G_d>F?@ZNBdu$3|x6(O>GYB(mi8
zoD1iFaWgaXsN@d5UelJpU57=8u>S2jED1Zs&vjVNDBZ(|QOs$-=)MZ-g0JnN)vT2G
zx{R2rsEMqbk^n|PxxbQ+N*_6-HGDX*!fPx!me#oOo=+v{^TS$KRnhAy<-vwGcxqh4
zE8%Mkpy2+l7^OHv>s#?*d6)RySnfoh!&(~HbWbL$rMfLmple@Nql%*7bOHu%&<|=|
z@oXoFUvyTKv|OmibgLfaGaPm;O5%Ih(2a%l`;J^mSLbr_B4&E^7SCKf{@}B_O2wB9
z`)4{=6L~GER*48LhN!+{VsU(H;hD>U2W(cRUlplFD;B$ld`^-+&6fH^f|B__yob7=
z5dh8KCoHaEqoz@Ix}!ZFs$|=n0I2ARUgw<YA1t#RRgzy-zF)H^;gn%>G}{W3(clwd
zef_Diz)FVjva89nbEQT7oe8etx)zDoE`Mfwn23%X_F7O>Jk;M-yfCYH*g8YbA+MI_
zEXP8L&hu4yG7j=;x@NM|RO9?-YZgtt4lI<EQV!Z}M_kQhq`w(UD%(cQkKEgXOvu#h
zxsJl1T|~{|eKO*cdNSgZ%%$~%n$K4`GnUp>G@lczndsN}A|k^N$?&~dtmda&<MYc8
z{v3Phd{cA4gB`0<%`|K@q|?YmPkb^;w!N?DwT&eVGnUpN8A~dIc58<jiBJ5<w}^zE
zty#1utJ0|6XkxoV&(y_6h2FF;xc7SV{66vOjr%)6)ax;$p%AanI?q>`#hS*+LMY+A
zG-~4esc7^iEgZ3G{4@+S`a8RDANO-}bwUUw2|ID8_!lgfN4Cq<OZ{DwS`BMOvE2p1
zj;>u@6QcA`$)0!b%jx)g9&x9m9*bHc2Ir?*=q@&Ux$L2^s`U209USj>_;~9(Cewmv
zkJyfQKKJE)YINa^vUAm_Iek^>(oN%!QF#r96WUi%JT<|p0@M?7TB(AeP&%(Lw(B=$
zX-p@<HmpiRke){vT2a2WN-Xxd$i;d~PCsVagj|J?kg`G3#2Q9Nt#j1uG^D@OV1A~!
zd_t~0t;jLEtvYQeIq9#a^-g}hM)78n%rHZ|A_66Hj1kO_An!EuBkwfRv0gAbTQ(@K
zX}v%^TQ-Qb+f@?H$i}Ehr#=3}BZRCZdew~jNh=RaNZ6v&j_bkN6{QqJ1lsNDG^_f>
z^;j>kYg)UB9D5zW*=e>$k&qi+HfTo%=Kp=yQ#SawUC$QwUtEtkaXLgfuoN@kr{rHN
zB_C+=UQA!_iV58l4n}#1-(82#D~8Q>)^?AQP}XzO>o8*o!T&rqQ91M!zCp0iEN-{S
z%Y?VwU2M7xpFTx53FB=<7EF3Q?tSUgj+=m#t`$i>tcE79k#`;!F#jY|s6bU_aJ}DI
zuEUdKxunD{_?peKbWOguOL?_AL%scl-J+ke#~Sx%dxa(XGotAH3ZoXio?oA4&)#)S
zV%ejRJ~CCtMET+^+1t{~0Vf-z^LbjnijJYpvJVANNe!GA<2@s<rgr|mn1AS@MlHi-
zo<d(#{`8Rt*QIh5jIV9H5nJGK!-wYQu*e=L32qyjq%$9OvgpBD$R2N9DNJmF^m-Od
z8>@&4;>D|wId3R^kkoBGpGE453^>u*j%nOZJZrBnWE^x=EM|EVv#0;bL%}z%CgPTK
zo~6vM(APxcAKuP}=h5E0eCxK%V2E6e;ob+m>}PkqCXdZ*l-XZ!H-AmLy$x2`Z{ne|
z3|_qVJXXs7NJXs~A@3^lYjK_ihUAP)6G=@SUc}rKnUe{#U-19O*gpnm)^*$Ca5}bq
z#dbQjZQJPB?$}N`wr$(CZR3jVPV&}$pYyy`PyMR?b-wI9=H9bLtq-HtUc2U+W34SB
z3tm$DqgnvL5PaA{aNi&K5D<L+t8|axlb4V5U#lcwBd7&X1&sCa49Ws{_`?F&2s1ZV
z3dqYxVtot<<<|oVVb7a`-0I#54s(6Mg|&TDh6rK*N2kJo|16O#{`pquTY%xdH~p7R
zMRGCzXLvrixbKgk|I3Hq^M5bhhw}fQb^0&+f9W(|;V7sjTVB+5eKE>8)!4L(j&2Ll
zl^jfXGVP{Fum-=sxiw3ls7GQcU!nnSs#xLx5>cnY`f}VAX5=xO$Q!EcdRx~hygH_-
z==ybVPvfI^REwO4eJ?b2u}aTKpSd(_rCqosT`l$(^GyyxAtAK-T`*p_8U%tK^PJ~0
z5=t^K)+~J`U?FKqDxO6dIrdknprz8PyvYEl5o@vTn36aq8OxBp-H}l-3S|Pr7~Ayt
zZ(<mO#}o#;hpg#VWVJ`r7L1Wh>6WjpM!iSbbaYCt(t(-pir?}1H6IR$6w;nA54YlK
zH2m}x1duB=0+wx{1!5Iogu_)U91cd$v4FV24Uxu8LrGP%d~8qR_`F2f&k93o6cZP_
zR^*xMTjeqwWp2_^%MC!iQf9OUZIFq{sLiv1uua`j<R8EcXXS*zlSBW^2sKVloNOuF
zh5NiImw4^;P18&<_Nyp<eZpfF8iYb+;8!JyClWsZaD`+J$>qsR@FzE~)Pw!dG<3Sm
zF(p4CeSwva6XDk^B8nPRI=zMT!k{*a>S9S{LSpohRl5y7zF2?QZj<NrRsdYuXHah)
zPZHCw5oVXLa@+;gb$0243b`;i)#UPwJN43Zeywr@-tGu`kt{WwlkhGLJVh;Rj{i$(
z?&3oC<(zM3GCC`d(%?j)0|8?;>4N(6$0C8f(3VSu)Vvdf`5zyC0RhZSxiSL8ePZU5
zK1ZmRSn87ENjlmZPX{8r!=Ha$!>eQGIpn^=aR1)S;h9X{BU5teAO|?qiyrY|G#HSQ
zd{;P#A1iCLADD{oq{eCv!Be)Cy9NLz!(GIxSg%<29S@Vy9t~Qe)jul*cG?&p$@-C)
z)0)}yLY3VQjb^TwX4n9+TJvhNj=K~Hj#8FM{9cBM?41<atL2^iX&qCMO&mX_3BF#T
z7SD{lt4_N+Lyn8JxgJ@`&ygZG`2a&wrDcZ0;YY=IkGk;%6Je0N!cgC*NFvvXDDQ)}
z2H&eepMGI=P?mrBPqlP1E<UeX=H`~bcc!38lyW-_agnmL*0#=`xO};X(}`x|%)l}>
zW7W6Z98`GKxK|pPxGOp4BUainc$(`0Nb_<&RG}X=H7-Uz0Dnwj)GWjuf0#yfSL)ZX
zX11p@5p_<(GjIMH{UGF!w1UA3<sP#f@bSV{*#tC`QZl;LcLIjVXw-c=t}9jBv_C$)
zz5|%xax|a({kqimIGrqr8$2}O%oygPksZGqROrHF#rPO>=crMfqV@H2h~uZEVwEPs
zsSpv1F2MZ3$4f|0XVo{tGphIlSeFr#cpg<*aiM0)vNRGM2kt{fI^Re!3P=usl~~_*
zomjK)>=Q`f(|3VuO&}%=QUh>R(fo2r?<&H-m5<@rw#8d#%JG&mlhkq>I)&#{IaJD)
zL+vYJ=C2#TFW&0vDGEoeSJ#8-wCp#Hy9YSqA&HYm4%qsmzrCKWs~Z%etL;A^ssQ~y
zD!dk4Ish#{l}%r(8}_PWf~<`a_6lLowvY-31s%}{%?{uLck_%I&zP}(<4Ogf@VStR
zR1t2wM-U<z!LGc-+11Vt&)Crf@htAwCXa=Q-}S%%b6S>CoRP^Pzgg5?)SDY*fc`G>
z^M{js;}U;Qi0wA4DbQpB%TyJk6{3??oC4RafRB8>vs(kx^~*@*GRCDjM!|D;p{NAm
zAlMXdHvDti9)tjo%z3JqQ`)2An`HojqXwJNF=zW5FgiLq+WT=Y^YC3e_5H`dJOBIp
zZ)L5o``<UL-rrxtH$8vP-yRryUhm)RV-4{9?uMgw^A7dk=b)0~(!Nh#u~Vb(Ag+Dn
zC3&+E_qf;<zrW-AN}EfD?zYz~WRi(^jY7ymmLeA`-tNb^2)X@QISIb6hhJaAvGq5f
zrl|JMlxARQ(v2GrgB=Hg-zO9@d2SNtEgr{dF8u->q{h9ZVDmTCcE7@AWHouek5Vwt
zU_7;8#_weS+nhRQEnM-M)N+yW`vr#L7xnO(2uY1}q~5Hg!<u(HQeurs4l!Fko{qe}
zUvICPy~;e<n|kFJ=F_a+#xcrE1e&LN0!rR$^M%_Ulw}{pfRH*D6DhOk)$3@K^EA6p
zEEXPsEoJh~-PK60zKRZF*Az``BilKGN-hh-ZVeR<aaN|loN(0JvrO)q6_&W)LJx6q
z>&E&5r+9TBiE24Lqn7%y*k?$LVVaL#xd}c3+c&kQV?gpUzd8#~i^67a#;>=Yr%r_Z
z-Mi_63CiF~g%VM!@v^4EXbRV-x2M^f&voyYhEJIXBQ`UMuf0^R{xc_FC+ehhv^B@l
zFAf+^Jw$ImG=l-yM!^Gn1A)))k&T15LBhFyaw*ODx#%LO*)Kan{f{KCJimfL0r&IJ
z<%j0?8zDkxZ=)=S0<FLXv*4lM>*Czjg({(%tHPgik~@w}>c1#~cPfVjMWD%=9}==n
zz3xAzRp_}HGJ0vamW#2}eaq#{BY)c(5&WcRSv=O1id>9(xDn{J`t;=U*oZ#M=#_06
z{7t`+sV1Bt4qvmmys>vgf81yrPE~QaZl~T>PnlLUqmg&@^Osw*>^fU=svJhWxCnkB
zZT0~vuFwp`zB1!{Ro-`v<EnlFyiCJ9zEEQ+s1D&`zT4`FX13H7NNpq}|7SSRrij0A
zL8|UQ9rgp^|6d*UgmI2JzUOY4oWQwr4tQL8BuI5Z7zmTIOpR)m>KqGmc>SJ^4t-mf
zX6%bbdtuP0DC1^us{sop@)ft0n0O3%jji(d+Ky0F)x<36ebk60?U;EP`jzIJ`QRU;
zz%D^XNBM?S&A4txe>a(!rJ+!IAr(?BKaW9P=MJG=&-5dq)$zr5%B<jwI4*s~k?k9(
z4uwvWEfy_&yQbwXIc9dQiF!}JO)k|zynPaU9K^Mp(XTx@5oe<8{SI~sYk?StlzN^3
zi~JK^iG+Bfjn3wQO(Qc7b0z1f1Y|oB{)Bw$L#_b}dGiN#!dnFXv%FQppTGoQ>*Jm3
zMGt-iLiIRj?#eQY3Yrd`mM0M_mMm@dbbOt#WUS?UvIje!60N4Rycf(m(Mc61<N2^B
zw4AX=GRppVDV^4z(J8_&+UCOa#K$V-2Ol-RS8w&Y_tn~+#G-_t?h6h8J&vkplxg~B
z+>BzYpQ35hKAa|Z?Fgp^M2hMf>!N3ldQG!hWvokEOuSKdlIdCg^PNihn-jCSEOPL)
zFp!afYOw*iJ`moV>@?C{Q-6`j(q?H5ml%V}T)5`M8-yH#-Dh}2)zw4D(neI0tU}l4
zI(BYdH&R4&)U>J<x<4qJTfOKgSaKTr91c7N-(1(Q9aSG#p6Ci@QLV~dm2H0ERqos$
zin<XYJ2H!?G;rULAo?OXGjCe%0qGvAHB*tEj+MDX8alaGgSi9ohLJ;QhMLQHCE*jE
zK|SC2%llCT=TqB)WhR0ueVlCmrb|2KQNY?oVYtzg3rdlO;(P_i84bkpChKc2r&Z8M
zhZTLqvUgx>3nt-~*AOypUGjt^7>95=8A7~xyAX)Yx15<Y0hW)n9-iDCKnYe_R%X@1
zB#2F;`DyzZFH|KxJP8h0K>WzBU>W2Z!4cKN_hJ^74#yMOi<U!3LI*BWHggWUMh&^K
zIV;=Fn9hIFu<#y=*iKi+u8JjKjnqDF1?oUD42BMAzaxW2BJGA)qY$Lo9TWJoVC20e
z0|A%zY!3aF9a8Pqc9a_+U3fGUPHkBmOs%>C2{-VPUt66nTG{bg(B5NqLWNCjHT3-A
zDKIVflycZzH7(dU2Q@&K$}Q%Mt0FDbkeqQ%cX{LLuo+L4R2AOmp^sP4DqHd0?Wqu=
zOg4j!VxPYBjaMij)6Gb#*b`f(-7svN=4juJUK+v#SORCa^=1-3%|CvKPkwp&Q6#*+
z72O%Jqz{N;Go!U`&|SHw@seAonXVPfD;lUNFQ{&>kV6fEL*Q{Bb4x7ce?J}T^s427
zX3m{2r_}6R^;+!h?4t<^1KP<a{`M&r;i;3BPtqMG$yz44_?v-Jv-JDif>pi^o{~(g
zT-`kg0(61NIF>wp9{f0X7MjKfN5>j{ST$dKQynY3QoOs@I=-+C4f%Hzvssch%KL~Z
zDK7~A*bXWrKC}zbT!0|dIru+UP<-eB#3Mgm(<GGeRz`UvUQMN$Cc@}k$89flgN^Om
z1y6G^YJLrM3IpratZDU=wltJS@5jHdYppt^(Wjc{vWc?>;L|oNl*IsHx3#kUL_F`Q
zsmC~X9@Fm6%~D2Yhgzz{<8D`ne2g}W(4dZkN4YwsAM!4kUh-rE4aasRT;(Pqq1hQ@
zA0YBr$I>XYHa0?6WsXG4U};w#bjvXP!UjWWaT!i2w9=Nu_&VyQXdInjWw{A=Hqpw?
zQDr>_f2X4L=t9WaV^f%FzDsG{Z;u_||IkSi(`NmW5yfPUf8ss=3q>P$+4xNsQhst#
zx=f0*g09-gHQLRdp^EJjrg!%AF4Ud4qlYMFsaOW0(>hW?r_yL2$et+*DP|p)!-&Po
zq%^U@z{(_q=Ed#fRbqC+O$6^aEuB)o-q4PCl7l=ggH<?K;v3jRct_&X*;0qR>Hxz2
z`O{xc0K{-HNUm3$W9{)Du=}IeEtB8?HxFzXgnJIe9}%6CXfA-x9}%1z87L^Czz>fP
z3>sn+9=lU`v{+m}yPNU~#SkDu+DItY(F>&3;&y-<;VeaCpU@2SqP?(KZ4)*vWCJ}N
zdGHPYnuc{MyTPPl&+k4e0s4+Flpbg)FmP_=pXHdeiGaCV3|!Am-NlU*x!0ipuf<1C
zk~1JBl;Cd!`0|6EI@t+t#bY*V+*Hm0$(2_|lRoQ;Y*LIHCb&s>BP1(DnFmMY`=pH+
zI2j8hSJ?5HA^Gh{-TMm^Y%~_j(KXH3f8TwuYI$oloOfUJnlLWFFWC`MY$3iYNxUts
z(pFaVd@T8@vf-LTR?+C-D_0}idqmY#wcISea2w<C+6qffn+#zk;$(<d^6TWn5vpf_
z+zD<{{Cu1Jk@ls26{L{3Cia=wmV1Zs?>?t1=eVL-5D|mk8cZoQ&rWZj8YomIym~+^
zE824LUl=hh545o4R_zllPX75HtSHg0!TC>?7U)3zmq;;r(Z#Tp8=NT7jr&4d&ry<>
z;=mN1D-k;7sv!7k#`vc}MZHP0X+2D?*JNkgxnC{AC~Gd5&0A*i*gU`s$Ly;})eHVk
z0(s7hK;PZPi9+-UC)#hcjS;Ajmfh969;(M58$ROi#dB`>!X^?m7{rU7<Su*DB+hpW
zj!|seOItRz*wwB_ZK}Gby~$4bNORx8GVZeNit53401ih^bA?0aehUmSRifrxOwL8u
zD%a~mYurO^-7Z*`&P@jn^8pL~5vvkVzIO6S%CHM>YV5<rhl2<hYP;J!?XX2T`y5~|
zAB@1O9*skmRcEq0`|I5Y8;`DSjQuz>|HNm>Q^#W7)3u_wZ5x79rGD*4llExXUBH?{
z=um5sU{jo|21!A=Z6itxYztGBR`*1U#T0gDwREe_`G852q$Yu9!-WxS^Y5z`f^=rf
zmiegnq7*KpiKG@jdwq_WD?l(r$2_-dK#tYXtR2bb1}+C-C2OH0pK*p=$%##v(WO>=
zhjnVEq>2oU2Y2p)@Pc`>glY8S&O)flL?oDHnFK3cUbB3-PBOQwS=ao?irhH5hSpke
z2AewX0yW1<wViD)^&#5!p)7q81=mtLlaW)8Zxgz;^;HBD_cS=%VY_u(LWgJ$cV!3A
z7tR$sTbMqCXaN$Y8Z<lEdFwVrdj_ZFwWzPeQ8#nvp<sVPNG0&sFiggNO-}&6ODL^v
zyfL4=oaNnFG%U_|S$P{{t^O#;rRU9Mhhf8XeURdY7Q*S8kR}u+1n09n=kv&qPQt|<
zK`8G|00HxEP3GPevx9M00Y&H1K9Wua_qU=!lohAyg_pLc2yi#-P5`i76)8Tvj-iy2
z3bD<h+iyj<A=#{H9kck_CupAKI=4EczH>yP*UQ;5kP$-gm9;0FN6FAzurB#F?x806
zlV<zj%<p@)ksCdvu}TOVypRYRqMu4Y@TWA`|6*uyE`LMxe}ZL5Xz{D-yAOy$bu;;<
z_^l>R+m@Cy?I3cwf$H`Wq3uhfO>?F&tufom4HG7)d>ie->aD{KeY>@7qn5jlT;ndV
z!#4JMjyj~x=|3ZUWVW`c_Jfy+%}Ews<R;7Ctv$o>1*J3T+*_-=0hYuo;);^o74=mM
z!7?eKwhijZb?W!_K2b$I*!3IuM$s>J@*dV*s%r!W?+v)Mk-|Rd7|%PRM9RbCF{!IL
zv?e!a_11;<&HDQ)dujgHL}rt4^#kvF%l2DhP+mvE+b7yv8}YI8v_2EK;1#_UY|B0o
z1K8d}@<?hk;wa9TbaX9crtYl|(r(u4AAhRi^c<XcR2x}9mM`g=D%Yz)ZE_miz_2wS
zZiFW{@(E8&!^O*ogJOr&(~Ew!bVU9dn~V-Kw7R(q$?+B=W{+PyxtljwcqtA!*?Zmr
z%rL8T*nt!})1=7+ySQ_d%-D=hng#3Ul}gW<$pAXtw(R4cY^3cEdvuUXBW8es=(H$b
zs=NSo?kZ`#k{+81ilDa6rIbNIS0iM{YH9E?nD6Dd-+p*QxOqfCsR}i4F7IRq5hiR8
z_N8P3S9@zh_m*d81MAFAZNet_gBoFDl>IsfgT80-!1qBNMN*5&G$VU|nlelv>@`N#
z`)zR`B&ae{n_1kB)MiKuzsrw2{E$R9LTOlN()C(f6q2VT&`1Igzt=KEXt6y!Xndhx
zS#gwv;=i(hg0s&;Ib%;7G7jcQ0omOUu7P0O6pCn<<B0Gl;G+;N8apIzPf+E1=&9)h
zK0%VDfl#jpFA1?dsj81<tS+|u9!lcd*suvf{jDLmjTd6L3GO@TD%ZnXsm}aq3fIFM
ziT3<yGS?j8olet(_Fo=%7i16FyYCT`c(siK-5&1AYy@S{V&RJpu6qPp2lE_W&rX%*
zxg4GZJaF4>!(h6PC=T;Ao1FStdabVB9FAR*9KWk`Q$6F|?l*|_&xc=8Za09NoFDBG
zXs&Rh;+9>KBKCV#rmi5_My>W69M*v?*M?5>W^Qp<r+d|zA6sPsaRFe^I36IvkiPzL
zKZ4<jOhJf)5dGu&aRtW=5r|B0D`9Ygcb~$$PUo422c|;tHN<XJMS&fiD5lJ=+gI3a
zt^334ww`a-HXieK?xlyR&QzjX`)jkGF=L$oBdy#rmIr6xPN-A^yaQk8&bkGK_B&<2
zyMYPcGV|UT_}21TTiCvs*RB_C01xLSuHf2sboS8;6l*Ir*>+FAob%|5OZ!<qJ|niA
zl9tqF4{5=o9MZ_2wr@FW9PZ3Lcp}^1*d`f!@O!FGP#Jq38GDb_xGn={2Gqb{uxy7G
zY??rMP7#pdQErgPKSFm*RQ!;`qXQt3f1W_l34;zy@^1w1>iZM~@0gGT@0j3vuMbS-
zU``#I)&1o;3FQnRfWct+80sL|4g{o~q4J!BXrrO>oPDjUKe+b=De-{8VE;@jIR8#7
zp%T#l1VTS2;E<yO4ON2#{|RWo37mey{wF)zArB4FWgtMF6KvKyINL$n-N$otA0DBB
zn2K~`AKuWV9@~H?OMd~%!T#|z0vN&K-?B_kSwT4ivY^(QRhGjU#B$MbJoG$-Be>B+
zfVPZg4r0Ac59N6vsDKBIIQ#*O0E4*pgo1#$&g;WRZ@Yk?a=?OD++%>x>&rfMq;hEe
zp}2<#yY&S2IP|*>0Y5Kuu<+spgwHXLat1_D0S}zd(LYM~A1W|DNA-W7$AUrQ1m_3;
zM;KtxIPhS>@VtLS#tgy!Rf?~F4(A+NDa;(&zr)DF;H}Bw1oIoh*=HVw$U*r^z);~{
z<d+_(jYiyb1hRWdX1zPC`B2SeZM*VrGZBeY^2t(|7<8A&VmgbLB)f%X_|j!y<|l4b
zwp<LIa3f`Ydq#4buW%14%yk}I<?U(rlH^CLkI%^+c4xZA6#pC?3YsBxZu0ohpFWo^
z;$z8t;O;6diMBQXB!fDtOBr7pYEPYsUNo2N&SP(P{eoy`azyq?Sl|yRlfRXwb#sB+
z9Fm-IoR3RjOJvclg*rYd8v#y*QkGdL*uAV%h%GNdm>%gZpm=VsqFTf$iQ>1l`qsKz
zTX*Y~gP+VuP17$YxY-0HMF!JD-$XNJD<}yyiWJ^aI45k8xUII?A$!FQWL4GMEfb_#
z&Xz>D79m=3IL<7z0Gd*>kvb*9@N>H*KN07VvC2lzaIR0b9P~XOyNKuU$WlbIQgzyC
zeb`7u@RBm^MvanC7{>F)?>g~=@MEm62m2i#+c9tSnkc$N<qlN_RjyrO?evT(<`A$A
ze?gp=?qi93@N*pXJ#<`l(OmuX(U;JTzL@4QslRS^UDcX(55u?OH`hX1V8GJO^QwX>
zbj}#&9uj7l_8huyVVB7=u~ylKU20@!E0+(EVfN};2B&y$uUJ&HKUidEEmP0aev*eO
zQ^yr-K8H}OMlMsYe+;mKs8}XYtDHFE^<u3I()j)!uAF?}sNK=e?cqO@ScE2VV;L-Z
zV$E!Ep_>-91wTSoDraefpy85|l#UDr;>|M{+-Buv4pl_LP~MM_E9=*yvdYmq>ZOEZ
z&frf=iPsSsdn1=`Of$3hYbjQG9!jl-2tCS_4dI=NT1i}#(6*U>H<{UO_S`#D%QPAW
zgamy#`S=7RL|3rj2nu0iz&enhMlbrkT=wV(%4go>bM;g2TX#;B+#nr@x+zw=+;us*
zy6sSEkpl<Z+`rK<S(OYB#%_yKIQAe)aB@t+VItalit-puo8Tjd?_P(ab`jy8Z{f#+
zD@jSH5v4*br^}dXsv1hIYlxh~*%uPKJ?6D(${8qINTx)8(r{^f%Y!m@4v_~yQu^Bs
z4PEZV)YOFacBB?y+DFf2($pCj_T&X5KjxJWy2*e>aZ8-wmM^axk3rcx>Pr;3Xt?{}
z?)=nix111eTt}Bcp_GuI#bGVEr1}-XDXkeFryNN-+>Dj9g}=?@D-*RYiC+~TgH3RD
z<@#9uWw0kvyPMt3BUEZ>1*Vovv`Et!b2$o~`sg)~EbI_&XBi(_BBsvz>8XO~B6NhC
z?qQzWrWy8pwgl=LaeXp0aum*!BR&73DNn1oxmo_8J|rIPGN36A+R!(sf;hN<Q0N48
zqr%=Qkg*lKGQn#p{mibh2o!FdJLl2)e+?TzfuoeJ+M*!RO3CDh37S~p;w~oz2Lk+W
zX#H8Ygt@#hS>OIX1Z|3Fl(M8`U(z6*UcY?`Hd(UR`gaz{n$F8_+Nt@vSA;I?KU!up
z3OZ=Z^^J+Iv5`0xY)^a-^}8&KpQ>SA{j*KQ+9!=1EIP^BbDaaJ2qBS=i6+26MBj*1
z18?gRn?_i+qj*lz5$SJb_tN`VK0$b$uP(e!)AJ`f*#R}{^wd+RqEvUQYzAD&m3<bI
zN~Uuk=(bO;fTh)Bg-3F4b5xi5H4xgVhO)r8C35(-A>Uzg^@vW*U{7oOG%2?HOEO~N
zIVo|xd918sD;*8c?#6%!Jsd=#K*K-6hB7~p`!!oo?)Xc-_t)PDG=F0Q{-m8bJmZgc
zfH7u`G+a5P;E&XNR&l4v*-sXf(oL>ylS@%+WYPuR_%8Z3=C8A-4m&6irn0U!z|&Lw
ze0=+O3Fp}wEah=gOEcbOBoTkTR_#_CEyJCM)WETpHf4T!pN=+lWT1$6i+&wJN6DUF
z${zi2+=_Z>mco{}E>LK<%WE>b-4o1vXv_vsM0~travM_aQ>SRs+mQ=b!idsW2O((%
z4oU54pIkRrh_&rE2?1-ODIaBU6se@|#fg@gxd-BeH!*!8n93BxO>2;}hAcFUy=gaL
z#Wpo8{;1IxWM=Ht$`m$ox70_(pe|3tV`Rc*eM<DhdrifM>uvnhy*^A8?lTLReka-j
ziNvPAU8DbPGjtk#4>(v6_L1(G<h@j00)y-vU*>Uj9&90UsDnY~yafeE{0F@lH55s@
zE>6KsIZAft+sf35*=DglZ<XAcxgO7YJbXL(_@D?1ky`372TvxTyP`QA^1NT)yMh?R
zYU0M%F`Ig>j9BY;mRq;69)-UpK1V~qw?C%=_sjXDMZ<wG3}M*K75gDS*t&P`G{c_y
zV}9S=KaCK)UEjN2Nx|c2@L6huzMIpP4qGcv9sLF8+s(e<U+TTeiWd3<(S|4S1baDP
ztMBye`?h_2ft_2I3^>vA`3XjKXFxU?d~-hpNxfQI+fhr|MmM7OJI(RP&aeDd-ZGHf
zF_r0P;dRQ@=M!Szr2{^3G4K{*pGqqq{+7xgtR2u70G|^h0bB=xV&;tV0YNl1Z0s`&
z1Hl{nk;E$r#k^l1dzi}pt2jSgCe-E*qcFIX&ZZGZ$GB;?vpFx&9kgtZ2tW{O1A>94
z>OklZi)e$nc8Tl{OCUHdqS|jsEUE11<SH|H)BM7%Oe|0+jCI8X-&~w#?Tc2XHd?hz
zuVt6)vXD)0oVX|V)VO18BNwh-MqF)*O;ioOAPow#APw0Mj=no$aQ88@^TsqU)6MHl
zVe0eEAGvzf@-EjWQibkE0YP3$j(?fc+)uCf{o;=KgS(qkVi&Q#?I-{B@vhgwrq1m}
z-|+pzX_)sf)|5ra+qu5qaEIx4Sb}U=k2j&n1UMsrPhQ6~EXeF9TMvW7Tci_)5d5$H
zEG*8yLLz~K_CFB)E@-_t|Nd`F`1X9SLoHJ7hyU@3Xq}BvjitOMn_+T`WV=oGQ3ny{
zfoy<?Mm1O%#%$iA8k$fNvvDNh0?BwqQl5qwjr=k3fJ*sG$~(!loKHu;vnaW=Lx6IE
zX<Fh4Wu1eF!g6c5sIyHE7qO}2V$B4)%z?CAW-9WuOqS$!hl;xp>#?846F(vfL4op2
zL`E4;7rM0w!QR>b>?iwEIw~OG^WJ(mfAjsdX+CLguqv?2<|_{nm<0%&#^j1Uyd12r
z&hmH8j-cYm+qI_HYMk35+xUP4+IId1>tA`FAOO!CI~ME_l!*18X>Sd=uieo#U}ez1
zEI9ew&VWQ>g6&@-jFndnPHzT0cshIA)Vt&tn-x<GSrzis@BMgq)6p}QR)Hih$_qwM
zinIEW6t~bt(P6dAUHbb!MpcGPea8O7O(2@lW=y*f7zT*O%wdj^G1q~mfMxuakISOy
z@B=~ii$GL&M-3kyD)eSFS~;dt$-%}JzhyF?L9J_Tg7h!-&O9smhAA|IYx2t2YN^n&
zm8#N712elT>ULir*Ib+)U!Ud6V|H=-^bI<ZZ5f2W>D5`PEg%1XQ>e`;OtScn!b;Qd
z#4ITT-_VjVJ^fv!-(vA54BrEyHdi|<be3dRXE7@F6P&0;lApX8M`>m}v=y8$h$bdf
z(<$`lPhbHK8BQca`OXOP!V6|UxxKuKLpl>sv45$e#<IBh?%%#OhktIpiA!E}e<(x^
zETkpop|aayK3+3ccni0s6Fk6WdA%3p8T_T_!tFXmVN3a#T<<H%>qdH<T#G5xVO<)Z
zMqJ;x(7OxH>*Ttkw-eM@Ry8jo(v6y9^S1u{G2f1NA6Ttge5<|b#vRJ7w@UADW07KM
zCmTtvGB^k<5%)FWVWpiJ)*|;xHZ1m<GnS|9uz)#GTXApP?zHFgQcLJs%B}`efBHpE
zHn|Lx^(?sNJl^TG*RU`A+jCe6;NhHH%f{3hpqb>>z=!kuv0=8p&h#$63D+^WVAeYP
z(R7B`k&f<4NKK(drD_bJ+4<5bgFb~QQne6fn|MuZip=Df-(vO}lZ|b{GP4A~3@;*D
zG&=^*%GAp8^V8k-z;2B<>98A4V?{ld&JgQQjGhgKIeaYZmz9TDp3}CTw9VcxU8$7D
ziZ~4`6N)2Nsij^QiLB{zi`?+V0CyC6Wfit^ecLJ@(x%2!X7<_*Sd$j|!C>tBx}pg6
zs>f0F4cBqy?Zbvnrj}357|&RU4jep&gf0?}FiEPM<%mTWy;S&ZSx1VonD_W()OzXj
zj55Sd<LOeY)9Doie2m4=mJ@I|r<_AAs6;Eqf!sQx@Cr(~@BC1$!~|v&88*2C#TO_w
zQ)%7{;{x-dBhhLN&w`Ng{(zC+4*nLzWc`+mpV?Ew)O`uJi!S*?(L|*qL3@Cy$?H|!
zXN=zlW~})OTx2fG!Y?+Xc^3Q7IEAe-@{;7{a2eVh3jMGyZ_|^fy?$SWK>OM6*qoGQ
zvchqemw3Ae5kAXZZAag6O^T7Ev9q+h^?BWsb(CC+^L$&gn^{?C?HsIxTQRIs+v#jC
zc)9Q{(jq~YPxb-jbS1rWL3g)hKIYQDq@LBXs<VO_v49J|Vr_N9h>F0kN|JS_r?9+h
zwI_;K+Dbg<dAX})snQmP;gT!+9jA3GJ=FH6E^eweN!HQAh_eovol5GFbVnkUdEdb|
z>JIj`-vQFGXi{iS7EbS5ZZ6W2F<wtbPg1SzJPr(0EA~6l$;&);=nUk+QJMTuU4DAY
zAKhokwg~elDiw*R6m4Xp`M$_Jj|Hd?4HFHv3VN2iepIJ3I41lnIy$x)>&8h+`C{4+
zFM9md3|c!E$J|YnB2$hfB~`?8w*JG;ag1rowg&sAJ3m><-8>RIoUW3Gl*<P+L~-%w
zIXmirF0Txl>gzv>fg@9?3*%qbPlfNBg!V40-6!4_xqom3OD~nI22kS1m00**%fxA8
z+4=WNUi03>Qzz```)W8<YBg*Wn{QSL5Mq2RF|V%g7y+}~=~ueV*giV6-STG~gI5dN
z!k;B}63rb9Em<vk+IWZfQ)`a%j-){8;wV(h<^7U&hQe>F&q=$4*x64_VD{pThTVB5
zoGgovQ74VE39+l8&HTS-1k8`rH$c)$XneO&Z&*oVm$Fp&(!XbAT5(WT6;(PPbsaQ+
z#zeV13_aW3WybzVYq5%E+?KbGIV!2IU9Kv3&1=qIlWBMLdX$Z{D^Uo^8=e}Q-^i|k
zC}xi9B;yh1qPK``%y(Vnd(je_a{He>tP%?2F4Cw{SVfHieiK?+G-&-rXB<8|2kWm=
zWPTiICmPikl-UoNnCIY@-0GWVA#<kR?vCsMPJzw!W{PJo7#YUZO6ApRRXMcYReAtt
z1QLWNw1fh#`Dpgy#o_^#+FdKZ6;XF39ySf6p)I}Gvh=9!xihQhCu+&%NE$VmO0Lm_
zDemg~tXmwV0p4`Le4J|5#esP&?qEOqOyW~aY!pMf(eP||V)TB}Z6=dvD^ZpTUw37(
zl1!diI;~oon(|!IqvJwwa>n-#^`{nsz-ZG*A*nP&ORbqn1MAazoMD*7c!ixxcG3dy
zFe6HS43Ckjl5^q?RgSa26`IyX#yMbEE5|CAvS={&5<{yR-#c;%X9jwpxB+w;QfIok
z#C)8_#k`fGwqu(w5>FclZD-yPG0PG8Mn`w<;xJ*ZCJ#%>(=?(l*|SuR<Tkprq+`;#
zd+~BVt!2A$K`-~jK$TX7@x}B`;9L<B_M||QxYt;^o2&oz`209sY2G~+Q>=U-Y^g+H
zBE>$=!>RaTE5t=B3p@U%`e8P``Yxi`_A@o++*&eB?#5ENm8?WeOKNiOG3Qc@ODT{k
z{m{5%#A}3xZDW>yk#vu&8kMxCZj&~b3!?wFOTSB+oQR~q7~o~H5vPfX+AARBB0B;c
zH;)nE!zpPwl8rZQi^a*Fr1V%AVivDmYL(j1Y|}5IfR#<kO0P<}LUv>x<ed&jK547f
zt=b9s*FwkAJRGku^{HbStAAi?3pGl|(e!A7Y8dqouKCm0tF;8oq_b`jsg1&D*^Ze+
z?tKN71ruQZomxBkR&q)z<*B`fFB=DxccX^^J|(42<hz3Z5VCNlRrrWciiW(x>bh`r
ziEsvJh6G&RyqN6O@8a?Ex;lpJF5}ZB2?jjg6zMbUpF(y^ezb`~a{za-K6OdL0go!1
zgX9D4LX78f3@D=r@05l8<OOX)j3a;k$ix|=3=!+=%t{}YEjimWD_c!^jLo>$wexOH
z3r3A-3?Fz+p-{Fs)hb51WA)cG-3T_xICrLg1q2Tlk)qXS3T-mHkJfw@P)3H&Pv*|d
z>UVeZf1mtaK9+CrdcwF*gR5ck-ek$b&|u_J>gXIxalO`l87b;nkgfi#h=KX_qm4?J
za>4)d1^dUsje^yH-EcVmN6NrZ&`PO?TR1w>h~ZNsu_iASX|f`%KCfi<Etj>&ZVvCA
zOLioe$L`R!P8;)E5yNnaH3uPd(0Xe*0DiN=z9cPpdAEty(i}f2tMy%{p^I!07#NKs
zWm?JgP4h4xbuOZ=7ELFI_=MDb8^0=GL%{@zc*TG0Adr9>?)ftGkROCW$_&H#ESpTn
z=eRQ&=aY>Vk=)Is4z*wRseo_6Ez0r4=*r&xy4m0F=ksx1>&MIa`XM()V9;IL-gQUQ
z8V3x1aO_tuSQCMk{|vM^rajY$kJD5)<~0}2F<APh)AIC132wdf*6>{59%6dL2wOXl
z+~Bz2T`-k*O6<scxMHk>x73P|tviTSp>`F=O$a`fX5q34dCH;7LBiga3pbTkk+{TE
z$<uc}tX-V3!L^Ocx#)YkmUk837?`>w2n7r#m-JV@_Io5w4!@o3@K*Hrm}=CrM+&<I
z$jdlkgHKq<H$P=}=r@D%vGw9n{=#sYx?1EK$1x!2@Jn!#clrez9c+p>J7)A5pg8pO
z0O=YvCij<L2dW*rDWc$)%;>t5#`!+CsQV`qEvkA9))SOUjGg9<k1bJJG%893D%bQd
zcI2=y4!SWTx3V;rYF(afc+%Y$!yYoxB0vL87)~mbcF(p4ZT>Y+#M1fAuPUKfie|FD
z>6F3Y{hQG1djN0L_A+MB0HU~vAc4u9{7siesh9xk57}mwCaO$Q_G!`;nu&Q`CubG}
z1sHt!bmdFuH{3P|WFrrl;aD-__<?G+=2kj^F2Lu_mE%KG2BM;t&zZ-4@WIFLuOghF
zo`CnW<w`({ykFX&-{1Yqs78fr!rbia>>S_kR1O25HqTE|fse;-3l5IgT7}Zx##I3`
zR4$$mW8MJ0HP5VgIKISb_)-F;S*=lgN+AE~ad#(x`vhp;D6w{~QbV$uZ!jwtESM@{
zc}WwjjT6sx(0!&2zq@KbdH{3h#!B#a5(g=E7!7js^SAMexzmDJhFsR|5AoiFeXwYp
z6sS*s`K8r_r3O3N3W+ZALxNL1^L&%Ei4Pa<wI4e@nZc{pqq|}Z6_E}B@MzFHqf&#4
z;!qyVM3?L*@Q;p|KN^HkiY*J<HK)f7rf)plwJ2G!Oc&KNR#6@!Q#a?P6`P|Ki%t8>
z!F2l=G1N8?2t8}hra9+3j38)n_5ylYSUcNwLE!J2+r&1KlIS~XwH~Kl?Vl|KQa)B}
zL@t`3yV@MQJdc;4q3TUGgT4jk>@WCGr1H&fPHt@KKLOu@{0S!9o$=4s^5&~o5$Kd~
z5d_>Z+l8gMm4KEblq!^Uu<^*59AwB@A%v3*m^u<>?hN!%HjtU9FV)!~?PMqkkvw$%
zY%X1-Gf;^c<R(9+8AFbt!{Zw7BN0Ck>LjGm7!v@CsWCJc8Ea;TUT0r$so*bf4Pic*
zM>B_IM;b!Oh7;PxSd7kJ$rw1$BeFKePUJ%!Cd>ls$PvV7Uawkl6w?tEWW#Ck;_4XI
zBb_>T0C9aG^v{uky@{V)4qMhKTOV_Ul`R!Dro&N6g_3^FM8qHgw+p!XnThV8Yts<u
zE1Z<}>-5$$<Hz^aOBz&9F^#9ly3R(l&UE8&lI;)?pn}})*M-h3t;G9E9ew84ZMf+6
zgk9~vP)YC_Lw>tnFf=`;!!2d^u@fPaF6+bdZ9Y;<>Xt2zM&3%@fp7~y)nxMfz&C7_
zb^%NIOW?~yr{a~x3#;Pu6Y}gXPRII8n|XO^!_osB0Cn8qij56nHdb6840zr60;4vF
zpXN|nDoW~A#4;1Kl|4`BBGVZNST3ABE!IGHQ2GU6z8EneJaqx}C(d)}^-!N$e7_oW
zh2W<hJ&o2D)dK7^ZKjU$PMomaIqWl|&CRRmmifiUch;K^GmC+`g5T;VxL^48WP1V9
z$5^CPgpa<TX~-#hnb`uU^Q#mm67}LaI;|54o=H<8;~gJXn$37zBphcXyC~`8`A7&{
z`$Y?+ogr;KM0`zq$ju;sIzPLzm6PZF<B`p5U*fL;N<~H-twcDE2eiD`l2F-@Do$$R
zncqK`oO^L%mzoBq{bNkHD5X)i6$!;*{X*i-OT<Rf#XcX87RR}aIygz)m9s3;X1Lz`
zVP^i0wlt6j9&1Y$&jM6z1O5ng5I~O?Zj9{5trE7kgs0I}I7#L7%M0g-myuxf{!&<t
zR`-mVaUdSPB&>>Wcix2kaEm1+F+zgf6t(t{?%MKU7C~p<x~_B)y4`X7d>;&}tWDc7
zq76+D!SUCg%qX^D4?AM~&6VcvMT=1a*3#PXv!g79&)kU}Q1(lTq4uYq-1ZoRo~jPv
zYDF4_!qjO_5!0KSp!TYPNTlm=BiFB+peb84Zxe2lk*!+m&0$~YXuS*G-K=#MMEBh~
z+&?A7UV9?Vts0Jx{C0Xc<5YN>C8W?Ss>H0id;U|HV~^c(4<iXuUsBAbelRL8I#(!3
zT^72RzB+;)Vd!0X7~fE|QaUn5M)(fx=&JQNZNjLin_oax<YOcDz?23TYB3@#kXT~-
zu=umTNk<SL!Swvof|qxmnKxu)mZjR?^M7*`?&;*)8$l`(A;z}COsrtmk&;MI)6wu|
zvm%j<7+F$D7*9XJ^HyBaR!rko1TXat8&7!V+zLA*rV^W<|7P097qQ&8R|ZC^?Oc1>
zdEVxJ-w}R46FOg(6pBK$cX@c-wO-ul3p=RJRPbZ#K-`|tUC*`p4p<vK8)(FXCGYCO
zXT`g}$E%y^5PArlGABnHgQKMdRbWR^C{lVQTJ5a4rl&CM|6%zu1(wYi8pa6Ep*0xF
ztp98<tP|boa+Ew%s~3)R>Ogjjxp`~S`<l}ZY`>?4XElEy(nMRE_xtjCHk&ljf9sr%
zy;cOsV?8y~*-=z*>)kJNz1`l!Ql}+*d|Zn_1<B8#s4~8etcUfqtgsbE?9^$0><vTE
z+g)3z1TIHf_3U9Ngy5mdO3nZ5vw(|O<KjhMpvV*42bZI1LBi=s>8ih9Pq>GjDy;5n
z5(2@bwz8*ykD2dn>v6xIX|EDj>y>3IFzF09PX%-Sz)Ga>zRIq9om9$Lv+Nz>%Y4$@
zuCu0ps7%k&-G?Kcf$~a}zvXvXrKi?8Nm$U+^R!NY?*@e-%e1VZUzxe4OjB0qpPgGN
zs|6FV2DsUY&#?cjc;Ibn$3aDV1zm)|wFhIMDtcCFILr-Sv@O$S8M_?dcdCxNO{P<j
z?>J+^^I4t?jL%@x9kIuU7N<MTCW31@5N`j)<l}S!g@{_?4O{d|?6E6DWN5+zyPoaA
zgLH~Eg0Ko#MY(c%$J5_W^0db)Y8k2`DzEc{k3mbUH5^&j=|@Vmcs5_d<TxGWUra37
z6&sg`{>?s%dfzm!XJFy^#=L~<qY}Q4ss!QkzwoN5@XtB0a09UYZy0g~EaZMK^A%Gs
zF8o7dBSE+<$n#zn%U|(t)_JQRljQ-h@Ezf!Ea4BQ#BB1s>jOzkO<&&(+yz>~r2Y_6
z0^9^a3}T*4>)wHG)oJMi8-h6e@SxKD^j`)WdA@4$uilw4Ld}<X*q<ZVPT2YrReqd_
zz6>AJtj7YOIDQ2%0xIW|th-?)Z&_X(zdClACQHdfY#MzG6BLxEnbu#X@6K@KGB4ca
z?zoJVr&M$8LuZ>X<=dX_r?9nb);q=ossJS`4UswZJ8zzY5W7u)M!jS%>Ax!<o5`uf
z0XW0tMs+5*BweO)J@NOE$?Oe|a`ySC+B)dbLO%4RekI{wn_Dk)r*3`(I^}}1udTC*
zjTxxs>T=n$BE6n|Pt1Gys+^b;!_`%WkW~Dp42L2=m++Ws?N^yWRd<CO1NBYhO)2rn
zIo{%K(P715K-;54DX0V8kP|76BC7R!bxbf45BC*tDjf9YYajtrz|}rg{TeODhn@FY
zc?=VMQBB8gJFEv`yPOQU&~JOC@!>@TwG1|Kt2$n5b!-~ls*}unI-dZ;_Sw2PHDnLO
zX9U2WeI-JPM&=7Md-^^?(#mD4EJGS;FU7A_I>_|>L~lGl(`&7nc^S$NqQ;{%?{5>}
z%Opy>llPzXmt*kULl-~NDtGOaw%l4K6(<jP!o$zcs73Fnm#OLBM7akhuV_fuGFcXg
z>3br)N#D2g%wXnk@XnthXx<_1z5{rK`$nHZ>nho#2fwuLO0;e%v~DOqen^3$O1nkn
ziB-Fyfh*kqjM@&Wa{cYwTh1@=cuF3|x4ipOnYi1wm$7(`Q3-tJzIxn{B5yt25$<mK
zgQ&mwS`EAmS*bpaj(rw}(13YnZf&3(pQ7<WP9)}PbBc~TEswfu?jm(6PbVtXZF}N`
z3qG4UK;A8KlgZ@B6>tvr)pGuU&6&g<jWL4im4-8ds@0;liym~6?#(mx!0_wX8Te=S
zQ#ENQ)cR7^H|b=y^QTtqMi2Heej|0%OjxSp@V??m&N!@b=;Fdf<k^Ks!r*<bX4klb
z>=#@lhd?e7a`2A#@?4<a_64SsL?PIROKSWsFt8q6eJBf-5ELRnaI&SMrOfX+aP=nz
z7(oOfG@-;&5D7&0g=lI=yoZP=^#<;)&^9Wv8ai6WoIY9N0WAx8XkqE4_zyGEOK3&?
ziITl2E18w1``?Gu?NVnCuWwxKX1LR-9w8daRfc`&0weq@RX<&#B9-P>&U`aItY|k!
zo}8}{iuAfQ^|Q@WTqErIW(@PDp5AAUZ=wf90(;t$Drv_04LI&oQZ0O3WuS}U3q^@n
zdrl#QBhw9OVGBZjCA3lA0f2~T<fgj{<NXcSVsSf8Ra6%0YqkX{#1Y_BDzt4oCDA~u
zZ7byo9!Ilk0bLYnOxZ;c3)A#y64^PiWaBM=`q!Urnx^Arb^vj8)y8pUxEUXBfWxsh
zYO8R48Au#l%p|(&Yv{N-p{&FJ>=wS@z}%l3r1fhM*<783pn*4m?t-MQW#g8`dDOo@
zj+Qiv!A18fTUY%)P7ZqY{aAXA^%srtPr@*QK^1=J*O#<LD=xr(y{x<s%JWT!e^B#`
z+9}@$k~Ag4_VxiVt%)##rk=b|Q}9x$9bj9jW`pRU_C_^s^bNqM8tsTqaF}3jdAxu4
zcNdD<a&>XFBkOp>{6W<yI*?{*OR7GeYd^~2%^duW>0GtYVizBJL`mP~?x=(cQS2!T
zj6jwJQ#MJu254>I_)kLHlz2GPZYxf!cM$<rs<6w;8CFb1T8rZ37FSS|rlX^+xG4=L
zLT$FVI3y;+0jq=8bJzZ1-{Z+v>7MU@*9ir_|AgcHr4lpbErZ`W{h^)J@q74*4T^ez
z4jrqKW-IY9C3#Eur(P=sx)+eMTSe!xK3?b-k5jr+*m}0bjdiW_nzn;$7%L~`>{#x&
z#J#zq@fQn2^N|Rc(-R-vIj@oLmz8|`?<igU0I`rlLD@BlX<X8+wck9F?T8QgV2nhe
z9=Z%@aBD#jrVK`bWDIpEwY@3Qz0F~TxgR|rD<cjG;KMuXECYcH+anr9N&XIkRqGj)
zy7ghZx|Y4>_QwpVhmAdjRg^I##hrygOMqs&Q;+V<*kpVi=3X+Y*sU+jqf6Vky2B|L
z>IAiW%oYckAi=)j6(K9s$)w*-=i*jcW1{6~Ud=s{8)xr`{4#(My~CA8xTmYiN@o%H
z3QpZ#*$-u5rPuMWRE-GOGp)i|>iN}9!V$)^Fb%2odOVyn0ER$$zsQQFt-329M9OM+
zy1~&Ul8HHo%NoPnPwjg!l39H5sl}LZ3a>!zLH7HUWU68=Y1yRaBk>Ms$FoA!Lysp?
zhR<*rfrEuVZIAyAS3|A24;DtfJcf!19nZY3{(WWgKQ~*Rf3xn)W7{6F=XdG04#H)2
z?Im>IQBr$WW7{4jKdvG;By`^udH!EwpS|?4>Xo0v-~Ipm_Sj-7pLElY7hhHug}Qg=
z#EJIoz$Ja~1I?gkTp<Q*%#9PShwM%!Mrxq!O9Q|agtK}HLsEPvos%^_qc5w#sxKm0
z*eF*S#(&y*JO!e=ddaifkY?HnhtIV1`QKyg@__~U{kdsp0IWCHRMPL9>6M9`ytZ#f
zl5bV>$V=3C@t3zM_qHA!%m&ZFaY+8Hw__N^xjY1UyX4Wf^I#gGxLrEUKhvL(+qPOU
z!Q@n-5_d>;1|f`fr!CUFPfj+;H5O}6C!C}!8+k^q(@|0)c&UHd{$kw!4UK$;_YJ~u
zugBvqf72%FU;67>Uu57E+JJfCXZQ~^v#dP0T{xk@xe9%WVIu6l%IZ9Te%o<R8I4v^
z6zDSq@r&Nyl(RmwMXQdowJcpw)O5-CK1X`&SB>iWjT&2Y#<+a~{H`y<3Y530;PpM_
zp98^mEoN#proU}5OI}<C)G}`#rXJj{dBnMSeUa=AymIzS4?*`%!8&KQe`z$ZdgE1S
zn_);jT*PQk7M~p;lo6@AbC7lycQI!YS0;8EsaS4`wMbFSKBeuuWhF)M9E)egPS2bl
zs~)ihH0=WT2{t5tmW>q%)-u0%hho@8BG?5&)Rbs9igyuxJHHQ_=bD)tWaapN+dP*N
z3h;ayA%5S5H8RfdxBGd!xw(11e;Vv~Kkc7C{rP*j_)@UFwb#p^?K`XgohEg3c^S1U
z(fI^ot@T~<1*uN!|2vJPE1ytEr2w!F8)N9vHit$zsP_z__9j+io#0hR_k7Z(;79tg
zbb$ThR<V3`)2V{b0X5z47eq_Kp$pg^4@d16L**#G0^&Z~2!%r}Yc8#8&|j%0webz&
z+}S|b^_0_6MZ%k#p5(>n9ZY{h7m&fBSFVo+)-Sl-uX?FE(_veZySTGJ)M`rUaLM7Z
zsz51_JMs1<L?!IrHx#R3R{=rqPV!kh^L3E*tNpp97cSWuJg`4Ku4NA-`x;he!k>-`
zItq0#A~-&j*$o4>iDgX>qk;KL+Zwr}81wn#=O(T}%=>Z*`-J4@;v4-WQ|CcS`aEid
zy>3mJ{=lLPj*mkL6Ru$448qg}*{U~a9R{s@gQ4M7Vr}5x6<x#i$C~GGbVWgaCATbf
z49m5OYKyY2H3B!+;V~Ygq5b|a2}>{(4bX1huvPa~Fb`?ZFlxSLyRDr-JNIr5?}P-#
z)KKo=UYK<oD&OC_>DQj7g>lGrD3IyGh|!edV~iFLWD--oWslk|wAPxNT71R*?uL*x
zS)~=<V^n&-uxqHWH`2)lADkuHcUoBsJ^-tI2Oh>P5`)=bWyywwPx7@VN2o?Kr=OGy
z&KFPsPUS3Xdp}>2(>^;#=tMD4RU3RVuq+}|IW>Rq@|JCWJT_s9VuInwmVM6;W!P!{
zSnj(I-S3WX<v%w(fubweQJ4=x*J_};Kf}XWD51e&hFKY49MlwJ-1+&XH{18-HeX*-
zb{8UH@D)2iB@`qt^M6ILs&Q<`%$POPb;A8E&%}L2`zRwcr3t#YsMv4qGNygj#%KbC
zA=y=PVG{nKUL2pyoSK1>aS+(yJQ}EHDc0V%MBYqVHFs)#)SAI=29fp6E{)ap|6|vm
zdWB(tZBcXDwr$(CZQHhuciOgX+qP}nR;SnMKFQ9x+V@{lH&v;OKQNv>p~=ZGmqE9-
zpT>e-p<mhhuD%R<%Esz*Dp<BQvzi?y^BieU8zrS*5#k_ZD4Aa8@^J7!P)|QF?<}gr
zi?Nu*yu5(~e^1AkwyVG1->s1<_B8tm?TQTQmWz^@!7X=VrUc7fMus#iI5+D4^C+d=
zigIdT&InBev<VZ1`AngS;gF!Va94Q!kf;ipywsTLh9S6bgmj{!BA*szj`<O(flc}^
zd~H@006Z4EmaDq5njsE(8u4w-Sr;EpBffSW*3N9SGGE2i>gyT#NmG}&{PeU~pZx$5
z^}Aa7zrAF7<St5h^Z4mF76xwT#qQp=4(M3suX_SZ|E6PL=e@SVyn&h`LAFK{XQvd<
z!OK2OsC8K4Q`Z8{a+<*Ign(&*$v{1_!gx<w%M!76nOM_7J@>a0CQqKd?Hqd(>PN+n
zUsxq3!j=@AnKc4wWn$<cwesQZ4u?oQd$oVzPBeMc>;>w#RT0pM=+?rTuub2ybf&%A
z3|eHqmaHq*%L8mGJM~C^2B<uDU?8M>t`EYO@0@Y?|9JnQgYy?ISQEP|#X3CK?<77y
zEj{Lxx89X3>wo%SZE&B}Q6${98w$!43V4IH;yRZfF0GY3-XlVoRgT7O&9Mbm9IZAV
z3i+;#vv~pEKx*jg_A-49OXTMxK<?NOI?w7wPAA)=f}YsVKyGj%<I2T$7ibGnlRBFy
zU7hZzj#U4e`{_ya%&L9=Yw^EX;(?z}$K?o%k}PI@SGfv9tu`r?m<;ff9u6J2*gB~X
z5MEcaFJS;@_BPh#Dz2da#mA9yNYsuYPd!fvkVU;6Pz$6rgS<qkUDe+Nt(t~;taJ)p
z(L`FGW_KBZSn&(Dl1x{yHAbguX566j^ZuZcdc@>p_2mif0ex9-5&4>~t!;BTPSOND
zs7Kf!IN~H1LRvw)st@R9hS{vIL|L~w+cwRup_tIMo(pM8;d<>Vew$r2Y(Hs>WKBvx
zX#+P)Es!vO^~n3$H``&5m99J@2gR(Wf95yrNUA)C$cmwLPd3Y(iLGA@!OAsi>f@nS
zy~d{7jKj!gnt^fp!O|lQ%_7v$6e&!d%}jtC?YO>4c|vqVdxsWH$CSRm2#Zv*d*!kO
zF<g~S<h^4o%&u`q0l=GsP-)OkmH6t&qTKE_^g2kzl8BF_(=cUBfQXgLf*`Zqpgd>P
zl#Lqnr>72kps-U28?LjGx!+G_#AI#YCsQc&mo>IRcE8(ApEljWN8V2F%VjjhtU#fL
z>Zqv0vQ(LobPw=tan3i~{TH!syr1JM)C?IkUoKX9Nwn}QUn&EfZScnAsDJ*k4Ws%c
z++CG%?VKh$I>P~OlGm7zdW<ViPqv{uzmwLr&-0u;u;+wu2|{WHRSIp+fYN9Zc!lEF
zhtDuR#gkTieh4*Vd)l398rPZ1##t_l6Hg*(2$T+x<}Lg3naxr?_)pZE$X=n0J8;H^
zKePDCttpEIJo-)vE1<ew1Z^DE^D!ptO9aYtDPVNV9bagl8&z8*hS1{_{peBNLB#JU
zKjJYgYH{=<^eGXiqRu-|=p@?*{Nf6j>>=oz;9njO)0D<zPEPh_g=A!V(q2*YC5%f`
zyC|FFva8cuzYnzmcBbE4G}Nv?og`cOR32-d(V%FOtE?uQC%)=Q-FszH5wx=n3pzDw
zB{j=I9DL2I@Mq*!N-xt?uS{M$*dWJkJ0D{yGs({2+k%V#D|7=>;WA<E(2CeXS`22`
zX>(`o(Z$4sp4Sfh8v4(g;8uep9gH7&^R`2YQa$w2?Ya@|2`pz!>SzXKuaf+YSzZQW
zF|x6<qNf6~MW@i$JkGhvfjA&^AS=n@w$T;ka~a^3Sb7QHx@=RQ%EkKTu~SbA)TLbR
z&T&8Z8I0-H5GlH-V3mQDmeWFA*PFxy0`Vk(xyT!X73W)ElUEY5#D=kCUI<uXR3#I$
zIN*BLswt4Zv%2RndA&$+O+tN80*NKj9@kCc0=GnSYHj00m_JKTwva2h8&z?7=+f4Y
z4;y*fV0hT@294mBxx{#2ZSz5h;SWwazE*`xulba8jLK$nMi+yr16jd>=c6O=QIqe&
zHt}sDE{hoXSeyE{-8_LU-UW7vGfG150+(s}YypP}kWT<;JWnlZJd7rgKO3;{V*&z4
zHsmF2!Klw(gFERIFUaFLflaP>o)iJXRY<dxYP`e3>K_Gizn}G=z`S!Gxh_*aoqiIR
zJ8s-~Uu|pjnEoGqJv=;<E9PS@kER*1l2`<q%Dc;q7FSXf=)E>T^+JcGF#Bnv;;`I9
zPz?tFuDIkE_7MpLEQh#dymjM26)RL$h|nnMVRl|h@lg{1xdz*DEE~4-(Si}|t~!;(
z2Ajf@AhVX8xs<YPh*Q{t)X^7iKJ7@u<m``^aIC6Ztg2fgvsZN^^XqcM<ZQ#_?630}
z6}KR_+D4#TbtCg~tg73nw?}oOb9H0W+W-C=-DsGeX_$_+8mHtKr{p}C|9@{H{!J4_
zajI^wTmKuQ$E~&z(Y%-I;r#zg`F{^sZp2}x6kp~M9l7d1&_8#?I+F#uv;<xw3?d&_
z`09C6z^xZTMqjuMiP1GYfE!{HTM4@3MC<gRVXUBTzqgV-%A?G_DMO^3J&Z8K&u6*l
zE--O2PYQ;iSyx3#RQZhnWX0+VglS5B9pG)7fpmgKv(*Bzh(jY)MxmC{5wC33Z&ZLs
zjsaYy<zLZ@umxB-mm#*~BXS5@EX=@myG^O5P5*2PFap<Z;-6taq>|v2+#~u1(x#y#
zBlfy;&f?D9Wv{4ljx4Aq#Y_}bbHp#6R|Myafj8e*V?*)k>v&PfM2{NOh*JD>u7Er;
zQgt<MrLz#Lv2TNeo$jH<xFfmy!ol7Bq671w>j+$dIsDd#BGrWyeuy((5O;F#jZBPY
zl>tQ@Qb=skdhMn*&4FkQfiLn!|NC8V`gY<yhLZD0T~V4F<4J0at*()P8>N>?LsJuD
zUQR_`P50oRhsRCbp%%0H{`fNL#zCEHv4h-aM!n-0;$1{m_YewVl?9h33l8l>Qg9D6
zfZSO|UntS1V5RE7U+tE`7~(;eYXH}!$e>HP$dG&1UJ_~mB~8Guy}X|b{s|*%yEVl~
zF^grTrAc|Ck>SZ|#Coi8{2giB7~FtG{0B&n-;bF>dM+N?jhiKd9kUdj8E`B99d6D0
zezci6)H^58gqH3hAA4YK8eBq+sm_{ttM8JH4F=;Hqc2CU;4@0LqS$A+w+0QaHBrlk
z^HnVik97`er_bxO=1R2Y_78%-1nL*LZab`v=Py0Qp_R3o_K1?nyH3@Kl$TAe^2hlQ
zqv?hokwTw#ev8)x_sepE>1TA+{QIsWnRPn@=9)bIuQ&cfM#4rye;+Up71vl8NRP@6
z2KMI4=+qRJMk`2Y{^o|eo;ufEv{^JtexG-HV)j^P(He~wo-qi>x{92BQWv8R?2zJX
z^0KbCA1CT6w;{a-?Obi2+PAQ#Mim`Fv|>@xC~T!od{>q^X?32PepT8byw`kuY^^n&
zY6SYddG2dFl|EoBvp(VL$AL;MqJwo+K8D&`QuZ6xZ+4(2@{@cbU662m;$23w*!>W^
zd>>=D@)C9-M9LyD$r-GX6vLCf0VrX^=3xfzq@AJgB;}Y!?V@pEMTRjzDTPD8faC&C
z^G~VNS5l7VbTd~0iK(Fj^QL{u@XszgnIC4`-$Qs-K2*)iA$-&G{^2AT^L4ip|Do5A
z=dEQ6i1i<xT_9@LIon;RCa_cnPESXt_^0S#TN7FJiB2GH<6U1?m<rZG{BO9^yWs$9
z>EIMyAOH!;z*tW9gxX5^Mm0b}cNb|3Vr|9Q1)=>JR(m(DA2p~`Yf7^6*DBi}!c^!-
zpWp8d`T?y1cJAtz8uJ<tJGe#qv?+I?z1{s$Sfv-Iv}@#FlVpL_luN1UFUo%+VwEsP
z@^fKK7UnSQxa(D$Bf#?fc+T6?I|uOXc1HcLKY(Hga32%MPLcAt2KA~y5P2QjZtr#c
zs}Ui3+yhRmterek3=JI;k&HiImOga9Q8gE|!43?13uKtmC8Qmr4GE%EkjQP_2}VO9
zWB|dsDm2ydUtddibi2WE9H?)h1vPHpHBO;zgNh*dQy}T_38Zeu3|GKB3o#SVMoU)Z
zB`NvSd}yjw?>B_+!m%(X_RIPTA&rbNb?@i3cyz`7g|9<|;FG0s?!MzDeuX~6lIJ)r
zlT4#;u}UH=Nz#Wc<PHMEzX!{w>z}c;S}r}K>XE+7)rifXt(fD+9pUG0@=5l4{=m)-
ziVb4MrXyfNv=lfdd63jfh?w=)Ia#XpL6oA{6fJ#5L9Aj2^d`n^0Ux<o9&Q0N`nN8V
zoUxhO<ktp<5YDE3UfwYpe+ih_I)x=RP_I~0K;6|^C7MrSslY}e_OHD-J`-lMYCm*c
z-y6V1)R?p^eJ`afB%mp5pD#W%n**ILSZeCs`NCfh+9L#XfHIm-E7|3lM37XUJ5Kmb
zuPc2X@aF)kU)5N*;hcgt^J6H;7|}jnijI|GE)lw_GC3i0NqUs?J!#^u<vkMQ`QodM
zRJy1}&0#d@y~Z-}Q`GGQ(`AHC#_JTVrMSq4hyIA-L8Y$xxjRJy0T@&<!dGcZ^*-v2
z9`|dvmT|Ae(4JEUI;I;UR#BwS^U+bXt~vJ$jWE8}?RS;TX8}gQr&{Sd;s=ursCkHd
zAn={!W4US)zV}-nq)P{8(%G%j<LX1fDkS@Qw~1{4ng3|YjqcAm7hEiY00+BDi{rCG
zSzD_(JHQIH$q#lK#Q>3HHxknux(H}w0Z0wlWa>1l#<|Cv2(g`rk8_CJPX)Lp8~p=e
zbQ#5vTSS+tWf(4i0wsH_s;s8Rm>GIpwN+bLYWOqBS<cTUI5`i3t}xxKR_mn}6Iq4n
zD4CbYyXIb)!1TZw2P2TCYQvbKrFegEzwf4>-PyFH)}jHdFjHle^<WuL$u<KwS(zVA
z_>bMi>Orpi;q5nW`k`jW|3?^Tj9lqayU#?1!D51avF?S)Hc3$1@4zqP{sRQ%ian?@
z+<?Q7mW|SbiOn#S0NJv&7QlH9!PiJC00rRuSJRGJs(60w1yAo@rNOM-(rx0F;$QY%
zkv*U<V}7k+rZjzSGp>>CJ|pC{?B0*M*VW<Vy=394K$HeOEM{nxE*PfA2n#7teFZUO
zL))|1xWhmQEu!?9(L1M#-9&bizYR3sdXt=+JvipDqCI<?t7U3wW>SL*C&L?>!1J@y
zj$*VK?q0VmXepG%QK@RPq1GCIl|7&7AFlI&lX#e$l$xf$y)==dK;iA4*fDnvTYeIT
zj$A7~1l&WG!Ie**)>Ecy!b&S0LiOf%Z3GY2c8^q8OOl+HN}%%Qq#9_`V}jK$>v7(Y
z*qIS`;FG=UIgdUhtcV8Rs6J(5`Ni3Rp#4k(U(++g6G~zB?`gm~F7h{CQLF}IB%}$B
zl0{&_?u7bdUqs~=%DHW_f6Q%lnv+QiC_|3D@p!5RGs-2cdx>nSVRFgP(g$N=6@q96
zPQRbaIgDrQd;K3XeF?_lMq4&kk9Zb*orfS>wPs*bgGNzXp9QvrW~=h}rdc-bAu&Jf
z&K>{E1UHCv7wr~y>_K`ad-W#L#$^JJEW@;rQ9?iW+48o+uJ~LzTKqBtd=xDusmW4;
za2Upr2jUl+$yQ4S-)5N2c`6N-m_5WwJj^zl%!2hs&{8P64S-CNd!UX7fidi6X<fGs
zb#~To`ftZJk}S7P=Br(;7Mzxo(i)(xny1v-glLl$dq8aic<+>m<(t&rvI`QUd7sY{
zRfuo+z9#s7UeevIrH^c;uKP`GnzT?)g?qA1+H9?%lv*2|X!M<~`a`c>OOMfE1}1@~
zP(!H^D4Wkl=ECpq8$(c7imhRjMOV+Gw>iWxwLvnS%CRD7&CYtTC9xGX%g=kzJ!e)D
zc^|x=7t)>Wj>HmaR8i=Hs!mgw+OedBshnPxeQ?$o?KZ^%fL6zO>dp2)-)2hcDuO*w
zj-z9thBzHd0Bp#LaG2bTZTzZ^qaAkYiqfY2YQ7N~e&#GcJF%M!h|8Y8*~|{JW&V+v
zWypxl(c`4CHU$zU=vVlktJ-Hwg%Bfg-CnslUxttEb_n)yyz#3x{N2B|m9D8a{KRd8
zWS1c6V~5~}9F|Ga#chM+bBwg{1F)knqikst$KZ$ESceE7I|eDQJZYIDFvYb<{c_4}
zgXF_LyflMDwkTmAV_Gm_y`>!xB}|EIaY2+Gw6?v4QtAjh+jU^OU9aIyB%d{huC(wV
z6xk5B5UdY{Kj*4vg~vzxv^u@MABT^VldCsyL2#2|gUdY{<##tD4qWv*Y%>#gRa;-Q
z-h&uS$k+Oz+u#-vNUQ*9XATJ#P~=RHz;)#$0<U%J;n<(tG|3<vse7DuB_x!lk-2>%
z$@pxFkj*Pn!DU@O-()!==HcYvH&fyw(PejM(m>GBtn+ZUrwG_aIorzsL+yu}C}j4;
z!_w6Vn}Lssr}^^xuvLG<tv8yCQzQ5JYNODDpW`swg{I#{L>cm^^wh(<Fj57_U|trb
z#tZE2%+jW~M4G$Y3-F}VeVRnih6!*6thX%{WGAwX^n#8(vf2da@onRrYU;+Znr}XG
zOiY^w#~K6r&TNPdR;Y<$DM}L~r(x_=xoAGZvjdf2zrKOnjM;EGF0qhw!#wmdpM&Z&
z&acfCy}(EPvmgH;_w(%U<3ETK<&`&ba{u3{tH0kqa&rFP<fgH%x4@|)-VSk)CvFH$
zrXf5hi$Q3$*iH(l4Jg>UO^&V)Eh=BnlRwR=$49CtyZde_GTqF{d2TqzIN}f8vu1JP
z*GyXm=<zf&U=hIhpHWqGa%zJ8ISH~KmQi`TJad$8lBJBrMb}q6WdI2kZolo9-^8gT
zXWgrPY;^TBIJgIhp`5{#)Qzh5rU$YjWem)_Dexx>aZCDZ8gq1j;XOqK4Ae>=KdjPb
zqO$ifPsKLQv2DH{L+lNkxgCDZ9y9DBsOjWX*nanIa3{#GvjmsAq_5{CQvP{(!yogN
zRmWF}Z`ZZb2eLjQ&Xdvl7xXXFxw^N(J6{C^n`Vt#iQ@v2e2PfzA_bA9F&A4RZmJJj
zbtY?Uv(u3wHd=1Izntq?cqm&s=U&)4v3m(SUs0QDV^~X;?~JVu?A)?QM1!h|)oMig
z@xScf`;D@V4fL|IJ^rkpi?O-?TOxV*rn%#-U}tD!7j)~ax7*cKU>y6)<{eVQcS7Za
z`}wjh@{gD^c{Fy}YyL<k1zqG&KPB@{x~xB*%hO_GJO=h=n&$-?EOjI@Ep`)Ddevgk
zjRlWntFQe5K(SbaEyVny1O$F`!RbDK?l@$Q*UbV4xs7q?F&}?E;?s~XN6>zveav%B
z^BluWU9%z>cmJkK(xb=iTUWs+1KK2ApuGw>lBqMwxg&-X*jH*zuarpu->IPy@brJ3
zBwzS8g(`iUE2nIQQe%M12S&y566nT(@EvPUgo*5>)v{6Tl3ofG)ws3eRbl=l+Rhq{
zm)SSFcQgK!uXSsIs}_i!PCIXplN54j*hynkaO_<#4`9DHQKHby?#$kX(HHw~pbv>B
z`g0xf`A&;?yVFzc7NolEFDv%|U*4e!;X=1H>z~w2@9(Ym%L=UaBgE>zVIgIYi4Zm}
zr(n?(%^47*RZAxK0K<V-tqUE$UWp;%d_o1Nyjh&uaF;-0bBN784D)(yqe_~eD$Zx{
zcp>pZ?uHmlrUO!KLi<CvohURMTpj+qxHA<kB8{->kI8D|5j#y&QLrFDrmS?GiV}Gs
zLhQU_KXiWR#o{RGKzwXX)dr&^)IP&w)GF$Z9Ssy6$y(NxQxIKd-dk4b+aHtq^LeYA
zk?7e8?g578msq<MPBF3EHz2~X4QGg2L7))&3Fx9g3RxC1P`JsiNisaci_AH(X8?+i
z_tQ^Yg-623qSD7>r1#?+%_M(A>+~zS*wGv5Ak94;vz&6h0Z_~I$`Xa@yyU4jFjopz
zLDun(1*?kZ7RBaA=U4p>bpm?U8Y;C{C}x9I$IJ}1h57!%OEyAQVr#0&NY?o0l}dZw
zk$H6fh$j1I?v78(W(pJKO(Zv+FOl_~h`=hM;Hr2!pxP_6;t>_W#haF7_Tu=g&Y&OY
zEp9%<w~bF-PryETv(u?dO9fAWUxcnSXHopu1X1Xuq@Qfn>UByp8*5EV$TLDytsEm!
zxe()Mw@1?6Go%nLrg$CnVk4M^@y1TjhY`O|N8meCj>ys$SnYLkiG8{fvNCdc`Po+(
z9!)ZzMQN;G!u(mnC3Rg}!)fvp&Vz;JVMAt|3d_(eK<qIfQwLXJX*+wDcWM(jD=m|3
z&1HFczMO32(kNyp@{x$Ji|izL47@x3))d-g`N=Hxre@a>=-MjUdqyH{8a4wB&i|7=
z8s>n|tjeIG)HI2%EMU?VryHJR@nqK2+n;d|F-`F$U98@3ceWyn97KPfA1_!HCq;ad
zmZ9wW*)w03m^TG}XI^NM1aF>pxGqgB+cFpUadoJ}zEmd&#T<LDDv~e3tr#yWlfze5
z$dP#)PmuhPcou(N9w%5;CykXi$(24SGu7;JaT?6Lc)zgiNlH9k)g?i)u1~1U9VT;A
z*Wqz<ddRvlxl%esrX^Ae)LbysOc2yev}`_^)bRe973W)`jpUzS3`J%p3L8{CTD2v4
zFWb){!xwKxG*4C>$d%rl>69kY97&ZjfU7dHW$Mkh{1#`jyXltpDpdZD59Dr<%O|gG
z=Pu2-n#K-K)>G|dIlAxf+Duf?GO9B$F8ziAp4s5(2&L4`8ti^_&%)g)VAD~fbZF#$
ztDAPCo@ZN40XvKA_I)b|79>CWhn4Y!ZI1uBskIhO<~3w>6O4}D+}=?n3#mq3`4Obf
zgX$!~Kq@)}P(({&bXNW<h_zcAM~1o;4x=l*tMOqY=?QwOs11!cKqPuI6H>tViN5y6
zG?`~!iHN(k@<BR3(U;4TposNDA^T1AX0vMSI#k;dtvAYj3+`h${9$0f2)P@6+evB)
zZJq)J5#h8-g6Rc{B*6xBf?MxoG-97&AjJ#HFRcA0-ISM=&;%QO$pdd|7xg#*ErV{+
z4cktjQrDo&RMM!rpwKc}=yXlI1_h}<;ne0sijvqia)``p8%p>8;J<<H?smU@f`iF2
zfk^zIw;m86w$`Hfortz42R_4Xhn{{fA<6Lkaz6!KV}GndmLW=_vYG(AwCX}_5eT6K
z*<bk8@+NUNPD57onWNLx9jEY~U*Qf7t!n(!T;9*}PPhL9|Ka+oaQ`p(dlhs4pVjbx
zwV!^1>cx2x)YgJH>-_&8|8aemf8OZJWO96#`wj6`9uv<lIGeicbpNZNW~hG}{0up6
zM1KfAKGk)5UI28tK-0;Ndii$gEgkq*;K4E3GsU^mcpd#6=!#zhU>r>teo!*~8P0rh
z*0?95{A-;4K%RNeT+%D^<ZF>R*Ws>Q`i0x%qop*?wgpc1L9&9A<hzHHm%Gs1;kSm8
zM@%*%^YUT#E@OQVqD?;+oiLJG6ZJjRX=p`Tb&h$JQ^&4zFWbeqr7Bp`rG00ACxrvd
z94S4xm>R&2jkL(Fq}Q-0##Vblt0H6_6~tIxck(=kvf!Wfh4;CAJ7-LddXD+`>glAW
zd^lZM@#J}~epjal#*+*+Ce+cMf;tT_5<YF}0}+-<e0sC|WA_{zY6jXfnmsPZA!YYS
zctD8~jRfL^9wDOyazj8SJDy~%tvW<G7}$IPWoJ@8=qlQUWy4UU53KCjVKy@3ebvXM
zDmb%`x_0HpNPm1<v0?K5hnAwlv!hU=X<Q68)npc0FgRk>OF6fQJ`N956x1c8Cb-YJ
z&TbRXSHqUBXS+MKZW6{WU-CG89K`u(t>iXi6pzU_G4>#SntOuN<I)JvBpo~P#vkU_
zhm$}(_LlCeFL%!=_r^ZxRc0FT^?}7q8a{T<xVzWKG1KNTx1A0CNXZw*|FGXX9B~>C
z$u}(g0gq41?2tOgu%^#3pq_q3KK+1*x5}T+yTVDNmx^ki32LACV%LZtPeM>&(gvZm
zY{f2kPXgbx&O5G^cJ`Ka`6TSG=d`Z;<J-se0c$n(AN~7}{{2V){-b~Y(ZB!b-+%P)
zKl=9{{rivp{YU@)qksR=zyIjpfAsG^`u89G`;Y$pNB{n#fB(_H|LEWUE&ZzmG6hgl
zy78~g>uB^|ROdH4E;Nc6U5tzY#nsLffl`vxq_=QnZdQ}JC6Cr~P(<o1)G4Q9`F)%`
z0~8fU*tQ!I3+SQq_4b5ICM1%g8nK43wgsgZ1FA80S0h!|FO;WaRChAXao<0_d>Icu
z+I9;{)bV~!w*XIkn;TF1NiWN|SaWLXyJmjuvjPA?+3-uz@nz0la<TVGZ+|w&)SE!N
z`4!9v>~h<mb8p_je}<v8RVFhY8u1pJa?HOY@KCz;tWR6~sG~%@uH8%oDhd-<xy(1p
z`rw()w_!D#(H82di+w|ZRkiL{lDfZ!CBpf%kkK#err+ivE^DC~;!5zQhlwwZq@X0E
zgcl1H&YK&(d<s@r<eZy$`ZyELwS89Q&GY}gb2|;Q{?xaw+-R(+&G1{&uLjKIZ64XZ
zbJX{q9-=dusMQ30TmHqHpq<C*LH5GFK?M=q^z@|0l{k}1h44`t$xN{YwVPvnW%H0<
zUf%u}VQcp^s)0`9p;;cY+4ew=P^@A*gGH!}v3ax(cwK)mM?DT0H$6mt%pVTa&&srr
zD5xm))nMt<m3o4mB~Q-SO|HIEgp016PJ(VY>M*5@^O){oi#*7MyM-0#72TLxl9_}L
zlK$JZSZgqcS+LH~ZipDRd;-v5P?H#eehhycPR{Z^4KH7R70h0*JC+l0q(?s^D?^CN
zu26gBiT`ov_h(3fg5Kv7f482)qHV+6`#hA?nSfooR;|iBT|tzEpBufvmNQwnnYYg9
z)K;yi6FH4}F%#sAN{L+=TI*J>P1s89$N8RP7Z>a9|JT#rK)3!j^!S~u^(-lBURG%4
zaC)y~Y1@ks&uF*48q~qoOeQt;(A<Uwb~zbP1k+hid(En81Nl|1No*n7oSZV^IUXkZ
zodCN8Yu*+;Z#Lj6oK-Wo2U^=xbLQ-Cuh|6JgHD8I<ax*7S<m|b;IuQINFUgs_1cm4
zYL1byO0_zzMoYi3WPli+vjW)z|FJ*U`)h9ji-gK!pNg%?Sltnt{p>6p<D<q#P4&*7
zev+SAV`BX4SqY`N#Tr=kO_OfaDeAokA!~Z)cOS!EU0ZE+P+6%)XP7s0oX^xBrfD5v
z?O11u!|rq2&nQgbPyN2P)t?03Fu}?y^R<|!jm_(B1{}O?tv0WIz)!xM(xc`y)QP_@
zBUJolaRC#Ry4W}sYS7F>W`jh_Fa;%KJ+y`;*V5x}QFRh#r8i%RHPd#K=(q~IHy@_1
z9hWlzA%PKr5|U=4EIpHd*g?@VjZkF^ZArsXy1vVfCBwIbgXB-gX}x@BAZw&;bUZ#X
zEVOZc;1cyp=OuW%PDH0>IEv0(;=t!ifjM4XNJ33KB;XS;2Z+qLVJYd?X&jX|8qz<&
zxC)yVA5>o`6%#{#-RPT(atbPxa!9=};Uu=5`{+4^p`>-(av-+Kd?O5#{85yWIVhct
zqFVJ_|8*1GqCf~NR1>?y6u2r?zfWMpoPQGqNW1}9d3{H_9rg9YT`YEzAz;*4O}6|1
zGX?G-52ygvVjpG0YTddw*S@T*k{rjW@s$bOzKE*P*Ga?os&v0yD}BW0mbF}+-i022
z+(A3LP!DjoP^BJdHB4b)p%056Z5$xiw+YpGFyg%x95ty5j8U)?XITGpuH)v@WXZaT
zMfVU3cBRYWUJ=9KelZoE^eytU%Z(ZoJOQ%<tF)e7M<-sH@wvNHbU%dC<~G^Uo>yl8
z(z0-6PCNC{j~C&Edi~IwSRxOOSDPSvP}`%44$v*ZE48*2isMHHjTC=!BJsgdxEob`
zM|9G09!ii2%)2%3Wi~u}@GIigBoD>kTOdqmJl=#yrzak)`V^$n6r^lj8B_Zl^gVY0
zpXZyI<Ll`4`O~zK=l6a69M1VYhCkcO@pb(Bu(7dmaq;Hw`Lq&VwZ{M0B)=Es<{bR@
z>GH|z{bNj)(9}fl$G=$M4I1}qx@&*Gdk(;KdTnzqUVp1J{4!2zGG*)P@D)u9TKb!t
zUC=@<q4hO3?O(n0x3c7I32<A<bK9ctRM+DUG&O72)Em;X!!}7P3^{%;d!OcYse{;Y
zpryUQZLnmlr&8+;xqY1hz`+8_?4KsjDs!DSm}X%~g4kO@-D(H~i^xol9LUCh=VeQq
zeQi9TVcEstR`Z<+r+z#ZW?57P8`#^;^z!{={#6>r2M1~O)SiFc3+*OL_y~nyZ7{4i
zNrtvFipt5T&ojVKii=omSk+n>qj>`++&C`(+HJE;{$lxL>HE3_u(AYOM|F#1aO=;m
z(~OmGWm^Q6&pZI>|2ly?-Q?;nF~>IGUv+<Xc^%dC<BYX5W>U4GI+XftEHuTCiNYgm
z<<ZT50ITf?S}{s^x0)H*h&3zSE|SgfZrCx^$`wAY6HwRPDmG@n=O3&GMr`c2T_}E2
zd*GGMI4EA=J}K1r@cf?7A_QIZ_;T(nn#=}8xIYy39a{6+A)cepKVREFBy17y&YPXb
z`QbFrKF6ozd>aVd0(B#COm2NLx*)f7j!KQi<`VqEYUKkZ+<`l~`={ul`P|JJ1!HEg
z$-H_5=njCy<AJMD8T=bY4?7Q9lH6T7viS<-rIngfL3r;3R!U40%mig0n#p-go?Wz&
zck`Fo_q&(Jusu8jn4dl<_xGH9acF5_;bB$wX_+^Rz&!xT3%SP^VF_B~r4!a+B@v+h
zBZYi1vrt9WlB!w(Az}mEJ)lUeaur6upAOpv2-UIiJS1bgK<9nxzF6SJuqa>~8-W&C
z@>!W+n`2zq-rtp}CeqT<6-?d8boWLTFiIT_YUpYJ!Nx_|k%|q^%Q96|{h|h5aw>lF
zID+Lg4Y2+`i=g*}wW3zZtLOlil{bWfVjOe^AH*}}OLx~_{<3mH9cRmM=jRE#B*vGw
zwVCfVBHg&3uunb0!ijnfhxm;*vJkG@Y5yL(2_GYf^*6JcViHp`ZTcBd_PFzfj7_n+
zJ(JnBVZ+wsnL?N~lzv_69`%Jy3FRx!&1`e~?{>(FhbK0&23Oxr_EZnH#c?Q^nw-n#
zM3THjq5}QZr8@)`4Z89g`V_cMb1UZ&vr3ST9X|Ss##s4AhRJPiUB?gFjE(9`LtLn<
zrsPCwQ;X8=*Dz<G*-Y+!6(@C9Gx{I^mOehlO<5F8rJ?ca^J12c6IdJ3$3fP9ELBZH
zn>$KEP@~5Tdv(5Yj}lwydvN#oY}K=|;H8|2Rtlz_#`EaXT8liNlR<tr;!Ww2T_+IY
z3nbUy2@n!rOgiNjQ2GZu$C0M-Y^<kkqVwbJerX*^qXTEp0d43VtV$<Fy#Whzscljs
z@Mkk$*DhmcQU%yGFaOaeq(iP6e}j}f5@V@}T3o9RWyO;Cly^#E)S8?>du?FVgZco*
z#3pv?M@eNz4M22WeG6G>8jG`YLwf{E1|JZR+#7wqhO?aR7yBwp@y2bjy&?c|h0O+^
z%%<z*=7jn&IvYp=zjZwE5$XWTg=J_9&dK`%V(zC!%H)Vi2O@%J^3{JE`jE~SUU!NQ
z7Lk9vM_#ybcf04RycEdG$G2Bz_xWbPL;0V{&Dyr~+A?+%<w@QCFqc=H5-)vt9`B;)
ztHifVgMGUNznC?}oo&U{+C7q4_4_$P$<O3Ofw!X$)p}J%cV74eS@PorBo>tvCz^cE
z7IPEd^!d-gCl38WxNf24m<=n=-o6(9EMPQ%&PR!G6#zh;+sjFMA2T_(aIUtB8e*Q)
z-VH4yKjcdeJN;jfZ=CwsU7j(;6#gqN)XSffuf2F(b5C#9R^6U^d#qnYFZp&rBx>mP
zvbsh(f6~Zinh&g}Hl_hPd<1J<Y^HL*jmvuEHT(%|V}1&)D=#0uw{zo{mclXW^!q*g
z)k!1`=lbHlCblGCM?<Ftfr==<0i2A-ED<v?3#|FAQG-yY)@Ee{T@hEPAfw`FaEf*1
z+F7w7Dw$);=`=RVo4g9f=gDitja^7NFs5ryV3tk9SuXYCF*f^{{57-vp6@^S9R&dU
zvh~f*_OSK2k-=PpxgRkB`T<z<5?I)&Y|JuE4Zu-M-tC1VSZ_f;gkgF33|DVDq1K^-
zlk1K*irZo*lOSS$1v#ftpf*Q$K7@kzngCeSPcG)qbv{sb=A)7QL~3ktY(lOBy=~U|
z#^4Du@qaz{dQ|mORSIr5jVfBM<J0%;iEC+ebA~OnjlnP^rGnK@sXneBRA$<4ZiC8r
z$$5Ojam1ZSY&J~-M+H*Ec;H4AyaMefrp2qD<rv#Z+o3S~G=6f}tDGA!;pqgmqoW*b
znd9rm#=`-8_bY|0DSM61{SQcdY#z9ySq_RSwilhFh`FClm4S-+W^#)cECCd7XUf{D
z=MCv8z3d2iAoK?NG_SD-iwlnwuj7qDF2I5r`vaDttWDr5a_*#LWAtM_q8g#w868xc
zkw!VRLZZuELo}!TI$n8@r0ms*)t6RH+9N*O-!B{(+S5T{#ci!H#xgK-lH&<9iEDF%
zp_s4myK&%xW=E!Xco5|++E$skXLaw1U4~G13jEQuV~`486Vq}kr2{qkCWLknI8D7G
z7!sQZ?e@)}dJIy|jTI$KpI5#q6)R#3X|TcjBwD&_G)hCA`U9UcFQR{<`_gC~v-|Es
z(pPcO6SFoAsgGgVaLL?o`B{;5%gSBi=A~;5*TOmii7P+F?X||Ccbqb1pocVtEh{%&
zKZ3wrK_y=CvyFW)Lj&@)q^W}=BR68sS>(jR+c~H#m^>B+Y6omaN~adRx4RI`XAh?I
zDV{78Y55e#xW?oPOOr^jfpW)%mGKk$6OSYis}Z4A0epR>ZPmgho(*+t-p8<I>5j%a
z7R0!}+tVBhr6xoCnYp3QKv^+{DngN(_s%xDKT+n+P8${I0X8sw2+2?g_e0vHcP7YF
zIM7Xqn}fEC5zDm^XIW2lm5^fqI;yXzL*Y9+Ea#n((H1%>o-M%eS6%goVnyxF*5gI-
zz+6|GKX$DaLOxD)TQ>>S`3d;8ESI8+<7&}j1Fry~UGy-FQ@_f<ysc;}2L8Gq(P+em
z(Tw@mTq&=|$DdcwOC5OquIe$OfjuU!q-{fDSv$HuS0X!kHfB+Ir^i^%;6cw~EV?<~
z%?~eY!t4?V76Ex`7(xa|P;X21zTtU6z8`^bH{j(7ok)!XixOtn8k)n|!cBYSW+%`Z
zfl0{uUQUP56WC@90?1|M$JC`hbU}9R%BCpzcPpdeeZGG)03Z~tv07{{DceEs$@IIc
zgkdL0jl)_@ydSOxB5IttGD}RH(XGdm)o3P^J+Y==*Y;BmoHnU4i?38>EH=dUJ%mjw
zHx{>BVXDzoXrj6?`nUmH*s`YUcQ4joG-e?^tr23KSnqCTz&h?C&XCV&eEaq(ZPkSQ
zo&h`Z^*8>VH;LZ<23ehjnXm>|4YDvf4P9pyGp;|+?r?GJJav}5hC@<($uM>vb`O?|
z4C66IA$Q#K)~&2VFof-G4-M(={hM)?j=@rj@m7z*0duF3Jf4S%B1}|9gYie3tI>W)
z$JxWbAhT$ORq&)qL%CW=<|1szuv-G~_^oCUq{N<&ZHIpb2+6FyE)kg(9V<%ASH-XF
zk$1VqAsRHL&=tUSIa>?~pbl=R*2$-l?N2v^3-~%jp_9Jz5IT$n-C;He(AaQIfu=86
z$HE8>o1Kdk?=mtvqe%zc?q@h8h9ZQ!<Itsd={1?2H>Z?t8sDN|Qti;RN;ji2#Wy`O
zZ3Zs6xvFF*57nj}?#Cc?gUoAyC{-fzoMPmGoWJHAWPP3K%idxoWH3IzUK5=^+e7eu
zzhKr5PJ(v75E;aILvr7jgQp>X@c(#-#dcmQmY35*VHpZ_s^_`lK=S?|Z`TioG4vS+
zu=K8@?WXG%>aIQeY|qVoPwzHS-Hck_mVD{=00jxx27cBAd_p<_5#WT&Gqe<EEl5F$
z)%SX$k96`YX~wT~c|t%rB{ZzlW_Ip(3UW}*!EBlg_D`XO{Rx@}%tzjDPdE>p+1&qv
z#E(w#r$sHrdImd1>m$0?z&r6Ty**X@Kbe!gOR-=5&HY;gkuWUGWAgZKzESC0Ar#Mp
z>F@88rW}Ko%KU_ac{AxwHTp?FUC3r{ck2H_FK_G$x=n{9u7C~;vr#oAVnT>n7-@E<
zmni#*7}cJ$Ehr0~A2E+pI}k#AkD+F1XDvwvI$Au8dpxmQ>^d8<1;dU$g5y8o5p5~1
z%e@!M>)R5$V4mYs5CRyhpA&es8xJNWZWy7bT8zc~xKObs^V^l`+>GBstM2qh-+EPJ
z=2-y?*u)&uJL*}P19b*KtAJl|wu<~_XMbAtl!yHdADQ%5VdB!|TanQ-cgkUbpZ@|v
z)tn#I*svuuL23FUZyb}(f)EFwN>OZEE%f&J#)!f6wtOO04A^J@Bn|l{+8N{~3KQ66
z-lw&{FylIba4aNS8e$k3%d4<e2V*~^)9^P;vA=Fl{2o@@J8+#Reh3Kif)e!S7V@op
z`GV9Dhh@w*au>2Y4X?~6O7W~1Q<c$Yt%9_X(v~|<4a-^YL-Yy-;S9i|{(@MgRssM_
z{<UOe)w+g-{f*d|n?g%caI0k~FA{1=1Zp69D^X(E>osnW;Tm^hRo<u6HUXpA?0S@;
zEvJuM*n-*}{ECoM5GjRS(8;Xs3Wv35N)A!U?arm>U}4+yaENp{NF7cFlp^7~?UIGV
z3ky!NH_GsLQp1ARb;jIXJ3%!|`4C8^#K*|L?9k6QmbSg6F?M-5$R&Q`x><nbW%0(X
zkdLL73#_(GTX7r=9Z`06nsFdR1}U$VdN(;ogd@@7)i1xv8gDbCqaVZbB925>1g%=x
zg23+s9;<BdPu~zt+y6pPFZ=VT0*y8EUrUOV1)CqiNOPA}@+BzXu_HMFyHTaVaY~R|
zl1(0FIHCFBZVnDehGw`4>;QpXrGO9IGEs0{KoO^m<g@qwjldMHlWX_F$m|(KCB0Lv
zQv{l&2_|XNF6#6RxIOvaRMIZ<q_%U|;O4y9MAT31=Dn7i&p+?Mdqb*Q#yxKvA3Tok
zLRYtfjt<FC>ztrGUu5oHDW)9|WRL7;EEG=bPW3@RtlxT&e0#OM6!fU4LFBZMNs1(P
zW^q%W8LcsB2cS1NdJWN=q)K15{Z4#9yK@$xRSUPVP5Xd*=OxnUd^N@m>pzudub|Z1
zZ)H|I)t_aM_|`U6pONqIfy95lX&9z6m^-xcLFQTGsnK{l*y-XMyIc&0*WM6QxPNc-
zbuN@l6?L!$tIm4RXi?VeO%&(H)tHy;%x{{3mT1{|B+%Y>n<L&u`um8SGEOh$xacTR
z=VJ)+8f#V?+Ld*7%>@;$%`Z5Is6$ekJxE>XHjxlmCJvf}X?P;Ddh8SF%8M@zh0pl+
z8tWXZ2=tbY#$e;v5KoGZlE?o`!xKsp*dKHaf|d`}{Lp-j(9Ngedn#oc)BS|ucK$+~
zei%bB+W~L$Q*||??kYwy=|@r)l1IjSYg%Hdt}SQ1r_ok45CEIoL~_ga2I5|avmwIl
z74cC@rIM^Jy<;Ec9F>J3xVO=oJScYSvK5TV;@(V#VscZOLEnaXz%i{*xJM)>=Yl>s
z!9wp!)MwCf!kV7R6-h6W=8$A5mtBJG(`O!#X+hz1f~wsDqkTAif02SJiZ?<Bke55%
zX`$zZlaYU$qcKE9H}QB5L<z~6$$tm*EdkK7!yxuCUM8h#p3Bk@V4`#xk-NO!1;U<r
zs<Vb*zG(%-BCL|yJ;?_1CFic@JvC31RtG)t5kH?TwMuW%JPer2%|iAbtDOA48)~n~
zgpa{4(1l_UUyTpvEMz**O^vCxwvOD(zKPvJJq|o}OSOtMfh};<NC#npFk%$y#&Yk<
zAO`@~QuVn&Jd5Wq8Irz%ZgmW_zJxolm>0EI`-`&l66<XV_4?`A=dB^$bOXCkz;Dxo
zsdAW`xDZvX3%&!(G>0=iFVwl67O$J5$Bq~g2{<?G@?X}D^SV;BziIO~>tT(zx#bk0
zM}3L088Eo>6bVL9jyJv_5tEun!>|xUdEdd^nFSRKbZBr=yMMc_(r0DCl0jsvf`6m~
z?B#xOL-2BnW9&pgT3_71K{oZ>I(-AGOghC}m2CGtJ<cqMT)?NJG+p?de$P;8;HoU`
zR@%vVGki~-A;IihE5#aslrwi|`;pf2B{HpX)7~>fPIbSpKSNl_s1#hhy8j1^cqxkV
zn5wz{c@@WsDwg(__-KWriqF<Y%T)$G%vg~t@0+MU!))2rjm_<%4F_G|=Or7OFm2yq
z<80P%WS|{`1XQZ7!O(bG)k3U3pNXbJ%u-D0jOr3E#IjOzIV>K}+Yjk4KwhK&AS@lx
z04368E0vPo<9;-M?>7Y+3E!9E`<JLsUf8yG8+x~6n?#LwvO5Iqn&8&}CDCP@7|5qe
zXxWB4H^@JxIbJ#b9KXb%RzR6{DuG*e5GmWS=;@|g#uEY*D9c+jt4y}x$6CIJBAszx
zUq#8QsN_<&VZ<KqghUl<oSu)0=M*Ah*_wJtYHd)a>949~mq%t3fPC3fN1HOi;4QpM
zx={B7tQ_Cb^nD!KNG62hy+}Tj7%JQ4@kOP+HUYMf5a{AqKP$X5XHFe5A1jpJr_M>u
zUhJ@$D_*$|KaVnO1AZAn<c6zx3A+U*y6t@9xWtChip{3<WZeEzy7s)NrQ(n~gRjG}
z2~s%ld->RR3YRI<Mr!EX<bQYYbpp*IzYanE!5w9A&pOz();&7!Ki=HuQWa-OOP=7O
zEBx}Pl%3S3l=bHcn*dzjrYBjtD+TNC`8+XNu<c!Gi;JvXjY;H8kngF4-|6SkoTD#P
zJ6=N2*zm*>Q95^;Z?l%|$a}vRTWX9$j`=!6mu2Hs<(6-^Nf)F_1Fo`dZ=eqH92EYi
z+{C2Pgi1di#!78gd}73Fnk0Mp;pX$Uk*3_gTzitWR6heFKkm0m>s@=}ka@`F+D#zj
z13W+xS9c|=H{fdt-W3@%8zz*~{Fm2}X?XPa*W}8*Th7_x(DDEbH5-rWLz7f~5wk$}
zyZflE#TZRp6vUtcOrYT-t~bTI=Wbo0V0K?$NzQKbb?g%t$J2o#?^MCXAr)utF#+Cv
zF2CQlaH-g3E1{E31i_ao_P{V+&?3@XP0<Njs#Wj4hc6MC%*ee4m@>O?lvs|pIjogF
zcMQ@m!?7swHHe<n{T3371a*kxJWMIW1BLv)gD^p0lt;}yhH3KUX$?T>=qouHwkK5Y
zf__hkjm^b1<9u*b6Wp2YEt#GbR-ttYL<=5nPa4L0{CPFGvudk6wLrA?!>8Qf?$xhh
zY#gIwfh*>Inggr>1~Kn!n2Y}7!n8WFa56jY$TyXMTb~rTJ9yOC6>-o;PX6x-qFX>L
z2Ld_q^k#LJfzSX0xmMt{)~|3)M%9(Y0x2ni#)SGBk1pxsPB&_<7_%*^<P{&U=D3T!
zMi&DumEJjFQEeCA$4q*arNhRc0ryl+cZ2nP*0Z`$d_Anp1>96>0u?PApl-u}_HsuI
z_DWw3Bg)zwF)C~Gy`%rfEjI88Q^l52iXz{(Y)<y-zz*emFV=JbHff<l7iWvX&(2{^
z_I`60I*9G#)|+^$B2D+LP@a5u>LbP1>Aie;-`UB3g1WR-3fPP@{1_~QXt2v2>6REc
zq<AtsZ`@k~b|*^ix6y3}E<MqF58o&Q!1wKoSy^cu&o#9;OHIqX9;=Ao{FD>lmw-D<
z&R$b*L-vLVqa9>|`y;UvCZG5R9*Ih`i?t|{xnu%&r}NllIc*=5xNZuNPpA?8>u!)6
zf%=@{79-!1bVTaGDY{&~>wr1o+NQ(+VL+b0d(FO(wQYmnc?nWaN4L|bz_cEQ%^QU}
zf@;-9SW!H}3B;bDgl>%tm5<^)lQpbZcpF7&yHO0d-Gua=ztElKwZ9Aq5V#ZUjb6kw
zxIA33U+lTf(^D%!bSnc2{I(r+4K7iAe5Mpt$38FU+OQUVqr8l?%XCF~M4fpP#kyA0
z@HU~W`IH$WA0YV7NBJ~gm5D<TXLD0uJ>0y+H)5SW5jdpJ-}i^Gvs?`Wpwvt;EQhjN
zTZ8#UhX#=dXN!yv8yT5YjcdgEA9jyW3$%a{$2s7Flbl}Zc2StT!6&Z7z)zx`#!F)5
zK`}zOj+%hL+;k(4jp34~iC5Iu=IOK75tE*GaLiobPJQH#kzUdGu;PJbPa8C^pXmu_
zZjcDu!_)^K+wk?4Q}`I@gzJ3Q{HBSxLdi{-ZP5t7&el8@i)P*lB@ga0xklq;%oJ7v
zR$_9>VCKxCS*lIC9Y>dG2pe=QHdF+oqway4bcT!W1+jyVaHOnoOBMR5kw^7>Sf{Yo
z<s+gvces@Xt_7;KSygJ<wPii&;iF3_Yu#kM%3pNX6|7c1ZB~z=HmZkfPjbSn&_QDD
zxS8lo3#bZI<%Sg7X<k`ne2cDhJj?8NA_+xbfi?@bH=-yZ8J<)9pzY4Z@}wUiQgfN4
z{5EvE8~6s;g~GpIt^&vT&LORVzum^#_n7duGB6*^a)lom?cZ2_^5#YBjoMWVoor~i
zT?On$vGOkX0Vxo5!Z2Jz5M6S;g-wT(u(F$Q1B+Y9CTD!qAk#aK7SIBzWHjASV(G$r
z&k44c<$RujR9HeW!B<!J1oLbV_YC<RT^y-un*XWeM4j2R4*SioM?EeZcS3G+;%}G?
zP^~xTg_^>sXP~DEvehncMg@K#8X>Y?bf-?^(Xw=(aLQW}EN4)VoR%VZ#i$zejj<YN
z<ljZK1t-70{u<t1cO17ga__%)@_@v7&m=C@Qf$a~c#q6WzbIOlYGQ6IXh}DA+R23y
z%Bh+)K!oEHsk44==LUKJAQ~kAs?o<X(46ITDv9VHyd3rY+0odp5#kN|0Cd(h${En7
z2uUzU`a@cfS%6W35e$6+3;;9zJnAX#>-w>^!j>iW>kNw60c(Kr^#LQX1B|_azOkTR
zK^626rwr@`^oi&3ijYg-lSq30KrVzy#N#BR@e&?+2I271E_s+{JY^#9{<V&h(#6SW
z@kwYO5%m!zQV=6i6dkFz#^_=Krno|+R|gB2#DtDTlKCK5R0H=L;Q}F9^WdmKUsDP2
zVnJCWpHq=IgBa9*3e*Y-9|ZSffwV*2g3y1j0JN*hoC(jX=fnrcCnARRYyz}EMIZx?
zR{=s&lGuCh*Mjv|3;CD=TvEY}QwjJWpHjgMQw{6lWEU|4s1;BOM}`B`ae+9j018xz
z0jY61`76M~2CLq%SPluOW-+KJPP2k2v4X)8<K<5tf=4eVyn@TMxT?$-<-U}g^ImE;
z*v5o-bHOYxL8O;0NZdRi$Uj8zD&EW4?w3MT0$P;e&6h$H@@bUm^_N0q0>{gNgA#t*
z+p7NqG2ueMSPBeC7Ykw-d5p3EC<W7_6q}0%*0&O-7L~N^W4Kr9MnQpYZ?;`DWNDxF
zFvwWQXUb#ApPn^f3I|aAGyzNzJJ=loqU5c8&|kyaL)TcO$R_~~L?K=m2_)gX7e{0n
z0+1Y<7e_q)8b}B;j3bipYpf=0Widj*SVR+$Fm%56Kq!6>_UCzD(AX#DhCz%Xf$>7g
z8o`6LW&|4@4<wJwmkB};!=4vWRB;cc$AZ>n0c!pK00}_$zbGEEXxuOoFw>2ND;kY)
zF&3sM7NV#HI~3jFL3pA~$f0PO`++7JJ+R{-iK5|%Mq+l65EPMv!4bbKhhd1i?~0~5
z0729bD-=z&4}Pc@QYf0@PS8UmVTZPW92y6|GX`oX7G`J^#LyOyD=~c=1uL|z<}+$`
z#zF~ckf4ZWM8XJd0tCf$F$f{l1qX^VCHvrmdVzr=$o4}A?Icd^TbkZJm}(pd&}aal
z7Q9cKHS!k*|B2juTY~;<0r(SEXhwtmgi-xQ0{uidP!0p~vwwh}@!&o<r~$HLfPDsG
zdjjw12lWX+_5?R&8_*{Lt|vgT1LhM4)f3@%(KeuHn4SR1ZkA9qL{D%)5x{2*JWsIq
zd?0RV5Sk~n{Q<aV94t?8+AE%Yx{y4FgX7sc=w{SO6o%m00)8i~W{ra0F~B+@Hnt1w
z&Zt2fd0xjs?L_dFondzNmgNZ>I6lv_C|RP;u;-nq@0=;oK=J=iEsc^URZTNZ7V{+I
zUHHwkAc)VB?v+n{>e-Y^NPy`!KpM#JLo>6D+S{7V?=ViuIdDssFn-VEcxXN38(K;Q
z;S&zVc8|1ADLTpu9ZOYnOj}$Yi8*lUM;-rx@xO5-bu*Pzl(9-j2f8o@OPZ&d61PGs
z=61LbM}sqtP#!WaSfel2PV%303O<B)@_Ux6Ej1-yF&)nvIz|P=f60pGDJ@g-mECj3
z$*|5V`oUOrqYRHqV{g)SzsV;>$>#h6;-|>xWMUKnGQrbL$FPL^-!PFW`5k#t%St#w
zL}=lxCEL!WXj=*6W@W1PN9+St^rneeov+rD1YT=Be(#S0bT0~8ngpYnxVMIq2_k^l
z0HHd!EeP7;Am^mTA9eGAl5xeclvn_lFu>;$PFkfR>&#K5;!er?ymxO$0hQ>$axvHI
z%%WGqDtKYH;5%5zm-$sG7A2EGz6S7ZAbo>WgZsecY_g&yfI~_ClRj$V6lrb&P9{Z0
zb2ja1=a-ac>ad1ZL>Lj=HY)9T4$rGsZ8lu-($MxI6)RUfrx|7%s3yJ@DZ|ETP2_oJ
zjKcb8ry<Z#o^!dxRb<D}p5no%wRv3vtF=$N5-`abOKn0r$wjKhIzX}Mrn6SMt3hoG
z#piJi#B{vfv-WtlCVSLyDyr@2HZ9YbP@QQE(7Y*WE&=KVZdclDt`nEKt;O^+&9*{&
ziO&i9P*9Y(DF|fhJXtAu%tjYZT*)+{q5jX9ll|4Z_lx^vil^Rm;B@@n7($Q#9(db-
zlJ`f$yyX4SM|d5M`$1l{v9%BUmIIGmcdfoZ>dSY9bP`sb5grVUZQ1uUA44Yv7dfcM
zxl)p#M@CW#&~)Ue_c^(6*`hAZq~&I{S)wr6VaJ=W-)v3l{4N&{xs_c&`xRy1NgFy~
zTzMF_n-+JCP^j&*fDJ-15qgn_y(ta{A(OV+0Am1N8}Q7^LWvu*EEsJqoTI>UmX=g^
z*6GgGw=Y8WFX*fRPXimW7Vz&uV09uvr4$LL;b=IRD>M0E^45<1tXNVfi`bg5!0r^b
z{&^$SjXi7XmnL_0TrEnP*BSMRmm9nM0D5Uu5bC%9)KS5wpKRdiPC=&urBjlsq{*FZ
znbm{3oS~xa+~2;?_CvLaIRsteMt)Q|A63qMs+>(;OCd_N{vfk{6$~wyF_O`8Ve(@f
zW2HTEbi$riMVR5lp|#-36c$krMQyXVeyl}B&vZCp8D?7OqQrUH+^*`7QRfht=VLc4
zmwFH{=Y2F?*=jUxnklJXzX8s3=rBoWmed$Mi0>UcwoVokLRfN%`BE%B8|a0SKLS)W
z1r2$kaT#*aw5plYmXsJgyex`}URlPKX?lTSJ2X=g9W)}wIbP|&7X)f-*s50o4S7VY
zd>SW#qVyG7VWUM&wMPO(M~a&2m9aW_w5Vx>$?$ANi<*rv86Y}R)Z9nf<9<X<GrEsL
z;;&Fhbog#7KUed$*mFT|tU6CwnXMuA1|_DwEHIJd+8N`yY#uT`<)khlT<L}RMYX!|
zd&OCYZJd|e*M^8=-2?|sl+iUs*A~Qs*|v28OpeiFa$Qj+3LX2$HOi;i8m-<Sm!>hs
z^BeTG=|p`cbJi6a`(TvsLp2k}q<dskR#&B%u^S$PU(xAm>uC$Sp*}wVj_WKc^Ni?-
zIz2)$VZU=xu4wg~s1s(QUKsJrsEB3NGqe$_CT%@9Z4#{!iml>p$3-cenwXLom6)pp
zNHiy6ureH=pTzjBn3Qxee$e!DW~7$&isqA&(G=<_=wGA8jpr$V?B|QlPEzyYjAhJl
zjp};IsPxqV8t6Gbh7s|Il8+VdngSA0-KOgPvN|Ixnk;#)&k-~as3Fu5ksx+0B7|N&
z03c370|BAltjS}!F`Tj0xOt_uQAv(k4Eab`_0Xnh_auxWJbZ$fGh**k9tu&~k}TXj
zb{+YTpPO|NxqZ|+yl-qq>ge&4o<`ChF$A$0I+M7V4-{CVqEe#M9zyX+T2kr_${ZQm
z7b4XW&I0{(6CnD-kxfJym?(nz#{@l3bq>}LG!cM(q)Q!%>-g``WC&m2aKDZhVQ|>g
z0Q*P4=ynn7Ah@14W0FTq{hQ5z=8lpP7xaYiykhP|VYs9l6OMzM8(|{bob!IFnhh&e
za8*=cMm$Q1-y!aKUzzo>=Rh|_2_}@g6KQs4|2#!-S!X6MZCZ#Yf+&LI#MaC;|7sb_
zcnk-#BqE60f{?gTpgckip~`i>VpS`P?F?-D5k#r%AS3o~bDP8v!Q^lt8n?dtv1d5O
zl!(R6VY)ws*UTA36P@$Xz9#0dH4QPg;3ZWrf)J{IV9o?p4abvy7L#h&&b6A78weB-
znZ|8~c$zaSJZxJWIA<)CIu*gG?eJDq>^XVM9`rt8k+E|G&1Ovk*Sv;}uQr&hS8j>S
zB}?uiETRPRMbPYP+oCwrobt>q5S6X>Th6$m<$`T1P>?S72~g8qDQ3c=<q0jH1U(MK
zL5fU7p789KC^rysuttiE#gfV~@*dpZJ?D+(4SyUG%0EVChW7@~j}={P4nq4xyrB@@
zc#*NPLP(&p0aGG;MHePZDP=__*8P&iO9ybtrc^7sx4O#i?Ua}ryh_dh*9CZ^)cbn{
zAIKhbQ%q{f$ni0>==d1$`x#9!?^-vLF3jocLs+MhfR|ZsAbj?lcdvU`hiCRGkr@|U
zV2Cg0-SpW)q{q^wusNiIw$K*o8zhE;`;Dasa$Hr>WT~@0@fTp4{hUBecV$X^VwD82
zo|U}F82JyI@PEeUbCy(pMlGdD{U2K0HtGI9%%?y1EuWCshi@I)&+WpoaBE9GV7hxq
zMGXkFc}iY+k^Rvsf<+~1mbHjTEwnom8;RylOGe&`Yc(}>#?HtU<cc-lz`6ETy!ybB
zx*C+0gKWivE7S&YZg7OKe=QuLW{DbvpkW>+^mq=8+Z|gsxv?6(2<uf0lC+D*0Kg!0
z%m1g-;>2pkb8MV8V2S3fgG3G3L!Lt8pjq1vatP9>HPT;4LKuZo1~qtGA6SutJoM_v
znr71$U&gNn>FS4D$Q|mj2cD$~Eir6D7b2HJhvF#iGe}YKV#9ixm7r@sDi+L>I-{j2
z0K49L9-3u(t)!Q9P{nF9&+b#*^S@vv7l<<JGuwAI$_W+(GHX`M4d1bw+CdWZ5Ot%9
z^?7;faB{n2r{s&ZNp|;!9lH@Ux{Z3<=qYNLz+9A&!FiGj;;T!}?s-z3PRajarGRCZ
zvjweq6SrmDffZsMsI&J8If2K9+qqh?6s7r7lShm>!$S+ixL9~z{qb|}BJz3Lp~+Dz
z=UY<|qZu(2csff#AEjQN*@K#eJJCU;atd3ASf+)j{D)e9l$2}%dklBamOCs${Oq&M
zR-zD@Sgfy$lF?LYe^m(_U~7R1=@AJ8A#_hu+**JdXrfaMY$+ZPN*mtkm39h|N<vpc
zOGX%tZ(6;L+yh~y*8ynER)=1@PuPgJN{~4es?e>6mQKl)NIi?w3WLauI?#<6J6Y#C
z!Zu}?6y$fd=JjgEN^q^Kp+frrFWV3=%{-@KMfsrDFveCm27mJ~$ea7X+>8i}I1J9_
zXoO9Jo*AS&4qG$cEF6WWc^D+kF&LU7Y*6vInTJBm9D$Xou^uCcZjF*TV(4O#F%N->
z8IOh;4LlcxgW2F)Mo^4E!0aGf#_WSZ?8|L2Eu+ya$GiL^20yx}NdUDn60b7S!Wq;0
zNOa2aF|Lv0d<ZPc!=O-($Da&gA&o|!jEh#>2j*nN3X8a9Ji=r%JzuePoQ{6<ruB>w
zUMej@HYYY%IPkFcD(WD20zN#dz$n%$?qrLm>zoj#ZOe+d*P3S}>`aKex-fGJL4#ml
z&J(fHGB>stR68H?;2m2}Q1Qe2n`y<c{FYkKblfX?V+B1ix8B!LLorC!WKg)h#BqZP
zt6I34i*m-(6tp310O7-_HBj2NGx2K2v~-(k_YU-G4-<8O7P?B3h9iJXK<!XQi~?xt
zu%RL!nqWJE+Hf-^7bLGU$gA;}lLZX}?J}^{wLx>C7(>;b_;#AFr{h&`Fo$Y-dk8P{
zE0MM};^BE8M6n|$=EKa|rA`M^HUdX`#6c522wR*=4R8#r`fz>69-?^E@f*CkQy?W}
zi;}_E;P!&;=1T*dF;eI3o~db1xzrBbRC^k3)yn-Qm$c$?&eZ__=S%TcRK{;`J1le~
z8mC*Ds8G6krBwH(y00zY3#cZbs1KW&=514g*$U|4ZWMTP&Mh)AqnW80GkiAPY}{*G
zuK#Q-2(1SA_9z_ed;#$sXi-qx@F!LZlMUAp?cC_0D@n${(N1&nhUYKw{uY4A8N8i*
zHu*{9j3iktD^?CqlUYWHoT?ViQ<M~7ge_1m@YNP07^J9eR#cK_=g-ccK35tD`c9~1
zXFW5c-u-k+ejcQ#dh(R~4F5jU|9(b(CO;E$MXreZulk4lOeSiOb=Q2O`Sh&KNE4bP
z2ULt(uW>kL@s+@G65%n+t1dtL|ID+P^-V;sDLg%aE}W7Fu&l1=9a?WMAc06V_T;n4
z)8UGZB5#wq=K^Z~>z<xGJ)O3?uDbZF>Ea+=)Ad%bq17~B!z+jRfnfy~`TBvbgABpQ
zEen2cOY;>aOIT`=D{&ul6J>=j8|GlVnvzSv6s8RlC>%Z36V+6cehO>*iFQj2OIW%N
z+E84NWBdQ?+19rImEFOSVyV5~@ifyOE@c?XVE<CXIKEr9cyAv!LMGrfK@-RBj&gB}
zQ#JiOBUd7|_HPn6?!kW}$@`-=zj%KH9v!RDXu$3!tJ+uF+H8x0m1+_Z2|GmzZA-4)
z8lTQMKw>l0{aAoAs@xb6zcUUO?vg^xt#;{&+~F@%a-o5Y!4v02+X~F{;G7wrFwFBG
z5M0Yd6Ra@fS&`9<=t`tIOh@UncKLZyN$i%*d3I(J$c&?8#+DSy&O?bccVFls_bgL&
z*0@+1py%jqD%;caL~jtdG34Tec7E68kJg;klAAz^_N94y5A&Ww``MW@3ci-=`~MJi
z#y4lV|G;~$59P>18vpgmW6d({U7de8X?lAKkpYHD44b7a^H9Q_;~Ab>0Y&nv1_p9Q
za`phHq8DIrV9=UKXM32QDY=2xl9_6R!%R=Ai8Y$sXD6SL33+m=R(X!w2qw`LO?1Gw
zPYth@N-0n?BB6)?knac&ZN<(};D!&$4aLsRNsm(3Qr>*qb6cfuKWB0-Qg$()^PE@f
zE0OUeE}{v5+S<=KXY^7$kOzjt4oh#a|5xC1b{lc7{;+Ec&MAA;X{ps5IU$i;!Zd$f
zV5T=M*>f@>e-pVVpQF^919Y`L$_AU^wM@By>79dFLd-i@C!TLh-P$&?Ot&}u()Yt>
zBKR`wLF*njaK>;nptggP)UPmX9)Vh|fN5txO)_@RGP@B>tq5n4`!=y!VVA0#l8YRd
zm~WfSGrAbuD?tl~8rd5Nau~Y_+^2k70A4Z72QX;MyWD%1wQun_%N<va;_jlZ^xMt=
zv1g$VMD-O*@kXy95)CaIHaRT((!}MQwbtpdHKM&i%s@me{b7>t^KF;;@U}r1m~Gbi
zuqg_ou0HBIH*4vu$jH^3=6+)&x?^zu!fc@-b_#uv{_39q5N0aKY8i}68=$~bmRCHX
znJc9>uwj7%)Ks-s!ifz9BHuL>2&2goL#*)ye;(dAYFdwGb#lil<3%dh>P1Cekr~Zs
zo~Vt|jk57n^?{coMQ9bmzY%IIW$;QTR+HzlQg87ocGT(UMJC0WVmF5HrZEo7GQsCz
ztp=18eJC>4<XKtIm!9{|!S6$I>oV3UVbcY;)H_S-s9n!tDP)z?6+0SM7-3Y^%EO&#
ztd6<_wKF<-dIm`l%?o`R!;yWm-6ADU9-ZM^f6_>2&RadgXsb1sRiEW%+x@&@pNcc4
zZ>nwWlM7<asNSc;UJu3hu`E+6n9Prlt@TQ$DRv?Vl{nPW3kNBm81a`>EX#D(qfyI2
z{j5Zze{-PRw#*IBM-M@ln08>A+)_Z7gY(P>X};k10O%cK;6r2Rl4S)cSz3EaUqB<_
zw7+nz0T7pO0Tqv06M2MXHHJ5N>(J(N;BN?_HYe<!m1|N6iFuj8;;EE;k*|Ed{ke%t
z0}T>-XOyiYt!*8F6-Tt#^FHkXjuGE)w+bo#<g@dq=TA2j{6V6w;(rDIHCB1^@8!J5
zPU4Ad(0yv{lt{z9*Qf9d?C77JHg<jT+4-~crzfh<&rVhE9n1W)$<tHf!Dehx)IDRe
zWt+duH3Z&+C{rD4ttWAiYyy=4jc0dd&Rf`i&W?Q$z;3{$z$@~*l_=Toh8Ml1GiW;>
zGJOYFurF?DV$6ZPzg6DjXtK%Ld+ypYW?ZKW1|q~wDxouLPK<mX(2!@WOzpEe9GU*D
zb1Ql#fZxseqArcS+X<&?-QP1tx(A}Jl>7#T8s>F&%_@|ZG{{furA>al(%*V$V!cO}
zr)ZMGMcyKzB~sd(@!2QSSk&DG%OO)FwI%zMG9l)ss_S*Z5<TTxN8~$AbsXxHtkgHU
z76;XL0pA>u8fnv~Z6fdCbyu`nMoBH|M%@@=AJ+-A>QJ>>sm4eOfRzF+0|eGj33*e?
z3WN$xk{mxDM9~Y1WZ0=v6m$WrHL7pjhni4-6v$S3H<SQF2Y316g-lqKlA_fDb%sg@
z3uwMf*Myd$&UFBUM~v4wO>a64ed}QUYQ5MdR4Luq7c=m5`t-@x!<>7d0XpfsTmx~N
zJPStN>fC;_#<y;Tk{Z6wvp8k?jn3py4^52BRh2b6!>=AnUa^R@wUar`Bo+d0%DSGm
z^AO<{f462rWNbiEl=W=ueW^DfEW&16+9h~AEcmpxZflFWT{}7=CwS+vB&875>DJSy
zyZP!v5tsM_P`Zlg7cqSvmT{V~@bvi$?evp;#WPxFYoB~~jXeP=iRJga6d<#cds?Er
zX{%*Q@~<b~UcCF^?Zul{r;4L^gmB&4CJ)_hx$~Ot1Pw3U&cvB^s~G^^Wcr~v-Kti?
zXtpNo1DMC|x80`!A<djZy}v3xvq#Abt58NsKvBYvCfF~iN6S53k;fHq`sf;w$GrU)
z5MJ6TH)@trr%D^uhz*ck*KZ3@U4&Yo=!#Ifz5~gT8#}-@at(cuuQDnto_vvs<WBWH
z(lFEaWUHq+x%lpyyyWsOTsadfX0}l(s3|k1lpqif46de)E@2-EA^j#-GdA1SWwpgv
zA0)%>&Qy1y-sO-Y7L%Sfmp1{3$@XyL{l>CAZ|WwSlFX5iS1{6RQIiLXz69VYQ*y(L
z=j2r`Ym5)6I<N85)Gd>Bp=(@dhXKr*hC|C2CTp9#LX$}#spN=#s6IbBBS#<RQvH)x
zb9po+m#ZS<39pn)k~_81nSQ`alh0j2<RFW}`~I7+Uw-`@#N<>UP&2!CD&ZM`tY&uA
zG3}+8h*eRF6?gDgV3YW8ucFd*z{u~@3dqJ9wU3x(>U_}>KD_Q1b@eRJ%Q+Dkq<p61
zsnK`ErM<~Z(iYPP4(u#K2+`F)ou};nT&DEt88iV`ia(93-A^jX(bJ<Txi*r}ncHuB
zpO@lXl(r#Y=6`ZTPDBYUN@z|pMm6A@W;AO|A~^Meoy7!Ukf=Zm5}{3yjm2S}Fwh8P
zt$ogOQ6|j59K$W%(UGjG5CE}d#`vfVo<wOT#7a?@FXP9_Jb~z*{KuM+%a?}1I{?cm
zmv`QQvNe`Dp2Q~?EBcej$*V7}b+b-?p+WO<o=|$_#Ez*~!uI5<(Vyy)DY+y{(6M)S
zg&Xxfc}XjZG7fMcpB363h)R5!0sI0y;s_}_$P)>${ly!Rju0xGhYZX9n`+?;{2uDz
zKPPWR&ipCd?-)&q+PP==@w<{&%*&0Ujv%$fL%52q4w(l`XWlx%h^d+>b%Q>O{D(y*
zW~La{K6>%ZyUS6X_~zZE>4W+x<{Qn2Ci)rWewsg0P;KPYFFP`7bCkcqz*}$Y>4uCO
zDP4N0zWOlz7;@#VV}8eTZ+dxq7puFKDukG_PEgAAk}5_@R&`eKB2d>9mb_YE5P@$i
z!O;XzT?l!}(CwZ+HyPK#6$s0<m)INdGo+fk5_CJHu*ky{PtYKl+sEiV<r$svj8|(V
zADm8&bckudFbq3$qtPOdm3TI+o#aIQb`Dn5(<$)Gpxgrp-yMO;JUA#6?I^#5&tk)I
zy*GUG?sBKIT5*#2vs&HVdsf2_*Q~tf2@5C;+7oxU<9hqWl>S;5lM>yNl2xNl^yU$B
z9$K_x{Hcve<n1)B0&U(S7n&CVZ8gWfV5>+L0i0%B|I8Dnd&m&sYvS2hkxdG3;AVh_
zZ!vA$b`vM8SkB`z>C~-XUbii#FIcf8UtU`Y+wm9r><G|oiT2fFNisfX9^A$#^e~b0
zN|f=aVaMhPHM{T3T#z@;x0ECz%UBY$3WzxlgeBRdy6IRXIlcQgP~Nnfc8(Kp{_fSq
z%Qvs4tMs=^@i3{xq?T;LE8oc&0ksne{t^RFQ+OPCq{rM;E!7ZWd^ydYlW!!N^T7^g
zT$n;se(j~C;32TZOXqc#;aFECV`r|V>HOnM5sl%b)zyGZ5meWJ;=Ydo@^KdBnA655
zJ8X`1^GtiRuUp@Tv`1K&m4JwGK)RZXQmxIhy_Q&&z#yF0l9f|@^`|npp@R+@`;K|b
zn)VItJ2vkdS^c&3{Q4OVN?^3EmKcc-mRBtf^bR!wmi_W$8;e`$ix}x2UDwi~N3j}h
z-4pjpIA#y$52C!|`C{_GtK~%dK+mDH`}uEUD&reR$3>cI_iHWLyv{J-MotMWxQ^L7
z17-J&)I9x5s8+|QlO~9mHXg7_U23n!FM4%16!~_KsM5%KB~1myBb6}Y{!_|X&NN-|
z{FC7ZVHwkiEL+QuJWq#5y<^gZd)oq}{!Tk#tdH533}U1QksB{`+Xvmdx4Of>TFW1^
z3BG+&q|Nw$I*#MEQO<85Vh1zI8Bg3O(_E;rNG!(XyYsw}k0AYhl6rsCxw*q|#>sfw
z%OMS4E(BzAYHZt}D5lH#X}bgDI?$4?SjEZ)Nhc9`t}BduU9kMRqRE}tEAl8G{OaX{
z9UQ)9*<gaH&P;0p#c%`tlDqL2_S<4`;Tu}SS(41%9a+GBjSyBC%vy*7fGr1y08_Mm
z;Z-qvSM%_3PFm-oHp^P6Z)Uu*49D*dWEJB4X#jhXlSE^!z@hFSc~}pfFFQ|NBB@Lo
zw1o?N^5n@Ag!1~+pZ-KdNhnEK!dKlJy@Zj%AD%v)lK*}2<~4*r7L`OOP<*Spp+(pO
z*rcxiasBn%1{9_JBxsFxI9nmY{$~F1^UtT`B`+a0k89il6On0xgL6?43II_oSmzPZ
zZtx)1NeU~zSXMf9T&>=WClzK0BI^_Zcm-lpc67ZfEe1k|&q&7a7@5nzmZB~iBw`GQ
z_0rU^bl8YyElO5>#5km&eX_Ne;O>q@sPm*7jNO9r(g#ONbSwvieqaVk`(RC2N?uqt
zV}g{6Qef3jzau#}74x*RBDK(MQr;a`fdM2?LP!YET0f$TMQv78$+%Rj6OhriY;hBp
ztyaFowN&RDlo5f+Z$LwS4GpCRG}wvzhO`9@?xpXInK3&lt)M)~s#;GIgkh>SLrK{x
zgz3Ga<(<+IHAkL8eu=cWVpvw;9=%H|x_0xnf^9vXPLGj=h?2;PmU_>t@Ap|7<P9w(
zBJnFB7HVAxfOu%KMyMXCPogG=ZlPYAdo2&K3LMKl4Le@xQ~B#HPi4G%&SqWkD`W0q
z>>jugWcPX`<8^?88Lu(N^X1$N5$cR<o5|@7?+R3g*FjQX1jR8YayZNxuRWj3cx`z)
z;}v^G;}v&O;}!Do;nl9itKEFqea%vlGtTXxMT`iPgDe~-G9_;`Q^w6jXHsN!g~VeP
z!<#lwZ=^m`I0Bfpy$!f{1lb1t0hw}$<?HV4yZUmteo4`viPmk?UTT+wOdg-Exnu99
zj;NWoYGUk|nFmbL19@07?H6|>Cv|%8UhsnE0#VNhL5TC@6Cq<PeFv#Ol1LtBNsyeJ
zys!y(CV=QNuUI*!2|INy46InP6)Qb(rzRNE<h(6uo@$W6gq6TZ*oTUhYA%{$|B{@1
z;Y(82plgGk|0weWyeU3V8E!YM*)2lfG#h(~T@0zH*1|GX>kZN|ffcSrU230~DK7#A
z0+VVe<+Zt}BqduY6{K_^C=nuL=P=#vLZcg(%WyQZw@)bks2RQIsgZ5K#od4i7F23$
zBDl(>6bbhNF{sO#HdL`dI%<`2v~I}Q)Ib4s@Vw6VsIksP%C72J#^v&Qw9&usVGO>q
zDtic4kyvj-kL_QwTyl_0)ajyRCqSbSFb$#c>24SSIei(^6?oN8Z=3di8&2`Wis32y
zCNJD)NJ6trc9Aa(+xN@piX^D8rurMe9t$%f5W0a<g{?t1+KD0^aB`6w0#HcZyr)41
z@VB;PdIR{D-J`SRSMO}uK8m`j=Sv-slNNk|xBuoKG6&Z7;do>62rnvK1?Ur~-`8ys
z$TdoJ2R1g*1DrV9EW$!<H|{25Y=i=k2k=V|LJKrlB(+k+kRPi#YvL8cr8^^*ZbX6v
zv~ydrHWd%~11-~wtHJ!Swn*08?+T^nYoflVGXPe`90rfWYtuXSOM1cj3~ZH9tZc)R
z<y{iJUM`>cj>y0%wuMs-EoEM+k508mr`oT>sdkA@HMbsmi{BW)DZiC&tl#2g!|71G
z?WTP>l6Xjx5qi@$v*^h724vS?af6KVfB>z40@Ksy<0gd!;b74@=y)It5islF1;P&0
zLcux=XSNV&ZnB|3vMgxAytrG<We?T}^K$$^5vZeX#M79&2arMa_{e0*Run#dsm5&p
zORMkVk|<%WVhCo!%9SKye%6Z1JGy@w(A~{7sxq}+Fg}>O_O%ImXHDg5u{0H8BU0g;
zt8u`>w#Jb?KzHK|)C9z<dGstsDk6Aor;gyYjT<o_f4DM6)b?)NhiBFj+jbweM2nbR
z7#2Rd0!9qgC=sMBW<-#UaUVL)!5HUJg!|BuETWvVG44Z0zKCKIQ4&Z?%7`HQt9Bnc
zhvt>`ByPGABL=~>Z^JkvID{7WrwuZ%+G^U97_(Q)mizGdcsf1Cz>h{@sH^$p-w4YS
z;VmZ9TsP3hQdS^VHKr)ndAc&~9p#q9_Jx<g2!?NPioV=ZC~8C@i+H3vY(WyEWg<gC
zl8mo-C2b`&CM!u!@XKjZ)G<6m-@RfhQLfJ{8TELJuD)ZqxNLJlshPSgSzcx91Ik=>
z<U+~p&DEZi#$5*HQwPG{f~`e`g%HP;3D2_pp4`(?hI>rLi&-hZ=Tby17j+`8zm8a}
z1R?ZCFuC?K(T(p+!L_w;I@qennL|Yh+m{B}Z1zS+=6&ji#xYkxtBRHRbMjv&?|=XE
z<n%8mC*MDr{QKX3fAW3`AAWcGm(!okAHP36JvsUQt2ckWxq9_?e){wGdA+*BzkWXX
zp1t~eB$3n8zx-=d^I8%g&#Q?jCph%a0jn;8h#8=5_Dgd}Ste$s^aCvQF(P&lytUne
zgG<=4@hcxMIweR5TxKtMWD29XyPddDu~i{TTCPc|O=Ig3_!kZU#?GLB(7u$HyJRu0
zSjy|w2p|o(-yM+$0IAjBw<e|nZ}U5GHGDZu?odmz!#M@H$;q=lI?{gd6{8_rAey2f
z5JIF(jkh6$ZEBf+(S;hZSDWHeq9kuXOgQ-Tk!TPA{u6txWE`(EDs)Q5pN-KcVkhCx
zG}A<?R08x&4JR{)x>;ESTpnplF|c@EnZ0Tpfoch<H=^_hX3<Rg4c@dUGM)hRJ!q;h
z&34(`0H*H;s3TuXwa7)T@9|RAJH|Hf!Jzg7IEpSz-`3wlGQqVS$;K1}8Kp+Olr<<D
zx(6u#dMS!Ixc9BNDJ>%U#%9cU7QY(}fVG{3I@f_{A7%S|lCsX05>EJVGZAlbm1ynl
z?c>cshIWGD2D>v`6WWw|(%j!Tif^p3Mjw00I?>22JPIuyn}I6^5<w=mHg}`)lNp<1
zz{>EhQM5q6*6A=Q%UA^&EX>08WAw~Q+^fa;J}2KubhHk;XXeidJ#A%&N?j$Iu@v)T
zoa%sOoy#*aJ2fGK!-Sz`X1Q`|HGmbVWNLr`$EFl3B6C{ErKrGkK?|Dj%2UFyq{*Fn
z6nu8jyfc!V>hNZF+S(~T)v^@zVpx8o_UR;}(u{5|U9BZclCE<aPTj@0I?09h{y;kj
zC07=D8U0N!GRjxvL^4KRnI(<CT>Hgkv__WgSTSJ>MdgSE<}l@u&s_uXs}bmJ<f&a&
zy+02xhZ5qjOl<*{r^1QrxVXBMt~RghD&iZwozFzRaPhX99jcCl9148i^R%WJ9t7C<
zL6R@7FOe)?EUU=_1J5p==?$+jjpW?`)!|(x;h?Fsoe!<?P!yA{0XI*_L$*Rp0*bX>
zk$o!wx_MzMCMsbPjN)o)rLSn~W*?!vWCIj#zs4gGD-SC@U`TI|k>Br|^>f2kMMkUm
zSdOFb9ILtGeN}s!=IMlHYS~?V`yv!6V0UUO6zis`ifZZ`DM4-29woQ{*lNbo)TuNB
zrj&;qt0}8LuD*S7M);IX&0k)UhKxA|DzU&Adz<nB3m&@Q*qgmH)i@ctxBsC!uAcn!
z<UgEh2Y<d*Cr+tuh$s=FpK#;4ZJD;)E0JCoESc(RJh!MA6P8zH0AcG&K+qLWajQU^
zOZE>FJ)w)dYA%@2isiw8Ws?n?iwa3&Nm&?^6R;MV;;fYrz;}QbdTCzdgni%=kWg@J
zVQMG_n_B@zy;7|N1AOCOs6sEH-{qqEon87Sh!9KX6M8SWsbHm8Kn@1`z!2zJo~_A>
z%ZlEyDY;exha0+pGno^>=w~UZ^NRbUkJOX){V)u!ka9UEvQE^YSd?sH#G%mQ?_;PM
zG^h|die0^FNinjkNQ0fnqR+YBlHFKt=)1_1MihdH4FKA_1qmoy>!=~L7HGdt&Jrdi
zE!SA%l~*Pv8Y61`ZB;X{qB+(HD;ZWvt`nFkN@k_FW4TRDP^ZC-PY5I?DgbB3M6g2W
zh9Jq3<_p%Oa<6C#Yve1d0fej>W;W<tN!YxCX_+a3#Cp8m=N8ixz0Cf-s)vwgg9i^8
z;ip)!il(%pqaw54P+K`mN4&s*Igv1NIh$4!5Cw;{5@*0*o?(mtOR1WYw<6NhiUHXm
zDnmUr#3-|GLuScRlGY%NH_SBT6O6XZD(P<2h~6}b|49>N3uDnIYlfYdiXh7?UNVDg
zfJMY%pz9nLc6-RfhH1sK7p#&^a3-E-iZN>GMO$v*u!Cs`Ql;8h(XSZbBub&rC3X6S
zIzPrmhxOpzh&0Zh*D2lBJlrH-U~-QH^A_F^<#t#Bm8x6KmMrQ0_Lk;GdY#xxGti_7
zyl(O|#w8LFQE0A_p0=2LRdXpGbsg;%>LCBvXEm$WaT_)=D55--xfoY0=sEdaOTf{>
zu+``>A?L)X_)|S020N;KdyK=HbY2LOS-+O56NloQiAM5Ql6VOwb(1ow7IZ1HjFniR
z9ku_sWza$~fr=~W`Z}}bAFHb5y|vOeFC(8(iD;50E&<G5CMwaqGtP0?v<pii1C5J(
zjf45pSu|+yiK4nt-BKz~PG^}q(4EC++uJ_(;>J`sl-{wqw$!*^wdqGuZO+~neLQ?y
z#HTipHHxs7>>a#FozB+8!@72=xDbYFqg5^vPH#^lB09##bU-96#Dm4%-Qh+TSC{ax
z(F+&whdJ$|oy6vvF~trV#3UGK_Z_1{^zdr$;jf@>hjzT#V(cYTZ;B=fJ)J_CK$@?0
zkY2UqWjZNnS*_7Vb7or~P1sGFjC^QxOh~AdkbAY}8-~t!%(R=;#wNh*MfbCr<wNx{
zCP&j;tzNpNH;l#Q6YXVu%m$!$a1Xk%dt)$#-fe7TaK~-|)TGTTcafVEtCj6QsMsEm
zR*7`sCc#-*7wiw}ZD)iJTWH;jl3e5yovd%2H(KsC5yWUypn05Rr-e3XtxNvm>QXc5
zlU(G;_VC^~!3`~Gy~+)evC@ahCyza09attK9`QU?=K&mxV91bllCa3Fq|JtICFJG^
z(8IH$RkCD~ND;N%3E{b{XqGj#y7dAOAaQD6k}HVDv2Z8*URywmjA|3ryv`F0b>!80
zOpxA&q5xJ6iB>v3M^8dyU5I0;W+8!PZjGnt(o~)WMOmW>ektN28fP@Qd!S`10pNgE
z94oe+q15IISo!gB+!k%7nde<O)9v(0^IP0D?aHX9R`!+5)&Oe;A&zKWi50DQ0v13%
zcf4yWTcyIpQp9ah5Jf;((vzk4WWTf;x$e6I>8viC8fOgRX335dLLq8-OgH!jLrB1r
zUb4u|xl&3Ug)+Evg9%|>rcQ%5CNfS+_#OEUeCQ4(G_Pivc#x!e5Z3C2(qG(k%{4cY
zXB~Aw(^cZ7n#v?pN8C~ba%XC<Kd>xQ|N1y~!1V3uJzwOQ-Or^lP3q*Dle82?5i2OE
zwSL;|J%oXj_e?@CkV*RSm1l6T1<P4UD{y>j1W!IEbfc-Qt+4e#xXS>Y%w|eQa%yMV
zH3cvysuf^1Z{&0VFw`meMwfuM=ZnqD9<UF@2|;K>K>GlCZnTMDN=`1aV(Gj&@?f#N
z$)>KhN5yS-6vY>%kn*h|J7fkiU5GU>m~K95;*XkmU-uq0@xJSyK@)d)*w$UO(plTM
z=yZDP4NTsON(U-{WKGF98z|Y((kSrG2fCi-tkQT?#wYO3y!Wpq4S<llmsZQ1jc2%m
zLCo5s)s?^_wTah&=Z~e15KzBE#_=d7W=D2Pu9>Ns<950o1QtzOaqN^;lxMOzOK<wm
z?`WbU&cZRn>YRuF^wuq#2shp`)#R5t!Ow0$zP%yZVb$k$y_}PGED`st#0Bu`LqT)N
zMgAq_S*%CMES1J71f}ZQ@d+cnkd~qA>0app(AZy!rVb1(N_Njh9XAd-jiIhk!jP5L
z)t7u>E4!LdWeB|~(|BzdLyBot%Qn_Z0s#$sbaC6cKZL}I$r!Q6)p!WG*3<Esv1H5a
zSh8J)EcsNEGuqc4l2OS9?|F?G?fB(PtA!@Bi2Cc{cP}vq8(v*8CuLsqgwb1~g}QjY
zqB&i#i6uK}l7qa}m)&cmvx3-E{Kx(A&$~a~8JLI84#AT-esXPI;pPr$f#jO^jgiU4
zidPjgVa|4EKzvFXiLd8gnkRq*1>>682U}~?Q2;>Ge&C)gjP9jG?VRvcfu#^&Z%=d%
zo^c$E9)ScRH3|EWFqZ1Z|N7X?sM`?&AP$qFwVus`8kvvISVn%VS-B=kE;Lyou`xV}
z$R$s8?uz!-#b^R!#T0PUz51YJV?evwO26(BX@e8OP(&{|JB+Txiov2S88+6frml;(
zFXQ#75n+sE!&0c{y{{9|6bTNWr2(A6hK*WlJ-K7+c;g_^f!DfJupx^X2d(mEBS?lJ
zecRXA#feu``6~AsDrJRp1GQ-43I(|rLagg4fedmrY$Cq%WE;B|US`gA7zR7-tt8+(
zwhkaVZ(fLMC33msg(=?)`&_RE@-5Bym{sKV5S87_{EWO6mHOuuWRQ$pm+E>cn0zZL
zc>beI5_W%wDboHu4t_Pv@&crdk?m;OVq+=o<a0?bb0SJTx?5}k-AHVnaW6F9@R1aI
z+NUR6l&u-uTT`tMJdo<Mc_AIJpF#wQO$&iyezanXh(N3MwPNK0(BYD(@>k6@@{Gc3
z%XK|2{N7w+%!_!13t+YHHj5@+LLRH6j_)}LLa!mw>Emd&Tg>UE<c1AKsbfV8#dZF#
z5-wl^{l5`<EHCAhToB3gMaEnj#;oVOE}E=rk<ycXtoc3780It5+}3;(^9}hko?Bp%
zS0xhI+`gkbwmv%R@}+2sN0<3gga6s$K~{!?n1&<xEfT(%=uEAy2s}=-J*3{WYY3{g
z)4s?kx>Ls6`nwc*3S~u&)3rmVahB=K*$pFf6v-V8)d0B>mxMKnA#_WM>@fI)q@0Z1
z=mZuBcUv-@E!83FBr->COFd_sMVQ_CTTQZ26ird;gz1g&WT^kuRA~v<<7=)aOrvD7
z5E!D{I|w5rm?f07Heq`eDeAHiQrCUz?wL5w$t|L>Ne{)WWxGKjg;b|4M^U_JW3*`p
z697+X-?Hc*h$!kNloZuATk8g!iizdN#~62`ZR)WrRjE>y8v|B}c1Iu`K3v(_T#{iC
zZl_+lJxj)c$+#Ebam_@X>veBXzIGo`)q8^}V4J6RLz5U7*T}gVCyf|jGy}(fIcH^w
zb2nS}bFQe@q=Mm0!<)`<?)qam$7ILp2wh697;alx(Tbg6J;Zrt%BDmgLMxH-xsD*b
zcATMS2qvNNAY2gUD6(dF_vb{#e;bCEM9)Mwnz28Qa{D#viKINxNgArKWUijNUVv_I
z0MJ@cn-Ksq=Hi3$%D2Ez#hiQ@S4PsI$XCcTF=;?lgy%_Crx-tkEL8ET7(TznkZvW7
zG>;k?(B!+=(4trd-^X|%vBIv|Bo1d`RPQ4t?-(U}0<+_}A>v)ZTjqlx7VUzpN!$GR
zC7+dyyjapaXPE=UjIOc4Hq)x2$r8^3N)+G9SamGPQpk#|XtLzFg~-e;oOU38q7Z|k
zN{rchWNF%CU7J=f&!)I5Zu_QW?VAwH3zSpqKHpT`(`*2S2Gv<OoZw#nq8%=lOD<Q|
zXUTKtTxR+KFJ0b}Zl=0e=2AS6RFDS-fk;YDh0FpOQ!&TsJtXBNVpWu4#Z8pFSra=0
z@Mg8QBvN~ZvpQGP+f<tQ@&&1AxnPx|L-KkxV_s0x{ni*8UAptw*6wWeV*A3IguF8p
zAp;3y$hjyJ6XIz~g<|12HS^!<v$4)A={>aLihAPkfA`(n_+o3v%`-!@`5?+Hec)*r
z<V}(jMd;MmlL*u9s7kPY<K@ExPe%*}+}<7pqxz~rAZio{Pg!26&0YHCv=g9qN?vh<
z<OAAJo@F)Td4uoROhCvBr1q6D^h;JDXc&M#h-yhBU)5Pfb0%t;t-Z_XV@^W&aLw2U
z+z4@pti8Q`*h1PCPt1e`)dmxw(q!DG=l0~apn2>AOElO@k<|-62#xho>)|)0y=w^|
z-~Op|D&g;XL~K{0{?{o6-1L^GCn+mf9>DVwIr*|#r#K)xkG-zr^~;xPJ~kD_S|^61
z;Vwm%O2R%=CH1~M5v!FFWG%fpp}C)RMX3(^5(d&=u`qxo?gJUh9S?(fq&*6)uj4dK
zlhBT3_S<#&VP~>ja;O~^TUNCaP|4duaRM{eJ4?2KF3>>9=Op(BF1B0O%H}opx!w-=
zxBdz-+-VN!_(<Rk5|Qz<?5RqQz413z_taY^Aac*g<kYoS##`s`G5J)Zt!(0+mG_)I
zoa>CQ$pf#J6P>Jl4g%!)Z{eSywE>l?i!{|an~0aH(HW*riPtko?KvYgPyZ6Kij5L^
zg2sz&+=YiO|2_x6-ng<s`reL3Lw~7-EXPtYY|R+3VCX%oPg4VBXI`L<>mKe_-gA@4
zNy<9UhbJvcG@})jtO}Xq+VWZRjN%^d9??I6|B0o923Us1o+Xn%YcVfxQJIU<4vZ-`
z<mbO8ycXWA#<*lj0R1>>_3IXW^UdYUvBRXEF@hj`ZVy$2#}C{*{Kwi=!2sgl4vwa^
zTQ7sVXpykSWcrfJySOr38;`ZO)?Z(|BKq4%&86Q?7%~(NlNAkO{Ejtk771%yDJhqC
zyOj3Y-t^ej7fj`erZkLqy{$z}9yGwX)>CeH@tnNMWnHqSC{X7$p*0+-wUAecH7}nV
z{lrUnqzSWYru5R@_iFIIEXrQmwTXtbjKkPV3tCp7ZpAN7`-owM&KLQvtMhVh5_;Nx
za4zjlekI#t$f;AvU4dWPx-8^8W%uVYrBBbG2{GBa?S4{8j-DP($u(c`jFuS!f>~5F
zbD!TNE=t=F2x@zBL{3BrElOxkGG>6qG>2KERuItHJ{H>}dpCa<=_t|V81HwERM)(8
z^|EnR1=NzizIZhy-)L1vAIr$qRR7hQhC4pyz(#G|9V`Sf`n>-P=;->JK8Igo!2I@v
zux5fQYHOK_SMOLc7;e~+r10jB{g+qj3n4j_GNl!v$V`$tqdvb8T7ReH<*TcAuU=f-
zyn6YZ{8hh!yTbF7+=#|p>`{1Z%AYPMV%v6xOqkHTsiO#$2WU<%b6(jh*M8YA$waQh
zM-)|UtzK{l_hGqyiTb(q77tNIuCS=9ZTg_0AxfJvB~as)1Y3jF0286}srep{q@bZV
z7uHTgM2W@nbgB92^mqz68OPIOBZy@tSkg;WpG{3;-1<%Jg*PSSYm?mSm)Q75yrvDa
zY)V-6ydlI}z;0E~+{Ws#%>}>LSdKf}qMPPKPqDK(jT-pw_3rJ!-8iBZy2O`mLn2ly
ztVXl6kY{lKmzHzv)`u`>4NiTSyJ8if`QVoA@K<wtM?<w=>y&hV=mMxUz^_JCj@Bi%
zq``yIN7}h<)cLzt7cbwuny%7aSQN|CLh#%V(a@=*Z5}ae$9&;b^3wQAewoRRV<ifa
ziA8@6<`Dz&TMR~?(1{x1-PM|EIYy(YmS#Yjo>^(WT1ICR{Nf$ovryO_jgWt1#&Ban
zeZXqzRN*REx#F1n(~=hbI?|vddAI@IRfx1(Y*@@3uEHN=gNh?vc@}qjZq40oCRmhg
zVyn;0dBy;}+nlw-zT3Pp^%%>XvE$*>*}4<T=g4A%WWj{arN*qyvUO7kP+Ldn0xQFm
z+EY@L{GMlQ;WGp-dA@K^v|Ma1jaSz;<iAmWH8>Z8gkgWY{rUz9_kzE8XGKRf#Iqy_
znM@{NQabsEl9|)&lzhkZ`ysudDtS_oho!J(QlW3*8HKHi_1^T;=Zb=oKk;~M(c$X+
z!@_##J>E&a-hx9LYrB;SofSEaDV1dSJSB3y%6NX)6fv3$4U))+`oXN<l2LztLHBgn
zX$9=e{i{({W-utLefBrQCUmfetIQuALGJ<*`!C${2-SWEp37w-c^t!qTU*>VCzsbR
zt}okukuBq=BLb+s3i6O&Wau!3-t0$KO_sE{sH^2mE&+rwUO?G+(#gTVO2OJ2LAV-d
z??P>8y!hM26`{2ny-Js9+)*-U`gn~w&ZB#%pWC5-hQc9wx8LyjmLDr%d8gGDek?yt
z-LlbsEWiKiBZT7bc+$X*{_o<u;yJH4twcG>Z_s+mnow$4i52cJFk|u{ZpB+L=3UM=
z2{w75paa2}U*<|H2>~~^<Dbt+&K`7|xOtxZhc+uhwU6x2&!fwiH>C<q#aC@BN<^Ns
zBvdpvZc2WPXM6m|ykjZFuKv%OW;lFr_hII14}W~?T928AHq-Fd+DmE~i1wnn?pamR
zT&j6%`%8|slk=FIR7v6W@9jMYCaZH-T)}qU;B>sUIWWE^?b!(kt2*AIrSG@%<F@|_
zej~5BgwUK&J$ksAOI;QgB)2Q2bn@Z{ngC2dv%jY0b3B9RT9PV*3FD>|1I?`$`=nYI
zy4KOniz}ca$-n*a2}p9EJ^SMm@8o~nypz$Eq>t)d+*zC%A6wjtAqH#;C1qV>c&*~4
zdXvNA3owMVIW^+tw8z-kUwLe-NpC~O6ut1=hala1lgVMG2Y&W%tx^2V;bC5?`{8eU
zQS|wbLrtBi!*1|5caXO=6!<n?d&9Y*DmtwR{KA+d^z!ZX53eu2c=Z~_4WnB;7RhR<
zrSfg!9^-fI(EbWeTORAQ%RBD6oV@+=y5*_c@W>5YP`aMFT~()iJ~#pgvUfW8(=8=c
z4GI*8E2oFF&3QUZej#_1>N$=^$a6H_5fv6Jb`GwK8qu)eQjW>MJjVNt%%b)WGM`eh
zf5rHjlrh+A-BtICuB@F5z7yS#ZP|R$2SpUe;d&p{5JCn;so{T~ZKX5V44_dTHj;^>
zp)04F*6{k?AKp+GW(wd}c4D4DVO(^meWaUwJTP1#g=BLm36<v5)!}PymhvGu^Uh;U
z4#u}F+x{+?CF&iNUcGNWI$xM)*fp~?XIP3#<XdFc^gY;i+F!vPFT#Lr&5FSIW$Q|U
zI>Y)*6uEIKwOvX(?9qRwwEBIT^mpB=MLHspP2Ft9{PLxiFij?!)QgNntTM8>(hh#2
zr<X6c-k74S9z;0?q@(>vCxS-*)=eTE)<!<9y>|_JuTyVtXb<`&Vym={+=6~Ti1oX5
zw&16=^|n7H1E>u4*!1>hD^!M^^$%R~BY2K^KpQgD#5Ej;g3-#^ONZtnrZro0l2ZHw
zphDxAh`Ae$_gJJV%harh+%1Epffa_s?Xg7DiWXP~o}}U-f1qXRDHa`-=70+^1dG{D
zbZDM|;5zW>sy}AD(%8=$A==Tk{jQR{aY`ySqF9E0i(?ndiAXA%nbMZ5dSJ{iO+I<@
z1Z|H`{`99m5hxIrvV^a?L<rvXho?`c<bPkh@rCpgT`pH5VimRsCd4Hy&&dC{{`zf$
zld6C964prcYK_?8oRXJL_?>I(qt!B4VF}=p=W_?zmP^AK4B!Y~EKLD&wZ<|YK#~V@
z3fhGY<_(5f!h7sV0$n&G8NXv>E}`_eKbOQ{D3?qskzb=%<BOWrC7Bn5Xur<Lh?=%-
z50T!?rkIhgu4MwrkrxCuLxhvB_0B6x6{kT1$TW<HW+Gp}tOfid!VNZJsm<bD7Xgn=
ze9fo?qqA?yT2^1wd74E4$F_QV^kRbo#`fye3{%cJ3V&G5(d`tFajS;jZBx>A^JNiK
zwdq{#Cz=ylS7HJ%^d{JPO5W!LaFx#h_c#W~TuV@!?Qv$`#Zr#Jx_zJb(6g;q+fO@+
zW~QoEY*TZ(VrPom8i3<ATA<{MoRw&gi7OgKJ2l&22){xZTAeX!*Gobd3#cw~A2Un2
zViXzwslhN@GII6m4a9(hNUTJ$ishKx7>5b27GNU=PYHP?MFog{in5*{X@S8Zm}D}`
zMB;}Nz$+0eT~j1a2|PrWjHaggv=WPof~8YJUZ~AD=LxN%iW#b>Q<m0BuGTrCOGZSQ
zGK9yUlf)sY&!EWd1t$SlEu8VHq~#ig7c+N?Sz&#G$PtECVYNoczVeIvWOPA0SZCKG
z>PvR`6Fv$e-sa|#V~W~A!5loWyNjQoe}qcH;LMGr$j#QXacZoZDh;lxX_l=g?1N&@
z{GP=`n{#s|;J&3}+qT)Ula4z!cWhgo9VZ>zwr$(CZQIV&Irq*?)$_+%>-_|8)$=33
zI_^(Y*G2YMGjA=8h*t~Ua1Qz!g)}iC=&On=%ySUdB|Yy$F?5?5Zz?7fclYuiu)VO4
zF6+gWi}x7UcwXEk5O#Md%V)I8B+N%MH({Js!njE_Q|-3OG^PdXt9#;ZsTyq)mzxGx
zJK9vyohA%Fu+_+TFj(S2R?T@p!Q^!>n`;{gvQ;U0a7f}sR;zeGS>i?3ta%{8<U>|&
za1JTY0xVx`8dlkBbU0_6XBl6(+o|<ASKwuDMD}61^1D|ZwjD7LSEirzo&P0j%|9Wv
z@*LK9A`n$x`PmfJond?)I)!$txW>iiiq@!^w#M31S7!?-CXZ6CY8nS!T2wM7r>#(%
zQ@%PVwmo#ihO+be#3@(ls9eL968F)ue2^zqhVU(q@W9-G-O~s;J2uH2RcZ2iIMBS7
zy`h~sWnl9Z4C2j;LXMA-b5PrvFxp^b6cJ_eTLBUL_t9@QZHyabt5frJSH&sRyfXCq
ztS*va<zrNI%Jv?qWktGU?fkDlETf`ndfWflv1UtBF?>w;itb-1QwL-3@9^m!+{Z@}
zV0l`l!Vum`YE8)pOZJvUE`}ISnsu(XZft$YUfiNwyLlFuxHQ0R`)fv{Q}G;e_NrUp
z96=2F4PQIbg?8;^lNTvyT1+?XQu9;5s1*dX3vKwL+5F%UW~nf194-&~YBhze-=bcX
zY!xCXbCjb9LY`c!TQ#exyZ*Y3&1f;SK{Lw__R77EMO_&hcSsomm(88bFA7oqhU0<b
zQAj;{qf#-;u`C@pvh37=U3U_8W}U!W-5i4SRO);}XgrL5ZY2!YV}hrXhS!muP}qGa
z#W1q3nW~|}PTwd0ti@0&>MW(c1j&g_0;Ou7mZ%w<R%!8fM44V|XnH;gkKa0*W-1R_
z$-`v}Y&DYWkVv6q#KZ2{&q-nq#}r^;yT{cSYk{g%kD_S=={KN0;SoZh$DSXZ474@&
zC9(t()$?8WoNuuY$2TP9cZXLZZf;x}hbmcO64oox7a)j$->Ia6l+c4kvRS=>m)gWG
z(xfYasuj?z?^gWwTf#~{^fzFj-nGI|qUOGELYgeZhH%G_<0_tpvqQ_elTTdc?$Jb_
z!wg-=6JN&OTMFC96JJ5U!&E`o)Ttviz~2gogT2tZ^Tg4+I#q;rZ?v&AE8y>+PW0o{
z=ALwx-aZAlKitoghDs)@pojNwe;NzJcA3OMK^<F<wUJ+#+gg@1`XsF+CiMLs+0+_S
z*DP5s>S1ds71>m6ZwZAE@JH<Vnp{+FmjlazEZzoz0aA~6X3>I(!&HG`Qb#5}<}#Ni
zY=18I6UPyM?_wY6$I+}t3Emgmx)rv%r?s8HQqCcppq853{nLsOF2zF00W5WNq8P9f
zjq01v@qU$55>@P77ClZCP5!>>K;4MOYnsR7m9d|DCr_Fsgb;b`2ZuY0>__NY!|Cp8
zE-z%OCT=b3RdI&~rAOtBG|esYpreX|;2d21suV3|G!VMgc{x8Oh)>C9hi|=<iOdIC
zWr1gwXi{%N&#OJHypm#NR^8~aCdQf&o<uJ-=;d`Al2Pa8^25%$Uf<S?6q}k+eaYUa
zf#k=&&LBKAJxnJwC=6bU#XfX-<9IDNUu%Q?Wf<brn9I+aY3#1guGgVu;>o}=+|Fv1
z?3J9#M*bYBR_&FHW2}oS>5N=vi_c!5yd@Ebpk-uGEun+}Fw(ggr<o^`k#*_bq?#)I
zY@5TP?V${&P_jEZem|)n<lc|s;Q*+o-323I?@gte;azUQ=tNu>W$`T2kdLeTR~;Oj
zJ$g)DuC7CB+gALq027x^kjuj?$*Bx`7KPZ`WC5Dd*qnXG2lc^K90(w+q9Xs8$bvkU
zkZmsgL8Sp~O(avy-8&_)WZz+~tQmx7vGUB%I0QfxODW}88ZBS~!koO#V9SXmiEQMo
z**QWv$)t3X8EWdEB$FqvUWY<r*)@P7wx*(uv0At`ji1~tNft+1#?eYU|FvM|BX$<u
zZ5ee+KC>t8(oos;eFdznQ3h8x!|Pgdw&@1j2{8-BAsRa(+Ud@vbJPk-lpA<ed<U+l
z*(#W$sLCEIO7=R3pVel|jZD8YKUc;+c7FJIz9z=TUKFT)zF&57I&=C%cCx;Y9?c&{
zZWI(0<hy^)r}XWs^}e!lzCXS7YOZf<aumAFYrcu34j&(xe|YQj7`yyVmc$a#Gv`lG
zKzYJ5aj&<YU7a7fj<kkpVIUGAhOUL?hqvUv;MI?at#+96zoOh*yy%z`Q3p|<O$(!N
ziSd3hUl6Nk4;AwJI3*wHlc^(;ZjzS?LY04ogD*K01ByXIh42@aLuoi7g(4{M@Qa|B
zu1|}8aEh?Hi3%3~hv8YTNM+#vC8F(r)@PKWU}=CtrMAh5i+44Z;#H4IX1XdogCVvQ
z*?DI>syhQ2NRhG3YAy(6aeMPW8~~UmG3OW|XHe8Kt%lVnmh~k6IhOmRO7c1}SxV|L
zRnqxYqE2i)W#=v)mH+-r>pA<aBSX(olF1rD5m`D{?O0I(hV_v{2vq?$1i_KNjKrbx
zqL#GuGxAkTwCU^W4}J+pRVgWs(Z)YV#3IO*CUc~|lGTual-kuAEwXzT{DCE?C<zlV
zcg@By$|{+Ravue@?0YL)@_q*(?G}0H<hG8P;kel}EMvIxtjSp6!hHj3Llx;IW2>z?
zvq!WvsG_>EQ8QIhsRd?N0B6T(HQj^sQ~aNBntHV(yzvH@Edq0b)&|slIT<n;Im;Pe
zVE*Hd*o~X(@b9`h=~xCqyWd&z&Mj(H8vGxb4C1=uXA_QsMbfb)w-o7#kv_U{kxE)|
zB?_bAC$5<AO1q^DzMo!$oRJ#p%@7<8m>91%O^FtV>R@mU+V=l;xs$4!^JA*-WGG|)
zwS6QNu1Rj=U>yYp`BV<s=nf^F&%QM0y?vK_I~92C8gyjU2ef+`s0cXh=HY0WDuu7Z
zOV6IeZ`!h(94LW^Sw9ughC&?M-pGPx?P3sC_KNG<!m*LFi2n>>VSaXEyr^=vn!qzv
zI8BD`f?o}l<;9Ch{nzzxC^)zp<P(+6iLZ7K;w^R$Pcp47v=(m5dCOkqtnCco1xFE{
zfzwvz`wY{pD&-faM#z)e#h7oJTWr&uuf&C<el}eh(yGfm*4we{2xr=q9~6x)TF244
z1tz<zQ-=M*^%hRxOD;LYw}hhBJ#i_5-@z(sJ+X4EZxrQ2p^YfE95m&eJ)=>-;#F=U
zQ2M33MX)b~Cig?xqo5hdP;PO(9tN~OD~_^DJ#%sU2X(vTqb~+Eg#oy`FfL}5GS9Qf
z{RqTn=LDGFLNW6pW;Yx$RL4&_^2luPUlPjwqtFLYU6X+l=>RSxMa#4V-I$eaZ-W(F
zg6m@9CM<OLf&((PRZfl=1bko4_m46(7S!5h;>O~{8>7E4FSUoVzRa`m!kbFRz{NAg
zb>FUov1i6Abe0v3Le#TXAdc7#C>>pIN9hGxeZua^RR=bj8f|zUF4inWbi<+J;qF05
zp<krk!E3tNmody)Pl|4lUCGqNY1MVojm1-(H`<`6_2-5{k6>B=1>l!*pVH(>Lt3qp
zSIs+2Lj#3q3EK6rFT>s9uCLKmq$t1IC*J*&uQgzQ-S@vpuX?-;P1u`^+8u^2om5Is
zqpLH_a6Db5&1Hv}Q#$E|v33*8)%^ui=o2$ZtHvZhK7^!CPCh&>UjbhGij7JY1`r&G
z(FNVMQ}9w|{2N{0fa~tlJz~go!uq}VA(lLsEmQ9fkMy4Ay{*5yQr7c57fh>TE<me=
z`3LkYS$ieM&*z#O&r+9BOYaVXv4fSs;k2H~iAS=E%#?PqoA&QGMcrqaR*+si&y3*k
z>2SNf5kc#LP7Cn{E#ERB{*eXY&`CgW>s4k%!Q+szA`Sont$WQNmR<Mmx6dPWAK3sM
z?x<Q|Pr9fpAWD{s-8e;G($e&OyV=OCs>kJ=4SF#)4{uL@ZAjE94v7zr=pwL%gUo!%
zcx_)7`3kaX6+B9);pxllHP@Y8PKK&zFV{24qr=0|Rq8vu(5*&AFC1=YCdEj+jY}~P
zAlmYjdzJ|79d<b$pC?V9)k#Dew6A(puTuC9D9Ym!%hy-1JiQ}RA!p%n<4G{`i{rD3
zH!8+PBE%p2O))_UO`VHAkuUS=uyzQYt9jHi*^LEn2j^dQ6bLTUh8^>)g!H~NA*^gx
z<HS4hnZ5iR&>R!X%+^kV@Xf8zruq|qaj~*1Rpwj;?;#251)u)29;s{s*Kwm};!*(T
z%Qu6PT~bU^8c1An0|Ql|lHn8BC&4CRm(1VR;gm_8uex(ItuZH&i8>=*#kN&d!4eF9
zg6nLA+jprQgZ3#=gaM0;1s2={qF#NBBeRFI(dABZIp~gXRGO`_I@#SF_^uV=e15+f
zIW?Wt=ZZQ0eB+4O<%)JITXM-tctFkCX69KRwc1u#3b}TMBpE*-Wy%RxculmqQ3yHG
zw{zt$;1x2%hpO(=30voVoE&XT*t2j=xy$&E=6n)6=osN)`WxEohslnHdW1?3+8y2b
zy`dvNw#Ku*ZL%B+QQA`GT}_4Ba6*O+>ePxxctWNX+@=Y+ww%U+E=v^?-{bx;CdXHh
zlKC$zWN>R$?p7;<#n^A0AqMJMsR0{d_&Xxi@@$*(TH^XZktXZs#pE^Rx-}(7&|u*k
z5e2CCA};W)!(`}THo6-x6Q*Z_=D*xAn+hvaEIZcEuc4WaT=<(ZY*Z><Y|#ANx}tA;
z{*(4XKi1~|Zc6CJnw$QR5!jNmwUe_o9VGDP*Vn%!MF@~xax&fU@@{xSpcQeAc#_!j
z23+bP8+Rf(P#ka^8w}f=q&gxRiZ?rFlG8-<L>N!ZT)l}6TbD2#JGM<2$Aj#nf#f$N
zjQCl4I>&Q8M3U1yn~*^_M39eai}sdg?psJ;rvOl<@uElhR{^ZTI>l$BpYv4Ci_BY*
z%)Y;dQw7Ik9XI(Gtg~5Km4xp^MvOUQ&yy7SZ+q8S!T=?P_+Z^?2;q3%ZtXQSeDbOv
zO{k4cF)piN@27lQAvZ2LbA>&b*vwxikNaa-&BZLkpbsD{a+5}MCLk|OA2<8w@f4JS
zlZNS13~*b04RZrmMdd}}<O_4<Mipd=&@XdgFBR_lS3{(=l^X0hrGyA}{3ohU(Z63%
z($Kmz?kpfDhzlE+cz){4SV$}zd6HgE=|MdKk;u}}S-Lr)WL7SZedSj$Zk3Zz?t{oH
zt?2s%G#2{8&t{@|QR@G~@e&<U`pnv)+tS^agtFuXjZKColoQu84%`N0(8&}Mvqz;>
zqofIQ9H!{H#0=il0%i%&qePm)&~f0lxVrao0rNnnb2M6w0D`le=tZqIEFTYh<1{;~
z?*WVPY@UV+(*Ds*IOEie-&sG1PHyc8I^X`3!$7UlhG&3%xE2t;RiTk`<iq;a640hp
zKwtn>B1QE^X(HLPiBmuOtuhg{{E~BL;{E32H3=eUE>CQE0J->b2u}xYbBj221{Q@t
zy`rJt$)iROSt*&q+(BfavEGl}xg}6l#|BX#zY|4`{0jj%y2*Z`QOd41Gxm20va)v<
zBru8`5k8DZ;6~$Y%Z?Bh8j`(gJG$?E`<H*)>06(S^D5P2uUSToWePY1IAZiSc!r@F
zFgrf-Byy6i-7mJ70MRL&Mc1UVQoT0W^M3S`-=nV_n{4D9d(4k$?XJ~px588W-jl<)
z2(94z{d{<NQPEx|H4!1xv$=G5RvC(g8r5{n1T<A_9sT6_R5N~K?9hLz7+zg2zPPRh
zTx<#Dsppps4iau)(tIGtAM)UF*~1+>yXrr}GVMl~^mD|yRLdban1Vbhk;RiKwkuW>
z*1AwCLjU-*0c)1&`&tl)Lv68wi&@-NDnQp7E#;I>ZE_8Qy$x`G6zgs}UUX55{5N_x
z%FF!o$8fI%8TB%B*W|g+Y2R!~y3q6B!gg9qrX(0c?RIhV8vpsh`1-EpEkxQz{Djpj
zrnYgMq{zzCEVRF1vYTVy)s&(wME$ljbNIj6TiMzCqbYwuLWWLD-;o&N!o|a;$5$v<
zYBrfPHFlG!K3L`zQsG4-^>un<DDC}Hhh~E!0h7|2xn+h;he23y9c4DOA)xIrPt$%_
zNO}!3$IS|Na-6;&<65z}dySr&#vFR++56@t&K&V(XhHUrp^?JTZ87#bHY@w830u<&
zpB6)3Uuh=8-UXOi2I9xVr#-xVIs|U-kl$Qr>H*1Rl0X~|Q>Lg7t6J3wHzpQ+%A&(`
zsW4$|rp?%$M<#?aEO4c@qVM>uYQo}~Mb4Z%rfe&WLvj{V7?A&>)GVnA_q?z^{an1a
zkAbdRUH_~+Jq=2cTT$hhtvx&UOcXW&8b5xCry8j_=ZJ@kr^15*4?ffCKxD@NN|v(d
zU+^gg&`)6?%bp-72U8apv~TiZXIwQkN=EE=dU85%X;e3))(CRE!sO!lmwF$5aV^c~
zP}DN%%%4j1iHT$riRX&gv{iT)#%lLN0ZD@JqN|eVsrlhGsin{&rGNzIK=**o%C?m1
zO|C+2gvNILtXaf1fzp0OQ>Vu6+~fP>Csz&A+dmA3{``hT(BYL!2)dHBmLZ<WGo%^A
z#T3D_b_HrdJo=q^dar#`$9rt@0>Fqpn@<lz)v54g_+xiTB2K#7Vp!<GbsJz5RAgYz
zPou66G-zTBcmgrY{2j@?fEv*Ts=(B|1ovy`wGB89F)~(9jX{OQ=dx|zvGMt$s|l6E
z*N4_<$pFPVs&cX^$oop-AeMEo18(mnXX14#mm^V)Wb?yL#+6NCZs_TZkibkBNzSd&
z*!V@d#<v%*I~xw4ZGk)qCYe8i0~KY$)&baKm06IbI+swEU|_9tGhO);?psCe_Y0?E
z(PD_m81psl%x}weFHTIUE~B;tlXjG68N7L`DNg;+$Yc0f#)yugzsl7S(wQ1*{6Dsi
zEvXb_DVS6A3aIA>SYt413)m|eCYeV|$go=y^*)Yuq?+UcFV;C|E5n!dxfn4{Z9swX
zqZnwD(9;5)Z<-XL@uL_U^H<Nr311F=Y6&K2mW%xA<nPgeXSY_Uv2Y9=uia2<TVWeG
zo-x5Sm00X%P#pT<w9I&BQW=a*E6gKY0|5I=SgqtQ5g(tq^S9gf7|k0g-R*`7C`?8-
z9DUQY_e>H{!q9yQA#{h;1Px}r@2jMm7IuZB`0YBjr{9M7B4TOvPUq*euldaZ`+59@
z?P7?vo-0Qa`g$B~#upd8YxvymQBV4W&L2(h&@mg}giQc~hPX%}uTGzF$qP_rYqAl>
z>skU|#eNnXJw%oe6PvZ7*}YRCoC2gFTcknEuUu;8c+}Ka`H|5@gFs=FP@{6h&e)&A
zj=$btj}5VGYaO!c{KRXZ**9(AGj8V~L~=9&ojCTWUZnTs7+TQ7D5j`~e(mv?1Xm;7
z*Oft)F3#i8hIf&T+@E!qo0kokJSHeTjg?vnrzWtRl8?A~ic1YazxQsX5UAUYQt(ni
z#&cVTm)JO3d<INC@IP8^Au64~h1Ld|UtU6g-(?d+`@~{aolmb@<}lhX4kjVc`%D|W
zs(hvLIBj~s#G5o#aw0#u7ia3;v^DN7)o070*EvO(I!6&`SIwBGrDoNXl2syAmLE2>
zqZJL}<U5aHqia*i=+zaL%ecwI3rdOk)ErvGO`OqvRWWF?=KbaEYi^mzFcc2NYr7!~
z9G%PdUdCb;6KA7N-x5@Si<6!VmjE5bqSC$7iJI2No)@@Eb7fadRV8C82<FGI-;dx>
zV%!6#>ksBGI=DAftKAm&zp!iY58Ss-F*h{c9Auk}b=1>j9gIvQ4OPm3Toi-NaZLxr
zXHZW4^U^S{Y)t%E75*bORXX_F?z9&%X0m0&Ym#F2cbo2(scTAf8{V<1#i;v9X>##e
z;C{IlPx#}Y3JSZ2K~-vEcDsC){7+SuYb7zqY==Q7xUM>s?T_0VkqklMc=VBCOrQYE
z<V_93O7E&t*1P9H-8EfywWhd=_S{+jHXDCdF>Cr2+27puU^2CHJKa!%CSRmzMpwam
zp0+FCgyJ}S@4=c4{{7<`Zral8`UY)vuH^t}_s@rmvrT8=&sXIFBvV*vpHkTYbRI~#
z(VCh$C~~~*9oWLt?EUkS8xlBAQsnrk+AWfuE9&b@x8O(gz5lXKOSJt)YL&k3-%Gu#
zg??Jh)yeP3vMycLM@9QJIN$j#Dxs?`#F5$;>ZkYagufk)UD3};j#~b3ZX?SAD%`iv
za%ivpm{;l|Or>b%;F510!Hl>^e#h1#3FZEK#)Z==>Sl@tL@^WHqUr#|-ao+&fLdi+
z-embOsK_zRAqGeII!k+eoJpU!j!k*)330(P&9;4>Lg>JtWy~f|&lU3Z*aWLF4=Gk&
z<1`9-ZA!c*1Q$A`>}wU?iU-{x<q#3y7C;t3=3bW@++nKA1k#lw-Cn5fJP@3b6cbR_
z-ou;tymIAJ&9SD+$J=udeC?(6ytC1u-R|BPB3Q|7#|Z=jf5_-7Q55t*TIcuiU%R^I
zdYT-+4Xzbj9R2z7?RiTXx#;;yVzAU2dnlCM^Gy&bY&JVdudes*JQz!$R``Al5!&tX
z9rVrN{~-ABet(Ra`F;%X{rmow^L;x~q9FA1iLCH*G}b_^@bentORDgEcR#B(5uW^W
ze+bJMM00bt>s_D!&=xX{-g(*66MxaNOr|;?LaY7HYD_xo0}(2}-|7k-LIu_I#{EU1
z*w>TO+lcP`X^Ty2{85MbS2lBT7)_dD`P6yH_4vn>3G18OLA!^%Mc-OT_z?=HWyO=g
z*A(H*!pWgHBYmA`$r`T7zTe>+e!)LlD9Hz%TsFmr4v44*TzYEwWQ8Obu8P0O^=P3P
z8aqO1f?qc85JW7xX`EZuTM>b`_*W`qb}gQK-}pnrYSvgqr4c8EKU5Uv+H&;GAf>*a
zKoQSiJfFV0HncPRLO6Z8zNd<5<eIkU77Q)j`N}0be){Bmh~1gvEcz-AnQZ3s$mDC$
z9#WWvr_MfG<&csvPc?Qb&!FoZvLur+bxsr&42GW8_Rr^ri{%x<v_i`sH%KY-*V$v}
z@b=U|ulYZyUlJ7NO@A*N%C)rFrLuyUw>Xl|vvZe+OpU!x8`wg5cC89*BxlD+<P1@N
zl_nb?U`1s9m{<ZbqaxL929$~ivst-rm&~z#x=cuHm)b;;8~j6L2hCDA-1Zo4`_w17
zuTfn&*=04GvT+q7uw~?}Lyac$8^LWmcW(4_cQgS;Ils$~W`_9}W&QDf`Td<&JT1}$
zl}j%9xBK_#)rMEhQ~+=%%^6FVlp2rS>q#O8Cf-BaHaQ00ZnOr^3*yx=1FJ~RNNr_s
zP~3ZzzLmk{jh7yXIEn4)C70Qd3V{8QF4WdN7*+*`gOF;I9TcGNkp8r}N{ub4LxSv;
z1TJjkMKu#`HQV<z0W*s&`18^T2>?*}k~4Lw47u~C-=+30hva{A5+=(1Gu=Vhzdv&h
zzt<icgyeE$xtuq@j&HnbgMU|~#I7)~z=>Ldn_pj$f=yW&x4^3-reS5IgAS`ZeyA79
zZsR$N^_Y&`j6bZpf0LTkB()Q#58&@cvL&b0E=b45t5KS_tNfs_1@RBACICcRYYM7k
zu)?(Uc0sauaH3l@$T-OT=nF%v=ncZjT$dsN4@j<VrnQUG*}G0}%86nV>H-*Vn`h8{
zV1nfbEzYENj5HI9e881o>_ZfT^t>};k;yIQrvz@K`tyxv{l48o>2vpAN;?MYT1wsr
zZvmkD5gTI@f4P{6V!^bMpIekl23<xJGWa=;u(a!i8KLtE?N5#^;g>d1StHNF<gito
zK8TaYb7uA)a_kj=Zj~dEo+Fxf^%&xP^Z1AGc}3ns<6*MW+P~uOFl#1<tuI;A`(iQ9
zo>x5Sa1qdn66HU)3F$$4yoc2Dbri<X>y6k`D6n67r<#MS`UD~`AABT^UtnG@)n^}9
z%6T>-)!CHST~_fx$_<r0JxhnAR(%bhzb;9-)cYT;lbOqpmcM3p9ZP;fzpSA0N)D!L
zz0d-0tM(B;h#*b4d*TgiBTuyPJHSN^?40wNlw2H9+=24YYa{)-3W4M+y;8i&+IfEw
z4EC^TXik~U!_BqqrIOop73KP`5hW-M$1=+yuyaW;5)F&UK{iv=37~!%iIV==4Rla7
zv9FQMwg@DN3f;<TUDXrW#yRBP+4GB;B=^E3^A0RIqpt${heW?1Ucf4)JX>EM;^|y%
zhhOZ}G*>90J%cYNSAVZJWz)b692pvg3q6ZKAb%<&@YDgjqiL*8&Oa0yg8oIY)tudC
z3lidxqSx9JYyg?n4<&&oajUc>R6tWO2@*L;S00Fwq*EqJ22y~$Z(K^z!bbNuAI}|r
zF0@6&^<d2w`6L3rP5z;P#i6EYP+o48hXZt&muQaqivyd?rX9EETC*Q^R-WKaF+$EX
z;*SZRCf<g+l+9e2S_~wE8-CAfW8=W!x}@aB2zB95VZp!nIVA0s0c>MYPLJk@ucfI=
zeQX;z0EZ4woJ_pp7!`jCf|2>PQn#1y<G=mtn-~NbLRS>3+T!w*>yORB2_cO}97e6T
zZTP&_n0n}Eu~7b(bo4^tvGC2_p*7UA3irc0_0#usSAg^ziS*62MZ*N(VYEtx$@Brn
z25k^5gt)=>l<&gJ>*}r+$badE-!n2`cdHA{ducT`K3jfui~lgX{TfC3I%@y;G-^-u
zCZ`|c^Ylr@z#ZV{Nq(()Jri&P7rS-RIccfsXJbA`uBJ>|-<ydiJn!Lb&k%@1k<ONk
zcY)?^MZk{r`wDu~fg3Tt@UOJZb2O9Zk!DU0XPz|8H#Vh=#nAkTl{@16C0>pP6TQSj
zR^b}Ri2%$B;gn-R>rgA(y~=()@T6AhfTP{+IlJ|I``jcXLIcrx4hD%g8_4>*^CttD
zyobD$M`1HPUKqt)5f)qqdG&DSw+zv;Kd|v6?+KM?jc0~Vy}QDB$n>C<PprzI6|S^|
zENMN;bo@{9A0)!ZKte+Tb*!1Oltgm|HTa8md9-2WEXyhRxvnDJQ%l`*A7uOpUVj;?
z<h*IhifQ)to^uve)nrdB71s@tsW>l@x)9k})$EEmrJoEFujzQ#__~Lka-j&yB%9C}
zN!hef*1Oy2qE6LHYNsdHY%8#GZ4a2!Yz|WA0c#X+@;ItxjMvKnXl1-}K8DevQE}Kg
zHb((x^@FO1OGbZ95yU7HGDZGcr1hWA+&ipg3RJCOm1PsTgY|$xan}kVUFOvx{BEQA
z{0cHRFg}H?^xQKuDDY^G01~|ET-9W}=L~O}Ae(cy>q#9FuxFpwMazdI8E>w<VaDrG
z#a7m>HiGLyL<DD>2t=zI(Z=NTeKK^m^s^L%d5$gI<UR|vI#yr#?~B8+ng4&7-Y)nR
z@%6duC7(4TbMi3$#;|pBbfz!=v&4tH?d8H@abwe~bXmXQVK+dv3BiIGt)pdrs!}2z
zSH(EYG-&&W)!5mj4xXw@Js9Lv1ITkmb&<}}4&~B5eHKn#Xo5@`!X0SvWrbjpQ0YWw
ze1w~aOTW}JENsgg*xoDc!4k4GVf$m~{Y=1mH3-FRl3p{-a`?G9326bF)#FoPehmHT
zxjKPj-j=8Il-TH8U?Prnf7yI;0X7grZ|G#`s@D@;Nxv50-MfmE4J?G~+&(#c&d4_~
z6`>rco!D5}@B6N5uy0bu9pJf}XX*3J6ikcXNGYPx`_f#H?b)RtzTCOOhA6cgJ{M49
zw&07{-V1&25_jb2FrqRS*%se&9ns`EYX?qf>;V!(v0IN!Uy~`5CX#OP?Wqp!Rhf1m
zZUV9z(iFG55DTNY`ZoNu#i;#t#1#DX24}&$LhoiKw_)ZYI%_zA%nmzTaW7@ntW8a1
z$?FxNAB(DkvkibvdyW`3hiWlx^MOB@9!+Wc_+Ak5vYzHqI97Rp353EW2yO%-BdUp0
z?`TbkcA8RU{;16g9u42v7U0&oE&HYZ5IvM5M9r^j7(EBHNSr};g!z30<@9qxUBzq}
zax)RZxsdY0Y(H`5HL^?xv^N=kF=m9R7!3wu@H<<1h*DtmmDNjxM4iLD?B75U;nuoj
z+ekt;e$CHY?`o)QZxUF>@^+I{jj+BvPDY_xH=_!uhJXNnR}8^+pJG~GWKMtF3L>1q
z)5Rcl24aW>t7_|2znU)Tz1DAT2uZNca{|7qNh_5qCJs0&)Q?_MOo^Rky6XHf85MuL
ze4|W9(k6Dd(qb%Qi`vUpV_pgyvJShA!pU>^SexZy-^ak%J`-}M<-vF3WOD5~LPNy1
z^WVB3&;R(G#8(u5<~=w^hn^xPWa3$hxW?JCF!CBBYAde&O>y(k94$@A#&5H29v5!T
z4of1&e%|(O-UkxKdVX$Sb`WV(j>Fv!|2ZawaV#Si#<yu?Ty=4d$soQkrB$*io;-3M
zqq$U$8%qvFoCLLhu9%>Lgv_WkDWf*ssz1zcpx|{2;LPYG9ZW7sPOrC%5UsN_%7Jr4
zoQ)XQq8>lYdKuHG7d|MC*t$+3=<Ao(B#~89t&1fhHm~Dba%NKHH;6%vwHsO;^v|W|
zwr`Quk*>Ts$%>`_9V8|t`}AsVVTfa6#^ZX?jGssW!lH*&X1S!EOT|4U3}Z-!F~rmZ
zF^iN;IgMn}y~df;oC$L)rECln;*5#(HxGZQB{f%6uosU@*<>Z8N>h_tW!dN((pC@8
z@0Bxn^Q+hAXv+XJ0G=iaKRTC|8Rs$w7tCKR$8t(Fzd;#PE6sj$Z&FIf*hrk)js}gA
z5DkQMwFm|y-*EcG><t9o@G7<kj9qo-Q$B4h<E<7~jCvFCT;U75*+p<h!l0C^mhNZ{
zN&f^4J3uA_UTF~czmK=9nTaFt96*jD6p949hoJ2MitfW?U_yp8d;GaWTwAj&dfU}v
znzH2Pw8JDYSMSA<F-ij6Lz3HF+o>n^+g<7noaT7Zyuap96sxB}cPuJBqAjRr#uf}T
zy2#Ox%s8krdJ(r1{u)UxS~opZF7|g+jo6;WsMXq&<D<WUT;l`9NXQi{3JszBe{<b%
z4;3$4eXB6e;TJHj_Cx5=Ma>EC;SoUjvS-jr#|R2X#k*FYJsTOfeLYV8CLJF|h;6am
zW%8I`zaYI<4-D{IWStD5H@s}Z>@rsTq%)*lF6lI<Y!lylmrh)&)#BK!QTEaVax1vY
z^<4?*K%2ctf5FL25Py3Wny?`}yw?t&>&@f{e7y(}WR*kKDN4%Io)0-K#0&6ivw&t~
zJJLu>Koe~xD>?e({G6njpktp(tZBPQ9z=NM1TxsyTf$V)*X3g>SR^Cn(D{X(u&WqL
zOs#>(VNR)NH!Ffim7cG8aVbhiF?-mFN{k5&UTTVZIG!zbx1V6J-1)rbX=4hp-vNa_
zMJIjy8mIbRekb^z?e>nuPW(Ue07Rlpz%zkh9lOmJ9H+PcQdaXnkJC^8t!;k=f^`Ig
zbv*5Gv+YY2(KRwLs^VY$@H>ob<Y(^yMdTlnNOo~8zX&{fvHd`8TMe_!Wu@z}nmD0;
z8RPf4|J;i9;(#3|4kx3>tyUx*2-kZA8}C3-PnYb-^}6kTIfm8*!EXd)9R$~;mXcpp
zznh7iVA69nl%mJURC}Z(T-~ruOyQ(~a}I1fmC|qh?!w}>0lsQ7T5dOkSZ$<Bbs))-
z%@AHEf^MiaT95JP^5i)5yBV($x%3`h)SL{!vq`k(4Bi$9F8G`!x7Q{FyZL-!VsPSS
zvg-~Q4=3xah_#s=2`Dg>|Iu0_Awf?Hpj3pCI!Dh=dTnHU+6M0si(X<J5mqfq24w!%
zKOvwm@iBiXXAPs8EfoMhyr(xth6-0M<_!^`3v8=+Smx?7V=&TS4<UGXHc2qEHC|>X
zc_AIe&i&mJc#02B)iCiyKtk4u>D!B$OPPMcA^652=ynu<3ITS!k7l>87(28Azs5aO
zbR4+x)yYSLQz7b1t0$j-8eXn<95<HxEqtf-{fkU=rK-#*PUaq8FWj9l0aC69A=O0`
zE%akyzbMS0Frjxrd+VrkW`2CIIYGLEA$sRV>+tifIg-Wf_Ur0)kR4DnwksuGW!j3(
zsbFmDf4=DpJh;N$$-fAO_}IhUH;gfEI%NpQRDhBDy53#}jkM?JiBj<x0XjQ#pU|}v
z;_yHP+apWs-YR%+hn_%I-OcTtxT)U7LECrjrgvy<&JwN6KiI;7BZmVlZ?`@lTvWu*
zJ{SJ+$Wa@6L$UHGI~z_P!|sOr@2#q)Ed_tVY>5Tl5_`vV)uunR_ac9h8KX15>+Muu
z5TRNi_EN+n{pqk3YBbQ@=kWLGw!e?0QdL_T0PgW7fSQ_4b|=S`oD$=Bt|h$bpbPU#
z0+yyew6esUGsi;Rc5;5I8n)cOyx#5oUq0WBnVqt?RY^JXrYA#Ms!lTAvP`8sR{+AW
zlZTn1*Qqu2mpsYw)ENCk+F674SsO`g84Fh7b_tELd>d4uUBWus*0Vj5RM6zbrk{JZ
zS8G=GzsC8r$3!I!Z>8L2lV)1#CB}&!o}%vwCw967I^Xsa5Zt%Uuee1Tvc-h-ip6YI
zNbRx8Ps9*j>H9DhJW$w>?Eo`eENt#Q%jl*ieMu56(cUeLe6?Sn7_4u9lBMWJoBGtI
zRPhme_()WOTmQ&`h}aFq1m%*qLeks4kDEitnEo*Q@!Yh5o(F9rT+P>VAkUgtaN{Mh
z5_u%f3ZkiQd*5?CAc-YOF7Fp`=wUP&OwKb~sAQdcY+vic+Fv6o5GvS6;W2D(_(1$y
zFkNiEAi0(J_hV0Tq2X+;>RXh9T2t)89qIO@MK@nl|8xnWDc4PKf#W9?+VI-HCi!8T
z*w6-61UG41TEvNdY~vJJ_ikllukmPrV@OoLgXnmc^!;^-9EP@=Ml=8@mO9+IUXyB}
z-(}>T({NmQr3<huyg{F^OD?=4xSe>wR`{5Q?2H?WD$52I8yD-^-k?EetVsdK<YoV5
zp~H+1BRHlk!+A-e{NW5Tz7Jb{H_b4bf0*q4=(qeAw0wwukf+(snrcT+GDDf$Nb7SW
z=wP>!U!rg492mVFH<dSr7W`+2a!QF>sthXlQB{x`-OC4LXw#qT)qPBU7QXt?muXv3
zUzE~h=AM@N9#Z4>v5RX&meJFi;ckUy3c(w!ZcNO*!&EQW$-RPYE|!TS#SNINbKz>)
z$0tgBU;`Fc<YOKD<_6xqrv4T6KD{J#v~xeqK8Z0q72gi4d<M3(kWNzop>BeDOH&!D
ziIQl|djeSMV5oD-A@WRc+HhC*=z0JT-ks>dRko#QHQwkP^;(~Oz?|kd{vnpj1`Yd$
zK1zk-5kL8(+&ubz+w&c4%cu=qy{8=ZNL$%dj7V0#T*_uZCGh*rD*}+6yCTCB))WxW
zuw;OIJ$k%b=qTz*avs9G=5HtfNU1+miREwx@#RakV_79y1#QO9Q-Aq%42>E!YZJ3f
zZ8E>WGYiqyQX%Uw5j5uXbZDyoKvR&O{!ns|Y$25;>3=WSZt0y*UM9;f+6Q9}{hG=d
zcHD_$s8hUWN2UGTp}_W%ICKfrSljM)baQiiKEl>d{rO({e7RhhnertTc>k=)@qH_i
z%<+92(*I9=U?%!HyPQjjnHKy&=iS&q;4g@UixA4n+RJpV8}6Es`gh`toXN&E{^LV(
za4@e$c6)IaP;SaXPl3vb=#qY`R)sb;i26FcQ#Dhp@53v=M`_<Xzw|UofqHf}&fZdN
z!y?y8qH|vJsXfpcLzOTlnY3}p($7O_k73vwRP62x?mPWHC+VJ86f>6~Lf7pnE-P}W
zA}8%{?0ZP}W)T41^bnP3dm3|Pl!nTpg~GWc=A%B#Kndp8p-?kZ93$8u-3AzH)T%D>
zTCV&dzgQ4)6VICX`hzYgfI4~zjBF=njol1tx*ZXx^^sK^ff~@CY}PrO8JN-T`l^24
zVzb)f{i_a>*%pQe)^RA(RVr96#LDKIhrsG`bwIqP9S}1IztW@QOx=Nf`#g9(u)Zot
zvQjMzzQ<#DqLCux<+k<e8X?#3C3CH58_!s5qDESV%t_0Wmpr>BGQr?_)d(Q2GF+4V
zn$%WU<X@_lSRaaCte$FRj=Z#U;s4!=m2l*&*x^4RNBR~DbH=+tm01-w>*>*t9r>-^
zpInVoNDH+X09$5-uu+dp&AI0p2mx9F?6bPflvvvPrK@;kr_rxb5unt>^Djcg{NFN@
zf=WHrT3KNPEY?^&U3{rXtV-qrtZY_V<dWKZUG0k!k=q|A02ym;<p~7)yLN%39CIb-
zdfS=4uFek0izRpD^EJMZSkXTX$y~0;dY)F%vdT?7)2UWEq+DAJdNcZRleHe4@e#Ev
z-f;dQZJY(|GxScfHFSotKw`gbOP)D=e0K;}t2G}F8BVvuij&Sr-!-UXt4M{g#eCv+
zcI*Y|sP`DPqN;MBn>7&s`KZ`y$KKScQ3UqS!O4?(T;)uq9=k*CUshC#r4#=T)d}_0
zu<f{NC|dOb<LGHTrJXVv@AA^&B`dIC1BpSIkSRC4f~{&{8jItGD+E}fuv+a`QTgo^
zg9L$)G_gw+?naZ5T(lp{kbbFte+r*Km7X?Q3mH7TUtqpSJ70k%9A)``Wk7@K0urA>
z(HO>pSj!-d#8(P$SU)FcXQ1_sr4n+GAA#wFd+8MoP7KRdGv0EwB>6RuIzb_2&L87c
zs-zvGE7!s*!>E(0ls`vLQ*}w2piUz?fI+7E^Zd91T0r9keY=#6K8?`OWL;uS+o|wS
zRes;Gq3=K?9qXLv2Vp5w|Bf7n#JG^M50}LF4v{FWFKLs=a)@me@P=r6pvygX7^qKt
z&_#Un)zSJQ2n%yqj_)I>sV^d;ffulEF$7Qk2@{|KKk^h^I->R$EY!YyViZQIsH)C{
zL*|rJyDX&@AvyyUoid(6Oq%!NQD|D0+nJGI3R9XGZ+bz->{{3e<yyF$`yQ>8wGQI@
zi-Z<PLGAB-mk_rl6`G>>8YU*>e@cY}e1PqsGxERiu_P94Wl*!8TGL$Zz|jpt&&EPw
zD^Tk$4_9-QLe4N<7}rWpnrObczEP^53^f1QZ@9*YWVE_t7Gxttt4(z2lcfrd7<Vg!
zYKV$x+0tt_$8rxkRDhguHaa*91fAB{MsdnTd)`$6$DV4})TkO0A9(PUbgIRv9u1F}
z!pO?Q>_ez0+I8lPZbdh;7a2&&avbb{E*)4j?x$$ytXQYXD4E55o2~nO!3K76xTreB
zspD7wo}L9i(R>JnG&*WM-#2sJ29D<|C;L?mjO*KI>H^`fvHz1|I%qc+jXw{0*VlXs
zor(FeO>Qhn&s8Q<OiDaXg?s-rz9LjoCp>d8lR<`5zYHCcqD9BX%C$chFluKntb^BA
zyUlPM%DeV~q^qUfrNP_x?enE6;@Q#zEo1VM1bx;~{}WBm_pBWT-KCO(>HDSoGaTYs
z?$J@^@loo*SLy*Q32HA6dM|?DD}n$P26Yq!edGu6<p%-tf;w`8K5~Nia)N-_K^<8^
zADKaXnL)q|2su%IA1XdK*1K4s>M^R=^RKW|WweDH3Z2f?jf6we_PD`k(lCn#>`Q@q
z;}ujOLYEBAs=Z0Yt~c|p@W0!Ee>0+6;%?XUXiGd4{5_#|q#ZA?j#<Awxqu!au~spj
z{=+X&VW;0Lh1LdMBglbQL?2Indc*^se=oO($lF!LeD~$WW}>0bmg_`wqP3}`^=jt`
zd3k{juR(jj$72|Rh3F*`KR}4AaY#CMD)q(Cfm5HkgWmA3il4T_8aYz=ZA*nxwNOcH
zs^^V9*AyK2?O&H#!3iC>z6JJd*x@eo>)QN>^{GwyvkHWv`h=kiTEpfg^bAiuwy$q4
z4dcyGE7@Pit%?&0;2CCsoQ`zHogPmtL-bQkgVkn?P{u~@_JYlcYr`I3T10udF>-UW
zmC@SNuU%wh%66~zh8Ujw`*V2?jR8~FeQ5_sc!#Z$04tMX(^l2xk5f0N1JH33@oRui
zSY;oF0{QtPVi^sN1~I)3;e<XueL3qglWUzwk}Pq4@R_LI)`!OQMxNdF9~eOhky@3a
zP9ZQ%7(b4HfEohxl3gRcRZ*MG<W8gNBOGk(hM<?w&`3wes5D;?N5@ix{hofXmoy8a
z>c!zb+lP;qq`zaS*SYAX)jtv#s9jQOyEK#xu4AcGa0=G`-P~o{wm}H%sfV=#fCq~P
zyzC<LV})Xjj2?!%wCXA4%e4BHAS^qg(<a)!mmX{uN5hbo<2{X;=IQefjhV;qnXq~Z
zDv$b^;~HA)7wIlc#K4Lt$V8rh9WM&OI4+-SSBf!v`REC<tr|3$jd5{j6gCf5DR0y$
zvR0y#k4lLx!>Wv|9jxM<1aOq5c$J7o1rJE6xM}o@D&e$=1`A25LFY{O3xX4Be4Y>$
zMcWZU=DkU}HmQ5l%gzXPRRHjNx02F1om;MqR>1B2J)sNaO{Zt`0<<^dU;G^S=Yy*B
zyY}J^ffc)-Dvu8QyX_Kq`vPeD6Sgl<knHD<?&A*sK)U?c{lAtFD=Rb7CeI?*Dbbh%
zFiKwjTNmeJ@dd6+%Tcs`hcy))PyL$e?hF-t$xDP2=iTO}u3wBR8H+>BtT()0<yKON
zaakFa5qyo#5c2EHTn`XB_)o}GawOdpJ91Bl14{=R<b29XZ&30GHR_8D>4X2^hljM9
zX=Q3(Q_Q^kM8#bJNwgw^bqbuRiS&fVQQ}7ojqK+v?@MTuc%<zleB0@|zp}FcFc4!D
z?rtgFngPoIxE;$o@z|ikbjvGk&7#TPj_azrtv0QlQ+j(5CTWy<GaVb-P46w*R7A%T
zFWX3!=agJ+-U^)Q`t>02W9KTx)F%{&22mvnn?W!@F91aj6iox(3iH4Uwxz&-wNP8U
zu~bc{0dlCKQ2JG4WB&pYM=8(!cSf#5(l$-aZ`TZ)``?vMs|ikuNspX`V-3;c^qN#O
zG!X1#XeKJO|KQtmwQZYS21BMS;Zj8Py|JsnwTsncmgs((-~`^5z&@9{mv@+k=_*M`
zsZ)h<e{Dd}_<R0)<Wi=!D+{A2o7n<iyWjV{TieT%dkf3_?s>h`pkYVJe&HJpKjj*O
zcJv(~K>xwC+%>eR4#PGvCmO#=b>5e-+2HX-l6J*WYNJ^?K#on=AO3b$*<59jq=a$j
z+j2_L!Q}Gdp|=Zi(kMUq<Y8EH&NhiWCsh!Xc#5UwDD)gnAXFAOoN+D7emLn=oq=@H
zFNX%_`NbHj1dnty*k~X@C`lt(48;};s}hL&WkTa#?8%xasv>|pUR0KiaI~nZ5bR`K
zPA$sAX(tw8<DZGo<u=&`J5OotKpY>49)vqR=SWVaF%so49gV-eNytS+7BUjGs*`;@
zPZmo_)>7i^ea9o%*Q8daDeB~H#QiP+cDWV0J!*gyi_dog2B|@iK+o=_i`pidC4-+R
ziXo|X=n|rnf7_g7j*_E-0f9Ho<3uj4ze5R43xl>)pP26)N0y5;rS4?>Qc1}L<q{pk
zVw2lyL&fDbW(CJIW+reIzlAZQuCU*b+5elbK6jguB|2OgF~`?;LWGMK&e5KOakBxF
zquSl@1R~_|7XpD;!NA_GUa*~*Qa2$GKUhk<3&&G7W`JZ+9eFTRFT`#zT}@F((zg+S
zJP1=d`Xq($DB@xaA`pEMwc6IXN))C957E<`s~4tZV0+L*Du6zLi?}xEfGo}h^`ac9
zZ7w+@YOgRvle^)K-PMIzVDS8;e|cGl1If~kTyWNe1Ie};GZ*!T77cNz#6y^ts$&qr
zH#!VRHH%Tp(*@EXId=i`?CN6tXZEi%94cRranDHai7wY@pEt4SM7jIF$g3Y5zqL6+
z)_P<UklG#@lgd-p--BK&Ysya~fvJ9P?+;PEu=r<t5MmdL=URUR%E`!l`rkz-X2Xa|
znR3Z+c<+8ivpgtWU~lkj(Zeey<RwyshudVpn-oOTPS>+OPyD6UMM%Bb$Xi@Trp5aG
z3<Vx3e>nh3K()UYCcs-~ZR}$7BE-d8XN?^FpXmy>03GOJ6!V|FB_u)pd^$*!wff)f
zW+V)esuJ`lIJ3=utcc5WB5HRkM%%u&*rqkt@`PB8>VqL~DoLorE}d4F5IpvwT-~y%
z`8rU>ejmpA68-CYv$3oxYjkPY#IIL&S!{K`9Ibuk#l}L}|BO`2*mMf!<6Bel=8LJ6
zOMRJu-a0yoLsI0I`toK|JryboCP&Wixa4+KLkQ8(Ce{F{@xBFkWO?nc0!dI4jNiN?
z&<gGn|49;{CKM0_AoT?xB54#-q@z!SQ@$V@5<%SeiPE=yYvDw$br9FdlIJj2M}%u)
zE4Vwwng(WE_3^N-lVr3jnrxrmMe@c|x5JY{q3L_W?CV=cgiS9uK!EOurn+1wND5r0
zw30hl{<!|gI`2<yS0H+6?TgY4pmy<*MLGXh2t6jYhw!ES_oE`YmQmiJC7JSTj}&HQ
z2zD$+b6>?}_6|26AK%A)1oNctkJUHu`RwF&M}asi%lmz(KuF;IbAtK%{dDdm$M^13
z!8}LM^YN&}SHv8sUEq$PY<O4Fz?SLEwA}i_Q+Dfh?eA<R@wS6(;-#Z(;IFSB*U=<`
zX6U_MHEoTK-M{nJ@wE0hp-^I84GLIcOAsq8p`R|@e@~Y~XM#z2r|)qy+LlZhJ1hw2
z6k2vk?^FsB=IwvHw(n(HjuD(^|6uV1OKQ?XJvj3%rzI6L@ogl7v*r-f|5GYy=QK9?
z6{PIMKM|VB0Fz;b$3btAj0W1fRkC8fAepnqn{OwuVAg5<R=E}y!_XiGu)f#~h+z+#
zRRME9G+z9QtwOgbiN@4&P#VWaU#vU3#cmKz()jk;yBB7qTXNU+^_HkQ%rO7gyY|eA
zkf-gGXZ3V9iQxdNrwk<w2dMEi`5@+(VAe_EpK8)s;77Eb4=pQ^MZF6$9|}*}S&vV>
zywE-^{YRp@AbhGH-#}lP95bhC|GL<1_+y2188Up+%q=?NUNN6b8@C8y{yR49^3CRA
z=D0&)sw3)VS+u{C7z?5Vf5#kC{a<D>(Y1yyn@5qqM|Te*^WJ1;+~-+E!4I%pU*zY*
zw_rd+OvZto{A}-z`FU@-WE1@BgW#vlxur6@CdoJEJ(V11K@24qlgmZCu)m@c)@2SN
zrM-TwD)7CIY7tf@JGS<sq!oc@V3+h5jAi>@wHfrJO4MJSCEp}?xa;Hc{MY75b3K4i
zzgG9)F$+zv{(JLZ`PH|jBjg-iE}yOI)Y(FuCc1{Ji4f&@b1(2dGRjIj*D{G4{Cstl
zrrCrB_pa<q6MHtPE6>Ph!+Y+iEPS^P%H2Dj!mvPoPVp5IcWJrxaE7H%L%E=U2kl?)
z09b%JE`7L-7ObBRi%o%of(?I4ckVlVsR4%v)9)rxHf_bDSDpX;aziGIoB!Jv$u2gL
zt5=c2MrVkpRHIP(M^eIFf}YCDX2@LeXdL2sUn?5C74PM5>LLG|4Kbrqe}cK1bKP>j
zhN;?~u5u-0ZrgkHMSI!Z6~c3XCSzbJujzc5$)ljSyv1+asCiyH;mQp>?fO(|EwXU*
zNms7qG(L~oL%g0^)2$@u>H*|Yej;ppwUxYdg7GS(B@vZc@G(oH0WxxFoUkQ5j#5vB
zY4Zl?EWOM5Vw-5a3^@DSBv8S1w&nQqh(?`Sgf0q~0bI5B`ag{PQ*bZ;*98p5C$??d
z&WUZ?PEPWTZQHhO+qP}n#?=4!yfsr(H5YT!pS88RFLte}-o2~Ki^3e|lS@{lPAqw^
znd?av{pQhVgN6$j*GnE}p3J&qLz9;r&tzmomJW_t(+$dPw?#@KsfNm{0rG?w2_;m9
z7CHODPW{sXY1lW<W-uo<%5^2h({W|+Wg}`t^C6Up(%N*g!n5^DUQm-zbe4M2eW{Zd
zemcXB<Qd{b)MTiXK(w1cP7_hy6LsCyrcOY*b8P1qO*Spb`C!sUmL1xVHiBX(!7)$d
zu0YiSHfC^K)nXM1BJH}>3u(!u>t7nPpU(}Az^e3b86|#fRXQb~W8ujV*g`<4QMtw$
z&mtT~Az_Fgku42gBN#9VH(N0WTh*A>=fae(-`cK(ms9|x2G<Xp;Ar<HxZq`oerL|Q
zZZRFpk7<#(s6!_ZSeNL=Kz>KFx_<Q_JOnqbCFF_frZ0T*-}Q8`8s(HcKkJ%S(*eyD
zyW!d!f;^fGnJPhx3KQ;3X8v(E2aZxKt{q!bev(}<@-@*p7i)3-c$vkoA`aa)vVG@X
zHRPiTLGNXRCgX+8lW%OO+Ihs)x>7mnW>S#e8^2Ajx{Ex+fv|j8LMj~a7JNO#l5mOA
z^p%A4jVV2DYtRqhx2oSx101~rXZ={8G3nuF4x4F6{@leNc2|;PC_=)U$?R=o7yhfd
z$(h@?CHG5v6XQrYJh~$5zZ8x$q~N{C;xt~X&3Fxr>jx^>yJM)`dvg)6mCUxnk(pq^
zUTtRjN3t`;bn7$4MJySL%iBkY(_sCsWn&m1r6TOMNXnD1fR2(C6S}dCgw-EbJwfJz
zcI?B6CnQ2xbYNvOT*Z_-)fhBdFVEJFG)j?=q{eC*8%I-T)y|-p1Sp@0-OJ;S(9p_9
z2NK}|k}hpvkG0wI9r4%|{BBKu?|aXBmsbP#ZxtVc<XU6hRJ)1E=8(6dJ6zZays~X4
z>(wbFb>8IA<46Mz2^h)};)toSeljlnjIcg8sTt4GB__JFJ|WVsv-HH?P@5Ug2fo3c
z+Xld<GG(!|uFso8zuWs|BnK(g7a9(C#x*dd(Xr7ZQ6A|Fg2zUN%}W65rsXEPWK~&{
z+>k@AMD>Buu#kBVC)1$FQ!%e#qmX3`XvSQEwOYWmU?0Y6Qf5J57LxCAV=_5g3ea+i
z$x;h6VRDJJUi&G29Q&rSuNDgNn;{Wo-9OUE<ex2TAq;6UdBp65@_AK21FTJH`a}dG
zxRSQynKh<*?Yh%Zln8#^N|vLNl0Q4WGkzMwXH=PqhgSgWCv6fxTKB=a7>xpmHc86f
z@PL`5xl4op2J6k9EYt*QQXgnz_#ZjSC4z?b;W};h%rzKwM`yzzT)%bt`R86Kd+~=h
zUO9v@GF{qjuFjfj*{OE%84YDYBQ<bpqE#kAr22?8U=zgg7ofoBdDWcxAnM4%Ggv&}
z1SMz6{RCMzpDTnJ9`P#5^AK|*tp$hOkXX0;4i_UP$1plG<>wJx4SO`ks;brs4CjEl
zB;I@jqKH0JmW(s=7Oz}q#Za`7Yn=*dZyWk{IV)m=0OArNT&dJsy!#cuhv=P0%hkc?
zfH135oSFz6s0KxzSNvwcG-d#lnaIjGn=uc}OOC0-G^QHuYLx#n*L>eVyIE6(*H*7p
zO}3}b^%gK<C3R;@*QI2m7yXA?wg{P%`k|)Eyl!XSekhW@-)a<l<t0^5B>ngErq*K&
zO+OD<GL9<X6XqTsNRwe5hjNq$$g0uaPCa|iPSqybfF<X7<&WM08>Ekdsxy!X4Q!5v
zuYcospdmMgi2p2U&Jyt@n;s$)oGKAMP=jhMXAgRPwj!@Ii*e{Adl7d%Ry|w9bXd8{
zRSvEbXh9|VDnYC^8KlszpXjM~oPU+AWs<)bmc{=rWsXtIbCjUb%!t^gd3T3QmAF7|
zsZC}qQQ+2bOxNPZ<~G{1I^L(YG`9BYO?!tQa@&5EGaV=3W-tNxviRBA!FA1QHcyT6
zg)ZzmHmneX<ZPKmuS|`L{Fg62QpL~i5I4uB4Na|1^sKlT&aMjTe%9U^wSLj-+DO55
zR%w~%5m{@DflG19C=D0>=UqBf2U8#DtYWex=GXo<tH$Qpe<1@7GWt5xACq&aOef+^
z`D_ndRzWww*o(pIy~SljZt68Vw<JW>O5lt9e$QkTj1FJ-<Jk-=`ZQYvO=N9P+4+bd
zaZ4uN_;0nH^Sre~S?xSc;~h6D3#s6koYtFl5D-AfyS<(f={EYv27;Y8Y~-0Iv;z%#
zCu-a`qqU;s?NzPU3UZ+ay7swd-;9(6{^Y^!!8^zr#L=3mg~Z<5c3I$Eovqp%FP(oI
zFP-xlFP)2L_pse6mJ&FBD3;!0{@!qZpRHn=<~c+$$C*blD;x!gVU5KoLSUQbDMCE(
zz59&)y&bAWV#!X^O4J^i@iYC=RnM7n?@&gTnNgO9k7AOeh%>vi>Tr^g-8F_A^ROn>
z!<zhr`iN$60BHx0a~M}2DzQ4|<x3dltKTz*mwm;L<zh94m(_uvM*buv?=w(O7%*|N
zDP3Bkj39UWrP<@QINj(PjKYqtK`$r#>=r^;<(z4&kn~vANlbObj9xp^D5a8Alp7k#
zBNlhG`W)a;KXU1BeXYl$pDu@Y&|2=ch6CB1afNz#d|)Nu-UV;c7&UNZ3iCt%+670#
z8Cn%l+0fOzrYe!eXXcHPQsx!aM@5_>3Xee3bTRtj28-XaSBHB^0!Tze$18?nqq+d<
z^Iu|G{L`S-XRc5;C+DK%K2<^yoWgo+y^7*v5t43s6f3Qf23aL=%{#FR&I6KZY<jVQ
z9KwoWu1&6mgz5Ckyh%M&)#fa)dm;Qq;FQ<pAQ+n}soNrnV4GX>d0pyF(Qw+3oN=^z
zO>GG0Lhx)ix!DmJo-NWAcZP}J*y8eEkTiLsdcL$z8vG+`qpbB3*WuL-HZ_(QGvR{P
zn0oOS*LzB=rp-Bi{2FWK?K~@Jr9cI5Onikp*Yf6W-1xT8gCRBx=Lj=VvHztC4caPO
zgeC_PqOMwPMtd}$>~8@=S+-NQrh=lE>Id3OxPQfAFzo$*C~`WDsf$*Kqqf`N2eCY@
zaw8!s%|*x--kL_R3@1kTwW2j<Tj+d8lp|NA>BDU`3YyKR=lk*2akHAvl~{)YrCkhk
zBD7h{lJ@gtUxB}>TM>6(&XD~>!&`VX%?k;3w{Ie_)lYdEux^fhcHFil=lt-r%A;2W
zZ=Nny`RI(_7}*goXB6JxH{5Az<W&}uAmvxHU+TcSrq0n?GBiitb>lg(FRicqK}_p8
zI(15x#;oT(j4og{f4)Bw`y3B~sOI?Wa+i~@wS&kyz|%AGNq~I3v~AV1Vht=iLoWx3
zGCH+k60X*+Im7rUl-QX7IOT%k&|Mxpv5d-3ZB1b^NPFm%a#ZG_6I1x}oS|x-#5XEZ
z9O?C9IJz8Ujyfg)9IF|PMG1;6jmC~;?-QLV87Q6M=_KQ59G04t>&jwDZBUAmGu}kr
zn3EO*GE-YiZ}t3iGf<~3-eP`e%Za-MCBK;mvYK@vy5lGwuYo(*sE+A(y@m{`(kiF6
zK5B)fkr@^}3!Jf)&~Pd^?rg<!2xKejTj|P8L@|f&y`v1ka?zS1;dRZ3@)c!SjxZM0
ziyr063V0{M{0<1m!u8EP|Dx>)H^lWKz^JN#ykn_9mZyUG2XUdm3SyaA9tIJ_hd}(d
z%C*s;Sq*Nvh?XvLf}=_-ICMqX_M$`GInSEF&-}0rx+q+A#U!N#Wt6&1^Xgb1X^NEF
z{vIu~A;5vL8X5{7`jz)X;MY;7qrg68nVg-wP|SSkEDAby9t+&qNi2G%Y#xh^yKoCL
zTd|PE%1MlE^ek#)_wdzGOx0?}fULa+uwh}lc!NZfF=XxN9K7*0S<5tPIVM}poyR2Z
zUu8WQy>_UiUvs_<=m2cWF>MDr=v1s}&wYD5{xQZ^YH68t1$;=-kZzQitesS|D47C^
z&c?8mz5OSa>+qm(fYJ&Qk)_bcvmROD$FWrhu={&W(IwL{6%EC4_r1GG3+nZ#b#w88
z$dJJUf6TMiyTT>%G7@lTYP;3Nb_1IO7u2)WztA~}fo!pD-HB#&q@~p^p-pRas@8GW
zs&&s%b^GWlWfgu^bE#P4BT4Q+8Tr&WGhx>nEzIhL$vRg(YfV-oc7FSy*G2!d#x7q?
zVOFlM&sUkLbFG1xUh^VW2DsLnUeCpD+gfZZ^x^lRXq!ZwXeLLPmZW0A^lzQq5AS&K
z3ES|NK3^JVeo_;YD%fYfhBQtk)ja-n5(7^ZSzE`MjyA+nmY;-pP7c*8AepvkjDFVT
zxi}@`+uYhryImQQEGUr#j1R;f)$5<t5d*T`8t5|I3|+(NDB=$SFzl(MM8cqaYwx>$
zpM;_j5e*WhkObeAp<2N}XB+EFo&?>s5#k%48Q--!kF2^EnZrIE!r|;ghc`i77?753
zcd)I&uFqJmoE1cuL8?c(vy^XpRN_X7p7B><L1Z?jo1bc6fUd{0n|#%kf^f!tZ2w?b
z=Aq8*1;2L2N`=k=rQxs6YhY2FjK3B#&lrf$-pJ+npFR`LWdE_h;!RVg*vL1=Wt&gA
zk}#KR(l>D3w*^w`O@x*kBwqYujwnd!7DV?WI51B@it4R^$!)<Y7#GMKQt)Qr)S_VP
z8u-`vV1~zdA~5dLXr}xANU)6W{$xkvp-yNE%^E-V9VG}s@WgZW0}Gu?Pb~P){tb;4
zuM#45pWNZFzo$qz!pxO>Tvbl!)Y<!-<e3`!tc0il5cNiKG)mBVay81t5ERIENwc9A
zHrR%wwRaOM<UPV)>p$j)yfWl7d9=8f#ZVy8(|zS`&O^M14R#snY>H)<aP%87@X!NK
zX4_j7g=S7zZA=}oAjVEuL8E8Pn7R;!lLk&$PEqrwbJ&HGd2C{-{k_qXg#4?<207xw
zXpzb|FFI&M3P|}ht|U^X7ZcZaN48*wE|q%uS<!@R+Ya150)Yd5xG|yQyO?R6NEpxI
z+#~|t?l|OQ%mYuDnT?7FO|W)Cl=_8uR#*U2Vh6UC2gU${+ssm=@P2?L5TG5)GyFEz
z;@=?Zc6Yxl-l1p5*3%STEtjmK9_40_@!!%+{4n3WAC73_Gn;@z;Eg&)c*}r8|MK^l
zH86@fu+rP55joCp3O1JkES~+VIu%xzf&1wCH;qxu$k^!N(UAjV<NNwHCUk;JEaUt7
z`ZtX$9^?D^G5M(BQ4nKVezVbD*ZcZ<l$p?FEyJsz$I$ai#{W@Ks~BGeJrX5c)}zc2
zgd4?X+lzH<;~P_C)uYU;L7D$gV<=hv6P<@z`~OFA&~X0~n`Ls&|LKv+lv{4L;{Uti
zDv0I3M~uq0=bilm=GkX;@b=i;e?!+aP6FN7cO&H1mnp-OyIta|YxVeoJqtes-aJcT
zDWiz_W3fzUt{{(lJJa!xOW5<k&5wQ27~*;8{x4nUaTFh5B!|;jKC2JY^B@ZR#sh;5
zy$uIuD;oU9V^m|0-XjY9=3qo)kN)mWWAC4J6!^^ui0ilURruo%yAx(7mzVuE?tcWh
zvzVR-dG!=C5~8F35!O@4vHf3!Lo8JgcWmC2u>)2twg11S`T1WD#m3SHRx|z2Dfs)p
zyYm4qjIY93UWTwd4^$2ZFTxMsNoLAPjbw*VW=@>yyK_d0xp{j#x@!3Txhx}nM#uZ4
zZY@yhl#yv6HDAg7TNn^bK(t&sy7g105+dd9?GQ0j%410*T%ze`qg2AI7oRX%mb^k+
z9Sfk;*u&!|(<DMeibYZ#$;nkpPeLEK@Kl;juVrl=&|GO=^w14v)#a*j^Khe_PjpPO
zIJc8~?hd3d1A{pWbQH(TSd1d9nmfmiR9380mP8gz;;l}5OnOk}1I<9pBJDD`aPnw-
zcJ2ihzGcUF;@HX^o9CPieEfisNGRH`E+ZJ2h2;ZI^g!^?DlI-<*dtPK673Ua8B8Gm
zP;R9-Te+Hy-bvX+k=4BHeGf4^a`BjZkFL8WM<OMYQM^Lg!ND;Yt6@|4>%`d+lDN)X
z6mpS}WJI#3#fG#d<4yl@O1c*l$s!LftE7#mcXa@(8GNjY-_X8SNhLHJX>fBEMOfty
zE{m7MgM6nhnxND@37X>cCRCWJi}(~vBqKZT2+u|A_=8E8JaK%uxbiIJPArcygPcI)
zUUB=Ak+51?+ul}a!!*xpYeZSZ8yqO`jroJJmYSI=ug@=bYH7vejFvDJImO<eZuRg1
zilnv7CFq(|Oi`A1uD+@68R~u5uE_uAYP*?eQ7g%B{DQ8DvbGq33|Lc5am_$9GAwzD
zb2e=B1m~pK$5;sUcS{tlV%tPElXyJB2el2cpDK;s(DzxEN3e3hRKI(kHoV3=A(hHV
zGjquH*E_Ng%Z>CO)F1jzD5YcUCzw9W;Ys&U?;s>;=6o4s^6~;}kgB88z*;u>xA#2M
z={VYlEEu{wU<Cr*_w@YI5x#E?VUU;mM?sF&u#I$}kEAb}kYb-}{1sY5ISf%6Fav#=
z=Kjl0OlyRx@A^$#>Guqn*<xFzYwgzo+d<~JldhD+4=RE(Ep#1>$ZLvPlGtdig)!r6
zOm~|@8iYP$7|9?49&M+g?m7zYgT81dlOhrlymy6j35k%(q8v=Bn^^&)e96&6kH0BQ
zB#pv%n8Ha{QKV}b0Usj&>V7e~uui%9g@`8<5|C)gBf1ooolLpOF%lX?wQDke+W*jx
z^|cckoHjQ)8CC>Ty=`zZGG<^PGE+*3)sgZI=mCXl6B|!Ku&d;i(8(xkGJg11&tVaK
zhAC5#jAo{36#x+SQqIp^xSixZ_d2p)axdjh>y8>qx#f)?dueLnEpRwx!Q&T#NHc-V
z_Y$$O@4EGL_a7>}+-IWiai`f!RO<81Bra{j&?+@|p&(L<nAgo+cC=Qf8?8;EXCeZj
zT7=6tmR-U~hGQw5d1|?oo0*n?3c^-JG+5fw<K)?D{<<Hm9)Q6W+VGFQ1N}S<bt@+(
zD@36Ev$Y%34;T(8`wOP$b)>5@q+7bC0xe}oFb~9Fs<F48G3QDCl!phF3mIoP4+*z<
z&WQvy943iog(FF2#3h#!k({E?G!#@ITslCcJfBa{3E_k3Y#5fbq1M_VG4?4;dQ+>N
zzx_nRnvm`5+0a;=En0PoAn!=rN8#r8dJJ7z40GQQ<9<3*EsCh&af~(>vQP(EwAdJ)
z%*rB_W(9^$8Dpc+jl`~8b8ZWQAop@<iVr@anD-PdfN4tbKZFZD5q}j0a{MXpXapuj
zyc9!hsuXTYUgId;@+7S)cCl5dAo>6KhVyBB)RChUZl0bgBD@5qg&Id{%y=4ObJIFc
zetO!ycFNPx4sYKGL~*I5u0aVu<Lx9SPIu0CXkN&|-Ijo`gcV)&cq;0pG5OkZk#JAY
z|B?dV@jcIY>+#9q2;#W@(acaTGF67GVbjyj|Hu4xTItTHzRPDvumBs!a04bRAS=&0
z5#c_IrJ{{fP@T8=Hv~13rr*5i_pXj``a$?*grX<|Pr)F(&5-VIjI4g}%@^7CoS`0b
z-eAP+S_@<w+o^Ckq_iwX7_&yXb<HLqo!z33HSllfpptmsvX9#q*^g1v0G2EzgUR?S
zlki6`Jw|A2v?)4w!yZp%H|FgRdLq9FGZH6<sce{vvXd+-XTIHYh|DL_amypgnZn@+
zkp~==ce|etI=Pf4Ro0g5vn=w$@s}bwTK|V&Pf7N7#0C`3h<>fFHMs^4hVbpbPY><S
zc6%uegwN+h?pd<TdnZR(Uy|9g2$wO^XzOR^Z%t``vWf7twa0zfbbj0fAOq5KyKKWX
z2F;fGtE>j@lq$H^gtNu-Q+=6PnF4C}?c=1`dL@y%(X+GOnH~IZC-(PP{hzPJr_{sR
zy<A@|?vI=6$JX7RZg<c7my0wX=db0}(cGsi8H#3_>Qo{t<qc=8WUq@}bJf0Z20N_D
zmu99=7o$X+W8_SYgybG!MCk_SMeaVKRWK+2MAK==;?s;0)x{3$;AC|Cns7dCO6k1P
zCDl&z>Ba$ia?w_^T2}o}&u97X*558R#h>PGzW{Hu4?KHA!BP>jQnYAZI>U)YcCXfE
z=Y$R57UBkN-z!<E7l(l#nTZEwqAo5sCH`|}LaN15I6+xc%`oh~8^%mDdD}J#%|Qdf
zv>yyfYlh7Q(hP;!3h3y&eR>(0{8V_e>#1m+JC4kRo=4P(a>|$lGS=0F-t2fXy~UY!
zp;y#f-qNxbI<sCgQqeh_k*X%^7N4}RfUchTSMj(L)vNM&h};HicFs%(vAK+coeA1A
zbBMMbiq=Q>Z%XyF{a~6kH5vhbaQCR6sDCtGJ<9^vO}UT>fGp(s;kBQrf6K@$^b`pt
zr2PkKvuDQ{kb?V+*7~JdWeO^BHi2&WCIb42P_u&j?$;L-Rg84|e{C|SJDIpDaV`}T
zx}+V}?m$F>be6GUHNB{03d_?8-{1|w)3*?_OOr|TC@JUDorVcs^!C-lnYD|+tavq?
zYV5&I3Qu3LGc!mE&eX7<oCrf0PP4=Jh-9%NMQdZWClb*k2a<s6U!xhx*a@Mr8?*-R
z(DdSj<>9(1W^*r;Lp>2z`%#Nbbh!G-vkM67@(iY_j&;KMxjy#4mTMVia`m6ox#nI2
zyT+LozlsukCeHB!5Iai(8qv-sQyu3{r&m4t)zCP><9W3cpNeW+DT*pIGcYC+tbFU0
zWIxjKRnJlRj)V2CDRTRu!6YMx5=293ayeJ5DV-Q}s`Zi5_qM9LTWlr%r488O3lB0m
z-AP`{|M^)z3Am(6kF-!rRTKrAnG?jDK-E37OKftn@BX_#!`wg)GNHC^%p({;TPMLn
z*E8r`oAk6N7~fEZerTl?*}`^xvY-JPKJXxygH6vVSwE1tq07gHd`h}siDq^Vwz<hf
zHGlPFti5j-Fj-2OxfiaJKzqsJ309FXL@w$vLA};Kr27&15Q7t@{1ia5xiO2*1#tmt
zeX)AjIS$(426(*4RcBz(-vTQaWH<v#4$Fu5PFs>D8(7N2ups!)beoqaD<~8Ewec(y
z;bl7m@0KMCQ4IW<E>jE_T*|{ZAc&PhY>6pAoUQWF?4&;4*?hP$ZAuWo1sH$2xorB6
z;4-Xz{Mn-28|S9D3W(<o(aCd>AAkveG=Ob-U7h~ceasDb1(_BCmc-<He||V0j?A32
zqi4{&9(DvC=_aa)By!@Z%ZjKt4X{|(HOp*}Q{gaLQ0U%)=-EK-&0P4m2E~fH%^2su
zri}vBq0er#+C#zu<p&3qgGWmS#H96A#gtOVVIGEPwJr@*X3XC*0XjDv2rAD^kL`Bf
zgXG0F^a}2+BF!O#!A>w?zYV=ax~Aqu!$W(vo5|gzhk4H=Ta5I?)8H<8B0Q+rVoj19
z(r0h5P$#uHuiA2pQxYDMsuvxZxsjnWw~7nCKqJK`6NKiGMoEK;XBixltLQa^hK+rN
z)!x(r>Lqc9hK=eM41s1CL(|7wmho_NY!cs}v+s0PM=U}Px4BcERT`W9%nVVhE@D`1
zC-W@IY54<5pN-<A{j<<C^L~DJce|_m^(cUV;Cn7hQWJaOo%b;Evjqeqw?}nIHGf0|
zLEdF>T;_P_6Re(J@Q<ientu6M_1$=8ak7%Kt@+f{ueqQfth)e_M@RD049h)<b{u+8
zpm!e9KA41CG+mI)gRV?zg-LcuN}8OarZXOib|p5T*=`zBBI)E`1CI^xQ2+WfPE{>P
zZNZTaM}<(sse0;+@F&nDo>211eCgYaMdD@h?{v3iQlQETp0ku9Ec)N+`vyCKiL;1}
z9aMG?p#qY}Ny`KbrqwO}ZekjGc8VME1cq^`N)VLtwmujKB_Bd``}Z#3?X)BIFZ*cI
z!%zw6{No}U<>kOl9$RYpA%bjGg6To}X)G~zS^xnm*r9f8m6g6Ey_lkjb+v*McYo{X
z96E@Ttf`GQ#uPgP2|X|~TZ|!b5>*4_MdY+A#8c%N;zk*r{1{Ae@&^|N4J9w1A8!H&
zS8CqJ2G8mNT<k|B^olsv%!9tT!0++((OYF93C`HV;}TdauCMdg%J*IB;bCE6Zja~B
z_4M*E!_(Wfe3iy_dhQPXw+OvYIGBUi*RqR(%&LWg*u+v$Wcd2WD552X^Y%2vwS&GM
z*Ny_xXhJ3*Pz8da=s%%b1PbPT@6Uxb)4~jZP9ZyM9?xK>%HwOIMX-x}i%{V`q1jh|
z^q=Uwx3T8vl)z6Pa&n}<B!Ip@XWvpm2y^BdH&3A4iu!=0$F8xui~E!(&#cXvfr`w=
z$8#0KKOvtrAbPbay)fD4SOrsvGC(@2qK#~s_4i0M-ZOv8H0GXA6vK-KgcMsSLC>Cb
z>*OpZ<|@Wer}^e-inr8U9E3EaaulvW=xsKU%eNj3U!ZrNL8rkbC8RWj@)ivQE4o>q
zXX)2A`bH?}qCPivk=wt_KwpI0?bxujN=2t5VYV7o<N$dr4kVBtIX;^UC`hPQEu6ll
zk+u$BeD4w?RcAT({N|$SoJa*G&Uv3RAwG8#Q0;_{7vXF|+JX(u15v2RS|_L%|Ev_a
z3=Kp{Iiaw2@|@|c|2bpP+#}8-ia`^|;ns9I`NuOajSxgJYXrHqAw%~1o(IICLeCcf
z<}2hgh)Vn(0_U5hWH`Yozct*Ila)#u3RLLh!RgM0a*f4SNE?X*r<*k1kEDjPr{!pL
zw~AzJhGzp<%k5M~>c{DkcqhZoa{r0lLV8F&MA_N!$fvBJRDX1v32udA>7r@646|fB
zVT)#zIzyQ!VQ7XpxY<VNF%xo}u3LA-Q=EZoq5uNuPZ`=en3ePe+-v@<VgiND%o|(O
z)x-_J#LZ-XLTWiL1HTS{b3bNG$lbr}j6E~`T~L|->Uu;nags}rUC>W27}rEelrE~^
z#STrSH(Vpn@_2^Unygpp3Mn|YiGnBlQwG6=OLwZIYb`n{Zj`y^a;zs9=bB<lD(cis
zT&`Bt05{+$3O1nV{M3h(32CIz=Yp$mlwu~5$5oQ9x{Do=Pi!QLbu+_S6>`txk6!*f
zN4gL4P>dRy2K!lhF#=Q>mPcJ?<*q4fopOI9R}eszv5xBP6N=n3!P2My*X~#BD&XT-
zfPySX<|*~~d~`W?4}-r4m*yjmgA}U%pk&}ZgtS==H!jka8;TnKmB>U3&qx%$$oNU_
zA>18-5oTuTD@_qXeZIs(M04B5cpSnC6RZUpN2=V<r3QyJ_S#Y}6UB+=SSP=5aB=XE
z4pcq~iXeRg;%|mdhh{r)LXE@OU$KP2Con~{&1*g7A}wp#%u$B`QgNw0=5sV3nDW;G
z#vm5xkNN%0K@<@chbTQqmofvM(z6j%9~yy{eQ+bv6`_h)_E`%d)fQmx5Vw38DSS0{
zgg?4n`4eJ8B7(<`P7rA(7T5#GrcSbQsbJ<-mRb8zjpKGAcWd2rY2G{|NJ#5ZSa7W&
zqpp*&=)r8wpX@3ib<VoK07u7XIz_sM0-|<GPzCGoG{^c43h(pV`n^oL)Cp2joSK;?
z`U<zfbX-{ohn#}RN~#YEhNmfWw-nonE;UJ1?zvnZ$kC%saH{0rz&%vvP+7L9H<zb)
z3+2xd`vDz^VRZ}3(lr@>fT(bRS_NQacpD}mv(j?^=3U8lze3YH{gJ-eL`7eth(zL^
znl&pO+!8hHsT=Nbq(JaTa>>+}$-0p{dmi6TXEn*9Y%f-p@i2;<v#>WF6^+ZBy$Uo9
zhBY2cUE;6Nre1cHsk?=ULRM*w%AX}9M(eOaM%JvHf;N-fk2^a@oz|CZbDUdJ5yMig
z$N9H(ga=yqeNDs)6tuW?&6GKGiH75XJ&%u04BJ`e2TF$<^_8tK_$6%o5;jhWN|IN(
zwVl7Jb1e$XVk6^P+CS465JfBxTx$O7#PFT?=U89QkqrEwMph-~goYvXv-(-T9^Zo~
z5-|~6%bufZf^Lqe&K6n%`^_GzCN!=Z#~kbsa+5sMGBnXEo+GCk1<b%;>#18*EJ7g1
zmz$XtyB3`?%BusbSiZzgD&~xJVnk_B8Sz{gVAGJeik3TTrBBq71Df1Ake%$eT-R+K
zP3Q(yU(hhog7_#^P)BFAx#A?+xc3pG?42FnL|IY~);U{nD$W%-j>=AtM-zYNDDDrA
zWzit;wn(Z>XUu2#pAf8d7c<WA##Ph1I0whKt!b6&v<yYfSqt-%giWNBAVHWmqE;h7
zaR&4@o}(p)XNZJW4_wvwGmSI+-J1+bY!JaBN!=~Ut8fZ^UA=GbiXAndD}3UuL_}Sz
zEA(a3HVI@h>cGZ>wqh4VX5aYUY?h4M30EUL(*cv;26|@zehoS9zE6dE?Id)2b*8{1
zN^{u*=i0x739<;9q|)ZE#v&8ScPyyw^Q-<jXaQMg$%$xH7o_wXIt<~Ak06TSOgk%O
zgohPd2`Rn<2<isyqzdc7UHMYjed@e?yj3mY%1^<4P=Z`YNuTZTq$DL@Y{D!Jc`_Zw
zOk{M^@BV>76AfSqzsOxysEBp#cu=+fy0$|TfiEFmKu$IHXg5{T_6CSmPublJS6U(Q
z&|uB75@79Qg7&hQ>r5cszxwDYytD2&dJP&#yTxI5AOaGPzqc9-V=J%=W38SPqxmc5
z#o0c}#0XTaqyC4Rn>+q<Tp0fsd>yM`{XfGw>i<bxJ}b0}5lCZY`Y7W!AW*$SIz98R
z2?Stis~Z@UhCf3sdqO7fS<xkWU??PO+q=`RJSx9uaI=Jbom1YM`J}Q_$UFY~sbzjx
zt@<2+o)gD3g47$U>J>=zp?!~LJr)SU^38)1P`Zd@-CdP^Wb)!L>99*b9!wBwTJJGS
zKoE*%TIZO)-^YW?yxc5#!(<vauZZOs6xV|JW8clmB8IBjLjRCiOz1Gqa*JoZRePE=
zuUfxwM*XZ>aJjHcFO7v97O#&C!BYYuqzrP5!!#{n#e$RS2A4e-K}rPnVa@f;0`}Bs
z$u-!}@=3BQx%?D0%MW*BC6T2W#+wu3^LcS0869GDB0*_tozo9*@EB({@<~|6WTdxP
zQw&~K5^M(C$j%m@ZI3GQK)+v3j|mPmgpZ6}1i2v!yAcPvY1F0?WW7*g-G-D8eTr4%
zQP&^y0~$7wNG5rsr}?`aPg;bEgswstxz4&@sT^%`@@s~bn_W|<B4SbAzfdJvkgw2^
zR<m%(2>PC$UbR;duS$21dxgW^zq^>-z-3Wrl&GgCe%XH#RusVWV6EU1O&o{BKOTB7
zKC*L++3i$^z$_IL{wlEY?ZZT@9(Bu<p$~t@1^>!1;2vrkzU>tqpD-x=hUxms0RKpL
zqmk(-&p#Y`M{%>A$~lM2+!xx$@Vg(V3K8>wHSz)T=MCEUJBW#Y;QQlGVJo-TP-Mda
zT;m>G!w%dFXu)3zN-GY*N3ClJ$ec4D^iEIB%Y!c;VQ-(2TnwET1>apyie5nspDaEy
ztR0=uY`tnF2kjfW!c_Lcz|^%_wCwJ=j_0iTd1e*+<TT9@mlu(E)#6tpW)V;I7}>GM
zxxu$TzR_<wNFgzlj;8<}loFcAKmtiRsY?!mY_7k(we3K#xJoyp(8m7Tv#`egQ;}7c
z5lkoPZah<k6(+|dY4YLUX~knD)=liYFpt~#GD(FkRAR|7>v5u|C*k^lwbXj^x&X}m
zCR*oVMjrg5x-SlNJ7U~K-@o@K+fX3QOPO}ya%0PKI%B%g)N7?iVq^s@LLl|TA8JWd
z3UQFE3=KBMPqShV8RO%A;$IjAQzTYF#LH&t;q>i$A;NA%8~D4;J!FIx5(B6M(K6(c
z7#`BBq6q8JR!lh0;Xp@R7*N@!I88&EnjH9ropJnj`~sq@B3O^bhWl9NFdB^P1SED2
z2^MXVVvIBocf4%98+Sr&?sC$gmdgw&W)$(Zx?PYOSg=KAwG6u7a=va7w)8be6;;c7
zv*7xROB(vyNJ2Ei3<_n<`U@Z<>p}705c31bl7WdQI3su?N@YC+34!iAV}!cOi;4=l
zb;1QCBS@hNB>{@fP+0TF4GNUUwd?iGKMLWD8A!p_{$eR(5+ay6rbGj9_23-Yp}{9$
zl|qP3eG#xJT2nip^L`Tz6o7uxduX8gd_a5wye^VnS@*d_38*U?VgCN-eIQ0P(4siH
zNvZvhT`eVed&aEG#%4e-x`UQWaZp%aDMO8~x69A-aHCIBXWw{(9zhBbEGxLhFmf%_
zK$*c)FU%zZ54EAkmi#=MOJD*9Yd+r68~9FLJ%kQ&nNBa6;k{4#fX)8M*dyVj;N9V3
zD#j{eQaa3-J3AB9o$DJ2*vkt@^YvZHS(fdT^a-_MI5RaGaET3F=nR>wJ$vx)bLXmk
z1~i>f3Re0u7x#*BkOKFl6;6LxfJC%j+pN2lD^MEJnhe}&ij;vUI;$WJF*?|>2AOoz
z08WxUQN$KW#d)$}aOoKi{oKU1qjz&t8({kyzM9_cJ6B~QU~Ey`-1qYdCKmULP}X1~
zkJ&zVwP3h@Q{A!WgV;SRxX31c8PKrXfV>G=lCk1vhJaS=Y8Bbd-nFt0uN$&uh>k+n
zOYaQ72}55?3@0~-^}*v2_yaFBrT?uY?Pc+|s>eKo8(}S%;F)gKE`O4yu1tXhk>o)P
zDL)ve)6Ua!HD93V6qJ<;KlQN>n0)|*IF=D;0k;ml_P4*-!;nF|@x}YOI=O@tI4rue
zG#I>`dMK6h7;)dgXgY;;FJfE3A^1BdI<YhB_0~gL69HRPX|&L~n8P7Q4$gBGMVh9e
z=oi^<ZSdPR&e1XuENYR16v|~hbA5zv01RY?oxX_NUM8M{0z>CM=#N&m#>xk$MX5FS
z8?B9o>pz8A{H0g<S~*t6vjh8Y(ktom$bml`@--lM3x#R~iv_j)1Rv>7-<?HGwBlMF
z{`7RNCX17O2PGU-2wWe7W(_o3wit+DrB1Q&r}Sb~L6=CfEnsYdYF@HRB*k13LB(99
zS{-Gh#jiroqm{9Mb7P$k%vAo7;{R`WtF5z$nYtq|$VBfQCB2LNU+4zszvJKNe_5{r
zEF;CAem-^k=*Bu9FPMi5qis*sOe4jfBcT*KQGjz@<0xr@|GfW^{2z=l=hcx#l=LN0
z=Pev3r&c;iwjC$CuA~fgmF6SDeD6?JxT)M=z3gwV5lqXDl3&2%oYq)ho8B9)BkUja
z$ntH69+pljWv=<evdRXXd5l8l5?!qss}pp4$0TzH1gMz|50ev$h-(}CeSa{PA3e}d
zf89!IzREaVAGv#?UM6z*UdlIu?rJ`EDyrB|^ypuvp`q_7gzV-Hcq6EMX~^y4mm$pc
z7QaW6{TK^se+JAu$-hxEpjslrG%AZl<uRXt><H}8?c2y<sKxNH;T@A7Ymqnqvw4Mb
zk!F_p=5Hz4{DtC0fFe#lBnXI{D9`3BZPh1cY&E^mWAT%hc}qwM5roC8I~;4flO_ry
z$~u;=#RP+K>o9Z^MRDCa)f`E*SMDnzJnFITDW<5?LW7=VW)@9F43FZ383Ig0zNuH&
zZ{$>S=n)R^ZH)gIRLUN)7-IKxk%Tdlv45!4xOr3~l-xV@sp8x|Mm@Uz;}NTH`x0xD
z<a&e@z%xbk+3|OdN!7hqSp=L}VJ(wZ^V$_Q>s(On_(KP%4rAS8FUpVzFOhCqDjRN!
zHc67tJY(*=;Hrf49EsuLXX3F<=Etu>PWaSX_*xM#ONz2XKT#u}l2q9X+t`EB+H<Kz
zK)zspug=f<y7O@TT%4ViHjev#J){=qmfpn*5d8l=|Df2h+#b|gIa-?CYqB!L|A4Q(
z!<kFEi@=acH*hmJ^UvH*;|r?zqQAl()}zJoWH~th6Hv+?1AtMkmg}V{;kJU$5PpZF
zM$%U-cBY_{TEYz9O<GxCyV?#wMW~WdK5ekJEG~Gv#+nH;=doW@%@I^KX(K_wz=opU
zY0~k>FfkgkdLSnvZBF#^t+k2*C#ec*i7$VNNNy@#91>)4-Y*Y(rO;4HSzwce$y!cC
z(<R<%qMxq0g9uWm$$JS{S`)*nHW$d@Ol$)-khC@(;^v&yJB)rh%Jd!t*D%obL&BH|
z(@X8hym0I#-e}gG*4Wm{w4Yaa^YrgXRx?EUc<QID&8nE^<<YVAb5(xMoPNeJ<|-1p
z5SVG-(fCGU&P^2Idx@;ot&4ipRy5lvQSTP#41{>_Z#m?gj3bOB9&|n)o~gT_3DIMw
zgLmcMg2C}?Lq9u*>e><ebC<+Quk2>M-60LrG5oP`7p}yeYkd~?Gt#DE_;~DN+K~}I
zEyN6r^GvE-<`2jV{sM~(#AN#ARhHJHtum~3_E7S_{mY=kEwB0*uh*u8qLYGXY<@7b
zmAjf&VJlq-@XchY1Mu>17M9F3E6|ATl&w^ioGk=#<+A2N-rBaWWsnTFzqGuLIwH_U
z2xn9Q`>l@zoA{xC(bZRp2AE_*BX~x~36_f|6d|hE=Gd2vW$ID*Bwpxq=v&Qs|3SRp
zIx2Ygiqp;pG6!Qmc!C2F6hbzQ0V|^}8>x<c9dM!NJhc6~4X6Q#rBw)afQZZEt$A;v
zQ_<d1$H<X$$<sjiT(m&=i0+hmrcd~J>q2#uU}?s|r0>C!hPkQFyCZ;cqV=<sr)QvN
zd<Aqkjt1yj`cttKOFR70z|O5r*>#|Og5vzG#-LZ|#X3!wJqL4YeQYT2iTa%wyVQS9
zCCxB*LxN{-HLG^XY@8_GYNaCbEkN%_f*{uCTDrveW%6)>ZHp$O-v5kF$i*K__I2=i
zzI+y__2u*Z_<8{M=tl!ovrAi&P+fQOr%S{xFfkrGK)cX{&6`vC(skFs3QIouBg&Hn
zf}LV&kwc(%RcpL{ME0dEJh7tja-g{MBd{qKxhBhNM}z9tpk{q{z1Ii#!5#>Ht972Z
zZ}3Mg_5t3qk44^N2TubdRSOpl-8W7xr4~khf^@`qNQZd=d)Dw0PR|b?55G7MrY7+Y
zz7XSYGN94vfiKU=)w+x~SKo<6(lf{eX`dAa)6oCWV4Du8(hDlf2&+yqoq@Fxi}cMS
z0w$CaIY5Y56ddvt!^`BlPB;_!RLDn|4cE78RLEmataskCFlhOyTfIPwg8-&v;@@m#
z3#4uVQE1e4uJqXjf|<qPp$??EQmy&wH<iE;l8MD3w4IVZrl|}1=wPLS`dTr|3ugv2
zw6_vgK89#r3viH9J(&lxXCGX#1YvySdbnR<TD8x2MVR|%K5NKNkB3iWlkBye>bptL
ztOZP`;w14cTXlrwhJJj&n=w5qKi8E~?nzjX9+e-pn>?F+bIvH>JgK|TdTv~EDSpq_
z$I8(ZS|H%TVN~`06I|M4%)&jYB$U3jb`qCzDgcKwt{uWGNqmw-Ee<<vw8oFzpU0?5
z)24&as&8wY6G=MkM(CJ)8$=6m{$-uGprRl$L999vs9r`+T-_HOdq|7t02XhiLZr(D
z(TtSoU+YxltRuC<do&Lb17&c24T-wpDZy;!(q~;JlJp(H4AYu=ZYT)$MKnFcAl2~v
z2$BI4qAS5=TN#&#U48!N0A68nkC;(E?YUT8fN`$nrHA7mehpPbdYFR&#2l0%&IHkh
zDvmhU5W!3}H0Tzq?ar~zWAOEs7uYuKeCu6^Zs*n)VY=Q_5m@4s-P?4H6;bZ!L)i=C
zIA>8*x%!7)RAGZjv0u;_p0bFSIL%#vr(wvr4FVNh**+2T=VzjlWR9X*7t=V^;1uC1
z#vQfP7JUDBhQ!j6CJS*OfF7sKVS!`@#Jit-DhlkZsgL%!vRcwgFpV|BL>?!I65?45
zcyB-IFP3KF-}PCSV*BrqoM0X+Ab)0FlJw|s*8X`zlzze_JY>F+MnlcFS~oEn{s`?P
zh<m+iD16)o@@jJSRWPZi&!!UMKF`*bqI73R**>P-TsBdxa#Bg;o{3tp)ru2Bd;|Sz
zT#J%_Lw$S3dD*gmHI@?Q>X=2AO$)yD<C)<U0@zsq`WA0ntSX;>epN`u%`-(lra3)H
zb9wu*mhcb=$gK!0K98xnX5D7?T$zwA#w4aNWiVz8#@wW=YLro4J&hB(o*V_k=xY@m
zSx%c}aOTijhXrl-{RkysasFbqZ8=t@P)Nj0nb2<FxSKn52>&(voF~)?o&L9|W8kH_
z0Av!}PUNpr5NQ7I7L=^$83>a>Z)XW~muWMtj0uJJu~YFKw6Opg5EcFq)39{%zWhqo
zw$N}Jj6_{}_J>kmp9DE}eik-4Gn5=jd}rVYu>^t$TgJ!KM8!NW^Np@SFz;W&HOwO)
zDC^Q=js;rRyAGm_EyJ!Q->_dKd4#Mcb9-dPL!tZf_<VQ|dqhKURV5AQUTm%Qb>|aW
zXtJq!ifuZ7AH;?GmXCLVyg6h?u<N|jE|>6B6J;}kOPhw|m&lnZWkloUmVOSdZStzO
zkN1ujUK3vCsnFgnWGM}`Ddm+=?5au2(HA_PyY`_BsqUC^<P}PHfW4v3L<4gf6svB@
z#1d|riBb&+{J>Kjq;jMzRDL^LiCqx?MK>Vhx)Azw1tRt`SXDvW*(DI>c8i5%^QN|~
z45<m3I1~-zTl^VcDm)yC4ADHO)o97+&A-v3P?&PvSdd@^j`UQs#1&rHz)mBz{5_*`
zhQt(D8pX1btZG9lfDvw+yCPz~GtOdI*E|u;yU?5q%!=kJ3BX=%XZL)1NY!CtY893{
zMQr?81?nKEE~Px+@r%1gkTq`KZ7wa{tU?_jK?{qOrMP{@`_|!qzur^!9%kH-J#x19
z(UP(2j9v6hB3tMbMZCbO6$-n^gxD$L_gV*35ZVk<Krg+=!@>wgQ2qyA9O8LJIQqQB
z_%@<c8)>XNvd$TQQVE2uJ_b;!vJ6eX@k3xqShu?&AT#IaNUqA1SD}~43qW}t>#b>(
z!SelPAS5u2E3b@mRSh6xCn?6T2+-85(FB+~)B}I91F2nZY3wDNu_Le3<-~&r{~gtv
zBOB$cDu&3yw2Y%}Du^sbVn+&zkRIa_V2Sy31^&l~amI#DGktI00Cr1bMo9<u<fQ;s
zni;O5VVR$mW>f6r6*`w<a@EkdX*0KGYJSy#vNc~nDYvU^oSI!fIrHLZoSMCX*?HB6
z*?Hv@T|X)J3p+~BW1N~@&E&F<)p_+c@?Vwl=zquJ@6?*<=%1%RI($Bt^>zIJBU!=h
zymI^RjY8L@<Nxwm{wt2sbs71OEXKSGAWL;!4Zu*Q9)kE)$EvkZn>xkEod-ke=|HPe
zPzARBj0@xTw<7&EM*zO&Gq9DSUrIm`5i*1eq1W?KHj?T+xwT4jdtJpCgmm;6|IiKO
z%iKy%GkoP9Z+l9$VZ@22WilS3(pM2|TaQ8vag(bOh9i+&CnkZU2~IQ>D1So&Ihux0
zk1u%PP=X3jH!B3!G_>OPw<m6+7;;uMi8whPjVDDc`sZfS4nPc73Qo>R>wSxvqK|EK
z(Va)3bnc#59uXN?S4tD2PBKYyyLvPWDM`Wi>aFsbx{4^)WtJ91o=q0nc>rAon<`b5
zDqfB`f*P1W65w=ey|sV(22g}3rmv@oU*?vp%2$CrO-!!%HZyloG7LzP1au~J+sMOa
zO>C%MfkTB2jA<RRONODt*guM;5Ny34EV~^!5|io0(Zm*a%e#XcdpcwK(Q6jssfn<y
z3<|HuIjfuT7k9mADHKEEGA^AzWHFjv({2r#MPYc{_^JP8i!~_!Q^B-71xDt`T8fwh
z4lGYm;swoq@`ozi?_Iljpn6c4^$H}JQX@c>OjPItJG&4ZOi2^?^Re;wjV8mE)%7~K
zELdz9ZDvAt3R3%w1w;w-xe%wga2hP{In);v-`j)3Is(3wN;7w5#x~)8xT)}Uab`Gx
zM}f6Rt*a6(DCMiU{B_0Oa38im>r~XNYGl`9Dg=*)bbV&=yi2|Z&pA(fX>??voyq|x
z@?UjuM#ys_ap|m2V53b)Vkgc|6vL6U3lSK`bi28R^0R6GjaTtQrKPEtVRs9?O1rhN
z>`c8Wu^#u94y(H`jdK!F!Kt-M-iPaFc%7(0cXe)#_Ya4oEC5eHu)iY4nVmUeEVVqW
zAV@|9)(NzE`btB9nA-6EUMHfbd6yc15|>VCXX{IOGWuIZQ8Hm#UM57Oyc`b%g}Z49
zPD!aHa`Adfe}$Ju?TAWqaqYx0nj<TjtPr_^aGE)1D}U)n(fzVZWqR>tYq^1cQ0#0J
z`jpEQ28Ds)&YDHH*5?l+Yme~F!%l}5b|1gmPJPV<S?e{|*Cv=5LWN*(1#FB%bjau#
zUjR-==u0${AYC*Xvpf!4lmjtoaz@fG5Cv@XJji5~jLWOOoD9drMHDZBdmz`#T)=`3
z5G5A2YiX^Um41M<^+c5mq$L3GHc#p{R{WE%rTi#&xto-_!F$Yg@vU!~*4LK_>$)aa
zJZ^|1^ugVP4dx=C-r6U%t*qTDl<N;31y4Y5bIhMP44rc*T37qmdiq-ZlB!wjEwDH6
zou_VZYk<&F6$nU533D`SQ(|?QVyzM=f7LCpZVz0#bVNuY!#byx{5ya}=|u_ludT}_
zm@uvB+5FS|`mLarAv@i|M*(T|$<CFjUQNoaUppU1m^RI_v~IopTe2F6<Z=Z~-K{tw
zvSoQgil@hxsvwV1`~Hxg=G2Y*=QJC~n2zob_A(spTF<T^<b^ap=U?%Yap6Q8G{~S>
z-hZ86ksR)MdFnKp^rKp-9LQ023;{+mi2~2J!>cCYt6&TL79paHsZszZ+m#TrV4<Mu
z@;w{TG$BL?o=J&rfolqJfvjE-0s!UhWKqk;GsXhjPDO3OOZ^xS%97*IKe!JsKk^Q?
zbImGf@a`s%xbaL<8dBZcK>ndI1v2q(JW<Nb#kZsvBWG8VZ{hZA`1N`AZr=-C@<(A!
zv#h1;LN!hH_wH^)S=L0FgJv@Ozau|COJ=+8FF6^nT_5rjNiDx4oWwjPO=cMj;Jnud
z(x~F<0kushdShbSUR<L3c3VEKc&LXr?wKVw)K|Y#bHSGzy8MPQ5(248PzWx5S+*D1
zP>{<1x3M*mrJZiS2)W;^yrq`rfxQS^Fb489YJdOC!Fhz}kf>{Q_1PRD#GYA>XtC^0
zV-~Q-Lzi#VQoj$QLgx-#Kz`KoJ(Y)ZF!4?@JP{(gw9xY4uql0O{9L&ROGCU|zTKn0
z|5vV6x!8m44}(XD!a15IK-6bxVT8tb?zZhaTSIlQSgR-OTEKuXnJH|!G5b|q9vCb9
zzcHG5UA;g~uLt1$U~{zCad+aCUJi*x<is)KiPNtsYVtI!0X#mBL9%Ot#mMS~q#{a@
zp+C4j+EFq2ZsP4yvX)v&0;HV?Su2u9-CQugvFkb{-kcL)Gb88666PKk-sjFi1`OPT
zi0G!gsW&IZGy&6|HC4BBjHVbsj!eco83sjvwW{zMnDeWPSf6hLh;a1ysOMrKDVEy;
zxO#n>m$a6#UM-_P=l<eU3uODetUpze(9KbVA$Lav73n|zx92!#%O2F2cd+I(l=u(v
zIZn1|><!ix9N(X7wfLXJ2hLn+0GU@Z3^AF+6Z5GIGV9^_NL)t40%2S(zk`PD4C=N)
zJ)xAAfr8)ygb47G%x`<tzXdILv+N_7sOh_RFrH6tLP92LU^a~E*C=j-8i8z|kJcGw
z8XPf#@6~nf#gq400a;(Jp9vQ){{LTVk(<>yd`nY!oBz)r;u1EzH?H4W_m=>9#^(?;
z8Jr4}8ug4yph^VggbLNGh#*^%g|t>%mOUa^TJdOM@~Tm)Xq(0Eb96yS+qTnREubx=
zQt|`jGy<nl)bw(5X!4c5!cH+r!v8O_{VB+|rU?{2yLa2RZQHhO<KMPz+qP{RyKURH
zcYES{-g9PRW^UHX%*w2~u88`PQfrohg%a%*G+jW4L@-vg0uzV-qyn$?U$pCq(ui{M
z|2Cn3eJd&T4d8I}13m_Bg;c8E+zBbsn1OdCQ&5aL)fuE+23UFWQdv6jVxaYO>*H`;
z*MpS`Hj8rOewHBkJ}^AQ@&W-LeUkG*s)ZsLXLluZt0MY^Ae`Xbjzu8m7zg9r<g4L$
zc!VTU5^oyZxg|V?@;LXO;Ub8lJgAW^h!at?JP*T8d|~bq#5njq2DDZR*MajEpDdq4
z#dPC$XvCJZ>0I)V(`?wmggpnKMqA_sDZGWbm4{w@@v<{=)gmqvaD;@~8pF0voc0Ry
zwyr++$@~L4>$h9h9#2r~`duYp-qR}2mL~8PLYPRY-XaMhFo<4aiAY*BWjmwSRV<!r
zrpIj`<A75VP7+~TUl6}7lX*+u<)_HG8H!cI7vUt+`}jJ!6KBD^-#08`dqK5;Ni8LU
z_sk2NO)?%;0IZtKK|<@#MV*Re4VwX@`@UQf8kJN(l8>uVf~}Y)!>dS1^v`UenZSOy
zyIr1$jC@(_nQnnwdgD-6J8)|*hyeN+H;9ziYpq80a~1lUAky97yEV`)*>5M0g&g{h
zm#O{xD18xKb>`@Ju%2mmzA8t+8&rs1H3O6jL~7m5Nv(=XYn_ZuYUZpU4u)~?5*izy
zNDHyaSCKVwLm$lwefADts_3~%kQZKV3>#SzbW+xm7owMaN};!*KHPvl<6Kqq@C&?}
zoat|r1js+bnc_AHe7n7oM);UZi7LCHJ6ezc1B7U~oe{ner8yf~ote&ZkE4V(_y&q<
zTxd8BNGB;q8)tnUk>Svp!HksiB)VrOZhi^fc`!3JE1*7Si<X3d_taS(z%FXZ$2Do)
z^9xY7Hwzmo`upUKfiFd)JqeGV{Hu7xZSJ-3w&M2e&>H#LhY@~pY9^{#wB-=kfm7Cf
zpGC7dk_g<cqjR^58Uk&l)dUtCIp&7f7FT-Rl8B&a^zQ0Jvd|Q?my0hGB_5gWM|(&G
z3Zxf?=%X-c-ZSUbK+OobgQ-a>?H$skj&QV0jmJXTMim(xtyvA!X;#u&`Kl$ar`(E@
zapZ_47oF!OMs9!6w1sW_Lb0C49Xp@ZL;dxzj?5ku4$T_$Iacr7hHw(P=V$(uC$`^T
zjb2-0tv<)hH$GQ;3J(Iy{FLy8t1aAHa{uB8Lr##SJt1VhdaxWlPpESD1s$;E8ecI-
zID(&}oWJUQ$3s-b384A+D^-T9gM40;9zNU3HNgr+#avRh8xJUFJgHGIJ%kkJy1@oU
zVHlz=;5?all^Un4+scUh1sE@}OYXbWulKT{om=s)w)lM{t$9F%R9Gua#d<5{ynq|_
z18=0JkZr-b{+*^f1HNWv4Kx$==Kb-eDC@CnJVZLZ8m5^R2PLyimLx=~#`SX(w=}R6
z2O`O$XZLPFe9M&_=1N9ViCG+eeam6i3Up(0Qz@)}?F<{j7DlT(iE$z?gcnINu6atd
z!HvXbmN4n71qN)cUi9_amlS5dLE6xIw}cpia5K8Jh{;|mSH2CsVVp!)1a@2&6D&GT
z!(^P(5nghTBIz28mfvOt+_}d!&Rpy|@S9P~LFYJA>te6e<;bHpKL>gA!4&r~^-wi5
za%}Y1nA-SA)#y=(#rQ}~dHd?}D~_@eYT&E^JH82mG<%T>h&NUL8cEzOS9%sW%$tVZ
zkK=5(U;Cf7wt%M3)H}Yfo2<@J77zQ{;r+fR3(J(s;1tO?HW5wc^YW}OX`^T7ok#U9
zlrfa)ZACCeH3leTcl^1-E2uSI)<jW>Hc!s@qmbbA=J5mSK}Sva4&XBgW!7HDK$C<9
zHX@B!$%$h!_8ZF?>XhIuvkDA(C!i}M{)ItT`juE&@=&-sGV4<I4MmY>;laXc6vF%k
zqZ&Q41`xyJlGn_P1mm1eZ6ey`;_<*_++<;wFU?!0^&}w<smdKK$G+FD)^%4fr$!o`
ztu`sa0Ct;hU#<JUUxT&!o33`Q(ez!$pJ%KeORylVYBrz3+IH+#mLeB#$|U3mh+ap`
zHIrn%L${I_Jz6WKRGcEa8{lBC{$BgTsjOT4nCoky5K#dPKawU%kJd<$hCb|ER31H{
zVy!y_-DCRQfV0uto>WzXCSqKcj;Q~-SzV2>2oo_Z%c8fvp)=99xs_0ym9ko8rKP(i
z)m|Hll?aR3$!NIDcEL2}Af9=_vPCPY5e#duPeP{U+RF0LLZ^AFnQ9r(dn8N!xjhj}
z<0?A-_iaQ5Ajm5anXJglsLlJ|d-qao>mF_!fwglQFTLn@m;|HGS*jYTJU`gq-180j
zX`Al*)lsZ6QKKx^ajKoD2T(klyC=|Gk)8B7fgVD=#xN8YF8{%mRKg}2Y}V85Iw|6z
zLDREoc9UADDY@>-&?8gH4Lo4|g$eCa{oY|kH@MdwPZ11Ng`DNMhEGr!sS#79`IPnG
zPt7z?(?9(S_obP;A<a;EE@qK`p^oM;I&EKDDvIA38PKQ1$1N3@>SHJqh;3#)W(JZH
zmYo8<D99-b_3d`)|9G}Q-8F25wfhIJU5tHqMd5QW<oEf+%q}gv#n6yuVrWfJImr7n
zn%;wU8RZuQl^NV<?hq$PEhgx;E?b|Nj%u)C5sF$jsXHAS0-c#1S*|G$TG*Az8XevB
z^3m3LSY^Pn;Vs#x;Rbc$_+E~?Fo{{nqpGqqyKhw7{xT1)>W{V?=fXLze(*?J$2Gpo
zFK}&T6d~)C+h@;a{s~h&Tyx-_&Z1$bWhPnA$kk0Oz_(9HoVeWzo_!!2qvqyc<z`DC
z&LOsN>N%v!wSU%@KGhkuusGi#4i7fB^0i6OHC`x!9e@G$sjL!YhX&|zHkM%;`4Th`
z!(<hpA;DCzB+%+zhu&NPO@OMdC`WoVdB=d&(Y`3wA$U#xV(qv+xEvk&S?bp8Xf(e&
zz6(*zUSC@9FkI!Gl#*-nAZ8fpQK5;slUrw^<v+<&NJm5(Hb$_V<K{(+H3k{;rirS?
zT9>yu8i){aJ)8FPd;YZOlQrpE&#ips6cM;hufUpHwk@$ToI$2%7WNue-=+si=GEr<
z7|hN>NvE8IHpNWrje~hrlgdn^Cp=EU^lmEf2ckhHp-0+w-8r0~q;ptcN-*fkokYqK
z3P6;pZn2Yc$R2RSBjqMhasMlMEeH9vaUOh0vDx6$)DuTT;uL{!rBrb#?1$qbz1{Z;
zT%~TDsWRbNSR_WbG>^5fw>E<ch7j9TtQ?RT?6{nak2%JKp5mDyU~SJS(L9j4smsI0
zvp4QmlW*w7L!;sPUPmX$+kd30GE+OhTBlgy?RjCDk7)6{V3_2wBa~l&sjGVJBYR=$
zrTzr#mwybP*Wd2>I9r*T!r&0Hnup;QBr~oM5+Hw3j$~vz2iuhRFV%lmiKMie7udq5
zMpA(D60%o`G+Hk3XR%T>Mr1n={Wn&O98z0M83NOJN!>Jm%YmWPaV7+fsMqj<fZ3!K
zt2X*E#$6?R%x9jy>CV>b-Bb@P3PLlu{PM5vJ>6HjhcHopus&UZL4RA<&)M_AieXfg
zn7fUQYYMRoPg7oO#aXC@m7!S<3wu5`BX6_8ZDVFret&c~rS4U}ps-391S_JK4Y=Ub
zjKuARhdCK&Jz;-iQ27sH@#q}32~+?sWr+4GGSFp)LUV;eLE>~m^jqwHZ=tq1t4?($
zCnKQpZs?Smgt(yvd$8?LXGMMJ<l&#u$lE4sTG$!qZ=8*OqM=64Yti5VC6c(isfiVU
z&k<<2*DTBxw3j51SUZ<xS-B|>$6=<1Le$M0_PVyyq<ygfi3{3PmnN7mBP-ja;(!ae
zW{!6U7i4bS)7*`d;>y}qu^M@<TP3~=Tn*V_p;fW*+GW6a_+@Pxb5Z6cE`(Yi&MJ|6
z8EzgofN%I>-bgG$Hgd2jR{djLi^1gHOAK}O13W}Eht(f6e-WyS&fn6Q+n<~F>(d?M
z_iJu=*uc)jp~s7$qNh=aBOt?#F{T_58yRFN1QwI)l2^)O5Vgl@%1I$zw`!{TaV)1i
zT|>#idTz=vzOC?os9=JCdasYknqgv+74AcvB%obi+gVX7bp@bEpesW@Q+Eb&C4pbs
z%@2-T+L?U~uLBf%b^QUinl4K(KkHf?V=i>2kxp-Q2%N?fLOoNg@Q}Mejsf_b>9tI;
zFoR3^j}xe?WMUa3kD6}GMoE$_B)*@pPDE!|+vT&rn8|O)lNuzYs)Lc6L3Vx$((XTc
zf^;!W*#0BZgU}KXRfeRaFvF49;Jd-DVv1o;rFb-!n7EZ1M)=n;;;V>g<9MN&SP?@7
zES6Z?DtvImt`-}3Oj&A8?TLyl-nPJMqRBFI%CnGshq_r|>jUU!%1A)*z9VkW@0sYV
z-8H+_jppFpeARG^Z312O$NT<DZ%;m|kBhT;sLn4hBV2vZ7_;9&@aN*^=l;0pKHJ;X
z)%y~T-}@PfTFHICxLHs*K1`P+92+yR#aO(=ezOv@6Q^{p;>vnENj-u?bENIu04exD
zR6m{&y388n*%u{$G&R8P4qTPAj!^add~C})(yMxx$7PkNIxg(or_q7pe_Wk|)I?{=
z;<j)nHFR|}VZ{d>BiQyZ91=vrh!DRh9oLOnaB`@h8&TczJD1)Jsr3yzkryaHdAYi2
z=k6u@#y@Loo=2Ld-f4#BVcd2{yZ37S(o?*OU>0EnZg9?lG&Xff7ioXx0+}lK6gLrx
z&@8braz2K;Ym&E^oJ>pZRg~$hwF-<WJ%$=J`>kv0&d}qZ)<57;NN#2BHnGws;ZO!J
ziD1~=P&b!_IvSwd<x=%;1bi#r>cobvS}Hvq{&}NKRiVTES4Wqx;WqDg9gPActstsc
zv2pm7O4l~=@ODfRX)=EY@bF;64><YTxCLCpo;L&EFc(g#g=c}Q6AP$ZxVG0=O^0DF
z&(kD1o>D5LGLpU;|Kkx&$Yn%6jR&C<Yk_RDA${`b+=z^T1ZPxoe=u^;C4+%UC1U$E
zNEs{^QP}kC?R@b@82U;&oV5TLuTeIJD85qPG`u^^vK^9^F71Fy6O!qgKg&pDo2VH#
zRH0Vq?^J$hDuu)_YwU9SqLoahPY3&<^hk515YI?l;0el0;yubvjSZ4nXdRN?E3hv5
zPZJ=V#<=CKs$ZU?_L>UX$<7`}N+t4Inu@+ApLsdN0tcMq^0h^_O+F*mlZiMVD73m1
z+vvN+D?a)ie_#@(M#lD*J?{Tc3?z-}r9O=uqf}Bi|2-(Joj<~M^n8Jytl~$C#rOOF
z0|R@Nt#P&*w`dk7@y#(M5q0XMD^Y4~LLPMm6-K%k>Tn>^>|H-Epma<!EW`ykq5pY-
zt5aOUy}x&+*+(Qf9mqpbBC=uMDy}90YNCp0s%A54OF{HqO{>NJ6YqG^|ETAH{DFJF
zaT;MR(|>bPJeU^@(#i=m{DTbs{d1~07uii99f{JRyOmU~=7S!!M$Z0(`Ts!zb1x`u
zh6NZLlB48eB$JowQ_}S9dxZDuBCPfp*B=#gQgccUb@K}c7Y7e%ffSP=@t5D$w)|3^
zz)5wFHXzpgtgTplxzkr7Dx^w`?I7&&C!kVsDFbyKS?_cyJ;<R%IZE^K@O$`qghfdv
z&sohPU|U>b9OMdpU+ZBQ5s8{GmHeB$#ZYP+;OCf!p_QMNQk@gSLKyZHO-M{iito6&
zz~oq2VGW{KddW*<gPGdc0L~+uKdF`^Z*7LJH<%Kl1Nf>0AhicX4^7{uA(S<hJMF&$
z-gk$%owhenzciFPwF*hax1J*t<WFYy(wSI1)N>+xl5KBwV?4si=XRo`1BeABuU@}z
z^$zfYK|7?t(sbTA3GJ7Ei^&moA<o`;Z0>J~csw-I)6Wc8dPmh^$uP`-tmtUcn{X-T
zW9Be_n$oD(mv(lgOPRp1>|Kpql<0J3k1g00$5V20=O+9opb>E|h_{wKYojck472_t
z2f&tkU%3mY%;BMnG2mD4NsU{7txb4M>Qd6Uw6^HmR1B}R$KFq;^Bf)D$Y|~@w7b0d
zRe8M8B=)M-a{qxuyMTJmFX`?FfD7?%&2ie(Vx8oZ>b+v%X0Kc*diS^h=`N@?I#8e~
z--nogQKThRB@BhR4xA(@j+*a7LrL0n7pv%}K^SIBL49?J!w)cx+%Pid<tKHR68vK2
zo%Ti1d0*Q0BqxOATHR<IdGk*;bDquyDdtuLOz$|z(&<U5!Q>%~sWd*4+kM7pM+w8z
zSl>p%FJlvwv2jaQlf2bE!<-E6s9%~BADPzT{hsoWUc~s^RuvedwRh)b;(t9L`2YJR
zI9->Mh=g`>`?!5x8g*wN;-WTJBf!-GJD5@0F0}m)ne#!U`aj@ccAV!%mZrJ(tta0k
za}t()yzf{(m1z}5?=tVTB#WU<udFio(eZCSB;E=ZY>g76moT~wl}uQNSDvRy{$jOp
zB<h6+(e<Bx=gme9^pPJ#s{SEC6ZScW+UOks>{Ha9t((i|rUN$>y{QwQ@`|Tfn@&($
z<5c>Y<Y3K6_glIgri(*d0q7GBfZ(IMwGK-TH7cg-coa;o&fYRJXeG+3ZyyVx6c;(9
zgt8GdFaeWC!Zo)<Y3pU7#P}1j(0am}CZCRKZh$w+b>Fr@QhC{2cn|Zt`pP>To}=5~
zC0dmPyX~sdkIBgH*L*R=OcK*cKnjI#uHJD@yjMNtT6k)3%46y~fZ&;v;98D*=yP7T
zowOEH-7+AB5+Ik<r$LA~VUDjxW({~lk*%cI2UI{WuLb6-k?}B*06Y&S*+oUOvx%4j
z2^ez=9#)Tn6k+$|C(`_lGwh^Ru&b3Ccy6hEa;Ki}8#3{S7c|J^3KS{tfS_#OT9CO@
z+k<G=qhL<bz#b4CzXybd)ZhYHeIWT;fIw~RB#5(7?9UENM>-C?0$*whYD9Wbe4a0N
zEHO(i6p*-@QYV$u7U0Ao={tdB#4F<nHcm{_Q2cPvWmjw5BL}wzC{@wC0=(TGmDuKv
zi?e)GljE%(mE`!VCL~&4WdHlIbWKRGy;pnz{;SW8SF!#tapnF0^se~*%#=h<NW9>@
zDuEd|#^F<{V5K*@!h^fzY33*BwlVu9Z1)IB+~Em=wC_La)|{0;u(_JU!j%_qcY~@D
zE&Uz8(|TKgo*%<B#{9q3;4_x>L?8^yzvTZ=gU_<}3~vt8u07_daI#Q~=3YP&f^sa=
zM*Gae0Tx{LRlD2+lks9gCI2ogfh8TT<JD*;Q_*^pYobA&OxY?k4zEe=(@Ppmo<`?J
z9dy;v&hpP|nGZK(v5^$!bw(JZ0@eVBa$e)IIeXm&oT_kjQV3H;{mJtj;=<nC75?h_
z?Od4p<PwYDFE3{`k)yd9`UCIt6~Y+<AHH;`NulocIIMZVq0A}sE`&%d($l6J9f@Eo
z9V^W_n=vuZ0cFQTcL;?6BQ#=!9x1alQcEx<8xcfXmRl{P_hK1M2T~z429~W=!(hx0
zUdH4Un@pX6=I=`4V-!SvhrUL%C-D=7dGf)pj;YfFX}NUsq9j}zU<O$vG<t<sA$}MG
zGA;2HM$0qu%y6#(>Zk3;(4*B8rf~wczWCYjGxGTVKm+3hB>su92Z_IVCz!o1E&m4^
zeE9WaCer+U!}K+XyXT5~;~4S^H;epy$0i{QAG>GT-RtL^ZTC>HndN&&B^b`{a5p%V
zbRLH!IPCihj}L>zJz<G?!HBy@`}+Z9;uG@uf*`Ko8WVwGHi`on#4+o|xq%=JOi*mn
z1GSyE;t;+kMQC2<8`s7-d&9YU67kn}SU36h&CmS;KRLC0jWTm_MsoAA6`Hu|Xjf#g
zm4K+fxUW6G4qdH1i-~&`2Gf9gWo~Pth!joTjh;xj*5mq{aMl?8;O;4Ntjr=5*WqyG
zcn!4_J8I;Syh&%<=kvOZ^x--KX1K3tC7_Neb8TdfDPyW-W~&051vtE6oWmZU1kC4q
zy{RN3XV*2dy$7@UZ-hoVEw_zUY%<|Ao$L1Ds^h+zU1QY}igVIg>oNJ@#XD*Kz(jK(
z#ZCB&Je;PZfc7kB*UMxzJbCX3-&(K^^3Ry5+Pe&D5~`2nL~(;bBL}9brP(U}+K|;7
z$%FSW`w(987O7Jvt#ymLP)SE}j1Y?H9BozW{3(hu7Dm~eG*$L7D;sfmPS_cb-ni%a
zlak&f`;T}lfo;ZW+e5le<b#)8fC59d_#L_aUN#C1HpAHDy3R1NFxxaHstWRLX<GwF
zE442FX;W}>Ir?Nn%2X?T5N;h4Hl<U4kLPRl;2yD_0p3Z?6Z1=q%HAVtRiiyband1y
z((q=jM^KUp#YRl1r9l??jkGQBmND_qho2;Tnix&+bC`*kQ1g%-3LcacX$Z4g(3RYH
zMBQpCd1VjU*y_hHTA}G6>&u^5+GM2=sIGD07#w35dLE2uTC5ediSZ~ac5SP{PJ&%<
z-4(V-n!@!0AVeH&464ifoC)bWIf)_YZMlGuLV+Fu(^fRYkLjdq)Y;z?w9@@rc2k}k
zy1~29oK-a{BI5g%?q~&j`QO(Mx!*Kzx#ZS(1R6-Nygxn0a`u>oCCFd-sW0JpE36RP
z3JaLsLK84i^KsN)e+<?&K`Jo`*X|@Wn+(bZsJ07u5t?v81^T>xKmG(UM<YAsF_8oN
zg`*QTw5M0lg>z7p8wV2{C>=(b>RN)QH?`t&r*97~aeW!|d&ibpT8d6{lQe5dxW5!2
zPGV$oAO%@QET5Nts+YNe?=%0&rrO<>PFHP4Q;?jUL?Z!PnaDbJ5kb~UQ)42m%1l&}
zJ3FS)O4`nKc5aF3a9p^7w}tQc&DX7rs-&39`?+{006*TBp!%Z%ksA299gSXYr|;-H
zBZO^;9u=*2dN<)WC2d2LQKmx@#mAbnTS@o2E?M7%#|6_ld@bMd=348#uI(U(V(B29
zm(-uY^N68n{KHAxIuZ^(a_OzP>^bt~V=v$N9+i_DEEZZUD7&6(UW#OQ-E&i_8*XVa
z2NOYs511PG(>C;nIGs@t8Dl+S%|Bhbzd5`()_1QZ6-OSqV4d4rTvM@Y<6l$>GBGaW
zs?7{Y-TJqEUBg~;s}o@AM{7@cHCQ}xd1nFtS)6EzOaHFS#Bw-ongKY9ue~46sm?Z`
z;b<C4DoE`Sz0E-;GB6-I7N!!4R^@ntO1jdF7^GDGdgX)IqTHJ2AFVB>d!Wu7{c?N#
ztO6`k#i7Fk^R>)_*g^1A`dJ|Kg;H@m)xugA!3V=dxQ5h56E4;TcvXvTv)mmR`dY76
z@Av|o3BY;N7K0K??j4_GPA^7N&Rvjo18G@0Z3-u?DCLxrDG@yh=VB;c=B|_*x1N8r
zRKf8=MfU?W{r@}kw{w(J(e?62DDQZtqW3+^JX|dAcrFA)$>bj{-mv`F`+X<tcp)O{
z-+X|sqWf|Czaq~ZYC8Y@*Xu|&6@Bm3|Hi23egB*LFYG<a4b-VMjrtv#HT#<^r&=-%
zp_3%Dp&$jkx9TO#`1qnP)Jf1|_c7R6Czx?FolwHll-=0Wcs1DVC=?X#m*dX|O?O2%
zr>6VD($osyLdiV4oTJN`V6=UI2__YF8FEaUe)4~<0roB*Uhr?gUMD@yMk{3#-0p>3
zmB{hG&aEh_?OGjqi8>wrN_S=dhQmV!)WS3SgoCxL&TBwJJjytre}VZ-iXeMHg#bhD
zP5D%;R4ZC*U$zi)P;DC6$D>Dwcr>ZL2KN(`W^(4Tak|IK1_8=VhIumF*T%N}SH^<?
zSrmIr02E_IkH=B|&L|Q{VQSkqEJT6PXF_tA5IiQsF^K+48xlFheAG)3HVC+96Ef>*
zgzn8UZGu!6wSf+@)2)$iDUi3GRnOE$ewGk9QxYlSNSpD#UfZNqZ)?ya5c199>;*z4
zHgQfi1CAbyME2atMEyj!48z<=+a5x<^?`qm)Bmi_q$G08J~VroFaCbX5%}N?uX}dK
z?2MVs2e(RF98Icv4W~7YWogt}QK-VsPTWhx)0|yIm7;yAY^W{TB3U-)ifQPE6Z$`E
zK#+~MGS!&425Q*vyqmu%!B{yi9+)R_`wmI7jft}j38O32YF_Fg^z*hbw)f4;^K-SZ
zfS>^I|9NniAUL}xFu?tN`3HE5-@_vy!27<R*{WxlGx!~k_x}-6eP{c*Ix8kvzak)s
z#3lHB>4$T>0$y!;mHP%)pMrT}1aOwS7f>zestcPi^6H)kCLhpyL#n;2)mbBZH`rXy
zv?%zKd@lcGy1iDdUfOdn=eC2-64?RQ5Ixn!*_nty-W6lEk=|NlyWR*wMW|}5aMo*W
zQBn%~PaDuUJoSthP%`HvX2QgRqS@=m8zz_r8MAfEV9MB12<#POn+!tI6mDfte2z$O
zPFfxoWOm)F5`Uu5c1pg(DbQrSPejop+26`EbL|A&TY)X>Cz-c94t`&cp#YF2{-m|C
zi`N7%U8mVC3-)bjG=aigqZ<*+07TzPZ`(e$>m%Ic)Opm`Xi)UqP=EA`>`LS`L$rJu
zC#}n^TGry&Q5ZQZPp4l0Eoj15CY+9yvZ7dH8%>ePJVzTnv__+I_p@PWviDZ<5rd&7
zAf(`xYl%y@RWV=EFtmls=`lU(V>)&`o#<~0j-(1IDC|Go+yLbztr|fq)Z)0?3bl9l
zvHK*YFr<fZm-Itvouca8YLsQ;Z_tv$uHPri0)re4K)yrKAsCN*Ey>oKwKj#d)~={v
z`#_lQPkL5u);}+*g&jnN6y{1X^9r=5T<OV>boD#J+2GD4+$=Z%7?!0QczRc=xwwWI
z&yrtp4mxWguDFzQtnJ<Xz-I$@4im_uK`Yif5?~#I64=!ANhRAXUybUKm?>W<(^SdU
zveT6<+}5r}?47@(UnS`J?jVu14Cyx$5S+@9_k)DQbGU>EB`M1sr2?vhta?^F7;Mji
zMC^|QX#7N2$Xg^XaB=zg8^hD+7FG2)IJmRXm~H9rDeSEF6|Ut4##O=B);uTdJ^rd+
zw@O=pBa8M_pSOhnsgb5)F{5WAVTFUaoW+B2D@8l`Qz!#1p;<V$Hf|3_Hv`T2dqb$V
z?*~K0lD!DEwevbv_5uAa)v%>dMkbbqr574JQ>$g&J*{=5e4Cw;Ag~azAMz*J9{2KR
z&|fGIZ+N#XYWX=lHfb*YV7#A~@7LwQ03%=CpqI~EVpnQLw{k{%Q_|}5HbK@jZ<C2J
z-3s1~CSn1jvPUhr4)&PTTxcCANk|w5nhXU5dRM-t`<F;p*7Adt&MXkmZ4e=k%E=+6
zz6~0pOP5OX)2zEuO$uxz7+&XQ^UCsyaTa8X>6#Yc<-rx^<Irg3!cDL6$ttI{nU$X~
zb&fB^#DM2H2P`$aXOQzf$3%zHP4xyyh?!$$<Z)i^@oQKITbkzQmFnu#Is|bRP%Vnx
zU!5oHl-<b5kpMGl?SBTlPC|O>oX1r~SJ;INnFcx*gozvn=*whP;?tv;WHzkr_;$+T
z&T+V(>1aj%tJwa4Nn$2yO~sY74p>y33@JdPW^|{|EgH>6`zykgHkX<`@4RNUA9Osi
zsi?j~+utaYnI<E?RKQSM;1$cQDZj!d^MIf}SiKWaaNJF=9~PJY^e=Ed_~CG0g4OG0
zAQzPcm(Qjh^!tm|m!W9}g6c(sEl>P;_8p&Wk&c5lLJHMlZlKKse&zm|O%dM}JSem3
z=jb(B&hWe=HI-A%AiW8@C(sSFrhZO8)7O|(Q86Nfo+BWq86*+wv9_q-tCovM2T&B5
zOk#f#HZMDYnYrBM*{;S^{hOJOp<G{#CSZJH(9NpQV=+z685XTn!uC%!I*E+dj2LP%
z;3W+c9em6_{Tm#2sLhKalq+Ka=W1FkYjyOuR|HDlsrmsHm=C$3a)?ips$rB?D0gV(
zqfEPDdYW*KSwk}y3?$oAUL!_P?@o~p3Z;trM);kbd~4KxP9HAGM><ZHAl}Gch|i5~
zfxo%-iVp9cu!;~Domj?{mqJvssLJ#P<NvJ<Ho4ss0oDn}ZLNTj4QRYi+eIFLwZQhH
z&gi7l^y3yEi;O`Di+9hAuS4^x>{80*L2?jm8~w9@ac6Lq1wuBS_N`Es5&PD#G>DZ)
z#LUk}jcOx@uBv-R4)ZLm(*rg?S!6bmrdEuoTrL|4Gv--MtA@PSh}J#>>hQE?fI_-z
z3G?1X2~vm_45|07u_%*{Ju(pf9Aru(4tl`%wm3A0L56-uDL67|F-+P<h9qnpd^V)G
z?FQ3=2{TT5=&z7D?32=V0c_-)mF)dt1``%rBOke9kw7_<T41+3K=!oBE*{EmdJZ6~
zBu+h=BzijPNflegbqU{)&koNz5{rrD1KZOq7m=oqjJ-0hsz<*0i$b*oM6uo{s|!Py
zpIvC>k9liF`nheMIBcH7*QAg+59=^C94*y`;qrMz&V|4SxNpyZbPYmg0b2@X!Gz9a
zo^y?I>`%`)Hrs_!cJT~7Wp~z}Y7x_ufq}OQ1PLOgk_AH9cVei}&re7)%V@MvIA*(a
z32(@>Ef(ss<LH)h4t#(s0Un2zF%8sB4Cb)A1wmXq1;)PHHTVd;Q?+5Vf(-`vvC;bn
zkW_KNXHnL7O4{b-3or~OuDUWPR^%k#0rl;gATx|h2whH)G)Iu_ZB7*CVwXhlyn{?u
z%nEYgw2gyDcFEfjWY~k*h%DV@Dh+PkflYWhzegWZf$Op=t)-YHzbUEpjVa{f=4O}_
zcWP1@=oJF{_t>}IEoyAn)zCCwPd*1)56m6muTp%tgca!g<IlQf@FOx8PuU!E?U+RK
z)ygumkZ+DQ#>~sP9=Pi3<+SyO-;A4aHoE62w46<a4%N#zOQTy=)=w@TT;yaK)wqn@
zxn^MrVq|2;(85~=&8nMswSsqHu9N_V31lN3+BQ~Eu}}b6jb)VSZO=A$uN>-Z9X#;@
zpe@to?CcNloWYuHeFsJt6{Iq<!RtQX&A5}AVUkP|&PLphRE%yz%wEdD12>H&@jt_n
zmTQ@t#|azSYo<T=%*dT2Vh<pb*v5vO#F9#)yss*Oh~EhpwYsFrIr#y+xWX>g*DDi@
zPZjK+o*r^?BDvX2GiH!md_O{T=Tq5p=Iir8o<vyC{(86dEK8P}p>@KDfCCP3awP~j
z82PslX7~>2H{?xR9DI02@3`R>PgC2JxW$nyacV`vE-<6?$Oj-afhLZ$fu+*P?lD*x
zK@A>2!byU?z7<XSuGV?dFXTa;?g(jTP2kA(BVC2HOD92eTV4bf1r7UK{SD`xyD8u>
z6@%AG<aNg&jtw+)%HsNeAR6Mi$CrtYbJt8WXCyDkvJ{nu*{m;Q>DdGJzz48%v(s2P
z(qoC;qA+YmiRK&AU3^V&y()nzDB+ysocgqj8>A=+>5<O9rb%z|!8iw-NZVVcXJRFi
z**pv?2`$xxXCP)Qx-zNcT9GEP%xPZk+#zkH%BXqXuHZ7Ou4UESf>^lKHZHuatD0EU
zHa2|itD27ZR8sLg%BXqt=2Xqf`@>aIb1NrjXIa!XGOMm(`Tk4ee9NeLR8n()+{>tW
z{+}Dg{(?$s?hfF8yLgsS^MK6REA(VmUAz2mU{=-ae~bS+m3tQ}##-8w;jbR7Y6RSm
zJ+uBqkv2WVYlKn6{H1(@aPXhD8xi9V(0R#^HT*xD-s77ox&uixnSTu7g!KD=t9Gfr
zv-*b_v2ykbF~!f9ych1UuQQM9Mqqi?q{vqoO+n;Eo63Y4%Y7W-4$NWxf+m7B!?Q`F
zVpPW<Rk6vfe%Bm&Lne$t*%6D~7^Ki+%{Ugxq^ZQoA!emG5st9cGtWeKITm4pRvzJL
zDd370u^N?9{F|Cj+BlGEjHU7Vqqyc-$bpFkC}fl=l}d7CH_RWyCr-m}F(@X0;W0J~
zr&UfEfvFuQ{1RLOw#h2d)w+?)MXbVm3J!IDf|uDNa1X*jdj&Um$$pqe$p-5EXm}y0
zjj6i~c36zsw=-qXK?yFK<caDfH7bU5GkIl~$v}d!_!M1*+x^`4bU)T9L)B}10+#X4
ze}w+~YR+WXZCdN3iDXd|9$rOub-JFft=~=8xeAMp>CgqPo)LXRyFKg{gW-7<!67<>
zN3;lBWznUTl0!F<B;tV%%9~5*11<IxtXvcFqtiMRYZ73&4t&{!47C!A3Uy)aBc+Zg
zX$E%9kpJ@@Z`#PzZp|P@!fI7%sjguBcVw~#sR4T+-cCru1ft-1>>iZY+ppIm8eT!!
z?P)}(U5i}fDQ;8Y4IJinz34&n0iGtJ=7jFB*Y&!=A<U2{np&j#LBkv{9HSO>b9&*D
zS6+zaTGHMTA6x3Im%@&|qYVRxa0L*P&;O1x-v}aKOMi^jt$aIl)tYSDd5giW>#G}i
zK~(iys+Fy)Sz8UIc9)|(#odxIO+aXen7Q>Rj)NYO^;ZIW+`0h_xq)O``u;pm2^=sH
zHIe#zK|fSnf?^@xt2!H<vQEXMp|LhuLBZ^`Hs1BtyKbY$p;Iw1{7#L>e(NgHq|qrb
ziWIFb!yh1Xw`{{HE4vL|-1_!!kJn6Y(6|koM9;PMIjE<_&<F}?n=*HjSAHuY9QLq|
zF1_lmEZ!N>Jd>1*4UR$|oyd4a@8B)p1%z$fC3N?+SEWgMoKxRnYCI)ozyA5b0cn;n
zQcNTdF2*O>WipT354kP$F_Bf2u?{gVh`}ZUqe0UMOZA7Kfel^wGi)R4hCm=M%Qk5q
z3$Bk1d%7+HCCv*2goW*1HfLrf5F`@KSdAyFt&8i&3WM)l(Qo~CnSbe&;id3zJ9wJc
zuLKr1<0I)XR-2yXUIQJ`H#sZzA2)$;9mCSw&e2*%YeT5yVT^EZt~t(iWpo#`8kz>S
z(;J2F6m62P!8^krc-W2xR?STyARtmO?$d42t}6aPZLpB-MYzJ!8c}Wu7$Ms_&+e5A
zcjbnzG~)oP?oDz`<4(f4)49AK>>4z$=27jvl^V3U8U2rw1|Ny%8#+5(gsOC&28Dmg
zN`JIes%RMRBnXkQDi^2t_-=*g<1p<w8#UCTA@clqPdhTRhwmJB1_Ey0@L~oC9tVNB
zhBy$IHmDIH2|Bmk{?*?_0TryNH|Yw+(#IoD&+CGYX1snc3t;%0SbGf<;>7@3U{94T
zrRW`OOqDE$M&KAq$1~?ahYT^Wp01XD+Kcbx1p?wZQ{F-=Yu&z5okH8clssa^z%vr^
z$lOdAuRwSgVke%7>sgl<p%u;DrPQhXnh|~wNkmpSF6$|UH*)@J^tfxdV=M}&c3&jm
znJs;G@0u|SsJi}*yu)psWIla+RUWY*hd68{`5!bmEquArYaM*KG^n)x8>Lao`Y}mH
zr%@xbZd*>B+w4@9l!U&TrhcTzme?i<Y2}IP`(hvs-VyBKWZ6u)Rs&QnJL{zRT22a3
zr6eY0hY;(S>q@IyeVvoZWa%|eCH{RE7@v81PyhA(X(7?DSU=)ARt>HbQJWmFag|eN
zQ4$ny9gD{gmIonQeOF~=U}mQf=NII(4)Cz}>tmwIONHvm|NDsWRGwiqY1duy3^5y!
z=(`)R@Y3gOB-b{hYv_`}L4^0TUv{2{vMBbjPzE_f@X9N3-d0CZX~Mh9|FKO06@vs6
ziIIV=NR9pMRezOnWhk{`iI|x(8swH$W|5T!<PzLz<frwo`AOu&Zx8P*fj4_%MS~M=
z_{f7q!>!NIa#{chWc_OjCl$b@|F}|Pnt46Z)+9#m-aRF{q6B0r4)5l9F#YVGdH1-2
z^&Wl+Ns8Ms#N6q%6dT>cf?xvPS8h~hqjaO+#RB<#{_ly7&K*KPr20EUs_|r!4t1Ia
zM{x}Ye<`a{Lmx>};}v&7BIo;|s-paky5M=8&=N-+L>65-aML9Sta)XB6YKfBpkdEV
z@uebFR-@D+htoA@|E=6!aw00mE&_sG1*7;n$r78fP#eSY9qRXA3U24RFT-@~J<;s=
zkCqZ8)5BP~>i|EO*DFMlvyx>Qw@cT7Ag<2-C)oQD{TA+_FBb*@rralr)Mik6v^Fvi
zk+RIipOT7$`He8r-UigL2~RR1xz7TgNof+=D`aSC_90tk<<>AmU#+Csp<14UpXad0
zX-aq7n|CTMYST*$;x+=8Mhl4`MX{8WfRC^SlKC?e67W?bub}xF&2B=z;(u-lHo|S=
z&F@cV?D&TpU+?K|k8XcH4MFrRsy3P?=`;Mc^c(1rX5!CrQaE{D7v}Ymn9VR~LCh@N
zi#aPevT_kNbs*5<<?~2Fb93Am#e(yuP)Tgmn#?UzT`#ymHX~r@zPnMId_a)pzGm+9
zP{>r6yNxCf)3djTk0RAg8;QtJSnt&9=80gPQdW)>ccqc4rDU82ZlSfT()>PPlEBfQ
z^C2juT%FL$AJ$C(AO^G!!JTu{eRHMz+G&#j)r9&DS<$t)AiCaAFd~`!qF`GBiu#t-
zgQPQA%PfpH9hg4kMK$duw#q^%76yL9MQ%yE*rNyXx`Nb8<yrT$$Ped~CgNnA246?B
zNFZ~Z)&hy^S;=cYFM~<uRlU~niS7iPJlla-kTbjMhA!S<f{b^N^dbgaGm48X;Y%;D
z&>7{r6FRQnTe3$u%xEqLwRm9A-h(<`9?Ug9`t3U5bBxz=E$~{G9g5P<>wRgNGZBoj
zRknvu{rw)m)0zJWrhtGTu4G33>9K6Meae#blm;W-*<LT~4h2s?0?(S=nk?ZBzRbaF
zSgXBvr+K^hknU2Ep(Z`>YJ))sA^p!P4)H_V64_MrG;!@#3Ec0@ZUsiS$tI1#KpN}T
z(IrUDHJTJ<N_vRCl@z!Pn2Mm==si?F%58~}i3TTyMje|?;apvNTGUD{!)5NSEd;D4
z@C>XTDQmPopU?Y~4sYnU^hs^U*q>KKy@u64%3IPq;%{9<MFq;t2O!BnwcX5MVKg*m
zc5q_n!rC^5#bfs&Nh9bgzU#&ak}{#Pd)lPy1x9V2t&Qq56xTrI$ih}p?Q;1h<7v!}
zyGA&D`#UD)<foLrEKMm|<n~1MGR-}6PrA&E3x*%E!FrZt2`P~n$1sl%1xm&O_=fEY
zHXZJBcn4?vUVI~wIUsV{s84Qn;26>>i4F03`%1OycYEUUV0w)%ZR?^fhX_7lkOfU&
z9`h1gE*7LKe#Wbp8guUHg9Vw<dd@_PuDN*}a&hOD$Fy&(MXN2cBszia?Sw*J+AK>c
z=Qh?|v}ai>n~s3t8Kx_p*q!>YdZ)X6Hv{lSXu`+`rZ$p&1-`OCVimJO?m;ZK8TM82
z<fR}=x=)(fby(Tr4mC6584a!-&X)VogSM>HKhrGYULmM3T1|n9`$-o`%{bx~o%>xS
zCuL!?VcCWtxHAqp{^~W`1yVvK!wFBC?PJVz9XC#yk7hC*yW-n7^3c_&G=S=;^6SX<
zh#kj6;B@QNVw&VJz2Ej0ARUw*`!t+8WKHL*ZmVJDH&&V{G_)@Ya|YlU^(NL|Ugb#I
z>#TslqxEd#u0h3Y{)HiJQ9|0C-H8G+t#1-%&3E-*6(mnTCF@9Q$9l8tc&^RKkZ0#}
zn!#T!PoWkd81?y(nF%eui=MabOgLDld@UjOuVtvhO#LaVR&wdnns?w?(tzm~_1cz5
zX>E4K5NmODS<Npi#m$g~dKs-0@pWNz1sXc%Do^3&8jQ=;l|f4Byrm>SHn%O<V7MWv
zGGbm+PeK-yHG_jN!q;ZC6fH2`n66&;&&L8FOJpXN3{d)kpqX4q=O}Q2AcuCh9rT6+
z?0#Rr?+Ys)>cDp2yo`!gmbug5#6nSC#1Ri{Yj|5iL>1QM)(f+elY^{erZu<4_o$<s
z8nCIqM5OFu8+|Z^wCUjsz-+thC)#pM(aAT=Ylj)w!w%-t<3iCRNAsblizxO+pwC@$
zum4yM9IV(;*HD1y3f`&nXX@z)H_hEO?j1Y5$I<sQe))4)LX+N?zJUxj-LoRo(h2!N
zPEP*wmIVjS-BvanfkSWb=XCU|@HKcv1xaPxiIZ1=8hL6)+vV-bk{$~Zvq5bd6F#-}
zgd$Y?i5OH>P{=SzhU3$<l8ZF{^G-G=!Cg7~*VA`Qjqqcp=7eTqnWysL20{Vejn2!e
zM$o9%$xMnPZ~Y+56TL1%Re?$4SQb&Mi>snHax&>nh$`R{?8;A=u|<NQe5K`JE@yA~
zKBc`YP)~4+^ykkkJ&>#0U*+ceF4iFw1#qde8eJi~DMfO3RPyVJMQRbk^umVG4WR1G
zl_h@4W%v*p_%{Ul5Pkrvrz-H4HTJt_+@H5!rfV$rg<mqT6SD2bjH11zy5G<j+xHPT
zy}AgkP@F8Shgj$#<__79k=K)1TTfxT!Ffwfd%SFahZ%MVidvLKk%b-~a`?-Z_t(Oj
zJE{mHfq*^uQyvVPd?ojPo3W5d*YAyB(y2?v=5NVq@3T@iC2f*MH~Z0R?qD>XSXeWC
z7EqR(=w6fat5AeK`<z#phT(!7q<t$^X$;-2+5v6+=uPkFj=S|hF@LSJbb|XYo2U;U
zx>;OZ5B;c5iqPHa4eQs%2lPIXO}{_h@I}h7R^>Z1W#k4naaQ%iw`x3FgRN%12NA|X
zs-zj<%j;7`#OO7Z-RQA{d5%H<95W37!%bHu2tR<$b?kDQprN8XK@+&{g_8A>Rp)b#
z?7qg~Y=>?Qiaf#1G{0Y#*S+_c-#R_&*%_3GCj`d)Fc>Cgbt!cASO%4fxv$jc{D`E@
zW@wfh5O;alQarl0vEckk8t1(eVQvs??a;&i>w92}>#7Da9N#)Bclo!(PWJ!#tOJxe
z#!KvCZub5w@UOth?nFVC@!I#pi3A`fwmiJ94R!vSr^{-NtqUEi(M_8qnaW_D$4gzE
zKp}}g)jg?=E4ynzwC!$T9H-HRQCuL>q%3T6w_2S$NBlve(!yecxwpB>GGkxtv?hgU
zw{dK^!otKfRC0oPabl@b-Lv>oYrRVz@e!<0_95%Jhs%5w2YGE_z_6*AJ8+PRy?GH5
zY!WQ4ahukR`M`eWe`eCx@ao(8Z0MFx=4ZSBN#@@dNammal>Gq8d=6~<&VCM*B3RGo
z-`ANP^TKb4P_17&I8fFpUm_AW#kq39bYOb^BoXJr+oTVJFM4z0Zqb9)gAZ<$52wQr
zftYBN568z4fjD834~NGPaW@#_#B<Yy)yq27EEma%F06h^UMeiEPEKN?!s?zYF@5Gw
zP7)#~GqL$4Co@rIeyudse7I?q+weR>92BMw7m<BAUgf@lxZ}x|6jmlLxs7&uIDoK`
zHqdL&wN(KHen?LEKrxLg+X*Cb)wk|F)PKaZVo%c`(DUW}=i%TATQweV(x3a*O7jAT
zOESXOB`A+M+4DveMEkV8ycCfF?iyNG+XB*YUdZej6*CHWG~&#k&f7QOsStK`B3~4C
zT5$Y*HR8&g<Noo9GXu~UY;JXI%#@n%rR#>jRtvPsd;P74GQMmxH;oCdUYQOr6TtwJ
zQT%nti(1XGj)Zg1^BeJOE_Lr&VYiug?e>2iZlbMy)=v8>7dpOt^%Qs!Ac``&(LPiD
zd>zJtxzH>od)^)38Hk(v<@AR(;Hcz19pRS3Y5?_|9T$|kp&8ZSFwoCUs0LHxWy)py
zO)xK*tCx@2b{6xml6K3|cdf8>Y&Op;F-@Qq{jA%I>l9H5M$4x|1h0CQA9n4lHhKV0
zdfqMt;i<ZSHSf~!vi-?@b_!+^Au|dE04mZe!q@`n7-i{d`#^9ui<%(Di8%wnxLRE5
zv;^<*lxR6&v3D~k0TAW~aWC?9S`}3VJw_*RfOZ91_S@^UtC#7l5yCZXzCqlU{V&}<
z|Cb*yE;*GE5DtvdrpfzN6=z|XAG|CX`EfRk3#dwukF{PjowT}=)eNql038dHy7MmD
zJU(b3nKHwt<HT-|%qs`3XpiT|j;di1_OS7y;Um$O(+Bxa4PKn>o?5BjNpwycEIA>(
z@OO5Khmya&b_ul*02HVG`kpvlJ^(gA$-m9Fuyo^ar+tGXTRVu59^#hZqx~pS)kZ9g
zD5z1kej^89U*3P&o&5ax9nz^O6;*<`Or$*1{=7_!^TsWvX6XZ*R&hbullnG^Z=5|}
zR_CYqZD2<xM47*c-p<L@Y10dqy<>oV@G+Smqc?Z*>Oqn|=iI@N#PrkdPP&&^@oJHO
zCq3Gxyj-|-6EXFDy3RrfMwI`;>xq8GEh2;2q`FEkPBRn3eEzkTE!=l=c7)?QUJ-MF
zlr0!Y$6TWhTllXbmpQ8Ssnz6kGFA?vHMBsskDM~;ptJ80Mn|U>GcNtuIGo+Y{5DmR
zO&-~GMkJ9krRQATh}d&y^n0BC?Baf`QiA|ja~6KV=$9tg9IBe%g&88j@Jl{fSz{Q$
zImnIS{Vqdk?(xQVdBfLV1M2H?2!<9Mm1%K{3QAnF1asds>LNh8Xt!&x7^H!CN<6h;
zP>`jZ=@GrY!93d-F3<pf#OAzbsQtW74q9$3+y}K9x^(qkLF2np=f21`wSw+J!_zFb
zkw@%Qk;|Er##C`8eAOhF%|Q|+(VPGk`MKCqw}sN;NU=&B6YE^@YCIFYs&f^NTnw5y
zA5!8K1*DH*<VaPNks1;cy=ux9Ay8iNQxkrxy7K=ZoL(;tUfrlGR%=ih#(#efF0SWX
zUY9Pe{bx=Ees24H&6{>=T>0Sp&e4C3l8o<DwaH?Z9Dh&s_nJEGuX-qvUSEAB*(z>k
zbgXQP8((EcKbyobR4a9~{#G}KYuqLa4UVG7{sFgCe=D5&;dOB#2YEIP@LT_q13%ww
z!=C`sqf!rZyFu@F%)gG^;|xOSZ=4&kC-+-oE864jhk^;+*Y8YOqh$^`h`ysT{p=&`
zqLPe-96D57TW^N}XMFm`rzx(<P^U9yrh^ujp%hIvjY(sfxqZ&b8BT0`VAU}`{EF7U
z+!uCod}u4j3w%hSrKzA&YKl=>Q7aqI{~P#yBX^Xb)5w>)ukt*_s`EyS+`M!Yz2!|%
zpSu@0Rb{<<$0wus5&ZrA`1s|y4C{Lb-_w#We7*E^pxq<_aGSB1oZQ{AmR$y*E?L*V
z$xK%VG%#!>bN5PG2(wVBpW~Uk6ezpW98Ma;&rR%M7Pc>w4KE+h2owmS1w_3qK9fMU
z8gC?#F5?57-!j@*QQqDh`G1E4&;-UyaHF`)lSOTF+iMlRh!H7`B2a;*(?uJdD4hq`
zZiESLj%ny*x-MN!#~`K45Eg_BoHx2@7y(_!QcFA$bEteTL|FiL&{J?UX5tS47qqN{
z9H^Pe?1QadXH9EQnY4z~&{=lhVjTR<j29w0k;R3j{P;LO5AM&W_<o*U+~3xpJDt0J
zmAn46UH`LPf12OB%YXG_BJ7pEBebwm#kQ-?oobpzqar_AjZwLXb-8M7zx;yNu6;Jb
zMoikGnmJA#pM|EaT0)?Z6USC;q!>;@rkTXq3h&5brUO#pah0FWxd5X&mIfe;;HYea
z`!0S2&B<GgwfDU@%(YGvz|*kkE5<I?f#uC>6S%BZFBkYf!g_z1Xxs7v9XyNUd&R_N
z4eteKl(l_I*Rtm9+qg<p=TGvA>Gi5WqLbJ3N1oM>k7JT+-yb>OkeM`zP(CY7`O5t5
zkeA}WW7^l65Z#(HXMd&35W^z*-~?14gMIl?c2QSEZ3fnhL8C)Wg-sEYe@!0!Wq;!R
zv3?;cS$O9xrNSE#{%ZM4eKpxPHoL{wwb>>c;?qyt%QiEISQ-Oc=f1=Eg75ixu#Art
zk>gq+{XGNV>mNX9)UG>EnLU(a3$j}jj~H=oz0NE8Nr}P)eSfsYa5&)WA5akN{=e9^
z#~x1rE?MAh+s3qQ+qSJ~o72X>ZQHhO+qP|6H_y#xvzzRz^A%3&S9MkO*h;vQrl!N3
zT@`rI^9-KuWoW_v=kV;08EMoGa#%oQgkR<|i>Cpqh0;XlbYDc1`eFBR&k<hF#cLTj
z1r%)}$rkdj!6Sc4qN=FIKnGC=d_(u;>Rm`^8zF`&#U(8Hf<{ycHs(DrmEY#i0(kDp
zQ_QKF-E}<sudjnnVC+MRljMQE>LeKrVHRxq9Dv+}xk!Hlaf>mdU<^S>P-e5ezaOot
z$ut?$#_}jrM?9&dnB0;oasVdB!`)xkq6No-w)CH0;drwyy~N*uc7+zq%D)|3aY?2w
ziqcV2N}ZoTY+;AB(XG!EoA{4bDvx*=Mh-8IcxbO|@gR&BcAC(3Ch92-zin|$EPerA
z2U*FOCV1}lt-V+HH+8^cH<D}CvQK+EQTPe#O@%3Ny=MkYoDf!PynUxO@)q<oz#iP<
zE0Aapq{f60ki)}gsLFl^A>e7Dtk&5`4{WfS3@Tc5%&=$^cAD+|w}ieeZCIW1H<6y%
zZEsU6&?P6`Z-Q)IgU$r@Xm3E)%INMh*u6q^O$@oe>vg*DY5Y_Wt6;%$U7qId&)lO-
z2Mvy5X^=27DNz@S{NU(R<L_40QVk`>!+8AAAv?TF^8{#N4y>uX<_#Cwvn|iSyTSO@
zVs_2P@}uq8Ad|$sH4=R8L2!-UKBEtR3cv3KY;$j{p}3TN>!6&`h^R~0c)npj5du2P
zY6NoI_h50YRYX99BMH1!8RSHDhF^OJ<UCBHVaGf!Vm5$C1Wn|iZ&#0zuPRkDfWVA6
zSulAQ2X~(HyKPFI@t40szO!lQG(;{u9E`w_{#<4(K<B3?9BGej{t&B(sS3#)`>oYC
zyh^yaf7D?gRAw?9mK+UqX<K6~tg<Qe_HwF%8TJ#s-14YD6i2_@T>qxV&tYuuseDUI
z@HUAd28l78cZ)I1ks3++uz(c3EcxuyZ!F$2jGez@12}IDN5L6L$?e>!fb{@da|wY^
zUalYC!=;O<3<d_e-XAB=em)ISe#sZ00#Sra>9Q+{;~lT*vMb%Td<o+nl*dkR?8{s|
z2Ad2PGs=5HDT*Ar{UYcI3Dpn|i2u0Xf%RXxNKt?w+Q-V;`0F9<*j$*>A%#z-J6j^O
zU<VkqROkUVOm;!cCZ)$=#0Q_fcicpic+LiTZ4529G?yUTm&va8AIG7qsXNnbdOC~E
zY<fDIBp=fTI!2-|ve6D{x;^c6N`agCR-ks7WqW^dZm}4f1l5cYt~7KgE&WG(m@<||
z)Oz6DArnH@@`ybn_z-wiuI|ycPWk?Gyt*D`>qi4cvey=0ScVBcXYHdnhKC6jmE3nv
zRco_Rua2oC?Puaw>G6y?bp)SqXKxQc^fa+=8GXXr(sIxuT;cL5u_GGGS@CcRTg*Od
z0gTX9iGAGLP>Frg<N>a)>0m4U`SMqmpXp%gzwgoaC7c1t$sap^tQW$(z<dHX8>}VO
zMcUnNg=sJ&$kfK^YdnDCDevtnHFN`X##0Pl#kBUcg{0W*B=j1mMN08$Ont>0eW%$;
z8tMPp57gWbL+v7)q;>fuw%!^&a(H}tZh96Gp}TmvVz%4nta$rb4-(GVLo9ZuNUusZ
zeIB~^$7{r6o20TU%@VL;0!Q<T7U_q~b*qdMjXZ${9(0v`3<vk?zn~k@#jDq0(eMX=
zO}M35R%X&~v2H_UJO(9AHSHcX!P64EDKf!vw_5uOTZ~9Q_R?#wPt&89;~xOY;r7Pn
z3Nl(jve-x?txnawFD6D=l{_V`4B38P3S3?J4hXzrl1FqdQmXpnpJ<oUgqTMTLh9Qs
zmk)w8Y9|1aWwcKI3QZFy4Ge47^HjY~4^z9O`=A|NY!(=r3Zr)d#M(Vc>@WR9bS4~Y
zH1kJ?rGE*8!)o=D8{EHVBg|R??6E3;x9x}oU0dUpSa1uk&@sRKS-5re7<GAO>JHL|
z)8i49?DbgG!SvtBzofM%=4fgMYOBh%Po3VhGvj+zntgG-VddrJMdXCvpIZA@{k4aP
z0(6HY1N4WMK)b`<XSdd&<|Dmpoy-~Tc3R_a)AN~~oBp(HT!y_)DG$w6#=g~UAW?iA
zGgmiI=W#TpALx96xv+cc!Ooi%u4VwLCi<vcQ?dFq4t*Z=|GFOI6_%~AJ;ggC6C4C-
zykI?3Fz%UfaxKT{zm77Hm@y@VNZgTQF@+PZRZLh&t?4N-n+|yjYb3!I<EJ#or`)(m
zq2ecnBLipAbcKh2ib$Y60Ly2xATt8n%WyuMBcyk+(c=scNHreaoS0JW%j;~W^WeG9
z6?`eBg`58)%?CevsFKz~*OW}&QOrrV#a!cwUo6!WlBqD|GJc@n;-Ig=(jkT|vByS@
z<CbPaW$hxP-va_Eg`bkXa_0q*gt%z2fb!l<q$Av|nNV_f9!iH^*GU51Ie9>*pi@d$
zXg@9-{jhQA_K#Pb;yWqaBQ1Zn$W2`L0F9g3Bh31OeNC)H4WM*2I`q#J96(!-sYT0U
zsdn6pp16n<?RTxHi^((S=VZr6Sx!s48aHM~yCJh1Z#B@8sK!edRjG#44w^4iN`wrL
z@qb(V9-d##=K6jaE4Ypy+*xKd!;^c!Z3ZGvMXx#BCX`cyy3P=o)PxNOAi_aY!@Ga2
z9wUN;Vp0XeIE&wRHgvfVRU_tp81vq%#h@Axa#>!&{Bg0+&VaDOcr=LV7hiS0)VU@8
zoQqP;_U8_ae&H}zPoQ{u&R#!dtwg-DTfF8wrcK(}H%kfOJEkWjHwAGn>YVAaCC~%`
zMB6I?Bc&?{Unm$B$*ExGMq^LYUT(kuQPpN|=Nt#`wE6hDJm2pf_AlSJG^}C4@UQc`
zo=1aD+V@`UrRtz+9I~`A5WQxRTSqd0s;K`(Q9#C5Z@!n~4NYUeDbtVN%DVe=NJ|zO
z{f*8<oDq?r{7?D<K5VF67F|l(tfuxQi*GZVK*8nv`!Q$y5<^2K1k=&tL*L`h<e3A$
z4wz`+G0XZm=zGx2sPk&RS;Op=9ING?6#LjG^-$di$sM)IL+&DN0NxPN;oxfWo9fHW
z_8yefV*w4Qzk(OH3VtzaylVBhLxY9sUlS24&B{{BhmcN|92g`J2t{p|FwY+3X5b=i
zVxZOuhHPL}*>ruc4GfH<n0t-}&Rcam4+`~N$|%|ce?o)JNQo!bbKX=#@v(d2c^9o2
zhg3flYR6Vu=Z$U&rrCv#y#Q3EwW<%NVdI`Y<aq6lfZ1o$ht`<OPQ66PH?_Oy3|XCO
z8U0}`a?ySI@%TAg<FXmvvrxygsdSqnuW1lMcH_x9tkbr?1NMwDjHD5rc?8$oo>IG6
zX3jCe*)%<sP1mM>2yb;~JkwZ;s?E-80r_+R986=H=|i6}|If{-7U+}HlOw|K{qVg(
zte@NO+xGqa{5;}r*Z0T6*K_RG+bN-FvcX}mFaJkC_YYIT*!{i1C)mS^i*vqtL)Jc&
zK9b(c-hH!AgZ-U;zW}`^F8*Yw;zXphSF6gd^566>Hb|Qyjn?b>vGP0`_DbALHn<0=
z)?YRUs4X?_>t+MzS|10H=@q+1ECZg->QtQ%l!X1vxF0>0(}=MxN}m=^$H9_M7xtR$
zQ5e~(7g_&n*vqg+9ui-tY}+n4=O~=E<8F0px@gjY$3LLiC@(Kl<D!Pq=^Wkib?ONJ
zzpjk=QIkA-?g0O#IU(Knm_X+dn(fxQhT0_$<G#DvC*5)&-Kf0I?4nwv#W8WG%)XG{
zeVM8jl95~u8%Ct6j{EsCm|2O6gh*A;;AX8Cor=W`^sNeYV22HhQt$Q{VRq!YC>%>(
z8VzHCFaxcnilGa2fO_Z0drwHq6T}`|(t(x5@z41Iz0Wd02RlZv7z^XPlX;VL9y_LG
z(oCQ)V@_ck)N{3^g57>)ZUUUf{ET$eD_3&A@FV}T%jB<X8-OdKMvzo)YK9$>5D&{D
zp2f+w(b|sDrPMl;H`nhy^j$@hx!<m{sMW}R7%6cyplhm3S*ZE;`Ip!4d;jYC@?UDH
z{TMDTrqL;-5R9V4LrolvlYtXeTS~UhE*wN*8Xj=eB$hb1P26usQa>eapZ+pw5nCHp
z09N%$-^FQAB--P=qd;GI|2+T|mLkgR+n4*ZB^pzNx*RREgNYNj<QmJ@nhPR1cO=`4
z73-Hp5ez>n&FRn=XiVD$o=;$J=2mI98zo>EA5Bl(gnVrbZ#V%52I=#I$j4<sHcff1
z1TWUF5HFSreA=%Bt*K{5p2`B%D?@p1??3+pGz&3r4m8XDV}~hu0NdAB<_=V1--SS8
z-^S{?lwtPTB5B>gBkrLbs@XtL`rN&28Z@ez@YNiDC$8gwY#Jk~Tkb3>ixKC39!1!F
z4mRZB0Hv39EMjhx5k#JF#;_8&+!}aYXU$hDel24c;*3*NAKRtV{yZs_hGL`(3q>hN
zB0M+wWWXQ8PI`*CIk?6Ax@0acvVw_*oYu~jzAYiedZpE0oyEYki~4};xs^+95nA#g
zpHEcTAE!HX9g}(;I`aZQ6_KdKSAwCo+#avxR6ZQSCm-%P{42NbNc}}%Ewo`EQx$Lp
zD7LCmaY<-n@-*&0{_FX+P`gNh%!Hd!hdKX@j{yF%a~Uz0C9-fcu$l)K?#LYI?8c;q
zi#~OVCuVdVpU<qRQ#f|$^h5arQXHL*(~*iEMli?}PFkm4evrn|B>!7E`ru4g9+LlF
zWG~&l1X4hDV(_uC2QQbnW3j^#tE7P)hj?HBoGe#{6uD8w;p&_X*~4tX#(9F(C7D3!
zIcZ^yH|ah&t4rYhPQFS)O1qZfuRumz_8E|Jp{T;Cq$*J&C#dz5r`3TcwPq&JNrLyC
zMG7M%)1uM#2Hx}bWy5^cSt?7veGi1o{2YkkicMm}Nf2k&ZuElWNCajrjog0zCwDYQ
zM5@^%d;P*zwtW1zcQ6G-7XTRHjBbdjQ+ZmCq1*LjhN}=Po$V27)=&0|T!lR;Gg4=V
zgitj$xs#sxz|Ykn?>76rPXX8Y_-$^txYxY$125ohlI_=fk*oSpr<ime)$|##MK(t~
zFzfh%S4cM@qFj}fEyryL4LpRf>)xMASSJ>bY|-2qb*)%47a_ap%F%>q%-bI8->MU0
zbnn_=<TgbnA+_AvjGO&%mqmk@n?cheob7#U?`W+XdF`b=z(jx3q1BSB;)Oo6xm49z
zuJfSc;9&}f+ucCq$5n}g4`6c~^)dyiO`mivNh@)4UP`DIbs9dxF~Ma%N2BLYL(Y;z
zMO*Sc*bTmy*m4zxFzCy`brx}BTK6!^k<Cylv_8OT6JU?&wdn1MB+wRt*7a8RoIen?
zI@0VoCW@4`Ph9z-Do*+WPTBwU{tcgUCSQ;b-v01%=wzMhbgij@!jxvoa2vXmryebG
zlBEv)m8F)rWhuw|tIRd>Vz10ao@_EpJ(@mO)phQazm!+q>({{((?Wg__Qq)$L6&^N
zQ8lx(K2Y%ft+EWxe@MnH@V$OaL1>?$dwlqR<TjmD(;`|ibDxjOR_S9kCasxm+HI-R
zGw3#CY^50<RmhS6*$S-`S6h^)wgRB}I2AReF=Y~%2#S1XXTPE}F0CajLj1q6Kv#6B
zFbHZRWeYEX3B{xGRFy%-A4B$e$|n<-TQfEO?b8P0X;nCSrkDdSvyY|t1<nkC_Fe)E
z+L7}q@>{ISj7-3<UfG&v7-Z%hN8uTXk)9Ekhco(d3}efmfbiD06|&Ang;Ryo*^VXr
zh5Lub_r>=`nn#gE3ap`(UA%pU+78|#AEX|Z2C?SH?3$m^E+`+wChgbGRlgPI$*9L%
zEoGh!#+*`_92Tu$<#=2}>R}WrWzNFZBx_~p>BbM24j1bJk5*h=b^L-;^U<z8cO+wN
z3*)r~`b&WW_-cz8-dr6Dr2P~!(AqN8$kEajG<0u4S0M0R@maW>Md$PiE)TiH=EwO=
zeGtKn?=NAM=@d1${-)A<RG7Ia=1T7F4l`1!_JQ~G@8O@?_e($heY%?w`<e^&)Lh2w
zx3EjMnB1l?7gkG(h0qHe5V(uuuvcD1B){S3lVY@tZE%*CP5Z>=DP=L3^ciM1P%Hi)
z`LY!<10Wz_4nw0qkGe1nV^U1j?PV<UK6&sg0yq3zspskxBOmUm7njQFd>)WGM2}F1
zLM&~@bi5KFbKw|%wB*@cLNkIu<H9A*PQ=b;9DitIg%$Czt~izfrbwAf63EUsLb}~-
zLD36zbV%VOFe&<vjbaieCHws4zlB7z4xy7eP<J06S8BH2EW5t0z>DHJhdL4G=nCT?
zvQd1j(FuN}YjmQa%YvSEqnmae>=!W`Au(QIKLnc$n(59#So#iL1iOBmvdDb}UD?U4
zjq5fmD0&}g1ok8O9Ku!!lS^X7tSmO7KP5(DM-2*bn7BMW?en|ViFVP9W=6U;9Rj3V
z{vJvd??54#8b>LSsyi>heZl*UB4Z*iE?q(JZuBfUPnxY8D4L_@Y()~byU8+JZQm8{
zyQ(}YHQOw(ElI`igpEqbuLTSX6M(wxNtc_#yMAt&P%8vz&gw>}RF&NpajiMIWE$T6
z4&SC`nHZshP>9v15_`*FQk(X_&_FqL#?wyf3su`xYGl^J%dlR4xtgfn@{#(%%0(7w
zQXc13Hqk&b2s@F8$``G=0SVqfw}e?{tuBQKA8-ujGMq#Nees_K{nNN>k9?}1@_^pc
zP{UBqYjjgG`9iLqecF(FOUs_dU`Lns{sqpNT*X~2F)GxR*u?v4rC4ba!INq55ju{H
z#8wv(i;^N-9?Z?x%dM#wAm?KMZIS-1?xY#^KL+X9x>bqAYD)=&yaIn_E29DBLWvC`
zzKX%OkXNICp8)}s+Q902`2p;(H9YgqJmzV2AeORq79v9!DzoCN?W<&CGVMU%HOo_w
z2H-3A`-iL=to)7Zq8=UDmaS0TL{)%&^UX@DdF_~r)87wQIGw*zTtp@`a+CU1Co7ci
z3&=UEtJLviS_`uEsDnfP5^TV4e5%{U1{z3V{P3Vi<*)qk(>=GPc--(J7@a?F`fCBZ
z)GLR8b-J}?j-988#M*xNE$+{@Q>PNDzg@($P7F^2)5EofyV~%&Ch;_D^H#evF?;5*
zF7bRQ0xDPVn9JK<Ym7`We-$kZ1|>9`_vLk(fuA#$F4*`V9C}svY~vHFr_bnxIA78B
z6S4D)ivA>fAdX+>q(1|fIoSJ@$UGUPTCDZMNBI0j@8&QB+pEy$Zi30H^pY_ka2k2{
zD&76X3{0a9Rc_q~TVrkv=FvT!9_=;W-A``oF|doM?#Ybx8}8BQ*4U8WoxWbZ;n9`o
zRo?~8(fqGfM{2iLK&PqO9Z6=&QH`#7lBG_li-0j-TJ+60xaV<Q=siUGoDE$vK~`)w
z*ZR*?pf#8u{1;u8Ab1O_`znSH8ndZrwP|v(8NDKUa}J05><Bg79BWp4Ipxvfa>CZc
zgD1j!K-#Z4#IPtgo|d9wH-G&+6US6KORdtDfT}MrNvnd*Kgh6-4^TP#J#w9c_R|Qw
zE=Ol?!(ETpA1C*-8Z#<%+{`BPuy1ABD<Cg@d$1=2UFUf1QrV-arMX(lKGu9O_oqJF
zSEV>l&#|g?XVAZyDCkUHH=q$b>LUb1JeTo_S@nIkTh$N{l)f~EBI!LdQT#13{nN63
z)wz2U2%`f;4)5J<mFA|9iE>d$UfQ1}x>AMWZo}MMWNnQ?_{=O@wMWgxlc<`uxLhiy
zE}aI5(O9F-+IC~B=CvU<lQZ(}L#fdY?oq&`XVPQXXb;+t!oiXGHkL<u<?Y_%5vAW5
zhP_x@30uKW1Hsy+1zBFx4q?a#7jsyj;w+3W`AotB$Sk<k<zFG$NN$5*`#yoI)-C;K
zc9uy2q?O96Y%$5!zDjHkj3sm>yk>1JeGZK28)c%e;0ev$0dM5)z<ijF*9h|XbWz<{
z`s#6Zd3z}C4%G9a&79N{n<$BgsXje_{HtoFb+M~O8)7i>A(lG7Y0XA;SNKt-YqY2|
z#bLA;vMi$(39FEvIFJ7U_3R|HaGHu>YI|GQx^VP>g3kVY-sf3yHwvNlfevzAr{I{6
zz7q&IamXt3EWMgcI)Wr|Wf6hBV;W`kPlubeG%e&2*Uf$~_X!S!^ywAS-2wD73gzh1
z=M8QvWviXU3{px=G8V5245f<BzMeND7hgjAQf-uIAbL?VwEd3auBI@oscOgLL1DEV
zyK68WMNbIq#$@l4J&j+_rk*-tzfs~U8am9f>ELuyO9NxbTxX5AZJ}n2k;VsnHwjql
zXf!Jz&uKd+8KbO_HDNRmS8DZ6J_HztuC;^``vW1&(CtXb#bQowr!h&{{wX5JjHmwG
zw`L6YX<}44M&aXR452)OW{+8>5GM+xp67=ab0-A?eSBr?)RALUV|;3NOYArVy*qph
z<626qq+>%)BprRtJWZ9JuG{4ChM}?Cp60t&3-IP7Hi~z1GBsYb8n(!4_4k2&-Nl^i
zXz7QV4Ymg3CKp!$I?b?rOWc&AIU)8c8gjAtuWm}@SC{+3KGf1RboPyGF<0v5E!NtX
zkCnopxvg_Pw`~HZ@;<lhV*i5Uzs;Ln<&cM01;tPnd(}S*VK&<IF3+1-D?PuYVmiRo
z7w{FHLB~En#=M4P2CC|XG+32t{DY%TbHE>(IVZa4d98OQpUV2Fk%z8Q0lB<kA**}g
zR{^0(N6{R8v6nW?M$vpt?c0FHMV*-IvhZO8N;(|3#SiS_P?V3FW5=L02f`>VO#TEq
zZZdM@4%>mHEQOC;B*TdXpI8SBpA&ImP?kbslm<Rv<z*pgX5I9}08gw344*ILjer~v
z^&hyn`hrZHpIsE0%X*I7u$*Ie&lZ`-NzGzy_DapBJw<(=V_R#N2pwVedV0Z{gY>Xl
zCpwuX9^>!$jOG>1IoSo%4br*`FQboF$~r&YFtE$ZLk?)%d@Lz1PNmG<7IY5f;bvyR
zdy1hF6{2JaZPR$r=*C{6ohS4gaEAd5hM(3X3tJ4skUz^Lqa+7hr{SEbsWVJ*L4+@}
zvY;1{mwgI6x&5b^5SS`4UQl+JyrLo}iU$^PCs;bpcr}3hRd|puduGOqNq?&}+leb>
z>17oZ1TVUERfy4*cuk?{yciL#WKO*7FuK9^by=KroTe{~jgv@a&l1e^HE$(^=%>~?
zC;*k@&NJWz+NT|hnl=1B1(sGZ52Xqk^3K!gC5`-=>V^9`lOudaG1o21a2tE23P?#$
z(BU`_cjfcAJjWu0yXWgQOSi*K-#;F+me(<6D%vS7=q^nAI<6MzRSn;p^yG7zw-OPi
zVLKDjXOUKp^3UAl20v=m-Q7em0wl@IdKYttlv?T?)Sowj38qoh>}dqsw};@4N9eKR
zg1p|gyWa>63k-@fLxaa=POzS)L_=e+j0gDPN)I8)M-?+cttn7bp?>K~IR*_~j2Dw?
z_WTEJ7aVR1y#3@$iN6lvkK2zpEACDy4|WzMHSNQ#KEeAKOWAV$ih?8fk+twp7W8wO
z<f~ZSNe?JV#qc{dt^^%_AR*bO_{~+}!s}+btq!*l5v{#3HVGMM2G)B42}ki{jy70_
zIw>NEge_(PWF(HpH3tIq9K5HX$Mt1vT?Q||ypd1?&%3ZwYF>p)+t#~xXmeqGHN>bH
z?eHvhK=O*M^M~TI^{1U9^Z{37Kd2<>)^TQ5lBVFnya59?Ayx>J+V%-DNNTt4`o}4o
zQbxPjd6o*|+wD53<3I@vn1Tq0BzQAK4#XS^BB8}GrT!LN6y+7vkO5d;h$f+V&2Dc;
zaXo5-UpDw${VcyzY~<0jb1ICf8*T3fdui@rri6a4k5xjrJRh8)zi$U`wW9)^eqT3l
zZ)azr_B*~l9zP!vzF&`s1rxRR1_FfNefqyxQb%uZwVj-1H<sZix@YOM=I##qf@zEH
za{jD>G)k?xUhn&>gp|K|;Ph!F@|`G09|{q?nF4+gJolF>kEQ01=6-33wST3UJtnPa
zYA#@d!5JY*97M4AP`qEv+f1zA#K_P7IIDg2m;sV`*Kza^pUDcvQHW_O*1KDc_%0hi
zYV?dK%y<O0UmvcK(2QB;dtMKcrXLEdz{s(w7qF*`43EA#QwK+Q9MJu{yMgH&*27R%
zaMpnywrjH4rr<Pt4C7)CO<aH>;unEtdc8b^-?FB+dq1+MZUQP?u@@OH&@uW0<y1?}
z1z*4WsyHh&{Fp=_fV$QVXbX^yFV-oKE311ChS>$tB8RxLuP<~<FvXvT&s8*5Mu3<?
z;#5(@Nr~wNyZ?r0v@waulUZqqYhwZ#o(yzHBftbfS_q4iO)VntVQ$TLjjch?D<{ZC
zpcho;z_=);vxGZWe9o1I!ODf|6Rp6ync`l+k3I&+eZaP6gW|gq;uJrLKP0KbM8yMC
zL43e1;rpA3xirMB2pf3xIn7iRN(aJL#K;q^Q?y;=9O{?pvix41+;4T3p`4+BP$wx7
zSV9@h$>V6+44X%DLSHQS%qgB*^i^b+=#`0JAOm2$hC=#WF2xd_%iuw)egksGxIE0C
zc4#+=VC#%O9c&%|$o(iKXmlK|!LeC(S4gR9As*1pYTym&$@G<?h_HuAw9+2aU{Vdz
zmg)mFPj?H3E0)|MW2{gfEkr>g#&L&oTyjRE-YNzNc5YL$i^XQe*x~69;Fr@~f3PqO
zGRyfj-=D#%rP#Sd?reyf*=ky<BH;;I(pv4JTchPr`P3&mwt|+HO1?82arRQcG`Qly
z?TzwratzfmMi5U}$E2IWH#F7R1TmC3Z5_NejlK}!9P4UA+b+iEpGB7q|4h#C0!EBf
z(&mhAuol~qy_3v@{Z_ZG^AkE#v8-k$M+8TbGk2u-Fzggu{Qs0RF>mi_ZFr5<vC~*;
z4wuVILeocsLtNt(=y8(Sb{jdHARzLz_%jo;GHo4I%MRAs$qeq4Ml%t{Yol8vzX``t
z6LZbo?cvig=q_e{PNs?RCCev#AzsbFWn}WfrY^@iWbCt4eE6;foDd8KD5BwYvQMYV
z-DEJ#9{@*EEyt=qV;)7Ogc%R33c)tB10e5!oQkdpPu!4CR{a3zR=xa5bSF6sZlnc;
zGmVaThg2h_DWmf!3h+LK2g<7FGU=vOLE#PIqfD^9FDlG^IkEXH6w!zSREU6WaYdH}
zbm54InWlEPNMzA^1?PwFjSO-5VF-%*<W?o#X?g&8t9DVlZ}+wO>+&{z$}+?O-ks%{
zx1r1vZp%-T2p_;~yJuIXO<Jeu)D=N=YfT5Lj9$NArf6@X(SG#0sG5Myj@}QW`=964
z_YbNcGE&|4J#g02bt!(gi*E=P<_c+e9OBK18?dR8OL*{ewU|woes3`QmksIi%lLap
zWRsil3L_dB%eCRHNJ6kzkCn(tl}Gvv42;x8CZHU(_cWd~+lajew$P3cB#!%4(<qJ6
z+@Xa(oLdn|oz~OAPLI&Uh1fsvWIdRBO`7-fN*oiW$}$JL%4x_N6bf=P8xH2<Eebks
z%~$*D_J=vvDCef=FhLu580rFf(iq-30j;5o8FEl(aQTwW<q7OD?=r99Z4$o%*FVap
zu&)XNQMc%vD!hH;@&tE8ECvisopQUazkj7rSClnC)atyS1KOQlm!j<si9nlgk`1J@
zA|a@LW9g(#Ceuj5u9sY0UkY<9-ZXlBg1#IKn{gWoXD7Lcj`wC@Y;%oo$g@HeaBsqE
zC9~#u19fG{Qx|sY9UeZUR6*)kY_&bYDdb-mqw1lPabCFtMgOZccl3cVV2_fHsk#aD
zj+#{L-7kSha8age^XgDf_wF%BCb6@1B^kuj5tJyZC+=<i7No9yqWTDSW$G<e6c(@I
zu<g_|lzDin8%hb`A9qk7w|^wMqu04$GWx{&8-=3oDAXZwD<y=SU;n0CP>c4!AUy&#
z8{HuqOipF6ajCFev!;~2tz}r~;oA$rJ7$KPhs->AWIJU!*V+I)+%F8{bpBu=-x73V
zQ4yk*N%rz~70y-PN;^6A%OAB_;j!BGE<KhYbkN3fBqmCD=$w?&Kv_k_FR(+v0hXP_
z!7em@f*?wd^>%~Qt%9VU(lAu%*qP}FQdg=5&%igrHKbtqs@!SN4`ja5G+rK?zTC?s
z7dzexL($TMX{BHt+k!8&u{v6fIY_<b?BtSxZe6RV@EDa3r<XKY{ciF6Zc3G05fAsW
z`7LFi{j?%wZ!7RS;aN$szU3U&th&VB;1Sq;iu^3REfiB+h(#r&lUE9^wD+&og#{C8
zb!d1(t6!i^y_f!+=pz1C(+6p*mR)-`$CC$&uVWMn6e{_o?DaXnp~v>oE1^zU0%s+>
z*XQI2kRLHmKrdyg3|wbV1Tp9bM<}0O!mBc!{cqi8Qak~#XLSUpA6mZjU+cGyw$BzZ
z-nB@Tz|&yPciGHGu%x+cD(Jn96hEWn+UT*bkA|X=%X=;5>__3n_o!{;$T=|fe#Nm0
z;ju<#x(iJv)+Bz?RLI9U8@f1i?|wt6rsHQlQ(dxLtq|T3IEi(SHjfiDoy7oKNJx@p
z6(B|mRaK(`nNa8jh~kSNyXiUNR!4e>a;FW}LKb6hrgboX|C)kbvFo$)>@(Fn2f6$D
zRR6wvQz5grtAEV)>u{igogN4u^u*+LpKPt0dfNhgBKvE8vlkrd9*l|6jBQ;D)#!)R
z8){4wl+Tf@s<iRW-W7v?O>LJS{-wm{&9banpv%$LdVZpCs@+YHr%5eHs5L_9Fg+%D
zCe<~Fwv&cA$06I+I{?3FR|jD&em*nfZY#N*F_Fjl7_LgFo8Z$h!2ddQI{+0d^mWsi
zibP+%+d_6z!TNQ@pAc#fB#bC61=bRv?jDAWQoODmQCbz0ZT78Z)b5j2ha9TL!g&OB
zl`)pR9PO|eZi*`9Nc8Oc8IDjuLW1o0M=HVgD2q5K%RK{_G#hFt>)Lz^VvxeWtnqt@
z<SL3t+HKAqB#dWsmha}4Q#9wA0wdpiX|Hw8+Y`x4JRUCZGfMbw-S>uV-6$ycngZwE
zd}*j@KEM;%Uwl4F5cZ-rb4h_2gwH}?drJrvN6Zb&gAzl}BJ=_)$A0u*t`8S^+6LeK
z39EO=T!h;$yx@V2010|){ULk-zO4Y_{IhuNo~BEY#db|_KANCR1Sw9R>V>F61Sx)K
zy=ozq7!B2YnoK;}s4$_OKy0xRFYVEs_8$W?v~3U*y0y*Sf2s^&Y1y!`(uZe`%QG*w
z#&WVOOwf!ZF{}&x%NS$Q+g`$6&>kK!Ob2M{P=U~2HIYTB^|Q&@hfoc+TR34!ZJZ>Q
z<Mx{C(r<Caa`^bC?PZVEmfPFgR^eoTC2<ICH-uejIBUv@!+{o7s)~j<>Y7>At1JS>
zl{H<GRPE69Y{yfe6kwDm-HcO9T=|g>PMoVKtkcG;bzq%hV_SD!7Y?THmpi0GZeE5s
zC5o>JBgf8WHd#q5@jmq7C-2HXIz<&5nXKW4e_*wsJ3|)@^R-{$W{a>}CyQ%vd$0!*
zE##~dLxxk$p6FFJCO&g!ZN?{<Q{ZXYx3|KJ681NkLQk+w)y{Gjswq{ZXX=?*-KRBG
zDYK2fWnek%%$ZWD3^vZ{VQ0VH0O60ws!ReqSr48cTTM5&;{Ct2niyM*$l04QCYLd}
zms`#xT`jLLLbyJ!-O1-`lQr*k5T({ezGAs}J2Y%d!z{fA*ebZi#AaL}e`92k2RmD-
z5C4FIHI08O9Pt%}oQP2PX?5D6rlFYc-WsPPedyoLN=gxXE-5A0X<BCYTRr{YL1%7$
z3bSU&TWjfighih2c3070+wGIV15QyzksbY|SL~+C4rDEzWH=DAVz`lEqPuD|%@N1l
z*8CE80_p)V2PwcAX3AA)3ZG#sb+~LO<16YHOc0@Ry-j<&#5XFmS$pU2>E8w5-j?%)
zn$oHbW?W+Urg0=o5XwO&aWZwjn?-rB>NpAX2juYwA;~xZ8Fj!ftGk2=q7@|)W1h9c
zudq6Mm}eTeji_Jbq)IsD#*FHk<7jo88?i_D)T6XRw+Bc=XuJO3@|>cp5K{#-gK3NO
zs&=#Rc8Q!hz^tJ^2wcx2Z*;hN_#W6`e)YAh>wQ%d9r9}A5y*f*S5F(Bt||>2kV>Oc
zNHkTKmL|)yE-jO&yG7=bg{*9m;_AG<$krKpg|;AR2rM6w_RRQXoY&GFbkJ^qb~=OQ
zOhc-wYoPFzvlcOkr&-Fe5iIUVyd~X@b>#W;N^(gRJiBZCM1tuRgkv-Wc}zsc3S{Tp
zw}yJw;W%gmc2Cx=iAYorU8{Q*WKG~s@B{!~O&q1eEVG|_`)1q{IKw9T;V2hD8<bY-
zcqCsuD1_7$q6(f86q6>Mo~zR+C<V4g2Bt5qt;V4;Shgc=rF8xt9w{@VV$jRf6(JUV
zL-8M!jGpVr{7U|XIwbY*#CpX6mDho7xRD3<LPn~XW`$q>_A>_ET*|b5WAsB;M{^Rg
zc)mj(O@pqIvn_CPkX1`U@%w4K^k1V@6w>HJPbrY3-G%6Ch6_=&V5WQjewbF*LKT`#
z5FpP`sn{*pHaD+zh<(+t7w&w=xsE~V{$H*75@{d&9Ri%Y^itvG_?8QvpP)I}TGM82
z6DLO-2Pb*k37q^JelQwj-QYC0AZ(XtcQM$(WEp}MLO^~y+4Rh1Rb0Ul7oA57a6U`~
zJDsVe1V+@rDb*xwxsV5dZj;*Ncs0Zm8>wYm#o)x`A7-fbnaqszGhtl;6E2;@9*Nr_
zqsuybo)^hq9<Zvvaxxhf>Q2QT0H^_@;vGA<rC1=bwW?d~l+UI$o6J+eYW%bnNn&CQ
z`75TpA$|$0dP;>iNgbiFPh42s7pyp=UJ%_i%`!&9Nn%p$;l7||R8~;5KqMnQAVc7c
z!8=2xJ%a!Y?T{tOy;{T4f56osc?Q4{JpLwLAYVAJFW`#$$eV`tf(9gW1cj)@gcMSq
zzt9V@@pydXOrD|>k5D}Bx)qOOtfx#=JtQAEscpQ>mhVa*IGFF~@uJxAg4p=IPP=Q#
z$ckFAz=_Y4NLnWQ^##xZFsv&iea3tcq$}>6RTyh({+_I8EA(?}k|$7ohOPm+!6n8}
zAeESV)b1z{`?a2Z)y5EnfSwH)E+{H&qqRzW#mYENWdE*<_&DK*6`(CO#5A?A+9yH1
zVPGxru-gIM;Q-Cxw#ZOtR){|8roWQ+OnsFEpluh(f|cSR>K;yhiiq%mYJ3*+9|09^
zMr8$Q)=))Oa5&<;f@;x(jM5Stgq+LWg#dCs>xD*gKAM)=cn5`8&}UYV6H8WQFWw;)
zZ({|tE*0E1Du5NxMmcB`72pi1N`=Bu1#Fr?vQz?`_$#%AMihjZ4+U$H1ehrr%qZd*
za~?<*zDqeO2OF|yDMURYVZ+ySuh^Z662sxVM=ErFkNGgbR6KCPd&Qp_5hBq8PO*3v
zL(vlLMvpdbp=s1l$IIKmP^!>B0S`<$$`BPi;i#WbYz_{T^jU;ZEbbOU;v$qUg6Ms{
zA!KbKOvzC46-XE+GjKGJXxQNEus?PLgm8Hgsa|RzPoiGyYQ7G`#4w82y#Q*06w0Ux
zR1Qt-+2~HpBtKHT4`WyaBRW$Y#H^#<L9CF8eq;b`SQxF@Fth-23s#{CmJ3bJSzu1I
zkird*REZUDUUG^a1@PyAk@KL{Q~++?O=q6fizuwaD7c{9tsl`<7)DIR8|i6IaxLFW
z5Ft8n7aNof4VHx!#`ugNj)utu7o5h$VA_1?A}ScAfk+5>J1hu!0~{&>+ZajM0vC^R
zCW#k}a0wa?O{fKz`%LIysi*k-6H+A_6c`5{XbJEd-YEVvu_q88dYh9c@Cx(=O~YE)
z?>kWDOA_Gw2ahrq^r6wuKlgr*pR*je!NlLk)5r_N)+O)*jK~WR+5mrs3cQM%*9Lxq
z3b~BB?^e&AXOWfzG=5E+ZxNQW7xc$}7Rx<n@61DCOPPUH;p`36VU|-fXRpCJ$EPQb
zHx_c#`8F?8i9-nsa7u8;W5i~S_7nrU0$pDp+IJI`(G>scink;WX79l`HM7&eyAL#a
z>VZKfGll<ROmm^bNP>g)^V?pmv>>X%+W41Afq5r*mlhWAR&}obzI2)+XBh;hX$M&p
z@WtQ6{Ho-oQ~Ay}Lgj&JH;yu5pN4~29qK(OT~6dZFuX<(|4bz&p_OkU#j)xVJz2;I
zIrC+4D8Tr`5mR(s5+A`_V(XHJXi``5XF944U76`N^wVLk^8o5N{{X<&VSJ7DJ6^IU
z;!e?PG=Nvm^&YbBzB9*0P5dKcNv*71a+LWo#YHhFZsB=a)u9w3QCQDm*|{5`rPM&y
zEAoZ*44BILBWUK{xsH``_l8T(Okoh0n!K<8`$rhoym;+fH^P;{XvZr3;t;sAFl2`}
z{you~MJ8{3<M8#KNbt2OuULjrdn|K9ky!*Rj$5z{#T60I!a2rec`vc)lXs-+NK3}%
zFN3w`49`)m6mNS{rsQ~fRCva_sU%3oUZ+cc&0jfBV}#jN6}tzyHfDa%l~kEfPGkW3
z#va!rRMGFe=geMg3B9Kn@%y(ngHtSH6^NqoPa$BM=i?pyIK90p9}`&|tT$HNOMl?C
zq<lLDS09I4U$l|=6kwKSY1r{5UjoNt&K8fU<BYZ<(aH^ie+;N(yD9J_xYXgrYHq2L
zHf(-g?E#YoGqKE$lMj-e)`g^GAAEY5c(G#~9k}z@0%ZcVkFDa%tsW*|%MP*fYS){k
zC0|-$hOp32QKj_v3|Nh3r?EL$aI<Ino@%I`(>jnDxPgg4;Q$Yq+M;NWAH6smNM}eV
zXJ!2Xe{AUGp7nK1oVs7heBFu>;1oIAj}2J)fqZwLo0Z`w_yU>U?-Gz!;gR@^*YP+?
z-`uGrMC^FbBhC&wM;!>vuc!OWIW{>f+Ee!Tq>V}dBXLSl_AjB3@IgCTGLLLwO-#<5
zHVPm38;W{6;M)jaKGYo7T9BeA_?c|FDu>%)=<R_OlZpN>ThZdW(H~xz3E7iuU<WNW
zFiuOy)}ITg7T(=V&1fiE3?r%~Wk*fXIVDB)Ujtj#<E?(kl>wtBWDW%TUz)vL|Go<`
z05ut^{NTJpox0t9|B)^Jr&fK5K8B<107$3G+6M<#`OTHqqmku9eoUpBlvwgS@x9Y&
zk^n#-2R(?J9>`Vo?%W*L{Ua}L(SM;ljNa0zTHEY7kN&hwljrpxL-qF@o-u+@s(Tzo
zva>SRYq=A<2VF4j^iSZ_2QQX(ogr!A@x<|{`^dz{L_M^ZI=WE|YUm4qL1ih-lhUel
z`gvB`%F}oddXjNb7?Z4K@y3xYHL5+dkC)KPu)QJCz2&Old{Vv8a&b!Xxdps!)~Js(
zUrX8OiKvCg&90l4JgDvn=CN4QbAbhh#1E`Y8wTTH=ztk&{i#B0F(nDBtIG-vy|Xck
zW-%IM(9Ob(l>1CH%2{`_4-?GFX6+&m4Cf(i>A^A!EMh^!A~YI<Z5kUI37^U;gWSaR
z&O&JsI&ptF0)q|Lh*{93sH{D<Y4kfR!_JL@_@0B3)YH2)IoJAK`>NXzQJqX#-3&LZ
zTPWO;0aq4gi^qgFby{MkG)t8%h^E`6H%*_zx0dtL0sr(kwwd@qi=$r%)zn39z8U=9
z&~>*3L>6J**eSmpIT#`Ilx?DPJ)?StD7A!T<`MU)WnI*V#919D+J|wHBR?bDWPy*l
z;>m*w^D1F<Ps0Yj`Pmh|)9B|D!$B8QDcyWXd}$p!0{T;Lg1PhqoQY#<iWTdAx-86;
zg}DhilYZOFX@gXo1x;tTGY7NKLEBhdpVhbqnP@&Mtbf8Gz!&2&m8JO1>Z@q|c1yOp
zGAlxB+ydqq?W$JkaYPJ;=+n5_HDRj5-5HxjuP{WPxgz8O=s5~cU@**GbbK`8pB!*_
znUTt)Z@Ge`d?Fj>3xUw1f4VR(GPLn3weVRpD$oI|3lh@Bb`Gy9&my)?bf$G>G_}*5
z@fc)FMJSutCx;Q*{txcZHnNw&gJReM-}u0!$?N>xvvWJupV-*-P>$&7F<rjFqSN>$
z30WbVkQrL~6HxG#va+PJrcg!igybadKxT=MmtaX-X!8Ka4``(A{W1CiI9as*FB3pc
zskA>Em>ifP;d)8TknPt$3#KE*J%`p9Oe2T2WuQ*;zH>L^PolQme<leMwBMWC{wH)~
zB=l#{`yR&&kpp*99OQV292^6pEuAOZs&u&Q6^8m}j3flbLjpuM9tP>p^{;(y5h%2j
zub2zjQ#Y;=dks6%Im?#Bpva=gq~@;Ey05+JBTfW^JG9|Y2d+Yryp)Or`2fXZ=_A?J
zhBf)V7DAz<3c9~THzxWNOrnfjSz#m9x4-72E>Tp-k)ea|ehAaF*kY*Jueq))OsUnE
zVU6Im<(5#wWj_I2s7o$*_8(%h6-GR(R`T@3ih^bst=I>a@>cu%J;MRuCgly~Q2Mr^
z|CAdskMKL2PlLopW{_Dk*`ReNVGw$_3@awSQPQnbbR{%Jp^qZ-)?05P_hn@!Sb7Cj
zTh{HlOynlfJ8K1nTG|!-GmfR1U@_<vG~Y?j9Ek{&|NaphXf!C?5*!-Fp<>3ct{55f
zy8C(IyQQ^%Gs#u_k@;%|*TZ;6a>EIPwvipR0;bDuzk)4@=6HD_IZAC%hXV8`Aps*B
z7Yw&awtYqbEK6=sc_-4wBpn@7zurV6veo)JceeLy@QVuXU%y?a4gJi(K=99DD&OLw
zt=THGvu{)1SJMT@q$>W$E=ms`$mmV8b&H1KbY34e)P5?PW88RC$@qqu!vRAdP^Ut3
ziKZjQgsbr|XkAcp*BI8jOm>&wK#EMt*{^7Hq155+X1OcKx51X*xB2Q0Vz|Sa)$Y0t
zW<aop&Og4!K@n;*;k;Sr2T!D8LOMK6q69Oo$gl>Gw$wws@F{s2@ttwlMpm^E`7y2|
zA2z=Lxlj3?9uuizFS1>tNUT06D^O;RG(pZD406Rr1N;pI0f7WJey@}34BHG|jY!d;
zW(rTKmCVtAb|SdRUu%`Ezdd^(Jm%3#4VKNRWuSIQR4xb|uDenQ{iw}mA3mgbN|fKT
zApNeuh#r)}wZB^PHg=kd@K&LI7sb{BcKHrzvvwXS<V{0JP&%r*Qn>0SZ3+xxB=1}+
zi&tPeqxE^kCsN7t3+T?<TVD7Xww^|$@l6_fRxGpEwJo;~fMnf2##eFBzL$A;MvjE7
z=En>7*&m8tW&WU|-%v&_o28=!6txOhSzoq?D65bnVc!;5n-X3&S14?<hEy_RBfQdN
z*cD7OcJ2kSr$>JE${U+*Vr=%tbz81Awqkx2V=7KyxzDdGvsw`e@AZ?=BVW5c@XX%n
zo6zu{Gx?KBJf}Pw+Xd-NtOIto;9kiH4^s$Ww7lU29Z4ER+(XRPZR37v-x5;eKYlMi
z-&}TE(rBZvr(ful$LdlO6*?{E30KeCay=1*;p{CEs|!<C)!E-87AV`%VepJ#RPE-C
zzn`TJ2tWWE6tGUR*lgk!t5M7NP<OnnR}=7maQ3q~9JInoR}GCR%&F<RwzZFdc~xsC
zQ(!d1psl3ICrvI%QD91_K9;(d<iZfq8167oX*9h}gn1>XhlSbDS5fs*(7HG?D^Isq
z0&}06GQ3oj-MYqlW4B%T*K7{d<q~^hmWOC}!WrY`SlwF7d5I55Xg3pNC7umVFwA5P
z>4qRP9C3){vw{;M8%WAZbf@^SmI)bSZ*wwPG=~XBN2)8Nnq@pbV3WZ;u|_z#=;87$
z#huIbsCx65a^w%rWg)@>dJECJk;5erd_C|b^*6jAo|+%?u5<2+lhZ@hPdt@V=b&ub
zo|aP+wP!q~*~O*8D4>piWV6URm^$5$Oc!n=8dp*D09in$zcH9<m5nw1*uYE$(&m*P
zW>b7;)wAvP+tX(enTLZYf7k^&?k5CIr^hlf;?>vE)+N;E@CZY3+h=2y7#<y|O=D`~
zxm0T{U0kQy!X`q?BC!LEkYl520a}E!x$ErmLY$tP?xQda#mL0gG4Lt4e^-P+!N#%`
z2MN@?RFha;ouaqpc3@t>Lr@WQsH%gqr95<wUu22vl>Fi&MeU-dY@e{AG4e0MT5Whl
zf-!PyW6@P0GdiMm+!dcj=>43|d4~#H3NWjtAMP~5KOyuCqaB))h5@BisEP}U3jTLL
zPlOh|o80a`CO93_UEg4yJD&lb!$cd>2~_Do>k%Wp09Q1_if;(4`G0+OkkLX`^7LV4
z%wylstzF>opx1H^%hCC6#n2+_yl-aIPKNuY=6&Hgp3blg!^yJtIMhzR?XT(^Bor@%
zu;%tW*K#!2hS$hZW@*Uml*v1LSjx}$A1T`s^JRyvZw{5=G85|Hf!+O=;Hz{=6>Ww^
zC|5D(CJOD$@~2Dgiu@K+-|CdwPR&Q2fxp+q-V`#Ii0^X@E+)f@y*|n{uFuMqH?EMz
ztHy0F5-*vvDRL@+ZkV%zDs=bBQ}uM+xv7`t^HVtvp4pD{%wH`XBpg(zZ6(7iZ*V3G
z3#GZ$I|+5k%z6z_TRtrRO34u-EPt4Xl*rUK@4~SOZ0~GuwofG(@q{X6GMbOr@d9M^
zf6HNyXk_4PMjBI?XI6noPnpAWFp}sVZa-IF=g!puc?x0FZYz$=ADarNN4MQb&(b*w
zy@P(a>A${WKk`5FW9aRFe*B*O#&*YL?HjbTEjV&>*q|+i!IcH&+TdeAGlvyG#-;xD
zZRe$aUHz{8V`9mcG$P{V3n0r%@T$YJJEPMsW*{1uQg}J4TwnaDNl<3(-*PO+F4j9A
zUtIJsIrj{oy&!uTXqK_B!ZDK@#^7I9K%}K=L)!G}z$b-Lx6``kS><PB&>T?K&_lgt
zYK=F1tM`Q&ndE8@>KJXRQHQA-^;o-zSycdT&BgjB(;H;!+59|A;K3hVn{$1=xYmY?
zN0riX%7@5(ou{0V_f*5s9CY}}W<3gMDn~{MFeC!L|AMB(<e*gRo?&q!Q!#Gm!!~@~
zOI1D!EhO)L+lS&+lh0=o8@`;nRs6N}qH|I|6B)AFrjoYsQa&E}X?g)psLkgXhsm-T
zo{0&{jtXnDhH>m4QKJf$FgQ6HK+}OhG^zWu*2ndllU@w{&H76K>%UGJ4sT{^%@~5D
zCj}=7hF&DzE7%d)*#Iy%XCI$-mmdREQ#Fl1A}0DVOr=21sXpTL=0Kiton%y;F!3>A
zf)U_3Z4dDF+Am6&&sdGg5s8H=&j(I*1zHO5Jh~CHsyu$x7P@;+PY%M}wi`{v%i{dv
zCXHILUJuO}<Ste61&2Y(kbX=n$GBVU&pf)%X8RYoYXJjukpQ+qHQ+FWuGX8laW<J2
zS?D<Cq?tCE>T}PieCpH_KQE4Gm`N1m*-~J;#2vzVEQ|pQB3AD0E7Ae{$l%ckK;AO$
z7SwJzAgi;a|Im2;k>gA2iFm;3&H5yFgzk?Ems}aQ9|2M~Y0~dW>6Kw4#@Tis-Ji5~
z61_q;5z1COe`xN?J`*`te+Tz5?x;pDqL!?*X5u7k_R@OCnTFyquDH_U1*C{0Pbr^a
zC~L1ZwQgAfDO9~>UXe^RVUv)TLytcBJe%Sv>F)@BPocg!P(5&?7CvsEydj0a&Dbu*
zzc8B^NM&pgQ#!AfDfK)l?U9C`TJDkr9YZ*S^v}%bsUS+UF4HO4de1w_La?Db>$p(+
zSYFUyt-=~W{PPNsjNYVSH`x~d4+=o_za2sz58V-SG<BC%X})#_RfSfDA?lx4iVp@2
zk!WbyvB_a`nmXR-tbwQf)`;c>u^SPA`u!k(5c{He|FywVHT&RszbOi%$v!EbTU`2c
zWJK;w{k%02-7?_6a9U`Hox>VbxI-xvF|%E6jSR+>3sB%G6D3b*=1Zw{X|n+aYCG?1
z;lwU+PQI@p5Jr<VhK}P0e%F6-^syc-s^pfH){9hZ^@sARBnz5Rk?4!kj<N}K9)gb}
zM3@!kClG2aW$;Na29*m{>aT<pJL)a;B2)5AlN$?o*BFPbqu}5DS`8>GhAA>u=Yl!U
zmpS(q;}2DvYZKNvVe=KZ)LW=^)a*I2mZ}tV!;bnDM%Y!2d3Y18)zP%c_I5|4XIh~2
zJ{Zy%j@+Bg8EJ9y=nTL5qp8N`eKjDAHfD2Kc3E!rz0W)LsW@Z$uG-e*To7wU%{}e+
zdT6?jt)o)OlsG<i)+>`r*@}<U;!r~`?1g+{#a~jgEHjyzRxJnhvy`>|%>i=LGS`0|
z9RPh`#(`<`U!ejX@Uu|a^%cK^qT?|JJ~W1|S(cN6rB$Fk2TT&U{e^E0fP4d2^zo>1
zkVn}1qyLgOm^NPmeZw+uOTzA0u_d`wm^%t2o+`yxViWT1FKt{JXppcvt85(^ZR-fE
zII=;WAJQJ+8S%q*t0Bdoe0Bcx{OOK@-wV`N{IB5uYOB2c@8z<?P7;W0Fl%bult{yU
z(5LVW?C4*e)^>gJ)%mmYrzd*N&rbE~J<I&F+0#=Js2|yYXjaBl!!~~@OqsrWS)?Y0
z+#F&r*aW&2TF>sr@>{rm-i^JNKyJXLz)SM0jV#!&`jOtj>9w8rnZ5@|a42qRX3c?}
ze=CFRXtqn*JD%D%7QUbf7poUiEct36{{8sXe_XwKfBE*+yPJzQ&&iGdswP8AzN!jS
z;TY5Wy%_T@zUI|wU>|c<a46mD#Ah(rZ0Oe3c{F6W$_@4xEMv4YtOH2JqF@wST;0>I
zRO)byYm#v$%A4LwI*pBa0S`L|5Br$Q!X&B{G+}B^uB+Ts&<&>HX-W6Px-9b#L>A=3
zs>qWM-2y>>r2Gt8clG>9L+sWD!nmEtjSbC;*^l~Z4B*ma)$M=>3qIQ$fOfNHNZC|#
z_cY3USpCTJJ@!Vww$BDIk>-+%o?Opnrl)xn1BHx79uWaDYpz}LL|(`{p7yFVTo}t9
z`ByCi|L*y}>RsqeR0SjN8zxre`Z;;J&jQzsrmQcGWK6{3prG2$^E9DX5Q}J(IJikv
z*+~tz4FHC|dVlpo-<v<(++5kh6+Or`5O2qYVo6oR-2KZXNx1^`-f}e{24L=~6odFV
z4NFr<!IJ*kaX6=ilo{(3+LV@qxLCa|C_w2ss{VqlF=bjKinBJBf6Z)CVj&lF!82ZN
z2{p|-0O{*8njpvZDmZVAw}_HuCaEc${)Ck4LRPCadD{KnXI39}kE*aG-!NIl5SF(l
zn#k6HG>pbJuD+)nG9-<SftJ0sZt%Uq4Sn)=yAP+^dQVR8y?>|Pzt`TsH{QRM|GPT<
z{b~2s4dwb}s!vGS*{GX0*Tje=rG!fe)>LK64;iN1z5GG?me9zaqAxU@C8*MbR^?h2
z`fdPegX!F{f-j+XEtKjHMX4t>s6e=OT-FW>YHw*iBEji}ea8k(LwQVEQoFx#EqzQy
zjh`;}$ix@dA-oTo{vyVg(K&wSmA^5acFWOySmhln?l`+Yzn6uUcxRd&&XBvQb7*UE
z{>zxIAbQ+<^YWYL<RVRt!d5A^tTI%M)SS?qe}@H5&d4nvZeOlP#nazEXe}d|qck#d
zx33`|7kW>?(oCf^gW9qne6Up=LA-OZ4RI|-hM9Xk9xDCi&@M%RXk8qNB?ap(euASV
zE9e&nNXX|yB+RYEWqMKnS}>WTyb^&dAkko%AOq=^^;VRq$3%AivB{3P3rKSY?=p^`
zJ<W*#pU~Gl)NZp`^O%-v8`bdQ0;DYKKlF+t7<v^H(8kiR2&B`qiIp@_<@BUP@KItK
zG76iigf1-b;7m)S=wl66GM@y>p><3G<<RVYc9eY*C?|n(5-2CKGYOQRKh22|C|ObN
zDN-i2SVopSW4p3tSgJy)^Ff75>)5!y<@tADe~et$OZ0Krj8k9K1X?s8NycE#E!!Tp
z(O4_uv)Jcbw!I$UW&@n8YhA-a@!;I!_}n0mdnEq02XBj{w!=K_bLMAbd07Ofirlw2
z4mF-T0q+^ch8WHi$CZXTQkWY>aiV>=5ITRtCHNcr`>hExLH`kKuMLrXKpGZYZ~tb_
zT%^R#p8^m~$@GEvqa%alP`<vl&tR?pl;xS++9EQp1W=_qFBb%y>x*1$FmJY$WW_{X
zZ`Ol<UD8rtw`*3Ce|B+B@LC6CO{gL7hFmVOu5De4yHT8oDphTmEreGxRgx-KWx;4y
z-;=w}rPDjgGvLd%Fg7$%v>CniOPyQbP3E2|8%~vWq!a|O1v{0zmDO<l)T8gbXED)S
z+4R<WPoWI6i#O?*xDN$3x&hV|>d$i~Ol?vmn*L)QV2#jloV)Eku7!iMx?Q_PlN1B#
zG5xrEi?6XGxh9AP?^Va<#+B6fX73d~p=6_f(H8)!SDVgBn$Pq^_tSb&`&7J#&uQ5!
zD!LqmG@Oh*Xd`UV(#sw){q_bLUqg={D1d5&3AkPcBsqTG+mUsU*5RTGnbQ^RkF06e
zS8Kggmt@7j`HeyI0%Bv}sZd=fTfRz@a*eazR+$ho6F*D0gch<Arcg~UL|0S$ZEK?M
zy#Dbff5{c}Ua+!1#-9uFbpG_o-rF3K!CC?(SE!uYdbo^Ofz0Cg-m@qeO}`OYT+-89
zQ*l?nG_$esWl^y+{OP{nC5tGVezK&QVp{&GgkuP&%{ut-NO)NxAxBk<z3-*DfPjSc
zwR9+W+%KOtu5ROs`b#@HA}9Fdu_A?(<>}tXXO{WuV;)za8QQXIK9I+(xp$r3UIf<s
z2UDCu@eR*tk!?e9_}91+h-PQvju#SgE65!!FfYL99SKw9f1P}H@%}IGF5bR6)fA-{
zCbO%p`=IzU_de4;pnlYC9h{xFJ^`Rjb{(41ZK|@OS+*tYBcw6j?R!rLg6S<6>inyw
zGhG7Dei8Dx{2|!}iBhaoV}W+e(o{~DRhd_1L-qt+$TZ8fpQ~Hc8M&te;;tlQzCJ9|
z_!3OlT#Za~kVw-kn5@q(bq#n0cJi>b(Yv)X)0IgnOeCjb>oHGr*>l+$cRE;X|6aYy
zs498#hfF57dN(4|>bl-+tW=PT@2|;Au5Mk2|9)jnFTd40i4v`9W(-nTKxnX?n_X=n
z_A!?#oG@$mW~^mHAzqvtO!_6gR}7cC(96|-W_|XD7!%Y|^`~BRZ8tt|^O8XagU%dq
zudN*?qNyV6^j22no?-w$P?|Zp;rVm&N~j8}`;@KE4B96kKh0$^ENZRYHrx~|+e?JJ
z!i2X0N7NDfSblwUMvgu%mHv+?m+ELvE;o6`6JBabMJ!oSAhs-+c_9dsFMaXkQII0|
zeKd1v;W?G$UdzqwPIE-)4e5#=dZ(+IcMu}vn#c|Jx`M$a3E9S?EMt(O9nuxZ4vxB4
zESh>hG(?hM^1L1$2zt3B5=%^;nQE9=d4MbTP!Qx|Yrn23u!n?DVA1^PJY{$1Dy2`)
zU<!yS0}h<VI;kQ@Pmkv0+R8^~{<__BL5NFPxQRfL_LC!WA`6&NLIuefH7!LAq1j>y
z*wbJ;&6pB8B&v)KiO?~~4szHxY{Q<SGKmvQStQJuq4AO6?kHB4CikvsC;5Z~o<tjE
z5&GrJ_<gc(VE<_Tw~CR=mzKbLE&NliZi5?TnXcX`&52JgHuOg+$g4kGn`xc?M4J|*
zJVR#encLH#+#RrE(;usXX}Kgy&~Z<<g&X}lc}Yu(G7eCnP!6$Uh+2GEK=T}U#S>Bv
zkS7u#`>VGy9U)YBFIkfPCq2U#_&eEXXyly~EF3)Wp3xNAg`VL*zb|;ng48IA1!)u?
z>fGB{kbS`}#`keS;EaC2@S-rY$mD_;WPgZNeEa@#)FQrpe`(jC|0$O{(}yXB3FX5~
zf25#V%c-whGHT7rO(I-y_H;+ajg&5fP+xtVe+s$s&^^E9A{bcGyv6!yNH0(7^lMOh
zuh&!)QnIPClIMX6B*db;Mlh(KYOzNvo<OC@ONK>L(&x5c#vld)x^@D4i(S|Zb#+bI
zG?EWPJV7(1aIYCB5vFD;R-VqSbcjtHU>gpmMx#X@C-LmqK*@>z+d0@)Pv<~02j!kM
zD|Q4X`(m$9bfEk)%!@6>4L<Pg`^$rPbtq_NmsjhjJ9#zy;hGh9JYfS0gRxOP9=qNj
znbI#6nQZv$D2`sgV)>!#r*ETh{El+LMI#m%gCDstv<P79GY*x?iX;(0X~wP3zG0V#
z1QC8Ffr}M6rQr))Z*c!3c8>dA;)LbvWn3L}{pjoKrp5FH%h%-fwUe+tFJj1!0Mk}z
zUp-bN<4YFkCLGoKQ3@XFM7pz@WBZ0a-S_q^$XoAMN)nl6ST!Mty>f{g;Xrn%Zl;oy
zn&18lC~rnhJI4b!fB)*@<=a>DP5R5Vyq}eFRw*{)Wr#CIG)jw%vx;dimIvH>q{G})
zuJsmvV<WgQaEO}z9@eobWf|693TmRbs4>4)S%!OE7L1+wmZtMhFGbXblg3g9WQsv`
z4In-=8z7$sDaUY|aKLSQuj_Z3yM5jGeMo!EP2}z^+Y;zgxRiy)&7z4*tW01N&MU==
zIez+c+1w#U2a|ozdg`$BZ|!@w?AlrLv-1as2@XnN%^W`~4s>ocwwwIv_ck^MCni7T
zbB^YHlz85eoMtekV!wn6eOKd=UO%l7Q2H#Yu(Do3QwdQ@1)O-8OL^!_(+wA&4K)~+
zF|Ek5xBSRO+P~{9lO{ad6d=uS#tGwm%%M`gR(g=adZC*>=+3*<-u}&2{Vki}*JpWJ
z@BioHIBpu{!UiJtXhu2fi5q2_8=5Qvi*flLd~W0uNPnND-XFy`57^E)8E=0%q^8Rd
z(XVW0@<CAysg<A3l+%K4SjmdI51Ofmr~mm)&ct;|liQ$IWRefQc=_M}hp$B&Y!6@(
zU+O?Hyg)zYZTyM-wu5CjnwBJ2rJyMbxSz2BA%?i-GKaRry<30{HbUW5F?ZL{@NrIB
z@1-Wm+UQ>vymSO7><(llc4@`-<65#wOs6bh>RunFd0nb<z$TTHwuyyn_WI<>lPB1S
z@wdPIEs+JGBxMQTv>yxtMhL%t`gBhI-^JTE5dN5#3L81&SM>u8z=3vqdi?wKH}C3}
zR?Rm-YjoS$2pkSi^EY3AJtr@D0fp7M={jR0GHuAPkR_qe-Vem2ux`7?I`1X4|HCu^
zzFL>2@rTCVj3*_QgGJIQ2b$v$8})~CaAF`V_>5%ymXW3UV<D@&?jw%@vO$=psVGjO
z#zn=-PZ)<ZXrFA{C3w0e5t=R+w~aErp=RR5#BxCB2j-PD8Ee8)uSSYZ*UAg|S3rTV
zBUu>hhE-OS5xQ-|63<m&+sSAlB-FBiV6P8=s#gfHbgiVlj4O?u(ARR$8P}288uJz6
zQYCgEWB<Ic0S)OjOqAM|?_MN0Br}-SjJ60=#EH2>X$0jdR#xViAPiH_nJI-mZG$j3
zw7AteqM^uh$U0H3=tRLXTJk&eE^X-6&*mDO>+yVkj3h)BM3uBKcV7P<k^v$N_N|h;
zxkfQ$?Y7brZRC<rvr|7^eVN;4M<yu!1-SX3Rbe&*Y`J4%#~Z_yzuA*3<LKbcC1$N<
z%xA_v!;Jv@pez~3BQRzhW7sq19mnizlgOD1?+a9x)<LRZ1jI2Mc{t1&#{=_a9D8zS
z9I-qaM;xcdG34RH(YRyQ&4<f3Bo!&+(rsGAj+ByYK<u|fWKP~1qKub|E|kow5`o7c
z!`miJucbbgK@Tw`*6uN&;t^o$-aSZ^he*CzUM!(|sLDk%SZjo9cu>=haSacdJU(A@
z$Ag<XqE0%dtVv_f><c#OVgHhUAnL_e-iopGMIh36b4{XnoFzeVa`M6@+}Qx4OHs07
zNfUPJTNqfrW*b%nnpN9iNSpJvrXn>hViQ&XAz>d&R_L>MaeYbBg5R-1k&{1!QrAsK
zp<d5_lz9Ta6d$Mzk6Y3#yen5v8&`=-98yu8g=Mbs4H7hg6mDfz7@wD|{*uT->)d^b
zu=RkdA1keb6kY>iY|C|UnC^a|(Y4E^KN>l>CR29B_SQk!23*{A_n@3AV@(8C`A~Nm
z9Nw{^iUrb<tNPGLyNXQ>l!WGa7IeNx?X{38yQ&r$SL^H1M*pstG5E@<>_bg)iSsse
z*!~q0ii2Fzs<@+%VQ7Ea7e+!(U&c(G9{s0x_58mZPVv;TqJHCBk^AqEgl3s)*Tb-6
zKP;nbkf6dYET(adgmy<DbOWV|IkqEa<DDpqY$PV13L=FCa7JjB+3(c#0>ZN`n7IHU
zw40nQU%azr|0rs!86pj^rB8-RU)94hBFnJ$562smM|e?|1z%KU7-h%wGV|v!c$ST=
zY|jYf8m+nm8Jn36PP}UtVWD;xcb72MLIKDF_+y}M3rtuh6?9w#dfaT%ho*($lL?}3
zM1lm&b6>GGmG|PF7U{)RZ~j<QB&(nIg;M)7(ZACLw8h69hJeFs*E{x8dcnF3Y^Dr$
z+mjVUiB2z9$b3iC02kZCsfL!aAk@jJHaXS445!*9I@L5M&A5W1It_Yb%TR@_bYuM%
zFKbGN;%z(a%ag>1BpGQgZGDQZGR3(xos%EP0|KxH6qt@RAJ-`)*vuQ9gPsR6mjh-!
z93bpaAtZ7}b%q_n)fsB>8ec)O%xS`c)wt^67;A)iIew!ERCluCY0T5@3QToX(b9Cm
z-%$AHYrSth6}GwtS40bQCBtGStk@_bmuHQ*yra9P1G>8%BivHNB21|GU32V~!gHo_
zjVyKH>WEbMdejbBxYoF{kFeZ012qBhY8ics(S`QO0S!LLo^Hee`NNknqON!CK0I@l
z*rxliAzH-T!eQZ~EnvhzjS@kcVnzhm826#)9E@=uMYs<=$s)=*8{<Co<claW5hZ~%
zq>Ko#U$pzsW13gSlep_jjMxO<z76|~#UYHiKd<Zc>Z@ivi7|JzXt)oLkLUAa4E(4S
zhN@i7{)I4+$TZeVt>;*%62z+76y-ZlH+H_G+>$uI2W=5!>lD4-Qz)uMAy@IpEZ7xE
zjFyQk1Vu8w;ZQsvb&b}^3H~@w@+yXAn5Q>vBa7`>-LE~#s|H;2#Ayt@EEq|uqF|!T
zwvQ-txt$wIX0J!{P-=G>m`@!~2U={>l4ACdc&<!r{Vndu9WB)Giph8}E9G}w$tZLQ
z_MvZ&n7;IV??g|&vq=Rv_4iG+Riw=3enf7+DY9ALjh4*&G+Y|Tj?b)*eS7TD*S<aM
z2JLfSY9{4~n3K{U0oBKd*n`Den=^QH2|G4^<<mu{3<3g|*-IXo!f2mvCN7k0lgok@
zTap^n*mgwy3$Fmi!A1XIekm^w$zt5FlvkS(g*4!Ke@E`2NUbS;Yhx<#v9J@@6g8*G
zEow<_JF&5fmuGu)Wc=V8Mu%*HXo`kF2$?dy-xd(gsbT&_7iz>^JuyH|wVe1C#Dqsb
zJ`!C7fd9zeXc;Hyj2hyS@w_pbBeoL$>@;npN-06lH05NLB$ElvBFg2FrW6Cn^UB^;
z>j=~+q`!#LADBfm6*hR&JkNLn1@S>sg=2PTa|1PfKk`krA(hfdE`@m}2-VyeH^F;b
z%O8rPZ~*|D`umVfaP4-oHU&XOsZ}pk1<Hn50m{EYh;j+;eJ5@zR}p>ZG76r>-$q-&
z+8shAOd#4Pxjvtzth1+tGtAs<#9I`1J93XV*_&4x+6#*7UCv@lsEy-t)ZaRaZ=A8l
zu)SoPn940Ys#-iw12F~?L1y~@S!0j&@GaO916KNPjfMsKwMmCbS;k7pU}3IoKSs}N
z<ef&&9|ZYUp`*3mJ+pjH=xHN6RH6DR7)vofCSwkKQ3-WM7N<5uuph8o5}_3Y*S!I)
zNCndy40UV@xgko>T&*Sax=UzI6J7?I$`v%Z)vtoj4yJcTl2a4j>>pb*#iv{svRd`a
zZ`8e=WK`MR?SyNzWJS`gpu?%V7+0sbG~OSW2chK3m0m`F(~FGq4LMPakyjR_@h{h5
zaT%?VMKe}Ry7o~5Yk_%0dC2E(3h?V4=$z!KL#xg|_oG7raagvu028V7;yNy_E|ss%
z<DD@Ds)LKqq*(d&w(1+I*?}NjXgxfwXoidcC*KS5#q}kE<*Ri$yJz6pMV?;M8aqke
z4p8mCWeONgY3zJxjn_-Or(39-XW}6nAtnQgwZX_P41i@`z=chy0AUi0;`(S+ck?wI
zyKB^l;1vpYKO;+2bc0>=IvTa%h>_p#YW%rjn>?dsd@RS&_ny_<^S<gkO+`ARnMS*-
z?_LZ=3b>ov2*tXwWL3DXM_N!Dbw>#z0NX5Bn%2E%(3Em7SYdC))psw>2%odL{a-<l
z7K~*BrCec*y-WE3goh<~_U0f=y-ybIhkw-z*KhuA_OD*IgWrA79H-C^M6?JoZ}@TD
zu6f&sE16#BESa1BJReXoCQOvYK!vR<nR=a+an1$%tBsz3BXf4!gqBPU1}xibSRqT(
zRCfvPDZM8rU@gSr2WO;|66g-l!XV5GLD)yGpb`r1EgTKSU~?y+=uc`)u!V2Jh$;;V
z{YuF4R}S@U5Ftn$lF&QJZC@)*0t6WB2e!bR@?uLiT$S{e&B?VEIQ-BBJV`;IMn6kQ
zB}yKSKGJWx@546uLdxZms4CG+F)!H6ibF%l-$hVO(V$$KD0cm&HO0uTJRMv-oDCJ`
zO15LUVeL{RwI~D!J5bQ(9Y{dg)<g}VwZQmw1WTAwwAh|OPcvTHm}rcs4bN4dz=jI!
z9#*hK3RM<W0w+buqL8;txYPvA4Q@h0AhA&acrrGE6+$;8N!C=XSe?qfp()_VpPdFU
zWX-UrL6=&><|Q1<LJK6$<Mo4ZHBHZkyB*st<XJD{AtU@08&=YkmUL8P_FL*YXPJl>
z*f1{=CN5{wX#z6mkXGVt7@RZg5!6yD=j5G?^t56?Hi*j5WesbTxvwFyWGP82kj7)$
z(&LD>%xdXw)Q;ZNiT_C*Wea=JC2I~lFEv0WN?tHq*FYn<+2~3jVmG&Z*f6bW_KKCN
z4$ee=rU|2wUX0}im>nF$AXI9M72S#f9-@+lFKO;OwD>VDI_wAcR;F?OyjJVB`sF(L
z0+V|bn78nOD7V7~pp@+%w`5K4_O~?G((BB1nt>_J;B&L5F)opah(bF?dfH<0RqfC;
z>N?sj)T;dB-ZiA&#BI39posQVb}+6<&~x&uhJa&)VW-h!Le7a*@#p41Z0)G#<1r3v
z()u7sX5Ct<NgRrECR)i~OX3BX)NRV7M(9Fj87pABjP@Ug28}8v&~XJ_UuVwz<5U&F
z?xSE@`HU*8CTZgm!0ctC674tR9EbJ1ut74wxDZ?1%$FY0pur~!>Pjz5t2}}(GR@FE
z<a6_F^1Zk{l^&$`Y-ubt{!dN#QBZ5%+klVEw*h?a0$HN~8_C|Q7irSj>Udb+P8Aoz
zQ0~miuY}XNl8A_ou`wMGNel5{aZk6X(Z$szylnNt75op&?W3K<b}X1C2X)0H*l7P7
zqeJv?H1F`Ap>KzAytx+b1=C-O1_>*jLz_S<wkAlgT=OEG<+LcbXrnoEvyTSsr%gt_
zG&&|^sFjdE8s`mLXFX=d&FW$k;Pj%`S)cM_tuiJ@(~ia}{ni`S;_{iUGCpPls(0`}
zbz}d*!4!IbvXQ|ZhXqiRCapX~ZqlSyH3OkyS3nw#)1{vT=VV>5Kj^QW5#Dd1^#>(F
zikV5)cg`ClciRYJv?)*#C)pXH4QA_uzqq<IMEXQXfn*P#jT79^lGdr*AQ&fo*nIL>
z4(pX=vf>dJspbd37Qv9Asw82NSIL+S{Z7a=3ozTWp=GjWiYOU{?u2lmN}6SLuWo|?
z5+qLJOY#NLI1=t<-x~{Po>60>T2>;#P)A;F#{}u^C<<WJP-vy&OY|hv)`d8dY7q%6
zb6e!1YukAi6lGIQ@U@JKXk5_b_MR50f&vG$<k+$845c<-z!JyDaaXiHW-i)troZTu
z`fqX9v@N5aI@wn-*8{BHggBs8DL1s_30MI6((|ruT$c(POA&WPK@<UD$sCrslikv4
zB;L0-(!(x18gCEcPRZ>PmO?c0n3?bmhLC_Ky<m}-bEB0y3T<$gwkCvgnR*l6ImkFE
z;aB8)@S%H<(7c*u@?MehUOKB6N`G<3wKUX7owd{f16PZe`Y4m3KH?4{fIHK7{hno+
z{%?q45176KtLH0$+5KEu)1*nRIY|qd=dps4#`V+o>LCoIxMK=}fo#%Gs6B%}R!p#h
zmf-j_6+HQp(4DC^uEO3M;iCaMneCB|q}1NA8wg-d)EHndZ{%@7VW?B`t!V-8_>0TS
z?y(QV2|;K>K>GlCZj6awPEIbeeC>TXlCe12<Wg6gyW-C~3gU}GD)r8S?K6YeCBzyS
z>@p`!eA2|bmN#kQUE}AViF-6`@1;8FtZ7{I7QOccChufv0u?~ArevHAl<a6}6lmu?
z-OdFoO+6~>6L@dG`^SO~6e0JAQOmrGXQ_g%n6<~OONlJCj@N+qkCllK(0_-F<55J+
z?d+UfGut!AUvx7FEE=|^*eNS1&s5DzZ@T$+G|&;eaLl%P{P1UQ-ExU=<1JHleyJDy
z><8q#2cjKTU2fOQC3(*hdB+MwfL9-LDioLEHRV~XN64Z|?G%Dmb<OyMkzPng(9Lmg
z%m$d+UmB(f49yF6$7L0_4<?PFDpA5vrP0;beC0a3+E8T(y(!XoZ5Ts}X<4aet(61<
z8XnNa?aux&Bu-4mh-FvfOUO0ej?auGduGRy{W4_9=bD_+91oC;N_J?^8_a0O9~VX~
zw3$UT+z-D!<PvOnRmr@Rc|#LMUx`N5#q$jnbj4;4?5s`>3U*)i$4F-dajE#z{rLIb
zkN39BL+gehXO2HymshxZLmEYL?f1sW<Z{EylG!k4cQYV9C5^1F=MO^@z=48s&FrJ=
zwdpAUplRRpKo&-OXi-}bzR9r_0^IGH$-%RZgV8&XK%^#N9}~t>Gx;x%+>Cl0O8~^x
zq-fx?ebH3rqYIXizg4W*5-k_ntdQ6ko<s`8Q<J-5ymc{}z*sQ_+;p!#YS|d7UG1e`
zw}CW^6T((Rqnz7DUt+~z(S{5g>sHg_;@!)5J!(W4BiXSOnse`3L^MQ#+vi{arEp=R
z&RS1y**4xdNKD|hX%%e2V#YzEz1awm!zF#2V=Qvwh-zQukG@t`cs9_BCazJCKd{8Q
zITFYq*V`uJ7f<%Fd*QHWcEC2cV{aq@-?HsMMd#gtRjs5@Yo6Qoy>QPBHjwXV#>Zfh
zzd}@YFU1*oCrkaGSCBz65-;_5DVcgFOL+g291<@7fFm;gJq~^~%<_Ut8zbjY&&9=3
zy2Iy+TnZu!v%7m-0W(RQo^>zO-tdtSJLYE&To#QJe6XoHANWA3&+b4tU_XTj5|<VN
z&HQM|RuO?#&9Py{3aY~;QSGnlF_K5&*b}eEh2PsT#=MAQxB*u4X^S-R67pCjb^OXf
z5PAcNPM=1z-Q!GmB{!TfN*x=TYpV0#TDX7<^gko?SYD_(xgd&*RmOZ6)~x4!E*h+!
zk=B#`R`ENUG0bPA!u5QU%N_YMo?2j&S1l5_+`gk*wmmv))1_#LN0;KLuK(GfK~9E)
zn1&<xTV(lSVluVbBJeoT_A&LQLqkxFo%TgW(Va5h*58KE(I_iwpRPSPwX@7*&h8kY
zqd*>LsD_doaY<OC2tvE1$N`(*3(CvbjZR>JaJMxx*-|Z_ULtekwKQk8+l1Ngzf~t2
zMZuJXNtoUVPlo<qb(fameth+)!!!z}a)}|jotrR1f>}dLYa6y#lDsN%sZ8Ie_MM5N
zoZMA3w&|gmwd^hkq>!4l<tT_3%^GdS!32e;jBi<XZ$uPy8%m05o9lIhQ^myc<714w
zF*fyBOx3DX>BoSTvbhjQhac{2ZHHpmgxl+v?s&<#Vlw`KdRz-x34`~x%GcpLs#kAo
z3b^T++fXM4#!Ygm_sLWYu$qDAzg)7Sz_VLyyD3-HXHv=Vq~S|vcy`?}oMW=%OoT2a
zR}8PMDrw2iupi<wvu#tNnb1b2d}$&GuRUkz85WZ;^&tEr%u!(N_CA~w75`fkyd?T0
z+R=>Nag_VxXdsgEkvQp4hb22Y`g%cids_glQED@yfQ%iyS6=xJ=&4+i*KutmJ&1gR
zL=%$+WJ$P4vMR;+Ata%iR>jcyJ+^c&X{3JD%78ZC#f28d68J8{3yBpDXOp-(3!_#a
zDS5{z*)uquzylHA8hm8gTg0N-kTq$VA7ArD!N`j>6@q16A!c-q_0E}=B~8}I3n<Za
zD`VxcB5SEivZ2YE3s)jjxN_P9`4hS96;)!))+1Zf9-H2@20iQMu6XV1mbGt(%Dg~3
zwf6gU*F8f9U~5pF1?B|LhLN_vSuVNUIG-gK9$#kWg&<tskZ$ItS>{^alT?y>27yRg
zPKC?@71J@tTRkM@C32G&a>H$uyv2!w3-D%Duq9ISgtJQM<E=Z*ynaDSTC7;9;Sf=6
z7A#oQ^kI99jc(m}?0R=LR<VEMO+wyVh>(E<GUQSgi4F0ztwOPJoId&Q3~#JNse(*9
zuBj((|M%a&i*L4eT))$In)kBE(tDl`7kN|UL<2evtt7&<JE{|G*m!w=&(jf`0gpE~
z!K%J`6Nugg!c!(neYuOUoOS}xPRT2dCHVk0v}f5YxTxzp)(0@;1=9D*8u}G0v1k|+
zeURmvD88w(k_sj(m2HFQ^eGQvn7L-`BVL3!ChHz=GFwR7;)y-5LAAjKsMHy^>AB;)
zu4o?n$P!a*CC{oA?=6k>N&Df~t-UJ+MZUvF>2<<Cltt{<qW;Si18zFo)033tObpcX
zl7hUh@f0`Y;Jr6}yngyt&BwN*Sc7AD8tz(VsUqxSS<v9e6S>)FLDs=r5-P%^D@t{E
zC}AM|f`tKWaX*lu-10EkSDL%f_&H9)v<dClX202&A8sZSibL<P*tV*rgihYB6ekd4
zbF);l&;=SO`I3lm;9_%jjci_PpX*#e`08)4hC3CIj*kG&AQ2h=tvb4r<7&c_H7gCa
z35dM&F*$Wj%y{Q9ADd4#+R7&HSaHYM{kh5bn%(nqJu}J5=O93y{}TQ)Xl+2H>LN`|
z&L-ANHPspBUW?Z=NbNZz6;FRZWEC4F@(da;_Hh?JcKi1w6zq*_8)TksSv1U#M#%Ck
z75&zX9t(!Kvxb}6Qg-$O#<(7!Zp9t9iJYXUgy=uCDAA0TRIzf%9M_c3>UT8t@b8HE
z6ZoH4O6UN|FtumN>~}`Y6AdU!S-6d{?S{hi*M`@^xAh(uEE%YN9EJU6M&EvW`Eu+w
z>36Ik2>)(wRfNY6+&uhmm9K(9iGQ~_2G(J#9K1!Vgw-a~mt5V(wc*-%t$DTn_~I2Y
zzeZ{<-FCtuLt#HySyzldu&2!`VYMqI<?8m3)?WLY9^3kY?L1Mph6&=^R#xQR6c{&p
z$_>w-lUG7j1*@9^wLUY1!;xAGd4;v+)pM(#1ObmUVYbbbLD&zC4Z)8^*-P6t(IGA4
zaqOizElN<g;*rz6Vo9O*gE$mBFPAo<r|Adh$~_cTvRw^1&4qjneC_(Okn@z?ovV~S
zJ%cI4Wa~E9NfkMIdNe23e8V$ZWLOZ)RYkMUg-znJa1()`wkJpAL>4fkgbI=|TUg9c
zm@R4r13KHMB75Y)&EI)CN_08K=RKC{o0qO$*3PN{wd9X4Ud_q3MwKya8L66Hzs6~J
z;!|#H)YUz}LJ*_Rhj~Ct*WdLy{1h7&wkHg0CWujc%T&C4&+^`I!<Hn454Y^UywpEP
z#i5lcEeS<pl2jQD`Hj%}J0~w+UA=$x;^OAj%je{e<_p{xp6BF7*5=}X!sAl@OhXYj
zw=*Qdgo?V4B6J?0f?Nt-x-QpY*)PeYFySK_s<BqDIE4E!VLqb&-1tfWC?i+c)YVPB
z*U%89P1zQx@k)a0L2C;Wq4TN!9a++#p;$;~ry;VyW_hO7{Cs{qhn$S#`LPwmG8-%z
z1ZsFwJsH1$Qxoy#gnVO@Tf-6?--*|BVU~3Z%Z@J$(H5{<RSSQzCTw%X?@TSngKg3E
zbfS;gyPQ@HeE;U~dEjjvF$>e;%giB>n+<lOS-X;FaRn|N<v45&!<2RK=!dB*b^%)U
zUfC9XwU4(nRQIz<Ne_oEfLa6eYE<WF(_%~6dQgU?ox4e$zkhY{^6jhnCOw2iF_Gqy
zi*SjCRv&Hqip3rKgV)K+)L#nAOl}`bnafPBx_dB>*oa?ZF!GGf^bQ}c)|Bfp8cn&j
z8&a>#N%Q48I-B4pU-$zHh3(xK@^35{UM%PjSgyS;TsbQ?9CLpf(qdRg>XjrPZ-WmN
zBHb117c=|2@DGwfO_8nw$lW|!`*f2C<^`L%?lViCF{s{cd2PS%R@9~*YniilJbXLb
zwnF(lS*#Z<n9#X0HEXkMTQ>qU))BhG&M<}Xl;j1!;~86p41sGdR$dh?zc!btSJyP;
zzt#V%u5-}~81BcrZ*HJ*FZhcOR&?}40w_VqY&HXv(#c=7%$#PY<a=hm59tkM!IP5Q
zucd2~3TqoaQMjtu@6Eh@t|4go6WL<}4%hq-8|$I>_#pXu4+?Fq?M^E6FmfK#D#_A$
zO4N3fadBHWF<MGfB#{yQ2aCT2qv8C5Hg`A(0}iJC<tQsN7?kxr`;#RTCfLJQ=8ukG
zbpsOnPrUL7)&2mQ%T=Oy9KnT08`M^i%j*}{mrcLOp7GNW0n|YSxz8`s$4p^04<oB4
zYnoqF<@zO8P=qmFK-qcI%fY}-!NwawxZda>qSi28{ORI~&`R%KY1%X%C>hjiyv7{o
z(JM6X9k4zN;W1YCu;KF!Kh}WdotAs}vBEIT%trgM!v3pI5Q={wr-2*&kK()Hf|s0@
zvKZwzXuRc2D3vPZ25%UcG5KKKig#elyIk%9tn)%a2ZBAn6k018D%{+Re?B9E-J3aa
z`#$+sV^)N2AKCAoN4GDpTNT=luf|rCNFi7<)HFBlNd6X2_W0jK%TkI<{l68>aQogp
zgqg3o{qeJFyk;j_AHzFmFR9c(v=<d-Wo1Ey(&yInmmC`>=P@}clRW6(d+;2XtP;Ms
zg7dt=<9Oq8U_w)RU?(78b-YE(JnzoOpZ^v7jlAIsLUV@t(Zj=BnYOSXxm{_cljnb-
zX<9r-9=tS?R56$^Zd)->;k?)<<u*6Hj&5FD0Tf04<u^}2lKbk}Z=M7X|I_B3jJ70w
zQt#ry;>`Hi;zkTH)TYo<)-{ILYFcV8IUwHvK}c(^5ih4rv9VuxY^+UhL&6k|c>YU}
z?!8OoFw+D79llzl=$l8wf>0lZzCDPd&;Qmp)tP2?y?^sJd0#_8=;AdmoFA%U(we|8
zj7dT--(COZ&BY&Hy@7qh=$3#*vRoUfe4n_-_*>g|zXp#@#5(On%UvhPyVutZPu-43
zuHS;v_S7A!I*DcP4m^^*)2lz-P*U}#Ky$ca{+PD8z=Fw7<c`uS$K4q69F2EG4GR_r
z2iHaI=&;~YjLE<}#^<ffqVEq9pF)#=P57BoF}2s)Sof1+)<Fi}nOVoaWIpdIMHENj
zI$t#<glrY1n*If@mC0bU1&z9DBiT3_y79Vc_2c)$)f;M;nS$~w2N6$zFfKaOz0yuT
z?%A#(g=BXt300Qsn(#G0OZhP<^TB&f9*u50vi<#FmS}KOI`zJX(fNjHhQpb?DZ^Tp
zQtXjg)AeH0X@3PzycjOnR$~OlFFRKf^cglhQ3~r+YPysTxT8O(wEBlM=^uJk^K?Wa
zn||2t`Q=L^VcJYIWsr<SU>VuPv`6RY>E+A4FQzQYds&Pr($RdS6+vVE)=nbr*G4|C
zyLSzDuhnm_?+%6~VyCo@yn<mri1WL(uHff&_4enI163Iu+YGK|uc{0O>mP{nBWR9&
z!5A|1!POLpg3-#mOOH)O>}>X?B!&DdlnRX_BKB!C-eZ%hEYqhVh2I9t6jtaDx5pMu
z8=7Mqc#_I{aZigh&@4JC%>fZ{s4QkP(V>0^g6qJitN+J>m!|f!sSxey+F@6TsGX9U
zjA)W!zT(-%1d&NeGuzsdmG_K=rO78xo}lgV$!~xATLKNjQkL*d8wkOte*N_6oczCw
zx1o@JV%p^@tXPFJf&=jZt26TN*WbLW>!g~$1_7H&^cqLpcFxI5FZ|B8_0e)Y*kK9E
zB`=p=X<M!=Wv~TD_-bt%kZT;v_&_CjFsGnh*w(zkFiZH3<0P<zGm`OJMwSX%kB4(f
zYz^gtDJ}Aw>ecw68oLw=79o0AXJkZA+op%eTxQ$M$aL4Tf#gUF1};N{ldtj3D+d*i
z!4#0G2@lPrSiz|c_(!B4Y{XKR#k<W1JT~z?qY{kHz9}kI{-F|S7Ew61vD%{-I}k9o
z*Q93HcGgk#hxHkKm_udUvWEAeZfU#wu?VQfbgu6c6@*r$oIx3S8*Du%KL`SKmCvB=
zaZDj|BSG!X$2)z$mU2w3+aE*+JU4rN{fwh%VY_O@PF2tiJJZzG7C3HJ3sih1Sb_GK
zxTaCG)w2z@@XshiYaXL-y&`nAg6<-BF{dOnp~(1;bq&KcBUi89LJT;F#99<9nZV@6
zxSHS^0c$aMPRJ`IOQ`6lA)5nIt}r+Rlgt*GOv2>^a3peLdWwjYz)NJ!XllDpYq2QL
zSvn`=g}#hSp3pL?nW26=Wof15YLg?nW<(Y#!}9n`l6U|O4~o2AzzMjX;ewY1Ew(7U
z*t65b3i}g8?l8;>yEQ`gRao37qZ`@*o?VaVFWI6`_$r8ayO&FiX=(=zbC6-Tk)NP{
zget;-=SD*0_UgGfHCE2G23J-z%eFK2QIltW$6}a;9hlN;`XR9L43Ro7Sc!Fej&L19
zLPo|BJQ@ia8W&V0Rz2tg%<fpRHL#=Lj&E?dZ~x6P9XO*wl0f^)jvkyN;Erxpv`3G#
z$LPcv*^6@&#9L+vRj3>1Scm{{Y(LI@J96&Plk<_faz0RB&I6j`?bn<0(YkX!Qh(0J
z=+JpckIn-QY@a@zkJqX5v3hkrMz_vK?AQ4y9XlVTXXgQ3JNN9{c>u2O*Sm9{?ww=%
zckb1}bFUtr`|QCUeLN5C<hkc5KUz1>N9*VL$Q?Z&qo-$lSI;pZP5;ja=<B)1y%_z%
zVck9B;>K}w>bw>S_p+K1G#!~L)kdrAQB6HHHWISNiiT<*cWfiCyR_xT$M2!$+C|0A
zNGio~Y0NvhOtJV=mB*|2UI@Qtrn`r6qE0pXisM-7Oz$Yq=pwUvK7=}<jSrHKZE#iB
z$71KLT!jW9f!08M3jc%kna2_uH@Qyx<2z%1Y~scE`Igd{YJOye>@xa{LA4>@Ydwa-
ziR;n8v-hBR+!^-~v|{qAb`?@ax80UtAVufj0#^Dccd9<D&&3+&nXl&$V?4Vtg;KD}
z$<h?sHw`H}CLRghrh8VRZc^H?^FI7}#S5ju0NwW2qj(@X$lua@q)W-Y=l5|SbRnzK
zX2;^+Ben}FpqJ8m-yYaFJwi2Urm{llK{NK{j4+z4wFou?Atw^2w7_X4%a?kw&R5pv
zJ0o_Dc*yDnOc=k5i?LEB$S4*f$e6;50Jb(bbJy(8u>M#%Znr~q#+9D#E!(QyRmAcW
zyVg2&Twf0p>QM>r8)Nnp`f5Q6zhb7iGPQO+FG+pPlURzyu`#cKXfeSZ_E~IEhk7Vh
zRyj@=N(|`LGNrH~GuhDMmZeUzian((y?M?&QCOx2QFwIQD6koC$UUCVkCAV76y=P9
zG0L{kxWaE~uFxW)Wg)P{N+=FnuHzkYIA}y4Er0A|e;#Rj?z20ab(-5W#*(v_qP~gj
z4cs~HV~9~{G#zqLE29iTJ@HeR0B1S^j5BJ51E^e()F_xy0ac?Qy5OsU0INML$vweX
zUcl8Tpk8p+<r0WVXA#^{F#VW1C%7qe#(Pm(<NRWEMAtyn)+n%{2(MNY*C@Dwh_9Gt
z;C94@fbA?RDkQ8u;`J~b&FE0C?r71_%tm>Hy(0l_H1~+-oV+y*ZzS?iEdwi=Ri!I|
zx;N*<0SmJRM66_OLDt-K^s)_0jAz2;)$t5sti^qdwLMZD!m+0%G1j`irx|dth(zS-
zK5?lD9AgVkM1qYeOM&ClnHue@w(W^4GuM#hBNr$OqG>cJKUUnv@^x{{f1KHC6yhIZ
z4Y$Gd7gv`ftqI<nJ@y3ei7(coaETTLFMx@>te5rO81W}squ*b7+L_vG%_{3Sj%c>w
zA808}%0kV2>*k>GP9c*&420$p6*7Q7Q0%BZn$-Qh<$lJhiq@F;S>uqlyiEEWoN<H-
zAxjK~IYU$YC`Tf3VZ?r3cHw28jglSrjkT)z!$CnS28P`wm8{u@j+V3Zc&$(7%7~YB
zBr_>lu~9@W#|MA-8EZ#(Pa~r(>#=u$#L_P1psl^~3P_{P5>)JLtnx#=Y5>lHriuL>
zp4}(fmi?kX+*Xbjlt+eh9PW$8ahOG>!xCeyE2B;+WQjSmV$WFRDrAYV)|GKEA0V}D
z2WC{N+bEDjmKZpzQ4ohMF}`(W6zG5@COThk7iLuc+-Qqb*b+mMD7SJweqNRsPrR{Q
zvtgAPZ|LwVyjjysU3)j8u0?woXO1(<$fD6;>-cy+KOS>Bu6Kb^+p2Oo`xnAQB2$|K
zwB*IeNopazwgLDSEg+N5)-(Rb;QGcaa4*(sGqPVFEHKw%va9+ZQDv(=TuTxoFV`94
z8Q*Y|4W`K{QzQKhCkSAk<kgu0Hs7#~EVgG3p#I}X##Yb9K!a!_l2k>(M44?rv1IP{
zFFu5%9?b)Foej}K=47zZ^5fEVqE%<LIY$4=#2vY#MX-KT*VtRQPWc^I<1-_u*nTtW
zY7nfkxffw?zP(q7bu%i+hzMwRmsOcprQubhkJ6Aj+keB|&NHVkjRvXptEa<xjm?qM
zvSfvLPX7NVKm7CGXQ#hEIr+~gv;X~H|9tYp9RBgE)8C)|-Tse%K0Q4-`OiPU{o~Em
ztN-GsfB#QWZEo>@{r%)W*{lDG1af-%`~Nj^q7A)(i*hE586N3#h=3dg&TjW%_qt~N
zb$ga^3IYKoL6iGWbaD4n{|3AA_s#Do(f-D}TRs;T$_U_C_GP4v8DHu#FPlH6w2Vo4
z{Ol~tKSit>mT-@RIt8kI!GUUc(hbu9#Gj3sYebY9#-Bw3jg3+R7k4!3Pf=>aV~SFn
zqSU4+wJ|WKD77g{ZHiKxqSRu>6s0yrsXaiH8Y*oav1*ZvGyS>hK(&9QI5njaEMXT(
zA}dke$XgZ>fYP!h>_C7PQ*GNqj4c7I54+$VH-wE=Dc5TJ9yn%S^_x42l%?(uktk-U
zNvT&mCl{n(3D3DHlR)uz#5z;>IF{b>Qn74_QV|t(+2q1gij8u3z?4xO0*Z3a6(edb
zt1Kl2`>XLs#}a&8|BW}BM$`~&v0K8piPD^#-ZPIur`X4w7l7>7ERiDJ$8fa+qZXOK
z9Tsh3Nvp!8s^8I!r@Y*{h%mffTK5>N%w7+Rn5sT=Li4<kG+8s{&HQY{X`2%EuDESh
zt++s?03d5AG24<tmb8q<pxq_<SY<z{KN1NMMYgioLVFfzrsM4c_bx)bX-Q_OZSDCl
zPqhA<nA@&-3^W@nCCTFB1~hkC`m<_$;@JRIK&rpjWG$;g&0mi5DV35ug*VZpWcBNk
zWQ?kkJbgkoTvTOji2_e$`OViOu3@~gvS(2PUqOL?J1r%;aw`FaS>szSIUc32tr*rd
z9#uqanY%9}%|7zMVNre%(BCS#*p_jvI?S`p(tQ8d{J7ITuy@{GTS3!4u<jn%^HPkg
zvMOX1EK1N=3p{N#Wb09Yiq`r^+YkxN+rg6pID<#@Xbmp9dQ;dFiD~*T_vqjkg!n*h
zgA2Cesw~Fr2)@unPE#sL7GzUpCC@XrJHbV~x4;aS^t~h0Grd#nEQ2jwbIQZS_r%SC
zi4yt@Km<L@X+hogCvvl)>J*(YgeC)A$n-|je6gTey$fFK%c00wGC@VqciQZt3y%|d
zFR)b`BP)K#L<=iPgvsa+G`VFWCEqH$Iq6o=jcI(F7xIp4<YZ|J_CTa8nx?TXvn`#D
zV%4ELRjCmTBlW{W^hcrTzu<QXi;+b&%tIG(7i`_MvkZHj-mNeNe2w21D}!d5tc3M3
z+nJ<=D5lW;qc=3RSEu)ZAUPf6v&AB=lg)9lNSie5Jx!$|e}GbDFBu5!KCkWFmv#%^
z-B!Jw4My2Vy2&%9=C}U>wl;I8&WlBQ{{Gd)%eSxQoAi(-lOvmG9fv#EHJUqzd7a*h
zt*ppB#X5_o^W6>4pOaTYRnTIGmaWeW%4tAK;`-o`S7vj=66Gi8hIeRd*<umav(bdQ
zmiHu;<Q_r}?zHX(UVUY)Dc)f&3mM+(L~imzZn&~+#k6xfxCbZS(A5ZZgvXuH0q!RL
zWGa=#S-3~twqLI0{j8L;O0gLa#=b=@_?B%U5HNbl=7omtS4uGQ!tYwxc>jl&->M<I
zktbH4vobkPSiU|t(Dx@s54=4aDR?Q1_;y6c_6_8MiOe$7D@HEK3zn}P$kAP|A9(!{
zAt#Xva*Puxmon&*XtivXGHYHd_yup3hd9MzprYPqf<_PAlD*w<Fih-4cY|NA|N1A}
zrr|#8Nx{m26p(hSb@K}7=bodHR^^(Bk|$`{Rl@;?KItNtOVlb-mO}5Ff~QOoN1tjW
z41yFq`xLty>%NI`;Er?Merl)eSa)ocqjeOW8#Ki2=Ug16FCK%!*dUPb%MO90>4p#F
zM}HP1a#$q;xvKZCmZ|Qmk*S1c?DCr^t;{^zRLri;k6wS~0X3wrNBEx|@(>}@en-L7
zAH1m%d03Baiw|YmD_XL98qc%M^LG1Sbu>*2rj(_i21|lVytuj~e?(A+_bD%AiQ?x=
zxuHB5sL<}A+j!9~%4e`Ki@9=ehyk>eg;(OY(t4}WCx61$&^sd0m(v=0yvS5bOrBlN
zrWj!4jy|NA;{~SUA{mHcLUC{cda*2~g%4MCegKM9Vax0rx#G4Fm_{GmSjvO-XeT-7
zi<g6x%3cY&$ikl1CPKSc$m@)*2!sD|o^qxCORlfqfG4FAMi&U~0{9jT{dF0oNE8mg
zt4QcZHU9SAAzY-kA*feB&O9*~tWI6}4F(%67`a*V<o3#Qp2$M~CcK}bjW{FTi^4Or
ztgA7G1MeNnv8-TrZFUL%MwOBYA8Z5+xBynJnvJEv#tvT{2s`l$LpiF03)|B-PtY*w
z@VG7)c5e<|4C2*Lwtt7K=$)5<XBXwrbc~<K=9-zqwqoa+q88+idpMFDIF-F9kh=Tm
z-X<eB_Ws>5?EWW0-icx5Czuf1Wo~IX*6}yvUIN;Z%e=}$L1^AKAMAg?Ote#QCC>N0
z8{0M~wr$%^CKKDXlZl<|*tYG7ZQJIKaq9c|os0iX*R%Rr)zueoy|=^%;SbKX2X2l+
zEM<IMbd?VpQk?0-)^qvIt)_w;FKDg7%qDOKKnhDp&^9<d0r7^)@&k3s3R=#)qj87c
zZ*Rrl4`6r*POBna?mBb9LCjG)iuuV%$&lp#pet3~Ow|xSNcA+zk*0Gu*z{;Q`DhvY
z9p}2{5`+A4r-a)&j=?{0Q#}M(vAei7eYxZL5mske0_LvnQF#viIXzL#<x5}fkzV(l
zfX5NYrv4G<hHP}7Mx9Alo6)}p=Q&x6_*m8W1S`mC={^da8>B+FM~)4oEcD{b#c`(^
zZpO3XKtA%Pa7M}NO$khJ*v$DxuP&8q#?0efApWs*bGLqNfxDOzK%23|PZ|&<L!hLC
zpycH6mjcY0sl2#mxxtL3C?Ec~J3(k$z~H2+5h$D;IKziGg_E-)6VYdoFfO{9`dj7j
z;HBA*v<cyu$P=55ao6siv(K(|s)QVbMUGa>Ri>*h_DikA$q?isZKB*&HEJ!LH7@$O
zY&#cr=GEle`4)dEE{%J<qx3FD#87^ncYB`CE=HH(wQ$t1ApM2@Yvqi(ND5wF*A;-R
zmHvwc#}sK%-bn3CQvkndTcli4x0#iYL9TTi`h8DPv72cp@`VH`$gQQoxYU8U{hq%T
zZ!3rsJp<iEE3qZ`7+H0LcHl>|0YGNed@_N2MhEKYbA>DmU89#b#&7L`V8Y=J(Wdnr
z>~j#|u!UPlKy7I#@@$S+pi={f$zi!)3srW`=InRl?MIp8J1`cG9Y!C+HEJk{LMfhW
zDUgU+j)zGpxSyE{B?0m!D^uPtUPP)FgoqG!tY>&1TysvCt`U?VClfc77sp<=HR0&x
zV3Sen^F3r=8OP?bhGJx@Si&(ioj?17#O<Nqs{c(c7vn*@+Wp-1CralL?$v>vVzkTV
zb+OmEsKPlAH=8r#s4RhS$oViK?Ad~Wi+49*B>DPy@}33!HTPI>Vi^8xcbvE!k0ivQ
zBA<?(HCx~CYyY}p1f!nFpx4$X-_HtO=<epOd1M7E=Af6)L2!_hU-+c-*ifvdf|vVL
zqw5bO6!h8#_e4?x&W%@_j03XXn4_|=z~vW=?HN29cXXT(gwgY6=#AC0s69K+js55f
zcU%!RCzON{5pl2Cv9t1ux$Cs0ENcfD)vjST&ozLyanwfS(U*@(2<G8yI17ruR-Q!r
z!fQ?hrk(aEJk>_itzmli3*U<~;Mw$Be8|_KW*10zbhG|>zR07yeJ;Aw@Wz+{PviGu
z%Th1KG>}<>XVh5Bj|!s;w7ppme$udlbD^!d+*5HSH#$xEc6D))aMqneq|*tq51hjY
zF9TIGVmB-J)it8O1Gq^)Vdx$kX;)mt&_R)J{zIEC8Wwf^k0xs*!)H3Fa_<-`avvt0
zXe?;$LSraHN0?1a(}`v%w_>GotWC5*m2E*na@Y<KD|Hd}9#q^-Q?9J*T+g;`(y$6*
zbt2rMk#&r8-oO{J_M5R|0!Jgp_N*q&70R+L{mFnPe22ffv4Fz9JZB(P0QQM02+|Vd
ztT5pPZcaH#eqpIEdqpC2Ltwh4UOXa1l-YooLTzs#lh|a7G*EpR>?a)z5~B6odyLRX
z0iUMJBxB_5P4auJDQ3p3f!D(L`I-Zdx7Q-t1@Zn<$+K_9XZD_S?z*T0O&3Hm{u)QC
zL!#veu%1=2KZTGV(W!X^re8^4GZ_X`0b$5U?6BCSh4D#%uECtI{`gf?FD*!Zd(`rK
zErj6OW||U-M;)ZzCv*NEq0}q;JV^>`kP+W|?Raoqc;g8Y-{#05(T}nrE6Wjg_lgwc
zrGG-vPyFR2FVLc{>3@)sE}%{<INkU)`<)<WGjn!l7ggVXaV{8*5zPz<b~EzER`ohN
z&Zm>9N_oPhAN0od3yix6^lmhZYt`l9D--sMDFw$4phc+YZ{82xultcSJ}He#-NjaG
zSX>k9J}{mcrNONomLzJPp$S>ZUt(tGN)O+w+dyWjjpIIzKrkO}{Y-&E>MgBbXWCal
z{8qYwqGE?tJqNGlt7b-lDX*!^;T-6L<tXBB8pi(7YP5uP^8%5e&Pov{hmH<muE2=a
zaV|Ca-n9L}Nf6PvFIsoW<At`i@I9B3UAu<J)I_u?VZ!IY%rUeY_H<dibn7u2uxFl@
zfmefmKGf~yvaJ~nrn+9gkXTQqY*xd9xJcHJ8{wbMM5;1oriX<25UUxI<_k=NqNBS}
zMBcsE1$I3wtw`|bGdC9xM}-O0#N*$2s!8!0Z+1W<y2eyh|9JVZ5tnHC>*su;@(~&m
z_Z0=1v1wOG+Eu#}H)Q)+?~kqy1e9|(o-H(gtjxz-4Xh@?lU9<-iwY8x%_Dp}{{n~0
znwGI8w*Ctd?0kf^zyQAj(a(~Y6JXoev}izXEFk2Qi4H2b|CWilipexo5&Ugd-+HEN
zCQ2<1ijyy|OW7p`fnda@nZJT8lp_@K*SmFm@*4N8$aN>0(oq*dYTR&3B{#^p{llI%
z*?K56U8pPRMvAw%W7DQL2^W)YF7I)3*-O>-Q8hO`gZIbGzblhMwLB?`b<WU-S;Rb)
zmk>@zk#$D=Ej{#xT&J&n4Ye9I_s2zA#V(E91;|O+u|=G$FUT@RnxCvMIDVY0FPNC~
z%`$#$h%g<QI4LsKSw7*$UEb(LSS!*<#sj78d7!I?k|oyZCjFdp6qW@NKHyY(a>Vhg
zKlrk~m_MYE5a{B(c8N<W)Mr`UO?*p!Cr}Z^=dOY68@)ZErBnKoLjrPWbO+uA3qg^f
z#q|68T*I<Oz1Uj8VLij2)B~NgQCf%P1&HyftR@00e4}Pi$f+H0`EaaMm$}t=4FtI*
z-0NC-uUp?5(*1&7zb0?k5LmPQwNGqbm&az~7g}8~<`->}c8E(+KVW40*C?rhup}H{
z0$`D38TP|D2=`}?z?Om8!DDK)Fs+=-4O-PgU+#2P1uSlNclf_ACk*lbrNn2HWCYnB
zMs5$ZfMx*EL6=2l8qtF=lvcrFwb8H?*MXqPkGzCj@h8xok*r*hFSEqOnw1V2B(7Q+
zBGpTThLUT-!mM&>C+N?V$U}ugl!GrF9QX-G2bWqsT3FH#L}Kc70?OyvtvT}e#tvzD
zLTPs73h|h4zP<d#d5sf#{uD`VuGVc|JYsMF4qzf=WibBvP<zysYWGOes9btj@Y&3$
z>xm%Lw;G;wYXML>AF`CYsG+rN<ub8$aPKN3YByCi?nPIogbh+xxD0Et>Hf0$-B?@=
z=dS1?C|BIRsM?HS-76DN;hZ*AE^Wd6NZEFd%~qcJzQgu6_PX6nVP7<j{gKRk>*H5?
z#h|MLMu7h4G9tEjU2CbBqZTb_CY5a*hJ*M=8U5^$X3;%kW4MWtXb__}ZMT%zT4HHZ
z<s29^3FKve<Q#_2@ha#1;Q6bJ8{q5EuknvIvKnHlk{hlf@Yn2^#7LAg__zpUT1JUz
z<%`A$9CSxC5yE&mt_DsG5`6o9Vn=9K-TD!UC53HTbslSw*;g?f!`nBF#)M***6)_~
zB9U3JX+>zBm2eu&Go5Aar@Tzu<r57(O`K|v{HaQj!#=S+ldvrH&Ymm1`#o8D;0HN+
z>6yn;Veh(EP3-U^BAu129Is)A#e4jsyPu2Pua~8#h+^H{8fO~iuhYHt1%xD~@rc?w
z-!m=x)M0?FT&^G=c{H5Rhfy33d!5z4fbUgb4~O9VpBEh)SbbETpt1!B8BrH4g_cPy
zu$N%FIk2uL(kCQf4H2WN26H7@!=3>Dg$K5$<LA}Eu|QLY{hb3>MvssI6oR3G|9*=|
zwNk*q(>5bcXZcIE1b2aBdak=*xX;=f)z=&2Nw=Y_vE0{0JFN(Gm)T|<`PJJyBh2Ss
zcxxB`srqCS_|&JLLRz)E@Nk-P%tOn%V5+oEqR6AKX}W>@3IMTRHoPpWNz{-xZ6=Z?
zJh>r>XRp?`+^5=tt;_7jSm;e&nuSiMVINF2Pej^APLHta62pE>ro+6O1lOQmJ`s@t
zT`d`LiB>0DusGB_NOH{LSw+uaA!~yO{w6&P>_x4{Dv@mdJSo||wAv}7x?+UKRu~bn
z7j-JTyKsEtJF17b^F%(fk`rHdsZ{W*wPT<B*E}gGlc?00?y;ppLHd0Q$6o_K&=)%Z
z=Ch`Kj8PageJ?tq&~WuW`d14MUUF}9#j6B(!ShK*swd9W{hs))g#$3YYoI)<7@EN`
zP#XG|S+qDcd);{sLue8AliP&O17H$a?iXL#?wdO5dy&ZQOrKl6){DzD`uq8>?B3yj
z@H`+!e|z+Y#56N@mR4$P^)}nOv#C5kNqIb$dW5b<BIu;~<HjxTN&|RBsy|xw4*gzg
zc0KmDJ$%pHXJdqS-WwhpkqwXUC~mrYyB2c?Mm`H)7`kz12MFSY{u~qjq+9RXI$|-i
z7ghIx4c@n)N*Bl?H9SMmm3CSHeXpXfir%m8WLM$`F0Y{x<$qL)h?9T5^9(;1*@;Yk
z+32QR@YATi1~l=$Bv!no**8MJjwDkl<$gY|_Ko~}L;ZXlt*_qgS{V8Pmsk6|9+Z^&
zzOU;79-q!v4S(Lxg#^5wkE-f&ztFuNKz4};QfaO3m6USl^d}DDo(0QfJN2RV_y_jC
zKf+=RdD9g|ZcoovDlq8ez3}etmbh7lSRESAKCf@aKig(clx*vEYc0%W5_7X=I`ykh
zBIyC@?{op{1KoyG=1qo61<<pw(>x#Ate{rNwTX9&hFi{wf>cbj8WYn#V$&qaSO`*m
z^^)oe3*{(iAzla_a&sM-4aTj;#<j<362na?m>^sJ?>FP0=UOiELajC#t8DiC(Oq}&
z=;)$&mlyi)Ozg2si#nK%6M4xu5h%GioDA!58z}ofxruSp;eC52&BgEx$zL772(B&a
zYA;Ppb{j>4jA30Y<<#zbl}~i+D%zs3pA{yU6%@bU*r`ifizhXfIBcS7?9>Zam2*>_
zo}^9I<XhP8R|uMv36lni=XJ7hdDj4oX~TQ&UYpO>q6atM1}v{?{RQLq>)F=tm|eff
zTh87~IjRBVA}i86oueE-R_K|%p4Io-%a5)*{(ym7rSAY2>YrDKAIZ4gCh@3H3wi;;
zuR5<G5E~&g;<Me;*Vzu?-rTy5J}JMcH}!n#iU#_sB>M--ISuq|m$eq83m+!xp(s^d
zfgqrZwE+b+KbnrGf`Yq8KB@5mf9+@9L$Dlmjzlge<*A<beG8wjFojL4)3^+)#lgYF
zLswlbzEB&)S9oX~5aukwrG4|@1obxDcN0Ntj*T^)7kEJon5;_m2QXwhwpSWB8T{tz
z2u0#0ftZCI*`nSQMIl3gn<F}wy(1>HU9ILWqS$QM1T{cwRhiDXd{Srr!c>JtCc*-_
zh&j@`Utq1_RW_d8gQ03B_Mk@M!=m2<4MLx*1_>^*WkaI}IpExY3h51S^HU@DiU^MQ
zxZ#nzB%i~Ff;3QAEE2T`p+vW0?4a&JDQ%6-*R}Pm5C%1dv%a4lhu=FwVTp-a%GQT_
z2)5UL4t{QK_Z$PC<Et_EHaU#z#}?f{z72oH@yfsLW(He0`NCZ+HB&6rbZx+2ncvXD
zetk3>e&G%R9TckPv<-UG5u=PLik_SN{pDhP7)x`Gc=-TUa>?`N+K8IFK;2n!lG*3c
zkI)U~&y#s74{%QDD&bd15H9nWU9x^IeTl_10qS3<b2L|`&{MF>m?j!WJ~84SW}<fJ
zKZJ6nZ^LE$h;SEMPfVgr=>NFJ6~A;h6tDceQvjb&nO@uCGQLQJeS;Mr`kC?@u?<ZD
zf~^H@%4MCj+T`p*n^#Er-XAQ^pV0dn{ezhe(hE4t?MNwcep4mJBSvKyhIiFnokld{
zg@2yX)ZZ%eY19-3+!YyFY&m)kM=-VP`DSj0o(F@CaOFtlZ2!%Q_vn*07^^ADt)c(W
z0{qT415=wZAB|@G4JOR2LP?qu;?P=++VmY1`+GY;P_B0mq5n>T;yA(pM?VAN8orTn
z4u$HO_5t4lCT|giz@hz~FaMmI^3Qy5GkFaEXoDV$KZ@J&1{{X|mhO<vnBKPx+F0Xt
zqPOx0ldRQ!0K|7WA*USe73#F*Fc0+E!Nm;Em48h{F&3Cb0QCmvZGf#FU;OHvv4+vZ
zOk)#n+0N);W-pOmT8YLIacBXpe#)3KyN>DOGQl9~Ey+?h_(^6N4Z3N@d@AepKRdSK
z96?T+5P(}6CyfnLBXy%01v9yW6`r?ZDy6UbbUPdU8!VT*4q<{*R3-scvuccE32iA%
zM07jknLY`ru-d^4D{o-!D<OKUKf0%tqaLIT`?kbThJp0<{j0cxGqx3w$lY(lDm={^
z#%|Q0Wd_ENMZ1-M`LWl~qqSgUOt>F!Kg~+W*<4y>s6I*olP1D{X*>C!{Vk^^M{*UW
z9N(F*zUE|@0gJ}3G6^dh(@P{%eYX_^yeK&Y3RJF>eYI2XkUd_4isF2ptTKIy%x`-O
z$jM&{7Jr7ji`G>PKbOLzx#X)S-0TeO;|E}Pm<c2q2JA{$DhH4HybJrA%i`f=QwKO!
zH(BAa0JXQo`E(i6^5sL_>gUFcNA$_#*GU%DbUJj#W_gW31qIf+ed@!Mu*2w^RRR&o
zTFAD^3V6cg9R~2Z8b*@L>oeHbYx}PuEhPQqS|bjT>l&)hF8!wfY@Dae9k<*qJRqFk
z>?M~i>qS1&{P15Q`I7!vu1@h)gI-HQMKyFW-i;DVVZfW+s(T>GOwbRQO74$|6?#|K
z^02s6IcgW$S+S(N^}kugSZz@lMQH1nmF~Wz3SM`nU>DAsd`vMFGiqq)PQGxaj0Bpl
zvmDjY=BFQRK<jM~PuQcb%Q||kkUsTj>TgdSE88x2;$D5&bANweB83KZQwv=Wj0g)k
z_F+U|5<m!Gxucv+ZW$i`q&}ZiMe$(Nrc~M~7JUw7{G;$Bq%S*Va7<w>YEz*DI~)?o
zwBrO@jg}P4n<~SXpPNQ1ypy7AR|Wcjddw(K(D~ggCub-UqF1uq5c|C)a9HJ5F$0s=
z#B))}es0rc*@j-$XjBbRF^%ete0ax*ud?cW0RAU-_H#-lh?CKcNW0vYh%Wi<9Jg7b
zS~i?UPZ#E}#12HS7G9^u(NMn!3HRbhotVE>SY8B{e^7znIn1sqRwdM_jf9F(djm#d
z94sswW082$^sDms`H$0{;!*|Q49FOVVa+wqV(>C9ERxGRT>^sUw>7QwV7ahc4;C`I
ztfnoQdmsr}#*(5oF&CmcVq6l{5kx{t`Y0UZy8H>DSNwN7NujeVIWr4`)w;uwRIu`Z
zf4=Dwfia!W3WY^@B@5>Z5zADG(S<~go7)y4h^+2egr1=KDqF8D&AQ0hK9_r1W=8Pg
zG{r|TB^V{OF&>!dD3dnlnpE_^t-m`mFN#=m)No|?GuZEb8yj0VLvG>Ttl>V0>Lb+=
zY#yLv!K7KVv1hd+888jho+iwoQtG67eD2Af19@OAbv5Z$RHG)I!dkM*T?d*nBg<MX
zL-xSjOTSw#pFXoqld#behxyDl^yOfeRdzX+c5%+{TfXM`Oqyq!RKG*jY%5H?pVMWj
z+Gdh_RaT&4+MUqpQT(w^{CJZ?cVxNo4Ho-1v*Wf8(Qufs7>?<!7wTW#59F6v+vzSN
z2hAf@ON|NJVjCE2sTs$;=4v#`VgRVp2(87=s$}5NM0Q1PRzT%9Mo6kaS9p%`%hQw8
zk9Ii4@w4Y5OTmU^DNAm&1}9WiEVHNiC*%qxa`<_7V7Ex+feZsnK?fZaDd^S=s#qvn
zW_?OA$&Dl%MDTW$)wm`<DZXZPev?mQTpu5~HeQ?nqn`ZR>d9ZaZQD^t*wgoM6)uv_
zho&FTEm{#2Z$zw|SrI7K))E=0Ow;`Tjv1D5;ba8%abeS>pm5@Nonx5(56(x@kzkGq
zz_Y*x?&b;`%9^dY&X7E3JDu)b1161qKf8tgBP1rBWbRC^pciXs4a;)y6%J!&C^^)S
zd9DKME6$DUSSO*&&d}N7DK7Weq^V_{3nM!Lb}t{b{!Ns2U0~$;W_{9JqmlgyzPma6
zAt}#rcRz^y<*{re#z<Q}i!~9?C5Wls)aX-Y1WKr?HJF11BbRrneo7ksr4?IO7w8<$
zT8bt}0$lR5XOxYWo<<|0=Ol@)FMO6V)@D6&{5Fe<Ci`S-==OcF>j%twMz{FxX~DGM
zMw?q8TQh{Z_>5OwoTl|(v2=q;;2p`I1+Lp6L`HI4Z9V*|M)_MoUORUx+~XS3dczf~
z;NKHaScOU`eoEN4zb|sm6{juj0;kL<we)@n0yzWu#`;UeHQ>pIMqfF1T9DiyY}Q!L
zpY~bKpMqG<pOO`KGhd1qm3Y637d>JETyy*%Y~)!J@RJcRaFP))I`U<pSWS|GC~+;5
zf<%@4iCE{T?rr|bQ<V;1#x=O~v;OQM8bbG<ux``AQl?vxKtshY!WOSTbG3pmwnLeA
zb41zCJ@`xdrv&GS*n<}9Pav{Y=yu2}Em<kizov*S_Kd0_O{a*Vr;9b+*b*B<|EXt?
z3Bo1pqTwKtn1{IiL1;(X=-|v_E|M&&5}_UQubT(gO2^aUkgLnIfpbP$`pYuPtDqz6
ztT}~(NulGM=w3Z`BWihT!ls|8MtI!(&|`xLwmaj2dvtokPRzGkG9PP990FrG5KyJv
zK=BZV+2VdGdl7DLFAx~v6gI5(Bmp`=kW?<7YGzSdH3=i$IP{xiO^uY4hEr0K&_;P}
zbXanOZv!gWEVO1F)}2rH?z&mY?Nxa6Z1apf*4MY#cQ;bkAR4DkWPy8g8Ak!TT7T%d
z3YBD3yL0UK3M1>vfy9PXp_Um$Z0WrXhV%k+>a`gN`A22&2hO0h5B^pIHlJogBL4p7
z+&hB_c@XE7W!FkWqGyHFQ1&wol2vt3OmqC$n$gqoE=zi>zOS7=eCE`1J6P99Vfec3
zuYYlGK)?)<b>)b!J312gCEizS*+wBd+R^W4s>XQ4sH^zZLpv4IW`U@fMw!HWcN*3m
zPKjr29vD#v5>aaRegE66`z@z<w(Zm{$3bd0Tg%#tnE;!8Fvhu`e=Z&q@FguU&G;Y8
z)eWN``s~^Q<h6fC%J?!x@`V5TvEw!5+Ub4AlwrNtR46}))MU^(yH2)BS=e=AAl{#;
z5){ZeML_Z3Dn{AL#qBxtguS{;rNi(mHg8Yz;(xt<yK619^9J15vUl>~{rzmc?@Y~?
zTP*PmMRKk(th=--*ax>G8Oc#u(4&OGE?J_g^qi=t)!U*0fc^ILZf)|QJhn^Kvvsml
z$rskSns%R5$MZteovn|IKDVnCg5{@D1b}Tn4&fWFe+!qB5et`M9YF-<`IooR%}9Zm
z3+jLt7-e?h!zW#=U332xpfa9h?TB5<Cx`sqlS8GR^0}lVegfeLk5Q%`b%<u6<e4p2
zC4lNfJEIW3V!7m|)>^EA)mGp+k}0XXKLS{ey=h7r29w)MLn|Y&+0q_!-tN`SZ02w@
zR%B$QIJC5f*F3;`J?rxBGcSbYwa=9$4jW|c-h!Re=`GD=SW=#8AF>E$>@VNUzAd?v
z=c!%Tk4giVu$$sP3~Noa^~(k<tO9t_lwI7YYwX1UW5A+h8`4S2;W#iWcaB_RDG@}1
z3GoKvP~%(u`k}wiNbQmK9`Umo_VAklKvF^~OU&UjRd}JBa{W)zVhJxOjr1}|7|_1a
zd7;DY>d;l>y4;ikGnKb+VEO%=XJtdJj{)??2M9m@s0N8bbt`3ba}Kwr*t9XzPq<3K
zSYm7)w<bqQk(YtAqk8-4c)-tWg^R>I{UaqOPZ6cX(oqZ^Q8F9c$WcsYwn{RawX@_p
z%l|K|<Hm7;j`74NF_p{N^RkU~PToB_8ZvUZ|7=`(MPq;9Y^I#>oYks`<^V;)?;DQf
z&uizCxjTeq_-)r1kI>3-IZ-{}0@YjrEGGpEOYUzj+5QV~k(@NR)(lnj%Sn-w2h!t_
z9Hrr4sh38)Xq+H_lV%B0c;&g%tq77hDnmJf0}QYt<zmVk$m8yI>U8F{nY3DGkqV+P
zQUkv&Q~}+Q()pQ5MX9S>bW1OPuJfOkPci!-(_n<NB-MUP!)-38dKwhmO$=vF2W@Aj
z&WzKwo9#dV4S^Y==pEc(LSTy~VNL6Q1)|NdeAFAe0`6qpYtFuysuK)c9Y55kkw(?0
zXJX7bx;6$ll~))+8W=sX^;Y71cele=;?UN>J&miXkGwR?jQ5{dn^EW$hzzf$SJ{fs
zcz|{BRyTT$qM(pmUJmS&^{xgWg&eeh(2Oh`*!f1x<kxp>dn0})qEA~k)!ZBCU10wb
z=-R@c_VAdJEnF*JYq&#q!^7f@ktU$(y^5j~Su-%6)G2O9fw&Tngkjk?6v%z)B3Xg~
z1?3!%gfZhzb(CU;;m5a;B~EPv;_&FjC)c$o)vi!6guE&<HlW_rd+POnQv|<n>#4=&
z3;2ciAXS#@<^#FMc!1|}kdOqbc}~+L{l#DUa(SH~bKo7xL_4V%`;x4Nn?n-3%5auX
zgCE;cGo<Wb=KXH$8Y7Wj50B+BY#Z}UeaRL_UII}rr>F#c@h3}>?q~T$lp9He=Tni-
z@K;RTvHcfHssmQ~rtfD6WH6BN^}|B4-0wx9h4FA=(1;c&N98dE)PguU3`f^DBy)iF
z#~Hwb$e16?>44{hNV&lM$$<8QQCK_O3cui^1&Sa<hLGpVZ2OoKHl`rVOF`iXIb;Fq
z75i@jZW38vSM%8-Qy{;&<ZQa4s7IqGCG9(;@_emrwg|vromVV_J4D#S>YAB>5Mo2d
zMy%Nt<zO~&C2nTKD_cHWMTdJtjtz#L6TIwX8TBz{ve(LdMZCbCx!sbB*Am5?`SK(o
zCUe~E&*%{=4o>pqA5VG4ka08S4g|_{kx_s?R1Hf9g06`(?&nZD!hwr`<cSx%dINXM
zeoz$|g1Y$G#P(m+j811hFfaTN<}Qu8g6vq4`j2DRPgkfgR33u(<USTw4|2wfWLHW5
z@CQ!jG1kE+oUEpOXk8?SLFHaaz9rU!3GpNAt0N<XU;%a|a<q`c1&{-0Hlkm>LWLc%
z)NkL2_P#N<=gy049^O=5vJaK)*L;$$o##QXY&QXm+~G5n+@Sf0@P`0OZcsqxt-OLG
zROa4O&c+gK*-vq)BDWe<wm_O}sUmj)3nuX;j@o@g#p{~7uPv=07FX$kiGT^MASWhq
zw4Vj7Al6%C#p_x>ASyoNKHk9B_9FDrtVI*RyZ>qXPAi||SQ-Zh1n}<rMjm-zgg&|y
zuBlOFN7}cIF2Pz{gtEB}X8f;W;70%Jnte>gneuU54xS>Y|GU_Mp!#3yMB(N&v04A$
zI`97f9{ul&73hk48F@xj*^;$N4t&{jWCD^rg@lSAg}`BimZ9?;Z;)rj_&ihrC$K;G
z+s=}}f3P4mUB@vOk?31Gn+z7VO4%TD=H64~x!j=TwR$s4=oS}|Y`}lGIBH7S75xUc
zg{5E~YC&E9Ljc^CM0`cR!4?2+3z1(Cvwaiy|I81-`@pvsk+9Sr$xxpwqJnB>37v|$
zG?&}-B9cvI{=eDcB2q2>KN^i2H$#DTcE<gG0`tG{1dURq56l4cp^_)_1LOsqN^`lt
z0p17yN5I!c?*oW$X*P!TzsonGyhAy$A_{#*?7Yo^2A0hDv}aLn-2H=@T)>^{0v3gk
zu$ND|MA4KUGOe(!dgp0cGl$P4Y=oc}6^YJ;sa~mV_@wT?uqD4k+egfY?BAzpBvGnJ
z_kwf^#0`J{$Q?b%8p*|i==2{)VB=Zf7V!MUVbTJAEo@*vcK0mBjvMM5kX4k=GI+Al
z4ab1X7n^IiIO`;Z!YORT-{cZm$@;mz(2q?P)^gQMw9voCvuC3%>R!)>{otvbjHNeP
z?jSvgt$hLu_hC4bkUb4#dyV#hy2``oUmeI6M?=B$!I)eRX_2e^Cd9%0W+H;ry`3NL
zL!Z=lf2u3!X|yNA$It6Wme%NwJV!Vo+Jg0)ivJwPA@a>=-yXS-aaU16cGbnJ{oMYV
zAm$yB#jzsZvg$O!iv5R?X28dg9=0_F>!l}A`pAe=kQw>7G}vjT0u+>_DR}3XWCFhC
zjOaEgTLOo~d8iyHiXZ8ZT^boD^#z24>XuV@(oZYom%PX%1|L*&CiyhCoZJKanWFU=
zHQ5;arxG|TU4&B}4F>}XpD$0c(s%i(u&u0ht2Ck*s-|2SGJQ;MVz!(UM`)5Ul>!1j
z=X@Alni*quUThMG+jNaXDK4(LR^{L`N}^h)wc#@o$&0kw6Ie|`%)eh<SNGri(Q0sr
z2*gg~d^;*+B0zAg>z&Bj$LBJ>0<L=CUA9`6nLo9d?N3sdEVWvbpX~(vGF41@=KrO=
zG^HF(|FVjqXz2132crk6Z6^GAb#Mep*khClT%dKrD`bnMPmE|M$o>dpl>rn-)kdCB
zoRv`-TD#vZCd)2JG}6N{8aL+dFM^zu+`skB-31nXJ{8A{<$K!3@n%Mq3_or%ZPR6b
zGMzO(9WcBfs|0-hE9AbxO1`Fozr{!U_u=QV4JPL`DRH;M9(nKcvhfjaXC4hIMGZ)0
zhoh~7+!(PE!*DWfu`@Ak=`k^Fna2E1Z`@EtLv=xKwaoUht7D%5CA89?#j)CwJ`^=6
zb`le6pzs)hAAPq{fPxsP2n$YudgMN6a7eI*>-)mFl^KzQrGWsw9fm*jcNtg>KJvBO
za>ikh)qv6`4K{_4W0hcAOzcj{1UM+vXyL?n>Y=R3^=ejn68W+3cG>*9zC63Uyj*{*
zUuJcM7Zq<|fzM03(avs*bwqA0*Gzz#o>l+61RRB&s{d(OSQEJ|q%tF_1A7N{fC46_
z7-48-JKz#pzj1oo$6e<2D&d=^HzoRcFm*nx(I(9^^@hVL4SZ@&0%%b?=-RJ5COF3E
z%&Z58|H&UisuqsglO<!~I+E7zIr-7a$;d1A2WNUR9@=@HC4y!|Q|)QJI~}$_j7Bs$
zp+qY7_3<X0MKR(cp$*>t&4;&ee(x6DcG&HK3ic_upbwK)niBefuE|pp`q_Lscjfjt
z<I1wt(+Lzn$X{<5<Wxi>JD&R+toD)?eI@Yq4Tqv5H+E(WI?^`bL7eu)4l}r-?g+K7
zVna`T7xGfJYxw2t?e6aH2At$N75a3(f9Ux(#cih%a|emNkhH8Q>TD2@bQ>b>V{-$y
z93smX%QuLG-f_ZEBDaQfodt7wD;($nPEihAwOI0_o8sQh-O`^Cb|0uYf<wT(@(*26
zG8S)jYfz1JrpWBRWmhwsshINl5A&0k8Sf=c^AVrp;x!7TU>kO{wR$yxo~}7L%5Zcc
z)gM+pHhG+`5^3GUHwljzaW&dH#L)Ygt{1R0UKQlc>0&YY#DXd~|H<X*AcsUn4;xM@
zFZH$$dai|6KPpVA;wJ3qmqi`;ogY9b_~q#Ndbl{g8}R*P>GC82e5`qKx%ldS@So|)
zEBW#9dK#XmLe`kqpqv$+j@zAH)f($QpobQls+u=)_e62wUt|_Jr(#S~u|r6Y5Ys~!
z!Op^oB8k*S4@$z@`;Fcht8j?O2&I<I_ELIVCD$;x!y=AKAWav9e@AUc0BwrW#(Ev4
zfNVp-MuN$lHh&|}GG<F2RJa>VQzR0@gZGR1&hjMY#^tvdfIZ4+38;ZL*EIR?<a1}k
zo?uZFR8iItS=MKbPC-tMoL&`!u&i)U*pw$^jJ8^kE?!hv*0*KIB|?5qAanYRQ+oKX
z&b2tp$(8M04HgMfDxYwOQj;zn&et6dt=7fIC&M)D;rU(aS|6XCCv8Wvs6Ka>nUJI?
zl*Z6`RjpY<Ck8L!0T7)Gl0SY(F&`rv$R$bf=g1V*L>=sXRBCKWlA=FO1r|rfV)a!Z
zX+{MWCeBa_mPAxQ8d2Ih5jP`0!p@IGGL7SXu!sgMMJ6dFSbuvC%=jbxZQ4*3R?zP9
z>3$hJAE2_}#}BoWFfADOPyPE{TInd<wziPlC$OrmhD$OCx4x8RDc>%p0IJ6Xfy1))
zu8(!8zr&j;qEz4C=0gG}kCk9FN=~Ch?k4X*@=DV3k;?JZ=VwjJ*BtB|n=k-Dv92yj
z>*XKSG^-9@z%9dl>iuS$4H>IGMhZjUl&ACJAZTkPZcDG3T3WH7g9LhZLFg$YXGz?K
z&5D*%X6I)q8KW5yx`Wb}uBm6FW_#=dOWc?-C_xzf?(dJ;ACcLzyf44^rPg03z|Z+D
z`urZvW*w{)+vdb<hDa#C7h>$Ct^8V$B+3`=90Pr?_%42A^tg5wjZmNfD{w)sMbtZz
z-)<9e*iIB&ztv&yn@+SiHe$(;<vw9<YIT!=7B#JLN-r|+KsrT!GK;+i#~>+H74;rW
z#Z2{4l{UF@QS?io;&jRd0XnZ`o~x%;6^(r6{%KE`m(3TmW3Uw+yG1+{lUK*YiA>hr
z*c7Z|*a(PVDe9PXmsF9QhHx#+)9DDTTkABOR=8g<<Fy?1v-a;13a8JwUdo8$&!~sM
z(O9_59q!K8)<U-0mBX#$Cgq~u5ls5ygPh2j#1uZf7OxXXNZTp-w<Pfciz*5UTU4YU
z!9*<P6_?60Tw=!Gh)s5?J3jDy`^eu$*d!Sr_iAk$%WpAG<#(kj8<zMDyIkR=AUJnQ
zmEWzxf!~W?bbrP-*`F7NpXFWWKaTrMdTUkCM{`Mr139qyO8Na-zE*X9tjjg3kX<n?
z;3wZ}cI|1aewChH?j?c>7dyZ%Nh17~;>6JnmWQ<wEux^&@JqApGF44}!VbgO>clv4
z2CHIn_ZZjW`_!Jr!~_H_IRO^ct-QX`;0#d)HxoIv>^#E2YeMIwlV1ZX7)un+Az!0o
z<L%TiSZFHYNily|RE`uOFZjPYz;F7a)HF0I+>Mw5hg3?s!!hnzC57rSc@IsnoxGcA
zf9sW&^=RCCOMlh&^HjHAIWBW@{$yQT1hxh(s-w^-*jOx5<Gq?5U!5&sGMX<>!rNyi
z<i9}~X{xX}Qjut$Jl3Kk(9<Ne;UqS+m#A;Ay00addG;Yl@D&IybJKFMD9-&wkRT!m
zB|t5}J|>TT*_HCTCC0Pm??1#pHTeOA5j}B#1G#VC19ReDs*&N~;t=e+l(hA_^#o=r
zh}<ir_?B)j72{!nghWRl_b8EH5U*Qo-4?(2ezr|d1^4*_JTuWj1yd+qq~Dyxth6B(
zfEGjBbjbFWxtr9=;VUd~DFy3a`_v!Q%5h-F)XH(D78uk*{+a0H%1~^zL{zI6L_7kh
zf4P1&S?BR+umI4fio8=0Do58(|N2&Zn8`wh9_(#NS-37G39|Zg@)m{Az2)#09XcmH
z=fytNOON(q5DBE`7`~X@{N>RAi=M8cTl78frts|0H|T*ax%KTML)a)HD56V7z7J=s
zZ0D9_%iYK$9X6(X&2}Xw!m4+1$t=Yq^WYLB1zrV$$^ApL0d=P5QcWbdmw=c4niElB
z$q&h#m7nguU&%)PMb`SEL|DDVxtfMVMrpa1AfK)liWFWF7g+VRSFZ3mOg)OLK+R+}
z{K6vk-p7a?;ebC$?`k?g+<f}5h0;1%jGQ13!3gsQJJC9-_AeOKlTQ!nqP@5komwq7
z?_9f6puJZ{NjZvXO$LoP4P97rRz<Ij=*AyJ20WTzV2H26A}3{6PQB45@V(7Ec&7u$
z`(;P@Y+G+_HcV}hcg;bl;<Cfkg??NjE}enBbo}MB9;!y1n4o{5-2Y{--%eGoSr1tx
z<I&Yc;z#WFVs<Nxcr2{%xsc6xUntrP77w>r@K`XL3<z`5lTZ!Io`X(nL!&r3s?wsu
zG%ba<;MXV9Vwo@rPKRAIO!);5@%QC9v|9MvtdL@W;QOGusUZL7$xs%up<nyA<F}E!
zcpvxs!DQO|lmMSvhN4(;Eh}wCC})aFMYHF@Pww(Oqu+Rrw*9V72+L?|Y^uHy`dHE>
zJVFpX-)cAHRg8_y5djt5ELiDjW@)%V5KeymLeeB=gN2-eVu^S=<WZ)D*^M_(H<wRI
z#)Z%YF>v?$ZKoK=)29HoGshoZUwaN#Wn4xfUx^m*V2a<nshgME7Fa{`IYV4Q=5?uY
zYc{kk)4W_3j9Y85oXq%@#Ok+!qLNy=1a-OuvT5S$oV%fosnA}3QYAO|r1T5;dj%Sl
zVM_<|wY2@s5udV@Mn1%@EEXep*N*mNP)&fw61jEI)@p&~)HH0h*{#;s=pe51lt*Hx
z74Vgrj3L5Vqhqyc`(Z=|H!&!=ODvM9)j)2ABWSj2>&ST=lg}{>W0Tz<MQ>%C90^~Y
zgejhD&}BRH+~Ol;g;qg|CO2D_DTs9h`OfBTc=+h^r4;gvF2Wk8Mz+y@kvH$tG8i)%
zSxh5S?^$Q@<gO5!?+Dmgtw^)P!2GpI@|$*jTHS0Aey-JCi_@HGv^f|&$c^)S^w*Sq
zHJ{uAXM@?0T!IoDWCehdclJPzMmdhlk`bm?L_1^?FehA-aj!}`f~l|(Ow3p3*yM+|
zz$yZTnw=qbiYN6)(A&QaK$GRSHE{-XB?+wGtLf1YwdTi~RD=wmlhLD}%x2brbqS?u
z0OeUq&_EuFMVYIq&h7C!#~TD(3YW-jHmYjyO6+!|v85(3%u_||=Jb9XKRivpsZcrk
z35^*9Wt>p8oM|ZBg8VwGY(X>)IjkH|pjs=2!^ISTu)Xd)TA~ds`A)$sX)MNbY(y`n
z^qZQibdCD`pj!8wtn>#mxY*2iyl^O0iQtk0qZ7SW^X9L-<NnHx9exsi>D@NGc$sNb
zuJ6Iuxy+9(`~WazN`k#=vYZUe;w%!`ENTYWCUZfkPo>=66jL2J*R>yajRV{Gk8Ha6
z24uCT6$Ju0YD=Xe5S_WU^mn;~PH`s2sICP@8rQ==#{ror%v?_o;6Lf?<j_+d^K*#J
zO_qwet0SdC)0oC%2rVTQ&H?leGMyDOm-AvG^MB^1?&?dzBxwEm2aI1{Zlj3*XgZJJ
z68Vx+GAlHepjVdc#4V|i&psdCw~?FLu+vvXtmj~Pg(-~7MYt&4R3n)=&LB1<{u_V0
zszp*;&k1ZI(V{9L@`~K5Mj9>U`>^rTvi!w!75zL^fgM~?!8mAHX4>=~mND6=6D{$6
zBI0t7KlSIE103?`1w=ri{e$9_VJK|lY->V((oPK8$O*$nI~Bw|v%T{}w0q3!OsWI*
z;gPiH)9>c*>+bb*bNaStvPZ9{N4n2KDA)`-UQ+Kt5udza-Q<oChBjVM9&Uu{&FmDj
zRl{Y_3knydgJMPTu>li)nUuWRxE+@V`y&=?0WSwD9D^k!FoNbzfru)~-~$WdHZ__C
z0O@=^l2M{$#`C=Y4V#PX)P1k|s|C3nF$>wW-4e<g&6cjW1B{5IFR@!0w9nR8Si=nB
zE8KP`aVPxSE_#PyN*xz$NJV8xHc$#1WLGL8BuFCfP|j6IHt1%znE$0H1uT{ciuW}p
zJoVT=#vcm#+?=_Z(!*Ecrrmohq|!;K7>n!AtRt_hGCEl@xc#mAz#{gHH*Ux(kBass
zzM3CuT-Fan`V5P=;TP+WOVT(oGSc_`^c(UIKlf_~Tf{ms@I&}G_NxOFf`3kJM6GaK
z3_;#=U_zyA<ORNttfHRw*mbz16QJ=!@9E7F9egRk1YV7aNO{H));^lr?4W6+G#+(?
z<L_I7`X_vu_E}Tbm9AWMg-%htmLl0it7H)d>(W9%woM2Mtt2e#N}v@a`0nZ*ab;D-
zP{p|xUnAOCdajjdLrVJwrLy_2;ILsVr&W&Vq-PzGd=Wu$<ynPVlyQAvldYOa0(B7&
z<TamL0X`aGrlDeTVNA!#^Lh4>zHQvLkW2$vhbAPYs#8$<QTw|v{oaKacqhxa!7Hf&
zw2qLtDjWlqSym^`_KuaB8yU-S<+LS{yV(qLqfyvLJ_*ilXAEX!B`s1ubz_SrwQkN{
zmk9}v?0KdvQCPS%-K_&TBWUo4Ev0A%+2r5f9^ZW6ymiemc1tUgM<olgU%}A?bUwFa
zZFyUm`oR}Aw_8{ao+}0mbHu-W9`Xdgm@D+6iND!71{kCa3H%&?UZ2j+?(Rk%c6{9g
z_<k~o{9Y4N-(ufZBZi2_-)0kq<KlYHY;=FeLzxxJE3^XuH36VT{wk~6wsU?rlYFE2
z)(6^7O;W-@(&{mVv%`IH%2r21ye``mRYuQ^!=4JM@=!kke+7;JLq8FsIb2hABJmiZ
z_WM0S!XC-V0Wl%;<gmHLR`LrvRKb41A?GUMxybjZqF`*ZaE*wz;?2YEYkF4*HBG@B
z-m8AcUH(1b#)C(}BE47&ZZK@%Ws+^{A9hZ`LAN|MlnDy<FL8CUihAV~hN?3^KkRDs
zOxBe2j6w;eCs~TNib@>Lv?MBwu0Z%#x$qL_$%u72-$le`lwYJYMz9%$x9n5iObYic
zF0GvPEV6Qky_7v3rSIn8&n6uX9C*5AVW-28H##(By4+`7t+6C$(C>D1O5)1p>-(QA
z46Wn$FGu9KYK?p&quEIYhvI*e-h^LrqQ1_|@Zm(TnyFS`t|7*~HArbp7wM@nzLxUg
z2K%F=9no03t<Y@OWv?F|Hx6$E@CK##ha!hGvKX0Fp&UL3s6!<Fj#l;EZLTW7$P_dS
z;7`Xeicxk$Pz&K0T>cA14_t^%U3DY0ptX@bM$?&#Vg&M-n<}u<v98HScPrJZZ>?W7
zFAOV8{8Rj-mrj0{G$Y8mLK|qRuEEX4$L%3Kqo85!9k;{Kzo61}^O+8AM`p`R)!{tE
zRp5;!n_diN7gJBs35WBvi`ro&;VN5a*cmf%m01xdD2g7Y&|)J8x+Pl(wU2-Zy9WKX
zL=>kjzC$Z^ITZ{RG!ooXY!|k$udu~*Adb-w0F%z7%?#N6fMM+<8K*pFjGjNLjvS{@
zbt8%$l1s0#Z8Goy!d)C|)7}(Va^M$<je}N-AV|@*t83}bUywH_*k*NTp&aFy;mV*+
zyChi;({7S<D~pp5X#7JaXow_%f@DMp&^Jmm7te<*&CuAziz*-^D?@0rz*`x5%@K}X
z^0rKJ1btJD5|a=AQu8wj)DTz3G*!<(X|}~4OQOkKe+T)5%G5Rw><ira!gnHGs`JlQ
z_hg+nOrr{@{DJ5@JDhANMD8G$`HRVgIm4Ia=_gEry4B30PH;0M$R`KAz`{%AWxfMG
z70kx*GesRzWvRwqSZ&{0Wd_cH0Hzm-SfZXF?$i)@F%Vn%s>4PlAT`h-8UalOEyV|w
zON}nbYK9re-r?G04gPBy-ZDTkDdY)9WqDVqnkbXZ%TK_LXp$v~fF`J_SnHLcxH)<O
zWrq4J0-6{p4pn6wwe$E&c)(q8zNLa!%g=U5?w@pZm^!gt;(TbOEx0Sfy=q1Zf3+<U
z5^rD8gycVQkz@EL4Ce7U_E3t6v&`&jn3<&s?jc-@<R6p)lb2T0=W84(@qVJC_@I@$
z1ka8y(@^T_ift`$zO4X1KY@>^a)!o2(hh2HWt&KC$Hd#@URN&9vn+=6iC@3)YiF7n
zD?NuY2o#{;atou^F~0ic1Ri;EEwX6qG|<9w&t?T+M~^lkX*7Hl9N{vCS|`NWiNp(I
zUt;$|J5r)fEzQc-<b#|r<q9<`okoVY;Z*@uR{J+^s@Hp!I)15-j4h@|O!Nz=#h!$C
zGgHCraN_Sf;a(>5BtO5boB9APIyp0z@vF6Fa_s7Nqm%$AN%ZXbp9G9lNDIztZ~(k(
zJ%pCDu<@or&Ql{lI~nzinpP$F1q^`WpAin8qLPY!W4zFN8*ZS$j_qMiDD{=PjUb-T
zqe$*BDL=fZTOk;$o(<W?g?y_frvB{ricD8i41ZMc3!RO<IJ7k)@**BV@p6(6m90r3
zuccnOH~FDy4dKs83Fvu@Z=A-T)|jDM3vZ}^uSr9}kI5zZMUg=SgY4hA-_F2o++R||
z*%u)uRV3X!QM~Lmd3TwHl$}$PFj}vK-?44mwr$(CZQHhO+qP}nwr9S5e!{s+RqnG^
zbvjQ=Tp<N#+BGx?M8QQ`M>UG{Z+qo7J9@w;m_f!xqyryZ%~^$*fNjxww5SxYZ2x0a
zbAdYblu-O<ZOTZ@I?PNR5V<j{xq(zOoex{bD~)zVGw0%E$F!PvDaZb<jzIWqxn9)N
z$xY$N6ZloGFk36jw`jdV-nmT!?9vtmA;zM{C(D{lhViqTyIJrJpEsXc(H8R(zPpMN
zn>n5XtPt~Ho_1YBb2Pkf!p^zNs6C7b$k;-xklgols-^PSO3!OrrJbDajX)2&(6wpT
zDxfM)_9TH3LrDHCfnI^(q@Bn|cE<(eSr+r3y~=pXkEyPk3g!eLYxpta1^%c&>jCPp
zs1CZWRf^PrSW|(nIt-eQKo>;F&d+^Tz;>kcM#UKnCKN##s)>V;&le2hZ<5e5c`dsG
z<0nh7#Y_N3PZ^AsA8evYP;5lWXJDqiU=DfW8@v>8qVcFEcmKbL@?2DTaqX=;>V!S;
zJq6;ZwYgL&;reC`;iuY8v`jo`riX=q=cw*yrW$`Su@uKHfcRwB#|=6{%TfT<hoDuP
zpa8`^0dTFe`5qhxa8HOAXxB<7{=N?2bu8kg_G52MZ_6M8X(9SKSwZ`FxE(0d8n%%C
zG*6@A$EjYcCp`L;{g|-}(ct{b$n*Mm!d3WqVqIRU!6zlU$TnZa2$bq-0}r}1V%^-1
zcRB9pU$O`!mg-#PUFlq9O~ca?_TMdbs>WC(!1|`{w68cw)!T%*=^!S2yvEkdzYir;
zh+rQi@Di7A9u01w4(I5SJS>=R?MoV+2#R-CnFr&mq$$bLz~j$_K|iGSYny*gA~0hR
zqozIGIW(lHPh@KDQEZq5t=Q3W9%Na*7cGd;eK2W$3rv1hbfOJbJ_&yC6lMkA<R=K%
zw2Y1)mL&+u$$k1-xHFq%br3*ye>pKyxFU67KcLAX7wq#LB+VO@N0J$LxrgV;FH$^L
z-sV}!Fk$q%hJi2y%0P7a5T4;6>3^0J;U!nFYR$}2f&gEZ6ThP%UV3)3%!}*aiyJ8q
zkGKu#Fc*VDP2yDFTB`c%NhwDou>+(el0|Rf`>=^91GB9_G>B23=@+y8_|pUZv|#2H
z;oXolgc6oPDwjV&0D*@@HW~b;5i^Dqsa>x;iIT1)Nh)1*7?M?Xo4!o{M&4!v5;ub>
zjQWb6nzZk$&|z3)dQ1;veEw(@6JHqi8BA3tGH{Vp);e={NGB3GLkgy+u!gdQ!$~ld
z@~R#HY+Uo#z<-v?lwy!JWp`W+7DpxZWAGJnG#2q33ROV@UE(iezPzk!qVmacE;NK4
zvrm4tEZ<PGwmsfc%Fl1miSOna{JFP;xN3OnVntRqkOJQCuc$o7**;4=JA)|i`j1h5
zPDEq-5h2{<tf_v^Y;#eyFJT6bsi3#nst5ew!`%1&sEl>v;=lO?&v>=ZU?tB`FM*Up
zj?qGK(#B1uKnWrLzTtbg9FHdNx76Oh%%b6yzElR>?79p6z>mn<;-IbEz_9h?s;=Mv
zLu60i#h@4Oef_qWsTokQlrcD1fDEYom8xrHl^0f8c-1FKuytnJh&U02i>mT9+zySy
zgR97y!j8>L*%XchCps&sVgvio^7m@W^{3;MaD`tO;^$>-7~*49WJy|x{zC;@n{Gmr
zsA%#7X2_FS9B;J5(%kh-2Wk}}%t>Ppn<7)c$C`V7@^==;tDXbTBtPD;sAyq7Eg}H6
z;2Q#iEFgs&U*^i&9r(lhdR^Z3*sp=&bzN*&X|UP)4=d0b6T8%qqi6kJ?PdA*#;fFF
zI=iwhqq67yz}>P+rJm>STo<;idmde5zTPS+G9EWF!AO9{03pbdkV8&skABSWyu`ef
ze#ZjAV=7y%6_GdJ_yvC5hq#rd>NFCb1&iQ`;GdA1f=Z9TJi#Ye6JbPbCi$8`Qr5?X
z$bk8FJOF;7MI!6L`nXU^wRuP1CWy;}w@bbiG5R+@G&E~({sy+vXV9u3g?yc0@S?Kt
z%t!632_t@o<D@!-((!6;d>8?wJtyq71_Q3q<3l&QlQ%TPlZ_*>615WK1@B{=662#Y
zQc!u&4HQz@S2&MRI$>yz{(mZFeUpYOdM(CcaBeT6Jz3ER{wyQYQQ)r7ef&fEA-iC@
zq7kLB7}5E1R0z43^hnxXh{PAov3#C@p#>rm5xTo+u%LakzE!i|z@lIU3X-O9p}_+4
z-$f?^SV`qH4zUcaB3Pt<T#TqoOZ*eLA1%Qw|GF~_IK);2+4**`!95ESaDVnUw+ID^
zGH=a<gVmnrAFYZ?TBQHu!?Sm0yLx`!f*alTakA3W(+apzy2y-J(JgThrF7<#oF1wD
z(s`HjF`AA>NZMi+jDr$;|2;bTsB8SR+h-&c#wC4-1@s6(E<|a-byV5j#0r`+{g;e;
zBdhpgR})xNdnZ5-IQlrHJShF5nQ~-&Y+8l?kA?Z@iR7L%t%~o8-9soHO&$rOl+5xp
z74s=d5T$SWwm+f}N`vFY8;<<#znho~mZn2<1%Luu@<80UWqwr#@fyW&qq21*NrV_W
zDg`*9DH{2;iM?&dSDXL#1=^jW<)wB%1hO{x9emna=LbItv132Q@hs)zW{%@exm$WY
zmB-6(GS89VG>sGPN9s*0(aj)Ascop{&~w>mwz!K!9j+kYM&GV~OvH=|QaMcb*up-v
z2-e@>pCFwtYkdDc3`Xj*ljB0<ZNfBI!5$q?Pk3$$O<ciaLoE?3=?#+-%O?ijM^b+y
zuNb~J$o#F(`@tiM)TD*>;UNU^k(@pLEJVr#H?x?UK28UJ$(bOc<8L_8aC*uCCHnA1
z*ooN_RlI2ZH*d_4Z#J@IZa2+quLQletx^dip#CUbvIc{qUKG`GOFgMCv@plPA4^2+
zIZ<#k1Z>Fyj8m3(Vaq@uK_ZRHSO}WZ6r8!V#tpzh_6AqPp9nem%1*7@8fNXOl;hX5
z49d8$<~H?R&F`{L6+dO2<Ge?@74W|stSyQ!mOojyW3R7LV->k#(p{zSd0@&8ric3-
z2&71`-=^X{VA@Q8u&d)7r{3#nFe@D2I0B=&$dlrg_&gK_5dk*l8|%1ZZkt{dYOk+u
zx7E*Zm~!me*>@kV{r<28^b9a)UGp5m6G++9-SB?pUJ$3m&#;Jg48Qa0iQumEe~I?D
zZ2eu^UmT(y_=>hi85Y^pdA{9D85UpJ|H58qxS@cg^dsWFNr$F0SV4qKx2!BUpLP`J
zacQ2&1tMDL=#P5I8ln11bq>DhWOgN50nrQ<joS9l2L}os^l<vp%H^$49LKckW@u>b
zagb#cMJcv&gopOO$mq$*$6}Ncn~F?82oL}D0K7>(bT=>jo^H)fPQk23lClFqp-~<b
z$xR+8B)3g9mkd|ldqfpqvZ>V6Ef<#A$v^R7>Rf2)&&A@~rEM#aQJV>qk4+I3LUFj|
zAe*O#*T+o$x0;n6!}sRiYW89cys&iWj&>I_meMr#y!N-RhgGajq~qnE7=_ceWmiA^
z+^OSTC>d$b4uSO{3`JdX;yLwq-&iYdrWatJ?hIO3)w<k6=xbV_d_gamx61*=K9=8R
zlVS-=!b$d$0*C9W>57^_l8yYrGc-Q!7YPq96To)K7U)%}srq+{#r_=b_1;?g>mp_R
zh5_BswINRE7w_O*k?!<gXbp|WJ$7m+pF1qC6Xzjf$Gunlb#kfu=gCNe;G-tABdm0W
zQ%yU(vjr4Wl(L+4)}p>gm_0J^6(xJbOEeRW3?U=j&Z>&)PP}yzVUEX$<^#UU8^UJ%
zpxE?qSvEDSMi8bed);wu@WiCp2w+(R_Q$8eIvByam%uViBoXwvnHT)`9v&F1ToD*3
z_~UVJAD-mUhsoRE2ZT2c-d8UyDkRi@4Nq>o)LdG=nI7D?;g#5pxEBccZwcA=5drp&
z-M6GR8V|3QR5&!Nw@gk9-;YqPFMd-(Ij`6f{xE^igEqsF8i=%*t+zFDU09aoCZsdp
zsU2EaCS5FL>YN?nv@sJ<JgRq4DHu*QW*xK$!7(yk(-|P`{T?mwF#ZZO)UDZ;W=e|Q
z+=FQ_tOre+7im+4hFUQ&p^?DC^{N$9gADW-^{wIp;yUs7HmZi0ul({q+h|-@jD*eH
z2KL#>b5HpjJAtwi<gRgA{H!k)WN|ptp1G~z1|(NY0Jb7zn5LMt6CV%l$!j6tcvUtc
zooJ0tktVkIJMBUPbYR<n;bzY8j`O@Nm1%1c4eRs<%r4i48<g)J7chsCT3mcjZYb5|
zBW0RrXR969^;DfkGp&X=4oQECKZ~6gMqflc7DQoR%K5hj7}lBH2t!T%tIpG#F++*>
zm0-3)4A9by(3kAU0iJo?s0)^b;f9Y}ep{gCx)eQ5$FJE@6nV|#^o2T~hUzK~sjg~V
z(mX~!Vq)yyab9Xnwv^oj&r_07P%co@CrXXNf1dCWzHx#{T<8y~nFTIq#t?QjI+C%k
zk@xF*-}!@*_Nan0n`V$R=c1%+A1kcIjwK;DUkwR3=w9}#<5n)d7?mUE%8>L%C?oh;
z-c~+H5A}7}kC8$=8hh)LQ!lLY!#QjLV4226L;y3S&EPbn{<4iNhaJWUf#joU(u#`a
zr`+)p*YQMeQoL(sD{YxCA;R5PeAMoqM9yb`xuL8W+(Q6RkOUZGA*%8!;Wh_bp}Xc=
zF%}(L1S>q@2JDE_(A3xg-nk&*gVM$(sH9S_G{&H(EvjIbWR83YltwEnrpH=lq=}BD
zLUK^RBJD*d?GV7^L=VJfsan4@Yijm=tK~(dCd@Pr3EM!4yzc6qYp~EKK)e?nkRdwF
zd9Tb$r+~Yim(3OVeCG!CpW(l<h!LShc;{TYwU)b_wT?y3Z7G;DR7fu15ZF2b_CFhU
z2<Z_(mKA6MU(ZzB-uSjXY;-oubq`iPe4gBsk*Tg2LQd7DMXkiNeb@IUlEZQ=tmu4#
zJ<3AV*$R(Eud5@FQk)<^Gg**f)kgXW0TuRFrp+%Q2;=JBq!K3v;;tCN{YBP}LM3)%
zk^76K$M@Ji+=-xr*Z>|YjkBCh_txn!2x{#`6lIS`@9(Wv&CZvF318M38OzFZe_TGX
zY!l{~Yet~#i_^WSw_aocx$K-LK^lhZ*jt8(Z56Mhr<CIh+4yO~YYaCnZc91KnllB9
z^n6{*#FNqr@<x$6XzExE;(Oeb=H7nLWb^=0fljT`$M7Yn-kZRTERDLNLo+&gkRsm!
zFQaDsm^t_=T~zWFeJunP_gGpZh#6w`=%6+!TspS2ewM!S=}Z#6?nbOfLzMjXyT$Ks
z!CHyGq7O!#?s+HHotXkmNNJ+m2;IlXJ}U8^SoQnqU5;ddw0{#g=0D^5&h!C?B208}
zCFo&jr2nq3l7`$04I;ffD;f#aqEFVxa*cCSb4Uddm-u_p<i+bgpSqQ&l>oq2OFCN|
zOL`Z$t|A2|b1LC#-ma75z`PYOa$;%rfI)$Rimib&FRw{W5KomTO7Cl0ljLV=*co5b
zc8JykrkO-XEvuZ04(Ar<jCLbrT>voqCQ^LCguK&6h|$E<gY<bft01fK9T6Qd(=F(r
zFTBk6b}fcv{p<Nlo}Z88qt#KULrYMv=AdvW#?)W#13xJg^Qkwh08H>aiQ=!^Um3p?
zS|iYkO*FUeIUr6eqn*eglu7=h>bj5rM_0b@sfpHFj@3OQdB>vM<sjp&&%y88lCQ4I
zc#UKov(XcY4<aQLU8kXauqTvpyo~K<MGdY=r5veT8EHLtZP6VZb)>E5YMD}r+Mh9f
zNgE92p-{9RR)}KL&}<W~Fe)pi(;jLV$F)3hOGQYYS*-A@BPzbc23!jLGDREmhrnkC
zF?>K}IJ%N-%q~t%{1hFv$PVyuj%Z?n>=0Qm2!PI5ap5ps#^=H;1YP4PRN(J}&CEbg
zk4hETY|7F|M5WZAepqBgcOdu60t_cZiwIoD%s4EPNmDF4tNYN!Zsq6QjxNq%NT?2)
zsssm0wrCgs&WQp2WOJicbo}P^Y{-v`bb&W^Pcb$*Mz+F#L^E>X*uHUvtt#0_g^e6C
z?(V2AL{BkR9G{4f7HUBm<h_4d^vvJrK*z?$8~(&p7dQ75SHHZ2<V>!@OK?C1Fy|LN
z4x8_nnAmgq74ujn#_Kv(;5)VWW^nWX17AxBxEJrION%3-oyCZ|&~Xzjeo}~#kj99%
z2vUHf$W3`1kE3Ok=y_umOmKc_Y>fu1L402-kNNTT5Bf(afzC~kJ<HOrS;7zzjDhs2
zVogT0hDvX6lm=or<F64#f+NJ1Ln1Ha=NI^IMf)*w2Zr2Y0SVr;)8|I5?u!^JW97f}
z=CX`Qx8hPm^0E5xvij1Mp|dhNXPKprHiL2Y6RyGc$hL9bcdui;sxXbjp9NIV*?7kR
z@bF_C>S~f|rAE4E7D15L2C8*1P5IQ3Fm0&jSvH*E%G76Es@(#A^G0$F8B#gG6{5Sa
z$YVidJuPLWizZ3S*q!&ZOS7%F@_+}((+ErqKp=TO?>F4u4nx!Wn%^`IG{3cazSKxn
z;51l_MPB1L>2e{fN~h0`b~OsB-r3qKUUwOH4Kl$lHu;k53h8oNKQVJAOAb%qp{`1t
ziNy0*LXkY87ho-nb!nCb)B(neWR)6t<MhcDe*%~uV!_EU$v{&!0@U>o@Z468(pnUu
zoSGmpZJGttst(RiL9JRQL>s+j7u160d?c{K!XIa^!IbD|;e4=$S4a9Rh9B3eR=I%U
zTozM;E+9A!Qrt3_0@?$*bVsZI0HewCm+FWBnm=!r;{>T?Q=y#<TLpy6YuXxNagI!~
z@=+@;lS5WPTw8Zchm*8EC{Yl;(hCe~Q1M{`EEFUJzI^Rfz#B%eI;V?^GnC3lh|Kot
z8xgOx@4Q+)b*!IJyg|`cmZP+=z1vD`n)gq45hRh?hT^H~D}x4R=?JaHJ@J_QPGFk-
zks8Hqm($Stz;5{m!vnf{kfS$fRT^%z$M`n0;{Fy!DiylPP}8Ut$}V9YXLu0v{dFgH
zL;2g(r;q0QC1uk?pVV>hb5L~<DP1Xe>qCO*q-xDxOw2GurX;oejeM128Roaf=<GeO
z`JgjP4f{*gF%d<sZX3+W`r5VvEZ9Q<7wfRBB7rE7ju*?rtitx@7Z9_)rtP<E_*tON
zP0i;vW4PFv0d(fm6c+fp-pB$_N`%TPGLVjp|43eK4WKMY+ge(2vNlwdo~A&PXF5J1
zI#5iGp0htAF09OsoVmZyb=ZQ?b=qDIRF)L)>i=v@8MtVToOgD^{+LX-AM@4**N!VK
zF6x%B{Kt+eD>}TQYq#ie*xDXUh5(!L{(hG$Eh=vO%>H_g`Glrztx|JIu33^tII7n~
z6$`4m__V>ym5_u$;t#0<30l_lm!m3s{^>y=a2u=^Uya`Tn+0>SDneH=m>2fBzz>qW
zepdROR_$@tPjvFK(u3w__mFP71U)peF8!kS+Q+o$F4kexBUoU<ijljefp9Q8{)Toz
zErO4sN?FpQ2q^~<)HN%09)V!Z1lAFt_B7H7f^soX0pl4N&misdUlQXPmzbf(@bbm;
zhbkJLS*V|d!&BhJN9Ha1#bp&o*>zjep)0VT73yK5V(2P;5(%dmCO)=%GJ=pvO?_RK
zeZH8%$aD@7(}WAh5iVLCt`R~C<)WKZV!ADYBe%St-QKFc^=E&H!<MF3WH9_9{RLEd
zqnsO!3^&>_DVd?@^btA8i)p6CaBH_N!=z}zr-v6vv>2gAh%>uakvW{y-NgCG<$Apf
z8-F%bCVbo+&gOs8^0Eg!S8@Pf0$xY;@@Fl)wnBR>ZqlSfF7waR)9UCtX0Wh5TM3*R
ztkaI^UVTeHbdrukj@C%nE3TJ%4{QH-ewBcThu&%=J~{5sc60iBIcOiHVox~&S}$2s
z9xt})3Sd!Q2pWHe^pR)hl8O^`<zg<fzW$%<cBPt6++W10o-o|W!Ik2H+B_iY-OfGk
zOs>gBnVX{ow71J*tGKJE^e`=?*8D!z8!FEd&c(9)a_#al?F4^_r@a>+TB)h>Kohko
zpnbV`>ZqyoX3>^=?K`#cecjOPM2Pj7hDKfW9g0z*gL`jYG^_oX`sz;llgNgRlRmnF
z)d}W=Y=xoAt)eI;<YCQ&PHTs;ET(?i`UnD{jtT6nW2pVa3DO`TBZV=*?k#qlQz5AK
zGK0I%&ecpqI9kc;WADB4on1hmx^g<H{S;#gM!?Wg$g2x09B&JE<qHy9QzU0+FA%9g
zi!w4%qS>L*fN<o*ou6FWCF)*M(slt#OM^!x*K#bZI1{RBY_{QgqoO!u93@z3x+Ci&
zYA;f5D)&UAM9n5;<QvGa?9gFB0A?iN0=;gEk>-*oKYg96Z-?i`#p1y2W4RT}a#upD
zwx7?2ACn;MF+`hSIBNtn8t>t2zb%+A^zXO~X2^W<sD88`KB3sO^j#=%Xk<1(T6v=L
zXE80w0M9S(VURD3PZuRL#SwIttzmt7qDSi*R7y{Fp;;tzZ?BIgxmzawckzajV^-sq
zqRi^Gnw`SyL5>9&pv7#H`B;_&sx5@GE4@Wf`)6?ju)sB?Z71*{gx_rc(Y{*huU??+
z6<qr63Ur}$_f;#APVbWJeK>0y0(gu+EWZ06fTH;28T&4>Ro%hW5>VLYX4oB^WZA?(
zC<=4UgS9bFQf{hxqA9SYZj(qrmE4C_uRiS^92eYDyQp$btm(w3q3GZK@-+~L2MSfW
zQkCEx=WttDEr`sarpD5i3_P)dGPTIxqq-{2G3z-q{KiWBjNezbiA~!4>Q6);uw2t-
z4-xQ-#N-`DFntQNM5|~BxX6CT#jEQfZDw9y;c7n8y0n?xV_6pzWu(HZR|Av~AA}5?
z2w)>TRF7Pkr8%t%5*ZT?D1<!Xa{3IsB=}is)bfzuOI{X%JfK))Rs>=Hr_v|))oagZ
zE**>#T{@L*k1IW%fNyb5HCm^chi@k)yi%5P(Be1JUWGk$cIDAwte`lM8FddyhbGh)
zx1Zpc24KyNpx8w#29jUkrTsCC?UVb^`ix4rh(IW;B8@IS`O=dV#g<g;kHm*k?Prv6
z!(>P6*u4-R`esUARBK@e?zhIM?bc(dGvnQhucE@eC{R0{9Nr~oU-eUaHixJ_2b`I^
z1w*x$52AmMdKLwDI1a5@ChgwWNy&3)Y;NtCrO`}>*wPWj%>}N<B?!!+n<$QD@_6~f
zntCL^4HD&xsd{0OrN|^~QqO9=Z(x)DM4S5uQHV|mMZ|S?>pzWCk}>TRD5_mRtEN+&
zFl)4YSjrvAXE^~0h*>knYcJiI)@GOFYegTi>Q7Es^l1TEKul%T@Za!eWzU(^bdJg5
zLHEM~AVV9fAypKRrd;f>#RyuP5oHmx6Qvq#C6!>v4>+CUN<jZIxa>C?j*Dq9<KP;&
z?N?|-r*<J9bi1<rZVNiHZ5Y3Ao2YmAm9`m$669Q@B_Gov@Lp3>`Cd!*Q*6!l>xGZa
z3J(0O-zTg$A0+Q+8p0mKY%-k8AIW~&vl#Q@isUqQ0Zk=v6mPaOEJAJ3so4rjR-eMg
z#pMqj%6na#EC3+uu|Tw522|g_x|R55K`H`sq;hjXT{2Vhimfm`eDbqQ^X6?et<GSs
z$VjL4m|^D4tli;LnP^uNa^ik+7Hv&Cj+4s0czKqFmx=~WF=1Tvsv0nbGumP7Tydgi
zl^|D<=RtDoWpR3pfFA3Q2NYoh{y=CI`tywN=6TRUbIK+F88j?hgq_@cE^E15pd$$g
z8$tpL1-GCtnMzGDJwe)}b~bji0T^x^eOA&&t@tD`MHwL6#Ip_nsQ$<Z#YzIFTE{cu
zv`iEW>wE%ODVLpkZ`j!s62`1t?iN9Zz2cpZSni^l^zC)pci*G7_eT#sCOz^JoT@)U
zhjS#9%(6FYJF52&o~vn$MRD*x&1R4N(DSybVv|#(wgtZ>t=_Qju;Z&WYl}paP<X-;
zeH+Sl4@KTGZm;#iNhGcPGO0uVG^Ys)SLTXCZgF}w5G)wO-i@zlOX=N5q#~Az-&&=8
z=#NS>P<Z=dLurpJk=T#JdaqpXUAdPfLy&#y@3E_%xR9?i0$&2U-mY1<Q?<FRn+JbR
z0T{p5KfG>^&-U9juc%a>IlbyxqPhFNu;Q=6pvdjV+8sVFY;SuS=B=;7ad>X-mW7dO
z;Ms_U{_17>V8CV?C1E3n(nX43jxk`Osqh23{Nb{|wh)Zg(o!-vO+p>vSz<M%-t{Jw
zuuycSyUgB(XjCKgbL6pfbBg_4d_|KX4p5Ph(0X_dJgWoEI+Gu_;mlw`SX^J$!oc23
zAfLDCn{UfJKo1~ER6EzeCp57E?(i(Kn$6|$l1xvHb|;k#o)3oqBtoYnhY#8>a^&l?
z&coh4$cH}hvaxC+Q*QEj8(^x_-%;M?>7t`}DwM$1SaS|k|Ez=S7|R5ju)_sJM5#!>
zaw~`+JupXG;QOZoP>Sup6mrNEc_uBV<1&qg@Ap)C2wviF#Qy*Tqy`#)nb*B7{@rMB
zDgC+hFv0*1u{fl`ooC2eCRyY}32p3k)+<>Cs;}C-V$CjqA(864UbnB)y%Bj|?tVKf
zeqfsz_E#4WhItnt8bn1pEVDH15hv4REXW$kM@Yh@NbDj^C{&7Sm$5opjD2+(*gx)M
zvs2-FF#(po{(dbmYtFso$1`3#&kTWJ=Skv%_iP)A7eG6HpKF9I0hNGxap9l1iD~Ov
z#yXV8479pokaT@%uHz-L&tK0rpsw-qRAeqhPxno6r3KVtz686-Z|qprKZq2^^n4J+
zBzowsrAt3tB?jozK+Dxp6f#I_*rnH=6*`rzsud+b)R#cckATBO4>#AmSrSdZ%$zdH
z##Dtp)7UxS9SoPFy0&1>LC`G)rE$)YvMw$z$2yvZC0V_dBsx82qHIuNN+$6fcqm8_
z`2mRU#ag$$t{ylNgu?!XiZ&LSA{ph0_31s@>{mMAV^GiiK*u{{N*pougEfO$?;<g9
zeOS|<Q@p!XD`+OdQ3Zfy-Z-6Q2(aUEX|Xrd=)kUE+8V`^4Uh2S*C0pD4b4VIQlXOq
z`m9~jTHsBx*P-huSFlIU)7rn}9#t>C*@q3T`N{tXR9~D6>@8u9EJ{thO21DGzJs1d
z=x)AF&0&F<RSz!{cTa@vj^a3ZlKXLhUuAm3-jSF?hFb$jGmV?9&rr0jTN4H)BegL~
zJt$=8M1ifn7K{x(X&vp+VVF%fG8RHGqt20YoDp3J{pg;ur|;|+Y|rA7uoACg6k1YB
z4XXk59%C@sB5l7~P&#5=OIx9pmmsEm?|I6mw=x?=nmkS3Zy0RbnjZ83Q&t_<-JjF@
z`F3iZTT2cAlqfiwr;Z0K%o*~^7AjYhd!=-W3Ec-}8G<D)gv}B|W&*%xK<E3PF^f~;
zMf53~zQ$dgX-2Me6Z024RxMyi!sdeDFBn}<G#i;Cuun*eA8%lAWsev<@$kEG*v_;_
z4x9HldT~$9=zfN-?DR7*$!7g`C>L(7kkYs7yPGDxVm%9l&o7zko_cvncL?=JxEmJH
z+`wSpSq<lgdHOwnMbBT7oh0mc8-r!Je*}Xa0aqeD1*Zchhw%KLrjS7lY3_-a3HiK4
ziz8=gE6!wtw<#`_OfbE~c113j%-qBV<}&(GHe&tmVF=9SG`&q?>(ThD6J+S9*24H*
z*-0VTN0++dV9Kfk=kEPAOV|Dt{ZN-Jm?5E#F5#9D6WKUQkgX2RKLZgE(ojClha1M0
zc~B&5UO3i>Nj8$N@%)jby{NIGWhNLTK;g{Uaq}4&DP)<3h<b9b9Rn~Ax~ad9$xxRq
z8m?UPM~>j*uFZZ>MibPH^K$5uTt%CTj=1@D&InW?;=r0ZFAGb=Z9B6U8rE>h=Miv8
zvZ4kA0@zDz#jqPes|mfjO=DMS$uhx7AY65JvJ~frp7Qbv1c2tExpsgNSRKPVRh8eu
z#l#%(WdD?j=yyX*W0$(L(2n}#;x_NGpH)X4y==~@;ZRv_ri{vTXI)g9$63RW2B4no
zHl)JqzkrAK6(A)T6f|dV5G!H(N+EN1+JW!q$&DMA>x&L7>d*a@R!P)99uk(}k{NTt
z7Q)=HMmyOJwtS{2FI6f=vJ3}XRHkB{8e_cIR(d<y0Mpyhv_Jnv)v^a@Lx>t8n4-R$
zDYUHmykdIsk@UJwS+GuG>nBpioG<#a0E?;a0JUvoD*Z?9G)yI_mJx%~(ZPFikZdeg
zgjZDSYRT`6O#SM|JlE9b#lF-rB;`CukySRquyYZ{EvUWD6n1=v4c_sZAxpVyMxux_
z*ZLS!>D}&Jr0&XMz(6CyC>wCRG28eB4JNQVyzOXc{At@Y|I%UM{`RJ+1!=wbyjb*#
zyvD9Sv$dXZ4vM)>T{OLH%QBkd&WfamBF;PbdZ2#Kckmj?!Zb~&na?+vem9tBt(R;0
zw~O%~00Mn?5EMWX9(qZ#hX6`Lb26_p<oQ1Z>L2O2cO3VUAxgrmN7)Bjie*+3FKY+=
z#eeqCsKAz9U4U0tq#WRiOWCrE!!_MEfIODg_%w@o=KpfoG%nIbapZda$%lPWHiEj=
z*)*Rn9T`DH!&h2Q#p{>=Z2S6LQy^(NTen*E&$QCopEt_|#;UVdjV056t3W~vu3T%W
z6rQje^Em*(^zX7Q!UTW4^kPfrJn!BpIK8Y{^Dj1>pjkla*_F7GmRE&|#q1fzBr!y-
zJBUSp$gsw)D0sI7!LFT~?!joBqp*H#y_YnhF(zzvImt{Y*Wvw8mcNYW0qD9#In&Y*
z50_BI!230FG{P)v?+Zl)OG6jGXO?d6UpB(YbmOWQvZsK7K8VSgH?aWdT#zx>RFYs=
zG?g2T=W8x0GRF`k!06&<HhN(hz>z~#MgP$ep_vuBU@%;30`up-94Wl{2#}XgShg{R
zyC8P>&BtvQ!E|8suO0=Gi*)!KNM6y8(73}!yV+a;XHqrqB(C<Q468a|kCgPj%tulW
zl4i2!Hid9f3<5l5H#YRdWQYDhVe-&^v{kSLS5kYVEk~)n>tRh!#hweokm!#2a1X(q
zHy4LDgc44Aj-xrs6a$~jH3T>_(Is0j#(A(T?K!6ZDv@ur;^Z@*p?W7FiJ^$AY(?5n
z57UdtZ_Wx$a~l)SaQ3i~$~PmTDB(N+zPDa^qtdjpafS1~mAG~mKA_P&bL{|@q^fSS
zSV%A*seF~!d~m5t<1)A+FFr&jLOri#x+_B@SV3^kM6HUE3e9HNhl5mSreMcH$Kipv
z$*d-lQeRJw(YVnqy+clStQ+T#0XLh$BIc*Y<rYJUmHQ2#pwyeP$v|!SS(2d1s`&KE
zi<~rN{dkTs#rXJAbwxL&$dlV;+axQe{bMMOZZsoe#uXb7lM`&nNT|wM4#Zj@ePRt!
z!xbN^U^NgiOS#noLDmQlgm9e9!$7GeXSlU*k%HPXvOjDjSJDE*8x&rO#iBo=YD=rg
zkHN%K9!Q$%M=tM%6E{0G6N{(Km8e|Mkl~I3ZHQNPuCyN2u|x+`l}xDAg$8zke2?0(
zc5fCM^Uwris9VeA!QSpVWAC^U;?=BdWJ_rv-vvhxcA-*;;gce$tTY8~u{Qvp@)yZ6
zh049IoR{8bv{)2PJ$N49!nF>D;FzI&y491Fc#CE`SEHqqIY!;qw$g>S#Kv%zeuW9R
zR$&HDsB86NLm<u2O1dj&;{+qficDQX&)W*)ca9+`$dFJnewJ{nnR;UQTp%tHnVjrw
z*%gy@t{+1#ocA!#@;82GjNh~)wq^|8Jx6d%pyb0X+#a9m%d!$$NzOb+Txl7TN8kuP
z>7`80zI;Dop0<AN2;^2Uk=8?ZqMJi1(8?UyY&*BOy@n)pR4VY0H>}*^4M1`Tec6lR
z;g?-VRI2p2wxcOP#vR{m&gKWwgq#td_`wS09oOn9tY%)=jo2p9IJ)WESHHb^-o=|e
zvL{T|8C7n(_kw(vRL$0MRV%(X+l$TR1fRaXxUdXDds5H_ECxjhyfL1QiifE&EyybT
zd)o5Q46JTXzk}&lBA6U;h1jGO#U)4bW_Xfk5H#k2@xY-FhOMA21`j}KDNwcCtTdr%
z-=P%lIbrQ<H(<XWs)+WCv{O|mIm|5Hay7F#-IWKsgOJvFKDcT9QJtw;k%}+hk%^P#
zlh7L|FUi{Npd3|3!_dHI8bh=M$RVeD`@~6bwT2`|1Jn_-qy}le>SSp|@K|mtQ*|xS
zNLIK3=SSa|0?hfW5jpq0Hx&om5Z~TJR|FKBzDbKU_lFl8{Fb=_gxcrS&5szYM>po$
zz7xDPhRuj#Xi^m<U@!7$)LG$B1eD_vZ7jIeZJe18px=-4Skc1F?F;E&mq<Sp?Jc&v
zXtdvths+4l`)bOyj@6%^>{UQ(o0TnuU);wmC26^a)=WCUM07(!TUYUIaviZDKm-eH
z0W^B3I(|oAnk0g?9^zi3rJetd5BmrS`X1a=EkHCiCBpCl5=7ZBfaR8-ikZsyz3W+r
zzLj2<QwNVhZ^TI2#~uVMU~`*0Va}5-79RGch@Nn(qs&<#0wZbez<Ouf98dO(|Hd#?
ztH~=tNaKSWy8{1$_&XcAy`6v}3e%mVOSxI`#s<K!T{SQve;?<UA_zy<UXxCgMMCc}
z)!Ia~>?|p$bbIOzF_%%!!IG<%601%AMp^dpe))=hLH(L=xh$?mywgODA2Y$$0<MJm
z2esYRGNQh~f^I!O-(~v!t>T>@euA6f#%;szSF?pS48no|`XSL(Xm0d7sA=w8DmIQV
zs8?~WbTUU0b$l+mM+RiA$R9+a!T<tHeIR=Cjz>C~2udYBQCPgRAy+1?yd<%T`a!*I
ze}v{yLK%U%!Y{#GV8tuEu3C44__208BOmCo7EET4c&I@};%_9Wc9BYGx2`?W0lous
zq6vFt_K#<Ul-M0F%L7=`cm&TFWSND=a=Dh~8fp}H+Yn7-(Y+u*p;d&5-Kv2G&#~^y
zk|6t(jgeoKklE}9Dradd-8SzAweJa{-zfh9gYCxhPW<ugfm)mKtpCi#fWaj9%jb{z
z-Kbbuo0~g(@9v=e(eTFR^uZaw*K*OfF%0fa%W#tqc6#E(Vf=Q(WJoA~HB$$i%Gt6u
z=@)dZmwM6N91_o+qPrH~tqIBh1tN)uGSQ2|W|}w31|m<~q;A&i`a8p7B?gcq#rVYH
zVQVP1OWXJ>2g!X<TpHt%61w`o|EVdv`x^`TSsFCy2=6$y2%4oRa}g@wuhA$TSMz(#
zcs}PE_fTtzUKwF8Pj6|;UmJo&vR4HrzrR-o;7V1=%b0uub+&LaK<6+C+~DvgXJ*as
zIIMEc3yrZce1QTWGYitt4)eH1v|6#u3AudRL}lsdO3D4V4bR(}Gmpim9af|KGPCbb
zSb4OG3ZWS|ZCOLdBQ=-Jy4vcM=&1$dq2sW{SY(L=tSc#|Ym<UR?S{eX&TGv-_-oVZ
zJecBr31njC5PL-{Ejp|<AzAzgtnV2HdV2>jks;i+5dC>?vm?~~DKf^>q&xGWOfBlw
z^{0h-n&f}JC=-;&QxYSBltvL{5XN!J!t5A}uKMy4WLUygI<;3~Wvz4S_gtVUbXh`W
zAJD<;&#vkCp%O&ENs^m+Bs+I$i6QJtD5<vV#Ap>*LSHTj-B>y^nHoj`lFF$7s!9RP
zcG#(=kH*N@S_}&^j4yh-%u)>k3M)orwtUZo6VDLve#*HKF35)y3rg++o)g1d8eM}r
zBx#489<NK~j9r>C!)f}nf?JEH#<a8wUe&<a#-?&uB#G|W)x$MIEqW}`{NbG+=+;h_
zUd4!HwbIn+dM6gHluF;g;fh-goWJ;pm7=31C)~LD>YWgz6Qr@1Vo}uXDZ8;$xT(u=
zHUFw;>Fkx(?x7p>vQ(`N4<zy_2htrZVNY0OK%}_LvWWbl?G^+F@<-DP!;NGoOpBDY
zgn1w%?XOb^asvJpX-d}9AF!rRe4v*r86B0R(i1_^1P7hrpOS&{J!%x1eowFd1pUGM
zhwPK1p#fgtAuOAmmZ7z~ZJZ-z^7jqo)4db+KK|mtL4F|<^JTm5rtnMXi$pvhEBJ^#
zlz>$6aF)Kju38MeX%dz73Gu~eR3TbM`k@0o{C<&)$|wXc;8imuDC}6#a4~-YfO8xQ
z^i+{;3H-|W35W6p3<}GOiSi1$P{4oU^n5aU!`A@F>lfVnr}whjC2pjJvpGFO7%6=@
zZF8TGkmgPfP&0&y-AKeNT62DC+7j{hH;QL8(c<mTqezr!QV{9hUmg-q`7fPndg#%6
zPIBUQ*WeXKE+r-$I#iOckC~sb`j{=IaDB2MqFg9qlYW(1EY;uU%pA=ol<tilQ4!}j
z%Yl~)E+Q9)Z`BUnstT>SiAXm}@%yB#OzIM_-&}d!06^PJ=2r}Xhee0}Nfp-S(;ea9
z55X^aLpY~8C0eU2@|(oZE%naK+X*RIa7k<emD5x_c9UiQ%|M{#ra6o#k6QHrq3jfw
zF(~4oXMcSHcXZIcERDXJ0^)`}!4|fb*-NqJLS0(&x*`c)PTp?P#BzFX7fhN#_E1=;
zJAum72S!CErz_mUtuvqv^?L?e_XF-19(&zlJqOwe#4)v+NWcLcgb2WzMq*LUU(<wx
zkh@iFACsCW6id_oK9V!`!6)w)d+mI}%WTt?lqmF6T_yrA{V9gkF*qG6b)o_sd&?pD
zdQG2Y)Ae5+Inmk}#2G{+)$V78>_{%8@*RdH2pF3M$4>AydV#w!1$P8YoP~p*oJ7#9
zQO|+u>!yCl)hzd*PhZ*FJ9k-{Su${#ev6aygEvl&8@<%9hy$%aY&nD{dr_yR`NLhq
zt8j6#quS2VzJDt2NqS0gq|QAq`x3e7KM);By)yluS&G!%#`>yzrd|3OYqi5HUy%>3
zaTM%v$R#qSESV)qb;TsB-@jqJs#RoCzVKw8AHh+GW6u4YY=iI?T-KNrEcBlfk(w_f
zCBRCu5ks1wsv#C8Q+NUI1SA@&+H_jjhmTym)l=ZRD@`gHV|ulO&bP1j<7*mB5zv_*
zg{4%(!Q_J?3XyP<>Uc0?TksU+#1I%X_6Y@!K>`+`R~24=UDWw7MlFXR{Dopb(&V>;
zC7c`_Td=iJ*cDueRlvsBZ71mDBeQX1MofXyJ-QHTr)b}LZ+1D%J~5@YE>a%SUg&38
zoOkBqc27QJ%oe3ZP#tO@Me=Erx2_ckgfYoMi$o<XKJ<v#e7%OzFF873(_-MG+)<Jj
zO@MoGr!n0`0t|EnMFzL25CMi1)kS}~WIC{W=F5=ve3=mx?68B7eSJDRR0W@O>j3j1
z7m`HM*^uJLWE@gd$BPF-Tjvu!rww3iL=zRoV7X6$+Xj4mYnov%x&K~8SZ+|Q9?vfB
zMN~A%P=QY!-CK6u(7R0n@YV+)3R2urVSRLpfa1ZTkVD&SGcW=kxq9Q}r`({f*5LG;
z*6yC}?K_jR=)WTN-?X3ln4h?7dnKd4I>MAcz7sFu6lH^Nb^!zL|2)fjBY*2~Dra-O
zh2tC#WVdD__JCvT-cTmh&z`FC^0ph4AK;$W)V|>}rJ3zFt^Thw`4DHH+ubiIBhsTI
z-Rxyp&LH+4R)@GxG_EcGI(>x?v<RB&>Y~Mt7`_N6@kS@q<TuuYNq!33Y+fr8wrYZz
z`XDd^nU@1A&a@?X$yW`Ma8eWO-B7bKaas!!z$Nw)-QY~~3QfWCQ_M|`5`>qa3UPVN
z30-odXph$8%IHg{pII4P&TG0(mUC&lxPu26eT>0x5y1&e;)$?FDIlm!v0dQavo{<P
z_w?^pv-PI+<6=^)fl&P8MsJV5#?mvi#obgBEie^`Jq~c`TyMdkAe-9ZN%|R9N#M8W
zq?%^+1lEVgs?{_#0aP_nEudE?$*txO1BqYBJ9vGN`Ge;mnt}_PoJE@qxL>qnmJ6#U
ztUG}k<ST26V6_JBZR1vhl~0!?vT|bfQU=Yc`<|0CD`ZgxWyc%FNc~FFKi<bKRfMT0
zzfP-&p?)d<HO9>${{jCRWW5oUmi7(x3>#c+d64=~8GZfbeAs)voALf;#QB{b<$e7B
z%fGl&BPfLmB$cy3Pmv%|#wuGOQ5K{K28Kqq<_`6hmTPT6Eab^4B$YQQJnDL$_jmU{
zodH=uby}jY`2$5=g;)ZP!H0mQ!acWH84{HKxIrOX5=xX0KDA#vJ`V3zBl9yl+_`Ki
z(6gorX_w7bjmp<@fCwcy_J_cffTuV+3hZZT=|W9!XfYK(u#m3Utd(2#M7cd&JWu0C
zMwR3o*73*>9Q-U=ym})`-B$e?tV+F4kwG4ZQ!L*N5xusbRuSU*7}9U%><88jZCygE
zT1*V`=r@_$5n$3Dpaswr#Fd-PSxY>pnyEVdh;R@3$fZ=3(|8au8#8OB=Oy15T`1>=
zy#<!Jqlr$gLfhcK&iiypx2ug7_v5q>w)es|wHcmAcxf>N<4xISmYKwkRH-^Ea!_25
zBONMOk%J$En^aXYz8AI>Qs!?Et_RP%%Nnorqo@u0DXA&x&;4XyQn7b+_vXby2Z=K?
z<rnH{R^WVF3f6foIP<*TA13OxmvoAGSau4JIP>GX(z^CXQu+Hv3G+ZYVA8-E)cTXl
zDcu&Q^uQ<1@wzSmaPAW!H1QXWgsFmrKHnUTByr-~fju#q3TXxFbmP`P1@c(a59o)t
z7{U3T>rr;tCVYC5j{+m>&nM3YeiMHGu{QuNS&5ib@u`w4Idn6xFObKROxq{!wVa)O
zSk+Dx3BoNl0!gjBAa&SV*y`c}Z%d?X<{ke`j!Oxu_h-U$U-fC@$_R$4d4Jn5M0a4M
z=VelPoT{7MKbNo`e4!g!uNTn?kt2s$S>Sv-$!33GhG=3A1@}zJ0jOi*dgJP#45m;<
zJWMdYChY&ry8~9>GbuAib{#_56d4D06P5xRA;FL2wM3Dom-w7%KIb}U1_yNIDtm1g
zRL4sU#{?>504y#2^2-!vf8Q3~6+4dG>N6+r$~8_5MJe62?PNS&@ei+wMRvWEmaK=P
zsj1wv_DOIAipnkG$Ob6MmGK#_e+7NPa`@4<HADn?p|kzs#3HVJ-|xMh*KMtSg@bUW
z2x2de+o2)>Z=W^DN@<*^s@IdM&W8)Z!G$lgwdf9VR0ED_Jx0NTnbOM!mCo_9Hfio^
z$;OMK(vmg<Y9&u<=uh#5p2v1(lnI%P7vzd#vdTdV8r^^P68P(D;EBnK^^@@+b6=kt
zbfDj+zgD1YQdl8i70D!!E9a3gp$iq_dWS6q`orBj+I0B58aY=(2ICpgoJ+rJpw?_U
z;vPwuRo7UZ(rZ@!<gp?^UfteNL9MI9cSLx9*^RUelQ2v~;{SMZs2ut;(XS{J!#Ewo
z?qixy?bS&*Q^`V?_=$9@{-fJk&pHNv(3CsQ*#-!iACOekwFKLm`0jkVTT?NN%Erla
z)i)7}#$c89Q^)SO8`U4F3jCp}gl84_m0nx}6Y`O05}9ja=EzAOfNQh?jYHJ=o>h5G
z>kysq>z$V=+RtwKZWmQ%3RuOopJV;ZuQlA{)Lopyx?gf`-5Z8w?LMVi=7`!V3Uw*9
zMR4N8PxWoq1RL*7WeC4GK$#=aU>IsrC9=<HESaG9ir#GV6bzp@5Xr??S*=PyB0tZE
zsOY;{(31e9DR`031t&EEEwRKlvNXO{4Ir`5h)Y!KJZnsNv&P$F_Dj)s8dEQ9b@ST6
zVR0vbDGGJQ_P}eecfu^eOKL4b5w-2~K|LykzdDKlwVE*T3oAvbI0q+eDKt1R&!T($
zCQidt!2eslr=h7h+i57+p#ELI+)|~R5psY^7K5nBZyk}PN0l(s-(4m+U+ei@hy+gC
zjHp1Ah&smYDW7leJ(CDaGWZy3(=WCKkul^X_Q5+GGD_*hq?>if2)I9Vg&O%`4ExEt
zg*WaoKdQv9YJ^jDiXD%~?{15)g7VYShHc%so-U*LbS8g8L6hKrzOi+N@aN&GY(=rs
zsMu?#fkwC%{o+RH)C_u2w?APf7pU%KMeE?0LiU2_^&vqYJ}BW%C@i$t8+A;c==C+D
zcO1F&X8EqUEi*0avM>)-he!^V(4U5V<dF!L8E6jH2}raVw^g#78te$EhPdGkPC-(S
z-CU$ydKOig#EIUmX#}Td1mPVeJVA+sEE&favtd!d(JCUbUF@hM=d6Ut4vnt@ilHn>
zzim+L%B4{xf5dvJ-XxC}b~~S^c+?QA{0Kisk7u@K<#=515kIgobvlke+HlDnv@!Fv
z`h1UQy3zves^~^s0(z)@P+41{N3x@s*8u;-FczTDT9M?KBQg_Qyd`8?KQWj6a+;}U
zm##EHfI(5T&VedRX`Y@#&er@Ij!SV5T*%&y1hCK=_t8#;weeu=0{ktqh2jMhY|0ch
zC1TGZabdjCiR`Dpv;yIHNuH)&HW%^!MJ7#HfB&8ez+N}jY|@CxmTbX)ej^nM(m1!L
z5q4-9?4lycN5_b#Z=a8y*0>>9W{0@3^s&_^%IS(X-W4!~+C{VFSLGi!`YbI~Wch*?
z{9dohOX2`$x(fGf_-#bo>+!cTQ5zBPSzb!}!eldNmy4HZ$pN{G1^RZ>>bim=L%r<x
z+!`08A{p8?@H8f4hcSwU>)hp{;QCKF>E#v40K6hb9bpNun)6v#6b9SgHo?F(aISpF
z6!>;`s}3`Ea?P$EVd$0lJsU<nUfuF&4cYW27eM5W!}Q%V#A+V?_~_EWy!&sE(M(^V
zLje>V(RAvQ$5LM*{6wnJ==k088ey;!Hi(|;)Cpsz98lCa(85%p<V0V8kxU~Y$9Wyz
z;d?Xk+=~S4ZCmM?IslhUY}94EmkX3iI`7IgL0f>sgKIOd+8;SywTTmSsj<?d00;mX
zUyizMILcyuXW+<*9%3yV-lZLFLj;UfzeJ?uH>3sTqXx>t#+EJ}a>UE`yHj4ImMXZ9
zHkeT*C?4g@E(*yHd#CINSW9-1$wG=}`0lW9q}RW$2nd1fnOGW)@${5&kb<cvUHAIl
zVY>f5*NcK^v8i0%;79%dlD$X{j{XiCX#0WZR<6PqBcVpSwzdr`mz8SO41zR&8hz7E
z=R;5{^gjO6T3Z*xedv$FoAheGSNd&e_A-XcOjNpkJI&p&-Gm(@>2yx0^4+W`RbyE9
zB?V&a^xQi|(0mdCZqF_kYyD(%aK&;<jgk?5IDaY%`(d1@#_D;X_Yi1@E1si@`a}TI
zVbJ-FQ7<P>oAZ>fSPr4e=~k=|vU~kpb}5`c6?FW%O05*4VnV(1DE6S-QIa&UdGz1v
z2f_-%mygHxz`GK`v|-C8%_rmKOn}?`k@b<EUOxe?JI4J6t>hVpvsBYH^{XrZC2rg7
zsZ{FF-GM_-syo60K1iH4=~0Do*w}T+cImlKpwwIYE~$Uh4`go!?X-l|cKJ*o&Iu*l
zmO%x_MFQXVn%?;b-o)BGFLbfZMfHTP0+Jy?iI*y&ZbA28;yV^jyJnF+GhesUC*&|@
zC8`J2q`L(Tw846TH9<Kq4dKM6Z+)_YN3noqjd_#Ka#sQMtMHUgt`WCLi2j;J=x@=6
zX#j9MjKqm3@1Am=V7NH*e9}9N;vOmob2CH8mGN}&=NbHw&;dG?4Oh22@vGLaw1}%-
zTeF@P*sx*<9weR&y#9-NWWF&V6F56~9DCjj`H(EpS^Tf(cSw*HYasr^s;V`!(DAO@
zZRd-~qN#VCkD*o<+^SNegE5{in=l}JxpV!009in$zYI9nR=H6|oa@)r;b|Og{4+0T
zF0`FAUA~^3Sh360@V4p~pX4HBh}76hC|dV#C3BYiLjQUbV_$?3Ue@Ka-~f|AHBCH?
zddw%*Q(p%pJ!LPy)sMO!`D8wZGtgu{1O8;bT^};v0GapR)jQeu-lAVTxqJrN(<5H^
zbrC5GXSWXJwzFr5#0{~oTpl`bcK(ADrNS#i46~<#a^W@6hNFfI%V)FBjBqTR%V)a|
zjBrgn!)FY;Mws{)n56@`(S{NWxEC%F&Wv#IeokC)aIQ*BWTeJF87Xil%#>IrN=(CX
z_Wu<fFs8!Mc6ZHDa@)fbX-FI~M3kp(t`~g~_AEq_keG&+=_t~%eFn&#S)T(M{h|p8
zzcnJx#Yb^v!$HL}JD1Hyst*|#ZCI-L+P*y=?@r%QRgmJ3da_=c>7U+YZ{G)gxegy@
zeUMZtr}?QyeahA&A1UDdt>N4rhG%lx5iM0MRAg0^!R>dnCK@?1;Q&gQQR*{s^wA0A
zX|Q&_*t1EeF>V=Hx;Cs=3|O8jjvWA+o_DR?oC)f*8~jc`kKtJ20Q9I?mDx_tbjR+D
zk$Bmmdp|v<<+sLDe#05WGTPLR_2G4vn8keI^#%Q8+T70HJ6TlY*0Y5<`(Cs07<;)d
zGG5)_fH>7P^y53JrSf2<SPL`RYMR@;HvFR5@TTrqV71Tj@ucWrJP2G9`z6)k%eOcB
zsgY~8xXs^B7*2O=7?GC%fklY-Bi-fPW(r-=H*B~(chvFL7(CAJvg9ElUeTF>$S$3^
z*=e?>aQ(6U2T7B#l0x!LN*Kl%JquuPCZp&||Jdh_hk`1sNequzqQOE%2WiN8`1qYl
zF}rt4b<V7@<6exu#X+^?bgwsUs)-SzCW0yqD^p+v#dd2t!>jC!fiZdZMH(PIj7hp}
z`N{=50M}zXF|+qqabW_?wU|Xn7aSDn13wgOy#}%F1MMh-Znu%xJ;3AGk`aT{8lteW
z)2NSTVJ=1@uqR}nDPV?@w_<%3cVq0g%=TYz^mSBSKj*<Xp!|F+13CAi0`{tC7>RVC
zXjYzM+Uk_Sr=-uFWOM$!?9Z>YPx+tMfwSvJ`l%WB<(cxQhv9e57QeLTo1-&*xu1>K
z%9Fo|3=1trUuZKyM3rB5kOrZtGO#gjlpLZcKP%dhf`{#Vj%3RQU!vLoOE4ojHVrd)
z(rMaiHs*fx3vkXbM;fMjKKus5m&?(B1qgOv>qM4=5N6wT|0!wrSU9c3i_(@RpUlW7
zWmse67}S)ibDD)GXA@=o)fm^^j?(YD8<FZt>Ryj>-~x6ITZp#~QE*7gF!kY11`^Y>
zP9YK@;&eJJgFXWu`4N|Gkgy5#N&$6cOrt9y6*XE68uRfa?0p9*G1A3ao(Tb@@>kjk
zH|AKGtX8EIR@D_HdQz!cNz06+hti$%^-M3{+P`EuRZ5ELE6h)BWMLY=^eprUWfdo7
zE|?)gN4OX>G%n;I;1+Ye!w{>}Et;Um&;e=%S3DhJ2LoxHcCo+j8^huG32OuXLg$-Y
zMFGp7$ltYqR)1fep9j?uZNccljr!BAYCf&?*3#Dr9h0J#;J385m90XG3IA~xe#iHN
zJ8A8}HzvB{>hiG&LqSCBsOuhR(%v0S$zE}g?9DGQJG_4SMNQdM!&Y#}?>TYlLiv^P
z71=&LrLqXt^Kq+oFvC7;C+EC}5Azl6ug?=)tGx;AIuol&5HJ%6-LcWBr!<DbI(&hJ
zMB0XK6-8eIS!2BkQ%+8am5-^AuIpfsGYeU9^^X1bmv8Lw)3Kt?`u|0?Jw#^$AV30+
zZQHhO+qP}n{Nr@cv2EM7Z95$s`{wQJW%gS4y43dyl3d#qK9qDB0itE4bF(~<a<)s*
zqLS=7dL!!+{UcI`O!}_{c{3?Qd=&#Gx)p}<6x&Cq!&wA4-NVA@#a|nVP%Kg(lTHNL
z7RV4}8czm?)R3{;+{;3I*Ad>c%|<XHr3dN|Q?RwO%dNG&UNTE-KsW$RS8D}3^XNEa
zp8l8MyPef#D8@~~CiiDVQ`mp`16uXUa~j70WNw36yS`$rrVeDET$YQ^`}ji0=CZB{
z(@=w2k81Q^5|OjJ(YVx>^QTsuzZRTh-fUrD$%wrX!SXh_JF2C;aBk~yyeGTxd{--k
z%ePS(Q8yZIDruIjX9Yf6*r}Zpve(%FxpcXitAUh;RPC|65eH$yPo>xB7^$jA9*VXj
z@;+A9^Ah1yZ_TDjv)M@^x$iO#IHLN{*<t&O;mj2%Nz_bR(j(8<?dkY&C#ftS$?J{^
z^*^zTo+AB1e|v$BR<#9xiRulTsPkZ)VqCn#c7aQthVAGR0lROCw5#hY)P`-HMiw_4
z-=|T(2dk%1Hm(KSZ@DLnLQYZEkC~;c`g}-`lhk(OB#2B(K_#hfzvx=5*kvK6wZnEB
zBdM0uHTojQ6cFbj7<dEOHeCtXa_D5U*tAE$jwY-Nu%^TotS`&{VRVx_Qs$NxIM#(w
zEDL!R&i=P-8Z%8K&FK2nIrrWw%LiJ;tx5=nx#si=OsWp9of2abMp4cZ`{A>&>kHOA
zpKaisOpTXDLnCT48fLNIQ)tHz)~EiBIJR`Tx*3sm&LfLVw0)+1bvFN%$r|9??%`$R
zFoqG*R&TTFu!sWc_$Ro)mfS_$AOk8rf-Pi1PjpabhwA4c=F|7=PIjp#@FNcS`Oew_
zOJ4gTd-pHYI92Tuy;BS|L_MAlk$kDVGID0LN!$yR1iyIJjcZZ5kMPeVR8J8FeX+Iv
zH>eCdaJNTnO{QkDIc>6%ygd3<AFa1~!=OI@qCeACWwOngA3NC%`!f?<9@sK}jwZjJ
zx9`r6dQ;}iSFNZY+XIVX%Pu+F1R72W);c^|b@*SDza|u`ws};8uq2ac*3r=#6+q<P
z<I1k}V+Zeqq3I*8J`0`5ZL52^6`r80=|kNVzkQLu@)35NHIygDv#3CW0)(c$%z1As
z)RtDv0#ZJE3pFL41AxCdK??B+<lKSZR6Ob?Jb2_hhzLt)I;whXWIBH(F=1h;RT`Rz
zopla({bEbk&m#(elbAQ5qnGbqBAz#_y^n$987mjC>=R@4AGK-{hpi%Rk|a-<Y;+`o
zV>OW`pvaTNXaHm)+GO`Iq}=OL;y~_d3j@vopFI?IF&hC+l?N;dN|*A3Xu0DHPl?<Y
zI8EipOsl1J1|^^_IFttA10=ymm?&c78Cq15;J<b^e`@?2TYl3UTK<dzyo6;h6}<^8
z&q?mLc1bOFkoC9RsaIx0sO_qLMrlr&Gf-mD#j|Bl`(s-#{t0wHFE*5eN1~YBFC>hu
zy$!fieyFQzf2oGzUgW8=!kdmi%AcgmnNf1p{*(Fld{YAx@NjUmD-ig4P_x;BUX?7b
zw6i7vIRfcdmGpQ>PrJG@n%ZurxY9*(Q0#Bo2;IGZGW}>Fj>zusAnV-scr9hg*}Jlw
zuGg<gxJ!_$Ghy`+OkV9Y$^5M{EYz`Lsp5NzMn7u};Q1>Z0_-1)c$#w_Z{5Ig;XvU?
z5*m`|HX}EM>oX-q@?bwo6Y;St12#P+ppu|*NNf0`W>`4j=^kI;;ctb*etzVffg4x@
zS6R*)q<M@V<ovCJkkV9$Op^%)`BIk&qN83LS(=k^spn;-t9sZ}K2N(r0tcPL%Ifhu
zc!!rEcBHi3;Nx3iFYON+amFH<QH{UR3~K6CvZ-?)rZG*Xs>Y)Yx%ld+T~SpiQllo=
zB)d7<J(@m2g6~BU^JMnWkUK%buU-6_J3(@jb19blF=v+4nzx5#4``BFQs&mcY~I9T
zKV89=a-`^ZG$FDVFzdpW{#O`ZgrnL`7ehWpPmLyQuM7#~%z+LNDPj-|{F+{pHp&58
zjV6@?q0InW{kBBW>QT)ZSN+WZ)A)RkTPWoUPEB1IAhBHp_(D8aQg%g{vBN_?uZz$!
z0+9jqckgaqjRfOz_iPz1SXf0bq8f!-LXvH^qdSeeA{lrGDFP*`0){+DO`Tu359Ys2
z!u~~Z%PnxIHqQ*LIs#gqU!J22?dMNUK!qv3pMMmFwhQ*)(tJtHR*nY+2}WRNyW?X?
z+ZPXTA;`3Og>^Zp6OsN=A%IENLXwgri1ABE-XfCMi5TS(p!M)RzZVUj4+Md5`K0#8
zL$0-hW?F8X0P(wo%x?wOk{j*?c=KPGTwqfXPQw=ou8{M}Qfl=`vt*F{fvnpj%i#LV
zG<v>X`D^qnz+RneVVC5GXAp36w9V|p?{drdi#65py4bQ)y*)FKG$F{;q`Q1?y>rPn
z5R#;M*%cn&Ctm()`ZgurGwsC^<+m&Fc3B0_c+M;b9(dn!2q8WTxLo(FjUcYrvQ*eS
z9ja@|iP#&N;C}*KC6}KGu~m8vt#{pe;v3_5p72gga;GNOiTVk(iMKo0A-kF#+<8mu
zHUHrPQ8IG;(X25Cj5&7@?ZunA1owNPOkEg#A4c;Q>$rJf<IDq4C;Nb&36tgFZo5Z_
zwT2^nx4Lh04zHLhXVQOnK$nFDo-eG4s0|FWI*Us2Nk<0BVPteHqYo2~-F0(~yJm1|
zZ5;vHZ$^J|;-I68lc<T!VxMrb#-s(*87MdA&XzUxrz~GEZtR7<f<<-N9AGKZ|IM>@
z`1Q;kKitgT^%YO0Cj!u)fKH1AZ8K1RLbCgQ7^iYJ)$02Mvwovz19`H3^WF~$1D#GB
zGtSb}ZVFKd@5P(m5&xhChW6jb^>ieNtXfq&RJ=9VEufBn{h(2TKA8o*R3DfHMOcDl
zc=Dt6WSr03u`b|R8lsMWfw9!d3LpSYe<s2s<kcA%A~yM`1$k@Cn~(l@xVs}q=GYBP
z9+d?Fo(`SB{urVkeVscC&oUogVoGoeE|0yFz_r~Ft8iCY$<XqEkR0ou{Si1%HWRN@
zXw^c7j^cG_%W^1-)G12xAP8YE97Q7Bt^MYX04FK*;pJhthXaRW{bW_bYew1?8{*O^
zFLgCgtL}bweI2m2AI8@nP-dvKJIl-ov@v~&{ObHGa-3v>K>+ubz;@gu{uLSgPGbmG
zJ`47Mm@qcG%9#1Zb&!L4*XP)(y83ZU`jztzRaWi(nbEkaADSbAMe)EE&eZ>iTO^Nq
z*Y_;<lQ5S)E&r3S_vhCX<i|6?7vzV~%O2!s%o611l>teMLb9FoNApvlK%3&0tm0Cn
zizouVarWERdPsB|QC5dMOID+}4qKkpU>LIatL3)@T43gaf9^_ei`4z6=T$2-;UV5d
z>d;`dDz)o_K3bx;ST{3vBGIQrkZFnP(r-fM4&E9pSmu1do3hEAJPB8))NDdSrnkdX
zOryD4N(XSG0h_BJ6y*`pUB14#q^<DpSLP3HgHGHy2y5OGXO)?H2PySbxu#6)v~t&P
ze<e#l=O^e=-V@}iLnx0T%kk!*w-Vo)7}aeORRi+&Xf<8<XJ;ZaZD6$JVMuDaDW2EA
z4?~`^D^8#bRA|dM^ot`oY5YxP-3Y^WPq^CPr!2^~5PGN?aeblO_~hrSMl*2~XN1r{
zha=~>i+(1hBd`X}neGly@0sA$=@sSa*Z}UZoko|)J;5)Bdy{K{48~0V!x76?#d@|q
z3_`1s-G}TkTyTN@+-2SFv)DbFOPPsu#-Cy-2k`SLYKS$kaCx&HSF@f`XSrGqJdF4q
zN9_q$4K+4WT8Szp0dRVi<j3byl8Fe6D~L0AQAdJHD?}KvykaTD+8M_VnFNwF$6M{*
znR4Erva2P3P-4kN1PtR+@F>7Vb-b_XUX>>i(wLtB=Kv<p>Zle9^Ema2v8F)IzK(--
zWB+U4ps06E9ITXgX7D9YQE{=Z(@d8;uDgUcHErXJ)!<-8$9~3(@0!1*HvN^a&b{sn
zCj)K6OU2nh9Cbc%qqR;Za;CJf1B~-oE=#JIgEjRHBBaNQlUbxCqAqc7?>CEsG{Z_&
zoCUF+{^NDzl&LhsduNcT2#}Vlq%ZH-uQ^%s2-91N?nP8&tCNrxS5`ptId~?S+@#|d
z#kRu@{bRUsv!$S3a#M_JeRuLBdQd(aFl&HAjF3xPH(C&bu!Hr4a9EGP=fT5RlV;tn
zp25%COxEvj0?$QV+B7Yg0>#yY*?0YOmfY%WuRzj-k1k+^D$&@lufcFWyF@6|O?1c!
z98q0LruAi?;1>P?wA(>d$_@zXn5AfBM$WLkC4spDQsi`{i+WJZo#-nW{zN>HZgfV;
z?7A9{S={dza~F~<!}M*X<h^jNt{L`8S$p*)OOtR{PdnSzL>F}{b6q1)qR+dPJ=H5m
zrkg+jmt}-Naln6ub%da8&JtyhbA&*#VGPxK&=SDEI%g@8Rf<w~@GeJgAjrtT3SE70
z<~fN>5xf#W5xl~_E^U-EzC>0(_@4%=Mz2*2U-h%5dgXNcH>iGIa~&SveDZsLmZH=l
z`P-O7;b+T0FqaZ)Nu<+>t}rsdy-ccywG6k0jA-3MlPP%&$?*=c9h6?w=5s4bO{o3a
zD`Z*1ItL{i&v)!TVi#c3uKdb3H)`wa6#D>jIo!Vl0zd}JL5H2ToDL(fTKjx57XTBN
z)|Ll8zaN}Eoq~sTJK@oXUO3?}^#PTsnI>N3q2t&6Q#m~DT1KrXW>b@?RIZK1mneY2
zVVwrw<RzMoI}>~p3qn|z?;Ve+$uJoY_$-%ijcxYdh~DA?y#|ql=+qw&k*GSubd%3h
zL-rXr$UUajudXfO{FQGJl{xp=Ms>YA(Ax68PNQ~@Y?2Y?ELKXw!re||J6x}mtUFq3
zYLU8bguccCmp`zAx><kvlsmjJ{a_sw6h!rV)$4j-dm(DX<xnzX{!%w%HayK641ZXj
zI)rV;_|<WEGT!ZaCjG0ZU~z9DiQmkMdR^8SZeG)K?%PD7{5T=0Y2wM}bc;UZ{Q`62
z@L7UdxXkCw3@M-Lr)QUg+pkL6^V2nxKfx<0577h%RFhzz63cki)Ftr-0~3l*Sc6}<
z|NfW{(?l%ZLAit=$GipCT*an^?KsL(q-rUiXFiB%KuqaK%f6~h|DmBmB?aM1ACLYD
zE+B<@2P&D-MrHzjCC@%(4VBx?z>Fg~DBf`y^46AVUs!!vMW7^TrV6B69&GYWo~J*4
zsFqcBY)GW(DdAHcV{q~yNmp#7r?)1bM2_*a?qzl!S%=kbyo_%EQIWJBfx!_#Np}Jc
zUWCvf_YlwsB`tMZK?3c*UHpr1w`oen({<Jevt`@>+&^_fuBDMrRdHP{oAtSN>I9Bi
zrR_P+KO(!Fz2%^K`UIY7H&+_?OuDb>LkpvOXD|eg8v`J(CRSJHF;==5#m!j4M+Q9D
z=%RCX`MC!uuxO}Pr?BSSR5!=eBOk?^V;3YZi%-gAM6vi$*7%rd#a@pEo)hNI{5~BC
z=JKiNH*)#mnA(Sm6NtX-gN`8UUh1=GTjtMR*iMr#aNPw{3zq=L{A7L!=iiCT6bxpo
zeATkkKNmkAEHRB{)VNIB`J1h-pabShF063Mwdn%5L2&iwW?J?HKIgNSLxXsB6?S$i
za*m<>UF&AKXEI^C_uOCQuwhHwJ2D(Z_gwxU{%HhpEsnhHz9o<X35k2v0Y=IogjN2A
zlGtQpzu)+~Fx^;C1eExY+OXB+r+YKaE%@J|w7HJ1H6n!Y`ESIN#N5kO9mKi0;{lEz
z#3T4|?vh#2y}8juYev7W*mosIZ}cnD(x`mZ8kr`iUzT%P@`=JPIy3PmAh{4HWmy*~
z8a7ELIYq9a?lzNu&yYaY?fWp?^gd!_C7GBMfqu^xHlX^w6r2M{%qRCz2FLifeP^B6
z*X<~E;|weSS20=n)+D}Xkm!y=>v40LIT}(((a7R@>J}}ar|k`xgWDE1$VfdGe>KAT
ztoY^1=4e?CEr9`QrWLnR_B)?mfieUXC^$*epa}milwd$R4calS17eBDw$k;wZZkwg
z4<+}^9sEh-K0XX%{De7td!?9at3w*H;AN7IpMFe7?#NuZOd2h=zL3Tfu%;jNq(bk1
zb^~eb8dr%3X@;?VMfA>oCW)Un%hg7r50{PHX9!+59uAZYvtoYDAHpWk!q44f+_@QR
zy|d*oBnQn%rifk8>$@tD5TbX6%rK-a2TWakB&Upt!$-quced^@XZ4abI2#FXCAAd6
ziydkw9kbJ>uw3k&B5X|1B#)srJtp|Y=NN3DAi%I6Nm&-i{k`#ZgjiNaNg4Qiy0fN<
z>G(6C82IC>e8%}!m#6qMyZc4jn6$Li*ADhD>+)Eb8RHVq>Lp#d7(BN2JkcxO8`7uO
z$iR~ZUy$N>HF>B|TQkn$T*k02Rp+o~nzR&ByU~4Nw~I1fHuSUBPtH{B#$(%es{LsM
zmbq)agk|VkHX}`M4=ueQFZJu7bCw*XNA2Iq<t$sO&x2bRI|d_H{h<(a1A7(K<Vzm#
zK(nQdeTv2IG?t@rB|{}0cD4oQCd0MmN{SlHZm|&0GoZtLEnrNyBI?wTI(OmX{iD?g
zKp&bNtYv!Vbe7Cd#!Ep3i;-fqB`!g~fw}|*{q}k~oSGRUZE=*ap8vKT(|b)%|DyDO
zccCa(0Zm@313@@dAFVEcTz%Rh=s$4L#O6CXad7hAfpvNa%=?Z#3V3)O5mfjstQeo*
z6zuzazsjo%2zY!Pq5hq^F#O?h5h<))7oX7Z>rd=6goiVr)b-jU@S9lG)2L4AR3N5b
zw8M(<A=h~ph7GOa5na*6j2BB`si_ToJ-B&>LqHT?-!*ROh9?aI?&l&e{IZ=5jk6k)
zk!O7<y%{LD)a08AYMdQ!Ts>Ds>JRyCdJ<*&M&8sQ!95IG-J~Da3~GaLh7=;Tou~&K
zwG@&{rykfvX7lvkRI`?f`F4~*cYzf>CNc*oq6fVOKNRxhODsG5i{vpSJ3+};_Jnoe
zD9$cmA0D<cni~}_2t!d*EXV`rCKb;y?`ea?Vc!eo#sMO$YQ<N&8NFPaKg=3c!Y{IZ
z6%@v8jxM~I(P9-FvCp0cbx3|DNbGNVt<zVi_S$)zX2rwvc*Gph%HjEAA*JF=XQ9O|
zx;GS34qjS{4256$MDcDiwLG?Y{|>~?i8Q;R9iN3!1F;64T+RU@Jxd4fWeB<exYeRZ
zvF&C5ue6rB-nzXfn?}dfDjY>Pic*cCRi~M(wCD6e{zhB>kF-K0{eRM$%Vuw_0$?Xv
zDx_bPd*nk?UcHUBx#%V;WV6jjh`I&K;_QG5r#hvo^}-$P<^5l6H7k0<+z;8umX_8@
zkFuw&O4hK$m-3m^?y!(qmE!2t{!TVW9fZK<tjOS;`mu)N=tuH1IAFfCa~gT^M)rt%
z;w#g2fB4NKnRANz`C~`T7(7PfJQ-c$7+6r^-{rhgtJ3wO{-~R2oNDC0hGnA?FEL`1
zpgTLhBOz5f^xFb`cOG#QZ;^w0*h)^AgDF|_wAzsZp9ezw@Bd+I8kpb~zuE;3CSHwL
ztCVyNWzt2|XDLp*ji~K*rSjmi3)iFWETDe8)EA4f4!!W*BYBSEeYyqjj~~PwSsr(u
zv;gTJKMoJSKYkn&mI*X@anS@98jqZ{PE%@?o4gd&T8}0`V{3CJ#B0<PT*Cy)x*t>A
zcw-Rf!pRBX+_WCWyQMfF<(o_!*6lR!KJXOt$-?h6ufSo%(aY#o$Z5<Pg<qY;&|OC4
zn7Mjm20(o;&LtMMazV`174b?*sdtjI1a)HGa4RNSW3f4^@eJ8$2|VpRM9lEjow*nl
z_?9s<qVA#W!xF(zk!^uBr*f@K){1P#VBv<*4_lpuwjSgx8jB?N!*NggI9y!rVEelD
zR-BR2LRFm<u{yGX=?xgDa?dtB+h6oF08x?fj#wYF`GAh1+_R-=M40J|OuO~kK$hj~
zVwptNXHcJazF_JBXndJ{rkn+3+zMR3z1|JA{q07V_>L4T0ueD|%)mjqso;AK?HZYY
z$h%4M&`vB}sQXYpOt|gSaQR>d<{{rG=x!~)_puSy_AKx&Tpig!l^8}0Aj$`tA{B^>
z&#Yhn`_rNKF3x{-v%AS{It|OVDMqk1TN~dR&WkdMdT4smx1wa-OcS@Iz;b)fm<cwp
zV(@I(nk<vl_z_eNmmY7oHOoma2&e|dP`Y*(u3UySGr`@-9ZMZgTX9LEEy;kxcAE?G
zab6yV{3iTa31+-?GyUigcY#nZVO4vHOmD$_j08q9M?t)~;v{WS7vzMf<Qn5k77QI-
zN+;PgHuNH=YQ#oNx%o|0l>;#F7v2z%tVEa_OA#73cn=Yp?D3^AHK;kqSPuF5&4YKj
z`OQ4c^bD}oyGPy=s6YKSf`9riajwbg6^^Y@v<}|m7D}OYd_z_VyeO=0pmlgXZ1V6W
zv-4Xht!}>09>Z2&j#Rko84$oqaUxp}&iM(<MI*6;VBWPdGSW4&cDm)@c=5HWBah89
z+ah23C#SL>SRwPMfA)ItRKEoIRKNNjGY)?z(0&Cy{8Ybw(SCoe?tfc>Fsa+{`MpiU
zodhn%Z9^|Ismu`NT!h+jbLzO~uXo2ZdMWyEalQyj)b7H1hMY85zlD$Wzl>-Xd(vm}
zWE$+q3~>>ytitOceU!$8<!w3kpIcNI+R5C52iB+w*y}pV4uFsvr(v`~jSA9)^?LAR
zYcdd;p~iPnm`%OR!LpMlYN*HzA7VA*po`OF=FnvtJ5MT5XVP|)o)!JN%qx6%qlAla
zdRk#tudQ<FR|Vl~&fr<$Y$iCK(nvA=l4*=73eaWq`YAG$Zj(<AG4jQb>63R5<ps)q
z(MqB(IGW^aw4=L&;YC;QsP05W`O@i-y=MV#O2%tH1bhti_qW?swu7+R%seT$%oTWl
zCYdYnURW#eW-V2?$BSKJ@%M^d<Y>l7tMJamM<%z3F=bS@{>4~+KAzi<lp=R!$D2v(
z-|McL{d<zZ@Vl2oSfP5`uIF-o!YnBlBZ;Wp5%4=%?XFgE7+5VlY&OBL4x<pJsL@J;
z$47Z;zZ||S<<@p=E38IZUrL_uI3%RDP;kJddJDEt%%@OdAk(XiRo1>hlu66QDXC^4
ztFrKbY*C|gyyLo3H8FB%$dmyc>@&Q$Q;e|$Eo}PJ@7a@=o-=bULurwLbG#Jv*&|J-
znw8vCc^s{mIAsx?bv0{{OnLmVMNhkXpsRV^>(lDh>LpNon;4v)$Cyi>t6wG9Y#Ji{
z6kv(-^WZZsdRh6zMcJbPxrdDtI32_EB2+iip7X;BnT~xXxFmmLJ>->F>oqHeFC*@7
zl`fSQMUpCy;-Rm`XX{V~tRF6RBOKmKfW$Azdk8)ninJhtDyrCJ7Z8o7vzV<d&^F+s
z&MynmSf0VKMaGGS?k5!t32rDk=k@O*T<RpGyI^AU?R<r*AU^)*tFaJWcV&aTiY_is
zseGTj(PzG@$|5=0Rxj^8@A-Gd@%IR)qdlX~WF?1K&|KXF^K`}bt9fZ$DBXwn2EfqU
ziJ}1T+7AzTqcylOh%PjF9f<wD-7+I>R7<XrI>YV)XD9qsuu@O;gJv2Za<4&2IxDOX
z$tJ6!F<{F$=OF0PAskX<5ZlBZ)*}2T6QB>+O!Azs5|6d|#|DZ~rM%5rU0*V_JY4*z
z4d_bC(vEf!yaSDU2@<(g(&Ps0?=|OhvN=-Lu?@28t*~B?Dm-n8u2r|s5|x(EN*-?i
zzZ%^7V^iVWBWO%dr2XgT_p8yj(%$b&l(e|+{x-6zRX%cACT5;ZHJKmjfm<S;>WVfq
zg>Hh<iz4ju+w<jxbIkSMv{ddfnH1UDe@AVE@v31B4F66~cKihLJjF262Tg0ZVoQ<G
zC&X<ERW{KzNCLMS$V^U9j$?9i_e3uK#YwkOixn;WxOWPYZ3lTPkB65n!=@j{V^*}g
z4y=V$RY$<6op0U4AgqUvdmYw0xRcih&*4ZVjP}xMcscD<w%b<3QETR5!^bw7UFMVA
zhSM&}tX*~>T?{g;f_>7--RnyAUu=sTDb$+AHRfy6sOD|MeHVMmC<qruB5*#fwzPy3
z*|nHJ1LfA=M4VI?YkMj+DsY5Nre_AuHA4%O>6VFT7hC<6_O`CJs{xXY@1+-jQtmlI
zNjWC<`aP%XD&qA%X6eqZ+YixlXPU;e_a>jq@NB;9gnr3*RWEbeq@C>KiYa{qG*S&}
zLO<iLZqQb`w4v)AJra$kooa8XkWI(^xzABakRca3r3XFA#GxPO?IdOUGdP`t>HpKI
zRCPmK+f5{^Z2z*}xH;-CVU7KwXP?QBj|GdCn<hgqr&akRg<mXL<%C@=DwW@JpBJ?{
zu;9hGk06E@|LCuj@j?}Zt(Jq0#00B6EqlOs-C{<r6I#$cL;$)7d_C^vt*{n5KbcL2
ziHVB;N?a#J)8DoUch&W{c8txfe8dw@+E|DOQ~p7;)Y)`QyL4A*TqTxbCeAux0f+*Q
zvjM%sufZwZL(7csh0m4of!vFD+3wOs*n!9!nZ@6OrM%;vz+?E!zxlLNv{1U1<_GVv
zKf5!=n%)Eu8O2?sdkkr!QT{^ce3={?CGm91*Ib*3&$rBrO7bW1q1ezhSbp6b432gt
z3l;f<5Ewk%eNENCRjQM2F)+m}casHQMb3CeC^8Ol`bVv?VHTF0j8QR;FaIK0`T|Ka
zsq@Loyb#H}P#=nm_9?|T)Mf;>-?+ik43l5gRmS+4?fkOgjYU>;SK{CfTLzF@^W+TG
zB>V-KMrt082DEIwjMfVLppO~wYH#kYqrYCo<F7B&vA+aSYBZ7|zrPfs(OPQk6GX2N
zUNn;pxx^`#+TvGkhsO=rxe=i|O&TK>!IKnhNQ_T*5%}6J{!WM3f(62VF=PvYx3YO@
zp64?qv5;^U&Z@Lvlml$$aJ$P)(fRCYCbvNjH*YjTwxb^`fZv1v{+3aoi&^X}+ORGy
zFt<VU{@u=R52UmI(sxyOa^jE6WLdef3i?xXx9ch$znjS}u=ub0_hnMheFX#v5|cNl
zxeVvCL~0#5zMC8B9KZcQyfTL+iFQe-uMlV{0^?u>v~6cBgl$Un^d{qxZA*hCf!mc(
zX?uaCwQQq9RDop_#MQ|c-%IDKHVCw2lt=SpJpk6ioB-(XIw5@EqZLwFb7~TSA`6T7
zrTShzSl?i?k(Oxj0cCq5AE5%>gVtOB!UdwMhSV}M+u?D|lzj9)JB|0@`Q0|peq$Y4
z@vRaaL6JEKOdpziD&2}N<skE&KaP*{?;6tllxiErIYuaNvM+J9Q-OuN>}uy4S~wPQ
z?Z@ePW}M}1FZUo<gA0X@>N|ZFvd0w6p#Gma4!g*O9T93!X^k=qE4{&u5AhWtM>$<B
zNjTf+0wb1=Khh^KWLG|*_wsijIt+)S_}Q7QOfQ3dHAFjlQE0?hD@k@D405!T{?QZj
zvgvhDL{+$~ni5we8)7j^1kbn59Ii(6xOvdzoYiz%s~X%^ES!3j3=|sNV027Su=4Ut
zIAzmg^M|6gMUnUXSY8Bycn3iW36u`E?7)0X*{XyU&K}u>cceqc$)g27T&;MdLKRcc
zB8f9lM{o`jY@*l`j!<sehJ0XTc2L`#n;`T~t=yZ-$<*J^O6E2>vLBUdpjBKm3~hAL
zXgPfWp5Ck9Nau?YspmpUfs|}3KT>(u(`mTG4&%|lu-cC{s*IS?<Mi8!9mlrsYIzGC
zI4v<>D2bIUU0m|u%HEm&L;cAX$MxAfV3rr+jq`gRl<>zet(U?)Q$HMU%Jd+*_XdRU
z^XPPm7|*4afNyo-KLeo@rRWai6ymd|jyITO>U>m@HOI7{AGR}ttm)*o_@-l(@`bo9
zpgH5(X~ao=NEZ#^C6`meK>h)uj@q~}t5N<r3#9g31Abg>^Ah>v$`rSWIwDgk$6p3<
z(++cu8$#Yl%F{K1pD!)%cW%P7y3Z!18Y{QL_!*56(dc)PuhpHXC-PS8cDn5<+LJt9
zHeYwFaWOW->_D2SKVl2ULs<~|nz`5=>KSW2clEWfQ;uv8yloMDFwDZ1H?CNgux1eW
zgF6CA=*ya)kgOha$zsdm?0zObz~SGB5mDx^HNnWXF_rGU)j_IJ=<d^l$ON`$_<}eN
z2(30ODdwC#K1M17VOK;RvqD9uzPP-WgVWB4?lML>C|a+1)WIw7a?sUgGDi5kz0|?(
zGDiO0V5`FGf0ZIm&Ch5NmEy_U;N>2S^0ToD?CF%^Au%lT(?x?^I_tSW;|Rb~mcmD{
zQR2oxPM(aMAu{n`Q;vd0u&un|lxBhGX79AdfKILl4&khoOoLqxjhrJO1c6WB;M^Bk
zDfmr)GoIkiSTC^67FkE*9sd&@-9N?72;HAM=v-e(Ncln!F5WXs$?gYp2{?!m|84y_
zA^Hnr$g0f_K8Q;RlxikBMez=akE>+vC#b$?`EPfg1zu!*-Ta(42>Y&u$Ba6i=V}k=
z6>(Y|Emg~^LRpzVSIJxcfv1Wqf||}#;vguZE)GvA8emZz6cD+oZ~T-v%K`~r5%-h?
zJ(C}l-cCCmm8JJDdB8COBUb}WqI%dy|6R-;haQDo_r9{=lAGQp)0`J%@iinH(}u|9
zFB=y`&<-=gKpRdU>aKEnIA+VlMOj;lr5m>t5zs{0eFTT8ej=^#k9w1f<Z6aiWzy`v
zn1Q_&F<BCyIW#@K5&Q@FGrwk*K}ec1vy0{ffL(ooN?J=fm96RUk08de%8b1ial4%=
zki1w;JPK3f$Hy3<btX;b(^0~j1o)h`_!)zrc1fjS)aqQ}xuRhgWXsDKA#vxWq@5Z&
zVjc~+m(qMoaAoelDn<>bT}(#2S4S>7MUBGZtNc2+JsXo@qx9#0F9UI-oz5!NWlsvr
z;_ljvj8-kt(qC=V*~4>E^ec%FXeu%q?&|3bqZ*B|%G_ezQejOv$CYb*6sZqyaRINs
zQgwY|?wE|}+7kp3v6LE<fRsZ}Y=gtJ)Z<R+i!};#x$D4G<y^xCzpAHtTT7FZb{2sT
zIld8w<E21WD4?M$9E}~9v<KtZih`DrHv5?~gs0Y>w1VOUN({qCsZ0u!912dXh|~v^
z=3e}VDT)Gv<Ra1>#za<~H#6rW%GKb{u`&4hSb~JqU1K<J;iNY)PUlLfBi^(jD8g3D
zV0u#Lht6ZchBm&lTpq*bb^k7xUvC0rdAmMLt*TpL>xi|JJ2a!zej!qn%nZ<@4WJ_D
zb0)8n`isw<pn4%3jNj;_X*Vg>i>01{#zdiT?iCw^txddS+Qg23-Uerxo6#bDN7kx)
zu@+9A6y%^{UIs$0Sm(w-sKGE9?hpED5)@(ef}}1}JdhIvl8CO6=UonX<%-UBcK{#F
z+WidwGo39t3@qw(e|M06Mkjf?^Ol6bH}BoS(i}g%endruUzd-j_c1~RMMZ_5pP8<@
zI)>e^(7d0o*TPxHJ43;|ubiHDNi)*2vcL^UGgd{(v3+rN%o9AuS=p#HoVvwC3}y<z
zXGS{V>`y-c`0_egeYrduyyN{}GM{0$7Xsz|73*`=S<G3WUSge?G>h{Xj%%~q$P)-n
zI7&M)ArP+L59NLXd^{QLIScCvRG$Snt@mP9PSG=Zkqip4txiK|f^pO3W5immGty&^
zApWEuBv|-*N+)4;kZns(IZm*BG{!}?MWNC0;iqN*E!i7izw<l^(?zokuy33h(8cZi
z!~-g58Y4Ct#)gq8P^lSPP|QEW87Ra0@b~m7S~CKwzVrqdi=I)N0H>%-K2)q;d}EBY
z%jdk66yOQRA4~X|u>ByO?T^k^T{F8}iH6Obg^gN9F`o)GLp=fSnmBSKI_M2%V=HtM
zk{j7ltMCj~vdBV@lHzBO#C5st&PCw@W5ujQ9GELN5Fxl%wml0w2^wN43IO}ya4!0}
zwW=q|TC>Z56*8(RVv*214xS8Q6T;bJG13aEYc?n-J0VTUlg3@jGD>wNcm=GRPceMj
zdi=2-O~sC-P!HR1xwb-dLC2IF87JKeQ^7v1olpDQPwMZr?F!T%VxVnVY6Mr%lroG&
zS)=+?@mzn)X6+_z*J@5Q*4Z{{HW<ucj1R!OQgD_$%1kvnu-#8E!wR@}-P11J7BTd^
zNtfWb&xF(f3I#d6r+h_n_U#jzrh5c5Mw~kMVxzhGs`LrwD7ALlVFWtagpGCsib4ta
z7etl961Pd8@O7(%>Ql6E1jh+mIO?PP5Z?4<d1`4DAk~J#W+Ht$Lqvk9zmHkffBxYL
zu11<?s(3$xQj)V)sutSiCF_S*??~S^TYN2RxpzoJP3;J?ybC8k4a}1pS$7xMU7bz%
zhHjd0+B(sof_1h*z%E~VTzp0OLx1j7kXb|YQ|WM0ND@;bbvHJ<#~mzA^vtB-Y!9gv
zmi%oTfWGod?})g9&^!3o+n^PKg<<Al6`bJURs>RKcw0}Sr9V3pk$SO|9KME&J%fFq
zW&x@!RCO7bGMpj1nyWN$vmrGfx*)oc;-45!Kno+hZeFVabXaz3zWO2TfCltL0X%G(
z%F-Zw55L~%HixV=*+k$F@JvD1`=ipzG1Wgpfd%k1=@iO&J^)Ao6_<zOCgT<vpKjp@
zEXJiFzm<BRbgr8i8ht5-8!e~I9T1L?Lh;Xth~wblY2OfnyWwj|PsZ6qu9zE(7pH=$
z-tHUQ1DDQWg^giFJDU23iWxSoae*6z`}C-zT^q{!BQu26>IYHmgHnB06h@p|_<H$>
z(T`!<Sd@gb9PGo8M3%%X0H5K|_9|a1Q(r7g&o&A0tut1GU3I{axeNiqac8~t-mh^E
zbn|6X_Z-EM^>d>PLVLs3W0lN(c)A<x!XAvNApw=1=FfXe_AIg7*>SDjyz9LFc|)0t
zj8wnljJR+6dl6x*pG~S2$stYR5q_{u!NO3fUw9vli;SDTc3Tirgu7w$dg?b6)9ft5
z;e|u4`n`WHnjG%kduj4(=an(rhSqrFsY_w`GESPs7O~Mz9D67LRv(P8Zmh**>a;2l
zO>v0qLFeOQVJJ9qEg}Vf)0D6=Kb8M^ZGj0uvdQDVb{V!MD3ACd3JnnuFeMTGP>lS+
zXLzJKw07WesK8K4$tP%_-(;d3*RZ>q-iPLF|6GB9;28?LrQl)6?GVj?NKA6)%39qI
z1~ikBGgtRq^pfix7YD&0mt=5qt>aCKi(#%yk@Bxo08fS6f?*PXc-U%m1ShAvCo`@7
z-Gp<$K)D`2T7&qOH3s2stY+7}phqVHE$s@4P$a*AN%-`7<AFjJuDT={5aJ?mCwt<1
z1@oxKw>tOf9gIDvQcwPy*>!3(jZ|SxbY{5r_hS+pU?C`*xxFp?CQtG}U*lH%3ujKP
zdq*9gP*tAo@_1Ls_^!P~PPw{yEgi<(8I~j_Zxd+w5w@B-ZasoppMH;yEFPO3@|jjd
zZlEuC#3RNG6o!V%0n165?0F-b06Mkw!z!aS0*{^BLk=!J{C4OX-m4--MvYC%r+JA&
zPm}zRY7yAzJQ9y{y$eA*^B4&aq}w_M6ql$?acklr>Q1TSMpz9+tU*C+wTjwVq^mxx
zW8WZdX?Z!i+d!xK8;I4C8dKo?=uRvHfqgfch>0u_Hz%zFxY5Wud|dkJCO$9jUdhnl
zfhKVo>i3LfDh4+;r<O5``!*hh?oZP=+4G5YjWS$3sNo0%2hHAG!oVZ4Q2(8z@sa8M
z(_Rm6XvJ59V9#4<txLFO09WJ0I6k4>x}){2lW8e8#U$2nStDsVT_;0q4mxqyK9u*g
zD(#r_w0iq!sO{K7mIYe2E+wu{n#H~WT33#KiQqzqFD?bW2|`aF1=7=1)FmF=uG+1I
zOZx`7bhSqQJjl6`unIZwU0L+}RI~P{Tp|JM9<IQQpruzJZL_WBCzs4lR~%<G+TRc3
zIJp3@ki#G?t^z9JOaw6$fQGN2E$&UBo9oFwZBCl?^w`oM;S@4uec!rQvNEPOxF9fm
zD$0Ak5r1iC5al)s$Bi_nc?=4A47`2I`Kqf!rT;@a$?B=r^ZnO!frp={Mc>2kvgpeO
zKIyht+;k@*`9i7BMiiDjW6$NFymQ;%4bHA+$rfqedtyAIj<d8Q%)xq)77m_zNedkR
z4~3Qbl!hPJ259zO!g;a1$5%s%SnOe(sgUU+_G|BRWQ1qly3qYWUEw?9J0Gb}*PQTu
z&v%)u;jYOs$B#>eIxcEZJn&<KpBK1CU8hY8h_%Dd`O%(ms~5nC;IVYW8`t=U%@2B9
z3zVO^rM;}{uB#K4@TvCIG4!+<u@64(B@$2b6{Cg^kgW;99OY3dt(H@{>Q!c1@~DnV
zJayZKt>~3{V;79yyvK_`^midL^KN^2ODTqz(;d56xF@5lZBh8w_;nv_;NrVgYBDOl
z1XZK**G<7OR4+t|4ah#kx+9UIJUkMMSh>82+<Q`n%X-rgJ#A|Y8rM0Wcb8f+=uRxR
z+PFMdSSfcLgC7gzo02CgJ~r$n+AjHtILJ>)@ZKJRD3~Na@MEqWG(r&wr~G$V6g<u<
z<$3@HJU{ef4)}`~L8tt8SOh*U(+@Fi9GIW2aso(hfr_f|$93K$vH<X*$mX_C9)2;1
z$6XLB(Si-^d&~fI;=lp|ap4@%0U5(qsVx|$LMOLqP-SY>o4ZGR<|4<`;(a({{q|;*
z{;~&e^!b#R1lU@ChcM3im=ksDS>WZuIHlHUy9yEpH_9Wyg%1*i9~2Vjz=y<G=@${F
zrC!)qPNI(=ak>`FlPU7j8ZT%S>z$<P1RvF@|J*}NF^<y8k*!KyT`-+&<!_B<SKb*W
z>yK?;Tz}Cn39ddKfW5REpLC5yE~{V0rrUoNmDj=k)VpMlw`z^i1x-RpKO>`mr>EtG
zCM;a8C_3W9l<#G?kLWUdX%K7P85f!wxUh{j23-l4Th|b8b?-oDahPsi@8UPAUg(gZ
zXhCS=J-P+910_4pV4G`V$d2`JZeGV`p0zyS0`AFd<KbiQ`TIA(*Dux?KMhl=0@VY$
zxqWFfgMti>bRS^0QmCoJprY<hAy4vmTxB_2V92`uu-5yFw&K*@r6Mcd(ccRt$J~CY
z{!M0P*G$INd+#BmMoW7%IrzlkFHe#h(>AY#k#tct%#iG63`@x|h^$`dTC8~ZBK2b5
zV*7;;x@*!yYCJ(#^R^?aTy}yL`s2|Gy<^%O-PMsZ+E<`#W6+QoTrJ@k2c96O*Qtb;
zJtB-S?#$<Iv>RQMt)N~11<zl@1<pv`l8926b4@-|7fRYF?RaYz$-=0EogS1vDIj3`
zhkMKipo)U;`EkR|+AWCE;f>cwDT=UO&NEgOm8e|zlww>BowIt}SwYFeUmn9KiKPp>
zDO*_Q`@>I7dFfFCgXA_CAYn9Q(DLG&)mWKXGx6K=*`Ot5QjvnBH8p&9whj1C$0c4S
zjrrzvR-q+1G}{SP%_8_~iBPdcUKs>ar}Zb<wlCjde?T}YUl-S!p<56myAPUdv>XRr
zS$UBcwTLN^I2S|%$W@yHOs83i&7#;gSz)`mIrsqiRmku0$pTjh1PmD5IeL2_F)gkb
z|1^k3Vc+OUMND~XT!mB6SdF*2$OB5!nfpN1j%p%5nlEyRUuL6j8h@%Ef0=pX0lF+2
zp|?z%9|9^}|9;o_(qF4oD4Bgk`<vUUXv-4)==KdVRHUDSnUhpc)fOfoF?mVs*3vr<
z)0M?XlW^j}Uem>V<_3~*kkm|g=Mv3vALt}3il-no6Jdk!?IM5z(H8>Rx1YFcT2G-1
z7TO_m8#+n;nT;+%YlAUf#_VbD!e4`ba&a@GMoVftblRg1$ZO+GPR&-EANib{GmVFM
ziWrG;dEA61qOqrG{5Y1uSNWa=t45M7$zcxbv$_u3eB3)B6kGXx8*QN+K(aa=%;m@h
z)X+)5)}d*^fYfRl?k@ANG+BdGv>;|@!{DlLxz4|<ngvI=L>%f>5dTuyx%qUgM0bek
z+}W`udt}+G5tfrvAKhnEUzT}L0=#(^Gt<SjDgy_Wo)PHhGpBd!bDFz5<5G|%3YhX~
z3-we-TJuxGH0<bQp65_AqH1<!6WJ89=%Jgx;&0sw)JO}ZVxuA9H1=0(6zJU%fzI(A
ze2%sIdwf$&krcwuZ&7g|TX?G(-ui4-)3zK3w?t6|+SJM!7Bz;BEW<2TB$lt>DKN(%
zD9_Z&s*!Eph_#}F&`maxE#_Me(RXMn^&aZKk>F<VtvwdZ!vF7co)@Vy|6^Gu#m8cR
z$}hLkkCsL$cYoaD(s@I?)&M-r{*i6k@A~3UY1w~7oB9{tgY7gQoWXC{`bjkX8F)vR
zc#Fu099L(t*n~VCT@gu`t9tn=H24EKAFAqmC+dNjp2PnUue>GKJPr-T<X~6;JZ1e1
ziWK7nn$VgS$~(~1ct`-;Y`qQ$lLLchdej9<T7sF$cn54oC`LG{o*1ZJC@a9Lp6aen
z2oYb@hU`w$Y5p@v19-kpD8@I)Gy&|59pf4{zndg}pa|GMPRKV_A?1fndNCo7=$ksZ
zXpBrELCTxJ7&1ZDogm|sk7C4gSnCKSU6O)6Fu7q=JV2aGS%OSSVyq4ir;7!I=1R5S
z%pWDHy5UZ10X`7Ls#*~!=9!wPVRXpYy}uTuMpD%H22?-XEFK7M6=_`EirNoJOChLg
zU;b{;kh{Oegn}@n_c9zWEG3rddWE1|T`C(&$bg%yII;UAxXUF-JNz5~dP##YPBZ@|
zFs+Ukr5@F(#U*J9R4t+#K_38fSE&fB_Y5smB>|$L?GmVj2p_7>Z?&{7r2fgIraa6J
zros*ZPfCzqIe>^&Lds9TwKAYA{3n<FLi<lHI`67fdzm8WGaJaMHJger->|Bmi6UCJ
zDrP%%;R;am5|EXuSdoBMnQ(t;6bF8yLLOS!U0<_4F-qbEYA~}u2~lYhkzB(Q2~JQ&
zxF%qM^{79+b6!SSWvdRZ8;ucs1cU)U(+vxrft5hZf~|bo5}xYOh$%x6xbkTOgeGpV
zCk9+4bN0>gDpn9fYmq9S3^W*xbX_c%O#4m}***d|d3#<Gc?L0*w8J=oB=gHoTGY;Z
zn2M<wG$?WKbpM`6>OMA*?`=VAzsLfc1VI|>iHakJA7|ABE;b2V5p975S_JDx7*)LG
zgXyiXVP2fnDCUqjW|W>3m~}_1y>I~w)6^JXLJZ)k7hOR07(~4hMG$X$=b9HQ!t}r+
zQ)a_kkeX&d2_b1@;yO$y!Hp>2({#&1fGRZBDmd4O+>eAH4lmU8LwcH*S}y=4iX0vI
z7aNQN2*<_&XLbWRmYLp`7=XdAe2?ACX;2cuA)_+EN@5cE1QKReg%g2#9tb{^n-F-*
z7dFa|vWP4QB_LDaZ)NlMVp`!s%3lBy!uQJKvOTVY`$6@7M*#cg2D+oHo{xq2gf9As
z1N(?}%J;)b%o~Gz!$!Ofjlr?<fU8eHZKa$aV=7k!YNYg{?g|n>cH$4l@HG-}R^mr?
zz_bSiL|j0#ZOownBF>>1s6gIggU_I6b9oQbvgi2<t`PhAkBq!SwhZpCAH$E|-JJL!
zA$MXA#f+hHLH9ieZC0ty@j<ImNlX!gcd%QmNZ;M@mKDJ4y_u$Gi_E<T!Q<y1x6|m9
z`L4|wFT0Fn*p!}rU1f`krPY_@IAgq%?-{;4bdiQFMF~?C{BJi>WTb*_ID~Md{)zIs
zMs03w%n&juOqjHj%VPDJyYMv=EW*>5gxo>LHt>?(r~={}MaEQC8ZRKyB~1{rKZ@di
z```B3DV~{9)lwQ{Bq2AMAaHexGf>(@XikmW5hZ8wC8-dxF{_!;Y$@LrdB6z=dEe=2
zms52T9skCk!8a%a-y1d-ipxx;_$>fZK&`)Rb03+lqoen5YV1%A6)moBHShcbytkUs
z1|+;uKagkOiU&<6bzNYk-F@kjG!iL}SLtXB!jOo-TGDSAGmKcI)H}q<J>N&|sIKgi
zAipp9aVq9-jUK(;Q_bIQq@_^|SW!FRica7m3uOWobXrLuHIE3-N=FJ@9*D}0qK~O8
z0=0($3vl*Zrvj>3B~t-iM1(N|UHIT?g`iU-GI>o9JtztTRi`ikL7{#IdMPIQEZD`i
zKzk62oKoywh<1|{v^pSMDaV4=8mMJbj}ZH2y)#w=7@$XAfCo8dTP*P~<N<=B#azw1
zo=cm+eLz}7EoOyQ#$$-ZU+escH-ln0$TIe%^d5GYtD>IZej)FH69`4+rg(TvM2VW3
zOB5;l#}<0vKOqgx(o&S+QY$);I(B8&IjKL^N^2qu-h80UsQ+fGyK-}82wJi$S8hGB
zlC0&*cR3(7yJ@V6fiJ-gG&k)EP}4t(MxI#ZTSYvh>!7;!R8rchq09hz$1()Ag|KI>
zW|{NzU+L46KRDf=TU%zqdX5MC@qwHX^GAVTKA(BVM@d;}etaL`okQ-wWcoMyH;UU+
zlm;C?+TUJmDgR(D$f`4u3E<*x)?eB1MJd5C!OO?ORg#S)BvfFUttXTTVO=c#i0fxc
zPt9C5iWxT!#c>+<ZNx8+$P?cJBs_p`G*d*gIfjkwys>JtFg)Xw%5R#2;6<2`ee}b6
zs4>8aA8R*(Y=I1L@1`efP&m`HnKpH_s`Crz@GBfvvt~zL>qK4{|5gJlg5ow}+&Kyx
zwU7vxph1@%SaGe>HoY4?tj2%abron}IGYZFbg8a?oW-eezEp=BX8M&M+2}78&Xy~7
zZ+D&K2{FdOh~Q%e@zA_IHNo@wE6rOAU8EG#Si6w&T0G}7Sn4cz-2OAP{w(Mm#tUJ%
zCsCw1D|Qhmo!mHWu@kSDB{W+-8<-CvC&i{;qYxZr(cqwyq`bCP55tzh<AH6JTOhhD
zD7Qyg>$6c_$UvZ^8xn)nPia^DTvKPp9*OMdBlI=ySdQ`P#j#mRtC47vXC+^`A_&SG
z3X>LTDjq!-zV^J{)X|oMGM*qmm2Gf4{TrSv2vT#2!FC)yYEC7_Tj`<5t74Mq%}z!0
zVTP?)ngJehGcPCY#uSBh=2Ze}h*aJ{US$Byc8qL&yu<~KR#G<)jZ1G+$%|s;R$N}u
z8M`u2BrZ=X7vV{(vuqbWAyh;vJ~Jle>xZYjRDDZE_5%?v7IW+I;L5Haa{~KevLZe?
zX$RTBNyW@R35*J!o5P$t^+I~2s&I)im}-#GSFYR^P{(!UgnDK^*J3~1=nxW0F?pU@
zXbXEdklFAIA{W14;-alg4uk)>#y(lLp<OdTl<vVa`iT3~dLiad?z)PO^J$doD9VmH
zR_tr0rh!?a)ksSaYPgVPb9M#cA^PnH$yGa5KFwN4diex1682pyma%k6u8e0<%M<%%
zp*Gx@iM<)Ml89iC?SPtt4yZZYsg6<MayOMRP&27TAzH|e8kp=C5{!AC%1CkJ4_J8e
zv?$?lSBUYRu!4C;donCqjl-l4y2iZPl~?&RsWG2+iOckvD1TZ3cA3T#9E$Q1n-~Ll
z+5<<ITdO_?XwOI~{DEg=BNToN(h<Q&hBjH_5jkIh1v+GdLqfWo$>2-#ox;|Q%hJ@r
zO+79bO-yi8N3;jDavQ4+IUtyL4Hr3jQ;A*lTO6D;oQ=-~)Ou`<Ulq+B*xRzIRFCaF
zku=^Q%OYhJuqON;03AT$zl-@mfi)^BB|7aP6rZFerNN-gk)eH|rh39zV4ijY#BeyW
zi6{dTMKJ%Epy#PBz#4)k0<e$tTgS$A{C8+GgfDP-SjUSnIP7bH!z*BPyNGiTJkR?v
z$s@M@-F`rGPsxZ2dO~<!v9h8t?50~2j)j{WVIte#^Wj!C8CI%bzOBN9c$5<VfVk(!
z%B+v&1N{^w*ide7q`8^H`xHTCt(`n?(n35DL=jESo0_@i|60Z}9z$oAL`36FK}ftP
zP#&R%Q02PFS=Gs6n}KaVqERY)$cV$&yh&n+Aab}6ty|yzabP*dl!(R4VWz);ZdQz<
ziO%}5=_ZERnt>Qw@P?|6AcX3lm@`4uz>(80V^R&fxmF8u1%U!0)40tLPcv(TheL}4
z7mTG+ry^Lj9o~zIy(I71oxUe5GIoxj*{n_ATGepz)diDvZkNd1u;eDfB1#}%1kJw9
zSQKSiQJ&caqO#rNmNTwsxn_q76r@jm0<CGP6tiK`@`RR8f*uEAAw?#lNO<;ZlpBa(
ztdSz)c0=VDc@N(2^Lb-=!#}!&@?Rn|!~25gj}=|-FM>OXqn3;uAA@I&=XA}Ej{zp1
z(G=60^)H8ZsG@7b`K)w4Nx+}0k1Bi)hj-wXdKL=r4ZtD=W^>iP+2k=%MBi)THS2uI
zN`SdYO1d39=GdWTEln0BpoJ>J_-&ExG|A<KRkGPs6dqci7mF|dxOfIct6+CSmLp>)
z;zjlEUpkg&*jZ3*Xdwo~if&kiU6rj{zfKr14RmynD`<~Mp0b1v+PI9<N3z5?mf8K5
zl^o&-GDwfj>CQNtBwrVN#S^M15qOrwU<_`m&!TFw5EV}vF{)%4qjJde<Chp)_sv<k
zc1T`bh@#F125(%l3andgbA*;_KzntOE8|+!i`jr{;Z1732G{PEN(t9x&OLZlL#^rR
zBe2#KqB*1lL>Ji79ki|`4o9n^M87&#@Is@$jw95a=~E4LhZ9W+0WJoo;AmGJv5Y4b
zIbn<S!u~*yS?L;C$!NN>l5j(i9=wt)TS2K32!??A92fvxG@_O1Xr`qxWN6%1=n*bC
zN)w11g;4nB?q_1XcBxQauSNH4nFZ+4#on3AJYYdF`cViTdmk8EkE2~T*s>!ekc*T{
zaM|wWCCda&=TMgXmS#sj)|d0*Ei2a5<|TRVc`b@Rf>kVfO3gCss_8J9FP=##&e;I<
z1jSCZjB_ko&|FqL%k#OZ(pSlJxhTXu6UohrXUvE295K_7oa9ACjuawXMzkfB>^yh+
z5kf*kUtSm%!vkxuRO@)je{zliGWuVV7sCo^m*4$WHTK%@I31dyl~f3|UXiQI*MG%M
zrMg*Z?FN5e?kq-+G~56TH1#oFKp7~kLX1HsvML#MspOX6VDKs-Xy%8r5AV<4fBllY
zQry#|c)&18s^{Y(x`;|i6I4XEtOTjTl&xi}6;C)Tk|v~t6%{X;HI%1F^d0TXiozhk
zSg;Xy0Q8`!0ZpLXVYMMS%SDN(c@49I5eYZS(0PSXGKt7@tj${qa>LjbEt0sv4P-%H
zXBFROu!GNEJab(Ko-;{yqAp1$inY?mk)A2uQP!Z_BN^)?oy-)aa5VWubw~audA@N(
zpjd$y&we)X5~sU1cH;ET`Z=|J-dI29*3Z)Zy*&NP>2Qce;9jj+^$H}ub3NsVJN`Fu
zN5raP1r})5<=R27Y|m{+jvU_I&wfp=c+NyUpjqrK$vX|~j6P*S?kI0^<Y0Z8-0)_F
zJi^g$b=}Hs@)nffw<3u;Nk?ejF44=%dg=v;I}FgYF#J@A?UE)pE&))T;1v|BKu%*Q
z*@Z~S`NgqRGP<2HL)ITIUJ+KLTfqx=9r=%iqCy)A7In5-v7}N$^mW!w^%@K`W$lVT
z!-ZQ4k+H!%GqrM;th{CARVMN5#jM^deO9#UcJ=mB36C^q6)StQgz#mTRMU#e28WBC
zU7Q2QK}+8&V=KbAMfKKoLcih}yLN%OTqmro@C~5&*Eehj|FkR9HL8V+Y6fN6ghoPA
zyi)C~z+$Tlh4X5MLBDWMZ&}G#5c}j^D(JIq%7cy<=dZx){*DH!Aa$o=zA?%kL|4#?
zf}LKn$c!*;%6KfVOB7sf*CeB1bSt4zX&<$0(E+7^j%}64l$IF{<DnFyTh8vD>asU;
zCH%~FU9zW;74h`nVv<VKbM@`(Z^87S!*XlMR&}QD(1Oq{{~mSl8B|V*L8PsD`j<yF
zg&XV8$ko2o6-e$jOxLzz*3lNF(&!_mqfU^4fsMsk57FcHi7s0cz$N|k=!`5WnL|`D
zPj~s@g8&Kne29dp>x!dpNCrgUEeLrRhse8RjY~|obi;NN+1Y!3XJkj;1*AEV7{kAN
zniJ7H%7~E?+6ApP28i<28Aw^iP2ANh(Z21or;Vgx5r<BVCRWnS0MWvd5}^b*x(`v<
zOa&zIz>9Mwjk2QRiAUullRz0Uk4c~mjqZ0x*(ZT=5-2Buaw0pEK>7L8oEU*p8x;=_
zDU((#BP*V<ec944Rq3dT#}q1gAz4zF?DB?hzX$tc<h)*U328()h>oZUv?w4+#+)2&
zu04FAu^h)|vCcPacNySj0ZukFudq-Y9D5v}3-Y*6#NQ6!ZIRSA%+o$+em0huMR2Of
zb&KOr<GE8zL90m46vvgq9Ldj(qBzkZTnL>%{s`{Q`hJIXSG4~K(`ALMAP)QSXjovr
z>iGYrJg<Mdy1Mu*Jg+=5t_jdFku$Zi$}k;VIRH?wO5r#$9xHmoB-xfMVJRR*K}AyV
zs6uo#M(i${n5*kq_YW0aUptxxH>>@w+|cWWEPX5tEl>=t^PUdlbhXQ+uG3zygh@$D
zu&}T~*5zK<$G4`G)=eSqB*t?(n$^8Rv=yGdCi}(&L1^Ht^A#x&39UPB*a_FD3sJh3
z6nxK`nDr`vL0D()Ed7HhSQV316T&qx4|+>^1_GK+`|;%V-x;8cb_h^Q1%jGge(?ak
z$VQQZy^y`@ULeOco~#~`ah{flFhBQw%*6UDjCKzX{H<8)(D;5xwI@EE5LVRraO-n&
zG`!w(HLg`Ye5dE+pVAR_7uqMWe#>rI%qFS1X6oHfKh=~i>tQZ52WiXkr#o5>FTxxn
zrVm-5oO?h&x*Cy{!T=!Iz=C+rNC|lcnCPKF{Jd42y6bu@t#}wES_3&fZXyp2Dg;7&
z$%;Co-eEAjARoSZ^~D!o{K=eLC?^4bGXb2sYV9q!4g6W;>bqG3u{eL8s^(s7zWifu
zkS3c(>w@c)f?UpsbQxIk8QIK8IwN;8;*j+Ndxk=aDdra)%Vclh-WGI|QYt~}Z6>Ho
z5Vd1>D`C>DO<=ZSC<B^<VJYHi#kcxjrXtHCPoKI)lz|B=&DqK64JP!#F;8B7@K9aQ
zpS(Fn4~)=d{QBSLs{1{%-WRb>VSVpFUC+PUAw4gw<N5VFw{92I>&EJIj?4MT6luks
zNZ}2!`lZRzl~sswkP;0n&0*puWNO97N`J6kH*gDiCw|&w%li`!w5kdcJH%Tn$;eVg
z6q!?!z;7#vy7VKIJB6MWsZ(PNU>ZEgJqE`jO5$-WS2z+kquhtl*HfqAZO~NOO2E>t
z2PJ0__9kAC4%#m^JG0QBJ0)$KOiNFbV^K@h;9u_wn)Aef`JN%VuOB1WF7~+SU05i9
znAerkAsgfn2)*{wZOJMF42JWR9z4__q+;*VS_|A3F_Zv)$BL@lLBg|06%Sf;-uC)>
zV?DhwUeNvQMPPMp)|CNAu*V!|laQ@Q7XxR^HgVkn<W4Ku1>0-^t<~^u3{*)|3avFD
zaDX5uG}vU+*(UL(<`|!$H|dbXnrUMYygF=O5e?w|fP?R`AbUr*-y{wsr(4H2NK4%v
zjs*k`f&s?^0Y`%Xf0h8i2ZR51HHEjx>+qLL)|D)1F6siT0*T1CwYR#Bg?f#}uSe?}
z9r5sKP7AtbO{oJpZwd6%kbdC3JciXzXYzABlOK#Q);pEFc)+PNv>BWZO%GfWk@Kq3
zWejM`5`57#2!{eG#!6z=cL+ctXr<9RGM?}%+u8mN(17o_w?;mI;W~<lp#5yoj$R{=
zvHOI1B|aSB=XoImFUXA}S#4|vJ!v6#NXpmD>AQUp><$SF3xgm+2hAveAw)blLXSPC
zk|w-ZA7;7KANS1z9h1FZpB-fg(A`BC0#KW=k$8*((nsXcusZcN5xEbK0vuHEHd&U8
zLiOuAip4!TYdB~Obs4-S6RCbC6X|3k{bfv~dzbZ*h@KTA_xquIA*-v4x7mAem=#us
zA;fIn_j?fw7<Q4eZ6<b1v*RWpp_a}&52RXcSD81yxiu@)hkKzRP;GcsXP2xZf9M_-
zN9*bc$tD6sRJH)x37Mc$*10~77@py1u?gBRyBG-CXu~t~^17(d>ak-u5VH22QV(KG
z!QWf28)&*cC_f9M&VJvu`c`mLr}<X;Y5)+o+XkEm2*0DrPBS_#_!w{W-1t^PmaKSC
zHLEvE{h|bPE?v8u>bC%)$YTwpVFO!?DHFQBpw%YY@CuRDI5>mPsN>M6fy;|TIBsJV
zU=-?_qgbPEmTs0Dzw}n(iPGqClBL+vH5|R@x%NLKDZ_f=Oai1-u8()18rW91VCu7&
zm`sSLXqT@*KtmK%?gB*^X({R=)p+bpwZV720l&9u2`+#acpGhu{YzF+bswHDo<Do=
z@{a=f1Af&rlN)i;+>Hm1sAM$#w#d9u>^-1;IH2$$0`2jY4pxO<-IcszQ8oxdPF6IN
z0PR&54dpsrkk^*g16~PFGZfV<>*a&)wl0(chqk@i&5?C##`x&32d=q2)uSVFf^Qy6
zQVLO>K6rcewBOus%jl^?c|XN5wxKof&bhZfo;CO@+t6DkiR3xYXc>ULt^~QnS&?O3
z5mwytQWP3Gvg9BpSWdA2cJlq%hacacy?f(>dDJC+&CH>i$KDLAuG)<YjdfsC&G^->
z0If6gfe^5|s%aKj19qQewdA)Cz5ik8%7!aC-}qGEmOg-Nk(olO0sLfJ7rGFsJhs18
zl&eL~-)qPz&FmQ|wjxDw`>JUibepQ8$p%F)-7O&CJCsMti%M5^QuMyj-~cu8&o^v0
zLugctw*L?7kiz?}U2X*5KbxQaW9Za`L?rArO1OKY(*dkv4@^%_X9^g=%>{XrZ#`wP
zvBVX!KbmEoMx^HWmg1pZLZKSo>YBY5muhS3jLpaekc;*=a3|l3H}@>5E9VspUN4WK
ztFv6+uw7I44(10q2`12{J+HbVkb7R0(Cg_~w;Q&@WQa-|*0@AeUAGgWIXor<_RT$)
zmHZzjXd_?p0tct7k%_ifXQR40IAAts84l~vMK%MBTInVO!YUa+RsY9QNA`+BZunNG
zOZq2Z!g$RHFoGA?2j=$XUp39T93Fq=Y*&Ab^_=-F%@k9sgwo~GgqG+$()h?y=tvqx
zeVi>Ov}j0AdlDpykXu?-JgGBU5_M14qIB9t!&y+xF}-AoDAG7J@T&h+znH_8m0YAI
zVBCH3yBFm|<E!g4D^`Z?G?zNYOICG*exPo1dTLSf=Eg3_Uw6h;=gBW3opR`UjQZMS
ztz8B$>q?aDmX+ir73v#jlkAo!N~ZWftQ5LX!5Tx<^))kwfU0CvSF?FWPT({5IP;vP
zSeoV3V7$wnteCTIhQAJiUeKU-+6x)pH6R%H=61y}?7w#uG%NMe%=4awh)aDF(UjFs
zCkT;DbFj!i)%l~OWNWx%czX`KVG*@NhQz2!Y(*y4yUVRo&R&T^RwYn?5pvU3q{p&p
ziAZP)Q!22nL*=ND$kE!w-qIz@F2U;~$~e+uW^kv7<WLqII+|0GskYq*#7ZMcwHYn5
zM`Q9ZT`TR{Z+HHW5~{x~Oq`zQmCFq+U8Fxqusf58TG7rX7*h(U=)6c98B`q?xd36?
zLs@BS)Zh}wqP=>e1U{N*Gead>OOux;w-sX40JH^@mn0D-7V<|BU2}?4kyGx(VTiI9
zs_`ooj!79R7v43c^*+Q(q8XRqC-1I>R|~W&zM)^h{tYbS+56Z2B7zasySrr?`kQ5S
zi4%z$x;_J@)VJnUGnB?=rkqDZk#z`W7E#m9$hN8pZ1vZ}GrDOddt9}SWFNUu>d}(F
z;#R@8N1^KYg=fdKM5GuUF)=6&AQ_x|y<3A~^?5NP??rW9#GnsZGWcu3<a<%UZyt5&
zaIhm6PD^Aud|k0?sAz=+r(+H)J_GW~c|k;}SEv<QWU%<Id5oxBh++=%jYldXQAgHZ
z`TZd^9qP`4_IP~oTc|p*&1eE8Fk$hiT1BP9@Py>7Tr;u-`$DkI2>OT5_`1{)i~m^Y
zPxDX(CVN;xkf@l^0}}&@z#p?ZGR8G}o%cB^4hDHpPPgi2{lCU&_Mc=+xx17JK4(Po
zVx6(hciQ%CccEJE=;$FEFf9nfKua~MKL1y$ppZ<X7ooc8ZSm-a?T%)9xAW+{IGQ!S
zv(9ZZeAe46ICGBRyQ4$JiHH*x@yd8~n09-<@gyE}LoMEQzA?f}rA5e=W6L(=%xi!E
zxf7z~P_;)z2_jIm3ZBp`sg)3;!#GsqUMr=MurncU>aE$+#&gOG42NmQ3o5Jd7&UI#
zZjK5qzTa*u76R((Hf^k(PxM}wqK5lsN(7Hu3TLw>K*^pZuA8KJW58UAa>>&aE8f5W
ze3?T_QEf<X<JFDn=r)V~8yEoXZWPNLK|D%dNh*%P+_NCi5XgS1P``wsx(zUeYlE8=
z)CQ>qIU_}#Ws3hZuQ44o474}FRo8~vwIU2vcjFhG5G~KdtHA_3HT3Qho);G)z3QmQ
z?tQni?{s}*$mnA!IWa#h8++TSGmkF7+9McEm=U@%mAs_t{_=+1MbW6^cldHIMImMD
zl3_6;xL$DGau2s&GEx`pmZ@z|xztsMP0Yl#I=SB!l2%-<z=8TdUyJvmGX4-}AsI+f
z=%op7m97q%4k=%0FRVH!cZ}JkT;1lgRo9eYu7bu>Y!rCI=hm56(#&LSxOvmn-n-4n
z^*>t+LT3QJI|_`Quc7ETS`^eZ{E3x9*YdO)?Y-z}SCWiDHE3Fpcf5Fw@AnFxL5$-U
z^Pfb)NRrjE^5v44V+6%t!KLsVB?VYvApDh~s~tk%HjAMZkV^96>5He&Un&g*eL_@f
z+_L@Ee!d_-J6lvUc}{+Y|G&`x|APEXekSCCToC*J>VM>CGFOYNr{-JD=d&&$wK8^z
z)Mp&nEOrSbClMZZgPQV-|6#s`I{y_Bg>K>b2~6RX+=1mVr#EPoK1-^aW@@k}U(BDo
zqY*^WZRVB>#VE~8PoAGHI#Y)thV2xc?V71~W(}jJ#SXf3(*r{a&Wha~-31APkz3aM
zmXQr#Z&+zZ+k!tF?lCv{wb+@Pg7IoW&a2~N2?ll4nsg$9@vyZe9iPM5ex}_mZV5|g
z5W0fgEuY30FAnx;<joC^6ib`;Ee|>!pi+jQIOmrd!tuj~^~-4YsgW)N=?f$vmOlaI
z;tr*1=Q)GSYs2kHfZc;%N|KL9U3&5H2s~AdLZd@0wb+PJv(7fnwa}$BK}sspHe&by
zs@z$h-a4><)ijfe^sm9mR_?8c-^qvvw+p5y3X8rh$Qd4d2_8l@53efX*=OgT8Jggx
z`F9|=n)gU9AhTXIqY2T4;wIobSNd#o{LbAQ)m+(vXEPIUr9CHPspG;Zc$n;ap_klq
zOck#|Lt>){GjmO4cblH+3j!~OT(>aJANusMF=ut;CXk}P@-R^^Gaq2uFJ{&%_(rPV
z|6>%7Z+W?&;l0#MIg&}^|Gn~9drSvU=O0hn*`7kggCP=bvs6Po0DH9ccrO|OMe?c!
z0x}~7y92JM7RP&^1{O^x#oEktrsM{w=dLq`-9%5SjWwFw7bjnkIeB)fPI-aX2sY6c
zO%#jvBE_hIDy2Z}h=lYRXuc;rbQL>Gfpas-J;koslL4i!qrCa9=b=j7<M8A{r0i_9
z;svjE7b4?HT%^{~`@Qch9=#EF<c{I8!_jlj{{lSf_8^|Be>7(c_*BE{wA5-?PDmt|
zu+86YF~pIU>?N6#zllPWFH!1MUCEY}Ifvo3Oz|Sg>XfBMJ+m0IRO0D5SSMZ{+InN#
z$TB_NaHk*LJP~{u4WqT$4e%I_2GnlQ6<{H&W%CHs>I5u$_i3)NK=nm1^~SA3?z_b5
zgq;@<-75+_V!ms(%BU+REyBW~R`v=)IL2NA`zzlSfG*s00K-ST$9?cv`wowF-0|cn
z>MrU^_ckLm6JUr`3{m}xrTC)P5ZT83cT`Cwvr#MFXx2HWZfivMf|!MfIQs4;F%|ES
zWA45-FqVVPx!V+l(PY2qIX7qNo5+aVtM+|kB+_~4uv=(|UBDbreRa-O39y7}UxJpw
zxNHIxc#75KGFwVj5-?9$=}Tb-2CAtb2q$KW3-UwT0%0`SVCXn@@E`7rqqg;EStmEF
zGF~JE6W`VqS<;LaiMlBLD4S{+b67plIkpI+!n|xkjin5_v|>;>VDu);r`S<zqGy>D
zGevGp!~4cK=mLLsYc-&(Xr{<mrBn4S&zIi!9^<Eldw=?bbwSu-4KDTG(K_m;{hRUx
zM{b1?R#lxmyotu@s6k<@)hW`M5-6<>eHz12^JRBLN}N2JVXr^w6gsO{k1*O9&3QFs
zxjFPc@7br~jOqJoTbFY|tQpn!)a~_9bf2#PokuWP93MB<E4+^V_(&xVb@W1K%O^(s
zB^ApujhJoJa!@}j(dyqETJBor-1{-mpxu~uV46gG1Clr+%i2xd*8Em6!YBhD8bdcM
z+me!{wKK3$D_p?s&unV|f<$V{NRB!id4#Y^?n~Zb+I$7{%_J|fTUPGKR!9k?14ulT
zlCL4tE8w1_6>5+$JELqJX>IEWtT>`Wo*&a5U>WiKcB_!$Pri8i{OR*O1>f1It@vNS
zf2~#C{QrD4U?=fJHt0EZZc3!#-s@9%0e18+PFuS^`Qqt|r_WE+oL`)(*;|(R7xU+*
z!~+i6X;IIN$&PLQyfBH&qD*xRx!y!)vub8o$V2h<-0)kte%6h>6F_djrNArlBo`%n
z;y(0EJ5JlV%k&*Y!ga?j&5b#5@Nbou9nJSi`@ma=#=`s2qq@A}&Hui5^Wps6oA*~|
zZ(out`_r}rifr&zcwxnu5An5!;hh-3ih+jru}=2))F0!D#nZ0Tx(%L&p$f{z!Ncyi
zqO2OI873FxvfirSh0^epqziRRu8AnIuF3WIN*SsF$DdS-!`guVY$qZ&p;<BO(Y}oV
zT#BqVD`2$+-8uu%0MtcMHrZW0b!4vBKk@AWYok6pWC2X=r-<3V(XV2lkoL&qL4eGf
z%O-hZTZ&trI#n88n4%khRx<E^y!^9Tg~3EsF!H`-#sA0N`*$~P8++sT@4gD0?e`pe
zTTAwC)27{XZ*v^moBHYg@U@(z_awbph=e56B%u(Xy~>m4y?+m801}i)5R~LyZ<qL^
z-B=_D41k%z{QAt*;strO%>);W#;h%kq))_Rr=q%^=V?N(AQsVF;@~7vX$Pe>4-s)s
zU=#@S`SsPAJ~sf?WlN3vFhN@5?JUq`z-nL4NQ~%~v6X7T3@k7c#LwxzG>6Ps)Q)u7
zRkJ~AJ&0%XmpP5v%anKuqK1@04Jd-T20dw$5_2)7Q=V|OA{2bwSXPgf7JV3hyRpVp
ztRs}n5<#($9XTOtk&9x!AkR9>;y;F3tXouJRlz_6uj`-#%m^B`jwygP2C7<XQQ&)@
z7S4c5WN?Ygn^zM9q;Ao?!J4X>G5D!bC^t{P8#kb(DC)*2&K#6mTBwD{_1OT{2E#!F
zMm-<|acu3CxPZAkqq9a9VZKL#Q-w<JM@#qi7=SMuJ`1uFmU<b&J0PELw9gFryxQ7W
zPcvXTPQ}g77yO)<!m)jzeK%mL8(7HWVG_FoQj_gKsmZ{0{_WY$Mh)M9`F!>~C!qU?
zwpRoujrHtIRKwXRXjz-+|5dd!&y4!=uz*dcM-!@P;+50U62V7_X~?K-#sVrH!-FHO
zjiQgW{WeMlg)(3sgF@Lgy3dZY4+`a=P!0;^z;*_O^6~SW5QUQEYD<+es?;(>m)OuP
z{aTeN{Jl@5(mFOKw|w~>*dGJub&fs`n{n!@n!t-XG|7;ibIVq{5gKbnJPJDBvel$R
znsrFBrg?QM#hqghlXIOi?t$dn7P2jn+jh&e$1KnG3{%vDZebE?OUR<`-4G&~!lY8S
zMDk0cAW5{16hi0En{fE7Z%vp9`j1Mq2mlM-9}n}+x1E@yGE!pWCtvMy8Bco@-^_~)
ze4sf?1dTy1ZD7Y(L>$TT=JL?`sxYOJk;9wG`PU7o0)AF03iWpOHji0;!&CM>&tlP1
zzG4kXyo!@rh<hRuEb3RNk(iBy?(f+A$5a$qYYZbg({1WHgg@j=E=?VAfUugJe@#;Q
z9;g5*Zl~LS2T+sdOe)ATa=$<&fz%NyE0QakF5BavP28pF_OJhi3ow37-)l;eQ6p)e
z!VKQF#@&h;fk~NR+G6v~fn^BMq{<Y&mOdRD;9viX+&v%v;V<KpHi*AR={ENqxmNhC
zR_HB<9NWNeJskAb4zOD#z*a-Ica2jIgWYQ0{e2*}JnQO*+FDz`2AnOEQQn5N)i7|k
z7a(-4+g4PqF4QiIsI@G~>!4{JnNsdKE4K;4r<#oaW)e@7$myJE9mMQ=*+ASd6pMY~
zadlvEb*bc?7+l-qZ<#{Qty;p?*jt_IMJVRhmUvqZrdI3Z`e1F<@U&Wc?18gY$I@!;
zu>)hPJDJs^R_+Z~t8)}xcv=sFrL{ATR`<Q413&A5u(S4!o7K5|0eD$kVr6-)8C&9H
z`BGoD#K`g@_-%uag$vZab+^IB>c+p?Eq}#>dDV({wPjKYPQOdHL8cU{)!0s(u5!3L
zMWL33s_C9!et-_f<>xlgL>qeC)P&5}yLB2@gJ~M8(P?&4Y3en~_1eYughA#ELU#ci
zL9;<bD|=DIq{P|{G+Q~s(;W7tXbko4#J9MY7YUV$M_(r*y4BPO%w%nPvo_O=oPIwc
z=Um=ua{GWJOsei0Tp1;|#grusvc^DZNNKddENfGai@je8>CaKOwCQV1l(;XB%})9)
zy_XE9JJr+GKeINIUx?LrCfl=}n#hgM+fo2<2Lmu1IM>z!69DrHlwOH~+*8b%0Zua}
zH+=bmTx7Dqf?8_rGo2<uNC_<yho+UG%v`}B@EYNJ$OYz@cKCjuu=nbVCr9MT`<c}L
zm#LY2GA5VlGT{+dT2skpEYESbOqqGX+b5s7>dAv_3h(#PvaFToSde?IH?un}5m}y#
zysR_otgaT`-X0;nOQhTZ;)6rtGe-v*qoFE7FMQsE@)f&Hoj=r65^uc<-5NIN<%|fd
z>Uv}f&|<L<F3X3!T~1f_>zV^Qn-FT6nxBqic6Tge`s@gXfIFqbXIh&lmE_5@Cu1_P
z`q7a)@A5fsk28^%1A)2-Cr`+s$YDeg%}B!N9kW?Ln$fJV>hjapR9X^PwTc8)t|HrD
z_8!<bEJjvdm|Ufq$RlPvKlq53I+7`6(p~Fzk`Kt>Nw6OTd%rvnr;~jHF0dK@xnSh-
z+%otj%O#gevy7O_TQ8xk(AAXElKAj6rN4-bTzow-!+QFWh_)jhtfi1w@AkNk=r2Xi
zv|bXV=#)>dD>wS@<eVysIu39kU)p{t5ViU;1-vSF#Zgjr&?h2b`}5Z#?x9pTFIkrT
zH$B2L{5wf?Z{&^0m_J_Un$ei(lY4~!{66Q3dAU)L2+~{J@2OjxkbS{U#&s)0teSqn
z$RfY6NW_$w&AyLWe0zP_YZBjHU)nk7e~Q`0@L`C4M!BEi_f%9XJ@w_9j#`OwlY8nN
zJ>Af81GP(UuNUvfA40F(mFBlR^Tu-3PqBU)9B)xo@c=HplLgg`l%z$X_|jAKhuAHz
zHyD&Gw!24PJb_D*bB1+_;ujX8rgI0vc5UqJH3A<R?pop?>P_C=;~|<Uv+_0LB*JWH
z$<))a)eaFi1<0^7H|nkOlp4>54U`<}-;Tky`g9CDvs3R`uzW*dvM;tOMLX&*-Llwn
zT<-(lUSIAct9@~5o3dIz-6*T!hY8E?c*Hs`48}(FaN>IV%@lvCo5@C;_mb$<D^?!D
z^$jrVOyHXf;^>_;?gC@*Bd3NJLEn0febwm#Sp;yJe)F?$*y$ldgg+C{!3rEw_W`a5
z-2R9i<F<!5V#~!W40=F6`f^gYn4Yoag1nrR8n)v_^w|+$*b?ol2a+Uw#ykMtL2#=g
z<38};joBR7H}vXW+qEFCoxf5Ni6p^7CEndDW=M##%Z96)Dc&Z>w||Dqo4KYP;{qIC
zU!0!5z8I(RZx`Zzq{OI@Y{ZpMG6rB128K3<Ao?vm?mg0AZc+<P!nZbP5@YpDXjEz)
zn?fl6?IousaFQDHTahG4Yn3y0<XW1JKfD%E8BS_b?a(PYuWQibzQq9fFq^WEwDHHd
zuhY7Er%vrj?eAT;$E69Dzhx@|(4aGs>%E!R_YzYP5aGCxEFa^i9}9821RV_anzfWZ
zYA5YAn>A6^{JHc8`xy>uVD+?Gs}3}h8WCPUK5awO-a=Bs9&-TwgM`rclr)`LOxxu!
z>9ZQX>Gjik0}59}<yP0rX)GX0DTfvJODShN(>UeXqu~bKI;K@ww$>kc7PnJ<&7=v>
z))h$eH{*mUeayb<*;acHne{@~eb9|(Yn}Y*O8%UT@av;xT+#pWIF9Q^IlqC3J(y9>
zdg6MS=DG%porSo3cV0L00kpqIdG8OBn>&y*Ovl?^52^SvB+*EWI|)$5kXyMKgiD&!
zlqr^1(1WG~rT*vJCCes?Mz>zC$e<s5^7_FJ4qv-%5Rt>=npJ^fcz{0UY5d53+s?{2
zbxTrN7^JQXlz&FdPYiKgiX|X{w~_!cZG7QXA!pa{@P1BO=cPK!O7&l+T$K#R?+#=N
zfsqmMUu!mz0jC3@?m(Z7tLm^FHmOKi+?Wzy`Q+r}1hG%Q{PIg8azaVWBA%{4=<OJL
z_~Wx@WAZ<zuU|p<<5Ee)PRFn62WlOA5H5B5Ka;m_Dipc;n{aC^$yo~=_7C$<Uwknp
z=R5~218#txY(%CF8P0?v6c9B*P4eGu7YMDO0C5x31o(WR4Azd`y$O#LrXV8g6dia}
z#76z$7)mt|CVWH^e#^*Aev^x0St6a909kLJCK(b3QSC*^)CY`1>a<VR&JsMmrV$!o
zncG@rY#)9<F|iyF`hj^Rb-^03*eOe7)3uhl_!n#eza!aZd)mv2G)lL{2y$En7Qsm?
zAwHB4g77-ftDYgm(yb-!B^;7X0ZMku5m%Agdgn{rOGUQPGeTDS4QR-(VW1S|$!n3|
zkj!AvP;K3{fE6njr52PYnJUaOK^UeUGm{cwq`iHnG{4n%M8lECkaZ%<Ixjg(sN#3%
zT}tW7&F1PH>%n+@fGkAhL@Jt_Gq3;d(*Xhu_G?wHmwJn#Xt%}HXf2n78cKb<l1{gE
z5HzT^2YYj`g_zO~vD`4QgVadnw_8eOYz?wmVb)s0Tw&}A+<<QPDw451fMCYfM?7QR
zaR^=OOwJs5SD~`J4pIdJdh8>SyThEZ?O85k+fq7X3zgB>!X!1eE)O5J+8MKMKAgT`
zsmK{;CD8&Xq6A4n?YB&1OkNwNjE9R(rAP{eori3O*L9v=X?-jK*gj;|<zv9b1G=r?
zvXCivv3xVVP)4_}VqqhgYk+IG^QIl*8tyWAJYI9h-c21rD;-ivs75pUf=znZzRD)3
zdf~<HLM(j&8>zp!CXzhNk{~%bJS!9KYyi<^rdU3s5qs)d7}#>bQkHx0;cYOa&3RkU
zEH<dj5zB#*u=k4PdM(Z-mn6>l9m^#-{MwhgZfdQxdj5mV6Y!<*KxKH`vgXV=a@DYL
zmN><(D{5(B8SDK937WtPSE9&`&&w8EibSsO+--@lRfDP@bA1KL9n5Y-!rM7ace~K&
z%H`4?jqIJ1DZ66ftWdWB7k35NwWQKm6Twy91?Ys$SvI_4fp%0@eW;~fg{B4yLYK?L
z>wFKQbtYnVRZJ5u7n9yb|E8BQ_^Q0Jci~Wz(%aBr`<E<}9Q2a4iaUB4y6CfhU<Bm!
zCCt?6(LcSZ#{XS+il^2U^&8)2OZOcT(Ik=U^)M{k_v`4oOSr;L?M~x*6IzNu=mu&P
zV?+RF{hcV1qym#qGa@qE!4aWJV!u<>3-FINXXXI-w%y=t`Q)7~+ecB`n<4T5Tl%D{
z^i|cYAhH5$`*6HId4#7*<$PKw|Ca3oALx#ub1iG6TptnWHTvofY;0r*9684<z(QRf
z+)c(<DFvVp;2%A8TVTK<Dxek}@Z&lzCYlzySH`<_0}>=)oZG6kvAECfX&#?mwdRl2
zRkG@NS1GlBCi?GmDhg$D7(5QIP4C#p^nx`R*i7a5bx)ReOEh}9eC9hMJEYhaPBpZY
zd3zn4YJ*el({QR?qEk&v(u7MWs#D`PwhWcuO4rwKab9scRBzYQz8p=wOOp}i&{nIs
zRvCOL3|RS|JRs0l#|5Tg&IeTr3F7CYbI|cXE=7k~4;v^uG|L1^MtOvw{PGBI@p`|4
zX1Syh^H$@kS}9lq%*)|~B2eAQs;41OuUBBIs*1v;BwDbP!arYXy0ui;YHC~(t;{Kg
z#Y|Y9N+M=QwYa<|ch5TR?zZ)COA)(ae8unTZL<_!X)4#7rK%MlkP2V5$^i?<8Y%k#
z(+x9F6Hu>a!K)aIZ9#Ux)FE5C5j*q`SH}oC-j)0CsI<h^-G?>RBIFcyD<A6$Mo6zg
zDo9<;2<SG%edss`L!3te?n6hj2y)JbxDOruB8W`{X&^N%BcR()+I{E<%`4+c+;k-d
z5W%%?1D&xrgi-g$RlQz))Ql%F<gDg3_u;|8czl3?AJv7SP_xmW3Cki8hkB{?7;~vW
zt*T5>uJbgt<L%{^#PRJFmC4pAdby=iRH;H`#UnG}vPfdEPGozKB;hHC;sG%*9wwC}
zhxo^Fv@Ak+hIu+=smNDHWjFfuTEFIrry=|@XCx}}oMkFmJ)q82Qm!kRy=wJEsoZ5?
zJ}qTB@M4pe6hcGdxH1uKKf5D$G?(2oCjHf{nBQ?Jg0_p6h^w~&o0Wi`(uc{_-w7Uk
zBQ6X#_4iG+RpiX(d<2r;6xpoK#+uIi%wHPEHV3ld$KU@ts^At5e;mU<e)sgNr@z|&
z`2EwThlfA>{q;9DR~P@}Pk;R(E7Dv1uU`*;U>E-k?BwawubP1z)>}>E<Cz+Xe1xQb
z0k!G^I<W-W=Dbuws$^oNmi_=+y^o6BS-iDAf(O^IL*rLITy#ojN8mC$=Yc7V_UU@!
zf@0}X<TPKA*qFvvJ?dXL1u%9l`Um5SdA>^)W6EM)q&*60!1FFe?x9GnDSm5XD)2GC
z6W0_qr_n9ml1g$Su!@ss`{ar7gQtvk*#glN4S^6MW}4o%BOFuB{EIHsfU|mNI(e$~
z#MhuEJoxgF;35G07xqf)I9_K|my`^bjlmLeE#c1&(?+T&0ryN(PG&|D5z!=|Tpp=w
zF|c_q>{+#rK)r?Z7g75IvuGmy25-7tCOm?I_;6E&WiGeP4b=2~&(k6$h18o|Wab%f
zuja&*1H8Aj{Gm7s&!EHl{k=;kn3R;POhJ%QYOj~FfXjxN0qVcr9>omY`=z=m%Zlh5
zhcV+x_-V8Stjk3xG82gQL5|O()OEJhaJq$?jd%-^Zcoa`>*CF+4DAHPwN7WcBGkrl
zmE7Mtif>9|jS+j%Dl(N@cu=)?97b#~@VFu){Xf>&V?BIRHp76G_EV$#g8Q{ehlyFj
z6lAclvTQ#_&!pl`Z_Xbx@~uQiYrA`9_JYu-wd_!d*Vl}(81rKiR(78knLHxXr#3{e
zy<;&WnZ6*D=nZH^%9$oG)UnA$N@PZtav=a-GNMZwapl2r%xQG1Uj?5X4DX0UPfd8U
zyKMCoAGOFuF>lx3X!&-OP-&^#*sr-IOA@a#+MT+Kadnal<Nbkg5K6Af(#z;?I!h=|
z$)RM7T-Ys*zfAn<GFl_^daRfz;iEFF1?Dj2E}y$8z^^ILILN2vwrc#jeLLh3hh?z^
zSQZN>uH*FTQo6T!JTs<1wRiG~$mVXnt?GnoagY(7>3euw&;$hm4!*U^v&kiP%jXL<
zx@X|oMVVgl8aqh79-!KO$|MLHW$b)tjn`AWrz@zNXW}7iAtoIcYqKMpb^t;~!hwxw
z2FfHD#r4w4c63M5Fh{)+oI>H{pHU=Anj(r`3$$XG{(e{OpBt7g6RN^vIi7s)Sj`>p
zt3J~-i$^rk+wSVSv#v;i@}$;6v2H9|%}UfGt*G@nqXahqOQ$T3E9@CGrQByMx2NLj
zyR#$0$82o>%iE>x#)<(Y<``pNrhLGLhbcJrW^bRGPPX57|EVXg-~8+7KOMA#zrNEF
zC)W=IK!lh#+_>%%yzSkUh$l-HjSW7}JG>YZmZ`j>!q%0D9q@7-bI$%{qbFd=O1o`D
z70WsUmTfj{CX~Uko`HKx)8r7Wg;@OHh$ta|?*K3K_Ia8S_MS_qgo3n%rJ)#XUMeX1
zlX@rE!Z-enD$Ex8T_)7;%B^pM2tnfzgx(2maji59$iQIVK?1YN(-ld%RP>gO$wVt0
zZs-E8WJaJyKZ{9`DejLx(r=dE2Qs)y%H@p6BGN)}nX{2qhq^X@6GJscgO<WXvFk4_
zC`NWI<Ic&$+R)4#$@N%nn7hcLN)>{I?I>vT1~i~#Wuk`AT44M-8H<>dG+!M7rWsc@
zCK@AZ{bSWDkkSm%!*UjhOsc$yV5KOT=HixRWom+!1~)z>kl3gITp1g|3ZWZ<L<^eD
zS(VD2(iry0-^&|7mo>w#2AydQn=4qBsa8lzkJpb`S=02W8(`d$kSDEzhxG7Mq)gG6
zD%vYD`!y|*vrNPb5X^~$3Cr0mZvtY;U5IAj7Yj=xsHLRF<c$dQv|>OusLFt{hBeB{
zuOYK!F^LP%#w%vp<r56H%xdkf7e#NX#Q&&@vISZ+>6+cnOWh&M6wjHhYoIr{A#{=9
z#;%jR+c2$p_M9nM1!tl>(~Qw*FUE2M!VZ?9vsY@270nj|Ttq31T+-6FYw~?ubchG{
zTEt=gyfx^y>g6i=0+V|rn78nOAh$yby{L7JTe6^c+gq9|?R8Wl&A^aG@VU{m5SK_m
zM4@dxJ#8WRs<vq!H3@bLtyTUh-!-h>#BG$3K>_eowlS_*&<parnu24L;qpe02|0)M
zia$0BVrxg$9}jU@leG_mX4ZU5HHkxE&P1#EYfU^y;CYiWsW)^kl7!_zE_3@2+Xl5N
zCV;qtuCJrg{8L_4GIk%-r`6A>#A=c@E&<G5HY(A6Gt6;VjSB&ip^wvSg~U8}HVqnl
zf_k0nY3VCZMyH7u=+5RV$6J?sVKfy^PuFZ_EH&<*>iq}xTFKs8|0sNGosY{v)}W4!
zX7ALCH0f+rJgjS{3JYOS8>4b7;WW-9AflshOb0~LLOfX5(`(%5^y(5`w)et0{D+nH
z!A@e^rcASgs$vol+WkiF5It=5GyHeJ?J$nF5~4k4`b)uG!c4~i6G*d_3DQ#wp2wpl
z&D9ERG)Lv=gFAN9CIesU9TU<8CFHi+dIRaK$IQ4{%h&{1z2JFPtNc*249U^7tu{*+
zdc#^=9_cK@V>Y0A2lrGrb|36ap?3!x7~HX205z%e%3bs(&1z*m5Gr&Aqz0TW+$6YC
z*9H57{@M}Y?G{?MQId&lWRmqu=Z(?3Z3Hpe6lfNv*%_q`M(cKedUa`-^kF74WPA8*
znBs<(w8qN~c2jB}HlI9H!a8M{ta`+=Sjz(ti(tr*MHI2Xqh!p6E)sGj0t|Uls-gvx
zM2ev8P6*GWqDfL=b(;+!K;tyNBv%m)W8qHry|I8U6KYIUvm%Qy)RC)IpCG-Bivn0R
zBwFeC3_S^zbs>zU+KmL3xfM#$g+-o)i?XRE_)>&LG)`%Bdr$LNLV*LSI3l(kq1NUq
zSlPir*b%LknP=;IraS4w>bJ0Cx~`)>Ep=bXN(``y2w|NTN~Bcr2rPhn=6KiA5~ae%
zQiL5*P(?slGK*!-WV5y!xbN2q>Fh3C8ixj9t5nhnOCcJ4%nbMjLrB1rp0mKind(a&
z1sL3!tqD=OOq~I5EM%CL@H_H7_|To6(7c)?;$9MUFG{NyYJXwNH8b2u9<5ymOut&a
z)Jqw4;fR+#LU%{{tlzUF(f{w`*d3;C&+Pd;!|Z-8t!dIE*Br*VSS~{qCB4_5uFoFA
zK=L~#AsEOe{rKP++%{(!%c%m#r>Wq{XM}DHwRRM?CWN~U(8+9<v?r%_mfiFK=0v>%
z?BNYuE+`E3lzeL-;7j>Z=4H3o2f~yfv>~8<06jOxL@*|Yr^#~Rd^u3Cl)R}-U9D5a
z9d}TVXStB_jqSG03}UAcYGAO_9B$&nO}uG(!%e)YeGWHqhlg!F)lxgF8yB5PZ+(Et
z8=*{~0%+Eh^s|AIjawQ8-g!?~<BTa&kIMQ4uI+cf$!SLsa<`dlnRD<gSFjbcwivY%
zC{n9<4S4@Rng{{?J7gU9Vqzs_$7I4RW{x}QdJtG}-<o5`Oi`Z5N|xR<%kSV$d&t5*
zWOd}>XK&pq6XE(>rmFl>C-~V7$S)rVc33sJT`y<knnmJ{<+uSZ-Y;n;xyW8po`iaY
z>{h9qLI71)k5B07g)AAmS?<&jz|{WIeVV|~WzO!nD8lGq(ijSb8irKnuD;;&64}*;
zDnsZ^9*5tCF{GHPLe^`oL=e!hM;CXw_79<PVlqakxawa*uJ(3#W-Qq<JC<yhAxj=>
zaz?%FAsLly@Sazg(T;zdnrorWETVoq{PiYgV8bgEb5iCFPw0IlYE>7HQ<~8^8<pLT
zs^lOq`m)=4Ix9$-ia(r>&-Z*>+cFPpCj=#P_~Mp%g_|d&RwUPcua8bHQmz!UVb0~r
zfcTU+u)dz#3{L<D3dS|F_a)Y*a{+*x_C5DxVXQZ;YG;I}ON2szvpq67c-C>yn*tF;
zY7+K7Vk|a;|Mb{Rug9?jKv+$R+J3e#n#z21$`bN(!SWT+dZEn<360^2L?(G`a#xJE
zF61WAS4{yo-Nk#Y8$-3Lt?t+Boz#mH0x5#GTuDY(W5r<6nhqQ4R@3eD&3X7esz(?j
z*{~Fvb#IzPaE}DZSM~v%q6`}?t@Y%Vt-_6i!~|X&s9@VIW*pSu&3bg%UDCJS`fg5a
zLGV>>YlE`FwE--eFrXl}VTpCKB#=R_$tJ=lPqwjpVY6$t0~yL?uO$KBvQ<Y#=go#y
ztwbgld}-l(;hdY@K)$01@3V{C8RBL4GCLw~gwp?a0U0Dc_oZ&<g2^{R!TTR%k#PDu
zERpf=aqz2QmKRjo=sAvREM+WZx%ga?%Z!NJP<M+XU<Qf9v+jk;8{V_WhVhvN7kO<3
z_cqkh2i}qDv)Qm8u%AK%NtqS`V187wc|f35y`?OlLv^?)2>z;SJ!KTOE%$Z5@O#_(
zm>02i17OvkwwoqgL+*P??LTu+gkC|S(}%g)Zn37Dni~!nwT_f7HP`vSTDgD&^#6L?
zV|gye<djIB%@gMKVa<BZ=YqS{BhvSzp9_9R6NdSWG%GRR#B4+V4CfXI@~TyWGPm!^
zEn7V~TIWl_JwCb2o>cWeYdomb;UK2r3H%mVzL=Oyt#uW+pKAM%_oiJ#P>r4TETQO5
z>2K>_@1X%GD~L`Lr=QAMW-@0tjL<<{?r5lnk{e-3SiKm+I;6-B#Bc4&$=D4}V1aPA
z1vA-FYn?iY%z?+!tl1_Avx~n~B^w3xDRPrAy%C-a_+J%DOE(^0)v7R!oXMrY5Zy*1
z^w3}y0BLQ*_5i#<L%$SR7Wq<0gZs38X2LipFDn|`^ia%NE)NK#keamRpdL@_HQJ1W
z2?|dc-?C^XL{RTGloYRRCDsiN6%)%34lwS<*wjOJs=i7oHwH|J`a~cdz8l%vHpvi#
z+rdjOWl6tcGH!!<TvJhGX5ZT?U%OLO&)(J)D2HcGLzNg9HprQ#lc^YBZw8M4a>nu;
z*KWFM=3GIai3P)zhA$oA+BL^;_Q{Sj5xSIIF+8?XQN@lB4{?@Q*py%)l!}<oOa$S?
zafTjYF$q%-!Y#ra)U74&{+y`z{}scFf>&Zanz1>Ka{E2%iKKiWN!o?5WLpES7gV>m
z1<-1xHUkRC*v4D+mG6L`iWzws1|#Y8$WvsRm^2_1;aQXvF~$!e3)Q?TgwJn5(yg?S
z>Q$=)+I*KXv?!FpH!)sFtSI+v6jo=U*X#o|?~qIO2v*1QK)|;;ADOilv8V&GMs@S!
zOFqpRIa|;yV~JCU8C_$oW2Q>cXo0eT63w>~rVb=o2&qU)qXo~(5}8?9PP-$2Vkufx
zl@POaPiWc$gH3C;X9ezx$G(EBece^&1>n@y->*>j3>yH_;B^*+6FlqRwC!NI<T5RN
zmOOLhGBYoD`{gz5W^BMR7vi48g4{C*MACXHWERK}#2jb#kdzmRbeW5k+bDUvCw4Bt
zn-pG1r1}acMW&axLYjGbMikBGOzD0|R-{wrEo!=7jIrL(od+d$XKfbS18)*?ZF__a
zB+wyeB9Cl{r-ced;5fbV-x=9hWJ-F4b{ME9lK=bf--Ls$9aQhMt>(SRllY#;-9_Fc
zIn*6J_01%}wA%{_)^EJLzvpoeV!-2dBG{|1CIZn^AUtN7(uX_u>uHD3+f#DEu_Pb#
z4e%`KlxJ0a$7%t(yg>R~Swp{M3X6t8(FdUxMDnyq6wR0@WU}&Zrw_RZ-NH3t@9`jn
z3EA@Ty0C?`Egsng>%2DD0F^4^Ha;#TZ&@^ty=Rdrwz5o$Id3hE^+ECQD`@XRLXmI(
zQaVWZyNZbIAnHF&HQ=TZo}R>P$+C`mULqqet9^<D*_rkR$Lr%mH6K_+v6{qiZnz7P
z#FDW0DyQC$M<PwNB3t%1BQ*1~uAr;KzLbIZ6IKQg;=Ut8dCkLMU#U}}_UEu0rcG!^
znEg5~Kb%aKNe<Xyp|Gk-0FrlEiW8WzIa#t^=mHItd`2>V;9`ArwQOE%pKF|e|LCV!
z!<}Z3j*lH2K_W8#TQ;DQ<81tcH8b_X1O%S>kes^u&UoVpADd6r+sY>HSboRZ{jtgT
z8r^fX7@1_{V^AQEe+&QDX>Gtu)oC1?oK38kYN|7g9f;Q>NbNZy1&_b#vWoRmc{+_3
z+qerK8vcC-1$)C_gUqvQ77g=9qhvXjigs&8iv`1+StCttDLeZCV_f%exBQOVL{5?y
zS=PR2L8=*5R5I0Nj;rfu)jOJdxM#%t1pX%$6WYNtOzl}R`m0g%vRW@Qk(Y$Aa6^9n
zYr|{d+nUBXi#n<w2km|{qHn*wJnu^;{f<=x;oo&q1$g|x&BK2#+$$KA_%DfL`r2)l
zou_CXvC3q6&gE?w4A;hM^`rI8*#$9w4ZOKD+X=f2h3(yns$%?(m^Sl>Rj!nn%iCR`
zy|y<!uHP3d@<as<<K1s7QILC6VBFkOZus&AxyWRZvkDYw?K53_IPlg&F0j_Td|~e=
z-i~_!CP3N0nlRVRl-|Dgy&JqA3$mB4+eEu=84qJGUD8~^bt`;xmakY===>qub$4FQ
zY(h`n56)%zkpGfh){xUu$lZZ2OI#Lm9J9M)8PjJ+Fock7-TFMKBu}0_8IuW5c|!99
z3xbtZ(d=`6leoysfk05($rExYau`uWGm<b{Sj=#k72XOu?ra~5?UB8kzn5_@)#U)6
zcSNddUb;H3oK+pyl5fr~#^hUbl`&!&xtgB8-qY~Jha_y!(cQs95OSaQ%Ye1J{-)32
zV-U=5Pw2jx;Evi_r{e0GEnCA4*EA`7c+LLHmHvZ}9H308A{3cPR3y~rH$v<0n4Di+
zU0<A?-dvo&Am5lTa94RAlN(W)i#->fGUd+zij-qJLMBXTR^ccD@&L`qWyV#Ba_!gs
zqC{jSd_?zZtkrW4;XW)gAJIS8zT)YWkt+msEr;G}Xb8GZSqRkdOG1f3YYP*h^Qrnf
zilk0MaVAPT4G}ql<r%2?@%Ug2IT;7z1FMK7HdxZzsgX_9U|jsB`o<d*^42D|`ZYGb
z5wBT>Sym914PWTuEnv4QrtV-(*yfzynOcrJ+oG%C1TV33IPEp?`ql2^z|+`c6b9nU
zj3E+fifA;8vgBD<fy<I}>^6sP&f2;3-P{#XfM%^nc8$N<$JcJC<)2MTx<7OQt~J1~
zdLc&}h%IUBK^c*DTn_5^`r`Eb^~E@icVSU1i<g3D{t^vqINJ6VyLap#93(GOf61>i
zm2^~MDH1Vn#$fJ2h~Hu`@`#Q!g?GQ!s70R}japcOR5L5Jd9?`6Civ(R-?LJ<PK_@A
z#+2c~0(?NVa8S6GEKfP+{?xQZ{~f7SlYBS=@2W(WN331VY)9emWP_R`U3oTleQoX2
zbtbsX*{DRHnel`{^=>O`+kLlLW$Lk(Icvwmx0BUcD4(N?wRQ_8bS_QJ+9X+3K!C<N
zLg$DKlN(RTGUs<ZVRN4$aKW>=Q$@?I&1LG<)eZTt^?y}$E?PT=^YP~G4FLCozj)`1
zjvk0-OAs;|jliUI_%E$9$H`OjJu}~j^ahplNRj)6C}C1zZrv*iM-}nj%-hGh2d#gi
zc&zoqwfsY1J@g*$q+f5rp{=#O)C!#)ISzqJvV5Krxk?kB-But*GhvD(GNOO5`!{FQ
zpI@*p9d_CQJ9B^4%gPJ}Wqr>6X4!-Z_HZxrPoBW+IyCl=JoA97{SG{r%SiGth6|6@
zxNSx*Cuft(x?g0=`00QEYVQTP%`eg>Okp<r(N&`bU7i+dan2<aVGLJLHr{k{Fc2x&
zcq0hcg!XRKs*kh3on8@IXzD2g)3~E%P|b0IInKRjXx`glezu2)nB9KE=WBkf4$C`L
zTllg3eVUQ=_G9_|S05l0e@96JC;H#Tcf~WVI8`F=<u|CkRhm!=sYHq=49u9kvu?#3
zFy>v(Hao2HLg5YsG{4OBt)#1Pb3Oj~h-B>EjEUR#$$uKNBA|UFe|-@QUtU2KTEtgl
zD~d#xv8W3)H*86M4rhD(=WNYVic|gXf+k45H~TR2)yW?|y4q`Ypw%+GDeWbN?1=WF
znVFf&X(si$)%_(0#>sg=4pp@D`uFyp1Ctb)tFGWUZ*VzYl{qlJA??`-2)jDmqGg^h
z*T)_I75qkCaS5S0U3m2HFqZ}v7Bsgjed*-OpJ*KCFHi>0j3$+LCX8Ds2AY*#>_fF$
z8myz6vn%LDl0X0H1T?unJpa>)ckw@L-brsu(g*b}?yS!Ak1ejn5JPPWtz}IxyjJs4
zbI4)ybufguk{aQ9+7KK2iO0s;^fqKn!5hzg3DUhcnH*+%;J^Jxs~3NBc$l}>{qVQF
zT=e<RZ9^StVb}VbOXO`01-^q<KX7iSib-n%zc3~Voxhp<^y>8Mi&sE5jBfE*B-O%b
z<=ezPhM(HD^VPX*S*X)4TXWZC<ju=T%~QAGk!!c0tb6Kqy*g#HRth|jz0;{bUAv@e
zq5wEtK7L5soM*!1Be|pW%#j*ho}>PbsBXn#=is^^igqh5d7li-1AN}<Ec*N)^T{>)
z*NmS@8B%*~eb;@|owbv}cVy<VEt_99l_Cn`aE-5;5<<3$QpNu~$I4`|*@8w*wUKNb
z4NV<1t@i!Bzj{OKWu~C~%1+D^dgvD&TE4QLeB45=t_#T~DG8NU>YDI1H%s{;IP=c5
zCJ)B9OSb)eXO^g!D2?~N{oMJwc}BTsw&n~Ap+vStW=+$Jb*KFmJaN`tu&vq=7{6S)
zk^pDe$V8D@r&8Uew8I(woYLy|Y0}^Is4n9kiER2|OY_TfqhZ=iG-);&3D{+1bEiGH
zM2|1ew?3F6SN9_CQ>3H*%31`C`E5OkwEZ^nxX#`L&fXf{UfUV;YsBTHwdWD^`$0;-
z+u9L)Tt{zvDcMn#p%k0m*=$vnVdwh?ZuuTO$G%_;8G7L=jzhs{<(#F5<|1}9TXT|J
z{0mBjhA|QQG#c*_q$)}Ds))>m!7_yv+QaP;qA8_Ign=iqxX<os9(%x|gVG#uBX*U=
ztS35D??7-J_;mGuOt~_(pG}2m=dSH{m1LDuQnL}wGR#*TyI4j<q-bKHEt$G!%&$$J
zoSdNT@#M=dza#(<7PE+_>zxpM>W|N!jmiI<zV?Om69bnkv0@dD2o}WcSRRr8GkN=_
zs*`Gd^>%D3(d#`@l5<SXo$x!?)<@N%6JZI;CC_F~X<IHWXRrlF_<Ugj$n_pect<69
zFsGnh*w(zkFiZGODM?@oM<n65jLalJkNa~;Yz^g{Nv-mm>ecw6YIjNIEkd+kXJi1T
zZQVm;4zmR_GU!@1kQ{kI$6*L?^3}e1RrZR@U<$}ojE5#7o5QMg_(y~rY{cR+i+8o`
z@YsZ7MnxE%eUlebeO+X65>Pm{Hrpp>8$DobuSw0YaMnTfhxHo08$)GWRrU9-g0$WI
zSU|7Fbgs`6%?K@&7(p3&8*Du$KV}5#Djz}J<B&q;MuXZMkF)x2E#;6}w?AeL{gtEF
z$Im#5rWREzbf_6k*^%b9w!m?{TA<|fjOA#L2?LFyYnW|7!oQ;qt!0cp^^(x}9MDDX
zLRKl$j3VK`R5c72j9gv3h8S>AiM1-GScb`sVKu?^2CUTJF(DUHD5&VCdo~Ls%fjFg
zOfs4#BJ!6Lz!r(rV2WfhftSdF(b%F-Yqe;(Wbv4gGkq9mJfbQH%uv4_v$)WDwaF1(
zFe37pVR`%+iJT6N3<^A6APKl0;gqYK<||ZQ?AmE&h4=)46oyeDS|em%`PF^W8_*8+
z*`x=)<Qjj%S3$+wJY2F5s2u?2puk?=`~>|YR1yX<H?T);k6sz4#?)Bf;8a1AWHn;%
zHGAfFEJRq?hAFKE4}qy8+|<jQDXiP`1m}?n$jEpCj|O%Pzy*cEst0WyvpbfrOy5EM
z_6IoJ7Jsu30%vfS!~<X1fWg_L-`-F~TVR|$1QKT;7H6*>Z<%3KJ~Yn0Jwk_l@i@0d
z<lF+2^MOz~_k_#2132Dx*qjfB&iO$2oDYG}xeG?;4hyyoPUpiRbv_hU=R=@%J|JG_
zgCKT32xjLFsGVElcJ8p(x5Mt-2EDT{e&<#Qo?BsfZbO4Da6ETK^4xNj9}La&!SFmE
z7}4_~Fg?RjJ^OTN@IUu}>$%0b=>5WO=$>J5<JcPSymk|AWi=ycIx<zN&8@QKYU*5L
z1AErHqIR_pTehCZUD$Ht{b{JBc3!X}5{v9W8S~Ck#8~{PScYHmoe+L4Og9(fP(Ib$
zH#-RB&h(D*giaHC&xcSawDCdmu??<j`dH|=Wm%yi6ToYrK85?iYRy9#O*yzm`{Ns9
zeys0{{^M1`m}-7uxo9%_^x0}%zSpXCg%ek;w$HBN=5c4-M*zj-RPD-z2!`DjU?4^3
z-xOy0AZMyttjA)FbIjM{{TR<~OraF4axyc8_6;Cq!@vW3x9OfmR)Lh(?7aJ5uW+T*
z8=$-X^&lCD4)WJ@+0&&|zUSgN5IPlwve~itdjPqh0=g2``?hD}bdRe^J(U$g59+Zm
zM}*O6p;fREC^><9N-LaJvpm<6Eq!I{a;FE?h_hLpfC=MwDPydp2{H=p5p>MVi2$}X
zICIwQpJD!?dfX;Lb;6|{?k!u%%~^!X6Fb)`bzC106Y5c9&Nuqd6L7U4g<mpLT$x(C
zo|B}$;87^Y;t0%ZdbB&CT<oLJq7GG)OchHUE|eJ1vt?2uATvp6e#_!gvkG0MD^0x8
zJds<W2T^!*RV%O=Zpb|tj}K68HWcLy>Z6x!p>~8{)1^d<h}MO`5-XrMtXhOS<gn2I
z94)tPV}I^xdv3Ekn|Yek)W?#u)kQrG#0G90_5sAG)If*IsFhv@p_ce5On@_p0R4<w
z{s5{nNUB$#K>=00dMtylIs&Y=uq3wxV>tm=y*hP*vo2@AOd5;e_UhA(sVfyXiOzT@
zN~@n=tcvLBh}!DatuMlBEsCpGzn+M%5HN7tLPNkdrWF(tw%)?;Vc6=?p-$b=ymm9|
z<q>w41a6~Chk1_4Ya{S_ZXT+2U@4M9l_gNOmYmpNV%C6&m8@--l{D==Z6gxHg|K<G
zzkuj#aqnYo54;Xx+tQL4YF*#b4A@yjB5-yexYPu;z6B=&yA3Hzf$hVY8ttnV_M|K`
zSJUJJCn$2Fc{E&pth$Zm>%xS8KeJb_jlYXE+y>X5US0OICOB`l*b|&5K3R*xC0Z1m
z048!?P3yZp>QC^Ee*4SQ#?W4BQCY=t1d9!KL6tBm3zhJ#z(K>ELMDG07|jD-$e{m@
zVn^$(&fTxA^fOjfw8n&w8k?}?W#Sj$j3YG5gu-B$BQ(YLawL*6jM&Y~&YkSDUb^G9
zu~wCQ*ePhm^kJzaqXkQ8Z#_%5mwIKcjCxr`G84t}R1z`kAN=8FtUbAV78q?=wXFjr
zW_Bt&k@m_dAdNOlxMC-LFF(Yo22fhiG_$|MwfjJ1*)IB{BxP?!xo0@X?!IVjyIEu!
zEHT!)(rcA`mY5@}_Vm46`7ANky3()DJ*2j6^cj@u)~m}dOAM@4uO7QCF|Ku`SJxg(
zOmM#3W}iX%bG<E6eoG9Ag51hg`@AeMj(TIIX3Z+o-_YS!c(bONs`hR`U5oW*oH?aY
zM&vbst%HN{_@K|~l-LF4+E%F9=+A^@k%(;$(2VCj2dS0x$_C(Cw17>Pwx0ec2Itpj
zf?J7Jo00u;XN9>^lgq0A0adovTM0>G^yMmJJmD!f*<hNTGTGD5aEKj@qh)bqIvb}f
z75VC@>`?#MQ?ON|F}*>w5s8XCXPHV?A6PRl=@%YCQnmVmmdJ)^AuDyT-umOLM52{P
zl{rTLm1TG2j^^I_O-*fU<vQkfT=vh5pxNqeucJY*#^zRxz5e!AA=dS%AfqCn-CY!F
zStui`dM~A6bryf4Je^17eW`bs`hNASJFl_cmQ*R0XD`VA9{%|IUq?^BIz0U0Wb~JR
z{{HaCG5q6qPrrKltNoAPKYe<5_`}~{e{*wn@lXEr*B`PXy~Y3f_3#IF@z20co<9BR
z|LZx>+P#2hY9#UzF6j%1fb7+sCHHRUx)S{rJWIa|0)b0{X7?ZH;BI&Q>qO;m8{bE{
z{q=XZJQf#9kIu2|OHUg!zSLq~Hb2Hxg`_+_I?M9Mh*iT9?t#4yfoh*{pc<}p%`^b<
zXMM&R5T%CkXMvrDMyY{|J9z64QEJ_7h*BG()P^XvK79^RYD1LT5T!OmsfDy5N^OWz
z+e4HZUfLRB)dDAH@VTl$wST8LHK{jP#7?6~6q&jaw=5t4WzCkb(E~tCt=kqtYzbg}
z*zE3ML)d5$bA659VvpHZU2w-NW^wsL;1)C7MCsX%$tlTM#FyNZNuc<5+;yh#aVWp#
zO0r~zS`p2vvdOt~DK?kG9fpkR5O9=xE*X&vQ6w?R*}sfGI+Wq#{BNAm)S`xf#N`zF
z4U{gq!Jc^tKE>WIc@CR>!XlBy+Ze7k`lwVUaEAq(SmGitQ`PTi!eg#hWkeVrFMapu
ztju0DyD??8=7cVnxuDU4NoV9oJyzS4urG_-CdHg*cqxFMwU(HyNG=pr!8>Skitetm
zpVS`->=9Kqm9GGvMVR3@bl}cG2sbT>B(~6=e?HOo-^iSHEn@&|ObL>N#|>!dG;>E)
z`^57v$U+pk9G~~|DJemo!JBAOviEC65=NyW&rV3nvqFWIC~&SUfBK@wF$}+~Y+2O6
zy`aFq%Ueot<yHb0X1(8*g5y%Uw-qD0`frsiw9MTnl4c+HV7DsY+0oC1n66Y9REK%C
zUYhT}%^x@516#-KzzQ1pzzRLE<)si^WuA+|Ta=(S7kJv<kgZ1nDq8D5T0kT)Z+lk?
z`srMv2Lrfh!ltk*5(4@!wm|Un_P8h5;GE65RCynY;0yK5X-XxDoTNpf_%bP}<DJB{
z?aW9?*E>QT(>q0E8H99QQtoHIhvgVprT}LEBIwzY=CmY#B+``1r|5(sH0qE-1{+Pw
z#hfM;6`a_YT{ov<8O^-D(>jVSJWj-YhEQ#c%=sP5)^;TcFd2PKqg$56<XdTp6R$Fw
z8sOVyF7CMAoGf1JyCYH-P19JH*_KX6wQ5&N6|x6lq<*-I|420b=lm{WA-bsUbJt1S
zd7+y&reT-UITfaWukrh0Wza;k75{zAB9p9b6jSK_!2yl!(P@3a%T7DxY(5P`vN_17
zah-=<(^yFIHIynlXP~sZvbL2j>kz)1P`!-+qwGCRmkE>O+dqS?&77&@d>S8LU!0!5
zz8I(RE+CUVL9`D12zE7aXTPk|q*#f9+*7QxXprx2`0@q0$YcQ!J5;TGrc+M?RuYDT
zM=lI;{Tk&5K*QS=S~j2h@7ZWVU5I-U3vv%32Y34J23~z>ttrl8&T`==btKYdE>bS7
zSTS&JJ7aM2l+Jr>M|iw6I>6b)KbcBpVHWOQr|q{3aX(UGR7f`B-q^RG3E#361Of(6
z*}PD@`zZlNUiiCKHm<)u|5kR{jU2W5n5pPEV#~#`>3w@<v}f|9BI8Qr;c!F;_6?MR
zkw_AQ6(eTkj4c;sm%UN1_dNfAkdwd*a)=XYDTLQ0u?E>JL{dLi@E1H)&c?~79ToK+
z$u`<EB>Otxpr6@i%>cg+{`v<aQ#a0flrz<l0<sRZZeD@=x#MW0g<7yo@dz!uvOD0=
zWnJWQhPR5C#ejX2^O#9e@~3JOdb`Yc@*$`j>b?na;P!LferTs`Uw3SfqqP^G>omk|
z=UnV{Up#;dV~s(=Up5#djZ@x{AN?p;WcQT}^s3fhtx(<eMkXVgu*<hWw=(l={bDvT
ze{}GfJFX#Z7~y{}HxJ1~-0mnC@WJahB4^hlZ1Ju_drlR*r{OZ&Ja5Sdv!ijGGbt?x
zHM_(+#nY=x@(p&iJ5G5n6sn)+BBk6LsIZQqTYJ$?$`!C7lesGUA*Q35$ej|ug}%3%
z`{YN2hTc$#J{@T2{wh<YF*$ZQn__^GJ9?2qmKTIh8OcB-%OnRUpcBhtAbhy2@&iz<
z@>^zKi8;4GV0!x?VJY|4qaF01PhJm_GP%g;H1T^{>l?a!g}hAYoG|#0<CshR|70?G
z1)h{5Gj{<m6~MP(_-~m}icDemvx<za7x1_94&hmB0YRPmapsB6V0Bui-(axOl#!bS
zk8ZCV=ZVPm-!kV<!A6`O?*;8MGp(yWh6CpvE3vF%HZfF!->8%#;+;Uiuou9}Rf(|}
z#Mth$17#<CVyH(oNMXDB<_YR&9gfuHnWfFnlfiw}mF?f)DthB2;Mqx)+q93L$mW`v
z#kOkag5oWxT<-2ja*$N^pg`*GgL|8d;@J9oDX`n0@OdY?FF)Rd*d}w!nqwXRX534_
zTb5#3B)%Xths-<sAMpFTxS^aJoA5iho0!v_-4#^%sv(=p?rOL}>D!X|)YwVb^7a{0
z=&CJ2%iHl<VXJ)<s|qSkWs<5w15Zx=^u-rra?W!A7~&;@cIC35IRj-Bvz*{g+RYY>
z67Q)>)sRiq?T1{eLbYr5)Rx&&q1jPk0fwF4g@z3DOK%3c%`NYsXHedG&s^-*Z1e6s
za(};Wj`?1*$9v?AyV>C0K0`9aH*>%{m#Zy5yd(45&;ROK;rl@)*%pf=z|qz-qdPED
zJ3Of)C@Xtkx!66zZo~4fgR`xBRHF3eShwU&2XwnvVT|noL^8HMf*G@&L+IL7E3%&B
z9MEGQSsV&Kw`YlrZKo{ee!0tik^sUI0D`lV`xMjk<|J?C83**(kcr%xT^!JDX$a_*
zQyk3b!g33`vxWmQ5B8Q!5SD4$GrzRT9QA8A{oxP#7}I+hG7hSD8qG7dZd9jwVd62X
zlIlum9{9kwV-mJcyKM;gRne+yG}-CiPS%{L<)5vhZG5EdPSnA7x)0y!KBGxLo)<6v
zJiU0bR$J2=<A8a9nkJ?p2pPbA%ky`7bxER}LFO<`B!WV()w40=_V#MDMXS?MrC7S`
zz`-4yc%QrzZ!ZpkMUm2Mq)#xo@f@k@rNFun8546>QM7{P4^rBSjQ?D)kRoZclFEDZ
zl|X-6&<C}HwNoF7We|0YU^RAxl2-PBJL-pP-09*RsAyk7_GZ;Xy;>Ds)BwU=b`H}O
z<a*up{7gFel#!I@xyX$-$DM|^Pl!Cx_e7TC)hIXd2@|Hw7J==j1fdxw8g<zUY+xu%
z-};KDY(ek1D01vs3G&4J^hC?bmGGDMwwCD%^B<@w8`iAc4FN{xSXjf{2yp&4x+|B<
zmdk%&jqy${wXFTln_^Z!0`41i&GBvmKW(cwnkomF!D*98K8Eh-*BiSmw4b%!So;1G
z9<46V`^OC6dsh0$GG0LcoqSDY2OE4%Gdf2j!{OxW>(@{9P66xD<@ve?+SRu318;Uu
zYg{8iFX_AS<^zyn51E@*esw`pHAv2@^@0@`9AInXNXtS(q~~24-|jY%?x28b)Y~yw
z-xo%(77agm`)s!f-P7buq?#Q!!?D$t<H?zgL6Mlphi_TE94>1kx?nUWiI|ha?@wPn
zZ5S$w$4N$)%hj0tn33;KU)B2K(gcFVjt3o-fU8`jOf6W^BsTy0U*!4t`N{Z1_jzrt
z-_<MR?)muHvoTuT=~UdY@g|$|UHb0Xw1YzDV9k=XFxj#^5hz;KXztmRv{h;HODcWW
z!KG;4gpEV`+s(}tS<;-QOtBo@0KOq~4+Dn6Xv};`cD1p*GU%7)Ej-A^xK863MGy=$
zXL2br=_|GqcG)z}+zE?{oU0Ww!yYa@&;t?bRrfQp9gPfI#i?|Arq*UfzRe_4T98f?
zn%(-vc;LNIKM<*#oMuvM4tAtlOm+f2jmoadS)1v0-D5WvaecbvDq&PIlG0nP>2&aJ
zC+WM8483_+WkYM+P&<Q5yAtS60t-+_r_)^AOW1~jB!b57;j}Iyyxr5KR+eaYPza{$
zqh<;+Sj%IKJA^J}F~$FqZ~*}_O}g9>*0d3`JC^7@KTgFjJW1$S<nv>ejlP|rq2qft
zJ=Q%Q{|(RAaqBwnW4paKM?x#W=&|kNDz{thA0vCRbU!20(Y}rqIR%$0i>q=WnUEQu
z%^r^E%`@_Tj%9^6pj6BKCw`TDMBa#rp4eWN_N5jRyDTbnu(_JS%pIG5HPIjxvkb#_
z^jQ-*pLb==?Y6eHi9P(Hp0ljWaX8US1@qp^(*I*JsZxKoTKj)YCL<?%s9JoQB-^k3
zE{j$l(e7jlu)yl!J`YrjFa-k6#_@A|@gI{nLYYz~<`*u({OMBxN}~bD$D3D^G5LPM
zGW{>q7;TtW6;6I+y7zQz?Mo&vBgRhIopJplZ>_-vM+=(G{lO}f<RVG*RiIeLR8>Yt
zmGk+W<vzngw`-<jiBhV?SB4v+g~hdM_9=bO(;_8Vkxp5zCoXwfB#LHC6#8mZcHA<7
zQ}PSTg`r!@s4d*@C?K(5GCNQvCJ4-$Jc~ryzAdZIHq)&;4khK8p4SU<;vs2!Xv&h#
z*$r1oi|wLD&Kpe4aPLC;b)xk9&ExMlnJSUJ??ierZ(dE-uSFiMtozatvD{N-tu_n;
zkywpGzsqNkC{$)!b`|msz6Q<s{5ADfR@@vOzT-gkm*uIgi?X|5sG|9t`8}-<8}N8j
zMLHtv++G76!z$}PZg1v;)XER5li!2V;q~zw04(dlO4ZiJO7{WN*`^kLcpdzG#gPS<
zrroxVeh38LnqCM|4Sp8#c$h>z_^V_YP}potLUE`e5(vtX+n#Qjw<Z9#f$jWzvz-le
zjez-l_B<z``-m?WET0ry`BMem!(eUE)s+c*AriU)&ZKp+JKTW2-Ha8e^~2A`&mp3o
zrAxIsBHxJ8dr|M4=G{^9r+1Vma53C`Hx^Nmvdqb!os061wCm<>kNI3AG@HZyd3ifO
zj`Gz~iDQ+><KHfC=c7nuQqfF#@U=S=WO`hueId(H!da$%is&|)_1Wo$VvYT|fA(Ee
z>*dJGdK-gY?zTZM9|UAqr-NQT=;ec6KCqqkHt6M_49^MC%R$XLE!4svR9Qa`6VR;4
z5(6w8b*-+5jUnCIr+W%=Rt^Be;5d_G@)8nY!F8x8PoQi^^_=MTdIspvXSJEP@B4uL
z9u@f=yQ&Jlg_7|iN%X%X?7(;!+`w)EK?&sI?EG&RzS+_&mJ52zj`R!5av((HG0Vs9
zJq15hzo2+}Zo9e!5m<lg^8DjpO>Wt0(jj|0<gT^;YcaQ9tAD4seIQZ0g_sRw{N3X9
zF^kp*$QlZyTbQuyFDO9_cJGD|AsLD&)g>JLf-y)aZX*y=`ra&FAR~BfyvUA`sVaL0
zUSG{rtIA1!Nq6&V^6U>?4s-7|NqN?D0_ZN@;{=}XGyxP%s6CwZw+NnzOywe3tI&wL
z2y#FZ*9)Tkz&D*#NM(kTuNfAPNR7iE$hC)kwj!q+EX|r1tjggkJFG<X5upHBnltGS
z{x^~sB)Vporse`5ytu~IBfYkM!)5m|_8;L9Smj!NDur$1?*TFJ4L`R0AQe@`+TN+l
zme+dWa)w~0Qy_nAUTX;Vj*>zutuI|$WWIG8Hb|v8SBqjgjzsDRsAE$SRjrPviI^Uz
zRClb!mCE_FP$HKYC3P(Md_?nT!4->Ck+WmE<fBMrcUp@UnH;C_Z{?CjBbvn{9C=;Z
zw5u7^YJJxXVq+UlSzWmhiY89PO!+=pidbU0H>y7+;%dq>O{<kb2yRLxK=Xvnk>a&z
z|ClWkvC`XkbF=zmVSIrudMLc*hOnVcMMbU^4%if|VNdvm*s8y-Gc6pBn^cF{Kh7s}
zhV?LISNYU3!>JnN5jjm*u2M)2%CXEW&4j!z5|)=eH}Qim9W|j6qt#&oH#{(xaPu{r
z90X9pX3F|06Ij;Hs?d_}u2LcGuv_(2yLWWgBM;bVr^HH`lpf5g+NA$h&!{%9+Ooo6
zy@SiF>@@zD8~8vXkyJ^`wi$QM#B#rHSZ0cT2Tkhj#%t@lc$_jtW2)$QUOv;loEG)1
zoFciW1|O2@`);um8D9T6c($~F<TLWF=_~KrFP75om}EtsJwGDT0zdn1j5}yt@rWP(
zIo_m=x9h(gtxbVTA`0+SnjlF4chy{5t!?1eZfm^2PQ7b;`*5qfi&W)|%D`Q44Uf9$
z0(;+|O|raYG?SYAE(f#qr<KR>RhJhI3}UtVQ>M>$&d^1@<tY3Kg`51e@iC-f<4^kY
zO~QG*l*F~`SHh)&JJ>B-H7sGv*EhSs52kb-<#|c9KHDM8uPe4>ZwEA65sFd1HruDj
zVwNWWo{!?PNyr+r0a(d!b(bvHhmOT#Vv6A;OtG@_vV3UySPL<mb?$sS{VWsNNU=QS
z8KgdglD4jGHO#J2xgm#Y!FWy*I%SC@DOHiF$p+Udkw4w1hGshr(9i6nwz{M<v@Isw
zt_yk2r(DoHMyAuGCv6N_?`5)}de0#MH2{2LH)C=^qlNt|Vs$i)nG#u~Da|WWpMKk%
z@E)3Imx32?M`)U5@0&ua;9I{zY~B};Zr!4=wQ^&KDBNN4joa`;j2b@CUW=hN=u4Z5
zpVv0j)-tom_Oo-GeuB@lGy8`nFy2k#ohI19q&=Fl-9)G~FX){ugd;iNIxSiBkkj{T
zBpa*W_*Cxu(QMzw-x{`8^K<nT`gj^n+hoF(9O$7-yiDLBdznrv>sGR=>|0LG6Fk08
z$sKg=cRTU^3K9=vGU`0(A5IZ#KJC_c-+bz~op|#Z?>gNhqmZxtvGK5XA7%d`Zalu5
z!yW-)e$)CEo{Se@j>kV><sJ7g#k91+*^U8>vib@r#}lKFLX{k1?Fm**EuYonu`{xd
z>b1ioSv>}?uRmz|bRRYMWAcCh-*5io->gLonk#u6<uUxvs7gA_i-gJXil)h~-#9rr
zIr;LBf5iX)6aN3n^DprKPo918#TO_4@$8E)|M;h8&%XHLkI(+&<oUCcFaG!+<YYfn
z^tVDPn*Ybi30(@2-_h3Rq@uH#ryrcmN%{YuNc(N+OUdc|82u@QWVxve1Fn^7PmHj>
zn#ddfc6T!V^7;70g6uXuGm7%~*g)FyY(9=e&V<xo`Kf8={bn>8{ibsJzaVtU*?Yw@
zNI57$e4qX1mS^z`a#lzs(rd#>Ad3}@Hovh3OwCScmI(}`F{~y+$7aIv(VS&ttussu
zp2RGN&h4k~PR7svFviqhJDqVg=-RVLh~Joa46;78MgsgsvnV~Hc`l0O3)1`$c4<dW
z6`KPJ5dQawG>{yALHble@47H$?6q3-_l6%|adU56CPhw@jX5COUWgp(gV(;F+rA~w
z=0!sD^_PD`u&U>as?4L7XEu{W_cbz<yL*N`MGKae$qi!3veT=}@BT2U{drAMsL#iQ
zSV*n1i9F`n9LroK`huR#2}}xa&CNQHwF{SjYQEh&o3$oO>#k8fdZSdtPOi0~fWBbB
z%<#I%Wo7nnvha%;pml)29TW8LOAA*9-pm{{RWZ-_FJ<2)Fls^-+prO6g(c4{D8^BV
zDw8w)6;fnQe^_j!F=}Yel|7`DQ+7*7Y^fj|G$<(>w`JJyo)yr09s)5e@BtPZC<$!?
z&#o^fH>KsONtr~tJC2!Z2{gf=c%%VX$wdl%vMgQ-o+&3>V*Nf+OjE8TC|gWI-S06u
z1I`7}iKw)V$z?{)Xv&f^+EPw`p9`QVEk~NLVN2jL-Svkz!wC%YYgsQ0wz4TkVpi(r
zwF8WY30+HT_3-L?d%I;0m~Yn|#1t^n<8bYpdIXL5AYs00&87f>1@~oQ6Y%sNfMVsz
ziZH!R;i6OWv1Zfa25;NO0}Wi@u01NQZsjr$lbGRsj7hQ(_e9JT%M5?D5v_Wbt=1Qs
zvud8LI0sZ|4)uck@8QX>hlf9$jQ;Y^-#=YF{i^);z4Pzb`S-&4ck29Gx__5Xzk2%r
zZEK%Pc*?^-Ctv9&5m}?M=jvsXfDu#M+cayBP?8Lw0I4J0;GKwOdXeKIVq^0$E}fK4
zK#B21MuI!l+2c?{@(<5oe_@;h!9a(<{uenJKmWpS)AZT<e37d)n$<#9^(0|8wS73{
z*(;XK_0{g#w(GgnM54)0wl>pGQsr9nY7HK)i<&EZ{o1@eF)!P4Md)0auH3kh_Op@2
zrNfKQGbj~4UAZe{^^{hDYy+kgd~U>r`Iilr;+YNaO_w6m675)%SxW#zh>;~kD==ww
zIKSdg59w6o>eqXkXHUP{`cMG_2|QHDILqUsiB>-ttqEHlQStSKHF~A~)0EXutjO2C
z*xDr_6IKs;s>k~OVEg>%p<TrL`}?(v2P|0ir(@LVj%y`Wk8MXk0R@hm;>BzeIr*U+
z|IQySdoo}CZTW{0{J}R8{Xlz!cUYJ|OuR>Ax65JRT?ZD=gzbYh%G)Ec;FsXD78&&T
z4rl%jw&XkL`(2qSC0R#?Z(uC@#s#<a!5E_`XmS;tp%|QiR-@=?H6$o>7lSt$P*4ql
zfl5Hzjsd_Gty8mEA8==u7kj^K@QAyOW~;Ye5E~n85e82;+LDx-Q~dWU8?|f_?yb7y
zCq>O4!ZS4z`3OJnm|~mTtSMfgb&RJ*g~=gQNAj5EfcXp;Es-Ji&<YIg9jiTMT6bis
z$n~ulW1zSsiOA+1Ikz8AKg1Tey0?rie?rRq)Q`x2XKeWrUVJI?(u|-rZcUw18iBgd
zL1ld*<XOS&649ArYtd#VdeD|0B)luDWkDs05=Oms3Q3rThV4^XQVipHEUfnx1{E2u
zD{?5T45jGz!Z%T%Z7EzKAlckqlpvx|%R(VoX0If=l&PFY2*c1RZ#%l(uQU!x$I`64
z_2+<P@aJHDNVJ5$j{C;1hkETljCb;5`)3}yt^5CEl+z_c{e3^)zYhQ37bjnQdGe<<
z|KG_Me;E9KAEZ4V|KH}$`#16a)hG6`e18)d1r`um^ZdC#ZTS6aqi^y0$!IoT^Z2>1
z_44=8WVxW*d;Q$GluEIKa#%yLz(M|mqpX7|XzgM?&)FP|?KH}Tlq4+@#g_)~$za#<
z%=ppVTt?UYF&;dIgU7H&{lR1SAv}f-BbY2%WR`B-kLbqv)sF2NeK9fs8AjXrCjN}z
zLM=qje`(48s~b?<XB~uyLNX#U!tPkUvV$=z-WMdx!9Z@loUB!4!32M5E1*zY>%zG7
z9B_94tuh5B+pa7N<_-X<Td!W!?1|~TEPG43Y+KI7k51XAluN*+(O<&lv6gSybLo}<
zI(3(9*|J=Vf3>?xwd`Ksp{+birzxOsS(f(P%Q~!~3kR`Y>~*zdV>n7BfK)^!8}Ups
z$e6rqH8cH~ksqIYO(l<hd}2{osN<V9?vo!gTOj3yexA{s<v+II0(p0hhkW#xB4?9x
z6c$~<AE&j49UapKY`_CxSKtv~!bJLnHLYn)j`YbaYabB8P?MagoU=Os!bLG*Dpdko
zYa|{H`@7emj<Aw*Y~k;#|JQGUx<ASIr>MGo)LUnwTy4|6W@;f?EoyZJ`CHhVYnwKO
z4vq-pzzN=BUAx=>yvCTW)n4F$)aaurGETX^Acz^>msvI{<S|V9m`3^xjAEWci2CZ-
zWWJ6NpH<I!1W%4iZM9^`ZS2v9oHfGfwEns_N3TiI!+uc*4a|RgYdE#7Q+Ro9thAOB
zR&_OegWsq$jqA8|8Xb<tU!2Z64;1)qb7`Fg?zdiZ3Gs7x6tjDfQg*!y*##NRyNcL7
zRvqX83fKkFE2MbcLzJ!yDqI&*wyqm9y1iswfP<uexjL5J@mypn%fdK=K2In=oj12;
zOj-d7{;Yl&PA-ahbcIQCf-h$VO&U`6i)rGiS9^IyXdLHE$|JNsfG*54sThsHBW3~Z
z?VT@Y;Og}Hzlt`vvar<fS<d9*vQHT5b^V<R$WK}hp?@wzTia!gBKHd()uJCE@(x5b
zjcdhXK==C;LshNP0ddFugkWjn0-LpQzCw(t^eVk(WWw4h-Cnk@U{g%XF$QWSP~gIO
z4b+m;<esi%$&em0s#LLz_E(|st;eB4`CZHPC26~U_IEN*^_5Z2vE!chwS5lMfIKbH
zN%m+&TT&_STjL+<ddfTd@Vk<eHrdmv!p9!lneD2{aMr9&43@LUsx=Olv)af%3Cmd_
zS>C?e*3P|scn{~^b~T)Pw+-ihIQJjo+<Ur<L?(+Q)P#Iif4aejj8A+(BXWI6&WPGZ
z;`Nqd+pifJNxYjKIZ4F*MA0?~?u{_^MBEdppSNVlnJf||$)R-Sc7K0A#?k4y(Ir2g
zF{<>H^BBV4rD9pM8ZT6uG*t4l?R&gj#)ZC43L0x26~Bu2_)Ic&<laUL$)pzq%wj8|
zC&jDd`%Yhn<GP7(P44U3azZ?ECBNF)2c1)W$+qZcdJQIC?2iyrX{YbIVNT&5aIej*
z<{jVK4<0^M5{4@FV3=ZCA&Lb@x`&{NJy!XT?ExT9deAQvBkW;-PlBOO!qLG(u)(^J
z!2&ZMc0dIS<vBe(?_T;fdF2EB@7{j<_~xDI`*&t1`8@`p1{xl;+JRj8W93Zyx^2jx
zCZ^G#<zOf-&*tm;jE(7Qg%1v4?|uVR6FK%}hN{TY-xw7>KQf4~L438gL437->w(0V
z-|&U)Va#7<a$6a}unqiX;5WO`Z{Rnr-+B;!)7f=Q6^&S?SZm^ZgOQ7zmv6y|0FWE4
z{TfJsnDCCQ`9flW;6y|;vAv$oS*D!6xAtYTj7}5wx0{=*=Rvdj-fk>mUM29Z$7<9%
zG4S2*$7(baNh0pA8Ad*aRqi>nu^Q!J(KD%XTCh+2;~(C?Z=FVNzuI9r+t*x6(@$^#
zE0a7%bA~mbs%sawRzGr~chNHEvSVbPt(1wYT)YpfQ}yJXdHNlu%0wbf=}59A%_-Ij
z%Q2FODiV3Pijm~x@=6|&v&-{qVlys}NGwwQ6VMBLGD&AsM%eo(DPj+6gKVg!9wE=>
zV~AJE;(C`6&C2gXU=)^B^OT7BF(a4C@<F*)>g?|M_=`V`PsVLG+5q~;>@{0YXsTMj
zG7tfBs=m=g%*vc9&Bc!~NPkIr4#|8oo&XaRG1fk9x5AP+zhjy80{Hjio@4QZR`J3(
zVHqWZA-2!QC%#mzss-7MG2*$;P20ZW*L*!>*A02%Yr0&A#D+OOw{WWml3bqeMg5KJ
z2YYEbjl+a}XCiL8aQAF8c?w-RZ|H1Dm_olXAFI@tYJAs#NFPO#1S;bj!+LZIIoU!f
z59%~TaVLFg9;(2T5GB6a@~FoLP0Mka2kP>qhdxgNb$Sw@*OPGFo@{MTAW(tDmw{p1
znlo<AXwbxJ9vds!hkbx-Ya<{7d-}}S(}s;9XkG(v>idb1G&0hr9O7$U1+hz6^Xh~q
zMQt#P`W_t2qPx*=FpIW+>w(-b)^~hGbLy*Cy-lIXz-3=!XY~=iTTi<JligDP#uUr_
z8(IlMmrIt#w%(8uw=5&yUcd74u^@s&9jfr4uY-5^!n<10CBtR$CoJFYGoBFRx58=I
zOcUQ!I;xP9@Ky5HhBVLUaebSIr;i@I!&k0fZLIUR*RQ~^#0*Yw$3km@fE@5qBd|bh
z07bg<Os&bL;{mT^9+ec`)=UO<_QRts<CJIQ%D(gPR%Niko{21Dk@_11ckai&*>J`C
zJ6l=IKchD^Xh`jfK$vdRso6Y`UbBT(6L{>qHJZn)&pd!O6G*o(P3B?rm_RKiOos`n
zJM7b6f`sWdx=Y>VbhW`r$|cb3tGpCp2zmRyfzyWygJw?pmAC+R)!ExOZ!XSmN+05Q
z&EwPB<u;z6J$pWY&%Vq>deO5S!4t<NY<<<x*;){O*M6I>+<FG&j^><B6DG-_*5`h@
zx_<kQ|2YEPZess~W-)p57XQnW?9j(8`;aT<J4Zk<k6yIqJ;lehPUPx}sQ3cyq0+Qn
zlLzuhR<#B+$3B!#zj|?eJpTO-^#S@<V7RfB-4R9rt0<T)i18KZtkr6Y>EDMD@HQg}
z&F4^&y;u^iNXq96gT^u!A|^a$VEg4+lrt)^=w?S)^pr)^9*u}9nus};cZe1=n=?X_
zq%2Y297WLDb-(C>$6Or(>b`~rHNZZH%Dk+c_Y=Jb+jgqIh?VZn`{QKmIl(CmQ>?9W
zhLH~@mkTgVwDP$SQb8P|$jRlE2~P2IQ<|0X&5ciZ$TAbgWgixRbLyZD;%necF-O=`
zki&Be_2qo$_Hsr<%9UdA5uB#7NBusQU1)u~;{qI<Mc}*mw&4tT1hS&@3C6>;BeiVS
z7{T2$T^TZ(dzhkgB*njkmcdX*x_!dn&6*>$$R2~5eC0`KQyOc-98aA+ZFdh$4h$o^
zM43RQ1#B7cO4z_2V9ojiCh^W!d*`ukq(q|kIBXZanvk=$oL3SWztS3nwDG+&-Pg?I
z#b7F@GBAbr3zm^Pmh;&PYD)q$^?N9)&b*%3Av~p{4dE$+|JP|lc*+o-veAa{6z^0A
z_O#xH@D#UwV!SCVJf#Eswyq{&VPi*ULz61tl%Vn#3%CozgQNY|su<L}LA@LJ=b+w^
zLA~2-gL>zk>cF1X+o0aL?GxioL7(86WKof`$t_=g2X?t&W$&Cz$QDLMRa5%le0S<}
zVYI(xtDeEpoBXwcy#ro0<4KrG7r=vu@aG}?c{lnE;m@t#dZ6%UbUVE1Q-|hT<BUSz
z1(3V+-}cbh_EEnKqC>CQtWU{`)3aCP#=O^BuR`zpc30PeK`$ky=w|VX0ey%J=tI5f
zHJ}geH}0<kRin-0x+R)M%;#Lu<ZZ-g7Fxdgyy=~WBG&G64I}O-DZO<m>!#s#!6G)U
z9k5Ebw*yJebFoaAlH~O2a!hU(TsF+3wZ={b!$dBx?!K^qOJusTQ5#44-?qkz-s2dL
zhWIXxeO4$;doH+bwuaC%-x<E~Q52AN*Af@7Ldcd(5sHsV&C?Z6J)KJO4(pP<8|qLG
zSE%6%wIlt8D^%;ZhC0-bwGQ>Z>hyWP|M*MnZ9V*<INirBPPfm(YIQ}bU2j@but1Tj
zsfWAiQ$vk5-)x5{iNOu|nYkf{C<(U>Q4(!~9ik)#_B2FEK>Nga(@>+$X@iCB@v^zW
z!uEMt*oGQyZQ~wlv^6|7)M&%@$<$~Q?RhmDG8W8zTCAeeIb|y6kwmh32f#DM<}Df4
zLm9TA4BJqKZ79Pwlws>bub~W^(}pr^t<(7A%dlPJJD@`7m-LKtHp&@|fh0VWie{0&
ze$HdAPS(GOPW{-?<uZXPHuegGc`&e5>{V$eZ{$#MXK*$S*8I=Mnm;%j-8MKI+Xg#0
z8wd6@I2)mTV!UanxHG7C?$`(Z`5E!gLA`U^px(6&c2MsI_B5z>&^|HVG*sLfD(+w#
zg4z6S2xj}dg4sUhiaXm@#>ixFL5w#OZyk&`lg%O#4Fla%`HN~WSoK004?g&hC=@y{
zgL2ao8)=J(B{XMb$#O1Y9zjIF&jrgluCASrGhOeZY9?*z!E&j)m@*VRkz%m{m!UBx
zR30-G9p_An<Zi5~)7<Bt%U)!1r)n2K&9EvLwH;DVKLxTFIzJq^Ny@WJ=%fQ*s69Bb
ze;6EQy`poIqeRp5T*0So0{G<myViMK&NGo?Jg0t+<SY_-+$OWS<LGv9uG@FkLoC<f
z&)V0h3l@!BVy&;HAdPkv_1^(}%vYhH9`gZ!b9(cblVrA&&`fJ4@^nnzX7J<W`n&eq
z-surJJv}`=BCr3U6@oVtFYR3#w{}?t&V0WBTq96N-%O4?p(W49U;M=rS>lIHYd<z4
za@zjO>1q3qum92d)0-_p*!&f)+N9BzVw^?KL&f;T*>j&5zc_pT0mZm8n6BbgC@W9D
zZ(a^PY#Zw%u~Nq}=Xd(jd3jY<pyDP-zE+8<Xx`c>UAdL1O!!P$*Q)GOUoV{URQT=7
z)7Ooiy5)ypBw(3X&^wHqW6|>$=Rlt+yR@^>2R!9c-!qz7h@+pZk!-&@1B;&TRv{~j
zn3R8Szwp-e2K%&LHK^<O{e+xeUHa~*Lk-8)sXVI7^-#mHWd@&A4M$=?55w*O2QTqq
zTk;RspA&#xVJNzBo2?WBc{N>`4HV^Ev7FN}IlZGi0sEur&HiM+I}=6Lz7PwRv+5}5
z%|E91a!gbDi^#^2NRLmypIn?hw+!?2>hc;7Q^fRt{ItQo#|xFV<=+s3L;=1Qi>OFh
zhJ|`|8UuC;A8tD|9k;4=A#H|fIB`9~RNqjL)_#jtT|~D&7-l%_HZBI**+6^ku+au&
z!S%4~g=E5oq*Q1Ucz(u-b=;f1{9ymL;+Etvh|rhTAdf0m`^C6ay^at98&oL0u^5Fa
zRyLC(wzVQF<*c3FMbZHx`+@J)`C43i>&U4x_ABRt1!c1Tt)k#_HV>_;dSg^Yd}Zqo
ziiDkBzX{V+zn_q6kuY+4{pN_!j8M%CGphI<L+`!b+K&3#QBKZ_b8Qk8g9cWnHLk1B
z(woXSXwj`x8MNp@i{7&qy{*Luiff*Ubg4yQBXitH)62+=CXyXB$O=eUBt;gP4p~fc
zCYK^>1Y0QK6%4|?F*vMe&o$(e{bhWjpK9o{JxfpJ1#?U`4OT<nvd?(JLTzI&-Dew&
zV-O(l;jClsaGcRN^a&o&+K~2a8Pdbp$uy)p2)stVa@NASkZk1(q(@1IF}Y@uNK*h~
zK%Bpp#onsy1On{nREnffOe;bQIVRsPbZ1(51VIjeC7NR&S%-!p(MZpYDo^2!WiIsb
zCMmsTl4OF+3!2kRF}<EsQDDJPBMk`FoE15+%-j!lvUU~IBj%DwC2|&zVFSrB`Y9Df
zrdW*nNNcav?i!b|pi*;c=Lclpvb9)7pWEf+{3X)agoEoH4)Z7%HEe&AnhN{F|Nicu
zzdQW#cR&2^@jrj}^s67ohyRiy`*oEjzpiMS{Q7?;Z{Pg-Kd)c?`ah?yU$yF`AIQD<
zNbe7cFxQ7jWQt|V>OFAsKD}Fn-ys8&+MjryN5Mkpo3jg_%=zZ*;sc7DC(dZxJ=Nrk
z`R43OkFIeww)Vx4wB?X&<%`*`n43p_DF^xVdb*8khR3QrRNn|OPZ&8%L=n4wp=SAL
z6)qI`rG;aPAxGc5ef!O;i=R%fu3lZ9o!(r&ee=`V^~L$co14qiSIrKyrdkVidPRC<
z<2eiytd5Re%d$Do7!pwxO5}Rv$8OqAHXkW5f<8vegsPdy(>9Wwk|kIxelED=3InI`
z((LX=Zt9iO%|On^j`610MrPfe6^J}DJF4P=jXl<cAb^RHrHIKLr||Z>v0j)l-c98@
zyof=O3O(*--(Bb8H7*p$_?EIyN?<^dv$xHNj{g(?G16DdzaIamLyeK%SNhLmEhhik
z=$H@C;Z%EdrY2v&gSrC9WR)rU9)%W{wnr|_P^O-Xq%j<tS1{6|tQkini|Qu&jgz8p
zQH3(+BQI_9hR2k=@mP<%O^52#JO=ZtB?M~M!L+Ecge#+(U!J$CcU?u_9<s8@U?2{n
zu%hz`;$(<076jo`bWWswt5it9Fo}>GCVY3^Zif?qb`ep<GEfq>9se&P3yTBO<JJ$C
z*3_C}24{IC3X(AhE=d$$CheS4cLcL8AFXMlZ5v_tBjMM@&4F(GO%Hj0YWhNCB7ddX
zQ<s+hx9Uj}ErgKf93m$@kR-w1U_&Gcms$&N7$~TyCN&0M*`%`1oCPDk;VF}frpusF
zS5Je=l#4``##o0b<V>^f#*9xJ?P+?kiQ7CY4S+FKwC6;WT83Vcpz4?Bjs(?=KHMeA
z9gZ`aO5+M2(8Jp0bWi^tpoV)dTQz_Z`ldQ$nGIQH9vTi=X3z#u!jA+>IMrj;k|xaB
z@U?v$4tSn6iXkg*yzZ7pG1SC68e}(miFh{Oh^sao$+kls!sVA#%6pObL4~ug_)+0H
ztZXiIY==!kYykf7Jvd0Q-RL(+vDR-rkQ6H<%lm~+y|b_Ejo;V~2YzGPz;6bA(=?+`
zp5JtKJ-{q~T$tqnre%O>8DLrln3e&ir4PLZm=>oEFf9)wyB`ru%Yz0pn1Uz^R$AtO
zuFKds^4mFu@y33tp$`K>O!IdKgqV&tln@_k^kN%Ih*#~Al<6Hxhz}*i2lj+*C?Rgz
zBjHU0Ld>Avxnm#r=V!z}2ldWvgL>CC*g?G;*wdiiLHopb(|`~&AjDuBqLBP;h(h|D
zqL4mh`D2VPz8CHd&mQctZQHhO+qUgJwr$(CZQJH|Y(Dw_o|AK4+;3L8+SRK~(_BeE
zwGGA)iWC?-X<Msf_zUT4I}7or&2Utu*#i6;VjOO#PI@s<M(bGiW|;O-)E-ki_spon
z<Q`V3xaxWnbxNE}oc(}OT_jzH5fq{#-b5n$JJE9KrZ(}MF%u>`S9#_<E#5D+QRTRb
zk&}?J2y;0-a1K-6lY1qzdqSVhD~Zt=Sn2-vNfde}bLpun2`%&P{dI;NYmu+2%%;|K
zh^Oj<`cv{}8z&Qtz$%2!Vtdu0zj79C{CVU!G+R&irproJ^m|81FwF;eo4y;0S_LZv
z2wXd#94X^i$r4GhKKCTJCR+a3&NnY(K6$j0orU@&5Bm=!<{e~K%cEZ^-AW~z$slQg
z5*j7bW%qcq)6|jDQh1^eRjRj;`g8z|BSvL~v=B6@QYB0!%FH3vkJvCcfNONaQkHp@
zUXHLYlEQIHrh&b3{2q5E?vaRks(aZL-<in*C4xwKOgk;NL~6m}K9dqldF67k&Ni^k
z%~$CW?N~>UpUz5DlYfyIsONy*|Ly1v)a0V8Bz#X0phuuC&WXPx1FpXbH>p$YJ}>;d
z2N{Rqwxjn!BTz6Wf>X<t4P23LWH4<daxKiYqho@Xg8qz@?+TOX?p(U-Y8bn27QE5L
zPGt6wlThX)vuidnxsA=DStsHnLT94__q@Ef1{f^q$U7!c=(tvic}YIEqj4l6h7pNP
z03lnf_eC>jnF7Ticp_4q_Ds_f6^W;n+)d$(yNzX0_aT3Z&+EfZ+z*R-a!A-s@Ea2C
zeAX65`sx!$^09{d5}v5a6xqp}#(LOhFXMoy6jboE;DDgA5YF}1#(taWx6j<_x7X@>
zc6``Id^xdaXIGyKTIM6ag4Yk}&OP&^&X0?>2<$O~P(lpda5QV`nWX(QA<Fi<_!Qy)
zHT3yf!!iR<Z^QSq%z?o6v>c$>b6yaoGZ!h=p+v(ES;qooH9nMzcEl&n55M=@or>bq
z{ElAJBuhQpir_4Co#a+p`~fC6S3>DPZ%Q!uAk$b~u%o(ZVsBk@51zUfu*JeVz{cgN
zX9FH=5->_&SRWM-!vNkmpXKlXqhqE3BfLsw=AD^*#;R|ENCt_6^qzb6WQy=vl?^pv
z8~=3K5Nzp5R}OQ+!EeI>*K7W4Xm2yX_2A>H;FcPDp7Og24vYaxA@nBSVg)tTeQ5w$
zSO4<r03VfX8~x|c>qxNY%v>7;B1t#*T9^&*2`Q{Mi15aJOd3x}Z`cIu3AtMVcWv1N
z>j`Q1IqadVu}Mi`zzgzQ;}l-!i8@SYI#Y#=wGSAuxbk*j*t`+z8?e~=r~!9E+MpPq
z&Q$K3sL+3wM(Vw`zOLpgbiV>?s|U>xZGN=3AcfGSlcnUHKO*>g+PYHL<3kg1z>F}3
z4>}p(_9@VlpK;LqstAU?d8#~Mu_+I-r@~*2hd6pzPAAS%8Th}X2S_%7l7-BTh9wx)
znsdKMOu!EuvPgm*sgHHTg=aryx+t-5ON%+|uvOS`tDqgAu<b@+w-u%*?5JG^J7SAJ
ziro5o*h&OBWY~iyNhz4kBa%v4J93+u)SwGSf$X^nG2BRGs~*1_-d^*FSPa|p!(lm-
zKD@WZOm+WCy-=G%%iEW-!CNC=KTB?dpES%qsCA=urJT0GW8V0!z5VHZ7MduQ1s%ms
z>DnjN)5xhxTj#zlds$KCpSupPlKwG!O55kRno1H$D>DW9Y)aooCgHm)E#G?-WBVBI
z9Dx~9@)K2F%i}C@rf%dbj*<0BuqDnjw!wGEzx+b^yU;4%g75Gt^2yjH?}F?0sk4@#
ze>>-X$NmB1u{sBOt?Z}vkJf@X)S}934p3O@mW5>nr8QUrObbY@(TZzvSIOErKv3$m
z@iAWOJlQ&_g+ZO-E@KIfh3Vaxn_}k<j%~Mvz_rA_M&M$qFC%mT-6S8)3XMDo@;Zz4
z-OtNI{KZ-3ZiBtl-7)}wwlk0q@&X4SAIS=jJQNslwi2>z?1j!B&r!3yE7xk=&|mKy
zMs7AXvcIM4-zT%*?P9rRLV2l=bQfT2)-A{q`$l57;h;PbCYDYGuT+*kOv46u3=vaK
zJl;RjkC7v|BsYAPCJt|@UxXH1#RM+&Y%LN6wBc&?_c}r@3V=%&(n2mS9|a|xb7!J_
zmLh`ssft*o$2G;_aV990I^pT2fn9Z3_4K*rwT<jDUJwX2!O5s3Qf3vbXESe9+lQz+
z_$z&;*6iZdF=al4A7AsGwF+@2FU-%eF)>V_Fo~FiiU*U?to_Da;ieI<xy))({rJE9
z^l;l@Z=i>s-TFY$kY1&*6xmI5Oplo7<*0ADA=SJU5>sZF=aP&GC7s(vuLH3IwQf5*
z^?o)f0C`v=0cq2Y<svk#ilmMc)vAV6>Z?))vN#_8%+K)oo9TWG3?UC}VF9y&`Jfll
zrGxO@mx;G>GJs7q{ebq*v~b90GxL)R*>kZBY5lBEF9y<#b2krCX)3ke1wz>Sk2@0~
z(L~Jbd?)Uu{f5>_kSqQ*`TP6$WD{wZ2c6sZb_;Bt`t%x{{JWd-lqSz|VRkc5&FuU=
zA^dG2@H;F&ueyKh9_(Vw`h?&2`pt;i{Tnyu>#t+fq2qZMxM$embMnr8eZdzU;kRGn
zx1VzMCx0IoDE=-M*utX>-ooRI!TGZ#PwXyYFehM_+z*1UAWZP-^u;a&eV6>n<-;;r
ze6kALYk3S+KB_u=NENS}30@ciyO-MD#OpC-O>Ug=#PGE<AfGMYE51uhVgb|!Wd9)m
zW+b#kF~SaT+5;G&{~WRLCF=~SvFs;3GMF+^G|?b<phE|J_$2P`PnJ}j;t<`X3`nwz
zX<>u)3Z}lU0Ye$p#*Rgad+MvytM9RR!RID3Pb=8NBFPyhq%6D%>}BOP`)4*%CxAi9
zp&oM1UP=Q>@1#r#S;si@bh^%)lr$4Gax_`1(^d9-XP}&QtjSz>0~vs$3aJ(>XjEgp
ze%GG{jQQ;IU4<9{^3W2S>7s_`+$_^dD`8T~o$Kix#==U~|5d^cnlgik*4P~0(LUas
zS)^B}HM|w0dsB;+0LW>C|Mw#84#u1@AFZUnbZ*Et9RlUnb@tLTh&{|2=43fBTbHM+
zlOIhX8qDJeIVp#bdY)^N@nb)rL}W4;0`I3Gs`C|0{>zp3)o1VDz@IJq^YW6${}Q4H
z!vOIVq!v^9y%+{=-w5r2@_?DTEsLOOQr~fXkdM^tB+4@#NT_qBN+$-+K_LBXx0w#i
zl=``yt1{iUC$FfiD1Z5JC8<2LjAgD1!irU<j%in4+0$5z3!pw#qo8+G@BN7VB;dI?
zTt;1nZfvvQok`tnp61$M9Ro;E_q@eOP`ikfMp1ILEOQOE@i;GJ9o`X6!0uQAFlK5k
zVYM%yxhdf#EY|UBR|Ge(`%f~obCJnV<!+3wMtUY7yX?B>73pey&Uw|Mwl32d*`L-T
zgHA4aGE`snA6dn;s0>prR!sVy4<{%5H9Fd9x(H#K#!&|R>o#6=gJoOL+|-AJ4r!`J
zcc*{{L{d#Vvsy_~4ps?}z$V7Am{ql!;Bg0p{ntY%chv;y?L2`UIv2x=Y0{tnT@Syo
z6_g!oYQk0UkC`^%sh)MsxvyMtbsahr+ob(o-5?wme#+PRx&p=cLy@FELRpmTP<W)T
zbZJ+SgrMB&PeH|rm!4<V5tw+$Dwl77hq(+v)4C%G%KYj5Q1`lE>)m~WLR!CZl&!2L
zYV;QEt<`+`jB7)i5FVQ54DQ>&yj71gQY+*<;%zq4nf~+oP}H6Z-j!0MQ#b@A?ITfp
z+|!j%bV@zy`-M?^MA7CLJ;jlIU%IFIML~&v?fTD5WyJJ~udZjGtthG))XXwbn_$Ep
z+M<ufOtX&LJJ9JjZ?1*r=9~KE=Q;4gyJpNt@*5u1y<V}NK39C^(fRXkh!2gnehyX3
zv4)J<fU&j85?}<hJr+3o5d$I?xN738*(LUf>GJ1Lz;-@PUuFT@m*lpBggji~+qthA
zt(fPNJ4)KB4`38tbb3<wtVAm=odGD^{E@yE%u{tjxkl94&fr{dne^oB>vkxEI@7{{
zid6me(MG?Wbw;WzU41fHo62SN`aU|VSM>W5dexU(V4gKec%B1`_8x*(tkelJ=ui$c
zrx=?~x0$q>yep<PxTZ|c4pLZttg7SY2}#yeR75XYUEoeuyuxUS{U-N1{0>ml28W!M
zPkEoiy1K^fOka!s(mMfKfttu8Xen;JYw7(!h9P4f+fr7a(nuyq)hjF<_o8Pu9Lr&q
z7r6vYySd2O=pke{$GYXq>`c6j75bLDi49-FTSCJ;OGE#OYSWDKJ14Po8KW&eQ8n!Y
zu;cI<kFGT4h5QteCTp#jIp;2jK>I7-<WUf*B_lQ;zkb`rktUp&D6-8#4JNwbZh><s
zoCS`PQq*1f;jK6U4{?hX=w?lI5Fi(r%gg69g$4}NsGFtw<rg*S$Hn?_WqkqC_;KxH
z`{?|8>%OyB{q$D-^j7>*pZBJY>f+qz4n@%#Ot+uW>S(Ie?~L~1iJ9_l=m#{KjOjoW
z<^3AK&k(!nrEfaEK=Iz}lB_Z5y}v7wn_+m7vU|c#qyNYdhC}NGF|x0`F*;9UXz_%i
z#Wi?az|hwEy2H@YZDD9#<6e&EZrZ}o*0#k(v&Uo@i#^xwz9#tp#J-)C@2+f>?>@V_
zsoaXauvEIw^D*tRn8ji;kEOGj#oo6uI!~u_nsxc6XBZ>w&syNrUVuvu-|)GDJ4F4U
zG~N4dalEuTce_W@^je|gsM60M>8r+CMAB*CHk=uFx!EC_5K6vTiDlp;&7Gmb)B~gF
z0fk_-BR~gY5L(_MLRX6t=pwYcb^SK4$q0GMBd)J+#^?T9D4*}XIiFBdNxTSm^!agk
zUQ~x(<%Sj3ke0!mS(n^2znG49I#iT$Qx)^U*z_PJ8P6(wUj#3*xmKNkn3b2PSXaz|
zpoS(S9hjT!ObPrafl~^~Q*Kj2Ex)lcF#txL1@?zqB9utxb)+LOgc4sVu~F5l(K<aS
zO3@81=Q<xpJ(Q`Fp~&9;H7(so!%_0d*?jy7t|yL;;=+)Qi0gI3kQ$JIeVw?6t&l5;
zu68jKmh<MGB{4)M0g_K+8fED_Z|`J;6tpjNkE+HJ&=j?#vii9txNVY^mE=u=YDS4>
z*<+S}G_CdKD2T37g^E`BDbIIxQ>Pp-Wddp;%NYIe0?=-m+*2c*vj3ehw|{<YGfNhu
zaIKJy%cQl{9**uf9o2C*uI*r4(>V(GUx;8_+fKK(n`UJ{&BS(|dDiy+{}+g1JI}QI
z@T>#d+wm|?Y}8eePj$K9$llr4Y2)U&qSw!E|9;BU(<PB!G+w#=V}&-PCGXgeB<E?O
z&*C8NiJ)rQ8tFDxAnVvwqvB;4o@TqjYUS;`=^6snyMBLuMnI0z3^m70B}9fE2WrZW
z@avYL?c1@m_tCFs{w7SHp<VM>pO|GrX(Hn#m4p&qtNp|cyJL?SfRP(6*|9E2;cTz4
zmC-;KL(@^L4rhilmPT4^qf9i_Mb{0|w7hYSFiAMmp)l5}0q9R6pjU8CceuK`=qbku
zaQ~~Oh%AaWsHj9i9t)**$Iy^=wkor<NDp|n&mo)Sm|8k;HD+uUVT5p|1xULA`Q$SS
z=45L*Lz$~pC)(?!Dcd|#(u^xViMxD~kx!T2cN5+&Z#>z29JeOjy$s2hnlCkJe}`4d
zGlZ|+;vCT1cWv|gwnjl(DFS>-t9}{bh4w)7X+L+UZ@q>K<n=8%n3<?jp3Ni{Q?pKa
zcIHtJL>0JJ^IWql$)F?$HKD*?@svZLN-frGS8<KVt>X)+i4f_zjz_`A7Esh!BBX`9
zbp2b2f6EJ0$v!~u{@xs#`?MTRQ|&iSnd6TAx%{qhEgLnniNk8$vQxG1qZFI*Tj%Yt
zIPC!*HG+_dYNxc>%OV+6S_ETuAkQ{6)j~3l1wS|tmiz0V5SQpa;>Uc+^|*Mm$wW`P
z-*z4^%X}^5WsJ}W%W10E^s&`qdo^)+fw6t03*+9Mw7z9BoO4|2)i@w>ty(-1<XuN>
zw}bc1bvQABFg|Ladz4LRwD`p~Jltw?mwVc~3>}x?LYQqw2;&hOKCngkK?hSG4Pp#l
zunr$l5*7R%D!7DC7CF%@4kRN!tBs@K<?y5}GCUf;p2$(`f<X=tmlQWFb{CWgGup%>
z&IB;V-3%F1xP|9qU=ED+L%2m|yzx2&0B!s<1I6Vc7^nz{^*$~<<|zKbM2%PcgNZp%
z{_nc{-|*ksTWS+tmb3td=N*vc?`-PnmTsIY#=`E<VNcN<HvX^=g^s0MPUT^q5YELL
zMg81>P!7d(=yy&9{#Qt++yWhP6pY@z_&bO^i?j9Q{)rt}UBrqzs<bsI^WX#qo#L|=
zCy?cDgbz)J@N{#o4}18GN4Nk+zlb#j+34;m=1hev_?0~BTc2c4noljqtis!Rk!WJ3
zJnLHFvvaozOmx+?g2Q7R^TmAfzp6H0S5MV-7-nl|0G&|4H&=kdfV|gUU`z_1s1(X6
zh2#jB9>Ql9|MhkvDVkI+8Bxe@);d%W^=$c}kQ}>53P5hBxv8nCsn6#*<^48q#($3Q
zck%0W;>=t>$M-pmT>s~!il5)};UrC;_kC#NOn$ca?F;_=x&S}cGDJn=>);yZEIW$z
z##fGtC(rvlJ45Z~mDn;b6<Buv^CGa)l#!YQ5p9ZF_O0@CFxLT_dhNaIdE<#bPkv5r
zg1i6Im6usk#LJ2u-89N_5bQw7|HO7}_S1wZ!$(Q7vrOwU!99{eS@z+kj=*P4o^Ju^
zj?zm_Vnkhi7$_^xx&!#;MqW+Ca0dG+U}#!3q6KEoEMz=9odzPyDwdzxA{FV+@J`v9
z`4YLl222$8Z1cq(eI6_FeS|8ng11Eu@?FF!P^UN$vTtN3J`;)VTmum_oz#hKAXh2Q
zkJ0Jb=F?G10gV56xyqjV*F9-VS~w3i=xpn#LHc|mbUA~fpMEXPs=m_S`RkXcJOUEr
z+79gQv?EZAjvUT>=7y$Lwtk|2rm1)`xyWvQp7%%SYccxvl;h70$-ReGQnu%%B!B&k
z@aiHq>{{Aek@+uBlfpW^Pb<WNYjKGr0pZa=!8YV-t*#|d2hOzcF(m1O?cwpYoq~fK
znGm%7NWBJ6`lPlOjc?fFl2N5qt7i3<<Y*Rsf`R9C`GG6v9THh^upWXb+yRjKHBe$J
zrzmj9IjCN7*`+43jmnbf$TW$hsw9db1Z5m$$md+l5SOYS74_z7cy1DNw6NfAP3B-v
zp=|5EQMBxYR3{=`*h?!>SJ=mVuu%)SzUi-6cZFKOyoSj$5g~pY3er8t8C{7j;gd$K
zi<=EY=)@ys=a}`RzKrw_DAb8Uks0P5qK)PnSCnzxKwhOMBJwudNXwj7p9i!hOOCC%
z&rIl$>Jp)I&-xV+h>Rz(GvA884UvyERs?OOZGSdwDy_cLbgNP1QtP<DTUPdhwoZ>!
zN&G_UsL01dd2DQHP4+cTp@5#(rnpE;R`G)e{O;3kBz$j6a_?DAy&hgk4f_dPe}hkv
zTjqvp;F?__Wc3kNV2wmuF6ZD1oj)_nM0PiA4|}$rbU%2~u-$)z+AzTnsq(}*(JD<Q
zWg#1>XX~qDH0%)67$M@hY!=ehoG~wR5#d7GX~JilrU2bxf#a~FXZq{-(!1L)&+c|r
z0yM<?vseBtkn&#i&#K?X7c_wV8R~-N6##my-~_%m<z-DI>{iMLR83thgtQCyP$F5U
za~pX$w9C{p1K%zD-<V1>WmkUzt%=-e>Dp2(XRL%hiYofa)hBbZUcNNvq%os8&4sb!
zB>cjV`DVuV<6G)?5+0N(XSm!oJA#@>-^}<4IgrZ+_n&eR$W#-djO8?Y(KRxOv$LSz
z#qH-akndo#`F1p26C=-Vmn={ApC|)C5&uot<}#S{5|Qv^?-WqWDIN@7iC!xse$b4y
z<mJyK?}Ey4?Id@PE4_{yQ{gSNfE0Raf-i}UFgne%BkQ7i?2w(IQ+pJ*o;@!TLv$&^
z=+^fbZ&UlPQki+~2ka#=Kjw$5T14NcFS2Tmz(B8|TZqq4F*RzwdHKxb6a{HrWdW%q
zi_zG%<i1_QfX-~_L<7;qvV6hT7^c?M*PDu1E90lN84KzOz-u>5yS}7dU?$JwNpvwg
zDe^VxBn0EaI`d&PZ9aV(8hQ;&R?wmY4wzepBt?XBfA9=jZMzqD!+Epuj+Z5z?i>as
zay&yEk?vpVREk;-8T7aK;)z{S$z`7riTJU2JjFy}F{@ybP<bsLseBH@k7oZel^;)?
zpSP_|>^6!4m~0=k&lD|z3wL(*w7ekJ{NLI=LW-}89babdvJ9fbN`uU$QAZC42uyhd
zogq&u-By0V{x@P6P8X5VT#|-XmA|Iv*fPw(Ep)X}Bmp022*UEQ0VY%)xk<~W-H>H4
z<vxKmI4qrgX2Wbt>6%H+<lL>6An(Cu@R(y2JS)sazxIg>oRVykVsiW|ztd?NNPRjl
zbeMBYe*U6LR4i8!+rBkzRQjgh!R$j*pO_gVxEPsaD=X-?yMzbj{073nBK88nLz{Np
zH9g+e{{oF{VO>UxRx_-&ShBw7OJH~MgUvBzBP4~Cr0MBEG!clyGzt)i(H)?>EbgUr
z+o$}xbd8myR7!B!J=2`C02cJqAup$&mly|v8F$cK*9Ff!G-LznxKx|m<48e@O$B<>
zpGYki;OLlnDUuuB7o7)BR|b8eR=FQWZx4@y#k%hgH|{i(2Y^*??bcf=cE8){2;jw^
zjb<mfi~Yqvo5f$rwBb)$%Av<nn5k;JMLEfmp`m1Huk$vgIlr*V(^+Wd1rKFe?$QV;
zF1x&65EW;#TmHaaOKvj4`1zeVt9EH7Po?ili&<z=GPk)8Wo7R2o{iOA;yjkCJH)v@
zw>OCLgYK{4{GL7DlX-)?yr>c;w|LOSP4)^=7$y`gzCn7!%VCS#X-~iv*V0}Ib0J83
zU1vfUw>!=SByTqz3RFI?IuwMx-gL=md(9HUb_AlmmfU2M@D3Qn!+%Sr;1yuVm)L2^
zN_s61hCfO@m#(s2FeG1Oqhwq3@s%8mMT&QBG1Pq?zWdWFp&*5o?!rj#KpOSnGkXn`
zeqtxE6Epc47So5nhenYThWm^qf|TCJ?x2m8@zdw|Su{_&$I71J<6+3Z*=ZfT8EnUZ
zfdtVrITJu8fr2UFD3J{|Z$^M+qTDn>p}^P622Vg_ypxH5O92W}1ZoVq!{{gw3D*?t
zcRv_5!S6iHyMLX~E(Dt2np-mtW;%Xadc&_m+{Qb0^}G>XzXwqA<oSQ4)lKTGT{(6c
z)^)+~d@v4igd*rd32wKk{YawAfT5YdTH2hoS5`-Sj_(u-qt3hohD1pAE-`FvplS)c
zV<-msOjs!3_M2F910=g__Ke?IB0<k=T(5$hDmvMgTd+h~{*DKQ&U(`1g98$QX{<Ev
zL(<#8F-KqXC8FUY```0Ds^K>=^}~r0Lo!}4D2HUc^{Y+rJp`Mn%@AU)FWg6STNQ{E
zkFY$K=H)TKrr}qFeJ2lu<Gn1fYuZYXvHmg+7Wc%(GF*hs>_H^me6JFRn6_iQNYm8s
zwX#(o!bIx7(8lZbh--_1{-Zkiuopo**qi@bE1;2)G4L<WzuoKN#8?p-uEYLNcog1#
z2D&XqhG~`v*q`bO^<zv0Zpf&+TR5UVU946qS`gvmIVgOr9B(&My;jez<`G_<{<(4{
zf(dP~UkIdJXX?+MjfXXUYuIH@0z>*rh7B;h2kB#Rwqo7NY?HF{Z3CWLagev=Kib8%
zI4tgAn0~xWB|Z$g{5FXZNH;pBl%w@K!zu6OMGvFu=S=STl3v<WR}fwY75>B;Mg9dK
zhXp`IiMMyRH;2URC(?7<n5Mdv&MDrvn`IsNc8#nbu$DAGzS{PNHEJ(0(n%l*2`LSs
zL>2A%>UIr%hr+kn%H2Asf7`u7t{Vw6&+dS$K?wb`zM=d3!5p|2J2OL_J9ZMo)5V$m
z&&$d{!!8OmtrI9c+LW!d+po<C5L?g5URVJLyqzct-TeM9Pt>(TfNQdC2FJuZk-u5~
zRF?%-F!YGJ#sa9hW}nJ{CDj#36XxFOF`i_IW~69jFTHA>lIk;#zz!tcd0-<FQ{>Nt
zdDvnya9N{MUq0&y+1kQZn^j6*&7JpuuUJB!mRIiilRYdP4k0@6@e_y+9Ktl;xajyP
zIWOX4r>hP`C(i#3l-Lp<I|b{sZvI!WWgDy$8!tUa{Cx!rxlhcz^lxXfTVbr0BMTYk
zOKmUVn;ATATss|(c;7iO8Is_+VIn-)VhGwAhG3S>sQ3HDwjTrdG<h-=8FAg3eyqnN
z28P}EN|$5r+YY!D<QD()P0E2BgL@2C7g0}SQx7l%F^7t{rML`fo@lkJ8ujv;abgBK
zL&!d~YgC>B$lrlRiRJw&Pfcf~{kPhBI#>%5C7~I^ZQAd~3J^k)U(AN*Fz9NudF3)#
zKb`6JHy)*UO~UY7UN;);q_5s~VJFIR2bunQQEyA*0r1bY77j+!P)c9b0w;|@LU6*w
zgOn7<M-}*6W6Fv_dlJEw6c_?*dI(}d_p+E+4~&e+iquRjucR|r*k;RxJs%&iSgV5v
zitBv4SpVYfDmLer>CaiILem=P+D2nzdYN4&1O$WM2CG-END+9s79xJ*S`dGD2dl4c
zhX3F#>}lJI_<M(OHI}(yFYG<PB;1#BJh8u!7K#E&I)|+;3}WVH1-+di6|>evi)24(
zv4Y-pm)(|qBiBr2XRf>m?M9}w8uDjLb(}4Nva+uGSZ2%XW1+4n5XC}JW1z0wuu;`+
z6~teb?TQAq?C~+}Bb7BG6u7IZB};A!IA_LNZ?G0uqV>AmOH!C56NTchxHEqtUY5@9
zdD|%aYbbkaCxO?XtSTM3FJo=+xB!{d{t8Wg;%p#CdTpeJYi~x$x8aP@2{pzhS3{@v
z(KdkZRbtUrthBW&LQ^rn`WBq%z3G2q9V(_1_1})&`{OD76S^tXKUxRT3`E97ULSgU
zbXW)j9|7qii-?Y8o1?`UT%!s?IKqEFqRCWLD=xe*xQ^gVO$EYxXJi)KHHbzLGv-*4
zi=CTOxcc;cq*=x?NDd;e^nY5K4!wMRKjZ`4zdr(ae~+8+j@7Kcw}aZ$kR+la(i5ts
zV&h7VA;A<3QGb^gHngwO-9t8MCl7PYG&Ki?)npg(dtLVqfDdS>g|WCPey8WzbqF5d
z0-X#>Dsz=DB4_tzIoS{JKCp*Aq-c%ijlln{Dzgk7qD2POe+(Y7017YuzVQ3=r5oNq
z24LqOGVmp}<Q6}#%eol0dg$}&s_WntgC`Seo>+nCc<O0aCL>S4rTmFcr7;m)%R%7g
zeoCrIvB+VEj!2ZNFcw>UiSBkzQ+eEW1m*d<ijDv3pgeUl#xS&?)<<G&V91ZIEq5xA
zWPOStR6&c#aE*x8q9CfrZu7jAfP*m+RnxI4J%_1*Fze^rcTR<OQMx{X@xM5R@l)u9
zuL9Baujp!;vQcF=MVyR*?2lMY<{IgYNMiZpZ0Ps)UKFi0rH|~~_xQ%_(ZlAqetSaV
z0@KY#i$6^ARo*e)Yd&Cb%9m(KG4-e$#BmkLWwCQJZQRlokElgTxRFSD{t^-+ak~t6
zoid<O)Yww;)O-%Tx_b0;g=fZ_);$XGGj$I4lEysKo;_I-B4>-!DQy<rGs$UMs)mqC
zAkR42%!4TMcrLOrWj`jM5KIMf0Q!;sa-J&d(Dy@^w>C*TC=Z~vCMUF~5X6wV5R~?A
zZphXaTtUZNoQ0Y9>CLDusb)BlDxnO>$VOhk9XwE9hUs3c;LO%E>@A70(HHb4U*wMX
zMz&}df-&dnuHn_5ffegepLC~I01({CHLNmz?R3PyA2z|b?-aET1x|Y)eS2ga7<gNI
zCrx^&4afJP=-dZ`yPpo&UcH~rPVdyYieqXzl(cD&b#FoWto!*vMQ}=_N?LPSCnbsI
zIv2=DGT!PYFb#`Zp`>hM`5*<x?xR$<ALw8%&`f`6#y_=d?$iZYVVB9J*qBM&LpQ-i
zY7Km9mw8<As?RVx>}Wucg!haMays<UnhYlwnBi_e{5a~$b;fk{2l9yei?rE04eDi-
z*^P6%vhil|UGzfR^M9FmvGI1T_?Lfx23dU1BK|zIPQ9(5OEL=5R_4sPJoBFlo_p_C
znfASoVQ80<)4J3EB<)UY5*;IFq_Z%LrF$;c%(8EoROJ5*{1iq%Mj_q;)MX&_%|iTE
zue*31se7J3rw!Sq7d_yLPv5W3d>Q-oa0?bzoaNnR+Nvb=4h>SQs^q7Tlh__Xt5MSl
zZ=6>Cxh%FRm}=I}HCO1jIv(-PU3aZN;%>C(>oC**JJ9UhezBt>@ZdF|QU4ma!C|*v
z*r6}$7?8akKb<fB3ApPaolzt=uE6@6gq)YA_{kqAJe<J(c^jCMzov8X+wCFltE!Zs
zJ9U;lzNRy<1fPqu)N)?YKqO#qY1WQHAx~zq1p7#o9ABn|EPEj|WyKC&k|VA4FpE0N
zk@Zh^>Q=O|w2{k~x#k1=Iit#dlK&*eE}bqvi_{gjcu_R3lr=;QvU;58Uxy}Q0|CXF
z&n$c8YX<v0VMqh{N%QTs#oY@$Xdr#Lp9Ivvezffr(WB+ioI1xE_wTR83ryDeZy}B{
zVc9v3<RqHr-cMbhA?~j0VJ2OQMBN~kxt5QGX&zx>0K*00<eB#31LzKY2g&NE4eSuO
zyNR>IA_t*wnok5A-THu}C51iCq>`K<#n+!NfI%mzfwu+tuw5{B(OI0ZkF(Xds7_Cv
zw#U{%y({u97uqer&aRB`(oWC2)sOv_v1{wfU0uCK@TY<PcqiIk$%;D9Cdm>oXbXiL
z&iY;aN_z)Y)-tY8(cTYj<o_5J*G4K$lguM40`<$TC_UYdA}SV~ZFfhtHN-wUJ3IUH
zu%dq2=g;=b`}rmPcAHf9<Mfio?|=XQg<j_RKCUm|F0Enq;M#<!X#O1BL!4(uG2VGe
zP;+N^T;`=Izuyv@Wu*CH{||bx!OyT9RB2HSM<9#k^l9hG{yw}vT`zOFb>(J|5b^3d
zilMI2*k(EiwlC{@cC|e6Wyp}_sQ_h_L7XLbD+dRxXYYQa#`9m1=WQ#d@`=ttRlHqB
zrg!tqu@Zye9wDbGsNlO(9GKpKojz?DePALcff*{(rka7xC=vZ@|9twe`8bBQmT@r7
zU~3Xfoy*jG8!pUKFxJTt{uN=y-@%ojen4^MH`yU<-O{o=DOAZKD>rUDpf_`}%STr4
zM84DZ<^1jaPD@)B3Vf(W;IMYvsqZ00uQYqk69`ooR-#rG4HZ3Vk++$2PT~i$`PFh;
z?*OJs3T1<k#LvC2)@XRZ)@D=t>`WCe{Vd1A6#7lh)-`JJi7fRpDtoc~RBxi-XY*?#
zHRbNrjOb66uu>uulw#j_+*r+<aj(nl+fH@brH2k&in;BAsuGf$N@h{t(e1w&ef+ld
zf;2Y^IF{GP|NbreAbsNhCFklUf;5Mmk?`{Pit=rLrhFCn6&drt*@mq;vp(4?;yZ00
zWI+VQ7?g$fG>M?gJXSI%u%}(#vo_#1^h7{%`$9?6++#@h=n#mm+67~gXZ>*0{8go+
zAh9j?0pGgedfeRP0rGU4ghAvXzy5kS9HXzr?%Q=TOO7rmMPu{NGWP+g$d*FdL94_<
zw=XxBRaJSN$i417wVR`t1TaWp$XY%JT-a8``@n^A%pa5jB@zl*{Z%umIQ_6DLZO)t
zT<}k6mUfArc;707oQ^Qe+PNP-Rb3)Sx&Z>KT5x7dg*(3tq$2M@>eWJxuAHHSAmXA%
zL4RN&wNA{D>P$CCps65=paSI_;mi?O%aD|5k>Yptmc?^B@6mq!i|{uWb)IM-Q_woK
z(5evE;Nx=SS+-^7*{IokZ#$BzOQ!|YYmg#qNVA}^(;}tffLg?DOG9s3O+`|DP)I2C
zt&++-;c6&DZUIbq?k>_~uAU^W_x~ZhmV}of?KaagjHjBkfR9ZJHSjm52TQS34_VKQ
zs<Ijo71{}?itzKSDpN)f-ulj_wNl&E`;7~zt5^3NA>K(yvy0*SzEhT$tZwR-105IA
zT6?S?Z1^smlh$&Z7?eRHMT|0GciEIx8MOsi<*X?=X2?{nJD6p|{)j?r7<{co7J$h8
z40Ct6Hu+PoormJgWGMnhV(SAGX1Yfjs=07-!;8w$;<7UhtdFyhbnF^uIb5Qu*NDgz
ziAV{kG_y@3Y<$_Y2nq&c8*40FA&{Mo%Yc(F#|&iZFp~>ATzWt>S!LU%(6`}|`OG>~
zk+5XpcCi|o1*s$(|7uUKz8jqq-CJg9y`cu@_ye)n6FUiCy5MQL*(&3*U=l<DzXgC4
zQ=g`D+SXC-)OiiHnl*-sRNeZ~ocAX@-hBdnW+8!k+Gk64E`k#p98GY4UL`An0CVhO
z*wmZ*oVi{+`2aFAQZRdj6KY3AOA$Wj_fRIVpYj{pVf49KhU0OikODrBa+)ba<8wh}
z!iCM$C-MH+PLA2Bdu!Zh_MfEw>N4)axd$Bk6&$&-F);n9>JOXo_^c<?#CIwQEl^^X
z16fLc^Ahs)UUYQXad#WBc8;grzKh6U)Ct06PJj|=z<6EutH$7v-v(0m0}hY;+DRBa
zT69{U-+e4eNZ*q%_&$UL;*`jAn2aysBlwQ(g?qrIW<#oW1ZoOfbV)Y3lJkwa<~tYR
zTCJ+UD>4f;O5x;qH0fC)fejjPZ+q$X+ZZSDkJT}CO|C|-(p6%D1F9eutW$ZmGrZ*0
z_iA3Kz#oClD{R69Er*(?vl~cVniL*E7pYRQ>Z4+Qe8NgsQ_*l>+aj3NDnL8e;K8`%
z5?-U)EiYx9w>P~jT{^u$R=J6nPasn7By@?oXq-pu!l9T!6(Gw<gyAFuU}L`g&$<Ny
z9KnkcVj6@w0$gru9=}l#o<W;!r6Y|_5E4CbJexUx<E8jJE^#}7hc0bN*hvyyx^0%u
z)7JUy$=f@qcej+oP|YAY`HEW*u^}@3j|p4i2+7df`Q)f<#)YW)IRqP}Y8VpSM)28~
zpZFK2k>~_F53X=@+Fod!M@3*Qsiz9Q(UA$Y&wjqgxO3AGl>t0rRZ^!uy-`{E>b9TR
z<ZA{UF`V}aZl$m;YZ%VKm2K<BUkV(lv|PT!n)2e?oSYi~jZG0nWI5zE6i_pfq?e%%
zqC<@tb|bP(luVw{W~$M?po=K7DBLG%zdP$zJ`G;!h(TXwjjG2mG!Qm}9z-(4(7<1X
zZQ$4(mIT9dZC9j(jNV;6v6Hn%5UgGd!)nc@7ExXPU7K;C=6OTj^Cm*=4)C(o(Lz`P
z%n&VTHFJwLw9pz5s@Iwa>q)>%W0CMFGa2v}e8{Dh8YYir2-pxSAG%1!`M!l(RJEtC
zpa?=U`#%%N+o+Jc7B3X~MVYOG`jOPTaxEJzf+eFwkPdS2oPU2XL+1Mx1BsqskJsN2
zTnMrN#>)X>xEB8l<xMeM^W`8hTnJdM`FBT*MLzTuCNW^v@r;1m(b@IZ+zz9KEw#=4
zYKxIEQoHs)OW8542<fyCUQC`&ZfKh|tTgZFdEzrRGJvIY71I>i#n1E%%RE<Zv!0`(
zz?VzY#_l#3Iu;ysS9b+;r1ITr_5ML@H4(yUtW&d2qLRA#dgUO%{k)4_Z8OxsJhv6r
zhBdq?H{RA&uz{qFEz6p7?;>xB3}<U~m+bbnmjpJugBAidi%GupnAx=xF{)+;a4PUm
z5xHPQ%wCxIYH$Ux`NrP_)|Q5WPT_y`g_Cc5pYlrCR=a#P!j+|Z8#A1Mo+3(FMwj&#
zJ$U#*IWK3_N*JDQj0)EX2g4k;t(@qGRf6<7CIoNp>Ww#0^%f55Z<+X0*g4Np^sEmq
zAbTM9c<2nV#&k_wzR|Y(&X)Qj{h^k7xm)|AoZY2S?r)DW`)BX&r8xJGd%3-ZpPk#M
zB7NiKfJwGXfn2srfdmjNSAwnobMoV_$6*B^J?MR6GVX)Oyc=w8e`y{A3}NvV{@Khf
z<pdfy<$4(zL_2Z?<QLz#)Q=B*u@YX@BzTz8+>)Q`XD1+s)6UxfS09&p$jvShdu|7T
z;Tv0Yo_RzUU>aK-8d;>SmoW~&xeauY6&iCFmyRm341MDNSrg=5J>?Z!J_lH_qXz#~
z-x`XhYpJzL)MFbvPQf`9gV7zclv0vVv}+|2ceYZ#W)(j+8(@EJK%|?gg>%wc>9L0W
zyBF&YIr-?siqE|ZX4mlDf(s1d*5UKpMPL;4mKlEOrd~P{PAw0`6fK2pQ40@6af%=^
z5=q0&=#Sf&pyMnKdz$PhOFUW3u$*5X6$J~3ALrD%2gto`XKZq2mXf2NxM7#?iI+v-
zxdjb7wpJ0c?}Vc)fylxM)96}|TccxH-3u*LRDvgn<V4hfWA@M2st@SG7+MHSUIid8
zNX73MV`59N#4~yC_b$`2MZCCeIVOZ+jnBs~Z-IdC$t>?!Gi@C}@Q}E^x<$#K_SDs`
zE_%b0yziUrZ`qQ6B5#iT4RPCB8?sfjsON=(ZImoHaHC||W(#q{@MH*hcf(Fx?5+z6
zT6MA5eDt{3m5IZX2*#6Ti)ZLzX7ysZZ%4Vb0BXX>R^iQjn7<_3vL(N=c{=La(p5Y<
z_mO8C>e;Tts^f;matrHS9^DhXdAb5{{Tuyjw1Ww?hZstsjKhSukQ{DM^If??bZzzw
zr47t=^i?~)V@Iist(1DFdOblGM)`c&vgKuj#JEZF@{vT~e3(qB{O8s5yU{nQUZgEw
znb`$&IL^N6BJvUOUq&2yzeT=UO$)(9>_%+SdJ~Z;tPXnuS(?g|3!Y)=xuYdw2GP2<
zgQJwEs%6?JXY(d5r8G1Ldq#s;R#$Be7n<mLbptiD%`SLTXV2$!N4nsTK##)wiN?`r
zbd~9+h2`q%I<m4$t|Z==vvzYL6J!}*)vNSiX7SMnq-b2pgocDP7}r!<yBV}A>Q<oy
zQmDDXvhB-j;ED{Vg<L%qs33GTu%xXG|4~Y7fRS%{=AybOO{${uyMo?MDMRCxxcORi
z71>xUk!BSd`dC9zxfh!0@w)fHx;FT=p^SIb_IO*@R@ihKaio!bTl~?mhG>>(=22?p
zFust6%1pl2sO3QDzrC@0{;M4t4cao-n!6TiFI+@>jTS3>E%}y-KxwHrApppoO}0t^
zL&Id|^rG9ohA3+k?-zAoh6p&Ez9R)S75EZW!ahO!*~0I8-&hHCrKW_Bi&)HT`2r@Y
zT@f?X=6N($j$#qBm5W#h8&{E-`SN+RRqFy~OWzp&X>?^RXAu3wGj^G%bylZ_#sbL?
zn|hx@R^Au;X*;&lqZ)2Iqj*B~UMTkZ(L=9Jm;2aG%$8f^1s>hl395Hg=kM;<LV8&8
z4B)|c`@0w{qLmP{b#f<KMG=RR%V|^vU!lXQ)lE4FNZCb6sls58Q~roelUP~<<V#yD
zAvpkX<tE&?`&F6<>!@T=4Kdh&Rgs~zZ#p9;E1aZ~v!mf*)7kXKo58L9N%abqA1oG9
zK$1F3FPvHZJIZ!a0Nnf7Xy%l_4j@r>4wl`h1^%r6oGEnQ#POHkplpoFJn4@!8ZC|6
zxQTn;tBf1%(~o%SI33nDpIH;L?X;P>HglHli2-zR%cDXy((XuUi?IJK-Nsoa@I6rO
zI*~HVT%`idQqQyo#3@@W{mbzcp3xC!4L-j1UqwX1fS|2*_H0u!*PO6IW~y`oq0YYW
ziZfHhy-8vEg#@(bjnR)<+}Fp(T-yuVX?N>G7DeUR29yKwhxIxajT8<!-wid{?&hxL
z)FcVl0qJ%XQljPH-|~s>-zTLQ1q6dcDOACCVaPTVkh!LY(kDSj?Ks4yXO4TVu3@X5
zHJ0#CrwCYwu#qibH+jV6+g&VYP{29!wX1^Y32@D3P`2_dziRv#;q#v}n82LoEb9wj
za-hv5Zp+`=VhHxc?@c(mMFFb(0gzjF{1mu?KP<epMU2dH(@FSZX4wO=xjQ*LAZu5O
z+1zpa>z*uSa?QeH99D(28ws=77JdCUlUx6Ezx9|nV1-NJV+nvMJc4O|6!*{LfJN~^
zg~PDr;*ayg3n(}-aA{Stb_f<Qwmr#9c_cdEoo_~xz$;$%XL>Xq?n2t3t?}^Rk&EF8
z9(%;UVT5DT%I^qvd<#a2Q49VYvgqM@07>~cn9LQ4JoA`|%#F<owH11Z(S0B~EYw<L
z6U@|F<S3BH#h<g)!9Fe$EXe6y9hC@1_JQbeb6}l05;^`AJ<y<+jkmA?l_RYp{=h`{
zU5c)b*zDAESYYF#kXXWYeT)y!Trl0=JZFMvUNA+lE1EKJ!HlL0S}>ho5K9xRilGZq
z!`A)#%SIRUrV$t5h!<0(vE5=gr-=xRiP&kxURW!m+kl(f9z!s5Q>9K}Ml9jhmL9t|
zo6kTHdgOS>{&&=FxPVWQ{9y^b%}^i}v2<)bJ%($Zi3hU4BZh66>2O?R*ve+a5Oji%
zMUL1Bd@SV8@QB$p*dD&(b|_`1cR<!h>}`e9(vo}kDT}CQfz5mDpA<VUil5l4J(kph
zCWzQDi=jb|Vu;wV(o}9^#B2e?>|RxD>Vv1cWerI4>foj!g#``Bv9-}-V_aJqJ~lFZ
z?4-DuiLt}Ybf4<7n2E8`W8;R~=!r2Renv8U=w`<EblczEiLp^B4t#aXkOrjL+tS*>
z|4EfAv@{^ij*ZujNpbX%$MUKTV!pd|#iTflN^uyIW-nl}auvy7|IcJ5`3L{Y#LQLd
z|Fa;~tNs7{hY=v`CiZ`4G$76Xw?$^P!F!%Z?&{#B@aGHKup?{}Sp_(Xu%m)=AI1VF
zjvn3D`Q6HU=6tf)Fq<N++5Ainyh7EMY(ZAXZsx1X6PTKaBf?FXI7}7fG2xc#ROZ!T
zOzXpFR!3ml>Ii1C_AA`w^nE)S2X?adD_i5hu5&iB_9$!Pz^?uy<G`*OHnMhX<n8CS
z2C~^O?RmrM)4K&#XN>;@cx<a9f<`krh|zKX%SSUgRI&eS>0s;rbtDl_8#rge(Ea=0
zrFq*rXM*72>x60D{IB!-f2*$!SNu;{1KGSfLb)ZbiY)dlj)Pc;7oF#J$vd+(@N`K_
zZ}y_FUX^P4hJj~`rh?NO7dIC%87lWIbZM7{@#q2Sa$F!x%2*<I0aSai4GPbj`pMZI
zuxG~|9yEey{^~)jjo&!jwtHb}zYCb}BfHD_RYhoc7c>dr><Lg}ii8Md2EEP4uhkn2
z&h!*iR}H}RMP$<{ENTi{1A6Ce)=H$kI3RmMoh?E33rm9h@`7qzlq75ve!4yp1(&7a
zg3B>i`*)2Rfa?9X>j*nDA>Fp+SxGho=rnR=@gDq5O58rApx`}wD{~cGm>Inr2#+q?
zu{EBhh1I>4d%hyW4IYk1`2YMgUewRRXV%XX@?4+Wx+0YnXyiqnLS7yIJ9}2oR5mxJ
zNcFIVd(XDUt;Rc8$`FKWE_lx-Loq*Bx<gfzR+315D4zddWHZ*JN|`DvEAxCGPJUQQ
zCU1PHQm+53SQ6{g`u#u=`(A}RsChR|V{^$JP;~x-wxd0_PTA6r5FV8bkqkWvrkZte
zfF|3g+preeJ_6b-LVKc56kgfEbQV}w3enSu7R8r!jRj-;0^nXeQh*ufnCU0(^m)Uo
zn}mR+I2KONEL6t{bUp3X+P*|mqO%*+6mlY!f6okOC4DV>)!9~TO+SC+U@Vl%4W!}x
zM)_G{KF(sF+v5>Ev$T>fK~0>FnpPvsB+6dGkC=C#L3R<>^a_N^^y}#fM|>P~cHW9h
z&$8yg!LDf%EPF!H%~D;k%1x|apZzguVUf=>%Qi0_ve~T*b=lJI)*6i8BFb(>HS-V*
zW;rA4Z;|O&$)a^G@E?*WwE0rcxkD*nr@2~mzr$LBnQLq`!5W`<-guhWc!HUwQ(0I<
zxiq?MT>w;ENT>Z>pnM*6=F5HDd*+0{Y7Bcx{&jd>98A%$LY-GyR}1^ZrmHquWF*}R
zdmrxptsHQ*TJu)8rbvq1cZr<0uH|ZTpPAT|(u+Fpenf6A1-Rs}z(-MvxIu55c$43J
z&KlaLiGV(jnV%$`s?i{t{x;LJGg+-cxMfwT@svEmuA^jwxe2EKL=?BA)fkfwRO^uJ
zKVkq=K&-#^-5z$A$`PAEpj%0%7e*kWcI@A>jbdx`(Fr|~so=<_rqg!Tih609nMAB5
zLnDJ;0`5>&PRUzR47=cHL3=VKAr_ih$=D_6bS1?jxUGAw&>+0=Ahrgujh!Yj1+62!
zab<YjE{hQ|P1n4PYtJ>}%Wjl-1Eim6eco5cM<NI?$0!lobiIFOG9d(&y_cMpL`fH=
z$s}3@yA>P;m{`R<;h2tl_rQ7wn~RNaIz@Ax4P|nhV5K^K(vQh4hM<FyY1OS7X5B)f
zW^*FhEyy5xg*5^)Bo|T?aXkuv_|xMF$(uv+>hVw*1h#gxW>}vTUf=Mr!@?;#58ykw
zlQaGu*J8pCpx2*wa=N*^-RaOk9TnBfL@|)E#n<$&>so!fg`gkLgWP$(Tz2TW4tbxM
zQC5%8qWj1yC(13vX(-IER)54JMDTHc+<#pHt{&CtKV<8@){@*g%_t=m39FKcTD`-<
zy!vV?_HDqVCPr`!n_Km-NVNw*z!G@0lb(uew@HeDRZc@1v)AK_m$PFq;gaPRob}EZ
z{9Z7l1>&0}Xx5y)PnwX;pFsa^OQTDDPlBG=UAI^YI}M@uy)L7G@x4{Ql!5r$I}f;~
zO)sz%P35oJg~DB`l%9wDut{1&uSuiK(hyq{^_SVD0YD)e`-x`4lSBWgWGXonNL)Oc
z>&PxNIqk^MMYE_ut7_~{C=(x(QL1?;aaWaz(PokOv<%YZ7<hA$ov?9#FK6bFxBEmk
zLgtQ>PBhx#GM_U=FtCK#^tRGFhW&_oj>3*qsKwjtB1ZN9y#X=4Y)f=+0)IMuo>}3i
z+tcapg>(wiTl_<ZI0XCQu0)>(;T)t_=&M5%iv4sO<wu7&0{h{;HAH&YAxM8=OUD?E
z{Uk3IBMo!-w+F@FUnj8M6(!8Wvgfg-NNKjGXF4U}Z%X5K9fl3<oE`K0`4M#M4<h?Q
zNOjZDIN!cw*Pk|TG&~6$o94arMb7w6*^;VXWpiMtc4|himzTr$s5N%<J)Q3M2X1y^
z-K>2CJci^ULLY91?8vIKKnq(vv#iC4ogT)ZXKSp_mBTo838aQn$=74>`(Y3;iN3Mg
z-4|-H>veY&vOkT4BTd4^pcG<Nd8`9S1e^+xEr+B6%aD0zWI|AHhXaCRI}N*`INkQ3
z`mh{6qet4I>8^lN;iv(4+e@sW)=O>7pAvuk1aUq*1A7{nI)@+L4V?r}42@+Rmi0;6
zMjRTh^9*7Pv2Yk@kZ`y^=PZwDq2C;Lw*opA8mBI9bQbe*L>H<hFXk`yZ3TA!BpSbG
z1KqIO#r({Ly1;UvPx#^l5i;3^p%?7@>O{Imh=-5n4}$V{;U}Eny39H7xvDV~Bib7n
z`pag$Fq`VsMGSrS(l3J?7Qe{zf92+F-=&e)K9>#-{C$28@qax%-llA)@#=QL>Flc~
zVTtw+)0uLSX7G$G2BFpBxa5)a7{Ka)x7*^ENYgG48^6qFm!hU9I$O?61)2*7V0sP_
zxN#&u&HjI6`crVG{}=QNXJSpviEZ1q?POw`cWmp9ZQHhO+vdc6>-qhkw|4E?N7q`b
zKiyZ=_qfk{<WfvR_DAg>A=`$K4X;X+B5okmV1*}a8<hD49P?Mj>oo-;Xhj&~siyVJ
z-O~am|G-aPy-#@I6`yvf{|cXBV3^yOx*~yhht|lDs6FsHl%ofpav+{4#U|)<|5HY5
zgd-#@kfn}f?kHe)ke_7$N*9nkOj;&jGL3HWcN5dlvs2vUk{To=_rS^)9e^^7NxcPV
z4jey(x)dgEJ{l{(UBab46`10Tu1j^e@2J*{UE;BIn*YY!U39t~gfN_LG(y*b%UjT$
z5(8F0g$VOU#wIPWCD${RrrGX@;)0rhtO4J)TX(UMWLNW>xTdHXl6sahlOCV9#N-74
zsm?GO2B~AMR5&@fqR12V%A$3pXMO}<pQQ#AqXq<cUoPx#n+$&3?*LeV&->TQLxXLB
zZx?TGm&e7I+Me!q?|V4D?<WfNs+*}^U%vN<u2-^zvHSbgTrt<$erzfgRC;o=i(Fzd
zVo+3S$o5G<yHi8HQEV}*S8z4IC|Wy$4`;$y-}JMqaqAwNwPGxtEgk{)Gk@(HvPI9B
ziU7%9t!SZ_=1mJ;=$75~`@8_zXxvQ;E{`+w0prX*L-<#aZi9%sU+?gf*}j6M7c{X>
zIhfe$d^-ugan74sn#CE;{MoQ>e~WIZ_nxfYI_Cf>L=*6X-~%&`#NqSv$n5+B&9m4Z
z_E8y2z~3lRAt8axibxzLCaJE%D(Wfx=f&C=wx(%s>cym}Y!t~j{EzzkoxTOllq8RZ
zFnaFJTwquSa4qajOww?NJ<q4sG`;J2Uz#^M-M_0B3r>b1&b9RA9SLo5ay8uMzPB+;
zL6UO9^OPIO-e`1eR1R*(B~U2x1VqbxyZHjgVo+PbL~Xm$@c!l^IyP|6bJqW1P%a$a
zttnu@G?C}iBx!<3FiqwQC<&(Wk$_xtqnDJ|ys#30FzYXowUd2nf=yi)_%mR!KbSt~
zx~lj02)_B5=Mdga1b(?#AWftfiVkhAz|msaTrQl-=B<CT8CI4Pg8HlTUr8iPLBoM6
zz5FmFVSaSg<ei0yk+(X3xAHx6GCgKIP<74)P5^GBh+heNl-x}8j+UgLw-dXY<cw>a
zrKi3<R5P*$UHu(g4|VyL4erM0Y~B=Tn#x-!RjX9gu8mnI4gi``hOL&I{RVS$M$p2N
zpR;ZtKLFR8GH`aaZ0hlS)`eQd0u7&;S3!k{MY9t($v$hZM!hM9^FGO$kbipa&%9L0
zD{3!zdzq1m|E~qBu@W3RE}$SAte8$(zLDA@T?7Yw*rA~mDM2bMH_@`4Z{RpVAcNBV
zZA7X)Q{1tFS$#GU6_$E~4sK|wC9W*0L6dM1rPd<kQIm(F&jrcAvBV0_q|;X-qHC05
zCYr}plHT3JMjsj(j&9no9WinX-YV&XD2GC?n=DgN^r7NvB&aItfUbIcSl+=l>ET47
z)Q>hjMabDJ0%LHDePyt=^Bu8fdYLL9KjFhXZ;(=&tL_(Q@OtD_bs@3?G*Lt;!@QMT
zkR}P-?-D#h?STtC2-O6F?PGOkdz<YzzZubCCn<@`?zlkDhc|R6sfTVQFWR%$Ew3p`
zLmXvn<N<63hP87E(NRxf@$ho+@$Ioa3S?iQ6Y8;6js~VDVB%ep&2g|E3_SzOBISn5
zxe_STGJoNWIt7wSNbfP1p!>oJ4HPg&vqZkn@7IP=gqIy*ZHw&q@MWvG3^uQ5``8S^
z4M|pos502*%m-K4fO*5;3#Z5PR@vYpc;3fSM}<ceOq`y<yCv*fLdzu0vvKL6WR({?
zhO*3%{}2a`&e--}ZF<Rz@Xh_f&z)e=Mqk;w(P6GSdvoXDNZmzQHloQ$5W((iP6_A2
ztn~SpN|xH6WA~CGV;UG4qiU{*6~vJ>K5s*KO4ZSpRp56g{Nf#IzFrb-oh+IU_SGK5
zNWP08S^mirs1lCb;`lNDLFlx()Wej;gsFUwuDwCeF7o$Ed-Uz(F~_mZOUTKYm2P`<
z>bj=aTHHXqL8cme84BYZn)!IzHWq?~up5Hd$9~YccJzZnDfMeOdV1%4>Kd6Ip!B3z
z!5(ynFk=zO^3IS@Kzuqiz%AHDs+j=OCJg##^ZCq#ZbHN!e3<LbIu)-kcK<#Rcx#<;
zs4R7}wV4l7)-B(BQh3kjH}tp&ASHChi7n?m5{XA~9L(DDkS1Pn+%%t4KHBora;E!J
z#)ezMhE=qT>_ve@qs~H1J=dbREIM+ot@Ay-8d}8ik4tGjG0mitZ=Ub<LBqi3etF4d
zQE32PFRPc|&+F@u1v)lTYZ=P85@ZK=7%yW*!9y-ilxB33s>g`QL3`IyT>IR%`}7NU
zQkA?;=(*T^B0AnXeg#myYtbpIk}5&h(I9EcSSL<&29p8g!UUg&rd6`sSu1^}mKxCF
z)`jV0zir=ibhV)C*Ze|<{L=`4*F;^L&+U!gv2mQD@oin7zqTGMC+$5M-|nlNaqiwm
zF~;cxxLH!3C3}3GlmrSvokCk@KNL42`j}T+zmt1PIH^H0%s4o?$BDtJ(^Q>Bn<=r~
z+Yut8Vt_N*)j6Li-T^A})J-R&+pO<-Ds!iqru%rc857x|`-r9VGhjr{`!BBNZ@t3o
zvnDHEE-(QxWovfV7noqqAK8|uDMZ*~UuANSO}oM~;(RG^PStH1Sgl)#Cn5N!LCHm6
zU5LqTVwOTS<4F&bQ41MEm-+!93341-q%!6&#-bA{cPwb_?X_S6G~itGBos7Q%Tl--
zx`+{s51>jBOgk%Wgh^6$DhvM<Ue94^Q^A=#<K36Y{Cbbh_YK+jG71^M<)J4c^0pXU
z39*=tU*M<50-4WK#9qd$2{<LoXjKT`5c}0g0{mmHB|TgZu6eWIu{gppHD^K1*Go2F
z5HQNQOZ#OS`Nhu4{>~jHnRpl@1v*dkB@i9mlXPZ1It}c8Mn+WcEi@19*%ESU@lWyb
zyq8t5zn6&<ET0wr@lh>|vwBo&-uQ3UDa83dhl-v5#CQKH>HjTi5;*@CjNz{^`#*11
z7<WPPtOP;e7@H&Gvl<h%)&UO2BUhymK8u4a5UN{^q<jlf;Q~iLGwkV0ZJ=U46fb~F
zwlj4*aB^fhGyS6`{+;2vtNH64O9XxpF8%4nd?C)X7g+K+%6N##x-Vhn13dZYu;drN
z36*`JYxLGs31{D2mHj7F!9@O1!o|;9Xz1*-iAGRJ{wDi$Z}uu_y$@23X+9EeG`S+?
z+lVGg4>;j7j(K>BWbU9=_w1DRNjmFzY@JjN12;Qb4epOEkC;mmd>5BxN!S=0A=4Kj
zYa*6{4tUqT`Nk%GA8xubOyB&9urIcHiDuwOoUxM3)(Yp%3G?-GeXAM~VREKTYG9lF
z3t0z{ggf+MT*6|jwOn0*Rb3Qr^w-bK8k6UOwfjeZTwa3(0X;;I^2Y_aDF};|2x_&Z
zBD52FwMkCHf#iTX%e<|kACl!Ak1^R?CSglY>t`8ATBM4Mp-LCE&bnWz(mg))GtJD;
zqi0wiKBpaYtd%ILl5fMLS3GL?>mLh?QokBerS=}z8i$R4ZzUr(Movt$oTta4BK52!
zJyu~ar0XgrB=&xyH?E(_l~!zfD#Ejn_&L-4_h`p1gZOdeJ)ijG<S+iw{cmy2+dBIC
z%vvU8XAgLS!<+A6!=7P0XXl&o(pRkSq3#b9s0<OvSEQF?0q>@%J|+G^O}~8*1H-CZ
z#u14&gP*^Ts-tBdO6pyP7+pduo&COoX#T+kZpf^)%Xa<;5%^~HUh&QJGq)T|r{<r4
zenZ5k7axar98*=LEItbC9o?{O{c2Swof|r52HS$5)HMe5?C!aar>yyTSXGDQH2o3v
zXHlS5@rx0&s8=s8&e+4;@N4WY3BN{gKFP$EC+=#}`NYBAZjqbJB}Z-+mvC=&I|w|k
z^35o$aRlEKym7=-RF!2U(@DAq&r~9{=`re=Li-1k4Dk1=g<MbS$%kGVrG%|Y3^iUO
zQPj*d%g?Z(!AMR&<`8tLDL?~0>QD$_($Dybe1PeVN7a5Omsk<5`%Qf>SoelBWNW^x
zk3X4_nuD8!)E|Amv;aOJP%sYwG{tfLu>r45PlNXu@*|w!EPzBSU+I)~9f#mR8IYM@
zd97Kd`=us^Qi5bB$}H6}r&7S>IcBFiXtTrvnslm5>XKqRhhlEJ;}Lx$`~rA*qv{}^
zNMneBp5@f(^RIuy0;DF2F3K?nY5~JO%8!>rF$bQUwf{&~de*b@M9^LyZ2Kqo3tHX3
zj~w4V4vJX$I8tet(n0yrzh;z-ykDdsNn?9P2-kciU^32-N7FKvVWdc9@LBd4ZW+>s
zTzwGnrJcq=FR-zpLp;HD%DD`29)OrqW2t4vBkR$_g(&;Z##TRtNe9nIQ|f~K(IO{7
zHuOjd!Q%J}XUB~RHw~j6LTC|yj$PH9*8XA-Mm?D^1d%vY2{I&nNUVm}LENS2)k%^L
zyM-<&y!dj9sNV!qqCh(?fBd=oU4WKk#lLB35A*%!sHsXCCcN*owsyCN_oo(<;iGj6
zE{pc^%@BK_PsLw@_CA9!8dm(Lv+ldDFrj4h3oYB2qYNN~yde}~u=hKPZ7)Ia<elz!
z)XOEB87zl*E|eZZU)=0&R~w|F89m|2`d^g2+dBx5=Vz4W<GYfxEZZrW6H28BW@_|b
z`8IT6Gi2@#>>)o-ovRKRu+>H>$mz@6-1EjsirkY{sQuxfMdA$G8obRcAOp}gCE`vp
zWOc-F8F}c)aDh%$31r&)zopxd#BP+9AIItjR33k0S{%=`^J{Bwx81mfsY7*rlO#6~
z{(Br>HxT%lD1;J_MovRfg}izAqmA1MV7shDObFAGoWRiXQFzu-H-hU|-TtF^m4EPf
zvtbnXyH>451e3@;Z976;Kh+&U2adir9+Kh={tL=8>>G@p$?w^k?tadH?IVZkg7>fQ
zca1{3FPxrkpjgPC5G<g3By{!G8emhV9pNjVk0B4{zAX(3qwW`6xb6UmRAZlZ_jjz!
z(*}O5+0Dm=4$ZU_C>oBr0u7w98je9h64*fh-{}<Ay~ypK6W9+v92$3~+uWxWQ$7nc
zsqE;Q;+-)7H`{@pJ8kt^!ncgSQQTuI;pqY-43B(nJgFv`y%}69G#Gf6Ep8Ecoh*=o
z0#o-s7)m-@bN-#xqSTuEmDU!^-L54^uZ$qaAjiT;ad`h-Yb{k-BLvYdM-P&^NFs*6
zMASfp{}JvyOhd|2E4IlEOilY{tVF|q*wtQ{-sv$+&RnBylb#S-{v028ia?^i@Ki>w
z6PZCs(?ec9zko|Nu#lxvt+(WO-mUuO@r0bpf3P5-`yMVs;CN0#?=w^!*Y=2<`klX@
zA+GD`hxnhgYxSS<vGE_(67zqEou8?2nHS_Qi+v0ddY{h!ZavH5x*erH-WSv1GPhR$
zPul<g7q=cGB+KByM}wmTbJlfHBGVchDSAr-F|ID19n`?F)oj6bjb^)*{`MNdwCiYv
zMZC3X&F!_Py(h-_Jwv=xgIM8vr%4rTjW77-m0za-@rbMf>r|698;>_MGJs>Cy2<b`
zd7h|*&fmR%$Gd!ZLA}hk?ex~$Y_p9qz;m@Sk)zl0%}A=Tm6SzbMX16Bn}&wEp0@&Y
z_dDdhfcmtlK#&hEVXlwFJ-XccS}@m>qeX|gcQR%qYg$M;RiU^dwlfGpth)?n=3>aQ
zv4WgfyA)T7RP~=tkv==A(DL2U6_*czpi?5jBBxKVwz8{@2xrd^Hc)5nk{dRW*P*`D
zCU$tMK7VY9kq`rFA^3e-1J7kbtiFfegESd!$NaO*Il)n&?C3-<dJlBl0m~JN9w|Vo
z4iHl216u#X4CK37ZR2J=9R_{E0lp2Y@4pql|D`i__j8eiGm^1;s?h^Ht1(ONUHa5;
zZXco_-0gV8sd;_D?3AB*2NWc*`(}CEvJ*{Hd6&I$E40PYrD#?+x3uY9FmLx@1J%f|
z@Bb{y+J~0Ow+xmHv_x4X%4S_M4P0|lqPma8aN=g-El=i;S%X{lYBUKnA*SaMM}c-n
zZ#^KZw-K?o{laL&r4a-7iu`_=pY?lpb^3gopI0zX?EU&zT9{jUH%JiI%m2Onb*L~p
zDj^}@^K-G8If>ajcWB^eG<-4hdAVAcI~HX?9Dz&V_m$qNgIJfsM)oA5S^Z~9BzGU(
z7m9<d>i|Lp5*`th&w)9s4ytUzp14Nos=r|^(=peV^keA&tJSTdd-1kI1&<>vQ{?S8
zHL`(H@vXdeav2OtFIBbcYMnWpFmD~RSoUN^@iO|b{j7sHuTDT_%|G}^;z8_mP76}q
z`;uemE>hG&^+b0VqVnsbFfUbOTC9B;3on*s{rZd+7Y@g^bZ!sogRfsHNyRR5i=gID
zf5kAvIjXH2X}W$LFH@IwlRnuMMz0hSC}c@(A=OniGaKP$nZJ0D@ZFp3I{d;|!!R5Q
zVJTQ`zBzen{~_LB(~_&QtCnrE(0%oa=m4tML3h9ZP13ljnAhdemGgI3e#)G_$1&y#
z7QPUeY0uI8LT1iQ6y<xWtkr9Ze$Y`en<&v}mf#Em{TI-1$T=BL7)3nzG#PbmsHOqm
zZK#cR<K33Zj^s!-w}|S|-Hq3$vcM_3U+#KHPj}|Fni{H*wD6{@5_ZQiG7Ou^@M2I>
ziN8)s3bs}Tl`f1B4OV?bp@}<G_I8@C{m;now{`V$BCI!*=iUOKA|vi`Avt5eAsCAX
zmEz=c%ebP2E@tG*cBSvY!@EUdI@?;2MtrASy|(0Rpf5`yLm~LI1=nU8c%bXG`EbYu
z<rXE9Rz>8$J|e{22NRg0xe`yfUa}F^Ek2gFLL#LMUBN!fsdA)Oi`qN>RGZ1b_S!=d
z?qO#%@6A6}E$z<&itP9f9zaYK!7Kx+i(WHQ9rv=}M$dU@`*|B!<0zh1q0|8`p^&{M
zGKoP&drKW5PtK)4^UL?51kzV*ryMGMLeN_ewxa}FD;|@%AKL=yzNX*-AGVG<&|Ddg
zt(x@>-SspUqH_UM#Y{Q%D7KE3-=MnpSn~|s;ai76Z_k%yh6QH<W^?;_GW4DKI|caB
z`YwYq&C&%OG+nJ#sdrN4MD-#kJ(gRh<`5h(u7U9M-tQNggFCo0f|C6BB|bhIw?8Jp
z)9dZ^6?fTsI%}ZUC0^T3T(e|WZcAG1vs#LJuFefvqATBT2Z802^3Uts)f7v<05jNw
z8Jm=IRFRp<p?`CrW7Pn>KdGd&e6Rhy4oqN47PzCtZ;y`PQm<V1{BSag0m{-B^j_^Y
z{nX@&RT^-7$1@r6k0ERp3ezh_K5W=Bx0Ff>=K<9T`x*)DVG3BwML2()c^UO%K9&mH
zPWoVx9Fh2Qmd$0MUu$y{=x9cOPpT)K;_>%Jtv>^Mi~5hnunMzSsuE$<Nv11=4pNbU
zdE`KHafv-RAxped9x$S8rt5?=kx!R=gxPR-yGEBh_SAa)EfSL!KUt?IKzX38A*1m7
zkBKD;uh0lAdKwR={QTbZ!d^b^Wa)z3S@DOJpx}Z@In|_HiotsEV=6?y<y>ltaWkuX
z9eRp8DO+zHX4k@R=v433;mo;vXM6!gFL-_2&+vEsOQ00f#QdO}%-n3;A_wiJu47FP
z)q|zzZB{Q%Ow(~F1RD(4HO!jZWBxw{gXD?AXu&y^WxuVRP4LjzOv<(PPxZS2nt&Fx
zDtm^UOP>NZ#Wo}+GWK{ba~d(Tu~sXzV}eH*%j^hPiZK2C-vjAKOx)$J4=uGu&)=m#
zyoXlUKKCLk-_3FlMWG{AeN0KeiL3icGvE^9lj=yzz*2MuYT*%f=|3QF2U<L*)A`fp
zaV`gl<R%Y(nnhsboxBe3$vj2>sz7jQO4bce?Q@%|Uw#;gGxG(pPU;%EqJXn6qU$3C
ztF?=uO9YP#uZ2`>rrBWnwRzl-0YYP42;vOwh4|ctV|+?{Rx^42^;ZQtXd+>T-e(bx
z0BI9UyZyUZ;5X_jkk%?(Z-{48QcX5DSoUl}Vtq0nSJpQWTR(+Rn8LNb>&(rxG|nIK
z?VSi3wKPQc(P)08nBZGz9|iul2WiaXvtR1iF-$XNUK<t%SbKy|e?M2LCZr~z-^w~n
zFtUt2!FiyQ*@gZ!{f)xrx)LqPI3s3UoAp@M*k@1|kPZaN#YijmZeEtEhE5buxUvjF
z9=7RL`sKk(qA0#X8vopwO{LqL@3o)uM=}q7R?>_K2#JfwjtsxiATnpni-Qs3H_T#m
zptP088i8mfd$$+QbZ%|rEb9>Q9Y3N9ZgRVl)>LN~3qyJm#!^B_l1wT!pz&6`_g=vz
z3Av_01C=q3!-V7w-_<Au9i@%*M?JK>L$c||phzApE00cg3-b>@hurda|L(Hn^ST+(
zmt_WjokGC@5->U#6|n)g;oA;7!;-`Dss}HOhaH0*bUuI$kF6jz?P}%F%RxRSBY;_S
zb^zPV>a0K6B&6q<iMvFO0G%+z_$xSIl5f-s5C}dlJ5<02bU%@Iht6F0WtCjLHsi2F
zz%nRi1<^CK(<Dqj+bhoe5QMed_8+<A;BejJF~bS^!?KsY8$C&ohMbHunnrm`DPx;u
z;G-W%LU*Z;RqPb$8~pghMt+a>HKoV}ut2Fls?NsUC>M$}qcFh6TgE;k_l>fNFS|7P
z==<#Zi*w<t@QB{^rW<c#OTTN)KkOexE-kCY-ae^ze0!o+DnaqSMmd4e;H%gF%g=k;
zYS-1kv9qCSs-b!jYDkbTcGEBStdj+Nd!Td6Ww%pss)@Q8(XmZa>Qna2kTSCIaw|6n
z*S2`o$JJ-Y8_$l1eI}%D7g=6Ibpq*1xYdhU$H_M=wyW5YJc0hGeESNOFVMlrW}*RQ
z37kW(WMU5Y%tSdB6k}j19@;rdPAZ@4cZprF{zbP`#&t35=n7=&Wpj64%fBl~s2whI
z@z!kvC#6CQGEoE>`ggr2eCde(aFjmmeY$AvXkG_(dlzUbFWU3Lj({WH$;T-}kmt}_
zW;O$7H9(Q<U(5Iw?ZJu|Qpv@;>OyMl?jTW`8|uueGoI~9B2}F_m67!#{_f@6xYD!0
z<a{Du_NeIVM)|RTnxvE9r*|$!0nWsI@7a`8t7=s=U?-!AgSczq!`>m}i1|lB3W@xf
z+n>Uq!%b@6Rm=F5IM$d2CQM+-Jhw?&Z2p=lsJA}^5?>8ElB*WzZe{?{t0W#LF3d%>
zNX&VQ@ohq>4)oEE&>C-?DRn@G_GnwT>M{!b#yf!}$eR5%0p#P>l~gi(*~BWTg6=5a
zdu=71%0cZ9%vB+HdIvlpl}yWsMA<WfJT3V=1Kph*6K<~+MAPSV1hlrP4mc)%A5BXM
zg6AcbigH+o@yEfaNvL8jl0HRzT@;I%p6K**it{EHg0o*Y&x=-F`(WP$W=CU6Q5(AK
zEe~3r1GT(vL7IzcUi#|;FOP0q)6~3mC$D~DM$?pnv(Pv>yQg%7n#VXf`}%Z*nx~mv
zeLa9(ef`|ZI63<pKUU3cgqlakwyJ?eef_@qKi6o>f1lEy^!ka|xHE}NUeBtA#_j)w
zRI{tE-#5i6bYoXux%`he|IdtFc@_O%7~ZUhqa4-sv?FFB^-$nXWw-__&583Y{yaQ#
zPX~m0S%ZJGkECd}AbY}hGnAkgq83g9T>B9?FkUk#AJe{v%3b<rdiR*|ex??25ZcFc
z@Ley6FL4V!&G3|ayzQ~nh7lD=%Va#H*HZ@CwjPZX>LFhx@|#3zotOlgCM3~Rpz@Um
z<Y*dPLsIDjryRVWhGjmmijgf>kP~?e%ux?Ly#Vm$NDAY>6cbHLfe=rLUiCQiIoxXE
z=8@I>5Sb%baj90r4vB59VhCHVn4ok}Kbwi4q3e0~#r(n4NRr|<MhhXwtAPSoL{!CN
z%oV3fes&{OKvIu=>mTR@gcaY8W@8DNdK%+b`<0~d)q|cThgJVrn0hGT2PZ-Xb}n?=
z$iZh#Y$#ok!Qg}dn|C%ziL~kZrct$g9ZrKZ5`nehNghJ<d@0X8lQdYHmBaqm32YOF
zVkX9Xyh*?H+)dwAF05Yysm1;V5GkaZhfrBd?BlaD>7ON&=p!#P2NvU3jJU9%CQZ#}
zf%3wEC{U35z_On}QAPNFZ(4`ogoRnI{i0T?1Fw{h3ch3GmVg6M)`Iw$Z0!BQo@UqX
zcvfDLE<AuWKPEK`rhEMJt1{qoK4xjY1WfULP~evWe{Uw6TG(Pzm4fvp`}nKThSG=S
zsYySc4lBP#*Ccvy%ID6J*X5ewK6HQ9shC;S$nIJ8Zx(gQ2E5WmK#n)dg=A}6-0(s>
zy;GD}>x%I7;JX&EbJjPg(Izyp6X!dD;Rxqh7@9uAXSVL-Vlr_1P5D@3d*XG#(-u#)
z-C9^~svezKpMMLN6(CW0Nhu=wvZ@<!v3qSk;0AVS`Sp1<*_&Y;*e2-52gX~$%LEVO
zQGt<0lV$pzg3j7NjR3dXT<^ZKN^J)xQJKWS@iXUXETEy9VDf;9N~E;2gdhZsr+ouS
zM7247?v}z}or6yEFRRMZ=DvLdXJ#Tn2}Ud43|rww(dwtH3!q<dVChw3rFClv_Fg{#
zkY69zJBH}t*nZl%^$*>-Me6Kotw;&2Q%G`;uJjz2^Fk27`TLxQt6CPhM>%R?5}iZB
zneRopiv?z7866LpC^Jk#B`RO4`jpT#q>RSEGBa)PdUY_WP*S%(0*t|(tck!#JA)9K
zT5P5F9F_aPAXG~=ZsZpY@81<_-NlQ18MBp~q_6Z+AvOah8kar<CguVHD6nVhuBBB5
z*pnVzEm)zieCh22mODz>?L+jzWU%n~`L-qj>_O<fqfvkL0#?#CYga_9n*TxhK|Q$t
z?Q1U<TA=;~QdGnk%f$h#sZgj>|0Vq55mdJaAyYacte9b~-^~4$!J@pP46kUbz6mZu
zYkD^RIKFP*ubt09xANX$Qhl;@Rct_?dh6fQ&5YBUQjywWl6yzv14F7-Uenh_5FlOD
zJfVGc?x+EI9ljq5=4Hy{wRg@jx@B{6aktuL_qXr)3qf3w;9vhQZe|7ijK7s2Nc>Li
z*LMb8lVC92+Wk&kEAD{8{?`-YvJuu}l^@+tOsxa900+hlL*(dUWn8_?`h2Z?BtvUz
zP95YDq`trA*yXFGUsq?N4>WhkVFx|37L|B@M0)$x@03;qQQ&ELIb?3ebC+Pe^D$B{
zMrxF0#prpmJ7ii!=bi+gMB-u8WEb{j!s}@xr%mn}?wAV#Nt^rec&3XVojaz?0!gMr
zQrlcs43p$Nt*He<EbXNFI<QcpSGTttS30{pY7aFUKhntTr^H0%7{<(_Fn|biJu14)
ztkMTE2^rxN7!We17k??{wRu~93EepeQ?(kEEM!Av$m(zuRw^15Vd{_}a9!;vDMYoy
zwMs89v!X8ObcFTFob<YXs4Sqv4p$tWC-u(z;oszE9GJ4m^&{Dd&^UKgp8uBFDXh{T
z;eS{E+d>`q6W?{Af_E~n4P0(C(6e1SlvAU4dhL03*8Tu!eE`%xv{w8W;(Gaa=u0m$
zF{fXZ6MRWtCvI@26To<`ikm~0f`bnJZ>e#tlGxdrLJtV}kso^vk}!8QGvlLmJwV0H
zLB$AE$?rgv9F^#LllQc@l;cE#KbweY=l2|wyNhJ0XyX)O*PZ+7Oq@<@g4K1I)yA}j
z-CoA%S%5y?(NC9GYDpv4MWQc-xou=*1=C;yxYJ+HseLgk4I{2ZuDw^Kw`TjaUjstw
z3R-nXOy=qWmABk)&!COZa#4JGnO)g!)pX)I%Z5RO0Q0M9P-*TmR*o}GtF|{fzb*g1
z!}hFD_;2NEiy0Oy??#wHmzuV|(|puWdcoWjl%9>(6uKwkv%S)M+^x*HZ^QrqC1Sv*
zn)e|H#Lel=AKjV7JC>gCZkU9KzV>O?jhCe$bOO!gncj}!wL+^$c{t@PJy_<_TTswT
zNWy><h{wTY8O_5?GBaJ`X*US)0;9cS)0{cBlJp)h*GFvPFKVPeBrrgfs2DSAxPkCK
zY3n@U%F%bPhQoD)2A7?Sq@d;SW)_I_1}*2{`G?h2aulcVE`xC1_Rzh?Oj-V*ZKSl0
zLHk<z+;t6o{Y(vNR~`06Fr;7IS6CVIhu3G{8baV?0|!XpQf+e_Vm_K6QHIQu0%EhU
z`G|&Q(gyC=*<?bqGrjrPTtc(qiYFA+S-uMFd*sb(3csebL6+uB&L>PcHWXEOd9!36
zMdhaA$*B_)1@Q3;%o!MvFrsQafxi1$dv^NsU4PGCPDj+D;hK*W<uG(5{qyxug-&rK
zfxosdxQ3*}N=Eqz*xxgbeM0z>Q#Ra19=bYR`;U=mbmOGK6zDME3V7=RID;PXu#LPH
z!+v6IWEI_43iZ^k9itP&wmSyCAui8L?{edhpQj%<6rUDONNGsZG1K|zRDzw~Nstqq
z+(6$_6cmLPYrlTs0Ut*2OelPBYJ{4%+8Vk}mQr<M;mYd0B!tEB!<=Hrx$(73C<c}e
zFEvzYMM(CHLLMTLBO+@p79LVaBkqQo*h(?+zw_ek(rq9-wed}m*jKR8G`;EO<N#C>
z$FblITrtsm#(%-xUet9#W&j=>pPSABAnV|Mi#m(>EHMG|&4RrStIHE^N-V9<kdC6x
ziG7d@eBtw@@Y<~<i0MU1C7g_9s#H*3#JrsI+?a-u<T+?@g%_+&Q*k-Qu@#GD+%Xl4
zW6<KumKw|B+8L143R1=KnjW6L7|SeaK4l7My2*jMyYrtCbyQ-}hg``ZP)r1Nlxk|z
z`UdXr?gQENOV{k_o{Qh1&HxGaReS()Ji6Xt_=TFLzK7{>jnjZZpH+Bt_@1-x`d$7+
z2;XFIH~@As5bxOEuUUkdaO&r)t2g%+3h=GyYd>}VMJBVM#!b{Vs(C15LNEAAFr&n4
zylB8ROPQh<*7MsnHSFnB#{IX$d3EaH9O5pQr^Pr+=FgB=CMVX^FxjjAR<H{J8ps1D
z1&-+tD}Y<}jCjeTT#OZ0n$S$}t<#@)qDB-D(Ce&_DidMuE%#T~k~;iqc^{1PC)^n~
z@KOn}r4T`my7K~y7-UqarSFO#_F}sA09CYeq4w(R*%t3MS{lOqGuDRtr1xQS6MX7a
zz3q#Z5Gts~)WNc4FZ3*|GBpUd@ovQwXzBwjo>mLBKN3sH$IW5jxXKUw#?8qSnJCLh
zD-=K`J>(=SkXbq-@mlk(QOdvTNJ-qH5UzBWH{|{IsPcL%`r=~bxiSB1`z0A;g-R*S
z3@@w-$Bsz|YLjY&;tZED1kcYyu4AhN)rHA#dbyYh{-()H+&}d79~VuCE4JL4=p6R4
z6gMPgXMGX6WSN=y9E**M^jfUhJDrI?ZP|?gaEvVVR)16&g-HvImCWsppDnK@W+ilw
z<DI4@5p{;#V*%Y2gF+#1#tKK-oFiT|_}-`<{93N6u9|6ayq&oqFCjcesJh%AMhefr
zNqrqcnK@OZElM^bG|Y$5^IX4q!9NeW%zQAZ(U&VPT?a-AF}rIpYGjdKtP?_*Luxqz
z%gt_|tH}P?CekiNH^FV5hFMQ`K8tcJ!AQQ5KSzA_oc>Bnoam2|QJ%o><Y{3OJpb`P
zn9{Q>TiIaG)rC!1b#k0P{)t>*M@ZJOYiCB-{Ur|7lbj1e^EXE_-+O`T@~m8z^Y`@x
zCZii|7fTSbU8FU#Y)4&8typOv_>*BLG?B0gwnz-B!zd^@gIwM2$b&SpndMZpZe<dl
zGwdtLr0rDJCMc6j((4<{e?kOlx`bGS?(hbr<BBh#g?4x=Qo8)HBr@U=#*}a~`4}D`
zj{#;rI<Dr~H~Ba9G{=OIH=EknY8emmf>z;{M)l!~{fM)}1)4(4a9*?(192)kuNC=L
zc%B8LIo+Q6vkmIAYRCVM<>upfMz|pgvo;LnF`XF`(rTX)sw+lehyg8b=vosyTu=TD
zU5Y8lA8<s1wt*%Q>!89X9{Ca<>*kE0LJP$8VwKzaZ&SnDSmNt4n1RA3fzBMy8%;#*
zhOoU}k!MM=^Zn+{0(h@pnQ%3oCX4F*XUrAhec0S(D(MB7@0&<!=NL7q7Ica8RoX46
z)wqU0v*#Yw)<|&7$gaY7tBH^u1-*MQpscbXpj4|M1t}4YhPOO>S;g2Qea*@q)kZ;L
zm`_2Vd7Ou$%{$U+8~&o;N$P&Iw+<5ajScZD>R&WYq(4aYgmKE&=#uB9h70#PnCJcb
z$pt~GJ-z-ec)Jk8IY?^wKI9iqd8$lsyAZ=X|9>6h7cqg<@B_%N?(2P&`>njxNA^^#
zk>BqWg(GB;jzRj7y#n+?Yuu3{ZSjpYgvV~(CE-JuaS45g5IR5M5GX@|(N$87Bo*AZ
zOzcZNmF?S&KBjkAXBM@)I-TzVF%D2f4lsOPUiY8Fmzh!a^!mEj5X?wQ_hnRCp?BAP
z4%9U{a0ShPblZsn_idcTM4fqr&UBoRVuxNwH3*)F&;}=XG{Wa4@bDXr=(YM=N?A}7
zkx26}Nf^awbph)@GC`+26sutw|1wnm=_0HEVR#XQ9ge`4(C+jV7xs)aZu88Wjp;D<
zQh<fZDprfyZbj3Twu<gCwZBwkt(t}rXD>x24N4Vt{qgB6;SDxVD|Zc&`~C*}AoT?V
zkzqC;Zuo_Z?O)ptyvi?#m=Yz@L*;<m->@eeiXzse>x>Rl%>mYEP^8YbNDZt`7IZ^G
zXf0FCYoB5zzstq2#D@^5nc8qrmf6<$2H)lkhr?wfYZ~C?-j~){jGvz(DdC0E-wCr=
ze_;5NP+fGsQBc^&auE=J4nHt|US|gf4eX4cJ)Za-0ExVXLPJR^e|gC=_=e_!F{|)h
zb4a`X!s<6$+Lp@DFAtl(&1RKirYgBu&$^2Rwrnzn>N|$x#TNNA20M|-G%$;C^vvV*
zW!jgmmsKq&vy9bNvL%`=?*%=f&K7s>Kr$D%UtS@ofFKF+_%>eBkm@AmTxzG!fMy%$
z=QXFVOJLm~)v(6t55J6L>gxV*Af6}{BnRYop$%VwN<yiatusocnQ9?~N|Mb3-;P<w
zqtcA+a`l1en3<?A3JDD3(gqOZ%8mh;@jbKNgeeYhT}0bwN9<p7dQe&dqRQeE8cH`G
zCvwM;k0Qq#)$MD^lgKWEPPc;){p98`Y7x?;5V~mV+6I(e%i0y}@p#29a%6EEp+M6!
zSseA~nm2iuQ=VjYjj|mx77iphuN&gh+^)%dD>1-{cEi3@*>kUDvx}y{&-toU^2Ej2
zDb?rQ=wWS~pX<--;{E;nyuxnp`}4`aVTQ-o)m+W`4wj$yr!$Iw2dR?8qoW4)6yq0G
zh}6f{+LUl|jcl`%$%((wooS2LNo<~o3dRy=iz}gSg;20xetPV#Fk}@a3dHpRA5MF$
zn;%^#0=%G8&3MH9x;QaV{m(oc_^bs;#G~xm2>9>mY0zDxGomtU8|Iofk6_$tz4|>R
zi#iLpj&?k7c!NpB3Z;Q~Sm!vfQI`LoZm{0k;KnIDEln9aY|t;sxQ38v4vYWW3%0o|
z*1oW<puLSKK7vs#;drv2xZrhro%0I0<rRwrmy(p$6fP-gvS3SX{GEhgY^`y@Mi>2&
z;V~=wHVt__>a=@dYmtq?#y~GQ`_HK&8Em)y_+bKJqxa(g&3^$ES=FkA)Xy}^R{E3g
zP4WQzF$^ZGW`iVri_?)uaA_oJ{nzuGgTH|ot9;c+)RM)0YvtLbm$EQ>*fMImkjg+(
z4+&f*Jvqe`VW%UbTCZ8ZdX*}@Kv=Q|JZtd$Kp0EdWld+_7`D~5`v~?`C{~4xA7j|}
zkMXTf+hI$+cYkeQVNPR0N9Bau0$=TD?e3$}ro8rMeRXq|iTR-~9$G}jKsZDljIxty
z_pT4(4TNC480cRq>8y04nFtxRBeHM(t=`@b5alz;1_FKKP+8e$FszmGNmm9fyC&yt
zW}aA;Wt1S(vC!HlUW}_0ba4|x9qO|`bz7sOvK<+44Nh#wANP%favP7oU+WXZ`o)3a
zFjTL<Nf@-W#<o{P`;U)0N}6|sR;%z|GQ?JWS!J9oTAmZgFpsK1+=9{rS!Cg}T>pWL
zt~V0s27yBx08h2Sl-SDaA#1}z=_?%q^SgELbG?ES;uvanLC8|aIIO7S<O3>`b68(7
z;~$GQw7su8NHtBSF&bbl&~@V@%avh=JJ{-Utrf$RQB{MIP^*(FdR8LU!-w58Hj{n8
zCj=J@{&MYa(oHrSsa?qe?K3oo6&LHs*y!c>InV+9)MfQnORcd+7M1zpYaH*{vW}L*
zjk4<TzcpmS#~B5hc_3pW!E1y!MC)6$6ho8&Y&9IpJMpr1lb|aMw6}MHxDAh+R^N8n
zQ%{-8sI_wf-pJgkDq;lBK-2odHVxuP(^!?f3@MhxOV|%0Gwp06vDhNxX!d^){N|UA
zf0z{~F^Y_2=Or6D09tK!ua3WN(a~Vlflmy*a*7Ok6B$|A{9JsyEO(^ocT%O|FJ5un
zVFTKx^+Ei(M%ht<WPg7aaLcWN@qQ(aGLuLrbQExLP;h(0DL$$NMYBY_ub-DLVjH@;
z$=?)lRvU6+9`Tulb*5gMh=9v9$6u7w!R6d{to<S&Y3N6x&PX=KM*utlSILRVBPw)(
zrF9AMrN|YM{r2mLzYE2>h0NRHjlNMUO)l2h2Y9m&!o$~sKCKJbc**sjZ)K4}*jhih
zgT=x%Fb9slJ}PUqwvA~r5@MJ^np4zhv>;%!4%k9^ZHgjWTzZ?8mo>jJ6kLBT=a`J9
zXH7v$rzcKULcAfa3$np?(7Msrs?}#?ovmgM8UK?DyXg3&Ddeg|vyl=nd}175GCk}z
z<~FudrE4`Y&RCNRU~<kr$y~G^8QIpT8mhKD<G(A}(5YPekni4{y45TofsT?jv}o%?
zfPgD-skPkEWF8lg3cX@j<0xFre}<OUXJl~u(H8a$L*p%k_=z|!qAF%I#B*pfQLX1{
z6DCI4^u0|=J<i7zrX#zv4$BYlk<>9X;T9mX9OwT=$2TK<_NbO~M@eW?srIt=oTLC?
zlxArmRV1RtbA_)-Ho_<9#B=pOi!L=oot72D(^x-CBP?a$m#}e3S`)t15Erb|Yb`_C
zYPj;mTQ;oZ_&xkiXcFi5QdO*%*U_7Gf%|?!^n3k>2xn7LEDF)y<>7oEcX_KX=%hMP
zwZqc_JCK>!CbIet6ZbYJC4R#=VQ&SWmEzu!uI{NNaOWv+O6|-XDBtk21AdYRI|BOp
z<lzdXCNS@weuB|G^2ZOwMb(;-QJlyEMynyYDy{r`J%a;Z*;9=+kvNw=SntqToyU%&
znkbFBS6D&?0};|1l;?eQmx7^%^(47xL-rQms()DvK-ZWVQ86Ray~V6z_dJZQJjZf>
za{a*$&&@5aI+?Yr`7vh@<0@xez)@AD_wOLVjKjTYqTfo)y5|TYt{4|3xTvfyt1up4
zotfFqd{rVb(o!U_hRi<NyQQED<biTUiM^j#>wGG>hv^-2^+kSHJ9WA2BDGAs$!1mM
zOL<`HJ5vfZl*n-GODO}Z-8aIS{k)~YXtfz0e}wM^jGytqn~~xi{8q$kE1@f(TN<KB
zRLeTyu^SX9$?j85zNy)n`&XLpmw<>$K@Y-bRr#9iOO|cEMq`tO^EMgz-7j@>i>{}(
zy!d9Egd9I&+13K9L6G$jpQC2s0S#sWKHD$}=SNpD7IA6yd!aMI-r|@tX8^@mLUp^M
zn>JD({wX3ZsV*0E(H*(R>Mtb5cD!^O_b%+P^<dw@d(emVxq`K3n*LC+m7qbSqH{!K
zE^F{6PIHKD!{EJ0xH=Qni%+1QyeId5Yu(=l!$KAK9Z2zf;Rn90MhOBnFFYSr34-N$
z3D-xZ|3<Z2?)S1-{)+CM|JG!`{{iMEYTWN-pO<Haf7)XCD+=Q-&I-BT%Q{y5SS%0D
z3g6K`$_iRFC1#UXTo;*JYWn(SSPoGWD&<EI6Lgx+&I<7?_AzX7qV7MNdP@4E^BuS+
z`qkp3(_6)TXFKB5{h3DM2kwl_zQS0}OB;4YRlbeW?kO_vP>Xv+AG+-`6u8`tOFnY6
z`01%gGq3p)y_2jW$9t?}<Kir~bay$1OT(pzRD3$H`RBDc_m^Z?j7jTF4~hMH%hNW-
zh}%ZFKQ7rYy*F*1oYWMNZdTqlHzQm7q6ZQf*O=Ilb6EWCi@N@{kK1g`>68Vpm|z<#
z8cbf~G8Gum>%!r+d^FC<0z5}j4MZi_$Y-i5nX|)uziuu<Mn%f&Xp^FJwECbGyQBz4
z5c?HXhPw2z&nj-TELP^MhD2Kilw5#_FbX|?(TL)?rA!itEx4I11?6kx)P7e&do7gE
zwE^>BQz2}v>-xjL(bFcPeoxx%VE-(q|C2tc0d!lYM9JFao{5G2=wLX#naHS3Q`50w
z<*?1NqSLQL+4|xO2=YTu!P>!T0U}QS?lQuBmwf;AZUI2mOS#)42mO;h3Z(jHt?DLc
z6c58cK6)=va&wH<?b3kAEEOyDBJl3piw2|_eo6Dzm%rnZf8iML9yN^^^p1&07&Lyx
zLVRJ6f1tw;pMDeMA0EA<;BRAaEZ{N;M7+=c42uhe&pKj}eZrK#Loa!UQSlB&yd;pt
zzd%D~7?0$b4&)g3<XA_PBqqu)G61KuXwD?`NchmYx-qSmdH9ffddnAJ*tjnL?wOVM
z4T8OF@)(Eh=#1s*_EdE8x}jT=>74J!`NNN1-96X#R5d@3Tee5tuU?}5Od3(PfM~=_
zidchdJod0O{#w~Z;-tnRG}Bi1;CKVGSUpVCB{`k2qQLKE1@qN#0?Oz>`NXJ>C359!
zh9zRMjHagopJBdm%{Z$)Heo)8-}+uY79q8I_S-l9WR{0XDt4m=>ln9@DQe~e({Ok{
zKbkKQeF(g?coF?@^qw^A*w65uyr1c9SF!8u4g43w)5&F|+0{j!%9vdY`&ubq^p-GY
zw3w0DV~qoqVmx${RishayEz5mw=?rz%3Y`fKr~yCwAQuyOj#X8A)HW5<#4l72ecs4
zsDQjFalGhN8!_VKjHwfd*|^UEPFZV`d~aG$f}_p3<sofn^v>JkD^#Nub0Wh#07tbl
zXBf#~OdykD*`d{6W-;Nx^8{#4lr!CIcYs`I(WhlFi!jv-gsWr2qV(zNX@1S#zeB2}
z!*EgqV11gB*#lx%G<ZT3Cm1Es>Yni!kd&t&bX1V&;1h?~B5noU)5d=J2#`ZfHY5sp
zPSzLX<rsE`&jgdA2&ez)zto!wuVI&ya{^Gz#5{%32#+T$FTt@g%ZekDpEZOt*@e@2
z2ykkd3|nlgMps!*lgrR?KJT0MC09yqK@SIl3R+p{7L*OP%CbKNol9y4bpDQ?dmOwJ
zVebZ6G!H$>bNDvUSBlKBBHBE+fbnHGT2d<x4)05~ulc#39yZYTVd**2pSL+Y9E24P
zC<Uoqo6`}ev;_Y#H~us<k2UN2N{X(>N$$#nzAhSIxC@S8i;w)}^pz7#HfjosJAgOw
zKsYIMcR1NvTSG+ISVee>ZH%(#?g0k=9E-wse1~x)e04{(C9Mk#tjy@ox1kMNA#?xd
z^6Mw2bJZe8Lwm>tJN=q>qYx@Yv4^%R0I4ceGDfMR*3?cM1c9V3{b0QMB67uMnx(;X
zIRlumvL0%49&6H2k-<z@ah@}uK|iL^K&;a_`?RufF!EH#)3m+!Em5O7xRhwF@bfxM
z0P1vCh!)@|WV*-yQZQVOr;%mQ4FsJMcC4rWWaF~alA;4&WVaTs4@+6pX&$!0Iag~T
zNo8_R(~3Cha^nswhtOyNLbCiz`i$@<^#dh4F&I>q@w5=E=m`_crih+>@l3re9Xm$X
zRON&n3iheeDh|P6u|rg@5$Qb(pg>aLrPlz$Tm?gr${Plg%GY7k{!puZjo8G}Kl^;t
zRG*L{M`m}IhCryb!WjT{g@eIHGHgAD&_C{?Xl`DvrnZi)yqCNtJeMdFHd!`;b|_7I
z`VRFtXzkY%zR83gj~+RMW@aE^Xyk9>X|>7hEn!<#v7p<w*5fnASjld(8WNhPOp2Bw
zxU_R6u3hw?a`S(G(L0`}N4!5DFUz6^Q6sD}9Q2?Wpz#BK4ycuh_{v|X$lke62VaSN
zeyFMVCV?q-dD4@=H)HVsT25znO3C{&vAfBHU4x<*a{2X*IpdI=oIwD9K!3lACh`eY
z8|eThost%4$;kgHJJIRAI-VD*4&Gmkwmll_zBAE(VWs*;%Lt4V6C5tYIi8QUJ<ihA
zoMWZ(?+pB>``mK>r-`io$J*8W@A{cztm_$mR?EJ1fR)<ghxeb^Yn6$f&*AHRDAQQ?
zea`j&9s57uUQS=RI@7S9kw(MbIz5&0NjBAZ@l;_^uz7Y4Qj9krCFM)@s;mI#Dh4!5
z42)C<YGyh$&L&1zItHo7#pqk7{?Y;+pk|>W7r4Va*Feju0_S8a6zbStc}hx?iM`%X
zUFC*M#Jvs*HlgA11n=^V$8VllWxCox>*i6?T8<F$b?QcS;?VM(729?5TC_9vo{fy@
zR|3uF7Z7Z3J?fOz&o57y3n)p^$%(0l*?O{^cVRecv9Ve)#Nbq>6n98&_;pKgn<7<z
zU`;a0-yiAZyqems5p&JoZ>J>$SQ}k&{pj`oAQCEa{S<KkT5n8ocMqccx=9J~frpu8
z^p=ttB!ra3atx&RrT~W#j&edp3(5mya1XQtn3aAMP?}&cz^<VOUwPf@b^O}2RarFc
z$2dYE21cL(Icvzkekz#MGuwZUz>&5|K*b4QSw(xB2{SlQVHp<GxOuAAnD|yxlsLN&
zsb$_g$UeB=@Q81Ce9E^)SOWrcW8t6$2sB-vX*(0zPYxBAnad?JGVPbN>0MFn1tIcX
zy_gqtCg8fU68@|!WJYe%C&)2d){KI;9+HyYq~SPv+PEpxl#1)4`hV^GyI<lDloBI{
zeWZ4rrqJ9kS=%Gm+>_Q`twNa{|Kb0*>r{An5XjB`x^wxq_xssi4}<W2y?)D`6<8PW
zb@%mkdmh}?_xt+3Sl)emD<u$Z?C$U7&;IJu|KbCVy}jlBkgZjDX-;-fJaI7U=%<D4
z4C=fivyycr$CNQ);Uheb&D4eQ1y_6$kFrT^Ymz^ow8{ICT`mnV-Bha<E)sMo({Vse
z_jd=;5Vv-%bR=Ssbp?^yNMD}+F|!wngsQGDYpm4XsGv0T3S~P;hu!kl!B9lQejeKj
z6%UMTb>M?em{P1VBVZYES{$2ouPo7IJdn2VV*<osN$F_G;j*gW<VYWR1d?HL^&SI6
z-~_bh$q(qfE!||?3A_IMa!o4Ix7BqJ_;56nJCN+FTUiNrbyC`z&xSq9^dY0E>wAVq
z)zTvAU~qL`K6Mmxv8d~)@6b=bt0=sSLuux-9VC9d3R3E6sStO+vETve7g|<u`-mHH
zk_=fAs42qN{6cBbuCMaN$1n)9$baZO0i7&qZI&qV2mJ?ZIBcSn9A1$V@;M%Es;j0E
z-+`q=K-}S##tC0TIeUZ0zh!{BOLAdX@wTw-&4$>n@-%-X<ua&db(Qo(ZP-xuerRLf
zZW%KnGVBY@HG###qR<|jwQx-!J~2Rh5@)wI*1Vj~spxml<Eg1Ct?-(p)GNlW8N=F0
zCmsB9mH>3yTZ+DL%mhRn!mQ)7xjze6gMVngXg3q4Vx90_?jRHBtZK~yjr6=e4pG;j
z%pycGXi@Tv%te^{V1(IK|9=25K+nH<ks!scU5BGa$f(q#Sk_d$-o22bW*<kL_+74l
z-F>LT_bovpOUy+J`5^Zy0WKM2#OWObf`no<P6=>TP>p*pAEj+waOiFPXTxu4!9?v*
zx&lX!Pwc*Bi)yNF+7q44OPRL^_!B!c@D=-5-^)}6$JbTGZ+XGi?3K!B0TM*ItLS2c
z0?bM!3#AV=Ei{D%b?c4=yV9C+fzTzTC9KfrtL3+nR(b}k|29Y$xZhIB!lZP<ayRWV
zslGz~L$JGl=r<{{D(E^MY;Me2{W52*OL=TiV*W%ef)ff%zICYk8~-_Zb`EQsD&pve
zjgnuS!<K(>arKYu|G56g#mm>1Z^#>2Gh1rYNgJ87?}lU|eL2U#LaGJWtsq8U<nm4h
zT^Yzp^n|bgl0imG3MCUG3f^9<yZ;~@OnLq!uVjf0w!sgcDKgm0m%YM)HdhMfe${>1
zx}pN&LBm$N?tGd$jEl&0gq`KA4o^qO2bZcw=hO1EFY=t_o$-mej1EYOd11+W4oGtK
z_WJVwp7Lg57UjbkB-1ku^vawxuI~(X!Et2opCs*0mh`~fca7*GxV1FMR_1I$u9AYV
zx=;E7cEyN(T+|#?7Ej)Ygv<csKnID)XI?8>s1YucVwo_<-Jx72jpysL^R;Y5dQ`4^
zg5*rd+DMN2ZGh5L$&8>CDl&F9oub2=6~;qZmd}+P&@21a$N|Z-ji#)IS$=Dm(r>O9
z&7;1wlGYp4!M0T0upGZI3Z8QVf|75W_&&D%tj7<;9*h?UKcd!a17}i-aCE=b67}=b
z{H-W<@1(51a(EiaE9ZNZNPBKr5R)j-o`Y>iZ>sR{wNM@|13?ef_;&l*1~9hWszzL>
zuPfOEPoO;k>+8#xdYxzq6ci#+S35w?*@MW8`BqU-{#Ngh-kxaV<j8BfBeYO5MJ6?F
z-o7ek^gsRcQr4Sf#g7>K*FMde7me8l$8a%;bPYb$vSJy_naH9tpj#4QVQ~6#dDwtM
zSXOVO&>J&(VO`otQ&;@o+mzrWHyTd}=#hX;70$s%fh}eQ>J-k_-<l;W^a%2zu!YrG
zG_aX(>6#H*yA@hX!h~unGf}>c$u#lX%a=itPsy2X<2kG?sK;JQw9oW)y_F>&MHPh2
zLS%)EXGVl1s>wEf0eNc}G-*|_V5{D~OWa#Ql6`B>guNBp_I=WOd+TAi<+qAelbGeV
z56momkxsAiF89I3x@9%ZX&v4v$Y5Qe{|VC_RYgbGY-qZJG~;Y`gq23r@EDu@<yom>
z-*C}<#N?D|W{~Sw@F>ab2*J!^Bx-K08HvF-mz}jT8xd!LzfcS_V-Y@GQIX5-UL&<2
z%sL?1iw+}7S$anS;PH$=1-oSt*v~#vxPC&n!cH}iAO&5r!o);kaCF>6Flot7i5`>1
zv@HC0vS65xVmqZtd{%ve8>jS1tBKt{ffD^W^{I)Ry?cGqhjq74aAJNweM&M?DVAk&
zTV7RCtD2L}0P|?;KttS!iNVLfJG+Ev<t3rf8kwriMEgGyWg6fF{lmn*q2qJYRLu|J
zrY5q_K8p;SaUPI;%8V9(J071*(x1@&!)<aNdd}dxln8Z#5;FzUg*6xonKRFIigCa1
zG098c7o}+P3iWAby_R{0dMyn&r~wX$lB6&IOn}S1r1fS-Dpp{|qS=u*sMDRoVm2?0
z(zUDE4w?;&Zy^mpR#+hm<cgepW5+%MA+0Z<@#gJ&Kk%K39Y&2|@XRm9<xj9jZsDMb
z@`j7t<oWsI678w0dx1jbf_w+?^&XRWPCf|Y29L}Wro6Y3V=FaE5m)j%lu@mLZXUMC
zMv2-+_BYJ80+yj}_gt&s-TR_sy|MgR@f0I2nxtdOu*pMImGALUD@SK~+tggFm9MVQ
zh(F%9+7Ia~c2&B{Ec-Hj<QVYtxWoFyn9dM&3m>BC{_F>0p+%{OI1blaMPF398#SlJ
zbs2^yCwuU^udgq<kAt>j@?04FPH4X6O2xu1^mWIU8!2zdS+F$DT=BJfVix;c_aF|8
z%|+pYnn2SPwM)%`MrN)TFcDZoBF-&#jzV`Bux^B&>IXY%_NOYITN|COH%3A2;p|2`
zJ~(D5+ddq)C<<B`Q`5jj|JpuBa)vRY4C0LFUW{7Gd0?&H<P;!#4CzzfKypzOdgLes
z_QrJ?&)3{m9&rGc7-_2|EUza~n#i}#S}=MW5?xDM*<{N<>Q+vn+6y}sQq29~ZGS#r
zkW1lGL&9v9pzYHqWP`41%?bVbIWRu7P;tCx!%MYPS~ZEQFlKNjzR`K|b_3(Hc~GAt
z_K+PkMo0U%SNv|!Agyod8l_Vdk*?7?W|&T)IAj96hXs&4t`(3BSpt7H14Hx{KX5oP
zsMilQ=KGGlE1B;_Adhy!;5<4g0Z*(G(kN9P;G(Jjkw*gijr{|Ip1Un+!GK!4CN;AS
z56Hi^wv3Cv{!d^ZF38j(<Xt(k%w(jD63wV^aLu)}CKnUHZvtSo&P^-2)rXBDW{8(;
z%^}cnl(aiBPQBEC8A^k^CR@JVps-0OATAN>{469L9|hRKvLbi1+UgUJW*hLnQbF>j
zf|?ICqxo*GYFcZdoME=o_<D!Xmh4z%=djk0W0jp_m7VB_9;@t(-F2+8bF8wnf8Vjn
zj&~ia?7(%bvNLoYtL%)o@K|N%SY>DLI#$^^R@n(%$0|F=Dm&&nR@pgL*%`m*SY;<f
z^j8ZWeXO#xe;upr9INc?UB@arf$P^N-W;p!3|+@6JI5+J$0|F=Dm%w2JI5+J$0|Dm
z_XOjbaz2W2mjV@Hg8$o$SF&tYtH2u33=!VC7p%~tfc1SyteycH$@ttuK>G+;ladQq
zaurhmtRcv&w_mxHGOqbs43psahGH0@O>f1xYj9+chY~Z)SZ9S)VaNs?h-^cJU{?9!
zHH4cj852a7%sA92QCzGGMrd8rY%|U(zJ~yL9N;!m)O@4riqS0&bj7xm<0}ZwDj5iI
z-8MzdOZRf37zC-~8R-TNB2n6~(i#2|nljTpDf+mgGl06@mh}!J;|vsLrD~EDoCWOj
z*h0k8gZDf1V_|x%OqWFtl6YAw5`-UU8-TASIafwIQZqtp%lu&C?YP6#kH?+hL4~cs
zTm9E~=!tEBp4)8WTdSaJw-IKY2<}$)GBq)1uDq={N)i@|V7Gd0vy5r6fOdDJd*Q(w
z&pRVuGo|R7T?H)dW6CQS+uO;2<x+IYVI`oko}Q|Xth>ebIC<@^;&shnf&r&1FvDE*
zvv5zlF<#`gCEgO%XN1TDRMB*^tT<bd6^HOF2zZ(yd<sSLgHo)5_8Yar_9MVFOb6?#
z5gDypDH77x_=>C{kje<yzkm8~|4NoSeY%cP)Iwt|Yg)KLESOm9IRaJ#_|YBcXlwwK
z{s<4ivoCIzUD4r5&TgN0^ENN!dNEM@>0q$nfhC%b6>qVE$VT2F-rK+mi)RRyvTO>p
z8h@o%HjG%K*nXbQ;C>2?s3qOwJ|>pVHc^^bbYm^lJZzj5S$*~^S`<r~-Mp9I$hCSa
zUR9N>x@|A0=IWb9+=QU=+h!GVZM?QNRC#DXG3VGEB0)af?KJzyTXj?rrrV1ukpJFs
zCTte49@a0O{{D}+O^B?>AD==zs+u7~0-mZ5%q=Yntz|`xthI!RA6nQ4uj@K(2`7t`
z@8AE2mK(>pVy#%Qnqh{7)6`Dk5IQy74N_9}!RZb@Uv6d5Y}re8%TtTbb)K+RmVzrl
zL0T3vyCJ#xu@2(Aw8hgNxT>Y!!cOSNmX;+KYmAq#=p8mUsNVq%z1|^r`N67MBH_?c
zKG3iBAv^3Pe8#}+Nf=b5&ERl-#4|>Z5$w<hDBqY8)Y9pp2$WHyq-2%iO0)9sV1}VE
zTBMt;$?pE$NvTHJ&Qai|U@*r6l%T{70Fa?+d-_V|<{{X$2(vmMq@~5-C$r!woBF%9
zPu)GOzj2!y?+Q%y!*6A1z{H&ld)PFkd%|{v^xIf(2-y8BZh?`y7Y4UN&w(LKPM@DX
z$bQDoR<fk)XkCF`pZkycDYaVogWtjY9qDjsXt2Bm002k|bj;a-v{ikgwF(HiqdP(?
z*@%3B76NCkdEIOD8!4Epr5K^wt+ok<ST4x3#j~fs1Z#!X^jPZ~$69gUJV?7NmhXhN
zy~c&>LG^MA_6c8UC6KkHx+3F#1|pG`D!ts(^C1N7gzm-@dsVZ%=kCXCj*Ge7{2teh
zbl5yUzzF;<pPZ00yz>;3ts;T&iPLSm|LS8I0rcu6%av5?@+iTC#v&@lbkC>pvG@zy
z&|3!SV7#DJG?%KD<Qn@%mQ78VxaE};TPA7(VX(`B`Sof4<?OqQci<zA<$YmltLcBE
zY~d}x7v9Sf15C)s6x%-N`2n72`=nd3ZEC2c6`{;NW<{g;?L+W~6dB5$sK1~HWpWx{
z^3hd2TuA>^?WaQyluaLR`jE-|RJn{3-#KcOWz6p#rHIi?7Q|~$;DC(%hf|wF^E*0g
z!TB1WDFFW)kj+x-iUzyVMZSbLwc}{K=ryYZwE&nU<(M1senW*+@0wy*w!Cn2S+TO<
z88y%USi^JwsPu#XFu(oS0&}6~he9b9G8kuRDS>&W^?kbloBULvHU){X?OMt!sdc^q
zie|OYf>rf^IWsVC1t@9&7q&n2-LY-&bd{-@8AJkuVTchaNFimpq}k2T22ye##e2y`
zPUxC)p<29x%YoS4&}m=D^;hW4jPyjVjoTC4gWfu5qYCXlgj!~M<d|p%svgYA$$qlf
zTsLdA-QO>B@}FuTdMdEk3%UMg7z}o=dx-e@bM!7}%VvL9&cV$+@bw+7_WL|X3+0rt
z*mCiX(R@5WdNAlz?0NoI()#@=5$vwmkqon~M@$i3r91t47(v<8h&H%_I%zG>&MK-l
z5Q8egBRUuv(v4zu_1(Kd;Zt%}%G|H7x%a>jqftaj31CK;O%H88Z^KRmp+&i|fhQo$
zwLu5u+2V_#hye8QJzIS7doyx-!78wWuWMSfRa0EE`gM1*255GoRQ7%k$0&p%6NJp!
zH7nqJ|2YnzmykSa#^sH)!A(~($AB@FZCKtE;4YrTr}4|{T2^$;Uce5HtogV5PqbTK
z8G=ON@A?EmPBC~C7I1=E5YPe2U-5#WkGha|5Hy;D!<Ng6*8_M1VUx`b8_`Pl(!Xxl
zuFYZ2DrOQn^@PK6wl<dKI5;{~Yp_q>un};Ch&VN_<o804yhvK3l+=@PRpc$JZaKSq
zVkFqPW<qnEQ1t||`JVg+{u$}=`?oLOLbW)9<<ls=QB7^l1)(MXj#Y|FF$0{^8EJU_
z=V8BNWL%_mZO6yv8iekhEnA5^1ZM@fr-I40L4G07-LOSqT=JdkH%!@-y*T16E$2oG
zuH}|z@h$w-ARuvU8-wSxo2?D%xmj1E`jp-4otoufDK_Rb@bu6^iZysDKt3IK|Bz5O
z*33A_R$v8{RJSNHK+tm9k#llZ7IFtB0Im!bfUcqj`-OefJ89?~lKSa_4Hs{**^iJS
zTkOD^jk|7|pjyiOwSiuXbnfJ;z18R5s8V70k5&jN_G`=%W3a=mIo9|K{2?o)-uWK{
zaMiX5I9UEiY`qnO1W*iEZPB7kSZ~h6bMjmA;e?juqRY)RYx*z*s{p;4+3>3mC#Y%7
zLAm&FvKS$UMfdaha+gH3tmIa6m`2SJ3QGoPYkh=@ETy@9Obvf@Eg5`Gw_6WLShqc^
zi(Vg$8rzmK9(-rJjK(Km|GDrv?k&yX10YoZBPnL9UVUV5TcD`h81yI5eDqm@YWJ3w
zz!^v5bxcry#guHS%s~5Y>COUBE_bbop_Z~RQG5DKACE4nSY2^;%LuKOysl`qb7+hZ
zsIh}RtGCoY8&>VWiV68=Arw=Df;YPoQWmx{=c^8*>I)mgvPPp=HD5P8XHUFI42b}v
zr_Px5hdl25zosSVd2qj;Zse9Q=O%!#i}W}0T3M~B;6E|L<!ZK;mHzWgWwJDL0`lg$
zH^g*@-kTAc%4j4I>0~TOwO6~lu<)w}mq#Upjwj6}&c#8~I7z~_Qd%SUKN~MD1BB9&
zYJPR;if4}QJH3EG8`m>vx1X93T4<eny&+0&S^ER*Nx&@`mGw>RYb{%3n++ptCJZDZ
zIN1cDrRHlDr?ug{w5jEm);yy{F^ZmMp_R*uZ)wGgor{FTe0J!G6olt&TgqBXL%67X
zactCxy@G^mDTYkIllL?S80Qsdl|n_~0O3BcUP@Wj!{E8*EP77v*fK2nAbyt~QrMp^
zF&H#yk(0HSGa%c`A$kQIFtsE<-m&G6)5K4szP>1^Qe*w`n{4hUnSOv!rTAL3;?|WM
zFnt7HZv_>7)~i<^v!cma{#7Nnuf$4LLqY!Cy?7O+K;|wati5?i*3-}1O0|Xz+KU(v
zvVk2r)D3al+%W&49rL}cZWOUjWTe9KH}*-e<ah9$$!mJU2o!-FDSD_I=?GwSy7|VW
z0eZ#GO3Ewpl4-?6Z=vUUl?{+&`$L9mg+YAU-#4SNGQFkZ&y1NEW2C`Kz!1BDjtVFD
z4{lO79bK9R)yITa@T#2@JCA%VMx~y+jaJ^;x$Vs;7FYpq16D@X(o8lu&#~YfJ4H$E
zJKuaV)^FrU2S<~37EyAeaBLp4WnqV%ZFTTRXymAQbFy0x1k)r_q_K+j><$AMFW^f8
zx=ynhTvT4hmN5ijO6&inAAKcq09dy{Jywl3>s>RFa^#HAG=7BlFR-yck{91x5?ZYr
z^zpyd{K}c!tp^X9efxCr?AhY!pc<5u4PS4D{ESCK=+O}R-^~#E&(1E5@Q&V=#_lTX
zch;mhs|aiNd?klsjZM6kG~C4=SilSH&Y#cmM@T_~wb}Z%_cz1nL7yNs53y6D2gb(Z
zjR!X7x!xVS)SW^5=R^9@oRSr3-8-j@*@?mpZcHa;$!#Ia2U2q(9duw2ufQH@;&Ci0
z0N8Mi=BA!Nl1iI&HB_e}%w4mB^0Bz)t`!y{*cFJ%EqJcc-kn<7R!<vK`%9KB>;p)0
zW@=(q%uBQAl!-)}>}amez87~8J^&j1awq7PXLgP*3R{G4gmxD?z_g={l;zuPQ=_Z;
z5{)S!%?C?{m_y%I4I9SR4ThT!E;krVKgv%EQ)<PQCecIRxqCG0FD05h7Sp>gw2mZ8
zblO?Ud@-;_0`GA}Vy<NFs&M&pWGbiCE@B7rW|4Z3ZY$%Mw3Vbt{G{N*SZHA|XfPTw
z7z-He98`Kk!)bNHb|cdrXw5z;eEF6RA+;d8y1yMXh!K^B4V8omRnod<m3U76_t}Tv
zeVU*D`Rwe6r}KaN`|r*^Ea1a$&;NY>$^P-X^YgQ_AO80G>-Sf${?5-o{UDm{4gU4%
z><9Mh?}<dt&;R@{BMmwTv#Bd}euGCwo0p>Z&X#_J;2?_WG;#$+YMR<JEsjkER@|B_
zw{{dE<G-4_m$i->_2eK^tvw-+Ywed@YX%E{Z?&0Fw7u0f$}O!#W%(wEMUFaGL~eOq
z8yl&|rpJPpdELQHH+urIkSRFK+cG9To_;K?qn26{;oGtR`3`f~txN=NmqpuZ<1S_&
zGsbe$gt24gbJ|>iA1hWfF`R4VtlnSze&24{Rpp@~t~HVPo?f+~0CxguVh|3nl2r&&
zhAVRV#qT$#7?#zOKPt9v3R>x@t`G)={Af1IR((>Rwx2ei@=tf4cIQ71kUrb;qTn`!
z(*C>UqNyQCtf>^q=}wV5#%>hZF<PmCEEaFqKmBAk>-nzTxaW7?=iK|e@jh?8&&vN^
zo&WiKe}4zKQ6-z2T~%zwKStD?_j(BR-K2!uJ2O?WHCIp=3{bK+ROH2Q6@e9I<#T1>
z_KiyS?WHl%8dt6qgc8*(=OrDA*9~>aH~ozVLJr$Am1{+TFm#&1fF}XbV{VzrneYq$
z4%t4mTHt`>TT?Psd+`h=DiKgb#`E{WB08+{S8idaD0uxx5R=V%MhfGLz|rd{v12^z
z{idhvY7Ot=&C9WTjdYdgBG4Rcw);i%^HEXV@IeE{r)Gqb8@8L7kRoD3W30+hm~w(_
z&@^PP*28`u?P}EOIWQbIZ0E2IU|jSUE@$2i1s1iAAza>5u_12MlAG^_xndBx0ZT>q
z;Z&Kr`%<V4FJqvB6uet<Wk=tYg-7zZ{w~Fgypgs3=ha89BAIG>E?-Kf-pCs6zW3l@
z(~^hAL~0lVht}u3cn;gm%Xsx-H^f|#OF?91$G~OYC_~-{kOah)a30;I3Agm<<FM*?
z_#@}PDm>(!W?&P{`2fE_1V0pD%57;!sz-#@Y`te??Ot0}tszV_gu0egzhzPx)KEc+
zxE)}e)y&<nKaQOM4uo%hk;o<Q)yU7c7|HbiYW56^=>NkUwgtHux1Z|Ef5K#l`NTC{
zE$#oa;kUFfaWPa7h64NuQMuYXEobCzBNh6foaO1{hV4#fogFf6!aTVYCl2DSyD8l{
z1yaNb{C2X~J7C8Y*zmD?sH{KD-=T%DMA>WabZ@<Q=)vfPbT|}{Vd)Zm^uQ;;DxAqG
z=VE=7sE!iV=x`h*D!7gk)#!DUsK`;Gn%cgjM0J#?9!#QAENdV#SBjc_jOF`Zckd<}
zS>%cUWICkDTWW;Xb;Xxp#2n7t$mDk0#d&767O#|HD!qE74ng7y;PU-OOclXa>g!52
zWlFHZ1zPQCK~z&(YkWc0`gs#>fM++X&e2L09<D9K?w2xOkZZYh*gtxHjO7wK`?qGv
z3O17E4iq;~<OLS+ohGc0VQKshmMB;p_0N6{h%r9!L6B#-a^)Swf`5Ja(glR*XTQ3J
zVIyDQU5eFfo|7dHpr7hv|4gtugwS(v0A1W8`wrJo^P(|Kp)c|MC9Ad^&FxEWWZ1Xw
zP7P9PbvLi>=JWa76gGx(3S(Xzf5Z{sTGl4rr#Hfy3A8U(<M^~x>`ea_`b1||>T>}F
zZIYiJB*@Qzcm=5z0hc`#I2F0P8;kddSA~c<8qMx_0ShdIYTR|v4Ls)JmTbvr@X+ZS
z#t-MQp|-&pX3dyldP}AkD*IRlu+>e>#g*Q2UeFE9GjMIagLitfboOEhh)eSVS=Dx^
z$dW3Sw@p9mt&($y8i5yX=<V3l3Q5>%rL|Kj2rD;i%PLxQ8)Y!PpPR_inF#~l4hP{9
zBPWBXmh;NW-R=Zq<m9b*CuRMbD>yb!;Qo^fz}-0+6UFwBo!k>`m`q^Jk5C=k3I3Wt
zC|tB^#6>d4*PKN&zFO+%Fa%xH)ea&e_wZ(2X`qoleXE#qH6ZK(=8C&OZW{m}o4#|=
zKVKJmv;)kQ8wl?Hv8<<Y|Dg0l{V|$$P6yhumw#>&iD(@UXF7xh`V;?1ybhMe8wq<L
zVR2aCcGc?e?NR{6NUs^H#bT|cRdRH(H;PrL9|Gdz-T?&h;}(D&;K~TC?MfOu#Ux=u
zAyQWl63R5|+sl{aDLDg_JXj(t$_vb}rK2U*deCVrOL*aqRjpB)5)(oqk238akB8jD
z14!Ntfr!Y1cSF1G$0^5lLr8`nN7RHB_^o0iMwva{^zDQ3CLa<>FURiQ$2Dius147u
zH;hJ?q|e~kTm_D?#2FlT>)6Up;Af9?kUbJVQ|ucqnvYlnCB?L?m(=wucnC{Ie5{Sy
zfO<`C^cp|Vcw8#*V;4pWA(@I!u0B9TMLw8hps#+*T*jd{KgUD#eurq><XsHo<k_o>
zmj^}wuH4k2RRE3OJ$*T3o=Yi@kQN{<hfskA+x|{sfe`8%uOI#e+YYy+wf+6B?6qA#
z{0p|d89mbW+OAK(ZrkBF`lZ?)vCS%$WpZ0yRdO{5IJMV3w3Wa^CUeamxqF2`6k0|`
z%_(3uI*<#D%3=584Kky}MyfhE9(!Zbf2=JbN~nG-d>6{b!wYO_aIXQAg5p#ytR$+U
z@39Ca+-JNO0h*dKx1gRr-C6?7aa+=yLZ_I>!@h=+)|;8}mm%mMI4V)xKUF@4s9h(f
zxdEa!-KcF1oMbE9_gs;aZ|oSKn0wy5eIM?+P3i~yO-z^El>q?khh<?W*mAcJ&_{p6
zMQ$)g6Gz5@2crPfIva88(TY7M9|Up3L+0(83wr--Mq0|6dxzpqtVkt<^bg8O)>vQ{
zZtn#Fir)%YP`a&it&i<fup={UK_p3;{Xy>-<|!P+T|Fy1m~2vn*b5g60d{%i%dTyi
zNTUwv5gu3ay3*wgX50AE$UtQngs0h&uP<MQY|GY8c*a+)aCnX`C3Gch*>;J>Llw_`
z8~`(Sm@W;^$2GxmF}NeS3+Xu!-I!L)0C9sKZZ}0-4fS!XH-Wx~`iSTxwdMh6P35<2
zM%XPAgpYN;_94Q!Fn|;0D2BE5v#NnXFLz4S=Xfen*uAWFDyzp_%Uy3E-U(hnFC@u@
zrRSEG10D)YD@Zqh?h78AMi?`@N9C+9F<E{&<|~3S0nW@-&_-mNWDzQ$-aX7@4veMq
znNV`WDghY#72UGhL5`1`zaA&s7R!(!=^e(<g$}gzV4LJ-d}ks3AGjU&N}inuO#t@{
z@GwhinjPnRe8`?KnRBQ=j4j6sQ2W)yPF148%`fD!h!_ILtS<ou5;p|y8*PCXjMAKJ
zYALk-dZ;qB-YWW{Vt^+{i|dkQiK6q@udgq<4+38@IqVF6Cp0(y$dK&JmK!N=$eB$J
zT=RO<EEk#FdU=9##n<YIS)+5^>QMO~E(!-;(Wy#n8<x42!*If;%gHiSp~pVk?KH3}
zn5ui}Ec??C!qkdRg@rQgL(l3v16}No3YrY=)iI-RYcVOYH-BxP@JrY6Ri~DC5J#1u
zDC8Vtr<x`)L{EK7?nO}`lfQzhEiIP{PzHT|LvLA|6X(RfPV133oMGvPaiNX0ndo}N
zfifjq{!zEgr{~#hG@}wy%)OsO^XeWvUy#dIy_o4y_21yt>KE|C8&==RDpa}^M#Hy-
zTfD!>stFf-b1te0+W=fu<`K<@?b$Twx(f7YT$Op*3lHnMu);>8uybq3qmUAG)?SC5
zY>`;uLr%9xvVsPFGytL(Stc7X3S8O=DC|El#4Nja4Yb%;RK4|OP^~Z*79fyD`Y|{P
z2H!u{cvA(ya%g4X#y0ZKRS3Xj^HIZ1SS-l7qRRqHz+Q)nE_Q>ld@xQ^tdKNN1>K5Z
z72C>NXU=NsF+@x)B^Qh;7L2_aXCM%JG+I%v+v->5UM$RcZ4knx!<9D5pH~bgAisLj
zD<AN>$y-*DA6=N$kFY6!ylrbNzh~RBpfwwSxy5TDl!93fPfW?-C%>^#S;ONRmln4y
z=R>unhQ}7~_7geoK)T(P3=<b{vEpqZ8?mt>((DFBW3S@hdoN0tD{^vTYxOZILPw(A
zyT+J$>XrV(_IM_Dfh#H=;eTdGoD*4**K7+dyx*Kfri`RXVT%960HkAl>Vi-)sbDdQ
za54Rb;+kjKa4l<Ecn~Y#yRi!<FacJ(Hl|6gh~3{VFcw^6{3nKZPT&J9RLI8%ifjf@
zTAJz>rqwNy_Z|Qdayu!^Jt3h9cZO@+oi&sD2s3#2E?IrY7#=UzcAP?+#U0k5irEYT
z)odYA0b6gN_q62O(amFiuTtiFTTbx8-*au4S`ld}S5SxrjIuw&Hu>x@iVj36ikNxa
z@sf1<*_-cw{JENRSb^JQy$EviM<_)13|8XT7p64#9~R^*S(##Ew}{cI#_TK*Daged
zZL~=6*}uUVI}DWgH507jS+93v*6j{T;(^Q1jr!c3wQFp|eD9}258nYnA=S<Ky=Mdi
zL~=-qfK)ju@;NP}VC3q%7vX3JfboRD_%<ruxVk0GwJoZx`R>rl3Nr(?T{3X?_z55o
z;O<Zozk4wwe8Cp>FSs>q1b}K#(CanA@w%$5z|5fezSN&a^~XQyF6-z1ef}pCE)ReG
zXiQ)~_P)h~EkG37;OgxEXfZEw_|%Uk_X`wQ@L0sdU5T}RRt!LSYCBO*ztz&Zfb1A+
zOBAw3!U38HQ>Mr141(i6(rsC=8L6ctg%s;^z#6>}gni@+_AQQSpw6_hdqOKLikWUo
zKaU9e^IIY7-`eFIX{dd$mW19)ZVQ1!IU&s9&Ru@Tj%>NoQhP|xzP8NB4W~kL$+D2y
z4a-e=O)N8J-*ENai}2bvsu3EfA>l$R4s)Blqz8~IIACj!J%`q)8?%{P)*FgZKv;Fe
z)I}0zi#hPsu+VIKtr?*E114H6$QxO0X;ByqTqCxJ4PQ$}1k0FGwA#&}06cfanGBjY
z7DA!|N~i+}f+++Q7RD)AR`P}kk`;}rJtW>XBeP;OpJP4_*wajgTSyGDylG2wSTTQV
z%dOfnA>X|qbX7B`7^{bT$wu9J1dXm(1m=SPd_66{&d{u8EdPQRfw+kj4;*oZr*I~7
zx9D!0YdTi14)$t<TM}C%w?qq)H%#3MK^$D(CJG24+#_TmKEPN`b<<iy!+#>+nMnz6
zS!GIP{a`(NVnpl-;|Lmu@sG8o6JQLq;G=3L>hIdKJ={b*u$ZWM<y;#C0H<Mi8-Yu>
zJJ1n|7%#!<Hd)e~Lz=Z2Ny8{k&f5{48k2Q8*hMpON}8Gl`os)(J8hA}i!;qlUdudw
zYhN1n9&MAXF%4LOR*5%6sS>hvm4nUMVtC<(-X1PvmToAmB>5X`&>UVje>SfB*ee0d
z0Ix(y1OMg_uz|fa2SQPB>fE$XwvJI>qBT~~gsw5J8O(F?+m480#8g2`wb6nH;uxMO
z^TonU!s6zSFhkwjL#{}B{dP|xIvd;@=P3vtcsY3-3O0kC%GNP#3(>(qnW&bOiQoA4
zesEPF@+zoXz+j#7AlO|3MJrulzN#4X$#&nEKor|#%HC=U7h;El_|jV_o@SRolN&8k
zAHUvmb8T&lx0gIranQe7I`7yDgYP<D?NLvl>E7?R5{}Xi>4gZC3>xTrC%x9<$arX<
zT#+D3X#cABTGZyb`=jXHGh*-euk?d}fbEV4l5qQ1H^B4i5(6lWNfP4;?a7^l!QWn(
zGwwue9A5to-Q4Cxs@<LQH*R5qm#mF(teAcewmv3V*z2oqJobiH`MjhM0ktccn)xkH
zB<ZlPlkT5%`VffMK46Anz^uX9_#|AV6PU5&&e?f=jNZkf=h|yOj;`m`{Oo!ci-v2j
zIm~jxZGrH)ej}rTK3-FRZTeS-{~a##Xy(~17;glWk!nf(%T-S*W!V%q$J=3{)Ej8%
z41;VO*jM`D4$wIY!R<lCHX1x|k+!9yrOW)wy}o5!<V*l+Pi6ZJ4z>~HBH<OLke`(v
ze3O9Z!nJ}6k0sl<QFibis>uKt-<aAgcj+?h#N}t8x0u3mxlkyoC|a|XnNkTdV2&k%
zrU{Sx7$pW%4HF3(kzrUqPg)YDpL+s3*bWSw2w!28N|Gu`jHd4v#tft92jZ|ynS!rI
zW4`@sNwb?fTIC8VIMA9ex$fc&Whr0q5vQkhQk;*yxadoMUU$ivH#U0`VTvx{mCUkM
zr?&guV#j)@rAU!eaNf3PiPziDx(-nc03pSq0K(2mJiGR#$ARH#|4b5AaYBZB?@2)k
zkcD`?M_(y~u2zf@zSZgy6*bBE$`z%uuGmS9-J4*od43P&S-oX|Mo1_kkRn>&$u{B|
zQF`RcmM@?6gzjXjnpx{9_W0~f@7Oz56#C!$aa*+*>NnQ(gn9(lke7f8iPu?P$+9%2
z`0aVW-?oxIK%7}j*Te}k6~zHZj<Bkd6&{WKW~K?io>mo}dW>^OAJXBew!eY_PS2^U
z2a&QB&i=w`dQQGoII!+qaGur?Z99RquaDbW)TnST$k|0vZoKz;nr8}SXrf&8#-r2b
z7nQ^+;6U_Yn}5_>k9zA-Z|z?HmGxFnvN^DePAcje*}TpkxJA80Ly%+XBt}Zm7U*d~
z6!_g8-7N&>0&uamR`7TBtzTC(7*g+FZHXWkt!H+<ts_0T#h7CTFs9Ud`cxU;w*EcK
zSXn0;)``D-7UY_tiqY*Z$z|5KN@<ByH6PAdO?jc(Gw=QIDVs<#e6CG3f)gB0?`->T
zY4r)zOYUD?n~h)Y&xJkvQJt}xl${2TI1r(JAk^=|>3;RGq(bZRUr}C+N7eh6T^6m=
z1F~6E$EQBYuQpsH+LcGfP``RZg_g{3xolEKz{J2dHA)DWWWQvl96yrFXh}0(?@WD+
zR0SQRkeb$wYQ;y8J-`Y7fKFOB;}0z*hAPtbuPNy4d(VbL!@E~%p!o1p$>%TmJR^F$
z*Fo{U{cCas+|+Y;pib^DRuQ*<O)}8OD(3dD<6ii$u@{mm^xkJTj8*JSr8!d9cesLY
zs&t-Q=Qk}vfxx1kR`)lNY_~e_uZpEixLJ)>2J2s))$0l|VPP!*9{gv+svV{Y8sQ;D
zNR)bMDW0<mR+{lw#pU*C!bVyRv0#@IYKkSUtl`RIgEhtyDF#ZS^snR~Ix?|RSt3c&
zuV@ykT$WBVQsFG2l3D+nw!rX;R66Tl>6OnW5G8w6(jt}6`qu&HcUq;i{*_ueZBplZ
zRn|r-sZAmosk%0)vReN-Xt3jz*ZNm-CALWe)2-SzTA6JU%{pGiZ5)(uoMb{(w})xw
zUX`~=WWyEVQmel0QJuo`P5%yAms5hN?Uim$!z)xpZvWm$sj~hxQE{8v-)I%O{&gQ+
zZ}JRIty-6?+jVN&MXJ~(5{=Zl8?0)VNII?dovU(}tfVB@!b_w$wIpr-dMu6Nej$g(
z68WN_=oXl2!R|jl0F9F{I@cbR*3o03G#}c;n(5c1B*0AA(n$Nll@vU9Kt~CAd5$UK
z6v9u!0Dd<_(#zQA%8YRW*)DDkL`qy=lDy)#kSyIMe8|eAj!yGjxO{7`I^!M`Z&fi>
z%G5y1!R{N0VFQS7Hf*aVWmA<>rL~!gz1;)G8k1{eQ|mChGi@KhG(du$P4m3y!pRsH
zM~j`2;(V4PE1-u%Zo=b|n~CYSr>7X#;dz0yI^n}ormfaaHz8pd0au_7Sr_gzQB@sH
znnW;>rEG**!+8`1-Cp65)cv-()b7Q%Av}rBu(oMfSj5U^N*j6K^O>z!Ri(0l<!+ce
zwZ*rXt+JeCRTv)9UX&>%S6Frcyk;yZluon$Re`y<W)!i+rOBW3+;1~XoKK)?3KA09
z4xb&?hdWX5-<D;;36s#cejM9y{M_K0o8YxQC<JZt+4oxJQxCiLK?f?`!Td_zIeb)V
zaLCMG@q($Hsv%}Mh2$2QB8GSOVAqiW0<`YK599$-L;IkWzl>eC4NOV1?+>v|2z__!
zGf`4V?sbx+8&_KAFdL&kC!$@C-jIx@)0vi+W>H%N0}H~~!%MoV<d)SNHX7sL0V)~0
zHKU3%Rg*iqv*2{p6=DS=uSJ3$A=wT4Z__(4R?t%H8K7w)#ai)vjHrX%a7ZM*rF3u=
zA6oM75ceq+PVnOD(mdgK3y7Kc9m|QzHf&2#M+tHSXCOs52Dt+3w@C`RW|bysBW^M&
zZdp}BaLHQmpMqyJw!lGwfC0S*_b+5+gQ$mDz*_V-xIB$WqHRru183Zt*ES?CliO`0
zc)fc9vWGriWTl?u?3NWz6kpG2m2G&<GJTFbp(UR~2L%{>7u!4~S|x!KghN}q^J?Q+
zX;&h4lVk(J-@UqiADmPp3;<IzQHHH4yq#D*^jxekL^!le92yf7Io7+xV~A_LLN!Z>
z#IT_Uq?QZvBIX{|d;;Nj0Eqbo-Lm2ZRl}eV4>_$60X^5#a=(d<<H&R-_m#o)dTnu!
zox#Q-Ay=$mw}@*L7&s~%t#@Xk$B(Qu$CC$S6F!^|u^}d(mOUQlf$N}mp)p`bP^;^P
z?SdsB?6svOXtECF$=@B+0W2Bi#-c{Vx+G<xuyU_7$dVPSE6#2iq1BSt6$M~SoL4y2
zVkTW%00$i30I{j5wpF8S4v!JqP<Mz+T`uFOx2cBJfkv@vzHWHVo_I?lEKes|^NIvZ
z_0PDvUZVxtu-O~7Q=V7XNf~hz3Jba-t2Ncf7EsA(&DOHgf1asKmS!$N(l~ch5~2K>
z?$GS)L==TF@qob!r**4SEAs|`>5h}0xE65k9%LEBQz5$ZgvLSR4r>JeXT#bOC@#D`
z*5OM}h3X=0xifx7Xi;xuv)*8GacXe#mYS3`LhX47Rw6hGG3^L5=vwiLmYOS9JZ?V(
zLvu%(UAU|eEPlp|9SBt-H_=ttvuG4P&)K$=H7HN8Wc?5$6e>9uID8Qiw(aE(^Qo(g
zL!pfoXO;R5%xKC&i){FW)fk2@>jS#CLbgS~$~Ls3S<Nc0YMvp2a9pW33j_5dKoQpS
zyOGsHT5S5}IZ$f@!<r~0q{4|k29((62qTu{37=>yh<SfgVZ$B+GVB+C3!4fR=3_a;
zB%>6Vux^58gklsTYzP1>LNg2xmIVG4c|*sLnh5+AZS+2%RRr`aLU9jp?12Ekrh<I|
zlvlzscrc)^322YWiPDdgB>nIS(vOiGJtZ-ELdx?5J9t{E^TaggDJi}a+M1TQJTYnc
zQQDdo`IV4FnUFx49KUjC?8*eFtjB=KdK8GPsqk3IgdYVO>k(kF9s?3<IviF9>?%S%
z847D3=qe_2L}0LnK(1m#5rV)P1-OdtgdqIY2)I>B=VQ=Uy^w>Lk`af!+5@$Ui4zgX
zs}Tt)CT|7cu13JDVti!;>M9M$Dnfi8<|+-uD#l$roTDiKR<S8VijM(a^%%faj{sUV
z5wOaW`=fej9IWbIlQs@iwGTs;#9U(_Ra4L~(gCU*e!wIh>EXbs4vq>s>RCrU>!@d?
zwlxv%>2aW*Ccr#RMru!ocuG&~NrHFk0yia4jX*mMfHox%4Z%7M0yZVk9D#ItR1m`d
z(sqSJK&D3mV|pYYrima-sr(`tfT@L7O3^dZz?ZtvN=Z`NFAThtE(N6mE*+Y5m<%p6
z9av^EsLW>#D06Qxna2QC`fLG}CgI+t0x2EW_^)e?KNMKfB%mY<fs`WHB!MJ(@J9(W
z;{ZwH&_@a6hryA?VUH3>ezvS3wKQT97}5biNO5!UbP%NUgMT{s(Ny3gHw+1jBo2C%
zn#G<BYcU1J$b%<JpiH6=MtjgiNmTC#Uo;iEXaa0eI%LtbVI*Ltn+jJn8RKFqOi?OC
zQ3rM?xx=IIMEj6K$uu7ZnrQOCPJ<*$h9jDY*+pVdL>>l5`m!8{A?m*?ndS%t(J-t~
zGSwmYp+QKYWQzBK9-0U{bO7YgH29q<P(!IOLz5te4uD)q>Dwe&p+hyFNwYH*O2~i&
zB{U-uMra=(D5Z;02%$bWP?{+@1RpdA43t227&_=);?zS+(}xFBO#=a%3;@)D_erxx
z{=(otiJR|0(4PYUf8q+wWU!w&s^3JQp9BZW<AD4;JiyO%a337h2-zvXKBKTbk#`J(
z`a~dmqMNb{=#v1~6QS4x^GSp1NpQOu8&EP#PlRMYODGwlCpw@A;4=lDC)#^H61Ox8
z%@f=H0NgVTmM1#xH7`D2NS?=o<2g9!X3|L%hu}E?ekZPGO@iLBz&bHDb|2WCNrN`=
zyiSAKN#HH_hS_<rEKk_L>3N=I#WH<{J?}+*3#LT_&Hq2QG)kJ)4J`~=%#%!a;kVO*
zAU+%VpnU3c&!*Hu0!+6B(m;M6o0&t@-p*`(k8w)gfm^YR@mr>*L+c^mFj6WApKvgC
zdt`h{$x&A5SgPA&+Trpj%z@KCn)nZl|4k!lnyICtg4HHE(1$VDP>~l}+={7~hv7b)
zjLtYhd8o8tjiFdO#eXs>_z>R7Z<)|rYC-<SOgwMw7?lwJrD`g2TIJ+#ZqHdK!%o!n
zqqXWL86LI9-lpw-E9PazR{SI4r>N&-ZWRGC$J5Qku*Cb{GLZ%OEqT$XT6#f5XyI%W
zJItl%S_$LkWU3D*>?76m7Ma{W+3w~Uyw-XAKAc48UX--52}VnK>kK7xL;!ICLXB`O
zh}z;H=cL0QP4j`0b;YrqH~^P8z~=@|TCF0R%u%i4F31NlxVMvlN=#t6T$y#|&?{jT
zyl`9a9W3NaaaGB6#Z;890el-s-yqfCKJYo4s%Zt_P>TO#j+!(@nmd4#d09}w76a}4
zit<7q*3gOsBZA*Xtv#>cdHt&WhHG9L+g_w*)s_odV5Wg?;v1PWY@E?Vp7+Kmu8;N_
z0uAMYs|~IqH;(QUk4CMnnhIF0d)k+PiC`>u3F$=0T#t2xV%tq`t@Kxe-WHnA;~Gfm
zc(-TW@$5|Yq~X+5yVGr3W-y_8(-@)ozM?__)C=6MwOL^jm-?;6^fSY@Vta|N2>V!4
zl(;DfWcobWYI)2>7tVdjG^4TpFPWG9HMsZ7+iZcS-eTl*{J|PRPyZfy+y5dTPR4o3
zhm)V-bvW*i@~XY9{m5^5<dN&I)ek2_`L2*o!s;2}(a_kAeb4YQbW(6BKs^>(NrE0(
zNhw0plcPQea^bT@Q<}-h&3dyWVY0)Hw_(4<jx^#%$UEU=7tnrXHFVO(4j5k^hV5p=
zT`LqC`z&CCP)vkgi?}z%;~-?-RU2Roz-t4ZSygIrV_8I_t)+JqIL^|M>Sn#}Tz&T<
zX8(fDTJSWmAsYez76eu=5>zRfaT<??gSoPk4<>Kp*e}Wr^|FYa2@C8_aqC|&Qr+6K
z7GY`fzK*MPMMYE4ka)Sb%O626O$tJt7Jxb_`1G?4JiS-YX+-H%q^@XoqdI2ws4i!z
z7(4fOFO2<AZ(<HXm$;FSD(6w<d`OkE&1)%TrPm*1)^DSs1xrQ>TCHt<jAyKLM~+F@
zGpY!)oH(`?e3`-_>Y=D@7uP=<S<{&bC#>R33tf~rPy5?dA2RwJ0`q+8hULl(;^k_H
zrY~DfrcDbi)tfiKc@7;W87;B~qX+T5Q^(fJVnPT@t}tJU<+G7qX!#>T)le{yCkB^6
z$hKAOoOYzd=;7s1RLsh<u1wnt4BMfFmgt}nDbDfQ1im0pW6M^95@^gL;^fmb2^6KT
z*b190YU(`_Av#gi)UQm{!IMQzD@?{`D_PWRg~<rfiK6C1q&+^2sA)&{C?x(0g+!0<
zcJgx#UrRj~%*JX&&Z=Suu{S6&J;(x+0@uzI&t?0N^(kjf1>s6B>@T|2t=}unI_%=S
z{JyqCJnJSnXp)SsIl8tW9?Z3^7hrOV7L)6mYEkGkJg!MT&CX~I2D!A2v7X<kx6LH#
zYnijD(bxy0d>gBoI3?YqpsK#A<dVJTDfkt=u6CYwup9dG9pJbwlQPeUiKsIploIy4
zlGT>h&xt-^=K6&R&rFI~);&WTv2N1AgVQC^8KKlF-fmp9!fA+Uc~OhGT7X1zA_gnN
z0s2{t-<Byw*V6~hJZDF0(`>1jSB&ORPr>|}G;Unv0J1OEy`7}z#T(0%;hNO-icuA+
z12oced<-Mv5hWih-n9iJlDbXx{Z&09TbgaSFy{!G2lNn{h)58-)(Jwd82}Kcp@D!<
zZ`b6h+8fT)YTUdw+NdHY9fo{js(Khxw0{yN5gtE5>>2UkQyvRZI*=^fJarv~kDvFu
zGI9Ipb$Hv_jP%hHCcQ|cJz)q^Gj!%@F&`+fCPk$rr#-~tlZ>P^7?e3Nv@b@gC!9t4
z=_f!8ha=mFGB8m@^N$I7o*Dtx5Ht~heWXtviJSQE*ks61;P9}Hmtb(%*8qn{!0L7h
z>ma(G_hXVLO#SQqfaac(krwoX@Vs*6MPc})TN93lo10)F+n@7cs)h|~Rd8F@aYj5z
ziN8nO^Fw9Ur=A1-6eXBY?oXuMnZxsxz-7IeymV<Hfe4}ml5<xx*Zyl{EbB2G&5}qU
z?g~QUMuGAO4TLH;V$14I7TXML`w2v;>LDWzZ*!N#kig_{AX>M+|8ZbArj&@q&0)L0
zfY+=TMH8L((Y+?+u(b`bw%`rbFM<%N|HPaLsvC|c{W2xhu$ybOAnzeiKo$nK8RBVX
zPIx%9IIv(WS0)v~tL^Yc*6cZX!|u#JVTrMG1kGk`0@td6jjuPDYPNof%ni$K5-g$w
z@<q_>>)N6@(~9!KFA!Di9=4ouO{+CKRG=Vz?h~PAxKhf5CCd{=K8bo9h=&xJNs;m5
zmnb)oaIhwdjOB)^De@lN-#_QA<qdxv6Uu*%%#7d-fgfvGSU=JJU~~rHa@EiAEM<PG
zd<y#=9W~f>NWVv7C|$mH^g!6CYnp9LY9jsuJ9~J!))Y&rLLEwk@&^-7#mj<`Ke?>*
z8C$JbR{uMS(rteF*c7<T@ITp4|2{MTM?kp0sWI6E-#WJFy46kL*3KcuO!ttA9uR2r
zg1idC&!g&&l@DoAbciS;S$Y$j2sutGM&8J4JvB|iX5<PIn%ZxG`M!~_KC-N-M@72m
z+7E!=bdiQzup8`O2kfR@q87$xe4|M-o+IOS!**=~r-9hPq6(uV-Quw*C5SKbKTYnI
z+%CDm#u+P%Y~MOc)FKjy92y7BI&_d@xI3MZew&E16U%Ee2xmixIvzaEtA94MSdf<<
zS{r^fO4mHxftS#a-SHyNXobFgQ!QIb6EC8<&nQJL(pc8ht^`w{u%uPZv!<Yxtx~!>
zcplnidaaMxd{htUGSB`~{X?o`6_*Hw8nP|-Hp&@Rt+8uXt}Neio7#iB3lQ}~U(p|(
zpL?9#?brqR%g$zG2V-OXFb~s4vu(^2wM<|oD@Zdu%OwdF&t|tgtIrqY|6!GcWhdC0
z*1QcavOcTYl&YtSJSAuF*myg)Tb859d2W+kF|l=QfmlBP7xlmXKDdZNE@5bL(#rYH
zmThQ946Td3rC^TIAkQ3tcEX+L!6tdtmt!o`;VAy6UVoHSYz=!1ch7-4EI~#ZG9cEn
zl!aXHuFHziT&pN`1svdDfeGmm1q30!%uqa7fEsC{SF&m&?-1`9-Wim3N|`G{x6(*P
z7&2~KeTduxv5(gg{Kig)zVV-MVOg~#E2ySmS`RH<kSm!77N-*iks0;y1u?*{5he^Y
zXPCJX_6Uk*yJQvkfAvtI63eSD4oN%Dx!h7d>e@;%XiWi$d>nYlhX965@ZLWT802Ia
zNDJ{8r8^A(GTnBW1p4?maF0`f9w!(|(!m`c3)XQ0prZjKOdxtNl;eb<ONDQI4B*Ce
z$i`%Jv?Q>`7KAZ@VggKK4}LLaAB+Mt9tyme47oVnFP$*>$(1)E(29wmiiu{pl-4Ig
zC{7Q=OdRLO08D%wsKn_Yi7~*Q$?%A2A$1P{jF_;(5^k9egV;{b-`FlqM?ZPpdBzGa
zwGkoP6B{fXcvuG&b&xv&#2i&%6zes2a+SSJ;sO?ig&7Z9^Q?qjNO{wgc1|I(O}~+g
zOm2<LjqL^1E(DKv!*+92{P6yES}}IKqZYIs4~pJc=1s2JBKA{;Vw9{6^Y?p+;|66w
zjc~P+)sp8qXhYZl!pHMJp#Exa;`NT{=r)V~9q4);C+eXA^pzx&GY{!%#_NfR^w89C
zLxmWdU^jxsaI+v6L^K5?e}rqEf`);18QAK^pt;tJq3%w6Hy1U~@p>@gKsUWRgqPw<
z=3R|=eBMW)*2tOtuyl5*^U=J5$kCo~(8LeI4yV!soWiO;Uf;00Bp!A88gK4Z@yOY_
zVlXziy<oeAa@CfMG=kkSJ?%MH#_O0HPs5LT<$fy^t+`rpJ;49#rF<i6>o@puT<Au~
zNWXqgsde>QtL|+HT32Hhpf^BKA2&0tx~2rXtlZObB@BRQ;n+4iww?U3ZQDDxZQC|G
z$&PK?wrzEcQ>Uip4W{aQhIP3x=MlGP?_Y9tv7M#ib=S?lY`yzD>TEjRn_7rn@lZBP
z9P6JrAP5V^g&l?pv?%N*HDsGTOap64A;BG(F^@U0nI3+SCPxu=6?$`j$sx(K7b>&W
zkCx0bPzQZ3!=4Z*AaRT%PT_o8hF~OU@NzKKk7K9|`Mh5AY>3Z!i=t<s01|zl8^OMK
zWtBdUvA)3peayf9(gI0}p?XPlhriXoBn9Jo$c+~|mh1&How4jCU_6C@Z9v=*OH3U^
zddftgwt>fc%&%3!$g&w}Ske78LZ_p`ZGU5D8JA^GPar+^&UzEm+1%(9oXi4+%M=Ah
zB^N)xk9+UAtG>rWOlwSutKAxJPq>C^Lx^Vl6ZjMy<M3_#Z85^YB!i9r)#X?k=9Jd$
zKBg0q3qD*Z6aJY|w?U#TNN*W~9t8paEc!}1pFfn%=U*q;SXr%dtu?LtD2vbE$Cwbi
zU){D4^br-0zB8+GaJ@;^)P<jubSK}wi~C&?`%pPz%V5g<9m11Cqzda#9x_c<j~53t
zp4)+dlJSTX#=bX4us?(q^Ehf3od3Ag0ypeqlGVM@P-}T4VQ++Lw{Z)0xrJUBFe<b{
z*s3=1lj_-!uy4afj4GWjqz@i4AUl{XyY{2tMMT6;y<BJM6>-kqJt9HOOJG|w)2k<N
zBwQ(2ND<W%-QOV}3AfWRyE8ZFsjjHC8xg}c&y}F3_pkxu;8SV^90G;l=RAO%s#|t`
z4txmv*beTZyuH`=5;hCBW6H#0(T?$fA>aM^ACuEKk;<~uA3^fGha2rb0{8hjqC5|Y
zqX8k0T3vF`nrB3_o4fg<W`X8tM*x~JzGlZWuW)PyA?0rSz@X_!BM(PfDCK(zC?MjP
zTf~Lj6k@aTbow;Dg}01i&B}2v-)Hjl#F9(TB&0oArkEi+i}C~sNB6E}nb2G$Sg8;3
z9{Qio=)8*lIHF{q=)9a1&@x8g;SYamX9Q15*!0GT^$290hi2oxwvHHjVU%0J)9iU%
zH<<@Q1Y!EF<!@d8*)`W;)Xxx*fxBW`*`id#=XhAm8FJ~Xb=cKRr{T;@;fFS?Cck8v
z4#aSS(7a>@MyK3Y?QVCVhL{<@27L~>?A8`v+;|f|;3DFI4b>O-w(ws9KDQ}1o>JF<
z^oJ%+YoHKNv%k2l;1sgUJZuZ5wJ@k{Tr@|ku3mOWex$6Q0&5dc9b7B<DziLTB>BP*
z!6UZ=@uOPA08)o@29DE=sdpPP^<T4R_engRq>IPK@~ItLV48LgxN^XVb2p1+q?qVb
zzC2QOO0yGB)9inQZ4$0rk%W<<Wr7NiA>6K62@d$fv^-{c2|2~gmzNg$XYLH&3@pz7
z{CxU2&~}))1B_eeQMv*JDjlO_gc=&n72*&^)8Li%dC)oLEDvP=GPJ56gS3>bwKyJ%
z1dYEkKn_~A4xrfh4)i5B5by)3rYO6NTmF%%^L`gM{+&q1QZw@|c`mU9E3?=?kwVo8
z!!Zxlk;Uy^j9EDrS@~cf8Hx8M?4eH0wQ@Iwy~97McSrI4vt})%%@RRsYR8)R<eTMn
zNBBk3-XLJAkJ73YBHPo}tk5YA&8e~yY`-zlJ_u7%rTOPp%*Kt~ExBg_^<54=br)U~
zZz#&Aaf_5eA%FTFD2U6=cn1VEZeGfs@*a0~IrrafQY^z=dR=L~oq%irEMG4<)kU0s
zYVlHM$VDxwTJ*4Xxc0z^Fd(@-4=PVuXnav{(7~l-TdX)M3EFI2?h#OXFt{8&u?Wpm
z0SGcVLD7ik_xa!t?Cahc3Kc4F-sW*Sjm4#D)475^5ay-0Z<u^-K!#6vm-|v?#qy1A
zA|B*-d79th-tZ57fiPX>EAgo+#*f7Ho>drzF?Qo^eT`05g~B3tHH~g2%|P_}!*L`Z
ze<`0pi(%v~ph>jg`{P6t)!YllmvV9MVF2WBi-y<d-HCO-0$QXkv)|=)s@Ra<e8oNF
z`a&O{!_CL>)c?<{d-><rNXKoDMb@v$&vh;Y2m~*N{9NYc`YBV`fK^wDy1fZ-hCDub
zrcf{M-?jaX7yQ=TR)YuHI$}G9r@Vhx8s_KCTd{|$gx#5G`5g>A(g?#0kjL@9?LSX~
znOE)4e*K8iSWWgLlW(xg3(3Rbz0X%P-QYc=O%oF?uf8G?T1EOlIvm%g6SPP|Km`q`
ztLgMx`l^D14tc9|?-4i&On*TkXKfZZ$hg~cp<@s3d^h%RH>TG)m~NcPZ1r{?dFJt|
z<Sj^&y0`_G>&oFTz|%7#zVu)eJqJs6!xsPcp65nOd7>tN$8<`!`3i%DhvKbSS%hb8
z#~FcUwl`R1hoV0^7@_~~%gNT+G3gv4yd{P%2c$h`3vu)DUW3fQfcH>K=<5B~+)xfP
zD`VquduM1vM|dbWNO73N1xe?q_5z-9+(#sbaYSKggS;#aJZJspSjV6vgsCHuVif4r
z^>y7_A|KBBj-3D$jBxYrx|<nS*Um378Y04UH1?_oT)tvGv!yho;@<2PU`No+CPIs#
z$9OWO@}*6|$ZPu$Ee0W2JF>HGd?HpOtEn-ui$qrRJgpqf7+rDTeYOizzrKpMKXLf%
zP=far`377q*j&{{9CNa~Ci^gZr9BbxSmUgWVRM9#NbYR-vRdxg(q{~~O=7He2d7|;
zuK(AZ9o~&!$aMzdc<`jw8K5duUqn+|<MDR`0s4%<%kEhuoO<KZK~9>$`Zl<Qrx<&w
zRWafiYv8KZvPXJx>N&2QWfeTKj#9_Y(VYui9cusq$`eD1un{^{BL_j+`NJ1unzhQ+
zq=Hs^k%NAzwD%v8bxM}f$#%A#5-1+|HfD5Wb5H^P-+jK9@X1h7+=-N17@!%MT%=~d
zl5r!a;Va(9Xvi)nX}m11extV@?`bffE}xJ0J##|AtB(jAm**R2N-QcJ#5#w+BVDt>
zvj&FM>EIfrro13~n~u3Yhi$mwj(Rr$HmbvdPKUZ?Y)3;=;0~ZO#Bg9AM>zMPGV{3a
zXT?cOKj^O8N#Xfl?WS9+y+zE2J}(c6h3DB{(zMin?*mH~o$r^XS?QZFk*nET88m)>
z)($rtV4mNZC~Jft7?>>8uSM{#IbI;1g(&U4C<bVS?XAM_TIh7D$NO^qJRWX|92gDy
z{v+ZExi@KTV^|E|bH3yFhQ%}N?1^f+S!Dz1o_G;;>9i|ZxiOJkmvjW#{?n;QW?ji2
z1{JX4dwSq1tBSxW{VbjAjWA%WD%RM)l;P$(0f?+kbGzQsKZ!3;^t_<NywslTF^O6>
zS`_-ZuWwQHK$UqcZc?{dy<xFxb)$ifn`7w+-~Fozsm?L?qcVOi@yfsO%=c_oQ4y@?
z8z67s?1s){6cc9C#m%>@@yW}tPW?yAQx{usOdwq)EKkPW7KtI@+M0BaCVWT#@>XPH
zgGE(U2JBX*CxN)fJp%u(t+z{Ew|84ZLQyO~Bx!ddd|UZB9ZXR>@wMAm!2ou}2tsei
zM?SOMD$80%)q1pD%y<=nwn$4?5AG2zZZN621O27p=X)YH*H@3`JE2nZ(oC4K&3u5(
zz$QzqMoay`TATGrD3Q|eJ$Sr?K6?LiA+vboSdY};zpj69DmuBH?(Y9s2um|3?6fBs
zUQx=8QbPC7lF`rx;&2z?#&_}D64uQx{T5IKf{_4zi1hPQm`R!8ENr-B=Xqz7I~e30
z+Z$~*NY@M^QX<TP{1Y2D=xIw9Y?ffPsgA|gZ3SvcDHc@l&UO?<S$hs1hKYwV8nq<*
z<G$V^vu2PCla<7fB~Ts<%-MwH(s|G<(5i#eQYw|W(({z#yNC6PTK5@MEXo{o+UC<Z
zJP+yn=hPZ&qk1=6O#T{BiplKghozNM85c)p1wx7XKXc(pQyJ+4KHO(Knp^`x&SkSa
z`NJ02x*sVR$18@l@=db=MZ)mT`C4G_+i_M(gGgpaiv`)yRvqNh^G+VGVff$tUeY$v
ztVoW9i3Kx+kvhKGVEqVuhp;rSiBzmcpI2+F1;lEe$lB@OnmdEoZ~Pn9*2i%e^av^s
z@e8@<dAvgjdz#$<Vf$29hzp88AzU}E;{ry!M?Ol<{Hh;NE?8m6F(Qn1@|_XqBW-t#
zRBne`9vQ93A0>J>97NeTfK=qAuc%;ax(ff56y>dwZO@HhV1*B>eX%QU>Br^K;aMWx
z9q%cZ9t0?RXP4F<qJegx`^(^MEteXbN~2wLc1F_UVEyqwun+<=&BP=?psx71Y<Q6P
zyGslWs(w(t9&}Vsd2lTU&3>&}Ou!&%f-0YANU3AOg6<@I=P_iRhmHWZq1FXT5Rwtj
z?MxhH44=Z`Mw5Fo+xHfFeQ`chpoPTAACS#ESh<%0<)ZWaN7*m>Rst^1p|(55J2wsF
zPr-*x!RmiIAr>58jx$xd`3;eSMtY739(qK*nU987CZv@1CW}$K0w!~!(Er(+a{Df~
z7*#l7;ynH7VD5&oyy8I$OQCFp*=Jw+uqdeC5e<hiOz9t$u~qQ}Zv*G^kFh%{%HcLW
z0i>nV)i``#cG|G`4NM}wUv5gT=l3z2Nd^Mwn(OjuRqiq2iI*r3$Ycg=w9Af2^EauU
zuX~$ZgbjT5RFWr(jkK3(i8Z-V;*SF_0mTd}ho=dJ-MAb#unPSt9(9Zcz5Xrhr+pja
zU0w`laV9PX5elOa%nf3m)fh0fto!3+;HTx@B@y?)IDFDQTK2OL!s$-tvYMeyS#fy;
z)E0BnXt1%)TAZBs^l~b}K8yuCh5z*9#xa!L5UB;8S%m!a#d%JeVJDD2O?L#A2yd=t
zUs-NYu>cGtP>A(k8jXuKO_#M48Wzkjig+Vcki8!+xZCT(&~bia!7E`A;V*=`h;cRV
zn_m7y2+$PFo6Gpq9AHz`sL)UmcqF(1?+x<e07UUvgoN8ORJu(AWE_r7gA|2qYRY3*
zDFMHWp6uT9e>+MxdxFKZbXV%^87K*A1F;c`G!8sVzEdL>Lx_j0<(S$?=|mmlW0E}<
zi=jSUV5RS~+{U>HJgK*UGH99_?9Qu@Kij(B2Ya{6f-yY3eg>yEZvg`FN43g~w!|h0
zfYhe^cIomCEz=~e=&9G;CkcP3i@T=f&y?929|Vi+SdVss#m5sBk={<>yZC66@~ZL%
zULj6w;CcE=jdjByD^2L%qUTn#!_M*z`FT3$RAm2uj|2P!z3v-Ea6J<}cHkq9;NQtz
z57;kTCXNR-I_28Q*E{^${eE%8emK)QlW2uLk`W-n)FKD!G(Kzh_f`rzcSVd-o0ksh
z-R=lf*GOg@q*>W$ger;Ch0+5>x5k(Zn|$q&^0d_q^C943ejm>lst|NvM88J?DB7qp
z&gl<!zoW#)rS}mQb6CfMj0OSV2MOjtlxv*5Du;6vB%#HNtKV+_&+;(8O95D&68u?(
zNXPc9-;d8drg2#V;YSv(ae7YDB`9ckZFD#kPkJ4D%!lrKVoqr|-QL}0C<4*C-Czq2
zfHBEcDk=!BNy$&;-*by$q4WD#jIZ#dw2#hY`3)1GDYtE6Iq2@NM6-=@!-qwzX!Ir(
zuMh0)t#l|9Y_T{h6HT2+;MVZ4v(Py-Akh_hHTL8<%#@8&s-uP+YY&k(Ijq56%Um3{
zXe-#;vla}#qc|)P$E?q5ICW^N4p-f=Oq0q;@Xz`oC!=niZ<x(rRG(B-Q$|}MQGZ0l
zGAyi}n9uNLNN_{TTlp*&E}FbTzLCpOIrLEDOHNVqv;Q<&jAX0vfn<2`-GN_dCyNRV
zj?)a@8Lh5oXLjOS-kn;x+0!%8mDw7AxvM*(#*YOX9oia>;xMhsQ!>!u@)^7$K&e1X
zm1ubwz)rvtG}rD}>yPF7#cJ-P12SLQ10Hvdy!24;dqhLPK4qfcJQ;4CBzNXRwlkk$
zZ7}ipZo7L{?#6wukhvEjIV7c0t~2S_Q0{~Gz6)+0xS~b3%A95QqJnj|$sd94PKt)O
z9ONzst*U~hUOWZvJ)81SRxSo~?ZmZknxoTVS&Eo)i9?#01GkKdHkAT~IPmGs9Vk7%
zAln#+5ILUFNBP%3oiN_rBC0&OQL7G1A!-)US$qP9E@L4%|0M(dLnvoq2E2ggJkJlT
zT8?OkuEDtDi1lDxBlhtc%kGt^X-#4%Hjz^+%o?<Z^5P4*(pYN%Ek|el;KAv*Y^SO~
z3Y!qan|U1YX`R7KvK!!VU_Z5*WadU<u4I!nztYvCbH6E4OYH+aCHQ}(PhmY(y$e~l
z?X{ckTlKbVuPNMF%8UPlpAxC#k{W~1Xit$h_cdq@L`xN#xok*Xdnt}qvjwUrPJ(ZU
zpI7-rT>Qbp+v(IBElCRT6M2xFJ7<^!+JZCQVo|n~PHLeKsMn@Wd!j@N8}2q2MMEws
zS7-rUM9a&eWGbI=U3;nGS`vA>tkWSibFL;Nev2Yl-X{NEv+Qdfb|Zqf28@Ir5@(z*
ziBBo$iTq>aM{IbwaKM4(@q=XJ82zW{u=x^zt@yCqSnPkOtNbyS7>gBlNoJ_kN|e69
zA+2O==O+u|p5ZP=><V56r)loeh%WARf?Zk<0Z@Y9>#h)of@y0t0f2|5?<{OQR(rG(
z{1M+FHB&}DCJ&EZF?b<vgkC*3@Kk+-VX{^|yJo9Y+H^o2=g@J3=H%o8&-L1(9}v0W
zycICD4FgMrzMldSfoInOAcA0m39h=Vj?xXspi|NBghIeto)wwcG2RUm0v}_l7rq*5
zrB-+E;LBcYiu)>L1LMaC!UKnF_IO`py$8Y(Y+IIVZ0Axi_0U2LY7^h%E5~Wv162_j
z%!R8YD>fJYzFaw0=@+ZY7nCX`U|JJ-eT{-CgaKVuzp<Ef6(SDp1aGENhE0=W*>hU+
z#1&iHm=6!KMa+_+AuPo)GJ^yPT4~5(JmY4C=fJfmBejv4P}~bQ(KWKOI#i|x0ir=>
z+KaJ}PHmf0gf+0IC(l8PnsoW)+x$qd)=7tL7y|xfV|Ea-Hs^=Ymd3RJ7{Fi^kkpyu
zYWO5?TOj8A_9a`*XOBJ;Wm^Ar6S~Kx+_^_fXZ<Kt?d`>yu)ZGXWJXlfWd&socDO?8
zg@ulZ+Kr?tdH>&V98Qv;FD{vtPuuNKR@1QiP6XissX6v&SVC`Lk_d-1#6>hNteNU|
zM7|62h*#>qz%zLa`I&9>=X?rN^14_u#9|UF+W1e^PQ-4JmpNb5XYFvP@cqpe^DGRK
z@$k2J%ye~I_5*qO^-9%|03W|Ty#mX9i8@ZUH^(oTF=@(xv-ZuuKbu;A@rJ8bF-~|D
z+gf{4wv*R;-_SDq?->*pG@;?dfz-z+333sHQYMXZW;E0)_YBbYAT^j1YQS+^|BmrV
z$}o$}t~Oh`>YeGNg#?fDY~Il+i#BYGCF`o_sLpl%;^`9!#`Ni3gB@wB9djdrf6=bo
z^)03KD2E-a2ilbO6AVDL?lH5@%(N%nTC+vx1**eayFn8QEpjuklq-Rh?Y99m*jA{(
z0S)n40=llv9)xi~7ne8dT@y2Ve9!;omH4k0VN^nlH)Ayq(zi>0l`OFd^m*d<;vbdx
zC?1+`)btMwR9?8<O}l{-+4a8<bb^MiGN~x-(*}>j7!p1nTuw!REftOC&7|$jQFruv
zCO(i@pO7EnPiKQ2su-s!=UrPW5Uc+0pU7=cDIjQH3k#;F?s}BX{*;w_h)y#8EabSn
zLH^A|)I*2^Zrldg0tR9b3af>8Hv@^S>eyEd<8o-vX8K$TrWc~gV2L7;G!*E*V1q+*
zEV`@2h{D8k6U)2UHO1EkU{fkhCph0~-%LXZw_Yl6icFsd3Tuw8OA|<@#6<Efk^0k5
zuTxn+kdtmcz!umGEst5g!I1MBc=4I!ki%e=YH+NQ=@YCr6YqrB-BkGv5+5vn;`8An
zN7?R9wvio7T(Vr1Q3Yx~^bB&cM=ag}_S%cil_n~-w-p<VebKc5rqv~F844@*sogqf
zL32eweK3s7h5wMQVY9Wf%fHKKX30ct-^@EjSi~7W<rHv5?SB``ak@U`o+WI5AZ_`u
zj-bbq2*bMe+cf&;>Oi*<6RIZm4o@Eb*(L=kr73tNabS?ZR#0Nj_5^5<O9b(*QB>l#
z&EMp$aPCFLtCscOTkJ_D(b0+^5U&Ve=4CGmF$OEDzHfcCVhuv4GV%-p9xqSPCI+ih
z6&EUFgUetwdL@*!8Vyj|K=yT?@5Y^&mG^8CwA;Zb@K&7w@H6%)zq)EDnM-;k)-EJt
zPIv^5s(P^0DmYnn3(g~nOr(VvNCYg!1V1wHsKzE~x=SB1tr<Jv0+ZCaG~_x(l))PM
z`N|2NI`BdK`N2Zs_&lbp@6R4il!OV=feig(j6Ln~G1amsHc#cw^t~kO?;_DH32iI4
zN`3^9zXd&a0r5wzkKF~YbwV_n;<N_{WqOPgRVva8q$l?#6M9LlSCg|qmYq!8P=2AV
zAWDv|jo)v$J5WnkMMW-VLvkDWFB6;fZ#+Yy-B)BG9KrkUa!3P+^>-k-;hq7RcCXgu
z1R3}o<L(7wom1ZN4#>()h1`I62`~>C_yF=LyQai7H!9jHA}4`i(?#~_4ubGBXgY{z
zj23$cuv$T(|96T5D%3`UaT_p7huW|b_orUoAt7mxDEr%GOv7B*&6j?x=?<*gYu}H<
zB0Jhw1itCUzSoZ*i)LTZnhxWtcEHd5O+rFR_P-JcE)d-rt$b)HHX|7?j7V&UAE&3A
zE4IN3+shvgsl_CxwZL@v*oIdcqWS}4n4li7#PTdE$=5N#te_mOU%q$MK==DIqM10=
zEND_<k!yToy|xIe&j*RqHj1fothh5twOCm6PQ1VMZe%XQiX$apezog@de5O@4Xt|2
zCD~C6f#w;AbfvBHH6YoDF3xbPBG7`sGKgOAZpXyaFyd=)O(j^!GpzJ*lll&9rD>`e
z1;;RlaIUIm-Sah(OT$m#T`-LBVPdF&)GbO40z8UQJy8}|*JKliwo};!e@?P4nPX@X
ze0y@RP@I2yijJiKfuGs#^In7%Ojzm_kFpzpaiq}%oeC+=?nfZpItD6jQKBJ-iGfDK
zJ?;H`A9dAWooplSB)ma3iK7^W{#r^n$AcIY(*~a-bQSDs4VB(hX2Cj+dKK#l2b!%e
zq5?y#7ZWoQU4vyfsE$pGMh1}9Z82CunYp!ZF9k!+NDHDlDqb&g9^TA6El>LzeOfR1
zbIK9OViT^5_#YP<=UP2I8(E@f!W#168oM~t)4g_!>Uazg8(I2ZwI;KiXN8@H^^@V>
zxHjh@Bqe=hXw=lkb9Nv-PiYziI@A?{3q(umb82@=QoaVlIFvH({c^oT)-N8bY<fyJ
zlvTHJxv9W_<y1}5Z8G4wR{Co$n_4$BMnKzT+sg`uwa9BkPanK#;6`i>jLY3;atv`P
z+=3}nL*9{c*CL!n=VC<1e!nrq9H&eM*idZ9(l4&IxGQ`5LWu7h9fS0+zdOk{Td)>n
zZ)0Ge%*5Ow8RP{|6zR-c6BvD4ypc@dx4yHuEmen}zz(jT-G4^OWU5DsiW*i+;k{|{
zsIJe(cgeZQu>AMyXs@Machv4}yb#8db`6J%{v7k&O}4*buzu~Fh2(7c@0)5Dajm=B
z=L1dz$AvEnd6PfG3MJAA4|?9Q1Nj4-+$E#=qV2g1R-lP|*wW8Yt8jHREOBk&)zx%P
zKz9}Cx+#V{Re^HY3c0=>SZ0r&TJa|!_o)6NL)?;!opBhC>WOuo-SR%FxRZH^l{TTU
zX;ANc;PmO+ZqLWbg%(`qZev@=daz*gxulZQ!y!h%pqJrLm1rDKd|l>6xJN2yc6E3t
z+`XzD1*&JEx*kp8PKuQDKNZveh?B7n2M+UZ9ZO<zY&<tE!r<Q`x^7DHhHGasjiKd7
z$TQFH@h3>U*EcQR90IqD2_62#_L!W?E|43Sss_TAn%IRrKPPLxmzJg(l*FA*zY1hK
zW^&@bt2oPz<D@FB>s%qKp78-zXD&_Ajs6vnZPYwANZ_WFT<F-Ol01huwSUP;;u1B1
zuJFDIxgFgPEMR=pHzf@aenKjxaMo>0+OyVZw15|xNDAqoT(HUoKQ%J06HTwp!tB`>
zA>vbrL`TW5zRu#)d33>;G}9=dQf+7#A$sE{_qBJl%6+Iw1=%7O#G!A`C$Cm-6XP=Z
zwfjD<<8x9^9S@T+I=c|{x4?uWs9WI1@X4&&;*gSXX$I!yW3Fr@(-fO6yHkb2msu&Z
zYwfs$OC@pxnP@P?j<h@z{Tvty&4qzc)&?;MqJ$j=6%ZG8)Nn>CN|t3uF3;rbt6|*f
zmz-!?r>mYZjD(N$)RV2*`}nxn3*03e-()~%NJym0)5vxAa1~u@qo|aWcCt-+Hf((!
zHiBoXr?z&}%{1i#pAAix1khDE5rPGsDa;i<aCqVZ=-rky$-j;b7*3KHVyGzT*Crcm
z8%#in+s|7us4n;n%FK{<^~a~sG87;mfY&#IgnVDRPV4wU54S8H4B>WrCG?(gsc;A%
z9+!&ZE87=Z;5iU2TQf#PfVP;Ztj)XV8M{r-Wh!o2TavKeHO|v2ofUrw^%Wy%JB#Nk
zp@w=oAcFfP^1{dH*_VX5tANfTyLp16!i!>xRYQr@=iAHU83js(pBZvMi1ES#CZEI>
zo>EJkgImB3Qc-})wWJzYQvW0tx&@LqZ7+?^<5qv24wi{NgX9>&<=j!oyzKHA7Z&*X
z8Z$SwYeE!>9y}i&_yYR8t%W|2nrnb@!usZXJaXujqNr~-C$oM>9bHHFcbQkxJqLFf
zkz}=hKm5HkO3>=iZ^&nH_;Zs<7#-PjeOC0}qV`rh4uba?xZJL^9XO^?V>$T@lniGx
zJ6!iuQf)=Bm2Sf1JH&3+oxk=%66vvVleM<vJ%OepW|RAQOS)$n=L6pTPgEl+*y&xO
zQ||Ea*R;X}gG(mQLE)CL(Lyug*lbpLx6+Kh_gX-JB)WV%ylOc|J95CoDnkKGhJBXx
zqio3j88h*oAj(bsrAwE=+=Ng11hmEhRQrdLN>Mw812vNgzleP`y8=mImCYCxxi<;F
zXxmgzBf61I0B$xXb92o)c!t|H-#UA^PDyA{^U6ww??IBjekE(@u9{ajXDrEx+FF&q
z4Mj*`ICy9K_a>3(;jmfk`W0<YsNU7h+q71rsXP4!gJ}AfUJBdh4ah{LS;(tz81Bv6
z(R5W9V^bv3(Sb)!ZU|!CD!o)z8z0HLRC5($eqCiDJm-TMmAvyj@rUy|S{~+b#i3wc
zg5mAE=iMZqs{+jK^h3<m6C9VKRJBy?r$MwFqo$tC>0s{nMBrO0Ut_PqI=vzYG~6gh
z6Y?J$HYE_DCI4e^ZJZr|n4R!jl^8Vy_ZE6i$Qc3j1Y4qTDWx$H>!|bA`&_~fIe$C_
z$f31L^GlP@g2rhHn?_=RwFWRM30_}A$`(P9GVHKpM!#XV6Gxs{T@I9MX9b!JU$mt<
z@A--`$=yjLGy0t2tb!#~i$$xMVraB;MXt-!1Gi3+B9tW=QMO3`wO3e7m7LozAIcGq
zi1QNo?>HZL6c;iKWuRMWB#Fg_q;n5|B_EUhXw|(u9maw*#B8-w(rD)l6i0`~z~H2B
zu+M;C9iM5QcpFI3zcyIk&c0zm^xx2x?tiuAS6T3CGFGRfSx(MC>cyVz*g-tj)wxgA
z$B0Ks+p%$y*p;^Xae>4okNR9}mYrDU{d@48&?v?I#h*U@@yh+S!aM~}Ye)W4auJhI
z_8c>Z*?}dd;qLCi4c3~n&VOcL*?ka&;qzgEt)~IR<kQmZLG~qIv1lS8tS=COh*E?H
zWfrX3ASIoz+R>=d5prv%hx@6rit@l{C46<$dF!#EITg1(0@1pu*eQ?7NK{Q*eohJ@
ze#RvK&yQfnJ%VE=b-R9u+O5XYs(m&9?*I&GK7iu9p<6}OSr`L5COC{eSDWcgk6n9-
ztc2=Y?Fm|kdD^0M(6o2rJ^TxIjsfL(B@#lQ?QVl#SCIGWvCJ}hu6CrU{Kp~&+6x!S
z1TTMJk8}zfJ?HNVX3&z@mg%MZXLz9w@6A<kF)zi=>R#DAcq%4`VjF1Qs5XGjf-81j
znf#SqO>`ozoxFxTd_D|g!}PH&8IIMx1YL`G+it?PRV~6Yah$-5{wCWlm^tE2SH4jh
zLtc9$^dj!wtpC?qNoVxoEqgW8N=+^eP1MzgibObA8?3Yieru_;rdowI=5v{!%_%qK
zGkTPfAEPP#8#D+*C8w1@{GnLCWahuj!u!;J3{yW*k;S(n(#m#ET3qYua`b{c1MT=W
zstG%PCDIm+5i-+nf`tD2;%;oQi6(*Z2+X*>OKvt{H4gFCW7CH3y3<dq`?gq)-Ce=B
z-)X8Sl17NVI^Ld60pjelhx7;VSg42DaOu9f)K<<NCm+ZRWz0I>e3){pHXhlAGE#6M
zBmfuHn%IU#bFq;)DL&A2CUWQOAP(&I5%`Bp&|3e9X@&Ac*W~OD@hCs^Ar4IyYZl|r
ztP@FgeEuPfEah92|1Z4$SO>WlTdmCla$cv5lMHUWeY9<oZVyZ_&E=62NrJU-TyvbA
z#Y)I}P+Vh~XB3$Po}-&KeD039j8~d$rdk2Y^_@|mnL2&omBm1+=H7=hrn)JS{X=Sk
zS7IW+{}O=@<pH=Ld8!+u)eNfL)cXE_SfC!;ZJ<J;g^FP!v9`V{pbE5V9qtN58)}0q
zSH#ekDVvA}$TIpy$sJ5tB^)cJI#*YsnYJo~mh(5PH@o|A?$>%=<BxB)nVK7bC;&hG
zLpm)sK;#gsnjCosnuc=Rd9@fj47>^`um^gkui-;ny<|JHbn2(ee91e=6A-|XVsqiL
zAZejksBrknPt2XwHJnHEQ@gj&eX#c#E`_B^U*ND?n5VXgXS%)Q*@0Mc`2UG5SL5Q-
zTYGE8Hkh5yq9^QZ;Emk&=Y)29V32^rnvHkVuwoxx6pEm7&(?gkz1Y`;X@q3B6I4<u
z{Ce#5#6auvTJ3JMW+yb#K1${%V0)<^FQa%1uqVST*`uLd*FQWyB%Q&gfF`t24gBo|
zphadu4!Te_^K7rw=eol!=cmxcQ@jUq_BYi4^w|Fq=0M^+fn~XzAbdw#(c?jh6O|gE
zjcB?R{WWUT81Z)G^_v#Q>C=OM0Yw(srnn+<Fl<e19bs!TDzOfMSF&QYe{u<U`Y86g
z2A{HRNNcRb_O-F9Nr;Zv6Y^Pui}pokG7k*xyTfe27yCY=f!h8zxRjEcCKtQ>lpNe`
z^+KaCzU$)P)GffT_7o+GVY7o16yB98UJLVCNcZ2{gIukKMB=~a)6i(+Rm`&g2xM@^
z1x<}XNNy!rQ+fYDy~_At=?IQlWil2K8oz9{e>t*dDG}5UnHa0LK#)5aMx$po@M~A;
zpMxQ$`YH@N?wfRZ0BsE{3a$wI?-vY>5j|*$35j5Hg-Ka|`Ywej#ugAfR^we!D2X4Z
z$Bvg<JVv|rAD!OSCNwzT`>UX5|IFEqt{o>`oeWdb6@-9z{m{M5RknbpRmJeN@#JVR
zt!P+eLZQ@IByPG$Sm*zmPt&H8KgQxQxjSM1!T<3?g7i5u3b}3~j0yi<fYS~tGwI?m
zje#7>*Y?TjRB^urUu_rY->HJWMdOiHhi~v(C>CR@`fK7nO|X_em+gV@3Nsh^js8}k
zrEm^2Ro`MUaXhCnjm|*pqWvD_<S07ywHCHE*fv9;Nss^6pP=Q_E}{4R^n=wcdzx1P
zCG^)pQ9X1Fd7JO6;y<;4!r{IG0$H0r<@o$!@lm{#3kuCwCuTkTx|W31jJmqWZw?ig
zi#GIlT)4KBH2IM?eil0{TpK+a9?jQJA)gz2@9Rr=B(LJ2aNKPN8|@THU8C(w8jo&Y
z@!HTTy4651HvzWR2(lI|=dhO36}pN71T+P9WA~ZVkY?l_d?-OIbEcb3v9adZqjgzX
z9V?}_L#~Q|k%qy2=!U!7?)<LM{8pk|y5ITw<QtpuEM4mDAO}81c%He9p^nLmDYkPF
zxmJ6hT(u+%rULm12E&J74M;4AC-sGGmmx|g?e};grL7o?V>ONWl2|wuW=*YW=S&W3
zNV5O7#!P&U_fPLw718t+?%(%i5NBk$GUA%7#Tecn|E;9@nyTaaFpz1o9dY^K<-cX3
z<GZ=O)}sucKMi>ZNv`cZ^Y})?;<r-8+EBKaxTpVZ_n(^t9)uH0!x7!C2Xt@>N{xU{
zrdo?6Wtq7NM|??Ge&;1mRp-2F)-m1IG8!f^-C%oC^C?c`*-npu!zC!bHwBXRI#`T{
z!eS!ElM*8<3D-id{W<a0dYOWwv3-jyvIefeBOM6HttVs(w)L_Kr6%D+xc$@Lv$l*}
zEGK}l?oQrkvD7yvbrs;~J4$1>rp8*_vWl!hp`R0(QLLa+9iQON%I6lYaU4hv5xd!0
zcBLG4uy*LCAu;SaUNw%2a~QVyV4i{+Y&?TE?S{P8_(y+TgSe%453M`p<e=-ily^>n
zgjAslz8BCEAb8JC`8+7%yCGoa+#<rBUB={vrMbW868}BQJgY64;h)<@3ODb2m2`8j
z`RXYt`cH5x_4!~PQpqOJkb*=~H<IDxQh0;zX4~WP>w9J7WUKmub}vGlB`G60<^T<m
zkihOWdW-iq0%T%p)etW|>x<7?ds2k)gC!H4@=y~emahn%ZRoR_!#k^Z;k+y-5nyJJ
zy*71j8>}dB4-Ox;vw`#EFpcwvz8`vd3M8!BY$e+CR#8@mU^S^#CV4Dp-!DumV7N6V
zYfJe}a-;A-iVHlatEct$f)kydj`QK1&BcJZa`)zT^QKpKA=5k8e0JmE{>Een_5|Ln
z0cbW5I-3U6*2TDjf|=KmJO@iMroEz}q5J8FZ^dDSVC>L>P;VaG)N3`+-%9*l{i^=!
z(vZfSo8V!%2kOZ57W1m%Dkllm3PF-G0U;+-@ypEWV!%hW$MWeX<uH#q$L^&kgPa0q
zif^dQT^0EX*c0Hwi2aIMGmSywdL;t8Dth%~diRD#x~aJ_pha*$W{0Akc<_>0_EvXv
z+6%;)DPu?;k9-f=>ccD<dWYQEGOi=6=Xza})&MY5=eWFRj#1jyOIA(``aqT7C#?%U
zjFYK-@_RCBW*s^qVE?gm(iN_CFx)d}`zGZbRg{EKLZ%(x`Xb$8RK=MwHe0cko{G_7
zV(JJcjeP){9L*6%f+B^~b$~bk6hm`aiyr+mWU_|=&Rko;FSS>g&Bs1qx#XruTJCL`
z`o<5kNO-K@zo!$~3_mLTL-MaN&Th4s@UJocU6F(t*?TGvLjT?y@fd+z%eB^~ct_N6
z@IsdXHtQY0g0oQ)0d*gcV!hU$<b&l6sLzF%&(;PlDNMt1wjSmz#OfutsBU+u0vZA0
zLZ8$>U$l6=-9fajk#(yYsnR4`oKV^LZRCO@P5eJ8=UOsOmA@KGU=?>eB-6e(7YTRz
zR~%~#0Nh<KA8DXOaZhDE*%Bt^WR32Yp|eR|F4eJ`#Ythn-98VqID?22<fm7})I-`_
z5bot-P+nkt^$~;4i&vk3@vp<a!!cbgF}npq!k<5<lY@i7$L^-73I;#CGf$V8y8|wC
z(&{C!M@Z2@aCajDD_4sqggZUGptR9n53fu@$)ARO-`_C<BfsrlR1@i?377iYy1CK`
z4E7@^qIPg(<~t^yz=N`v#GzAsV;C<No8c)d#fF9gFWVYf2hmZCo`=B<;vJuq3FC6;
zpWpihnL`IqWc*TZoF8`-@q*uGU^TkShTXR=_e2*STsV@!XMb1`EhiB6YcP}C_5Jo`
zudnm%@RBZ*E7l&jUh1+eZPFvkCswd!Yj*9tF-of<@4WpA!t3?4_2lo?{kUCQp)0@J
zXO)6UuNzdn*&V{AVq2;j8x07OrhI}`4n7X^yVxx?n{#d)%bap2nYCX1I&V9pwZs@?
z1}z2n6GVXrYYdOzxG(L{58{!9%*e9A)orI@XVVMoo5D4>yZMv3Ax$wi(%NSg1Icj}
zHOH63zSaf;r{;WR9cOY(Nl`V3yv^s2fL>3LeHIOMUnBMt1f11E(NCKF<3sudo~jgQ
zMY7U~y*_>~7J!B*gzb)h?by<HtLf%WqDc&zs!a2aH+Gh5mhCHlBa4l`EZrnxI=dHp
zOW_mW^YEYNKr2Af=&R9#0(7>%2ffTup{!NbDuL}oR;F68R61a<MCTMX%J$Tl>ufDU
zW6(9ra?+j^tzl~XRDt&+F5l4b)|c75jL1AqrL^Q*hAMdU2bd$)sgM8emDi)o?L*kz
zV`t&0MfxIRbBIdt65`pXdj|8<9lv|qb}Xe16<~)H52&a@@VO#tKSB45_Zh%rogU;M
zhzMSw<(3^gC9UP+bxD@_0hb9IWkG#q$Gbx<t)iZ;l0qFc+8Bh}8oEI(wi1^O4WjDs
z#YkwLgzhgcStM{Ii%%P|rTUNkPRNn)&2>f)ptrR-*DB&#XoK7(BX*R^ZaZ9$@R`=n
zNEtcJ&Op#iv6K*tD4W7$&@Hre6eIX`fD8dL=$!tbo&hsZ@$)*Bq52rWw2Kt>j1Hes
zU2lT<0)s_PUNbxX+wuLOuS&J@<Ca(t6mxiqESRO~Kp4Ce(Ir}$QVyk{&fqJ6F0<=!
z&K<xcIEX0&C+700*(Xao9>@)LH`aWD8lpeo{h<sZ$xRC0V`J3>;TOo2J+!9Ql*3Kh
z)2JIo=ID}b7$6mkaFdWQ+HB<)dtv5fCX1;(0h>s|jwJ|(p)$P6;mW6F3}GN%V*aBe
z)exwT|Bx`wydHTX5aXdA?`eC;Qo<TL+goj2)>kQRAchfd7x%Jpg$ReUWuwYQkn5)Q
zZQLXws8GaOYk&T|F0^UyPaj;xk(cu%23gdSj!rFl7YwX8h88ZYeZ*bnkEb!Sr>LCy
zfv6^0Rf+%W_8D?sbmrp_U*Lu@Lr|q*s|l&!z&2#3A9Up2A~b>>tZtbQ1s+#SIL(<k
z*jI#LcZ=h4iCGi_Ss24NT$9WkTfG0fu*|H->g@6l%cNhJoU=F+0G5J(WF4G?xE?v6
zDpH%eth6wv)CynfYwQR^nKccUg_wcfpFWW`f`Q5tlrf&XuwA5x-%v@fEkJSH!V~L~
zuS^IDu-u*1Ho))LJdI?;O;Vq&=ljVu0~Pjx7XQQ44%>cl5PKD^VS{0?y@?A5dxJ<~
zL+BA{mKg8F!+MowEhM~d+Jf+%KnfVt6dvB<)1!r4MgnoUAH22q5B@=|f(hZ}N+$J?
zoE!Vg!q0)1TWh6ULv<ZuJogneqK8#$EK@xqYV?7?<)+ON=jM}tz#SSI8*6cINp1zg
zSjnNmzb=u<UvF(^CAlCE&Ap8ozy=w_mQ9WuSa&_JFISj@pxz8Vy1|mjP1eAjLcPm2
zRT)0dtx5wnpvE_=kILiGf6RwQdlux#^9nMyg_!eXd7djdc*X}MawdS2=R?2F$elMP
zddY{SamF(LUqa-X7sl{xiIMwl&}Ijj{n;NMKd$Rp{dr#12VM`6`)$}EmkgeD&@mT7
z@;O4ycT3BB$)P7c*5Wf3X8t2(epM-*uQ~92?^{R4WW#mj9X3XL0^PdVE6xK24YuHN
zGTpLG>oi@pC84;uQd@U%*_H&|*5M;Y{f>uc9`-hO^(MAtS*K#4S4AohRzTI1C#E3G
z0awPwsY!0t8Q?QIMeA0Mh??oV#?f0K^uMAw<m3c>NA<lilTV;;7!*m+nvh@geaKAq
z7%Sdhhr#C&uZ_R$UCi^3wUs=_?*Q$F#k2H=wQ28Kd0ZGe7qDe+H{|reXh#xc1Vinn
zsx&ryC*6ox{A>?F!aJ31g?@Ez1P?p2t|EdZe`iC4M(f1P9{xsGXfi)uQpMvUzr|8W
zM%R6Js7|w6=|7ypt#9vT!bqgYwq`k3n)g=`0%#G7##KgMtlvK@`bwbsvS)t0^-li@
zb68b0iku7czMRA|XEVgXaDtLhIV<7@ElH<m0P1%&S9?6r0C5mG959*n{@6sOWwwdR
z^x}yu;wYfkwvI0~9R<c;4bIz?B5ng|7q|Sn)icV&yHxfy@|W#Ae>j&*um-qPPSG7(
zh{Ft7boH|S>oQ0z?LF3}A3KDZwxQ|F+sFQ-Z><zv!dP;P+6hAg2Q<skK$ua|>FhLZ
z%W5=KyP8tY<xtUjTnJ<Q(QkvZ9mRK6EMG$J=JJVlmROK#WN41R*VUnIj>OT1p>IHo
z9=bH|7Dd93>tBG|VthFh+j`>cY9g%Qm#0b3&BOSoPR{A*(56T%Q3m<nafwDUf{5;6
z1vBU@DOf3POE`F?Z=xF7Ol4pdd9=WrHF>`^wCrQLQ4R4vZImTSt{XozU{M!>D+++4
zdIrfAHv2{_LpQ^;D&`s|W=D}k7=3>!=0veT82J_r3hu$c31MrhrA%VHgH;z{Y$F)~
z<tAC34oE*nMM{TgUSKuKSAASH@Qlidz{Ay=C|>P_xSZvp;>5{hBQ~M1k!<XcPl>Rr
z8-9~r@6GlXF4fsqt+`3ML}?{th-z5<M>rE$B2G>!`I;mvZzRjWjVjGqP7m3dU}5cA
z_uo3YA)uCGLJ~<yWBA@u$v?L}?&Ru_@t3_xb8&QU4DUAhipjnf9SA#+qk9cIfL;I;
zKfq&v69z%=unqrb7yX6~T)3;{vva+P>!8iyjz6~{(^F!wn-p<*=iD!RP$0<>M2J0&
zgu|UDqH$lgv%CG--SJ<oieAlpGcZl5?Uwt2%XJEcBjJD=$}OT1m`IZH#c|5a(1+Zx
zkZwGxZP1wcuGgH8E;|57o6EKqPdKMrIZRJ(YdthZnNen|(}^GR@xPHxYx%s~v$AeB
zTJb_lP46hZWN+pa2C{F`3y(0Wq!FR1f!|}X4_y;E-Uuu<Ut@hARIq9*DIlD!?_tN;
z3C74JP>gD8CTm!Yqq&?8=c}DqkE0#c&{?q~CvLV1v(c_FL>*^RK&{e79kx?YHrJ9T
z{iz=oJDajwjGZiyZIwdQHIc$P(XiiSnnFX5<hot8)iz&5Bs31=vdFfwzLQvPIp@5Z
zevrV`ZUJdkP$*wYNnLqZht#mE{^$EBIVeWyk^#<srfxzNm$<tQA`*jDFYRz8Ey%*%
zn+kgC+R_<&&E*3>9hZ4s{UfQiamk4+ZE|u#Y1+L{XWuk{z-vysFy|NzQLe3Bplz~*
zsXJlqcM6*=NNHdz??BHH$w{iMuP%3P@|{HCA{g*MLN0H^R4K_R2A`ENkbE-MAz7?$
z5yvz7H8~9KRk&jGUEbT;<e2vaUAxFeR;d+`=gJPVy1pIN(6+ZrGu%mtX(kTQ+%=_>
z(bDRn{-~m(adyx3b;0-ap~5O%V%S44XJgxzY&}E!5dGD+MCAW8H}TY$oA3W?@>mz}
zJ9B}o`c_~l_&fC!&>8S``u?=Ebocx6GS!t+-S>3%`(?0P?en!JsMu$r8IVB!`1Nl1
zV__nx>kW$SO<E1hctIB#C`Wo$?$hV8qxX%-Cz~BCBqYsz{X<5$y|dh>toCE~{Yk!Q
z*x7Y*b|@lE9B*!jW;gw|i1pO?ZK~iVH+eKS+xSIevQi)FL%vcW)H27dgs9nRju-gW
zl-esH_Sg7Jn|xuNn#0ja(&4*;y5->oqwIgAi#*ZD-25+wa(?l@{NjHJiDeMeTJyD9
z#s{>0Yblj(`c!kXS@G#jv9&2}itdj2V_<|X*3merL59`VT2V}8L9T`<JC4HZ7ydhw
zh}$zx=+G2(luT;c{v~ma(Y7z1v8*@_R--?nXfsEn{)z9J#S(}=Y15<Am{z7OE~d%R
zgOq7dM|wSHjTY@!{?lP1#$c|0Tx#-L|8uSto^aF$@4Xa_7fkaaDs@H8&@qzF165!`
zBx5iD=rhm4cxMc+M#PI7hq$e`M3*(t6j1*T!s0vgz9AdD_r%>XZD#dZ+8$M#$wt>n
zPb=L>{#$rv0b6Y+yZ(9DD&DgXmIhX6TRLnaPy6?8{H}10D1t}YXX(2Xxj4p#YYUVo
zmQ@$}G&nMnNVk<VR!7Lo*AaZlFW{v)hZm}Uw3%GocRR2n@6@<Xr{L}8Zd_$GE!&{{
zJ++yf=|G;HhUZ%+C0My^VhY=AL>y=;ivdA9br+D~h;WpaMi_$^3J3Sqx294|*M_E)
zIpa@9F;<4qg6ZQ{=75Q+dwR<z-IU<#sFzAa@vO>VVM7SLVq9RCar(*ic?9LVzv>TN
zAB-hXFO0nXs1jS#SZT(um0HMw<+*7!K3f8U37knlLV=y$3Za8^mB=`^1i|)O$FLUx
zIt#`0Hxc?hL4xrQ!9a$<*K2^(?3Bqu^)2e*vHMG|ousaBX@KSL4h8+Ni`vv?c1~Cn
zbdg8eh#=CLo{G%2r@9AC$-a*u1i?>dCI0<v;oMSu$@8Bv%#4IRNlYBzb|e~Wh907U
z>C;|e1_CprcZoBakx${cM5vNe0_!U%YPOafm9m7%(tS=$p;y`7`LU&t4&GN+<1r{_
zX5ta)CP_-0UEWk5p!px+NR^*Ol?H5J(&+)qPs#kV;X_31$ar!1X>W)pPN@ARPPp#u
zzS=ri@9JGlnlSv3M)*IL2)V@#>el)11<<&ig^iDXVqU@?i)w9x<QZv>sV%;1{+TjT
zL!rNovQQ#Eo@@4b8H}NKlxhx4{nVdAn&tz`&p!!9Hcb|n-PtE+cXf=6dj|5F?*har
zQN%h_Lon_Pj%Np5vvMOktH((udEzm?9%ECQ$1;_8#O{^1z5q1^a1FGG5Xsu>V<g#B
zB2YvJL(2_o&KipnST`CXX~qe%Py#-j9mMXBNp02Okz7q@&nmVKTDp$INqsu3Svv;=
zh2G+r&>NTppAzs~`L78L+L$Iss=QW1hLa<)DQVz(DDr5pIO1DAkOYO<d;BFV{kDPv
z$Lqj@%(naY@DZN_zy&va=~CYG6q`2XBJ1Y?aNWPqmL6!SIXs9|*v9vS2Q*UCYsBWJ
ztkvjwCr?zaLH`L58<#E(CO8tKEhBK1b|ua!qu(5Z^B+*fw9U2VR8hXOXpBQbnAn9R
zAOO4+6YX>L8~$1@vBx*%tIH*n2D%ol-p~~mK*vkyTv4EBTUc(WAAv@YT#>H1EYmut
zgTKg+xRghpDb7$5kkfcRumHGL{m_s4<z06CZ7Xc6csVB*vWL$k5S_Ysuv4B#(3Nm>
z5zzcMj1t)mACkV#3m{_%G$({=H$OBz{@zw4{f))C{<xwBP77>lOxxcifC@ZC;x!_Y
zeL46)p^!Y?#0OLP-nU9%TziKy?7l7<D9!w_`pUB_@K}N_De*F3DI<Vx=`wSS#O7K%
zmL+cyRPdtUh%U%*7JoM?6u}m4`&W#w<~cBma5}m~l0L7eAsn^0c@ESl_zIn$$0uDl
z14qnbWaU6pHOg?Ifx_u9#i9Xt9V|X1A&9XQadU%)Xko!045_CO1)8kXo4?R?>?6TU
z+Y;q!O+sHS2uuhU^bnM)IZ>R~;Jh@qay18pb<>;&Grx^_&8EFGb@Y70@zJ!@clPho
z2RaNq8Wt!=%NhSRMaMG2zVUiSI41E5%@_LT`kAn6<$XNkBXDN3IJX^de9Q0iC8fQ~
zLkNoFJE85yY+AT$anXc_>=SyJ@(f(B&Z2$A(NeGpz(FARfY#{EaHJ1$wEmt8tw#~z
zOe*uY)$96wLJ$H72Y^#yIXOMhA)nUtTYY2d&x}(2E+LOw?EjA)IDce9aR2~L$G0RM
zkA>wZM}(D)hc${y<(t`x%tHsga&$QA+lp3c9k02K<;X~A%x&hFjn#8)7KUYOBg|fN
zY_4HB_Wd*7FMZk&;%LrvFs%BX#|6!Kwu_O+F2@X*WlB@*{Rlk3pngMib?953-n>_W
z^$Dy-HAX^6x^DQiR%ZSkRAe(1Y`GnjDWR|LURlQok#0%w=3PdIB#R+v_e+e)E=e>E
zXm9xe#7DrfFUsAr!7nSQ=Al}@$#kg4PFI(b#(W$~tQ=;=ZStqfw8M>JfZEQe<a|+s
zO=z2|UYm_YuSW;}IbdvC=|#n#-ifORVV6it9HIamVC4X_I?@_BK<mZFJ#op5lSQ-7
zO6;uU&S2fxTU6ykBc-j#wqq@yKdu2C4{}&Jz{&KS;~32LO$Z3a$J3N9-73K!qp#h}
z`G9z{Pkn^UKEtdM!@PmL85tN-;Pi{CZw<{;KW<OG_-{HE$_tn;HtjT8gtR|+VXYs)
zYD?gM0WTc$wXVq>H*f<_97%ea2b)byxKn8(p$I3^&7L)EdG=#koF1Hwg?8mUYTv69
z3rRg&8*kbfbISFiSCsvScs59{2bk39?BoY=3oH%`eiDX<9<vb@el{-D>&NfZx8T6&
z5`C0oxKDG{TqfM(e;}>h&NUA_$CjiGTIwxU^*A8rK~rS}%*#hrt4%3SzE9IubfIIm
zk4O)G@HmmHdsKBJX3mF9Ew*b{Ur+<XzXb1rJX`&_fR4Hcufe%VY(YBDPogLJLsFx{
z@FI7M{tM;&QUfLv6Fr7m@@mF9Z6PRdxHnMd_jb*@gG~J&S4_Nvd#tXMUsGb!ss6Kh
z;rqPJ5*_O2)iLI-5wDeQ()@dqc7L4VB+>oK4VgU|u<vmzdx7Y7r)@g~jwy6LG89EV
z>8^D^I2h{qIbK*s)6auj<bi9(E}2_TaWr0o&uN<=5{R8vK8aTQ^CH<4kxA7$#mwhg
zL0@Kh>(*DFW^*eawi6cP*i9!{{%Ijgh@S4tjfBq=^xPXw%(d5iAD3Ga^r;uA(6?V~
z9o65dw4$Fh1~#slo=@0aYLA|&#~!{pW4edYM=&tHJBpyO5~(cpn~_a_rXdc(cCiz$
z?-N|52!CKyTYGq4-%7!oSBNxBda|x<3;rkx7=(=|$=9@pyc-^VJh#-yKYY!li7_3M
ze=1D##Oz%arTvSJnTWAJ!YBy1E2U8?s|1IZ5_1-c1FAM*HwWG^nD9H-J)^8*$(Q$c
zK190qPl@!Vdvy<0?Q?mmSJ=ooM42!zDye`u*MO2*es3lP`*qy-Pu;8N)oeUhPVhOW
zU>xytuPN}2u_I5@$rpO9yN)(o;njv6Ld7AU-u=v6{Q20oldr@9Kb`seD<E&s-*?hE
zWOtbp>M{8JC8{|4MpMNQ6r?o6k1=oWKRj?hL&d79(f}y8(1r;;^&|Th<K{n|qsp^_
z3Ml^^3xj{n9iSX2xWe(<8U>MIF0umOm&P}4Fa+H=O*`1F07L1c5nO*bb8THMD3Fuz
zPnnHa@NR;04|Y4n2;!Q<h|Hu{?>*}BO5?U>CGE0K8Q1!neTL{^j-hb!!7a>q-IS*#
z;=s7(@u35)38#}DNuGFj0s7DTl54%tWS$O;g-M9=<XV!rXu!+NfWxwfg?e?$?D2S{
zd)F?$v->2(c;}d#@x6vKb<v_>AYJw#>7a`~X#v7IgYqniyD#G9s|3D>X2?ehxPP65
z_NVKzwvr+YDI*Mv9Tpy|jY5a9zEmgKvbnayFf<%_HKLg(YU>B|+kedV(%s0KVM~7-
zUf<JYT2}<_rXwb~r1KGleR=7{Cf7sG;8v^U)+g?+??kCX`q(4H)U1~mR-$mQP(kEh
za@BFsyBs&JDu$=O33Zx>yv(}og!<ZUdq>1?-5h<XRa4m8L0v|6RYa)*+ekR!R{3b3
zZS~mq)mr(H5pK>m-ueuzcHyJqnaLmn^nAx2&SXy}^c$dd7DZD8`w;}<kM!hGgQbnG
z#~Vnlo)kE<qr%=#CgV4SXw*N(;I}-9tW)>C!u40c;UUQ}RIw1_Q>MYWuYH+$4ixPR
zKsxTJWHZk5{Qa3;&&dHbEQ4bN#2dwC9Zx%i@T`}zgX(#+C6yt7J8NI`v?u!pKI3hJ
z_@jm<^)I)qxO*wm=2*{v#{&kl6lXVYN-HB8Uvwq6F>1nG-#-<PI>owEu5Tw=a>TGC
zX_e*<^i0}ur~dblwKjDic2p5*Di67ehierspq=@-#^jBV*d@>9H%rsW<dhr{vGwmY
zHm@Fu-0sRLQ<$t35g!E&@1@r7SN5oWzE#Z)5Cz_`;l=AJH8nMr>gSrnRkiI_YQOyQ
V%P;?q{|5j7|NpJ5fKmYX1OUb6n@<1$

literal 0
HcmV?d00001

diff --git a/charts/rancher-monitoring-crd/103.2.2+up57.0.3/Chart.yaml b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/Chart.yaml
new file mode 100644
index 0000000000..5b302cc1df
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/Chart.yaml
@@ -0,0 +1,10 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cattle-monitoring-system
+  catalog.cattle.io/release-name: rancher-monitoring-crd
+apiVersion: v2
+description: Installs the CRDs for rancher-monitoring.
+name: rancher-monitoring-crd
+type: application
+version: 103.2.2+up57.0.3
diff --git a/charts/rancher-monitoring-crd/103.2.2+up57.0.3/README.md b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/README.md
new file mode 100644
index 0000000000..e0b63e0268
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/README.md
@@ -0,0 +1,24 @@
+# rancher-monitoring-crd
+A Rancher chart that installs the CRDs used by rancher-monitoring.
+
+## How does this chart work?
+
+This chart marshalls all of the CRD files placed in the `crd-manifest` directory into a ConfigMap that is installed onto a cluster alongside relevant RBAC (ServiceAccount, ClusterRoleBinding, ClusterRole, and PodSecurityPolicy).
+
+Once the relevant dependent resourcees are installed / upgraded / rolled back, this chart executes a post-install / post-upgrade / post-rollback Job that:
+- Patches any existing versions of the CRDs contained within the `crd-manifest` on the cluster to set `spec.preserveUnknownFields=false`; this step is required since, based on [Kubernetes docs](https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#field-pruning) and a [known workaround](https://github.com/kubernetes-sigs/controller-tools/issues/476#issuecomment-691519936), such CRDs cannot be upgraded normally from `apiextensions.k8s.io/v1beta1` to `apiextensions.k8s.io/v1`.
+- Runs a `kubectl apply` on the CRDs that are contained within the crd-manifest ConfigMap to upgrade CRDs in the cluster
+
+On an uninstall, this chart executes a separate post-delete Job that:
+- Patches any existing versions of the CRDs contained within `crd-manifest` on the cluster to set `metadata.finalizers=[]`
+- Runs a `kubectl delete` on the CRDs that are contained within the crd-manifest ConfigMap to clean up the CRDs from the cluster
+
+Note: If the relevant CRDs already existed in the cluster at the time of install, this chart will absorb ownership of the lifecycle of those CRDs; therefore, on a `helm uninstall`, those CRDs will also be removed from the cluster alongside this chart.
+
+## Why can't we just place the CRDs in the templates/ directory of the main chart?
+
+In Helm today, you cannot declare a CRD and declare a resource of that CRD's kind in templates/ without encountering a failure on render.
+
+## [Helm 3] Why can't we just place the CRDs in the crds/ directory of the main chart?
+
+The Helm 3 `crds/` directory only supports the installation of CRDs, but does not support the upgrade and removal of CRDs, unlike what this chart facilitiates.
\ No newline at end of file
diff --git a/charts/rancher-monitoring-crd/103.2.2+up57.0.3/files/crd-manifest.tgz b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/files/crd-manifest.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..fe5d5c8a0bb6fcc376d198b269053bdfe4baa185
GIT binary patch
literal 308610
zcmb@tb#&ZX)9z_zcFasMGcz+YGdpHx$IOnInVFfH8DnN<j_ugKopa7RYtEgy-@Jc}
z)>2Da>MoVk+WV>c)!qb=P(XhzpBG)<-1eKB7&c~J(A>XjPB2#_U!>`Ho;j^`Ub)Y|
zj_Gt-lY4ZevxP`V2+5+*0F4)9XWp;p1mlQGkphp-4^Cga6W#tiI2yLuu5)7=(TOMs
zD%oRy3)lxN+js;SpMH-;AD_38^pl_PzmHxpdfx6Tj%Rv)?M)o_aQc1>-D2p!L-@3@
zM_?;Jhrigx{BRh<)Zf`U4jNoI1;S@Xdj1p#iGEc7#M+IrPumBXfs)r?EMjKV+vDk&
zVSi}%doewJ<@dWiyg%0WozwfonCbC!_>J=*`1O`V|5JWWXIv>07tg_)JzJ5p=4;aI
zH+o5;5$K5@Qqzva$Au^)YA7*e`&m8OxIg@!jl8`@w)Q(GC03XLHzCeRU22kv-r&&B
zVJPHtSkj&KJZ8c23YPNV)emku1l><Yc1=dP*faR+iGMJ)zF_EH-qtcMJ2xdMmZpa^
zK$VBc+(ZhNijtadEPRkM`PTtzki8;9_)<;qE4h$WYo;mIZUGkMaLZDV3{`qj(6@uD
zg~<Ke`<aoES2Xs*TdUM6^C=VW00n<1$AI>b6;9-wuz1plax8OIkAQXpCJVerjd-m6
z#dohDu428<p~*SRz~q#4^!Je{m=~KF(3-N?*F2^Qj%luuf={}msEHQpH8H5;u|;oz
zStB*mRJX2oXdz-lGETwQLlkn-cQ7LEEbP@$xx+oq>2Xe9Tl=q0@y7SGT@*v7Lod%c
z`c1yk3Q{8dmXwe4)(D7L#8h%%@lFABXD{D)y~7swW>4eM8?af0oLtStNEdG^Xhczs
zl7AG2hM_xg<;535VNg<~7Ai|Akzy&Wr($pj8&Q&u4YdwyIyPC?>nVapE6@JAT-!ld
z{57Rap}M|}Fg8spd6`JWCh8~$zE^l465Ed(hHg}d-w$q-;1@3vGl#Yd6OCiq9|69L
z;t*e}Dfp?ok8b6BR)Cc}Xq$;P+mGPo-w=U&W;u3?;*j4RP@eBE&rdvj0>2M7XEZKn
z6~bCDpY;)R=%K36#xoC@CPy{a${{rtU?LtcEtX2|L?uZ~Ef-@iDW3iy<n-Mk+jpF{
z2MLl^>rlx?g2=<G>yZ*$1K1@D2@PspeTqU2waT~1?D%eJiPbS@IkJxL&2vkgK4J-_
z6uMw2(Y_%}dD<~L;fv*%1<@mad{n%V&#NfwSeeTCM@<A&*|JrXo>g+`lZ|SzM!a*>
zH0%S)F{xKL`05)-X&O2SYn`F=?7`7FVut3o-+c~?*^g@`km_WT7a(W%a;QFRlW|06
zHsh>bR{cSfw*gF7*;e^gFOkE{Vt!ib4P~MWyTkk6Qnl$x)J&v<CYTCDa+oJPilYiT
zIAxEp*JXEGPvFOIf=tfM6$tNYV9c*_mw&h^+IbYNm+hlh+o~1y7-DXlCfR)0*gz+`
zE9y7blo~odu3_rVguftf&e3SY`-YRQ_l9qn9B6!Xa+}26gfwEEydCaPaoCY%T7lx#
zk1ji^Zq+Ek8RJZbGRNxB=AVZk74{$tCwaD&gBd)?w138#Tq5A?J4KN#Oa3^Ch<&|i
zN{UG&+mq;#j9iT~Y!|Q6b$TcxyCoOZhm?Jvun@RTzT&T{DO$7bml4#14nJ}iTqI3{
zH+LtZeV9)TKJANWG>J`}31hj>XK(YYVcfO?-PaBnbuKqiL9E_dYC4~rGG!y^%iK3T
zMm3|bTO5W>|N36IcTf>H0TX~J&bj|MJ?m7W3f@j6uD+9l?h}(q6(+%GDz$bhdX|&e
zMmB&;ULhWo^%XQ*^E&;<s|sb26dvm1w?P=;F@J^)nFpV_o;Y}m#uY0`Nc^+>S-Jdl
zqt0HIfrO}BZmQ!D<L*<Fo%5R!ehTHip~&01&Ak?p-1vl`!a@ZecR`MJQsz5+UfHA@
zb!^|)$-pEz#l8sSG3mC890Ksd(z{*%AG3X*F9ZI^as0nNK6<w7eqZ0PgG?8J*kA<F
z7al1*9${yfXQJ0gGA7)kK6qmkIyRLfH{$<hAlG7GnF%;5RH2(&pqvKt2uZaYamc5w
zLH4Lok+i|(N$Mn?89u4pG9XWnvu^r<I4A2<Xp60;Kqe7kK}6bj%3)GP9%TwvlR+dq
z3qtDI6#Wxg`#!fw<*Z>I<c*T?sa*WXnxZ1($HN3J2~JBarxpkIDie`~mZ@^Osb`g%
zcaOH4pqO78QdNJUaK5Q>5F88+5-p+D1qq?no+S7j6OTWk790L4Ds3RttG+78Zu-$d
zXKWC?J-XFXkEU16t{H1{T{1#t{NM{dw?#Ghd~&f5BJ$!IFWGKlkr1pzI;yPt@dh?x
z%`K*8O)!ZKY=>9aXXB_}<o%jQ0d%1&ZXk|<0r~iD@C9LB)5EY|@+z9`hb1IRSCiZk
zJu2}T5iBpV^G;Au_}v%!p^j4=wNbtI^1#-HCGAT|jsfYnH));8*KpX>=&KpFx^sDq
zFmy>Z=yt-e^X>XF$P%okb;&mTp`b|%#nOeaB5}1~xhmlLD+xr*;|gMz#VU9@Amy0t
zh0byL+2d|QLXy0xg@W9XsW_#KS^8}x6ci^c-dF0!<r;(Ez{KS*20id5l&Wuw4ZCX_
zdOfpzIbPi9z$NoBz1$P7hbdt9!*zw=uRX1$4EpW<WUUHDBV)CIKQ&}bX#)EpG0Oa;
z*NEG_*iZj3XaUST881~lo8VU^L=dKUt5a`PO=f2wPZ|Mke&8{A4gs!b9X?Ns-7hGL
zy2Kz1@)H929ADX-_XY2(W6Cu9cj4;V-%-+X4LMGozh81x1${rvlW6^hmnu>2%mt++
z@1S@28$_5MKLcnd>6PMB2|k{@AAS#Q=kUJ29-J;Dy!#!mn$P%tOtRkyL=rtXQz~LR
zwI;e>DF8h=G+K35*hlSFuKgw(2g9ESJwwDe8NzU?u1xgqC9@?|>Ze3$iE~`hibSQW
zJa26Onl~^UQq=4KmHlz~>t*}XmFM++JLmoP!_an&c+ThhYC}Q~-jD9ap7)F6l27;B
zp|RUKx5&Iyn~==Tbt}5+jSO41Nf7p95+E{9XQyUkED!O~s`*P|ggeBiq$kbhp3M;l
z+x)APq=-TV$uhCc*u+W!b=A1NBDIBU>aXzSf#w4N)AX}j48g|-IC8A*9CcsI_l`5s
z_$MO5a;_z`kZv0?)pdUJ96p%)n-1j^xm$v(>@4&Ir7B9vPG0@4@a*nlU8;GiqyN_V
zo}r{n(CJ9;EA#nw|LO7iI2QhL3M&6Ze@L`PO5`lqp4_&;tis<@rG7k5T)Gr!7Ta}N
z&gdF>+v7G2<gLVCL~O{zI>uy(fXY73d~d})SHg~jyidXT4P|N4(b}sF{Y!^<=-~c4
zlfnhqdt#-MTnC{{M?cy7)tyU}T=@e;yge}@SUZ_CYOa(95hHDsmZ5pC6T<bV$@EX!
z*Q>k7R(~|Kpu&E!VI9xN_%ALL6M-0!-GkH_5T#$VGD$_CxW>ZbMI5h$*Cb4Qj!}{!
z^`Td6?8fG6#%yT((><uuE;}Vdz{VDVN-__PgSJ#a%jl?6k%Hzx%voGgZNteqg7+Ti
z{VvRn!yskZX~>oPC5gBj$n7eicfsRKTzpZ~NDCA9!f2uN6&&51M}E=LniT-LO_B!q
z!MH62@tm_y@X3Y8js`dK6Bb#U5KXet#_`$2cp9{QF{Rr)IqS!aZ75ZicTbMJfIYMH
z)6;W#25rH01_nbA=VK5}r-157Jp)|DGDOd?oC*}K=cQ4o9u!P$c^K$JLcHnQIV@|K
zPJ$}7Wr~r*(Q%_O$8@;PvgRT~c4VGM`jr(7wlR0w0T*!|2zAG4j`tQZ>^4rhjO%=W
zczNPiGeHT{G;<|r-FlU?PItzmP1lnVUuO}Ql05qL2Yfx70Cuk%Lt&?^a_QAyZyr~g
zqud15?9<H^F7A0`?!!cc5P~MBq$I@)18vIlkzjRFmuf$J|CyyoLKeu7FBWoFykm=m
z*;+hmOZTXTQfrDgD2oe&mVjV1Xv(0p_@#0^LKaeyjsVoqXi+eeBRVw*k<J}22zCdm
zP)h|8#t2foQn%H>6^SmFMC_ZWM`JEvw-zr5+7{9mc&nIHAeQ^5T5by;=1fygChJv9
z6K9ba);QxA)CS5=5HgKeWLhvvuq0=};gb=N_g^BgQv^9+MultcqL|_3G*~HD$*E$l
zV#TfF2jTrv4CKE@$PL{Kro{${<uZkk%DNUKM6x!vO9H^)>|`Y^EyawT`9x8_9=}e9
z^J)-fT8Qp?#_v`?{y>3s7;)dxw1$nvdA^e+$uTdA0K4LxXsDdur9<aj^bB8a3}>i@
zI|D04&6R@#E=2`S^cHZ*M+pke>1EZs(Axr~cP;hD0Hue}!v*P$Bw(kHVH9elbe^)6
zG)%UL?2RUOHRD4z`awlyohqZh%iutBEOuqEO~e=z#(>*TM9#zX1tW}+3pX?$T)9?Z
z&Da9Lh9Fz`cG6ng#Y7zB1Ou7R3+gOyrx!m$zktIK72^PQWw{xJ$pPf6PHPZ!GDV&v
zfj^U}=I|Arq*U8lVjRj|#?w0ddv~2RQQlV)@C#ag;RI-A-;WR8Jp@0CRDSEFR1^++
zV)5TsDqSk#{5Z%Iv`eJI%ESq|9Jxv1({tvwE|5`-Oc5oNyxY@}M|xYqhr=99^AGTJ
zD^sn@mH4<p*_ZbXU05FBBrejtZBC_>$*mpV6$w-V2JMg_Zwtigj%d#oD6H^^Gj$rX
z1OxNo=i&1qodYNePg10wEc^AMlpBluBbxOW+=bDCPmmt_qHy1-8Z5qLpxKzV<Xfzx
ziLTaI;NYNN_Lh_ifUOlFEGx+@>jotEmGctp%Xme>xo(<7ZcJxDY!#oPPY@V&#z3X=
zGQ6Q(gs<w`H2m;is2O<Y^f@q(CPF%E6!8g(6r45f1Vg}k4$4}-M4MnBI`{&C<QNdU
zKqxRu`8^&H^TX|Mh@N5OgE|qyK3%Ed3S;g!oo7N--6vZY`!|;l(D2!h5hX)HC3Sfd
zsFb4ac)N0QoX<_Slp4?%--G(oVW{=OErN|ybvvyrpvp-mKNxs8sQBth5?&o`em?tA
zL3LX^ks8mR?|ZM7qMvTw83u!W(H<{%kFR=469l$CmfQBmOieQI8Dl&3{s{SI%wK(X
zGyD5~Kv?Y-cm}&-;Zt&Y^*n50iQ@SBQa4P#y~aW+p{eZ?p%SfBvyHa<`ZRf@m8Fq)
zo}U13?KO6){CcD{-m7*TE7~P%uiOr}i8iAWCUm}sO{|=Sc(v%gB>0fDe+wipMfJtY
zCbWNhRsy&E6dyF`yCgv9z2H|eL$v+0EywR%&k0Hz)>Ut}VNx5oh=p4{@_0w<;I3sN
zlZ_%{ePwU~>D_^XVBk;#VzNNRPlf{tEJ&eZ;J`-?1P>&^{l4l~IEfDz12ELyCkQJT
zACXX@t>s%&fTEpBV6Jk4V%uzLvj8`zL)Y&craPfszriJ0&fPGkXAP}?Mmg2Yf=37s
zGoMQcZv{mNPX+jsQXx!1=ImNJ+<#|v5m@AJd%hgWjJA79x*I8dN!gSSZs>({A_mJI
zdQek|(u(h#O#J1%ISQ8y>i?DI@n)rW7e=WtMWohxcRl%%5AErKu{v^2(hR1Y9yz;K
z>P)T~rr@#wN2u%*SCXn>b1HZE$v<5+-RQCl@gf(MX^e5InX>Css;f1$|E)$13_fLZ
z1#zq8n4$XMw~oF*GX9W-aj3#u`lFEu#tsyZIn1G`0$$J0agu77oY0a-#F`$@Fho;z
zo4DO^BK)W<vX8v5PY3~IKZ?B`1cgC;=4K>z0h&l3506)~hocMWnas5g`PnZ+puO_`
zIUxK#q`x0Jasx_m#M`UI+x45Y96~Mh^b3PXGK(|A2p1NmgDtC37TT{fBF?8Qw^^Pt
zzRf#ICyN)Gd52r7pSQ4eY9mcsN`dtc)embp*5_8DtfD{@XHji7_V8F(>Y0&}2g7Mp
z{R#=#jz4_%46A5vlD8YXn_aB;3o%iBoxJB5@yMO<&XO2u4m=UOT}jCARPwaV7dJfO
zbj3vu3T|f=#!V+-mdH75Tc56ViZ{h?`GmkJ(@l=oB<OcOy%N^zYU{4$o8P>_Nb@S(
zf$;Ea^S#&dg5K=ML0I7V<R+S`et$f#kN|na)$Qqa#B{7e?J}Kb<9KBjro2C60#B$$
zgeZqmBK6jk%IB6uCuP+8I)+5vCREvTT0M9*O8pXsTS`2lQ|{9-rBwFZ*pzpyHO*OJ
z=H$#?GPZF+yRBqcZCZm{puWF~8TYIKo$Ankmw+*lth%F?c;Is}x=2m1mk74yh}*r}
zN`gvz@O6L7meJNFknyhAOo!OP9>qZ<X1!nx<R`HurqLr(1wl|3DcCik=tTj-$~6sZ
zc^@2!mMkBP85E^ruNnK!ZM~*MxM%8=ME}*3=+-$i`;$=P{^iw!Kg<?<Za|>5dr&>F
zioHUg4-gect)@YPFc6hH5E-H(`1VorI-hO(P^Ic1d`s!N&Fhv{@7+ZkH)`YMIi$t<
zF|fsY3p9b`dUtAuMP18mzlZKkGfXB1Rz|eZ-ZERs6hkkuZifxYDuU4}cWXr=tfW0%
zb6eHJ(V13PyRSZUmUK&?D7AXK8>ZiHP%iwQUsm3oksWf$<+1B>b{73<1`ByZE2FO?
z2PM2JPgKZAS;@JPeI3<5rc8gT!nDaU{sIIY9;Nab*X_>Z(M)r|zZ(=Kuytq31XObW
z6LKU}qBsl2#)qEBYs`xHa01cODFsKMt)lFL7pJL_1P|&^Ey<ix8{)Ww1AtQ`M$cv&
ztlQG86LpDb@p^8xmI>FYIh~+L>cWxU>QPpd*~pwd{b*>JDP#<ieb9FjFkB*9DZbnW
zO@92pVukj?#{a|$%+DC50?_CtBCvumf@Hd}jIVV9{Csml_ao%~m}SdFNUm+&q^tz9
zqtl~b)YEtrHK31zK7WzIUHeiA5wbYI2o^pmQKOu9(Xgq+e&4O4q@<m)h?*|3=s(aQ
zKU@n$>kn7^BIPapK$aj9zDsIgHyA$0bW+_J*o4n|b*SrnuIH4=xu}bgo_nf`^qmX%
zY>@Cf7qY+@qzZX?E_E)#vU{DE2V!Syw=qm7raR-!9uSb;?^X|oDCB(Eyl<}35mkG`
zz^00m<U$vUoBMMrf^*Nq7dFo4Vlh?l286}qFn>aX`gtkB;S(!rsDNX=?>n4eGoU~L
z$AJw0XVo9fRMoVyWHKC{+3peF*xk0_LQ@7g7Ci{FIkv!fw-(8z%8<={!www;*4^HJ
zH&bmx7}D0X1>BE@ZIqk-g~h`@TMjn|6z}@6xfk<YE`}<D0DU={fLFY%yT+v?;Fw-@
zHu4OaQR74u?H|?XDs3<GJn1TpBC2)aCO2=z1k)Xs-kEif|7p3Y=irh9kX^9<O?JVV
z|Hv*?&;L_)r(m&m%Z}GRHK^c3P^tr^TWKWY+Ocbf{hl`u&jq>(+N_BUO-~Z5qPIIe
zmDSa3M``X$W_!OAo{sa(52$*jhbbsxsGzM0K9q+hJyqqXJ@}2ZK#SpSq^8j8*Ibh|
z{oY+pd4gyEsywk+n-)bwg~yq}cnf>{1;Lj^0hVBix^d!0Vr=#85Fql#@4wZ|(w-lQ
z5DTd+hCwU(Y-5`gkzIM^-B;!Uzf0BOh+Nfc(X2Ha(SWq@x4wslL&z&Y{pR8k+<Ce#
zg4y`^5!M&5&i{`hZhUO2@VdA7Dd_5a(Z^x8A8ik~YJPM;#>6$SheL&Dq5$*7V}gQ<
z(JSxWaTkF@hl{ZXGW(2U@?zll^K>Cb*i^sIWm5qc&@MCO6W>6rc9-|&5y__8SaJzq
ze<>6c#9l-az*YewBWMg1cP}z*6m8n=WewY_e=D;`|Fy%*P2v}uJQ~LvxQ#?~6P23W
z7k^+HQdIJwX%T8b#XK{7Rw&ZbqOElGCoijF*DSAqsP|gUVMeV60)zhGRb%_9G%KFj
z#n6XOKFi;kx+Uxrz)*+FxUg%)QH?K{`!fQqV|R~DX7Y9DTP@O0xy;uwT-IOm*TUST
zLj2B0THm($ETHpX`$w9f70@2^(F8emWuSr@eA8XnD$8!F6iihfLTEwedAq!_lZ?b*
zq?#!kKC8d@sa;pEtX}saD^qXhAy6h?XXEWPsRu1)R##GAE@sM|!!)MiQJzv9D1H+V
z&uN!@9sAw=%x%~YL!SNwRrV5p$SD?(m})Gk)J5s+5<J*!ooXC@b<$hSlq;g5E4#J2
z?|H#J2W2nW^9a5Bb5GIMftQ54i(_Svt$ZT^k{rFRC>!MA{)9<B7pMy8OD;YT_=$Qk
zkfqsKS6r<_>Xazz!cs}{bOiev4k!27)xw7(N4R-~Un_}ZWKi*zG<2Veq>N9N#9Ed?
zETLH99dr`zeUa7+iE?uHV50V}mSb~n*^f4P>gtxRya6uKesL^k<Z{uE7L%8*uS>dn
z{U@iin)vDU&oi-=<CEG>yu%~-C%XFN^Hr`$yc8c_l@mdwXJj8JCV56;NCIjV5G}&4
zolGE3J*egrjyr_KVI)nXUe&jA=JRK${8~#V{HWy2z#_~E-JH@V6~`TAU<+o5sgTIi
zmXqBE?{eYQ=ml_SECLUKh?|k>g2OJ61P0l@qgVuj+tjiFtr<M>!rRnZ0l9!ILMxC9
zWLYSJ*wp62qu&_q4E06|Z~aQTF|r730<j2G1#Rp*g9I1?1{_1rLR8=YzSh_mz^0)K
zbZD8&1Fu5!GbmKG4rqMgK?(fO5)d^8-?8ihO@5G=J}G1uXOxHPWkakPGyx0A{pmAM
zgEF-e1#l|S{&vp?8{iAbKlW^DJArKd{zSBY;!tv^jgKxB|MgEm-(>$53d->IBXKow
zy(gm_^7<*1O@l}!pbr=Vax@p-UE_ahXpnzdkA(oYRQT%y7!&Yx4g%Xw7r!WXXkoM`
z9dwCcO_fo)L}vT>M#Xa;al{2dHuc;gv>Gr)RC8raE$^vbUkAm;D`ycR3r+_6fSZ~K
zGWlRAKX(XVOeTMwExPrNLIcz?vI+7dF+xxF?uDIihw|tg>~9a{Acn&!G~-b4l{+??
z3^lu~{aE&uAd8l0Ojm|R)_Jw)@X(^Q4p>b;76y^%)J*5+I)o;+aniSN^Kq1s!yOvS
ze;f>Pj8qQ?AFg%K1j+?sI)7`Po>7Ad&Pu|=KtfdafWXGMjBK1G&ahE+){I|9KqQL%
zqKbc4gd7ic+=m!asz;)0LVY4gjFNfkg!RxWaYR~Gk5tz(GylTaG__3DPRZAN9F49g
zqEGb5)42co>)G1b^5;wFsT-xnPy%M!Cwb<ES!1iq%a&DTgjvIyEMsE^TWV{MswSk1
z&wIlc?4Y8-Gv^n)=5yiIXjj!F%4890Cq`qd2Yyz}Oo+0__~C+V!Bw()UDOEGbxbZ%
z72-^XfCT{7D2oMow=5f^tY$iGz{ZgPry3Q~%uSzed`S{!E<2c3ye?2{0ilo%Xj5>v
zCq5ObaI<cXtm+Aj@h8hh&Q^15la=m*eZ12oOYu4>Q{P9hC}(F#Voks0?KoRPZOUl&
zlnfD_1a4oZ<DnUhYqSbki!iCHFcTT(#T+P#;#d6E+hLj#lGy61^p5LuyuoAWF&5D}
z*1o({)K;CO+@sIjaGFRO0RXYFgC+Z?N<J#N(B>^B>?E&CjUzB;5r?mO9?{|_5#YLY
z#L!+3x^-rms@YLZO)<^@rfd1d_nnE>%qk>Wt{W!{)l>5k<e@%5PYr?a0>)4sssjNy
zNEejCUr%jz!U{AuMRj{&cA^~OPb2)(8pF}aW+z}gHGu&P0<M$eAX*=qK15HA`n#SQ
zs{nn4FJOxgSTlgSD%*iQH3jLZPfVA<6^tRQCIwdg0g`SCnL8{)uc}~t1ZXy;jHv%e
zI;+_q(P1?MTo8xw0E~znic@g3OceT|UJLjy_qIy%QdH>${<b$eF%G-)1lhvx9>BJ1
z=n>F+xh;*>`c44I2wVI(fEqp}(s*0nJIXw7Z2eA5(S*qUh~9U&weO*1fxSB?MKEwN
zf6~w$C`f}R0?G!+zyd%wU~B)E_5U=(SO~Q5fIAT7(`ZMzJ?6|tmdEo3{l;pq8wyd5
z)Y`wqg(mIx%_1r132p|x#5N_zmJJ8no4@<@L3CtCHv!rZf>a2u93nj1+?bSVIv_Em
zNzAyNuYIjOCXJFO2t#8Ye2#WBfURf&<AL;|b7(d*!SdnfSy0Y3o&G2JxQk6kx=2ux
zQQ`&_FTKTgELvMPKDxey6GPqGLOP-vaV8?ECD>~hqf=`Y%k9frR~^%iBaRwN2QPw<
z0&RRAIo}5C*NDxZSKo)K^w+Ig4Bmn@r<?M%<=bB#2k|HB_sCF5AE-h-MWeS^&ZX@Y
zSMvJuKlc68ibMN;eDsekGOh#M=n%f(a-dik$litY!RM?Xr8V1rrD^%uFZ^is3>S(X
zKWSZF*#DqnPN*it*ryJwB;hYdKRvfM)WGN|T4f~b6DqQf(~g*@1Z^qQO*WCC22Z^5
zt(FlTaXJ=8jQ25|C-toy!$v)W;`bnA+PPPycw><VzJo^p<ShsD?*W_@uTrWnW-{WF
z&aJn&>Y^00KciTa2ci!c_J7)afxN%8iQXAmY^pUI?}?hN+ulavkTopyissdH*e0Lx
z&MYI!#s;w<Gw1-1g|sw*?gFA06?y4o1wIgj+mi$hBS(@y2ik*%t|yG6-L1Kx_ByRo
zf1$&+wMTbKP?*qkn^3CT$5UvCG%HR@tx)b#rB{Bt;?qiN9>u;e(c<T3$$PdovFfSK
z;47w7loC1k>e$s(=hL;Nc+MN?WBc8($6$wu@LGD@IOGPyHIzwhayDMIQ<T2FK(ly>
zQR|oXvn5#w>R4G@uXk8EF^SNk=svQXEv#!woHM#JB~RyyWq1*3Cx_st`|E?<NWu2!
zd&^AnOn0?k_qX4fY`)p-zSB7Tkw@1<4K@7hL+z8M_ybv)2-{kSE2il%4=LyDHA%fx
z%rad#6X%AoXmYb1wHUc>L=SY%K$dK=W}udA!hjv%M1gCe6Wvx|!0Btt6I~6^KhW_{
zRv{9Ja-s{>1^W+Zyc@0w!VtdhM-#a2$If*#<Olo?5wI`&eJgkqs0%jlkLe4LQc4Kc
zq1?&IuRN7Z%nHhtDO9DDPhprei(g>>Ze*e9Mu33yA>9aYLHK`^mhfOPAIuY@8psnv
z=vwG{;s0{=0^~&Z1RS8W>jXT488@~6V~ETDKnItH0*AoBApl|1I}k5uU=NUbh!GN_
zS_Au_e{{KTPIgI{o#U?u5yV0v5g7321Ev>n2P6cIk2WM$6Wx~-KROb$_Q*<T>YHDJ
zeGZYr%_P66gLDwyL8Uw>hk9VBI1+onh5H%0g~^gJq9L9U@0u0BC|_&F_Pe#KAEKl$
z*ez^O3I1{?yCEHidRhkk^;;ucM6EE}<`t8Qm%q50wvx)o!aAATT(k<`f+b(kYEJvC
zUrmbrtYA7x1t)GHanb8UfI>5{LI(Rce$-gzoJlGfM0HLf(|S7OX^LCFzq9MQZN{lR
zQ-Ki5720+y4KsH>=t7mOGV|!FR85daRJ5HAEMdZ&N5R|Y2|-UDR-2&8;u*}ts6RgE
zEJ+FYED7XNCvkkjdXQbZi)#I6@QXW#w8-)N`+!?vdL{1rEn>T5pZfm3elFu|nVJbx
ze1ecsbwXQQYC{LeZWJ2xZepTtIu6=QHOW$pa=|wXWBb4z;eo`fQue(Ec^9$GDKM%@
z2{$HE!C%wsz>e{=@vmN_+TcnpS&Dnq0?$xLTG`pPo9&^H*8=iCUvpQ>Sj4A3gbCOX
zZD-|hzq^90jd6W<4Z!XsjhE-1UaQHs9xLtQLG;iLb}J|FQekkNJ(oA(Xxl8F+fMRy
zK-B%H1^}{_Ukiv=H9a}mshcd%1L4J7QbXff3)YOOmoaT9X2FY_Og!B2J0|#ZGju1|
z7e|g+R(I(W!Ew1mG$gdI?@@B_@?`<G&Ug<k$!ICgl^9l;wHq`QsxjgkQkj!UW>kEv
zIiF*rg!E`qkubk{3*(ilBqhXaHlR(iAw^e>g{D21J@8RZPdP1;OYNL<PUD%&8cBv;
z`iZmKQFWw(4pfOx0~R}y98`?xER{@C&7~8S@(^@Hhj<ubQsRSPqQBLPXl$&V_*FM@
zaN9oGjmK$56BbH}C1_uYE>93!%5`=`pvT)+hO#^22-ua(RpwK^uvktSpYRE@Ez!9;
z<<dH$C{a054YGO=Wa?nzahkPwiPDqAit7t)hv4_DcCtRDN<2u+$n*v(8lKF8#gzI(
zx4~u9w;I^*42NxexdlGePlc#yu!PNQcUg_83$eY*jpm)#f8zO)Mz=$~=r4UnyNGnI
zKR^GIIf|PpjoGy#l1F5y(R+H0qbL3m*CST!83jmv7N!?%5p)OUb*U`?CDRl&bK_O2
z2a?W;X+%`esGlx^^JmNAp5>3&^TKUM?q7v)>yjd04YBsQ(;~{URyPS3N}llf-~xB@
z+8Ls5*RT6#7q5r?Z>8R)_7_I@2Yb~$LHdUeI9Q}s^ODD7d`u^Vg8~zDWk<BfkZ6^h
zfWKq68J05janK=CYOrR6>J%%{L`5(SNXO>~bguL-+52={Q6f958AvJ>*;)MdjcW_8
zA)o!VHGC7p*!~DKfOb5a1k1+tY-s_81O7%r+#jOAeB>jAcsihktUOG*3SXcuPFg6V
z%}w_F`kH@*xbWa}EhRfL#Wx-Is#*cbl8%~*(yggLXCe>ZSgdEqquUaN&|8s8j~4b1
zk?PhWBVA?$-$%8<Rsp8K7}>|5_wBeJcduCH*VgSGcOEEIWyUKx!WL$peQz2!{MqQ8
z(G}jm{AG2j>9ZWeJ`R@7u}_q)b#y8J095Y)#)Z13Y9paRjQ5bOWRXIcGsMVfSS|Pe
zT*BgtuZgO79S`~VF6L@xtD8wt*{*;7L%#p!>i7y%2(<)B#EQO&xK8iURTvx^b1OZ5
zem-jW#5>}v%yg5e4Wb$pxt1cuEiH2C0jZ)92lP)I2cyP8p$*1vU48!NJAAHs?#0<S
zygyl*5YS@yNVS|wz>Uqi;&yAwb8jS`)t_|DA0rg#W^ZIF(l`pq21d6*TPbK+Awrgq
zF$bzn{P9pA!7~5N<fpXAa`Z-DH)yQb)-;0itC&dxm{HWUh2UHOr3S?%V+XiR&Thb7
z+G_LJXbjjaJ+b#wEJk2}ld-~Y>>=okR-QC_8yjjORB{8OcIjZK|IcF8|Aws)rxIbc
zS&PA@BS(>2Uh|uY6_Nl$p15;^2Z1+(Uw)1U#3}NuPgqk=Om%g_PDI~cDP8Gqnt?Lr
z<XldT29`he0jZv=0|iI1?;4^pg_J*bsR%B;0%FWOE1!SjQI)Fe;<G&UDmz!z?$BK$
zBxfvof8h~c!x9&-Ato6p&S2o6Ou_>eC?rRi+yl^%PszCCDD*oJr;8pEQ=k$`)^lIv
zsq1|9RqQvr1+Rt9EVOLT>h~W-{Q{)BT&+P9@n6cQacqCPZR>U;9K6L%d__@%P(QW!
z0iagKEv**g|1Z?axnx?<n<zT>oau2P;^Vqs3eS47^zUlXJS#<D75ycStxR!pnISWl
zZYrr2oADmTG$rnDi(GWRa&?Q8-MILMXKA}R@W$Qa7N&{L8bl95RY7JtW@N`ptH8?h
z74?jiv~-XDju`wMTDge{F+U2gBxyQ$`nHUO{wGN26#|)>P_y;2u19^47C(mX>we%n
z&}%`VhtPmSdexmLKLC~5`1mJP2OzHEv%ZdZNsYq<m!kEr#;lVFV+v#8l*P>CdFQeJ
zf7OaYs#+$IrVfcOLVq@Ol1)@46t**GTnr`O6fI9BHpg54lcuwR0n!5id6fxd@;_-=
z*X8+`-a=%Vv+MG9`f8%vMasiS88LBH(yzG_$YMBDk@=o*Rj5(be>8OfHI%fEwTf0B
zh2CPN?hdATGB);N<EftMMYRo4qy}E&t3jnY7T#knx5ExjIWJAD(R||&vds9}SI<A}
z!YeQ)6a7HekE$j)NGn#D@!&BnaT0J6zp)LLScfRu+8~*DPnC0Fg#(!g^`q}09lgVn
z5J}DZEby_5W>8I+e!JS#_OXmtk(Pd2FPNp1=Y3a-w|yizCAb!z{w=AkHzsA>SwhLl
z%hSR3)&Iv>D}Fe|U@HnqKrn6>=05Ic2HG#VDAeS)!s8c}dki-hQeGAq^?m7frIxqD
zrPY>`7_;t0QSEm#@=Lzj#7sG=Q&jGCQX|NT=*P<wtx5J$SgcC*gzrL+T|mKSc?w;i
zH)Y@D!M&-3f%uYuq;eH_zm#tSQK)P`vwSJ90sb5O0J-FgLVqa_6?**BkATu6c<ih9
zN9HNK!{jRXz$=t?6XYs%LFOvFe-+4kwFTH#D8+|aas$>O42CVVF9C3x<t*Y>fi-C~
z9YP<#`$QKT@^?Tu06q_>7`}ol0WJvfC)tGl!+)$4L4wZ!?f8#-&z68wu>aWmQvM9m
z`rdbmn4JqqV*kftCIQS+r~)(uBqlClAlr`N7$F0PXBkM~J|N#^;OGZVeHS0U=-W8~
zbOt!Me_0p)8>a%8D!2jQ4&o5k%A4X`LUpUO$<h-U>Uqx3E>$a_?&ZqglbzIJTU7ao
zcml>@AJM5EzJ<wsizpMI96JfHkIx5x+>Gt?bPBfc*Ne{adkkI!<xFm;TaQ<zFdg!*
zNT_s$MJwLQ`cYTr_BiKSW27B6Gj{S#ZT{flu4<mY=24ET%ey0?&0D7E_|*DV6fBxv
zT~fb<Uk4A$S=1an8I4@xJi1zJ4<maC*|}J?D!w5IDoeT4_pttqry#O4x3WUT8z-N>
zse-)Yc~Nb7h{2a3sV&LKIMOYYVcgZjPKk!XT(lbD9>l49=`dq~pxT$q=LImLbV+`@
z`}JJ@*qogRy9289Av)JP1S8iQB5?)^h$4p(ip+c*DCVFZ<A`>|cnMvOwWR5UB@#B(
zY%E<g0R*O2?1Ep;>~`px{!v<X)o?b|ssW4677_GO=YFdkOT>!mcQchOsgq2kfCCb<
zV{)7_KCkora-g0viPBzE0QK`$yP82w*QFq1tLNk0-I9wiKhPmiBB%laHqdw<1P{d_
z;SF>Cyu8TIeDx#v#JPY}ShV_G7Rz=*o`M9pINXKG?kx-xowtre&Jv-*b;v{Od@$2A
zLrznknlYi06gwO}^qJCS9|i=Q3P1JrsXf$;3^~l2j3MqvGFjjLP6fy-qr<?pDG&`r
z`N?cgFH=2bCm)M;A49#&9c~9=7zZV{H?Ehn=TE@+@9myn?<qZg9~}wo6LGHO9%AQC
zmM)XUkjCppOR2rOUQMpEt8(#ClN{46mUeD7+q&ltE9|wYU)@${>qEFV+svO=&ZcGK
zFWpw&vUr<2DvsM5j`8SDe<E|5d82QiOs6p*yyH#PXSr5qFqB2Ui$%Rj@}7jdc5R`U
zR*YTgnP(%Pe<fj$3A3{hvmFK|^W@dY0QW8!zxTXZdmYd%@|gPp?kU=2rh<4pOkna2
zQCBu^L1%bi%A&t2j!@d<huUZ|x<rr}j+w`xCLY07_Rm0CWHWIQKzjd<WX=s1VrP6A
zVxK`Ysduvu)92dX%qEneKX_yP*vZwOxw9Db0HAuDD}2aH1IH^IFH`ObIImCW1bZP7
zJ=xOFcE}5tcR&1Qr|5dH3B25`b_6AkG_rGSDkw@@=3Z8BcrseAp!0)&TXFDMSQH17
z4xq-R2Q{?FveFtsxpb%Fh)Hj+OS+@2jX!}jCIvUwBM^e3FcA`gIzkbGG6A48HLQ&(
zI}qSB07{#F`xlfp&8wpM7nG*%0I{If1}*G<0<4}uO8V@(1rk00qqAzwewDLo=;OQ)
zK#5*Dz$!rN04@y-H_rP6;L`X2b`|XS<3C*bs_qY$zCvCbZ~hmT)?P&u(AKn|J_m5=
z|9GnlWMkU(Uvuf^`v0Cw|9KYw;?h;t2Z6UXrrSTSDE?G)4sQ~Jnq!7^V%ce;^Y(?h
z0v(grh8)P;g|#wb^T&NytF{e%GwM6`-Z1<TJ@MZr9y3-tQY*ZgL*9XS4c%r>j0I80
zIH-r%viQ1J=zFM#@U?svTR}a2;ABjr&AeyK2p&Z)E7wC?N_4HkQP%I52iBr$hS?1J
zSF6<AWYLeUc;)G*Gkh3$D1@nE9u`q=4X!HK>UC+6Ewt)DEVSl8XB+p_R~kW57Ben7
z9a6O?XLBC0*E;i1;t#h^-mwH{EqwxejcT=ZzM05+aLAY_Ab6e+{280j?p`;MGxB#m
zBx2z2ddL;qa2N8)PYv?<x*|eP1#c9O#LL{{ubyAbvW-WOm+(0!f59<wi<`yr>5@!`
z-RbHR1{XSdh>51{7HvQ2%pfqN$CuvW-g^#MH2o;F`XR@(cgl~-v8vsKqR3M+CwCwq
zAdGB5p#;kEMHBc}ci%I7x803T3x$6O@vMRgXl|YafWs;j{)@vZfMG`f{ogrk2r>2d
z5MovV;W%Hw79X%?0Ktp417k=0WqcmoevW|dbzpM_AYpF&yZL}9%YN=p`J(mYKLc_w
z{!r5sjQ6}eiGOj}KW?#n0eA!8uz3>n|Ja*V82qm}tOW(if6Zb4JPMG1${~MoSnLQ9
zK8tlb9k0l_Ch+o)k)T!-P^Zq^sFsM`{1STlnVK2>?CvML2Ld_z?d+cSdm=8sx2X<u
zZpy5Th5)Hz{B|>%W|QYLQ&OynD2{k3&Dw<E(jP=t$c>Ty_G*$^lY8krnO0Z3wjD>U
z)|C+^P$ZH!wxb>9PN>Q*zl9$-1kJ#=MOtRcVEN1|Q;F`nC+!XAJ=c<QcyWx}T=Lvz
zs}5siM&E3>nttc%Z3w3%6R3ebx>yLpM$Ac5#S=Y;<X!vXX+0cVRB}hMSJ?!<r84TE
zX0FhJBH<-C@RG_B(v@M7)9`EY@Ym~%jU>=<XwN1Ra*0xAVIR&f)~l^^us(7Qw0}v|
zkm`>_eL$35Tp<@1-{1Cah7GAtNk2ZRshl5AG!GF`O-_q@L!C;t4PSLTV`rzHAFet(
zX6Mt)WzjF~!2gbMRxP~w$O?o3+zQnXqyx4?{Js5L!42=Mx(0Mn_wR_SALviqm3zhY
zcc<nB?Ct<Wrr@?I%(kc-+I~I&<g(HQSo5x4zY1(VV&`7HatUm@v?4-36NQF{P%{zT
zoVOB#J`;JB1-!)q>e2l^qyLnZTM<_Q1g-}W+GS-O=x@Fc2)Ssb0487n*IU$m=7V=x
z@dEzKNjiXMdO&}Q+<mBx(1;VLV78xtLiOb*fGD=U5Bw8EU2e-R1-iWfZVHL2ZwDw4
z)MOTdhXxA_LY!XJz@CQ~0v1C2pX>`07XTlf13~{-clihY1+bI?!6~@$-u3acqcm0N
zMw5<Bz)kE@LetSt-`zJr5l_$H=2$ONs#z?a?hiu6^t+jT0a0&ucdrXb@Zyshx<gbb
z-<UxabKUeL_$eEG!)e^It^(asb5$buE26YpYF8-58oxb&n*@B9MKF^zhz`mv7&WW-
z7(!vsbl9G&+fURX*p{7jsD&zalOm=|4ciL|GO>s)FtC16A-NsiK+qo?4dTxyxM^7)
z4QpbN9wddd?q8fX2rxJ_S583lpZxk61Tfe`Dwn1y)S5yX-n1+fcwET~unKFQ$$qb2
zWEIdna{+Aab>XTb;Zfn)p@eo;90Gx=BOjH(SBCzSM9+=>ksf>9N`UnE>cWjHwfswZ
zG|$ig*Q1cW^uZoidIm`>3aMYz1u`xB@1>`H@xPXyzpVdDdT3k@0y%wa0J$%RcLxKj
zulzlgxM-3*)CvYXD~wm0{@a68zpke4Osci!3FE7w9E`Jfn0+#5kcLw?X@yceg8Wh9
zE$#%W2<*#CWFNVc7R8zTtV8ebIidJnn40HG`l(jB^k?9484{HjrV2K&ddaMLW0o;j
zjO*%Z-GDT$YsU66ce938Uf3?ZXavfag6$rx0=M8~Z+L4cuZoCsx6P~rv;w#^+G~dj
z=<rM?dCr(x<~qh}ALVYwGW@|0%57Vv0%{*HhJ`RHf^V!mJYfS=-a*tof>PJ`6`s~*
z2V$dH3`J~mY40~wXZTi5L1l%=%y`uS!%KTmDyv4S)Ap*&GD8m)$$c=huH^@ET$H3v
zG%c2eH=rJt;KS2z6rGil*tP`**|<jd&zI4;U(MO8kZ+>C%&$z5-dya)UkPtyoIXIe
zM><W_6_}Jlmc-T8F)aqNv`e9n&Z2#Xy9AES>tVtwZ!3Ei8W}cho|ktJzBY~N-Hc_>
z6Km>FaxP6lx}?GHhE31SlLvJF1QsXzKt}RNUI9NBkOVF$0a4NkD7+6F5ccZ>FFd@@
zze@M;KDl{_|B8}M8bB;gltEb@P9Xt?fGtiMpl4@GZ~$LpdGHV6(*+7<%bkVT=-LVj
zb$P~yu>tV>V75Q+sSwV8LL`enH9I{EQ0&*nf4!%|IcR^o=YtLK1>_%l@IL>2={|(-
zzkW~uvi`64G*A8@usKUk#AbCN(kaErq>_ea1Hpw1RA?ggx=^4Rudk^kQ;)D)d@)bF
z9(J-wd=COayZ+n7m<#mqLl&VoWa-tWj$v3;bYtPwuYn!)x1JGAGH$k=keG!^T|+&l
zlF;Qgq2@Hz7*nR}Z2STOD7D)l+%Q#ecwMGh&m~0UBtR0Lw(LKjxF{LNtb`O}S|VVn
zxFToV4`Rqtq%*20hEB>nXlHw1ScFU-PdCasHReGCt^bfrXM3MH)q<q@VA6~>oFUcx
zvC*LWAd~imoU^2V`m@|4F0cB{9^tE$=kxuIm?{+?Z8<)~ay7qYD@eX*IVizU<ubdy
z;ZqDw?7*6E!@7Zl3ThsvCsAB(g3Nol0VT4rvuz8~^wo`0DV7o!Nr~kePMu;#lsa{w
zvGIuYlfIC3?Lov3oN11VasEg9zUg5~tn65s64-OMITKE?nyKr?=_1TuB6xN251FXo
z@)ZFe6~vy1d^k9lh~^NSo=o^Za&k-D+4fCBrb-=>^WxLyS$H|%O=l30RUy-8Eu`iF
zFjr-vxFS9w>cFba8V^sjFLb-n^J>E%HuXKQr<OaB(R7%}IkXIWUS*X{YOh>26jmjv
zEd5rkB#lqA44$VeoK`qf73(OhQyo`96O;YFDb1aq>pY+FPESN-=923l$+yF!%_N>v
zz5_4d+X-$smrKq$f}8*F;p68=UzaV#N7yA|I_h<Re2$?kE}EdBuJ*Ji#NB83?GjcM
zGsiCb5sLl$dKTAs;tq+NQya<OzE0$T7p-2Og!r@EUhGgwy=~7#Y%3*3V-SwKwampI
zXClm5w36kLdDme-3H3q0IZExlf`6-({(-a)ktwx_EjL8TZQpSEYH^wsCq{Elb;e=)
zE4+iGWg?%KK>}OHSFM$@4!+d($%saF;3@o%Uyuu@hTfIOT^+%PMOvH>EM#Yh5$n7-
zgOVks218*7MYs<-arxt+5IjPVpT~&8R|&|k12_7gD}nERp|y~fzxj?ewbRevFPmp)
z7s0kBp@<c8It;K8Gc|v1oIY~;at);s&H##&>FY6S8?N@sJgQvF4UAkB>~rDEt?ArN
zbvS<}>`{cgRaZM3`rv#=7edKI*!m9LpyopPYqW{=@l;ri!{F4LuUan<DL6HMpj@fj
zEE{aBphYGg)wqO|X5|&1ZXyb0mxl9F#U}NK507s@I+!fgJ71p;<sDWBGr}4-RTvYR
zxkyC2N4+vlsEjBtoz5&JvSXB<UN%wOq-2cZco+o&Lg6{+cd)TylH(b*wXpO`K7W=a
zghcKK6&7sB>C#N~1i+}@5aEs&6105cy^{)z&)W`+nOC-PM6jvbfS-*(#&nYXu$57K
zvWc(CLLN$ou&kS6Ez@PViy4WkIrSYvvnuS$rAr}z=|Xc?^<d{OwRK+$M!v1A2GMBR
zts8aqbHqUqB@OSf_C<YqJziDS%STn&y@6Na^!X_BSa53NX!<Fy`&wPIRUYDJt`)PD
z3wgE%m)py0i-c>mpWJgbO{;Q`8tFAGm*W&X6;O~Uz;1R6fG5G*mK8g>*xKS6IT$0H
z#+t5kTNwLY_4hNSW-7)S8t?O&MeantxI*~rZ6iIsIm$IG@^uH>Y{HnF7>{F^sGzlg
zcTkIc#dgi-C7bK$Qb%|BFjT&Xc5aH6_uQT@EQa3;GQph*d!Moc!p9|bnk?dwaxed6
z?uTcu#-w-1-u%QF0W5%-^V0X9HItt|^u6;wKYv%$_`3ZDOsMzx7`pEMefDxs-~H<j
zFoRwn*Y9>Hayxfl7j70ZDK_=<=oe;6)GhdxkDLTg7QzlEo5JU3TyIHJ@!;*|PYdZJ
zLLS3l(%{92h4PoXQBDFbzZMSs&#R$dzrrx})*mM+c25<jVW`rK8uo)6`h#A_<ukai
z6Xq-)#;7j*0_-Knyd+`r)>XGZLZ@Xkcs>u3(NCd0HKE7uq;WPmv`?Ek<1{E`BjR@R
z4aCmt;56V98)!(pSxAO7Znq>w8xrlKH+(!Dczi!zerfb5ac8aTmYthVv3MIrD=p${
z9PjWedaKSAY`T+|z7gRB*E$<ZnnkT#MIoQ1+P-5jbK}^MCvDwc4(I48Ya?_{QpGf|
zp1~{UFw<>UQ(zHgX7JAnMZP>q=lrz75c8YwCMs%KTb<_+s|p}iDWj#=R67)X4~{lS
z_0cUe#)D`5q||WmPg>$rW9Dv_U++mbed&JefZyG|oys3452}za7NHm`Z7hiT>hk#V
zI8*(;>it~*E`4vvY9{`%lLD9q=6KS9G9eZ9jeXIS9hyTI!P^g2zaOSSV9!pU|NV1#
zZSQ4(V78A;QX_6Qst|JK!<InrEzv92FMojF?JQ*JzUlQ^kif~?Fw;I?GoaoqXwYL-
zjO$y0a)`!?(EF^!mII@jDf!8*@;-hcNRq~zxJ+Y@8}O7eEf-yS4;AN95r&#?nXGw)
zhm9dV!`J48Lk-D@g~<DB{vNA$PhR)6sMGWwnZ^MR+O-T-p?ER4>h-0yodep#2AeR7
z@{3hlwbnZF)WT`?+)D;i*Cv@&)}$0!v^p_iyaMX1JrZoeY4BYo`nk&7&uWJiy?8k3
z`Z+woh7u5Mf`vTSl_QNT$xEP`2nfFSuoLS-zJhtl+W*Y3?+^Q*X4n(N0%q8sxn^*j
z%$~8sVbdZ)s0l!W8=q#VS20&*TbRS?b+@<c**G_0o;TPDfjmYUHGx_6TQHI>yDmq^
zp~<Oll*QGwhp4C|WJ>L#gfD7E&q>oRH(k#K0gs$?3eY>q)u(90cF})#m5yE<451ZN
zCeieBAK-Cn7u@ztI}ltMTX-eU3`&pX)KeJVyoPL-?=aqA*2J@IT<Vl%V&fdI^YmNi
zR2jhCCC0--_?bQOu_G(&M3}YP&L;kiKiWRIj@#cN??^{HK8|p$qp5%0(2U(&(J3+>
z$(EQeK96#rv)@9_{9cXV2A=OUcZGoAB>tr3;a26m8!sHbYK$Xid5KvWRhvfBlaK{N
zhB|91u2x7Q#&Rynoefu!T0=_C3wo9Cs1lw2Y{(Nz*2p~xd3UUYM)SwWB*6!DQ$bq7
zL#5KakE-7<Z?)Rjm71-D!uY_hb9NkBEEUg4leG8PX$8PQXOqZXSPib4VGechWR;&R
z3!d3()lI4uG0v^gafV%qCZ~B%x5{NNj!fn<NI_FVC-ig_3xL6f0dVG|#}RHCdJBY>
z){8%}iO?v_g{qIdfymI<e1?WqT-*gMtwkhA%XNINVrEx$B7{XoOe$NT`U11K)Cv!R
zB&MLwV8NpC%ykUfQ1nj95?nwns#Lftv&_%E%AEQ_P}ag_hG!5I`|s-GMV=+5=S<4n
zA>3j#r_0mQFfz7CLMC>q(YL@~(6Y(RP;xjf#eKrkDd!qYy&r_J-nA^4r^6}I#z^O`
zJGG)8_`f;J4>fplLMl*wJzK_dLItwC&ivTPZV@olX8AH~+0(zV0UdwCV*nAmDse;{
zgheow1TI#zS#W~MyOfbQ4w{F!8kW@MPYzmAT58qJD1b?&@ow`TCs-*pGyw*iPxQbi
zZyD$k&K}v#`)n4P2Fo4MgPKi1OamreI(-K7lM-TWeMY8@K8^3Fe*QHCp^c`NO$CGh
z8)Dm-6^K3Y5a<^OyDe!{VkuXIYWYBouIK=U{NdN;ba-s))7dXKY!Iq9HX~d(QUwQt
zVU(6NL6j=X5U~Bvc{NpOA{FiL`EA{1M--TpR)bH^p8Qj?kIDO8l~V!@vylBXDO{pX
z*ve9Z^-1YhG#A${|BI}50FEu_`hH`d*tTukwr$(ClM~yvZQHhO^CY=>p7(oi-LGy{
z&z`k<cdwbM>FKIo{qNtl-;5_ustWIO*TpVqm9F^d_LK`zB%VP>uuEV1!7k*J>ZT)-
z?};tbY#267bFgbiE)8M8S^{CU@n#S`%|CvOPkwy{ED~Jbitdb9(#48lF{QF<&|Z0<
z^paVpoURqgD;lUNFQ{&>kU<QB{=;QY?3!50`*Awf=~c@G!I(Q=PNv?u>b2P0*+&@^
zc4jM^=;2c=#8oFLo1{HVn6*rJ`7Z;ZX368ioLROFhKyLGT-7ZI6lj6LFqR~J9^^Q9
z7J||TL(2+zSUF#GQxz?|Qnb6*D!#A{3Em@$(KJaD;bX*@h#LTBYzGnScMAr8E`T5W
z0^~neARLGQ*dsq~<0OReRytV&Zgqv3CcNlehixxay^Za=1y3^(3SKo;Qa!8HtZCJg
zwlsvN-*fA4Ypq(P(WmMc(uuQrAk)@NWW`v5u4`rciP+v#Q%`YjT*lpBo27J&_O;}R
z$K5XW`6zAXp+Ox7Pcn51fU?f0Ub4gk4ac@69OXtKq1hQ@p8&FG$C3zC*46^oWe)hu
zz-ia+)XR|lf_g(~aT$&&RFW11I9jU4NNk<JWw{CW*3pViQDr@P|E8jKs6&X`V^bJv
zeoCp_?vCwY{!)t*P-U4&38ON{KXYIF1E-X^YWyJ%DL=U^T_(a<K~`?$80}`wP)7F&
z(>Z_s5a>?a(Sa4QkS_z!Y8|PdR%)~hWX%)?6S0cRp+jS4P?%VuWo8gS^5XRIDlt9b
z#D{U1mQ1N%Z)k@-$$_7iLMt3B@eORkyC?MNY^j4^wFhARqW72K1JGX#lIay?TYLJC
zu?yJinu&XWnFqWKz&Qut4~xwH`#Vtk!-8<apYaRH@xtJo1r4zXj@`>WnJ=!N-%ojk
zqVVCvZ6p+H=>$?}aN2{9u$LmSPN)ZZQC*s^wh0;+vH+cqJo<)zPeVDD-J+7S=64^J
zocWF~lpbiv(XwylpXV602?4vA58TX6-N%g-xz!<@-H48!Bxit$DZt$F@#F_Rce3K$
ziN<WyxGJ4vC0AY>O!}<Lvq;cw7-1%1j}WdDWgZ-n>=QMjU}P*1UZclnhUB-yb?+~b
zvQU~YN7po?|NHPktL3g$bJ~5?X+pUKxnhMyumSz4B=okhOj}ve@v-2k%7$(ZSw*6T
zsa%b0?-5o})^Iid#%zqoZYwM~ZPJGli<2T)$*+?M|5H7C#+l$M!OOGRA8A+WS3v}Z
zX=Im)Zn1Y5|KW4Ga)BwF1sXBvt;Ud2^WymarG`Lm#I19NW=T~pYJw8e@<;_mV%a{?
z;^?3M$&3)~5}f~RVUB#J`x+@CE4&!Ca*Giqyzx+I<2g$BS{#_dbuC1#SQP|QO&9+>
zD6cbVI<14s@s{jlGiTB=jIid6+Pq~NkIr>=>5zRLseH-Xi7U%~8R)yaI8lfk;Yjs^
zv@rr6(z3gH-$VWcxZxxEQ9S30BWNU6gF>+AN#eXWP3UyL;1I>Ky|iUri(c(=)TXR`
z+MDc{4>$J{EafKMF0UGVkHzM|ZYFo=)NhU=qKx01i^{&}Qsr_}XoY#Gsoe#|)VXQT
zW;S5XJ7QS^#M4ePNfvhLO@V%x_;?TjNnv}Jrx~^=W0!N*%LB>xrbB6;W!ahR#`<>u
z$-<>=6Js~d$UE^>^4zhQ_k1HSYSZ?|u~N78vq^I_>^@-4K6I$Hh`%XLT8*%v+@=ws
z1*(OiN~3$C#e53Avs$wCS5RowB(9F@*>Gt9)$DQIf}750(J~+PQIx`AFp<>4W2eg&
zbBz@Y+A+`R5|CqgG;2$^xq-=sSIJ!Hz+;$UTXJF@W^knu-(i)SDXt_%>CTyZAh=-G
zEM^@2w6hSZG!Y4GQ6|Pro!2ZIu9eIwZQ3<IvLZ8%tfsLRoWY{Xy+FaXQf+IKOL2&_
zeJD+nM9Q($&S2o!<J*L6Wpy3Fz&Q;9eb{c*me3)b!&%vJ<_qnDo-Ifdg1-O;Sq+q(
z?6h?kqB(=n@>bMW;-H<m^H{JyA)plaOQg!!ujvWEaSo-ji8thtm9e-#kA}h+FDq}O
ztJNI^xbnQc>d<ePt`Cym(D-w@CZG<E3d;T>%l<L~*on8e!w>G=iG|C!Ta&qW&1i4f
zRY2Ogv=66M!TBSv7iGz=eCeg>DRj0QcF%{kT@@)hypE!fk_x)brrmFew;|rFZWXim
z*2iy_<ubQAq`GrNsME{dGLR91`<=BXm`6t2Td*$vKJKm}PEWc0c<%Qz+sKI=(pV*c
z4pNAZ4%$!7$4@T_{C{i+Q4W87<o`I!U=X6$H}{{Qg{r2qP4Qbz>^3be=bAwzG6U7^
zB?8-52AgIKVH#sLl^aG3;Q7{?gVkGy8@je@+XgN79l3^Gz=v(D^=x%;o6~<sc!+Im
zQtbw>5}T9Ey-19fe_DHn;|oe>(mA(QcLOX4Rz&5+IV<X`7J{WxLTwsUlj~F;?0lk%
zdeG}Pa15e<aYgP{UCL{?dLIp#wUL58=_oHd!uX2A<1wkLIaEfs=k->FcFnr`N_%Pk
zH~6NL(Def!d&_oPBH&&}g4-vWTO0AQ^He?)m>?Cs6)ej>5d-MnL$YuxGolDisMORg
zWyWr;kCLud>z{wC;&kjCxs)530G6+)n=03<fvj^HT!GQmKyL*nH}dgLjKf9Chl65=
zRMU%0S~?<4#wMe~^eu1iLvp-D2w3A6PwwaS7G8@(PWE1Qux1#QI&1+7ohZ|!f}P#i
zN@lD_CryKO^GYS>Or@|oUAOGwo~<SA4tuoVOCx5^0+Fc@zLmMLR5`08u}gZaD@cRd
zI+s!g`CSa)9jYZk${>H1<2?MZhcNT-&m<~TKsdaU?S&Z7-C38Cab4`J@Z4Hnob;?R
zJ2ml|U=C^o4H5S1?DhIyNCH0wwd9G+C({h<{3**&&!BElvOeyL1Hph4;o3~&b|f}K
zQh1#K^Ke2EUGXHLAc)p$Z4d~blYk;|-TmImU?D{Iupw{+OtRw0@I+0r&iH3v1aiin
zH>B*%-~zI{L0tlYIZ5S_uEt?uPC!OMThw+4U7x|r_mET5aeacsO9R2*4qg*tds3C3
z%9x#P_T3dkx6z>zg8ExSFdHvLFcaK%(v@z8w^E&W)8uZ3Hxli5)1+?L!aE(O2kpMy
z?=OiTvv)rtCb4T92fE$el38%eAVk6!?Opb8H4f(4yj~nD&2rg1ak-$k+lGO)pAhWl
zYc|<+vvgWryxAPO#MwNmb5lLzT^}|GbT5YA5bie4HrYShBamF6M@22V#D(nks*GI#
zvJG18HrT8JTW<6n=S^MX&`$TNGe5V=0^$OIAu!wl1i^g$;{bzU@Qncof?)mQ`Z4*(
z^#9-+-&I0l1n)kFcb(2N4i8L);;4z-DGQ%<bRrltx@=#gx3%sMuiJRO-&niP+q#t=
zraF-eZ|$$me#MM+Vi{=UmN7j#o$Z85G{D&Ngzl`HlWKmD^}FdA@hmg$je%?}ueF8k
zi+JsNVFqxqUt#jEZAWJxy@E5hQV?(V^vgJnzB;#`=i|_!%P4649*-s}Sd@Vq`P=p*
zV}-$)xd(%9<AH9Ju?MrK><FH*=bo|mRE_C8aIQyj77Uzi--1pVD9bJcFg(f$5cyZ&
zo`IYfY<P6w*M0^-#tS+y%D?5mukVxNzh{8^eL?r$92m_(o;ozE`pdH8$>@RpM!`W*
z1<1C?CF%_QtwI|8z4o=P0&?#2lVShf?I(v2#rW^E5-JAqA4h<G0vbL#P+vKS|33~T
z2(BYN)c>~5w$DR?bsh+iWe1-14$ijMbo24t+=uzoKtN8ku@9r~T#v5Dm8H7?Zg2PW
z7I7BA<lnMPLsmgH1F)ddnpKv=9>jFnaXj=ggu%bjgNw9`WCmchO#|+Ez%Pe=7I6r8
z76A-;;|UH5dXv|OgWPrrN^Xw^Bfm!rlh>Dh>OgMa3Mjt^3$^tO{50gz_6H{~bFlF8
z1c1jO@AngaLxAu&_(uu;CloM`gX(|lV}Hj+aDMRr4vb$91~?do`>)WLKJb4>im!hT
z`y5g!<Q&p}zeW}ccTEmEu-_2IKI1584#IZ=iW27{ujD{&H0-9s8LOvw)`$I?5BXfy
zwhQ+*1HMotk2I-~UU!K!s*`9*vTJCDFLefLe&RM+%jM7sCtT)_XC$ZD3g@8QT<5`c
z-kxSJVScpg_?*mPccx2BG5z3B&<v4Nll!Oc^o3**4^!qNXIE)Sw3QxKGLVC+gyEIG
z=G3|HWpl~yJo<K*31~Zm1H4bd0&hT>?42Z)t26ZGkob(ld|U!cB9nG4`0+{E$k|jV
zS(&+<?dv+J$nqkn@sZ8~g6HNcqIsNxFiu;mZ>^h^Rkuz#$jOYvG|h5?t94LPWH1fH
zZ8TlBoPt23P~rVA<Zz47b+yeF-Yae(tE%3188_8pwj{!(2-cF#VP>HPt0^@b?w6;8
zliMx+1v?LqRyKN$adWa|uj~2LMKF&|oFbH!s?|>A!$K&8os?-iYLJ9LJDxXw--#21
z6JvEV*zfSvj(V%pMA{`RbEq_^bmIbLt7Awy_Xl0y1oWbGA5G|!m+h$UvE!<X@|xa9
zS4=zla+=Gi{-)VwRb$pI49Ak!OapF#7ELqHs|vi(DPx#(NRW2gbLggpRVvHKN@*Wz
zsgaeXTsB0C(W`42g!H4mVo~1iV3C!%Of^sQSr)uZ6_daD0#v>lzD%|LDZmo6Vi{MZ
za^i^Fi@7pL?dNB>a`KU_c1Jh2hxc4;5rWW_X|U*-IkUx?dRo{9<Op7&oT&|zl0!mV
zGBWrKd!APBE-No{s3H=Q>|umNQMVS6S%%6%CnX$p24`AAv<~0U8@_yFnvu0%L%!1U
zP+~Pi;7O`%2>VpnQtYyXs?F@D$<%hU=fR0Ws!=~6B<S1G$0r~mx`GLVUjQ8i%AVvj
zdeQIosz*2Qm#mb}(ND2&)j3ge3wI#wDqrb*-{t7yx<jTxayH=V_Jf4Vtf2R2?5;S4
zZ4a~rBgYs7GNQewD38v#2_|y*{_Qsn3Jd*m2QwC2Nkm8iD-mKbUB*yT)lh0xgYOj1
zx{%oIKCekxPD|E8I3-L^$)WZm3q;pBL=pf-=5ISRbhQ^#Qxn$Pky?Oi7d@9rS!Y<-
zlNXTulvh6JDg_k9DRzQczPxTY25#q|D^}pF=H`RBL$A|rF(KHvjx2`oD?*^cU@o~L
zH;G`ERF98Sj3gRvMoZel*=F#Sidq-Psfv$5$34Gxc`E<b+Y_tZ&F<zBD7CNzR!PQR
zq->128vQ+1<28^hXdnJd77Z;CQT^pwDZx4m9AT!ro8`8thrOIH0l7rnoD7W|g>&Ud
z&cCY5Qps;_mOrWviAFmQsEYzM^bIP(4levDbOgUuVr}Ki*a}{m;I@!_VO3i^6KtHj
z;L`g40~>(OM#)?>g#jcLl1UB|)X~C4olgo5_;}xu`m^rva=9V1e*ArK+vJhRq=|^X
zB>_6UJbVf^nX*{=cNU17F3NA)DR{b91TO79TV^u~I;hHZ4GC`0;n?MDPJ9n_yDW;I
zt0CX~vyDaCCk^b)JBizKodU`6z~GPZCx8Kj-|>GX@^y(#BTU;-Tqo(UG<VW_>3vLJ
z0NhU3mtLpo`4gS2ST*Z36jO-8<oByAdK~bTedd!2#&e&@HqS0tORLFpPbA)Eh|cwE
z08~>AWr1-^Brt75zQZJ{5uNJ6o>n+%5-j;w!~}wK5~A4iXj#XWT53SujR6rl7_b6?
z`hNxWr2ygk)msqmc}srw*WYo~J<zfKrk&fr;EZ+v(`Ah`T-&GMjMRKpai+=GO%{|=
zPp)l~NKmL{QU~7pF8Vg+ud}8O+somlGOsqk(2&wUy??%jb8QWlayhG{8Sc^%ioX3K
zpX5i&Fz3P4Fsvkv8DBr9qm3PCNh98)-$sxTvgenwM?W35qF$RN(8X>F<l1fXnoRHZ
z`12kcv$04cKHpF|^~v@rQq*Z|Ndzk)g=wmT;4}h<B=$5<Zkj7Z+V-0S&T68`o}@73
z$t52|@s}An2jT=bQGFs9%H+e1Yv447%+(CNsWzcRHr34ks?Zc<X6)2T6*h9V)JMc1
zE>FXtWI|_siS@&HO~r@nY|v}p9Ht8PnFdUM;BNs$qSM^1(Rf%7okl-k9jplYNOnwe
zUnwpDgLRHCbGbMTw&2^>LBg}&0fE5&$9gqrC=z#BoPwTm5bw^nk*X81$zplgD!Dgx
zIi7WY{P~>%5cma%EVLN^Bh+_6ay;bvCDFM6=*6mI#@8_#d#;RF>2{V|wJ{%szbC##
zgTl1Gq@C@T^GFJZpFz@wp*L6ThXAs4@7}A2J^vD&?jN2<aNmC;TuZ=UsPR~60)3cK
zmkwJgP96ON;n~f;<X!5$&WaZJ3)+S)_6&73V595!;`{y!v_Q|TOU63U@u3GMzt<z4
z48DCB0;5>1t?j5KYoi{~@knzxvh^#!leGvWaY$u2T6mlKJx2|?@7w{CxEOc`x=*f=
z4|7NE58RH`7XXv<d&qbl0GyFM&IbV2SiiB)Gz<WH3^0jX9Gr2#KK3w`)ucE-Tq@N1
z9_1G}Ol{qWp=H>#+u58K=mu1_hmVCDY7Kybt!$6y4+U$Dx^@Nc4~5G=E~MOVK_IT^
z;OHVXdE5NTsYt+AD2R5=0MlHYX61`irZQT!Orv3&?7WaoW0<%n^W3;&Xe|@2T1HT9
zjE-LovLFcrupkN64}!cqqIdr}v-8d{FV)TcE6n%#;f-9qZuyYu6RJY?BLyWXCBeDM
zY3`@d`FV9i1?22z7u$ucZ=>hEIo|a;*wnha>>GY~JPq?UVNO{DyPNCtfIdvWN8@Kf
zd%6vU$Hf@I`r>v-Lj%ixwsF@xyn{QT4Z->D&q8DWCm<9!Xa@-EcS+^N{_p=B3E!UY
zwXcQC{q#RR`NcyC)L6)>v*;(ch__pJA9difA4mrXsZ|4qq0Htjsvrp@F&akVEf9`Z
zB;~1zP|6+?3@DYqrhE`i%lLHkI|-9W+6O2m7^fwUkk#1>$t|~*3p-i&a1a=aFV;*T
zOC3ncWTyV6xw6E!JCxi6n2-I`o_S#ra0?V?A~MRjx{$4eaQDvtM^E;*bd-<J=cDy-
z{`Tj4(`?dAZ<TMC#a9-KZx)O1G$vQ%@%3PRb(Xhtb_5Ya*0wdpM(x4|-r5Hs(5BM^
zxPRqi0v9B6?3llYUo6&troA=fp>{`GkC|5Ys^H{bJ1rcc5xRegAX;8E2#x94!Snh1
zrp^_w$gGHb$f|&+Ztv&gyOxfjq!JiOQC=`|Qk*4VQrtopX@})5XQ{{kf~xcx`V9St
zn*h|KO&NAUQS@L98N(bRV{U#~Rm(UnpI1fE;RpPzmw||G4r)GJ<jBoPR5A>u;)9JX
ze#^u@gBmxQxar@joq3kB4O2*ZHzbv@)e@m)D^;bFdZxD56z#q~F1Z*zzCO!W$E>1u
z=^NBS+fsl2rB`Puw|xG;P^ir*RO0xK!b;=t#4HIt-_VjV9o=0850Q8y+MfYo>+78r
zY71h^^B5(&33kLH@h|R-qcl@4stWd3SR*6y=@goaXW#()3`fGDe5XIMf(xefoL*kV
zA)N_`=qAdDu}sds`*-in;a^+tqT<)xpK?(H3u%dYh^)4#Pd9WG-hyrExR20TULOT{
zdjCkfFuP6>SW-SG*ZWHHy5XKC*J28_n3u+<Vb?b<b?$@nIytUsZ28remCcIqwWH=(
zysf?f=i9L#0;`pa?=&}EIYT*hR%z^S%~LFFr6Vbn1_#edM1768n5kxlHAuXY^^3jc
z3}wkW%png{R@@r5JMDP9R1&(Dva5krpG`=JCzsEpJqvEwk9T_Q)a(lX^&D1Waj{RX
zWus~hP)>5H;XwNVZkVpGGkl0{LU#-<n6?goHl4$Eq$9iFQIKkoD;t8UcfNK?Ay2^y
zRV{?sB;F7h!!!8hx0t@gWTP7~%`Cwz!w3l%&5pq^Gqf_%f4SKl*sgIW9d<*jt*FLQ
z>!baR(XmD`gNbGSwsaTCbKKUEwB9q(mPl!=h*PsPB0XZ3Sn72a%bG4X&kbJ;a6_O`
zRAMRDwW;zUYHB=XWUbwRGHRh23`T#bD~eF9dKy*Ta2Z$JK5Xb@X!%l)@r(uSz`&+W
z=ptkb6DQAEj#zZoNrl;#b|4*#`G`+Ote3pVD1+@ZoGwK>onHBagR&UfasmSFm~*HB
zo@hxokXwfzUO^`FlOL*)n80Wx#UgVc{|c^REXjRoSYY;x{H|8>EC?Cz4;b;V_x}%p
z*n;jWdrFX^FX3*{Ie#b`zjP#M4{K`jW>xzI#Y4}OIe&qJ*m+s-)p|6~d>;a%ur)?j
zoWu+|Lz7LeAIkZC`WHCw_l<XEH~SNtld?=)IL`DMZ~G|3W3j90;5)8PI+8SYo_4=J
zuYIzPkV|@zZ)18pD-EHUgO+e7f>vrXo$Uo96W&Es#Lx7_I-r=YpmV|R=DN(oSo)91
zvszktmOmpF>(Z}SQ&m5r;y(hMb;swhyc?Bg(l@F~Y^Qmd>t%`37TV#GYr7rCbxR$@
z_FwHjd7C)%Xko;8hty6b#YnmXzS6w!;5$VJ>zYS^WGs>dlB2of$Cj(Jq<D<iv%#}O
zYde=cE%}PwPIU4zmn||aNpMsqFL;-q&hlsXd9ux)`4gpz#8c8XV&QyWc&?`c#K(q-
z1{*mYi(NnR(-{mS-W4q^n~ZhCB!zqt&Bs?A-fCKnoy%j+CNiNZhmw*if;k)iVW&8{
zG({V|ed8T^rgB&J#16;n<RQiK0X1PvoO$++x-;iDT6NWRz~Zx!snmt>Z>#6Rk4-!~
z=hf~LZ}Z&082qJI3YG&1@#6|iJa1*9RI#kQ`z3FA@1m&_wlsY;>`Jw2*7D7_tGIt+
zd@N9Z(|dGSvz+PI+Rf-bT2$S#=WK)53)_NUCAMPC9keZ3EjpUmhd5Jf4)YE~XOhKH
zh!)HHCGE6@KbBvUwh6JbU+QPsi??dF7oE`3Og;vkl!`_KF8bE<|9wWl{78KR7>$_P
zPYcC{r6hVOQ-v?hM^>gK8(CFRrPEQ@LGxEkl=I`zi|u`8?BBE&%V@f7S-Y5{lKR@^
zs&bdS=KM9Ob{DTF=}6lWxsbf!sj>Nu>>AKw#<)&mE>R8|^Vr6Gmqnge4S^}w|Ix6D
z$&EWpB1)hYH3s-iXlPI(^%tG9`Rp95zey1Lu_2wPRbP^2KW3s{fLL&<ZkmS78UMIB
zum(5=HrJcVpTDAH7*;EkSF2RzP<dDBU^)FE{PT>IP{1)C{ma5A9#E>?we(vNc2nSD
zQG*-W(uplgkJ_F)w|se~5MPd@RDrDI7)_YstbWM4!%!IDPRE*$Q_i|PFpI?;>_?tS
ze2$5YqD?m#o()fo-cP#AWbkao&r;&)t}IrN$}>%;Qb|)$oJ)FgSO`we_}QWO()hzS
z+B8x~BuU#+YiiWM{Jb8gA7(yYVXKs#v~YHq5hXi@O-EkIK5>sI!`|NtLFFvv6fmrj
zW0^}<G#Gn@qEU_G9l3-t12ItC05lDzHQiidHcshm)=FC2vCR{St$7AvYt|4k%NF@g
zO?}~PKVhaK3q{1$G@>isvs4b}I=Zx^Wz@NQ`T8)eVY6{bBlAp4o>qnO&G3QiR1p&P
zEJvBR*I2rntNZ=*@-$s();$(etau=3p+IUR!8*>xF8^sGz(FMqHU6&rX*#|7A*9|$
zpBi&vB_1YoYoXXmTq2?&F}e4Yb0xx|5Xg{zXjn4hHA2a<G0VG1v`1WxNYqoeNtMe1
z+JD!j+a*bYPuO3K<z=)Hr;du)%O~J0J#sc~7Q@GbQPOfG9dFzgi;+D^=Dsk*C|bMJ
zDzTy7rdvb`C7qO&UX^kU@4z_7Jsl2z(pIZowG;ARgpP$-ICf#`bH_4T|L?{$Vw9GH
z@zDhNFydcKv*)olD>2APC+#94Yq`;~9aFK~hYE6Y2CV%L3eD&{@hORv=k^+&Yz!do
zjUHN<l$1K5p9<bXu)>*E!6P0CN|Fl8o5Im0yqPmoxU=QW%gJ8dE-pW>>tnF)G9GQh
zV63OxB3;`3Q?PFF&o*HQwzFNdFKxnbtS6<-L6U)X0lEtrT7=O*A7q97Bn52(bR&QN
zO2ru>3=!yR%}O4YEjigSDq2pukIlH%wR3My^GA)S4Ig+-A&|8=*2+h^q4n1^-SRg{
zId!If2Luln5h2xQ3T)DTjMjV?kVS^iPv*|d>UMYY{+#?<K9+6pdPaFjgRWul{#`|)
zsL^pKbaalTxZG&IjuiDQNLPPV#6X$=wvlU-E%;x(q6046%2^KB4u|7>rVI=Pt(3aE
zh9kp`=s!0SsB@DOCCgLka*Jo*aag(U=5XITXGe0l?+$HiwK2XI{m#EuY<Lhs>#gNj
zFq;*2C27ISyG>LUW;jV%tshzqUBruLfzcQe#+4jDl#laK7ecBk(bO`q&v4y$@vD5+
zqzquN*SyE}d<lr*p07iX`9UZ|jF9Xv(#h034m*=^KG{eS$=wX9;QMu7ayaIk!felU
zF09>eoBjQMKA#u0e%$PDpE6^(dfm0{UH6o&ac9Ag4*iM+YeEpRUxDVwROf2(aq6mu
z+-8C~dP_gQiV$Cf;MRL@HO~dkA%-WEu(bp64Yo_}1!Gyq#E!hjYq~lZ3ylcrx`S9H
z3Kvn#gy2(2CJyV6=N#%BIP`6qaAQd&u`5)iJYA>5+Qk`bOq;lz%f9CuSr^fbfvGFp
zP^`h^lK#rKe)q)5;rEjr?us5CW3^h=NI};CSt&<!kO_0y=I87V-DV&jmR@W!6BNg(
z>qU-n3_aWqzXV5FM-!;%|A^Pd488*7hn^q7T%yKg{_$#ox1%>j6qrbju1lz0>~jjc
zeKAlWs>Yx_gDb_@s^9w9;HO0+B2*x9Ob??+4hv!+8`5zqN}?&(<=KQM-G9^W!Q(Gt
zsUZnMON3JG+4LaIzvT&8IKBH-B@|0gPS!V_(%OIg;CcNFV2|2d#SH3!78l_rFu0Mt
zYf~x|<D&f~-mFqbluF7zO}a)hGOO!k&jKX{hAE$}eC_;!-Ua|`<O0?oE2bMiP|jB0
zO2^g4@_Bb*`&5?#t*GU3;&K~&^zr*A56!Q`=lx=_63`;+mp174Z~rQ)QSJsWH#<8!
z$M+|dP0y#z^NWb@^QqgMjqR;gu5`C?mCqEBgX`0fJ3wd6Gb<jNCvh646jxzZV-$z%
zjQ8}oyAzA^<jk&7Z0$m+hHy1sZ&oIlKUK)$iZWOeBc9`+`&<)dchzq60P^0I8Ta2L
z23+hg64>UKhvABu<AO+rOx7KsXm7$ka5P2=_?N%z(rUs|gDq8sSQp75?x~JhzERr5
zr!(go;7(6w@T%45t_W>Kq<sJk5(L+%#Gt$=xO+4H73&GilLIPXg8)LYMPa-8^tj&i
zt-G5B88e#kqH4w}!c%1G=G?S=bF_T1aeq0mb{`#z%Eli&&)V~8_W2G2P%4bQfL<o%
z&US48nEU27k&UDznvPnHr>Qr)7jwRp&lPK-%O;4fHhVA6<0T02dZW#tAHF%eOCAJ?
zeAC;LTkHBStRH^f1S8JQ_!lc#v(@VeWHRUoT+W#7!qVJItd=8$Dui|5@yMARc(7T4
zKPMTGb%czZ8OWn705ehF%CkY5$>3r_dC0uk9NKW_Kw>lSO@0hB`fNjo$2HzZLVf@g
zNpPbvMp#V7h7cUY%$XfJoqfTj{3hONf;^B<ruNGYlz8F|Csd8GD4izBC>RhU($<EK
zBtsoWjC||x5d=tHZyIr=(-9TK!)fuNswh??om%%;qPhaeUn2#36ZBp7TUIGspL2zk
zEfqD!!%+%_;(pEe1ONed3z)i@iEcn^)1b&J>|}Q9G*&a?#}Cy@YUIx`ji>P1P6kv?
z)Z@_N?Vu4r{G4t#g-%SZ1p5jdeP%apn8<c`UG2W$Nib?de!E_fls(47EoBd}6Csn%
z>%;SHJ`zi+7A+12-U{7;&<pe`Qu%!#8#W5NSWEd!Aj|ltqLsx9tD^H0vaHUI$GQxg
zd3h?sk^^j5s+hwS8ykWw%$PnXFuy8fgEmllGjI(h1=T77sR^peo@ZpC>5M;U&g?xc
zR%dQNGz(|>A_Q3BsSAko7%!zaLwzdo{VEU@{9m>-lp0&)3sBQknOcfFae}rNP%m`W
zw{OB*W|yBoS?@lKOnRzveyd*~e&O4b?FDe3W04XOKDvI!A*aY?rVBt$ZxZZq6pI(g
zRE~t$Moo!y_dIB6*5h%J(Cm?{!bFo7BO%c3mn~qn`c(Cx@ipxsw}ZUtysV0rj-C%s
zN7l1_i6#SN@^ly)iO_71NO^B1q0%8$>=Xnu9`s92y%@1eO#{>ZF-9C@l8D>#c%o2#
zA#oQaA|vS{Ur$Gi;~WMZ>_l#gS>|ao9Pj>+Gyg_g8b|_<HN}f(v6O5A{t9&9LW~z~
zjO@p);<dMgr%_ipO62s*3g(EG5u)^($gM`JddAGy6AWMBRmHbEZ9;vz#u5=4z(H*a
zTe(YiZTT<?A+v7XR5}aX?KpgW42D(KrtKI|g(e7L_-jsP6kD@~9npDkq`7%fp_Bl(
zw06*Ul%?>PIkIAvnMlyq((A}<kAdnaYvHX{q>;)^o#qrVyu0#iuIdRzx*RuhnA`?U
z*&ulvaT<+m)mm*1`$9zPTypPbtuw*8?bc!bEh+Ze6KZZ%b9myl)xj7i$5t;Pf?!f6
zVAkIApF$mb>XvyNNs#!KU^MoFRC?9AMo8*1*S_-A;&%^2?#e^?0jHACk}@#Bv2RCK
zuE%H-L`2;DK2wH2Hed}*X>g_x!AAp#C9n&NKmV6>1o|0F!#mA?b?=#ZOH6E0s`)ej
zFGucyTDH9rpdt};Y%9#j5^^0bi4ZXz341mx63&2*DV31!^a~_!#W`)oIBtdiO6Rcg
zglo>Vurp#RvH9g+rd@my(?fe@V5G{<ji;^WUGC34-p>o3(^W~KFlc+1yVrf|<*lxu
zz4A;2FS-`!-3j&0T&wSZmBEXiT0C&_t~N|oyxT{-s;L&9JKrf|a<m}`Qd&?2dK9TV
znOCCa&YDYl3hn-1rf=i3vKf8-7{NKD27Re@`Ud?v;hioA@pF}W!AQprc-NTQ_a>e1
zInBWK2Pzn5vqyY&q_ug!Z?6~ANh96&&gs}2c`RA9=VoeK(h5$Uhh>iUy9X$Wv}E_s
z8zJx@*%<_7y0?+_u%4C`mcodgI?d0$VNe>|8*`<=<w(n(JrubRY(!~^dHOzc=!i8A
zZsY~hJpTP(v3(01Mn_6l{lj{~1JqPubzhSJ04jy09VtxAd~aKi+rvzIm8eRuG)sX|
zXTU`&u+t}6BB}RvcHP^gLdKd!?+{Psv-)<O70qL1dY1M+G|>#WSEB44uk$Jmh1N;J
zf{u=-RRT;m5F~M?MFq{u%nezZqFn#%+)7z3FrO8ctF7n^D}BWycT+nCBGMbsA}FRE
zFfDn}i&DekZ-T(4Op|HsYJk_VI_@r+T28j(oB`Wsc`h(MgGGD94hKS%`ZyaOy5&Hy
z-Gsr%@e&*svBn#!=#9XAR|;R>hzn{x+no#U6lvtoDs&au%IQ5<e?Q^#9<#7TsFJX(
z79bC;hDd8TytX4?O0;M;Ps8LmHQ7H@H0c#<=ZOBzKJ$9tG_RMl!i$Z0F_$L=93N#d
zyygFz*G+|gFU|@#u(to}hFqT&a(<Ngil`PB{-w13ZN<;^Q5MTv@!wV#t$qv^2WN#J
ze?H3+{<4eBCeOP(61LRz_02$EA|*`f4#6crPvFMD=1H~g9cWjbmOirl5rr8ZRCt*F
zM{6z1Q%&;SJ2Qr-{yGmuKZ5Rvt~*iX$DZg*`#H^g%omE`R{+VUbTP@i8&>k3<;7;w
zvCA-7N)lq-=%b$?r#Q{9{yKesjv<qI=_Yf}VW>EzoNE_4+k`6H_WUq~u3^32F~(Pg
zRkG3$nNz>>?l}m$+l1AqlguIcZ{>3{Ih7y)W0=IC&IpsR%Q&tl{vk4%wZTEgE+0`-
z3prZAho;o8B>a1G>vitb)el#zoPYMMbvCgv1JO)XCVN(>*VFHraW7w)9d%;3x=J66
zoY$E4P>6mBo1xZjl@UmJSFkZq*GSfw44Z`QJ?;(}N)!^PJxZ9ABG45+k@P5{TDMor
z2qp1wUk;<fUT3}r3~TCawNF{MM#JH8=c85@#Yk6J-J#nS?NQJ+CqpLm$4+5<c=3-)
z28*a=9k-P#I;D2iN#+B!Pk?^=Y+alRygTg6AFMsQ%0DG)nXinj>HB|@R<2s5Y14>$
zNljL%!P55=y|Mj_Z!~7+rN}<<8;{bwe~ivvClT5mz5lMi9)si_I{Oh-xoM`f<<>GN
zIl9B(9e#a9EqX`2PEC8@=N=fnA;H~9WtqdK?+I}y{oKtn0-L?VIDLg6d55(74q)T$
z8+-+=D`gWMm}uOWXxx!%+>(9*N&q2Bx<=)RRJ$U9$UV?UZ3k7kc=+~~^YT5Nl7#Ur
z@4i+h?zZh^EMA~gp1p8hKW#{mw4Uw=b~pWn)m?n6KD!E8sXmR4eGvpzgM49ZZ6F(;
zqV$1JB;aUsjE*}kkGgN}B62KG$1l}xduE3YKA$;&-z{>L%4Eysa|-s=Z~{bUPvVS5
z8A0?)!x%x-Xi?ck4mwHq=9+q>H92-V`@8$4oHP__btUbabTZpXuMxY^gMN(DND(y?
zmg+FPFF%qq4rLg+xNsSHe(9bt_>imKHEu8c4IRnGmx~V{yyN}*uhrSUM0FG^1pahR
zjo&>BtOrpY%7VfJ0uA7wY^i7|^Lq(gr6&c(jlhGz6I%)*1ns^QPVI<y7ZRq}z}yws
zMub;EM#`AeB~Cn`Vj>AGEWHv1G$p!%kk_3k*^9E2T4{RlIHYKoIDdS5=V&*@oKAHQ
zQB$na??dJr;a#bscaDlwm|r>f&G@vW+8lXyy7^P2)2*(XZI<E^VcR#OpEvdVF>`zy
zJt!2|)0R|8Io7Yo_K=cl?&Bf_Q4CWkOt9K>3Mv?xu1^J35Mq+hMs|;N28%>uyel`}
z-*6)mx8qnvZmzm!Q=mi;0Ya`s)wWX-eP+3BsW`#qU|P+mjUb6Cy$E1#oE}XmJtvZE
zxaCjtM&G7xJYHstC9102IIaji<KvBGe{6-=Dp+3z5C<JIiR|(gI<AT*Ej9qPg~LBE
z_xBcV{RTifS1TcC;GM6#AgOEFuw`)`@gLyPl3Fo{@Lpx>s^90yL9ebKQ_r#Pq9M*n
z7)mgZ9H4G}No%zH0@U~G%EzEA&vf`F1=pyp;zJ-|QzBGv9~P<=K1$Hkvln6tb}EHE
zR4e&x5H<MTsM@Wr9x!>ME&d4x1LPf-H=uuap|A}{7e_n1mN(>IM75#=Nv5`>>f^cg
zqa5zc!JnAURdWqi(V-`V^li?LO7IZ*p0dCQcxhloqof-wjSUR{NeJr_cPFZC`DxWI
ze5{o!^zw4r6=R{+qBxnw6$FLp=x9q$GQEjV>n#p8vB_|()xn#&8~?DM@np+%&yRoW
zczi#9!?FL7i|BKg!EBuZYG!qK3_r7gQw&feqg7IFB_5_EZwb=tw2~rwow0W-X<gOF
z3z%>@raOkMXPe(z)jF+d+Pj1?vy;t^<&KLzn8_P{Gto952?0Ak^H5)K8~A=(%C>t%
zY3l}vgcR~iuZc}#5^b${aEZ6WKIQ|{;fK0w(;`8y1%VpV8Uzy4)*;mPrbzZShZW|2
z_I$34*e8Gt@2oQo1TJiks1+so+w)hgXOL;vhwW-x^qScn)21Fa_7ql;#Sj*E76vV0
zHB+CucW1^X<7hGV5|hVneWM;-*~HZyPC-&6s63#y*h>ZR_YJQISRzg)c{pB(T5605
zmm_&K_lR$tf57reVU6e<t~5eFUsqN-3BgpbYxhcjDhevRjfbVGML?Zv6wXr2uXf^%
z(4B{=NvzjnW1NFkG;P&gpMj>VcBktdUBMZdu{p2N&e3Z=029vQh)ylWgp+y&Y7VkK
zq$HCUb4W@jH6Mv~KscNiDj&K(6VZN!OYt2n{B3*szs=Q9E6#(3Q7`wQVmya)uj~J|
zGWwr48?OI$xHpS!dqSVzrQSLSm)f-x)BZq6?OFY;6aT!9VEc9D|EJym71(DleXM$g
ze)y;VKg%8)RK=5Sn(^YR%A!!W?wmN`o*n3<Pu??Ah#42q0c$hEgqtDTlZlZUaJ$j~
z5IMoDUc8VL-$|!rwXf)_D&XqNNG2AtRoZcSTleQcWEU@4R%@b68^Q3ImOlRnlwBU+
zAiux2?X+0y%{7%YJLfuOLMLzSn~@}2)m*Y-HD0{st%|*^2M4pkbI@$!|LSdNM=`Dr
z0p72;G;Q4(Mo90LPV>)oCuFuQSBy~EmB>ZylbrzYV%?~U)E|<QjdBe|+SBnSsmn%Q
z;On#$6mVbbpSQp1_B|lr&#`|1XdiUA++=Utg#AlRZghnPP9gLd7wE$QkxaAlpm(7K
z0_Q4p#fI_G`zovRuyoswd&(#^ilTsCKnY%T{-vDvnJ!v(l&xiH10kl1$M-qVpueeA
z*KgF=Ak)R|<KlFE>sKJWPX({<Dbf!F+qRgh)EIl%pq9Kk52$3`K2ANl-EfI=a{I#B
z9(d*KmmUJ`odS2xY@4VxFneQHXquu(JYL3VP8OdZ{3*j%c4H&zF79H?B&ba6G*GhG
z6lswloqbN*cg;$Q;5rt~ik+UhI95Jl3255I;>Fz%qc0mP;ICzT^$ta`jr?O92wGF3
z*(lnD|Ks#AXqIbgrkC}b->`lu#pC1pGJyTL4{M~G;cfTxc6D|2{P@z_@qXUFc>eqE
zYVoyTduy+kH`{ks_a{x_=;|tJSFH0Hz)It%<QwdldhL<M)Rm7Xpj3dh4i%&C-ZqCs
zHmLIgpz<zKW0l}lNBwfrCg(@=xpaX3>RPdUe%q;p!v;Rx?-xWx$fk|8JsytOFM`Nc
ze0_%bVl5C3zO25qu10gMoYclMh;eTXYTHvzMIH%bW_*$tpLa0*1yMi@ja<1t8d$&J
z`mpMy>_m-jLE`Mj1X`;up~WGC&8!42N8-rcmk^b(`_NFVf?jn7bbpf1+?lThuUqZU
zDY<aPO6!jP<$fc5Al}!oG86uMRM1hVg%ZK`smQ7yuuULsd>DO}zqGBEJBl)&KYn54
z62!PKBe#!7av{3WPdIfEq@c^CQrPR-l<9v~l)?6SC}zYFESQ0px*%Qk4xvS>k*_y2
zyh@;X_HRX7fBmWEB^+6vpI5;(OBKapt)kkztZNO|)n#~$%V21~KTOO57~xl%!X38i
z)(Y${=@~}B(`>u76KLz!&E}nuK$jZI8QcrGZcXm%p`Cu?X<QfwUxxseE(jY<COSrE
z{zxn~)m!$Y*+ONdzNx`e-0!9jR+Cj)@iRuQV}f2oj=qsjJoxA&*1prqT=0pt+IQe?
z*djKV4P2J2kM}HFdvb(mFmw7vw%~LLj>WE+Wo75*OL*F6>j04`0;Ft>LkygSZ!DwY
z4^rN;&5O+<NLq|L9NDt(`Kbss%^S;k|Ec}c@uT?nmMc(r1w9J&QQ$@eNSi)9oQVtq
z1ag>}7SditKE{ogS8}s`Z*KGLHDz}p5)wzg14v9x{3_ohidltiJ7&hTnYt7DUwJ0x
z8`5VPo-t+6<z>ZwYnLI_izZ4F5G3KQiZg>CplWe^GGl56LdHR0htp`Fj)h2j-x5hP
zQPte3)lq8(t0`#K533|v+pgfmM5yzCYwK4-evja{OkHPhIvqtr)fwd<)>hN%ZAP<f
zDGzH!#cyGvKqM&X9;dP}@E=eQUofvs%7gRKn1tNi{&+tRhv(MIpPui{;YzktyK$}Z
zbgJg_;+TO=HzUS)iya2~R7+S_s=l)*#hvmpDqxNX4S3XXWBIuZ!SSKsz}7GqIKAMg
za_Zcan5z0g*njY8goTCP%}VTZ!;<|Qbf0)yEXn}5%(l&!wWZaA>~hp%TN*RY-W-O!
zZQ3jyS*WEx3Mo}r({d9g&VTdLQe(aM{E5|WYv_J<ljx8-Dd5cFrv5V1b2%+^^|ZD_
z$1;81;am7M9sxV;wie{}R~HJfHW)iOCW8)K^kP7*{UJJW$>%7e4(N*apW>eg&?PO1
z^PsUP7HyM`H5t%#dp&0K;NIQJwlk)BP-y@DqsU0moQyraiZ7)^1RbbaHni1lABk(H
z8Xo3IolC`*uXa-z0iA$mC8Y7E@!t%sNzWF&CaI4F%d*u{KdbU~9paBZ3imA-2+6L?
zz0k!Q$6vf~o^Uj9zJhtH-}FqZ{Zrj`!qem8Lv~rqZSj)chd1Ur*J&+z{7svIfOG-B
z7g!69Q`y1dYVpGz0)%PB$luLb)`0TEm8JthpXD)DPvC1vbv>OP#?K+~ygYcwZEFIj
z8QsXKBs&z)W4md{bq*vP+1RdpEkP<0Cu7CSlWmpZs&6x2UGeT2)qmm5e%FiKaC2!m
z?4eN-MJ#X1m!T+C#s%UN{=QN}A^qo@$94WfYpQm|^x#ZhMmn5D<#gY8*pl`MS}|lP
zXYu|rC^!A80W_wN7sxd$dK;jXQ!oz|jv>n$h-*`9&chJPzG0RUY4SEkXp~J1>$JXJ
z@05}c7#u7<+(F%-&uh)XpHnq8t<Fb@8ld}i@ay=89Atus%cz%i{#{Hk8+8@PYnG>5
zCOOsQ<2qKe!HvnBFP%lNGb;vd$E}epiD}2J;HD}0;$|=Ixu1Kc+w?M06^CS?7*%vn
zd<N}_6=x8cF*I&TrWw<*bqm3mIfjkB+*B%8ShO2|(X$w*VI03ObxA@p3Dh-&3sPn>
z;vq-cudb6H5gbt8pheO!r0&i`BNc65I4wX7R-_VmZW#))s@;$QaAzTu>$OtEKie}Y
zwz>>F_fs&%<05I*O&H=KVr4TSNNv_B&KNXgq6Ylvs6y|_ZRJCUYAvPj_L3MdSnBym
z<qP~|j4YAdZg<kAOt$fmw$gfY7)&tAk*T2C%WE+$l&2-!{C%38@(gyuBle8;vV8=b
zAOq*hL`yCR=fCAjq=B>aUl|?r&fd3RR6d2eD$}o=Qbk6l*};u-8}d+&aOCJn*LCK$
zQ#<##pR)RQ9pNuPNKBzhpv~x!8;k=kksW&R=*K3xQ;W_Hpr&n3x>8L3cBHU!l*wSn
z5la{Vr2(XR$vl5#F;@+Qi+B;*$(M2kOk4A16kWPDW-^0E-zsAISJerlj-hxw#AJR7
zLs=~Pk8HZ(3GQ*BXbHy<xSyaMKFHY%`yS>+JcLFqjJ$_DCSaG>dIbm`XL*C4Ujmcf
z2mZqk&*f&ERDa0M&e|xKh-^#TEsVZ^ac*oAVU<{NaeVFbrqajC@STl@+VP{6U`?CM
zWyv)h5J_~A(O~t!Q#r1Et4J(_cCuzhqe7{mV&4A?SN$UN5xJS%!#LR^o!bUBz<$%l
z%TU5Zygl$b@9g&iUC&ssL{KxhEIOYWgAsbt)KPPIK0dDNxy`nU_O&XoS?@p#<4e}G
zWnZjV2fcW+W=M1Vha)CsB%Pv1QSRC_Hyxn}$;e5;LmtVzL-2DB`^<P>3=leig?M4h
z@RH)G6!20st(bRBrm<J~d~M_C_dx(q7qU6qM}6R@Febk{jc6hQmHL*Nj`Ovhuj1qI
zL=ymJ!msp}9IpY5o{31}>qZi}!C(nd6^u+`fNPm6CO~>lY92#mb;3o}@pXam#1@3R
zoYx8ST;feBH4WpTe$3rjf-c~$ltpPFi<@8GtYoPJVWC6o)B>Ak;$s0dP5Z$HU)X7Q
zn&r+tW|LAe${S7To%AO5r1|q64-UYGjXv{RL^laI%%WtYt!n>l=kRTC&#{V~kmGyi
zIZe`L^4X1ny!}DrxNA`2U^IaISb>Ee;^En|ATR#pk9hCayOB)tfIOVxTjz-7O5(#`
z1~*Bn#M#fU{E#E{`C9$(&pGvy=`iNe>Lqfz;rt!zt!arK)%&5VgM(vq!FZ_Q)-WYf
z6pcVtesiAI<V=hLz0(4yns2udVmoP27?QmYtY!zm5tI1DIwXep!!BkKXVtJ@$pV!b
zEI2}Pkd>QUbl3<$rp|g4%ZlZ6IB)o8M~zZ^omKu(fJxKVOj5}v*fDfo^6(QUk7l@j
zV&=<JC|1Sww<IumRy8oaEdAE~mT#v~N-hB|)%5_^-`b_$`y*cNRSiy64UMb+)86n}
z-Q-l=WVFR7Is3Q#t|U}k4Tb$0#|!_exV~)uPZ-_b2oX)YIqtt5{~P6h`u=~fU^x*7
z8IrsihqPoW;h;Zm2(`xZw5jnthUkReE^t+ICV-pI1Pnf~>*6D;xB%Bg#x~-#M+sJG
zfkT*qUB0iyyA+2Ry^{ur*}LeW2p><f(Vbvoq#oq-gEKA)5-4)({zwW{<?vG!dfLES
z*8OSt4W=vkq7es%Dhz_nCBvRsD*sRb9@zVF6qmk5&O_(_$T|<QCLNMN&|qQ&wApS*
zK5qDBk%Qs8bP;_G0U{O$CFdN{)sr+1CK|HUo^cd)>@0akjj?A!H7aBvqnIIla=*Yk
zo%g@`ycijXRb9o2Kqk0XqePV8opJi-l9H&Yaw(n$TaNzI-{0;UT=;t^dsi^9vsbup
z7I+nb!#|7Ha$l%2pUekw$^+s?=Cz)I-lW{GfK394B~qu=*s9SVt<L{Rw%~WS15VdQ
zv`b%n7O5jbeQh*Bg}&K2?0>EJJYisBY{bK%z@y<7^mYHRp)=TQTGtm>O4Tr+eI>e|
z^TeQg6hpLwz~UB6PNY2V+-T0Ol|TaSjtY=7!{7rY@))F874WUqJP<=Pz<dSZvKSe7
zAsZQd$I?Sg1)!(___>?=b<Q_#Xl1*q5GiWDq_{XCXE;1GQH4;4Ifl0_g%gA0zkqiS
z>HhsbT|mdlO|yQzsK0HRtUV2G$+yj=ao2}BJ&SVd2pZqqHRx>z%tehupg!4AJ!ko^
zczvDTsM_$;fiviog0(RA3HG&KopV*hqW)|})7*WHoyzg!Dz&KswW;kLzc-%hS+>g-
zbN%U4S7C5@wYn{$c;dE0Wjy(LgR|^mF4%CYzFWA!yN%EMCEo3#41ekgO(pNH^H6%t
zR-dUlm+$kH?|^}zfxyoj%w5?f76#J2qMe?tsUkWhnYqCd5}L26{<gc;We0Tzm4eUv
z&F+`$>LgOF-poA;0a;s~-ACeV*p3xkbVXL$`TFHZRp~mYTd$R)<z4d{+Ss71Er41i
zLK20gxPj-wJS(Nfech)*Gl=_=hli!Ps$B(7w>!smWvko^jA_~{boJ0*p-H&Erou~K
zb3?**&GL^8sFCbAk5C6B43B7s!8CR+7&p(`2)3-4O%Q>iP*h?Xb2!=Hc()%)$e?M6
zo-1*CFf36ira`N4Oh|!#6i`zB0MI`v-^1)fGUbJYy(!Jqg<pJfaNn$Pk0R`&(^mS6
z$>#e2j)fOR<6;oc<g9Nf5youIwb*a)CHQG`$sA(sOM3^1%4ODO2dWV)g`UI1!7=VJ
zI>^RYMs2(Uh|6flhXtmbWdQFV?8)trzm-%_vJMb{xI{oK2U~nig<OLwAc32+lsS=>
z!pywj-ZYDyE9aLg)QJ@ZY1vDqO&~!E^n>^JzjeBP&3rbls^@C6YIj@M1-jHpH^JSV
zy^%kP&yJ~ANZ-au{42>9l2e});liR7Fotrop^U#I5H_5(%8g-QIX+yct*PyOxHenE
zzLzgRQFz$*aU{n`xg7mE6(ES*_AS@9TE3NtU|p_$M;4Y2Zb|z3cJWAtuTKka+V809
zbDAJ~dfj<a45?z0_L2H{kxEFU)~<NN!C+E=ART4uD!I?k#ar5)pug-WuOa!>uK%hX
zLs|zEK=39((&FMtT#e{2fw})5_U<XTvo87*er(&eosNx;Z5zL!V;ddYwr$(C*|BX*
z=0EkmRdYG_&*iCeE_c=0d+pC!-?^x<2cre6(xRl?Nq!8~ikC~`7m;YVL%T(Ng`j%o
zsG66PY66Br-~6WmV#x907+3F66Q6vq!QUr%P2()X&(TVvYzfl)O_cV6gI{}#N2_nq
z)mlzn!|LJQi<QWYZ_U`F#%-Y|F7gR>JHDWf_KJ1l#->9M!t_*lCOOcwO32u?7g-sq
zwE@&(xKvF&Mgi>NdyFQ=9Dc9aIBqU}boy6L<6P0{+LRXthER^CJszG>8sBl)xH|bo
z0GKBnDUi-ets>2P@nldVQM;#ZJg+gcX|+#=j*m6a0$OZ(ww}jgHZt%ej<-iIy7j(x
zCmc2P&RmiATkRnt24ES@`=!j%bP{Nqw=D<4hNq<-H^dVl)%QxAt57Z>!0ZSbDpsVI
zhvJ{|5T`I*Rhg`ynFKxR*{&1`=h7}o%3O)%dKz7Hqs9=r)NW&$*a_NJqRA3s2jf+$
z=3;!*{e53#iGX5f{p_s*K|d^-D3S9NrCKlbdbgXEE6bRtLRj|+10B;fQL6~@huO#o
zdgrX0xq3Kn>(=XX)?+^-&?BwXEs4GHI`kZ5elWy#%8_g}N$;DDSMr5DGwIA`=~4B8
zKozoGy{q^Zp!C0VrA9X=Tystq0l@to#f7mM!R*ZyTx}5f+LU`+_2R%NvTO0Fbsa=>
zvOwep95OYU6{9?(4aB$(qz73fu1A90<MqD&aJtOms7+!El`>4HApXC*tSYP~M_8G<
zoV8V(*{TH6DcMer$GEum0?x5rtd?t~=HuB#7^qnnC_82zSs?Tvnft>~CaObNBBl5~
z@jtF7A6z-Kq*fw<tgw@1l=a}5&?(ma*V$R`Oau;G#cRPXdJ*l`E_-37NB>6{Xbhd}
z(Yj8BhrnY)ytD5F$u>yR+HD~&;{OE(=Z@a1FkC~xl9r9ogNsfxlmy$bu@=O82qM%-
z$O8xB`dihCU95O=;ep8LTA{(J-PCE~lH^<RQI^@KFJpe8VWu>B0vOfEbe$6RSaj`0
z-|1*`@LaHPRv<}%9TYdTN)-yxV}^$otUQMr0MK{M*KaWq!-^`srFGA!;x<rR=5B(_
zHeV)YXZDZSFKJI-WowyQnweB#BgpUt$MJq{wW1lVhq~5m3t0+h{3=%ktf@7}o@dUc
z`-bY=;>GW0CnTrnZ!U~wDNuR3#<$H}z?U9|V4_w_41jh~q;cm`rgW9)ny}ML2hlwH
zTo@rjwA`TNSCb{CBonDTJE-~tx=e6-W!+Bd;@i_=_PjE;-DfceL=-U)>(wU!mhb<&
zg8o2<Sk*Pf8%$;P_rA|MCj2W_QM?LkD5wE}noV%d_K@~<S5)N+#<69*cf@6Rl8Z$O
zBu$R9{$QdCJHjcYbAe)_ZhXPe(hF;B8H!{ILBE&VF@$&IWA!g9V-eQ=T1zHQmqZ3)
zjhhfhrKW#Fokl@Rj|HxzX0!6>x>+XvKB)lw*0sRY7!R0r2mJ<a^j>N@XXQG|+F2a0
zEYqa0QCu(2@#3b!w!};+M(iRJVgx-kxyeGDNC?(|8}d7b$wpHe|9S}EB$*CJ+zx6f
z7H$(mX3lyoU?CV203?&(>aXKQWDLJvT+<1l&CK{p{c77pk>vrTKiO7mA!s=$tpMAo
zxl65#i8WYp`c>CKc29^}K1=N^I-xL|_jujY1bK(<YC`VjBwSxvdda5ix?WbNNDFtB
zxh4WqrmGF5)LIzCBCmDTZ@X=qx{UVIu!%H<>xzxQIlR`==f1w4nF2zRYz!MLI=b#W
z&7lTq4H6kt4iv$wwpIfzNv&wvK3@WExH1wbdk}p*P_AvZBp1jd3WDcUbs9p{4t`6T
z%IRg;1!j!UZ&J+xX|<gsUvB>OZltEIAld={_3uEqE=I=^2p7666fQe$ldz)g-xeor
zS#iT|CI1ke0BeSit@!0B)LGZ}bb6cFqQFqpB6QgL@Ik^zivk%7>=WYWdG!OfLXeS!
zZnxZwH`D88D-`D_!RUDl;r93QQpZFKVf>~+qEmqMfqmd@7TY-a{LkYFR?6re#J_i=
zOlgxpfw$Yy_F-POOi~^>(lY-b6j#FaOR0ap+V3GqG1%vb5b-jmhY-<Q*aB0+mdun8
zLhHh4*_kV*4YRdb1-0Gw7+gp3TCwj)2@OD#4RQ&>c~$s!tawnkyR%EF(d+rNe?2@r
ze})u-G$}MV+o4l_aWVRZuU>;|X5y-9<Bie17ljS|R6B4L*dz*#<0tL-OOg#7HQmjB
zRXKskW7T>v`ZGJ_cK|@@2Cr2K1+8IdX4mL<Y$jFE`Z>AKqAtI8q8th9U}E62DQSV&
zqN^jhKlpIQNvO+x7<|2)&6%H}_H9)JDrfwD@p2fT?{(~cw)7@s+1GI6nJ(?f$aS{T
zD0uJlAjD>_;cFgQhB6{GdH*_uT;We3ADdGBDeh)^aYIZz-F5aUWWv!dUA%kU7$g(U
z^M(ql1I1cuUfT{ub)4hqrg2s!ZT(2q2R|h?HlXfLl>uXWCR7_c%vhlmwTY3#Aa1f;
zBtP--o=TukPv2GAbf_G+cu=Zg4rYnhUS$f``}&fe|DFEvr*DAkN#@7FH`Jl>(laHc
z@7Kin_g4=krNCEW!$`-o|3m>_n*`WB50oa$0D*%=Kdf4GI~B|t41CS{uZ~wO8gKW*
zZ_SCjJDLdFn@%YT-SqKU9)v$Jq_4WijS{3!={8KTqbX*fqQJ4A!>X8+v_!izk`$k8
z!}7K{=4d~HG;My~`H4UoNK%EzXY=tZej>q9_k0%@Q#}O%;TCEjt3N4ut>UHOmZCrz
z3;TKk@}5e<lJSDh92018M^OO_z1+(Or?`=%<YmNNv4v}7lfTOlcMUMJC7{`5hFbtL
znV1aU>$(Z)0R4U(=TwvM{;)tUFpFsTX}+}l=SlLzd8PQ4qKAa*aJcpn^WAi&=DGjc
zTLB5ss8KC>kVlqF6|P;NAi6N(WJAJ3^GdJIVvTEdG&I0L&!hL9buo<yW5eLs4PPUE
zBWdd`2DmVWw`BWB+i1hhE(u3As3=>mL}ncQ&iuMrD_L8^EGgL$$oM=RnfZSulKan^
zTb>HGh5*}uD@VQUj*dLz=r0b>pep`D8VCHh$4$|{q+E%^(Tg6l|74OdMfdfS(yygU
zdSkiWE!IY(;4de6A7LSqhr&~$*Wsm?E&6}FB-ut!>n)ICp(sa?`Dqat;_#fqP43J=
z&<vl81s-Y(^T1s$;cVEOA%B*T-B|00`-<iXmYKR{Ss?!IWyf!~E|(8o1+O$%lT^Xh
z3ea$tpJ~8tQCy(jQY(7JEP{j%b@jkU|Hn!4hi+1-GPXE#$(AYA`>DKQl^raAukDFk
zvv-A=$evj(8dWdoCDG7~TK_rE&mG6uTA}kW`{49!B%JWJZq9So0@KrJ<?C{gLJbZ%
ztZxX6zV7A)?)4;z7oOUl+F3Jt=lt^bB6G)ls6jp1YLaMmxUb%TR=4?L=jr3m**77c
z>$GP7mYVARy7GKng4e!-TK+pItn4-x#KG+lD3+u-1!lBt$>Qo~*!QG$s^ilwIY63A
ztN@cUjaMD&<WFi2wcdkeUW;o~PWM^C^#B<wERoMs7lqBTN3Kn5x9_qQfq{pwBXAva
ztfEDt5mNa&UTHjJt7$3*5dh4Rk*ZTxBo9K2n{(iUDF8cP7$NOXh^whuXOw{6V|ajG
zLEE;afu{4jntkaAOqZ4Kie38Z)1>xf*6MO7a(axXkE!u7+IERcTs-?3gm`4l5vp1U
zB#3bgw!oiCmW=`&VZ39Ug23=JeMbBNi0bv_=nY@tjySxa`0fDZ<=|2?!Pn3_^_(Gk
z_)<DRb4SN4t5mNK+%mPiNTD((apD=mnTlPAeY9=Ps_dajvGLCFNxw~<h>^XDM(qiP
z)nNHgdYanYY;XP<2QfRTHO+W9d+ftfxgFooET%wMgWUs9+nZ%0m5K5?ii^&>=;~IO
ze+5ZkMJxkI^*Ki2kc!a!Wm6*O&jztQ;1hO(hadTQ?M>GmxJTaXXyVLL!5!!esUyWv
zjPNN=3^pO*GgGy4mD&tot!W8;Ol+!^Wh5pSWE|;oN8Wvm5~RfvtAkl+1UENY-wu8|
z<n#6i^xE`ScySZF_9~_1E<+JT38lRJ^b;JfCWY6$G|m@s?lkd&x~`4kB;_I3-rVA#
zAuC>)WpD;C?g)sfy|ak4t)0^gtqFpamPw}OqP#qRRwin31git(P*})mW&$D>!L>kh
z5`Cilc!qjIqw^5#&%NpmGl@1Ghk*vy|IHo^v%u(<Wzf;88pM|7uo((d4G%MT)2nLj
zj(?G`Oz<b1F5hgnH=~N~MZTRJ%vlvCgnf{gpl$ouv7Qx~H~4>~pK6i?t{=5IFN`hP
zu;%%2x2eNFR>lcO9e6G)QZ67Y880eRB9@oQQFt1Uk$sc77rvbx#937)jFdLW72hkf
zRBdx}8B9HTK632*mb^Q!Nq}Zw9aEXvPvoJkA>iS1lXYQnrgjKViKiB<I%TRFBdQu}
zTE91`;`=r$%(cWA$~`$92v3g}F{rq+YDw^1w3|UiEL;z39536GE51C|DUPT6CsoV@
zsmjcet~cBC^>bP0qFdapQ2swYkf%v5m$JH*r#S6=5;rtaPqm%x-%W4Fdc1;`QH_Cd
z@dpg()EaMFFtu(*f9IWR2L4tahmIPxeLc@}&7=$MEXQ&Z#Bq41_j6vL5asb-oV0sf
zbHcZEt(8a$j{&R8KupZW*0us!Xf@jM*8p{1bO%W$a<KuR0(vr|<I*P~obBou3iORo
zI9=&&jaR^Lckm-cZCK<!60ysvpgiU`%#~-B@f`DVWc-b#SMu4ho@}-_MVwD6*$<Lu
zz_PLPKy_23-Z0M<q?h5~tAX7-^mgb~JGm*Wc@hj%n8Pv|wg)(hBnQYLeyxMikX@RA
z6d$;Ni1xE|Lrz9q1AOEeFQScY#9be(45mdVd@GSkO`S4JQN8M%Lep@*!v*OI47C23
zLyH$VT71jUJ}RG0FvI_k|N1&RTYYwk_Qp#D!wCbPyTCv=nhRpL!dmX_`3*PiyLvr@
ze~0Fl`Y7lc`{LxY4N#MmRQVC4ROV}oLJ7yoejzTGHb}T|8M0$e{X0tDatQ7E5^2-W
zsw6zh=6fq`clp2Y-;V?2`9I+AN!;~+-WdKL?WZ57dU{d-voR;ZKKuXSzaJL(cBwCu
z{_BSa4)B*BkWSAznmTQD{;i^As=e=j3;Ib>x(z%y(sg;519m#a(8-K={BY_n?)#hP
z_G`Rrf@`V%BJ#uEnXn4TIFdMYuW0ful=bwuen&?6%Q*FxGW~|Ns9WaV+ai6Y%~iSh
z9lya#OKFs21CrvEYzZ&Hdj~Hkd#<s~X9X>XlwwHc@zv}_#(FPEn{g&GZYa4b;$xuQ
z(2Bm|1p7RzhEwN8wu5;?Rj8;#``YeW3J;VuT)KZg*^d(!Wu8+>uWnwPqxzIyMc6tb
zfVs5h@L>jR&Nt(o;BE72#+VlU1pE8R-9b%xf3m#n-u*=Vx<(IzHxXt;xUDq_eG+IW
zbkfudDkPos=yLJX_8~gh47_VNb5!n^l<ghy9yMAd3YY_Cn2ZwGB@u<}Xo9u2>Hu}W
zf8!~Ptx0LWvsecXfT=(qRN1}FY-q~!yoXy=XlfUI<=lmt@!+Uz&E(}9BT0vMOQA^9
zxDaBZ!7Mnhf5@tvdS)JT6cMB#phH+qXqRi16X4fV#gVFKvpunD62d88bT@erz;$P>
z<T7Oxi_Jeaaw~C^eTdiPRFB9a9X<9e5aQE=7e_ntoa(JFcf%$3%-QczVjA}Tio;4C
zI&#Cjz0>n+s>N+)GZXTTnm<I~cDH*l>?jtRe^BHVk&vF%K6!>|MgLcydg?jl<SjD6
zvOp@|5*LYHGP+$lxLy3CZ9QQu8Bv}|3zXKP6{pY*8DhgK->6o~@pH!6y@;=#!>aP9
zcMta~yw%8m^zT3V_aFWHkN*8f|Nf(Y|Ixqy=-+?z??3wYAN~7}{{2V){-b~Y(ZB!b
z-+%P)Kl=9{{rivp{YU@)qksRe^sgMm6i7+w(ziONt=@B9UBK)h-zaK$K0FE>UprkC
zM(MXEqs1TAMm4D`%1AwXMU?h@ol*w2ue<SMU@-}#P1^x+zb*!EPj`ewViGBuA!{gW
z8*oN(kSb$WHF9<Re0c_DbqCWd*WH7&$I-xln=S$II-U=y7Lf7JGouNgsU>NrD-I1k
z7p!+ZRzP5AYd%Rj-mIAmPIg|Ytq<nddSe)uUqWgA9WJ{wu8nJi4{-E0$`r-}L!ROj
ze{!#h+>|cdYg6W5Yp9Vgs@LN|3PL1Q&T@@1UU?^T0qkZ|+QMBm(a&h`s@A<qQa2ay
zBzSKYGWsQ*jGMfqB~5e#+;N_aaIwYVRMf=Oh~mK_IWxm&_kjxYTr*?$ug4<UHV>+N
zIlf=lE=M8OZ~E5dYxPytX+8`3mB8tIjYHelfAl>k2N+Dosx`r%7rzL`=x6b|P(5%j
z(ZPh)-Q8*NC6A?&p}dra(vxh!ZD*LDINanH7dQWg+1TC>Yhcp3X_iK<x7<=96{^@w
z;Seiht^ZpEzNp=sp&bQ|nH-=z5C{e7WoMa-7gCgZue0>(NIt~Pkf&tsq*UK3z{gZh
zCBrlvwx3YOyGwPmLG9<p-@x(rh^$X8N>3mJOa1DYuQr&$&Rb<_HAD_sJOrvUsEQB6
zJU~1MrDS`VM3k>R59F-X9m(?hr^h%YD?^OVsZf3HPWZa-^KD3lhS}p4d%c>)rVU{2
zei%q-kHalqsZ?d1EF;Mv%#NJn$QsXI&sk-5XsJ}x37^D1oeJ<qr^YQ0u68NaCT^zn
z;d;rkjfr;k{qAb5V_1D2xcf-ddiX77UXpKSe{`c{Y154q%WS*49MHzmNFg<G+t`8u
zaW?K(0N0*ZeZj5?fPOF4B()H0OiUVb9}N-vh=X5%H*blYHS2R0$*7vy0k7_=I(GE6
z(`*3m!X&{ka=&JBujRW1a@ZP;XY{YrdTL8~GRI0=rdgg;qi0-OFhCB?T7vFEeBGVt
z{<5=xM?vScOUBh?u51g=d~g(r@>1iVrFjuZJ<Lt7GBN&gFNe|GVE3>1pi4Ds|H+|%
zk~O{dxrySetgf`$D=$}LFwB`c$Ytpb(X<Y;{!?R$$LV#|%Pd0VOZ&33(VGBSH^$B`
z^FE)Vjmzh11{%0&tv0K^CqTKF)TQPy&`!83BV71yaS9iaJYPQ%Y|zL{0YIT=nt&0u
z9$3MVYwGf~s5lI<(wi;EnQHkL|7RI~XEsD#J0`0SN)js!Ehq(`EIpOG-$vCniBw?&
zYf1O3cy*f-M}~g^55<>(%X;zJK-Ngx=wNhcP<ZWR&ne=G!9(b3m4rdfa2S)d$e!Pu
z3VXCNpNy7tK+wx?1{jrj&GNTTyKzL$a8Pd_^D=x&Y(Q<kR8$n@MZI@6+7Y;L(mw6n
zn1lFc_MQ6#mXg*%)1LS;>!k=>;%h-tdcSlgnrg*E?fYe5lL9fQa8>jci~q7z?Jg03
zHTN<Cm~;)e{NkE^GvfV|r%?PbP0*;ml49`|ZUWL?9#{dQ$u0uGZr!{y)4Hgvk{H9K
z@tzLaI*+c=(@w|#q;#`cE&Y$*C1bHNwF5KuppAZdt`_Keu0q}4YLLppLLZ(m(%4U~
zXC0<}Z^&~aFk)O46f18l#<2GDM90Oe!IFI)hv7CF;#`-_wJeIs^>iXM;Y0Lun+H80
za13q>UTHP6hC!k{?QMIZ;AQ}?#bvzhXTXO6Skv6OIsL?IFF}|G`o(Q`e33jPL3Nz$
zUUioyCQzp&pVZ1mFrE(uEK2O*q2%kY{OyRsYm&pZlVGBBP`-^>53|APy)RLZ26-5P
z?mQ7<<Ix5J20e*D)%yUIh5%*j@~G;EfRC9|#2oMREbl)*jm`~gIX)j3520KiBZSl4
zzuphNZr9e<PEVhG-S3w|D^>*V8sv8(TpR<x-<;m~JU@*o;u;zleFWz7Ji%k0Ot<ZB
zwoiaqjxGQv617)KgO8)+CKEQ!_V1DO;Kg6rnR!i=l3MR0lfIP;-%AUgmOxkKyjM;7
z4mDk_AQRKJ4c$RqTO8x`BG98ZvNtInXFAAjds^CaJO&HKdMeeP(3=-&K)=|)S$$LF
z*<~(L`co_{$&i0KqMHpt;E`D=QT;gtu03q%GcSz$G%P!qT&h0O5!4SxLM#g^;QhNh
zSsp*`&EJbd_z|G3?pt#&x?x>piSJ;LtPKYB#wjqihS9m0^?Cc4it&*P4J(@Sqckre
zMCwQ7pE?1Hl#iD8mflYbKuZhoH8fXv23NkEI*mBFRyG9?xvYKAzE5NLlMT+Uk~18A
zz7;puXFrqkJ{@ruMocQ!R0onjjD;td($RQjt=u{V_TaVufR_yuUoWSJ*W*k}w~A&8
zxEi)iG;@cJ>iE@kHj9t^==VT92vTF8&3uW=>OGHC=6;Dh*Ky(c+lQB2HeuL;yT=np
zu|y6S;@yFekKn4OHi;~Kf!XTb0TGK>SH8>~u2+Xy&KZ6s$18u(CYVdf14`?|;W@d5
z6LeY}4yV9Jb}KI!kv9C{?QcaV&4*5|2skr?b=Kv7z^*_jyl(g!<$+%zjPSGIMTwoo
zL+ej49$Lv+WyCiQ5XGc)fh;g~!RcHFl$ix<IhWt*JzqOHOq+vKz`3dYa^DY$r~8%`
z7H(E0Z<aaJNIZSee9$}mVV2+p9y%dyR+4_|pHir&Q*#v*P06ZdP@(|P&OSxbpPp03
z-BkDvV3@YGhXEOzIR?)o*ZDjTrg=e|=rD}%qPOxmn=Iq}*4~bEHPNP~jzHRamg{F4
zzhT-)a6@MUC=PDwwq#sHKDLR1%11TGq9cjRyCEEhNubr2X(YXSoF%n#K1F+kjGO^9
zG~<9{!~otAZ-(pM(#NGk+87(AYae&`1#$kIjrClQA?f<vxLw*IHZJrF1mq8bp}A1q
zcDtA8b;KwkobRdSB$KGBNz*sKlDn;UR9vd%&8hT`H2_D0dlGTRK<Y)YYs5P)HH^0e
z4=dp6@6~`6FK={s6~4ZU?2#UP)1QGvT1sxf;cv<!$ui6*r_LaF4A}Au*dx#y&5f)(
z><S?UPQ=J_I%DNa85WnBRUIE#GY*<}4GH0ns-i=wbuDU_FT<?9Ml-paWxV8V&B#4J
zc*fW$7iBRFmAd-#x6^3`E>LY`FMC<Lkz_SVZJr28A&nnJxjb9GLyfES(Z79gyzE||
z_gKn8F9p|1=l<`^T8lE5i%EVv>{;oIQ^z0b9W2||0T`N4Tsr9rSo#w;>knQ1@km$8
zSo`bq&B7{*MjPIaJ;uNbM1@Y2dL0h-Ld&?M|L1zHu5H@ZxC*FqPVSvoP@7yO;Tkz*
zIMzY~t%Oz$+L9&d5#NO5ur;MX=1SkP8|@yP2_SmnQ%Pk@4M=QOeFIf#5{IjOO?wDO
zh7cH-(i3yGimR023->%j@zQ0!wagECi331L0qA(VJfyvg%mk4nY##lY8@7kz#5S;j
z;NW=*HS^gdW%7?j2P%wr{K<C{cAvo;QFnqL9$8?tOJ1aYd$a4jv>3$0%ez}<`{A<B
zP5H0M<;te?$|7z9^<mBKAh$=15+7q|4&S`kk1Ca^vum{w5VxkfwkbPbxj`|jd^uq%
z`Wzq2^ZcVjvs#hXnG-rjk$86sjYA{Fg(2Uy!P>w-dGgu!hR67`V)89V0PJ`>yIKO%
zz>z>YuSFsiKtMGvkB6x}tdu+=+1e^<$T<!>m-Ng6(2rT1jNbv?G3v+HImT2IgirV|
zk3Sg^b`mv>UELWQH9M}Y(LQC}l$(Cx=)s$d>Kds62}A2CUhwYP*an=4VeB>0>B_wT
zr`7Na#6$S{+$4HuK7K+^$NG0Ig#+}-mmALW!*DvT)%jgb+~2@$b?p{JDq;c#2r_Qd
zB&?)t@a9)Wb;9jh>*Zk#1>C_x%!<Q-N!H~n$AyOI6n~nICUMc8<yElW4xhp<ZG%cd
zv7Nj8GXP=7*|c{DxSS*M7p!(W-hUCd6oBkXR@d8GLsn;o`m+sYKE(wY``|H);Nd4S
zu}d^HfQPa9Hs=c9J%xOb2IUdcoIM$Yn+Ng^FWR1|t_mGY0!V!o<Q#@UTK>55BjvqR
z`N5mMakIXy@`H1-{u|njr^S`PCFb7K+hnh;4;-VA_}g`(M^igdq2O{^ucGBVI(gF?
zzmmc*W7tGr9|%WQEL3@)?B)DQW2Wum(yvUAn8Pm;L)wnQ0ca5XmnTI^0BKalC)j#u
zTDbgHinW=r84R~e_Y-rl%(Vs=no3kXJp79zeRS2>c+ijkW+|UNX{X+?_ZEep!wr8p
z!(LIv=CpknIs2`l++Q)*Om6;^&5sJ<SXo>3q%Jk7n-eJqjL~41?kRe2e(sLyX|z7T
z2~;R;x6d+|y#Z21&Xt^EgmJ`6Oe1(Rt&L_q+$f7)SZuLlfbOVQ$0G-toU;<S^31A1
zd&q0^<M9`k_GCavVM{Zdu?*bI@6kBA_?4OdVC*Nv?HEWQvwx=71W=_-+E(fK$2BkU
z9fmO13IdVzBhU)(W0P_!#eG%!Cd9T-cn#g6Sd!~Vt#*yzdQ4J|^<_mYZ|B}gW&gVw
z8a{BBOiOo#PHCWBzwd48QS4i6R~n;jde>E0`aC9bY#LCPd>4}W6K#)>n-N~KsN5l8
zUc6FwA)+G~zw}wyT5TMB%_UO;zE79mv~=0=DFoUPP~;IiUEc#Y&?jF_p4>k)bSdtb
zK}jmInT5`V&1+$xw#Q+lbY#(ewGG93d~3>><jzKwl1p`fZ%nDMFpdK6FL#h%9y_K#
zc1H%a92RWl$KO-jQYlj8URSf?c>rIM`o~zuf)xL2bMlu$vB`iydUo&wNJf;Qig38*
zjUzz!Gs4`_VXX|)4*=JLln8@#GoW33ZGt+12it(W-fuG>wpbl@oN>=k4m|>-qxytC
z5W2O+cG4amX`z$k-UNzx-ch?RUeM}jJz5Y8%6-26Y1?ce?B!6iaT!;c8%Jovb|$7c
zsun5U_XHH&!3f7Z@udvP*Nm}b;H&!@i9u=@$((z^o%D2Y@OBQn&_>YftR5xi-(})V
z-ZCJbv8C&EF1nQiFpJ1JI>2#+40sS{)6Md1ynS2|;gm$O@XJxd5;ph;^Sn^&9hwv1
z{pyc!30WG~j#A$@FKKq6p*ff-(y&u%b_lECpMaX{;jj-ohHJ(oh+0y5KwIp^@G~(*
z*%XcNdTBVc$NPH<2#l&ZT8qOeX*1v@k#T#OIOGteeo%{r@738rRE-N?W`Tt(viV@V
z62pYLE86t^!fwKz3y>@`|3qWP1|YTTB5qi^w7A*`QH`X*5Yvs)$M@sLl{H<xezbn4
zGYjf!4ij(3d2ulV)o~Sdgnq!_-?d9>sU#L~_uG=Mz4UFrjQ8|4$Y{?`hc`H{lZDHw
z>o_i(a{hd9MTp_#t+C`Y9FXEqgtK+Cy|tWY8jUgvy5^a+Ze|~VBW`WEtxI+7U5~N+
z6DXw^Yjr2$H**xu>%Jc^%0gq*ANy~8InoE^Aan2wY#PI`0+BpnAX^K?T$JMgenSwE
zu-Pn(oYeiUW&hg%DUrR~DJ;FLZAppsyzq%L{5sn>NQ15zwhXi;YlA5c+};J<I`JsH
z_5PB0j!=grc-(syN{2bGGX#JHi;K|UZ~B;VAcADS-ab$DA|s<SoUq5^dW=VAC`!CN
z3R`@gT9xj8c|`4^@gW8w)e1|mbU7?jc-b}8V&IgWtx9otTWQ+ndH`0_&$<GPRv{|S
zB~Izj^=1BxqNhD|(NnyL0?zBpW32sia{#gD3&PsoLCE$CDvdN}K<?wL|0w7i@h>l_
z_|{|D;$mtrJX5|-<t%p$Sk5=})#~0LmOgVIj^0J2?PSed&4qi9&5619(e*mIi&69Q
zf;Zz1un_S|-{*>;S5P}J5`su+nwH|U1vxmW`c7BmKb_oiy3uo8-XL%;Ne%0isjZu>
zyexEc2tb3u?h&krFHvKk`OwSNkHB{1aQzOD_;*A&DP}3&)!!~w8`il3*-m)o>8|4Y
z#+v9^jQiwk?%V8-f@NVIl_PNZfzH?rrFas^cyp65@h4!R#78)gFP-5?qn8ZaiDLR{
ztM)ti?9w)`({w=c9ArN~6J1j>Du|SgnQm)xfx4H3S?wXyf;#Wv4*MXv4JpX`0A`wg
z+LElVt;x-}%N@7Lw!I!#DCFO3VC)+rvJKTmspnj2ZA*Ly+(T><k{@&BLmZ!W{oc6b
zB{S?qld-rDH#*LEZmUv_i}7=C#kJn>bGK^LEIV)>hxnh=wpw;pf1N(?3eYFKjRK$P
z>Ca|8<w0M=I~M(AxR_M=W>n1dtx|Z<hi|`NHOD(Oj-PfmaJt^`%RdRn0mywY#b`Fo
z7J9q<Bcu>|8(!fm1{`!izYY1vTAAd=^5ZyVUM98Qv18gn@GO2e)kQHgmsa4a_D8=;
zrx320;=W%U`rIzJw&6RDeG(Dn1jOmj%;j2n^9QIS56YOWWzS`{8=jkw6%$x7Co5x4
zTLoyNq%5`{8J4o&1nK1qAs9eLd<U>gE%^bN{B26hsCEts`5pq8o5KF4;!#Ueo+s9l
z^w&W4RHDYQ)2m;jz&CEkDZfdoZUDsqY`c|UET#^f{uGFQj*FC3BuXKt3^L2xA|Xwh
zzXxdKwr7%baB%H-e~EV3OYM*Q6{8TkY*U0HiU^H!*2@UA)51g6v`1ZEIKVVYc@h0i
zij9(g++v)qFK&5GVeas-my7?vcd>xT$>57wq8v#s6<ltbwEDF-@Q=E^-Ru`qc!2Us
zv1fy0SSSiTLG9wRtnnsO>Q9Y`4|yoOEMVEn1`Kf*_&{Y%VDge=((Vh2cF~tt6=bAQ
z;NrJvNuc>ZIBA}ea{f340!|bMP#2mM1TINRON#ORGzSbH{Pq66-@$1vf?FUE=Sh%#
zS1eTAr!b^RL%E#Y-$QWutCZT^a56ha5eY9et5p7GDMAU_^z%ABeJ=Ojm*w<}yveP<
z0QgzYfUw$$?VP7l^Vx?TL{DgS%b15v<Gs7#ZP?0Y@ZkX&TAf3*htu@!bH$WBqRgS)
zw7L9A-H9G3sMRYsvJa1z$Gk4}6sW8wir=E~?HN3@$3`nm+J2aIe>?^lO_HV0TE50!
zVO_cMFe*h_I3~RyJ#*sebl&S@2KDcYGnde6?KaZO?rV?J$h@l?Dvv3*_`zb|o;3_p
znau5*`Jr>H3DoF3?QL}ljh#;WL#r=Isa!wSdfMlTCJNd(0#&Eo=(MP-cE$>GW2(%H
zwr1DOz>9t+#>LU!bebbyhx>Yo9x+cYWI5?5(dJ?a@fmAY8rqh$cgzG7tjx|i2B||+
zo83yC>Nb!OS;qI9glM><vb*h)=*mkh41`Ykb{p#)s0el!4@cqR0Z7NihACtJrVt1x
z2=4Yf2f)e)Yrbkeh3V$f@!uD7jOf0>@i@LCPu`B8nQcL~_^3LY(RLJ~nDnA33(KPt
zJU1+`RaXD3X*z9113`$HpPrOVPY|9}1ON$kx2Ts=GR^PG;%m-fu3=d?q8otL_+Ft)
zhmBA~2G4pT42z4>6y_$}EuLwa!VNMdB{%HeAr59oygrkT1J2}BwrFaB^snD+rLqg~
zJ^HMDGEHb)4lval5cIc4FOO0%1+hk$K=N`&TTP672r}}|GjxXNm?mxy{%Ap2Q@Jm|
z-bFxKwpgTI#*5@MjWZb<f-KZdLvm*q+aS18_chi~te4HeIK&lF+lQGD-jqC*d`IT-
z((2%cUJ@tM#a5|Jn)`k;*%_#wBjw{C*8{Cp>4;IddAcx663elnT=^^~**~MPtgXX$
zGB2Yy&=33%T#~J#P2ltXXrzL%Kp8O$cjCBqq)`GvYN>jiA|J;J6b(pU!Z!c$w?0GI
zvzQgLQ~Qpv^bqfE3ikNy+U2VvU3Y;vRUmB9gR8Kg89NnItqHt_NH<3?J;~R(nv|%S
zVZ;p^67@SV?C@RGj`28Gw7YEaHS1!J1zd57GNM050s0KC-9-bDlw*xg$;72*F|aIz
z&|bFix2D0x{q5@<)NY=yD)fJbtji#CR3P3l0C)2|x*&Nt#4xubq5K>*E>TUrH;$e`
z$`g*Tmw&f<A04FUh0hT(P@B%ZO}?b5)Nz*=cPedVJsZ9xPmy8wtQ6z)LCcxjw|q)#
zd6Sq{xoGd0p(eZD)E*-(rIicKpWpliMLrWlyGzzweLIg~M;A}|j=!_QQzhhRq314v
z9AqxbmiLa=pJKJ_=)~o5(nf&I^YM@kj+?Y=12~%X8X0Iup@0;tYcSOxRWy;R&!%JO
zkg^q0JEA+q3bQR$oefIF^7TUd3Q|_---<|w)xn5%*hnR%cDeqWz44g<4@c}t^8Sw3
zr_68JxeC7CvPqyNINTlpb&m6?gOTj8iTCGMCAMtApXnDE(Ht!weTZFPQp=-GIg-RL
z*$bC#n|F87E#VCU@t5VRnpUP*^I<RDL6c6qsjZ;qQ&e)QSu^5{bwHtsHcrh&CvXT7
zwQNq_C$}~z(ezc-vdy6Y_@SOP)zBx6F?ot?lh4)MgDS_iHGCWd*HZ|idCpT##RtoF
zxV_V;uZ%&=#rZq^sht+tnlYyhnvE7t?NR5V<t(&c&z30PMVv(&1VEmJk+|S%p22TG
zh;2Gv{#oF_YR2VIx;JipEM9q-*HW?1o+8xwwGNiw_jPvHbA*sC(?V|O*x-A;_kIY=
zCcg?r`N|VvaKql;vC=s_>pR-m<5Ur2NlzK)q$~1xr<9q{qLlIN4j%_v+oJcocv}kI
z*ZpB^IB(Ol+y)<2yAqqkkto+)iLl+rtuaeqxO%jRsJ`x=Ev$IvC>OAj`G@ajC%V`e
zj}rT7iXj8wQQ?wnyUq}xN(ZU3X=k7g_7D*It=zz((tyr58p2L%R(NQ{XPO|p|LWrP
zyq2QeyI6ggu~0h&CqL@5Oz&BJX`jB&;oM0i?Ddn198+^HtJmjk3E2@IFdZVC)%cy$
zmTvg(`@6xJXS<ZE&A#at6lOXW-HR@v^fYRY_-p%4TZ=i8wjh8>1(Zm`OG0mgZ^zZT
zOu_7?ww#g^@P6PG6T{nvCht(j{Yxsw+-(f9^F)5PW$sL|!$wjklLU%CS^So1G_Ogt
zyOOFMyjZK&b%#(gJdv4a1vqJX?q7T<!TO+9>dXOHugtG`$@hNDgwE%nXcU-zJjX$5
z8D1FFmo20*BBLByo)K)5cXw+b>ObDU$3u36Yn?D}h;ebbxu+cW{#6CGXL|ll%?K&e
zIs&1G47DQ<VgEULjBhR5C{N6htbFn-*SUK1Y8V?w=~&>4yB=kMYCu5EIvQqUemb!%
z56vA;kN)AGh{LZ<@ZawLNj(eOYoVn4dk)npD4qp{8h>=Tyv;;xfQ4Eu_*CtazapdR
z%w~a-5JqQ0dqKdE@OrHqF;j@$5>fO-NKkdq!C9q?g^|qY7&ouBjp$`2z0B4IFsQ>n
zlG9ydf0=f#%$HaVDRF`{l^R3G$ONicGoU})5{Ez6SHp_1Hb;)gSbu5j{d9@;zsFXw
zp_Zb`wJDjAJ>RoM``C##?SoI4YtzNsVDhoGpOL*;--Zp~c)ju@ohVDuea@Gs+@5$%
z@^*MBUEFna@ExNqZk7Ty;|e{1NF(X*a7DQy1q~`356v0%l!V`kko&54*+NK-H{T&N
zN(1tKerHuy8YOT}F3eEVGOxuc5HLUDBJ?KW$&j<t)LWCiWWj0$8{>J6Z->hz{X|5e
z(d=L^2xl!C!{2H@a9T{+1t+bU0Ol92M|{8T=Ru-9p}NA#wIm;sx^;*wmG9VNjk^F8
zd9K*yv$w1XI4(fz>FBn5<(byPad@K9hSB^ai6}~hIe^&_6)~((pz~9mq_c+<ifp1O
zZPtr}wwjQ?2;{r6J@uA=0E4zeJTr=#29|~@_KH8WxVvk`iEX68Kwh<?uOP&$k4_b%
z>)7Q4To_hku9cRMcbG0I52>@RqghvL8eYYfG#;^H<pKp>dnq5~s<QkN!dqY0R}VEW
z@(x>Nj0X+s@%8>BZZB2C0xC9B49TMI)Yf2q)S*Kr!P}tV$3;aYSK}VC{)^is+ypCV
z^y>t8&OuJEc(Wix-rx;ivhOqAR^u_ge6J8GR7XuvaAvZe7ht&HZsHN~zJB!J@sCB%
zGcan#f2%fp%Sf+abWm~6va1D_&&TwTD?31x<96bepJVW1!y$A8e9U>aV|Lv{LZRp~
z#HL_KKxbnXhfOo*keU~Nky4|6JZb_b4ktb_sXu*c-YglAYWu6hG>8MX8W$#v`H$|N
znsl0z?kTCgmq@s*NK*yok&#>FY)HF^*4Z7h1W%}y2EGNlwOK`S%7tYu`Tm_#F?-E;
zt;%;~$2q)KE`3Iqp*Fgkb5~;AwD4Yh^{AQHR1>%gO!=A=$5Bp6d2ExebS&HSM?4u-
zPo6d#k0-JiF$IA`ZNJUd>EgH#FiK;|Z~0BwRu{;%pMUY+FYdfQv+V;~ec#*l)h|(@
zEhP|M*rf`eGTL9!0+fyO)@#+vSUQ=oa@z{H_2Q)+h<#FE>ck=VhG4psdUNachan}G
zp#~OLzZ)D0(F07c-I~Djq!KZ7gGr_HZ`{W?nig|;`;y^_#f6@nUE|C%!Cceiw{-EO
zD(U{`I!?@yLu<d+{9@SctbQx#Dl7Jq#Q@!UeO9<3gmwyck|<N{>~dJ}6RI96<573w
zC>A3__a3jbDb8{V4aH$0j8B}VPTv@(j!ynXR9k5L{r$V{`DyFVhDP?y$5sxA1mCgb
znOYKna*OYudGR|{^FmeBr3F3t+Ey#2a9k-(qXw8rY&>no=haMK7Z6mvBv2*hNE(Kt
zoK86j<E_UZeP2!tjtit%!yX`=RgF?6%n4#L?4jPECR8?1v_K?7Zy*EUbRV}`s+*c#
zT&<8r$=w=*0#4v6kX(J>a9lrQPmm8B*e7rWJ>&@kJ3)QYS%L!8BE$r;u5YkY5i*IG
z-;o4ycf9=w1Sw~{EK}|>;n#nghshaYWVHAtwf~Xyki=7wqEHq5Q*Vya#Rg7thDxmr
z6f}tn9to%LLb9j??KQ#&L9yn=Q-i&r5#+;xu|_?iA#(&XsC^Tx78cnH?8O0Vg}DM_
z{8$2NRh2mwnN`n<4UCOP4(VD4YJv$v1s<&chNdR7bKk9o=&cm?G6g!LK^UbG^g=zN
zK^UYN)WypzU<UfxFo=YQ0@ZMX*)IVLR)~YBaXI)ZAi@W#Ub0yZ2&!f<sVGjegDJ5?
zz>^Z>j_*T8&c{7L$~8Hw%ob!nmYVaOY1Y|91$lDAEiOQ%mdr_B-Xh80hVd!h$l2@`
zLzM$tln~4oL*?^pl<4&qL#2bp%0Yq?f7scm{{=JQM#5U~_e&KIU>drMumCEC(4!Wg
zi3HWR5}_6QZPUYaqtuCp2HV<bGjGV&I_YMRHkZqi!<IWaZNL%=r21w8oFu-tJp@9{
zSADC$g0q9EF;A6C2I`MSx+>~V#&sis%r*e@dtg=q`QW`TF2pc~MAE0elDL`82n}l<
zLr~Jt@x~3Q@Fmcf_hn9Fmy`z%If4w%11)2S0N$DzVtCY_GCWr%07)EoR#Z{NHINYp
zR+kN=nTnv^Vv`AlX(1|@7ANWtGe$8LMt&(c58BqAkXyd&Xr4v-yFUdEU+q7lu>8Hh
z;zllUNN90^eaJm@p@x6kufvPEfP@wiY0+ex5PeE9m8jD9<z_`l4MUs#@Ngh|SRt&a
zFw88_24^v1X_>uo!D$<-j##Z+hJ~RmV{`wSiS|R;fPf7-F+&kAf<uP0lE3c;dieX3
zj6R7#UXsaOYNv1Wr&{4b%~}BEVsy%9vfp7se1~m%X$O1(fL~D6EW`spgA_l-K|V!)
zDIkE}HTe4F-0t%KDg~}L_Vb1?^aQy+fqaA(d;;S%#hs-DsiqXH13f~8TteM*nd8W{
zNX-TsvrSfD6P33YMD8_*<CU*{_9C*iL`tV@`~+?_$D@<CU#HFXZja>+4g9ypePXuw
z8!cpa4aA4C(kv=qo4J>pn4=l?V!Bia*IjQ!=u-41Im^)HDfti@_ZR<61C?g}bnS6g
z>2)UcoZ#)ZJbhF=g{my8EXF<AKi!w9Mxwtn@mERm-e+rxQj&hB9D+Eb*CMP9QR^G&
zQ`bL*4=#J@WG0`P12+r416(aB@I6$7VV9Ujd1~%)7<_3}M;UD$f-o-oGYR}}|J$BF
zWX`NfDv5Pc5|Hgo5Yp)-X+LoUG)FG2h!TOU(Fz1C3>pQD%W`))PB8pIu6Lfv74+=n
z`poz<xZL94gT7<oN7VGncS&20!(+A6v~PVH&INEWQpR@kE<IzEVq-@ip!+4G$0kN-
zz$|?WvLm%Y?>kI!)UWvNiW5@5ghVa&D#<sdi!8LE|CyPVKTBMIsy-BlX=K$bCxGc$
z^Z8uIfH*P2Xr+S{q_wt$#6y$#tpeq7x6nha?-Lyt4iP%v`^Wzos!P-WN@40fMv>Dh
zA~~N_EZUbFd+&6$lK@US>2+XUIiJi|@27DyY}w_}7)^OqrN$sn5bB1wu_5vfR0(|V
zJp|O}llzJM{z~At+DEgr1(u@_6L;jev^-8pG(W2iQ4_^N-sGUUbVrz}P`BaGxt*VV
zB0;BB=PkiD!zrccMyDPawv;_^H;?RpvnU~+RmgU18&owJnakeqD{XSu1*vF~??7Q1
z!<M!Y<{lF(ALbUUJ1uTdYp)QpfgL*j13&20xz+IG)=c5KXirmqdCEb*kgAYn2{+qG
zZOH(925zgq4yZ;=X|Ec3V4Z3f_6(bWepgUPY^8=WIpfu&cApf-l+zhw%gg(kNlo}%
z>UfTLHwiD<cG`9N*v1l$`6h7N@Qr_#80b9soRe_FkA4@@YpQEP{743k(Q&Qn7C4)5
z4R%6N%R(lAi?UgJW+N1#1jpnm9cfdF&y^5Yf|+$XD1H9fsITQSOcfrQHEHHEtr?DF
z)b0Re&psG15!;e<1>ez4cYfn?8|b)WHD_SBMk$nDHu%8{Gb4M%g?3RRKoTc3uLBta
z>EYf?jtht3Hqc@Hz=48ZhvZ}x*X7gcr4~lvC&rUXV0lp7dW@TEAp>U;p&~Tsl0A!G
zskE%G26xNRpOqR)lo6}xwY^tp&0p@MOHq8*XDJk}&N}o`=_}ZeVJWyBA3z?KDoAIo
zK#PifB{_iIQ#qj$;3DPt^1`t!K-$vJmOU^3a&xD9_DQ5Ej0;S6U))E9i%@miyF61?
zPnuY&>5Hhr2OW++l{tRS!SK!)&$x)s!Kpu6O)Pb9Ft2HM91TMeQOu^H)u&QSY{u!A
zA-0*;N&cYw`eyZ6tl}|J>aj5=U5W=1<FPlJ?wS>wO*(a%UJvlJ;|bGmi{wQtzQ5P_
zJk4?#sKOc!VXsPbe7GmU@d6+!?BMY3`G2q-<{Hb>7LpUOcsuFB!}T<WlPo>_4SCp<
zQSjMFhPm`kdojVR0ITKdAn@*@m0mcM{`n8+T80H;vP}{oq7vchXGwM3ZjGguL1Q-n
zv5532CTt>ZrNvE&^?yF1vaIbf!uvG}l1?wSv;yk)O{<PVc9q=nnrT(UPY~qAU35%w
z|JJepwE+lN_zw#ih;>ebU&Wf*Z#{=JLv1osHdaFZ8gGF?$|laSi>+V`2Cg+bgUCeB
z89C@GlEdJ?kFbxItl?B`6QvY058vZHG@puklRGY><GdRrUW>4!jud*DsHmwIrPkpR
z1nSS7TAf?McI5F307akE(cDL#{N?5oW;X0`RIIjm%q&GU%h$uYoh<!py2RRuTtQ*O
z_sa&Q3OT%L-)2ONIx{^r9y2Mm0!)&P(x{dNFE?lKr7AViiP>lN!O^TR`7!(`A$|_+
zjQT{sU^wcS+VA2xVp>k=em~N5(mv|UW32RH2^i;ui$4VU_HTR)`gJ-8isDxB*;hR`
zDQ!BPd-V)58)7N(B61v&3q47Y9v={qoCqjz-gf1faT{}H-BPQ2QIq2DXf3!`N%hCs
zVvA?8ND^MJfK*naYh?l$#r1f)O<ouL*O;6PXXG~TMea^JfcV+TZ9=yAJOMLU9X5AD
zYbqj|MnS$({sMvU?QbomGx%{l>~&0%CFE(4PbXBOw}CiWQS4NzfY%W)K6z(^Wh6Fa
zKkq_m{IK(v>sb>h{ayQ>XiP)<)kUCpiQW?z<a46dY)<2N37OA~DZiuWcx23npqoyk
zD^bJNLR{47zzkeNl8wxJpYn8gT2*^h6+>}esjwa5D|h|0$GT%dPBCbT#12$T7qf3(
zF?&sO3Pu~Pzmx$~0SAN2lkDGC*b{DWkPT!ce>VbRTNQJ8h2itYox6=xX(KM-0Po16
zWfw%GPj-$OgGhY`_Cz=>-S2hgzlIb44ow-h3k0uBVvC_>-OqJX9M!VJGdJ&&t1<>4
zmHQe@gQ>!gB=}$?SglSsrN`q!p&_LW+l08Kv(oYcwDEqK(<O1E_my4VsHt3Vxla&0
z@EgX}If6}@$%3qOhD6nHq*kiihE0-7Uy;z|gWZYEURZDB|60hro1{lds(RL*Zp}Xo
zu%T6mWq5{GSkR$1>(4)grq2Q6Ll_haml4grxk#bnMEX-J9v(RqKhAtdu(`u`9CZlq
zi-$5UAZ`}&3^5aft_wgAei!Y`L)vzWtE(55%&iAjCh-!(q>!dI6{A@Gj31PSv>z*0
zp>1zzAHTXxOvUMxng&_{cPm(Y_XH;#C2&%fu^Jn_Wo|rq!Mb_JmSw)y;!I$eJUtiD
zD2ew=(X=D-ddhIE@ze-4f1-)Q#?&$R%Xqx?uqIqMGGA27RT$Vji*bre7839tRRrmv
zqdI3&*1&&@X^{SzDJbh|D&=LA1Xi1!)H#avikNZZJACArtl}$9U-bKvP-~0h^h;o}
zMBte|Cw4W|4u5^-vcJyWTAJUW-BVHw9;(q@O3yv+bB-oJjNCH0>8~VxBM&NW*pZyH
z_;$E8JG=An^eFm4IQvd-+ml-7TW@?jPGWK(U?`Aw5#o=neNe40Jzkz!7*0^GApymM
z8$#p;zBXrD9Znb2xhh<IW5fthFOk#4cge#3pw+M=Ad|x&?5HYG6n<4CTlinD=8q+T
znlELa*Ow5+3RZ$(che!%hzsO>I2%bfTfopCu7Nl`3)LRQKdXbxE`p|K1_)!4qzH%Z
zQ(du2D&86mc%&!gS_{x%OeSy_6j1|pY<m!-n|f3grZ_1KS+UMsDR15P7?5NBWjSZv
zaOD_>#sFinR-1(1smoXwLU}-PE(m{gcR#at=rArhh-mul@*INSfy~w(<*{)>ZI#-q
zlNj6Q9uKo$Aw7NNu9PJ=_H9_?XPVLgUgd_`V!G*%ZiHXj@C?o6KN7Ohrd5Yl^s1a7
z5y>?m0z25M;imU_>v&Ca=f06Qrbv6Nt&CiN&5Y*8EiFV?q?f%Gm>$eCCsgPFqaCVI
z99;Sls^y!Q2mtnkbDc@%p%ebNXqZyVM@rMEtci%9Q?c|_g~l_m_J=-2h6W>cl2_i;
z^24#nSB3{r6Cg?9Zl5N(z{E)js|!nuV@26%bwzE08WybpTTH5j>UGGk{%w(p<w7f;
ztqM(+8%vVpi&%gO9F63jjl$y5Jm&7_Fik}}aBV(%v>KMOud2useg|UQKw_NYEin>%
z&0S#{R{I6vd(SkQ@!q=`2^IMZZu-a~NH#DVyO0M#n{}HGFSx`Vi)@M+E1eXeaNC*|
zDm;njpHx;yK>F7<DxS;e#3+s#(LW43CIlOv7c)3;ZC6`dAyTmSf=GM#B2egJ!iJf?
zV2*C2<AW4JpuO}rP!kJE4a<B#_QIQ_)A%iOb=*HMD7x{1T!rY795_SbDDmvb2(?Yf
zqyGhXK!?9%#0rbJWjw-UGd*9ib)1fV^rrQU5nd`SLN+HhSUB*o_A2TicLF{<s=z4L
zEAC{Art6##rftiLxYwFzB<xIxySgxQ3PFQlU(OS;(lR%;7gReR^57j?Pf+p0`<rRS
zu>6)<&~)4@dSeAWF}L2=QA06E)?`q)y~J^Y3aeVUnu~JA(-gEJYyjcIsWnjAwlnc+
z$Fy{tY4;BFY7Y~2fEKz+l7=IIOhD~WMvMYz>ad|AADUo0g4%F1B^M;GGsvs)my-nz
z1MM=f)wMx$p%_Eep7?f}uczZxZ!m{ydV2^j^DB|IHR9oUA4IVuC+5S<+NDkhQ#Jxe
zd&EH#J_uW!N)2!ftNL(##~z}1)bSg<xl<q|Ws8!**x>ep?dD4ZoH0`8?4GG<Pr1|%
z-Bf!TZq>^DCYQA0a?aHN|L05bR#e7sa62q?BO0e$ny65^dZkqNrn;{!-wUWFpr{X<
zndWU%g4qh_;cgUobIvU?F{7EO88dt~-E7=zTdx0XEC{Uz`1U9q?0f<79B5Hc+wdn=
z3X=`j5bfOPp({zoz|l@~@`mRx@%|Qo$r-$zd^Y(><cuU)Eh|<IPm@_jh@7ex&Qp{W
zV1zADF7VYBBN(KpZB|s0XXnq(pFUR_2>MQ_WM@4yqu%{=N`4-ssCx30{0#p-)Bk=(
zekMN?az(C)`>*<k{7fclkagF5qxtl#%}5iPBL`HBTd#3AX7QE4auVS&%d0Lw`~S?d
znDtFWt|>e{fi9eq2e7QJ=p9;bFCc+PHTLAQ$<yJAjUsQ8x#t3E|LdNfJUyMZx~{tT
ztm)z)UDNeeuc6g6U&AYh`GH{t7y0^uu7eE0$Sn(gZ%gwPB}-Upkt=Z@a}#BSFB|4y
zyqc0rz!atp5-1!!))UoKlYR<o`-yf-3`<zL4%$#$k7N7)?Ag|~|CQarkz%R6-|;ll
z9xi1V%3%Le!#KWMws>zJH$o=hH9-@{?v8SCi&HiIJR?^kwf1ikIPSrJBgy-tHotg(
z1Rfo$&}hK!Cac<4+uCf4f|Y6#5eYj*32jTR+!~+GI6z`E)csh1GpgJe5x+AI7w(cm
z%&m6miQM5YQ*xn!jKLG<McWF@^WdBro-oYw9}ry2L=&tq<5`i>jOa?FI!s6Dvv&D;
zQc3KV&3Sfa63C3BWX6^h%FaWHHFsa=A@?j(b=J688KCFrZ7SQ-^h9qExH077gm!+{
z<&V~!)smY)iuR>>dk^!TL;Km8GYY<z>iho?b;dVmx&Od>t`FtNLmL0}%45wk?OmOJ
zIB9x&3XuVZNer8%Eb~ypo#PpvS^-7!ss;vfMsoH5r=k~NaA44yNN0PPo+-J3){>cO
zgu_fvs);q4+-E1BkqLQns#bZ9+XyDn6-{)&w@(ePmP#p5Ga{jg0Fdtp4{gQHQQ(FT
z$qmKM&Pk6_*HYem+jCo`Za-&oE>d<epYxno>noA*Brc)}fZE#6IcM}zJdg*5!wySt
zu>V)!b9NhXuKuuV3(hHf)M=^J962G8T*5SeU0|j+E!lH2A%7FOD4(O$n*(&UJ<0}~
z;k8V;fa#rsSwhS^SSOxuOWoQwvP`!({L=TsXCnAA>_O`uH*m&qG@!PFlhm&;Y#xDH
zt$=A~KTR@r&oa9aOsxoKk^45WT49%}o05whmzZyx%`>_f+$%u~hZ@-%2yz&^3EZcA
zTL4}$%m*-N%e&lrm$h&4ILjSZj^gg3uJqf^0I_GG4@C79OYugpArcKO8#XyC{L;kb
zoVC{Jur;E+LCiozEd61U@AGY!`S7+u7?^F=`LHPpqpm*cIyY<StH{XJo92FFB)Vg8
z{=#gbA$AIVkpAkQ01##>$Z8pkOB<lTQ<hgep_wbCHn3rV1JqQtSHg)61tQ-y6bPfq
z5<{%<1%DpiIBHstW_5DMD&s{e*Xl(@U6C2hXr8Ez(v7n5RP}+EBSmNx!oLw}EM@RY
zCsvc^vQlsHDR$K9=tU;QnPNAF@TM^i%QC^|VXX#~6@4f&*5p}P&zGL}&cW|Pa_chI
zDPhwExYRpK>!@ANVJT#l(-k`!Rv2Ma)yl)2XsnL91hq3dd3pv(5X}pH8pDx&vfUyj
zP9B}%TYu6>XU<za!f2~CmsOwTX50O|VV{aKrf;fk?UM^)&8Xg|!(I=?_pvNfDwxcV
zkFE7erzv(K2$eY0(hCPEpBV9%R4mJM)}v9&LH(>mqknUt+_uaO&qohImzZ{7n%q)A
zmxJ@n2Wh_G_W<Y}W8gz$=#pgxDOp;3N?$-D;k3VStpO01ZvhpLS`&GMWi^I3dF#;T
zbKq|Xp*AP%o|S7-2#I-_z~ZTte37qwzWuq0O9KrOdS{faBdu*6ffYxz*z-Q^0ge&h
zZ?_65{^Yasr{_;M6#PM=uHt_M|20;5^Y7)n$4=sjY|wpb?UYEvz1OGk4D9Hioi=uT
z^4a;b^QR}O&(BU(?;Xqhv&qv_;=yKYQPe$SvSpjU%rykwgD6uSYpo}7kZb~#0F7sN
zWzJjJe$I}45WsH0rNArlyOk)}?}it>r88(dA2NLhSg<c{X=2QQy}wo7<7l$U+I#NW
zGG<(-3kD*@O)8-?Yfg-OAJC9ztW52*Ivkn)t#d1SCV=0~`Jyh3z1s<=YTe&6M!E;0
zu9W-+g&O8{cFii3mNdvu>!nS8z0%)$XkxubmZxZv!bRR9p(Rq<oAKEv(^%Bq1<N5*
zB(){`lrkaarmE|8!4f^?TSw$OO?4dVl&sV@x)ul3cLCoVkQ!;zr)?td;dNKET1H7N
z>PFodV;|QEwCYf`TB*iJ3V@XYE&~MCPYHQb%L;@FO_CfxA4Jg$ie%WSQWSInt2L@`
z-G`b`e-y}8dN-5+LkD;H;)P6Dl#-&=0(FK;2McJvOxJ{#qRw>ygh!0mIZbam4Snli
z{%XD0CR8ci*cUVKbo%tk*2A28paDARyIcctn>-6f-s;?bv&Oe>g_0V+&a*gW`i;)y
zP!COv%vF^&JHxLYN?x&uw6&8t%_J5AZpylzw(}6-7Js*9LS$?}Qk3;<>wT#=AS}XW
zTiPXfJS_OMwr*>Sx?MXuA}4s~u_UDs)#=vLr@Q&;LlKww15mn(=@&759+q*MvGDZy
z3+?oie8n?bW^12(ca1#(DT(Fxyc8g_lY3gCylJatO7gEK-(I}?;qAqnSEq`jc!Y4>
z+a?d)ZMpNB?gR}l-Oj|BcB>fx-emfrINhpN!f3W8>;ss`?zi2i0U^ztLcPB#KC?&3
z3#(8@NkCD;k0#hJs7K2^U6IEXaQf&Pk;lCK7Z6_BDK~1CQm0BA)rbv{UDt05P+f#t
zpy-NFy1oO+ksCX}HgXMpkgqZ-E1rCjiR4c8J<>4K_hhT5Il1`mn!M!lE?hYiD`vJ)
zDyS(lrj#HM4-BrRjV@sy3L*U_S2H%-)@8NDSRW+A?#@(qq2A??A{LXLHkUU6h{^VF
z<Ne06J#XqJo080tkXJC$Yf+O2ioOKkDN}O8i|6E3E^CYrsXDLm)6^}Kb)joqXomsJ
znubHm7ba_)yh4*nAgSbteW*S^IwMCP=2HEWS95tZC6}ur;|Z^nOp-gb(wTn1OOwxC
zLF6Ed!u$T4uU~%s9K_^QAW$>AcPil-fUIVA)iLd*n21$TiWPV8S74L)aId1$b->8)
z(+bGO8nus@W$Jv<5<a}{7j^Y4(91ay7^Hlr<Ehbi#ihN;OVSq82M+8kLI}~-Kb@!S
z{#>T?=@~QuSBgK4tKCm3$<foJDY-V1(3#tBd!Lu$T$HvUVCH{vL{3BrElOxkGDbDv
zn`Sg?Od>e-f}O<#VUVam3=*MDkd4J*o-oh|WvzYAb5SPDz#PLZ-qDe)st^FNWybiZ
z44y=3Cd5inmoMYT$vlDRp8Us}k;|8c!8-uUDVKNNfwDE0IiAEP7c2Uc$jPfOu646c
zf1yG1a-L9n<;0GuSHkw>s?ne7k}0_)O3<-)cZD1EJ$XqhiZTvxAfFZ59*9bOnF0I)
zJmLr`JIE6Wu>Hjwk&X~5oQDj{{+nvy3;Z7H;XfyDMb7*w-0v7oiQ2hm`0=}vSIo<e
zqK+W7#6!4>tqz$7OlRIYz=)}uDRqNBi~NU0CT6A>);@ai&AZD{o%rV6rRjtEDCQf@
zhbH<N<$jt!Qc!K=)Gs?SYIBso!N6N@>*<D!8!26SslNI!{TOoPu48`3b8mWidl##_
zl`4dovQALS^^z(^N>+7N@gh*y6qdYNU=V?CE5XqOP+bUl$<XbdJ~tWH!4(M0wU^i%
z@H3>EyApIeq_D`t6i?6~ncK(cJ>?ml@r+k%B_EtljdX}<z%UFubEDBBkCk{ftexaU
z{dNvk)YB>O%%I!@2;Uun$vikH6zwR#gwJBbalJQu^X_t|vs!VI__JEw-FsHU57(@`
z=Lria4B8WSxZ`^J#gzV97n2g*laf`VPW0vxa~@i>WBjR&N#yM`t^#e|BNv(%0c|zM
zzF@0J76F`QT>s1yrhCW`;cMdASdmQ%Z{TKthi@@$+;$TutXR(DGU?Q<UtYH@rY~5r
zBwt=z3ES}(`s@hMY>D>OV@WbTXCB<fDD*Iq^GcNQsA0$E2{pU#%v_K+&bO2#BFk73
zv<iqh4umDyqq^x>BssnNH&EWRns$y8aQ^Pq#mhIZrmOU~OYtzN#H5yN!Ykj&7y-2t
z3H}lTP*Zpud8EhOR4vsIVthHxo|A7Rn)AU9W?Yy;RDSKHq~Ia2#Y^XPmf=`eC1Yo<
zrRn_ROA(FXq}A1cOc7Mqfa1Q70rGJc<(SjPCp&D8b@NPnw69y=hqOmnn3aHtaX`A7
zi&Cx4vb~mAmB1jJ*OHY}eD$X?xS@j%8vBlU%bNBL?K?K_8(ICe_5Au74oYCOu9g^y
z50+Og4)hK+0+#*qV;hTG=!+QXA6?hdp+~VAZQT?1N;qZ@=MSR1<N0Fpz^mm%`#{g3
zwEOvQV=ChtN5@5)YWHg`*}Tp$;6_dfEx3-^I|F6+jMO~+OQ=@IsFNm$m^L1;N?mHN
z#xHtxHx&7HkEqhfdL>N-#3Pk3<Nj01S<W<F@%)qF24NY~h%8&nk33I@N4;axgnQcp
zr2bAjVXTkYmkeU02ay{ublV5rySKW-zgo*5vkAU^Ql!oJe>#riwo%S+AYunI${A1G
zDAQc1u}Cb&<-7B|k&ht#eUf^A)VaCCaK_1a+sh#hUoHe>b82kcpeUxx`DwcY<T}uj
zu2{v&21zFod9Evrd|j~ox}wRQ*DLZUAN=a&gB={cX4znZsm@Gm0>y9x{gS)!7xvp?
zaN!$T#95Ne-5puLevJ@T7|dFT0)Q<ChX7Nwec@Fxdsp-DaZXz2p*G7}sc&YyvJA)X
z4rCSL{AmDtk&{GYt-zt~AbD61oi962T_UMW8nlHAeDdVU6NK{m)1UrCL`f(~S;AM{
z8@+^)!XKVKos$23@#ZyzKNgilC{TQ>x}inb1K6al|8f2G+XfV+{Um6Ob~sxh!v1Fd
z@$=88<Rvd5HIHlD0uzyGf`fBW5efiNELi6e(Qfb{)=3I0zF1Z|bzH69j3*Ul2qNng
z0eA&sQ+9N{D=h{>htEjH?--fOzm}pd8YE&2hxO9buyojnW-UrqeZ)AVpnbBnm*DP>
zM5yzm8;sq8^3n%KOLQy;gnnQKN&8?;SV~@4He-U6i&9|KProBMHx=`=vLdz6ZBpJH
zSAhW}P(nxu&{{vDi$!f#RLQths}qpXwrp_|m#tR5#I;oC8<Y`&$!|bIehm$!1~k}-
z`-Zdy4eq7yjhQh!DXpM9$*NjU6NF)^HbY6-Dun61qUD{^5j97iLVk&~xMEmV;U2w9
zE4p^`wt{Uvo=%UEg@}^Kik5oMtMB(&8{`cwBqH%EAr@*~2!MEKvPP&LsZXLNhi;)>
zn|mz}u?if^Jq<fv=~MaZEl*{<dd_BD@GE2PVeB5b5oGszB;$2}gBh<e$Mfaf3lZv!
zYn#dG4ett6hSxz-U<Ac6CvrH<8LvH`%Xn>hI^z|4M&lKCQsWi!@Zr_2#jD+X*nQ1X
zku%Qiphb)bl!GiBCNd>&G*iaSMQ2iEb%n%Z7Q>r1Pj93?Q#b;cwY?3vcm&x7{Q;SB
zh~?|<?YsJNxPD2|pNZCO(_U(qgiIcvuDN6HrjDqYwrXPRn3)Gm(gS%|GVK?4Bqw!x
z@LuqO<^oaA2tkPR<P#xdEPV&5KaxluXGxHpoV>6JcP4=7GOt)UrwKcCEexz!vK1>m
zaHl31(&W4?X`X73!Gx8-NZ5ypm1-`UV*iqyeBnz{*Pv^Ip8qKG1iUFeP#JDFtl2F>
z-!vP0iCqk-sMf+VRqGAXF@Y7XMO|v2mnkm-1p<?5DCM=es3av@C>5l1ASe+cWalv5
z?Lwm)m&<T8vbRqt{-_zf=c$oxz{TBw2o_XoYa+PHr4$MG0x_t|nKo3hKssuba<p#9
z*wjD)b@05-_o%VXMar(~S;pn^dbH8M?_mtSvMPHBR*_h5LyzrWvRrbIOVsJ2WG6tQ
z5ikv*@#$_D0Xcmc(-nBtPj8#{e;ZEm#ERi5`z9~kXGlV`Om>kk4BPk1=!zt$u%`MO
zz#a=TA`rTPQiZKSH`<9J9dL4y8v;;B-Mptk2JpAGWO@VmmffSX<yY@)**=Q8spm@_
zkdqdCfw%wWATkHm_ThMA@(3>~T?Ob9sNdIZ5y&-4bq6*!(F2?~+bqIDZ8z>FV{C*1
zkO%Nf4?+txSR}Pl#E>7WIcwq-!lgSSmTp9X1hjKou{ISC`2#J}i>tx>v9?Io-0upd
z=4+z9r!xRn#vBHZ!)wz!_Dg!f`V4H9P^@gjljU6!y<RS#`HslIDYk`E4J~C}s*g^!
zN2l7a!>M+OPBph4dW+u}z$w3#Zmi$pWy9%EyzQoaIg)rtk`a2-HnZr+_6B6vUvYzs
z@_+!XfCAIg=i?@Y1mR%OIp}yG3lT8u;RV7D)Iz~J3}?0wX>PKiK(Z`o!o0X!&1DbP
z2=j9MKoO{;Zp71=y9ba#_4vqS$yO9TeyPT7086Xy;*uy~u3`vg!pfB-Vt&?&%R9P%
z8qnR%HL5bTUNAnGyY{sSdS^}LYOypGVk1)Fo2zla!nVedJwSKk4Aca~t9kS+Mk*qB
zZKsalwT&AwAb+?rM%4Ch+=pk@65DnkwnU4VT^JTVx&lTF)hH39EoMZJjd343&cPVx
zQH1-@ku0K|voY>NN4|(+6HyXKOUj5K`>S>zI)~<!_9Sk)5+eq|wQs{XBRGT>_oodq
zui9$blNhsC%a;4__;@-!#=wt8VW_M5<lhL(6X7i;(_A;u#!^-wRyC$5*Lk`!?H%Qo
z#P)@kzzBwKaEiX%QYdOfA&YpVJ8VG`qh%sPL6VHGcqMHmH6|-bPVmcVQq(a#L*Kn(
zD^ae`EE)B9i>|(7xVUU{L8+O#ELmP<>jTPMcH~0I?9J7ll*U~K=2Hj4-h!<~g@q8u
zl?l(X{GQy?Qigj>#*0}gzvog!Ef;knuD_00tOOzSM=-heGtrIjOu@Caa5~tk$eBY$
z3EP(j*=+VkN9KL%hsH5iL92?D`E&ALC+~m%^W^j|Cnw)Onf&|Te}D3R3Lk!V`j^w6
z%^$x%Jv}-3{;M~Cy}5ezcYgZw_j$d#!@qt$`JTP{dnA$5)4%*{RP$OAAJ40aC?`1d
z&jG70f`}QQZT3rZNLeOkrSt<V^)VuL5WKbBf`d!gvGFS(FFGYi2wY|_d1MNsxx1aX
zP_b1ZN?NW-s!e0-5%?Dl0LIRsf6%^^m%C&!u2{<J)d(OBxZfR-2LP$n;I}5G0&nv>
zaW#B7P3}-jvcowAxyi}1Jv!2U@D-yWTOgXEArL~OOpUi8gl%e>f6;{+u~(boQlcbp
zKukFJ^pR)~0R9tutz;apGb(gS#-EMRCt@ez&ot9Ss#F5>ObsV9hq_r=1Y90zOEIu`
zUYWgW9D!;HsW+nZ2WHVs`VHQ+C^DV^^gU>*FwJ(^+yJKU2dE=oOSQ;FuJ7?u)jP&E
z@WG(=12~E<OyAbuLo&g&9m&QN1R149y_7X58@dN5|9UBkIk@+&xG60n`o?C=c^1DL
z4S=<sggV!OXdh+!e3G)xmJ&|*a5E8aag}K8?d{{uL56mM;s(1jTNB!pdeYqAIErtq
zu|^+z$vV-<Ej$V>9-DzH1`<Igwl;U8@{<{xW5CMru2Hl=zt-t6Da%*|87$1g_G9$S
zO5Cf(`93G#NOZIgyJzOl2|aCPhe}-~nz0n~W1Q-MWu412GCMUPg2RNNW@fo^YBhir
zsbp$^0mr5kD<X4R$fc;jbU_Q6@XAxdu%yYIdK7$i(7ZE}oa*pqciP%1KGm`m^<r3l
zqxR_}qtc9SFI}xAOOmd08cyBCxH`#&_WnRS2qjk*dKvvqFEYwk<U}$?UYRA0zg+vp
zWwb_??N~8k3q|FK1?Dj2kk4HM@T(E%ZRDw4R=qzDFNYH1uuN?MmZ!pr>$teOl&&_f
z>nh?Kyq(WPzHsrjnjNZ+gB%Kc-t)Ak86E`K_(75{t}l@+Uo5N10|U=4p6Ly*F^%Ni
z0M+4LCgGr|w4D#F@lX_#t^qes$3wP4Oah9vUXgt(0J?c$D<&#o5{%+%YNfAe>t-LJ
zykr9uZokGO5i1WXJzz+0kCET+oAq<URz*gu_*jmk?;NYS<9$_on&#<*W@_18efuI5
zDPVVMD-`Rdsfudq8!16;)E*_c0N85A($uLm1E!RR9IGj-Kd!!gaYp!*P0e3kl7@^q
z1}d?@7<-%Y0Sg|w;MkkJG}Sm6y0`zKI<B7l^W;CAY6pM5RVPlVZipxmqMvZ%x^0=Z
z+bfY?7c80TYCN~77!#IPWdLF8N<h#RPjRb2n@jc&6Fs4eylO6((2C{3fMt^nn~Mrb
zV@X*UlM}EOn&PaL5WshU7kX)4<b-|T5|B`EY+-6B2Af*}MZHq31Ot5IU#LPaq2J}A
z`kh_+CWsJA=M#D_xT#>JSU?U2`@j(BS)Q%Qipz@Lu_?J$0*4#AfHRpB!02Zwsq>2a
zqmR^+_Wdvnu8?v$C$dh|p;(k`V#J});_qXq8Z@X7I*MJrX-P4%t4M>L$D+@<-jdx|
zZs@znlSUMRi46eSyafp;TkEJHv=(T;PR<f0B`w!j<CRw?CK@AZ{cTk<u%bEE2`d>^
zNv;!^DN1IgxMR6ZO;D%7jZX+9CMp1D#ze3}=!PK4lI9E6q;jul3Txyms{w?p8D=)<
zTuIoxf@zs4fy8>e-scw66ur#;y{d<hXM+b18R4f`v5Ka&qN5_S-%wjQOGmuGfH{#c
zaXFh-6A%T5v=V2)V4h)&086QwlD8t#(~1GvASy#WHN+^hZ$oCuQj*pnjW^6R<P(gx
z%qr<_)QH|RiT_CxWea1`Cu@eCmx>_ED_$~#Yk)<>VW8_A7j}Ed!-i?avlpzAO>icj
zXNoau=|x*^;IM;f2vVimSkbQ-;3P_+&n0#GhB`mSMThm^-iS2LpVukf);!!KUtn^N
z1oIZ&5ao7Q0hOv-&6X_b{q~mTMtYstN;A-;3A}FdG{z+o5m9Kak)F1gd{uKP9(5h<
z7V04X*k?7X*Kr#*GAN=vmAM#KEa*A;T}!~x!m!ooF(K!~sQ6PoAqG3DeS3_<nsi<W
zl3Bl&suPFeoQX#ASCV)MCUuiCsTOo8vW%5jpdGdUxMk2nF@cIJ==wUd<{zu7<h`}h
zH!mZfQHf}hCN2TYUM4Ehyfe;m*t82vAp?zze2s(o(pfZU@QI?jP~B20Pfll<I?$cP
zXWQF8_u|G>IF#P8xwh1}U$yB+QEkrN7JWQ?Tg0a}kTr_1mh2t8NS)5s#KXFFs<;q_
zYNJ&y5>9VVA|g7*#&kd=EyRPx-QD3v7gv|?u+a+_@P|3=qn*U&nlZ%=8pI?RX!jkX
zL-g=!@8PeYZijZf*<$P^Q*VkU2|b-cnLwJab&y`Q<YhW3Xj!e%MssFcA5GXzn~Z#D
zbWBL7l#qM1<{O62c+9k$)y5{k>_zvpndL+EGA2jUT&-TZr8kVl<rD2?e9Q)*cW@87
zv3p}Mh2Cv!WN^oB0o0_;D|eBb6swi(K&aRrkXDIw;U>XZSr_aN>TPF)4_j#6i;`UA
z6P>JYoi|$UHW9>VQ=oaAWT%BTXst{B;_6Z}>62XK$oBBwIKd4qX}!t~lCjc<$tRCJ
zVI5c|BOdWQRp$X5i(tr*b&{~it)$I{ZYAXA2++f`qE)hFl1LG?+zH{itZ0@swYv2J
z5Fl}CUy>_`#<6fG`(9f>i;QX$)x6FV40YtydQ6bshN1vg4T)AdK1WYNV_k@2sb(R8
zWp0h9=+ac41w~n-34ST!A{u8jxqF~xDgoetRvas~ouSm`3RwB^aoiSdrkUqmIn(X*
zN%LFWHtou&r&jir%+>&F1|g1UU5OQ~cmftcK6kupD_f<)#8Sj<Q4mEySkjZF_hi4c
z8oBPf1L>?ToEm2g;%3Q?6G9<sc}zF>217`|lU}mO&AC!a9fdNubAt(CU8YWhHzqPp
zO86c54t(eiB{Z*QnRt+-dJxv?h0<T#bj>w4l4l)tK+{#?rJBklR7c!W1afC;uRpLX
zQ~&xncEI%Q={;ZMnBC8%F-_{^nv=8?MG-3~skMIE?LCBnl=n<RFpx?5@s($AuLa9l
zNh@%CY6MR{Cv>B!t*x;2K)A~Qoy=xRM{;Us+BF3*C#n@-HgDu~0Wj1l`9_z3x95w^
z%O0=~#0f!YLqPigdTz9dU`kFdvSR7HIr3n!yve4nwnxQncNE1JrI7NiAv<ISF<po?
zFqm#WYT}QYcwhG(HSxadpFtCMc-YomwbEJJxaf3x>kUlaib@A6fMiX{I2$P0(9$UI
z&Ih`l=B(0qRK_Rp&b;@pB@KX(yO&nWoQ-F=f<esMqSckaBejXwfai~;ju244L&ota
zCT2%=O0Joynd5f49RwClTXF1^Rg`D4IZJQ)&+llWBhJDx!|I%e|Mb=^n+P}FGS%dl
zI>FCwK)$^p+F{k_cD<aFcPtV2ti%QI>O(<u$wmGp<yovp$Sjq{DFmhJ+VKe^y^xln
z>*-$U0npfAilz<>ElPIJMIAQ|I*p;OP{NRv*43AMVJo|uP-O_cDbsju7(<F_Rm(Qk
zN&*25dvtNzxj%%&iOCqT$JKZUxz^M1nXzQc>{zm0hAjD1lQY`a9+FYX2Jd-|8SVJx
zOsj<^vxxfZ;dd`F2OC~pF(+kS^Muh`qJ_G6zM?r@u!$u*X_AAy)tB9Cq_cw9RQ$*N
z@z1+I-WiyO&JMwoIev0&Ug72rX@TUL_l=Rs#fn!IGhxnlXFz;P8i}vxUYaL>0|n!n
z*#}!|(@_9G(|+KdER61@MD3jLRe_}tU~f-!4xVuwj2?jmA~gy7kT90&#{c@*&8XWE
z0w4~PqP3pQgBqES&R9l%tXa7xN-i{6A+a$$iO3~Sb?%Dx*2QQ7W5pD3)4lqjWMe?P
z+DgCf5@~}I!casnIXjH5#EQY9Eg3e}t){Mvw=d)Ms1ad|WW!RZ=e@5J(G&>|pQQnu
z!iJ4nYdyJR>v-cJ(Sg^xRInk783(QMW+O<3A${A|*u{xgRQW3R8Y*Rla|5+#;tB=1
z7ecJ-DS-@fHEbfj^JE*l7hY!0b{Gab?X4u>JGKrWI&WTxY9(^H<b^5U3;SHJ2J$V<
z_?T7X_7Iib%lwSI6_xtu6=aZ%T$k#4DVTgKDtP{*OcHi~hbhwjJq~^~%<=-HjgjqW
z+G1lV?c{SwE^{JEJ-S<L0o_P!o^dZU-tdtWd)lWbT$HUD+*?zv4?K|Svw0yMu%AK%
ziA@WEVt%w@i-<t0_O)W=0?^@-sPb3MHS&zYYs+;#F8tnHW6X<qg$rP{?>37jUP2zL
zq>k@72tuzR(dpx8wp+~UrsReVMyX>(3&nN*uM#d`1O2}ddMq#Hlw1(W^F_v78pf>W
zye^uoYLU{DeysUD%^2o0(%ja36Y~xEGoD*ukyj-W*xbIOJGMSL>++>&ibt3EQG@^4
z;z3r1gP4XR_$?B?nCMKct_VC%v^}KWv}*{ew$r}ID7sU|+xoi{dJ1JljnlP5r*W3)
z%-IbibQH-Q4b=d-5toEDiXn7MitI4>gQT2{-RJ}s2zOgDoh{WN>LfBpZc9C9n?;!2
z`ddx1Q4~#4>V)Zy@MNg})l_K-*W+uhCQPGbvJe=e+dBv&B$y?Xv^HUT6)Ebn5K`BD
z>h761&dDvJu}KfbtYy1FAca(?Ek{wjXk)Z#2NM8KY2UKwABZUGCX^J_He2fkn~I6$
z$Hy3VqiyQ3D^;mdl^X+AiFQXI9X?#y+FX)h5pJhmx;;zAfyuZR;Bn1Fo$GaPP`-8_
zQPq2cDPWtYcSDmH7}v<T8YhhyU^D~Ae>rDmiE}qw_j9hO*QA2sOv9VbaPInJILBni
z=?Gm)t{84xS<#A}VLiloX3C~SA3`gU^0|&6ymp+SX9y;t@gQ6f<|wjec=zW-#eW-y
zmqgD*H=40Oj&l1o>WQR0&`BDquw<^Dx?X^8ZvfC*P@53|GUnog^2)csPsN;k8COQq
zp~zRrG%;yFRD|bAR;L(0ge+9?su(`M#gJ|#jWmxM8PMdr*wCU_2H(ecA+f@)*(45U
zVN~xUCGQv|djhlLxgp|R!CU5oAQtU{tV!Ga_$8l}jJ#OVJZG5$#Eh=7!8X&XqRA4^
z0!kF$%2;(Q$x_IQtZ1_2xrNBgEu3~Bf1(hBqDqX}dSq$ZV_ln8FVCj9D{lLyWbK;}
z%nOuL>ptI9-P3FUh6dGHIGo^K|Dqi(mP;;I)@R9c=Uis`0WV$Nl5VEDSmshZkW`Qd
z27yRQPKC?@8B;OG={+RnC1O>SV#Q6Ayjc@F1Mp_Gw<J<~hO;_X)7w;<`SJy+Xt`jO
zqC@g}HDg{-)BV;M8(q5d*w*fB^<w+Nn}obG6d?l%WXQQF6BFWTN`+$KI5qR%>a(%V
zE9pJ7<BEFX@PGH++xTK@$IUZCv-u#(EPdc<801Zo6GiCM*OLg-?x;$ze&glC15ZZ`
z2Hf5r1f%+@K_F@r2v1pFsm)#b<+Kx^c1m7xgyaL-P@ZKq<9UPc*i1mk3#9gyG4xAT
zA!rzYK8R{bBwy88MRO)<nXSFc>0?ep_;AhG2iyp8hpfH5eb_?U7EjEC1=R)<pweXA
zrswwLwV-+I14}g6N|DtIJ_wEVQS0G1rM+tjAm9F}bSmNRdPHnjqW;$@2Hf<Prza^Z
zSRTOh5;^&@S*JK4JCD7t<MqpzYCbj<#abtZqv0+^mP*1tR3-JkJQ1sv5@apCIib0q
zbw#NT`w|AyU$HQNCGG<m${i1bd89oGt*_%WOq0-#W%k>3`C(_WTym%#7F$-e5>Uz8
zLU95!);mkKfiBQM$>${Z2QIc-*UIKK_PO2;__zKFG2Cem>G(+C3=)y?v+Su#j=k|W
zR`=9fCLnUp$K=$tSH@fC@G<#RqpfV>o|X5UJ)G-|ugL?imJ^+<d=3KS`ETK$ptS*&
zs*5z$Ih%-=s?iyyPKnnuNbNZzHBbK%vWkrod4k4^ZQO;2F8@9Uz}~pBLHgc~MMHn7
zg)GNXF>K8kuwdvtt4~t{WoKTXjq4unR^D@y$VtjN&xa>1N;IPtm8=Sx<J$6B^Nivi
z?jF%Uf&Yo6ga%lK#-1gUKWi~BZ&8_x(hiI%H{|EPCcGBjt;V=yNdWygYW3?Dee=!b
z%dx|xo-u+Td~Od_gvSruJp9MnRlxw_-wuwZwOcQPyJ(TH#$@`E%e%NTTpN$Ix7J@@
zydwJBNX@0+P8c#24wDrPV*HLZZ59b@Tq!A+ce|AK+TQfo)fY_ViKaA+cfGAeO&&DB
zxYko{c=4RP%4J=$rYKP7HK8>eskM+-h&3;t8~wyfc%%ulYo_$l-uG(ozAVaK+O>&>
zw2Z^pOAA_7pl-!4PWy;qh0YiGuB-EMZW4OhesC`BO@1ZYV#uje$X$V7+PW;{JZ1Oi
zGNn(?pb0VAy6t{aNsgW#P02N1@r;%k0)kmoG;^QdBrZzZ5D02}azsu<2`x%!PBLbI
z#WaUmqgD{m**+HABYQW07wIU`<rwdGj#SsYboH`vRt40OzrJ`iCEsXOMjy+_)l~o0
znua?*=D<d6-5o3hG5Wm!4Cv_kn?8qMV!-_Ngs^6UD{5<*idXMgF&J*xk)-hEj{TQc
z>I)$`lrp6ip~y^<I-@?n5n6wz<mIcYcduSt+`M}EocvY4fxE)<l-!8MT<lSJY|5W5
zC}P`ohD?~yys4uIl?P}}E^}VlD%XD5FUdr%!$%ZVZLMB#2=`&Reu?_I^%f6NMy{}^
zt8MzAp&?3}G9^&sl>}RZ)&LWs^QrkBkEEcXI2YDVLqv(i@^q>B>GXICIT^>(V<U)V
zCRox-RG&>vW8C^p?S(fb<ZF}M>X+E~M!cpCvusLO_Pim)TflBr&)ml9u+0U(*I14_
z+oGH1L{G7^IgJ|l?)C2Nz}+~a6}rTiZbKqgE38Jdw2)_U0GF0??AC`cXAMq$n7d*X
zp!wjI?eJG~dq+dHU+a`~f9L|JHNdY%RgTsrwxq#>(ns34ZPfX@R~Ikeyqd1kU04*$
z(?amv57E%6qir5BYsY-yRPxgJOMaQjj$<VXk%>ir4dxL8@mmZ=p3sRJ;oa4mYB@%u
zsg`Cynx0u{zFJ0S6a3;G-?LEI9gUEGW5#e}L4Ck#=~Uq=Sh?bu`_qyZ{W{X1Bzd?2
z-c^XSTWna&9InD2WP^$$U3nIFdv49$Z6;WhY+|d=%z4HDz1y6%!@k?RG4&YBoU!BK
z)7iQc%IC;pgJi*k&ZWkz&9Ze<2vA!`=mIOll-g5Ll>DA&Y~eEmE_uFiP_$fZE{#{$
zHsrrie>FH4gM?v!y#4wH3ipD)cxOdNHN>+d2$@VKU{X5yhmx7o?38@R^!p*bp(=S&
zk%y(QWm2JU;TeUkiuK;~)8~qUl0WfyY|-KB{KLX}=sn&^zTSdE8*96j3Y`@>jVYC6
z_&g<Yy~=og*Ay|D3k{OUi2A{--;z;(enIzi*l7jq%>AoTR%S3Lt9|x2!zOgFhpWsV
z9YOB`68kUQ^9a>`2cFAiB6%Fcg<D(PHYb<YFRm}!evvKXry~NWy$bS>Uu5Voh2HE(
zR!x?)xTve;OD+L~F<wB~c+$ziz)Hc|8$q}lXzxO8XuSB_#TB8o8of%FY1~mVX!>}K
zInJYdsGr-Re}=*#dbi*3`Ia9mV0ow27Je*0P2IB5ek{NL>LY~W?|9O{j{fiByW%;o
zIIToE%5Ttm%9>DWS&0?yFfe2CAa2E5Fy>v(HwiX*p`Zi7m|x~fD+vKNx8tABNX{N~
zo49$N{D(FxLbZ?V&(EXFmp7#fO~qGjD@sJ3vm{hBH*QLPjAwiN$Gl@H#jgI(nr1kB
zZ}(y5YY%^X>spVQhBnji*4j&I8Ho0xx$aq2(p;)}Yx_%%wUhIhoK#8S_3!OH2PUg?
zS6sn%-r#h+wmC4qChge?2&+2YqNVS*^W(Pv3VtK6xrET1P(6CMnM++379_VTrF8P*
z2b!kkb3B9RT9PV*3FD>|1I?`$`=nYIy4KOniz}ca$-n*a2}p9EJ^SMm@8o~nypz$E
zq>t)d+*zC%A6wjtAqH#;C1qV>c&*~4dXvNA3owMVIW^+tw8z-kUwLe-NpC~O6ut1=
zhala1lgVMG2Y&W%tx^2V;bC5?`{8eUQS|wbLrtBi!*1|5caXO=6!<n?d&9Y*DmtwR
z{KA+d^z!ZX53eu2c=Z~_4WnB;7RhR<rSfg!9^-fI(EbWeTORAQ%RBD6oV@+=y5*_c
z@W>5YP`aMFT~()iJ~#pgvUfW8(=8=c4GI*8E2oFF&3QUZej#_1>N$=^$a6H_5fv6J
zb`GwK8qu)eQjW>MJjVNt%%b)WGM`ehf5rHjlrh+A-BtICuB@F5z7yS#ZP|R$2SpUe
z;d&p{5JCn;so{T~ZKX5V44_dTHj;^>p)04F*6{k?AKp+GW(wd}c4D4DVO(^meWaUw
zJTP1#g=BLm36<v5)!}PymhvGu^Uh;U4#u}F+x{+?CF&iNUcGNWI$xM)*fp~?XIP3#
z<XdFc^gY;i+F!vPFT#Lr&5FSIW$Q|UI>Y)*6uEIKwOvX(?9qRwwEBIT^mpB=MLHsp
zP2Ft9{PLxiFij?!)QgNntTM8>(hh#2r<X6c-k74S9z;0?q@(>vCxS-*)=eTE)<!<9
zy>|_JuTyVtXb<`&Vym={+=6~Ti1oX5w&16=^|n7H1E>u4*!1>hD^!M^^$%R~BY2K^
zKpQgD#5Ej;g3-#^ONZtnrZro0l2ZHwphDxAh`Ae$_gJJV%harh+%1Epffa_s?Xg7D
ziWXP~o}}U-f1qXRDHa`-=70+^1dG{DbZDM|;5zW>sy}AD(%8=$A==Tk{jQR{aY`yS
zqF9E0i(?ndiAXA%nbMZ5dSJ{iO+I<@1Z|H`{`99m5hxIrvV^a?L<rvXho?`c<bPkh
z@rCpgT`pH5VimRsCd4Hy&&dC{{`zf$ld6C964prcYK_?8oRXJL_?>I(qt!B4VF}=p
z=W_?zmP^AK4B!Y~EKLD&wZ<|YK#~V@3fhGY<_(5f!h7sV0$n&G8NXv>E}`_eKbOQ{
zD3?qskzb=%<BOWrC7Bn5Xur<Lh?=%-50T!?rkIhgu4MwrkrxCuLxhvB_0B6x6{kT1
z$TW<HW+Gp}tOfid!VNZJsm<bD7Xgn=e9fo?qqA?yT2^1wd74E4$F_QV^kRbo#`fye
z3{%cJ3V&G5(d`tFajS;jZBx>A^JNiKwdq{#Cz=ylS7HJ%^d{JPO5W!LaFx#h_c#W~
zTuV@!?Qv$`#Zr#Jx_zJb(6g;q+fO@+W~QoEY*TZ(VrPom8i3<ATA<{MoRw&gi7OgK
zJ2l&22){xZTAeX!*Gobd3#cw~A2Un2ViXzwslhN@GII6m4a9(hNUTJ$ishKx7>5b2
z7GNU=PYHP?MFog{in5*{X@S8Zm}D}`MB;}Nz$+0eT~j1a2|PrWjHaggv=WPof~8YJ
zUZ~AD=LxN%iW#b>Q<m0BuGTrCOGZSQGK9yUlf)sY&!EWd1t$SlEu8VHq~#ig7c+N?
zSz&#G$PtECVYNoczVeIvWOPA0SZCKG>PvR`6Fv$e-sa|#V~W~A!5loWyNjQoe}qcH
z;LMGr$j#QXacZoZDh;lxX_l=g?1N&@{GP=e7Usf~R$UK)RcE-Ui;`7{+jE5d$OU9%
z9Ko%Tq@i#@T_Nhh5Mg%D%C)8)MR$CG!)@ztj;X*IO_F%ZSN7E496@(<siG}voE@SP
zXJjqTQ55f(W>mgvoMR~h!Lju?x2?#zMNQ5FRps1MUCtef<84=)^I+9E4^*G?5EVLi
zsnNN^gl$u&^Kg|q4^^x45Y;*lSg-RS6*~`7vvY^4om<xJ++nS6SG#kY>YZcjcWza|
zbE_Jj+l;{$bv$>i<hkW6AFP_^!RmP)xT5DFYI??3^&CS|*Z<r@UC%A{#pnlitL_;W
zH;z}Y&TAIoR#r2DrX!6~t+mPl)zndABPpv@(NgW>rfuYQ7Y1&8{1~cJyR6w6Nkx8K
zY4c7YQUrghi+B~^3E@|V>E>jd$Wyg^^W#|VOz$br=qxjOK7=}<jSrHKO>kA;%VOIt
zEkZ*sfY$&%h5N#0&SM#kZCtPY@vSyLw%5h@_EtihYJOs+=rj6^S!yBQYjcIdiJPmn
z&fbCMaj)G+P>RVx?J9+cF1szjK#I=48T9lZd#ahNPsJMNn6Ib%F`nIMpcF(onQNeZ
zU68V;;gQr$x@Vm?MM_(C-u=&4yin>5(CxlG>I_5&`5Rh{bSc^A+&T_~&O}|A>{$Fg
zVz>YSy%NUzwrAt?2-T#W$_k+e?bw$y!f3KoBG?3koX9n$1WqGazEqvHzOwGQGh)<;
zvsj&g3GH{WF;-Fs8O2fr88dexfQ=1K?=|x^^gmXP+pJKXajBYn$JTPQ7qRDw>1&fZ
zuC|8`^{8{_9b?85>S{p>zhoL*nHsyElcc`nNi4_WSeRE+G%LYQ_E{{bLvu-1)de;e
zAO=)#nUq+NnXG7e$5Ja<#m>@|8a!*BD9xb<QFwIS0@#c<<Q`9_$9Qh`fO1CB7-d^%
zZQ(bxkZ2K6vJhBe1%Sg=%Xo(zUNoYPmV0eue;#Rj9<n>@e(K#c#*(v@qP~i(4cy!8
zV~9~{6&<osE29iT1MyRs0H-Sgj5BKa1E_3})F_%!0ac?Y+Tg1|fYlb3<bhx;C*W!n
zQ71U-at_R-7X)_{O*f{_3T_ge@lKT1IKNmE(G`f=8b#I@;nj)a8b#L=@fA}H++49C
zU>n_v3JL38@p>3u?dVVkceHG2W}`g9&Xj;QS~$#eO5W%LZ{*^kN(Po9t1AnEy7kG4
z7j(=R5E04RkZexV(cRWZV*DYjA02-{jJ3Frv9?F5LwIdzNsP6wZ)pY$f=ER6?ju7@
z;58O-B9d$jECpU4&(vrhHDymM%v?*7kL;i*iQ>_q{1|Z?;p^fK|8ZuoQ44<;Yq$xn
zzqq;_X-#mR9Iz)icl>HC3YTb6Z~~af%cfi3juC&NHTvz9r;Vn4sgBAfjwAZma3{19
zI%T0be4FB+@lGL~KMaiKfC?GV4}cwYuQqpoXHGwDRYhw|e5>&i23{t84$e42^ITLI
z40DF2_)(5TV#A2tyzJ7+J{u)FZX0XWoDVw%t!Nr%lw`7GD>_=vQrDMiX0Eh&*+epv
zij^x##C&}4hnul>bpJFm+OoN}4v?6euIx0lR}O$Q+AKlE&c-S~#6bhF7Bt1|?{V%v
z(y(k7{b7f4w4gjPoMU%iG+w(|WO^(y#=0_UmVB0&Gb8qlRjz!N7-L--M{^IUZ5uSB
zQr$+83|V4eu0~M|TVh=6$|%wvOH6dW+$PPa{JGH<DZeF#BvEeV=KANd#5m%OIW=2W
znem1W7vasAW*Y3>2waQqrJXs}C?m>Nfvw}?>GXKa?AY1`T5YSV`Q+aS%M+2B9H2Qb
zM>bLk>5UD*wP*pGw6>n{I|lnVrh{7@ttKP;%bf-0MohM-{}Cu#-OH9F(eiSWF`n@i
z*V$l-oiaJn&v1eSrb$tsX=2kATZwXgW(levM;>fVYcw^8HX=z~mMpKb^+%S>?fAuq
zkTh3&LTzP3w2)aDY_$A1x0Pt+S!0e--?IFk+|$yF-_&<)EnKJkp3Cu>5j0<aJ!)$Z
z#Ms=5vA3VzD#W@S6{JN3w7ZMCD(Xs~Rimd;vpQ3M!|u*At1pcvsr0L-;k?H7RnV$p
zW&WJ}*U9_e|2#SU%gM?2PbUBV_urqqpTdXVo&M$YXY<GJPft%yzW?gYUvI8n{hgow
z{C!@p?(nalPrhfb{vJu>^z<+PI<lcHy@2P{M3fVp(&rEXIf|Sa?%novbM!amS;i>{
z1e65D?myDT-A?@rR^=aR-!G#5jd!<vDlU`}#1Zyoq>ULL8Za;GA5&Vzq&$9dmgQd}
zRt+KCBdI<Hs{M)s)o`X;rU8gQ8`IW^C^d{fizFHwr3NnU=%xP{r53&(qtqUw)E=YM
z#?X9>QhSV2dyG<hj8coa9;4JAqtx~grG`pdPpn#G=X8CpCQ$9aQ=FPq3oKz5Nh0dJ
zx)FCQA^@dhOW2?QC8oNzg&11`SRXdY9X5oG)+twN{1$7>Jn9yA%u|-yA0n5S<|dWu
z?UY=Qk|n(08YY3__qggb@Nq1^<&|XF9Hk<fH?Ya2qZDi9aEB(NI0PK!flEf@Qq);W
zO7;)!kB(*d*#8@+HLa*27-HLnaSf#f*R^L3!Kc`Vf|sz^uUR7UbQ{Cf28~8!0(V%n
zi6yN|o2q_KGoJElZ6m^Pdnw%`h|JzxW?{-^&Iv7wQqW|{q|@@V5woo!>@B!$Rxfyt
zN&!$-Qew6yrKo5Xy@EEo=&maBO7)URiYT&G<r>Pf2;CfK9JsR);!R5;OHFCde|w_z
z-$d_rb;dxku}Y9EK5jsrPII?atyetzoGe9M%IV8-KBY>Kr|=}2l#G5|k&IDUk*80{
zisy9|3sK;xEPwob#5RmqR<;B+a1|8zY_*hV<W>R-vs!P3;5e18wxW-&@k=F-g}M8c
zq}fN_7#8J&gnq2WY+c2b>d^PLq51x&{&J&y;9$F*vVyvNU{gJC;Gq~<Wl@US3rf)H
z3*2oqWaCi)L~He>DToB-ZSPD0o!}H5tiVNIZ3;6ZF-8By78U%w6!%m%xMT}1t8&bU
z-~;W&siBfYNmg}M@glRM<L$&dLrkBNu6Kkwrgw^!Ww4}cLAjs#p4c|9yn;Fd5JArh
zT2edwiCC?uJVhrAp-JEr(zVglxmePy83iZyW!J@7v7F{!-)XywF5FJULyo1|7+LUp
zmUmVqi7**`L6bX{r{o)H1}9zTbfpX57Nxl7YH_l(Lpu;Di>7JBWj4_1C|2z{QnegW
zFjCzd;y)5i|0TaqSd1*HXztpHdvEEcjc%CfbasUX@YQ}_L<Y?iTk-2-rZP!qp=hA{
zgBLV5TW9bFFFOsMv*j$VlFe~BOWQo`9ZiKKUjS6uO9n!_d)5w)OSgpYW~tuZ0;B8$
zT@@LV)4P8ITbtff=jALtfA{L*<(pU2Rk}-&$&p30j{OzvTE(6HXPp{~wW!GhMVv)l
z`R;}n&&jJ?)=*-HR-M-b<uqU=adq&>D?PY=iSi><!`rpAY&rAm*=RytiU*Pk@&F+R
z_eysIuf8<a6lXH$rSK1RB34ByR$Q86MVE8ixdta+(Zz`62)A3K1ME%wN+XrUS-3~-
zw%;zr!=w_ETCxfE#=b>$_>Qe15HPyS`hk}2R|zok!uLwpc=yH2Z)C`B<cQVhtV+%k
zRxHmo_3fF_o`+{8a$botz8ul9c>+(tL}Zz+6(i>41uK@8<mjr`d+vWk$VsGv9OFbP
zgz&l~IwhNh$lBWqzQJAPESz!{K-Bw0meHO|vUdv(`k8&+U*OlNzy8sNDO_hgDOnXr
z0qK@n*N=dH?l>B0T`gH&@dPcqG8}N|vMzEtN39}dDb&6xdCDZQ{Ha-lUXnS_KE~+A
zx^H3}xZ_;6AKNKA)*Tz=XdT7pf`+*5oQtFM#bZzyTMQDu*<g?~UGYGE^e4e0!zvlb
zRfE5pLv>q?OeQpAmtRL|W%}N>Vs@>+bm}t))R3VX;a}OsLvoQ0I|?4_gSRyzXVqib
z;$08z1+CZvjX$&X{bu-}cQj2)CZ*w^dX;#)cyV<}{)(h_uTx%%3dPTtVnw+(P@!8x
zxAmaulzYI&bmq#^A)3%!ln%sit@Ku{PyT|Xp*KXLUr%Z1@gh?rF*$ZQlVX68J8F_*
zrWXz!8_7T<%OwXVpcBiYOZafv<OiTw<+sef77K0)fvM$#153FVkM>ax`qj%pQf9Am
zI?Mc?*7kz7kB~1jx*!bxI8V7$|B~zL*WgL1bFB+_M*(~bn*Z92Qe+Cd?^R@UqY8gJ
z&k&xcrXZ+;AE)mK2CGw>euKeAGe&NfJh{7aoF}4G-{sC%(MFsR&qb{>-L0!Jh6Cpr
zb7C36>{^c!{6?h|2@e(mhP41zuI3m^;TYQhus~10y>}q&#CHtksGd{U%)Y*Z`dNo_
z>hj!-&CZ>{brs6??{O8qbrSGQr|dEv<0mq?W_q%X*tw*r1=;BiN0P%yWi|?=?jGFR
zqy@*p-|c}te233F5mtV@39)_VmX2c`ztip|;4OtH>dY5}<_z=B{s(;jE^a6%$0l9}
zcN25^v%8{@uX?h%%&G<rN@+{_RZ}Nn%S$r`=xQiI%S*TeY_$)tswi+Oom3SYc=F_r
zpMO3jFL?<ChPbVu-MB1h$v_yzEGN)O!)!qd@g7vFo@}bHAF_i&wQKg&mf2FV*->!;
zhC%N_PX_v>Hv`?|mIuZ&D(`$`F7{xyc{q>UPuI;c-)r{xh@5dZ8{A7XCR2Pf2Rt}k
zL;2x>%x^#cYiEV;rz**|wMZfyZ6h<fBQv$*lRBcZviFsXJtFKjF7G-z+j;~Nr8mcV
zAa6Q?>|PIJybf?A<2B}B#%$-9aSdTbwsV{#D2_RcW6RI&`9#KRr!3}ixyxgc0OAq=
zqO+67fN6Sjk~i~=BPjM{A_udJBgk4qz^I(!Xhs*8TM*6~j>tUNTQWghrs>H1(k64%
zFWrnUe=x?FKFW}B+&t53o-w#lLGePzV>XcLl~6qJz}hj1Tc=?g0=`uYiW+@(y05Q0
zPE`A~5wx|Bbl8dd=sVqq?{uHhq`#aOFa78A;>i}arZL6=^8hhT%wj5J0Qa@~@8ar`
zBqf8)VVX%S3f;l8(ZlVfs-;CE)6uG8t0GVb_tA;>t9Rn<#UZe)S2Ulf9Sm+f=T!BM
zK=%-t61`XPXa&n3q_ovJ|FLE<AZfHYmG|f?0eV}E4@w7}U7v^|YIO9$s_h7Ntjq>?
z#1GfF6XF~wXkS70W<#NkR)vZhlyH~9X1WKtns?PdolZVuWW~!;l-ir)cEd{(B2Sc_
z$Vya=N*$kY%__Y_VEI*o&>RzuLbd`E7z*7tzTz2M(t9rI5-C@L9O<8q)LFR}et2(V
znQm(S!)VH$IkT%F!pNKoW0;#jo&ODTcDf8){(&XNds(Qn_FHd?S$hk(PqZb+`)l}V
zTe(rA9AE~gNhbLvWJkZ;7_!j*Q_GFk_n+}(efe^H%m6-TP9JIG1=RQC3n~L_@D0uB
z0*wqO*H>S>IaMnKtVfqGyB=s)+QJvS-94?bGX$ef-;E~^FbsRh+%)G`s5Dj2$$8ZU
ztia#^gN-8%3yC>B?^o&FZXF2+1vIVRj=}ogFoC(~`N2zb*e3MAW}B~RmjeU?4UYZ;
zn_*^qo|25`jLb8-fRLsf4RVSxU1Y4RR<M?O^2q!=c)_X{BFE|%$$%c&@wj~8t9nK9
zdNpIE5~Ke5>c-a8P;X0^lnk7Dwy4I?QU)<65oO6_0hmPE6X*8mSd!bx<blnm3sy~%
zrm?pJMAZ=Wzc6eV4jF@$(t|ZfBZkUM<lk;?u1G;kx?&Y8(I22D)`u7sJ~@|+rp%XZ
z*J{gaT?SJ>g*#eX*=d^MSp*HmxsX28oj9#idv&i_QkT41BUc>Z+XI0RYrZNv6GLdC
z`73rM?4s)QihPqxR;d$pmeKsqf1XDwi0X!<x+!Tcl?Y*4x<zNNfzrg1vc1;b4Jou6
zli2Mpxyl%ojI8LL5_tkl+{yl~B}2C!!fhzg8$dL;G&6yYB`^gAh|Ws!AYmB_k_noU
zt5U33wPdxlz9LlfX`!Sh8jcRZynPf=;V@PQGX@|6Nm<YEFA16m4AXVUFJWvPDZ6Kx
zTJzJD_=#s3or-dC&hp7O*J$zhj?K;$#q+=6{yHC=$9*if4|+=|Nf=$XV|?ajsr|2s
z*;$ItL=)QAwjvkcTV-j38<Go|^ZER6gWlgG@9S7zdm~Gg0C41&%_rooxK<t8%hZ0U
zj)`3+6$ot3W;Aoh%RifF8A@4>@jGg-iIOiu>2tfyZL4F4pVXHu4|x!;)l@;h_cHbW
z>-xIM0orQr|JU{P#7QG+CZA^6_H)0>q_tbL`!GeAVpVgWMT$k33jurM{F$);OvzhO
zX-pIS3zuLA^@#x1dI0C+&Fkwa`A&)HH?OZzVl?qyO<ehzChs9@3{5&gBSoU@Ui*NN
zx3=mACrg?y{81~Elp@QN>QEOcts3iNRr1Axl|BnY*hdqXqKdDWs0Tu*Ta$BxcY?gE
zxtFfoH>5ZWw7OrN&<(jgsKQWXa<smn=JMwCbysEZNGxH2JYl5=imcTPT}QBKhkBOJ
zA)CggB!<v#qg8}CU%a7S_`%KQ;WJJ>dyC<0{CHth&5D)_=66RPHY)I@2?xa5Y<rCc
zjDw&5v|WA&0hEselOHkC@gVX&RUX?BJ<ZZaIQWR}Yy%h{4;H_#V5?~S)@{M&W9rm(
zWF~O^`&r1R!z9`fQkG=^`qz}i7HfuZ8Nlo|l<t@}aUQQnw)5Yc?QE2wi0IEhJ<o|C
zpYUSI%Ilg}{(L%jGZ;H<qfQ_dB7qEWCMA>I;{x=pW`t>0H$R;|gRpb9DysDv`Kz%0
z_cn2*)Q3XJFYYPNKxx{1HWf*|V!4xKx)AnD8q#XbHeZO0<_pj*i@U{nQm%_ioL8AV
z|7~%%m?R>X70oM85$a$T$p}@`7uTC)oaNOI3Ef7resQrOSR+06Yo8L=#_Y176pwPb
zdp*kKj|XIk=%ZZzD3?FV<&SJ<_<EGfe>FTOMlJ_2>!Plf{>a1jcDM$~iWC@p;D~E&
zL2L>+$v)XrkQcTA7%Rq^oRTjgOBCE{73CRVTQv8HutzXLetyyF`S7}rSno+)-m|L)
z6)kocUuBv4oFD-mh~h>+6L8p*S1(@v?Uk>$G*9J{-mx?FKw%p~M47U3>gp-@qPBwK
zp**CzL=CWd*X7G!UNyO6>+8VT8#s53^<N!x`?dN9kJ|$swObssk&Hilynf0@>j6@0
zBF8Q6upEC-!Z8?L4KasgY}uvI;pjgYqYlMw4#XAxpeHYq5t#T+$H>%RgFz68VyX?i
zkpHB+d42u#vyd~{yG&L*AK3w(@3{ldcIp5gO(;FQ7;h1LA@ZseSqH`tWfA0nx{?(f
z?Z>|Etc0v|bIOik@r<-M{ITrZ?6Va)WDvi!tXY%jWC=D$^ckU0)w6^^;qXZeC%R&n
z8khjept#1>Gc~t<!)16I`?v4}ta1ZC*~7N?_lQ98o*xH(kQJ@!&f008EpODsl?*F>
z&S3ac{g^p&+;|9*WVNg|5A}DZoL%p^wBXgUo=p?6a*n8TjT~C7&u5vKov)}OtPZTI
z<g>aGrNkJbbIBJIS|&?gv81X?c1{aENko3H<Y<x0=_>uLELbw3c{;(ix6hklL4z8(
z?;V54(Vl(Q7B56aGbfteK2HjfO3aEz0mv36UGZFv&RQ4JJ?)uwG*FmSA}*tbJQQ!@
zi#1U#;R7ndhB&3;@?ll5-bI1yZnJ@d;%k>@VPo9HGt7{2URW~3jFcgWQJV$SL<ygD
znp={aCC!C=S7)rWl>690NJP!3#6WK7zzvVgx7&QoB+x*)UEO7MmyWp_=2U3Ncju^<
zrrCqys#!UT^u$vTG<aaGn3SHnPOVP=t(|qOA2rasV7voeRt9bVcKIGl9Hh#Q<xr1<
zJu%GhuPoQV*ioJOdgHO~DxR)bMN?YQ>B8PKJe{U8n(ZQapt^=4RqAeCh#a+l4vsB#
zKJq!a?R(2m$_v2b*=!r~^w}Ai)%e=mDXySt!y&%^`*d?`yrlpAtkVT9iKxL*spAKs
z0IFiyRc8SYl5Oz<)Ai8u_SJR{138t9%E(pl4sLZ3`1ig(`;PK~)?BxaZ`+uyUtM|Z
zUhUJuDHYhv{*0-;T{84gZ`lfe(%mLM?Y#}hu=gkR`o5ESyR^NI_LXs2feLoV);&`=
z@b*m-_`((KRzfbQ5@!QP`MZWK8RdZHYeJK%f#GAM&Qn%qP+%U9%f3TaTMfWShO=9+
zQf)exPKgGL$ymiKaSO3&ZyOlQev!M}PB_a&KB-u_;yI)TgM`)<wR(EjBifLYYRPy>
zGCE_KBr94a8np~`Dp8*9Q#z~jUByy|LVvegogAFuy><%Zm~_hy?QtsMh+Wcq11%vH
zTd}&oI+XU;?S8H`*;G3^zvG7Pd|CG2+p}7_ceIB-tT=8qdjbRVo5810K6nn=Jbr=M
z?d~`A%*ybFus+nt|NVcz`IpD*zx|agX<5nhq)g#|lR~7nX6Kr&vVFYc$&)8f{`7}G
z;J<&wf1f=29RGd#^pDT}^oM_W`uU&!@W-c5KmYs>Pygk~vnNmg_=kTXPxkTh&{fNd
zmjCkP2`z*u@9E%uvZC|3ht3nc?7zQ~>$lb-RMLkjT7_!KN}c-+2BN}h?Gpr35oPap
z_fMvOdNzGxD(dy!GfB$yTrV)5FQ$nonNX_D>WA*i`^{uB`Ay@xcur`+*@ued5H@M6
z^*#N~9naI}<V7tjv3jT38D!#s<oO$;g((I{^IV`aQ1iP4jk6gmCkvKOm2@|&d6u#g
zh?`g6Kbb!LZ2ANqF<qH9-D};8gYX;eQzCA+dOQ9b#l}@@7Nw|*=cNB8BxhPpE4Bcr
zfBbtwdWIT)!Lhj#=^La9Un;@%tIiLvx%RgdSzXes)owg1mZAjU&*q&gtu;%YFY1hz
z?nA#J2-Eev!EI89r-^!1G$wk4?w=x+WXV=G5K|N^zqq>m_Ot8O*BzOpX}@*_NoV-b
z<_C(pn1g)MND=);BxkjG?6ay_S~N+WgfHDSmg=6M*2QIGeCV??h&kYDqijde$skQ(
z5iqEhU<?+Eod0BLTbzxIR&2vjro^5yH}KVG7XQ6uAZ^vTLl3iohfKs~mo;|bEp5S8
z%sB25bv86iShb!RP>UB!PHTu_%%ZddZM@&_UR~c<TVkI;s^!ndJk(5q8Zdx)(opE7
zSOHCzr-k5o<@jtmL}fi&@k%z3DwUX$7r=TTL;^*>DY?wa3%X+23pxONyUz(wBP}Ot
zVB@C1<(l1_H+>qKgAL3VdVEcsvzS{6|4O7<UE{`70}2F5xlF`8E4xbkZ0(qkr?CzN
zz(;%2+o6rN9^JNYzqNaurf58&nH?Nk2BJsLv6w8N(&+xEZ*=4%d7qQZs)3w$05tym
zpXC18^s_%rpG-G%-2LY7e6WT<tCx`1EHMg0X#;2O>mdToYGbzxRt=dJo0<W}R&o1Q
zq)gr#b40&o$?wYZ*mwRRX0MgHADY7(;EXetnXuDJkdjp;XS!4W5Ho~4#MqNtL%6S_
zu8$UpT3+A)ojDkew^t%HBY-QUhiWTeiXwH@j9c>#b#`U2)JmS<a`{q}M9Wq^6#3lg
z2f+e9s^hnFA#N=w%TPOe*Dy52B*ZH^&&iCIw`b@ab|GKVwCTcszCW7L^8HcYVA@$x
zedGCp0pg3>$;){+FCLHrS(f&<QK!Uo$4{F)HRTpsvOz5ep`>r;=4lJn+z~R2>4{Aj
zQ*!$smdc;c;q#wwPkVN($BcT%Sn;wHMZwY=<O`vteZ|U&OiEfXlJOO<%*Jc%GMd4V
z6zTTYdMX(V6CRXK{N5ca0Ka|3R-#-_$rG|-G?ye7_&UwDhONOpjO_D%M&|bj`0Q5D
z^w+96+l*E-QrdLb8UU(cQhIu*#YxzIVfOv(AiY+?^lO$cs^!-G&){*V|A_r+2BD|p
z&aiwEgYd254f`GiWH`T)VX%znS{u6qLtt)mqApQ%aS(TVP6ye?!d*{;BiF!5I#ODp
zc?@9T7bqy`FK3EpS#L>}xm{3A!tM=5C1J^&sstCHAQY5gr6T~`msT7GFk(X?NZ^BT
zRAg_jOrB_iAdQIKow(RuLf#nUIN#xbkIW-{6(W6ur|B!L0)-AM(?z2)Nm9_VvWI$e
zu5KHqa<$Q<Mq1AsO--`$Ud?Q?FMG$u$O?$*iwq<6sT_J-0`Vxcu9l+YKg9<y9No5_
zxorT4aF<@VzlLB1ox%o28b<I@)jy*sqs#z|%qpsb6qQ`5Lm~j958`8}B)2mvd7>J3
z3(<(TLUrTWZ4c**8@W#NqcL!=wZu+M*f});#yTF+C;c@SB5b-DzwTJV3D8a)@lcCR
zWs68;J6IaqR!MBpiB*pUEOr~e*tE36#M(zk+s7xQ#iXN!lF<%Y*TWZMLpFG}i~ZHj
z>|Ymb3R^W?Igv|}P{}4dmkeTO?oqycfAodouJ4Zw2px40Ca|Wem+t%A#LGWdv=}W}
z`Q8hmxR0_2_C$z0_nH%=d*(s!;pA%u_ER|X+9&n?&b@+4`5;Q~?r5{iTl2`RQ!Zum
z2y7C>0*4>7ZRk7ee0=TkuzNi0b{oIP!*1|h2RiI($;!~G?eH7($lmykA^6B|^!3PZ
z9{EjQkAC(1CM-CDfO;eDSnkh)?+TFJ=e*2mSb%J2(IZt-DYC$v8bQ){b8jqz7$llA
zmKy64cWN9o7C`L>+;BJzlB9V`Z1#>WdgWN3zc!&tDE=2EOK8Q?=W2Hi((D?acrGhO
z)19Q*0Ovgj*B#AqqqxPmGxAg7vU}&SQR6kbZuXwI>fY*Phl^JYbI}M6I-YwnK)nB(
z4<o-Ls5wvEnvy{fcTfofOApxO&p=Ba)`5Gp=b`lx9@#n1DptO$bH!!jxI09xV7LmX
zry`Zwjb+M6mPigA^n)E?999<3$(NL8EL98Zx=s?tQk`kdPSL%kUFd0D>V6L!i#mZz
zCYGVjC9BRfy1(i%R8*FF7E^WGAkC3{La~QT&{UqQkx~DfWPHw&b&|33->N^0C6#Q5
zk4H?I$TIQpj-|X*tS55yb)IShs#<sm=$<tpbHi&810#_p))e^c!v|6t>N_mRrN~7I
z(KB&9b5`T6^Xx5wSV9erWFk;JunyY){Gjm`)+7;G##7d0P2<{v#6@+hKV2`_#T&k2
zvZAXZb^<$3-I}23W(EU}HG&`-&Y)D58upugD1>b4cJ9nvAOiM&_|$3hl}mj$p~fxl
z$WXX4-MJj@qzw#nY>N$QuS2w!n&Ki8Gn(m_4AM2-8J59lRk1REPX6oU$<HSz-#?lB
z``>?mx<37j{rup3PMyz7=kv<>EZy(r>0eI&)jJv9d~`Kv?`*(P?6TW<Zo?+r1ThVc
zTv=!6Q>R6dtu4kb#BE42V{>G&3nsl*h5+bSdpYSQ>zXmT26Vd4>53<$WDg~WID=sQ
zY7AtPta2h_<r$$FE7iZoL2WvNy1+_!F^AR5ZU13?_8c<p#0EHIny=0=<ow*s1!xJK
zzkaJ{<_G+G*vk-SxuH?@l(ciBWJMP8?6&9Y0>h6hVRB)0UcZj4E7^j5z}OC+d!!1y
z-sj}@o1$Q4LM6kn%iGuD!TznYZ?#kz!#VNNF~NVFKADo+m!&9P{aDjXzu+sz?BDGd
z1gLJt>OEC2XgiDE;fVUZMR7H|VkT!o-bLMY$5=P%x_ir4;ail57r5nR_?9J=%a!mO
zZzkk#R4(5H?}DAPnNZ%n4Wx}X!P|gZL??k<L{EWU#Lxr1i1E+N-U!i)ystKUFL2*C
zk@u;tGPSiLmfEX``_xp#(6d|IZ#9oIaIQpJXTwMpc(s}08+-&#OnPUH7;2$g%M7H|
z1UL*HVkXPzeU4ZJx+thpJdNC|Iahy>w|m{{Z8Yp(#VZDJ1g|je2wrd!j2Ogs4ASBZ
zQkv==T~MA&BW6NA(TA#}o`6Mj*&>{968TF!L@x}@k5?=o1MzK61gLwC?P~XnMzL_x
zOnHMsLAbG&ZHyguJXrkjeXa(ceIN-fs=8#DSBb%)HZ4D}c4Dgrvx0(wbre3jex@lp
z4>o}rs~#AG=+uN(EFT2ZYOZV8fUmtu;kf=d1V;kA>Kr?*%xY7uE;R~j5&OVp6-M9I
zDz2i*OH+XwqGFtJA+<DisHPTUXt3<KV>%>kBD-$eq|E9IkZjhbfAoWp!DJ(H*2MZ_
zmLpoR9bpZ*>Oful_JuogMb}XO(s(w=#r2EJOOi3AH_9`e6rr?>u&eHYWf`FoacN{C
z%J80S^waO@<fn_t|M}tX`oojSzyI*}-wi33=8AUYg>jXMHP#KJlDSu#?Y%b1OAYrf
znXEHV=kzw_5_GJ}V@Jh{=Y+ca*JKd@htE^BQW3TAR`b%^5E{Nc7|&dl<IL4Z&f2;{
z9@;c5O#?NH>BnQR5$5yId}An9r1Mb6ZFS8IUtg%Nl_IVt+C-EMw%QwMHk>A+vqT2T
zx?yVL!qJ+by4@nNA=mkGOhlS_#2+Cd{Cu{zERi!W8aMY?lFOHS2@{E|ophM$Ns;xF
z#uP`1ERV8#6{S&SHeySfe9A6Wa~+_pNo--0kz*cT+~hD-mA0#^G^WZ)Y@L&sN+%;~
zooruWDXzxS;i@csJXW%wT1#73TY6+q|6J^8o9avB>o5Jc=1ozrKmjaNtY$zs+$Bnn
zY)0yB$b`rs9>a&dw?2js?>2sq;lqRPI#9ZT$?d+PCH33Z8rY_*$bB9;?HfUMZi_aI
z2oS1NsNYz{O8<h!a0QlI_$UlK{^s3lFCU8<Z~*0tPo+M-#RqO%P<O^60zY9W;XI(l
zH{H-NUf!-mSWF{lDaIfO?fRySk5N6o#Yf(~-k9fa-n~|{HfI`+Ixx`?P_E7a-)O9O
zj%X*($<tt0y(1D1W;G_8zzyD$d16P@Yqj&N)WW;1$8G74Rj_X(8x#2e?i+hVAR|z#
zq+teuKsWC=#irJ3{!=Z{8>21Q!USF_jnP5j8XN|HG@B_(k3K<-l69`>_F`kX{q)R0
zA<D=Mkhg8%E_l+~>mlw|gMxt6GR%i7VeGXPy<<@PDq$(sr@Ut+xkcUjN|e>GSvB0R
zQhZo@I8S#?!R<X<2WIz5{R&IVAO3u#WHSu&`mo08UeBLB{r5i{ovH<~P)ANF>cw)?
zl07_HF#(&NaVSSd2Oiy)QE`D7|L2)x6Bp=4*;;f*<BNQsgDh{dX$Y+=v7!}EXqFA1
zDu9XSG*e?n&DjHy70pvxwon6&sOs5#H&9BAFL-W4M#(?K>{vs1ap}~)y5|%z@qYNB
zS`|Mu@q0h~L(G1Fw9UcyK$Cyz;K0X_%g2z*$B@g%kjtT49z!mB={<&AZrt}6a`_l?
z`51Dkug8$f$B@g;^%!#b7;?FJJ%(I9hFp4X8J=&bP!m_26s?l@fE&AFY);VeTcsoW
zM-Fb0w=f)dz!!i4ZMb2bXG}`67PU48Fk>6RcmME1z!(DNl*X15k=U!1<3X}`hGX9b
zC(fteO~7{G{c(t|gbUk(o#TeDn5ZM|uKH#|=M^hAv#1l1ORjjAlkM*_%gq>>12)6n
za;PiaK)n_?Y<u`vEot7i0BYNsNxKeABF`P}lmXjSv}?&cpgEs#!ggcX9(2Iu>#yg-
z3o}NzpTzK^KGS~bmb$Q$hIW4a6%;lZoHSj-W5$+T*F?Ey<vmX<sz_PcARrT!f+bJ}
zN$L}xmH4zR_1*)!M2^)h$3ax3mRp?X)kKsN94n`OXZNZyi6+pfJ$v)|nzW3FL9EoF
z#T*ko-cxvKpj|H%Ehrbo40w9AMlUn8?4Ff;4&{*1dEq_vl7^U9WO@t^4_uGI;g8Xm
z&h;1^{ums-aXkiyd%OC`p1Rj#aJYN@%6L;;a5x)QBglrB1hHkV%=Z7Y_wL_u+t$Kp
zf6iZlrDR=6t!5<W(e(K1cXAb5Np<6guB9ZmE6Is4BxVK`2jBs~u_vF;|9%%X0KSF<
zz|qLD8=`A9mPBsiv9aF|a1oo{tVZ}txu$0(2yL?e{wt$+H;Q*7{T#(RG>UiIV-)Ya
zOC8BmdyL{;eSBcFDe4oHNs<(TT;I|B2e8XU3wuv(<!NictqXl{zk@Pe+}_`j&A`;e
zZTecZ`UhGzr&*jx7eRx^<ij!f@P7L@CLi{G>w%IFjoabHkWLWa+j9HHcVXiCxKw4g
zqezKuA3gb$z{y=z&ih*7j4&c&6EFH+->&N(5ois-B$5tDyKO(TU|r%hfquSk@{A@_
zRn^0L;X0E6Wo691mXW9E9~gSsllfc|K{`iU)y?}^okVk-$%uB}pZ~41-FN+b`fq{v
z{Q6@ra-QB)AvU4T%!jwF=bQPRWl4J1TR{oT<eZ4^n6I+zIhK+q6vD+?oy2dQ+m$n$
z(`t%tleA1b+a`#;L0sNz(7#6}2P39s{NZiw*=lbv$~#)gLq}ooNq0<@&$qHh${zFe
zj`AJL-@QG&`QnodcirmkI6||YL_c1pL~T<cZx*WOL=5;V!4*$<5Hk;MThBK!Gk3q%
z6J=z<l}5LYeYY(;u>JfLGWkfBNh`>;!Bx#v8x6lZAXA38NKF7jZpDv;pd+{iD{lJA
zX9P=S|13y)+-wKZ0ks|2qFHbwozhQsIv{F7^dFssD6YBs;dSF6kRX<-!aZ=mEo8)&
zp=Q&pGST$9*})d#*&d@mquZA`VYajT4SA!^rf1Vf-IRIz;YZW6>DjIRLp3K@MC*4B
z@aMN(qF7(()daPmc0SWJ|Ck41?t!nC^WGm}YzaacmC8y&ax2N(=nq}-*W2N=<-;|_
zLtncd=FlPf_|+o_DZVH}f_p@m#=P3Em}p<UVtt>p=B({qTWO^46U%Ovr12c^%kvjc
z`_cuxk;#pzo_nTard@6C5(k^vNqfmoOog2j2+GC`ahKK#d`S>UHiTpHiP-vOn_|-Q
z%)a}=X@!K=<P+neSh_NpZYv<qC7`q^e(yeTZr7rxUv6`Qj^2^Yp~(`4NZ%#RQ71{M
z28Q%hJ}(n|egMVXfj9Vf$xhG<uJnH{-cVmdC1lU?DJSv;SMc<`H^)pZdTT84*C@>l
zeFCw`M0dMoUWRgat25D%E;W~Sd!StFb!ovnLm%U80+FSDYliuD1HRc-{f+w0)j#Fm
z^2RjG6wu9*x(QP00@c%+D5C^cWD)QvtcX|;lxsTYTh+TPv2vdtdXsY7cUE}4^8<$9
z%fA^?Z6vs3+q}qp+R*bA&Nb%$A5ESCiT(%Wm<l;X=SWhv$olZV{)TNWS_iJ-Qi=2_
zthJ^MBC6J?Ghik?K>2)&Tb`iTOD>7Ef|4xNU=Qxd=HR4pLwX?UhcDTIVLe-yvgA{c
zHFE%eJD6@U*dEvcwi}^V_xy2)jmT!XL}{3{XX_efhgw-vBD-WhV>WtlwX*vXPfE`F
zQE*4MAxt2``lH^rz|xl1BA%t<0xyXD&7a0`-;pe_Q1UbpDg56g7kozKbc0vf-o9~m
zc6RpV7hjnF{?+{V?9<Q9e;+;i{I8#X`KL#pfBD5<A3gf~^DiF#>Fm*$kIp{(6FS@5
z3_PQd3X4CTo#C8wvBtg6NrmTg51cbI%Kv^K<Kxm<BJk_!f~sXPD<ly%4Ro6DRjm@q
z#1Z(;->uK4Uw%40J0)+x($)3MBoXQ9$~3p8Y%xu^AYAIN{941jk0z7JN0r;;F~T_|
zZxms`gr;|Y1Aor?(MNZbrH|2*LMpy`MNC5MQ%y>NV}Il-`DlUzweyXXZRn5fVwn*!
zSr9hWM1EG#EF}VfyHBsrrjI_eO1WFbv{|mDeAcZ0BkR*bc14}b{YVo&JrT&{dyKjt
zGLYPaweZJ9DSk{)#|Fb+%(h(V&%@7Jz5TBG-7{+4I(b$IoVke_0=wiwy{JB_KQc3a
zp$sx~?c*QWT7r+!3)jC~b0@nO@b<*+!`j$BAlI%;1K~Mg=U10Me0JUVb&E~Hd`s?F
zZIUgfWK|)l4>l<|p_b6uLdz_5?X+7Ttzp?m{mfcV)I8O&M%u-a)UM6AFO2MNbUZ+~
z7L(<3P`iQ4O(FS+2<bZ8CY-H_(0X{n7mWT^!j`TWq$vi}f(fZ=4BN5~CpO`Fg9HJq
zd%<e(oJQ5*FkMjPZdbxrtAbIrIfaWtXNA@-PgAlc*{P(92^PtcDw3!|kW-w~2~3@t
zjMY{8v9R}19(G6uTOu-`tmgzY`dXt$O)soA+PUdpU0mNF_h~qc_U;=$M5TpSN1!*1
zvN^azsjS=@WzD!M4xnumD`qRIWZAzM%EwjhI*L5SS{Tz>=@Yyn*%K_ugCBt2X*tmw
z8+QbCYT15xOEz}otLMCof7u4+YK%{b)S@4{G#ArKjrxyOrLC%ac58bZ_T{F0-*07V
zv_c6;<LC8fk*v?GUNmr^c`^|s)#rixRLfS_iQbW}1}RpfV~)-mQQxUceX6L&)oKEU
zU`E7Chs}0gqus7SC}`%h?F<P&iLhGuLr&h;V3R$EnMCYUIJ9KPpc4OShr&t1fh2x|
zQ@^<>XiFLzFam!L-~EH9HL0R`O96zjf|T`$5-iDtGN}b(Mc1V7GW^WY&j(*)Nt2%s
z^n02e;hL+naxB(r&wWj>Afm7IT!e?IbNk9BR3W>_*X}`6#u3a^CI991&9RkO0dmJ&
zTf{E1>Y|aODO<GbE4oQ+UnoDt%(0ZOx#&T~t)ju^VSmG{Dl*YS`yHq*!rx64M#?`@
zem6$S-yTCLe<8I()`xAad+#3J!@YN)#(Q5M<Gmm6{kypLJ_!iqsvCYsSYJXyR~mxi
zXvGU7{0M?m3&-`2sK-@#0*G&_%g6{xrLD1KHB0CrTB(<~433)-6D5))L`pjA^gqr_
zICCu=%@s-?8qU*8X6`{^5bi;$IPwy>GO+~y{U9lOBqxD=@sp9=Nr;zF_=!Y6f#@a<
zd-DmqDq?}_erX>=xGYs`&DmJkyBJ-B6P^|jGow|$s)|*0Ne`Q4)5=+vmCLs8?(b2u
z%!6nD;<N4)j4f*MFFrFJ60nqX!AvHGi^_JX2D6Qex7}X4XBKya<WB|9b7JG^g8|N0
z-Vk!2687Lz0~gJ@SXZsdMZ@!dM{=+juE>gu%@m!X6~PR$9^i8}j<^$IZ$iVDopHpw
z2dKl;W5Oi5Hmlkwo2Sqj`OvXI>oWr9<kVEfHe7(R`kI{!%eLeO4#>!B(!tN}xdR%1
zO-%i+dy&E0wY>m5uWv|~WyEgLjvLYi@xiv}2b>lA-Xmj2D>tc2rXe57CK>Ye%GW=q
zu|d!4&zm9+vepNOmsu(^GB@JMg2--fL0lTau-+`@h&tK(4qaJVy;nNH{(k*fLVCBq
z2TNr4l?Um&vj2`NJN8<M2fb656@UF*|Hg-Us(8Dpc>Ab$JE(Yjr-Ztug!-ifJEa7B
zq=dVpg!`g|JEDYpp@h4jg!`X_JD-Gmo`k!dg!`O?JDh}jn*>cmfqo`Cb~5phdsOBT
zMD{R==u#5XpCnwo*xQrjA-a*o_92OAvlr|=vSZf~dknox7}#%QtKfYv;6a7(!-da7
z-9>ipD-zW?Bs{-}ZXvt(32~i3dN+G`hmdNIdV$9G28rnYF{Eo?e8&%i?H>E}fL<TN
zdU@>L#Ur{@M1SH=M9+=~>DIABpN?85j$W|Q9XdLDaQKAbd-UcA9Mg`~Ab?wkOk;<d
zIG88v#p80pXK-G|FsuK$<gZO3PTpxxs8xtZ7bf=G!F87yPTnx=S%#Cl8Goa1GZ%_<
z(%M=)<g%ExqR>wrh+iFu(^<x6rz<S=zis&WbhFB~jn|(2=D1MHPXn7~Tc5j{E#JR-
z7GV?USYX(;6o@UfeY&IE%kE*ndzp)>s$&nfwrXP8%`o5(4<)*My0ectqVnoaHCMxB
zb>d2J1q*Q9r-Eu^re(NP*8Avoa^nHYWJT^<T#2l~HBTez^bM&f7*`)FTpi0_8!M_Z
z)-H9iLX}J(qK4^1Ufugw&fB4G-be^O1VXS=rMy1^6$pSef`YFcXQ$v|Uf4ry+?Kpz
zuH_gP7qf)-h=`1FagCXO0C91s4C24S0{59{9<J2J;cfH#x0QLxnC_qxWv>556cN2i
zRp2NkEOp74CJIk$fxbAY-fe^o+L+|9!&~!cvl^bIXXa0)6q~;+v6-&TQtX+s*Mt^s
z9_Y0x!S}xxF>zssx8~tj&$iC$`&ZBO{?CcBMkaW&&*rZwYxhdM6%B){^#znUg}e7p
zh8T4G+3iq|;i40hOt@DloV1aV=_G9PYM1#Z5KL-A%=A%|x5iX0GP^QGHXI5iWg4sv
zVx#j8m>HQX)KiKnlwi}9RD|j-^3y)cRXchFtEJwHglE8&U2K@)&en4bZmnAb@^+`F
z(OmF1o48x>(()a21@F9iw$lfFEqNQC3-;r!n(?}(yFJ%#|E+kt8}Z(!3vZ(bZ|5`p
z0RW!%yT0bTfrBcdkm7l11lQNkN@Vsz?w5`g!w6A)f!*us$&#aW)z*zEfaI^MyY<3Y
zR(C9`JC@ZQ%j&*oWp({6*PGPEwleQJ{i<q74UwIjtcyFea|BM>FE{f9TpRTdCQTr|
zB;QT-<ipkD+ao(tQTYZ=46jzyESkiH3&zD+wkb=n_?KpV!9zuLTa_t7#Ia8{n3O9W
zV~s`SEVMN0G5XaKB^n{RAUocgT`-=VTL=WnBzJa~zF30RTMFN4@kNk?q?&2%T3Dsb
zz`O3PvE8{@-{>oELM}=WvSwUtZQOm`DVPm$r+jUUQ}&mjS~{y3&a&Es1LkwBP?+@)
zaI-^EBy7Y2TfkcoO#u>D3u+bPY6-Waf!L&4MYO0@KeGkJtE5W!SKH$21sGAGcR-t<
zaFyODuRwL1Z1O;?_1KegP?hvHq{*|6$}3nVC@2Ip$r5B!DTNEVpjvIVbi{|vX$qG^
zUws#?16rn4OVuj>wF*7?)dKw0zSiF^#wx5JAt#tY88F)fD1mx~^fyu|ZmEeRsn6X5
z+4ACl@!8>_P5FtO{=fL_S12?Pp7%S*is(1V2XTML925T)Y2aaOu89|9XCBJ$m~-Mr
zY}+}14oY<xQMoA9;}4LN;>P}SQ{31wM<ob%JKb`ZTopHbIV*02a#yP7{5dSubDm_3
z>LE`)M)i;<HKcmTlO0k$<j-}fp7ZCtRL=!+U#bTKIWR4VQ40>`#I#^W9Y-ifrUo;R
z2~&d^{bVS2rg}1zLsLB&%B88E4CT~RPlj@9swYD^Hf}_VY=N8`H+Iau3DPBNa37L`
z6NDMg(QzXtSI3QT&W;=2+#NR_B8SI~*j%3G(jt&0BDbe=eepRy!L?PXSVMAsVmSIe
z0_@$0-pF7MkQ+Pa0tHtblPffQT@krMol6^(Llj3<<aCEzqVTqrXAqxL6a*U1IdUUP
zU*9DMDF_nPvXr88ks_cD%~o<__pBv126T>(F>Ii?Y$i8$$!ZEN$!0z6lHC-~R!`!y
zoWejmvY_5AF^-B-4WEC1%R)Cg3UO~WE!?veHLiDI=LCoJFbo_-qr>6gUWRT&QNA5}
z8-__my%>5-kHa9uRu9C8UWabPnpIF-M}M?i55x$l$n{AK^g?uF06mWDjo7)o*dB>d
z3k1Kwpk9elU~S{SAw3hz84cOQa1TW{2KQ2oT4zVkLvK&TD4^SY7rng|qhR*+U+nC$
z7zHu952NX|7zH!fkI{`tDH09Er+7grCcDH8e~yWJCeReHIlTb0N73sD_H}e)NYHt6
z3K2WMW5371=Uq3*!F?Y?%c^&UjP3szfZ5R<GO`b30I<JHWUS~iK*W64*;4f&gP4H%
z`tyyz2^;C*1Vro9>RCuVsv;tO!umtY(1{+XE}$Y9I`J@$G4oOD7uz}AD+^GQp_C+w
zifo$;WTTEL&ayK0%XueV44CiRq14(BDHcHX1_O*v?9qumI<aeGbYk~EH#)Iv4~|ak
z(TVLDqZ4~{VvkPj(TUwZMkn^@#2%g4qZ4~{V(-U^4JNDs<%XQOZ^@-MWy_7=&5v4d
zu%>LdplRnHRVMo^q0N;)yKb5(T^$3E^Qu;9wYKhqOK;)`YwQ#K{@k>wwVlY-#$<rN
zOx8r$;;It5&-ZL-Qi16qSz~3*2>bq6Q1AUNs5e&D94l*%l{H5~Fjm&wwX!A=F%>nR
zK#`WZRAB@|h_y0;Ny@>~3lC0O{i8<#WE4O;#|KY$Mge3LKt=&%Bm|=XvZDY(nIuUe
z$n_n~e*oJ?ggEk)O7OwiiXL^b1n!nc>Im)S9oa<J8Q-Q@U}iV6k_mOpA}QBcGyHv}
zPGimR#>_v6n&HMY+TG<HwfFCPTV2OkR!zJBmkOLpQFk|@%3sIYI{&b}gA=H*_fhX#
zu+;Q1Qlc=2D-{=bLF{k-^iU&NVxi<|B2xIjNfoSz7myUT!K>_^-#9xvJNxpBFU)`c
zYW{on>F4m@PamC~efq_tKRx>V%P;===+Wn&fAQ!~XP-WL^yR02LT7tgqjwZiVezN4
zGn{iS*0}dMsqlR6fpca?`QHy@d|XmsfnQHeyR||RVSU=I&TA7F!r%G3_1W~xPp4<D
z0bAEIlSHJaE6%9m`kGA>E(n+UE5CMP-ba(k<fDo<Kh|`byitTfI>PksZ@@0rk3P~g
z`!RX~m9<_G<LQ5@DIr8;f3zYBYc)h)NT^3{a>>m7gi>-m%ZQjP2%BmeH7jVA5&^*7
zr`KoGN1xd`qHaCYX1r_ptl5c=EVD#gYwO&Ck2HzUQv!G7W7PeStrKXcjulyOQOX+=
z)UoOC7qdZ?SN?qA@<B2x)puQgeMYV1n`ec<+4eFFp;~gGYW4BV6mSV%QU*Z^Td#j)
z`yV_;FI<&8&9z+9JPmEqh^ePc5%Gj)#fp{R+LD;;>ssijg&<VZLFiwSvn#BYkI__b
z_|(2(|7s5GhsN)=I77#GtJ0t;k<<idK#-a2`E2XY=DSbLyN&PGL&Cft76hjo-)9w8
zg`Aci?pIwic%^}OzP}AG;mn+o{OPNs|9h%mLjU`Jqr+E3OK>zJ>EZD&_Tkp2+ynjl
z9RIm<x2&G8m4A==m?Id|L=d1AH*`g$!mGRqbkPKty0Y1=gZi;1)Co(Tkg)5gxC}YN
z;34J$G2Vr)W(Ukujd@(vf0YXg?&hkZ__oYvURyuHS-!;PF(|-a`nGva*!k7v51(B(
ze%<bv(4-i(Dzoj&hf<Pfd;`HEC9H0BsYdS`qE=J2(37)wy`Jo3Z!<~ldW`mA@;Hs1
z8+N-T;PE-6iGw^gMb{vAN=@2|EY<vBO@xB;S}^)s30qbfD~fDc34mNNY@<(4Y&@5~
zp!zGQU^RFyK(#|NT2STqT*6nYf>E_O1(ro;h2lb<resaBQ%M&SERrQvBvFMRr#Pn*
zm^w3IFRS!phkEj`Lx$awe1T<nPCzpao2*~UFRnJ)Y0|GQu5T)=*N4&Gec1O})^~LT
zdc!E2!_}d+>eeoJqo%62fXZUF(pr=4b_1F2=t<d(q{#JMO{eIRp(l7nvL{$}r=RWf
z0Q64FiQd?_BdE(Q?T5FN5hp(MomaC3jMd5=x0;b9UQ;gI?|XAf;5PSdlxx;o>3Ow1
zt2gQ0asTuZCzz!ZLkgRF*l&EPq=<9Tm8RB8=4m|bGO;94fYB8!gvFvT*{1W(^k%(}
zhn3WG=uAvR)Z*ndnP91H-9)B~Da5I*aZe!XlBOwPXrAGPbivJnm>TZ&W(($QQ?RC`
z&5)=LsK!<y(S|6KOIs~XL(j3)d<n}5Eookjz?aMFfLz6MCYnbfDkT&s04&=8bjpl<
z%CNnyWpn^t&^77mv~0GOp#)1}X}VhoY(Yj7g^u(lcL1$FY-SBPtwySnM7dq9(wLPb
z+5A|~`}MN30aY&enx=p?tX!u1$cdE(8bSaRjGtqg^+Y#fhKLaQi?*_S#up2c?%a;z
z+^raE=|d=Y{abe+>nU*&vUmDyg^hXC4TaSP!F4#Wy+&MV`pra;jN^0y40esPgFbU+
zu)$Y^9S?X~)Dp_AwEP|>|Jj)Yu2YtvfNQR|Wx`q3Z^f_fAD}CmOsqj@s$@EwGCs+8
zayO?LIo@q$J|o`*CfG&Lc56ppkxbM4q&Ho-CE<0yRubf@L4DN^v}4lS=KUH8uh9_K
zu%}KcwIl++?tt5Tu<D>;!ib?wASoLKwjN#(rin<Wnbwk-+RR=$YXka!_^kiCU>jcI
zbzhHu$V<ibH*C!aKA+QsHg_ZC2_PWu%bne0c0TN|%g*ok)OqW0WMhjB9WA75Kqqs~
zBn7_`M=N~SwH>lB+2T|h-^dib;LwT;t1@jvi<<;Pe7I&`<W0_{E!obcq%)dP)!pO}
z%>==BsK^%rr$jbw5mU?eak{3~WG%>=lGpw;UO_UVxf<ij^bsHo76DUc98s3=RgM)b
ze0#ULm?%X0l(VfXY;$FGRl9_ak_mpw-|OYNhli{4aw9{cBfMJydf3mY-batt9=%zC
zeerv-cK2X;{ZxJ*m9Jx6mv73;wTAel@Ei=v9jM)OYuC&XS3H%6<%?i9NDC;YB8tq&
z!6i8!nux%7O3r(y)G;mSz(ORv=$VthhiuM!@;$@8@3L{*Qz)f%U4Hm-!Fc)Wi#H@G
z{1qEIn(YB7V&!7<A)qAo4|>{~Z1#dQ+iBZ2Nvx=}PQ-GbNUh>x#X@JkI5ERS^rbvO
zvqEW(1Dep1YgU5ILBJQ+l$)Z1oDqNJvy~<_mH^eJWYo3_AeE+TUb*KUkT%;>e_9hF
z_+cRkux=!amHymoLKjOVPY|7wsnJz&vJ7menaYX~1yWl{=xZ2Pui13uj6@!=)|_)v
zQh_!ubsm^6`;4e$dVGR3`z(|`6}{rwMk`PPTO*d>#lmJuXLhoI+BELqO$o{rl)wYC
zi3d(7)E~0B#jsm8o7f9ib9G^a9Dvy_(e=Mda7XgEJWdbDC0#7tIlHc{P0YDR&RA1H
zVpatzA=fcM5wVKc0b~%#_5g$R(N&(&ger@p=nNeJl2Uaj;gU^we(Vp<J4dW2>4s-w
zTGDdghL3omx^`kQbBHZwQ}xCiSa20EtgN@H7j=TLlsuteA&S5hGn(jUwtSy;QHK@A
z?Odu$eQYkdPHG}xf+D6N97>n(9r4zH@{Qi}Y1hMzf{1G88?K5Q39?Z;_a3!z%@~3S
zW<=J>HDfyq_MT;O%@|fJ*NlPHInltvxn{JgeB8fkuAO^a?c4znt17#;yz5D`d@lM{
zokS&cSL0b!(OtWs;fE1lfY*#RtLrJgi!S~3+gkIEE5SPil^a!Y`wQ_709h~D8z{#+
z0BW;vZ&#h*Z&hrKU^AZe)(2kVH3)uCRdoPFD-51ke}S{fgJC)sM1jvFp41}iHC_-g
z4OJl?0J2rDIKCFKol!hXGh>I#Hl#YS8L>5r&4{T~?4BHS1EQ-I*B_5tB?v;_fJNth
zkb$giX_SFR8EBM&Mj5Dcj55$D1C25e8fBpH<1woo0C<<QW;2WhYmhPRM`LGfThCm5
z=WQ!(a96b8<N8kBfN9RU<^^U8f*wsCot=fSwN`BOvrnUTHe75p2E!&bo22(Kv(rB7
z_I^sG^?3&F<z=$8w{$Kv92a$WP*;F!eORx6joDifg|KRvo9T+2*f4|CkW&+~>VfIJ
zTq)wr`W7@sO(SRRfo#`fXPrO@g5sLMyP5Nqo+)L@k!3w?;&#^q+5|SG1+jfcOhoRn
zS-adwMOLN`q=5hEO;BRv_u-K>VXDAcwn1b~ZRa*UAqX6%%J@F-TXmp)TZc4ndu5Sx
z+N+}}4KZ}twOkJm0w%qD^$;!Ez$L<kb=quCGRj+nV86<)dE1Rzj8AY?YuKWn3BtVL
zInVfFQ$Giw4d4!PO<<5LW>$ue@ol_l9qj1WaAVZz{bSVWJ!91AN1eVk?@^~8b^1}K
z?->8?I{oO^7-gVxj53gCj51K<f<_t0j!_00WuQ?8@;&)}$UyJJuMsnym|Bxt#?F9c
z{#{p|%z3&~5=_ohPY#SRPA8CN>uS1mOikZo4aj<HBwiWI`w9AuGjamC1(0&dSHz}j
z<vcx-$33y&V-8LC9*;RRV-8JR4$Tt#BqqRMSCYbHbZn>8)F_H3c>gQlI%wzGyu*wd
zjjk4{Ap5;S57#)(xT;Bd)m)R8a~O@-<XERENl{M3#GoQab87p-H&^6#!MFFZ87|GK
z4su%6y=x5u-_Cal^7HaEA3EO!v{=VrcQJ^77X04@5gWwUL{!>cS?wvNO&&5lj7n2H
zMPC#U%pr-26<Ky-{yGGa+;CS7_LOl*ij9#`hZ+=iaj~KHj<$iA3RlkT6x++tj86Mh
zhYxg!zHNM@k&h3Q?>kYeYZ1dVNE~Oo8lvffl`Cw&8US*Lr3>w3?LtE>UZ{N}dR11?
zXd1r;fkX{c*-i#9w5uw(iy;iPx1l_Cv1Jt-xDj<5TEAs%Akc;#ZQD9F5HIy;nA6_H
zAq_Q<q4p73JB+^kTjsKXi?57pUX$4lS76&%)G(V3gxE2^9@E*rrfSV+H~xULuF-FM
zsw_$aLGEOKLc7?Y(C&CW+!lof+oRARn-m&umqNpBQ)q{kgCG>wYTJ!^wdUd6afdVA
zmfXyQjnuKixu!b*M++Blf&M3+yJIS()*_7ExDLY^dupGH2CHX8CDQn`#u;JC#y(n&
zSkJaCf5uab*Gn#mZCIkUW-8Ia9oZb5wCPeb#DhzAU|fn@G^mu}piTDy{H?bT-}dMd
zfrp8<J6UI=AK%^XiW*nvJF*$><$m6H-AT}Z9a^c4*Fo;|>s381WB4#O5bMrR_zv26
zE3Qve(v%2K*PZsT1-#7Z6}FmL#`#^5HyZ0}?12Jhu{XP1rqsx5(RyO)3)}wv`jfzO
z;)E&CJ#U}YmF-)ECAtNfnxP{AetcVPSDcSvX}gE(!y%fxTMLrx*zGuoJttB&F>xEI
zK}QO_dOMFWQ}npBh)faS7AQ_BXNStn9?>|5R(m4uR7y9Qu|^wRHzjjiWN{m6&REk(
zC)`-Gy48K=T+B=fT*b|lV~ra#u9oeqrAb=@C#L8;lRS>*wqPY?ZE1a1p_yg_blg0p
zJ_>2d@X}I%&hjO$*+MPlj5~b7@C=N)&G}xknklEObhyAOP}IiGGhS#L$kvC6DGfTE
zQK<$JYAWwbtJ@Gpa{b`snsL>n*ij(uuEtaBD5#!887cN&DE8I`yC2cs0yom_?(sg;
zZRR=#?bC5$tfD5m)WMHCsxtl%(xPex)iO^D5CVQ5NB^vMvtYGW4b`M9EsM%GtVV^0
z)>Ccjx>t3eYaf7T<G2c>iB;BQmbMeeDyUiP<zErZBsy^M6^F8daxkq52@VSPJo-QX
zb6mQjaF*33Haeq5XVmD73Xjnl1!HtZjn1gi88tei+!&ovqcduBMm5LijN0Gh_j5*7
zYR+IKxvp{AXl>K(5i6R+Yjbsl+WgC}F~@1hO|3ehF-L){Yr~D$<5FL)>D_U<aobKY
z-Gg#ms@Pl5{d)5UV;)krw##>M`bjG!+NNaK=B+bQWpSkF$Qe_8fy&je9SIu%n4*&s
zN);xY^E3|08dbs?!M|k|NtqZ?VMiR{eZ3^2v0f@&pB;oH5(R_)XPnu*iAbQDk{c_p
zy;nxxgSCUwSDjb<7C0gRZ5nNPA<kS&OIGU&Wv*PT*&NudUFj5Ez%8pyQ2$k*DKwFb
zBk%(-JytlI4A`@1X0byhyVrZKWY>z`|G)~_MF+Q!)$Gg|tJ&GntY%j^*aBtkJP@mb
zcd=#d(2w11Xx&i29>5b@WQyilm5ODiml+Ge+~)Dc-h4enY&@s+>tmbyDk3CMaGUpr
zv&@vP^FVY)1(QVB*&EG`VHs0T%Let8hhCy1&1kcY^<6va=OsPc+}oJ%*2GDorb%(h
z!jI&!U+AzRah&+FEt+^?cZn@0k>Y|Ea4AYehzWnM@x1@^LX8j*V3SG_LHSb&w*&*v
zv$3Z1L3vvbk+bzM`C7Z=YQ57ki2HJh4RD9W+X8kk5!CPA8fygY=rinfP({@Ot;W5a
zQ}4c1kjEkQ9@h*4Oxn%0^sWm4?a7_Ae^*k38_9lc2N!9e6wu&>_q&fuhtL3+9@o)W
z87Jn+jJ;EkX3Y~m*q*j++qP}nw%yalv~AnAZQGo-ZEb(^`^Ro<#9r*h8<m+=m8ULF
z)O)J(c`~017^n5cX0Bwj{f{5<r?Y<9UvQ@?k*(($VYAF7Ux=H@HtOlS?b!gR_9Q^c
z4iGN<GJ_W&cMqcZ66l}9BS!X?N9QzW7l;jH49S1dcW#!qaSP-(`a8{KG#(iHZaCd_
zdmvECb9=O{epf5FiDHGD^NJJ%CvfC7^M--Sp(`5vYwwE6l3NiTvsZS1$lpsi3~u_u
zBepX8&*aJLti;I=R9jqx4}fw#DGDiQEvX7=d=LU?tGLNP6BA@z!pggm8T=NG-|Cmy
zKDRXKbS^dac@YFq)KqVoyUQT=e!X3K8jC{dISlQ3G%RHQgXz{LS%IlDMk_-*G?0-q
zM$pI!Bf1V)!GyjuhI8bc$t-5UL@tYHN?%XZ1U~PIk$$$A5K4p+){{00fjmMUl^c<y
z$=Uej&4CSwfop|sUS<^j>Xsv?4_{!vA9nPgu^sf(4g|EvFis*qZx1ZeQO5oU^o#}t
zxJGC@L2|tU97_xb6GBIp<~#ZT{p*Ypgs?sb3jl{U46m^37<1bJ<gKng8JvBu_RWV$
zoEi=p1zqxuZX^DZ4BSxP-7mH%qZ8|ZeZcivdRU8qegCr8=~WQ2S&)+J#bH_YPcjzQ
zehjX?i&|x7*Z$k6x)=2k^oW?Kp^@RgMn<=FtqiDm=NLc2Psat<Pdh3XIWz)fM9phD
z(&P4HMw<S!q-k&wbpPkHg8n~Ol*&dw8bSQ|PZwU8VN902X!{nf5n1Msz6xRX-yTEG
z^l#I-tFiw-I}Qr=zs+Wel>NW`NO{sdCrjb~o^cVx^lyogS@zsBAAnqY%#Plk8+$LP
z8b*o0>wE6_oO;rwII`D^Jhd&JAJ8XZ`+yrK$xNkW(Z9@>Xw2m0u&<}vZ8?Oz{<{0I
zE*OD54&L(9bR0(VI1FdA8_8w<)NuM633}y;#)8_41+^LVBaW!=(t7^b{to{LH!teD
zwpKsdFp%4)(M8z(7ppUR2gh&wE$n{|uxEZ8<kpc*i;Il>b67_v%ksY-HqjIT?9n+B
z`gZ7_x8vVS^Y!056ca-mSoI_PbbtT%bRLJZAID5jgBV_amG=kE!uDT@rpt&8Wd@O^
zkDTkevWJT}xqI3>t9fi)mk{2g;(Ssz=P9&HNi-3fE@W-z`vv0REfx>1{gfyKi8*`P
zg-sQ6nNsl=srp#R718U&#toMwE>KoR1IX2Pad=5I2v87W5LAY<a}?7OQTxxl6lc<E
zm|K3%`b`U-I>F339M$fg?&Na`PKoBHcCwFMfn=s2P$z*-V(94$k@%Ifr<f5+3bjfS
zhysb+RjK!hcS=0K>F}Avo%(0ao~@5AJ%B>jtY{Bxn>nL%>=S|aZ&2d#g?m+{c>Ocb
zJb($FaGshaMThgd1oF-zy+TX_@uY7`Eo3Ll7ZXw2$s0&A8s|N)A*Khep0lq}wU?v_
z#3a%R7f9P!So)*YEb{!$?Cl{5Ym9{<XYq-KM7x?S2&>ZGv~S16yU`I$a-cGbS~$8F
zf1x#k4^?pM+jc7`1ZN`juTFke?g1);lgNd5qb3rs*fjy1?EE5FkfH<s5JMm>Gv@@$
zLFn{_PLni#xWBOcDCt2chct~CPvud5{q=JbP*T&@T42pE$8BRsUdSCB$oGl<g|wQI
zks_zZD|&2U$>o9)KN&H}+LvZ|_Xdohxx^vx1O6c^%{^7yQ1klZz2Bz5`|Dz>iC{r9
z(QoXGrjfj+2#y3$Lsel_UnC+lX_9>=bmR!@sL01i5czvk1f_h-SSEvTEZhgV6~2!m
zmDa%bQHD#PqTfWXYmPds+B-gl!cZe)(B|7aq8G!R*cRd!Z3l$nA?5>AFZ$4g#~<$?
z1S!TmX++Ypd@G>JgX6#&7P*(#T;!=(>bp!Rnj1iQJe}9Hypmy_Pjw-nr`vl0ww2KJ
zG=R6n52}zNpG(|jY6Dp`5h@UUJ?W;t^A2<?xXI7D4Q#2`bf}pk8^uel=YE?3#@VCJ
z<b*d0yi!e6ZM29>vKpe8D9!m%qf2xT>wPM?ULz=pAUrND=fSR8GS0ufQO?GNL_|2R
z@~7hBAr*z$=oD8oe1>@vBm18G$qYmdLO19_i5HQ?tLXu6!nU>F=o}cw9DRa><MQzc
z)TH5^3QEo<oTO;+^&(o;8DDL`Xh(b7@b!<I8k`Nv11ewE+3D%i(cl@$#YJn0dHQt$
z{%8>zO@gs1=N8jQD{0Wb`B%+i;Jt?`Q4oz}q-y3n!0jfVp1N{6%X#g#XFcVd%O2Mr
z)R%C|8Qu3#)xer#vCDwQ%?A-@0GRD2U}D~M>FVs=mH+mbj=II3Vl7s#%QF=}w+=<A
z(Aa?hOD<$wGjrY6T$yUHGLD)K4}@qIDqCN24J8_iA#>rX;ZSN~SOmxqT@hAiYE6rk
zW2xr%_`C8K1g5~6cjOh|>u#`1DIrNd9L3hgZd5N|D4>)dMECcBj`E;R$*MA>qygR>
z0G)~Y?ppe+7wJPT4oD7otic>O%*H7@0>n_L1d1h=1cf1oY;t%~vV7xUP`*$}KY`L*
z9$p8S54wv%XyUqROS|~!yAbhJjaJ^)0~K?8makWRLs6DU<uRO`6JalzyWjI6WJM9w
zZGE)I@pP34yt?Nh%52DdEqLKVLs$|slVqwT2r7BBwR{%>t5Wr;4G^5{)42&Q=(s}e
zLlhsn3EqDaHt2ZVMI_MSyPT6Dh$P`+G@*%Nm<egMlT`DAl#1xtW`(@O{}aP`H#%s~
zRtz&s%Mcb?1kpr}B{rfzj<&vPnIk<u?ppmhakRnOHvo{GYpSV}!%llUi;B^l^6Z-x
zFmblV!!2S&Ro)+q{8pcMZa#~@#p`=YhHd|xqrdiiXLAB_T6=4vD-)h9MO3%$ZsYxB
zc0HwdV_4Vevn`O1iDj@36&jG4Yn1?Zo5@t($}XVB-Si!T96{A*R``8Wi$8TI^fXLX
zn2sZ_AJ%F>!yhf97ku?W@;Pgu%a}V5KC{{k-pX<;6b3FOgBHrDUS?Ij;gH5^-pd@w
z|7So^tar)BeUs$Nu(2OQhMdlL?3qF6t%nxvPfL^uDrfyJS49{4^%rUauP`G5JDZ72
zsIro?3^IG3-D8OKJHlb}J<*B${xE?j425@_pARajqy|Oirp%)Z;{4%<0x3%0n?QGQ
z)@S%S1lF)#jjt7{Iv1MIwe7p7)_a@1q&nRDV*=+4Nye?SlZ-FX%t^TGC~=h4qsym;
zlt0OMSnBHi9&{Qnc07PS@u^*w!780bbKON|J!f(yOiTR9!s)S|^o(>qrN`D`;!K^Q
zaP7#+Nze2)?x!>BYmDC4$HGI(e$8%<F9+w_)#ZK5PIs4w*X`3;s*lUZ(#lBA!-X_i
z6IE3Tfu+*Ai)PaAvmP^*-Y_~ljEScvhCi-`30Q}S8S3##-9qqE^)3sXy@D$s&i)BM
zp~9l$^kS8TcB|kdRNU$?9xZaI+>%9=4zsC-ep*tI7SkGLy?3uixzCpGP8Nl)rY^q#
zZ__s%djo+IVUiM*C~g{q@dei3Eln=*>wwLK^;*6cGLlb@{a@1KcS;1E9PWy|r;PX%
z3nefDGA0_Kn7vo@87Oi#t>PL3`U0t6XcAU*8}r2J@-yX-Q8#<E($aY;u%?%jQU4)5
z;=AvW!^_B{<4KrT=6kY!;t&hdZGz9p*W4wg%`~Pxro<w%Si_Z#R?R-Cp#h!UbI)S2
zM=BR(abP+1R;=t9j-s>af49e}Pt3qtx5--WJwD0RQul(XR#mC^{6Re;zanj^es?eN
zVK(M~$2(*q&JC^pn3fQkXvyM>iTnPl&YT>kgA44@Tj`Z(mdY!~S_iu48T08SK+Fj2
zd0d{6RnpV!@mpt1bue&LV4W+(cS<>~-T(;)X)j?yYy75=E+|XGe}OdsP1}UeDoG;J
zB`2Rta~{Hb(%n-HW7H}HvE){FuC@m`DmZ?|%t$B7KT*YeaK;azJI)H*C6K|45UGjY
z8c#rt=uZT!dyb+fVa12Utk)d4LD7vBl7s0Yo5?v-`r`$+(uZ7Vtj*C!nw5`No2x%X
zai|@}%kj4Nu~b7houl`l#xeUG*g3}V6EKMP89&7dfbS>{Xh1ocNO77yo?7wjQ$=A1
zjpNozcqpuPBP%S|NJkrwxAd)3lzB_dQ#nQEISkglB+KdjVVFk@#*6%+%3)u&B6p_K
zuF^wD+uf|{YPJ!#P3^bC6&hf0zLB_;`}MVU6mU+F7GbWMq96h?Ju84Sj;wQHm(b{H
z-^IT-%~($gG_Ja4#3c|wT`SH+(>>r)llZVJ5LaJ`x^Jl&(adsrG_MXE)_*6PjY-Qc
zQP-cauEWEEcuc%kfns_Jva!KHF?aD`q_t-dFi}FDu^XlxPkqkh1yUYANGjqvPPy7P
zsPh(a7mXFF^bkO`u|9*!0d@v#b+)qKF$Uc3?r?vWqee%kw+T`vKz9O=6q*P2nYt)N
z(!ZFCW{&qyb)S<X$uAZ7w)QF&=4Lqo?UEr0Q3(8+Dpd#*_!;#VFGdo+IXWMHrqV~F
zgYs~D<L=6&F<$K2!RX!Hb;Excn{M^(*CzGu7$@09Kpc07cCM>jKUCPgK6K;r%G9UM
zeNMnL(3Bvc1Uk>_<K5{{M8<?2EuHS=kQ3l=7eRFdfiqWaW_bB=fcct^X-2)QGMnMN
zeAhNu_c~%v#=Pw+1T*p$eXReg77{?a9;@L>HxUzr9}Gk`4mAk?gXTviLvk&fStz{a
zniN2(5pVN2@a#|^upA>Tru%I-!f%$rXHaitDK=>|R=jchEyzXURn^~AT+}B!8Jvx}
z=(h|qMF<aE^&TQeLIVoTRzyi5z4rR^wUQfiD$Une#bF^Sx=|4s>*?CFE7+j(RFXW>
zK`5T7<W$Hw7QrDo3cm+YFflJM+8Wz|e~aIsU?TekgP|BiQ}uF}rr%v18priz?>YaR
zw}nYzHnz($OJcGf8Nq7Qgnu%AOFxRRTYQ1jW+6Fiea$yczn<RQT<_?7-1EV~`JT!U
zRmYrp=iUu}Z2|zv?o#Yi%pDMbk#_1ImOAbG1gquc+Y*#W(JmdTyc$g}OjMA!HXWPz
zHRbn#bmhZyX-mADVt6D{k3kOb^~{0W2NQ9MqzRCC(v&JLGsp}|N|BOPcf=u3FUJHl
z*-fE~Cmz|>b6Eop_N_f)Rn`F2<R56Wl?&GYAhxH4-T@|X1e1>DN?xYT6V8*qr@AZ>
z1C^I?TqG5sQTeBC>+Sf)Pr}!?ky$+j^NH>!EaK4^RyKLN2&rgU$*#oW>Bb~0fRM^s
zd!ZZ^eehB3UpoP}QV&=^?4wNf|A<589Tr+EEd_3H*-*+2;$^AeO%2daVTiI)JK!OM
z>}$nTTIxyAiYgdeRmnSZ_O*=6q5?U~m{@C}O|sGv(E>8EL>mw$Qq+T=MNGMYJye{)
zub0xujY1VAy>XyXk#qC-amTZ9q~yM>bFKV^iFvDlTo%KazS9%q`#!upc&R8L!WzB1
zUj%8v_I3GK{=7-q-!CZ0>Gt}%oLU;9dw98&t5n}g%lY|x5~lSD19ANQvE(W*y<#pe
zI=&bb5w`X=0&julvNZ*E>8Pj6u`Q1<5}&~XP!4AxVk>wJN5;74{XV~HQjqSTUBJqm
z%QeuUeE*za9_%XDELd=hZ~D;}^(!j(Wwa?OIq=<wloWxV$f5Vw$){ux+^m`U)dMi6
zf}TU-edlQH*=_QJSLViae|bj3{i(9SuaNg@Al;he9;hrcjQmM>X#i~%kp`BGx?6;5
z?`i&0_1Om`g|NbYL4{^=;FCw4T3PcSZv80o6we%0(Wa`aqoBHEw)_PUt@Q?C+2)<W
z6Xeb#@D!+oxTLyZ?t;ERc^C8J4DITA?=U${<oo&#V%vu)@RLxR9Sf#riO5t0)MkUS
ztV1r7BN6ypw$H{q5(2ViGrO-zgpK0|&#U-w<w^D}ubGG%J3_v(OYZx0h|kS9L>s=-
zSs06;mOy<|e<U)Z<`MFlt))DNfxZYaI|Rmdt_zKotqTU#E&Lq3C?uXNc6Eode;niD
zFkU31dXRf7B6yGQX+SJ8<XpbPT)A92L9yRm;9QfWG&?Byr@Dtyl45avzA|kbD9x#0
zj*;jxaRXuCRHORqf#guulq{9bW}&q8&`bbxnVs@*-54#x4;<wr$5!+j+*9%{($1Po
zE_oTL>aELEVDk@#&QAznh$;O6QzX5_1;Q*5O(Vq7-6mX@5ufdN&8jnw>;zN;$svID
zn69;*QBjZ2qx#nhIzZ_3+z&^%I<_Awb~@`FT+?L<@VOt9^FDoC_V#Ie^pSyoUU}}L
z^B%$2SvFo~UN0?wOam!Fs<50J^G^z`!76E{=Od)%M4fVHNdBR9BrM6VQZNQ=nqx&B
zE0GB?!;DqeLtTMbw`3Dy5$7htGS$j@n0_Y_kbVW1hhBsXa6|cCS8P4QWK-c>j^Z?x
z9nA1NLPHUZt7+!SkXtT))UwA};ys|dBIG}*(C;N@!vGbbxs;`r9vU)M$+rix`2iH^
zYslU{e-OLJnR@m3?Y>1X0^Sb!$VjrKA5soaN0xGS(RjPDsorAQh#~6!7Wcn~5I3n}
z$41z2LQuj!6Buja7>d9a8a>F~g?YfyLrpJ!q$+@^%@vyqYiwB?je%LBgES*zNtXG!
zR%0>8Tw3U6AUSg#YUdRUEDY?^0Lvvp;H8a&@uzFIYqSBzS392Yi^dN;fGD7BT<R(n
zYFf!;j5r1mi%IS>o}&0bl|ARv2Qfju&FyUrAPFlwM(R4bmg;kroD3uTQ1LbIff^Do
z3zo;Q&X^0TGy`&mxaUbr;;OR3{nF{o8y6iE7C3Zr21_+I$LvQmah8!y0Wq_*$lQx;
z7_$?;S?!`p_2wEzKv;{!fN2RCahr%i4Q6S2XH^EOb<z2DaB_O2QJ|^MCuk!FmbVH^
zb*ft@^FF<<+s&X!87C&js-AA7Eq5PC!<GSa%+8;vpm-yrdzdtHPqrEFRFy#HoXz0^
zA34|nrAYb?+(l;mBf}E;;`&pWUg>?<zF%8>NX^`$WL4VVK}0BDwcKHNXbUPnqrzhE
z>Q&KZuUx}B?Vh&DSXocKkVyQNk~uRC)B-v5p$q1IIA7pPV$sBx!K#5XYYx{=dnM7l
zbT>wZem|0wy`U!!8HK})wGucLia8EMO`P9wLpQ6^#KT-zKC`4+`PU)>y;bM{J#%Ju
zeyefL+l`%*cFR+i8P+wiutACD{oG3$+#NOSo(6n55=!ivM)EAGc>Q7iuIF0^n#~O3
z9l7I`+VW;7>>?&^F$=qR1<|wY>Nda1Y_t55=<t}P*4GpoSRvCLhpPV?A#4ZkDaOZR
z1Rd|Yp=I$YzCj4>j9%uq=jQ;Dcyu_&lGli;fV&g2i@7G>UX!PaF_oM8AsZ{0>;%`8
zG*#5H*YL4=J|iH=TFNE`lOWLH`9?<hj(LZ)(n|jdhA*MBvKf7?C_ySjdK?ED$P_rX
zg2nb~$pfWCzXqo^cn9k>$7O4KBdUJo2P9OK04`D`#KB2Tju?>^_HFnGYe%~`L8j!L
zRrV%~vP*fklallO!8rdc+3nv$85A&_O`=MZX|rkG2RJL8h4d4gF_pAV_JOf2D{94B
zO#=}#=7PLLA!A8Ja3F^D$dzzltbX0~$0&)RX#&BOziz6$8Aj>;9*z3N*6<(^#2yx;
zl~@J7Zr;~7MNS%z<vwwi!XmC#<$BVo8+g*`wIE|bn=$jkGcP<Z){91M_$%RFX$}*g
z`no3$yy~)?z3=jMT8XIkY7Bvi<YqE|U26F8<7MD9h^5S)jfBUQZkUkU=2rZ(Q35hg
zk`hoV&xmQ)wdum>?|~G;7`B&7@%PI&<CA^+;neioh~?LUJM$zld)2skxGS5*lpcb6
zAp|%O65rckiHV9oScI7BbEVsj7)WTQUi|}u#_K`izY#kvk>P9Ga3E@IJGcHM0G@+A
z0Uc}XQg0}y?)DR^9J9I`EVqE;pg@~u#zWgl2kmAu)*6F*eDu<id1v0R_2}0VcZor7
zg9RiUer`4t#FS$e#8^HkMDdo-iLtzuisGqQMgAu@HMRdUoEiP=d>$=lek=V?af$pt
z1D8$;ETj2SnHk<ndG+yBZV--7{Hp^UFtpV4^-IDYA(p(rlXfj>5<Jo5leFwTXqWGm
zUeh_5LOxE(Z%uttSjps^Y`<z4?^Y_`haqRh&<(+LM=N{y5`3s%qnHo*f-rn@A@~%}
zBA9npWbPS$vl+MBr5z5$3pTEGo5sTlMlr0hP2KL{z+{|n6u+P|jG2|kunmZ5LjAJu
zVrLRX)@Y`^%P7Kk9Amo1vD&OTPMlMzn?Ip^RLMV|-=USlKn#u3Lj>b01`|{QI>cg_
z61QZ+N^ytDnhhr=0C}_G_+$ckXt3ZIsBeBJ+L2g#h@9btxv~_`)ClFy4)J+EJCleC
zF+36{H?hj@gVn!}H64D(FJ&;)U8pVsEiDc<1#DntiOaG_7QUn1E2BjR1sKFd#4H3~
z7lB@n1>P`hRSvS6FScq$$b&q_sP?Sw`^i8XI-Woxaiy#Ay%a}Wh>U=$OcSxjyjP(V
zWqkB)ijk95U8^i?Ue-5XDUqKi-<(=KzfTYRnwD0%TOOxEbBld}#oD*CkX6rNUSOD@
zt1EWicNAI}z;I_J?;1rIi@-bf=T>ZZ`w+d$xfYI5GCJ&;Z~4=Qflw{-nju{e_J#xY
znXTXBk4f0p@2I%=0ihRkw`V%odzvft3@16>p+7fdS6eCUv)GKie_H9j_X1VGqVF(<
z-=KcIKpK4pG4S?(zWpj_;S?Q=sQ(MounSYa4f6z?&o54H$tG~Gc?kxded2@K;iYl@
z_rpiX+h;fjP5VjScgKsYM*z(ylZOOjTl-IzZk3{=))h@b3Tr`N%IXYCR@ZF%W9Hl(
zqq2Qcs>ZPElW?3$(X%0=u$Nl2%;^2>z{@Y+s26R7kZ5wJV+U=dVycKhJP8`fb2hvz
z4*s5+HUMaB#j6oWBmb=#Xe0m0h)RoahNCohuE~OO<3plUxv<aFqS0cjM%Epu`z>7Q
z#DZoD(WL0LSdrtSFg=IWlsdE80Q9{^YL_8;F5H9K4>nXgLhJ-z{@bH12%x6L3_DQS
z(Ir{!QJpBt)e=KdlKh|Dv5xRfHIYI-7Mz)`-rDG4M)WRyY|KyW11*1&$TEm<$y6<j
zwrw{=$emyvcc-bF1ixIoAG!Z054!}KrxddY+**_+1J+L}*#izVh%6JV#z74YHr#@a
zSYA6`K9Ln+jQb*kJq$A_b$V7jB0I-;^HvE_daAn{ZkC?)8^Kl&St($PCAwr&vN#)^
zPH=S$=t9#PI-O5hUw3gE+UkSy%B9^IP`!mkb-gVFK`J3S`O+r6d7$C7pg2&lxqd{6
zz=R{LVVq&b((WJDfyeeJzK+s@f_zTx4-9S?;g5Xr51$hPWA3nCp8T+8t*+@yK8!vc
zA=t`aG<j597(LsBpdY3Vlr8H|@DWIbAbewQICQe+<o5fV-*`QlLm%-iBtTuBLtH+r
z4uWoJ*Qt0hup0_~-roCdAX*i`f*7iCiT#&d4LN9A`i$%PMnDg$qo!+7P-t%nUA3>b
z>(}E@gHK{d?^wMqUNQkRGpP9xVhu!pss2L`)Hxg%rGe+B+#HK*U_2Ug9?s$m=yq)#
zm^Namb`OcctxsCN_1^I4J^qBi&Hh3P+6sJP8q}x<D+9!h+Y1oL(-TnB<xTNPrp=_(
z5v4*HBP9x8u{F(~X%aVk*5L2QjurcKNE*ZBpVXHeoXbW*@|+WvSbd=Z;!(P-Gai<1
z0I5Im3z*|%NqrGiW&tWfRFFe;5~;?1tVDZ)@J*uf(<Fo7k`pZ2+3_tW@2199hpkK4
zDq8o?9OdzV(FHLx-}eWo80-&x8U68GM*EzV{GqxHHK*=3LXXhkLhHCChx(m*#0~J`
z^kqL&IFuqc%ZM)4&gC^&osdlfR3w@nS{K+2DB2oA7};5jH!jb>FIdS*y-!7{-{$<4
z-Dc^WaH~0Zk2EWGc@tE%rSe4ZM0cVHdBIp6c3u`Md3=q>z|0i5DfhjAto=ZQG4ufQ
z*tMuN-+e`%26SQ#Pu`DJNyWr~p-~+r!JuW7gDK>P@O%1(Q_0M`;ahx;!JpYt2_2cw
z*Pc=uaF`;BBL!APY>wHoFkUN2QdISY--v#z1D`grP8NY6kqbXxv#w(qYr{1CAVAZs
zw1uSh(s68LXxg_yzcjPdm*3dUORP9wsIArAY~^Qg7oX*7WSQwt{@Q;MUr3cj^#5X$
zs|LcEFHpr>$gk<cdrN!x>?mxc7Sn9^r=@W-UYO|pTg*lQ$MH5`T2HlUg9Z;$;v5rq
zOe<O$bdDhNQzb+|^|y>7Q4xoDP!UIoW_#&K(X-&=NJWgpsgd>@dJ6Aw(f?b#*3w=;
zPub=hV4(Gml-j}kH|h%OUt>G+Z^APl({RzdpHJ-`>W}#eeSdzW^`VMkxX5ex57~C4
z!>Nu@q!ivi>pv&|6Qj+zwPoNXe2LV!3&uz(6_1i^#z-zJ$p5%W@erWDwkyeBRjf0g
z_qA0Eq-I6R&Ev37sjsb0?GDxA_YHVv`nEw1NhOvrR=;CdW&uy%M<Q~FtW=NI3b?<b
zlXy4;s2UFqk>U%BY3cL7-Wkb_{MAc)-b`$|NIza1zImWrB5?d%%rk`SY&vu<EZ<A;
z>|3IuqU|mK@8S%2!K-+x&*|lr#?SE<yG4<C8x3lEbeMCNd!eL5wt$CfP!f&IWjq4f
z=G&&(vzA3ujpkv&IV3&QByF;_eui+BVwC>mZ7$yUhTw*SAWYiF3y2sm%VIBS(Icd9
zF*(y^@{^N(iBAp@fJU#~A8oynA_yhOJd~<I2Z3^LH*gn0a@#!C7*4QP>Mh1U=(g%E
zBCFLzft+Dv6iI;(i)4oybeIBvQLCz3&#q$A#qZ}?AN$g;kU3y7!0h873jMj!d{h1j
zepbO1-#YiIU|ruw-n-dyiI%&6h_*^_+=KJsn85pN`@2M^=-etVIGk8wED=|6+Z8lv
zpHXc4Lk6e}VccRaND~Py5^q>28El9&N|62}W7%`XRu1Dj5XHvLz+suli(3I7_o*@W
zwZvnT5MhOUphP?-s<aofwg;xR=THp?e?tFUnVa$T;Nti?J2@$781wzOODV`HxryP!
z`~Q9aLAGtNHK4hCusE~ZXla1^23vE3HJf-7jwYR^@2-F1pRt$96IA{|dx1HmOO55l
z^!M~vKnZKK1C&ygY!6j2rzLE<&?^ijf}TQ=%TICXMf9+p#N~OGi>&};xJqfI<9aKL
zqWqUjjOkD_F8c+QYyl<XRw5)cObE*DMs0sIW5YqqJ5mDTri9<VHI|W}M3q6!ab-{8
zNsUDdg91!0du5@|Wa^5^^DHt@nM(;MI)vMev{ThLU_okBxlaL$tD+cHW_;P~39W$o
z5>_UIoa{5Y`%w=E8Que+>iSxK2x!xxx+(1$XHGqY>rEO{>RXx__H*(tUjFS#ss;#e
z4}Ih{ndNibT-r8%Zc2|CQ;%3i9EE~seA8{)>YoUVISIl%PZ2dbwUPH)3a0DDYF%RN
zfnaz3&HL;VvG@^$11^U{)3s+*A-aq-ux`AYP*{Ggs3)foo!g?nZW5VkmE5hi+NGe{
zhu-FI!W21ktWILThFjGQ?hk!T+SB8v1Q`Lb9*LDo{T*_HKR_Y^(HXwEm85j3D-Eh#
zJQe+~`RTMd<y7wDbXygXw3FeD%>E8;=B%Wa+ej5S_+~KGI&kxD6ckT4$y14Lmo8Tp
zpUekw<S^%eU)!{;rV|adJvBd%IKfee3#C^A`mGHI8~Y)F(9~6m1Q=&P!g)o-3Y3Y(
z7s4ysWZM^yX6TanB%JB7=~>Qt|AN2WJjj3j9jlcEU<ShY_W=e-KoHR+8l;r6bhs+!
zx!;wRec$HeI-uG?G__oy9Y{<LXVrTHm4f=3GFq0DLyii}=d2mbM`XLyD{b7*TL+@O
z7(*i#Ds2~<IMiKj&I1mF9i@+{EG->1{Ue~=X(T|$!k>bvNXqe-I%ZBy@{S|*0|fhb
z6&kI455{qt%qfU-%YA)WcjWi@=(*lw3URubI|3|gi)oc>M#Ff~W(x&@Z$4@t0vMql
z$KpBKH-o1$bZZm|<=%T#d=BnFlCPuB<M|_BjW3Vy+s7TKXCI0~6|0m55yfQ(Z<=__
zJOllqBcv-;=$sjaFHKi9w2;JuKfD}CAjmPgCMg(lXO;T%TSRZ_`~x!zHye^`9~_HP
zp<9xiRur&KHFD->=WAVXFZ5r5Pt}eik9FS2g<gl3tV7|~n1SQK2$g~b1CRA%3(5K6
zuOMwvF5)3>hg~aJap%Xox4UnwI}_tLM_;h97ir+Aw7{pwq$(ZytBcQsLaAv)ywvw{
z{V7OW6zImk6lwVtrTCRc87_cY@P&G2;Q`}{32Z<FO!AJo3Sp(Pok#2mJj$fQj0S64
z)ykyNM^@XfnP}9!lr6u3i-H_XNW?x_O6Q5)10qo<Yu#wG@&z)A!u~iC=Sa5Xsa;h7
zf=MJ4g-~}$_?V>3>-|um1oSkcm*!9Osi?2TEqx47I_F`)CA%~J%ACA$#NdVUkm_Q8
zglg72-V~zmo%pOGKHTp=kW8@Fu&eDPJ~HPs9E%afHE-79lN$K(0B%HgD}P;9NO~k<
zfO}TF)ogHW^v=2<fpVqnK<c`4%qIIiULGn%k!b>f28UAA`HypGkuVB%s}Pa<{$wdQ
zmsNIfJmJ{J&y>I=O3-Ap(?V%@%lW#GtT1W(`=|2L3hPLM2D1S&I?o#39F%uS`-gWN
zL?VDuD-6*?&yKD0gk=wI{usdI%}{`FJ};7<JoRmrf|z-rx_^t}DXgyq%BwD3J2WYf
z#aQyF!$6d_Es$<fUB?Ll#=3x_3m>EsmKRRcZ%l9@uw*0c8or~)`xwA2B<2}C;-@tm
zqvK$dV{z{3^ov(r1)dh_Z$ErC(ja@hNPQ(+tXqgchAIkVv*lLDXvZPwTJsZht5%-X
z4p^5<%aagIPl_-!Ve-y(n)<Q`XVkvTnNh5Z2(oP5-43#l{)Ff^a5PtG_*1OLj)Rv$
z$e1-81x)E40pt67f}%vWf@&wj7{$OO{tDU+rQ{}T-&nf%;-Ur<VW0yoR;%MY(KL{E
zAL(Qy$Vp=_^<hPogrz_#bGWe_RuDPZqbT6+UL-$;MgsrZjBAnoXGnH1mnDEdBR5f6
zR2XyLoB>iFej*Mc&v1i*#!HR6s5Ec5RwCG~ZWRPBc0FkoDeDS|<imSoF=4M)%W`3w
zi<3+*!%hy12u2yP#LsnO4aiFQ5k9WIUKO@^vF%{*u2F8548Qtf{A?|w@RCXXr(PT*
zjC=qqlY^f5%O<n(`>$_hqA{}!;kPMvFX9~TK8!^iI6P8IJoEQMN{$)#>0LJlgtJlc
zNpxwnY5h@mNy};_q-QUq_|69>fl%5Sc_*ghCTXl$l$Id@n>{~#acC@l^wv$M%49O}
z*hypRbu14v=XN1})Au=i?LSkt3)=d>RptSVgWCxFmGcA5Y_EYy3LgQ`>2$Xjfp-`-
zQcD?-xbHg@UV$6(5gj7K?xO1#k6xFaNm}RYuY(aNOHO`~>**08#>~w?CuRI0MG)KW
zKY%X=BfymQF)>y)%guP9sTat#jlYDt=K*G3yw5gA>3r3Ox3;0%vEUi<iy#e`(O_(g
zD8DQ4SQ?uP>t+qF53a1BV&9Fa(Yow-K>3qoVwP-^#@h>a=CSGHoiAqw-X82W=e)xq
zG}%br1n1hSF7Y9JVnQC?aK5RRjct>(;_c(T{TrtdC*xRf_Zqx}iqeGqLNI2<xcT4%
z7RN(tUz%8FR4L*DsVl(Vz<Ru%u@r(?r+9o3JJndR8VI)kAr@RILIxtQ4W`&Gi1)0^
zA^oxd@^~36<~&$MUdzQb5bAo9iD=`hrnMBI5s~l@3fiaGBd%mv7y=2rSx}4NqT!2w
zgJ*#d`I?ac-ZBjFu|}~QtdPE)dP>=Adc`!637`~`MFmOax?})7%ob;P_*_S<`H+rT
z0*ZHm83%|Z)kUHMYnh$h<MBR4yRnI7XwD>|(R(GZqkx*EQorXn_9|ZHn0=R-lvI;4
zWw<ysG)AVv)(Q7ZyZ`N4cj;@WQGM3%$?jWo`i=``;Ukeufpa9`JhSE>=miG&4r#yV
zT7djNO+fjyQoCGC^dNX;zhK3{9+!opPMeLc!%MUfM!O<vU2rE9fmrII9V(QUAZgdX
z@GS6ach>o&XPul#RTy&1brZN9ke)|-s#~Nnd_U>%@l0aNDq`JK0!UbiiqOmhG&HI;
z9LyZ+06$m(RL?incauz65!Yz4<3NM?M|5XNM%XKhz%tP-VksN*BZ?4M5kkVHMmhMH
zqTk&BZRycYSWu~^Ztd$quBlAPX+R!+%Y&3;gej|A<YlH>7y11DGn;IDQQxp(J-cdR
zc2SSCIafC!yQ5^3l2tb`{p9r1uA_Hc^#1&uqkek6p+{)BevDNNu4@<_7cayAW*LqA
zYZksIS4~EKJp|I=^0=<8;r`Fb^3PoNe<unZ*Y^L7XZkleQpa`ppR;JQP6ru^%PI#n
zCCWjtZ#9e>bJfXXT<kdzgzk2fN_iDPtM}MYPJc_{Pct~cOCEh2N!rDDBw;}Vm=IcB
zA0<P{o}+8aRQKl<v;lA@&#^b1K%R`vq*Q}v&au{q6l;2{IBEu?K?*%(f!4K1_z-v5
zN+B2`i8VqZaH`-06TY$+1fYW{Ftxb+CpJZh05#JBPz?i1UVnSSR<c1Cl^>+_;Yb`Y
ze4(woahn5tm|}2Jc52T{^dxOegR9OQ61hv)_|mZO@S0+(AZ4O)qWi_YX-IK0?(d#T
zpUI2xA{|C40mPXk;q5!%C6LJy1<9hN=mUuUaRfeg_m*q>hffEx5QVh0RI&4%G8MT>
zpoj5^W#1;oPI9__38H|G_%3TX=*;nTl?zaa(Ed@)eO8H3R4Ds<(PX^M*S|~d2Tp_}
zy0KI-MO|_pphjLU=zg>s1vsk0EXxBzYq2hBro2U+Pnz;Y;Mnwwr+1n3CYRKk1E!H^
zo>zWq{46p0WxvW9wkAPHoR~}Cvq1sn$cleMvL5}S2=jZ@YU-~V5MsUnN+MSeP$3Z!
ze8bEt00mLh0DQl1_<o^Ew_$d>3@!~89YUENmzf0DI$;7*1b!^QDk_))$$k9e3ykaS
z$z~M}TSB3cvpj7Re>>Dz@VqcR6u>3V+^yPKffAJb(Ny-l>~F9K-IsYRVp=)8V?G&z
zLq)tcy>Qwo*Nx+ntF<^XJl{s)h!tU56`UUOm_S%E;}h6m{gdAY>noD(K+2T>1Z}F#
zOkL^Gr0?o?(Ordw$!~+MW?JPoD<PTbIuk-&&P{D*4<Ra-M1uTdE9KlbxA(AG5&f>J
zoNVteHYXW)v=cis_!vq#XaS(~a*QKLv$W;<08!PUz1<FYFSAZn2Xbs0#qG_HpSoY4
z$_f(kQ*zQF!ewPRKuDa8i!h3c%@GTilX}bCRH_FQ8VjpOPEl-`NhAe`<@i&K*_(Nb
zUkV=Qoyt=SPn%2iyaS>qBap`&CQwLpbT?K^IyFAO=$X5PuI{$mH8Fd6Rk!P^&q!J>
zIX*T(OySA}g3F<!9iu`<PIv;a+W$O7F$mB^p)kr}u|zr&5+|i6eglv}N6i6ER7$%(
z>&Z&9jh{tw!+8X9Jk18oYXgvDV7ismxLfK4NLh_nx`JCcIK0deyN?!q<!LJ2%bxEf
zrmS-xa-4nYnWXmiW<a~G$`+0NRPK4>Y{Ud{<x^|vmE2O&Y7xxw2aSZq!@D}<%@~5r
z-WRE@;kTN)R6D0=(tHW*34G<M-QDcRw@?89kW@q;$=ncMSt47l0LWW$53Jn<l`0t)
zlux(HZXx{)U{ZWigyy$#-2f4yHaVGlm|MFR&@^DBnSaYCt~%PjFww0}zV>V5VGGrw
zT9VSKlY2>01(H}Qr>eac!$-6zt55dw+*A?ZGHlx$)YX{0@_3(OVH?%f`NCX+p<eCY
z5dc4v;$`O-I~o&8utot7is82H_=sTh$jw!w(x4sDOkqQew4)0!luqD#ydGLH4qE}4
z?=ue(p-+)?aJE?vF%1?Bsw&&H7D*L^2jiL$@8Y{86XVP50m5@2zn&;;UVlWJXW1^V
z$$zRF1wdMK8nlIZ`|U^C&T^_z2?^TO2oyV(K}<!ga~;S#I4b}1eT*YQp0V(f_+;qv
zlZ;fTEem#Sj<w78Oo#MdNW(O9F{?mTgY~tm3tomff$DD)i9P@D*Vm%y&g)Zl`g7--
z+<0R1_b@vlmvN(M`aCH2<zFdeF|~l2#v|QP(XHPcB6@b4K5jV3`&S+r#aEOU-;=Y!
z=j%GW2GQbtDT)wqu6~&|XIT*7O8-M_jc015*)M?aH7RYXrg~y70OpSZeT>-OKC-bN
zz&j@BSYEt0g$uG~l);-Xc~F@K>~hiM88+ALK`GOC0Ope(bbn6fV*MR|B^nwJ5m}sX
zzH{7=x;A>OSb(M?Tq@h@*4yKkZBZ)nWcfws86tm*qTwLovp7FYWi)%;`kAG!GEk)1
z9eT;9kDtU4y3~;MEG7qt5%%vI&8)VLFT2On;q~vvNRiXd_%p360+aBOQ~CqDUt{FN
zacDhgTrQnN=Qxw0<r7hPqyk-Ea9xy>LekCn%eh1irJ^`c8v&wb1ecnbKwd-VWk{SE
zyMy(#tRGXTM{HQH2O9|>U^hIxyV8d4tR%xYR9og`?e-yxLI5cu$xoCYg7#uX{y8xF
zTL-=_&)Ol}$@8s_gNdj}cGJP__q$nfODXfk66#~lH&zv2me14LLnRT-ELkXGS9nmN
z-u*wE<E#y9P($wDRp-G3TlmLVna0r<Xg5$?e~y(RTk$un*^&T~-$_t}B;pT@$I^(*
z`=`UP>GkvYu{pes>NeBJTl#hQlA8MR0`p+PfQ!=KZIQO~ny{u>2T+kyH?JUE@0|Gf
z43vN@XjRXVoch&2t9WafR-(cZ#rs@Y(^@!so#B)5<@g$R{muLT1&iFM%H~;|#M$^i
z8RFvCz1J^aTJ{zla*a;GsM6WxC)Dfc6@eA;%JAi@R^Wj)B?_o5H!Zq_F*M^)LgiE<
zRZupHJZ5Qv5VmZlKAM4>i6!OwNvZgbBPnTRXHn!Te1)8&5rl{-)r&!c33hVpPa%Us
z=}Vgc3IBX00j~6%w&(~`3A6Kl*CT;`DkyaKVzKp@z4iWN`zwET!zV{!1l$%+L^5bo
zrIU2-W#-CGVrs*Qgw)ZliN<zW4OGZo&(DhfTKL8DhUPAk?QizhEj}BdoF{~Kd|gPh
zETo$U%nruskPmE%wl~W8Q-}};2cJkn>{*R7tB^}y7VGByj}W{t7jjr5{8%_O*X@8K
zPl%fsAr|g$J!(t23;$X3cc%CL0-Dil6haH?6b@PNNfyjN{LVcPgALN$AMSNl*<Vkd
z80jgQ3L)n)7<_z9wE>%Zc00LQ8<*cV3B0{pt5+LV?)MO@y6uIaUXw}>7Dlk<0_X@y
zUP7@!Q1G52aR?ez#alxc<xCzb#s|%Bqh?1$>_mb#-oQQ^Mza>)i}ztOQ)J8fkAm^W
zH!;;Rhfe(2-_IC?cKj-S;~ENhuW6@P>m*#tX3#29d$CPlr`1Xpl`MMnZo4w^C=?Ps
z2)|tnVr@j!>7IlNBfh5dO!#*HxY=e4Ny!#R9seNiQtJBKTL7D~fca2IIDsWRpQ_X<
z9?DTy_z|xAUabJGNWR;+%w<rwJdN#MhiLO@D$<5V19gl$a+KNpo*{yCD(E1be<f94
z9#$zSHC0PlC#6mEW1$%aE}*dR2sIKKedJpa)^<}Z(PnJ%Bnh7w1$g3QMY52@L&m2s
zc*1+yCFXhQ>%#Qv($ADP3_QZB$QXZzivhprPZcza;o9yD*1<-eiIv;-UsD77>A^+F
zYz^`RDa=??YfZJ4xbMd{!`6~jU_-*NfjdgjTRZ7;2@M2K^`$1B#M3-Da`K94&w`q;
zSORoAnK#Dzy(Ud-nQbE%zFiPkKRg0-crmdcqrQ$`>UopZ*%5K+$UcdNUS(YfZpv>?
z_pgwyycysYB&8vnL|F8L?m4F4belJrA_&23J2-VXtH4p0S&m`AkfN`7Zg8YjF9`7q
zM{F;TB?wGFdOCYEkmHcpytM?CB7u9N3Ev44XFsr?_f`&)+8Y}sQC}mRX$eM1Rl3h5
zua%R)P@7aj9R0`VShnEykXdpx3>&oIpz&Bo%j(IWG`ESFE6`E9X63QGt+^P`lG=g5
zqFRAG!RVS<6O2doc+Z*e!1Nhb>#{M_=yphZ=5etjbH}sDN&GW+zJYy3>RS-1&kh{F
zBY>z=1DdJh0a4;Mrv<uL=`G>_gZH(cIjq`!&`(hi3zBoQRIbn5$Ky%v{(DogGEgqR
zfJ4G&?H1{nD=8eR6QArvJ5bLc1Wni(j4KVNOzntyQxSeQ7ws`>!EKxJ=|(!ZZ6n6T
z2Dh82DH{Nv0%M7xKxe6h+w78c&kLbGXp_IXXRH2NkEelA4aG>cVRy7X+-l?k2cAZ!
zl3}XRUcn@dDIT7pZuP{-H5v3L&?KJ!;MT#9Yq6BcSVm7QHjTxrYcarFifU+TEP?UT
zLboPpZm_%+7cKONe;P04lC3};SVw4L0hO|xtH<KvNn4|NMrQIIpb4pSg^$J$Go?)p
zpWvx<?p@mz!cK6GXUkze#-!yqK*By5>L~**l%hs&@oAFFnRQU<#KEcsyB@w6aDp|l
zD)K~Gf;eRTwU<pBNOluh15rsO!$Nz3u8E6Kff^29fQwL{y{js_<RBfY0><pO<sHjU
zwG$=>e_8%gN91O))H%myTHpVA5N*x*)N{YF0Wf*2+WL7>Z+U_=|F^pZ*5`9PuUMfN
zMxKOi9o}d*JKO4vI%0a(X-MZ(5lxZSMhIP4t(Q!C%a`*{DW%%uiZC+4`r$EeI0B5$
zEUsS-$dD1w9&9SU)XLKcNW4JrT9^SdDPd&lZrx9mQ32K>Jy)N546-crB?Pj}r_j=Z
zi_FD=QJcKGKb$lj2O3%}4{8{cV(8e)j1U%^v~p@N5bJ1S9o{wzhYKq8G99yIVb&_S
zGakNQS!RDR>a}XQx}%gaDa_z_xn2RvY`gyI$*Sk`DNv)Q{(S2KMb~-sVan>R5Chz@
za{WG}dCPWbA#DD#SWLE;;AzlQJznZFcq3uny{U9U$uX>>76$r!_`(-PY1RD8R96Fu
zfWl1wEq<JMe}x#K|IOA}>COWp%Bq#$EwaZIFax#uURgO{EYf*lpK{pM@_d9zkbrJc
z8nyWum4UX|wUF$%h}kkdImI=;>Ox<nP*B8HO3it?9jY!9{@4?mB|<?3Z$NW(96UM8
zMw*8jGTBSTSVNE2JwXEK>QE$^Bmdy#(}2VbFFRLgyfi(vD*JzU_aaQIPEKpSl@lsY
zorqVcScCUzib{!WAL#F_lQr2%>yDe{A&g>SgLIcsimmWl5FG34dyp)lt(0iKPJErZ
z5F}>~-@c_J{CX-(=A+GO3Bvw9<KszIqbi6AnU1pHePi)896;T<G0h^~t^s*hn5Qid
zAv9&V%*E*1cMvFvL1Ts4#MQue^<)rZpq{y#qO|Rx28e8Dldxfk{aLg&o2SOof>(Mv
z)Ctj13ps|GNb*=h>uL9?-uT!>M}JQ;Qt~`q+ihAPk4A{=+KrGF-@ujAk<a#UTsFF#
z?%$Eq3yZFiRK#g$8e<gpvcB}jHz4f>Ik^GFdY9^3gs~FyvD!_GR)@wzYRnk;!dCUF
zj(_z5j!pJ0RuucpZHuK1_OH8msH@#AQ=wUK7VMI-1KO~>&qkdYM9gK8m020x)=ICw
z8T*!XhguA?U>ug;xFoHj>t1E&I5txA5p_!JGN#jjLgfFh*mF*%Q?XJr60N3YX~*T_
z+9k$~U2OzT-;#__a`G;7vZM@T5}G@9{-wyWd(f0T(i$>1KiMMu6KHDbZ5^v^IF}FI
z3kCSQtel?}(oBcFt{C0G8?TlSDm@nk0jiWKmRjc``0^ZJ3`BWJG0d~xD-yJt`cb|b
z&U5@5W6Sl{dH=7Eg?8nZTEnZus{q;b#hE!5-Ffz55ve8@e5!#C1&W9psZ|<E&b=&|
zWN4UvT`1EDc6NkFU4S8XvaoWLRY|jho)7`YgK-b9$5*2+NxiPs%+h;iKA!93611sB
z^8z#7F?dQ^UYCBwRZ4((c2(AIz3FKP$;89p`pB`JQBcncVyQ{g*t-d+u5~$He-!X|
z)G(X&Yx_f_6gG2oF*<FT!!T)lzF)=48?3}^(tB(%2wCwIoG*n>CBWa-PJNGw)@wZK
zI-)2D>_Wd>$d#P)dSEz+uXa8CmnrL}%8j_@<_S?POrz{-tV|#Re~E0%m-R~ZwVsW~
zL>{0+{$S(qm|HRn)%PSWtFtk2><l|pWNW){P^dUQS5fh@ckd|5O;k?KSIL&RJ0F>5
zLmNF#>BhNi@nz?rs>`3cNgf%xDBnSQWbgcFbvHZTj+Z7T(AWelXQ4RxNeoK`_(&fW
z!{~oF0_$S`RNV)qFmlUTz71ST1UVQ_0XwBIgT-85CQD^Qc$SmkmyrU*psE7$AgH!8
z%KF(WHZ+CSV*yBbo!Un@^m>gbm7%v0&T_#69@CU{H<l)^`Wi@KV5+{w$Cv8Y6mQ8+
z{5ajdniM%Y-A!#DCy!f8x*=gg&Sn;l3HWv#by<-mCxJ$0x&|2x%-N{a?DbmLwW)R4
z-J$Ko>L=OUymCQcjL<F?z}$BeBG*eU#sq-X*xj{0MIiWsp&3jg2tRD{Ak8O4fU{J&
zhEloQxXIXv=cwJTJWW$(t%@{udb6_Y{v$>r!rDg6zUIGLORD{cw=V{R&+E*|A;;|B
z(bl?g`f8a^`F(rj2%>JrMwVtg4gdpPCLt~$T}1wbnpsSXiuKu8_EVK)!meJ>7gcRW
zE%Uhu9FWG^RDnFH=@~|)dmM<BGu&I)z%!#BrmpN{=T<iI6^Jt(N-^zVDv0)TP4aaY
z&b@{Mk1Lbt^HPt|L6o{MmT{bmFtgZxJOih*1|p%-VSV*cs&A_rbVfIxBFM{cU_r{6
z%)THw^APPcz7~d@zMR}2?`~+{A2S03dbURPot}85opl0ieyOhXktOh$h`<X$(C8dz
z+!F46$eorGj&dp5<r5WmBbg;BY6|vNGZXqT&3XSL6^!9g?sPL)(T$BW!@P+S`L*b3
zI>~D!Et$#VX-kn#RUiL47sD;;-~~f0YRkBQ)dC1Uzj%XLPLZaSopvdRG!^*a6VO`z
z1x)4&qMRy_yUm&-MKgQ<k56E30+aZUPN1rkhGB>}WV|*VE>1ER_j<@Y7LjUYo5T8O
zBD)zwtQVi83QB4M-uBK<y?f^Y+|Dp&^FpBWOM_2X5uAq11WRm<=MuA=A(AzT?9NbZ
z>`Gz)?xl6mTOQup;Z!}YG?D`FrxsX~;NB&xN|gTrd65;R2QsE;^Bl90I@8n<*IdFi
z@_MPwZ?g`D)L101Yr>YC&at+tZIdhQ2sZBZCpFiodXQyboX?MxmW2J9=xFQPiky;S
z{N-D<5xXroUk+Yg&bQN!<DG47oe#m7ov*?0rL5P}%Q?A&zbWGQBO`h?X!B>7&z2&#
zqU28H9O=)8N&7G;4%BUHz`1Ymst02NXX$-hyTYV*#(J0?{>$Q4p~@cbcg^YhI_0mj
z*vwMp2YGF~R9X<ccgr*2>ZnZVoaS!C`YsMe%(x&Uc$@C}{rm`Mp`xcnquP;kj`lS(
zgUTB|Cz9(yRo)?ovV6HnkLQ;yoLwZJxW~;6vj~%vTMdw0^qX!dH=a!&I`ZeCj6(E)
zwN9DfhQ`h*LM=}mz!SOeqDDfY>V?(@P6sg8^*=m<@#KUqd8xLl|BI}9imq%47)2f1
zw%M`mbZpznif!Ar-LY+_W7|$TcGB_5-upl2-gECuxoW<wHAc-@^;KC0ME^R39ya}|
zY3NMX<)75s<B?BlX6`h$)FS0j0x*eST3`NXED3SYN4?IW?p^c$P`J{L30<~Oyx#|T
zrcF_%!~0u9m#6MJ>w6J}3M3^js!+DJ|DHnEGIslXNE-3|T>;?k&PL#W^t*loxQab@
z3ZZT$j7k&V98Wt2P(F8Ir@ov9%UqhPL3%i$SU_zkbv_E>9!11uNHK{IsU2gEV!bAH
zbmvr$f`|-nSbVcLwAUexiA619^WIMt^fSDm;la!4^qDB+iEJ=)4lr7!WCU4suC{J)
zy`O0_ASLyy4LVgwx?}bvJ%MekYScjahZ=vo(rv>pC`{A(4%c^Di6r_o@J}lDR2NFI
z^n^K{z}!UMgRGR8K<T;W0jZsQtHOUZ0pfAAYtFLT*&noS6G2;<>B9)g1YQdh(Wj&n
zPx}~P|37$qEfFo_4@kA-B2Ihq&CW&EdaiK_cfN<OSVSoiG2JD1yZ?!S#9`f(`=LYB
z@*j=A_kLB+9^g25Ji?4u@FT|%`2PREz)pE{td05=y18*&V{~zNjT+ffq-u+hdrf|s
zp$?`RJg5|V$LAv$9g{Q*Nj`4Kzh2<{7>{V@_q9pZ0cmy{%0Q%uOz4NQi?P3|r~<l*
z>6Ge1Abm%}a*^NI3%=CfA2UFHz}+9X^{{7YU)jm-%yaswrG)B!f%<>{I#&G=*^Vb0
ziqxjNl2EGTgBi9$$$EqR{~&>xN7NRBd`u3BVTzxm<7a9UQuM7mL^o<8tag|euVpim
zGm7>#vvYgj2WF-QP>u)3oqbr@@Js%K1MaLrt@v4+vH5Z)&qb8U6d7AV+2fADBx95N
zYT7bi=#sloLWr{!XX6ld2y%%E6OA7-8%4l3xPEd_$oIUjhGK>%Xuy{9uk#i`tFA%(
z!P*Zge=C=49~%_Hv@2^sW>Qpm!OH=rz|IV<6UEj|S|IPw(82+5eqWxFVnO=cV(@f{
zB`(@Wph5^*y+?f8@L>{6RaL&#`X%6Xy^q&!a|!)LL$y^cpICI|F*HVTZ)zu%@qLQL
zjL42e%X7^Lk8si-TT!w;r2OJ1&#&iNdj!G2Eizy!I<M^b*0bM56o}i9CoeqKH&?_w
z?iy)nC;BYi!)kEkn5ICMbTnxVcvQ2|GgzMusXta1wzj2yF@a;-xfnVt(rHg0nzJj6
zCTHi&jQNehAmN>oY%F?IM_M=<Wd2JIfGu?2bLPIuLCAbG#Q95N{l;%AV_xH$<Ww%r
z4f+;kgA1*Zm*dG?2Zv{Jnj3Si4ljNc9xrt9or;y5zo1dhU>>szI=lW5LcAL@oOZO>
zM|otrPndXFOQ#B6UCux{b1L=rl;}z~!DjE2sfiWw1EDT`M~Mo<X1g%Z64sqX%6h4g
z23eBO?;T<YeN01_jLf-tiESo?U)Z_FJ&|-?XEt3)@xeKkm+A*z{Ns(B$J2odIc5Hn
zTlO+^x{|7}xrigm^>-AuZ_!$j!U!~0R}tUffUty(`yX&n^8kC)zom9&Msi?MjsJDb
zLv|YNeN~Zfgx=bjn?dk?i|F_FgYbA&Ry+d6(e?G}VPV*fftc%unJOWkHu&C@;%0%(
zNAQd{67~OpgXvM8OBtHR>gTRJ<BV}Q_R*e0xfG^lSlzSSr{YY87TuEapgV`(c~JOE
z*l<;fP@cjV*3{CWZJxOv#(DFVMiFSI?!*@$y-w@(>KH?xNYuRpg2wDK_SI2a0J!_e
z9UE8Yw{?4NYI+k#KBXlO(-!T(mimdb6N&z+q0Z+tSuAJ!*nF^iTma!~XLAj<ELvoA
z$Kf!zY>k~oM&MGUWzQ});x9au;9{zJuz+|h9&wkPV#STexniR?qynokE1Eny>X|;?
zNS9rkItiskGvOVqkIHkeFa(ZH{l_R3Qk<6aa$hDx+b^^EU{eV!M*&GxzL{Ew8L@7)
z<O|`6{t5Sq4}Zc3PQnXW?t!;iomR4HEHw-Nf3QJfk2(?3m>Gd8xfS3URi>PB7f=SX
zxDt@3O3uSX3h>w)XBQRC$|7b8AY{zRzg<2ERDj!&8%y;wO1G6<!l_iO<GK3boip)p
zQ<p(7IHyi7o3B814FqlT+=RlN(i%v+8VP%p3Vw^^@X;qUpb8(r>J7!;1O#SnD^8My
zYIm|{GSs%`8Sq$@UnSCw>iuxGWr0<EDv!+7kTR~6ItMQXMc)o2Emj^&xOQZcit3At
zA+ucN7SX@aN2P-9>F?!wr^q&QSd{6lk`!lorzp!`F(%&pDD!W`(lI8^_EPo^__uuK
zTO0hBapC=c+AjHiP8COti9g~#DT3=e#1c>`W2e=-AV9e0YUIW1v@rX|Z*~cZU*ijc
zw(j2PRGpOGvbmVS!Iu_oc7mx8FZ>?8)_k6WnH|A0!usFT;O!r35Q^<r{6Ey-t>h)$
z>zf+vFi(V$hnP2Z0}>IHzNta$H#NZirUtFDw@gO!@#Xy6aD*0gcn;^o8BB$%4K4}#
zHPR)^%(%S9)%TC7u(|5(Yc((x2V0AuPbJ>mj75f$SQqJ`Q1aM)97?(Mi)QRKr|>Gm
zm5ISjWwl2SGe~ngGv@@$t5-9jYU2wmzF)kYmBbEasu;Jt59f#{415GqA;twdo1<`M
z{`=C$%-fJ6G06Apu5_e=&2+3Zf7pyjc=o8;#yW#3^%-H1!ga}*rI4F~u-J$pTQXg%
zp}gixX#SxFnAkR!b^Xzw`03*lY|=FX8sF65E)ue~O;0__gXEslENSmc+r;sftW>IT
zUIIQ9Fohx#61BuDA2)~zm74GbtLYJOVz5&O{n_$q;NI*3TR#R@Tl8S?7IFAL(7@;)
zXfW~(4RZg122KA14PJeFu@Y#0KV$jm$KG(oenSJ#Z)ouLf<sCkHgdzXz0=D%-RdrH
zJ<a!mMmU()=BB?d;WP?GxZm?078eSKcf=C?h#7l>{`(c$*gN>`5m8LuB|03_bQl-V
zk89eEdkIMv5U<dn3uZHG$sv40hS<2uH>!ns@{D_aFXE?XziRy9lb7=jadd3)6lv=0
zgzV~RBQ$o|)~di@BMw=6dQ<)9B4oMxBs%s<7+f9tiMgeLGD0+EJ8CTcLYM1z{7HS(
zt(%ARp%RNwY@7YL!v*w0%&?(*(mI_@kN49e@~g`fxWTT1rGOfi^o5}rmb8hcsf{vR
zCSd=PaRz5}959>b`K+9Pl2udB_7cSEw-yrNxY#mWw$6mx@JFWyPYv(M^a8t@NQ{%t
zN|(tSKh9C(6E=ziId;rX<n}lX6|8G9t5!O*?%r!l_{yBMpMT0!#m>23gGg;CJCYk5
z1|=X>HPuGp%bL8_P!6Jt*_-H$w@{5LaivqtnOZ7>V~FUd_Q6J_Hb`Nlkud7|xQUXt
zX~~fNL;Tig)Y=UXNOD?(%wLj?c(y6aO?Rmpkyl=J0ZL4nq8F6f8<|LSxO5}qiyDK7
zf-IBh$O@?Eg-vx_&6JwF`*p$f#i*k-NfXVqe)v@^xa4-d9iI2;y&I%j1_Vb{53Ki}
z)OPNX%j&Jc3gh<iR0fwTU4jx!sMbG)n(Aawp2=DQt{4+QUVSAHQh(9}J%k$n6lxr>
zMa74fBnxI%4Lp|}4X;^Fp(yV{A6b4KL@zMuXMF^Tp-oZ@hVB>@j>a{DrRTwnqQzcP
z9UG0bWY@CnZztS_&{<-Opeb0*2SUQd!K6OB$sUusmK7g>*_8DUE)eJvFlk0Nc%4kV
zK%4$LLjSc}&2GYTN!NcJlD(`-O-ypL)EOmjC-?RAD*Kh{C7aY7he!hjo(s}tBx{FN
zP>k}Pm+}~fzr+gpEe)_bg~nhbXJdc7gXphnfR<wstz1iJH0YP~QE%q+A~xWG3G{e=
zy@CWXN1-_8GEo5ghG7uZwWgKPg>g`p8U+#VDegy_=vY9cH8kUKr)~BxaJ}pIdc~Aj
zScpz?lQwFKyFKP3jbmnTAO~86FaG)UrdHw#vC9mSMZLW#m8Q~&E-x`Xj!p``G?sbj
zEP|q$s>(!Ek&&P%dvZvlnYfwb<kS@1<}i1OV1v;1m8Vl4Sxz~V`+5382ywV8P7R_A
znG*1}8HG`5tLNY|C4^&u5gDa=d_CqnA!SXRUZPDJ$;X<#T~7D3DpA{j&js5)cp=yH
z>{9Kts%8HZ)xuslH?cRK=MGcB=#!JSc_<8G=*&xF(PQY{+fJ_iB{DlF=x0cgpv-EH
z*)L?<i>}LGI$;*(GqB;*1b~S?kd|+0kj5y8g1H*L;+H1X+Za|9<FnJ0f-8rTzsl_;
zrlHWW_BXN^g#?dr*?J1JX7$6arf#RP*%2`Dskx)H93+;oxHU)cAV$2vrFUIoY%!QR
z$p9S5*V+s3SYs1kcQ6Sp8K`=P(PA$h5#S#c16vMFt9&>{Emdwx0{TntV(FFSTN?2E
zrM1Cw3(%gSUu><NmWN|1+qb`EzL38Cxfk?3GYEh=RV<35o?Gc4d}TNdQ<q$8z{5U;
zsA$q@l)VPWSn1a69-V_X1~{$TU{Ybrz7UYk=tgVEx(TwbAumd$PT-~%CLdEVC151t
zo({xGU;pC9tK}d5CGT*mtn-SN_J1e+Y#n5kbv*qLOWPi(>3vQz_UFG-1%OEDy#4u0
zmVdi_T+29|iir9(?qPh7aP?my&&>BwH}6kFS=991=l^y49^l`8|BlstkQ1O?Z4&u4
zG;R7jNmiwJ5>h)+dQDyucxTyDnDOpWPpF-+%l7r#8VIIePR1AWG-TB`)SvfvItT@Z
z`DXj^!O)%4&8X@;vNSX!G*K~6FJ|j-#v5+loPkS5o&_J$rXBrnYk;%OhadFiztc{S
zyVgwA0Ka`ITOo4zw|yg$db3(vPP|5&zuZm9uWo;z0j=P~E`Dz%v;6{47l%3u=$&Ie
zktEFOQzpceeO5aD`AaiOb62JSt6y~z*xS8Jn`Ah#whHeJjAnf5tbVe~(i-s}YcL+>
zV{Oy=CGAd#B8oF20EW4w%i|z-Z5RP0Ke6c(8Z6J~Jti?o1QDJ7O~~K1piqL%hCLPF
z0)e~Mp)&7>=$<W7$H;Wh>gb@_UF+!<0(fg#bxo}0rioB8B#^@ov>0z{wTzo}H~QTJ
zpq|Z79wC)u5@ux5;pxFiW&SuCs~zc-V44|f*+J?w-}29J`kmAm7e|cPg=8)A#oa78
z0PmgPcTR7ao-ng{<5g&hp-Wb-;5MhSEDT#I2$k8|ig}87n6ZnfP_{0V475a<C&^@=
zGYwpF!u)Fu2($2)Ch8Mbzzlkww)57-8Ouk-0&>N#UZ7|;v2Zt`V0DC=&3?HHeLl~P
z?0oR@e4fwEA<6^%K5yN`2~Tba_3^$Q{{o)lcJK)a@jq^+HfkAW^uI>q{62+LUf4d*
zPl^av&k0E*@Cd&id*NNrftMSeWIrI(CSdOw0i307`P6edYQn~hygGjZlJ@Ampj2N}
zYphVb>Z~uOn&kaR-xhx}U0tYDF6_9Ka@&4ugDnVk(PJIlt+8;F?VrrnQXAjeVC`EQ
zRMeL_={7ehDu({64QTAY4_e5lV$M#;fQ<n|x6_L=h&Kr|V(XN~lD44~*eSv>?uVi&
z*vJ}t8<JWdx7g3m=(tfKc|)abmw17fr^$R7i=;=kyOM6?+Va1#1YgukG;4L}|F{@I
z1)zw7q&BmQRRt|vq}nbD_N=KlfWcm17?MZ>M4x|MwY+ZDhP%qD@u;oPpz5`ted-n3
z7Rzb`Yx*#bTa{Wit;DjUGIEw5Pdxpd(?BSXKOXtTifV;pI6*G`5M_AV9EHK%%Z91J
z-d)Z|0*)4sn2cYlDJIoY!F)!;&=MxA%XFuQ<<NG2q_-|Olp-iEzk7dq36z_-YzQM?
zjq7G3)Y{p@?wy#-kQT~a+zYLFjHZ31UXn$yMoR{_dXppr40_N9^#V<YXf*V`AX97F
z+z{Gay`+re4QaMJ?oqK``!KH>x)&K-kR!>=E6|#Jt}9L2(dz(jjW-j2IcE=GSd^;c
z>0YYj;u>T;NqWNFYp;ep=TgeHvUBr=m=4(5kEe(ND_d=ghqDiiXH(T9lW4JcGOR^r
zrh24GRUu!=N>eg-T{$1JbNYyS5~u6AhC<OapkI$ibSy>L4HOc~<`N>3pek{Y^sfxG
z>{@bXusI17u{#i;@fBgAXc9lg!{g(x4@;$+SJCC*;Lbv4wxPeFw6)xozmO9cRe@Mp
z@ffpn|E+e>EM*RXBHC5?rzs4iN{X7rl%9>06(06%8Xwm67y1!Mfi#S`M#0R=s2w=n
z6b$FrC6Vr~FDx}n);#pa*3(4EE6j^z-G+P#`Oj2r-H@QEYE7%oNzDVLtE}XBfw}PA
zV2~s`ytB`KKcQUw!R?aB#fPw%#F@Cg(OzD@FXvl*%se^$Zay#ZZOJK}@+qx#3Cp*u
zco~!2btc9%ON4*00cLrZYETW_A(@%bDo~=3Ff0r?Dk#jhTvg{6v5t(zD;b?>0RA^N
z$fb6)Pp)l&f$Y$s)_61RtXGu;9|}UyzFa@IIA@#&onX441$er1g?ii9TRL;o%fGS8
zYOZJI#ZUYpkYr-O_m}~eoZivT{+MB+L+zw~2E<3turl&EEq3|Vt%5I1^7Be|^l0vb
zIti#0#_TT761B^$WoL_n8#ebofL|mc-?z`=sbI)&Lj_L)9SXumi~{teGs_9+QH?X|
zR<?ZFW$<P=+)lJLBmS0czQQIl6E~;e$y)i(tBeQdqyJ$12OA7$q5l@)N}Wl`nsr*S
z+zmV&TUSuqqV27h&PbIOTgYdq&i9Pr){t9blfFe%>#yAM&p+&>*9(o!yZ;-o8g#qA
zE6(b9*_VSxipOW&3ik2N>ch}51xfv=&Xz0oF#SS6K2OI%8!m}vKGWA?jIea`z@|Xp
z0uh)|@p<qRC2R1fEhU9hRX?o(rz^k}tg3cKFT=-(OhF+$n4ZHwyAd=2`>wh$|Gk=v
zSQ}6nkwj{D8agX8hLy3{;nAwfRQZ*WhpALsgf3uoso%*e-(@~Y!5JE*Sj_fUB`T4e
z)|3Q#-2X8Z3j<=rF6{#XZ=l7KGK4FA4)=WWXXf(oSGNeXoMYuJ955eBUHJf?26f#q
ztx(Ru(rbxU-Q*<E470jM4mfC*hn#w}g6_2f9W-jik4xbfc8ZN*yBR(BL~p5B8NxV2
zJ0U(-x;g&F>T^2$7orLxJPZ<P6JAPDiNXq#OU(bH4c58c5&%~5hb_&3p*0x%H=B7L
zfR(`Jo%Zm!;^f^1AB(hpF^gB%l#hMmvCKm9*<Mm0Tnqh!fKhu;g*jptzSfmcrXl;r
zpcJU3d-&AnYn4hphmML{dN%VkoZ~GHKY2tJv4&=}sB8`!DKpkdRkOOB=aA+u1KQxE
zhQEB8N-^`!X)$uJCM=oPwvi~4wjBx(!3<P#JuZg-$EFwzhkm+V+b;+dvLe{jwR8!%
zScEJnF`G4}Ib&wrw2&_$Gq`)j&3w3s8B3X){d6X5wt7Aag+hT+Ce?sWH-OA>gKZqN
z?c@wVMp5j?aH8n(um^Qa1=kruT^>6E>rf09wl`c?qilGp9tzIVsERJd`WGto0ubeD
zkBkm1U0zm!r61OnCE44iS;C-MHeZ8$#w?uu$Y7LY3#Rki0R<N#AK<1n9m*vTg#~;e
zgar#GgL%d!(xEpk{m^t9R>|2T<e1$_Z=&g^t~4xyWdLX(8MO=$>aHV0nO<IeqG@`)
zx%?s9nR8fOhE0)Bhb>2^q*K5xd@=ASjI>FBPC^ie?G-4}{4p@j^|t<Nz_p4sqa|Dr
zz?Y5Q&!4n{10j>Dwq3#|H&1|}KVjMBn@?vaT?6%O8>29ciVK~Mkv4{t@2rm%<lq#C
z^SpqLmrV<D;I@oHM0Cj65~kaMTZ=4QXDIe>T!W8!I=w{gQ$y&mDy}4(COs>v_Ke8q
z;N_$n7qx3p>+2Q(`*qnhU(c&=)>P3nUW`8kSoO^u5G+%^I)~<K|K-oTV(=w46H8tn
zacLVz_tDHWG?#0PGQ!HuzUVve>E^WYLs*ZUax%Q(DX^GMfeFz~KS`xqR?<r<>YwLi
z8CE}w*t%e031nns$JE4M1k0?Mb+JTnW-b>8h7DjN8`v~bRyLOhU5;Ut?rzO8b1NTc
zZ|*<x1fVa{WpC~F@tnY!ZhQnp73QZfvLWa^Tu-@?nPQQS6HSL-4V4XVLQbE_A^<mx
zB=SGNla*?knZ*kKgAH!Ir(};3aQaY4ZDN9tV#p*=UzQa?#jb@5o1If+9en|wT%l)b
ztL5=V$MSaf_qW;E5!`Gh=~F08KCi(#vnlM^v$c7k_aZFlzr9+z7A1a}qPN3}Kmhh}
zbHoWb82L94r}*~i*W`?y?Y()1uesspk5gI{xy6tzaH~Z^Pq89(Df%EafW{8AfF;w&
zZ!o{Df&MLM7-^8_hk|j>`6^G^sT`Q&H4*K!F+BNhgp07&uW?YFrbmH!L4)3AKZ9AP
zPD*$zg`kyUIh_&6Lw$AalGxr)$htW0(M96JoE4LdDT!0^Oa;Y3Hmg$^dUpREh(4U0
ztW;Kxv=|cCNKETt;@SE%XCGrc&vIZ&DtJd(#~!VsI!P)bdgPP$NwUj4aL)b)veu@_
zsTlDjHh2B<@14NHQ;<{U9U0WJ&B)`}W;Bo2ZcsLoB|mtc&*3vFE@V_)16jCL*G|2x
zDjHZ+*VcUODjE*>lvD8CzuV}}sF;@ahAF4yl#fqOe^-C^fcvie&c^zD*MFxz-M-_0
z-Y9nGzH?iE|3>lnE(D#ilkfWO;QU{QX%*A|D*t;b_cnI4m6Qj=Z(TT*aQII<X1%dO
zEqchOaKrG~Gr2n9Adr?z5u;bIS&7#b0+4mD(e-4VzC@Y~5CeE2z22{iZR(HA-a$s}
z?41HEu|Er5bJsW*8HY7Pa6BuL6ibXIpmL%OCBlrQ-VX44X0X4(62Kb~*rd=fE2EJs
z*kqSKs`kC0;zyuuNq%1HC(~n3ITT8#D#ywqWhOfk4YAcSPepY&6k>suAK+`s<B1ls
z8vdgEJ29KMwkKI1L*ogeu;Nj`frSkyV3htPndrc7kT*g=l1k8|UqlGYV`Lges}w&3
zTRlqjF1P?}oms4-c`1>DRDpjV6ykP|AiYEA7Kn-d1fl<!bvuii1=Rgo_efYBU2_&>
zKOebkYr>$78dNgQ6WL8>SOn#2{KPJujtp!5Cb|s2{kH4jcBox~rdxjxEbWzd2lM;M
zjLD$Wq}ovf*}N(&tb+Xfcr{N;uamBQ84d%>z5_xnJ?bB6;2MqTaURYgI)zU>4_sm1
zp_!abH<l>kjseD-L*xzf^FBzaD){qT8pIg;TdV?~HK0H*#h^i-T6s&VAxW5mUohl-
zzQmc-GqqYV{3K<yEVodTH~Kv^UWHtT(-&teByJ3u|1fd`#_Q$VZ61XnujG0^q}{4X
zp?)8`F8>Sxd$n44t8t4!6JB*hx8Ln@QD+}&Kpgc$r1DnX3@{k28hLqq>YQ6zfbCM;
z+7=h{%Sktx9b-!i79Q~&@KY}DBhqXwkYXk6E=H&PdEZ5IykYA(8mFeGX6O+~#do1v
zrlx9TIpl|%EY&gIhO|jMVk_j-m3vVv%z%uaBKY0LC1Ai6G|R&0^I<|@kBPW}%+C|%
zw(JZH8|6mD$?%wUB03eFwZRe^cBi@iy1Uk86C)Obnt|bKVl?JMN0BC#PM%SuaCs47
z4~4sF^P3vD_Mcw)^lpw;jjz$T4jM<zH22u6rAE^T3Tc@zw^NjVC?f86u?{ah=`77(
z8`3<Gmj3J?hB-Kr_Ke!XU%d7YUAvC&>}st@m2m&_;~Go-J|XJ~<P#UPQQS}=fg-4g
zfOMP5EOs~es=(V=MnT#t*eE|5ha8*+T|G3#50VBhWDaD|TE-QTP)>$z+$;t{4+rje
zRRmg!7YOK^8kEeKS_%Y;L@`$43v21%`Le<iIF<EU{a)l>IA(Y(_}vPT>iH#(&CPg6
zHi+G#Yq3*DNBlv-iUZ;*5T<SL>#BXYn$gMtI%yCy%!_M=b5#k$8NG_8j_vqT{v%n7
z^u7Pu;1dC^t&UY=9S8`B44nITQ?#Rkzh4VHcyk`U;8&F>w>YejO^rwA(y5zLT}P^s
zzh&n-1(s1e(aiDpM<kpobkD|Nt(~PR^qDEW*P}Xb@rO$~TOGuTG@d&7ze$Q9n#vV4
zjQ>aj?DF{uKE5mA*;p)F&U$s#D9Bu2-s856tifxCtv>(DXZ+|s!n=N8t^p22rnMhP
zP=xK9u77K<BZ2Z))EabzV(8;gCTDfPhSQ%u76mZ<jIBHeiSVNVO>oCb7LxS#)+UM;
z14Hl(zeY1=!3GR4vG30pK3j{f<pliWIFp}4%Bx-9QyfED-xb|senO<j=aRb`GoFL;
z&c%#9kkqm+&ci5}xk;)~`!*teB9V$Lah%ms39n`UR_}6Ccf*_)Q0Y94$2VPg>)bYF
z7Ep2d9dV7<JkEUl{G>EwP64^!O!^-*I4*d+)NSs6Jku|?`W>nMi}iJ!oKC$;dex@%
zM^2+-Nn#?#a;n;a0$W0h1eB!*n$M%Y6hvE)yQ4)T)k+mmsm!#a##1R7K!u8gj2-f4
z+e}Al#q!gPbOuYeSqjP5i@@mA{Y%=H&u0^<y7}q>*P%*Kjfm=apS6pu8jGT!So266
zL696M`SObjD+4n-r5L{;r<K3E`EPGy6<%sI5B{$^#QV~8%W>Pz;s?lS{{)|H|GCE=
zCqvnmDIEjnbPi(t``wa1xv29$Z|6#&1_+;c#s9R_P?j6>Zu7rxQbI=~14Uq_<0$;V
zdGM?~Pd_)1T(UsQNFEM!%`7p`Oa*cdYB%)N{M&dha^$;%e-h7|HMXSA2|sw?PO9$O
zV_-2UfDF3&K7pG8;L^KWsxryA7;9<xN#WKxA-bdpWFm&(>ajQZ;FocIw}kx?b_PX;
z*EYc1?zs>X)y0Bn4AE0+SYoYssn@{*_3`KLJsq7Jq<~1}N4jMF(KsF2Bn_^@3NFDy
zX1Tf^vV{5*-kf;$$8AMf>GhBNhgBjATrp4?45@&1=RokrrQLPxhd=psJFW_kWhpZ1
zzs$2aU9xwdOYJ1aBBO1?A=#BNi!Kr^a2N};FfCr7zy2oUwXgaxOvc<0Pmg|TDpE1s
zj+DCe@pE}TK_)sWT9j}*ckBt`Y45&)zZ}qS;O+ZxVG?4=zM)F42c|`7q3{qZNuPog
zm+j52g_3pGp@oilkPFGa<@1b7k<y-{z(}zV*eEGAhZ^{3CQc7j^Xz>-gx*b3x!GL4
zP;>n-Im0ArA#|=c7Y|hUnVjtZ8d^s>dtyuqu}th4I9sLBNyJz5*EQZ+xMj5Q<^F`7
zV1MoXCC&BD739qTRL{I(tzn!#-FHK;jvjd`?hkG<C(qN|tR6D6DJCtbskvJbXBkIk
z4&u5tBzl}&E@?<kw%h#Apxg;GQft))Gm8|LQ!dc;a9FyJPP7JZP!!qsscT(Sa%JXD
z!}0yJtPPTb2sM*>Vscd0YqgqLVmQa-r2~a+Ddb8?X~(`R7){Gm-|u%$2#kk3NGeGe
zNA%L$Rbv3CKCOLF`^;p|%&%Ro)Nz1HeC?Wy=t^uLU3UmLv2<QxkPRVaZPW5z;)#q!
zCg!s?Y!Ax3s@4Kqc>y#F1HZvMw}frX!7W8ie#)8BwA)F<t5b3VNfK_IkArChkQr`s
zzWBwo#08(H{y6ipZu96^XFP7MO<xS?iS0#Q2X7Ez`U_}UAp@Q%<>`j-nJ0M2lv2$R
z9oN?t`5in~6qmhf957h-UJWk~)(Ri}W{vP4%%@UKh-&98%3tjlyHe68BA6q~Y`1TE
zyIp|$6TcxW0RcfgiS)eVLzytU<OQh-bw>P?oo=`-N}gUso)y~_8KO%9>AmUDW;?HT
zvsSSIorOXJ4SL|^I{h{x`p;!tlG~OA@`<QPlIo3O_^+w$GR#inbsGJ?RMw4yGtjCF
zbV;h@v|v3;NeF3hWkJ{B8|Yrtt71cAbxun48aC^KnVQzr$fatAvz%=kNH`7PDL7p+
z)+jwb@0WXR-jENeqw2O1kf-n6fXg6C8&X?h&mF{t`AW=tph-a0oy_2&G&H8R@IU_u
zYgro<jobt$4q+(!tQsLoNQcPmXpybv8@6~f*Q?P`UI3M%2wO(B%H|o5rZPKh8{+ot
zZW)_V98>wQG$d<M*b&!CH+Ie3>o7CU8NA8_=~|G-Cr4l&!rtBHD;fz97_`b;x4F&W
z@15{_@(o2~gUV{5-MiL6U`i<`)WzxUDpspq?}*8P>()EBtco`6BYKBI<u|;$&x&t2
zo0Bd18ZDox&$y-a=VwIeIuXyi<m7V5#{RK5q<v;BTyByf)edlLB@*(~Vp&N3V{O$z
zdy=`d?f@8^VmjB3*{Th#b-dnn)rY8uA&R(VY9ZZ~=PL;yQ8q2$?#FhWVqX?ZS_q_~
zd!w0Ng_9|2Q#Cc3Qs>&@Y`O{AYspLjnPd_33`T?1YzR=;O*~C(#1%7d-|Z+qDhZtq
z%`yPRo3hXLQ>)s{mlP@<jK9}t9bu+xyL8OBGnH=J7Tdg(gQ-NL0aQkoUPQEpZ#nD(
zr&%o*(Ik!Nezi6MX`^=8rQ%+rXgHmBS`IQlv(ikUqrX#{F#u1gHL!m1Dn-y<Wcmjj
ztY#T?^ebfX&kbma647pLkL8nVevmq8yr_LCBYXHNT18kn)S6zzajlOBKRErN>HpI7
z5NZN~Rhtc-8q?H0?RwtKfQNI;(-d-hUxY5m(3`MqrjR<WdI6p$^PhZFt8R*r(qd-}
zwh~j5(RjC1SP!17mDWraTNTETr=fGI@DOgS!aQ4E>Zg**T}T9Eaod3RhZ&G5A>}r7
z#b-iWG1v<uzOPqG(gNd;=;(HSzRm$MMW$lN0l!`mHIfSG90X1gWznxU1D|n$-EL}k
zec;4G?AdM_7tzp5GPdd*Stv^jIpTnA46cfasY5$lyJ45Ivr!aHHD@;X?zELs{MYps
zh?SgeqV^_`*WG;pSS@G0#2XID+Ia@Kt+0JNI6-{6T&TJf=-%{n;YD7E^f?P|wXcf-
z{bgHf>hh2sL0dI`OkHhZCOO+i-6O|0xO%=uk0ATSG-*9)YbfB8T}#qU?NF~26cnG&
zneY(YEhU5Dxb*rU$HVUhPeDt{$jYORoV)@*P$s6doS)Av=&_-&>QpDO5K^j-C_}XF
zNx)PDg$xp<Io@2#xya()u4S_0-ITJvJbXq}iC(9wj%dafdCK=LA>|QV={zl~1P!Yl
zO(i*USNB3aFlxe8<eAhDWso#GxXQXC#uJ}~sQur-&wYg%o5TrAmzwrwvUe75l3P0h
zbOkraK0&7Gfm~dFD>dG9unwTgLr9)f=?K|QC{VbeQCyVG{}3TcE2tY@1FFneTHvQz
zL<puqct)fT<_Dm8r~q$R;k<anf;@jQU0}1%eUXD7k#E+g7w#<7e1$yPybQtX)`V+@
z;AU#x#=s0Px5>N?JsnNkcnI6}&su2M;b-~TPq9N%R-?{~%yoHFAe=S5JQY-3Q->Q0
z`0pSb^I%%%DZ2e#kAX_Oc&P`MN?9;6drnGynU=IJZjms&+>Kgs1E*=n#-8dihqhS9
z@Eo6Ah9>gf<vhnS2ovNW>shi)W$1L#@^9hCXn4VJ*scYN{%xtL9n^c)@M90Mlf}hl
z-}lE+A%<(MLG7wopY9uq$;az6fk+AVvRs>nv~1rx?y_FkMwLf%kmb}zKjKJmg%krq
zX>E$gPkId{S9+Wvo<lH@L#94p_{oZR;al*Twrx&hbTrg^7($nw5b|#F$~?}Y?Wb7W
z&5(_Lk$d>5#+S3wnwKuKE5|!sTm53O_<-n727`pm4*B*ji@;w$-Ii*zKSfff(=|%<
zNjltZDDPZaSa3lSM|rPBnCk?a+jMb$`|R1^xu}8;#x)Pip8YPimH8)F1t@Wh7TZQ&
z?)+Q8zXUI{6$w+qYu5`e;*XTjbo;b2(EeqXCZjR3Ds-qyH))(`B8~kgPV)Q+8d>bV
z=3aGF$xR)yWqSkjFqJNp@)U_Cd2W-t+47H5I0!PeCN>-FjrDn^Df@i86&Yl!wL{%G
zHWrqFq9gR9BTI$Kj`_Q4^L5gYw_ur)H+k0$e8!U)=u;B|rghcKp1pL;<)e^bgJ4mW
z>!e2XE6xM|1CyS*XV1o4U8h_UKjSHA692A1694R*%qvjFLqPpU)<b|K;c6cLuJ-hZ
zCqZ4fO6|hlo|1Oy0<oA0?zuCTJ=4P*sTddjI(;ZY;j<%mlP;VtLQuV27#*ev<k)vi
z@Esp9$%P?cin!^IaN@h_!0BclYm|y)M-^1wCoL2dRVF1eQDb+`6q`KoCnX9|kQ-Zn
zeFsX+Pvs^Wx0lVbYaRzk{lY)OL}VThm$@$?uX(a0gq0|Yuc91p_aLpM^mSWvY?Q%(
zZ<FF*QB7h?wgO09^sKt~_3p4N*;CaCb$xjMy4$<JRgC%{_2xV`(>%iCkq+^72+CoN
zcRdpa(%x?_E`%pTxP;VHH-WbODPZ=9j2;Hu8FJ=L=I-kAlnJ{yQp^iG&N+NN8FFRJ
zaDRHongZza*EibMrhb|2r0Ik`RSGoAdH$}2HacrDGl>qWT$&6k5y1qPR`{~dja<&Q
zihy^^^&RqP{N>iQ#BM$7(&_g!*g#wTpq2VwDs*`E<RS1VKpbg!sdb|C_B4nKd#X`H
z{;=K0(-%AQ#pws5&r!~MJj5-DT?ghdJt`=9Ni(d@p|6({UkR?t%ap_R6>pY5Q!5v}
z>GadDLdrE$&!x=9q0ub2*d(4-^sQzmwp~Oy2tAJu38LabZqTKt((o1{@nQ29C{M*H
zoLPsur_E>1gJTer2)SVh08o}z7Ru&N$0$Qr-2;ldUf2LRO2X+6&eh~xqbYcUuSm-Y
zhqIkA4uCY<i+z-<(JZUT?=n1s2eiu5vR_@Ko<B}z4iT+r@%7_1?Y`^u_&t7tbIB?X
zfpTCDH;msbD?16pe&T0J%Z;*Oo<f(qzpiwnYp2!}FQ;>L`D>dS*Zk?A&E<muk}fg0
zKTPNZ%{aH`igJIrYpWO(VGkWG96S(hI=+>AQ|HCq?5dXh8pq(I!Il-m4|`#!ye<CS
zZ5v+=2|#u1t?i1{;nR2yO*0B}+|@s@v4sroB54Xb*o`DpsmI2QgdS$=HM9r*{&i%v
z^Yat5Nu?y0RS4oSk?~CW@iNWN8a0`iruA`J#s+4M>sco}b9TL3{y8RS0Y5M%&iF#|
za!RU9ot(4i9s%q^j7WbPKD$v=_LKHF<@5(9q#bv*(>=zBRf_yQ>e4dd<-)5Oi>~d_
zaS}o_r1~3HOZ+)%9udSQ+41Z2I3pp{`)_l}+)XEETNr`EISChN$(+7a^aa|Wx!(#(
ziGym7YE^bSV|hP%T@zI6_x<$R80<SlQBf&Hj0>OE_9vIoUk&Bt;|I3w;fZ8SY1!wO
zB6i&Az3#`K+jy_bKR|&iISbxl^?t=$@2i+yhZ-Qm@=M%XT4CzL+slsNe=S05?C{2Q
zcp=nY0BUQp2?ypJlxXn^^NU?F1#_O&Yr;W0Xg90R8Ki)CiaoSoQBfqF=#e}>z&%<R
zPSF7%KWDtAe)xJG?KNGRyY*|<b?E3mfyH&C%)FDYYX;tcg{7Krq72!ppp-Hvj;P>{
z`KXFBn}H@spgRJ}@^Ww_uL`8ZkYf}%##XuFRC&g_Rc6W@xEM6DUnRxL^2zQ(DUd6u
zBGkplx>c3TgP}d+CdPc1b>#j+IzFB0Ke_(+K8X#DVf5>B@AP8E`Dx+w!f)zW;Pa~2
z$E;zi%7qW1=MTo0VWQDZiWYhFg2UIb-cCci-FX)k^3#)#1Y6nVl(wZ!QT>zj@LR)A
zOqFtN&EJ)cVd_^&LjA+2G9VBZYR?4|pS;e_6rc|#{=Td4vJii^TL{L0bg9)sT`w_u
z9r7+>b~po3d+TS0>?nK}*a~-ed!b=NcJ<nmS7@1o_oA+;P2PHlI;bULpa%98R#sbK
zAsFvJ2xy9`($(mUnCW1|q^U%cOrld+rmh~cvj-FEZ&|gC_TQuQ&US?z9d27n@dIv?
zX=%!+6&s=zmsCqe^L__>T*@BAYuEFo>?%J@uxdY(pfoNVL~VEx*5>R4OjKBHU-L;T
zyas)I+}*u<EW-I*BXl+8312MS?`buN09>cOEyDJOmCPalZNaMcS$eY4zm8!eiMw0E
zT$qJg?GL`0bH0)b&HlI%!p!$=hy|^S<b#WcQv&&d=>Cz<^ADs@%|>g9WQzm<r|0w*
zR@CQb2mY@?e{_M-V!TK$vm{ZQoYrdjcM>Ej!*Dd9$u!Y=M=Ga2wo75c%R?GE>5elO
zlMyJX62v*-e5bWe8b(0Jq2vNj_zW7~BXK6c4eS^KotflSz!^PrFB^JlJZo>G+eyR9
zLprrCC1jf2rwEr|J^hiGPGo*=Aulf0*PZ+AKCYK%8}F<6^IH45SNXbkW!vv$+mGh!
z`s{D*hzNVR&k!w~WRcCXQ@g50;jqZ3W_@H1QcaF(%NM`kg-egMupyI{s7AJ9+gpK2
zv!)Oj)YzdV8yTjfkVytfmi!CKPm?~$u-Ni9ryPJ`4ND!6c~E4Q{!IrzqQ>|Y=E}>?
zGuBGGG2nhs^a*ntd(YzXsR2U9vYQLyFHx<Zbd*hLzBa!3;f+E<qq^6e6Y9z?l}kxu
z)>Ujdn$sIa+2m?P0P)dN+8xjG>+2!uh0mv~Pw-T#cnF`RhFp2xX7FRt?-8vF4aiQ7
zsgvJQB}kzWeDDIwP(eQYsM}~uqSk$@MPN}OCc-92NngfyelnkNe%N1-<t)527LsB0
zh`%-cB;OnC>Kk3-YFccP3<&5a?PMC6gDs4Jt#V#qeIRyx-C0IQ3Mud`k$;~62=w+K
z)vH&XCQNTjaRk}Ti-rt2H=bq{d?iI;13z9{qB-opn@|#NUsT<<5^krfYBT3l1)cRg
zf@gRcn6r}{{2?(Ti{3^K4~UBN%UWXb)JHW}9Pga!i)>Om=sxN>#OpbGE(528qD>;*
zME=sh=TA*i5mg`PAnJf`=ssV$2@Pu_#89C;hozWTk1oN+yalHA+xVOZ&pUpIJyEs2
zOkn@=wbu@cyGwPH*w<5;Ag3YBhRv7_q%dYK)>}v1WXvoaMGz8{-e~XdN2_WwO~JIb
zILy)(OD_3EVL=@=0F&$C?yqCsf@4lw>gHE8)~rJ>ZW7Qg--20b(y<wzZ0f8a6+Nlg
z`3A%meo!0J`bfEfe{ZRLkB4Ds|Kxy&_RN+5!gyw@0c~rnmfG;u7SF`u7vQy@oq}nM
z=Wf^9dx3vd2RwQuv1%pru)7_NpSadklnU4TN1urk!g7_j@5EZpoSp{QgIjDF677!6
zh!6sDc=!*hlHYzPczPJCRSwb}8>|L{vL+ofEZVrOMtlD?p>InYR;S!mlxI%c-^pd@
zlH=~bf^1%cP6T#ne}Sx&(A}r8dxh$n81lZ>>U7}K`KcjRz(QoZJOS>H+#^i;4Gurk
zAz`Fbqt6uh!O^M5UM#C68%m6Z@%W)bw|N)m2++dqS<`p{4QDwsEswxEA^285ZJUqe
zM%uAKCWw1$#QEHV;TpYtM(#+8K5hkU@~*6)xRiYBpq$W%ew48Be89dT1ay|w2;{Zz
z!s1#fi+~765qPUG$ckzYKlcvEdYHz1pU`|3yADJuXe<kTy>f(nQK^y%1ZK#|g2}ru
zxcykrZC&z+zw{pZkwZhLE^_8!ZwQ7&a-KQ={c4+ds5QFrNv!-+MM(O{Z?(SRS=`nA
zwGMl~GK=A$<Zz%%%L-$Dg-yP<ms17Ipr7dJnn&&KSIpDZ<yTt5EXLNZ@`sc-Z_`i2
z;GYbq-9H&-$qc1@SU`%O7Jc^U*B7oCMo(X`139k^M!*@!C~V!Sfpr5nXA^^<yj)&C
zhD#UH81(gZykCzW{d^iE{Zh_A1)>R=GGvyM#yXzAqi!3%#IX*lBS$#)C9WR*4F>aR
zrCp&^1rD8l5%k2wY6yEoH|`f;y=N{m6d;K9(XuxFdPrL~XQm8D;p3^!mPk$50R~NF
z`ao+Y+hAtn(xY(V{kPs5ZlVc1Cw<*EhL&rZbC9j`6qnoAqp+2<?I|{0?S<y=V1x8^
zN?+Sh^hqYhK3%7$y-qP`qrei>Hmhvc1m_xyu}M(X2;o9qo65p}q=zYU@waLZoI7M<
z=xRQ(XCxm2ukyt$+U5!0Kap40y-fW`kVwwz!V}9d!P|^oG{^8T!Gfau&WTEG4(i1b
zwS?Vt!U{c}5vR7`1MbZAK8UUc_BEqVL|b|;TBHkH0Tp&+V>v4xPEm{5TWugCbX8Ix
z_ZC!ApA<!a%X0?Ua({u`g~eM2nA+D%%xwv0KuXH%Hi^}IxEGjD&_;umgqldZ>$NZq
zW+b`l7=4Wga01n>ZKb+Sfc99b{_{`GT`eI=Hd}Gs#wn3fd>T_<u}0r1cG5<AH@ktF
z+hM33WaIQMpQP4n!+Q>oH_r{vVj^^B50`Hwp1bVrXEjJTYX`B=ohr2=(e!rU-k+eJ
zfNh+{t~f)$iU}OUD_X1<I@_&0M)dmuG-$u8>~%P#U+)RskS;;34vU6A0Bqbf-J&v!
zev@_Ud!u1+@?_J_VG}$pv8w_T9Cxdgudw-Vsrz1ft+gq7^m6=tAX(hrxI95dOGp-L
zDWsLjx|fBdXv>m^q~#%-k8^>G3*P~OXH1I7&IKwJfBa*ua+**;)F7mu?Na$5NTXI_
zV2ZTnv5C+Waq_^hRy|ME^VIMU=L{dT!?TS-15;u2&cL7To}_l?ej?iA4mBDDBg0Z(
z1j6C9dMOR=A2X3=Edh2|m0w%7M1n4@@rx|DMHlFp@BS>@I=YNHJkxdi>BAWbh>CW)
zENWnSFBI=mTH~`cwF9+P<yt3>f3>m_dX<}falK*X<m5zTg<l?8`&az6hKK@mh9m;?
zh897)!(V1L*P!O2ylWi+3^&`Y3D+3~%uY=tE$ipu&yz|+vz2jw>(-GdUyqop8-C<-
zG-d2-zk@lmd+Nf@nH8;M23C#tQM;sJ^{F5D-0PXR9N`s}Eweo&I3W}42dh6}JyJ66
z8gp_j#p^wfFp!!tC5MXNP+&1d5Uy5?n@g_hDl(f6c?zp1!~VigZB9tNa+XBJPmVwa
z&Zg;#2n7`pN4o=-%VI%h1h$jrd;}n5bg|Ln3=c>)9$p=rQt!!WZ)EV`xz859E2c*P
z+{g;R5AUj^G|@FAQnnRxGi)$dc@h>%HH4%qOu3Bi=r=j&Yp}G5VN2|=QRBI#*ic!!
z$mw^1KuX~!r7qlg14%=jHCaG;uf{VFZdQ${xH}J|!Y=D1fNmT;pi|MQq$;%T=MO*G
zxODo*Do*en<!_Oe-dbeGFMEK-%<K?me8Jwwm!k(zx*F~KrwjL?twvR2<gipaZbgrs
zMT+;jmeqdBG3e#yBt%<GNx2v`=ES%nvm0$T(2}YoNEKJ9M9>Zb<}1ZRhe!E8%)bu4
zC&GEY??&=2WBWH2+0F129&j5$h?6m^_ScE!KR{ik35;vPhXWAdpnt%-zpor2f`nmG
zhrl?A-F7x~ITKYQ=Diy6-m1o;>JxHVoWqbfn`>o4SYq7k$M%b@IGt->6Ti(ytK|4|
z2gN*b0MrsGA0BhoPFO1uZ)_JX`HpClxA)9aL-~&A2`NlLoQgZAyKD$FKmudz6oHX4
z<b}`V4T@!zG4o=ur)baDVSuP>bGCAiLbls{e4QU}cMtlPZd)2wv0(Vu_+3t8Kqu^a
z&vw(aQPmGv+8BtQvni~i7(kWPOi<*J@zt7dWqHHW*{{m<5;n7MNDgSpqhdbLnTRtZ
z6P4Vg&fvp`+GWrsrOaw-pR)NjatP#|KR)hr$Ida-r9&|t%wP39Zj2u};Ol^i=I^tu
zj)Ff1%?vv)=9<;bo++?eZppBZe9{io43XSXt2|`S(g)xTAno@rCO)X&U2Seb$vo!K
zfch(VajW1LqQ|OMjylv?nB1C(SZS6QQ(uL&vt_{`fj}s0yM%dmAvb~+Xp@38k1=F|
zs>-J7d#zz$9Dcgzs^k2vZs$Syag#cNcE_LCVEwzq6YDX5vf<Z}d(vqatr>@8KNM=m
zW_st<KRc7pwCx0-vaD2mI1L(i^&rP;w*}1JnqD<Woww`7LqC4Fi%yf*sg%(l)FKz(
zW*m*3vNbN5;XMj<Jeo?iDe#&GBjhw5ufaNQ`P*Yp8^K5z(g7m5W_K0a&9ZWj2>wjb
zQ(Jd!_=oaVcP226rm9$PKNnI=6~e(ZrkmdN8S#H!ooIqSI6gQaeBBP;>c{!He*N9L
zz5U*$ywmmZdiVYq_x|^UP&7sVpx2lGHK6;GDRK1nR{ss`ZrRzX0ML-V2c?Ik`?P!8
z?9*U(qt`D$uYrp{5vDL6CFRwsyrX3D{Xd1YE>>^7tRF4Ur(v(e&0>SQlWhHBvxnML
z<-TmzcdGTV2bo&7ZN$>&>8wuEenm;#%ZmThRX&Lv-K6qq;dB@*d2?p3$r*u>sd|#}
zzl1#xZ{#8Mb<DBpf^&+-X*=pxv!aV38@ML{%|Us3nj8}~h{@pSma9`k_;<T9=4(yL
z%&9&6yT-Uw<9#BXM_7()>nduO9E|(UN}p8AzEq>q8nd%Xu_nj(jS~BOLHBu@YG`Ik
zHEcMMiW=_s*PE<LR3t>|!Uk6>-Iz2iZlDhpsC`>(Sd@C#`$)4xmj&TCiqaSubA)MV
zO%)6ssD0EMKi*qHTApC`kdh9pYz{Z4JM=z_0B!78!CzPyr=83jWOLZDEfZz}eVMcJ
zTcDmREfwr`%d_L)G=M*3BVKtDdquAWZ(YVFE^UEaku`#3vXj&7kc4<x<_Rp0HjP%c
zjLxN2S-g3EFJUjr8qEFQYsRgHcEd<XBLQ8LWlBQL*N<Pkejj@mm*;M2rFNsZxR{0~
zR6;Nc;&(OiFpm0;)NQFb+B<L%Md^6J(Gyr=;MVb99m)Mvw0(L@WW{W4SOHko$9-of
z!BJ@Ua}EN1<^8vTsIZjLW*@%XZ!IyHB0tK}!aA5ZaZ4_-e66@3Qu2Q1n6YAgu_%Dy
zN2fa;_yUb;Im7b_>`q@R?sTIB4CABeiWyU^j^Yg`;=mxiy%PC256Gk|&6eQB`4!>C
zQG-wUm7q2COv_Q5qk3g3&F=m)pMYi|=FNp>*}LyBr3heqf6v<fo_d@KB=xPYtVtSt
zPix5P2JUeWWKqoqf-`1sWzwNh&4e#z`8#nPz6WPSb<LYWWijO3%cl&#&Bca17@+df
zibKq6GK9z%&Ky<*mt6&~>#TWi#jj=TLY#Jt?qfT5+?yk#R#%8}{$A<;NrLC5m<S*-
z=%lBNpM_f}s7vAEA}<_o$ZhRh?%Nbns8?M1(q0HkKdTS8oLxTW7NMmW@_9p*`E<NN
z*EX)#rUMlEDT_oWJrfMIeP5)wl*Wfc_~64mi+|zz5v8{Ptcf-ZWU34<55-nBA|?TC
zM3K%-;=fj41GR$`#7wvmeUR&BbQtI_Gn*NEULpfG4Xd$#=8nvP&Td3zu;5dtaBN1`
z@%G4?Hi=`4PCryIAj#3`FcqcXVF-gv>8N?)<p*gLL;8QOa`eHOF5jh?oaHRuJOxog
zc4F|cv4<>`xMQ)y5i6&I9euBJ1UgzQ4=He?iow-68L)@jfQ|8ls7Ww^(sR<n8g0<M
za#okX`yIcRgqC(K!C!#<cHUz^%7dbgpq8vei5mZ*t2CtsJfZoId<xlf5-Ez5NRL6=
z9eBy#lL_}#W2r3t@ZA?K^Rp+0`(+##L5euNdZimIODZs9Vd(n#|6cBB{^m}0$X;Kt
zl`XITXT5_dIHoX=5zg?6_(vK~>k)LjuJmvff`yYELe1LoZn2B7Csk(J%#aYO`UZFM
zBOmywD&);ZzxPStWdVMh>ox8ruiU^Bc$-A~{{pi>Ouy~mi`QNV=NBz`tuC4iq-^9n
z3fUcl>=5pTL^-P{w&l1EvO6CO*?jv^80Kj6HH|u&u(ue_>W1H$QjH%JGTnLE{Zz_D
zE%{mmCTyf*hOatWFx$Zl>!ic$+l0+SIJv;s`4qR>pt+~M0U%_V300M>kwN-eIaF3N
z?Vt#d4GN>hxpo3h$y6bQ;tQT}U7J8EW%OKWB&!>q_NFP*TeA9z7X?fE$BohFhUk@t
zM7E)MHedbJHJ?yH7A~j-Thkkkx8N745oQvqS^5Pmk_+W7SuSrNM-<Zl*<IJ*bNUZi
zx|nV^%A`_S=5;;@s^-9f=Qel0WQojkCeluY-THfQyEM$Zb*`=m7fLglcEsyWD#xU9
zOe%-}Oe#n3GpQV8QaQ%<Z&EoXm1EB;$C=Qqyy<eG)S#`uf4V!4wkG0;_&8~bC6(qk
ztj^xq!lL>8Q`H4N<0U#j{n_OwA8(pm<>OoLzf<qO*WQ2U-hV6q@9Oxk$Ga)bLs^c{
z`}0z2naHkVx0|?HxR=e&6>KFnr<!@J5lDhes#%tGZ4&gjq5#p5Q&myOQX>kAC!uq5
zf25c>S=1OG9b}IH>@AlH4pqje()NRrrN>SwtAt|u#BZQd=F02b&aQyD&0j{CtQuWq
z7sB?>^QRr6b1#E$dp|E)i_w-&+%(lNF#-2`omgfTC1<+iiJFs(dW!4g&R&o&$kqFT
ziMROHCA-s4=TGO)y3`%g@$$3z)A`dY^Fz}o7{u1!9N{mox;&(P5WX|AMYZ#tuKvfo
z2z?K<TKBuxf7Wx$jPsvaQajo(o~KKmGg*aFksDwt#S$q}IHR|eYf=f#v-)(pbZeq{
zw;Nnm9ir!F$GpIJ5Mo+rV%X9y>p$WRt!U0XpIavo;g%%>uc#A?$EVg56?{N-00rMh
z&kUZ^bD63+c}<hG^U<4L0zjJm{6bUBmQ{Aaw5RbC3eb!)t2({9W+W-O!ugr~#s07P
z>wjM1E$+r|uIg5opD>;Hi0gKapR|Z{G-)T&hw2&v4C>{G_dHM#f5r9Yr4*Xo1vB>B
zZ<DpmQbh`x&N6lbYCir>sMaN4002TaU|}NjTnaD9NinUts58-hpbaxW?mjt}=~gGk
z`goV>>rz%dc?Vk{^9bWXGq_?cJV%Dmi57n>CY`)N&OiXkLZ)+aA#-LoA}o(WP#hTS
zH`Rh=5S!FT5p(WAT)j1fjnXYG5Q!rSmR|F-MMq<%;XbMVqae?4hs#?C@cR1fRc(AT
z-+pxg(?*`-TZ-uwPssvIj6F1sl7A%FEkuXaKzeS++itox>W<omj(dpy9@{TinRA2~
zUT}LJ-+wqv5x}Cnot3w<*=*JlUHTLrZ^ofFLTZxB)J3H<Gi*fureQ_ovQLl~8#}(a
z(cf#6ZjCTzVO(swKP23Mc~PqQ0EQP=<d%z6-u3~&h2gV9$V2vYyo3#QE;F9=Shv~|
zSjT5Iq(^Pvl}p^X{i=B1R6A3y-7^cel%@F}vr!TEqA$|Qg0P*-bnc_@!8%KaY7PlF
zt+NQ1Q{T2mS<p?DD?H)4ezdhqjzOY_2G{haZ)t@jY`J6!0G_a7&2m=KtlcS9C2K;}
z3wwW`SQC6si(Z9Nq-dB)dFiZdjQ~py-ir@X>bG2hl6(N~ADm{lbfXUX3@>L(I3OOt
zk^7>-%^TSBJyiQng1_g7V266`6=fw(qdC6eEQaxEX}+_Cadf%C(m2kaP~TZaDHGO@
zlku%lk4hsz=FJ7hEjOBzw{$~jrlcD?7u)yi+|2d>bLE08q+ah_%VrsOFG|m_*GJQ>
zX-8k6qJT1LVZu_QN7^7gs>Aq(_hEtl!aowPgRSvS!WoFz9A~?rGR;;1GpN}!AYck9
zW~J=i?3H3AT7v=DY3Bm60ql73@|><1q1x@FzFSPT+=pC~RDy4{?$)<wugFt!Wcqas
zTVzQ&AY&^{%U-PJ)+qVX5uVrADv>2w(oC@v!^D6`H39fNRNbXtR}hFk4FeFV_dX5H
zzVD|TIt@b>yZ-oI*n!_F*5iWNE!ed;-t@|oufYx6I{Ucia;7O{ydlqWFZ9CA#jjxB
zS`A!dkt^8IYTwR|;Af9?kv$SWQ|t{F)!lp8Ffoo~P-tJnM_9GtPFuAB^_tY`H9qoi
zzf|CDk&~^>=q^Dx_Y~oi8KI=4B9(a$$?cw*^#Q1GZ+)gq^kJ81*uf2oePk8AH(&(d
zs$M#@3ZScdOJ5#x#`$}v-~Shbm@J1<x7vu<GP8v{T<6Wlzhd9vmAJlNZi=nGn~#6R
zzE{0h+D_li?bq%*Tt~lF-vgdl#gatk#d#^0y;*^~Wp?l*o0jCRTxXPNTZeQ%Vm+9R
z?#Tsu<*<kG2AR-oEtMXekDWQ${>+1G1b+?uEu26FwlsLx7JU>lWkjuIm8E7bP!+YF
zH+av+Dh$vxoVlqe<kQuX+{*HL4*7wY|7QlpL^>Q<P*A--vC%O%%$YN<QQSXNegPx5
zPi%Jwh`Ra%O>f{PTjIIriX6Ogb9`XmdH4Quc<8QXDHR)=v}cI@QY`EMdtPq@^bTBe
zky@ur<jmC2uPDGYp+$J~z-{+Yka~K^tl4t|WSbHdF?;R<iaS=u9w0mGk&~RUz-`>E
z1_mg8D_}#JzRrw3woAdyOn<GP;K~li!XR+@y|}AqWe1Z@j1YTT`=(q;qegbcIyoh{
zvq2p)Gu*G_wWZ4wSZy0QQ|ENMUk{BK$8%b4$k%7DhHT5uPI$zZjc|C30VL>3$Qcy!
zTJu7Mi=k|3<e;g!e94NZ{hDCE7~GQFh4jLOT4kb~d(Ci&5#s9582d&uF!rG_LO&5R
z8?CAQhMf?0!vx`dgV$@e!RT&jlz}9xQr9((m1}-cHE=MdEv7tXxVFG>Fqzt@ME3=f
zwY`D(CU^lo7jf+lP8}_by%=6rkZz#h5_oVb(L}X4Do5KAljE0tz9N9EuFYH-twgep
z7NG{zyZtO?$6VGv6H2aGDOg4dTGE_pjME>i5cD|ZcL2WLlD0TyLl;_nXl-;iz5@f#
z{`>KuYC5w)6Tkz*IqjAjXUF*-KXNxrQajZ5W6N;@lsTLr1o;<XoWaeBX127_pdql&
z`ZB;k!iK<Iqb=})UYes#Et%0@@2gC$az$U3rem7Z?4n>vr0D$h+l$lohrpL?Q7Z<&
z6Pj9o<dE#l7HcW5$&mvKS#iCt7V|{r9&X4?@s)aF_vp;@x{v)5kgBq}W}PhzTbHMU
zjwN-^VLELH&SDVB!hYKxG_WgJst4&TyUQ?)Y7tlpR}a>&UFP~fFvRUyL6gCQ24)p*
zBPK<T=I_lHBsF(X4ok_G{_(e(#lTn=tZ|GT8k)os^#h&AX_g_AKbPsDhow4{g8=&c
zn%=M`7OfWhTD?c!aD@4A{X!dQN>iB`2g;P>{Lb{ur{~#hpgf2aGw<i2b*(=<o|Cgi
zy*M$m>bGFFOj*Ie1pM%h>04P|hi1dKg&UQntb)5{7=EU9QH?kT;Ht8p7(VRorcT$@
zz=--)nO9rkVQm-Iu+eDPxz*)ShzUAtp8MTwfy|)$+-{F#1s(X&X6&9OiL8W<D5ZO`
z^FbH0Y`@jfV{1|M_LmoM3bCR+qv#2b_4AJRhMR*_U52u1r&o6jDwuE`#Lnp;>c01}
zb0*B3{;p05tWyH(?lUE@_C8YrE142l$M$bZV4V_J_m{xh2^$m2(7b4UH2{?3$!#5j
zyf;uzjL<d~C}#i`r=yko0Ohn{aXN_J3n-@zi_;|<j|Ixvg2m||ITk3V2NtJ;@))3;
z4p^M-zK#LP*@4CB(xAoy<;20_baj3L%IWCpq-RWe#_lue8NJV>XOKzH7~8)|&zSU#
z{plHNTBbqd7r%OY3ugkpHfxh|Ws~I{-hIcQq|kD1g)PG@ctX_`$*W9r^zJV<PEH5H
zSMK`MQq#<q(C?zV#Go6SoDF(K6Ck4!nnB$wc`ICx>lEpd!CyLvf?vh-*hr(cV2Ba>
zs7Q=R!gb9Ib1EvDWg7xQ>ztek(-GBuqIx=j%`px!s}}YW-Z6WOi^`?K(;Lb&y68Mt
z0Dx0F5$nFr$)zO!tXR1rt4uCTPftMVy<Afv6;V882`zgt4(v<jdu|rJ1mRpWa$9oE
z>SAJ)Buwa%W?oqDM?o&k*t#czt0r^K1)^H#y3<&$K7FETYL4=!PghQJ&6%dNK3G<x
z;hxLJJz<XRwo(k*;HOUzl=KOS8uIX|(HlGELm%Ji*{;;@#kBqYdCzI>j%HI@mUI<#
zG2vTvXcero{o5`k&{*$Bie-r2%1Y>qYH?2WIwoKKRjs|fAPPStl`>uG(BmjsR=O(t
z?t_wLj4C#m9^LQb1##pRkI6thd~M(T4zkiOP)o$a<z{jVdSxKQ$O|yy9f?u$hLz;1
z&V;v?2+W6nnNgl!vb-?r%T;ea;<)NJc27LPCe)MvaEbHX^BUH8a+dOLXr`{Y#kYNh
z;TF`LO~Ft=#vO~V4G3s1(3>XL7`>G85|pJ4-mY~Xx*`V$Hq1U}R1Ar*&b?~m-473I
zd=}duFDt^?zk-tFktK0#7~@-(Lk}OeW`QLmabm9GKe0DF=L6-jsMx$;_WwMK2*UN>
z3(Qq}qtxAN-|!UBh`_EP6PmdVGq3<oP`A<JM$fV5yT&eo>?QsaBbjTEW@<=f1%*6;
z!fb|W4$E3^l1mU(?|5G2mfJ~T-x;83Pe$FjTbIcIk}nrP4&x&n&LD6hH%~){rH-e7
zXgMdTswxM87<&(6hoH4~_~ekjRm1#j9XY`>|I9TejV#bpFqhi6`Cs6ec!*^mfA{mO
zK^r^zIEVlE;`pz}Kf8bY?)doV=!b9KetmiV`bU2J^ADoRukl|$AN{~y{}@T+`1r58
zIA-o?iRN7BnJi~`a9%)|(|ApQG(am+x1W3Y;nyE1|DXjfn5Is<66E?%iaeV?e+E18
z>r?ZmXY*%&n3Jz$NiuoMYAdel3xx$R2P1Gp7(Ehv_Gh?bYxqSb=pu7f{Jv&_l|0!R
zT@Upoqec=TE2`POw_!c&v-+-GVJBugKi&88?GO}VGts{H;*`zuqG|*t87k5l&7@%D
z{JWRK#yfBofW5r|F0$E(64n~o0P@|goi)r1SiWG8kK<!>0S1xN0M5UAc|!P{&E3EH
zoGI>ss&yIDFzOW+!Gldyr)NO-{lKg^s#kw8Lk0l6*<UQ85n}4uDCMiIzv9I<KopC_
zIi2n5T&5RB^~LE^SJuV=F@}&-5=JB;E<n9xhF7>TLrx`XS4LVF0AS|Ay^RhEga>Fs
zMkUPC5#Sfx(Y(mm3DHuLOo|nvtDXvUP?<A{bE^B$r-%zphh8Ao3wC82>J7*9g^>CS
zx19qWbsrj~^hWZOR0@odf>Z*11!)bzwIMlIMrt3jJ6<?uR8ObEh}K0WlWUe*bWL!v
z)h(QV_i}jeTh$122mlkyC=N4+FJ~r@E4W~_$DW7wXgy~q^|oG9Ow=w?APNV83VXzc
zz;x?HlJ%$!1FZjnp2#_QXY}4I+aL?DV*7Ax@`4e;5~dU_H+6-NoNnw8msN&&3AI%P
zvYC}Gt3(eA<CH8)dCde#vPx-I!mjl2(qPtUIzz}b2zj<3ghOJG<4rkDVaI$^Uk+||
z%uLgzW~CX4neqke&AcKQ7hjvHK3Mtn1g%LnIYaPlAhk8FwycW{9=4dbZjHB%O%pv<
z%DUWy)YPW^o3k3=mIPNhkp*vIp&FiGRu;w&<}}Dkw29hSRy9BtQaEjJd)s0B4-9dz
zu7|kl$<g&h)nFpa&OCy~VN;mUVeS~yxe<JnW<r10-0h)~yO$Vh&dbI?#+94iO5hf5
zPjrAHrnEBM;91&x$gnmmX;{UnPDlwZjRgkn9HLz~C2hT7b7Kw<JGOu_Av7`E<gHA@
zuWn1j-lvT*ACX!WXqEUvkSZZL(D2|LEiYWtoBPX{MLm^HlKc<s&<vWJJqwrBk8qmd
zGphQ2*n#FA!+}r~9J@Bnmrd@PFVW%wiz(HQR`nO;i<XFD#Z*BHwKjqW@Bnh8>>uWK
z5$4x_f)#4NK9nuyo-cMJqNC2UaUA0*#;2CY(GpJ$eWT)1ROw5ZWvqmWvWdqr3%~YL
zGQggXp))6q55g%Ag55??bkY?<ii*y(xps>YM6pkE^8MPHMoz^BC-IfHQ9R8qf+n|G
zq`7{*?N;~I-7c2Z2I3s>Y3O`lOY|GI{<K3qf@a;m-%GekTcqc84n*A8TL`EwUcpPG
z;L5Xa$L*x89yM+*e-^!WdhGrF6Mqp9u-)+ioYd{79ldmZh8P#tB#Dp@?&fv@Wl?mA
zh4rmPY@A-dg*N<bB-QrG`G$+Mc0$%L6eTn5VDCecg?qkgL*}e`na&CdN$Q(|sT05F
zktCgAHm(b!ZXW`WI`>#%m@sE>wmykEP!LuudT?%CA7gYOfP?1Qg*w<uJp1fM7YeLt
zo*Ari#A^cx2iu(t3i|kr382`1TKw<+GLK=N?xf?AS^>of>JiIg4RewdvZyi#!&}4E
z>os)r1oNQlptAVO9jY6EjBKO8tOgHUr0FS%x!UXI8^%SB1Qb>%-MGQQ)}vfRG=W5F
z>A^P%crIKgxbP4jT0P4(0=ue`gt6Mx=D16nVMlJiCRSca7s!!ijoHdBsRS7?-3S`q
zm82~^?!w61*geF0szieEV?1h0*m3R%>|i^vi0^!fiNsN=Bypu`-NraUfTNC7d0U$4
ztKJAM|5?!F`WC`(5}6lN+W`3!l%;&ZM;spNs8nqCaIr1<dBY_~-rVd+gfY5=lSExc
zd~5iGR$As%^91Z=d`YB;kyCKpa<s&o<L6w5C<cI#;-XFA<V4<GyV7IF^fdpB5>|0R
zx<~IxK@p*`_*|l|6!I@h#t6@ix<rL0DPP*_Pt~s2QJvjcV550{zXm+WW*eXpGRx#`
z%xTcKvH``xLJD%}@@P)BgzjjnhFO~>_W10HIkC4a%gp~ijN7Vt*SPsg$dW<gxHIHM
zL?7dGl$Nq6tSLS}-X1puos>5=LCNM0L@pTk?hw6G5LTA5#H(?;n{fiLr&SFvJ;pi2
zPigm3yI;WoXV$dIsgIe}zcEdZ$+rq8w!Rl?Piv319YNaH$E_E`D%^8&bea`wuU${`
zjG+u&l*_I8X!ZGJDV3^`4EEdoNpGF>)=6(|KmW>lt0&pqbBMK6)HbqtgT3bw^+Mf2
zj-{g*DM4GHrv*{qceivi7YNtH#mZU1Ke$%EF6kiZk^fkI5ZtdeTF;((I|x0x#|Q%m
zmFB4T^`Wx9ZS#AQutG-~)``D;=H!B*iqRe}No7(2ux}s+!+#7PPMM}WQ_Y=s*?r4K
zk{rI*#u~v1PN#Rb{aadn+#ww8L##ja!=C-9&iaK&XH1s^@oY&xFi6<P<$irvP+@fW
zuPD#@qw4*~ZHva~0U6<{<x?N!SF4$HE1MY09hA(5`sp<lMl!$QvZq*a`>`>wl})cf
z9OMNfYra}LatSSH!Zn75lxeJjj!6?#SE>;oLG}PA{2raO^@{IXO2jDMxC>}Z7U0ge
z!=d5rCpJ*L`>W{tmwcWPz3t~-@x9wmo4>rl$Zh=N!m2hd038G7WAEW5*u5&<Xa&lh
z{L$OL1qks3F)(H|*;x}|{v><|$XEkCaV4y$v+!?q7CzWj-#!iYrhWKnsI@=5acyhS
z%A?G=c0fC{RfIveib3O<j+M@rb%ZRtD>9yNoo#%99kkzD4%m^=o0{<4m8me3J9Fg>
ztU<jV`(S~9?T6ig69k9%+hQprURJ$mOxsUu_tt<P2;c&UAefd5X@XXGh!GN{*;<OH
ztc0Cr{Z(PPeVninhgCB;<OuAV$eq=VaMOup6G?F(^?v(_4x%F?5pg0(l5OOiA%vWG
zngJx82*jN2XWRzECxEE4{lp{ej37#O(0BrfJKN7a?(aB6p6w?Vp=Z?Kx6pig5PL?E
z450grLh#vs?lswAgrDsv8u4e;#I(_YdJ%v|(TqR~>aUyBPci~MXg}TDK@%E9b{Kgm
z7F}qE>KLAH$9JE7IVPCeJ@Mu=e1_19cHa#^;%q-76}PeD4Wb=wKM&FMMz7#lbfjqA
zu7#l#Kud}w8o*TQL{Ew&9fz@0qbWrzDbbiqkrc;5A8tR7rBOUA<j`6oUuG2D0%I-M
z+uwIoFNm0(3y(_U=yBD~_HANKOfxYFFe8pM(mvG|$V%ONLVF2$d5$sS6jlg>3H+{$
zq?fVJm7U`VvTfWNh?KZEBWcNRSlLSWkflu>9p|~I^Q~#!-Q8-5C4$sO23mFw-%1Q?
zD9Yo)wlpcKvXCmS&s6N39x&F}TqBoShuNKR=Kz)g67*b}=V=>G#=1Bf?2H)av+UUc
zTcu)ccwBThG5z-N5aT*LFOX3u{K{c*yR|h;NEk-I6~**?t0G&Zs@j`0iC`iNSqZy`
z(_o=m_YBXZ8Mn)&t{c7?!jouCYm<h>muB=XQ`*Y=p3iK_$}*M>EH>TTiKLR@+A)Xb
z8D&-Ip3<!-Q%cUUGBkM2SX3yTVf{-BH*RM!mnmP`=&=jW{dR(h^AS`rKi-`3divb7
z?(asy|7}<n+%OTH+m2)Fj-Tt?b0fUA_X<H9efPbU>DbGz`LG73YhivxpB&yRHPpp3
zzv3BF8>Jy;Ifi78OcBGow<_Zz0|d0m{ZHgQq=x20Cx2PHZWEXiXW#E)nGpJ3@6Sj{
zA$rtNl5SXOoxy7K{u~LL+xtQ^noet3UU`U%=ij}oD;aL#B@Ke-6GRblfJ)YG&8Xr`
zX>v<94xElU5ekjGu2^Re$#&R(liq=`f{x;r0h(q~tQ1fCh}N(hH4@3zR_ZYZhfTk<
z;NKzcQ!Jd|>G_%cq6K_u(W6*ORI+9{MIB|3Bh&^`gkz9PuzuU5pbJ(Sk}l#Vk>ZAx
z8iGq!g8wvlM`I6aC=f89YjFQURyK%wm<4P^e~Zggi7496RM>IHt+;j}d5O&PN^re-
z0<wp>USz4Br0j-ePZVFxXql|JW{J5+p3s8NV1NP)zVkediB^f=1jC`N?R9nWth6l=
z*Nfx=!auyexEx$mD+~Zrvr&ePDZE)&Gxc07F+_N1o78AbOr%iP(OyH`=oPA3KqQ6>
zJs?`n$;*&?)bI&}-+@}0FKN!QmsE9wLhN%{Ap&}4mgQj!8^)1oE$(ZJ>Gjr?rmPJ%
zb+O8lW$XrVjRq!;ikj93yU_htR-EI>1F{*uobO{pjJ_?mc$^2WgWiS8f*n;x61rxa
z!7APE$!P(aY>o2dpAK3BELr8op+<y;BxMGy4JZQ_E151iyJ3Wu3$9BFz?itMaI1w(
zx|r6d(eVusn}({xdu4SFj}_WbcL+;eb;i-wq3Tu#D#gm#s^Teo;%$jxc{<XXmql2r
zf5F}L7A?@0&0e#O^1QmWlo3XuaG)!)Tv2mv0hNSmwvwg!=aEWeVb>BQjpKSr0+ip<
zjjb>0L==TF@qob!w{@daE87A9dWT7m+zYsNd)WrzREYLEp>fc<!z#i5S+S-{eI4E&
z8t|E?LbZ{$>O1~~&`hsowOV6xacppMPHoB>q3%8eD-m3Un0AC2bd7jL3&WL59=0EX
zp}8f^&g-m@qU1R(dA0$e3W_!@WobtijKb$B%L}PNd4et5Dr4o>hI$zgw%t=-=3{pk
zhg#@M&Pw$ku%a;=EpXr?cH=N~**2hiBV;=StYl3~nrK#XrFnt~!eOP}ZVc3q07clW
z?^>4owAgH$=RmC;nAS)kAr?;TF`&dgM;NgvPxwe%LCE_X3mf(rkYT?9T-aEsFdxey
zBpJoPgtZei0~CW0VO;=V0h+_`U{T;-ffibZ)JWj3V5fHhtpcE50g5|-V|xPp8VmLX
zP+k$+U~fQQBhVhB6Qv&~NqYYY(vOiGJti@FM9T9BJ9u2G^T;&kF)6+y`WlzGJThtd
zQTiGe`4y2w8IeF49lvtl*p(4bS&spe^(YWoW8tx)2|o%n)+4}TJq9G!csQ&U*j0df
zG!)h@&{at02*6-<fn0^AVh94O7vL&*5(eR~dcdt>1|NdH+6p-cDH&nds~u3QkT?;5
zyy}sVLh{xC+*J>lRfw<jKwZTFSp|si!d%6HScSNYhjTOrz$&z4Nbxbis~!Wm>JdPz
zMgmrOa(_?{4TDuZXwmwCs&-+hqL^z4q-qQrMm#`OjUO;dN7^4a)xD#FCOvD?vnD+&
zwy%+JPmcrjGy>*nG*Wv!#8Z4?PZYdU8@MTgY5>})1GFiE=n$+^Cty<q%^panM+G7L
zm$oZJ0x~@k7}FyGF^vRaiscv4089<MQjDG%2foyXR*I6^er4dLcqu3raOu8Dhtc3N
z<AG&HgUWo?fHDsTlX(nKrOy^nX%y~VERfQ)$A4RUd|zNmqkxhe1X7G(69tmw!5>A?
z3<D(fLmx$u?*>QehdqiQ`Ps6D*wTnmU`Y1>LJFIM$AcinU;N|2kH!KY)zc8MNy4B<
zv03cVuoh!rj68Uv2+AY~VYCBH6h-x6@I_;xi$=f}#X}a2n??d=y0LIYqcJYV!W6|q
z6t!T7q6gdyPqYg;6istK&_tsrb{r&8G#t@L%q|jwBJwae;<sf#4AFL5(KLG?h`M2g
zqN#Sl4|PHcMN@nb^w3Dyp?g3Mjf3AA12q&2Gc*cf=pK+OF=HDAD|BDYXVmJ9g%YwL
zK@r`Egb~^W2#OhE5JG4h94O9|JOm%q2@DiLwi`O=LE_ZDrRn<zQ;h=w8Vvx{g7=BD
zM*hm+Kaq#;o}fSX0Q?CnG^4?O!l-^Dfqo(!D31g3vwwh}@!&o<sR6QMfPH#ldjf5A
zgZcy@dxD3u4d@dA*At+)1?Ce6)f3@%u{NM+n4SR1?JS{ah@RktB7n~rc%I<sc~9I@
zFEmf+_ycgyI9Q(GvTL4wzK}eR2gh^opqo)QQ5b^f9`HM1HER^~jsw;Sv9X81?u?qW
zk@s~R)J_C%c`(e*-m*O50LSNf79~r}9rj`?>RT`)8W{fnxusFkL{~JkWHC=N-i6;R
z3xfEp>0bHN=blYzgalY_2c&`gKD09TQF~jf`8~!dc^7WU62@<s8V{|9e8WnqAbi5b
z*dCGfDMd$Fp<_um*L01`qc8`~{AlApF#b1=r0u4WiZZ5cbf6Dou%;r-jJOq2G4F@_
zaL~Kr2<4&Tf;GBg?G*pXrr<+(C%<9B9H}|^hS_-D&^0O{{!3{pQd*|uoBGT-C&NZ)
zdgrXVQHDpOu{UYE--=mLvL(Mm{1o+q%$y=XW_Y{V7?$w(8zwR*UyzrT($WheLJMc5
z*!^6JbuVGwYMJWe0lTAy-aL`{lYBEvpxN5v_wgV=_q3p;OE6l<o7zw^Lj;gIK&TRR
z4}!Kh$T?~8N85d%<XmwqB{hIc7~pdaH?2{TZRV&^ap&Zt=sep|KqWS?TrTZCtI;cA
z7rd;G;0M^qXX3n+tCFc8Ujz6ykiJ2x!E@kqHl=9^;82SHWUrbyMVi+DC$l1>g3UYn
z`4#1vxvZfV5k>^Rk4Af5!uO`B-Hsbx8aiG?vohy`W|(PUy7*3}3_E8vkr!KY6xK(#
zIszT#f~z&|qIw?dTRa%Gwya8Ewe{D&1WW{DX`PTxgiOs`2Pihf^!Cd3ZZOBf@Oj(=
zF#~UptUaHt#U3@ChH87cUC%5g)YdWvXkM07D1dr_*NrwSY~s>(Z!!JMvaQfr;!DEr
z3W^dp1%b@mC%KWw>gd9mFPSDZH2wwivcEddesPn`@z$I7+>SpuL+Ig;f!6*9`FPOJ
zOFka_0?pyPKT1<ONBfamdE}Yf-m4!Ey7FBiorLKV!h@l)E&HD3W9X#dQh<6ajFJQ+
za*|SjrYA>z6y(%ri?%eAm7C3BiNa)u6Ys))vkj@lwUD=>mR&&mm1WmW8@gb8c^HnH
z6?dIbXzjCr4MH&ydL_c%6pw?DSzB#@IRLK>cxF{$#EnH3jJB5ERZw%5mQ;7LHJtPB
zUWV*nFjxnk1~z0X;NO72>P3PoB@<4=(QvR<Zt=n7Z5{hrv8G-Yac#l^yHnWuHyEkz
z>{;_+Y4V|tt5r!wmC+&ba_5vkf?gUGggPz&byV=_XB&9>prF%$(y53pX>zSvX7!*h
z=crga_jfO?{m>j@4ndcAkSCRMQaSgjayEG_g)GhfgUtFo7+SDkB%|fZ<;Qr&%KFN&
z342x*VU81r_JS`{)QEa0YP-$#&q``~V#5i`Fw;U8C9c!%aW$8Wxre|!AA4ZAvXgkW
z?4s$*R-<Xt%t-aN1-Q>)z$BqrQepHUwmWuiy(}h#u;dE!rC55>GYTVr1gKgH7V^a6
zG6>o9s#(*Plo-6cY7`Z_vz#l_jRM1VXl5ij=tPWjT-(4G1Zr&9>YxM~@`%*(X`BR#
z(pPAQjTSY{83_;_DQcP~V|DOoQPT;N;nj*3H5*|vKy;+2xsSBR{fL@wb|)e6Hz*`}
ze7BXKYx!F2y<iVkB~n&q8;HF@iD@qzObXmPV?3A5N6x35R3(Hfy>!2rUN?TPIO}j7
z=jD&JA>vs#!9f#cbWPE<1@T~Y-?jow4$)$Ap{Wst4u|J8%BR_yt<E5qrZdj-8}zo>
zM13Q3RvL|cFv~Zgnu%l5Ju<5Fc_|m{lE>gzYz?*bbq%{={`(eiTo+N9XT(O-*%^un
z`(4U1r}_mkH_Xg581c=hh-EV}v=N&w-FtG{Bw8~RTgAJc7o%`mVn$vxVy+P&(VU3E
z%5Z^x7W0=grRZw>q}lJ>Os%V&ido5M3iTB1uTk^HMG7GMVzqUW%({4U88cm@hF&tN
zhUx(Ij2u71h<HTF$BK7N0g0$#Q}ceQPe@LaH5c|CLGyr_LK_hYV%I7{=(Q67;xu#+
z5bE8YJXAZ=8C#8;Ypabaa?oPP2ezt*HAVY3VHDy18^qladtdTUh|)dD!pmd#(eU+i
zxhW!#kJ*Pejm^khJ;S8uk+erlL2QQ3EH35)1=gsjl<2gFP<)b=lsbblM~3!=NNovc
zfpPi?5Z&R(E}{%f6v6ysf}W>JfHee71YjT8rjEpI{C8+E<WS&nw~iNKaM;xVyJx`Z
zb`kp^xSw}pl1D84+ueZXEhQr^=n3I@<<g77@JTl&91k})!bG;a=G{~+8#bz7Ug$6*
z9;L)TAntiznf0;vz;=ofEGYLE(w)rib&BA!-b$X;X(0m<L=hxsb<JG&zgEU_9>d-&
zi3s9#K}b9(P#&RzP~}SGOt-SwPQbPwL6oX3WW?@cUMDd`Fgcuv#;x!FXUBAmDG`f@
z!wr89%`6#36P@>;bu%%St?P)h1+S@T2tug-fjJY@bR2K`MNFz;JJ)JXE+J4rW)`;@
z;%QE5;o-i;fdyl!vZ)AOZHISKvlrwYyS3+pMaIq%G@CUET+0d$zByp3%KZ|VYnEI`
zSVRfri=f%J?u+3}OUg69KvcHbZ#iR4%N4t?KtZ;-Pk@@`N-+x-El*haB<OJ<9#Ui?
zMZ&XRqufBm#TqFx7Hg`;$b0bq_C4<`Z}?-MQ2t9~W(>YC@FVUx02JDtjMfBPHgDD$
zKooK7>PW{bU$7DYB9f98of`xjv`o3qKLngj!&2UhY-5=f7hbVrSBtl6?Vr!T{KNby
z9CyKPyKFAb!or3A<Ci_t(`{zgGIM^k!2Go8H_KEV`ri`190JGgwQIIlV9lVw83^H*
zHF1#1w5G}0W^m#!zyP~XwWe5c7Rq&E#RIT}mAuFp`AeO=f5MhamgxUPjiX89@7t+$
z0{vgyfBk3I-Vcdz*lOR|Y!`urS6g>Iv%^CwW<sFPbMkr+r5`OESRj&SS&N9W0=Sps
z9Er?MOGe(w3$rv;#!kpN<b5@Nfld2PzP@8grF$jcAd48l2x<c|H<&;;z7{4>vtJ$B
zPd`7Bc0PON?V4?xJXecEgtaGnN!FXkfw>?I%l~Ur++@Ds0y}4oQL<^Zm#7175GiyH
zx^>@44#5+(X8L_398oC!&jP`90S|d7La+Z>(QIy5Pz`E_f9j=cKW?FLn9pu`mL{~s
z5C~gTTuB>NW4KQ*MI-q+*3;|+TgS1WrRGVM(b5%j-Q0T}nr(VvB$2dNU1~GW?XR})
z@`9CIB4X^234ZIK9AR-Ew`b+j@tyimd#Hc|MEwY1bla!L9w)C)?40~<;}X{gLx}xo
z7~4mCZ0r&>OkgQX$i_TMB^jzQ&Te?3kLTonu~ORGc11OBVzAtGu5Cqss>oAv1fTWy
zGtXIylKHXA3C8^2z6~;bncE2sdd{KCQ9I{5SKXqSF*L$%Z3TOk4)V+n1S~v>9=eoQ
zq&mbhYq-gOnEgjd$^L)#{{1;_+)5P3_vic-DCJg3%BowoXOiso-A%rVABi@$N7vHK
z?5&;s#%L1Vjff2}1Sz>^v;X_2a1H>1Y!U>!C6ApUwra;|k%xF3ocCh|cMNaOo;NH)
zl<cyzmNJ)_Ty3xOg3(lKa%BM&V1(S1%k)?|NJIfB2*5M2_LZZCM2<R$14<NK+YZrD
z2=da;hxbHQ#{;mCW@>tN_a0|`?x-A>65p`1v0`@LPWPQR6V;|~Av5xgcpuJU)sI}S
zY0*de2MKm#5m7tZI0P4!S4y&kW*SBY)##$;AZ!OHs}*vQ$hOK$Vti*MOcZd+FmWmD
z5U$l6Jpp6G;6<|xO^wB=+)&=@*^IGgj;Rs)IMqQPqAqAe@W$iR0v%li)K>T$ggdVO
zXT0e;s^;h8RQnuL=W~ReEWWnqV^#GWQP0!Vql^H$cO}meTNhis^D*jn##ii&E{+#f
ztFx}b838e(N@uJ3X3Rb4t<Sk{-OcEVo8!Y0A~rv|@ybAD&B&UXkyhB4*+*8;93O`p
zxzCSLFY|FKWsa|rIaIG{bal+Qh{}hkiy47o5s!?of>|HWpV>A}K{$Hbc*hDar4b=(
zjt!O@WY$3g1jwCG!yZ+8RFpJza*f?h-U{{wh7%84DXoN^NqJl4_DmtLQGbz(L~e}C
zZS)w87NP2hw`@B@g%+Q$j}=n~n!1f!cu@4lE`M_AJjA26q8F^q^6*!Q`vzTLjc~P;
z#e%0P6HwAnPk`|L^dD%y+d6oCV;Z{6y!`}v-ur=i#UR>Bk|~)0*^0)$f^`&Ns{IBS
z(RaXZ2aQ2$PA-V3GRXZ2x4Z=n1MN+4)s3Ncr3pjXJosiRa$w<QXTXV`dUFde#g$BN
z8Y*)Cx%XDuBPaGB3ukXT?M*8gVC@l%W|$E+D3#ve7*h4|`j*{C(Wv9M_;9O<OUhOS
zgT2A)1=lT<s<>dJ66}uYV^6s<PUqBkP(EnP{Z=Sia<$}oga7TNd?!om5Bbn9bYsO(
zzkO1!b@fuK?sW%Z*J8N#NA{b~mQ7QFy$a}}tQC06=T@0q(9HI=>E}&1JI}hAoBvr`
z5E>H*-BDodd<8KlXi?DD@JCiio3U2|Z9N!(t4PKm7=Q}$mW!A8e51(98GN05HTzKt
zMv|;jB`f-m$)XWfch!jV6eR`NVOPu-=xT!y^qa-d3P=@scK+=A>2s}tpihV@cGht+
z`rA+E<nO%@^-7+Szr%l@ng4!8{!ac*$Q8LF{(tp<$lu9KZ?aihXg8mpH3?}#1yVpw
zxDAd2o5fE8$w_3u-JqBJ?ElzzF*BV=VIVv`fhC-hd$1gC=q*~MFCfWDPxj=i+0*{6
zl2SCm+;OQHrCsUC)6;ol>3WIJ>LvEVwM%cT8fHz!7CzZe4=gFT5ZimY9V7@=Zdvg=
z*FG>WSi(|QT@&vyw~=7@v3?51%Q?A(y2rGxRtl`gdD!ZX*G~brpBQ&bzl3Fawe`gw
zc|MJ=p6%_^*ti=UDVDnDJr6qVpi-8g^sX<pgyZ`)YsZ4LsSy%^U?2hU{0S%*Hz-xT
z&NFf)Q)0P28DRI|mr~@1qb9xh;RrlcPN6YH#p}%PQ2%XvEpk@qL&R#`DN1O2Qsu_}
zwDtj#uc0@|3Y=`k&W?ngjEJ~v3UR^4RVjr>U*_b(6k7%lW3VFFz&ZDxnWYK+H2)q8
zfY~UC4Q6F)FoqCaNeoB?6{JSLK)Q>&vVv!4Hp$I+PRN3-DYV8150if{%$5hxRP!3Y
zo(JeT=9;SJF+DLC1Rfl6-NHP-Z_`I-&T7a_AVr5#(SyvqgK0lI^L8OLQ}g_<qj-GH
z%fk%sxnatYOd9_il*ei`?ZnPspVX^8g@^}BB>K%#j(BL{&hvQBoq(cvSpfk#BZA!n
zR}2<G?Af$B8rw0`Gc7mJN-^6pv7hKEeXv%O`|9K?G9yn;HI@s!MsSF}XkvoWLuz=r
z)=Ggs5e1D70DMb$XexG|0@u$ZcN9B!CLKy$LwO5b&wZ7;hvCUWrtD(5<bs#mE1B^m
zE>a7M$u-~ec=TG{lY55S4yf0={wwgP`;$1=|HI)H@F~aYjMQpb&X7p1;F!P3F~pG;
z>^Yf{KS?2r=P30GD6j2US?@H0mMOoedy6qEh|34-#PfZjJKIK<nfVTX^oM?)2)+!*
zXnl4AJcgqIwHb7!{|eg{5U4c<%v<+qma#jQxr<=?S$Ieuy2Kj8F7+}MmjY2Nbj_9-
zUG?6TK?{f8*&7Jq7<&o)w?bC{KG9DHFnlD4?wx2ILLLv@5py(kmsM%Lb_P|2R)!(!
zpIC|y1`UyDXxXvJVRM=~-sr4>r~TH5<^{1E5rO*sAb$}1qIv(d!BRE*;Ca6(3ZuzB
zDV|$g`g3GN?oIu?H4@!2;J<KMXo#J|8dSJLDHJiYU2csG#+3_D;3*R&PiW>#sdZ_y
z0S0P2?`z@2E^$u2uOSddlQo8p;|G4%e{uA&9xbZmmX+3vRBZK!@~R{Yno*JHi_(s=
z33MKUk0V5w73L=pYAt2(NiPPK3svf`gcLjKE%YK&@=TK(3wYNUhpnUF-~Cz*C@Y33
zGFIn;InS3l_ZH(1Rhw%Q);VGG6}Z$}sCCrrIkA?i6m-Lm`V~glRgHOg6Rp+Jw8{2%
zN2F(3p!7Z%(io21o6Q+%aq{R4zxt!8#^!xBAdEI<b6Iv-ZuY&;JNBtKWBRVz*5q6e
zYevmI?e}_Ux{s}+QpuD!K6chClS<i&kJRE&Loe)wd}764QnD;FnVD8C2lca*wf@Zk
za?>)`e;yqGePG6cY4cy90v_<QP}%hrzk{OVF$O*~hOSwblY*sHpgjjn61e?^Zw-Ka
z16TC%sBw@-*!rXYk~f$(Ujlu@GH*-5?pU!Uxm1`t3M8H?#aChz^6f8eTpDPQusW-3
z9T{!w2&_1=L7pGd9^e`A!*;77#h-k2{`CCmj)LC{)K~nk;Qwl?y#4Rxvcpaih-@%x
zYTT4a!+p@F@C@weU!B%=ee%`$v-77Xdd<&H_3Ay#{Il89Qxd2j*??$P##F;Le<@6v
zzI$1uCWhP`VlUVPx)oZ_?#A+4xPIP^y_Z04z@@-T@~e$3*suDL-ofd$o%fl(2S{)z
zZfR!Cft`OVgY0OwOWHf0+BX)ypa~bN7g8+wY9Rjo_|<=0y?TH7_SL(ai#N~7jsL19
zLrcD@3RB@2)BL>{^De&T)oEZKb5?LD-Rs0>FxYJ9*4BA6WVp%=_7^N;v@@&&NX4RH
z6k1%})2>wNaExn`aVE-}-by-+jd=kNI|mQ@n9IT>sueV0YEG`J+*HsFrr~Kx_rtm@
z^AAK8<io1SlMmejL4TzD3|e>f{7FOX)&|13oyd(1&5GHN`e_W{(qz@`fCmdc+Z%v(
zvt~%yRCD(<%6wS;$n!n+M!&Yt1~8H4l8c^P&t|5lc@zVMj7J_30Wxc@UGhX;$UC0)
zsx({}%O3exEd&4V`M>I2=uA`vBkvm~R^|FRdAiR6*NmpDFO6hO#Nwc!+RpPdp;r)#
zXp}g(NmSWM4Yv&dhQ4}#^+Mm9Ki%A1*}@e)$Tbje$Aw}^Rm9x=%Oy#<0`=Z<H6R9H
z?x_@m_&E(rQ%J#*{@QUkr-hUm>lE6QmV>xhy)Gy~={c(Yf~_%SS|f_HHkN<QY*Jz&
z7j(fhUTz6B%{u_;>oS@k$Mq^WZ;iKzl4T~TDV+X<l<PuPt2KGr{oZF*A9jzbuqEFx
zS;Y{Rw<em%)`2vP#x}0LryMdQjg5hpy|r%ey}=EA@^`xrr`vi@PVc>cr{2HU-oH2A
zzm@;HI{p1=_tp*N`emw5NZHw_n>W|Qh$W?jO9<9fWy%j3rrf>!LHd@^$eyAvG@K=<
z(u7v!S{C|l0BM8i+_8c$p?EEn>JLS!CpD-*xOQCD4hm{-X+9#s>4kmA22DeGOj=UA
zzi};nOht{KF89d97uO-Y51RfW#+T7Ke&?0HF`ahH(S2Cu9V_lQyFb5|g_d|{njOxN
zyQy<%YjOU|n64mt+<f!$o9E;rO^w1<DYmRKRE^Y}(42pV1y0V$Egx=Qu1Cew-#=(A
zBblQ#GIF=CAs-idPr%Ylr8I-uvLJl0RUJXRbFmF^Ek=f!dp#a1{pHXuMS*Bt9Ev3c
z>n(nQqa`co7Y0bk=R+jSt;A(|QU6*nnWMZCfh-`=V3{BT>6Z0Yl&Hr<cK)%+j=2j+
za|Z7+j-Nfvi2$F_*F4m2vsv?)mTMc;@ZtibEbBk?iX#|$6%^3M(y$1m)3b?{G*RXB
zq(tyhVj40Eo2i5@Eb!n=OQYyx4OcRs1j?axOakT5?0$BXeG(`qfpQWkC$cjMl%GG%
zi4iDSQSK>HCbd{bmONv-vSnDRLaFmXg-Yw#xW482cVK^vT-QtVaoCJgU(^IzG$2XF
zV9qVu9=6d~E8?@*=UcYD9^hsJoUChI!$R@k+~fG%Adh<_{<a5ii=?*0JneJlXJdI;
z1gDDJw>S<po;v~W8ODYf&J@R$hB;E08%1%VeYg-hf5IjB8~gjM2{S?e5p1swk$pfK
z7F=)tX3kus#Lk}r5KYPSf%u~%gXB=YzP8U`t^btencUhUGOh$rr8+Mc1f1)OTx>9J
zwv=SWL|t#zgMVGpQeU@gR+4{qaZd1B2V_mCA@7D<F0rm{U5dL=oQNt_ZI~^DS29(S
zDpzH}Xjk8pyUwN4JIXWQ%eF8!G*Pq}z4c3-Ti{LRo+=wom3E{Q1h54=mAsYJaQ)Py
z@4RO*(OlW|)_PB&46}<j>6o|=1va_?))nf{b0$n}QY4!GV;x|P&~Ti)?LDrAgR{C_
zyG4@}1L-mSxO<DQu_L)Ahz9Rf$L7YB)c0oZ6+WS4qkqvC0IFA;&Pkfj^hEd5dQtmS
zyob+e*()l#9E3ESj6G;0Y|+xo9y0y*1{z;Oj~^(2YJ>^6UIrvNe%{-Wb&%HKq6(SQ
z7446#Y1db4y;PTE#lZQELGuD)W8kS!T_;<<N|SPpv))#j5Hb@#OSgm;vJ$3HO)o@O
zQ~PaeqVK%^@g{%C74%-PvOmV33-WaS^vT}a9FoCW0wq_doZ5Q0j97up;`rXPC>Tw@
z5m{W)(_2$<SHCo~vGHY5u`~SXzThQ`D4Tw=q?uw`{;7mx2&c_D`0z-0Ss@`uRg1mv
zrMZBBg!Q#_D0tj2pEj;;<BIxAJ31mK_~fx7g_Py#-p6N_`RZdHSD+c%vTHt&$E>+`
zo!(vq*8B%koI&vo&uEctLvi@mxDtqFXX1_*5^^iZ9W5{~z~~(bQ{;c0e0TBwFYhki
zzB<(ur57f%tF8N>_%ruD(>|bn)NLJ{owq&#piOoin$m5mvZ7hGCF~=lG2ZQaPX~hO
zEf?zitEMwu0?&RC^0@pV*#?PHtW;xxcFfXLPM1}gS7k%?1YO89%e9}YThtl3rvu`y
zBxJrmEYtWBOxIkEOmmP((=3>*&n|Thcm;Oyu(i><wKLO|NhwSur()|dPjlIG*%@~_
zSZx1Zy~?O6dGd!$CbxPwBGc-+-fXN?kc;oH$xE(oU5EdEWlb-?)jNq2t!icrQdmG}
zu$`M-Z6NkBmnxhvYxicXWkVreoEuE~CB0V+m%Gr*)qiGv_J<e~)Kc}QUUY3YK5z4q
zK?j4*9B{9#9VeoxBJA{5R^*;y06$QgIl1BabMi{43ak5+t<MbFCm=t~Wic#jt=%@<
z6f4_HguKFpw*g1g5&KwveRM{SJ}#C1k0_VwXihFSdBzi7YDq;bSy3RiESPyA2$L^;
z@#ImEBKUnYb7|o@mE>N_&FoHdMCc9aiXM8WtC@EYBIKIL4fnc&!6gaV#-c1^kfI&Z
z703>bx>qckdOtKol3?<@9vujJxg-)xOrDu)m{@s$EB8<k<YH^Tt|_pGgiv77{OLSp
zcjqdlPtRZqh$#aOoW?q-B1cb;=H%MSM`!-J-E%>ROIf&yK$7;8BXS}Om{CFn$rv>)
zMGc|ZVhPyOU^~s25;`QRj1Gy=F~|;b*f(s$o}w~|6H8en%$T9^k>KtqR+c9Bu4yOv
zgan>M8)Xst<;(bevTtDjX#Tf~k;|8sz<VwHQ?71<8)ccU-YLzAPcAm}M=8jwKU|w>
zo&H3d7Nk5wX6%{U)1cfPuw&C7tAc5{Budb6Pq&2|{X2O{ONufMP@qr_v15o@d|5#A
z9C*bOQVx(O5+M7lw=x|eRCq60lKm$=!x#8F*=T6wofIq_Jn){;6xxNJ;Xl7Gc*%m)
zD2fGX6d&r`+gOl&!7j%4aY5jWe!%deFtf<yf*53fh*f<1{&LhJzI}gb*P#C?mpjvk
zDTWE<!%TmqpjykRuUj%|&B{$8TyXYuN5+kmE`v~CeVl&^x$@9GzvUtrSkk=3`e{fn
zPwMn*P<pS|R1;FNsj`yifeIwVqP#{hsGn-FM=PE{rN~Q$MN`t}wqM2|1_HWv0(*;H
z*bH@bP1!V(4?{dbGo^5^87C2@W-3;m&aHHaO&nkw4yHz<MII;d?ASobiT>L;*j7*H
zKr;vBo;53W1Sb1puTXTL{4&goEyWE!@a_A{gLri)Xl9pJ>!&+;HT>b46?Z&g0}6w&
zQ9T~J-XEFLFBO?=`0FT+UcX}bq3fq_qj3C=a=}F-78rvcxiGW{VCypumCA}F5kP6i
zt<Sz;mxlxqekOs76*;Bh3tVq-|08ye`(EON<?Cf!9d!NZ>+7b)^aab;<n^_austtg
z$c_NhR%l;6RwUy~7U(7%)%#Hj9_mE8vzlZ3hCbc*_AJO-?^j9^nPpftA&9+li5uZS
zcBpQql9Za?{tGB?Mol}%12}*G>f+_wSMyE!%eB0pm2y@oHsfW8Ge$H@i;T01X)l%s
z+<T<M+*Gdh7Jg$RxG->tn*JWvu_<L4)?Nx~qPVCrzg1a=dtDZco%xog^G`2D)P|GB
zQU_#;L3IrvJ~SI3p9U$%aGP+zZF{flcbdC>-S~Y-d(2Jb?k(FA=u^0qg~rXIiA$_Z
zU=z+O#fmw8`g7UbAw~z2eb0L8u=H>3d$#P_S@W~=2Zsp`N?^?#KPwJ&ZZ)=>{OR{L
zHU}prKjm|d=6#fS-jSSUFr{L@gbICE<B?uJtr1ZAEUK`wUO`g{QA!1zc$iCh=uFcM
z7oQC^7?v@u$g;Qm$VJ+}>n)QeJlhl?&2PpD<9y7aQodGtkivSQn?C5yyVc(Q%~t&_
zo8i}Id0OxP=i@kT8s)+UBKBxTIqQiVWttnBECP#h`5t_3<P%7LpQYX(#WxSw&Nvxw
ze>tS4%Mj78Y-jR8Q4Fb-pU#xif^JyJin<S)sfVZk`AyEmbxD)kpjTv)559Q$-~flO
zMH_4nU=m;IKry^PKjm%wiT$>NWjLCaBv+-NDGRutu>m25xaKm4w#2<#fDJZ6;Z-qr
z*U<2BPFnA!CIFj2WWUMU=wBARbOa~t4rC>EX~p*ATCzz@rz~LVULU4;U8-`xCY6-7
ziG^$S`sB%zC)kMbx4-=@kp-b7WeMN39}EIU2)};%bWZ-?#oIR!{+O2v8#&`w^#cvS
zfp&X({QLDc@9LIT%{M`7blceo91c(OH(!4}Cog#ch1I#~I%6X;ZOE{YC85yX55%Of
zZo9@h?<KVV!!!ZDT9>BrhsNHFCnc7HMbaq;n&S`~^@nqCVjwK|jAZ<lk)`@$A*;OZ
zBaZ>HL71kgC{CirMa9Zb7>6`ypKRPEc)BGKnl2Z&jWWHVX5z%eazN+@=9M%VYr;~m
zMv6_>$_x2dK!LC$Ss3evRaTS{x^2S}&sAXC$!H-Y)UtqJuMdE#R|v6mt)#t-D~+Ad
z*K*Gp*OA&9^A+M!C3YZV|GcmP4e2#Zl-ic>UL-gqGnm$lwg^<jiMc~*1m!7KR_2%>
z3{%gUDTO_4gD^L=xYatMp~!Q{I#I6ZM8Psz@;me{ZRpm|<{F&q@qB)aBt#ZOm9#K-
zUjH7F0U`|ct&+RBMlodVw$c-A<dRUcQ$JmOncHSZCMf*{xcQ(}VKxJ7xnp9-8^e{q
z*^?{d=-|yIX02t+XU0CmjR5<gEE&fmFlHQM*fZuG$Lwp9$e9c83sjcYL8@Q`#4#Ls
zILsNx1M_7Zdva$Su{;__9H+)H<l)27xMSAMhs!r46)EG=ZCb>Rl#*;f?6*W@PTm@#
zjF*cpl+3CUfyW@j+a^t~r9PHH4>2Ux?lGX^5n$`yJxG*?NWNKKETMa-%0)9+YlLff
zP}7ca4G)<-K3{XkgPS^{PCBNnNn_9K3pVLt|B`<o>cv;yim~)XAkuhqO`>?5B|&j=
z^1>zD*#M$TQL<u56L#ub7+Ah$8&(9GRoh@loAb7&A~h{y6IK8rVINCY=(BineM!=S
z-?2iGlRtz~*G)&EUeAA&c>=x^AE*qEThc7ND_2h&SBXm;Qc<0SWv=lJ5;TDnZe>*%
zpO>xvlE^~q+<l3#^?<4$E3JYQUISrl%XM&=?tY=swacYH8acQoQ+CDn)<M|@T-<f{
zpqwgWO$1l@P<I&|-m#&I1=5kL`p`(bicJlagywk`biPOJwU8;hsumen>+8`*|E`xY
z_{yp5Lrrms^EPzY{uL97gIv<8xTB9@Xn)!lMnX<s#!Q_a{ik>J{J$Gc@zk=Se&bt_
z`|ps1W|?Z&!?0vOETe0Xpu#RJrg4pgc1Iv|1Eq>Nwj*ZaohXWIBqpB<B83HTMrfAV
z@6`1I!m}-yxd0)wo186Qyt8HhC~B)2A`P&mPlifg)x$C(%dqwj#~YJJcu|%GUsPon
zWyka~^XD*lmW{1!&j{oit-1plo0$zxylWO=p>`K{moU~s0muXRW1wyeOjsrrbX){_
z+-%Z^riI~?38HR9f&|QSU$Hio_u`%w>BUuV{#a8atDpCUQu{N}ztaV@#m5|mfWvFo
zJN8q0!MY4=rVMu5lNCgXPA^x;d`Hv(7u&<BhL*A*)XAwfIn}-lr`jbt)ifu~xPqcO
z4SHkCP=&2@WBnE{Yf6XWZ9DDDlf;K48EGzUeTuCz#kn+{lOM<f0<Z=Yn2t3c*C`~}
z%p0A9o(D3Q17<xOAnZ^fByvV|h8@Dy8EWwwUqQ0WX~Kflxa#2;YlL|@exnFfce3JX
z%+u`(Om$V!(saS!Q26I-y>C4gwz>vaL<@5z!(t|^*eD{GXN|bLqr0aAy1N}C+)~6M
zOsM!>bL^JFbEa~QEOp`Ph*bD`)DBp<*0{5eu-rHUH39Kz8GVY;h4#q-4L-=8Zo~ok
z!<R9lu6OM|Jad-Vru(oVTEyJKVd0}KV8lR;5<!|`Mg-Ux_o3$;jBy@CxDP$aBFZ@%
z<39A{izqS?C4n@gj0mt_wENIwnpeh?xa&%c*aY9c4f~A6A&j^`uj}>dt7bfjF?Y3S
zxDSty=ksF>{HPU%s$9<gg)ouGG}cS4=UAu`#H!j9<vUL|cD|$Bk~qHyZ4qPZ6usV4
zD5^yvSMkU!*cC~PmWeC`MKZqOP&^=Yjn>Ht{y0zaDu!m5r#EaPi|tw6uRY1D23+&R
zX$-wA7)h$4V4}>nk0^7wof}GKuSfGxYIhl!PaRJOT5QsiV)l@Du1swGE$+x2E!6Oe
z$#^j<<#$}kD0B(-p>L0vzVv<XL{Gl6Nd-6c_f54`q|D}iL~g$+vRU7amdyJ!TpGuY
z&#aGqd+gEIzCG*)?Q>shCgq5jlhPjn)yIg~gT-5$GkA0fJ2rmh(?zEY0s@!WOCFiR
zXrFE-E|hGO%YqhLk{Z+4c0~OPuK>ouMgL%aDK8GmV%)HlSDO)qG~juENA96WttozM
zV=C~muoKr5HK)lfYDsQ8v9XGmXM1#H{NNi#hirjpiiSW4nKHfK77)&<Vg5xIYQ$YV
zF+fhWocI>RghxL<5?us<|H$5G87JtB8sd`iyfK<1wi5pAG;O3xDM8OP<z$v5lL^ft
z%H@%!6a&cf%HCD$2-GN~zlhQwm_;)cHh9xK&v*g_@j+9CV|HkB12ug=@=diNmC{Hq
zg?T0j)!Z02!FyZFABv-J0RWr&`;bg<?RK&@1wlrsRWDTq%7$41%D+K~atZEzCvGZN
z5q;+}3ZBK^Mq9wz9YQ5cAlfInKA)wmv!{eJ%-n3mTNHOYa*sFJn^zgy3ySMq&SFcb
zjpK6E-#UtKoUz8Ry=0r1$}K#qT0BkzF$NMrX8QkGV~_RlE!YwRR{C#^h6VbyNry>U
z#!ARwVXkaHM$c^Iokq?d1o>8>qqW~XvwTkIX(KySq53KqOEEttV-9>#33Wymr#3{e
zAFx~!p%nzzy#cLA1=AZ0b!-Z`Axh9(ttIrjOK46LUIv=V6*RfkuY%7Grguh?Qxo3o
zA6qlUr(74ZTJ_6s)V-Z#RN39_gln{9MbfRH!>PL%SEsl%-XE9;q2$VyUPgb@i;VIO
zIZ=#}R~Du5FV|sl8Lg2;GgeHx_E7?Bfq6uE$mebf@arAuoaCuPtIj|7qeB64ShlwS
z6RGs#Ixem*m9Nd?oiPQfgNx6kSo!s~>Km%rfgoIHJv^;whKv9w-wX1^^(BJkt93cM
zXW-dIo?g=$J4xOSQ0>2E3K&gk?0jgA*Gs&oTd137;vpL$CIgDK!N@KQfMs65g-xgc
zVG@ku`e;>m^EDj1Yt)F~6$*DhBTH0tgI)AG8nxkwk>BrX{JCM9JfmfNEXUFJp4Hs*
zzUn(oMLMIIM!T!;UJOMFxSQGt#k#R%Rk*H4T2LExM+qVT+bmd`*1c!YlyWavVQ<CN
zcQ4KepR>9BUqO%-jAa9*Tw#p8OZfnVhb4IS<{(VHPZsWnf7J`uZ~kufuU@x<-+j;=
zr_c{Xv<NY8_;KB?dE198nO^5CnVbGRA5bwSOq9hyg{>=@dYzPU&IS9cjh=ubb9UQ=
zmP`x=EZb~YAxqO#cM0w(y(cGNEyUsnXQY%8=nl}rAj}Iv*hj9Q5(@4u91X=_b0?ta
zPijoCg>S-$Dh&$#O33n84)tviAxIpO&^yU(Un@-l1Q_fGw!ob7VoNq$mGqX)$+Z?Z
z{LlqFNkO1SKTAm^N*<0r(r>!&!#4Or%H@)%D$z_aFWAhALqo{lMNm!Apj?_LcKxL_
z#mKHa9b7z|4Hf1}wqv<r?NTJQC<F&PP|)TbNI==vL=B;}!1#3pOPEr$*q%X8GhW)5
zXpE>0&sCqmh6?N+R<J}0RTfnOCq>Dkkhe^@)CA29ZbCvJu~7kdGB$!0LN_Ey)>N!m
zoyxtTDd5PTodz&u&9J9Ims-N+B^=8_3nb3t^@DIVP0xnA9osGBSuf)uBm5K_R??J~
zbW~*aTk1MznTQwIFfS4&E@#te0y5{2R^n|KoHOhZ)KV(v<eiN4v|>Ouh|17q4QrIS
zuOYEyDM>4k#$(#j<A}D*YUys&j^5OX|4AKX3wzNeYYsavH9#gxUNBqNKqI)>=t>}B
zH@AG)Fs*6!ij}Gk&P0Bu38Rr-jO7NH9UQ|TRBDVB-HHJoqLPL$Y3@6;_%SXz><9N&
zrg8qfR_nI<<vRHSlY11HxA1`|x5EaYl<gk3WKHk(w=~z%>&$hUfho=4bF-&0E|G|c
zLOVu!+G6rm?a(ypI@&GNs{G^LHKg9eZMevwi1t)=Fs@0^bMmW(fMbMVr_p0V&WTm=
z=jK3c?WpGCF%E0e`XESV-CC+i9Ex)$TFGBa;su!0ZOWuZ=t5>0D`2~f_8*4^jVdP4
zaRpspXU_cNR29MQqhMP3j4G@qY2y;W>}8`8?Kk5bhxNR$K{CL&5L?{Lmmbof!6ypp
zN-s;RJc2GV&CosMbMtNTy|_J<9;EkdX)HDVPfhqyP;1`XfRD_#0etQPS)%|O$=<6M
zY0}y1cv#;~6&J!#?##-sgwwf_h=`7{F&z*|3-MraPq(Pi#nmOeZ1utw{140Rqn*Td
zESM$-b;TsuX#X3dL-cSo@9>|YZ-;TbxfbmO(_e}P2`imLn?NeICP=Sb^CF$)v?#Y|
zqd9Z4j|S|gO-8;nIwoYOm5@Ig=M7tDJ!Zzu>S7b%^rF{UpYmg^GA2jUj>ane)*II1
z@|mtOK4t@|ckn=UWB<Xy6ncNMk-;5@1yGYFtvp0-(xg^31EFG9KpKtHrJn@nWL>a7
z=&zj--fyAx2PHy^nMu}n&Ko0l+X!N`DNqq7*%_e?X6u8$xVkh%`b0>9WDlQ>6Wq{}
z)~Vbe7$<$$eDYWh>y>4);t?0A<_EwQ!H}V<Bw>+P$(RlOPRKP2Fx#`CWwK_9C>e$B
zgm9rsnq_sbZi4_4Bu?W?@&(a267FT+8w+TjQDdT7RwBVrM_z8n1nKQ43SiYxXr<#z
z^d!{Qg*cLG5eY1FTjZi^+j$lgWm8S?wTz2sT+rn9o))Qs0td9@*s<*lr8Zx{6354J
zSF}E6F4}UYzvz?tZ*kYOEu)?~*;g^w1FYVJIG|N2H?-slSOEFb^R8`NmkJw85qCvF
z6ait$9G1D0-O_3#-nTc>!!A4;Zx7;5$?X%CLNxN2neYvUkboz>V3C(|qm?=eZE%;i
zCWLdDdK2C`$T%tCSLA!}p?i?fyqab5UXk)%I;$5-e{sjPG}K6)wbTIvSBsbWD3hT+
z;tnE!JJWalo@JT-Z-`<Kn7#w6=PQBP{ajhoq)DzhNeh|hv4WDu_0#t1Aq=FrV+w+S
zY|>AtJ%c}1Ot6BM;P^BZJo%E)ovAji!rmL<qX9aZ?U9b8)ZVch2w+as7+^1N<Z(e^
zs8jN-X#wx}i_6RIu@A%vL1;rj`v7`wjEP`QPA;;1?R`0tu{he~QdgV1;?Fw@;)_Bm
z_0EFrGlSSA#2OgvGAB)Z(!{%#H)-Ns<L97>do*nCr8?=XX<YOcz4rws?__BL6+p74
zWSk9@>}Y8eXy-lM&IKz?Ju2%HcyGV^$AS(NA@_$-%e;$cse-MTwa2VWi7d5_*MRqr
zm5C70e}|0YQAEt`?3`RP+cU>sbTbGn8n&j`DJv<@RLx6oy7_lB&=I_F%(i;`@Mmw`
za*1%`EmL)VsTch02jsg4q8(OUZr95tdCwAg#|lJ%S08gK6qn*P<yovp$f8Q^6oOWD
z&G>|oUPwpK&2ewc2AJAk8m0*h%?ozNWfiv%CXJygQNmEA(bd;{<vP3CP-O_cDbjdt
z7(<F_S*d2Nl>`DB9?-?@&i*kZPE5v#Wmn@%$Ti-M&x|E|X2+8KGGxi;nw-%b50H#X
zc4*HV%xK3S7e+0#nME|*55GO+5^Q)?$-I<#LlZ_{iAL4M^9>br#byrdtWFLJc3<|#
zNM{9csrb|V`1#(C_qNPK>xLj_jz3(NSGapa8bxyL_r}QNa>L7#*)V5!Gax=CjjXTd
z4?`2cfr4?(?4#?o=_vr9Y2Wie7Djt$QCkqc$*~mz-0hjk!LyEo(L0bpq$Xh>6UI_A
z`7e*$jCveP0L0a#XyCJb(NyN63zm_;Rjk+&Ef?CXkk}ZWL<+@Ile=QPbupU2STP0M
zbgw>Y*%+!_?WJG0fi#N~!d671oZCiUV#Q$5h723)R@39+-OG4AYD5?#*|8LwbMIP2
zG(>{i=U@P(aABj)T2F4-Hr_Z$OyIR?6>Py`#zCXK*$9xsC4HM?EOO$AYG37#zE)Ov
zHqeVEu2GObu*AAK638Ie+a}`|Pxi5U;jm|Rz&5yJZzKWVvh6@c=iPx-t)x(Ep4;}l
zaL)}kknd>5$6%4aLR5Ay#Tj`gOZ}f$kU=sMFZFmSnR+Knc>j|e5-$IMBQpLy4t_Pv
z@`6emBj-`i#l=#(!{>@z3L*=$yL(&#GfAADbuZN3@R1NZ=4TFE7L5~pu&Fv9_&}=9
z?m#$TKZOVqmlgue{AkHm5rJ0Cv0=pus>3Bw?XT)Fl1Jg#6R*dG-`g?9yoh7C0ao*A
zi!|{P@>nHx{K`QPdIO10pGLFY<4kuYH=Hm^9UGc!s`KAkxPS}vKO^*5UZ^>_Ac~7s
z#(Wsotml0$8myj?)|38L@jIF^%x9#+^?Z}d9r-h!T40k`EfTogzN1^VJvwXCrD%vp
zm*S|d|Jk5HPKJY+h9me}WcgxZGPT+w@Ho--G4-ZHLr{&K_C-d~oig6m--gi9C@X58
zu01%lv&>}9?iit?KptqQhLRg`Nm!!@Lc68N0h`|o%FEb|PGEs>w>2}_QZ1lfB6H-m
zG-tNkgxT-ERVN!o!IXtbnBECbhW=l5mzLpveD$cqGzzA2i6Oe3n=nFxSwl-}8@5-H
zyee|3Oy8&Wor$BI+*LHT>7kgl>@EnTkeamRD2Nx$8g0hG1cj%JZ&`M4L=<!zN{VWm
z>ve-u#l-UCV~o2oHuYFc)v8qK$AFcxxe!Q)AMR{zhho@-+v}I^c*(e8GX8*iTnkwV
zgZH+|*Wo*=S8r<yxapbOP$ve)O>(LC$y5xmnt|uPT(Y9Tvs-MtDOc2IQpxb7;Y(+D
zcHJ?YW3uB+gf1ml46m&!Y01v8AL25zZBwF|&_<?wX(9-(J!j|{7LzdbAp9cCQDE)%
zKAaO3|63EhB>E)U(Tv@3l>6goAd>QtIO$M_B|AF$dO>x2TL7(5YBQpMj2*mJUil8_
zsa%rRacv|$h<t-Y6O#sHNw`R|D#iFAB%zvC#nAaZwsbFPq<+=PfHvR7g%-sU_%6Z=
zi4_iKlejtyqgEd&dB-T(GdP{V0}<aEd}P^M#G=`dHEEh3U-L!5$cr@<f@NMIW^|49
z&Y6}aP1eW@DA9B)W96|TYpF`Ip~;#HS0Yoma@qs=6S?daRbtH6BU{rRo8GhrJ?rMK
zc<t+!wQq;Yyg)m(_WO0$JwpayYfzm9<^<1%k+#2CF1g$|pCuO_UuNcoAY9&%Zsw+0
z=33s9RFZoJfk;|Th0FpK(=o?eJtXBNa+4Qw!)=tj#fgIp@Mcx8B~tT*vr6dWtvk)U
zenCoFtXQex5K(OwELha^VS9{?Zryq8dUrNfv47)DLf%`5kbwj;<Wd%i4e_+CLa}k2
zKKbtqZ>&VAf=oNEsV8p#_us#ZZ?<+^zteY`_p->+d!7y#c~j&>13C?@B*L^isuOJ3
zczJ)%(-E5ik2g2Ls=j&?h~5RlQzlA%xr?xzb^_2&$t#W}`2aSwXW1;csOvk{2QcIX
z()Y?5`V}j&Xc!cIkmZ^vzNxa33MMO+ZG-6aDGy<oxn}GmUW7O%>mF}1TS(jDi9N7E
zwZR6c)ET$wx#PU9Xde5>5>sp?&#D#gEsga_`{CEEy(<MpzQaf9b;3WCMeNt2{>u~t
zZaUl3la%F54Ak?Ig1oNr6gTAHy*GWle)?9;$F`$bgJXCa?pkK4BJ5*X(BQ`tx!Gtz
z*1=m6D#D~IN_BWBVIcj2g#m1FKaio^@-Wy}n!C{WIZng03GLWszuA``ZYC3oL+`NI
zwyLFsPTsB*ClF(EvsAOt1sW*%l8A8NVsmzlY+h@h>s&zi>Tj@yI~9<Qj{wdf5gGrj
zI=YhMYQmE>D-E^@h`jSLIdx6Uc;_)6n@=^`$|mnvamU&HxyksN-ScuiGs(*5AV8k~
z68<x2Z9t{!B27)sCe}+e)fwhqi`O$q?KvYAPk%pT6&oe;3>q)?aTh*z`}ZXj?2T(1
zWS(tVG|Z1i$nq=|{nm^g3x>I~hMU?_cJ>3txE`Qx#T~baoTR9P=s&b5(TtW<v2w^9
z*ObrdcQp0z?}+&m_@7ux=m5zuwP(rfcSg(;4Jb=lxQ(&xhQjpMhS$Qk^&S^28K{07
zh5cqm-+p`fa_lzgcdQ@?|88zogvSruJp6B!uYy5|f44aX)?uq0yhW>o)h5%IT;0aC
z;o5nvdA0ud;uSH!MrtnIcETY;VLw<|SByWfr_Cy1wJRm%>h_S<Ui+IK+xmj-JW;oX
z3F6yUR^;9k7&m&#4bPvGS3*?<tD6F~J~M>Fky;CRg|+6@bE}^O0gp6cw#}45*bj{j
z!H-4ROWQWlAuZ!^?4>y^N>I1rk<-0mNul?HI21cCmo}lN=?CY^Jrq{5T@5+Sg?tQr
z?fSBi^OW74tCT)HgDJ#h>o(U(6*+o(G$+@5!!ufBSP;xrMYGR^P2#d}6M>+%Cr9K&
z7BHiP3X(BfSj<qEEoub=I@_lrd*s2*-+4MpbUDW7J(lX5m#$vc&Z+^m<c}|2&B?b$
zl`(7?shVED#%XxsQ*Lb3)jhyM5TnnBc|c3o-}O2C6dM+{Ck$&Qh*5jXRJ?r8^4@U6
zmL!D_x9q>X)IUhYp_M5u2}NR(R2dEVjnMi#Cof-Jy?^!M;^x)M=j4y(3)~l;=j2A#
z=Hh_D<5K=iLlHN(GbF-<in@;?bRM9BTnb*gF4tk%FUh1Z;UgNVu~x4*g!?dIKBE8J
z_(}jMBUjke)lI$E&=93f*%qkrN`mV_YYP*h^QrzFS<;}PSV(85A+o?`d8XC;e11HK
zoQ&i7u@%HJ8!Q<FYIsvU8NYv16Y=JRd}EVa!x9_ciPv;tmURoujxP++7O-1Y3xBdE
zY;(o$OfAQQZPE2~qL0|SoK_8d|K{*{;B6c+3)AAu%psAR4R)hhyOL*d1uh-sIBX5W
zly&gvhp8)e0b2H6*%p1ZkGC{b_p?b!4~H&*S_AZIROe{ZVoTY2P==+QyGfnDe|7Ql
z?W_4FJ%mItk>-+%aEXRiA8q@J#U1;D*U8J&Ukb}iZXZjT%S^7idoYjKh+kqb@{G>(
z4j-=8l<P4XO}VxkQm@QO^W{1^o8Tv3_yY@t?cEsiZ!8#IEa(qduDvc?IV(0CbAKAr
zVpvD&l_Vc;gAWxV-4*K>GyA*n50XJmk*)&B-8@_Sbdw0?1)I6<GfSQ^sNQXPZNKkU
z)TSP5nX`60d^_8=Lis#dtQRbp(77@-YqM-yHv%-)5xT<8Fop4y<ORRu8C!)6fom>S
zUKK6BHkYYa*EHn6)&HxmbI}VJ?#H`tZlG~5_=^u#bo4|5C_%_<HUpE=$zQe1oMxxw
zduF~5=?!JUlak!8rE8N4Ya2dMxT@Ii&AffCA!zv%*<%9^*ZdC~>!J7fAo+R^3T>_J
zPAc>;avswv$<ldB)OM3`aa%VrT1rzSkrDj|i@yb<;rxO&cQ^<G4yOL)C@V7<l=VIP
zlO+=-*uz)mkB(q<0}}gByz&Uu{s5ZGRibzt!G%W~)K-wo>lfFTO~1&V@zW6j)IkNg
z&o9!)Okp(-BdaEBnqO4q`XyITgfU(~*?H5;!N5+z#v4Jn-sm8r)-YcD>EepeO7C82
z+B6<08PsdM#vJF-D>UyNus#dnF;@4m;qwhY)_~=mmV5ZI!Z6LuM*FeC{;N+Aihm%d
zfgAmg;=AI4mz<We809x;yyZ+Nl`7>1Zy1;{`C#3OcVNuBT<!v_^Fl!ff<3<!S}PeU
z+}w<RJ|lwNn>lg&KKWN;R)lUJ+3%i5w=b_-721xk##WR_Ay_ihG&k-@{uWR6_}@g!
zQi@CczZK1J``$f-nXkG1@w02ZW+z%7!#ig$snkHU7Zqk@WkH3~=hpO>92+O+F*zxd
zJm}wh@En+|627>C^Sr_1c;j+lLQ{HRCm>*TyhY1A@6N}c{}ud=yx|H$bB6lS!^2#e
zwy+?%U1_D0=YOGTT0BP{yfl(jF_<uJTQN}Kyx1q@HaESFZeCmg6h;2!H%~y4`|8<m
zo&*p7)8?Iwwj_O0@8ZGY%=p;iMhr33rqEK>HHOz}T52viAm0E%NNcVUFQ-khv0r#>
ztW9r2!W4~o{!5VVy-VaU(*yq<zFMQ`n@7WfP#=cAJ&2;u|JFCvnPzsqfAcqaUqeCY
z;x#XvAF5)~n!qoNNkT8*UH|3H#UEb1fqld1mViaFTpOu;pSZ{PTibWP29Hg|I_*Tu
zT_?!9*VheC-Hu1D--6Qi)E%liiDmB&Jd(ZBt3TaPQuU@lbGTyun6|mVg2_+hj?yc~
z-5By5jdw&13l;|l*G28<u;5aR$-q3u=dH}5?++56LX&?@_?c2Mwb$BM_mg7QK?dKM
zS;xL)KJO|;6i4AYUo|C!Y!#)N{spd;$zZbujk;<h**F@y@w#dC<M+eW8)}!Cg7PZ|
z5l?_HE;`h`(oR0^*{&glWOpkGRhH|T@HIb6`7tQ-!Fx>}jcz-#{rzB;XmC?H^}dJE
z`G#qR!<oG)!&;V7?2%d1^<vX$e+5sx7%tdWV+6)8J696)88$po3hPvAx|9yMqd%v#
z`iC^>A9_{ubVMSXe%S8$<x3-B+DtTMkc>oN8QI0ON9XA2<;%S<rYy>PS&S*t(R`&9
zL1X^bP9p8sMn12*cMW&1)o-uw4u&OSr?if|f?+?1^SiaK;OBMq_UDoVRT&)H46bIc
zstgC~ABgfJXpVis7&7$1)f9(<(aO6^k4;7FZ1$!kh5Rd&3XLNo_GvWUW0R^Z)2AYZ
z-v-MRR_G76#}-W+nqwPylFEB=Pm46rEIKO90TFSiEM_y&p?(K~>%gb0|Hp!truMU`
z5bf#OVONQ$osyc2Xp&*R;@QOnkx5B2+uD+q_l$+5$tO>qpzZO=Z-4t+0u91amhep*
z2*Ia*{q*Ua{J)F0p^$!J+T|*&ScNl!1MvZ?GxG1(-@L2qq?*450h>zn8b{oA&dEzJ
z{LZ)a(Q-Z5VF}75FPC0vTdpi+umwl>YHb^kYaGk?KqYxFr=VTf*1W+mOZblCB(Q`t
zlJQ$cmI_*rhjU464dsF<E%KY{)%c+ryA%r+A$nM6WJFKfriaK}X4}ljbl0+h<VXt!
zE<=Qqukp<*2NjRO6p*P256z@l!Kn@SN2DKY#8Q{VyUhnYHt{{95{%BiDJoU|p%Q5p
zQ8>1-+M^dc5HPmaq-NN5)=~9`^%;GbLuK5uhWDXvX}kNe2&l$%uJ02SgjS`TK^b}*
zY&|DG2m*DL&!FycOd)e4LG8}RJAJ>Fa!jq;A4CT{H+y~kjH75_yK2QwRnQGP)6~`$
zIBr%8RD2~^f%cfVrct!jvkkWJ&nQD{9;0u)B6PKa?jm<FrzA9?$oP+S4Z}4fSFhee
z3^<6yS`;gpz~sibn&27%YcY6E$SWmFsOYC5n*&m=FgOI0%odqU!sP^TBywYViiniJ
zOJvPxYP(Nsu_(`3Iw$0XzKlzr&@!r-p?*7MX{F_AlOwujL>4K-^7u=VcmNF#io9OH
z3Amo&f|ms?wkW*Vv(v;1`x8X&Fw6?OHA41PSllP08`=S$U61H5*`iPQDu{TymrIRl
zY6lH-kYTrxpP+w)D#C#0MndHF>bW>IR?f8sS5`F3wlnrolV^U%Vwi;;n9^$cA+Yic
zkvcC}iFJF9a2-NIM#d358VMR27gQxyJ?I0>?pU!ku%qCPZ*aJ8|IINSIHN(5K>Ny$
z9-JfKj&4=7M~}0|=)@V>i*ppjTV@DVs2k^4hyZYGKhAwSa_-TS^O3r8K2TrI1DfOQ
z*PHXvx^q5Kf6m9~(0NFY&I1l?pFW+B*QxWddUZZVx6ViG*ZC+NJ0GQI=K)<i_w3tw
z0Iu)XyK|rJon!lV?$yC_uO6QJ?7<#=JP+;Ux#uZAS~t%}>*x8%9X%hTr)PXu&oLlP
z|IY{L>$%6h82!Rw-96*t#&LA&ycP-fvYHVz9hoZCMyu>mO+7U>60*jMhH4*oY$LC`
zwB^Rf@1f?}Ma9lYD#dYW%saVEvG`M!$E)~W2)|~gyN7Y2PBr?9<5=oU?<mjcBC~ov
zggT*(50Z~<a8=jGV&|<~g$5yk)<As<|AY0J#}XPhxla4zJ7a!q;>Gy+meQDNeq@F0
zGWv``wISbYJ%+-G>(Rio_n>*)8TS#iV)CkX6;ejG-Iib=Md#lFR{AJ+sy?jG#Tw_C
zujdbAJi9T4Qn1R&(iGY^4JkV&9tqv1dsd=uQrfWdKKyyb3#GvT-S*d`cpy5+-_m@f
zOUb?G_i-R}A*<46$Ku~3whJntm(qIQ9@scNLN#fovO?%VGxp_-Fq*8j2sQ&DClaT$
zz-cARmwK_zSJvh`BX*5=$m#`57{7~)u~H_;C>A2fn8J$ywl+9(*X+-*{#ZF~w?lQt
zm7eY`+p67F#PSon);e`uUk?-NQ3>xGWA+pJYC#IWVy3t<wRSx(Nqx<eSc=85F|UDW
zF~J@7S!_{<dMH*_IZhW!4CvJ|rLZA0+0f#arB1SnJ*6wXdCojhSf&S2cy!w+uo-X2
zJ)X~xk#BYs<&1(c%C^wB!f$D=&?2H`A+W?sC=Oe$;~jE1Xha_^f9zv_9%*~-vpbu0
zn%gwSlCzhhzKQG&+&S%Ih*4=Y9dc1CqYOel@l%)pXF39mGirqcs9ccLD40<JRihxf
z;H!ZEt352qJ;7LBz||<AUU1gs5{OA>5!_KQ{g^r@xG8kTdr?~B{9<)P*Fe<PD6pXj
zuT~V-D7b-$ub5`wcEpB&?JO%QB&<E+^)MXG=uofjXwlHjMtOw2BLQtR_lW15yfqAO
zB=S%#11p(Tr7MBDH|N9w3$q49tYmFL*4%XTvJFd&XTs*y@eE?D#eIymJyIRQv8N?5
z*1Eo@8E~+OMC9r|aj6L$V+&41f{iIlf#cJe8ttpL?TITh*O25R7bpv&X*4K5R@}z&
zb#cspoY`v>;vZrSx54!nSC=EL3ErDM_5|;VFV>=Pi53MffQh`Um-XEk@h4iN-(Pv!
znc8d3D(g6oXtv=WXemv~Ld|^Z=AiLTA(KB0gys<yGJro&?5I7O)cw8Xe#WYb)|mKN
z<B+zzO!^$0afAvXOALlNLsR@HM<Q`y#C~3O;botVk{$PrwW|5UK|w19hTSEVtl5T+
zmb3JDtxx94h?jLFGbvfIQA94s2Y>h(Ye#oaBcm<rv3G#P(k|tot-bOJNTbaXRP1c5
z@<Y680M3G@iTxd(-6z_X{h~kIR*n{wM}~78?u*88m_??;5@W3^qfRMgi8-@k&sgOu
zWQnoXm2og1Ahm4=W>l)%D3C*z7&xm@5Qi->zIA03=zt|AI$v%VW>o&%Xp2<X5<`+G
zw{ksxUX~b7ys=!fVU-zg=<qANS<_5idpDx4MSB=$jx);0qS0XM_;@})9&<XbcY#sc
zs&YB|7s5m$Q=0>{<i*HIY9YP00r(azAd}A4GycZl`o=79FV<=^vR@x8FxO(TtNI^N
zWve}0OA;e5*BRp(-*A%+rpYN&BmE2~2w<M%)tLb{->{7=wr38Y{^Ll-R?o&jgJ>g?
zR7Jr=nQcF@WbXDaK7^zm%>#9v4bej8WU$fl<I;7aRcEz1M*qsh9l4`Luzpk5*ju<x
z`5jl|Gb5<jelzN75UjDe7h!L{y;q2JGb+f42xxbgRhd_%;Z>uL(vUjaf5Y9*Gp8?&
z2C4O{r^9)T&5_fxWQBN6{{JUG{PW*ur@ucr`Ohb_|NUS8eDcE_{_(5R-=F^7{*Qk?
zJv}-3&p*HY<IUBp|Kg{A|4&hEZt;Kp{p3H{tN)4wa(epv|21-=4ZVPiawdxz9_e$4
zfE)$RZuepLx@P@#dzNtu0s$pKllxC}araaI2D|e2&F?4C{>HmoJ{K3t2;f-uWu%Q6
zU+OV0n?I(sj7fR?>@3SaMXVZ@aF2vK1*(0)fogct4buR`pN*MoM3frFpG5+VjZy;_
zcQooxQEJ0uic*`R)TSu4F)*hnwJAz%ic*`R)MCaIr8Y&WJwTKiDs3IHYLSaG{kiHu
zwSS~IHKh?OVHZgvD^cFaTNV+3(y}G&K!6rgZQDYOEdi_#yWk!-gpF1y*J}J8IA&k<
zn>&h>rS1=rC}yZhsaHEE7o=bb&$%g+K=F6PI#c*KmfrGGv22M_5fydW<ib;mjdFOv
zlu;Z4igM2tBWf+HEF}f|tMNz25`0|$jW?S{)DUd3Tf(@B(wv*#Gmk;1*vFg~fb7>S
zks{s4aJ2)Y7MZ{u7HwiltHPzK-_eYxyxh8oFuYz`_ZY0qUJr|ysy=f<^SqEWSu^F$
z{A|Q&n-cb}xNTOgxIm=<AZsZx+mb?-w2a1}-6i^1Wk0Du5(yDSwzAkldlqS?<Lv|Y
zE<(I%NoJ{S?fEZHwEmlz+pc*GG#e`=$>QS%G<RD1vub?e+1F$(t3u6Rj`Jy%l01bs
z(WGSc>yl)Qs**f?LN;7fWo(H8Pi6Vd*CVcByt1-qQ3GE=fqy$KCAxAe0fkxPTP`^s
zrLV0R)-@hgL~NP6FC@)A^1)$Ieh|>#D!JH}ajiPcv(3_c|JVGu(>}0w-d<Zl(>}27
z9@z6zjI6RMWECt*&{zvRZ8c=;QGklp`bXOk3C!EUlL9z{NAze7F1mVC*b|9q`Y-qB
z;1`7WKy8Byw&JQR#_R~b&_qsCDoGY(Q)MO3Gq*dzMZCAb443r1Bh)j!Q|v5*EnRcU
z!^HQ*&4Gy$`V2q>J<Dl9-S#JPv!Ut~oiKzZ16;`TM$>$;pjo{OUhK=E$XPN$MbLNJ
z?4k>g6L~MNRU0EKe#b-$D@laO=npixWg;ctD!V!9R?v-Ue47{Yj%(y(X$$s1q%4}I
zu`aVMosMGFp*vNn5e*~t!$b5(q3OTicL|G;MK#Pr7jYMC-L$g|dz{{_Fa>;#-xn)`
zW}2*o^)cI-q=hJ^(EXz~G`3f#_kkce9ptmcBCeCoaj{67H0(W1r6PZTQe`h02<<+v
z?cJAl3*X&Vy`2q4*+;s`Gp6RZ{{pr)bEnRWMSA}J)y2!VujZTdkS3EOn`j+}JJ>av
zJBN9l-iocP$UVh6i>CA44bPvGS3*_LVuzNk&kV|GKuY5J;E`8mbHftlC+LQEXlvPG
z5!SQOgu0gZB$ebILJsb<?gn0cWvwaRVJ-_9-s(hd@<ML7vTVh)b33>PC*RQ32y}$U
zozVgACjMk9mBm@ON8PqxuI2r#l(R~)84t$3MJ@Q2Z6OdaddcR6hVEBNF!I9hTG)91
zhnL@~A-j<$R-dynIZs%=J~z<!Cq@svJsT-_DU0}aM920G<bsLJGSe$YF3Ag)uN}zI
zU9TT_{ShH2kqUB*6DgN6=#pr)Y?d->UMu(oZ<U8Q#bThM-e-bF58RTy-Ec5W>_vBj
zU$6iAC)=jsKI=)r%7GM+cB^&s3h3vaqmfqSnu(GpXxUZ60f#>6B9}|lDpHn0@0)_B
zOc6()Y9tJT6g>MByBq7iiE-eLbKQPwr|ejFY?PyQ6rCG1#O>!?9HlQFgTmM#knqb6
zfu!k%59CLG79?_5B?Gyt_pg?z?yHfhgl6pWn<%Z!Jlj;vuFa2Lf93%-q_0Q#pB?fL
zA=7?G!PFnTsS$Ztk8O(&W!fuRvU?iOv(58%`(Sl6O$(-!rJx2&f=j%(x+H%@P>1&^
zFJy`0=S#VvJQ%3Z?xEXw(JsnourZ6da&U+Nw3LNc;<wUztI;Qa!q(6`BGH%A8hX6Q
zR7*^rUCyQ$VC0TIq?qFcrsE<Rh+;x<Z~}U<ET)AIS9N{>idA9D>>Ih_wh@>{AKX~V
zgY{@9Ip~X*gOti%3A)I_p4KKpyI08TjIIcS|8bsjrT<H=uit<tr4mLL2<`&-77YD$
z8Kp=R4!^5N=tedE_TC{}q_!cbS3k}?F&L~)UHT0M8!Z^QS@Y!f%5$E`LjNYbpQ4R8
zBi@U`GqbF#F@^*09m}z-V0LYG3I0Zvk_jJd1Pr(UR<4?jrNG7xUmXZL@e4yas)GyL
z(>G7hFzN8PE*Exh4qgo6)ljy7hpXtFmw;y%<<NADpUCE#nZveX=bEAx<c@ndk{mdd
zy(o~n`{>>#BRKZ{-7)O`CqmwdVdW>75Zh&LX*t&MH{)Ic+LFt>%0fYC-ZmfXf57h_
z;)e2aY~porKQX5}yDO^lRYx|L#cI%?w6<hEHTM#>f-qwWUG*hs1p&7TTRlXvs;J^r
zCaEem@Z`yFzW#bnUh)DO3~|>%yLMU7f`KrKSx%sn4wD5V#0RQUb!1Zw`ypFZs1D7Z
z+A~`!HajXVz;MvJ(2;?D8O%Vpx#a`<8I^ZFG8ely+k7~WJPg;*F@MnP@ew)Wel~az
zW=y8|ZVve1arNbg4`hCa>0dJ|{9(G1?AwbZ!qGM|qdPKFJ3gr+Dl7Y;a<NB*-Nxlz
zM`v4)s6-jevF^#6jsW|h%oxWbuw)!#7&B%&$L#A+t;lAMa|FaOyg0V~+yirD90z4F
zkIP*ilLQc#01%y>Jf@gtFeiC8&o}~NM<()Mc5wt)X9yUTQyfj`;&KayvxXxw4<0O;
zATHB%WPWL#IU1I3#<xEhV@w}q$T+Uw=`_#Sx>1ATg^9<kORASr)4)g8j!7Jz4%-m$
ztFl+r=(5v&bKP>Hx}U9}ZG5EtPSnYF`VhX;hm0ou>AZO9&(n*i8nrd8F%F0ah-q>W
z(;)+>ue*O2SC=Fy7-SC9Okq>#Ry`ZD-9e~ETC_49Elak^2m0VnPP{MPiT5B5fpxW^
zVy15}xbZx$8r*?46PXipSCO@X<quNYD#8C&v6v!hwC2hW=qmwud+ZNN2d!J5$UJIy
z3}ZER1h-fAf_vhJZ`>K894KgCLH1@1p;@g86*Xw#t_G*+Gje_IdVMCHe8I?u7lka0
zH^*N_5GF*PXg!e?s2UX}KH-{`21Nk<N=c}|M57^Ffej3W<y&9zg01NtmsNp~OG%E*
zpN=%I+{$oyZ)=&Zd;Y_2s*W>r*brf4PNg->&7jZ!4mfvQwp{)rON@6a*Sz+-V2WAu
z3ixj{CC9sK_|v{}qp5O$8Jsqm<fo7w!*b)0h4yDHH#*;c#*^*k%keP-_@3oH%Eb%l
z-^m}S8X$vjsh}$~GMrpr{o(DY#uTs~UA}C4pnYizKk)AGw8qvJjN-mKZ$82{JV55A
z<zGXssX934Rl8sX1_#*MILeZc818wuNpBBZ$Z$|VJ?s4lZ0HL!IE#)y1Y!2ugzjnf
zLT)rU?rz7{IF6$iHU>pu9v{AC<#JHgW^~PHN;0`3C*NPZIqjG#vd3#d^L#reKM3;u
z#hV5^u1p|U>Uq#X2)HWbhLvkpb+OIg{Tq2UfA(blM8kY<t>5)4<nG!0>C-t{-RVN!
zvH32U3n_i~Y%#DyFTt9n8ey`oJP`<5^=$6hg7j5s3Uey0>)=szBVp&1{&aJ5MRHou
z4J%oJZh+7fhNl5jVKil-B)i63-k9!}<}JL)#<)(?6j=~Vv|uWiLWPR$#3`G`nS0HW
zs^H}oiQx#B9>{^%>Q%#;SwJ&GR&goAo~hQV$hShVQZv#;M#XKIjYsN*`hldpDX36d
za<DVqW3kr&Y34w=Rh#7w>9IS9*j_HV${1CQZ0N0)bOva*m-JmJhTc4^vY{nzsGY%;
zJqh$Dfdyy)=%SGK3eZrJOw!c9oYqBz+C9y+utbN0LNHw)B~#$Rnjd4_A%IlX0{@o+
z1q8O~ddMANO&ck@W0}VJ`9}W8vy9GVu{vjB_U$zqI=*L%a}DwQPk6u1d(ZJ9(CwqS
z5?TO8kL?&&xka`AnAw}9;mi!6hq_ke0$i#rt;>Z7sRUmxA8*sUR}}ml6IC#vRP+6#
zut+{5@8q>!*n=GHYt1GOIaC0!dz#V29Y^>y(IAvEfnhuPuE~P0hO*`kJKM&>9{*5Z
zGBM;hyw*nr>wb`<|BvhII`wC-v;U9l>zS85R3ARgvi;BgkV9+E=<scdu)yl+K8qBK
zFa-kc#`!a=_|M5ZS(;KN<}X}<`7<N}IHLjZ$D23TbMpO~3H>jW7;TtW9Zr5`zz4uu
z`;y7aND(NzGp=8xt&MiU$(o8)I9P>}LS~s(1*$xyWo>jU3%**hB4k(?cFhbN(S~aF
zB@iKcNL;UEzo8%brrHouZ5FK13s-zoWhE6%R$4W3fO{5jL4IU~H2bz;)E4gd1dvoR
zC5}rI69i^WE)u!vN6Y%N-TO8ihqB>9uj@H^64=uI(3G66*bOhU9@|A@J8v*G!`FrM
z>!j50ch7&|W|o;6trO|Pym@ooR*M2s*|5@)up&@ptuYPLBC(!_ewQyHQOIRm4i)l^
zR)dy&^_B)JEACDY-|<@YyYkf5MLAqBw4}v~g*~m08}N8jM>=BLxd#n&jH|5wd3!S-
zrB;4io%|6y9bX^6qk&~JSgA&BtaKl-oPBEH$JfDss5r9d(zN^5(T{1t*OCh%sv%55
zJ|7~{4E}N?0}7kXNo*f#hy;Ri<QCE`3)Td{F_E2rY_hY{T_a*WKYN-J0Y2gRniba-
zFT<&V{$;SX=vrk$C`17mpiEjOyF&yFVKY{s)(=0OKZA&Rw#m!w8Tq4h-is!1S`0_Y
zU))iifnvD(ZYq;%!-SVVyOQolI;6SVYrc{h6)Vu6^V`*VQf%{5o|l<A|7Cu=nk7=G
zl8Q3WUwbe?W`sH&3RzAv&P4f_gzh6*zqr^DtP!67b4XEbmLqfZHYT~;ACp`@F~}jH
zlUzQ@<&#`Kk)8fA$>m=R&54oALCm_S%5^xXvUwe@L9!w_23UCFT2m04L%MZH_LSs>
zn*fHvai-?vH6*}->#(FegR&j<b8^`086iKvXso;+?<4R%sfs&xRTq4V-Nsj0rvIHF
z0OMis1G@<XC6HGyUjFG-Xth+NYE5t1nSLR66CtulSuywZ6#P(AK?y+aQ(dAqSbyvC
z<xj7g+_LTU0Ph{(yVm-z+1$fg{Ri3YBeB{&*lZ->A7-zgGi!Z>tf9z#i({7K86~j6
zVQh$DlCd47hL~fRF-9@PeHh|~el&*{NeJE=FS2K3s>_~%*H;tOx^hyO)7`wee)`pr
z!#s#48!kpJ0Nuq8xPWH|EdW^)N)Io_TLfQ7Q5G_5RcJ(61Sz12>jl<+99qsss?toS
zXc-pINQ1&3tJcFITagC_OS2Xgt8=&<z?wy$5ef}U3#P)s|ArF-N7v-i)LeiLFTQd0
zOrLGoa5;R9!&i6)R=J)(IcD4W_lOwyjz9MNL6x+uTDa5XEpPR~6%3o1E@1mp^IAu^
zcal}A)bi4M+nKMuhaFsL#mjZIm?v`MF{pD>61Ci(FEY6}-%t%$v#YY;i>j1`!YHY8
z#aA<0Bx_!>q^t^dPIEp>q`1>kv=nN-Nq?zwmdvO~XE^gFx9Jx%sFnKOGl-4txMfY@
zLY6f1B4*tCB$uhebZ-=YT*uW77kaO@rbBR7Dgl}&Y>pIfMEj>K&*WC4@h-B4V_`yp
zE_y1wM?=_=rjn}A0tX-k>%fW76no{@HqpZA_(^q`{o{SIU|0`R4V6!I8BX;i&&Wl_
zigE+VK?RnXr9!IrRmKVjxr-hQ$*37s7_ANqxZ#nxguAcV<REAzY?iE_GJ$3NqzWzh
z{wY<;PP<oLwYZ}}&jQU(2RYV;DHZ5h)mZeOni<vRRa;gVtaqTyszKwwL*QeDn^d~J
z>|62RN-XvJBNL|RchsW3*?Fyv#q$j-X-Z2vU%6-ckJEO2b4w)m)bxj>THmd5DNz0A
z;Mvj)k}t`JuCILPS1gsqm~2a)K070e3P1Z{ju<qrX~cj2*L-(xf}sERS!)Sg5m|w!
z(gaCDb5~8Z%N7Fnf^E<OyYwOS4)v`bE>cx6sv@!AJv{1n7kF^|?BeA;v$<~YZ#S8}
zKV1e4Urm1DwLz>;f5G(KE*QF~_nbvIp>UU;c0PuC*!d^@`7Y+XUrJ(2{mQs1K?l2K
z+m0jb`T8yh{NRSRyFBMq%d-Q_{C!Q9tad=fmQalHwb?$ENLi6V^L%8NT};-P4Zuo<
zr<=1vUpkh~i7AGYv64C9u6(F_tY<U3W$t1>`AkSLD_ODO0#ctrNNY=59jogUZpcZw
zX1pL7U9e1%4J{K>lMU1=S)4wkgl2(8$Y=IZTV2wd+8zt;mxTiNQ>|%{BGKuRlXj-8
zaha^C#yM<24Gq2#%$&TU$=d#ky*j$)Oo^&C8(P$+KK-`2;Ugr`AptK!N9bDRXicG)
z@wGLGU3~%fZI~7IR&I=8g$FFY6AeGbtl<;=wHO+czO<?MMFXMs=9!gv7|ikDMBis`
z^^d#3sGFn*EpUKH2P9>SL?|?`>76Zvqd4?+%31Q5%MVK=JE!0IR1x~4LEp~5b)Z-G
zbIlX_=_H)K#l#Ca0AYx|T*E_Fncmdat!!J{x4fJuc>EzbchtQ<?8b*HNIZ_oXz-?g
zIzg=awp-(U_pRS|;oWz9=yuPHK;HVX^Rf?L<?to$yuQ2Bp25caqW3Ml8PCBSk3V4L
z9sieV;cRdgFf^mAzXHPXwGl|6N)EC11S_VxXZ3vSitMBM?C?s~kHPEh2MtXBQKKJ|
z|Nfs}{L?fZV<c-@l<GVwQuu$fI`@&O`Ic_72l&R5Cr_UI_Se70|NaL5`{dcz@ZV=&
zef8DXzj^XcPrv@{uYdFO>DOQX`sqJCdG_S1ub%xAdGY|?9vqb_Y4J}_p3q#%;*Rz{
zr%Jk92H-rw;r{!Dj9)sJPC@VI=+>zeD@=JB@bJ_)F~c%%vgrKn?#cYO&*o2Tuivg`
zW=WBro6fpitmcU<m{j^Jf7!vjU(9B+U(}%o&k4;r`&cpoX%DWE@Y7%1a*;kKFDg~a
z&3i-5Ad?mhN58N}R87*T5E6rV47p3txtg(Jwqjzg<(5Uovy>G8+<yA*$^7Y8b4)+B
zYnj(GZaj;-@Cy?YLK^GpT>39Gjnvaw6|%~olkSHQo}D%=*$Uba;s2hIj?IR@;O4ZX
z3oVoVx%G!P+$gMhRuwdBP8^xVS{6{1yzx=|6Bny0qlN$0F9_BUeO?!p)ZEkNt!NlC
zLQ^y-((J0x%({3XvuY#U7k2CnRwj_kU6JXpN(!Itm}kvj@i@L~{I;X=b$qcFd8}O0
zV*2gRw*HLYeTnZjzUxaT!4IQpA@Et`oqaL~&fvY*`mXEyyYM`J!S7H0e{(4R_;3G4
zj^DFHiiBq@JwE-fdBXr}KV={2-{<(xxj??2uerZRea!h(peU)aEUS`k@+Qz#6P$C{
zwGQfgFDS!`Qd&KM^>b=nB`7=+S$IuNc6Xp5V&Xim{GalIODLU1o;D`uTUhb6JA6PT
zYqoL8Nit{R;_C9dudW+Ew*>u$gpTzH=#X=`+v4UC?}mKa3|G)IGM75_>K~ZPtCfD3
zEt+t+s$FqiUN^af4muzN&k4rdDBD61A`A-99_32#A02GhtT>}3+p*gLT@toY&6(@;
zR51M&QV9<p769su<XiF5GE}`|kZn!V1=zOj?%RFawr$(CZQC|(+qP}nwrykjeZKiI
z^CS1p%FN0*aZW`=oT`<%syO5fW_BS+8}VJq;5gB!b^-m7XDa~$3al8Br~vj^*1-b1
zeVx4(iQGd2LO-tAB`=6(vB5yKr56eWYye1*&1u@mx)6$+qjNQ^+{*X>4WKOUX2zg*
z4-x32A{H~XpzeP=D?A50H@3Qs0?%?*nRpl;#Pp&Iti#`gykfZL-gMFd%^!bZE)*Nf
z6stJZVK2|EtD?U?7!SR$`2+Uz*0Nanzo`q7L={BNPUw6&S{y`^pTS<-0~KAczd6+-
zX3vwgmmO#Hxc0(y0{O6KoJgfPBy|*VNyqV(xXvtEJQu%2qZ&SGohvanmM2jWGl?6;
z8-zd7U>{^4wrSl5v8HZ8rT_4=6<Ul>AdGAMIK>pcbk-Fv|GX3b0xD=<TVm3`2>84L
zWbS)ubL-J{jna6U^IGIe+9}kCm<Bd3;c`7b=p8=6_mq44GwQ_VF_v24l486kiwuVK
zOHg!gD?8ft$;a~b9#fRw%5%vTrTbiDXy~n&yAFm?)oMAXuLqv{1N1Q^|43R5&IomB
z{i!ohl#yIT{-H?oKHcz3ZbW_1pZ3unH#QF<Xo!nJYSwSjvX$xWZUaEL+BpCZn*hYH
zgLoSG^o^<ehQ~PIt)<;d`{p)$3(bET*z5Z8$+|B6%mp@<Lh*^z?lRSr*^1R>*7Y%S
z0c}L}xS>`<8><nxk%F0EsO(9DeV635&r(|^OIZqbMV{$jNOxNvY`}{$MJ-7C1(0r~
zS!r^{uFM)J>)%h;H(-`*j~rxl<7uW8DKFv&<xyxQjmj~p8$B%H^dsI7EOr7PXZ*Ig
zHA<gLX1E%(W-QF&VIdDpb53C)x1_Bnt2ZX5BeFHe@{ma;@lu*<Wu$t8WOY%;jkAx)
zz#(l^h_Wl9D251)Yy~~lBKX6nxIfLn;aB~NiyZBP>}GDK2`bLCB|MO>Ew**{DrD<`
zZvKSl;=OJjl41d2J)+$-4dG3%*37l^(5>s*oHsnm*Ne56V$SPeA|^jj8zGHK9_q8W
zl{jc~!=l2RSb-|ZdFrL5G7+pzul%<}*qq$x0?tUwc^L*PLK21;k@a{_@x&u=mjkD)
zFqi#bi579jw~Z<2#9wJsy`j#6HF@37#gIr=smgI@Yi*m@J_vR?91-e1>mvH{{=*)R
z{NBcrSSX3)KIWAT257Xj>KpuA%JeCz(t%E;GXt7Ks>HFY1k*}NbxH%{ocbqeX@;6T
zvV)}HgUIU@9Db2%(3XiZXxzkYYT(%_8iI_gQ^?mVo38;?IIYBLeP;fvD$>smtw&#U
zjK_>^=j=_aCn)ck3sx(J^IW*Op)fqDqTXoMcA*vRZZljNMPxya^&&IAv^VP&7e9h&
z{~sXv>>opO<c^M|AtBLH#15p>LJ=v8!5NuoH30}2aEq7a&Ypxa4j0-0N0zEwR6%)T
zGH~#A&Jf!4-}VcqSqdYKk3VW@%{Tt+!4DdaYsl5ST4W>1I&SLbRvj+*-CB@mK0Z(J
z#L8q1O_W^_{PaZV2cdomX}oD>+j5CSW+AbUN^=Pn#P|9wvc>I!k!N5AKhlr9S`w4m
zN5mEamSyUYLxFy@+xC!^ND0v#$>N;3*(rbcwv*(nD**2ik7%TD+P@nmC3X1&HH((&
zqQ5t}4=S9?{#S|1eqPRWX4zrZf?QIsUkOq+h3El)a7%+Nzv8hEtQS4=IVtbYLgS35
zR%(SunfP{w*(h8o5kju10dY`d4WL;KtzKoPtJMXEdH$n>&(+K)#Sh8VFU{o;Y+Vs8
zA7tM`KuV*w4k0`S6r72&fIngMRjzaPW4|l2SjIUGFv_f3b;Z6Au!IQ-=lD(;2cz<B
zK_S*(%IDmL29GSEVnz7-^%JHq%BbP9!n(l5B#<70#3iMUK+&v89pk#kezy|jJ2(;1
z(NmkR*$#*X$o2W;8ZF`&P<k#Cn}(Frv%KKZPZsH)3uieyZ{h+-Xq<*>@+hq^c3Y9J
z@t^Lox};>J2OLZhe-x4ck&qc+0U3?Zs<Et!Mh<R<ZHvFipv{s&5#CLszk9E*Z(<BM
zhj=iAc)}_TSB5gW0*(g!`9~3bTFsvhQAg%xNCzmY^hcA^CDE-f2dJs0D%G5H#L$gT
zRYI;~UqyU)NwsOf<|+Ha`-auC$9Tgqc%;a7E~5o`DZp`sNs_)*h~@i+vvDqi{Fyx2
z`#>Sn998q@WJ$ETk>E~&;YlXtmiHIYe54*b)?nKiUTScS#`H~Rx8;d96wD`xVRYk;
z7^d+7{}OFA)uC^za;RXYJZ@EJ34ty;ZMWN4i9}ME1}HmBVY<B{;&(WnS(g3JxBMF=
zFqyj}B+KCC@lo_gErj^!*=>P7Z{4hzK08vG1*{^P&duZ#beRM`<gC-LlfQgloSHtb
zjS}n+;N~=<U=U+QZBik@wFo0fz*dC$m<rb)Y?aE~2G9DK9!?@PtQc+@O{uq)<1orC
zs}VcMllL)sR)Y5Xh99?0ir*3?ShTDeelUjSB5|+`qul=<)AVC}i7-rKd`1cWA^5TC
zM-aUqEDwK%1DMCtp1IdCH<lR@R;^6b2c%e9DK&2EP|0n2nM}1FKv5}0vZu3o+!=zZ
z=$8U6F=#S^h`<I+vZWbbF|M6P+i@MY2Tm7GFxf^YjLd2rX_#=(yE)0Ut|QcH{KD5Z
zY7=Jb^=*!^T}+@4{;&^q_5w&<97%+u47cRcTi~%@02pabjyz_BA_OT|0NI+-uzD10
zC8bbZm@{^C0M25pCaD0#K_x!BMOdn8D%ZohO%P~!LI0CO+o*+)-J+NOA4n@`>#or0
z17a<`Q)uTTZ;EHV#o3Rs5kyI7+Px-5#Ue~FReR#;mOyWw^=1H;h6qzl6T6~b>V}8I
z+JzMJsOnFx?y`A+&NvuazAS>bEc%VkdDfZCl$o{Pq%n!A<`0e^iy!A`Z?TXvG||Aw
zE6a8hoXfrCD*f5x-mm!oN}|k8#!KOXEXP;jf@_qoQ<l%Yr4&OPb|MT4#;>&f{sIh!
z3H~IQW(ocRvOahWv!r*HgHoi$Ll-f1j=c;&yRf?8y~hk&l#nE;<^<qi(F>4;YtO9B
zzzeNlMxD$NHnaCWB0fn0S^PGDg<9jVjAa^aQnHKYvQ)20f(u<Eif~g&g2<_Y4cAuq
z2H<+N)Z+e_xE<uoc*1iaH$O0~aO-U>Idlag1r_`hqdqlrz^bWOs?3r#8J18EaEoE|
zBOKD|5)LYp2&lyB4)HFPqt^mvH-?N_8H%_^jrU!aus}Q0u9$}>*G%}FJ4JKR2Ka#x
zW_`XDza4(>V^Eu1P9)AlY;3swLhXZx6d#2F`*0FUg_4a;iz_A|gz5)$m{%45{2^x%
z5y7>TTOAn^S?62_3os6<T7z`q)VRHBly!dP8#&!LC5ra)D)ib3*U*l{DB+)H+gQSo
zMz7Qwc&<Ps7*T5<)mf%tSl$<27tL2S28k}dvqTY_r%S#v1|a$<5BR|77xTp4tV8Ei
zsf)+n+n9Z)HYD<Axisrou8Vgo6CKEWCWkYx^p9$c9bMIbJldg8jn?wA)`HHMd~OBm
z7|st_v-&$2^Y)ZBjb~9l?B#+C$994B)m*Zk&xCZS^GsSF3mb76yK-PHZ`8;g5mhf9
zf9FEZu+1X;ti}!@U`rrC=CbE=^Y3ocK9+GSdDE_+%-PDUx@_9lau0}R_Gi%1bsV~=
z38E4EgRZh}<U@-|jhm=CY`BCogFlBa%$o_TF56o3JE{cj#j;H9p1&%c(!pt>S=7|J
z9R>F8Q~@VX(moW79aAR4N-}2Gwk!D6MKl$HOQvyaf&=^O_1i^tzLmrG+KQ>26D#bq
z`K~=VS8}1qEeOt`Lbv9^JZ}%!nqW9feqNIV0=;OFwA^jHmO^urJPk<4&7--&mE_1e
zS<}kiT0WOg{c_4>LJ7+qR%50%Jo3!CnirCbR3;5*>tO&}ckP?6ln|e<80`?mFUO~}
zg>qUHz=TH~Fi$_D0~<QweD#VgjGNS8f}t&XF_#Ebrz?w8Dd}@jUFaCZ4jQFIDdGUh
zRMst1u!0-WlVVyrWZ7)dS+TiL8LcJHZ8$?jV{bTZDf+r0X$VMiHwCE#$8u9`)M2Yz
zBcqYo&OnBSf%w4823lnw>-Dt5qsJs4lEWrj0zbH)p>q>*R=vA8n|e`hx^=)bfTp)}
zBlD){R*JoPelH>gSlD`!>max}-pV^OZGI(<Jw?vZnXJl2Fm3dyAkp&A1j$egkhu$U
zwt*-=EY7%49e$9(jaKbI*fU&fxQ%P<Ou7y9hVRoKTv9XCp;HBD-s@7W&p(C2?qJHP
zC7=+1JtK3x2V0dvEATbhNqNTdZy`^mce8Hgb=98Q;Oid%T-YPZ1k#nwB$16-Y$}3N
z2DCpR@_D22(KT!;%t;0A+G2J}ttVr?KQm>H!gEv)BrNO&B&LgpQCN71j8MaeQ5l)?
ziHsHwB5U;jufrl{4D-n@7XLV^d?|BIqQ1u7qf1>`Trzvm(y?10`UlE#(jLn}u>x;4
zt$^=+-Hzya^=u-08@B|z<qG8iTrMUnq6?V2lGT^~IB$N@<;^kEXC5k?g&gyLpqizG
z@QHn~v2f<%5TN7>eGViRfUtxaoFon@wp4SR1m^M}<^W%9v~bC&(mJA;+wB_lIW=0<
z<{7xW2$W>MZ&QV|&Tz5ZjD&*Zl}*aU7rm?8$E6e09?%pBzJDT$I$}^8^9pX-dAH+3
z8B_jS8OhUQl&!|wAWyna=>o`YY(Ts~3x>fBYhm1xCTN~Y^&P&q5-wGzU$m8R+D>*K
zN>gwnN>kHOCd?h{eJpazGyrupZs?lJF<v`cA<HpHtH5ps6_tnXDkTPcj|`0nRML35
zms2Z@g{SOKHL>Q`n)L#Jpsen;OcS+E+5q{?6naSdrnXF+!^To;+g9D7I`PO;W(`$$
z+M4I+f4Mt0v8P;JCnfS%3s>uIk)5&7IHJUGNV_j1NcdN^4JOnJTM<Amg~B1|_jI|l
zUpfdDApikc#=;?t*^=!<=^(hUEhX@iTb?l3HDeQNnq;e&NvQ*0<!I^<uWQ{jd%uYT
z-nTRrqjR~vL%QI~OEq$zemUu$&LlxWaTIdwrwDorzqBNC+5u*P+Y<4%lTr3W7<4xV
zggNA(%pUtcwnV4@FaeqLI{z~6guCBAltwYG&o%TUnjX4yM>w7!;&8?uFNV9E<`$5w
zC*Yn<hCf4J(soAop35rqnQIxnpTZDAfX3Di@k+407X;<ULJ5Mynj##QM&*(5U}RAr
zUR@K+rnNpyr`_|9defiux!v=Z{!%0Nsom=bw^A;1@jRF!@PMTAx-HMNj@qN6@<6=g
z<qs2q<{@4(>EN&tNO(D!%oG?sahZtBq{;}m*1M5Vyo1WkRa<59r)jTo2&S_I^0}H{
z(NW`qtczO;Haa2f&-g9JOb@$fN@dEcvkgl!LNKuammDu4K15A)o0}{P<=N1+nz3@2
zA(+rz9LGgvj2Y{V95P^FBu?nLNznw38Pm1FkfidDq-lXw(YL|;5~^Z;4z$ATJ93L0
zyE7@(u{G`aR}jJ|37w8_g(;-BJ8%NIV+Yc8DA(j=M)TKx965bDfdwP7<HRQR&@;Fa
z(VQnbiTH%vv(Sw)^gm+!YuE$VfV1tF>lWc$WY`}UI<&Yv)Q1V+W|AdB3Otwx*mq#W
z``gW%-xf{w_6=*}6?Jpwu)yf*LFz7XU(R&JDdN<A=Ksog?YqDhGEKq;m<tPikoNmd
z%eaw}wgb!9eau>4ge>_fES6zYB+cYbk@!{e=uz=6Fck0V%3fEMysRjA&{&K24Y>^|
zcvw*JBfU+34R7JUzTUKm*z~(tZ7-|ypa<h7l{AjMPpfwdsVuwV7^tV;kyrSk$FIvV
zfAu$axJ}E*BBbeg5TkQ{`v0~VsFDBnnmtsR>C!PwX7&QG|1)fZkp6EwionciV6^zZ
zaE`tICH?OsmLbdRrswFBW{OnH+Hz*j5^{^M=i|x%<Ub9;G!2|(c>p}i#O5G!+XLxg
zZ#jrO4MGA`bsR;Vha+#QZ%~_B$z}q~ns`i>X0rj7R%=c#BAcFvGd>MsVkpXHmi21i
z<QD_ED*AW)Pfdf`6psB>Hh&dZE*{j@4b1=Z{G@s8dv(L&7Tdt-YO#ivk^ZJ3r7O;6
zGy2UXKlk7GH?3mqf7(dQm@xvlg9GOOXTkh$@%WFBruI$$uAIb)Twf_}```KBzlr}(
zdwQ++*a!I*W29~kTe=qD7|4p|m+sML;%M~KHlxF)IE`>-`#ptWecHatqn8d0e)*(~
z7f9+NR1My&b(o?sw*5>%hw*=r7jB=Q>=xaEPUsASEYb;T9X1)Td7mN|L8$n%>#v?C
zq^t8Id3Z0OFBuJ>-g^{^j%A9O$Nm$8N|E+=ejWXxvuiPWOjk>ru&i{3+KrKNC<<7r
z&_vnMK|LV|N_su^IvdYi!rSSEYIGvMnzd@YiRv|$DHCZy<7zJW2TT5VG_~Gr8}43k
z_46rz4}v8D-c4JgTYvXSLv9H9s}0`ta3EkV0G0JVC47a;5I>;Tn4gENyZz&R;FIiD
zud<AaTy0!v?5uWpah3AWZI}h5B|xj8Q12)PmUCL|=Fnx7t%4M^qb64I=jQJ?KF6>G
zhB^MGdAlK6^dL%#HYasz@a80>yQXmQ0}aM6o!`S^f4i~#6ORaa-aD5F?bB=4uttNN
z+0%d!JE<*k;RDr?V?E7;7B??%%~BG3>PeZ@qWdq~+Py;71gFZTy^F68ZKNiR3L~}8
zWE@MmBVW>kZohB-^TqMM)EzETbaM-h3grmuib*Hx3{Ru$sNd7&Ve-V^x@O<cSx*|r
zMw+PY7t1*O77c?S;`1xk6-nsyqKM`xHR$wsq5{>{I0nN&lkZojmAy9~q$&(N9Kn+q
zueLJrPyh^zT6@CQvDx%5-^(s&$Ia#?x=&R)o8#m~Gu7tAXKQZn40$8=xxti|hNQ!(
zzvfZIbscU(KvV$Ljkv!@yLJF^yENi{^Az@2`Haz2@u96anIFLn;%S8u)#1m)rzNDi
z7B067i4ya|^;A$a2KCu{3joJOcW*tjw|)hmkA<;<xo%c592pTsLk}CYTa+1}w5Rot
z`_%78^1h#g`E1u{iC3i1H`qvnAHT>RAW8QL;oEJd@H@|!^^Xv1lSn{Ovb1C-D2f`;
z^<i^C6nmp4YeS=^u3wo#{Z6f4S3p8^L~b_A^t7&Fng+x**P6jF-xNC#Ff6ne<gFui
z9flrxH<tzj=_?BkNCJCc+pn{Yvw-UP!nhG17J(!O0lXQ4KJanuTM0PyvfgySpq5Yu
z)A|!&1R}{G%(xKWnUs-cD_y0E5!<ebuqxTDQtpQ5&9u{DIe2yP+tB!8?V)yw!3kPG
zsEHmrC*@i#vnARNzPVH-4s2>h>GLA(Fz`f4uW5dj|0bW*7_SEC{izKwZG4gjf<mGV
zDz5n(qq}v?aZa-wx?yTVxR)JO{lfxj!X!g;D7akPv+CHF0<n#<_0n~md6d%FqJL;m
z>IhUJf5e6`5f#(!PxY?7H>ISwluU0xh8xX+wcBYtV0t9!uIjt}K@-SGXoEdMxJ*wE
zN8D)y4JI5?|4mpfw5h{;r@)r&P8V2!XWltgu$b&5?+<uYjx6ub#^ae2o9ij-KPydj
zKW>=ZwYq*586?7^*{}e`mz2m$?yqks1a-;LQv<-^mT_17lt(6r{$(XQuswN8Dze+a
zmy#XbF9#177a!-R3Dy(dPlvnvu5TmER&qfXfar4(v$BHrI&Kl?0sJ0DXJE4d!d$^z
z?QrmIdlXqB3n-@<Ajh}-zOJW9lD^9(GcIH!%-h);s#Dy~eMLK95QtZ<flCsa!p%-)
z(&6?b@twEKN;+eCBTk<oE}{~H-GnJl{4-3fdfp^--L{ry_d39nReL*e<_@^pgNla+
z*OL`I)$7;>zF~dVdMn!~Do>-eJo@^}yqsALG+NJSKxqfPY}Pg+P(<Y5p@h<64;%mI
zYG|dy{G<vt+_qi`#6F!|UtFFqJGa+^g|Qvq??*GoN8zW3su#!eug-g)>8_ljA5Ztk
zp*d1`<vC@N8NR8Qov9Vo(awD;aKXunIeiy51V^p~I{q_KniP3!nAA`~O=N!be;5%2
z;cCeK30S*2$o0|E2e33?ikXZr#Wxj_b^Y7)LWnqGl>XSaWY##~MhGnoR}s?imc)z%
zsB|fF*HZMORz&{!I|1Yc{88*!f9Y<`j-##}bp+FxBJ>xZl(A+TChi|SZ!MYPObh(W
zO6tN(dMuEMiOAqnE23bQr1$e1a(E4pR`ODX3i3;OHg#F~iOz7uPo6P~4+d+T3jf(V
zF}^E8!hwqB;tr6gP^Ln8xj-RRJ9>Ji8>QSozl&aJVKcF(Y>O1sX7AA95)=fH>pH9`
zHVUgpVa462MJ58|jvWxsMM?OviV*7^8X+1g0lklij!udY_r}OWVu+irymBW@%R@rM
z=!!xT2ylzRidn>CrssxQdlQJHFu(T~kOL)&CnN=EZOsB1e1yDB=_)|-SYJHeEdl4I
z$<KRpfo;c4@x%-&eZPyz9)?&|=d*eGRkT#GiuhyJ7Sk{0T1Vx9bs54in^oWTFf8`A
zdC-OyYx!7y2xH_h;EY5_Di=v!=j@AIikLl++MRg*tg3pM0G*-Z`ohT6)Fi0B43bVU
zsB`+>P~RorZM0YtGH9VBQTI%`IV|)8HkV^IbsH<D6!O>#BWLCXoq)0w#jIN{tIB4y
ze-;zc7~>(^%6@4WxrM8=M&HxNj2Zyq1ViuWe9Zjt&y?hRdA~0<|2=;CoZF<z?NVt}
zM@zD5jL)PF2lIZxM_=5`tp-RSd11@a)^d;S;DSevX{A>Vdg5kynwM-6@CfI!-hdsl
z768_2w%z@v6ex@iUDTz&i<_NX*`TICOsSvL4A0pYOOl%S$5e%(osg`6cn2hJtni>f
zkyySU@WowrGU*5dp3^kP+EuN9L^OT(xXZ`E=!M$W-;9jjBou_op>AkTDB)sY1k^U9
z{{&+uV3%;4P?neibH&HrZueBP+O9h#eK&8+VK(Az;nT$%LY02Cm>$EGUJHVuJb#fr
z)S0WM3U9t6iCM$;hm~xbCqd5>KAt6kHe_fuR^1PmqFp4cDE<SDGy)D?fWH^UP%!Eh
zlhiFlc-lvwQDU+)*6(cV(8rR`FcBN`a&-&Mdm%<%r(A&%P3W3QGXH`Hm@TQo`$l@-
z`^7u5H~pJX?}hqjX~#j&ZjV-TwF3NbHbJ*93o=(Ww^!B6yvCbhsY(H~BdQ7b_<Pm5
zHD$%S+|Avkh)4Q-`>8_&54))_eq^2gesx$C&wnK3!g#AhL4^yqO*gtSK1PVzypYHx
z%Bk=!xoaUl4n|dyn_givr)MM}U4YuzP*O272iNZk*CFBfZ{IS?BC$i@*U0EtD;WeD
zl6*))lpekOp$zCb*H;_xb#H{CvT~V=KCRz?d{Jiz${m9UZ!Idvfg!rRM<a!fW^qZE
z@|}m+S9LFYW$UHg5(~@Ezw>jyX8#2x1afIh(*-iDSEHlL(?wJolcfo0n~b>JH!yt_
zc}6=@0+r*3YGfEH^0*d^_`232rL7g0)x;9F9vETHJf0;s3RZfV*)SMkJe(jL#60vP
zqR5vWQTH2sEGw?w1MCySpR{1SN4D=LwwrgqteBTdcqphC7@H1RHO)><?&&f-moib#
z#hVM6SjZ<_yu*(>gzztr*G<Mw)4!ZQTSg~5dtAP5|3iNz5x<DN*$bMhfy_Ud4s21v
z+n8l<kjaHC(?ccYt$pp0eUQn;03H24j7(9;czrUEiR8c-tMN!z&hgl}5yM#jHdy4a
zE7PYTPZoG2!IY1zorHOneHcrC2JP=|ikdntCh#!$uy7OvQodzz6dX7tJm*9|){2dE
zqu_C;X6e2dUx%?P14T|%P%e1wdl0*|X=!&s7TtLD5W=h%;1p0M!rz53mbbErFlMjk
z{24MJdChdf$3v@ibj&EmB6MZt`SWz?2P8QNYYFH;#i|gGb0-Wf_BG2dPoEo@F(WnA
zdAFPi|Cg}&Ll(Dkk!2+Xj*!G`H%=;5F$gZCD8{eiYqwPTbBJsNQ<{wS_kNaM@V$oy
zJ=7L^g38IL55Mu`eiNa2q7Xh#3WNqi4?W%@qB;zS^wG2H&w`DRIi+GX8^>&`y`PPH
zdQmBYQB^v*5IJRV;=i(Pae;L`SZXZtfTut&=>-;&j;vb!&!_hmlYs3u43C#>xzjDp
z)tO+$evVaJ-m;4}BS)$+;h0ovrsA=e&swl5A$*+P`BI;k-Ck=2$wp0h{`3bYN8ukq
zorTP12%%_5uQOiDv7R8LX*6~=!GO^KMsWbTgh$>g`dwS~=DK<zB1G8*=_v|g51y}2
z+JzE60*p56NQlyNcKq*)GjPR_-zqT~U!M1VB_kfL&*OoA@Vefu-*(^nE<!zQ@B0%e
z?~~k|is>?fh1Coc=|L<>@@0)~`#;%Bb2Q##S!y;r>Vfnl&C$tP`pBaR7tk>NRGcfF
zpqEjW;)gh-lruoZCmF>d+Wr{1wetxRsCA~2(lSLtt)Pb)rpDJE?47KhMd|0f=lD-M
z-*4N67;c_<knLGM&{}G<kn&^V(z&t}Y4=9h-5VM?*)4um<e$^{WrXe*$~VRXTjGsN
zB>|Y#rb~%5UkMD}zZlQt;zh8NMSu-MFNf@PHB{-=+T#kz{zuurPddxsfYh7nsISGX
zZ+6%u#pF_f)+Ny>0Xx<d$Nh@j<Yw^A{Z{7l<R?bKD~-<8Ui$kn?I-NQ+s$cT8Hp(T
zELG~}8&)6sgiz!CB0Ko}8LD+e<`_K2D^_+aM^U-VLlBmky%ALA28rR&l?kXq+1ede
z1J6yKqUK0te~=_+N-}uR4nf};J#-HqJilZEpON_)ViXD2ThDXmJe&HXCc+EJ#cSPa
zOdnmOgL3WCwpYqh%urDOZV>2DtW7By_e0M%+o-ab(2g_)0Q)<$oQ?dQw5jBjyl1I1
z9*~Tag#s;0BjK3Ymn4^qVKt+H=;l`o+(?_{t4hC9_%n<uy&iziS!37WjWy4}4~CeT
zE_i|^s>kEu(~?I1&wF$H^vQ|9uXeYpOIg5z3vEIM)R$6RlWHQ9P8rfMh`bJveKAfM
zejplQwyH9_%l!<iKkb6ANOGfIL778%r!9psIgWacG;}Ac`{U^Taq3N;)XtlCRNFuO
zn6&9sS^5Ux?`e4xtWn@Wd7m`tY9SORs?fdFRr}#0g<sKk5^7O>A(mY|av_QL<ZQW9
zgwDM}&2yrx9%w+JvB6mWK(Z{(1v5%Ja<$5Jn3Ub#^0hT~0(SB37PL@_QAD=a{@0oK
zj}>&^Q_`d`Q^iCnA&}{5IJ|Mh^izxYIj$C|Tx&yAW%z8zUd$B+Wc?uFRO2<kN>?)i
z2z<n*e3>6IU3IZesjYfp2Fi$rDM||K{h(c+cm!&;o9ok{SY~3-3A@P|$i@bJ+3e+^
zY`#%c{Sk<&tUOB}avP!gva#b?A)d*giII!aA|C-#uhu@zm%H-_>>zpjAyho)FXc&@
z@*?>1qP372Dg5c@{reVtLkoK93ctlHBnKa{K`B2giL*jD9rG#3y6}HP9Vf+bGK*R6
z4LAx!Sy&GK8-;NF#avHDE(-cEEGL1_19`~)WqFkSrX|`9k0Eix^%{X9k4HRKm)H{@
z&e^mBcFkXQHl#r?4sq)I7M7L<_(!#P|Mje3bfgm=%u}mdZ&>Sxoc4qoKu>lN(;lr(
zuAa_rH)s2A8(JIWS}M4^e=vC){zr>ST?j%G*9;qMp?u&5^KwJ=VBHz*f>w%{)SCVw
z0+e732%eTed@mCsm+LoUQb2lw0jAKBkbF^SyxhY`F2t~i0@R+60M3&mDQN)huZQBY
zBy?DAcRG;S@b;Z|zg?5zOJV=P8?~B&Ss+<acDDiH5%k1&$^rIRdGRS5|DuDew&S-$
zzO5s-sV9{%fd=H|2PFJN(E)ZuLj(PVa}Fe(cqRO=cM7>)3X*`LX~8&Nqe7C8e4>27
z;Ll9xDoI?ugs)pYHUrD;c?;24^=9lioaB%R6M=1Rl=>FXr#&zOSJ>s%F0d875o7-S
zfTT{-d+2^K3^*o?;lsmy-%Y*2|8TLrwlRjT;Xi%w9Yue&0fKPNDh?~=j|sv^x%G|9
zmkhr^*ASM~QXDxA6}6`+|4_Mk&_@PbaMJ=;qQa7#G6%PgBsbcs=*x~p9Afx*6(Q<{
zEKxkGNH|fJDlAjV2vrj&8mbm8K%iZia!a)Ef*}<J|GVUF1_-#le1~0Lk=K=XsK!=~
zbP$_u##<LvyGAH)4C5Knjb<^=5}0tS!ILV$DJ(xNQ;aaE^=q(F<c}jOU<bY8bk4&@
z!p+c?Nz9LGJAOXPJk+v^+2R$iBWzOvB~h^VPd#jX=cC#^cL#2#AJcyQqYbXkE2IEL
zO=|qF9b;?TT+x}3{-}J)49~@Qnyy|y_#>A9W2Zd|HN2bxE|;vn>6auqYq!IYfL-D&
zLjo^2M2zyrmWT#0;KPbUAf0d`Ovm+`6PTl>5yE<LS>&*2Ug9et5{J_BhOi}P6ICnV
z-124<&DL#Mdwv#Q$MZgi=ZmgPGZO!siMfwjR2RqF?&tOK^z`<2#CF@unVa(`9nbqU
zKKU*BZ6$O7f9!20o-Zb*`_xiHCl<`OP)fQrEv?EIP~S&>Wy@;T`+9<N1lwX?&AvgD
z@99tFsPyT<o)Ag1oi0{~RgwaY+xkIQnP_Q{H@A;8v#+i<Ki({+5fh$J6mRR@E)Q;(
z$V8tYFLGk=>_RiqIVB=bFVBEO1^#UKdqhD1x^akdXiMS7LFW~f6NsV;PZq~zuiXyU
z?$i3cYu*BtU=n5kq~Aq?RkI!w3s1ju4kN-iG1Hfj((e+HOQNng_4Y=uM9yGHN=?rf
zmVJ~UZYe9rU`a_JMd|Q^ew7R<a+nBRqx4#UZAAF{hg=^rJ^zMj(t}p|uF0{PrIubo
z@}Qff%eDC31o+vo&6XKUqa^rb2=rQ=yhMZTw4*ti;1vAbno?Fsu5@khvx&NS?C#}|
z2vf11b9f{(LHj@`Ea8psB`f0V)EFCzAFYve8R80L%tQGPxzPd@8OqmUE>wSSgqR%?
zL#H{C)tbcB{logfH8)nj*xo?+fbu^YIt4J>&pxt1;jod4p4*KTX$bMWMsDn>C>lYM
zP7pF)4DE}-AY{M!=;Re=TvG~5i6bQS*$A2^b`v9M21<rismM;*YNgG!%f|U3>G46C
zPb#s*cM)Tpf0syo4V6`x+1Qv}e@=<X8M?=;QMArUHJm-C0$Sl2Gm_O=4lt!Tq6w!K
z0+<AqlGH<>+^i$E83<TQ)~L5f4V}c7g>VWYhlo`fiJqJjO?g{~0r;H!b<ALeC<<?p
z3LQ^)0(kU!c4b=mOl``nP;K#}w0wcYGAJ^9cRnB(+6l%;&S)a%4lBdQh!vdiq6Z{X
ztE?KdJ)fY?kJKox^URokTW^m6mh;1iQno6oYRsJz)k$0ZYg0uy%reFlN1Sp@uo$A)
zAn246BEV4|gvY51CjbMbf$`PSPcae71uafj-oc8<BP1+=X)(oG9(c{-i(K?DORxic
zQ-~0h3i(p>HuO^#l0!98$~|thLLW^a&scj0_yo&PGx6*3+y26~$6u`R$y9P<nA1%m
z^)3Ga={Y@^sLO|MBN7ioWksFlOmOq&BS742q*ubZ9^m1W1fQqpAays{2A&LHWd4~X
z3#>3xWXi9!X|6B^W`+UM42LaJiW9Q03qS9RE`L>LB;^+EYZC|sCj}Sf1j{Bv=3y{K
z^<!#tYOnzQI|Xg#E0PfSh#|kU!&`}$LFn$yZH+fUpMXQ|Us0&~N?q6(Igc<+b{Yzf
z4;O<dKZe+TbjkON0-S3q<52as8ju_ms|;4cw~n6+Dz^f5g1J*jPvWYy!h_@JDHs<S
z6yiUEeng=gn`H_j9zV^<tb~|e9A_KAG)??L=req2HhR9o5EbghJB;;TzKwHh`!Wh5
zt1R161?JrJ_4eleh$yA5&;Qd#1}tY8u4Wg1li2OV>UR2%I(7W-U+n7XMw)WBfpi>c
zFsSVO$TgI&UP<l;_H5IC6gA37!P%!X+>j%O8=&OMUeb0@zlEjaLciNVe)LQ9UQk<7
z#EF@4$*PpUJ*s5BO1b^;&=#~pT7~)E^_#-gZn?U5@&iqi(IG9>JYu06F4pv9027qZ
z`*w)C;T*xwUyFvGv?leeX|vdsYGX+zrP~pbG<y-`%(<U9lw?p-mP+6>Xs22bRWUw;
z4ehMQdM+kHvS~%ta^Q1_H0D8l3@jO0d9C_b-uD(vKkjX-gRCI3OC?JlEZztH?4dtg
z&;ri+Kn$9egzM*0%_^u`GvCYN9Su=j5dklhmNr7*7O?OOSU81C37(`@hWQ+3nx!5@
z2S!!6KgUIYXHi};%6iRF1J$M;V7^}yx;!5fi&6{x{V>{@I@#Y2Pg|IOMTaua0}U$(
zI@u#Qn5uGaGjtQy#&K2NetB&d?qwJkBnqCg@7PmHr2zP!iCxE|;`pvUucVi3tvaL>
zS9n)3eF>eEOzCPx{-i->B!Z%YOhMwv8*i_cJW`1Ft8-{UbTHhoU$u5OqUlwBLP1CK
z;~`f<9-h|Zh!Sby+(nGAbhLZ_$&`qo%-)1iay}ooQ*`oXVMKTo*Xr)79>@*!3~HKu
zTVD(9ZeC`t3g3<sP#%kP%-q~Gh!0qTqU0#Sge}4$R7?;+2%9t6tdO#T@HAdwB|+s3
zh0u=NQG2uUHwQbOOGvNhN1#eTNlu?-75O=S-|o{qsXtfxB3uf~xb!I3l}g*dm&&LG
z84KEsofjH;rGB+qGz=zCjd)==pneH-&l`BtV?P795uCD-*XY+Cf>FrNWDft(@#p*d
z53gQIW%_y~EQxg2lnlC{2AG=?lzo|!l)dttjb>eoHk|GONIsl?+e0bNUfFsq#Wx?n
zy4OKCw;sB!Kmx0mF&htOaif6zU12vUHvnS%qYdsaQSoO=9=o~%$yQxjLdx-HFTa4X
zGEmtMQl}*fLTwu^WQ}d-R_FoX1=ustiTXa(#$wuTKcVsk%VYmz3j}Toj7eq!jIC7A
zZU95A5rq5WC=IE1=532lpOG*}EJi0R2x&!Vo2e+iGPel+(rE#fw^Bi@#iM*QPk9yn
zd+D!j`usn~{m6e#{CH*aNBK9yNBO3xIZ@{SB2Eh|VtCV-e#3o6c*=K)rssgE;SU&^
zP4x6i!k-}DxPvI{bS4U?K^KqEw6Y_gJ{P--m!tB&os!%bdnErQl7h1SsA9iyUv$?2
zIU$B%1fVlq+{_f>OZpH=zs2eg<D2!zCcP6*y>y%NgxrKky=a=e)fOUHH@`^zUL4bt
zd=#_ubQb74el?Txh)A6?E{*)#BdQ7pZq>=eB#NNYM1OmdKxo@nzrnTKtYJ->>zrh6
zm+($LZNG1skO%=WSfqsv#8m{&Blo|LPBZ!2lpaml86sn5oPYrI)s*>-3G}|!n4zz{
z@uj{a?(Q*cIuqD|g=CtNA6Am5+x0KYoe70eRDfLb0mcR3UnmpfHaLGY;zNcDH8meI
zHIrmoQ(5?BPys<g3#4qf9tr@0r<hqBp&2^8nPB$n_i!@drTD+<J&_;^Eu+@!J}}OA
zW`yJhRB@Ya^`E7@zlBJMDN0r2Z%lh{;UWwVz7J6|vJO<Jh#D5POqK~|WJ%N|?j9&6
z1ibW#s9LP`_ee8+-TKI%p6!Y(;MPi3^Ancl+^ab8N^~MVu;bP8APoJaZ*1SAs~tE6
zsc_HyB4hM--=aG==tK@fuXqJ-M*ukocD_WJu4*Z*IW_bO4sI~`2VY;21749Yl~Zk`
zIs1mM$S>EDIA(B|yMmjkKeuxfz@l$3hF`(JUcq%f{TTRrK3{=znz%&!!s>S+>bGF(
zH((!t@&tcTtXcUln$}?vxaJ0^T;S`Mhu*$I-an&wX<IMzzPn>(d;)1c**wJ=I@_Q)
zyP74&u3B57bk?KbboP9zPcMU)t4^X~Qt|>S1}7Ps8%QH6DZ0=T|Eza7SP5i@;tj8S
zqTK}(!r&?#PaljT7h6UO@+N2`E!*;Vo&$U}9|O_ZiM8QVMu9%lF-C#blQk5R52u;#
zU(wB+CnV44@t{5%rV#$Cu4{VhqVwGf40l*$87dv8$F4us%6X!M`(Sv6Q9&TeOi8ZB
zFc}HNN%<Mtmku(#hbP<q^a$`v^>|3`g-qXygl?;l2me@{EERAP5hG9$+KHe5g+lU2
zGfuIN`d$;$VPwa=75fP;y${366WhMDm@7iqv<uS-YaVG?X#o*J6;BgrjUW4areGUh
zeEQo?1HEBS7KDJdRqT{&BNuhLy!{SiE9lYv;f=hVa6F9`7J7zFvp=Bj4Wo@xEPsy#
zv#*k>|6%ddVnA~5n7s<7(78t~16Q=!`AoQXU5|j-)BEDw^*J=u&C#A%wMaFv2f<5P
z(a_sj6ru{o(_f(KD*}yfnk0&fJ`62I3@ejqhwhp#Md0Zx4rek_1nev$BPQTI2p0*L
zA%-o8AvvmCdNhniwMc-x$5?dvU68onOa|o{==a_+K8%iQMj!~=0J>Te9-10LrHH^R
z92JwQDXr^96quqSdyqJ>P!%8yHaZf;*-XZ*?75gI9d6UvFDPUu7Qb^7iq6}FzZvS}
z=P5!VuHtD;hEwy_^G}Jgszexsm%IDZ#Ki*bjIL|JCcBJ^kGEO~-7HEjDrF}LL_xxw
zZ|X9>i(22MJ+JV}Dy)RgY><oG0lM43FqWNouESSM&`^glR6{T}(M%u}cwa2-PPQ(;
zoXH=8leNLWy*qo*2&)^Ai_HW7@)euuY11o&h{sEnK+@`)a5z#o6H63dbz3}POUh;m
zO_Jl)a|#T(MIeeECO05NP=qX;`n?AfJAiwmdQB|YT9kk&>kA>r!_|<K^pY!o4`|5t
z1d@bfON&)QP_y$@wQ@JN9KD+wTkV&w;i_m`e~6On|K1<2E%b2zNXFuPl1b~8=Q7yk
zc+TywURAK`ddGW&1s7VSzp<@ZtA|^ID9T#$HH2o&b2bg>U|%~o3!?vVO&b!LsG-an
zcn+XE7Yj6eMEL^V%JcO@dRXx(Bj#ZuP}yOW&H}%jd3jH{Xqg>?p`uuX7!2DaCv3Dc
ze6gmz;&=>w_VObcIxs+F>lIPsJ46KI%K%>9e_GKhm-J-MXu7$uJ<3P`Az-=AMnfws
zN7T(v5)29qXV#qaqjdQhMSb>Uk-0XQ>$=b!_n0M1;J~{|-X?S7V7}CrrK%cB_?84P
z0Do!WpH7BFqLbN)`@2ePYlGbafegX6(;Ao2OE0{gDPT8*jA!O-pnegVn^k?b+fb{&
z70l1=DYw&|iEF7hJG6IBbt!o#yhplX+Q1k3Sh_UQcxrhYYD4mMOGB=iLPWjAmzsiI
ze`cg-zwl2f6z5ByaSf+s0~Dl>e9Q2#EfTR}_c@G&Ga!S2T{m%2%p49$-@LCZh32#M
zQKt0k?%Yu89V3-zxG2{C?EkNhpsg?s7rD;ZMM>fx%)1W%7xfZNPvadW*<$#gu_Fib
zVE)7J+h%}zxb<<1{=Y1ozrGvH9^N~XC`nuF|9{T^a<p(Q3@m}fKk^z4GiF%j6B=)?
zrD)A}M?kr?%p(WH*StWDd!I-zz)w5F_Fo#k|K0Lmh)Ry$f}sfog~WTc|6Za%sgcVb
zZ@o4(yTGxNH%b~MZ+8$5f$g6_CnFy>OiIj*l;#VIY3}vAUy9|Xj`TI%c2r!hx0E-+
z9$2_g3LSk?42>YaU8XJ}Qijc0Bv!qtY<;B^K7E6j|558o-2!>G2YS2Yj5uLBBSb!4
z9uZ#1y6YrEHAjGMP!x&EWjF@n;o7F&v*J%xiQ%TlJtA4sAkkrM4h88T#w`BgX)fOQ
zfyoX9iC@2i?-O2HjLBN)&?Tg6F+SH}^ox~#O-Kphhry^l7;U|!{1f&k6SYEz9s=#w
zVZcrX*>$r-eK^rhvA3Auu-me`h&1k`sQ)2KY7SJ0kZ2mnUds{aTiLR**>nS&7GV$1
z+Ss>tiR3<=E_yc;Q78=w+na(hTjwm$oD0`(Y50Td;4`ZuCY}SY2hm1himP8%6f-EN
zMK9~Xm@(Ue15TT|Afr(E#JVvBntKRaj=#2?ok+(p!`vt=<IrVYY1IYMIwAZQ@YRY7
zuDlP|h8Q|xB0A+@cE}u1zr%hdb0tVpHY(yjO=!>455+nN#@Y*{s#g@IM?2dC=llLR
zaCjOyFo2&U^Zor$63Q#R7s`w8ZU5N!b+AxS@ayPte^`3D{517=+!IwfW<A!$hx7e=
z!Yc~I&hfsVxNXketFe5zShLsINeAy8>gWZYfi&$tmIN6B9)j138M7u>I&RxvEq^&w
zU&l(6{Vj95I81-7SH5(16Im9M5qK=;9VjvASl)PDC=3}J|M+jd*$LLOg<uGna$&LU
zTtlOR?CTlEbg%)p)m+DD76tQqbTC*XAcD0@Wfq!&-hjDH5<>jyFYk5*mSG<RW!}c<
zVV421^%;}>tdzDJ#r_s#N>Y)N^a7HpPkp}R;J^2Is~A>-P7S~&<icT=@zR_xw@ayg
zFhAm|Cd7*|bC*cgdeWUsRCGQ6Eug4YI}s<{bDQ#+tq8LX6J|r_E|$IgyjxcwXUeJp
z!pE~fc^!7;0(Y0zZNKf`{~IhTwoylMP-Q=@yB>y5qN4`<NKg5?Ue<xenL7~-3oKpN
z-2IqLaqx|}BkCa_>M5Ad$>^K|?KK!46OC+}?{=hC0Q(xbB_p@*EF69%h4$(FnitF3
z>a*0#sv)vT^FsoHp^vP?!ZA~+9m!`NA}r8jAXcy9#d5$0;b`~BRM~@JZzbs(cMj&T
zmYOA`sIPF3{Y4K-%=l+Pl+1m`kn}DjGLv6zLrPZ~SkWIFnf}oSXARsI=a<16^bRG>
zCd|U<B$IEgZ$fUi6+<2|C@1S1TRGXDdh$5)Mz8>rEHr<CGYQOsi_jqxtSz`MnFPR!
z@Wc}o<eJzIq~bedNPQB|b(wW7X1&1??)ne&pWX;uIRK|2jRw!KK>~vQj^jYeDa%E-
z@N7eFwCzT<-0cu+A4Jg|@n`rKjDSDSHVZ>d{L3gv6z^Ne@Xu+j^4E>$d?HZ9tgT7U
zwakboW>1Bj<_idOMa^>I^HW6RO3WxT&nwfFbG=rprKF}eE_M>%1CTs;Si0Br59R?p
z>A4DqUbLNdH&NsO+`8(tDyKc@p>z0%{7w*xgrObiJ6^7A+B&XuA$PTw7|kgawhQtf
zU4e7{+3(?-i2-P-6GHv;DL8x}YP~ltY0$0qX?;I>Jo*<Y=`@CFU&TUcPE>Z;;mr__
zmu#pveuQ$V@=H0O;6v%DjTw?~3jBvV83sv9&nz87?$*U%>kHkVzUWMx!cCv#G60`T
z(ddRk*M=F+sZGJ|Ir4ZU1&A>W{HkT0d1m2RKNBpbU`Jg>>Bs)@ZP#Gw)JZM-**qhm
zv5xmo>Ku21!8DHB3}Cp4Z4J%$P8=;!WYPzt*sv*<*(6S5&5hMnfW0Yx_FrxLl-J%(
zS7J*Qy9)i>%-_2S6M25MDOPVlO@u;S(};la{V{C+I7~A3*;1iH<QmXvBk<(#Iw>_5
zS6vEZ(Ff)muK`Ik{AA58e}(?m`h<dSEG2U!F8*OC)K$(@nYrAl`9VSU1lgjE+4K(!
zKmK{6qCXQZ3A!6akEx)2=Ci3PdQA)*YB5K!;#0Jh0jh0){9~?)op9Q`CwIVgBZHBF
z`0^J`++5@$Y#tcRAYY$s-V^mxoYPAc<=G-k$6mI7=c!q#!o)H3WP6(nXqA7Smx{Q`
zVL-Z+w^puHH+pBCk%>8zbs=@09ddC2FDfEav1A)Tpr8;H4S<s!T_lV`yedTGzEyVO
zsyO9G#`0L*0_{lLqogdhIycJGmVO>{PPD4>QF)E7bUWx`yUZpz*h1?0b5UQFp!ty!
zkWxU5d!dNmgZuVQ>v#MF`6?u*ABUnuDxuNMHJE>1Xo%Uys)iR-PZ9m4QD61Q`_LKy
zoX0blS&uS}JiyIU+J?{nVysFzcK(H^fD%L%4H{Ee4ZOFOa*5c{>AVDeL%}^~#{;zC
z=XDv1_BPR6(PX>rD-W<!M?ep`#UUDwr%FuT;oHUpv(`{1TeY~@7T&JXiQ8Dt26Ux#
zx@zIS*{u4Ko3JHD3=BJJ@gzy<7Avvu6!(UyKNi|Usrde90AaOs>f37%t~>|Fu;IGd
zMK@s79GC>Qc#Dw!btPW*w}zbZM#^EFj&XE}y)y!-MbNIE1c}*sIciidGZL&C$2F{h
zPq!A5kqD53noiQan^Bw^B2gs%(mW7hD0iC-fGZo3jK~s+?4wPaT&pL~bT0;rFBfJ;
z+{BPj+RkZJhz`OyR4De&N)7FsGaE56b|0;X-%H6d06er(ydr#x*&pePzN!r7b~}sN
z++<4&*={n{R9aqyLOdbpWJt=c$^vd5@Of$7-{f2b28IW0eGMciI5j9F`A<0w^3{*f
zI1?Xab9(rPz`#jy-a7B2EOUaFP2#8z<22rH4|F>)=aGTX@Md_Yk0TED8Mo<OS9-+r
zQL#x3DfDT*Q8x*$m9p@UE*5c}_cj8dRMpb9^aqV%*wcuO{oH0dK7_v^ummt#*PtpD
zhJVFO7|^bwJLx&L00|nt%n+&vOj^uo=(=gl0qXnv<M=4%5?5?)fQbvA05DQ*YrcA2
zCs{}=CP8LCf1AdJtIG$o4GXyos#`pKetJVzH=cXy2aS`z!;P<a3hjfwhv!*5%>LaU
zZJ}ciD&r3WOWeW4T*5ph`9fPGkYgRYf_|U|W?Fp6Hbd=v(?Y0hN$s)V9`cJMiI7%j
zaK~3Z@_Z;yEI{_QMlqH=tDt1tjeV(lwtkNo7%yj>sFuRl1NOml?ctd#Vg%Xhf0=Xg
zbq+~0m$$&bv`d%tB6(y$8Cp}G)6K@YN?P%DbYAzuZN&X|BCvY{QNo_gfZ~!jLY-d2
z*25p#Rb@|-Kywr>{2Z>s-%7_~td6<}l0l=WYyl_5P^JP1uJ0ihR5nx`FuMu1z$$?M
zw9PhkEg$S?893r>j=EUI(a{&&a-AM;{i3S12%!NPKM)b=qump#U|=8wIf%KJh0%oJ
zvs<}+3Lx>UHVfYEf5<fPIIRzH346itTljy?rGQ$?6yL1Tf3JcRWPZA=uN}1=EJS(D
z@$c|aX2t<xv8q;acx`ZJ`+Y`K(W$R|G0uk}GU{pp{4k(8sW`~z2WJ&ObIh*GR8q1@
ziDF!g3I;PX-qs1vYpeIwN_Wv~kbX_Y(8<o5bLvI|cK$uSSe`=!(HyHvFyss)%$lSZ
zTn%9EKm$<zAMvd!BOM6-9dIa7pvRY-Vf)4EzdI*Vpf*Ru=4nG^iC*Ljj24MxRlB+8
zA2DG6ujOz3fb4&aWs!hOPZ@`G|J-6fFFYoc?pA)F4-23eoKf#hP}K|=6*&A!(v*)f
zP+dvTv3qTS^_r%mL8qA;;zw=nGO5TxI9vj%*@pd7vFxl0`OD>GQYne72w_lD;~afV
za9nSIHuY#`snObw-PqLqUr-s7Qh+>o$O0CogeWQ-<z%Fq6<E6k%_JFI*4lQgW><|(
zFYA#v=jtY8Rum0Wv+5?MuN@6jac!ftUG#oseR$Ql#53goJkuB*m%q06U)%32!;$}9
z3tyAJA@HX+&2Eps2G`$!VH!?O!^`>wMjzk(sb8n{|JnX8$$yg=UDnLqi&?A5i?W!n
z4J3kBcYinzP^Tt_^1(%!_=9S$K`0lMdz-z*gm49!6RsOV{hr}!S%}ds#vlpvYQY3g
zY;~2>=Kmk|?kUKUsBIf`*+!Rb+qP}nuIjRF+tp>;wr#7+wlVd-|2H!+IGVGG=!1>S
zoskhcVq@i6&vidluN|1AUGE!c0}xIg6YV;IIGLL%X$H@nW33l-Yx=B&8V18*O5LRa
z_6-~aFt-8fp_rlx^(LYSs!(JVwu-krAfuVE)kGqfc7;eF$EF3KV+<_0{OpLGWP>bp
zOd^qIf5nj?6xq1z*V)5_%LXK4r}W-pCTU|EF5B}*<j*+i7Keq0*A&wPDU*zo9#)U1
zU}R``UVKzO)7DU>I*d~Sh;_-sJtp86k?C_qDUwyW5=J1X#6EU+x4H-BTt~9eMNLeN
za3A^ps>oFWKa@`_dp9w5R?_x65CwFkbXm*6WJz9Ax&(j-8yHtPWD*NUg0{L7Rlsk*
z@4Iu~!Nw!eja81!Zx?k2)OGQ~@TXSJ!BOR7p7;4%kG8j^%aPP<L6xKU1BY<x@Q_Kb
zx%|2kU>b(*a_F_n%Mhz=1TSaUngk_*Zp=f-0R@yBDfWV5Jp!i)_j}c9>aQvYHD3j#
zRHz53(2NLrU}@)<f+(y9dODW-{!(M!F~3@eRDh0-pvqFoOhas5Gy^FFI}>A*6w8F<
zKac%_b$j|S-A2KYRjlW|owiB1J!~v`Ug(MhZOJqDs&Z4Kf~b0_DtlfIFxZ3X`&qp-
ztsJglHXVpbPPjNaZQL&D#&OPTDUFRTa#A{A{k5eD%>sK)Dk7Wf9o%3YlbC7sl|gr?
z<w6UBHq~aPuJoufX8R_2xUw+*GVfudQ|h=8l96RJA?$H#?=*K1vwTJ_Bs{ZH%Kzos
z5nd~z-&Hk}>+{9tB!hr<Vkbv{tAdLa0K%-oG>L7NzFZ$5syei{yMge&?N+rf&#qb6
z+5IIj5xu3XAdx^5BNHNARE7h9%vrk#tElJ_xv-Vl^AntMbU>o9uzKVa&6br+Qh-#B
zKgE=@nYZ|*@VM+=mRWMyR#C(^AbKJe6B$rn6rPIqvMk-A)&q==xkKRUZl^;7yUVM(
zU0?l1(sBv<VGYy(zLY2E3?|kjI$-pG+XuTP^gf)Hmof~cA&12h1w}}loRQ=UP6iV_
z2Q*PB;{vZIE6q0k7Uh9^279zB1TE<Vm}hLhnVoaH*bS1poTOocIKRJtQy_5@C-te*
zReY4a+*3x|<X(PU`s|x*00eBuxM{$ZOd4tfae6*$iLm;qy#++&EN8O?<qh_Wp3}{t
zHuc^57nPfTYF{^ymesb;l3dwRKi&t<<c>cm+AlDPb07fugnss;P0{vh-acJWh^>9t
z{(w~KY)ohYlWO+{mQ$%|@g*q+fTlGYWSF|7KV}PNa=y^>Pz`H@RjH^JEYGHN_l`|o
z;FFip0@^jobk0M(dup1H#LgAfz1?^L;)O+$bk7f^RRJ!8jsxLc^;vv3PnlM>ac$in
zxJ$6qtKB<-5FaFb?g4O9iQuGbln4-b?wc;J$F3rIc`K^*+Wt+ncEoAjT@VorGGB{b
zXnF~#y2#?-1sK2jv?+(?k~Oe0QlSu=ivt?6=!5ZLTyhY5_%8ojGX#w1Kz=<@*u4Ij
zI?u9wr?%%!&Daa#j9sS{$cvX3ZY$&Q%e^cwRTY4-O{!jT{*m`YC<;c!VR1)3sGcL5
z&Vo$!r}HjfT*qk~jm<(w$+jsYU)&E@yT)!BuOGX<3^LD8*G8<t@dsvndM;so&bB))
zd(2ULmMBs_({dZW?*~D>^!cr&V5SRun!ek%yeXB)bG4sP7`Ran>doDUvd$;tG%jm~
z=3mCm5n56N?OK=6%vPku7#hF^lRZtF=lT3xa!pG|+he)0=G3F%_L%Z`hcxw!3PzA#
zixMF`YV<jl#9z~hLbVwZ@2FCqw8LnpIjk4wBvAY%R`x({TW&%uGq1%@nsLECSNWR-
zXMv?j<Ca~ftGN~;)lwuazqlCdBN6&7w|ZO3Dne$dt|MA)9Sa2NZ+09iL}rlQh?Hb%
z^_Hj^@}&HD{DD0}O)LFYB{`F>EW6^d4o&$~d1u9AjVxnjm@?TnZTPBuGj|^-&ue1B
zsTa@)Yagi1DLDFYhuSdCPJUVAUUsMp?)d8#(E*Bgn}c!*EC;&l%!VOs^~|7L<#5y)
zq)_RD)0JbBUzXj+7xvpG=oo8QYWX;KDkR$_zisv_;Yec%4^f<yh9C;)ZuS>gsI;c7
zV`X&eL`8*()0?FKo$59{8pw`04{Sp;?EW9iAu0J*eBef4k+|GW^k5Q~cOQRXjx~`;
z+0V9AaaUwzr;uy$Y1CKUiOuUMt%_jqX2axADc$9y%YFlVmH5`jhAM4gIY5lI9t7>%
zATwA(_25=@niY|A!;qhefJ8X9(&dL2AcbaPB#8V$_jtsGwx3FB=?zHQ=+Lmp_Bfqk
zJF;vjcM3>jaS8L<YwRx)m0G%DGU@oe!8vm-z-d3zG2z|(>|CHKYS5ru_YLS~jHn33
zYEq|4R}M1CS>c9yYNC*2=M9Uez#JJu)9J|*%b!^)nw_ukQ=0P0jqUueS3dJkueUX`
zg%X;vx=&*JJ`urrI`{Ur{BMF;Cyt;7eAv~(&A%=PKD&&Xrd}}{{nx!^dq`=-pYXFK
z2^Q&s2owS}Ka0f)c^q<VA&bh7to|Rr;|DyPicc^jNfhRR0y)cBsS)x_-)2;za+e<&
ztVr~B9sOs>R^8J90K*lc%G%7c%@&7UbLDcss~#82n@>Z(J>L45xxVjX7jk2}YrSXS
zdtPsj2GsDX`LcY|aOUV@x?k?hTlU=HS)6`yx(SA)`XU1gU2?BnKRWEau+25v`yxo;
z+}yQ(iCXfX5ut)us$vQHX;~zRL}N{*k_&N+351st!Jb2iO$BZX(Qi#nPwupY{}w)#
zSWWt5%TgE`V#v5{{K7C?jH0Ji7-OU%hj|4{mI-Aa6cHT4K;U?&foZ*x@!b(^6b$-%
z|Gg0r@LA{Yy=P|YQ}gK0<5#?Ry%U(XI11uM)HG??rb;H+*vrh7qr&9QhmN}5niGr7
zd(lTOZ#UN!^YvPQ`$;lAW)(K$Mvi1HP(Jr3`o3lU7Z#af0dVVxrb9lcDc0VoCh2l8
z4h=q$gxI^9rV!|rKgWh2A1`)*{M{e%!eDV#(=`V^>J^LkFLC3*1H1^44P;MZ=Jn6X
z?i+LPJF#GK%n1{JWFV*LVSI=?4$)QCiBe)Y^RtRp-5Dk&_vJGL8%JP>u;sm{ZuhL~
z*tz$&mtDO#fSm!Co}K`<nO>kZQkqqxoc!Zxjyw_r;YC?q0VG=f6I2t?LN&$i=(Q!Y
zyXwi&_cx;4^w`}fh^Bkk7n@KGr}F}y+?P!+L)d0LVhJ$5MjJ{!fV&Uh8pJkW6~MC*
z5$^-CVmtH93;A4z#j9YU<+qX!+2o0Suf9$H4q_^$gl;5mKDN;m<mK>BgzKUnC;c^e
z;R1HEV}BB|g<&UJoj+6R27%lFO*-gO)G<vVO3oKrC8}!`n%aOOUI53>0NmnVPOh^V
z)a#F<(}aaK!dlBrk@4Ugqb_V^wgA^i5F4s`h$p`&FE0;0ONuRZQdc#ls`gB2XJM!-
z^)u!pqQc>R=**)|nd{ocRXDLA9<p+kg-InvymH)P)^fqDX8{Zkz&$sBXCHUPG~5c8
zGEe*`6)x;<APc-*tVgRi@`xsVIab*^WKRPOfDaEX>uDem^bV+!aHT`V0f6Z<+DSu6
z$Hta4r9J;_R;iXCdadX+ku%0E+R2!i++pHY>)kl{L(M=59$d7_$wI-@9NN-M%l1s!
z^Zocc$Fon$*Y)8X8gR7u<ptgEW8IB3H983XTQJP)JU6jNNOJLQeGOEJCYjDlnCL7+
z`IRKuQgpKt>Rz-k==Q?Ng4A84zz}Lk^wLwqb5&-MDO#xns(8L$ra5VXP?2t@_v35g
ztBq0BmBu2Bd~dRiY8UcuyR{YBj&{bjbQF^bi+<2O$Bdim(nZrcCD`pTE|=4Bc>W42
zSxg){binU!XIh(*P`|09Y?@`Vz!cP|kCR9hD+=$WE|Q;Nykiu8LMq{@L_w23T$4T|
zAe}l%1$ZHd^6WlREp1EDx`za?RE||jeeuE5AXuujZJDMFbv%1nF^ODzy_@5Bl<qqa
zPsjDyR<Rh(SGKpC+39ot@cJuAhWfEn^KPZc_SG>|PDt))#T|Q{U_4~ismEDgAEQp8
zw<3;c$+N3HJ8T<~d;DJWdfrCx)s$0lVD7TGb}ZdOm{J_&idtOMU*-F>W~b*Va)cVd
zNr**0w)Aji?OhW0oiN!Gl*ft`wvOEMk|&Ptj{NUa{!7vw-@t2p;GUG&ifkc|X3+*#
z-OL;>JelFB1i&bF&puYH(sEvdzf{t_`e^N^*$rNs&`|DnSjFinlS|ss<_0G3aA7GC
z83%^sbKFf!@l=i%Ydw+@g*mQy&p9mcS)8bb28F+Axe0K5jEqFAo8%klaGVndQ1RcO
zVIMXz97~E+vi!*x1Gt?#=PS{MJi_~A0Tr#%n-~<{_-Ho=EsM3;nSP<fOSt8v!Vnf|
z-U53K*;24F^XCtMO4w|~7@;{Eu)U#YTi$S(x=9FI)z+>d_S84^@e1(Qb3e1m-V0hG
z1({h!bib=_9PMH4KQ02|OrU2ouB&!2>~r^^5@4ONERNS{JzaLJsA^RhHS%nxs-Qlw
z)*Jhqmw858fPvJ(84y6mBSAxGI<ZP5*%OH8Ke%r2<DN}Orz@jJKvQGR5zto0S$c4i
zQH|p>9tF?@cN@gGHey@CCsem8mtYJrqMN8Dhd5gJzo{r4Ul}%=wB}#<{`sXafm8uP
zY#w6jpSGw{<2rkVxt|nUv*kD&Vb*M%EQRp9{c;F~w5kVYvo*W6k!Hj+Q%H-J4zj8)
z>ivXxNjX2Lwq|QVWfe8&p2gp}sBAdcv)EK*&?A(v(jwOKkSt71$vJ`e;0*w?_lj3C
z&v7SQ4#B1(%~`I@s=_p@n;{V!EfK5UV(oj`?iz?bcjES`p`x8YceMSs3Kn+02HPCd
zWc_66ElFk$(0w<$c)H$NW=nB1`OC$jXP#AAh#8#M;O%G@bkL~1{8bgb&_;03AZq*|
zU>ne@iXZ0`vZWUUXJG>mIRJ`rrOtqvG$kpmb|Lj=O3IHBJkKrHq)1t~bKY_OS-Hyk
zxQ|sfL~6*X(ma2yua}>#-B>$LvZ~W@y6C0Xb--(lHRyR7I0Y2uOGYZHLED|zF9M-o
zS?2F;^ec^7RT-%~1K4U?Q@F<|KbOxR+Y0#>9h+?%kh84|Y&tEJfFl+TD^f*t-_?AB
z;B{N)m5BKb8Q^TczaVcMDF=eSd!G&_Pr7e+N!oj?*1)M*bM)2vP*_ttlT=oO#D_3Z
zM~dl&tU1Jn{l^<e>q%bQf`8d)XJP-g&@OKDyYNnH(x)f7cxWG&Dr18Ekyq=J{?+`<
zW2k*`Aucv;eh3Gc*_nBu>I^GVC}?6J#n&|54qKOnaP0BG63MZQH;_k+Os%!y_gqV^
zepNYHU#&?gLkiidmZWhMmhkr(yeZ4uJ_?S!z|yeU!|=Bg;kvXaW({0(uGPa~_g#K4
zu<>fQ6OdH`nQy?i?1MF#X|s*nIbo7gKK+#DL6S@090<?a)-fb!aJvPKZ!58l!Z`Bp
zy4C|r(lF~tqF9a=s-Gs*=w}oS?QLY#Y@d+7ViE~VJi%0C$hst-JwpFjQ(SaJ7N{%o
zIPBvXyhElWgpJh~Qq+MzlW8EvL4Jr1q?&plPm{XMtC|qVqWexEXW4WBQ=gghPEH(_
zBUWxJz%UU(6+&n^4KZ<(5;tl0UK>Nuh?h@w#PZ|Xtn-?;*j(=*c-@uQ>WIXix6ti$
z^Osmya#g1!P>)ycqqOGjU@*Ex*^*1eDo8BQU1{J@#)YrNX*Vre9U2cgWxychvuISX
zJJ3J8=ifG3Nf<M;DIK-kK2PJyGv#2C0w3YgoZ5>6TRgavEF7Zz0acL4nB6ofX#cK}
zSU6Gf`a}_t%WCrJ9nUcGB2fB0&RR^av~jvoTvZG}pESyr1=nyC0UJ39!D>pTW?Tbm
zNR!CZ7+UdHDn_LdBQmpO-_ozpTm(dbL+;eDU`3H(hqGNu$PSGIn^}p<D)0a*l4e|=
z30JATR2g;D=x-$~nKV?s^4ow^MqXAJ$>OPmDy`+jlSlwFae1fmX3T}Uk$;6GiOTsv
zKqtSi==FwMJ7kQzRRGg^jp_a0JJ)PSS3U3t3l+A;Qf7r~e*KVcMauCfNdy&@^neyl
zG$Cn_NRupq<6ULy32a6Un($Jr9yy!88zF*@vr0Vs7gJI_<MnzK%S#hE`PWw(=lJS}
z`W=&fLqL1w^@3!p?VgSJ31(JgJ8BJ10Z1kyWz<Gzc0piWV+p9HQsn7<QeEqEybM0n
z2`S+}*`uv@;S(KfQ3c4fZd%4b>E84tb{lb<^ugD<_?#q44+qHCa&m8GS`gJG#yW(x
z?NOA3_8~bh^2I0GzF74$n|;nekCf@t=SE!1^Mt=FOrz~ubTxK%1>(6VQQaue)odO?
z2{}Ug??msxr)bD1RNeNsmXHhn%2>A?LpHY*n39nB)(^dtwR%KYYM{Omx=OIb+I_+>
z-`VQE-Jiu^g(>|WQ`y4p$>%LzacbFJk;I*SJ$&rIGqt0mtqEMrL;me2IVc}!D}7do
zWbh+H8YBO^*?Cfor0`=unsJl~b1;7gY!@L7lnOkXx+xnXu$%<Fj1(XRRTYp2L5o;Z
zDK>7^u;kxt6`<U3nVnzLAM{~WL_EeeDXUO&PSS3>vNUmRsDbwQCog*OblZHX<kslM
ziP!9=My4L8uAtS>PVZb6p{ogxERdRE2(|!El$Ci9gryvrG?xhiuOl{;G`H)xG_Vr7
z)v+a4bfKD;Qtt4B8QRGJocOGT>Adr#O8{7l-&h+^0EW%&myD<b;e$i{N$CRd<2+iR
zjzBXXWIfpLLh57+nu{{EQbfi(rGB(o)jm`NO*umR@gGYz>DplWd{HmDOT+UwU}!sW
zQ(Q<Flr3H6_Uw{DbFgb^>xpJ?`mJmmwK3~##6K7Q&LNtT%TB=6>CQnh*D?NGW!Gz$
zT;{?tKo~1f=J3TwN9dMrF(4aeIkqwWW(V9%&+KI9RyOh#P%|5ezc#>BknHC`{WV=U
z_3QTDicDcnMSO$=QHj8t(DBZ|%;9=-_I{t_kqQ?J+bxAKdhb=HGPq?U2RC&C5}=Mu
z`3A_HqIcE!SQv8p{wR@=|Cssv-QDA726o*Zc;)TYJS=``E|y^>2-t9c3qi0bZ08K(
zPGczDCL5Y!D%z!?$~UvVg-8t)?Q3_83kS}mycLvvT(!H7^%lFyb*hBSV$T|8poe8F
z8#v1IW@eZ-EAz3!D-h^_p*M}#`O8>;VT(Od&sZA2{u-B0uyZO>G_vD%1(Allg|*<w
z47Z>|xIdDSCrTen=82IF-jDj2B+c~}lttuV(D)lQ<7tc(#r2lp5`_sTvmcHbC?=CE
zEpnOIp+?Vgik0HkD*h6vf>*o<(5)WZ#d0r+o56VV&T)@I#6`1?ip>s5T_sxzJRx(%
zXTr4C6l>WmAAWR{o8X{*tY%?9MkEbM9%W6F3Z-ic^PC|L`=<<mBvx=>ly%V*#!7U{
zi_GJ$N)W5*m9#lC9+IQ(nbz@rOsCIgi_ht}*=?ZV2|ML-?@;3V;WSht`>)r_!eY`q
z*W3O{;QL64m{@2ipU?eK#rfLn%)`k*Y~`fgWDhU)m-w`A42a|Jhauai-y3fHHCAkb
z7{OC>opjgOcBSD)LsPhbOQE&-Ih&o$7#~nsqry2CQbugEm=>_{ly+*oMou3YmfgtU
zQwf&t<^*oGTxG)BZybOVhN4Q~mmwgPw6;;hfx9n(Sn$&5<oiH#<XtG~kqnw}xDV-R
zwy3dN;Q_VIxdv@Z@F&9FJ>Di2|A!H2kbSNkfP;CS0@kge@kLXXD40Z$2Drc`3qZ%%
zI-IR~&+=E9^)6tb7p7KhZfqigxvrNrA1_at%9f{UlTk^IsZHYk(|YEs;e6cqzih}t
zVdMB!8eu8(s(AJgOm;(4#c5W`u(yoIwe;f@*u{wBjwN%WEc8qy^k##iY?J-0tIcbE
zbD)cnUKW77J7Iv}6x?x*O`S|k4;h{WcHkHLz`*$}1T|aC7My<5t+k7vH?Q!RSDu44
zOHPq!L(hACw_qITWjKqVHwPs%iL?cd27n!6A^v1g+h6?(TA2VEtuh@STGf4qe1a$x
z-Yj<Qrc)pylbd0@C`R=lbV?~-=2RbeMRPI6N(`NlNlp?M`u3|rSQpyrHPeQC<%mpu
zjK+K^?-&e?#K{O4)*`~|M5;eLDHfuGA}U9YTt2@FB~mAVd{MY3){%)OM^9h{=zdc1
zWNZs|6@M4i&a<6Fl-ky4AUp?h6xftBC313#*kSzSA~LyKD-y?IVZ?78tie|^03hh(
zp|Q@X?vaQeJ2Nt)eU_!zDo^p@AxLgV{|ADo7#fw7al3(F=)@T(8at>RE;3_Rcsi`O
zSx`N+Hd}UifSNdmrvG#vvt$(wO#oI7M2}ImFRO0MU)nj{9BEGX6e$o0XoxBdJK~UN
zGEBBX&?P4i#atQE9`G})p#TXHYJ-}bkAgTcGFoa0F*MhN`}-8Y^hobRHcQxqo6)-e
z_y2-Gl+C7=76ND=kdme6CYLvN*=7^zfj>YWu6DxS^L!rv7WOBGf7NrpDt(f@h~VkP
zpn8wuNC;NCbxdmStI&k(vxHB52EQXPR>9Q~{_hOL>GOpKJxKvfZLavIHN;kD<$>ip
zEYLMG%4Hel3ieml12*U}6b^0{HufdDTfX$m==Hbly+k=|95Y=#Y~^e3BDGCba1$4^
z2oi}Cm;SwaO#Fd3q&7=n(2n33m4b_l<tEPm6Mu{)*6=p(kr)y$3zo+=kD3drGy`&m
zxLKU-St{Dz+0VY>sIU@}LQ(4FmH0`76cbP@h^`zMi`W;d4r5HSXY$*0j&{+cdvgsV
zBG!Vx8s)KY6YJXYVGuxBSw5ql9`cx%;4VKtUQp#Xk4A(X<im7U=e-xwQPBo6ZDs%9
zk3#(aSNu_G9dW!?JZ_aN{D<t#Nv@ya)kQ!ORS!8!@Q6M!VppHfiy6hH(+-AgvPhX*
zjEZZ>6e^16oP8&27z53fPTZinIJo0jswuF-^iid{V=*DVr&e4nPOUMAu_14Jzj=yb
z5-Sqyl}sV?bEtCa?6;_ArweFn{-2EDmH*-ofq|X+-N_JV04IrBVr2VZ5aQ;oB?-C-
zV9QJgxQF&~Z2e_~Py=&z9ubEz-mjCLqiS6_&kUQ+M1<gM%PFzHX1t>f>_KJ%rLxNW
zN4D(6`_&i?HXVQ~N=S7vLb(EB3O7C`Q_&~<ReJ`Sfq{*hj@LmuhRAN2@{gj!W13uF
zQ&Pb57_ZnBz1A3^Ix`P2UvH^BUQelI>BWIT813v`+@FVM9Zcde5gbe4BdP*!PCqrd
zntXdKJz+`7T$OiNSimKR*`~$GqUSt+ov0Pk0Rk?hu97eavWuj)%x%kkj5bU%+7)@H
zUy%P4a0dFbK=nz_W>L4|7gy(){onD&suj8MHv&aZzo1bZnKo!AM+icVn{`9Q23mhv
zVe9_b6u-)Gk!Z`{>TvapDOdn+_(aQ!Gx~4)*gW@lD>J;eb<LGVQmD&tox6Q(GPV}=
zLj9)xh-nK^A&St^q(X#Z7Vy8ME^rl;5(V|=ScwtYLP6C-c9mYuz0AP(r8Z*v0U`<c
zjL2`pCp+3ZT=vcl9V$KIEcv7zIcI3dM^E61q|^e81kVM`a|}MvyjYLw1f$9OU6XDT
zpZdBd_Ppw{oW1Yz4O&SlgTF2OlE}?u_Pf>a5ypx`e+o$&-WdoFAzv`Y`%ljKXCwt;
z9>*ngTbp4K=Z-uig3{5#B%^MZ3j(4lETx)1kU#A~Q>YfA12z>_u<VBy0s}ofnML%V
zviKtn))k2xITjMie%1__$)v^$xqd0Z&t>7Ui<eeP;y>yIxJCm3v9=KHJw~^@+jHx0
z_3G|&OPQa`8wBWedAMSE7`$l(!P&$PBpJII5rUv4`I88Z7KpiUoc;~!d4wjVns*=E
zwZTVkx8dpK;d(1Q`(MuE|Fj=A(f^elE~;$*;T_3*|MeelVU>~vvEz6JvE?RFyygF6
zKUADP`U=D6#2&ex6hQGDVsOosFjDJSfPuMWD&@lHFfsVRHXEyBw%h#LHv=Y|>T+_|
zR~9oE7IR}9uYbvd%2^Thm~FAC`qB0y2;B&petxDu7>(H#QhYN^z5vU-#4G9*zHYNk
zjofU-o%&2r<E5bFPd(*G@ItT*8}BfWgt{_YSMRV6jf6>f7r(hNc@;L<1FS?c841Um
zoD=rwLK3QRpLZEWzdwdBW~8=>szGkuE+_YN+2+Cxmg*saaTS9JDghm0F-(bDGGVE?
z!Di2n6BB^ES#f+afjl%=und$pzc+Lz-aSOk<bb=f5KmK!Aj%2#c(8HZo0FTy1SvKj
zVO#*P!dsYj!Utdy9kE<$YWi7fny1iPDIu>xiU|<gA?JAYkptjA#m(Z2%+eaphH%$y
zHByPJCbH@bL_?^wj@oYp!n!<I;ZvGXC2V#!d{qdYvcT&qHc=ig1RaxMj!k|~G4b+^
z)hP>`m-Wq8O632MZ_YY8RY>zsW1aUQqN2OSzQAJb+j+u+$z}cjo%wLN|7Sk_nU8<w
z<DdEXXFmR!kALRlpZWM_KK_}Hf9B(#`S@o({+W+|=Hs9F_-8);nU8<w<DdEXXFmR!
zkN=P6V+%pC6Gi)+YDJw|BC~cwS|tOKAwIk}xT#3Rx%5n23mC$~9YyC;55&Jc@aSm&
zP2N@<P&Pg5!2Uu`L6$x-%;BEHyx)7yMLD^d51E_HQbaQRf2#anzq5I5#!%0m-JUp>
z^v`CK8Eds{GF9wQ{Nkq`v0?=({O2EDli2AP8AUXC=?^Ra3<`A}HL2dRC!V}M-1kW5
zW+*E;Zjcu7*@HJ;++#*nKW{->)mJ_D3x~R6&DX=*MqafM*dXB9MB;xK%y=4aE-#Tb
zRgMf4#Cj+8q63oL0%-wDis*E0XSR<y*XEToheh2R#%ReXvCDv>v@^6B_-MUEuKEA=
z-O(}2<<7i4q-ucuJa?N)b?MnPf8djW)&HckQ^`4W6G;8ZCf<&>G0Bv^l1;6xF9IC>
zsn{zDM&|hz>6TI>JMlG<!Z(12o_M))_SE@lFO6P*!$ZSFa_^XWDvSS6aJbT<enIPF
zSotKxI@C<nQlziD?$<tjlQt~d^^n2e-h5pA7S_PmO;>*Di6`%29oGn307wX3#c#ve
zm$hnZKLz9QH?Q`(ng1~lGGDUKl1vtr?B(;+idZ~;5B4r%N_mQW!#JZoO};3S`6I~J
zI|5GUq8sff#2n9r_?woYG417ifl?n2hxZ+NoPr89o`zG$7eB`4<`d}CIo0}Ut~;yV
z6{KV<oLHuBLWHI+8=(x;6;M%K>BKrPVY(hAW7M5S;PF|&^`MB+L<4PBzW$djvi~7e
zz+)SKRkW6C|K}~{f;5$@%;hTuC$-xd8(}kDW4t*ykU=={vHasy5{^Fyo&`fK)SMB7
z+0Z!Xsl`wWs4-4`aE?qaU&}4ROz{j~OJ)o5Dma8&Q7vI4V+Y}x%zf{=Ff(6%joQ9-
zUjeVS0XK;nF|dg_nu2y2+sAjqbIq2+#%d1xhf3{lQyPh@@;j2#dudM(S-Pgn!X`s5
zOeu+@bQifGLIoA`cwrU+$#Usw*KfKD*f{*i)>>k+X~=Z6coHPni}$a~i+(G+M@rm4
zW-$~GhizzNSPuflsM_SQkRoT+!eh5aL}bl3HifV|8gb^^te@3ml0?D|6UD!&RJQTA
zg$c%OL?l$^yp`I2gwPMjt498GCKIYEk&GgC>_pTXp2qqP7yE;Jjvz`Z1}YDkbHA;h
z_M*XV=DnnIKDUv(kw{t~Q;x1!qZytE_r+fs2!zes&h<9OCaQ71+YdRBQf1h|Z$Nj`
z29-6cvdFytlJ0u(6TvdCXN#3<vDea^AUO2$%`WW{rPwev1aGFJbtdv#6J<F;>`+7M
z5W1Gq7!IlUh2f6oIPeo);;_3NoxL1qb_1-`vzu=pTyR0+Z6&T#kypDu9^FcWw$mfn
z4(OzSR_%h$KZ|8M-Vo@pmEXTb8RTN%n_)6Lfxt(B+5nuALhBV(FhbgG4|L3<*ZJZa
zb=v?u_y_W_1eBwuAN#PfdeBNeCh}S@_+@N+=X1KL1D2}RCbY=@y7#Q5O1puJ#K88%
zWujIa=;Du7D?aJhat2{t%mV5}OS-7$iUihE=5#5Vw_!V1PcTtg%*Z47>Y7!8JUJa?
zK_$p-3RJP*MZ_NR6aJ*kz;v~POtp;NYT!h53t|FG7hPr|uQfP~I^YtN4k>fwHjmfq
z{RVgVU&$dIhh8vFOr82^FvTsYg^`<Xg8aNB!o3`kpTv}OAd%!EWo;p(b`(r3^-~7!
zKg4rG%6QFdxE2;v^RAeXtmbJpdNx%{^AKG8Wf6kPC~eUb424qZ=-0JydbKZUn&F_5
zJ5iOwDdAkB=jG~GcigEk(#&bR3x;Zzki;fKQg=aK+?L6!v105O>2S|3HxOLUbC?9Q
z2SDqE8<+W+6@AbebA$$Xp}hs1UAWs~ve50Or(SK5Cqp?e*ogchueYO1&6u;Js$0<(
z6?zTZLSTU|G*45(tJN3}`InA^;zVj|bK#q_jL{dM+m`|X>>f%JNy-{_ZOn%mZ0ooB
zBbO{rm&0FbKB~4ln+B!`6#xn7ct&hMUz3EG<cv$0<;YnEY}O?<%p6-t8j!9-7}@@1
zC@t;Mjjxm?T!Fv3l^2^0O#qKDNO%Mzg2~g#P+E;u#@1+v8ny4r3lFRPr@>@vfg_5^
zr+X|_uVxG73w=i2D>n+lf7y3v7kVurR=<aJ3`iI>86SG-+$Zrgu{yBJa_>4$VYf5B
zHokwy*!C@hTvuF*>H>LId#mZFn~JsMYcB+R4>BW{u4*Qo<&rTXYITw6@3J?gq+QW3
z4wGn_M?wS@S>?cJCM@$Y1}4`$@?pduqcx?rqJi5Ka2=JVLRuWpu7G~4*?`UgQLm<u
zS_@2PN*+&pmcY@EdRu}|Jti^<Hdqp!J%)(KH$1`HlK~n}Ycwg6QL5wz6KvAgn+6Zp
zfE88Azd2Jh7a=vr4KB1Jaa6epHcUb~Tb=1!OXVyin01iafcAyzljh@do4l$jSI#~G
z5k2(kWoHaR%{ri*uRpKEb}wLC+E%ht9rpC)yu=I|%;RNHZfC-}VgWwi)a-i0hz8rU
z+%z!LNJ=wxm>k*)OhcLB0<ZV}e7K9z&(^0XlAs+$BRD6p?YItF3TXkGx-3G&3{TWw
z(up2!k8}~OPmkiZ*vGfY(vEF_Zakf4Td2&2;v_(GsbKfbw}FeDp1zu-aBf5|T|zvL
zFyP=iUL*5|Vn{O|eqHjYrs~bzr7uH=#aBze=@v_&&_AX$%%vc<{vsv)dJb_1#^IXy
zGYFeV2Y8<EGxyS$Q4~gDd<s7k8!^aO@r&ofG+hb|2n-vQCDf?Q>NQ-@_JtKhnO{I3
ziK^jEri{ZHcV@?(f#_PK=<E3?XM+DBbA4hZVC*?Rparj!oxSm-Xbvd2c|4h9OT#cU
z{m8wQP_bc9JK;VcY`#+9uS`<AJ5~}<sb1|B8HkY9<=^^p-izdhjypPcGjw*4MwxxR
z-Zjv?>0$M9)^5t=n?Yo|1rDl}xQ+dZgP8sx92LzWa7PR%tt?ORsZI@-8u@cbwTD=E
z^neKr5#BOC8|UZ;ZZZG&Z;CsZ&=bC~lshCh>f#fwx2B%iZki5<CE8Ts%YK@v#uriO
zenx##+B)y15gM}tIGF5+2iCe*F*a*g=JQPivB<N-`~6ah%xm585IF&ucf^lN^STjz
z9Z?;=jcAC3-ye0rlF18~+PNi?2cB$o$?Jr{O$B6jS1mskXQs@a^N915IwurDT4a7V
z{(r6Y1Au|D<-DvGskL0N8UY@8X@%cu_B-`}(W95^Jra9x>nZoZ->IB=n0zUR>JeRP
z_9{<gdv)HSj6aXA;e?7amUUaz#bkQdvDS4%M=HIY^Oi#10`X!{>uIalvDN5C613|J
zu{W8)xQ)R8@6dPsz)agvgAb%~ZY|BCROF>6DZQ8{p`|>;miZjQx}2x6HiJKR{|v<(
ztr>nU%zA9o4`f-VZX_y0GRDn)gRquWy(dL(u&TGCSHC4M_(sg5BWFHH38UFv2scl=
zR15JV#UKB~HNh%Jjueq>rY`rzufWoOsB3K&{*-kO|K~2mhtxUn=lSZb%zt)p7q|PD
zX({w2p>4GoKp_w&G;e>2vbXGDCqQPRbA@$U2DwWoT#y4_r7@GqgwbcfZ`D+hSL~hj
zu6w>GY}OU|#>dnNVoWtDRrvFUlE)E}SQVK9=GZ7TNQ-g8PaT}Z(8NCR0Ovs3O3~)&
z+KLwao*Ld(`Q(*Y1P_uNTM0((CQvkE&MWY(GdA*u8{uJDJ`MCU_E*)wQLjUPWI6G+
zN7PmF@L7GY?U765r9TBu<kja(<lXfm_4bo~>-~8XZ@q=^+&R4ZTGJyQxV2$P3#T{s
zWj3>?2t@VK&YW)AFt)yf<RwBYL-eyJ0<xjikp`m%^vkESP7E;29LuM>_6#tM+{35z
zyN2kv=jbH^Igtk93)tts!+s8c^>O5cfpJ!3BqcHWPEUe4W}?6_R%9HGvHQ=izYNJR
zG~Hcu6kK*c=vVxZKCCQdbG`5rzh@zwnAjw^R9k_T^}|p0)atCc!6y<Q|4TjWOl%Ze
zCKOmKqjTAGr0RfS(VDr6x9!XA;r8SWMHw;nuqX4miSF@L=H_hx-g)>S^PRXtDaA)6
z;zOnm=};c$Pc_H(Ff60vj!210fdY$)G<Ls(72(LCF*`uqjAEa$gO|2HcfFO<`JQzu
zwNcB!(v?A-g5UB~QS<=7^t^M;=1f4R?ci7HSrq#cdvlMfWvR{NOn3Co7_o=#FVDw^
zl)TnhiZ2-bXa?(=u|Ay6V$-NkoW6kX4C|ZuJ4f>>>^jyEC+{m(ZX*xZMTX03EFj0)
z`hHwT)nsmrBr73C8x1q-mwI^W4Nt0$1s1z(FL&||hQI!6qVSR(-n@IGAL==#i`#tt
z_@T5%24T5zU>Nu~-%?#pZ6=WAeZvOJbB7(T4T0l)zn9#^#mYO=5!j?MHakt%<gebh
z(-1ZAE662YC551jeq}c6pGqq@(>?UL;vl04X%N986st2+(t;as96Wp_lh5v*P@XZV
z@3<EI+G3|%a=g=>{uxIHsS2YAK}+XbLa^SL%<w2Vp`lHlev<e}4WpB6TfA^W55V-;
zOw8>4QCOG&aV}yO)By!Xe8&w2S+7Q@eMdb^r`>HJa`kgNvS2_Xu>vco=rru3UYLs#
z_wNbXXY`w);3;39#oibrkly~|`D-0T$H!?f1|TmFLtoalFrTe55=uN3Ad-dqh^8uO
z@G;?I=O-yXH|yhb?L+SSW#IJcfo^KXb$O=j@qYM?qs1rX>H6?gPxgD`rQ-NcJpDq8
z;V0@$0Aa<aEx3MgvNUv*3kACf^7o1sxWGX>uLJ3_{-=mmvjvEuEUUUHEXg!Y6)RK!
zuX9k25C>|;I$qp*gXfD;zXdQhK&yD>zd=kk>%LP`uF)`>@#iHijb0hyk4n%+NKq(B
zm1oook50x)xT{glyB#H8x7Wf|6;!=$Wq|o?>^5Mp9U`FM6d`KEo%F;eDV>7Ef<&pb
z82Wws+;Stow}C<?epT?RDWMx)3M#A8pi!HRCt&W|ONx>#)^JboBbL3;Ot>&bOJ}w!
zCb6ijDAJKg)<{^SC)}6poULbgc-Q<P&8}2bP+MVobRi8<hu1aN#g|c-ls;zy3m)NQ
zNLN3X1%p}4@eDzzN;PkU9Q)O*nt#dNA^LY9rPDT=;I1JQmJh$i?+;|2@nr;{+_Btk
z3vkuf<=I(4E#VfFF3hMe?W)G(T5k<qt>6&}N-=Irdt2!$xTsK?lh7Nk56p3E2d)v}
zEoYaPc?dEBLPu@)K%>^~Xj0aSy+m(bzUjf$BRmyFV>N630iXNC#cztw^w042=_%z!
zke>G&)xR@rv$nEMd$>@ak-mD|fi+s2fX*|~8hCy){*WCTow|x+$SlL>7>Fcozbqr@
zs==$RHlfPMC@}KS<x_R+^|NQe%P-$B|G;}k4?i9$Xs?5lXc)l;5-q}kH7&KTm->=T
zckr2(6JLa{WuBqFg=!K@q?wX55`o23(4wK5|Hw(^w|3j(5K!v7x#80^OVL1dA`ioM
zIH@M^07ObxTHEA+k*l1ud>p4CuH*H35PbPNiU1>!mE*IGm7Q*4GmD7e2ox>#C5()}
z2LZD*-?*QxOpXJQzeO!`zJ}BUycgdfmCju!F?E4v)+jV;%T}stfObiw*ty*gPWdg*
zY8ue=R4KH{hp*%D9h~(?#Wx(@)myyPVeE3J^L>kkZ1iy#H%Xk4&13{}nh#=JSp;S~
zn!y}D^-J(OQMi(cGOb+8aF~ORtnCrqj{8U?N{yX##Z|?t4`lRN@nXNq-G)bqlmv5;
zH0%&}(K8<x@Fu#e)(snt593HY7coKMRR)gtTc7l%&VdQTrds0fIY+LJMi1JFq__#6
zw-hO^g-^Q*bn?Azc-xwl=e$KL*DS+M{4oo$u=iVe&p7Kg!w-3_KS@*0FV2zcHZ|)R
ze_MJ!413*~KMXUo&tZK^KbYpT2{FA*Eo9c_fdd^Tw;IHQWsvd7i+6g3SEENQ^3$*E
zw_56pHzlvo6xbyJISfF->Pod}iAt41CKyMh+(&GwK|2DfiEco9GVbn&H#j3?Y^Z~x
zpYlgBl2l;seoCb<P=-<tuTGqB>?||Bp_E-I2K+Knn_PlQ*2J=wr;GnpkiEdN|0v+}
zgg(n{_0u-I%1yPd9=Q<(t<dWsu<Z-|UFT8+L!wm07~dlMo>4N~Cc~yOi|5>MCE~>T
z?rCU0k`CNTd%a@6fE423%m0rRiKB>aIz(y+bHJFkP`~6B`PW_KyXWzZ)Iyc-TQuV1
zjfE|`jK*o!b{fPedG!K~eIx}~Ew%@~OtFjtVn(=O^b>?Ak4WaFQ$ebSz}GlLR{<$a
zp@q&Tup|p$r%O~-hFXFNRf4>X4C;9gmAgt^zYfp5H~mI=g5|Ln3-Kk(BRxzm$Rba+
z8jrTS=hl}>L&nrcwU8I{9iv{;HVN|>3T6@dDlAH6a2isYA?dPJE_pvR;W&y#c(`gA
z0Ezpkf>Z6t-YZ^U>X4JiTsvaR@=i{fEAVpaKqu*UPpGF%h&5Xk*`dKSGC)5so>4bL
z?#mK|nK=WmxW~?1Rgr67L|V3=Y)mW(hwmpjr-~sbHVG#@+yaWGk~TB3W||lpG&F@`
zT?2uG=Ki)<RPpLb$REIXhIPpB#ha&)$Deqs0{|Ji@;P*yxG0@_^{Ti*^N`DUu|s-G
zO;P_SHH0w;l6Yat2x37E;#(*pj#Y6H0B7a7K8Fa89V8ZEOI|j`J9JSp$I`uU>4Q^O
z(VQn3HHG^O^MzGfd4LWWq&k5;1ipKyFam=qDr7?cH0#U6D)0KH@6@`c#Nh}x0jV=N
zcU-d*!rP5)BC{<-oegJ-rRe|)>x!>o$|Ht!q$pI8EJ@_vsOHma-p<GQx>C?kB;(t;
z*pZc&K4-EYbgl8B6o_@2tHcCrG<q*{m?~{d#$J6bdHr}<1?6+Mce%~$`@C1R-h^6_
zAS1uE!V5kG?o|<gzfVK8yfmELYAm<ZLAY1wZB!50xqCQyZz=-M;%zJC&~twwZpPNV
zw3w>htA@9Yo1-~q{^n0oX+O^JsW`~rwq&O0d4xhUZ4tqlCJ_MW9R+`seG+3)$9if@
zYDX9t5chjZdIHO1LY(l<W|%VMZCes#a)MVeR&}3B?@L)Pzt7b<=8ucFIVQ`=Ux#!o
z-zu2$QYJsO0~|kxPffU_hI~ZI3=r_AnhYRKmFm#q?DR8jH*+ne{f5$6sx?9w$ZRGi
zm+$@?>~!J3@|$%Yo@F)?-oPQpjAH4PIBSi-Ms7vxnzuo!lf+8OoEqTs&vqJR75Rcy
z%6tt{>%*PHsbhpVZlsY9#&>l&V}v{!h0i|^m)U2+Id3z@@y)qA=r$1z;tL8Ks%VYt
z=qyJ|7~*!MZTE)wHoV3i7!ud{F$I`Poz#&e6EqYk0yYZZ01m9E5rPG@e7+x(3ljR-
zAj{!I(m+({Aj_X-Na|fm*`rF|=^(1_uhDbG?EcBgOMQe^^AVn4kL6??A;v7Q;E$_<
zRCEBu5jxv9m(Tiq(K$O-w5N<rLZ@N%{7nG~mYd=21|6ZaT>YfJq7^;^E<{ESPaJ!*
zABI8KVI0zPtV)ej1Iu<1%??kG;rTYRhljudq@RypvICocc3@IGiHw&H`uT8&pr<=y
zqKI1O_prc-HMj({*eK!<uF2s*#HzuGNZ^EdM8&S)NooZ3b8%6+xE@~%`cL}&fY?2f
zdt<;?T7fgn)(!!990O)Ie5*<Hc6{7_ewI!#$nhp&3;32uxTMI`yCfLXi4(zVc8Js2
z-!t?dFP75uA9-0Sb4;z{y|8tCF8^*ac<?x0(S4&&v^~!^ZB=eg^~I0z(Kl!<-db#(
zG4}<;tDSWO$MlGlJ{!GEi2QH~#xSpK-j}lqSh^DiX;9zWrhPDx>4>vc*Xj_0vJErY
z^`n8BrtFZNp)sC^i1UQfV}9nJhApcdSFSh)n68IhW8)mj2{l4q{4FA_w$_MF#(OvJ
z655T4>_GDRc3)~$CJ`eJZTLGeMvnfyZb%cS`k(vZT!osyT`(|bBap{?03PuYWMHm3
zhX~XMLp(P+ud?^g>C2~5zqf!F1$ZA%E$}IH^)lNFigAdB`bnT9HO<2JV-K9Qatu1A
zFsrTXA~as~6SJcs!wcgn2#lj1Ff&IacvWc0)@F_u)pRDzo_<~02)OwRX))VElcrwJ
zGPQYi%^ciaPT%wtPNc>~pgsT`74li7BYy>C^?cDyWUnjN_V8tXhfn)*W`5_s?&JB|
zAKIlKr>0!yBjMeOG`zwmqWA{(-bQz|#R@K)SK5}n)LG9VkA8fikO4m!`#n|e8T*Bp
z0j0b0Aa|voOx-ZeVVUXuybi)xBgG2`F!>$_3-^P2_23&kl>OXQXHAB`T%4T|L$j^>
z#{ZW1MLg`=gCy#q{{1*{5SV7zKSLAc;9DGdC4_0YBv9n2Fqfp_1R^}pIZos~NiY^E
zmu*%@gbd@dZOODP3Dqo!cfk!{$sb0*+phlP2mvL`_u%5By@dgVVR~nh$8JQ}79L<%
zEiHD^Rj%xObb9Wyuo=YB=u@CAw?59u_O&#63jJtL6Fi7F{Dlki(>DH~LF6OU|CLe?
zq;wkO4nB5ddYLZcgMBX>`KHINS!wz0faoLp6{4il`8~aUStl@C5S{dnIhelp9;-m+
z=a@(7uh^N?Ntv(Moy2b=pfA^0PoOV6Hyfa@5i_8#XIcbxQn6N|FSU2xKN_T0#ARoK
z9rz)z_0ykL76U??@KTy2nNq5SH5f8Xx`W__A5Gsyki1i;JTvFo8$`}uUC-))v3D_!
z;`_SG70DfMG~uG%g<2U=V{slueDn+CXI^8HH?S5U{*ots?qm%nB=K09#l~Z*lHF}a
z!m5px;+hecs?a&I{9!Huou#Ym3mUT5-;#+~b(+zmKuoz0Y!${TZA26krD~E<lL{T*
zz2%I(Z12DexewsWwt<{-j0fxe?(*C#!sJ)+<aLOf!<E#*@9l96RKDS6`vJ+RM%ZrG
zZ+e_1=WGC{$dG2ysHcCWC2-aiv_kY+U16&IA2PvT0%#znM0EIbViF$D>y1T_9N+>I
z_lHif=DiGyhoE&GGMsH8UNb-|Q_D(IF(NpEw(1>2clbVRZw)Va)9Et2_lL}y<!YIC
ze&Lx9ZQo^$V1e@X<}7M;9!Kp^o=J|S(tQ<*+k&1<P=Kv~1j`tAIT?2iJ4jcvV*iTS
zveOuIQdMRqq7to;=LMxvOt^n6CL9a-bq;n6D`bazW)2S}oLeXkUp-~lCK*eZVt1v{
zJypu}RdT-I4NM?55BJNU7&I*6v@*uiXs5yzA7R9cm#q(tb9q=DiD8st$v}-adsov|
zqrUgKr(ejuDjHhcJ;VPDprEi&%YLfE8OvGJor0=<%Dlfny=^!B$#ccqOoQg!Q}b5q
ziH(-3?y2m!FPb8cpx#0=12IEFz!u8kIEOJ=*w%vL5+2;;$=*2B3|@<%yZe*TR)Th^
zBHEO|TIc>Ebizo2_O;#5NDx3>Nz9XL<lBU}aftpUN$WH$^e4_%ojud1@dPx3SbE&<
zgLKpOlIA|xpwWy^JE0-cskSrW9@Q_88IZ}xHj>}5r4z-ER>0O`OdzO>_kHhfq(QA_
zTU+<*Wh(RgJC^gbCS{TeM3(e?%=okRF;jYZx|=tC%tI?;i9F80tEWzHHmis~@VC%_
z{m<}QT(bFT7xxPG4!F}+N!%I$;()PWXi8eIwJDaN3|#PNse__l*ctyL0rpTNj(T`X
z-uR*tn?c0u8*Lk$INj)FspvI-rlt}4K|y2rF!N{RpskT*WvGR`k+G`kE864U%#!Su
zE!m07i^VvEE7#{e#WaN5GGm6c!}haTH-hZmZx+F`JYy!9S&US(_bN@I%ST7c1X;Ov
z>^hD}>c8akb7NWk`GXx@Ag=BI&o@{pe5GvgyqD?cyq(^4O79o!`v;frJnrv5CqVGF
zG=ad$k_2NY##0wfr50MEqlI}IR|#qwYz`Pwzl9{0cNvi88erZlKCS)<NE07Z{<e|L
zG=p~VOE8#i+rG#6gF&_QEz?-9p`%&o5s|~{{K4x3)K>~TXun~<AA;W8<B>5JF?MEQ
zw&(Hv#@5x&w_mdr9KP>{84OkHQ=Xh*=tdGadeJ+P&FQSJ-;88DF`i8BR9|?86wyDZ
zS?8IsK)H5fh+}Aq2krQ|<uWlIB<TX1>G-L-$?_f2UHC`4PB1n+`3p!etVS=@@cl@S
zW$HKh4*l{+$A&=O(x;%}jB`}IiuMg~b!kt#eyd9s;SfV66B%CqcDsQ!mfK<G4V49j
zU`;1nPyHXqL})&(%)}mrHg_~HXj@rXA)RiOnl9*WuqqL0q>RWkibk}$hgsdhH?t$#
zp!G<v8dg`jn{C(l>#{ON=O)6K^~|v6Mb*K^6>W!}bp*1vL&B;C&OEl?;rm=4Air5X
z79i%%^4Ky0N+)`0SfpWgE8=&&w2WmAv5QIr)IcLD2{DccB;BfN;<@|*@kGWfKu?{&
zzf1-xL*{QF90L#|U;L}iqf&yl?4(GO)#Xky?gUlACNw3ao>e3gDanzEfY?(<!$180
z5J9~H6isO$(gQw|WF0XDN^hs5MgI(9w;TuDH6&Z-mY<g4$Z#9UeW@4w8$1(cX%6lx
zr4;Py;wZa{xRpj|?Og~{<?3l@EJ(%?BV8@J861XIp*8ByV(Net#Vm%PFnN(u?E(Gg
z!Bk0HcvS<5ihnO50C!%^r@`H<8<BH%9M?l_7}NpwP8^b`tLBlHT~tbCzONkFgQ8Vv
zxQ_A+NiAk=*eV@8fM!_F6#G6B?W%cDL22FS4uE1sMvznzsHkun$e#{lr7z$hM%-Cy
zp>lM1Is3>ms;X2bF=by?Hb&MW{*5ug_>-_GGA@}O#^^;><zcKIbur?5f|oP({qUDB
zhg(snp4|)6$R<z(SLkUMcnDGJOovg!EN}YMYLaA*{l=d{pa?MXE8{~T??y!OPk)x;
zM>Px0W8vf80{w7$mE)wfxAF24YQ${OsX1n;2DJ|d5SGr&RMQUc`)t-?pdaV9?ABIU
z_5q}~Q_VETR0eeCj`OoL26T~gTe_{#j$<NxVm**kVdz!o6|Oi?K=iXFAVNAGw8AHZ
z=sGjY?ONL0Wc{B4fVjKlx{U@et;<OczW<phZLFbg4hg_}ObdAsoq0O1`QOMohrmp@
zpi9TL?Yyx%wr$(CZJV9E>DYEUwrxA<*d2GA$v6MZW@d92wZ4n0I?p);b!zVT2hR`c
z9`Z1E(X8m!+-STdqfb}t<6EeR{)e(SB44#ip~>l&<qS+YQuxATA>D{cDa1=%(nX1e
zPnJnZm20TG&g9=UB$9Re*bg_ojTl}|Atgs**tLZZsD3Gh<Ny)#$-S4sGyZDZUL*B&
zJ4jnUfe64?Oi{izN$4IRxdCY1Z!EDyLklSySzJzDV+3@!K7(>_+rkGKspk@|L|C5`
zKV8@yEXiRcGQv!^;8)6i<TEHxg@A(uCu<rM5#EFn^=kuR9f9poizK#{u9tNiAtHKc
zxhL+B4;r@#VOV2FEa6+r#nhYa($ED@6ZHHHqdIa2=E`N#7;*K5w4O1m`cV%m4E`rq
z(8jLumB`R$SX&n)FYG6hgn2Vutz`NL*{HpSkac6>ASrOm=9l~-Yy!>v+}*|<8*$d#
zn+}6=uuK$+xCK4FD*}ljdMBuigW7VSG}Q-k%Gh{(w48P)YYwwkPgw&qk%(4OixIrI
zp?1=-+pP*q#onpH#zep6v9zW}1>gA`gAEh}822Kn$^yB+*O~{&Wo1-UfnUeltD4x3
zpZ$t~pT5c`oX>T6ik~w(@8pfii;KN&5O*^!_l23UE(xq&(v=IrqpOeOJ>oqfy?Tv|
zJV3;PRL6^neTCYZu^-N5jB8SL4y&fgiy^h^U1xSXXk%rApR0Y8%++o@w!O#NZ$=QA
zJJyRhhQ4Lf(hT;n()03CUk*AaDN%Yf{vBM-vZeYw_;qokaB|hJ3PD%!7g4``DFg0k
zH??t(aoC+kb2KhwsHMYBHWA!pxHetM(SzA7<`a1Ob+|7DjOmv}of^_+&s@AewHjkE
z2WJLqnO``aCG%4VQqdt|rI>6<OE9ls&cVSyydL%^r$@<~9VM*iK5R$z{-vkCQ+Xh|
z0LoRsQ&#K1kdD<ystcf39=3`4{<vu3@*NyGIQehGJKY85eZ(CE-2EFCRQM{a7#rsl
z?0tK=$g2woxW6B!`I<a4{N!;FDXd)+AJ_2fOX@X5L@=Pz_1Y!!8(-1Ws7~!rAZ1vv
z!-?>r)Oi$!53S-6UDm};5KH}0Q~N#1Up*oqA&al=7&mtzk_UnIaZwh&+s=f>TaC)d
zv)+|n^%tCL@=XRc&Wts#oT{Sqg?#;f5M};A-OwPz-w#^ZU>MU3YK3x!79zJDua7xs
zE+m&u`(qcG&C_#L%~~qv+g<|O2~l*P#1f#08T2psu8=2RV#(oeB#$Y@5n8^oC%g+s
zadrXw(2$kU?1*?l7@C@5K^`PGxp<CwcPlg=`)(*V9tcHM3!&20$ocBre%6Q*VUhJe
zL1Fx+=)$vUEmpB%`|K%jhm=R6q`q$^MPH%XYx{nRm4LwG9(!0Thv%n-l!`CCg%-Q$
z?qEncWN9fX3}NL1;KgKeX>{ZE1%#awWoBJFAq%SpY85i2oC8XFh91((5PUx7T8jbA
zwuk-yD6OTg*KRK<rqQvr3I`F6qST`p)j*Twwwzw*uW0N4M`?vh{{NKLTsC`al^AxC
z#X^P^xqChg<(2Dbo3k#GLN?ocq^N6%EY5bAaOz{~S}**O9^U^~Z8a-;#@-9r!<ClS
zNsqFpt4h(ZBb4%)&~CSoS&`!C(f&v=M<0N~<*dlyocy##;OIl~Gx)=DZs#=o<c;d_
zt+bZuy5D`}k<B_qeg3qgVG16lb)JYWaSSXd@&DFZYgIZw)$esPjnj<WS8;4q5+sIg
z5_M<Bwk4!W2fvzOZ%!kw5-f7?_gg55bFd|A9#+~@5%a+4{{COF6$l}?$**>XhfPo;
z)*>ZcLzR3M^;U}4W+Q65RjE9%<id5YI}=ksR_cqxREJsk;*l~7c$sP@_~{2VOOeN&
zCoMq!(~rZ$@B10IOr*_=k0v_PxaX{OnpCUY;007`-J5`nuFjf}uF?RwhKQ7PUnjW<
zMxjoHQxYM$={$;eO7XzTH<;J0+h|{W5CL;3!Y{P{K*LC*moTkRfh-z@?;XXkoko<{
zxq71pAiYn{B^I`FK`hl32};RnH<B|%bz<HK%O+Z*aXG39jM*58JZ;@1EQr+|xmXp1
zma)^K?xE~M62UN$t${ViaxKi(ifqOZ;fB$7n;nI=9+W>c7RYXg;ve+!xVYRQ_H^s5
zI3uNnsyYC1I<kW44Or-Mk2c*~?+mmtq9Wn#aXw~q0qsS(CyP_aa8qZQc5AhPKbEqK
zWs+DQ!F^u%f@%6;31#+}bLN%tEAahxd)C$Vwi;a$+Ea0eM8u4-0|)3QgKs&sYh(f<
zZzd>1J8*PiZbSL75w?!Q<%1nq27RMoyR`gXMu%D3vLHM0bz}ooVwtc&sP1TsRG`k@
zvcCLpj|X2mIsewp?4-2nG%VSs8o_@DMSo~GFUTb6VdzO;i&Atkk6)L9%I!X4C)&V^
zA+q6W{+OU4jG%Tn_jtapSxSCFLO1wMtg}0F<ua_94(>{6Uu=Kaj87JAPKo*6c%M;@
zeGlRJzX@j~SP0h4^rJ)E1wy@qRqZ7*y#@2J5}7C*1qo)0leNiRP!pq4YK+f+VCm>m
zImrUqFpHe3ksGn)<~Gn({y;!J@rHn9CBa=;iqN_tdWg_wk1d9&!OS|wamdeYe0TJ7
z8+q92-+Qr}d)_0MpM5rhKl{${E-C624z1C&{`|KegVpg3St0TQSY5&D@Os$f5lUv~
zH&a<%eVp8ftvns5aMv>;L6qV}w){EeCo&g}#0`Rb(aOk3*T~xLl0)Dn)T)j=G|y~}
zeCnH+%)VoV&ZGI<?Iuut7vxiY@4e61{~E{m67=v>egDGv`m(zHY5~EfX(i<MHVt<Y
zI2*GKJ<FsvLzZ(9YQxW|<DR?R8P(_k^j+h<6P2jlgmn)(X|R3>AL_pw(JgeRPv^-r
z*ijhbBU@R8*FpOzjS9=#a_l`et1z}vxCi&I(h#xNwU_+?L1~<V(*`#x01E4M6Uf$N
zAT_~^?Vz!kdYMCHr;OK7QyAXGX~x4A17&70Wg0t<D$u8aJIRlVex2qOzB^IEMR?sU
za4VNqxeP0Uh&3mOtOz#a91lQpY`+v*V?Y6>Y+fHAL+Lu@Xdf$I43!~e8(ChU><gnL
z`i$eZoQ-yLS1_XJG6D6Ch$vq=J*xLijGL12>L(E&Bg5_WR+a4lyfzC@Dn3gE!Ow~B
z=ZUp~V8&8~d#u<cj&QfwMUHlqyo%sNe0XA$6kA4h^KY!>+x@8xSt)8~c7mC-{;lqc
z+202lEWcYhq-E;ot$Hr!2keq^F|vr-Z2`Zdm9A=qZ)T}*zsUs4It(BTsL=u<5~4k{
zoe!Ota%(%b7FMIIEvC%1?-SElC^+C#KL=YV<^z-%DfBAil(o;0Wq`SOCDn`+RTdu5
z&1&?HH(VF0CPoeonKIx5y@qEuim{g9g};CHd3NWe=S-i<P+4T)9WDmFbxYH$W~KbD
zJdD;$nzV?{x|lIYp*nosWT4ymqpNw@<J02R;w4agofMp&$CS&Et6wG9WEvv<5MYV-
zdFL}GdS3a!Mb)hVy^D(%I2FtMBvd!umh;I9osN4VxF~;RJ?NEJ>op@rC?oE0kuC*{
zB1@A;^Uzo0vvnu~)ejfD5)SVnLg5$W-G>|rMVS{t7gg-E3y3DrS;*EFXzlk==a+?Q
zEYD!vq~OHB^pgsPhBTC%_4<1jE_D>rRWLsCe7a0skdW~C-dKpKySz?WMIWE1RK7>q
z=rdPUWs#C%tC#nZ_xQE!_;rBS-j>m8vYbOIXs&L8eY|Y@-n2L-l<q@%6~oxmfu<1S
zwHF@pOlNRq5M5~UuRreNdee-&Q7xrL>IAnFlAZWV!Ad>N50-gs(7omxLMf~d$)>2H
zHDJp)<sj<RAs$p@6x+Zb(jxvV6QCcnk?c8FB_3z>mkk`NN_mU5y1ry`X{h*TE69bG
zr5)V@WIG1;A~b4?q{$V;uS?Fy6myiULmO1r>+jF6ibz+YYt`kmNUi0woQL1{w+6rd
z&{R1002bR5W$*Fv<znQywCCd-4H)0m*Gf^f!bd5~%)+ywCi5xXe@((uUD0Z$&_z^w
zR)kxAeY!M%ioNy)OyeGvNtLbrd(cXppc>Y|`1kl|+fN|RQw%$Oz_f-dt`r4xT->Hm
zWdl=#EO4`d!sH0;Fg7Q5SLEz(ymTv#Ske5adxs#!R*<*ySa{hIeEMMmc14?O|7uuO
zbp)K+>E<mQ(pvbK*M7Z&J7s<FES^;2NDrNcm(zA-n{7orjb<J$VqBxyc|O^7INgHG
z>UlfL*#P4T#2dZbt*%tx*_ODGLak|hW4<=6YTg#YN3o}jf^cCZ66eE8b8|R}U9$-+
zNN)XA#8Gvzwx?2~0!P?HdS>8k6Rbd)ZkdR7vDGhWZ|iEi8W7op9tHsz<?aKt)I)Nw
zuT%QYB3|#qA6?mXdm&ox%v0F*-juT$o=xW+uumEP)XSVU=q5V2VoRT68mR{~VIK)s
z*6Au;S~2ww?ny>~$J(1J6jSj(Z*x=<WhjM?8Nd%R@fgN<JIL974ou}>`+s&QRb7$R
zc9F;`+dr)}ZjAU#SmQqF*=O<-;=p6%0%aKFv??E@2#Y1FoN%i}rSiLP^P*Pz=e?Nr
zki-ZQ?){ZAo~VOx)pBrAnBkSDWdHD8Hk(oEgcfuS5`iy(UXFQrE3C%NO=MGGW1|!P
zBdwF7?Q7jYxahoJJ;dc!KHv!_Z!9E$D}N<f?D&01w|G-%TqTxjCeAu;5fcR(Zv%cq
zSc6x(i;<bogP1Gh1HBvZwAHDLv<;OvJVUq(Pj$mPPQdt!f8$}hXufn6=!fXAH?uv;
zn*KXRWCVYK{yyY4t@1lk$J4~%2$`o-zUJz9LcV2QRI)#r4`5x_VCmoPKyb7(MX1Od
zl)%9L&c8Gbe5E?+W&=~~ayMDX71WGJq$1-Gr@u5B>t<moDOeR_gz`_4rBBeb6FP6K
zEc1~p^Yx+l7;jR1gRMpodyVTnO>p^Don=gK+0IYv-Z&IRHzf}4@MSS_tDc;pn#5l*
zrjeTaBLU5uPb0MgpO~WtyxJQ(YncBo5(wAk>)4-ys5BZWP+y)3G3YEc_K2dFiO-rS
z23_KnOKk}&x5DH5?c7K(ohFQtix9~Q)+NR!I*EL37rv%KY#{;>-x;%oAY0hHG*9!H
zlYfwL7S5<NW0l9)%;I;InPT$U(@t!G?QdLZglt9MS%AI-|N1HeV2W96FW9gy&a<>a
z_59k(ZwsWif7f?acyQv6&-}4`Wfk<Z=4QuLI$<Z1U0~sF*Vog8p!+fy2sActPE#4)
zTZz;fYC;z`%qd~pAMwhZAIWr!LcN6`ixF6Vmcd)MM?=^qMUSsC?%6gqek5|c5-V-Z
z|7a;&Zx>bgF#_i5<V)zK^IjVSUNXX?`MMSWZ(&XZvVWNv-v8PHt*kjYfdt6HA$_X8
zl@Hc8*l469S-3;nTF*zS!1SQ=)<1KB>Z~ER%*=MUUp1v1xy=Uh-aWq9=Gm{W!74si
zVj?NB1VQM-a!;mP@umLBeBqDh<NURXGB>H(3OL0I<xTM=t#&G~ke6NQSj7m(A+3Eq
zKFy4`yzb#1;A(II=%~IhWTARY!VT#EtmCkYoZl9q0hiV&v#`<|Sbr5?7IKu+)sjT8
zjV>_y(f(8V2#(^y2mDt4226)>e}phQvxWI-ptpu(TQ3TO^kO;LPJ~g8j><oJd`>pK
z4u+%(pH)-hf^1zZR*C5G+L^=EhygzjmXfoYUTZ~z+v*3W9u*@%gByaL83tZnei5&1
zYIJU2)V3({mLJE9D3IV!kU}Dr!!<i7A9J=UafP!-Ht`MlpmEAb!6#P>0l84cB&<l%
zG|T~lg9Mu>?zkh2o3<ez1ce>U7Uu>SgHsFl#!?E+$D@+DO^)nqr5bn@*EC}*eKbZ+
zZ-A%w$_L8nLPXlBkWwHO+w!MW-sKb!pVVP28Wdjp-bR%PJ9>;^E2;g^_C+mkz8$YQ
z_8l#$@<->li$vKw(|@op#p19&n+L-3OuTV!*Mkc25U%B1m}l~n<5`&jO!wA+7;z4h
zJ_+lw)H3EnUHE5zD4-P6ff67-bL@D9O`*<59a(co_x5T#J;0hyX-jB2S}9+M-wd8J
zrVS)b?nOCk2roIG6bA7R5OvhXk6nrK&zUE;=j!+4YMqnFA5#WgC+UbxrXIc<#7{ZQ
zHm(bKqbN_+2);cvzudS9&*(mylxi$r3lnBEMnq%YME<MpKtGbVVz<+6Q_-H_@v?cp
zVU3Tq8Da;~O#2j@Hy+G_($~zzZCB4&?Y^n6g`ad}yW?$*;Dcikw!Cu1v4l5+A{^Kj
zNXA^!e1m57m`xE|5@+`_@c|A0K#qtq|5p=?Y8zYW-cuc<8inaTHGoQFdqOCP=YZ5=
z^CQ)qv)ji=r9bR~#A8ON=-3yZ*K%OW8QERNC<jgJUmi{H@{1g7wV8|&A#V>&@ORn2
z3t~lh?Uz!-vH1xdvQh$NE27+;QGPZ~fjzxa0yLIoe!6IoOGiBycsvnA>SFjXE?WF3
z*wKTLGgKx4eCk2aFs_w1g3=5K{mhNlD9F)e|2~4Xl4-EZzL9eTlpyHQH&VI43gG`n
zDj&X)$}?QE1=eq*^1sr-?L*wO(Cw*%&gF%KlrQYS!YzxG>|QXJfP)z6ua?gvl3#F!
ztlI351Nc-RX=bvMfEQ>&d?j-~LG=a8zdLh35JlG3%ujiPaBrG<%xKbiE_OlwAy0{8
zq-j}IC@b^lDtXJ_@l<g|(9nBI{0WMviziTuj<F~X3W(g$H-1Q(`2h`C5&w`3JDnet
z-bObSm8JJLrQb0ED^~+UqI$?i|3%Cmj{%KR_qMX&oSVTW)0`J<;a^BLwhf8PFE%cy
zplueU{#LwR^d05&aO~#sv$EDyOE+#Q5|Ht-+XxO*{Ukc!Z@$GvawS8nGI?fC%)s7?
zlp>kW9F~F52=SHjkzX^*AOxt);-YyM!>&G0Ev==T#`b&vry$m$%Cx-~X`7uYh`d-$
z0vdDV>+2}7btY}*!$IPz1mvu?_z9z*c1fjS)XHq(siI*gbo0|FF=@xSq@5Z&avm+D
zm(pBwaAoe_Dkcr59c(6oe~w)AiW-H*7x{GvyEZ06M(K}#pZeoRI-FIi%N`V##ND--
zn5>$krQcg=vWI4+7?zWuFjQnT+||<=M>HDal)1&aq{4pV9agUL0n+ZC;{*QrO4ap>
zxnnb>YmXB}#8GKX#H8+n;~MM((+)eN&sG7La+iT=%DILOepL_kww5MGZ9fEF<@kmf
z4;KSjVL%2i@HDnvfOp1m6$Q=1t@hI=NDnRBz=GmLDlEf$sZ4-L4uBIUBJB>XsfX}x
z5>Q}}QbeA^l*Fp@Z03AGwG#X`I*K?KN0gYhV~pS}oct`t>0AkOzzZCNA#Sk@W*~RI
z>o^o_XyrS}<uPnp^Y3)|@+Lx+x9i2$s=5}oj#xdq!7xhe6Cy{;%m6=F2PtwsW&U<Y
zoxN=b)eGTaeMKivxk<5}Eq3=eCJBXeFWVq(ZV;r<CAI(cHaN-Lh!*KRuvXoTvvBeR
zP=bqj83?)JoEn3m2g7B!-{}J-0Acll<Svsu(Bnjs$gYv6oel)$iq3X7F+Q5Ldl~*G
zI-7D>I5cbi?qGdPPV)4p&541}-a7-OIevP5$chSIF0a2|Mu`;^6~8YwPj}YUG48yF
z=6$~ZE1Yq>F%-;u&*^@VG$Su73tWdbV^x$K-4kcWJ|bY6k&Rl#t6NCIVgbawWuz0&
zeD=kFo?oV@FO^3_w!i#M;WO;=LZZ68V12AQi9HF_OR5u-{^2}|=i1~p`~XH9j@Cv>
z41(|XNwwF2m_R{y`h)cdrq=?J&U+y%r|1#0NCu76R;M8}(fIfIeZ*?5Gs=CpAmM}`
zG(`AXY6o$3kZp5!IbN`RG}c+RMWNB*{+nh19mO+WpYt3U^I4M&sBgR($l3MW_#HYp
zkO`LpYu(5cq|}Tp=-baU4P#gz{*pdPXGTQbo8ACt(LG`l;1rd~hmO-jXpFUb{+PF%
z3OeriX^A);wim>+_1f`I*UT<gqG2Ove!Z4S%%?)lP*31nl%+(Whh1kew!$<ayOJ%n
z3eRArh%EFdDSiY?T9e!ASP(8SR?JGmgS&786GHgMwrgQ0K}#wHh+!WX%EdgjR`o<%
zZF1?iLPa-4E)tr<Bak8fjdXHfjIxaGnhg%lPE1?!pmCGBgjQV%Spo0nQ;Y~)OE}b{
zt=P5{>Sh}%*H(xwXrGj$;G|z>F4&{9^J#njO#8aDU55Ed3bG|jgX9XHT85P*YgC^m
zp6hSfr2SjlwVD%yb*7bu4GudP>ow*@DL6|WZMqs0)b2BwaT(IP?qP?1lN5H&q*HLr
zXI!cu4M54@DPNJ2ef@x;=^g=#6|WAt&}go{B7KBCLZc1bkHDlDx6y7uQz(IahpJLo
z<TmLQzHE_DeTWv0;5cFnN57XJB$zrcPb;m8NwWdijHgd!h)6K^^|Gk?&)r=h)JXG8
z7Vl+HNpjXo)xx?wWqtDM9q8L;i?3!a^$d!rsU2XKcjDy(Aw0QJb$3AB)!Brv=%<LM
ztdk5XSZ5jp?DDn8#Fv#{^=JPHvS^6DDeX@PNn%T+?ZjnwyF<i_o|qJz?4p#yQ$CNy
zU@re-a7124>KXXuZO{VsgK_$91(N8`wFtD%(3YM?b6<8QGR;CMC1MR1dj@-d%{)w5
zsOl0vRXAgIHCJiiMnhUYY(aD(;I9~7Kr<7fZeEK4Y*=<$zWP3VzXt4h0U~^v%HjZG
zH^1J<7Kf}g#dzQ#=yXBn%e~U_A@yHkfq6)vbSl*xUkq3QHJ69u2Gb@5pKjqWJl44(
zzm<BRbgr8i216;98y%<24G5l)Lh<LYh~vQiaql3KyWzi*?u?W1TrsyFUYrW1dOOc-
zcU(IA6*h(yZ5ZmWDrUHJ#szLr?o%U<cCBb@_bgCWE3YJRcS`l0QCRVA;cMl?MxTbQ
zqfrvha`1P95?K;6F@%i!wio$YnfhW`dbY_iA3CEoxK)1`Gnb&iIBu*rU-~poL9X6y
z>K>ywvOcer!RW5ox~)>U_m6jiUD$)MH6&otf&RSL6ps>19qpIuO*_tOZ&y^gs3`T@
z&d7VVUuO}<`q|`KksQ)w9^rqs06!Qj^$TyK@lo;9SFa0Vi}2TN{vG=b#x^;NaCqTS
zs($R9il&5n_ne!2*?DEmv|=<~dFlczpT@|u*do^3NaOYeAnJpW){M27O`TQ*q5=D;
z9`rsg7KVbumm*S#SHBb2=O**tE-kQQP;BzJFI|RgiOM5BNkT&e1Wd_<Ulk)i2^sIH
z_pKdx94fGsQuB!#7&e%x#x(3MruJYt+uoL;pm+wut^quZx$UAEP)W(|Tv;o7!7)wb
zlq}WVXFZg9hs8l~s3jSkTx$dq;$qlqQsn$=0MN;BTL^3-Fb`Xe_TZFs_Y~%pUmFPS
zXK0sW2dhvYvc_QCjn(YBXAGDm;H8}*5sH*&aEWhT&pa@w!d2&F{X$$s?i3Gv{~$c-
z39U|jdIsW7snt_{Wp*ALO`%j+lbjf?{(7Cjjj<5?_AP7)Kg*NdG1Ryfe<7ID=-$vI
zBvzGYyWHOtGQDUoQc|sKTuO(rbc7{~$=d{4zJ{%&jad()*QeiNqKe05hr9ucC=K)l
z4|v2_K*BK4Ip8^|QarC@6Tv4JKUrn8h7oadyD1^Xho1Lc!+TVuC}?oW`83bb7-&=O
z(kucSore?fE_a~lrtc#WL3CS2LE@9X=_3;dQFkgGH{xm-QVjs9)e3q?k*@lXj(vl;
zrRDj^P6NH_S0GMvT5N&$y*sH46z<JP5;m$t{H*kU6j9dx{o-dA>1lD-a)t&EESbw-
zpJya<F{H6Mjf`3Rhw%t(A5i0H*C)<3%5dRN4M!j(c=pC376FNc`qu=lk4(?cwt7TE
zE4~^ed)`88UE);(gc>KNv2pE|ZLJTTOiQ^*X0e9z8cEBkIvG-P@bR0r!MukRX~&$0
zmFs&$ZO3McEby{#fL5P8i+vrut{n3m$%UR!TnhGk;9!UX>+US-6c27w?b5=hdxl=T
zSfzX%;9O5!f$smPEP8yXS^Zfqk%)7PP+&&X+#>+oXs!9orLfZ#$6JZ^_rp3&DTtZR
zVU!kE0T*#5ff@|>j=0bk_Xg<Zda_TMlV?5LH#bN)g-lxCw(OQHkLnG~3k)5L@?Ned
zoZA^hxs4!jqs(d^f`cD|Ze4T!)77EY|D>B>^;GNr_+>iJ!%xzz@8Ne|^lpQgd|fPV
zx*d^nrqpXA3Qw7_>++|(W6R$S!LDY}7G=(Rd@Q1lv$Q?T!FqrW0g+}=3zG0Bz)F2m
z!w+H|Jo_f`wAkL`y`e-bZa>~s$aDesU(aJ?glFEG(CweP!WX6&K60PVS>fC6k1|=q
z9g{<jPnQaHeDt6M(EA2IFG!EN4x45$YlqL%gI(bkuNWhu`_gr9eB)0xKiDxXaDJBN
zwzAHf&JK9uhuVLRp~p?gy@>Hokp!Cmuxj{XvNfStqC6_4)p9CVyvj^V?$yyrC$C#^
z6}{4~?1BlKc6pIVe$7W_-fS&xD#h}0y5lwpcV~3AE(m`a|J#G;Kl^Brnutm-LD#7K
za#L^&)eDhg1F;XWZchS~hezU&Dwh{gdQZr3S#KC(0yjrt@tyN|cW5MoZp3n{jmvX|
zm2$_h_;J8KsCc3h;=-Py?NS~{gZz{PZ|$K-g30m&UuWCEBNRdK%D;w0A>*x5FZ<yj
z^Fv=}LEm|ibiRusi1C?z$iOjBezwYS5V?73>cUUgIg`kOm{&zMxB2q$vjGC`f;fq0
zTu|RbMvx<iA7D^t&Jpd<v22yvf?+E3atj7krdB<<yQC*Ba?H)%`_tCX&qnD_yNE__
z4|&Nkn`<vn##yhkqHf*uyj)nvG&-#pLBfzmd1UyAL86EQLgE~R&{)fTBI0y3^Lxt4
z3<<+dmx6gRMP6EC1ubGd6Vx4$BRchOyU3}=QCc~&RcR~prV}mvEz#`C+d~w6acv80
zPueBH)rbA?=XPTgu5qYk^-H+)d;dh`b#UMG&e;>JT4Hs<lhM*oC>UNC=y+j?3zsU2
z4*0O;d)VzGIt`y1#G1CpgeLpXY@?0Am&4`OG{jrn+cAGQOf{`_@*7ppw@Uz;k$&?Y
zT!Y$yQ=De7&HiT0j`MJCTEk_TvHZgY+MU_T!^i0J>sNrUUz{@`5L>DO-2=9%ZE+(5
zK!HHM7h|?usHwxKqV5imC;K&~vJ@^bXkEWw>-|nwacu8Wk(J=+?}e6QZogRnEHk}h
zCS&WpdzVq8r9F}oeB|(pCs~boi`T+Px~Lj%P<A8sN68_WtX}A9oOt*G%|h=&+nEoh
zYw}%M0#RqvmLscNcA^#L{lPMWBXE}f;=mc>Jy5nWXiyBHmUxtdK#<exSi;L58BQ2~
z`fVrLjsCZ-pk3b?&o9Gy&Pd*ph*G#yO+Hf>D!M4`1nVD?g;9UDyU}{3KtS#9Zn5t`
zDhfX4#tb)VH=#<0*8fFH0m6DXPgqq{qH^6+i}5vdPU`Vz1SR*scnqT?7SHS^ZQ-47
zzZ+b6=@BA>lvX$pVGLC8^5UzNIGGtU@$1u>phabJk%Ht^H9~i`b;LKvMP6o&xu!K%
zp+z|i+i_LRBE(CHP_YGG86;DuwFlYOci$oZm~eEyPOeo$w;(2V9}L-OIS%@=@**!9
z5mORzE~o~ui&h1=4zm)Q1+guP!Zver$bQO;kgvm|d9DyBI0%GO%(g&MI(#wyDKL$~
z-jSn<*z%V63a6ma8gFxvyYE%Kdw<ooY7#$&FKUTjW}_~UKh2N7%)IdrrYr`rw@j-a
z5;}d~Ugy~2FRL^dnLT9ttLv(0%M$(Qwsi`0l+QoYM`@m_&CDQT@{+hMr8gd?%M14=
z;iLmSrVIHj4P@b9X_<)5C7NSCu*o=phafc*VT16kq8J5|cO;AtKXF%JccBXo#y(3c
zCRzT8jV@73gE2wI%yG~BFN42w@zWzli)!2S+9M9At7E^NnyfZn^Eo%B8}|tmv6ABR
zxQR_f<Boy+c$UEz`JM$UMv~1bVGe6Ex(-`>+}k05&3wM~)=&-*S)F#4a?}DE*kn-a
zP+)LOS~V?qr+FAq)*uZdh{f43xGG$(<JXF2!2v!Ahk6y%-!yh^J{>F3ZBlx7c3jDB
zS@vqArIfUL_i5FqB_6Z@Z=QwBbaAc9!2ZQYB!;=nsh#?qrml|oR8)xq=6t$BJ=Nis
z{IoC)I|iA@S@evknjP6BHiaw(*rxY{YqtV5@<OS&XlMkDy_FgT26tqTQ$h!yL+!q9
z-&9i+h49mBbUf&0-fG6@UYix*rsKe-D7rwaS~=r_#^8Zvn8mWh(gh*_dlZW5M6IkE
z)#jO0D>?|%WCPV=u6ZAGo3>K#uKoiBVVcm|W8N(Mf1LBYD3$rIOERfG7X8$Ixs85w
zv`V>qV;<+u>*BQrkYV=sY*T)hXZuP^{=?cdUx*%T$N7+qenZv|qUn#I+q$HiBu13@
zIt#@nl<Am?D8gLTOBbQRuc-MjRUg|?cPtDX{`Ums&AI0B7-%Mch6Er}*G^!_v5sJg
zt?6LA15J$w1t87V>OinLuxO`7TwtUnSeT8sA*O|5g`?_8LF$FF0=(*}Z|a1Q2}Nxv
zZZw_d-hwnh=jw!FeS=IBA)eW>F5&aL$P)UCK>g!|eB%^SKiQ-g67xttXi|zsDI^l5
zyorpV6J_0rGLHEG!=6K02WaV%0EWPnh7s`qaSCM#3MGlrIs&}TA7Hc>s(ohuXi?P-
zH(K+EfoN9MiXgF%G$aipgU0TCwO}=pqQ+O?`r&2?AP6fcW9n8kekfWBK~;P5Hv@*;
zeKjTk;*g&6aDuSZIOfY`qH=YqY#1Q}Zi?chuA|^immux%(-`n`TBI@Bxo3eXb%H4M
zs17YINmGz&5#0!e0Jxh<MNqv*SfMHjFb!>&KqX|vP<4K*#VsNAH)b{EA$ABAb|^%0
zqWsE!WSkOmej={rer4gGx$I}!KXWm8SESm?6u}?az>cliRDAh{RQ*g8F}hT-+h_`x
zL7EmptW?E{1hmS8`%0rY2$K}@Fv4znoAgQ1lFrbBS^UXJN|Q<C8Xm~-f-1r_W9C^8
z`qDe*WRz7l>kzsym>`G27zs1oa1a?;iL@-(%BL(5sqc-LGZaB9AJ)NW;|IQPyQ^f*
zJUd>*31Vq2Q0G&C2V;=0i3L+=-$<g`M}Vem%}Jt8BZrc=8z+)wzS~KQ+F1`#GZ%vg
zB@G<!-I7S%#s%^{&ui@!S>Tc(N#i_FbHwuFt(YLhB||D=%>RHD!MPGf7jJ%LelBd7
z6DK!{-6xG5VIT)(-PUR=oX5d7HI6YMjp3;mok#Z=K)(`25^sIsniDI+_8_28W+RxF
znqou?A!}sj+D|OOk0{^Objw15DKyq9IMs;Ui-aN#FVyuzd6<)0D*z{n9O?fX7mODZ
zj*AD$;s$akGqokr4@X$}61S1lpd^AvL2ZJQ%q;Q-BFv(SAOiE)AG|L&F7TW$Y?L2m
z5m^vQM4`an!shSAyv&7?KMx{A=#|H1dsv6?iSGS^1o6QQazj-;7YFqQTl5+a@fz)v
z?}wL^HwyiXi+mj#i)ZD5P@jn2LNzzaT&@VxNaaP-86<$}#2<|1Yb4;T#E<HLZ4Vw3
zaR$q_K8qF;aSF>w4fY%td;&X@%exQEp5rUHK<?u|F!B!BG`PLI4?lcybK--B-j3TB
zGlt0p-}4->S)o291g}OXGer*G#%;DDe{m;RQh>1cW}ccUGWQ;UOqjjj0@5q<U79nU
zcN)pCDLs6-$`%z%t1rrN#(JmRGQNB0q6}Gz5~nHnU$3XiNCjPS2;oWn73Fn}+Spv5
zCT3O`H)*4k#pyM7;cFsVKx8Nhxq*#q;3dCOjY((}8C6+sJcCM?G(pOKElT+6d){pW
zJTj-Lr8dY&LT@lb;p-G<ptXw79vinIOU@8VQX}JHSF>Q)QoShhKoSq|e)lg+X*x-c
zzY<Om8<atB4I2x^WhPVo7Pq($%+@e5yE!$ssRxS|);62A|Hizun9&6!KGWP$X5fnl
zO(l1p;Q(*mb;%k@6vwJ`GzQ?vMBptM){Pm5EmG?p;^iK1qqbF-cgRp*7X3IC^EXEh
z{@qf~U9SUyfPO0)2Yk`-?<|;1kb({?36!Q`;Th>jf%8A2vLl$IDhnWOVW0w>eb#9)
z)vS_fF`XpDvHhKdkZOhClfyE3zoEL(6#A=<;R1p}{S5R{P4s`@7TbdCLM?Dgv3nug
zO#tY0z_?Nm1+6vE%cSn1_RM;wt@^RR58h+$<XCKR#KTbgiHa6-HE+7lZ36dVfDyIW
z6<QhhAr`-^^CO-OiV>j8*pt({+2JmVx`X?Ky!(%!6qSD`AYvm+)YP1#N!i~wGl2dK
zX=sv`q6(K<)`8ZsE3?i?`?OYC6`A+u17|`1J5$}6n=?(+oL#wm?U9viEmyw70kzRZ
zYfTDz4r!pdVOM~j{#rErz$)J&;u&2B)48jX+C~Fo7L#`<Lu6YBf6`)>IXCy7J~i=)
z*Y&o!X%?*K_-8L6kTYWLAP~amE${FkISc5=_X^oD=>A2af2Dt=xHU;-(Eh3Y;l-Bv
z7w(LrIun%$A^vLZ9~+@46(lxf`DnOGijjnb3S5)*xbipAZt+uGKT~>g`n*xhxN$I^
z)3|p%VQE;N^g2eu1N2HWRWzGp$jHtcr#1`AGhV6u>UR*L2n(u@epojR79{C??FNV~
zhyni1)I<#$Cs3PtLr1GRzkr^w!eJ$AX82#7$P?4AYEVUR{6?%BM`5F8GT{;o*s?!X
zTx)c{UySZn5<cuY3pB8tO$Wd_Ro7lm;?+2xs>2O4{mKt)^cM<e$`!k|I*;;%nBw6?
z2(g2BXrCW`Bl7tx%~=bbr54j#yO8r*Jmxc6>dbpw|24FJE9e*^2w}V>Q=~m9b`dC@
zSU+yI6R(&dHd{IAp9`TR$7NUr2#);F;GmbJy0lgg!<8Z6fp3wUCpj-Dw?|s-wNakW
zK%$}_6oc1KZBu+(RcFB+j_l(j_BC!_iuLNjvsnbzNVLkcQZ8Q*1?3HfNsIh09yt}h
z^t{~A(UyZT9;ZB(ZE!pO6`mppR&$QUb{IWkPA$e;>7mH0Vv^*|PEGr2hO1ec0U2>M
zCnxR39EEe@RRV5^Qr<vWWdO@|h-!Vf$OVg0Qa1;S&tOx@i)Q6kTwc);x7=SOE>A8O
z;Yp{nWEVazR75U5Ju2nvN1(h|eN92}2^B6Dd+l-O%B~-K1pjKXEIu(|2i?F)&B8wc
ziVm5Z!;(AsM1G*EaE>;RW{}ZauG|_>$93U^equh`Y(LcK5E2TQIL$1yh2QVbY<L8d
zOPDut(N?B}BYazBpD0_`uIVR9_h25m$A4%!6Z5BZUBSeAGfHz5Wk(+^_BB(}z%J2h
zq$3J7oX@g3xq$Kz{qTe4s+}yKVl5;;e}Eef`=}MmSUjgxCa|dGiF>wC8*0qN-H2LF
zLNds9K+nO9soCGIj#c4uH<d9^GpR)*na_^upXd`3jD4KUNOj{6n1ArJDB*Bdi1i+~
zf_ubxFf3Y$$EFFo#J<>(S9vq3F`sgY&-58De^>@}nIaGzjPep2AC2*}2aPVbR(%Z6
zo|aPhiO9r8EPNlNBSMG@YqH8Ca=Hu;vd@Nqf^t5c!3Xr6#MO<@($v9EJ1iGXN_104
zwvTDyHdY&SKr-<fDsuFu7CY;+_;b{7GBz7f>#;d@Q8e?%-j-FRdUW@Jtnms}7A32I
zH8J)@D43m=mXha+6eF*gvZOzMD!IVFpwwqT+bGuqY{-eLF`612U7Y#rSN=%_V;^1!
z0IWXoL3eb-{oT`wHH^v0OKUWind{OvXpqjxtux9Mg>UwaWt_a_b2~uDRdGBD-bcjC
zprNsl`La|OJs~^`-<WK3_x_ItJFZ5hQBTc4m{%&=S5Vu@=tOnm5%>oN<(iU%V{v=N
z;2Vapc})(V<AMkusu-&LOjc(5@t4lX4<b=ZpqSW!ys%UkwGvT5gwj#RnD+9xNmj7E
zV4*Ut?^x8}YL~Q06p2e4N{#OBr?V0FNNUvZq;Y9)kb_2CVf4&v!x<oAJu?_b_a>q;
zfh6oa?-#4^a$oWylc@?~XS)Wx3uG`D*<#x?iXy9RSfpqyICfl#N*S3}GvQ8bOgF{f
z^_(6m`X3$%`Rmp4dpgTbx66<}-5t`$w(1W717tEJh7i*|(^?qjI?B20kcExg2SC<Z
zt9FY>IE-RNf3O<sN{rve^LJrD#SkKB6H;+Np_JE?Z7P10QFSuefrsc3jyLko-+OOU
z??J(iuscIC*1@-slSEAYzf2*#(M7;G0^(51_!GD3ghWt4-aN)))+1A-M|q*`;7hfe
zfOKD8RU)k)Ql#e|&<6|dFJd1Vq=oBp&-x*Yve>TeKKsSDKQO3WN~VL5?|7}if<YdO
zGC!Pl;MqR;if#NTT)lB!4TDH04?C9WtIZ2atjfq!6i9ALwJ-ko*N_Kjxu&i3tx-Y^
z#W-k%>!;P|_A1~oBf7aI(OD%*<u-;PZM4NLN;VF00oOl(X$1Q)Kco_;&%STxQ5a(T
z4Wn05qj~{{j1U|uXA5l_Q7{$pSSrnMi(JO;57KdT|4nPRdq^4RM-|RMLpka-!d2_q
zyM_U6g?!zU=?-+3V%LLg|H#|)K&@T_Wnfp$XZXF;MQhH^$?I1z3b~6RzPGvygiW=S
zNRm~BV!b>XHzGwn3FJ#TXR3(qk?8WUpo~yudsdo+4RKVM+{Uqw1D`^P+Glv$<5nHN
zQ=CMTh`Lhfb%iU?U?PHE32;F4*b39mtV&B*%&fLFPf;1UWzeJW!<C+ouPsfwJt~w8
z>cs!qWk8<J5AS45@)-%Uyeh*G`4Z#kCKl;)t~HWVB*mu6I;~$HQ%*w2pC|#}ffkYi
zE9w7Zl|QERzV>E_5e!kM_mP?YaZ!23oWYbUO+B*?@(3}k&>ZJVuREuw!8du|Ua_D#
z?$%B{#D_jU9b-8ac|*Xmn3R1eE}novrYF%vnRdzN`HCtcB5G)WgEa_lTd#KEH6G}a
z0Q%$AFa>)M&N_YfL!JF;<A#ecvmi|krr995YH~GjSfQjt+xiMB(D0gGB9Uzi1cB|5
z#Xty`x>_Vo7|=+I>t1mP+%vkNCAB(^{Ehr~b~o@NrAuXNvDmARS-SG%fUF}*MjBmB
zthE}VVj#7~yb4p1i!KFF9EOR>l);`_CiOsgH5oHN(x+9A>Iw3YUk)mtzh&G^$~`F_
zUG9zeI|LP$b7IarT=_@zm}~X4F09Mo8WuxJTOXpCuz@A!u0?(5tRbJPK6Eatv_~PM
zG$5vVVKh0HW=DA?f0G>df+A-Mqr{2rMa*6DlghitSu9^G7<)E=;})%~lfz^GVdj;)
zIbcUi@ML9n;q&{9;N+Q8l=z-OjrJoPMUN~0Q55gzw^w7R(gYIAYUOA{xXy0YUNV7T
zXL~k4{yz$nKVSQjVVoE7GETr;_?p_$<<Q7KbL++;oNr*>(S3Wu{thd3uazvCM_STq
zhjD&#!si?^iWgz7iTPbE>M8}m$q1^HvxkXMC8S_Vy&f(#{xaO4_M;<*MRbLj(EwGW
zShpYElkg=myif!m4$Hkor=eIy<iUMK;Smpk&HO4xa4=jKF1ewfkG0t)y}HZ%NF8u{
zIb6L%=daOp?(z7f0-MNYiAm@CJM6|hU2QRD0xB{#M?V{UR9JSG&XjJTP5g1iU8Hv(
zx6>oIU5~1|`UWxod6m-+`m2d<k-aiJ)&|OaBTPa>rAy_iy3eEvKK$M$Qn=Si@!KM+
ziSl-+PkZ{?ej+ph`=qY#;xhrNlEl5tq=#jKNKA7sCM3t8aV(D6e!`2sP8LJYewCug
z*p040*_yc7ZXUEGD8W8$G!=-8cu;^*s5|o=Fw@BCO8GwJuHRUegn9e0Ymy?f<obAZ
z;n@F>Kj>mRuHjz#ckX}Z%edd*swqSZ7uR^drc1Ji<6q2;E%z*8N?mivt+tq~%wv@-
zoRXIoDI^64#}8{G&mTNRGwP!EQGPs}#?jMch^nzDdcOP#1%Z9>iwdi_h$(WAf)d+f
zfbqtT9P2cTmz8UE8}vY5U-u2LG?UzgEapze8SM4VM4#uIh)PD=fUMzwin{yGXV4yz
z-&&@d@45P27GG?P8mSNu&{&uPnIA|&D}dnYKvrIpgQU3ai*==pZ!Fx8mOLW=DTK?C
zD4mZGf9)x`P8IBeM*aPe@%|Kgd0EWH30A?!L`I?csX<Rpm)qdKzQCk@Rvt5oLF-Mb
zt&)Cu7vb0o{bqXDW#9^HEyfj<P!8KfO(H##O<-Tk?^n=3FlyN_^BsDJyJrEaz`<5m
zuS7uLOOOYD*QPkMi?nB-yu>lJC}0`D0ZbQnsvL8VJy1GmSCtd4lA6I7O&cH>pN%i%
znkUtR$r1d7xt@6qh;-L%`hr<B53eRcdb_pKGU_>h{wn3G3+(LZc&6v8<NHwyJI9jD
z+T1X~OsK~VqEs*Qhl_=X&S#Kf9Y}9XLn1CLu5wc@;>Ip<$(Z@8>O%V;GN!&EZzdFH
z)kp2t+(iVvKRp725<<;=F4BQp^JGcwqCtI_w6tt}eZ9!ak-^$%Yia7rclS;);>we`
z+%3|CncD++8-WnE+N-|Dq(OnL;dNMpT`h-K?f_!=&1U|3qzw|*vb>`I2&LA-{HcyU
zz|M^9BkK(XmZ|V|d-$}An;+)^qa+I%lBpkX3(`F%ksQ*U)O}$<GRmG?O_c1M3yfkG
z{O3P4^hy`!fsFiKqjfR&93a(9C6I%nvGn3};p)QHwd2ZOt1jSIc5;}vfa-z0LDdj2
z>7YFYsA#u1-&Pb{PGz_-W@Ll5p1dvN)j?t!ARsSA*3QrN6%y>gOHLaAAzAMW@tTo>
z^@jR&S|I%1rJmDq;X_~Jg+r+W&du*YhKxuHA>ub4!&9_l%-lsn+~e~&jBWTno~=hs
z1scc-n%!Y@#n6WMu6=mksSV!16_{IjY+%>(Zt9Q($db4SxkwGsn~8G6)w;u7pOWGs
z_hj8qdIa~45Q(8V#wMIJbKKj(a{H-5D|~JbD3?WPHua=4UZ{~bYB8Y(&kQxD+5gV|
zeKjm4n<P`r>kv;3hNYWcA3s9`JoK|D8u;HR>CfeLaZ4b_&6&Ty?w(Y>@i*>ZHz*kU
z{}s}o?cF5hXR1DUdE{+%z+So-Id@B#d>O;A9?p^agV^v|GQN<e9_5^bhDbkcybmz5
z86K4htT*6vg7>Bh*f5)XLq}?=ghS&U(xn?8QxV6=P)+G`q>Ji!AW!8D|F+twnj#qC
z@s06AjgraiJJV}&p>Y;%Mb59Pmi@7xQ`?Z~Td0Mmv_yRZ7$hNWFmdqyp3CQ@w9k^0
zRs3nHEW5mC_!lnoekkZAm$ajfn0$@#sqIu>i#q7nYT5!R{virX_tS#?I4w9r#C<9e
z-x5i&$=?MX_$@4!RFHttn942Tf!|V?$U1I2Pp>|v{M{@Db03%DM(*}2X`qtzqXbqz
zlWL@}!7ZmaoVP&_73kI>H|;=cmTw#o)TCA6YS>Aff=H;?*36dH0k@^cIC%w}XGueu
z)}|<3Ja&eth<hJFp?@1ld?j0VDUc}2bVoU*WVZ<uAR&-KKu5trB|||1fgpX*p<f>C
z;jLpAH|eq~Y4lc%=U~-f(POR6tsU{<KJmkKk{9@dw>Q@RMbyeyfO9*-J}f2$>~-@+
zEGt^xx$^%cj$>ZoP3!XNt6*!w%|?<()<a9auUs%ku$n~kn`eWG1fv;|F<J415hAlH
zndkkHdqcaq{)spj^tY{5LLlf5PfS$)huwUF0eND>TbMVc0KwjgHz_#NSUkD5y&V+4
zHL0i6#Ol;pr$5Ri5-dD?D2WL4G<6WE7$28NB7a#5pi7I`qJ4?@`@}fm&u+s!LUWk8
zZE+khrL2ZzuQ;#;$;0`2o<|PUcH~4b0<{|sZD5?p;{|WbFh7qimlc9LZWjQ(A^?DX
zW=8g5E?4ZE{+Jw<i%I_Pt-z18sw%d1-Ph?CrbZ;`kloHdUsQM;kK{&sfQQ`g0{}?@
zaE2GTSjS#7gR`fdoo*@8w}4d1-b>vwy_ziWln6`m;v8li04Ao^0<r;{k*~7SE)b8C
z`^TyQc7wSS2WG=+koDoNqkQhX!ITT7@hL|I*+i~?SGNw|s)L_e5WZ+8V7K{I!%4O5
zMdQ^51f_KoDjOQ6w`g2}m51>e$MIq7SwjR^?WM$C#VPwy2;s)4-<fsZ3Q{m;idbw6
zt{X>#-qDl44A{7VOJ3&U3Y{%Km@5ySj1}W@FvT>&IL|E7Dslii010{@H1?wxPMuRq
z))v?ax=-7m1Sx0+efH(Riq&cpJ@fI_G+K?$fB*U=7gc7JUMD0ZilKH5CXQoGb56GG
zbt&K6@7WF7+iC;L7=-PGZy)y|tD)>poXeCe=zDXQ2=)RVu*~`s-+5sx9y+nyjP0Xk
ztV{WlKi{7#|ArLo>NX8YBiwL1t;<B214cwagY75Cl{z-!5s!Y-DsUOx09KI|W10Tq
zDD=98F%>MbrF&yK+1=*bTT%yI+s?mSMD7yeNF=KQr<^0;<@?yQyX81}S|RE!ILy*g
zz<x8+-YSsG{!F(yrwfQa<es&{4eG9iXdlu}HrGeh*t%1}z~gB=BmrnC)PH&0eXK_k
z@8)&;9)x-?QTk6$6=aU?AXL|G#KXtC8>vn|FV}+9u-*rw)OS=`V`+hV<e4=ewjy_b
z8J|u>(DCd(tL*^=g6xtrL@Ghw&2+IlP%8LZdeu{_#AkMG$7rT6acNq}#GT(NtqI(+
zDhtP<#F@4kNcMPBB`0EKG(A)vdgk{)*l%Y!?KnlP)Z$vckS~%3-fHz7Aa(__@;*&Z
zm%_v-F4<+;e2W%At4)yQ6csJuaQdbpy?;9Ln>REJVKxe8n&(IqA3p>43-m<_@OI8K
zyRp-4Y|rDS#~_nppE#YUc4ImJ(O1x&V8R<PB^Ffu*4wSuSN(@{49x`#m@DP4>mW<=
zHAtJgIMZsyZy7X;lEGhT6I0V~MK9#$1AsqG^QWi169cTs4e!99%c_#2TQn_;I(WE@
zI4p6IF6P8Jz~gkz0N?|(xI*e*qbib5G2c1C8fCJtR7L|{(=f~-*sIXTPyYo$bPx~)
z9@%LI#yw`gFic~pR)sAbErbD2`4*nXR8FPv#Qn1w08Lg>ioR$RF-f{Q8hjP3I%w{S
ztA%bG;)B{s(=6R)(bNlE>^GHP>b<`PfoXch0HZDcyH4yQv4g4$RyvJ{YqoTr5m^oQ
z(13ggS05YYyW<hYF+<N0^^<WXvK*IFpSafzvl@LUrVE+W%WqDU0`nZ-^5-RxN~ZK#
zuo|O7sUJ^t>5-i^BB;_#P4l<6gu)){Kd$@i60OXmC8Ms%oa$e{9U^*>LJa2eJvZQS
zci2gAo{v3-nJ;@iG1%xH7pCrW!=q&V(dSc_6{%p7<y`B>1eafmip^}>Ouc-Ox{Ohq
z#Uh5vW$eTOE1i=yDl-PrA{vxRL8vZ^8pWfH*3nW{aH_QRHKIr5Nn`UHLpuwUlZ^cr
z<P%&ACKgU*QHM%c1U#9lDHSc-&_goh(#^OGza>rYnDyzdHXJ=a6VWPr8RW8aPtqn4
z8T5+<rRsTqM(NDY0B}^{%1^tb@Nv}$vD-n6H$}CrZI|}YM*kN8ctD50qP=>e1U{N*
zGead>OOux;w-sX40JH^@mn0D-7V<|BU2}?4kyGx(VTiI9s_`ooj!79R7v43c^*+Q(
zq8XRqC-1I>R|~W&zM)^h{tYbS+56Z2B7zasySrr?`kQ5Si4%z$x;_J@)VJnUGnB?=
zrkqDZk#z`W7E#m9$hN8pZ1vZ}GrDOddt9}SWFNUu>d}(F;#R@8N1^KYg=fdKM5GuU
zF)=6&AQ_x|y<3A~^?5NP??rW9#GnsZGWcu3<a<%UZyt5&aIhm6PD^Aud|k0?sAz=+
zr(+H)J_GW~c|k;}SEv<QWU%<Id5oxBh++=%jYldXQAgHZ`TZd^9qP`4_IP~oTc|p*
z&1eE8Fk$hiT1BP9@Py>7Tr;u-`$DkI2>OT5_`1{)i~m^YPxDX(CVN;xkf@l^0}}&@
zz#p?ZGR8G}o%cB^4hDHpPPgi2{lCU&_Mc=+xx17JK4(PoVx6(hciQ%CccEJE=;$FE
zFf9nfKua~MKL1y$ppZ<X7ooc8ZSm-a?T%)9xAW+{IGQ!Sv(9ZZeAe46ICGBRyQ4$J
ziHH*x@yd8~n09-<@gyE}LoMEQzA?f}rA5e=W6L(=%xi!Exf7z~P_;)z2_jIm3ZBp`
zsg)3;!#GsqUMr=MurncU>aE$+#&gOG42NmQ3o5Jd7&UI#ZjK5qzTa*u76R((Hf^k(
zPxM}wqK5lsN(7Hu3TLw>K*^pZuA8KJW58UAa>>&aE8f5We3?T_QEf<X<JFDn=r)V~
z8yEoXZWPNLK|D%dNh*%P+_NCi5XgS1P``wsx(zUeYlE8=)CQ>qIU_}#Ws3hZuQ44o
z474}FRo8~vwIU2vcjFhG5G~KdtHA_3HT3Qho);G)z3QmQ?tQni?{s}*$mnA!IWa#h
z8++TSGmkF7+9McEm=U@%mAs_t{_=+1MbW6^cldHIMImMDl3_6;xL$DGau2s&GEx`p
zmZ@z|xztsMP0Yl#I=SB!l2%-<z=8TdUyJvmGX4-}AsI+f=%op7m97q%4k=%0FRVH!
zcZ}JkT;1lgRo9eYu7bu>Y!rCI=hm56(#&LSxOvmn-n-4n^*>t+LT3QJI|_`Quc7ET
zS`^eZ{E3x9*YdO)?Y-z}SCWiDHE3Fpcf5Fw@AnFxL5$-U^Pfb)NRrjE^5v44V+6%t
z!KLsVB?VYvApDh~s~tk%HjAMZkV^96>5He&Un&g*eL_@f+_L@Ee!d_-J6lvUc}{+Y
z|G&`x|APEXekSCCToC*J>VM>CGFOYNr{-JD=d&&$wK8^z)Mp&nEOrSbClMZZgPQV-
z|6#s`I{y_Bg>K>b2~6RX+=1mVr#EPoK1-^aW@@k}U(BDoqY*^WZRVB>#VE~8PoAGH
zI#Y)thV2xc?V71~W(}jJ#SXf3(*r{a&Wha~-31APkz3aMmXQr#Z&+zZ+k!tF?lCv{
zwb+@Pg7IoW&a2~N2?ll4nsg$9@vyZe9iPM5ex}_mZV5|g5W0fgEuY30FAnx;<joC^
z6ib`;Ee|>!pi+jQIOmrd!tuj~^~-4YsgW)N=?f$vmOlaI;tr*1=Q)GSYs2kHfZc;%
zN|KL9U3&5H2s~AdLZd@0wb+PJv(7fnwa}$BK}sspHe&bys@z$h-a4><)ijfe^sm9m
zR_?8c-^qvvw+p5y3X8rh$Qd4d2_8l@53efX*=OgT8Jggx`F9|=n)gU9AhTXIqY2T4
z;wIobSNd#o{LbAQ)m+(vXEPIUr9CHPspG;Zc$n;ap_klqOck#|Lt>){GjmO4cblH+
z3j!~OT(>aJANusMF=ut;CXk}P@-R^^Gaq2uFJ{&%_(rPV|6>%7Z+W?&;l0#MIg&}^
z|Gn~9drSvU=O0hn*`7kggCP=bvs6Po0DH9ccrO|OMe?c!0x}~7y92JM7RP&^1{O^x
z#oEktrsM{w=dLq`-9%5SjWwFw7bjnkIeB)fPI-aX2sY6cO%#jvBE_hIDy2Z}h=lYR
zXuc;rbQL>Gfpas-J;koslL4i!qrCa9=b=j7<M8A{r0i_9;svjE7b4?HT%^{~`@Qch
z9=#EF<c{I8!_jlj{{lSf_8^|Be>7(c_*BE{wA5-?PDmt|u+86YF~pIU>?N6#zllPW
zFH!1MUCEY}Ifvo3Oz|Sg>XfBMJ+m0IRO0D5SSMZ{+InN#$TB_NaHk*LJP~{u4WqT$
z4e%I_2GnlQ6<{H&W%CHs>I5u$_i3)NK=nm1^~SA3?z_b5gq;@<-75+_V!ms(%BU+R
zEyBW~R`v=)IL2NA`zzlSfG*s00K-ST$9?cv`wowF-0|cn>MrU^_ckLm6JUr`3{m}x
zrTC)P5ZT83cT`Cwvr#MFXx2HWZfivMf|!MfIQs4;F%|ESWA45-FqVVPx!V+l(PY2q
zIX7qNo5+aVtM+|kB+_~4uv=(|UBDbreRa-O39y7}UxJpwxNHIxc#75KGFwVj5-?9$
z=}Tb-2CAtb2q$KW3-UwT0%0`SVCXn@@E`7rqqg;EStmEFGF~JE6W`VqS<;LaiMlBL
zD4S{+b67plIkpI+!n|xkjin5_v|>;>VDu);r`S<zqGy>DGevGp!~4cK=mLLsYc-&(
zXr{<mrBn4S&zIi!9^<Eldw=?bbwSu-4KDTG(K_m;{hRUxM{b1?R#lxmyotu@s6k<@
z)hW`M5-6<>eHz12^JRBLN}N2JVXr^w6gsO{k1*O9&3QFsxjFPc@7br~jOqJoTbFY|
ztQpn!)a~_9bf2#PokuWP93MB<E4+^V_(&xVb@W1K%O^(sB^ApujhJoJa!@}j(dyqE
zTJBor-1{-mpxu~uV46gG1Clr+%i2xd*8Em6!YBhD8bdcM+me!{wKK3$D_p?s&unV|
zf<$V{NRB!id4#Y^?n~Zb+I$7{%_J|fTUPGKR!9k?14ulTlCL4tE8w1_6>5+$JELqJ
zX>IEWtT>`Wo*&a5U>WiKcB_!$Pri8i{OR*O1>f1It@vNSf2~#C{QrD4U?=fJHt0EZ
zZc3!#-s@9%0e18+PFuS^`Qqt|r_WE+oL`)(*;|(R7xU+*!~+i6X;IIN$&PLQyfBH&
zqD*xRx!y!)vub8o$V2h<-0)kte%6h>6F_djrNArlBo`%n;y(0EJ5JlV%k&*Y!ga?j
z&5b#5@Nbou9nJSi`@ma=#=`s2qq@A}&Hui5^Wps6oA*~|Z(out`_r}rifr&zcwxnu
z5An5!;hh-3ih+jru}=2))F0!D#nZ0Tx(%L&p$f{z!NcyiqO2OI873FxvfirSh0^ep
zqziRRu8AnIuF3WIN*SsF$DdS-!`guVY$qZ&p;<BO(Y}oVT#BqVD`2$+-8uu%0MtcM
zHrZW0b!4vBKk@AWYok6pWC2X=r-<3V(XV2lkoL&qL4eGf%O-hZTZ&trI#n88n4%kh
zRx<E^y!^9Tg~3EsF!H`-#sA0N`*$~P8++sT@4gD0?e`peTTAwC)27{XZ*v^moBHYg
z@U@(z_awbph=e56B%u(Xy~>m4y?+m801}i)5R~LyZ<qL^-B=_D41k%z{QAt*;strO
z%>);W#;h%kq))_Rr=q%^=V?N(AQsVF;@~7vX$Pe>4-s)sU=#@S`SsPAJ~sf?WlN3v
zFhN@5?JUq`z-nL4NQ~%~v6X7T3@k7c#LwxzG>6Ps)Q)u7RkJ~AJ&0%XmpP5v%anKu
zqK1@04Jd-T20dw$5_2)7Q=V|OA{2bwSXPgf7JV3hyRpVptRs}n5<#($9XTOtk&9x!
zAkR9>;y;F3tXouJRlz_6uj`-#%m^B`jwygP2C7<XQQ&)@7S4c5WN?Ygn^zM9q;Ao?
z!J4X>G5D!bC^t{P8#kb(DC)*2&K#6mTBwD{_1OT{2E#!FMm-<|acu3CxPZAkqq9a9
zVZKL#Q-w<JM@#qi7=SMuJ`1uFmU<b&J0PELw9gFryxQ7WPcvXTPQ}g77yO)<!m)jz
zeK%mL8(7HWVG_FoQj_gKsmZ{0{_WY$Mh)M9`F!>~C!qU?wpRoujrHtIRKwXRXjz-+
z|5dd!&y4!=uz*dcM-!@P;+50U62V7_X~?K-#sVrH!-FHOjiQgW{WeMlg)(3sgF@Lg
zy3dZY4+`a=P!0;^z;*_O^6~SW5QUQEYD<+es?;(>m)OuP{aTeN{Jl@5(mFOKw|w~>
z*dGJub&fs`n{n!@n!t-XG|7;ibIVq{5gKbnJPJDBvel$RnsrFBrg?QM#hqghlXIOi
z?t$dn7P2jn+jh&e$1KnG3{%vDZebE?OUR<`-4G&~!lY8SMDk0cAW5{16hi0En{fE7
zZ%vp9`j1Mq2mlM-9}n}+x1E@yGE!pWCtvMy8Bco@-^_~)e4sf?1dTy1ZD7Y(L>$TT
z=JL?`sxYOJk;9wG`PU7o0)AF03iWpOHji0;!&CM>&tlP1zG4kXyo!@rh<hRuEb3RN
zk(iBy?(f+A$5a$qYYZbg({1WHgg@j=E=?VAfUugJe@#;Q9;g5*Zl~LS2T+sdOe)AT
za=$<&fz%NyE0QakF5BavP28pF_OJhi3ow37-)l;eQ6p)e!VKQF#@&h;fk~NR+G6v~
zfn^BMq{<Y&mOdRD;9viX+&v%v;V<KpHi*AR={ENqxmNhCR_HB<9NWNeJskAb4zOD#
zz*a-Ica2jIgWYQ0{e2*}JnQO*+FDz`2AnOEQQn5N)i7|k7a(-4+g4PqF4QiIsI@G~
z>!4{JnNsdKE4K;4r<#oaW)e@7$myJE9mMQ=*+ASd6pMY~adlvEb*bc?7+l-qZ<#{Q
zty;p?*jt_IMJVRhmUvqZrdI3Z`e1F<@U&Wc?18gY$I@!;u>)hPJDJs^R_+Z~t8)}x
zcv=sFrL{ATR`<Q413&A5u(S4!o7K5|0eD$kVr6-)8C&9H`BGoD#K`g@_-%uag$vZa
zb+^IB>c+p?Eq}#>dDV({wPjKYPQOdHL8cU{)!0s(u5!3LMWL33s_C9!et-_f<>xlg
zL>qeC)P&5}yLB2@gJ~M8(P?&4Y3en~_1eYughA#ELU#ciL9;<bD|=DIq{P|{G+Q~s
z(;W7tXbko4#J9MY7YUV$M_(r*y4BPO%w%nPvo_O=oPIwc=Um=ua{GWJOsei0Tp1;|
z#grusvc^DZNNKddENfGai@je8>CaKOwCQV1l(;XB%})9)y_XE9JJr+GKeINIUx?Lr
zCfl=}n#hgM+fo2<2Lmu1IM>z!69DrHlwOH~+*8b%0Zua}H+=bmTx7Dqf?8_rGo2<u
zNC_<yho+UG%v`}B@EYNJ$OYz@cKCjuu=nbVCr9MT`<c}Lm#LY2GA5VlGT{+dT2skp
zEYESbOqqGX+b5s7>dAv_3h(#PvaFToSde?IH?un}5m}y#ysR_otgaT`-X0;nOQhTZ
z;)6rtGe-v*qoFE7FMQsE@)f&Hoj=r65^uc<-5NIN<%|fd>Uv}f&|<L<F3X3!T~1f_
z>zV^Qn-FT6nxBqic6Tge`s@gXfIFqbXIh&lmE_5@Cu1_P`q7a)@A5fsk28^%1A)2-
zCr`+s$YDeg%}B!N9kW?Ln$fJV>hjapR9X^PwTc8)t|HrD_8!<bEJjvdm|Ufq$RlPv
zKlq53I+7`6(p~Fzk`Kt>Nw6OTd%rvnr;~jHF0dK@xnSh-+%otj%O#gevy7O_TQ8xk
z(AAXElKAj6rN4-bTzow-!+QFWh_)jhtfi1w@AkNk=r2Xiv|bXV=#)>dD>wS@<eVys
zIu39kU)p{t5ViU;1-vSF#Zgjr&?h2b`}5Z#?x9pTFIkrTH$B2L{5wf?Z{&^0m_J_U
zn$ei(lY4~!{66Q3dAU)L2+~{J@2OjxkbS{U#&s)0teSqn$RfY6NW_$w&AyLWe0zP_
zYZBjHU)nk7e~Q`0@L`C4M!BEi_f%9XJ@w_9j#`OwlY8nNJ>Af81GP(UuNUvfA40F(
zmFBlR^Tu-3PqBU)9B)xo@c=HplLgg`l%z$X_|jAKhuAHzHyD&Gw!24PJb_D*bB1+_
z;ujX8rgI0vc5UqJH3A<R?pop?>P_C=;~|<Uv+_0LB*JWH$<))a)eaFi1<0^7H|nkO
zlp4>54U`<}-;Tky`g9CDvs3R`uzW*dvM;tOMLX&*-LlwnT<-(lUSIAct9@~5o3dIz
z-6*T!hY8E?c*Hs`48}(FaN>IV%@lvCo5@C;_mb$<D^?!D^$jrVOyHXf;^>_;?gC@*
zBd3NJLEn0febwm#Sp;yJe)F?$*y$ldgg+C{!3rEw_W`a5-2R9i<F<!5V#~!W40=F6
z`f^gYn4Yoag1nrR8n)v_^w|+$*b?ol2a+Uw#ykMtL2#=g<38};joBR7H}vXW+qEFC
zoxf5Ni6p^7CEndDW=M##%Z96)Dc&Z>w||Dqo4KYP;{qICU!0!5z8I(RZx`Zzq{OI@
zY{ZpMG6rB128K3<Ao?vm?mg0AZc+<P!nZbP5@YpDXjEz)n?fl6?IousaFQDHTahG4
zYn3y0<XW1JKfD%E8BS_b?a(PYuWQibzQq9fFq^WEwDHHduhY7Er%vrj?eAT;$E69D
zzhx@|(4aGs>%E!R_YzYP5aGCxEFa^i9}9821RV_anzfWZYA5YAn>A6^{JHc8`xy>u
zVD+?Gs}3}h8WCPUK5awO-a=Bs9&-TwgM`rclr)`LOxxu!>9ZQX>Gjik0}59}<yP0r
zX)GX0DTfvJODShN(>UeXqu~bKI;K@ww$>kc7PnJ<&7=v>))h$eH{*mUeayb<*;acH
zne{@~eb9|(Yn}Y*O8%UT@av;xT+#pWIF9Q^IlqC3J(y9>dg6MS=DG%porSo3cV0L0
z0kpqIdG8OBn>&y*Ovl?^52^SvB+*EWI|)$5kXyMKgiD&!lqr^1(1WG~rT*vJCCes?
zMz>zC$e<s5^7_FJ4qv-%5Rt>=npJ^fcz{0UY5d53+s?{2bxTrN7^JQXlz&FdPYiKg
ziX|X{w~_!cZG7QXA!pa{@P1BO=cPK!O7&l+T$K#R?+#=NfsqmMUu!mz0jC3@?m(Z7
ztLm^FHmOKi+?Wzy`Q+r}1hG%Q{PIg8azaVWBA%{4=<OJL_~Wx@WAZ<zuU|p<<5Ee)
zPRFn62WlOA5H5B5Ka;m_Dipc;n{aC^$yo~=_7C$<Uwknp=R5~218#txY(%CF8P0?v
z6c9B*P4eGu7YMDO0C5x31o(WR4Azd`y$O#LrXV8g6dia}#76z$7)mt|CVWH^e#^*A
zev^x0St6a909kLJCK(b3QSC*^)CY`1>a<VR&JsMmrV$!oncG@rY#)9<F|iyF`hj^R
zb-^03*eOe7)3uhl_!n#eza!aZd)mv2G)lL{2y$En7Qsm?AwHB4g77-ftDYgm(yb-!
zB^;7X0ZMku5m%Agdgn{rOGUQPGeTDS4QR-(VW1S|$!n3|kj!AvP;K3{fE6njr52PY
znJUaOK^UeUGm{cwq`iHnG{4n%M8lECkaZ%<Ixjg(sN#3%T}tW7&F1PH>%n+@fGkAh
zL@Jt_Gq3;d(*Xhu_G?wHmwJn#Xt%}HXf2n78cKb<l1{gE5HzT^2YYj`g_zO~vD`4Q
zgVadnw_8eOYz?wmVb)s0Tw&}A+<<QPDw451fMCYfM?7QRaR^=OOwJs5SD~`J4pIdJ
zdh8>SyThEZ?O85k+fq7X3zgB>!X!1eE)O5J+8MKMKAgT`smK{;CD8&Xq6A4n?YB&1
zOkNwNjE9R(rAP{eori3O*L9v=X?-jK*gj;|<zv9b1G=r?vXCivv3xVVP)4_}Vqqhg
zYk+IG^QIl*8tyWAJYI9h-c21rD;-ivs75pUf=znZzRD)3df~<HLM(j&8>zp!CXzhN
zk{~%bJS!9KYyi<^rdU3s5qs)d7}#>bQkHx0;cYOa&3RkUEH<dj5zB#*u=k4PdM(Z-
zmn6>l9m^#-{MwhgZfdQxdj5mV6Y!<*KxKH`vgXV=a@DYLmN><(D{5(B8SDK937WtP
zSE9&`&&w8EibSsO+--@lRfDP@bA1KL9n5Y-!rM7ace~K&%H`4?jqIJ1DZ66ftWdWB
z7k35NwWQKm6Twy91?Ys$SvI_4fp%0@eW;~fg{B4yLYK?L>wFKQbtYnVRZJ5u7n9yb
z|E8BQ_^Q0Jci~Wz(%aBr`<E<}9Q2a4iaUB4y6CfhU<Bm!CCt?6(LcSZ#{XS+il^2U
z^&8)2OZOcT(Ik=U^)M{k_v`4oOSr;L?M~x*6IzNu=mu&PV?+RF{hcV1qym#qGa@qE
z!4aWJV!u<>3-FINXXXI-w%y=t`Q)7~+ecB`n<4T5Tl%D{^i|cYAhH5$`*6HId4#7*
z<$PKw|Ca3oALx#ub1iG6TptnWHTvofY;0r*9684<z(QRf+)c(<DFvVp;2%A8TVTK<
zDxek}@Z&lzCYlzySH`<_0}>=)oZG6kvAECfX&#?mwdRl2RkG@NS1GlBCi?GmDhg$D
z7(5QIP4C#p^nx`R*i7a5bx)ReOEh}9eC9hMJEYhaPBpZYd3zn4YJ*el({QR?qEk&v
z(u7MWs#D`PwhWcuO4rwKab9scRBzYQz8p=wOOp}i&{nIsRvCOL3|RS|JRs0l#|5Tg
z&IeTr3F7CYbI|cXE=7k~4;v^uG|L1^MtOvw{PGBI@p`|4X1Syh^H$@kS}9lq%*)|~
zB2eAQs;41OuUBBIs*1v;BwDbP!arYXy0ui;YHC~(t;{Kg#Y|Y9N+M=QwYa<|ch5TR
z?zZ)COA)(ae8unTZL<_!X)4#7rK%MlkP2V5$^i?<8Y%k#(+x9F6Hu>a!K)aIZ9#Ux
z)FE5C5j*q`SH}oC-j)0CsI<h^-G?>RBIFcyD<A6$Mo6zgDo9<;2<SG%edss`L!3te
z?n6hj2y)JbxDOruB8W`{X&^N%BcR()+I{E<%`4+c+;k-d5W%%?1D&xrgi-g$RlQz)
z)Ql%F<gDg3_u;|8czl3?AJv7SP_xmW3Cki8hkB{?7;~vWt*T5>uJbgt<L%{^#PRJF
zmC4pAdby=iRH;H`#UnG}vPfdEPGozKB;hHC;sG%*9wwC}hxo^Fv@Ak+hIu+=smNDH
zWjFfuTEFIrry=|@XCx}}oMkFmJ)q82Qm!kRy=wJEsoZ5?J}qTB@M4pe6hcGdxH1uK
zKf5D$G?(2oCjHf{nBQ?Jg0_p6h^w~&o0Wi`(uc{_-w7UkBQ6X#_4iG+RpiX(d<2r;
z6xpoK#+uIi%wHPEHV3ld$KU@ts^At5e;mU<e)sgNr@z|&`2EwThlfA>{q;9DR~P@}
zPk;R(E7Dv1uU`*;U>E-k?BwawubP1z)>}>E<Cz+Xe1xQb0k!G^I<W-W=Dbuws$^oN
zmi_=+y^o6BS-iDAf(O^IL*rLITy#ojN8mC$=Yc7V_UU@!f@0}X<TPKA*qFvvJ?dXL
z1u%9l`Um5SdA>^)W6EM)q&*60!1FFe?x9GnDSm5XD)2GC6W0_qr_n9ml1g$Su!@ss
z`{ar7gQtvk*#glN4S^6MW}4o%BOFuB{EIHsfU|mNI(e$~#MhuEJoxgF;35G07xqf)
zI9_K|my`^bjlmLeE#c1&(?+T&0ryN(PG&|D5z!=|Tpp=wF|c_q>{+#rK)r?Z7g75I
zvuGmy25-7tCOm?I_;6E&WiGeP4b=2~&(k6$h18o|Wab%fuja&*1H8Aj{Gm7s&!EHl
z{k=;kn3R;POhJ%QYOj~FfXjxN0qVcr9>omY`=z=m%Zlh5hcV+x_-V8Stjk3xG82gQ
zL5|O()OEJhaJq$?jd%-^Zcoa`>*CF+4DAHPwN7WcBGkrlmE7Mtif>9|jS+j%Dl(N@
zcu=)?97b#~@VFu){Xf>&V?BIRHp76G_EV$#g8Q{ehlyFj6lAclvTQ#_&!pl`Z_Xbx
z@~uQiYrA`9_JYu-wd_!d*Vl}(81rKiR(78knLHxXr#3{ey<;&WnZ6*D=nZH^%9$oG
z)UnA$N@PZtav=a-GNMZwapl2r%xQG1Uj?5X4DX0UPfd8UyKMCoAGOFuF>lx3X!&-O
zP-&^#*sr-IOA@a#+MT+Kadnal<Nbkg5K6Af(#z;?I!h=|$)RM7T-Ys*zfAn<GFl_^
zdaRfz;iEFF1?Dj2E}y$8z^^ILILN2vwrc#jeLLh3hh?z^SQZN>uH*FTQo6T!JTs<1
zwRiG~$mVXnt?GnoagY(7>3euw&;$hm4!*U^v&kiP%jXL<x@X|oMVVgl8aqh79-!KO
z$|MLHW$b)tjn`AWrz@zNXW}7iAtoIcYqKMpb^t;~!hwxw2FfHD#r4w4c63M5Fh{)+
zoI>H{pHU=Anj(r`3$$XG{(e{OpBt7g6RN^vIi7s)Sj`>pt3J~-i$^rk+wSVSv#v;i
z@}$;6v2H9|%}UfGt*G@nqXahqOQ$T3E9@CGrQByMx2NLjyR#$0$82o>%iE>x#)<(Y
z<``pNrhLGLhbcJrW^bRGPPX57|EVXg-~8+7KOMA#zrNEFC)W=IK!lh#+_>%%yzSkU
zh$l-HjSW7}JG>YZmZ`j>!q%0D9q@7-bI$%{qbFd=O1o`D70WsUmTfj{CX~Uko`HKx
z)8r7Wg;@OHh$ta|?*K3K_Ia8S_MS_qgo3n%rJ)#XUMeX1lX@rE!Z-enD$Ex8T_)7;
z%B^pM2tnfzgx(2maji59$iQIVK?1YN(-ld%RP>gO$wVt0Zs-E8WJaJyKZ{9`DejLx
z(r=dE2Qs)y%H@p6BGN)}nX{2qhq^X@6GJscgO<WXvFk4_C`NWI<Ic&$+R)4#$@N%n
zn7hcLN)>{I?I>vT1~i~#Wuk`AT44M-8H<>dG+!M7rWsc@CK@AZ{bSWDkkSm%!*Ujh
zOsc$yV5KOT=HixRWom+!1~)z>kl3gITp1g|3ZWZ<L<^eDS(VD2(iry0-^&|7mo>w#
z2AydQn=4qBsa8lzkJpb`S=02W8(`d$kSDEzhxG7Mq)gG6D%vYD`!y|*vrNPb5X^~$
z3Cr0mZvtY;U5IAj7Yj=xsHLRF<c$dQv|>OusLFt{hBeB{uOYK!F^LP%#w%vp<r56H
z%xdkf7e#NX#Q&&@vISZ+>6+cnOWh&M6wjHhYoIr{A#{=9#;%jR+c2$p_M9nM1!tl>
z(~Qw*FUE2M!VZ?9vsY@270nj|Ttq31T+-6FYw~?ubchG{TEt=gyfx^y>g6i=0+V|r
zn78nOAh$yby{L7JTe6^c+gq9|?R8Wl&A^aG@VU{m5SK_mM4@dxJ#8WRs<vq!H3@bL
ztyTUh-!-h>#BG$3K>_eowlS_*&<parnu24L;qpe02|0)Mia$0BVrxg$9}jU@leG_m
zX4ZU5HHkxE&P1#EYfU^y;CYiWsW)^kl7!_zE_3@2+Xl5NCV;qtuCJrg{8L_4GIk%-
zr`6A>#A=c@E&<G5HY(A6Gt6;VjSB&ip^wvSg~U8}HVqnlf_k0nY3VCZMyH7u=+5RV
z$6J?sVKfy^PuFZ_EH&<*>iq}xTFKs8|0sNGosY{v)}W4!X7ALCH0f+rJgjS{3JYOS
z8>4b7;WW-9AflshOb0~LLOfX5(`(%5^y(5`w)et0{D+nH!A@e^rcASgs$vol+WkiF
z5It=5GyHeJ?J$nF5~4k4`b)uG!c4~i6G*d_3DQ#wp2wpl&D9ERG)Lv=gFAN9CIesU
z9TU<8CFHi+dIRaK$IQ4{%h&{1z2JFPtNc*249U^7tu{*+dc#^=9_cK@V>Y0A2lrGr
zb|36ap?3!x7~HX205z%e%3bs(&1z*m5Gr&Aqz0TW+$6YC*9H57{@M}Y?G{?MQId&l
zWRmqu=Z(?3Z3Hpe6lfNv*%_q`M(cKedUa`-^kF74WPA8*nBs<(w8qN~c2jB}HlI9H
z!a8M{ta`+=Sjz(ti(tr*MHI2Xqh!p6E)sGj0t|Uls-gvxM2ev8P6*GWqDfL=b(;+!
zK;tyNBv%m)W8qHry|I8U6KYIUvm%Qy)RC)IpCG-Bivn0RBwFeC3_S^zbs>zU+KmL3
zxfM#$g+-o)i?XRE_)>&LG)`%Bdr$LNLV*LSI3l(kq1NUqSlPir*b%LknP=;IraS4w
z>bJ0Cx~`)>Ep=bXN(``y2w|NTN~Bcr2rPhn=6KiA5~ae%QiL5*P(?slGK*!-WV5y!
zxbN2q>Fh3C8ixj9t5nhnOCcJ4%nbMjLrB1rp0mKind(a&1sL3!tqD=OOq~I5EM%CL
z@H_H7_|To6(7c)?;$9MUFG{NyYJXwNH8b2u9<5ymOut&a)Jqw4;fR+#LU%{{tlzUF
z(f{w`*d3;C&+Pd;!|Z-8t!dIE*Br*VSS~{qCB4_5uFoFAK=L~#AsEOe{rKP++%{(!
z%c%m#r>Wq{XM}DHwRRM?CWN~U(8+9<v?r%_mfiFK=0v>%?BNYuE+`E3lzeL-;7j>Z
z=4H3o2f~yfv>~8<06jOxL@*|Yr^#~Rd^u3Cl)R}-U9D5a9d}TVXStB_jqSG03}UAc
zYGAO_9B$&nO}uG(!%e)YeGWHqhlg!F)lxgF8yB5PZ+(Et8=*{~0%+Eh^s|AIjawQ8
z-g!?~<BTa&kIMQ4uI+cf$!SLsa<`dlnRD<gSFjbcwivY%C{n9<4S4@Rng{{?J7gU9
zVqzs_$7I4RW{x}QdJtG}-<o5`Oi`Z5N|xR<%kSV$d&t5*WOd}>XK&pq6XE(>rmFl>
zC-~V7$S)rVc33sJT`y<knnmJ{<+uSZ-Y;n;xyW8po`iaY>{h9qLI71)k5B07g)AAm
zS?<&jz|{WIeVV|~WzO!nD8lGq(ijSb8irKnuD;;&64}*;DnsZ^9*5tCF{GHPLe^`o
zL=e!hM;CXw_79<PVlqakxawa*uJ(3#W-Qq<JC<yhAxj=>az?%FAsLly@Sazg(T;zd
znrorWETVoq{PiYgV8bgEb5iCFPw0IlYE>7HQ<~8^8<pLTs^lOq`m)=4Ix9$-ia(r>
z&-Z*>+cFPpCj=#P_~Mp%g_|d&RwUPcua8bHQmz!UVb0~rfcTU+u)dz#3{L<D3dS|F
z_a)Y*a{+*x_C5DxVXQZ;YG;I}ON2szvpq67c-C>yn*tF;Y7+K7Vk|a;|Mb{Rug9?j
zKv+$R+J3e#n#z21$`bN(!SWT+dZEn<360^2L?(G`a#xJEF61WAS4{yo-Nk#Y8$-3L
zt?t+Boz#mH0x5#GTuDY(W5r<6nhqQ4R@3eD&3X7esz(?j*{~Fvb#IzPaE}DZSM~v%
zq6`}?t@Y%Vt-_6i!~|X&s9@VIW*pSu&3bg%UDCJS`fg5aLGV>>YlE`FwE--eFrXl}
zVTpCKB#=R_$tJ=lPqwjpVY6$t0~yL?uO$KBvQ<Y#=go#ytwbgld}-l(;hdY@K)$01
z@3V{C8RBL4GCLw~gwp?a0U0Dc_oZ&<g2^{R!TTR%k#PDuERpf=aqz2QmKRjo=sAvR
zEM+WZx%ga?%Z!NJP<M+XU<Qf9v+jk;8{V_WhVhvN7kO<3_cqkh2i}qDv)Qm8u%AK%
zNtqS`V187wc|f35y`?OlLv^?)2>z;SJ!KTOE%$Z5@O#_(m>02i17OvkwwoqgL+*P?
z?LTu+gkC|S(}%g)Zn37Dni~!nwT_f7HP`vSTDgD&^#6L?V|gye<djIB%@gMKVa<BZ
z=YqS{BhvSzp9_9R6NdSWG%GRR#B4+V4CfXI@~TyWGPm!^En7V~TIWl_JwCb2o>cWe
zYdomb;UK2r3H%mVzL=Oyt#uW+pKAM%_oiJ#P>r4TETQO5>2K>_@1X%GD~L`Lr=QAM
zW-@0tjL<<{?r5lnk{e-3SiKm+I;6-B#Bc4&$=D4}V1aPA1vA-FYn?iY%z?+!tl1_A
zvx~n~B^w3xDRPrAy%C-a_+J%DOE(^0)v7R!oXMrY5Zy*1^w3}y0BLQ*_7qtb`BF%O
z`?P*$!Z;@{D;nGMP|R8`4+x}?nzZGh9#88v+Kht<3Qrl|vS=nmQ13RB6t8V1)(s97
z6Uz?{Fz&|K)I)cwzDg-K226?iL?9i$8`;`6$q<Cw!Amb?Nxxz;Zi9MUQ&D7Q-`gr*
zyHixp-qsW-hi6Vhl^7T{$eE^-sTg2y29E!7#_}B3Zn|pbTtT0S1;dqwFCF39HOFxF
z$&ND-x|CcoJhoC%#f}gUah6!vlwcv0ikQz#1mVPSh8|%t2~!WkEy5hsttIdNoT&K!
z6~l{yS7JSyu{n-%`#tK3q<kPr+J&%WTLZ2aRJXSU&}yYN0}9C4##{B3?|`3*8F?87
zBkA<WQ)HT$G$0h=S(Fqp#t$J2)x0W%&u>A}t+bKqRjUKqe3vq`D3rlBF<wZlDEDj>
zR%fBt>;pCLkW2OmR>$)|z_&UdnY9+Nr~|S_b@Ss(KFt|9ThJ_HiBpIfU1P0drb^Lh
zfwF)S&9@S!4kTF!sYptr1<%S7nORv*yCZ*MDOy#P5VLhpXxamVO>4Gi1@4N+zJjcM
z-BsoV;MCUNuTb|48vxSabrysZJnP@I?O?g&GA(_UJagnSGcS1i<u&bQY``)X;-18U
z+%pJ7(t0Xn7RV699B1~BloyF~nTwR$D0#alb}qo16kbTA`U)pSrkA%unt6Ff6wT*M
z>3&F7q*LZCYPw&HvEI;~2PJlAZ5G=DZxV8CdxQ)m&>?3ck8Fsig$hOBIKA@U8QEB5
zN_vHM7^o+b|NHOXgoCXeRPVH{=Do<1_@2kzMcyPi)Ezzb%_P9I+Y1TSZ@j#}=W!2W
zz~gly*sHH50?||;JZ72FhdcM{X@}6;Q*yzvBp>t*@GR++XH|X2Y5}^uK>A!+L%(DS
zi-tkb2cZ^3^0Y`4&6p@;vhr@H54i~4!Zl&<@gRf=+4Awau!XcO9@z!!yf)YXl`7*l
zJ}xD1Su~HmXOStkvP_COZ!L}WLGkb_XzxNok#GM}I!O4tiiqtX>OW02;HD9tp2Td)
zvW|LQA|o%WeToFxnf3<9>*GT;A6P`On#6E!xC@cQlCbwGr{0f8B2Bd-TlP02H1o5r
zpsT~al!5pYRt6B_z9U0<&BI_{sZ*i$=dc^5O=w4${W>l`oJ^KU4%lI#u&PP`l6P5(
z6PU3%S+ZW}0u7XWMlyfkVtsVAY+h@hYn*`p=%-l2oo0}Zj~yIAA~OD4HlUK@Z2W^Y
zGxfp*1fKbjoVxnXc;g5kn@`o-$|mkue#hDUvB~%v-E*}VnPlZ-P#}+g3;)+?ZNN*_
zX&jrJO{|w{sxyooh}R=X?KvU^kH6}&iuF=?I*k|GxC<W|{(S}od&6LZ%(H724f98%
zWI2|Kc56n91;d<KBTa27JNp4+T=#Id{Epj1PLdZ{*1l*#su@*OGSy{{tLtagJDPjA
zXT<yj{wEd_+QBkR?O8JVt5Nf^S}!w^mxQr!Lw^2i!)xK&n#MVcI;tNB?S3<&Z@;}f
z?@K2Aj#UKV-*r+2c>KW4!+$Q^D;SjcFNtIN+HIDdr)VCr%4B-Z<!u-Y*T!r0qxH?%
z1u=gOyty>n3A+r1?cIv1V*HMnHuH#8u9TR|+g+f&wl_Vl-xn<ML<J4w-ES*Vkb6^L
z+}u-c`0@q0$YhbT3KVGVGhKT)@YX^uu-3eMVecp2j(eIg*UgmPzW2QwydMj)m#*7H
zyKWf|V=rCOT)}lKd~=qsSXSu#A=`C#Ue0VnPu&mBW%-c*l3mu2(^AOYfiFv37IGZ3
zyJH#CXGbuEkZj%hJgFp4o;?|p2~T-K^8^cml~vK~bAFS!$jgC1P}|89awu{bQA9J6
zFk4v6aF`X|3Oep=ABydfy_>(6aWB>70H1e6s%u`lI<K5n9oLd?&MwB}TXU5$Vi~!b
zp1<DH@Wh8CY|zo&!9oynpZCjvwY&bN&*5Vb%x_QVzM0^T+FGaL>Y6QE!wuIoDSUX%
z{>zpAgOD7cOsOIinMqV6)aN%s>+hJHUtC>ZoSoiWoWCI7m@jZwc^;D+QJIT97oIZZ
z&j5;)V>?17OlVf&C<5{T&B$fORf%%#*ZrbIWF~w>_iC)wa}MD?EHfX`Ki9tE>6DQx
z1a&Qk-fCzFx=mRK)bL9}i9u@%6QT2|`a6oGPD61fN;?e^IfCUGsQK~uU<^4K2jc^)
zh$S{y(%Y$#P1Rsr{HFTG8x!)@Cb#-EHog(BS%z6w5S9&J=;AG4w<@OYU`^QOoZp#R
zjyv0;tKkGMv2!@>HSqe??&HAI*kcq1;>(O75^0KPG>fw2Sy+L~l5^}fhi=Z=x%A!K
z6;Xg@tw(l^zuL#wZm8v-O-i~ybOEk4z^{5CM;nMOY3o55k#<}T>iGKN^!)Y3IE{B<
zQ7ns>f@l5`4Qn{s_7%H#>>nH?FH?WXuQQc&RAMO-F>l6T?m>v(VleWEjx>dLzt*Tl
zpBs%@Sb|hDE46vG2+k(>=o8<wQn*fyF8{`q;lToYK(%mCxRxwWIp+S<v_=0Nsa2DF
zI0EmgM3zUaUCnGq;qPRFnj>9#Hg|n(?bCH8xXjt8M4y@QghBOgD{I?*w^?QCv6eY&
z$HTXi)mkW@ql>k63np|fP0iXQSye!Q#yUdhhzye(PsuXpcRXQppCNF;v$<16%dO32
z>ebZ^`LFeVRdp^}JBIV|=Ispt_kzE8=ZlUWh-XU>G8&D*q;&W%tux2TQ}R7C--q-D
zmGelE`-LcBQekf0D+)&y@!rha$GQitf1-G-^~1INLts7h9`B@IZ^5ChwY}5|ogFz2
zfl9J`o)WoA6Q12xAVxD`iX<|kf3W*EXVjlxur3{T+5tOrf7Q#%3<hO=&i-cEgbDU=
zFY`~H!0b9S_K!UCfUEruJeSKz@-T)AkJh+tMlL63lgqkaWXt&JfB<Um1-Z>H(k4t{
zHv7?4qXk`_7HV<MB@|%{S5P+IbaF5dDcE=;2-k%6Zq%xev%j5Q5n5>KDFf5Eqh?Ue
zae_I{y=Q3N+hKmThliNme#7T$eyk45J5^iwvHX3Sk@fat`TbWPAQXQ`NdqVP-^F*u
zGp;yQBJbrlsJ&I1PztF;iYE-rn7p%Y#Tzi@UCuT;tnxzP4g@s6%=E3Kt8jBY{`rVx
z?B0xt+xN+T8nYsxeI$Q<5e#2mK^0oWS7R%RM3%9r3p6)uNq!Dzd;I5Y%~Fa}{qKS%
zNWM4wF!R;PA3nO;Yj&X3GQ276C57yW_M(}YnaXJ<^}5ylB?rdIc|Z<TwDkJ-_MQWi
z6q&28;5ct^IbM}HFuoz}*$D`{I^3dVo-fzO9sd>lMqY6Vp*dZ6^zbm31{M}Hw<~?=
z<jbFE9Oo}k2G5Kpm3JnLTPOyam0s*awOSgiqnooU=tYu0|LFuYxj#Jr(}{QSKWyGf
zZ%fh#^)BwL&h(EhuEh{TZ3?YrO)$Jx^HOujVe@q`gt(F#;d<H-8~cgJ#@h5YWK6*u
z&wUBfy*HU0W_sYi{YR@8e{*=4x7Ypfx4m5S`Oj@b9cf|L`kPDSZ4Cv!gI7OrZm5b$
zYXZM8CJCLtnf&zX^y`aPKsStT@mM6)!f55&#65<e+P3r6xolae(=J<c*Jb3*%Sp{s
zx8ad%x1g+h>UO<4WwTZaJdnN9sXtx2q-vr7I9xt{NZXue!sH{lqx8&?8eN{F{*I__
z#bW2+x*&>nD=vAT49o+3-s&v+{2=qmHT&0$pGg@~du@H!ebk+`lfidn=CLiCUpAE@
z3gd8%ubL7<wu(~4|2)UaWU$$SMoqPmY#a?u9W<@>{k^|>L+fRxp!~{C%oBR(7adx@
zvYve0Lawe0$tEcYl~(GS@HIC}`5`#-&a@^E#<xqh{e5SasFx^>_rCqy`MP;Vxo5WK
z3=5$|wnb)5(~EVd{S`cM)?Kiz+7TGPT)L6~XV}O@ky)ow-KDg{8U38n>i22V-}R_2
z;~t4@`e94+%X6b)+DtTQHW>-nWn^=wJ-9@VFVD9=m?BsABJWeAqyEZT1daJ^J&Cma
zHuAX6-UQCx8s1*p8T4z!<)yXf5%l{(O26CM5qw-nZ+j`(QI(+-o8H-MRh41q`v-3M
z9z4gsU<?_0;VO<p!D!{2rHAGsb~Iaal3e@?N`;0o5&JY6?-8UbN%X3S%!R=+g%#Sv
z?Gd6WrAvf?C$YHC?r9!-z@mfF9B?CcmBp+lI#lmKa2@z`^?yvcGPR#gg=pul?RS-A
zl~Yo)5zR8pR~)-oMnt4&VxcXWx@XL<O`e>bpzZPG%P+qq01y_lh^OnF5Pa&7&z_CR
z|D3+|h4d2xmn*Si6^;lN#O+ufk^eJ!`=+XsYJT;0Y%0;~JyMc$OwOI~JJ;4n)uIz&
z3CbnUW=?5aE-h!U1xNUNVFAeX9!q#fC3!HXpk3J3yumO__)aNFU<yYh;kS&;BtVb*
zb4hFs<(x^a@|)___@QcdN#-p=v|ndr0H$r-Lu3xK1v4_}S~idzc|pfv2ypV%zIj#l
zipyXM$W)AnCL)`|s&)8Bgd1$c;xdbOwe0ZNgkwfU7@d8S7gBv)WN{KuIJP$1CubWy
zU~I2R&9HFRLG_3A8oe7sWn5MD_pXAp-TYWUuf}w)&lAlEEtD8R8G0LRJtjY91nMdu
zLEYn!Lgq$;+8mFw`fe@dkXpAtW)1z7qu0mJIEtngRV#F;8BN)d=C-!LalKlg<nxT>
zXpad4jiPIqZ9u}mqYkZQj6U^}(D@wDMeagYDbtK1;lETh3>S=CUA%@Ea8QZ0DyCS5
z$&Fz(!Sx2L)Zj587g8vw=%;%&3na_J;1EnQnkFLhmlMDiiPT_<WHEu4$b!+>qEBnJ
zXt`wZn2<Al7-u}9DhSL_za6u<(0aAW5nV7M@|a<H{27Uy4vh>7JYFCPxE|q@tDNR5
zR9@`bX=a7^1c4NWQ6X9*WMBE!ebO7y4))ok2fpMQf5KNm#oIhwvJa>o0Op{;Uf=u#
z{UcNo1~NCWM{bW^8K=h7Sl{4OL6c-PV(&G3=65VaSlEUstp*Q)sUzIf%bY2!+w%nH
zkqOAicmj_Gb`8J<g~F-_Z5^{amak0TLH+gzINTP0vkwAiaF@gbU)g}c*`wdyP(@o{
zoIL~*XCM}5uO4riVN^ae&b~cDhkfxlw?*XK0+aKBP&xO6%eezM-gelW4~EY9K=_;w
zfzY`NM&}L-whd0_!y$D(6jtX$pmjbVUgv`#c0LGZ=MJcyTjF-^u-CW4?%W2wvoC(<
zRtTP3VR&vsgDr48cSZ8ta+Mzp&GW(VJRca*^C2)j!%;o^bZPKE_kioU#kuJH!fxoE
zVR7Tw8t=Sz6K-WSBWOA@RjSRcvgK;(Tw?=!*1Mv1wGUgip2uC-a^wAJsHJvZup<(S
z>_8dw&Qio!{Ha)mU-6v~el1Kl7voSq)!R2a2<6W7j`D;~6MN5xP$#tULGrN;u4?*N
z=(uHBp&=8%YoI=b`@w3>Lm5puxJLWq8)JT~?~DH9Rl=BReqp(2GWzt{YF)n9s&$1E
zSFN_suHoi!XWT~s#pG1&%7qAq-4<XVMd#lXX8Is!s#>haVvTdm*W>*d&u&bi6s&SG
zGlljIAZ5eA1ADjWo<&xHl-BIL`(LkcrPLdsyZ-ec8Hf(@*L2y_rBuG>;y4gG6@{|d
zvG{ucxu62N64v{+XXA8_t4TeT6+#c{u`fr2(P*Jnun{OZfqP0ToK~|u*OM)MW$SXM
z2i1tPS)G6h<98`ztfUDt3hfbe%*=@Zwl+9(*6g2Q{-Ju@CPH<>r5^4rTglB?gvt{;
z*D7^f9}g4iQDn|H`p^?_wIGFGGE-ccTDzW;q`u%$D97Rm%xikIJE2_cqtK!bRg+8=
zOB^ng7|^q2QX(KTNojt|;!?8;U8O5cywW_8TcHP0cyv`Ouo-U1Js6J<P;NF9<qYbh
zmu;bTgkRI8M2m>lg}@Rkpg62rggfN0(EuDRw{2s8?rD2&vpbu4n$y(BlC#xCJq^SL
zZXEUj#HiFjhsvmxUIw9-_$f?)Gl&5Fj9UHxsxnBbSD!%vRlRyFgReRQthTTuw*+H3
z0av{`b%L`lXTVGvi{SR^(~YSs6*q~_cqdA$pI@ws=<0~t>ea0;!fP#xt5?6Ch_4VZ
zaN9ydz&5586cV=H!tY_&>d~Q2-O;>uGwbCMc9sNgqf3W*j>&5y@Oo|@s&!x~l0uaw
zP`8$x*kEGTfQXf>ZI_ia?LBQH62pbCd9}ZQ=xcHBV{H$-4q@BUk{D`T-_i`&Swtdm
zb|1LZ1h&2fCjz?-DNBLv!<icGs}}a8EHhWr<O3%ta-w-OTz;&&jpggYgnvJ?SFeq~
zi#6N^*PmWp_OvEAZ?@PIoF_h6i^3&Z6r2Dia$ZgAyFThq@Qr@^%hSftUTRTU#c>3S
z4R=A6FewX_@U6f>!<|AVe;63e1766W|Bhlu>#fe+udVbmR#mjdgpV4Vu;pdq7vPK|
zG|Pm-V3;E`#rJX~k}{0g&CAZ6?6Y3F<F>I@m3-JKXvOqlsU)KXOKERCOShMLWv+~R
zSw%7v#qv}VG3y`v;byEoxqB8EZCSOg10-g4Dm#(($|)d?HcPl-Cw(tJ#Hj{QTF^AJ
zzr(frKxEl2`lBReZ$-IhILGe3Xl%P#WEw0n*1FPbm3)?%BdhlGy<GV$G1j`$ug^WC
zwr%tol<L;2%Pva{tW~cbyDc%Ub){F=9!pGczT9S?LHTpNEmD3<42go=%2oTkEHRFH
zW2I)zD%0Q4;Z}IFrkSetZa`g&^=6zorBO!YHGr*ygYo#F&+3%e1?JjTsM+Yxgk_P4
zZ4S_k=RF6hmGsI6;99hRO_sKv{wD_K*JpxTiB_AD{c>l8xl)tMs{a91w$@t-Nn-Tn
zDq}q1DL2_*nw>J))6Z~-9gL%8ab!9hrz{ou>Zt5c|JYNoRiiPzL9`KxiackTN>(3O
zGcV~E9zs&J`hu3ohG-!xb+F$0<E%uYl}D91M*o#%cjS)d-ug{VZENK^=6787&y1ki
z>TR#1L9oW=R*b#=_EsU*^{61DBB0$}6lz&0BddBZrD1gzf1^B|N9BE~cbEEp^{hLu
zvEG(cDVAq1$p0Sx`1@Z+Pro`m{NZHumw*2L@W(Oy<9AQLdityVkKaFidU*K5-(P=o
zb9M1g{`A)$vLe03|N8at2X^t#z)qe%{p$bgIndg@fM;qX@)0iS3y6U1)tx2xZs)oZ
z{S`b*zY79^OM+(iAL!t2cm3-`<!>9`N4fp=cegwi7fO%LvFuAv8#BJtVqP{s##Du*
zJU%+h^2dl(!xHX+y$*qDpKzcWu5`^b0P$yi#u^Z%hVf^CorXrKfr~qM>km<C-ED|c
z8=};PD78L)4pC}Dl-dxbHbkj~v>{4uh*H}_lp0>z8e-J~Cui`vsz9}Wr#LmKH(10@
zqev8)x)HZ5AOK~}max$SKuoRM7D8+ZV13x^?qNgNXc2RLjo)IA*;id~$1G-X`9t6q
zGu%Y!*^bF6$yvmg+>}Y6_;=iOrtonnzvW7@WQJN1&8o7=xpOHtm%|-~jOq|@lzT22
zkqc2IG0EA#j6XV*;p6;ooYB;xhJeK76#5O6F1f*;c?dqm-Y<C$n|;C}k;U5>t~UCp
zR3>nT1)EsnA}>?b?`Xnfu2yA47#=Tu_voz5UNyThWwqvnE|<BW(Sk{5<VQVL+mx^`
zi`yo}oM(6`fS$FM00cq%zL=~?E)-S4J7{x??yj<*)E^1#5mh#ouK=D!nBh2d;Lbq^
zH!X=Iw$Pq`KGFBz$eea9V*qSS36g}z4QS~!b4OMC#Pcu6LKL|ipZD`ADM6mWn`lz9
z_iIHGMx`RpPDskLLWPznaIP$W`l81%48N>wS=7M2puoS&TS{={Rst7hz2BCC<5Ie}
z6(hR(Z<Q>x%-tuFW*_)qw<_P+(a(jLu2dLQhk3SMn(x2OA2;9wTgUCd3L5yp3O%sp
zr4U_Zo{Pd;l%O^jc-r2Otw#YWTI)YrKqN44dshnj>0F`*1Gs3yrm!m#0{SnuK=AYS
zxF^`)oXxpZc^``43-!%uN+pS$q(!3mGAXI!oy4{6%t%SsJ3<}PJ4Iv}gmhg}?q|M-
z<rr9|0A~Oq=-HCyv?PBd(v-@l=!79O>X1SP8%@i_oF)|&oY<FLH>YA5&Ah(TI*Kkl
zPQ-nNP;HFN`5nvFb|ncg8GTKoTb9M-TWN_CuQHk%;M-*`?zrBZEMDuoBT^Pk(^!|;
zmQF{tYFA1XvIk(Kez=SONHqQD{4Qc4x~T4R*Gb%Yp_?|QVVBc66{di%@%v(B&_uHp
z|9#9NldNqNQ|SJ|0gdg^X??)UPCMmnJ`F>%ImoARorhi1SV;0Ulqx%CptQTPwv{gH
z5WbsGy^R2)>^)7F36ta7KZC8!oT=k{8XsR@oSwhF7^m?rAd@{ov=00Tb~SKkzpT@w
zSc!t%Q>?RSkne8z@&&obWC0L6RIPocQ%?g{5{83EE(~$~8s!H-!`l^FHlO<M*=Ryt
zh<g$Xat|Q~clz!IUVUk;Db8Zfa^WX+B+_LrQZB7nF>r1>V{r16&U<V}c)T<^z}dt<
znM!407VciB?Y9eYKT={;NH*f$*tehw-?9}10tQdnyimLQDFH@a_`6m%uD?G2R(9Eq
z9JTtGspvRj%f+$jeS2oKXY!;X<4WY=a6||84U~eBND_k;BWC1`Ef-~%y-~0CJpX`@
zlfVmdh!bfkgx4jp2H7k`Qa@Jk7d%zY#>uB074;s;Hrg{J`#RvDpV?>40KX3Y`UfLZ
zH_m#LGu4p-vJSOwUV;0$<7lLXTChy<2rav^JK)e|UF33xw~Cm>fPItmm`PIdr)m>=
zyUcj<A*dVbz6o*Q_H*5SXs2vncWjWOwHKf3G{kM^T<mpUJb(*hjX}a+HW(z0Q{Isu
z{U}&u_mvFvs@7kvP~G-MCL@}#%eO(dGV^TxVm2{<bnuxwt|4t0;eRhT56MK_?kE`W
z!Rt37XV)Wa@vcI9P8GYS;WFDiZ^;L<qj8)wDJ=&zyTm)i)2mDJ4R*CVPI)dAs-Nc~
zrQ92+u#TZyd(lqH6|f<bxhnf1rlXn2of5x=zPFnD<VS>t-cX4?9cbwODpRE~Id(al
zVt|o5dXYkw7lck3$v`B_BnKy;6U$;Ce7LOg15mB<TV`L0Ik!Mydix+@DfiZ+9rU12
zUJsHoxya}=@q1e98@hajyiDkvF!+z-m`nZtWHNaLo|GapcL6UIz_(!dZ<$ewOkwx4
zij1xo@VE00;aO|}L7n<>=84W=by}w1V6f4Yk(&jNZm%5YiOBWeGUrdhMw}k+1?@94
zt*btU1Lqwpv8-Y?F;s%zsFWh&oj|~_7r@F@iLn^O*zU6fWhZ=Ms7EzOVY~X~3F>DZ
zj@0FurOnQh!F|=0?cd-kdgCPE*-4e#w2z<2=9-zswrb~s;w`9L?(Rr(kW}`dK<e&;
zdz*~n*!p`Zu-l*Tc_+FrKi-7cCUeW0V;%oy+)Kb)mSR~Xz92M*%scxZ@cX;Cp`09>
z@H@DhnA4oy6;%1EA)CwYYPdn^+miXz*h$#(_8C&>sx3jw+wodqt9=x!3Mx)zlBz-j
zPfq^y#TR38&T{}5;w6H1<+7kT17#GmoZwE{%@&Lj@2N`FkWJO?hg_>dwQKg&mf2FF
z*->EuhMnGph79yeZw9)}E$^UbP~LgZT<q3t^X@!yf4^>y`ChZfd*qC}+2GzjLo&rT
zbHF>7t1UmgBlFwO|LR%c`#~ky7K<dn(bhAgJ1|o_JgFlnD|=tL*ge8-!}6|!v#onn
zqV(oix8zL+bh}q!jO_tLGPXW~8MB>3=-O2)vYz7{&|@E2911_TXNin$r!3}vxyyZ$
z0KyUgg0qwR6w~zPByZ*!2lUvGiQJi89MElP2<Vkl9L(s#atpe%h66GW_LfW#mTB5E
zzqHC6^=mi%;Sc&4(|Z{*4ytz=%`>)cRHu4j;xVg|>Pl!H_`tVg61GpfZ3y^P(W+`R
z+3DU+)|{y2pRJ;8e5CD8)WLVU58vrNqe(xW7cc%iy?C-#ThkijfO&wLCZ-_>8NhwZ
z^LKi6Nur!V<}ghpf<mv=voYlM_G+|6tJ6`XSi0=M!5y4<pS%-qFAjl4k<x6WPcXRg
z9I5K1z`76_6LVHkw1VXiQre1)|6H(;B5Aae%6s&cK!01%2epH>Qy+<C5Os`THFkuO
zR`!59>W6FG>EaxyXkS70X4ONzS`}W@0K#2%4$~FndfoN>Ogj0Lk(B4T$c;D0orbqh
zh&<8vM3&>#C^zv56Q;}-f$gURp&2F`b=eARU?@!A`iiG)LGQRIa_m_N^2Ge~M9a#R
z@R#?tmgx%fAE+rC)~wtO0Y>InSi{^1aQ-*CE0@cb%YR^v@lGzato_cLVpcx_?i+Q@
z@ooY?ZL2q$DhHUsX_HAlhVJOs8@nvDpS9jt`u-ChtuD{|#|+?mR{F>?UO@kyd`)Es
z8+=VOI!7bJ;pFP;*H86M0qfD_`ML+%)wb{hZ+1^>Tq8j*>AUgf1CU`4nVVLAbwN`#
zNY1PEf)yAXU~A(@%R)k==Up1#?lzI`pnz)B+c8+*7e=ra4L^AMY_|#B)8tH~njJU8
zvDKF2$(fBok(kGaZ&|$@E^8yYU^FI)n3KcrPhUN47%Ga#Nk*5;)tLO4k?&7m)%xSo
z1cJqm2OX4vt6Zc^Em+YcHvjrx<oWpd$@oO~d2OxV)hp!g`S{thF<RZ}RNS%gCY$qJ
z`tI4ZgF@$E&62e+*|IzlC|cEM?%9;IRcZ1|Dt*_%rD)!SjYIm|&CL~A(wwGDu^in1
zz9DoE1BSwA%zR09wXwW1=$Ga#JjlklPU9Fw5DYYDaw#(DE4CAM*)-1F35$xHs}(ZC
z9xgr50}<*~_cO8`jSO4GsdRg$)@DV%%_LJ=kWLet-TK9N;Jr{k5UHD-W>RYocBETO
zb^<+(%C5>;o9TAlV>cFYeY)f-VN^1b(p#<RbntE`>AR2&y?Iz=Lu=enJA+HR66j9?
z3s6U=(_Gw3*oJ~6g2wLQv@RmN-P5I3mS}fS2&U_!W(qP`%VUf?gf3+<#s89U0Rb{i
zy4(@gv=OsAmgqe{PQ@=gN$6PQ^JA8czMY_<<9jwe);%8o4bRtc>pJdZyS+C@LMy=N
zvF+n3w_EKWBYU!RKO@u8zK#_+1(zy|t8yWkkQtxN9**eEGxC0pWra7ORLlJ*ewBPg
z-iV2w*j|?Qr4|#rEGl%cxthVu9h-kO(I6DF48wNxSra**cV*4(wzjp2J^Z4cv#iT;
zIMGW5^WMwS|6?+#Qh&Bu`+rO(BPV;PT6~%$+pqmDi&h`e?qmwE!0O>X4^)dV1p>~-
z@pF6eACosinNlX^7cRm4=~DqpqXEdrn^%)D`F_DN{V&uQZJ1XTPJU#%_jGIROC~QP
z#!lItas481t-%FH3!2US!77yGB1!aBpjgIKRYpgZ^ZA_RKEpz{Yo=p~QmVyQh8v=V
z#kFeoDSgk=A|+XoPFb!eE_qrcie^j{`f5~m+%kbv@(as_p<BwRE!^)YAhBRFJ5VMj
z2+W#1i$vPKEvwHq)2%xWCFPl(*9&suA!&PP%97664OdBv?V?7`8%)h`??U=@qV)UC
z<L@|`Dv`bKM0zoAUQO1oMINoJ`_d7y+*4((HVgxiSdBx!%V&@%RAyUt74i+f2F>{V
zHT70j+#DXh<3RP7<*BWUvb$iYqWPTpJ*^KL@OV>2IwI`cUIQJ&D(gRPZ{~y4$`7lP
z--FWO_3;}3EbGBa)z-#J_W{${rWSs99sGU8kp-8g-L{T?2n64nUI<YQeirh0m_$AJ
zt7I8a*lbKfai}2@2+EP$o^F}9CIGg9?fiSQoegx2fcbp(JSU+0h%Xl`pA=mAQw80_
zU~SRWl?i(x61oA-q;;}8+<?B_j1{Q$!_UUgA)=n8OSL*8--yzCQSY4Q-BI$Vca$e^
zG2DDN7EzJ1%*mgfi}H`O>*j8c`CKG4o5THic{@Lj^3_s_W0lC`-!5<Gqex^@(M);p
zwL24JdR(V{A<I$1S*Cu9=r)@5+3AL2js3ZQ_FYu#<;co<8-rf%wm~l+1Y}pIgI+%9
z<%3>6u$}fc=;fab&k51XLCrcX)WRQBSw9XF(5%Q311ubMt*(fTA>G=idkS(^4gka8
zIFn=Y5)xp+b*Ly$plnC=oapv?2I$XcwVAi?`+)r(75N>zstUe^lJO!*^uHtQz<3zk
zz-|IT3FPAJ{BIY&+0rbQ3wq0r^b5;!AVlOb%g63L1wT~3pm=(2ySfAsSbyvC{NrCu
zZrN(mA$vRIuC@MaF}Gi<f2X*8AW^%8m<?q7-Qx8zi`ECo8VaOan6T_GC_xN%?}iW|
z8Hy;?B^>>NF-RzGBM?*i-Yi}qBY17R$c~YzDtiWAU(Hmj%1M4nck^oU><?WIbMH1u
zdDe3R=q}#l1fK6S0TfNBJ)HHo2%d>d<sw<D(1^MSazGQ;3!?qNH=R^SWrmZl85WO7
zjl&<vwTFGSBBvWH&6*di%Hb+ItVHw?p#WH#GwBchH<B16x@MQA<^mwRxW?5Zy|#YC
zW%n`mAK?*L<yw9!g>B>S0Wt6mKeqfJ6;;LB-l@x$*LvY{hG3>sAb)ILYY6v_l0qu2
zFI`(?zI7TlNToSfi()#CMCu5rV^b1Ut&XROm>#E8cdW&g%K5ZVB9|B?bu9UOMDu9D
z6^m4nvtzpCqex_TT8kE$9H;Sb<&s4sn#Cg=d0pDHs~Oa4eb)?PV;fFcUAYj7CQigm
z`94{SSYo<2sy`*-YRWTBtCc|rZb~IU^MuWj;<af1m@N~r(%X1*v-)FUe1R@{D7@u{
zu%S&wMXnVN*c7Z`Pxyw|s=ux?EgX)UREOC=&L?w*^)O{u`P4GQsT$-FIZaruQb-QU
zvCJ&ZguE^imX|#@@q;cMHK7ut)nNiRJTRAV^EI0s1W>|e%K9l2Sk}&}(30=2QX%cI
zTlH1DcXZby57=p^#7dcz9?YuRr2kgWs5Y<Kvch1!gUhV!H2#+x_&_3&R7uOW8F$Xa
za=&j_W{Q3XP3rB&YwNpsoH9jYs_1xLKGVLO7WJ*1BDtpqACl_(Zm|>@UjI3GwzPoc
zGxDzKEAQGbmeTH+WJR7mKO)ltKl^TsJ7`?-h#&qr-lUDU>%SbWO@T`y3h-2#AV~ms
z)m&SxZQ#~!YrMcty=!~>aI3qEROO7yz+G?+kGkjrd*7c;vb<$9lbZZ42eb93mB;W^
zmlqBUVzv5Hrq6cH&_%uFDEtY9oBXu#F{EMRPx|vs!g;%t#I@^J!li;c*ezQ%EMd#n
zH@m<OrgR<Uc}cZC+ab)aE4E~B2Q*s|ic!8c+o#B4mL~w7kK(dP$QrW&Sjlj8mn_$Z
zj>ThQis2+ov9j~Bd}#St3o)B@?tDA_EECyCu{`A&q&|a^wyte8%&t+nA%|+gcuo>J
zWr-vyRgtO52G=T)Ki#K>W;+eg&+MbNx}-C-EhgNq3wh3`T+lp5rqiS+Z46oOWwM}p
z&mjOc0DNONV{$>Gh5ajHbu^8c5?Q1v%_~!%e%qYz9-3&Ef){W{Xqsj3n?kGLTfaeU
z-WQN=-J-Cya$|@n++p&K+wen-8a~lpi=j5?OPh+H*EZDFGPB6`vvZt&g3q%v`-dek
z-c912CfLEGJ({xJM5r_`=$$QuBRSwYEm`!C)Aws68>`>=RPOuHY~RM;8n##SbM+Pa
zcp6UIWWtpk=%GuzOyD7VnNBO~R<f$>TTadsJibrK9dzz@JMsPs5)WfC>OAQmP7!N9
z?bdkTeCoHIc=H+WI^83qkgxr*@vwIvW&a^=JieR59syx~)A|;kj2B>z$3I}@9rrKA
zw6ww5jsc9a`U)t=6Qhtql^kO2306%lpVi~BGqR8BwZkJ>JqE9@KWO@NA2s)5@_+x|
zZ~o)otVIi&D|sB{G5pV{N;=Gogvs%Wrpd0~I5{~v`SOo{#Q*;j{{PAIFYy0Qo_+Df
z7bpMm?29k|_@`&jzWCyg&;H}&`LmNR{`eo{WIt2%w?ZnK|HsJ*T?&!k(bngrqO+N&
zADqld`Tw6t`)%n<$?5$V{V9cHxv2{Su9a#}jIh3%$Q%E5cQXF+`S`?w>^40!it_l_
zK-%(bK8{4rgw$X8scGl^W;7c8rgHngAau#ud&M$HIVeGVpZ(^RXYmViR!Ak%Yr{z(
zixrGEzp(~P%}!{R2@Iq$tR_OoX2SB(oMmIJGfWGf#4Lx-?WgZf#?SsR#?)UsopCkj
z+OtTA-<Ws|vOcv&0{lj^C_SQiE{f#~()<v1X-7^Kn*$0E{`ZJ9kQ{zN`cy*ix-ezz
zwOaJ|h96&Xb8lQGMNX5AIUw6!h#cyJ*S??Iz9rA*MMCrSmw!XBs^^QU%%hfPHj_m6
zH8PaDdxkwl3znA24Pwc%)2qwx{xGTic}-EM&&PyVNUgGoJm%RP%UmV;f}YI@ObTz!
z%{q{^3zvUtzTG>UwI)mJu2DUDqg2FBuC<|nzF@%2@VdxlW%h5f@QWFsb%4Mf6ZG#(
z3s(l-%p5dTG0*rfW#1(*YC;v;un}m5CC@A<#!-nXlQaDlQe;klSZt&*YG}@tJ*1UW
zc1uTWsURFQC@CAaW!UhZ70`Pg0x>M`0Tvr532g(<t}iAxrRAzgnMArfj+tr+G{K;F
zqybpTMGAegEM5wpDJNWF{XSAmQ?4W^TTDXT?=d+8&IQqlsI-mAWk$|u%91nMQci!L
z3!o`2N1Cu<OW-oy^@lgZ2@LaVSuYH>vMEMlR_f-p1B{0WT}x~A@alSdyJZfTZ`U2f
z6fn}`aP6CV1daG0VZLh3rT~Ej_hn)e@bn&lV&%z-FuhITqEqs*X4B#ZZ`;NL4P4-^
zJu0ql<uVVGnBjelNwN_4M9dV+41cu|t$LQN))$(yYM!k)2UKYe^@9BG;mNOuhd-Q*
z{_@Y?KV3cjs{Hr8^Y7UC_rm#i>ik=}f0s|cdiwuuYoAMa%ELe>U+E_iS);P&>SdFF
z5mVdSG;5Dgk_?~#sUzLsorq?7k>es_WAiaCos>>MiSb27f;-jO<4{BL56@tKVVncO
zK!?Bn7daU}|H5z6^x6A-k*hVD)k0SFBw;tTeK_UWE0)dm)$ZB0>$%iKqRCITHq%d1
z<y!M<4IZwGnk#($+Ppn6FWYiO=v<ku+_;hUvysK6!;8-|C>1_kxhrJ#lvaUk1Ev&w
zZp4N8mkpNUnGNqvmm<>=?O2mpO8`TNktIYcFllu-zv531=~U$E*L#|0PruswPyqu8
zJXFXy%j2VoRzDc630oae@%4o@dZqr;l+{nH$k)Eu+9e?qRu6ir$NK+Z`~2sjUBvtQ
z`?ZS)ELioYW7O%6Yb92XZAU)=1&*8I#cUHf`Jo*D&L1v&GGG2}`G*nw!8a29KzoFD
zSeQRdyhmiW%VFSM2NutS?SnPS+as~ym*BG&8T9xLXZ{Yh<U8p5U70B*Sx1I%U@ZH_
z1-JFV7^5g?auuAR7@UAsqv&ZhBq($jgEtvaPz`~BN<iC=0l*clQ?pqgaA%emd%tY(
zh`WtutG8Yd8yjp922VHIl9ZZL{P!yxwQLgZt-9nVMa>_=Gc^+V2tV(bVw>BnDPEv;
zjHgD0$strn@|fj-`3x5=ks<cb3JmQXt372}cVw!_^{p6VptvN7$mSh6w;xYG#1^=^
zw~Q@+LdyKqkH~*#Z21yid@1tMjG#4cO`TF2fx6H^Wql#!S;6cQ(V1dv(Pk!k(3Tz~
zyeq3^K_!V2M!j_kNtlL)?NeD&4C8q$toIcL6&bE8awx0}rRev<H&LK%DO@2S+1y=}
zAfiyqLLpdYuOzyZshmd$!_X;jJG$MkG!99}(yYAo=YVDK=U{$Fw1mEn`^K+_dhI`q
zck*NVXCAt(`~PH=(<MXweLvp64*%a5CtrMd@~1Wb-^mw$82o=9q&*)0-{#KyH}U?}
zC-$*?e-ju577$wV{JB4E`2A|5Z}IxcXf|K-__?q3^7qkXxuDy7{oJ{fO0k1-SVOVE
zLH>lJtb-|N?P5O9*&K}RG|GjPBrOufmj>|3VAt`?_|e>4M%Vl?9z2GF$FN5I!DIL#
zJcbS<m@HXjmTujT=*Icgj_n$KF){!dM%(!&{*2&4Ekw?LY03Yq8&KS59fXKNG9og<
z?pVIEgE1@K7bMHUKyJRAtW{;f1b=EPpio=u!npJtaCZQ$G6g2vt}F}Y4gjfJuU^#b
ziRrv7drP`(Th7IgPT8lFOTeYkU&7_FmT%c}>6QRGb(d_}vRsRQwYy5S>|WoYtvpMo
zDWGpzmiFAsI;^1!2eDr4b+u$;I7%geR752k@k}zvn7nH>GyRy6AD?_pC69i5Vo_J9
z<C`|_lOHo%AmxRAp3$7;Kepfkd3TM6eDs$hXOnXj7G1#~r?rP29n%JEzyn}c;1OWL
zMEZm^t!Yh;^vNu19}vP&lborXvpWF7MKNJ2RRUXUBpwd?yVszOu#$6Z;qR;e*KdKk
zKgsx~sJeXATW6wNZPUGGY9U%JYIO$rTiBaxn>K|GjtJwx3EpB|yW9Z0#+a_vUf_V#
z=%XnzPPx7yh#B6OSvD%<F--fIM*0klVxB{Y`s&zZzK#%|RnK_@PmW4$wPeU`?9qpu
zHNxq%{<=0tuSwCveo+Sv%zt}pIJK=)czJHDw3ZWAbv1m0->5W=>$r6q9gfCdoX$HB
z6!>j(X`Kb`w_bAz@pE?+vwM(IcD)PP1sTn|ir76?9q0iH*agumq<Gy!l&%XZTo+Qd
zt{XGDy<}a0gQS1CI+oq>Tx2QB!Z?FIPbfc~H@9X?S^*0FtbQ0yE{b_{g-LUQFJ}f#
z8dCO)Y2v9@dwE4@9Oq2RBeXt%F3dBj7>&UrW&!Q(oiAtL>h$`*iZ-~iu+;Eb&g9~<
zPZ;WT{hbQPPg)M4e=b8?+hvU+_X{4?q8}mh4n#GLYsF$f_xlt>RjtwiamW3HU}@q4
zo3(MiLX4^OD!pc8!rCd_Ube4bQ%uV-25Kcx;KF$g)RNQWo~~rckRCFsRI!ZqSE2B&
z$Du;`UCZ?)X}f;*cQQ})l~K>J<DT}leGb%sJT1{l_Gm;~QYr6S;~(mJ$~*h;yONVO
z+0&}R#~$06?W)Oe)~rqpmb1sIH4c`u+Q>f%%UK~=-oD$`&b@tj59i)?HJp354d;G1
z_aEZid%BB6CW|E0gnU+iy1|BwPkcZla(zh7h}uTt^_F7WuNfIhyqg_4NyPm`(KZO~
zjWG5^+!Lvvw`9nfED|Njp>*bUe}6y5(doI-B|n}qs`Qof7{cGBVp+5rFI1W|RPwX!
zd%Rr6g}zP-8fzUDzl!(xOfq%k-bM?_q!$FtVk@F2#jE4{PG5)Px`}X2?(5oeLOgOM
zzuMUcol||uw&-Vi4JKafj}TL7r|-LAPT?MKug$FH9pBmy9zInPhAQ@8m||NYiUmiy
zhoFf)R{4+Z0U%F$&@U7t>|uaUf}u~s(ZNEn!Mc#a0y7_WKm`lsIXyh@Uivk8<pcfi
z-hTV|=AG&LcV;K~JqDl#8XmOTfn51x<xKm!ZOES{rqQ6~U??un=Ii>5jp=KJ4-R4P
zegjk!Ire3Ss>ssc7!^K0GKjB1e6_Yge6@b-fy9^J@P+MR%wJ}5TN%Ny4g6-{H@neq
z;5V(`dJulo*>y}6jaa5wYvO!^k&B#{Z^4NGkQ=T28c2Yc@Q$qcLSlj7L_{>Py`Iil
zrkuXF_GPn-P80UGo13fWL9_baZY*J5CGf7tYScP0@ZImnYBUo`BJQslMm~mB?m4ru
z8s%ZpGpTY~uuuHsAKt%jokniI+F?1{*IY}}PjCS%lRQRqhBct7YZtdxKXRdW(K6?<
zV`QGKl!>ccybr5W_2iv-`W>dqL?TV;NU|l(Db@<hF_MTX5_!0ak>up^N*<B3%kyhu
zGcJ!vEK>aw&<lGqNoP|=*!w6cVh?MBY^bFkA<yPxh*!$udY2K+%I`y96qZ%<l!*B;
zBbUnZLAh4y?C$yai$9D{#%(v+0Q$%5HCs<;s#?D?5CL+kzR^U?%A6|A#g8#ae@S@`
z$$T@O02353);?{w!jd_^W0~~=`1j+UWATJm@xnM^86|@uw$H~WzErKM1=)--;<?XF
z+rHx0d_82>4SC{gx?G3EhB-dBaH|KBT%PYm{f+Dgduch1!-RcjB5t~H_iQtH3SByH
z=xj)sLccK|tJIfjeAj?TA4QS`D&rf&dUOgo*+MA~>NG@gCw*xis=$*FCBEA7sK*CQ
z%W;_p>hh$AK2HL5dJ>@5lW^UhY;8{<P=UplfnnR4Gj7dj(8OvU8!Op|eSmChBOn8N
z`pnqVhK(U;UITCH`-zY=GSa3T;%i<7u}fL=>VzgmZ7_@a9vsY~yU}kji?)92f!r|G
zcYH;2>Z@11O`*xaWnW`w^%1>WPrCw>-BSO?6wCb^S_wjzOP0m9-jEWvEF<4uzw+|2
zAc8|3s_>w%gLnACyIRpD!)5U&EZ^=ko)F`=!fDt{6W>%is*scLRr1${G|%X9eVd1;
zj~=|kSFT@etn;_mufVXx3{G&zLTiG69Pm*iut018MY{7$t;we20k32pl@#69Oa^uK
z!=o+ZlxO71zVq-_Ww61Xi7aE0`Wpmy?#I5_aK-yOTUpFMqc=2YNbQP1m~PXl**uV5
zvxQa@c<j41n#ZiqJb*S6NVhOe=3(@hKrJRrhY6`W?9*R@gy}ZAOWoykwZTcsCD81v
zycA&wdHcSB(}xO!W={H*xBz$6+1od7F3xUBAL4k;<I~#ZHlCn8dp>~AzRX2>(X$-E
z6UQZNebvy}S`dEMew(h`dIsc<=A2FwCdr}J=YG1ne*2IAIRf2oV*i6?F?sVA|I3r?
z(8n$NkSpdpM?f);UbN;t#mBWy<m!s3_yX;r(zIQZ2l7Z(wFWfDK9o<tdU1R_{{0U1
z0s2>9xUrSp5k>&3D3~pX@fGN-)oP0A--i+KHX{km=TMQoSQ4&C%I6D%#xfToCOl?f
z`{h}bGb*v@W=B}`ltt7Yjfg6mh&h&bh!!-PGeVQ3EK%PaMbO%HzvzO;Tpa@HzJ>)g
zz&?k{ysVt}6TJu9cB;RKmF~{_<7DeO!6^(=tgUi}kq;)93ouNy^0^RFK^&sU$>o&^
zPVsY7nw9d+jZb*UG84vS9~OXf>YxtdYv4>VN7z)5!*dJu<$UM%az;eTm16M`oTjoz
z{XUjmXnnim0vw!0;Jf&?;S6{LvZC_|#>2EDwQSZH!QC@m88VuCn4)te#lM7>!B9uK
zeZt_)nj^Hx9)p^E<w<B$8f(KGPn|t&cMnVs3?sWlnLwrmY#H!M*uWlO&H4i-@y=I!
z=do_2M56aNY!|(nkh8X&R}vb((i()c@x3$M*UaR_U@E6FFopLEmXSM_^Vte&O9C_X
zdnl^Tyq?%0Jf))z;VFav*J(p|$`GEi(T4C8?^Fl&wBCmB6t{h1yeTX^r33r6t|nn&
zV@GF0lPchppz;?BxC_IBqy5*a7}UE#y&L%Fpx%)|z1wVqdgq<$z@FCIpx(Ld6XQ)m
zpWvBfQIWIBEnj{IcDZ0>@0?4>7Dh%@Q~Kb1cj|Ouw7+Gmp25+Z{I!C;170@cNtj9(
zz=MbI=OO%gH~J0X&#m8jpzvpOJG|*rhvr-3j6&Z9kh}EX_R!e&QNIkLL$BGaPsxhY
zvsdKCyw_T<Lht)_SJ#3;FD0hvX7P#veTWR`L%r!Wpbzag?ymz?qs`;GC7MRe=Uma`
zZNz96TE6<c>79lm*6wo+Bkm|Ey>%(;rr~wLA~voauu8YL14+(vu}qkf<n-!tOl}rj
zHq4{7#!dypL@uxHzOaBxWV*6Z8%O%zw#JIy;~0;I_%4loRwzt+F1T&BhR`$L8NTsR
z6p(h;5*M&S$d*hIijPUn(-luWol5c!>yo@1>QE0?sNo8=BmIUeRO`2fI@FJ~4)wn3
z^m)Jk_)F|<J^Z0K-N!9Xx6i_Abw#ROZ(38ZK#{7chr8)hLyb1yY=<a`!43JDxgm!r
z3AYVV5^aMWq9g|PG(<^2`^0$DP@~OhgN5z!vbn*+_IX*@h8k^c;~r|XH9R)dXv6l&
z)Myj!c{Lj{7R-HGtfJF7Wh&>9M6!AZz%#|>Eg9BB8MdJe+fasWD8n|CVe3P$p$wbT
zhB9oe)A;1euwCOjphD=E^o(;h${CG;Bs`OfW|6;s&SS1l*1w2O{n*jvGJz^K_6mb}
zFtAnZRcR-0<WO;Ea5fIs{LjalKR6rRHaHvG20J(#2lg~L8=-w-ylJSoGpKj&*a!ak
z8S&3Sy>r{3-n9*OQ11rzG^lsbJ~7@jRNNUV?qC~&+5Bw?X8XK?**@ipJKI*q$YgLq
zj5iZ+9gH`V%_0#E1Km^ki)t`f^+FmCKKPF)6gn`2a?=wVX^V&@G-qVVaxP*XK}5jM
z1<N_EuAPrFUGJi5CT;1#a;dwRG88<KVzB|2p)n>@9y1jk=S+&^Zmg-(+~=OlUSx8o
zY8ODwuqqd|9a2v}1+o}AKODG8%Ck%8qyt~5Jvgy{7#wE3qH~j@MAP$J!KZ8j_~iP#
z)_GmdGm&FFr+$v)EE0L#CbPQZ=yq_f+jrJOEZ5=B+SjNH7L8nDt*@pajdm6F-vNBg
zSD~OD^8tW!dh?i*WVVygOlv0cbWGl6@Z;qAyY}1O=@B_SJv}`lum7PHf;ST{?OhtT
zc3B0^e7^u(BTz@*OpZLECC|rS{KXSl;)hLZKQ<$B+WyPwY5R|_|Izx>n=L`u{1vX+
zq|ugQoJG$=#rVb9bDtQ$ID7s9#kez=uHscFD^I^~UJgBM8|x#nQpYmqcly$Kc~w@R
z;wDJGR*9-;-r6Z$xs|C*_)J;Xs_au=FP!pJ`0dNn*NvUJ<%eJ-V3}CZJB*uS(eoGQ
zK%XhQw6oC%Jmpf~Gn!e5qo1siY`;1Ki=OXRAuEcQlz(r(@YeMP`?Ov)sO$Lsgq&Vo
z`tGPh4ae50JgUp}P{Xlh2A@<7M`Az^!|nkGFY#ep@(<Xb6M$V|D7tZ*trP=!HC>qv
z6y;p8oYOHmy`ww<`=ja2{$#&96Ghg(5DS*G>L}>VKc@F`OjG)c$i|UKk59j!T%0|(
z4D<Br@){3Q#Pomsw86f|3zfFz-w=XC0lpTCs7P6cg?e@x19l1@ZaXv`x2km^ZH8$$
zaXrFR-%ya&ev4LJM7KT|W;pFOE(Y4!Kzr@5(FSC}^|0%OWWt4{RA>@-e#VJ)+?&1p
zVE?z`mgF#q(3jRAk1AIC#kf?xjt~MHR4Bc%7=<cUHj^W^wIVC!texIP(g7m-f$!G&
zT3mbU$f+{+E9Zg*WwQURqTq8j53Q<tV^l?aW$O=$gq>c$3DZ=+pO9;jFmihR=7`XY
zP|XZ8s`wp4@4epIj{4eBPR@&SZ4woO23DpuuB*_}o60z7(XCS%wCF*L-m@0Ht;Gk5
zYo3X8sYPKUbKFSN%gBr-k{vb33P@NaMHZP3Sxj;!mm+HfTPWcb48pxJIIL&SHRO~1
zWqhKaYUr~)OHbtmb4)f3Rzu&i&v?Q@ZDTLpXB&)T5Fqg3tYhwQoY6S+2_DeekoIgD
z(!<!vG^9HSyhgrq*221wY~>52M@fe<xn_|_Q<lZvs_X;;?C4aAq)<#NLJK)2-!F7$
zT6qLP4u2(@V;@<Eh9S{N&y6Zi;f-Z3^zkMsy=9VQg3Jq=(@ZhFo>Ng^!B8U&2-chx
zIk3#!4|cM471JZ;l1L?T7LQ>A$ujyW6-B04jQU7xuhs4vm$9Hyb86=YWZ$y2SVo`Q
z<>dS&(%FQA>m3gBC>J$sf0LRD`@{eK?w`Lq{PA}`{O|EUfA{pOAIFFPk|O(cl_tNg
zXqx=`e<p9={Q5tyU;X+&r>|eN>ZKpZz4%D)4~a0>he%|KWy<P3aPmIATZG>s1C!dH
zc%DbWLg$;a3!lvS=Ir7Fikv6TXxu&3<cs;{>`ITWaW%H~#gMe+kZk3P*{_(JM}8>>
z`Sg0ajcbO-sytNR2r*9>IZH$lyMCc&`Dhg`6!@iuV~Qb1-@JYM&8v%_POq+BU7nrZ
zT)utt)7kaK`Nf-?%hOlQ4zs3O3w3%$dSv4{3=^!5j$X^MInNjpQ58z$dgRA$+D<kf
zDKUaRM$3e%naI;NlAV$zSSx-mxa0~0r|{D3?nZ9vmD9~Y&c=@Mrr1Vi-JKPPJTp70
z;(?7l)`TE{iIJs<$sMQg_PeoOm@(c><vYBHL6HhQ?q=Uz=i)Uk6v+6NvQJ82K#{Yz
z&4`Zw6aO*NSIfU1|EEKZk=|GO&tokn|Jvx7576OMdv&HJU%-R90?1^QDf%9T7MHe1
zF3nJ;o{OY09GX`!(xR*xM<k2tCi;z&qHj@!GUp>NZS#i5l)Uj+kGxHX>eM_2^Q$EU
zYS+QEsIi1Aqnclyx2tzuMc*E>vdLf|4x+H4^9kZ)h%goe;Z$@^q<yPYNWd_OkQ*j^
zciwJ?6M%LRQN=P)61E-xFCq(z1JmQy50}=|nqmfLc_j*xF$gY66kjIooKtrMvo0U4
zX`^i$VfQ29*Tv0&Zv0ITd4Fp9LS!O;rP))Lmj1WuNfIrDkmejBCq0lP!QWs*Bng*V
z3vU=GsHi4224C5vvd^3aBfjA&lZvLxpix&(gUXbPM3%-_hbiPtv+l->PaExNda;Sy
zJSz==F;%qZM3h>FUXh^cm*<WI)r>yeCCMF*Gnz`{3LntJ+U0al{~n-*doNoxfD-zq
zI%Js*S!Ny@4q0Z<22jF}1WGv7W7d);%-Zm^eH;#Wo;HdhD{j2*mPRqu#5)>fH+qS9
zHs6S=HXX^fLmk59msHAok@rD`v#<D3;X15rE_G~&O+st{{_s6GNU`1MH%PJ8Z#|F{
zD<sSNg-*S*uk4NA*bWDNW7@!P27c2tqfegSbap+!EPq^><pHK;fN2?ES_YVw0j8x7
zy#|;TrwuSI4<oxD5lqX21~Zs~C<|6v=76rt*f{drIfe1YeyX7l142ymcL#)+jy9AK
zA8Pbs8%l^*?U9t}9ZHA~CBz5zgl#AxZrUT^O#?#Apx(J-ANc2I#6Ji1&TWHw*EZNe
zy&Krmpx#0I#CX$y5HldeU>l;4{B4Lr`kbPWK5c{;LW)4g<+s<bFa`;IZO#Y*w_(Oq
zv}gzH2*?iIuS?ROOj_hk?!+zgMQ<5fp66n@WbqABq^s=O70X8^M>pXqS45axF$4&y
zkYq@V{gP?Z?yi#PF`5jVo>R@}mymvzvQ*@&F*zYAqZ!ngg3lRGc{|mbyvbiSdXq78
z0#fn+^hFEJn$z^FlNOrr`S;B?8qz+ir);ie!#u0{EBi_Q+#H$(AZmp!Xx!Ftz^cv;
z$o0kKhMZnq?z?JDMg84UL6>|2+%LQeD^wbV00&#3ClZ<DQfU%Fu%6|Ft&C6PZhfDb
z(3HlyH#95dpBn)Q8Sn|4wex<KF4d|QWWpt(QWhyP>b%Iba?9gV(}<EnDwcafSImJd
zaTuzpOF|1JQmPE96wTr){zk+H?K;NUX-zZMFHRx9iYRf*OtCkr$nhP`kMklc%e>Te
zA9FHj6p12J$6J@4rApCg@tP?bQ`PFyuWf?2c70Ow7UWz(KQ3xTSwGSv0KMTafB570
z1Z3&ErHJ1_?Oq^PM>!weOb1`u4$54tchE!i-wBTxcHLh3EI^^pL>#U<oC2w!VqnZ_
zMC?O4-CSfIl^69ApmhwAcXOuRbzzR!W`x<hHzH>8osp+<Ox|Y6%G?_?S+7KVL@sPp
z4)xUE*X_ckxu4`DP`T_>jrNr2ZY*&kBMd~2kpm{uuzeP1G|L1SAoL<p%z2kuMMRJ-
zN#2z?kME8&S9~Y*ke|OBlHiAn^l*{hk$%HPy7gN_68yhM5`1e8{6opBnnc~7%o_6C
zH>WrVszFeBXgCNeXhWWRTO0Vzz;Bw{z;9Z=^>Omt5%%S8H#b+$gVa7J>knUryq@QN
zE1-{zXo9_F2vQM-*>PsGy~-^C$wfB*()5Xc{KNbAtu)Q;SGOO2X`Kigd1=8c-*eGL
zE@wofTqzbGh1eSHo3iqzMY)iY(8T$`ZstWFEdR#rER;(1ZA2W=yXBs$XaNEzXHpco
z7qgLI`X*S`(QYd4vp2TacZAFAKy4Zx;Ts)1ur>n1vp`~zFxbXGMi>Iw=*~EJ1uiov
z1tIH}Gd<19^%}6V2$Tbl3471=c`}K7)=h?FHpu&Q*+I3vm{W&x93QtF2VS)MvADNj
z9e6%IsXI!?^~-+igo2F#l_7g4+cgAbUG}j9*jM~|xd+Bcx5j{fJ#ir4b2F}k14%B=
z_oAE+c?m;a!Vvg7<Ry?HFJZF{c?sUB4(w^Y4S5M}`^0!tSlTHlU_Ar>t#XL3c@@Mi
zWzDM-8sP20XzP1$Fxu`$zrkqR`mG0Y64@xhE1FZk$*EuUOA@~9YwWB(qIc^Bx3C16
zMYQv8Xe9_;E=?&t(BmNd^xNxKUOpB?a2bhZ4};~wJA9#DPt9;y{HcTu?)0kRG;FAY
zZz><wkO<@Q)R-fiRKZuSUu~@Ox7V)#O_3=yCUz_|gcWN!;G;%Beg_GoNH-F{HQ97L
z;FZjylA_yMGl$}~Lvh=oxb0Bfb|`M!hh9T*Tc-`hZ6C%Hw)f(;A_>D`y%tF+L7Y59
zmMN~q@0ydbT?Hr;dD;lXvLbC)klu*6t@9D24YmF_Y0a3#-`g`P@%Jmyu9Yo4zm?fN
ztxvGdCu|>+#5clP?pEtlm)SgLvi)1!`+Mhxl17^gi#I8Cze>HbIaMvMcic_tsjGjU
z*bh{g`p)Jpzkb%1B#JFe%LMghFSjO0ecnq?zT=H;^N@3i8HJ_(i>R(Vb4ce`Vtq##
zoA)5wM?A;bKH@*r_9_3-wokPmaQj62F}F{29d`R%*O6cE&v)=Q`V4s1&jjpKepY}j
zXd{Mbt9sAvqONwE8fpq!!leQ&?Ut=tkF|GHo893MQo3w>W7oRn+vTnd70WxPG=z=}
zzS+;qH#>xmxNQg>X&dYiIx?`QA#?=VC&rtGisgfP=Z<~gpPv!`9Mn6v4eDLnU<dVX
zU{8a32kjH%O+&@<p<+3<AvD?FhS22CD>V62u2}9b?A_vu+Oo1Y_?TbulsE9+8g-fq
zdRN7~p&MDR(M=<LiW|2a6!amIrptuYs;2VH4TQPFBPq%A@$)aoClGX$vHPZy#M@Wt
zhN0_?g3-O((jtMk9a_M?aS75u2TP(Y3DVT#gOTVvniTt{5d?l!L~59ivyUD*ky55|
z9$l9O>$_^bzjmLu#ojULAVISZOjMF7o1xg8Guf<fg;j8WQu~&z-X5<qn(~O`>^|qV
zLOGPt(9bq9Fv%1$L}Z3XgeEN4|Bve(mm}A7&RHt{fA;>pJ8m1<7l!BWd<rZj>y<R4
zZppdK#b=+LSKD?Ht@xrNDVb-UB*#LN=x&VI05<@(+;eii`?F90cxw^>TP??)5VO`q
zmdGNmRfVcwRVjirapL~a%|3r-UHZYp6T#aW0yYJF7oskh13vMmN47aI1<AAi1i;O;
zI8U52KPN(OIyA#t{@BdYf-J~8w8AP`Qnv7d2ycJLb0QKfiOt>plHZsAhObB`Q3hlN
z|MT>0if*3^p1=6-0%w-=_k@)H-j(#1Pc-Rf?$9eUbN$If{b)e{#81#w;O}>YbYnI2
zAHVngF%`W3kI#L7Tw=LgdGLbYVYz(e`8(|CK8%Te;H7@xmFEGV;2i*v@Qwm#c&86&
zc;_&4`?a4&@QK2mf!-&62tJ{QLG<SKZiN@#C-ijsX_QCGs~dXM#}!YDtcb%^9=tLS
zLkJtbD{o|a^Oe_5$T8(%_qu_gHlTWtyIM%m1Z)G~@_`J+hNV%7Ztdp1?Zq$q#cX{h
zx`nN2z$N2g%VbexSRnE)7X<SABfP+rNma`@McyfalWvW*HVt}&E9|WW6vkT{juemd
zzp7ray=e9yJ0@qBq2C%Lox~w2qV9seH9Ka2X2q{S7$rDYh3Ge?ECerdQz;3rG0pVm
z*gcbz&4b0`%C20yr}gk)Q=8;jGotPZfgDu{R)j%ft!vouz?T9U^?d!S5s3rxwT_x}
zRvvS-OtvjZWTrcwd3%R6H7daTr8fkX%@G!|w1~O5$h4ZHUZPsW+l^iBt`?E)ow5&r
z_DgpKGnvqgQeV^PVK&T#3U<5a_PxRz#5IR<Y01v7pIuy_j3`BfJaGxiP7s#po@AN+
zZ^2R`WWt3Hepp3Z{Ddd}I-mT%Z-22roK61r_Lo2Qg<cFW2=s$iji&w5hX-%63wRXr
z8J65l5Lslfx$NPf60~wfJj{Y2T<29TMh7?`OZ9Hrm;y4E``n&X%)j4HQBzS*>iX+R
zQ^V96XI%p|8mCtoZm_DovZNjDE9O=xFL77C`i}b`Jn7=p71Rr|w`e`hmfEz;I@vYH
z?MN%V_>D*_bVR0$DLS>(I>NU+bJ3gP@FB?!-D&L@&8}$;Tj>isDGx|!*dMOdLD?I?
z<(XTa6DAc-?qci3y~zo?ZoJS@F0Op&Jywg`>X<P%^w)}m<?1|{Rrg=>HAY%0VU}ps
zWWV*|%E^CNxwtI5Aq=y~6v2P5+4fz8O|=$wSHnW$EUU)e%L2hfmSwt|wj`C|)*uoE
z$;cWrRa&zT9l=9?*o7(HRzR?Bc>-{{(ubrhnDv0{#P&9!r{q~#4yixKWwRbt=ey5$
z)$2OD;&UTxm;dYT5aOcyPp^G-0F8eNB$)FGXr<jKc$n3@TdO366z^Zl3Xeyo=$fw}
zWOz+esM!aHbi)fRcM?HN0lxZIdg(U4-uMa<*zR#ns;nZidquvkS@iplw-(7m!^}B^
zzu6h@SC3*=qB-L|v|?P$0r&EwxRwXIm7`pu!wO4$NUr3)yOE>jE5?2N7_Q?ew{eWi
zIGpjO-&Oo5DHrT@fM!(1W$Qk#z2G*Zi?jr0X_8wY#diy6zbs~1uRD8!a{r&twJh%a
zEB5~Ng6Vs$$6`tS4+M9xQLrzbN6qtd`|!g)7A>&P6<TqvCNp3$wySCFVgTI7g3kJl
z14e?@WOG@&M)MhT0pdVy(2rkC(Hngv@2Mmwh*14=zpNIdJo`I~OKQLEVu+*W<)Zac
zEk{e4?V{TLOYA|PRdN*U5nSAvIni{=c{#tlaHk6AS{Mq7RsVcj7w^t<5~`-w^kmn|
zo;7;?<L9tZe*8lBUry08&Sa7G&jpNo!wXTWT!&z}Q-WtG$IO^)%4*8+q%C0VDVUst
zP}K9QuRA=2lvz<x7o*nEJCsrD7`2Z5Cwk)jfmT}w3CvHG`Og~b>>0Y4*NpsL<p9+R
z$)6y#q_*(2zWNgkCNsy|Q&-DalpvN~qN2!pFEe4soi$HH>I9eW>7CiVAu#9~?>?Hk
zlIo5^{Z8(Vh}Ry|78&Q47ygU4S&x3`ByM!aEu`gDWxwq=96n>l)v}+3{-Y(7TGeKA
zp3y`Le^c(CC?Zyr5wzs@{cevXk>zAjHqQ#el6D>22RKmYg2*K(uj_su)p7#EJ4T^h
zo6ET%6QO5MPo1-dfx)d;W|n@SqqAR+j($3u{Oy-N9dC}mE`PqS{hZc*Ue<nI)qa-s
z-^=5#k9W`FMHaDT-1Qc(EUQ=WV&9M>GN0}*!C13nE(1|dez6DV5xcNU?z#K~9{6sP
zYZ)(l{i+kR3_TK@y@%$E0Zbu?3todUH`VwtbIcf8JcbsJv3qC?Ev|ic3@t9(7+UNd
z>d2njZ4520w~vfBjhSOc^{(Fck$?V<_~)qJ)!V4v^>ubs??(1Cs&~*nGTt<1ju|t@
zm^NmP@wYK^%$PZ5yM36MV-VoZXdJHT2T8>4K6M9hi~ba|@qODk_O^4pcZw{&Y8M<;
zFU=BPRgP$iE?6D0=U{qvZV_Z5N%(3;nI96*=M@aF0u){Vg&MdJ3xXISY3~sWtVJMQ
z5V&@`|FqXkLU~US*x1^To`BJ)(7f*G$yQX7>4<TB{&4luR}0oV4MSK<Oc~ACN!n-W
z%#d>8QA&1IMtm6BcqJsro1*#B2cvB4Rmlj>Pe`fQQJDxU3n3-J&&s-$f`CXIrUX2w
zY^5tt+11Ix1uL5c0Xs;BB24$ixq^i$A5xOCReG{(n1hQ^b{3uNpd43*GP*FMZ*TXP
zn0#1qN%V7P$n*}qk1i<bVJ;#%_t{}9?U@_wlHVIpo=F#0>CK0o_;;H~!zM@rpe$vJ
zX?@Uda$*vL;6m{gRy2XLi_=ur``ba>WSg6ldn6TRDHdtHW}xHDTKI867gVbi7OMMC
zKI`tUQ-RB51ZYh$jPmyFTeZsHRw2u8|H)@>_4Bu8ltw6ZsZEcXEp1!GjJf8<TytZt
zxiQyV<AE{PT;qu`*W8$EZp<||=9(LG&GlP*#$0n_uDM1VbIrB>JlFznZagu`*{`c7
z%e!~(P4I88TOFNs7qHIU|NBg^E|Vqcvg>w$H49-aC%NE?Cp@z+n>ZuAi7K<(#k^xs
zCb`~LDm^g7%r@>CwmrJ;yTb%t?D_Te5EF}8hG!X;ArlM80JEHle!NUAzujqXd|$9L
z{UMmmE!TM1$<8tqvnD+yNeV^RuKOK_@HdIU3{J$Q-D{zhIk>59Ojs927F<!Rh%*jj
zOA^wzDUxMf7hQu{Y3_50WRd4wC}Uc!?O)0e7pXbSxpj4PUQ>@iJAkYxildBRsj3tc
z$A&9+7+6blYNu&vn1S_gohHgS%hTa?V==TuF$i-l?Mrq5e4sHwot#>83TIZVl5bv@
zQ*8AqEXY&zM|ArpC(Netydm$@+4OAs<hGOW_QOx6XVbG={fDYgFo@Rg9N{l-yWBs0
zwu=dBQSE%DtN$?%Lf->lE&JUo?|Q_cPhV*`Gcqcb^=3%YmYe20-Ov@`MNm4{pLLw7
zCJITySqcaD9#e%1rfAn~)*WIeYmlNVA`ve-<i-cb(G*rRiAzFyU4OPC|EQr=Ci(>M
z2JYf#e6`}tD&VrqXC21@>iwy8r^aS%j~ceyZdGr;DMrnH*gd&u=Dh;OVhBu&xG8Mk
zn<T<g(gibcC!A$vS`ufD2jSsEP6lvLkCJ!AelzMi^V06xGA}LQx9E^fGwecoV-T_p
zIb~6^`rEZ_>&fcr7~JDs40pVf*xO{po#du^vcW{`Riwp(d#@vI-5&iq;>pPn$i`q@
z<D4O4()>2W#I|hkp60&P3y+a>A)Ia@40w)+!P_bNE)1}Y17ioF*bj-Ni-i4#LDL^5
zipjJ`08B^DTO3$=aP(V5#Kw@=k~pMv7$@yVNk?I%cR@&pV%i=fn(Z-<?!#j!c8H)D
z8NtWE2zH8@_&soe0NMVu0FRy!U{pXxzVp%ZolyZ96_8N@85zN-fb6J%#0IYKD`Y)1
zmw_<#-2>G9oGZ+=yd3K>qP&L0c}1NzKZp8IxznCGQ^Y)lInwS?U!H-6I8m4j`8iNO
z_X%>Ip<E{v7{1?-@Ccu1=h&3M$z;7_kSI+LFuG@L+qP}nwr!hdZQHhO+s0Yjw)gJ)
zd>23NRLxA%>B&rWb!E~?I@yBJK`6haOkIUE3yP=LE;?y;{ACOOu3;aRX2$t$2bcZ;
z>(AgDzA7&h)iueKA%6k4oJ)1%o#a9Nq3MuWa8oB7^((!tYJ^TsUB@xdR95r%53$V_
z^2k6{tUoUvt7_3rS5dFDL$1C!{pI`RJa+=3lX*oXk&nqGhCy`UKQj3)Hxo!uC38p#
zgMTvDAOopp%Jv0i+1!(_WVf0ce~(`8r{uSr+-bjA-k*ifm+=!by=<SSP%^#mqe?zL
zkNcxkJ)XD0e<yM?J+Gf|r<eJ7F&4qf>Ysa;&?i}uEZ07=l-#*qr&;N$-!H$FO;Z46
zc0bMnDohxth!IdHxny1|jt6q=v8YzxI-mYM(&fs{%8qmOeYo&2NeFvdvZ4J-xB-wo
zMZY7P)tL`t#&mB*iH=gu^LV!idL^0r>soy8RXN^y#9InaRq<gpwIP7aT&s4#>uWhx
zVS{O`NB_YomGEZhS<~RLurzA$Ov@NPD)SV?KSNukt7eO2dg{=TSTjv$w{*EINO$2X
zJn~-V*+{qH#{eB-07yO&9e9kyI<xhJP_&XqHUXR^*x!c7C+m*~$@$QJV`a)aZl8A~
z&8cDBRKPPWBl>A`2~cJ93ch+Z)GK<5pmUeck-7N9NHy(PU8x7a=<V4Yc}(?<Ev$Wn
ze@#+wrE`#6eLe0D&{m`M>?p>b>XUl*EhTMEONc>z4RLG3|JgRTwIK1Gp(KWOcpaCE
z2G!sYN?e6S0R&l-skXQjL+&}zz(o_M4YY;D)pQ69{L28R=|k+%f7BzfIcs>u8k2}D
zsa!Fwvmiq??-d9*t<4KqK5ZAzgoSYzNapf~(5r?NT|P#JMao9;jLj-BmT6FuKtrNV
zAW<P!2*xjEFGV`#WCA}|c`vUsQ^j=^pQV8Tb8R#Oc?@A)^NFNkBcMDI?!;PLj=aD+
z<b{cx&+$on!MrWd1mrPDnhp>4WtW%gK1}aSXbzh&Y*|>ZA4DS>E<MGlBk^INyGN!<
z5R6DSa~EkaQ@@~y?E>&DITDt$-b7sDu>9DgDPDAF$$4T#gHRI>nSIhL4@Y1)ikbdW
z_^FS0sJ6s!EouGp&$`0$D^;foSvIAX6Rdf8CvfBVK!w;hxR#P^EQH(IhQ@eT{TLG9
zX?2p5q<94{sNeT4^;+ELra0%0`PlRRg~Xr_-{mLh7^!)7uo||>1zbiCei_D4r1^Xn
zw!rBlqf~f%-Dbag<5B0GI~B|ATd)-aY@ae$j03g8ctQrEfoi6%Dq7tZUX=knj?;QR
zP1OnGJO=?bxQ#k&rg8GBD>PsXX5>U~4Nq!&^ZCimwvwNkXm{qquNgwllkQ37%jk^y
zYIm9{e`)y&Ek<A*&x_)`Is#@R`5m&lHU?bEnQJhCw8N>DEDXwd@`;}J1`ag3!c@t{
zk6&{<XG*H31k(vKeuuo0Zer!pjI@V0)hTh*a8_e}^e_>xAb75c;qCB->W!EidD00s
zXVn(JI>IL-Zd?}Vyx#4*Oc)}?STKDl)lOuURQ%*5@MmH3=>+I2$aJm^Rma%Sqsuwd
zgY7#~UqIMz9j2)iI;~hZEXgYw*kY0!okzUK(vS~0eKl$6Bhf3rVoWR1&HX~Rz1l=*
z1Jys7jtc)%{9h=o#>s(IVI5ZR*5I)nvTOH_C$RyVBtcZmTeO#n-DipP9M?V8qNp#^
zeP#`U&*LX)6?;H{=im+aM~J8@74Mu}MpCl8l#UX=WTN><%xY5awt;^~7F2@1$U<qJ
zKua`Z%gW1jd5ope<Lb0I)%ev*7j&DRgl#|u_rp<C5gQ58CCLOh!~7c4eiTg}T`DSC
zHFIX*f;~2fYq|t^xKdxxG;2+pCs+MxlhKx^1+302It5Z3eJr64s8kAh4ZAejYh2Oz
zHi^WN_po@}XdJFW0+Fa?5OIi{CbwiByTN;tU#ar9hxYgD#yVCjc|UZPH|j^SCjXfm
z8(V5_AWPm)%?<(i=h>DI6IW?E;eLgF#^Q*ByFECD9K80R2c=F6pFrO$5j4l|`ZtHT
zzC{_-<P=Mq39y;ACX(3y9Ti?kF2>)O(mf|}$)pRS6uQhipc<RGqt|qZbumpNv5AbU
z#RBLp$P^A^w48gHsqn`xVV*;RRYFvjZ~12`RUNTc`<WJFmeJQwM3IvDB7D=Qx|LGT
z<SU46aPk8qeHaHlgLHWr?Pi-`uZ&M$2vFFLA8>HpwyV0^%j$1{p$&}lNa0Gl<py)+
z*IY5oR$h=9hD^AGprRBVEszF0QK))8JQ12bRHyl!q)ywUZ>NrtqNH*$4x2}+Q|6U9
z-Bj@N@y9v(o<RC7ROe;>6E`(!zZwqZI@cItph9E5?$ifj^BEW#MsBjiKd-Zny~hjv
zUJ=Wjcf;5Fhk+uUxBF{1>WRIp6)&xp8%j3co2hWXh3|h&j<9FD3xC#&K9gv|9yOIh
z4ka;CRJRMWlO#eyNK;?ttV^<gV3ejZQO)x2OEcZ1;FF!Vc|O6*Ph>Xy06iC7rG@bF
zI<i-6Q;i=>-V_%yQ6;5sa_&n@-Q+wPsyfBEEmpROe#=K)BghT7y@c_3bbC$Y4s7$F
zh#TMFLKQXI$w#6alQ;VW>JBZ1E^MYg0+wG&dB)EMBkpvb2%g<+Ipq_-Ubo9rdcSCs
z6ZCk|CZX;$i3{1{i}YA<kxszbqZ18*7Ei*-Lz6AC(U2DRSnLhGmv}5*WIm%yJj+DN
zH0$9h+8YTMZQY=&dEbBarBy&e2r1r%lH39{=)z_6=qrB5jAJEa@X;@%4SfxcAjJ>$
z8i@xgzKz~O87bkV&G9j79CeMBKEcI7lYOz#*n832i~<4(pk;8x15E$~QNU6l>91c8
z14>7_s)s;=t(6WO0ZDr$5dxN6$xGs^(&r4JA%n+XlC#}@qgw~PaW`#)I-;KOH@!Bs
zr0-3)e>eApT?D(1wQuWsA-H_?Bj?KT{Ya@9*IK!-Z_}^ofZ%$g?_&#w(}v*RY*P6W
zN0kCXF@iL=I%zGh40|8m$`?eQc=-<s6Yrd(+gL-^;Cn@r|5h+zCWqZ^WXbWD=(OH3
zdSi|NKCyPW2y`s(U|nj)6k!G(3k;d@pw0ukN&uv`RKE*OYX!p?dC3!xf{W;T%X6=S
zTgT7~BTNWRe@3Sml=jlAGRAWkXreNOkG?!}8_8*rCsH`T^jMseLkF3HTNd(}*b|EL
zG{>rLEk?owWf&;xj*X!|3!UBpPrUwGAqqBWLw}Z{uG?v0t=fl<(0itd)9Dt|5(WNC
zdGu~4jIg&e2U^3go}S+SH`cGs^X$k-0SUI<ZeM5w&Tbm2HCmc+h7iz?@&e_3R2g>A
zu&YZbye>_&MlnhN{{1O1Y_tq_J43BT*S7irPL1xVVmh1=b)ZiWs7!nE&yKab6<$l|
zd3HQ~+H$%zAe=kNLs6DO?ea{clG9B+u4_@Cm&IS2h1OV1t|90?+zdrtblSXD@nHy8
zTE^sqwOfNpucZZd!>XqYuDRkKniLlx9(!fJglYx8c>w$QtMXzmuP!fk@tF_Ar`Ayo
zHA(Gb+%H#)TCmM(8DBt6DLy>a&3{%XJw%8{0mQ^4)CA&{G^Z<@)pYIhU#82qYruZ3
zclJ51#7x}V{Vw{!bWeH)Zf|?DV47@9^tEnSiS&<WCvxA<%l-A+$WSznz;vjSHd3xX
z*24g--A6m2`9N^CBFMCJyFc8Km-hZHNjB;1<8Oq1rg@W{=9ocH!)ogDz-Ah~%Ka9U
z7eI{|JI9B(62Te~A`v}wD!Ga(PuToh5VWTO4Ty{p-{WSX3rT>b4UWBeEW@O$^Bb*}
z$-ULLUjMCP3AmeIxaN*_FtOPMX~o8lz}vA2Qhj2h;wEK1i4Gkv+7TQ%{zoXb`Ne{?
zTh{;UuwfIV9TO)tOZ0UC1F=iQwD@;xqDy|XhCLGr`cri${)-7Lc1$Y`mT1>0AqfKi
zseU{x$$SvX3L1Zg)v)L5*`^O2@HlBA1qorzif**qI2xMG=t75m=gStb1?UFv<5kk0
z44rHASLxRkUe~=E1fNAg*icx4FiWu9R*8ImNk1|Lo+e-$+%_yrzRKHzLXP42EK5ma
zq4~Sgay(E26e+F|&1KT(%5o)$D7TOW$FASmVEw|Wzji#`<!3ZP{*s99yR>FF(m_|X
z>C8r$=>|0Q`K;EO%6-K*+fpzPMNRR$PZBV36at(BIu59~C@wPJ&k93E6v~4Twm9G5
z%DNjrI%Fr4k!8=&khD<M*y2Jeotbr}OvvNm9+RaisK2Pzr;`N~cUz$;uT*c=QU!`e
zU&kg23&Yd&Jl;PD>?TO9YFQHB)1?663&))3-783KWj*X0cYa69M%d3Ql(V7K6>EOy
z={f$cg#D52nWRAEs<>mw@=QN^c1FO<2|^)rRiseng9bD3O=rn<$tPmfL}vQJlfZU(
zQnNm9rbOGxJTNo!vX^=0H+K}|1v!FfFiJG!g)0_{>W#eE^O9}hfTkTDhFye`dbm7S
zWtBwnbw0=RSj#o$!g7>ur(1C{qeOyW+yz(05BT%q=^aliMPD^Vcg+OgDx_tF1J`+s
zH7@5>29=+Dqpuh%(1C6%iNWftVbV<)LsWdVk@3Z^E)!*a^(!PqS};>rF9=LTee0UB
zqjskLinc48jMsfRbnT8M_l@f$Q+;dhMbQ%)6?(qw?$Bbw_rLq62`?Zxl&+5yrE`wR
z3t|g_zDJQNtCXL4opBz(nwap1^-N38yQve7Af(T-AQd?^C3E)bc}p>mrW5Z)T<Co_
zH|~4-_`J*cyM4X;^ZXn(;vTA6eQgG|sv?R<hNs0>Nyfw$A3}i08=(9w&HvN7NOKEb
zr<vH#G1buMA5xWB!0U0@*#q38rV_&BBLA71W7EdJhYfJlFRsW@I*XXunc-mD!+pmZ
ze3zs#oHGRbyQ0KAxQ`m)U-v$+&wN#I2KvnB$D3ww_u!9}w@=TT*ql@Jv?k+h(BiJg
zqobycTLhLwpmAggr0t=rRgr`=4x9WZE`{1yU^N?_i|aA5I@vs%4JtfAw%kZ`;W?_y
zDOLGl(*c<K^CBkhvz_AD(FonZoJtRop`Jc3s;0~_UxMW^oIn{hJl!QcN|T(h4y)DU
zMjRH}SVUFZy5tnP8r-yxch@Ne&ROyD2-@%L5ZYJ12d)xG$FIDzanf3a$pm2{8lo?J
zC5dymBRrA$kCTD#>sw)z=A<5yQ}4qolY2L-@7m1~u`_fRD-GTd@n>24SdUr1{xNTY
z1^MKIP9Xb51gH7d^^{R_XB>hi3BkVvlGEqlXz`mR*vsU8<-&&M;>V^_sFjt2?+aX0
zp46@p@bAe}*ymKH>9(wi;$T@D><%f@sO||4lak+p3ixsi6HVL*!Vjmy|0eB5`Q?Ks
zf%bsk)1FULWbAvtX>(U6Xa?l2sI15c?8pVsrOyPUyqfB>v;>yXFcxN@=e&E;Yl^Gr
zk0gsJ{L{0L=5Yr0)Rv&T7RouYGz@x*qpkG>yvP=~!oQHr+XSJ_IJ>HOw5DN1+tnuA
zsN}EkZ)NLO7(Tb!<KFfgq20C$TLuHB+!4Rr)A#hfth^E@+*OC-dXcs7g23F4`)w}X
zj%TK}YF)%IH0+C8wMM%(AidXoeIdg+#8V`!IIR*BMRJ_-r6m|{bmAF@L@be$H!-~t
z17dcOtJ?OoG3KeKJ~iSV+cdUn11+&iWs|K<#qXdRVIwsAKeS5SFL>0Zne4aJ!HL7V
zM+Z3Udufb^lJZS)Ht)Y3bYwfCJNp8-Mf`+Y?HmVm(@Sl~xLjCyGI`H>pzQcQjXha;
zI+y**-hl(nzh)4=?^`Bcm(e5`1ZXO<XPuw;js;G=b}LPKUq;cjO2}xOtFI(%kE|0M
zBBrG>(T$|K&sI&dt{Ii({`7wrL_I_z++3+igX@_F`>tGe@;Fd+KYdIYut_br!xkOC
zU7YwZ^y%W{&o4X4xk<NHO6czECtFs^O(G?-J^)vtq!C;@F8_62Xq7k7sF`gl*K2V&
z;F-PbTzkOz*OsTvME7@3qhs^gmJ;8cN1s~lv;P{K&1!y&uC%>h=4R}8uIStUwwq*H
zfy}5J6EqPiH&x+-FF<H0p6%l%AUkhW`|PL7UCc*CF<xi#Bx`I{yMGZb2Ya#kw7i~>
z-_F9c4Vhey)OZo*fiNkqR1-<&OmNbY4Xij@O7ngOWrjWTug>I+NJB{jrw>#0JJwTr
zrQZbKQM7FuZC)mc3r^93NNx#BuqZ^;7~$V`4TO4p@>TB{wu+Z@wmX90da|RYn@jWC
zXE@*hx-wsJ$o}0Zn@Pe4i@{kn_EoN*AM<DE%+sF&Y$bxyQ*4O|RE?eQ+Fk>kZI}HF
z+GO$C0ZcPZZ*!Aef&_p1GlGc|t%ZBwExLB%l@Du}K`=LCC;J6<0-sdxa9G;4ehCY5
zJM0NXSpo9TKc83n9VGf*=3qm%L0p9=u|nQXmSZB?-L+co8+&ywNH?6QH&?c{r3B};
zx?U~5Y&Q&@8y9YBYSjYY^>l|@QFe-!RJqoP7FPo{kVs)HUqvr8w~(dHWAf!~eNcve
z523NGBvRB#+%m$DKWqw8Q*Fp1qCr`<x0D-$Y%{;d_x-Zkajzfi56{P^)ay-R?YHBv
zx76?M|8Mj%)AM$D26Ju+wFA>4Ktc6m=NjZVF^u-gO@y31!R0h7N&fi~UoR!e6aD{;
zUaWA_%zKrZltbZ2qS?J#xiUZZZ;zKtoUWZY>BNLQIu4>JtJF3b_5y87dLEt454`Ep
zq`ArfnWf+-NnJ`o{%cv=Unp^W7i77c3MsrIvykPl=MiaL+_Nl1KsX0Tsq)HrZsdC=
z*C5A_8;0)~2#FvDN;D~^Ak&J3f7?DD-+xWdP*&3RM(M1LqA9Z(8m~hIx$;KZ*+M_U
zOn6&3;#Bv@E_}vY1T7ny7DoljnWSY#4SRH^j<$J7Y8^<oT0R^<JzuG*OM(ISRq*Uq
zu3L58Bxn_;Pr3XdYC?)sN+Ka52hDQU6HbYI0M<X6u50apl!+m%;1YN_cU9{3_gGr2
zsvjLGVkIACm>7aTNm)9E&E63uo`$8*79VPj<b15Ytt2K~JsRPCN#d4@qymy`{~rFW
z<W9TQX7p~RIBwHH1uRD2bV61N%1$ORt8MA@osB$v*?2;jnff2f>EV6-l)jTZ^8Ju;
zb`e6DK}?H#x_?Icv^`P0@c#&p`dx3rRGwHJ?G*AJw+%2O0HY7cKzSI4(`Fnhn&I2g
zEbUn7a~XKRBf5Sfr)uobr@6QDM^$cvFw3#LJ81l<(2^6|lzD?~Tys9GuX6)<xK2PL
zaFbnr-tUjn)nN5*JDMg%<(Htc`emAV1C?h<B5t8pV4~TTnaQXqzl`Txb{yNz(n(y=
zOQOqIJo%s5l*f6)hOp1=l>j6V2wH-w8kZlxTM;5t&jrl;B{xYqM~%O26hKUc8)R<X
z4IQg2k|ACLfK<*qv8KSDo(E8pbtCp@qC{0pQ-Bk4QX!+=Gm}^)WJ`9W>Bm!-6NXa)
za}0B2^RK2$NH<IJxp>Lox}J7xy@0}l{wA^@?9ULeN-3}`z|ns{AAXW)o_;cHGTYgV
zpzPFc2KF2v&m7dqZ|E>jF5jaPcHL0dol;enP#X{wOnI%KG>g9&OqZPp5t_Y?FrKX=
zj_vvXOnA-l&x2a6CZ*_))v5mP>*lIpua5T?qABh&9_f{()j-NL<B;WHr<s)|3_v_}
z9gV9cHYs=i&LA&d+_D9ECLm1DhU$8cnV&PesG9e*ok?o!Fu$?jI<b#h%B-W22MiU^
zONHEIl2@cv=V6pGCuNx+QZ#R&mkj#C3#_2=G#8k!gzu)Ay2`Z39&>En6{aUj;L#IW
z?jbSK+*47^gp%r?l?NA=oTy>Eodl&~RyoRG6I48hg(r!Hi-Dz>tQ%nBN~eU8(HUA<
zVqgmZY^|O99evoRAyS4Io!Ma1{G&)KTGs`?3>M9%*BA?hBnmc*R8h@IBv|=Yx_k6o
zf78ppW|Y(!sB?_n6Nx^u5%Z=A9H*JCFf0iqg6H#@Uy)$wQFlz)ILID5t)f)1L{pNe
zSv{EXe22xkjiXJ^$5TytZ^+Dsb3lQi3hd4)XNKcrjGhgdcyXOF)rlqTL1aV-WDRpb
zZYgUjz-9mJO9%8(d_mcdJT*zPKP(rJ!{t&;F{Z13%qx#OvzmA(+#TA=GC6i_jCs%e
zmC##R!kIsHhh@8fB{MPtq&rsmW;Gg{@qirvN+G5JNXWD&P3~)2M7rFGiYh(qY9-Rj
z_ORV`79NN^f<MppS0wQttIc{*9~kughuC$G%`LZj6iSC0mD=lj7egG}`zQpq3oec@
zDLfS_?L+VYwq<kX=6|kHpQ06xlFS-aoJFSSbgicG#!0YRqr(4!#7u=;FfkTIa*}{=
zjSAS)R<ijz%0cvPc}P{Aqu!%<kq~c>B0ve_SeE4kCvow$k{iPRhkyM7iy&UpzWVXx
z8bXIUnOneFvP87%pokBTpu)vOBn;4|5PGHZs*Q7CZ_Hv5w?XxWha%R?i_V2MjgCLF
z%-GXA0I_ERs#r}V*1ctZUsS*HD$`Jy{wV#*+HC2sRWmpkye9?t6cAH5nC!+JUV{J}
zy%y_odn&B}1X{pY7E|88=c2FJgw1$v+SElMM+r2k))`t48>f>;FR#F!?GknaRsE!-
z3oZeK`iQhY#;gg$#DlM=6C*O|XCh{&;H(rXp@^{mf=)(##XdO<MaJ2<afG5$cS2&_
z%L8giJe2Va4~(h2ck|rGoEiry_2CdI6Fc<i3`^5iHhoPeUealaV7-oTDui@cLb3NQ
zY+C+-l4DDz=J4)UmlfS)XJ21YTNjc?ltFAl0yGgycp7LU*jJlkH6TexO6MA`rx@-E
zIEx^Oz<!|gxv^~IQR9{j>-T0<tGEwA0btSVf+v9w_JhiA0>)%B#~Yk#xgf@;_iXEm
z9<4S2VfLUKRB1Fei|FueTaO7g%^C2VHWFyHgO#p~6u{tP1ZzU6nwhtvhExMlzEs~^
zO<X-U6bc<PkpgbO1)p20VsKjogAB6pq6w#;?wYGcR(bdc2*WqA{WXTTi44AN_C%&z
zkpBJ052xIgX<BRIFB&EQwUdEm|NVmzJlCfXK==rAxb_O~jGuXBwB#>}WB$KOSz|Qk
zTp3U_Cp@N0-t7THp*LN*aWsfk9K+Sk$jn+xPP^g!hU)rmmHF@}iEZ1T#jNNS_%s@D
zPeu<%SJd@t7V0;&T(N0u>8r&wWs_u?g^#p!i(D5j)9!=9fai0QhOSm;T4roC7dLq{
z#Io%wwY~u?RbhfE%wy9I!s6PwI;Fs?yE$jwnkLBpIW9}ge^ziNT(}z-LHZKbHq5I|
zJqtX=(i|;Soidx3p5j<+_L}fm%*J_Aqo$XRL?{~RfGL3Ag=7NZ(L14HD?#OeX8%Cr
zS(@wnJB0q$6->PHe#j|iS#I-I3sscp{+s5w>Mo>^VQ^k+)`f!`ko9yzsetD0LN9j-
zw>QXU-N=r*U%^kSWrX+Qs`~c|tk%p<^(7s53^VI7f|mKt31A1{76+9s+K{G!!#mP?
z*U?;8s5jVrCwpUekiES)!u91|YWL*TwHWL6ekZ##|GjndSg7|q))TDf{5ij8JP@V}
z{>J}3@?$TDzc!t2v|dqZw*e%cf2^*c)DQj!FnIERt!Eaq1N0qpJPq}u960^+imsjO
z#`-^52rjDQ-A$-($WHaL;*r8==Bxp$4olo+XBLS(HUmNMjLbVu+@ta_jLi29%~RG&
z8Tw&e`#VVsjJS$QMiiI_Kk)vn3UI9)^N22;URkoC1c9n;3`Ws5*H|X#vW^}mV;_q`
z>x^1RDvB%Ewh)RrSt?z!h#i{tv%S<K&`#IDI%+O=Tfu<t#JE9BJUFu8aczUx)_*nQ
z00OzTd;fIe8wS2+gq^#pl?;bb$w4wkNg|ooz(JB9!wU~bP;)W(;WWf+JBh&@CppLv
zO%%~D<<&(-!d%6TacJIM$-Zu;uXALSkf9y9VwLTPm4@TG1`av2R1&alg&{8j$-oLx
z>zI>Sp<!Cy3C@>SfW-@EhgXAP^v%_%_3J<znDb9u_#@3r#%&p4V2LxwF?#LxEYYxr
zKf7)?#D`#x&BZNk0D<jDFKt;dZtQ_`6T7^)M#>#`*Ve2oc)=0B?HccH*pPi7tq+3+
zyY8$G+9;UU@j${fNaXLiQZR3_{?-ijp!a`s#Y$M{stpWWaW-Fna6j9Yj>Q!Z!j)l-
zqwi*7@npVhLq0bLXhhFa=E=C9J16~Rd13u{(7B<baB%7^$2!=(S&LcA1%v4t+OssW
zBXIqAamD#}1k`W~19Ar;gj@-m5n(<lOuzc8;veCq=@X<DAm_nn&DfSLg%Xxx%B{-f
zIBh7!({b~Lry(N4I`Q*+BEHjp5{1&A7n83BpU67l);uL9XW*e&yUMeO2ZX=rv1onf
zd8*aT_~SAEVhYz92~A+M+2To4l^>mP4N6WOED+KO*R<>%Bt29tQb#zN)^RALpxD{c
z>qRp=YpOX>Mb@h7si3U4!5TZdKc?E#1ityZ<>!vn4@ROYO+L&mR#w)Kl$>)Ua7UfA
zni3cxN_i_^qy{pI4&EU|VvEPs#ic+vCsW%@p<GZl3d9jZ%=DLRo?il%r8&%H>nMQ*
zpsD~RY^?bXl3V-@ebO=()J&*T6qMfNb+=0B8!p7mR--COM`M2TRidJe))$s}qM978
zdF`!ffn6F%dqr-JwRUcVPPGz67}~YQ9So_9WQt@Qq*M&y392hk=V^{u^oRW28NK7X
z*rHaaDRrs7ZKm?XL9kPAw#3tvYaS1fl6)1s0=l)%Que2>pU9Y6aNSiGVTt7VqzXtE
z27}deAg7`PTcnKN#cw;A|9R^jEvBl_5chT#jh-o+$3U?yWP)5jjl#@UC}gs97Hwzc
zEEF|cI*qbyna61E9mPA2s;J=zq#J+2DiyKH>`?#BW&F*m)+?Wx`^k3PhUNI6iqpm*
z7GJd!g0*&V-=p2>Ho6tP;Tmy<OFMdm;uYEPv;8@r7Me7Db?>wJRRj{=LV(dSu@$AP
zfK9>aIHHUv-)`CBsuT#I<gBPzu0OybcfhJaB&81YsU;ep<d3j?9cI+^B1MRKP`sdu
z5TwtdKwr{3l^&fLMqI(sUVp#tWOD6A@7ngLa)H7J5(B|6L6xZ+#-#QYX*0nO=5=T|
zeT;8=C0=?8lGUII_N4ceA$Zrw4$7xrI!bAl_{RyAhT3(^*sb?P+Lh+<TP$Ua7ITx=
zw2{eX%G6AYDO2Z2AF8PNLB0xcd$^=o$nS>s-$@4G9YD?+p%U|Kg*^3Q_mn#LF>4In
z^Wg=q;Q>cA9-bDc0s?`5;6@u;mI<j#c4z?;Wg5O<M{ij9i3!5agb>|)JZjUwk@p&$
zmxqQNn=_j!H>-VS1*MsK<UO(bwOVKOWOiAff2uNFO`S_AiQ+E(Qf<m4giAp`W#e5x
zkBZUq@cIdoC<1Rn5Ut2SvyJs7j{*)_u?US%?01@-LzdmE%wZpn;V|~0!yACEatKQ|
z+n7$kSEo#uF7hHrfYs}PSxPs2DsiI(Pk&CJ1G1Ykt<HSN0M-+^EPiT=z}XVM)?sNE
z_$l-Hfo|OJl40}zF!R(DGBC+bCE|&iX7$J9Y-Mu;tzIZ(amDVgc`%pCHVKWgTNcp#
zi=W9d@9n#u*!ZjSrOU_;BUAzxgAYjV9z^r4uzMN{D1rwp6pAGqcbFHJPtJjkL-V`G
z0Dm5R(}S#pTf804>3TR3to(U*x?BDJHn<JS3K#DUsR$1Lp<C<=S|}#9>=u8^Cx3(p
zCI8Ppvo4N1fTXv*@ob^+6St}G?C6YOYk|8c?K^_~e2sY){&bCbwmh+H+$n1<%)<iy
zysYlUL9swYFOV)5JLZW4p#!MMo;saOoVhiyEJ-ENI|iE1VpLW5dWWw4JS!);_#&3e
zLtI$KyvgqRDI<8(ya~K*;iSGZMigz}yvf|WXsSSEG;N?NmJa9-D{bJbdaS<#Zgi#k
zX0ySp1_B@kLWdz+L5;LdJx)$rH2(B;r5d>@k+^GXTFlN&9zA}@fx|u<=!or5KCc4V
z{UTbc0e=cY$>>_zuQJ2P4Uz92&AP<6KPEh6X+3NJJkHB3OXLVP8vJKy*z^))2Tx%$
zgrdXCKl452rrdFH(XH#4S;QmX`Yq;9vaKiicg)2Ob4q?Acuc7I-~fBk@4Y02%LpNh
zA0ewp1&eC$v35xv!mKK&aZr9<9b$BK<j@GmMw*wE6b~ygHhO$?e?85+s`MB5CDh+U
zjgJ!YF_7Xx{RS1J+5Bw(HcPVOsaXWqBhK8E)C~NORhfMAFE%<>Gb+j6OBTbUI)L%!
z+8Lc}|J&7wBx@dng|ko^>wiLKf^XnIOw>%d?mrQva<TiL{9(8fauxl5pZMkW-zPGu
z4%~4+a8(5@hCQ9pgdSiS%gDo$haTjgdNbrZvUlse%xzcPG3AlQgjyGB&g5mV;})ni
zX9=)4bTM6296?uy9}uiV$6_cWjS4kar7*1wVOZ@)u{Z$QRE0B<wq4*XrR~~E+q3<G
zHbw!Rr>vxHkygJz-@)&t`WM4O+I(uQC!Gn^nlq?6zMWTbLjR8e_b-FMkqmYsG@SqN
zUr+_>KS=v`PB;*YrS_jPqU(VEH)&ose&-N3ZwGYC?_~OI{QBS9SBA>}$5<W7tSVfo
zIku8C<|LM#NRS7O`)1KAqb1;YQB!y3te{SXa_X9%dxN^1!wUx|2O$YE=Okoto0{R^
z9`byQKUC64JZBzQYoHYp*Nf`W$?j^$mMbi97}xB@ok$C>VW@Tc%*1Z{YOa^`Hv2~f
zzWz<X*q@`@Uy(5aJcJ4OCJ(PhcOWRkLqJW%AIArQRlA_DF?1E+ji*U7f#z(F^buvI
z7|Ay@5#rMmvSmSnph4*I@<;?shME&L+f4QEC5k_a7ii}JRz`f9P4knYOfbN4#PY%&
z*sG+NU2uN>Th>O#3YZWRS{DE=ZI(kz9CI^^TMO4*dAchcEVt1A?P)x#n}N%yn<L=9
zJhgE_EY4TYjW~w5*#CR-q?Vy%W<;LiZUg(4Wrb6PySJDw0NeD-mK53SRPh!?K}u0P
z>Aq<0oq^RzgED!tw6xUYZ7At}F^R0<xl*a_qkK`cSM%o`S@dfKcCY%)D3#SYr(eP8
z59*fI>>5RLAADG35_l5S1c*xJ*&eD)uTK4HNZT-QlQ7MZ9${ETJL5?}Z3%dH18O91
z<|QVy(eoA8!ht;W82fY|QHS>{X6*zx4Edo@T1J5yc7V%qm*(a<q9U#BfQFzWiQHR8
z7z@cu>5KNJLQC4|13N>3WKIAz#~1SVBGX|e+w2av$ccreR541zROFN@K?Y&gB3}5M
z+cc81n1*KnWQK2dcNoIMfRockY+9xjJ2qBzqd@5+vQDPTyk$;8-P+8zaWk`Au4$H8
z(V+EqZHV)RUYF)T+y-G*3yP_`KoIi@X<xH+pK>ORQ@-Dzc!Bk&TJ|k+J{$GLg4-?T
zBJ^xSgE8jV_;2Xl_`gT!8CvD}1>|$Xo0eZ+@tIUA=sd;Kh!bzl!_E^2+(kp^bJEXm
zc=SNBx+Th-;+ksc2NrFW;Q|B6M(Ep6*H1;ii{+}9{3Ur}#IAG1oK+2HtK0PWwxn+4
zY1ac%Q^}QcHZxo#g|I8srm+{<^~a2XO{y^P)2P`|;;||<g2_)4bsMAQD!6NAr7Cyv
z1I!w77Kp1r+IM(Sb858_Nq?0#@$Lgg@6CQ!i7b&RIGUwIT0uAhO8f2&>j;*5FRkDs
zsWP@qN*YZ^jfkg)sd4yf5)=~f`PD7*@-bO+vOy;-4RCjc1o(Ut3n`m8t&W6PIG0tA
zB`UZVF8D@2mXYHGhJaOs7mhTK>v<7;hRLd@QO&7(T<NtUkH6FtjrZHi*zo^sF%$@`
zI$qz?8Q=m+UW<;4A|wk^q~a|CUGnz*j4Wavu#AU2J0Lv+O+`l69lt&j1L>Sb7|HhU
zv_rCAXK@e`jhbcsjB9Y@Om+mDIVpILkh*`m#C);>j(a`;Us@aiSyOOs9WF9G|HhW)
zG|Qv>%PTHcXc&3N9$W`kQu^P+8VtC8w7Sy{4p-;bTWxB{gTgxLNO}_1xaz(&9m@~b
zV6?+Ipj(gU^LAaAL9Y{2imG86G;bND1ljpmb@{oKs`ohfa9*zWyU+8hiw8BjcbPiR
z)kHTAQwj+Mg32Vq7O&7y&)(|tU271@@nLL(rWU;m60Lq9ka%vb#K)qVP2wUz<>TOn
zthLyprL1TS*d*C`C*9L|-)D>{{<tP_>QyJNqedjNM_|xRDKyEi3E&gk%VrB9$3bM@
zmnCEn-q)(<QXoG&r+$~zsd?tY$-EWY5ZH6&lGEUCRtYPpRVm~dY9cGbzEa!ND`1F*
zKEmm+q>w+#8H)D#;%5(L+A{Nvj$6{SQOv4PD(c(gN<@dG6sqouT$QDwG?~QS%>&fg
z`d*x*N32|5OBuOjZQc<L5IJKc;|;brOs9<D^vt2wJuP$&q2D4NBQV3|s&Ura2$6lD
z*FZ++tqE?8V2}Gx)60CcJK9}65RQSm3x8-424UXa6zNjIodR_We6$HeupVzBeQ6Pf
zVcxwq21)kYf9s6c&@x0}J<5qjOF{30b|d@wX$RD~AcwkJbU!o~D$aCwPbJ5LCO2%>
zqFd9<+A__Z9zeBxBe2Z}S2Yff@$Ncw{%Q3>#TCc4ZrVv(;E3yxDX#ocG6RHcqhj!U
ze%^nJTxCQ1{iL>gE;b^a%w2d~`lLYuZ!Y?*h{}@ya~oaL%!Tl+Zic`oE6k7O{a7|}
z#QGA6mqW0-As`U(-qD)vXDZRlH8*6^KMe%KjY37h<f4_iEd7Z19P$v&`y~8J5V<F$
zf{?HK{Q{#~_1huXU3S2FFzntV2U;O%E?37wk^OKs=a_>n=UN!w#eR74V!XKecGS?d
z_TN1JwBtR{)t9iD*CuEhu&Fsu(}~bU!=Ryn!eIZLGC!n-e6io&@N1i^A3M9!n$N`&
zo~aZ+n?2jL=G*=iZ}^%CaK&m9^)(ah1j&Xv;*Ax6&tM&bnz!|>7494+8akNU3(VVw
z8+U~5G-Jo(tU^}^Z>y*8E1mJgXslHeHt^X=I}fy9_$15wk)5-7lR{ekSlrw5^Zwb#
z`|)spowS+4t=$HrwX2$dA>7?hW6VLE#x*n_fKrX+lta{|2dM?zY>itaNj=|h_%xeY
zjGQFzXg)FFZz|}A?%s#z!j||jJ?oK4F%I4vwR;3@8$vL+EKvx*22p_&oUmz7<mGe7
zUlpxa=L@G6qK~7P)-iKS3z)=&p1gdY@WLrR=}`R>HbX}@w?1`A1nmZ{mLXQV?{y$U
z8-KzEcdQVTpw)e^h};N;k6$278Nt|5z-li$OBXL$K=d$ak$}c9y2;y3NJYy^cAZPC
zmyp~8DP6P=NH-?&=C3|*^bq1)n7Hw1r1*9LmHJd*f;IY2qQh-lxn}GFho#dD25o22
z@n#UjV7k!|MGGo#L3>IhzWOOxkT)VGX@MoVo}o0&W?L8=&=_DX{%xyu2LoPuHNS~t
zijpp=XDKu3@p)53mhU&F4?;~Zb*z;FD+gN`VWM79xUTfn5AW-<RF7;_4-e<dne}ah
z&X4om1CsCa?)Bn8Z;S8S+1uOsaq*?Lr@P(z4vOddiA=TXdaBo#=RLgZl_X*8?rt?#
z#HF?$gF*?3melk-mym=I5Q!4BebS@du_50urkL3)sG3(8xgFMrJz=bG`q{;(b(h6T
zK8D5y2aofaxAqOeyk|^_k4Rr5O5mk=!<-wuWvBfv&tEzUd&8W={nTv0D6`K1`W2vC
zFZ}k;JM?6>FMsJdRg7Z}8ip#*c7kuL(}sq6afTCbHl(Y5(GBJ9ljU3IoJR`51oR;A
zz>EW7*!(;KEAK$_EQY&XWX4iF45CDEZ~&t`Je#p`s*9kKY6|aJvF5prN!pugF)<Pg
zSuz&yqwZd(Z$UFT(PJTmj++w)5c)n;3u_aDB-BCA^NAHz@4vh+^=qwenCiuX<6)39
z4P99Wd>gD>HP^ZCEwoaAq@1uk#YU1hDlKcJ{hM(yM6x_S;WFQDo`A7vq*fqdo31n*
z{aiSQ2F`i*dQ3XS!r`5o0y;EfSsrzwCXfV^WFG&LAPOHb&^1?Daar|qOFj_O{t{_h
z>8B>h)PH=K1Lk{!>4Pq-I{Jsu&Cgs1(5^zz%f)<YLcL%#$a4h_=F4U>VHDPH{Tt1Y
z((E9VU!C_Q5fB9p`^vPk!=U*2QB{+-=EjEJs=VEbcZ|ujXmRn%bIwqFQ0qm!3K*lL
zroy+>L<PN_7~Mpt9OFzq_3a_*5j7~P@4z}p%Qq}g*FLB7Ch;bz+=UXg3PtUjXmz3<
z@h0S<t0ku}K(0=(8tAffRt=>4z&cZUPA(QrJ-*M{V5{hWVKeheNFXuDwxY(_r|s29
z*TqoY$2k+SPtX0C7fN|W?FDZyGg5K?MZv1A1jUT=$w>#vrxTa2r?yBILB&68Q;`dm
zz!#PqYuL;;upPsafN8@R5^K&BcdVdQpH4)Ere31}8<=Q_DhjJnC7eg9v<SG@<RR*E
zfYPxoF#|Jb^_2)|8>W~F=W&#zclWT+hD3y+nDlFgkK6#aiu=IHAku0lOH~woD7hH&
zD+}ABC?6e^cd$&lJCZ5%BTrA^v-b)?=pA8P>aA^mhp(Ajr1Hs5_%P1vrIhBX`UU8{
z9y(T?3vI_6%OjSd-H0zp5(Vsa@gE}fKn3iFsK*2Cp?7C{n{GS38PZ@RDTqpMJA==M
zHFPMbhHNG;+OgIxugOb-9A>QNc~}n&Yv$skAe}(|E*Efd?J(R6q+h`k>d{vY2c{<=
z;+&Jsu+Se2JOj!iWQNN*63Ejs|6q+e1`vx$?lP93_(BN`6wpU8MZC}N)rOLVl^vpQ
z32poEWGgujHm_*<SPw!CiB|<H)7j+A2US=Dc|+d`rpIwtS!2U`-o;QxhJ_bQoSZ_t
zChS>&OC`;-aOfarl@~jNFwKzu5C)9S*z{j+c*zR!%wgi@PB3YrtZZIuF;<<v{V#NS
z2XWbuDkDJ%qpvw7j03IG=RTDrwLi!9B}K|4AR=1XOddUuEo*$<8vlf%qb;kz?^f`|
zJH+f?Nt9Kxa6ZsidmugO4y<_jCs%+{7<P-p$NUGr<Hk}CLly&?;vI_SIxVY^{-x&V
z+wo(LLz|a?qZ2dD*67q#O|O-xo@j$qHO4X+>KQoW(X>qr2oruc2%(SNpi}MW2bn_Z
z*KpMI_Sw`G0<DL_lY9kh;4SQoc>vQpT|xoj$<zQRe;cuS0z{i2Am+yNsWHujkR9+a
z$E{T=PG8L4U1I!=RmOp$#P#MzK15l!Z1Zv99gpA8<Dv&Kz7tkVIs2hd9HPTu)~>rG
z;flkC*_`6xrk{or4Q3e&b_ol5(K3P;89bFL6CveXi~O?i$eE_r_w;H=5z{?~!hB+y
zaVO6_&+CJlp3mL#lJla%0JKh4FR!21*8vlFOoYZVm{BFbHuf-1#)_P~Osp`~=mtfP
zA%nf<j)kb^nN9b}7xttwX`R4xvD-vcoOj%cNA-?*r?gV47)?imxCwooD8VU2Mmz@^
z@H9BJg2nb)=`-c;elt#Oh)&j<_6-LYbDDnjFBDMBMh|Fpq_z3n-l%PBhbb!G)_?O?
zR)gily~pEQeU&p#-CKx8Se+iO7UZYN?qA0x0Rmtr;8xiW#f@-2X4O{jq@H4qDxh>T
z_Kt3`B9N+7Ri{y=3M_ZF_y|a-zznu^PRH`M9+i2jCX-QZR(D*Lxzh~OecYP#iLBs#
zgc7<L5JG4D=U4MLUZHkblNB%LXdcmJYqnSCXh2RM*%nAC1Q=sqWipRVJAyN!JSk9)
z)op6%t($Pi!MG=Z$wfe2aLH{V76R7eNe`2e3mHQfy8ZwOGHe>eQf4nk!V^ljOvvr+
zwLpASz#Q{LWK`(O64>k7zp2C?02RU+wpZHllO*bt7VhO<&mgH&ff+mF+?GiEdJoU`
z3|M$F3h97l!6(A=HtAgO(HV|jpr^+I7|&8fUdF5O*u~4JmGIx-`c;Vh|3+VlySwaP
zac4oJvxT9l&;GiEO4cD@QOh|?`=uIrMNZ4~=MIvL-HqS_oF@7b2oCRvI<p=f2X;Oq
z!mD=|num66@YywZr+B#D%PM|L^@`#xpB7^JC>O?BJ}NY?{|9RoV*Rh7V*5Yh``;?b
z|AVNA{n!56F`Bo+^nYVk7<*3itN?=N5R)V2vl<<_)&UH}B~v9AHj9P87ouGauXqDc
z;S5DPGwkV0si$N%6vu~6vORS(aC~SnGyS6?`kmpjqyFa|T?l#*D*frjY$4X9H@@U^
zl>PvYc~8vJC;s@O!-7}zIz;+~rqNqnDU5YvRr+3_f`Rm-goBs6(7?%O0~xQ7^iBHd
z&h%B>Y7d|s&1@vhaB@Y&w-H&G*5jDRDEi^)S9hXR_3V`NNjmL#Y@JjL1vWig4eF06
z51&ioe;1WzN?0EoA<-2g`E`nd`@d^me`6574>w&Jq;GtM+Z9{BMA7lW%~*<OYlLy<
zg!+29yj6_|F*s2tHL%R;gVuS7Lml|gFQK#4TC6TWDlZB){?*OQ8k6OKw7sW2Dz8BY
z0Ux48#B@ez3Pfin09$RT2<Zf0ZIV&5C)%gXGHa{o2W5K4p-(oGO4!uV_*sr8E>cE7
zRi=sj_ZtqR)IC1+GtJ1$rDISYHm4bQq>(7BlyA+TQ#@+$=bnj4p<jidQgfGMjm`RR
zZzVkjYEE>NjOTAAQOa3yTJ*wRP?uG5P>j7qZ)`u~OO2TJRM=+$(KCj-@6nDOI?<zu
zJ08)=$v?cKd*7n!H+8i2nY9dxPVUfn2iM=j20g<#PEOb3rLXAUL){;UU>QQ7ukbHN
zeBMn{eG0sT>VA6wdInXw^dn+zdO!M)%A;lO3aVWOs9gdpo&CQ2$bW+hToIUSmu>&<
zhvS;od&M==&fKsqotS-k^c%oEz4+L_W0@!`Wbu$;Y-@*R>sBi}YF*Pf(b*IPrmoSU
zWOvVXJY~(#Ln_-Rr|FKUJ`2Zd6u%fU3VZcpV~st`4Zp_h5b>%7<r7V8dSb68olWfT
z?i9I7U9jb5aR~NSw*x?9D_)O68in&rK^uinMOIlvFdV15b4?{unj9gW%C&zmNX5gf
zn#=U09)IYhk&D?VMN{H55=72SGyM!3=#Av`qYZ(Vns}%|M;-{kPWl-=kq$7taVgtv
z=Mu_8b-$_Z25Dat2XD@o_3<XtQ?hXq5&uP*FD-!f58%)HRbH^1eyo9O)6<~chy3s-
z*b6|B%U3!jUB*G!5C^2@S6*wDY5u5)AeO+}3NuP{%qbOcc#hdB4_YsA0VbVj6FaBa
z%psbYY`aHY3%+<fyis(JPNdOAgU_;S_5H1XL-$Bc6ke2J4A6)V{U|?L4nZ4ua?->U
zuk@^E<_f32*x&k_+|O@$_darT^EfDE>El45W<mqz_rEBVk@xcycu5S;aKW0d1T^{?
z(kN>BGSn1_3?7RfgG~eK;L8sJp0tx_@C6nY6p$y#P8sJR_I&^oN_3UXI0PM9s9;6k
z*_i65P|2YAC~|EeObt>Z1OxY!V01QpC|gc6sA&k*V0?3b6pX6owDuP}Aj-*%A&|tO
zN`N83140#?4#F;ZuTG+L$W0V}!Nr#wINc_I5;^K|*`v>$?*il`OWq9&JBV-0!=@@p
zh_Jqs+S;8S?w?vTx{uaPs4VJ>Hv^1;KBd2E)OQ*9QIMiPops-Jg$X62U&z@;Y-Jt-
z2<rmDdb==@EV~K($L};SkuMj>rjTr+xnMf5eX+AUU2UN9rnLCS|MU@eZ*D;Vo}Uq$
zk8Vp&vuviMj>#3m87Wcz<Xh8(&XBm-vj+b>b*|cHKvo;3AfzvIa?Tqi$#YIxBK3y>
z7Kzersc|<m0Stg!mxww_k<<}FW#pkCKm|BfC6H+D!AQ2ji(D%#KaSN6C_TcUnIFxx
z^J;2twOzZ0s)BWW6D2p`-~XD}^!R=z3c>g!5z-KqL9ZV$HL*KASS~8z5<)e^e*-9e
z<es%u4Was#w=m@|^Y<UG*9~J~YE@c<&<Nbpw!&3)Q{7;-plEC3K*>&_zrZ|0zkz5O
z{GP37?&kikedJJ_bL;zl*T}W|Lg{D+hy-H>qyO%c1+U&*^VpDThyBXuq057~YfA$|
zt@{HNrab^4(b%Wi{T(Cqw2m8Ndi`;(MKvt}h>T?>M+K#*f~8lG1T@gEKb^w78?p6s
z4Ee!>MdikDll!z{!efpsksVc2yglZ@$+EBGMqRy@@GbS%F!r$(|6~Caf=f0xj#!<<
z&J?N@90)ke2D^x~PCA~94DEl>#gf_T^Y6^&rB<A;)HdjDwk<h2Wq3JyIp&7)!+Y-<
zYpIHA!Em-YI-rzAV$r-M!g@lyk5Ff!Y7!P2F-@*ODw@}0C2D_%UF;NT9Untw%+%U8
zXz{^i&v4^UV2M;0p2|qIA~Nu)dPvLX7qCeN7P6G8b(S2?x|P4&pAb@c_ZP&p-@~Nv
z9L|VneTIr-+a3{8zw`GpM72Hr;Qk}+SpG-(SpTnAOZ5MGZ2wG!NxdL^neU<g5<CBE
z>sc1n?kM%~KA#Sgy7@oP{KxJ8dBu(U2+=Zd{G;Asf*JEaVFHsHYYAElJrRyBt!<=$
zvDIw;cC}{PmHze`{<Nzoxka3{Y4xqOr`;#|xLpIB6TKM0JI6^S47D%l=9NDu9-`q{
z1y-rXYu4^>$Rr*P0jkEs!=!n_Vp{sU_eVQCIDx&4H|?}mTP(AU(eY<0WkQFq<r@(c
zV=F0(@f9I*=PYV!syg0s;N9<_cYLbTCVYWD*!a0VVs|Jq?`uIEPY&iCX5PtY5zJ}9
z=@f;c@)%A4crk8L?3s(f%SLiCBJC0!DH7F~8$x}y5+UU~qbtrIe1Rtf{6&tRKy780
z>)}qGA1r`QnkCmPLa#%8sZFfVmVJLQ#72VkC<UPRsP#OT@zMJpU<Ro&+KzZ<8FPXn
z0a;N9UUVL4w)~eX<lR%^DLMd%8TYCG9%LZg)@m9x>uAyG;t%kwQ+(@Jz}%<PclUD;
zh5gz(JymEuJgd=4?wtEnux=ir9^7oXL@Bv_fov6@xd-ILF#2Y>T(c8@SDDM+*cF<h
zC=yhw8=IQ6&S*EgkO3+r7<ZV9(sm(bvMqxp11*u}iPBjY3<Fo}<VbE~(d^inILnjy
zV^+Wxy=qN-O>pUXgpq*VQJW74s%-?UZGTYPu&G3Vy&}F}=4buhT^v83=I7<i5_`Yy
zOAB*LZwK*WdwIW?zYgR^N5#bWe16V1GAGe`=MMDz42REWJ}*`abH^g}2*a`Q{Jzp#
zwczSfSV*3v)T=S4gmU*#e8JdAy7oboK%wCPdF&ap>cGk-><DWVF8dqSG97Y#i9eS1
z(OX?Bx)*OclyKNWGlkw@C=v7&if?2!lgl6wdnu}2R_n~51i9-NMY1O=ikDG_?Pl#o
zxwZT=Ywn>V2nR9J+0BWy?@ErqyNHnrRTJGH2+FSxL%o!ZsL}VN%)OYFb?Y-)oY@@O
z(mCBJ_rLz6Bo#Z$ECQN6>5HI+u~l0&Qg!_~TBa=PCVsLlj9MwglgpCWgs-b=W;Ddf
z`k&j0=gxG;{txOJs=-h&Q^9KU_3=~t58*nChD?=hwRD@g_N!NTN4#p??_AVRQoF90
z*XGie`Rk_mlsSEeWyBFAc+NM|o}>PSz?hpT%=1)PtJ4(qprv3sQKHr?#vTZG@8591
zJ{gA}NjUg48F^)(q6Xb<pow$s-S&Tx^^QTh1WUN?*!HYhW81cE+qUglW81cE+qP}n
zb7${;{@imSy1(km%B=YQbVOI>Q~9Q_AlMVnE+D&gbz%1^&a+AFl{p{KP@lT2qy)<*
z&cA6X{+0z99)ilCebFthz*!?B0$wczPZNNP1g<(HRr@<w`gW40ac`gxYgx6F0ObYl
zu{-Zxo*wf!pOn5=AB4e)OnUseX;|J&9X0%Az1+L+=G81Zm1QYMDY9LrQd4}|-<v6$
zE*o^x{MYJNom0zm<KciE+$BOVwG!WNZJ3{-7cwAOZ8;Y2_me)POJp>6nNVB-qMT)h
zP4Q5>2DxYKsV0M#`L&xc)Xm0V&WmTXO2Us32+{r>#Ge2^j6o7e3$=Q<D&}S0g@*0G
z`tv5B+Fm5JT)rJdR5oi>Z~~2->V_grhJ;;~642+o7|cg_y9_*SoX<-es=XLfJr<pz
z57P|ct~&n#2db7Lz*GU6xr*rx)%heEv|}Df(L^ETFuInBN4KiyNbMBW?pu>qd)J3?
znh|Rra%1axBKV!*J2~#7<y{i#7qEp0oT^f<&_1qoAb*jT7|khFwhQtfQ-yna@AD1M
z{yVTejFj~FB{DV>vp34i+2iH;6?4&YGNY^ADN@r$P`zkUW=&M&y;6dFrosVMtR>TD
z1B&6DeD8VYY>Xk3j~?X4fJwwQBF8{)*SFE%zM>1#msng<w%c}A3(UJH6}K(VV~Yys
zRHsn;{BS&i2E^DK_+I5Q_0;H$QR07e%Q+EtPa84=j_w&H6Eb9;Q$j9|^?>Yvd4+)T
zFd0|FjyHFdaS`!jI+_x<mH5FZHZ1z*G>hF#r^f0!z}^HGhe%r@*-h_Sxi1}alj4ur
zkRpR{iacKBafUOfCPJaEX?TB9QL!xu9%HOSZd_RDbmuW!0=E{)FoXWkR<+h|F4uDH
zEgYQ+CrPv0U!lLXKE2@kkC8bN7ymF6YAPqX%-rtO{BGXgiIREg)1nUxKE8RQGV%$V
zWZku*#}v>$^VyVS!zL!zTGV7$BIcf2^v-!$h!n4tp^Vu(M;u-`PZ*uQpP}zM7jfeB
z<8uQplCv{03#?QdTK3i5<PYXTH<>+HQH@8x(i)J!SCFeNk9qg9x=G^&k$kg?OTL@i
z8z8~a8Dy(%pDMTgl>W^qmA16m7vA~Ia;*sTzsV$aQ%Yfz(H0AoBiu(w^Q<r^(h!|J
z*#5LbdX6&ZhvpiC=kJmqt^*59?>oWe?<VPo!r<Y`Uiw5>f~ww<bm;il#9E?K;AGAI
z8W^}8nh(&w{mmXzX*{WOSQq{H(i8hXO@fdz4xR^h#2!L=ilFRjVzon)dmP3p7as;9
z4BUZC6I%MtNFXc=s5%Hi%58$EqCsN<tN+S3QmxQ^TivdS-Gif@aAWjs`MF(&qP&Z}
zS28&7`zizM)DX~v?=ta*<EY||yZkyCVb*KQ5mw8cuL)+7Q;as&8F#JzMSEvFF0ZY_
zw|w#=(TA#k*P5EBtDZgL*gD`gsH+O?p-}#a)5A1VJ@V?c1**>Buv}=`&`!~1T<I72
zTe^i#eLq(!#it~q-bmSv(=m=dLA#+6+XU+w!y+*|FGq^eO$!^=WImQQ^y=37r^Nx}
zprsahH7$u(K_rO8Uz!IZ4q0`{1G;e$%84u!#XdJ=k!$tjdG00u5zB>{5i_BW1N)23
zf(Wx-FF0$+g@yLdcZktoUw$)}DGc61>UKAl{>;+AQOYjtJ9bzJ#OP)@wXxPF8j|QZ
zgt3^6Fo{UKU-hkM_r0853~W`E5<GnjiypxXrn5mDB0>Y<k4kV^yIA9oZlMftW-hhV
zCi)*9R_UehzMUnp=QWeK-<KU{ja1eS%zb1aB5WOc-KPy|nlYR4RU1YC8#4+s@T?yb
z22)mi%GtuMhm~Yhk{7-3bRVjT$x&ybkzd<B<L@E~97Oye9bl0E1ow!AdjQCo)L=e$
zoa?cSD@4Yc50lu+l?kgk9ENTY6M(k9jT&Ck>26WR2OpIAmf!FNE35M^rwLZzAI9CZ
zoyZB?RKz5#kyNr9GD+)9U2mNLLh1`0j3S3{pP<JlW|BLUuSq#}cQd5A!>X*m>t+1m
zCZxKU*h`qFBt8*Vv85MAAHAQwdRXT^vX7{pZ(6Zd)-*eoJVSmFBob2UENv6YM>ogH
zC8DJ7t7PM7^*-8tfWBT^7CX+m_8s+=ll4^#;DdbJ(Hp)wryYzSTm2oIPCFfZlZ_Nj
z@b;~0;-6Bd`efk^7n?cRf31sFyq&$by|8UKS*HK>?jXvjDvcvt3bc4KXgc_WM0Xb1
zlf=^;mTg@ka|hTNSdG^sErPIW7mv^WJvCB@214s!jD>KFkQUElhb^`V(mC%EProXH
z8d(NQxoGOjZN9$*1K(yh6=~Vhb&xMGBNl>_q<PnV!jTB;3q|V1+@p@vh~%<Uv2}tV
z_oO--X!k$lns}Vl2Y3#?VPMvERCX_v(ld{3))**{A`)A;ttz0v><Sd3yr#&gJmuV)
zz*o|&RUBR`<mp<<i77b^NXo<aVTp*mYLFTAuTDG;dU|K4<7G?O^ZI>@EUJ`H;yUPz
z>_nUk9(E7FhD|^6lL=);UH%jV9&AwfteD3x$1p|B)1$`~&v6)~M(3>>19|y@B5+ru
zA~>r9?PU1lzlveA{e?WQ5{x=)HoS>1(S$hM=3nKCF{bcO*BEK-Qd&ZyS%1eh2UxYe
z!UcQWycAD@DIH%SlGPgFey^#ZR@|@ofxIjLNo$93Pa#$}AXM-OBS}p<OGkAjL5JRL
z0Z{Wk83w9ptc@F$xr?MC1HkqaPeD4UMf+oC(8ymt8%~ofvL=MVK!bnsImvdN1IpH?
zmFr2RqOrec1i7s`DW?HZ`j!hJ!-`y1J1@abKPU0^ft^b|re<u~vYlHuKCNa<%2r^Q
zl+|4_Ou_lvUY-25O)M&F{=fH`#joWXCtBI%*QjY-S<k4lcGvXZsFCLXHYGo4b>q=7
zr=l5L9+mYCTmPG+>NobTF-Eovv*Oa}fBvTb4gT#%{&zC$88>@r@~bI(^aP5*fS-y`
zRVK<~#~GYC7{u;&P?gepzb0=np)5X@`0plgK2Lacta#|QLy)*wwZJ@d+ir4KiJz&R
zBf7ik8u$SSZ;yd@?Lh8?P1IEV6OOUg#}X?#<TxsN!$IxtQlQqgNQ7WFnMy%eLh&^M
zLI}!#3C6q?ubcpfQy{8h@*h}bAbpgKa{-lf%sG5)h?~In+Nf#y?r-))kba9%kyNB`
zv1F)~kAt5>Ek-VGnN1Jj*?i>}%GE4jn5K&QP-SxQ^80l&893=$9=Bf%AM_1`$u6T*
zpwe8bNbU>pO4xKcBIHTWE<~~jD$#F!{T=QhMK>c^82rW_hB#He#mU@tK&MF|RX=9N
zZt^%m319&o^IcZbFqz})@|VPrSpVXhwl|1=<sW;ekkx(cP6AaE;%Y(@-S}y^lb^dM
zC^0rFhWxJLnaA~ojSRWD5@EGnjo%f|EnfmCg!TOKWm8Q5kz0!H;jqx_oF)<KATBWk
z6ycN)J24_BPR?ZlaX|yfl9G5su^fYwhxvVPSpLHb2{B&<q>!%#sgQ^Wx@G1Ng$7Vi
z2mP36==s8&V$o=SR#=oM*oQJbA~Ff0e*6Pi;r}@owK!J{EcZUZ3n<IelfkSUvXEFQ
zYk9#k_G+*$|6zV&)Q7Ff#G~3dff|(jxqaw)v8ulZ(U*B5Y*IPAbD9Oqs3KO6U9#Yw
z?ZtR5*3ud?G~Y(!5Fy;MEHE|jt{&Gh;}h6m6`at4^&L-pi1jQ0L6h!1Q+s?q5wP{9
zaHP65{@U+hjjhyXDIh&rhf1Ksv-y|FU9{qYOi<`$Ma%zu=gPF-1^B}J>+^D=C*3fh
zmCu(On5&$N9tP5_94(bH)A&6Zm8qTr4tl4l&UJf*!UkHjB9WE#XV$}zS5+zA=m8lS
zUw(TLjvoSB;~ET~d}Hj)C7IST8<p}tv(nt^u5B1=dOThpQa#oLQ}$ZU;-|FJU8j8C
z+_Tz3{YD@7y{_L~X03ns2(+7Z>uLMOFL?U~p`){<JUO^lHqkY*!edO@6OI>4?>YCc
zQfc@u*@&4@WHupNo+sH32C#*BWUTvmseU3de%WH>r>L4fStJ^UiE+K>tDQl)yo%+a
z`zZABsvx9<BLJSU*=AbzVVO51T$OmkdS2ns-fe;UZLHvzA#?F@+Hwy$e3Scl!{P_;
z_^iJ_Ddu$Tm4sqHOX8!m856{%4~?z=QhN!D?LQr0NepZr?#&5zmOxalkqA9)|K-$;
znq@(Yrh9N-@CR4D-nJtCc?v*)!a}-ecGkG+a@krHK!F#xz}j6<$&z6KxpYgNCXTOk
zMulYs7&&W|4G=*p<I}O<{Uh5xjXYNB<@a`@s^iVeB3+u48^7)@2CSCk@|1R?oLfq7
zNFwF3>fTOVe~H4TagEC}dsVQj(7j+_Ph)z|-80saO{?Sc+m%)uz24_9I1xGA`#wMp
z23eeRy$S#X9*4H8TiwnHV8||wJ_q(?SNDRx*JFaxVWuO+AFWSx^?hc4JGyjz#K<Cr
zzuFmfdFpux`j!-Inux^+y?UmYWh*6Lm!~5Sl(&c>``uDz71+M`+Iv;+WEQv)AgQ_8
z#4d)j7r<O|QQ|KK%4DTQsJT+x#OnBG9=M<QA|VvS=eDH+YpKI0jjpP$=<~dZ8+)<X
z#tR=E+r|vMiN=HCTkICJ6C~X&Df#@2ZA3bnP~bwBH#h5-nmgOd57nwa5{N7(1o&lW
zh72Q+?qR0d<kT6NB@e`+k^;w&0L1h!e&P(PbJjefTC<?W%GHXQi24d(RiQ{s<dlj6
z6#oW6v@{~b;gt_oD?B|-3Ogav;MOX#(`xUL8G(lEE?GT}>m2t&ze!G6(WMaUhO-hN
zuzst~-7m3_TBJR~z*gOFBKQA^?L1e+KAzKvTWZkNwq87tRwjLV?S6LD_;6SMa993N
zU-qT_-5uDbDLKzTpL$h@_aS^8zs8!12j;viYWlYr6uAF?pvKV(0!K?y?KrTHyyz={
z_}R<pX>awbesT_0a=JLhymol85z)>!84p`?X*L9y)A6V_9*<G!+i=G6RyKYXt=X@R
zgsId<C@rTM4RlMWttGVXd5EKJoiv$W5RpU+fu;oVrh$$LSe4n`mF8+z`HMk*2!1(y
z^}RB!CCj_*%Kcw$ev8(y(QIvi!lvuZDTLu^4w82dgENb@vSv(2=@0<F``k(@c&e+U
zh5dBniuJW7thwGhRQEEe-)4@6uzvp1PMGoUu6oO_L`F54C**a0$>~^ifolQ|^DE`Y
z?eeVadX&3+v2ff|_4^<w{KnMAkJj|UEn|0R7i4@`Z`+jf`paS<Dz4hnbWi)xYJtV0
z475U~HWWk24G_=;7@q$z=;OeWq}o9Sv56MJlnW?GzQOL1arP{8aauR9^CKp~7X`u}
zLdZCzh$s_F=>E`N3Cmo8ijjBE`hzvNdZ+F4#K5J{CPvV-dUeO3xrdb%5+sMvPTf$h
zw&2}{3@M(#Erite0oxjyoHbP)oeWh9XHAv`U<AOfON{ingR9eTReliS{(S@x@zz;Z
zVQ)2n2z`bL-rob+dGPus61uKeS;YJ^(>-~Z?EEvKa>t}qnLe^CyChA@vVfBs0E@Fm
zXXD1K>vD=*T$xgjLei75Boqk=yf`@drnIyOXc5&OaXx#QyEZy=oqA_4C&S8-&`pPO
z(r8*@etFu+{3lpqae!Or?1SRM#UtFfEbr+@-v79hlGj}YA38gn`;HJOwPGZIWvS7i
z^SNsM*#aN2F%3KyLVlvHq~u(e3$&H5>?0FGw%Yr@K`+iqZgXOfo~IsI<(}q`i71KE
z(9^i76@wh#2@&HRT!7w^W##x6YQ6xm;~s{wjYxg2tNEKYTkAWI7gIE&p-byLMFm7~
zLL8#UIB?XBNc$HLE>xAM1PONy{yl^xg@xCc%|9d)h20L(Gnb&_eCNj4q*;M_Xy6zj
zuq<PusCiM(O1qPb9z}!Hvqwel8tQ?#yr^gaOuM_Wer`DamgNNTUC>;}V~p~jYvSv%
zTUi=+k!Ngq2D2A(Oy~uh=MJ4KfzfCwhEFR@EM}uCRU!xXB;aD3<3QIBC&@;MDL7|x
zn2gCbj4od&<%lX@7=;j7GFM$1(?|!SkQFbARde&`L0e)>^)8h~(Mk%?+L`+lttA(Z
zJYY`(0H?>bAyZbK($RH&ckR!rTfAaP^H}%}c61kIS;28fj78Nx2t8L;({VE%s&?qt
z?X?Jv4Bd6~S-Z^}|HnNM6zUE&5rBQ<=i4O6fH(Q`)!CDC1MdDU=VLp0_C+kYuFQeo
zI-+(UX+*>KiaRaOWw@ZrK0}tQ9nuZ!oD%YMBIycicUF~hFbluK?qN2@nDH|xoWX`M
zIYj)bvl--sivsY#Mv7(p!{p8(bxN@4Rwm5!R|3z3@2$g+V7yw$-M`0CHbpYb)Js}V
z%bX(ga%m5k?I+anZ@`5-d~*SuG)2cb1_8hbe{=6857hZo%RaJD$9&D@>9aNVO{4^<
z>1VVR$8pcY#s<jbiAw7i6&`qCwXvOf^KS5INJUEE--g@eUzo=`u4qa**!EC3Iqz>a
zE$d}o!1v$mT*2|u^wa`gM4|&W;(W=)Q$o*GpKAHM+xFyyO;UjhR~db-`$xss8=)5`
z1CRANz^#`gv}JPnR1@rwN-P_Ce((+QVbasTbpNn@-K5($i;<n^eW#X+=wYrKO+@^H
zU+>u||2bnyuL{j#E{Su1k#*D+qKcK8n9ed<IZ3QWo4ivS`B9Z#^Tv%5r`+g_2q4j`
zqc9P>yzwySR!1!d@3OvAHYXrYleo>JI-`-w=1yB+DVVax3I*L6)PY<{SJqb1FO0P@
z<mbkRM)6mb`9X?f`!%YpfhsVhD7HpOg$0Lr(|MffG|l_vLX?^gBsTc4=cZ{wio<7h
z4nzzu&<J;c3b2YV#bdbG?6DWx9{uVoBx}XH%uzCEOU-4Hjm8_uH1K4L%$(6&s*B+N
zkvGWYg-x0gFv9j53xF*7%~44Od92KDK&g;m{qaj+2R=lwj9xu8!0aowtD0b&=byVi
zl>FWeP?2F`H=nz!!!;UNZ#`cGmFgs_mSR5aq;J7U{lJ+BIi?JUinm6fRT@G<${t|v
zazz}Vl*%Y0r*bJ3^_XT^P9ka}w=_bUSd>^>XZZ7vkFt}Wk^dIEUm~XH0)l^=t30{W
z4?{FP7H(AjZw5E*1K5$fiMOV+Y1Vb#bsgmqUikHf2BvcQgAAWVsJTI1=t3X-%uv1>
zKLfNURe67mqULLPo&~l?{z!J0ht5pB%8c^S{gL!s4CgQhXhG(>z6`n}U3_ZIQ+!qV
z2qb}fvkR*F_%{2KUwx-sGU5j`KA&}fQP>)gz_DAN=*OBV9T5LKL7i~Lmd@Mc&=!Ws
znk0IFfKh-W>+^aeew#j2k7xL4qSRcUX%jE@t7isub%)V{%I`^x^3YyPj#9<6eDwDX
z1m!cd>J&5Tgt<zMX5^~B`f(=D-AXOtAn4(p1@9K)|F&hd?}X!|6!hIo)bo=O5>P0)
z%CeRe4b9S4Eo_mkWJQO#WqF&%IR66|TWrCc=Rb+xjr7!lLA^1<e?{C!VukwwRE--Z
zZ;mW_T&Oy6tO0x6y&s?Brr6Tx?120S7Y0ZP-2?mLEK89L`t8o~{FgC)5#~(^-3R;X
zy4pj!+ssXQWJ$pohJ7b37$yd@57Y_o;ichU<p>vSjcusLJ96nN4jn{~iSIoC)%*zs
zMH&o<tQ2n`Ea$kPXIbp7XxnP=HonC;HLKat?0DymvIEDrgXH$~y!#xw$cXs;BU)FW
z3<&afrR3_tw^zM(6xG?#`AzO=*5moETUZMTnsaa+X;}Y??0W2#K{>;M>m6WF@SYbz
zLa$XLSL<%bq=1YB!%aiPAmt)ecr62n`5bbQEQTcgN|AY{3NiczU<Bc|Sp!~zyV91O
zSkhBDOf#<6r$Sgt+|3kMFq)Nj${Q~=6t#{h{KUg+lvNFWPYq>IB2`k<9i7bJU1M^#
za8x6>?ybWNP@IF}>t}KQ4Lx_V*0XNMuJ{6tDwZcYQ1HKjg*slB6SO2+qqCcA^0!0*
zCvvn#sAqC8qaNf(X`XCa{S+>SEfdBN8HA&tZ^c4dVqWDQc$?K93Y7}4u7{C+UtD7}
ze0~ZigW*qm$IE2;f#gX<cGCPtLSh-sfrI}!_(1=8of#O=wK05ld*ZQkPv9!xA52u#
z<04My9-IwAuf%cAChF9K(rGfcE|H{J8Zv&H$t*!nk$1A3aTN||-k=NCu@A+LF7$2)
zav+whXAoxXp2O<Ruq|CHt(;e29IdHfPB2;84SYhLDeBk;V<>97xP(&#K;Y-}X}F*y
z(oD?0&`6sG%F@-zZAx1c#kfYOW{S}ndKu2p()#%iKb)WBpVx^pbO|H|u4uAGC!T7o
z4i_v&JQw$N#55L>YG{+A6NiePf&3yHPdg@|3reD3?~fkaJ>!L!Z1>iQzjb=Z@-?ds
zuFfl@ATq8hfBkVReH8vEc(h*Cwwg47=rr&jez=dsG)g&4f(TR#WlckutaC}DoFx|f
zHz!0KvmP90d@6;d5?TEw<8;EA#G+cdZNkWk0PT5AP?FO*k!K<7eymZyCtmv8W8UPX
z#`|-&BAzsUetJUwc{}o}N8s!H^SW?%_nSf6>3M%Xz8|7}d|k;=t7~Wcd4D=3z28p}
zBN!RcwIv-pw}7WOveY1hmTq94nMg{2MRlYqS|hZ2!p|Q~m?^3Nzu`y1eEI3NxkQta
z6U`UVasP1GW!m`YJm%#Bnry-*=+nZA0`Gg~WW{01M<5ts(SXBwPfLa99GMo9TwOO+
zyM6@bQ0~#`E?&@_zp=OBgvK67ERrn=z{WVkf{HNzf7oE{)q(XB7%IwA7N|f#v6%XQ
zQ><qHhYPm4_zxFcPIVLZTaitvnDxna{G7|>b=LFW4VQ2@h`5-9nm}=JqZxBb18gFk
zp{43MGj-%gy4#G@+Z5Q<h{MjgwOJM#GcAqS%)LW-67Wvl(Ze|0de6r`ir+jkqLM{3
zk*{%twZtd)o7g_cV+dqO^*UkbCYwDc-{Nq@8sPJrou95SlT77s#G=_<OU3Dgr-A@W
z$P#iIzhZx4Hz9Ne&2Kq+ybgOh<sOqhl}aTV-jF0W7^a}P{t(8Hi|UTvQA~>~*I~@d
zV2pA}U%HU*AHy5()`R9cufCdqg6xL)_KI<rdG4B#nw>}a4H=D%x~is3Bhv#PY?QF_
z{!q|bNCgMut{rdqYf!#eVIVzmiOe*E=`cy<L*j3p&7PhQ0EJVrdR!gDU@56*V2tIm
z31?b$n?}bi2F_^3C8R*((cqdVF0{*JR1qUQO^VY$wVNX&Qtj!`^$yHOA9oFS((8|~
zuXXXleIjw8kmRqhgtY4Fqg%^DeMg7w#ZBA%E0s7e>B1{MOp*>}&Cl_~=!aDRE`ezQ
zj8ZU}&i4Q#YYn(sfgljNaVHwU^2}v*U^OAZG!=FMd0kp}Ii5lBF|^e?0K_SytQHh8
zGX51w*-WqKv5$r88eUiJL~2G;X!Vfis9Le%WeQM3?aZ}WmU1Bq$V!2U$W@8u-OJ%B
zp+hdJ8%f?E<9rMGdhB}})Dukx%9m1cw&`j^atpP@%rw$Gtf=mN6s2_*i!IRxW)*oN
ztE}%?QugKo4N@wxu&R=wV|2VtoM6%6Ak_lvLUqmRa{m<EnX6e9wqvDiCV-Y{scvrh
z{?<QkSbW=LO+IBTA=k|EdLeS8C<@~~#~IfZw5k$>8%HbVri(KsTtI!`n`mSi2uBwh
zMzY+4@|a%O|6!1uKr1wmniH#UcUNz<d9??;K}CU5iF=~$k(Q&?9#7BA;$i3BVZ0?u
zyA>}HdGU<l2<g`_t_$SJG02MGBi8$w|667egbkQ5!ayhy-=5FTO3L8{E%&G#7|9s+
zzIIl!fT{27B6D5HR;AB|e#mVS(vfmyBnTqe6nkDq4V``0z6yv-Sl@?4k)C9T1Lyt}
zw?aZd5>~DiS5g}vTY^|F)@Qqx09zp3#c$dgYw(R+VRXLA($AH(9~!zE_-UEX%tfN}
zd?SVMkGbW8BS<(@6}|uP>!YGZearBdBaUJKXi8S5R0oC1+-LsRV^tX5?9|hwu%z~l
zChH8ilx;MUmN^L~k(Mw~0s02N#>WiPPUS*Vqg<DsdAgD{Xn6lCR@(kaS-@U_VkIt8
z@I*JZXnfFR$YE%sMBQR!n7%6QPw$v@oUvdzJiMh^Iap<W%5z)1u354AA=9-nd83w3
z2oWKrZ`Rri2MV3<RAaua#xTY!9(+l=%383H_Y5JSLr3fKqaolCg2Gh*`V)3kNM1yz
zk8Rg#q*TY=DnNj=;d7Iia+HTIKuvsW8ItGkEvBh&#KB8!KF0HnierNJ>{cc1iWJ|f
zSmkNyF+u8%R+6cXP@aGi%O1Ka)&LW)8Oz@HEVS4Jeo|TlLuvUe0k@crQ_RdRW{LMw
zO_0AvqrL=Yt?JAfYhJ&c?fU>5-zdW4sU%k?qp3aP1pWO4@B4ZW4{cRkBm~;l>E?JB
zb8(}?=b$uRxy{)O)t`~jD!B3v8S^$PE^<vbZfgOPne5u0rsAQ_d+Q-%OyS57AXERd
z4RV|dH4OCn<mL>n%sc0rc8u0F{Kpr`Ny(CqP6Xc!QoTN@GPUe`Eu9rd!9$rUfgpz_
zNc+H1h0}($3O|*iM?h2&4Ia!Ai1U4Ahm^LN={Tu-UFrtMqHjsvow^|-tbAIsYm-6I
z=6MKJVV3dk`09fNhJ!;yX(Dq+?PFFq%30bnpS7}5`+h&(gw?fiyw5_|vilG;rsywH
zP+@6pW<e~D3Il_S>56DVxVhkO5gyw}ujc$tfCsW=d6qr`^|Q&KZu)ohl^2;Ejg+O*
z^ORDNMynOYFNOZi?+kI|V0``2FZpzgHlHv@mb2!1gOw&2oMG-4U>>@CFFMjQkQ+hI
z&G=6LE(y>=A$806$1b2aF&6JKk`1+v96bqcKwd$`{BF3<%Cc3dmrUzC)rLkh$1P%#
zTfpCHI-O6gxv@=H@!7rvQZ4xw0|0CPybqfM`c)ZtxvfJ)9Uq;A8AT*i?)XpndWxb-
z9o<Ps<Ez@_Tr?1RaZcd>5^1qR6yB1!tpFm>wPB}OxprcPtOfZD+yOnT&E~H*QT7E3
zF9!}F6rRB&vRi^QvYCQz=?CqGL)RK9oqxt@%Xo0?wbbg>>lY}(Y=ep92|RFbHi+UX
zdt!SliQ+EJi8?>Z|MyY(hU2|7ny0*L`@h{J-~Tz78Y%zUKQDfv<JRBNUzqr`;MdT;
z;>&2he_HU4`cazSq9!_%wCudV&|KZyJI#229A6<b3?HxAczRlZ{R>=KWk=k7Hg*^H
zMdsOYjQ1(WNTjuh_{_A&sQA$j$M)YEn0$pWo|V+^2q}IWrrwdJ-y#=v3q5q%rpvOs
z8Ww+KtMky16J=a+CwL`VgpYMwM#sdMZEEeX4wZz8<12c%WAe;tu<b2MG8z)q86Ob%
z_LQZrj}o+waC}@aqkC;wJvk`LAzUxNZES?M^hWl_)2-4oBW5%D*%o%{wT)SA&T5th
zEgNAP%IQv==g{Zt(r7_rH-9wDO1XOsr|1faGLuYKRxo6R_<UWT{~Hl3tEEbe&{Xe*
zkn0r39ft3dQylEn!8|R$RySLowHOp??w5CpgNKyu)<eOM<q$WDCotonH|LY7mR5$X
zfbg6zrf!YPg-QXnwyf<7{YFh4kAR)9*~a`?O1qahu6FM-PmYkX$vG7c{?SBpcr%hz
zo}!>;#>i%#VM3)@j<EK@;pO9jn1r%{R(B6O(c7Ve{4W01^J;bnuM>B*MGU-`It(Dc
zw^VYGHi(7f85_A1ExtZN>2j)vXAqATf8l-i=|PF39C}Ih(vi7kmw93B_Zl${8}Nz>
ziytt2#ejdIm3g4X37vZ5;~5&cCFN<Qwa;fa3V^@M`wWQ*hRHl+lzKv!xkW90hg9?m
zg1^9(!Z}Alq#X-qoeE$b^I%<r7bC#WE7S#{HfzejbBq5_zq~fCl6?4(etOH}rCq-&
z`|h5R@d<>wXmlHcYVU~V?DCLv@Vus8l<b)6!}`O6TGch%`cyeL_qTMHqEDq*<(Vj~
zbROP-fe60(ui@y!;@E3NC!vEfBmZ=3?SuU_<U-XDey7+}{IV>Mrv>C!{V@=o9oZ9|
z3WngNj|qmL(GrTbB22pJ{1x4d#^|`|EKbXN*=U&f$|<Z*?C}gIy?FF`HOA532KtEU
z4|M&Zy}U^71k^#0lA;CFgONL;kRxCHJCZ*7w;j38w>J<#+Na}-aFfgPT*XnFD3;X{
z?#N96^hjX?;m2w_a=BQDMvHKRkats3cUVV;-Q?R~J9nYqN)|QFRi_FnNV1`L!ionQ
z6`DZ#;Rg96jR|9guNv@S$EWliap(<utRQ4HMoD+Zb%a<NY@2QpHU{rp-9G%)>QTp%
zT>a4G%d`67w1&8n$>#0qeWhmOZk$i<O$pM*8*O%A^UXR`v?gK3+5ynD%ot?eo!w2Z
zS$nq#HPmPh%I+AS#>BSn(aWlw|K!H$#87IVv1t($CP6h75vXAj2ARWd_*_#*0lj%i
zz$fYx_&p}-@^iEGJ3^;}h>!%*{`6gFPli^rNJ~4olTJrHg-{BN#V;*FGcibsAd;Nc
zhtk`GQoHf8sT&QMZ7D@onop5PQnNkp8TTeth;Kp+1px6`m}%vg4zx(IJO!SKsrh%n
z#?C$tTnMss0W6pXALiP9>*~mdXItQJoS8xT&>k)-7X^j(rr1{h+)WMX>UcADAL`6m
z9UKfm3HX-))U3{GijbLu{FoYk>YGNJ^nN8q)?p=e=0aQ*_S4=5g)zs513G+V2N91L
zL;dZ?9)G}_;J-bXXsM~jCu^w0JHa$W+I4jU26>J~Vm`V>I~2IQ#ov_BiVLVn@5{5I
z3Rxz0y>|lqiRxG}%U0DGbiz!#;#w~N|0mZ?)#;B=87vkh-(F*EBLV<NSev##R&^e}
zY&FGLZ@iQq7r(p~Y;_iGR9~LXfLDH&J(o^1s#;H=*)j99JikBuRLj}8wfikvtu(Nh
zU@H6bI)n@4a9e=lZ_jVM%kz>yREDjZsoNC?G$~+TNAt<dZlf+v4YI&uDNq-Zyr9`M
zWQBF6+)S84@0zL}cHHU05mE-K+8hVQc%S$g=0)TSM0~6}pdjgC##i1QBAi7UIrHL?
za#1pRgsP^*1~nMuU8!F54~x+TUZGmB=hUARL6M6_H4gGJ2$V=hKZr=C7Om!oLiuah
zDw^im`=h$*m<TaEtE=Q6sB#OmZk(1t5b$uiwc8--$87}V^~>et=8=WhqUX5BB3b+f
z<9gsWnQ?dTfi^3Z?OOadv4H*IBP;*(G#DhM%uOtn2C=O<RErV@MC;~SZ2Bk@@pWc>
zeAA>+;bIuOMvmx}lQwux9_$y5{aISr`}5I~6mlR1+zRb}H;OI_kNeL)g#tcz*$X-G
zJIBeuE57#+1v&RbT(V8B#02a{6po(xR7Qumj1N7Fi)6?Z5NZLtZ||rh7UA(Jm{0;Y
zf0coz`-DT{JQXp?y@CU^_N)C_fzrU;`AF-dq1HP+%@;<BPoyO8a1rjoe2o3suX%>L
z`V1q5XS@Hu<K8zM{~Z%t`LC}{_5ZA&*@jvkp{F%0oBJ3k-M-lW4fg!?;kNsFAI$i5
znsxsFPy4^P-R#~n75X7x1J(N7H5zh-<1F&AqRE27Ak(aDgeWg=GP0Mf6)9e}6*LIO
zC`j>k<cu^5tPQlzG&CZ&^O3g>oyB=-_v-oboVabS*?KBAMQ8_W{$TsQiW4Hr49vCq
zs!A6`e2z6B;Bi&ACm5%1Y#!5$O5>G!Di^onmNK}ouM-#YW4q?(%;?VR*TU`5_bfzo
z-(m=EU;iLm%MpjnJ{}po9QWd6&FrW;$jvA7IVak~W-E(jeKa-&G7-C^dcYgpn`H62
zeM`a-p1yDg$CZ>e)u=0;J{xs@_tlYQ=Z_x04}AVY=TAYqILq}(j;;YD!0Y6H-Y}3e
zbY9|;19)Ik81?})UZfz90uc_#D1o`aw5|a*?j|K4`D8|Dv{0+4L6@F)+U<ZF)`|<p
zeQ1YB1aV;~actGZz(3{mDj99C!_Y*nqTn&S7#5LUCIYl}<QV$DO2{56)kZ#5q{WV|
zgUT7#55Ma6*PJ5jZl5x(VV3RzInmG%ytr!4&r}`pZN~?4OAKXV=^3_*8Z^$xwtS#@
z&YleOn&Z%281aABWHZ7yXyT<A%&SL0S`LVau2Zq>J*-?5C`&|iko~^4@9!3Q0>p($
zpdKmgr%2WIidT0@)OIB_Rw|KZ#(sD{ZaZWj9(Z%IzHXhqZGC^X)<QtNUa#JAW_Z_l
zeO!HfT%HGZbbP<Q&zE-I-b!$V8oK&=c(T5Fb-uXcM&I6Yeu!5qJ=G@KNuOBhG<8x#
zwg)ud5t)eFlcGxLF>v4>N2hB;xP!_+2}YR3x70|Uk6UGYi7yrh>94Dl3KnqN6{uOk
zr~0}ADG6FSm)jH2h&uy`tRybZ{+QVEhl5wul{Qppte2DNdj>P_|DN*j(nOO(!F(Rw
z3>FCpZ?WTsh@X_JG{I#Yc32plajhs;quZA-^QCu>!4TI}m;TG7h?OmI=oUbX&fat6
zE(p!5K1Z@o?PcyF>5A9+2hcgOP{&%!j`zdfM0#JWw|03s)Y(CPb1n<&FvFXevbOgb
z0$E+1u$|V~b?L-j*vYK6y{=s+?Y6w&HU_DQ+j@ZD@iI`pySZG%_1cURppSn^*5xB+
z*g@>yB5!pej@lPevqoK|4-T4ch*{o4$1%`EaZ8hEp&!tFT>U{Knb^>>G{5)JP-AV?
zFWd`74F|u?C4m*Xigfx0gL6X*ew*mTqUdF2-IE2nRq0{+O2n>P#pEpJi(J31;PueT
zu+=<jgs<NloMQxqfkCP<I%DP>PjIY@@+87yX{dHFm0jNFn#);TSyJvfL8e`VSv`ue
zo<=nA<tXajWos_<!aD6Ab^y7C!|eJjPzCa#_M*{*mx6K3b+L_ztGS{+6KA09`Eh`}
z3T_f6m`;V1YhWt)OBV~UD7nYs4OMH06o`zLE*7XQD|K#n#pavfie|lPSNm>xmkzv8
z^Aku;3PZo)y-)zsU>XgcVS@w&88FL0+9}ILdD7w*S!>&!T7Q}j*qZkVUCFltiN?rY
zb{j`nl-sN$XH7|_wSd1Ob28nceyHtCD1nWvC=c1X_bp#0jhg`?3AI<88Uz7NN)SUA
z!821c{R4Hr_zzy3?%+R5Ttr+sds1=K60hO`R{6sshTgiPFy3G2)bGH0#ZcBQ@GV%|
z;d{zTUQcn#fn#Mesqw{NS|#ajC1>z0L>+((CDrX*`hoSs?(PC-nL)9C8WI(+n>mo|
zYj6J)bMe#qJu)=0l43iGrOv2nu^^6>)^HPSMBvRn(koC7x>|)NqI-BR1FDTVD*hN$
z3lPsQA_+x|ObE5DQ`zx@_gBjOo2bSp47RxsKAW6jbt0v!-=9Sl>ey$=d#ybmXrF&T
zrQ_Nwog*@0)F~+Is1i<AbQC<LT;ycozLEAm^C;^stSu5wEZkjx%o9$`;pzGP{wMq1
z!~pGR0F!8e5%zIBld1X!#--2R=q88gN+$WSchfcMl%TbVX;kIdioZHOptfE19mr)U
z)JJRauM(Q<c4*Kfz#$)a*r=%vrA8?tO@cuh-N;s+7D?2}MZ-grm5_&0wP(Pg)abfc
z^t-j+ywX@?E-D3s3rkl1KnCitpnCF5680?R$MPuPSVL5CWw5%BWy-v5HO5pycVqlA
z)?#0?(pK%?9y+LON8o^X+l*J9=C8^T_(7aVba3AMWlLaFg>XBko+YHGhlS57GMAge
z${q)|KVy_9o{3_fHfjh7WV6|U)}prMx3^7lI5fcg@Jp{QA8TNA&0FOnTBS9VYap_@
z+<+Gs6Db~9W{@Z-1oEn!eA8=zqmgea@^arQH?iB<W(S9(mhFU%aty*G%r@KI6ef?n
zUk?h)8Ad}f7#}M<Q)%c?YhWXG^kGi0JWKTkm=kHE`3$+5Nc#GA?+)&(eu8Q$wuQ4;
zjPCl{>tc$kpF10gyF{#iWFb!D{G?H*`$YVyO+e34rk8ipi76i;?(=K^EvYlrrrDmQ
zBWiS@YDo46Sx_*_cSnse-EB;y@W;!JrP&;?S5lXb=twrsJUVwJ5#tJ@2L0ye{zaOK
z1QC^wvG@SGTVgPoE7$2&Y<Ej;YVyZ>Th0V^p>8~T&wF}a=(irVgexbc9<{(vQhCS8
z)ZEd$^bNHeGf$agZ<CMeY3KbwE?_GQi>_LkwFfdCSh)lxi7eh?WPBZ|ml^EX&3O$T
zCYqbXUZ~!Zja@?YO&Snc*i>PL^|7U7H8Efzn)>(1!7v&k@@UJ)O<d^^HsMWj;H^c#
z5lX0ghyw23Me>1m7$dIE@F=wU2(<LeFvsG7YS;G<3K`frZ3@wukI97LBn&lDeY)1`
zrN$U=7KwYQcn4sWJc?I@ZSnXceX&24g=Kbmde4VAx5(NV`0#j3Fes2G8#`#~C@WN?
zCrkr8m|gG*Zia^aifD3n1eqNX=gs{|E1wej;6*b2vkUSyFxZ`U;JBbP1;1BJQa{5J
z0h3{m6YD)5iRQ<NlOr{sGy6SY?SSJkz1xup;T(X(2)gi(83QVfamG2^zUPL1OmYXk
z$m{{?$=swX**(OA8kVgT5H2*nkPbk~Z=$R4$wY)gMQ=ENEsnKxA*<hjg*IxwsbUQ-
z9X8SyAC^x=4Ilb2Jk!f?ga-(}iZ=ImXULQHHY*%kBuf8wl6Lq=wpP?;FE{KyIAZhg
z?d<^Rs;t7(U*IUf3;gy8C&5jI2Vx&AW)iu$vnAe;l34;#_5N2ky2{@Mr+HK)Y+dA;
zb+QF0InU-rt73QSBj2d2?o<5^g^(t_&~UtVOi(H5=1!hc)YM~RQL8ekrg}D%ce`aB
z{*2N^xqY1KgTea{<MyF-;C(Q48o?PFH~;MW65Jq9xGaPXZbegASE(I~xn#&0Gnkar
z^R~UFhPFK>u-Wil3*%G9touk}sGsK1c_bN&+;&vGmT6k+uF1my?L+GY4=!>_crPHG
zZvnMQa>`%Cq#B(LQB9Cwn%X5=z!js`CMf$HoYVZdgd$rLE32ASg#T*qQiPL-&4g@&
z=Wi<+lm@2aLa*@8I*+JBFnvDEe&nf6q{g_rUe)#?3Z5s-nc@zggFK4IAsNW?urub&
z%BBjAJwP&sc?B_54XJ$kXv?$)od*_@wxs5o(FE_gicH=*G$*RU<kz0HFOP1l<eq|H
zzg2SX)dHzeV70{*<kv4+%+n}m-)TA^*`%bw99BVRVn@<F=YH=3e9+)7mqYj*i_Ih=
z`q85LX)}vgWqbCgND(EjdXB>+RVI(k2&gjzG?uFxH5Nu4$d?6J@DYvIj*Y%_1)ll%
zBf5(+?M4_c#-)Fki-QbMwi0=sOc`f4zw9SY6zC)B3pg;lgW9~$PotBBxd9e_w5Pc_
zGNR{ORu7kEbdlgto4x*bZ4rqyRcdE9)znCWj@)Ytq}MbpP1(K_5=CGVnqoDDKWm@Z
z$Vo5LwdjW_5!gwh*}a`xD^7+-gLv^tMTCtDy4qJy;M%x;jvQlxb=$4Le_tGs4$oZh
zW>amUVVRey-#q{75i*;6sb+jqyBzxq4*y=Kp*X+9@0N3Az2h$(?7Q>J3cF%gT=xDN
z7@d9}B3o{M-G5=^8xEB<c9k_q?GXyj-|P5)UCf@}F;byNRcIXV|HS`B{H?gW{Ew6W
z#R}>6Z|Ap6@_!@#uV3I7kb`swo^bmVAXI~ZpN&Y>dMlNR-ao&5@pe0U<!rv+lebu9
zHsGJJ*G)mb4+!;ycxW{TR7HSF{LzXQ-L@o#>Nic8gx%L*1B^Ur+o4uVJEPbTB*sZK
z(|=0(qhNnStpxw+sl4qo2W3!WA`2x?vMrLyYgIyvm}xIqF-}u-hXA<$-DOc&^eQ+H
zpQDCz8fs2FpoEyBz=W{hViBH_d~wLf04Y1bJOhIxkYBHz$NWZ0XIS7Se{aoa^lRTv
zeu5)BfI%@SvWQ2`1igG%6&RckeBpdF)c2^AN)d*OcT=ZC3c@wR@~a_XR~6w@U=*;N
z_|)6KY8_aN8Ohq^|5w$g`L*J98fNX6y<v5rS&?hmf@qQjajo*qz)Wve-C4yZfrJ*W
z*WzK_5NTfL=i*xExz~p^!%3*iSah1M4N7%oIQ~l)Z;bgJDL9Sm6X(`tXO~A;b__kU
zxnEW9J5T8a0G3eF4QM?!*vWR#>l`)_ZzC<428{wM%{etxvT4SlhTKv?xTWKJK?y$u
zDpUqMV>R_Z6ZSGmfnSs(VpeIABh9b8hF9Xpjzg^W_`cizNF;N5w?`{13K&vbYP9lG
zrK(-91E~PN&S9ULSpg(|L%{bo(Ap$x&+Um%+vK=Cu+ScQ(93<C>DBJ~6Q@U`+SUb(
zifrR=Z}dV%m_j7iTR}Dc@hwtiiBv0C^~s*z^?`~iCEhyVAxWNQkxy51GNfMQvdTnN
z_kO0-K#@$}>P*=gZStVhQBJCCx27#UKF<)@49dOVFhO;&?ri@3A~oZqKUw`tz|XUJ
z#q=?%>8ylMyb(bW`?GCNVue<VvrL=){T<UP9a=exn<Kzgo{ldFlwA%#Nlgt^Wh@+3
z*%TCptFa1RbHQN^Ng9!Ov-1;@j5X3`P^DIvt{)t<uqd;Kz`?u;tDx}QcLv9!YhyfT
zwI=B@p%^jaoL#Gu96-s(uYtzUf#3F42e;qZIJAJ%T3)o%FLOGQoJ@>v8JSXZip|1W
zx&sK?wT<uk)>p1Uus18uGh6eF&v{AgHQakCj-gaIwQJ`+$S4wncsUDBwv&pqIDeK0
zktknKXq2=s(QtpG7o10@QJ7IRcKy92UM8|OEx%i=M>hhTm^%my5SwT2`7UvMjKA6l
z(ZGRMSTwXp+OSKW@!ruayTx7AW1sQo21@E_z}DETcQ6aabCs#cv)?7?aYM}(V)cv4
z#y_qd9jrxQ#vflwCMSny)Mt2FrM~dOOxs^4=OgBwyh-CVaHsDR`^?VVthN&r06+}N
zX>!fKQQ14c2@0aEfKz~SE!4{&4al_GearF@i#)ZW2qSO3su?m^jb^lAsG+0>#PZ+r
zquK@5h=%<Rmskf?@=Z{4*YLj!{wD|MXGmRh;@GC5c7g*RFoL*bimuIt2YisLpzC2|
zPvwTrlj{-d=!mwhPn?w~r&TWAUWiYcoXl9p&Igo)Dgyu8um$V(pL0V@z{hjqi6o_q
zd$PWuVFHR_r<szwx>x9pSxvArz0O=^rj+vJ!#^J)$<orPtw%{Hnj{uL`n3}QZ%^hw
zN0%KDuDgWMN8b7t6=%K$R(sSv=-U%Wz*3{5C>uPdZ-CimABCEA))v2Tao!}4iEzQ|
zmEdg%3g&oLX-_VMvBMwT`#EK9EwLY^s}e!DL}^^x_t>#drM5`q9d?UE<H;NBqR=@h
zv_VVRUBAe$5XB6^2Tl&lzPCR)<N!Zdu~P~c;b0x}!reivO$TP3r_2=~O#rFHN2yqM
zK7#+0Zqg0Znmg?r)$8haF_~w6)CL@XN*@D%=z6|ZfgJNrLIlXs7%)uD$^G4npS(K&
zGCq~^SU|(-t~ACe%bdFb!%doI1C*cq*cs_;LCGut(3^Q5x9Y5KoRZ4YFol2u^+OTK
z#qf>W3fHD)!4w>DhdjrGWlqx_@-#XFCj3{oX3cd+pHxq$A|HjSqc)H?1GhQM3ZSld
zf;3D#4^z#+%5f&g#(e5mwOB2iwsvS8?{h5hJSb{cq1(PqFkoD2JVRgK9Uo~-Cro@*
zr~9V3Z=bNMo<F!mp^p;lRvqr5=e)T1Jm^l9F5SOX=ik4`5ihG(<6s)9M5PdQia5VK
zF!<LNLs?n_ILxVMrYXu<5CSRs2stn?=c5dqpSC&#_7ojd#y4wf+Fp7Q3gm^vA@xL3
zrQxl4YzJgO@`T&!{7La9oA|*G*Y+dwLIED{xHY}*JQ*E4`zUGyYb-Sylohoa-kn|R
z!OUFpm7aazN63N*kb@@Im??L?e%Rr1Q)0O+hL55e`=nJFM*QfLtkt$rc4@K)OYSBv
zG*q0Xbb8^UE8ki^WE(YgF$0A5Zr(xoW$4{d(Ch*<5M}|#b?*Z5V%lR}5tz~g2a+ek
zSAgAs^%JIGvF0RR=6h^btEcp*DNK;qpMnM)npu*M*w{FfENf+VY7y;%LfM$B4_^dg
zI>j^!5*HKfl@F;aY}h+I4Tx6TOavS=<(@$5-?Bf!zA?}4KU!#a1e(|aj~2+f<fW~r
zK=X)yqLsrX>47unG0ok+PxN~XjkF4#tw%<V{{&rUQEP^AftZ4}mIRD7^ZVe>Zq*9w
zY29aCuu82ZcCqbKQ=f=HRUajr-cf%p;o;d^VFjKvW>mqRx2dZZyeDp5WThYJk+U2#
z-9F9=gfqKQ@bO@~{lv<#E>E(Js_20xDYcL>@Xb1`$2mHvpgDk(093=E`c>zHef;xY
z<TOA18~=V50E=#0w-ysipn2Jw9@Sx!o~tqb+2pSi;dFgi-nDeHU8<n}8lwV1{%kpk
zWLP^;#lHLs{fSRmwEcz)Vz<-`!KU^tYSo1r2qFigW<8fLrDi)l=y<PrzZaBzls_@W
zWcf}9QUTDFzIIyyPg-g|#ozX7SC4@oBK-33=8z)PSb3=8m?|=b2qg(-X6YRiPF2+A
zEd}fAM2+bs{d<O9Os$2xB0>i@^3O&x1CEzzN8~W6-cQ>t`!)5{9x$FV03o?ag^st8
zt!8fN2F4@ltk<J@fW=F4axbRnfwPpH?@*#u`6S<m&Dk`N9F1#LSYC2HoxJC}6mASn
znVPn}%LGJKa%Z(!lcQNALTOzfcSXx0FP6$xZ#d+eDL#r~PylNOk^)*Y!$}2P!8tV6
zK)pzT8nZ4dm#J*0I7}EoLCJLLQwZ1fXHPNlsk>cIw#{KO-3f_bZNww%y@vX4xm8~J
zfg_9N<fQKhDdT!3N1*%THr7F>knIe_^l>vHgfk;5u_o1yj@sJ_uoO|^plH%5;^`s&
z1vc^iCIt<`S6-}NY388$cncrrvvAYsYtAk|eykNnvzDCS1+H0^XBWPNjrs@hrFbtj
zX3~@Nr6skdQ3fobB?$}>0oxi#UeU27YDv>xXJgq>@-kO}FnxHoNnX-KxUKn6L{>!5
zpqI;O7)sEImFBpHq+n~Qm%Y_uXjedxC3&z^Z^8=`IK~O8X_A2O9>5+?t&W8H(!g%p
zF_nkR^(q6^8=g-Jj>2jV4gK$GIWD0onGtVe0^bAlFI^K6?{?i$%)+2-L3cM<se<9x
zU53>)X_}9pT+ypW<Nk8eUpj9PU0YC8@8t?r+=l!y^>1b3mYP8c6+!;*tu8mzBEDl9
zqRK9JvE_xC4T+{;nDqz@gnEB$_C;9xjZM0rJnV<AN*k0q8Kc7fd)8<1+C$gdtT9WE
z0SFZTzvLdJSZ5G=PVH~Qg@7JI(-Py9_wnXKLbiD)9!apVMjwK~7XSFY)^}J7>KM9;
z_Gco~FboU(Bzh4#{Gy>qU*K&NSh2O!!InmXRBy|(P&i|}s6~phJEBy!*W0e9$k5aP
zZGlxpmgl8d*k<Z>|8fe8UvutwF)Z62ih+wJxS+{96xdneG#KlLWLZ1kikcmkx;xfu
z!h<XjDHhg+KVQNDW6<tO0=3IDU}`Dp3@6ir=u2Gu6ybUkI{>J)@N=s~v0i91#ycEF
z&NBG~z0lUy@y7pFiAB<=!g{>xS^6AL+pGeIPxt<Cy1QK4Kg<1-m;kG58~hn5DtJ1F
z@V+yJ@IEt56LlNCojiO^apAgL$W{Si`Qk+!^8W#QK!m?yjZM6kG~C4=SilSH&Y#cm
zM@T_~wb}Z%_cz1nL7yNs53y6D2gb(ZjR!X7x!xVS)SW^5=R^9@oRSr3-8-j@*@?mp
zZcHa;$!#Ia2U2q(9duw2ufQH@;&Ci00N8Mi=BA!Nl1iI&HB_e}%w4mB^0Bz)t`!y{
z*cFJ%EqJcc-kn<7R!<vK`%9KB>;p)0W@=(q%uBQAl!-)}>}amez87~8J^&j1awq7P
zXLgP*3R{G4gmxD?z_g={l;zuPQ=_Z;5{)S!%?C?{m_y%I4I9SR4ThT!E;krVKgv%E
zQ)<PQCecIRxqCG0FD05h7Sp>gw2mZ8blO?Ud@-;_0`GA}Vy<NFs&M&pWGbiCE@B7r
zW|4Z3ZY$%Mw3Vbt{G{N*SZHA|XfPTw7z-He98`Kk!)bNHb|cdrXw5z;eEF6RA+;d8
zy1yMXh!K^B4V8omRnod<m3U76_t}TveVU*D`Rwe6r}KaN`|r*^Ea1a$&;NY>$^P-X
z^YgQ_AO80G>-Sf${?5-o{UDm{4gU4%><9Mh?}<dt&;R@{BMmwTv#Bd}euGCwo0p>Z
z&X#_J;2?_WG;#$+YMR<JEsjkER@|B_w{{dE<G-4_m$i->_2eK^tvw-+Ywed@YX%E{
zZ?&0Fw7u0f$}O!#W%(wEMUFaGL~eOq8yl&|rpJPpdELQHH+urIkSRFK+cG9To_;K?
zqn26{;oGtR`3`f~txN=NmqpuZ<1S_&Gsbe$gt24gbJ|>iA1hWfF`R4VtlnSze&24{
zRpp@~t~HVPo?f+~0CxguVh|3nl2r&&hAVRV#qT$#7?#zOKPt9v3R>x@t`G)={Af1I
zR((>Rwx2ei@=tf4cIQ71kUrb;qTn`!(*C>UqNyQCtf>^q=}wV5#%>hZF<PmCEEaFq
zKmBAk>-nzTxaW7?=iK|e@jh?8&&vN^o&WiKe}4zKQ6-z2T~%zwKStD?_j(BR-K2!u
zJ2O?WHCIp=3{bK+ROH2Q6@e9I<#T1>_KiyS?WHl%8dt6qgc8*(=OrDA*9~>aH~ozV
zLJr$Am1{+TFm#&1fF}XbV{VzrneYq$4%t4mTHt`>TT?Psd+`h=DiKgb#`E{WB08+{
zS8idaD0uxx5R=V%MhfGLz|rd{v12^z{idhvY7Ot=&C9WTjdYdgBG4Rcw);i%^HEXV
z@IeE{r)Gqb8@8L7kRoD3W30+hm~w(_&@^PP*28`u?P}EOIWQbIZ0E2IU|jSUE@$2i
z1s1iAAza>5u_12MlAG^_xndBx0ZT>q;Z&Kr`%<V4FJqvB6uet<Wk=tYg-7zZ{w~Fg
zypgs3=ha89BAIG>E?-Kf-pCs6zW3l@(~^hAL~0lVht}u3cn;gm%Xsx-H^f|#OF?91
z$G~OYC_~-{kOah)a30;I3Agm<<FM*?_#@}PDm>(!W?&P{`2fE_1V0pD%57;!sz-#@
zY`te??Ot0}tszV_gu0egzhzPx)KEc+xE)}e)y&<nKaQOM4uo%hk;o<Q)yU7c7|Hbi
zYW56^=>NkUwgtHux1Z|Ef5K#l`NTC{E$#oa;kUFfaWPa7h64NuQMuYXEobCzBNh6f
zoaO1{hV4#fogFf6!aTVYCl2DSyD8l{1yaNb{C2X~J7C8Y*zmD?sH{KD-=T%DMA>Wa
zbZ@<Q=)vfPbT|}{Vd)Zm^uQ;;DxAqG=VE=7sE!iV=x`h*D!7gk)#!DUsK`;Gn%cgj
zM0J#?9!#QAENdV#SBjc_jOF`Zckd<}S>%cUWICkDTWW;Xb;Xxp#2n7t$mDk0#d&76
z7O#|HD!qE74ng7y;PU-OOclXa>g!52WlFHZ1zPQCK~z&(YkWc0`gs#>fM++X&e2L0
z9<D9K?w2xOkZZYh*gtxHjO7wK`?qGv3O17E4iq;~<OLS+ohGc0VQKshmMB;p_0N6{
zh%r9!L6B#-a^)Swf`5Ja(glR*XTQ3JVIyDQU5eFfo|7dHpr7hv|4gtugwS(v0A1W8
z`wrJo^P(|Kp)c|MC9Ad^&FxEWWZ1XwP7P9PbvLi>=JWa76gGx(3S(Xzf5Z{sTGl4r
zr#Hfy3A8U(<M^~x>`ea_`b1||>T>}FZIYiJB*@Qzcm=5z0hc`#I2F0P8;kddSA~c<
z8qMx_0ShdIYTR|v4Ls)JmTbvr@X+ZS#t-MQp|-&pX3dyldP}AkD*IRlu+>e>#g*Q2
zUeFE9GjMIagLitfboOEhh)eSVS=Dx^$dW3Sw@p9mt&($y8i5yX=<V3l3Q5>%rL|Kj
z2rD;i%PLxQ8)Y!PpPR_inF#~l4hP{9BPWBXmh;NW-R=Zq<m9b*CuRMbD>yb!;Qo^f
zz}-0+6UFwBo!k>`m`q^Jk5C=k3I3WtC|tB^#6>d4*PKN&zFO+%Fa%xH)ea&e_wZ(2
zX`qoleXE#qH6ZK(=8C&OZW{m}o4#|=KVKJmv;)kQ8wl?Hv8<<Y|Dg0l{V|$$P6yhu
zmw#>&iD(@UXF7xh`V;?1ybhMe8wq<LVR2aCcGc?e?NR{6NUs^H#bT|cRdRH(H;PrL
z9|Gdz-T?&h;}(D&;K~TC?MfOu#Ux=uAyQWl63R5|+sl{aDLDg_JXj(t$_vb}rK2U*
zdeCVrOL*aqRjpB)5)(oqk238akB8jD14!Ntfr!Y1cSF1G$0^5lLr8`nN7RHB_^o0i
zMwva{^zDQ3CLa<>FURiQ$2Dius147uH;hJ?q|e~kTm_D?#2FlT>)6Up;Af9?kUbJV
zQ|ucqnvYlnCB?L?m(=wucnC{Ie5{SyfO<`C^cp|Vcw8#*V;4pWA(@I!u0B9TMLw8h
zps#+*T*jd{KgUD#eurq><XsHo<k_o>mj^}wuH4k2RRE3OJ$*T3o=Yi@kQN{<hfskA
z+x|{sfe`8%uOI#e+YYy+wf+6B?6qA#{0p|d89mbW+OAK(ZrkBF`lZ?)vCS%$WpZ0y
zRdO{5IJMV3w3Wa^CUeamxqF2`6k0|`%_(3uI*<#D%3=584Kky}MyfhE9(!Zbf2=Jb
zN~nG-d>6{b!wYO_aIXQAg5p#ytR$+U@39Ca+-JNO0h*dKx1gRr-C6?7aa+=yLZ_I>
z!@h=+)|;8}mm%mMI4V)xKUF@4s9h(fxdEa!-KcF1oMbE9_gs;aZ|oSKn0wy5eIM?+
zP3i~yO-z^El>q?khh<?W*mAcJ&_{p6MQ$)g6Gz5@2crPfIva88(TY7M9|Up3L+0(8
z3wr--Mq0|6dxzpqtVkt<^bg8O)>vQ{Ztn#Fir)%YP`a&it&i<fup={UK_p3;{Xy>-
z<|!P+T|Fy1m~2vn*b5g60d{%i%dTyiNTUwv5gu3ay3*wgX50AE$UtQngs0h&uP<MQ
zY|GY8c*a+)aCnX`C3Gch*>;J>Llw_`8~`(Sm@W;^$2GxmF}NeS3+Xu!-I!L)0C9sK
zZZ}0-4fS!XH-Wx~`iSTxwdMh6P35<2M%XPAgpYN;_94Q!Fn|;0D2BE5v#NnXFLz4S
z=Xfen*uAWFDyzp_%Uy3E-U(hnFC@u@rRSEG10D)YD@Zqh?h78AMi?`@N9C+9F<E{&
z<|~3S0nW@-&_-mNWDzQ$-aX7@4veMqnNV`WDghY#72UGhL5`1`zaA&s7R!(!=^e(<
zg$}gzV4LJ-d}ks3AGjU&N}inuO#t@{@GwhinjPnRe8`?KnRBQ=j4j6sQ2W)yPF148
z%`fD!h!_ILtS<ou5;p|y8*PCXjMAKJYALk-dZ;qB-YWW{Vt^+{i|dkQiK6q@udgq<
z4+38@IqVF6Cp0(y$dK&JmK!N=$eB$JT=RO<EEk#FdU=9##n<YIS)+5^>QMO~E(!-;
z(Wy#n8<x42!*If;%gHiSp~pVk?KH3}n5ui}Ec??C!qkdRg@rQgL(l3v16}No3YrY=
z)iI-RYcVOYH-BxP@JrY6Ri~DC5J#1uDC8Vtr<x`)L{EK7?nO}`lfQzhEiIP{PzHT|
zLvLA|6X(RfPV133oMGvPaiNX0ndo}Nfifjq{!zEgr{~#hG@}wy%)OsO^XeWvUy#dI
zy_o4y_21yt>KE|C8&==RDpa}^M#Hy-TfD!>stFf-b1te0+W=fu<`K<@?b$Twx(f7Y
zT$Op*3lHnMu);>8uybq3qmUAG)?SC5Y>`;uLr%9xvVsPFGytL(Stc7X3S8O=DC|El
z#4Nja4Yb%;RK4|OP^~Z*79fyD`Y|{P2H!u{cvA(ya%g4X#y0ZKRS3Xj^HIZ1SS-l7
zqRRqHz+Q)nE_Q>ld@xQ^tdKNN1>K5Z72C>NXU=NsF+@x)B^Qh;7L2_aXCM%JG+I%v
z+v->5UM$RcZ4knx!<9D5pH~bgAisLjD<AN>$y-*DA6=N$kFY6!ylrbNzh~RBpfwwS
zxy5TDl!93fPfW?-C%>^#S;ONRmln4y=R>unhQ}7~_7geoK)T(P3=<b{vEpqZ8?mt>
z((DFBW3S@hdoN0tD{^vTYxOZILPw(AyT+J$>XrV(_IM_Dfh#H=;eTdGoD*4**K7+d
zyx*Kfri`RXVT%960HkAl>Vi-)sbDdQa54Rb;+kjKa4l<Ecn~Y#yRi!<FacJ(Hl|6g
zh~3{VFcw^6{3nKZPT&J9RLI8%ifjf@TAJz>rqwNy_Z|Qdayu!^Jt3h9cZO@+oi&sD
z2s3#2E?IrY7#=UzcAP?+#U0k5irEYT)odYA0b6gN_q62O(amFiuTtiFTTbx8-*au4
zS`ld}S5SxrjIuw&Hu>x@iVj36ikNxa@sf1<*_-cw{JENRSb^JQy$EviM<_)13|8XT
z7p64#9~R^*S(##Ew}{cI#_TK*DagedZL~=6*}uUVI}DWgH507jS+93v*6j{T;(^Q1
zjr!c3wQFp|eD9}258nYnA=S<Ky=MdiL~=-qfK)ju@;NP}VC3q%7vX3JfboRD_%<ru
zxVk0GwJoZx`R>rl3Nr(?T{3X?_z55o;O<Zozk4wwe8Cp>FSs>q1b}K#(CanA@w%$5
zz|5fezSN&a^~XQyF6-z1ef}pCE)ReGXiQ)~_P)h~EkG37;OgxEXfZEw_|%Uk_X`wQ
z@L0sdU5T}RRt!LSYCBO*ztz&Zfb1A+OBAw3!U38HQ>Mr141(i6(rsC=8L6ctg%s;^
zz#6>}gni@+_AQQSpw6_hdqOKLikWUoKaU9e^IIY7-`eFIX{dd$mW19)ZVQ1!IU&s9
z&Ru@Tj%>NoQhP|xzP8NB4W~kL$+D2y4a-e=O)N8J-*ENai}2bvsu3EfA>l$R4s)Bl
zqz8~IIACj!J%`q)8?%{P)*FgZKv;Fe)I}0zi#hPsu+VIKtr?*E114H6$QxO0X;Byq
zTqCxJ4PQ$}1k0FGwA#&}06cfanGBjY7DA!|N~i+}f+++Q7RD)AR`P}kk`;}rJtW>X
zBeP;OpJP4_*wajgTSyGDylG2wSTTQV%dOfnA>X|qbX7B`7^{bT$wu9J1dXm(1m=SP
zd_66{&d{u8EdPQRfw+kj4;*oZr*I~7x9D!0YdTi14)$t<TM}C%w?qq)H%#3MK^$D(
zCJG24+#_TmKEPN`b<<iy!+#>+nMnz6S!GIP{a`(NVnpl-;|Lmu@sG8o6JQLq;G=3L
z>hIdKJ={b*u$ZWM<y;#C0H<Mi8-Yu>JJ1n|7%#!<Hd)e~Lz=Z2Ny8{k&f5{48k2Q8
z*hMpON}8Gl`os)(J8hA}i!;qlUdudwYhN1n9&MAXF%4LOR*5%6sS>hvm4nUMVtC<(
z-X1PvmToAmB>5X`&>UVje>SfB*ee0d0Ix(y1OMg_uz|fa2SQPB>fE$XwvJI>qBT~~
zgsw5J8O(F?+m480#8g2`wb6nH;uxMO^TonU!s6zSFhkwjL#{}B{dP|xIvd;@=P3vt
zcsY3-3O0kC%GNP#3(>(qnW&bOiQoA4esEPF@+zoXz+j#7AlO|3MJrulzN#4X$#&nE
zKor|#%HC=U7h;El_|jV_o@SRolN&8kAHUvmb8T&lx0gIranQe7I`7yDgYP<D?NLvl
z>E7?R5{}Xi>4gZC3>xTrC%x9<$arX<T#+D3X#cABTGZyb`=jXHGh*-euk?d}fbEV4
zl5qQ1H^B4i5(6lWNfP4;?a7^l!QWn(Gwwue9A5to-Q4Cxs@<LQH*R5qm#mF(teAce
zwmv3V*z2oqJobiH`MjhM0ktccn)xkHB<ZlPlkT5%`VffMK46Anz^uX9_#|AV6PU5&
z&e?f=jNZkf=h|yOj;`m`{Oo!ci-v2jIm~jxZGrH)ej}rTK3-FRZTeS-{~a##Xy(~1
z7;glWk!nf(%T-S*W!V%q$J=3{)Ej8%41;VO*jM`D4$wIY!R<lCHX1x|k+!9yrOW)w
zy}o5!<V*l+Pi6ZJ4z>~HBH<OLke`(ve3O9Z!nJ}6k0sl<QFibis>uKt-<aAgcj+?h
z#N}t8x0u3mxlkyoC|a|XnNkTdV2&k%rU{Sx7$pW%4HF3(kzrUqPg)YDpL+s3*bWSw
z2w!28N|Gu`jHd4v#tft92jZ|ynS!rIW4`@sNwb?fTIC8VIMA9ex$fc&Whr0q5vQkh
zQk;*yxadoMUU$ivH#U0`VTvx{mCUkMr?&guV#j)@rAU!eaNf3PiPziDx(-nc03pSq
z0K(2mJiGR#$ARH#|4b5AaYBZB?@2)kkcD`?M_(y~u2zf@zSZgy6*bBE$`z%uuGmS9
z-J4*od43P&S-oX|Mo1_kkRn>&$u{B|QF`RcmM@?6gzjXjnpx{9_W0~f@7Oz56#C!$
zaa*+*>NnQ(gn9(lke7f8iPu?P$+9%2`0aVW-?oxIK%7}j*Te}k6~zHZj<Bkd6&{WK
zW~K?io>mo}dW>^OAJXBew!eY_PS2^U2a&QB&i=w`dQQGoII!+qaGur?Z99RquaDbW
z)TnST$k|0vZoKz;nr8}SXrf&8#-r2b7nQ^+;6U_Yn}5_>k9zA-Z|z?HmGxFnvN^De
zPAcje*}TpkxJA80Ly%+XBt}Zm7U*d~6!_g8-7N&>0&uamR`7TBtzTC(7*g+FZHXWk
zt!H+<ts_0T#h7CTFs9Ud`cxU;w*EcKSXn0;)``D-7UY_tiqY*Z$z|5KN@<ByH6PAd
zO?jc(Gw=QIDVs<#e6CG3f)gB0?`->TY4r)zOYUD?n~h)Y&xJkvQJt}xl${2TI1r(J
zAk^=|>3;RGq(bZRUr}C+N7eh6T^6m=1F~6E$EQBYuQpsH+LcGfP``RZg_g{3xolEK
zz{J2dHA)DWWWQvl96yrFXh}0(?@WD+R0SQRkeb$wYQ;y8J-`Y7fKFOB;}0z*hAPtb
zuPNy4d(VbL!@E~%p!o1p$>%TmJR^F$*Fo{U{cCas+|+Y;pib^DRuQ*<O)}8OD(3dD
z<6ii$u@{mm^xkJTj8*JSr8!d9cesLYs&t-Q=Qk}vfxx1kR`)lNY_~e_uZpEixLJ)>
z2J2s))$0l|VPP!*9{gv+svV{Y8sQ;DNR)bMDW0<mR+{lw#pU*C!bVyRv0#@IYKkSU
ztl`RIgEhtyDF#ZS^snR~Ix?|RSt3c&uV@ykT$WBVQsFG2l3D+nw!rX;R66Tl>6OnW
z5G8w6(jt}6`qu&HcUq;i{*_ueZBplZRn|r-sZAmosk%0)vReN-Xt3jz*ZNm-CALWe
z)2-SzTA6JU%{pGiZ5)(uoMb{(w})xwUX`~=WWyEVQmel0QJuo`P5%yAms5hN?Uim$
z!z)xpZvWm$sj~hxQE{8v-)I%O{&gQ+Z}JRIty-6?+jVN&MXJ~(5{=Zl8?0)VNII?d
zovU(}tfVB@!b_w$wIpr-dMu6Nej$g(68WN_=oXl2!R|jl0F9F{I@cbR*3o03G#}c;
zn(5c1B*0AA(n$Nll@vU9Kt~CAd5$UK6v9u!0Dd<_(#zQA%8YRW*)DDkL`qy=lDy)#
zkSyIMe8|eAj!yGjxO{7`I^!M`Z&fi>%G5y1!R{N0VFQS7Hf*aVWmA<>rL~!gz1;)G
z8k1{eQ|mChGi@KhG(du$P4m3y!pRsHM~j`2;(V4PE1-u%Zo=b|n~CYSr>7X#;dz0y
zI^n}ormfaaHz8pd0au_7Sr_gzQB@sHnnW;>rEG**!+8`1-Cp65)cv-()b7Q%Av}rB
zu(oMfSj5U^N*j6K^O>z!Ri(0l<!+cewZ*rXt+JeCRTv)9UX&>%S6Frcyk;yZluon$
zRe`y<W)!i+rOBW3+;1~XoKK)?3KA094xb&?hdWX5-<D;;36s#cejM9y{M_K0o8YxQ
zC<JZt+4oxJQxCiLK?f?`!Td_zIeb)VaLCMG@q($Hsv%}Mh2$2QB8GSOVAqiW0<`YK
z599$-L;IkWzl>eC4NOV1?+>v|2z__!Gf`4V?sbx+8&_KAFdL&kC!$@C-jIx@)0vi+
zW>H%N0}H~~!%MoV<d)SNHX7sL0V)~0HKU3%Rg*iqv*2{p6=DS=uSJ3$A=wT4Z__(4
zR?t%H8K7w)#ai)vjHrX%a7ZM*rF3u=A6oM75ceq+PVnOD(mdgK3y7Kc9m|QzHf&2#
zM+tHSXCOs52Dt+3w@C`RW|bysBW^M&Zdp}BaLHQmpMqyJw!lGwfC0S*_b+5+gQ$mD
zz*_V-xIB$WqHRru183Zt*ES?CliO`0c)fc9vWGriWTl?u?3NWz6kpG2m2G&<GJTFb
zp(UR~2L%{>7u!4~S|x!KghN}q^J?Q+X;&h4lVk(J-@UqiADmPp3;<IzQHHH4yq#D*
z^jxekL^!le92yf7Io7+xV~A_LLN!Z>#IT_Uq?QZvBIX{|d;;Nj0Eqbo-Lm2ZRl}eV
z4>_$60X^5#a=(d<<H&R-_m#o)dTnu!ox#Q-Ay=$mw}@*L7&s~%t#@Xk$B(Qu$CC$S
z6F!^|u^}d(mOUQlf$N}mp)p`bP^;^P?SdsB?6svOXtECF$=@B+0W2Bi#-c{Vx+G<x
zuyU_7$dVPSE6#2iq1BSt6$M~SoL4y2VkTW%00$i30I{j5wpF8S4v!JqP<Mz+T`uFO
zx2cBJfkv@vzHWHVo_I?lEKes|^NIvZ_0PDvUZVxtu-O~7Q=V7XNf~hz3Jba-t2Ncf
z7EsA(&DOHgf1asKmS!$N(l~ch5~2K>?$GS)L==TF@qob!r**4SEAs|`>5h}0xE65k
z9%LEBQz5$ZgvLSR4r>JeXT#bOC@#D`*5OM}h3X=0xifx7Xi;xuv)*8GacXe#mYS3`
zLhX47Rw6hGG3^L5=vwiLmYOS9JZ?V(Lvu%(UAU|eEPlp|9SBt-H_=ttvuG4P&)K$=
zH7HN8Wc?5$6e>9uID8Qiw(aE(^Qo(gL!pfoXO;R5%xKC&i){FW)fk2@>jS#CLbgS~
z$~Ls3S<Nc0YMvp2a9pW33j_5dKoQpSyOGsHT5S5}IZ$f@!<r~0q{4|k29((62qTu{
z37=>yh<SfgVZ$B+GVB+C3!4fR=3_a;B%>6Vux^58gklsTYzP1>LNg2xmIVG4c|*sL
znh5+AZS+2%RRr`aLU9jp?12Ekrh<I|lvlzscrc)^322YWiPDdgB>nIS(vOiGJtZ-E
zLdx?5J9t{E^TaggDJi}a+M1TQJTYncQQDdo`IV4FnUFx49KUjC?8*eFtjB=KdK8GP
zsqk3IgdYVO>k(kF9s?3<IviF9>?%S%847D3=qe_2L}0LnK(1m#5rV)P1-OdtgdqIY
z2)I>B=VQ=Uy^w>Lk`af!+5@$Ui4zgXs}Tt)CT|7cu13JDVti!;>M9M$Dnfi8<|+-u
zD#l$roTDiKR<S8VijM(a^%%faj{sUV5wOaW`=fej9IWbIlQs@iwGTs;#9U(_Ra4L~
z(gCU*e!wIh>EXbs4vq>s>RCrU>!@d?wlxv%>2aW*Ccr#RMru!ocuG&~NrHFk0yia4
zjX*mMfHox%4Z%7M0yZVk9D#ItR1m`d(sqSJK&D3mV|pYYrima-sr(`tfT@L7O3^dZ
zz?ZtvN=Z`NFAThtE(N6mE*+Y5m<%p69av^EsLW>#D06Qxna2QC`fLG}CgI+t0x2EW
z_^)e?KNMKfB%mY<fs`WHB!MJ(@J9(W;{ZwH&_@a6hryA?VUH3>ezvS3wKQT97}5bi
zNO5!UbP%NUgMT{s(Ny3gHw+1jBo2C%n#G<BYcU1J$b%<JpiH6=MtjgiNmTC#Uo;iE
zXaa0eI%LtbVI*Ltn+jJn8RKFqOi?OCQ3rM?xx=IIMEj6K$uu7ZnrQOCPJ<*$h9jDY
z*+pVdL>>l5`m!8{A?m*?ndS%t(J-t~GSwmYp+QKYWQzBK9-0U{bO7YgH29q<P(!IO
zLz5te4uD)q>Dwe&p+hyFNwYH*O2~i&B{U-uMra=(D5Z;02%$bWP?{+@1RpdA43t22
z7&_=);?zS+(}xFBO#=a%3;@)D_erxx{=(otiJR|0(4PYUf8q+wWU!w&s^3JQp9BZW
z<AD4;JiyO%a337h2-zvXKBKTbk#`J(`a~dmqMNb{=#v1~6QS4x^GSp1NpQOu8&EP#
zPlRMYODGwlCpw@A;4=lDC)#^H61Ox8%@f=H0NgVTmM1#xH7`D2NS?=o<2g9!X3|L%
zhu}E?ekZPGO@iLBz&bHDb|2WCNrN`=yiSAKN#HH_hS_<rEKk_L>3N=I#WH<{J?}+*
z3#LT_&Hq2QG)kJ)4J`~=%#%!a;kVO*AU+%VpnU3c&!*Hu0!+6B(m;M6o0&t@-p*`(
zk8w)gfm^YR@mr>*L+c^mFj6WApKvgCdt`h{$x&A5SgPA&+Trpj%z@KCn)nZl|4k!l
znyICtg4HHE(1$VDP>~l}+={7~hv7b)jLtYhd8o8tjiFdO#eXs>_z>R7Z<)|rYC-<S
zOgwMw7?lwJrD`g2TIJ+#ZqHdK!%o!nqqXWL86LI9-lpw-E9PazR{SI4r>N&-ZWRGC
z$J5Qku*Cb{GLZ%OEqT$XT6#f5XyI%WJItl%S_$LkWU3D*>?76m7Ma{W+3w~Uyw-XA
zKAc48UX--52}VnK>kK7xL;!ICLXB`Oh}z;H=cL0QP4j`0b;YrqH~^P8z~=@|TCF0R
z%u%i4F31NlxVMvlN=#t6T$y#|&?{jTyl`9a9W3NaaaGB6#Z;890el-s-yqfCKJYo4
zs%Zt_P>TO#j+!(@nmd4#d09}w76a}4it<7q*3gOsBZA*Xtv#>cdHt&WhHG9L+g_w*
z)s_odV5Wg?;v1PWY@E?Vp7+Kmu8;N_0uAMYs|~IqH;(QUk4CMnnhIF0d)k+PiC`>u
z3F$=0T#t2xV%tq`t@Kxe-WHnA;~Gfmc(-TW@$5|Yq~X+5yVGr3W-y_8(-@)ozM?__
z)C=6MwOL^jm-?;6^fSY@Vta|N2>V!4l(;DfWcobWYI)2>7tVdjG^4TpFPWG9HMsZ7
z+iZcS-eTl*{J|PRPyZfy+y5dTPR4o3hm)V-bvW*i@~XY9{m5^5<dN&I)ek2_`L2*o
z!s;2}(a_kAeb4YQbW(6BKs^>(NrE0(Nhw0plcPQea^bT@Q<}-h&3dyWVY0)Hw_(4<
zjx^#%$UEU=7tnrXHFVO(4j5k^hV5p=T`LqC`z&CCP)vkgi?}z%;~-?-RU2Roz-t4Z
zSygIrV_8I_t)+JqIL^|M>Sn#}Tz&T<X8(fDTJSWmAsYez76eu=5>zRfaT<??gSoPk
z4<>Kp*e}Wr^|FYa2@C8_aqC|&Qr+6K7GY`fzK*MPMMYE4ka)Sb%O626O$tJt7Jxb_
z`1G?4JiS-YX+-H%q^@XoqdI2ws4i!z7(4fOFO2<AZ(<HXm$;FSD(6w<d`OkE&1)%T
zrPm*1)^DSs1xrQ>TCHt<jAyKLM~+F@GpY!)oH(`?e3`-_>Y=D@7uP=<S<{&bC#>R3
z3tf~rPy5?dA2RwJ0`q+8hULl(;^k_HrY~DfrcDbi)tfiKc@7;W87;B~qX+T5Q^(fJ
zVnPT@t}tJU<+G7qX!#>T)le{yCkB^6$hKAOoOYzd=;7s1RLsh<u1wnt4BMfFmgt}n
zDbDfQ1im0pW6M^95@^gL;^fmb2^6KT*b190YU(`_Av#gi)UQm{!IMQzD@?{`D_PWR
zg~<rfiK6C1q&+^2sA)&{C?x(0g+!0<cJgx#UrRj~%*JX&&Z=Suu{S6&J;(x+0@uzI
z&t?0N^(kjf1>s6B>@T|2t=}unI_%=S{JyqCJnJSnXp)SsIl8tW9?Z3^7hrOV7L)6m
zYEkGkJg!MT&CX~I2D!A2v7X<kx6LH#YnijD(bxy0d>gBoI3?YqpsK#A<dVJTDfkt=
zu6CYwup9dG9pJbwlQPeUiKsIploIy4lGT>h&xt-^=K6&R&rFI~);&WTv2N1AgVQC^
z8KKlF-fmp9!fA+Uc~OhGT7X1zA_gnN0s2{t-<Byw*V6~hJZDF0(`>1jSB&ORPr>|}
zG;Unv0J1OEy`7}z#T(0%;hNO-icuA+12oced<-Mv5hWih-n9iJlDbXx{Z&09TbgaS
zFy{!G2lNn{h)58-)(Jwd82}Kcp@D!<Z`b6h+8fT)YTUdw+NdHY9fo{js(Khxw0{yN
z5gtE5>>2UkQyvRZI*=^fJarv~kDvFuGI9Ipb$Hv_jP%hHCcQ|cJz)q^Gj!%@F&`+f
zCPk$rr#-~tlZ>P^7?e3Nv@b@gC!9t4=_f!8ha=mFGB8m@^N$I7o*Dtx5Ht~heWXtv
ziJSQE*ks61;P9}Hmtb(%*8qn{!0L7h>ma(G_hXVLO#SQqfaac(krwoX@Vs*6MPc})
zTN93lo10)F+n@7cs)h|~Rd8F@aYj5ziN8nO^Fw9Ur=A1-6eXBY?oXuMnZxsxz-7Ie
zymV<Hfe4}ml5<xx*Zyl{EbB2G&5}qU?g~QUMuGAO4TLH;V$14I7TXML`w2v;>LDWz
zZ*!N#kig_{AX>M+|8ZbArj&@q&0)L0fY+=TMH8L((Y+?+u(b`bw%`rbFM<%N|HPaL
zsvC|c{W2xhu$ybOAnzeiKo$nK8RBVXPIx%9IIv(WS0)v~tL^Yc*6cZX!|u#JVTrMG
z1kGk`0@td6jjuPDYPNof%ni$K5-g$w@<q_>>)N6@(~9!KFA!Di9=4ouO{+CKRG=Vz
z?h~PAxKhf5CCd{=K8bo9h=&xJNs;m5mnb)oaIhwdjOB)^De@lN-#_QA<qdxv6Uu*%
z%#7d-fgfvGSU=JJU~~rHa@EiAEM<PGd<y#=9W~f>NWVv7C|$mH^g!6CYnp9LY9jsu
zJ9~J!))Y&rLLEwk@&^-7#mj<`Ke?>*8C$JbR{uMS(rteF*c7<T@ITp4|2{OSG1&y)
zI=1M#)lK2n&LPH3_mGMn5NPv)yb8k4qw0>84{1?!h$tgjdJ~%nIZi7^-pFe`HBG^0
z<O&j++HZjQzLBp!vaG2`MY`zP4}jlvk%n8a8|+^P?516!7RF|Lqe(NKBja|%c5MQu
zf!M*K3Zo?5;;|?th%fR#P41T5F1f(Q87qry-#SXvA`*xk8VAifbdY1XJDrh!n~1X$
z%WE?TXG4fO9z4#ge>SvOke41>8-6uP*F4;Tm(Y*h@gmP?g}!}LEn7(wFQU26C`B#O
zSk}|71XG}}q*cwcrl6IrQo1{M9@=Gkt&iAzR1fGf&;C>WL#kvImk5O#vMu*E${ALz
zv1?YYEZ=dP+Jn0b5cNY}(I1_kdz{?u*ai8^&Sqo>V`Kd=57S1oZOjz4OkgD|NHaXk
zB?%SJX16@6&llwXVU>hsC)k?SybUh0KC9Z4s;7!PC1>#1cssXSmZQjdZj)Uxv2|>L
zSU&(4^}qf;xQIe7VQ6yF%K6TgZD>aft&6>-V2;ut&m4eu!ky^BCVADDV=U9*DE_Bj
zf0R^g4SNiC&w)EEK}H%fAl9;!g<S8h%Zkxlt0;8^9N=Jq3F#391R=i6P&`<G8fl_e
zvT7sm5bqh@8I*QPnJYrK(nv-aGHzRah};9QkJl0W#!iR6@t<&ES+yi9sHR|A4=r7g
zE13rtrxON|8TIf5F~F}8CJZ!Zn7I=62#RLAWEJ>-^-!S_%d0L9NjuNE+)_U3+Db8K
zO#z8~9C*lw0ESHP-aif)<YX8~3-K7GI}HFb-FBG-`uI3-k5hmiCm2f7!5tq9)^P%$
zqX8sLAbK#A<AkA0g>QTe;Kp>w#$<G~B(TO7gfW3)0!(8MelcYqi~=+s3cQ#Mxj5Y~
zoiO;xl{X^Liix0#iDtNz)+a(JP7lOP9OuUXOne-u#OWZ3F~FY5@Q7(4bq@iIn6SbU
zZkY~)*iO&i*e*>+KY87G#tJXB5h2?X8!Q}nSO*n#kUIgy993Wx>os?BmAy^k0v3ja
z84p|Ytb|=idDE13P9d^QzmbbfZjH>1?FH2?1dn&ac5_tx@cwpMF?PJ87PK7?ir!e}
zO|IG^_EUypl&lT&_j`%s24z5vaJ7=vlIJ;SL)ZYq$MZj+{%UXH^^WQ2HjDlp=z1L|
z>Y)Mjl_Zlh59w;g>xqf<(A055g&3P)H-g4+vmh5lGzBDoglnFHhJkh&*y_fhxz>!K
z?oNC+7d6oFdNATZH@!QAm*Pt1U5$8r-bbO<$eI1Hbatup(Y%7l(VlS7#1Fy_r_uwQ
z!m2)A->|zR9(DQ}Z|+s`$l1DLFgCcoV7rBK)s~Djg55Gb?KxM*>zEr)!;gC9ek&BM
zxms~O!2j!|d?Rb?H~4W}=tjs$zkW`sb@f`S?rjNLS7R2SH$YJzH#4oerUbhc&<)!v
z@b;Wr7jj7pTi9g$Y<j<UuWPyav$Y^}8W7r}aIo_=1RbD7L2tvKSS4-BR!g*ZV}PzA
z1p{v|734J+FY*2k%Ek=dPQIM~Bn2Z`(WshL<I`l95yE@wh4Tz01sGw6<_dhZ!w5zx
z8k-eW<clX?JbCt9Yar-5p^D80W=6mJ*@Ao;rKo%IjC_KBzcBxPNj{NJgj|s;;{U7v
zA)m-x53=c6Xf&VAx{NfV0y&^&+-8l#F^jJRmXpbVSzdSfi~nh##nfaXg`x2547zYm
z?!dCTr8j83y?`ti-Pp4)=g-E=3QEx>bIT<Zs5d=5dv?C)bX|Axi?)lSbZyr=y@pm(
zv4dBR^8?EYF2wGR?xGCA$}MYt>*~jq70X!e;1zKna~leTFB|7zyk3w?0KTOyTqPVm
z&J)#^Jbngi`>AnDj7wOiSl3waiD&!&@{5CQ|68|%6U9<@zvpSD16;~7l+pg>mT`Q)
z>G0kmZiGxAXo4o5-5urP4yS7SIU`pxclK`*Iqt!KqsWJoF2DG20v;Ww&=^$dHuX1D
zfZ1+~l2v*V5w1B$3GG0x+!>$VI6(F-6sK5&GpgDfk+3rk7w(2aV5o8FN#XIA1-US2
zyWoinLPAC6d34S!PZ;O<cZdLGqY1W{maEAaMsy`HA`MiKcKHSJ9o&``yqMW6C+jF#
zvJHjW=uijD-xp@c1ItvOH9nvN=s9Mas_ryBH5&wOjJY_Wo!|HQqcdl9<R*}!L%GPo
z!+hY-{$l2hLa3$Y{y!w0@$Fe2KJcEKLpkw~#(#tISi4LISLYwj+TNZ+WPoK7<7O$x
zJhX7<d4?BGKvBGIfPu`2V0UmT22t=v2CWUpb%*Ip%MG+q%$Cd>XL?FctkvYcJo}Q&
z$<uSa$^~vCm_%PRF;U4OHN4(vr9jV!0;GE&-xD6Xik+vxjUSSGik+L20i`aj;{H99
zx`#QFh0NK-YQ+VwcUQ9DSz1IBpow*#^Ummvyd!rEhaHyQX#cOk=j=D)iT=Z_EjXv#
zQD>x9d*sAKas|`;w#0N~TCwM3PW~!|te&IPD*#{F9c81<2wJ9mRPWxwtROHOtP{@<
zrS5DSMPb?-f9Z$uGZB0l?x6LL8#rS)8c@5zN%~h9wtzsbSHPmTpXLR-Wrf=awxEHx
z$U~c0udqwqO~s|aB^KIdtAega_e#{lp-1*T1UXFI1pZT@EdZ|==K~nD6<qFv%R01p
zyycE7M{{@C)aGq7fR$OB15tm)a=bBUh(trno=py`leBR;v(7plw?=d~h#iQ8r9V#c
zgE(}Vk8c~qDmi4GkDH<}>gs1*=XNdqEirQSeS5z(65TL3e_^)J5W9drsBno&K(VrA
zPK^x4l?zbdITJO{XyHq#Ew)wU0JWvpwQ%A>fynnQ1;S{y!4PYF!M~4h96hZk%O<;F
zwe=!ZJN=@vsmYQSRAhRi^rLJ7rDx#fND*3v7-fW7OBuY<i`C>p)%q<V#g2L%y(pBN
zX?9}??;GQ=b`X3X*J?mnF^3{!Z8DJae3^Og9sD7<u|8v65Vlx@OTD+WPP#=0Hd57s
zZrRDW!U&_PS03&}YjrerlD*Lp`AiFx-U~w-!-;#c+afJap3LyAKN&bK@2vr0w9}f)
zddPBf=ziX_Po){t_tm!U$px`y)a=u7uZQOQSUV_}Oo`J|XT37HbiD{dEe>_`!cod+
zR{SM3D+-gEXVr30KWo|Q-yA4+Epy}ZF+k8KW*nF{0TLk4;5-ZAZm;<*piZY4_|O=-
zVMR$QmN$X=4A4k8?Js<50L0}x)W4I?M4n*nhw)9`Ikfo-_#5JUtq8ki)sB=>Ve%lb
zc&Zd%i*3lazp`;@pg}_Ktg>}tw5=1c;>Zqren@+OXT%TNtzwEl`SQuLC(rg2{86I5
z;(rDIwN`oi@8xR1P7;W0Fn#LmltjaQ(5LVP*wMc{Z|(Zz%O_tvd3L7z{KdKMy=R&K
zV*c!$1ONm(6iv^V>e%Klg~4gNlT~hFt<5BklFgu8o%QT)?Rg8^&)czg64(v66nIU3
zyOkCD?f9a1bVhCGW2Wy23l7CC&8<0b@V7d69L@Jx`@mg?#*9}q<6`{+>gh+~#NYe(
z5?g}bVA^70H+jFILMl%z9$Gc*W63HGK&?(z2J6h0?kuXG;kiv|mU_hsMiqWPKyq0z
z3I&bs=s@ImIG%MhhIKFZ&j`F2sG3!{IZZIgs*>9UA+L?mbL^<Z{ATm?4I4?qi7YiS
znz7qG+~0WFwWg3)J-N)2yk*rbXLnETWTl6AuDRzNSDJbPsJTym69OH6|MunE=j0;K
z4GU-#TQvo4HnkwM<lnJM!NGdNwS?C2{LjOiFfuN(#JIYIvAKqX0|26hM(H8C##zxC
zVU7BTHDQOKgt1LaDGN5R+Q+%Va0Fv;A5Vz^>+I~W_>epp*xhYD1_(j4-q>|yH@n^c
zAQBA>%!(J*cM6_QurO#z1yA43>t@|Qb!&%M9KB)6lc@H$PGEW5;u4Dtf?0^VugJ-a
zR++Q1kh>vEL+F*J5@8ch!THX+6<x5ZJHU{{=i){?_Yds@RDxwwYef~xrmULcn$@_F
z4dhnmr7haU9Un~R#OkX|<Y;@xt=u7DRPPE-WfNVgWi$(QJwSBL1mwcyu5xBmK(L`H
zuB>;d*$fBg9C>Z@LWU^W>TgU*9BS@@wK<{})3#5C<QBo}u4uhU(#!OXrZLt7h_5DE
zZE$us163Bm3<h`<NFA~VlvbMzNpkvp6wETJbYiC}S<*Eu)1<!jA8M1CQ03g3ZBPLk
zB-|B>h_r#98>!$t_J+!YLmA1F?g*`9BTR@_z))ebHedG|`o@FaHX@Eo8C|k^Ts!81
zJX<__dhjrhpZ9x03O9K8Hj|7ID+JgzesC+aUi4NJY39P$CRa^AG`Cu1T{UcmU)@!_
zW(kS8XDeDLtjFC}S3d7%TEi{jZjBw!`clpE;C*Q}AS}XmTe>B9I<DGvwr*#O`dvFY
zA!m5!sUnq>_4&cmXS(_7W0{uP2#D62+m|VQ9@pa9u?Y0}FD9%(@hvZCRqR3<>^1fT
z^gt$Vc_qOrL2hY<8nr80tH{5ceRuKhA8#&Rzd9c|gYaUuw=L3!-*WFY{RtXhy1j|B
z?bb5@yvg=MbGmJ#)$L+O*hg>x+#b45BWkEUg$94seCFYFOH&LsN%TpQdJMr~Q$(`B
z)0cI8$!3VIm38dfUFD9SPk8Aj73x{ay<&;fVA4ST@UXR0cM(eRqO(<N*6lHAwsk27
zjn6T;hTf@H1ywcA{!+;7M)y6@^gQ%rr>BBke1A<|a&;3gV2g!oyEr`5R{J|WRVW@<
zcv}}g$3B))g`G-vYz{4t>}n$4DTdu$>h40>*)da7N&@amy^kQhc8449x4yeoTfW>@
zMo&bZgOT3JhTKu~mI6;%koUZNPF@MsU<6#<drg?8X_;zDQ)<SzL}AtpDxp|gTnh3E
zjlz+%xfAxW{{6{}oP1m<{g0?u>SRGKw`IXIUTc{|tXNgyYFRS#K#(S1`GUx!EQ;X!
z(U_ve<Xj?NI=l4>Qd*q4c6RkK9i*7aZCS}J_YkIFlZ4>sk`fZZjTzDk$le-tkJx4E
zebEs<f(~YV4J^>h6_J>RF*6w>=$+@v-4rCb+}XEl4(u&LNJ20_J;~Ya6P43vGiU;?
zlyIVIx1UszlV>Lja&0A{ncr`BUy$NTR<0r7$b5Q2&SV8G%BUa(qXu`;Fq$2vNu38V
z2UEh#NK&X7Nzf+9-r}%NSn!vsF;O)uS!K)^Iq{a@=qOg##$4^&FMd`APm(kf;-sj{
zm+9kVpFogZ{?CSy%a@kHdpPGgS2w|da;45Wp2TMtTl$j}<kerUO|#B_p+O6Bo>&6;
z+>L2a!VYBP(w~}&X}Kgx&~bP7g&X}nc}Z)EG7fN{ke|&Rh+2GE0>BJB;t47DkS8)=
z`|H;-pCD9t4_TJ|SKY!F_&wQbYUGU+EDTcdj?tXxojb#i-&ee5L2i_E1nDIngE#GT
z$Ua~@<9kqYJyZGya~6dUi$X4KO}dBZ#kcP+Cw1c6cbB#g`lDR!H6NN7W|R-p{E32U
zE2n<dlTq8F+<4i7t*3i3ZlZJ<r26XP;^&Yn?>pu<Tm%6$y1Q844PIG*cJ{*Vt~XRO
zQnGD|nwOFC!m#A^0)reQSCElrfLle#ONN0(`E!dY5nX|>TnCB0rh=|DDd4VTi+{o*
zk5fEDgQRee(Ob$3y5t3~cUnF;Us&l7fev68?#+!Ri#$%^*|T<%GyU5Wu%ezXfM-VK
z9st_!2~76EQK9Ib@=N?Iwj4Kj!?*7)?{!uW`#<s8KdbfKgJ(7TaLuY)p0S9+U|evI
zcU&L7nDSriVj?DPV$zA;K4Q;92Rd$JIDFK#V5e~v81o*vFuVw8>p2dElP0nV;55_v
zXP>a$Lxu=nlfcGGY*Ks!w*x$Wi*4hfn>b_TW|fvJtZ)75x@$3g!O9K!>e@-zp1&|;
zM}TH4w6C5jQt%ZEAk!w{BTB(*S*7D5p4un$?7p*eL0)^`Qj*D{U|G~EAXhjLj^u#q
zW}+?C;^vQ_ycsp^2~NP1cdss9zJ9gX=D*p<yLm0=jbd|Nhfc->FtJ2<s}u;XGT_J~
z1LmfBqlfUVjT<80Dm3SV9n88grL4o+OGQl#5w&F^iUP;Ft{9v7mZm2^zZB6LPC8wU
z$P`g^4JbbJF+hHvMLFfP3CRxoW8FT}9qsGR_c84e7G^CW1`V+MR<hD-v+AxTR%b8>
zPa4Il1-|-o8Qj=G2aSElg4KnGhV~s>4UMe%+IfD%3<o7J+SD7&H3G}45eEi`8X*~f
z`LRt!W(`G*43F;T5i8nW4;VGtUXxCmC?@1|NIre(y_&x0_1#cw-#?-%E9+G>mk^Is
z!HkDbDQ`K`e9OgW!wupxrWIKZmLIvu$49+q(u8}v0;KuQIANTRIh5{Zr3Wdj7rN_%
z9^6~~;ot7mKZ`lOeO~76_<uf*<E~LIY#?HfW|Xs@xJjnDSYwe`ip%%j^G1FK>F=}D
z`;*SidkklqjCZ&k((>g}LcY2|?~aOMrmCi~J3uxUt>~83tZK2sGAV?qq4c(7;<~2U
zP0%ZHln;LO^1(eEzINGQ3cbm_Z3D${1O1Y_@fY^nVsPPWTBcc&?A<+Cz<rG%eHhGI
z$`YV^M~47GC_>>?DSOxO@M%t3@1ZWs+UjqXymkyH><(l#BAJ>J9a50Yph>}@?qL-z
z+B~?3O)9G`(1Qa+efsq2Qv@sgAOGWj5LppQa+dLJ|HdF;r0|Dl&lcoAE?$2F;g4ml
z5bPM=s&D8J4nWfB>;Jrd`=*6`>OKitqZ`gnh;X=>|N8siFUU(?LGm#-$SgJ@(*_3%
zSrZBncr03O74f|AAT~(~TfW}Z1{_1L-hyW}W?>=glo0?KVx#`3spx0KK<My{6#Ryf
zmHN7pP1$0tV>oP(rUBl>Mzm{DvHE9>LyFobJ9`Q4?n#6O38F<2FDb7=fZN2xazN+@
zW{`9b){N!kg<~@|NV%*e7T*m!l7+EuSY<^Sq1%Fbc&-8qxuS)T7-YYB#FWF^uNhTv
zrB^3lKOWfPHZEJQe1&VN5qp#oV=in!Lw*enr4|<5i~EMO1p{Ab?oF97Hz}Q<JjLq9
zOcR7*>NZ1V=Q>ukU`wkTts@$ayny@?<<d^EaLg@wm$r20=WRvXdb(Jgn#|3LsG3%0
z&+G3Wvii|$S}LqHqJ>zf<|6^brp+3mW~4rgszauQW^F!b0i12*SRQED>DHXeZx1|`
z@ftXrO-aLo`G>K8;3klL&?6bIM>v@AnsPi}u7V)Q-ne#|oZ0ZcKxKIyBn2i=oN^+^
z!<_MY;By(T15anXQqO3-(oSl;Vje!cx+SrVn-9BhSgN1Xz8X$A-)p9XGB+&~S&-L;
zDdXm%OC^h@M&c=p;dPg%w^E-ijRVZu-3DAdfozL!gG@Qb@=f<1x(Ir_LQ^@MiPmq^
zgH&gVnLIvUbH{_5I+A8O45l$KX7&M_^w7c9XvJBC*9dkPM7<R34Zk~KOW&hZSjrSn
zvm_`^&R)2LI~zcBDQZ@&XvWTc3j-@RY|E+uptB8zv^j4ZDsls(nz0HP3Hw;HO3%fM
z>r0YX{FYUUoc$$~q;7zCMm_&Y<_UOHdZ04gZdtSNwp`n6>?L+FrlL9v%R;X=NXG<L
zxRXs~d|tMI5|lvA>amp9_M(bZY^_z0$^+R&=&E~%=^hpu-MU=HqmhGsLh(n>=q=B!
zYy&Rt7ACc%%2*S@Rj!oGco2v|U*5E#iUrb9r&z6XL#Cz%N~rW1biOBzwU9ZxYL*38
zo9oF&|DlI5_{yp5G2mF@ybS}kf5n92AeZRVMaxcHLiH{^4YBd*Zx{(VeFZZ$#`RBc
z+V+1JPw~{UqJH9AQTor2j24CJBVSmyAC}QINl;;JeM<m#mv%%TbOWUdS7mdu6GeID
z7o@NRW>5>?yr)G52)DLkW&?zl-O<_dt9P~>9!1?EWKj>~B!-IBUiKie2iD=?cvJES
zFKScg>@%oP+HVoaHClBCHa0f{oO#<U!9wje?mlB|g#wTV@XG)~3p7|}4FDAaKh|^B
z#w)~&6DKU)gaip_=b>V4F7L!0t@4Yj(fqNlNY>u(3#ImJqQ9q0fR4u;hJeFs-#hk8
zdclSaY_-&^Y|oPwToQv`u8{eTsK_aHfKv@EWkIS(r`pk}_Umw}U7}M>pQKQa6>1-O
z{Kf)Kg{^c`{T44<PKV-cKkdtt#AA|-G@G`aMNhW3Fyi5wLS&K$1ZYJRn1Mc@wkaeC
zc#Y0M&jVS?h*=LW5O$#26IPm;xl+r*W<!BwS<;LJaktvb9jpoF<@ABlS1X>T+&vBn
zYLVi%6h5t;19K(e)`eqhVoq#3nK%=hCr&1|ZQHhOpCl98wrx9^=;o`h?mxIyyQ=>{
zzuoojTI+dyiifQsq%BYOBFyw_Okhm<Dym5w*v|(Jvp4u7Pp+OaR6Muo(oiOJp4Xr|
z9ZMWK)iqc4gH&FgEC}lAs_l&k^V`j#EWq{_Y1}c<Fn)9(DU09y8i>Y@7x2O%HTP_}
z>Q8SRaM=tcm?bgB8VZi>@{1Q{mxMTtz=1VV-U!WcWEyl&+Tnj7izGX?ig=qzWK38Q
zNr0G(XF(nLtk?|Q%6B*B4S%Z{2ok!vTxXhsLDC=i5RIIuY{|GKE4f&#*yrcv)1i}N
zzA042&hTLWBGo5J>~+w%eEhklUXD9Zv4noeBi{n-Ox#FV>3Ts;>$#zqn^l8`6RoB?
zK#7$JC6F*^kTIgBQo5msz5%Ji7*(kr!SQJu8KVd`O>1wlqOIJVh@XvhJ;~r18aHjh
zLZ7#&hzS3?!dEbHD8`U7v8B5yX})RvhyO9ciL0);s19YXjb&GZ!e*4dTBT#y=x<u`
zy;hCUoWm^T-j#Kq0l7Mv5m@3mf8xeVFDfh$%C8q7I)zW$zSfB_V$#m(!Sa8m(3sBu
zC6&0`ogh3m(u1Lr8|lNbr$U;@0Qw~EWA3L?OgK07$B&eM=s$Siw$`kB3#C`eZ)pYe
zoTQRaS|@bx2GGSkT{-RZP1cnFO>6NRX+th(H;lX>QJ#UHLT?Vbo0O6E;|^O^lpy9k
zAD>|xpc2)f-ObDxZdxnhmOJC-E`gc}cvFxgvbs5!qv5xKwm8wNV6*6m{wOS_9v$?=
zR?5Tgkqiq#oogxI2gDuGps!G#P!bAsN1)!eDGJR=Y*23Wp^^Dj<bwQt)nrW~Su-HV
ze8&i&fKw;oH%_WU4TU*P+pbnks=!G6A(r&nL#J6**PHnrUS;*`f|kW7S*6c>_B(xx
zx6PzCPtrY5O7jd*nT)YV>}V|e0Er0@J@owNDMQifLb{p}KvcL;ky-(2-2VV_xJ@M5
z2KL;A#+m$EWP3d-0PD1U7EHZe(kuv8<V^!OZAyKPPqjOM%!zlK0<c`)+~V8fH8NwQ
zvT5QOC&=fB8MpU6r}DXuVn13LcS#qr*_AZAT|v-hj)P%Y{%RchdA_UFfB{t%b&V?v
z|6rMjl-L-s7}wi}ZzUi$ZFN|!n?(rm3dk>X-r#HWkUMdw<WWig^%8ZMM!3HyQ2qT|
zG;+834KWP+TXo0ce9;1gR%!471UyETyhQ|7vm!c3$`Xg(eCS*-eksC4VHMfSWu^mX
zbV}B(QNVf=J=a5d)P#?rTk+WmpkOTS8do!$fHCSCFr@6tTq9?1-XSo9Bs`iNs4M0>
z9~p2*&#fF4ujV4T&$z5_k5e75$_bG9E361s-@{vif8T}&;=>0P7|rWCZgF#bd#E6U
zpHfZVBf`+x8WUM5eQ0@K;y~9$yz(j>(Hz^dc%|TtANG~odF>ms54`KheXbRxRuiS!
zMJU#07_Cr}oFzHDF&Nd32cC~jRWom<;RNvsw)<1Cx37MEz+HoyImyd&GU<_7%Dx*|
zu6*F?5pF#r3t|i0bd*5qLae-2lj&{il4^9RpN*1&Pcv+tBG%exA8djwUY5%AiWXL9
zBUj&oyh$%Ba83{X1`5lFp<A|-zPW%P-1iyw;p(GC?U|S_qR>4aVS@^`P@`Y@4$=Oo
zUyS})Cu<uUzfG9&;W!L17IOBY8*aP?t90M-W;e}<@Dhe^ytL`^=EJ1kk++~lKd<Ta
zc6kvKQ;_~u2*C-WHL0EhEy4On${jrn%l6a${_>o)uhi=7lU-si-hSCH1wN|&nVPU}
zS0Bc|(><;vol^XHSRma$lk<!BRoTzw=9q9YS~(q>gh==TPha~xMgMjycGN;XUV<5Y
zEUpp-i}n|{yv~`_aX@~s5X`$~ML_!@D7YS|%~Y5XKI><kibz`ooT&oIKy-9~TM~vA
zs4j-+0`IVkI|?Sc09R9hg*?Vg2{EW^!%~=_oRqT*whiH|Xwo`a7CzH^tG*6^5!#Cj
z;+MEWsX~B9`BO)j4%R-_$gW{ue9D)ZphapIln>vU5Fi-slai=u#*go9wDqtZY7P^e
zbk42lY{D?uV1P!66m9*<A7T*+l{_a_pUFs1E#{K^db0ClNq2>GHTp25UOJw=0EO;C
zLMYRf2o%E-k3DD!?0oqLouSmMMKskC<~=qvYi(#Lx=0rWMi?4^dBDGxRh?SOB)P-1
zuaqKfeaA)uhKzv*L~Tg4PWU9GiD^QX<~ic1PW<zT-H+KaL<{j3Co0Es9UUuaoLlTN
za^EtWDC7N&MziurWHlDD<c)GwS_$_e8#T)t{o{xR#~vgFU06`~`07K3A02m5G6Wjb
zIf5fZbJ9anM`C;q0AU155$9&1PAvTkmqj`yu>;DyL%+n3zt?QMD*h_L<e^6LeL90m
zD=m^=!*Rpi9EK&|eNbBmys`IEWEqUp#dB;JaX!S9F%2MVN3mrZ!mN2ZsA;p)5NM2D
zELB}!pvT-Jsxr4Fee^_t=M@o&bi1=P#ygd}>~CYKYm>mp)F$rl4o?{7z*FTHaaFLI
zK<>S=IkzEEix$fUu9MMoOu=ZVP4eSMa1FV~n!%l_4lC~&#~S@Y`TPEMbJf<6^~*>e
zj2q1|HYeQ)#;db*PkmqA@(DBX@k05FaywCti^|(Ab}0L)7YbRU5B(wq(jYfl_JJ+g
zEu735gYlfzi4>-vfo$;n=RQ!VG6I&UChz=wBGb2{f@H-IU6wLeF?f+oM;k1yQ(L9r
z%_M8T?le`@jFXLF0GINfWrfY`CcNM;Q$Gt$Y+hrZ_DS#2{fG6or@bQ$xYYIPhNeYd
z?%G3P8HcNFB)@JK{hl)62(IXg)RR!BMCR1eK!1o!MJoza=WJyis@$~%3CS-d!(T)R
zn0vi@IahXtk(rimtEa*6FQM(1h1ml&lWF?UvV&x4CpUPb#2(+~!53S<b$tTcpHZC#
zN7A!o`bElqutf&efe#M}YOh5_$-0HnM-$Kd8FpzLIIl_$G9%bY3M-oDh|0&jCQFlN
zhG>5t3x-##?&`&G5(`f?Et7~JLK<7&WyEm^8$lO&UId-@Z+d6Z|J60d_Y%B8DkO5$
zZiw5kQ~{d7^9{rWHBnAkWCHFR7*+@;mZxC0ZSoQE$b}=qWtX0(@MvAzVGNq66@E~z
zYUCq&;3agowgF}SsYv)+A?HS;ZOkMrRc;XBFnYIo-L2qpP>ml9kTN(p681F1gdnJz
z;zaUFEm>ic5Ob>eW#?clt|m|y7%jL^2EiAbE3&C?x`0c>aaA)?ql@gTyTy6i(&rfq
zRfk*XMk4$sXwxl)IJKsN`?IKER=n@{K*qKd%$0J+fvSGA<QB<5a7RZq2F%#O!@-*6
zDqQ^_t#*KfL@GN9TX6|d(xUnko|xE5x<<!}rNhmN|6qRK(rUPtteES$s>U1(x+Eiv
zKdU*8vB(P!Pm~M2)toF|ZdZ?PFODwq1106cV3l>1v0Civ?Meiy9X^#JEwEMf?mnm(
zrJC1-$19YWY)7(I{a{xcr#J=-;c8<s=!RiFuOAN{hm!m~!wZ`K!4EY<EmD}Drhu@x
z#UuX#t3}&!JbFPxoS@Dr+RZ$L1+V|dGrIpqI`?^O71e}qDA!Zispp>uFJh+lTw2qN
zrcw4%ck*!-fC7u>hr8<o3X~Eb6J)O-!>K7u4zU$Hg}Nv^7r!;6JU^vVVP$n;-MvWA
zI!N|}jU*bkbKOM>SQ^?Sl3ggLLt7rxg5zCuu;24@<n;KK0bv+gz)XnW6X?Un_r)nG
zOBel+<;CG(aL+waUdMV`YUP?LqL#LNfk)gW6K4RCc&TS6<h3YVz<kfU-*ax@ZH-X~
z4cTpF>i6TE#(FC@g2yqq%$B4zIEG+D3E3o+6h{*qT*rNUO=*C+R_xd-#8&&YkH%~~
z$$@^Og@)Y?zM36IqsvKiid!+qE$+={c*75{qw6^Ptbu{|3As^v$29KUymg^JvrUM@
zQ|Tog3X?h>%f7ziXtJ&F$|dZr$iBBr^tmvpHt803(t$h2OhnrPD3^6-j_tbBqn;_F
z(12a2)_)30`K{=-RE!3E!Zwv`a>RZWmcx`}9>jdVTgE#Z(EeEZ;$(0zHC3&Er#f%&
zuCRq@76#=vEiR^d?Z)fql(7VDsknD=L=g|FELZ4Qk_Y;Qfd6g%SR?$sH((UCa!%73
zq<wz*GNImJ=t8$j|2ySfJCSwm5@fW@DDc@U80Ye3f1)Cop)m|;f7dlLD-f}EiB2ND
zg_rnMqN#!*r?xB)p5xYtQr2OH=%2$1YBt6|>7GD#tlrhD+w~Z)lN`*}#BJpHJshXJ
zM5RQ{n{I>*gPOMGQD4@_sNYKxZ$p>v3Y|O%G~5t-Bl1s6Rs|5jd7lGt4eU)55o@8B
z3K1#@u64A`z+-&qQPw!2A_{#%mLZ4r*Xh_zGQJpckUa~frl&^FS-?>tD<CfS`(7U&
z53d7|utJch2;OU()T!V4i!Do}Dg(;7xd=^)_q(|=`{A4+-o;)xE#id!xRg0bomst!
zynpELqD;G+>-Ua>Jcu~~Q957exl2eynT*Rj2g(kPkmIcS@gS#qKRR##N>{7wk2oeP
zlID#GEZMO1KcLpx(Eui-9tO}_0np0fCyEA*j?O_>Z<7kaGBVjT`qG=IbD_Jkk#Wh4
z=(DON+4F40r!?!{sIN*(y^xTK)P*(GwuyM4rFoO2gC2vDylH7K_Wc@uIzr-*g}==;
zNslh@l<$7THb`*2^QDaZd**ssWEzL3u_k*eJdKPkeu$jLXu}i%xVX4-fdLa&_>OhW
zI(Ea+J^z_vX#=V;c-7T9k-f+kO&f^`>T-o4!sX#XnFK0UNl0cYHUU+dg3hgUaGw?C
z;jZXFf@f#VmrhISBT=h;5cSK_&64ocIOXJphxkCE2Mn@b-uRO)q3oMU8+H9u&Q)gS
zty8|ZyI@E&zT_wM9ZJd$Lg-kL0l{op8jLU6Y#Q^Vg_IvE_t2V56Q)IdhFzntA@4ZT
z^e6|5VG#T+*Q<P50zBt;#by!HHG_>MpQe$}?l?#WxH-MsB;#0UndOTZ{_`U1hG(*G
zA$giSm*)WmJmi~8+r=~BNf_+%Euh&$8YZmYmChMOvS&7x-=op3WL0D#Gr{PqhIcIq
za4ar`XzD~8)}vNHl~A*|5qx*L%M9xPrqCBH*#<>)S&h}8)94$co-Ydp&7s?ujHMuR
z6`5qz-%g&C#6kfYU`5UF>+?lbl}a>`Zwq{^_F0K<5km}o=#42Kp#JDenLvEe+X9`!
z$zN%CH%X85<DcPS1y{n7iq`k)oGYp_bOPMHt$3Eov76;$$#eP$X(^Zfg1_Fm8k#L5
zh+$m)Qm?KPnhaR<13k1^HQ?K?b&_j8Oc$cI7SV4u8%y&g5u(lyHYO6Qv3J-4dwjV~
zRf8=#wVoYo%BBwzcBT4Lr|d5O8FDE%>{|sfkaHr$R?n$4vJU*t!b0L8|A(qMnl)_=
zv1`49z}Ihp3j8Ue9>g6{mATc=t$5pw*gsyNR)9CTLMYz$_LCs2h<8r*S4iD~CUOmy
zN{cJxjAk(hDcnfwP|FzYHkd%N;~fQ(7)#!W+6ddXyw9Rf6tKWOgiH+2-a!*Gea%$N
zBS|`0DF@~B%D~@5mD2mntSeD<<H-?O*%-(6PhyluY&56m41pKrwt80lNGnpk2~?vI
z_<D<&s~Xjzt3<5+1KmJud1Z-Tx!N2!(C&xY-vU=6kFFtAJQ`sl&EOR-vpa4cdmx|W
zP+5j*2$Tyd;j3S1a`EKYsd2l&8(C{HG}Z-?tA6td{A;=jB7<1bXvf{#*q`abqt4K#
z>z+%F)!R970Uzk(F8w!Mvu>i;i>!?-76B|iDhn<hk_L*I5}S|g(AYs0;4r9@)Ul4{
ziM2z2CL~ex1c%kkG`>zW+2JnBR*flx_e*4<5(kgY!b3f(-sofsEp~GickrqwGpNHA
zofsU}Xr!%*1?wA5Dg1+Ls_MPv$)+k85SZ$MUq&hS<+|M&39ZFrzO@R>h;5*`6VHjo
za#ucBK=I&bOMscTK}Ef&yS=-OKZZ>NjcuXqE$=cx4NHgYbEIhE-dL>5a)DdONu-S-
zfA!<&X{<8QW_u*agv7oFOLsg(_=qs4!-WzhEYd|CRCCTR|I+{%^swXco)E?E)`ouq
zMHb#5KPR-+1I7UdSzG=TS_Hx?n6ud2JNn-LD{#L6AGfMcZYaa@vNW%XjR@Tq^jwCE
z@Iq!Z_6zF1#;C^=`8cMA+IZ}nPs~b|iCVZ%2<R|>qLv%ka<sMY;OA4h5C4sBxryx`
z(w-z*1M`+g`|IUarUoDu_xNxW6rsO_QTz*E3VTGrP#=W&N}MH$=O@&&lqaU9z_585
zLq382(|YT>9ZR|beqFzTzG^cBnXO*LH!OiqqeABd3^B<|ZoqEGpxw3FO4l^^oS^4s
zR!<+%m4=9b5H?GQgypmQOo)7V7QuBX#tDUj=x$>8V4>M{sD0<o{#9iZ!13Bs0X_9|
z+IndDyX0{=KtY=u2;%-p`!ZeD44PaK$=kx6sm{0vFinF(sWpvTa}=}4`7)lMNg=z7
z!ew-^$NGu)>5T;Gx&J5dqLCmn<YN|2!@t;|o!u}JvOh<|GxM*K%N6)iD}T>s1@sjv
zx1=h3z4vT^2x~>TfyV^?a>{guE5b9(bl3;lORl=y3Cwt1v+3x;G++Xap2kt*HQe6r
zcmMlx@N!?vB)%FQUbzo`^P6>S*Xz+g7Uzr!9yyetFI#!lpkd?<-uKd9D!q9F-MRSE
zmfeamIR&EMMd(v<wP$-KZM@p%*rn9k+OQ9HCCAeiv=|(?mc(S)!52PeYfKzVZE9|{
z=QlymOB;`iGk7HT0{;-44O>f%L~*S@8)ww69bTd}K^3%1eqhf0tiVvxW=x0R=A%X0
z(p&^oIW~Ql$)vz0<W4*&0Ze1Y%QcbVrl|cDX=zP!g_b?eQs2S)z8&cL>#L5O_MjXf
zVHWMzOkKjI<w&{~)rP+<F9SUH^lE?G*y%XyiLeaN#xqML-jp#{c9j0R+zf!kgt%9o
z-Ei!uu-ABv5mZ=@G(AuO%oIk!DKV+3PdKEpTR@WjS|2v>JlHw9W|2qLk-K@_kwTo5
z=1h%lv=E_xy?b0t@-kG#@uVkJW8LTU#Lan0L&I}+dagqmIJxh46%=3Ie&F_sfW-q+
zMp;s{7P_RAxB5(vRquunNWu|bt@yTa2uKWqjwM+L$EO=P3x&RmnSEp@j8|rUb4wYo
zY8dq5885NisCeZ^v#llu!Qo=%UmN{Mx@=8Hf?zQaV@QaQ6@+Ramwz65s6UOvQCq!)
z<y%xQ!XxeS%dEtv3AA*v2qwkjK{!9^Y+IOx&6VIoSac-pFq`S<lQ{9Sckd^&Sx{ll
zt(%8^S7N7yC*?~il}ARo(sQ_ks_c3b0!1!27n~>tY%Od%sEPI350>=9qiqMiLDS<<
zeGSL(h8>U>fJeHED#Uf|8)&U@ds{81`Ro&NB&1Sh@NM5_Ux6DoiibX7uT_2{hh|~6
zjABN2Otqak$C!^HrYQ~aRG+MN61W+!^Z3gfwP!c+-;V<8Ne{a-kP4Q5dgR37T4D5u
zXF{vAmm98U?;neUhwGK6G~1z~%<-uSk-Mmf1o+m^5$ilxp&+B<OM18|>F>N28e_r?
z|CrOzDE8E_qj>YtSo_~9**($=W>1PU<4lZnGnU6stODfuZ@}S$H&?OmZ6~mQ()B<u
zjDrMM8ZAZ`Udc;q;xEMmr4oiScf5lod<TG$>FbIw;;VVP5}e?f?VZ4@Qw}sbT8`Tj
zR!3c?vaQRjwaYH8*))$V<Eho#n@fXD*h6@u`f8)zpsD0)4K4I@D3}>d@e{CkeVTJ>
zYTC~pcpx?l1VfuTglbdYnl?~ZXFcv~>AkYtu|An8E7nzS8`O^RCGr{IBqI(5gdk2F
zg^-ad{bFKq)a9kzW`6UQu${q}W^>n;LQaG;#M4vcst9{F+2-d&k9rSZHjG5#d?o}t
z&wqAfeD#1vx~#g?r9p5xV1uF=y>*vb@KCk0-}b|vET&Hw340A(@5U(X|1O-b>(>(0
zaXv3g0!)~wG991PhAFJ-#LFfGJfRBl;#UN2M@UuP_}m!O()a8Uuzp(GYYElZesAVl
zK1g_m<i#NrkZDHN-$~XPl(8rEjTWsW$0Icv8QTI#qHe*)hBAeaphzIKY$0|{3ZOYH
ze(yi(G1|aXPhObA&$pHu%|zW|I%Xw`n{BTfdd2iHi@C1cyrvLZ4&2E-BKcJ5X8=t{
zzaL+V;xL2T_a**lAKQbjgOJNv78>NQh?=(UXj0Wp+PkpetQ3URTDM41?#uVG0kXPO
zCxT4J%YA0#hQXQZx6`H~b>i!kS6h_64JM+3Z&aV}G`L+I{xnWuwM&2`Nn&*ls0_Ro
zGJ(NHzR$!Hbt(I@FTgxl>GdY@gxBS1?6uB0`|_*_&X&8UWVKj9XIUNTJO;*CmDakR
zgF$u{<$;RnVV>{x4mXo1y|6vxn|tW^ZSu4~&e@!QwqIT4KE39XdpE!Sm+g-20c{Nt
zn<+x<&!0zQeSHB3E`~{Rx}Q9g_h%Sey^ge!s)exoND=;U*Mt0v=W_-Go1I;tG!gH&
z&y0czZ+hJyACbL-U#;$xqbWtPXF3~NS(35zHiIa?t>H+GHx1mXcZ;9m`j7DRVcZ=p
z2gc3i>+5sft*WGLe-EK|-u9&uZF(k->X$%&e%;JU?b(7N;}v;ef4ZQE=6*F*SE4zt
zT7PJ9jke>$g&^s^^#teBa8$#-_ob0Jy<R<ScmI9aJEKkGjI#OO*q;?AkGY0>MhP^p
zPc5G`gsYckpR}GsxIZ5O56jnYMyy-%ocNsID&!2hoS|Zjt`W}UTar{*sX>s`WMj=U
z@vxa*MXsn=9kQaCrxpK_T4>j;@U${mhz&!g(vXASL*%-$L~;v^c+vEKBJP_?4KC=O
zU;UN;+xW!tB6q>%Vtj9`M_ur3dwQ#&CqAg4Vt=>YQC~&iP@5^M<w%Gu%&!EIwS4>J
z*Y3=>NvEdjZos;SfHR-X|4g>IyG=R8RhHl=O;9+r(ZTD&G@&L8WWDBFJ}~oIZ@jz~
zYZQT|ELOYbiJIb^Vtvn9O=qPmPB93b$mqgamwUr=+k15D1)7Ned2etf2c4?xL@TzF
zD+WrN$FlyDmZ}selJwm!)I5R>w>r}2JYG%(^f{%QjoGlE){l=I$?^P)&e7Am@?tVB
zCNxe~Dk}Vtq6`@Ntj-kqtAqFIp53X%<w?-dX>Dq!PVyvWx%UJADbTH3>lo&<BWCNW
z<v>Ce%GVkx#-y|Y!SkH3^$^W1#<LffWulKAKQv&LhD&<*h@^&-$1y?b6I?2Ii227e
z8}9Xwq6(^s3W*<me^&e8*84Ai6qt)j2l-RBd7;NPjY0Pm6wcw>k;WtsT2cODyB4$~
zcyXE(FwtILn+6Iy<yj)PONs0!u~`k&A-pB`Fi?a|u+if;k<Z6QAxbAQ>UIdO??(!}
z?;=Bh^nGV3R8wJkOFy5-Q<d+08MlyvAJE`aE9(p}o?tM^$f~ABzS=(i=_pe!emck1
zRg2g@h2>6Bw;}Xh3u_TBjw=R{Q>F6eLKj=NeQQuL@OLAN!HGCMt9D3}4|=l#T=doM
zq5A1|c|IxpiL>GZwpm%!K=}Bxr1vbS)MRktw*j?7$n5RX^}Qq_q0VArf7XC}B2P>_
zOr()DhhU@eSW);PFqC@dnVdN^41x4S^GrWACF=cD@or;Bm{!6L`6FF*V%)6um<w5=
zrn)LEio451bw$u)tfQY+&k^CU*DaM<@w1#&KJ**K1myBrYHUtERs`2<eCPry*t0Y5
zMIiH=Q_!e>Uw;R?4xokdYVL3r_+qGyY{<(dKOrg!my}}4o!<ga@{c`jV{)C*C-Ex)
zR%(zs^{oBYI{y1E&4Pni0jg%P;o#8)1QQ%-ecky8)>qh$XBhdBka>~3162u3Q3X3+
zvkOexEDny3m<ByUWE=%)CSZwp`xXJ2h$~^e%EC2C3ktK-3PAWGFMT^0iu4J%bi`D&
zo|Mt#LG&No{;4Agvm5#Hc=cs;8vNu3&D>FrIf?|3CT3ex8oGFGYe!)WIPt1eb-bTh
zMxa8T(4s#XTVY#IccacD0G8;w8*4Zw!7mW;tO%XLO=2TmxR}q9EO`VMjq4Czqe#Ae
zYC;3+yxKI73rHZ2H+@$&J^`OUDqsS6I1@-*#ixhMnfcgpvuey0t0*r5^{3zc2emP4
z^rb2XfB*T1!0D{P9PR9xv&$6}6cuH9V@75U!cfKz;9C((<EyjyhGEajLUV0k__9L!
zvu2Rt_|;zY?#Se2BB(Zj53MrCago+@B~op%j+ceZa4A!R^{Vhr>HOe!?K$8@r8)Mu
z<9-GiUPsKlH#^A^?>pv&5<cd~&i15RVc^Oh{(Z)a2{>k+`4t<s?2bM#Rrtr{%73km
z)aLl7r#I)tl+Fx~@-2_6@XZEnzhf%*3h1z-9@#X3+N+saj(Gn)FH6BOGZWvwBA>E^
z=KD1Gj>nZ9LxSE4@+K>T4Zc?G)H%nl9Dp^TgjB0|%_3P#WnM5ky2#2!RJu7<3plXP
zpwo8yz|Gd;qT0xsAZ=ez?OvM1jp<u4?uH=%v&)%!dSsAQacuGyk*IzpLrBGVQf24C
zAM`6f8aW|W$4+&7*x;?&D;SE{e_7Bw;wEr1W0(bZyG{3PpU2Y2>N@h_)52Vq{i~N|
z)$~Df)xxlAxg<ImjkCIWdMohg_Rpp`$RN7PWkpd`$Y#nPBGKb*1Tl{!)<wFd=|Nnq
zwA#{8=A6w{VQTe5BOCZjEy1yz7;z=n)0}2AK`AYlt^QiI4uxOXdFvk@3j|?EcP&ja
zPSmf@!uZg_rVUFBJeXfUnROIEb)=8IdFt$c39*}(HVB^x@jM+yF=fz4!*GBSQ##1w
z_|HpzBZKO;)RsD3QB9&DGTC9$>U^*W4U4Vf6zN3cm_<=QFRbjIs@ih(-|HPVD1@DR
zlTWYsv??bR2ev3}s$|bvxqosj6k_&rDjlKOH4_EvF>7h3|7zEbE9yGXpc~$UnXsh(
zo4teeMh7hWJ&!)`9KIQh3U1OQLk(d>L94mhxFHRwuXHk`n9ii6aXl46|EbdgXElW9
zAYU?%*1_o+;UG3E(Lmo6bEBn6(-elS0Yg`h8qt4d-0>R;FS=(IZk^%jSY-X4qrH)!
zluwpAB`X{KQI(9t&bCFKNURw0*Fhm50YO-6uapUNiUh0(r#S??%qvdiTa@QlK^DRP
zVnNnp0WE!(@~4VuhbG(%CCix)+GI`(f-~F%TlpB0GkEHSNQ!onaY@7}TEv<>o*?4p
zOvIjimLTjU0u<bpo&&<lP+gH&e-pDdRNqoO6v|n=GQ}k2;0IC)MAIzGpB&}8C0)1h
z%urk$_0fW*E{L-!PD&2!G*%)5a!c`sHrd2b>)L@A>6NYwAE6@64dtrK_%jqB0eyJ=
z(j&p7U!f=&iTHE8wCta6%lr>XjuJXZV63TyQ|+%6G(D3V@=<Xl1;D_KnSxJNYxLpy
z9>W(~quSii_Au^Mz&WE$4O%s9Z>H7-Y%f}FwdgJ`J)95-TANkKqjkg!TJ`L84X?G+
zWpo=&CRfafC8@Roz4e%|<15Eb-mM&QrT{|JQ5YP~3?a44g0=P4=hmjrQboj4+KaAX
zVoit4CtQ|&5F9Z(RDV`JHUDV5gcr7bTB;7@s;OkdeoZ}K@}o{|CZc%PMABFqSTO34
zVs1MzwxNF85N<?~p-L-yz{~eSI-&0Qbi=~3)?m&9EitjF@RYHZndis0Mkh4Lpp;CA
zsset4$<}{CXm`m!*K~pTv0KWbp&*BFyt0iIZ7mQf6H7j%p_TwJA3=3I8pu&Ov=~9%
zuc9?)LylVm3bE2G(uW_UkwY!fgzvSIQ#93(#s91u5IG*Vo{JjGl?F;6Y8gmi9s+FE
z7{^i3!Z@#%tTc@05DD~yIZZRnEw05Dnol^+CvL@XG@3zxa&jf}iAjsME06%|%15s|
z@jej>$5e2(V^ssn=(w#F5aCG7I!W7eNdacAt|ZVar{=#=7o48(6VYiGm7n4&t7ja@
zk_Lx|6owr;v^I^s2t39#v(t7F5G5KKxf%xZ7+Rwi-bb(*0u;JdvbJ>WVH_kHI;t`!
z1|RX{jsm{7#ALFTjAh~+BJk;{y$OfIZQ=#0rqSF(?_&et?s<!UK1#ZPjdt1h&^2?c
zq-E;9*-mUQODh}U^)1_5)B}GBFpNYYn%c)TQ=5UVs&`77fa4p^_fy{ce@ZNpg?gR%
z)0S2(2^Nzyw-N8%^MpS4)1&v@Svfvm26wf-Uz4ZE$}hQk0$=0zzJGn+k6!QR=dZt>
zp2piVE4%NHzut8hDm~wq1?0O;)qG>g?%rSZK1~h8wLCzvJV+{G8BS@#{A5UuOFX+B
zH?=<yd8IP~1O+9TE<Q;KHZ~W!6;(d1Ki<gJ^!~OV9`6ZD62%znp;}M8%wgU)d>G0(
z%Z%+$Pc^(#8!XlZd6F%b3N}x3DIlu-HOBROX-w)86Dik!*C3l+p<=hQ7q|T=rE0!?
zLNEURNfExMmb(1!(3kLumVXZckrZMwFh{+4q*ueMhC<=8TRAI(1&_|~oAhj%e|^9g
z2_tyAg33V!GN7^yL@|^GIq#=v+YhOm{dFuBy{#YHruN%TJic+`i`XGj!=_-;tn?s2
zg>Ij`#Tb?9Gp2nClRxILMVl5dp-59uK%J=#DOInE^nAh+@w-RyXPbcty|K<gk-=Bp
z=ZShq?0z@A$9x2C0QJ*viE}FYw!s{3s9Xa=DcxR^ZsT<HSB8*EMBL~Rh^sm?G-+Km
ze$@|uOx|OUOVYj@H=IqwCKk{6jUkoE3^dJ@<f7Gt^1NeH*h*{ZmA5^hXy*=CGFYBf
z(SU(0O?i3DmQdzz1lQ!ZqE`trQS?=(W+*pI^LDfeaAYLm4s%J&w!o+NefYvJlc%Ok
z9;lw7CNfd44ZpVRBmG*<+?UJi5v8T%4Be8~q$V=PU0F72?hnnx0L9|baV(=j(P~3!
zbO@U9Yu{8mg#F}Xf=JvTIJo!jWu*ez7F30_NgrDB;bMel3{U4`TZ|uCM^~(pjj>*K
z+DU}u56bkWmITm?`nlGrM{k^O`%qpxOFqzb0hs)CLdY9;N>Nn}Wk!7JNqOv;ZfoWv
zQ-vTH)swMED6kXjfwYiLVyP!)AXwfj=r*DTf?tP7Fg}6k$Pjqi^^j_RrP6<R<#%#h
zmy>D4tLm8PV*0p1LEmouXlyY$A;|YX%_eC;5dNEzgv`3FybVpkwu2xD!AEN@`te}u
z&|GlF{YxKaQp|=pGTP*7FamRu4x*m%%|>n#0wb_%o+E;RSMH!tu#7_t^W8sus)p<b
zMIob^%e07Gm!gfsU2`5Syq6Z>&OdW<^bYAVUP6OS)=<Yp?H9pdg|}%10M;-5XqWl3
zaOOepHZ*E*q#)#|E6@!)$Yu>YL~CkCWd*Ej={ho52)-W>^2i)2Gq*|wocWjqjs8w*
z{_7#)A?P%%)WA=elw==Y=e^*YEGE$tEN_s8683akw#iOq2)d?Fv1RO`dJ|ML?p=8J
zjQwNTXnNL>ad>=P%fPU$E35X(Pm~x=q)FKi<3ewDyxTq{GpM<A5O0tz8tLUaJg#;i
zRfbFCQg-EKq9O+lKn)EPuemrtl1?H7MYPp3TeaY*GA)F4rY4kR7$ptD=f&Pc?D#jP
zp&T%nrRLyP!P-Vc+qO5RLyI|OZHpk+RS+3;2@~sC2%aVTJ_?|TY_y}y2I|ot?u(2|
zR<8sh4|RzmzT{LBqcC}lJO!s*m6Bt-@4Av&b$spJ;jx==!VR1`mNec+C67Bwd%K!A
z?VM^z_BL1T?S{#1;JLw@G*Hn2qOuZ~tF%25M$49=fBK4yNEQX)?~BkB<2y+@5oH$B
ztqsHZ^eSUmWm#}2DPEg4L?a=LZb9PXn>-Z|?r`?#eVNU(#Wd!q%ET7=Ipr^1(&ptt
z$B1d3lcQyrnysqtgN72HlPo(f&^V-kKgkX{mV_P4Pg3BMQM=tTn{Y09qwV*|I&S({
zm0DHsaE#4n3>=Fg+P8CKB|Z$IDPU_Mp!%%-iDT2djekGMg^a{k8x^cs`={nwepL})
z9))@F@0_Z7f`1(_VRIP^%6}h*+ki;=ZtHW8LVSN26F}*80~ABQ@Cc&cdY;o&nEYw}
zo^74$IuBh~=&s9Lj1S%1Ze$mR#kqVSP1Y<R=T6QZk(=ru`uZnN80&Y-V*#FuTkjCU
z(a=0`%8WKZD13YEq#BU>9yBw9M>2a1j+o8B!j7u^C)JS}3cJk^liI|6ckVVGL4-M<
ziwiVR9TR@HUp0}?@B341{6yQfg9I~SMVO^N27NxuKPr^liC?5*PkvH`{nP~HZ1N56
zpgsv;dKq?~N`7T*>->P@rEaeK+p|OGXWM(Hm#Y{dqyN<y5yb%e!s8Zd7tbR&ljoD=
zZNR3U{qF$}fg^+2q2*xpLw1KZKKWG^LO>MH9(5~n&D2GmlR6}Dhrrd4yZ2&g3iUmj
zhMbij4g$dwv`TxDJ*A%=_;n(<5>ALcrpVV)r{(<yL104ATRk3}nb`>)_+~-3-aV}P
zz#!4%7<jkNHYk7KFnM9XQ|~CL2!A)u_fryyGnt1f?ysklZ6XGK%jc%v%6cyLom>>H
zKp<?r_fblWA%Sn>75NT*G2OWV6%2jaQRfHp%ZK-df>4ZX2hvZ9qX$!0QPr-q(Iba;
zTsEpg`c-+^z@TcO4Cde(Ah{VL>J>Whmq>j@*`5kVISt3n!Qi#;b31k00R{+yeQe%l
zE1lV(Aod^~<&5O;Y5>L_bcNERk#h7KF^_85(`3#Xvla~p4-G?)-9r0JqQ4Jcn*Wu<
zxcCt(%{4DGmZv4~)$Qji(<amKd*13kEcd=X#|zP9n#}Da{>|*+S_&b5!Ykjz*P6y|
zs1W%oMkHC^Y)aZJL3%ks?!u4cWbZQVi=evo){gTNtMeeKq(JT^t-BJ^k)IDNLoPwI
zI9g+aQL9tT_rCzN4cYtnLd=H@F~PY!H_=hnwRA^K8;40`eytFGCl?1v1{s0eqnYkQ
zKhQl{;>8;yNk=?>3o6OkvlT{;(_>HL#*FZCsj~=amzW#)m?v`oqTBoio)uxwCnDfb
zPV#gf;iz$1sC3lbrpZb=(<37DHn_;_J)O29f_BriMBsY6{H?X+kyH6<L~E*!b!ta@
z9Ch`8**+yMloZIuV*E1pxK*hHmaq<i-h(j9P8p!E_`UtRceQtvZHN#$VxmV65OzIV
zT{-<(WKk?iIj>l~T7lo&>+P`T{Up~B$OVz|7!eW9-McdcZ?o8obD~S4Y%oouTm9!X
zFbVk0Ikmu4CX421xdZhk7qkt16*|pxJY&@mn~dpHuO{f7PUhM1fBAvyI>ZGHx5gRQ
zxvF5MRw*osNVKtN#@QdaQPqx<`<?k>ZrD>Lr#+v94P}-<Bax5F8KF^$roqd#8*kbq
zsrzUmQ~6Ucn^xTe8Pa!?UF$ZK^58%IS9nY_!SqRfdP3*h#c|k~ZTz?QJ#<xt&+^Fi
zcThZc>J$?vXx0~^gHM}w+dHXr6mkWd>t#zIwaFzZO4n=(KB3L7eEV25a17MM?ypgT
zJTVW_c(ftrnqJe!iT4-e^wM(bDKq#>PP=zfEEZFDB4Zh@exPl69y}XM*4CES?Ni$-
z^&h^!T^AmCzs=zVZfw4qhNjTTHoNd_f9m5R#kHMY)iRq^<YeBLXw`uQf@@pjAF4}C
zT)x(gT|eWExG4zEpKoGc%wSQ}Ve<K67qv}NG#!!`m)G#{Hqgg(vv-sks1F-MHHSF7
zWhBmBr>ICgb}^`nHWUCnSSv3&D-~yGM;Tjnmm19})ch5EZTfp3{&@jLR$n7<`@{y8
zF>)6*0cX6X$W>fwUd;Kbz=I6qzcnk|^si)zd%ae8)C*3@Ut@K3uo$lp?OQ3+E!&t6
z{&#&6!0UAVf~MnN=CaG#3r$1?x|8aV_AFQ4N@Lpj6_IV9U278&@T@$RS_G%=+Y$2?
zz3(3&`r4CG$5nI(YgvbrjyzUzKUoAbyX?|B>whrvg}_?D*S71RSIyD>VN2e0%Ou!1
zbFuW^Z$6iyk|)}S=U*Y}i4uu%Kk`u?#h8}{R5r@FRxY9QjCn`d%gj-g&ADO(r)g1N
zxfNkIzh>-5Du|9Et@4VVu@EBc2@yKBiZwfIZsB%bxx^6j;gsF8jESkql>0kvF6Di#
z0Vpmj84BjYgt_OFu*M+EYzdmSyC~r(CEwaMIQC}axvrkc(KxoaEfn-@JC-&F=P~Bl
zN;BlJKGQG9Pf@o%P)13ci<u`n<<I8Iq-~34bCXI)3{Ax%-s-Pu1#CVL)IeEg$G3Ch
z(}NXX>?3&0*6hNrzxX$^GKJ>8JeF|4)I^pPbjGZ>)Ru>stT$JCz#UY3;5TN5fzJw~
zHTGZHgJlsLkk`AjO!a#^Z;jUs+jE)gOCOg!jrXOGek6-s^Z{@vlV{Uu-0K*PH)`#V
z2I?tm2c?~{yZBF^qh6m1bJ(Z2mvA*~>Q`5*e@$Uqyu1@3eC(P*m38MdA7y1tV?BTe
z8{R5au#-+`I=vF~4gd@VPL$g5F6kvr&0e{HO09-5{9h^Z;g8_xGOY3&;&QLUKpB(n
z_^vfsUNj{cwn~7u-x4&7rrOFGj!yTBsN7@1?N|VNBF19+qc}KNLRAi-l3?XvSA)4=
zzVE><m#1ixAxsX{<N;62X&pSA>tzBz*L*(9`yeQ8;O?Ux>9wg|qAX(3y({l(Heuzb
zsppf-bNJImY-L>LW=_w*`}k6ef&z@-WYr_ddvT7t{?-p*3*PJW*T2-S+l8DpWlxKe
Uk1r4qkgu<Q?;Ls{Ff<_l0nRimoB#j-

literal 0
HcmV?d00001

diff --git a/charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/_helpers.tpl b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/_helpers.tpl
new file mode 100644
index 0000000000..146bc45a14
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/_helpers.tpl
@@ -0,0 +1,30 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+# Windows Support
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
diff --git a/charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/jobs.yaml b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/jobs.yaml
new file mode 100644
index 0000000000..6955e3b309
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/jobs.yaml
@@ -0,0 +1,102 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ .Chart.Name }}-create
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade, post-rollback
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+spec:
+  template:
+    metadata:
+      name: {{ .Chart.Name }}-create
+      labels:
+        app: {{ .Chart.Name }}
+    spec:
+      serviceAccountName: {{ .Chart.Name }}-manager
+      securityContext:
+        runAsNonRoot: false
+        runAsUser: 0
+      containers:
+        - name: create-crds
+          image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}
+          imagePullPolicy: IfNotPresent
+          command:
+          - /bin/sh
+          - -c
+          - >
+            echo "Applying CRDs...";
+            mkdir -p /etc/crd;
+            base64 -d /etc/config/crd-manifest.tgz.b64 | tar -xzv -C /etc/crd;
+            kubectl replace -Rf /etc/crd || kubectl create -Rf /etc/crd;
+            echo "Done!"
+          volumeMounts:
+            - name: crd-manifest
+              readOnly: true
+              mountPath: /etc/config
+      restartPolicy: OnFailure
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      {{- if .Values.nodeSelector }}
+      {{- toYaml .Values.nodeSelector | nindent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+      {{- if .Values.tolerations }}
+      {{- toYaml .Values.tolerations | nindent 8 }}
+      {{- end }}
+      volumes:
+      - name: crd-manifest
+        configMap:
+          name: {{ .Chart.Name }}-manifest
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ .Chart.Name }}-delete
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}
+  annotations:
+    "helm.sh/hook": pre-delete
+    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded, hook-failed
+spec:
+  template:
+    metadata:
+      name: {{ .Chart.Name }}-delete
+      labels:
+        app: {{ .Chart.Name }}
+    spec:
+      serviceAccountName: {{ .Chart.Name }}-manager
+      securityContext:
+        runAsNonRoot: false
+        runAsUser: 0
+      containers:
+        - name: delete-crds
+          image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}
+          imagePullPolicy: IfNotPresent
+          command:
+          - /bin/sh
+          - -c
+          - >
+            echo "Deleting CRDs...";
+            mkdir -p /etc/crd;
+            base64 -d /etc/config/crd-manifest.tgz.b64 | tar -xzv -C /etc/crd;
+            kubectl delete --ignore-not-found=true -Rf /etc/crd;
+          volumeMounts:
+            - name: crd-manifest
+              readOnly: true
+              mountPath: /etc/config
+      restartPolicy: OnFailure
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      {{- if .Values.nodeSelector }}
+      {{- toYaml .Values.nodeSelector | nindent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+      {{- if .Values.tolerations }}
+      {{- toYaml .Values.tolerations | nindent 8 }}
+      {{- end }}
+      volumes:
+      - name: crd-manifest
+        configMap:
+          name: {{ .Chart.Name }}-manifest
diff --git a/charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/manifest.yaml b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/manifest.yaml
new file mode 100644
index 0000000000..8dc9dfb447
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/manifest.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Chart.Name }}-manifest
+  namespace: {{ .Release.Namespace }}
+data:
+  crd-manifest.tgz.b64:
+  {{- .Files.Get "files/crd-manifest.tgz" | b64enc | indent 4 }}
diff --git a/charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/rbac.yaml b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/rbac.yaml
new file mode 100644
index 0000000000..a4d498b0fa
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/rbac.yaml
@@ -0,0 +1,76 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ .Chart.Name }}-manager
+  labels:
+    app: {{ .Chart.Name }}-manager
+rules:
+- apiGroups:
+  - apiextensions.k8s.io
+  resources:
+  - customresourcedefinitions
+  verbs: ['create', 'get', 'patch', 'delete', 'update', 'list']
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups: ['policy']
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - {{ .Chart.Name }}-manager
+{{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ .Chart.Name }}-manager
+  labels:
+    app: {{ .Chart.Name }}-manager
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Chart.Name }}-manager
+subjects:
+- kind: ServiceAccount
+  name: {{ .Chart.Name }}-manager
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Chart.Name }}-manager
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}-manager
+---
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ .Chart.Name }}-manager
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Chart.Name }}-manager
+spec:
+  privileged: false
+  allowPrivilegeEscalation: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'configMap'
+    - 'secret'
+{{- end }}
diff --git a/charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/validate-psp-install.yaml b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-monitoring-crd/103.2.2+up57.0.3/values.yaml b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/values.yaml
new file mode 100644
index 0000000000..99e63600c4
--- /dev/null
+++ b/charts/rancher-monitoring-crd/103.2.2+up57.0.3/values.yaml
@@ -0,0 +1,17 @@
+# Default values for rancher-monitoring-crd.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+global:
+  cattle:
+    psp:
+      enabled: false
+    systemDefaultRegistry: ""
+
+image:
+  repository: rancher/shell
+  tag: v0.2.1
+
+nodeSelector: {}
+
+tolerations: []
diff --git a/index.yaml b/index.yaml
index ad28d5afb9..e4db9aa7a4 100755
--- a/index.yaml
+++ b/index.yaml
@@ -21583,6 +21583,20 @@ entries:
     urls:
     - assets/rancher-monitoring-crd/rancher-monitoring-crd-104.0.0+up45.31.1.tgz
     version: 104.0.0+up45.31.1
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cattle-monitoring-system
+      catalog.cattle.io/release-name: rancher-monitoring-crd
+    apiVersion: v2
+    created: "2025-02-25T21:53:10.397594009-03:00"
+    description: Installs the CRDs for rancher-monitoring.
+    digest: 327324e66399ec7b378941578a0ce6764a02290f23238d8fcbb7a08608452358
+    name: rancher-monitoring-crd
+    type: application
+    urls:
+    - assets/rancher-monitoring-crd/rancher-monitoring-crd-103.2.2+up57.0.3.tgz
+    version: 103.2.2+up57.0.3
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
diff --git a/release.yaml b/release.yaml
index bc7b6e18a1..f7a2f01c20 100644
--- a/release.yaml
+++ b/release.yaml
@@ -18,6 +18,7 @@ rancher-monitoring:
   - 103.2.2+up57.0.3
 rancher-monitoring-crd:
   - 104.1.4+up57.0.3
+  - 103.2.2+up57.0.3
 harvester-csi-driver:
   - 104.0.5+up0.1.23
 rancher-cis-benchmark:

From 359fecf6781be58b3124625f9a0cbb1cde29259e Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:54:49 -0300
Subject: [PATCH 18/19] fp: rancher-webhook 103.0.15+up0.4.16

---
 .../rancher-webhook-103.0.15+up0.4.16.tgz     | Bin 0 -> 2800 bytes
 .../103.0.15+up0.4.16/Chart.yaml              |  14 +++
 .../103.0.15+up0.4.16/templates/_helpers.tpl  |  22 +++++
 .../templates/deployment.yaml                 |  82 ++++++++++++++++++
 .../103.0.15+up0.4.16/templates/rbac.yaml     |  12 +++
 .../103.0.15+up0.4.16/templates/secret.yaml   |  11 +++
 .../103.0.15+up0.4.16/templates/service.yaml  |  13 +++
 .../templates/serviceaccount.yaml             |  11 +++
 .../103.0.15+up0.4.16/templates/webhook.yaml  |   9 ++
 .../103.0.15+up0.4.16/tests/README.md         |  16 ++++
 .../tests/deployment_test.yaml                |  73 ++++++++++++++++
 .../103.0.15+up0.4.16/tests/service_test.yaml |  18 ++++
 .../103.0.15+up0.4.16/values.yaml             |  30 +++++++
 index.yaml                                    |  18 ++++
 release.yaml                                  |   1 +
 15 files changed, 330 insertions(+)
 create mode 100644 assets/rancher-webhook/rancher-webhook-103.0.15+up0.4.16.tgz
 create mode 100644 charts/rancher-webhook/103.0.15+up0.4.16/Chart.yaml
 create mode 100644 charts/rancher-webhook/103.0.15+up0.4.16/templates/_helpers.tpl
 create mode 100644 charts/rancher-webhook/103.0.15+up0.4.16/templates/deployment.yaml
 create mode 100644 charts/rancher-webhook/103.0.15+up0.4.16/templates/rbac.yaml
 create mode 100644 charts/rancher-webhook/103.0.15+up0.4.16/templates/secret.yaml
 create mode 100644 charts/rancher-webhook/103.0.15+up0.4.16/templates/service.yaml
 create mode 100644 charts/rancher-webhook/103.0.15+up0.4.16/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-webhook/103.0.15+up0.4.16/templates/webhook.yaml
 create mode 100644 charts/rancher-webhook/103.0.15+up0.4.16/tests/README.md
 create mode 100644 charts/rancher-webhook/103.0.15+up0.4.16/tests/deployment_test.yaml
 create mode 100644 charts/rancher-webhook/103.0.15+up0.4.16/tests/service_test.yaml
 create mode 100644 charts/rancher-webhook/103.0.15+up0.4.16/values.yaml

diff --git a/assets/rancher-webhook/rancher-webhook-103.0.15+up0.4.16.tgz b/assets/rancher-webhook/rancher-webhook-103.0.15+up0.4.16.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..6b92bb29f9688cd69fd7377d837f122c5005b7be
GIT binary patch
literal 2800
zcmV<M3J>)kiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PH($Z`(MN{j6UxaPH6#SIM&DIIVDdfY;6L6=>Wb3A%W&SY&Bw
zY;#MIDoHu(P4nL$kb1Es%W<~}obCh9msot68Ito#P9)*s0;PM4(}fV9y5j|r+FOyB
zy?8S4ecvAr2KKM-`^~>S-ygo{4Ngx^d;R|4Wcb4G4f@003-F(gh3$|kP2>yz(X^V2
z`-cGGTxg=H;3{wcLZS&1b1x)XGxVtFhA1_iQH%n}Wu<l4f<_VY06JQx*l8W|DV?Ib
zM5(CY0lfUbAE4*;k3HY@;eXA~H|FQd)~TGts1g!l09m7}R!U>sI#{Rx80G1ot-T4#
zm}=#gqh8%o9*JAkI=WDg8ryyEb<TC)dw^+)42eS5Fkfz7p=b_C=*I%-vhR>2DL;L0
z;Pr-1gesIY(YEa)VKgF|^7$x=sWJn9$uPl8NVv?fgI*=5oOX)k8hZY*=X<@A|4Eaa
z)N@PW0iFw*_J2uOit1?{z%KiLa@=d$|C4_IVE^|4G$wO2mS18b6xBkmO3Tr0S`YwD
z<^e2os{vqVU!;s(2u8zI0PkiKp)VvV<l1rOOiT&O{fcIm4nStQ-{Op<Okd)hDs6~%
zjMrEQr6;Iwh5Qu2j4*|c6Nj;xh@4EBaYM$#IL;Ah!BA$d%i2J_K*%|T2ook&F>>v}
z6(TIOPE^pfK1g!ZsEmb<M5wx<;2|bjbyc{)C}ot-U0l-8Ans~HxpoPU+%>hXr4|c`
zK>18K6+Qy^^*4u$2(OS~sD%vR?%r{Zj^IL4A*o)C8BuCNVg#ZTopX#piz>TL(i~~G
z#yNsSNS)78aJ!)4B5TqDQiX84Kn^nHobvgG?KcAhcrzFr8%!5Ok{C70Y~x6(7sxdY
zt$(rmXni$Fs6x3!={aVIIfNq^kJ{$c$3w^{at$VSP#(OS0mg}5y(-%U=NM)ucS{)q
zE;LNBiWDQyk~>e8?V1vW!-0!D6j9cf;Tn%}$vJ`%W8#)kr9sSKJjvGfm5dR-vW<|R
z$#iA6VLXCFiY1LO0?JF08PkU0(1=dP4>9C18c#AQcy7i1N@&`Djd8+=M%BGpAWKjx
zPbZIb1v~7&e|pky*#F^hczm$``+&PU7b2Wdj?l>r^G%dl<{O!t<_@^`_l_AzXW)Iz
z0)))87twC3NiU}*l5#zR&VQ?J=bI29Q&@g<*8CukHhw$R6*Z*WV`Pd<We7-;Y{tk1
zrY0hrDY(Y6R~$i($c0a6{8u#tF&4>&Qb9h~G~jH8p$?!k5m%Y7v6+%c3_jy4I%l6#
z!aCd6Q(;5p9wy_V?$_2CPz6)_`ES?%icflEG`K_m2Sfj~q5r3Yo`2B)eSi^=|1y3T
zf*(rVwBKJKHv|yTP=nQ&b;?STM0J-v=M&{o0B=iKabnaYBAS?Jp*;^(35KS(kl-vT
zjEN2x@2!4j4FIhg3Q&k>KCeR00IQ+ciUgow!$5A_>_&K{m%qQyyO)BcF_uW(d|}x@
zHzXx7g`q^fCSJ5mTE|z6O^uC)iLAuL>!Gzk*+#@$a5kdRJD@ydX|&Clc<=={<&lY!
zUT@{BiWIB?1}*+YV%9$53$$abF<J|wxA0lBy;W9+TUo7U39Xz~2b7EsA7C^T+@u94
zD*}OhxjywmKCZ4u=NA=OC>+AwT|rxE5-0cfosFqylhKdw&u-4g=MT=0!`RF7qBbn!
z(e?HFvzv<#m)DzU)>v#7u~v7JCBPT>oC=NQqSr_#qw}+?i_!S3iSj2Y;;QHa%qX(x
z5@+?+y#0dcMNq1*S6=azV{1yej;^7Fr_uZOAAUJ|do!L~Z7%fX-5vZPD2L9gP8+tD
zHHx*P&NJK$M`3p!2$VdyzrVXHMaxe1)|oZj-v=Arn#^lVv>VMDKh=!8vw^TN1ger@
zj#_O>s!fk8J6DSMh0Pl)B-&)9vR%fR>NL5KVv5yMHw1pJTSkDyN<gQ(K*IFmuTH(w
zQtnvJ>OCe;w^{N3UteEbRr_XyvQ*;rLZVs-76mZ$E8Pi7Dxxb41&>q!CuJ9-OXR53
zGqJsuuN`iwa7^bS<!z_B>7M{%Gd5Gbu8x!Lr`M{GF*nPRyKU1XlIR0xtD3KARhWkP
z4M{RV{Uhbk70M+Iu_i4TruM2saE*V~wmBpTnNmhIMOEK^5=Hd}7ba)dH$T3cyuG<P
zyZrdBVwpDhQyCMZFf{uxc|g?~>)5!JS>tTGu&Ef=X75@ZE8IO>{I@;+ms1ix%{}n0
z{C}`<|2ypUhlluoA5e|y?TH&(BP9LHMnvAH*EXRn1N|{el}33f7#f|XeEt;yzZ4Af
zD1apNXDQO;0b&lo2CWixn6<eiiYa$gI{gDfWBS~D&Q(pnw{n!V=P!zPciv_8ROd~K
z)@|wXe;jPr|15KP3Jb7H|Bw48P5nRd5Bk3s_&fRk)^Mcumfdp-YY-AI%)`gcIfcF&
zA#1TA)gWZ+>%U$l7{G^wd`{8%9=z#44<6EgYf7KM0PNKNp}%?mf4KkK3)I|ZQ;~PO
z_6L-+xL+$%PB%}E27_Z80Ba)WsQ*renMk2UC|Cg3<LqLkp1#&^6kBipo_oK)H`uBF
zBnzb;V+MA{|9<2BukZJd5A`2=friGnM$x;?fa|(V+wpCfT$M&9189^b76l}>Xro#d
z*SQ+yr4S+EFh!tof>H@ibXHk0T_r@RCK*`f<#d8~p8Euz7q;tv@n*UQ|9>*r^#6zY
z-@QQXO|Pgd%`dduuK?DSsCfbESnwI0r`hoBD!#6a-7ptlNBBI|k0blsd;LAarv59f
zx|e68x94YG96bq*o&Nu{ssDr1;mJY&_W{n)5ik)F1`#g7oId4qpj>I0W)*sl^T9e>
z=mqdo${2(TA~lTPflN8vQoR6TUr>t6Imh|^_ur>PEgY|#xoXw5b5u8^U^+{b{Q#~}
zX@f}tnG-|T7T#qv1ZOK)qdT&E5ytG01+o|tmd+`M8I?+dTWc%E7Nwtasu$_h3q{;D
z!`zfpZPr`=^5#@KhML(Aw_v|ML@lyKJoni>1+?q`y7uSBuJ~~=zz+RCJ{=r4>wkv5
zL;c@gK&4b;u7#B<o-z!~68A<enB!P6$@-`cKrKYdB2cI+71&w+ZqxbfzY4OfTq&%)
zLA!vT)2v3k{=TXb484L4&wi~7FMjoZv-bq{NA0nC^ZEZxao=Ew<zv-1&_lj#ypSVr
zybM27b+InrFbs8^w!KS}$mT7@9wx<t)cOrNyF=+8_uf3uc9xXCm+dqRZEhzQ+HPs}
z9T}#pLM*-Z&7*3PvTxbF#!GhV>GCE!wqk$tft)J)$nG^yeq&_iF@9quk2smeTD&UH
z9*LrsW7~Xz-*z5(DIEw|D_*D^&7)5yC-Lo5GnQJ<a6HP2m-53Kk3b|@=@^k{Ml=tt
z_U;ih{*A#6u~e}}T~f80qy9e(m5x8eQ=EQ%zjkP2TX9HR-6QO%eSDOJ){f~BY=2`h
z%$9PP{g}h{Qn%6^)@9|Dk&p-de|!9w-~B#C@b?w@-^uYt{kMO5xc}J;RO7$m6{r#X
zRUZQP7WtLo$oiFNOKA5{AeBvi@;K_Nn6s##`*;s<fCC(0EBreE0RR83XHxM1MgRcl
C2y`$2

literal 0
HcmV?d00001

diff --git a/charts/rancher-webhook/103.0.15+up0.4.16/Chart.yaml b/charts/rancher-webhook/103.0.15+up0.4.16/Chart.yaml
new file mode 100644
index 0000000000..480ac0eacf
--- /dev/null
+++ b/charts/rancher-webhook/103.0.15+up0.4.16/Chart.yaml
@@ -0,0 +1,14 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+  catalog.cattle.io/namespace: cattle-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+  catalog.cattle.io/release-name: rancher-webhook
+apiVersion: v2
+appVersion: 0.4.16
+description: ValidatingAdmissionWebhook for Rancher types
+name: rancher-webhook
+version: 103.0.15+up0.4.16
diff --git a/charts/rancher-webhook/103.0.15+up0.4.16/templates/_helpers.tpl b/charts/rancher-webhook/103.0.15+up0.4.16/templates/_helpers.tpl
new file mode 100644
index 0000000000..c37a65c6f3
--- /dev/null
+++ b/charts/rancher-webhook/103.0.15+up0.4.16/templates/_helpers.tpl
@@ -0,0 +1,22 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "rancher-webhook.labels" -}}
+app: rancher-webhook
+{{- end }}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-webhook/103.0.15+up0.4.16/templates/deployment.yaml b/charts/rancher-webhook/103.0.15+up0.4.16/templates/deployment.yaml
new file mode 100644
index 0000000000..b8a7201dac
--- /dev/null
+++ b/charts/rancher-webhook/103.0.15+up0.4.16/templates/deployment.yaml
@@ -0,0 +1,82 @@
+{{- $auth := .Values.auth | default dict }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: rancher-webhook
+spec:
+  selector:
+    matchLabels:
+      app: rancher-webhook
+  template:
+    metadata:
+      labels:
+        app: rancher-webhook
+    spec:
+      {{- if $auth.clientCA }}
+      volumes:
+      - name: client-ca
+        secret:
+          secretName: client-ca
+      {{- end }}
+      {{- if .Values.global.hostNetwork }}
+      hostNetwork: true
+      {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      {{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+      {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 6 }}
+      {{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 6 }}
+      {{- end }}
+      containers:
+      - env:
+        - name: STAMP
+          value: "{{.Values.stamp}}"
+        - name: ENABLE_MCM
+          value: "{{.Values.mcm.enabled}}"
+        - name: CATTLE_PORT
+          value: {{.Values.port | default 9443 | quote}}
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        {{- if $auth.allowedCNs }}
+        - name: ALLOWED_CNS
+          value: '{{ join "," $auth.allowedCNs }}'
+        {{- end }}
+        image: '{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}'
+        name: rancher-webhook
+        imagePullPolicy: "{{ .Values.image.imagePullPolicy }}"
+        ports:
+        - name: https
+          containerPort: {{ .Values.port | default 9443 }}
+        startupProbe:
+          httpGet:
+            path: "/healthz"
+            port: "https"
+            scheme: "HTTPS"
+          failureThreshold: 60
+          periodSeconds: 5
+        livenessProbe:
+          httpGet:
+            path: "/healthz"
+            port: "https"
+            scheme: "HTTPS"
+          periodSeconds: 5
+        {{- if $auth.clientCA }}
+        volumeMounts:
+        - name: client-ca
+          mountPath: /tmp/k8s-webhook-server/client-ca
+          readOnly: true
+        {{- end }}
+        {{- if .Values.capNetBindService }}
+        securityContext:
+          capabilities:
+            add:
+            - NET_BIND_SERVICE
+        {{- end }}
+      serviceAccountName: rancher-webhook
+      {{- if .Values.priorityClassName }}
+      priorityClassName: "{{.Values.priorityClassName}}"
+      {{- end }}
diff --git a/charts/rancher-webhook/103.0.15+up0.4.16/templates/rbac.yaml b/charts/rancher-webhook/103.0.15+up0.4.16/templates/rbac.yaml
new file mode 100644
index 0000000000..f4364995c0
--- /dev/null
+++ b/charts/rancher-webhook/103.0.15+up0.4.16/templates/rbac.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: rancher-webhook
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+- kind: ServiceAccount
+  name: rancher-webhook
+  namespace: {{.Release.Namespace}}
\ No newline at end of file
diff --git a/charts/rancher-webhook/103.0.15+up0.4.16/templates/secret.yaml b/charts/rancher-webhook/103.0.15+up0.4.16/templates/secret.yaml
new file mode 100644
index 0000000000..9fd331dc1e
--- /dev/null
+++ b/charts/rancher-webhook/103.0.15+up0.4.16/templates/secret.yaml
@@ -0,0 +1,11 @@
+{{- $auth := .Values.auth | default dict }}
+{{- if $auth.clientCA }}
+apiVersion: v1
+data:
+  ca.crt: {{ $auth.clientCA }}
+kind: Secret
+metadata:
+  name: client-ca
+  namespace: cattle-system
+type: Opaque
+{{- end }}
diff --git a/charts/rancher-webhook/103.0.15+up0.4.16/templates/service.yaml b/charts/rancher-webhook/103.0.15+up0.4.16/templates/service.yaml
new file mode 100644
index 0000000000..220afebeae
--- /dev/null
+++ b/charts/rancher-webhook/103.0.15+up0.4.16/templates/service.yaml
@@ -0,0 +1,13 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: rancher-webhook
+  namespace: cattle-system
+spec:
+  ports:
+  - port: 443
+    targetPort: {{ .Values.port | default 9443 }}
+    protocol: TCP
+    name: https
+  selector:
+    app: rancher-webhook
diff --git a/charts/rancher-webhook/103.0.15+up0.4.16/templates/serviceaccount.yaml b/charts/rancher-webhook/103.0.15+up0.4.16/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..9e7ad7e1fe
--- /dev/null
+++ b/charts/rancher-webhook/103.0.15+up0.4.16/templates/serviceaccount.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: rancher-webhook
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: rancher-webhook-sudo
+  annotations:
+    cattle.io/description: "SA which can be impersonated to bypass rancher-webhook validation"
\ No newline at end of file
diff --git a/charts/rancher-webhook/103.0.15+up0.4.16/templates/webhook.yaml b/charts/rancher-webhook/103.0.15+up0.4.16/templates/webhook.yaml
new file mode 100644
index 0000000000..53a0687b6f
--- /dev/null
+++ b/charts/rancher-webhook/103.0.15+up0.4.16/templates/webhook.yaml
@@ -0,0 +1,9 @@
+apiVersion: admissionregistration.k8s.io/v1
+kind: ValidatingWebhookConfiguration
+metadata:
+  name: rancher.cattle.io
+---
+apiVersion: admissionregistration.k8s.io/v1
+kind: MutatingWebhookConfiguration
+metadata:
+  name: rancher.cattle.io
diff --git a/charts/rancher-webhook/103.0.15+up0.4.16/tests/README.md b/charts/rancher-webhook/103.0.15+up0.4.16/tests/README.md
new file mode 100644
index 0000000000..6d3059a005
--- /dev/null
+++ b/charts/rancher-webhook/103.0.15+up0.4.16/tests/README.md
@@ -0,0 +1,16 @@
+
+## local dev testing instructions
+
+Option 1: Full chart CI run with a live cluster
+
+```bash
+./scripts/charts/ci 
+```
+
+Option 2: Test runs against the chart only 
+
+```bash
+# install the helm plugin first - helm plugin install https://github.com/helm-unittest/helm-unittest.git
+bash dev-scripts/helm-unittest.sh
+```
+
diff --git a/charts/rancher-webhook/103.0.15+up0.4.16/tests/deployment_test.yaml b/charts/rancher-webhook/103.0.15+up0.4.16/tests/deployment_test.yaml
new file mode 100644
index 0000000000..bbd6e30444
--- /dev/null
+++ b/charts/rancher-webhook/103.0.15+up0.4.16/tests/deployment_test.yaml
@@ -0,0 +1,73 @@
+suite: Test Deployment
+templates:
+  - deployment.yaml
+
+tests:
+  - it: should set webhook default port values
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].ports[0].containerPort
+          value: 9443
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: CATTLE_PORT
+            value: "9443"
+
+  - it: should set updated webhook port
+    set:
+      port: 2319
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].ports[0].containerPort
+          value: 2319
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: CATTLE_PORT
+            value: "2319"
+
+  - it: should not set capabilities by default.
+    asserts:
+      - isNull:
+          path: spec.template.spec.containers[0].securityContext
+
+  - it: should set net capabilities when capNetBindService is true.
+    set:
+      capNetBindService: true
+    asserts:
+      - contains:
+          path: spec.template.spec.containers[0].securityContext.capabilities.add
+          content: NET_BIND_SERVICE
+
+  - it: should not set volumes or volumeMounts by default
+    asserts:
+      - isNull:
+          path: spec.template.spec.volumes
+      - isNull:
+          path: spec.template.spec.volumeMounts
+
+  - it: should set CA fields when CA options are set
+    set:
+      auth.clientCA: base64-encoded-cert
+      auth.allowedCNs:
+        - kube-apiserver
+        - joe
+    asserts:
+      - contains:
+          path: spec.template.spec.volumes
+          content:
+            name: client-ca
+            secret:
+              secretName: client-ca
+      - contains:
+          path: spec.template.spec.containers[0].volumeMounts
+          content:
+            name: client-ca
+            mountPath: /tmp/k8s-webhook-server/client-ca
+            readOnly: true
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: ALLOWED_CNS
+            value: kube-apiserver,joe
diff --git a/charts/rancher-webhook/103.0.15+up0.4.16/tests/service_test.yaml b/charts/rancher-webhook/103.0.15+up0.4.16/tests/service_test.yaml
new file mode 100644
index 0000000000..03172ad033
--- /dev/null
+++ b/charts/rancher-webhook/103.0.15+up0.4.16/tests/service_test.yaml
@@ -0,0 +1,18 @@
+suite: Test Service
+templates:
+  - service.yaml
+
+tests:
+  - it: should set webhook default port values
+    asserts:
+      - equal:
+          path: spec.ports[0].targetPort
+          value: 9443
+
+  - it: should set updated target port
+    set:
+      port: 2319
+    asserts:
+      - equal:
+          path: spec.ports[0].targetPort
+          value: 2319
diff --git a/charts/rancher-webhook/103.0.15+up0.4.16/values.yaml b/charts/rancher-webhook/103.0.15+up0.4.16/values.yaml
new file mode 100644
index 0000000000..1a42f6f706
--- /dev/null
+++ b/charts/rancher-webhook/103.0.15+up0.4.16/values.yaml
@@ -0,0 +1,30 @@
+image:
+  repository: rancher/rancher-webhook
+  tag: v0.4.16
+  imagePullPolicy: IfNotPresent
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+  hostNetwork: false
+
+mcm:
+  enabled: true
+
+# tolerations for the webhook deployment. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ for more info
+tolerations: []
+nodeSelector: {}
+
+## PriorityClassName assigned to deployment.
+priorityClassName: ""
+
+# port assigns which port to use when running rancher-webhook
+port: 9443
+
+# Parameters for authenticating the kube-apiserver.
+auth:
+  # CA for authenticating kube-apiserver client certs. If empty, client connections will not be authenticated.
+  # Must be base64-encoded.
+  clientCA: ""
+  # Allowlist of CNs for kube-apiserver client certs. If empty, any cert signed by the CA provided in clientCA will be accepted.
+  allowedCNs: []
diff --git a/index.yaml b/index.yaml
index e4db9aa7a4..f9919d6b1a 100755
--- a/index.yaml
+++ b/index.yaml
@@ -23148,6 +23148,24 @@ entries:
     urls:
     - assets/rancher-webhook/rancher-webhook-104.0.0+up0.5.0.tgz
     version: 104.0.0+up0.5.0
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+      catalog.cattle.io/namespace: cattle-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+      catalog.cattle.io/release-name: rancher-webhook
+    apiVersion: v2
+    appVersion: 0.4.16
+    created: "2025-02-25T21:54:23.533914196-03:00"
+    description: ValidatingAdmissionWebhook for Rancher types
+    digest: 88146fddd780d7212fcb90eee8759066ab296f4c9dc9b739697557fdff7b42e1
+    name: rancher-webhook
+    urls:
+    - assets/rancher-webhook/rancher-webhook-103.0.15+up0.4.16.tgz
+    version: 103.0.15+up0.4.16
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
diff --git a/release.yaml b/release.yaml
index f7a2f01c20..c34770a540 100644
--- a/release.yaml
+++ b/release.yaml
@@ -1,5 +1,6 @@
 rancher-webhook:
   - 104.0.7+up0.5.7
+  - 103.0.15+up0.4.16
 rancher-logging:
   - 104.2.0+up4.8.0
 rancher-logging-crd:

From 7bdad63983683d69ad196bb1901846189207514a Mon Sep 17 00:00:00 2001
From: nicholasSUSE <nicholas.paolillo@suse.com>
Date: Tue, 25 Feb 2025 21:55:32 -0300
Subject: [PATCH 19/19] fp: harvester-csi-driver 103.0.6+up0.1.23

---
 .../harvester-csi-driver-103.0.6+up0.1.23.tgz | Bin 0 -> 4024 bytes
 .../103.0.6+up0.1.23/.helmignore              |  23 +++
 .../103.0.6+up0.1.23/Chart.yaml               |  22 +++
 .../103.0.6+up0.1.23/questions.yml            |  11 ++
 .../103.0.6+up0.1.23/templates/NOTES.txt      |   1 +
 .../103.0.6+up0.1.23/templates/_helpers.tpl   |  62 +++++++
 .../103.0.6+up0.1.23/templates/csidriver.yaml |  10 ++
 .../103.0.6+up0.1.23/templates/daemonset.yaml | 152 ++++++++++++++++++
 .../templates/deployment.yaml                 | 120 ++++++++++++++
 .../103.0.6+up0.1.23/templates/rbac.yaml      |  75 +++++++++
 .../templates/storageclass.yaml               |  10 ++
 .../103.0.6+up0.1.23/values.yaml              |  56 +++++++
 index.yaml                                    |  26 +++
 release.yaml                                  |   1 +
 14 files changed, 569 insertions(+)
 create mode 100644 assets/harvester-csi-driver/harvester-csi-driver-103.0.6+up0.1.23.tgz
 create mode 100644 charts/harvester-csi-driver/103.0.6+up0.1.23/.helmignore
 create mode 100644 charts/harvester-csi-driver/103.0.6+up0.1.23/Chart.yaml
 create mode 100644 charts/harvester-csi-driver/103.0.6+up0.1.23/questions.yml
 create mode 100644 charts/harvester-csi-driver/103.0.6+up0.1.23/templates/NOTES.txt
 create mode 100644 charts/harvester-csi-driver/103.0.6+up0.1.23/templates/_helpers.tpl
 create mode 100644 charts/harvester-csi-driver/103.0.6+up0.1.23/templates/csidriver.yaml
 create mode 100644 charts/harvester-csi-driver/103.0.6+up0.1.23/templates/daemonset.yaml
 create mode 100644 charts/harvester-csi-driver/103.0.6+up0.1.23/templates/deployment.yaml
 create mode 100644 charts/harvester-csi-driver/103.0.6+up0.1.23/templates/rbac.yaml
 create mode 100644 charts/harvester-csi-driver/103.0.6+up0.1.23/templates/storageclass.yaml
 create mode 100644 charts/harvester-csi-driver/103.0.6+up0.1.23/values.yaml

diff --git a/assets/harvester-csi-driver/harvester-csi-driver-103.0.6+up0.1.23.tgz b/assets/harvester-csi-driver/harvester-csi-driver-103.0.6+up0.1.23.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..9360c14d41873a5db03721a66cfbfea4e6d9c9a5
GIT binary patch
literal 4024
zcmV;p4@dAHiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PH+#bK5wQ`OII@r(|n0*(LSxBYUdzRb?&Du4^W?D@tW*>*^{6
zku3>p5a0lyY|SM1+phrdE$ZP%oXL#v!KO%{A3%4b(G6fu<N}pO>4%E?k)#Wh-P1Xd
zI#`mJJ$sDO>-Boahllomuh(n-?;rG!pY;!4AN39ggTv#)XTAQ>;Arp+dXIvAOG%X`
z@>%b}xSGs;BZY7-G|^OWHS_>Nq6rhTAS7Bd45;XaC^el@jD{cy59cUbt3^~Lj4XXl
zVjRLhbE$&U@i~mFRJAs{PABLuP%0|;5dQq%C(sWD2SLy8!GD>@|1^((Zf$BXsf2_$
z1PetimBzTWs!&5<l&80?UlWuu)ym&oD`UP+>>&7CM(ZHhK&nKBL}AuBZ7SE=ETw)Z
z;zV%d`Yz29r6rQMB()cqUiC;qKjg0#1CJz0`Lh=cf`J#I3MEanefI|bi7bZD7z3CJ
z*%;M~f@@sf2pOrN=L6+aNtBjps8flaU()QwgmO(NM`>#|dcxb#GkTfe5J-|R8d^d1
z3cmWigP<22|0PW_4!^cGeS4+V{x1kiQ9arOu*Lolj{1j9`+wB$@9qCnl;<$QDM^_I
zH|SQ;+k_(UJc(8Z)u~90K|1g}8j~5Cd824yegK4uI-~D?0!U1RqFTshF^zQB7&KF!
z!{q{{q!B96a|DYAG?~H8TquMnqnWzT&P0{=EXcrUG8;n2*|v^n$#Mj75uqdS9nPrI
zl5C_jrcw%tk<SF5&4uJtSegx(jBsD(fU39`gWw?Oc@D0kzijT1b!f7tHNgE~kO5Al
zSWv_D{eV}RHz@B11N(+(O$><pK+oIOKpzBypzi@BDPvcH(QrA0^XY}qR}vL+?b+!d
zmw+L3I^Hy8Y~`i*9Ny2Vf+<B7K}a}E5K@H^XaOq0kWQCQK7^F062T+NXE4@6k{O;d
zq7(>jYs`hx5VF*WW8j%z)mj#taWWX{cS7h9l|$$*i0m>t>1H3ikcl)p6?{r(rmGZ&
z67_|h*g8h~4Ad*4=R@ceZS($<*Er~+4!fak?@uX1)$Mqm5wS5c47IQWV30|U8dcq~
z@w8wlOGnNJoK7*+L%0y*aE?*R&<?^iE}g@)pi*1UO%lrOCy^KkLJr~VmMX2bg0b>1
z1;e0DRw%fZg82y}9GjqjP6=y3KD)&*)jI%29Y$;6*_KtOZ%s{brfvuw+jSlLs)bE&
z#>9lM%q`XoodP&NGqakR`B>T^{@S+uKBaa3*BB>^XjI*c%lBvFK;P<z;Mg+%_xgk8
z`tSJle*O0}Wt@f~DrM~J5+Y2PSYp)b=^LYJOy#e?Lh#NlXo8D;4F;b-L$M$WzDZ5^
zW0o!Y|8b5iL8$_r+<z&sMgI>D51Rh}>*J%|UjLt>{Q7J66)b2x1ce%m+hNw*C$Z_4
zaE?QG)&2b0Gqt?4+l27Q+5n^KAf~1B9e7zi-}vT~BXn995vE}W{IaTb;{z9PG}Z)y
z4{q^U_4eQsXqoa5jt}f3jmPP9N^ha#cOZj>JTi}t)KiH>Bai}vvv0-$u(2$&R<KM2
z-cRUY+xpsIFbpY}U`SGhphS%DL*a!u)~&~>fJg*JW2&9Ysf{!Ga^if>(Z$%*H4dk7
zMZXKY^C@J3AP2;FNrZBhEnn<As^Nw*RyeXm0kOnq)b7^Hxwl;QG@TY5+jOP#4qW?v
zm(FLZfb+sKGCbLRbW0kGE^$C=^Grc!?d2VbOC;rb3Y|YG|4*vZfaQ?xE^F<NH3_T?
zt<jw<a%G0q4sRwat`;K`WV;TrZBmYJldo!*yXS0a44=&UjhQLC^Op{EK6dV|Tq2GI
zcjT%a$#s<-y>n!7pypl6!qE5=l!q*hwy+vFVzyLP*;?tx3}H}_uB<2C6mbIcjU-89
zkx_&fji<BH<P-dy3XR*wKVP%mt(%(E`>h1JVCmMba26nFXOeQI2@f5dRz0h+^AEce
z%GN%GW@j;v<tlfs;>WDw$Gl>zL2}EiJb>N0ylRp2Zs%SAtTD)cbV_;*x6S9TJvTo^
z+2a3&ie}REfMD>p_20q4QQiL=^aj0s{P#&pH7BH8$Sb)1o3n#`@0#*xXx4yP3NJ=Y
zBBIIAgDi!UNk<_@^N<Eqc*f;1m0bMq9sZnBiP6x^H0S|L)jy<2lRWtM4oUQrq#7@I
zh(A$1|9<>_nV5=+h|c*`T=KUr=A5-(2$sh9Bb{Qn3>m%^5h@p*@!`s_qcn2;hfv@L
zmM!`p5sU>__@LbYoAtjx=pXf)`rki3+Ux&Ql&b!dBvGZ-kL=KoQMYLQU3?FKN~V5Y
z@W_MAQ8GBJf3OieE4;f;z$uTAYdADua=W7{A#;G3=y3jH0pDh*%EbCg_Gvr*RWGxo
z<Jhs2>rh5Pr3+1AHDWfC^H75R<_H4FJI5g`)A2bPABdb)e!F+Rzc@Ksd1sS5Q6y2R
zlNT@Fj7IOy#^di+s%5#6B0Hw3;C@2%{KQB?=D*c5EAaVqB{i6^bVj-Aw$C%hKM9lw
zuPca=FPbbkq0NY_eJgSS22vX|m*F&Wn-Ay)=hn!3g)iGSFhE=KjX{}4gU_FbJ2%s0
zmXBwJ!mCOuZ3R@BXREhl`TSY$uSDWli)7g7D7-DDr!1j}W5T1=52oL{6Uw`4-ulfC
zTVKl<d^v?~RbbW(z7eYCaFxXlX!lj+o0Eb~Ia^Z{hN+}_c`CTZTixs$x}Xea6;~!N
z&Ly#K%8Clb=B-QpS+W`gJHiYnsQrk_4Xvx)(h8-fXjNG2l-u+NjZR*?yto{leLNqn
z>M-&s5tQqb7cWo8=O525Mpu{T7w_AZ-Q_P&iUemdW?h>eb?N5F7%y9~2BWbqY-VBW
z!s}3)I)3K2`k|>+H7wg8RF=8r%eD3+>!3FK@x2uBstVXB;X9nRDMxKDR==f!ZR|$f
z*llYI%#7JeT6J97?OV#}?XcVZa%Qd==%CpAvCYJ_H8JMxQ!{i}kJvP*{#}{A=~}zB
zVYduyGh2i)adVa1t}_)9M%*61h7kh@NkS%+QB6@bIU`XEvp$UfHU9W!^!EJXF-)an
z*4c^{69FKRM3<Z`TWE)xsa&x@t(eNF*nRP!4!dih)NJ=ghbMP)8v7^|ZAC0aLT1?r
z{+&itVrYJ3yBo^VWYLMv#tG&@)6-@aMbzx$`*35x__pB|P9j{i0<cp?^JBfKS~e-I
zG;MxtOwdB;>0|I|aBaY2Bs&&S%2ou|HD`3<w|{RHY`Zt<d{ld<P%dbQZ^F>vy|~B1
z53)J-hU$5l`l;+_Dyud3Ips~Y_!o&;`+BBj0$;&a*%npSYV4J|CoX5kYU`&B)~n&%
zR5ptR<xa8sB<0@MEo609Sw-EpgR5r3N^r%Vw7TtXYI7BQ-lXYFxqaFrE7n3TFQrR?
z)d{FOTmDA;n=I=#WUIDsN2HHnrSDGLid}v<jfK0miL@1xHmn}*P0+4u`Fr(Y%dGT}
zzH3fVyOObHQraTl^+{;W?6d_&eKuM%O>KeE3Sig9?Gw@JB=ofdo%_;Sw#EPLj=&iC
zLlOX6;{UzD;h-7+KiJ3rpQdbx{})65umpgg?FMHk)z?V|<mXmu*1vX`#UZ_G(xA>5
z{3bF7t2BMf=>tt;6sbPx$49;9s>}Bok_e@5X>Z0uTfX~+=$*WHd38DZc=6`#+4$<s
z>DhO?g#Yf9J}8^l5I%hjF&Cqt=!8d&{u$P@V@kUuHu9>En9RtQUMt6?;0wj(e;?BB
znr4ISPnF&Li?{l4uMv-+5tXxbyJ$tV`WMlR)w6!E*N**M@C774Klizd*cWxbh|D)m
zpu!gs_<g8!GcGcnQcm@<>}|uuo0Yf5S9e<lN2#QImYv0<e0DzLqIm7jiyB$44NtXW
z-lL2ggZmu57ZTq6aMo{*x$*SRZWCjHs*IL3b~)`@9(JvkmNT_26b-%zMgAR0N<{RA
zYuYv}iNq<&dyR_^H%Mo5J%oO*SC1fxD92@ntI4EY=`;nsEZh31=%w}z^erZ`?3nZB
z<_gFyvl_zxv}yDIuESoe&mMrVv9N36(jpN|%$7goN4rZ-=R)ZUw=F4)-+Wy6Yez_a
z-(^euPfkeq;Co=U?EgP}Jy<#a*&iJ4<9|<48h)b-{f%qx%(t}v*Z2L}HCI-CNvh{U
z(qF6_vwFJ0-TLuPF#J2UH-tQx;YVS`%<Gx6PZDa+OKjlB16X0_Uev2}@^1`vc8N%<
zJd|eou0HNAlJKx0{EduV$}sD}eC*6T4xLa48BtzkqXTX}m#9Q4Lv$5w$Ef_<0_DWL
zpP}yj6*@P@`7sZSD*GZbvoo5fG>M3N3hmtLU^EG-pY>^{AyhQ07LtU7c2C$^igH2<
z$};RVijw?eMs5pfoz5yLouoL^lX)<myHfE5hzJ>>ag&m-M@Uy`qSF<69Fi8u4GCz$
zlMg;4O09HxJELuQI7!r8=wLg-Y;dy%8!<j6BI8;kzbn3-b;zvJcGa6!U2TVq3rq6~
z+&d`Z9k3-LdJqpJNmM)JJQ0U&%oqf_s)g(4`%3AKGULKY@iuX(_WwE!+)aR1(B^u+
z(pSZp-o^jh;{R7oz`fT2+s^+U_KutR|JS|!{Vz{ab~*oBJwnmqUsX3)H?9)~s0mQx
z3IbImp2F;wJuOr0cy_z`2P^mX&KXs1Rj*!lxbEz+bQ5A8GalK=)pL53dH8QdghM!w
zV~i-#_y>+LwCaB_M;22X*?SBe+w}jadH%nDba=c!|NkWAIb0E~QE~-ZfE#nTnInfu
zN}0VcGa=zMnV|~u`!-dYBtmKhYL1M-jERYh#!^1}D@bHS(*@cXV&y&Ik@p-px-IbV
zGLbl?w-~u3#D9Djz$Ir(5ZtyjBte1_808pv!D#%^m?89@Lw5hnhtn}cR4Ol+QQftF
z9r<1``9*f^-~7dV)-`|fpK8IoC7=ljuhYcdeWkotfx1b&SHXl_d#?f=n`a^E%zO2J
z-gEdsBo(QG^U;~|f<y|lRQ3WIA?dp6QvBNs7Ah1GcE1I)(yISIr>LwA50;N{1N7GU
zzyG><|6{**u-E^mC?U}}6Vjgc+IWHcn(OupQ8CRIL{c(g`4Nc5fq^`@GK5p}72E*{
zt9RB`cmTEg=R4!d6~5M(<TuV$ng<;ZVCI5jo$S&d^U5U}l$MmwEMWU(2%W~Mf^PM&
e#<zKe>%Q#EzU<4r%Krxd0RR6(N`vSCXaE4wPXUww

literal 0
HcmV?d00001

diff --git a/charts/harvester-csi-driver/103.0.6+up0.1.23/.helmignore b/charts/harvester-csi-driver/103.0.6+up0.1.23/.helmignore
new file mode 100644
index 0000000000..0e8a0eb36f
--- /dev/null
+++ b/charts/harvester-csi-driver/103.0.6+up0.1.23/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/harvester-csi-driver/103.0.6+up0.1.23/Chart.yaml b/charts/harvester-csi-driver/103.0.6+up0.1.23/Chart.yaml
new file mode 100644
index 0000000000..2c92a826ab
--- /dev/null
+++ b/charts/harvester-csi-driver/103.0.6+up0.1.23/Chart.yaml
@@ -0,0 +1,22 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/display-name: Harvester CSI Driver
+  catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+  catalog.cattle.io/namespace: kube-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux
+  catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+  catalog.cattle.io/release-name: harvester-csi-driver
+  catalog.cattle.io/ui-component: harvester-csi-driver
+  catalog.cattle.io/upstream-version: 0.1.23
+apiVersion: v2
+appVersion: v0.2.2
+description: A Helm chart for Harvester CSI driver
+keywords:
+- infrastructure
+- harvester
+maintainers:
+- name: harvester
+name: harvester-csi-driver
+type: application
+version: 103.0.6+up0.1.23
diff --git a/charts/harvester-csi-driver/103.0.6+up0.1.23/questions.yml b/charts/harvester-csi-driver/103.0.6+up0.1.23/questions.yml
new file mode 100644
index 0000000000..0c703a0f29
--- /dev/null
+++ b/charts/harvester-csi-driver/103.0.6+up0.1.23/questions.yml
@@ -0,0 +1,11 @@
+categories:
+- infrastructure
+- harvester
+namespace: kube-system
+questions:
+- variable: cloudConfig.hostPath
+  label: Cloud config file path
+  description: "Specify the path of the cloud config."
+  group: "Default"
+  type: string
+  default: "/etc/kubernetes/cloud-config"
diff --git a/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/NOTES.txt b/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/NOTES.txt
new file mode 100644
index 0000000000..ba09c6d518
--- /dev/null
+++ b/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/NOTES.txt
@@ -0,0 +1 @@
+Successfully deployed Harvester CSI driver to the {{ .Release.Namespace }} namespace.
diff --git a/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/_helpers.tpl b/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/_helpers.tpl
new file mode 100644
index 0000000000..def471b21d
--- /dev/null
+++ b/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/_helpers.tpl
@@ -0,0 +1,62 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "harvester-csi-driver.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "harvester-csi-driver.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "harvester-csi-driver.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "harvester-csi-driver.labels" -}}
+helm.sh/chart: {{ include "harvester-csi-driver.chart" . }}
+{{ include "harvester-csi-driver.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "harvester-csi-driver.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "harvester-csi-driver.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Global system default registry
+*/}}
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/csidriver.yaml b/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/csidriver.yaml
new file mode 100644
index 0000000000..5fc6ec84a2
--- /dev/null
+++ b/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/csidriver.yaml
@@ -0,0 +1,10 @@
+apiVersion: storage.k8s.io/v1
+kind: CSIDriver
+metadata:
+  name: driver.harvesterhci.io
+spec:
+  attachRequired: true
+  fsGroupPolicy: ReadWriteOnceWithFSType
+  podInfoOnMount: true
+  volumeLifecycleModes:
+    - Persistent
diff --git a/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/daemonset.yaml b/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/daemonset.yaml
new file mode 100644
index 0000000000..6ccb3203a0
--- /dev/null
+++ b/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/daemonset.yaml
@@ -0,0 +1,152 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: {{ include "harvester-csi-driver.name" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+  {{- include "harvester-csi-driver.labels" . | nindent 4 }}
+spec:
+  selector:
+    matchLabels:
+      component: csi-driver
+      {{- include "harvester-csi-driver.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        component: csi-driver
+        {{- include "harvester-csi-driver.selectorLabels" . | nindent 8 }}
+    spec:
+      containers:
+        - args:
+            - --v=5
+            - --csi-address=$(ADDRESS)
+            - --kubelet-registration-path={{ .Values.kubeletRootDir }}/harvester-plugins/driver.harvesterhci.io/csi.sock
+          env:
+            - name: ADDRESS
+              value: /csi/csi.sock
+          image: {{ template "system_default_registry" . }}{{ .Values.image.csi.nodeDriverRegistrar.repository }}:{{ .Values.image.csi.nodeDriverRegistrar.tag }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          lifecycle:
+            preStop:
+              exec:
+                command:
+                  - /bin/sh
+                  - -c
+                  - rm -rf /registration/driver.harvesterhci.io-reg.sock
+                    /csi//*
+          name: node-driver-registrar
+          securityContext:
+            privileged: true
+          volumeMounts:
+            - mountPath: /csi/
+              name: socket-dir
+            - mountPath: /registration
+              name: registration-dir
+        - args:
+            - --nodeid=$(NODE_ID)
+            - --endpoint=$(CSI_ENDPOINT)
+            - --kubeconfig=/var/lib/harvester/cloud-provider-config
+            {{- if .Values.hostStorageClass }}
+            - --host-storage-class={{ .Values.hostStorageClass }}
+            {{- end }}
+          env:
+            - name: NODE_ID
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: spec.nodeName
+            - name: CSI_ENDPOINT
+              value: unix:///csi/csi.sock
+          image: {{ template "system_default_registry" . }}{{ .Values.image.harvester.csiDriver.repository }}:{{ .Values.image.harvester.csiDriver.tag | default .Chart.AppVersion }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          lifecycle:
+            preStop:
+              exec:
+                command:
+                  - /bin/sh
+                  - -c
+                  - rm -f /csi//*
+          name: harvester-csi-driver
+          securityContext:
+            allowPrivilegeEscalation: true
+            capabilities:
+              add:
+                - SYS_ADMIN
+            privileged: true
+          volumeMounts:
+            - name: cloud-config
+              readOnly: true
+              mountPath: /var/lib/harvester
+            - name: kubernetes
+              readOnly: true
+              mountPath: /etc/kubernetes
+            - mountPath: {{ .Values.kubeletRootDir }}/plugins/kubernetes.io/csi
+              mountPropagation: Bidirectional
+              name: kubernetes-csi-dir
+            - mountPath: /csi/
+              name: socket-dir
+            - mountPath: {{ .Values.kubeletRootDir }}/pods
+              mountPropagation: Bidirectional
+              name: pods-mount-dir
+            - mountPath: /dev
+              name: host-dev
+            - mountPath: /sys
+              name: host-sys
+            - mountPath: /rootfs
+              mountPropagation: Bidirectional
+              name: host
+            - mountPath: /lib/modules
+              name: lib-modules
+              readOnly: true
+      hostPID: true
+      serviceAccountName: {{ include "harvester-csi-driver.name" . }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
+      volumes:
+        - name: cloud-config
+        {{- if .Values.cloudConfig.secretName }}
+          secret:
+            secretName: {{ .Values.cloudConfig.secretName }}
+        {{- else }}
+          hostPath:
+            path: {{ .Values.cloudConfig.hostPath }}
+            type: DirectoryOrCreate
+        {{- end }}
+        - hostPath:
+            path: /etc/kubernetes
+            type: DirectoryOrCreate
+          name: kubernetes
+        - hostPath:
+            path: {{ .Values.kubeletRootDir }}/plugins/kubernetes.io/csi
+            type: DirectoryOrCreate
+          name: kubernetes-csi-dir
+        - hostPath:
+            path: {{ .Values.kubeletRootDir }}/plugins_registry
+            type: Directory
+          name: registration-dir
+        - hostPath:
+            path: {{ .Values.kubeletRootDir }}/harvester-plugins/driver.harvesterhci.io
+            type: DirectoryOrCreate
+          name: socket-dir
+        - hostPath:
+            path: {{ .Values.kubeletRootDir }}/pods
+            type: DirectoryOrCreate
+          name: pods-mount-dir
+        - hostPath:
+            path: /dev
+          name: host-dev
+        - hostPath:
+            path: /sys
+          name: host-sys
+        - hostPath:
+            path: /
+          name: host
+        - hostPath:
+            path: /lib/modules
+          name: lib-modules
diff --git a/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/deployment.yaml b/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/deployment.yaml
new file mode 100644
index 0000000000..0b592251ce
--- /dev/null
+++ b/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/deployment.yaml
@@ -0,0 +1,120 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "harvester-csi-driver.name" . }}-controllers
+  namespace: {{ .Release.Namespace }}
+  labels:
+  {{- include "harvester-csi-driver.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.replicasCount }}
+  selector:
+    matchLabels:
+      component: csi-controllers
+      {{- include "harvester-csi-driver.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        component: csi-controllers
+        {{- include "harvester-csi-driver.selectorLabels" . | nindent 8 }}
+    spec:
+      containers:
+        - args:
+            - --v=5
+            - --csi-address=$(ADDRESS)
+            - --timeout=1m50s
+            - --leader-election
+            - --leader-election-namespace=$(POD_NAMESPACE)
+          env:
+            - name: ADDRESS
+              value: /csi/csi.sock
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+          image: {{ template "system_default_registry" . }}{{ .Values.image.csi.resizer.repository }}:{{ .Values.image.csi.resizer.tag }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          name: csi-resizer
+          volumeMounts:
+            - mountPath: /csi/
+              name: socket-dir
+        - args:
+            - --v=5
+            - --csi-address=$(ADDRESS)
+            - --timeout=1m50s
+            - --leader-election
+            - --leader-election-namespace=$(POD_NAMESPACE)
+            - --default-fstype=ext4
+          env:
+            - name: ADDRESS
+              value: /csi/csi.sock
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+          image: {{ template "system_default_registry" . }}{{ .Values.image.csi.provisioner.repository }}:{{ .Values.image.csi.provisioner.tag }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          name: csi-provisioner
+          volumeMounts:
+            - mountPath: /csi/
+              name: socket-dir
+        - args:
+            - --v=5
+            - --csi-address=$(ADDRESS)
+            - --timeout=1m50s
+            - --leader-election
+            - --leader-election-namespace=$(POD_NAMESPACE)
+          env:
+            - name: ADDRESS
+              value: /csi/csi.sock
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+          image: {{ template "system_default_registry" . }}{{ .Values.image.csi.attacher.repository }}:{{ .Values.image.csi.attacher.tag }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          name: csi-attacher
+          volumeMounts:
+            - mountPath: /csi/
+              name: socket-dir
+      serviceAccountName: {{ include "harvester-csi-driver.name" . }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            # For RKE1
+            - matchExpressions:
+              - key: node-role.kubernetes.io/controlplane
+                operator: Exists
+            # For RKE2
+            - matchExpressions:
+              - key: node-role.kubernetes.io/control-plane
+                operator: Exists
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+          - weight: 100
+            podAffinityTerm:
+              labelSelector:
+                matchExpressions:
+                - key: app.kubernetes.io/name
+                  operator: In
+                  values: [harvester-csi-driver]
+                - key: component
+                  operator: In
+                  values: [csi-controllers]
+              topologyKey: kubernetes.io/hostname
+      volumes:
+        - hostPath:
+            path: {{ .Values.kubeletRootDir }}/harvester-plugins/driver.harvesterhci.io
+            type: DirectoryOrCreate
+          name: socket-dir
diff --git a/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/rbac.yaml b/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/rbac.yaml
new file mode 100644
index 0000000000..2ba042a26b
--- /dev/null
+++ b/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/rbac.yaml
@@ -0,0 +1,75 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "harvester-csi-driver.name" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+  {{- include "harvester-csi-driver.labels" . | nindent 4 }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "harvester-csi-driver.name" . }}
+  labels:
+  {{- include "harvester-csi-driver.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ include "harvester-csi-driver.name" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "harvester-csi-driver.name" . }}
+    namespace: {{ .Release.Namespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "harvester-csi-driver.name" . }}
+  labels:
+  {{- include "harvester-csi-driver.labels" . | nindent 4 }}
+rules:
+  - apiGroups: [ "coordination.k8s.io" ]
+    resources: [ "leases" ]
+    verbs: [ "get", "watch", "list", "delete", "update", "create" ]
+  - apiGroups: [ "storage.k8s.io" ]
+    resources: [ "csistoragecapacities" ]
+    verbs: [ "get", "list", "watch", "create", "update", "patch", "delete" ]
+  - apiGroups: [""]
+    resources: ["persistentvolumes"]
+    verbs: [ "get", "list", "watch", "create","update", "patch", "delete" ]
+  - apiGroups: [""]
+    resources: ["persistentvolumeclaims"]
+    verbs: ["get", "list", "watch", "create","update", "patch", "delete" ]
+  - apiGroups: [""]
+    resources: ["persistentvolumeclaims/status"]
+    verbs: ["patch"]
+  - apiGroups: ["storage.k8s.io"]
+    resources: ["storageclasses"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["snapshot.storage.k8s.io"]
+    resources: ["volumesnapshots"]
+    verbs: ["get", "list"]
+  - apiGroups: ["snapshot.storage.k8s.io"]
+    resources: ["volumesnapshotcontents"]
+    verbs: ["get", "list"]
+  - apiGroups: [ "storage.k8s.io" ]
+    resources: [ "csinodes" ]
+    verbs: [ "get", "list", "watch" ]
+  - apiGroups: [ "" ]
+    resources: [ "events" ]
+    verbs: [ "list", "watch", "create", "update", "patch" ]
+  - apiGroups: [ "" ]
+    resources: [ "pods" ]
+    verbs: [ "get", "list", "watch" ]
+  - apiGroups: [ "apps" ]
+    resources: [ "replicasets" ]
+    verbs: [ "get" ]
+  - apiGroups: [""]
+    resources: ["nodes"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["storage.k8s.io"]
+    resources: ["volumeattachments"]
+    verbs: ["get", "list", "watch", "patch"]
+  - apiGroups: [ "storage.k8s.io" ]
+    resources: [ "volumeattachments/status" ]
+    verbs: [ "patch" ]
diff --git a/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/storageclass.yaml b/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/storageclass.yaml
new file mode 100644
index 0000000000..a29c9c7da0
--- /dev/null
+++ b/charts/harvester-csi-driver/103.0.6+up0.1.23/templates/storageclass.yaml
@@ -0,0 +1,10 @@
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: harvester
+  annotations:
+    storageclass.kubernetes.io/is-default-class: "true"
+allowVolumeExpansion: true
+provisioner: driver.harvesterhci.io
+reclaimPolicy: Delete
+volumeBindingMode: Immediate
diff --git a/charts/harvester-csi-driver/103.0.6+up0.1.23/values.yaml b/charts/harvester-csi-driver/103.0.6+up0.1.23/values.yaml
new file mode 100644
index 0000000000..fe6b120cbd
--- /dev/null
+++ b/charts/harvester-csi-driver/103.0.6+up0.1.23/values.yaml
@@ -0,0 +1,56 @@
+# Default values for harvester-csi-driver.
+
+replicasCount: 3
+
+image:
+  harvester:
+    csiDriver:
+      repository: rancher/harvester-csi-driver
+      # Overrides the image tag whose default is the chart appVersion.
+      tag: "v0.2.2"
+  csi:
+    nodeDriverRegistrar:
+      repository: rancher/mirrored-longhornio-csi-node-driver-registrar
+      tag: v2.3.0
+    resizer:
+      repository: rancher/mirrored-longhornio-csi-resizer
+      tag: v1.2.0
+    provisioner:
+      repository: rancher/mirrored-longhornio-csi-provisioner
+      tag: v2.1.2
+    attacher:
+      repository: rancher/mirrored-longhornio-csi-attacher
+      tag: v3.2.1
+  pullPolicy: IfNotPresent
+
+nameOverride: ""
+fullnameOverride: ""
+
+# This field can be used to specify the corresponding StorageClass on the host cluster.
+hostStorageClass: ""
+kubeletRootDir: /var/lib/kubelet
+cloudConfig:
+  secretName: ""
+  hostPath: "/var/lib/rancher/rke2/etc/config-files/"
+
+nodeSelector:
+  kubernetes.io/os: linux
+
+tolerations:
+  - effect: NoSchedule
+    key: kubevirt.io/drain
+    operator: Exists
+  - effect: NoSchedule
+    key: node-role.kubernetes.io/control-plane
+    operator: Equal
+  - effect: NoExecute
+    key: node-role.kubernetes.io/etcd
+    operator: Equal
+  - key: cattle.io/os
+    operator: Equal
+    value: "linux"
+    effect: NoSchedule
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
diff --git a/index.yaml b/index.yaml
index f9919d6b1a..1b3284e81d 100755
--- a/index.yaml
+++ b/index.yaml
@@ -4267,6 +4267,32 @@ entries:
     urls:
     - assets/harvester-csi-driver/harvester-csi-driver-104.0.0+up0.1.17.tgz
     version: 104.0.0+up0.1.17
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/display-name: Harvester CSI Driver
+      catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.29.0-0'
+      catalog.cattle.io/namespace: kube-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux
+      catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+      catalog.cattle.io/release-name: harvester-csi-driver
+      catalog.cattle.io/ui-component: harvester-csi-driver
+      catalog.cattle.io/upstream-version: 0.1.23
+    apiVersion: v2
+    appVersion: v0.2.2
+    created: "2025-02-25T21:55:13.104100635-03:00"
+    description: A Helm chart for Harvester CSI driver
+    digest: f75f70932a81dce956e3a83d0c4d2529389fec974cb09789fc385c178e661181
+    keywords:
+    - infrastructure
+    - harvester
+    maintainers:
+    - name: harvester
+    name: harvester-csi-driver
+    type: application
+    urls:
+    - assets/harvester-csi-driver/harvester-csi-driver-103.0.6+up0.1.23.tgz
+    version: 103.0.6+up0.1.23
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/display-name: Harvester CSI Driver
diff --git a/release.yaml b/release.yaml
index c34770a540..7d9bf4d41f 100644
--- a/release.yaml
+++ b/release.yaml
@@ -22,6 +22,7 @@ rancher-monitoring-crd:
   - 103.2.2+up57.0.3
 harvester-csi-driver:
   - 104.0.5+up0.1.23
+  - 103.0.6+up0.1.23
 rancher-cis-benchmark:
   - 6.7.0
 rancher-cis-benchmark-crd: